1 /* $OpenBSD: if_uath.c,v 1.51 2011/07/03 15:47:17 matthew Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * 23 * IMPORTANT NOTICE: 24 * This driver was written without any documentation or support from Atheros 25 * Communications. It is based on a black-box analysis of the Windows binary 26 * driver. It handles both pre and post-firmware devices. 27 */ 28 29 #include "bpfilter.h" 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/timeout.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 41 #include <machine/bus.h> 42 #include <machine/endian.h> 43 #include <machine/intr.h> 44 45 #if NBPFILTER > 0 46 #include <net/bpf.h> 47 #endif 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <netinet/in.h> 55 #include <netinet/in_systm.h> 56 #include <netinet/in_var.h> 57 #include <netinet/if_ether.h> 58 #include <netinet/ip.h> 59 60 #include <net80211/ieee80211_var.h> 61 #include <net80211/ieee80211_radiotap.h> 62 63 #include <dev/rndvar.h> 64 #include <crypto/arc4.h> 65 66 #include <dev/usb/usb.h> 67 #include <dev/usb/usbdi.h> 68 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 69 #include <dev/usb/usbdi_util.h> 70 #include <dev/usb/usbdevs.h> 71 72 #include <dev/usb/if_uathreg.h> 73 #include <dev/usb/if_uathvar.h> 74 75 #ifdef USB_DEBUG 76 #define UATH_DEBUG 77 #endif 78 79 #ifdef UATH_DEBUG 80 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 81 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 82 int uath_debug = 1; 83 #else 84 #define DPRINTF(x) 85 #define DPRINTFN(n, x) 86 #endif 87 88 /*- 89 * Various supported device vendors/products. 90 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 91 */ 92 #define UATH_DEV(v, p, f) \ 93 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 94 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 95 (f) | UATH_FLAG_PRE_FIRMWARE } 96 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 97 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 98 static const struct uath_type { 99 struct usb_devno dev; 100 unsigned int flags; 101 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 102 #define UATH_FLAG_ABG (1 << 1) 103 } uath_devs[] = { 104 UATH_DEV_UG(ACCTON, SMCWUSBTG2), 105 UATH_DEV_UG(ATHEROS, AR5523), 106 UATH_DEV_UG(ATHEROS2, AR5523_1), 107 UATH_DEV_UG(ATHEROS2, AR5523_2), 108 UATH_DEV_UX(ATHEROS2, AR5523_3), 109 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 110 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 111 UATH_DEV_UX(DLINK, DWLAG122), 112 UATH_DEV_UX(DLINK, DWLAG132), 113 UATH_DEV_UG(DLINK, DWLG132), 114 UATH_DEV_UG(GIGASET, AR5523), 115 UATH_DEV_UG(GIGASET, SMCWUSBTG), 116 UATH_DEV_UG(GLOBALSUN, AR5523_1), 117 UATH_DEV_UX(GLOBALSUN, AR5523_2), 118 UATH_DEV_UG(IODATA, USBWNG54US), 119 UATH_DEV_UG(MELCO, WLIU2KAMG54), 120 UATH_DEV_UX(NETGEAR, WG111U), 121 UATH_DEV_UG(NETGEAR3, WG111T), 122 UATH_DEV_UG(NETGEAR3, WPN111), 123 UATH_DEV_UG(PHILIPS, SNU6500), 124 UATH_DEV_UX(UMEDIA, AR5523_2), 125 UATH_DEV_UG(UMEDIA, TEW444UBEU), 126 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 127 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 128 UATH_DEV_UG(ZCOM, AR5523) 129 }; 130 #define uath_lookup(v, p) \ 131 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 132 133 void uath_attachhook(void *); 134 int uath_open_pipes(struct uath_softc *); 135 void uath_close_pipes(struct uath_softc *); 136 int uath_alloc_tx_data_list(struct uath_softc *); 137 void uath_free_tx_data_list(struct uath_softc *); 138 int uath_alloc_rx_data_list(struct uath_softc *); 139 void uath_free_rx_data_list(struct uath_softc *); 140 int uath_alloc_tx_cmd_list(struct uath_softc *); 141 void uath_free_tx_cmd_list(struct uath_softc *); 142 int uath_alloc_rx_cmd_list(struct uath_softc *); 143 void uath_free_rx_cmd_list(struct uath_softc *); 144 int uath_media_change(struct ifnet *); 145 void uath_stat(void *); 146 void uath_next_scan(void *); 147 void uath_task(void *); 148 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 149 #ifdef UATH_DEBUG 150 void uath_dump_cmd(const uint8_t *, int, char); 151 #endif 152 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 153 int); 154 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 155 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 156 int); 157 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 158 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 159 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 160 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 161 void uath_cmd_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 162 void uath_data_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 163 void uath_data_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 164 int uath_tx_null(struct uath_softc *); 165 int uath_tx_data(struct uath_softc *, struct mbuf *, 166 struct ieee80211_node *); 167 void uath_start(struct ifnet *); 168 void uath_watchdog(struct ifnet *); 169 int uath_ioctl(struct ifnet *, u_long, caddr_t); 170 int uath_query_eeprom(struct uath_softc *); 171 int uath_reset(struct uath_softc *); 172 int uath_reset_tx_queues(struct uath_softc *); 173 int uath_wme_init(struct uath_softc *); 174 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 175 int uath_set_key(struct uath_softc *, const struct ieee80211_key *, int); 176 int uath_set_keys(struct uath_softc *); 177 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 178 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 179 int uath_set_led(struct uath_softc *, int, int); 180 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 181 int uath_init(struct ifnet *); 182 void uath_stop(struct ifnet *, int); 183 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 184 int uath_activate(struct device *, int); 185 186 int uath_match(struct device *, void *, void *); 187 void uath_attach(struct device *, struct device *, void *); 188 int uath_detach(struct device *, int); 189 int uath_activate(struct device *, int); 190 191 struct cfdriver uath_cd = { 192 NULL, "uath", DV_IFNET 193 }; 194 195 const struct cfattach uath_ca = { 196 sizeof(struct uath_softc), 197 uath_match, 198 uath_attach, 199 uath_detach, 200 uath_activate, 201 }; 202 203 int 204 uath_match(struct device *parent, void *match, void *aux) 205 { 206 struct usb_attach_arg *uaa = aux; 207 208 if (uaa->iface != NULL) 209 return UMATCH_NONE; 210 211 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 212 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 213 } 214 215 void 216 uath_attachhook(void *xsc) 217 { 218 struct uath_softc *sc = xsc; 219 u_char *fw; 220 size_t size; 221 int error; 222 223 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 224 printf("%s: error %d, could not read firmware %s\n", 225 sc->sc_dev.dv_xname, error, "uath-ar5523"); 226 return; 227 } 228 229 error = uath_loadfirmware(sc, fw, size); 230 free(fw, M_DEVBUF); 231 232 if (error == 0) { 233 usb_port_status_t status; 234 235 /* 236 * Hack alert: the device doesn't always gracefully detach 237 * from the bus after a firmware upload. We need to force 238 * a port reset and a re-exploration on the parent hub. 239 */ 240 usbd_reset_port(sc->sc_uhub, sc->sc_port, &status); 241 usb_needs_reattach(sc->sc_udev); 242 } else { 243 printf("%s: could not load firmware (error=%s)\n", 244 sc->sc_dev.dv_xname, usbd_errstr(error)); 245 } 246 } 247 248 void 249 uath_attach(struct device *parent, struct device *self, void *aux) 250 { 251 struct uath_softc *sc = (struct uath_softc *)self; 252 struct usb_attach_arg *uaa = aux; 253 struct ieee80211com *ic = &sc->sc_ic; 254 struct ifnet *ifp = &ic->ic_if; 255 usbd_status error; 256 int i; 257 258 sc->sc_udev = uaa->device; 259 sc->sc_uhub = uaa->device->myhub; 260 sc->sc_port = uaa->port; 261 262 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 263 264 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 265 printf("%s: could not set configuration no\n", 266 sc->sc_dev.dv_xname); 267 return; 268 } 269 270 /* get the first interface handle */ 271 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 272 &sc->sc_iface); 273 if (error != 0) { 274 printf("%s: could not get interface handle\n", 275 sc->sc_dev.dv_xname); 276 return; 277 } 278 279 /* 280 * We must open the pipes early because they're used to upload the 281 * firmware (pre-firmware devices) or to send firmware commands. 