1 /* $OpenBSD: if_uath.c,v 1.71 2015/11/04 12:12:00 dlg Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * 23 * IMPORTANT NOTICE: 24 * This driver was written without any documentation or support from Atheros 25 * Communications. It is based on a black-box analysis of the Windows binary 26 * driver. It handles both pre and post-firmware devices. 27 */ 28 29 #include "bpfilter.h" 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/timeout.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 #include <sys/endian.h> 41 42 #include <machine/bus.h> 43 #include <machine/intr.h> 44 45 #if NBPFILTER > 0 46 #include <net/bpf.h> 47 #endif 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <netinet/in.h> 55 #include <netinet/if_ether.h> 56 57 #include <net80211/ieee80211_var.h> 58 #include <net80211/ieee80211_radiotap.h> 59 60 #include <dev/usb/usb.h> 61 #include <dev/usb/usbdi.h> 62 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 63 #include <dev/usb/usbdi_util.h> 64 #include <dev/usb/usbdevs.h> 65 66 #include <dev/usb/if_uathreg.h> 67 #include <dev/usb/if_uathvar.h> 68 69 #ifdef UATH_DEBUG 70 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 71 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 72 int uath_debug = 1; 73 #else 74 #define DPRINTF(x) 75 #define DPRINTFN(n, x) 76 #endif 77 78 /*- 79 * Various supported device vendors/products. 80 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 81 */ 82 #define UATH_DEV(v, p, f) \ 83 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 84 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 85 (f) | UATH_FLAG_PRE_FIRMWARE } 86 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 87 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 88 static const struct uath_type { 89 struct usb_devno dev; 90 unsigned int flags; 91 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 92 #define UATH_FLAG_ABG (1 << 1) 93 } uath_devs[] = { 94 UATH_DEV_UG(ACCTON, SMCWUSBTG2), 95 UATH_DEV_UG(ATHEROS, AR5523), 96 UATH_DEV_UG(ATHEROS2, AR5523_1), 97 UATH_DEV_UG(ATHEROS2, AR5523_2), 98 UATH_DEV_UX(ATHEROS2, AR5523_3), 99 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 100 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 101 UATH_DEV_UX(DLINK, DWLAG122), 102 UATH_DEV_UX(DLINK, DWLAG132), 103 UATH_DEV_UG(DLINK, DWLG132), 104 UATH_DEV_UG(DLINK2, WUA2340), 105 UATH_DEV_UG(GIGASET, AR5523), 106 UATH_DEV_UG(GIGASET, SMCWUSBTG), 107 UATH_DEV_UG(GLOBALSUN, AR5523_1), 108 UATH_DEV_UX(GLOBALSUN, AR5523_2), 109 UATH_DEV_UG(IODATA, USBWNG54US), 110 UATH_DEV_UG(MELCO, WLIU2KAMG54), 111 UATH_DEV_UX(NETGEAR, WG111U), 112 UATH_DEV_UG(NETGEAR3, WG111T), 113 UATH_DEV_UG(NETGEAR3, WPN111), 114 UATH_DEV_UG(PHILIPS, SNU6500), 115 UATH_DEV_UX(UMEDIA, AR5523_2), 116 UATH_DEV_UG(UMEDIA, TEW444UBEU), 117 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 118 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 119 UATH_DEV_UG(ZCOM, AR5523), 120 121 /* Devices that share one of the IDs above. */ 122 { { USB_VENDOR_NETGEAR3, USB_PRODUCT_NETGEAR3_WG111T_1 }, 0 } \ 123 }; 124 #define uath_lookup(v, p) \ 125 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 126 127 void uath_attachhook(void *); 128 int uath_open_pipes(struct uath_softc *); 129 void uath_close_pipes(struct uath_softc *); 130 int uath_alloc_tx_data_list(struct uath_softc *); 131 void uath_free_tx_data_list(struct uath_softc *); 132 int uath_alloc_rx_data_list(struct uath_softc *); 133 void uath_free_rx_data_list(struct uath_softc *); 134 int uath_alloc_tx_cmd_list(struct uath_softc *); 135 void uath_free_tx_cmd_list(struct uath_softc *); 136 int uath_alloc_rx_cmd_list(struct uath_softc *); 137 void uath_free_rx_cmd_list(struct uath_softc *); 138 int uath_media_change(struct ifnet *); 139 void uath_stat(void *); 140 void uath_next_scan(void *); 141 void uath_task(void *); 142 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 143 #ifdef UATH_DEBUG 144 void uath_dump_cmd(const uint8_t *, int, char); 145 #endif 146 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 147 int); 148 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 149 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 150 int); 151 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 152 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 153 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 154 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 155 void uath_cmd_rxeof(struct usbd_xfer *, void *, usbd_status); 156 void uath_data_rxeof(struct usbd_xfer *, void *, usbd_status); 157 void uath_data_txeof(struct usbd_xfer *, void *, usbd_status); 158 int uath_tx_null(struct uath_softc *); 159 int uath_tx_data(struct uath_softc *, struct mbuf *, 160 struct ieee80211_node *); 161 void uath_start(struct ifnet *); 162 void uath_watchdog(struct ifnet *); 163 int uath_ioctl(struct ifnet *, u_long, caddr_t); 164 int uath_query_eeprom(struct uath_softc *); 165 int uath_reset(struct uath_softc *); 166 int uath_reset_tx_queues(struct uath_softc *); 167 int uath_wme_init(struct uath_softc *); 168 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 169 int uath_set_key(struct uath_softc *, const struct ieee80211_key *, int); 170 int uath_set_keys(struct uath_softc *); 171 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 172 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 173 int uath_set_led(struct uath_softc *, int, int); 174 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 175 int uath_init(struct ifnet *); 176 void uath_stop(struct ifnet *, int); 177 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 178 179 int uath_match(struct device *, void *, void *); 180 void uath_attach(struct device *, struct device *, void *); 181 int uath_detach(struct device *, int); 182 183 struct cfdriver uath_cd = { 184 NULL, "uath", DV_IFNET 185 }; 186 187 const struct cfattach uath_ca = { 188 sizeof(struct uath_softc), uath_match, uath_attach, uath_detach 189 }; 190 191 int 192 uath_match(struct device *parent, void *match, void *aux) 193 { 194 struct usb_attach_arg *uaa = aux; 195 196 if (uaa->iface != NULL) 197 return UMATCH_NONE; 198 199 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 200 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 201 } 202 203 void 204 uath_attachhook(void *xsc) 205 { 206 struct uath_softc *sc = xsc; 207 u_char *fw; 208 size_t size; 209 int error; 210 211 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 212 printf("%s: error %d, could not read firmware %s\n", 213 sc->sc_dev.dv_xname, error, "uath-ar5523"); 214 return; 215 } 216 217 error = uath_loadfirmware(sc, fw, size); 218 free(fw, M_DEVBUF, 0); 219 220 if (error == 0) { 221 /* 222 * Hack alert: the device doesn't always gracefully detach 223 * from the bus after a firmware upload. We need to force 224 * a port reset and a re-exploration on the parent hub. 225 */ 226 usbd_reset_port(sc->sc_uhub, sc->sc_port); 227 usb_needs_reattach(sc->sc_udev); 228 } else { 229 printf("%s: could not load firmware (error=%s)\n", 230 sc->sc_dev.dv_xname, usbd_errstr(error)); 231 } 232 } 233 234 void 235 uath_attach(struct device *parent, struct device *self, void *aux) 236 { 237 struct uath_softc *sc = (struct uath_softc *)self; 238 struct usb_attach_arg *uaa = aux; 239 struct ieee80211com *ic = &sc->sc_ic; 240 struct ifnet *ifp = &ic->ic_if; 241 usbd_status error; 242 int i; 243 244 sc->sc_udev = uaa->device; 245 sc->sc_uhub = uaa->device->myhub; 246 sc->sc_port = uaa->port; 247 248 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 249 250 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 251 printf("%s: could not set configuration no\n", 252 sc->sc_dev.dv_xname); 253 return; 254 } 255 256 /* get the first interface handle */ 257 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 258 &sc->sc_iface); 259 if (error != 0) { 260 printf("%s: could not get interface handle\n", 261 sc->sc_dev.dv_xname); 262 return; 263 } 264 265 /* 266 * We must open the pipes early because they're used to upload the 267 * firmware (pre-firmware devices) or to send firmware commands. 