1 /* $NetBSD: if_atu.c,v 1.61 2018/06/26 06:48:02 msaitoh Exp $ */ 2 /* $OpenBSD: if_atu.c,v 1.48 2004/12/30 01:53:21 dlg Exp $ */ 3 /* 4 * Copyright (c) 2003, 2004 5 * Daan Vreeken <Danovitsch@Vitsch.net>. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Daan Vreeken. 18 * 4. Neither the name of the author nor the names of any co-contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY Daan Vreeken AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL Daan Vreeken OR THE VOICES IN HIS HEAD 26 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 32 * THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 /* 36 * Atmel AT76c503 / AT76c503a / AT76c505 / AT76c505a USB WLAN driver 37 * version 0.5 - 2004-08-03 38 * 39 * Originally written by Daan Vreeken <Danovitsch @ Vitsch . net> 40 * http://vitsch.net/bsd/atuwi 41 * 42 * Contributed to by : 43 * Chris Whitehouse, Alistair Phillips, Peter Pilka, Martijn van Buul, 44 * Suihong Liang, Arjan van Leeuwen, Stuart Walsh 45 * 46 * Ported to OpenBSD by Theo de Raadt and David Gwynne. 47 * Ported to NetBSD by Jesse Off 48 */ 49 50 #include <sys/cdefs.h> 51 __KERNEL_RCSID(0, "$NetBSD: if_atu.c,v 1.61 2018/06/26 06:48:02 msaitoh Exp $"); 52 53 #ifdef _KERNEL_OPT 54 #include "opt_usb.h" 55 #endif 56 57 #include <sys/param.h> 58 #include <sys/sockio.h> 59 #include <sys/mbuf.h> 60 #include <sys/kernel.h> 61 #include <sys/socket.h> 62 #include <sys/systm.h> 63 #include <sys/kthread.h> 64 #include <sys/queue.h> 65 #include <sys/device.h> 66 67 #include <sys/bus.h> 68 69 #include <dev/usb/usb.h> 70 #include <dev/usb/usbdi.h> 71 #include <dev/usb/usbdi_util.h> 72 #include <dev/usb/usbdivar.h> 73 74 #include <dev/usb/usbdevs.h> 75 76 #include <dev/microcode/atmel/atmel_intersil_fw.h> 77 #include <dev/microcode/atmel/atmel_rfmd2958-smc_fw.h> 78 #include <dev/microcode/atmel/atmel_rfmd2958_fw.h> 79 #include <dev/microcode/atmel/atmel_rfmd_fw.h> 80 81 #include <net/bpf.h> 82 #include <net/if.h> 83 #include <net/if_dl.h> 84 #include <net/if_media.h> 85 #include <net/if_ether.h> 86 87 #ifdef INET 88 #include <netinet/in.h> 89 #include <netinet/if_ether.h> 90 #endif 91 92 #include <net80211/ieee80211_var.h> 93 #include <net80211/ieee80211_radiotap.h> 94 95 #include <dev/usb/if_atureg.h> 96 97 #ifdef ATU_DEBUG 98 #define DPRINTF(x) do { if (atudebug) printf x; } while (0) 99 #define DPRINTFN(n,x) do { if (atudebug>(n)) printf x; } while (0) 100 int atudebug = 1; 101 #else 102 #define DPRINTF(x) 103 #define DPRINTFN(n,x) 104 #endif 105 106 /* 107 * Various supported device vendors/products/radio type. 108 */ 109 static const struct atu_type atu_devs[] = { 110 { USB_VENDOR_3COM, USB_PRODUCT_3COM_3CRSHEW696, 111 RadioRFMD, ATU_NO_QUIRK }, 112 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_BWU613, 113 RadioRFMD, ATU_NO_QUIRK }, 114 { USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_2664W, 115 AT76C503_rfmd_acc, ATU_NO_QUIRK }, 116 { USB_VENDOR_ACERP, USB_PRODUCT_ACERP_AWL300, 117 RadioIntersil, ATU_NO_QUIRK }, 118 { USB_VENDOR_ACERP, USB_PRODUCT_ACERP_AWL400, 119 RadioRFMD, ATU_NO_QUIRK }, 120 { USB_VENDOR_ACTIONTEC, USB_PRODUCT_ACTIONTEC_UAT1, 121 RadioRFMD, ATU_NO_QUIRK }, 122 { USB_VENDOR_ADDTRON, USB_PRODUCT_ADDTRON_AWU120, 123 RadioIntersil, ATU_NO_QUIRK }, 124 { USB_VENDOR_AINCOMM, USB_PRODUCT_AINCOMM_AWU2000B, 125 RadioRFMD2958, ATU_NO_QUIRK }, 126 { USB_VENDOR_ASKEY, USB_PRODUCT_ASKEY_VOYAGER1010, 127 RadioIntersil, ATU_NO_QUIRK }, 128 { USB_VENDOR_ASKEY, USB_PRODUCT_ASKEY_WLL013I, 129 RadioIntersil, ATU_NO_QUIRK }, 130 { USB_VENDOR_ASKEY, USB_PRODUCT_ASKEY_WLL013, 131 RadioRFMD, ATU_NO_QUIRK }, 132 { USB_VENDOR_ATMEL, USB_PRODUCT_ATMEL_AT76C503I1, 133 RadioIntersil, ATU_NO_QUIRK }, 134 { USB_VENDOR_ATMEL, USB_PRODUCT_ATMEL_AT76C503I2, 135 AT76C503_i3863, ATU_NO_QUIRK }, 136 { USB_VENDOR_ATMEL, USB_PRODUCT_ATMEL_AT76C503RFMD, 137 RadioRFMD, ATU_NO_QUIRK }, 138 { USB_VENDOR_ATMEL, USB_PRODUCT_ATMEL_AT76C505RFMD, 139 AT76C505_rfmd, ATU_NO_QUIRK }, 140 { USB_VENDOR_ATMEL, USB_PRODUCT_ATMEL_AT76C505RFMD2958, 141 RadioRFMD2958, ATU_NO_QUIRK }, 142 { USB_VENDOR_ATMEL, USB_PRODUCT_ATMEL_AT76C505A, /* SMC2662 V.4 */ 143 RadioRFMD2958_SMC, ATU_QUIRK_NO_REMAP | ATU_QUIRK_FW_DELAY }, 144 { USB_VENDOR_ATMEL, USB_PRODUCT_ATMEL_AT76C505AS, /* quirk? */ 145 RadioRFMD2958_SMC, ATU_QUIRK_NO_REMAP | ATU_QUIRK_FW_DELAY }, 146 { USB_VENDOR_ATMEL, USB_PRODUCT_ATMEL_WN210, 147 RadioRFMD, ATU_NO_QUIRK }, 148 { USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F5D6050, 149 RadioRFMD, ATU_NO_QUIRK }, 150 { USB_VENDOR_CONCEPTRONIC, USB_PRODUCT_CONCEPTRONIC_C11U, 151 RadioIntersil, ATU_NO_QUIRK }, 152 { USB_VENDOR_CONCEPTRONIC, USB_PRODUCT_CONCEPTRONIC_WL210, 153 RadioIntersil, ATU_NO_QUIRK }, 154 { USB_VENDOR_COMPAQ, USB_PRODUCT_COMPAQ_IPAQWLAN, 155 RadioRFMD, ATU_NO_QUIRK }, 156 { USB_VENDOR_COREGA, USB_PRODUCT_COREGA_WLUSB_11_STICK, 157 RadioRFMD2958, ATU_NO_QUIRK }, 158 { USB_VENDOR_DICKSMITH, USB_PRODUCT_DICKSMITH_CHUSB611G, 159 RadioRFMD2958, ATU_NO_QUIRK }, 160 { USB_VENDOR_DICKSMITH, USB_PRODUCT_DICKSMITH_WL200U, 161 RadioRFMD, ATU_NO_QUIRK }, 162 { USB_VENDOR_DICKSMITH, USB_PRODUCT_DICKSMITH_WL240U, 163 RadioRFMD2958, ATU_NO_QUIRK }, 164 { USB_VENDOR_DICKSMITH, USB_PRODUCT_DICKSMITH_XH1153, 165 RadioRFMD, ATU_NO_QUIRK }, 166 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_DWL120E, 167 RadioRFMD, ATU_NO_QUIRK }, 168 { USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_GNWLBM101, 169 RadioRFMD, ATU_NO_QUIRK }, 170 { USB_VENDOR_GIGASET, USB_PRODUCT_GIGASET_WLAN, /* quirk? */ 171 RadioRFMD2958_SMC, ATU_QUIRK_NO_REMAP | ATU_QUIRK_FW_DELAY }, 172 { USB_VENDOR_HP, USB_PRODUCT_HP_HN210W, 173 RadioIntersil, ATU_NO_QUIRK }, 174 { USB_VENDOR_INTEL, USB_PRODUCT_INTEL_AP310, 175 RadioIntersil, ATU_NO_QUIRK }, 176 { USB_VENDOR_IODATA, USB_PRODUCT_IODATA_USBWNB11A, 177 RadioIntersil, ATU_NO_QUIRK }, 178 { USB_VENDOR_LEXAR, USB_PRODUCT_LEXAR_2662WAR, 179 RadioRFMD, ATU_NO_QUIRK }, 180 { USB_VENDOR_LINKSYS, USB_PRODUCT_LINKSYS_WUSB11, 181 RadioIntersil, ATU_NO_QUIRK }, 182 { USB_VENDOR_LINKSYS2, USB_PRODUCT_LINKSYS2_WUSB11, 183 RadioRFMD, ATU_NO_QUIRK }, 184 { USB_VENDOR_LINKSYS2, USB_PRODUCT_LINKSYS2_NWU11B, 185 RadioRFMD, ATU_NO_QUIRK }, 186 { USB_VENDOR_LINKSYS3, USB_PRODUCT_LINKSYS3_WUSB11V28, 187 RadioRFMD2958, ATU_NO_QUIRK }, 188 { USB_VENDOR_MSI, USB_PRODUCT_MSI_WLAN, 189 RadioRFMD2958, ATU_NO_QUIRK }, 190 { USB_VENDOR_NETGEAR2, USB_PRODUCT_NETGEAR2_MA101, 191 RadioIntersil, ATU_NO_QUIRK }, 192 { USB_VENDOR_NETGEAR2, USB_PRODUCT_NETGEAR2_MA101B, 193 RadioRFMD, ATU_NO_QUIRK }, 194 { USB_VENDOR_OQO, USB_PRODUCT_OQO_WIFI01, 195 RadioRFMD2958_SMC, ATU_QUIRK_NO_REMAP | ATU_QUIRK_FW_DELAY }, 196 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GW_US11S, 197 RadioRFMD, ATU_NO_QUIRK }, 198 { USB_VENDOR_SAMSUNG, USB_PRODUCT_SAMSUNG_SWL2100W, 199 AT76C503_i3863, ATU_NO_QUIRK }, 200 { USB_VENDOR_SIEMENS2, USB_PRODUCT_SIEMENS2_WLL013, 201 RadioRFMD, ATU_NO_QUIRK }, 202 { USB_VENDOR_SMC3, USB_PRODUCT_SMC3_2662WV1, 203 RadioIntersil, ATU_NO_QUIRK }, 204 { USB_VENDOR_SMC3, USB_PRODUCT_SMC3_2662WV2, 205 AT76C503_rfmd_acc, ATU_NO_QUIRK }, 206 { USB_VENDOR_TEKRAM, USB_PRODUCT_TEKRAM_U300C, 207 RadioIntersil, ATU_NO_QUIRK }, 208 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_M4Y750, 209 RadioIntersil, ATU_NO_QUIRK }, 210 }; 211 212 static const struct atu_radfirm { 213 enum atu_radio_type atur_type; 214 unsigned char *atur_internal; 215 size_t atur_internal_sz; 216 unsigned char *atur_external; 217 size_t atur_external_sz; 218 } atu_radfirm[] = { 219 { RadioRFMD, 220 atmel_fw_rfmd_int, sizeof(atmel_fw_rfmd_int), 221 atmel_fw_rfmd_ext, sizeof(atmel_fw_rfmd_ext) }, 222 { RadioRFMD2958, 223 atmel_fw_rfmd2958_int, sizeof(atmel_fw_rfmd2958_int), 224 atmel_fw_rfmd2958_ext, sizeof(atmel_fw_rfmd2958_ext) }, 225 { RadioRFMD2958_SMC, 226 atmel_fw_rfmd2958_smc_int, sizeof(atmel_fw_rfmd2958_smc_int), 227 atmel_fw_rfmd2958_smc_ext, sizeof(atmel_fw_rfmd2958_smc_ext) }, 228 { RadioIntersil, 229 atmel_fw_intersil_int, sizeof(atmel_fw_intersil_int), 230 atmel_fw_intersil_ext, sizeof(atmel_fw_intersil_ext) } 231 }; 232 233 int atu_newbuf(struct atu_softc *, struct