1 /*- 2 * SPDX-License-Identifier: (BSD-2-Clause-FreeBSD AND BSD-1-Clause) 3 * 4 * Copyright (c) 2006 Sam Leffler, Errno Consulting 5 * Copyright (c) 2008-2009 Weongyo Jeong <weongyo@freebsd.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer, 13 * without modification. 14 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 15 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 16 * redistribution must be conditioned upon including a substantially 17 * similar Disclaimer requirement for further binary redistribution. 18 * 19 * NO WARRANTY 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 23 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 24 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 25 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 28 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 30 * THE POSSIBILITY OF SUCH DAMAGES. 31 */ 32 33 /* 34 * This driver is distantly derived from a driver of the same name 35 * by Damien Bergamini. The original copyright is included below: 36 * 37 * Copyright (c) 2006 38 * Damien Bergamini <damien.bergamini@free.fr> 39 * 40 * Permission to use, copy, modify, and distribute this software for any 41 * purpose with or without fee is hereby granted, provided that the above 42 * copyright notice and this permission notice appear in all copies. 43 * 44 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 45 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 46 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 47 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 48 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 49 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 50 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 51 */ 52 53 #include <sys/cdefs.h> 54 __FBSDID("$FreeBSD$"); 55 56 /*- 57 * Driver for Atheros AR5523 USB parts. 58 * 59 * The driver requires firmware to be loaded into the device. This 60 * is done on device discovery from a user application (uathload) 61 * that is launched by devd when a device with suitable product ID 62 * is recognized. Once firmware has been loaded the device will 63 * reset the USB port and re-attach with the original product ID+1 64 * and this driver will be attached. The firmware is licensed for 65 * general use (royalty free) and may be incorporated in products. 66 * Note that the firmware normally packaged with the NDIS drivers 67 * for these devices does not work in this way and so does not work 68 * with this driver. 69 */ 70 71 #include "opt_wlan.h" 72 73 #include <sys/param.h> 74 #include <sys/sockio.h> 75 #include <sys/sysctl.h> 76 #include <sys/lock.h> 77 #include <sys/mutex.h> 78 #include <sys/mbuf.h> 79 #include <sys/kernel.h> 80 #include <sys/socket.h> 81 #include <sys/systm.h> 82 #include <sys/malloc.h> 83 #include <sys/module.h> 84 #include <sys/bus.h> 85 #include <sys/endian.h> 86 #include <sys/kdb.h> 87 88 #include <net/bpf.h> 89 #include <net/if.h> 90 #include <net/if_var.h> 91 #include <net/if_arp.h> 92 #include <net/ethernet.h> 93 #include <net/if_dl.h> 94 #include <net/if_media.h> 95 #include <net/if_types.h> 96 97 #ifdef INET 98 #include <netinet/in.h> 99 #include <netinet/in_systm.h> 100 #include <netinet/in_var.h> 101 #include <netinet/if_ether.h> 102 #include <netinet/ip.h> 103 #endif 104 105 #include <net80211/ieee80211_var.h> 106 #include <net80211/ieee80211_input.h> 107 #include <net80211/ieee80211_regdomain.h> 108 #include <net80211/ieee80211_radiotap.h> 109 110 #include <dev/usb/usb.h> 111 #include <dev/usb/usbdi.h> 112 #include "usbdevs.h" 113 114 #include <dev/usb/wlan/if_uathreg.h> 115 #include <dev/usb/wlan/if_uathvar.h> 116 117 static SYSCTL_NODE(_hw_usb, OID_AUTO, uath, CTLFLAG_RW, 0, "USB Atheros"); 118 119 static int uath_countrycode = CTRY_DEFAULT; /* country code */ 120 SYSCTL_INT(_hw_usb_uath, OID_AUTO, countrycode, CTLFLAG_RWTUN, &uath_countrycode, 121 0, "country code"); 122 static int uath_regdomain = 0; /* regulatory domain */ 123 SYSCTL_INT(_hw_usb_uath, OID_AUTO, regdomain, CTLFLAG_RD, &uath_regdomain, 124 0, "regulatory domain"); 125 126 #ifdef UATH_DEBUG 127 int uath_debug = 0; 128 SYSCTL_INT(_hw_usb_uath, OID_AUTO, debug, CTLFLAG_RWTUN, &uath_debug, 0, 129 "uath debug level"); 130 enum { 131 UATH_DEBUG_XMIT = 0x00000001, /* basic xmit operation */ 132 UATH_DEBUG_XMIT_DUMP = 0x00000002, /* xmit dump */ 133 UATH_DEBUG_RECV = 0x00000004, /* basic recv operation */ 134 UATH_DEBUG_TX_PROC = 0x00000008, /* tx ISR proc */ 135 UATH_DEBUG_RX_PROC = 0x00000010, /* rx ISR proc */ 136 UATH_DEBUG_RECV_ALL = 0x00000020, /* trace all frames (beacons) */ 137 UATH_DEBUG_INIT = 0x00000040, /* initialization of dev */ 138 UATH_DEBUG_DEVCAP = 0x00000080, /* dev caps */ 139 UATH_DEBUG_CMDS = 0x00000100, /* commands */ 140 UATH_DEBUG_CMDS_DUMP = 0x00000200, /* command buffer dump */ 141 UATH_DEBUG_RESET = 0x00000400, /* reset processing */ 142 UATH_DEBUG_STATE = 0x00000800, /* 802.11 state transitions */ 143 UATH_DEBUG_MULTICAST = 0x00001000, /* multicast */ 144 UATH_DEBUG_WME = 0x00002000, /* WME */ 145 UATH_DEBUG_CHANNEL = 0x00004000, /* channel */ 146 UATH_DEBUG_RATES = 0x00008000, /* rates */ 147 UATH_DEBUG_CRYPTO = 0x00010000, /* crypto */ 148 UATH_DEBUG_LED = 0x00020000, /* LED */ 149 UATH_DEBUG_ANY = 0xffffffff 150 }; 151 #define DPRINTF(sc, m, fmt, ...) do { \ 152 if (sc->sc_debug & (m)) \ 153 printf(fmt, __VA_ARGS__); \ 154 } while (0) 155 #else 156 #define DPRINTF(sc, m, fmt, ...) do { \ 157 (void) sc; \ 158 } while (0) 159 #endif 160 161 /* recognized device vendors/products */ 162 static const STRUCT_USB_HOST_ID uath_devs[] = { 163 #define UATH_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 164 UATH_DEV(ACCTON, SMCWUSBTG2), 165 UATH_DEV(ATHEROS, AR5523), 166 UATH_DEV(ATHEROS2, AR5523_1), 167 UATH_DEV(ATHEROS2, AR5523_2), 168 UATH_DEV(ATHEROS2, AR5523_3), 169 UATH_DEV(CONCEPTRONIC, AR5523_1), 170 UATH_DEV(CONCEPTRONIC, AR5523_2), 171 UATH_DEV(DLINK, DWLAG122), 172 UATH_DEV(DLINK, DWLAG132), 173 UATH_DEV(DLINK, DWLG132), 174 UATH_DEV(DLINK2, DWA120), 175 UATH_DEV(GIGASET, AR5523), 176 UATH_DEV(GIGASET, SMCWUSBTG), 177 UATH_DEV(GLOBALSUN, AR5523_1), 178 UATH_DEV(GLOBALSUN, AR5523_2), 179 UATH_DEV(NETGEAR, WG111U), 180 UATH_DEV(NETGEAR3, WG111T), 181 UATH_DEV(NETGEAR3, WPN111), 182 UATH_DEV(NETGEAR3, WPN111_2), 183 UATH_DEV(UMEDIA, TEW444UBEU), 184 UATH_DEV(UMEDIA, AR5523_2), 185 UATH_DEV(WISTRONNEWEB, AR5523_1), 186 UATH_DEV(WISTRONNEWEB, AR5523_2), 187 UATH_DEV(ZCOM, AR5523) 188 #undef UATH_DEV 189 }; 190 191 static usb_callback_t uath_intr_rx_callback; 192 static usb_callback_t uath_intr_tx_callback; 193 static usb_callback_t uath_bulk_rx_callback; 194 static usb_callback_t uath_bulk_tx_callback; 195 196 static const struct usb_config uath_usbconfig[UATH_N_XFERS] = { 197 [UATH_INTR_RX] = { 198 .type = UE_BULK, 199 .endpoint = 0x1, 200 .direction = UE_DIR_IN, 201 .bufsize = UATH_MAX_CMDSZ, 202 .flags = { 203 .pipe_bof = 1, 204 .short_xfer_ok = 1 205 }, 206 .callback = uath_intr_rx_callback 207 }, 208 [UATH_INTR_TX] = { 209 .type = UE_BULK, 210 .endpoint = 0x1, 211 .direction = UE_DIR_OUT, 212 .bufsize = UATH_MAX_CMDSZ * UATH_CMD_LIST_COUNT, 213 .flags = { 214 .force_short_xfer = 1, 215 .pipe_bof = 1, 216 }, 217 .callback = uath_intr_tx_callback, 218 .timeout = UATH_CMD_TIMEOUT 219 }, 220 [UATH_BULK_RX] = { 221 .type = UE_BULK, 222 .endpoint = 0x2, 223 .direction = UE_DIR_IN, 224 .bufsize = MCLBYTES, 225 .flags = { 226 .ext_buffer = 1, 227 .pipe_bof = 1, 228 .short_xfer_ok = 1 229 }, 230 .callback = uath_bulk_rx_callback 231 }, 232 [UATH_BULK_TX] = { 233 .type = UE_BULK, 234 .endpoint = 0x2, 235 .direction = UE_DIR_OUT, 236 .bufsize = UATH_MAX_TXBUFSZ * UATH_TX_DATA_LIST_COUNT, 237 .flags = { 238 .force_short_xfer = 1, 239 .pipe_bof = 1 240 }, 241 .callback = uath_bulk_tx_callback, 242 .timeout = UATH_DATA_TIMEOUT 243 } 244 }; 245 246 static struct ieee80211vap *uath_vap_create(struct ieee80211com *, 247 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 248 const uint8_t [IEEE80211_ADDR_LEN], 249 const uint8_t [IEEE80211_ADDR_LEN]); 250 static void uath_vap_delete(struct ieee80211vap *); 251 static int uath_alloc_cmd_list(struct uath_softc *, struct uath_cmd []); 252 static void uath_free_cmd_list(struct uath_softc *, struct uath_cmd []); 253 static int uath_host_available(struct uath_softc *); 254 static int uath_get_capability(struct uath_softc *, uint32_t, uint32_t *); 255 static int uath_get_devcap(struct uath_softc *); 256 static struct uath_cmd * 257 uath_get_cmdbuf(struct uath_softc *); 258 static int uath_cmd_read(struct uath_softc *, uint32_t, const void *, 259 int, void *, int, int); 260 static int uath_cmd_write(struct uath_softc *, uint32_t, const void *, 261 int, int); 262 static void uath_stat(void *); 263 #ifdef UATH_DEBUG 264 static void uath_dump_cmd(const uint8_t *, int, char); 265 static const char * 266 uath_codename(int); 267 #endif 268 static int uath_get_devstatus(struct uath_softc *, 269 uint8_t macaddr[IEEE80211_ADDR_LEN]); 270 static int uath_get_status(struct uath_softc *, uint32_t, void *, int); 271 static int uath_alloc_rx_data_list(struct uath_softc *); 272 static int uath_alloc_tx_data_list(struct uath_softc *); 273 static void uath_free_rx_data_list(struct uath_softc *); 274 static void uath_free_tx_data_list(struct uath_softc *); 275 static int uath_init(struct uath_softc *); 276 static void uath_stop(struct uath_softc *); 277 static void uath_parent(struct ieee80211com *); 278 static int uath_transmit(struct ieee80211com *, struct mbuf *); 279 static void uath_start(struct uath_softc *); 280 static int uath_raw_xmit(struct ieee80211_node *, struct mbuf *, 281 const struct ieee80211_bpf_params *); 282 static void uath_scan_start(struct ieee80211com *); 283 static void uath_scan_end(struct ieee80211com *); 284 static void uath_set_channel(struct ieee80211com *); 285 static void uath_update_mcast(struct ieee80211com *); 286 static void uath_update_promisc(struct ieee80211com *); 287 static int uath_config(struct uath_softc *, uint32_t, uint32_t); 288 static int uath_config_multi(struct uath_softc *, uint32_t, const void *, 289 int); 290 static int uath_switch_channel(struct uath_softc *, 291 struct ieee80211_channel *); 292 static int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 293 static void uath_watchdog(void *); 294 static void uath_abort_xfers(struct uath_softc *); 295 static int uath_dataflush(struct uath_softc *); 296 static int uath_cmdflush(struct uath_softc *); 297 static int uath_flush(struct uath_softc *); 298 static int uath_set_ledstate(struct uath_softc *, int); 299 static int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 300 static int uath_reset_tx_queues(struct uath_softc *); 301 static int uath_wme_init(struct uath_softc *); 302 static