if_upgt.c revision 191983
1/* $OpenBSD: if_upgt.c,v 1.35 2008/04/16 18:32:15 damien Exp $ */ 2/* $FreeBSD: head/sys/dev/usb/wlan/if_upgt.c 191983 2009-05-11 02:39:49Z weongyo $ */ 3 4/* 5 * Copyright (c) 2007 Marcus Glocker <mglocker@openbsd.org> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/param.h> 21#include <sys/systm.h> 22#include <sys/kernel.h> 23#include <sys/endian.h> 24#include <sys/firmware.h> 25#include <sys/linker.h> 26#include <sys/mbuf.h> 27#include <sys/malloc.h> 28#include <sys/module.h> 29#include <sys/socket.h> 30#include <sys/sockio.h> 31#include <sys/sysctl.h> 32 33#include <net/if.h> 34#include <net/if_arp.h> 35#include <net/ethernet.h> 36#include <net/if_dl.h> 37#include <net/if_media.h> 38#include <net/if_types.h> 39 40#include <sys/bus.h> 41#include <machine/bus.h> 42 43#include <net80211/ieee80211_var.h> 44#include <net80211/ieee80211_phy.h> 45#include <net80211/ieee80211_radiotap.h> 46#include <net80211/ieee80211_regdomain.h> 47 48#include <net/bpf.h> 49 50#include <dev/usb/usb.h> 51#include <dev/usb/usb_core.h> 52#include <dev/usb/usb_busdma.h> 53#include <dev/usb/usb_debug.h> 54#include <dev/usb/usb_error.h> 55#include <dev/usb/usb_lookup.h> 56#include <dev/usb/usb_util.h> 57#include "usbdevs.h" 58 59#include <dev/usb/wlan/if_upgtvar.h> 60 61/* 62 * Driver for the USB PrismGT devices. 63 * 64 * For now just USB 2.0 devices with the GW3887 chipset are supported. 65 * The driver has been written based on the firmware version 2.13.1.0_LM87. 66 * 67 * TODO's: 68 * - MONITOR mode test. 69 * - Add HOSTAP mode. 70 * - Add IBSS mode. 71 * - Support the USB 1.0 devices (NET2280, ISL3880, ISL3886 chipsets). 72 * 73 * Parts of this driver has been influenced by reading the p54u driver 74 * written by Jean-Baptiste Note <jean-baptiste.note@m4x.org> and 75 * Sebastien Bourdeauducq <lekernel@prism54.org>. 76 */ 77 78SYSCTL_NODE(_hw, OID_AUTO, upgt, CTLFLAG_RD, 0, 79 "USB PrismGT GW3887 driver parameters"); 80 81#ifdef UPGT_DEBUG 82int upgt_debug = 0; 83SYSCTL_INT(_hw_upgt, OID_AUTO, debug, CTLFLAG_RW, &upgt_debug, 84 0, "control debugging printfs"); 85TUNABLE_INT("hw.upgt.debug", &upgt_debug); 86enum { 87 UPGT_DEBUG_XMIT = 0x00000001, /* basic xmit operation */ 88 UPGT_DEBUG_RECV = 0x00000002, /* basic recv operation */ 89 UPGT_DEBUG_RESET = 0x00000004, /* reset processing */ 90 UPGT_DEBUG_INTR = 0x00000008, /* INTR */ 91 UPGT_DEBUG_TX_PROC = 0x00000010, /* tx ISR proc */ 92 UPGT_DEBUG_RX_PROC = 0x00000020, /* rx ISR proc */ 93 UPGT_DEBUG_STATE = 0x00000040, /* 802.11 state transitions */ 94 UPGT_DEBUG_STAT = 0x00000080, /* statistic */ 95 UPGT_DEBUG_FW = 0x00000100, /* firmware */ 96 UPGT_DEBUG_ANY = 0xffffffff 97}; 98#define DPRINTF(sc, m, fmt, ...) do { \ 99 if (sc->sc_debug & (m)) \ 100 printf(fmt, __VA_ARGS__); \ 101} while (0) 102#else 103#define DPRINTF(sc, m, fmt, ...) do { \ 104 (void) sc; \ 105} while (0) 106#endif 107 108/* 109 * Prototypes. 110 */ 111static device_probe_t upgt_match; 112static device_attach_t upgt_attach; 113static device_detach_t upgt_detach; 114static int upgt_alloc_tx(struct upgt_softc *); 115static int upgt_alloc_rx(struct upgt_softc *); 116static int upgt_device_reset(struct upgt_softc *); 117static void upgt_bulk_tx(struct upgt_softc *, struct upgt_data *); 118static int upgt_fw_verify(struct upgt_softc *); 119static int upgt_mem_init(struct upgt_softc *); 120static int upgt_fw_load(struct upgt_softc *); 121static int upgt_fw_copy(const uint8_t *, char *, int); 122static uint32_t upgt_crc32_le(const void *, size_t); 123static struct mbuf * 124 upgt_rxeof(struct usb2_xfer *, struct upgt_data *, int *); 125static struct mbuf * 126 upgt_rx(struct upgt_softc *, uint8_t *, int, int *); 127static void upgt_txeof(struct usb2_xfer *, struct upgt_data *); 128static int upgt_eeprom_read(struct upgt_softc *); 129static int upgt_eeprom_parse(struct upgt_softc *); 130static void upgt_eeprom_parse_hwrx(struct upgt_softc *, uint8_t *); 131static void upgt_eeprom_parse_freq3(struct upgt_softc *, uint8_t *, int); 132static void upgt_eeprom_parse_freq4(struct upgt_softc *, uint8_t *, int); 133static void upgt_eeprom_parse_freq6(struct upgt_softc *, uint8_t *, int); 134static uint32_t upgt_chksum_le(const uint32_t *, size_t); 135static void upgt_tx_done(struct upgt_softc *, uint8_t *); 136static void upgt_init(void *); 137static void upgt_init_locked(struct upgt_softc *); 138static int upgt_ioctl(struct ifnet *, u_long, caddr_t); 139static void upgt_start(struct ifnet *); 140static int upgt_raw_xmit(struct ieee80211_node *, struct mbuf *, 141 const struct ieee80211_bpf_params *); 142static void upgt_scan_start(struct ieee80211com *); 143static void upgt_scan_end(struct ieee80211com *); 144static void upgt_set_channel(struct ieee80211com *); 145static struct ieee80211vap *upgt_vap_create(struct ieee80211com *, 146 const char name[IFNAMSIZ], int unit, int opmode, 147 int flags, const uint8_t bssid[IEEE80211_ADDR_LEN], 148 const uint8_t mac[IEEE80211_ADDR_LEN]); 149static void upgt_vap_delete(struct ieee80211vap *); 150static void upgt_update_mcast(struct ifnet *); 151static uint8_t upgt_rx_rate(struct upgt_softc *, const int); 152static void upgt_set_multi(void *); 153static void upgt_stop(struct upgt_softc *); 154static void upgt_setup_rates(struct ieee80211vap *, struct ieee80211com *); 155static int upgt_set_macfilter(struct upgt_softc *, uint8_t); 156static int upgt_newstate(struct ieee80211vap *, enum ieee80211_state, int); 157static void upgt_set_chan(struct upgt_softc *, struct ieee80211_channel *); 158static void upgt_set_led(struct upgt_softc *, int); 159static void upgt_set_led_blink(void *); 160static void upgt_get_stats(struct upgt_softc *); 161static void upgt_mem_free(struct upgt_softc *, uint32_t); 162static uint32_t upgt_mem_alloc(struct upgt_softc *); 163static void upgt_free_tx(struct upgt_softc *); 164static void upgt_free_rx(struct upgt_softc *); 165static void upgt_watchdog(void *); 166static void upgt_abort_xfers(struct upgt_softc *); 167static void upgt_abort_xfers_locked(struct upgt_softc *); 168static void upgt_sysctl_node(struct upgt_softc *); 169static struct upgt_data * 170 upgt_getbuf(struct upgt_softc *); 171static struct upgt_data * 172 upgt_gettxbuf(struct upgt_softc *); 173static int upgt_tx_start(struct upgt_softc *, struct mbuf *, 174 struct ieee80211_node *, struct upgt_data *); 175 176static const char *upgt_fwname = "upgt-gw3887"; 177 178static const struct usb2_device_id upgt_devs_2[] = { 179#define UPGT_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 180 /* version 2 devices */ 181 UPGT_DEV(ACCTON, PRISM_GT), 182 UPGT_DEV(BELKIN, F5D7050), 183 UPGT_DEV(CISCOLINKSYS, WUSB54AG), 184 UPGT_DEV(CONCEPTRONIC, PRISM_GT), 185 UPGT_DEV(DELL, PRISM_GT_1), 186 UPGT_DEV(DELL, PRISM_GT_2), 187 UPGT_DEV(FSC, E5400), 188 UPGT_DEV(GLOBESPAN, PRISM_GT_1), 189 UPGT_DEV(GLOBESPAN, PRISM_GT_2), 190 UPGT_DEV(INTERSIL, PRISM_GT), 191 UPGT_DEV(SMC, 2862WG), 192 UPGT_DEV(WISTRONNEWEB, UR045G), 193 UPGT_DEV(XYRATEX, PRISM_GT_1), 194 UPGT_DEV(XYRATEX, PRISM_GT_2), 195 UPGT_DEV(ZCOM, XG703A), 196 UPGT_DEV(ZCOM, XM142) 197}; 198 199static usb2_callback_t upgt_bulk_rx_callback; 200static usb2_callback_t upgt_bulk_tx_callback; 201 202static const struct usb2_config upgt_config[UPGT_N_XFERS] = { 203 [UPGT_BULK_TX] = { 204 .type = UE_BULK, 205 .endpoint = UE_ADDR_ANY, 206 .direction = UE_DIR_OUT, 207 .bufsize = MCLBYTES, 208 .flags = { 209 .ext_buffer = 1, 210 .force_short_xfer = 1, 211 .pipe_bof = 1 212 }, 213 .callback = upgt_bulk_tx_callback, 214 .timeout = UPGT_USB_TIMEOUT, /* ms */ 215 }, 216 [UPGT_BULK_RX] = { 217 .type = UE_BULK, 218 .endpoint = UE_ADDR_ANY, 219 .direction = UE_DIR_IN, 220 .bufsize = MCLBYTES, 221 .flags = { 222 .ext_buffer = 1, 223 .pipe_bof = 1, 224 .short_xfer_ok = 1 225 }, 226 .callback = upgt_bulk_rx_callback, 227 }, 228}; 229 230static int 231upgt_match(device_t dev) 232{ 233 struct usb2_attach_arg *uaa = device_get_ivars(dev); 234 235 if (uaa->usb2_mode != USB_MODE_HOST) 236 return (ENXIO); 237 if (uaa->info.bConfigIndex != UPGT_CONFIG_INDEX) 238 return (ENXIO); 239 if (uaa->info.bIfaceIndex != UPGT_IFACE_INDEX) 240 return (ENXIO); 241 242 return (usb2_lookup_id_by_uaa(upgt_devs_2, sizeof(upgt_devs_2), uaa)); 243} 244 245static int 246upgt_attach(device_t dev) 247{ 248 int error; 249 struct ieee80211com *ic; 250 struct ifnet *ifp; 251 struct upgt_softc *sc = device_get_softc(dev); 252 struct usb2_attach_arg *uaa = device_get_ivars(dev); 253 uint8_t bands, iface_index = UPGT_IFACE_INDEX; 254 255 sc->sc_dev = dev; 256 sc->sc_udev = uaa->device; 257#ifdef UPGT_DEBUG 258 sc->sc_debug = upgt_debug; 259#endif 260 261 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), MTX_NETWORK_LOCK, 262 MTX_DEF); 263 callout_init(&sc->sc_led_ch, 0); 264 callout_init(&sc->sc_watchdog_ch, 0); 265 266 /* Allocate TX and RX xfers. */ 267 error = upgt_alloc_tx(sc); 268 if (error) 269 goto fail1; 270 error = upgt_alloc_rx(sc); 271 if (error) 272 goto fail2; 273 274 error = usb2_transfer_setup(uaa->device, &iface_index, sc->sc_xfer, 275 upgt_config, UPGT_N_XFERS, sc, &sc->sc_mtx); 276 if (error) { 277 device_printf(dev, "could not allocate USB transfers, " 278 "err=%s\n", usb2_errstr(error)); 279 goto fail3; 280 } 281 282 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 283 if (ifp == NULL) { 284 device_printf(dev, "can not if_alloc()\n"); 285 goto fail4; 286 } 287 288 /* Initialize the device. */ 289 error = upgt_device_reset(sc); 290 if (error) 291 goto fail5; 292 /* Verify the firmware. */ 293 error = upgt_fw_verify(sc); 294 if (error) 295 goto fail5; 296 /* Calculate device memory space. */ 297 if (sc->sc_memaddr_frame_start == 0 || sc->sc_memaddr_frame_end == 0) { 298 device_printf(dev, 299 "could not find memory space addresses on FW!