1 /* $OpenBSD: if_uath.c,v 1.36 2008/09/23 10:47:14 canacar Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * http://www.atheros.com/pt/bulletins/AR5005UGBulletin.pdf 23 * http://www.atheros.com/pt/bulletins/AR5005UXBulletin.pdf 24 * 25 * IMPORTANT NOTICE: 26 * This driver was written without any documentation or support from Atheros 27 * Communications. It is based on a black-box analysis of the Windows binary 28 * driver. It handles both pre and post-firmware devices. 29 */ 30 31 #include "bpfilter.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/timeout.h> 41 #include <sys/conf.h> 42 #include <sys/device.h> 43 44 #include <machine/bus.h> 45 #include <machine/endian.h> 46 #include <machine/intr.h> 47 48 #if NBPFILTER > 0 49 #include <net/bpf.h> 50 #endif 51 #include <net/if.h> 52 #include <net/if_arp.h> 53 #include <net/if_dl.h> 54 #include <net/if_media.h> 55 #include <net/if_types.h> 56 57 #include <netinet/in.h> 58 #include <netinet/in_systm.h> 59 #include <netinet/in_var.h> 60 #include <netinet/if_ether.h> 61 #include <netinet/ip.h> 62 63 #include <net80211/ieee80211_var.h> 64 #include <net80211/ieee80211_radiotap.h> 65 66 #include <dev/rndvar.h> 67 #include <crypto/arc4.h> 68 69 #include <dev/usb/usb.h> 70 #include <dev/usb/usbdi.h> 71 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 72 #include <dev/usb/usbdi_util.h> 73 #include <dev/usb/usbdevs.h> 74 75 #include <dev/usb/if_uathreg.h> 76 #include <dev/usb/if_uathvar.h> 77 78 #ifdef USB_DEBUG 79 #define UATH_DEBUG 80 #endif 81 82 #ifdef UATH_DEBUG 83 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 84 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 85 int uath_debug = 1; 86 #else 87 #define DPRINTF(x) 88 #define DPRINTFN(n, x) 89 #endif 90 91 /*- 92 * Various supported device vendors/products. 93 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 94 */ 95 #define UATH_DEV(v, p, f) \ 96 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 97 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 98 (f) | UATH_FLAG_PRE_FIRMWARE } 99 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 100 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 101 static const struct uath_type { 102 struct usb_devno dev; 103 unsigned int flags; 104 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 105 #define UATH_FLAG_ABG (1 << 1) 106 } uath_devs[] = { 107 UATH_DEV_UG(ACCTON, SMCWUSBTG2), 108 UATH_DEV_UG(ATHEROS, AR5523), 109 UATH_DEV_UG(ATHEROS2, AR5523_1), 110 UATH_DEV_UG(ATHEROS2, AR5523_2), 111 UATH_DEV_UX(ATHEROS2, AR5523_3), 112 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 113 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 114 UATH_DEV_UX(DLINK, DWLAG122), 115 UATH_DEV_UX(DLINK, DWLAG132), 116 UATH_DEV_UG(DLINK, DWLG132), 117 UATH_DEV_UG(GIGASET, AR5523), 118 UATH_DEV_UG(GIGASET, SMCWUSBTG), 119 UATH_DEV_UG(GLOBALSUN, AR5523_1), 120 UATH_DEV_UX(GLOBALSUN, AR5523_2), 121 UATH_DEV_UG(IODATA, USBWNG54US), 122 UATH_DEV_UG(MELCO, WLIU2KAMG54), 123 UATH_DEV_UX(NETGEAR, WG111U), 124 UATH_DEV_UG(NETGEAR3, WG111T), 125 UATH_DEV_UG(NETGEAR3, WPN111), 126 UATH_DEV_UG(PHILIPS, SNU6500), 127 UATH_DEV_UG(UMEDIA, AR5523_1), 128 UATH_DEV_UX(UMEDIA, AR5523_2), 129 UATH_DEV_UG(UMEDIA, TEW444UBEU), 130 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 131 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 132 UATH_DEV_UG(ZCOM, AR5523) 133 }; 134 #define uath_lookup(v, p) \ 135 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 136 137 void uath_attachhook(void *); 138 int uath_open_pipes(struct uath_softc *); 139 void uath_close_pipes(struct uath_softc *); 140 int uath_alloc_tx_data_list(struct uath_softc *); 141 void uath_free_tx_data_list(struct uath_softc *); 142 int uath_alloc_rx_data_list(struct uath_softc *); 143 void uath_free_rx_data_list(struct uath_softc *); 144 int uath_alloc_tx_cmd_list(struct uath_softc *); 145 void uath_free_tx_cmd_list(struct uath_softc *); 146 int uath_alloc_rx_cmd_list(struct uath_softc *); 147 void uath_free_rx_cmd_list(struct uath_softc *); 148 int uath_media_change(struct ifnet *); 149 void uath_stat(void *); 150 void uath_next_scan(void *); 151 void uath_task(void *); 152 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 153 #ifdef UATH_DEBUG 154 void uath_dump_cmd(const uint8_t *, int, char); 155 #endif 156 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 157 int); 158 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 159 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 160 int); 161 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 162 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 163 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 164 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 165 void uath_cmd_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 166 void uath_data_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 167 void uath_data_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 168 int uath_tx_null(struct uath_softc *); 169 int uath_tx_data(struct uath_softc *, struct mbuf *, 170 struct ieee80211_node *); 171 void uath_start(struct ifnet *); 172 void uath_watchdog(struct ifnet *); 173 int uath_ioctl(struct ifnet *, u_long, caddr_t); 174 int uath_query_eeprom(struct uath_softc *); 175 int uath_reset(struct uath_softc *); 176 int uath_reset_tx_queues(struct uath_softc *); 177 int uath_wme_init(struct uath_softc *); 178 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 179 int uath_set_key(struct uath_softc *, const struct ieee80211_key *, int); 180 int uath_set_keys(struct uath_softc *); 181 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 182 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 183 int uath_set_led(struct uath_softc *, int, int); 184 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 185 int uath_init(struct ifnet *); 186 void uath_stop(struct ifnet *, int); 187 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 188 int uath_activate(struct device *, enum devact); 189 190 int uath_match(struct device *, void *, void *); 191 void uath_attach(struct device *, struct device *, void *); 192 int uath_detach(struct device *, int); 193 int uath_activate(struct device *, enum devact); 194 195 struct cfdriver uath_cd = { 196 NULL, "uath", DV_DULL 197 }; 198 199 const struct cfattach uath_ca = { 200 sizeof(struct uath_softc), 201 uath_match, 202 uath_attach, 203 uath_detach, 204 uath_activate, 205 }; 206 207 int 208 uath_match(struct device *parent, void *match, void *aux) 209 { 210 struct usb_attach_arg *uaa = aux; 211 212 if (uaa->iface != NULL) 213 return UMATCH_NONE; 214 215 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 216 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 217 } 218 219 void 220 uath_attachhook(void *xsc) 221 { 222 struct uath_softc *sc = xsc; 223 u_char *fw; 224 size_t size; 225 int error; 226 227 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 228 printf("%s: error %d, could not read firmware %s\n", 229 sc->sc_dev.dv_xname, error, "uath-ar5523"); 230 return; 231 } 232 233 error = uath_loadfirmware(sc, fw, size); 234 free(fw, M_DEVBUF); 235 236 if (error == 0) { 237 usb_port_status_t status; 238 239 /* 240 * Hack alert: the device doesn't always gracefully detach 241 * from the bus after a firmware upload. We need to force 242 * a port reset and a re-exploration on the parent hub. 243 */ 244 usbd_reset_port(sc->sc_uhub, sc->sc_port, &status); 245 usb_needs_reattach(sc->sc_udev); 