1 /* $OpenBSD: if_uath.c,v 1.12 2006/11/26 11:14:22 deraadt Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * http://www.atheros.com/pt/bulletins/AR5005UGBulletin.pdf 23 * http://www.atheros.com/pt/bulletins/AR5005UXBulletin.pdf 24 * 25 * IMPORTANT NOTICE: 26 * This driver was written without any documentation or support from Atheros 27 * Communications. It is based on a black-box analysis of the Windows binary 28 * driver. It handles both pre and post-firmware devices. 29 */ 30 31 #include "bpfilter.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/timeout.h> 42 #include <sys/conf.h> 43 #include <sys/device.h> 44 45 #include <machine/bus.h> 46 #include <machine/endian.h> 47 #include <machine/intr.h> 48 49 #if NBPFILTER > 0 50 #include <net/bpf.h> 51 #endif 52 #include <net/if.h> 53 #include <net/if_arp.h> 54 #include <net/if_dl.h> 55 #include <net/if_media.h> 56 #include <net/if_types.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #include <netinet/ip.h> 63 64 #include <net80211/ieee80211_var.h> 65 #include <net80211/ieee80211_amrr.h> 66 #include <net80211/ieee80211_radiotap.h> 67 68 #include <dev/rndvar.h> 69 #include <crypto/arc4.h> 70 71 #include <dev/usb/usb.h> 72 #include <dev/usb/usbdi.h> 73 #include <dev/usb/usbdi_util.h> 74 #include <dev/usb/usbdevs.h> 75 76 #include <dev/usb/if_uathreg.h> 77 #include <dev/usb/if_uathvar.h> 78 79 #ifdef USB_DEBUG 80 #define UATH_DEBUG 81 #endif 82 83 #ifdef UATH_DEBUG 84 #define DPRINTF(x) do { if (uath_debug) logprintf x; } while (0) 85 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) logprintf x; } while (0) 86 int uath_debug = 1; 87 #else 88 #define DPRINTF(x) 89 #define DPRINTFN(n, x) 90 #endif 91 92 /*- 93 * Various supported device vendors/products. 94 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 95 */ 96 #define UATH_DEV(v, p, f) \ 97 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 98 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 99 (f) | UATH_FLAG_PRE_FIRMWARE } 100 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 101 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 102 static const struct uath_type { 103 struct usb_devno dev; 104 unsigned int flags; 105 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 106 #define UATH_FLAG_ABG (1 << 1) 107 } uath_devs[] = { 108 UATH_DEV_UG(ATHEROS, AR5523), 109 UATH_DEV_UG(ATHEROS2, AR5523_1), 110 UATH_DEV_UG(ATHEROS2, AR5523_2), 111 UATH_DEV_UX(ATHEROS2, AR5523_3), 112 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 113 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 114 UATH_DEV_UX(DLINK, DWLAG122), 115 UATH_DEV_UX(DLINK, DWLAG132), 116 UATH_DEV_UG(DLINK, DWLG132), 117 UATH_DEV_UG(GIGASET, AR5523), 118 UATH_DEV_UG(GIGASET, SMCWUSBTG), 119 UATH_DEV_UG(GLOBALSUN, AR5523_1), 120 UATH_DEV_UX(GLOBALSUN, AR5523_2), 121 UATH_DEV_UX(NETGEAR, WG111U), 122 UATH_DEV_UG(NETGEAR3, WG111T), 123 UATH_DEV_UG(NETGEAR3, WPN111), 124 UATH_DEV_UG(UMEDIA, AR5523_1), 125 UATH_DEV_UX(UMEDIA, AR5523_2), 126 UATH_DEV_UG(UMEDIA, TEW444UBEU), 127 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 128 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 129 UATH_DEV_UG(ZCOM, AR5523) 130 }; 131 #define uath_lookup(v, p) \ 132 ((struct uath_type *)usb_lookup(uath_devs, v, p)) 133 134 Static void uath_attachhook(void *); 135 Static int uath_open_pipes(struct uath_softc *); 136 Static void uath_close_pipes(struct uath_softc *); 137 Static int uath_alloc_tx_data_list(struct uath_softc *); 138 Static void uath_free_tx_data_list(struct uath_softc *); 139 Static int uath_alloc_rx_data_list(struct uath_softc *); 140 Static void uath_free_rx_data_list(struct uath_softc *); 141 Static void uath_free_rx_data(caddr_t, u_int, void *); 142 Static int uath_alloc_tx_cmd_list(struct uath_softc *); 143 Static void uath_free_tx_cmd_list(struct uath_softc *); 144 Static int uath_alloc_rx_cmd_list(struct uath_softc *); 145 Static void uath_free_rx_cmd_list(struct uath_softc *); 146 Static int uath_media_change(struct ifnet *); 147 Static void uath_stat(void *); 148 Static void uath_next_scan(void *); 149 Static void uath_task(void *); 150 Static int uath_newstate(struct ieee80211com *, enum ieee80211_state, 151 int); 152 #ifdef UATH_DEBUG 153 Static void uath_dump_cmd(const uint8_t *, int, char); 154 #endif 155 Static int uath_cmd(struct uath_softc *, uint32_t, const void *, int, 156 void *, int); 157 Static int uath_cmd_write(struct uath_softc *, uint32_t, const void *, 158 int, int); 159 Static int uath_cmd_read(struct uath_softc *, uint32_t, const void *, 160 int, void *, int); 161 Static int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 162 Static int uath_write_multi(struct uath_softc *, uint32_t, const void *, 163 int); 164 Static int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 165 Static int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 166 Static void uath_cmd_rxeof(usbd_xfer_handle, usbd_private_handle, 167 usbd_status); 168 Static void uath_data_rxeof(usbd_xfer_handle, usbd_private_handle, 169 usbd_status); 170 Static void uath_data_txeof(usbd_xfer_handle, usbd_private_handle, 171 usbd_status); 172 Static int uath_tx_null(struct uath_softc *); 173 Static int uath_tx_data(struct uath_softc *, struct mbuf *, 174 struct ieee80211_node *); 175 Static void uath_start(struct ifnet *); 176 Static void uath_watchdog(struct ifnet *); 177 Static int uath_ioctl(struct ifnet *, u_long, caddr_t); 178 Static int uath_query_eeprom(struct uath_softc *); 179 Static int uath_reset(struct uath_softc *); 180 Static int uath_reset_tx_queues(struct uath_softc *); 181 Static int uath_wme_init(struct uath_softc *); 182 Static int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 183 Static int uath_set_key(struct uath_softc *, 184 const struct ieee80211_wepkey *, int); 185 Static int uath_set_keys(struct uath_softc *); 186 Static int uath_set_rates(struct uath_softc *, 187 const struct ieee80211_rateset *); 188 Static int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 189 Static int uath_set_led(struct uath_softc *, int, int); 190 Static int uath_switch_channel(struct uath_softc *, 191 struct ieee80211_channel *); 192 Static int uath_init(struct ifnet *); 193 Static void uath_stop(struct ifnet *, int); 194 Static int uath_loadfirmware(struct uath_softc *, const u_char *, int); 195 Static int uath_activate(device_ptr_t, enum devact); 196 197 USB_DECLARE_DRIVER(uath); 198 199 USB_MATCH(uath) 200 { 201 USB_MATCH_START(uath, uaa); 202 203 if (uaa->iface != NULL) 204 return UMATCH_NONE; 205 206 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 207 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 208 } 209 210 Static void 211 uath_attachhook(void *xsc) 212 { 213 struct uath_softc *sc = xsc; 214 u_char *fw; 215 size_t size; 216 int error; 217 218 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 219 printf("%s: could not read firmware (error=%d)\n", 220 USBDEVNAME(sc->sc_dev), error); 221 return; 222 } 223 224 if ((error = uath_loadfirmware(sc, fw, size)) != 0) { 225 printf("%s: could not load firmware (error=%s)\n", 226 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 227 } 228 229 free(fw, M_DEVBUF); 230 } 231 232 USB_ATTACH(uath) 233 { 234 USB_ATTACH_START(uath, sc, uaa); 235 struct ieee80211com *ic = &sc->sc_ic; 236 struct ifnet *ifp = &ic->ic_if; 237 usbd_status error; 238 char *devinfop; 239 int i; 240 241 sc->sc_udev = uaa->device; 242 243 devinfop = usbd_devinfo_alloc(uaa->device, 0); 244 USB_ATTACH_SETUP; 245 printf("%s: %s\n", USBDEVNAME(sc->sc_dev), devinfop); 246 usbd_devinfo_free(devinfop); 247 248 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 249 250 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 251 printf("%s: could not set configuration no\n", 252 USBDEVNAME(sc->sc_dev)); 253 USB_ATTACH_ERROR_RETURN; 254 } 255 256 /* get the first interface handle */ 257 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 258 &sc->sc_iface); 259 if (error != 0) { 260 printf("%s: could not get interface handle\n", 261 USBDEVNAME(sc->sc_dev)); 262 USB_ATTACH_ERROR_RETURN; 263 } 264 265 /* 266 * We must open the pipes early because they're used to upload the 267 * firmware (pre-firmware devices) or to send firmware commands. 