1 /* $OpenBSD: if_uath.c,v 1.68 2015/07/15 04:01:26 stsp Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * 23 * IMPORTANT NOTICE: 24 * This driver was written without any documentation or support from Atheros 25 * Communications. It is based on a black-box analysis of the Windows binary 26 * driver. It handles both pre and post-firmware devices. 27 */ 28 29 #include "bpfilter.h" 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/timeout.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 #include <sys/endian.h> 41 42 #include <machine/bus.h> 43 #include <machine/intr.h> 44 45 #if NBPFILTER > 0 46 #include <net/bpf.h> 47 #endif 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <netinet/in.h> 55 #include <netinet/if_ether.h> 56 57 #include <net80211/ieee80211_var.h> 58 #include <net80211/ieee80211_radiotap.h> 59 60 #include <dev/usb/usb.h> 61 #include <dev/usb/usbdi.h> 62 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 63 #include <dev/usb/usbdi_util.h> 64 #include <dev/usb/usbdevs.h> 65 66 #include <dev/usb/if_uathreg.h> 67 #include <dev/usb/if_uathvar.h> 68 69 #ifdef UATH_DEBUG 70 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 71 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 72 int uath_debug = 1; 73 #else 74 #define DPRINTF(x) 75 #define DPRINTFN(n, x) 76 #endif 77 78 /*- 79 * Various supported device vendors/products. 80 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 81 */ 82 #define UATH_DEV(v, p, f) \ 83 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 84 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 85 (f) | UATH_FLAG_PRE_FIRMWARE } 86 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 87 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 88 static const struct uath_type { 89 struct usb_devno dev; 90 unsigned int flags; 91 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 92 #define UATH_FLAG_ABG (1 << 1) 93 } uath_devs[] = { 94 UATH_DEV_UG(ACCTON, SMCWUSBTG2), 95 UATH_DEV_UG(ATHEROS, AR5523), 96 UATH_DEV_UG(ATHEROS2, AR5523_1), 97 UATH_DEV_UG(ATHEROS2, AR5523_2), 98 UATH_DEV_UX(ATHEROS2, AR5523_3), 99 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 100 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 101 UATH_DEV_UX(DLINK, DWLAG122), 102 UATH_DEV_UX(DLINK, DWLAG132), 103 UATH_DEV_UG(DLINK, DWLG132), 104 UATH_DEV_UG(DLINK2, WUA2340), 105 UATH_DEV_UG(GIGASET, AR5523), 106 UATH_DEV_UG(GIGASET, SMCWUSBTG), 107 UATH_DEV_UG(GLOBALSUN, AR5523_1), 108 UATH_DEV_UX(GLOBALSUN, AR5523_2), 109 UATH_DEV_UG(IODATA, USBWNG54US), 110 UATH_DEV_UG(MELCO, WLIU2KAMG54), 111 UATH_DEV_UX(NETGEAR, WG111U), 112 UATH_DEV_UG(NETGEAR3, WG111T), 113 UATH_DEV_UG(NETGEAR3, WPN111), 114 UATH_DEV_UG(PHILIPS, SNU6500), 115 UATH_DEV_UX(UMEDIA, AR5523_2), 116 UATH_DEV_UG(UMEDIA, TEW444UBEU), 117 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 118 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 119 UATH_DEV_UG(ZCOM, AR5523) 120 }; 121 #define uath_lookup(v, p) \ 122 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 123 124 void uath_attachhook(void *); 125 int uath_open_pipes(struct uath_softc *); 126 void uath_close_pipes(struct uath_softc *); 127 int uath_alloc_tx_data_list(struct uath_softc *); 128 void uath_free_tx_data_list(struct uath_softc *); 129 int uath_alloc_rx_data_list(struct uath_softc *); 130 void uath_free_rx_data_list(struct uath_softc *); 131 int uath_alloc_tx_cmd_list(struct uath_softc *); 132 void uath_free_tx_cmd_list(struct uath_softc *); 133 int uath_alloc_rx_cmd_list(struct uath_softc *); 134 void uath_free_rx_cmd_list(struct uath_softc *); 135 int uath_media_change(struct ifnet *); 136 void uath_stat(void *); 137 void uath_next_scan(void *); 138 void uath_task(void *); 139 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 140 #ifdef UATH_DEBUG 141 void uath_dump_cmd(const uint8_t *, int, char); 142 #endif 143 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 144 int); 145 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 146 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 147 int); 148 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 149 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 150 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 151 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 152 void uath_cmd_rxeof(struct usbd_xfer *, void *, usbd_status); 153 void uath_data_rxeof(struct usbd_xfer *, void *, usbd_status); 154 void uath_data_txeof(struct usbd_xfer *, void *, usbd_status); 155 int uath_tx_null(struct uath_softc *); 156 int uath_tx_data(struct uath_softc *, struct mbuf *, 157 struct ieee80211_node *); 158 void uath_start(struct ifnet *); 159 void uath_watchdog(struct ifnet *); 160 int uath_ioctl(struct ifnet *, u_long, caddr_t); 161 int uath_query_eeprom(struct uath_softc *); 162 int uath_reset(struct uath_softc *); 163 int uath_reset_tx_queues(struct uath_softc *); 164 int uath_wme_init(struct uath_softc *); 165 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 166 int uath_set_key(struct uath_softc *, const struct ieee80211_key *, int); 167 int uath_set_keys(struct uath_softc *); 168 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 169 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 170 int uath_set_led(struct uath_softc *, int, int); 171 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 172 int uath_init(struct ifnet *); 173 void uath_stop(struct ifnet *, int); 174 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 175 176 int uath_match(struct device *, void *, void *); 177 void uath_attach(struct device *, struct device *, void *); 178 int uath_detach(struct device *, int); 179 180 struct cfdriver uath_cd = { 181 NULL, "uath", DV_IFNET 182 }; 183 184 const struct cfattach uath_ca = { 185 sizeof(struct uath_softc), uath_match, uath_attach, uath_detach 186 }; 187 188 int 189 uath_match(struct device *parent, void *match, void *aux) 190 { 191 struct usb_attach_arg *uaa = aux; 192 193 if (uaa->iface != NULL) 194 return UMATCH_NONE; 195 196 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 197 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 198 } 199 200 void 201 uath_attachhook(void *xsc) 202 { 203 struct uath_softc *sc = xsc; 204 u_char *fw; 205 size_t size; 206 int error; 207 208 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 209 printf("%s: error %d, could not read firmware %s\n", 210 sc->sc_dev.dv_xname, error, "uath-ar5523"); 211 return; 212 } 213 214 error = uath_loadfirmware(sc, fw, size); 215 free(fw, M_DEVBUF, 0); 216 217 if (error == 0) { 218 /* 219 * Hack alert: the device doesn't always gracefully detach 220 * from the bus after a firmware upload. We need to force 221 * a port reset and a re-exploration on the parent hub. 222 */ 223 usbd_reset_port(sc->sc_uhub, sc->sc_port); 224 usb_needs_reattach(sc->sc_udev); 225 } else { 226 printf("%s: could not load firmware (error=%s)\n", 227 sc->sc_dev.dv_xname, usbd_errstr(error)); 228 } 229 } 230 231 void 232 uath_attach(struct device *parent, struct device *self, void *aux) 233 { 234 struct uath_softc *sc = (struct uath_softc *)self; 235 struct usb_attach_arg *uaa = aux; 236 struct ieee80211com *ic = &sc->sc_ic; 237 struct ifnet *ifp = &ic->ic_if; 238 usbd_status error; 239 int i; 240 241 sc->sc_udev = uaa->device; 242 sc->sc_uhub = uaa->device->myhub; 243 sc->sc_port = uaa->port; 244 245 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 246 247 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 248 printf("%s: could not set configuration no\n", 249 sc->sc_dev.dv_xname); 250 return; 251 } 252 253 /* get the first interface handle */ 254 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 255 &sc->sc_iface); 256 if (error != 0) { 257 printf("%s: could not get interface handle\n", 258 sc->sc_dev.dv_xname); 259 return; 260 } 261 262 /* 263 * We must open the pipes early because they're used to upload the 264 * firmware (pre-firmware devices) or to send firmware commands. 