246 } else { 247 printf("%s: could not load firmware (error=%s)\n", 248 sc->sc_dev.dv_xname, usbd_errstr(error)); 249 } 250 } 251 252 void 253 uath_attach(struct device *parent, struct device *self, void *aux) 254 { 255 struct uath_softc *sc = (struct uath_softc *)self; 256 struct usb_attach_arg *uaa = aux; 257 struct ieee80211com *ic = &sc->sc_ic; 258 struct ifnet *ifp = &ic->ic_if; 259 usbd_status error; 260 int i; 261 262 sc->sc_udev = uaa->device; 263 sc->sc_uhub = uaa->device->myhub; 264 sc->sc_port = uaa->port; 265 266 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 267 268 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 269 printf("%s: could not set configuration no\n", 270 sc->sc_dev.dv_xname); 271 return; 272 } 273 274 /* get the first interface handle */ 275 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 276 &sc->sc_iface); 277 if (error != 0) { 278 printf("%s: could not get interface handle\n", 279 sc->sc_dev.dv_xname); 280 return; 281 } 282 283 /* 284 * We must open the pipes early because they're used to upload the 285 * firmware (pre-firmware devices) or to send firmware commands. 286 */ 287 if (uath_open_pipes(sc) != 0) { 288 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 289 return; 290 } 291 292 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 293 if (rootvp == NULL) 294 mountroothook_establish(uath_attachhook, sc); 295 else 296 uath_attachhook(sc); 297 return; 298 } 299 300 /* 301 * Only post-firmware devices here. 302 */ 303 usb_init_task(&sc->sc_task, uath_task, sc); 304 timeout_set(&sc->scan_to, uath_next_scan, sc); 305 timeout_set(&sc->stat_to, uath_stat, sc); 306 307 /* 308 * Allocate xfers for firmware commands. 309 */ 310 if (uath_alloc_tx_cmd_list(sc) != 0) { 311 printf("%s: could not allocate Tx command list\n", 312 sc->sc_dev.dv_xname); 313 goto fail1; 314 } 315 if (uath_alloc_rx_cmd_list(sc) != 0) { 316 printf("%s: could not allocate Rx command list\n", 317 sc->sc_dev.dv_xname); 318 goto fail2; 319 } 320 321 /* 322 * Queue Rx command xfers. 323 */ 324 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 325 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 326 327 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 328 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 329 USBD_NO_TIMEOUT, uath_cmd_rxeof); 330 error = usbd_transfer(cmd->xfer); 331 if (error != USBD_IN_PROGRESS && error != 0) { 332 printf("%s: could not queue Rx command xfer\n", 333 sc->sc_dev.dv_xname); 334 goto fail3; 335 } 336 } 337 338 /* 339 * We're now ready to send/receive firmware commands. 340 */ 341 if (uath_reset(sc) != 0) { 342 printf("%s: could not initialize adapter\n", 343 sc->sc_dev.dv_xname); 344 goto fail3; 345 } 346 if (uath_query_eeprom(sc) != 0) { 347 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 348 goto fail3; 349 } 350 351 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 352 sc->sc_dev.dv_xname, (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 353 ether_sprintf(ic->ic_myaddr)); 354 355 /* 356 * Allocate xfers for Tx/Rx data pipes. 357 */ 358 if (uath_alloc_tx_data_list(sc) != 0) { 359 printf("%s: could not allocate Tx data list\n", 360 sc->sc_dev.dv_xname); 361 goto fail3; 362 } 363 if (uath_alloc_rx_data_list(sc) != 0) { 364 printf("%s: could not allocate Rx data list\n", 365 sc->sc_dev.dv_xname); 366 goto fail4; 367 } 368 369 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 370 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 371 ic->ic_state = IEEE80211_S_INIT; 372 373 /* set device capabilities */ 374 ic->ic_caps = 375 IEEE80211_C_MONITOR | /* monitor mode supported */ 376 IEEE80211_C_TXPMGT | /* tx power management */ 377 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 378 IEEE80211_C_SHSLOT | /* short slot time supported */ 379 IEEE80211_C_WEP; /* h/w WEP */ 380 381 /* set supported .11b and .11g rates */ 382 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 383 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 384 385 /* set supported .11b and .11g channels (1 through 14) */ 386 for (i = 1; i <= 14; i++) { 387 ic->ic_channels[i].ic_freq = 388 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 389 ic->ic_channels[i].ic_flags = 390 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 391 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 392 } 393 394 ifp->if_softc = sc; 395 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 396 ifp->if_init = uath_init; 397 ifp->if_ioctl = uath_ioctl; 398 ifp->if_start = uath_start; 399 ifp->if_watchdog = uath_watchdog; 400 IFQ_SET_READY(&ifp->if_snd); 401 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 402 403 if_attach(ifp); 404 ieee80211_ifattach(ifp); 405 406 /* override state transition machine */ 407 sc->sc_newstate = ic->ic_newstate; 408 ic->ic_newstate = uath_newstate; 409 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 410 411 #if NBPFILTER > 0 412 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 413 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 414 415 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 416 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 417 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 418 419 sc->sc_txtap_len = sizeof sc->sc_txtapu; 420 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 421 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 422 #endif 423 424 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, 425 &sc->sc_dev); 426 427 return; 428 429 fail4: uath_free_tx_data_list(sc); 430 fail3: uath_free_rx_cmd_list(sc); 431 fail2: uath_free_tx_cmd_list(sc); 432 fail1: uath_close_pipes(sc); 433 } 434 435 int 436 uath_detach(struct device *self, int flags) 437 { 438 struct uath_softc *sc = (struct uath_softc *)self; 439 struct ifnet *ifp = &sc->sc_ic.ic_if; 440 int s; 441 442 s = splnet(); 443 444 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 445 uath_close_pipes(sc); 446 splx(s); 447 return 0; 448 } 449 450 /* post-firmware device */ 451 452 usb_rem_task(sc->sc_udev, &sc->sc_task); 453 timeout_del(&sc->scan_to); 454 timeout_del(&sc->stat_to); 455 456 /* abort and free xfers */ 457 uath_free_tx_data_list(sc); 458 uath_free_rx_data_list(sc); 459 uath_free_tx_cmd_list(sc); 460 uath_free_rx_cmd_list(sc); 461 462 /* close Tx/Rx pipes */ 463 uath_close_pipes(sc); 464 465 ieee80211_ifdetach(ifp); /* free all nodes */ 466 if_detach(ifp); 467 468 splx(s); 469 470 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, 471 &sc->sc_dev); 472 473 return 0; 474 } 475 476 int 477 uath_open_pipes(struct uath_softc *sc) 478 { 479 int error; 480 481 /* 482 * XXX pipes numbers are hardcoded because we don't have any way 483 * to distinguish the data pipes from the firmware command pipes 484 * (both are bulk pipes) using the endpoints descriptors. 