1 /* $OpenBSD: if_uath.c,v 1.74 2015/11/24 13:45:07 mpi Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * 23 * IMPORTANT NOTICE: 24 * This driver was written without any documentation or support from Atheros 25 * Communications. It is based on a black-box analysis of the Windows binary 26 * driver. It handles both pre and post-firmware devices. 27 */ 28 29 #include "bpfilter.h" 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/timeout.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 #include <sys/endian.h> 41 42 #include <machine/bus.h> 43 #include <machine/intr.h> 44 45 #if NBPFILTER > 0 46 #include <net/bpf.h> 47 #endif 48 #include <net/if.h> 49 #include <net/if_dl.h> 50 #include <net/if_media.h> 51 52 #include <netinet/in.h> 53 #include <netinet/if_ether.h> 54 55 #include <net80211/ieee80211_var.h> 56 #include <net80211/ieee80211_radiotap.h> 57 58 #include <dev/usb/usb.h> 59 #include <dev/usb/usbdi.h> 60 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 61 #include <dev/usb/usbdi_util.h> 62 #include <dev/usb/usbdevs.h> 63 64 #include <dev/usb/if_uathreg.h> 65 #include <dev/usb/if_uathvar.h> 66 67 #ifdef UATH_DEBUG 68 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 69 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 70 int uath_debug = 1; 71 #else 72 #define DPRINTF(x) 73 #define DPRINTFN(n, x) 74 #endif 75 76 /*- 77 * Various supported device vendors/products. 78 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 79 */ 80 #define UATH_DEV(v, p, f) \ 81 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 82 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 83 (f) | UATH_FLAG_PRE_FIRMWARE } 84 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 85 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 86 static const struct uath_type { 87 struct usb_devno dev; 88 unsigned int flags; 89 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 90 #define UATH_FLAG_ABG (1 << 1) 91 } uath_devs[] = { 92 UATH_DEV_UG(ACCTON, SMCWUSBTG2), 93 UATH_DEV_UG(ATHEROS, AR5523), 94 UATH_DEV_UG(ATHEROS2, AR5523_1), 95 UATH_DEV_UG(ATHEROS2, AR5523_2), 96 UATH_DEV_UX(ATHEROS2, AR5523_3), 97 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 98 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 99 UATH_DEV_UX(DLINK, DWLAG122), 100 UATH_DEV_UX(DLINK, DWLAG132), 101 UATH_DEV_UG(DLINK, DWLG132), 102 UATH_DEV_UG(DLINK2, WUA2340), 103 UATH_DEV_UG(GIGASET, AR5523), 104 UATH_DEV_UG(GIGASET, SMCWUSBTG), 105 UATH_DEV_UG(GLOBALSUN, AR5523_1), 106 UATH_DEV_UX(GLOBALSUN, AR5523_2), 107 UATH_DEV_UG(IODATA, USBWNG54US), 108 UATH_DEV_UG(MELCO, WLIU2KAMG54), 109 UATH_DEV_UX(NETGEAR, WG111U), 110 UATH_DEV_UG(NETGEAR3, WG111T), 111 UATH_DEV_UG(NETGEAR3, WPN111), 112 UATH_DEV_UG(PHILIPS, SNU6500), 113 UATH_DEV_UX(UMEDIA, AR5523_2), 114 UATH_DEV_UG(UMEDIA, TEW444UBEU), 115 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 116 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 117 UATH_DEV_UG(ZCOM, AR5523), 118 119 /* Devices that share one of the IDs above. */ 120 { { USB_VENDOR_NETGEAR3, USB_PRODUCT_NETGEAR3_WG111T_1 }, 0 } \ 121 }; 122 #define uath_lookup(v, p) \ 123 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 124 125 void uath_attachhook(void *); 126 int uath_open_pipes(struct uath_softc *); 127 void uath_close_pipes(struct uath_softc *); 128 int uath_alloc_tx_data_list(struct uath_softc *); 129 void uath_free_tx_data_list(struct uath_softc *); 130 int uath_alloc_rx_data_list(struct uath_softc *); 131 void uath_free_rx_data_list(struct uath_softc *); 132 int uath_alloc_tx_cmd_list(struct uath_softc *); 133 void uath_free_tx_cmd_list(struct uath_softc *); 134 int uath_alloc_rx_cmd_list(struct uath_softc *); 135 void uath_free_rx_cmd_list(struct uath_softc *); 136 int uath_media_change(struct ifnet *); 137 void uath_stat(void *); 138 void uath_next_scan(void *); 139 void uath_task(void *); 140 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 141 #ifdef UATH_DEBUG 142 void uath_dump_cmd(const uint8_t *, int, char); 143 #endif 144 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 145 int); 146 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 147 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 148 int); 149 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 150 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 151 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 152 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 153 void uath_cmd_rxeof(struct usbd_xfer *, void *, usbd_status); 154 void uath_data_rxeof(struct usbd_xfer *, void *, usbd_status); 155 void uath_data_txeof(struct usbd_xfer *, void *, usbd_status); 156 int uath_tx_null(struct uath_softc *); 157 int uath_tx_data(struct uath_softc *, struct mbuf *, 158 struct ieee80211_node *); 159 void uath_start(struct ifnet *); 160 void uath_watchdog(struct ifnet *); 161 int uath_ioctl(struct ifnet *, u_long, caddr_t); 162 int uath_query_eeprom(struct uath_softc *); 163 int uath_reset(struct uath_softc *); 164 int uath_reset_tx_queues(struct uath_softc *); 165 int uath_wme_init(struct uath_softc *); 166 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 167 int uath_set_key(struct uath_softc *, const struct ieee80211_key *, int); 168 int uath_set_keys(struct uath_softc *); 169 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 170 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 171 int uath_set_led(struct uath_softc *, int, int); 172 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 173 int uath_init(struct ifnet *); 174 void uath_stop(struct ifnet *, int); 175 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 176 177 int uath_match(struct device *, void *, void *); 178 void uath_attach(struct device *, struct device *, void *); 179 int uath_detach(struct device *, int); 180 181 struct cfdriver uath_cd = { 182 NULL, "uath", DV_IFNET 183 }; 184 185 const struct cfattach uath_ca = { 186 sizeof(struct uath_softc), uath_match, uath_attach, uath_detach 187 }; 188 189 int 190 uath_match(struct device *parent, void *match, void *aux) 191 { 192 struct usb_attach_arg *uaa = aux; 193 194 if (uaa->iface != NULL) 195 return UMATCH_NONE; 196 197 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 198 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 199 } 200 201 void 202 uath_attachhook(void *xsc) 203 { 204 struct uath_softc *sc = xsc; 205 u_char *fw; 206 size_t size; 207 int error; 208 209 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 210 printf("%s: error %d, could not read firmware %s\n", 211 sc->sc_dev.dv_xname, error, "uath-ar5523"); 212 return; 213 } 214 215 error = uath_loadfirmware(sc, fw, size); 216 free(fw, M_DEVBUF, 0); 217 218 if (error == 0) { 219 /* 220 * Hack alert: the device doesn't always gracefully detach 221 * from the bus after a firmware upload. We need to force 222 * a port reset and a re-exploration on the parent hub. 223 */ 224 usbd_reset_port(sc->sc_uhub, sc->sc_port); 225 usb_needs_reattach(sc->sc_udev); 226 } else { 227 printf("%s: could not load firmware (error=%s)\n", 228 sc->sc_dev.dv_xname, usbd_errstr(error)); 229 } 230 } 231 232 void 233 uath_attach(struct device *parent, struct device *self, void *aux) 234 { 235 struct uath_softc *sc = (struct uath_softc *)self; 236 struct usb_attach_arg *uaa = aux; 237 struct ieee80211com *ic = &sc->sc_ic; 238 struct ifnet *ifp = &ic->ic_if; 239 usbd_status error; 240 int i; 241 242 sc->sc_udev = uaa->device; 243 sc->sc_uhub = uaa->device->myhub; 244 sc->sc_port = uaa->port; 245 246 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 247 248 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 249 printf("%s: could not set configuration no\n", 250 sc->sc_dev.dv_xname); 251 return; 252 } 253 254 /* get the first interface handle */ 255 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 256 &sc->sc_iface); 257 if (error != 0) { 258 printf("%s: could not get interface handle\n", 259 sc->sc_dev.dv_xname); 260 return; 261 } 262 263 /* 264 * We must open the pipes early because they're used to upload the 265 * firmware (pre-firmware devices) or to send firmware commands. 