1/*	$NetBSD$	*/
2/*	$OpenBSD: if_upgtvar.h,v 1.15 2009/08/10 20:02:19 deraadt Exp $ */
3
4/*
5 * Copyright (c) 2007 Marcus Glocker <mglocker@openbsd.org>
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20struct upgt_softc;
21
22/*
23 * Radio tap.
24 */
25struct upgt_rx_radiotap_header {
26	struct ieee80211_radiotap_header wr_ihdr;
27	uint8_t				wr_flags;
28	uint8_t				wr_rate;
29	uint16_t			wr_chan_freq;
30	uint16_t			wr_chan_flags;
31	uint8_t				wr_antsignal;
32} __packed;
33
34#define UPGT_RX_RADIOTAP_PRESENT					\
35	((1 << IEEE80211_RADIOTAP_FLAGS) |				\
36	 (1 << IEEE80211_RADIOTAP_RATE) |				\
37	 (1 << IEEE80211_RADIOTAP_CHANNEL) |				\
38	 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL))
39
40struct upgt_tx_radiotap_header {
41	struct ieee80211_radiotap_header wt_ihdr;
42	uint8_t				wt_flags;
43	uint8_t				wt_rate;
44	uint16_t			wt_chan_freq;
45	uint16_t			wt_chan_flags;
46} __packed;
47
48#define UPGT_TX_RADIOTAP_PRESENT					\
49	((1 << IEEE80211_RADIOTAP_FLAGS) |				\
50	 (1 << IEEE80211_RADIOTAP_RATE) |				\
51	 (1 << IEEE80211_RADIOTAP_CHANNEL))
52
53/*
54 * General values.
55 */
56#define UPGT_IFACE_INDEX		0
57#define UPGT_CONFIG_NO			1
58#define UPGT_USB_TIMEOUT		1000
59#define UPGT_FIRMWARE_TIMEOUT		10
60
61#define UPGT_MEMADDR_FIRMWARE_START	0x00020000	/* 512 bytes large */
62#define UPGT_MEMSIZE_FRAME_HEAD		0x0070
63#define UPGT_MEMSIZE_RX			0x3500
64
65#define UPGT_TX_COUNT			6
66
67/* device flags */
68#define UPGT_DEVICE_ATTACHED		(1 << 0)
69
70/* leds */
71#define UPGT_LED_OFF			0
72#define UPGT_LED_ON			1
73#define UPGT_LED_BLINK			2
74
75/*
76 * USB xfers.
77 */
78struct upgt_data {
79	struct upgt_softc		*sc;
80	usbd_xfer_handle		 xfer;
81	uint8_t				*buf;
82	struct ieee80211_node		*ni;
83	struct mbuf			*m;
84	uint32_t			 addr;
85};
86
87/*
88 * Firmware.
89 */
90#define UPGT_FW_BLOCK_SIZE		512
91
92#define UPGT_BRA_FWTYPE_SIZE		4
93#define UPGT_BRA_FWTYPE_LM86		"LM86"
94#define UPGT_BRA_FWTYPE_LM87		"LM87"
95#define UPGT_BRA_FWTYPE_FMAC		"FMAC"
96enum upgt_fw_type {
97	UPGT_FWTYPE_LM86,
98	UPGT_FWTYPE_LM87,
99	UPGT_FWTYPE_FMAC
100};
101
102#define UPGT_BRA_TYPE_FW		0x80000001
103#define UPGT_BRA_TYPE_VERSION		0x80000002
104#define UPGT_BRA_TYPE_DEPIF		0x80000003
105#define UPGT_BRA_TYPE_EXPIF		0x80000004
106#define UPGT_BRA_TYPE_DESCR		0x80000101
107#define UPGT_BRA_TYPE_END		0xff0000ff
108struct upgt_fw_bra_option {
109	uint32_t			type;
110	uint32_t			len;
111	uint8_t				data[];
112} __packed;
113
114struct upgt_fw_bra_descr {
115	uint32_t			unknown1;
116	uint32_t			memaddr_space_start;
117	uint32_t			memaddr_space_end;
118	uint32_t			unknown2;
119	uint32_t			unknown3;
120	uint8_t				rates[20];
121} __packed;
122
123#define UPGT_X2_SIGNATURE_SIZE		4
124#define UPGT_X2_SIGNATURE		"x2  "
125struct upgt_fw_x2_header {
126	uint8_t				signature[4];
127	uint32_t			startaddr;
128	uint32_t			len;
129	uint32_t			crc;
130} __packed;
131
132/*
133 * EEPROM.
