1 /* $OpenBSD: if_uath.c,v 1.73 2015/11/24 13:33:18 mpi Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * 23 * IMPORTANT NOTICE: 24 * This driver was written without any documentation or support from Atheros 25 * Communications. It is based on a black-box analysis of the Windows binary 26 * driver. It handles both pre and post-firmware devices. 27 */ 28 29 #include "bpfilter.h" 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/timeout.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 #include <sys/endian.h> 41 42 #include <machine/bus.h> 43 #include <machine/intr.h> 44 45 #if NBPFILTER > 0 46 #include <net/bpf.h> 47 #endif 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 53 #include <netinet/in.h> 54 #include <netinet/if_ether.h> 55 56 #include <net80211/ieee80211_var.h> 57 #include <net80211/ieee80211_radiotap.h> 58 59 #include <dev/usb/usb.h> 60 #include <dev/usb/usbdi.h> 61 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 62 #include <dev/usb/usbdi_util.h> 63 #include <dev/usb/usbdevs.h> 64 65 #include <dev/usb/if_uathreg.h> 66 #include <dev/usb/if_uathvar.h> 67 68 #ifdef UATH_DEBUG 69 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 70 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 71 int uath_debug = 1; 72 #else 73 #define DPRINTF(x) 74 #define DPRINTFN(n, x) 75 #endif 76 77 /*- 78 * Various supported device vendors/products. 79 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 80 */ 81 #define UATH_DEV(v, p, f) \ 82 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 83 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 84 (f) | UATH_FLAG_PRE_FIRMWARE } 85 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 86 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 87 static const struct uath_type { 88 struct usb_devno dev; 89 unsigned int flags; 90 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 91 #define UATH_FLAG_ABG (1 << 1) 92 } uath_devs[] = { 93 UATH_DEV_UG(ACCTON, SMCWUSBTG2), 94 UATH_DEV_UG(ATHEROS, AR5523), 95 UATH_DEV_UG(ATHEROS2, AR5523_1), 96 UATH_DEV_UG(ATHEROS2, AR5523_2), 97 UATH_DEV_UX(ATHEROS2, AR5523_3), 98 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 99 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 100 UATH_DEV_UX(DLINK, DWLAG122), 101 UATH_DEV_UX(DLINK, DWLAG132), 102 UATH_DEV_UG(DLINK, DWLG132), 103 UATH_DEV_UG(DLINK2, WUA2340), 104 UATH_DEV_UG(GIGASET, AR5523), 105 UATH_DEV_UG(GIGASET, SMCWUSBTG), 106 UATH_DEV_UG(GLOBALSUN, AR5523_1), 107 UATH_DEV_UX(GLOBALSUN, AR5523_2), 108 UATH_DEV_UG(IODATA, USBWNG54US), 109 UATH_DEV_UG(MELCO, WLIU2KAMG54), 110 UATH_DEV_UX(NETGEAR, WG111U), 111 UATH_DEV_UG(NETGEAR3, WG111T), 112 UATH_DEV_UG(NETGEAR3, WPN111), 113 UATH_DEV_UG(PHILIPS, SNU6500), 114 UATH_DEV_UX(UMEDIA, AR5523_2), 115 UATH_DEV_UG(UMEDIA, TEW444UBEU), 116 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 117 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 118 UATH_DEV_UG(ZCOM, AR5523), 119 120 /* Devices that share one of the IDs above. */ 121 { { USB_VENDOR_NETGEAR3, USB_PRODUCT_NETGEAR3_WG111T_1 }, 0 } \ 122 }; 123 #define uath_lookup(v, p) \ 124 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 125 126 void uath_attachhook(void *); 127 int uath_open_pipes(struct uath_softc *); 128 void uath_close_pipes(struct uath_softc *); 129 int uath_alloc_tx_data_list(struct uath_softc *); 130 void uath_free_tx_data_list(struct uath_softc *); 131 int uath_alloc_rx_data_list(struct uath_softc *); 132 void uath_free_rx_data_list(struct uath_softc *); 133 int uath_alloc_tx_cmd_list(struct uath_softc *); 134 void uath_free_tx_cmd_list(struct uath_softc *); 135 int uath_alloc_rx_cmd_list(struct uath_softc *); 136 void uath_free_rx_cmd_list(struct uath_softc *); 137 int uath_media_change(struct ifnet *); 138 void uath_stat(void *); 139 void uath_next_scan(void *); 140 void uath_task(void *); 141 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 142 #ifdef UATH_DEBUG 143 void uath_dump_cmd(const uint8_t *, int, char); 144 #endif 145 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 146 int); 147 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 148 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 149 int); 150 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 151 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 152 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 153 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 154 void uath_cmd_rxeof(struct usbd_xfer *, void *, usbd_status); 155 void uath_data_rxeof(struct usbd_xfer *, void *, usbd_status); 156 void uath_data_txeof(struct usbd_xfer *, void *, usbd_status); 157 int uath_tx_null(struct uath_softc *); 158 int uath_tx_data(struct uath_softc *, struct mbuf *, 159 struct ieee80211_node *); 160 void uath_start(struct ifnet *); 161 void uath_watchdog(struct ifnet *); 162 int uath_ioctl(struct ifnet *, u_long, caddr_t); 163 int uath_query_eeprom(struct uath_softc *); 164 int uath_reset(struct uath_softc *); 165 int uath_reset_tx_queues(struct uath_softc *); 166 int uath_wme_init(struct uath_softc *); 167 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 168 int uath_set_key(struct uath_softc *, const struct ieee80211_key *, int); 169 int uath_set_keys(struct uath_softc *); 170 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 171 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 172 int uath_set_led(struct uath_softc *, int, int); 173 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 174 int uath_init(struct ifnet *); 175 void uath_stop(struct ifnet *, int); 176 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 177 178 int uath_match(struct device *, void *, void *); 179 void uath_attach(struct device *, struct device *, void *); 180 int uath_detach(struct device *, int); 181 182 struct cfdriver uath_cd = { 183 NULL, "uath", DV_IFNET 184 }; 185 186 const struct cfattach uath_ca = { 187 sizeof(struct uath_softc), uath_match, uath_attach, uath_detach 188 }; 189 190 int 191 uath_match(struct device *parent, void *match, void *aux) 192 { 193 struct usb_attach_arg *uaa = aux; 194 195 if (uaa->iface != NULL) 196 return UMATCH_NONE; 197 198 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 199 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 200 } 201 202 void 203 uath_attachhook(void *xsc) 204 { 205 struct uath_softc *sc = xsc; 206 u_char *fw; 207 size_t size; 208 int error; 209 210 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 211 printf("%s: error %d, could not read firmware %s\n", 212 sc->sc_dev.dv_xname, error, "uath-ar5523"); 213 return; 214 } 215 216 error = uath_loadfirmware(sc, fw, size); 217 free(fw, M_DEVBUF, 0); 218 219 if (error == 0) { 220 /* 221 * Hack alert: the device doesn't always gracefully detach 222 * from the bus after a firmware upload. We need to force 223 * a port reset and a re-exploration on the parent hub. 224 */ 225 usbd_reset_port(sc->sc_uhub, sc->sc_port); 226 usb_needs_reattach(sc->sc_udev); 227 } else { 228 printf("%s: could not load firmware (error=%s)\n", 229 sc->sc_dev.dv_xname, usbd_errstr(error)); 230 } 231 } 232 233 void 234 uath_attach(struct device *parent, struct device *self, void *aux) 235 { 236 struct uath_softc *sc = (struct uath_softc *)self; 237 struct usb_attach_arg *uaa = aux; 238 struct ieee80211com *ic = &sc->sc_ic; 239 struct ifnet *ifp = &ic->ic_if; 240 usbd_status error; 241 int i; 242 243 sc->sc_udev = uaa->device; 244 sc->sc_uhub = uaa->device->myhub; 245 sc->sc_port = uaa->port; 246 247 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 248 249 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 250 printf("%s: could not set configuration no\n", 251 sc->sc_dev.dv_xname); 252 return; 253 } 254 255 /* get the first interface handle */ 256 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 257 &sc->sc_iface); 258 if (error != 0) { 259 printf("%s: could not get interface handle\n", 260 sc->sc_dev.dv_xname); 261 return; 262 } 263 264 /* 265 * We must open the pipes early because they're used to upload the 266 * firmware (pre-firmware devices) or to send firmware commands. 