282 */ 283 if (uath_open_pipes(sc) != 0) { 284 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 285 return; 286 } 287 288 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 289 if (rootvp == NULL) 290 mountroothook_establish(uath_attachhook, sc); 291 else 292 uath_attachhook(sc); 293 return; 294 } 295 296 /* 297 * Only post-firmware devices here. 298 */ 299 usb_init_task(&sc->sc_task, uath_task, sc, USB_TASK_TYPE_GENERIC); 300 timeout_set(&sc->scan_to, uath_next_scan, sc); 301 timeout_set(&sc->stat_to, uath_stat, sc); 302 303 /* 304 * Allocate xfers for firmware commands. 305 */ 306 if (uath_alloc_tx_cmd_list(sc) != 0) { 307 printf("%s: could not allocate Tx command list\n", 308 sc->sc_dev.dv_xname); 309 goto fail1; 310 } 311 if (uath_alloc_rx_cmd_list(sc) != 0) { 312 printf("%s: could not allocate Rx command list\n", 313 sc->sc_dev.dv_xname); 314 goto fail2; 315 } 316 317 /* 318 * Queue Rx command xfers. 319 */ 320 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 321 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 322 323 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 324 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 325 USBD_NO_TIMEOUT, uath_cmd_rxeof); 326 error = usbd_transfer(cmd->xfer); 327 if (error != USBD_IN_PROGRESS && error != 0) { 328 printf("%s: could not queue Rx command xfer\n", 329 sc->sc_dev.dv_xname); 330 goto fail3; 331 } 332 } 333 334 /* 335 * We're now ready to send/receive firmware commands. 336 */ 337 if (uath_reset(sc) != 0) { 338 printf("%s: could not initialize adapter\n", 339 sc->sc_dev.dv_xname); 340 goto fail3; 341 } 342 if (uath_query_eeprom(sc) != 0) { 343 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 344 goto fail3; 345 } 346 347 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 348 sc->sc_dev.dv_xname, (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 349 ether_sprintf(ic->ic_myaddr)); 350 351 /* 352 * Allocate xfers for Tx/Rx data pipes. 353 */ 354 if (uath_alloc_tx_data_list(sc) != 0) { 355 printf("%s: could not allocate Tx data list\n", 356 sc->sc_dev.dv_xname); 357 goto fail3; 358 } 359 if (uath_alloc_rx_data_list(sc) != 0) { 360 printf("%s: could not allocate Rx data list\n", 361 sc->sc_dev.dv_xname); 362 goto fail4; 363 } 364 365 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 366 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 367 ic->ic_state = IEEE80211_S_INIT; 368 369 /* set device capabilities */ 370 ic->ic_caps = 371 IEEE80211_C_MONITOR | /* monitor mode supported */ 372 IEEE80211_C_TXPMGT | /* tx power management */ 373 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 374 IEEE80211_C_SHSLOT | /* short slot time supported */ 375 IEEE80211_C_WEP; /* h/w WEP */ 376 377 /* set supported .11b and .11g rates */ 378 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 379 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 380 381 /* set supported .11b and .11g channels (1 through 14) */ 382 for (i = 1; i <= 14; i++) { 383 ic->ic_channels[i].ic_freq = 384 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 385 ic->ic_channels[i].ic_flags = 386 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 387 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 388 } 389 390 ifp->if_softc = sc; 391 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 392 ifp->if_ioctl = uath_ioctl; 393 ifp->if_start = uath_start; 394 ifp->if_watchdog = uath_watchdog; 395 IFQ_SET_READY(&ifp->if_snd); 396 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 397 398 if_attach(ifp); 399 ieee80211_ifattach(ifp); 400 401 /* override state transition machine */ 402 sc->sc_newstate = ic->ic_newstate; 403 ic->ic_newstate = uath_newstate; 404 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 405 406 #if NBPFILTER > 0 407 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 408 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 409 410 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 411 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 412 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 413 414 sc->sc_txtap_len = sizeof sc->sc_txtapu; 415 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 416 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 417 #endif 418 419 return; 420 421 fail4: uath_free_tx_data_list(sc); 422 fail3: uath_free_rx_cmd_list(sc); 423 fail2: uath_free_tx_cmd_list(sc); 424 fail1: uath_close_pipes(sc); 425 usbd_deactivate(sc->sc_udev); 426 } 427 428 int 429 uath_detach(struct device *self, int flags) 430 { 431 struct uath_softc *sc = (struct uath_softc *)self; 432 struct ifnet *ifp = &sc->sc_ic.ic_if; 433 int s; 434 435 s = splnet(); 436 437 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 438 uath_close_pipes(sc); 439 splx(s); 440 return 0; 441 } 442 443 /* post-firmware device */ 444 445 usb_rem_task(sc->sc_udev, &sc->sc_task); 446 if (timeout_initialized(&sc->scan_to)) 447 timeout_del(&sc->scan_to); 448 if (timeout_initialized(&sc->stat_to)) 449 timeout_del(&sc->stat_to); 450 451 /* abort and free xfers */ 452 uath_free_tx_data_list(sc); 453 uath_free_rx_data_list(sc); 454 uath_free_tx_cmd_list(sc); 455 uath_free_rx_cmd_list(sc); 456 457 /* close Tx/Rx pipes */ 458 uath_close_pipes(sc); 459 460 if (ifp->if_softc != NULL) { 461 ieee80211_ifdetach(ifp); /* free all nodes */ 462 if_detach(ifp); 463 } 464 465 splx(s); 466 467 return 0; 468 } 469 470 int 471 uath_open_pipes(struct uath_softc *sc) 472 { 473 int error; 474 475 /* 476 * XXX pipes numbers are hardcoded because we don't have any way 477 * to distinguish the data pipes from the firmware command pipes 478 * (both are bulk pipes) using the endpoints descriptors. 