1 /* $OpenBSD: if_uath.c,v 1.11 2006/10/03 19:48:21 damien Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * http://www.atheros.com/pt/bulletins/AR5005UGBulletin.pdf 23 * http://www.atheros.com/pt/bulletins/AR5005UXBulletin.pdf 24 * 25 * IMPORTANT NOTICE: 26 * This driver was written without any documentation or support from Atheros 27 * Communications. It is based on a black-box analysis of the Windows binary 28 * driver. It handles both pre and post-firmware devices. 29 */ 30 31 #include "bpfilter.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/timeout.h> 42 #include <sys/conf.h> 43 #include <sys/device.h> 44 45 #include <machine/bus.h> 46 #include <machine/endian.h> 47 #include <machine/intr.h> 48 49 #if NBPFILTER > 0 50 #include <net/bpf.h> 51 #endif 52 #include <net/if.h> 53 #include <net/if_arp.h> 54 #include <net/if_dl.h> 55 #include <net/if_media.h> 56 #include <net/if_types.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #include <netinet/ip.h> 63 64 #include <net80211/ieee80211_var.h> 65 #include <net80211/ieee80211_amrr.h> 66 #include <net80211/ieee80211_radiotap.h> 67 68 #include <dev/rndvar.h> 69 #include <crypto/arc4.h> 70 71 #include <dev/usb/usb.h> 72 #include <dev/usb/usbdi.h> 73 #include <dev/usb/usbdi_util.h> 74 #include <dev/usb/usbdevs.h> 75 76 #include <dev/usb/if_uathreg.h> 77 #include <dev/usb/if_uathvar.h> 78 79 #ifdef USB_DEBUG 80 #define UATH_DEBUG 81 #endif 82 83 #ifdef UATH_DEBUG 84 #define DPRINTF(x) do { if (uath_debug) logprintf x; } while (0) 85 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) logprintf x; } while (0) 86 int uath_debug = 1; 87 #else 88 #define DPRINTF(x) 89 #define DPRINTFN(n, x) 90 #endif 91 92 /*- 93 * Various supported device vendors/products. 94 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 95 */ 96 #define UATH_DEV(v, p, f) \ 97 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 98 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 99 (f) | UATH_FLAG_PRE_FIRMWARE } 100 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 101 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 102 static const struct uath_type { 103 struct usb_devno dev; 104 unsigned int flags; 105 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 106 #define UATH_FLAG_ABG (1 << 1) 107 } uath_devs[] = { 108 UATH_DEV_UG(ATHEROS, AR5523), 109 UATH_DEV_UG(ATHEROS2, AR5523_1), 110 UATH_DEV_UG(ATHEROS2, AR5523_2), 111 UATH_DEV_UX(ATHEROS2, AR5523_3), 112 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 113 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 114 UATH_DEV_UX(DLINK, DWLAG122), 115 UATH_DEV_UX(DLINK, DWLAG132), 116 UATH_DEV_UG(DLINK, DWLG132), 117 UATH_DEV_UG(GIGASET, AR5523), 118 UATH_DEV_UG(GIGASET, SMCWUSBTG), 119 UATH_DEV_UG(GLOBALSUN, AR5523_1), 120 UATH_DEV_UX(GLOBALSUN, AR5523_2), 121 UATH_DEV_UX(NETGEAR, WG111U), 122 UATH_DEV_UG(NETGEAR3, WG111T), 123 UATH_DEV_UG(NETGEAR3, WPN111), 124 UATH_DEV_UG(UMEDIA, AR5523_1), 125 UATH_DEV_UX(UMEDIA, AR5523_2), 126 UATH_DEV_UG(UMEDIA, TEW444UBEU), 127 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 128 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 129 UATH_DEV_UG(ZCOM, AR5523) 130 }; 131 #define uath_lookup(v, p) \ 132 ((struct uath_type *)usb_lookup(uath_devs, v, p)) 133 134 Static void uath_attachhook(void *); 135 Static int uath_open_pipes(struct uath_softc *); 136 Static void uath_close_pipes(struct uath_softc *); 137 Static int uath_alloc_tx_data_list(struct uath_softc *); 138 Static void uath_free_tx_data_list(struct uath_softc *); 139 Static int uath_alloc_rx_data_list(struct uath_softc *); 140 Static void uath_free_rx_data_list(struct uath_softc *); 141 Static void uath_free_rx_data(caddr_t, u_int, void *); 142 Static int uath_alloc_tx_cmd_list(struct uath_softc *); 143 Static void uath_free_tx_cmd_list(struct uath_softc *); 144 Static int uath_alloc_rx_cmd_list(struct uath_softc *); 145 Static void uath_free_rx_cmd_list(struct uath_softc *); 146 Static int uath_media_change(struct ifnet *); 147 Static void uath_stat(void *); 148 Static void uath_next_scan(void *); 149 Static void uath_task(void *); 150 Static int uath_newstate(struct ieee80211com *, enum ieee80211_state, 151 int); 152 #ifdef UATH_DEBUG 153 Static void uath_dump_cmd(const uint8_t *, int, char); 154 #endif 155 Static int uath_cmd(struct uath_softc *, uint32_t, const void *, int, 156 void *, int); 157 Static int uath_cmd_write(struct uath_softc *, uint32_t, const void *, 158 int, int); 159 Static int uath_cmd_read(struct uath_softc *, uint32_t, const void *, 160 int, void *, int); 161 Static int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 162 Static int uath_write_multi(struct uath_softc *, uint32_t, const void *, 163 int); 164 Static int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 165 Static int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 166 Static void uath_cmd_rxeof(usbd_xfer_handle, usbd_private_handle, 167 usbd_status); 168 Static void uath_data_rxeof(usbd_xfer_handle, usbd_private_handle, 169 usbd_status); 170 Static void uath_data_txeof(usbd_xfer_handle, usbd_private_handle, 171 usbd_status); 172 Static int uath_tx_null(struct uath_softc *); 173 Static int uath_tx_data(struct uath_softc *, struct mbuf *, 174 struct ieee80211_node *); 175 Static void uath_start(struct ifnet *); 176 Static void uath_watchdog(struct ifnet *); 177 Static int uath_ioctl(struct ifnet *, u_long, caddr_t); 178 Static int uath_query_eeprom(struct uath_softc *); 179 Static int uath_reset(struct uath_softc *); 180 Static int uath_reset_tx_queues(struct uath_softc *); 181 Static int uath_wme_init(struct uath_softc *); 182 Static int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 183 Static int uath_set_key(struct uath_softc *, 184 const struct ieee80211_wepkey *, int); 185 Static int uath_set_keys(struct uath_softc *); 186 Static int uath_set_rates(struct uath_softc *, 187 const struct ieee80211_rateset *); 188 Static int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 189 Static int uath_set_led(struct uath_softc *, int, int); 190 Static int uath_switch_channel(struct uath_softc *, 191 struct ieee80211_channel *); 192 Static int uath_init(struct ifnet *); 193 Static void uath_stop(struct ifnet *, int); 194 Static int uath_loadfirmware(struct uath_softc *, const u_char *, int); 195 Static int uath_activate(device_ptr_t, enum devact); 196 197 /* 198 * Supported rates for 802.11b/g modes (in 500Kbps unit). 199 */ 200 static const struct ieee80211_rateset uath_rateset_11b = 201 { 4, { 2, 4, 11, 22 } }; 202 203 static const struct ieee80211_rateset uath_rateset_11g = 204 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 205 206 USB_DECLARE_DRIVER(uath); 207 208 USB_MATCH(uath) 209 { 210 USB_MATCH_START(uath, uaa); 211 212 if (uaa->iface != NULL) 213 return UMATCH_NONE; 214 215 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 216 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 217 } 218 219 Static void 220 uath_attachhook(void *xsc) 221 { 222 struct uath_softc *sc = xsc; 223 u_char *fw; 224 size_t size; 225 int error; 226 227 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 228 printf("%s: could not read firmware (error=%d)\n", 229 USBDEVNAME(sc->sc_dev), error); 230 return; 231 } 232 233 if ((error = uath_loadfirmware(sc, fw, size)) != 0) { 234 printf("%s: could not load firmware (error=%s)\n", 235 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 236 } 237 238 free(fw, M_DEVBUF); 239 } 240 241 USB_ATTACH(uath) 242 { 243 USB_ATTACH_START(uath, sc, uaa); 244 struct ieee80211com *ic = &sc->sc_ic; 245 struct ifnet *ifp = &ic->ic_if; 246 usbd_status error; 247 char *devinfop; 248 int i; 249 250 sc->sc_udev = uaa->device; 251 252 devinfop = usbd_devinfo_alloc(uaa->device, 0); 253 USB_ATTACH_SETUP; 254 printf("%s: %s\n", USBDEVNAME(sc->sc_dev), devinfop); 255 usbd_devinfo_free(devinfop); 256 257 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 258 259 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 260 printf("%s: could not set configuration no\n", 261 USBDEVNAME(sc->sc_dev)); 262 USB_ATTACH_ERROR_RETURN; 263 } 264 265 /* get the first interface handle */ 266 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 267 &sc->sc_iface); 268 if (error != 0) { 269 printf("%s: could not get interface handle\n", 270 USBDEVNAME(sc->sc_dev)); 271 USB_ATTACH_ERROR_RETURN; 272 } 273 274 /* 275 * We must open the pipes early because they're used to upload the 276 * firmware (pre-firmware devices) or to send firmware commands. 