266 */ 267 if (uath_open_pipes(sc) != 0) { 268 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 269 return; 270 } 271 272 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 273 if (rootvp == NULL) 274 mountroothook_establish(uath_attachhook, sc); 275 else 276 uath_attachhook(sc); 277 return; 278 } 279 280 /* 281 * Only post-firmware devices here. 282 */ 283 usb_init_task(&sc->sc_task, uath_task, sc, USB_TASK_TYPE_GENERIC); 284 timeout_set(&sc->scan_to, uath_next_scan, sc); 285 timeout_set(&sc->stat_to, uath_stat, sc); 286 287 /* 288 * Allocate xfers for firmware commands. 289 */ 290 if (uath_alloc_tx_cmd_list(sc) != 0) { 291 printf("%s: could not allocate Tx command list\n", 292 sc->sc_dev.dv_xname); 293 goto fail; 294 } 295 if (uath_alloc_rx_cmd_list(sc) != 0) { 296 printf("%s: could not allocate Rx command list\n", 297 sc->sc_dev.dv_xname); 298 goto fail; 299 } 300 301 /* 302 * Queue Rx command xfers. 303 */ 304 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 305 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 306 307 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 308 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 309 USBD_NO_TIMEOUT, uath_cmd_rxeof); 310 error = usbd_transfer(cmd->xfer); 311 if (error != USBD_IN_PROGRESS && error != 0) { 312 printf("%s: could not queue Rx command xfer\n", 313 sc->sc_dev.dv_xname); 314 goto fail; 315 } 316 } 317 318 /* 319 * We're now ready to send/receive firmware commands. 320 */ 321 if (uath_reset(sc) != 0) { 322 printf("%s: could not initialize adapter\n", 323 sc->sc_dev.dv_xname); 324 goto fail; 325 } 326 if (uath_query_eeprom(sc) != 0) { 327 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 328 goto fail; 329 } 330 331 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 332 sc->sc_dev.dv_xname, (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 333 ether_sprintf(ic->ic_myaddr)); 334 335 /* 336 * Allocate xfers for Tx/Rx data pipes. 337 */ 338 if (uath_alloc_tx_data_list(sc) != 0) { 339 printf("%s: could not allocate Tx data list\n", 340 sc->sc_dev.dv_xname); 341 goto fail; 342 } 343 if (uath_alloc_rx_data_list(sc) != 0) { 344 printf("%s: could not allocate Rx data list\n", 345 sc->sc_dev.dv_xname); 346 goto fail; 347 } 348 349 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 350 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 351 ic->ic_state = IEEE80211_S_INIT; 352 353 /* set device capabilities */ 354 ic->ic_caps = 355 IEEE80211_C_MONITOR | /* monitor mode supported */ 356 IEEE80211_C_TXPMGT | /* tx power management */ 357 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 358 IEEE80211_C_SHSLOT | /* short slot time supported */ 359 IEEE80211_C_WEP; /* h/w WEP */ 360 361 /* set supported .11b and .11g rates */ 362 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 363 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 364 365 /* set supported .11b and .11g channels (1 through 14) */ 366 for (i = 1; i <= 14; i++) { 367 ic->ic_channels[i].ic_freq = 368 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 369 ic->ic_channels[i].ic_flags = 370 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 371 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 372 } 373 374 ifp->if_softc = sc; 375 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 376 ifp->if_ioctl = uath_ioctl; 377 ifp->if_start = uath_start; 378 ifp->if_watchdog = uath_watchdog; 379 IFQ_SET_READY(&ifp->if_snd); 380 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 381 382 if_attach(ifp); 383 ieee80211_ifattach(ifp); 384 385 /* override state transition machine */ 386 sc->sc_newstate = ic->ic_newstate; 387 ic->ic_newstate = uath_newstate; 388 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 389 390 #if NBPFILTER > 0 391 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 392 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 393 394 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 395 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 396 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 397 398 sc->sc_txtap_len = sizeof sc->sc_txtapu; 399 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 400 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 401 #endif 402 403 return; 404 405 fail: uath_close_pipes(sc); 406 uath_free_tx_data_list(sc); 407 uath_free_rx_cmd_list(sc); 408 uath_free_tx_cmd_list(sc); 409 usbd_deactivate(sc->sc_udev); 410 } 411 412 int 413 uath_detach(struct device *self, int flags) 414 { 415 struct uath_softc *sc = (struct uath_softc *)self; 416 struct ifnet *ifp = &sc->sc_ic.ic_if; 417 int s; 418 419 s = splnet(); 420 421 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 422 uath_close_pipes(sc); 423 splx(s); 424 return 0; 425 } 426 427 /* post-firmware device */ 428 429 usb_rem_task(sc->sc_udev, &sc->sc_task); 430 if (timeout_initialized(&sc->scan_to)) 431 timeout_del(&sc->scan_to); 432 if (timeout_initialized(&sc->stat_to)) 433 timeout_del(&sc->stat_to); 434 435 /* close Tx/Rx pipes */ 436 uath_close_pipes(sc); 437 438 /* free xfers */ 439 uath_free_tx_data_list(sc); 440 uath_free_rx_data_list(sc); 441 uath_free_tx_cmd_list(sc); 442 uath_free_rx_cmd_list(sc); 443 444 if (ifp->if_softc != NULL) { 445 ieee80211_ifdetach(ifp); /* free all nodes */ 446 if_detach(ifp); 447 } 448 449 splx(s); 450 451 return 0; 452 } 453 454 int 455 uath_open_pipes(struct uath_softc *sc) 456 { 457 int error; 458 459 /* 460 * XXX pipes numbers are hardcoded because we don't have any way 461 * to distinguish the data pipes from the firmware command pipes 462 * (both are bulk pipes) using the endpoints descriptors. 