134 */
135#define UPGT_EEPROM_SIZE		8192
136#define UPGT_EEPROM_BLOCK_SIZE		1020
137
138struct upgt_eeprom_header {
139	/* 14 bytes */
140	uint32_t			magic;
141	uint16_t			pad1;
142	uint16_t			preamble_len;
143	uint32_t			pad2;
144	/* data */
145} __packed;
146
147#define UPGT_EEPROM_TYPE_END		0x0000
148#define UPGT_EEPROM_TYPE_NAME		0x0001
149#define UPGT_EEPROM_TYPE_SERIAL		0x0003
150#define UPGT_EEPROM_TYPE_MAC		0x0101
151#define UPGT_EEPROM_TYPE_HWRX		0x1001
152#define UPGT_EEPROM_TYPE_CHIP		0x1002
153#define UPGT_EEPROM_TYPE_FREQ3		0x1903
154#define UPGT_EEPROM_TYPE_FREQ4		0x1904
155#define UPGT_EEPROM_TYPE_FREQ5		0x1905
156#define UPGT_EEPROM_TYPE_FREQ6		0x1906
157#define UPGT_EEPROM_TYPE_OFF		0xffff
158struct upgt_eeprom_option {
159	uint16_t			len;
160	uint16_t			type;
161	uint8_t				data[];
162	/* data */
163} __packed;
164
165#define UPGT_EEPROM_RX_CONST		0x88
166struct upgt_eeprom_option_hwrx {
167	uint32_t			pad1;
168	uint8_t				rxfilter;
169	uint8_t				pad2[15];
170} __packed;
171
172struct upgt_eeprom_freq3_header {
173	uint8_t				flags;
174	uint8_t				elements;
175} __packed;
176
177struct upgt_eeprom_freq4_header {
178	uint8_t				flags;
179	uint8_t				elements;
180	uint8_t				settings;
181	uint8_t				type;
182} __packed;
183
184struct upgt_eeprom_freq4_1 {
185	uint16_t			freq;
186	uint8_t				data[50];
187} __packed;
188
189struct upgt_eeprom_freq4_2 {
190	uint16_t			head;
191	uint8_t				subtails[4];
192	uint8_t				tail;
193} __packed;
194
195/*
196 * LMAC protocol.
197 */
198struct upgt_lmac_mem {
199	uint32_t			addr;
200	uint32_t			chksum;
201} __packed;
202
203#define UPGT_H1_FLAGS_TX_MGMT		0x00	/* for TX: mgmt frame */
204#define UPGT_H1_FLAGS_TX_NO_CALLBACK	0x01	/* for TX: no USB callback */
205#define UPGT_H1_FLAGS_TX_DATA		0x10	/* for TX: data frame */
206#define UPGT_H1_TYPE_RX_DATA		0x00	/* 802.11 RX data frame */
207#define UPGT_H1_TYPE_RX_DATA_MGMT	0x04	/* 802.11 RX mgmt frame */
208#define UPGT_H1_TYPE_TX_DATA		0x40	/* 802.11 TX data frame */
209#define UPGT_H1_TYPE_CTRL		0x80	/* control frame */
210struct upgt_lmac_h1 {
211	/* 4 bytes */
212	uint8_t				flags;
213	uint8_t				type;
214	uint16_t			len;
215} __packed;
216
217#define UPGT_H2_TYPE_TX_ACK_NO		0x0000
218#define UPGT_H2_TYPE_TX_ACK_YES		0x0001
219#define UPGT_H2_TYPE_MACFILTER		0x0000
220#define UPGT_H2_TYPE_CHANNEL		0x0001
221#define UPGT_H2_TYPE_TX_DONE		0x0008
222#define UPGT_H2_TYPE_STATS		0x000a
223#define UPGT_H2_TYPE_EEPROM		0x000c
224#define UPGT_H2_TYPE_LED		0x000d
225#define UPGT_H2_FLAGS_TX_ACK_NO		0x0101
226#define UPGT_H2_FLAGS_TX_ACK_YES	0x0707
227struct upgt_lmac_h2 {
228	/* 8 bytes */
229	uint32_t			reqid;
230	uint16_t			type;
231	uint16_t			flags;
232} __packed;
233
234struct upgt_lmac_header {
235	/* 12 bytes */
236	struct upgt_lmac_h1		header1;
237	struct upgt_lmac_h2		header2;
238} __packed;
239
240struct upgt_lmac_eeprom {
241	/* 16 bytes */
242	struct upgt_lmac_h1		header1;
243	struct upgt_lmac_h2		header2;
244	uint16_t			offset;
245	uint16_t			len;
246	/* data */
247} __packed;
248
249#define UPGT_FILTER_TYPE_NONE		0x0000
250#define UPGT_FILTER_TYPE_STA		0x0001
251#define UPGT_FILTER_TYPE_IBSS		0x0002
252#define UPGT_FILTER_TYPE_HOSTAP		0x0004
253#define UPGT_FILTER_TYPE_MONITOR	0x0010
