1 /* $OpenBSD: if_uath.c,v 1.16 2007/01/02 14:43:50 claudio Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * http://www.atheros.com/pt/bulletins/AR5005UGBulletin.pdf 23 * http://www.atheros.com/pt/bulletins/AR5005UXBulletin.pdf 24 * 25 * IMPORTANT NOTICE: 26 * This driver was written without any documentation or support from Atheros 27 * Communications. It is based on a black-box analysis of the Windows binary 28 * driver. It handles both pre and post-firmware devices. 29 */ 30 31 #include "bpfilter.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/timeout.h> 42 #include <sys/conf.h> 43 #include <sys/device.h> 44 45 #include <machine/bus.h> 46 #include <machine/endian.h> 47 #include <machine/intr.h> 48 49 #if NBPFILTER > 0 50 #include <net/bpf.h> 51 #endif 52 #include <net/if.h> 53 #include <net/if_arp.h> 54 #include <net/if_dl.h> 55 #include <net/if_media.h> 56 #include <net/if_types.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #include <netinet/ip.h> 63 64 #include <net80211/ieee80211_var.h> 65 #include <net80211/ieee80211_radiotap.h> 66 67 #include <dev/rndvar.h> 68 #include <crypto/arc4.h> 69 70 #include <dev/usb/usb.h> 71 #include <dev/usb/usbdi.h> 72 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 73 #include <dev/usb/usbdi_util.h> 74 #include <dev/usb/usbdevs.h> 75 76 #include <dev/usb/if_uathreg.h> 77 #include <dev/usb/if_uathvar.h> 78 79 #ifdef USB_DEBUG 80 #define UATH_DEBUG 81 #endif 82 83 #ifdef UATH_DEBUG 84 #define DPRINTF(x) do { if (uath_debug) logprintf x; } while (0) 85 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) logprintf x; } while (0) 86 int uath_debug = 1; 87 #else 88 #define DPRINTF(x) 89 #define DPRINTFN(n, x) 90 #endif 91 92 /*- 93 * Various supported device vendors/products. 94 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 95 */ 96 #define UATH_DEV(v, p, f) \ 97 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 98 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 99 (f) | UATH_FLAG_PRE_FIRMWARE } 100 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 101 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 102 static const struct uath_type { 103 struct usb_devno dev; 104 unsigned int flags; 105 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 106 #define UATH_FLAG_ABG (1 << 1) 107 } uath_devs[] = { 108 UATH_DEV_UG(ATHEROS, AR5523), 109 UATH_DEV_UG(ATHEROS2, AR5523_1), 110 UATH_DEV_UG(ATHEROS2, AR5523_2), 111 UATH_DEV_UX(ATHEROS2, AR5523_3), 112 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 113 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 114 UATH_DEV_UX(DLINK, DWLAG122), 115 UATH_DEV_UX(DLINK, DWLAG132), 116 UATH_DEV_UG(DLINK, DWLG132), 117 UATH_DEV_UG(GIGASET, AR5523), 118 UATH_DEV_UG(GIGASET, SMCWUSBTG), 119 UATH_DEV_UG(GLOBALSUN, AR5523_1), 120 UATH_DEV_UX(GLOBALSUN, AR5523_2), 121 UATH_DEV_UX(NETGEAR, WG111U), 122 UATH_DEV_UG(NETGEAR3, WG111T), 123 UATH_DEV_UG(NETGEAR3, WPN111), 124 UATH_DEV_UG(UMEDIA, AR5523_1), 125 UATH_DEV_UX(UMEDIA, AR5523_2), 126 UATH_DEV_UG(UMEDIA, TEW444UBEU), 127 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 128 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 129 UATH_DEV_UG(ZCOM, AR5523) 130 }; 131 #define uath_lookup(v, p) \ 132 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 133 134 Static void uath_attachhook(void *); 135 Static int uath_open_pipes(struct uath_softc *); 136 Static void uath_close_pipes(struct uath_softc *); 137 Static int uath_alloc_tx_data_list(struct uath_softc *); 138 Static void uath_free_tx_data_list(struct uath_softc *); 139 Static int uath_alloc_rx_data_list(struct uath_softc *); 140 Static void uath_free_rx_data_list(struct uath_softc *); 141 Static void uath_free_rx_data(caddr_t, u_int, void *); 142 Static int uath_alloc_tx_cmd_list(struct uath_softc *); 143 Static void uath_free_tx_cmd_list(struct uath_softc *); 144 Static int uath_alloc_rx_cmd_list(struct uath_softc *); 145 Static void uath_free_rx_cmd_list(struct uath_softc *); 146 Static int uath_media_change(struct ifnet *); 147 Static void uath_stat(void *); 148 Static void uath_next_scan(void *); 149 Static void uath_task(void *); 150 Static int uath_newstate(struct ieee80211com *, enum ieee80211_state, 151 int); 152 #ifdef UATH_DEBUG 153 Static void uath_dump_cmd(const uint8_t *, int, char); 154 #endif 155 Static int uath_cmd(struct uath_softc *, uint32_t, const void *, int, 156 void *, int); 157 Static int uath_cmd_write(struct uath_softc *, uint32_t, const void *, 158 int, int); 159 Static int uath_cmd_read(struct uath_softc *, uint32_t, const void *, 160 int, void *, int); 161 Static int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 162 Static int uath_write_multi(struct uath_softc *, uint32_t, const void *, 163 int); 164 Static int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 165 Static int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 166 Static void uath_cmd_rxeof(usbd_xfer_handle, usbd_private_handle, 167 usbd_status); 168 Static void uath_data_rxeof(usbd_xfer_handle, usbd_private_handle, 169 usbd_status); 170 Static void uath_data_txeof(usbd_xfer_handle, usbd_private_handle, 171 usbd_status); 172 Static int uath_tx_null(struct uath_softc *); 173 Static int uath_tx_data(struct uath_softc *, struct mbuf *, 174 struct ieee80211_node *); 175 Static void uath_start(struct ifnet *); 176 Static void uath_watchdog(struct ifnet *); 177 Static int uath_ioctl(struct ifnet *, u_long, caddr_t); 178 Static int uath_query_eeprom(struct uath_softc *); 179 Static int uath_reset(struct uath_softc *); 180 Static int uath_reset_tx_queues(struct uath_softc *); 181 Static int uath_wme_init(struct uath_softc *); 182 Static int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 183 Static int uath_set_key(struct uath_softc *, 184 const struct ieee80211_wepkey *, int); 185 Static int uath_set_keys(struct uath_softc *); 186 Static int uath_set_rates(struct uath_softc *, 187 const struct ieee80211_rateset *); 188 Static int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 189 Static int uath_set_led(struct uath_softc *, int, int); 190 Static int uath_switch_channel(struct uath_softc *, 191 struct ieee80211_channel *); 192 Static int uath_init(struct ifnet *); 193 Static void uath_stop(struct ifnet *, int); 194 Static int uath_loadfirmware(struct uath_softc *, const u_char *, int); 195 Static int uath_activate(device_ptr_t, enum devact); 196 197 USB_DECLARE_DRIVER(uath); 198 199 USB_MATCH(uath) 200 { 201 USB_MATCH_START(uath, uaa); 202 203 if (uaa->iface != NULL) 204 return UMATCH_NONE; 205 206 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 207 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 208 } 209 210 Static void 211 uath_attachhook(void *xsc) 212 { 213 struct uath_softc *sc = xsc; 214 u_char *fw; 215 size_t size; 216 int error; 217 218 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 219 printf("%s: could not read firmware (error=%d)\n", 220 USBDEVNAME(sc->sc_dev), error); 221 return; 222 } 223 224 error = uath_loadfirmware(sc, fw, size); 225 free(fw, M_DEVBUF); 226 227 if (error == 0) { 228 usb_port_status_t status; 229 230 /* 231 * Hack alert: the device doesn't always gracefully detach 232 * from the bus after a firmware upload. We need to force 233 * a port reset and a re-exploration on the parent hub. 234 */ 235 usbd_reset_port(sc->sc_uhub, sc->sc_port, &status); 236 usb_needs_reattach(sc->sc_udev); 237 } else { 238 printf("%s: could not load firmware (error=%s)\n", 239 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 240 } 241 } 242 243 USB_ATTACH(uath) 244 { 245 USB_ATTACH_START(uath, sc, uaa); 246 struct ieee80211com *ic = &sc->sc_ic; 247 struct ifnet *ifp = &ic->ic_if; 248 usbd_status error; 249 char *devinfop; 250 int i; 251 252 sc->sc_udev = uaa->device; 253 sc->sc_uhub = uaa->device->myhub; 254 sc->sc_port = uaa->port; 255 256 devinfop = usbd_devinfo_alloc(uaa->device, 0); 257 USB_ATTACH_SETUP; 258 printf("%s: %s\n", USBDEVNAME(sc->sc_dev), devinfop); 259 usbd_devinfo_free(devinfop); 260 261 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 262 263 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 264 printf("%s: could not set configuration no\n", 265 USBDEVNAME(sc->sc_dev)); 266 USB_ATTACH_ERROR_RETURN; 267 } 268 269 /* get the first interface handle */ 270 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 271 &sc->sc_iface); 272 if (error != 0) { 273 printf("%s: could not get interface handle\n", 274 USBDEVNAME(sc->sc_dev)); 275 USB_ATTACH_ERROR_RETURN; 276 } 277 278 /* 279 * We must open the pipes early because they're used to upload the 280 * firmware (pre-firmware devices) or to send firmware commands. 