1 /* $OpenBSD: if_uath.c,v 1.58 2014/03/19 10:09:19 mpi Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * 23 * IMPORTANT NOTICE: 24 * This driver was written without any documentation or support from Atheros 25 * Communications. It is based on a black-box analysis of the Windows binary 26 * driver. It handles both pre and post-firmware devices. 27 */ 28 29 #include "bpfilter.h" 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/timeout.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 41 #include <machine/bus.h> 42 #include <machine/endian.h> 43 #include <machine/intr.h> 44 45 #if NBPFILTER > 0 46 #include <net/bpf.h> 47 #endif 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <netinet/in.h> 55 #include <netinet/in_systm.h> 56 #include <netinet/if_ether.h> 57 #include <netinet/ip.h> 58 59 #include <net80211/ieee80211_var.h> 60 #include <net80211/ieee80211_radiotap.h> 61 62 #include <dev/rndvar.h> 63 #include <crypto/arc4.h> 64 65 #include <dev/usb/usb.h> 66 #include <dev/usb/usbdi.h> 67 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 68 #include <dev/usb/usbdi_util.h> 69 #include <dev/usb/usbdevs.h> 70 71 #include <dev/usb/if_uathreg.h> 72 #include <dev/usb/if_uathvar.h> 73 74 #ifdef UATH_DEBUG 75 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 76 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 77 int uath_debug = 1; 78 #else 79 #define DPRINTF(x) 80 #define DPRINTFN(n, x) 81 #endif 82 83 /*- 84 * Various supported device vendors/products. 85 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 86 */ 87 #define UATH_DEV(v, p, f) \ 88 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 89 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 90 (f) | UATH_FLAG_PRE_FIRMWARE } 91 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 92 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 93 static const struct uath_type { 94 struct usb_devno dev; 95 unsigned int flags; 96 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 97 #define UATH_FLAG_ABG (1 << 1) 98 } uath_devs[] = { 99 UATH_DEV_UG(ACCTON, SMCWUSBTG2), 100 UATH_DEV_UG(ATHEROS, AR5523), 101 UATH_DEV_UG(ATHEROS2, AR5523_1), 102 UATH_DEV_UG(ATHEROS2, AR5523_2), 103 UATH_DEV_UX(ATHEROS2, AR5523_3), 104 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 105 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 106 UATH_DEV_UX(DLINK, DWLAG122), 107 UATH_DEV_UX(DLINK, DWLAG132), 108 UATH_DEV_UG(DLINK, DWLG132), 109 UATH_DEV_UG(DLINK2, WUA2340), 110 UATH_DEV_UG(GIGASET, AR5523), 111 UATH_DEV_UG(GIGASET, SMCWUSBTG), 112 UATH_DEV_UG(GLOBALSUN, AR5523_1), 113 UATH_DEV_UX(GLOBALSUN, AR5523_2), 114 UATH_DEV_UG(IODATA, USBWNG54US), 115 UATH_DEV_UG(MELCO, WLIU2KAMG54), 116 UATH_DEV_UX(NETGEAR, WG111U), 117 UATH_DEV_UG(NETGEAR3, WG111T), 118 UATH_DEV_UG(NETGEAR3, WPN111), 119 UATH_DEV_UG(PHILIPS, SNU6500), 120 UATH_DEV_UX(UMEDIA, AR5523_2), 121 UATH_DEV_UG(UMEDIA, TEW444UBEU), 122 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 123 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 124 UATH_DEV_UG(ZCOM, AR5523) 125 }; 126 #define uath_lookup(v, p) \ 127 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 128 129 void uath_attachhook(void *); 130 int uath_open_pipes(struct uath_softc *); 131 void uath_close_pipes(struct uath_softc *); 132 int uath_alloc_tx_data_list(struct uath_softc *); 133 void uath_free_tx_data_list(struct uath_softc *); 134 int uath_alloc_rx_data_list(struct uath_softc *); 135 void uath_free_rx_data_list(struct uath_softc *); 136 int uath_alloc_tx_cmd_list(struct uath_softc *); 137 void uath_free_tx_cmd_list(struct uath_softc *); 138 int uath_alloc_rx_cmd_list(struct uath_softc *); 139 void uath_free_rx_cmd_list(struct uath_softc *); 140 int uath_media_change(struct ifnet *); 141 void uath_stat(void *); 142 void uath_next_scan(void *); 143 void uath_task(void *); 144 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 145 #ifdef UATH_DEBUG 146 void uath_dump_cmd(const uint8_t *, int, char); 147 #endif 148 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 149 int); 150 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 151 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 152 int); 153 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 154 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 155 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 156 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 157 void uath_cmd_rxeof(struct usbd_xfer *, void *, usbd_status); 158 void uath_data_rxeof(struct usbd_xfer *, void *, usbd_status); 159 void uath_data_txeof(struct usbd_xfer *, void *, usbd_status); 160 int uath_tx_null(struct uath_softc *); 161 int uath_tx_data(struct uath_softc *, struct mbuf *, 162 struct ieee80211_node *); 163 void uath_start(struct ifnet *); 164 void uath_watchdog(struct ifnet *); 165 int uath_ioctl(struct ifnet *, u_long, caddr_t); 166 int uath_query_eeprom(struct uath_softc *); 167 int uath_reset(struct uath_softc *); 168 int uath_reset_tx_queues(struct uath_softc *); 169 int uath_wme_init(struct uath_softc *); 170 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 171 int uath_set_key(struct uath_softc *, const struct ieee80211_key *, int); 172 int uath_set_keys(struct uath_softc *); 173 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 174 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 175 int uath_set_led(struct uath_softc *, int, int); 176 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 177 int uath_init(struct ifnet *); 178 void uath_stop(struct ifnet *, int); 179 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 180 int uath_activate(struct device *, int); 181 182 int uath_match(struct device *, void *, void *); 183 void uath_attach(struct device *, struct device *, void *); 184 int uath_detach(struct device *, int); 185 int uath_activate(struct device *, int); 186 187 struct cfdriver uath_cd = { 188 NULL, "uath", DV_IFNET 189 }; 190 191 const struct cfattach uath_ca = { 192 sizeof(struct uath_softc), 193 uath_match, 194 uath_attach, 195 uath_detach, 196 uath_activate, 197 }; 198 199 int 200 uath_match(struct device *parent, void *match, void *aux) 201 { 202 struct usb_attach_arg *uaa = aux; 203 204 if (uaa->iface != NULL) 205 return UMATCH_NONE; 206 207 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 208 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 209 } 210 211 void 212 uath_attachhook(void *xsc) 213 { 214 struct uath_softc *sc = xsc; 215 u_char *fw; 216 size_t size; 217 int error; 218 219 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 220 printf("%s: error %d, could not read firmware %s\n", 221 sc->sc_dev.dv_xname, error, "uath-ar5523"); 222 return; 223 } 224 225 error = uath_loadfirmware(sc, fw, size); 226 free(fw, M_DEVBUF); 227 228 if (error == 0) { 229 usb_port_status_t status; 230 231 /* 232 * Hack alert: the device doesn't always gracefully detach 233 * from the bus after a firmware upload. We need to force 234 * a port reset and a re-exploration on the parent hub. 235 */ 236 usbd_reset_port(sc->sc_uhub, sc->sc_port, &status); 237 usb_needs_reattach(sc->sc_udev); 238 } else { 239 printf("%s: could not load firmware (error=%s)\n", 240 sc->sc_dev.dv_xname, usbd_errstr(error)); 241 } 242 } 243 244 void 245 uath_attach(struct device *parent, struct device *self, void *aux) 246 { 247 struct uath_softc *sc = (struct uath_softc *)self; 248 struct usb_attach_arg *uaa = aux; 249 struct ieee80211com *ic = &sc->sc_ic; 250 struct ifnet *ifp = &ic->ic_if; 251 usbd_status error; 252 int i; 253 254 sc->sc_udev = uaa->device; 255 sc->sc_uhub = uaa->device->myhub; 256 sc->sc_port = uaa->port; 257 258 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 259 260 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 261 printf("%s: could not set configuration no\n", 262 sc->sc_dev.dv_xname); 263 return; 264 } 265 266 /* get the first interface handle */ 267 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 268 &sc->sc_iface); 269 if (error != 0) { 270 printf("%s: could not get interface handle\n", 271 sc->sc_dev.dv_xname); 272 return; 273 } 274 275 /* 276 * We must open the pipes early because they're used to upload the 277 * firmware (pre-firmware devices) or to send firmware commands. 