485 */ 486 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 487 &sc->cmd_tx_pipe); 488 if (error != 0) { 489 printf("%s: could not open Tx command pipe: %s\n", 490 sc->sc_dev.dv_xname, usbd_errstr(error)); 491 goto fail; 492 } 493 494 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 495 &sc->data_tx_pipe); 496 if (error != 0) { 497 printf("%s: could not open Tx data pipe: %s\n", 498 sc->sc_dev.dv_xname, usbd_errstr(error)); 499 goto fail; 500 } 501 502 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 503 &sc->cmd_rx_pipe); 504 if (error != 0) { 505 printf("%s: could not open Rx command pipe: %s\n", 506 sc->sc_dev.dv_xname, usbd_errstr(error)); 507 goto fail; 508 } 509 510 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 511 &sc->data_rx_pipe); 512 if (error != 0) { 513 printf("%s: could not open Rx data pipe: %s\n", 514 sc->sc_dev.dv_xname, usbd_errstr(error)); 515 goto fail; 516 } 517 518 return 0; 519 520 fail: uath_close_pipes(sc); 521 return error; 522 } 523 524 void 525 uath_close_pipes(struct uath_softc *sc) 526 { 527 /* assumes no transfers are pending on the pipes */ 528 529 if (sc->data_tx_pipe != NULL) 530 usbd_close_pipe(sc->data_tx_pipe); 531 532 if (sc->data_rx_pipe != NULL) 533 usbd_close_pipe(sc->data_rx_pipe); 534 535 if (sc->cmd_tx_pipe != NULL) 536 usbd_close_pipe(sc->cmd_tx_pipe); 537 538 if (sc->cmd_rx_pipe != NULL) 539 usbd_close_pipe(sc->cmd_rx_pipe); 540 } 541 542 int 543 uath_alloc_tx_data_list(struct uath_softc *sc) 544 { 545 int i, error; 546 547 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 548 struct uath_tx_data *data = &sc->tx_data[i]; 549 550 data->sc = sc; /* backpointer for callbacks */ 551 552 data->xfer = usbd_alloc_xfer(sc->sc_udev); 553 if (data->xfer == NULL) { 554 printf("%s: could not allocate xfer\n", 555 sc->sc_dev.dv_xname); 556 error = ENOMEM; 557 goto fail; 558 } 559 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 560 if (data->buf == NULL) { 561 printf("%s: could not allocate xfer buffer\n", 562 sc->sc_dev.dv_xname); 563 error = ENOMEM; 564 goto fail; 565 } 566 } 567 return 0; 568 569 fail: uath_free_tx_data_list(sc); 570 return error; 571 } 572 573 void 574 uath_free_tx_data_list(struct uath_softc *sc) 575 { 576 int i; 577 578 /* make sure no transfers are pending */ 579 usbd_abort_pipe(sc->data_tx_pipe); 580 581 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 582 if (sc->tx_data[i].xfer != NULL) 583 usbd_free_xfer(sc->tx_data[i].xfer); 584 } 585 586 int 587 uath_alloc_rx_data_list(struct uath_softc *sc) 588 { 589 int i, error; 590 591 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 592 struct uath_rx_data *data = &sc->rx_data[i]; 593 594 data->sc = sc; /* backpointer for callbacks */ 595 596 data->xfer = usbd_alloc_xfer(sc->sc_udev); 597 if (data->xfer == NULL) { 598 printf("%s: could not allocate xfer\n", 599 sc->sc_dev.dv_xname); 600 error = ENOMEM; 601 goto fail; 602 } 603 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 604 printf("%s: could not allocate xfer buffer\n", 605 sc->sc_dev.dv_xname); 606 error = ENOMEM; 607 goto fail; 608 } 609 610 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 611 if (data->m == NULL) { 612 printf("%s: could not allocate rx mbuf\n", 613 sc->sc_dev.dv_xname); 614 error = ENOMEM; 615 goto fail; 616 } 617 MCLGET(data->m, M_DONTWAIT); 618 if (!(data->m->m_flags & M_EXT)) { 619 printf("%s: could not allocate rx mbuf cluster\n", 620 sc->sc_dev.dv_xname); 621 error = ENOMEM; 622 goto fail; 623 } 624 625 data->buf = mtod(data->m, uint8_t *); 626 } 627 return 0; 628 629 fail: uath_free_rx_data_list(sc); 630 return error; 631 } 632 633 void 634 uath_free_rx_data_list(struct uath_softc *sc) 635 { 636 int i; 637 638 /* make sure no transfers are pending */ 639 usbd_abort_pipe(sc->data_rx_pipe); 640 641 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 642 struct uath_rx_data *data = &sc->rx_data[i]; 643 644 if (data->xfer != NULL) 645 usbd_free_xfer(data->xfer); 646 647 if (data->m != NULL) 648 m_freem(data->m); 649 } 650 } 651 652 int 653 uath_alloc_tx_cmd_list(struct uath_softc *sc) 654 { 655 int i, error; 656 657 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 658 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 659 660 cmd->sc = sc; /* backpointer for callbacks */ 661 662 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 663 if (cmd->xfer == NULL) { 664 printf("%s: could not allocate xfer\n", 665 sc->sc_dev.dv_xname); 666 error = ENOMEM; 667 goto fail; 668 } 669 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 670 if (cmd->buf == NULL) { 671 printf("%s: could not allocate xfer buffer\n", 672 sc->sc_dev.dv_xname); 673 error = ENOMEM; 674 goto fail; 675 } 676 } 677 return 0; 678 679 fail: uath_free_tx_cmd_list(sc); 680 return error; 681 } 682 683 void 684 uath_free_tx_cmd_list(struct uath_softc *sc) 685 { 686 int i; 687 688 /* make sure no transfers are pending */ 689 usbd_abort_pipe(sc->cmd_tx_pipe); 690 691 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 692 if (sc->tx_cmd[i].xfer != NULL) 693 usbd_free_xfer(sc->tx_cmd[i].xfer); 694 } 695 696 int 697 uath_alloc_rx_cmd_list(struct uath_softc *sc) 698 { 699 int i, error; 700 701 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 702 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 703 704 cmd->sc = sc; /* backpointer for callbacks */ 705 706 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 707 if (cmd->xfer == NULL) { 708 printf("%s: could not allocate xfer\n", 709 sc->sc_dev.dv_xname); 710 error = ENOMEM; 711 goto fail; 712 } 713 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 714 if (cmd->buf == NULL) { 715 printf("%s: could not allocate xfer buffer\n", 716 sc->sc_dev.dv_xname); 717 error = ENOMEM; 718 goto fail; 719 } 720 } 721 return 0; 722 723 fail: uath_free_rx_cmd_list(sc); 724 return error; 725 } 726 727 void 728 uath_free_rx_cmd_list(struct uath_softc *sc) 729 { 730 int i; 731 732 /* make sure no transfers are pending */ 733 usbd_abort_pipe(sc->cmd_rx_pipe); 734 735 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 736 if (sc->rx_cmd[i].xfer != NULL) 737 usbd_free_xfer(sc->rx_cmd[i].xfer); 738 } 739 740 int 741 uath_media_change(struct ifnet *ifp) 742 { 743 int error; 744 745 error = ieee80211_media_change(ifp); 746 if (error != ENETRESET) 747 return error; 748 749 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 750 uath_init(ifp); 751 752 return 0; 753 } 754 755 /* 756 * This function is called periodically (every second) when associated to 757 * query device statistics. 758 */ 759 void 760 uath_stat(void *arg) 761 { 762 struct uath_softc *sc = arg; 763 int error; 764 765 /* 766 * Send request for statistics asynchronously. The timer will be 767 * restarted when we'll get the stats notification. 768 */ 769 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 770 UATH_CMD_FLAG_ASYNC); 771 if (error != 0) { 772 printf("%s: could not query statistics (error=%d)\n", 773 sc->sc_dev.dv_xname, error); 774 } 775 } 776 777 /* 778 * This function is called periodically (every 250ms) during scanning to 779 * switch from one channel to another. 