277 */ 278 if (uath_open_pipes(sc) != 0) { 279 printf("%s: could not open pipes\n", USBDEVNAME(sc->sc_dev)); 280 USB_ATTACH_ERROR_RETURN; 281 } 282 283 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 284 if (rootvp == NULL) 285 mountroothook_establish(uath_attachhook, sc); 286 else 287 uath_attachhook(sc); 288 USB_ATTACH_SUCCESS_RETURN; 289 } 290 291 /* 292 * Only post-firmware devices here. 293 */ 294 usb_init_task(&sc->sc_task, uath_task, sc); 295 timeout_set(&sc->scan_to, uath_next_scan, sc); 296 timeout_set(&sc->stat_to, uath_stat, sc); 297 298 /* 299 * Allocate xfers for firmware commands. 300 */ 301 if (uath_alloc_tx_cmd_list(sc) != 0) { 302 printf("%s: could not allocate Tx command list\n", 303 USBDEVNAME(sc->sc_dev)); 304 goto fail1; 305 } 306 if (uath_alloc_rx_cmd_list(sc) != 0) { 307 printf("%s: could not allocate Rx command list\n", 308 USBDEVNAME(sc->sc_dev)); 309 goto fail2; 310 } 311 312 /* 313 * Queue Rx command xfers. 314 */ 315 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 316 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 317 318 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 319 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 320 USBD_NO_TIMEOUT, uath_cmd_rxeof); 321 error = usbd_transfer(cmd->xfer); 322 if (error != USBD_IN_PROGRESS && error != 0) { 323 printf("%s: could not queue Rx command xfer\n", 324 USBDEVNAME(sc->sc_dev)); 325 goto fail3; 326 } 327 } 328 329 /* 330 * We're now ready to send/receive firmware commands. 331 */ 332 if (uath_reset(sc) != 0) { 333 printf("%s: could not initialize adapter\n", 334 USBDEVNAME(sc->sc_dev)); 335 goto fail3; 336 } 337 if (uath_query_eeprom(sc) != 0) { 338 printf("%s: could not read EEPROM\n", USBDEVNAME(sc->sc_dev)); 339 goto fail3; 340 } 341 342 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 343 USBDEVNAME(sc->sc_dev), (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 344 ether_sprintf(ic->ic_myaddr)); 345 346 /* 347 * Allocate xfers for Tx/Rx data pipes. 348 */ 349 if (uath_alloc_tx_data_list(sc) != 0) { 350 printf("%s: could not allocate Tx data list\n", 351 USBDEVNAME(sc->sc_dev)); 352 goto fail3; 353 } 354 if (uath_alloc_rx_data_list(sc) != 0) { 355 printf("%s: could not allocate Rx data list\n", 356 USBDEVNAME(sc->sc_dev)); 357 goto fail4; 358 } 359 360 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 361 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 362 ic->ic_state = IEEE80211_S_INIT; 363 364 /* set device capabilities */ 365 ic->ic_caps = 366 IEEE80211_C_TXPMGT | /* tx power management */ 367 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 368 IEEE80211_C_SHSLOT | /* short slot time supported */ 369 IEEE80211_C_WEP; /* h/w WEP */ 370 371 /* set supported .11b and .11g rates */ 372 ic->ic_sup_rates[IEEE80211_MODE_11B] = uath_rateset_11b; 373 ic->ic_sup_rates[IEEE80211_MODE_11G] = uath_rateset_11g; 374 375 /* set supported .11b and .11g channels (1 through 14) */ 376 for (i = 1; i <= 14; i++) { 377 ic->ic_channels[i].ic_freq = 378 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 379 ic->ic_channels[i].ic_flags = 380 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 381 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 382 } 383 384 ifp->if_softc = sc; 385 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 386 ifp->if_init = uath_init; 387 ifp->if_ioctl = uath_ioctl; 388 ifp->if_start = uath_start; 389 ifp->if_watchdog = uath_watchdog; 390 IFQ_SET_READY(&ifp->if_snd); 391 memcpy(ifp->if_xname, USBDEVNAME(sc->sc_dev), IFNAMSIZ); 392 393 if_attach(ifp); 394 ieee80211_ifattach(ifp); 395 396 /* override state transition machine */ 397 sc->sc_newstate = ic->ic_newstate; 398 ic->ic_newstate = uath_newstate; 399 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 400 401 #if NBPFILTER > 0 402 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 403 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 404 405 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 406 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 407 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 408 409 sc->sc_txtap_len = sizeof sc->sc_txtapu; 410 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 411 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 412 #endif 413 414 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, 415 USBDEV(sc->sc_dev)); 416 417 USB_ATTACH_SUCCESS_RETURN; 418 419 fail4: uath_free_tx_data_list(sc); 420 fail3: uath_free_rx_cmd_list(sc); 421 fail2: uath_free_tx_cmd_list(sc); 422 fail1: uath_close_pipes(sc); 423 424 USB_ATTACH_ERROR_RETURN; 425 } 426 427 USB_DETACH(uath) 428 { 429 USB_DETACH_START(uath, sc); 430 struct ifnet *ifp = &sc->sc_ic.ic_if; 431 int s; 432 433 s = splnet(); 434 435 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 436 uath_close_pipes(sc); 437 splx(s); 438 return 0; 439 } 440 441 /* post-firmware device */ 442 443 usb_rem_task(sc->sc_udev, &sc->sc_task); 444 timeout_del(&sc->scan_to); 445 timeout_del(&sc->stat_to); 446 447 ieee80211_ifdetach(ifp); /* free all nodes */ 448 if_detach(ifp); 449 450 sc->sc_dying = 1; 451 DPRINTF(("reclaiming %d references\n", sc->sc_refcnt)); 452 while (sc->sc_refcnt > 0) 453 (void)tsleep(UATH_COND_NOREF(sc), 0, "uathdet", 0); 454 DPRINTF(("all references reclaimed\n")); 455 456 /* abort and free xfers */ 457 uath_free_tx_data_list(sc); 458 uath_free_rx_data_list(sc); 459 uath_free_tx_cmd_list(sc); 460 uath_free_rx_cmd_list(sc); 461 462 /* close Tx/Rx pipes */ 463 uath_close_pipes(sc); 464 465 splx(s); 466 467 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, 468 USBDEV(sc->sc_dev)); 469 470 return 0; 471 } 472 473 Static int 474 uath_open_pipes(struct uath_softc *sc) 475 { 476 int error; 477 478 /* 479 * XXX pipes numbers are hardcoded because we don't have any way 480 * to distinguish the data pipes from the firmware command pipes 481 * (both are bulk pipes) using the endpoints descriptors. 