281 */ 282 if (uath_open_pipes(sc) != 0) { 283 printf("%s: could not open pipes\n", USBDEVNAME(sc->sc_dev)); 284 USB_ATTACH_ERROR_RETURN; 285 } 286 287 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 288 if (rootvp == NULL) 289 mountroothook_establish(uath_attachhook, sc); 290 else 291 uath_attachhook(sc); 292 USB_ATTACH_SUCCESS_RETURN; 293 } 294 295 /* 296 * Only post-firmware devices here. 297 */ 298 usb_init_task(&sc->sc_task, uath_task, sc); 299 timeout_set(&sc->scan_to, uath_next_scan, sc); 300 timeout_set(&sc->stat_to, uath_stat, sc); 301 302 /* 303 * Allocate xfers for firmware commands. 304 */ 305 if (uath_alloc_tx_cmd_list(sc) != 0) { 306 printf("%s: could not allocate Tx command list\n", 307 USBDEVNAME(sc->sc_dev)); 308 goto fail1; 309 } 310 if (uath_alloc_rx_cmd_list(sc) != 0) { 311 printf("%s: could not allocate Rx command list\n", 312 USBDEVNAME(sc->sc_dev)); 313 goto fail2; 314 } 315 316 /* 317 * Queue Rx command xfers. 318 */ 319 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 320 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 321 322 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 323 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 324 USBD_NO_TIMEOUT, uath_cmd_rxeof); 325 error = usbd_transfer(cmd->xfer); 326 if (error != USBD_IN_PROGRESS && error != 0) { 327 printf("%s: could not queue Rx command xfer\n", 328 USBDEVNAME(sc->sc_dev)); 329 goto fail3; 330 } 331 } 332 333 /* 334 * We're now ready to send/receive firmware commands. 335 */ 336 if (uath_reset(sc) != 0) { 337 printf("%s: could not initialize adapter\n", 338 USBDEVNAME(sc->sc_dev)); 339 goto fail3; 340 } 341 if (uath_query_eeprom(sc) != 0) { 342 printf("%s: could not read EEPROM\n", USBDEVNAME(sc->sc_dev)); 343 goto fail3; 344 } 345 346 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 347 USBDEVNAME(sc->sc_dev), (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 348 ether_sprintf(ic->ic_myaddr)); 349 350 /* 351 * Allocate xfers for Tx/Rx data pipes. 352 */ 353 if (uath_alloc_tx_data_list(sc) != 0) { 354 printf("%s: could not allocate Tx data list\n", 355 USBDEVNAME(sc->sc_dev)); 356 goto fail3; 357 } 358 if (uath_alloc_rx_data_list(sc) != 0) { 359 printf("%s: could not allocate Rx data list\n", 360 USBDEVNAME(sc->sc_dev)); 361 goto fail4; 362 } 363 364 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 365 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 366 ic->ic_state = IEEE80211_S_INIT; 367 368 /* set device capabilities */ 369 ic->ic_caps = 370 IEEE80211_C_TXPMGT | /* tx power management */ 371 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 372 IEEE80211_C_SHSLOT | /* short slot time supported */ 373 IEEE80211_C_WEP; /* h/w WEP */ 374 375 /* set supported .11b and .11g rates */ 376 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 377 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 378 379 /* set supported .11b and .11g channels (1 through 14) */ 380 for (i = 1; i <= 14; i++) { 381 ic->ic_channels[i].ic_freq = 382 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 383 ic->ic_channels[i].ic_flags = 384 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 385 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 386 } 387 388 ifp->if_softc = sc; 389 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 390 ifp->if_init = uath_init; 391 ifp->if_ioctl = uath_ioctl; 392 ifp->if_start = uath_start; 393 ifp->if_watchdog = uath_watchdog; 394 IFQ_SET_READY(&ifp->if_snd); 395 memcpy(ifp->if_xname, USBDEVNAME(sc->sc_dev), IFNAMSIZ); 396 397 if_attach(ifp); 398 ieee80211_ifattach(ifp); 399 400 /* override state transition machine */ 401 sc->sc_newstate = ic->ic_newstate; 402 ic->ic_newstate = uath_newstate; 403 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 404 405 #if NBPFILTER > 0 406 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 407 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 408 409 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 410 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 411 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 412 413 sc->sc_txtap_len = sizeof sc->sc_txtapu; 414 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 415 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 416 #endif 417 418 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, 419 USBDEV(sc->sc_dev)); 420 421 USB_ATTACH_SUCCESS_RETURN; 422 423 fail4: uath_free_tx_data_list(sc); 424 fail3: uath_free_rx_cmd_list(sc); 425 fail2: uath_free_tx_cmd_list(sc); 426 fail1: uath_close_pipes(sc); 427 428 USB_ATTACH_ERROR_RETURN; 429 } 430 431 USB_DETACH(uath) 432 { 433 USB_DETACH_START(uath, sc); 434 struct ifnet *ifp = &sc->sc_ic.ic_if; 435 int s; 436 437 s = splnet(); 438 439 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 440 uath_close_pipes(sc); 441 splx(s); 442 return 0; 443 } 444 445 /* post-firmware device */ 446 447 usb_rem_task(sc->sc_udev, &sc->sc_task); 448 timeout_del(&sc->scan_to); 449 timeout_del(&sc->stat_to); 450 451 ieee80211_ifdetach(ifp); /* free all nodes */ 452 if_detach(ifp); 453 454 sc->sc_dying = 1; 455 DPRINTF(("reclaiming %d references\n", sc->sc_refcnt)); 456 while (sc->sc_refcnt > 0) 457 (void)tsleep(UATH_COND_NOREF(sc), 0, "uathdet", 0); 458 DPRINTF(("all references reclaimed\n")); 459 460 /* abort and free xfers */ 461 uath_free_tx_data_list(sc); 462 uath_free_rx_data_list(sc); 463 uath_free_tx_cmd_list(sc); 464 uath_free_rx_cmd_list(sc); 465 466 /* close Tx/Rx pipes */ 467 uath_close_pipes(sc); 468 469 splx(s); 470 471 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, 472 USBDEV(sc->sc_dev)); 473 474 return 0; 475 } 476 477 Static int 478 uath_open_pipes(struct uath_softc *sc) 479 { 480 int error; 481 482 /* 483 * XXX pipes numbers are hardcoded because we don't have any way 484 * to distinguish the data pipes from the firmware command pipes 485 * (both are bulk pipes) using the endpoints descriptors. 