struct uath_data * 303 uath_getbuf(struct uath_softc *); 304 static int uath_newstate(struct ieee80211vap *, enum ieee80211_state, 305 int); 306 static int uath_set_key(struct uath_softc *, 307 const struct ieee80211_key *, int); 308 static int uath_set_keys(struct uath_softc *, struct ieee80211vap *); 309 static void uath_sysctl_node(struct uath_softc *); 310 311 static int 312 uath_match(device_t dev) 313 { 314 struct usb_attach_arg *uaa = device_get_ivars(dev); 315 316 if (uaa->usb_mode != USB_MODE_HOST) 317 return (ENXIO); 318 if (uaa->info.bConfigIndex != UATH_CONFIG_INDEX) 319 return (ENXIO); 320 if (uaa->info.bIfaceIndex != UATH_IFACE_INDEX) 321 return (ENXIO); 322 323 return (usbd_lookup_id_by_uaa(uath_devs, sizeof(uath_devs), uaa)); 324 } 325 326 static int 327 uath_attach(device_t dev) 328 { 329 struct uath_softc *sc = device_get_softc(dev); 330 struct usb_attach_arg *uaa = device_get_ivars(dev); 331 struct ieee80211com *ic = &sc->sc_ic; 332 uint8_t bands[IEEE80211_MODE_BYTES]; 333 uint8_t iface_index = UATH_IFACE_INDEX; /* XXX */ 334 usb_error_t error; 335 336 sc->sc_dev = dev; 337 sc->sc_udev = uaa->device; 338 #ifdef UATH_DEBUG 339 sc->sc_debug = uath_debug; 340 #endif 341 device_set_usb_desc(dev); 342 343 /* 344 * Only post-firmware devices here. 345 */ 346 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), MTX_NETWORK_LOCK, 347 MTX_DEF); 348 callout_init(&sc->stat_ch, 0); 349 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 350 mbufq_init(&sc->sc_snd, ifqmaxlen); 351 352 error = usbd_transfer_setup(uaa->device, &iface_index, sc->sc_xfer, 353 uath_usbconfig, UATH_N_XFERS, sc, &sc->sc_mtx); 354 if (error) { 355 device_printf(dev, "could not allocate USB transfers, " 356 "err=%s\n", usbd_errstr(error)); 357 goto fail; 358 } 359 360 sc->sc_cmd_dma_buf = 361 usbd_xfer_get_frame_buffer(sc->sc_xfer[UATH_INTR_TX], 0); 362 sc->sc_tx_dma_buf = 363 usbd_xfer_get_frame_buffer(sc->sc_xfer[UATH_BULK_TX], 0); 364 365 /* 366 * Setup buffers for firmware commands. 367 */ 368 error = uath_alloc_cmd_list(sc, sc->sc_cmd); 369 if (error != 0) { 370 device_printf(sc->sc_dev, 371 "could not allocate Tx command list\n"); 372 goto fail1; 373 } 374 375 /* 376 * We're now ready to send+receive firmware commands. 377 */ 378 UATH_LOCK(sc); 379 error = uath_host_available(sc); 380 if (error != 0) { 381 device_printf(sc->sc_dev, "could not initialize adapter\n"); 382 goto fail2; 383 } 384 error = uath_get_devcap(sc); 385 if (error != 0) { 386 device_printf(sc->sc_dev, 387 "could not get device capabilities\n"); 388 goto fail2; 389 } 390 UATH_UNLOCK(sc); 391 392 /* Create device sysctl node. */ 393 uath_sysctl_node(sc); 394 395 UATH_LOCK(sc); 396 error = uath_get_devstatus(sc, ic->ic_macaddr); 397 if (error != 0) { 398 device_printf(sc->sc_dev, "could not get device status\n"); 399 goto fail2; 400 } 401 402 /* 403 * Allocate xfers for Rx/Tx data pipes. 404 */ 405 error = uath_alloc_rx_data_list(sc); 406 if (error != 0) { 407 device_printf(sc->sc_dev, "could not allocate Rx data list\n"); 408 goto fail2; 409 } 410 error = uath_alloc_tx_data_list(sc); 411 if (error != 0) { 412 device_printf(sc->sc_dev, "could not allocate Tx data list\n"); 413 goto fail2; 414 } 415 UATH_UNLOCK(sc); 416 417 ic->ic_softc = sc; 418 ic->ic_name = device_get_nameunit(dev); 419 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 420 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 421 422 /* set device capabilities */ 423 ic->ic_caps = 424 IEEE80211_C_STA | /* station mode */ 425 IEEE80211_C_MONITOR | /* monitor mode supported */ 426 IEEE80211_C_TXPMGT | /* tx power management */ 427 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 428 IEEE80211_C_SHSLOT | /* short slot time supported */ 429 IEEE80211_C_WPA | /* 802.11i */ 430 IEEE80211_C_BGSCAN | /* capable of bg scanning */ 431 IEEE80211_C_TXFRAG; /* handle tx frags */ 432 433 /* put a regulatory domain to reveal informations. */ 434 uath_regdomain = sc->sc_devcap.regDomain; 435 436 memset(bands, 0, sizeof(bands)); 437 setbit(bands, IEEE80211_MODE_11B); 438 setbit(bands, IEEE80211_MODE_11G); 439 if ((sc->sc_devcap.analog5GhzRevision & 0xf0) == 0x30) 440 setbit(bands, IEEE80211_MODE_11A); 441 /* XXX turbo */ 442 ieee80211_init_channels(ic, NULL, bands); 443 444 ieee80211_ifattach(ic); 445 ic->ic_raw_xmit = uath_raw_xmit; 446 ic->ic_scan_start = uath_scan_start; 447 ic->ic_scan_end = uath_scan_end; 448 ic->ic_set_channel = uath_set_channel; 449 ic->ic_vap_create = uath_vap_create; 450 ic->ic_vap_delete = uath_vap_delete; 451 ic->ic_update_mcast = uath_update_mcast; 452 ic->ic_update_promisc = uath_update_promisc; 453 ic->ic_transmit = uath_transmit; 454 ic->ic_parent = uath_parent; 455 456 ieee80211_radiotap_attach(ic, 457 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 458 UATH_TX_RADIOTAP_PRESENT, 459 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 460 UATH_RX_RADIOTAP_PRESENT); 461 462 if (bootverbose) 463 ieee80211_announce(ic); 464 465 return (0); 466 467 fail2: UATH_UNLOCK(sc); 468 uath_free_cmd_list(sc, sc->sc_cmd); 469 fail1: usbd_transfer_unsetup(sc->sc_xfer, UATH_N_XFERS); 470 fail: 471 return (error); 472 } 473 474 static int 475 uath_detach(device_t dev) 476 { 477 struct uath_softc *sc = device_get_softc(dev); 478 struct ieee80211com *ic = &sc->sc_ic; 479 unsigned int x; 480 481 /* 482 * Prevent further allocations from RX/TX/CMD 483 * data lists and ioctls 484 */ 485 UATH_LOCK(sc); 486 sc->sc_flags |= UATH_FLAG_INVALID; 487 488 STAILQ_INIT(&sc->sc_rx_active); 489 STAILQ_INIT(&sc->sc_rx_inactive); 490 491 STAILQ_INIT(&sc->sc_tx_active); 492 STAILQ_INIT(&sc->sc_tx_inactive); 493 STAILQ_INIT(&sc->sc_tx_pending); 494 495 STAILQ_INIT(&sc->sc_cmd_active); 496 STAILQ_INIT(&sc->sc_cmd_pending); 497 STAILQ_INIT(&sc->sc_cmd_waiting); 498 STAILQ_INIT(&sc->sc_cmd_inactive); 499 500 uath_stop(sc); 501 UATH_UNLOCK(sc); 502 503 callout_drain(&sc->stat_ch); 504 callout_drain(&sc->watchdog_ch); 505 506 /* drain USB transfers */ 507 for (x = 0; x != UATH_N_XFERS; x++) 508 usbd_transfer_drain(sc->sc_xfer[x]); 509 510 /* free data buffers */ 511 UATH_LOCK(sc); 512 uath_free_rx_data_list(sc); 513 uath_free_tx_data_list(sc); 514 uath_free_cmd_list(sc, sc->sc_cmd); 515 UATH_UNLOCK(sc); 516 517 /* free USB transfers and some data buffers */ 518 usbd_transfer_unsetup(sc->sc_xfer, UATH_N_XFERS); 519 520 ieee80211_ifdetach(ic); 521 mbufq_drain(&sc->sc_snd); 522 mtx_destroy(&sc->sc_mtx); 523 return (0); 524 } 525 526 static void 527 uath_free_cmd_list(struct uath_softc *sc, struct uath_cmd cmds[]) 528 { 529 int i; 530 531 for (i = 0; i != UATH_CMD_LIST_COUNT; i++) 532 cmds[i].buf = NULL; 533 } 534 535 static int 536 uath_alloc_cmd_list(struct uath_softc *sc, struct uath_cmd cmds[]) 537 { 538 int i; 539 540 STAILQ_INIT(&sc->sc_cmd_active); 541 STAILQ_INIT(&sc->sc_cmd_pending); 542 STAILQ_INIT(&sc->sc_cmd_waiting); 543 STAILQ_INIT(&sc->sc_cmd_inactive); 544 545 for (i = 0; i != UATH_CMD_LIST_COUNT; i++) { 546 struct uath_cmd *cmd = &cmds[i]; 547 548 cmd->sc = sc; /* backpointer for callbacks */ 549 cmd->msgid = i; 550 cmd->buf = ((uint8_t *)sc->sc_cmd_dma_buf) + 551 (i * UATH_MAX_CMDSZ); 552 STAILQ_INSERT_TAIL(&sc->sc_cmd_inactive, cmd, next); 553 UATH_STAT_INC(sc, st_cmd_inactive); 554 } 555 return (0); 556 } 557 558 static int 559 uath_host_available(struct uath_softc *sc) 560 { 561 struct uath_cmd_host_available setup; 562 563 UATH_ASSERT_LOCKED(sc); 564 565 /* inform target the host is available */ 566 setup.sw_ver_major = htobe32(ATH_SW_VER_MAJOR); 567 setup.sw_ver_minor = htobe32(ATH_SW_VER_MINOR); 568 setup.sw_ver_patch = htobe32(ATH_SW_VER_PATCH); 569 setup.sw_ver_build = htobe32(ATH_SW_VER_BUILD); 570 return uath_cmd_read(sc, WDCMSG_HOST_AVAILABLE, 571 &setup, sizeof setup, NULL, 0, 0); 572 } 573 574 #ifdef UATH_DEBUG 575 static void 576 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 577 { 578 const char *sep = ""; 579 int i; 580 581 for (i = 0; i < len; i++) { 582 if ((i % 16) == 0) { 583 printf("%s%c ", sep, prefix); 584 sep = "\n"; 585 } 586 else if ((i % 4) == 0) 587 printf(" "); 588 printf("%02x", buf[i]); 589 } 590 printf("\n"); 591 } 592 593 static const char * 594 uath_codename(int code) 595 { 596 static const char *names[] = { 597 "0x00", 598 "HOST_AVAILABLE", 599 "BIND", 600 "TARGET_RESET", 601 "TARGET_GET_CAPABILITY", 602 "TARGET_SET_CONFIG", 603 "TARGET_GET_STATUS", 604 "TARGET_GET_STATS", 605 "TARGET_START", 606 "TARGET_STOP", 607 "TARGET_ENABLE", 608 "TARGET_DISABLE", 609 "CREATE_CONNECTION", 610 "UPDATE_CONNECT_ATTR", 611 "DELETE_CONNECT", 612 "SEND", 613 "FLUSH", 614 "STATS_UPDATE", 615 "BMISS", 616 "DEVICE_AVAIL", 617 "SEND_COMPLETE", 618 "DATA_AVAIL", 619 "SET_PWR_MODE", 620 "BMISS_ACK", 621 "SET_LED_STEADY", 622 "SET_LED_BLINK", 623 "SETUP_BEACON_DESC", 624 "BEACON_INIT", 625 "RESET_KEY_CACHE", 626 "RESET_KEY_CACHE_ENTRY", 627 "SET_KEY_CACHE_ENTRY", 628 "SET_DECOMP_MASK", 629 "SET_REGULATORY_DOMAIN", 630 "SET_LED_STATE", 631 "WRITE_ASSOCID", 632 "SET_STA_BEACON_TIMERS", 633 "GET_TSF", 634 "RESET_TSF", 635 "SET_ADHOC_MODE", 636 "SET_BASIC_RATE", 637 "MIB_CONTROL", 638 "GET_CHANNEL_DATA", 639 "GET_CUR_RSSI", 640 "SET_ANTENNA_SWITCH", 641 "0x2c", "0x2d", "0x2e", 642 "USE_SHORT_SLOT_TIME", 643 "SET_POWER_MODE", 644 "SETUP_PSPOLL_DESC", 645 "SET_RX_MULTICAST_FILTER", 646 "RX_FILTER", 647 "PER_CALIBRATION", 648 "RESET", 649 "DISABLE", 650 "PHY_DISABLE", 651 "SET_TX_POWER_LIMIT", 652 "SET_TX_QUEUE_PARAMS", 653 "SETUP_TX_QUEUE", 654 "RELEASE_TX_QUEUE", 655 }; 656 static char buf[8]; 657 658 if (code < nitems(names)) 659 return names[code]; 660 if (code == WDCMSG_SET_DEFAULT_KEY) 661 return "SET_DEFAULT_KEY"; 662 snprintf(buf, sizeof(buf), "0x%02x", code); 663 return buf; 664 } 665 #endif 666 667 /* 668 * Low-level function to send read or write commands to the firmware. 