268 */ 269 if (uath_open_pipes(sc) != 0) { 270 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 271 return; 272 } 273 274 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 275 if (rootvp == NULL) 276 mountroothook_establish(uath_attachhook, sc); 277 else 278 uath_attachhook(sc); 279 return; 280 } 281 282 /* 283 * Only post-firmware devices here. 284 */ 285 usb_init_task(&sc->sc_task, uath_task, sc, USB_TASK_TYPE_GENERIC); 286 timeout_set(&sc->scan_to, uath_next_scan, sc); 287 timeout_set(&sc->stat_to, uath_stat, sc); 288 289 /* 290 * Allocate xfers for firmware commands. 291 */ 292 if (uath_alloc_tx_cmd_list(sc) != 0) { 293 printf("%s: could not allocate Tx command list\n", 294 sc->sc_dev.dv_xname); 295 goto fail; 296 } 297 if (uath_alloc_rx_cmd_list(sc) != 0) { 298 printf("%s: could not allocate Rx command list\n", 299 sc->sc_dev.dv_xname); 300 goto fail; 301 } 302 303 /* 304 * Queue Rx command xfers. 305 */ 306 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 307 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 308 309 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 310 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 311 USBD_NO_TIMEOUT, uath_cmd_rxeof); 312 error = usbd_transfer(cmd->xfer); 313 if (error != USBD_IN_PROGRESS && error != 0) { 314 printf("%s: could not queue Rx command xfer\n", 315 sc->sc_dev.dv_xname); 316 goto fail; 317 } 318 } 319 320 /* 321 * We're now ready to send/receive firmware commands. 322 */ 323 if (uath_reset(sc) != 0) { 324 printf("%s: could not initialize adapter\n", 325 sc->sc_dev.dv_xname); 326 goto fail; 327 } 328 if (uath_query_eeprom(sc) != 0) { 329 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 330 goto fail; 331 } 332 333 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 334 sc->sc_dev.dv_xname, (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 335 ether_sprintf(ic->ic_myaddr)); 336 337 /* 338 * Allocate xfers for Tx/Rx data pipes. 339 */ 340 if (uath_alloc_tx_data_list(sc) != 0) { 341 printf("%s: could not allocate Tx data list\n", 342 sc->sc_dev.dv_xname); 343 goto fail; 344 } 345 if (uath_alloc_rx_data_list(sc) != 0) { 346 printf("%s: could not allocate Rx data list\n", 347 sc->sc_dev.dv_xname); 348 goto fail; 349 } 350 351 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 352 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 353 ic->ic_state = IEEE80211_S_INIT; 354 355 /* set device capabilities */ 356 ic->ic_caps = 357 IEEE80211_C_MONITOR | /* monitor mode supported */ 358 IEEE80211_C_TXPMGT | /* tx power management */ 359 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 360 IEEE80211_C_SHSLOT | /* short slot time supported */ 361 IEEE80211_C_WEP; /* h/w WEP */ 362 363 /* set supported .11b and .11g rates */ 364 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 365 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 366 367 /* set supported .11b and .11g channels (1 through 14) */ 368 for (i = 1; i <= 14; i++) { 369 ic->ic_channels[i].ic_freq = 370 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 371 ic->ic_channels[i].ic_flags = 372 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 373 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 374 } 375 376 ifp->if_softc = sc; 377 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 378 ifp->if_ioctl = uath_ioctl; 379 ifp->if_start = uath_start; 380 ifp->if_watchdog = uath_watchdog; 381 IFQ_SET_READY(&ifp->if_snd); 382 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 383 384 if_attach(ifp); 385 ieee80211_ifattach(ifp); 386 387 /* override state transition machine */ 388 sc->sc_newstate = ic->ic_newstate; 389 ic->ic_newstate = uath_newstate; 390 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 391 392 #if NBPFILTER > 0 393 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 394 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 395 396 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 397 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 398 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 399 400 sc->sc_txtap_len = sizeof sc->sc_txtapu; 401 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 402 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 403 #endif 404 405 return; 406 407 fail: uath_close_pipes(sc); 408 uath_free_tx_data_list(sc); 409 uath_free_rx_cmd_list(sc); 410 uath_free_tx_cmd_list(sc); 411 usbd_deactivate(sc->sc_udev); 412 } 413 414 int 415 uath_detach(struct device *self, int flags) 416 { 417 struct uath_softc *sc = (struct uath_softc *)self; 418 struct ifnet *ifp = &sc->sc_ic.ic_if; 419 int s; 420 421 s = splnet(); 422 423 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 424 uath_close_pipes(sc); 425 splx(s); 426 return 0; 427 } 428 429 /* post-firmware device */ 430 431 usb_rem_task(sc->sc_udev, &sc->sc_task); 432 if (timeout_initialized(&sc->scan_to)) 433 timeout_del(&sc->scan_to); 434 if (timeout_initialized(&sc->stat_to)) 435 timeout_del(&sc->stat_to); 436 437 /* close Tx/Rx pipes */ 438 uath_close_pipes(sc); 439 440 /* free xfers */ 441 uath_free_tx_data_list(sc); 442 uath_free_rx_data_list(sc); 443 uath_free_tx_cmd_list(sc); 444 uath_free_rx_cmd_list(sc); 445 446 if (ifp->if_softc != NULL) { 447 ieee80211_ifdetach(ifp); /* free all nodes */ 448 if_detach(ifp); 449 } 450 451 splx(s); 452 453 return 0; 454 } 455 456 int 457 uath_open_pipes(struct uath_softc *sc) 458 { 459 int error; 460 461 /* 462 * XXX pipes numbers are hardcoded because we don't have any way 463 * to distinguish the data pipes from the firmware command pipes 464 * (both are bulk pipes) using the endpoints descriptors. 