479 */ 480 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 481 &sc->cmd_tx_pipe); 482 if (error != 0) { 483 printf("%s: could not open Tx command pipe: %s\n", 484 sc->sc_dev.dv_xname, usbd_errstr(error)); 485 goto fail; 486 } 487 488 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 489 &sc->data_tx_pipe); 490 if (error != 0) { 491 printf("%s: could not open Tx data pipe: %s\n", 492 sc->sc_dev.dv_xname, usbd_errstr(error)); 493 goto fail; 494 } 495 496 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 497 &sc->cmd_rx_pipe); 498 if (error != 0) { 499 printf("%s: could not open Rx command pipe: %s\n", 500 sc->sc_dev.dv_xname, usbd_errstr(error)); 501 goto fail; 502 } 503 504 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 505 &sc->data_rx_pipe); 506 if (error != 0) { 507 printf("%s: could not open Rx data pipe: %s\n", 508 sc->sc_dev.dv_xname, usbd_errstr(error)); 509 goto fail; 510 } 511 512 return 0; 513 514 fail: uath_close_pipes(sc); 515 return error; 516 } 517 518 void 519 uath_close_pipes(struct uath_softc *sc) 520 { 521 /* assumes no transfers are pending on the pipes */ 522 523 if (sc->data_tx_pipe != NULL) 524 usbd_close_pipe(sc->data_tx_pipe); 525 526 if (sc->data_rx_pipe != NULL) 527 usbd_close_pipe(sc->data_rx_pipe); 528 529 if (sc->cmd_tx_pipe != NULL) 530 usbd_close_pipe(sc->cmd_tx_pipe); 531 532 if (sc->cmd_rx_pipe != NULL) 533 usbd_close_pipe(sc->cmd_rx_pipe); 534 } 535 536 int 537 uath_alloc_tx_data_list(struct uath_softc *sc) 538 { 539 int i, error; 540 541 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 542 struct uath_tx_data *data = &sc->tx_data[i]; 543 544 data->sc = sc; /* backpointer for callbacks */ 545 546 data->xfer = usbd_alloc_xfer(sc->sc_udev); 547 if (data->xfer == NULL) { 548 printf("%s: could not allocate xfer\n", 549 sc->sc_dev.dv_xname); 550 error = ENOMEM; 551 goto fail; 552 } 553 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 554 if (data->buf == NULL) { 555 printf("%s: could not allocate xfer buffer\n", 556 sc->sc_dev.dv_xname); 557 error = ENOMEM; 558 goto fail; 559 } 560 } 561 return 0; 562 563 fail: uath_free_tx_data_list(sc); 564 return error; 565 } 566 567 void 568 uath_free_tx_data_list(struct uath_softc *sc) 569 { 570 int i; 571 572 /* make sure no transfers are pending */ 573 usbd_abort_pipe(sc->data_tx_pipe); 574 575 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 576 if (sc->tx_data[i].xfer != NULL) 577 usbd_free_xfer(sc->tx_data[i].xfer); 578 } 579 580 int 581 uath_alloc_rx_data_list(struct uath_softc *sc) 582 { 583 int i, error; 584 585 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 586 struct uath_rx_data *data = &sc->rx_data[i]; 587 588 data->sc = sc; /* backpointer for callbacks */ 589 590 data->xfer = usbd_alloc_xfer(sc->sc_udev); 591 if (data->xfer == NULL) { 592 printf("%s: could not allocate xfer\n", 593 sc->sc_dev.dv_xname); 594 error = ENOMEM; 595 goto fail; 596 } 597 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 598 printf("%s: could not allocate xfer buffer\n", 599 sc->sc_dev.dv_xname); 600 error = ENOMEM; 601 goto fail; 602 } 603 604 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 605 if (data->m == NULL) { 606 printf("%s: could not allocate rx mbuf\n", 607 sc->sc_dev.dv_xname); 608 error = ENOMEM; 609 goto fail; 610 } 611 MCLGET(data->m, M_DONTWAIT); 612 if (!(data->m->m_flags & M_EXT)) { 613 printf("%s: could not allocate rx mbuf cluster\n", 614 sc->sc_dev.dv_xname); 615 error = ENOMEM; 616 goto fail; 617 } 618 619 data->buf = mtod(data->m, uint8_t *); 620 } 621 return 0; 622 623 fail: uath_free_rx_data_list(sc); 624 return error; 625 } 626 627 void 628 uath_free_rx_data_list(struct uath_softc *sc) 629 { 630 int i; 631 632 /* make sure no transfers are pending */ 633 usbd_abort_pipe(sc->data_rx_pipe); 634 635 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 636 struct uath_rx_data *data = &sc->rx_data[i]; 637 638 if (data->xfer != NULL) 639 usbd_free_xfer(data->xfer); 640 641 if (data->m != NULL) 642 m_freem(data->m); 643 } 644 } 645 646 int 647 uath_alloc_tx_cmd_list(struct uath_softc *sc) 648 { 649 int i, error; 650 651 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 652 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 653 654 cmd->sc = sc; /* backpointer for callbacks */ 655 656 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 657 if (cmd->xfer == NULL) { 658 printf("%s: could not allocate xfer\n", 659 sc->sc_dev.dv_xname); 660 error = ENOMEM; 661 goto fail; 662 } 663 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 664 if (cmd->buf == NULL) { 665 printf("%s: could not allocate xfer buffer\n", 666 sc->sc_dev.dv_xname); 667 error = ENOMEM; 668 goto fail; 669 } 670 } 671 return 0; 672 673 fail: uath_free_tx_cmd_list(sc); 674 return error; 675 } 676 677 void 678 uath_free_tx_cmd_list(struct uath_softc *sc) 679 { 680 int i; 681 682 /* make sure no transfers are pending */ 683 usbd_abort_pipe(sc->cmd_tx_pipe); 684 685 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 686 if (sc->tx_cmd[i].xfer != NULL) 687 usbd_free_xfer(sc->tx_cmd[i].xfer); 688 } 689 690 int 691 uath_alloc_rx_cmd_list(struct uath_softc *sc) 692 { 693 int i, error; 694 695 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 696 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 697 698 cmd->sc = sc; /* backpointer for callbacks */ 699 700 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 701 if (cmd->xfer == NULL) { 702 printf("%s: could not allocate xfer\n", 703 sc->sc_dev.dv_xname); 704 error = ENOMEM; 705 goto fail; 706 } 707 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 708 if (cmd->buf == NULL) { 709 printf("%s: could not allocate xfer buffer\n", 710 sc->sc_dev.dv_xname); 711 error = ENOMEM; 712 goto fail; 713 } 714 } 715 return 0; 716 717 fail: uath_free_rx_cmd_list(sc); 718 return error; 719 } 720 721 void 722 uath_free_rx_cmd_list(struct uath_softc *sc) 723 { 724 int i; 725 726 /* make sure no transfers are pending */ 727 usbd_abort_pipe(sc->cmd_rx_pipe); 728 729 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 730 if (sc->rx_cmd[i].xfer != NULL) 731 usbd_free_xfer(sc->rx_cmd[i].xfer); 732 } 733 734 int 735 uath_media_change(struct ifnet *ifp) 736 { 737 int error; 738 739 error = ieee80211_media_change(ifp); 740 if (error != ENETRESET) 741 return error; 742 743 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 744 uath_init(ifp); 745 746 return 0; 747 } 748 749 /* 750 * This function is called periodically (every second) when associated to 751 * query device statistics. 752 */ 753 void 754 uath_stat(void *arg) 755 { 756 struct uath_softc *sc = arg; 757 int error; 758 759 /* 760 * Send request for statistics asynchronously. The timer will be 761 * restarted when we'll get the stats notification. 762 */ 763 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 764 UATH_CMD_FLAG_ASYNC); 765 if (error != 0) { 766 printf("%s: could not query statistics (error=%d)\n", 767 sc->sc_dev.dv_xname, error); 768 } 769 } 770 771 /* 772 * This function is called periodically (every 250ms) during scanning to 773 * switch from one channel to another. 774 */ 775 void 776 uath_next_scan(void *arg) 777 { 778 struct uath_softc *sc = arg; 779 struct ieee80211com *ic = &sc->sc_ic; 780 struct ifnet *ifp = &ic->ic_if; 781 782 if (ic->ic_state == IEEE80211_S_SCAN) 783 ieee80211_next_scan(ifp); 784 } 785 786 void 787 uath_task(void *arg) 788 { 789 struct uath_softc *sc = arg; 790 struct ieee80211com *ic = &sc->sc_ic; 791 enum ieee80211_state ostate; 792 793 ostate = ic->ic_state; 794 795 switch (sc->sc_state) { 796 case IEEE80211_S_INIT: 797 if (ostate == IEEE80211_S_RUN) { 798 /* turn link and activity LEDs off */ 799 (void)uath_set_led(sc, UATH_LED_LINK, 0); 800 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 801 } 802 break; 803 804 case IEEE80211_S_SCAN: 805 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 806 printf("%s: could not switch channel\n", 807 sc->sc_dev.dv_xname); 808 break; 809 } 810 timeout_add_msec(&sc->scan_to, 250); 811 break; 812 813 case IEEE80211_S_AUTH: 814 { 815 struct ieee80211_node *ni = ic->ic_bss; 816 struct uath_cmd_bssid bssid; 817 struct uath_cmd_0b cmd0b; 818 struct uath_cmd_0c cmd0c; 819 820 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 821 printf("%s: could not switch channel\n", 822 