780 */ 781 void 782 uath_next_scan(void *arg) 783 { 784 struct uath_softc *sc = arg; 785 struct ieee80211com *ic = &sc->sc_ic; 786 struct ifnet *ifp = &ic->ic_if; 787 788 if (ic->ic_state == IEEE80211_S_SCAN) 789 ieee80211_next_scan(ifp); 790 } 791 792 void 793 uath_task(void *arg) 794 { 795 struct uath_softc *sc = arg; 796 struct ieee80211com *ic = &sc->sc_ic; 797 enum ieee80211_state ostate; 798 799 ostate = ic->ic_state; 800 801 switch (sc->sc_state) { 802 case IEEE80211_S_INIT: 803 if (ostate == IEEE80211_S_RUN) { 804 /* turn link and activity LEDs off */ 805 (void)uath_set_led(sc, UATH_LED_LINK, 0); 806 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 807 } 808 break; 809 810 case IEEE80211_S_SCAN: 811 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 812 printf("%s: could not switch channel\n", 813 sc->sc_dev.dv_xname); 814 break; 815 } 816 timeout_add(&sc->scan_to, hz / 4); 817 break; 818 819 case IEEE80211_S_AUTH: 820 { 821 struct ieee80211_node *ni = ic->ic_bss; 822 struct uath_cmd_bssid bssid; 823 struct uath_cmd_0b cmd0b; 824 struct uath_cmd_0c cmd0c; 825 826 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 827 printf("%s: could not switch channel\n", 828 sc->sc_dev.dv_xname); 829 break; 830 } 831 832 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 833 834 bzero(&bssid, sizeof bssid); 835 bssid.len = htobe32(IEEE80211_ADDR_LEN); 836 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 837 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 838 sizeof bssid, 0); 839 840 bzero(&cmd0b, sizeof cmd0b); 841 cmd0b.code = htobe32(2); 842 cmd0b.size = htobe32(sizeof (cmd0b.data)); 843 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 844 845 bzero(&cmd0c, sizeof cmd0c); 846 cmd0c.magic1 = htobe32(2); 847 cmd0c.magic2 = htobe32(7); 848 cmd0c.magic3 = htobe32(1); 849 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 850 851 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 852 printf("%s: could not set negotiated rate set\n", 853 sc->sc_dev.dv_xname); 854 break; 855 } 856 break; 857 } 858 859 case IEEE80211_S_ASSOC: 860 break; 861 862 case IEEE80211_S_RUN: 863 { 864 struct ieee80211_node *ni = ic->ic_bss; 865 struct uath_cmd_bssid bssid; 866 struct uath_cmd_xled xled; 867 uint32_t val; 868 869 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 870 /* make both LEDs blink while monitoring */ 871 bzero(&xled, sizeof xled); 872 xled.which = htobe32(0); 873 xled.rate = htobe32(1); 874 xled.mode = htobe32(2); 875 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 876 sizeof xled, 0); 877 break; 878 } 879 880 /* 881 * Tx rate is controlled by firmware, report the maximum 882 * negotiated rate in ifconfig output. 883 */ 884 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 885 886 val = htobe32(1); 887 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 888 889 bzero(&bssid, sizeof bssid); 890 bssid.flags1 = htobe32(0xc004); 891 bssid.flags2 = htobe32(0x003b); 892 bssid.len = htobe32(IEEE80211_ADDR_LEN); 893 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 894 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 895 sizeof bssid, 0); 896 897 /* turn link LED on */ 898 (void)uath_set_led(sc, UATH_LED_LINK, 1); 899 900 /* make activity LED blink */ 901 bzero(&xled, sizeof xled); 902 xled.which = htobe32(1); 903 xled.rate = htobe32(1); 904 xled.mode = htobe32(2); 905 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 906 0); 907 908 /* set state to associated */ 909 val = htobe32(1); 910 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 911 0); 912 913 /* start statistics timer */ 914 timeout_add(&sc->stat_to, hz); 915 break; 916 } 917 } 918 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 919 } 920 921 int 922 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 923 { 924 struct uath_softc *sc = ic->ic_softc; 925 926 usb_rem_task(sc->sc_udev, &sc->sc_task); 927 timeout_del(&sc->scan_to); 928 timeout_del(&sc->stat_to); 929 930 /* do it in a process context */ 931 sc->sc_state = nstate; 932 sc->sc_arg = arg; 933 usb_add_task(sc->sc_udev, &sc->sc_task); 934 return 0; 935 } 936 937 #ifdef UATH_DEBUG 938 void 939 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 940 { 941 int i; 942 943 for (i = 0; i < len; i++) { 944 if ((i % 16) == 0) 945 printf("\n%c ", prefix); 946 else if ((i % 4) == 0) 947 printf(" "); 948 printf("%02x", buf[i]); 949 } 950 printf("\n"); 951 } 952 #endif 953 954 /* 955 * Low-level function to send read or write commands to the firmware. 956 */ 957 int 958 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 959 void *odata, int flags) 960 { 961 struct uath_cmd_hdr *hdr; 962 struct uath_tx_cmd *cmd; 963 uint16_t xferflags; 964 int s, xferlen, error; 965 966 /* grab a xfer */ 967 cmd = &sc->tx_cmd[sc->cmd_idx]; 968 969 /* always bulk-out a multiple of 4 bytes */ 970 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 971 972 hdr = (struct uath_cmd_hdr *)cmd->buf; 973 bzero(hdr, sizeof (struct uath_cmd_hdr)); 974 hdr->len = htobe32(xferlen); 975 hdr->code = htobe32(code); 976 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 977 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 978 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 979 980 #ifdef UATH_DEBUG 981 if (uath_debug >= 5) { 982 printf("sending command code=0x%02x flags=0x%x index=%u", 983 code, flags, sc->cmd_idx); 984 uath_dump_cmd(cmd->buf, xferlen, '+'); 985 } 986 #endif 987 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 988 if (!(flags & UATH_CMD_FLAG_READ)) { 989 if (!(flags & UATH_CMD_FLAG_ASYNC)) 990 xferflags |= USBD_SYNCHRONOUS; 991 } else 992 s = splusb(); 993 994 cmd->odata = odata; 995 996 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 997 xferflags, UATH_CMD_TIMEOUT, NULL); 998 error = usbd_transfer(cmd->xfer); 999 if (error != USBD_IN_PROGRESS && error != 0) { 1000 if (flags & UATH_CMD_FLAG_READ) 1001 splx(s); 1002 printf("%s: could not send command 0x%x (error=%s)\n", 1003 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 1004 return error; 1005 } 1006 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 1007 1008 if (!(flags & UATH_CMD_FLAG_READ)) 1009 return 0; /* write: don't wait for reply */ 1010 1011 /* wait at most two seconds for command reply */ 1012 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 1013 cmd->odata = NULL; /* in case answer is received too late */ 1014 splx(s); 1015 if (error != 0) { 1016 printf("%s: timeout waiting for command reply\n", 1017 sc->sc_dev.dv_xname); 1018 } 1019 return error; 1020 } 1021 1022 int 1023 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1024 int flags) 1025 { 1026 flags &= ~UATH_CMD_FLAG_READ; 1027 return uath_cmd(sc, code, data, len, NULL, flags); 1028 } 1029 1030 int 1031 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1032 int ilen, void *odata, int flags) 1033 { 1034 flags |= UATH_CMD_FLAG_READ; 1035 return uath_cmd(sc, code, idata, ilen, odata, flags); 1036 } 1037 1038 int 1039 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1040 { 1041 struct uath_write_mac write; 1042 int error; 1043 1044 write.reg = htobe32(reg); 1045 write.len = htobe32(0); /* 0 = single write */ 1046 *(uint32_t *)write.data = htobe32(val); 1047 1048 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1049 3 * sizeof (uint32_t), 0); 1050 if (error != 0) { 1051 printf("%s: could not write register 0x%02x\n", 1052 sc->sc_dev.dv_xname, reg); 1053 } 1054 return error; 1055 } 1056 1057 int 1058 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1059 int len) 1060 { 1061 struct uath_write_mac write; 1062 int error; 1063 1064 write.reg = htobe32(reg); 1065 write.len = htobe32(len); 1066 bcopy(data, write.data, len); 1067 1068 /* properly handle the case where len is zero (reset) */ 1069 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1070 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1071 if (error != 0) { 1072 printf("%s: could not write %d bytes to register 0x%02x\n", 1073 sc->sc_dev.dv_xname, len, reg); 1074 } 1075 return error; 1076 } 1077 1078 int 1079 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1080 { 1081 struct uath_read_mac read; 1082 int error; 1083 1084 reg = htobe32(reg); 1085 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1086 0); 1087 if (error != 0) { 1088 printf("%s: could not read register 0x%02x\n", 1089 sc->sc_dev.dv_xname, betoh32(reg)); 1090 return error; 1091 } 1092 *val = betoh32(*(uint32_t *)read.data); 1093 return error; 1094 } 1095 1096 