1 /* $OpenBSD: if_upgtvar.h,v 1.18 2022/01/09 05:43:00 jsg Exp $ */ 2 3 /* 4 * Copyright (c) 2007 Marcus Glocker <mglocker@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 struct upgt_softc; 20 21 /* 22 * Radio tap. 23 */ 24 struct upgt_rx_radiotap_header { 25 struct ieee80211_radiotap_header wr_ihdr; 26 uint8_t wr_flags; 27 uint8_t wr_rate; 28 uint16_t wr_chan_freq; 29 uint16_t wr_chan_flags; 30 uint8_t wr_antsignal; 31 } __packed; 32 33 #define UPGT_RX_RADIOTAP_PRESENT \ 34 ((1 << IEEE80211_RADIOTAP_FLAGS) | \ 35 (1 << IEEE80211_RADIOTAP_RATE) | \ 36 (1 << IEEE80211_RADIOTAP_CHANNEL) | \ 37 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL)) 38 39 struct upgt_tx_radiotap_header { 40 struct ieee80211_radiotap_header wt_ihdr; 41 uint8_t wt_flags; 42 uint8_t wt_rate; 43 uint16_t wt_chan_freq; 44 uint16_t wt_chan_flags; 45 } __packed; 46 47 #define UPGT_TX_RADIOTAP_PRESENT \ 48 ((1 << IEEE80211_RADIOTAP_FLAGS) | \ 49 (1 << IEEE80211_RADIOTAP_RATE) | \ 50 (1 << IEEE80211_RADIOTAP_CHANNEL)) 51 52 /* 53 * General values. 54 */ 55 #define UPGT_IFACE_INDEX 0 56 #define UPGT_CONFIG_NO 1 57 #define UPGT_USB_TIMEOUT 1000 58 #define UPGT_FIRMWARE_TIMEOUT 10 59 60 #define UPGT_MEMADDR_FIRMWARE_START 0x00020000 /* 512 bytes large */ 61 #define UPGT_MEMSIZE_FRAME_HEAD 0x0070 62 #define UPGT_MEMSIZE_RX 0x3500 63 64 #define UPGT_TX_COUNT 6 65 66 /* device flags */ 67 #define UPGT_DEVICE_ATTACHED (1 << 0) 68 69 /* leds */ 70 #define UPGT_LED_OFF 0 71 #define UPGT_LED_ON 1 72 #define UPGT_LED_BLINK 2 73 74 /* 75 * USB xfers. 76 */ 77 struct upgt_data { 78 struct upgt_softc *sc; 79 struct usbd_xfer *xfer; 80 void *buf; 81 struct ieee80211_node *ni; 82 struct mbuf *m; 83 uint32_t addr; 84 }; 85 86 /* 87 * Firmware. 88 */ 89 #define UPGT_FW_BLOCK_SIZE 512 90 91 #define UPGT_BRA_FWTYPE_SIZE 4 92 #define UPGT_BRA_FWTYPE_LM86 "LM86" 93 #define UPGT_BRA_FWTYPE_LM87 "LM87" 94 #define UPGT_BRA_FWTYPE_FMAC "FMAC" 95 enum upgt_fw_type { 96 UPGT_FWTYPE_LM86, 97 UPGT_FWTYPE_LM87, 98 UPGT_FWTYPE_FMAC 99 }; 100 101 #define UPGT_BRA_TYPE_FW 0x80000001 102 #define UPGT_BRA_TYPE_VERSION 0x80000002 103 #define UPGT_BRA_TYPE_DEPIF 0x80000003 104 #define UPGT_BRA_TYPE_EXPIF 0x80000004 105 #define UPGT_BRA_TYPE_DESCR 0x80000101 106 #define UPGT_BRA_TYPE_END 0xff0000ff 107 struct upgt_fw_bra_option { 108 uint32_t type; 109 uint32_t len; 110 uint8_t data[]; 111 } __packed; 112 113 struct upgt_fw_bra_descr { 114 uint32_t unknown1; 115 uint32_t memaddr_space_start; 116 uint32_t memaddr_space_end; 117 uint32_t unknown2; 118 uint32_t unknown3; 119 uint8_t rates[20]; 120 } __packed; 121 122 #define UPGT_X2_SIGNATURE_SIZE 4 123 #define UPGT_X2_SIGNATURE "x2 " 124 struct upgt_fw_x2_header { 125 uint8_t signature[4]; 126 uint32_t startaddr; 127 uint32_t len; 128 uint32_t crc; 129 } __packed; 130 131 /* 132 * EEPROM. 