\n"); 300 error = EIO; 301 goto fail5; 302 } 303 sc->sc_memaddr_frame_end -= UPGT_MEMSIZE_RX + 1; 304 sc->sc_memaddr_rx_start = sc->sc_memaddr_frame_end + 1; 305 306 DPRINTF(sc, UPGT_DEBUG_FW, "memory address frame start=0x%08x\n", 307 sc->sc_memaddr_frame_start); 308 DPRINTF(sc, UPGT_DEBUG_FW, "memory address frame end=0x%08x\n", 309 sc->sc_memaddr_frame_end); 310 DPRINTF(sc, UPGT_DEBUG_FW, "memory address rx start=0x%08x\n", 311 sc->sc_memaddr_rx_start); 312 313 upgt_mem_init(sc); 314 315 /* Load the firmware. */ 316 error = upgt_fw_load(sc); 317 if (error) 318 goto fail5; 319 320 /* Read the whole EEPROM content and parse it. */ 321 error = upgt_eeprom_read(sc); 322 if (error) 323 goto fail5; 324 error = upgt_eeprom_parse(sc); 325 if (error) 326 goto fail5; 327 328 /* all works related with the device have done here. */ 329 upgt_abort_xfers(sc); 330 331 /* Setup the 802.11 device. */ 332 ifp->if_softc = sc; 333 if_initname(ifp, "upgt", device_get_unit(sc->sc_dev)); 334 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 335 ifp->if_init = upgt_init; 336 ifp->if_ioctl = upgt_ioctl; 337 ifp->if_start = upgt_start; 338 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 339 IFQ_SET_READY(&ifp->if_snd); 340 341 ic = ifp->if_l2com; 342 ic->ic_ifp = ifp; 343 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 344 ic->ic_opmode = IEEE80211_M_STA; 345 /* set device capabilities */ 346 ic->ic_caps = 347 IEEE80211_C_STA /* station mode */ 348 | IEEE80211_C_MONITOR /* monitor mode */ 349 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 350 | IEEE80211_C_SHSLOT /* short slot time supported */ 351 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 352 | IEEE80211_C_WPA /* 802.11i */ 353 ; 354 355 bands = 0; 356 setbit(&bands, IEEE80211_MODE_11B); 357 setbit(&bands, IEEE80211_MODE_11G); 358 ieee80211_init_channels(ic, NULL, &bands); 359 360 ieee80211_ifattach(ic, sc->sc_myaddr); 361 ic->ic_raw_xmit = upgt_raw_xmit; 362 ic->ic_scan_start = upgt_scan_start; 363 ic->ic_scan_end = upgt_scan_end; 364 ic->ic_set_channel = upgt_set_channel; 365 366 ic->ic_vap_create = upgt_vap_create; 367 ic->ic_vap_delete = upgt_vap_delete; 368 ic->ic_update_mcast = upgt_update_mcast; 369 370 bpfattach(ifp, DLT_IEEE802_11_RADIO, 371 sizeof(struct ieee80211_frame) + sizeof(sc->sc_txtap)); 372 sc->sc_rxtap_len = sizeof(sc->sc_rxtap); 373 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 374 sc->sc_rxtap.wr_ihdr.it_present = htole32(UPGT_RX_RADIOTAP_PRESENT); 375 sc->sc_txtap_len = sizeof(sc->sc_txtap); 376 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 377 sc->sc_txtap.wt_ihdr.it_present = htole32(UPGT_TX_RADIOTAP_PRESENT); 378 379 upgt_sysctl_node(sc); 380 381 if (bootverbose) 382 ieee80211_announce(ic); 383 384 return (0); 385 386fail5: if_free(ifp); 387fail4: usb2_transfer_unsetup(sc->sc_xfer, UPGT_N_XFERS); 388fail3: upgt_free_rx(sc); 389fail2: upgt_free_tx(sc); 390fail1: mtx_destroy(&sc->sc_mtx); 391 392 return (error); 393} 394 395static void 396upgt_txeof(struct usb2_xfer *xfer, struct upgt_data *data) 397{ 398 struct upgt_softc *sc = xfer->priv_sc; 399 struct ifnet *ifp = sc->sc_ifp; 400 struct mbuf *m; 401 402 UPGT_ASSERT_LOCKED(sc); 403 404 /* 405 * Do any tx complete callback. Note this must be done before releasing 406 * the node reference. 407 */ 408 if (data->m) { 409 m = data->m; 410 if (m->m_flags & M_TXCB) { 411 /* XXX status? */ 412 ieee80211_process_callback(data->ni, m, 0); 413 } 414 m_freem(m); 415 data->m = NULL; 416 } 417 if (data->ni) { 418 ieee80211_free_node(data->ni); 419 data->ni = NULL; 420 } 421 ifp->if_opackets++; 422} 423 424static void 425upgt_get_stats(struct upgt_softc *sc) 426{ 427 struct upgt_data *data_cmd; 428 struct upgt_lmac_mem *mem; 429 struct upgt_lmac_stats *stats; 430 431 data_cmd = upgt_getbuf(sc); 432 if (data_cmd == NULL) { 433 device_printf(sc->sc_dev, "%s: out of buffer.\n", __func__); 434 return; 435 } 436 437 /* 438 * Transmit the URB containing the CMD data. 439 */ 440 bzero(data_cmd->buf, MCLBYTES); 441 442 mem = (struct upgt_lmac_mem *)data_cmd->buf; 443 mem->addr = htole32(sc->sc_memaddr_frame_start + 444 UPGT_MEMSIZE_FRAME_HEAD); 445 446 stats = (struct upgt_lmac_stats *)(mem + 1); 447 448 stats->header1.flags = 0; 449 stats->header1.type = UPGT_H1_TYPE_CTRL; 450 stats->header1.len = htole16( 451 sizeof(struct upgt_lmac_stats) - sizeof(struct upgt_lmac_header)); 452 453 stats->header2.reqid = htole32(sc->sc_memaddr_frame_start); 454 stats->header2.type = htole16(UPGT_H2_TYPE_STATS); 455 stats->header2.flags = 0; 456 457 data_cmd->buflen = sizeof(*mem) + sizeof(*stats); 458 459 mem->chksum = upgt_chksum_le((uint32_t *)stats, 460 data_cmd->buflen - sizeof(*mem)); 461 462 upgt_bulk_tx(sc, data_cmd); 463} 464 465static int 466upgt_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 467{ 468 struct upgt_softc *sc = ifp->if_softc; 469 struct ieee80211com *ic = ifp->if_l2com; 470 struct ifreq *ifr = (struct ifreq *) data; 471 int error = 0, startall = 0; 472 473 switch (cmd) { 474 case SIOCSIFFLAGS: 475 mtx_lock(&Giant); 476 if (ifp->if_flags & IFF_UP) { 477 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 478 if ((ifp->if_flags ^ sc->sc_if_flags) & 479 (IFF_ALLMULTI | IFF_PROMISC)) 480 upgt_set_multi(sc); 481 } else { 482 upgt_init(sc); 483 startall = 1; 484 } 485 } else { 486 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 487 upgt_stop(sc); 488 } 489 sc->sc_if_flags = ifp->if_flags; 490 if (startall) 491 ieee80211_start_all(ic); 492 mtx_unlock(&Giant); 493 break; 494 case SIOCGIFMEDIA: 495 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 496 break; 497 case SIOCGIFADDR: 498 error = ether_ioctl(ifp, cmd, data); 499 break; 500 default: 501 error = EINVAL; 502 break; 503 } 504 return error; 505} 506 507static void 508upgt_stop_locked(struct upgt_softc *sc) 509{ 510 struct ifnet *ifp = sc->sc_ifp; 511 512 UPGT_ASSERT_LOCKED(sc); 513 514 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 515 upgt_set_macfilter(sc, IEEE80211_S_INIT); 516 upgt_abort_xfers_locked(sc); 517} 518 519static void 520upgt_stop(struct upgt_softc *sc) 521{ 522 struct ifnet *ifp = sc->sc_ifp; 523 524 UPGT_LOCK(sc); 525 upgt_stop_locked(sc); 526 UPGT_UNLOCK(sc); 527 528 /* device down */ 529 sc->sc_tx_timer = 0; 530 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 531 sc->sc_flags &= ~UPGT_FLAG_INITDONE; 532} 533 534static void 535upgt_set_led(struct upgt_softc *sc, int action) 536{ 537 struct upgt_data *data_cmd; 538 struct upgt_lmac_mem *mem; 539 struct upgt_lmac_led *led; 540 541 data_cmd = upgt_getbuf(sc); 542 if (data_cmd == NULL) { 543 device_printf(sc->sc_dev, "%s: out of buffers.