265 */ 266 if (uath_open_pipes(sc) != 0) { 267 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 268 return; 269 } 270 271 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 272 if (rootvp == NULL) 273 mountroothook_establish(uath_attachhook, sc); 274 else 275 uath_attachhook(sc); 276 return; 277 } 278 279 /* 280 * Only post-firmware devices here. 281 */ 282 usb_init_task(&sc->sc_task, uath_task, sc, USB_TASK_TYPE_GENERIC); 283 timeout_set(&sc->scan_to, uath_next_scan, sc); 284 timeout_set(&sc->stat_to, uath_stat, sc); 285 286 /* 287 * Allocate xfers for firmware commands. 288 */ 289 if (uath_alloc_tx_cmd_list(sc) != 0) { 290 printf("%s: could not allocate Tx command list\n", 291 sc->sc_dev.dv_xname); 292 goto fail; 293 } 294 if (uath_alloc_rx_cmd_list(sc) != 0) { 295 printf("%s: could not allocate Rx command list\n", 296 sc->sc_dev.dv_xname); 297 goto fail; 298 } 299 300 /* 301 * Queue Rx command xfers. 302 */ 303 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 304 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 305 306 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 307 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 308 USBD_NO_TIMEOUT, uath_cmd_rxeof); 309 error = usbd_transfer(cmd->xfer); 310 if (error != USBD_IN_PROGRESS && error != 0) { 311 printf("%s: could not queue Rx command xfer\n", 312 sc->sc_dev.dv_xname); 313 goto fail; 314 } 315 } 316 317 /* 318 * We're now ready to send/receive firmware commands. 319 */ 320 if (uath_reset(sc) != 0) { 321 printf("%s: could not initialize adapter\n", 322 sc->sc_dev.dv_xname); 323 goto fail; 324 } 325 if (uath_query_eeprom(sc) != 0) { 326 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 327 goto fail; 328 } 329 330 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 331 sc->sc_dev.dv_xname, (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 332 ether_sprintf(ic->ic_myaddr)); 333 334 /* 335 * Allocate xfers for Tx/Rx data pipes. 336 */ 337 if (uath_alloc_tx_data_list(sc) != 0) { 338 printf("%s: could not allocate Tx data list\n", 339 sc->sc_dev.dv_xname); 340 goto fail; 341 } 342 if (uath_alloc_rx_data_list(sc) != 0) { 343 printf("%s: could not allocate Rx data list\n", 344 sc->sc_dev.dv_xname); 345 goto fail; 346 } 347 348 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 349 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 350 ic->ic_state = IEEE80211_S_INIT; 351 352 /* set device capabilities */ 353 ic->ic_caps = 354 IEEE80211_C_MONITOR | /* monitor mode supported */ 355 IEEE80211_C_TXPMGT | /* tx power management */ 356 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 357 IEEE80211_C_SHSLOT | /* short slot time supported */ 358 IEEE80211_C_WEP; /* h/w WEP */ 359 360 /* set supported .11b and .11g rates */ 361 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 362 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 363 364 /* set supported .11b and .11g channels (1 through 14) */ 365 for (i = 1; i <= 14; i++) { 366 ic->ic_channels[i].ic_freq = 367 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 368 ic->ic_channels[i].ic_flags = 369 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 370 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 371 } 372 373 ifp->if_softc = sc; 374 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 375 ifp->if_ioctl = uath_ioctl; 376 ifp->if_start = uath_start; 377 ifp->if_watchdog = uath_watchdog; 378 IFQ_SET_READY(&ifp->if_snd); 379 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 380 381 if_attach(ifp); 382 ieee80211_ifattach(ifp); 383 384 /* override state transition machine */ 385 sc->sc_newstate = ic->ic_newstate; 386 ic->ic_newstate = uath_newstate; 387 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 388 389 #if NBPFILTER > 0 390 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 391 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 392 393 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 394 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 395 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 396 397 sc->sc_txtap_len = sizeof sc->sc_txtapu; 398 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 399 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 400 #endif 401 402 return; 403 404 fail: uath_close_pipes(sc); 405 uath_free_tx_data_list(sc); 406 uath_free_rx_cmd_list(sc); 407 uath_free_tx_cmd_list(sc); 408 usbd_deactivate(sc->sc_udev); 409 } 410 411 int 412 uath_detach(struct device *self, int flags) 413 { 414 struct uath_softc *sc = (struct uath_softc *)self; 415 struct ifnet *ifp = &sc->sc_ic.ic_if; 416 int s; 417 418 s = splnet(); 419 420 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 421 uath_close_pipes(sc); 422 splx(s); 423 return 0; 424 } 425 426 /* post-firmware device */ 427 428 usb_rem_task(sc->sc_udev, &sc->sc_task); 429 if (timeout_initialized(&sc->scan_to)) 430 timeout_del(&sc->scan_to); 431 if (timeout_initialized(&sc->stat_to)) 432 timeout_del(&sc->stat_to); 433 434 /* close Tx/Rx pipes */ 435 uath_close_pipes(sc); 436 437 /* free xfers */ 438 uath_free_tx_data_list(sc); 439 uath_free_rx_data_list(sc); 440 uath_free_tx_cmd_list(sc); 441 uath_free_rx_cmd_list(sc); 442 443 if (ifp->if_softc != NULL) { 444 ieee80211_ifdetach(ifp); /* free all nodes */ 445 if_detach(ifp); 446 } 447 448 splx(s); 449 450 return 0; 451 } 452 453 int 454 uath_open_pipes(struct uath_softc *sc) 455 { 456 int error; 457 458 /* 459 * XXX pipes numbers are hardcoded because we don't have any way 460 * to distinguish the data pipes from the firmware command pipes 461 * (both are bulk pipes) using the endpoints descriptors. 