1 /*- 2 * SPDX-License-Identifier: (BSD-2-Clause-FreeBSD AND BSD-1-Clause) 3 * 4 * Copyright (c) 2006 Sam Leffler, Errno Consulting 5 * Copyright (c) 2008-2009 Weongyo Jeong <weongyo@freebsd.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer, 13 * without modification. 14 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 15 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 16 * redistribution must be conditioned upon including a substantially 17 * similar Disclaimer requirement for further binary redistribution. 18 * 19 * NO WARRANTY 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 23 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 24 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 25 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 28 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 30 * THE POSSIBILITY OF SUCH DAMAGES. 31 */ 32 33 /* 34 * This driver is distantly derived from a driver of the same name 35 * by Damien Bergamini. The original copyright is included below: 36 * 37 * Copyright (c) 2006 38 * Damien Bergamini <damien.bergamini@free.fr> 39 * 40 * Permission to use, copy, modify, and distribute this software for any 41 * purpose with or without fee is hereby granted, provided that the above 42 * copyright notice and this permission notice appear in all copies. 43 * 44 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 45 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 46 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 47 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 48 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 49 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 50 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 51 */ 52 53 #include <sys/cdefs.h> 54 __FBSDID("$FreeBSD$"); 55 56 /*- 57 * Driver for Atheros AR5523 USB parts. 58 * 59 * The driver requires firmware to be loaded into the device. This 60 * is done on device discovery from a user application (uathload) 61 * that is launched by devd when a device with suitable product ID 62 * is recognized. Once firmware has been loaded the device will 63 * reset the USB port and re-attach with the original product ID+1 64 * and this driver will be attached. The firmware is licensed for 65 * general use (royalty free) and may be incorporated in products. 66 * Note that the firmware normally packaged with the NDIS drivers 67 * for these devices does not work in this way and so does not work 68 * with this driver. 69 */ 70 #include <sys/param.h> 71 #include <sys/sockio.h> 72 #include <sys/sysctl.h> 73 #include <sys/lock.h> 74 #include <sys/mutex.h> 75 #include <sys/mbuf.h> 76 #include <sys/kernel.h> 77 #include <sys/socket.h> 78 #include <sys/systm.h> 79 #include <sys/malloc.h> 80 #include <sys/module.h> 81 #include <sys/bus.h> 82 #include <sys/endian.h> 83 #include <sys/kdb.h> 84 85 #include <machine/bus.h> 86 #include <machine/resource.h> 87 #include <sys/rman.h> 88 89 #include <net/bpf.h> 90 #include <net/if.h> 91 #include <net/if_var.h> 92 #include <net/if_arp.h> 93 #include <net/ethernet.h> 94 #include <net/if_dl.h> 95 #include <net/if_media.h> 96 #include <net/if_types.h> 97 98 #ifdef INET 99 #include <netinet/in.h> 100 #include <netinet/in_systm.h> 101 #include <netinet/in_var.h> 102 #include <netinet/if_ether.h> 103 #include <netinet/ip.h> 104 #endif 105 106 #include <net80211/ieee80211_var.h> 107 #include <net80211/ieee80211_input.h> 108 #include <net80211/ieee80211_regdomain.h> 109 #include <net80211/ieee80211_radiotap.h> 110 111 #include <dev/usb/usb.h> 112 #include <dev/usb/usbdi.h> 113 #include "usbdevs.h" 114 115 #include <dev/usb/wlan/if_uathreg.h> 116 #include <dev/usb/wlan/if_uathvar.h> 117 118 static SYSCTL_NODE(_hw_usb, OID_AUTO, uath, CTLFLAG_RW, 0, "USB Atheros"); 119 120 static int uath_countrycode = CTRY_DEFAULT; /* country code */ 121 SYSCTL_INT(_hw_usb_uath, OID_AUTO, countrycode, CTLFLAG_RWTUN, &uath_countrycode, 122 0, "country code"); 123 static int uath_regdomain = 0; /* regulatory domain */ 124 SYSCTL_INT(_hw_usb_uath, OID_AUTO, regdomain, CTLFLAG_RD, &uath_regdomain, 125 0, "regulatory domain"); 126 127 #ifdef UATH_DEBUG 128 int uath_debug = 0; 129 SYSCTL_INT(_hw_usb_uath, OID_AUTO, debug, CTLFLAG_RWTUN, &uath_debug, 0, 130 "uath debug level"); 131 enum { 132 UATH_DEBUG_XMIT = 0x00000001, /* basic xmit operation */ 133 UATH_DEBUG_XMIT_DUMP = 0x00000002, /* xmit dump */ 134 UATH_DEBUG_RECV = 0x00000004, /* basic recv operation */ 135 UATH_DEBUG_TX_PROC = 0x00000008, /* tx ISR proc */ 136 UATH_DEBUG_RX_PROC = 0x00000010, /* rx ISR proc */ 137 UATH_DEBUG_RECV_ALL = 0x00000020, /* trace all frames (beacons) */ 138 UATH_DEBUG_INIT = 0x00000040, /* initialization of dev */ 139 UATH_DEBUG_DEVCAP = 0x00000080, /* dev caps */ 140 UATH_DEBUG_CMDS = 0x00000100, /* commands */ 141 UATH_DEBUG_CMDS_DUMP = 0x00000200, /* command buffer dump */ 142 UATH_DEBUG_RESET = 0x00000400, /* reset processing */ 143 UATH_DEBUG_STATE = 0x00000800, /* 802.11 state transitions */ 144 UATH_DEBUG_MULTICAST = 0x00001000, /* multicast */ 145 UATH_DEBUG_WME = 0x00002000, /* WME */ 146 UATH_DEBUG_CHANNEL = 0x00004000, /* channel */ 147 UATH_DEBUG_RATES = 0x00008000, /* rates */ 148 UATH_DEBUG_CRYPTO = 0x00010000, /* crypto */ 149 UATH_DEBUG_LED = 0x00020000, /* LED */ 150 UATH_DEBUG_ANY = 0xffffffff 151 }; 152 #define DPRINTF(sc, m, fmt, ...) do { \ 153 if (sc->sc_debug & (m)) \ 154 printf(fmt, __VA_ARGS__); \ 155 } while (0) 156 #else 157 #define DPRINTF(sc, m, fmt, ...) do { \ 158 (void) sc; \ 159 } while (0) 160 #endif 161 162 /* recognized device vendors/products */ 163 static const STRUCT_USB_HOST_ID uath_devs[] = { 164 #define UATH_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 165 UATH_DEV(ACCTON, SMCWUSBTG2), 166 UATH_DEV(ATHEROS, AR5523), 167 UATH_DEV(ATHEROS2, AR5523_1), 168 UATH_DEV(ATHEROS2, AR5523_2), 169 UATH_DEV(ATHEROS2, AR5523_3), 170 UATH_DEV(CONCEPTRONIC, AR5523_1), 171 UATH_DEV(CONCEPTRONIC, AR5523_2), 172 UATH_DEV(DLINK, DWLAG122), 173 UATH_DEV(DLINK, DWLAG132), 174 UATH_DEV(DLINK, DWLG132), 175 UATH_DEV(DLINK2, DWA120), 176 UATH_DEV(GIGASET, AR5523), 177 UATH_DEV(GIGASET, SMCWUSBTG), 178 UATH_DEV(GLOBALSUN, AR5523_1), 179 UATH_DEV(GLOBALSUN, AR5523_2), 180 UATH_DEV(NETGEAR, WG111U), 181 UATH_DEV(NETGEAR3, WG111T), 182 UATH_DEV(NETGEAR3, WPN111), 183 UATH_DEV(NETGEAR3, WPN111_2), 184 UATH_DEV(UMEDIA, TEW444UBEU), 185 UATH_DEV(UMEDIA, AR5523_2), 186 UATH_DEV(WISTRONNEWEB, AR5523_1), 187 UATH_DEV(WISTRONNEWEB, AR5523_2), 188 UATH_DEV(ZCOM, AR5523) 189 #undef UATH_DEV 190 }; 191 192 static usb_callback_t uath_intr_rx_callback; 193 static usb_callback_t uath_intr_tx_callback; 194 static usb_callback_t uath_bulk_rx_callback; 195 static usb_callback_t uath_bulk_tx_callback; 196 197 static const struct usb_config uath_usbconfig[UATH_N_XFERS] = { 198 [UATH_INTR_RX] = { 199 .type = UE_BULK, 200 .endpoint = 0x1, 201 .direction = UE_DIR_IN, 202 .bufsize = UATH_MAX_CMDSZ, 203 .flags = { 204 .pipe_bof = 1, 205 .short_xfer_ok = 1 206 }, 207 .callback = uath_intr_rx_callback 208 }, 209 [UATH_INTR_TX] = { 210 .type = UE_BULK, 211 .endpoint = 0x1, 212 .direction = UE_DIR_OUT, 213 .bufsize = UATH_MAX_CMDSZ * UATH_CMD_LIST_COUNT, 214 .flags = { 215 .force_short_xfer = 1, 216 .pipe_bof = 1, 217 }, 218 .callback = uath_intr_tx_callback, 219 .timeout = UATH_CMD_TIMEOUT 220 }, 221 [UATH_BULK_RX] = { 222 .type = UE_BULK, 223 .endpoint = 0x2, 224 .direction = UE_DIR_IN, 225 .bufsize = MCLBYTES, 226 .flags = { 227 .ext_buffer = 1, 228 .pipe_bof = 1, 229 .short_xfer_ok = 1 230 }, 231 .callback = uath_bulk_rx_callback 232 }, 233 [UATH_BULK_TX] = { 234 .type = UE_BULK, 235 .endpoint = 0x2, 236 .direction = UE_DIR_OUT, 237 .bufsize = UATH_MAX_TXBUFSZ * UATH_TX_DATA_LIST_COUNT, 238 .flags = { 239 .force_short_xfer = 1, 240 .pipe_bof = 1 241 }, 242 .callback = uath_bulk_tx_callback, 243 .timeout = UATH_DATA_TIMEOUT 244 } 245 }; 246 247 static struct ieee80211vap *uath_vap_create(struct ieee80211com *, 248 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 249 const uint8_t [IEEE80211_ADDR_LEN], 250 const uint8_t [IEEE80211_ADDR_LEN]); 251 static void uath_vap_delete(struct ieee80211vap *); 252 static int uath_alloc_cmd_list(struct uath_softc *, struct uath_cmd []); 253 static void uath_free_cmd_list(struct uath_softc *, struct uath_cmd []); 254 static int uath_host_available(struct uath_softc *); 255 static int uath_get_capability(struct uath_softc *, uint32_t, uint32_t *); 256 static int uath_get_devcap(struct uath_softc *); 257 static struct uath_cmd * 258 uath_get_cmdbuf(struct uath_softc *); 259 static int uath_cmd_read(struct uath_softc *, uint32_t, const void *, 260 int, void *, int, int); 261 static int uath_cmd_write(struct uath_softc *, uint32_t, const void *, 262 int, int); 263 static void uath_stat(void *); 264 #ifdef UATH_DEBUG 265 static void uath_dump_cmd(const uint8_t *, int, char); 266 static const char * 267 uath_codename(int); 268 #endif 269 static int uath_get_devstatus(struct uath_softc *, 270 uint8_t macaddr[IEEE80211_ADDR_LEN]); 271 static int uath_get_status(struct uath_softc *, uint32_t, void *, int); 272 static int uath_alloc_rx_data_list(struct uath_softc *); 273 static int uath_alloc_tx_data_list(struct uath_softc *); 274 static void uath_free_rx_data_list(struct uath_softc *); 275 static void uath_free_tx_data_list(struct uath_softc *); 276 static int uath_init(struct uath_softc *); 277 static void uath_stop(struct uath_softc *); 278 static void uath_parent(struct ieee80211com *); 279 static int uath_transmit(struct ieee80211com *, struct mbuf *); 280 static void uath_start(struct uath_softc *); 281 static int uath_raw_xmit(struct ieee80211_node *, struct mbuf *, 282 const struct ieee80211_bpf_params *); 283 static void uath_scan_start(struct ieee80211com *); 284 static void uath_scan_end(struct ieee80211com *); 285 static void uath_set_channel(struct ieee80211com *); 286 static void uath_update_mcast(struct ieee80211com *); 287 static void uath_update_promisc(struct ieee80211com *); 288 static int uath_config(struct uath_softc *, uint32_t, uint32_t); 289 static int uath_config_multi(struct uath_softc *, uint32_t, const void *, 290 int); 291 static int uath_switch_channel(struct uath_softc *, 292 struct ieee80211_channel *); 293 static int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 294 static void uath_watchdog(void *); 295 static void uath_abort_xfers(struct uath_softc *); 296 static int uath_dataflush(struct uath_softc *); 297 static int uath_cmdflush(struct uath_softc *); 298 static int uath_flush(struct uath_softc *); 299 static int uath_set_ledstate(struct uath_softc *, int); 300 static int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 301 static int uath_reset_tx_queues(struct uath_softc *); 302 static int