268 */ 269 if (uath_open_pipes(sc) != 0) { 270 printf("%s: could not open pipes\n", USBDEVNAME(sc->sc_dev)); 271 USB_ATTACH_ERROR_RETURN; 272 } 273 274 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 275 if (rootvp == NULL) 276 mountroothook_establish(uath_attachhook, sc); 277 else 278 uath_attachhook(sc); 279 USB_ATTACH_SUCCESS_RETURN; 280 } 281 282 /* 283 * Only post-firmware devices here. 284 */ 285 usb_init_task(&sc->sc_task, uath_task, sc); 286 timeout_set(&sc->scan_to, uath_next_scan, sc); 287 timeout_set(&sc->stat_to, uath_stat, sc); 288 289 /* 290 * Allocate xfers for firmware commands. 291 */ 292 if (uath_alloc_tx_cmd_list(sc) != 0) { 293 printf("%s: could not allocate Tx command list\n", 294 USBDEVNAME(sc->sc_dev)); 295 goto fail1; 296 } 297 if (uath_alloc_rx_cmd_list(sc) != 0) { 298 printf("%s: could not allocate Rx command list\n", 299 USBDEVNAME(sc->sc_dev)); 300 goto fail2; 301 } 302 303 /* 304 * Queue Rx command xfers. 305 */ 306 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 307 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 308 309 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 310 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 311 USBD_NO_TIMEOUT, uath_cmd_rxeof); 312 error = usbd_transfer(cmd->xfer); 313 if (error != USBD_IN_PROGRESS && error != 0) { 314 printf("%s: could not queue Rx command xfer\n", 315 USBDEVNAME(sc->sc_dev)); 316 goto fail3; 317 } 318 } 319 320 /* 321 * We're now ready to send/receive firmware commands. 322 */ 323 if (uath_reset(sc) != 0) { 324 printf("%s: could not initialize adapter\n", 325 USBDEVNAME(sc->sc_dev)); 326 goto fail3; 327 } 328 if (uath_query_eeprom(sc) != 0) { 329 printf("%s: could not read EEPROM\n", USBDEVNAME(sc->sc_dev)); 330 goto fail3; 331 } 332 333 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 334 USBDEVNAME(sc->sc_dev), (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 335 ether_sprintf(ic->ic_myaddr)); 336 337 /* 338 * Allocate xfers for Tx/Rx data pipes. 339 */ 340 if (uath_alloc_tx_data_list(sc) != 0) { 341 printf("%s: could not allocate Tx data list\n", 342 USBDEVNAME(sc->sc_dev)); 343 goto fail3; 344 } 345 if (uath_alloc_rx_data_list(sc) != 0) { 346 printf("%s: could not allocate Rx data list\n", 347 USBDEVNAME(sc->sc_dev)); 348 goto fail4; 349 } 350 351 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 352 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 353 ic->ic_state = IEEE80211_S_INIT; 354 355 /* set device capabilities */ 356 ic->ic_caps = 357 IEEE80211_C_TXPMGT | /* tx power management */ 358 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 359 IEEE80211_C_SHSLOT | /* short slot time supported */ 360 IEEE80211_C_WEP; /* h/w WEP */ 361 362 /* set supported .11b and .11g rates */ 363 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 364 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 365 366 /* set supported .11b and .11g channels (1 through 14) */ 367 for (i = 1; i <= 14; i++) { 368 ic->ic_channels[i].ic_freq = 369 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 370 ic->ic_channels[i].ic_flags = 371 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 372 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 373 } 374 375 ifp->if_softc = sc; 376 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 377 ifp->if_init = uath_init; 378 ifp->if_ioctl = uath_ioctl; 379 ifp->if_start = uath_start; 380 ifp->if_watchdog = uath_watchdog; 381 IFQ_SET_READY(&ifp->if_snd); 382 memcpy(ifp->if_xname, USBDEVNAME(sc->sc_dev), IFNAMSIZ); 383 384 if_attach(ifp); 385 ieee80211_ifattach(ifp); 386 387 /* override state transition machine */ 388 sc->sc_newstate = ic->ic_newstate; 389 ic->ic_newstate = uath_newstate; 390 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 391 392 #if NBPFILTER > 0 393 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 394 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 395 396 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 397 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 398 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 399 400 sc->sc_txtap_len = sizeof sc->sc_txtapu; 401 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 402 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 403 #endif 404 405 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, 406 USBDEV(sc->sc_dev)); 407 408 USB_ATTACH_SUCCESS_RETURN; 409 410 fail4: uath_free_tx_data_list(sc); 411 fail3: uath_free_rx_cmd_list(sc); 412 fail2: uath_free_tx_cmd_list(sc); 413 fail1: uath_close_pipes(sc); 414 415 USB_ATTACH_ERROR_RETURN; 416 } 417 418 USB_DETACH(uath) 419 { 420 USB_DETACH_START(uath, sc); 421 struct ifnet *ifp = &sc->sc_ic.ic_if; 422 int s; 423 424 s = splnet(); 425 426 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 427 uath_close_pipes(sc); 428 splx(s); 429 return 0; 430 } 431 432 /* post-firmware device */ 433 434 usb_rem_task(sc->sc_udev, &sc->sc_task); 435 timeout_del(&sc->scan_to); 436 timeout_del(&sc->stat_to); 437 438 ieee80211_ifdetach(ifp); /* free all nodes */ 439 if_detach(ifp); 440 441 sc->sc_dying = 1; 442 DPRINTF(("reclaiming %d references\n", sc->sc_refcnt)); 443 while (sc->sc_refcnt > 0) 444 (void)tsleep(UATH_COND_NOREF(sc), 0, "uathdet", 0); 445 DPRINTF(("all references reclaimed\n")); 446 447 /* abort and free xfers */ 448 uath_free_tx_data_list(sc); 449 uath_free_rx_data_list(sc); 450 uath_free_tx_cmd_list(sc); 451 uath_free_rx_cmd_list(sc); 452 453 /* close Tx/Rx pipes */ 454 uath_close_pipes(sc); 455 456 splx(s); 457 458 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, 459 USBDEV(sc->sc_dev)); 460 461 return 0; 462 } 463 464 Static int 465 uath_open_pipes(struct uath_softc *sc) 466 { 467 int error; 468 469 /* 470 * XXX pipes numbers are hardcoded because we don't have any way 471 * to distinguish the data pipes from the firmware command pipes 472 * (both are bulk pipes) using the endpoints descriptors. 