atu_chain *, struct mbuf *); 234 void atu_rxeof(struct usbd_xfer *, void *, usbd_status); 235 void atu_txeof(struct usbd_xfer *, void *, usbd_status); 236 void atu_start(struct ifnet *); 237 int atu_ioctl(struct ifnet *, u_long, void *); 238 int atu_init(struct ifnet *); 239 void atu_stop(struct ifnet *, int); 240 void atu_watchdog(struct ifnet *); 241 usbd_status atu_usb_request(struct atu_softc *, uint8_t, 242 uint8_t, uint16_t, uint16_t, 243 uint16_t, uint8_t *); 244 int atu_send_command(struct atu_softc *, uint8_t *, int); 245 int atu_get_cmd_status(struct atu_softc *, uint8_t, 246 uint8_t *); 247 int atu_wait_completion(struct atu_softc *, uint8_t, 248 uint8_t *); 249 int atu_send_mib(struct atu_softc *, uint8_t, 250 uint8_t, uint8_t, void *); 251 int atu_get_mib(struct atu_softc *, uint8_t, 252 uint8_t, uint8_t, uint8_t *); 253 #if 0 254 int atu_start_ibss(struct atu_softc *); 255 #endif 256 int atu_start_scan(struct atu_softc *); 257 int atu_switch_radio(struct atu_softc *, int); 258 int atu_initial_config(struct atu_softc *); 259 int atu_join(struct atu_softc *, struct ieee80211_node *); 260 int8_t atu_get_dfu_state(struct atu_softc *); 261 uint8_t atu_get_opmode(struct atu_softc *, uint8_t *); 262 void atu_internal_firmware(device_t); 263 void atu_external_firmware(device_t); 264 int atu_get_card_config(struct atu_softc *); 265 int atu_media_change(struct ifnet *); 266 void atu_media_status(struct ifnet *, struct ifmediareq *); 267 int atu_tx_list_init(struct atu_softc *); 268 int atu_rx_list_init(struct atu_softc *); 269 void atu_xfer_list_free(struct atu_softc *, struct atu_chain *, 270 int); 271 272 #ifdef ATU_DEBUG 273 void atu_debug_print(struct atu_softc *); 274 #endif 275 276 void atu_task(void *); 277 int atu_newstate(struct ieee80211com *, enum ieee80211_state, int); 278 int atu_tx_start(struct atu_softc *, struct ieee80211_node *, 279 struct atu_chain *, struct mbuf *); 280 void atu_complete_attach(struct atu_softc *); 281 uint8_t atu_calculate_padding(int); 282 283 int atu_match(device_t, cfdata_t, void *); 284 void atu_attach(device_t, device_t, void *); 285 int atu_detach(device_t, int); 286 int atu_activate(device_t, enum devact); 287 extern struct cfdriver atu_cd; 288 CFATTACH_DECL_NEW(atu, sizeof(struct atu_softc), atu_match, atu_attach, 289 atu_detach, atu_activate); 290 291 usbd_status 292 atu_usb_request(struct atu_softc *sc, uint8_t type, 293 uint8_t request, uint16_t value, uint16_t index, uint16_t length, 294 uint8_t *data) 295 { 296 usb_device_request_t req; 297 struct usbd_xfer *xfer; 298 usbd_status err; 299 int total_len = 0, s; 300 301 req.bmRequestType = type; 302 req.bRequest = request; 303 USETW(req.wValue, value); 304 USETW(req.wIndex, index); 305 USETW(req.wLength, length); 306 307 #ifdef ATU_DEBUG 308 if (atudebug) { 309 DPRINTFN(20, ("%s: req=%02x val=%02x ind=%02x " 310 "len=%02x\n", device_xname(sc->atu_dev), request, 311 value, index, length)); 312 } 313 #endif /* ATU_DEBUG */ 314 315 s = splnet(); 316 317 struct usbd_pipe *pipe0 = usbd_get_pipe0(sc->atu_udev); 318 int error = usbd_create_xfer(pipe0, length, 0, 0, 319 &xfer); 320 if (error) { 321 splx(s); 322 return USBD_IOERROR; 323 } 324 usbd_setup_default_xfer(xfer, sc->atu_udev, 0, 500000, &req, data, 325 length, USBD_SHORT_XFER_OK, NULL); 326 327 err = usbd_sync_transfer(xfer); 328 329 usbd_get_xfer_status(xfer, NULL, NULL, &total_len, NULL); 330 331 #ifdef ATU_DEBUG 332 if (atudebug) { 333 if (type & UT_READ) { 334 DPRINTFN(20, ("%s: transfered 0x%x bytes in\n", 335 device_xname(sc->atu_dev), total_len)); 336 } else { 337 if (total_len != length) 338 DPRINTF(("%s: wrote only %x bytes\n", 339 device_xname(sc->atu_dev), total_len)); 340 } 341 } 342 #endif /* ATU_DEBUG */ 343 344 usbd_destroy_xfer(xfer); 345 346 splx(s); 347 return(err); 348 } 349 350 int 351 atu_send_command(struct atu_softc *sc, uint8_t *command, int size) 352 { 353 return atu_usb_request(sc, UT_WRITE_VENDOR_DEVICE, 0x0e, 0x0000, 354 0x0000, size, command); 355 } 356 357 int 358 atu_get_cmd_status(struct atu_softc *sc, uint8_t cmd, uint8_t *status) 359 { 360 /* 361 * all other drivers (including Windoze) request 40 bytes of status 362 * and get a short-xfer of just 6 bytes. we can save 34 bytes of 363 * buffer if we just request those 6 bytes in the first place :) 364 */ 365 /* 366 return atu_usb_request(sc, UT_READ_VENDOR_INTERFACE, 0x22, cmd, 367 0x0000, 40, status); 368 */ 369 return atu_usb_request(sc, UT_READ_VENDOR_INTERFACE, 0x22, cmd, 370 0x0000, 6, status); 371 } 372 373 int 374 atu_wait_completion(struct atu_softc *sc, uint8_t cmd, uint8_t *status) 375 { 376 int idle_count = 0, err; 377 uint8_t statusreq[6]; 378 379 DPRINTFN(15, ("%s: wait-completion: cmd=%02x\n", 380 device_xname(sc->atu_dev), cmd)); 381 382 while (1) { 383 err = atu_get_cmd_status(sc, cmd, statusreq); 384 if (err) 385 return err; 386 387 #ifdef ATU_DEBUG 388 if (atudebug) { 389 DPRINTFN(20, ("%s: status=%s cmd=%02x\n", 390 device_xname(sc->atu_dev), 391 ether_sprintf(statusreq), cmd)); 392 } 393 #endif /* ATU_DEBUG */ 394 395 /* 396 * during normal operations waiting on STATUS_IDLE 397 * will never happen more than once 398 */ 399 if ((statusreq[5] == STATUS_IDLE) && (idle_count++ > 20)) { 400 DPRINTF(("%s: idle_count > 20!\n", 401 device_xname(sc->atu_dev))); 402 return 0; 403 } 404 405 if ((statusreq[5] != STATUS_IN_PROGRESS) && 406 (statusreq[5] != STATUS_IDLE)) { 407 if (status != NULL) 408 *status = statusreq[5]; 409 return 0; 410 } 411 usbd_delay_ms(sc->atu_udev, 25); 412 } 413 } 414 415 int 416 atu_send_mib(struct atu_softc *sc, uint8_t type, uint8_t size, 417 uint8_t index, void *data) 418 { 419 int err; 420 struct atu_cmd_set_mib request; 421 422 /* 423 * We don't construct a MIB packet first and then memcpy it into an 424 * Atmel-command-packet, we just construct it the right way at once :) 425 */ 426 427 memset(&request, 0, sizeof(request)); 428 429 request.AtCmd = CMD_SET_MIB; 430 USETW(request.AtSize, size + 4); 431 432 request.MIBType = type; 433 request.MIBSize = size; 434 request.MIBIndex = index; 435 request.MIBReserved = 0; 436 437 /* 438 * For 1 and 2 byte requests we assume a direct value, 439 * everything bigger than 2 bytes we assume a pointer to the data 440 */ 441 switch (size) { 442 case 0: 443 break; 444 case 1: 445 request.data[0]=(long)data & 0x000000ff; 446 break; 447 case 2: 448 request.data[0]=(long)data & 0x000000ff; 449 request.data[1]=(long)data >> 8; 450 break; 451 default: 452 memcpy(request.data, data, size); 453 break; 454 } 455 456 err = atu_usb_request(sc, UT_WRITE_VENDOR_DEVICE, 0x0e, 0x0000, 457 0x0000, size+8, (uByte *)&request); 458 if (err) 459 return err; 460 461 DPRINTFN(15, ("%s: sendmib : waitcompletion...\n", 462 device_xname(sc->atu_dev))); 463 return atu_wait_completion(sc, CMD_SET_MIB, NULL); 464 } 465 466 int 467 atu_get_mib(struct atu_softc *sc, uint8_t type, uint8_t size, 468 uint8_t index, uint8_t *buf) 469 { 470 471 /* linux/at76c503.c - 478 */ 472 return atu_usb_request(sc, UT_READ_VENDOR_INTERFACE, 0x033, 473 type << 8, index, size, buf); 474 } 475 476 #if 0 477 int 478 atu_start_ibss(struct atu_softc *sc) 479 { 480 struct ieee80211com *ic = &sc->sc_ic; 481 int err; 482 struct atu_cmd_start_ibss Request; 483 484 Request.Cmd = CMD_START_IBSS; 485 Request.Reserved = 0; 486 Request.Size = sizeof(Request) - 4; 487 488 memset(Request.BSSID, 0x00, sizeof(Request.BSSID)); 489 memset(Request.SSID, 0x00, sizeof(Request.SSID)); 490 memcpy(Request.SSID, ic->ic_des_ssid, ic->ic_des_ssidlen); 491 Request.SSIDSize = ic->ic_des_ssidlen; 492 if (sc->atu_desired_channel != IEEE80211_CHAN_ANY) 493 Request.Channel = (uint8_t)sc->atu_desired_channel; 494 else 495 Request.Channel = ATU_DEFAULT_CHANNEL; 496 Request.BSSType = AD_HOC_MODE; 497 memset(Request.Res, 0x00, sizeof(Request.Res)); 498 499 /* Write config to adapter */ 500 err = atu_send_command(sc, (uint8_t *)&Request, sizeof(Request)); 501 if (err) { 502 DPRINTF(("%s: start ibss failed!