463 */ 464 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 465 &sc->cmd_tx_pipe); 466 if (error != 0) { 467 printf("%s: could not open Tx command pipe: %s\n", 468 sc->sc_dev.dv_xname, usbd_errstr(error)); 469 goto fail; 470 } 471 472 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 473 &sc->data_tx_pipe); 474 if (error != 0) { 475 printf("%s: could not open Tx data pipe: %s\n", 476 sc->sc_dev.dv_xname, usbd_errstr(error)); 477 goto fail; 478 } 479 480 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 481 &sc->cmd_rx_pipe); 482 if (error != 0) { 483 printf("%s: could not open Rx command pipe: %s\n", 484 sc->sc_dev.dv_xname, usbd_errstr(error)); 485 goto fail; 486 } 487 488 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 489 &sc->data_rx_pipe); 490 if (error != 0) { 491 printf("%s: could not open Rx data pipe: %s\n", 492 sc->sc_dev.dv_xname, usbd_errstr(error)); 493 goto fail; 494 } 495 496 return 0; 497 498 fail: uath_close_pipes(sc); 499 return error; 500 } 501 502 void 503 uath_close_pipes(struct uath_softc *sc) 504 { 505 if (sc->data_tx_pipe != NULL) { 506 usbd_close_pipe(sc->data_tx_pipe); 507 sc->data_tx_pipe = NULL; 508 } 509 510 if (sc->data_rx_pipe != NULL) { 511 usbd_close_pipe(sc->data_rx_pipe); 512 sc->data_rx_pipe = NULL; 513 } 514 515 if (sc->cmd_tx_pipe != NULL) { 516 usbd_close_pipe(sc->cmd_tx_pipe); 517 sc->cmd_tx_pipe = NULL; 518 } 519 520 if (sc->cmd_rx_pipe != NULL) { 521 usbd_close_pipe(sc->cmd_rx_pipe); 522 sc->cmd_rx_pipe = NULL; 523 } 524 } 525 526 int 527 uath_alloc_tx_data_list(struct uath_softc *sc) 528 { 529 int i, error; 530 531 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 532 struct uath_tx_data *data = &sc->tx_data[i]; 533 534 data->sc = sc; /* backpointer for callbacks */ 535 536 data->xfer = usbd_alloc_xfer(sc->sc_udev); 537 if (data->xfer == NULL) { 538 printf("%s: could not allocate xfer\n", 539 sc->sc_dev.dv_xname); 540 error = ENOMEM; 541 goto fail; 542 } 543 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 544 if (data->buf == NULL) { 545 printf("%s: could not allocate xfer buffer\n", 546 sc->sc_dev.dv_xname); 547 error = ENOMEM; 548 goto fail; 549 } 550 } 551 return 0; 552 553 fail: uath_free_tx_data_list(sc); 554 return error; 555 } 556 557 void 558 uath_free_tx_data_list(struct uath_softc *sc) 559 { 560 int i; 561 562 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 563 if (sc->tx_data[i].xfer != NULL) { 564 usbd_free_xfer(sc->tx_data[i].xfer); 565 sc->tx_data[i].xfer = NULL; 566 } 567 } 568 569 int 570 uath_alloc_rx_data_list(struct uath_softc *sc) 571 { 572 int i, error; 573 574 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 575 struct uath_rx_data *data = &sc->rx_data[i]; 576 577 data->sc = sc; /* backpointer for callbacks */ 578 579 data->xfer = usbd_alloc_xfer(sc->sc_udev); 580 if (data->xfer == NULL) { 581 printf("%s: could not allocate xfer\n", 582 sc->sc_dev.dv_xname); 583 error = ENOMEM; 584 goto fail; 585 } 586 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 587 printf("%s: could not allocate xfer buffer\n", 588 sc->sc_dev.dv_xname); 589 error = ENOMEM; 590 goto fail; 591 } 592 593 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 594 if (data->m == NULL) { 595 printf("%s: could not allocate rx mbuf\n", 596 sc->sc_dev.dv_xname); 597 error = ENOMEM; 598 goto fail; 599 } 600 MCLGET(data->m, M_DONTWAIT); 601 if (!(data->m->m_flags & M_EXT)) { 602 printf("%s: could not allocate rx mbuf cluster\n", 603 sc->sc_dev.dv_xname); 604 error = ENOMEM; 605 goto fail; 606 } 607 608 data->buf = mtod(data->m, uint8_t *); 609 } 610 return 0; 611 612 fail: uath_free_rx_data_list(sc); 613 return error; 614 } 615 616 void 617 uath_free_rx_data_list(struct uath_softc *sc) 618 { 619 int i; 620 621 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 622 struct uath_rx_data *data = &sc->rx_data[i]; 623 624 if (data->xfer != NULL) { 625 usbd_free_xfer(data->xfer); 626 data->xfer = NULL; 627 } 628 629 if (data->m != NULL) { 630 m_freem(data->m); 631 data->m = NULL; 632 } 633 } 634 } 635 636 int 637 uath_alloc_tx_cmd_list(struct uath_softc *sc) 638 { 639 int i, error; 640 641 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 642 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 643 644 cmd->sc = sc; /* backpointer for callbacks */ 645 646 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 647 if (cmd->xfer == NULL) { 648 printf("%s: could not allocate xfer\n", 649 sc->sc_dev.dv_xname); 650 error = ENOMEM; 651 goto fail; 652 } 653 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 654 if (cmd->buf == NULL) { 655 printf("%s: could not allocate xfer buffer\n", 656 sc->sc_dev.dv_xname); 657 error = ENOMEM; 658 goto fail; 659 } 660 } 661 return 0; 662 663 fail: uath_free_tx_cmd_list(sc); 664 return error; 665 } 666 667 void 668 uath_free_tx_cmd_list(struct uath_softc *sc) 669 { 670 int i; 671 672 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 673 if (sc->tx_cmd[i].xfer != NULL) { 674 usbd_free_xfer(sc->tx_cmd[i].xfer); 675 sc->tx_cmd[i].xfer = NULL; 676 } 677 } 678 679 int 680 uath_alloc_rx_cmd_list(struct uath_softc *sc) 681 { 682 int i, error; 683 684 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 685 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 686 687 cmd->sc = sc; /* backpointer for callbacks */ 688 689 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 690 if (cmd->xfer == NULL) { 691 printf("%s: could not allocate xfer\n", 692 sc->sc_dev.dv_xname); 693 error = ENOMEM; 694 goto fail; 695 } 696 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 697 if (cmd->buf == NULL) { 698 printf("%s: could not allocate xfer buffer\n", 699 sc->sc_dev.dv_xname); 700 error = ENOMEM; 701 goto fail; 702 } 703 } 704 return 0; 705 706 fail: uath_free_rx_cmd_list(sc); 707 return error; 708 } 709 710 void 711 uath_free_rx_cmd_list(struct uath_softc *sc) 712 { 713 int i; 714 715 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 716 if (sc->rx_cmd[i].xfer != NULL) { 717 usbd_free_xfer(sc->rx_cmd[i].xfer); 718 sc->rx_cmd[i].xfer = NULL; 719 } 720 } 721 722 int 723 uath_media_change(struct ifnet *ifp) 724 { 725 int error; 726 727 error = ieee80211_media_change(ifp); 728 if (error != ENETRESET) 729 return error; 730 731 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 732 uath_init(ifp); 733 734 return 0; 735 } 736 737 /* 738 * This function is called periodically (every second) when associated to 739 * query device statistics. 740 */ 741 void 742 uath_stat(void *arg) 743 { 744 struct uath_softc *sc = arg; 745 int error; 746 747 /* 748 * Send request for statistics asynchronously. The timer will be 749 * restarted when we'll get the stats notification. 750 */ 751 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 752 UATH_CMD_FLAG_ASYNC); 753 if (error != 0) { 754 printf("%s: could not query statistics (error=%d)\n", 755 sc->sc_dev.dv_xname, error); 756 } 757 } 758 759 /* 760 * This function is called periodically (every 250ms) during scanning to 761 * switch from one channel to another. 762 */ 763 void 764 uath_next_scan(void *arg) 765 { 766 struct uath_softc *sc = arg; 767 struct ieee80211com *ic = &sc->sc_ic; 768 struct ifnet *ifp = &ic->ic_if; 769 770 if (ic->ic_state == IEEE80211_S_SCAN) 771 ieee80211_next_scan(ifp); 772 } 773 774 void 775 uath_task(void *arg) 776 { 777 struct uath_softc *sc = arg; 778 struct ieee80211com *ic = &sc->sc_ic; 779 enum ieee80211_state ostate; 780 781 ostate = ic->ic_state; 782 783 switch (sc->sc_state) { 784 case IEEE80211_S_INIT: 785 if (ostate == IEEE80211_S_RUN) { 786 /* turn link and activity LEDs off */ 787 (void)uath_set_led(sc, UATH_LED_LINK, 0); 788 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 789 } 790 break; 791 792 case IEEE80211_S_SCAN: 793 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 794 printf("%s: could not switch channel\n", 795 sc->sc_dev.dv_xname); 796 break; 797 } 798 timeout_add_msec(&sc->scan_to, 250); 799 break; 800 801 case IEEE80211_S_AUTH: 802 { 803 struct ieee80211_node *ni = ic->ic_bss; 804 struct uath_cmd_bssid bssid; 805 struct uath_cmd_0b cmd0b; 806 struct uath_cmd_0c cmd0c; 807 808 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 809 printf("%s: could