462 */ 463 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 464 &sc->cmd_tx_pipe); 465 if (error != 0) { 466 printf("%s: could not open Tx command pipe: %s\n", 467 sc->sc_dev.dv_xname, usbd_errstr(error)); 468 goto fail; 469 } 470 471 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 472 &sc->data_tx_pipe); 473 if (error != 0) { 474 printf("%s: could not open Tx data pipe: %s\n", 475 sc->sc_dev.dv_xname, usbd_errstr(error)); 476 goto fail; 477 } 478 479 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 480 &sc->cmd_rx_pipe); 481 if (error != 0) { 482 printf("%s: could not open Rx command pipe: %s\n", 483 sc->sc_dev.dv_xname, usbd_errstr(error)); 484 goto fail; 485 } 486 487 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 488 &sc->data_rx_pipe); 489 if (error != 0) { 490 printf("%s: could not open Rx data pipe: %s\n", 491 sc->sc_dev.dv_xname, usbd_errstr(error)); 492 goto fail; 493 } 494 495 return 0; 496 497 fail: uath_close_pipes(sc); 498 return error; 499 } 500 501 void 502 uath_close_pipes(struct uath_softc *sc) 503 { 504 if (sc->data_tx_pipe != NULL) { 505 usbd_close_pipe(sc->data_tx_pipe); 506 sc->data_tx_pipe = NULL; 507 } 508 509 if (sc->data_rx_pipe != NULL) { 510 usbd_close_pipe(sc->data_rx_pipe); 511 sc->data_rx_pipe = NULL; 512 } 513 514 if (sc->cmd_tx_pipe != NULL) { 515 usbd_close_pipe(sc->cmd_tx_pipe); 516 sc->cmd_tx_pipe = NULL; 517 } 518 519 if (sc->cmd_rx_pipe != NULL) { 520 usbd_close_pipe(sc->cmd_rx_pipe); 521 sc->cmd_rx_pipe = NULL; 522 } 523 } 524 525 int 526 uath_alloc_tx_data_list(struct uath_softc *sc) 527 { 528 int i, error; 529 530 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 531 struct uath_tx_data *data = &sc->tx_data[i]; 532 533 data->sc = sc; /* backpointer for callbacks */ 534 535 data->xfer = usbd_alloc_xfer(sc->sc_udev); 536 if (data->xfer == NULL) { 537 printf("%s: could not allocate xfer\n", 538 sc->sc_dev.dv_xname); 539 error = ENOMEM; 540 goto fail; 541 } 542 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 543 if (data->buf == NULL) { 544 printf("%s: could not allocate xfer buffer\n", 545 sc->sc_dev.dv_xname); 546 error = ENOMEM; 547 goto fail; 548 } 549 } 550 return 0; 551 552 fail: uath_free_tx_data_list(sc); 553 return error; 554 } 555 556 void 557 uath_free_tx_data_list(struct uath_softc *sc) 558 { 559 int i; 560 561 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 562 if (sc->tx_data[i].xfer != NULL) { 563 usbd_free_xfer(sc->tx_data[i].xfer); 564 sc->tx_data[i].xfer = NULL; 565 } 566 } 567 568 int 569 uath_alloc_rx_data_list(struct uath_softc *sc) 570 { 571 int i, error; 572 573 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 574 struct uath_rx_data *data = &sc->rx_data[i]; 575 576 data->sc = sc; /* backpointer for callbacks */ 577 578 data->xfer = usbd_alloc_xfer(sc->sc_udev); 579 if (data->xfer == NULL) { 580 printf("%s: could not allocate xfer\n", 581 sc->sc_dev.dv_xname); 582 error = ENOMEM; 583 goto fail; 584 } 585 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 586 printf("%s: could not allocate xfer buffer\n", 587 sc->sc_dev.dv_xname); 588 error = ENOMEM; 589 goto fail; 590 } 591 592 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 593 if (data->m == NULL) { 594 printf("%s: could not allocate rx mbuf\n", 595 sc->sc_dev.dv_xname); 596 error = ENOMEM; 597 goto fail; 598 } 599 MCLGET(data->m, M_DONTWAIT); 600 if (!(data->m->m_flags & M_EXT)) { 601 printf("%s: could not allocate rx mbuf cluster\n", 602 sc->sc_dev.dv_xname); 603 error = ENOMEM; 604 goto fail; 605 } 606 607 data->buf = mtod(data->m, uint8_t *); 608 } 609 return 0; 610 611 fail: uath_free_rx_data_list(sc); 612 return error; 613 } 614 615 void 616 uath_free_rx_data_list(struct uath_softc *sc) 617 { 618 int i; 619 620 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 621 struct uath_rx_data *data = &sc->rx_data[i]; 622 623 if (data->xfer != NULL) { 624 usbd_free_xfer(data->xfer); 625 data->xfer = NULL; 626 } 627 628 if (data->m != NULL) { 629 m_freem(data->m); 630 data->m = NULL; 631 } 632 } 633 } 634 635 int 636 uath_alloc_tx_cmd_list(struct uath_softc *sc) 637 { 638 int i, error; 639 640 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 641 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 642 643 cmd->sc = sc; /* backpointer for callbacks */ 644 645 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 646 if (cmd->xfer == NULL) { 647 printf("%s: could not allocate xfer\n", 648 sc->sc_dev.dv_xname); 649 error = ENOMEM; 650 goto fail; 651 } 652 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 653 if (cmd->buf == NULL) { 654 printf("%s: could not allocate xfer buffer\n", 655 sc->sc_dev.dv_xname); 656 error = ENOMEM; 657 goto fail; 658 } 659 } 660 return 0; 661 662 fail: uath_free_tx_cmd_list(sc); 663 return error; 664 } 665 666 void 667 uath_free_tx_cmd_list(struct uath_softc *sc) 668 { 669 int i; 670 671 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 672 if (sc->tx_cmd[i].xfer != NULL) { 673 usbd_free_xfer(sc->tx_cmd[i].xfer); 674 sc->tx_cmd[i].xfer = NULL; 675 } 676 } 677 678 int 679 uath_alloc_rx_cmd_list(struct uath_softc *sc) 680 { 681 int i, error; 682 683 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 684 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 685 686 cmd->sc = sc; /* backpointer for callbacks */ 687 688 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 689 if (cmd->xfer == NULL) { 690 printf("%s: could not allocate xfer\n", 691 sc->sc_dev.dv_xname); 692 error = ENOMEM; 693 goto fail; 694 } 695 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 696 if (cmd->buf == NULL) { 697 printf("%s: could not allocate xfer buffer\n", 698 sc->sc_dev.dv_xname); 699 error = ENOMEM; 700 goto fail; 701 } 702 } 703 return 0; 704 705 fail: uath_free_rx_cmd_list(sc); 706 return error; 707 } 708 709 void 710 uath_free_rx_cmd_list(struct uath_softc *sc) 711 { 712 int i; 713 714 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 715 if (sc->rx_cmd[i].xfer != NULL) { 716 usbd_free_xfer(sc->rx_cmd[i].xfer); 717 sc->rx_cmd[i].xfer = NULL; 718 } 719 } 720 721 int 722 uath_media_change(struct ifnet *ifp) 723 { 724 int error; 725 726 error = ieee80211_media_change(ifp); 727 if (error != ENETRESET) 728 return error; 729 730 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 731 uath_init(ifp); 732 733 return 0; 734 } 735 736 /* 737 * This function is called periodically (every second) when associated to 738 * query device statistics. 739 */ 740 void 741 uath_stat(void *arg) 742 { 743 struct uath_softc *sc = arg; 744 int error; 745 746 /* 747 * Send request for statistics asynchronously. The timer will be 748 * restarted when we'll get the stats notification. 749 */ 750 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 751 UATH_CMD_FLAG_ASYNC); 752 if (error != 0) { 753 printf("%s: could not query statistics (error=%d)\n", 754 sc->sc_dev.dv_xname, error); 755 } 756 } 757 758 /* 759 * This function is called periodically (every 250ms) during scanning to 760 * switch from one channel to another. 761 */ 762 void 763 uath_next_scan(void *arg) 764 { 765 struct uath_softc *sc = arg; 766 struct ieee80211com *ic = &sc->sc_ic; 767 struct ifnet *ifp = &ic->ic_if; 768 769 if (ic->ic_state == IEEE80211_S_SCAN) 770 ieee80211_next_scan(ifp); 771 } 772 773 void 774 uath_task(void *arg) 775 { 776 struct uath_softc *sc = arg; 777 struct ieee80211com *ic = &sc->sc_ic; 778 enum ieee80211_state ostate; 779 780 ostate = ic->ic_state; 781 782 switch (sc->sc_state) { 783 case IEEE80211_S_INIT: 784 if (ostate == IEEE80211_S_RUN) { 785 /* turn link and activity LEDs off */ 786 (void)uath_set_led(sc, UATH_LED_LINK, 0); 787 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 788 } 789 break; 790 791 case IEEE80211_S_SCAN: 792 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 793 printf("%s: could not switch channel\n", 794 sc->sc_dev.dv_xname); 795 break; 796 } 797 timeout_add_msec(&sc->scan_to, 250); 798 break; 799 800 case IEEE80211_S_AUTH: 801 { 802 struct ieee80211_node *ni = ic->ic_bss; 803 struct uath_cmd_bssid bssid; 804 struct uath_cmd_0b cmd0b; 805 struct uath_cmd_0c cmd0c; 806 807 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 808 printf("%s: could not switch channel\n", 809 sc->sc_dev.dv_xname); 810 break; 811 } 812 813 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 814 815 bzero(&bssid, sizeof bssid); 816 bssid.len = htobe32(IEEE80211_ADDR_LEN); 817 