\n", 503 device_xname(sc->atu_dev))); 504 return err; 505 } 506 507 /* Wait for the adapter to do its thing */ 508 err = atu_wait_completion(sc, CMD_START_IBSS, NULL); 509 if (err) { 510 DPRINTF(("%s: error waiting for start_ibss\n", 511 device_xname(sc->atu_dev))); 512 return err; 513 } 514 515 /* Get the current BSSID */ 516 err = atu_get_mib(sc, MIB_MAC_MGMT__CURRENT_BSSID, sc->atu_bssid); 517 if (err) { 518 DPRINTF(("%s: could not get BSSID!\n", 519 device_xname(sc->atu_dev))); 520 return err; 521 } 522 523 DPRINTF(("%s: started a new IBSS (BSSID=%s)\n", 524 device_xname(sc->atu_dev), ether_sprintf(sc->atu_bssid))); 525 return 0; 526 } 527 #endif 528 529 int 530 atu_start_scan(struct atu_softc *sc) 531 { 532 struct ieee80211com *ic = &sc->sc_ic; 533 struct atu_cmd_do_scan Scan; 534 usbd_status err; 535 int Cnt; 536 537 memset(&Scan, 0, sizeof(Scan)); 538 539 Scan.Cmd = CMD_START_SCAN; 540 Scan.Reserved = 0; 541 USETW(Scan.Size, sizeof(Scan) - 4); 542 543 /* use the broadcast BSSID (in active scan) */ 544 for (Cnt=0; Cnt<6; Cnt++) 545 Scan.BSSID[Cnt] = 0xff; 546 547 memset(Scan.SSID, 0x00, sizeof(Scan.SSID)); 548 memcpy(Scan.SSID, ic->ic_des_essid, ic->ic_des_esslen); 549 Scan.SSID_Len = ic->ic_des_esslen; 550 551 /* default values for scan */ 552 Scan.ScanType = ATU_SCAN_ACTIVE; 553 if (sc->atu_desired_channel != IEEE80211_CHAN_ANY) 554 Scan.Channel = (uint8_t)sc->atu_desired_channel; 555 else 556 Scan.Channel = sc->atu_channel; 557 558 ic->ic_curchan = &ic->ic_channels[Scan.Channel]; 559 560 /* we like scans to be quick :) */ 561 /* the time we wait before sending probe's */ 562 USETW(Scan.ProbeDelay, 0); 563 /* the time we stay on one channel */ 564 USETW(Scan.MinChannelTime, 100); 565 USETW(Scan.MaxChannelTime, 200); 566 /* whether or not we scan all channels */ 567 Scan.InternationalScan = 0xc1; 568 569 #ifdef ATU_DEBUG 570 if (atudebug) { 571 DPRINTFN(20, ("%s: scan cmd len=%02zx\n", 572 device_xname(sc->atu_dev), sizeof(Scan))); 573 } 574 #endif /* ATU_DEBUG */ 575 576 /* Write config to adapter */ 577 err = atu_send_command(sc, (uint8_t *)&Scan, sizeof(Scan)); 578 if (err) 579 return err; 580 581 /* 582 * We don't wait for the command to finish... the mgmt-thread will do 583 * that for us 584 */ 585 /* 586 err = atu_wait_completion(sc, CMD_START_SCAN, NULL); 587 if (err) 588 return err; 589 */ 590 return 0; 591 } 592 593 int 594 atu_switch_radio(struct atu_softc *sc, int state) 595 { 596 usbd_status err; 597 struct atu_cmd CmdRadio; 598 599 if (sc->atu_radio == RadioIntersil) { 600 /* 601 * Intersil doesn't seem to need/support switching the radio 602 * on/off 603 */ 604 return 0; 605 } 606 607 memset(&CmdRadio, 0, sizeof(CmdRadio)); 608 CmdRadio.Cmd = CMD_RADIO_ON; 609 610 if (sc->atu_radio_on != state) { 611 if (state == 0) 612 CmdRadio.Cmd = CMD_RADIO_OFF; 613 614 err = atu_send_command(sc, (uint8_t *)&CmdRadio, 615 sizeof(CmdRadio)); 616 if (err) 617 return err; 618 619 err = atu_wait_completion(sc, CmdRadio.Cmd, NULL); 620 if (err) 621 return err; 622 623 DPRINTFN(10, ("%s: radio turned %s\n", 624 device_xname(sc->atu_dev), state ? "on" : "off")); 625 sc->atu_radio_on = state; 626 } 627 return 0; 628 } 629 630 int 631 atu_initial_config(struct atu_softc *sc) 632 { 633 struct ieee80211com *ic = &sc->sc_ic; 634 uint32_t i; 635 usbd_status err; 636 /* uint8_t rates[4] = {0x82, 0x84, 0x8B, 0x96};*/ 637 uint8_t rates[4] = {0x82, 0x04, 0x0B, 0x16}; 638 struct atu_cmd_card_config cmd; 639 uint8_t reg_domain; 640 641 DPRINTFN(10, ("%s: sending mac-addr\n", device_xname(sc->atu_dev))); 642 err = atu_send_mib(sc, MIB_MAC_ADDR__ADDR, ic->ic_myaddr); 643 if (err) { 644 DPRINTF(("%s: error setting mac-addr\n", 645 device_xname(sc->atu_dev))); 646 return err; 647 } 648 649 /* 650 DPRINTF(("%s: sending reg-domain\n", device_xname(sc->atu_dev))); 651 err = atu_send_mib(sc, MIB_PHY__REG_DOMAIN, NR(0x30)); 652 if (err) { 653 DPRINTF(("%s: error setting mac-addr\n", 654 device_xname(sc->atu_dev))); 655 return err; 656 } 657 */ 658 659 memset(&cmd, 0, sizeof(cmd)); 660 cmd.Cmd = CMD_STARTUP; 661 cmd.Reserved = 0; 662 USETW(cmd.Size, sizeof(cmd) - 4); 663 664 if (sc->atu_desired_channel != IEEE80211_CHAN_ANY) 665 cmd.Channel = (uint8_t)sc->atu_desired_channel; 666 else 667 cmd.Channel = sc->atu_channel; 668 cmd.AutoRateFallback = 1; 669 memcpy(cmd.BasicRateSet, rates, 4); 670 671 /* ShortRetryLimit should be 7 according to 802.11 spec */ 672 cmd.ShortRetryLimit = 7; 673 USETW(cmd.RTS_Threshold, 2347); 674 USETW(cmd.FragThreshold, 2346); 675 676 /* Doesn't seem to work, but we'll set it to 1 anyway */ 677 cmd.PromiscuousMode = 1; 678 679 /* this goes into the beacon we transmit */ 680 if (ic->ic_flags & IEEE80211_F_PRIVACY) 681 cmd.PrivacyInvoked = 1; 682 else 683 cmd.PrivacyInvoked = 0; 684 685 cmd.ExcludeUnencrypted = 0; 686 687 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 688 switch (ic->ic_nw_keys[ic->ic_def_txkey].wk_keylen) { 689 case 5: 690 cmd.EncryptionType = ATU_WEP_40BITS; 691 break; 692 case 13: 693 cmd.EncryptionType = ATU_WEP_104BITS; 694 break; 695 default: 696 cmd.EncryptionType = ATU_WEP_OFF; 697 break; 698 } 699 700 701 cmd.WEP_DefaultKeyID = ic->ic_def_txkey; 702 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 703 memcpy(cmd.WEP_DefaultKey[i], ic->ic_nw_keys[i].wk_key, 704 ic->ic_nw_keys[i].wk_keylen); 705 } 706 } 707 708 /* Setting the SSID here doesn't seem to do anything */ 709 memset(cmd.SSID, 0x00, sizeof(cmd.SSID)); 710 memcpy(cmd.SSID, ic->ic_des_essid, ic->ic_des_esslen); 711 cmd.SSID_Len = ic->ic_des_esslen; 712 713 cmd.ShortPreamble = 0; 714 USETW(cmd.BeaconPeriod, 100); 715 /* cmd.BeaconPeriod = 65535; */ 716 717 /* 718 * TODO: 719 * read reg domain MIB_PHY @ 0x17 (1 byte), (reply = 0x30) 720 * we should do something useful with this info. right now it's just 721 * ignored 722 */ 723 err = atu_get_mib(sc, MIB_PHY__REG_DOMAIN, ®_domain); 724 if (err) { 725 DPRINTF(("%s: could not get regdomain!\n", 726 device_xname(sc->atu_dev))); 727 } else { 728 DPRINTF(("%s: in reg domain 0x%x according to the " 729 "adapter\n", device_xname(sc->atu_dev), reg_domain)); 730 } 731 732 #ifdef ATU_DEBUG 733 if (atudebug) { 734 DPRINTFN(20, ("%s: configlen=%02zx\n", device_xname(sc->atu_dev), 735 sizeof(cmd))); 736 } 737 #endif /* ATU_DEBUG */ 738 739 /* Windoze : driver says exclude-unencrypted=1 & encr-type=1 */ 740 741 err = atu_send_command(sc, (uint8_t *)&cmd, sizeof(cmd)); 742 if (err) 743 return err; 744 err = atu_wait_completion(sc, CMD_STARTUP, NULL); 745 if (err) 746 return err; 747 748 /* Turn on radio now */ 749 err = atu_switch_radio(sc, 1); 750 if (err) 751 return err; 752 753 /* preamble type = short */ 754 err = atu_send_mib(sc, MIB_LOCAL__PREAMBLE, NR(PREAMBLE_SHORT)); 755 if (err) 756 return err; 757 758 /* frag = 1536 */ 759 err = atu_send_mib(sc, MIB_MAC__FRAG, NR(2346)); 760 if (err) 761 return err; 762 763 /* rts = 1536 */ 764 err = atu_send_mib(sc, MIB_MAC__RTS, NR(2347)); 765 if (err) 766 return err; 767 768 /* auto rate fallback = 1 */ 769 err = atu_send_mib(sc, MIB_LOCAL__AUTO_RATE_FALLBACK, NR(1)); 770 if (err) 771 return err; 772 773 /* power mode = full on, no power saving */ 774 err = atu_send_mib(sc, MIB_MAC_MGMT__POWER_MODE, 775 NR(POWER_MODE_ACTIVE)); 776 if (err) 777 return err; 778 779 DPRINTFN(10, ("%s: completed initial config\n", 780 device_xname(sc->atu_dev))); 781 return 0; 782 } 783 784 int 785 atu_join(struct atu_softc *sc, struct ieee80211_node *node) 786 { 787 struct atu_cmd_join join; 788 uint8_t status = 0; /* XXX: GCC */ 789 usbd_status err; 790 791 memset(&join, 0, sizeof(join)); 792 793 join.Cmd = CMD_JOIN; 794 join.Reserved = 0x00; 795 USETW(join.Size, sizeof(join) - 4); 796 797 DPRINTFN(15, ("%s: pre-join sc->atu_bssid=%s\n", 798 device_xname(sc->atu_dev), ether_sprintf(sc->atu_bssid))); 799 DPRINTFN(15, ("%s: mode=%d\n", device_xname(sc->atu_dev), 800 sc->atu_mode)); 801 memcpy(join.bssid, node->ni_bssid, IEEE80211_ADDR_LEN); 802 memset(join.essid, 0x00, 32); 803 memcpy(join.essid, node->ni_essid, node->ni_esslen); 804 join.essid_size = node->ni_esslen; 805 if (node->ni_capinfo & IEEE80211_CAPINFO_IBSS) 806 join.bss_type = AD_HOC_MODE; 807 else 808 join.bss_type = INFRASTRUCTURE_MODE; 809 join.channel = ieee80211_chan2ieee(&sc->sc_ic, node->ni_chan); 810 811 USETW(join.timeout, ATU_JOIN_TIMEOUT); 812 join.reserved = 0x00; 813 814 DPRINTFN(10, ("%s: trying to join BSSID=%s\n", 815 device_xname(sc->atu_dev), ether_sprintf(join.bssid))); 816 err = atu_send_command(sc, (uint8_t *)&join, sizeof(join)); 817 if (err) { 818 DPRINTF(("%s: ERROR trying to join IBSS\n", 819 device_xname(sc->atu_dev))); 820 return err; 821 } 822 err = atu_wait_completion(sc, CMD_JOIN, &status); 823 if (err) { 824 DPRINTF(("%s: error joining BSS!