465 */ 466 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 467 &sc->cmd_tx_pipe); 468 if (error != 0) { 469 printf("%s: could not open Tx command pipe: %s\n", 470 sc->sc_dev.dv_xname, usbd_errstr(error)); 471 goto fail; 472 } 473 474 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 475 &sc->data_tx_pipe); 476 if (error != 0) { 477 printf("%s: could not open Tx data pipe: %s\n", 478 sc->sc_dev.dv_xname, usbd_errstr(error)); 479 goto fail; 480 } 481 482 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 483 &sc->cmd_rx_pipe); 484 if (error != 0) { 485 printf("%s: could not open Rx command pipe: %s\n", 486 sc->sc_dev.dv_xname, usbd_errstr(error)); 487 goto fail; 488 } 489 490 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 491 &sc->data_rx_pipe); 492 if (error != 0) { 493 printf("%s: could not open Rx data pipe: %s\n", 494 sc->sc_dev.dv_xname, usbd_errstr(error)); 495 goto fail; 496 } 497 498 return 0; 499 500 fail: uath_close_pipes(sc); 501 return error; 502 } 503 504 void 505 uath_close_pipes(struct uath_softc *sc) 506 { 507 if (sc->data_tx_pipe != NULL) { 508 usbd_close_pipe(sc->data_tx_pipe); 509 sc->data_tx_pipe = NULL; 510 } 511 512 if (sc->data_rx_pipe != NULL) { 513 usbd_close_pipe(sc->data_rx_pipe); 514 sc->data_rx_pipe = NULL; 515 } 516 517 if (sc->cmd_tx_pipe != NULL) { 518 usbd_close_pipe(sc->cmd_tx_pipe); 519 sc->cmd_tx_pipe = NULL; 520 } 521 522 if (sc->cmd_rx_pipe != NULL) { 523 usbd_close_pipe(sc->cmd_rx_pipe); 524 sc->cmd_rx_pipe = NULL; 525 } 526 } 527 528 int 529 uath_alloc_tx_data_list(struct uath_softc *sc) 530 { 531 int i, error; 532 533 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 534 struct uath_tx_data *data = &sc->tx_data[i]; 535 536 data->sc = sc; /* backpointer for callbacks */ 537 538 data->xfer = usbd_alloc_xfer(sc->sc_udev); 539 if (data->xfer == NULL) { 540 printf("%s: could not allocate xfer\n", 541 sc->sc_dev.dv_xname); 542 error = ENOMEM; 543 goto fail; 544 } 545 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 546 if (data->buf == NULL) { 547 printf("%s: could not allocate xfer buffer\n", 548 sc->sc_dev.dv_xname); 549 error = ENOMEM; 550 goto fail; 551 } 552 } 553 return 0; 554 555 fail: uath_free_tx_data_list(sc); 556 return error; 557 } 558 559 void 560 uath_free_tx_data_list(struct uath_softc *sc) 561 { 562 int i; 563 564 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 565 if (sc->tx_data[i].xfer != NULL) { 566 usbd_free_xfer(sc->tx_data[i].xfer); 567 sc->tx_data[i].xfer = NULL; 568 } 569 } 570 571 int 572 uath_alloc_rx_data_list(struct uath_softc *sc) 573 { 574 int i, error; 575 576 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 577 struct uath_rx_data *data = &sc->rx_data[i]; 578 579 data->sc = sc; /* backpointer for callbacks */ 580 581 data->xfer = usbd_alloc_xfer(sc->sc_udev); 582 if (data->xfer == NULL) { 583 printf("%s: could not allocate xfer\n", 584 sc->sc_dev.dv_xname); 585 error = ENOMEM; 586 goto fail; 587 } 588 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 589 printf("%s: could not allocate xfer buffer\n", 590 sc->sc_dev.dv_xname); 591 error = ENOMEM; 592 goto fail; 593 } 594 595 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 596 if (data->m == NULL) { 597 printf("%s: could not allocate rx mbuf\n", 598 sc->sc_dev.dv_xname); 599 error = ENOMEM; 600 goto fail; 601 } 602 MCLGET(data->m, M_DONTWAIT); 603 if (!(data->m->m_flags & M_EXT)) { 604 printf("%s: could not allocate rx mbuf cluster\n", 605 sc->sc_dev.dv_xname); 606 error = ENOMEM; 607 goto fail; 608 } 609 610 data->buf = mtod(data->m, uint8_t *); 611 } 612 return 0; 613 614 fail: uath_free_rx_data_list(sc); 615 return error; 616 } 617 618 void 619 uath_free_rx_data_list(struct uath_softc *sc) 620 { 621 int i; 622 623 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 624 struct uath_rx_data *data = &sc->rx_data[i]; 625 626 if (data->xfer != NULL) { 627 usbd_free_xfer(data->xfer); 628 data->xfer = NULL; 629 } 630 631 if (data->m != NULL) { 632 m_freem(data->m); 633 data->m = NULL; 634 } 635 } 636 } 637 638 int 639 uath_alloc_tx_cmd_list(struct uath_softc *sc) 640 { 641 int i, error; 642 643 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 644 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 645 646 cmd->sc = sc; /* backpointer for callbacks */ 647 648 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 649 if (cmd->xfer == NULL) { 650 printf("%s: could not allocate xfer\n", 651 sc->sc_dev.dv_xname); 652 error = ENOMEM; 653 goto fail; 654 } 655 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 656 if (cmd->buf == NULL) { 657 printf("%s: could not allocate xfer buffer\n", 658 sc->sc_dev.dv_xname); 659 error = ENOMEM; 660 goto fail; 661 } 662 } 663 return 0; 664 665 fail: uath_free_tx_cmd_list(sc); 666 return error; 667 } 668 669 void 670 uath_free_tx_cmd_list(struct uath_softc *sc) 671 { 672 int i; 673 674 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 675 if (sc->tx_cmd[i].xfer != NULL) { 676 usbd_free_xfer(sc->tx_cmd[i].xfer); 677 sc->tx_cmd[i].xfer = NULL; 678 } 679 } 680 681 int 682 uath_alloc_rx_cmd_list(struct uath_softc *sc) 683 { 684 int i, error; 685 686 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 687 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 688 689 cmd->sc = sc; /* backpointer for callbacks */ 690 691 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 692 if (cmd->xfer == NULL) { 693 printf("%s: could not allocate xfer\n", 694 sc->sc_dev.dv_xname); 695 error = ENOMEM; 696 goto fail; 697 } 698 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 699 if (cmd->buf == NULL) { 700 printf("%s: could not allocate xfer buffer\n", 701 sc->sc_dev.dv_xname); 702 error = ENOMEM; 703 goto fail; 704 } 705 } 706 return 0; 707 708 fail: uath_free_rx_cmd_list(sc); 709 return error; 710 } 711 712 void 713 uath_free_rx_cmd_list(struct uath_softc *sc) 714 { 715 int i; 716 717 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 718 if (sc->rx_cmd[i].xfer != NULL) { 719 usbd_free_xfer(sc->rx_cmd[i].xfer); 720 sc->rx_cmd[i].xfer = NULL; 721 } 722 } 723 724 int 725 uath_media_change(struct ifnet *ifp) 726 { 727 int error; 728 729 error = ieee80211_media_change(ifp); 730 if (error != ENETRESET) 731 return error; 732 733 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 734 uath_init(ifp); 735 736 return 0; 737 } 738 739 /* 740 * This function is called periodically (every second) when associated to 741 * query device statistics. 742 */ 743 void 744 uath_stat(void *arg) 745 { 746 struct uath_softc *sc = arg; 747 int error; 748 749 /* 750 * Send request for statistics asynchronously. The timer will be 751 * restarted when we'll get the stats notification. 752 */ 753 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 754 UATH_CMD_FLAG_ASYNC); 755 if (error != 0) { 756 printf("%s: could not query statistics (error=%d)\n", 757 sc->sc_dev.dv_xname, error); 758 } 759 } 760 761 /* 762 * This function is called periodically (every 250ms) during scanning to 763 * switch from one channel to another. 764 */ 765 void 766 uath_next_scan(void *arg) 767 { 768 struct uath_softc *sc = arg; 769 struct ieee80211com *ic = &sc->sc_ic; 770 struct ifnet *ifp = &ic->ic_if; 771 772 if (ic->ic_state == IEEE80211_S_SCAN) 773 ieee80211_next_scan(ifp); 774 } 775 776 void 777 uath_task(void *arg) 778 { 779 struct uath_softc *sc = arg; 780 struct ieee80211com *ic = &sc->sc_ic; 781 enum ieee80211_state ostate; 782 783 ostate = ic->ic_state; 784 785 switch (sc->sc_state) { 786 case IEEE80211_S_INIT: 787 if (ostate == IEEE80211_S_RUN) { 788 /* turn link and activity LEDs off */ 789 (void)uath_set_led(sc, UATH_LED_LINK, 0); 790 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 791 } 792 break; 793 794 case IEEE80211_S_SCAN: 795 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 796 printf("%s: could not switch channel\n", 797 sc->sc_dev.dv_xname); 798 break; 799 } 800 timeout_add_msec(&sc->scan_to, 250); 801 break; 802 803 case IEEE80211_S_AUTH: 804 { 805 struct ieee80211_node *ni = ic->ic_bss; 806 struct uath_cmd_bssid bssid; 807 struct uath_cmd_0b cmd0b; 808 struct uath_cmd_0c cmd0c; 809 810 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 811 printf("%s: could not switch channel\n", 812 sc->sc_dev.dv_xname); 813 break; 814 } 815 816 