669 */ 670 static int 671 uath_cmdsend(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 672 void *odata, int olen, int flags) 673 { 674 struct uath_cmd_hdr *hdr; 675 struct uath_cmd *cmd; 676 int error; 677 678 UATH_ASSERT_LOCKED(sc); 679 680 /* grab a xfer */ 681 cmd = uath_get_cmdbuf(sc); 682 if (cmd == NULL) { 683 device_printf(sc->sc_dev, "%s: empty inactive queue\n", 684 __func__); 685 return (ENOBUFS); 686 } 687 cmd->flags = flags; 688 /* always bulk-out a multiple of 4 bytes */ 689 cmd->buflen = roundup2(sizeof(struct uath_cmd_hdr) + ilen, 4); 690 691 hdr = (struct uath_cmd_hdr *)cmd->buf; 692 memset(hdr, 0, sizeof(struct uath_cmd_hdr)); 693 hdr->len = htobe32(cmd->buflen); 694 hdr->code = htobe32(code); 695 hdr->msgid = cmd->msgid; /* don't care about endianness */ 696 hdr->magic = htobe32((cmd->flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 697 memcpy((uint8_t *)(hdr + 1), idata, ilen); 698 699 #ifdef UATH_DEBUG 700 if (sc->sc_debug & UATH_DEBUG_CMDS) { 701 printf("%s: send %s [flags 0x%x] olen %d\n", 702 __func__, uath_codename(code), cmd->flags, olen); 703 if (sc->sc_debug & UATH_DEBUG_CMDS_DUMP) 704 uath_dump_cmd(cmd->buf, cmd->buflen, '+'); 705 } 706 #endif 707 cmd->odata = odata; 708 KASSERT(odata == NULL || 709 olen < UATH_MAX_CMDSZ - sizeof(*hdr) + sizeof(uint32_t), 710 ("odata %p olen %u", odata, olen)); 711 cmd->olen = olen; 712 713 STAILQ_INSERT_TAIL(&sc->sc_cmd_pending, cmd, next); 714 UATH_STAT_INC(sc, st_cmd_pending); 715 usbd_transfer_start(sc->sc_xfer[UATH_INTR_TX]); 716 717 if (cmd->flags & UATH_CMD_FLAG_READ) { 718 usbd_transfer_start(sc->sc_xfer[UATH_INTR_RX]); 719 720 /* wait at most two seconds for command reply */ 721 error = mtx_sleep(cmd, &sc->sc_mtx, 0, "uathcmd", 2 * hz); 722 cmd->odata = NULL; /* in case reply comes too late */ 723 if (error != 0) { 724 device_printf(sc->sc_dev, "timeout waiting for reply " 725 "to cmd 0x%x (%u)\n", code, code); 726 } else if (cmd->olen != olen) { 727 device_printf(sc->sc_dev, "unexpected reply data count " 728 "to cmd 0x%x (%u), got %u, expected %u\n", 729 code, code, cmd->olen, olen); 730 error = EINVAL; 731 } 732 return (error); 733 } 734 return (0); 735 } 736 737 static int 738 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 739 int ilen, void *odata, int olen, int flags) 740 { 741 742 flags |= UATH_CMD_FLAG_READ; 743 return uath_cmdsend(sc, code, idata, ilen, odata, olen, flags); 744 } 745 746 static int 747 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 748 int flags) 749 { 750 751 flags &= ~UATH_CMD_FLAG_READ; 752 return uath_cmdsend(sc, code, data, len, NULL, 0, flags); 753 } 754 755 static struct uath_cmd * 756 uath_get_cmdbuf(struct uath_softc *sc) 757 { 758 struct uath_cmd *uc; 759 760 UATH_ASSERT_LOCKED(sc); 761 762 uc = STAILQ_FIRST(&sc->sc_cmd_inactive); 763 if (uc != NULL) { 764 STAILQ_REMOVE_HEAD(&sc->sc_cmd_inactive, next); 765 UATH_STAT_DEC(sc, st_cmd_inactive); 766 } else 767 uc = NULL; 768 if (uc == NULL) 769 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: %s\n", __func__, 770 "out of command xmit buffers"); 771 return (uc); 772 } 773 774 /* 775 * This function is called periodically (every second) when associated to 776 * query device statistics. 777 */ 778 static void 779 uath_stat(void *arg) 780 { 781 struct uath_softc *sc = arg; 782 int error; 783 784 UATH_LOCK(sc); 785 /* 786 * Send request for statistics asynchronously. The timer will be 787 * restarted when we'll get the stats notification. 788 */ 789 error = uath_cmd_write(sc, WDCMSG_TARGET_GET_STATS, NULL, 0, 790 UATH_CMD_FLAG_ASYNC); 791 if (error != 0) { 792 device_printf(sc->sc_dev, 793 "could not query stats, error %d\n", error); 794 } 795 UATH_UNLOCK(sc); 796 } 797 798 static int 799 uath_get_capability(struct uath_softc *sc, uint32_t cap, uint32_t *val) 800 { 801 int error; 802 803 cap = htobe32(cap); 804 error = uath_cmd_read(sc, WDCMSG_TARGET_GET_CAPABILITY, 805 &cap, sizeof cap, val, sizeof(uint32_t), UATH_CMD_FLAG_MAGIC); 806 if (error != 0) { 807 device_printf(sc->sc_dev, "could not read capability %u\n", 808 be32toh(cap)); 809 return (error); 810 } 811 *val = be32toh(*val); 812 return (error); 813 } 814 815 static int 816 uath_get_devcap(struct uath_softc *sc) 817 { 818 #define GETCAP(x, v) do { \ 819 error = uath_get_capability(sc, x, &v); \ 820 if (error != 0) \ 821 return (error); \ 822 DPRINTF(sc, UATH_DEBUG_DEVCAP, \ 823 "%s: %s=0x%08x\n", __func__, #x, v); \ 824 } while (0) 825 struct uath_devcap *cap = &sc->sc_devcap; 826 int error; 827 828 /* collect device capabilities */ 829 GETCAP(CAP_TARGET_VERSION, cap->targetVersion); 830 GETCAP(CAP_TARGET_REVISION, cap->targetRevision); 831 GETCAP(CAP_MAC_VERSION, cap->macVersion); 832 GETCAP(CAP_MAC_REVISION, cap->macRevision); 833 GETCAP(CAP_PHY_REVISION, cap->phyRevision); 834 GETCAP(CAP_ANALOG_5GHz_REVISION, cap->analog5GhzRevision); 835 GETCAP(CAP_ANALOG_2GHz_REVISION, cap->analog2GhzRevision); 836 837 GETCAP(CAP_REG_DOMAIN, cap->regDomain); 838 GETCAP(CAP_REG_CAP_BITS, cap->regCapBits); 839 #if 0 840 /* NB: not supported in rev 1.5 */ 841 GETCAP(CAP_COUNTRY_CODE, cap->countryCode); 842 #endif 843 GETCAP(CAP_WIRELESS_MODES, cap->wirelessModes); 844 GETCAP(CAP_CHAN_SPREAD_SUPPORT, cap->chanSpreadSupport); 845 GETCAP(CAP_COMPRESS_SUPPORT, cap->compressSupport); 846 GETCAP(CAP_BURST_SUPPORT, cap->burstSupport); 847 GETCAP(CAP_FAST_FRAMES_SUPPORT, cap->fastFramesSupport); 848 GETCAP(CAP_CHAP_TUNING_SUPPORT, cap->chapTuningSupport); 849 GETCAP(CAP_TURBOG_SUPPORT, cap->turboGSupport); 850 GETCAP(CAP_TURBO_PRIME_SUPPORT, cap->turboPrimeSupport); 851 GETCAP(CAP_DEVICE_TYPE, cap->deviceType); 852 GETCAP(CAP_WME_SUPPORT, cap->wmeSupport); 853 GETCAP(CAP_TOTAL_QUEUES, cap->numTxQueues); 854 GETCAP(CAP_CONNECTION_ID_MAX, cap->connectionIdMax); 855 856 GETCAP(CAP_LOW_5GHZ_CHAN, cap->low5GhzChan); 857 GETCAP(CAP_HIGH_5GHZ_CHAN, cap->high5GhzChan); 858 GETCAP(CAP_LOW_2GHZ_CHAN, cap->low2GhzChan); 859 GETCAP(CAP_HIGH_2GHZ_CHAN, cap->high2GhzChan); 860 GETCAP(CAP_TWICE_ANTENNAGAIN_5G, cap->twiceAntennaGain5G); 861 GETCAP(CAP_TWICE_ANTENNAGAIN_2G, cap->twiceAntennaGain2G); 862 863 GETCAP(CAP_CIPHER_AES_CCM, cap->supportCipherAES_CCM); 864 GETCAP(CAP_CIPHER_TKIP, cap->supportCipherTKIP); 865 GETCAP(CAP_MIC_TKIP, cap->supportMicTKIP); 866 867 cap->supportCipherWEP = 1; /* NB: always available */ 868 869 return (0); 870 } 871 872 static int 873 uath_get_devstatus(struct uath_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN]) 874 { 875 int error; 876 877 /* retrieve MAC address */ 878 error = uath_get_status(sc, ST_MAC_ADDR, macaddr, IEEE80211_ADDR_LEN); 879 if (error != 0) { 880 device_printf(sc->sc_dev, "could not read MAC address\n"); 881 return (error); 882 } 883 884 error = uath_get_status(sc, ST_SERIAL_NUMBER, 885 &sc->sc_serial[0], sizeof(sc->sc_serial)); 886 if (error != 0) { 887 device_printf(sc->sc_dev, 888 "could not read device serial number\n"); 889 return (error); 890 } 891 return (0); 892 } 893 894 static int 895 uath_get_status(struct uath_softc *sc, uint32_t which, void *odata, int olen) 896 { 897 int error; 898 899 which = htobe32(which); 900 error = uath_cmd_read(sc, WDCMSG_TARGET_GET_STATUS, 901 &which, sizeof(which), odata, olen, UATH_CMD_FLAG_MAGIC); 902 if (error != 0) 903 device_printf(sc->sc_dev, 904 "could not read EEPROM offset 0x%02x\n", be32toh(which)); 905 return (error); 906 } 907 908 static void 909 uath_free_data_list(struct uath_softc *sc, struct uath_data data[], int ndata, 910 int fillmbuf) 911 { 912 int i; 913 914 for (i = 0; i < ndata; i++) { 915 struct uath_data *dp = &data[i]; 916 917 if (fillmbuf == 1) { 918 if (dp->m != NULL) { 919 m_freem(dp->m); 920 dp->m = NULL; 921 dp->buf = NULL; 922 } 923 } else { 924 dp->buf = NULL; 925 } 926 if (dp->ni != NULL) { 927 ieee80211_free_node(dp->ni); 928 dp->ni = NULL; 929 } 930 } 931 } 932 933 static int 934 uath_alloc_data_list(struct uath_softc *sc, struct uath_data data[], 935 int ndata, int maxsz, void *dma_buf) 936 { 937 int i, error; 938 939 for (i = 0; i < ndata; i++) { 940 struct uath_data *dp = &data[i]; 941 942 dp->sc = sc; 943 if (dma_buf == NULL) { 944 /* XXX check maxsz */ 945 dp->m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 946 if (dp->m == NULL) { 947 device_printf(sc->sc_dev, 948 "could not allocate rx mbuf\n"); 949 error = ENOMEM; 950 goto fail; 951 } 952 dp->buf = mtod(dp->m, uint8_t *); 953 } else { 954 dp->m = NULL; 955 dp->buf = ((uint8_t *)dma_buf) + (i * maxsz); 956 } 957 dp->ni = NULL; 958 } 959 960 return (0); 961 962 fail: uath_free_data_list(sc, data, ndata, 1 /* free mbufs */); 963 return (error); 964 } 965 966 static int 967 uath_alloc_rx_data_list(struct uath_softc *sc) 968 { 969 int error, i; 970 971 /* XXX is it enough to store the RX packet with MCLBYTES bytes? */ 972 error = uath_alloc_data_list(sc, 973 sc->sc_rx, UATH_RX_DATA_LIST_COUNT, MCLBYTES, 974 NULL /* setup mbufs */); 975 if (error != 0) 976 return (error); 977 978 STAILQ_INIT(&sc->sc_rx_active); 979 STAILQ_INIT(&sc->sc_rx_inactive); 980 981 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 982 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], 983 next); 984 UATH_STAT_INC(sc, st_rx_inactive); 985 } 986 987 return (0); 988 } 989 990 static int 991 uath_alloc_tx_data_list(struct uath_softc *sc) 992 { 993 int error, i; 994 995 error = uath_alloc_data_list(sc, 996 sc->sc_tx, UATH_TX_DATA_LIST_COUNT, UATH_MAX_TXBUFSZ, 997 sc->sc_tx_dma_buf); 998 if (error != 0) 999 return (error); 1000 1001 STAILQ_INIT(&sc->sc_tx_active); 1002 STAILQ_INIT(&sc->sc_tx_inactive); 1003 STAILQ_INIT(&sc->sc_tx_pending); 1004 1005 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 1006 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], 1007 next); 1008 UATH_STAT_INC(sc, st_tx_inactive); 1009 } 1010 1011 return (0); 1012 } 1013 1014 static void 1015 uath_free_rx_data_list(struct uath_softc *sc) 1016 { 1017 uath_free_data_list(sc, sc->sc_rx, UATH_RX_DATA_LIST_COUNT, 1018 1 /* free mbufs */); 1019 } 1020 1021 static void 1022 uath_free_tx_data_list(struct uath_softc *sc) 1023 { 1024 uath_free_data_list(sc, sc->sc_tx, UATH_TX_DATA_LIST_COUNT, 1025 0 /* no mbufs */); 1026 } 1027 1028 static struct ieee80211vap * 1029 uath_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 1030 enum ieee80211_opmode opmode, int flags, 1031 const uint8_t bssid[IEEE80211_ADDR_LEN], 1032 const uint8_t mac[IEEE80211_ADDR_LEN]) 1033 { 1034 struct uath_vap *uvp; 1035 struct ieee80211vap *vap; 1036 1037 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 1038 return (NULL); 1039 uvp = malloc(sizeof(struct uath_vap), M_80211_VAP, M_WAITOK | M_ZERO); 1040 vap = &uvp->vap; 1041 /* enable s/w bmiss handling for sta mode */ 1042 1043 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 1044 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) { 1045 /* out of memory */ 1046 free(uvp, M_80211_VAP); 1047 return (NULL); 1048 } 1049 1050 /* override state transition machine */ 1051 uvp->newstate = vap->iv_newstate; 1052 vap->iv_newstate = uath_newstate; 1053 1054 /* complete setup */ 1055 ieee80211_vap_attach(vap, ieee80211_media_change, 1056 ieee80211_media_status, mac); 1057 ic->ic_opmode = opmode; 1058 return (vap); 1059 } 1060 1061 static void 1062 uath_vap_delete(struct ieee80211vap *vap) 1063 { 1064 struct uath_vap *uvp = UATH_VAP(vap); 1065 1066 ieee80211_vap_detach(vap); 1067 free(uvp, M_80211_VAP); 1068 } 1069 1070 static int 1071 uath_init(struct uath_softc *sc) 1072 { 1073 struct ieee80211com *ic = &sc->sc_ic; 1074 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1075 uint32_t val; 1076 int error; 1077 1078 UATH_ASSERT_LOCKED(sc); 1079 1080 if (sc->sc_flags & UATH_FLAG_INITDONE) 1081 uath_stop(sc); 1082 1083 /* reset variables */ 1084 