486 */ 487 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 488 &sc->cmd_tx_pipe); 489 if (error != 0) { 490 printf("%s: could not open Tx command pipe: %s\n", 491 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 492 goto fail; 493 } 494 495 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 496 &sc->data_tx_pipe); 497 if (error != 0) { 498 printf("%s: could not open Tx data pipe: %s\n", 499 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 500 goto fail; 501 } 502 503 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 504 &sc->cmd_rx_pipe); 505 if (error != 0) { 506 printf("%s: could not open Rx command pipe: %s\n", 507 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 508 goto fail; 509 } 510 511 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 512 &sc->data_rx_pipe); 513 if (error != 0) { 514 printf("%s: could not open Rx data pipe: %s\n", 515 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 516 goto fail; 517 } 518 519 return 0; 520 521 fail: uath_close_pipes(sc); 522 return error; 523 } 524 525 Static void 526 uath_close_pipes(struct uath_softc *sc) 527 { 528 /* assumes no transfers are pending on the pipes */ 529 530 if (sc->data_tx_pipe != NULL) 531 usbd_close_pipe(sc->data_tx_pipe); 532 533 if (sc->data_rx_pipe != NULL) 534 usbd_close_pipe(sc->data_rx_pipe); 535 536 if (sc->cmd_tx_pipe != NULL) 537 usbd_close_pipe(sc->cmd_tx_pipe); 538 539 if (sc->cmd_rx_pipe != NULL) 540 usbd_close_pipe(sc->cmd_rx_pipe); 541 } 542 543 Static int 544 uath_alloc_tx_data_list(struct uath_softc *sc) 545 { 546 int i, error; 547 548 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 549 struct uath_tx_data *data = &sc->tx_data[i]; 550 551 data->sc = sc; /* backpointer for callbacks */ 552 553 data->xfer = usbd_alloc_xfer(sc->sc_udev); 554 if (data->xfer == NULL) { 555 printf("%s: could not allocate xfer\n", 556 USBDEVNAME(sc->sc_dev)); 557 error = ENOMEM; 558 goto fail; 559 } 560 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 561 if (data->buf == NULL) { 562 printf("%s: could not allocate xfer buffer\n", 563 USBDEVNAME(sc->sc_dev)); 564 error = ENOMEM; 565 goto fail; 566 } 567 } 568 return 0; 569 570 fail: uath_free_tx_data_list(sc); 571 return error; 572 } 573 574 Static void 575 uath_free_tx_data_list(struct uath_softc *sc) 576 { 577 int i; 578 579 /* make sure no transfers are pending */ 580 usbd_abort_pipe(sc->data_tx_pipe); 581 582 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 583 if (sc->tx_data[i].xfer != NULL) 584 usbd_free_xfer(sc->tx_data[i].xfer); 585 } 586 587 Static int 588 uath_alloc_rx_data_list(struct uath_softc *sc) 589 { 590 int i, error; 591 592 SLIST_INIT(&sc->rx_freelist); 593 for (i = 0; i < UATH_RX_DATA_POOL_COUNT; i++) { 594 struct uath_rx_data *data = &sc->rx_data[i]; 595 596 data->sc = sc; /* backpointer for callbacks */ 597 598 data->xfer = usbd_alloc_xfer(sc->sc_udev); 599 if (data->xfer == NULL) { 600 printf("%s: could not allocate xfer\n", 601 USBDEVNAME(sc->sc_dev)); 602 error = ENOMEM; 603 goto fail; 604 } 605 data->buf = usbd_alloc_buffer(data->xfer, sc->rxbufsz); 606 if (data->buf == NULL) { 607 printf("%s: could not allocate xfer buffer\n", 608 USBDEVNAME(sc->sc_dev)); 609 error = ENOMEM; 610 goto fail; 611 } 612 SLIST_INSERT_HEAD(&sc->rx_freelist, data, next); 613 } 614 return 0; 615 616 fail: uath_free_rx_data_list(sc); 617 return error; 618 } 619 620 Static void 621 uath_free_rx_data_list(struct uath_softc *sc) 622 { 623 int i; 624 625 /* make sure no transfers are pending */ 626 usbd_abort_pipe(sc->data_rx_pipe); 627 628 for (i = 0; i < UATH_RX_DATA_POOL_COUNT; i++) 629 if (sc->rx_data[i].xfer != NULL) 630 usbd_free_xfer(sc->rx_data[i].xfer); 631 } 632 633 Static void 634 uath_free_rx_data(caddr_t buf, u_int size, void *arg) 635 { 636 struct uath_rx_data *data = arg; 637 struct uath_softc *sc = data->sc; 638 639 /* put the buffer back in the free list */ 640 SLIST_INSERT_HEAD(&sc->rx_freelist, data, next); 641 642 /* release reference to softc */ 643 if (--sc->sc_refcnt == 0 && sc->sc_dying) 644 wakeup(UATH_COND_NOREF(sc)); 645 } 646 647 Static int 648 uath_alloc_tx_cmd_list(struct uath_softc *sc) 649 { 650 int i, error; 651 652 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 653 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 654 655 cmd->sc = sc; /* backpointer for callbacks */ 656 657 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 658 if (cmd->xfer == NULL) { 659 printf("%s: could not allocate xfer\n", 660 USBDEVNAME(sc->sc_dev)); 661 error = ENOMEM; 662 goto fail; 663 } 664 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 665 if (cmd->buf == NULL) { 666 printf("%s: could not allocate xfer buffer\n", 667 USBDEVNAME(sc->sc_dev)); 668 error = ENOMEM; 669 goto fail; 670 } 671 } 672 return 0; 673 674 fail: uath_free_tx_cmd_list(sc); 675 return error; 676 } 677 678 Static void 679 uath_free_tx_cmd_list(struct uath_softc *sc) 680 { 681 int i; 682 683 /* make sure no transfers are pending */ 684 usbd_abort_pipe(sc->cmd_tx_pipe); 685 686 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 687 if (sc->tx_cmd[i].xfer != NULL) 688 usbd_free_xfer(sc->tx_cmd[i].xfer); 689 } 690 691 Static int 692 uath_alloc_rx_cmd_list(struct uath_softc *sc) 693 { 694 int i, error; 695 696 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 697 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 698 699 cmd->sc = sc; /* backpointer for callbacks */ 700 701 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 702 if (cmd->xfer == NULL) { 703 printf("%s: could not allocate xfer\n", 704 USBDEVNAME(sc->sc_dev)); 705 error = ENOMEM; 706 goto fail; 707 } 708 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 709 if (cmd->buf == NULL) { 710 printf("%s: could not allocate xfer buffer\n", 711 USBDEVNAME(sc->sc_dev)); 712 error = ENOMEM; 713 goto fail; 714 } 715 } 716 return 0; 717 718 fail: uath_free_rx_cmd_list(sc); 719 return error; 720 } 721 722 Static void 723 uath_free_rx_cmd_list(struct uath_softc *sc) 724 { 725 int i; 726 727 /* make sure no transfers are pending */ 728 usbd_abort_pipe(sc->cmd_rx_pipe); 729 730 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 731 if (sc->rx_cmd[i].xfer != NULL) 732 usbd_free_xfer(sc->rx_cmd[i].xfer); 733 } 734 735 Static int 736 uath_media_change(struct ifnet *ifp) 737 { 738 int error; 739 740 error = ieee80211_media_change(ifp); 741 if (error != ENETRESET) 742 return error; 743 744 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 745 uath_init(ifp); 746 747 return 0; 748 } 749 750 /* 751 * This function is called periodically (every second) when associated to 752 * query device statistics. 753 */ 754 Static void 755 uath_stat(void *arg) 756 { 757 struct uath_softc *sc = arg; 758 int error; 759 760 /* 761 * Send request for statistics asynchronously. The timer will be 762 * restarted when we'll get the stats notification. 763 */ 764 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 765 UATH_CMD_FLAG_ASYNC); 766 if (error != 0) { 767 printf("%s: could not query statistics (error=%d)\n", 768 USBDEVNAME(sc->sc_dev), error); 769 } 770 } 771 772 /* 773 * This function is called periodically (every 250ms) during scanning to 774 * switch from one channel to another. 