int 1097 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1098 { 1099 struct uath_read_mac read; 1100 int len, error; 1101 1102 reg = htobe32(reg); 1103 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1104 &read, 0); 1105 if (error != 0) { 1106 printf("%s: could not read EEPROM offset 0x%02x\n", 1107 sc->sc_dev.dv_xname, betoh32(reg)); 1108 return error; 1109 } 1110 len = betoh32(read.len); 1111 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1112 return error; 1113 } 1114 1115 void 1116 uath_cmd_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1117 usbd_status status) 1118 { 1119 struct uath_rx_cmd *cmd = priv; 1120 struct uath_softc *sc = cmd->sc; 1121 struct uath_cmd_hdr *hdr; 1122 1123 if (status != USBD_NORMAL_COMPLETION) { 1124 if (status == USBD_STALLED) 1125 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1126 return; 1127 } 1128 1129 hdr = (struct uath_cmd_hdr *)cmd->buf; 1130 1131 #ifdef UATH_DEBUG 1132 if (uath_debug >= 5) { 1133 printf("received command code=0x%x index=%u len=%u", 1134 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1135 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1136 } 1137 #endif 1138 1139 switch (betoh32(hdr->code) & 0xff) { 1140 /* reply to a read command */ 1141 default: 1142 { 1143 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1144 1145 if (txcmd->odata != NULL) { 1146 /* copy answer into caller's supplied buffer */ 1147 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1148 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1149 } 1150 wakeup(txcmd); /* wake up caller */ 1151 break; 1152 } 1153 /* spontaneous firmware notifications */ 1154 case UATH_NOTIF_READY: 1155 DPRINTF(("received device ready notification\n")); 1156 wakeup(UATH_COND_INIT(sc)); 1157 break; 1158 1159 case UATH_NOTIF_TX: 1160 /* this notification is sent when UATH_TX_NOTIFY is set */ 1161 DPRINTF(("received Tx notification\n")); 1162 break; 1163 1164 case UATH_NOTIF_STATS: 1165 DPRINTFN(2, ("received device statistics\n")); 1166 timeout_add(&sc->stat_to, hz); 1167 break; 1168 } 1169 1170 /* setup a new transfer */ 1171 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1172 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1173 uath_cmd_rxeof); 1174 (void)usbd_transfer(xfer); 1175 } 1176 1177 void 1178 uath_data_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1179 usbd_status status) 1180 { 1181 struct uath_rx_data *data = priv; 1182 struct uath_softc *sc = data->sc; 1183 struct ieee80211com *ic = &sc->sc_ic; 1184 struct ifnet *ifp = &ic->ic_if; 1185 struct ieee80211_frame *wh; 1186 struct ieee80211_rxinfo rxi; 1187 struct ieee80211_node *ni; 1188 struct uath_rx_desc *desc; 1189 struct mbuf *mnew, *m; 1190 uint32_t hdr; 1191 int s, len; 1192 1193 if (status != USBD_NORMAL_COMPLETION) { 1194 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1195 return; 1196 1197 if (status == USBD_STALLED) 1198 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1199 1200 ifp->if_ierrors++; 1201 return; 1202 } 1203 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1204 1205 if (len < UATH_MIN_RXBUFSZ) { 1206 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1207 ifp->if_ierrors++; 1208 goto skip; 1209 } 1210 1211 hdr = betoh32(*(uint32_t *)data->buf); 1212 1213 /* Rx descriptor is located at the end, 32-bit aligned */ 1214 desc = (struct uath_rx_desc *) 1215 (data->buf + len - sizeof (struct uath_rx_desc)); 1216 1217 if (betoh32(desc->len) > sc->rxbufsz) { 1218 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1219 ifp->if_ierrors++; 1220 goto skip; 1221 } 1222 1223 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1224 1225 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1226 if (mnew == NULL) { 1227 printf("%s: could not allocate rx mbuf\n", 1228 sc->sc_dev.dv_xname); 1229 ifp->if_ierrors++; 1230 goto skip; 1231 } 1232 MCLGET(mnew, M_DONTWAIT); 1233 if (!(mnew->m_flags & M_EXT)) { 1234 printf("%s: could not allocate rx mbuf cluster\n", 1235 sc->sc_dev.dv_xname); 1236 m_freem(mnew); 1237 ifp->if_ierrors++; 1238 goto skip; 1239 } 1240 1241 m = data->m; 1242 data->m = mnew; 1243 1244 /* finalize mbuf */ 1245 m->m_pkthdr.rcvif = ifp; 1246 m->m_data = data->buf + sizeof (uint32_t); 1247 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1248 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1249 1250 data->buf = mtod(data->m, uint8_t *); 1251 1252 wh = mtod(m, struct ieee80211_frame *); 1253 rxi.rxi_flags = 0; 1254 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1255 ic->ic_opmode != IEEE80211_M_MONITOR) { 1256 /* 1257 * Hardware decrypts the frame itself but leaves the WEP bit 1258 * set in the 802.11 header and doesn't remove the IV and CRC 1259 * fields. 1260 */ 1261 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1262 ovbcopy(wh, (caddr_t)wh + IEEE80211_WEP_IVLEN + 1263 IEEE80211_WEP_KIDLEN, sizeof (struct ieee80211_frame)); 1264 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1265 m_adj(m, -IEEE80211_WEP_CRCLEN); 1266 wh = mtod(m, struct ieee80211_frame *); 1267 1268 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1269 } 1270 1271 #if NBPFILTER > 0 1272 /* there are a lot more fields in the Rx descriptor */ 1273 if (sc->sc_drvbpf != NULL) { 1274 struct mbuf mb; 1275 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1276 1277 tap->wr_flags = 0; 1278 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1279 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1280 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1281 1282 mb.m_data = (caddr_t)tap; 1283 mb.m_len = sc->sc_rxtap_len; 1284 mb.m_next = m; 1285 mb.m_nextpkt = NULL; 1286 mb.m_type = 0; 1287 mb.m_flags = 0; 1288 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1289 } 1290 #endif 1291 1292 s = splnet(); 1293 ni = ieee80211_find_rxnode(ic, wh); 1294 rxi.rxi_rssi = (int)betoh32(desc->rssi); 1295 rxi.rxi_tstamp = 0; /* unused */ 1296 ieee80211_input(ifp, m, ni, &rxi); 1297 1298 /* node is no longer needed */ 1299 ieee80211_release_node(ic, ni); 1300 splx(s); 1301 1302 skip: /* setup a new transfer */ 1303 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1304 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1305 (void)usbd_transfer(data->xfer); 1306 } 1307 1308 int 1309 uath_tx_null(struct uath_softc *sc) 1310 { 1311 struct uath_tx_data *data; 1312 struct uath_tx_desc *desc; 1313 1314 data = &sc->tx_data[sc->data_idx]; 1315 1316 data->ni = NULL; 1317 1318 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1319 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1320 1321 bzero(desc, sizeof (struct uath_tx_desc)); 1322 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1323 desc->type = htobe32(UATH_TX_NULL); 1324 1325 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1326 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1327 USBD_FORCE_SHORT_XFER, UATH_DATA_TIMEOUT, NULL); 1328 if (usbd_sync_transfer(data->xfer) != 0) 1329 return EIO; 1330 1331 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1332 1333 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1334 } 1335 1336 void 1337 uath_data_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1338 usbd_status status) 1339 { 1340 struct uath_tx_data *data = priv; 1341 struct uath_softc *sc = data->sc; 1342 struct ieee80211com *ic = &sc->sc_ic; 1343 struct ifnet *ifp = &ic->ic_if; 1344 int s; 1345 1346 if (status != USBD_NORMAL_COMPLETION) { 1347 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1348 