133 */ 134 #define UPGT_EEPROM_SIZE 8192 135 #define UPGT_EEPROM_BLOCK_SIZE 1020 136 137 struct upgt_eeprom_header { 138 /* 14 bytes */ 139 uint32_t magic; 140 uint16_t pad1; 141 uint16_t preamble_len; 142 uint32_t pad2; 143 /* data */ 144 } __packed; 145 146 #define UPGT_EEPROM_TYPE_END 0x0000 147 #define UPGT_EEPROM_TYPE_NAME 0x0001 148 #define UPGT_EEPROM_TYPE_SERIAL 0x0003 149 #define UPGT_EEPROM_TYPE_MAC 0x0101 150 #define UPGT_EEPROM_TYPE_HWRX 0x1001 151 #define UPGT_EEPROM_TYPE_CHIP 0x1002 152 #define UPGT_EEPROM_TYPE_FREQ3 0x1903 153 #define UPGT_EEPROM_TYPE_FREQ4 0x1904 154 #define UPGT_EEPROM_TYPE_FREQ5 0x1905 155 #define UPGT_EEPROM_TYPE_FREQ6 0x1906 156 #define UPGT_EEPROM_TYPE_OFF 0xffff 157 struct upgt_eeprom_option { 158 uint16_t len; 159 uint16_t type; 160 uint8_t data[]; 161 /* data */ 162 } __packed; 163 164 #define UPGT_EEPROM_RX_CONST 0x88 165 struct upgt_eeprom_option_hwrx { 166 uint32_t pad1; 167 uint8_t rxfilter; 168 uint8_t pad2[15]; 169 } __packed; 170 171 struct upgt_eeprom_freq3_header { 172 uint8_t flags; 173 uint8_t elements; 174 } __packed; 175 176 struct upgt_eeprom_freq4_header { 177 uint8_t flags; 178 uint8_t elements; 179 uint8_t settings; 180 uint8_t type; 181 } __packed; 182 183 struct upgt_eeprom_freq4_1 { 184 uint16_t freq; 185 uint8_t data[50]; 186 } __packed; 187 188 struct upgt_eeprom_freq4_2 { 189 uint16_t head; 190 uint8_t subtails[4]; 191 uint8_t tail; 192 } __packed; 193 194 /* 195 * LMAC protocol. 196 */ 197 struct upgt_lmac_mem { 198 uint32_t addr; 199 uint32_t chksum; 200 } __packed; 201 202 #define UPGT_H1_FLAGS_TX_MGMT 0x00 /* for TX: mgmt frame */ 203 #define UPGT_H1_FLAGS_TX_NO_CALLBACK 0x01 /* for TX: no USB callback */ 204 #define UPGT_H1_FLAGS_TX_DATA 0x10 /* for TX: data frame */ 205 #define UPGT_H1_TYPE_RX_DATA 0x00 /* 802.11 RX data frame */ 206 #define UPGT_H1_TYPE_RX_DATA_MGMT 0x04 /* 802.11 RX mgmt frame */ 207 #define UPGT_H1_TYPE_TX_DATA 0x40 /* 802.11 TX data frame */ 208 #define UPGT_H1_TYPE_CTRL 0x80 /* control frame */ 209 struct upgt_lmac_h1 { 210 /* 4 bytes */ 211 uint8_t flags; 212 uint8_t type; 213 uint16_t len; 214 } __packed; 215 216 #define UPGT_H2_TYPE_TX_ACK_NO 0x0000 217 #define UPGT_H2_TYPE_TX_ACK_YES 0x0001 218 #define UPGT_H2_TYPE_MACFILTER 0x0000 219 #define UPGT_H2_TYPE_CHANNEL 0x0001 220 #define UPGT_H2_TYPE_TX_DONE 0x0008 221 #define UPGT_H2_TYPE_STATS 0x000a 222 #define UPGT_H2_TYPE_EEPROM 0x000c 223 #define UPGT_H2_TYPE_LED 0x000d 224 #define UPGT_H2_FLAGS_TX_ACK_NO 0x0101 225 #define UPGT_H2_FLAGS_TX_ACK_YES 0x0707 226 struct upgt_lmac_h2 { 227 /* 8 bytes */ 228 uint32_t reqid; 229 uint16_t type; 230 uint16_t flags; 231 } __packed; 232 233 struct upgt_lmac_header { 234 /* 12 bytes */ 235 struct upgt_lmac_h1 header1; 236 struct upgt_lmac_h2 header2; 237 } __packed; 