473 */ 474 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 475 &sc->cmd_tx_pipe); 476 if (error != 0) { 477 printf("%s: could not open Tx command pipe: %s\n", 478 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 479 goto fail; 480 } 481 482 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 483 &sc->data_tx_pipe); 484 if (error != 0) { 485 printf("%s: could not open Tx data pipe: %s\n", 486 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 487 goto fail; 488 } 489 490 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 491 &sc->cmd_rx_pipe); 492 if (error != 0) { 493 printf("%s: could not open Rx command pipe: %s\n", 494 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 495 goto fail; 496 } 497 498 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 499 &sc->data_rx_pipe); 500 if (error != 0) { 501 printf("%s: could not open Rx data pipe: %s\n", 502 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 503 goto fail; 504 } 505 506 return 0; 507 508 fail: uath_close_pipes(sc); 509 return error; 510 } 511 512 Static void 513 uath_close_pipes(struct uath_softc *sc) 514 { 515 /* assumes no transfers are pending on the pipes */ 516 517 if (sc->data_tx_pipe != NULL) 518 usbd_close_pipe(sc->data_tx_pipe); 519 520 if (sc->data_rx_pipe != NULL) 521 usbd_close_pipe(sc->data_rx_pipe); 522 523 if (sc->cmd_tx_pipe != NULL) 524 usbd_close_pipe(sc->cmd_tx_pipe); 525 526 if (sc->cmd_rx_pipe != NULL) 527 usbd_close_pipe(sc->cmd_rx_pipe); 528 } 529 530 Static int 531 uath_alloc_tx_data_list(struct uath_softc *sc) 532 { 533 int i, error; 534 535 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 536 struct uath_tx_data *data = &sc->tx_data[i]; 537 538 data->sc = sc; /* backpointer for callbacks */ 539 540 data->xfer = usbd_alloc_xfer(sc->sc_udev); 541 if (data->xfer == NULL) { 542 printf("%s: could not allocate xfer\n", 543 USBDEVNAME(sc->sc_dev)); 544 error = ENOMEM; 545 goto fail; 546 } 547 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 548 if (data->buf == NULL) { 549 printf("%s: could not allocate xfer buffer\n", 550 USBDEVNAME(sc->sc_dev)); 551 error = ENOMEM; 552 goto fail; 553 } 554 } 555 return 0; 556 557 fail: uath_free_tx_data_list(sc); 558 return error; 559 } 560 561 Static void 562 uath_free_tx_data_list(struct uath_softc *sc) 563 { 564 int i; 565 566 /* make sure no transfers are pending */ 567 usbd_abort_pipe(sc->data_tx_pipe); 568 569 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 570 if (sc->tx_data[i].xfer != NULL) 571 usbd_free_xfer(sc->tx_data[i].xfer); 572 } 573 574 Static int 575 uath_alloc_rx_data_list(struct uath_softc *sc) 576 { 577 int i, error; 578 579 SLIST_INIT(&sc->rx_freelist); 580 for (i = 0; i < UATH_RX_DATA_POOL_COUNT; i++) { 581 struct uath_rx_data *data = &sc->rx_data[i]; 582 583 data->sc = sc; /* backpointer for callbacks */ 584 585 data->xfer = usbd_alloc_xfer(sc->sc_udev); 586 if (data->xfer == NULL) { 587 printf("%s: could not allocate xfer\n", 588 USBDEVNAME(sc->sc_dev)); 589 error = ENOMEM; 590 goto fail; 591 } 592 data->buf = usbd_alloc_buffer(data->xfer, sc->rxbufsz); 593 if (data->buf == NULL) { 594 printf("%s: could not allocate xfer buffer\n", 595 USBDEVNAME(sc->sc_dev)); 596 error = ENOMEM; 597 goto fail; 598 } 599 SLIST_INSERT_HEAD(&sc->rx_freelist, data, next); 600 } 601 return 0; 602 603 fail: uath_free_rx_data_list(sc); 604 return error; 605 } 606 607 Static void 608 uath_free_rx_data_list(struct uath_softc *sc) 609 { 610 int i; 611 612 /* make sure no transfers are pending */ 613 usbd_abort_pipe(sc->data_rx_pipe); 614 615 for (i = 0; i < UATH_RX_DATA_POOL_COUNT; i++) 616 if (sc->rx_data[i].xfer != NULL) 617 usbd_free_xfer(sc->rx_data[i].xfer); 618 } 619 620 Static void 621 uath_free_rx_data(caddr_t buf, u_int size, void *arg) 622 { 623 struct uath_rx_data *data = arg; 624 struct uath_softc *sc = data->sc; 625 626 /* put the buffer back in the free list */ 627 SLIST_INSERT_HEAD(&sc->rx_freelist, data, next); 628 629 /* release reference to softc */ 630 if (--sc->sc_refcnt == 0 && sc->sc_dying) 631 wakeup(UATH_COND_NOREF(sc)); 632 } 633 634 Static int 635 uath_alloc_tx_cmd_list(struct uath_softc *sc) 636 { 637 int i, error; 638 639 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 640 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 641 642 cmd->sc = sc; /* backpointer for callbacks */ 643 644 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 645 if (cmd->xfer == NULL) { 646 printf("%s: could not allocate xfer\n", 647 USBDEVNAME(sc->sc_dev)); 648 error = ENOMEM; 649 goto fail; 650 } 651 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 652 if (cmd->buf == NULL) { 653 printf("%s: could not allocate xfer buffer\n", 654 USBDEVNAME(sc->sc_dev)); 655 error = ENOMEM; 656 goto fail; 657 } 658 } 659 return 0; 660 661 fail: uath_free_tx_cmd_list(sc); 662 return error; 663 } 664 665 Static void 666 uath_free_tx_cmd_list(struct uath_softc *sc) 667 { 668 int i; 669 670 /* make sure no transfers are pending */ 671 usbd_abort_pipe(sc->cmd_tx_pipe); 672 673 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 674 if (sc->tx_cmd[i].xfer != NULL) 675 usbd_free_xfer(sc->tx_cmd[i].xfer); 676 } 677 678 Static int 679 uath_alloc_rx_cmd_list(struct uath_softc *sc) 680 { 681 int i, error; 682 683 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 684 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 685 686 cmd->sc = sc; /* backpointer for callbacks */ 687 688 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 689 if (cmd->xfer == NULL) { 690 printf("%s: could not allocate xfer\n", 691 USBDEVNAME(sc->sc_dev)); 692 error = ENOMEM; 693 goto fail; 694 } 695 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 696 if (cmd->buf == NULL) { 697 printf("%s: could not allocate xfer buffer\n", 698 USBDEVNAME(sc->sc_dev)); 699 error = ENOMEM; 700 goto fail; 701 } 702 } 703 return 0; 704 705 fail: uath_free_rx_cmd_list(sc); 706 return error; 707 } 708 709 Static void 710 uath_free_rx_cmd_list(struct uath_softc *sc) 711 { 712 int i; 713 714 /* make sure no transfers are pending */ 715 usbd_abort_pipe(sc->cmd_rx_pipe); 716 717 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 718 if (sc->rx_cmd[i].xfer != NULL) 719 usbd_free_xfer(sc->rx_cmd[i].xfer); 720 } 721 722 Static int 723 uath_media_change(struct ifnet *ifp) 724 { 725 int error; 726 727 error = ieee80211_media_change(ifp); 728 if (error != ENETRESET) 729 return error; 730 731 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 732 uath_init(ifp); 733 734 return 0; 735 } 736 737 /* 738 * This function is called periodically (every second) when associated to 739 * query device statistics. 740 */ 741 Static void 742 uath_stat(void *arg) 743 { 744 struct uath_softc *sc = arg; 745 int error; 746 747 /* 748 * Send request for statistics asynchronously. The timer will be 749 * restarted when we'll get the stats notification. 750 */ 751 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 752 UATH_CMD_FLAG_ASYNC); 753 if (error != 0) { 754 printf("%s: could not query statistics (error=%d)\n", 755 USBDEVNAME(sc->sc_dev), error); 756 } 757 } 758 759 /* 760 * This function is called periodically (every 250ms) during scanning to 761 * switch from one channel to another. 762 */ 763 Static void 764 uath_next_scan(void *arg) 765 { 766 struct uath_softc *sc = arg; 767 struct ieee80211com *ic = &sc->sc_ic; 768 struct ifnet *ifp = &ic->ic_if; 769 770 if (ic->ic_state == IEEE80211_S_SCAN) 771 ieee80211_next_scan(ifp); 772 } 773 774 Static void 775 uath_task(void *arg) 776 { 777 struct uath_softc *sc = arg; 778 struct ieee80211com *ic = &sc->sc_ic; 779 enum ieee80211_state ostate; 780 781 ostate = ic->ic_state; 782 783 switch (sc->sc_state) { 784 case IEEE80211_S_INIT: 785 if (ostate == IEEE80211_S_RUN) { 786 /* turn link and activity LEDs off */ 787 (void)uath_set_led(sc, UATH_LED_LINK, 0); 788 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 789 } 790 break; 791 792 case IEEE80211_S_SCAN: 793 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 794 printf("%s: could not switch channel\n", 795 USBDEVNAME(sc->sc_dev)); 796 break; 797 } 798 timeout_add(&sc->scan_to, hz / 4); 799 break; 800 801 case IEEE80211_S_AUTH: 802 { 803 struct ieee80211_node *ni = ic->ic_bss; 804 struct uath_cmd_bssid bssid; 805 struct uath_cmd_0b cmd0b; 806 struct uath_cmd_0c cmd0c; 807 808 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 