\n", 825 device_xname(sc->atu_dev))); 826 return err; 827 } 828 if (status != STATUS_COMPLETE) { 829 DPRINTF(("%s: error joining... [status=%02x]\n", 830 device_xname(sc->atu_dev), status)); 831 return status; 832 } else { 833 DPRINTFN(10, ("%s: joined BSS\n", device_xname(sc->atu_dev))); 834 } 835 return err; 836 } 837 838 /* 839 * Get the state of the DFU unit 840 */ 841 int8_t 842 atu_get_dfu_state(struct atu_softc *sc) 843 { 844 uint8_t state; 845 846 if (atu_usb_request(sc, DFU_GETSTATE, 0, 0, 1, &state)) 847 return -1; 848 return state; 849 } 850 851 /* 852 * Get MAC opmode 853 */ 854 uint8_t 855 atu_get_opmode(struct atu_softc *sc, uint8_t *mode) 856 { 857 858 return atu_usb_request(sc, UT_READ_VENDOR_INTERFACE, 0x33, 0x0001, 859 0x0000, 1, mode); 860 } 861 862 /* 863 * Upload the internal firmware into the device 864 */ 865 void 866 atu_internal_firmware(device_t arg) 867 { 868 struct atu_softc *sc = device_private(arg); 869 u_char state, *ptr = NULL, *firm = NULL, status[6]; 870 int block_size, block = 0, err, i; 871 size_t bytes_left = 0; 872 873 /* 874 * Uploading firmware is done with the DFU (Device Firmware Upgrade) 875 * interface. See "Universal Serial Bus - Device Class Specification 876 * for Device Firmware Upgrade" pdf for details of the protocol. 877 * Maybe this could be moved to a separate 'firmware driver' once more 878 * device drivers need it... For now we'll just do it here. 879 * 880 * Just for your information, the Atmel's DFU descriptor looks like 881 * this: 882 * 883 * 07 size 884 * 21 type 885 * 01 capabilities : only firmware download, need reset 886 * after download 887 * 13 05 detach timeout : max 1299ms between DFU_DETACH and 888 * reset 889 * 00 04 max bytes of firmware per transaction : 1024 890 */ 891 892 /* Choose the right firmware for the device */ 893 for (i = 0; i < __arraycount(atu_radfirm); i++) 894 if (sc->atu_radio == atu_radfirm[i].atur_type) { 895 firm = atu_radfirm[i].atur_internal; 896 bytes_left = atu_radfirm[i].atur_internal_sz; 897 } 898 899 if (firm == NULL) { 900 aprint_error_dev(arg, "no firmware found\n"); 901 return; 902 } 903 904 ptr = firm; 905 state = atu_get_dfu_state(sc); 906 907 while (block >= 0 && state > 0) { 908 switch (state) { 909 case DFUState_DnLoadSync: 910 /* get DFU status */ 911 err = atu_usb_request(sc, DFU_GETSTATUS, 0, 0 , 6, 912 status); 913 if (err) { 914 DPRINTF(("%s: dfu_getstatus failed!\n", 915 device_xname(sc->atu_dev))); 916 return; 917 } 918 /* success means state => DnLoadIdle */ 919 state = DFUState_DnLoadIdle; 920 continue; 921 break; 922 923 case DFUState_DFUIdle: 924 case DFUState_DnLoadIdle: 925 if (bytes_left>=DFU_MaxBlockSize) 926 block_size = DFU_MaxBlockSize; 927 else 928 block_size = bytes_left; 929 DPRINTFN(15, ("%s: firmware block %d\n", 930 device_xname(sc->atu_dev), block)); 931 932 err = atu_usb_request(sc, DFU_DNLOAD, block++, 0, 933 block_size, ptr); 934 if (err) { 935 DPRINTF(("%s: dfu_dnload failed\n", 936 device_xname(sc->atu_dev))); 937 return; 938 } 939 940 ptr += block_size; 941 bytes_left -= block_size; 942 if (block_size == 0) 943 block = -1; 944 break; 945 946 default: 947 usbd_delay_ms(sc->atu_udev, 100); 948 DPRINTFN(20, ("%s: sleeping for a while\n", 949 device_xname(sc->atu_dev))); 950 break; 951 } 952 953 state = atu_get_dfu_state(sc); 954 } 955 956 if (state != DFUState_ManifestSync) { 957 DPRINTF(("%s: state != manifestsync... eek!\n", 958 device_xname(sc->atu_dev))); 959 } 960 961 err = atu_usb_request(sc, DFU_GETSTATUS, 0, 0, 6, status); 962 if (err) { 963 DPRINTF(("%s: dfu_getstatus failed!\n", 964 device_xname(sc->atu_dev))); 965 return; 966 } 967 968 DPRINTFN(15, ("%s: sending remap\n", device_xname(sc->atu_dev))); 969 err = atu_usb_request(sc, DFU_REMAP, 0, 0, 0, NULL); 970 if ((err) && !(sc->atu_quirk & ATU_QUIRK_NO_REMAP)) { 971 DPRINTF(("%s: remap failed!\n", device_xname(sc->atu_dev))); 972 return; 973 } 974 975 /* after a lot of trying and measuring I found out the device needs 976 * about 56 miliseconds after sending the remap command before 977 * it's ready to communicate again. So we'll wait just a little bit 978 * longer than that to be sure... 979 */ 980 usbd_delay_ms(sc->atu_udev, 56+100); 981 982 aprint_error_dev(arg, "reattaching after firmware upload\n"); 983 usb_needs_reattach(sc->atu_udev); 984 } 985 986 void 987 atu_external_firmware(device_t arg) 988 { 989 struct atu_softc *sc = device_private(arg); 990 u_char *ptr = NULL, *firm = NULL; 991 int block_size, block = 0, err, i; 992 size_t bytes_left = 0; 993 994 for (i = 0; i < __arraycount(atu_radfirm); i++) 995 if (sc->atu_radio == atu_radfirm[i].atur_type) { 996 firm = atu_radfirm[i].atur_external; 997 bytes_left = atu_radfirm[i].atur_external_sz; 998 } 999 1000 if (firm == NULL) { 1001 aprint_error_dev(arg, "no firmware found\n"); 1002 return; 1003 } 1004 ptr = firm; 1005 1006 while (bytes_left) { 1007 if (bytes_left > 1024) 1008 block_size = 1024; 1009 else 1010 block_size = bytes_left; 1011 1012 DPRINTFN(15, ("%s: block:%d size:%d\n", 1013 device_xname(sc->atu_dev), block, block_size)); 1014 err = atu_usb_request(sc, UT_WRITE_VENDOR_DEVICE, 0x0e, 1015 0x0802, block, block_size, ptr); 1016 if (err) { 1017 DPRINTF(("%s: could not load external firmware " 1018 "block\n", device_xname(sc->atu_dev))); 1019 return; 1020 } 1021 1022 ptr += block_size; 1023 block++; 1024 bytes_left -= block_size; 1025 } 1026 1027 err = atu_usb_request(sc, UT_WRITE_VENDOR_DEVICE, 0x0e, 0x0802, 1028 block, 0, NULL); 1029 if (err) { 1030 DPRINTF(("%s: could not load last zero-length firmware " 1031 "block\n", device_xname(sc->atu_dev))); 1032 return; 1033 } 1034 1035 /* 1036 * The SMC2662w V.4 seems to require some time to do its thing with 1037 * the external firmware... 20 ms isn't enough, but 21 ms works 100 1038 * times out of 100 tries. We'll wait a bit longer just to be sure 1039 */ 1040 if (sc->atu_quirk & ATU_QUIRK_FW_DELAY) 1041 usbd_delay_ms(sc->atu_udev, 21 + 100); 1042 1043 DPRINTFN(10, ("%s: external firmware upload done\n", 1044 device_xname(sc->atu_dev))); 1045 /* complete configuration after the firmwares have been uploaded */ 1046 atu_complete_attach(sc); 1047 } 1048 1049 int 1050 atu_get_card_config(struct atu_softc *sc) 1051 { 1052 struct ieee80211com *ic = &sc->sc_ic; 1053 struct atu_rfmd_conf rfmd_conf; 1054 struct atu_intersil_conf intersil_conf; 1055 int err; 1056 1057 switch (sc->atu_radio) { 1058 1059 case RadioRFMD: 1060 case RadioRFMD2958: 1061 case RadioRFMD2958_SMC: 1062 case AT76C503_rfmd_acc: 1063 case AT76C505_rfmd: 1064 err = atu_usb_request(sc, UT_READ_VENDOR_INTERFACE, 0x33, 1065 0x0a02, 0x0000, sizeof(rfmd_conf), 1066 (uint8_t *)&rfmd_conf); 1067 if (err) { 1068 DPRINTF(("%s: could not get rfmd config!\n", 1069 device_xname(sc->atu_dev))); 1070 return err; 1071 } 1072 memcpy(ic->ic_myaddr, rfmd_conf.MACAddr, IEEE80211_ADDR_LEN); 1073 break; 1074 1075 case RadioIntersil: 1076 case AT76C503_i3863: 1077 err = atu_usb_request(sc, UT_READ_VENDOR_INTERFACE, 0x33, 1078 0x0902, 0x0000, sizeof(intersil_conf), 1079 (uint8_t *)&intersil_conf); 1080 if (err) { 1081 DPRINTF(("%s: could not get intersil config!