sc->sc_intrx_nextnum = sc->sc_msgid = 0; 1085 1086 val = htobe32(0); 1087 uath_cmd_write(sc, WDCMSG_BIND, &val, sizeof val, 0); 1088 1089 /* set MAC address */ 1090 uath_config_multi(sc, CFG_MAC_ADDR, 1091 vap ? vap->iv_myaddr : ic->ic_macaddr, IEEE80211_ADDR_LEN); 1092 1093 /* XXX honor net80211 state */ 1094 uath_config(sc, CFG_RATE_CONTROL_ENABLE, 0x00000001); 1095 uath_config(sc, CFG_DIVERSITY_CTL, 0x00000001); 1096 uath_config(sc, CFG_ABOLT, 0x0000003f); 1097 uath_config(sc, CFG_WME_ENABLED, 0x00000001); 1098 1099 uath_config(sc, CFG_SERVICE_TYPE, 1); 1100 uath_config(sc, CFG_TP_SCALE, 0x00000000); 1101 uath_config(sc, CFG_TPC_HALF_DBM5, 0x0000003c); 1102 uath_config(sc, CFG_TPC_HALF_DBM2, 0x0000003c); 1103 uath_config(sc, CFG_OVERRD_TX_POWER, 0x00000000); 1104 uath_config(sc, CFG_GMODE_PROTECTION, 0x00000000); 1105 uath_config(sc, CFG_GMODE_PROTECT_RATE_INDEX, 0x00000003); 1106 uath_config(sc, CFG_PROTECTION_TYPE, 0x00000000); 1107 uath_config(sc, CFG_MODE_CTS, 0x00000002); 1108 1109 error = uath_cmd_read(sc, WDCMSG_TARGET_START, NULL, 0, 1110 &val, sizeof(val), UATH_CMD_FLAG_MAGIC); 1111 if (error) { 1112 device_printf(sc->sc_dev, 1113 "could not start target, error %d\n", error); 1114 goto fail; 1115 } 1116 DPRINTF(sc, UATH_DEBUG_INIT, "%s returns handle: 0x%x\n", 1117 uath_codename(WDCMSG_TARGET_START), be32toh(val)); 1118 1119 /* set default channel */ 1120 error = uath_switch_channel(sc, ic->ic_curchan); 1121 if (error) { 1122 device_printf(sc->sc_dev, 1123 "could not switch channel, error %d\n", error); 1124 goto fail; 1125 } 1126 1127 val = htobe32(TARGET_DEVICE_AWAKE); 1128 uath_cmd_write(sc, WDCMSG_SET_PWR_MODE, &val, sizeof val, 0); 1129 /* XXX? check */ 1130 uath_cmd_write(sc, WDCMSG_RESET_KEY_CACHE, NULL, 0, 0); 1131 1132 usbd_transfer_start(sc->sc_xfer[UATH_BULK_RX]); 1133 /* enable Rx */ 1134 uath_set_rxfilter(sc, 0x0, UATH_FILTER_OP_INIT); 1135 uath_set_rxfilter(sc, 1136 UATH_FILTER_RX_UCAST | UATH_FILTER_RX_MCAST | 1137 UATH_FILTER_RX_BCAST | UATH_FILTER_RX_BEACON, 1138 UATH_FILTER_OP_SET); 1139 1140 sc->sc_flags |= UATH_FLAG_INITDONE; 1141 1142 callout_reset(&sc->watchdog_ch, hz, uath_watchdog, sc); 1143 1144 return (0); 1145 1146 fail: 1147 uath_stop(sc); 1148 return (error); 1149 } 1150 1151 static void 1152 uath_stop(struct uath_softc *sc) 1153 { 1154 1155 UATH_ASSERT_LOCKED(sc); 1156 1157 sc->sc_flags &= ~UATH_FLAG_INITDONE; 1158 1159 callout_stop(&sc->stat_ch); 1160 callout_stop(&sc->watchdog_ch); 1161 sc->sc_tx_timer = 0; 1162 /* abort pending transmits */ 1163 uath_abort_xfers(sc); 1164 /* flush data & control requests into the target */ 1165 (void)uath_flush(sc); 1166 /* set a LED status to the disconnected. */ 1167 uath_set_ledstate(sc, 0); 1168 /* stop the target */ 1169 uath_cmd_write(sc, WDCMSG_TARGET_STOP, NULL, 0, 0); 1170 } 1171 1172 static int 1173 uath_config(struct uath_softc *sc, uint32_t reg, uint32_t val) 1174 { 1175 struct uath_write_mac write; 1176 int error; 1177 1178 write.reg = htobe32(reg); 1179 write.len = htobe32(0); /* 0 = single write */ 1180 *(uint32_t *)write.data = htobe32(val); 1181 1182 error = uath_cmd_write(sc, WDCMSG_TARGET_SET_CONFIG, &write, 1183 3 * sizeof (uint32_t), 0); 1184 if (error != 0) { 1185 device_printf(sc->sc_dev, "could not write register 0x%02x\n", 1186 reg); 1187 } 1188 return (error); 1189 } 1190 1191 static int 1192 uath_config_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1193 int len) 1194 { 1195 struct uath_write_mac write; 1196 int error; 1197 1198 write.reg = htobe32(reg); 1199 write.len = htobe32(len); 1200 bcopy(data, write.data, len); 1201 1202 /* properly handle the case where len is zero (reset) */ 1203 error = uath_cmd_write(sc, WDCMSG_TARGET_SET_CONFIG, &write, 1204 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1205 if (error != 0) { 1206 device_printf(sc->sc_dev, 1207 "could not write %d bytes to register 0x%02x\n", len, reg); 1208 } 1209 return (error); 1210 } 1211 1212 static int 1213 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1214 { 1215 int error; 1216 1217 UATH_ASSERT_LOCKED(sc); 1218 1219 /* set radio frequency */ 1220 error = uath_set_chan(sc, c); 1221 if (error) { 1222 device_printf(sc->sc_dev, 1223 "could not set channel, error %d\n", error); 1224 goto failed; 1225 } 1226 /* reset Tx rings */ 1227 error = uath_reset_tx_queues(sc); 1228 if (error) { 1229 device_printf(sc->sc_dev, 1230 "could not reset Tx queues, error %d\n", error); 1231 goto failed; 1232 } 1233 /* set Tx rings WME properties */ 1234 error = uath_wme_init(sc); 1235 if (error) { 1236 device_printf(sc->sc_dev, 1237 "could not init Tx queues, error %d\n", error); 1238 goto failed; 1239 } 1240 error = uath_set_ledstate(sc, 0); 1241 if (error) { 1242 device_printf(sc->sc_dev, 1243 "could not set led state, error %d\n", error); 1244 goto failed; 1245 } 1246 error = uath_flush(sc); 1247 if (error) { 1248 device_printf(sc->sc_dev, 1249 "could not flush pipes, error %d\n", error); 1250 goto failed; 1251 } 1252 failed: 1253 return (error); 1254 } 1255 1256 static int 1257 uath_set_rxfilter(struct uath_softc *sc, uint32_t bits, uint32_t op) 1258 { 1259 struct uath_cmd_rx_filter rxfilter; 1260 1261 rxfilter.bits = htobe32(bits); 1262 rxfilter.op = htobe32(op); 1263 1264 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 1265 "setting Rx filter=0x%x flags=0x%x\n", bits, op); 1266 return uath_cmd_write(sc, WDCMSG_RX_FILTER, &rxfilter, 1267 sizeof rxfilter, 0); 1268 } 1269 1270 static void 1271 uath_watchdog(void *arg) 1272 { 1273 struct uath_softc *sc = arg; 1274 struct ieee80211com *ic = &sc->sc_ic; 1275 1276 if (sc->sc_tx_timer > 0) { 1277 if (--sc->sc_tx_timer == 0) { 1278 device_printf(sc->sc_dev, "device timeout\n"); 1279 counter_u64_add(ic->ic_oerrors, 1); 1280 ieee80211_restart_all(ic); 1281 return; 1282 } 1283 callout_reset(&sc->watchdog_ch, hz, uath_watchdog, sc); 1284 } 1285 } 1286 1287 static void 1288 uath_abort_xfers(struct uath_softc *sc) 1289 { 1290 int i; 1291 1292 UATH_ASSERT_LOCKED(sc); 1293 /* abort any pending transfers */ 1294 for (i = 0; i < UATH_N_XFERS; i++) 1295 usbd_transfer_stop(sc->sc_xfer[i]); 1296 } 1297 1298 static int 1299 uath_flush(struct uath_softc *sc) 1300 { 1301 int error; 1302 1303 error = uath_dataflush(sc); 1304 if (error != 0) 1305 goto failed; 1306 1307 error = uath_cmdflush(sc); 1308 if (error != 0) 1309 goto failed; 1310 1311 failed: 1312 return (error); 1313 } 1314 1315 static int 1316 uath_cmdflush(struct uath_softc *sc) 1317 { 1318 1319 return uath_cmd_write(sc, WDCMSG_FLUSH, NULL, 0, 0); 1320 } 1321 1322 static int 1323 uath_dataflush(struct uath_softc *sc) 1324 { 1325 struct uath_data *data; 1326 struct uath_chunk *chunk; 1327 struct uath_tx_desc *desc; 1328 1329 UATH_ASSERT_LOCKED(sc); 1330 1331 data = uath_getbuf(sc); 1332 if (data == NULL) 1333 return (ENOBUFS); 1334 data->buflen = sizeof(struct uath_chunk) + sizeof(struct uath_tx_desc); 1335 data->m = NULL; 1336 data->ni = NULL; 1337 chunk = (struct uath_chunk *)data->buf; 1338 desc = (struct uath_tx_desc *)(chunk + 1); 1339 1340 /* one chunk only */ 1341 chunk->seqnum = 0; 1342 chunk->flags = UATH_CFLAGS_FINAL; 1343 chunk->length = htobe16(sizeof (struct uath_tx_desc)); 1344 1345 memset(desc, 0, sizeof(struct uath_tx_desc)); 1346 desc->msglen = htobe32(sizeof(struct uath_tx_desc)); 1347 desc->msgid = (sc->sc_msgid++) + 1; /* don't care about endianness */ 1348 desc->type = htobe32(WDCMSG_FLUSH); 1349 desc->txqid = htobe32(0); 1350 desc->connid = htobe32(0); 1351 desc->flags = htobe32(0); 1352 1353 #ifdef UATH_DEBUG 1354 if (sc->sc_debug & UATH_DEBUG_CMDS) { 1355 DPRINTF(sc, UATH_DEBUG_RESET, "send flush ix %d\n", 1356 desc->msgid); 1357 if (sc->sc_debug & UATH_DEBUG_CMDS_DUMP) 1358 uath_dump_cmd(data->buf, data->buflen, '+'); 1359 } 1360 #endif 1361 1362 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 1363 UATH_STAT_INC(sc, st_tx_pending); 1364 sc->sc_tx_timer = 5; 1365 usbd_transfer_start(sc->sc_xfer[UATH_BULK_TX]); 1366 1367 return (0); 1368 } 1369 1370 static struct uath_data * 1371 _uath_getbuf(struct uath_softc *sc) 1372 { 1373 struct uath_data *bf; 1374 1375 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 1376 if (bf != NULL) { 1377 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 1378 UATH_STAT_DEC(sc, st_tx_inactive); 1379 } else 1380 bf = NULL; 1381 if (bf == NULL) 1382 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: %s\n", __func__, 1383 "out of xmit buffers"); 1384 return (bf); 1385 } 1386 1387 static struct uath_data * 1388 uath_getbuf(struct uath_softc *sc) 1389 { 1390 struct uath_data *bf; 1391 1392 UATH_ASSERT_LOCKED(sc); 1393 1394 bf = _uath_getbuf(sc); 1395 if (bf == NULL) 1396 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: stop queue\n", __func__); 1397 return (bf); 1398 } 1399 1400 static int 1401 uath_set_ledstate(struct uath_softc *sc, int connected) 1402 { 1403 1404 DPRINTF(sc, UATH_DEBUG_LED, 1405 "set led state %sconnected\n", connected ? "" : "!"); 1406 connected = htobe32(connected); 1407 return uath_cmd_write(sc, WDCMSG_SET_LED_STATE, 1408 &connected, sizeof connected, 0); 1409 } 1410 1411 static int 1412 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1413 { 1414 #ifdef UATH_DEBUG 1415 struct ieee80211com *ic = &sc->sc_ic; 1416 #endif 1417 struct uath_cmd_reset reset; 1418 1419 memset(&reset, 0, sizeof(reset)); 1420 if (IEEE80211_IS_CHAN_2GHZ(c)) 1421 reset.flags |= htobe32(UATH_CHAN_2GHZ); 1422 if (IEEE80211_IS_CHAN_5GHZ(c)) 1423 reset.flags |= htobe32(UATH_CHAN_5GHZ); 1424 /* NB: 11g =>'s 11b so don't specify both OFDM and CCK */ 1425 if (IEEE80211_IS_CHAN_OFDM(c)) 1426 reset.flags |= htobe32(UATH_CHAN_OFDM); 1427 else if (IEEE80211_IS_CHAN_CCK(c)) 1428 reset.flags |= htobe32(UATH_CHAN_CCK); 1429 /* turbo can be used in either 2GHz or 5GHz */ 1430 if (c->ic_flags & IEEE80211_CHAN_TURBO) 1431 reset.flags |= htobe32(UATH_CHAN_TURBO); 1432 reset.freq = htobe32(c->ic_freq); 1433 reset.maxrdpower = htobe32(50); /* XXX */ 1434 reset.channelchange = htobe32(1); 1435 reset.keeprccontent = htobe32(0); 1436 1437 DPRINTF(sc, UATH_DEBUG_CHANNEL, "set channel %d, flags 0x%x freq %u\n", 1438 ieee80211_chan2ieee(ic, c), 1439 be32toh(reset.flags), be32toh(reset.freq)); 1440 return uath_cmd_write(sc, WDCMSG_RESET, &reset, sizeof reset, 0); 1441 } 1442 1443 static int 1444 uath_reset_tx_queues(struct uath_softc *sc) 1445 { 1446 int ac, error; 1447 1448 DPRINTF(sc, UATH_DEBUG_RESET, "%s: reset Tx queues\n", __func__); 1449 for (ac = 0; ac < 4; ac++) { 1450 const uint32_t qid = htobe32(ac); 1451 1452 error = uath_cmd_write(sc, WDCMSG_RELEASE_TX_QUEUE, &qid, 1453 sizeof qid, 0); 1454 if (error != 0) 1455 break; 1456 } 1457 return (error); 1458 } 1459 1460 static int 1461 uath_wme_init(struct uath_softc *sc) 1462 { 1463 /* XXX get from net80211 */ 1464 static const struct uath_wme_settings uath_wme_11g[4] = { 1465 { 7, 4, 10, 0, 0 }, /* Background */ 1466 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1467 { 3, 3, 4, 26, 0 }, /* Video */ 1468 { 2, 2, 3, 47, 0 } /* Voice */ 1469 }; 1470 struct uath_cmd_txq_setup qinfo; 1471 int ac, error; 1472 1473 DPRINTF(sc, UATH_DEBUG_WME, "%s: setup Tx queues\n", __func__); 1474 for (ac = 0; ac < 4; ac++) { 1475 qinfo.qid = htobe32(ac); 1476 qinfo.len = htobe32(sizeof(qinfo.attr)); 1477 qinfo.attr.priority = htobe32(ac); /* XXX */ 1478 qinfo.attr.aifs = htobe32(uath_wme_11g[ac].aifsn); 1479 qinfo.attr.