/* $OpenBSD: if_atureg.h,v 1.25 2005/07/07 22:47:08 dlg Exp $ */ /* * Copyright (c) 2003 * Daan Vreeken . All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by Daan Vreeken. * 4. Neither the name of the author nor the names of any co-contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY DAAN VREEKEN AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL Daan Vreeken OR THE VOICES IN HIS HEAD * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF * THE POSSIBILITY OF SUCH DAMAGE. * */ #define ATU_CONFIG_NO 1 #define ATU_IFACE_IDX 0 /* the number of simultaniuously requested RX transfers */ #define ATU_RX_LIST_CNT 1 /* * the number of simultaniously started TX transfers * my measurements : * 1 430.82 KB/sec * 2 534.66 KB/sec * 3 536.23 KB/sec * 4 537.80 KB/sec * 6 537.30 KB/sec * 8 535.31 KB/sec * 16 535.68 KB/sec * 128 535.67 KB/sec (before you ask : yes, 128 is silly :) * (+/- 24% increase) */ #define ATU_TX_LIST_CNT 8 /* * According to the 802.11 spec (7.1.2) the frame body can be up to 2312 bytes */ #define ATU_RX_BUFSZ (ATU_RX_HDRLEN + \ sizeof(struct ieee80211_frame_addr4) + 2312 + 4) /* BE CAREFULL! should add ATU_TX_PADDING */ #define ATU_TX_BUFSZ (ATU_TX_HDRLEN + \ sizeof(struct ieee80211_frame_addr4) + 2312) #define ATU_MIN_FRAMELEN 60 /* * Sending packets of more than 1500 bytes confuses some access points, so the * default MTU is set to 1500 but can be increased up to 2310 bytes using * ifconfig */ #define ATU_DEFAULT_MTU 1500 #define ATU_MAX_MTU (2312 - 2) #define ATU_ENDPT_RX 0x0 #define ATU_ENDPT_TX 0x1 #define ATU_ENDPT_MAX 0x2 #define ATU_TX_TIMEOUT 10000 #define ATU_JOIN_TIMEOUT 2000 #define ATU_NO_QUIRK 0x0000 #define ATU_QUIRK_NO_REMAP 0x0001 #define ATU_QUIRK_FW_DELAY 0x0002 #define ATU_DEFAULT_SSID "" #define ATU_DEFAULT_CHANNEL 10 enum atu_radio_type { RadioRFMD = 0, RadioRFMD2958, RadioRFMD2958_SMC, RadioIntersil, AT76C503_i3863, AT76C503_rfmd_acc, AT76C505_rfmd }; struct atu_type { u_int16_t atu_vid; u_int16_t atu_pid; enum atu_radio_type atu_radio; u_int16_t atu_quirk; }; struct atu_softc; struct atu_chain { struct atu_softc *atu_sc; usbd_xfer_handle atu_xfer; char *atu_buf; struct mbuf *atu_mbuf; u_int8_t atu_idx; u_int16_t atu_length; int atu_in_xfer; SLIST_ENTRY(atu_chain) atu_list; }; /* Radio capture format */ #define ATU_RX_RADIOTAP_PRESENT \ ((1 << IEEE80211_RADIOTAP_TSFT) | \ (1 << IEEE80211_RADIOTAP_FLAGS) | \ (1 << IEEE80211_RADIOTAP_RATE) | \ (1 << IEEE80211_RADIOTAP_CHANNEL) | \ (1 << IEEE80211_RADIOTAP_LOCK_QUALITY) | \ (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL) | \ 0) struct atu_rx_radiotap_header { struct ieee80211_radiotap_header rr_ihdr; u_int64_t rr_tsft; u_int8_t rr_flags; u_int8_t rr_rate; u_int16_t