\n", 1082 device_xname(sc->atu_dev))); 1083 return err; 1084 } 1085 memcpy(ic->ic_myaddr, intersil_conf.MACAddr, 1086 IEEE80211_ADDR_LEN); 1087 break; 1088 } 1089 return 0; 1090 } 1091 1092 /* 1093 * Probe for an AT76c503 chip. 1094 */ 1095 int 1096 atu_match(device_t parent, cfdata_t match, void *aux) 1097 { 1098 struct usb_attach_arg *uaa = aux; 1099 int i; 1100 1101 for (i = 0; i < __arraycount(atu_devs); i++) { 1102 const struct atu_type *t = &atu_devs[i]; 1103 1104 if (uaa->uaa_vendor == t->atu_vid && 1105 uaa->uaa_product == t->atu_pid) { 1106 return(UMATCH_VENDOR_PRODUCT); 1107 } 1108 } 1109 return(UMATCH_NONE); 1110 } 1111 1112 int 1113 atu_media_change(struct ifnet *ifp) 1114 { 1115 struct atu_softc *sc = ifp->if_softc; 1116 struct ieee80211com *ic = &sc->sc_ic; 1117 int err, s; 1118 1119 DPRINTFN(10, ("%s: atu_media_change\n", device_xname(sc->atu_dev))); 1120 1121 err = ieee80211_media_change(ifp); 1122 if (err == ENETRESET) { 1123 if ((ifp->if_flags & (IFF_RUNNING|IFF_UP)) == 1124 (IFF_RUNNING|IFF_UP)) { 1125 s = splnet(); 1126 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 1127 atu_initial_config(sc); 1128 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1129 splx(s); 1130 } 1131 err = 0; 1132 } 1133 1134 return err; 1135 } 1136 1137 void 1138 atu_media_status(struct ifnet *ifp, struct ifmediareq *req) 1139 { 1140 #ifdef ATU_DEBUG 1141 struct atu_softc *sc = ifp->if_softc; 1142 #endif /* ATU_DEBUG */ 1143 1144 DPRINTFN(10, ("%s: atu_media_status\n", device_xname(sc->atu_dev))); 1145 1146 ieee80211_media_status(ifp, req); 1147 } 1148 1149 void 1150 atu_task(void *arg) 1151 { 1152 struct atu_softc *sc = (struct atu_softc *)arg; 1153 struct ieee80211com *ic = &sc->sc_ic; 1154 usbd_status err; 1155 int s; 1156 1157 DPRINTFN(10, ("%s: atu_task\n", device_xname(sc->atu_dev))); 1158 1159 if (sc->sc_state != ATU_S_OK) 1160 return; 1161 1162 switch (sc->sc_cmd) { 1163 case ATU_C_SCAN: 1164 1165 err = atu_start_scan(sc); 1166 if (err) { 1167 DPRINTFN(1, ("%s: atu_task: couldn't start scan!\n", 1168 device_xname(sc->atu_dev))); 1169 return; 1170 } 1171 1172 err = atu_wait_completion(sc, CMD_START_SCAN, NULL); 1173 if (err) { 1174 DPRINTF(("%s: atu_task: error waiting for scan\n", 1175 device_xname(sc->atu_dev))); 1176 return; 1177 } 1178 1179 DPRINTF(("%s: ==========================> END OF SCAN!\n", 1180 device_xname(sc->atu_dev))); 1181 1182 s = splnet(); 1183 ieee80211_next_scan(ic); 1184 splx(s); 1185 1186 DPRINTF(("%s: ----------------------======> END OF SCAN2!\n", 1187 device_xname(sc->atu_dev))); 1188 break; 1189 1190 case ATU_C_JOIN: 1191 atu_join(sc, ic->ic_bss); 1192 } 1193 } 1194 1195 int 1196 atu_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1197 { 1198 struct ifnet *ifp = ic->ic_ifp; 1199 struct atu_softc *sc = ifp->if_softc; 1200 enum ieee80211_state ostate = ic->ic_state; 1201 1202 DPRINTFN(10, ("%s: atu_newstate: %s -> %s\n", device_xname(sc->atu_dev), 1203 ieee80211_state_name[ostate], ieee80211_state_name[nstate])); 1204 1205 switch (nstate) { 1206 case IEEE80211_S_SCAN: 1207 memcpy(ic->ic_chan_scan, ic->ic_chan_active, 1208 sizeof(ic->ic_chan_active)); 1209 ieee80211_node_table_reset(&ic->ic_scan); 1210 1211 /* tell the event thread that we want a scan */ 1212 sc->sc_cmd = ATU_C_SCAN; 1213 usb_add_task(sc->atu_udev, &sc->sc_task, USB_TASKQ_DRIVER); 1214 1215 /* handle this ourselves */ 1216 ic->ic_state = nstate; 1217 return 0; 1218 1219 case IEEE80211_S_AUTH: 1220 case IEEE80211_S_RUN: 1221 if (ostate == IEEE80211_S_SCAN) { 1222 sc->sc_cmd = ATU_C_JOIN; 1223 usb_add_task(sc->atu_udev, &sc->sc_task, 1224 USB_TASKQ_DRIVER); 1225 } 1226 break; 1227 default: 1228 /* nothing to do */ 1229 break; 1230 } 1231 1232 return (*sc->sc_newstate)(ic, nstate, arg); 1233 } 1234 1235 /* 1236 * Attach the interface. Allocate softc structures, do 1237 * setup and ethernet/BPF attach. 1238 */ 1239 void 1240 atu_attach(device_t parent, device_t self, void *aux) 1241 { 1242 struct atu_softc *sc = device_private(self); 1243 struct usb_attach_arg *uaa = aux; 1244 char *devinfop; 1245 usbd_status err; 1246 struct usbd_device *dev = uaa->uaa_device; 1247 uint8_t mode, channel; 1248 int i; 1249 1250 sc->atu_dev = self; 1251 sc->sc_state = ATU_S_UNCONFIG; 1252 1253 aprint_naive("\n"); 1254 aprint_normal("\n"); 1255 1256 devinfop = usbd_devinfo_alloc(dev, 0); 1257 aprint_normal_dev(self, "%s\n", devinfop); 1258 usbd_devinfo_free(devinfop); 1259 1260 err = usbd_set_config_no(dev, ATU_CONFIG_NO, 1); 1261 if (err) { 1262 aprint_error_dev(self, "failed to set configuration" 1263 ", err=%s\n", usbd_errstr(err)); 1264 return; 1265 } 1266 1267 err = usbd_device2interface_handle(dev, ATU_IFACE_IDX, &sc->atu_iface); 1268 if (err) { 1269 aprint_error_dev(self, "getting interface handle failed\n"); 1270 return; 1271 } 1272 1273 sc->atu_unit = device_unit(self); 1274 sc->atu_udev = dev; 1275 1276 /* 1277 * look up the radio_type for the device 1278 * basically does the same as atu_match 1279 */ 1280 for (i = 0; i < __arraycount(atu_devs); i++) { 1281 const struct atu_type *t = &atu_devs[i]; 1282 1283 if (uaa->uaa_vendor == t->atu_vid && 1284 uaa->uaa_product == t->atu_pid) { 1285 sc->atu_radio = t->atu_radio; 1286 sc->atu_quirk = t->atu_quirk; 1287 } 1288 } 1289 1290 /* 1291 * Check in the interface descriptor if we're in DFU mode 1292 * If we're in DFU mode, we upload the external firmware 1293 * If we're not, the PC must have rebooted without power-cycling 1294 * the device.. I've tried this out, a reboot only requeres the 1295 * external firmware to be reloaded :) 1296 * 1297 * Hmm. The at76c505a doesn't report a DFU descriptor when it's 1298 * in DFU mode... Let's just try to get the opmode 1299 */ 1300 err = atu_get_opmode(sc, &mode); 1301 DPRINTFN(20, ("%s: opmode: %d\n", device_xname(sc->atu_dev), mode)); 1302 if (err || (mode != MODE_NETCARD && mode != MODE_NOFLASHNETCARD)) { 1303 DPRINTF(("%s: starting internal firmware download\n", 1304 device_xname(sc->atu_dev))); 1305 1306 atu_internal_firmware(sc->atu_dev); 1307 /* 1308 * atu_internal_firmware will cause a reset of the device 1309 * so we don't want to do any more configuration after this 1310 * point. 1311 */ 1312 return; 1313 } 1314 1315 if (mode != MODE_NETCARD) { 1316 DPRINTFN(15, ("%s: device needs external firmware\n", 1317 device_xname(sc->atu_dev))); 1318 1319 if (mode != MODE_NOFLASHNETCARD) { 1320 DPRINTF(("%s: unexpected opmode=%d\n", 1321 device_xname(sc->atu_dev), mode)); 1322 } 1323 1324 /* 1325 * There is no difference in opmode before and after external 1326 * firmware upload with the SMC2662 V.4 . So instead we'll try 1327 * to read the channel number. If we succeed, external 1328 * firmwaremust have been already uploaded... 1329 */ 1330 if (sc->atu_radio != RadioIntersil) { 1331 err = atu_get_mib(sc, MIB_PHY__CHANNEL, &channel); 1332 if (!err) { 1333 DPRINTF(("%s: external firmware has already" 1334 " been downloaded\n", 1335 device_xname(sc->atu_dev))); 1336 atu_complete_attach(sc); 1337 return; 1338 } 1339 } 1340 1341 atu_external_firmware(sc->atu_dev); 1342 1343 /* 1344 * atu_external_firmware will call atu_complete_attach after 1345 * it's finished so we can just return. 1346 */ 1347 } else { 1348 /* all the firmwares are in place, so complete the attach */ 1349 atu_complete_attach(sc); 1350 } 1351 1352 return; 1353 } 1354 1355 void 1356 atu_complete_attach(struct atu_softc *sc) 1357 { 1358 struct ieee80211com *ic = &sc->sc_ic; 1359 struct ifnet *ifp = &sc->sc_if; 1360 usb_interface_descriptor_t *id; 1361 usb_endpoint_descriptor_t *ed; 1362 usbd_status err; 1363 int i; 1364 #ifdef ATU_DEBUG 1365 struct atu_fw fw; 1366 #endif 1367 1368 id = usbd_get_interface_descriptor(sc->atu_iface); 1369 1370 /* Find endpoints. */ 1371 for (i = 0; i < id->bNumEndpoints; i++) { 1372 ed = usbd_interface2endpoint_descriptor(sc->atu_iface, i); 1373 if (!ed) { 1374 DPRINTF(("%s: num_endp:%d\n", device_xname(sc->atu_dev), 1375 sc->atu_iface->ui_idesc->bNumEndpoints)); 1376 DPRINTF(("%s: couldn't get ep %d\n", 1377 device_xname(sc->atu_dev), i)); 1378 return; 1379 } 1380 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN && 1381 UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK) { 1382 sc->atu_ed[ATU_ENDPT_RX] = ed->bEndpointAddress; 1383 } else if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_OUT && 1384 UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK) { 1385 sc->atu_ed[ATU_ENDPT_TX] = ed->bEndpointAddress; 1386 } 1387 } 1388 1389 /* read device config & get MAC address */ 1390 err = atu_get_card_config(sc); 1391 if (err) { 1392 aprint_error("\n%s: could not get card cfg!