278 */ 279 if (uath_open_pipes(sc) != 0) { 280 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 281 return; 282 } 283 284 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 285 if (rootvp == NULL) 286 mountroothook_establish(uath_attachhook, sc); 287 else 288 uath_attachhook(sc); 289 return; 290 } 291 292 /* 293 * Only post-firmware devices here. 294 */ 295 usb_init_task(&sc->sc_task, uath_task, sc, USB_TASK_TYPE_GENERIC); 296 timeout_set(&sc->scan_to, uath_next_scan, sc); 297 timeout_set(&sc->stat_to, uath_stat, sc); 298 299 /* 300 * Allocate xfers for firmware commands. 301 */ 302 if (uath_alloc_tx_cmd_list(sc) != 0) { 303 printf("%s: could not allocate Tx command list\n", 304 sc->sc_dev.dv_xname); 305 goto fail1; 306 } 307 if (uath_alloc_rx_cmd_list(sc) != 0) { 308 printf("%s: could not allocate Rx command list\n", 309 sc->sc_dev.dv_xname); 310 goto fail2; 311 } 312 313 /* 314 * Queue Rx command xfers. 315 */ 316 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 317 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 318 319 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 320 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 321 USBD_NO_TIMEOUT, uath_cmd_rxeof); 322 error = usbd_transfer(cmd->xfer); 323 if (error != USBD_IN_PROGRESS && error != 0) { 324 printf("%s: could not queue Rx command xfer\n", 325 sc->sc_dev.dv_xname); 326 goto fail3; 327 } 328 } 329 330 /* 331 * We're now ready to send/receive firmware commands. 332 */ 333 if (uath_reset(sc) != 0) { 334 printf("%s: could not initialize adapter\n", 335 sc->sc_dev.dv_xname); 336 goto fail3; 337 } 338 if (uath_query_eeprom(sc) != 0) { 339 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 340 goto fail3; 341 } 342 343 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 344 sc->sc_dev.dv_xname, (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 345 ether_sprintf(ic->ic_myaddr)); 346 347 /* 348 * Allocate xfers for Tx/Rx data pipes. 349 */ 350 if (uath_alloc_tx_data_list(sc) != 0) { 351 printf("%s: could not allocate Tx data list\n", 352 sc->sc_dev.dv_xname); 353 goto fail3; 354 } 355 if (uath_alloc_rx_data_list(sc) != 0) { 356 printf("%s: could not allocate Rx data list\n", 357 sc->sc_dev.dv_xname); 358 goto fail4; 359 } 360 361 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 362 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 363 ic->ic_state = IEEE80211_S_INIT; 364 365 /* set device capabilities */ 366 ic->ic_caps = 367 IEEE80211_C_MONITOR | /* monitor mode supported */ 368 IEEE80211_C_TXPMGT | /* tx power management */ 369 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 370 IEEE80211_C_SHSLOT | /* short slot time supported */ 371 IEEE80211_C_WEP; /* h/w WEP */ 372 373 /* set supported .11b and .11g rates */ 374 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 375 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 376 377 /* set supported .11b and .11g channels (1 through 14) */ 378 for (i = 1; i <= 14; i++) { 379 ic->ic_channels[i].ic_freq = 380 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 381 ic->ic_channels[i].ic_flags = 382 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 383 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 384 } 385 386 ifp->if_softc = sc; 387 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 388 ifp->if_ioctl = uath_ioctl; 389 ifp->if_start = uath_start; 390 ifp->if_watchdog = uath_watchdog; 391 IFQ_SET_READY(&ifp->if_snd); 392 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 393 394 if_attach(ifp); 395 ieee80211_ifattach(ifp); 396 397 /* override state transition machine */ 398 sc->sc_newstate = ic->ic_newstate; 399 ic->ic_newstate = uath_newstate; 400 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 401 402 #if NBPFILTER > 0 403 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 404 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 405 406 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 407 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 408 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 409 410 sc->sc_txtap_len = sizeof sc->sc_txtapu; 411 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 412 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 413 #endif 414 415 return; 416 417 fail4: uath_free_tx_data_list(sc); 418 fail3: uath_free_rx_cmd_list(sc); 419 fail2: uath_free_tx_cmd_list(sc); 420 fail1: uath_close_pipes(sc); 421 usbd_deactivate(sc->sc_udev); 422 } 423 424 int 425 uath_detach(struct device *self, int flags) 426 { 427 struct uath_softc *sc = (struct uath_softc *)self; 428 struct ifnet *ifp = &sc->sc_ic.ic_if; 429 int s; 430 431 s = splnet(); 432 433 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 434 uath_close_pipes(sc); 435 splx(s); 436 return 0; 437 } 438 439 /* post-firmware device */ 440 441 usb_rem_task(sc->sc_udev, &sc->sc_task); 442 if (timeout_initialized(&sc->scan_to)) 443 timeout_del(&sc->scan_to); 444 if (timeout_initialized(&sc->stat_to)) 445 timeout_del(&sc->stat_to); 446 447 /* abort and free xfers */ 448 uath_free_tx_data_list(sc); 449 uath_free_rx_data_list(sc); 450 uath_free_tx_cmd_list(sc); 451 uath_free_rx_cmd_list(sc); 452 453 /* close Tx/Rx pipes */ 454 uath_close_pipes(sc); 455 456 if (ifp->if_softc != NULL) { 457 ieee80211_ifdetach(ifp); /* free all nodes */ 458 if_detach(ifp); 459 } 460 461 splx(s); 462 463 return 0; 464 } 465 466 int 467 uath_open_pipes(struct uath_softc *sc) 468 { 469 int error; 470 471 /* 472 * XXX pipes numbers are hardcoded because we don't have any way 473 * to distinguish the data pipes from the firmware command pipes 474 * (both are bulk pipes) using the endpoints descriptors. 