267 */ 268 if (uath_open_pipes(sc) != 0) { 269 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 270 return; 271 } 272 273 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 274 if (rootvp == NULL) 275 mountroothook_establish(uath_attachhook, sc); 276 else 277 uath_attachhook(sc); 278 return; 279 } 280 281 /* 282 * Only post-firmware devices here. 283 */ 284 usb_init_task(&sc->sc_task, uath_task, sc, USB_TASK_TYPE_GENERIC); 285 timeout_set(&sc->scan_to, uath_next_scan, sc); 286 timeout_set(&sc->stat_to, uath_stat, sc); 287 288 /* 289 * Allocate xfers for firmware commands. 290 */ 291 if (uath_alloc_tx_cmd_list(sc) != 0) { 292 printf("%s: could not allocate Tx command list\n", 293 sc->sc_dev.dv_xname); 294 goto fail; 295 } 296 if (uath_alloc_rx_cmd_list(sc) != 0) { 297 printf("%s: could not allocate Rx command list\n", 298 sc->sc_dev.dv_xname); 299 goto fail; 300 } 301 302 /* 303 * Queue Rx command xfers. 304 */ 305 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 306 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 307 308 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 309 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 310 USBD_NO_TIMEOUT, uath_cmd_rxeof); 311 error = usbd_transfer(cmd->xfer); 312 if (error != USBD_IN_PROGRESS && error != 0) { 313 printf("%s: could not queue Rx command xfer\n", 314 sc->sc_dev.dv_xname); 315 goto fail; 316 } 317 } 318 319 /* 320 * We're now ready to send/receive firmware commands. 321 */ 322 if (uath_reset(sc) != 0) { 323 printf("%s: could not initialize adapter\n", 324 sc->sc_dev.dv_xname); 325 goto fail; 326 } 327 if (uath_query_eeprom(sc) != 0) { 328 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 329 goto fail; 330 } 331 332 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 333 sc->sc_dev.dv_xname, (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 334 ether_sprintf(ic->ic_myaddr)); 335 336 /* 337 * Allocate xfers for Tx/Rx data pipes. 338 */ 339 if (uath_alloc_tx_data_list(sc) != 0) { 340 printf("%s: could not allocate Tx data list\n", 341 sc->sc_dev.dv_xname); 342 goto fail; 343 } 344 if (uath_alloc_rx_data_list(sc) != 0) { 345 printf("%s: could not allocate Rx data list\n", 346 sc->sc_dev.dv_xname); 347 goto fail; 348 } 349 350 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 351 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 352 ic->ic_state = IEEE80211_S_INIT; 353 354 /* set device capabilities */ 355 ic->ic_caps = 356 IEEE80211_C_MONITOR | /* monitor mode supported */ 357 IEEE80211_C_TXPMGT | /* tx power management */ 358 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 359 IEEE80211_C_SHSLOT | /* short slot time supported */ 360 IEEE80211_C_WEP; /* h/w WEP */ 361 362 /* set supported .11b and .11g rates */ 363 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 364 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 365 366 /* set supported .11b and .11g channels (1 through 14) */ 367 for (i = 1; i <= 14; i++) { 368 ic->ic_channels[i].ic_freq = 369 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 370 ic->ic_channels[i].ic_flags = 371 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 372 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 373 } 374 375 ifp->if_softc = sc; 376 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 377 ifp->if_ioctl = uath_ioctl; 378 ifp->if_start = uath_start; 379 ifp->if_watchdog = uath_watchdog; 380 IFQ_SET_READY(&ifp->if_snd); 381 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 382 383 if_attach(ifp); 384 ieee80211_ifattach(ifp); 385 386 /* override state transition machine */ 387 sc->sc_newstate = ic->ic_newstate; 388 ic->ic_newstate = uath_newstate; 389 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 390 391 #if NBPFILTER > 0 392 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 393 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 394 395 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 396 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 397 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 398 399 sc->sc_txtap_len = sizeof sc->sc_txtapu; 400 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 401 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 402 #endif 403 404 return; 405 406 fail: uath_close_pipes(sc); 407 uath_free_tx_data_list(sc); 408 uath_free_rx_cmd_list(sc); 409 uath_free_tx_cmd_list(sc); 410 usbd_deactivate(sc->sc_udev); 411 } 412 413 int 414 uath_detach(struct device *self, int flags) 415 { 416 struct uath_softc *sc = (struct uath_softc *)self; 417 struct ifnet *ifp = &sc->sc_ic.ic_if; 418 int s; 419 420 s = splnet(); 421 422 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 423 uath_close_pipes(sc); 424 splx(s); 425 return 0; 426 } 427 428 /* post-firmware device */ 429 430 usb_rem_task(sc->sc_udev, &sc->sc_task); 431 if (timeout_initialized(&sc->scan_to)) 432 timeout_del(&sc->scan_to); 433 if (timeout_initialized(&sc->stat_to)) 434 timeout_del(&sc->stat_to); 435 436 /* close Tx/Rx pipes */ 437 uath_close_pipes(sc); 438 439 /* free xfers */ 440 uath_free_tx_data_list(sc); 441 uath_free_rx_data_list(sc); 442 uath_free_tx_cmd_list(sc); 443 uath_free_rx_cmd_list(sc); 444 445 if (ifp->if_softc != NULL) { 446 ieee80211_ifdetach(ifp); /* free all nodes */ 447 if_detach(ifp); 448 } 449 450 splx(s); 451 452 return 0; 453 } 454 455 int 456 uath_open_pipes(struct uath_softc *sc) 457 { 458 int error; 459 460 /* 461 * XXX pipes numbers are hardcoded because we don't have any way 462 * to distinguish the data pipes from the firmware command pipes 463 * (both are bulk pipes) using the endpoints descriptors. 