not switch channel\n", 810 sc->sc_dev.dv_xname); 811 break; 812 } 813 814 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 815 816 bzero(&bssid, sizeof bssid); 817 bssid.len = htobe32(IEEE80211_ADDR_LEN); 818 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 819 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 820 sizeof bssid, 0); 821 822 bzero(&cmd0b, sizeof cmd0b); 823 cmd0b.code = htobe32(2); 824 cmd0b.size = htobe32(sizeof (cmd0b.data)); 825 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 826 827 bzero(&cmd0c, sizeof cmd0c); 828 cmd0c.magic1 = htobe32(2); 829 cmd0c.magic2 = htobe32(7); 830 cmd0c.magic3 = htobe32(1); 831 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 832 833 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 834 printf("%s: could not set negotiated rate set\n", 835 sc->sc_dev.dv_xname); 836 break; 837 } 838 break; 839 } 840 841 case IEEE80211_S_ASSOC: 842 break; 843 844 case IEEE80211_S_RUN: 845 { 846 struct ieee80211_node *ni = ic->ic_bss; 847 struct uath_cmd_bssid bssid; 848 struct uath_cmd_xled xled; 849 uint32_t val; 850 851 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 852 /* make both LEDs blink while monitoring */ 853 bzero(&xled, sizeof xled); 854 xled.which = htobe32(0); 855 xled.rate = htobe32(1); 856 xled.mode = htobe32(2); 857 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 858 sizeof xled, 0); 859 break; 860 } 861 862 /* 863 * Tx rate is controlled by firmware, report the maximum 864 * negotiated rate in ifconfig output. 865 */ 866 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 867 868 val = htobe32(1); 869 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 870 871 bzero(&bssid, sizeof bssid); 872 bssid.flags1 = htobe32(0xc004); 873 bssid.flags2 = htobe32(0x003b); 874 bssid.len = htobe32(IEEE80211_ADDR_LEN); 875 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 876 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 877 sizeof bssid, 0); 878 879 /* turn link LED on */ 880 (void)uath_set_led(sc, UATH_LED_LINK, 1); 881 882 /* make activity LED blink */ 883 bzero(&xled, sizeof xled); 884 xled.which = htobe32(1); 885 xled.rate = htobe32(1); 886 xled.mode = htobe32(2); 887 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 888 0); 889 890 /* set state to associated */ 891 val = htobe32(1); 892 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 893 0); 894 895 /* start statistics timer */ 896 timeout_add_sec(&sc->stat_to, 1); 897 break; 898 } 899 } 900 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 901 } 902 903 int 904 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 905 { 906 struct uath_softc *sc = ic->ic_softc; 907 908 usb_rem_task(sc->sc_udev, &sc->sc_task); 909 timeout_del(&sc->scan_to); 910 timeout_del(&sc->stat_to); 911 912 /* do it in a process context */ 913 sc->sc_state = nstate; 914 sc->sc_arg = arg; 915 usb_add_task(sc->sc_udev, &sc->sc_task); 916 return 0; 917 } 918 919 #ifdef UATH_DEBUG 920 void 921 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 922 { 923 int i; 924 925 for (i = 0; i < len; i++) { 926 if ((i % 16) == 0) 927 printf("\n%c ", prefix); 928 else if ((i % 4) == 0) 929 printf(" "); 930 printf("%02x", buf[i]); 931 } 932 printf("\n"); 933 } 934 #endif 935 936 /* 937 * Low-level function to send read or write commands to the firmware. 938 */ 939 int 940 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 941 void *odata, int flags) 942 { 943 struct uath_cmd_hdr *hdr; 944 struct uath_tx_cmd *cmd; 945 uint16_t xferflags; 946 int s, xferlen, error; 947 948 /* grab a xfer */ 949 cmd = &sc->tx_cmd[sc->cmd_idx]; 950 951 /* always bulk-out a multiple of 4 bytes */ 952 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 953 954 hdr = (struct uath_cmd_hdr *)cmd->buf; 955 bzero(hdr, sizeof (struct uath_cmd_hdr)); 956 hdr->len = htobe32(xferlen); 957 hdr->code = htobe32(code); 958 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 959 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 960 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 961 962 #ifdef UATH_DEBUG 963 if (uath_debug >= 5) { 964 printf("sending command code=0x%02x flags=0x%x index=%u", 965 code, flags, sc->cmd_idx); 966 uath_dump_cmd(cmd->buf, xferlen, '+'); 967 } 968 #endif 969 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 970 if (!(flags & UATH_CMD_FLAG_READ)) { 971 if (!(flags & UATH_CMD_FLAG_ASYNC)) 972 xferflags |= USBD_SYNCHRONOUS; 973 } else 974 s = splusb(); 975 976 cmd->odata = odata; 977 978 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 979 xferflags, UATH_CMD_TIMEOUT, NULL); 980 error = usbd_transfer(cmd->xfer); 981 if (error != USBD_IN_PROGRESS && error != 0) { 982 if (flags & UATH_CMD_FLAG_READ) 983 splx(s); 984 printf("%s: could not send command 0x%x (error=%s)\n", 985 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 986 return error; 987 } 988 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 989 990 if (!(flags & UATH_CMD_FLAG_READ)) 991 return 0; /* write: don't wait for reply */ 992 993 /* wait at most two seconds for command reply */ 994 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 995 cmd->odata = NULL; /* in case answer is received too late */ 996 splx(s); 997 if (error != 0) { 998 printf("%s: timeout waiting for command reply\n", 999 sc->sc_dev.dv_xname); 1000 } 1001 return error; 1002 } 1003 1004 int 1005 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1006 int flags) 1007 { 1008 flags &= ~UATH_CMD_FLAG_READ; 1009 return uath_cmd(sc, code, data, len, NULL, flags); 1010 } 1011 1012 int 1013 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1014 int ilen, void *odata, int flags) 1015 { 1016 flags |= UATH_CMD_FLAG_READ; 1017 return uath_cmd(sc, code, idata, ilen, odata, flags); 1018 } 1019 1020 int 1021 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1022 { 1023 struct uath_write_mac write; 1024 int error; 1025 1026 write.reg = htobe32(reg); 1027 write.len = htobe32(0); /* 0 = single write */ 1028 *(uint32_t *)write.data = htobe32(val); 1029 1030 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1031 3 * sizeof (uint32_t), 0); 1032 if (error != 0) { 1033 printf("%s: could not write register 0x%02x\n", 1034 sc->sc_dev.dv_xname, reg); 1035 } 1036 return error; 1037 } 1038 1039 int 1040 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1041 int len) 1042 { 1043 struct uath_write_mac write; 1044 int error; 1045 1046 write.reg = htobe32(reg); 1047 write.len = htobe32(len); 1048 bcopy(data, write.data, len); 1049 1050 /* properly handle the case where len is zero (reset) */ 1051 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1052 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1053 if (error != 0) { 1054 printf("%s: could not write %d bytes to register 0x%02x\n", 1055 sc->sc_dev.dv_xname, len, reg); 1056 } 1057 return error; 1058 } 1059 1060 int 1061 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1062 { 1063 struct uath_read_mac read; 1064 int error; 1065 1066 reg = htobe32(reg); 1067 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1068 0); 1069 if (error != 0) { 1070 printf("%s: could not read register 0x%02x\n", 1071 sc->sc_dev.dv_xname, betoh32(reg)); 1072 return error; 1073 } 1074 *val = betoh32(*(uint32_t *)read.data); 1075 return error; 1076 } 1077 1078 int 1079 