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1480 qinfo.attr.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1481 qinfo.attr.bursttime = htobe32(IEEE80211_TXOP_TO_US( 1482 uath_wme_11g[ac].txop)); 1483 qinfo.attr.mode = htobe32(uath_wme_11g[ac].acm);/*XXX? */ 1484 qinfo.attr.qflags = htobe32(1); /* XXX? */ 1485 1486 error = uath_cmd_write(sc, WDCMSG_SETUP_TX_QUEUE, &qinfo, 1487 sizeof qinfo, 0); 1488 if (error != 0) 1489 break; 1490 } 1491 return (error); 1492 } 1493 1494 static void 1495 uath_parent(struct ieee80211com *ic) 1496 { 1497 struct uath_softc *sc = ic->ic_softc; 1498 int startall = 0; 1499 1500 UATH_LOCK(sc); 1501 if (sc->sc_flags & UATH_FLAG_INVALID) { 1502 UATH_UNLOCK(sc); 1503 return; 1504 } 1505 1506 if (ic->ic_nrunning > 0) { 1507 if (!(sc->sc_flags & UATH_FLAG_INITDONE)) { 1508 uath_init(sc); 1509 startall = 1; 1510 } 1511 } else if (sc->sc_flags & UATH_FLAG_INITDONE) 1512 uath_stop(sc); 1513 UATH_UNLOCK(sc); 1514 if (startall) 1515 ieee80211_start_all(ic); 1516 } 1517 1518 static int 1519 uath_tx_start(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1520 struct uath_data *data) 1521 { 1522 struct ieee80211vap *vap = ni->ni_vap; 1523 struct uath_chunk *chunk; 1524 struct uath_tx_desc *desc; 1525 const struct ieee80211_frame *wh; 1526 struct ieee80211_key *k; 1527 int framelen, msglen; 1528 1529 UATH_ASSERT_LOCKED(sc); 1530 1531 data->ni = ni; 1532 data->m = m0; 1533 chunk = (struct uath_chunk *)data->buf; 1534 desc = (struct uath_tx_desc *)(chunk + 1); 1535 1536 if (ieee80211_radiotap_active_vap(vap)) { 1537 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1538 1539 tap->wt_flags = 0; 1540 if (m0->m_flags & M_FRAG) 1541 tap->wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1542 1543 ieee80211_radiotap_tx(vap, m0); 1544 } 1545 1546 wh = mtod(m0, struct ieee80211_frame *); 1547 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1548 k = ieee80211_crypto_encap(ni, m0); 1549 if (k == NULL) { 1550 m_freem(m0); 1551 return (ENOBUFS); 1552 } 1553 1554 /* packet header may have moved, reset our local pointer */ 1555 wh = mtod(m0, struct ieee80211_frame *); 1556 } 1557 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1558 1559 framelen = m0->m_pkthdr.len + IEEE80211_CRC_LEN; 1560 msglen = framelen + sizeof (struct uath_tx_desc); 1561 data->buflen = msglen + sizeof (struct uath_chunk); 1562 1563 /* one chunk only for now */ 1564 chunk->seqnum = sc->sc_seqnum++; 1565 chunk->flags = (m0->m_flags & M_FRAG) ? 0 : UATH_CFLAGS_FINAL; 1566 if (m0->m_flags & M_LASTFRAG) 1567 chunk->flags |= UATH_CFLAGS_FINAL; 1568 chunk->flags = UATH_CFLAGS_FINAL; 1569 chunk->length = htobe16(msglen); 1570 1571 /* fill Tx descriptor */ 1572 desc->msglen = htobe32(msglen); 1573 /* NB: to get UATH_TX_NOTIFY reply, `msgid' must be larger than 0 */ 1574 desc->msgid = (sc->sc_msgid++) + 1; /* don't care about endianness */ 1575 desc->type = htobe32(WDCMSG_SEND); 1576 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 1577 case IEEE80211_FC0_TYPE_CTL: 1578 case IEEE80211_FC0_TYPE_MGT: 1579 /* NB: force all management frames to highest queue */ 1580 if (ni->ni_flags & IEEE80211_NODE_QOS) { 1581 /* NB: force all management frames to highest queue */ 1582 desc->txqid = htobe32(WME_AC_VO | UATH_TXQID_MINRATE); 1583 } else 1584 desc->txqid = htobe32(WME_AC_BE | UATH_TXQID_MINRATE); 1585 break; 1586 case IEEE80211_FC0_TYPE_DATA: 1587 /* XXX multicast frames should honor mcastrate */ 1588 desc->txqid = htobe32(M_WME_GETAC(m0)); 1589 break; 1590 default: 1591 device_printf(sc->sc_dev, "bogus frame type 0x%x (%s)\n", 1592 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 1593 m_freem(m0); 1594 return (EIO); 1595 } 1596 if (vap->iv_state == IEEE80211_S_AUTH || 1597 vap->iv_state == IEEE80211_S_ASSOC || 1598 vap->iv_state == IEEE80211_S_RUN) 1599 desc->connid = htobe32(UATH_ID_BSS); 1600 else 1601 desc->connid = htobe32(UATH_ID_INVALID); 1602 desc->flags = htobe32(0 /* no UATH_TX_NOTIFY */); 1603 desc->buflen = htobe32(m0->m_pkthdr.len); 1604 1605 #ifdef UATH_DEBUG 1606 DPRINTF(sc, UATH_DEBUG_XMIT, 1607 "send frame ix %u framelen %d msglen %d connid 0x%x txqid 0x%x\n", 1608 desc->msgid, framelen, msglen, be32toh(desc->connid), 1609 be32toh(desc->txqid)); 1610 if (sc->sc_debug & UATH_DEBUG_XMIT_DUMP) 1611 uath_dump_cmd(data->buf, data->buflen, '+'); 1612 #endif 1613 1614 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 1615 UATH_STAT_INC(sc, st_tx_pending); 1616 usbd_transfer_start(sc->sc_xfer[UATH_BULK_TX]); 1617 1618 return (0); 1619 } 1620 1621 /* 1622 * Cleanup driver resources when we run out of buffers while processing 1623 * fragments; return the tx buffers allocated and drop node references. 1624 */ 1625 static void 1626 uath_txfrag_cleanup(struct uath_softc *sc, 1627 uath_datahead *frags, struct ieee80211_node *ni) 1628 { 1629 struct uath_data *bf, *next; 1630 1631 UATH_ASSERT_LOCKED(sc); 1632 1633 STAILQ_FOREACH_SAFE(bf, frags, next, next) { 1634 /* NB: bf assumed clean */ 1635 STAILQ_REMOVE_HEAD(frags, next); 1636 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 1637 UATH_STAT_INC(sc, st_tx_inactive); 1638 ieee80211_node_decref(ni); 1639 } 1640 } 1641 1642 /* 1643 * Setup xmit of a fragmented frame. Allocate a buffer for each frag and bump 1644 * the node reference count to reflect the held reference to be setup by 1645 * uath_tx_start. 1646 */ 1647 static int 1648 uath_txfrag_setup(struct uath_softc *sc, uath_datahead *frags, 1649 struct mbuf *m0, struct ieee80211_node *ni) 1650 { 1651 struct mbuf *m; 1652 struct uath_data *bf; 1653 1654 UATH_ASSERT_LOCKED(sc); 1655 for (m = m0->m_nextpkt; m != NULL; m = m->m_nextpkt) { 1656 bf = uath_getbuf(sc); 1657 if (bf == NULL) { /* out of buffers, cleanup */ 1658 uath_txfrag_cleanup(sc, frags, ni); 1659 break; 1660 } 1661 ieee80211_node_incref(ni); 1662 STAILQ_INSERT_TAIL(frags, bf, next); 1663 } 1664 1665 return !STAILQ_EMPTY(frags); 1666 } 1667 1668 static int 1669 uath_transmit(struct ieee80211com *ic, struct mbuf *m) 1670 { 1671 struct uath_softc *sc = ic->ic_softc; 1672 int error; 1673 1674 UATH_LOCK(sc); 1675 if ((sc->sc_flags & UATH_FLAG_INITDONE) == 0) { 1676 UATH_UNLOCK(sc); 1677 return (ENXIO); 1678 } 1679 error = mbufq_enqueue(&sc->sc_snd, m); 1680 if (error) { 1681 UATH_UNLOCK(sc); 1682 return (error); 1683 } 1684 uath_start(sc); 1685 UATH_UNLOCK(sc); 1686 1687 return (0); 1688 } 1689 1690 static void 1691 uath_start(struct uath_softc *sc) 1692 { 1693 struct uath_data *bf; 1694 struct ieee80211_node *ni; 1695 struct mbuf *m, *next; 1696 uath_datahead frags; 1697 1698 UATH_ASSERT_LOCKED(sc); 1699 1700 if ((sc->sc_flags & UATH_FLAG_INITDONE) == 0 || 1701 (sc->sc_flags & UATH_FLAG_INVALID)) 1702 return; 1703 1704 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 1705 bf = uath_getbuf(sc); 1706 if (bf == NULL) { 1707 mbufq_prepend(&sc->sc_snd, m); 1708 break; 1709 } 1710 1711 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 1712 m->m_pkthdr.rcvif = NULL; 1713 1714 /* 1715 * Check for fragmentation. If this frame has been broken up 1716 * verify we have enough buffers to send all the fragments 1717 * so all go out or none... 1718 */ 1719 STAILQ_INIT(&frags); 1720 if ((m->m_flags & M_FRAG) && 1721 !uath_txfrag_setup(sc, &frags, m, ni)) { 1722 DPRINTF(sc, UATH_DEBUG_XMIT, 1723 "%s: out of txfrag buffers\n", __func__); 1724 ieee80211_free_mbuf(m); 1725 goto bad; 1726 } 1727 sc->sc_seqnum = 0; 1728 nextfrag: 1729 /* 1730 * Pass the frame to the h/w for transmission. 1731 * Fragmented frames have each frag chained together 1732 * with m_nextpkt. We know there are sufficient uath_data's 1733 * to send all the frags because of work done by 1734 * uath_txfrag_setup. 1735 */ 1736 next = m->m_nextpkt; 1737 if (uath_tx_start(sc, m, ni, bf) != 0) { 1738 bad: 1739 if_inc_counter(ni->ni_vap->iv_ifp, 1740 IFCOUNTER_OERRORS, 1); 1741 reclaim: 1742 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 1743 UATH_STAT_INC(sc, st_tx_inactive); 1744 uath_txfrag_cleanup(sc, &frags, ni); 1745 ieee80211_free_node(ni); 1746 continue; 1747 } 1748 1749 if (next != NULL) { 1750 /* 1751 * Beware of state changing between frags. 1752 XXX check sta power-save state? 1753 */ 1754 if (ni->ni_vap->iv_state != IEEE80211_S_RUN) { 1755 DPRINTF(sc, UATH_DEBUG_XMIT, 1756 "%s: flush fragmented packet, state %s\n", 1757 __func__, 1758 ieee80211_state_name[ni->ni_vap->iv_state]); 1759 ieee80211_free_mbuf(next); 1760 goto reclaim; 1761 } 1762 m = next; 1763 bf = STAILQ_FIRST(&frags); 1764 KASSERT(bf != NULL, ("no buf for txfrag")); 1765 STAILQ_REMOVE_HEAD(&frags, next); 1766 goto nextfrag; 1767 } 1768 1769 sc->sc_tx_timer = 5; 1770 } 1771 } 1772 1773 static int 1774 uath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 1775 const struct ieee80211_bpf_params *params) 1776 { 1777 struct ieee80211com *ic = ni->ni_ic; 1778 struct uath_data *bf; 1779 struct uath_softc *sc = ic->ic_softc; 1780 1781 UATH_LOCK(sc); 1782 /* prevent management frames from being sent if we're not ready */ 1783 if ((sc->sc_flags & UATH_FLAG_INVALID) || 1784 !