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 818 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 819 sizeof bssid, 0); 820 821 bzero(&cmd0b, sizeof cmd0b); 822 cmd0b.code = htobe32(2); 823 cmd0b.size = htobe32(sizeof (cmd0b.data)); 824 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 825 826 bzero(&cmd0c, sizeof cmd0c); 827 cmd0c.magic1 = htobe32(2); 828 cmd0c.magic2 = htobe32(7); 829 cmd0c.magic3 = htobe32(1); 830 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 831 832 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 833 printf("%s: could not set negotiated rate set\n", 834 sc->sc_dev.dv_xname); 835 break; 836 } 837 break; 838 } 839 840 case IEEE80211_S_ASSOC: 841 break; 842 843 case IEEE80211_S_RUN: 844 { 845 struct ieee80211_node *ni = ic->ic_bss; 846 struct uath_cmd_bssid bssid; 847 struct uath_cmd_xled xled; 848 uint32_t val; 849 850 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 851 /* make both LEDs blink while monitoring */ 852 bzero(&xled, sizeof xled); 853 xled.which = htobe32(0); 854 xled.rate = htobe32(1); 855 xled.mode = htobe32(2); 856 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 857 sizeof xled, 0); 858 break; 859 } 860 861 /* 862 * Tx rate is controlled by firmware, report the maximum 863 * negotiated rate in ifconfig output. 864 */ 865 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 866 867 val = htobe32(1); 868 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 869 870 bzero(&bssid, sizeof bssid); 871 bssid.flags1 = htobe32(0xc004); 872 bssid.flags2 = htobe32(0x003b); 873 bssid.len = htobe32(IEEE80211_ADDR_LEN); 874 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 875 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 876 sizeof bssid, 0); 877 878 /* turn link LED on */ 879 (void)uath_set_led(sc, UATH_LED_LINK, 1); 880 881 /* make activity LED blink */ 882 bzero(&xled, sizeof xled); 883 xled.which = htobe32(1); 884 xled.rate = htobe32(1); 885 xled.mode = htobe32(2); 886 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 887 0); 888 889 /* set state to associated */ 890 val = htobe32(1); 891 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 892 0); 893 894 /* start statistics timer */ 895 timeout_add_sec(&sc->stat_to, 1); 896 break; 897 } 898 } 899 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 900 } 901 902 int 903 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 904 { 905 struct uath_softc *sc = ic->ic_softc; 906 907 usb_rem_task(sc->sc_udev, &sc->sc_task); 908 timeout_del(&sc->scan_to); 909 timeout_del(&sc->stat_to); 910 911 /* do it in a process context */ 912 sc->sc_state = nstate; 913 sc->sc_arg = arg; 914 usb_add_task(sc->sc_udev, &sc->sc_task); 915 return 0; 916 } 917 918 #ifdef UATH_DEBUG 919 void 920 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 921 { 922 int i; 923 924 for (i = 0; i < len; i++) { 925 if ((i % 16) == 0) 926 printf("\n%c ", prefix); 927 else if ((i % 4) == 0) 928 printf(" "); 929 printf("%02x", buf[i]); 930 } 931 printf("\n"); 932 } 933 #endif 934 935 /* 936 * Low-level function to send read or write commands to the firmware. 937 */ 938 int 939 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 940 void *odata, int flags) 941 { 942 struct uath_cmd_hdr *hdr; 943 struct uath_tx_cmd *cmd; 944 uint16_t xferflags; 945 int s, xferlen, error; 946 947 /* grab a xfer */ 948 cmd = &sc->tx_cmd[sc->cmd_idx]; 949 950 /* always bulk-out a multiple of 4 bytes */ 951 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 952 953 hdr = (struct uath_cmd_hdr *)cmd->buf; 954 bzero(hdr, sizeof (struct uath_cmd_hdr)); 955 hdr->len = htobe32(xferlen); 956 hdr->code = htobe32(code); 957 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 958 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 959 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 960 961 #ifdef UATH_DEBUG 962 if (uath_debug >= 5) { 963 printf("sending command code=0x%02x flags=0x%x index=%u", 964 code, flags, sc->cmd_idx); 965 uath_dump_cmd(cmd->buf, xferlen, '+'); 966 } 967 #endif 968 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 969 if (!(flags & UATH_CMD_FLAG_READ)) { 970 if (!(flags & UATH_CMD_FLAG_ASYNC)) 971 xferflags |= USBD_SYNCHRONOUS; 972 } else 973 s = splusb(); 974 975 cmd->odata = odata; 976 977 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 978 xferflags, UATH_CMD_TIMEOUT, NULL); 979 error = usbd_transfer(cmd->xfer); 980 if (error != USBD_IN_PROGRESS && error != 0) { 981 if (flags & UATH_CMD_FLAG_READ) 982 splx(s); 983 printf("%s: could not send command 0x%x (error=%s)\n", 984 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 985 return error; 986 } 987 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 988 989 if (!(flags & UATH_CMD_FLAG_READ)) 990 return 0; /* write: don't wait for reply */ 991 992 /* wait at most two seconds for command reply */ 993 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 994 cmd->odata = NULL; /* in case answer is received too late */ 995 splx(s); 996 if (error != 0) { 997 printf("%s: timeout waiting for command reply\n", 998 sc->sc_dev.dv_xname); 999 } 1000 return error; 1001 } 1002 1003 int 1004 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1005 int flags) 1006 { 1007 flags &= ~UATH_CMD_FLAG_READ; 1008 return uath_cmd(sc, code, data, len, NULL, flags); 1009 } 1010 1011 int 1012 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1013 int ilen, void *odata, int flags) 1014 { 1015 flags |= UATH_CMD_FLAG_READ; 1016 return uath_cmd(sc, code, idata, ilen, odata, flags); 1017 } 1018 1019 int 1020 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1021 { 1022 struct uath_write_mac write; 1023 int error; 1024 1025 write.reg = htobe32(reg); 1026 write.len = htobe32(0); /* 0 = single write */ 1027 *(uint32_t *)write.data = htobe32(val); 1028 1029 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1030 3 * sizeof (uint32_t), 0); 1031 if (error != 0) { 1032 printf("%s: could not write register 0x%02x\n", 1033 sc->sc_dev.dv_xname, reg); 1034 } 1035 return error; 1036 } 1037 1038 int 1039 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1040 int len) 1041 { 1042 struct uath_write_mac write; 1043 int error; 1044 1045 write.reg = htobe32(reg); 1046 write.len = htobe32(len); 1047 bcopy(data, write.data, len); 1048 1049 /* properly handle the case where len is zero (reset) */ 1050 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1051 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1052 if (error != 0) { 1053 printf("%s: could not write %d bytes to register 0x%02x\n", 1054 sc->sc_dev.dv_xname, len, reg); 1055 } 1056 return error; 1057 } 1058 1059 int 1060 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1061 { 1062 struct uath_read_mac read; 1063 int error; 1064 1065 reg = htobe32(reg); 1066 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1067 0); 1068 if (error != 0) { 1069 printf("%s: could not read register 0x%02x\n", 1070 sc->sc_dev.dv_xname, betoh32(reg)); 1071 return error; 1072 } 1073 *val = betoh32(*(uint32_t *)read.data); 1074 return error; 1075 } 1076 1077 int 1078 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1079 { 1080 struct uath_read_mac read; 1081 int len, error; 1082 1083 reg = htobe32(reg); 1084 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1085 &read, 0); 1086 if (error != 0) { 1087 