254#define UPGT_FILTER_TYPE_RESET		0x0020
255#define UPGT_FILTER_UNKNOWN1		0x0002
256#define UPGT_FILTER_UNKNOWN2		0x0ca8
257#define UPGT_FILTER_UNKNOWN3		0xffff
258struct upgt_lmac_filter {
259	struct upgt_lmac_h1		header1;
260	struct upgt_lmac_h2		header2;
261	/* 32 bytes */
262	uint16_t			type;
263	uint8_t				dst[IEEE80211_ADDR_LEN];
264	uint8_t				src[IEEE80211_ADDR_LEN];
265	uint16_t			unknown1;
266	uint32_t			rxaddr;
267	uint16_t			unknown2;
268	uint32_t			rxhw;
269	uint16_t			unknown3;
270	uint32_t			unknown4;
271} __packed;
272
273/* frequence 3 data */
274struct upgt_lmac_freq3 {
275	uint16_t			freq;
276	uint8_t				data[6];
277} __packed;
278
279/* frequence 4 data */
280struct upgt_lmac_freq4 {
281	struct upgt_eeprom_freq4_2	cmd;
282	uint8_t				pad;
283};
284
285/* frequence 6 data */
286struct upgt_lmac_freq6 {
287	uint16_t			freq;
288	uint8_t				data[8];
289} __packed;
290
291#define UPGT_CHANNEL_UNKNOWN1		0x0001
292#define UPGT_CHANNEL_UNKNOWN2		0x0000
293#define UPGT_CHANNEL_UNKNOWN3		0x48
294struct upgt_lmac_channel {
295	struct upgt_lmac_h1		header1;
296	struct upgt_lmac_h2		header2;
297	/* 112 bytes */
298	uint16_t			unknown1;
299	uint16_t			unknown2;
300	uint8_t				pad1[20];
301	struct upgt_lmac_freq6		freq6;
302	uint8_t				settings;
303	uint8_t				unknown3;
304	uint8_t				freq3_1[4];
305	struct upgt_lmac_freq4		freq4[8];
306	uint8_t				freq3_2[4];
307	uint32_t			pad2;
308} __packed;
309
310#define UPGT_LED_MODE_SET		0x0003
311#define UPGT_LED_ACTION_OFF		0x0002
312#define UPGT_LED_ACTION_ON		0x0003
313#define UPGT_LED_ACTION_TMP_DUR		100		/* ms */
314struct upgt_lmac_led {
315	struct upgt_lmac_h1		header1;
316	struct upgt_lmac_h2		header2;
317	uint16_t			mode;
318	uint16_t			action_fix;
319	uint16_t			action_tmp;
320	uint16_t			action_tmp_dur;
321} __packed;
322
323struct upgt_lmac_stats {
324	struct upgt_lmac_h1		header1;
325	struct upgt_lmac_h2		header2;
326	uint8_t				data[76];
327} __packed;
328
329struct upgt_lmac_rx_desc {
330	struct upgt_lmac_h1		header1;
331	/* 16 bytes */
332	uint16_t			freq;
333	uint8_t				unknown1;
334	uint8_t				rate;
335	uint8_t				rssi;
336	uint8_t				pad;
337	uint16_t			unknown2;
338	uint32_t			timestamp;
339	uint32_t			unknown3;
340	uint8_t				data[];
341} __packed;
342
343#define UPGT_TX_DESC_KEY_EXISTS		0x01
344struct upgt_lmac_tx_desc_wep {
345	uint8_t				key_exists;
346	uint8_t				key_len;
347	uint8_t				key_val[16];
348} __packed;
349
350#define UPGT_TX_DESC_TYPE_BEACON	0x00000000
351#define UPGT_TX_DESC_TYPE_PROBE		0x00000001
352#define UPGT_TX_DESC_TYPE_MGMT		0x00000002
353#define UPGT_TX_DESC_TYPE_DATA		0x00000004
354#define UPGT_TX_DESC_PAD3_SIZE		2
355struct upgt_lmac_tx_desc {
356	struct upgt_lmac_h1		header1;
357	struct upgt_lmac_h2		header2;
358	uint8_t				rates[8];
359	uint16_t			pad1;
360	struct upgt_lmac_tx_desc_wep	wep_key;
361	uint32_t			type;
362	uint32_t			pad2;
363	uint32_t			unknown1;
364	uint32_t			unknown2;
365	uint8_t				pad3[2];
366	/* 802.11 frame data */
367} __packed;
368
369#define UPGT_TX_DONE_DESC_STATUS_OK	0x0001
370struct upgt_lmac_tx_done_desc {
371	struct upgt_lmac_h1		header1;
372	struct upgt_lmac_h2		header2;
373	uint16_t			status;
374	uint16_t			rssi;
375	uint16_t			seq;
376	uint16_t			unknown;
377} __packed;
378
379/*
380 * Prism memory.