475 */ 476 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 477 &sc->cmd_tx_pipe); 478 if (error != 0) { 479 printf("%s: could not open Tx command pipe: %s\n", 480 sc->sc_dev.dv_xname, usbd_errstr(error)); 481 goto fail; 482 } 483 484 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 485 &sc->data_tx_pipe); 486 if (error != 0) { 487 printf("%s: could not open Tx data pipe: %s\n", 488 sc->sc_dev.dv_xname, usbd_errstr(error)); 489 goto fail; 490 } 491 492 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 493 &sc->cmd_rx_pipe); 494 if (error != 0) { 495 printf("%s: could not open Rx command pipe: %s\n", 496 sc->sc_dev.dv_xname, usbd_errstr(error)); 497 goto fail; 498 } 499 500 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 501 &sc->data_rx_pipe); 502 if (error != 0) { 503 printf("%s: could not open Rx data pipe: %s\n", 504 sc->sc_dev.dv_xname, usbd_errstr(error)); 505 goto fail; 506 } 507 508 return 0; 509 510 fail: uath_close_pipes(sc); 511 return error; 512 } 513 514 void 515 uath_close_pipes(struct uath_softc *sc) 516 { 517 /* assumes no transfers are pending on the pipes */ 518 519 if (sc->data_tx_pipe != NULL) 520 usbd_close_pipe(sc->data_tx_pipe); 521 522 if (sc->data_rx_pipe != NULL) 523 usbd_close_pipe(sc->data_rx_pipe); 524 525 if (sc->cmd_tx_pipe != NULL) 526 usbd_close_pipe(sc->cmd_tx_pipe); 527 528 if (sc->cmd_rx_pipe != NULL) 529 usbd_close_pipe(sc->cmd_rx_pipe); 530 } 531 532 int 533 uath_alloc_tx_data_list(struct uath_softc *sc) 534 { 535 int i, error; 536 537 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 538 struct uath_tx_data *data = &sc->tx_data[i]; 539 540 data->sc = sc; /* backpointer for callbacks */ 541 542 data->xfer = usbd_alloc_xfer(sc->sc_udev); 543 if (data->xfer == NULL) { 544 printf("%s: could not allocate xfer\n", 545 sc->sc_dev.dv_xname); 546 error = ENOMEM; 547 goto fail; 548 } 549 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 550 if (data->buf == NULL) { 551 printf("%s: could not allocate xfer buffer\n", 552 sc->sc_dev.dv_xname); 553 error = ENOMEM; 554 goto fail; 555 } 556 } 557 return 0; 558 559 fail: uath_free_tx_data_list(sc); 560 return error; 561 } 562 563 void 564 uath_free_tx_data_list(struct uath_softc *sc) 565 { 566 int i; 567 568 /* make sure no transfers are pending */ 569 usbd_abort_pipe(sc->data_tx_pipe); 570 571 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 572 if (sc->tx_data[i].xfer != NULL) 573 usbd_free_xfer(sc->tx_data[i].xfer); 574 } 575 576 int 577 uath_alloc_rx_data_list(struct uath_softc *sc) 578 { 579 int i, error; 580 581 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 582 struct uath_rx_data *data = &sc->rx_data[i]; 583 584 data->sc = sc; /* backpointer for callbacks */ 585 586 data->xfer = usbd_alloc_xfer(sc->sc_udev); 587 if (data->xfer == NULL) { 588 printf("%s: could not allocate xfer\n", 589 sc->sc_dev.dv_xname); 590 error = ENOMEM; 591 goto fail; 592 } 593 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 594 printf("%s: could not allocate xfer buffer\n", 595 sc->sc_dev.dv_xname); 596 error = ENOMEM; 597 goto fail; 598 } 599 600 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 601 if (data->m == NULL) { 602 printf("%s: could not allocate rx mbuf\n", 603 sc->sc_dev.dv_xname); 604 error = ENOMEM; 605 goto fail; 606 } 607 MCLGET(data->m, M_DONTWAIT); 608 if (!(data->m->m_flags & M_EXT)) { 609 printf("%s: could not allocate rx mbuf cluster\n", 610 sc->sc_dev.dv_xname); 611 error = ENOMEM; 612 goto fail; 613 } 614 615 data->buf = mtod(data->m, uint8_t *); 616 } 617 return 0; 618 619 fail: uath_free_rx_data_list(sc); 620 return error; 621 } 622 623 void 624 uath_free_rx_data_list(struct uath_softc *sc) 625 { 626 int i; 627 628 /* make sure no transfers are pending */ 629 usbd_abort_pipe(sc->data_rx_pipe); 630 631 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 632 struct uath_rx_data *data = &sc->rx_data[i]; 633 634 if (data->xfer != NULL) 635 usbd_free_xfer(data->xfer); 636 637 if (data->m != NULL) 638 m_freem(data->m); 639 } 640 } 641 642 int 643 uath_alloc_tx_cmd_list(struct uath_softc *sc) 644 { 645 int i, error; 646 647 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 648 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 649 650 cmd->sc = sc; /* backpointer for callbacks */ 651 652 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 653 if (cmd->xfer == NULL) { 654 printf("%s: could not allocate xfer\n", 655 sc->sc_dev.dv_xname); 656 error = ENOMEM; 657 goto fail; 658 } 659 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 660 if (cmd->buf == NULL) { 661 printf("%s: could not allocate xfer buffer\n", 662 sc->sc_dev.dv_xname); 663 error = ENOMEM; 664 goto fail; 665 } 666 } 667 return 0; 668 669 fail: uath_free_tx_cmd_list(sc); 670 return error; 671 } 672 673 void 674 uath_free_tx_cmd_list(struct uath_softc *sc) 675 { 676 int i; 677 678 /* make sure no transfers are pending */ 679 usbd_abort_pipe(sc->cmd_tx_pipe); 680 681 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 682 if (sc->tx_cmd[i].xfer != NULL) 683 usbd_free_xfer(sc->tx_cmd[i].xfer); 684 } 685 686 int 687 uath_alloc_rx_cmd_list(struct uath_softc *sc) 688 { 689 int i, error; 690 691 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 692 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 693 694 cmd->sc = sc; /* backpointer for callbacks */ 695 696 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 697 if (cmd->xfer == NULL) { 698 printf("%s: could not allocate xfer\n", 699 sc->sc_dev.dv_xname); 700 error = ENOMEM; 701 goto fail; 702 } 703 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 704 if (cmd->buf == NULL) { 705 printf("%s: could not allocate xfer buffer\n", 706 sc->sc_dev.dv_xname); 707 error = ENOMEM; 708 goto fail; 709 } 710 } 711 return 0; 712 713 fail: uath_free_rx_cmd_list(sc); 714 return error; 715 } 716 717 void 718 uath_free_rx_cmd_list(struct uath_softc *sc) 719 { 720 int i; 721 722 /* make sure no transfers are pending */ 723 usbd_abort_pipe(sc->cmd_rx_pipe); 724 725 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 726 if (sc->rx_cmd[i].xfer != NULL) 727 usbd_free_xfer(sc->rx_cmd[i].xfer); 728 } 729 730 int 731 uath_media_change(struct ifnet *ifp) 732 { 733 int error; 734 735 error = ieee80211_media_change(ifp); 736 if (error != ENETRESET) 737 return error; 738 739 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 740 uath_init(ifp); 741 742 return 0; 743 } 744 745 /* 746 * This function is called periodically (every second) when associated to 747 * query device statistics. 748 */ 749 void 750 uath_stat(void *arg) 751 { 752 struct uath_softc *sc = arg; 753 int error; 754 755 /* 756 * Send request for statistics asynchronously. The timer will be 757 * restarted when we'll get the stats notification. 758 */ 759 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 760 UATH_CMD_FLAG_ASYNC); 761 if (error != 0) { 762 printf("%s: could not query statistics (error=%d)\n", 763 sc->sc_dev.dv_xname, error); 764 } 765 } 766 767 /* 768 * This function is called periodically (every 250ms) during scanning to 769 * switch from one channel to another. 770 */ 771 void 772 uath_next_scan(void *arg) 773 { 774 struct uath_softc *sc = arg; 775 struct ieee80211com *ic = &sc->sc_ic; 776 struct ifnet *ifp = &ic->ic_if; 777 778 if (ic->ic_state == IEEE80211_S_SCAN) 779 ieee80211_next_scan(ifp); 780 } 781 782 void 783 uath_task(void *arg) 784 { 785 struct uath_softc *sc = arg; 786 struct ieee80211com *ic = &sc->sc_ic; 787 enum ieee80211_state ostate; 788 789 ostate = ic->ic_state; 790 791 switch (sc->sc_state) { 792 case IEEE80211_S_INIT: 793 if (ostate == IEEE80211_S_RUN) { 794 /* turn link and activity LEDs off */ 795 (void)uath_set_led(sc, UATH_LED_LINK, 0); 796 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 797 } 798 break; 799 800 case IEEE80211_S_SCAN: 801 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 802 printf("%s: could not switch channel\n", 803 sc->sc_dev.dv_xname); 804 break; 805 } 806 timeout_add_msec(&sc->scan_to, 250); 807 break; 808 809 case IEEE80211_S_AUTH: 810 { 811 struct ieee80211_node *ni = ic->ic_bss; 812 struct uath_cmd_bssid bssid; 813 struct uath_cmd_0b cmd0b; 814 struct uath_cmd_0c cmd0c; 815 816 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 817 printf("%s: could not switch channel\n", 818 sc->sc_dev.dv_xname); 819 break; 820 } 821 822 