(sc->sc_flags & UATH_FLAG_INITDONE)) { 1785 m_freem(m); 1786 UATH_UNLOCK(sc); 1787 return (ENETDOWN); 1788 } 1789 1790 /* grab a TX buffer */ 1791 bf = uath_getbuf(sc); 1792 if (bf == NULL) { 1793 m_freem(m); 1794 UATH_UNLOCK(sc); 1795 return (ENOBUFS); 1796 } 1797 1798 sc->sc_seqnum = 0; 1799 if (uath_tx_start(sc, m, ni, bf) != 0) { 1800 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 1801 UATH_STAT_INC(sc, st_tx_inactive); 1802 UATH_UNLOCK(sc); 1803 return (EIO); 1804 } 1805 UATH_UNLOCK(sc); 1806 1807 sc->sc_tx_timer = 5; 1808 return (0); 1809 } 1810 1811 static void 1812 uath_scan_start(struct ieee80211com *ic) 1813 { 1814 /* do nothing */ 1815 } 1816 1817 static void 1818 uath_scan_end(struct ieee80211com *ic) 1819 { 1820 /* do nothing */ 1821 } 1822 1823 static void 1824 uath_set_channel(struct ieee80211com *ic) 1825 { 1826 struct uath_softc *sc = ic->ic_softc; 1827 1828 UATH_LOCK(sc); 1829 if ((sc->sc_flags & UATH_FLAG_INVALID) || 1830 (sc->sc_flags & UATH_FLAG_INITDONE) == 0) { 1831 UATH_UNLOCK(sc); 1832 return; 1833 } 1834 (void)uath_switch_channel(sc, ic->ic_curchan); 1835 UATH_UNLOCK(sc); 1836 } 1837 1838 static int 1839 uath_set_rxmulti_filter(struct uath_softc *sc) 1840 { 1841 /* XXX broken */ 1842 return (0); 1843 } 1844 static void 1845 uath_update_mcast(struct ieee80211com *ic) 1846 { 1847 struct uath_softc *sc = ic->ic_softc; 1848 1849 UATH_LOCK(sc); 1850 if ((sc->sc_flags & UATH_FLAG_INVALID) || 1851 (sc->sc_flags & UATH_FLAG_INITDONE) == 0) { 1852 UATH_UNLOCK(sc); 1853 return; 1854 } 1855 /* 1856 * this is for avoiding the race condition when we're try to 1857 * connect to the AP with WPA. 1858 */ 1859 if (sc->sc_flags & UATH_FLAG_INITDONE) 1860 (void)uath_set_rxmulti_filter(sc); 1861 UATH_UNLOCK(sc); 1862 } 1863 1864 static void 1865 uath_update_promisc(struct ieee80211com *ic) 1866 { 1867 struct uath_softc *sc = ic->ic_softc; 1868 1869 UATH_LOCK(sc); 1870 if ((sc->sc_flags & UATH_FLAG_INVALID) || 1871 (sc->sc_flags & UATH_FLAG_INITDONE) == 0) { 1872 UATH_UNLOCK(sc); 1873 return; 1874 } 1875 if (sc->sc_flags & UATH_FLAG_INITDONE) { 1876 uath_set_rxfilter(sc, 1877 UATH_FILTER_RX_UCAST | UATH_FILTER_RX_MCAST | 1878 UATH_FILTER_RX_BCAST | UATH_FILTER_RX_BEACON | 1879 UATH_FILTER_RX_PROM, UATH_FILTER_OP_SET); 1880 } 1881 UATH_UNLOCK(sc); 1882 } 1883 1884 static int 1885 uath_create_connection(struct uath_softc *sc, uint32_t connid) 1886 { 1887 const struct ieee80211_rateset *rs; 1888 struct ieee80211com *ic = &sc->sc_ic; 1889 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1890 struct ieee80211_node *ni; 1891 struct uath_cmd_create_connection create; 1892 1893 ni = ieee80211_ref_node(vap->iv_bss); 1894 memset(&create, 0, sizeof(create)); 1895 create.connid = htobe32(connid); 1896 create.bssid = htobe32(0); 1897 /* XXX packed or not? */ 1898 create.size = htobe32(sizeof(struct uath_cmd_rateset)); 1899 1900 rs = &ni->ni_rates; 1901 create.connattr.rateset.length = rs->rs_nrates; 1902 bcopy(rs->rs_rates, &create.connattr.rateset.set[0], 1903 rs->rs_nrates); 1904 1905 /* XXX turbo */ 1906 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) 1907 create.connattr.wlanmode = htobe32(WLAN_MODE_11a); 1908 else if (IEEE80211_IS_CHAN_ANYG(ni->ni_chan)) 1909 create.connattr.wlanmode = htobe32(WLAN_MODE_11g); 1910 else 1911 create.connattr.wlanmode = htobe32(WLAN_MODE_11b); 1912 ieee80211_free_node(ni); 1913 1914 return uath_cmd_write(sc, WDCMSG_CREATE_CONNECTION, &create, 1915 sizeof create, 0); 1916 } 1917 1918 static int 1919 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1920 { 1921 struct uath_cmd_rates rates; 1922 1923 memset(&rates, 0, sizeof(rates)); 1924 rates.connid = htobe32(UATH_ID_BSS); /* XXX */ 1925 rates.size = htobe32(sizeof(struct uath_cmd_rateset)); 1926 /* XXX bounds check rs->rs_nrates */ 1927 rates.rateset.length = rs->rs_nrates; 1928 bcopy(rs->rs_rates, &rates.rateset.set[0], rs->rs_nrates); 1929 1930 DPRINTF(sc, UATH_DEBUG_RATES, 1931 "setting supported rates nrates=%d\n", rs->rs_nrates); 1932 return uath_cmd_write(sc, WDCMSG_SET_BASIC_RATE, 1933 &rates, sizeof rates, 0); 1934 } 1935 1936 static int 1937 uath_write_associd(struct uath_softc *sc) 1938 { 1939 struct ieee80211com *ic = &sc->sc_ic; 1940 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1941 struct ieee80211_node *ni; 1942 struct uath_cmd_set_associd associd; 1943 1944 ni = ieee80211_ref_node(vap->iv_bss); 1945 memset(&associd, 0, sizeof(associd)); 1946 associd.defaultrateix = htobe32(1); /* XXX */ 1947 associd.associd = htobe32(ni->ni_associd); 1948 associd.timoffset = htobe32(0x3b); /* XXX */ 1949 IEEE80211_ADDR_COPY(associd.bssid, ni->ni_bssid); 1950 ieee80211_free_node(ni); 1951 return uath_cmd_write(sc, WDCMSG_WRITE_ASSOCID, &associd, 1952 sizeof associd, 0); 1953 } 1954 1955 static int 1956 uath_set_ledsteady(struct uath_softc *sc, int lednum, int ledmode) 1957 { 1958 struct uath_cmd_ledsteady led; 1959 1960 led.lednum = htobe32(lednum); 1961 led.ledmode = htobe32(ledmode); 1962 1963 DPRINTF(sc, UATH_DEBUG_LED, "set %s led %s (steady)\n", 1964 (lednum == UATH_LED_LINK) ? "link" : "activity", 1965 ledmode ? "on" : "off"); 1966 return uath_cmd_write(sc, WDCMSG_SET_LED_STEADY, &led, sizeof led, 0); 1967 } 1968 1969 static int 1970 uath_set_ledblink(struct uath_softc *sc, int lednum, int ledmode, 1971 int blinkrate, int slowmode) 1972 { 1973 struct uath_cmd_ledblink led; 1974 1975 led.lednum = htobe32(lednum); 1976 led.ledmode = htobe32(ledmode); 1977 led.blinkrate = htobe32(blinkrate); 1978 led.slowmode = htobe32(slowmode); 1979 1980 DPRINTF(sc, UATH_DEBUG_LED, "set %s led %s (blink)\n", 1981 (lednum == UATH_LED_LINK) ? "link" : "activity", 1982 ledmode ? "on" : "off"); 1983 return uath_cmd_write(sc, WDCMSG_SET_LED_BLINK, &led, sizeof led, 0); 1984 } 1985 1986 static int 1987 uath_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 1988 { 1989 enum ieee80211_state ostate = vap->iv_state; 1990 int error; 1991 struct ieee80211_node *ni; 1992 struct ieee80211com *ic = vap->iv_ic; 1993 struct uath_softc *sc = ic->ic_softc; 1994 struct uath_vap *uvp = UATH_VAP(vap); 1995 1996 DPRINTF(sc, UATH_DEBUG_STATE, 1997 "%s: %s -> %s\n", __func__, ieee80211_state_name[vap->iv_state], 1998 ieee80211_state_name[nstate]); 1999 2000 IEEE80211_UNLOCK(ic); 2001 UATH_LOCK(sc); 2002 callout_stop(&sc->stat_ch); 2003 callout_stop(&sc->watchdog_ch); 2004 ni = ieee80211_ref_node(vap->iv_bss); 2005 2006 switch (nstate) { 2007 case IEEE80211_S_INIT: 2008 if (ostate == IEEE80211_S_RUN) { 2009 /* turn link and activity LEDs off */ 2010 uath_set_ledstate(sc, 0); 2011 } 2012 break; 2013 2014 case IEEE80211_S_SCAN: 2015 break; 2016 2017 case IEEE80211_S_AUTH: 2018 /* XXX good place? set RTS threshold */ 2019 uath_config(sc, CFG_USER_RTS_THRESHOLD, vap->iv_rtsthreshold); 2020 /* XXX bad place */ 2021 error = uath_set_keys(sc, vap); 2022 if (error != 0) { 2023 device_printf(sc->sc_dev, 2024 "could not set crypto keys, error %d\n", error); 2025 break; 2026 } 2027 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 2028 device_printf(sc->sc_dev, "could not switch channel\n"); 2029 break; 2030 } 2031 if (uath_create_connection(sc, UATH_ID_BSS) != 0) { 2032 device_printf(sc->sc_dev, 2033 "could not create connection\n"); 2034 break; 2035 } 2036 break; 2037 2038 case IEEE80211_S_ASSOC: 2039 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 2040 device_printf(sc->sc_dev, 2041 "could not set negotiated rate set\n"); 2042 break; 2043 } 2044 break; 2045 2046 case IEEE80211_S_RUN: 2047 /* XXX monitor mode doesn't be tested */ 2048 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 2049 uath_set_ledstate(sc, 1); 2050 break; 2051 } 2052 2053 /* 2054 * Tx rate is controlled by firmware, report the maximum 2055 * negotiated rate in ifconfig output. 2056 */ 2057 ni->ni_txrate = ni->ni_rates.rs_rates[ni->ni_rates.rs_nrates-1]; 2058 2059 if (uath_write_associd(sc) != 0) { 2060 device_printf(sc->sc_dev, 2061 "could not write association id\n"); 2062 break; 2063 } 2064 /* turn link LED on */ 2065 uath_set_ledsteady(sc, UATH_LED_LINK, UATH_LED_ON); 2066 /* make activity LED blink */ 2067 uath_set_ledblink(sc, UATH_LED_ACTIVITY, UATH_LED_ON, 1, 2); 2068 /* set state to associated */ 2069 uath_set_ledstate(sc, 1); 2070 2071 /* start statistics timer */ 2072 callout_reset(&sc->stat_ch, hz, uath_stat, sc); 2073 break; 2074 default: 2075 break; 2076 } 2077 ieee80211_free_node(ni); 2078 UATH_UNLOCK(sc); 2079 IEEE80211_LOCK(ic); 2080 return (uvp->newstate(vap, nstate, arg)); 2081 } 2082 2083 static int 2084 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *wk, 2085 int index) 2086 { 2087 #if 0 2088 struct uath_cmd_crypto crypto; 2089 int i; 2090 2091 memset(&crypto, 0, sizeof(crypto)); 2092 crypto.keyidx = htobe32(index); 2093 crypto.magic1 = htobe32(1); 2094 crypto.size = htobe32(368); 2095 crypto.mask = htobe32(0xffff); 2096 crypto.flags = htobe32(0x80000068); 2097 if (index != UATH_DEFAULT_KEY) 2098 crypto.flags |= htobe32(index << 16); 2099 memset(crypto.magic2, 0xff, sizeof(crypto.magic2)); 2100 2101 /* 2102 * Each byte of the key must be XOR'ed with 10101010 before being 2103 * transmitted to the firmware. 2104 */ 2105 for (i = 0; i < wk->wk_keylen; i++) 2106 crypto.key[i] = wk->wk_key[i] ^ 0xaa; 2107 2108 DPRINTF(sc, UATH_DEBUG_CRYPTO, 2109 "setting crypto key index=%d len=%d\n", index, wk->wk_keylen); 2110 return uath_cmd_write(sc, WDCMSG_SET_KEY_CACHE_ENTRY, &crypto, 2111 sizeof crypto, 0); 2112 #else 2113 /* XXX support H/W cryto */ 2114 return (0); 2115 #endif 2116 } 2117 2118 static int 2119 uath_set_keys(struct uath_softc *sc, struct ieee80211vap *vap) 2120 { 2121 int i, error; 2122 2123 error = 0; 2124 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2125 const struct ieee80211_key *wk = &vap->iv_nw_keys[i]; 2126 2127 if (wk->wk_flags & (IEEE80211_KEY_XMIT|IEEE80211_KEY_RECV)) { 2128 error = uath_set_key(sc, wk, i); 2129 if (error) 2130 return (error); 2131 } 2132 } 2133 if (vap->iv_def_txkey != IEEE80211_KEYIX_NONE) { 2134 error = uath_set_key(sc, &vap->iv_nw_keys[vap->iv_def_txkey], 2135 UATH_DEFAULT_KEY); 2136 } 2137 return (error); 2138 } 2139 2140 #define UATH_SYSCTL_STAT_ADD32(c, h, n, p, d) \ 2141 SYSCTL_ADD_UINT(c, h, OID_AUTO, n, CTLFLAG_RD, p, 0, d) 2142 2143 static void 2144 uath_sysctl_node(struct uath_softc *sc) 2145 { 2146 struct sysctl_ctx_list *ctx; 2147 struct sysctl_oid_list *child; 2148 struct sysctl_oid *tree; 2149 struct uath_stat *stats; 2150 2151 stats = &sc->sc_stat; 2152 ctx = device_get_sysctl_ctx(sc->sc_dev); 2153 child = SYSCTL_CHILDREN(device_get_sysctl_tree(sc->sc_dev)); 2154 2155 tree = SYSCTL_ADD_NODE(ctx, child, OID_AUTO, "stats", CTLFLAG_RD, 2156 NULL, "UATH statistics"); 2157 child = SYSCTL_CHILDREN(tree); 2158 UATH_SYSCTL_STAT_ADD32(ctx, child, "badchunkseqnum", 2159 &stats->st_badchunkseqnum, "Bad chunk sequence numbers"); 2160 UATH_SYSCTL_STAT_ADD32(ctx, child, "invalidlen", &stats->st_invalidlen, 2161 "Invalid length"); 2162 UATH_SYSCTL_STAT_ADD32(ctx, child, "multichunk", &stats->st_multichunk, 2163 "Multi chunks"); 2164 UATH_SYSCTL_STAT_ADD32(ctx, child, "toobigrxpkt", 2165 &stats->st_toobigrxpkt, "Too big rx packets"); 2166 UATH_SYSCTL_STAT_ADD32(ctx, child, "stopinprogress", 2167 &stats->st_stopinprogress, "Stop in progress"); 2168 UATH_SYSCTL_STAT_ADD32(ctx, child, "crcerrs", &stats->st_crcerr, 2169 "CRC errors"); 2170 UATH_SYSCTL_STAT_ADD32(ctx, child, "phyerr", &stats->st_phyerr, 2171 "PHY errors"); 2172 UATH_SYSCTL_STAT_ADD32(ctx, child, "decrypt_crcerr", 2173 &stats->st_decrypt_crcerr, "Decryption CRC errors"); 2174 UATH_SYSCTL_STAT_ADD32(ctx, child, "decrypt_micerr", 2175 &stats->st_decrypt_micerr, "Decryption Misc errors"); 2176 UATH_SYSCTL_STAT_ADD32(ctx, child, "decomperr", &stats->st_decomperr, 2177 "Decomp errors"); 2178 UATH_SYSCTL_STAT_ADD32(ctx, child, "keyerr", &stats->st_keyerr, 2179 "Key errors"); 2180 UATH_SYSCTL_STAT_ADD32(ctx, child, "err", &stats->st_err, 