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1080 { 1081 struct uath_read_mac read; 1082 int len, error; 1083 1084 reg = htobe32(reg); 1085 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1086 &read, 0); 1087 if (error != 0) { 1088 printf("%s: could not read EEPROM offset 0x%02x\n", 1089 sc->sc_dev.dv_xname, betoh32(reg)); 1090 return error; 1091 } 1092 len = betoh32(read.len); 1093 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1094 return error; 1095 } 1096 1097 void 1098 uath_cmd_rxeof(struct usbd_xfer *xfer, void *priv, 1099 usbd_status status) 1100 { 1101 struct uath_rx_cmd *cmd = priv; 1102 struct uath_softc *sc = cmd->sc; 1103 struct uath_cmd_hdr *hdr; 1104 1105 if (status != USBD_NORMAL_COMPLETION) { 1106 if (status == USBD_STALLED) 1107 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1108 return; 1109 } 1110 1111 hdr = (struct uath_cmd_hdr *)cmd->buf; 1112 1113 #ifdef UATH_DEBUG 1114 if (uath_debug >= 5) { 1115 printf("received command code=0x%x index=%u len=%u", 1116 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1117 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1118 } 1119 #endif 1120 1121 switch (betoh32(hdr->code) & 0xff) { 1122 /* reply to a read command */ 1123 default: 1124 { 1125 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1126 1127 if (txcmd->odata != NULL) { 1128 /* copy answer into caller's supplied buffer */ 1129 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1130 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1131 } 1132 wakeup(txcmd); /* wake up caller */ 1133 break; 1134 } 1135 /* spontaneous firmware notifications */ 1136 case UATH_NOTIF_READY: 1137 DPRINTF(("received device ready notification\n")); 1138 wakeup(UATH_COND_INIT(sc)); 1139 break; 1140 1141 case UATH_NOTIF_TX: 1142 /* this notification is sent when UATH_TX_NOTIFY is set */ 1143 DPRINTF(("received Tx notification\n")); 1144 break; 1145 1146 case UATH_NOTIF_STATS: 1147 DPRINTFN(2, ("received device statistics\n")); 1148 timeout_add_sec(&sc->stat_to, 1); 1149 break; 1150 } 1151 1152 /* setup a new transfer */ 1153 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1154 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1155 uath_cmd_rxeof); 1156 (void)usbd_transfer(xfer); 1157 } 1158 1159 void 1160 uath_data_rxeof(struct usbd_xfer *xfer, void *priv, 1161 usbd_status status) 1162 { 1163 struct uath_rx_data *data = priv; 1164 struct uath_softc *sc = data->sc; 1165 struct ieee80211com *ic = &sc->sc_ic; 1166 struct ifnet *ifp = &ic->ic_if; 1167 struct ieee80211_frame *wh; 1168 struct ieee80211_rxinfo rxi; 1169 struct ieee80211_node *ni; 1170 struct uath_rx_desc *desc; 1171 struct mbuf *mnew, *m; 1172 uint32_t hdr; 1173 int s, len; 1174 1175 if (status != USBD_NORMAL_COMPLETION) { 1176 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1177 return; 1178 1179 if (status == USBD_STALLED) 1180 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1181 1182 ifp->if_ierrors++; 1183 return; 1184 } 1185 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1186 1187 if (len < UATH_MIN_RXBUFSZ) { 1188 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1189 ifp->if_ierrors++; 1190 goto skip; 1191 } 1192 1193 hdr = betoh32(*(uint32_t *)data->buf); 1194 1195 /* Rx descriptor is located at the end, 32-bit aligned */ 1196 desc = (struct uath_rx_desc *) 1197 (data->buf + len - sizeof (struct uath_rx_desc)); 1198 1199 if (betoh32(desc->len) > sc->rxbufsz) { 1200 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1201 ifp->if_ierrors++; 1202 goto skip; 1203 } 1204 1205 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1206 1207 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1208 if (mnew == NULL) { 1209 printf("%s: could not allocate rx mbuf\n", 1210 sc->sc_dev.dv_xname); 1211 ifp->if_ierrors++; 1212 goto skip; 1213 } 1214 MCLGET(mnew, M_DONTWAIT); 1215 if (!(mnew->m_flags & M_EXT)) { 1216 printf("%s: could not allocate rx mbuf cluster\n", 1217 sc->sc_dev.dv_xname); 1218 m_freem(mnew); 1219 ifp->if_ierrors++; 1220 goto skip; 1221 } 1222 1223 m = data->m; 1224 data->m = mnew; 1225 1226 /* finalize mbuf */ 1227 m->m_data = data->buf + sizeof (uint32_t); 1228 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1229 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1230 1231 data->buf = mtod(data->m, uint8_t *); 1232 1233 wh = mtod(m, struct ieee80211_frame *); 1234 rxi.rxi_flags = 0; 1235 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1236 ic->ic_opmode != IEEE80211_M_MONITOR) { 1237 /* 1238 * Hardware decrypts the frame itself but leaves the WEP bit 1239 * set in the 802.11 header and doesn't remove the IV and CRC 1240 * fields. 1241 */ 1242 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1243 memmove((caddr_t)wh + IEEE80211_WEP_IVLEN + 1244 IEEE80211_WEP_KIDLEN, wh, sizeof (struct ieee80211_frame)); 1245 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1246 m_adj(m, -IEEE80211_WEP_CRCLEN); 1247 wh = mtod(m, struct ieee80211_frame *); 1248 1249 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1250 } 1251 1252 #if NBPFILTER > 0 1253 /* there are a lot more fields in the Rx descriptor */ 1254 if (sc->sc_drvbpf != NULL) { 1255 struct mbuf mb; 1256 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1257 1258 tap->wr_flags = 0; 1259 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1260 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1261 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1262 1263 mb.m_data = (caddr_t)tap; 1264 mb.m_len = sc->sc_rxtap_len; 1265 mb.m_next = m; 1266 mb.m_nextpkt = NULL; 1267 mb.m_type = 0; 1268 mb.m_flags = 0; 1269 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1270 } 1271 #endif 1272 1273 s = splnet(); 1274 ni = ieee80211_find_rxnode(ic, wh); 1275 rxi.rxi_rssi = (int)betoh32(desc->rssi); 1276 rxi.rxi_tstamp = 0; /* unused */ 1277 ieee80211_input(ifp, m, ni, &rxi); 1278 1279 /* node is no longer needed */ 1280 ieee80211_release_node(ic, ni); 1281 splx(s); 1282 1283 skip: /* setup a new transfer */ 1284 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1285 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1286 (void)usbd_transfer(data->xfer); 1287 } 1288 1289 int 1290 uath_tx_null(struct uath_softc *sc) 1291 { 1292 struct uath_tx_data *data; 1293 struct uath_tx_desc *desc; 1294 1295 data = &sc->tx_data[sc->data_idx]; 1296 1297 data->ni = NULL; 1298 1299 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1300 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1301 1302 bzero(desc, sizeof (struct uath_tx_desc)); 1303 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1304 desc->type = htobe32(UATH_TX_NULL); 1305 1306 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1307 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1308 USBD_FORCE_SHORT_XFER | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 1309 if (usbd_transfer(data->xfer) != 0) 1310 return EIO; 1311 1312 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1313 1314 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1315 } 1316 1317 void 1318 uath_data_txeof(struct usbd_xfer *xfer, void *priv, 1319 usbd_status status) 1320 { 1321 struct uath_tx_data *data = priv; 1322 struct uath_softc *sc = data->sc; 1323 struct ieee80211com *ic = &sc->sc_ic; 1324 struct ifnet *ifp = &ic->ic_if; 1325 int s; 1326 1327 