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 823 824 bzero(&bssid, sizeof bssid); 825 bssid.len = htobe32(IEEE80211_ADDR_LEN); 826 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 827 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 828 sizeof bssid, 0); 829 830 bzero(&cmd0b, sizeof cmd0b); 831 cmd0b.code = htobe32(2); 832 cmd0b.size = htobe32(sizeof (cmd0b.data)); 833 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 834 835 bzero(&cmd0c, sizeof cmd0c); 836 cmd0c.magic1 = htobe32(2); 837 cmd0c.magic2 = htobe32(7); 838 cmd0c.magic3 = htobe32(1); 839 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 840 841 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 842 printf("%s: could not set negotiated rate set\n", 843 sc->sc_dev.dv_xname); 844 break; 845 } 846 break; 847 } 848 849 case IEEE80211_S_ASSOC: 850 break; 851 852 case IEEE80211_S_RUN: 853 { 854 struct ieee80211_node *ni = ic->ic_bss; 855 struct uath_cmd_bssid bssid; 856 struct uath_cmd_xled xled; 857 uint32_t val; 858 859 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 860 /* make both LEDs blink while monitoring */ 861 bzero(&xled, sizeof xled); 862 xled.which = htobe32(0); 863 xled.rate = htobe32(1); 864 xled.mode = htobe32(2); 865 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 866 sizeof xled, 0); 867 break; 868 } 869 870 /* 871 * Tx rate is controlled by firmware, report the maximum 872 * negotiated rate in ifconfig output. 873 */ 874 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 875 876 val = htobe32(1); 877 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 878 879 bzero(&bssid, sizeof bssid); 880 bssid.flags1 = htobe32(0xc004); 881 bssid.flags2 = htobe32(0x003b); 882 bssid.len = htobe32(IEEE80211_ADDR_LEN); 883 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 884 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 885 sizeof bssid, 0); 886 887 /* turn link LED on */ 888 (void)uath_set_led(sc, UATH_LED_LINK, 1); 889 890 /* make activity LED blink */ 891 bzero(&xled, sizeof xled); 892 xled.which = htobe32(1); 893 xled.rate = htobe32(1); 894 xled.mode = htobe32(2); 895 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 896 0); 897 898 /* set state to associated */ 899 val = htobe32(1); 900 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 901 0); 902 903 /* start statistics timer */ 904 timeout_add_sec(&sc->stat_to, 1); 905 break; 906 } 907 } 908 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 909 } 910 911 int 912 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 913 { 914 struct uath_softc *sc = ic->ic_softc; 915 916 usb_rem_task(sc->sc_udev, &sc->sc_task); 917 timeout_del(&sc->scan_to); 918 timeout_del(&sc->stat_to); 919 920 /* do it in a process context */ 921 sc->sc_state = nstate; 922 sc->sc_arg = arg; 923 usb_add_task(sc->sc_udev, &sc->sc_task); 924 return 0; 925 } 926 927 #ifdef UATH_DEBUG 928 void 929 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 930 { 931 int i; 932 933 for (i = 0; i < len; i++) { 934 if ((i % 16) == 0) 935 printf("\n%c ", prefix); 936 else if ((i % 4) == 0) 937 printf(" "); 938 printf("%02x", buf[i]); 939 } 940 printf("\n"); 941 } 942 #endif 943 944 /* 945 * Low-level function to send read or write commands to the firmware. 946 */ 947 int 948 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 949 void *odata, int flags) 950 { 951 struct uath_cmd_hdr *hdr; 952 struct uath_tx_cmd *cmd; 953 uint16_t xferflags; 954 int s, xferlen, error; 955 956 /* grab a xfer */ 957 cmd = &sc->tx_cmd[sc->cmd_idx]; 958 959 /* always bulk-out a multiple of 4 bytes */ 960 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 961 962 hdr = (struct uath_cmd_hdr *)cmd->buf; 963 bzero(hdr, sizeof (struct uath_cmd_hdr)); 964 hdr->len = htobe32(xferlen); 965 hdr->code = htobe32(code); 966 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 967 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 968 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 969 970 #ifdef UATH_DEBUG 971 if (uath_debug >= 5) { 972 printf("sending command code=0x%02x flags=0x%x index=%u", 973 code, flags, sc->cmd_idx); 974 uath_dump_cmd(cmd->buf, xferlen, '+'); 975 } 976 #endif 977 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 978 if (!(flags & UATH_CMD_FLAG_READ)) { 979 if (!(flags & UATH_CMD_FLAG_ASYNC)) 980 xferflags |= USBD_SYNCHRONOUS; 981 } else 982 s = splusb(); 983 984 cmd->odata = odata; 985 986 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 987 xferflags, UATH_CMD_TIMEOUT, NULL); 988 error = usbd_transfer(cmd->xfer); 989 if (error != USBD_IN_PROGRESS && error != 0) { 990 if (flags & UATH_CMD_FLAG_READ) 991 splx(s); 992 printf("%s: could not send command 0x%x (error=%s)\n", 993 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 994 return error; 995 } 996 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 997 998 if (!(flags & UATH_CMD_FLAG_READ)) 999 return 0; /* write: don't wait for reply */ 1000 1001 /* wait at most two seconds for command reply */ 1002 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 1003 cmd->odata = NULL; /* in case answer is received too late */ 1004 splx(s); 1005 if (error != 0) { 1006 printf("%s: timeout waiting for command reply\n", 1007 sc->sc_dev.dv_xname); 1008 } 1009 return error; 1010 } 1011 1012 int 1013 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1014 int flags) 1015 { 1016 flags &= ~UATH_CMD_FLAG_READ; 1017 return uath_cmd(sc, code, data, len, NULL, flags); 1018 } 1019 1020 int 1021 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1022 int ilen, void *odata, int flags) 1023 { 1024 flags |= UATH_CMD_FLAG_READ; 1025 return uath_cmd(sc, code, idata, ilen, odata, flags); 1026 } 1027 1028 int 1029 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1030 { 1031 struct uath_write_mac write; 1032 int error; 1033 1034 write.reg = htobe32(reg); 1035 write.len = htobe32(0); /* 0 = single write */ 1036 *(uint32_t *)write.data = htobe32(val); 1037 1038 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1039 3 * sizeof (uint32_t), 0); 1040 if (error != 0) { 1041 printf("%s: could not write register 0x%02x\n", 1042 sc->sc_dev.dv_xname, reg); 1043 } 1044 return error; 1045 } 1046 1047 int 1048 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1049 int len) 1050 { 1051 struct uath_write_mac write; 1052 int error; 1053 1054 write.reg = htobe32(reg); 1055 write.len = htobe32(len); 1056 bcopy(data, write.data, len); 1057 1058 /* properly handle the case where len is zero (reset) */ 1059 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1060 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1061 if (error != 0) { 1062 printf("%s: could not write %d bytes to register 0x%02x\n", 1063 sc->sc_dev.dv_xname, len, reg); 1064 } 1065 return error; 1066 } 1067 1068 int 1069 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1070 { 1071 struct uath_read_mac read; 1072 int error; 1073 1074 reg = htobe32(reg); 1075 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1076 0); 1077 if (error != 0) { 1078 printf("%s: could not read register 0x%02x\n", 1079 sc->sc_dev.dv_xname, betoh32(reg)); 1080 return error; 1081 } 1082 *val = betoh32(*(uint32_t *)read.data); 1083 return error; 1084 } 1085 1086 int 1087 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1088 { 1089 struct uath_read_mac read; 1090 int len, error; 1091 1092 reg = htobe32(reg); 1093 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1094 &read, 0); 1095 if (error != 0) { 1096 printf("%s: could not read EEPROM offset 0x%02x\n", 1097 sc->sc_dev.dv_xname, betoh32(reg)); 1098 return error; 1099 } 1100 len = betoh32(read.len); 1101 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1102 return error; 1103 } 1104 1105 void 1106 uath_cmd_rxeof(struct usbd_xfer *xfer, void *priv, 1107 usbd_status status) 1108 { 1109 struct uath_rx_cmd *cmd = priv; 1110 struct uath_softc *sc = cmd->sc; 1111 struct uath_cmd_hdr *hdr; 1112 1113 if (status != USBD_NORMAL_COMPLETION) { 1114 if (status == USBD_STALLED) 1115 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1116 return; 1117 } 1118 1119 hdr = (struct uath_cmd_hdr *)cmd->buf; 1120 1121 #ifdef UATH_DEBUG 1122 if (uath_debug >= 5) { 1123 printf("received command code=0x%x index=%u len=%u", 1124 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1125 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1126 } 1127 #endif 1128 1129 switch (betoh32(hdr->code) & 0xff) { 1130 /* reply to a read command */ 1131 default: 1132 { 1133 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1134 1135 if (txcmd->odata != NULL) { 1136 /* copy answer into caller's supplied buffer */ 1137 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1138 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1139 } 1140 wakeup(txcmd); /* wake up caller */ 1141 break; 1142 } 1143 /* spontaneous firmware notifications */ 1144 case UATH_NOTIF_READY: 1145 DPRINTF(("received device ready notification\n")); 1146 wakeup(UATH_COND_INIT(sc)); 1147 break; 1148 1149 case UATH_NOTIF_TX: 1150 /* this notification is sent when UATH_TX_NOTIFY is set */ 1151 DPRINTF(("received Tx notification\n")); 1152 break; 1153 1154 case UATH_NOTIF_STATS: 1155 DPRINTFN(2, ("received device statistics\n")); 1156 timeout_add_sec(&sc->stat_to, 1); 1157 break; 1158 } 1159 1160 /* setup a new transfer */ 1161 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1162 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1163 uath_cmd_rxeof); 1164 (void)usbd_transfer(xfer); 1165 } 1166 1167 void 1168 uath_data_rxeof(struct usbd_xfer *xfer, void *priv, 1169 usbd_status status) 1170 { 1171 struct uath_rx_data *data = priv; 1172 struct uath_softc *sc = data->sc; 1173 struct ieee80211com *ic = &sc->sc_ic; 1174 struct ifnet *ifp = &ic->ic_if; 1175 struct ieee80211_frame *wh; 1176 struct ieee80211_rxinfo rxi; 1177 struct ieee80211_node *ni; 1178 struct uath_rx_desc *desc; 1179 struct mbuf *mnew, *m; 1180 uint32_t hdr; 1181 int s, len; 1182 1183 if (status != USBD_NORMAL_COMPLETION) { 1184 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1185 return; 1186 1187 if (status == USBD_STALLED) 1188 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1189 1190 ifp->if_ierrors++; 1191 return; 1192 } 1193 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1194 1195 if (len < UATH_MIN_RXBUFSZ) { 1196 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1197 ifp->if_ierrors++; 1198 goto skip; 1199 } 1200 1201 hdr = betoh32(*(uint32_t *)data->buf); 1202 1203 /* Rx descriptor is located at the end, 32-bit aligned */ 1204 desc = (struct uath_rx_desc *) 1205 (data->buf + len - sizeof (struct uath_rx_desc)); 1206 1207 if (betoh32(desc->len) > sc->rxbufsz) { 1208 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1209 ifp->if_ierrors++; 1210 goto skip; 1211 } 1212 1213 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1214 1215 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1216 if (mnew == NULL) { 1217 printf("%s: could not allocate rx mbuf\n", 1218 sc->sc_dev.dv_xname); 1219 ifp->if_ierrors++; 1220 goto skip; 1221 } 1222 MCLGET(mnew, M_DONTWAIT); 1223 if (!(mnew->m_flags & M_EXT)) { 1224 printf("%s: could not allocate rx mbuf cluster\n", 1225 sc->sc_dev.dv_xname); 1226 m_freem(mnew); 1227 ifp->if_ierrors++; 1228 goto skip; 1229 } 1230 1231 m = data->m; 1232 data->m = mnew; 1233 1234 /* finalize mbuf */ 1235 m->m_pkthdr.rcvif = ifp; 1236 m->m_data = data->buf + sizeof (uint32_t); 1237 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1238 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1239 1240 data->buf = mtod(data->m, uint8_t *); 1241 1242 wh = mtod(m, struct ieee80211_frame *); 1243 rxi.rxi_flags = 0; 1244 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1245 ic->ic_opmode != IEEE80211_M_MONITOR) { 1246 /* 1247 * Hardware decrypts the frame itself but leaves the WEP bit 1248 * set in the 802.11 header and doesn't remove the IV and CRC 1249 * fields. 1250 */ 1251 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1252 memmove((caddr_t)wh + IEEE80211_WEP_IVLEN + 1253 IEEE80211_WEP_KIDLEN, wh, sizeof (struct ieee80211_frame)); 1254 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1255 m_adj(m, -IEEE80211_WEP_CRCLEN); 1256 wh = mtod(m, struct ieee80211_frame *); 1257 1258 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1259 } 1260 1261 #if NBPFILTER > 0 1262 /* there are a lot more fields in the Rx descriptor */ 1263 if (sc->sc_drvbpf != NULL) { 1264 struct mbuf mb; 1265 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1266 1267 tap->wr_flags = 0; 1268 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1269 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1270 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1271 1272 mb.m_data = (caddr_t)tap; 1273 mb.m_len = sc->sc_rxtap_len; 1274 mb.m_next = m; 1275 mb.m_nextpkt = NULL; 1276 mb.m_type = 0; 1277 mb.m_flags = 0; 1278 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1279 } 1280 #endif 1281 1282 s = splnet(); 1283 ni = ieee80211_find_rxnode(ic, wh); 1284 rxi.rxi_rssi = (int)betoh32(desc->rssi); 1285 rxi.rxi_tstamp = 0; /* unused */ 1286 ieee80211_input(ifp, m, ni, &rxi); 1287 1288 /* node is no longer needed */ 1289 ieee80211_release_node(ic, ni); 1290 splx(s); 1291 1292 skip: /* setup a new transfer */ 1293 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1294 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1295 (void)usbd_transfer(data->xfer); 1296 } 1297 1298 int 1299 uath_tx_null(struct uath_softc *sc) 1300 { 1301 struct uath_tx_data *data; 1302 struct uath_tx_desc *desc; 1303 1304 data = &sc->tx_data[sc->data_idx]; 1305 1306 data->ni = NULL; 1307 1308 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1309 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1310 1311 bzero(desc, sizeof (struct uath_tx_desc)); 1312 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1313 desc->type = htobe32(UATH_TX_NULL); 1314 1315 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1316 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1317 USBD_FORCE_SHORT_XFER | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 1318 if (usbd_transfer(data->xfer) != 0) 1319 return EIO; 1320 1321 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1322 1323 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1324 } 1325 1326 void 1327 uath_data_txeof(struct usbd_xfer *xfer, void *priv, 1328 usbd_status status) 1329 { 1330 struct uath_tx_data *data = priv; 1331 struct uath_softc *sc = data->sc; 1332 struct ieee80211com *ic = &sc->sc_ic; 1333 struct ifnet *ifp = &ic->ic_if; 1334 int s; 1335 1336 if (status != USBD_NORMAL_COMPLETION) { 1337 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1338 return; 1339 1340 printf("%s: could not transmit buffer: %s\n", 1341 sc->sc_dev.dv_xname, usbd_errstr(status)); 1342 1343 if (status == USBD_STALLED) 1344 