\n", 1393 device_xname(sc->atu_dev)); 1394 return; 1395 } 1396 1397 #ifdef ATU_DEBUG 1398 /* DEBUG : try to get firmware version */ 1399 err = atu_get_mib(sc, MIB_FW_VERSION, sizeof(fw), 0, (uint8_t *)&fw); 1400 if (!err) { 1401 DPRINTFN(15, ("%s: firmware: maj:%d min:%d patch:%d " 1402 "build:%d\n", device_xname(sc->atu_dev), fw.major, fw.minor, 1403 fw.patch, fw.build)); 1404 } else { 1405 DPRINTF(("%s: get firmware version failed\n", 1406 device_xname(sc->atu_dev))); 1407 } 1408 #endif /* ATU_DEBUG */ 1409 1410 /* Show the world our MAC address */ 1411 aprint_normal_dev(sc->atu_dev, "MAC address %s\n", 1412 ether_sprintf(ic->ic_myaddr)); 1413 1414 sc->atu_cdata.atu_tx_inuse = 0; 1415 sc->atu_encrypt = ATU_WEP_OFF; 1416 sc->atu_wepkeylen = ATU_WEP_104BITS; 1417 sc->atu_wepkey = 0; 1418 1419 memset(sc->atu_bssid, 0, ETHER_ADDR_LEN); 1420 sc->atu_channel = ATU_DEFAULT_CHANNEL; 1421 sc->atu_desired_channel = IEEE80211_CHAN_ANY; 1422 sc->atu_mode = INFRASTRUCTURE_MODE; 1423 1424 ic->ic_ifp = ifp; 1425 ic->ic_phytype = IEEE80211_T_DS; 1426 ic->ic_opmode = IEEE80211_M_STA; 1427 ic->ic_state = IEEE80211_S_INIT; 1428 #ifdef FIXME 1429 ic->ic_caps = IEEE80211_C_IBSS | IEEE80211_C_WEP | IEEE80211_C_SCANALL; 1430 #else 1431 ic->ic_caps = IEEE80211_C_IBSS | IEEE80211_C_WEP; 1432 #endif 1433 1434 i = 0; 1435 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 1436 1437 for (i = 1; i <= 14; i++) { 1438 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_B | 1439 IEEE80211_CHAN_PASSIVE; 1440 ic->ic_channels[i].ic_freq = ieee80211_ieee2mhz(i, 1441 ic->ic_channels[i].ic_flags); 1442 } 1443 1444 ic->ic_ibss_chan = &ic->ic_channels[0]; 1445 1446 ifp->if_softc = sc; 1447 memcpy(ifp->if_xname, device_xname(sc->atu_dev), IFNAMSIZ); 1448 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 1449 ifp->if_init = atu_init; 1450 ifp->if_stop = atu_stop; 1451 ifp->if_start = atu_start; 1452 ifp->if_ioctl = atu_ioctl; 1453 ifp->if_watchdog = atu_watchdog; 1454 ifp->if_mtu = ATU_DEFAULT_MTU; 1455 IFQ_SET_READY(&ifp->if_snd); 1456 1457 /* Call MI attach routine. */ 1458 if_attach(ifp); 1459 ieee80211_ifattach(ic); 1460 1461 sc->sc_newstate = ic->ic_newstate; 1462 ic->ic_newstate = atu_newstate; 1463 1464 /* setup ifmedia interface */ 1465 ieee80211_media_init(ic, atu_media_change, atu_media_status); 1466 1467 usb_init_task(&sc->sc_task, atu_task, sc, 0); 1468 1469 sc->sc_state = ATU_S_OK; 1470 } 1471 1472 int 1473 atu_detach(device_t self, int flags) 1474 { 1475 struct atu_softc *sc = device_private(self); 1476 struct ifnet *ifp = &sc->sc_if; 1477 1478 DPRINTFN(10, ("%s: atu_detach state=%d\n", device_xname(sc->atu_dev), 1479 sc->sc_state)); 1480 1481 if (sc->sc_state != ATU_S_UNCONFIG) { 1482 atu_stop(ifp, 1); 1483 1484 ieee80211_ifdetach(&sc->sc_ic); 1485 if_detach(ifp); 1486 } 1487 1488 return(0); 1489 } 1490 1491 int 1492 atu_activate(device_t self, enum devact act) 1493 { 1494 struct atu_softc *sc = device_private(self); 1495 1496 switch (act) { 1497 case DVACT_DEACTIVATE: 1498 if (sc->sc_state != ATU_S_UNCONFIG) { 1499 if_deactivate(&sc->atu_ec.ec_if); 1500 sc->sc_state = ATU_S_DEAD; 1501 } 1502 return 0; 1503 default: 1504 return EOPNOTSUPP; 1505 } 1506 } 1507 1508 /* 1509 * Initialize an RX descriptor and attach an MBUF cluster. 1510 */ 1511 int 1512 atu_newbuf(struct atu_softc *sc, struct atu_chain *c, struct mbuf *m) 1513 { 1514 struct mbuf *m_new = NULL; 1515 1516 if (m == NULL) { 1517 MGETHDR(m_new, M_DONTWAIT, MT_DATA); 1518 if (m_new == NULL) { 1519 DPRINTF(("%s: no memory for rx list\n", 1520 device_xname(sc->atu_dev))); 1521 return(ENOBUFS); 1522 } 1523 1524 MCLGET(m_new, M_DONTWAIT); 1525 if (!(m_new->m_flags & M_EXT)) { 1526 DPRINTF(("%s: no memory for rx list\n", 1527 device_xname(sc->atu_dev))); 1528 m_freem(m_new); 1529 return(ENOBUFS); 1530 } 1531 m_new->m_len = m_new->m_pkthdr.len = MCLBYTES; 1532 } else { 1533 m_new = m; 1534 m_new->m_len = m_new->m_pkthdr.len = MCLBYTES; 1535 m_new->m_data = m_new->m_ext.ext_buf; 1536 } 1537 c->atu_mbuf = m_new; 1538 return(0); 1539 } 1540 1541 int 1542 atu_rx_list_init(struct atu_softc *sc) 1543 { 1544 struct atu_cdata *cd = &sc->atu_cdata; 1545 struct atu_chain *c; 1546 int i; 1547 1548 DPRINTFN(15, ("%s: atu_rx_list_init: enter\n", 1549 device_xname(sc->atu_dev))); 1550 1551 for (i = 0; i < ATU_RX_LIST_CNT; i++) { 1552 c = &cd->atu_rx_chain[i]; 1553 c->atu_sc = sc; 1554 c->atu_idx = i; 1555 if (c->atu_xfer == NULL) { 1556 int err = usbd_create_xfer(sc->atu_ep[ATU_ENDPT_RX], 1557 ATU_RX_BUFSZ, 0, 0, &c->atu_xfer); 1558 if (err) 1559 return err; 1560 c->atu_buf = usbd_get_buffer(c->atu_xfer); 1561 if (atu_newbuf(sc, c, NULL) == ENOBUFS) /* XXX free? */ 1562 return(ENOBUFS); 1563 } 1564 } 1565 return 0; 1566 } 1567 1568 int 1569 atu_tx_list_init(struct atu_softc *sc) 1570 { 1571 struct atu_cdata *cd = &sc->atu_cdata; 1572 struct atu_chain *c; 1573 int i; 1574 1575 DPRINTFN(15, ("%s: atu_tx_list_init\n", 1576 device_xname(sc->atu_dev))); 1577 1578 SLIST_INIT(&cd->atu_tx_free); 1579 sc->atu_cdata.atu_tx_inuse = 0; 1580 1581 for (i = 0; i < ATU_TX_LIST_CNT; i++) { 1582 c = &cd->atu_tx_chain[i]; 1583 c->atu_sc = sc; 1584 c->atu_idx = i; 1585 if (c->atu_xfer == NULL) { 1586 int err = usbd_create_xfer(sc->atu_ep[ATU_ENDPT_TX], 1587 ATU_TX_BUFSZ, 0, 0, &c->atu_xfer); 1588 if (err) { 1589 return err; 1590 } 1591 c->atu_buf = usbd_get_buffer(c->atu_xfer); 1592 SLIST_INSERT_HEAD(&cd->atu_tx_free, c, atu_list); 1593 } 1594 } 1595 return(0); 1596 } 1597 1598 void 1599 atu_xfer_list_free(struct atu_softc *sc, struct atu_chain *ch, 1600 int listlen) 1601 { 1602 int i; 1603 1604 /* Free resources. */ 1605 for (i = 0; i < listlen; i++) { 1606 if (ch[i].atu_buf != NULL) 1607 ch[i].atu_buf = NULL; 1608 if (ch[i].atu_mbuf != NULL) { 1609 m_freem(ch[i].atu_mbuf); 1610 ch[i].atu_mbuf = NULL; 1611 } 1612 if (ch[i].atu_xfer != NULL) { 1613 usbd_destroy_xfer(ch[i].atu_xfer); 1614 ch[i].atu_xfer = NULL; 1615 } 1616 } 1617 } 1618 1619 /* 1620 * A frame has been uploaded: pass the resulting mbuf chain up to 1621 * the higher level protocols. 1622 */ 1623 void 1624 atu_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 1625 { 1626 struct atu_chain *c = (struct atu_chain *)priv; 1627 struct atu_softc *sc = c->atu_sc; 1628 struct ieee80211com *ic = &sc->sc_ic; 1629 struct ifnet *ifp = &sc->sc_if; 1630 struct atu_rx_hdr *h; 1631 struct ieee80211_frame_min *wh; 1632 struct ieee80211_node *ni; 1633 struct mbuf *m; 1634 uint32_t len; 1635 int s; 1636 1637 DPRINTFN(25, ("%s: atu_rxeof\n", device_xname(sc->atu_dev))); 1638 1639 if (sc->sc_state != ATU_S_OK) 1640 return; 1641 1642 if ((ifp->if_flags & (IFF_RUNNING|IFF_UP)) != (IFF_RUNNING|IFF_UP)) 1643 goto done; 1644 1645 if (status != USBD_NORMAL_COMPLETION) { 1646 DPRINTF(("%s: status != USBD_NORMAL_COMPLETION\n", 1647 device_xname(sc->atu_dev))); 1648 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) { 1649 return; 1650 } 1651 #if 0 1652 if (status == USBD_IOERROR) { 1653 DPRINTF(("%s: rx: EEK! lost device?\n", 1654 device_xname(sc->atu_dev))); 1655 1656 /* 1657 * My experience with USBD_IOERROR is that trying to 1658 * restart the transfer will always fail and we'll 1659 * keep on looping restarting transfers untill someone 1660 * pulls the plug of the device. 1661 * So we don't restart the transfer, but just let it 1662 * die... If someone knows of a situation where we can 1663 * recover from USBD_IOERROR, let me know. 1664 */ 1665 splx(s); 1666 return; 1667 } 1668 #endif /* 0 */ 1669 1670 if (usbd_ratecheck(&sc->atu_rx_notice)) { 1671 DPRINTF(("%s: usb error on rx: %s\n", 1672 device_xname(sc->atu_dev), usbd_errstr(status))); 1673 } 1674 if (status == USBD_STALLED) 1675 usbd_clear_endpoint_stall_async( 1676 sc->atu_ep[ATU_ENDPT_RX]); 1677 goto done; 1678 } 1679 1680 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1681 1682 if (len <= 1) { 1683 DPRINTF(("%s: atu_rxeof: too short\n", 1684 device_xname(sc->atu_dev))); 1685 goto done; 1686 } 1687 1688 h = (struct atu_rx_hdr *)c->atu_buf; 1689 len = UGETW(h->length) - 4; /* XXX magic number */ 1690 1691 m = c->atu_mbuf; 1692 memcpy(mtod(m, char *), c->atu_buf + ATU_RX_HDRLEN, len); 1693 m_set_rcvif(m, ifp); 1694 m->m_pkthdr.len = m->m_len = len; 1695 1696 wh = mtod(m, struct ieee80211_frame_min *); 1697 ni = ieee80211_find_rxnode(ic, wh); 1698 1699 ifp->if_ipackets++; 1700 1701 s = splnet(); 1702 1703 if (atu_newbuf(sc, c, NULL) == ENOBUFS) { 1704 ifp->if_ierrors++; 1705 goto done1; /* XXX if we can't allocate, why restart it? */ 1706 } 1707 1708 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1709 /* 1710 * WEP is decrypted by hardware. Clear WEP bit 1711 * header for ieee80211_input(). 