sc->sc_dev.dv_xname); 823 break; 824 } 825 826 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 827 828 bzero(&bssid, sizeof bssid); 829 bssid.len = htobe32(IEEE80211_ADDR_LEN); 830 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 831 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 832 sizeof bssid, 0); 833 834 bzero(&cmd0b, sizeof cmd0b); 835 cmd0b.code = htobe32(2); 836 cmd0b.size = htobe32(sizeof (cmd0b.data)); 837 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 838 839 bzero(&cmd0c, sizeof cmd0c); 840 cmd0c.magic1 = htobe32(2); 841 cmd0c.magic2 = htobe32(7); 842 cmd0c.magic3 = htobe32(1); 843 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 844 845 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 846 printf("%s: could not set negotiated rate set\n", 847 sc->sc_dev.dv_xname); 848 break; 849 } 850 break; 851 } 852 853 case IEEE80211_S_ASSOC: 854 break; 855 856 case IEEE80211_S_RUN: 857 { 858 struct ieee80211_node *ni = ic->ic_bss; 859 struct uath_cmd_bssid bssid; 860 struct uath_cmd_xled xled; 861 uint32_t val; 862 863 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 864 /* make both LEDs blink while monitoring */ 865 bzero(&xled, sizeof xled); 866 xled.which = htobe32(0); 867 xled.rate = htobe32(1); 868 xled.mode = htobe32(2); 869 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 870 sizeof xled, 0); 871 break; 872 } 873 874 /* 875 * Tx rate is controlled by firmware, report the maximum 876 * negotiated rate in ifconfig output. 877 */ 878 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 879 880 val = htobe32(1); 881 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 882 883 bzero(&bssid, sizeof bssid); 884 bssid.flags1 = htobe32(0xc004); 885 bssid.flags2 = htobe32(0x003b); 886 bssid.len = htobe32(IEEE80211_ADDR_LEN); 887 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 888 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 889 sizeof bssid, 0); 890 891 /* turn link LED on */ 892 (void)uath_set_led(sc, UATH_LED_LINK, 1); 893 894 /* make activity LED blink */ 895 bzero(&xled, sizeof xled); 896 xled.which = htobe32(1); 897 xled.rate = htobe32(1); 898 xled.mode = htobe32(2); 899 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 900 0); 901 902 /* set state to associated */ 903 val = htobe32(1); 904 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 905 0); 906 907 /* start statistics timer */ 908 timeout_add_sec(&sc->stat_to, 1); 909 break; 910 } 911 } 912 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 913 } 914 915 int 916 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 917 { 918 struct uath_softc *sc = ic->ic_softc; 919 920 usb_rem_task(sc->sc_udev, &sc->sc_task); 921 timeout_del(&sc->scan_to); 922 timeout_del(&sc->stat_to); 923 924 /* do it in a process context */ 925 sc->sc_state = nstate; 926 sc->sc_arg = arg; 927 usb_add_task(sc->sc_udev, &sc->sc_task); 928 return 0; 929 } 930 931 #ifdef UATH_DEBUG 932 void 933 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 934 { 935 int i; 936 937 for (i = 0; i < len; i++) { 938 if ((i % 16) == 0) 939 printf("\n%c ", prefix); 940 else if ((i % 4) == 0) 941 printf(" "); 942 printf("%02x", buf[i]); 943 } 944 printf("\n"); 945 } 946 #endif 947 948 /* 949 * Low-level function to send read or write commands to the firmware. 950 */ 951 int 952 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 953 void *odata, int flags) 954 { 955 struct uath_cmd_hdr *hdr; 956 struct uath_tx_cmd *cmd; 957 uint16_t xferflags; 958 int s, xferlen, error; 959 960 /* grab a xfer */ 961 cmd = &sc->tx_cmd[sc->cmd_idx]; 962 963 /* always bulk-out a multiple of 4 bytes */ 964 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 965 966 hdr = (struct uath_cmd_hdr *)cmd->buf; 967 bzero(hdr, sizeof (struct uath_cmd_hdr)); 968 hdr->len = htobe32(xferlen); 969 hdr->code = htobe32(code); 970 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 971 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 972 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 973 974 #ifdef UATH_DEBUG 975 if (uath_debug >= 5) { 976 printf("sending command code=0x%02x flags=0x%x index=%u", 977 code, flags, sc->cmd_idx); 978 uath_dump_cmd(cmd->buf, xferlen, '+'); 979 } 980 #endif 981 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 982 if (!(flags & UATH_CMD_FLAG_READ)) { 983 if (!(flags & UATH_CMD_FLAG_ASYNC)) 984 xferflags |= USBD_SYNCHRONOUS; 985 } else 986 s = splusb(); 987 988 cmd->odata = odata; 989 990 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 991 xferflags, UATH_CMD_TIMEOUT, NULL); 992 error = usbd_transfer(cmd->xfer); 993 if (error != USBD_IN_PROGRESS && error != 0) { 994 if (flags & UATH_CMD_FLAG_READ) 995 splx(s); 996 printf("%s: could not send command 0x%x (error=%s)\n", 997 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 998 return error; 999 } 1000 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 1001 1002 if (!(flags & UATH_CMD_FLAG_READ)) 1003 return 0; /* write: don't wait for reply */ 1004 1005 /* wait at most two seconds for command reply */ 1006 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 1007 cmd->odata = NULL; /* in case answer is received too late */ 1008 splx(s); 1009 if (error != 0) { 1010 printf("%s: timeout waiting for command reply\n", 1011 sc->sc_dev.dv_xname); 1012 } 1013 return error; 1014 } 1015 1016 int 1017 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1018 int flags) 1019 { 1020 flags &= ~UATH_CMD_FLAG_READ; 1021 return uath_cmd(sc, code, data, len, NULL, flags); 1022 } 1023 1024 int 1025 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1026 int ilen, void *odata, int flags) 1027 { 1028 flags |= UATH_CMD_FLAG_READ; 1029 return uath_cmd(sc, code, idata, ilen, odata, flags); 1030 } 1031 1032 int 1033 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1034 { 1035 struct uath_write_mac write; 1036 int error; 1037 1038 write.reg = htobe32(reg); 1039 write.len = htobe32(0); /* 0 = single write */ 1040 *(uint32_t *)write.data = htobe32(val); 1041 1042 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1043 3 * sizeof (uint32_t), 0); 1044 if (error != 0) { 1045 printf("%s: could not write register 0x%02x\n", 1046 sc->sc_dev.dv_xname, reg); 1047 } 1048 return error; 1049 } 1050 1051 int 1052 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1053 int len) 1054 { 1055 struct uath_write_mac write; 1056 int error; 1057 1058 write.reg = htobe32(reg); 1059 write.len = htobe32(len); 1060 bcopy(data, write.data, len); 1061 1062 /* properly handle the case where len is zero (reset) */ 1063 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1064 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1065 if (error != 0) { 1066 printf("%s: could not write %d bytes to register 0x%02x\n", 1067 sc->sc_dev.dv_xname, len, reg); 1068 } 1069 return error; 1070 } 1071 1072 int 1073 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1074 { 1075 struct uath_read_mac read; 1076 int error; 1077 1078 reg = htobe32(reg); 1079 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1080 0); 1081 if (error != 0) { 1082 printf("%s: could not read register 0x%02x\n", 1083 sc->sc_dev.dv_xname, betoh32(reg)); 1084 return error; 1085 } 1086 *val = betoh32(*(uint32_t *)read.data); 1087 return error; 1088 } 1089 1090 int 1091 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1092 { 1093 struct uath_read_mac read; 1094 int len, error; 1095 1096 reg = htobe32(reg); 1097 