rr_chan_freq; u_int16_t rr_chan_flags; u_int16_t rr_barker_lock; u_int8_t rr_antsignal; } __attribute__((__packed__)); #define ATU_TX_RADIOTAP_PRESENT \ ((1 << IEEE80211_RADIOTAP_FLAGS) | \ (1 << IEEE80211_RADIOTAP_RATE) | \ (1 << IEEE80211_RADIOTAP_CHANNEL) | \ 0) struct atu_tx_radiotap_header { struct ieee80211_radiotap_header rt_ihdr; u_int8_t rt_flags; u_int8_t rt_rate; u_int16_t rt_chan_freq; u_int16_t rt_chan_flags; } __attribute__((__packed__)); struct atu_cdata { struct atu_chain atu_tx_chain[ATU_TX_LIST_CNT]; struct atu_chain atu_rx_chain[ATU_RX_LIST_CNT]; SLIST_HEAD(atu_list_head, atu_chain) atu_rx_free; struct atu_list_head atu_tx_free; u_int8_t atu_tx_inuse; u_int8_t atu_tx_last_idx; }; #define MAX_SSID_LEN 32 #define ATU_AVG_TIME 20 struct atu_softc { USBBASEDEVICE atu_dev; struct ieee80211com sc_ic; int (*sc_newstate)(struct ieee80211com *, enum ieee80211_state, int); char sc_state; #define ATU_S_DEAD 0 #define ATU_S_OK 1 #define ATU_S_UNCONFIG 2 char sc_cmd; #define ATU_C_NONE 0 #define ATU_C_SCAN 1 #define ATU_C_JOIN 2 struct usb_task sc_task; usbd_device_handle atu_udev; usbd_interface_handle atu_iface; struct ifmedia atu_media; int atu_ed[ATU_ENDPT_MAX]; usbd_pipe_handle atu_ep[ATU_ENDPT_MAX]; int atu_unit; int atu_if_flags; struct atu_cdata atu_cdata; struct timeval atu_rx_notice; u_int8_t atu_bssid[ETHER_ADDR_LEN]; enum atu_radio_type atu_radio; u_int16_t atu_quirk; u_int8_t atu_channel; u_int16_t atu_desired_channel; u_int8_t atu_mode; #define NO_MODE_YET 0 #define AD_HOC_MODE 1 #define INFRASTRUCTURE_MODE 2 u_int8_t atu_radio_on; caddr_t sc_radiobpf; union { struct atu_rx_radiotap_header tap; u_int8_t pad[64]; } sc_rxtapu; union { struct atu_tx_radiotap_header tap; u_int8_t pad[64]; } sc_txtapu; }; #define sc_rxtap sc_rxtapu.tap #define sc_txtap sc_txtapu.tap /* Commands for uploading the firmware (standard DFU interface) */ #define DFU_DNLOAD UT_WRITE_CLASS_INTERFACE, 0x01 #define DFU_GETSTATUS UT_READ_CLASS_INTERFACE, 0x03 #define DFU_GETSTATE UT_READ_CLASS_INTERFACE, 0x05 #define DFU_REMAP UT_WRITE_VENDOR_INTERFACE, 0x0a /* DFU states */ #define DFUState_AppIdle 0 #define DFUState_AppDetach 1 #define DFUState_DFUIdle 2 #define DFUState_DnLoadSync 3 #define DFUState_DnLoadBusy 4 #define DFUState_DnLoadIdle 5 #define DFUState_ManifestSync 6 #define DFUState_Manifest 7 #define DFUState_ManifestWait 8 #define DFUState_UploadIdle 9 #define DFUState_DFUError 10 #define DFU_MaxBlockSize 1024 /* AT76c503 operating modes */ #define MODE_NONE 0x00 #define MODE_NETCARD 0x01 #define MODE_CONFIG 0x02 #define MODE_DFU 0x03 #define MODE_NOFLASHNETCARD 0x04 /* AT76c503 commands */ #define CMD_SET_MIB 0x01 #define CMD_START_SCAN 0x03 #define CMD_JOIN 0x04 #define