return; 1349 1350 printf("%s: could not transmit buffer: %s\n", 1351 sc->sc_dev.dv_xname, usbd_errstr(status)); 1352 1353 if (status == USBD_STALLED) 1354 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1355 1356 ifp->if_oerrors++; 1357 return; 1358 } 1359 1360 s = splnet(); 1361 1362 ieee80211_release_node(ic, data->ni); 1363 data->ni = NULL; 1364 1365 sc->tx_queued--; 1366 ifp->if_opackets++; 1367 1368 sc->sc_tx_timer = 0; 1369 ifp->if_flags &= ~IFF_OACTIVE; 1370 uath_start(ifp); 1371 1372 splx(s); 1373 } 1374 1375 int 1376 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1377 { 1378 struct ieee80211com *ic = &sc->sc_ic; 1379 struct uath_tx_data *data; 1380 struct uath_tx_desc *desc; 1381 const struct ieee80211_frame *wh; 1382 int paylen, totlen, xferlen, error; 1383 1384 data = &sc->tx_data[sc->data_idx]; 1385 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1386 1387 data->ni = ni; 1388 1389 #if NBPFILTER > 0 1390 if (sc->sc_drvbpf != NULL) { 1391 struct mbuf mb; 1392 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1393 1394 tap->wt_flags = 0; 1395 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1396 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1397 1398 mb.m_data = (caddr_t)tap; 1399 mb.m_len = sc->sc_txtap_len; 1400 mb.m_next = m0; 1401 mb.m_nextpkt = NULL; 1402 mb.m_type = 0; 1403 mb.m_flags = 0; 1404 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1405 } 1406 #endif 1407 1408 paylen = m0->m_pkthdr.len; 1409 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1410 1411 wh = mtod(m0, struct ieee80211_frame *); 1412 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1413 uint8_t *frm = (uint8_t *)(desc + 1); 1414 uint32_t iv; 1415 1416 /* h/w WEP: it's up to the host to fill the IV field */ 1417 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1418 frm += sizeof (struct ieee80211_frame); 1419 1420 /* insert IV: code copied from net80211 */ 1421 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1422 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1423 iv += 0x000100; 1424 ic->ic_iv = iv + 1; 1425 1426 *frm++ = iv & 0xff; 1427 *frm++ = (iv >> 8) & 0xff; 1428 *frm++ = (iv >> 16) & 0xff; 1429 *frm++ = ic->ic_wep_txkey << 6; 1430 1431 m_copydata(m0, sizeof (struct ieee80211_frame), 1432 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1433 1434 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1435 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1436 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1437 } else { 1438 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1439 totlen = xferlen; 1440 } 1441 1442 /* fill Tx descriptor */ 1443 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1444 1445 desc->len = htobe32(totlen); 1446 desc->priv = sc->data_idx; /* don't care about endianness */ 1447 desc->paylen = htobe32(paylen); 1448 desc->type = htobe32(UATH_TX_DATA); 1449 desc->flags = htobe32(0); 1450 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1451 desc->dest = htobe32(UATH_ID_BROADCAST); 1452 desc->magic = htobe32(3); 1453 } else { 1454 desc->dest = htobe32(UATH_ID_BSS); 1455 desc->magic = htobe32(1); 1456 } 1457 1458 m_freem(m0); /* mbuf is no longer needed */ 1459 1460 #ifdef UATH_DEBUG 1461 if (uath_debug >= 6) { 1462 printf("sending frame index=%u len=%d xferlen=%d", 1463 sc->data_idx, paylen, xferlen); 1464 uath_dump_cmd(data->buf, xferlen, '+'); 1465 } 1466 #endif 1467 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1468 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1469 uath_data_txeof); 1470 error = usbd_transfer(data->xfer); 1471 if (error != USBD_IN_PROGRESS && error != 0) { 1472 ic->ic_if.if_oerrors++; 1473 return error; 1474 } 1475 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1476 sc->tx_queued++; 1477 1478 return 0; 1479 } 1480 1481 void 1482 uath_start(struct ifnet *ifp) 1483 { 1484 struct uath_softc *sc = ifp->if_softc; 1485 struct ieee80211com *ic = &sc->sc_ic; 1486 struct ieee80211_node *ni; 1487 struct mbuf *m0; 1488 1489 /* 1490 * net80211 may still try to send management frames even if the 1491 * IFF_RUNNING flag is not set... 1492 */ 1493 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1494 return; 1495 1496 for (;;) { 1497 IF_POLL(&ic->ic_mgtq, m0); 1498 if (m0 != NULL) { 1499 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1500 ifp->if_flags |= IFF_OACTIVE; 1501 break; 1502 } 1503 IF_DEQUEUE(&ic->ic_mgtq, m0); 1504 1505 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1506 m0->m_pkthdr.rcvif = NULL; 1507 #if NBPFILTER > 0 1508 if (ic->ic_rawbpf != NULL) 1509 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1510 #endif 1511 if (uath_tx_data(sc, m0, ni) != 0) 1512 break; 1513 } else { 1514 if (ic->ic_state != IEEE80211_S_RUN) 1515 break; 1516 IFQ_POLL(&ifp->if_snd, m0); 1517 if (m0 == NULL) 1518 break; 1519 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1520 ifp->if_flags |= IFF_OACTIVE; 1521 break; 1522 } 1523 IFQ_DEQUEUE(&ifp->if_snd, m0); 1524 #if NBPFILTER > 0 1525 if (ifp->if_bpf != NULL) 1526 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1527 #endif 1528 m0 = ieee80211_encap(ifp, m0, &ni); 1529 if (m0 == NULL) 1530 continue; 1531 #if NBPFILTER > 0 1532 if (ic->ic_rawbpf != NULL) 1533 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1534 #endif 1535 if (uath_tx_data(sc, m0, ni) != 0) { 1536 if (ni != NULL) 1537 ieee80211_release_node(ic, ni); 1538 ifp->if_oerrors++; 1539 break; 1540 } 1541 } 1542 1543 sc->sc_tx_timer = 5; 1544 ifp->if_timer = 1; 1545 } 1546 } 1547 1548 void 1549 uath_watchdog(struct ifnet *ifp) 1550 { 1551 struct uath_softc *sc = ifp->if_softc; 1552 1553 ifp->if_timer = 0; 1554 1555 if (sc->sc_tx_timer > 0) { 1556 if (--sc->sc_tx_timer == 0) { 1557 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1558 /*uath_init(ifp); XXX needs a process context! */ 1559 ifp->if_oerrors++; 1560 return; 1561 } 1562 ifp->if_timer = 1; 1563 } 1564 1565 ieee80211_watchdog(ifp); 1566 } 1567 1568 int 1569 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1570 { 1571 struct uath_softc *sc = ifp->if_softc; 1572 struct ieee80211com *ic = &sc->sc_ic; 1573 struct ifaddr *ifa; 1574 struct ifreq *ifr; 1575 int s, error = 0; 1576 1577 s = splnet(); 1578 1579 switch (cmd) { 1580 case SIOCSIFADDR: 1581 ifa = (struct ifaddr *)data; 1582 ifp->if_flags |= IFF_UP; 1583 #ifdef INET 1584 if (ifa->ifa_addr->sa_family == AF_INET) 1585 arp_ifinit(&ic->ic_ac, ifa); 1586 #endif 1587 /* FALLTHROUGH */ 1588 case SIOCSIFFLAGS: 1589 if (ifp->if_flags & IFF_UP) { 1590 if (!(ifp->if_flags & IFF_RUNNING)) 1591 uath_init(ifp); 1592 } else { 1593 if (ifp->if_flags & IFF_RUNNING) 1594 uath_stop(ifp, 1); 1595 } 1596 break; 1597 1598 case SIOCADDMULTI: 1599 case SIOCDELMULTI: 1600 ifr = (struct ifreq *)data; 1601 error = (cmd == SIOCADDMULTI) ? 