\n", __func__); 544 return; 545 } 546 547 /* 548 * Transmit the URB containing the CMD data. 549 */ 550 bzero(data_cmd->buf, MCLBYTES); 551 552 mem = (struct upgt_lmac_mem *)data_cmd->buf; 553 mem->addr = htole32(sc->sc_memaddr_frame_start + 554 UPGT_MEMSIZE_FRAME_HEAD); 555 556 led = (struct upgt_lmac_led *)(mem + 1); 557 558 led->header1.flags = UPGT_H1_FLAGS_TX_NO_CALLBACK; 559 led->header1.type = UPGT_H1_TYPE_CTRL; 560 led->header1.len = htole16( 561 sizeof(struct upgt_lmac_led) - 562 sizeof(struct upgt_lmac_header)); 563 564 led->header2.reqid = htole32(sc->sc_memaddr_frame_start); 565 led->header2.type = htole16(UPGT_H2_TYPE_LED); 566 led->header2.flags = 0; 567 568 switch (action) { 569 case UPGT_LED_OFF: 570 led->mode = htole16(UPGT_LED_MODE_SET); 571 led->action_fix = 0; 572 led->action_tmp = htole16(UPGT_LED_ACTION_OFF); 573 led->action_tmp_dur = 0; 574 break; 575 case UPGT_LED_ON: 576 led->mode = htole16(UPGT_LED_MODE_SET); 577 led->action_fix = 0; 578 led->action_tmp = htole16(UPGT_LED_ACTION_ON); 579 led->action_tmp_dur = 0; 580 break; 581 case UPGT_LED_BLINK: 582 if (sc->sc_state != IEEE80211_S_RUN) { 583 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data_cmd, next); 584 return; 585 } 586 if (sc->sc_led_blink) { 587 /* previous blink was not finished */ 588 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data_cmd, next); 589 return; 590 } 591 led->mode = htole16(UPGT_LED_MODE_SET); 592 led->action_fix = htole16(UPGT_LED_ACTION_OFF); 593 led->action_tmp = htole16(UPGT_LED_ACTION_ON); 594 led->action_tmp_dur = htole16(UPGT_LED_ACTION_TMP_DUR); 595 /* lock blink */ 596 sc->sc_led_blink = 1; 597 callout_reset(&sc->sc_led_ch, hz, upgt_set_led_blink, sc); 598 break; 599 default: 600 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data_cmd, next); 601 return; 602 } 603 604 data_cmd->buflen = sizeof(*mem) + sizeof(*led); 605 606 mem->chksum = upgt_chksum_le((uint32_t *)led, 607 data_cmd->buflen - sizeof(*mem)); 608 609 upgt_bulk_tx(sc, data_cmd); 610} 611 612static void 613upgt_set_led_blink(void *arg) 614{ 615 struct upgt_softc *sc = arg; 616 617 /* blink finished, we are ready for a next one */ 618 sc->sc_led_blink = 0; 619} 620 621static void 622upgt_init(void *priv) 623{ 624 struct upgt_softc *sc = priv; 625 struct ifnet *ifp = sc->sc_ifp; 626 struct ieee80211com *ic = ifp->if_l2com; 627 628 UPGT_LOCK(sc); 629 upgt_init_locked(sc); 630 UPGT_UNLOCK(sc); 631 632 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 633 ieee80211_start_all(ic); /* start all vap's */ 634} 635 636static void 637upgt_init_locked(struct upgt_softc *sc) 638{ 639 struct ifnet *ifp = sc->sc_ifp; 640 641 UPGT_ASSERT_LOCKED(sc); 642 643 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 644 upgt_stop_locked(sc); 645 646 usb2_transfer_start(sc->sc_xfer[UPGT_BULK_RX]); 647 648 (void)upgt_set_macfilter(sc, IEEE80211_S_SCAN); 649 650 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 651 ifp->if_drv_flags |= IFF_DRV_RUNNING; 652 sc->sc_flags |= UPGT_FLAG_INITDONE; 653 654 callout_reset(&sc->sc_watchdog_ch, hz, upgt_watchdog, sc); 655} 656 657static int 658upgt_set_macfilter(struct upgt_softc *sc, uint8_t state) 659{ 660 struct ifnet *ifp = sc->sc_ifp; 661 struct ieee80211com *ic = ifp->if_l2com; 662 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 663 struct ieee80211_node *ni = vap->iv_bss; 664 struct upgt_data *data_cmd; 665 struct upgt_lmac_mem *mem; 666 struct upgt_lmac_filter *filter; 667 uint8_t broadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 668 669 UPGT_ASSERT_LOCKED(sc); 670 671 data_cmd = upgt_getbuf(sc); 672 if (data_cmd == NULL) { 673 device_printf(sc->sc_dev, "out of TX buffers.\n"); 674 return (ENOBUFS); 675 } 676 677 /* 678 * Transmit the URB containing the CMD data. 679 */ 680 bzero(data_cmd->buf, MCLBYTES); 681 682 mem = (struct upgt_lmac_mem *)data_cmd->buf; 683 mem->addr = htole32(sc->sc_memaddr_frame_start + 684 UPGT_MEMSIZE_FRAME_HEAD); 685 686 filter = (struct upgt_lmac_filter *)(mem + 1); 687 688 filter->header1.flags = UPGT_H1_FLAGS_TX_NO_CALLBACK; 689 filter->header1.type = UPGT_H1_TYPE_CTRL; 690 filter->header1.len = htole16( 691 sizeof(struct upgt_lmac_filter) - 692 sizeof(struct upgt_lmac_header)); 693 694 filter->header2.reqid = htole32(sc->sc_memaddr_frame_start); 695 filter->header2.type = htole16(UPGT_H2_TYPE_MACFILTER); 696 filter->header2.flags = 0; 697 698 switch (state) { 699 case IEEE80211_S_INIT: 700 DPRINTF(sc, UPGT_DEBUG_STATE, "%s: set MAC filter to INIT\n", 701 __func__); 702 filter->type = htole16(UPGT_FILTER_TYPE_RESET); 703 break; 704 case IEEE80211_S_SCAN: 705 DPRINTF(sc, UPGT_DEBUG_STATE, 706 "set MAC filter to SCAN (bssid %s)\n", 707 ether_sprintf(broadcast)); 708 filter->type = htole16(UPGT_FILTER_TYPE_NONE); 709 IEEE80211_ADDR_COPY(filter->dst, sc->sc_myaddr); 710 IEEE80211_ADDR_COPY(filter->src, broadcast); 711 filter->unknown1 = htole16(UPGT_FILTER_UNKNOWN1); 712 filter->rxaddr = htole32(sc->sc_memaddr_rx_start); 713 filter->unknown2 = htole16(UPGT_FILTER_UNKNOWN2); 714 filter->rxhw = htole32(sc->sc_eeprom_hwrx); 715 filter->unknown3 = htole16(UPGT_FILTER_UNKNOWN3); 716 break; 717 case IEEE80211_S_RUN: 718 /* XXX monitor mode isn't tested yet. */ 719 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 720 filter->type = htole16(UPGT_FILTER_TYPE_MONITOR); 721 IEEE80211_ADDR_COPY(filter->dst, sc->sc_myaddr); 722 IEEE80211_ADDR_COPY(filter->src, ni->ni_bssid); 723 filter->unknown1 = htole16(UPGT_FILTER_MONITOR_UNKNOWN1); 724 filter->rxaddr = htole32(sc->sc_memaddr_rx_start); 725 filter->unknown2 = htole16(UPGT_FILTER_MONITOR_UNKNOWN2); 726 filter->rxhw = htole32(sc->sc_eeprom_hwrx); 727 filter->unknown3 = htole16(UPGT_FILTER_MONITOR_UNKNOWN3); 728 } else { 729 DPRINTF(sc, UPGT_DEBUG_STATE, 730 "set MAC filter to RUN (bssid %s)\n", 731 ether_sprintf(ni->ni_bssid)); 732 filter->type = htole16(UPGT_FILTER_TYPE_STA); 733 IEEE80211_ADDR_COPY(filter->dst, sc->sc_myaddr); 734 IEEE80211_ADDR_COPY(filter->src, ni->ni_bssid); 735 filter->unknown1 = htole16(UPGT_FILTER_UNKNOWN1); 736 filter->rxaddr = htole32(sc->sc_memaddr_rx_start); 737 filter->unknown2 = htole16(UPGT_FILTER_UNKNOWN2); 738 filter->rxhw = htole32(sc->sc_eeprom_hwrx); 739 filter->unknown3 = htole16(UPGT_FILTER_UNKNOWN3); 740 } 741 break; 742 default: 743 device_printf(sc->sc_dev, 744 "MAC filter does not know that state!\n"); 745 break; 746 } 747 748 data_cmd->buflen = sizeof(*mem) + sizeof(*filter); 749 750 mem->chksum = upgt_chksum_le((uint32_t *)filter, 751 data_cmd->buflen - sizeof(*mem)); 752 753 upgt_bulk_tx(sc, data_cmd); 754 755 return (0); 756} 757 758static void 759upgt_setup_rates(struct ieee80211vap *vap, struct ieee80211com *ic) 760{ 761 struct ifnet *ifp = ic->ic_ifp; 762 struct upgt_softc *sc = ifp->if_softc; 763 const struct ieee80211_txparam *tp; 764 765 /* 766 * 0x01 = OFMD6 0x10 = DS1 767 * 0x04 = OFDM9 0x11 = DS2 768 * 0x06 = OFDM12 0x12 = DS5 769 * 0x07 = OFDM18 0x13 = DS11 770 * 0x08 = OFDM24 771 * 0x09 = OFDM36 772 * 0x0a = OFDM48 773 * 0x0b = OFDM54 774 */ 775 const uint8_t rateset_auto_11b[] = 776 { 0x13, 0x13, 0x12, 0x11, 0x11, 0x10, 0x10, 0x10 }; 777 const uint8_t rateset_auto_11g[] = 778 { 0x0b, 0x0a, 0x09, 0x08, 0x07, 0x06, 0x04, 0x01 }; 779 const uint8_t rateset_fix_11bg[] = 780 { 0x10, 0x11, 0x12, 0x13, 0x01, 0x04, 0x06, 0x07, 781 0x08, 0x09, 0x0a, 0x0b }; 782 783 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 784 785 /* XXX */ 786 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) { 787 /* 788 * Automatic rate control is done by the device. 789 * We just pass the rateset from which the device 790 * will pickup a rate. 791 */ 792 if (ic->ic_curmode == IEEE80211_MODE_11B) 793 bcopy(rateset_auto_11b, sc->sc_cur_rateset, 794 sizeof(sc->sc_cur_rateset)); 795 if (ic->ic_curmode == IEEE80211_MODE_11G || 796 ic->ic_curmode == IEEE80211_MODE_AUTO) 797 bcopy(rateset_auto_11g, sc->sc_cur_rateset, 798 sizeof(sc->sc_cur_rateset)); 799 } else { 800 /* set a fixed rate */ 801 memset(sc->sc_cur_rateset, rateset_fix_11bg[tp->ucastrate], 802 sizeof(sc->sc_cur_rateset)); 803 } 804} 805 806static void 807upgt_set_multi(void *arg) 808{ 809 struct upgt_softc *sc = arg; 810 struct ifnet *ifp = sc->sc_ifp; 811 812 if (!(ifp->if_flags & IFF_UP)) 813 return; 814 815 /* 816 * XXX don't know how to set a device. Lack of docs. Just try to set 817 * IFF_ALLMULTI flag here. 818 */ 819 IF_ADDR_LOCK(ifp); 820 ifp->if_flags |= IFF_ALLMULTI; 821 IF_ADDR_UNLOCK(ifp); 822} 823 824static void 825upgt_start(struct ifnet *ifp) 826{ 827 struct upgt_softc *sc = ifp->if_softc; 828 struct upgt_data *data_tx; 829 struct ieee80211_node *ni; 830 struct mbuf *m; 831 832 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 833 return; 834 835 UPGT_LOCK(sc); 836 for (;;) { 837 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 838 if (m == NULL) 839 break; 840 841 data_tx = upgt_gettxbuf(sc); 842 if (data_tx == NULL) { 843 IFQ_DRV_PREPEND(&ifp->if_snd, m); 844 break; 845 } 846 847 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 848 m->m_pkthdr.rcvif = NULL; 849 850 if (upgt_tx_start(sc, m, ni, data_tx) != 0) { 851 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, data_tx, next); 852 UPGT_STAT_INC(sc, st_tx_inactive); 853 ieee80211_free_node(ni); 854 ifp->if_oerrors++; 855 continue; 856 } 857 sc->sc_tx_timer = 5; 858 } 859 UPGT_UNLOCK(sc); 860} 861 862static int 863upgt_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 864 const struct ieee80211_bpf_params *params) 865{ 866 struct ieee80211com *ic = ni->ni_ic; 