464 */ 465 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 466 &sc->cmd_tx_pipe); 467 if (error != 0) { 468 printf("%s: could not open Tx command pipe: %s\n", 469 sc->sc_dev.dv_xname, usbd_errstr(error)); 470 goto fail; 471 } 472 473 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 474 &sc->data_tx_pipe); 475 if (error != 0) { 476 printf("%s: could not open Tx data pipe: %s\n", 477 sc->sc_dev.dv_xname, usbd_errstr(error)); 478 goto fail; 479 } 480 481 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 482 &sc->cmd_rx_pipe); 483 if (error != 0) { 484 printf("%s: could not open Rx command pipe: %s\n", 485 sc->sc_dev.dv_xname, usbd_errstr(error)); 486 goto fail; 487 } 488 489 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 490 &sc->data_rx_pipe); 491 if (error != 0) { 492 printf("%s: could not open Rx data pipe: %s\n", 493 sc->sc_dev.dv_xname, usbd_errstr(error)); 494 goto fail; 495 } 496 497 return 0; 498 499 fail: uath_close_pipes(sc); 500 return error; 501 } 502 503 void 504 uath_close_pipes(struct uath_softc *sc) 505 { 506 if (sc->data_tx_pipe != NULL) { 507 usbd_close_pipe(sc->data_tx_pipe); 508 sc->data_tx_pipe = NULL; 509 } 510 511 if (sc->data_rx_pipe != NULL) { 512 usbd_close_pipe(sc->data_rx_pipe); 513 sc->data_rx_pipe = NULL; 514 } 515 516 if (sc->cmd_tx_pipe != NULL) { 517 usbd_close_pipe(sc->cmd_tx_pipe); 518 sc->cmd_tx_pipe = NULL; 519 } 520 521 if (sc->cmd_rx_pipe != NULL) { 522 usbd_close_pipe(sc->cmd_rx_pipe); 523 sc->cmd_rx_pipe = NULL; 524 } 525 } 526 527 int 528 uath_alloc_tx_data_list(struct uath_softc *sc) 529 { 530 int i, error; 531 532 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 533 struct uath_tx_data *data = &sc->tx_data[i]; 534 535 data->sc = sc; /* backpointer for callbacks */ 536 537 data->xfer = usbd_alloc_xfer(sc->sc_udev); 538 if (data->xfer == NULL) { 539 printf("%s: could not allocate xfer\n", 540 sc->sc_dev.dv_xname); 541 error = ENOMEM; 542 goto fail; 543 } 544 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 545 if (data->buf == NULL) { 546 printf("%s: could not allocate xfer buffer\n", 547 sc->sc_dev.dv_xname); 548 error = ENOMEM; 549 goto fail; 550 } 551 } 552 return 0; 553 554 fail: uath_free_tx_data_list(sc); 555 return error; 556 } 557 558 void 559 uath_free_tx_data_list(struct uath_softc *sc) 560 { 561 int i; 562 563 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 564 if (sc->tx_data[i].xfer != NULL) { 565 usbd_free_xfer(sc->tx_data[i].xfer); 566 sc->tx_data[i].xfer = NULL; 567 } 568 } 569 570 int 571 uath_alloc_rx_data_list(struct uath_softc *sc) 572 { 573 int i, error; 574 575 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 576 struct uath_rx_data *data = &sc->rx_data[i]; 577 578 data->sc = sc; /* backpointer for callbacks */ 579 580 data->xfer = usbd_alloc_xfer(sc->sc_udev); 581 if (data->xfer == NULL) { 582 printf("%s: could not allocate xfer\n", 583 sc->sc_dev.dv_xname); 584 error = ENOMEM; 585 goto fail; 586 } 587 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 588 printf("%s: could not allocate xfer buffer\n", 589 sc->sc_dev.dv_xname); 590 error = ENOMEM; 591 goto fail; 592 } 593 594 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 595 if (data->m == NULL) { 596 printf("%s: could not allocate rx mbuf\n", 597 sc->sc_dev.dv_xname); 598 error = ENOMEM; 599 goto fail; 600 } 601 MCLGET(data->m, M_DONTWAIT); 602 if (!(data->m->m_flags & M_EXT)) { 603 printf("%s: could not allocate rx mbuf cluster\n", 604 sc->sc_dev.dv_xname); 605 error = ENOMEM; 606 goto fail; 607 } 608 609 data->buf = mtod(data->m, uint8_t *); 610 } 611 return 0; 612 613 fail: uath_free_rx_data_list(sc); 614 return error; 615 } 616 617 void 618 uath_free_rx_data_list(struct uath_softc *sc) 619 { 620 int i; 621 622 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 623 struct uath_rx_data *data = &sc->rx_data[i]; 624 625 if (data->xfer != NULL) { 626 usbd_free_xfer(data->xfer); 627 data->xfer = NULL; 628 } 629 630 if (data->m != NULL) { 631 m_freem(data->m); 632 data->m = NULL; 633 } 634 } 635 } 636 637 int 638 uath_alloc_tx_cmd_list(struct uath_softc *sc) 639 { 640 int i, error; 641 642 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 643 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 644 645 cmd->sc = sc; /* backpointer for callbacks */ 646 647 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 648 if (cmd->xfer == NULL) { 649 printf("%s: could not allocate xfer\n", 650 sc->sc_dev.dv_xname); 651 error = ENOMEM; 652 goto fail; 653 } 654 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 655 if (cmd->buf == NULL) { 656 printf("%s: could not allocate xfer buffer\n", 657 sc->sc_dev.dv_xname); 658 error = ENOMEM; 659 goto fail; 660 } 661 } 662 return 0; 663 664 fail: uath_free_tx_cmd_list(sc); 665 return error; 666 } 667 668 void 669 uath_free_tx_cmd_list(struct uath_softc *sc) 670 { 671 int i; 672 673 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 674 if (sc->tx_cmd[i].xfer != NULL) { 675 usbd_free_xfer(sc->tx_cmd[i].xfer); 676 sc->tx_cmd[i].xfer = NULL; 677 } 678 } 679 680 int 681 uath_alloc_rx_cmd_list(struct uath_softc *sc) 682 { 683 int i, error; 684 685 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 686 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 687 688 cmd->sc = sc; /* backpointer for callbacks */ 689 690 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 691 if (cmd->xfer == NULL) { 692 printf("%s: could not allocate xfer\n", 693 sc->sc_dev.dv_xname); 694 error = ENOMEM; 695 goto fail; 696 } 697 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 698 if (cmd->buf == NULL) { 699 printf("%s: could not allocate xfer buffer\n", 700 sc->sc_dev.dv_xname); 701 error = ENOMEM; 702 goto fail; 703 } 704 } 705 return 0; 706 707 fail: uath_free_rx_cmd_list(sc); 708 return error; 709 } 710 711 void 712 uath_free_rx_cmd_list(struct uath_softc *sc) 713 { 714 int i; 715 716 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 717 if (sc->rx_cmd[i].xfer != NULL) { 718 usbd_free_xfer(sc->rx_cmd[i].xfer); 719 sc->rx_cmd[i].xfer = NULL; 720 } 721 } 722 723 int 724 uath_media_change(struct ifnet *ifp) 725 { 726 int error; 727 728 error = ieee80211_media_change(ifp); 729 if (error != ENETRESET) 730 return error; 731 732 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 733 uath_init(ifp); 734 735 return 0; 736 } 737 738 /* 739 * This function is called periodically (every second) when associated to 740 * query device statistics. 741 */ 742 void 743 uath_stat(void *arg) 744 { 745 struct uath_softc *sc = arg; 746 int error; 747 748 /* 749 * Send request for statistics asynchronously. The timer will be 750 * restarted when we'll get the stats notification. 751 */ 752 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 753 UATH_CMD_FLAG_ASYNC); 754 if (error != 0) { 755 printf("%s: could not query statistics (error=%d)\n", 756 sc->sc_dev.dv_xname, error); 757 } 758 } 759 760 /* 761 * This function is called periodically (every 250ms) during scanning to 762 * switch from one channel to another. 763 */ 764 void 765 uath_next_scan(void *arg) 766 { 767 struct uath_softc *sc = arg; 768 struct ieee80211com *ic = &sc->sc_ic; 769 struct ifnet *ifp = &ic->ic_if; 770 771 if (ic->ic_state == IEEE80211_S_SCAN) 772 ieee80211_next_scan(ifp); 773 } 774 775 void 776 uath_task(void *arg) 777 { 778 struct uath_softc *sc = arg; 779 struct ieee80211com *ic = &sc->sc_ic; 780 enum ieee80211_state ostate; 781 782 ostate = ic->ic_state; 783 784 switch (sc->sc_state) { 785 case IEEE80211_S_INIT: 786 if (ostate == IEEE80211_S_RUN) { 787 /* turn link and activity LEDs off */ 788 (void)uath_set_led(sc, UATH_LED_LINK, 0); 789 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 790 } 791 break; 792 793 case IEEE80211_S_SCAN: 794 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 795 printf("%s: could not switch channel\n", 796 sc->sc_dev.dv_xname); 797 break; 798 } 799 timeout_add_msec(&sc->scan_to, 250); 800 break; 801 802 case IEEE80211_S_AUTH: 803 { 804 struct ieee80211_node *ni = ic->ic_bss; 805 struct uath_cmd_bssid bssid; 806 struct uath_cmd_0b cmd0b; 807 struct uath_cmd_0c cmd0c; 808 809 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 810 printf("%s: could not switch channel\n", 