printf("%s: could not read EEPROM offset 0x%02x\n", 1088 sc->sc_dev.dv_xname, betoh32(reg)); 1089 return error; 1090 } 1091 len = betoh32(read.len); 1092 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1093 return error; 1094 } 1095 1096 void 1097 uath_cmd_rxeof(struct usbd_xfer *xfer, void *priv, 1098 usbd_status status) 1099 { 1100 struct uath_rx_cmd *cmd = priv; 1101 struct uath_softc *sc = cmd->sc; 1102 struct uath_cmd_hdr *hdr; 1103 1104 if (status != USBD_NORMAL_COMPLETION) { 1105 if (status == USBD_STALLED) 1106 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1107 return; 1108 } 1109 1110 hdr = (struct uath_cmd_hdr *)cmd->buf; 1111 1112 #ifdef UATH_DEBUG 1113 if (uath_debug >= 5) { 1114 printf("received command code=0x%x index=%u len=%u", 1115 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1116 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1117 } 1118 #endif 1119 1120 switch (betoh32(hdr->code) & 0xff) { 1121 /* reply to a read command */ 1122 default: 1123 { 1124 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1125 1126 if (txcmd->odata != NULL) { 1127 /* copy answer into caller's supplied buffer */ 1128 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1129 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1130 } 1131 wakeup(txcmd); /* wake up caller */ 1132 break; 1133 } 1134 /* spontaneous firmware notifications */ 1135 case UATH_NOTIF_READY: 1136 DPRINTF(("received device ready notification\n")); 1137 wakeup(UATH_COND_INIT(sc)); 1138 break; 1139 1140 case UATH_NOTIF_TX: 1141 /* this notification is sent when UATH_TX_NOTIFY is set */ 1142 DPRINTF(("received Tx notification\n")); 1143 break; 1144 1145 case UATH_NOTIF_STATS: 1146 DPRINTFN(2, ("received device statistics\n")); 1147 timeout_add_sec(&sc->stat_to, 1); 1148 break; 1149 } 1150 1151 /* setup a new transfer */ 1152 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1153 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1154 uath_cmd_rxeof); 1155 (void)usbd_transfer(xfer); 1156 } 1157 1158 void 1159 uath_data_rxeof(struct usbd_xfer *xfer, void *priv, 1160 usbd_status status) 1161 { 1162 struct uath_rx_data *data = priv; 1163 struct uath_softc *sc = data->sc; 1164 struct ieee80211com *ic = &sc->sc_ic; 1165 struct ifnet *ifp = &ic->ic_if; 1166 struct ieee80211_frame *wh; 1167 struct ieee80211_rxinfo rxi; 1168 struct ieee80211_node *ni; 1169 struct uath_rx_desc *desc; 1170 struct mbuf *mnew, *m; 1171 uint32_t hdr; 1172 int s, len; 1173 1174 if (status != USBD_NORMAL_COMPLETION) { 1175 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1176 return; 1177 1178 if (status == USBD_STALLED) 1179 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1180 1181 ifp->if_ierrors++; 1182 return; 1183 } 1184 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1185 1186 if (len < UATH_MIN_RXBUFSZ) { 1187 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1188 ifp->if_ierrors++; 1189 goto skip; 1190 } 1191 1192 hdr = betoh32(*(uint32_t *)data->buf); 1193 1194 /* Rx descriptor is located at the end, 32-bit aligned */ 1195 desc = (struct uath_rx_desc *) 1196 (data->buf + len - sizeof (struct uath_rx_desc)); 1197 1198 if (betoh32(desc->len) > sc->rxbufsz) { 1199 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1200 ifp->if_ierrors++; 1201 goto skip; 1202 } 1203 1204 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1205 1206 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1207 if (mnew == NULL) { 1208 printf("%s: could not allocate rx mbuf\n", 1209 sc->sc_dev.dv_xname); 1210 ifp->if_ierrors++; 1211 goto skip; 1212 } 1213 MCLGET(mnew, M_DONTWAIT); 1214 if (!(mnew->m_flags & M_EXT)) { 1215 printf("%s: could not allocate rx mbuf cluster\n", 1216 sc->sc_dev.dv_xname); 1217 m_freem(mnew); 1218 ifp->if_ierrors++; 1219 goto skip; 1220 } 1221 1222 m = data->m; 1223 data->m = mnew; 1224 1225 /* finalize mbuf */ 1226 m->m_data = data->buf + sizeof (uint32_t); 1227 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1228 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1229 1230 data->buf = mtod(data->m, uint8_t *); 1231 1232 wh = mtod(m, struct ieee80211_frame *); 1233 rxi.rxi_flags = 0; 1234 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1235 ic->ic_opmode != IEEE80211_M_MONITOR) { 1236 /* 1237 * Hardware decrypts the frame itself but leaves the WEP bit 1238 * set in the 802.11 header and doesn't remove the IV and CRC 1239 * fields. 1240 */ 1241 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1242 memmove((caddr_t)wh + IEEE80211_WEP_IVLEN + 1243 IEEE80211_WEP_KIDLEN, wh, sizeof (struct ieee80211_frame)); 1244 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1245 m_adj(m, -IEEE80211_WEP_CRCLEN); 1246 wh = mtod(m, struct ieee80211_frame *); 1247 1248 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1249 } 1250 1251 #if NBPFILTER > 0 1252 /* there are a lot more fields in the Rx descriptor */ 1253 if (sc->sc_drvbpf != NULL) { 1254 struct mbuf mb; 1255 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1256 1257 tap->wr_flags = 0; 1258 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1259 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1260 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1261 1262 mb.m_data = (caddr_t)tap; 1263 mb.m_len = sc->sc_rxtap_len; 1264 mb.m_next = m; 1265 mb.m_nextpkt = NULL; 1266 mb.m_type = 0; 1267 mb.m_flags = 0; 1268 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1269 } 1270 #endif 1271 1272 s = splnet(); 1273 ni = ieee80211_find_rxnode(ic, wh); 1274 rxi.rxi_rssi = (int)betoh32(desc->rssi); 1275 rxi.rxi_tstamp = 0; /* unused */ 1276 ieee80211_input(ifp, m, ni, &rxi); 1277 1278 /* node is no longer needed */ 1279 ieee80211_release_node(ic, ni); 1280 splx(s); 1281 1282 skip: /* setup a new transfer */ 1283 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1284 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1285 (void)usbd_transfer(data->xfer); 1286 } 1287 1288 int 1289 uath_tx_null(struct uath_softc *sc) 1290 { 1291 struct uath_tx_data *data; 1292 struct uath_tx_desc *desc; 1293 1294 data = &sc->tx_data[sc->data_idx]; 1295 1296 data->ni = NULL; 1297 1298 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1299 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1300 1301 bzero(desc, sizeof (struct uath_tx_desc)); 1302 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1303 desc->type = htobe32(UATH_TX_NULL); 1304 1305 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1306 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1307 USBD_FORCE_SHORT_XFER | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 1308 if (usbd_transfer(data->xfer) != 0) 1309 return EIO; 1310 1311 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1312 1313 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1314 } 1315 1316 void 1317 uath_data_txeof(struct usbd_xfer *xfer, void *priv, 1318 usbd_status status) 1319 { 1320 struct uath_tx_data *data = priv; 1321 struct uath_softc *sc = data->sc; 1322 struct ieee80211com *ic = &sc->sc_ic; 1323 struct ifnet *ifp = &ic->ic_if; 1324 int s; 1325 1326 if (status != USBD_NORMAL_COMPLETION) { 1327 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1328 return; 1329 1330 printf("%s: could not transmit buffer: %s\n", 1331 sc->sc_dev.dv_xname, usbd_errstr(status)); 1332 1333 if (status == USBD_STALLED) 