if (status != USBD_NORMAL_COMPLETION) { 1328 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1329 return; 1330 1331 printf("%s: could not transmit buffer: %s\n", 1332 sc->sc_dev.dv_xname, usbd_errstr(status)); 1333 1334 if (status == USBD_STALLED) 1335 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1336 1337 ifp->if_oerrors++; 1338 return; 1339 } 1340 1341 s = splnet(); 1342 1343 ieee80211_release_node(ic, data->ni); 1344 data->ni = NULL; 1345 1346 sc->tx_queued--; 1347 ifp->if_opackets++; 1348 1349 sc->sc_tx_timer = 0; 1350 ifp->if_flags &= ~IFF_OACTIVE; 1351 uath_start(ifp); 1352 1353 splx(s); 1354 } 1355 1356 int 1357 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1358 { 1359 struct ieee80211com *ic = &sc->sc_ic; 1360 struct uath_tx_data *data; 1361 struct uath_tx_desc *desc; 1362 const struct ieee80211_frame *wh; 1363 int paylen, totlen, xferlen, error; 1364 1365 data = &sc->tx_data[sc->data_idx]; 1366 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1367 1368 data->ni = ni; 1369 1370 #if NBPFILTER > 0 1371 if (sc->sc_drvbpf != NULL) { 1372 struct mbuf mb; 1373 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1374 1375 tap->wt_flags = 0; 1376 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1377 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1378 1379 mb.m_data = (caddr_t)tap; 1380 mb.m_len = sc->sc_txtap_len; 1381 mb.m_next = m0; 1382 mb.m_nextpkt = NULL; 1383 mb.m_type = 0; 1384 mb.m_flags = 0; 1385 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1386 } 1387 #endif 1388 1389 paylen = m0->m_pkthdr.len; 1390 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1391 1392 wh = mtod(m0, struct ieee80211_frame *); 1393 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1394 uint8_t *frm = (uint8_t *)(desc + 1); 1395 uint32_t iv; 1396 1397 /* h/w WEP: it's up to the host to fill the IV field */ 1398 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1399 frm += sizeof (struct ieee80211_frame); 1400 1401 /* insert IV: code copied from net80211 */ 1402 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1403 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1404 iv += 0x000100; 1405 ic->ic_iv = iv + 1; 1406 1407 *frm++ = iv & 0xff; 1408 *frm++ = (iv >> 8) & 0xff; 1409 *frm++ = (iv >> 16) & 0xff; 1410 *frm++ = ic->ic_wep_txkey << 6; 1411 1412 m_copydata(m0, sizeof (struct ieee80211_frame), 1413 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1414 1415 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1416 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1417 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1418 } else { 1419 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1420 totlen = xferlen; 1421 } 1422 1423 /* fill Tx descriptor */ 1424 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1425 1426 desc->len = htobe32(totlen); 1427 desc->priv = sc->data_idx; /* don't care about endianness */ 1428 desc->paylen = htobe32(paylen); 1429 desc->type = htobe32(UATH_TX_DATA); 1430 desc->flags = htobe32(0); 1431 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1432 desc->dest = htobe32(UATH_ID_BROADCAST); 1433 desc->magic = htobe32(3); 1434 } else { 1435 desc->dest = htobe32(UATH_ID_BSS); 1436 desc->magic = htobe32(1); 1437 } 1438 1439 m_freem(m0); /* mbuf is no longer needed */ 1440 1441 #ifdef UATH_DEBUG 1442 if (uath_debug >= 6) { 1443 printf("sending frame index=%u len=%d xferlen=%d", 1444 sc->data_idx, paylen, xferlen); 1445 uath_dump_cmd(data->buf, xferlen, '+'); 1446 } 1447 #endif 1448 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1449 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1450 uath_data_txeof); 1451 error = usbd_transfer(data->xfer); 1452 if (error != USBD_IN_PROGRESS && error != 0) { 1453 ic->ic_if.if_oerrors++; 1454 return error; 1455 } 1456 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1457 sc->tx_queued++; 1458 1459 return 0; 1460 } 1461 1462 void 1463 uath_start(struct ifnet *ifp) 1464 { 1465 struct uath_softc *sc = ifp->if_softc; 1466 struct ieee80211com *ic = &sc->sc_ic; 1467 struct ieee80211_node *ni; 1468 struct mbuf *m0; 1469 1470 /* 1471 * net80211 may still try to send management frames even if the 1472 * IFF_RUNNING flag is not set... 1473 */ 1474 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1475 return; 1476 1477 for (;;) { 1478 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1479 ifp->if_flags |= IFF_OACTIVE; 1480 break; 1481 } 1482 1483 m0 = mq_dequeue(&ic->ic_mgtq); 1484 if (m0 != NULL) { 1485 ni = m0->m_pkthdr.ph_cookie; 1486 #if NBPFILTER > 0 1487 if (ic->ic_rawbpf != NULL) 1488 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1489 #endif 1490 if (uath_tx_data(sc, m0, ni) != 0) 1491 break; 1492 } else { 1493 if (ic->ic_state != IEEE80211_S_RUN) 1494 break; 1495 1496 IFQ_DEQUEUE(&ifp->if_snd, m0); 1497 if (m0 == NULL) 1498 break; 1499 #if NBPFILTER > 0 1500 if (ifp->if_bpf != NULL) 1501 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1502 #endif 1503 m0 = ieee80211_encap(ifp, m0, &ni); 1504 if (m0 == NULL) 1505 continue; 1506 #if NBPFILTER > 0 1507 if (ic->ic_rawbpf != NULL) 1508 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1509 #endif 1510 if (uath_tx_data(sc, m0, ni) != 0) { 1511 if (ni != NULL) 1512 ieee80211_release_node(ic, ni); 1513 ifp->if_oerrors++; 1514 break; 1515 } 1516 } 1517 1518 sc->sc_tx_timer = 5; 1519 ifp->if_timer = 1; 1520 } 1521 } 1522 1523 void 1524 uath_watchdog(struct ifnet *ifp) 1525 { 1526 struct uath_softc *sc = ifp->if_softc; 1527 1528 ifp->if_timer = 0; 1529 1530 if (sc->sc_tx_timer > 0) { 1531 if (--sc->sc_tx_timer == 0) { 1532 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1533 /*uath_init(ifp); XXX needs a process context! */ 1534 ifp->if_oerrors++; 1535 return; 1536 } 1537 ifp->if_timer = 1; 1538 } 1539 1540 ieee80211_watchdog(ifp); 1541 } 1542 1543 int 1544 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1545 { 1546 struct uath_softc *sc = ifp->if_softc; 1547 struct ieee80211com *ic = &sc->sc_ic; 1548 struct ifreq *ifr; 1549 int s, error = 0; 1550 1551 s = splnet(); 1552 1553 switch (cmd) { 1554 case SIOCSIFADDR: 1555 ifp->if_flags |= IFF_UP; 1556 /* FALLTHROUGH */ 1557 case SIOCSIFFLAGS: 1558 if (ifp->if_flags & IFF_UP) { 1559 if (!(ifp->if_flags & IFF_RUNNING)) 1560 uath_init(ifp); 1561 } else { 1562 if (ifp->if_flags & IFF_RUNNING) 1563 uath_stop(ifp, 1); 1564 } 1565 break; 1566 1567 case SIOCADDMULTI: 1568 case SIOCDELMULTI: 1569 ifr = (struct ifreq *)data; 1570 error = (cmd == SIOCADDMULTI) ? 