811 sc->sc_dev.dv_xname); 812 break; 813 } 814 815 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 816 817 bzero(&bssid, sizeof bssid); 818 bssid.len = htobe32(IEEE80211_ADDR_LEN); 819 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 820 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 821 sizeof bssid, 0); 822 823 bzero(&cmd0b, sizeof cmd0b); 824 cmd0b.code = htobe32(2); 825 cmd0b.size = htobe32(sizeof (cmd0b.data)); 826 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 827 828 bzero(&cmd0c, sizeof cmd0c); 829 cmd0c.magic1 = htobe32(2); 830 cmd0c.magic2 = htobe32(7); 831 cmd0c.magic3 = htobe32(1); 832 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 833 834 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 835 printf("%s: could not set negotiated rate set\n", 836 sc->sc_dev.dv_xname); 837 break; 838 } 839 break; 840 } 841 842 case IEEE80211_S_ASSOC: 843 break; 844 845 case IEEE80211_S_RUN: 846 { 847 struct ieee80211_node *ni = ic->ic_bss; 848 struct uath_cmd_bssid bssid; 849 struct uath_cmd_xled xled; 850 uint32_t val; 851 852 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 853 /* make both LEDs blink while monitoring */ 854 bzero(&xled, sizeof xled); 855 xled.which = htobe32(0); 856 xled.rate = htobe32(1); 857 xled.mode = htobe32(2); 858 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 859 sizeof xled, 0); 860 break; 861 } 862 863 /* 864 * Tx rate is controlled by firmware, report the maximum 865 * negotiated rate in ifconfig output. 866 */ 867 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 868 869 val = htobe32(1); 870 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 871 872 bzero(&bssid, sizeof bssid); 873 bssid.flags1 = htobe32(0xc004); 874 bssid.flags2 = htobe32(0x003b); 875 bssid.len = htobe32(IEEE80211_ADDR_LEN); 876 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 877 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 878 sizeof bssid, 0); 879 880 /* turn link LED on */ 881 (void)uath_set_led(sc, UATH_LED_LINK, 1); 882 883 /* make activity LED blink */ 884 bzero(&xled, sizeof xled); 885 xled.which = htobe32(1); 886 xled.rate = htobe32(1); 887 xled.mode = htobe32(2); 888 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 889 0); 890 891 /* set state to associated */ 892 val = htobe32(1); 893 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 894 0); 895 896 /* start statistics timer */ 897 timeout_add_sec(&sc->stat_to, 1); 898 break; 899 } 900 } 901 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 902 } 903 904 int 905 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 906 { 907 struct uath_softc *sc = ic->ic_softc; 908 909 usb_rem_task(sc->sc_udev, &sc->sc_task); 910 timeout_del(&sc->scan_to); 911 timeout_del(&sc->stat_to); 912 913 /* do it in a process context */ 914 sc->sc_state = nstate; 915 sc->sc_arg = arg; 916 usb_add_task(sc->sc_udev, &sc->sc_task); 917 return 0; 918 } 919 920 #ifdef UATH_DEBUG 921 void 922 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 923 { 924 int i; 925 926 for (i = 0; i < len; i++) { 927 if ((i % 16) == 0) 928 printf("\n%c ", prefix); 929 else if ((i % 4) == 0) 930 printf(" "); 931 printf("%02x", buf[i]); 932 } 933 printf("\n"); 934 } 935 #endif 936 937 /* 938 * Low-level function to send read or write commands to the firmware. 939 */ 940 int 941 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 942 void *odata, int flags) 943 { 944 struct uath_cmd_hdr *hdr; 945 struct uath_tx_cmd *cmd; 946 uint16_t xferflags; 947 int s, xferlen, error; 948 949 /* grab a xfer */ 950 cmd = &sc->tx_cmd[sc->cmd_idx]; 951 952 /* always bulk-out a multiple of 4 bytes */ 953 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 954 955 hdr = (struct uath_cmd_hdr *)cmd->buf; 956 bzero(hdr, sizeof (struct uath_cmd_hdr)); 957 hdr->len = htobe32(xferlen); 958 hdr->code = htobe32(code); 959 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 960 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 961 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 962 963 #ifdef UATH_DEBUG 964 if (uath_debug >= 5) { 965 printf("sending command code=0x%02x flags=0x%x index=%u", 966 code, flags, sc->cmd_idx); 967 uath_dump_cmd(cmd->buf, xferlen, '+'); 968 } 969 #endif 970 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 971 if (!(flags & UATH_CMD_FLAG_READ)) { 972 if (!(flags & UATH_CMD_FLAG_ASYNC)) 973 xferflags |= USBD_SYNCHRONOUS; 974 } else 975 s = splusb(); 976 977 cmd->odata = odata; 978 979 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 980 xferflags, UATH_CMD_TIMEOUT, NULL); 981 error = usbd_transfer(cmd->xfer); 982 if (error != USBD_IN_PROGRESS && error != 0) { 983 if (flags & UATH_CMD_FLAG_READ) 984 splx(s); 985 printf("%s: could not send command 0x%x (error=%s)\n", 986 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 987 return error; 988 } 989 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 990 991 if (!(flags & UATH_CMD_FLAG_READ)) 992 return 0; /* write: don't wait for reply */ 993 994 /* wait at most two seconds for command reply */ 995 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 996 cmd->odata = NULL; /* in case answer is received too late */ 997 splx(s); 998 if (error != 0) { 999 printf("%s: timeout waiting for command reply\n", 1000 sc->sc_dev.dv_xname); 1001 } 1002 return error; 1003 } 1004 1005 int 1006 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1007 int flags) 1008 { 1009 flags &= ~UATH_CMD_FLAG_READ; 1010 return uath_cmd(sc, code, data, len, NULL, flags); 1011 } 1012 1013 int 1014 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1015 int ilen, void *odata, int flags) 1016 { 1017 flags |= UATH_CMD_FLAG_READ; 1018 return uath_cmd(sc, code, idata, ilen, odata, flags); 1019 } 1020 1021 int 1022 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1023 { 1024 struct uath_write_mac write; 1025 int error; 1026 1027 write.reg = htobe32(reg); 1028 write.len = htobe32(0); /* 0 = single write */ 1029 *(uint32_t *)write.data = htobe32(val); 1030 1031 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1032 3 * sizeof (uint32_t), 0); 1033 if (error != 0) { 1034 printf("%s: could not write register 0x%02x\n", 1035 sc->sc_dev.dv_xname, reg); 1036 } 1037 return error; 1038 } 1039 1040 int 1041 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1042 int len) 1043 { 1044 struct uath_write_mac write; 1045 int error; 1046 1047 write.reg = htobe32(reg); 1048 write.len = htobe32(len); 1049 bcopy(data, write.data, len); 1050 1051 /* properly handle the case where len is zero (reset) */ 1052 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1053 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1054 if (error != 0) { 1055 printf("%s: could not write %d bytes to register 0x%02x\n", 1056 sc->sc_dev.dv_xname, len, reg); 1057 } 1058 return error; 1059 } 1060 1061 int 1062 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1063 { 1064 struct uath_read_mac read; 1065 int error; 1066 1067 reg = htobe32(reg); 1068 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1069 0); 1070 if (error != 0) { 1071 printf("%s: could not read register 0x%02x\n", 1072 sc->sc_dev.dv_xname, betoh32(reg)); 1073 return error; 1074 } 1075 *val = betoh32(*(uint32_t *)read.data); 1076 return error; 1077 } 1078 1079 int 1080 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1081 { 1082 struct uath_read_mac read; 1083 int len, error; 1084 1085 reg = htobe32(reg); 1086 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1087 &read, 0); 1088 if (error != 0) { 1089 printf("%s: could not read EEPROM offset 0x%02x\n", 1090 sc->sc_dev.dv_xname, betoh32(reg)); 1091 return error; 1092 } 1093 len = betoh32(read.len); 1094 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1095 return error; 1096 } 1097 1098 void 1099 uath_cmd_rxeof(struct usbd_xfer *xfer, void *priv, 1100 usbd_status status) 1101 { 1102 struct uath_rx_cmd *cmd = priv; 1103 struct uath_softc *sc = cmd->sc; 1104 struct uath_cmd_hdr *hdr; 1105 1106 if (status != USBD_NORMAL_COMPLETION) { 1107 if (status == USBD_STALLED) 1108 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1109 return; 1110 } 1111 1112 hdr = (struct uath_cmd_hdr *)cmd->buf; 1113 1114 #ifdef UATH_DEBUG 1115 if (uath_debug >= 5) { 1116 printf("received command code=0x%x index=%u len=%u", 1117 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1118 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1119 } 1120 #endif 1121 1122 switch (betoh32(hdr->code) & 0xff) { 1123 /* reply to a read command */ 1124 default: 1125 { 1126 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1127 1128 if (txcmd->odata != NULL) { 1129 /* copy answer into caller's supplied buffer */ 1130 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1131 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1132 } 1133 wakeup(txcmd); /* wake up caller */ 1134 break; 1135 } 1136 /* spontaneous firmware notifications */ 1137 case UATH_NOTIF_READY: 1138 DPRINTF(("received device ready notification\n")); 1139 wakeup(UATH_COND_INIT(sc)); 1140 break; 1141 1142 case UATH_NOTIF_TX: 1143 /* this notification is sent when UATH_TX_NOTIFY is set */ 1144 DPRINTF(("received Tx notification\n")); 1145 break; 1146 1147 case UATH_NOTIF_STATS: 1148 DPRINTFN(2, ("received device statistics\n")); 1149 timeout_add_sec(&sc->stat_to, 1); 1150 break; 1151 } 1152 1153 /* setup a new transfer */ 1154 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1155 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1156 uath_cmd_rxeof); 1157 (void)usbd_transfer(xfer); 1158 } 1159 1160 void 1161 uath_data_rxeof(struct usbd_xfer *xfer, void *priv, 1162 usbd_status status) 1163 { 1164 struct uath_rx_data *data = priv; 1165 struct uath_softc *sc = data->sc; 1166 struct ieee80211com *ic = &sc->sc_ic; 1167 struct ifnet *ifp = &ic->ic_if; 1168 struct ieee80211_frame *wh; 1169 struct ieee80211_rxinfo rxi; 1170 struct ieee80211_node *ni; 1171 struct uath_rx_desc *desc; 1172 struct mbuf *mnew, *m; 1173 uint32_t hdr; 1174 int s, len; 1175 1176 if (status != USBD_NORMAL_COMPLETION) { 1177 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1178 return; 1179 1180 if (status == USBD_STALLED) 1181 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1182 1183 ifp->if_ierrors++; 1184 return; 1185 } 1186 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1187 1188 if (len < UATH_MIN_RXBUFSZ) { 1189 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1190 ifp->if_ierrors++; 1191 goto skip; 1192 } 1193 1194 hdr = betoh32(*(uint32_t *)data->buf); 1195 1196 /* Rx descriptor is located at the end, 32-bit aligned */ 1197 desc = (struct uath_rx_desc *) 1198 (data->buf + len - sizeof (struct uath_rx_desc)); 1199 1200 if (betoh32(desc->len) > sc->rxbufsz) { 1201 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1202 ifp->if_ierrors++; 1203 goto skip; 1204 } 1205 1206 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1207 1208 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1209 if (mnew == NULL) { 1210 printf("%s: could not allocate rx mbuf\n", 1211 sc->sc_dev.dv_xname); 1212 ifp->if_ierrors++; 1213 goto skip; 1214 } 1215 MCLGET(mnew, M_DONTWAIT); 1216 if (!(mnew->m_flags & M_EXT)) { 1217 printf("%s: could not allocate rx mbuf cluster\n", 1218 sc->sc_dev.dv_xname); 1219 m_freem(mnew); 1220 ifp->if_ierrors++; 1221 goto skip; 1222 } 1223 1224 m = data->m; 1225 data->m = mnew; 1226 1227 /* finalize mbuf */ 1228 m->m_data = data->buf + sizeof (uint32_t); 1229 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1230 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1231 1232 data->buf = mtod(data->m, uint8_t *); 1233 1234 wh = mtod(m, struct ieee80211_frame *); 1235 rxi.rxi_flags = 0; 1236 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1237 ic->ic_opmode != IEEE80211_M_MONITOR) { 1238 /* 1239 * Hardware decrypts the frame itself but leaves the WEP bit 1240 * set in the 802.11 header and doesn't remove the IV and CRC 1241 * fields. 1242 */ 1243 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1244 memmove((caddr_t)wh + IEEE80211_WEP_IVLEN + 1245 IEEE80211_WEP_KIDLEN, wh, sizeof (struct ieee80211_frame)); 1246 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1247 m_adj(m, -IEEE80211_WEP_CRCLEN); 1248 wh = mtod(m, struct ieee80211_frame *); 1249 1250 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1251 } 1252 1253 #if NBPFILTER > 0 1254 /* there are a lot more fields in the Rx descriptor */ 1255 if (sc->sc_drvbpf != NULL) { 1256 struct mbuf mb; 1257 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1258 1259 tap->wr_flags = 0; 1260 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1261 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1262 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1263 1264 mb.m_data = (caddr_t)tap; 1265 mb.m_len = sc->sc_rxtap_len; 1266 mb.m_next = m; 1267 mb.m_nextpkt = NULL; 1268 mb.m_type = 0; 1269 mb.m_flags = 0; 1270 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1271 } 1272 #endif 1273 1274 s = splnet(); 1275 ni = ieee80211_find_rxnode(ic, wh); 1276 rxi.rxi_rssi = (int)betoh32(desc->rssi); 1277 rxi.rxi_tstamp = 0; /* unused */ 1278 ieee80211_input(ifp, m, ni, &rxi); 1279 1280 /* node is no longer needed */ 1281 ieee80211_release_node(ic, ni); 1282 splx(s); 1283 1284 skip: /* setup a new transfer */ 1285 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1286 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1287 (void)usbd_transfer(data->xfer); 1288 } 1289 1290 int 1291 uath_tx_null(struct uath_softc *sc) 1292 { 1293 struct uath_tx_data *data; 1294 struct uath_tx_desc *desc; 1295 1296 data = &sc->tx_data[sc->data_idx]; 1297 1298 data->ni = NULL; 1299 1300 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1301 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1302 1303 bzero(desc, sizeof (struct uath_tx_desc)); 1304 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1305 desc->type = htobe32(UATH_TX_NULL); 1306 1307 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1308 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1309 USBD_FORCE_SHORT_XFER | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 1310 if (usbd_transfer(data->xfer) != 0) 1311 return EIO; 1312 1313 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1314 1315 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1316 } 1317 1318 void 1319 uath_data_txeof(struct usbd_xfer *xfer, void *priv, 1320 usbd_status status) 1321 { 1322 struct uath_tx_data *data = priv; 1323 struct uath_softc *sc = data->sc; 1324 struct ieee80211com *ic = &sc->sc_ic; 1325 struct ifnet *ifp = &ic->ic_if; 1326 int s; 1327 1328 if (status != USBD_NORMAL_COMPLETION) { 1329 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1330 return; 1331 1332 printf("%s: could not transmit buffer: %s\n", 1333 sc->sc_dev.dv_xname, usbd_errstr(status)); 1334 1335 if (status == USBD_STALLED) 1336 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1337 1338 ifp->if_oerrors++; 1339 return; 1340 } 1341 1342 s = splnet(); 1343 1344 ieee80211_release_node(ic, data->ni); 1345 data->ni = NULL; 1346 1347 sc->tx_queued--; 1348 ifp->if_opackets++; 1349 1350 sc->sc_tx_timer = 0; 1351 ifp->if_flags &= ~IFF_OACTIVE; 1352 uath_start(ifp); 1353 1354 splx(s); 1355 } 1356 1357 int 1358 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1359 { 1360 struct ieee80211com *ic = &sc->sc_ic; 1361 struct uath_tx_data *data; 1362 struct uath_tx_desc *desc; 1363 const struct ieee80211_frame *wh; 1364 int paylen, totlen, xferlen, error; 1365 1366 data = &sc->tx_data[sc->data_idx]; 1367 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1368 1369 data->ni = ni; 1370 1371 #if NBPFILTER > 0 1372 if (sc->sc_drvbpf != NULL) { 1373 struct mbuf mb; 1374 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1375 1376 tap->wt_flags = 0; 1377 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1378 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1379 1380 mb.m_data = (caddr_t)tap; 1381 mb.m_len = sc->sc_txtap_len; 1382 mb.m_next = m0; 1383 mb.m_nextpkt = NULL; 1384 mb.m_type = 0; 1385 mb.m_flags = 0; 1386 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1387 } 1388 #endif 1389 1390 paylen = m0->m_pkthdr.len; 1391 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1392 1393 wh = mtod(m0, struct ieee80211_frame *); 1394 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1395 uint8_t *frm = (uint8_t *)(desc + 1); 1396 uint32_t iv; 1397 1398 /* h/w WEP: it's up to the host to fill the IV field */ 1399 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1400 frm += sizeof (struct ieee80211_frame); 1401 1402 /* insert IV: code copied from net80211 */ 1403 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1404 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1405 iv += 0x000100; 1406 ic->ic_iv = iv + 1; 1407 1408 *frm++ = iv & 0xff; 1409 *frm++ = (iv >> 8) & 0xff; 1410 *frm++ = (iv >> 16) & 0xff; 1411 *frm++ = ic->ic_wep_txkey << 6; 1412 1413 m_copydata(m0, sizeof (struct ieee80211_frame), 1414 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1415 1416 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1417 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1418 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1419 } else { 1420 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1421 totlen = xferlen; 1422 } 1423 1424 /* fill Tx descriptor */ 1425 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1426 1427 desc->len = htobe32(totlen); 1428 desc->priv = sc->data_idx; /* don't care about endianness */ 1429 desc->paylen = htobe32(paylen); 1430 desc->type = htobe32(UATH_TX_DATA); 1431 desc->flags = htobe32(0); 1432 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1433 desc->dest = htobe32(UATH_ID_BROADCAST); 1434 desc->magic = htobe32(3); 1435 } else { 1436 desc->dest = htobe32(UATH_ID_BSS); 1437 desc->magic = htobe32(1); 1438 } 1439 1440 m_freem(m0); /* mbuf is no longer needed */ 1441 1442 #ifdef UATH_DEBUG 1443 if (uath_debug >= 6) { 1444 printf("sending frame index=%u len=%d xferlen=%d", 1445 sc->data_idx, paylen, xferlen); 1446 uath_dump_cmd(data->buf, xferlen, '+'); 1447 } 1448 #endif 1449 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1450 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1451 uath_data_txeof); 1452 error = usbd_transfer(data->xfer); 1453 if (error != USBD_IN_PROGRESS && error != 0) { 1454 ic->ic_if.if_oerrors++; 1455 return error; 1456 } 1457 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1458 sc->tx_queued++; 1459 1460 return 0; 1461 } 1462 1463 void 1464 uath_start(struct ifnet *ifp) 1465 { 1466 struct uath_softc *sc = ifp->if_softc; 1467 struct ieee80211com *ic = &sc->sc_ic; 1468 struct ieee80211_node *ni; 1469 struct mbuf *m0; 1470 1471 /* 1472 * net80211 may still try to send management frames even if the 1473 * IFF_RUNNING flag is not set... 1474 */ 1475 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1476 return; 1477 1478 for (;;) { 1479 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1480 ifp->if_flags |= IFF_OACTIVE; 1481 break; 1482 } 1483 1484 m0 = mq_dequeue(&ic->ic_mgtq); 1485 if (m0 != NULL) { 1486 ni = m0->m_pkthdr.ph_cookie; 1487 #if NBPFILTER > 0 1488 if (ic->ic_rawbpf != NULL) 1489 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1490 #endif 1491 if (uath_tx_data(sc, m0, ni) != 0) 1492 break; 1493 } else { 1494 if (ic->ic_state != IEEE80211_S_RUN) 1495 break; 1496 1497 IFQ_DEQUEUE(&ifp->if_snd, m0); 1498 if (m0 == NULL) 1499 break; 1500 #if NBPFILTER > 0 1501 if (ifp->if_bpf != NULL) 1502 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1503 #endif 1504 m0 = ieee80211_encap(ifp, m0, &ni); 1505 if (m0 == NULL) 1506 continue; 1507 #if NBPFILTER > 0 1508 if (ic->ic_rawbpf != NULL) 1509 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1510 #endif 1511 if (uath_tx_data(sc, m0, ni) != 0) { 1512 if (ni != NULL) 1513 ieee80211_release_node(ic, ni); 1514 ifp->if_oerrors++; 1515 break; 1516 } 1517 } 1518 1519 sc->sc_tx_timer = 5; 1520 ifp->if_timer = 1; 1521 } 1522 } 1523 1524 void 1525 uath_watchdog(struct ifnet *ifp) 1526 { 1527 struct uath_softc *sc = ifp->if_softc; 1528 1529 ifp->if_timer = 0; 1530 1531 if (sc->sc_tx_timer > 0) { 1532 if (--sc->sc_tx_timer == 0) { 1533 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1534 /*uath_init(ifp); XXX needs a process context! */ 1535 ifp->if_oerrors++; 1536 return; 1537 } 1538 ifp->if_timer = 1; 1539 } 1540 1541 ieee80211_watchdog(ifp); 1542 } 1543 1544 int 1545 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1546 { 1547 struct uath_softc *sc = ifp->if_softc; 1548 struct ieee80211com *ic = &sc->sc_ic; 1549 struct ifreq *ifr; 1550 int s, error = 0; 1551 1552 s = splnet(); 1553 1554 switch (cmd) { 1555 case SIOCSIFADDR: 1556 ifp->if_flags |= IFF_UP; 1557 /* FALLTHROUGH */ 1558 case SIOCSIFFLAGS: 1559 if (ifp->if_flags & IFF_UP) { 1560 if (!(ifp->if_flags & IFF_RUNNING)) 1561 uath_init(ifp); 1562 } else { 1563 if (ifp->if_flags & IFF_RUNNING) 1564 uath_stop(ifp, 1); 1565 } 1566 break; 1567 1568 case SIOCADDMULTI: 1569 case SIOCDELMULTI: 1570 ifr = (struct ifreq *)data; 1571 error = (cmd == SIOCADDMULTI) ? 