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1098 &read, 0); 1099 if (error != 0) { 1100 printf("%s: could not read EEPROM offset 0x%02x\n", 1101 sc->sc_dev.dv_xname, betoh32(reg)); 1102 return error; 1103 } 1104 len = betoh32(read.len); 1105 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1106 return error; 1107 } 1108 1109 void 1110 uath_cmd_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1111 usbd_status status) 1112 { 1113 struct uath_rx_cmd *cmd = priv; 1114 struct uath_softc *sc = cmd->sc; 1115 struct uath_cmd_hdr *hdr; 1116 1117 if (status != USBD_NORMAL_COMPLETION) { 1118 if (status == USBD_STALLED) 1119 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1120 return; 1121 } 1122 1123 hdr = (struct uath_cmd_hdr *)cmd->buf; 1124 1125 #ifdef UATH_DEBUG 1126 if (uath_debug >= 5) { 1127 printf("received command code=0x%x index=%u len=%u", 1128 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1129 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1130 } 1131 #endif 1132 1133 switch (betoh32(hdr->code) & 0xff) { 1134 /* reply to a read command */ 1135 default: 1136 { 1137 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1138 1139 if (txcmd->odata != NULL) { 1140 /* copy answer into caller's supplied buffer */ 1141 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1142 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1143 } 1144 wakeup(txcmd); /* wake up caller */ 1145 break; 1146 } 1147 /* spontaneous firmware notifications */ 1148 case UATH_NOTIF_READY: 1149 DPRINTF(("received device ready notification\n")); 1150 wakeup(UATH_COND_INIT(sc)); 1151 break; 1152 1153 case UATH_NOTIF_TX: 1154 /* this notification is sent when UATH_TX_NOTIFY is set */ 1155 DPRINTF(("received Tx notification\n")); 1156 break; 1157 1158 case UATH_NOTIF_STATS: 1159 DPRINTFN(2, ("received device statistics\n")); 1160 timeout_add_sec(&sc->stat_to, 1); 1161 break; 1162 } 1163 1164 /* setup a new transfer */ 1165 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1166 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1167 uath_cmd_rxeof); 1168 (void)usbd_transfer(xfer); 1169 } 1170 1171 void 1172 uath_data_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1173 usbd_status status) 1174 { 1175 struct uath_rx_data *data = priv; 1176 struct uath_softc *sc = data->sc; 1177 struct ieee80211com *ic = &sc->sc_ic; 1178 struct ifnet *ifp = &ic->ic_if; 1179 struct ieee80211_frame *wh; 1180 struct ieee80211_rxinfo rxi; 1181 struct ieee80211_node *ni; 1182 struct uath_rx_desc *desc; 1183 struct mbuf *mnew, *m; 1184 uint32_t hdr; 1185 int s, len; 1186 1187 if (status != USBD_NORMAL_COMPLETION) { 1188 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1189 return; 1190 1191 if (status == USBD_STALLED) 1192 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1193 1194 ifp->if_ierrors++; 1195 return; 1196 } 1197 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1198 1199 if (len < UATH_MIN_RXBUFSZ) { 1200 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1201 ifp->if_ierrors++; 1202 goto skip; 1203 } 1204 1205 hdr = betoh32(*(uint32_t *)data->buf); 1206 1207 /* Rx descriptor is located at the end, 32-bit aligned */ 1208 desc = (struct uath_rx_desc *) 1209 (data->buf + len - sizeof (struct uath_rx_desc)); 1210 1211 if (betoh32(desc->len) > sc->rxbufsz) { 1212 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1213 ifp->if_ierrors++; 1214 goto skip; 1215 } 1216 1217 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1218 1219 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1220 if (mnew == NULL) { 1221 printf("%s: could not allocate rx mbuf\n", 1222 sc->sc_dev.dv_xname); 1223 ifp->if_ierrors++; 1224 goto skip; 1225 } 1226 MCLGET(mnew, M_DONTWAIT); 1227 if (!(mnew->m_flags & M_EXT)) { 1228 printf("%s: could not allocate rx mbuf cluster\n", 1229 sc->sc_dev.dv_xname); 1230 m_freem(mnew); 1231 ifp->if_ierrors++; 1232 goto skip; 1233 } 1234 1235 m = data->m; 1236 data->m = mnew; 1237 1238 /* finalize mbuf */ 1239 m->m_pkthdr.rcvif = ifp; 1240 m->m_data = data->buf + sizeof (uint32_t); 1241 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1242 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1243 1244 data->buf = mtod(data->m, uint8_t *); 1245 1246 wh = mtod(m, struct ieee80211_frame *); 1247 rxi.rxi_flags = 0; 1248 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1249 ic->ic_opmode != IEEE80211_M_MONITOR) { 1250 /* 1251 * Hardware decrypts the frame itself but leaves the WEP bit 1252 * set in the 802.11 header and doesn't remove the IV and CRC 1253 * fields. 1254 */ 1255 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1256 ovbcopy(wh, (caddr_t)wh + IEEE80211_WEP_IVLEN + 1257 IEEE80211_WEP_KIDLEN, sizeof (struct ieee80211_frame)); 1258 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1259 m_adj(m, -IEEE80211_WEP_CRCLEN); 1260 wh = mtod(m, struct ieee80211_frame *); 1261 1262 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1263 } 1264 1265 #if NBPFILTER > 0 1266 /* there are a lot more fields in the Rx descriptor */ 1267 if (sc->sc_drvbpf != NULL) { 1268 struct mbuf mb; 1269 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1270 1271 tap->wr_flags = 0; 1272 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1273 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1274 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1275 1276 mb.m_data = (caddr_t)tap; 1277 mb.m_len = sc->sc_rxtap_len; 1278 mb.m_next = m; 1279 mb.m_nextpkt = NULL; 1280 mb.m_type = 0; 1281 mb.m_flags = 0; 1282 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1283 } 1284 #endif 1285 1286 s = splnet(); 1287 ni = ieee80211_find_rxnode(ic, wh); 1288 rxi.rxi_rssi = (int)betoh32(desc->rssi); 1289 rxi.rxi_tstamp = 0; /* unused */ 1290 ieee80211_input(ifp, m, ni, &rxi); 1291 1292 /* node is no longer needed */ 1293 ieee80211_release_node(ic, ni); 1294 splx(s); 1295 1296 skip: /* setup a new transfer */ 1297 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1298 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1299 (void)usbd_transfer(data->xfer); 1300 } 1301 1302 int 1303 uath_tx_null(struct uath_softc *sc) 1304 { 1305 struct uath_tx_data *data; 1306 struct uath_tx_desc *desc; 1307 1308 data = &sc->tx_data[sc->data_idx]; 1309 1310 data->ni = NULL; 1311 1312 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1313 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1314 1315 bzero(desc, sizeof (struct uath_tx_desc)); 1316 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1317 desc->type = htobe32(UATH_TX_NULL); 1318 1319 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1320 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1321 USBD_FORCE_SHORT_XFER, UATH_DATA_TIMEOUT, NULL); 1322 if (usbd_sync_transfer(data->xfer) != 0) 1323 return EIO; 1324 1325 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1326 1327 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1328 } 1329 1330 void 1331 uath_data_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1332 usbd_status status) 1333 { 1334 struct uath_tx_data *data = priv; 1335 struct uath_softc *sc = data->sc; 1336 struct ieee80211com *ic = &sc->sc_ic; 1337 struct ifnet *ifp = &ic->ic_if; 1338 int s; 1339 1340 if (status != USBD_NORMAL_COMPLETION) { 1341 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1342 return; 1343 1344 printf("%s: could not transmit buffer: %s\n", 1345 sc->sc_dev.dv_xname, usbd_errstr(status)); 1346 1347 