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 817 818 bzero(&bssid, sizeof bssid); 819 bssid.len = htobe32(IEEE80211_ADDR_LEN); 820 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 821 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 822 sizeof bssid, 0); 823 824 bzero(&cmd0b, sizeof cmd0b); 825 cmd0b.code = htobe32(2); 826 cmd0b.size = htobe32(sizeof (cmd0b.data)); 827 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 828 829 bzero(&cmd0c, sizeof cmd0c); 830 cmd0c.magic1 = htobe32(2); 831 cmd0c.magic2 = htobe32(7); 832 cmd0c.magic3 = htobe32(1); 833 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 834 835 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 836 printf("%s: could not set negotiated rate set\n", 837 sc->sc_dev.dv_xname); 838 break; 839 } 840 break; 841 } 842 843 case IEEE80211_S_ASSOC: 844 break; 845 846 case IEEE80211_S_RUN: 847 { 848 struct ieee80211_node *ni = ic->ic_bss; 849 struct uath_cmd_bssid bssid; 850 struct uath_cmd_xled xled; 851 uint32_t val; 852 853 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 854 /* make both LEDs blink while monitoring */ 855 bzero(&xled, sizeof xled); 856 xled.which = htobe32(0); 857 xled.rate = htobe32(1); 858 xled.mode = htobe32(2); 859 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 860 sizeof xled, 0); 861 break; 862 } 863 864 /* 865 * Tx rate is controlled by firmware, report the maximum 866 * negotiated rate in ifconfig output. 867 */ 868 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 869 870 val = htobe32(1); 871 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 872 873 bzero(&bssid, sizeof bssid); 874 bssid.flags1 = htobe32(0xc004); 875 bssid.flags2 = htobe32(0x003b); 876 bssid.len = htobe32(IEEE80211_ADDR_LEN); 877 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 878 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 879 sizeof bssid, 0); 880 881 /* turn link LED on */ 882 (void)uath_set_led(sc, UATH_LED_LINK, 1); 883 884 /* make activity LED blink */ 885 bzero(&xled, sizeof xled); 886 xled.which = htobe32(1); 887 xled.rate = htobe32(1); 888 xled.mode = htobe32(2); 889 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 890 0); 891 892 /* set state to associated */ 893 val = htobe32(1); 894 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 895 0); 896 897 /* start statistics timer */ 898 timeout_add_sec(&sc->stat_to, 1); 899 break; 900 } 901 } 902 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 903 } 904 905 int 906 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 907 { 908 struct uath_softc *sc = ic->ic_softc; 909 910 usb_rem_task(sc->sc_udev, &sc->sc_task); 911 timeout_del(&sc->scan_to); 912 timeout_del(&sc->stat_to); 913 914 /* do it in a process context */ 915 sc->sc_state = nstate; 916 sc->sc_arg = arg; 917 usb_add_task(sc->sc_udev, &sc->sc_task); 918 return 0; 919 } 920 921 #ifdef UATH_DEBUG 922 void 923 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 924 { 925 int i; 926 927 for (i = 0; i < len; i++) { 928 if ((i % 16) == 0) 929 printf("\n%c ", prefix); 930 else if ((i % 4) == 0) 931 printf(" "); 932 printf("%02x", buf[i]); 933 } 934 printf("\n"); 935 } 936 #endif 937 938 /* 939 * Low-level function to send read or write commands to the firmware. 940 */ 941 int 942 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 943 void *odata, int flags) 944 { 945 struct uath_cmd_hdr *hdr; 946 struct uath_tx_cmd *cmd; 947 uint16_t xferflags; 948 int s, xferlen, error; 949 950 /* grab a xfer */ 951 cmd = &sc->tx_cmd[sc->cmd_idx]; 952 953 /* always bulk-out a multiple of 4 bytes */ 954 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 955 956 hdr = (struct uath_cmd_hdr *)cmd->buf; 957 bzero(hdr, sizeof (struct uath_cmd_hdr)); 958 hdr->len = htobe32(xferlen); 959 hdr->code = htobe32(code); 960 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 961 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 962 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 963 964 #ifdef UATH_DEBUG 965 if (uath_debug >= 5) { 966 printf("sending command code=0x%02x flags=0x%x index=%u", 967 code, flags, sc->cmd_idx); 968 uath_dump_cmd(cmd->buf, xferlen, '+'); 969 } 970 #endif 971 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 972 if (!(flags & UATH_CMD_FLAG_READ)) { 973 if (!(flags & UATH_CMD_FLAG_ASYNC)) 974 xferflags |= USBD_SYNCHRONOUS; 975 } else 976 s = splusb(); 977 978 cmd->odata = odata; 979 980 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 981 xferflags, UATH_CMD_TIMEOUT, NULL); 982 error = usbd_transfer(cmd->xfer); 983 if (error != USBD_IN_PROGRESS && error != 0) { 984 if (flags & UATH_CMD_FLAG_READ) 985 splx(s); 986 printf("%s: could not send command 0x%x (error=%s)\n", 987 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 988 return error; 989 } 990 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 991 992 if (!(flags & UATH_CMD_FLAG_READ)) 993 return 0; /* write: don't wait for reply */ 994 995 /* wait at most two seconds for command reply */ 996 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 997 cmd->odata = NULL; /* in case answer is received too late */ 998 splx(s); 999 if (error != 0) { 1000 printf("%s: timeout waiting for command reply\n", 1001 sc->sc_dev.dv_xname); 1002 } 1003 return error; 1004 } 1005 1006 int 1007 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1008 int flags) 1009 { 1010 flags &= ~UATH_CMD_FLAG_READ; 1011 return uath_cmd(sc, code, data, len, NULL, flags); 1012 } 1013 1014 int 1015 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1016 int ilen, void *odata, int flags) 1017 { 1018 flags |= UATH_CMD_FLAG_READ; 1019 return uath_cmd(sc, code, idata, ilen, odata, flags); 1020 } 1021 1022 int 1023 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1024 { 1025 struct uath_write_mac write; 1026 int error; 1027 1028 write.reg = htobe32(reg); 1029 write.len = htobe32(0); /* 0 = single write */ 1030 *(uint32_t *)write.data = htobe32(val); 1031 1032 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1033 3 * sizeof (uint32_t), 0); 1034 if (error != 0) { 1035 printf("%s: could not write register 0x%02x\n", 1036 sc->sc_dev.dv_xname, reg); 1037 } 1038 return error; 1039 } 1040 1041 int 1042 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1043 int len) 1044 { 1045 struct uath_write_mac write; 1046 int error; 1047 1048 write.reg = htobe32(reg); 1049 write.len = htobe32(len); 1050 bcopy(data, write.data, len); 1051 1052 /* properly handle the case where len is zero (reset) */ 1053 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1054 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1055 if (error != 0) { 1056 printf("%s: could not write %d bytes to register 0x%02x\n", 1057 sc->sc_dev.dv_xname, len, reg); 1058 } 1059 return error; 1060 } 1061 1062 int 1063 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1064 { 1065 struct uath_read_mac read; 1066 int error; 1067 1068 reg = htobe32(reg); 1069 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1070 0); 1071 if (error != 0) { 1072 printf("%s: could not read register 0x%02x\n", 1073 sc->sc_dev.dv_xname, betoh32(reg)); 1074 return error; 1075 } 1076 *val = betoh32(*(uint32_t *)read.data); 1077 return error; 1078 } 1079 1080 int 1081 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1082 { 1083 struct uath_read_mac read; 1084 int len, error; 1085 