775 */ 776 Static void 777 uath_next_scan(void *arg) 778 { 779 struct uath_softc *sc = arg; 780 struct ieee80211com *ic = &sc->sc_ic; 781 struct ifnet *ifp = &ic->ic_if; 782 783 if (ic->ic_state == IEEE80211_S_SCAN) 784 ieee80211_next_scan(ifp); 785 } 786 787 Static void 788 uath_task(void *arg) 789 { 790 struct uath_softc *sc = arg; 791 struct ieee80211com *ic = &sc->sc_ic; 792 enum ieee80211_state ostate; 793 794 ostate = ic->ic_state; 795 796 switch (sc->sc_state) { 797 case IEEE80211_S_INIT: 798 if (ostate == IEEE80211_S_RUN) { 799 /* turn link and activity LEDs off */ 800 (void)uath_set_led(sc, UATH_LED_LINK, 0); 801 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 802 } 803 break; 804 805 case IEEE80211_S_SCAN: 806 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 807 printf("%s: could not switch channel\n", 808 USBDEVNAME(sc->sc_dev)); 809 break; 810 } 811 timeout_add(&sc->scan_to, hz / 4); 812 break; 813 814 case IEEE80211_S_AUTH: 815 { 816 struct ieee80211_node *ni = ic->ic_bss; 817 struct uath_cmd_bssid bssid; 818 struct uath_cmd_0b cmd0b; 819 struct uath_cmd_0c cmd0c; 820 821 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 822 printf("%s: could not switch channel\n", 823 USBDEVNAME(sc->sc_dev)); 824 break; 825 } 826 827 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 828 829 bzero(&bssid, sizeof bssid); 830 bssid.len = htobe32(IEEE80211_ADDR_LEN); 831 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 832 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 833 sizeof bssid, 0); 834 835 bzero(&cmd0b, sizeof cmd0b); 836 cmd0b.code = htobe32(2); 837 cmd0b.size = htobe32(sizeof (cmd0b.data)); 838 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 839 840 bzero(&cmd0c, sizeof cmd0c); 841 cmd0c.magic1 = htobe32(2); 842 cmd0c.magic2 = htobe32(7); 843 cmd0c.magic3 = htobe32(1); 844 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 845 846 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 847 printf("%s: could not set negotiated rate set\n", 848 USBDEVNAME(sc->sc_dev)); 849 break; 850 } 851 break; 852 } 853 854 case IEEE80211_S_ASSOC: 855 break; 856 857 case IEEE80211_S_RUN: 858 { 859 struct ieee80211_node *ni = ic->ic_bss; 860 struct uath_cmd_bssid bssid; 861 struct uath_cmd_xled xled; 862 uint32_t val; 863 864 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 865 /* make both LEDs blink while monitoring */ 866 bzero(&xled, sizeof xled); 867 xled.which = htobe32(0); 868 xled.rate = htobe32(1); 869 xled.mode = htobe32(2); 870 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 871 sizeof xled, 0); 872 break; 873 } 874 875 /* 876 * Tx rate is controlled by firmware, report the maximum 877 * negotiated rate in ifconfig output. 878 */ 879 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 880 881 val = htobe32(1); 882 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 883 884 bzero(&bssid, sizeof bssid); 885 bssid.flags1 = htobe32(0xc004); 886 bssid.flags2 = htobe32(0x003b); 887 bssid.len = htobe32(IEEE80211_ADDR_LEN); 888 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 889 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 890 sizeof bssid, 0); 891 892 /* turn link LED on */ 893 (void)uath_set_led(sc, UATH_LED_LINK, 1); 894 895 /* make activity LED blink */ 896 bzero(&xled, sizeof xled); 897 xled.which = htobe32(1); 898 xled.rate = htobe32(1); 899 xled.mode = htobe32(2); 900 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 901 0); 902 903 /* set state to associated */ 904 val = htobe32(1); 905 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 906 0); 907 908 /* start statistics timer */ 909 timeout_add(&sc->stat_to, hz); 910 break; 911 } 912 } 913 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 914 } 915 916 Static int 917 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 918 { 919 struct uath_softc *sc = ic->ic_softc; 920 921 usb_rem_task(sc->sc_udev, &sc->sc_task); 922 timeout_del(&sc->scan_to); 923 timeout_del(&sc->stat_to); 924 925 sc->sc_state = nstate; 926 sc->sc_arg = arg; 927 if (curproc != NULL) { 928 uath_task(sc); 929 } else { 930 /* do it in a process context */ 931 usb_add_task(sc->sc_udev, &sc->sc_task); 932 } 933 return 0; 934 } 935 936 #ifdef UATH_DEBUG 937 Static void 938 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 939 { 940 int i; 941 942 for (i = 0; i < len; i++) { 943 if ((i % 16) == 0) 944 printf("\n%c ", prefix); 945 else if ((i % 4) == 0) 946 printf(" "); 947 printf("%02x", buf[i]); 948 } 949 printf("\n"); 950 } 951 #endif 952 953 /* 954 * Low-level function to send read or write commands to the firmware. 955 */ 956 Static int 957 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 958 void *odata, int flags) 959 { 960 struct uath_cmd_hdr *hdr; 961 struct uath_tx_cmd *cmd; 962 uint16_t xferflags; 963 int s, xferlen, error; 964 965 /* grab a xfer */ 966 cmd = &sc->tx_cmd[sc->cmd_idx]; 967 968 /* always bulk-out a multiple of 4 bytes */ 969 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 970 971 hdr = (struct uath_cmd_hdr *)cmd->buf; 972 bzero(hdr, sizeof (struct uath_cmd_hdr)); 973 hdr->len = htobe32(xferlen); 974 hdr->code = htobe32(code); 975 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 976 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 977 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 978 979 #ifdef UATH_DEBUG 980 if (uath_debug >= 5) { 981 printf("sending command code=0x%02x flags=0x%x index=%u", 982 code, flags, sc->cmd_idx); 983 uath_dump_cmd(cmd->buf, xferlen, '+'); 984 } 985 #endif 986 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 987 if (!(flags & UATH_CMD_FLAG_READ)) { 988 if (!(flags & UATH_CMD_FLAG_ASYNC)) 989 xferflags |= USBD_SYNCHRONOUS; 990 } else 991 s = splusb(); 992 993 cmd->odata = odata; 994 995 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 996 xferflags, UATH_CMD_TIMEOUT, NULL); 997 error = usbd_transfer(cmd->xfer); 998 if (error != USBD_IN_PROGRESS && error != 0) { 999 if (flags & UATH_CMD_FLAG_READ) 1000 splx(s); 1001 printf("%s: could not send command 0x%x (error=%s)\n", 1002 USBDEVNAME(sc->sc_dev), code, usbd_errstr(error)); 1003 return error; 1004 } 1005 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 1006 1007 if (!(flags & UATH_CMD_FLAG_READ)) 1008 return 0; /* write: don't wait for reply */ 1009 1010 /* wait at most two seconds for command reply */ 1011 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 1012 cmd->odata = NULL; /* in case answer is received too late */ 1013 splx(s); 1014 if (error != 0) { 1015 printf("%s: timeout waiting for command reply\n", 1016 USBDEVNAME(sc->sc_dev)); 1017 } 1018 return error; 1019 } 1020 1021 Static int 1022 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1023 int flags) 1024 { 1025 flags &= ~UATH_CMD_FLAG_READ; 1026 return uath_cmd(sc, code, data, len, NULL, flags); 1027 } 1028 1029 Static int 1030 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1031 int ilen, void *odata, int flags) 1032 { 1033 flags |= UATH_CMD_FLAG_READ; 1034 return uath_cmd(sc, code, idata, ilen, odata, flags); 1035 } 1036 1037 Static int 1038 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1039 { 1040 struct uath_write_mac write; 1041 int error; 1042 1043 write.reg = htobe32(reg); 1044 write.len = htobe32(0); /* 0 = single write */ 1045 *(uint32_t *)write.data = htobe32(val); 1046 1047 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1048 3 * sizeof (uint32_t), 0); 1049 if (error != 0) { 1050 printf("%s: could not write register 0x%02x\n", 1051 USBDEVNAME(sc->sc_dev), reg); 1052 } 1053 return error; 1054 } 1055 1056 Static int 1057 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1058 int len) 1059 { 1060 struct uath_write_mac write; 1061 int error; 1062 1063 write.reg = htobe32(reg); 1064 write.len = htobe32(len); 1065 bcopy(data, write.data, len); 1066 1067 /* properly handle the case where len is zero (reset) */ 1068 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1069 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1070 if (error != 0) { 1071 printf("%s: could not write %d bytes to register 0x%02x\n", 1072 USBDEVNAME(sc->sc_dev), len, reg); 1073 } 1074 return error; 1075 } 1076 1077 Static int 1078 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1079 { 1080 struct uath_read_mac read; 1081 int error; 1082 1083 reg = htobe32(reg); 1084 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1085 0); 1086 if (error != 0) { 1087 printf("%s: could not read register 0x%02x\n", 1088 