1572 ether_addmulti(ifr, &ic->ic_ac) : 1573 ether_delmulti(ifr, &ic->ic_ac); 1574 if (error == ENETRESET) 1575 error = 0; 1576 break; 1577 1578 default: 1579 error = ieee80211_ioctl(ifp, cmd, data); 1580 } 1581 1582 if (error == ENETRESET) { 1583 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1584 (IFF_UP | IFF_RUNNING)) 1585 uath_init(ifp); 1586 error = 0; 1587 } 1588 1589 splx(s); 1590 1591 return error; 1592 } 1593 1594 int 1595 uath_query_eeprom(struct uath_softc *sc) 1596 { 1597 uint32_t tmp; 1598 int error; 1599 1600 /* retrieve MAC address */ 1601 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1602 if (error != 0) { 1603 printf("%s: could not read MAC address\n", 1604 sc->sc_dev.dv_xname); 1605 return error; 1606 } 1607 1608 /* retrieve the maximum frame size that the hardware can receive */ 1609 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1610 if (error != 0) { 1611 printf("%s: could not read maximum Rx buffer size\n", 1612 sc->sc_dev.dv_xname); 1613 return error; 1614 } 1615 sc->rxbufsz = betoh32(tmp) & 0xfff; 1616 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1617 return 0; 1618 } 1619 1620 int 1621 uath_reset(struct uath_softc *sc) 1622 { 1623 struct uath_cmd_setup setup; 1624 uint32_t reg, val; 1625 int s, error; 1626 1627 /* init device with some voodoo incantations.. */ 1628 setup.magic1 = htobe32(1); 1629 setup.magic2 = htobe32(5); 1630 setup.magic3 = htobe32(200); 1631 setup.magic4 = htobe32(27); 1632 s = splusb(); 1633 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1634 UATH_CMD_FLAG_ASYNC); 1635 /* ..and wait until firmware notifies us that it is ready */ 1636 if (error == 0) 1637 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1638 splx(s); 1639 if (error != 0) 1640 return error; 1641 1642 /* read PHY registers */ 1643 for (reg = 0x09; reg <= 0x24; reg++) { 1644 if (reg == 0x0b || reg == 0x0c) 1645 continue; 1646 DELAY(100); 1647 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1648 return error; 1649 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1650 } 1651 return error; 1652 } 1653 1654 int 1655 uath_reset_tx_queues(struct uath_softc *sc) 1656 { 1657 int ac, error; 1658 1659 for (ac = 0; ac < 4; ac++) { 1660 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1661 1662 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1663 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1664 sizeof qid, 0); 1665 if (error != 0) 1666 break; 1667 } 1668 return error; 1669 } 1670 1671 int 1672 uath_wme_init(struct uath_softc *sc) 1673 { 1674 struct uath_qinfo qinfo; 1675 int ac, error; 1676 static const struct uath_wme_settings uath_wme_11g[4] = { 1677 { 7, 4, 10, 0, 0 }, /* Background */ 1678 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1679 { 3, 3, 4, 26, 0 }, /* Video */ 1680 { 2, 2, 3, 47, 0 } /* Voice */ 1681 }; 1682 1683 bzero(&qinfo, sizeof qinfo); 1684 qinfo.size = htobe32(32); 1685 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1686 qinfo.magic2 = htobe32(1); 1687 for (ac = 0; ac < 4; ac++) { 1688 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1689 qinfo.ac = htobe32(ac); 1690 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1691 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1692 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1693 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1694 uath_wme_11g[ac].txop)); 1695 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1696 1697 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1698 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1699 sizeof qinfo, 0); 1700 if (error != 0) 1701 break; 1702 } 1703 return error; 1704 } 1705 1706 int 1707 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1708 { 1709 struct uath_set_chan chan; 1710 1711 bzero(&chan, sizeof chan); 1712 chan.flags = htobe32(0x1400); 1713 chan.freq = htobe32(c->ic_freq); 1714 chan.magic1 = htobe32(20); 1715 chan.magic2 = htobe32(50); 1716 chan.magic3 = htobe32(1); 1717 1718 DPRINTF(("switching to channel %d\n", 1719 ieee80211_chan2ieee(&sc->sc_ic, c))); 1720 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1721 } 1722 1723 int 1724 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *k, int index) 1725 { 1726 struct uath_cmd_crypto crypto; 1727 int i; 1728 1729 bzero(&crypto, sizeof crypto); 1730 crypto.keyidx = htobe32(index); 1731 crypto.magic1 = htobe32(1); 1732 crypto.size = htobe32(368); 1733 crypto.mask = htobe32(0xffff); 1734 crypto.flags = htobe32(0x80000068); 1735 if (index != UATH_DEFAULT_KEY) 1736 crypto.flags |= htobe32(index << 16); 1737 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1738 1739 /* 1740 * Each byte of the key must be XOR'ed with 10101010 before being 1741 * transmitted to the firmware. 1742 */ 1743 for (i = 0; i < k->k_len; i++) 1744 crypto.key[i] = k->k_key[i] ^ 0xaa; 1745 1746 DPRINTF(("setting crypto key index=%d len=%d\n", index, k->k_len)); 1747 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1748 } 1749 1750 int 1751 uath_set_keys(struct uath_softc *sc) 1752 { 1753 const struct ieee80211com *ic = &sc->sc_ic; 1754 int i, error; 1755 1756 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1757 const struct ieee80211_key *k = &ic->ic_nw_keys[i]; 1758 1759 if (k->k_len > 0 && (error = uath_set_key(sc, k, i)) != 0) 1760 return error; 1761 } 1762 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1763 UATH_DEFAULT_KEY); 1764 } 1765 1766 int 1767 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1768 { 1769 struct uath_cmd_rates rates; 1770 1771 bzero(&rates, sizeof rates); 1772 rates.magic1 = htobe32(0x02); 1773 rates.size = htobe32(1 + sizeof rates.rates); 1774 rates.nrates = rs->rs_nrates; 1775 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1776 1777 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1778 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1779 } 1780 1781 int 1782 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1783 { 1784 struct uath_cmd_filter rxfilter; 1785 1786 rxfilter.filter = htobe32(filter); 1787 rxfilter.flags = htobe32(flags); 1788 1789 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1790 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1791 sizeof rxfilter, 0); 1792 } 1793 1794 int 1795 uath_set_led(struct uath_softc *sc, int which, int on) 1796 { 1797 struct uath_cmd_led led; 1798 1799 led.which = htobe32(which); 1800 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1801 1802 DPRINTFN(2, ("switching %s led %s\n", 1803 (which == UATH_LED_LINK) ? "link" : "activity", 1804 on ? "on" : "off")); 1805 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1806 } 1807 1808 int 1809 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1810 { 1811 uint32_t val; 1812 int error; 1813 1814 /* set radio frequency */ 1815 if ((error = uath_set_chan(sc, c)) != 0) { 1816 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1817 return error; 1818 } 1819 1820 /* reset Tx rings */ 1821 if ((error = uath_reset_tx_queues(sc)) != 0) { 1822 printf("%s: could not reset Tx queues\n", 1823 sc->sc_dev.dv_xname); 1824 return error; 1825 } 1826 1827 /* set Tx rings WME properties */ 1828 if ((error = uath_wme_init(sc)) != 0) { 1829 printf("%s: could not init Tx queues\n", 1830 sc->sc_dev.dv_xname); 1831 return error; 1832 } 1833 1834 val = htobe32(0); 1835 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1836 if (error != 0) { 1837 printf("%s: could not set state\n", sc->sc_dev.dv_xname); 1838 return error; 1839 } 1840 1841 return uath_tx_null(sc); 1842 } 1843 1844 int 1845 uath_init(struct ifnet *ifp) 1846 { 1847 struct uath_softc *sc = ifp->if_softc; 1848 struct ieee80211com *ic = &sc->sc_ic; 1849 struct uath_cmd_31 cmd31; 1850 uint32_t val; 1851 int i, error; 1852 1853 /* reset data and command rings */ 1854 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1855 1856 val = htobe32(0); 1857 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1858 1859 /* set MAC address */ 1860 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1861 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1862 1863 (void)uath_write_reg(sc, 0x02, 0x00000001); 1864 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1865 (void)uath_write_reg(sc, 0x10, 0x00000001); 1866 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1867 1868 /* 1869 * Queue Rx data xfers. 