809 printf("%s: could not switch channel\n", 810 USBDEVNAME(sc->sc_dev)); 811 break; 812 } 813 814 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 815 816 bzero(&bssid, sizeof bssid); 817 bssid.len = htobe32(IEEE80211_ADDR_LEN); 818 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 819 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 820 sizeof bssid, 0); 821 822 bzero(&cmd0b, sizeof cmd0b); 823 cmd0b.code = htobe32(2); 824 cmd0b.size = htobe32(sizeof (cmd0b.data)); 825 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 826 827 bzero(&cmd0c, sizeof cmd0c); 828 cmd0c.magic1 = htobe32(2); 829 cmd0c.magic2 = htobe32(7); 830 cmd0c.magic3 = htobe32(1); 831 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 832 833 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 834 printf("%s: could not set negotiated rate set\n", 835 USBDEVNAME(sc->sc_dev)); 836 break; 837 } 838 break; 839 } 840 841 case IEEE80211_S_ASSOC: 842 break; 843 844 case IEEE80211_S_RUN: 845 { 846 struct ieee80211_node *ni = ic->ic_bss; 847 struct uath_cmd_bssid bssid; 848 struct uath_cmd_xled xled; 849 uint32_t val; 850 851 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 852 /* make both LEDs blink while monitoring */ 853 bzero(&xled, sizeof xled); 854 xled.which = htobe32(0); 855 xled.rate = htobe32(1); 856 xled.mode = htobe32(2); 857 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 858 sizeof xled, 0); 859 break; 860 } 861 862 /* 863 * Tx rate is controlled by firmware, report the maximum 864 * negotiated rate in ifconfig output. 865 */ 866 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 867 868 val = htobe32(1); 869 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 870 871 bzero(&bssid, sizeof bssid); 872 bssid.flags1 = htobe32(0xc004); 873 bssid.flags2 = htobe32(0x003b); 874 bssid.len = htobe32(IEEE80211_ADDR_LEN); 875 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 876 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 877 sizeof bssid, 0); 878 879 /* turn link LED on */ 880 (void)uath_set_led(sc, UATH_LED_LINK, 1); 881 882 /* make activity LED blink */ 883 bzero(&xled, sizeof xled); 884 xled.which = htobe32(1); 885 xled.rate = htobe32(1); 886 xled.mode = htobe32(2); 887 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 888 0); 889 890 /* set state to associated */ 891 val = htobe32(1); 892 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 893 0); 894 895 /* start statistics timer */ 896 timeout_add(&sc->stat_to, hz); 897 break; 898 } 899 } 900 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 901 } 902 903 Static int 904 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 905 { 906 struct uath_softc *sc = ic->ic_softc; 907 908 usb_rem_task(sc->sc_udev, &sc->sc_task); 909 timeout_del(&sc->scan_to); 910 timeout_del(&sc->stat_to); 911 912 /* do it in a process context */ 913 sc->sc_state = nstate; 914 sc->sc_arg = arg; 915 usb_add_task(sc->sc_udev, &sc->sc_task); 916 917 return 0; 918 } 919 920 #ifdef UATH_DEBUG 921 Static void 922 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 923 { 924 int i; 925 926 for (i = 0; i < len; i++) { 927 if ((i % 16) == 0) 928 printf("\n%c ", prefix); 929 else if ((i % 4) == 0) 930 printf(" "); 931 printf("%02x", buf[i]); 932 } 933 printf("\n"); 934 } 935 #endif 936 937 /* 938 * Low-level function to send read or write commands to the firmware. 939 */ 940 Static int 941 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 942 void *odata, int flags) 943 { 944 struct uath_cmd_hdr *hdr; 945 struct uath_tx_cmd *cmd; 946 uint16_t xferflags; 947 int s, xferlen, error; 948 949 /* grab a xfer */ 950 cmd = &sc->tx_cmd[sc->cmd_idx]; 951 952 /* always bulk-out a multiple of 4 bytes */ 953 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 954 955 hdr = (struct uath_cmd_hdr *)cmd->buf; 956 bzero(hdr, sizeof (struct uath_cmd_hdr)); 957 hdr->len = htobe32(xferlen); 958 hdr->code = htobe32(code); 959 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 960 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 961 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 962 963 #ifdef UATH_DEBUG 964 if (uath_debug >= 5) { 965 printf("sending command code=0x%02x flags=0x%x index=%u", 966 code, flags, sc->cmd_idx); 967 uath_dump_cmd(cmd->buf, xferlen, '+'); 968 } 969 #endif 970 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 971 if (!(flags & UATH_CMD_FLAG_READ)) { 972 if (!(flags & UATH_CMD_FLAG_ASYNC)) 973 xferflags |= USBD_SYNCHRONOUS; 974 } else 975 s = splusb(); 976 977 cmd->odata = odata; 978 979 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 980 xferflags, UATH_CMD_TIMEOUT, NULL); 981 error = usbd_transfer(cmd->xfer); 982 if (error != USBD_IN_PROGRESS && error != 0) { 983 if (flags & UATH_CMD_FLAG_READ) 984 splx(s); 985 printf("%s: could not send command (error=%s)\n", 986 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 987 return error; 988 } 989 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 990 991 if (!(flags & UATH_CMD_FLAG_READ)) 992 return 0; /* write: don't wait for reply */ 993 994 /* wait at most two seconds for command reply */ 995 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 996 cmd->odata = NULL; /* in case answer is received too late */ 997 splx(s); 998 if (error != 0) { 999 printf("%s: timeout waiting for command reply\n", 1000 USBDEVNAME(sc->sc_dev)); 1001 } 1002 return error; 1003 } 1004 1005 Static int 1006 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1007 int flags) 1008 { 1009 flags &= ~UATH_CMD_FLAG_READ; 1010 return uath_cmd(sc, code, data, len, NULL, flags); 1011 } 1012 1013 Static int 1014 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1015 int ilen, void *odata, int flags) 1016 { 1017 flags |= UATH_CMD_FLAG_READ; 1018 return uath_cmd(sc, code, idata, ilen, odata, flags); 1019 } 1020 1021 Static int 1022 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1023 { 1024 struct uath_write_mac write; 1025 int error; 1026 1027 write.reg = htobe32(reg); 1028 write.len = htobe32(0); /* 0 = single write */ 1029 *(uint32_t *)write.data = htobe32(val); 1030 1031 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1032 3 * sizeof (uint32_t), 0); 1033 if (error != 0) { 1034 printf("%s: could not write register 0x%02x\n", 1035 USBDEVNAME(sc->sc_dev), reg); 1036 } 1037 return error; 1038 } 1039 1040 Static int 1041 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1042 int len) 1043 { 1044 struct uath_write_mac write; 1045 int error; 1046 1047 write.reg = htobe32(reg); 1048 write.len = htobe32(len); 1049 bcopy(data, write.data, len); 1050 1051 /* properly handle the case where len is zero (reset) */ 1052 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1053 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1054 if (error != 0) { 1055 printf("%s: could not write %d bytes to register 0x%02x\n", 1056 USBDEVNAME(sc->sc_dev), len, reg); 1057 } 1058 return error; 1059 } 1060 1061 Static int 1062 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1063 { 1064 struct uath_read_mac read; 1065 int error; 1066 1067 reg = htobe32(reg); 1068 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1069 0); 1070 if (error != 0) { 1071 printf("%s: could not read register 0x%02x\n", 1072 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1073 return error; 1074 } 1075 *val = betoh32(*(uint32_t *)read.data); 1076 return error; 1077 } 1078 1079 Static int 1080 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1081 { 1082 struct