867 struct ifnet *ifp = ic->ic_ifp; 868 struct upgt_softc *sc = ifp->if_softc; 869 struct upgt_data *data_tx = NULL; 870 871 /* prevent management frames from being sent if we're not ready */ 872 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 873 m_freem(m); 874 ieee80211_free_node(ni); 875 return ENETDOWN; 876 } 877 878 UPGT_LOCK(sc); 879 data_tx = upgt_gettxbuf(sc); 880 if (data_tx == NULL) { 881 ieee80211_free_node(ni); 882 m_freem(m); 883 UPGT_UNLOCK(sc); 884 return (ENOBUFS); 885 } 886 887 if (upgt_tx_start(sc, m, ni, data_tx) != 0) { 888 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, data_tx, next); 889 UPGT_STAT_INC(sc, st_tx_inactive); 890 ieee80211_free_node(ni); 891 ifp->if_oerrors++; 892 UPGT_UNLOCK(sc); 893 return (EIO); 894 } 895 UPGT_UNLOCK(sc); 896 897 sc->sc_tx_timer = 5; 898 return (0); 899} 900 901static void 902upgt_watchdog(void *arg) 903{ 904 struct upgt_softc *sc = arg; 905 struct ifnet *ifp = sc->sc_ifp; 906 907 if (sc->sc_tx_timer > 0) { 908 if (--sc->sc_tx_timer == 0) { 909 device_printf(sc->sc_dev, "watchdog timeout\n"); 910 /* upgt_init(ifp); XXX needs a process context ? */ 911 ifp->if_oerrors++; 912 return; 913 } 914 callout_reset(&sc->sc_watchdog_ch, hz, upgt_watchdog, sc); 915 } 916} 917 918static uint32_t 919upgt_mem_alloc(struct upgt_softc *sc) 920{ 921 int i; 922 923 for (i = 0; i < sc->sc_memory.pages; i++) { 924 if (sc->sc_memory.page[i].used == 0) { 925 sc->sc_memory.page[i].used = 1; 926 return (sc->sc_memory.page[i].addr); 927 } 928 } 929 930 return (0); 931} 932 933static void 934upgt_scan_start(struct ieee80211com *ic) 935{ 936 /* do nothing. */ 937} 938 939static void 940upgt_scan_end(struct ieee80211com *ic) 941{ 942 /* do nothing. */ 943} 944 945static void 946upgt_set_channel(struct ieee80211com *ic) 947{ 948 struct upgt_softc *sc = ic->ic_ifp->if_softc; 949 950 UPGT_LOCK(sc); 951 upgt_set_chan(sc, ic->ic_curchan); 952 UPGT_UNLOCK(sc); 953} 954 955static void 956upgt_set_chan(struct upgt_softc *sc, struct ieee80211_channel *c) 957{ 958 struct ifnet *ifp = sc->sc_ifp; 959 struct ieee80211com *ic = ifp->if_l2com; 960 struct upgt_data *data_cmd; 961 struct upgt_lmac_mem *mem; 962 struct upgt_lmac_channel *chan; 963 int channel; 964 965 UPGT_ASSERT_LOCKED(sc); 966 967 channel = ieee80211_chan2ieee(ic, c); 968 if (channel == 0 || channel == IEEE80211_CHAN_ANY) { 969 /* XXX should NEVER happen */ 970 device_printf(sc->sc_dev, 971 "%s: invalid channel %x\n", __func__, channel); 972 return; 973 } 974 975 DPRINTF(sc, UPGT_DEBUG_STATE, "%s: channel %d\n", __func__, channel); 976 977 data_cmd = upgt_getbuf(sc); 978 if (data_cmd == NULL) { 979 device_printf(sc->sc_dev, "%s: out of buffers.\n", __func__); 980 return; 981 } 982 /* 983 * Transmit the URB containing the CMD data. 984 */ 985 bzero(data_cmd->buf, MCLBYTES); 986 987 mem = (struct upgt_lmac_mem *)data_cmd->buf; 988 mem->addr = htole32(sc->sc_memaddr_frame_start + 989 UPGT_MEMSIZE_FRAME_HEAD); 990 991 chan = (struct upgt_lmac_channel *)(mem + 1); 992 993 chan->header1.flags = UPGT_H1_FLAGS_TX_NO_CALLBACK; 994 chan->header1.type = UPGT_H1_TYPE_CTRL; 995 chan->header1.len = htole16( 996 sizeof(struct upgt_lmac_channel) - sizeof(struct upgt_lmac_header)); 997 998 chan->header2.reqid = htole32(sc->sc_memaddr_frame_start); 999 chan->header2.type = htole16(UPGT_H2_TYPE_CHANNEL); 1000 chan->header2.flags = 0; 1001 1002 chan->unknown1 = htole16(UPGT_CHANNEL_UNKNOWN1); 1003 chan->unknown2 = htole16(UPGT_CHANNEL_UNKNOWN2); 1004 chan->freq6 = sc->sc_eeprom_freq6[channel]; 1005 chan->settings = sc->sc_eeprom_freq6_settings; 1006 chan->unknown3 = UPGT_CHANNEL_UNKNOWN3; 1007 1008 bcopy(&sc->sc_eeprom_freq3[channel].data, chan->freq3_1, 1009 sizeof(chan->freq3_1)); 1010 bcopy(&sc->sc_eeprom_freq4[channel], chan->freq4, 1011 sizeof(sc->sc_eeprom_freq4[channel])); 1012 bcopy(&sc->sc_eeprom_freq3[channel].data, chan->freq3_2, 1013 sizeof(chan->freq3_2)); 1014 1015 data_cmd->buflen = sizeof(*mem) + sizeof(*chan); 1016 1017 mem->chksum = upgt_chksum_le((uint32_t *)chan, 1018 data_cmd->buflen - sizeof(*mem)); 1019 1020 upgt_bulk_tx(sc, data_cmd); 1021} 1022 1023static struct ieee80211vap * 1024upgt_vap_create(struct ieee80211com *ic, 1025 const char name[IFNAMSIZ], int unit, int opmode, int flags, 1026 const uint8_t bssid[IEEE80211_ADDR_LEN], 1027 const uint8_t mac[IEEE80211_ADDR_LEN]) 1028{ 1029 struct upgt_vap *uvp; 1030 struct ieee80211vap *vap; 1031 1032 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 1033 return NULL; 1034 uvp = (struct upgt_vap *) malloc(sizeof(struct upgt_vap), 1035 M_80211_VAP, M_NOWAIT | M_ZERO); 1036 if (uvp == NULL) 1037 return NULL; 1038 vap = &uvp->vap; 1039 /* enable s/w bmiss handling for sta mode */ 1040 ieee80211_vap_setup(ic, vap, name, unit, opmode, 1041 flags | IEEE80211_CLONE_NOBEACONS, bssid, mac); 1042 1043 /* override state transition machine */ 1044 uvp->newstate = vap->iv_newstate; 1045 vap->iv_newstate = upgt_newstate; 1046 1047 /* setup device rates */ 1048 upgt_setup_rates(vap, ic); 1049 1050 /* complete setup */ 1051 ieee80211_vap_attach(vap, ieee80211_media_change, 1052 ieee80211_media_status); 1053 ic->ic_opmode = opmode; 1054 return vap; 1055} 1056 1057static int 1058upgt_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 1059{ 1060 struct upgt_vap *uvp = UPGT_VAP(vap); 1061 struct ieee80211com *ic = vap->iv_ic; 1062 struct upgt_softc *sc = ic->ic_ifp->if_softc; 1063 1064 /* do it in a process context */ 1065 sc->sc_state = nstate; 1066 1067 IEEE80211_UNLOCK(ic); 1068 UPGT_LOCK(sc); 1069 callout_stop(&sc->sc_led_ch); 1070 callout_stop(&sc->sc_watchdog_ch); 1071 1072 switch (nstate) { 1073 case IEEE80211_S_INIT: 1074 /* do not accept any frames if the device is down */ 1075 (void)upgt_set_macfilter(sc, sc->sc_state); 1076 upgt_set_led(sc, UPGT_LED_OFF); 1077 break; 1078 case IEEE80211_S_SCAN: 1079 upgt_set_chan(sc, ic->ic_curchan); 1080 break; 1081 case IEEE80211_S_AUTH: 1082 upgt_set_chan(sc, ic->ic_curchan); 1083 break; 1084 case IEEE80211_S_ASSOC: 1085 break; 1086 case IEEE80211_S_RUN: 1087 upgt_set_macfilter(sc, sc->sc_state); 1088 upgt_set_led(sc, UPGT_LED_ON); 1089 break; 1090 default: 1091 break; 1092 } 1093 UPGT_UNLOCK(sc); 1094 IEEE80211_LOCK(ic); 1095 return (uvp->newstate(vap, nstate, arg)); 1096} 1097 1098static void 1099upgt_vap_delete(struct ieee80211vap *vap) 1100{ 1101 struct upgt_vap *uvp = UPGT_VAP(vap); 1102 1103 ieee80211_vap_detach(vap); 1104 free(uvp, M_80211_VAP); 1105} 1106 1107static void 1108upgt_update_mcast(struct ifnet *ifp) 1109{ 1110 struct upgt_softc *sc = ifp->if_softc; 1111 1112 upgt_set_multi(sc); 1113} 1114 1115static int 1116upgt_eeprom_parse(struct upgt_softc *sc) 1117{ 1118 struct upgt_eeprom_header *eeprom_header; 1119 struct upgt_eeprom_option *eeprom_option; 1120 uint16_t option_len; 1121 uint16_t option_type; 1122 uint16_t preamble_len; 1123 int option_end = 0; 1124 1125 /* calculate eeprom options start offset */ 1126 eeprom_header = (struct upgt_eeprom_header *)sc->sc_eeprom; 1127 preamble_len = le16toh(eeprom_header->preamble_len); 1128 eeprom_option = (struct upgt_eeprom_option *)(sc->sc_eeprom + 1129 (sizeof(struct upgt_eeprom_header) + preamble_len)); 1130 1131 while (!option_end) { 1132 /* the eeprom option length is stored in words */ 1133 option_len = 1134 (le16toh(eeprom_option->len) - 1) * sizeof(uint16_t); 1135 option_type = 1136 le16toh(eeprom_option->type); 1137 1138 switch (option_type) { 1139 case UPGT_EEPROM_TYPE_NAME: 1140 DPRINTF(sc, UPGT_DEBUG_FW, 1141 "EEPROM name len=%d\n", option_len); 1142 break; 1143 case UPGT_EEPROM_TYPE_SERIAL: 1144 DPRINTF(sc, UPGT_DEBUG_FW, 1145 "EEPROM serial len=%d\n", option_len); 1146 break; 1147 case UPGT_EEPROM_TYPE_MAC: 1148 DPRINTF(sc, UPGT_DEBUG_FW, 1149 "EEPROM mac len=%d\n", option_len); 1150 1151 IEEE80211_ADDR_COPY(sc->sc_myaddr, eeprom_option->data); 1152 break; 1153 case UPGT_EEPROM_TYPE_HWRX: 1154 DPRINTF(sc, UPGT_DEBUG_FW, 1155 "EEPROM hwrx len=%d\n", option_len); 1156 1157 upgt_eeprom_parse_hwrx(sc, eeprom_option->data); 1158 break; 1159 case UPGT_EEPROM_TYPE_CHIP: 1160 DPRINTF(sc, UPGT_DEBUG_FW, 1161 "EEPROM chip len=%d\n", option_len); 1162 break; 1163 case UPGT_EEPROM_TYPE_FREQ3: 1164 DPRINTF(sc, UPGT_DEBUG_FW, 1165 "EEPROM freq3 len=%d\n", option_len); 1166 1167 upgt_eeprom_parse_freq3(sc, eeprom_option->data, 1168 option_len); 1169 break; 1170 case UPGT_EEPROM_TYPE_FREQ4: 1171 DPRINTF(sc, UPGT_DEBUG_FW, 1172 "EEPROM freq4 len=%d\n", option_len); 1173 1174 upgt_eeprom_parse_freq4(sc, eeprom_option->data, 1175 option_len); 1176 break; 1177 case UPGT_EEPROM_TYPE_FREQ5: 1178 DPRINTF(sc, UPGT_DEBUG_FW, 1179 "EEPROM freq5 len=%d\n", option_len); 1180 break; 1181 case UPGT_EEPROM_TYPE_FREQ6: 1182 DPRINTF(sc, UPGT_DEBUG_FW, 1183 "EEPROM freq6 len=%d\n", option_len); 1184 1185 upgt_eeprom_parse_freq6(sc, eeprom_option->data, 1186 option_len); 1187 break; 1188 case UPGT_EEPROM_TYPE_END: 1189 DPRINTF(sc, UPGT_DEBUG_FW, 1190 "EEPROM end len=%d\n", option_len); 1191 option_end = 1; 1192 break; 1193 case UPGT_EEPROM_TYPE_OFF: 1194 DPRINTF(sc, UPGT_DEBUG_FW, 1195 "%s: EEPROM off without end option!