summaryrefslogtreecommitdiff
path: root/sys/dev/usb/if_upgtvar.h
blob: 405fd2324068db5f994405a2070749d22a449a17 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
/*	$OpenBSD: if_upgtvar.h,v 1.1 2007/12/16 09:05:53 mglocker Exp $ */

/*
 * Copyright (c) 2007 Marcus Glocker <mglocker@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

struct upgt_softc;

/*
 * Radio tap.
 */
struct upgt_rx_radiotap_header {
	struct ieee80211_radiotap_header wr_ihdr;
	uint8_t				wr_flags;
	uint8_t				wr_rate;
	uint16_t			wr_chan_freq;
	uint16_t			wr_chan_flags;
	uint8_t				wr_antenna;
	uint8_t				wr_antsignal;
} __packed;

#define UPGT_RX_RADIOTAP_PRESENT					\
	((1 << IEEE80211_RADIOTAP_FLAGS) |				\
	 (1 << IEEE80211_RADIOTAP_RATE) |				\
	 (1 << IEEE80211_RADIOTAP_CHANNEL) |				\
	 (1 << IEEE80211_RADIOTAP_ANTENNA) |				\
	 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL))

struct upgt_tx_radiotap_header {
	struct ieee80211_radiotap_header wt_ihdr;
	uint8_t				wt_flags;
	uint8_t				wt_rate;
	uint16_t			wt_chan_freq;
	uint16_t			wt_chan_flags;
	uint8_t				wt_antenna;
} __packed;

#define UPGT_TX_RADIOTAP_PRESENT					\
	((1 << IEEE80211_RADIOTAP_FLAGS) |				\
	 (1 << IEEE80211_RADIOTAP_RATE) |				\
	 (1 << IEEE80211_RADIOTAP_CHANNEL) |				\
	 (1 << IEEE80211_RADIOTAP_ANTENNA))

/*
 * General values.
 */
#define UPGT_IFACE_INDEX		0
#define UPGT_CONFIG_NO			1
#define UPGT_USB_TIMEOUT		1000
#define UPGT_FIRMWARE_TIMEOUT		10

#define UPGT_MEMADDR_FIRMWARE_START	0x00020000	/* 512 bytes large */
#define UPGT_MEMSIZE_FRAME_HEAD		0x0070
#define UPGT_MEMSIZE_RX			0x3500

#define UPGT_TX_COUNT			6

/* device flags */
#define UPGT_DEVICE_ATTACHED		(1 << 0)

/*
 * USB xfers.
 */
struct upgt_data {
	struct upgt_softc		*sc;
	usbd_xfer_handle		 xfer;
	void				*buf;
	struct ieee80211_node		*ni;
	struct mbuf			*m;
	uint32_t			 addr;
};

/*
 * Firmware.
 */
#define UPGT_FW_BLOCK_SIZE		512

#define UPGT_BRA_FWTYPE_SIZE		4
#define UPGT_BRA_FWTYPE_LM86		"LM86"
#define UPGT_BRA_FWTYPE_LM87		"LM87"
#define UPGT_BRA_FWTYPE_FMAC		"FMAC"
enum upgt_fw_type {
	UPGT_FWTYPE_LM86,
	UPGT_FWTYPE_LM87,
	UPGT_FWTYPE_FMAC
};

#define UPGT_BRA_TYPE_FW		0x80000001
#define UPGT_BRA_TYPE_VERSION		0x80000002
#define UPGT_BRA_TYPE_DEPIF		0x80000003
#define UPGT_BRA_TYPE_EXPIF		0x80000004
#define UPGT_BRA_TYPE_DESCR		0x80000101
#define UPGT_BRA_TYPE_END		0xff0000ff
struct upgt_fw_bra_option {
	uint32_t			type;
	uint32_t			len;
	uint8_t				data[];
} __packed;

struct upgt_fw_bra_descr {
	uint32_t			unknown1;
	uint32_t			memaddr_space_start;
	uint32_t			memaddr_space_end;
	uint32_t			unknown2;
	uint32_t			unknown3;
	uint8_t				rates[20];
} __packed;

#define UPGT_X2_SIGNATURE_SIZE		4
#define UPGT_X2_SIGNATURE		"x2  "
struct upgt_fw_x2_header {
	uint8_t				signature[4];
	uint32_t			startaddr;
	uint32_t			len;
	uint32_t			crc;
} __packed;

/*
 * EEPROM.
 */
#define UPGT_EEPROM_SIZE		8192
#define UPGT_EEPROM_BLOCK_SIZE		1020

struct upgt_eeprom_header {
	/* 14 bytes */
	uint32_t			magic;
	uint16_t			pad1;
	uint16_t			preamble_len;
	uint32_t			pad2;
	/* data */
} __packed;