uath_wme_init(struct uath_softc *); 303 static struct uath_data * 304 uath_getbuf(struct uath_softc *); 305 static int uath_newstate(struct ieee80211vap *, enum ieee80211_state, 306 int); 307 static int uath_set_key(struct uath_softc *, 308 const struct ieee80211_key *, int); 309 static int uath_set_keys(struct uath_softc *, struct ieee80211vap *); 310 static void uath_sysctl_node(struct uath_softc *); 311 312 static int 313 uath_match(device_t dev) 314 { 315 struct usb_attach_arg *uaa = device_get_ivars(dev); 316 317 if (uaa->usb_mode != USB_MODE_HOST) 318 return (ENXIO); 319 if (uaa->info.bConfigIndex != UATH_CONFIG_INDEX) 320 return (ENXIO); 321 if (uaa->info.bIfaceIndex != UATH_IFACE_INDEX) 322 return (ENXIO); 323 324 return (usbd_lookup_id_by_uaa(uath_devs, sizeof(uath_devs), uaa)); 325 } 326 327 static int 328 uath_attach(device_t dev) 329 { 330 struct uath_softc *sc = device_get_softc(dev); 331 struct usb_attach_arg *uaa = device_get_ivars(dev); 332 struct ieee80211com *ic = &sc->sc_ic; 333 uint8_t bands[IEEE80211_MODE_BYTES]; 334 uint8_t iface_index = UATH_IFACE_INDEX; /* XXX */ 335 usb_error_t error; 336 337 sc->sc_dev = dev; 338 sc->sc_udev = uaa->device; 339 #ifdef UATH_DEBUG 340 sc->sc_debug = uath_debug; 341 #endif 342 device_set_usb_desc(dev); 343 344 /* 345 * Only post-firmware devices here. 346 */ 347 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), MTX_NETWORK_LOCK, 348 MTX_DEF); 349 callout_init(&sc->stat_ch, 0); 350 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 351 mbufq_init(&sc->sc_snd, ifqmaxlen); 352 353 error = usbd_transfer_setup(uaa->device, &iface_index, sc->sc_xfer, 354 uath_usbconfig, UATH_N_XFERS, sc, &sc->sc_mtx); 355 if (error) { 356 device_printf(dev, "could not allocate USB transfers, " 357 "err=%s\n", usbd_errstr(error)); 358 goto fail; 359 } 360 361 sc->sc_cmd_dma_buf = 362 usbd_xfer_get_frame_buffer(sc->sc_xfer[UATH_INTR_TX], 0); 363 sc->sc_tx_dma_buf = 364 usbd_xfer_get_frame_buffer(sc->sc_xfer[UATH_BULK_TX], 0); 365 366 /* 367 * Setup buffers for firmware commands. 368 */ 369 error = uath_alloc_cmd_list(sc, sc->sc_cmd); 370 if (error != 0) { 371 device_printf(sc->sc_dev, 372 "could not allocate Tx command list\n"); 373 goto fail1; 374 } 375 376 /* 377 * We're now ready to send+receive firmware commands. 378 */ 379 UATH_LOCK(sc); 380 error = uath_host_available(sc); 381 if (error != 0) { 382 device_printf(sc->sc_dev, "could not initialize adapter\n"); 383 goto fail2; 384 } 385 error = uath_get_devcap(sc); 386 if (error != 0) { 387 device_printf(sc->sc_dev, 388 "could not get device capabilities\n"); 389 goto fail2; 390 } 391 UATH_UNLOCK(sc); 392 393 /* Create device sysctl node. */ 394 uath_sysctl_node(sc); 395 396 UATH_LOCK(sc); 397 error = uath_get_devstatus(sc, ic->ic_macaddr); 398 if (error != 0) { 399 device_printf(sc->sc_dev, "could not get device status\n"); 400 goto fail2; 401 } 402 403 /* 404 * Allocate xfers for Rx/Tx data pipes. 405 */ 406 error = uath_alloc_rx_data_list(sc); 407 if (error != 0) { 408 device_printf(sc->sc_dev, "could not allocate Rx data list\n"); 409 goto fail2; 410 } 411 error = uath_alloc_tx_data_list(sc); 412 if (error != 0) { 413 device_printf(sc->sc_dev, "could not allocate Tx data list\n"); 414 goto fail2; 415 } 416 UATH_UNLOCK(sc); 417 418 ic->ic_softc = sc; 419 ic->ic_name = device_get_nameunit(dev); 420 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 421 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 422 423 /* set device capabilities */ 424 ic->ic_caps = 425 IEEE80211_C_STA | /* station mode */ 426 IEEE80211_C_MONITOR | /* monitor mode supported */ 427 IEEE80211_C_TXPMGT | /* tx power management */ 428 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 429 IEEE80211_C_SHSLOT | /* short slot time supported */ 430 IEEE80211_C_WPA | /* 802.11i */ 431 IEEE80211_C_BGSCAN | /* capable of bg scanning */ 432 IEEE80211_C_TXFRAG; /* handle tx frags */ 433 434 /* put a regulatory domain to reveal informations. */ 435 uath_regdomain = sc->sc_devcap.regDomain; 436 437 memset(bands, 0, sizeof(bands)); 438 setbit(bands, IEEE80211_MODE_11B); 439 setbit(bands, IEEE80211_MODE_11G); 440 if ((sc->sc_devcap.analog5GhzRevision & 0xf0) == 0x30) 441 setbit(bands, IEEE80211_MODE_11A); 442 /* XXX turbo */ 443 ieee80211_init_channels(ic, NULL, bands); 444 445 ieee80211_ifattach(ic); 446 ic->ic_raw_xmit = uath_raw_xmit; 447 ic->ic_scan_start = uath_scan_start; 448 ic->ic_scan_end = uath_scan_end; 449 ic->ic_set_channel = uath_set_channel; 450 ic->ic_vap_create = uath_vap_create; 451 ic->ic_vap_delete = uath_vap_delete; 452 ic->ic_update_mcast = uath_update_mcast; 453 ic->ic_update_promisc = uath_update_promisc; 454 ic->ic_transmit = uath_transmit; 455 ic->ic_parent = uath_parent; 456 457 ieee80211_radiotap_attach(ic, 458 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 459 UATH_TX_RADIOTAP_PRESENT, 460 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 461 UATH_RX_RADIOTAP_PRESENT); 462 463 if (bootverbose) 464 ieee80211_announce(ic); 465 466 return (0); 467 468 fail2: UATH_UNLOCK(sc); 469 uath_free_cmd_list(sc, sc->sc_cmd); 470 fail1: usbd_transfer_unsetup(sc->sc_xfer, UATH_N_XFERS); 471 fail: 472 return (error); 473 } 474 475 static int 476 uath_detach(device_t dev) 477 { 478 struct uath_softc *sc = device_get_softc(dev); 479 struct ieee80211com *ic = &sc->sc_ic; 480 unsigned int x; 481 482 /* 483 * Prevent further allocations from RX/TX/CMD 484 * data lists and ioctls 485 */ 486 UATH_LOCK(sc); 487 sc->sc_flags |= UATH_FLAG_INVALID; 488 489 STAILQ_INIT(&sc->sc_rx_active); 490 STAILQ_INIT(&sc->sc_rx_inactive); 491 492 STAILQ_INIT(&sc->sc_tx_active); 493 STAILQ_INIT(&sc->sc_tx_inactive); 494 STAILQ_INIT(&sc->sc_tx_pending); 495 496 STAILQ_INIT(&sc->sc_cmd_active); 497 STAILQ_INIT(&sc->sc_cmd_pending); 498 STAILQ_INIT(&sc->sc_cmd_waiting); 499 STAILQ_INIT(&sc->sc_cmd_inactive); 500 501 uath_stop(sc); 502 UATH_UNLOCK(sc); 503 504 callout_drain(&sc->stat_ch); 505 callout_drain(&sc->watchdog_ch); 506 507 /* drain USB transfers */ 508 for (x = 0; x != UATH_N_XFERS; x++) 509 usbd_transfer_drain(sc->sc_xfer[x]); 510 511 /* free data buffers */ 512 UATH_LOCK(sc); 513 uath_free_rx_data_list(sc); 514 uath_free_tx_data_list(sc); 515 uath_free_cmd_list(sc, sc->sc_cmd); 516 UATH_UNLOCK(sc); 517 518 /* free USB transfers and some data buffers */ 519 usbd_transfer_unsetup(sc->sc_xfer, UATH_N_XFERS); 520 521 ieee80211_ifdetach(ic); 522 mbufq_drain(&sc->sc_snd); 523 mtx_destroy(&sc->sc_mtx); 524 return (0); 525 } 526 527 static void 528 uath_free_cmd_list(struct uath_softc *sc, struct uath_cmd cmds[]) 529 { 530 int i; 531 532 for (i = 0; i != UATH_CMD_LIST_COUNT; i++) 533 cmds[i].buf = NULL; 534 } 535 536 static int 537 uath_alloc_cmd_list(struct uath_softc *sc, struct uath_cmd cmds[]) 538 { 539 int i; 540 541 STAILQ_INIT(&sc->sc_cmd_active); 542 STAILQ_INIT(&sc->sc_cmd_pending); 543 STAILQ_INIT(&sc->sc_cmd_waiting); 544 STAILQ_INIT(&sc->sc_cmd_inactive); 545 546 for (i = 0; i != UATH_CMD_LIST_COUNT; i++) { 547 struct uath_cmd *cmd = &cmds[i]; 548 549 cmd->sc = sc; /* backpointer for callbacks */ 550 cmd->msgid = i; 551 cmd->buf = ((uint8_t *)sc->sc_cmd_dma_buf) + 552 (i * UATH_MAX_CMDSZ); 553 STAILQ_INSERT_TAIL(&sc->sc_cmd_inactive, cmd, next); 554 UATH_STAT_INC(sc, st_cmd_inactive); 555 } 556 return (0); 557 } 558 559 static int 560 uath_host_available(struct uath_softc *sc) 561 { 562 struct uath_cmd_host_available setup; 563 564 UATH_ASSERT_LOCKED(sc); 565 566 /* inform target the host is available */ 567 setup.sw_ver_major = htobe32(ATH_SW_VER_MAJOR); 568 setup.sw_ver_minor = htobe32(ATH_SW_VER_MINOR); 569 setup.sw_ver_patch = htobe32(ATH_SW_VER_PATCH); 570 setup.sw_ver_build = htobe32(ATH_SW_VER_BUILD); 571 return uath_cmd_read(sc, WDCMSG_HOST_AVAILABLE, 572 &setup, sizeof setup, NULL, 0, 0); 573 } 574 575 #ifdef UATH_DEBUG 576 static void 577 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 578 { 579 const char *sep = ""; 580 int i; 581 582 for (i = 0; i < len; i++) { 583 if ((i % 16) == 0) { 584 printf("%s%c ", sep, prefix); 585 sep = "\n"; 586 } 587 else if ((i % 4) == 0) 588 printf(" "); 589 printf("%02x", buf[i]); 590 } 591 printf("\n"); 592 } 593 594 static const char * 595 uath_codename(int code) 596 { 597 static const char *names[] = { 598 "0x00", 599 "HOST_AVAILABLE", 600 "BIND", 601 "TARGET_RESET", 602 "TARGET_GET_CAPABILITY", 603 "TARGET_SET_CONFIG", 604 "TARGET_GET_STATUS", 605 "TARGET_GET_STATS", 606 "TARGET_START", 607 "TARGET_STOP", 608 "TARGET_ENABLE", 609 "TARGET_DISABLE", 610 "CREATE_CONNECTION", 611 "UPDATE_CONNECT_ATTR", 612 "DELETE_CONNECT", 613 "SEND", 614 "FLUSH", 615 "STATS_UPDATE", 616 "BMISS", 617 "DEVICE_AVAIL", 618 "SEND_COMPLETE", 619 "DATA_AVAIL", 620 "SET_PWR_MODE", 621 "BMISS_ACK", 622 "SET_LED_STEADY", 623 "SET_LED_BLINK", 624 "SETUP_BEACON_DESC", 625 "BEACON_INIT", 626 "RESET_KEY_CACHE", 627 "RESET_KEY_CACHE_ENTRY", 628 "SET_KEY_CACHE_ENTRY", 629 "SET_DECOMP_MASK", 630 "SET_REGULATORY_DOMAIN", 631 "SET_LED_STATE", 632 "WRITE_ASSOCID", 633 "SET_STA_BEACON_TIMERS", 634 "GET_TSF", 635 "RESET_TSF", 636 "SET_ADHOC_MODE", 637 "SET_BASIC_RATE", 638 "MIB_CONTROL", 639 "GET_CHANNEL_DATA", 640 "GET_CUR_RSSI", 641 "SET_ANTENNA_SWITCH", 642 "0x2c", "0x2d", "0x2e", 643 "USE_SHORT_SLOT_TIME", 644 "SET_POWER_MODE", 645 "SETUP_PSPOLL_DESC", 646 "SET_RX_MULTICAST_FILTER", 647 "RX_FILTER", 648 "PER_CALIBRATION", 649 "RESET", 650 "DISABLE", 651 "PHY_DISABLE", 652 "SET_TX_POWER_LIMIT", 653 "SET_TX_QUEUE_PARAMS", 654 "SETUP_TX_QUEUE", 655 "RELEASE_TX_QUEUE", 656 }; 657 static char buf[8]; 658 659 if (code < nitems(names)) 660 return names[code]; 661 if (code == WDCMSG_SET_DEFAULT_KEY) 662 return "SET_DEFAULT_KEY"; 663 snprintf(buf, sizeof(buf), "0x%02x", code); 664 return buf; 665 } 666 #endif 667 668 /* 669 * Low-level function to send read or write commands to the firmware. 