\n", __func__); 1196 return (EIO); 1197 default: 1198 DPRINTF(sc, UPGT_DEBUG_FW, 1199 "EEPROM unknown type 0x%04x len=%d\n", 1200 option_type, option_len); 1201 break; 1202 } 1203 1204 /* jump to next EEPROM option */ 1205 eeprom_option = (struct upgt_eeprom_option *) 1206 (eeprom_option->data + option_len); 1207 } 1208 1209 return (0); 1210} 1211 1212static void 1213upgt_eeprom_parse_freq3(struct upgt_softc *sc, uint8_t *data, int len) 1214{ 1215 struct upgt_eeprom_freq3_header *freq3_header; 1216 struct upgt_lmac_freq3 *freq3; 1217 int i, elements, flags; 1218 unsigned channel; 1219 1220 freq3_header = (struct upgt_eeprom_freq3_header *)data; 1221 freq3 = (struct upgt_lmac_freq3 *)(freq3_header + 1); 1222 1223 flags = freq3_header->flags; 1224 elements = freq3_header->elements; 1225 1226 DPRINTF(sc, UPGT_DEBUG_FW, "flags=0x%02x elements=%d\n", 1227 flags, elements); 1228 1229 for (i = 0; i < elements; i++) { 1230 channel = ieee80211_mhz2ieee(le16toh(freq3[i].freq), 0); 1231 if (!(channel >= 0 && channel < IEEE80211_CHAN_MAX)) 1232 continue; 1233 1234 sc->sc_eeprom_freq3[channel] = freq3[i]; 1235 1236 DPRINTF(sc, UPGT_DEBUG_FW, "frequence=%d, channel=%d\n", 1237 le16toh(sc->sc_eeprom_freq3[channel].freq), channel); 1238 } 1239} 1240 1241void 1242upgt_eeprom_parse_freq4(struct upgt_softc *sc, uint8_t *data, int len) 1243{ 1244 struct upgt_eeprom_freq4_header *freq4_header; 1245 struct upgt_eeprom_freq4_1 *freq4_1; 1246 struct upgt_eeprom_freq4_2 *freq4_2; 1247 int i, j, elements, settings, flags; 1248 unsigned channel; 1249 1250 freq4_header = (struct upgt_eeprom_freq4_header *)data; 1251 freq4_1 = (struct upgt_eeprom_freq4_1 *)(freq4_header + 1); 1252 flags = freq4_header->flags; 1253 elements = freq4_header->elements; 1254 settings = freq4_header->settings; 1255 1256 /* we need this value later */ 1257 sc->sc_eeprom_freq6_settings = freq4_header->settings; 1258 1259 DPRINTF(sc, UPGT_DEBUG_FW, "flags=0x%02x elements=%d settings=%d\n", 1260 flags, elements, settings); 1261 1262 for (i = 0; i < elements; i++) { 1263 channel = ieee80211_mhz2ieee(le16toh(freq4_1[i].freq), 0); 1264 if (!(channel >= 0 && channel < IEEE80211_CHAN_MAX)) 1265 continue; 1266 1267 freq4_2 = (struct upgt_eeprom_freq4_2 *)freq4_1[i].data; 1268 for (j = 0; j < settings; j++) { 1269 sc->sc_eeprom_freq4[channel][j].cmd = freq4_2[j]; 1270 sc->sc_eeprom_freq4[channel][j].pad = 0; 1271 } 1272 1273 DPRINTF(sc, UPGT_DEBUG_FW, "frequence=%d, channel=%d\n", 1274 le16toh(freq4_1[i].freq), channel); 1275 } 1276} 1277 1278void 1279upgt_eeprom_parse_freq6(struct upgt_softc *sc, uint8_t *data, int len) 1280{ 1281 struct upgt_lmac_freq6 *freq6; 1282 int i, elements; 1283 unsigned channel; 1284 1285 freq6 = (struct upgt_lmac_freq6 *)data; 1286 elements = len / sizeof(struct upgt_lmac_freq6); 1287 1288 DPRINTF(sc, UPGT_DEBUG_FW, "elements=%d\n", elements); 1289 1290 for (i = 0; i < elements; i++) { 1291 channel = ieee80211_mhz2ieee(le16toh(freq6[i].freq), 0); 1292 if (!(channel >= 0 && channel < IEEE80211_CHAN_MAX)) 1293 continue; 1294 1295 sc->sc_eeprom_freq6[channel] = freq6[i]; 1296 1297 DPRINTF(sc, UPGT_DEBUG_FW, "frequence=%d, channel=%d\n", 1298 le16toh(sc->sc_eeprom_freq6[channel].freq), channel); 1299 } 1300} 1301 1302static void 1303upgt_eeprom_parse_hwrx(struct upgt_softc *sc, uint8_t *data) 1304{ 1305 struct upgt_eeprom_option_hwrx *option_hwrx; 1306 1307 option_hwrx = (struct upgt_eeprom_option_hwrx *)data; 1308 1309 sc->sc_eeprom_hwrx = option_hwrx->rxfilter - UPGT_EEPROM_RX_CONST; 1310 1311 DPRINTF(sc, UPGT_DEBUG_FW, "hwrx option value=0x%04x\n", 1312 sc->sc_eeprom_hwrx); 1313} 1314 1315static int 1316upgt_eeprom_read(struct upgt_softc *sc) 1317{ 1318 struct upgt_data *data_cmd; 1319 struct upgt_lmac_mem *mem; 1320 struct upgt_lmac_eeprom *eeprom; 1321 int block, error, offset; 1322 1323 UPGT_LOCK(sc); 1324 usb2_pause_mtx(&sc->sc_mtx, 100); 1325 1326 offset = 0; 1327 block = UPGT_EEPROM_BLOCK_SIZE; 1328 while (offset < UPGT_EEPROM_SIZE) { 1329 DPRINTF(sc, UPGT_DEBUG_FW, 1330 "request EEPROM block (offset=%d, len=%d)\n", offset, block); 1331 1332 data_cmd = upgt_getbuf(sc); 1333 if (data_cmd == NULL) { 1334 UPGT_UNLOCK(sc); 1335 return (ENOBUFS); 1336 } 1337 1338 /* 1339 * Transmit the URB containing the CMD data. 1340 */ 1341 bzero(data_cmd->buf, MCLBYTES); 1342 1343 mem = (struct upgt_lmac_mem *)data_cmd->buf; 1344 mem->addr = htole32(sc->sc_memaddr_frame_start + 1345 UPGT_MEMSIZE_FRAME_HEAD); 1346 1347 eeprom = (struct upgt_lmac_eeprom *)(mem + 1); 1348 eeprom->header1.flags = 0; 1349 eeprom->header1.type = UPGT_H1_TYPE_CTRL; 1350 eeprom->header1.len = htole16(( 1351 sizeof(struct upgt_lmac_eeprom) - 1352 sizeof(struct upgt_lmac_header)) + block); 1353 1354 eeprom->header2.reqid = htole32(sc->sc_memaddr_frame_start); 1355 eeprom->header2.type = htole16(UPGT_H2_TYPE_EEPROM); 1356 eeprom->header2.flags = 0; 1357 1358 eeprom->offset = htole16(offset); 1359 eeprom->len = htole16(block); 1360 1361 data_cmd->buflen = sizeof(*mem) + sizeof(*eeprom) + block; 1362 1363 mem->chksum = upgt_chksum_le((uint32_t *)eeprom, 1364 data_cmd->buflen - sizeof(*mem)); 1365 upgt_bulk_tx(sc, data_cmd); 1366 1367 error = mtx_sleep(sc, &sc->sc_mtx, 0, "eeprom_request", hz); 1368 if (error != 0) { 1369 device_printf(sc->sc_dev, 1370 "timeout while waiting for EEPROM data!\n"); 1371 UPGT_UNLOCK(sc); 1372 return (EIO); 1373 } 1374 1375 offset += block; 1376 if (UPGT_EEPROM_SIZE - offset < block) 1377 block = UPGT_EEPROM_SIZE - offset; 1378 } 1379 1380 UPGT_UNLOCK(sc); 1381 return (0); 1382} 1383 1384/* 1385 * When a rx data came in the function returns a mbuf and a rssi values. 1386 */ 1387static struct mbuf * 1388upgt_rxeof(struct usb2_xfer *xfer, struct upgt_data *data, int *rssi) 1389{ 1390 struct mbuf *m = NULL; 1391 struct upgt_softc *sc = xfer->priv_sc; 1392 struct upgt_lmac_header *header; 1393 struct upgt_lmac_eeprom *eeprom; 1394 uint8_t h1_type; 1395 uint16_t h2_type; 1396 1397 UPGT_ASSERT_LOCKED(sc); 1398 1399 if (xfer->actlen < 1) 1400 return (NULL); 1401 1402 /* Check only at the very beginning. */ 1403 if (!(sc->sc_flags & UPGT_FLAG_FWLOADED) && 1404 (memcmp(data->buf, "OK", 2) == 0)) { 1405 sc->sc_flags |= UPGT_FLAG_FWLOADED; 1406 wakeup_one(sc); 1407 return (NULL); 1408 } 1409 1410 if (xfer->actlen < UPGT_RX_MINSZ) 1411 return (NULL); 1412 1413 /* 1414 * Check what type of frame came in. 1415 */ 1416 header = (struct upgt_lmac_header *)(data->buf + 4); 1417 1418 h1_type = header->header1.type; 1419 h2_type = le16toh(header->header2.type); 1420 1421 if (h1_type == UPGT_H1_TYPE_CTRL && h2_type == UPGT_H2_TYPE_EEPROM) { 1422 eeprom = (struct upgt_lmac_eeprom *)(data->buf + 4); 1423 uint16_t eeprom_offset = le16toh(eeprom->offset); 1424 uint16_t eeprom_len = le16toh(eeprom->len); 1425 1426 DPRINTF(sc, UPGT_DEBUG_FW, 1427 "received EEPROM block (offset=%d, len=%d)\n", 1428 eeprom_offset, eeprom_len); 1429 1430 bcopy(data->buf + sizeof(struct upgt_lmac_eeprom) + 4, 1431 sc->sc_eeprom + eeprom_offset, eeprom_len); 1432 1433 /* EEPROM data has arrived in time, wakeup. */ 1434 wakeup(sc); 1435 } else if (h1_type == UPGT_H1_TYPE_CTRL && 1436 h2_type == UPGT_H2_TYPE_TX_DONE) { 1437 DPRINTF(sc, UPGT_DEBUG_XMIT, "%s: received 802.11 TX done\n", 1438 __func__); 1439 upgt_tx_done(sc, data->buf + 4); 1440 } else if (h1_type == UPGT_H1_TYPE_RX_DATA || 1441 h1_type == UPGT_H1_TYPE_RX_DATA_MGMT) { 1442 DPRINTF(sc, UPGT_DEBUG_RECV, "%s: received 802.11 RX data\n", 1443 __func__); 1444 m = upgt_rx(sc, data->buf + 4, le16toh(header->header1.len), 1445 rssi); 1446 } else if (h1_type == UPGT_H1_TYPE_CTRL && 1447 h2_type == UPGT_H2_TYPE_STATS) { 1448 DPRINTF(sc, UPGT_DEBUG_STAT, "%s: received statistic data\n", 1449 __func__); 1450 /* TODO: what could we do with the statistic data? */ 1451 } else { 1452 /* ignore unknown frame types */ 1453 DPRINTF(sc, UPGT_DEBUG_INTR, 1454 "received unknown frame type 0x%02x\n", 1455 header->header1.type); 1456 } 1457 return (m); 1458} 1459 1460/* 1461 * The firmware awaits a checksum for each frame we send to it. 1462 * The algorithm used therefor is uncommon but somehow similar to CRC32. 