482 */ 483 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 484 &sc->cmd_tx_pipe); 485 if (error != 0) { 486 printf("%s: could not open Tx command pipe: %s\n", 487 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 488 goto fail; 489 } 490 491 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 492 &sc->data_tx_pipe); 493 if (error != 0) { 494 printf("%s: could not open Tx data pipe: %s\n", 495 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 496 goto fail; 497 } 498 499 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 500 &sc->cmd_rx_pipe); 501 if (error != 0) { 502 printf("%s: could not open Rx command pipe: %s\n", 503 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 504 goto fail; 505 } 506 507 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 508 &sc->data_rx_pipe); 509 if (error != 0) { 510 printf("%s: could not open Rx data pipe: %s\n", 511 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 512 goto fail; 513 } 514 515 return 0; 516 517 fail: uath_close_pipes(sc); 518 return error; 519 } 520 521 Static void 522 uath_close_pipes(struct uath_softc *sc) 523 { 524 /* assumes no transfers are pending on the pipes */ 525 526 if (sc->data_tx_pipe != NULL) 527 usbd_close_pipe(sc->data_tx_pipe); 528 529 if (sc->data_rx_pipe != NULL) 530 usbd_close_pipe(sc->data_rx_pipe); 531 532 if (sc->cmd_tx_pipe != NULL) 533 usbd_close_pipe(sc->cmd_tx_pipe); 534 535 if (sc->cmd_rx_pipe != NULL) 536 usbd_close_pipe(sc->cmd_rx_pipe); 537 } 538 539 Static int 540 uath_alloc_tx_data_list(struct uath_softc *sc) 541 { 542 int i, error; 543 544 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 545 struct uath_tx_data *data = &sc->tx_data[i]; 546 547 data->sc = sc; /* backpointer for callbacks */ 548 549 data->xfer = usbd_alloc_xfer(sc->sc_udev); 550 if (data->xfer == NULL) { 551 printf("%s: could not allocate xfer\n", 552 USBDEVNAME(sc->sc_dev)); 553 error = ENOMEM; 554 goto fail; 555 } 556 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 557 if (data->buf == NULL) { 558 printf("%s: could not allocate xfer buffer\n", 559 USBDEVNAME(sc->sc_dev)); 560 error = ENOMEM; 561 goto fail; 562 } 563 } 564 return 0; 565 566 fail: uath_free_tx_data_list(sc); 567 return error; 568 } 569 570 Static void 571 uath_free_tx_data_list(struct uath_softc *sc) 572 { 573 int i; 574 575 /* make sure no transfers are pending */ 576 usbd_abort_pipe(sc->data_tx_pipe); 577 578 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 579 if (sc->tx_data[i].xfer != NULL) 580 usbd_free_xfer(sc->tx_data[i].xfer); 581 } 582 583 Static int 584 uath_alloc_rx_data_list(struct uath_softc *sc) 585 { 586 int i, error; 587 588 SLIST_INIT(&sc->rx_freelist); 589 for (i = 0; i < UATH_RX_DATA_POOL_COUNT; i++) { 590 struct uath_rx_data *data = &sc->rx_data[i]; 591 592 data->sc = sc; /* backpointer for callbacks */ 593 594 data->xfer = usbd_alloc_xfer(sc->sc_udev); 595 if (data->xfer == NULL) { 596 printf("%s: could not allocate xfer\n", 597 USBDEVNAME(sc->sc_dev)); 598 error = ENOMEM; 599 goto fail; 600 } 601 data->buf = usbd_alloc_buffer(data->xfer, sc->rxbufsz); 602 if (data->buf == NULL) { 603 printf("%s: could not allocate xfer buffer\n", 604 USBDEVNAME(sc->sc_dev)); 605 error = ENOMEM; 606 goto fail; 607 } 608 SLIST_INSERT_HEAD(&sc->rx_freelist, data, next); 609 } 610 return 0; 611 612 fail: uath_free_rx_data_list(sc); 613 return error; 614 } 615 616 Static void 617 uath_free_rx_data_list(struct uath_softc *sc) 618 { 619 int i; 620 621 /* make sure no transfers are pending */ 622 usbd_abort_pipe(sc->data_rx_pipe); 623 624 for (i = 0; i < UATH_RX_DATA_POOL_COUNT; i++) 625 if (sc->rx_data[i].xfer != NULL) 626 usbd_free_xfer(sc->rx_data[i].xfer); 627 } 628 629 Static void 630 uath_free_rx_data(caddr_t buf, u_int size, void *arg) 631 { 632 struct uath_rx_data *data = arg; 633 struct uath_softc *sc = data->sc; 634 635 /* put the buffer back in the free list */ 636 SLIST_INSERT_HEAD(&sc->rx_freelist, data, next); 637 638 /* release reference to softc */ 639 if (--sc->sc_refcnt == 0 && sc->sc_dying) 640 wakeup(UATH_COND_NOREF(sc)); 641 } 642 643 Static int 644 uath_alloc_tx_cmd_list(struct uath_softc *sc) 645 { 646 int i, error; 647 648 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 649 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 650 651 cmd->sc = sc; /* backpointer for callbacks */ 652 653 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 654 if (cmd->xfer == NULL) { 655 printf("%s: could not allocate xfer\n", 656 USBDEVNAME(sc->sc_dev)); 657 error = ENOMEM; 658 goto fail; 659 } 660 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 661 if (cmd->buf == NULL) { 662 printf("%s: could not allocate xfer buffer\n", 663 USBDEVNAME(sc->sc_dev)); 664 error = ENOMEM; 665 goto fail; 666 } 667 } 668 return 0; 669 670 fail: uath_free_tx_cmd_list(sc); 671 return error; 672 } 673 674 Static void 675 uath_free_tx_cmd_list(struct uath_softc *sc) 676 { 677 int i; 678 679 /* make sure no transfers are pending */ 680 usbd_abort_pipe(sc->cmd_tx_pipe); 681 682 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 683 if (sc->tx_cmd[i].xfer != NULL) 684 usbd_free_xfer(sc->tx_cmd[i].xfer); 685 } 686 687 Static int 688 uath_alloc_rx_cmd_list(struct uath_softc *sc) 689 { 690 int i, error; 691 692 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 693 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 694 695 cmd->sc = sc; /* backpointer for callbacks */ 696 697 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 698 if (cmd->xfer == NULL) { 699 printf("%s: could not allocate xfer\n", 700 USBDEVNAME(sc->sc_dev)); 701 error = ENOMEM; 702 goto fail; 703 } 704 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 705 if (cmd->buf == NULL) { 706 printf("%s: could not allocate xfer buffer\n", 707 USBDEVNAME(sc->sc_dev)); 708 error = ENOMEM; 709 goto fail; 710 } 711 } 712 return 0; 713 714 fail: uath_free_rx_cmd_list(sc); 715 return error; 716 } 717 718 Static void 719 uath_free_rx_cmd_list(struct uath_softc *sc) 720 { 721 int i; 722 723 /* make sure no transfers are pending */ 724 usbd_abort_pipe(sc->cmd_rx_pipe); 725 726 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 727 if (sc->rx_cmd[i].xfer != NULL) 728 usbd_free_xfer(sc->rx_cmd[i].xfer); 729 } 730 731 Static int 732 uath_media_change(struct ifnet *ifp) 733 { 734 int error; 735 736 error = ieee80211_media_change(ifp); 737 if (error != ENETRESET) 738 return error; 739 740 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 741 uath_init(ifp); 742 743 return 0; 744 } 745 746 /* 747 * This function is called periodically (every second) when associated to 748 * query device statistics. 749 */ 750 Static void 751 uath_stat(void *arg) 752 { 753 struct uath_softc *sc = arg; 754 int error; 755 756 /* 757 * Send request for statistics asynchronously. The timer will be 758 * restarted when we'll get the stats notification. 759 */ 760 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 761 UATH_CMD_FLAG_ASYNC); 762 if (error != 0) { 763 printf("%s: could not query statistics (error=%d)\n", 764 USBDEVNAME(sc->sc_dev), error); 765 } 766 } 767 768 /* 769 * This function is called periodically (every 250ms) during scanning to 770 * switch from one channel to another. 