xref: /netbsd/sys/dev/usb/if_atureg.h (revision 6550d01e) 
1 /*	$NetBSD: if_atureg.h,v 1.8 2009/09/04 18:10:08 dyoung Exp $ */
2 /*	$OpenBSD: if_atureg.h,v 1.21 2004/12/23 13:19:38 dlg Exp $ */
3 /*
4  * Copyright (c) 2003
5  *	Daan Vreeken <Danovitsch@Vitsch.net>.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. All advertising materials mentioning features or use of this software
16  *    must display the following acknowledgement:
17  *	This product includes software developed by Daan Vreeken.
18  * 4. Neither the name of the author nor the names of any co-contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY DAAN VREEKEN AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL Daan Vreeken OR THE VOICES IN HIS HEAD
26  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
27  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
32  * THE POSSIBILITY OF SUCH DAMAGE.
33  *
34  */
35 
36 #define ATU_CONFIG_NO		1
37 #define ATU_IFACE_IDX		0
38 
39 /* the number of simultaniuously requested RX transfers */
40 #define ATU_RX_LIST_CNT	1
41 
42 /*
43  * the number of simultaniously started TX transfers
44  * my measurements :
45  * 1		430.82 KB/sec
46  * 2		534.66 KB/sec
47  * 3		536.23 KB/sec
48  * 4		537.80 KB/sec
49  * 6		537.30 KB/sec
50  * 8		535.31 KB/sec
51  * 16		535.68 KB/sec
52  * 128		535.67 KB/sec (before you ask : yes, 128 is silly :)
53  * (+/- 24% increase)
54  */
55 #define ATU_TX_LIST_CNT	8
56 
57 /*
58  * According to the 802.11 spec (7.1.2) the frame body can be up to 2312 bytes
59  */
60 #define ATU_RX_BUFSZ		(ATU_RX_HDRLEN + \
61 				 sizeof(struct ieee80211_frame_addr4) + 2312 + 4)
62 /* BE CAREFULL! should add ATU_TX_PADDING */
63 #define ATU_TX_BUFSZ		(ATU_TX_HDRLEN + \
64 				 sizeof(struct ieee80211_frame_addr4) + 2312)
65 
66 #define ATU_MIN_FRAMELEN	60
67 
68 /*
69  * Sending packets of more than 1500 bytes confuses some access points, so the
70  * default MTU is set to 1500 but can be increased up to 2310 bytes using
71  * ifconfig
72  */
73 #define ATU_DEFAULT_MTU	1500
74 #define ATU_MAX_MTU		(2312 - 2)
75 
76 #define ATU_ENDPT_RX		0x0
77 #define ATU_ENDPT_TX		0x1
78 #define ATU_ENDPT_MAX		0x2
79 
80 #define ATU_TX_TIMEOUT		10000
81 #define ATU_JOIN_TIMEOUT	2000
82 
83 #define ATU_NO_QUIRK		0x0000
84 #define ATU_QUIRK_NO_REMAP	0x0001
85 #define ATU_QUIRK_FW_DELAY	0x0002
86 
87 #define ATU_DEFAULT_SSID	""
88 #define ATU_DEFAULT_CHANNEL	10
89 
90 enum atu_radio_type {
91 	RadioRFMD = 0,
92 	RadioRFMD2958,
93 	RadioRFMD2958_SMC,
94 	RadioIntersil
95 };
96 
97 struct atu_type {
98 	u_int16_t		atu_vid;
99 	u_int16_t		atu_pid;
100 	enum atu_radio_type	atu_radio;
101 	u_int16_t		atu_quirk;
102 };
103 
104 struct atu_softc;
105 
106 struct atu_chain {
107 	struct atu_softc	*atu_sc;
108 	usbd_xfer_handle	atu_xfer;
109 	char			*atu_buf;
110 	struct mbuf		*atu_mbuf;
111 	u_int8_t		atu_idx;
112 	u_int16_t		atu_length;
113 	int			atu_in_xfer;