1334 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1335 1336 ifp->if_oerrors++; 1337 return; 1338 } 1339 1340 s = splnet(); 1341 1342 ieee80211_release_node(ic, data->ni); 1343 data->ni = NULL; 1344 1345 sc->tx_queued--; 1346 ifp->if_opackets++; 1347 1348 sc->sc_tx_timer = 0; 1349 ifp->if_flags &= ~IFF_OACTIVE; 1350 uath_start(ifp); 1351 1352 splx(s); 1353 } 1354 1355 int 1356 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1357 { 1358 struct ieee80211com *ic = &sc->sc_ic; 1359 struct uath_tx_data *data; 1360 struct uath_tx_desc *desc; 1361 const struct ieee80211_frame *wh; 1362 int paylen, totlen, xferlen, error; 1363 1364 data = &sc->tx_data[sc->data_idx]; 1365 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1366 1367 data->ni = ni; 1368 1369 #if NBPFILTER > 0 1370 if (sc->sc_drvbpf != NULL) { 1371 struct mbuf mb; 1372 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1373 1374 tap->wt_flags = 0; 1375 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1376 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1377 1378 mb.m_data = (caddr_t)tap; 1379 mb.m_len = sc->sc_txtap_len; 1380 mb.m_next = m0; 1381 mb.m_nextpkt = NULL; 1382 mb.m_type = 0; 1383 mb.m_flags = 0; 1384 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1385 } 1386 #endif 1387 1388 paylen = m0->m_pkthdr.len; 1389 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1390 1391 wh = mtod(m0, struct ieee80211_frame *); 1392 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1393 uint8_t *frm = (uint8_t *)(desc + 1); 1394 uint32_t iv; 1395 1396 /* h/w WEP: it's up to the host to fill the IV field */ 1397 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1398 frm += sizeof (struct ieee80211_frame); 1399 1400 /* insert IV: code copied from net80211 */ 1401 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1402 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1403 iv += 0x000100; 1404 ic->ic_iv = iv + 1; 1405 1406 *frm++ = iv & 0xff; 1407 *frm++ = (iv >> 8) & 0xff; 1408 *frm++ = (iv >> 16) & 0xff; 1409 *frm++ = ic->ic_wep_txkey << 6; 1410 1411 m_copydata(m0, sizeof (struct ieee80211_frame), 1412 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1413 1414 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1415 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1416 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1417 } else { 1418 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1419 totlen = xferlen; 1420 } 1421 1422 /* fill Tx descriptor */ 1423 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1424 1425 desc->len = htobe32(totlen); 1426 desc->priv = sc->data_idx; /* don't care about endianness */ 1427 desc->paylen = htobe32(paylen); 1428 desc->type = htobe32(UATH_TX_DATA); 1429 desc->flags = htobe32(0); 1430 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1431 desc->dest = htobe32(UATH_ID_BROADCAST); 1432 desc->magic = htobe32(3); 1433 } else { 1434 desc->dest = htobe32(UATH_ID_BSS); 1435 desc->magic = htobe32(1); 1436 } 1437 1438 m_freem(m0); /* mbuf is no longer needed */ 1439 1440 #ifdef UATH_DEBUG 1441 if (uath_debug >= 6) { 1442 printf("sending frame index=%u len=%d xferlen=%d", 1443 sc->data_idx, paylen, xferlen); 1444 uath_dump_cmd(data->buf, xferlen, '+'); 1445 } 1446 #endif 1447 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1448 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1449 uath_data_txeof); 1450 error = usbd_transfer(data->xfer); 1451 if (error != USBD_IN_PROGRESS && error != 0) { 1452 ic->ic_if.if_oerrors++; 1453 return error; 1454 } 1455 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1456 sc->tx_queued++; 1457 1458 return 0; 1459 } 1460 1461 void 1462 uath_start(struct ifnet *ifp) 1463 { 1464 struct uath_softc *sc = ifp->if_softc; 1465 struct ieee80211com *ic = &sc->sc_ic; 1466 struct ieee80211_node *ni; 1467 struct mbuf *m0; 1468 1469 /* 1470 * net80211 may still try to send management frames even if the 1471 * IFF_RUNNING flag is not set... 1472 */ 1473 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1474 return; 1475 1476 for (;;) { 1477 IF_POLL(&ic->ic_mgtq, m0); 1478 if (m0 != NULL) { 1479 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1480 ifp->if_flags |= IFF_OACTIVE; 1481 break; 1482 } 1483 IF_DEQUEUE(&ic->ic_mgtq, m0); 1484 1485 ni = m0->m_pkthdr.ph_cookie; 1486 #if NBPFILTER > 0 1487 if (ic->ic_rawbpf != NULL) 1488 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1489 #endif 1490 if (uath_tx_data(sc, m0, ni) != 0) 1491 break; 1492 } else { 1493 if (ic->ic_state != IEEE80211_S_RUN) 1494 break; 1495 IFQ_POLL(&ifp->if_snd, m0); 1496 if (m0 == NULL) 1497 break; 1498 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1499 ifp->if_flags |= IFF_OACTIVE; 1500 break; 1501 } 1502 IFQ_DEQUEUE(&ifp->if_snd, m0); 1503 #if NBPFILTER > 0 1504 if (ifp->if_bpf != NULL) 1505 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1506 #endif 1507 m0 = ieee80211_encap(ifp, m0, &ni); 1508 if (m0 == NULL) 1509 continue; 1510 #if NBPFILTER > 0 1511 if (ic->ic_rawbpf != NULL) 1512 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1513 #endif 1514 if (uath_tx_data(sc, m0, ni) != 0) { 1515 if (ni != NULL) 1516 ieee80211_release_node(ic, ni); 1517 ifp->if_oerrors++; 1518 break; 1519 } 1520 } 1521 1522 sc->sc_tx_timer = 5; 1523 ifp->if_timer = 1; 1524 } 1525 } 1526 1527 void 1528 uath_watchdog(struct ifnet *ifp) 1529 { 1530 struct uath_softc *sc = ifp->if_softc; 1531 1532 ifp->if_timer = 0; 1533 1534 if (sc->sc_tx_timer > 0) { 1535 if (--sc->sc_tx_timer == 0) { 1536 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1537 /*uath_init(ifp); XXX needs a process context! */ 1538 ifp->if_oerrors++; 1539 return; 1540 } 1541 ifp->if_timer = 1; 1542 } 1543 1544 ieee80211_watchdog(ifp); 1545 } 1546 1547 int 1548 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1549 { 1550 struct uath_softc *sc = ifp->if_softc; 1551 struct ieee80211com *ic = &sc->sc_ic; 1552 struct ifaddr *ifa; 1553 struct ifreq *ifr; 1554 int s, error = 0; 1555 1556 s = splnet(); 1557 1558 switch (cmd) { 1559 case SIOCSIFADDR: 1560 ifa = (struct ifaddr *)data; 1561 ifp->if_flags |= IFF_UP; 1562 if (ifa->ifa_addr->sa_family == AF_INET) 1563 arp_ifinit(&ic->ic_ac, ifa); 1564 /* FALLTHROUGH */ 1565 case SIOCSIFFLAGS: 1566 if (ifp->if_flags & IFF_UP) { 1567 if (!(ifp->if_flags & IFF_RUNNING)) 1568 uath_init(ifp); 1569 } else { 1570 if (ifp->if_flags & IFF_RUNNING) 1571 uath_stop(ifp, 1); 1572 } 1573 break; 1574 1575 case SIOCADDMULTI: 1576 case SIOCDELMULTI: 1577 ifr = (struct ifreq *)data; 1578 error = (cmd == SIOCADDMULTI) ? 