771 */ 772 Static void 773 uath_next_scan(void *arg) 774 { 775 struct uath_softc *sc = arg; 776 struct ieee80211com *ic = &sc->sc_ic; 777 struct ifnet *ifp = &ic->ic_if; 778 779 if (ic->ic_state == IEEE80211_S_SCAN) 780 ieee80211_next_scan(ifp); 781 } 782 783 Static void 784 uath_task(void *arg) 785 { 786 struct uath_softc *sc = arg; 787 struct ieee80211com *ic = &sc->sc_ic; 788 enum ieee80211_state ostate; 789 790 ostate = ic->ic_state; 791 792 switch (sc->sc_state) { 793 case IEEE80211_S_INIT: 794 if (ostate == IEEE80211_S_RUN) { 795 /* turn link and activity LEDs off */ 796 (void)uath_set_led(sc, UATH_LED_LINK, 0); 797 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 798 } 799 break; 800 801 case IEEE80211_S_SCAN: 802 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 803 printf("%s: could not switch channel\n", 804 USBDEVNAME(sc->sc_dev)); 805 break; 806 } 807 timeout_add(&sc->scan_to, hz / 4); 808 break; 809 810 case IEEE80211_S_AUTH: 811 { 812 struct ieee80211_node *ni = ic->ic_bss; 813 struct uath_cmd_bssid bssid; 814 struct uath_cmd_0b cmd0b; 815 struct uath_cmd_0c cmd0c; 816 817 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 818 printf("%s: could not switch channel\n", 819 USBDEVNAME(sc->sc_dev)); 820 break; 821 } 822 823 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 824 825 bzero(&bssid, sizeof bssid); 826 bssid.len = htobe32(IEEE80211_ADDR_LEN); 827 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 828 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 829 sizeof bssid, 0); 830 831 bzero(&cmd0b, sizeof cmd0b); 832 cmd0b.code = htobe32(2); 833 cmd0b.size = htobe32(sizeof (cmd0b.data)); 834 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 835 836 bzero(&cmd0c, sizeof cmd0c); 837 cmd0c.magic1 = htobe32(2); 838 cmd0c.magic2 = htobe32(7); 839 cmd0c.magic3 = htobe32(1); 840 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 841 842 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 843 printf("%s: could not set negotiated rate set\n", 844 USBDEVNAME(sc->sc_dev)); 845 break; 846 } 847 break; 848 } 849 850 case IEEE80211_S_ASSOC: 851 break; 852 853 case IEEE80211_S_RUN: 854 { 855 struct ieee80211_node *ni = ic->ic_bss; 856 struct uath_cmd_bssid bssid; 857 struct uath_cmd_xled xled; 858 uint32_t val; 859 860 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 861 /* make both LEDs blink while monitoring */ 862 bzero(&xled, sizeof xled); 863 xled.which = htobe32(0); 864 xled.rate = htobe32(1); 865 xled.mode = htobe32(2); 866 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 867 sizeof xled, 0); 868 break; 869 } 870 871 /* 872 * Tx rate is controlled by firmware, report the maximum 873 * negotiated rate in ifconfig output. 874 */ 875 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 876 877 val = htobe32(1); 878 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 879 880 bzero(&bssid, sizeof bssid); 881 bssid.flags1 = htobe32(0xc004); 882 bssid.flags2 = htobe32(0x003b); 883 bssid.len = htobe32(IEEE80211_ADDR_LEN); 884 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 885 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 886 sizeof bssid, 0); 887 888 /* turn link LED on */ 889 (void)uath_set_led(sc, UATH_LED_LINK, 1); 890 891 /* make activity LED blink */ 892 bzero(&xled, sizeof xled); 893 xled.which = htobe32(1); 894 xled.rate = htobe32(1); 895 xled.mode = htobe32(2); 896 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 897 0); 898 899 /* set state to associated */ 900 val = htobe32(1); 901 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 902 0); 903 904 /* start statistics timer */ 905 timeout_add(&sc->stat_to, hz); 906 break; 907 } 908 } 909 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 910 } 911 912 Static int 913 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 914 { 915 struct uath_softc *sc = ic->ic_softc; 916 917 usb_rem_task(sc->sc_udev, &sc->sc_task); 918 timeout_del(&sc->scan_to); 919 timeout_del(&sc->stat_to); 920 921 /* do it in a process context */ 922 sc->sc_state = nstate; 923 sc->sc_arg = arg; 924 usb_add_task(sc->sc_udev, &sc->sc_task); 925 926 return 0; 927 } 928 929 #ifdef UATH_DEBUG 930 Static void 931 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 932 { 933 int i; 934 935 for (i = 0; i < len; i++) { 936 if ((i % 16) == 0) 937 printf("\n%c ", prefix); 938 else if ((i % 4) == 0) 939 printf(" "); 940 printf("%02x", buf[i]); 941 } 942 printf("\n"); 943 } 944 #endif 945 946 /* 947 * Low-level function to send read or write commands to the firmware. 948 */ 949 Static int 950 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 951 void *odata, int flags) 952 { 953 struct uath_cmd_hdr *hdr; 954 struct uath_tx_cmd *cmd; 955 uint16_t xferflags; 956 int s, xferlen, error; 957 958 /* grab a xfer */ 959 cmd = &sc->tx_cmd[sc->cmd_idx]; 960 961 /* always bulk-out a multiple of 4 bytes */ 962 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 963 964 hdr = (struct uath_cmd_hdr *)cmd->buf; 965 bzero(hdr, sizeof (struct uath_cmd_hdr)); 966 hdr->len = htobe32(xferlen); 967 hdr->code = htobe32(code); 968 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 969 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 970 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 971 972 #ifdef UATH_DEBUG 973 if (uath_debug >= 5) { 974 printf("sending command code=0x%02x flags=0x%x index=%u", 975 code, flags, sc->cmd_idx); 976 uath_dump_cmd(cmd->buf, xferlen, '+'); 977 } 978 #endif 979 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 980 if (!(flags & UATH_CMD_FLAG_READ)) { 981 if (!(flags & UATH_CMD_FLAG_ASYNC)) 982 xferflags |= USBD_SYNCHRONOUS; 983 } else 984 s = splusb(); 985 986 cmd->odata = odata; 987 988 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 989 xferflags, UATH_CMD_TIMEOUT, NULL); 990 error = usbd_transfer(cmd->xfer); 991 if (error != USBD_IN_PROGRESS && error != 0) { 992 if (flags & UATH_CMD_FLAG_READ) 993 splx(s); 994 printf("%s: could not send command (error=%s)\n", 995 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 996 return error; 997 } 998 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 999 1000 if (!(flags & UATH_CMD_FLAG_READ)) 1001 return 0; /* write: don't wait for reply */ 1002 1003 /* wait at most two seconds for command reply */ 1004 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 1005 cmd->odata = NULL; /* in case answer is received too late */ 1006 splx(s); 1007 if (error != 0) { 1008 printf("%s: timeout waiting for command reply\n", 1009 USBDEVNAME(sc->sc_dev)); 1010 } 1011 return error; 1012 } 1013 1014 Static int 1015 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1016 int flags) 1017 { 1018 flags &= ~UATH_CMD_FLAG_READ; 1019 return uath_cmd(sc, code, data, len, NULL, flags); 1020 } 1021 1022 Static int 1023 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1024 int ilen, void *odata, int flags) 1025 { 1026 flags |= UATH_CMD_FLAG_READ; 1027 return uath_cmd(sc, code, idata, ilen, odata, flags); 1028 } 1029 1030 Static int 1031 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1032 { 1033 struct uath_write_mac write; 1034 int error; 1035 1036 write.reg = htobe32(reg); 1037 write.len = htobe32(0); /* 0 = single write */ 1038 *(uint32_t *)write.data = htobe32(val); 1039 1040 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1041 3 * sizeof (uint32_t), 0); 1042 if (error != 0) { 1043 printf("%s: could not write register 0x%02x\n", 1044 USBDEVNAME(sc->sc_dev), reg); 1045 } 1046 return error; 1047 } 1048 1049 Static int 1050 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1051 int len) 1052 { 1053 struct uath_write_mac write; 1054 int error; 1055 1056 write.reg = htobe32(reg); 1057 write.len = htobe32(len); 1058 bcopy(data, write.data, len); 1059 1060 /* properly handle the case where len is zero (reset) */ 1061 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1062 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1063 if (error != 0) { 1064 printf("%s: could not write %d bytes to register 0x%02x\n", 1065 USBDEVNAME(sc->sc_dev), len, reg); 1066 } 1067 return error; 1068 } 1069 1070 Static int 1071 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1072 { 1073 struct uath_read_mac read; 1074 int error; 1075 1076 reg = htobe32(reg); 1077 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1078 0); 1079 if (error != 0) { 1080 printf("%s: could not read register 0x%02x\n", 1081 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1082 return error; 1083 } 1084 *val = betoh32(*(uint32_t *)read.data); 1085 return error; 1086 } 1087 1088 Static int 1089 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1090 { 1091 struct uath_read_mac read; 1092 int len, error; 1093 1094 reg = htobe32(reg); 1095 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1096 &read, 0); 1097 if (error != 0) { 1098 printf("%s: could not read EEPROM offset 0x%02x\n", 1099 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1100 return error; 1101 } 1102 len = betoh32(read.len); 1103 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1104 return error; 1105 } 1106 1107 Static void 1108 uath_cmd_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1109 usbd_status status) 1110 { 1111 struct uath_rx_cmd *cmd = priv; 1112 struct uath_softc *sc = cmd->sc; 1113 struct uath_cmd_hdr *hdr; 1114 1115 if (status != USBD_NORMAL_COMPLETION) { 1116 if (status == USBD_STALLED) 1117 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1118 return; 1119 } 1120 1121 hdr = (struct uath_cmd_hdr *)cmd->buf; 1122 1123 #ifdef UATH_DEBUG 1124 if (uath_debug >= 5) { 1125 printf("received command code=0x%x index=%u len=%u", 1126 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1127 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1128 } 1129 #endif 1130 1131 switch (betoh32(hdr->code) & 0xff) { 1132 /* reply to a read command */ 1133 default: 1134 { 1135 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1136 1137 if (txcmd->odata != NULL) { 1138 /* copy answer into caller's supplied buffer */ 1139 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1140 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1141 } 1142 wakeup(txcmd); /* wake up caller */ 1143 break; 1144 } 1145 /* spontaneous firmware notifications */ 1146 case UATH_NOTIF_READY: 1147 DPRINTF(("received device ready notification\n")); 1148 wakeup(UATH_COND_INIT(sc)); 1149 break; 1150 1151 case UATH_NOTIF_TX: 1152 /* this notification is sent when UATH_TX_NOTIFY is set */ 1153 DPRINTF(("received Tx notification\n")); 1154 break; 1155 1156 case UATH_NOTIF_STATS: 1157 DPRINTFN(2, ("received device statistics\n")); 1158 timeout_add(&sc->stat_to, hz); 1159 break; 1160 } 1161 1162 /* setup a new transfer */ 1163 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1164 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1165 uath_cmd_rxeof); 1166 (void)usbd_transfer(xfer); 1167 } 1168 1169 Static void 1170 uath_data_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1171 usbd_status status) 1172 { 1173 struct uath_rx_data *data = priv; 1174 struct uath_softc *sc = data->sc; 1175 struct ieee80211com *ic = &sc->sc_ic; 1176 struct ifnet *ifp = &ic->ic_if; 1177 struct ieee80211_frame *wh; 1178 struct ieee80211_node *ni; 1179 struct uath_rx_data *ndata; 1180 struct uath_rx_desc *desc; 1181 struct mbuf *m; 1182 uint32_t hdr; 1183 int s, len; 1184 1185 if (status != USBD_NORMAL_COMPLETION) { 1186 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1187 return; 1188 1189 if (status == USBD_STALLED) 1190 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1191 1192 ifp->if_ierrors++; 1193 return; 1194 } 1195 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1196 1197 if (len < UATH_MIN_RXBUFSZ) { 1198 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1199 ifp->if_ierrors++; 1200 goto skip; 1201 } 1202 1203 hdr = betoh32(*(uint32_t *)data->buf); 1204 1205 /* Rx descriptor is located at the end, 32-bit aligned */ 1206 desc = (struct uath_rx_desc *) 1207 (data->buf + len - sizeof (struct uath_rx_desc)); 1208 1209 if (betoh32(desc->len) > sc->rxbufsz) { 1210 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1211 ifp->if_ierrors++; 1212 goto skip; 1213 } 1214 1215 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1216 1217 MGETHDR(m, M_DONTWAIT, MT_DATA); 1218 if (m == NULL) { 1219 ifp->if_ierrors++; 1220 goto skip; 1221 } 1222 1223 /* grab a new Rx buffer */ 1224 ndata = SLIST_FIRST(&sc->rx_freelist); 1225 if (ndata == NULL) { 1226 printf("%s: could not allocate Rx buffer\n", 1227 USBDEVNAME(sc->sc_dev)); 1228 m_freem(m); 1229 ifp->if_ierrors++; 1230 goto skip; 1231 } 1232 SLIST_REMOVE_HEAD(&sc->rx_freelist, next); 1233 1234 MEXTADD(m, data->buf, sc->rxbufsz, 0, uath_free_rx_data, data); 1235 1236 /* finalize mbuf */ 1237 m->m_pkthdr.rcvif = ifp; 1238 m->m_data = data->buf + sizeof (uint32_t); 1239 m->m_pkthdr.len = m->m_len = 1240 betoh32(desc->len) - sizeof (struct uath_rx_desc); 1241 1242 data = ndata; 1243 1244 wh = mtod(m, struct ieee80211_frame *); 1245 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1246 ic->ic_opmode != IEEE80211_M_MONITOR) { 1247 /* 1248 * Hardware decrypts the frame itself but leaves the WEP bit 1249 * set in the 802.11 header and doesn't remove the IV and CRC 1250 * fields. 1251 */ 1252 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1253 ovbcopy(wh, (caddr_t)wh + IEEE80211_WEP_IVLEN + 1254 IEEE80211_WEP_KIDLEN, sizeof (struct ieee80211_frame)); 1255 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1256 m_adj(m, -IEEE80211_WEP_CRCLEN); 1257 wh = mtod(m, struct ieee80211_frame *); 1258 } 1259 1260 #if NBPFILTER > 0 1261 /* there are a lot more fields in the Rx descriptor */ 1262 if (sc->sc_drvbpf != NULL) { 1263 struct mbuf mb; 1264 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1265 1266 tap->wr_flags = 0; 1267 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1268 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1269 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1270 1271 M_DUP_PKTHDR(&mb, m); 1272 mb.m_data = (caddr_t)tap; 1273 mb.m_len = sc->sc_rxtap_len; 1274 mb.m_next = m; 1275 mb.m_pkthdr.len += mb.m_len; 1276 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1277 } 1278 #endif 1279 1280 s = splnet(); 1281 sc->sc_refcnt++; 1282 ni = ieee80211_find_rxnode(ic, wh); 1283 ieee80211_input(ifp, m, ni, (int)betoh32(desc->rssi), 0); 1284 1285 /* node is no longer needed */ 1286 ieee80211_release_node(ic, ni); 1287 splx(s); 1288 1289 skip: /* setup a new transfer */ 1290 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1291 sc->rxbufsz, USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1292 uath_data_rxeof); 1293 (void)usbd_transfer(data->xfer); 1294 } 1295 1296 Static int 1297 uath_tx_null(struct uath_softc *sc) 1298 { 1299 struct uath_tx_data *data; 1300 struct uath_tx_desc *desc; 1301 1302 data = &sc->tx_data[sc->data_idx]; 1303 1304 data->ni = NULL; 1305 1306 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1307 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1308 1309 bzero(desc, sizeof (struct uath_tx_desc)); 1310 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1311 desc->type = htobe32(UATH_TX_NULL); 1312 1313 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1314 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1315 USBD_FORCE_SHORT_XFER, UATH_DATA_TIMEOUT, NULL); 1316 if (usbd_sync_transfer(data->xfer) != 0) 1317 return EIO; 1318 1319 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1320 1321 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1322 } 1323 1324 Static void 1325 uath_data_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1326 usbd_status status) 1327 { 1328 struct uath_tx_data *data = priv; 1329 struct uath_softc *sc = data->sc; 1330 struct ieee80211com *ic = &sc->sc_ic; 1331 struct ifnet *ifp = &ic->ic_if; 1332 int s; 1333 1334 if (status != USBD_NORMAL_COMPLETION) { 1335 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1336 return; 1337 1338 printf("%s: could not transmit buffer: %s\n", 1339 USBDEVNAME(sc->sc_dev), usbd_errstr(status)); 