1712 */ 1713 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1714 } 1715 1716 ieee80211_input(ic, m, ni, h->rssi, UGETDW(h->rx_time)); 1717 1718 ieee80211_free_node(ni); 1719 done1: 1720 splx(s); 1721 done: 1722 /* Setup new transfer. */ 1723 usbd_setup_xfer(c->atu_xfer, c, c->atu_buf, ATU_RX_BUFSZ, 1724 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, atu_rxeof); 1725 usbd_transfer(c->atu_xfer); 1726 } 1727 1728 /* 1729 * A frame was downloaded to the chip. It's safe for us to clean up 1730 * the list buffers. 1731 */ 1732 void 1733 atu_txeof(struct usbd_xfer *xfer, void *priv, 1734 usbd_status status) 1735 { 1736 struct atu_chain *c = (struct atu_chain *)priv; 1737 struct atu_softc *sc = c->atu_sc; 1738 struct ifnet *ifp = &sc->sc_if; 1739 usbd_status err; 1740 int s; 1741 1742 DPRINTFN(25, ("%s: atu_txeof status=%d\n", device_xname(sc->atu_dev), 1743 status)); 1744 1745 if (c->atu_mbuf) { 1746 m_freem(c->atu_mbuf); 1747 c->atu_mbuf = NULL; 1748 } 1749 1750 if (status != USBD_NORMAL_COMPLETION) { 1751 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1752 return; 1753 1754 DPRINTF(("%s: usb error on tx: %s\n", device_xname(sc->atu_dev), 1755 usbd_errstr(status))); 1756 if (status == USBD_STALLED) 1757 usbd_clear_endpoint_stall_async(sc->atu_ep[ATU_ENDPT_TX]); 1758 return; 1759 } 1760 1761 usbd_get_xfer_status(c->atu_xfer, NULL, NULL, NULL, &err); 1762 1763 if (err) 1764 ifp->if_oerrors++; 1765 else 1766 ifp->if_opackets++; 1767 1768 s = splnet(); 1769 SLIST_INSERT_HEAD(&sc->atu_cdata.atu_tx_free, c, atu_list); 1770 sc->atu_cdata.atu_tx_inuse--; 1771 if (sc->atu_cdata.atu_tx_inuse == 0) 1772 ifp->if_timer = 0; 1773 ifp->if_flags &= ~IFF_OACTIVE; 1774 splx(s); 1775 1776 atu_start(ifp); 1777 } 1778 1779 uint8_t 1780 atu_calculate_padding(int size) 1781 { 1782 size %= 64; 1783 1784 if (size < 50) 1785 return 50 - size; 1786 if (size >=61) 1787 return 64 + 50 - size; 1788 return 0; 1789 } 1790 1791 int 1792 atu_tx_start(struct atu_softc *sc, struct ieee80211_node *ni, 1793 struct atu_chain *c, struct mbuf *m) 1794 { 1795 int len; 1796 struct atu_tx_hdr *h; 1797 usbd_status err; 1798 uint8_t pad; 1799 1800 DPRINTFN(25, ("%s: atu_tx_start\n", device_xname(sc->atu_dev))); 1801 1802 /* Don't try to send when we're shutting down the driver */ 1803 if (sc->sc_state != ATU_S_OK) { 1804 m_freem(m); 1805 return(EIO); 1806 } 1807 1808 /* 1809 * Copy the mbuf data into a contiguous buffer, leaving 1810 * enough room for the atmel headers 1811 */ 1812 len = m->m_pkthdr.len; 1813 1814 m_copydata(m, 0, m->m_pkthdr.len, c->atu_buf + ATU_TX_HDRLEN); 1815 1816 h = (struct atu_tx_hdr *)c->atu_buf; 1817 memset(h, 0, ATU_TX_HDRLEN); 1818 USETW(h->length, len); 1819 h->tx_rate = 4; /* XXX rate = auto */ 1820 len += ATU_TX_HDRLEN; 1821 1822 pad = atu_calculate_padding(len); 1823 len += pad; 1824 h->padding = pad; 1825 1826 c->atu_length = len; 1827 c->atu_mbuf = m; 1828 1829 usbd_setup_xfer(c->atu_xfer, c, c->atu_buf, c->atu_length, 0, 1830 ATU_TX_TIMEOUT, atu_txeof); 1831 1832 /* Let's get this thing into the air! */ 1833 c->atu_in_xfer = 1; 1834 err = usbd_transfer(c->atu_xfer); 1835 if (err != USBD_IN_PROGRESS) { 1836 DPRINTFN(25, ("%s: atu_tx_start, err=%d", 1837 device_xname(sc->atu_dev), err)); 1838 c->atu_mbuf = NULL; 1839 m_freem(m); 1840 return(EIO); 1841 } 1842 1843 return 0; 1844 } 1845 1846 void 1847 atu_start(struct ifnet *ifp) 1848 { 1849 struct atu_softc *sc = ifp->if_softc; 1850 struct ieee80211com *ic = &sc->sc_ic; 1851 struct atu_cdata *cd = &sc->atu_cdata; 1852 struct ieee80211_node *ni; 1853 struct atu_chain *c; 1854 struct mbuf *m = NULL; 1855 int s; 1856 1857 DPRINTFN(25, ("%s: atu_start: enter\n", device_xname(sc->atu_dev))); 1858 1859 if ((ifp->if_flags & IFF_RUNNING) == 0) { 1860 return; 1861 } 1862 if (ifp->if_flags & IFF_OACTIVE) { 1863 DPRINTFN(30, ("%s: atu_start: IFF_OACTIVE\n", 1864 device_xname(sc->atu_dev))); 1865 return; 1866 } 1867 1868 for (;;) { 1869 /* grab a TX buffer */ 1870 s = splnet(); 1871 c = SLIST_FIRST(&cd->atu_tx_free); 1872 if (c != NULL) { 1873 SLIST_REMOVE_HEAD(&cd->atu_tx_free, atu_list); 1874 cd->atu_tx_inuse++; 1875 if (cd->atu_tx_inuse == ATU_TX_LIST_CNT) 1876 ifp->if_flags |= IFF_OACTIVE; 1877 } 1878 splx(s); 1879 if (c == NULL) { 1880 DPRINTFN(10, ("%s: out of tx xfers\n", 1881 device_xname(sc->atu_dev))); 1882 ifp->if_flags |= IFF_OACTIVE; 1883 break; 1884 } 1885 1886 /* 1887 * Poll the management queue for frames, it has priority over 1888 * normal data frames. 1889 */ 1890 IF_DEQUEUE(&ic->ic_mgtq, m); 1891 if (m == NULL) { 1892 DPRINTFN(10, ("%s: atu_start: data packet\n", 1893 device_xname(sc->atu_dev))); 1894 if (ic->ic_state != IEEE80211_S_RUN) { 1895 DPRINTFN(25, ("%s: no data till running\n", 1896 device_xname(sc->atu_dev))); 1897 /* put the xfer back on the list */ 1898 s = splnet(); 1899 SLIST_INSERT_HEAD(&cd->atu_tx_free, c, 1900 atu_list); 1901 cd->atu_tx_inuse--; 1902 splx(s); 1903 break; 1904 } 1905 1906 IFQ_DEQUEUE(&ifp->if_snd, m); 1907 if (m == NULL) { 1908 DPRINTFN(25, ("%s: nothing to send\n", 1909 device_xname(sc->atu_dev))); 1910 s = splnet(); 1911 SLIST_INSERT_HEAD(&cd->atu_tx_free, c, 1912 atu_list); 1913 cd->atu_tx_inuse--; 1914 splx(s); 1915 break; 1916 } 1917 bpf_mtap(ifp, m, BPF_D_OUT); 1918 ni = ieee80211_find_txnode(ic, 1919 mtod(m, struct ether_header *)->ether_dhost); 1920 if (ni == NULL) { 1921 m_freem(m); 1922 goto bad; 1923 } 1924 m = ieee80211_encap(ic, m, ni); 1925 if (m == NULL) 1926 goto bad; 1927 } else { 1928 DPRINTFN(25, ("%s: atu_start: mgmt packet\n", 1929 device_xname(sc->atu_dev))); 1930 1931 /* 1932 * Hack! The referenced node pointer is in the 1933 * rcvif field of the packet header. This is 1934 * placed there by ieee80211_mgmt_output because 1935 * we need to hold the reference with the frame 1936 * and there's no other way (other than packet 1937 * tags which we consider too expensive to use) 1938 * to pass it along. 1939 */ 1940 ni = M_GETCTX(m, struct ieee80211_node *); 1941 M_CLEARCTX(m); 1942 1943 /* sc->sc_stats.ast_tx_mgmt++; */ 1944 } 1945 1946 bpf_mtap3(ic->ic_rawbpf, m, BPF_D_OUT); 1947 1948 if (atu_tx_start(sc, ni, c, m)) { 1949 bad: 1950 s = splnet(); 1951 SLIST_INSERT_HEAD(&cd->atu_tx_free, c, 1952 atu_list); 1953 cd->atu_tx_inuse--; 1954 splx(s); 1955 /* ifp_if_oerrors++; */ 1956 if (ni != NULL) 1957 ieee80211_free_node(ni); 1958 continue; 1959 } 1960 ifp->if_timer = 5; 1961 } 1962 } 1963 1964 int 1965 atu_init(struct ifnet *ifp) 1966 { 1967 struct atu_softc *sc = ifp->if_softc; 1968 struct ieee80211com *ic = &sc->sc_ic; 1969 struct atu_chain *c; 1970 usbd_status err; 1971 int i, s; 1972 1973 s = splnet(); 1974 1975 DPRINTFN(10, ("%s: atu_init\n", device_xname(sc->atu_dev))); 1976 1977 if (ifp->if_flags & IFF_RUNNING) { 1978 splx(s); 1979 return(0); 1980 } 1981 1982 /* Load the multicast filter. */ 1983 /*atu_setmulti(sc); */ 1984 1985 /* Open RX and TX pipes. */ 1986 err = usbd_open_pipe(sc->atu_iface, sc->atu_ed[ATU_ENDPT_RX], 1987 USBD_EXCLUSIVE_USE, &sc->atu_ep[ATU_ENDPT_RX]); 1988 if (err) { 1989 DPRINTF(("%s: open rx pipe failed: %s\n", 1990 device_xname(sc->atu_dev), usbd_errstr(err))); 1991 splx(s); 1992 return(EIO); 1993 } 1994 1995 err = usbd_open_pipe(sc->atu_iface, sc->atu_ed[ATU_ENDPT_TX], 1996 USBD_EXCLUSIVE_USE, &sc->atu_ep[ATU_ENDPT_TX]); 1997 if (err) { 1998 DPRINTF(("%s: open tx pipe failed: %s\n", 1999 device_xname(sc->atu_dev), usbd_errstr(err))); 2000 splx(s); 2001 return(EIO); 2002 } 2003 2004 /* Init TX ring */ 2005 if (atu_tx_list_init(sc)) 2006 printf("%s: tx list init failed\n", device_xname(sc->atu_dev)); 2007 2008 /* Init RX ring */ 2009 if (atu_rx_list_init(sc)) 2010 printf("%s: rx list init failed\n", device_xname(sc->atu_dev)); 2011 2012 /* Start up the receive pipe. */ 2013 for (i = 0; i < ATU_RX_LIST_CNT; i++) { 2014 c = &sc->atu_cdata.atu_rx_chain[i]; 2015 2016 usbd_setup_xfer(c->atu_xfer, c, c->atu_buf, ATU_RX_BUFSZ, 2017 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, atu_rxeof); 2018 usbd_transfer(c->atu_xfer); 2019 } 2020 2021 DPRINTFN(10, ("%s: starting up using MAC=%s\n", 2022 device_xname(sc->atu_dev), ether_sprintf(ic->ic_myaddr))); 2023 2024 /* Do initial setup */ 2025 err = atu_initial_config(sc); 2026 if (err) { 2027 DPRINTF(("%s: initial config failed!