#define UPGT_EEPROM_TYPE_END		0x0000
#define UPGT_EEPROM_TYPE_NAME		0x0001
#define UPGT_EEPROM_TYPE_SERIAL		0x0003
#define UPGT_EEPROM_TYPE_MAC		0x0101
#define UPGT_EEPROM_TYPE_HWRX		0x1001
#define UPGT_EEPROM_TYPE_CHIP		0x1002
#define UPGT_EEPROM_TYPE_FREQ3		0x1903
#define UPGT_EEPROM_TYPE_FREQ4		0x1904
#define UPGT_EEPROM_TYPE_FREQ5		0x1905
#define UPGT_EEPROM_TYPE_FREQ6		0x1906
#define UPGT_EEPROM_TYPE_OFF		0xffff
struct upgt_eeprom_option {
	uint16_t			len;
	uint16_t			type;
	uint8_t				data[];
	/* data */
} __packed;

#define UPGT_EEPROM_RX_CONST		0x88
struct upgt_eeprom_option_hwrx {
	uint32_t			pad1;
	uint8_t				rxfilter;
	uint8_t				pad2[15];
} __packed;

struct upgt_eeprom_freq3_header {
	uint8_t				flags;
	uint8_t				elements;
} __packed;

struct upgt_eeprom_freq4_header {
	uint8_t				flags;
	uint8_t				elements;
	uint8_t				settings;
	uint8_t				type;
} __packed;

struct upgt_eeprom_freq4_1 {
	uint16_t			freq;
	uint8_t				data[50];
} __packed;

struct upgt_eeprom_freq4_2 {
	uint16_t			head;
	uint8_t				subtails[4];
	uint8_t				tail;
} __packed;

/*
 * LMAC protocol.
 */
#define UPGT_H1_FLAGS_TX_MGMT		0x00	/* for TX: mgmt frame */
#define UPGT_H1_FLAGS_TX_NO_CALLBACK	0x01	/* for TX: no USB callback */
#define UPGT_H1_FLAGS_TX_DATA		0x10	/* for TX: data frame */
#define UPGT_H1_TYPE_DATA_RX		0x00	/* 802.11 RX data frame */
#define UPGT_H1_TYPE_DATA_RX_MGMT	0x01	/* 802.11 RX mgmt frame */
#define UPGT_H1_TYPE_DATA_TX		0x40	/* 802.11 TX data frame */
#define UPGT_H1_TYPE_CTRL		0x80	/* control frame */
struct upgt_lmac_h1 {
	/* 4 bytes */
	uint8_t				flags;
	uint8_t				type;
	uint16_t			len;
} __packed;

#define UPGT_H2_TYPE_TX_NOACK		0x0000	/* for TX */
#define UPGT_H2_TYPE_MACFILTER		0x0000
#define UPGT_H2_TYPE_CHANNEL		0x0001
#define UPGT_H2_TYPE_TX_DONE		0x0008
#define UPGT_H2_TYPE_EEPROM		0x000c
struct upgt_lmac_h2 {
	/* 8 bytes */
	uint32_t			reqid;
	uint16_t			type;
	uint16_t			flags;
} __packed;

struct upgt_lmac_header {
	/* 12 bytes */
	struct upgt_lmac_h1		header1;
	struct upgt_lmac_h2		header2;
} __packed;

struct upgt_lmac_eeprom {
	/* 16 bytes */
	struct upgt_lmac_h1		header1;
	struct upgt_lmac_h2		header2;
	uint16_t			offset;
	uint16_t			len;
	/* data */
} __packed;

#define UPGT_FILTER_TYPE_NONE		0x0000
#define UPGT_FILTER_TYPE_STA		0x0001
#define UPGT_FILTER_TYPE_IBSS		0x0002
#define UPGT_FILTER_TYPE_HOSTAP		0x0004
#define UPGT_FILTER_TYPE_MONITOR	0x0010
#define UPGT_FILTER_UNKNOWN2_STA	0x0000015f
#define UPGT_FILTER_UNKNOWN5_V2		0x0620
#define UPGT_FILTER_UNKNOWN6_STA	0x01f4
struct upgt_lmac_filter {
	struct upgt_lmac_h1		header1;
	struct upgt_lmac_h2		header2;
	/* 40 bytes */
	uint16_t			type;
	uint8_t				dst[IEEE80211_ADDR_LEN];
	uint8_t				src[IEEE80211_ADDR_LEN];
	uint16_t			unknown1;
	uint32_t			unknown2;
	uint32_t			unknown3;
	uint32_t			unknown4;
	uint32_t			rxaddr;
	uint16_t			unknown5;
	uint16_t			rxhw;
	uint16_t			unknown6;
	uint16_t			unknown7;
} __packed;

/* frequence 3 data */
struct upgt_lmac_freq3 {
	uint16_t			freq;
	uint8_t				data[6];
} __packed;

/* frequence 4 data */
struct upgt_lmac_freq4 {
	struct upgt_eeprom_freq4_2	cmd;
	uint8_t				pad;
};

/* frequence 6 data */
struct upgt_lmac_freq6 {
	uint16_t			freq;
	uint8_t				data[8];
} __packed;