1571 ether_addmulti(ifr, &ic->ic_ac) : 1572 ether_delmulti(ifr, &ic->ic_ac); 1573 if (error == ENETRESET) 1574 error = 0; 1575 break; 1576 1577 default: 1578 error = ieee80211_ioctl(ifp, cmd, data); 1579 } 1580 1581 if (error == ENETRESET) { 1582 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1583 (IFF_UP | IFF_RUNNING)) 1584 uath_init(ifp); 1585 error = 0; 1586 } 1587 1588 splx(s); 1589 1590 return error; 1591 } 1592 1593 int 1594 uath_query_eeprom(struct uath_softc *sc) 1595 { 1596 uint32_t tmp; 1597 int error; 1598 1599 /* retrieve MAC address */ 1600 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1601 if (error != 0) { 1602 printf("%s: could not read MAC address\n", 1603 sc->sc_dev.dv_xname); 1604 return error; 1605 } 1606 1607 /* retrieve the maximum frame size that the hardware can receive */ 1608 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1609 if (error != 0) { 1610 printf("%s: could not read maximum Rx buffer size\n", 1611 sc->sc_dev.dv_xname); 1612 return error; 1613 } 1614 sc->rxbufsz = betoh32(tmp) & 0xfff; 1615 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1616 return 0; 1617 } 1618 1619 int 1620 uath_reset(struct uath_softc *sc) 1621 { 1622 struct uath_cmd_setup setup; 1623 uint32_t reg, val; 1624 int s, error; 1625 1626 /* init device with some voodoo incantations.. */ 1627 setup.magic1 = htobe32(1); 1628 setup.magic2 = htobe32(5); 1629 setup.magic3 = htobe32(200); 1630 setup.magic4 = htobe32(27); 1631 s = splusb(); 1632 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1633 UATH_CMD_FLAG_ASYNC); 1634 /* ..and wait until firmware notifies us that it is ready */ 1635 if (error == 0) 1636 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1637 splx(s); 1638 if (error != 0) 1639 return error; 1640 1641 /* read PHY registers */ 1642 for (reg = 0x09; reg <= 0x24; reg++) { 1643 if (reg == 0x0b || reg == 0x0c) 1644 continue; 1645 DELAY(100); 1646 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1647 return error; 1648 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1649 } 1650 return error; 1651 } 1652 1653 int 1654 uath_reset_tx_queues(struct uath_softc *sc) 1655 { 1656 int ac, error; 1657 1658 for (ac = 0; ac < 4; ac++) { 1659 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1660 1661 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1662 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1663 sizeof qid, 0); 1664 if (error != 0) 1665 break; 1666 } 1667 return error; 1668 } 1669 1670 int 1671 uath_wme_init(struct uath_softc *sc) 1672 { 1673 struct uath_qinfo qinfo; 1674 int ac, error; 1675 static const struct uath_wme_settings uath_wme_11g[4] = { 1676 { 7, 4, 10, 0, 0 }, /* Background */ 1677 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1678 { 3, 3, 4, 26, 0 }, /* Video */ 1679 { 2, 2, 3, 47, 0 } /* Voice */ 1680 }; 1681 1682 bzero(&qinfo, sizeof qinfo); 1683 qinfo.size = htobe32(32); 1684 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1685 qinfo.magic2 = htobe32(1); 1686 for (ac = 0; ac < 4; ac++) { 1687 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1688 qinfo.ac = htobe32(ac); 1689 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1690 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1691 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1692 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1693 uath_wme_11g[ac].txop)); 1694 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1695 1696 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1697 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1698 sizeof qinfo, 0); 1699 if (error != 0) 1700 break; 1701 } 1702 return error; 1703 } 1704 1705 int 1706 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1707 { 1708 struct uath_set_chan chan; 1709 1710 bzero(&chan, sizeof chan); 1711 chan.flags = htobe32(0x1400); 1712 chan.freq = htobe32(c->ic_freq); 1713 chan.magic1 = htobe32(20); 1714 chan.magic2 = htobe32(50); 1715 chan.magic3 = htobe32(1); 1716 1717 DPRINTF(("switching to channel %d\n", 1718 ieee80211_chan2ieee(&sc->sc_ic, c))); 1719 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1720 } 1721 1722 int 1723 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *k, int index) 1724 { 1725 struct uath_cmd_crypto crypto; 1726 int i; 1727 1728 bzero(&crypto, sizeof crypto); 1729 crypto.keyidx = htobe32(index); 1730 crypto.magic1 = htobe32(1); 1731 crypto.size = htobe32(368); 1732 crypto.mask = htobe32(0xffff); 1733 crypto.flags = htobe32(0x80000068); 1734 if (index != UATH_DEFAULT_KEY) 1735 crypto.flags |= htobe32(index << 16); 1736 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1737 1738 /* 1739 * Each byte of the key must be XOR'ed with 10101010 before being 1740 * transmitted to the firmware. 1741 */ 1742 for (i = 0; i < k->k_len; i++) 1743 crypto.key[i] = k->k_key[i] ^ 0xaa; 1744 1745 DPRINTF(("setting crypto key index=%d len=%d\n", index, k->k_len)); 1746 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1747 } 1748 1749 int 1750 uath_set_keys(struct uath_softc *sc) 1751 { 1752 const struct ieee80211com *ic = &sc->sc_ic; 1753 int i, error; 1754 1755 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1756 const struct ieee80211_key *k = &ic->ic_nw_keys[i]; 1757 1758 if (k->k_len > 0 && (error = uath_set_key(sc, k, i)) != 0) 1759 return error; 1760 } 1761 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1762 UATH_DEFAULT_KEY); 1763 } 1764 1765 int 1766 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1767 { 1768 struct uath_cmd_rates rates; 1769 1770 bzero(&rates, sizeof rates); 1771 rates.magic1 = htobe32(0x02); 1772 rates.size = htobe32(1 + sizeof rates.rates); 1773 rates.nrates = rs->rs_nrates; 1774 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1775 1776 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1777 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1778 } 1779 1780 int 1781 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1782 { 1783 struct uath_cmd_filter rxfilter; 1784 1785 rxfilter.filter = htobe32(filter); 1786 rxfilter.flags = htobe32(flags); 1787 1788 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1789 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1790 sizeof rxfilter, 0); 1791 } 1792 1793 int 1794 uath_set_led(struct uath_softc *sc, int which, int on) 1795 { 1796 struct uath_cmd_led led; 1797 1798 led.which = htobe32(which); 1799 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1800 1801 DPRINTFN(2, ("switching %s led %s\n", 1802 (which == UATH_LED_LINK) ? "link" : "activity", 1803 on ? "on" : "off")); 1804 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1805 } 1806 1807 int 1808 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1809 { 1810 uint32_t val; 1811 int error; 1812 1813 /* set radio frequency */ 1814 if ((error = uath_set_chan(sc, c)) != 0) { 1815 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1816 return error; 1817 } 1818 1819 /* reset Tx rings */ 1820 if ((error = uath_reset_tx_queues(sc)) != 0) { 1821 printf("%s: could not reset Tx queues\n", 1822 sc->sc_dev.dv_xname); 1823 return error; 1824 } 1825 1826 /* set Tx rings WME properties */ 1827 if ((error = uath_wme_init(sc)) != 0) { 1828 printf("%s: could not init Tx queues\n", 1829 sc->sc_dev.dv_xname); 1830 return error; 1831 } 1832 1833 val = htobe32(0); 1834 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1835 if (error != 0) { 1836 printf("%s: could not set state\n", sc->sc_dev.dv_xname); 1837 return error; 1838 } 1839 1840 return uath_tx_null(sc); 1841 } 1842 1843 int 1844 uath_init(struct ifnet *ifp) 1845 { 1846 struct uath_softc *sc = ifp->if_softc; 1847 struct ieee80211com *ic = &sc->sc_ic; 1848 struct uath_cmd_31 cmd31; 1849 uint32_t val; 1850 int i, error; 1851 1852 /* reset data and command rings */ 1853 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1854 1855 val = htobe32(0); 1856 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1857 1858 /* set MAC address */ 1859 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1860 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1861 1862 (void)uath_write_reg(sc, 0x02, 0x00000001); 1863 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1864 (void)uath_write_reg(sc, 0x10, 0x00000001); 1865 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1866 1867 /* 1868 * Queue Rx data xfers. 