if (status == USBD_STALLED) 1348 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1349 1350 ifp->if_oerrors++; 1351 return; 1352 } 1353 1354 s = splnet(); 1355 1356 ieee80211_release_node(ic, data->ni); 1357 data->ni = NULL; 1358 1359 sc->tx_queued--; 1360 ifp->if_opackets++; 1361 1362 sc->sc_tx_timer = 0; 1363 ifp->if_flags &= ~IFF_OACTIVE; 1364 uath_start(ifp); 1365 1366 splx(s); 1367 } 1368 1369 int 1370 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1371 { 1372 struct ieee80211com *ic = &sc->sc_ic; 1373 struct uath_tx_data *data; 1374 struct uath_tx_desc *desc; 1375 const struct ieee80211_frame *wh; 1376 int paylen, totlen, xferlen, error; 1377 1378 data = &sc->tx_data[sc->data_idx]; 1379 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1380 1381 data->ni = ni; 1382 1383 #if NBPFILTER > 0 1384 if (sc->sc_drvbpf != NULL) { 1385 struct mbuf mb; 1386 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1387 1388 tap->wt_flags = 0; 1389 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1390 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1391 1392 mb.m_data = (caddr_t)tap; 1393 mb.m_len = sc->sc_txtap_len; 1394 mb.m_next = m0; 1395 mb.m_nextpkt = NULL; 1396 mb.m_type = 0; 1397 mb.m_flags = 0; 1398 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1399 } 1400 #endif 1401 1402 paylen = m0->m_pkthdr.len; 1403 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1404 1405 wh = mtod(m0, struct ieee80211_frame *); 1406 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1407 uint8_t *frm = (uint8_t *)(desc + 1); 1408 uint32_t iv; 1409 1410 /* h/w WEP: it's up to the host to fill the IV field */ 1411 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1412 frm += sizeof (struct ieee80211_frame); 1413 1414 /* insert IV: code copied from net80211 */ 1415 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1416 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1417 iv += 0x000100; 1418 ic->ic_iv = iv + 1; 1419 1420 *frm++ = iv & 0xff; 1421 *frm++ = (iv >> 8) & 0xff; 1422 *frm++ = (iv >> 16) & 0xff; 1423 *frm++ = ic->ic_wep_txkey << 6; 1424 1425 m_copydata(m0, sizeof (struct ieee80211_frame), 1426 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1427 1428 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1429 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1430 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1431 } else { 1432 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1433 totlen = xferlen; 1434 } 1435 1436 /* fill Tx descriptor */ 1437 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1438 1439 desc->len = htobe32(totlen); 1440 desc->priv = sc->data_idx; /* don't care about endianness */ 1441 desc->paylen = htobe32(paylen); 1442 desc->type = htobe32(UATH_TX_DATA); 1443 desc->flags = htobe32(0); 1444 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1445 desc->dest = htobe32(UATH_ID_BROADCAST); 1446 desc->magic = htobe32(3); 1447 } else { 1448 desc->dest = htobe32(UATH_ID_BSS); 1449 desc->magic = htobe32(1); 1450 } 1451 1452 m_freem(m0); /* mbuf is no longer needed */ 1453 1454 #ifdef UATH_DEBUG 1455 if (uath_debug >= 6) { 1456 printf("sending frame index=%u len=%d xferlen=%d", 1457 sc->data_idx, paylen, xferlen); 1458 uath_dump_cmd(data->buf, xferlen, '+'); 1459 } 1460 #endif 1461 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1462 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1463 uath_data_txeof); 1464 error = usbd_transfer(data->xfer); 1465 if (error != USBD_IN_PROGRESS && error != 0) { 1466 ic->ic_if.if_oerrors++; 1467 return error; 1468 } 1469 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1470 sc->tx_queued++; 1471 1472 return 0; 1473 } 1474 1475 void 1476 uath_start(struct ifnet *ifp) 1477 { 1478 struct uath_softc *sc = ifp->if_softc; 1479 struct ieee80211com *ic = &sc->sc_ic; 1480 struct ieee80211_node *ni; 1481 struct mbuf *m0; 1482 1483 /* 1484 * net80211 may still try to send management frames even if the 1485 * IFF_RUNNING flag is not set... 1486 */ 1487 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1488 return; 1489 1490 for (;;) { 1491 IF_POLL(&ic->ic_mgtq, m0); 1492 if (m0 != NULL) { 1493 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1494 ifp->if_flags |= IFF_OACTIVE; 1495 break; 1496 } 1497 IF_DEQUEUE(&ic->ic_mgtq, m0); 1498 1499 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1500 m0->m_pkthdr.rcvif = NULL; 1501 #if NBPFILTER > 0 1502 if (ic->ic_rawbpf != NULL) 1503 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1504 #endif 1505 if (uath_tx_data(sc, m0, ni) != 0) 1506 break; 1507 } else { 1508 if (ic->ic_state != IEEE80211_S_RUN) 1509 break; 1510 IFQ_POLL(&ifp->if_snd, m0); 1511 if (m0 == NULL) 1512 break; 1513 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1514 ifp->if_flags |= IFF_OACTIVE; 1515 break; 1516 } 1517 IFQ_DEQUEUE(&ifp->if_snd, m0); 1518 #if NBPFILTER > 0 1519 if (ifp->if_bpf != NULL) 1520 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1521 #endif 1522 m0 = ieee80211_encap(ifp, m0, &ni); 1523 if (m0 == NULL) 1524 continue; 1525 #if NBPFILTER > 0 1526 if (ic->ic_rawbpf != NULL) 1527 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1528 #endif 1529 if (uath_tx_data(sc, m0, ni) != 0) { 1530 if (ni != NULL) 1531 ieee80211_release_node(ic, ni); 1532 ifp->if_oerrors++; 1533 break; 1534 } 1535 } 1536 1537 sc->sc_tx_timer = 5; 1538 ifp->if_timer = 1; 1539 } 1540 } 1541 1542 void 1543 uath_watchdog(struct ifnet *ifp) 1544 { 1545 struct uath_softc *sc = ifp->if_softc; 1546 1547 ifp->if_timer = 0; 1548 1549 if (sc->sc_tx_timer > 0) { 1550 if (--sc->sc_tx_timer == 0) { 1551 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1552 /*uath_init(ifp); XXX needs a process context! */ 1553 ifp->if_oerrors++; 1554 return; 1555 } 1556 ifp->if_timer = 1; 1557 } 1558 1559 ieee80211_watchdog(ifp); 1560 } 1561 1562 int 1563 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1564 { 1565 struct uath_softc *sc = ifp->if_softc; 1566 struct ieee80211com *ic = &sc->sc_ic; 1567 struct ifaddr *ifa; 1568 struct ifreq *ifr; 1569 int s, error = 0; 1570 1571 s = splnet(); 1572 1573 switch (cmd) { 1574 case SIOCSIFADDR: 1575 ifa = (struct ifaddr *)data; 1576 ifp->if_flags |= IFF_UP; 1577 #ifdef INET 1578 if (ifa->ifa_addr->sa_family == AF_INET) 1579 arp_ifinit(&ic->ic_ac, ifa); 1580 #endif 1581 /* FALLTHROUGH */ 1582 case SIOCSIFFLAGS: 1583 if (ifp->if_flags & IFF_UP) { 1584 if (!(ifp->if_flags & IFF_RUNNING)) 1585 uath_init(ifp); 1586 } else { 1587 if (ifp->if_flags & IFF_RUNNING) 1588 uath_stop(ifp, 1); 1589 } 1590 break; 1591 1592 case SIOCADDMULTI: 1593 case SIOCDELMULTI: 1594 ifr = (struct ifreq *)data; 1595 error = (cmd == SIOCADDMULTI) ? 