1463 */ 1464static uint32_t 1465upgt_chksum_le(const uint32_t *buf, size_t size) 1466{ 1467 int i; 1468 uint32_t crc = 0; 1469 1470 for (i = 0; i < size; i += sizeof(uint32_t)) { 1471 crc = htole32(crc ^ *buf++); 1472 crc = htole32((crc >> 5) ^ (crc << 3)); 1473 } 1474 1475 return (crc); 1476} 1477 1478static struct mbuf * 1479upgt_rx(struct upgt_softc *sc, uint8_t *data, int pkglen, int *rssi) 1480{ 1481 struct ifnet *ifp = sc->sc_ifp; 1482 struct ieee80211com *ic = ifp->if_l2com; 1483 struct upgt_lmac_rx_desc *rxdesc; 1484 struct mbuf *m; 1485 1486 /* 1487 * don't pass packets to the ieee80211 framework if the driver isn't 1488 * RUNNING. 1489 */ 1490 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) 1491 return (NULL); 1492 1493 /* access RX packet descriptor */ 1494 rxdesc = (struct upgt_lmac_rx_desc *)data; 1495 1496 /* create mbuf which is suitable for strict alignment archs */ 1497 KASSERT((pkglen + ETHER_ALIGN) < MCLBYTES, 1498 ("A current mbuf storage is small (%d)", pkglen + ETHER_ALIGN)); 1499 m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1500 if (m == NULL) { 1501 device_printf(sc->sc_dev, "could not create RX mbuf!\n"); 1502 return (NULL); 1503 } 1504 m_adj(m, ETHER_ALIGN); 1505 bcopy(rxdesc->data, mtod(m, char *), pkglen); 1506 /* trim FCS */ 1507 m->m_len = m->m_pkthdr.len = pkglen - IEEE80211_CRC_LEN; 1508 m->m_pkthdr.rcvif = ifp; 1509 1510 if (bpf_peers_present(ifp->if_bpf)) { 1511 struct upgt_rx_radiotap_header *tap = &sc->sc_rxtap; 1512 1513 tap->wr_flags = 0; 1514 tap->wr_rate = upgt_rx_rate(sc, rxdesc->rate); 1515 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1516 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1517 tap->wr_antsignal = rxdesc->rssi; 1518 1519 bpf_mtap2(ifp->if_bpf, tap, sc->sc_rxtap_len, m); 1520 } 1521 ifp->if_ipackets++; 1522 1523 DPRINTF(sc, UPGT_DEBUG_RX_PROC, "%s: RX done\n", __func__); 1524 *rssi = rxdesc->rssi; 1525 return (m); 1526} 1527 1528static uint8_t 1529upgt_rx_rate(struct upgt_softc *sc, const int rate) 1530{ 1531 struct ifnet *ifp = sc->sc_ifp; 1532 struct ieee80211com *ic = ifp->if_l2com; 1533 static const uint8_t cck_upgt2rate[4] = { 2, 4, 11, 22 }; 1534 static const uint8_t ofdm_upgt2rate[12] = 1535 { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 }; 1536 1537 if (ic->ic_curmode == IEEE80211_MODE_11B && 1538 !(rate < 0 || rate > 3)) 1539 return cck_upgt2rate[rate & 0xf]; 1540 1541 if (ic->ic_curmode == IEEE80211_MODE_11G && 1542 !(rate < 0 || rate > 11)) 1543 return ofdm_upgt2rate[rate & 0xf]; 1544 1545 return (0); 1546} 1547 1548static void 1549upgt_tx_done(struct upgt_softc *sc, uint8_t *data) 1550{ 1551 struct ifnet *ifp = sc->sc_ifp; 1552 struct upgt_lmac_tx_done_desc *desc; 1553 int i, freed = 0; 1554 1555 UPGT_ASSERT_LOCKED(sc); 1556 1557 desc = (struct upgt_lmac_tx_done_desc *)data; 1558 1559 for (i = 0; i < UPGT_TX_MAXCOUNT; i++) { 1560 struct upgt_data *data_tx = &sc->sc_tx_data[i]; 1561 1562 if (data_tx->addr == le32toh(desc->header2.reqid)) { 1563 upgt_mem_free(sc, data_tx->addr); 1564 data_tx->ni = NULL; 1565 data_tx->addr = 0; 1566 data_tx->m = NULL; 1567 data_tx->use = 0; 1568 1569 DPRINTF(sc, UPGT_DEBUG_TX_PROC, 1570 "TX done: memaddr=0x%08x, status=0x%04x, rssi=%d, ", 1571 le32toh(desc->header2.reqid), 1572 le16toh(desc->status), le16toh(desc->rssi)); 1573 DPRINTF(sc, UPGT_DEBUG_TX_PROC, "seq=%d\n", 1574 le16toh(desc->seq)); 1575 1576 freed++; 1577 } 1578 } 1579 1580 if (freed != 0) { 1581 sc->sc_tx_timer = 0; 1582 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1583 UPGT_UNLOCK(sc); 1584 upgt_start(ifp); 1585 UPGT_LOCK(sc); 1586 } 1587} 1588 1589static void 1590upgt_mem_free(struct upgt_softc *sc, uint32_t addr) 1591{ 1592 int i; 1593 1594 for (i = 0; i < sc->sc_memory.pages; i++) { 1595 if (sc->sc_memory.page[i].addr == addr) { 1596 sc->sc_memory.page[i].used = 0; 1597 return; 1598 } 1599 } 1600 1601 device_printf(sc->sc_dev, 1602 "could not free memory address 0x%08x!\n", addr); 1603} 1604 1605static int 1606upgt_fw_load(struct upgt_softc *sc) 1607{ 1608 const struct firmware *fw; 1609 struct upgt_data *data_cmd; 1610 struct upgt_fw_x2_header *x2; 1611 char start_fwload_cmd[] = { 0x3c, 0x0d }; 1612 int error = 0, offset, bsize, n; 1613 uint32_t crc32; 1614 1615 fw = firmware_get(upgt_fwname); 1616 if (fw == NULL) { 1617 device_printf(sc->sc_dev, "could not read microcode %s!\n", 1618 upgt_fwname); 1619 return (EIO); 1620 } 1621 1622 UPGT_LOCK(sc); 1623 1624 /* send firmware start load command */ 1625 data_cmd = upgt_getbuf(sc); 1626 if (data_cmd == NULL) { 1627 error = ENOBUFS; 1628 goto fail; 1629 } 1630 data_cmd->buflen = sizeof(start_fwload_cmd); 1631 bcopy(start_fwload_cmd, data_cmd->buf, data_cmd->buflen); 1632 upgt_bulk_tx(sc, data_cmd); 1633 1634 /* send X2 header */ 1635 data_cmd = upgt_getbuf(sc); 1636 if (data_cmd == NULL) { 1637 error = ENOBUFS; 1638 goto fail; 1639 } 1640 data_cmd->buflen = sizeof(struct upgt_fw_x2_header); 1641 x2 = (struct upgt_fw_x2_header *)data_cmd->buf; 1642 bcopy(UPGT_X2_SIGNATURE, x2->signature, UPGT_X2_SIGNATURE_SIZE); 1643 x2->startaddr = htole32(UPGT_MEMADDR_FIRMWARE_START); 1644 x2->len = htole32(fw->datasize); 1645 x2->crc = upgt_crc32_le((uint8_t *)data_cmd->buf + 1646 UPGT_X2_SIGNATURE_SIZE, 1647 sizeof(struct upgt_fw_x2_header) - UPGT_X2_SIGNATURE_SIZE - 1648 sizeof(uint32_t)); 1649 upgt_bulk_tx(sc, data_cmd); 1650 1651 /* download firmware */ 1652 for (offset = 0; offset < fw->datasize; offset += bsize) { 1653 if (fw->datasize - offset > UPGT_FW_BLOCK_SIZE) 1654 bsize = UPGT_FW_BLOCK_SIZE; 1655 else 1656 bsize = fw->datasize - offset; 1657 1658 data_cmd = upgt_getbuf(sc); 1659 if (data_cmd == NULL) { 1660 error = ENOBUFS; 1661 goto fail; 1662 } 1663 n = upgt_fw_copy((const uint8_t *)fw->data + offset, 1664 data_cmd->buf, bsize); 1665 data_cmd->buflen = bsize; 1666 upgt_bulk_tx(sc, data_cmd); 1667 1668 DPRINTF(sc, UPGT_DEBUG_FW, "FW offset=%d, read=%d, sent=%d\n", 1669 offset, n, bsize); 1670 bsize = n; 1671 } 1672 DPRINTF(sc, UPGT_DEBUG_FW, "%s: firmware downloaded\n", __func__); 1673 1674 /* load firmware */ 1675 data_cmd = upgt_getbuf(sc); 1676 if (data_cmd == NULL) { 1677 error = ENOBUFS; 1678 goto fail; 1679 } 1680 crc32 = upgt_crc32_le(fw->data, fw->datasize); 1681 *((uint32_t *)(data_cmd->buf) ) = crc32; 1682 *((uint8_t *)(data_cmd->buf) + 4) = 'g'; 1683 *((uint8_t *)(data_cmd->buf) + 5) = '\r'; 1684 data_cmd->buflen = 6; 1685 upgt_bulk_tx(sc, data_cmd); 1686 1687 /* waiting 'OK' response. */ 1688 usb2_transfer_start(sc->sc_xfer[UPGT_BULK_RX]); 1689 error = mtx_sleep(sc, &sc->sc_mtx, 0, "upgtfw", 2 * hz); 1690 if (error != 0) { 1691 device_printf(sc->sc_dev, "firmware load failed!\n"); 1692 error = EIO; 1693 } 1694 1695 DPRINTF(sc, UPGT_DEBUG_FW, "%s: firmware loaded\n", __func__); 1696fail: 1697 UPGT_UNLOCK(sc); 1698 firmware_put(fw, FIRMWARE_UNLOAD); 1699 return (error); 1700} 1701 1702static uint32_t 1703upgt_crc32_le(const void *buf, size_t size) 1704{ 1705 uint32_t crc; 1706 1707 crc = ether_crc32_le(buf, size); 1708 1709 /* apply final XOR value as common for CRC-32 */ 1710 crc = htole32(crc ^ 0xffffffffU); 1711 1712 return (crc); 1713} 1714 1715/* 1716 * While copying the version 2 firmware, we need to replace two characters: 1717 * 1718 * 0x7e -> 0x7d 0x5e 1719 * 0x7d -> 0x7d 0x5d 1720 */ 1721static int 1722upgt_fw_copy(const uint8_t *src, char *dst, int size) 1723{ 1724 int i, j; 1725 1726 for (i = 0, j = 0; i < size && j < size; i++) { 1727 switch (src[i]) { 1728 case 0x7e: 1729 dst[j] = 0x7d; 1730 j++; 1731 dst[j] = 0x5e; 1732 j++; 1733 break; 1734 case 0x7d: 1735 dst[j] = 0x7d; 1736 j++; 1737 dst[j] = 0x5d; 1738 j++; 1739 break; 1740 default: 1741 dst[j] = src[i]; 1742 j++; 1743 break; 1744 } 1745 } 1746 1747 return (i); 1748} 1749 1750static int 1751upgt_mem_init(struct upgt_softc *sc) 1752{ 1753 int i; 1754 1755 for (i = 0; i < UPGT_MEMORY_MAX_PAGES; i++) { 1756 sc->sc_memory.page[i].used = 0; 1757 1758 if (i == 0) { 1759 /* 1760 * The first memory page is always reserved for 1761 * command data. 1762 */ 1763 sc->sc_memory.page[i].addr = 1764 sc->sc_memaddr_frame_start + MCLBYTES; 1765 } else { 1766 sc->sc_memory.page[i].addr = 1767 sc->sc_memory.page[i - 1].addr + MCLBYTES; 1768 } 1769 1770 if (sc->sc_memory.page[i].addr + MCLBYTES >= 1771 sc->sc_memaddr_frame_end) 1772 break; 1773 1774 DPRINTF(sc, UPGT_DEBUG_FW, "memory address page %d=0x%08x\n", 1775 i, sc->sc_memory.page[i].addr); 1776 } 1777 1778 sc->sc_memory.pages = i; 1779 1780 DPRINTF(sc, UPGT_DEBUG_FW, "memory pages=%d\n", sc->sc_memory.pages); 1781 return (0); 1782} 1783 1784static int 1785upgt_fw_verify(struct upgt_softc *sc) 1786{ 1787 const struct firmware *fw; 1788 const struct upgt_fw_bra_option *bra_opt; 1789 const struct upgt_fw_bra_descr *descr; 1790 const uint8_t *p; 1791 const uint32_t *uc; 1792 uint32_t bra_option_type, bra_option_len; 1793 int offset, bra_end = 0, error = 0; 1794 1795 fw = firmware_get(upgt_fwname); 1796 if (fw == NULL) { 1797 device_printf(sc->sc_dev, "could not read microcode %s!