1869 */ 1870 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1871 struct uath_rx_data *data = &sc->rx_data[i]; 1872 1873 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1874 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1875 uath_data_rxeof); 1876 error = usbd_transfer(data->xfer); 1877 if (error != USBD_IN_PROGRESS && error != 0) { 1878 printf("%s: could not queue Rx transfer\n", 1879 sc->sc_dev.dv_xname); 1880 goto fail; 1881 } 1882 } 1883 1884 error = uath_cmd_read(sc, UATH_CMD_07, NULL, 0, &val, 1885 UATH_CMD_FLAG_MAGIC); 1886 if (error != 0) { 1887 printf("%s: could not send read command 07h\n", 1888 sc->sc_dev.dv_xname); 1889 goto fail; 1890 } 1891 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1892 1893 /* set default channel */ 1894 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1895 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1896 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1897 goto fail; 1898 } 1899 1900 if ((error = uath_wme_init(sc)) != 0) { 1901 printf("%s: could not setup WME parameters\n", 1902 sc->sc_dev.dv_xname); 1903 goto fail; 1904 } 1905 1906 /* init MAC registers */ 1907 (void)uath_write_reg(sc, 0x19, 0x00000000); 1908 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1909 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1910 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1911 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1912 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1913 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1914 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1915 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1916 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1917 1918 val = htobe32(4); 1919 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1920 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1921 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1922 1923 if ((error = uath_set_keys(sc)) != 0) { 1924 printf("%s: could not set crypto keys\n", 1925 sc->sc_dev.dv_xname); 1926 goto fail; 1927 } 1928 1929 /* enable Rx */ 1930 (void)uath_set_rxfilter(sc, 0x0000, 4); 1931 (void)uath_set_rxfilter(sc, 0x0817, 1); 1932 1933 cmd31.magic1 = htobe32(0xffffffff); 1934 cmd31.magic2 = htobe32(0xffffffff); 1935 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1936 1937 ifp->if_flags &= ~IFF_OACTIVE; 1938 ifp->if_flags |= IFF_RUNNING; 1939 1940 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1941 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1942 else 1943 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1944 1945 return 0; 1946 1947 fail: uath_stop(ifp, 1); 1948 return error; 1949 } 1950 1951 void 1952 uath_stop(struct ifnet *ifp, int disable) 1953 { 1954 struct uath_softc *sc = ifp->if_softc; 1955 struct ieee80211com *ic = &sc->sc_ic; 1956 uint32_t val; 1957 int s; 1958 1959 s = splusb(); 1960 1961 sc->sc_tx_timer = 0; 1962 ifp->if_timer = 0; 1963 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1964 1965 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1966 1967 val = htobe32(0); 1968 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1969 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1970 1971 val = htobe32(0); 1972 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1973 1974 #if 0 1975 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1976 UATH_CMD_FLAG_MAGIC); 1977 #endif 1978 1979 /* abort any pending transfers */ 1980 usbd_abort_pipe(sc->data_tx_pipe); 1981 usbd_abort_pipe(sc->data_rx_pipe); 1982 usbd_abort_pipe(sc->cmd_tx_pipe); 1983 1984 splx(s); 1985 } 1986 1987 /* 1988 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 1989 * the device will detach itself from the bus and reattach later with a new 1990 * product Id (a la ezusb). XXX this could also be implemented in userland 1991 * through /dev/ugen. 1992 */ 1993 int 1994 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 1995 { 1996 struct usbd_xfer *ctlxfer, *txxfer, *rxxfer; 1997 struct uath_fwblock *txblock, *rxblock; 1998 uint8_t *txdata; 1999 int error = 0; 2000 2001 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2002 printf("%s: could not allocate Tx control xfer\n", 2003 sc->sc_dev.dv_xname); 2004 error = USBD_NOMEM; 2005 goto fail1; 2006 } 2007 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2008 if (txblock == NULL) { 2009 printf("%s: could not allocate Tx control block\n", 2010 sc->sc_dev.dv_xname); 2011 error = USBD_NOMEM; 2012 goto fail2; 2013 } 2014 2015 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2016 printf("%s: could not allocate Tx xfer\n", 2017 sc->sc_dev.dv_xname); 2018 error = USBD_NOMEM; 2019 goto fail2; 2020 } 2021 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2022 if (txdata == NULL) { 2023 printf("%s: could not allocate Tx buffer\n", 2024 sc->sc_dev.dv_xname); 2025 error = USBD_NOMEM; 2026 goto fail3; 2027 } 2028 2029 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2030 printf("%s: could not allocate Rx control xfer\n", 2031 sc->sc_dev.dv_xname); 2032 error = USBD_NOMEM; 2033 goto fail3; 2034 } 2035 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2036 if (rxblock == NULL) { 2037 printf("%s: could not allocate Rx control block\n", 2038 sc->sc_dev.dv_xname); 2039 error = USBD_NOMEM; 2040 goto fail4; 2041 } 2042 2043 bzero(txblock, sizeof (struct uath_fwblock)); 2044 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2045 txblock->total = htobe32(len); 2046 2047 while (len > 0) { 2048 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2049 2050 txblock->remain = htobe32(len - mlen); 2051 txblock->len = htobe32(mlen); 2052 2053 DPRINTF(("sending firmware block: %d bytes remaining\n", 2054 len - mlen)); 2055 2056 /* send firmware block meta-data */ 2057 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2058 sizeof (struct uath_fwblock), 2059 USBD_NO_COPY | USBD_SYNCHRONOUS, 2060 UATH_CMD_TIMEOUT, NULL); 2061 if ((error = usbd_transfer(ctlxfer)) != 0) { 2062 printf("%s: could not send firmware block info\n", 2063 sc->sc_dev.dv_xname); 2064 break; 2065 } 2066 2067 /* send firmware block data */ 2068 bcopy(fw, txdata, mlen); 2069 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2070 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 2071 if ((error = usbd_transfer(txxfer)) != 0) { 2072 printf("%s: could not send firmware block data\n", 2073 sc->sc_dev.dv_xname); 2074 break; 2075 } 2076 2077 /* wait for ack from firmware */ 2078 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2079 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2080 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_CMD_TIMEOUT, NULL); 2081 if ((error = usbd_transfer(rxxfer)) != 0) { 2082 printf("%s: could not read firmware answer\n", 2083 sc->sc_dev.dv_xname); 2084 break; 2085 } 2086 2087 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2088 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2089 fw += mlen; 2090 len -= mlen; 2091 } 2092 2093 fail4: usbd_free_xfer(rxxfer); 2094 fail3: usbd_free_xfer(txxfer); 2095 fail2: usbd_free_xfer(ctlxfer); 2096 fail1: return error; 2097 } 2098