1596 ether_addmulti(ifr, &ic->ic_ac) : 1597 ether_delmulti(ifr, &ic->ic_ac); 1598 if (error == ENETRESET) 1599 error = 0; 1600 break; 1601 1602 default: 1603 error = ieee80211_ioctl(ifp, cmd, data); 1604 } 1605 1606 if (error == ENETRESET) { 1607 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1608 (IFF_UP | IFF_RUNNING)) 1609 uath_init(ifp); 1610 error = 0; 1611 } 1612 1613 splx(s); 1614 1615 return error; 1616 } 1617 1618 int 1619 uath_query_eeprom(struct uath_softc *sc) 1620 { 1621 uint32_t tmp; 1622 int error; 1623 1624 /* retrieve MAC address */ 1625 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1626 if (error != 0) { 1627 printf("%s: could not read MAC address\n", 1628 sc->sc_dev.dv_xname); 1629 return error; 1630 } 1631 1632 /* retrieve the maximum frame size that the hardware can receive */ 1633 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1634 if (error != 0) { 1635 printf("%s: could not read maximum Rx buffer size\n", 1636 sc->sc_dev.dv_xname); 1637 return error; 1638 } 1639 sc->rxbufsz = betoh32(tmp) & 0xfff; 1640 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1641 return 0; 1642 } 1643 1644 int 1645 uath_reset(struct uath_softc *sc) 1646 { 1647 struct uath_cmd_setup setup; 1648 uint32_t reg, val; 1649 int s, error; 1650 1651 /* init device with some voodoo incantations.. */ 1652 setup.magic1 = htobe32(1); 1653 setup.magic2 = htobe32(5); 1654 setup.magic3 = htobe32(200); 1655 setup.magic4 = htobe32(27); 1656 s = splusb(); 1657 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1658 UATH_CMD_FLAG_ASYNC); 1659 /* ..and wait until firmware notifies us that it is ready */ 1660 if (error == 0) 1661 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1662 splx(s); 1663 if (error != 0) 1664 return error; 1665 1666 /* read PHY registers */ 1667 for (reg = 0x09; reg <= 0x24; reg++) { 1668 if (reg == 0x0b || reg == 0x0c) 1669 continue; 1670 DELAY(100); 1671 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1672 return error; 1673 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1674 } 1675 return error; 1676 } 1677 1678 int 1679 uath_reset_tx_queues(struct uath_softc *sc) 1680 { 1681 int ac, error; 1682 1683 for (ac = 0; ac < 4; ac++) { 1684 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1685 1686 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1687 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1688 sizeof qid, 0); 1689 if (error != 0) 1690 break; 1691 } 1692 return error; 1693 } 1694 1695 int 1696 uath_wme_init(struct uath_softc *sc) 1697 { 1698 struct uath_qinfo qinfo; 1699 int ac, error; 1700 static const struct uath_wme_settings uath_wme_11g[4] = { 1701 { 7, 4, 10, 0, 0 }, /* Background */ 1702 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1703 { 3, 3, 4, 26, 0 }, /* Video */ 1704 { 2, 2, 3, 47, 0 } /* Voice */ 1705 }; 1706 1707 bzero(&qinfo, sizeof qinfo); 1708 qinfo.size = htobe32(32); 1709 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1710 qinfo.magic2 = htobe32(1); 1711 for (ac = 0; ac < 4; ac++) { 1712 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1713 qinfo.ac = htobe32(ac); 1714 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1715 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1716 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1717 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1718 uath_wme_11g[ac].txop)); 1719 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1720 1721 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1722 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1723 sizeof qinfo, 0); 1724 if (error != 0) 1725 break; 1726 } 1727 return error; 1728 } 1729 1730 int 1731 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1732 { 1733 struct uath_set_chan chan; 1734 1735 bzero(&chan, sizeof chan); 1736 chan.flags = htobe32(0x1400); 1737 chan.freq = htobe32(c->ic_freq); 1738 chan.magic1 = htobe32(20); 1739 chan.magic2 = htobe32(50); 1740 chan.magic3 = htobe32(1); 1741 1742 DPRINTF(("switching to channel %d\n", 1743 ieee80211_chan2ieee(&sc->sc_ic, c))); 1744 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1745 } 1746 1747 int 1748 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *k, int index) 1749 { 1750 struct uath_cmd_crypto crypto; 1751 int i; 1752 1753 bzero(&crypto, sizeof crypto); 1754 crypto.keyidx = htobe32(index); 1755 crypto.magic1 = htobe32(1); 1756 crypto.size = htobe32(368); 1757 crypto.mask = htobe32(0xffff); 1758 crypto.flags = htobe32(0x80000068); 1759 if (index != UATH_DEFAULT_KEY) 1760 crypto.flags |= htobe32(index << 16); 1761 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1762 1763 /* 1764 * Each byte of the key must be XOR'ed with 10101010 before being 1765 * transmitted to the firmware. 1766 */ 1767 for (i = 0; i < k->k_len; i++) 1768 crypto.key[i] = k->k_key[i] ^ 0xaa; 1769 1770 DPRINTF(("setting crypto key index=%d len=%d\n", index, k->k_len)); 1771 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1772 } 1773 1774 int 1775 uath_set_keys(struct uath_softc *sc) 1776 { 1777 const struct ieee80211com *ic = &sc->sc_ic; 1778 int i, error; 1779 1780 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1781 const struct ieee80211_key *k = &ic->ic_nw_keys[i]; 1782 1783 if (k->k_len > 0 && (error = uath_set_key(sc, k, i)) != 0) 1784 return error; 1785 } 1786 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1787 UATH_DEFAULT_KEY); 1788 } 1789 1790 int 1791 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1792 { 1793 struct uath_cmd_rates rates; 1794 1795 bzero(&rates, sizeof rates); 1796 rates.magic1 = htobe32(0x02); 1797 rates.size = htobe32(1 + sizeof rates.rates); 1798 rates.nrates = rs->rs_nrates; 1799 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1800 1801 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1802 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1803 } 1804 1805 int 1806 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1807 { 1808 struct uath_cmd_filter rxfilter; 1809 1810 rxfilter.filter = htobe32(filter); 1811 rxfilter.flags = htobe32(flags); 1812 1813 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1814 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1815 sizeof rxfilter, 0); 1816 } 1817 1818 int 1819 uath_set_led(struct uath_softc *sc, int which, int on) 1820 { 1821 struct uath_cmd_led led; 1822 1823 led.which = htobe32(which); 1824 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1825 1826 DPRINTFN(2, ("switching %s led %s\n", 1827 (which == UATH_LED_LINK) ? "link" : "activity", 1828 on ? "on" : "off")); 1829 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1830 } 1831 1832 int 1833 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1834 { 1835 uint32_t val; 1836 int error; 1837 1838 /* set radio frequency */ 1839 if ((error = uath_set_chan(sc, c)) != 0) { 1840 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1841 return error; 1842 } 1843 1844 /* reset Tx rings */ 1845 if ((error = uath_reset_tx_queues(sc)) != 0) { 1846 printf("%s: could not reset Tx queues\n", 1847 sc->sc_dev.dv_xname); 1848 return error; 1849 } 1850 1851 /* set Tx rings WME properties */ 1852 if ((error = uath_wme_init(sc)) != 0) { 1853 printf("%s: could not init Tx queues\n", 1854 sc->sc_dev.dv_xname); 1855 return error; 1856 } 1857 1858 val = htobe32(0); 1859 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1860 if (error != 0) { 1861 printf("%s: could not set state\n", sc->sc_dev.dv_xname); 1862 return error; 1863 } 1864 1865 return uath_tx_null(sc); 1866 } 1867 1868 int 1869 uath_init(struct ifnet *ifp) 1870 { 1871 struct uath_softc *sc = ifp->if_softc; 1872 struct ieee80211com *ic = &sc->sc_ic; 1873 struct uath_cmd_31 cmd31; 1874 uint32_t val; 1875 int i, error; 1876 1877 /* reset data and command rings */ 1878 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1879 1880 val = htobe32(0); 1881 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1882 1883 /* set MAC address */ 1884 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1885 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1886 1887 (void)uath_write_reg(sc, 0x02, 0x00000001); 1888 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1889 (void)uath_write_reg(sc, 0x10, 0x00000001); 1890 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1891 1892 /* 1893 * Queue Rx data xfers. 