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1089 return error; 1090 } 1091 *val = betoh32(*(uint32_t *)read.data); 1092 return error; 1093 } 1094 1095 Static int 1096 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1097 { 1098 struct uath_read_mac read; 1099 int len, error; 1100 1101 reg = htobe32(reg); 1102 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1103 &read, 0); 1104 if (error != 0) { 1105 printf("%s: could not read EEPROM offset 0x%02x\n", 1106 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1107 return error; 1108 } 1109 len = betoh32(read.len); 1110 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1111 return error; 1112 } 1113 1114 Static void 1115 uath_cmd_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1116 usbd_status status) 1117 { 1118 struct uath_rx_cmd *cmd = priv; 1119 struct uath_softc *sc = cmd->sc; 1120 struct uath_cmd_hdr *hdr; 1121 1122 if (status != USBD_NORMAL_COMPLETION) { 1123 if (status == USBD_STALLED) 1124 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1125 return; 1126 } 1127 1128 hdr = (struct uath_cmd_hdr *)cmd->buf; 1129 1130 #ifdef UATH_DEBUG 1131 if (uath_debug >= 5) { 1132 printf("received command code=0x%x index=%u len=%u", 1133 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1134 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1135 } 1136 #endif 1137 1138 switch (betoh32(hdr->code) & 0xff) { 1139 /* reply to a read command */ 1140 default: 1141 { 1142 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1143 1144 if (txcmd->odata != NULL) { 1145 /* copy answer into caller's supplied buffer */ 1146 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1147 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1148 } 1149 wakeup(txcmd); /* wake up caller */ 1150 break; 1151 } 1152 /* spontaneous firmware notifications */ 1153 case UATH_NOTIF_READY: 1154 DPRINTF(("received device ready notification\n")); 1155 wakeup(UATH_COND_INIT(sc)); 1156 break; 1157 1158 case UATH_NOTIF_TX: 1159 /* this notification is sent when UATH_TX_NOTIFY is set */ 1160 DPRINTF(("received Tx notification\n")); 1161 break; 1162 1163 case UATH_NOTIF_STATS: 1164 DPRINTFN(2, ("received device statistics\n")); 1165 timeout_add(&sc->stat_to, hz); 1166 break; 1167 } 1168 1169 /* setup a new transfer */ 1170 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1171 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1172 uath_cmd_rxeof); 1173 (void)usbd_transfer(xfer); 1174 } 1175 1176 Static void 1177 uath_data_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1178 usbd_status status) 1179 { 1180 struct uath_rx_data *data = priv; 1181 struct uath_softc *sc = data->sc; 1182 struct ieee80211com *ic = &sc->sc_ic; 1183 struct ifnet *ifp = &ic->ic_if; 1184 struct ieee80211_frame *wh; 1185 struct ieee80211_node *ni; 1186 struct uath_rx_data *ndata; 1187 struct uath_rx_desc *desc; 1188 struct mbuf *m; 1189 uint32_t hdr; 1190 int s, len; 1191 1192 if (status != USBD_NORMAL_COMPLETION) { 1193 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1194 return; 1195 1196 if (status == USBD_STALLED) 1197 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1198 1199 ifp->if_ierrors++; 1200 return; 1201 } 1202 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1203 1204 if (len < UATH_MIN_RXBUFSZ) { 1205 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1206 ifp->if_ierrors++; 1207 goto skip; 1208 } 1209 1210 hdr = betoh32(*(uint32_t *)data->buf); 1211 1212 /* Rx descriptor is located at the end, 32-bit aligned */ 1213 desc = (struct uath_rx_desc *) 1214 (data->buf + len - sizeof (struct uath_rx_desc)); 1215 1216 if (betoh32(desc->len) > sc->rxbufsz) { 1217 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1218 ifp->if_ierrors++; 1219 goto skip; 1220 } 1221 1222 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1223 1224 MGETHDR(m, M_DONTWAIT, MT_DATA); 1225 if (m == NULL) { 1226 ifp->if_ierrors++; 1227 goto skip; 1228 } 1229 1230 /* grab a new Rx buffer */ 1231 ndata = SLIST_FIRST(&sc->rx_freelist); 1232 if (ndata == NULL) { 1233 printf("%s: could not allocate Rx buffer\n", 1234 USBDEVNAME(sc->sc_dev)); 1235 m_freem(m); 1236 ifp->if_ierrors++; 1237 goto skip; 1238 } 1239 SLIST_REMOVE_HEAD(&sc->rx_freelist, next); 1240 1241 MEXTADD(m, data->buf, sc->rxbufsz, 0, uath_free_rx_data, data); 1242 1243 /* finalize mbuf */ 1244 m->m_pkthdr.rcvif = ifp; 1245 m->m_data = data->buf + sizeof (uint32_t); 1246 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1247 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1248 1249 data = ndata; 1250 1251 wh = mtod(m, struct ieee80211_frame *); 1252 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1253 ic->ic_opmode != IEEE80211_M_MONITOR) { 1254 /* 1255 * Hardware decrypts the frame itself but leaves the WEP bit 1256 * set in the 802.11 header and doesn't remove the IV and CRC 1257 * fields. 1258 */ 1259 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1260 ovbcopy(wh, (caddr_t)wh + IEEE80211_WEP_IVLEN + 1261 IEEE80211_WEP_KIDLEN, sizeof (struct ieee80211_frame)); 1262 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1263 m_adj(m, -IEEE80211_WEP_CRCLEN); 1264 wh = mtod(m, struct ieee80211_frame *); 1265 } 1266 1267 #if NBPFILTER > 0 1268 /* there are a lot more fields in the Rx descriptor */ 1269 if (sc->sc_drvbpf != NULL) { 1270 struct mbuf mb; 1271 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1272 1273 tap->wr_flags = 0; 1274 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1275 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1276 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1277 1278 mb.m_data = (caddr_t)tap; 1279 mb.m_len = sc->sc_rxtap_len; 1280 mb.m_next = m; 1281 mb.m_nextpkt = NULL; 1282 mb.m_type = 0; 1283 mb.m_flags = 0; 1284 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1285 } 1286 #endif 1287 1288 s = splnet(); 1289 sc->sc_refcnt++; 1290 ni = ieee80211_find_rxnode(ic, wh); 1291 ieee80211_input(ifp, m, ni, (int)betoh32(desc->rssi), 0); 1292 1293 /* node is no longer needed */ 1294 ieee80211_release_node(ic, ni); 1295 splx(s); 1296 1297 skip: /* setup a new transfer */ 1298 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1299 sc->rxbufsz, USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1300 uath_data_rxeof); 1301 (void)usbd_transfer(data->xfer); 1302 } 1303 1304 Static int 1305 uath_tx_null(struct uath_softc *sc) 1306 { 1307 struct uath_tx_data *data; 1308 struct uath_tx_desc *desc; 1309 1310 data = &sc->tx_data[sc->data_idx]; 1311 1312 data->ni = NULL; 1313 1314 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1315 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1316 1317 bzero(desc, sizeof (struct uath_tx_desc)); 1318 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1319 desc->type = htobe32(UATH_TX_NULL); 1320 1321 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1322 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1323 USBD_FORCE_SHORT_XFER, UATH_DATA_TIMEOUT, NULL); 1324 if (usbd_sync_transfer(data->xfer) != 0) 1325 return EIO; 1326 1327 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1328 1329 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1330 } 1331 1332 Static void 1333 uath_data_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1334 usbd_status status) 1335 { 1336 struct uath_tx_data *data = priv; 1337 struct uath_softc *sc = data->sc; 1338 struct ieee80211com *ic = &sc->sc_ic; 1339 struct ifnet *ifp = &ic->ic_if; 1340 int s; 1341 1342 if (status != USBD_NORMAL_COMPLETION) { 1343 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1344 