uath_read_mac read; 1083 int len, error; 1084 1085 reg = htobe32(reg); 1086 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1087 &read, 0); 1088 if (error != 0) { 1089 printf("%s: could not read EEPROM offset 0x%02x\n", 1090 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1091 return error; 1092 } 1093 len = betoh32(read.len); 1094 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1095 return error; 1096 } 1097 1098 Static void 1099 uath_cmd_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1100 usbd_status status) 1101 { 1102 struct uath_rx_cmd *cmd = priv; 1103 struct uath_softc *sc = cmd->sc; 1104 struct uath_cmd_hdr *hdr; 1105 1106 if (status != USBD_NORMAL_COMPLETION) { 1107 if (status == USBD_STALLED) 1108 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1109 return; 1110 } 1111 1112 hdr = (struct uath_cmd_hdr *)cmd->buf; 1113 1114 #ifdef UATH_DEBUG 1115 if (uath_debug >= 5) { 1116 printf("received command code=0x%x index=%u len=%u", 1117 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1118 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1119 } 1120 #endif 1121 1122 switch (betoh32(hdr->code) & 0xff) { 1123 /* reply to a read command */ 1124 default: 1125 { 1126 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1127 1128 if (txcmd->odata != NULL) { 1129 /* copy answer into caller's supplied buffer */ 1130 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1131 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1132 } 1133 wakeup(txcmd); /* wake up caller */ 1134 break; 1135 } 1136 /* spontaneous firmware notifications */ 1137 case UATH_NOTIF_READY: 1138 DPRINTF(("received device ready notification\n")); 1139 wakeup(UATH_COND_INIT(sc)); 1140 break; 1141 1142 case UATH_NOTIF_TX: 1143 /* this notification is sent when UATH_TX_NOTIFY is set */ 1144 DPRINTF(("received Tx notification\n")); 1145 break; 1146 1147 case UATH_NOTIF_STATS: 1148 DPRINTFN(2, ("received device statistics\n")); 1149 timeout_add(&sc->stat_to, hz); 1150 break; 1151 } 1152 1153 /* setup a new transfer */ 1154 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1155 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1156 uath_cmd_rxeof); 1157 (void)usbd_transfer(xfer); 1158 } 1159 1160 Static void 1161 uath_data_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1162 usbd_status status) 1163 { 1164 struct uath_rx_data *data = priv; 1165 struct uath_softc *sc = data->sc; 1166 struct ieee80211com *ic = &sc->sc_ic; 1167 struct ifnet *ifp = &ic->ic_if; 1168 struct ieee80211_frame *wh; 1169 struct ieee80211_node *ni; 1170 struct uath_rx_data *ndata; 1171 struct uath_rx_desc *desc; 1172 struct mbuf *m; 1173 uint32_t hdr; 1174 int s, len; 1175 1176 if (status != USBD_NORMAL_COMPLETION) { 1177 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1178 return; 1179 1180 if (status == USBD_STALLED) 1181 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1182 1183 ifp->if_ierrors++; 1184 return; 1185 } 1186 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1187 1188 if (len < UATH_MIN_RXBUFSZ) { 1189 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1190 ifp->if_ierrors++; 1191 goto skip; 1192 } 1193 1194 hdr = betoh32(*(uint32_t *)data->buf); 1195 1196 /* Rx descriptor is located at the end, 32-bit aligned */ 1197 desc = (struct uath_rx_desc *) 1198 (data->buf + len - sizeof (struct uath_rx_desc)); 1199 1200 if (betoh32(desc->len) > sc->rxbufsz) { 1201 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1202 ifp->if_ierrors++; 1203 goto skip; 1204 } 1205 1206 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1207 1208 MGETHDR(m, M_DONTWAIT, MT_DATA); 1209 if (m == NULL) { 1210 ifp->if_ierrors++; 1211 goto skip; 1212 } 1213 1214 /* grab a new Rx buffer */ 1215 ndata = SLIST_FIRST(&sc->rx_freelist); 1216 if (ndata == NULL) { 1217 printf("%s: could not allocate Rx buffer\n", 1218 USBDEVNAME(sc->sc_dev)); 1219 m_freem(m); 1220 ifp->if_ierrors++; 1221 goto skip; 1222 } 1223 SLIST_REMOVE_HEAD(&sc->rx_freelist, next); 1224 1225 MEXTADD(m, data->buf, sc->rxbufsz, 0, uath_free_rx_data, data); 1226 1227 /* finalize mbuf */ 1228 m->m_pkthdr.rcvif = ifp; 1229 m->m_data = data->buf + sizeof (uint32_t); 1230 m->m_pkthdr.len = m->m_len = 1231 betoh32(desc->len) - sizeof (struct uath_rx_desc); 1232 1233 data = ndata; 1234 1235 wh = mtod(m, struct ieee80211_frame *); 1236 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1237 ic->ic_opmode != IEEE80211_M_MONITOR) { 1238 /* 1239 * Hardware decrypts the frame itself but leaves the WEP bit 1240 * set in the 802.11 header and doesn't remove the IV and CRC 1241 * fields. 1242 */ 1243 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1244 ovbcopy(wh, (caddr_t)wh + IEEE80211_WEP_IVLEN + 1245 IEEE80211_WEP_KIDLEN, sizeof (struct ieee80211_frame)); 1246 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1247 m_adj(m, -IEEE80211_WEP_CRCLEN); 1248 wh = mtod(m, struct ieee80211_frame *); 1249 } 1250 1251 #if NBPFILTER > 0 1252 /* there are a lot more fields in the Rx descriptor */ 1253 if (sc->sc_drvbpf != NULL) { 1254 struct mbuf mb; 1255 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1256 1257 tap->wr_flags = 0; 1258 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1259 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1260 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1261 1262 M_DUP_PKTHDR(&mb, m); 1263 mb.m_data = (caddr_t)tap; 1264 mb.m_len = sc->sc_rxtap_len; 1265 mb.m_next = m; 1266 mb.m_pkthdr.len += mb.m_len; 1267 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1268 } 1269 #endif 1270 1271 s = splnet(); 1272 sc->sc_refcnt++; 1273 ni = ieee80211_find_rxnode(ic, wh); 1274 ieee80211_input(ifp, m, ni, (int)betoh32(desc->rssi), 0); 1275 1276 /* node is no longer needed */ 1277 ieee80211_release_node(ic, ni); 1278 splx(s); 1279 1280 skip: /* setup a new transfer */ 1281 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1282 sc->rxbufsz, USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1283 uath_data_rxeof); 1284 (void)usbd_transfer(data->xfer); 1285 } 1286 1287 Static int 1288 uath_tx_null(struct uath_softc *sc) 1289 { 1290 struct uath_tx_data *data; 1291 struct uath_tx_desc *desc; 1292 1293 data = &sc->tx_data[sc->data_idx]; 1294 1295 data->ni = NULL; 1296 1297 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1298 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1299 1300 bzero(desc, sizeof (struct uath_tx_desc)); 1301 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1302 desc->type = htobe32(UATH_TX_NULL); 1303 1304 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1305 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1306 USBD_FORCE_SHORT_XFER, UATH_DATA_TIMEOUT, NULL); 1307 if (usbd_sync_transfer(data->xfer) != 0) 1308 return EIO; 1309 1310 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1311 1312 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1313 } 1314 1315 Static void 1316 uath_data_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1317 usbd_status status) 1318 { 1319 struct uath_tx_data *data = priv; 1320 struct uath_softc *sc = data->sc; 1321 struct ieee80211com *ic = &sc->sc_ic; 1322 struct ifnet *ifp = &ic->ic_if; 1323 int s; 1324 1325 if (status != USBD_NORMAL_COMPLETION) { 1326 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1327 return; 1328 1329 printf("%s: could not transmit buffer: %s\n", 1330 USBDEVNAME(sc->sc_dev), usbd_errstr(status)); 1331 1332 if (status == USBD_STALLED) 1333 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1334 