1340 1341 if (status == USBD_STALLED) 1342 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1343 1344 ifp->if_oerrors++; 1345 return; 1346 } 1347 1348 s = splnet(); 1349 1350 ieee80211_release_node(ic, data->ni); 1351 data->ni = NULL; 1352 1353 sc->tx_queued--; 1354 ifp->if_opackets++; 1355 1356 sc->sc_tx_timer = 0; 1357 ifp->if_flags &= ~IFF_OACTIVE; 1358 uath_start(ifp); 1359 1360 splx(s); 1361 } 1362 1363 Static int 1364 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1365 { 1366 struct ieee80211com *ic = &sc->sc_ic; 1367 struct uath_tx_data *data; 1368 struct uath_tx_desc *desc; 1369 const struct ieee80211_frame *wh; 1370 int paylen, totlen, xferlen, error; 1371 1372 data = &sc->tx_data[sc->data_idx]; 1373 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1374 1375 data->ni = ni; 1376 1377 #if NBPFILTER > 0 1378 if (sc->sc_drvbpf != NULL) { 1379 struct mbuf mb; 1380 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1381 1382 tap->wt_flags = 0; 1383 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1384 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1385 1386 M_DUP_PKTHDR(&mb, m0); 1387 mb.m_data = (caddr_t)tap; 1388 mb.m_len = sc->sc_txtap_len; 1389 mb.m_next = m0; 1390 mb.m_pkthdr.len += mb.m_len; 1391 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1392 } 1393 #endif 1394 1395 paylen = m0->m_pkthdr.len; 1396 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1397 1398 wh = mtod(m0, struct ieee80211_frame *); 1399 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1400 uint8_t *frm = (uint8_t *)(desc + 1); 1401 uint32_t iv; 1402 1403 /* h/w WEP: it's up to the host to fill the IV field */ 1404 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1405 frm += sizeof (struct ieee80211_frame); 1406 1407 /* insert IV: code copied from net80211 */ 1408 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1409 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1410 iv += 0x000100; 1411 ic->ic_iv = iv + 1; 1412 1413 *frm++ = iv & 0xff; 1414 *frm++ = (iv >> 8) & 0xff; 1415 *frm++ = (iv >> 16) & 0xff; 1416 *frm++ = ic->ic_wep_txkey << 6; 1417 1418 m_copydata(m0, sizeof (struct ieee80211_frame), 1419 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1420 1421 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1422 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1423 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1424 } else { 1425 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1426 totlen = xferlen; 1427 } 1428 1429 /* fill Tx descriptor */ 1430 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1431 1432 desc->len = htobe32(totlen); 1433 desc->priv = sc->data_idx; /* don't care about endianness */ 1434 desc->paylen = htobe32(paylen); 1435 desc->type = htobe32(UATH_TX_DATA); 1436 desc->flags = htobe32(0); 1437 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1438 desc->dest = htobe32(UATH_ID_BROADCAST); 1439 desc->magic = htobe32(3); 1440 } else { 1441 desc->dest = htobe32(UATH_ID_BSS); 1442 desc->magic = htobe32(1); 1443 } 1444 1445 m_freem(m0); /* mbuf is no longer needed */ 1446 1447 #ifdef UATH_DEBUG 1448 if (uath_debug >= 6) { 1449 printf("sending frame index=%u len=%d xferlen=%d", 1450 sc->data_idx, paylen, xferlen); 1451 uath_dump_cmd(data->buf, xferlen, '+'); 1452 } 1453 #endif 1454 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1455 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1456 uath_data_txeof); 1457 error = usbd_transfer(data->xfer); 1458 if (error != USBD_IN_PROGRESS && error != 0) { 1459 ic->ic_if.if_oerrors++; 1460 return error; 1461 } 1462 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1463 sc->tx_queued++; 1464 1465 return 0; 1466 } 1467 1468 Static void 1469 uath_start(struct ifnet *ifp) 1470 { 1471 struct uath_softc *sc = ifp->if_softc; 1472 struct ieee80211com *ic = &sc->sc_ic; 1473 struct ieee80211_node *ni; 1474 struct mbuf *m0; 1475 1476 /* 1477 * net80211 may still try to send management frames even if the 1478 * IFF_RUNNING flag is not set... 1479 */ 1480 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1481 return; 1482 1483 for (;;) { 1484 IF_POLL(&ic->ic_mgtq, m0); 1485 if (m0 != NULL) { 1486 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1487 ifp->if_flags |= IFF_OACTIVE; 1488 break; 1489 } 1490 IF_DEQUEUE(&ic->ic_mgtq, m0); 1491 1492 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1493 m0->m_pkthdr.rcvif = NULL; 1494 #if NBPFILTER > 0 1495 if (ic->ic_rawbpf != NULL) 1496 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1497 #endif 1498 if (uath_tx_data(sc, m0, ni) != 0) 1499 break; 1500 } else { 1501 if (ic->ic_state != IEEE80211_S_RUN) 1502 break; 1503 IFQ_POLL(&ifp->if_snd, m0); 1504 if (m0 == NULL) 1505 break; 1506 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1507 ifp->if_flags |= IFF_OACTIVE; 1508 break; 1509 } 1510 IFQ_DEQUEUE(&ifp->if_snd, m0); 1511 #if NBPFILTER > 0 1512 if (ifp->if_bpf != NULL) 1513 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1514 #endif 1515 m0 = ieee80211_encap(ifp, m0, &ni); 1516 if (m0 == NULL) 1517 continue; 1518 #if NBPFILTER > 0 1519 if (ic->ic_rawbpf != NULL) 1520 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1521 #endif 1522 if (uath_tx_data(sc, m0, ni) != 0) { 1523 if (ni != NULL) 1524 ieee80211_release_node(ic, ni); 1525 ifp->if_oerrors++; 1526 break; 1527 } 1528 } 1529 1530 sc->sc_tx_timer = 5; 1531 ifp->if_timer = 1; 1532 } 1533 } 1534 1535 Static void 1536 uath_watchdog(struct ifnet *ifp) 1537 { 1538 struct uath_softc *sc = ifp->if_softc; 1539 1540 ifp->if_timer = 0; 1541 1542 if (sc->sc_tx_timer > 0) { 1543 if (--sc->sc_tx_timer == 0) { 1544 printf("%s: device timeout\n", USBDEVNAME(sc->sc_dev)); 1545 /*uath_init(ifp); XXX needs a process context! */ 1546 ifp->if_oerrors++; 1547 return; 1548 } 1549 ifp->if_timer = 1; 1550 } 1551 1552 ieee80211_watchdog(ifp); 1553 } 1554 1555 Static int 1556 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1557 { 1558 struct uath_softc *sc = ifp->if_softc; 1559 struct ieee80211com *ic = &sc->sc_ic; 1560 struct ifaddr *ifa; 1561 struct ifreq *ifr; 1562 int s, error = 0; 1563 1564 s = splnet(); 1565 1566 switch (cmd) { 1567 case SIOCSIFADDR: 1568 ifa = (struct ifaddr *)data; 1569 ifp->if_flags |= IFF_UP; 1570 #ifdef INET 1571 if (ifa->ifa_addr->sa_family == AF_INET) 1572 arp_ifinit(&ic->ic_ac, ifa); 1573 #endif 1574 /* FALLTHROUGH */ 1575 case SIOCSIFFLAGS: 1576 if (ifp->if_flags & IFF_UP) { 1577 if (!(ifp->if_flags & IFF_RUNNING)) 1578 uath_init(ifp); 1579 } else { 1580 if (ifp->if_flags & IFF_RUNNING) 1581 uath_stop(ifp, 1); 1582 } 1583 break; 1584 1585 case SIOCADDMULTI: 1586 case SIOCDELMULTI: 1587 ifr = (struct ifreq *)data; 1588 error = (cmd == SIOCADDMULTI) ? 