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1345 1346 ifp->if_oerrors++; 1347 return; 1348 } 1349 1350 s = splnet(); 1351 1352 ieee80211_release_node(ic, data->ni); 1353 data->ni = NULL; 1354 1355 sc->tx_queued--; 1356 ifp->if_opackets++; 1357 1358 sc->sc_tx_timer = 0; 1359 ifp->if_flags &= ~IFF_OACTIVE; 1360 uath_start(ifp); 1361 1362 splx(s); 1363 } 1364 1365 int 1366 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1367 { 1368 struct ieee80211com *ic = &sc->sc_ic; 1369 struct uath_tx_data *data; 1370 struct uath_tx_desc *desc; 1371 const struct ieee80211_frame *wh; 1372 int paylen, totlen, xferlen, error; 1373 1374 data = &sc->tx_data[sc->data_idx]; 1375 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1376 1377 data->ni = ni; 1378 1379 #if NBPFILTER > 0 1380 if (sc->sc_drvbpf != NULL) { 1381 struct mbuf mb; 1382 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1383 1384 tap->wt_flags = 0; 1385 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1386 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1387 1388 mb.m_data = (caddr_t)tap; 1389 mb.m_len = sc->sc_txtap_len; 1390 mb.m_next = m0; 1391 mb.m_nextpkt = NULL; 1392 mb.m_type = 0; 1393 mb.m_flags = 0; 1394 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1395 } 1396 #endif 1397 1398 paylen = m0->m_pkthdr.len; 1399 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1400 1401 wh = mtod(m0, struct ieee80211_frame *); 1402 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1403 uint8_t *frm = (uint8_t *)(desc + 1); 1404 uint32_t iv; 1405 1406 /* h/w WEP: it's up to the host to fill the IV field */ 1407 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1408 frm += sizeof (struct ieee80211_frame); 1409 1410 /* insert IV: code copied from net80211 */ 1411 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1412 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1413 iv += 0x000100; 1414 ic->ic_iv = iv + 1; 1415 1416 *frm++ = iv & 0xff; 1417 *frm++ = (iv >> 8) & 0xff; 1418 *frm++ = (iv >> 16) & 0xff; 1419 *frm++ = ic->ic_wep_txkey << 6; 1420 1421 m_copydata(m0, sizeof (struct ieee80211_frame), 1422 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1423 1424 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1425 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1426 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1427 } else { 1428 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1429 totlen = xferlen; 1430 } 1431 1432 /* fill Tx descriptor */ 1433 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1434 1435 desc->len = htobe32(totlen); 1436 desc->priv = sc->data_idx; /* don't care about endianness */ 1437 desc->paylen = htobe32(paylen); 1438 desc->type = htobe32(UATH_TX_DATA); 1439 desc->flags = htobe32(0); 1440 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1441 desc->dest = htobe32(UATH_ID_BROADCAST); 1442 desc->magic = htobe32(3); 1443 } else { 1444 desc->dest = htobe32(UATH_ID_BSS); 1445 desc->magic = htobe32(1); 1446 } 1447 1448 m_freem(m0); /* mbuf is no longer needed */ 1449 1450 #ifdef UATH_DEBUG 1451 if (uath_debug >= 6) { 1452 printf("sending frame index=%u len=%d xferlen=%d", 1453 sc->data_idx, paylen, xferlen); 1454 uath_dump_cmd(data->buf, xferlen, '+'); 1455 } 1456 #endif 1457 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1458 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1459 uath_data_txeof); 1460 error = usbd_transfer(data->xfer); 1461 if (error != USBD_IN_PROGRESS && error != 0) { 1462 ic->ic_if.if_oerrors++; 1463 return error; 1464 } 1465 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1466 sc->tx_queued++; 1467 1468 return 0; 1469 } 1470 1471 void 1472 uath_start(struct ifnet *ifp) 1473 { 1474 struct uath_softc *sc = ifp->if_softc; 1475 struct ieee80211com *ic = &sc->sc_ic; 1476 struct ieee80211_node *ni; 1477 struct mbuf *m0; 1478 1479 /* 1480 * net80211 may still try to send management frames even if the 1481 * IFF_RUNNING flag is not set... 1482 */ 1483 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1484 return; 1485 1486 for (;;) { 1487 IF_POLL(&ic->ic_mgtq, m0); 1488 if (m0 != NULL) { 1489 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1490 ifp->if_flags |= IFF_OACTIVE; 1491 break; 1492 } 1493 IF_DEQUEUE(&ic->ic_mgtq, m0); 1494 1495 ni = m0->m_pkthdr.ph_cookie; 1496 #if NBPFILTER > 0 1497 if (ic->ic_rawbpf != NULL) 1498 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1499 #endif 1500 if (uath_tx_data(sc, m0, ni) != 0) 1501 break; 1502 } else { 1503 if (ic->ic_state != IEEE80211_S_RUN) 1504 break; 1505 IFQ_POLL(&ifp->if_snd, m0); 1506 if (m0 == NULL) 1507 break; 1508 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1509 ifp->if_flags |= IFF_OACTIVE; 1510 break; 1511 } 1512 IFQ_DEQUEUE(&ifp->if_snd, m0); 1513 #if NBPFILTER > 0 1514 if (ifp->if_bpf != NULL) 1515 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1516 #endif 1517 m0 = ieee80211_encap(ifp, m0, &ni); 1518 if (m0 == NULL) 1519 continue; 1520 #if NBPFILTER > 0 1521 if (ic->ic_rawbpf != NULL) 1522 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1523 #endif 1524 if (uath_tx_data(sc, m0, ni) != 0) { 1525 if (ni != NULL) 1526 ieee80211_release_node(ic, ni); 1527 ifp->if_oerrors++; 1528 break; 1529 } 1530 } 1531 1532 sc->sc_tx_timer = 5; 1533 ifp->if_timer = 1; 1534 } 1535 } 1536 1537 void 1538 uath_watchdog(struct ifnet *ifp) 1539 { 1540 struct uath_softc *sc = ifp->if_softc; 1541 1542 ifp->if_timer = 0; 1543 1544 if (sc->sc_tx_timer > 0) { 1545 if (--sc->sc_tx_timer == 0) { 1546 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1547 /*uath_init(ifp); XXX needs a process context! */ 1548 ifp->if_oerrors++; 1549 return; 1550 } 1551 ifp->if_timer = 1; 1552 } 1553 1554 ieee80211_watchdog(ifp); 1555 } 1556 1557 int 1558 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1559 { 1560 struct uath_softc *sc = ifp->if_softc; 1561 struct ieee80211com *ic = &sc->sc_ic; 1562 struct ifaddr *ifa; 1563 struct ifreq *ifr; 1564 int s, error = 0; 1565 1566 s = splnet(); 1567 1568 switch (cmd) { 1569 case SIOCSIFADDR: 1570 ifa = (struct ifaddr *)data; 1571 ifp->if_flags |= IFF_UP; 1572 #ifdef INET 1573 if (ifa->ifa_addr->sa_family == AF_INET) 1574 arp_ifinit(&ic->ic_ac, ifa); 1575 #endif 1576 /* FALLTHROUGH */ 1577 case SIOCSIFFLAGS: 1578 if (ifp->if_flags & IFF_UP) { 1579 if (!(ifp->if_flags & IFF_RUNNING)) 1580 uath_init(ifp); 1581 } else { 1582 if (ifp->if_flags & IFF_RUNNING) 1583 uath_stop(ifp, 1); 1584 } 1585 break; 1586 1587 case SIOCADDMULTI: 1588 case SIOCDELMULTI: 1589 ifr = (struct ifreq *)data; 1590 error = (cmd == SIOCADDMULTI) ? 