238 239 struct upgt_lmac_eeprom { 240 /* 16 bytes */ 241 struct upgt_lmac_h1 header1; 242 struct upgt_lmac_h2 header2; 243 uint16_t offset; 244 uint16_t len; 245 /* data */ 246 } __packed; 247 248 #define UPGT_FILTER_TYPE_NONE 0x0000 249 #define UPGT_FILTER_TYPE_STA 0x0001 250 #define UPGT_FILTER_TYPE_IBSS 0x0002 251 #define UPGT_FILTER_TYPE_HOSTAP 0x0004 252 #define UPGT_FILTER_TYPE_MONITOR 0x0010 253 #define UPGT_FILTER_TYPE_RESET 0x0020 254 #define UPGT_FILTER_UNKNOWN1 0x0002 255 #define UPGT_FILTER_UNKNOWN2 0x0ca8 256 #define UPGT_FILTER_UNKNOWN3 0xffff 257 struct upgt_lmac_filter { 258 struct upgt_lmac_h1 header1; 259 struct upgt_lmac_h2 header2; 260 /* 32 bytes */ 261 uint16_t type; 262 uint8_t dst[IEEE80211_ADDR_LEN]; 263 uint8_t src[IEEE80211_ADDR_LEN]; 264 uint16_t unknown1; 265 uint32_t rxaddr; 266 uint16_t unknown2; 267 uint32_t rxhw; 268 uint16_t unknown3; 269 uint32_t unknown4; 270 } __packed; 271 272 /* frequency 3 data */ 273 struct upgt_lmac_freq3 { 274 uint16_t freq; 275 uint8_t data[6]; 276 } __packed; 277 278 /* frequency 4 data */ 279 struct upgt_lmac_freq4 { 280 struct upgt_eeprom_freq4_2 cmd; 281 uint8_t pad; 282 }; 283 284 /* frequency 6 data */ 285 struct upgt_lmac_freq6 { 286 uint16_t freq; 287 uint8_t data[8]; 288 } __packed; 289 290 #define UPGT_CHANNEL_UNKNOWN1 0x0001 291 #define UPGT_CHANNEL_UNKNOWN2 0x0000 292 #define UPGT_CHANNEL_UNKNOWN3 0x48 293 struct upgt_lmac_channel { 294 struct upgt_lmac_h1 header1; 295 struct upgt_lmac_h2 header2; 296 /* 112 bytes */ 297 uint16_t unknown1; 298 uint16_t unknown2; 299 uint8_t pad1[20]; 300 struct upgt_lmac_freq6 freq6; 301 uint8_t settings; 302 uint8_t unknown3; 303 uint8_t freq3_1[4]; 304 struct upgt_lmac_freq4 freq4[8]; 305 uint8_t freq3_2[4]; 306 uint32_t pad2; 307 } __packed; 308 309 #define UPGT_LED_MODE_SET 0x0003 310 #define UPGT_LED_ACTION_OFF 0x0002 311 #define UPGT_LED_ACTION_ON 0x0003 312 #define UPGT_LED_ACTION_TMP_DUR 100 /* ms */ 313 struct upgt_lmac_led { 314 struct upgt_lmac_h1 header1; 315 struct upgt_lmac_h2 header2; 316 uint16_t mode; 317 uint16_t action_fix; 318 uint16_t action_tmp; 319 uint16_t action_tmp_dur; 320 } __packed; 321 322 struct upgt_lmac_stats { 323 struct upgt_lmac_h1 header1; 324 struct upgt_lmac_h2 header2; 325 uint8_t data[76]; 326 } __packed; 327 328 struct upgt_lmac_rx_desc { 329 struct upgt_lmac_h1 header1; 330 /* 16 bytes */ 331 uint16_t freq; 332 uint8_t unknown1; 333 uint8_t rate; 334 uint8_t rssi; 335 uint8_t pad; 336 uint16_t unknown2; 337 uint32_t timestamp; 338 uint32_t unknown3; 339 uint8_t data[]; 340 } __packed; 341 342 #define UPGT_TX_DESC_KEY_EXISTS 0x01 343 struct upgt_lmac_tx_desc_wep { 344 uint8_t key_exists; 345 uint8_t key_len; 346 uint8_t key_val[16]; 347 } __packed; 348 349 #define UPGT_TX_DESC_TYPE_BEACON 0x00000000 350 #define