381 */
382struct upgt_memory_page {
383	uint8_t				used;
384	uint32_t			addr;
385} __packed;
386
387#define UPGT_MEMORY_MAX_PAGES		8
388struct upgt_memory {
389	uint8_t				pages;
390	struct upgt_memory_page		page[UPGT_MEMORY_MAX_PAGES];
391} __packed;
392
393/*
394 * Softc.
395 */
396struct upgt_softc {
397	device_t		 sc_dev;
398	struct ethercom		 sc_ec;
399#define sc_if	sc_ec.ec_if
400
401	usbd_device_handle	 sc_udev;
402	usbd_interface_handle	 sc_iface;
403	int			 sc_rx_no;
404	int			 sc_tx_no;
405	struct usb_task		 sc_task_newstate;
406	struct usb_task		 sc_task_tx;
407	usbd_pipe_handle	 sc_rx_pipeh;
408	usbd_pipe_handle	 sc_tx_pipeh;
409
410	struct upgt_data	 tx_data[UPGT_TX_COUNT];
411	struct upgt_data	 rx_data;
412	struct upgt_data	 cmd_data;
413	int			 tx_queued;
414	kmutex_t		 sc_mtx;
415
416	uint8_t			 sc_device_type;
417	struct ieee80211com	 sc_ic;
418	enum ieee80211_state	 sc_state;
419	int			 sc_arg;
420	int			 (*sc_newstate)(struct ieee80211com *,
421				     enum ieee80211_state, int);
422	callout_t		 scan_to;
423	callout_t		 led_to;
424	int			 sc_led_blink;
425	uint8_t			 sc_cur_rateset[8];
426
427	int			 sc_flags;
428	uint8_t			*sc_fw;
429	size_t			 sc_fw_size;
430	int			 sc_fw_type;
431
432	/* memory addresses on device */
433	uint32_t		 sc_memaddr_frame_start;
434	uint32_t		 sc_memaddr_frame_end;
435	uint32_t		 sc_memaddr_rx_start;
436	struct upgt_memory	 sc_memory;
437
438	/* data which we found in the EEPROM */
439	uint8_t			 sc_eeprom[UPGT_EEPROM_SIZE];
440	uint16_t		 sc_eeprom_hwrx;
441	struct upgt_lmac_freq3	 sc_eeprom_freq3[IEEE80211_CHAN_MAX];
442	struct upgt_lmac_freq4	 sc_eeprom_freq4[IEEE80211_CHAN_MAX][8];
443	struct upgt_lmac_freq6	 sc_eeprom_freq6[IEEE80211_CHAN_MAX];
444	uint8_t			 sc_eeprom_freq6_settings;
445
446	/* radio tap */
447	struct bpf_if		*sc_drvbpf;
448
449	/* RX */
450	union {
451				 struct upgt_rx_radiotap_header th;
452				 uint8_t pad[64];
453	}			 sc_rxtapu;
454#define sc_rxtap		 sc_rxtapu.th
455	int			 sc_rxtap_len;
456
457	/* TX */
458	union {
459				 struct upgt_tx_radiotap_header th;
460				 uint8_t pad[64];
461	}			 sc_txtapu;
462#define sc_txtap		 sc_txtapu.th
463	int			 sc_txtap_len;
464};
465