1086 reg = htobe32(reg); 1087 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1088 &read, 0); 1089 if (error != 0) { 1090 printf("%s: could not read EEPROM offset 0x%02x\n", 1091 sc->sc_dev.dv_xname, betoh32(reg)); 1092 return error; 1093 } 1094 len = betoh32(read.len); 1095 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1096 return error; 1097 } 1098 1099 void 1100 uath_cmd_rxeof(struct usbd_xfer *xfer, void *priv, 1101 usbd_status status) 1102 { 1103 struct uath_rx_cmd *cmd = priv; 1104 struct uath_softc *sc = cmd->sc; 1105 struct uath_cmd_hdr *hdr; 1106 1107 if (status != USBD_NORMAL_COMPLETION) { 1108 if (status == USBD_STALLED) 1109 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1110 return; 1111 } 1112 1113 hdr = (struct uath_cmd_hdr *)cmd->buf; 1114 1115 #ifdef UATH_DEBUG 1116 if (uath_debug >= 5) { 1117 printf("received command code=0x%x index=%u len=%u", 1118 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1119 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1120 } 1121 #endif 1122 1123 switch (betoh32(hdr->code) & 0xff) { 1124 /* reply to a read command */ 1125 default: 1126 { 1127 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1128 1129 if (txcmd->odata != NULL) { 1130 /* copy answer into caller's supplied buffer */ 1131 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1132 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1133 } 1134 wakeup(txcmd); /* wake up caller */ 1135 break; 1136 } 1137 /* spontaneous firmware notifications */ 1138 case UATH_NOTIF_READY: 1139 DPRINTF(("received device ready notification\n")); 1140 wakeup(UATH_COND_INIT(sc)); 1141 break; 1142 1143 case UATH_NOTIF_TX: 1144 /* this notification is sent when UATH_TX_NOTIFY is set */ 1145 DPRINTF(("received Tx notification\n")); 1146 break; 1147 1148 case UATH_NOTIF_STATS: 1149 DPRINTFN(2, ("received device statistics\n")); 1150 timeout_add_sec(&sc->stat_to, 1); 1151 break; 1152 } 1153 1154 /* setup a new transfer */ 1155 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1156 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1157 uath_cmd_rxeof); 1158 (void)usbd_transfer(xfer); 1159 } 1160 1161 void 1162 uath_data_rxeof(struct usbd_xfer *xfer, void *priv, 1163 usbd_status status) 1164 { 1165 struct uath_rx_data *data = priv; 1166 struct uath_softc *sc = data->sc; 1167 struct ieee80211com *ic = &sc->sc_ic; 1168 struct ifnet *ifp = &ic->ic_if; 1169 struct ieee80211_frame *wh; 1170 struct ieee80211_rxinfo rxi; 1171 struct ieee80211_node *ni; 1172 struct uath_rx_desc *desc; 1173 struct mbuf *mnew, *m; 1174 uint32_t hdr; 1175 int s, len; 1176 1177 if (status != USBD_NORMAL_COMPLETION) { 1178 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1179 return; 1180 1181 if (status == USBD_STALLED) 1182 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1183 1184 ifp->if_ierrors++; 1185 return; 1186 } 1187 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1188 1189 if (len < UATH_MIN_RXBUFSZ) { 1190 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1191 ifp->if_ierrors++; 1192 goto skip; 1193 } 1194 1195 hdr = betoh32(*(uint32_t *)data->buf); 1196 1197 /* Rx descriptor is located at the end, 32-bit aligned */ 1198 desc = (struct uath_rx_desc *) 1199 (data->buf + len - sizeof (struct uath_rx_desc)); 1200 1201 if (betoh32(desc->len) > sc->rxbufsz) { 1202 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1203 ifp->if_ierrors++; 1204 goto skip; 1205 } 1206 1207 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1208 1209 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1210 if (mnew == NULL) { 1211 printf("%s: could not allocate rx mbuf\n", 1212 sc->sc_dev.dv_xname); 1213 ifp->if_ierrors++; 1214 goto skip; 1215 } 1216 MCLGET(mnew, M_DONTWAIT); 1217 if (!(mnew->m_flags & M_EXT)) { 1218 printf("%s: could not allocate rx mbuf cluster\n", 1219 sc->sc_dev.dv_xname); 1220 m_freem(mnew); 1221 ifp->if_ierrors++; 1222 goto skip; 1223 } 1224 1225 m = data->m; 1226 data->m = mnew; 1227 1228 /* finalize mbuf */ 1229 m->m_data = data->buf + sizeof (uint32_t); 1230 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1231 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1232 1233 data->buf = mtod(data->m, uint8_t *); 1234 1235 wh = mtod(m, struct ieee80211_frame *); 1236 rxi.rxi_flags = 0; 1237 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1238 ic->ic_opmode != IEEE80211_M_MONITOR) { 1239 /* 1240 * Hardware decrypts the frame itself but leaves the WEP bit 1241 * set in the 802.11 header and doesn't remove the IV and CRC 1242 * fields. 1243 */ 1244 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1245 memmove((caddr_t)wh + IEEE80211_WEP_IVLEN + 1246 IEEE80211_WEP_KIDLEN, wh, sizeof (struct ieee80211_frame)); 1247 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1248 m_adj(m, -IEEE80211_WEP_CRCLEN); 1249 wh = mtod(m, struct ieee80211_frame *); 1250 1251 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1252 } 1253 1254 #if NBPFILTER > 0 1255 /* there are a lot more fields in the Rx descriptor */ 1256 if (sc->sc_drvbpf != NULL) { 1257 struct mbuf mb; 1258 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1259 1260 tap->wr_flags = 0; 1261 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1262 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1263 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1264 1265 mb.m_data = (caddr_t)tap; 1266 mb.m_len = sc->sc_rxtap_len; 1267 mb.m_next = m; 1268 mb.m_nextpkt = NULL; 1269 mb.m_type = 0; 1270 mb.m_flags = 0; 1271 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1272 } 1273 #endif 1274 1275 s = splnet(); 1276 ni = ieee80211_find_rxnode(ic, wh); 1277 rxi.rxi_rssi = (int)betoh32(desc->rssi); 1278 rxi.rxi_tstamp = 0; /* unused */ 1279 ieee80211_input(ifp, m, ni, &rxi); 1280 1281 /* node is no longer needed */ 1282 ieee80211_release_node(ic, ni); 1283 splx(s); 1284 1285 skip: /* setup a new transfer */ 1286 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1287 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1288 (void)usbd_transfer(data->xfer); 1289 } 1290 1291 int 1292 uath_tx_null(struct uath_softc *sc) 1293 { 1294 struct uath_tx_data *data; 1295 struct uath_tx_desc *desc; 1296 1297 data = &sc->tx_data[sc->data_idx]; 1298 1299 data->ni = NULL; 1300 1301 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1302 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1303 1304 bzero(desc, sizeof (struct uath_tx_desc)); 1305 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1306 desc->type = htobe32(UATH_TX_NULL); 1307 1308 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1309 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1310 USBD_FORCE_SHORT_XFER | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 1311 if (usbd_transfer(data->xfer) != 0) 1312 return EIO; 1313 1314 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1315 1316 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1317 } 1318 1319 void 1320 uath_data_txeof(struct usbd_xfer *xfer, void *priv, 1321 usbd_status status) 1322 { 1323 struct uath_tx_data *data = priv; 1324 struct uath_softc *sc = data->sc; 1325 struct ieee80211com *ic = &sc->sc_ic; 1326 struct ifnet *ifp = &ic->ic_if; 1327 int s; 1328 1329 if (status != USBD_NORMAL_COMPLETION) { 1330 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1331 return; 1332 1333 