1894 */ 1895 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1896 struct uath_rx_data *data = &sc->rx_data[i]; 1897 1898 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1899 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1900 uath_data_rxeof); 1901 error = usbd_transfer(data->xfer); 1902 if (error != USBD_IN_PROGRESS && error != 0) { 1903 printf("%s: could not queue Rx transfer\n", 1904 sc->sc_dev.dv_xname); 1905 goto fail; 1906 } 1907 } 1908 1909 error = uath_cmd_read(sc, UATH_CMD_07, NULL, 0, &val, 1910 UATH_CMD_FLAG_MAGIC); 1911 if (error != 0) { 1912 printf("%s: could not send read command 07h\n", 1913 sc->sc_dev.dv_xname); 1914 goto fail; 1915 } 1916 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1917 1918 /* set default channel */ 1919 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1920 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1921 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1922 goto fail; 1923 } 1924 1925 if ((error = uath_wme_init(sc)) != 0) { 1926 printf("%s: could not setup WME parameters\n", 1927 sc->sc_dev.dv_xname); 1928 goto fail; 1929 } 1930 1931 /* init MAC registers */ 1932 (void)uath_write_reg(sc, 0x19, 0x00000000); 1933 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1934 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1935 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1936 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1937 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1938 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1939 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1940 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1941 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1942 1943 val = htobe32(4); 1944 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1945 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1946 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1947 1948 if ((error = uath_set_keys(sc)) != 0) { 1949 printf("%s: could not set crypto keys\n", 1950 sc->sc_dev.dv_xname); 1951 goto fail; 1952 } 1953 1954 /* enable Rx */ 1955 (void)uath_set_rxfilter(sc, 0x0000, 4); 1956 (void)uath_set_rxfilter(sc, 0x0817, 1); 1957 1958 cmd31.magic1 = htobe32(0xffffffff); 1959 cmd31.magic2 = htobe32(0xffffffff); 1960 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1961 1962 ifp->if_flags &= ~IFF_OACTIVE; 1963 ifp->if_flags |= IFF_RUNNING; 1964 1965 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1966 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1967 else 1968 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1969 1970 return 0; 1971 1972 fail: uath_stop(ifp, 1); 1973 return error; 1974 } 1975 1976 void 1977 uath_stop(struct ifnet *ifp, int disable) 1978 { 1979 struct uath_softc *sc = ifp->if_softc; 1980 struct ieee80211com *ic = &sc->sc_ic; 1981 uint32_t val; 1982 int s; 1983 1984 s = splusb(); 1985 1986 sc->sc_tx_timer = 0; 1987 ifp->if_timer = 0; 1988 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1989 1990 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1991 1992 val = htobe32(0); 1993 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1994 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1995 1996 val = htobe32(0); 1997 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1998 1999 #if 0 2000 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 2001 UATH_CMD_FLAG_MAGIC); 2002 #endif 2003 2004 /* abort any pending transfers */ 2005 usbd_abort_pipe(sc->data_tx_pipe); 2006 usbd_abort_pipe(sc->data_rx_pipe); 2007 usbd_abort_pipe(sc->cmd_tx_pipe); 2008 2009 splx(s); 2010 } 2011 2012 /* 2013 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 2014 * the device will detach itself from the bus and reattach later with a new 2015 * product Id (a la ezusb). XXX this could also be implemented in userland 2016 * through /dev/ugen. 2017 */ 2018 int 2019 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2020 { 2021 usbd_xfer_handle ctlxfer, txxfer, rxxfer; 2022 struct uath_fwblock *txblock, *rxblock; 2023 uint8_t *txdata; 2024 int error = 0; 2025 2026 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2027 printf("%s: could not allocate Tx control xfer\n", 2028 sc->sc_dev.dv_xname); 2029 error = USBD_NOMEM; 2030 goto fail1; 2031 } 2032 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2033 if (txblock == NULL) { 2034 printf("%s: could not allocate Tx control block\n", 2035 sc->sc_dev.dv_xname); 2036 error = USBD_NOMEM; 2037 goto fail2; 2038 } 2039 2040 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2041 printf("%s: could not allocate Tx xfer\n", 2042 sc->sc_dev.dv_xname); 2043 error = USBD_NOMEM; 2044 goto fail2; 2045 } 2046 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2047 if (txdata == NULL) { 2048 printf("%s: could not allocate Tx buffer\n", 2049 sc->sc_dev.dv_xname); 2050 error = USBD_NOMEM; 2051 goto fail3; 2052 } 2053 2054 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2055 printf("%s: could not allocate Rx control xfer\n", 2056 sc->sc_dev.dv_xname); 2057 error = USBD_NOMEM; 2058 goto fail3; 2059 } 2060 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2061 if (rxblock == NULL) { 2062 printf("%s: could not allocate Rx control block\n", 2063 sc->sc_dev.dv_xname); 2064 error = USBD_NOMEM; 2065 goto fail4; 2066 } 2067 2068 bzero(txblock, sizeof (struct uath_fwblock)); 2069 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2070 txblock->total = htobe32(len); 2071 2072 while (len > 0) { 2073 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2074 2075 txblock->remain = htobe32(len - mlen); 2076 txblock->len = htobe32(mlen); 2077 2078 DPRINTF(("sending firmware block: %d bytes remaining\n", 2079 len - mlen)); 2080 2081 /* send firmware block meta-data */ 2082 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2083 sizeof (struct uath_fwblock), USBD_NO_COPY, 2084 UATH_CMD_TIMEOUT, NULL); 2085 if ((error = usbd_sync_transfer(ctlxfer)) != 0) { 2086 printf("%s: could not send firmware block info\n", 2087 sc->sc_dev.dv_xname); 2088 break; 2089 } 2090 2091 /* send firmware block data */ 2092 bcopy(fw, txdata, mlen); 2093 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2094 USBD_NO_COPY, UATH_DATA_TIMEOUT, NULL); 2095 if ((error = usbd_sync_transfer(txxfer)) != 0) { 2096 printf("%s: could not send firmware block data\n", 2097 sc->sc_dev.dv_xname); 2098 break; 2099 } 2100 2101 /* wait for ack from firmware */ 2102 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2103 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2104 USBD_NO_COPY, UATH_CMD_TIMEOUT, NULL); 2105 if ((error = usbd_sync_transfer(rxxfer)) != 0) { 2106 printf("%s: could not read firmware answer\n", 2107 sc->sc_dev.dv_xname); 2108 break; 2109 } 2110 2111 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2112 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2113 fw += mlen; 2114 len -= mlen; 2115 } 2116 2117 fail4: usbd_free_xfer(rxxfer); 2118 fail3: usbd_free_xfer(txxfer); 2119 fail2: usbd_free_xfer(ctlxfer); 2120 fail1: return error; 2121 } 2122 2123 int 2124 uath_activate(struct device *self, int act) 2125 { 2126 struct uath_softc *sc = (struct uath_softc *)self; 2127 2128 switch (act) { 2129 case DVACT_DEACTIVATE: 2130 usbd_deactivate(sc->sc_udev); 2131 break; 2132 } 2133 return 0; 2134 } 2135