1870 */ 1871 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1872 struct uath_rx_data *data = &sc->rx_data[i]; 1873 1874 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1875 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1876 uath_data_rxeof); 1877 error = usbd_transfer(data->xfer); 1878 if (error != USBD_IN_PROGRESS && error != 0) { 1879 printf("%s: could not queue Rx transfer\n", 1880 sc->sc_dev.dv_xname); 1881 goto fail; 1882 } 1883 } 1884 1885 error = uath_cmd_read(sc, UATH_CMD_07, NULL, 0, &val, 1886 UATH_CMD_FLAG_MAGIC); 1887 if (error != 0) { 1888 printf("%s: could not send read command 07h\n", 1889 sc->sc_dev.dv_xname); 1890 goto fail; 1891 } 1892 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1893 1894 /* set default channel */ 1895 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1896 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1897 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1898 goto fail; 1899 } 1900 1901 if ((error = uath_wme_init(sc)) != 0) { 1902 printf("%s: could not setup WME parameters\n", 1903 sc->sc_dev.dv_xname); 1904 goto fail; 1905 } 1906 1907 /* init MAC registers */ 1908 (void)uath_write_reg(sc, 0x19, 0x00000000); 1909 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1910 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1911 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1912 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1913 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1914 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1915 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1916 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1917 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1918 1919 val = htobe32(4); 1920 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1921 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1922 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1923 1924 if ((error = uath_set_keys(sc)) != 0) { 1925 printf("%s: could not set crypto keys\n", 1926 sc->sc_dev.dv_xname); 1927 goto fail; 1928 } 1929 1930 /* enable Rx */ 1931 (void)uath_set_rxfilter(sc, 0x0000, 4); 1932 (void)uath_set_rxfilter(sc, 0x0817, 1); 1933 1934 cmd31.magic1 = htobe32(0xffffffff); 1935 cmd31.magic2 = htobe32(0xffffffff); 1936 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1937 1938 ifp->if_flags &= ~IFF_OACTIVE; 1939 ifp->if_flags |= IFF_RUNNING; 1940 1941 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1942 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1943 else 1944 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1945 1946 return 0; 1947 1948 fail: uath_stop(ifp, 1); 1949 return error; 1950 } 1951 1952 void 1953 uath_stop(struct ifnet *ifp, int disable) 1954 { 1955 struct uath_softc *sc = ifp->if_softc; 1956 struct ieee80211com *ic = &sc->sc_ic; 1957 uint32_t val; 1958 int s; 1959 1960 s = splusb(); 1961 1962 sc->sc_tx_timer = 0; 1963 ifp->if_timer = 0; 1964 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1965 1966 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1967 1968 val = htobe32(0); 1969 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1970 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1971 1972 val = htobe32(0); 1973 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1974 1975 #if 0 1976 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1977 UATH_CMD_FLAG_MAGIC); 1978 #endif 1979 1980 /* abort any pending transfers */ 1981 usbd_abort_pipe(sc->data_tx_pipe); 1982 usbd_abort_pipe(sc->data_rx_pipe); 1983 usbd_abort_pipe(sc->cmd_tx_pipe); 1984 1985 splx(s); 1986 } 1987 1988 /* 1989 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 1990 * the device will detach itself from the bus and reattach later with a new 1991 * product Id (a la ezusb). XXX this could also be implemented in userland 1992 * through /dev/ugen. 1993 */ 1994 int 1995 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 1996 { 1997 struct usbd_xfer *ctlxfer, *txxfer, *rxxfer; 1998 struct uath_fwblock *txblock, *rxblock; 1999 uint8_t *txdata; 2000 int error = 0; 2001 2002 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2003 printf("%s: could not allocate Tx control xfer\n", 2004 sc->sc_dev.dv_xname); 2005 error = USBD_NOMEM; 2006 goto fail1; 2007 } 2008 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2009 if (txblock == NULL) { 2010 printf("%s: could not allocate Tx control block\n", 2011 sc->sc_dev.dv_xname); 2012 error = USBD_NOMEM; 2013 goto fail2; 2014 } 2015 2016 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2017 printf("%s: could not allocate Tx xfer\n", 2018 sc->sc_dev.dv_xname); 2019 error = USBD_NOMEM; 2020 goto fail2; 2021 } 2022 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2023 if (txdata == NULL) { 2024 printf("%s: could not allocate Tx buffer\n", 2025 sc->sc_dev.dv_xname); 2026 error = USBD_NOMEM; 2027 goto fail3; 2028 } 2029 2030 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2031 printf("%s: could not allocate Rx control xfer\n", 2032 sc->sc_dev.dv_xname); 2033 error = USBD_NOMEM; 2034 goto fail3; 2035 } 2036 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2037 if (rxblock == NULL) { 2038 printf("%s: could not allocate Rx control block\n", 2039 sc->sc_dev.dv_xname); 2040 error = USBD_NOMEM; 2041 goto fail4; 2042 } 2043 2044 bzero(txblock, sizeof (struct uath_fwblock)); 2045 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2046 txblock->total = htobe32(len); 2047 2048 while (len > 0) { 2049 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2050 2051 txblock->remain = htobe32(len - mlen); 2052 txblock->len = htobe32(mlen); 2053 2054 DPRINTF(("sending firmware block: %d bytes remaining\n", 2055 len - mlen)); 2056 2057 /* send firmware block meta-data */ 2058 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2059 sizeof (struct uath_fwblock), 2060 USBD_NO_COPY | USBD_SYNCHRONOUS, 2061 UATH_CMD_TIMEOUT, NULL); 2062 if ((error = usbd_transfer(ctlxfer)) != 0) { 2063 printf("%s: could not send firmware block info\n", 2064 sc->sc_dev.dv_xname); 2065 break; 2066 } 2067 2068 /* send firmware block data */ 2069 bcopy(fw, txdata, mlen); 2070 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2071 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_DATA_TIMEOUT, NULL); 2072 if ((error = usbd_transfer(txxfer)) != 0) { 2073 printf("%s: could not send firmware block data\n", 2074 sc->sc_dev.dv_xname); 2075 break; 2076 } 2077 2078 /* wait for ack from firmware */ 2079 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2080 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2081 USBD_NO_COPY | USBD_SYNCHRONOUS, UATH_CMD_TIMEOUT, NULL); 2082 if ((error = usbd_transfer(rxxfer)) != 0) { 2083 printf("%s: could not read firmware answer\n", 2084 sc->sc_dev.dv_xname); 2085 break; 2086 } 2087 2088 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2089 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2090 fw += mlen; 2091 len -= mlen; 2092 } 2093 2094 fail4: usbd_free_xfer(rxxfer); 2095 fail3: usbd_free_xfer(txxfer); 2096 fail2: usbd_free_xfer(ctlxfer); 2097 fail1: return error; 2098 } 2099