UPGT_TX_DESC_TYPE_PROBE 0x00000001 351 #define UPGT_TX_DESC_TYPE_MGMT 0x00000002 352 #define UPGT_TX_DESC_TYPE_DATA 0x00000004 353 #define UPGT_TX_DESC_PAD3_SIZE 2 354 struct upgt_lmac_tx_desc { 355 struct upgt_lmac_h1 header1; 356 struct upgt_lmac_h2 header2; 357 uint8_t rates[8]; 358 uint16_t pad1; 359 struct upgt_lmac_tx_desc_wep wep_key; 360 uint32_t type; 361 uint32_t pad2; 362 uint32_t unknown1; 363 uint32_t unknown2; 364 uint8_t pad3[2]; 365 /* 802.11 frame data */ 366 } __packed; 367 368 #define UPGT_TX_DONE_DESC_STATUS_OK 0x0001 369 struct upgt_lmac_tx_done_desc { 370 struct upgt_lmac_h1 header1; 371 struct upgt_lmac_h2 header2; 372 uint16_t status; 373 uint16_t rssi; 374 uint16_t seq; 375 uint16_t unknown; 376 } __packed; 377 378 /* 379 * Prism memory. 380 */ 381 struct upgt_memory_page { 382 uint8_t used; 383 uint32_t addr; 384 } __packed; 385 386 #define UPGT_MEMORY_MAX_PAGES 8 387 struct upgt_memory { 388 uint8_t pages; 389 struct upgt_memory_page page[UPGT_MEMORY_MAX_PAGES]; 390 } __packed; 391 392 /* 393 * Softc. 394 */ 395 struct upgt_softc { 396 struct device sc_dev; 397 398 struct usbd_device *sc_udev; 399 struct usbd_interface *sc_iface; 400 int sc_rx_no; 401 int sc_tx_no; 402 struct usb_task sc_task_newstate; 403 struct usb_task sc_task_tx; 404 struct usbd_pipe *sc_rx_pipeh; 405 struct usbd_pipe *sc_tx_pipeh; 406 407 struct upgt_data tx_data[UPGT_TX_COUNT]; 408 struct upgt_data rx_data; 409 struct upgt_data cmd_data; 410 int tx_queued; 411 412 uint8_t sc_device_type; 413 struct ieee80211com sc_ic; 414 enum ieee80211_state sc_state; 415 int sc_arg; 416 int (*sc_newstate)(struct ieee80211com *, 417 enum ieee80211_state, int); 418 struct timeout scan_to; 419 struct timeout led_to; 420 int sc_led_blink; 421 unsigned sc_cur_chan; 422 uint8_t sc_cur_rateset[8]; 423 424 uint8_t *sc_fw; 425 size_t sc_fw_size; 426 int sc_fw_type; 427 428 /* memory addresses on device */ 429 uint32_t sc_memaddr_frame_start; 430 uint32_t sc_memaddr_frame_end; 431 uint32_t sc_memaddr_rx_start; 432 struct upgt_memory sc_memory; 433 434 /* data which we found in the EEPROM */ 435 uint8_t sc_eeprom[UPGT_EEPROM_SIZE]; 436 uint16_t sc_eeprom_hwrx; 437 struct upgt_lmac_freq3 sc_eeprom_freq3[IEEE80211_CHAN_MAX]; 438 struct upgt_lmac_freq4 sc_eeprom_freq4[IEEE80211_CHAN_MAX][8]; 439 struct upgt_lmac_freq6 sc_eeprom_freq6[IEEE80211_CHAN_MAX]; 440 uint8_t sc_eeprom_freq6_settings; 441 442 /* radio tap */ 443 #if NBPFILTER > 0 444 caddr_t sc_drvbpf; 445 446 /* RX */ 447 union { 448 struct upgt_rx_radiotap_header th; 449 uint8_t pad[64]; 450 } sc_rxtapu; 451 #define sc_rxtap sc_rxtapu.th 452 int sc_rxtap_len; 453 454 /* TX */ 455 union { 456 struct upgt_tx_radiotap_header th; 457 uint8_t pad[64]; 458 } sc_txtapu; 459 #define sc_txtap sc_txtapu.th 460 int sc_txtap_len; 461 #endif 462 }; 463