1335 ifp->if_oerrors++; 1336 return; 1337 } 1338 1339 s = splnet(); 1340 1341 ieee80211_release_node(ic, data->ni); 1342 data->ni = NULL; 1343 1344 sc->tx_queued--; 1345 ifp->if_opackets++; 1346 1347 sc->sc_tx_timer = 0; 1348 ifp->if_flags &= ~IFF_OACTIVE; 1349 uath_start(ifp); 1350 1351 splx(s); 1352 } 1353 1354 Static int 1355 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1356 { 1357 struct ieee80211com *ic = &sc->sc_ic; 1358 struct uath_tx_data *data; 1359 struct uath_tx_desc *desc; 1360 const struct ieee80211_frame *wh; 1361 int paylen, totlen, xferlen, error; 1362 1363 data = &sc->tx_data[sc->data_idx]; 1364 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1365 1366 data->ni = ni; 1367 1368 #if NBPFILTER > 0 1369 if (sc->sc_drvbpf != NULL) { 1370 struct mbuf mb; 1371 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1372 1373 tap->wt_flags = 0; 1374 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1375 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1376 1377 M_DUP_PKTHDR(&mb, m0); 1378 mb.m_data = (caddr_t)tap; 1379 mb.m_len = sc->sc_txtap_len; 1380 mb.m_next = m0; 1381 mb.m_pkthdr.len += mb.m_len; 1382 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1383 } 1384 #endif 1385 1386 paylen = m0->m_pkthdr.len; 1387 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1388 1389 wh = mtod(m0, struct ieee80211_frame *); 1390 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1391 uint8_t *frm = (uint8_t *)(desc + 1); 1392 uint32_t iv; 1393 1394 /* h/w WEP: it's up to the host to fill the IV field */ 1395 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1396 frm += sizeof (struct ieee80211_frame); 1397 1398 /* insert IV: code copied from net80211 */ 1399 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1400 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1401 iv += 0x000100; 1402 ic->ic_iv = iv + 1; 1403 1404 *frm++ = iv & 0xff; 1405 *frm++ = (iv >> 8) & 0xff; 1406 *frm++ = (iv >> 16) & 0xff; 1407 *frm++ = ic->ic_wep_txkey << 6; 1408 1409 m_copydata(m0, sizeof (struct ieee80211_frame), 1410 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1411 1412 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1413 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1414 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1415 } else { 1416 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1417 totlen = xferlen; 1418 } 1419 1420 /* fill Tx descriptor */ 1421 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1422 1423 desc->len = htobe32(totlen); 1424 desc->priv = sc->data_idx; /* don't care about endianness */ 1425 desc->paylen = htobe32(paylen); 1426 desc->type = htobe32(UATH_TX_DATA); 1427 desc->flags = htobe32(0); 1428 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1429 desc->dest = htobe32(UATH_ID_BROADCAST); 1430 desc->magic = htobe32(3); 1431 } else { 1432 desc->dest = htobe32(UATH_ID_BSS); 1433 desc->magic = htobe32(1); 1434 } 1435 1436 m_freem(m0); /* mbuf is no longer needed */ 1437 1438 #ifdef UATH_DEBUG 1439 if (uath_debug >= 6) { 1440 printf("sending frame index=%u len=%d xferlen=%d", 1441 sc->data_idx, paylen, xferlen); 1442 uath_dump_cmd(data->buf, xferlen, '+'); 1443 } 1444 #endif 1445 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1446 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1447 uath_data_txeof); 1448 error = usbd_transfer(data->xfer); 1449 if (error != USBD_IN_PROGRESS && error != 0) { 1450 ic->ic_if.if_oerrors++; 1451 return error; 1452 } 1453 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1454 sc->tx_queued++; 1455 1456 return 0; 1457 } 1458 1459 Static void 1460 uath_start(struct ifnet *ifp) 1461 { 1462 struct uath_softc *sc = ifp->if_softc; 1463 struct ieee80211com *ic = &sc->sc_ic; 1464 struct ieee80211_node *ni; 1465 struct mbuf *m0; 1466 1467 /* 1468 * net80211 may still try to send management frames even if the 1469 * IFF_RUNNING flag is not set... 1470 */ 1471 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1472 return; 1473 1474 for (;;) { 1475 IF_POLL(&ic->ic_mgtq, m0); 1476 if (m0 != NULL) { 1477 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1478 ifp->if_flags |= IFF_OACTIVE; 1479 break; 1480 } 1481 IF_DEQUEUE(&ic->ic_mgtq, m0); 1482 1483 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1484 m0->m_pkthdr.rcvif = NULL; 1485 #if NBPFILTER > 0 1486 if (ic->ic_rawbpf != NULL) 1487 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1488 #endif 1489 if (uath_tx_data(sc, m0, ni) != 0) 1490 break; 1491 } else { 1492 if (ic->ic_state != IEEE80211_S_RUN) 1493 break; 1494 IFQ_POLL(&ifp->if_snd, m0); 1495 if (m0 == NULL) 1496 break; 1497 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1498 ifp->if_flags |= IFF_OACTIVE; 1499 break; 1500 } 1501 IFQ_DEQUEUE(&ifp->if_snd, m0); 1502 #if NBPFILTER > 0 1503 if (ifp->if_bpf != NULL) 1504 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1505 #endif 1506 m0 = ieee80211_encap(ifp, m0, &ni); 1507 if (m0 == NULL) 1508 continue; 1509 #if NBPFILTER > 0 1510 if (ic->ic_rawbpf != NULL) 1511 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1512 #endif 1513 if (uath_tx_data(sc, m0, ni) != 0) { 1514 if (ni != NULL) 1515 ieee80211_release_node(ic, ni); 1516 ifp->if_oerrors++; 1517 break; 1518 } 1519 } 1520 1521 sc->sc_tx_timer = 5; 1522 ifp->if_timer = 1; 1523 } 1524 } 1525 1526 Static void 1527 uath_watchdog(struct ifnet *ifp) 1528 { 1529 struct uath_softc *sc = ifp->if_softc; 1530 1531 ifp->if_timer = 0; 1532 1533 if (sc->sc_tx_timer > 0) { 1534 if (--sc->sc_tx_timer == 0) { 1535 printf("%s: device timeout\n", USBDEVNAME(sc->sc_dev)); 1536 /*uath_init(ifp); XXX needs a process context! */ 1537 ifp->if_oerrors++; 1538 return; 1539 } 1540 ifp->if_timer = 1; 1541 } 1542 1543 ieee80211_watchdog(ifp); 1544 } 1545 1546 Static int 1547 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1548 { 1549 struct uath_softc *sc = ifp->if_softc; 1550 struct ieee80211com *ic = &sc->sc_ic; 1551 struct ifaddr *ifa; 1552 struct ifreq *ifr; 1553 int s, error = 0; 1554 1555 s = splnet(); 1556 1557 switch (cmd) { 1558 case SIOCSIFADDR: 1559 ifa = (struct ifaddr *)data; 1560 ifp->if_flags |= IFF_UP; 1561 #ifdef INET 1562 if (ifa->ifa_addr->sa_family == AF_INET) 1563 arp_ifinit(&ic->ic_ac, ifa); 1564 #endif 1565 /* FALLTHROUGH */ 1566 case SIOCSIFFLAGS: 1567 if (ifp->if_flags & IFF_UP) { 1568 if (!(ifp->if_flags & IFF_RUNNING)) 1569 uath_init(ifp); 1570 } else { 1571 if (ifp->if_flags & IFF_RUNNING) 1572 uath_stop(ifp, 1); 1573 } 1574 break; 1575 1576 case SIOCADDMULTI: 1577 case SIOCDELMULTI: 1578 ifr = (struct ifreq *)data; 1579 error = (cmd == SIOCADDMULTI) ? 