1591 ether_addmulti(ifr, &ic->ic_ac) : 1592 ether_delmulti(ifr, &ic->ic_ac); 1593 if (error == ENETRESET) 1594 error = 0; 1595 break; 1596 1597 default: 1598 error = ieee80211_ioctl(ifp, cmd, data); 1599 } 1600 1601 if (error == ENETRESET) { 1602 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1603 (IFF_UP | IFF_RUNNING)) 1604 uath_init(ifp); 1605 error = 0; 1606 } 1607 1608 splx(s); 1609 1610 return error; 1611 } 1612 1613 int 1614 uath_query_eeprom(struct uath_softc *sc) 1615 { 1616 uint32_t tmp; 1617 int error; 1618 1619 /* retrieve MAC address */ 1620 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1621 if (error != 0) { 1622 printf("%s: could not read MAC address\n", 1623 sc->sc_dev.dv_xname); 1624 return error; 1625 } 1626 1627 /* retrieve the maximum frame size that the hardware can receive */ 1628 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1629 if (error != 0) { 1630 printf("%s: could not read maximum Rx buffer size\n", 1631 sc->sc_dev.dv_xname); 1632 return error; 1633 } 1634 sc->rxbufsz = betoh32(tmp) & 0xfff; 1635 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1636 return 0; 1637 } 1638 1639 int 1640 uath_reset(struct uath_softc *sc) 1641 { 1642 struct uath_cmd_setup setup; 1643 uint32_t reg, val; 1644 int s, error; 1645 1646 /* init device with some voodoo incantations.. */ 1647 setup.magic1 = htobe32(1); 1648 setup.magic2 = htobe32(5); 1649 setup.magic3 = htobe32(200); 1650 setup.magic4 = htobe32(27); 1651 s = splusb(); 1652 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1653 UATH_CMD_FLAG_ASYNC); 1654 /* ..and wait until firmware notifies us that it is ready */ 1655 if (error == 0) 1656 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1657 splx(s); 1658 if (error != 0) 1659 return error; 1660 1661 /* read PHY registers */ 1662 for (reg = 0x09; reg <= 0x24; reg++) { 1663 if (reg == 0x0b || reg == 0x0c) 1664 continue; 1665 DELAY(100); 1666 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1667 return error; 1668 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1669 } 1670 return error; 1671 } 1672 1673 int 1674 uath_reset_tx_queues(struct uath_softc *sc) 1675 { 1676 int ac, error; 1677 1678 for (ac = 0; ac < 4; ac++) { 1679 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1680 1681 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1682 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1683 sizeof qid, 0); 1684 if (error != 0) 1685 break; 1686 } 1687 return error; 1688 } 1689 1690 int 1691 uath_wme_init(struct uath_softc *sc) 1692 { 1693 struct uath_qinfo qinfo; 1694 int ac, error; 1695 static const struct uath_wme_settings uath_wme_11g[4] = { 1696 { 7, 4, 10, 0, 0 }, /* Background */ 1697 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1698 { 3, 3, 4, 26, 0 }, /* Video */ 1699 { 2, 2, 3, 47, 0 } /* Voice */ 1700 }; 1701 1702 bzero(&qinfo, sizeof qinfo); 1703 qinfo.size = htobe32(32); 1704 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1705 qinfo.magic2 = htobe32(1); 1706 for (ac = 0; ac < 4; ac++) { 1707 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1708 qinfo.ac = htobe32(ac); 1709 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1710 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1711 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1712 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1713 uath_wme_11g[ac].txop)); 1714 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1715 1716 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1717 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1718 sizeof qinfo, 0); 1719 if (error != 0) 1720 break; 1721 } 1722 return error; 1723 } 1724 1725 int 1726 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1727 { 1728 struct uath_set_chan chan; 1729 1730 bzero(&chan, sizeof chan); 1731 chan.flags = htobe32(0x1400); 1732 chan.freq = htobe32(c->ic_freq); 1733 chan.magic1 = htobe32(20); 1734 chan.magic2 = htobe32(50); 1735 chan.magic3 = htobe32(1); 1736 1737 DPRINTF(("switching to channel %d\n", 1738 ieee80211_chan2ieee(&sc->sc_ic, c))); 1739 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1740 } 1741 1742 int 1743 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *k, int index) 1744 { 1745 struct uath_cmd_crypto crypto; 1746 int i; 1747 1748 bzero(&crypto, sizeof crypto); 1749 crypto.keyidx = htobe32(index); 1750 crypto.magic1 = htobe32(1); 1751 crypto.size = htobe32(368); 1752 crypto.mask = htobe32(0xffff); 1753 crypto.flags = htobe32(0x80000068); 1754 if (index != UATH_DEFAULT_KEY) 1755 crypto.flags |= htobe32(index << 16); 1756 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1757 1758 /* 1759 * Each byte of the key must be XOR'ed with 10101010 before being 1760 * transmitted to the firmware. 1761 */ 1762 for (i = 0; i < k->k_len; i++) 1763 crypto.key[i] = k->k_key[i] ^ 0xaa; 1764 1765 DPRINTF(("setting crypto key index=%d len=%d\n", index, k->k_len)); 1766 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1767 } 1768 1769 int 1770 uath_set_keys(struct uath_softc *sc) 1771 { 1772 const struct ieee80211com *ic = &sc->sc_ic; 1773 int i, error; 1774 1775 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1776 const struct ieee80211_key *k = &ic->ic_nw_keys[i]; 1777 1778 if (k->k_len > 0 && (error = uath_set_key(sc, k, i)) != 0) 1779 return error; 1780 } 1781 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1782 UATH_DEFAULT_KEY); 1783 } 1784 1785 int 1786 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1787 { 1788 struct uath_cmd_rates rates; 1789 1790 bzero(&rates, sizeof rates); 1791 rates.magic1 = htobe32(0x02); 1792 rates.size = htobe32(1 + sizeof rates.rates); 1793 rates.nrates = rs->rs_nrates; 1794 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1795 1796 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1797 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1798 } 1799 1800 int 1801 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1802 { 1803 struct uath_cmd_filter rxfilter; 1804 1805 rxfilter.filter = htobe32(filter); 1806 rxfilter.flags = htobe32(flags); 1807 1808 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1809 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1810 sizeof rxfilter, 0); 1811 } 1812 1813 int 1814 uath_set_led(struct uath_softc *sc, int which, int on) 1815 { 1816 struct uath_cmd_led led; 1817 1818 led.which = htobe32(which); 1819 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1820 1821 DPRINTFN(2, ("switching %s led %s\n", 1822 (which == UATH_LED_LINK) ? "link" : "activity", 1823 on ? "on" : "off")); 1824 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1825 } 1826 1827 int 1828 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1829 { 1830 uint32_t val; 1831 int error; 1832 1833 /* set radio frequency */ 1834 if ((error = uath_set_chan(sc, c)) != 0) { 1835 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1836 return error; 1837 } 1838 1839 /* reset Tx rings */ 1840 if ((error = uath_reset_tx_queues(sc)) != 0) { 1841 printf("%s: could not reset Tx queues\n", 1842 sc->sc_dev.dv_xname); 1843 return error; 1844 } 1845 1846 /* set Tx rings WME properties */ 1847 if ((error = uath_wme_init(sc)) != 0) { 1848 printf("%s: could not init Tx queues\n", 1849 sc->sc_dev.dv_xname); 1850 return error; 1851 } 1852 1853 val = htobe32(0); 1854 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1855 if (error != 0) { 1856 printf("%s: could not set state\n", sc->sc_dev.dv_xname); 1857 return error; 1858 } 1859 1860 return uath_tx_null(sc); 1861 } 1862 1863 int 1864 uath_init(struct ifnet *ifp) 1865 { 1866 struct uath_softc *sc = ifp->if_softc; 1867 struct ieee80211com *ic = &sc->sc_ic; 1868 struct uath_cmd_31 cmd31; 1869 uint32_t val; 1870 int i, error; 1871 1872 /* reset data and command rings */ 1873 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1874 1875 val = htobe32(0); 1876 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1877 1878 /* set MAC address */ 1879 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1880 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1881 1882 (void)uath_write_reg(sc, 0x02, 0x00000001); 1883 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1884 (void)uath_write_reg(sc, 0x10, 0x00000001); 1885 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1886 1887 /* 1888 * Queue Rx data xfers. 