670 */ 671 static int 672 uath_cmdsend(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 673 void *odata, int olen, int flags) 674 { 675 struct uath_cmd_hdr *hdr; 676 struct uath_cmd *cmd; 677 int error; 678 679 UATH_ASSERT_LOCKED(sc); 680 681 /* grab a xfer */ 682 cmd = uath_get_cmdbuf(sc); 683 if (cmd == NULL) { 684 device_printf(sc->sc_dev, "%s: empty inactive queue\n", 685 __func__); 686 return (ENOBUFS); 687 } 688 cmd->flags = flags; 689 /* always bulk-out a multiple of 4 bytes */ 690 cmd->buflen = roundup2(sizeof(struct uath_cmd_hdr) + ilen, 4); 691 692 hdr = (struct uath_cmd_hdr *)cmd->buf; 693 memset(hdr, 0, sizeof(struct uath_cmd_hdr)); 694 hdr->len = htobe32(cmd->buflen); 695 hdr->code = htobe32(code); 696 hdr->msgid = cmd->msgid; /* don't care about endianness */ 697 hdr->magic = htobe32((cmd->flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 698 memcpy((uint8_t *)(hdr + 1), idata, ilen); 699 700 #ifdef UATH_DEBUG 701 if (sc->sc_debug & UATH_DEBUG_CMDS) { 702 printf("%s: send %s [flags 0x%x] olen %d\n", 703 __func__, uath_codename(code), cmd->flags, olen); 704 if (sc->sc_debug & UATH_DEBUG_CMDS_DUMP) 705 uath_dump_cmd(cmd->buf, cmd->buflen, '+'); 706 } 707 #endif 708 cmd->odata = odata; 709 KASSERT(odata == NULL || 710 olen < UATH_MAX_CMDSZ - sizeof(*hdr) + sizeof(uint32_t), 711 ("odata %p olen %u", odata, olen)); 712 cmd->olen = olen; 713 714 STAILQ_INSERT_TAIL(&sc->sc_cmd_pending, cmd, next); 715 UATH_STAT_INC(sc, st_cmd_pending); 716 usbd_transfer_start(sc->sc_xfer[UATH_INTR_TX]); 717 718 if (cmd->flags & UATH_CMD_FLAG_READ) { 719 usbd_transfer_start(sc->sc_xfer[UATH_INTR_RX]); 720 721 /* wait at most two seconds for command reply */ 722 error = mtx_sleep(cmd, &sc->sc_mtx, 0, "uathcmd", 2 * hz); 723 cmd->odata = NULL; /* in case reply comes too late */ 724 if (error != 0) { 725 device_printf(sc->sc_dev, "timeout waiting for reply " 726 "to cmd 0x%x (%u)\n", code, code); 727 } else if (cmd->olen != olen) { 728 device_printf(sc->sc_dev, "unexpected reply data count " 729 "to cmd 0x%x (%u), got %u, expected %u\n", 730 code, code, cmd->olen, olen); 731 error = EINVAL; 732 } 733 return (error); 734 } 735 return (0); 736 } 737 738 static int 739 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 740 int ilen, void *odata, int olen, int flags) 741 { 742 743 flags |= UATH_CMD_FLAG_READ; 744 return uath_cmdsend(sc, code, idata, ilen, odata, olen, flags); 745 } 746 747 static int 748 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 749 int flags) 750 { 751 752 flags &= ~UATH_CMD_FLAG_READ; 753 return uath_cmdsend(sc, code, data, len, NULL, 0, flags); 754 } 755 756 static struct uath_cmd * 757 uath_get_cmdbuf(struct uath_softc *sc) 758 { 759 struct uath_cmd *uc; 760 761 UATH_ASSERT_LOCKED(sc); 762 763 uc = STAILQ_FIRST(&sc->sc_cmd_inactive); 764 if (uc != NULL) { 765 STAILQ_REMOVE_HEAD(&sc->sc_cmd_inactive, next); 766 UATH_STAT_DEC(sc, st_cmd_inactive); 767 } else 768 uc = NULL; 769 if (uc == NULL) 770 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: %s\n", __func__, 771 "out of command xmit buffers"); 772 return (uc); 773 } 774 775 /* 776 * This function is called periodically (every second) when associated to 777 * query device statistics. 778 */ 779 static void 780 uath_stat(void *arg) 781 { 782 struct uath_softc *sc = arg; 783 int error; 784 785 UATH_LOCK(sc); 786 /* 787 * Send request for statistics asynchronously. The timer will be 788 * restarted when we'll get the stats notification. 789 */ 790 error = uath_cmd_write(sc, WDCMSG_TARGET_GET_STATS, NULL, 0, 791 UATH_CMD_FLAG_ASYNC); 792 if (error != 0) { 793 device_printf(sc->sc_dev, 794 "could not query stats, error %d\n", error); 795 } 796 UATH_UNLOCK(sc); 797 } 798 799 static int 800 uath_get_capability(struct uath_softc *sc, uint32_t cap, uint32_t *val) 801 { 802 int error; 803 804 cap = htobe32(cap); 805 error = uath_cmd_read(sc, WDCMSG_TARGET_GET_CAPABILITY, 806 &cap, sizeof cap, val, sizeof(uint32_t), UATH_CMD_FLAG_MAGIC); 807 if (error != 0) { 808 device_printf(sc->sc_dev, "could not read capability %u\n", 809 be32toh(cap)); 810 return (error); 811 } 812 *val = be32toh(*val); 813 return (error); 814 } 815 816 static int 817 uath_get_devcap(struct uath_softc *sc) 818 { 819 #define GETCAP(x, v) do { \ 820 error = uath_get_capability(sc, x, &v); \ 821 if (error != 0) \ 822 return (error); \ 823 DPRINTF(sc, UATH_DEBUG_DEVCAP, \ 824 "%s: %s=0x%08x\n", __func__, #x, v); \ 825 } while (0) 826 struct uath_devcap *cap = &sc->sc_devcap; 827 int error; 828 829 /* collect device capabilities */ 830 GETCAP(CAP_TARGET_VERSION, cap->targetVersion); 831 GETCAP(CAP_TARGET_REVISION, cap->targetRevision); 832 GETCAP(CAP_MAC_VERSION, cap->macVersion); 833 GETCAP(CAP_MAC_REVISION, cap->macRevision); 834 GETCAP(CAP_PHY_REVISION, cap->phyRevision); 835 GETCAP(CAP_ANALOG_5GHz_REVISION, cap->analog5GhzRevision); 836 GETCAP(CAP_ANALOG_2GHz_REVISION, cap->analog2GhzRevision); 837 838 GETCAP(CAP_REG_DOMAIN, cap->regDomain); 839 GETCAP(CAP_REG_CAP_BITS, cap->regCapBits); 840 #if 0 841 /* NB: not supported in rev 1.5 */ 842 GETCAP(CAP_COUNTRY_CODE, cap->countryCode); 843 #endif 844 GETCAP(CAP_WIRELESS_MODES, cap->wirelessModes); 845 GETCAP(CAP_CHAN_SPREAD_SUPPORT, cap->chanSpreadSupport); 846 GETCAP(CAP_COMPRESS_SUPPORT, cap->compressSupport); 847 GETCAP(CAP_BURST_SUPPORT, cap->burstSupport); 848 GETCAP(CAP_FAST_FRAMES_SUPPORT, cap->fastFramesSupport); 849 GETCAP(CAP_CHAP_TUNING_SUPPORT, cap->chapTuningSupport); 850 GETCAP(CAP_TURBOG_SUPPORT, cap->turboGSupport); 851 GETCAP(CAP_TURBO_PRIME_SUPPORT, cap->turboPrimeSupport); 852 GETCAP(CAP_DEVICE_TYPE, cap->deviceType); 853 GETCAP(CAP_WME_SUPPORT, cap->wmeSupport); 854 GETCAP(CAP_TOTAL_QUEUES, cap->numTxQueues); 855 GETCAP(CAP_CONNECTION_ID_MAX, cap->connectionIdMax); 856 857 GETCAP(CAP_LOW_5GHZ_CHAN, cap->low5GhzChan); 858 GETCAP(CAP_HIGH_5GHZ_CHAN, cap->high5GhzChan); 859 GETCAP(CAP_LOW_2GHZ_CHAN, cap->low2GhzChan); 860 GETCAP(CAP_HIGH_2GHZ_CHAN, cap->high2GhzChan); 861 GETCAP(CAP_TWICE_ANTENNAGAIN_5G, cap->twiceAntennaGain5G); 862 GETCAP(CAP_TWICE_ANTENNAGAIN_2G, cap->twiceAntennaGain2G); 863 864 GETCAP(CAP_CIPHER_AES_CCM, cap->supportCipherAES_CCM); 865 GETCAP(CAP_CIPHER_TKIP, cap->supportCipherTKIP); 866 GETCAP(CAP_MIC_TKIP, cap->supportMicTKIP); 867 868 cap->supportCipherWEP = 1; /* NB: always available */ 869 870 return (0); 871 } 872 873 static int 874 uath_get_devstatus(struct uath_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN]) 875 { 876 int error; 877 878 /* retrieve MAC address */ 879 error = uath_get_status(sc, ST_MAC_ADDR, macaddr, IEEE80211_ADDR_LEN); 880 if (error != 0) { 881 device_printf(sc->sc_dev, "could not read MAC address\n"); 882 return (error); 883 } 884 885 error = uath_get_status(sc, ST_SERIAL_NUMBER, 886 &sc->sc_serial[0], sizeof(sc->sc_serial)); 887 if (error != 0) { 888 device_printf(sc->sc_dev, 889 "could not read device serial number\n"); 890 return (error); 891 } 892 return (0); 893 } 894 895 static int 896 uath_get_status(struct uath_softc *sc, uint32_t which, void *odata, int olen) 897 { 898 int error; 899 900 which = htobe32(which); 901 error = uath_cmd_read(sc, WDCMSG_TARGET_GET_STATUS, 902 &which, sizeof(which), odata, olen, UATH_CMD_FLAG_MAGIC); 903 if (error != 0) 904 device_printf(sc->sc_dev, 905 "could not read EEPROM offset 0x%02x\n", be32toh(which)); 906 return (error); 907 } 908 909 static void 910 uath_free_data_list(struct uath_softc *sc, struct uath_data data[], int ndata, 911 int fillmbuf) 912 { 913 int i; 914 915 for (i = 0; i < ndata; i++) { 916 struct uath_data *dp = &data[i]; 917 918 if (fillmbuf == 1) { 919 if (dp->m != NULL) { 920 m_freem(dp->m); 921 dp->m = NULL; 922 dp->buf = NULL; 923 } 924 } else { 925 dp->buf = NULL; 926 } 927 if (dp->ni != NULL) { 928 ieee80211_free_node(dp->ni); 929 dp->ni = NULL; 930 } 931 } 932 } 933 934 static int 935 uath_alloc_data_list(struct uath_softc *sc, struct uath_data data[], 936 int ndata, int maxsz, void *dma_buf) 937 { 938 int i, error; 939 940 for (i = 0; i < ndata; i++) { 941 struct uath_data *dp = &data[i]; 942 943 dp->sc = sc; 944 if (dma_buf == NULL) { 945 /* XXX check maxsz */ 946 dp->m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 947 if (dp->m == NULL) { 948 device_printf(sc->sc_dev, 949 "could not allocate rx mbuf\n"); 950 error = ENOMEM; 951 goto fail; 952 } 953 dp->buf = mtod(dp->m, uint8_t *); 954 } else { 955 dp->m = NULL; 956 dp->buf = ((uint8_t *)dma_buf) + (i * maxsz); 957 } 958 dp->ni = NULL; 959 } 960 961 return (0); 962 963 fail: uath_free_data_list(sc, data, ndata, 1 /* free mbufs */); 964 return (error); 965 } 966 967 static int 968 uath_alloc_rx_data_list(struct uath_softc *sc) 969 { 970 int error, i; 971 972 /* XXX is it enough to store the RX packet with MCLBYTES bytes? */ 973 error = uath_alloc_data_list(sc, 974 sc->sc_rx, UATH_RX_DATA_LIST_COUNT, MCLBYTES, 975 NULL /* setup mbufs */); 976 if (error != 0) 977 return (error); 978 979 STAILQ_INIT(&sc->sc_rx_active); 980 STAILQ_INIT(&sc->sc_rx_inactive); 981 982 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 983 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], 984 next); 985 UATH_STAT_INC(sc, st_rx_inactive); 986 } 987 988 return (0); 989 } 990 991 static int 992 uath_alloc_tx_data_list(struct uath_softc *sc) 993 { 994 int error, i; 995 996 error = uath_alloc_data_list(sc, 997 sc->sc_tx, UATH_TX_DATA_LIST_COUNT, UATH_MAX_TXBUFSZ, 998 sc->sc_tx_dma_buf); 999 if (error != 0) 1000 return (error); 1001 1002 STAILQ_INIT(&sc->sc_tx_active); 1003 STAILQ_INIT(&sc->sc_tx_inactive); 1004 STAILQ_INIT(&sc->sc_tx_pending); 1005 1006 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 1007 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], 1008 next); 1009 UATH_STAT_INC(sc, st_tx_inactive); 1010 } 1011 1012 return (0); 1013 } 1014 1015 static void 1016 uath_free_rx_data_list(struct uath_softc *sc) 1017 { 1018 uath_free_data_list(sc, sc->sc_rx, UATH_RX_DATA_LIST_COUNT, 1019 1 /* free mbufs */); 1020 } 1021 1022 static void 1023 uath_free_tx_data_list(struct uath_softc *sc) 1024 { 1025 uath_free_data_list(sc, sc->sc_tx, UATH_TX_DATA_LIST_COUNT, 1026 0 /* no mbufs */); 1027 } 1028 1029 static struct ieee80211vap * 1030 uath_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 1031 enum ieee80211_opmode opmode, int flags, 1032 const uint8_t bssid[IEEE80211_ADDR_LEN], 1033 const uint8_t mac[IEEE80211_ADDR_LEN]) 1034 { 1035 struct uath_vap *uvp; 1036 struct ieee80211vap *vap; 1037 1038 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 1039 return (NULL); 1040 uvp = malloc(sizeof(struct uath_vap), M_80211_VAP, M_WAITOK | M_ZERO); 1041 vap = &uvp->vap; 1042 /* enable s/w bmiss handling for sta mode */ 1043 1044 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 1045 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) { 1046 /* out of memory */ 1047 free(uvp, M_80211_VAP); 1048 return (NULL); 1049 } 1050 1051 /* override state transition machine */ 1052 uvp->newstate = vap->iv_newstate; 1053 vap->iv_newstate = uath_newstate; 1054 1055 /* complete setup */ 1056 ieee80211_vap_attach(vap, ieee80211_media_change, 1057 ieee80211_media_status, mac); 1058 ic->ic_opmode = opmode; 1059 return (vap); 1060 } 1061 1062 static void 1063 uath_vap_delete(struct ieee80211vap *vap) 1064 { 1065 struct uath_vap *uvp = UATH_VAP(vap); 1066 1067 ieee80211_vap_detach(vap); 1068 free(uvp, M_80211_VAP); 1069 } 1070 1071 static int 1072 uath_init(struct uath_softc *sc) 1073 { 1074 struct ieee80211com *ic = &sc->sc_ic; 1075 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1076 uint32_t val; 1077 int error; 1078 1079 UATH_ASSERT_LOCKED(sc); 1080 1081 if (sc->sc_flags & UATH_FLAG_INITDONE) 1082 uath_stop(sc); 1083 1084 /* reset variables */ 1085 sc->sc_intrx_nextnum = sc->sc_msgid = 0; 1086 1087 val = htobe32(0); 1088 uath_cmd_write(sc, WDCMSG_BIND, &val, sizeof val, 0); 1089 1090 /* set MAC address */ 1091 uath_config_multi(sc, CFG_MAC_ADDR, 1092 vap ? vap->iv_myaddr : ic->ic_macaddr, IEEE80211_ADDR_LEN); 1093 1094 /* XXX honor net80211 state */ 1095 uath_config(sc, CFG_RATE_CONTROL_ENABLE, 0x00000001); 1096 uath_config(sc, CFG_DIVERSITY_CTL, 0x00000001); 1097 uath_config(sc, CFG_ABOLT, 0x0000003f); 1098 uath_config(sc, CFG_WME_ENABLED, 0x00000001); 1099 1100 uath_config(sc, CFG_SERVICE_TYPE, 1); 1101 uath_config(sc, CFG_TP_SCALE, 0x00000000); 1102 uath_config(sc, CFG_TPC_HALF_DBM5, 0x0000003c); 1103 uath_config(sc, CFG_TPC_HALF_DBM2, 0x0000003c); 1104 uath_config(sc, CFG_OVERRD_TX_POWER, 0x00000000); 1105 uath_config(sc, CFG_GMODE_PROTECTION, 0x00000000); 1106 uath_config(sc, CFG_GMODE_PROTECT_RATE_INDEX, 0x00000003); 1107 uath_config(sc, CFG_PROTECTION_TYPE, 0x00000000); 1108 uath_config(sc, CFG_MODE_CTS, 0x00000002); 1109 1110 error = uath_cmd_read(sc, WDCMSG_TARGET_START, NULL, 0, 1111 &val, sizeof(val), UATH_CMD_FLAG_MAGIC); 1112 if (error) { 1113 device_printf(sc->sc_dev, 1114 "could not start target, error %d\n", error); 1115 goto fail; 1116 } 1117 DPRINTF(sc, UATH_DEBUG_INIT, "%s returns handle: 0x%x\n", 1118 uath_codename(WDCMSG_TARGET_START), be32toh(val)); 1119 1120 /* set default channel */ 1121 error = uath_switch_channel(sc, ic->ic_curchan); 1122 if (error) { 1123 device_printf(sc->sc_dev, 1124 "could not switch channel, error %d\n", error); 1125 goto fail; 1126 } 1127 1128 val = htobe32(TARGET_DEVICE_AWAKE); 1129 uath_cmd_write(sc, WDCMSG_SET_PWR_MODE, &val, sizeof val, 0); 1130 /* XXX? check */ 1131 uath_cmd_write(sc, WDCMSG_RESET_KEY_CACHE, NULL, 0, 0); 1132 1133 usbd_transfer_start(sc->sc_xfer[UATH_BULK_RX]); 1134 /* enable Rx */ 1135 uath_set_rxfilter(sc, 0x0, UATH_FILTER_OP_INIT); 1136 uath_set_rxfilter(sc, 1137 UATH_FILTER_RX_UCAST | UATH_FILTER_RX_MCAST | 1138 UATH_FILTER_RX_BCAST | UATH_FILTER_RX_BEACON, 1139 UATH_FILTER_OP_SET); 1140 1141 sc->sc_flags |= UATH_FLAG_INITDONE; 1142 1143 callout_reset(&sc->watchdog_ch, hz, uath_watchdog, sc); 1144 1145 return (0); 1146 1147 fail: 1148 uath_stop(sc); 1149 return (error); 1150 } 1151 1152 static void 1153 uath_stop(struct uath_softc *sc) 1154 { 1155 1156 UATH_ASSERT_LOCKED(sc); 1157 1158 sc->sc_flags &= ~UATH_FLAG_INITDONE; 1159 1160 callout_stop(&sc->stat_ch); 1161 callout_stop(&sc->watchdog_ch); 1162 sc->sc_tx_timer = 0; 1163 /* abort pending transmits */ 1164 uath_abort_xfers(sc); 1165 /* flush data & control requests into the target */ 1166 (void)uath_flush(sc); 1167 /* set a LED status to the disconnected. */ 1168 uath_set_ledstate(sc, 0); 1169 /* stop the target */ 1170 uath_cmd_write(sc, WDCMSG_TARGET_STOP, NULL, 0, 0); 1171 } 1172 1173 static int 1174 uath_config(struct uath_softc *sc, uint32_t reg, uint32_t val) 1175 { 1176 struct uath_write_mac write; 1177 int error; 1178 1179 write.reg = htobe32(reg); 1180 write.len = htobe32(0); /* 0 = single write */ 1181 *(uint32_t *)write.data = htobe32(val); 1182 1183 error = uath_cmd_write(sc, WDCMSG_TARGET_SET_CONFIG, &write, 1184 3 * sizeof (uint32_t), 0); 1185 if (error != 0) { 1186 device_printf(sc->sc_dev, "could not write register 0x%02x\n", 1187 reg); 1188 } 1189 return (error); 1190 } 1191 1192 static int 1193 uath_config_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1194 int len) 1195 { 1196 struct uath_write_mac write; 1197 int error; 1198 1199 write.reg = htobe32(reg); 1200 write.len = htobe32(len); 1201 bcopy(data, write.data, len); 1202 1203 /* properly handle the case where len is zero (reset) */ 1204 error = uath_cmd_write(sc, WDCMSG_TARGET_SET_CONFIG, &write, 1205 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1206 if (error != 0) { 1207 device_printf(sc->sc_dev, 1208 "could not write %d bytes to register 0x%02x\n", len, reg); 1209 } 1210 return (error); 1211 } 1212 1213 static int 1214 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1215 { 1216 int error; 1217 1218 UATH_ASSERT_LOCKED(sc); 1219 1220 /* set radio frequency */ 1221 error = uath_set_chan(sc, c); 1222 if (error) { 1223 device_printf(sc->sc_dev, 1224 "could not set channel, error %d\n", error); 1225 goto failed; 1226 } 1227 /* reset Tx rings */ 1228 error = uath_reset_tx_queues(sc); 1229 if (error) { 1230 device_printf(sc->sc_dev, 1231 "could not reset Tx queues, error %d\n", error); 1232 goto failed; 1233 } 1234 /* set Tx rings WME properties */ 1235 error = uath_wme_init(sc); 1236 if (error) { 1237 device_printf(sc->sc_dev, 1238 "could not init Tx queues, error %d\n", error); 1239 goto failed; 1240 } 1241 error = uath_set_ledstate(sc, 0); 1242 if (error) { 1243 device_printf(sc->sc_dev, 1244 "could not set led state, error %d\n", error); 1245 goto failed; 1246 } 1247 error = uath_flush(sc); 1248 if (error) { 1249 device_printf(sc->sc_dev, 1250 "could not flush pipes, error %d\n", error); 1251 goto failed; 1252 } 1253 failed: 1254 return (error); 1255 } 1256 1257 static int 1258 uath_set_rxfilter(struct uath_softc *sc, uint32_t bits, uint32_t op) 1259 { 1260 struct uath_cmd_rx_filter rxfilter; 1261 1262 rxfilter.bits = htobe32(bits); 1263 rxfilter.op = htobe32(op); 1264 1265 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 1266 "setting Rx filter=0x%x flags=0x%x\n", bits, op); 1267 return uath_cmd_write(sc, WDCMSG_RX_FILTER, &rxfilter, 1268 sizeof rxfilter, 0); 1269 } 1270 1271 static void 1272 uath_watchdog(void *arg) 1273 { 1274 struct uath_softc *sc = arg; 1275 struct ieee80211com *ic = &sc->sc_ic; 1276 1277 if (sc->sc_tx_timer > 0) { 1278 if (--sc->sc_tx_timer == 0) { 1279 device_printf(sc->sc_dev, "device timeout\n"); 1280 /*uath_init(sc); XXX needs a process context! */ 1281 counter_u64_add(ic->ic_oerrors, 1); 1282 return; 1283 } 1284 callout_reset(&sc->watchdog_ch, hz, uath_watchdog, sc); 1285 } 1286 } 1287 1288 static void 1289 uath_abort_xfers(struct uath_softc *sc) 1290 { 1291 int i; 1292 1293 UATH_ASSERT_LOCKED(sc); 1294 /* abort any pending transfers */ 1295 for (i = 0; i < UATH_N_XFERS; i++) 1296 usbd_transfer_stop(sc->sc_xfer[i]); 1297 } 1298 1299 static int 1300 uath_flush(struct uath_softc *sc) 1301 { 1302 int error; 1303 1304 error = uath_dataflush(sc); 1305 if (error != 0) 1306 goto failed; 1307 1308 error = uath_cmdflush(sc); 1309 if (error != 0) 1310 goto failed; 1311 1312 failed: 1313 return (error); 1314 } 1315 1316 static int 1317 uath_cmdflush(struct uath_softc *sc) 1318 { 1319 1320 return uath_cmd_write(sc, WDCMSG_FLUSH, NULL, 0, 0); 1321 } 1322 1323 static int 1324 uath_dataflush(struct uath_softc *sc) 1325 { 1326 struct uath_data *data; 1327 struct uath_chunk *chunk; 1328 struct uath_tx_desc *desc; 1329 1330 UATH_ASSERT_LOCKED(sc); 1331 1332 data = uath_getbuf(sc); 1333 if (data == NULL) 1334 return (ENOBUFS); 1335 data->buflen = sizeof(struct uath_chunk) + sizeof(struct uath_tx_desc); 1336 data->m = NULL; 1337 data->ni = NULL; 1338 chunk = (struct uath_chunk *)data->buf; 1339 desc = (struct uath_tx_desc *)(chunk + 1); 1340 1341 /* one chunk only */ 1342 chunk->seqnum = 0; 1343 chunk->flags = UATH_CFLAGS_FINAL; 1344 chunk->length = htobe16(sizeof (struct uath_tx_desc)); 1345 1346 memset(desc, 0, sizeof(struct uath_tx_desc)); 1347 desc->msglen = htobe32(sizeof(struct uath_tx_desc)); 1348 desc->msgid = (sc->sc_msgid++) + 1; /* don't care about endianness */ 1349 desc->type = htobe32(WDCMSG_FLUSH); 1350 desc->txqid = htobe32(0); 1351 desc->connid = htobe32(0); 1352 desc->flags = htobe32(0); 1353 1354 #ifdef UATH_DEBUG 1355 if (sc->sc_debug & UATH_DEBUG_CMDS) { 1356 DPRINTF(sc, UATH_DEBUG_RESET, "send flush ix %d\n", 1357 desc->msgid); 1358 if (sc->sc_debug & UATH_DEBUG_CMDS_DUMP) 1359 uath_dump_cmd(data->buf, data->buflen, '+'); 1360 } 1361 #endif 1362 1363 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 1364 UATH_STAT_INC(sc, st_tx_pending); 1365 sc->sc_tx_timer = 5; 1366 usbd_transfer_start(sc->sc_xfer[UATH_BULK_TX]); 1367 1368 return (0); 1369 } 1370 1371 static struct uath_data * 1372 _uath_getbuf(struct uath_softc *sc) 1373 { 1374 struct uath_data *bf; 1375 1376 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 1377 if (bf != NULL) { 1378 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 1379 UATH_STAT_DEC(sc, st_tx_inactive); 1380 } else 1381 bf = NULL; 1382 if (bf == NULL) 1383 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: %s\n", __func__, 1384 "out of xmit buffers"); 1385 return (bf); 1386 } 1387 1388 static struct uath_data * 1389 uath_getbuf(struct uath_softc *sc) 1390 { 1391 struct uath_data *bf; 1392 1393 UATH_ASSERT_LOCKED(sc); 1394 1395 bf = _uath_getbuf(sc); 1396 if (bf == NULL) 1397 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: stop queue\n", __func__); 1398 return (bf); 1399 } 1400 1401 static int 1402 uath_set_ledstate(struct uath_softc *sc, int connected) 1403 { 1404 1405 DPRINTF(sc, UATH_DEBUG_LED, 1406 "set led state %sconnected\n", connected ? "" : "!"); 1407 connected = htobe32(connected); 1408 return uath_cmd_write(sc, WDCMSG_SET_LED_STATE, 1409 &connected, sizeof connected, 0); 1410 } 1411 1412 static int 1413 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1414 { 1415 #ifdef UATH_DEBUG 1416 struct ieee80211com *ic = &sc->sc_ic; 1417 #endif 1418 struct uath_cmd_reset reset; 1419 1420 memset(&reset, 0, sizeof(reset)); 1421 if (IEEE80211_IS_CHAN_2GHZ(c)) 1422 reset.flags |= htobe32(UATH_CHAN_2GHZ); 1423 if (IEEE80211_IS_CHAN_5GHZ(c)) 1424 reset.flags |= htobe32(UATH_CHAN_5GHZ); 1425 /* NB: 11g =>'s 11b so don't specify both OFDM and CCK */ 1426 if (IEEE80211_IS_CHAN_OFDM(c)) 1427 reset.flags |= htobe32(UATH_CHAN_OFDM); 1428 else if (IEEE80211_IS_CHAN_CCK(c)) 1429 reset.flags |= htobe32(UATH_CHAN_CCK); 1430 /* turbo can be used in either 2GHz or 5GHz */ 1431 if (c->ic_flags & IEEE80211_CHAN_TURBO) 1432 reset.flags |= htobe32(UATH_CHAN_TURBO); 1433 reset.freq = htobe32(c->ic_freq); 1434 reset.maxrdpower = htobe32(50); /* XXX */ 1435 reset.channelchange = htobe32(1); 1436 reset.keeprccontent = htobe32(0); 1437 1438 DPRINTF(sc, UATH_DEBUG_CHANNEL, "set channel %d, flags 0x%x freq %u\n", 1439 ieee80211_chan2ieee(ic, c), 1440 be32toh(reset.flags), be32toh(reset.freq)); 1441 return uath_cmd_write(sc, WDCMSG_RESET, &reset, sizeof reset, 0); 1442 } 1443 1444 static int 1445 uath_reset_tx_queues(struct uath_softc *sc) 1446 { 1447 int ac, error; 1448 1449 DPRINTF(sc, UATH_DEBUG_RESET, "%s: reset Tx queues\n", __func__); 1450 for (ac = 0; ac < 4; ac++) { 1451 const uint32_t qid = htobe32(ac); 1452 1453 error = uath_cmd_write(sc, WDCMSG_RELEASE_TX_QUEUE, &qid, 1454 sizeof qid, 0); 1455 if (error != 0) 1456 break; 1457 } 1458 return (error); 1459 } 1460 1461 static int 1462 uath_wme_init(struct uath_softc *sc) 1463 { 1464 /* XXX get from net80211 */ 1465 static const struct uath_wme_settings uath_wme_11g[4] = { 1466 { 7, 4, 10, 0, 0 }, /* Background */ 1467 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1468 { 3, 3, 4, 26, 0 }, /* Video */ 1469 { 2, 2, 3, 47, 0 } /* Voice */ 1470 }; 1471 struct uath_cmd_txq_setup qinfo; 1472 int ac, error; 1473 1474 DPRINTF(sc, UATH_DEBUG_WME, "%s: setup Tx queues\n", __func__); 1475 for (ac = 0; ac < 4; ac++) { 1476 qinfo.qid = htobe32(ac); 1477 qinfo.len = htobe32(sizeof(qinfo.attr)); 1478 qinfo.attr.priority = htobe32(ac); /* XXX */ 1479 qinfo.attr.aifs = htobe32(uath_wme_11g[ac].aifsn); 1480 qinfo.attr.