1589 ether_addmulti(ifr, &ic->ic_ac) : 1590 ether_delmulti(ifr, &ic->ic_ac); 1591 if (error == ENETRESET) 1592 error = 0; 1593 break; 1594 1595 default: 1596 error = ieee80211_ioctl(ifp, cmd, data); 1597 } 1598 1599 if (error == ENETRESET) { 1600 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1601 (IFF_UP | IFF_RUNNING)) 1602 uath_init(ifp); 1603 error = 0; 1604 } 1605 1606 splx(s); 1607 1608 return error; 1609 } 1610 1611 Static int 1612 uath_query_eeprom(struct uath_softc *sc) 1613 { 1614 uint32_t tmp; 1615 int error; 1616 1617 /* retrieve MAC address */ 1618 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1619 if (error != 0) { 1620 printf("%s: could not read MAC address\n", 1621 USBDEVNAME(sc->sc_dev)); 1622 return error; 1623 } 1624 1625 /* retrieve the maximum frame size that the hardware can receive */ 1626 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1627 if (error != 0) { 1628 printf("%s: could not read maximum Rx buffer size\n", 1629 USBDEVNAME(sc->sc_dev)); 1630 return error; 1631 } 1632 sc->rxbufsz = betoh32(tmp) & 0xfff; 1633 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1634 return 0; 1635 } 1636 1637 Static int 1638 uath_reset(struct uath_softc *sc) 1639 { 1640 struct uath_cmd_setup setup; 1641 uint32_t reg, val; 1642 int s, error; 1643 1644 /* init device with some voodoo incantations.. */ 1645 setup.magic1 = htobe32(1); 1646 setup.magic2 = htobe32(5); 1647 setup.magic3 = htobe32(200); 1648 setup.magic4 = htobe32(27); 1649 s = splusb(); 1650 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1651 UATH_CMD_FLAG_ASYNC); 1652 /* ..and wait until firmware notifies us that it is ready */ 1653 if (error == 0) 1654 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1655 splx(s); 1656 if (error != 0) 1657 return error; 1658 1659 /* read PHY registers */ 1660 for (reg = 0x09; reg <= 0x24; reg++) { 1661 if (reg == 0x0b || reg == 0x0c) 1662 continue; 1663 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1664 return error; 1665 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1666 } 1667 return error; 1668 } 1669 1670 Static int 1671 uath_reset_tx_queues(struct uath_softc *sc) 1672 { 1673 int ac, error; 1674 1675 for (ac = 0; ac < 4; ac++) { 1676 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1677 1678 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1679 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1680 sizeof qid, 0); 1681 if (error != 0) 1682 break; 1683 } 1684 return error; 1685 } 1686 1687 Static int 1688 uath_wme_init(struct uath_softc *sc) 1689 { 1690 struct uath_qinfo qinfo; 1691 int ac, error; 1692 static const struct uath_wme_settings uath_wme_11g[4] = { 1693 { 7, 4, 10, 0, 0 }, /* Background */ 1694 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1695 { 3, 3, 4, 26, 0 }, /* Video */ 1696 { 2, 2, 3, 47, 0 } /* Voice */ 1697 }; 1698 1699 bzero(&qinfo, sizeof qinfo); 1700 qinfo.size = htobe32(32); 1701 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1702 qinfo.magic2 = htobe32(1); 1703 for (ac = 0; ac < 4; ac++) { 1704 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1705 qinfo.ac = htobe32(ac); 1706 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1707 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1708 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1709 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1710 uath_wme_11g[ac].txop)); 1711 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1712 1713 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1714 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1715 sizeof qinfo, 0); 1716 if (error != 0) 1717 break; 1718 } 1719 return error; 1720 } 1721 1722 Static int 1723 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1724 { 1725 struct uath_set_chan chan; 1726 1727 bzero(&chan, sizeof chan); 1728 chan.flags = htobe32(0x1400); 1729 chan.freq = htobe32(c->ic_freq); 1730 chan.magic1 = htobe32(20); 1731 chan.magic2 = htobe32(50); 1732 chan.magic3 = htobe32(1); 1733 1734 DPRINTF(("switching to channel %d\n", 1735 ieee80211_chan2ieee(&sc->sc_ic, c))); 1736 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1737 } 1738 1739 Static int 1740 uath_set_key(struct uath_softc *sc, const struct ieee80211_wepkey *wk, 1741 int index) 1742 { 1743 struct uath_cmd_crypto crypto; 1744 int i; 1745 1746 bzero(&crypto, sizeof crypto); 1747 crypto.keyidx = htobe32(index); 1748 crypto.magic1 = htobe32(1); 1749 crypto.size = htobe32(368); 1750 crypto.mask = htobe32(0xffff); 1751 crypto.flags = htobe32(0x80000068); 1752 if (index != UATH_DEFAULT_KEY) 1753 crypto.flags |= htobe32(index << 16); 1754 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1755 1756 /* 1757 * Each byte of the key must be XOR'ed with 10101010 before being 1758 * transmitted to the firmware. 1759 */ 1760 for (i = 0; i < wk->wk_len; i++) 1761 crypto.key[i] = wk->wk_key[i] ^ 0xaa; 1762 1763 DPRINTF(("setting crypto key index=%d len=%d\n", index, wk->wk_len)); 1764 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1765 } 1766 1767 Static int 1768 uath_set_keys(struct uath_softc *sc) 1769 { 1770 const struct ieee80211com *ic = &sc->sc_ic; 1771 int i, error; 1772 1773 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1774 const struct ieee80211_wepkey *wk = &ic->ic_nw_keys[i]; 1775 1776 if (wk->wk_len > 0 && 1777 (error = uath_set_key(sc, wk, i)) != 0) 1778 return error; 1779 } 1780 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1781 UATH_DEFAULT_KEY); 1782 } 1783 1784 Static int 1785 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1786 { 1787 struct uath_cmd_rates rates; 1788 1789 bzero(&rates, sizeof rates); 1790 rates.magic1 = htobe32(0x02); 1791 rates.size = htobe32(1 + sizeof rates.rates); 1792 rates.nrates = rs->rs_nrates; 1793 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1794 1795 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1796 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1797 } 1798 1799 Static int 1800 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1801 { 1802 struct uath_cmd_filter rxfilter; 1803 1804 rxfilter.filter = htobe32(filter); 1805 rxfilter.flags = htobe32(flags); 1806 1807 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1808 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1809 sizeof rxfilter, 0); 1810 } 1811 1812 Static int 1813 uath_set_led(struct uath_softc *sc, int which, int on) 1814 { 1815 struct uath_cmd_led led; 1816 1817 led.which = htobe32(which); 1818 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1819 1820 DPRINTFN(2, ("switching %s led %s\n", 1821 (which == UATH_LED_LINK) ? "link" : "activity", 1822 on ? "on" : "off")); 1823 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1824 } 1825 1826 Static int 1827 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1828 { 1829 uint32_t val; 1830 int error; 1831 1832 /* set radio frequency */ 1833 if ((error = uath_set_chan(sc, c)) != 0) { 1834 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1835 return error; 1836 } 1837 1838 /* reset Tx rings */ 1839 if ((error = uath_reset_tx_queues(sc)) != 0) { 1840 printf("%s: could not reset Tx queues\n", 1841 USBDEVNAME(sc->sc_dev)); 1842 return error; 1843 } 1844 1845 /* set Tx rings WME properties */ 1846 if ((error = uath_wme_init(sc)) != 0) { 1847 printf("%s: could not init Tx queues\n", 1848 USBDEVNAME(sc->sc_dev)); 1849 return error; 1850 } 1851 1852 val = htobe32(0); 1853 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1854 if (error != 0) { 1855 printf("%s: could not set state\n", USBDEVNAME(sc->sc_dev)); 1856 return error; 1857 } 1858 1859 return uath_tx_null(sc); 1860 } 1861 1862 Static int 1863 uath_init(struct ifnet *ifp) 1864 { 1865 struct uath_softc *sc = ifp->if_softc; 1866 struct ieee80211com *ic = &sc->sc_ic; 1867 struct uath_cmd_31 cmd31; 1868 uint32_t val; 1869 int i, error; 1870 1871 /* reset data and command rings */ 1872 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1873 1874 val = htobe32(0); 1875 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1876 1877 /* set MAC address */ 1878 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1879 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1880 1881 (void)uath_write_reg(sc, 0x02, 0x00000001); 1882 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1883 (void)uath_write_reg(sc, 0x10, 0x00000001); 1884 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1885 1886 /* 1887 * Queue Rx data xfers. 