1889 */ 1890 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1891 struct uath_rx_data *data = &sc->rx_data[i]; 1892 1893 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1894 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1895 uath_data_rxeof); 1896 error = usbd_transfer(data->xfer); 1897 if (error != USBD_IN_PROGRESS && error != 0) { 1898 printf("%s: could not queue Rx transfer\n", 1899 sc->sc_dev.dv_xname); 1900 goto fail; 1901 } 1902 } 1903 1904 error = uath_cmd_read(sc, UATH_CMD_07, NULL, 0, &val, 1905 UATH_CMD_FLAG_MAGIC); 1906 if (error != 0) { 1907 printf("%s: could not send read command 07h\n", 1908 sc->sc_dev.dv_xname); 1909 goto fail; 1910 } 1911 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1912 1913 /* set default channel */ 1914 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1915 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1916 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1917 goto fail; 1918 } 1919 1920 if ((error = uath_wme_init(sc)) != 0) { 1921 printf("%s: could not setup WME parameters\n", 1922 sc->sc_dev.dv_xname); 1923 goto fail; 1924 } 1925 1926 /* init MAC registers */ 1927 (void)uath_write_reg(sc, 0x19, 0x00000000); 1928 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1929 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1930 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1931 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1932 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1933 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1934 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1935 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1936 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1937 1938 val = htobe32(4); 1939 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1940 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1941 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1942 1943 if ((error = uath_set_keys(sc)) != 0) { 1944 printf("%s: could not set crypto keys\n", 1945 sc->sc_dev.dv_xname); 1946 goto fail; 1947 } 1948 1949 /* enable Rx */ 1950 (void)uath_set_rxfilter(sc, 0x0000, 4); 1951 (void)uath_set_rxfilter(sc, 0x0817, 1); 1952 1953 cmd31.magic1 = htobe32(0xffffffff); 1954 cmd31.magic2 = htobe32(0xffffffff); 1955 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1956 1957 ifp->if_flags &= ~IFF_OACTIVE; 1958 ifp->if_flags |= IFF_RUNNING; 1959 1960 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1961 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1962 else 1963 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1964 1965 return 0; 1966 1967 fail: uath_stop(ifp, 1); 1968 return error; 1969 } 1970 1971 void 1972 uath_stop(struct ifnet *ifp, int disable) 1973 { 1974 struct uath_softc *sc = ifp->if_softc; 1975 struct ieee80211com *ic = &sc->sc_ic; 1976 uint32_t val; 1977 int s; 1978 1979 s = splusb(); 1980 1981 sc->sc_tx_timer = 0; 1982 ifp->if_timer = 0; 1983 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1984 1985 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1986 1987 val = htobe32(0); 1988 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1989 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1990 1991 val = htobe32(0); 1992 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1993 1994 #if 0 1995 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1996 UATH_CMD_FLAG_MAGIC); 1997 #endif 1998 1999 /* abort any pending transfers */ 2000 usbd_abort_pipe(sc->data_tx_pipe); 2001 usbd_abort_pipe(sc->data_rx_pipe); 2002 usbd_abort_pipe(sc->cmd_tx_pipe); 2003 2004 splx(s); 2005 } 2006 2007 /* 2008 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 2009 * the device will detach itself from the bus and reattach later with a new 2010 * product Id (a la ezusb). XXX this could also be implemented in userland 2011 * through /dev/ugen. 2012 */ 2013 int 2014 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2015 { 2016 struct usbd_xfer *ctlxfer, *txxfer, *rxxfer; 2017 struct uath_fwblock *txblock, *rxblock; 2018 uint8_t *txdata; 2019 int error = 0; 2020 2021 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2022 printf("%s: could not allocate Tx control xfer\n", 2023 sc->sc_dev.dv_xname); 2024 error = USBD_NOMEM; 2025 goto fail1; 2026 } 2027 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2028 if (txblock == NULL) { 2029 printf("%s: could not allocate Tx control block\n", 2030 sc->sc_dev.dv_xname); 2031 error = USBD_NOMEM; 2032 goto fail2; 2033 } 2034 2035 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2036 printf("%s: could not allocate Tx xfer\n", 2037 sc->sc_dev.dv_xname); 2038 error = USBD_NOMEM; 2039 goto fail2; 2040 } 2041 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2042 if (txdata == NULL) { 2043 printf("%s: could not allocate Tx buffer\n", 2044 sc->sc_dev.dv_xname); 2045 error = USBD_NOMEM; 2046 goto fail3; 2047 } 2048 2049 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2050 printf("%s: could not allocate Rx control xfer\n", 2051 sc->sc_dev.dv_xname); 2052 error = USBD_NOMEM; 2053 goto fail3; 2054 } 2055 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2056 if (rxblock == NULL) { 2057 printf("%s: could not allocate Rx control block\n", 2058 sc->sc_dev.dv_xname); 2059 error = USBD_NOMEM; 2060 goto fail4; 2061 } 2062 2063 bzero(txblock, sizeof (struct uath_fwblock)); 2064 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2065 txblock->total = htobe32(len); 2066 2067 while (len > 0) { 2068 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2069 2070 txblock->remain = htobe32(len - mlen); 2071 txblock->len = htobe32(mlen); 2072 2073 DPRINTF(("sending firmware block: %d bytes remaining\n", 2074 len - mlen)); 2075 2076 /* send firmware block meta-data */ 2077 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2078 sizeof (struct uath_fwblock), 2079 USBD_NO_COPY | USBD_SYNCHRONOUS, 2080 UATH_CMD_TIMEOUT, NULL); 2081 if ((error = usbd_transfer(ctlxfer)) != 0) { 2082 printf("%s: could not send firmware block info\n", 2083 sc->sc_dev.dv_xname); 2084 break; 2085 } 2086 2087 /* send firmware block data */ 2088 bcopy(fw, txdata, mlen); 2089 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2090 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 2091 if ((error = usbd_transfer(txxfer)) != 0) { 2092 printf("%s: could not send firmware block data\n", 2093 sc->sc_dev.dv_xname); 2094 break; 2095 } 2096 2097 /* wait for ack from firmware */ 2098 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2099 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2100 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_CMD_TIMEOUT, NULL); 2101 if ((error = usbd_transfer(rxxfer)) != 0) { 2102 printf("%s: could not read firmware answer\n", 2103 sc->sc_dev.dv_xname); 2104 break; 2105 } 2106 2107 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2108 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2109 fw += mlen; 2110 len -= mlen; 2111 } 2112 2113 fail4: usbd_free_xfer(rxxfer); 2114 fail3: usbd_free_xfer(txxfer); 2115 fail2: usbd_free_xfer(ctlxfer); 2116 fail1: return error; 2117 } 2118 2119 int 2120 uath_activate(struct device *self, int act) 2121 { 2122 struct uath_softc *sc = (struct uath_softc *)self; 2123 2124 switch (act) { 2125 case DVACT_DEACTIVATE: 2126 usbd_deactivate(sc->sc_udev); 2127 break; 2128 } 2129 return 0; 2130 } 2131