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1481 qinfo.attr.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1482 qinfo.attr.bursttime = htobe32(IEEE80211_TXOP_TO_US( 1483 uath_wme_11g[ac].txop)); 1484 qinfo.attr.mode = htobe32(uath_wme_11g[ac].acm);/*XXX? */ 1485 qinfo.attr.qflags = htobe32(1); /* XXX? */ 1486 1487 error = uath_cmd_write(sc, WDCMSG_SETUP_TX_QUEUE, &qinfo, 1488 sizeof qinfo, 0); 1489 if (error != 0) 1490 break; 1491 } 1492 return (error); 1493 } 1494 1495 static void 1496 uath_parent(struct ieee80211com *ic) 1497 { 1498 struct uath_softc *sc = ic->ic_softc; 1499 int startall = 0; 1500 1501 UATH_LOCK(sc); 1502 if (sc->sc_flags & UATH_FLAG_INVALID) { 1503 UATH_UNLOCK(sc); 1504 return; 1505 } 1506 1507 if (ic->ic_nrunning > 0) { 1508 if (!(sc->sc_flags & UATH_FLAG_INITDONE)) { 1509 uath_init(sc); 1510 startall = 1; 1511 } 1512 } else if (sc->sc_flags & UATH_FLAG_INITDONE) 1513 uath_stop(sc); 1514 UATH_UNLOCK(sc); 1515 if (startall) 1516 ieee80211_start_all(ic); 1517 } 1518 1519 static int 1520 uath_tx_start(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1521 struct uath_data *data) 1522 { 1523 struct ieee80211vap *vap = ni->ni_vap; 1524 struct uath_chunk *chunk; 1525 struct uath_tx_desc *desc; 1526 const struct ieee80211_frame *wh; 1527 struct ieee80211_key *k; 1528 int framelen, msglen; 1529 1530 UATH_ASSERT_LOCKED(sc); 1531 1532 data->ni = ni; 1533 data->m = m0; 1534 chunk = (struct uath_chunk *)data->buf; 1535 desc = (struct uath_tx_desc *)(chunk + 1); 1536 1537 if (ieee80211_radiotap_active_vap(vap)) { 1538 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1539 1540 tap->wt_flags = 0; 1541 if (m0->m_flags & M_FRAG) 1542 tap->wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1543 1544 ieee80211_radiotap_tx(vap, m0); 1545 } 1546 1547 wh = mtod(m0, struct ieee80211_frame *); 1548 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1549 k = ieee80211_crypto_encap(ni, m0); 1550 if (k == NULL) { 1551 m_freem(m0); 1552 return (ENOBUFS); 1553 } 1554 1555 /* packet header may have moved, reset our local pointer */ 1556 wh = mtod(m0, struct ieee80211_frame *); 1557 } 1558 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1559 1560 framelen = m0->m_pkthdr.len + IEEE80211_CRC_LEN; 1561 msglen = framelen + sizeof (struct uath_tx_desc); 1562 data->buflen = msglen + sizeof (struct uath_chunk); 1563 1564 /* one chunk only for now */ 1565 chunk->seqnum = sc->sc_seqnum++; 1566 chunk->flags = (m0->m_flags & M_FRAG) ? 0 : UATH_CFLAGS_FINAL; 1567 if (m0->m_flags & M_LASTFRAG) 1568 chunk->flags |= UATH_CFLAGS_FINAL; 1569 chunk->flags = UATH_CFLAGS_FINAL; 1570 chunk->length = htobe16(msglen); 1571 1572 /* fill Tx descriptor */ 1573 desc->msglen = htobe32(msglen); 1574 /* NB: to get UATH_TX_NOTIFY reply, `msgid' must be larger than 0 */ 1575 desc->msgid = (sc->sc_msgid++) + 1; /* don't care about endianness */ 1576 desc->type = htobe32(WDCMSG_SEND); 1577 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 1578 case IEEE80211_FC0_TYPE_CTL: 1579 case IEEE80211_FC0_TYPE_MGT: 1580 /* NB: force all management frames to highest queue */ 1581 if (ni->ni_flags & IEEE80211_NODE_QOS) { 1582 /* NB: force all management frames to highest queue */ 1583 desc->txqid = htobe32(WME_AC_VO | UATH_TXQID_MINRATE); 1584 } else 1585 desc->txqid = htobe32(WME_AC_BE | UATH_TXQID_MINRATE); 1586 break; 1587 case IEEE80211_FC0_TYPE_DATA: 1588 /* XXX multicast frames should honor mcastrate */ 1589 desc->txqid = htobe32(M_WME_GETAC(m0)); 1590 break; 1591 default: 1592 device_printf(sc->sc_dev, "bogus frame type 0x%x (%s)\n", 1593 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 1594 m_freem(m0); 1595 return (EIO); 1596 } 1597 if (vap->iv_state == IEEE80211_S_AUTH || 1598 vap->iv_state == IEEE80211_S_ASSOC || 1599 vap->iv_state == IEEE80211_S_RUN) 1600 desc->connid = htobe32(UATH_ID_BSS); 1601 else 1602 desc->connid = htobe32(UATH_ID_INVALID); 1603 desc->flags = htobe32(0 /* no UATH_TX_NOTIFY */); 1604 desc->buflen = htobe32(m0->m_pkthdr.len); 1605 1606 #ifdef UATH_DEBUG 1607 DPRINTF(sc, UATH_DEBUG_XMIT, 1608 "send frame ix %u framelen %d msglen %d connid 0x%x txqid 0x%x\n", 1609 desc->msgid, framelen, msglen, be32toh(desc->connid), 1610 be32toh(desc->txqid)); 1611 if (sc->sc_debug & UATH_DEBUG_XMIT_DUMP) 1612 uath_dump_cmd(data->buf, data->buflen, '+'); 1613 #endif 1614 1615 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 1616 UATH_STAT_INC(sc, st_tx_pending); 1617 usbd_transfer_start(sc->sc_xfer[UATH_BULK_TX]); 1618 1619 return (0); 1620 } 1621 1622 /* 1623 * Cleanup driver resources when we run out of buffers while processing 1624 * fragments; return the tx buffers allocated and drop node references. 1625 */ 1626 static void 1627 uath_txfrag_cleanup(struct uath_softc *sc, 1628 uath_datahead *frags, struct ieee80211_node *ni) 1629 { 1630 struct uath_data *bf, *next; 1631 1632 UATH_ASSERT_LOCKED(sc); 1633 1634 STAILQ_FOREACH_SAFE(bf, frags, next, next) { 1635 /* NB: bf assumed clean */ 1636 STAILQ_REMOVE_HEAD(frags, next); 1637 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 1638 UATH_STAT_INC(sc, st_tx_inactive); 1639 ieee80211_node_decref(ni); 1640 } 1641 } 1642 1643 /* 1644 * Setup xmit of a fragmented frame. Allocate a buffer for each frag and bump 1645 * the node reference count to reflect the held reference to be setup by 1646 * uath_tx_start. 1647 */ 1648 static int 1649 uath_txfrag_setup(struct uath_softc *sc, uath_datahead *frags, 1650 struct mbuf *m0, struct ieee80211_node *ni) 1651 { 1652 struct mbuf *m; 1653 struct uath_data *bf; 1654 1655 UATH_ASSERT_LOCKED(sc); 1656 for (m = m0->m_nextpkt; m != NULL; m = m->m_nextpkt) { 1657 bf = uath_getbuf(sc); 1658 if (bf == NULL) { /* out of buffers, cleanup */ 1659 uath_txfrag_cleanup(sc, frags, ni); 1660 break; 1661 } 1662 ieee80211_node_incref(ni); 1663 STAILQ_INSERT_TAIL(frags, bf, next); 1664 } 1665 1666 return !STAILQ_EMPTY(frags); 1667 } 1668 1669 static int 1670 uath_transmit(struct ieee80211com *ic, struct mbuf *m) 1671 { 1672 struct uath_softc *sc = ic->ic_softc; 1673 int error; 1674 1675 UATH_LOCK(sc); 1676 if ((sc->sc_flags & UATH_FLAG_INITDONE) == 0) { 1677 UATH_UNLOCK(sc); 1678 return (ENXIO); 1679 } 1680 error = mbufq_enqueue(&sc->sc_snd, m); 1681 if (error) { 1682 UATH_UNLOCK(sc); 1683 return (error); 1684 } 1685 uath_start(sc); 1686 UATH_UNLOCK(sc); 1687 1688 return (0); 1689 } 1690 1691 static void 1692 uath_start(struct uath_softc *sc) 1693 { 1694 struct uath_data *bf; 1695 struct ieee80211_node *ni; 1696 struct mbuf *m, *next; 1697 uath_datahead frags; 1698 1699 UATH_ASSERT_LOCKED(sc); 1700 1701 if ((sc->sc_flags & UATH_FLAG_INITDONE) == 0 || 1702 (sc->sc_flags & UATH_FLAG_INVALID)) 1703 return; 1704 1705 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 1706 bf = uath_getbuf(sc); 1707 if (bf == NULL) { 1708 mbufq_prepend(&sc->sc_snd, m); 1709 break; 1710 } 1711 1712 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 1713 m->m_pkthdr.rcvif = NULL; 1714 1715 /* 1716 * Check for fragmentation. If this frame has been broken up 1717 * verify we have enough buffers to send all the fragments 1718 * so all go out or none... 1719 */ 1720 STAILQ_INIT(&frags); 1721 if ((m->m_flags & M_FRAG) && 1722 !uath_txfrag_setup(sc, &frags, m, ni)) { 1723 DPRINTF(sc, UATH_DEBUG_XMIT, 1724 "%s: out of txfrag buffers\n", __func__); 1725 ieee80211_free_mbuf(m); 1726 goto bad; 1727 } 1728 sc->sc_seqnum = 0; 1729 nextfrag: 1730 /* 1731 * Pass the frame to the h/w for transmission. 1732 * Fragmented frames have each frag chained together 1733 * with m_nextpkt. We know there are sufficient uath_data's 1734 * to send all the frags because of work done by 1735 * uath_txfrag_setup. 1736 */ 1737 next = m->m_nextpkt; 1738 if (uath_tx_start(sc, m, ni, bf) != 0) { 1739 bad: 1740 if_inc_counter(ni->ni_vap->iv_ifp, 1741 IFCOUNTER_OERRORS, 1); 1742 reclaim: 1743 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 1744 UATH_STAT_INC(sc, st_tx_inactive); 1745 uath_txfrag_cleanup(sc, &frags, ni); 1746 ieee80211_free_node(ni); 1747 continue; 1748 } 1749 1750 if (next != NULL) { 1751 /* 1752 * Beware of state changing between frags. 1753 XXX check sta power-save state? 1754 */ 1755 if (ni->ni_vap->iv_state != IEEE80211_S_RUN) { 1756 DPRINTF(sc, UATH_DEBUG_XMIT, 1757 "%s: flush fragmented packet, state %s\n", 1758 __func__, 1759 ieee80211_state_name[ni->ni_vap->iv_state]); 1760 ieee80211_free_mbuf(next); 1761 goto reclaim; 1762 } 1763 m = next; 1764 bf = STAILQ_FIRST(&frags); 1765 KASSERT(bf != NULL, ("no buf for txfrag")); 1766 STAILQ_REMOVE_HEAD(&frags, next); 1767 goto nextfrag; 1768 } 1769 1770 sc->sc_tx_timer = 5; 1771 } 1772 } 1773 1774 static int 1775 uath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 1776 const struct ieee80211_bpf_params *params) 1777 { 1778 struct ieee80211com *ic = ni->ni_ic; 1779 struct uath_data *bf; 1780 struct uath_softc *sc = ic->ic_softc; 1781 1782 UATH_LOCK(sc); 1783 /* prevent management frames from being sent if we're not ready */ 1784 if ((sc->sc_flags & UATH_FLAG_INVALID) || 1785 !