printf("%s: could not transmit buffer: %s\n", 1334 sc->sc_dev.dv_xname, usbd_errstr(status)); 1335 1336 if (status == USBD_STALLED) 1337 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1338 1339 ifp->if_oerrors++; 1340 return; 1341 } 1342 1343 s = splnet(); 1344 1345 ieee80211_release_node(ic, data->ni); 1346 data->ni = NULL; 1347 1348 sc->tx_queued--; 1349 ifp->if_opackets++; 1350 1351 sc->sc_tx_timer = 0; 1352 ifp->if_flags &= ~IFF_OACTIVE; 1353 uath_start(ifp); 1354 1355 splx(s); 1356 } 1357 1358 int 1359 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1360 { 1361 struct ieee80211com *ic = &sc->sc_ic; 1362 struct uath_tx_data *data; 1363 struct uath_tx_desc *desc; 1364 const struct ieee80211_frame *wh; 1365 int paylen, totlen, xferlen, error; 1366 1367 data = &sc->tx_data[sc->data_idx]; 1368 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1369 1370 data->ni = ni; 1371 1372 #if NBPFILTER > 0 1373 if (sc->sc_drvbpf != NULL) { 1374 struct mbuf mb; 1375 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1376 1377 tap->wt_flags = 0; 1378 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1379 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1380 1381 mb.m_data = (caddr_t)tap; 1382 mb.m_len = sc->sc_txtap_len; 1383 mb.m_next = m0; 1384 mb.m_nextpkt = NULL; 1385 mb.m_type = 0; 1386 mb.m_flags = 0; 1387 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1388 } 1389 #endif 1390 1391 paylen = m0->m_pkthdr.len; 1392 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1393 1394 wh = mtod(m0, struct ieee80211_frame *); 1395 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1396 uint8_t *frm = (uint8_t *)(desc + 1); 1397 uint32_t iv; 1398 1399 /* h/w WEP: it's up to the host to fill the IV field */ 1400 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1401 frm += sizeof (struct ieee80211_frame); 1402 1403 /* insert IV: code copied from net80211 */ 1404 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1405 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1406 iv += 0x000100; 1407 ic->ic_iv = iv + 1; 1408 1409 *frm++ = iv & 0xff; 1410 *frm++ = (iv >> 8) & 0xff; 1411 *frm++ = (iv >> 16) & 0xff; 1412 *frm++ = ic->ic_wep_txkey << 6; 1413 1414 m_copydata(m0, sizeof (struct ieee80211_frame), 1415 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1416 1417 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1418 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1419 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1420 } else { 1421 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1422 totlen = xferlen; 1423 } 1424 1425 /* fill Tx descriptor */ 1426 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1427 1428 desc->len = htobe32(totlen); 1429 desc->priv = sc->data_idx; /* don't care about endianness */ 1430 desc->paylen = htobe32(paylen); 1431 desc->type = htobe32(UATH_TX_DATA); 1432 desc->flags = htobe32(0); 1433 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1434 desc->dest = htobe32(UATH_ID_BROADCAST); 1435 desc->magic = htobe32(3); 1436 } else { 1437 desc->dest = htobe32(UATH_ID_BSS); 1438 desc->magic = htobe32(1); 1439 } 1440 1441 m_freem(m0); /* mbuf is no longer needed */ 1442 1443 #ifdef UATH_DEBUG 1444 if (uath_debug >= 6) { 1445 printf("sending frame index=%u len=%d xferlen=%d", 1446 sc->data_idx, paylen, xferlen); 1447 uath_dump_cmd(data->buf, xferlen, '+'); 1448 } 1449 #endif 1450 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1451 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1452 uath_data_txeof); 1453 error = usbd_transfer(data->xfer); 1454 if (error != USBD_IN_PROGRESS && error != 0) { 1455 ic->ic_if.if_oerrors++; 1456 return error; 1457 } 1458 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1459 sc->tx_queued++; 1460 1461 return 0; 1462 } 1463 1464 void 1465 uath_start(struct ifnet *ifp) 1466 { 1467 struct uath_softc *sc = ifp->if_softc; 1468 struct ieee80211com *ic = &sc->sc_ic; 1469 struct ieee80211_node *ni; 1470 struct mbuf *m0; 1471 1472 /* 1473 * net80211 may still try to send management frames even if the 1474 * IFF_RUNNING flag is not set... 1475 */ 1476 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1477 return; 1478 1479 for (;;) { 1480 m0 = mq_dequeue(&ic->ic_mgtq); 1481 if (m0 != NULL) { 1482 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1483 mq_requeue(&ic->ic_mgtq, m0); 1484 ifp->if_flags |= IFF_OACTIVE; 1485 break; 1486 } 1487 1488 ni = m0->m_pkthdr.ph_cookie; 1489 #if NBPFILTER > 0 1490 if (ic->ic_rawbpf != NULL) 1491 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1492 #endif 1493 if (uath_tx_data(sc, m0, ni) != 0) 1494 break; 1495 } else { 1496 if (ic->ic_state != IEEE80211_S_RUN) 1497 break; 1498 IFQ_POLL(&ifp->if_snd, m0); 1499 if (m0 == NULL) 1500 break; 1501 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1502 ifp->if_flags |= IFF_OACTIVE; 1503 break; 1504 } 1505 IFQ_DEQUEUE(&ifp->if_snd, m0); 1506 #if NBPFILTER > 0 1507 if (ifp->if_bpf != NULL) 1508 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1509 #endif 1510 m0 = ieee80211_encap(ifp, m0, &ni); 1511 if (m0 == NULL) 1512 continue; 1513 #if NBPFILTER > 0 1514 if (ic->ic_rawbpf != NULL) 1515 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1516 #endif 1517 if (uath_tx_data(sc, m0, ni) != 0) { 1518 if (ni != NULL) 1519 ieee80211_release_node(ic, ni); 1520 ifp->if_oerrors++; 1521 break; 1522 } 1523 } 1524 1525 sc->sc_tx_timer = 5; 1526 ifp->if_timer = 1; 1527 } 1528 } 1529 1530 void 1531 uath_watchdog(struct ifnet *ifp) 1532 { 1533 struct uath_softc *sc = ifp->if_softc; 1534 1535 ifp->if_timer = 0; 1536 1537 if (sc->sc_tx_timer > 0) { 1538 if (--sc->sc_tx_timer == 0) { 1539 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1540 /*uath_init(ifp); XXX needs a process context! */ 1541 ifp->if_oerrors++; 1542 return; 1543 } 1544 ifp->if_timer = 1; 1545 } 1546 1547 ieee80211_watchdog(ifp); 1548 } 1549 1550 int 1551 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1552 { 1553 struct uath_softc *sc = ifp->if_softc; 1554 struct ieee80211com *ic = &sc->sc_ic; 1555 struct ifreq *ifr; 1556 int s, error = 0; 1557 1558 s = splnet(); 1559 1560 switch (cmd) { 1561 case SIOCSIFADDR: 1562 ifp->if_flags |= IFF_UP; 1563 /* FALLTHROUGH */ 1564 case SIOCSIFFLAGS: 1565 if (ifp->if_flags & IFF_UP) { 1566 if (!(ifp->if_flags & IFF_RUNNING)) 1567 uath_init(ifp); 1568 } else { 1569 if (ifp->if_flags & IFF_RUNNING) 1570 uath_stop(ifp, 1); 1571 } 1572 break; 1573 1574 case SIOCADDMULTI: 1575 case SIOCDELMULTI: 1576 ifr = (struct ifreq *)data; 1577 error = (cmd == SIOCADDMULTI) ? 