1888 */ 1889 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1890 struct uath_rx_data *data = SLIST_FIRST(&sc->rx_freelist); 1891 1892 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1893 sc->rxbufsz, USBD_SHORT_XFER_OK | USBD_NO_COPY, 1894 USBD_NO_TIMEOUT, uath_data_rxeof); 1895 error = usbd_transfer(data->xfer); 1896 if (error != USBD_IN_PROGRESS && error != 0) { 1897 printf("%s: could not queue Rx transfer\n", 1898 USBDEVNAME(sc->sc_dev)); 1899 goto fail; 1900 } 1901 SLIST_REMOVE_HEAD(&sc->rx_freelist, next); 1902 } 1903 1904 error = uath_cmd_read(sc, UATH_CMD_07, 0, NULL, &val, 1905 UATH_CMD_FLAG_MAGIC); 1906 if (error != 0) { 1907 printf("%s: could not send read command 07h\n", 1908 USBDEVNAME(sc->sc_dev)); 1909 goto fail; 1910 } 1911 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1912 1913 /* set default channel */ 1914 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1915 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1916 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1917 goto fail; 1918 } 1919 1920 if ((error = uath_wme_init(sc)) != 0) { 1921 printf("%s: could not setup WME parameters\n", 1922 USBDEVNAME(sc->sc_dev)); 1923 goto fail; 1924 } 1925 1926 /* init MAC registers */ 1927 (void)uath_write_reg(sc, 0x19, 0x00000000); 1928 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1929 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1930 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1931 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1932 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1933 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1934 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1935 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1936 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1937 1938 val = htobe32(4); 1939 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1940 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1941 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1942 1943 if ((error = uath_set_keys(sc)) != 0) { 1944 printf("%s: could not set crypto keys\n", 1945 USBDEVNAME(sc->sc_dev)); 1946 goto fail; 1947 } 1948 1949 /* enable Rx */ 1950 (void)uath_set_rxfilter(sc, 0x0000, 4); 1951 (void)uath_set_rxfilter(sc, 0x0817, 1); 1952 1953 cmd31.magic1 = htobe32(0xffffffff); 1954 cmd31.magic2 = htobe32(0xffffffff); 1955 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1956 1957 ifp->if_flags &= ~IFF_OACTIVE; 1958 ifp->if_flags |= IFF_RUNNING; 1959 1960 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1961 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1962 else 1963 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1964 1965 return 0; 1966 1967 fail: uath_stop(ifp, 1); 1968 return error; 1969 } 1970 1971 Static void 1972 uath_stop(struct ifnet *ifp, int disable) 1973 { 1974 struct uath_softc *sc = ifp->if_softc; 1975 struct ieee80211com *ic = &sc->sc_ic; 1976 uint32_t val; 1977 int s; 1978 1979 s = splusb(); 1980 1981 sc->sc_tx_timer = 0; 1982 ifp->if_timer = 0; 1983 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1984 1985 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1986 1987 val = htobe32(0); 1988 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1989 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1990 1991 val = htobe32(0); 1992 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1993 1994 #if 0 1995 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1996 UATH_CMD_FLAG_MAGIC); 1997 #endif 1998 1999 /* abort any pending transfers */ 2000 usbd_abort_pipe(sc->data_tx_pipe); 2001 usbd_abort_pipe(sc->data_rx_pipe); 2002 usbd_abort_pipe(sc->cmd_tx_pipe); 2003 usbd_abort_pipe(sc->cmd_rx_pipe); 2004 2005 splx(s); 2006 } 2007 2008 /* 2009 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 2010 * the device will detach itself from the bus and reattach later with a new 2011 * product Id (a la ezusb). XXX this could also be implemented in userland 2012 * through /dev/ugen. 2013 */ 2014 Static int 2015 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2016 { 2017 usbd_xfer_handle ctlxfer, txxfer, rxxfer; 2018 struct uath_fwblock *txblock, *rxblock; 2019 uint8_t *txdata; 2020 int error = 0; 2021 2022 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2023 printf("%s: could not allocate Tx control xfer\n", 2024 USBDEVNAME(sc->sc_dev)); 2025 error = USBD_NOMEM; 2026 goto fail1; 2027 } 2028 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2029 if (txblock == NULL) { 2030 printf("%s: could not allocate Tx control block\n", 2031 USBDEVNAME(sc->sc_dev)); 2032 error = USBD_NOMEM; 2033 goto fail2; 2034 } 2035 2036 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2037 printf("%s: could not allocate Tx xfer\n", 2038 USBDEVNAME(sc->sc_dev)); 2039 error = USBD_NOMEM; 2040 goto fail2; 2041 } 2042 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2043 if (txdata == NULL) { 2044 printf("%s: could not allocate Tx buffer\n", 2045 USBDEVNAME(sc->sc_dev)); 2046 error = USBD_NOMEM; 2047 goto fail3; 2048 } 2049 2050 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2051 printf("%s: could not allocate Rx control xfer\n", 2052 USBDEVNAME(sc->sc_dev)); 2053 error = USBD_NOMEM; 2054 goto fail3; 2055 } 2056 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2057 if (rxblock == NULL) { 2058 printf("%s: could not allocate Rx control block\n", 2059 USBDEVNAME(sc->sc_dev)); 2060 error = USBD_NOMEM; 2061 goto fail4; 2062 } 2063 2064 bzero(txblock, sizeof (struct uath_fwblock)); 2065 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2066 txblock->total = htobe32(len); 2067 2068 while (len > 0) { 2069 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2070 2071 txblock->remain = htobe32(len - mlen); 2072 txblock->len = htobe32(mlen); 2073 2074 DPRINTF(("sending firmware block: %d bytes remaining\n", 2075 len - mlen)); 2076 2077 /* send firmware block meta-data */ 2078 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2079 sizeof (struct uath_fwblock), USBD_NO_COPY, 2080 UATH_CMD_TIMEOUT, NULL); 2081 if ((error = usbd_sync_transfer(ctlxfer)) != 0) { 2082 printf("%s: could not send firmware block info\n", 2083 USBDEVNAME(sc->sc_dev)); 2084 break; 2085 } 2086 2087 /* send firmware block data */ 2088 bcopy(fw, txdata, mlen); 2089 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2090 USBD_NO_COPY, UATH_DATA_TIMEOUT, NULL); 2091 if ((error = usbd_sync_transfer(txxfer)) != 0) { 2092 printf("%s: could not send firmware block data\n", 2093 USBDEVNAME(sc->sc_dev)); 2094 break; 2095 } 2096 2097 /* wait for ack from firmware */ 2098 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2099 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2100 USBD_NO_COPY, UATH_CMD_TIMEOUT, NULL); 2101 if ((error = usbd_sync_transfer(rxxfer)) != 0) { 2102 printf("%s: could not read firmware answer\n", 2103 USBDEVNAME(sc->sc_dev)); 2104 break; 2105 } 2106 2107 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2108 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2109 fw += mlen; 2110 len -= mlen; 2111 } 2112 2113 fail4: usbd_free_xfer(rxxfer); 2114 fail3: usbd_free_xfer(txxfer); 2115 fail2: usbd_free_xfer(ctlxfer); 2116 fail1: return error; 2117 } 2118 2119 Static int 2120 uath_activate(device_ptr_t self, enum devact act) 2121 { 2122 switch (act) { 2123 case DVACT_ACTIVATE: 2124 break; 2125 2126 case DVACT_DEACTIVATE: 2127 /*if_deactivate(&sc->sc_ic.ic_if);*/ 2128 break; 2129 } 2130 return 0; 2131 } 2132