return; 1345 1346 printf("%s: could not transmit buffer: %s\n", 1347 USBDEVNAME(sc->sc_dev), usbd_errstr(status)); 1348 1349 if (status == USBD_STALLED) 1350 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1351 1352 ifp->if_oerrors++; 1353 return; 1354 } 1355 1356 s = splnet(); 1357 1358 ieee80211_release_node(ic, data->ni); 1359 data->ni = NULL; 1360 1361 sc->tx_queued--; 1362 ifp->if_opackets++; 1363 1364 sc->sc_tx_timer = 0; 1365 ifp->if_flags &= ~IFF_OACTIVE; 1366 uath_start(ifp); 1367 1368 splx(s); 1369 } 1370 1371 Static int 1372 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1373 { 1374 struct ieee80211com *ic = &sc->sc_ic; 1375 struct uath_tx_data *data; 1376 struct uath_tx_desc *desc; 1377 const struct ieee80211_frame *wh; 1378 int paylen, totlen, xferlen, error; 1379 1380 data = &sc->tx_data[sc->data_idx]; 1381 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1382 1383 data->ni = ni; 1384 1385 #if NBPFILTER > 0 1386 if (sc->sc_drvbpf != NULL) { 1387 struct mbuf mb; 1388 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1389 1390 tap->wt_flags = 0; 1391 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1392 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1393 1394 mb.m_data = (caddr_t)tap; 1395 mb.m_len = sc->sc_txtap_len; 1396 mb.m_next = m0; 1397 mb.m_nextpkt = NULL; 1398 mb.m_type = 0; 1399 mb.m_flags = 0; 1400 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1401 } 1402 #endif 1403 1404 paylen = m0->m_pkthdr.len; 1405 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1406 1407 wh = mtod(m0, struct ieee80211_frame *); 1408 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1409 uint8_t *frm = (uint8_t *)(desc + 1); 1410 uint32_t iv; 1411 1412 /* h/w WEP: it's up to the host to fill the IV field */ 1413 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1414 frm += sizeof (struct ieee80211_frame); 1415 1416 /* insert IV: code copied from net80211 */ 1417 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1418 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1419 iv += 0x000100; 1420 ic->ic_iv = iv + 1; 1421 1422 *frm++ = iv & 0xff; 1423 *frm++ = (iv >> 8) & 0xff; 1424 *frm++ = (iv >> 16) & 0xff; 1425 *frm++ = ic->ic_wep_txkey << 6; 1426 1427 m_copydata(m0, sizeof (struct ieee80211_frame), 1428 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1429 1430 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1431 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1432 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1433 } else { 1434 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1435 totlen = xferlen; 1436 } 1437 1438 /* fill Tx descriptor */ 1439 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1440 1441 desc->len = htobe32(totlen); 1442 desc->priv = sc->data_idx; /* don't care about endianness */ 1443 desc->paylen = htobe32(paylen); 1444 desc->type = htobe32(UATH_TX_DATA); 1445 desc->flags = htobe32(0); 1446 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1447 desc->dest = htobe32(UATH_ID_BROADCAST); 1448 desc->magic = htobe32(3); 1449 } else { 1450 desc->dest = htobe32(UATH_ID_BSS); 1451 desc->magic = htobe32(1); 1452 } 1453 1454 m_freem(m0); /* mbuf is no longer needed */ 1455 1456 #ifdef UATH_DEBUG 1457 if (uath_debug >= 6) { 1458 printf("sending frame index=%u len=%d xferlen=%d", 1459 sc->data_idx, paylen, xferlen); 1460 uath_dump_cmd(data->buf, xferlen, '+'); 1461 } 1462 #endif 1463 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1464 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1465 uath_data_txeof); 1466 error = usbd_transfer(data->xfer); 1467 if (error != USBD_IN_PROGRESS && error != 0) { 1468 ic->ic_if.if_oerrors++; 1469 return error; 1470 } 1471 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1472 sc->tx_queued++; 1473 1474 return 0; 1475 } 1476 1477 Static void 1478 uath_start(struct ifnet *ifp) 1479 { 1480 struct uath_softc *sc = ifp->if_softc; 1481 struct ieee80211com *ic = &sc->sc_ic; 1482 struct ieee80211_node *ni; 1483 struct mbuf *m0; 1484 1485 /* 1486 * net80211 may still try to send management frames even if the 1487 * IFF_RUNNING flag is not set... 1488 */ 1489 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1490 return; 1491 1492 for (;;) { 1493 IF_POLL(&ic->ic_mgtq, m0); 1494 if (m0 != NULL) { 1495 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1496 ifp->if_flags |= IFF_OACTIVE; 1497 break; 1498 } 1499 IF_DEQUEUE(&ic->ic_mgtq, m0); 1500 1501 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1502 m0->m_pkthdr.rcvif = NULL; 1503 #if NBPFILTER > 0 1504 if (ic->ic_rawbpf != NULL) 1505 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1506 #endif 1507 if (uath_tx_data(sc, m0, ni) != 0) 1508 break; 1509 } else { 1510 if (ic->ic_state != IEEE80211_S_RUN) 1511 break; 1512 IFQ_POLL(&ifp->if_snd, m0); 1513 if (m0 == NULL) 1514 break; 1515 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1516 ifp->if_flags |= IFF_OACTIVE; 1517 break; 1518 } 1519 IFQ_DEQUEUE(&ifp->if_snd, m0); 1520 #if NBPFILTER > 0 1521 if (ifp->if_bpf != NULL) 1522 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1523 #endif 1524 m0 = ieee80211_encap(ifp, m0, &ni); 1525 if (m0 == NULL) 1526 continue; 1527 #if NBPFILTER > 0 1528 if (ic->ic_rawbpf != NULL) 1529 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1530 #endif 1531 if (uath_tx_data(sc, m0, ni) != 0) { 1532 if (ni != NULL) 1533 ieee80211_release_node(ic, ni); 1534 ifp->if_oerrors++; 1535 break; 1536 } 1537 } 1538 1539 sc->sc_tx_timer = 5; 1540 ifp->if_timer = 1; 1541 } 1542 } 1543 1544 Static void 1545 uath_watchdog(struct ifnet *ifp) 1546 { 1547 struct uath_softc *sc = ifp->if_softc; 1548 1549 ifp->if_timer = 0; 1550 1551 if (sc->sc_tx_timer > 0) { 1552 if (--sc->sc_tx_timer == 0) { 1553 printf("%s: device timeout\n", USBDEVNAME(sc->sc_dev)); 1554 /*uath_init(ifp); XXX needs a process context! */ 1555 ifp->if_oerrors++; 1556 return; 1557 } 1558 ifp->if_timer = 1; 1559 } 1560 1561 ieee80211_watchdog(ifp); 1562 } 1563 1564 Static int 1565 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1566 { 1567 struct uath_softc *sc = ifp->if_softc; 1568 struct ieee80211com *ic = &sc->sc_ic; 1569 struct ifaddr *ifa; 1570 struct ifreq *ifr; 1571 int s, error = 0; 1572 1573 s = splnet(); 1574 1575 switch (cmd) { 1576 case SIOCSIFADDR: 1577 ifa = (struct ifaddr *)data; 1578 ifp->if_flags |= IFF_UP; 1579 #ifdef INET 1580 if (ifa->ifa_addr->sa_family == AF_INET) 1581 arp_ifinit(&ic->ic_ac, ifa); 1582 #endif 1583 /* FALLTHROUGH */ 1584 case SIOCSIFFLAGS: 1585 if (ifp->if_flags & IFF_UP) { 1586 if (!(ifp->if_flags & IFF_RUNNING)) 1587 uath_init(ifp); 1588 } else { 1589 if (ifp->if_flags & IFF_RUNNING) 1590 uath_stop(ifp, 1); 1591 } 1592 break; 1593 1594 case SIOCADDMULTI: 1595 case SIOCDELMULTI: 1596 ifr = (struct ifreq *)data; 1597 error = (cmd == SIOCADDMULTI) ? 