1579 ether_addmulti(ifr, &ic->ic_ac) : 1580 ether_delmulti(ifr, &ic->ic_ac); 1581 if (error == ENETRESET) 1582 error = 0; 1583 break; 1584 1585 default: 1586 error = ieee80211_ioctl(ifp, cmd, data); 1587 } 1588 1589 if (error == ENETRESET) { 1590 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1591 (IFF_UP | IFF_RUNNING)) 1592 uath_init(ifp); 1593 error = 0; 1594 } 1595 1596 splx(s); 1597 1598 return error; 1599 } 1600 1601 int 1602 uath_query_eeprom(struct uath_softc *sc) 1603 { 1604 uint32_t tmp; 1605 int error; 1606 1607 /* retrieve MAC address */ 1608 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1609 if (error != 0) { 1610 printf("%s: could not read MAC address\n", 1611 sc->sc_dev.dv_xname); 1612 return error; 1613 } 1614 1615 /* retrieve the maximum frame size that the hardware can receive */ 1616 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1617 if (error != 0) { 1618 printf("%s: could not read maximum Rx buffer size\n", 1619 sc->sc_dev.dv_xname); 1620 return error; 1621 } 1622 sc->rxbufsz = betoh32(tmp) & 0xfff; 1623 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1624 return 0; 1625 } 1626 1627 int 1628 uath_reset(struct uath_softc *sc) 1629 { 1630 struct uath_cmd_setup setup; 1631 uint32_t reg, val; 1632 int s, error; 1633 1634 /* init device with some voodoo incantations.. */ 1635 setup.magic1 = htobe32(1); 1636 setup.magic2 = htobe32(5); 1637 setup.magic3 = htobe32(200); 1638 setup.magic4 = htobe32(27); 1639 s = splusb(); 1640 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1641 UATH_CMD_FLAG_ASYNC); 1642 /* ..and wait until firmware notifies us that it is ready */ 1643 if (error == 0) 1644 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1645 splx(s); 1646 if (error != 0) 1647 return error; 1648 1649 /* read PHY registers */ 1650 for (reg = 0x09; reg <= 0x24; reg++) { 1651 if (reg == 0x0b || reg == 0x0c) 1652 continue; 1653 DELAY(100); 1654 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1655 return error; 1656 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1657 } 1658 return error; 1659 } 1660 1661 int 1662 uath_reset_tx_queues(struct uath_softc *sc) 1663 { 1664 int ac, error; 1665 1666 for (ac = 0; ac < 4; ac++) { 1667 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1668 1669 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1670 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1671 sizeof qid, 0); 1672 if (error != 0) 1673 break; 1674 } 1675 return error; 1676 } 1677 1678 int 1679 uath_wme_init(struct uath_softc *sc) 1680 { 1681 struct uath_qinfo qinfo; 1682 int ac, error; 1683 static const struct uath_wme_settings uath_wme_11g[4] = { 1684 { 7, 4, 10, 0, 0 }, /* Background */ 1685 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1686 { 3, 3, 4, 26, 0 }, /* Video */ 1687 { 2, 2, 3, 47, 0 } /* Voice */ 1688 }; 1689 1690 bzero(&qinfo, sizeof qinfo); 1691 qinfo.size = htobe32(32); 1692 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1693 qinfo.magic2 = htobe32(1); 1694 for (ac = 0; ac < 4; ac++) { 1695 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1696 qinfo.ac = htobe32(ac); 1697 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1698 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1699 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1700 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1701 uath_wme_11g[ac].txop)); 1702 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1703 1704 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1705 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1706 sizeof qinfo, 0); 1707 if (error != 0) 1708 break; 1709 } 1710 return error; 1711 } 1712 1713 int 1714 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1715 { 1716 struct uath_set_chan chan; 1717 1718 bzero(&chan, sizeof chan); 1719 chan.flags = htobe32(0x1400); 1720 chan.freq = htobe32(c->ic_freq); 1721 chan.magic1 = htobe32(20); 1722 chan.magic2 = htobe32(50); 1723 chan.magic3 = htobe32(1); 1724 1725 DPRINTF(("switching to channel %d\n", 1726 ieee80211_chan2ieee(&sc->sc_ic, c))); 1727 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1728 } 1729 1730 int 1731 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *k, int index) 1732 { 1733 struct uath_cmd_crypto crypto; 1734 int i; 1735 1736 bzero(&crypto, sizeof crypto); 1737 crypto.keyidx = htobe32(index); 1738 crypto.magic1 = htobe32(1); 1739 crypto.size = htobe32(368); 1740 crypto.mask = htobe32(0xffff); 1741 crypto.flags = htobe32(0x80000068); 1742 if (index != UATH_DEFAULT_KEY) 1743 crypto.flags |= htobe32(index << 16); 1744 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1745 1746 /* 1747 * Each byte of the key must be XOR'ed with 10101010 before being 1748 * transmitted to the firmware. 1749 */ 1750 for (i = 0; i < k->k_len; i++) 1751 crypto.key[i] = k->k_key[i] ^ 0xaa; 1752 1753 DPRINTF(("setting crypto key index=%d len=%d\n", index, k->k_len)); 1754 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1755 } 1756 1757 int 1758 uath_set_keys(struct uath_softc *sc) 1759 { 1760 const struct ieee80211com *ic = &sc->sc_ic; 1761 int i, error; 1762 1763 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1764 const struct ieee80211_key *k = &ic->ic_nw_keys[i]; 1765 1766 if (k->k_len > 0 && (error = uath_set_key(sc, k, i)) != 0) 1767 return error; 1768 } 1769 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1770 UATH_DEFAULT_KEY); 1771 } 1772 1773 int 1774 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1775 { 1776 struct uath_cmd_rates rates; 1777 1778 bzero(&rates, sizeof rates); 1779 rates.magic1 = htobe32(0x02); 1780 rates.size = htobe32(1 + sizeof rates.rates); 1781 rates.nrates = rs->rs_nrates; 1782 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1783 1784 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1785 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1786 } 1787 1788 int 1789 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1790 { 1791 struct uath_cmd_filter rxfilter; 1792 1793 rxfilter.filter = htobe32(filter); 1794 rxfilter.flags = htobe32(flags); 1795 1796 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1797 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1798 sizeof rxfilter, 0); 1799 } 1800 1801 int 1802 uath_set_led(struct uath_softc *sc, int which, int on) 1803 { 1804 struct uath_cmd_led led; 1805 1806 led.which = htobe32(which); 1807 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1808 1809 DPRINTFN(2, ("switching %s led %s\n", 1810 (which == UATH_LED_LINK) ? "link" : "activity", 1811 on ? "on" : "off")); 1812 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1813 } 1814 1815 int 1816 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1817 { 1818 uint32_t val; 1819 int error; 1820 1821 /* set radio frequency */ 1822 if ((error = uath_set_chan(sc, c)) != 0) { 1823 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1824 return error; 1825 } 1826 1827 /* reset Tx rings */ 1828 if ((error = uath_reset_tx_queues(sc)) != 0) { 1829 printf("%s: could not reset Tx queues\n", 1830 sc->sc_dev.dv_xname); 1831 return error; 1832 } 1833 1834 /* set Tx rings WME properties */ 1835 if ((error = uath_wme_init(sc)) != 0) { 1836 printf("%s: could not init Tx queues\n", 1837 sc->sc_dev.dv_xname); 1838 return error; 1839 } 1840 1841 val = htobe32(0); 1842 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1843 if (error != 0) { 1844 printf("%s: could not set state\n", sc->sc_dev.dv_xname); 1845 return error; 1846 } 1847 1848 return uath_tx_null(sc); 1849 } 1850 1851 int 1852 uath_init(struct ifnet *ifp) 1853 { 1854 struct uath_softc *sc = ifp->if_softc; 1855 struct ieee80211com *ic = &sc->sc_ic; 1856 struct uath_cmd_31 cmd31; 1857 uint32_t val; 1858 int i, error; 1859 1860 /* reset data and command rings */ 1861 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1862 1863 val = htobe32(0); 1864 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1865 1866 /* set MAC address */ 1867 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1868 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1869 1870 (void)uath_write_reg(sc, 0x02, 0x00000001); 1871 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1872 (void)uath_write_reg(sc, 0x10, 0x00000001); 1873 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1874 1875 /* 1876 * Queue Rx data xfers. 