\n", 2028 device_xname(sc->atu_dev))); 2029 splx(s); 2030 return(EIO); 2031 } 2032 DPRINTFN(10, ("%s: initialised transceiver\n", 2033 device_xname(sc->atu_dev))); 2034 2035 /* sc->atu_rxfilt = ATU_RXFILT_UNICAST|ATU_RXFILT_BROADCAST; */ 2036 2037 /* If we want promiscuous mode, set the allframes bit. */ 2038 /* 2039 if (ifp->if_flags & IFF_PROMISC) 2040 sc->atu_rxfilt |= ATU_RXFILT_PROMISC; 2041 */ 2042 2043 ifp->if_flags |= IFF_RUNNING; 2044 ifp->if_flags &= ~IFF_OACTIVE; 2045 splx(s); 2046 2047 /* XXX the following HAS to be replaced */ 2048 s = splnet(); 2049 err = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2050 if (err) { 2051 DPRINTFN(1, ("%s: atu_init: error calling " 2052 "ieee80211_net_state", device_xname(sc->atu_dev))); 2053 } 2054 splx(s); 2055 2056 return 0; 2057 } 2058 2059 #ifdef ATU_DEBUG 2060 void 2061 atu_debug_print(struct atu_softc *sc) 2062 { 2063 usbd_status err; 2064 uint8_t tmp[32]; 2065 2066 /* DEBUG */ 2067 if ((err = atu_get_mib(sc, MIB_MAC_MGMT__CURRENT_BSSID, tmp))) 2068 return; 2069 DPRINTF(("%s: DEBUG: current BSSID=%s\n", device_xname(sc->atu_dev), 2070 ether_sprintf(tmp))); 2071 2072 if ((err = atu_get_mib(sc, MIB_MAC_MGMT__BEACON_PERIOD, tmp))) 2073 return; 2074 DPRINTF(("%s: DEBUG: beacon period=%d\n", device_xname(sc->atu_dev), 2075 tmp[0])); 2076 2077 if ((err = atu_get_mib(sc, MIB_MAC_WEP__PRIVACY_INVOKED, tmp))) 2078 return; 2079 DPRINTF(("%s: DEBUG: privacy invoked=%d\n", device_xname(sc->atu_dev), 2080 tmp[0])); 2081 2082 if ((err = atu_get_mib(sc, MIB_MAC_WEP__ENCR_LEVEL, tmp))) 2083 return; 2084 DPRINTF(("%s: DEBUG: encr_level=%d\n", device_xname(sc->atu_dev), 2085 tmp[0])); 2086 2087 if ((err = atu_get_mib(sc, MIB_MAC_WEP__ICV_ERROR_COUNT, tmp))) 2088 return; 2089 DPRINTF(("%s: DEBUG: icv error count=%d\n", device_xname(sc->atu_dev), 2090 *(short *)tmp)); 2091 2092 if ((err = atu_get_mib(sc, MIB_MAC_WEP__EXCLUDED_COUNT, tmp))) 2093 return; 2094 DPRINTF(("%s: DEBUG: wep excluded count=%d\n", 2095 device_xname(sc->atu_dev), *(short *)tmp)); 2096 2097 if ((err = atu_get_mib(sc, MIB_MAC_MGMT__POWER_MODE, tmp))) 2098 return; 2099 DPRINTF(("%s: DEBUG: power mode=%d\n", device_xname(sc->atu_dev), 2100 tmp[0])); 2101 2102 if ((err = atu_get_mib(sc, MIB_PHY__CHANNEL, tmp))) 2103 return; 2104 DPRINTF(("%s: DEBUG: channel=%d\n", device_xname(sc->atu_dev), tmp[0])); 2105 2106 if ((err = atu_get_mib(sc, MIB_PHY__REG_DOMAIN, tmp))) 2107 return; 2108 DPRINTF(("%s: DEBUG: reg domain=%d\n", device_xname(sc->atu_dev), 2109 tmp[0])); 2110 2111 if ((err = atu_get_mib(sc, MIB_LOCAL__SSID_SIZE, tmp))) 2112 return; 2113 DPRINTF(("%s: DEBUG: ssid size=%d\n", device_xname(sc->atu_dev), 2114 tmp[0])); 2115 2116 if ((err = atu_get_mib(sc, MIB_LOCAL__BEACON_ENABLE, tmp))) 2117 return; 2118 DPRINTF(("%s: DEBUG: beacon enable=%d\n", device_xname(sc->atu_dev), 2119 tmp[0])); 2120 2121 if ((err = atu_get_mib(sc, MIB_LOCAL__AUTO_RATE_FALLBACK, tmp))) 2122 return; 2123 DPRINTF(("%s: DEBUG: auto rate fallback=%d\n", 2124 device_xname(sc->atu_dev), tmp[0])); 2125 2126 if ((err = atu_get_mib(sc, MIB_MAC_ADDR__ADDR, tmp))) 2127 return; 2128 DPRINTF(("%s: DEBUG: mac addr=%s\n", device_xname(sc->atu_dev), 2129 ether_sprintf(tmp))); 2130 2131 if ((err = atu_get_mib(sc, MIB_MAC__DESIRED_SSID, tmp))) 2132 return; 2133 DPRINTF(("%s: DEBUG: desired ssid=%s\n", device_xname(sc->atu_dev), 2134 tmp)); 2135 2136 if ((err = atu_get_mib(sc, MIB_MAC_MGMT__CURRENT_ESSID, tmp))) 2137 return; 2138 DPRINTF(("%s: DEBUG: current ESSID=%s\n", device_xname(sc->atu_dev), 2139 tmp)); 2140 } 2141 #endif /* ATU_DEBUG */ 2142 2143 int 2144 atu_ioctl(struct ifnet *ifp, u_long command, void *data) 2145 { 2146 struct atu_softc *sc = ifp->if_softc; 2147 struct ifreq *ifr = (struct ifreq *)data; 2148 struct ieee80211com *ic = &sc->sc_ic; 2149 int err = 0, s; 2150 2151 s = splnet(); 2152 switch (command) { 2153 case SIOCSIFMEDIA: 2154 case SIOCGIFMEDIA: 2155 err = ifmedia_ioctl(ifp, ifr, &ic->ic_media, command); 2156 break; 2157 2158 default: 2159 DPRINTFN(15, ("%s: ieee80211_ioctl (%lu)\n", 2160 device_xname(sc->atu_dev), command)); 2161 err = ieee80211_ioctl(ic, command, data); 2162 break; 2163 } 2164 2165 if (err == ENETRESET) { 2166 if ((ifp->if_flags & (IFF_RUNNING|IFF_UP)) == 2167 (IFF_RUNNING|IFF_UP)) { 2168 DPRINTF(("%s: atu_ioctl(): netreset %lu\n", 2169 device_xname(sc->atu_dev), command)); 2170 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2171 atu_initial_config(sc); 2172 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2173 } 2174 err = 0; 2175 } 2176 2177 splx(s); 2178 return err; 2179 } 2180 2181 void 2182 atu_watchdog(struct ifnet *ifp) 2183 { 2184 struct atu_softc *sc = ifp->if_softc; 2185 struct atu_chain *c; 2186 usbd_status stat; 2187 int cnt, s; 2188 2189 DPRINTF(("%s: atu_watchdog\n", device_xname(sc->atu_dev))); 2190 2191 ifp->if_timer = 0; 2192 2193 if (sc->sc_state != ATU_S_OK || (ifp->if_flags & IFF_RUNNING) == 0) 2194 return; 2195 2196 sc = ifp->if_softc; 2197 s = splnet(); 2198 ifp->if_oerrors++; 2199 DPRINTF(("%s: watchdog timeout\n", device_xname(sc->atu_dev))); 2200 2201 /* 2202 * TODO: 2203 * we should change this since we have multiple TX tranfers... 2204 */ 2205 for (cnt = 0; cnt < ATU_TX_LIST_CNT; cnt++) { 2206 c = &sc->atu_cdata.atu_tx_chain[cnt]; 2207 if (c->atu_in_xfer) { 2208 usbd_get_xfer_status(c->atu_xfer, NULL, NULL, NULL, 2209 &stat); 2210 atu_txeof(c->atu_xfer, c, stat); 2211 } 2212 } 2213 2214 if (!IFQ_IS_EMPTY(&ifp->if_snd)) 2215 atu_start(ifp); 2216 splx(s); 2217 2218 ieee80211_watchdog(&sc->sc_ic); 2219 } 2220 2221 /* 2222 * Stop the adapter and free any mbufs allocated to the 2223 * RX and TX lists. 2224 */ 2225 void 2226 atu_stop(struct ifnet *ifp, int disable) 2227 { 2228 struct atu_softc *sc = ifp->if_softc; 2229 struct ieee80211com *ic = &sc->sc_ic; 2230 struct atu_cdata *cd; 2231 usbd_status err; 2232 int s; 2233 2234 s = splnet(); 2235 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2236 ifp->if_timer = 0; 2237 2238 usb_rem_task(sc->atu_udev, &sc->sc_task); 2239 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2240 2241 /* Stop transfers. */ 2242 if (sc->atu_ep[ATU_ENDPT_RX] != NULL) { 2243 err = usbd_abort_pipe(sc->atu_ep[ATU_ENDPT_RX]); 2244 if (err) { 2245 DPRINTF(("%s: abort rx pipe failed: %s\n", 2246 device_xname(sc->atu_dev), usbd_errstr(err))); 2247 } 2248 } 2249 2250 if (sc->atu_ep[ATU_ENDPT_TX] != NULL) { 2251 err = usbd_abort_pipe(sc->atu_ep[ATU_ENDPT_TX]); 2252 if (err) { 2253 DPRINTF(("%s: abort tx pipe failed: %s\n", 2254 device_xname(sc->atu_dev), usbd_errstr(err))); 2255 } 2256 } 2257 2258 /* Free RX/TX/MGMT list resources. */ 2259 cd = &sc->atu_cdata; 2260 atu_xfer_list_free(sc, cd->atu_rx_chain, ATU_RX_LIST_CNT); 2261 atu_xfer_list_free(sc, cd->atu_tx_chain, ATU_TX_LIST_CNT); 2262 2263 /* Close pipes */ 2264 if (sc->atu_ep[ATU_ENDPT_RX] != NULL) { 2265 err = usbd_close_pipe(sc->atu_ep[ATU_ENDPT_RX]); 2266 if (err) { 2267 DPRINTF(("%s: close rx pipe failed: %s\n", 2268 device_xname(sc->atu_dev), usbd_errstr(err))); 2269 } 2270 sc->atu_ep[ATU_ENDPT_RX] = NULL; 2271 } 2272 2273 if (sc->atu_ep[ATU_ENDPT_TX] != NULL) { 2274 err = usbd_close_pipe(sc->atu_ep[ATU_ENDPT_TX]); 2275 if (err) { 2276 DPRINTF(("%s: close tx pipe failed: %s\n", 2277 device_xname(sc->atu_dev), usbd_errstr(err))); 2278 } 2279 sc->atu_ep[ATU_ENDPT_TX] = NULL; 2280 } 2281 2282 /* Let's be nice and turn off the radio before we leave */ 2283 atu_switch_radio(sc, 0); 2284 2285 splx(s); 2286 } 2287