1598 ether_addmulti(ifr, &ic->ic_ac) : 1599 ether_delmulti(ifr, &ic->ic_ac); 1600 if (error == ENETRESET) 1601 error = 0; 1602 break; 1603 1604 default: 1605 error = ieee80211_ioctl(ifp, cmd, data); 1606 } 1607 1608 if (error == ENETRESET) { 1609 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1610 (IFF_UP | IFF_RUNNING)) 1611 uath_init(ifp); 1612 error = 0; 1613 } 1614 1615 splx(s); 1616 1617 return error; 1618 } 1619 1620 Static int 1621 uath_query_eeprom(struct uath_softc *sc) 1622 { 1623 uint32_t tmp; 1624 int error; 1625 1626 /* retrieve MAC address */ 1627 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1628 if (error != 0) { 1629 printf("%s: could not read MAC address\n", 1630 USBDEVNAME(sc->sc_dev)); 1631 return error; 1632 } 1633 1634 /* retrieve the maximum frame size that the hardware can receive */ 1635 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1636 if (error != 0) { 1637 printf("%s: could not read maximum Rx buffer size\n", 1638 USBDEVNAME(sc->sc_dev)); 1639 return error; 1640 } 1641 sc->rxbufsz = betoh32(tmp) & 0xfff; 1642 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1643 return 0; 1644 } 1645 1646 Static int 1647 uath_reset(struct uath_softc *sc) 1648 { 1649 struct uath_cmd_setup setup; 1650 uint32_t reg, val; 1651 int s, error; 1652 1653 /* init device with some voodoo incantations.. */ 1654 setup.magic1 = htobe32(1); 1655 setup.magic2 = htobe32(5); 1656 setup.magic3 = htobe32(200); 1657 setup.magic4 = htobe32(27); 1658 s = splusb(); 1659 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1660 UATH_CMD_FLAG_ASYNC); 1661 /* ..and wait until firmware notifies us that it is ready */ 1662 if (error == 0) 1663 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1664 splx(s); 1665 if (error != 0) 1666 return error; 1667 1668 /* read PHY registers */ 1669 for (reg = 0x09; reg <= 0x24; reg++) { 1670 if (reg == 0x0b || reg == 0x0c) 1671 continue; 1672 DELAY(100); 1673 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1674 return error; 1675 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1676 } 1677 return error; 1678 } 1679 1680 Static int 1681 uath_reset_tx_queues(struct uath_softc *sc) 1682 { 1683 int ac, error; 1684 1685 for (ac = 0; ac < 4; ac++) { 1686 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1687 1688 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1689 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1690 sizeof qid, 0); 1691 if (error != 0) 1692 break; 1693 } 1694 return error; 1695 } 1696 1697 Static int 1698 uath_wme_init(struct uath_softc *sc) 1699 { 1700 struct uath_qinfo qinfo; 1701 int ac, error; 1702 static const struct uath_wme_settings uath_wme_11g[4] = { 1703 { 7, 4, 10, 0, 0 }, /* Background */ 1704 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1705 { 3, 3, 4, 26, 0 }, /* Video */ 1706 { 2, 2, 3, 47, 0 } /* Voice */ 1707 }; 1708 1709 bzero(&qinfo, sizeof qinfo); 1710 qinfo.size = htobe32(32); 1711 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1712 qinfo.magic2 = htobe32(1); 1713 for (ac = 0; ac < 4; ac++) { 1714 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1715 qinfo.ac = htobe32(ac); 1716 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1717 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1718 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1719 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1720 uath_wme_11g[ac].txop)); 1721 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1722 1723 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1724 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1725 sizeof qinfo, 0); 1726 if (error != 0) 1727 break; 1728 } 1729 return error; 1730 } 1731 1732 Static int 1733 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1734 { 1735 struct uath_set_chan chan; 1736 1737 bzero(&chan, sizeof chan); 1738 chan.flags = htobe32(0x1400); 1739 chan.freq = htobe32(c->ic_freq); 1740 chan.magic1 = htobe32(20); 1741 chan.magic2 = htobe32(50); 1742 chan.magic3 = htobe32(1); 1743 1744 DPRINTF(("switching to channel %d\n", 1745 ieee80211_chan2ieee(&sc->sc_ic, c))); 1746 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1747 } 1748 1749 Static int 1750 uath_set_key(struct uath_softc *sc, const struct ieee80211_wepkey *wk, 1751 int index) 1752 { 1753 struct uath_cmd_crypto crypto; 1754 int i; 1755 1756 bzero(&crypto, sizeof crypto); 1757 crypto.keyidx = htobe32(index); 1758 crypto.magic1 = htobe32(1); 1759 crypto.size = htobe32(368); 1760 crypto.mask = htobe32(0xffff); 1761 crypto.flags = htobe32(0x80000068); 1762 if (index != UATH_DEFAULT_KEY) 1763 crypto.flags |= htobe32(index << 16); 1764 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1765 1766 /* 1767 * Each byte of the key must be XOR'ed with 10101010 before being 1768 * transmitted to the firmware. 1769 */ 1770 for (i = 0; i < wk->wk_len; i++) 1771 crypto.key[i] = wk->wk_key[i] ^ 0xaa; 1772 1773 DPRINTF(("setting crypto key index=%d len=%d\n", index, wk->wk_len)); 1774 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1775 } 1776 1777 Static int 1778 uath_set_keys(struct uath_softc *sc) 1779 { 1780 const struct ieee80211com *ic = &sc->sc_ic; 1781 int i, error; 1782 1783 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1784 const struct ieee80211_wepkey *wk = &ic->ic_nw_keys[i]; 1785 1786 if (wk->wk_len > 0 && 1787 (error = uath_set_key(sc, wk, i)) != 0) 1788 return error; 1789 } 1790 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1791 UATH_DEFAULT_KEY); 1792 } 1793 1794 Static int 1795 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1796 { 1797 struct uath_cmd_rates rates; 1798 1799 bzero(&rates, sizeof rates); 1800 rates.magic1 = htobe32(0x02); 1801 rates.size = htobe32(1 + sizeof rates.rates); 1802 rates.nrates = rs->rs_nrates; 1803 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1804 1805 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1806 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1807 } 1808 1809 Static int 1810 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1811 { 1812 struct uath_cmd_filter rxfilter; 1813 1814 rxfilter.filter = htobe32(filter); 1815 rxfilter.flags = htobe32(flags); 1816 1817 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1818 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1819 sizeof rxfilter, 0); 1820 } 1821 1822 Static int 1823 uath_set_led(struct uath_softc *sc, int which, int on) 1824 { 1825 struct uath_cmd_led led; 1826 1827 led.which = htobe32(which); 1828 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1829 1830 DPRINTFN(2, ("switching %s led %s\n", 1831 (which == UATH_LED_LINK) ? "link" : "activity", 1832 on ? "on" : "off")); 1833 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1834 } 1835 1836 Static int 1837 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1838 { 1839 uint32_t val; 1840 int error; 1841 1842 /* set radio frequency */ 1843 if ((error = uath_set_chan(sc, c)) != 0) { 1844 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1845 return error; 1846 } 1847 1848 /* reset Tx rings */ 1849 if ((error = uath_reset_tx_queues(sc)) != 0) { 1850 printf("%s: could not reset Tx queues\n", 1851 USBDEVNAME(sc->sc_dev)); 1852 return error; 1853 } 1854 1855 /* set Tx rings WME properties */ 1856 if ((error = uath_wme_init(sc)) != 0) { 1857 printf("%s: could not init Tx queues\n", 1858 USBDEVNAME(sc->sc_dev)); 1859 return error; 1860 } 1861 1862 val = htobe32(0); 1863 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1864 if (error != 0) { 1865 printf("%s: could not set state\n", USBDEVNAME(sc->sc_dev)); 1866 return error; 1867 } 1868 1869 return uath_tx_null(sc); 1870 } 1871 1872 Static int 1873 uath_init(struct ifnet *ifp) 1874 { 1875 struct uath_softc *sc = ifp->if_softc; 1876 struct ieee80211com *ic = &sc->sc_ic; 1877 struct uath_cmd_31 cmd31; 1878 uint32_t val; 1879 int i, error; 1880 1881 /* reset data and command rings */ 1882 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1883 1884 val = htobe32(0); 1885 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1886 1887 /* set MAC address */ 1888 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1889 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1890 1891 (void)uath_write_reg(sc, 0x02, 0x00000001); 1892 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1893 (void)uath_write_reg(sc, 0x10, 0x00000001); 1894 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1895 1896 /* 1897 * Queue Rx data xfers. 