114 	SLIST_ENTRY(atu_chain)	atu_list;
115 };
116 
117 struct atu_cdata {
118 	struct atu_chain	atu_tx_chain[ATU_TX_LIST_CNT];
119 	struct atu_chain	atu_rx_chain[ATU_RX_LIST_CNT];
120 
121 	SLIST_HEAD(atu_list_head, atu_chain)	atu_rx_free;
122 	struct atu_list_head	atu_tx_free;
123 
124 	u_int8_t		atu_tx_inuse;
125 	u_int8_t		atu_tx_last_idx;
126 };
127 
128 #define MAX_SSID_LEN		32
129 #define ATU_AVG_TIME		20
130 
131 struct atu_softc {
132 	device_t atu_dev;
133 	struct ethercom		sc_ec;
134 	struct ieee80211com	sc_ic;
135 	int			(*sc_newstate)(struct ieee80211com *,
136 				    enum ieee80211_state, int);
137 
138 	char			sc_state;
139 #define ATU_S_DEAD		0
140 #define ATU_S_OK		1
141 #define ATU_S_UNCONFIG		2
142 	char			sc_cmd;
143 #define ATU_C_NONE		0
144 #define ATU_C_SCAN		1
145 #define ATU_C_JOIN		2
146 	struct usb_task		sc_task;
147 
148 	usbd_device_handle	atu_udev;
149 	usbd_interface_handle	atu_iface;
150 	struct ethercom		atu_ec;
151 	struct ifmedia		atu_media;
152 	int			atu_ed[ATU_ENDPT_MAX];
153 	usbd_pipe_handle	atu_ep[ATU_ENDPT_MAX];
154 	int			atu_unit;
155 	int			atu_if_flags;
156 
157 	struct atu_cdata	atu_cdata;
158 
159 	struct timeval		atu_rx_notice;
160 
161 	u_int8_t		atu_bssid[ETHER_ADDR_LEN];
162 	enum atu_radio_type	atu_radio;
163 	u_int16_t		atu_quirk;
164 
165 	u_int8_t		atu_channel;
166 	u_int16_t		atu_desired_channel;
167 	u_int8_t		atu_mode;
168 #define NO_MODE_YET		0
169 #define AD_HOC_MODE		1
170 #define INFRASTRUCTURE_MODE	2
171 
172 	u_int8_t		atu_radio_on;
173 	u_int8_t		atu_encrypt;
174 #define ATU_WEP_RX		0x01
175 #define ATU_WEP_TX		0x02
176 #define ATU_WEP_TXRX		(ATU_WEP_RX | ATU_WEP_TX)
177 	int			atu_wepkey;
178 	int			atu_wepkeylen;
179 	u_int8_t		atu_wepkeys[4][13];
180 };
181 
182 #define	sc_if	sc_ec.ec_if
183 
184 /* Commands for uploading the firmware (standard DFU interface) */
185 #define DFU_DNLOAD		UT_WRITE_CLASS_INTERFACE, 0x01
186 #define DFU_GETSTATUS		UT_READ_CLASS_INTERFACE, 0x03
187 #define DFU_GETSTATE		UT_READ_CLASS_INTERFACE, 0x05
188 #define DFU_REMAP		UT_WRITE_VENDOR_INTERFACE, 0x0a
189 
190 /* DFU states */
191 #define DFUState_AppIdle	0
192 #define DFUState_AppDetach	1
193 #define DFUState_DFUIdle	2
194 #define DFUState_DnLoadSync	3
195 #define DFUState_DnLoadBusy	4
196 #define DFUState_DnLoadIdle	5
197 #define DFUState_ManifestSync	6
198 #define DFUState_Manifest	7
199 #define DFUState_ManifestWait	8
200 #define DFUState_UploadIdle	9
201 #define DFUState_DFUError	10
202 
203 #define DFU_MaxBlockSize	1024
204 
205 /* AT76c503 operating modes */
206 #define MODE_NONE			0x00
207 #define MODE_NETCARD			0x01
208 #define MODE_CONFIG			0x02
209 #define MODE_DFU			0x03
210 #define MODE_NOFLASHNETCARD		0x04
211 
212 /* AT76c503 commands */
213 #define CMD_SET_MIB			0x01
214 #define CMD_START_SCAN			0x03
215 #define CMD_JOIN			0x04
216 #define CMD_START_IBSS			0x05
217 #define CMD_RADIO			0x06