2181 "Unknown errors"); 2182 2183 UATH_SYSCTL_STAT_ADD32(ctx, child, "cmd_active", 2184 &stats->st_cmd_active, "Active numbers in Command queue"); 2185 UATH_SYSCTL_STAT_ADD32(ctx, child, "cmd_inactive", 2186 &stats->st_cmd_inactive, "Inactive numbers in Command queue"); 2187 UATH_SYSCTL_STAT_ADD32(ctx, child, "cmd_pending", 2188 &stats->st_cmd_pending, "Pending numbers in Command queue"); 2189 UATH_SYSCTL_STAT_ADD32(ctx, child, "cmd_waiting", 2190 &stats->st_cmd_waiting, "Waiting numbers in Command queue"); 2191 UATH_SYSCTL_STAT_ADD32(ctx, child, "rx_active", 2192 &stats->st_rx_active, "Active numbers in RX queue"); 2193 UATH_SYSCTL_STAT_ADD32(ctx, child, "rx_inactive", 2194 &stats->st_rx_inactive, "Inactive numbers in RX queue"); 2195 UATH_SYSCTL_STAT_ADD32(ctx, child, "tx_active", 2196 &stats->st_tx_active, "Active numbers in TX queue"); 2197 UATH_SYSCTL_STAT_ADD32(ctx, child, "tx_inactive", 2198 &stats->st_tx_inactive, "Inactive numbers in TX queue"); 2199 UATH_SYSCTL_STAT_ADD32(ctx, child, "tx_pending", 2200 &stats->st_tx_pending, "Pending numbers in TX queue"); 2201 } 2202 2203 #undef UATH_SYSCTL_STAT_ADD32 2204 2205 CTASSERT(sizeof(u_int) >= sizeof(uint32_t)); 2206 2207 static void 2208 uath_cmdeof(struct uath_softc *sc, struct uath_cmd *cmd) 2209 { 2210 struct uath_cmd_hdr *hdr; 2211 uint32_t dlen; 2212 2213 hdr = (struct uath_cmd_hdr *)cmd->buf; 2214 /* NB: msgid is passed thru w/o byte swapping */ 2215 #ifdef UATH_DEBUG 2216 if (sc->sc_debug & UATH_DEBUG_CMDS) { 2217 uint32_t len = be32toh(hdr->len); 2218 printf("%s: %s [ix %u] len %u status %u\n", 2219 __func__, uath_codename(be32toh(hdr->code)), 2220 hdr->msgid, len, be32toh(hdr->magic)); 2221 if (sc->sc_debug & UATH_DEBUG_CMDS_DUMP) 2222 uath_dump_cmd(cmd->buf, 2223 len > UATH_MAX_CMDSZ ? sizeof(*hdr) : len, '-'); 2224 } 2225 #endif 2226 hdr->code = be32toh(hdr->code); 2227 hdr->len = be32toh(hdr->len); 2228 hdr->magic = be32toh(hdr->magic); /* target status on return */ 2229 2230 switch (hdr->code & 0xff) { 2231 /* reply to a read command */ 2232 default: 2233 DPRINTF(sc, UATH_DEBUG_RX_PROC | UATH_DEBUG_RECV_ALL, 2234 "%s: code %d hdr len %u\n", 2235 __func__, hdr->code & 0xff, hdr->len); 2236 /* 2237 * The first response from the target after the 2238 * HOST_AVAILABLE has an invalid msgid so we must 2239 * treat it specially. 2240 */ 2241 if (hdr->msgid < UATH_CMD_LIST_COUNT) { 2242 uint32_t *rp = (uint32_t *)(hdr+1); 2243 u_int olen; 2244 2245 if (sizeof(*hdr) > hdr->len || 2246 hdr->len >= UATH_MAX_CMDSZ) { 2247 device_printf(sc->sc_dev, 2248 "%s: invalid WDC msg length %u; " 2249 "msg ignored\n", __func__, hdr->len); 2250 return; 2251 } 2252 /* 2253 * Calculate return/receive payload size; the 2254 * first word, if present, always gives the 2255 * number of bytes--unless it's 0 in which 2256 * case a single 32-bit word should be present. 2257 */ 2258 dlen = hdr->len - sizeof(*hdr); 2259 if (dlen >= sizeof(uint32_t)) { 2260 olen = be32toh(rp[0]); 2261 dlen -= sizeof(uint32_t); 2262 if (olen == 0) { 2263 /* convention is 0 =>'s one word */ 2264 olen = sizeof(uint32_t); 2265 /* XXX KASSERT(olen == dlen ) */ 2266 } 2267 } else 2268 olen = 0; 2269 if (cmd->odata != NULL) { 2270 /* NB: cmd->olen validated in uath_cmd */ 2271 if (olen > (u_int)cmd->olen) { 2272 /* XXX complain? */ 2273 device_printf(sc->sc_dev, 2274 "%s: cmd 0x%x olen %u cmd olen %u\n", 2275 __func__, hdr->code, olen, 2276 cmd->olen); 2277 olen = cmd->olen; 2278 } 2279 if (olen > dlen) { 2280 /* XXX complain, shouldn't happen */ 2281 device_printf(sc->sc_dev, 2282 "%s: cmd 0x%x olen %u dlen %u\n", 2283 __func__, hdr->code, olen, dlen); 2284 olen = dlen; 2285 } 2286 /* XXX have submitter do this */ 2287 /* copy answer into caller's supplied buffer */ 2288 bcopy(&rp[1], cmd->odata, olen); 2289 cmd->olen = olen; 2290 } 2291 } 2292 wakeup_one(cmd); /* wake up caller */ 2293 break; 2294 2295 case WDCMSG_TARGET_START: 2296 if (hdr->msgid >= UATH_CMD_LIST_COUNT) { 2297 /* XXX */ 2298 return; 2299 } 2300 dlen = hdr->len - sizeof(*hdr); 2301 if (dlen != sizeof(uint32_t)) { 2302 device_printf(sc->sc_dev, 2303 "%s: dlen (%u) != %zu!\n", 2304 __func__, dlen, sizeof(uint32_t)); 2305 return; 2306 } 2307 /* XXX have submitter do this */ 2308 /* copy answer into caller's supplied buffer */ 2309 bcopy(hdr+1, cmd->odata, sizeof(uint32_t)); 2310 cmd->olen = sizeof(uint32_t); 2311 wakeup_one(cmd); /* wake up caller */ 2312 break; 2313 2314 case WDCMSG_SEND_COMPLETE: 2315 /* this notification is sent when UATH_TX_NOTIFY is set */ 2316 DPRINTF(sc, UATH_DEBUG_RX_PROC | UATH_DEBUG_RECV_ALL, 2317 "%s: received Tx notification\n", __func__); 2318 break; 2319 2320 case WDCMSG_TARGET_GET_STATS: 2321 DPRINTF(sc, UATH_DEBUG_RX_PROC | UATH_DEBUG_RECV_ALL, 2322 "%s: received device statistics\n", __func__); 2323 callout_reset(&sc->stat_ch, hz, uath_stat, sc); 2324 break; 2325 } 2326 } 2327 2328 static void 2329 uath_intr_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2330 { 2331 struct uath_softc *sc = usbd_xfer_softc(xfer); 2332 struct uath_cmd *cmd; 2333 struct uath_cmd_hdr *hdr; 2334 struct usb_page_cache *pc; 2335 int actlen; 2336 2337 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 2338 2339 UATH_ASSERT_LOCKED(sc); 2340 2341 switch (USB_GET_STATE(xfer)) { 2342 case USB_ST_TRANSFERRED: 2343 cmd = STAILQ_FIRST(&sc->sc_cmd_waiting); 2344 if (cmd == NULL) 2345 goto setup; 2346 STAILQ_REMOVE_HEAD(&sc->sc_cmd_waiting, next); 2347 UATH_STAT_DEC(sc, st_cmd_waiting); 2348 STAILQ_INSERT_TAIL(&sc->sc_cmd_inactive, cmd, next); 2349 UATH_STAT_INC(sc, st_cmd_inactive); 2350 2351 if (actlen < sizeof(struct uath_cmd_hdr)) { 2352 device_printf(sc->sc_dev, 2353 "%s: short xfer error (actlen %d)\n", 2354 __func__, actlen); 2355 goto setup; 2356 } 2357 2358 pc = usbd_xfer_get_frame(xfer, 0); 2359 usbd_copy_out(pc, 0, cmd->buf, actlen); 2360 2361 hdr = (struct uath_cmd_hdr *)cmd->buf; 2362 hdr->len = be32toh(hdr->len); 2363 if (hdr->len > (uint32_t)actlen) { 2364 device_printf(sc->sc_dev, 2365 "%s: truncated xfer (len %u, actlen %d)\n", 2366 __func__, hdr->len, actlen); 2367 goto setup; 2368 } 2369 2370 uath_cmdeof(sc, cmd); 2371 case USB_ST_SETUP: 2372 setup: 2373 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer)); 2374 usbd_transfer_submit(xfer); 2375 break; 2376 default: 2377 if (error != USB_ERR_CANCELLED) { 2378 usbd_xfer_set_stall(xfer); 2379 goto setup; 2380 } 2381 break; 2382 } 2383 } 2384 2385 static void 2386 uath_intr_tx_callback(struct usb_xfer *xfer, usb_error_t error) 2387 { 2388 struct uath_softc *sc = usbd_xfer_softc(xfer); 2389 struct uath_cmd *cmd; 2390 2391 UATH_ASSERT_LOCKED(sc); 2392 2393 cmd = STAILQ_FIRST(&sc->sc_cmd_active); 2394 if (cmd != NULL && USB_GET_STATE(xfer) != USB_ST_SETUP) { 2395 STAILQ_REMOVE_HEAD(&sc->sc_cmd_active, next); 2396 UATH_STAT_DEC(sc, st_cmd_active); 2397 STAILQ_INSERT_TAIL((cmd->flags & UATH_CMD_FLAG_READ) ? 2398 &sc->sc_cmd_waiting : &sc->sc_cmd_inactive, cmd, next); 2399 if (cmd->flags & UATH_CMD_FLAG_READ) 2400 UATH_STAT_INC(sc, st_cmd_waiting); 2401 else 2402 UATH_STAT_INC(sc, st_cmd_inactive); 2403 } 2404 2405 switch (USB_GET_STATE(xfer)) { 2406 case USB_ST_TRANSFERRED: 2407 case USB_ST_SETUP: 2408 setup: 2409 cmd = STAILQ_FIRST(&sc->sc_cmd_pending); 2410 if (cmd == NULL) { 2411 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: empty pending queue\n", 2412 __func__); 2413 return; 2414 } 2415 STAILQ_REMOVE_HEAD(&sc->sc_cmd_pending, next); 2416 UATH_STAT_DEC(sc, st_cmd_pending); 2417 STAILQ_INSERT_TAIL((cmd->flags & UATH_CMD_FLAG_ASYNC) ? 2418 &sc->sc_cmd_inactive : &sc->sc_cmd_active, cmd, next); 2419 if (cmd->flags & UATH_CMD_FLAG_ASYNC) 2420 UATH_STAT_INC(sc, st_cmd_inactive); 2421 else 2422 UATH_STAT_INC(sc, st_cmd_active); 2423 2424 usbd_xfer_set_frame_data(xfer, 0, cmd->buf, cmd->buflen); 2425 usbd_transfer_submit(xfer); 2426 break; 2427 default: 2428 if (error != USB_ERR_CANCELLED) { 2429 usbd_xfer_set_stall(xfer); 2430 goto setup; 2431 } 2432 break; 2433 } 2434 } 2435 2436 static void 2437 uath_update_rxstat(struct uath_softc *sc, uint32_t status) 2438 { 2439 2440 switch (status) { 2441 case UATH_STATUS_STOP_IN_PROGRESS: 2442 UATH_STAT_INC(sc, st_stopinprogress); 2443 break; 2444 case UATH_STATUS_CRC_ERR: 2445 UATH_STAT_INC(sc, st_crcerr); 2446 break; 2447 case UATH_STATUS_PHY_ERR: 2448 UATH_STAT_INC(sc, st_phyerr); 2449 break; 2450 case UATH_STATUS_DECRYPT_CRC_ERR: 2451 UATH_STAT_INC(sc, st_decrypt_crcerr); 2452 break; 2453 case UATH_STATUS_DECRYPT_MIC_ERR: 2454 UATH_STAT_INC(sc, st_decrypt_micerr); 2455 break; 2456 case UATH_STATUS_DECOMP_ERR: 2457 UATH_STAT_INC(sc, st_decomperr); 2458 break; 2459 case UATH_STATUS_KEY_ERR: 2460 UATH_STAT_INC(sc, st_keyerr); 2461 break; 2462 case UATH_STATUS_ERR: 2463 UATH_STAT_INC(sc, st_err); 2464 break; 2465 default: 2466 break; 2467 } 2468 } 2469 2470 CTASSERT(UATH_MIN_RXBUFSZ >= sizeof(struct uath_chunk)); 2471 2472 static struct mbuf * 2473 uath_data_rxeof(struct usb_xfer *xfer, struct uath_data *data, 2474 struct uath_rx_desc **pdesc) 2475 { 2476 struct uath_softc *sc = usbd_xfer_softc(xfer); 2477 struct ieee80211com *ic = &sc->sc_ic; 2478 struct uath_chunk *chunk; 2479 struct uath_rx_desc *desc; 2480 struct mbuf *m = data->m, *mnew, *mp; 2481 uint16_t chunklen; 2482 int actlen; 2483 2484 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 2485 2486 if (actlen < (int)UATH_MIN_RXBUFSZ) { 2487 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 2488 "%s: wrong xfer size (len=%d)\n", __func__, actlen); 2489 counter_u64_add(ic->ic_ierrors, 1); 2490 return (NULL); 2491 } 2492 2493 chunk = (struct uath_chunk *)data->buf; 2494 chunklen = be16toh(chunk->length); 2495 if (chunk->seqnum == 0 && chunk->flags == 0 && chunklen == 0) { 2496 device_printf(sc->sc_dev, "%s: strange response\n", __func__); 2497 counter_u64_add(ic->ic_ierrors, 1); 2498 UATH_RESET_INTRX(sc); 2499 return (NULL); 2500 } 2501 2502 if (chunklen > actlen) { 2503 device_printf(sc->sc_dev, 2504 "%s: invalid chunk length (len %u > actlen %d)\n", 2505 __func__, chunklen, actlen); 2506 counter_u64_add(ic->ic_ierrors, 1); 2507 /* XXX cleanup? */ 2508 UATH_RESET_INTRX(sc); 2509 return (NULL); 2510 } 2511 2512 if (chunk->seqnum != sc->sc_intrx_nextnum) { 2513 DPRINTF(sc, UATH_DEBUG_XMIT, "invalid seqnum %d, expected %d\n", 2514 chunk->seqnum, sc->sc_intrx_nextnum); 2515 UATH_STAT_INC(sc, st_badchunkseqnum); 2516 if (sc->sc_intrx_head != NULL) 2517 m_freem(sc->sc_intrx_head); 2518 UATH_RESET_INTRX(sc); 2519 return (NULL); 2520 } 2521 2522 /* check multi-chunk frames */ 2523 if ((chunk->seqnum == 0 && !