(sc->sc_flags & UATH_FLAG_INITDONE)) { 1786 m_freem(m); 1787 UATH_UNLOCK(sc); 1788 return (ENETDOWN); 1789 } 1790 1791 /* grab a TX buffer */ 1792 bf = uath_getbuf(sc); 1793 if (bf == NULL) { 1794 m_freem(m); 1795 UATH_UNLOCK(sc); 1796 return (ENOBUFS); 1797 } 1798 1799 sc->sc_seqnum = 0; 1800 if (uath_tx_start(sc, m, ni, bf) != 0) { 1801 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 1802 UATH_STAT_INC(sc, st_tx_inactive); 1803 UATH_UNLOCK(sc); 1804 return (EIO); 1805 } 1806 UATH_UNLOCK(sc); 1807 1808 sc->sc_tx_timer = 5; 1809 return (0); 1810 } 1811 1812 static void 1813 uath_scan_start(struct ieee80211com *ic) 1814 { 1815 /* do nothing */ 1816 } 1817 1818 static void 1819 uath_scan_end(struct ieee80211com *ic) 1820 { 1821 /* do nothing */ 1822 } 1823 1824 static void 1825 uath_set_channel(struct ieee80211com *ic) 1826 { 1827 struct uath_softc *sc = ic->ic_softc; 1828 1829 UATH_LOCK(sc); 1830 if ((sc->sc_flags & UATH_FLAG_INVALID) || 1831 (sc->sc_flags & UATH_FLAG_INITDONE) == 0) { 1832 UATH_UNLOCK(sc); 1833 return; 1834 } 1835 (void)uath_switch_channel(sc, ic->ic_curchan); 1836 UATH_UNLOCK(sc); 1837 } 1838 1839 static int 1840 uath_set_rxmulti_filter(struct uath_softc *sc) 1841 { 1842 /* XXX broken */ 1843 return (0); 1844 } 1845 static void 1846 uath_update_mcast(struct ieee80211com *ic) 1847 { 1848 struct uath_softc *sc = ic->ic_softc; 1849 1850 UATH_LOCK(sc); 1851 if ((sc->sc_flags & UATH_FLAG_INVALID) || 1852 (sc->sc_flags & UATH_FLAG_INITDONE) == 0) { 1853 UATH_UNLOCK(sc); 1854 return; 1855 } 1856 /* 1857 * this is for avoiding the race condition when we're try to 1858 * connect to the AP with WPA. 1859 */ 1860 if (sc->sc_flags & UATH_FLAG_INITDONE) 1861 (void)uath_set_rxmulti_filter(sc); 1862 UATH_UNLOCK(sc); 1863 } 1864 1865 static void 1866 uath_update_promisc(struct ieee80211com *ic) 1867 { 1868 struct uath_softc *sc = ic->ic_softc; 1869 1870 UATH_LOCK(sc); 1871 if ((sc->sc_flags & UATH_FLAG_INVALID) || 1872 (sc->sc_flags & UATH_FLAG_INITDONE) == 0) { 1873 UATH_UNLOCK(sc); 1874 return; 1875 } 1876 if (sc->sc_flags & UATH_FLAG_INITDONE) { 1877 uath_set_rxfilter(sc, 1878 UATH_FILTER_RX_UCAST | UATH_FILTER_RX_MCAST | 1879 UATH_FILTER_RX_BCAST | UATH_FILTER_RX_BEACON | 1880 UATH_FILTER_RX_PROM, UATH_FILTER_OP_SET); 1881 } 1882 UATH_UNLOCK(sc); 1883 } 1884 1885 static int 1886 uath_create_connection(struct uath_softc *sc, uint32_t connid) 1887 { 1888 const struct ieee80211_rateset *rs; 1889 struct ieee80211com *ic = &sc->sc_ic; 1890 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1891 struct ieee80211_node *ni; 1892 struct uath_cmd_create_connection create; 1893 1894 ni = ieee80211_ref_node(vap->iv_bss); 1895 memset(&create, 0, sizeof(create)); 1896 create.connid = htobe32(connid); 1897 create.bssid = htobe32(0); 1898 /* XXX packed or not? */ 1899 create.size = htobe32(sizeof(struct uath_cmd_rateset)); 1900 1901 rs = &ni->ni_rates; 1902 create.connattr.rateset.length = rs->rs_nrates; 1903 bcopy(rs->rs_rates, &create.connattr.rateset.set[0], 1904 rs->rs_nrates); 1905 1906 /* XXX turbo */ 1907 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) 1908 create.connattr.wlanmode = htobe32(WLAN_MODE_11a); 1909 else if (IEEE80211_IS_CHAN_ANYG(ni->ni_chan)) 1910 create.connattr.wlanmode = htobe32(WLAN_MODE_11g); 1911 else 1912 create.connattr.wlanmode = htobe32(WLAN_MODE_11b); 1913 ieee80211_free_node(ni); 1914 1915 return uath_cmd_write(sc, WDCMSG_CREATE_CONNECTION, &create, 1916 sizeof create, 0); 1917 } 1918 1919 static int 1920 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1921 { 1922 struct uath_cmd_rates rates; 1923 1924 memset(&rates, 0, sizeof(rates)); 1925 rates.connid = htobe32(UATH_ID_BSS); /* XXX */ 1926 rates.size = htobe32(sizeof(struct uath_cmd_rateset)); 1927 /* XXX bounds check rs->rs_nrates */ 1928 rates.rateset.length = rs->rs_nrates; 1929 bcopy(rs->rs_rates, &rates.rateset.set[0], rs->rs_nrates); 1930 1931 DPRINTF(sc, UATH_DEBUG_RATES, 1932 "setting supported rates nrates=%d\n", rs->rs_nrates); 1933 return uath_cmd_write(sc, WDCMSG_SET_BASIC_RATE, 1934 &rates, sizeof rates, 0); 1935 } 1936 1937 static int 1938 uath_write_associd(struct uath_softc *sc) 1939 { 1940 struct ieee80211com *ic = &sc->sc_ic; 1941 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1942 struct ieee80211_node *ni; 1943 struct uath_cmd_set_associd associd; 1944 1945 ni = ieee80211_ref_node(vap->iv_bss); 1946 memset(&associd, 0, sizeof(associd)); 1947 associd.defaultrateix = htobe32(1); /* XXX */ 1948 associd.associd = htobe32(ni->ni_associd); 1949 associd.timoffset = htobe32(0x3b); /* XXX */ 1950 IEEE80211_ADDR_COPY(associd.bssid, ni->ni_bssid); 1951 ieee80211_free_node(ni); 1952 return uath_cmd_write(sc, WDCMSG_WRITE_ASSOCID, &associd, 1953 sizeof associd, 0); 1954 } 1955 1956 static int 1957 uath_set_ledsteady(struct uath_softc *sc, int lednum, int ledmode) 1958 { 1959 struct uath_cmd_ledsteady led; 1960 1961 led.lednum = htobe32(lednum); 1962 led.ledmode = htobe32(ledmode); 1963 1964 DPRINTF(sc, UATH_DEBUG_LED, "set %s led %s (steady)\n", 1965 (lednum == UATH_LED_LINK) ? "link" : "activity", 1966 ledmode ? "on" : "off"); 1967 return uath_cmd_write(sc, WDCMSG_SET_LED_STEADY, &led, sizeof led, 0); 1968 } 1969 1970 static int 1971 uath_set_ledblink(struct uath_softc *sc, int lednum, int ledmode, 1972 int blinkrate, int slowmode) 1973 { 1974 struct uath_cmd_ledblink led; 1975 1976 led.lednum = htobe32(lednum); 1977 led.ledmode = htobe32(ledmode); 1978 led.blinkrate = htobe32(blinkrate); 1979 led.slowmode = htobe32(slowmode); 1980 1981 DPRINTF(sc, UATH_DEBUG_LED, "set %s led %s (blink)\n", 1982 (lednum == UATH_LED_LINK) ? "link" : "activity", 1983 ledmode ? "on" : "off"); 1984 return uath_cmd_write(sc, WDCMSG_SET_LED_BLINK, &led, sizeof led, 0); 1985 } 1986 1987 static int 1988 uath_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 1989 { 1990 enum ieee80211_state ostate = vap->iv_state; 1991 int error; 1992 struct ieee80211_node *ni; 1993 struct ieee80211com *ic = vap->iv_ic; 1994 struct uath_softc *sc = ic->ic_softc; 1995 struct uath_vap *uvp = UATH_VAP(vap); 1996 1997 DPRINTF(sc, UATH_DEBUG_STATE, 1998 "%s: %s -> %s\n", __func__, ieee80211_state_name[vap->iv_state], 1999 ieee80211_state_name[nstate]); 2000 2001 IEEE80211_UNLOCK(ic); 2002 UATH_LOCK(sc); 2003 callout_stop(&sc->stat_ch); 2004 callout_stop(&sc->watchdog_ch); 2005 ni = ieee80211_ref_node(vap->iv_bss); 2006 2007 switch (nstate) { 2008 case IEEE80211_S_INIT: 2009 if (ostate == IEEE80211_S_RUN) { 2010 /* turn link and activity LEDs off */ 2011 uath_set_ledstate(sc, 0); 2012 } 2013 break; 2014 2015 case IEEE80211_S_SCAN: 2016 break; 2017 2018 case IEEE80211_S_AUTH: 2019 /* XXX good place? set RTS threshold */ 2020 uath_config(sc, CFG_USER_RTS_THRESHOLD, vap->iv_rtsthreshold); 2021 /* XXX bad place */ 2022 error = uath_set_keys(sc, vap); 2023 if (error != 0) { 2024 device_printf(sc->sc_dev, 2025 "could not set crypto keys, error %d\n", error); 2026 break; 2027 } 2028 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 2029 device_printf(sc->sc_dev, "could not switch channel\n"); 2030 break; 2031 } 2032 if (uath_create_connection(sc, UATH_ID_BSS) != 0) { 2033 device_printf(sc->sc_dev, 2034 "could not create connection\n"); 2035 break; 2036 } 2037 break; 2038 2039 case IEEE80211_S_ASSOC: 2040 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 2041 device_printf(sc->sc_dev, 2042 "could not set negotiated rate set\n"); 2043 break; 2044 } 2045 break; 2046 2047 case IEEE80211_S_RUN: 2048 /* XXX monitor mode doesn't be tested */ 2049 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 2050 uath_set_ledstate(sc, 1); 2051 break; 2052 } 2053 2054 /* 2055 * Tx rate is controlled by firmware, report the maximum 2056 * negotiated rate in ifconfig output. 2057 */ 2058 ni->ni_txrate = ni->ni_rates.rs_rates[ni->ni_rates.rs_nrates-1]; 2059 2060 if (uath_write_associd(sc) != 0) { 2061 device_printf(sc->sc_dev, 2062 "could not write association id\n"); 2063 break; 2064 } 2065 /* turn link LED on */ 2066 uath_set_ledsteady(sc, UATH_LED_LINK, UATH_LED_ON); 2067 /* make activity LED blink */ 2068 uath_set_ledblink(sc, UATH_LED_ACTIVITY, UATH_LED_ON, 1, 2); 2069 /* set state to associated */ 2070 uath_set_ledstate(sc, 1); 2071 2072 /* start statistics timer */ 2073 callout_reset(&sc->stat_ch, hz, uath_stat, sc); 2074 break; 2075 default: 2076 break; 2077 } 2078 ieee80211_free_node(ni); 2079 UATH_UNLOCK(sc); 2080 IEEE80211_LOCK(ic); 2081 return (uvp->newstate(vap, nstate, arg)); 2082 } 2083 2084 static int 2085 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *wk, 2086 int index) 2087 { 2088 #if 0 2089 struct uath_cmd_crypto crypto; 2090 int i; 2091 2092 memset(&crypto, 0, sizeof(crypto)); 2093 crypto.keyidx = htobe32(index); 2094 crypto.magic1 = htobe32(1); 2095 crypto.size = htobe32(368); 2096 crypto.mask = htobe32(0xffff); 2097 crypto.flags = htobe32(0x80000068); 2098 if (index != UATH_DEFAULT_KEY) 2099 crypto.flags |= htobe32(index << 16); 2100 memset(crypto.magic2, 0xff, sizeof(crypto.magic2)); 2101 2102 /* 2103 * Each byte of the key must be XOR'ed with 10101010 before being 2104 * transmitted to the firmware. 2105 */ 2106 for (i = 0; i < wk->wk_keylen; i++) 2107 crypto.key[i] = wk->wk_key[i] ^ 0xaa; 2108 2109 DPRINTF(sc, UATH_DEBUG_CRYPTO, 2110 "setting crypto key index=%d len=%d\n", index, wk->wk_keylen); 2111 return uath_cmd_write(sc, WDCMSG_SET_KEY_CACHE_ENTRY, &crypto, 2112 sizeof crypto, 0); 2113 #else 2114 /* XXX support H/W cryto */ 2115 return (0); 2116 #endif 2117 } 2118 2119 static int 2120 uath_set_keys(struct uath_softc *sc, struct ieee80211vap *vap) 2121 { 2122 int i, error; 2123 2124 error = 0; 2125 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2126 const struct ieee80211_key *wk = &vap->iv_nw_keys[i]; 2127 2128 if (wk->wk_flags & (IEEE80211_KEY_XMIT|IEEE80211_KEY_RECV)) { 2129 error = uath_set_key(sc, wk, i); 2130 if (error) 2131 return (error); 2132 } 2133 } 2134 if (vap->iv_def_txkey != IEEE80211_KEYIX_NONE) { 2135 error = uath_set_key(sc, &vap->iv_nw_keys[vap->iv_def_txkey], 2136 UATH_DEFAULT_KEY); 2137 } 2138 return (error); 2139 } 2140 2141 #define UATH_SYSCTL_STAT_ADD32(c, h, n, p, d) \ 2142 SYSCTL_ADD_UINT(c, h, OID_AUTO, n, CTLFLAG_RD, p, 0, d) 2143 2144 static void 2145 uath_sysctl_node(struct uath_softc *sc) 2146 { 2147 struct sysctl_ctx_list *ctx; 2148 struct sysctl_oid_list *child; 2149 struct sysctl_oid *tree; 2150 struct uath_stat *stats; 2151 2152 stats = &sc->sc_stat; 2153 ctx = device_get_sysctl_ctx(sc->sc_dev); 2154 child = SYSCTL_CHILDREN(device_get_sysctl_tree(sc->sc_dev)); 2155 2156 tree = SYSCTL_ADD_NODE(ctx, child, OID_AUTO, "stats", CTLFLAG_RD, 2157 NULL, "UATH statistics"); 2158 child = SYSCTL_CHILDREN(tree); 2159 UATH_SYSCTL_STAT_ADD32(ctx, child, "badchunkseqnum", 2160 &stats->st_badchunkseqnum, "Bad chunk sequence numbers"); 2161 UATH_SYSCTL_STAT_ADD32(ctx, child, "invalidlen", &stats->st_invalidlen, 2162 "Invalid length"); 2163 UATH_SYSCTL_STAT_ADD32(ctx, child, "multichunk", &stats->st_multichunk, 2164 "Multi chunks"); 2165 UATH_SYSCTL_STAT_ADD32(ctx, child, "toobigrxpkt", 2166 &stats->st_toobigrxpkt, "Too big rx packets"); 2167 UATH_SYSCTL_STAT_ADD32(ctx, child, "stopinprogress", 2168 &stats->st_stopinprogress, "Stop in progress"); 2169 UATH_SYSCTL_STAT_ADD32(ctx, child, "crcerrs", &stats->st_crcerr, 2170 "CRC errors"); 2171 UATH_SYSCTL_STAT_ADD32(ctx, child, "phyerr", &stats->st_phyerr, 2172 "PHY errors"); 2173 UATH_SYSCTL_STAT_ADD32(ctx, child, "decrypt_crcerr", 2174 &stats->st_decrypt_crcerr, "Decryption CRC errors"); 2175 UATH_SYSCTL_STAT_ADD32(ctx, child, "decrypt_micerr", 2176 &stats->st_decrypt_micerr, "Decryption Misc errors"); 2177 UATH_SYSCTL_STAT_ADD32(ctx, child, "decomperr", &stats->st_decomperr, 2178 "Decomp errors"); 2179 UATH_SYSCTL_STAT_ADD32(ctx, child, "keyerr", &stats->st_keyerr, 2180 "Key errors"); 2181 UATH_SYSCTL_STAT_ADD32(ctx, child, "err", &stats->st_err, 