1580 ether_addmulti(ifr, &ic->ic_ac) : 1581 ether_delmulti(ifr, &ic->ic_ac); 1582 if (error == ENETRESET) 1583 error = 0; 1584 break; 1585 1586 default: 1587 error = ieee80211_ioctl(ifp, cmd, data); 1588 } 1589 1590 if (error == ENETRESET) { 1591 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1592 (IFF_UP | IFF_RUNNING)) 1593 uath_init(ifp); 1594 error = 0; 1595 } 1596 1597 splx(s); 1598 1599 return error; 1600 } 1601 1602 Static int 1603 uath_query_eeprom(struct uath_softc *sc) 1604 { 1605 uint32_t tmp; 1606 int error; 1607 1608 /* retrieve MAC address */ 1609 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1610 if (error != 0) { 1611 printf("%s: could not read MAC address\n", 1612 USBDEVNAME(sc->sc_dev)); 1613 return error; 1614 } 1615 1616 /* retrieve the maximum frame size that the hardware can receive */ 1617 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1618 if (error != 0) { 1619 printf("%s: could not read maximum Rx buffer size\n", 1620 USBDEVNAME(sc->sc_dev)); 1621 return error; 1622 } 1623 sc->rxbufsz = betoh32(tmp) & 0xfff; 1624 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1625 return 0; 1626 } 1627 1628 Static int 1629 uath_reset(struct uath_softc *sc) 1630 { 1631 struct uath_cmd_setup setup; 1632 uint32_t reg, val; 1633 int s, error; 1634 1635 /* init device with some voodoo incantations.. */ 1636 setup.magic1 = htobe32(1); 1637 setup.magic2 = htobe32(5); 1638 setup.magic3 = htobe32(200); 1639 setup.magic4 = htobe32(27); 1640 s = splusb(); 1641 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1642 UATH_CMD_FLAG_ASYNC); 1643 /* ..and wait until firmware notifies us that it is ready */ 1644 if (error == 0) 1645 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1646 splx(s); 1647 if (error != 0) 1648 return error; 1649 1650 /* read PHY registers */ 1651 for (reg = 0x09; reg <= 0x24; reg++) { 1652 if (reg == 0x0b || reg == 0x0c) 1653 continue; 1654 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1655 return error; 1656 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1657 } 1658 return error; 1659 } 1660 1661 Static int 1662 uath_reset_tx_queues(struct uath_softc *sc) 1663 { 1664 int ac, error; 1665 1666 for (ac = 0; ac < 4; ac++) { 1667 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1668 1669 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1670 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1671 sizeof qid, 0); 1672 if (error != 0) 1673 break; 1674 } 1675 return error; 1676 } 1677 1678 Static int 1679 uath_wme_init(struct uath_softc *sc) 1680 { 1681 struct uath_qinfo qinfo; 1682 int ac, error; 1683 static const struct uath_wme_settings uath_wme_11g[4] = { 1684 { 7, 4, 10, 0, 0 }, /* Background */ 1685 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1686 { 3, 3, 4, 26, 0 }, /* Video */ 1687 { 2, 2, 3, 47, 0 } /* Voice */ 1688 }; 1689 1690 bzero(&qinfo, sizeof qinfo); 1691 qinfo.size = htobe32(32); 1692 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1693 qinfo.magic2 = htobe32(1); 1694 for (ac = 0; ac < 4; ac++) { 1695 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1696 qinfo.ac = htobe32(ac); 1697 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1698 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1699 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1700 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1701 uath_wme_11g[ac].txop)); 1702 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1703 1704 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1705 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1706 sizeof qinfo, 0); 1707 if (error != 0) 1708 break; 1709 } 1710 return error; 1711 } 1712 1713 Static int 1714 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1715 { 1716 struct uath_set_chan chan; 1717 1718 bzero(&chan, sizeof chan); 1719 chan.flags = htobe32(0x1400); 1720 chan.freq = htobe32(c->ic_freq); 1721 chan.magic1 = htobe32(20); 1722 chan.magic2 = htobe32(50); 1723 chan.magic3 = htobe32(1); 1724 1725 DPRINTF(("switching to channel %d\n", 1726 ieee80211_chan2ieee(&sc->sc_ic, c))); 1727 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1728 } 1729 1730 Static int 1731 uath_set_key(struct uath_softc *sc, const struct ieee80211_wepkey *wk, 1732 int index) 1733 { 1734 struct uath_cmd_crypto crypto; 1735 int i; 1736 1737 bzero(&crypto, sizeof crypto); 1738 crypto.keyidx = htobe32(index); 1739 crypto.magic1 = htobe32(1); 1740 crypto.size = htobe32(368); 1741 crypto.mask = htobe32(0xffff); 1742 crypto.flags = htobe32(0x80000068); 1743 if (index != UATH_DEFAULT_KEY) 1744 crypto.flags |= htobe32(index << 16); 1745 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1746 1747 /* 1748 * Each byte of the key must be XOR'ed with 10101010 before being 1749 * transmitted to the firmware. 1750 */ 1751 for (i = 0; i < wk->wk_len; i++) 1752 crypto.key[i] = wk->wk_key[i] ^ 0xaa; 1753 1754 DPRINTF(("setting crypto key index=%d len=%d\n", index, wk->wk_len)); 1755 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1756 } 1757 1758 Static int 1759 uath_set_keys(struct uath_softc *sc) 1760 { 1761 const struct ieee80211com *ic = &sc->sc_ic; 1762 int i, error; 1763 1764 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1765 const struct ieee80211_wepkey *wk = &ic->ic_nw_keys[i]; 1766 1767 if (wk->wk_len > 0 && 1768 (error = uath_set_key(sc, wk, i)) != 0) 1769 return error; 1770 } 1771 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1772 UATH_DEFAULT_KEY); 1773 } 1774 1775 Static int 1776 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1777 { 1778 struct uath_cmd_rates rates; 1779 1780 bzero(&rates, sizeof rates); 1781 rates.magic1 = htobe32(0x02); 1782 rates.size = htobe32(1 + sizeof rates.rates); 1783 rates.nrates = rs->rs_nrates; 1784 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1785 1786 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1787 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1788 } 1789 1790 Static int 1791 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1792 { 1793 struct uath_cmd_filter rxfilter; 1794 1795 rxfilter.filter = htobe32(filter); 1796 rxfilter.flags = htobe32(flags); 1797 1798 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1799 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1800 sizeof rxfilter, 0); 1801 } 1802 1803 Static int 1804 uath_set_led(struct uath_softc *sc, int which, int on) 1805 { 1806 struct uath_cmd_led led; 1807 1808 led.which = htobe32(which); 1809 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1810 1811 DPRINTFN(2, ("switching %s led %s\n", 1812 (which == UATH_LED_LINK) ? "link" : "activity", 1813 on ? "on" : "off")); 1814 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1815 } 1816 1817 Static int 1818 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1819 { 1820 uint32_t val; 1821 int error; 1822 1823 /* set radio frequency */ 1824 if ((error = uath_set_chan(sc, c)) != 0) { 1825 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1826 return error; 1827 } 1828 1829 /* reset Tx rings */ 1830 if ((error = uath_reset_tx_queues(sc)) != 0) { 1831 printf("%s: could not reset Tx queues\n", 1832 USBDEVNAME(sc->sc_dev)); 1833 return error; 1834 } 1835 1836 /* set Tx rings WME properties */ 1837 if ((error = uath_wme_init(sc)) != 0) { 1838 printf("%s: could not init Tx queues\n", 1839 USBDEVNAME(sc->sc_dev)); 1840 return error; 1841 } 1842 1843 val = htobe32(0); 1844 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1845 if (error != 0) { 1846 printf("%s: could not set state\n", USBDEVNAME(sc->sc_dev)); 1847 return error; 1848 } 1849 1850 return uath_tx_null(sc); 1851 } 1852 1853 Static int 1854 uath_init(struct ifnet *ifp) 1855 { 1856 struct uath_softc *sc = ifp->if_softc; 1857 struct ieee80211com *ic = &sc->sc_ic; 1858 struct uath_cmd_31 cmd31; 1859 uint32_t val; 1860 int i, error; 1861 1862 /* reset data and command rings */ 1863 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1864 1865 val = htobe32(0); 1866 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1867 1868 /* set MAC address */ 1869 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1870 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1871 1872 (void)uath_write_reg(sc, 0x02, 0x00000001); 1873 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1874 (void)uath_write_reg(sc, 0x10, 0x00000001); 1875 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1876 1877 /* 1878 * Queue Rx data xfers. 