\n", 1798 upgt_fwname); 1799 return EIO; 1800 } 1801 1802 /* 1803 * Seek to beginning of Boot Record Area (BRA). 1804 */ 1805 for (offset = 0; offset < fw->datasize; offset += sizeof(*uc)) { 1806 uc = (const uint32_t *)((const uint8_t *)fw->data + offset); 1807 if (*uc == 0) 1808 break; 1809 } 1810 for (; offset < fw->datasize; offset += sizeof(*uc)) { 1811 uc = (const uint32_t *)((const uint8_t *)fw->data + offset); 1812 if (*uc != 0) 1813 break; 1814 } 1815 if (offset == fw->datasize) { 1816 device_printf(sc->sc_dev, 1817 "firmware Boot Record Area not found!\n"); 1818 error = EIO; 1819 goto fail; 1820 } 1821 1822 DPRINTF(sc, UPGT_DEBUG_FW, 1823 "firmware Boot Record Area found at offset %d\n", offset); 1824 1825 /* 1826 * Parse Boot Record Area (BRA) options. 1827 */ 1828 while (offset < fw->datasize && bra_end == 0) { 1829 /* get current BRA option */ 1830 p = (const uint8_t *)fw->data + offset; 1831 bra_opt = (const struct upgt_fw_bra_option *)p; 1832 bra_option_type = le32toh(bra_opt->type); 1833 bra_option_len = le32toh(bra_opt->len) * sizeof(*uc); 1834 1835 switch (bra_option_type) { 1836 case UPGT_BRA_TYPE_FW: 1837 DPRINTF(sc, UPGT_DEBUG_FW, "UPGT_BRA_TYPE_FW len=%d\n", 1838 bra_option_len); 1839 1840 if (bra_option_len != UPGT_BRA_FWTYPE_SIZE) { 1841 device_printf(sc->sc_dev, 1842 "wrong UPGT_BRA_TYPE_FW len!\n"); 1843 error = EIO; 1844 goto fail; 1845 } 1846 if (memcmp(UPGT_BRA_FWTYPE_LM86, bra_opt->data, 1847 bra_option_len) == 0) { 1848 sc->sc_fw_type = UPGT_FWTYPE_LM86; 1849 break; 1850 } 1851 if (memcmp(UPGT_BRA_FWTYPE_LM87, bra_opt->data, 1852 bra_option_len) == 0) { 1853 sc->sc_fw_type = UPGT_FWTYPE_LM87; 1854 break; 1855 } 1856 device_printf(sc->sc_dev, 1857 "unsupported firmware type!\n"); 1858 error = EIO; 1859 goto fail; 1860 case UPGT_BRA_TYPE_VERSION: 1861 DPRINTF(sc, UPGT_DEBUG_FW, 1862 "UPGT_BRA_TYPE_VERSION len=%d\n", bra_option_len); 1863 break; 1864 case UPGT_BRA_TYPE_DEPIF: 1865 DPRINTF(sc, UPGT_DEBUG_FW, 1866 "UPGT_BRA_TYPE_DEPIF len=%d\n", bra_option_len); 1867 break; 1868 case UPGT_BRA_TYPE_EXPIF: 1869 DPRINTF(sc, UPGT_DEBUG_FW, 1870 "UPGT_BRA_TYPE_EXPIF len=%d\n", bra_option_len); 1871 break; 1872 case UPGT_BRA_TYPE_DESCR: 1873 DPRINTF(sc, UPGT_DEBUG_FW, 1874 "UPGT_BRA_TYPE_DESCR len=%d\n", bra_option_len); 1875 1876 descr = (const struct upgt_fw_bra_descr *)bra_opt->data; 1877 1878 sc->sc_memaddr_frame_start = 1879 le32toh(descr->memaddr_space_start); 1880 sc->sc_memaddr_frame_end = 1881 le32toh(descr->memaddr_space_end); 1882 1883 DPRINTF(sc, UPGT_DEBUG_FW, 1884 "memory address space start=0x%08x\n", 1885 sc->sc_memaddr_frame_start); 1886 DPRINTF(sc, UPGT_DEBUG_FW, 1887 "memory address space end=0x%08x\n", 1888 sc->sc_memaddr_frame_end); 1889 break; 1890 case UPGT_BRA_TYPE_END: 1891 DPRINTF(sc, UPGT_DEBUG_FW, "UPGT_BRA_TYPE_END len=%d\n", 1892 bra_option_len); 1893 bra_end = 1; 1894 break; 1895 default: 1896 DPRINTF(sc, UPGT_DEBUG_FW, "unknown BRA option len=%d\n", 1897 bra_option_len); 1898 error = EIO; 1899 goto fail; 1900 } 1901 1902 /* jump to next BRA option */ 1903 offset += sizeof(struct upgt_fw_bra_option) + bra_option_len; 1904 } 1905 1906 DPRINTF(sc, UPGT_DEBUG_FW, "%s: firmware verified", __func__); 1907fail: 1908 firmware_put(fw, FIRMWARE_UNLOAD); 1909 return (error); 1910} 1911 1912static void 1913upgt_bulk_tx(struct upgt_softc *sc, struct upgt_data *data) 1914{ 1915 1916 UPGT_ASSERT_LOCKED(sc); 1917 1918 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 1919 UPGT_STAT_INC(sc, st_tx_pending); 1920 usb2_transfer_start(sc->sc_xfer[UPGT_BULK_TX]); 1921} 1922 1923static int 1924upgt_device_reset(struct upgt_softc *sc) 1925{ 1926 struct upgt_data *data; 1927 char init_cmd[] = { 0x7e, 0x7e, 0x7e, 0x7e }; 1928 1929 UPGT_LOCK(sc); 1930 1931 data = upgt_getbuf(sc); 1932 if (data == NULL) { 1933 UPGT_UNLOCK(sc); 1934 return (ENOBUFS); 1935 } 1936 bcopy(init_cmd, data->buf, sizeof(init_cmd)); 1937 data->buflen = sizeof(init_cmd); 1938 upgt_bulk_tx(sc, data); 1939 usb2_pause_mtx(&sc->sc_mtx, 100); 1940 1941 UPGT_UNLOCK(sc); 1942 DPRINTF(sc, UPGT_DEBUG_FW, "%s: device initialized\n", __func__); 1943 return (0); 1944} 1945 1946static int 1947upgt_alloc_tx(struct upgt_softc *sc) 1948{ 1949 int i; 1950 1951 STAILQ_INIT(&sc->sc_tx_active); 1952 STAILQ_INIT(&sc->sc_tx_inactive); 1953 STAILQ_INIT(&sc->sc_tx_pending); 1954 1955 for (i = 0; i < UPGT_TX_MAXCOUNT; i++) { 1956 struct upgt_data *data = &sc->sc_tx_data[i]; 1957 1958 data->buf = malloc(MCLBYTES, M_USBDEV, M_NOWAIT | M_ZERO); 1959 if (data->buf == NULL) { 1960 device_printf(sc->sc_dev, 1961 "could not allocate TX buffer!\n"); 1962 return (ENOMEM); 1963 } 1964 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1965 UPGT_STAT_INC(sc, st_tx_inactive); 1966 } 1967 1968 return (0); 1969} 1970 1971static int 1972upgt_alloc_rx(struct upgt_softc *sc) 1973{ 1974 int i; 1975 1976 STAILQ_INIT(&sc->sc_rx_active); 1977 STAILQ_INIT(&sc->sc_rx_inactive); 1978 1979 for (i = 0; i < UPGT_RX_MAXCOUNT; i++) { 1980 struct upgt_data *data = &sc->sc_rx_data[i]; 1981 1982 data->buf = malloc(MCLBYTES, M_USBDEV, M_NOWAIT | M_ZERO); 1983 if (data->buf == NULL) { 1984 device_printf(sc->sc_dev, 1985 "could not allocate RX buffer!\n"); 1986 return (ENOMEM); 1987 } 1988 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1989 } 1990 1991 return (0); 1992} 1993 1994static int 1995upgt_detach(device_t dev) 1996{ 1997 struct upgt_softc *sc = device_get_softc(dev); 1998 struct ifnet *ifp = sc->sc_ifp; 1999 struct ieee80211com *ic = ifp->if_l2com; 2000 2001 if (!device_is_attached(dev)) 2002 return 0; 2003 2004 upgt_stop(sc); 2005 ieee80211_ifdetach(ic); 2006 2007 callout_drain(&sc->sc_led_ch); 2008 callout_drain(&sc->sc_watchdog_ch); 2009 2010 usb2_transfer_unsetup(sc->sc_xfer, UPGT_N_XFERS); 2011 upgt_free_rx(sc); 2012 upgt_free_tx(sc); 2013 2014 bpfdetach(ifp); 2015 if_free(ifp); 2016 mtx_destroy(&sc->sc_mtx); 2017 2018 return (0); 2019} 2020 2021static void 2022upgt_free_rx(struct upgt_softc *sc) 2023{ 2024 int i; 2025 2026 for (i = 0; i < UPGT_RX_MAXCOUNT; i++) { 2027 struct upgt_data *data = &sc->sc_rx_data[i]; 2028 2029 free(data->buf, M_USBDEV); 2030 data->ni = NULL; 2031 } 2032} 2033 2034static void 2035upgt_free_tx(struct upgt_softc *sc) 2036{ 2037 int i; 2038 2039 for (i = 0; i < UPGT_TX_MAXCOUNT; i++) { 2040 struct upgt_data *data = &sc->sc_tx_data[i]; 2041 2042 free(data->buf, M_USBDEV); 2043 data->ni = NULL; 2044 } 2045} 2046 2047static void 2048upgt_abort_xfers_locked(struct upgt_softc *sc) 2049{ 2050 int i; 2051 2052 UPGT_ASSERT_LOCKED(sc); 2053 /* abort any pending transfers */ 2054 for (i = 0; i < UPGT_N_XFERS; i++) 2055 usb2_transfer_stop(sc->sc_xfer[i]); 2056} 2057 2058static void 2059upgt_abort_xfers(struct upgt_softc *sc) 2060{ 2061 2062 UPGT_LOCK(sc); 2063 upgt_abort_xfers_locked(sc); 2064 UPGT_UNLOCK(sc); 2065} 2066 2067#define UPGT_SYSCTL_STAT_ADD32(c, h, n, p, d) \ 2068 SYSCTL_ADD_UINT(c, h, OID_AUTO, n, CTLFLAG_RD, p, 0, d) 2069 2070static void 2071upgt_sysctl_node(struct upgt_softc *sc) 2072{ 2073 struct sysctl_ctx_list *ctx; 2074 struct sysctl_oid_list *child; 2075 struct sysctl_oid *tree; 2076 struct upgt_stat *stats; 2077 2078 stats = &sc->sc_stat; 2079 ctx = device_get_sysctl_ctx(sc->sc_dev); 2080 child = SYSCTL_CHILDREN(device_get_sysctl_tree(sc->sc_dev)); 2081 2082 tree = SYSCTL_ADD_NODE(ctx, child, OID_AUTO, "stats", CTLFLAG_RD, 2083 NULL, "UPGT statistics"); 2084 child = SYSCTL_CHILDREN(tree); 2085 UPGT_SYSCTL_STAT_ADD32(ctx, child, "tx_active", 2086 &stats->st_tx_active, "Active numbers in TX queue"); 2087 UPGT_SYSCTL_STAT_ADD32(ctx, child, "tx_inactive", 2088 &stats->st_tx_inactive, "Inactive numbers in TX queue"); 2089 UPGT_SYSCTL_STAT_ADD32(ctx, child, "tx_pending", 2090 &stats->st_tx_pending, "Pending numbers in TX queue"); 2091} 2092 2093#undef UPGT_SYSCTL_STAT_ADD32 2094 2095static struct upgt_data * 2096_upgt_getbuf(struct upgt_softc *sc) 2097{ 2098 struct upgt_data *bf; 2099 2100 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 2101 if (bf != NULL) { 2102 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 2103 UPGT_STAT_DEC(sc, st_tx_inactive); 2104 } else 2105 bf = NULL; 2106 if (bf == NULL) 2107 DPRINTF(sc, UPGT_DEBUG_XMIT, "%s: %s\n", __func__, 2108 "out of xmit buffers"); 2109 return (bf); 2110} 2111 2112static struct upgt_data * 2113upgt_getbuf(struct upgt_softc *sc) 2114{ 2115 struct upgt_data *bf; 2116 2117 UPGT_ASSERT_LOCKED(sc); 2118 2119 bf = _upgt_getbuf(sc); 2120 if (bf == NULL) { 2121 struct ifnet *ifp = sc->sc_ifp; 2122 2123 DPRINTF(sc, UPGT_DEBUG_XMIT, "%s: stop queue\n", __func__); 2124 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2125 } 2126 2127 return (bf); 2128} 2129 2130static struct upgt_data * 2131upgt_gettxbuf(struct upgt_softc *sc) 2132{ 2133 struct upgt_data *bf; 2134 2135 UPGT_ASSERT_LOCKED(sc); 2136 2137 bf = upgt_getbuf(sc); 2138 if (bf == NULL) 2139 return (NULL); 2140 2141 bf->addr = upgt_mem_alloc(sc); 2142 if (bf->addr == 0) { 2143 struct ifnet *ifp = sc->sc_ifp; 2144 2145 DPRINTF(sc, UPGT_DEBUG_XMIT, "%s: no free prism memory!