2182 "Unknown errors"); 2183 2184 UATH_SYSCTL_STAT_ADD32(ctx, child, "cmd_active", 2185 &stats->st_cmd_active, "Active numbers in Command queue"); 2186 UATH_SYSCTL_STAT_ADD32(ctx, child, "cmd_inactive", 2187 &stats->st_cmd_inactive, "Inactive numbers in Command queue"); 2188 UATH_SYSCTL_STAT_ADD32(ctx, child, "cmd_pending", 2189 &stats->st_cmd_pending, "Pending numbers in Command queue"); 2190 UATH_SYSCTL_STAT_ADD32(ctx, child, "cmd_waiting", 2191 &stats->st_cmd_waiting, "Waiting numbers in Command queue"); 2192 UATH_SYSCTL_STAT_ADD32(ctx, child, "rx_active", 2193 &stats->st_rx_active, "Active numbers in RX queue"); 2194 UATH_SYSCTL_STAT_ADD32(ctx, child, "rx_inactive", 2195 &stats->st_rx_inactive, "Inactive numbers in RX queue"); 2196 UATH_SYSCTL_STAT_ADD32(ctx, child, "tx_active", 2197 &stats->st_tx_active, "Active numbers in TX queue"); 2198 UATH_SYSCTL_STAT_ADD32(ctx, child, "tx_inactive", 2199 &stats->st_tx_inactive, "Inactive numbers in TX queue"); 2200 UATH_SYSCTL_STAT_ADD32(ctx, child, "tx_pending", 2201 &stats->st_tx_pending, "Pending numbers in TX queue"); 2202 } 2203 2204 #undef UATH_SYSCTL_STAT_ADD32 2205 2206 CTASSERT(sizeof(u_int) >= sizeof(uint32_t)); 2207 2208 static void 2209 uath_cmdeof(struct uath_softc *sc, struct uath_cmd *cmd) 2210 { 2211 struct uath_cmd_hdr *hdr; 2212 uint32_t dlen; 2213 2214 hdr = (struct uath_cmd_hdr *)cmd->buf; 2215 /* NB: msgid is passed thru w/o byte swapping */ 2216 #ifdef UATH_DEBUG 2217 if (sc->sc_debug & UATH_DEBUG_CMDS) { 2218 uint32_t len = be32toh(hdr->len); 2219 printf("%s: %s [ix %u] len %u status %u\n", 2220 __func__, uath_codename(be32toh(hdr->code)), 2221 hdr->msgid, len, be32toh(hdr->magic)); 2222 if (sc->sc_debug & UATH_DEBUG_CMDS_DUMP) 2223 uath_dump_cmd(cmd->buf, 2224 len > UATH_MAX_CMDSZ ? sizeof(*hdr) : len, '-'); 2225 } 2226 #endif 2227 hdr->code = be32toh(hdr->code); 2228 hdr->len = be32toh(hdr->len); 2229 hdr->magic = be32toh(hdr->magic); /* target status on return */ 2230 2231 switch (hdr->code & 0xff) { 2232 /* reply to a read command */ 2233 default: 2234 DPRINTF(sc, UATH_DEBUG_RX_PROC | UATH_DEBUG_RECV_ALL, 2235 "%s: code %d hdr len %u\n", 2236 __func__, hdr->code & 0xff, hdr->len); 2237 /* 2238 * The first response from the target after the 2239 * HOST_AVAILABLE has an invalid msgid so we must 2240 * treat it specially. 2241 */ 2242 if (hdr->msgid < UATH_CMD_LIST_COUNT) { 2243 uint32_t *rp = (uint32_t *)(hdr+1); 2244 u_int olen; 2245 2246 if (sizeof(*hdr) > hdr->len || 2247 hdr->len >= UATH_MAX_CMDSZ) { 2248 device_printf(sc->sc_dev, 2249 "%s: invalid WDC msg length %u; " 2250 "msg ignored\n", __func__, hdr->len); 2251 return; 2252 } 2253 /* 2254 * Calculate return/receive payload size; the 2255 * first word, if present, always gives the 2256 * number of bytes--unless it's 0 in which 2257 * case a single 32-bit word should be present. 2258 */ 2259 dlen = hdr->len - sizeof(*hdr); 2260 if (dlen >= sizeof(uint32_t)) { 2261 olen = be32toh(rp[0]); 2262 dlen -= sizeof(uint32_t); 2263 if (olen == 0) { 2264 /* convention is 0 =>'s one word */ 2265 olen = sizeof(uint32_t); 2266 /* XXX KASSERT(olen == dlen ) */ 2267 } 2268 } else 2269 olen = 0; 2270 if (cmd->odata != NULL) { 2271 /* NB: cmd->olen validated in uath_cmd */ 2272 if (olen > (u_int)cmd->olen) { 2273 /* XXX complain? */ 2274 device_printf(sc->sc_dev, 2275 "%s: cmd 0x%x olen %u cmd olen %u\n", 2276 __func__, hdr->code, olen, 2277 cmd->olen); 2278 olen = cmd->olen; 2279 } 2280 if (olen > dlen) { 2281 /* XXX complain, shouldn't happen */ 2282 device_printf(sc->sc_dev, 2283 "%s: cmd 0x%x olen %u dlen %u\n", 2284 __func__, hdr->code, olen, dlen); 2285 olen = dlen; 2286 } 2287 /* XXX have submitter do this */ 2288 /* copy answer into caller's supplied buffer */ 2289 bcopy(&rp[1], cmd->odata, olen); 2290 cmd->olen = olen; 2291 } 2292 } 2293 wakeup_one(cmd); /* wake up caller */ 2294 break; 2295 2296 case WDCMSG_TARGET_START: 2297 if (hdr->msgid >= UATH_CMD_LIST_COUNT) { 2298 /* XXX */ 2299 return; 2300 } 2301 dlen = hdr->len - sizeof(*hdr); 2302 if (dlen != sizeof(uint32_t)) { 2303 device_printf(sc->sc_dev, 2304 "%s: dlen (%u) != %zu!\n", 2305 __func__, dlen, sizeof(uint32_t)); 2306 return; 2307 } 2308 /* XXX have submitter do this */ 2309 /* copy answer into caller's supplied buffer */ 2310 bcopy(hdr+1, cmd->odata, sizeof(uint32_t)); 2311 cmd->olen = sizeof(uint32_t); 2312 wakeup_one(cmd); /* wake up caller */ 2313 break; 2314 2315 case WDCMSG_SEND_COMPLETE: 2316 /* this notification is sent when UATH_TX_NOTIFY is set */ 2317 DPRINTF(sc, UATH_DEBUG_RX_PROC | UATH_DEBUG_RECV_ALL, 2318 "%s: received Tx notification\n", __func__); 2319 break; 2320 2321 case WDCMSG_TARGET_GET_STATS: 2322 DPRINTF(sc, UATH_DEBUG_RX_PROC | UATH_DEBUG_RECV_ALL, 2323 "%s: received device statistics\n", __func__); 2324 callout_reset(&sc->stat_ch, hz, uath_stat, sc); 2325 break; 2326 } 2327 } 2328 2329 static void 2330 uath_intr_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2331 { 2332 struct uath_softc *sc = usbd_xfer_softc(xfer); 2333 struct uath_cmd *cmd; 2334 struct uath_cmd_hdr *hdr; 2335 struct usb_page_cache *pc; 2336 int actlen; 2337 2338 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 2339 2340 UATH_ASSERT_LOCKED(sc); 2341 2342 switch (USB_GET_STATE(xfer)) { 2343 case USB_ST_TRANSFERRED: 2344 cmd = STAILQ_FIRST(&sc->sc_cmd_waiting); 2345 if (cmd == NULL) 2346 goto setup; 2347 STAILQ_REMOVE_HEAD(&sc->sc_cmd_waiting, next); 2348 UATH_STAT_DEC(sc, st_cmd_waiting); 2349 STAILQ_INSERT_TAIL(&sc->sc_cmd_inactive, cmd, next); 2350 UATH_STAT_INC(sc, st_cmd_inactive); 2351 2352 if (actlen < sizeof(struct uath_cmd_hdr)) { 2353 device_printf(sc->sc_dev, 2354 "%s: short xfer error (actlen %d)\n", 2355 __func__, actlen); 2356 goto setup; 2357 } 2358 2359 pc = usbd_xfer_get_frame(xfer, 0); 2360 usbd_copy_out(pc, 0, cmd->buf, actlen); 2361 2362 hdr = (struct uath_cmd_hdr *)cmd->buf; 2363 hdr->len = be32toh(hdr->len); 2364 if (hdr->len > (uint32_t)actlen) { 2365 device_printf(sc->sc_dev, 2366 "%s: truncated xfer (len %u, actlen %d)\n", 2367 __func__, hdr->len, actlen); 2368 goto setup; 2369 } 2370 2371 uath_cmdeof(sc, cmd); 2372 case USB_ST_SETUP: 2373 setup: 2374 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer)); 2375 usbd_transfer_submit(xfer); 2376 break; 2377 default: 2378 if (error != USB_ERR_CANCELLED) { 2379 usbd_xfer_set_stall(xfer); 2380 goto setup; 2381 } 2382 break; 2383 } 2384 } 2385 2386 static void 2387 uath_intr_tx_callback(struct usb_xfer *xfer, usb_error_t error) 2388 { 2389 struct uath_softc *sc = usbd_xfer_softc(xfer); 2390 struct uath_cmd *cmd; 2391 2392 UATH_ASSERT_LOCKED(sc); 2393 2394 cmd = STAILQ_FIRST(&sc->sc_cmd_active); 2395 if (cmd != NULL && USB_GET_STATE(xfer) != USB_ST_SETUP) { 2396 STAILQ_REMOVE_HEAD(&sc->sc_cmd_active, next); 2397 UATH_STAT_DEC(sc, st_cmd_active); 2398 STAILQ_INSERT_TAIL((cmd->flags & UATH_CMD_FLAG_READ) ? 2399 &sc->sc_cmd_waiting : &sc->sc_cmd_inactive, cmd, next); 2400 if (cmd->flags & UATH_CMD_FLAG_READ) 2401 UATH_STAT_INC(sc, st_cmd_waiting); 2402 else 2403 UATH_STAT_INC(sc, st_cmd_inactive); 2404 } 2405 2406 switch (USB_GET_STATE(xfer)) { 2407 case USB_ST_TRANSFERRED: 2408 case USB_ST_SETUP: 2409 setup: 2410 cmd = STAILQ_FIRST(&sc->sc_cmd_pending); 2411 if (cmd == NULL) { 2412 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: empty pending queue\n", 2413 __func__); 2414 return; 2415 } 2416 STAILQ_REMOVE_HEAD(&sc->sc_cmd_pending, next); 2417 UATH_STAT_DEC(sc, st_cmd_pending); 2418 STAILQ_INSERT_TAIL((cmd->flags & UATH_CMD_FLAG_ASYNC) ? 2419 &sc->sc_cmd_inactive : &sc->sc_cmd_active, cmd, next); 2420 if (cmd->flags & UATH_CMD_FLAG_ASYNC) 2421 UATH_STAT_INC(sc, st_cmd_inactive); 2422 else 2423 UATH_STAT_INC(sc, st_cmd_active); 2424 2425 usbd_xfer_set_frame_data(xfer, 0, cmd->buf, cmd->buflen); 2426 usbd_transfer_submit(xfer); 2427 break; 2428 default: 2429 if (error != USB_ERR_CANCELLED) { 2430 usbd_xfer_set_stall(xfer); 2431 goto setup; 2432 } 2433 break; 2434 } 2435 } 2436 2437 static void 2438 uath_update_rxstat(struct uath_softc *sc, uint32_t status) 2439 { 2440 2441 switch (status) { 2442 case UATH_STATUS_STOP_IN_PROGRESS: 2443 UATH_STAT_INC(sc, st_stopinprogress); 2444 break; 2445 case UATH_STATUS_CRC_ERR: 2446 UATH_STAT_INC(sc, st_crcerr); 2447 break; 2448 case UATH_STATUS_PHY_ERR: 2449 UATH_STAT_INC(sc, st_phyerr); 2450 break; 2451 case UATH_STATUS_DECRYPT_CRC_ERR: 2452 UATH_STAT_INC(sc, st_decrypt_crcerr); 2453 break; 2454 case UATH_STATUS_DECRYPT_MIC_ERR: 2455 UATH_STAT_INC(sc, st_decrypt_micerr); 2456 break; 2457 case UATH_STATUS_DECOMP_ERR: 2458 UATH_STAT_INC(sc, st_decomperr); 2459 break; 2460 case UATH_STATUS_KEY_ERR: 2461 UATH_STAT_INC(sc, st_keyerr); 2462 break; 2463 case UATH_STATUS_ERR: 2464 UATH_STAT_INC(sc, st_err); 2465 break; 2466 default: 2467 break; 2468 } 2469 } 2470 2471 CTASSERT(UATH_MIN_RXBUFSZ >= sizeof(struct uath_chunk)); 2472 2473 static struct mbuf * 2474 uath_data_rxeof(struct usb_xfer *xfer, struct uath_data *data, 2475 struct uath_rx_desc **pdesc) 2476 { 2477 struct uath_softc *sc = usbd_xfer_softc(xfer); 2478 struct ieee80211com *ic = &sc->sc_ic; 2479 struct uath_chunk *chunk; 2480 struct uath_rx_desc *desc; 2481 struct mbuf *m = data->m, *mnew, *mp; 2482 uint16_t chunklen; 2483 int actlen; 2484 2485 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 2486 2487 if (actlen < (int)UATH_MIN_RXBUFSZ) { 2488 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 2489 "%s: wrong xfer size (len=%d)\n", __func__, actlen); 2490 counter_u64_add(ic->ic_ierrors, 1); 2491 return (NULL); 2492 } 2493 2494 chunk = (struct uath_chunk *)data->buf; 2495 chunklen = be16toh(chunk->length); 2496 if (chunk->seqnum == 0 && chunk->flags == 0 && chunklen == 0) { 2497 device_printf(sc->sc_dev, "%s: strange response\n", __func__); 2498 counter_u64_add(ic->ic_ierrors, 1); 2499 UATH_RESET_INTRX(sc); 2500 return (NULL); 2501 } 2502 2503 if (chunklen > actlen) { 2504 device_printf(sc->sc_dev, 2505 "%s: invalid chunk length (len %u > actlen %d)\n", 2506 __func__, chunklen, actlen); 2507 counter_u64_add(ic->ic_ierrors, 1); 2508 /* XXX cleanup? */ 2509 UATH_RESET_INTRX(sc); 2510 return (NULL); 2511 } 2512 2513 if (chunk->seqnum != sc->sc_intrx_nextnum) { 2514 DPRINTF(sc, UATH_DEBUG_XMIT, "invalid seqnum %d, expected %d\n", 2515 chunk->seqnum, sc->sc_intrx_nextnum); 2516 UATH_STAT_INC(sc, st_badchunkseqnum); 2517 if (sc->sc_intrx_head != NULL) 2518 m_freem(sc->sc_intrx_head); 2519 UATH_RESET_INTRX(sc); 2520 return (NULL); 2521 } 2522 2523 /* check multi-chunk frames */ 2524 if ((chunk->seqnum == 0 && !