#define UPGT_CHANNEL_UNKNOWN1		0x0001
#define UPGT_CHANNEL_UNKNOWN2		0x0000
#define UPGT_CHANNEL_UNKNOWN3		0x48
struct upgt_lmac_channel {
	struct upgt_lmac_h1		header1;
	struct upgt_lmac_h2		header2;
	/* 112 bytes */
	uint16_t			unknown1;
	uint16_t			unknown2;
	uint8_t				pad1[20];
	struct upgt_lmac_freq6		freq6;
	uint8_t				settings;
	uint8_t				unknown3;
	uint8_t				freq3_1[4];	/* XXX wrong? */
	struct upgt_lmac_freq4		freq4[8];
	uint8_t				freq3_2[4];	/* XXX wrong? */
	uint32_t			pad2;
} __packed;

struct upgt_lmac_rx_desc {
	struct upgt_lmac_h1		header1;
	/* 16 bytes */
	uint16_t			freq;
	uint8_t				unknown1;
	uint8_t				rate;
	uint8_t				rssi;
	uint8_t				pad;
	uint16_t			unknown2;
	uint32_t			timestamp;
	uint32_t			unknown3;
	uint8_t				data[];
} __packed;

#define UPGT_TX_DESC_KEY_EXISTS		0x01
struct upgt_lmac_tx_desc_wep {
	uint8_t				key_exists;
	uint8_t				key_len;
	uint8_t				key_val[16];
} __packed;

#define UPGT_TX_DESC_TYPE_BEACON	0x00000000
#define UPGT_TX_DESC_TYPE_PROBE		0x00000001
#define UPGT_TX_DESC_TYPE_MGMT		0x00000002
#define UPGT_TX_DESC_TYPE_DATA		0x00000004
#define UPGT_TX_DESC_FRAME_PAD		4
struct upgt_lmac_tx_desc {
	struct upgt_lmac_h1		header1;
	struct upgt_lmac_h2		header2;
	uint8_t				rates[8];
	uint16_t			pad1;
	struct upgt_lmac_tx_desc_wep	wep_key;
	uint32_t			type;
	uint32_t			pad2;
	uint32_t			unknown1;
	uint32_t			unknown2;
	uint8_t				frame_pad;
	uint8_t				pad3[3];
	/* 802.11 frame data */
} __packed;

#define UPGT_TX_DONE_DESC_STATUS_OK	0x0001
struct upgt_lmac_tx_done_desc {
	struct upgt_lmac_h1		header1;
	struct upgt_lmac_h2		header2;
	uint16_t			status;
	uint16_t			rssi;
	uint16_t			seq;
	uint16_t			unknown;
} __packed;

/*
 * Prism memory.
 */
struct upgt_memory_page {
	uint8_t				used;
	uint32_t			addr;
} __packed;

#define UPGT_MEMORY_MAX_PAGES		8
struct upgt_memory {
	uint8_t				pages;
	struct upgt_memory_page		page[UPGT_MEMORY_MAX_PAGES];
} __packed;

/*
 * Softc.
 */
struct upgt_softc {
	struct device		 sc_dev;

	usbd_device_handle	 sc_udev;
	usbd_interface_handle	 sc_iface;
	int			 sc_rx_no;
	int			 sc_tx_no;
	struct usb_task		 sc_task_newstate;
	struct usb_task		 sc_task_tx;
	usbd_pipe_handle	 sc_rx_pipeh;
	usbd_pipe_handle	 sc_tx_pipeh;

	struct upgt_data	 tx_data[UPGT_TX_COUNT];
	struct upgt_data	 rx_data;
	struct upgt_data	 cmd_data;
	int			 tx_queued;

	struct ieee80211com	 sc_ic;
	enum ieee80211_state	 sc_state;
	int			 sc_arg;
	int			 (*sc_newstate)(struct ieee80211com *,
				     enum ieee80211_state, int);
	struct timeout		 scan_to;
	unsigned		 sc_curchan;

	int			 sc_flags;
	uint8_t			*sc_fw;
	size_t			 sc_fw_size;
	int			 sc_fw_type;

	/* memory addresses on device */
	uint32_t		 sc_memaddr_frame_start;
	uint32_t		 sc_memaddr_frame_end;
	uint32_t		 sc_memaddr_rx_start;
	struct upgt_memory	 sc_memory;

	/* data which we found in the EEPROM */
	uint8_t			 sc_eeprom[UPGT_EEPROM_SIZE];
	uint16_t		 sc_eeprom_hwrx;
	struct upgt_lmac_freq3	 sc_eeprom_freq3[IEEE80211_CHAN_MAX];
	struct upgt_lmac_freq4	 sc_eeprom_freq4[IEEE80211_CHAN_MAX][8];
	struct upgt_lmac_freq6	 sc_eeprom_freq6[IEEE80211_CHAN_MAX];
	uint8_t			 sc_eeprom_freq6_settings;

	/* radio tap */
#if NBPFILTER > 0
	caddr_t			 sc_drvbpf;

	/* RX */
	union {
				 struct upgt_rx_radiotap_header th;
				 uint8_t pad[64];
	}			 sc_rxtapu;
#define sc_rxtap		 sc_rxtapu.th
	int			 sc_rxtap_len;

	/* TX */
	union {
				 struct upgt_tx_radiotap_header th;
			 	 uint8_t pad[64];
	}			 sc_txtapu;
#define sc_txtap		 sc_txtapu.th
	int			 sc_txtap_len;
#endif
};