218 #define CMD_RADIO_ON			0x06
219 #define CMD_RADIO_OFF			0x07
220 #define CMD_STARTUP			0x0b
221 
222 /* AT76c503 status messages -  used in atu_wait_completion */
223 #define STATUS_IDLE			0x00
224 #define STATUS_COMPLETE			0x01
225 #define STATUS_UNKNOWN			0x02
226 #define STATUS_INVALID_PARAMETER	0x03
227 #define STATUS_FUNCTION_NOT_SUPPORTED	0x04
228 #define STATUS_TIME_OUT			0x07
229 #define STATUS_IN_PROGRESS		0x08
230 #define STATUS_HOST_FAILURE		0xff
231 #define STATUS_SCAN_FAILED		0xf0
232 
233 /* AT76c503 command header */
234 struct atu_cmd {
235 	uByte			Cmd;
236 	uByte			Reserved;
237 	uWord			Size;
238 } UPACKED;
239 
240 /* CMD_SET_MIB command (0x01) */
241 struct atu_cmd_set_mib {
242 	/* AT76c503 command header */
243 	uByte		AtCmd;
244 	uByte		AtReserved;
245 	uWord		AtSize;
246 
247 	/* MIB header */
248 	uByte		MIBType;
249 	uByte		MIBSize;
250 	uByte		MIBIndex;
251 	uByte		MIBReserved;
252 
253 	/* MIB data */
254 	uByte		data[72];
255 } UPACKED;
256 
257 /* CMD_STARTUP command (0x0b) */
258 struct atu_cmd_card_config {
259 	uByte			Cmd;
260 	uByte			Reserved;
261 	uWord			Size;
262 
263 	uByte			ExcludeUnencrypted;
264 	uByte			PromiscuousMode;
265 	uByte			ShortRetryLimit;
266 	uByte			EncryptionType;
267 	uWord			RTS_Threshold;
268 	uWord			FragThreshold;		/* 256 .. 2346 */
269 	uByte			BasicRateSet[4];
270 	uByte			AutoRateFallback;
271 	uByte			Channel;
272 	uByte			PrivacyInvoked;		/* wep */
273 	uByte			WEP_DefaultKeyID;	/* 0 .. 3 */
274 	uByte			SSID[MAX_SSID_LEN];
275 	uByte			WEP_DefaultKey[4][13];
276 	uByte			SSID_Len;
277 	uByte			ShortPreamble;
278 	uWord			BeaconPeriod;
279 } UPACKED;
280 
281 /* CMD_SCAN command (0x03) */
282 struct atu_cmd_do_scan {
283 	uByte			Cmd;
284 	uByte			Reserved;
285 	uWord			Size;
286 
287 	uByte			BSSID[ETHER_ADDR_LEN];
288 	uByte			SSID[MAX_SSID_LEN];
289 	uByte			ScanType;
290 	uByte			Channel;
291 	uWord			ProbeDelay;
292 	uWord			MinChannelTime;
293 	uWord			MaxChannelTime;
294 	uByte			SSID_Len;
295 	uByte			InternationalScan;
296 } UPACKED;
297 
298 #define ATU_SCAN_ACTIVE		0x00
299 #define ATU_SCAN_PASSIVE	0x01
300 
301 /* CMD_JOIN command (0x04) */
302 struct atu_cmd_join {
303 	uByte			Cmd;
304 	uByte			Reserved;
305 	uWord			Size;
306 
307 	uByte			bssid[ETHER_ADDR_LEN];
308 	uByte			essid[32];
309 	uByte			bss_type;
310 	uByte			channel;
311 	uWord			timeout;
312 	uByte			essid_size;
313 	uByte			reserved;
314 } UPACKED;
315 
316 /* CMD_START_IBSS (0x05) */
317 struct atu_cmd_start_ibss {
318 	uByte		Cmd;
319 	uByte		Reserved;
320 	uWord		Size;
321 
322 	uByte		BSSID[ETHER_ADDR_LEN];
323 	uByte		SSID[32];
324 	uByte		BSSType;
325 	uByte		Channel;
326 	uByte		SSIDSize;
327 	uByte		Res[3];
328 } UPACKED;
329 
330 /*
331  * The At76c503 adapters come with different types of radios on them.
332  * At this moment the driver supports adapters with RFMD and Intersil radios.