1879 */ 1880 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1881 struct uath_rx_data *data = SLIST_FIRST(&sc->rx_freelist); 1882 1883 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1884 sc->rxbufsz, USBD_SHORT_XFER_OK | USBD_NO_COPY, 1885 USBD_NO_TIMEOUT, uath_data_rxeof); 1886 error = usbd_transfer(data->xfer); 1887 if (error != USBD_IN_PROGRESS && error != 0) { 1888 printf("%s: could not queue Rx transfer\n", 1889 USBDEVNAME(sc->sc_dev)); 1890 goto fail; 1891 } 1892 SLIST_REMOVE_HEAD(&sc->rx_freelist, next); 1893 } 1894 1895 error = uath_cmd_read(sc, UATH_CMD_07, 0, NULL, &val, 1896 UATH_CMD_FLAG_MAGIC); 1897 if (error != 0) { 1898 printf("%s: could not send read command 07h\n", 1899 USBDEVNAME(sc->sc_dev)); 1900 goto fail; 1901 } 1902 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1903 1904 /* set default channel */ 1905 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1906 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1907 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1908 goto fail; 1909 } 1910 1911 if ((error = uath_wme_init(sc)) != 0) { 1912 printf("%s: could not setup WME parameters\n", 1913 USBDEVNAME(sc->sc_dev)); 1914 goto fail; 1915 } 1916 1917 /* init MAC registers */ 1918 (void)uath_write_reg(sc, 0x19, 0x00000000); 1919 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1920 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1921 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1922 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1923 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1924 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1925 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1926 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1927 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1928 1929 val = htobe32(4); 1930 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1931 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1932 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1933 1934 if ((error = uath_set_keys(sc)) != 0) { 1935 printf("%s: could not set crypto keys\n", 1936 USBDEVNAME(sc->sc_dev)); 1937 goto fail; 1938 } 1939 1940 /* enable Rx */ 1941 (void)uath_set_rxfilter(sc, 0x0000, 4); 1942 (void)uath_set_rxfilter(sc, 0x0817, 1); 1943 1944 cmd31.magic1 = htobe32(0xffffffff); 1945 cmd31.magic2 = htobe32(0xffffffff); 1946 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1947 1948 ifp->if_flags &= ~IFF_OACTIVE; 1949 ifp->if_flags |= IFF_RUNNING; 1950 1951 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1952 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1953 else 1954 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1955 1956 return 0; 1957 1958 fail: uath_stop(ifp, 1); 1959 return error; 1960 } 1961 1962 Static void 1963 uath_stop(struct ifnet *ifp, int disable) 1964 { 1965 struct uath_softc *sc = ifp->if_softc; 1966 struct ieee80211com *ic = &sc->sc_ic; 1967 uint32_t val; 1968 int s; 1969 1970 s = splusb(); 1971 1972 sc->sc_tx_timer = 0; 1973 ifp->if_timer = 0; 1974 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1975 1976 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1977 1978 val = htobe32(0); 1979 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1980 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1981 1982 val = htobe32(0); 1983 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1984 1985 #if 0 1986 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1987 UATH_CMD_FLAG_MAGIC); 1988 #endif 1989 1990 /* abort any pending transfers */ 1991 usbd_abort_pipe(sc->data_tx_pipe); 1992 usbd_abort_pipe(sc->data_rx_pipe); 1993 usbd_abort_pipe(sc->cmd_tx_pipe); 1994 usbd_abort_pipe(sc->cmd_rx_pipe); 1995 1996 splx(s); 1997 } 1998 1999 /* 2000 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 2001 * the device will detach itself from the bus and reattach later with a new 2002 * product Id (a la ezusb). XXX this could also be implemented in userland 2003 * through /dev/ugen. 2004 */ 2005 Static int 2006 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2007 { 2008 usbd_xfer_handle ctlxfer, txxfer, rxxfer; 2009 struct uath_fwblock *txblock, *rxblock; 2010 uint8_t *txdata; 2011 int error = 0; 2012 2013 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2014 printf("%s: could not allocate Tx control xfer\n", 2015 USBDEVNAME(sc->sc_dev)); 2016 error = USBD_NOMEM; 2017 goto fail1; 2018 } 2019 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2020 if (txblock == NULL) { 2021 printf("%s: could not allocate Tx control block\n", 2022 USBDEVNAME(sc->sc_dev)); 2023 error = USBD_NOMEM; 2024 goto fail2; 2025 } 2026 2027 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2028 printf("%s: could not allocate Tx xfer\n", 2029 USBDEVNAME(sc->sc_dev)); 2030 error = USBD_NOMEM; 2031 goto fail2; 2032 } 2033 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2034 if (txdata == NULL) { 2035 printf("%s: could not allocate Tx buffer\n", 2036 USBDEVNAME(sc->sc_dev)); 2037 error = USBD_NOMEM; 2038 goto fail3; 2039 } 2040 2041 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2042 printf("%s: could not allocate Rx control xfer\n", 2043 USBDEVNAME(sc->sc_dev)); 2044 error = USBD_NOMEM; 2045 goto fail3; 2046 } 2047 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2048 if (rxblock == NULL) { 2049 printf("%s: could not allocate Rx control block\n", 2050 USBDEVNAME(sc->sc_dev)); 2051 error = USBD_NOMEM; 2052 goto fail4; 2053 } 2054 2055 bzero(txblock, sizeof (struct uath_fwblock)); 2056 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2057 txblock->total = htobe32(len); 2058 2059 while (len > 0) { 2060 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2061 2062 txblock->remain = htobe32(len - mlen); 2063 txblock->len = htobe32(mlen); 2064 2065 DPRINTF(("sending firmware block: %d bytes remaining\n", 2066 len - mlen)); 2067 2068 /* send firmware block meta-data */ 2069 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2070 sizeof (struct uath_fwblock), USBD_NO_COPY, 2071 UATH_CMD_TIMEOUT, NULL); 2072 if ((error = usbd_sync_transfer(ctlxfer)) != 0) { 2073 printf("%s: could not send firmware block info\n", 2074 USBDEVNAME(sc->sc_dev)); 2075 break; 2076 } 2077 2078 /* send firmware block data */ 2079 bcopy(fw, txdata, mlen); 2080 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2081 USBD_NO_COPY, UATH_DATA_TIMEOUT, NULL); 2082 if ((error = usbd_sync_transfer(txxfer)) != 0) { 2083 printf("%s: could not send firmware block data\n", 2084 USBDEVNAME(sc->sc_dev)); 2085 break; 2086 } 2087 2088 /* wait for ack from firmware */ 2089 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2090 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2091 USBD_NO_COPY, UATH_CMD_TIMEOUT, NULL); 2092 if ((error = usbd_sync_transfer(rxxfer)) != 0) { 2093 printf("%s: could not read firmware answer\n", 2094 USBDEVNAME(sc->sc_dev)); 2095 break; 2096 } 2097 2098 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2099 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2100 fw += mlen; 2101 len -= mlen; 2102 } 2103 2104 fail4: usbd_free_xfer(rxxfer); 2105 fail3: usbd_free_xfer(txxfer); 2106 fail2: usbd_free_xfer(ctlxfer); 2107 fail1: return error; 2108 } 2109 2110 Static int 2111 uath_activate(device_ptr_t self, enum devact act) 2112 { 2113 switch (act) { 2114 case DVACT_ACTIVATE: 2115 break; 2116 2117 case DVACT_DEACTIVATE: 2118 /*if_deactivate(&sc->sc_ic.ic_if);*/ 2119 break; 2120 } 2121 return 0; 2122 } 2123