1602 ether_addmulti(ifr, &ic->ic_ac) : 1603 ether_delmulti(ifr, &ic->ic_ac); 1604 if (error == ENETRESET) 1605 error = 0; 1606 break; 1607 1608 default: 1609 error = ieee80211_ioctl(ifp, cmd, data); 1610 } 1611 1612 if (error == ENETRESET) { 1613 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1614 (IFF_UP | IFF_RUNNING)) 1615 uath_init(ifp); 1616 error = 0; 1617 } 1618 1619 splx(s); 1620 1621 return error; 1622 } 1623 1624 int 1625 uath_query_eeprom(struct uath_softc *sc) 1626 { 1627 uint32_t tmp; 1628 int error; 1629 1630 /* retrieve MAC address */ 1631 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1632 if (error != 0) { 1633 printf("%s: could not read MAC address\n", 1634 sc->sc_dev.dv_xname); 1635 return error; 1636 } 1637 1638 /* retrieve the maximum frame size that the hardware can receive */ 1639 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1640 if (error != 0) { 1641 printf("%s: could not read maximum Rx buffer size\n", 1642 sc->sc_dev.dv_xname); 1643 return error; 1644 } 1645 sc->rxbufsz = betoh32(tmp) & 0xfff; 1646 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1647 return 0; 1648 } 1649 1650 int 1651 uath_reset(struct uath_softc *sc) 1652 { 1653 struct uath_cmd_setup setup; 1654 uint32_t reg, val; 1655 int s, error; 1656 1657 /* init device with some voodoo incantations.. */ 1658 setup.magic1 = htobe32(1); 1659 setup.magic2 = htobe32(5); 1660 setup.magic3 = htobe32(200); 1661 setup.magic4 = htobe32(27); 1662 s = splusb(); 1663 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1664 UATH_CMD_FLAG_ASYNC); 1665 /* ..and wait until firmware notifies us that it is ready */ 1666 if (error == 0) 1667 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1668 splx(s); 1669 if (error != 0) 1670 return error; 1671 1672 /* read PHY registers */ 1673 for (reg = 0x09; reg <= 0x24; reg++) { 1674 if (reg == 0x0b || reg == 0x0c) 1675 continue; 1676 DELAY(100); 1677 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1678 return error; 1679 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1680 } 1681 return error; 1682 } 1683 1684 int 1685 uath_reset_tx_queues(struct uath_softc *sc) 1686 { 1687 int ac, error; 1688 1689 for (ac = 0; ac < 4; ac++) { 1690 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1691 1692 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1693 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1694 sizeof qid, 0); 1695 if (error != 0) 1696 break; 1697 } 1698 return error; 1699 } 1700 1701 int 1702 uath_wme_init(struct uath_softc *sc) 1703 { 1704 struct uath_qinfo qinfo; 1705 int ac, error; 1706 static const struct uath_wme_settings uath_wme_11g[4] = { 1707 { 7, 4, 10, 0, 0 }, /* Background */ 1708 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1709 { 3, 3, 4, 26, 0 }, /* Video */ 1710 { 2, 2, 3, 47, 0 } /* Voice */ 1711 }; 1712 1713 bzero(&qinfo, sizeof qinfo); 1714 qinfo.size = htobe32(32); 1715 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1716 qinfo.magic2 = htobe32(1); 1717 for (ac = 0; ac < 4; ac++) { 1718 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1719 qinfo.ac = htobe32(ac); 1720 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1721 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1722 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1723 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1724 uath_wme_11g[ac].txop)); 1725 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1726 1727 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1728 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1729 sizeof qinfo, 0); 1730 if (error != 0) 1731 break; 1732 } 1733 return error; 1734 } 1735 1736 int 1737 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1738 { 1739 struct uath_set_chan chan; 1740 1741 bzero(&chan, sizeof chan); 1742 chan.flags = htobe32(0x1400); 1743 chan.freq = htobe32(c->ic_freq); 1744 chan.magic1 = htobe32(20); 1745 chan.magic2 = htobe32(50); 1746 chan.magic3 = htobe32(1); 1747 1748 DPRINTF(("switching to channel %d\n", 1749 ieee80211_chan2ieee(&sc->sc_ic, c))); 1750 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1751 } 1752 1753 int 1754 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *k, int index) 1755 { 1756 struct uath_cmd_crypto crypto; 1757 int i; 1758 1759 bzero(&crypto, sizeof crypto); 1760 crypto.keyidx = htobe32(index); 1761 crypto.magic1 = htobe32(1); 1762 crypto.size = htobe32(368); 1763 crypto.mask = htobe32(0xffff); 1764 crypto.flags = htobe32(0x80000068); 1765 if (index != UATH_DEFAULT_KEY) 1766 crypto.flags |= htobe32(index << 16); 1767 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1768 1769 /* 1770 * Each byte of the key must be XOR'ed with 10101010 before being 1771 * transmitted to the firmware. 1772 */ 1773 for (i = 0; i < k->k_len; i++) 1774 crypto.key[i] = k->k_key[i] ^ 0xaa; 1775 1776 DPRINTF(("setting crypto key index=%d len=%d\n", index, k->k_len)); 1777 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1778 } 1779 1780 int 1781 uath_set_keys(struct uath_softc *sc) 1782 { 1783 const struct ieee80211com *ic = &sc->sc_ic; 1784 int i, error; 1785 1786 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1787 const struct ieee80211_key *k = &ic->ic_nw_keys[i]; 1788 1789 if (k->k_len > 0 && (error = uath_set_key(sc, k, i)) != 0) 1790 return error; 1791 } 1792 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1793 UATH_DEFAULT_KEY); 1794 } 1795 1796 int 1797 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1798 { 1799 struct uath_cmd_rates rates; 1800 1801 bzero(&rates, sizeof rates); 1802 rates.magic1 = htobe32(0x02); 1803 rates.size = htobe32(1 + sizeof rates.rates); 1804 rates.nrates = rs->rs_nrates; 1805 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1806 1807 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1808 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1809 } 1810 1811 int 1812 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1813 { 1814 struct uath_cmd_filter rxfilter; 1815 1816 rxfilter.filter = htobe32(filter); 1817 rxfilter.flags = htobe32(flags); 1818 1819 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1820 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1821 sizeof rxfilter, 0); 1822 } 1823 1824 int 1825 uath_set_led(struct uath_softc *sc, int which, int on) 1826 { 1827 struct uath_cmd_led led; 1828 1829 led.which = htobe32(which); 1830 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1831 1832 DPRINTFN(2, ("switching %s led %s\n", 1833 (which == UATH_LED_LINK) ? "link" : "activity", 1834 on ? "on" : "off")); 1835 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1836 } 1837 1838 int 1839 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1840 { 1841 uint32_t val; 1842 int error; 1843 1844 /* set radio frequency */ 1845 if ((error = uath_set_chan(sc, c)) != 0) { 1846 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1847 return error; 1848 } 1849 1850 /* reset Tx rings */ 1851 if ((error = uath_reset_tx_queues(sc)) != 0) { 1852 printf("%s: could not reset Tx queues\n", 1853 sc->sc_dev.dv_xname); 1854 return error; 1855 } 1856 1857 /* set Tx rings WME properties */ 1858 if ((error = uath_wme_init(sc)) != 0) { 1859 printf("%s: could not init Tx queues\n", 1860 sc->sc_dev.dv_xname); 1861 return error; 1862 } 1863 1864 val = htobe32(0); 1865 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1866 if (error != 0) { 1867 printf("%s: could not set state\n", sc->sc_dev.dv_xname); 1868 return error; 1869 } 1870 1871 return uath_tx_null(sc); 1872 } 1873 1874 int 1875 uath_init(struct ifnet *ifp) 1876 { 1877 struct uath_softc *sc = ifp->if_softc; 1878 struct ieee80211com *ic = &sc->sc_ic; 1879 struct uath_cmd_31 cmd31; 1880 uint32_t val; 1881 int i, error; 1882 1883 /* reset data and command rings */ 1884 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1885 1886 val = htobe32(0); 1887 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1888 1889 /* set MAC address */ 1890 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1891 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1892 1893 (void)uath_write_reg(sc, 0x02, 0x00000001); 1894 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1895 (void)uath_write_reg(sc, 0x10, 0x00000001); 1896 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1897 1898 /* 1899 * Queue Rx data xfers. 