1578 ether_addmulti(ifr, &ic->ic_ac) : 1579 ether_delmulti(ifr, &ic->ic_ac); 1580 if (error == ENETRESET) 1581 error = 0; 1582 break; 1583 1584 default: 1585 error = ieee80211_ioctl(ifp, cmd, data); 1586 } 1587 1588 if (error == ENETRESET) { 1589 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1590 (IFF_UP | IFF_RUNNING)) 1591 uath_init(ifp); 1592 error = 0; 1593 } 1594 1595 splx(s); 1596 1597 return error; 1598 } 1599 1600 int 1601 uath_query_eeprom(struct uath_softc *sc) 1602 { 1603 uint32_t tmp; 1604 int error; 1605 1606 /* retrieve MAC address */ 1607 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1608 if (error != 0) { 1609 printf("%s: could not read MAC address\n", 1610 sc->sc_dev.dv_xname); 1611 return error; 1612 } 1613 1614 /* retrieve the maximum frame size that the hardware can receive */ 1615 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1616 if (error != 0) { 1617 printf("%s: could not read maximum Rx buffer size\n", 1618 sc->sc_dev.dv_xname); 1619 return error; 1620 } 1621 sc->rxbufsz = betoh32(tmp) & 0xfff; 1622 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1623 return 0; 1624 } 1625 1626 int 1627 uath_reset(struct uath_softc *sc) 1628 { 1629 struct uath_cmd_setup setup; 1630 uint32_t reg, val; 1631 int s, error; 1632 1633 /* init device with some voodoo incantations.. */ 1634 setup.magic1 = htobe32(1); 1635 setup.magic2 = htobe32(5); 1636 setup.magic3 = htobe32(200); 1637 setup.magic4 = htobe32(27); 1638 s = splusb(); 1639 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1640 UATH_CMD_FLAG_ASYNC); 1641 /* ..and wait until firmware notifies us that it is ready */ 1642 if (error == 0) 1643 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1644 splx(s); 1645 if (error != 0) 1646 return error; 1647 1648 /* read PHY registers */ 1649 for (reg = 0x09; reg <= 0x24; reg++) { 1650 if (reg == 0x0b || reg == 0x0c) 1651 continue; 1652 DELAY(100); 1653 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1654 return error; 1655 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1656 } 1657 return error; 1658 } 1659 1660 int 1661 uath_reset_tx_queues(struct uath_softc *sc) 1662 { 1663 int ac, error; 1664 1665 for (ac = 0; ac < 4; ac++) { 1666 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1667 1668 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1669 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1670 sizeof qid, 0); 1671 if (error != 0) 1672 break; 1673 } 1674 return error; 1675 } 1676 1677 int 1678 uath_wme_init(struct uath_softc *sc) 1679 { 1680 struct uath_qinfo qinfo; 1681 int ac, error; 1682 static const struct uath_wme_settings uath_wme_11g[4] = { 1683 { 7, 4, 10, 0, 0 }, /* Background */ 1684 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1685 { 3, 3, 4, 26, 0 }, /* Video */ 1686 { 2, 2, 3, 47, 0 } /* Voice */ 1687 }; 1688 1689 bzero(&qinfo, sizeof qinfo); 1690 qinfo.size = htobe32(32); 1691 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1692 qinfo.magic2 = htobe32(1); 1693 for (ac = 0; ac < 4; ac++) { 1694 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1695 qinfo.ac = htobe32(ac); 1696 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1697 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1698 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1699 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1700 uath_wme_11g[ac].txop)); 1701 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1702 1703 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1704 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1705 sizeof qinfo, 0); 1706 if (error != 0) 1707 break; 1708 } 1709 return error; 1710 } 1711 1712 int 1713 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1714 { 1715 struct uath_set_chan chan; 1716 1717 bzero(&chan, sizeof chan); 1718 chan.flags = htobe32(0x1400); 1719 chan.freq = htobe32(c->ic_freq); 1720 chan.magic1 = htobe32(20); 1721 chan.magic2 = htobe32(50); 1722 chan.magic3 = htobe32(1); 1723 1724 DPRINTF(("switching to channel %d\n", 1725 ieee80211_chan2ieee(&sc->sc_ic, c))); 1726 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1727 } 1728 1729 int 1730 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *k, int index) 1731 { 1732 struct uath_cmd_crypto crypto; 1733 int i; 1734 1735 bzero(&crypto, sizeof crypto); 1736 crypto.keyidx = htobe32(index); 1737 crypto.magic1 = htobe32(1); 1738 crypto.size = htobe32(368); 1739 crypto.mask = htobe32(0xffff); 1740 crypto.flags = htobe32(0x80000068); 1741 if (index != UATH_DEFAULT_KEY) 1742 crypto.flags |= htobe32(index << 16); 1743 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1744 1745 /* 1746 * Each byte of the key must be XOR'ed with 10101010 before being 1747 * transmitted to the firmware. 1748 */ 1749 for (i = 0; i < k->k_len; i++) 1750 crypto.key[i] = k->k_key[i] ^ 0xaa; 1751 1752 DPRINTF(("setting crypto key index=%d len=%d\n", index, k->k_len)); 1753 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1754 } 1755 1756 int 1757 uath_set_keys(struct uath_softc *sc) 1758 { 1759 const struct ieee80211com *ic = &sc->sc_ic; 1760 int i, error; 1761 1762 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1763 const struct ieee80211_key *k = &ic->ic_nw_keys[i]; 1764 1765 if (k->k_len > 0 && (error = uath_set_key(sc, k, i)) != 0) 1766 return error; 1767 } 1768 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1769 UATH_DEFAULT_KEY); 1770 } 1771 1772 int 1773 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1774 { 1775 struct uath_cmd_rates rates; 1776 1777 bzero(&rates, sizeof rates); 1778 rates.magic1 = htobe32(0x02); 1779 rates.size = htobe32(1 + sizeof rates.rates); 1780 rates.nrates = rs->rs_nrates; 1781 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1782 1783 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1784 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1785 } 1786 1787 int 1788 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1789 { 1790 struct uath_cmd_filter rxfilter; 1791 1792 rxfilter.filter = htobe32(filter); 1793 rxfilter.flags = htobe32(flags); 1794 1795 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1796 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1797 sizeof rxfilter, 0); 1798 } 1799 1800 int 1801 uath_set_led(struct uath_softc *sc, int which, int on) 1802 { 1803 struct uath_cmd_led led; 1804 1805 led.which = htobe32(which); 1806 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1807 1808 DPRINTFN(2, ("switching %s led %s\n", 1809 (which == UATH_LED_LINK) ? "link" : "activity", 1810 on ? "on" : "off")); 1811 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1812 } 1813 1814 int 1815 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1816 { 1817 uint32_t val; 1818 int error; 1819 1820 /* set radio frequency */ 1821 if ((error = uath_set_chan(sc, c)) != 0) { 1822 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1823 return error; 1824 } 1825 1826 /* reset Tx rings */ 1827 if ((error = uath_reset_tx_queues(sc)) != 0) { 1828 printf("%s: could not reset Tx queues\n", 1829 sc->sc_dev.dv_xname); 1830 return error; 1831 } 1832 1833 /* set Tx rings WME properties */ 1834 if ((error = uath_wme_init(sc)) != 0) { 1835 printf("%s: could not init Tx queues\n", 1836 sc->sc_dev.dv_xname); 1837 return error; 1838 } 1839 1840 val = htobe32(0); 1841 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1842 if (error != 0) { 1843 printf("%s: could not set state\n", sc->sc_dev.dv_xname); 1844 return error; 1845 } 1846 1847 return uath_tx_null(sc); 1848 } 1849 1850 int 1851 uath_init(struct ifnet *ifp) 1852 { 1853 struct uath_softc *sc = ifp->if_softc; 1854 struct ieee80211com *ic = &sc->sc_ic; 1855 struct uath_cmd_31 cmd31; 1856 uint32_t val; 1857 int i, error; 1858 1859 /* reset data and command rings */ 1860 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1861 1862 val = htobe32(0); 1863 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1864 1865 /* set MAC address */ 1866 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1867 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1868 1869 (void)uath_write_reg(sc, 0x02, 0x00000001); 1870 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1871 (void)uath_write_reg(sc, 0x10, 0x00000001); 1872 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1873 1874 /* 1875 * Queue Rx data xfers. 