CMD_START_IBSS 0x05 #define CMD_RADIO 0x06 #define CMD_RADIO_ON 0x06 #define CMD_RADIO_OFF 0x07 #define CMD_STARTUP 0x0b /* AT76c503 status messages - used in atu_wait_completion */ #define STATUS_IDLE 0x00 #define STATUS_COMPLETE 0x01 #define STATUS_UNKNOWN 0x02 #define STATUS_INVALID_PARAMETER 0x03 #define STATUS_FUNCTION_NOT_SUPPORTED 0x04 #define STATUS_TIME_OUT 0x07 #define STATUS_IN_PROGRESS 0x08 #define STATUS_HOST_FAILURE 0xff #define STATUS_SCAN_FAILED 0xf0 /* AT76c503 command header */ struct atu_cmd { uByte Cmd; uByte Reserved; uWord Size; } UPACKED; /* CMD_SET_MIB command (0x01) */ struct atu_cmd_set_mib { /* AT76c503 command header */ uByte AtCmd; uByte AtReserved; uWord AtSize; /* MIB header */ uByte MIBType; uByte MIBSize; uByte MIBIndex; uByte MIBReserved; /* MIB data */ uByte data[72]; } UPACKED; /* CMD_STARTUP command (0x0b) */ struct atu_cmd_card_config { uByte Cmd; uByte Reserved; uWord Size; uByte ExcludeUnencrypted; uByte PromiscuousMode; uByte ShortRetryLimit; uByte EncryptionType; uWord RTS_Threshold; uWord FragThreshold; /* 256 .. 2346 */ uByte BasicRateSet[4]; uByte AutoRateFallback; uByte Channel; uByte PrivacyInvoked; /* wep */ uByte WEP_DefaultKeyID; /* 0 .. 3 */ uByte SSID[MAX_SSID_LEN]; uByte WEP_DefaultKey[4][13]; uByte SSID_Len; uByte ShortPreamble; uWord BeaconPeriod; } UPACKED; /* CMD_SCAN command (0x03) */ struct atu_cmd_do_scan { uByte Cmd; uByte Reserved; uWord Size; uByte BSSID[ETHER_ADDR_LEN]; uByte SSID[MAX_SSID_LEN]; uByte ScanType; uByte Channel; uWord ProbeDelay; uWord MinChannelTime; uWord MaxChannelTime; uByte SSID_Len; uByte InternationalScan; } UPACKED; #define ATU_SCAN_ACTIVE 0x00 #define ATU_SCAN_PASSIVE 0x01 /* CMD_JOIN command (0x04) */ struct atu_cmd_join { uByte Cmd; uByte Reserved; uWord Size; uByte bssid[ETHER_ADDR_LEN]; uByte essid[32]; uByte bss_type; uByte channel; uWord timeout; uByte essid_size; uByte reserved; } UPACKED; /* CMD_START_IBSS (0x05) */ struct atu_cmd_start_ibss { uByte Cmd; uByte Reserved; uWord Size; uByte BSSID[ETHER_ADDR_LEN]; uByte SSID[32]; uByte BSSType; uByte Channel; uByte SSIDSize; uByte Res[3]; } UPACKED; /* * The At76c503 adapters come with different types of radios on them. * At this moment the driver supports adapters with RFMD and Intersil radios. */ /* The config structure of an RFMD radio */ struct atu_rfmd_conf { u_int8_t CR20[14]; u_int8_t CR21[14]; u_int8_t BB_CR[14]; u_int8_t PidVid[4]; u_int8_t MACAddr[ETHER_ADDR_LEN]; u_int8_t RegulatoryDomain; u_int8_t LowPowerValues[14]; u_int8_t NormalPowerValues[14]; u_int8_t Reserved[3]; /* then we have 84 bytes, somehow Windows reads 95?? */ u_int8_t Rest[11]; } UPACKED; /* The config structure of an Intersil radio */ struct atu_intersil_conf { u_int8_t MACAddr[ETHER_ADDR_LEN]; /* From the HFA3861B manual : */ /* Manual TX power control (7bit : -64 to 63) */ u_int8_t CR31[14]; /* TX power measurement */ u_int8_t CR58[14]; u_int8_t PidVid[4]; u_int8_t RegulatoryDomain; u_int8_t Reserved[1]; } UPACKED; /* Firmware information request */ struct atu_fw { u_int8_t major; u_int8_t minor; u_int8_t patch; u_int8_t build; } UPACKED; /* * The header the AT76c503 puts in front of RX packets (for both managment & * data) */ struct atu_rx_hdr { uWord length; uByte rx_rate; uByte newbss; uByte fragmentation; uByte rssi; uByte link_quality; uByte noise_level; uDWord rx_time; } UPACKED; #define ATU_RX_HDRLEN sizeof(struct atu_rx_hdr) /* * The header we have to put in front of a TX packet before sending it to the * AT76c503 */ struct atu_tx_hdr { uWord length; uByte tx_rate; uByte padding; uByte reserved[4]; } UPACKED; #define ATU_TX_HDRLEN sizeof(struct atu_tx_hdr) #define NR(x) (void *)((long)x) /* * The linux driver uses seperate routines for every mib request they do * (eg. set_radio / set_preamble / set_frag / etc etc ) * We just define a list of types, sizes and offsets and use those */ /* Name Type Size Index */ #define MIB_LOCAL 0x01 #define MIB_LOCAL__BEACON_ENABLE MIB_LOCAL, 1, 2 #define MIB_LOCAL__AUTO_RATE_FALLBACK MIB_LOCAL, 1, 3 #define MIB_LOCAL__SSID_SIZE MIB_LOCAL, 1, 5 #define MIB_LOCAL__PREAMBLE MIB_LOCAL, 1, 9 #define MIB_MAC_ADDR 0x02 #define MIB_MAC_ADDR__ADDR MIB_MAC_ADDR, 6, 0 #define MIB_MAC 0x03 #define MIB_MAC__FRAG MIB_MAC, 2, 8 #define MIB_MAC__RTS MIB_MAC, 2, 10 #define MIB_MAC__DESIRED_SSID MIB_MAC, 32, 28 #define MIB_MAC_MGMT 0x05 #define MIB_MAC_MGMT__BEACON_PERIOD MIB_MAC_MGMT, 2, 0 #define MIB_MAC_MGMT__CURRENT_BSSID MIB_MAC_MGMT, 6, 14 #define MIB_MAC_MGMT__CURRENT_ESSID MIB_MAC_MGMT, 32, 20 #define MIB_MAC_MGMT__POWER_MODE MIB_MAC_MGMT, 1, 53 #define MIB_MAC_MGMT__IBSS_CHANGE MIB_MAC_MGMT, 1, 54 #define MIB_MAC_WEP 0x06 #define MIB_MAC_WEP__PRIVACY_INVOKED MIB_MAC_WEP, 1, 0 #define MIB_MAC_WEP__KEY_ID MIB_MAC_WEP, 1, 1 #define MIB_MAC_WEP__ICV_ERROR_COUNT MIB_MAC_WEP, 4, 4 #define MIB_MAC_WEP__EXCLUDED_COUNT MIB_MAC_WEP, 4, 8 #define MIB_MAC_WEP__KEYS(nr) MIB_MAC_WEP, 13, 12+(nr)*13 #define MIB_MAC_WEP__ENCR_LEVEL MIB_MAC_WEP, 1, 64 #define MIB_PHY 0x07 #define MIB_PHY__CHANNEL MIB_PHY, 1, 20 #define MIB_PHY__REG_DOMAIN MIB_PHY, 1, 23 #define MIB_FW_VERSION 0x08 #define MIB_DOMAIN 0x09 #define MIB_DOMAIN__POWER_LEVELS MIB_DOMAIN, 14, 0 #define MIB_DOMAIN__CHANNELS MIB_DOMAIN, 14, 14 #define ATU_WEP_OFF 0 #define ATU_WEP_40BITS 1 #define ATU_WEP_104BITS 2 #define POWER_MODE_ACTIVE 1 #define POWER_MODE_SAVE 2 #define POWER_MODE_SMART 3 #define PREAMBLE_SHORT 1 #define PREAMBLE_LONG 0