1900 */ 1901 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1902 struct uath_rx_data *data = &sc->rx_data[i]; 1903 1904 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1905 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1906 uath_data_rxeof); 1907 error = usbd_transfer(data->xfer); 1908 if (error != USBD_IN_PROGRESS && error != 0) { 1909 printf("%s: could not queue Rx transfer\n", 1910 sc->sc_dev.dv_xname); 1911 goto fail; 1912 } 1913 } 1914 1915 error = uath_cmd_read(sc, UATH_CMD_07, 0, NULL, &val, 1916 UATH_CMD_FLAG_MAGIC); 1917 if (error != 0) { 1918 printf("%s: could not send read command 07h\n", 1919 sc->sc_dev.dv_xname); 1920 goto fail; 1921 } 1922 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1923 1924 /* set default channel */ 1925 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1926 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1927 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1928 goto fail; 1929 } 1930 1931 if ((error = uath_wme_init(sc)) != 0) { 1932 printf("%s: could not setup WME parameters\n", 1933 sc->sc_dev.dv_xname); 1934 goto fail; 1935 } 1936 1937 /* init MAC registers */ 1938 (void)uath_write_reg(sc, 0x19, 0x00000000); 1939 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1940 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1941 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1942 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1943 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1944 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1945 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1946 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1947 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1948 1949 val = htobe32(4); 1950 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1951 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1952 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1953 1954 if ((error = uath_set_keys(sc)) != 0) { 1955 printf("%s: could not set crypto keys\n", 1956 sc->sc_dev.dv_xname); 1957 goto fail; 1958 } 1959 1960 /* enable Rx */ 1961 (void)uath_set_rxfilter(sc, 0x0000, 4); 1962 (void)uath_set_rxfilter(sc, 0x0817, 1); 1963 1964 cmd31.magic1 = htobe32(0xffffffff); 1965 cmd31.magic2 = htobe32(0xffffffff); 1966 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1967 1968 ifp->if_flags &= ~IFF_OACTIVE; 1969 ifp->if_flags |= IFF_RUNNING; 1970 1971 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1972 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1973 else 1974 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1975 1976 return 0; 1977 1978 fail: uath_stop(ifp, 1); 1979 return error; 1980 } 1981 1982 void 1983 uath_stop(struct ifnet *ifp, int disable) 1984 { 1985 struct uath_softc *sc = ifp->if_softc; 1986 struct ieee80211com *ic = &sc->sc_ic; 1987 uint32_t val; 1988 int s; 1989 1990 s = splusb(); 1991 1992 sc->sc_tx_timer = 0; 1993 ifp->if_timer = 0; 1994 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1995 1996 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1997 1998 val = htobe32(0); 1999 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 2000 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 2001 2002 val = htobe32(0); 2003 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 2004 2005 #if 0 2006 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 2007 UATH_CMD_FLAG_MAGIC); 2008 #endif 2009 2010 /* abort any pending transfers */ 2011 usbd_abort_pipe(sc->data_tx_pipe); 2012 usbd_abort_pipe(sc->data_rx_pipe); 2013 usbd_abort_pipe(sc->cmd_tx_pipe); 2014 2015 splx(s); 2016 } 2017 2018 /* 2019 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 2020 * the device will detach itself from the bus and reattach later with a new 2021 * product Id (a la ezusb). XXX this could also be implemented in userland 2022 * through /dev/ugen. 2023 */ 2024 int 2025 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2026 { 2027 usbd_xfer_handle ctlxfer, txxfer, rxxfer; 2028 struct uath_fwblock *txblock, *rxblock; 2029 uint8_t *txdata; 2030 int error = 0; 2031 2032 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2033 printf("%s: could not allocate Tx control xfer\n", 2034 sc->sc_dev.dv_xname); 2035 error = USBD_NOMEM; 2036 goto fail1; 2037 } 2038 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2039 if (txblock == NULL) { 2040 printf("%s: could not allocate Tx control block\n", 2041 sc->sc_dev.dv_xname); 2042 error = USBD_NOMEM; 2043 goto fail2; 2044 } 2045 2046 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2047 printf("%s: could not allocate Tx xfer\n", 2048 sc->sc_dev.dv_xname); 2049 error = USBD_NOMEM; 2050 goto fail2; 2051 } 2052 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2053 if (txdata == NULL) { 2054 printf("%s: could not allocate Tx buffer\n", 2055 sc->sc_dev.dv_xname); 2056 error = USBD_NOMEM; 2057 goto fail3; 2058 } 2059 2060 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2061 printf("%s: could not allocate Rx control xfer\n", 2062 sc->sc_dev.dv_xname); 2063 error = USBD_NOMEM; 2064 goto fail3; 2065 } 2066 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2067 if (rxblock == NULL) { 2068 printf("%s: could not allocate Rx control block\n", 2069 sc->sc_dev.dv_xname); 2070 error = USBD_NOMEM; 2071 goto fail4; 2072 } 2073 2074 bzero(txblock, sizeof (struct uath_fwblock)); 2075 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2076 txblock->total = htobe32(len); 2077 2078 while (len > 0) { 2079 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2080 2081 txblock->remain = htobe32(len - mlen); 2082 txblock->len = htobe32(mlen); 2083 2084 DPRINTF(("sending firmware block: %d bytes remaining\n", 2085 len - mlen)); 2086 2087 /* send firmware block meta-data */ 2088 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2089 sizeof (struct uath_fwblock), USBD_NO_COPY, 2090 UATH_CMD_TIMEOUT, NULL); 2091 if ((error = usbd_sync_transfer(ctlxfer)) != 0) { 2092 printf("%s: could not send firmware block info\n", 2093 sc->sc_dev.dv_xname); 2094 break; 2095 } 2096 2097 /* send firmware block data */ 2098 bcopy(fw, txdata, mlen); 2099 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2100 USBD_NO_COPY, UATH_DATA_TIMEOUT, NULL); 2101 if ((error = usbd_sync_transfer(txxfer)) != 0) { 2102 printf("%s: could not send firmware block data\n", 2103 sc->sc_dev.dv_xname); 2104 break; 2105 } 2106 2107 /* wait for ack from firmware */ 2108 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2109 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2110 USBD_NO_COPY, UATH_CMD_TIMEOUT, NULL); 2111 if ((error = usbd_sync_transfer(rxxfer)) != 0) { 2112 printf("%s: could not read firmware answer\n", 2113 sc->sc_dev.dv_xname); 2114 break; 2115 } 2116 2117 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2118 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2119 fw += mlen; 2120 len -= mlen; 2121 } 2122 2123 fail4: usbd_free_xfer(rxxfer); 2124 fail3: usbd_free_xfer(txxfer); 2125 fail2: usbd_free_xfer(ctlxfer); 2126 fail1: return error; 2127 } 2128 2129 int 2130 uath_activate(struct device *self, enum devact act) 2131 { 2132 switch (act) { 2133 case DVACT_ACTIVATE: 2134 break; 2135 2136 case DVACT_DEACTIVATE: 2137 break; 2138 } 2139 return 0; 2140 } 2141