1876 */ 1877 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1878 struct uath_rx_data *data = &sc->rx_data[i]; 1879 1880 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1881 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1882 uath_data_rxeof); 1883 error = usbd_transfer(data->xfer); 1884 if (error != USBD_IN_PROGRESS && error != 0) { 1885 printf("%s: could not queue Rx transfer\n", 1886 sc->sc_dev.dv_xname); 1887 goto fail; 1888 } 1889 } 1890 1891 error = uath_cmd_read(sc, UATH_CMD_07, NULL, 0, &val, 1892 UATH_CMD_FLAG_MAGIC); 1893 if (error != 0) { 1894 printf("%s: could not send read command 07h\n", 1895 sc->sc_dev.dv_xname); 1896 goto fail; 1897 } 1898 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1899 1900 /* set default channel */ 1901 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1902 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1903 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1904 goto fail; 1905 } 1906 1907 if ((error = uath_wme_init(sc)) != 0) { 1908 printf("%s: could not setup WME parameters\n", 1909 sc->sc_dev.dv_xname); 1910 goto fail; 1911 } 1912 1913 /* init MAC registers */ 1914 (void)uath_write_reg(sc, 0x19, 0x00000000); 1915 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1916 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1917 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1918 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1919 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1920 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1921 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1922 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1923 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1924 1925 val = htobe32(4); 1926 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1927 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1928 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1929 1930 if ((error = uath_set_keys(sc)) != 0) { 1931 printf("%s: could not set crypto keys\n", 1932 sc->sc_dev.dv_xname); 1933 goto fail; 1934 } 1935 1936 /* enable Rx */ 1937 (void)uath_set_rxfilter(sc, 0x0000, 4); 1938 (void)uath_set_rxfilter(sc, 0x0817, 1); 1939 1940 cmd31.magic1 = htobe32(0xffffffff); 1941 cmd31.magic2 = htobe32(0xffffffff); 1942 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1943 1944 ifp->if_flags &= ~IFF_OACTIVE; 1945 ifp->if_flags |= IFF_RUNNING; 1946 1947 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1948 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1949 else 1950 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1951 1952 return 0; 1953 1954 fail: uath_stop(ifp, 1); 1955 return error; 1956 } 1957 1958 void 1959 uath_stop(struct ifnet *ifp, int disable) 1960 { 1961 struct uath_softc *sc = ifp->if_softc; 1962 struct ieee80211com *ic = &sc->sc_ic; 1963 uint32_t val; 1964 int s; 1965 1966 s = splusb(); 1967 1968 sc->sc_tx_timer = 0; 1969 ifp->if_timer = 0; 1970 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1971 1972 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1973 1974 val = htobe32(0); 1975 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1976 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1977 1978 val = htobe32(0); 1979 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1980 1981 #if 0 1982 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1983 UATH_CMD_FLAG_MAGIC); 1984 #endif 1985 1986 /* abort any pending transfers */ 1987 usbd_abort_pipe(sc->data_tx_pipe); 1988 usbd_abort_pipe(sc->data_rx_pipe); 1989 usbd_abort_pipe(sc->cmd_tx_pipe); 1990 1991 splx(s); 1992 } 1993 1994 /* 1995 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 1996 * the device will detach itself from the bus and reattach later with a new 1997 * product Id (a la ezusb). XXX this could also be implemented in userland 1998 * through /dev/ugen. 1999 */ 2000 int 2001 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2002 { 2003 struct usbd_xfer *ctlxfer, *txxfer, *rxxfer; 2004 struct uath_fwblock *txblock, *rxblock; 2005 uint8_t *txdata; 2006 int error = 0; 2007 2008 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2009 printf("%s: could not allocate Tx control xfer\n", 2010 sc->sc_dev.dv_xname); 2011 error = USBD_NOMEM; 2012 goto fail1; 2013 } 2014 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2015 if (txblock == NULL) { 2016 printf("%s: could not allocate Tx control block\n", 2017 sc->sc_dev.dv_xname); 2018 error = USBD_NOMEM; 2019 goto fail2; 2020 } 2021 2022 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2023 printf("%s: could not allocate Tx xfer\n", 2024 sc->sc_dev.dv_xname); 2025 error = USBD_NOMEM; 2026 goto fail2; 2027 } 2028 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2029 if (txdata == NULL) { 2030 printf("%s: could not allocate Tx buffer\n", 2031 sc->sc_dev.dv_xname); 2032 error = USBD_NOMEM; 2033 goto fail3; 2034 } 2035 2036 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2037 printf("%s: could not allocate Rx control xfer\n", 2038 sc->sc_dev.dv_xname); 2039 error = USBD_NOMEM; 2040 goto fail3; 2041 } 2042 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2043 if (rxblock == NULL) { 2044 printf("%s: could not allocate Rx control block\n", 2045 sc->sc_dev.dv_xname); 2046 error = USBD_NOMEM; 2047 goto fail4; 2048 } 2049 2050 bzero(txblock, sizeof (struct uath_fwblock)); 2051 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2052 txblock->total = htobe32(len); 2053 2054 while (len > 0) { 2055 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2056 2057 txblock->remain = htobe32(len - mlen); 2058 txblock->len = htobe32(mlen); 2059 2060 DPRINTF(("sending firmware block: %d bytes remaining\n", 2061 len - mlen)); 2062 2063 /* send firmware block meta-data */ 2064 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2065 sizeof (struct uath_fwblock), 2066 USBD_NO_COPY | USBD_SYNCHRONOUS, 2067 UATH_CMD_TIMEOUT, NULL); 2068 if ((error = usbd_transfer(ctlxfer)) != 0) { 2069 printf("%s: could not send firmware block info\n", 2070 sc->sc_dev.dv_xname); 2071 break; 2072 } 2073 2074 /* send firmware block data */ 2075 bcopy(fw, txdata, mlen); 2076 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2077 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 2078 if ((error = usbd_transfer(txxfer)) != 0) { 2079 printf("%s: could not send firmware block data\n", 2080 sc->sc_dev.dv_xname); 2081 break; 2082 } 2083 2084 /* wait for ack from firmware */ 2085 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2086 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2087 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_CMD_TIMEOUT, NULL); 2088 if ((error = usbd_transfer(rxxfer)) != 0) { 2089 printf("%s: could not read firmware answer\n", 2090 sc->sc_dev.dv_xname); 2091 break; 2092 } 2093 2094 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2095 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2096 fw += mlen; 2097 len -= mlen; 2098 } 2099 2100 fail4: usbd_free_xfer(rxxfer); 2101 fail3: usbd_free_xfer(txxfer); 2102 fail2: usbd_free_xfer(ctlxfer); 2103 fail1: return error; 2104 } 2105