\n", 2146 __func__); 2147 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 2148 UPGT_STAT_INC(sc, st_tx_inactive); 2149 if (!(ifp->if_drv_flags & IFF_DRV_OACTIVE)) 2150 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2151 return (NULL); 2152 } 2153 return (bf); 2154} 2155 2156static int 2157upgt_tx_start(struct upgt_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 2158 struct upgt_data *data) 2159{ 2160 int error = 0, len; 2161 struct ieee80211_frame *wh; 2162 struct ieee80211_key *k; 2163 struct ifnet *ifp = sc->sc_ifp; 2164 struct ieee80211com *ic = ifp->if_l2com; 2165 struct upgt_lmac_mem *mem; 2166 struct upgt_lmac_tx_desc *txdesc; 2167 2168 UPGT_ASSERT_LOCKED(sc); 2169 2170 upgt_set_led(sc, UPGT_LED_BLINK); 2171 2172 /* 2173 * Software crypto. 2174 */ 2175 wh = mtod(m, struct ieee80211_frame *); 2176 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2177 k = ieee80211_crypto_encap(ni, m); 2178 if (k == NULL) { 2179 device_printf(sc->sc_dev, 2180 "ieee80211_crypto_encap returns NULL.\n"); 2181 error = EIO; 2182 goto done; 2183 } 2184 2185 /* in case packet header moved, reset pointer */ 2186 wh = mtod(m, struct ieee80211_frame *); 2187 } 2188 2189 /* Transmit the URB containing the TX data. */ 2190 bzero(data->buf, MCLBYTES); 2191 mem = (struct upgt_lmac_mem *)data->buf; 2192 mem->addr = htole32(data->addr); 2193 txdesc = (struct upgt_lmac_tx_desc *)(mem + 1); 2194 2195 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 2196 IEEE80211_FC0_TYPE_MGT) { 2197 /* mgmt frames */ 2198 txdesc->header1.flags = UPGT_H1_FLAGS_TX_MGMT; 2199 /* always send mgmt frames at lowest rate (DS1) */ 2200 memset(txdesc->rates, 0x10, sizeof(txdesc->rates)); 2201 } else { 2202 /* data frames */ 2203 txdesc->header1.flags = UPGT_H1_FLAGS_TX_DATA; 2204 bcopy(sc->sc_cur_rateset, txdesc->rates, sizeof(txdesc->rates)); 2205 } 2206 txdesc->header1.type = UPGT_H1_TYPE_TX_DATA; 2207 txdesc->header1.len = htole16(m->m_pkthdr.len); 2208 txdesc->header2.reqid = htole32(data->addr); 2209 txdesc->header2.type = htole16(UPGT_H2_TYPE_TX_ACK_YES); 2210 txdesc->header2.flags = htole16(UPGT_H2_FLAGS_TX_ACK_YES); 2211 txdesc->type = htole32(UPGT_TX_DESC_TYPE_DATA); 2212 txdesc->pad3[0] = UPGT_TX_DESC_PAD3_SIZE; 2213 2214 if (bpf_peers_present(ifp->if_bpf)) { 2215 struct upgt_tx_radiotap_header *tap = &sc->sc_txtap; 2216 2217 tap->wt_flags = 0; 2218 tap->wt_rate = 0; /* XXX where to get from? */ 2219 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 2220 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 2221 2222 bpf_mtap2(ifp->if_bpf, tap, sc->sc_txtap_len, m); 2223 } 2224 2225 /* copy frame below our TX descriptor header */ 2226 m_copydata(m, 0, m->m_pkthdr.len, 2227 data->buf + (sizeof(*mem) + sizeof(*txdesc))); 2228 /* calculate frame size */ 2229 len = sizeof(*mem) + sizeof(*txdesc) + m->m_pkthdr.len; 2230 /* we need to align the frame to a 4 byte boundary */ 2231 len = (len + 3) & ~3; 2232 /* calculate frame checksum */ 2233 mem->chksum = upgt_chksum_le((uint32_t *)txdesc, len - sizeof(*mem)); 2234 data->ni = ni; 2235 data->m = m; 2236 data->buflen = len; 2237 2238 DPRINTF(sc, UPGT_DEBUG_XMIT, "%s: TX start data sending (%d bytes)\n", 2239 __func__, len); 2240 KASSERT(len <= MCLBYTES, ("mbuf is small for saving data")); 2241 2242 upgt_bulk_tx(sc, data); 2243done: 2244 /* 2245 * If we don't regulary read the device statistics, the RX queue 2246 * will stall. It's strange, but it works, so we keep reading 2247 * the statistics here. *shrug* 2248 */ 2249 if (!(ifp->if_opackets % UPGT_TX_STAT_INTERVAL)) 2250 upgt_get_stats(sc); 2251 2252 return (error); 2253} 2254 2255static void 2256upgt_bulk_rx_callback(struct usb2_xfer *xfer) 2257{ 2258 struct upgt_softc *sc = xfer->priv_sc; 2259 struct ifnet *ifp = sc->sc_ifp; 2260 struct ieee80211com *ic = ifp->if_l2com; 2261 struct ieee80211_frame *wh; 2262 struct ieee80211_node *ni; 2263 struct mbuf *m = NULL; 2264 struct upgt_data *data; 2265 int8_t nf; 2266 int rssi = -1; 2267 2268 UPGT_ASSERT_LOCKED(sc); 2269 2270 switch (USB_GET_STATE(xfer)) { 2271 case USB_ST_TRANSFERRED: 2272 data = STAILQ_FIRST(&sc->sc_rx_active); 2273 if (data == NULL) 2274 goto setup; 2275 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 2276 m = upgt_rxeof(xfer, data, &rssi); 2277 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 2278 /* FALLTHROUGH */ 2279 case USB_ST_SETUP: 2280setup: 2281 data = STAILQ_FIRST(&sc->sc_rx_inactive); 2282 if (data == NULL) 2283 return; 2284 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 2285 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 2286 usb2_set_frame_data(xfer, data->buf, 0); 2287 xfer->frlengths[0] = xfer->max_data_length; 2288 usb2_start_hardware(xfer); 2289 2290 /* 2291 * To avoid LOR we should unlock our private mutex here to call 2292 * ieee80211_input() because here is at the end of a USB 2293 * callback and safe to unlock. 2294 */ 2295 UPGT_UNLOCK(sc); 2296 if (m != NULL) { 2297 wh = mtod(m, struct ieee80211_frame *); 2298 ni = ieee80211_find_rxnode(ic, 2299 (struct ieee80211_frame_min *)wh); 2300 nf = -95; /* XXX */ 2301 if (ni != NULL) { 2302 (void) ieee80211_input(ni, m, rssi, nf, 0); 2303 /* node is no longer needed */ 2304 ieee80211_free_node(ni); 2305 } else 2306 (void) ieee80211_input_all(ic, m, rssi, nf, 0); 2307 m = NULL; 2308 } 2309 UPGT_LOCK(sc); 2310 break; 2311 default: 2312 /* needs it to the inactive queue due to a error. */ 2313 data = STAILQ_FIRST(&sc->sc_rx_active); 2314 if (data != NULL) { 2315 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 2316 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 2317 } 2318 if (xfer->error != USB_ERR_CANCELLED) { 2319 xfer->flags.stall_pipe = 1; 2320 ifp->if_ierrors++; 2321 goto setup; 2322 } 2323 break; 2324 } 2325} 2326 2327static void 2328upgt_bulk_tx_callback(struct usb2_xfer *xfer) 2329{ 2330 struct upgt_softc *sc = xfer->priv_sc; 2331 struct ifnet *ifp = sc->sc_ifp; 2332 struct upgt_data *data; 2333 2334 UPGT_ASSERT_LOCKED(sc); 2335 switch (USB_GET_STATE(xfer)) { 2336 case USB_ST_TRANSFERRED: 2337 data = STAILQ_FIRST(&sc->sc_tx_active); 2338 if (data == NULL) 2339 goto setup; 2340 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 2341 UPGT_STAT_DEC(sc, st_tx_active); 2342 upgt_txeof(xfer, data); 2343 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 2344 UPGT_STAT_INC(sc, st_tx_inactive); 2345 /* FALLTHROUGH */ 2346 case USB_ST_SETUP: 2347setup: 2348 data = STAILQ_FIRST(&sc->sc_tx_pending); 2349 if (data == NULL) { 2350 DPRINTF(sc, UPGT_DEBUG_XMIT, "%s: empty pending queue\n", 2351 __func__); 2352 return; 2353 } 2354 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); 2355 UPGT_STAT_DEC(sc, st_tx_pending); 2356 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next); 2357 UPGT_STAT_INC(sc, st_tx_active); 2358 2359 usb2_set_frame_data(xfer, data->buf, 0); 2360 xfer->frlengths[0] = data->buflen; 2361 usb2_start_hardware(xfer); 2362 UPGT_UNLOCK(sc); 2363 upgt_start(ifp); 2364 UPGT_LOCK(sc); 2365 break; 2366 default: 2367 data = STAILQ_FIRST(&sc->sc_tx_active); 2368 if (data == NULL) 2369 goto setup; 2370 if (data->ni != NULL) { 2371 ieee80211_free_node(data->ni); 2372 data->ni = NULL; 2373 ifp->if_oerrors++; 2374 } 2375 if (xfer->error != USB_ERR_CANCELLED) { 2376 xfer->flags.stall_pipe = 1; 2377 goto setup; 2378 } 2379 break; 2380 } 2381} 2382 2383static device_method_t upgt_methods[] = { 2384 /* Device interface */ 2385 DEVMETHOD(device_probe, upgt_match), 2386 DEVMETHOD(device_attach, upgt_attach), 2387 DEVMETHOD(device_detach, upgt_detach), 2388 2389 { 0, 0 } 2390}; 2391 2392static driver_t upgt_driver = { 2393 "upgt", 2394 upgt_methods, 2395 sizeof(struct upgt_softc) 2396}; 2397 2398static devclass_t upgt_devclass; 2399 2400DRIVER_MODULE(if_upgt, uhub, upgt_driver, upgt_devclass, NULL, 0); 2401MODULE_VERSION(if_upgt, 1); 2402MODULE_DEPEND(if_upgt, usb, 1, 1, 1); 2403MODULE_DEPEND(if_upgt, wlan, 1, 1, 1); 2404MODULE_DEPEND(if_upgt, upgtfw_fw, 1, 1, 1); 2405