1898 */ 1899 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1900 struct uath_rx_data *data = SLIST_FIRST(&sc->rx_freelist); 1901 1902 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1903 sc->rxbufsz, USBD_SHORT_XFER_OK | USBD_NO_COPY, 1904 USBD_NO_TIMEOUT, uath_data_rxeof); 1905 error = usbd_transfer(data->xfer); 1906 if (error != USBD_IN_PROGRESS && error != 0) { 1907 printf("%s: could not queue Rx transfer\n", 1908 USBDEVNAME(sc->sc_dev)); 1909 goto fail; 1910 } 1911 SLIST_REMOVE_HEAD(&sc->rx_freelist, next); 1912 } 1913 1914 error = uath_cmd_read(sc, UATH_CMD_07, 0, NULL, &val, 1915 UATH_CMD_FLAG_MAGIC); 1916 if (error != 0) { 1917 printf("%s: could not send read command 07h\n", 1918 USBDEVNAME(sc->sc_dev)); 1919 goto fail; 1920 } 1921 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1922 1923 /* set default channel */ 1924 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1925 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1926 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1927 goto fail; 1928 } 1929 1930 if ((error = uath_wme_init(sc)) != 0) { 1931 printf("%s: could not setup WME parameters\n", 1932 USBDEVNAME(sc->sc_dev)); 1933 goto fail; 1934 } 1935 1936 /* init MAC registers */ 1937 (void)uath_write_reg(sc, 0x19, 0x00000000); 1938 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1939 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1940 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1941 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1942 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1943 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1944 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1945 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1946 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1947 1948 val = htobe32(4); 1949 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1950 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1951 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1952 1953 if ((error = uath_set_keys(sc)) != 0) { 1954 printf("%s: could not set crypto keys\n", 1955 USBDEVNAME(sc->sc_dev)); 1956 goto fail; 1957 } 1958 1959 /* enable Rx */ 1960 (void)uath_set_rxfilter(sc, 0x0000, 4); 1961 (void)uath_set_rxfilter(sc, 0x0817, 1); 1962 1963 cmd31.magic1 = htobe32(0xffffffff); 1964 cmd31.magic2 = htobe32(0xffffffff); 1965 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1966 1967 ifp->if_flags &= ~IFF_OACTIVE; 1968 ifp->if_flags |= IFF_RUNNING; 1969 1970 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1971 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1972 else 1973 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1974 1975 return 0; 1976 1977 fail: uath_stop(ifp, 1); 1978 return error; 1979 } 1980 1981 Static void 1982 uath_stop(struct ifnet *ifp, int disable) 1983 { 1984 struct uath_softc *sc = ifp->if_softc; 1985 struct ieee80211com *ic = &sc->sc_ic; 1986 uint32_t val; 1987 int s; 1988 1989 s = splusb(); 1990 1991 sc->sc_tx_timer = 0; 1992 ifp->if_timer = 0; 1993 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1994 1995 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1996 1997 val = htobe32(0); 1998 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1999 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 2000 2001 val = htobe32(0); 2002 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 2003 2004 #if 0 2005 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 2006 UATH_CMD_FLAG_MAGIC); 2007 #endif 2008 2009 /* abort any pending transfers */ 2010 usbd_abort_pipe(sc->data_tx_pipe); 2011 usbd_abort_pipe(sc->data_rx_pipe); 2012 usbd_abort_pipe(sc->cmd_tx_pipe); 2013 2014 splx(s); 2015 } 2016 2017 /* 2018 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 2019 * the device will detach itself from the bus and reattach later with a new 2020 * product Id (a la ezusb). XXX this could also be implemented in userland 2021 * through /dev/ugen. 2022 */ 2023 Static int 2024 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2025 { 2026 usbd_xfer_handle ctlxfer, txxfer, rxxfer; 2027 struct uath_fwblock *txblock, *rxblock; 2028 uint8_t *txdata; 2029 int error = 0; 2030 2031 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2032 printf("%s: could not allocate Tx control xfer\n", 2033 USBDEVNAME(sc->sc_dev)); 2034 error = USBD_NOMEM; 2035 goto fail1; 2036 } 2037 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2038 if (txblock == NULL) { 2039 printf("%s: could not allocate Tx control block\n", 2040 USBDEVNAME(sc->sc_dev)); 2041 error = USBD_NOMEM; 2042 goto fail2; 2043 } 2044 2045 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2046 printf("%s: could not allocate Tx xfer\n", 2047 USBDEVNAME(sc->sc_dev)); 2048 error = USBD_NOMEM; 2049 goto fail2; 2050 } 2051 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2052 if (txdata == NULL) { 2053 printf("%s: could not allocate Tx buffer\n", 2054 USBDEVNAME(sc->sc_dev)); 2055 error = USBD_NOMEM; 2056 goto fail3; 2057 } 2058 2059 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2060 printf("%s: could not allocate Rx control xfer\n", 2061 USBDEVNAME(sc->sc_dev)); 2062 error = USBD_NOMEM; 2063 goto fail3; 2064 } 2065 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2066 if (rxblock == NULL) { 2067 printf("%s: could not allocate Rx control block\n", 2068 USBDEVNAME(sc->sc_dev)); 2069 error = USBD_NOMEM; 2070 goto fail4; 2071 } 2072 2073 bzero(txblock, sizeof (struct uath_fwblock)); 2074 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2075 txblock->total = htobe32(len); 2076 2077 while (len > 0) { 2078 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2079 2080 txblock->remain = htobe32(len - mlen); 2081 txblock->len = htobe32(mlen); 2082 2083 DPRINTF(("sending firmware block: %d bytes remaining\n", 2084 len - mlen)); 2085 2086 /* send firmware block meta-data */ 2087 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2088 sizeof (struct uath_fwblock), USBD_NO_COPY, 2089 UATH_CMD_TIMEOUT, NULL); 2090 if ((error = usbd_sync_transfer(ctlxfer)) != 0) { 2091 printf("%s: could not send firmware block info\n", 2092 USBDEVNAME(sc->sc_dev)); 2093 break; 2094 } 2095 2096 /* send firmware block data */ 2097 bcopy(fw, txdata, mlen); 2098 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2099 USBD_NO_COPY, UATH_DATA_TIMEOUT, NULL); 2100 if ((error = usbd_sync_transfer(txxfer)) != 0) { 2101 printf("%s: could not send firmware block data\n", 2102 USBDEVNAME(sc->sc_dev)); 2103 break; 2104 } 2105 2106 /* wait for ack from firmware */ 2107 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2108 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2109 USBD_NO_COPY, UATH_CMD_TIMEOUT, NULL); 2110 if ((error = usbd_sync_transfer(rxxfer)) != 0) { 2111 printf("%s: could not read firmware answer\n", 2112 USBDEVNAME(sc->sc_dev)); 2113 break; 2114 } 2115 2116 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2117 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2118 fw += mlen; 2119 len -= mlen; 2120 } 2121 2122 fail4: usbd_free_xfer(rxxfer); 2123 fail3: usbd_free_xfer(txxfer); 2124 fail2: usbd_free_xfer(ctlxfer); 2125 fail1: return error; 2126 } 2127 2128 Static int 2129 uath_activate(device_ptr_t self, enum devact act) 2130 { 2131 switch (act) { 2132 case DVACT_ACTIVATE: 2133 break; 2134 2135 case DVACT_DEACTIVATE: 2136 /*if_deactivate(&sc->sc_ic.ic_if);*/ 2137 break; 2138 } 2139 return 0; 2140 } 2141