(chunk->flags & UATH_CFLAGS_FINAL)) || 2524 (chunk->seqnum != 0 && (chunk->flags & UATH_CFLAGS_FINAL)) || 2525 chunk->flags & UATH_CFLAGS_RXMSG) 2526 UATH_STAT_INC(sc, st_multichunk); 2527 2528 if (chunk->flags & UATH_CFLAGS_FINAL) { 2529 if (chunklen < sizeof(struct uath_rx_desc)) { 2530 device_printf(sc->sc_dev, 2531 "%s: invalid chunk length %d\n", 2532 __func__, chunklen); 2533 counter_u64_add(ic->ic_ierrors, 1); 2534 if (sc->sc_intrx_head != NULL) 2535 m_freem(sc->sc_intrx_head); 2536 UATH_RESET_INTRX(sc); 2537 return (NULL); 2538 } 2539 chunklen -= sizeof(struct uath_rx_desc); 2540 } 2541 2542 if (chunklen > 0 && 2543 (!(chunk->flags & UATH_CFLAGS_FINAL) || !(chunk->seqnum == 0))) { 2544 /* we should use intermediate RX buffer */ 2545 if (chunk->seqnum == 0) 2546 UATH_RESET_INTRX(sc); 2547 if ((sc->sc_intrx_len + sizeof(struct uath_rx_desc) + 2548 chunklen) > UATH_MAX_INTRX_SIZE) { 2549 UATH_STAT_INC(sc, st_invalidlen); 2550 counter_u64_add(ic->ic_ierrors, 1); 2551 if (sc->sc_intrx_head != NULL) 2552 m_freem(sc->sc_intrx_head); 2553 UATH_RESET_INTRX(sc); 2554 return (NULL); 2555 } 2556 2557 m->m_len = chunklen; 2558 m->m_data += sizeof(struct uath_chunk); 2559 2560 if (sc->sc_intrx_head == NULL) { 2561 sc->sc_intrx_head = m; 2562 sc->sc_intrx_tail = m; 2563 } else { 2564 m->m_flags &= ~M_PKTHDR; 2565 sc->sc_intrx_tail->m_next = m; 2566 sc->sc_intrx_tail = m; 2567 } 2568 } 2569 sc->sc_intrx_len += chunklen; 2570 2571 mnew = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 2572 if (mnew == NULL) { 2573 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 2574 "%s: can't get new mbuf, drop frame\n", __func__); 2575 counter_u64_add(ic->ic_ierrors, 1); 2576 if (sc->sc_intrx_head != NULL) 2577 m_freem(sc->sc_intrx_head); 2578 UATH_RESET_INTRX(sc); 2579 return (NULL); 2580 } 2581 2582 data->m = mnew; 2583 data->buf = mtod(mnew, uint8_t *); 2584 2585 /* if the frame is not final continue the transfer */ 2586 if (!(chunk->flags & UATH_CFLAGS_FINAL)) { 2587 sc->sc_intrx_nextnum++; 2588 UATH_RESET_INTRX(sc); 2589 return (NULL); 2590 } 2591 2592 /* 2593 * if the frame is not set UATH_CFLAGS_RXMSG, then rx descriptor is 2594 * located at the end, 32-bit aligned 2595 */ 2596 desc = (chunk->flags & UATH_CFLAGS_RXMSG) ? 2597 (struct uath_rx_desc *)(chunk + 1) : 2598 (struct uath_rx_desc *)(((uint8_t *)chunk) + 2599 sizeof(struct uath_chunk) + be16toh(chunk->length) - 2600 sizeof(struct uath_rx_desc)); 2601 if ((uint8_t *)chunk + actlen - sizeof(struct uath_rx_desc) < 2602 (uint8_t *)desc) { 2603 device_printf(sc->sc_dev, 2604 "%s: wrong Rx descriptor pointer " 2605 "(desc %p chunk %p actlen %d)\n", 2606 __func__, desc, chunk, actlen); 2607 counter_u64_add(ic->ic_ierrors, 1); 2608 if (sc->sc_intrx_head != NULL) 2609 m_freem(sc->sc_intrx_head); 2610 UATH_RESET_INTRX(sc); 2611 return (NULL); 2612 } 2613 2614 *pdesc = desc; 2615 2616 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 2617 "%s: frame len %u code %u status %u rate %u antenna %u " 2618 "rssi %d channel %u phyerror %u connix %u decrypterror %u " 2619 "keycachemiss %u\n", __func__, be32toh(desc->framelen) 2620 , be32toh(desc->code), be32toh(desc->status), be32toh(desc->rate) 2621 , be32toh(desc->antenna), be32toh(desc->rssi), be32toh(desc->channel) 2622 , be32toh(desc->phyerror), be32toh(desc->connix) 2623 , be32toh(desc->decrypterror), be32toh(desc->keycachemiss)); 2624 2625 if (be32toh(desc->len) > MCLBYTES) { 2626 DPRINTF(sc, UATH_DEBUG_RECV | UATH_DEBUG_RECV_ALL, 2627 "%s: bad descriptor (len=%d)\n", __func__, 2628 be32toh(desc->len)); 2629 counter_u64_add(ic->ic_ierrors, 1); 2630 UATH_STAT_INC(sc, st_toobigrxpkt); 2631 if (sc->sc_intrx_head != NULL) 2632 m_freem(sc->sc_intrx_head); 2633 UATH_RESET_INTRX(sc); 2634 return (NULL); 2635 } 2636 2637 uath_update_rxstat(sc, be32toh(desc->status)); 2638 2639 /* finalize mbuf */ 2640 if (sc->sc_intrx_head == NULL) { 2641 uint32_t framelen; 2642 2643 if (be32toh(desc->framelen) < UATH_RX_DUMMYSIZE) { 2644 device_printf(sc->sc_dev, 2645 "%s: framelen too small (%u)\n", 2646 __func__, be32toh(desc->framelen)); 2647 counter_u64_add(ic->ic_ierrors, 1); 2648 if (sc->sc_intrx_head != NULL) 2649 m_freem(sc->sc_intrx_head); 2650 UATH_RESET_INTRX(sc); 2651 return (NULL); 2652 } 2653 2654 framelen = be32toh(desc->framelen) - UATH_RX_DUMMYSIZE; 2655 if (framelen > actlen - sizeof(struct uath_chunk) || 2656 framelen < sizeof(struct ieee80211_frame_ack)) { 2657 device_printf(sc->sc_dev, 2658 "%s: wrong frame length (%u, actlen %d)!\n", 2659 __func__, framelen, actlen); 2660 counter_u64_add(ic->ic_ierrors, 1); 2661 if (sc->sc_intrx_head != NULL) 2662 m_freem(sc->sc_intrx_head); 2663 UATH_RESET_INTRX(sc); 2664 return (NULL); 2665 } 2666 2667 m->m_pkthdr.len = m->m_len = framelen; 2668 m->m_data += sizeof(struct uath_chunk); 2669 } else { 2670 mp = sc->sc_intrx_head; 2671 mp->m_flags |= M_PKTHDR; 2672 mp->m_pkthdr.len = sc->sc_intrx_len; 2673 m = mp; 2674 } 2675 2676 /* there are a lot more fields in the RX descriptor */ 2677 if ((sc->sc_flags & UATH_FLAG_INVALID) == 0 && 2678 ieee80211_radiotap_active(ic)) { 2679 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 2680 uint32_t tsf_hi = be32toh(desc->tstamp_high); 2681 uint32_t tsf_lo = be32toh(desc->tstamp_low); 2682 2683 /* XXX only get low order 24bits of tsf from h/w */ 2684 tap->wr_tsf = htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 2685 tap->wr_flags = 0; 2686 if (be32toh(desc->status) == UATH_STATUS_CRC_ERR) 2687 tap->wr_flags |= IEEE80211_RADIOTAP_F_BADFCS; 2688 /* XXX map other status to BADFCS? */ 2689 /* XXX ath h/w rate code, need to map */ 2690 tap->wr_rate = be32toh(desc->rate); 2691 tap->wr_antenna = be32toh(desc->antenna); 2692 tap->wr_antsignal = -95 + be32toh(desc->rssi); 2693 tap->wr_antnoise = -95; 2694 } 2695 2696 UATH_RESET_INTRX(sc); 2697 2698 return (m); 2699 } 2700 2701 static void 2702 uath_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2703 { 2704 struct uath_softc *sc = usbd_xfer_softc(xfer); 2705 struct ieee80211com *ic = &sc->sc_ic; 2706 struct ieee80211_frame *wh; 2707 struct ieee80211_node *ni; 2708 struct mbuf *m = NULL; 2709 struct uath_data *data; 2710 struct uath_rx_desc *desc = NULL; 2711 int8_t nf; 2712 2713 UATH_ASSERT_LOCKED(sc); 2714 2715 switch (USB_GET_STATE(xfer)) { 2716 case USB_ST_TRANSFERRED: 2717 data = STAILQ_FIRST(&sc->sc_rx_active); 2718 if (data == NULL) 2719 goto setup; 2720 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 2721 UATH_STAT_DEC(sc, st_rx_active); 2722 m = uath_data_rxeof(xfer, data, &desc); 2723 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 2724 UATH_STAT_INC(sc, st_rx_inactive); 2725 /* FALLTHROUGH */ 2726 case USB_ST_SETUP: 2727 setup: 2728 data = STAILQ_FIRST(&sc->sc_rx_inactive); 2729 if (data == NULL) 2730 return; 2731 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 2732 UATH_STAT_DEC(sc, st_rx_inactive); 2733 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 2734 UATH_STAT_INC(sc, st_rx_active); 2735 usbd_xfer_set_frame_data(xfer, 0, data->buf, MCLBYTES); 2736 usbd_transfer_submit(xfer); 2737 2738 /* 2739 * To avoid LOR we should unlock our private mutex here to call 2740 * ieee80211_input() because here is at the end of a USB 2741 * callback and safe to unlock. 2742 */ 2743 if (sc->sc_flags & UATH_FLAG_INVALID) { 2744 if (m != NULL) 2745 m_freem(m); 2746 return; 2747 } 2748 UATH_UNLOCK(sc); 2749 if (m != NULL && desc != NULL) { 2750 wh = mtod(m, struct ieee80211_frame *); 2751 ni = ieee80211_find_rxnode(ic, 2752 (struct ieee80211_frame_min *)wh); 2753 nf = -95; /* XXX */ 2754 if (ni != NULL) { 2755 (void) ieee80211_input(ni, m, 2756 (int)be32toh(desc->rssi), nf); 2757 /* node is no longer needed */ 2758 ieee80211_free_node(ni); 2759 } else 2760 (void) ieee80211_input_all(ic, m, 2761 (int)be32toh(desc->rssi), nf); 2762 m = NULL; 2763 desc = NULL; 2764 } 2765 UATH_LOCK(sc); 2766 uath_start(sc); 2767 break; 2768 default: 2769 /* needs it to the inactive queue due to a error. */ 2770 data = STAILQ_FIRST(&sc->sc_rx_active); 2771 if (data != NULL) { 2772 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 2773 UATH_STAT_DEC(sc, st_rx_active); 2774 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 2775 UATH_STAT_INC(sc, st_rx_inactive); 2776 } 2777 if (error != USB_ERR_CANCELLED) { 2778 usbd_xfer_set_stall(xfer); 2779 counter_u64_add(ic->ic_ierrors, 1); 2780 goto setup; 2781 } 2782 break; 2783 } 2784 } 2785 2786 static void 2787 uath_data_txeof(struct usb_xfer *xfer, struct uath_data *data) 2788 { 2789 struct uath_softc *sc = usbd_xfer_softc(xfer); 2790 2791 UATH_ASSERT_LOCKED(sc); 2792 2793 if (data->m) { 2794 /* XXX status? */ 2795 ieee80211_tx_complete(data->ni, data->m, 0); 2796 data->m = NULL; 2797 data->ni = NULL; 2798 } 2799 sc->sc_tx_timer = 0; 2800 } 2801 2802 static void 2803 uath_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) 2804 { 2805 struct uath_softc *sc = usbd_xfer_softc(xfer); 2806 struct uath_data *data; 2807 2808 UATH_ASSERT_LOCKED(sc); 2809 2810 switch (USB_GET_STATE(xfer)) { 2811 case USB_ST_TRANSFERRED: 2812 data = STAILQ_FIRST(&sc->sc_tx_active); 2813 if (data == NULL) 2814 goto setup; 2815 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 2816 UATH_STAT_DEC(sc, st_tx_active); 2817 uath_data_txeof(xfer, data); 2818 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 2819 UATH_STAT_INC(sc, st_tx_inactive); 2820 /* FALLTHROUGH */ 2821 case USB_ST_SETUP: 2822 setup: 2823 data = STAILQ_FIRST(&sc->sc_tx_pending); 2824 if (data == NULL) { 2825 DPRINTF(sc, UATH_DEBUG_XMIT, "%s: empty pending queue\n", 2826 __func__); 2827 return; 2828 } 2829 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); 2830 UATH_STAT_DEC(sc, st_tx_pending); 2831 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next); 2832 UATH_STAT_INC(sc, st_tx_active); 2833 2834 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 2835 usbd_transfer_submit(xfer); 2836 2837 uath_start(sc); 2838 break; 2839 default: 2840 data = STAILQ_FIRST(&sc->sc_tx_active); 2841 if (data == NULL) 2842 goto setup; 2843 if (data->ni != NULL) { 2844 if_inc_counter(data->ni->ni_vap->iv_ifp, 2845 IFCOUNTER_OERRORS, 1); 2846 if ((sc->sc_flags & UATH_FLAG_INVALID) == 0) 2847 ieee80211_free_node(data->ni); 2848 data->ni = NULL; 2849 } 2850 if (error != USB_ERR_CANCELLED) { 2851 usbd_xfer_set_stall(xfer); 2852 goto setup; 2853 } 2854 break; 2855 } 2856 } 2857 2858 static device_method_t uath_methods[] = { 2859 DEVMETHOD(device_probe, uath_match), 2860 DEVMETHOD(device_attach, uath_attach), 2861 DEVMETHOD(device_detach, uath_detach), 2862 DEVMETHOD_END 2863 }; 2864 static driver_t uath_driver = { 2865 .name = "uath", 2866 .methods = uath_methods, 2867 .size = sizeof(struct uath_softc) 2868 }; 2869 static devclass_t uath_devclass; 2870 2871 DRIVER_MODULE(uath, uhub, uath_driver, uath_devclass, NULL, 0); 2872 MODULE_DEPEND(uath, wlan, 1, 1, 1); 2873 MODULE_DEPEND(uath, usb, 1, 1, 1); 2874 MODULE_VERSION(uath, 1); 2875 USB_PNP_HOST_INFO(uath_devs); 2876