(chunk->flags & UATH_CFLAGS_FINAL)) || 2525 (chunk->seqnum != 0 && (chunk->flags & UATH_CFLAGS_FINAL)) || 2526 chunk->flags & UATH_CFLAGS_RXMSG) 2527 UATH_STAT_INC(sc, st_multichunk); 2528 2529 if (chunk->flags & UATH_CFLAGS_FINAL) { 2530 if (chunklen < sizeof(struct uath_rx_desc)) { 2531 device_printf(sc->sc_dev, 2532 "%s: invalid chunk length %d\n", 2533 __func__, chunklen); 2534 counter_u64_add(ic->ic_ierrors, 1); 2535 if (sc->sc_intrx_head != NULL) 2536 m_freem(sc->sc_intrx_head); 2537 UATH_RESET_INTRX(sc); 2538 return (NULL); 2539 } 2540 chunklen -= sizeof(struct uath_rx_desc); 2541 } 2542 2543 if (chunklen > 0 && 2544 (!(chunk->flags & UATH_CFLAGS_FINAL) || !(chunk->seqnum == 0))) { 2545 /* we should use intermediate RX buffer */ 2546 if (chunk->seqnum == 0) 2547 UATH_RESET_INTRX(sc); 2548 if ((sc->sc_intrx_len + sizeof(struct uath_rx_desc) + 2549 chunklen) > UATH_MAX_INTRX_SIZE) { 2550 UATH_STAT_INC(sc, st_invalidlen); 2551 counter_u64_add(ic->ic_ierrors, 1); 2552 if (sc->sc_intrx_head != NULL) 2553 m_freem(sc->sc_intrx_head); 2554 UATH_RESET_INTRX(sc); 2555 return (NULL); 2556 } 2557 2558 m->m_len = chunklen; 2559 m->m_data += sizeof(struct uath_chunk); 2560 2561 if (sc->sc_intrx_head == NULL) { 2562 sc->sc_intrx_head = m; 2563 sc->sc_intrx_tail = m; 2564 } else { 2565 m->m_flags &= ~M_PKTHDR; 2566 sc->sc_intrx_tail->m_next = m; 2567 sc->sc_intrx_tail = m; 2568 } 2569 } 2570 sc->sc_intrx_len += chunklen; 2571 2572 mnew = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 2573 if (mnew == NULL) { 2574 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 2575 "%s: can't get new mbuf, drop frame\n", __func__); 2576 counter_u64_add(ic->ic_ierrors, 1); 2577 if (sc->sc_intrx_head != NULL) 2578 m_freem(sc->sc_intrx_head); 2579 UATH_RESET_INTRX(sc); 2580 return (NULL); 2581 } 2582 2583 data->m = mnew; 2584 data->buf = mtod(mnew, uint8_t *); 2585 2586 /* if the frame is not final continue the transfer */ 2587 if (!(chunk->flags & UATH_CFLAGS_FINAL)) { 2588 sc->sc_intrx_nextnum++; 2589 UATH_RESET_INTRX(sc); 2590 return (NULL); 2591 } 2592 2593 /* 2594 * if the frame is not set UATH_CFLAGS_RXMSG, then rx descriptor is 2595 * located at the end, 32-bit aligned 2596 */ 2597 desc = (chunk->flags & UATH_CFLAGS_RXMSG) ? 2598 (struct uath_rx_desc *)(chunk + 1) : 2599 (struct uath_rx_desc *)(((uint8_t *)chunk) + 2600 sizeof(struct uath_chunk) + be16toh(chunk->length) - 2601 sizeof(struct uath_rx_desc)); 2602 if ((uint8_t *)chunk + actlen - sizeof(struct uath_rx_desc) < 2603 (uint8_t *)desc) { 2604 device_printf(sc->sc_dev, 2605 "%s: wrong Rx descriptor pointer " 2606 "(desc %p chunk %p actlen %d)\n", 2607 __func__, desc, chunk, actlen); 2608 counter_u64_add(ic->ic_ierrors, 1); 2609 if (sc->sc_intrx_head != NULL) 2610 m_freem(sc->sc_intrx_head); 2611 UATH_RESET_INTRX(sc); 2612 return (NULL); 2613 } 2614 2615 *pdesc = desc; 2616 2617 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 2618 "%s: frame len %u code %u status %u rate %u antenna %u " 2619 "rssi %d channel %u phyerror %u connix %u decrypterror %u " 2620 "keycachemiss %u\n", __func__, be32toh(desc->framelen) 2621 , be32toh(desc->code), be32toh(desc->status), be32toh(desc->rate) 2622 , be32toh(desc->antenna), be32toh(desc->rssi), be32toh(desc->channel) 2623 , be32toh(desc->phyerror), be32toh(desc->connix) 2624 , be32toh(desc->decrypterror), be32toh(desc->keycachemiss)); 2625 2626 if (be32toh(desc->len) > MCLBYTES) { 2627 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 2628 "%s: bad descriptor (len=%d)\n", __func__, 2629 be32toh(desc->len)); 2630 counter_u64_add(ic->ic_ierrors, 1); 2631 UATH_STAT_INC(sc, st_toobigrxpkt); 2632 if (sc->sc_intrx_head != NULL) 2633 m_freem(sc->sc_intrx_head); 2634 UATH_RESET_INTRX(sc); 2635 return (NULL); 2636 } 2637 2638 uath_update_rxstat(sc, be32toh(desc->status)); 2639 2640 /* finalize mbuf */ 2641 if (sc->sc_intrx_head == NULL) { 2642 uint32_t framelen; 2643 2644 if (be32toh(desc->framelen) < UATH_RX_DUMMYSIZE) { 2645 device_printf(sc->sc_dev, 2646 "%s: framelen too small (%u)\n", 2647 __func__, be32toh(desc->framelen)); 2648 counter_u64_add(ic->ic_ierrors, 1); 2649 if (sc->sc_intrx_head != NULL) 2650 m_freem(sc->sc_intrx_head); 2651 UATH_RESET_INTRX(sc); 2652 return (NULL); 2653 } 2654 2655 framelen = be32toh(desc->framelen) - UATH_RX_DUMMYSIZE; 2656 if (framelen > actlen - sizeof(struct uath_chunk) || 2657 framelen < sizeof(struct ieee80211_frame_ack)) { 2658 device_printf(sc->sc_dev, 2659 "%s: wrong frame length (%u, actlen %d)!\n", 2660 __func__, framelen, actlen); 2661 counter_u64_add(ic->ic_ierrors, 1); 2662 if (sc->sc_intrx_head != NULL) 2663 m_freem(sc->sc_intrx_head); 2664 UATH_RESET_INTRX(sc); 2665 return (NULL); 2666 } 2667 2668 m->m_pkthdr.len = m->m_len = framelen; 2669 m->m_data += sizeof(struct uath_chunk); 2670 } else { 2671 mp = sc->sc_intrx_head; 2672 mp->m_flags |= M_PKTHDR; 2673 mp->m_pkthdr.len = sc->sc_intrx_len; 2674 m = mp; 2675 } 2676 2677 /* there are a lot more fields in the RX descriptor */ 2678 if ((sc->sc_flags & UATH_FLAG_INVALID) == 0 && 2679 ieee80211_radiotap_active(ic)) { 2680 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 2681 uint32_t tsf_hi = be32toh(desc->tstamp_high); 2682 uint32_t tsf_lo = be32toh(desc->tstamp_low); 2683 2684 /* XXX only get low order 24bits of tsf from h/w */ 2685 tap->wr_tsf = htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 2686 tap->wr_flags = 0; 2687 if (be32toh(desc->status) == UATH_STATUS_CRC_ERR) 2688 tap->wr_flags |= IEEE80211_RADIOTAP_F_BADFCS; 2689 /* XXX map other status to BADFCS? */ 2690 /* XXX ath h/w rate code, need to map */ 2691 tap->wr_rate = be32toh(desc->rate); 2692 tap->wr_antenna = be32toh(desc->antenna); 2693 tap->wr_antsignal = -95 + be32toh(desc->rssi); 2694 tap->wr_antnoise = -95; 2695 } 2696 2697 UATH_RESET_INTRX(sc); 2698 2699 return (m); 2700 } 2701 2702 static void 2703 uath_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2704 { 2705 struct uath_softc *sc = usbd_xfer_softc(xfer); 2706 struct ieee80211com *ic = &sc->sc_ic; 2707 struct ieee80211_frame *wh; 2708 struct ieee80211_node *ni; 2709 struct mbuf *m = NULL; 2710 struct uath_data *data; 2711 struct uath_rx_desc *desc = NULL; 2712 int8_t nf; 2713 2714 UATH_ASSERT_LOCKED(sc); 2715 2716 switch (USB_GET_STATE(xfer)) { 2717 case USB_ST_TRANSFERRED: 2718 data = STAILQ_FIRST(&sc->sc_rx_active); 2719 if (data == NULL) 2720 goto setup; 2721 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 2722 UATH_STAT_DEC(sc, st_rx_active); 2723 m = uath_data_rxeof(xfer, data, &desc); 2724 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 2725 UATH_STAT_INC(sc, st_rx_inactive); 2726 /* FALLTHROUGH */ 2727 case USB_ST_SETUP: 2728 setup: 2729 data = STAILQ_FIRST(&sc->sc_rx_inactive); 2730 if (data == NULL) 2731 return; 2732 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 2733 UATH_STAT_DEC(sc, st_rx_inactive); 2734 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 2735 UATH_STAT_INC(sc, st_rx_active); 2736 usbd_xfer_set_frame_data(xfer, 0, data->buf, MCLBYTES); 2737 usbd_transfer_submit(xfer); 2738 2739 /* 2740 * To avoid LOR we should unlock our private mutex here to call 2741 * ieee80211_input() because here is at the end of a USB 2742 * callback and safe to unlock. 2743 */ 2744 if (sc->sc_flags & UATH_FLAG_INVALID) { 2745 if (m != NULL) 2746 m_freem(m); 2747 return; 2748 } 2749 UATH_UNLOCK(sc); 2750 if (m != NULL && desc != NULL) { 2751 wh = mtod(m, struct ieee80211_frame *); 2752 ni = ieee80211_find_rxnode(ic, 2753 (struct ieee80211_frame_min *)wh); 2754 nf = -95; /* XXX */ 2755 if (ni != NULL) { 2756 (void) ieee80211_input(ni, m, 2757 (int)be32toh(desc->rssi), nf); 2758 /* node is no longer needed */ 2759 ieee80211_free_node(ni); 2760 } else 2761 (void) ieee80211_input_all(ic, m, 2762 (int)be32toh(desc->rssi), nf); 2763 m = NULL; 2764 desc = NULL; 2765 } 2766 UATH_LOCK(sc); 2767 uath_start(sc); 2768 break; 2769 default: 2770 /* needs it to the inactive queue due to a error. */ 2771 data = STAILQ_FIRST(&sc->sc_rx_active); 2772 if (data != NULL) { 2773 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 2774 UATH_STAT_DEC(sc, st_rx_active); 2775 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 2776 UATH_STAT_INC(sc, st_rx_inactive); 2777 } 2778 if (error != USB_ERR_CANCELLED) { 2779 usbd_xfer_set_stall(xfer); 2780 counter_u64_add(ic->ic_ierrors, 1); 2781 goto setup; 2782 } 2783 break; 2784 } 2785 } 2786 2787 static void 2788 uath_data_txeof(struct usb_xfer *xfer, struct uath_data *data) 2789 { 2790 struct uath_softc *sc = usbd_xfer_softc(xfer); 2791 2792 UATH_ASSERT_LOCKED(sc); 2793 2794 if (data->m) { 2795 /* XXX status? */ 2796 ieee80211_tx_complete(data->ni, data->m, 0); 2797 data->m = NULL; 2798 data->ni = NULL; 2799 } 2800 sc->sc_tx_timer = 0; 2801 } 2802 2803 static void 2804 uath_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) 2805 { 2806 struct uath_softc *sc = usbd_xfer_softc(xfer); 2807 struct uath_data *data; 2808 2809 UATH_ASSERT_LOCKED(sc); 2810 2811 switch (USB_GET_STATE(xfer)) { 2812 case USB_ST_TRANSFERRED: 2813 data = STAILQ_FIRST(&sc->sc_tx_active); 2814 if (data == NULL) 2815 goto setup; 2816 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 2817 UATH_STAT_DEC(sc, st_tx_active); 2818 uath_data_txeof(xfer, data); 2819 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 2820 UATH_STAT_INC(sc, st_tx_inactive); 2821 /* FALLTHROUGH */ 2822 case USB_ST_SETUP: 2823 setup: 2824 data = STAILQ_FIRST(&sc->sc_tx_pending); 2825 if (data == NULL) { 2826 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: empty pending queue\n", 2827 __func__); 2828 return; 2829 } 2830 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); 2831 UATH_STAT_DEC(sc, st_tx_pending); 2832 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next); 2833 UATH_STAT_INC(sc, st_tx_active); 2834 2835 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 2836 usbd_transfer_submit(xfer); 2837 2838 uath_start(sc); 2839 break; 2840 default: 2841 data = STAILQ_FIRST(&sc->sc_tx_active); 2842 if (data == NULL) 2843 goto setup; 2844 if (data->ni != NULL) { 2845 if_inc_counter(data->ni->ni_vap->iv_ifp, 2846 IFCOUNTER_OERRORS, 1); 2847 if ((sc->sc_flags & UATH_FLAG_INVALID) == 0) 2848 ieee80211_free_node(data->ni); 2849 data->ni = NULL; 2850 } 2851 if (error != USB_ERR_CANCELLED) { 2852 usbd_xfer_set_stall(xfer); 2853 goto setup; 2854 } 2855 break; 2856 } 2857 } 2858 2859 static device_method_t uath_methods[] = { 2860 DEVMETHOD(device_probe, uath_match), 2861 DEVMETHOD(device_attach, uath_attach), 2862 DEVMETHOD(device_detach, uath_detach), 2863 DEVMETHOD_END 2864 }; 2865 static driver_t uath_driver = { 2866 .name = "uath", 2867 .methods = uath_methods, 2868 .size = sizeof(struct uath_softc) 2869 }; 2870 static devclass_t uath_devclass; 2871 2872 DRIVER_MODULE(uath, uhub, uath_driver, uath_devclass, NULL, 0); 2873 MODULE_DEPEND(uath, wlan, 1, 1, 1); 2874 MODULE_DEPEND(uath, usb, 1, 1, 1); 2875 MODULE_VERSION(uath, 1); 2876 USB_PNP_HOST_INFO(uath_devs); 2877