1877 */ 1878 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1879 struct uath_rx_data *data = &sc->rx_data[i]; 1880 1881 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1882 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1883 uath_data_rxeof); 1884 error = usbd_transfer(data->xfer); 1885 if (error != USBD_IN_PROGRESS && error != 0) { 1886 printf("%s: could not queue Rx transfer\n", 1887 sc->sc_dev.dv_xname); 1888 goto fail; 1889 } 1890 } 1891 1892 error = uath_cmd_read(sc, UATH_CMD_07, NULL, 0, &val, 1893 UATH_CMD_FLAG_MAGIC); 1894 if (error != 0) { 1895 printf("%s: could not send read command 07h\n", 1896 sc->sc_dev.dv_xname); 1897 goto fail; 1898 } 1899 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1900 1901 /* set default channel */ 1902 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1903 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1904 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1905 goto fail; 1906 } 1907 1908 if ((error = uath_wme_init(sc)) != 0) { 1909 printf("%s: could not setup WME parameters\n", 1910 sc->sc_dev.dv_xname); 1911 goto fail; 1912 } 1913 1914 /* init MAC registers */ 1915 (void)uath_write_reg(sc, 0x19, 0x00000000); 1916 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1917 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1918 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1919 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1920 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1921 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1922 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1923 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1924 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1925 1926 val = htobe32(4); 1927 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1928 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1929 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1930 1931 if ((error = uath_set_keys(sc)) != 0) { 1932 printf("%s: could not set crypto keys\n", 1933 sc->sc_dev.dv_xname); 1934 goto fail; 1935 } 1936 1937 /* enable Rx */ 1938 (void)uath_set_rxfilter(sc, 0x0000, 4); 1939 (void)uath_set_rxfilter(sc, 0x0817, 1); 1940 1941 cmd31.magic1 = htobe32(0xffffffff); 1942 cmd31.magic2 = htobe32(0xffffffff); 1943 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1944 1945 ifp->if_flags &= ~IFF_OACTIVE; 1946 ifp->if_flags |= IFF_RUNNING; 1947 1948 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1949 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1950 else 1951 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1952 1953 return 0; 1954 1955 fail: uath_stop(ifp, 1); 1956 return error; 1957 } 1958 1959 void 1960 uath_stop(struct ifnet *ifp, int disable) 1961 { 1962 struct uath_softc *sc = ifp->if_softc; 1963 struct ieee80211com *ic = &sc->sc_ic; 1964 uint32_t val; 1965 int s; 1966 1967 s = splusb(); 1968 1969 sc->sc_tx_timer = 0; 1970 ifp->if_timer = 0; 1971 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1972 1973 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1974 1975 val = htobe32(0); 1976 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1977 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1978 1979 val = htobe32(0); 1980 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1981 1982 #if 0 1983 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1984 UATH_CMD_FLAG_MAGIC); 1985 #endif 1986 1987 /* abort any pending transfers */ 1988 usbd_abort_pipe(sc->data_tx_pipe); 1989 usbd_abort_pipe(sc->data_rx_pipe); 1990 usbd_abort_pipe(sc->cmd_tx_pipe); 1991 1992 splx(s); 1993 } 1994 1995 /* 1996 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 1997 * the device will detach itself from the bus and reattach later with a new 1998 * product Id (a la ezusb). XXX this could also be implemented in userland 1999 * through /dev/ugen. 2000 */ 2001 int 2002 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2003 { 2004 struct usbd_xfer *ctlxfer, *txxfer, *rxxfer; 2005 struct uath_fwblock *txblock, *rxblock; 2006 uint8_t *txdata; 2007 int error = 0; 2008 2009 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2010 printf("%s: could not allocate Tx control xfer\n", 2011 sc->sc_dev.dv_xname); 2012 error = USBD_NOMEM; 2013 goto fail1; 2014 } 2015 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2016 if (txblock == NULL) { 2017 printf("%s: could not allocate Tx control block\n", 2018 sc->sc_dev.dv_xname); 2019 error = USBD_NOMEM; 2020 goto fail2; 2021 } 2022 2023 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2024 printf("%s: could not allocate Tx xfer\n", 2025 sc->sc_dev.dv_xname); 2026 error = USBD_NOMEM; 2027 goto fail2; 2028 } 2029 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2030 if (txdata == NULL) { 2031 printf("%s: could not allocate Tx buffer\n", 2032 sc->sc_dev.dv_xname); 2033 error = USBD_NOMEM; 2034 goto fail3; 2035 } 2036 2037 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2038 printf("%s: could not allocate Rx control xfer\n", 2039 sc->sc_dev.dv_xname); 2040 error = USBD_NOMEM; 2041 goto fail3; 2042 } 2043 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2044 if (rxblock == NULL) { 2045 printf("%s: could not allocate Rx control block\n", 2046 sc->sc_dev.dv_xname); 2047 error = USBD_NOMEM; 2048 goto fail4; 2049 } 2050 2051 bzero(txblock, sizeof (struct uath_fwblock)); 2052 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2053 txblock->total = htobe32(len); 2054 2055 while (len > 0) { 2056 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2057 2058 txblock->remain = htobe32(len - mlen); 2059 txblock->len = htobe32(mlen); 2060 2061 DPRINTF(("sending firmware block: %d bytes remaining\n", 2062 len - mlen)); 2063 2064 /* send firmware block meta-data */ 2065 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2066 sizeof (struct uath_fwblock), 2067 USBD_NO_COPY | USBD_SYNCHRONOUS, 2068 UATH_CMD_TIMEOUT, NULL); 2069 if ((error = usbd_transfer(ctlxfer)) != 0) { 2070 printf("%s: could not send firmware block info\n", 2071 sc->sc_dev.dv_xname); 2072 break; 2073 } 2074 2075 /* send firmware block data */ 2076 bcopy(fw, txdata, mlen); 2077 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2078 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 2079 if ((error = usbd_transfer(txxfer)) != 0) { 2080 printf("%s: could not send firmware block data\n", 2081 sc->sc_dev.dv_xname); 2082 break; 2083 } 2084 2085 /* wait for ack from firmware */ 2086 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2087 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2088 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_CMD_TIMEOUT, NULL); 2089 if ((error = usbd_transfer(rxxfer)) != 0) { 2090 printf("%s: could not read firmware answer\n", 2091 sc->sc_dev.dv_xname); 2092 break; 2093 } 2094 2095 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2096 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2097 fw += mlen; 2098 len -= mlen; 2099 } 2100 2101 fail4: usbd_free_xfer(rxxfer); 2102 fail3: usbd_free_xfer(txxfer); 2103 fail2: usbd_free_xfer(ctlxfer); 2104 fail1: return error; 2105 } 2106