333  */
334 
335 /* The config structure of an RFMD radio */
336 struct atu_rfmd_conf {
337 	u_int8_t		CR20[14];
338 	u_int8_t		CR21[14];
339 	u_int8_t		BB_CR[14];
340 	u_int8_t		PidVid[4];
341 	u_int8_t		MACAddr[ETHER_ADDR_LEN];
342 	u_int8_t		RegulatoryDomain;
343 	u_int8_t		LowPowerValues[14];
344 	u_int8_t		NormalPowerValues[14];
345 	u_int8_t		Reserved[3];
346 	/* then we have 84 bytes, somehow Windows reads 95?? */
347 	u_int8_t		Rest[11];
348 } UPACKED;
349 
350 /* The config structure of an Intersil radio */
351 struct atu_intersil_conf {
352 	u_int8_t		MACAddr[ETHER_ADDR_LEN];
353 	/* From the HFA3861B manual : */
354 	/* Manual TX power control (7bit : -64 to 63) */
355 	u_int8_t		CR31[14];
356 	/* TX power measurement */
357 	u_int8_t		CR58[14];
358 	u_int8_t		PidVid[4];
359 	u_int8_t		RegulatoryDomain;
360 	u_int8_t		Reserved[1];
361 } UPACKED;
362 
363 
364 /* Firmware information request */
365 struct atu_fw {
366 	u_int8_t		major;
367 	u_int8_t		minor;
368 	u_int8_t		patch;
369 	u_int8_t		build;
370 } UPACKED;
371 
372 /*
373  * The header the AT76c503 puts in front of RX packets (for both managment &
374  * data)
375  */
376 struct atu_rx_hdr {
377 	uWord			length;
378 	uByte			rx_rate;
379 	uByte			newbss;
380 	uByte			fragmentation;
381 	uByte			rssi;
382 	uByte			link_quality;
383 	uByte			noise_level;
384 	uDWord			rx_time;
385 } UPACKED;
386 #define ATU_RX_HDRLEN sizeof(struct atu_rx_hdr)
387 
388 /*
389  * The header we have to put in front of a TX packet before sending it to the
390  * AT76c503
391  */
392 struct atu_tx_hdr {
393 	uWord				length;
394 	uByte				tx_rate;
395 	uByte				padding;
396 	uByte				reserved[4];
397 } UPACKED;
398 #define ATU_TX_HDRLEN sizeof(struct atu_tx_hdr)
399 
400 #define NR(x)		(void *)((long)x)
401 
402 /*
403  * The linux driver uses separate routines for every mib request they do
404  * (eg. set_radio / set_preamble / set_frag / etc etc )
405  * We just define a list of types, sizes and offsets and use those
406  */
407 
408 /*	Name				Type		Size	Index	*/
409 #define MIB_LOCAL			0x01
410 #define  MIB_LOCAL__BEACON_ENABLE	MIB_LOCAL,	1,	2
411 #define  MIB_LOCAL__AUTO_RATE_FALLBACK	MIB_LOCAL,	1,	3
412 #define  MIB_LOCAL__SSID_SIZE		MIB_LOCAL,	1,	5
413 #define  MIB_LOCAL__PREAMBLE		MIB_LOCAL,	1,	9
414 #define MIB_MAC_ADDR			0x02
415 #define  MIB_MAC_ADDR__ADDR		MIB_MAC_ADDR,	6,	0
416 #define MIB_MAC				0x03
417 #define  MIB_MAC__FRAG			MIB_MAC,	2,	8
418 #define  MIB_MAC__RTS			MIB_MAC,	2,	10
419 #define  MIB_MAC__DESIRED_SSID		MIB_MAC,	32,	28
420 #define MIB_MAC_MGMT			0x05
421 #define  MIB_MAC_MGMT__BEACON_PERIOD	MIB_MAC_MGMT,	2,	0
422 #define  MIB_MAC_MGMT__CURRENT_BSSID	MIB_MAC_MGMT,	6,	14
423 #define  MIB_MAC_MGMT__CURRENT_ESSID	MIB_MAC_MGMT,	32,	20
424 #define  MIB_MAC_MGMT__POWER_MODE	MIB_MAC_MGMT,	1,	53
425 #define  MIB_MAC_MGMT__IBSS_CHANGE	MIB_MAC_MGMT,	1,	54
426 #define MIB_MAC_WEP			0x06
427 #define  MIB_MAC_WEP__PRIVACY_INVOKED	MIB_MAC_WEP,	1,	0
428 #define  MIB_MAC_WEP__KEY_ID		MIB_MAC_WEP,	1,	1
429 #define  MIB_MAC_WEP__ICV_ERROR_COUNT	MIB_MAC_WEP,	4,	4
430 #define  MIB_MAC_WEP__EXCLUDED_COUNT	MIB_MAC_WEP,	4,	8
431 #define  MIB_MAC_WEP__KEYS(nr)		MIB_MAC_WEP,	13,	12+(nr)*13
432 #define  MIB_MAC_WEP__ENCR_LEVEL	MIB_MAC_WEP,	1,	64
433 #define MIB_PHY				0x07
434 #define  MIB_PHY__CHANNEL		MIB_PHY,	1,	20
435 #define  MIB_PHY__REG_DOMAIN		MIB_PHY,	1,	23
436 #define MIB_FW_VERSION			0x08
437 #define MIB_DOMAIN			0x09
438 #define  MIB_DOMAIN__POWER_LEVELS	MIB_DOMAIN,	14,	0
439 #define  MIB_DOMAIN__CHANNELS		MIB_DOMAIN,	14,	14
440 
441 #define ATU_WEP_OFF			0
442 #define ATU_WEP_40BITS			1
443 #define ATU_WEP_104BITS			2
444 
445 #define POWER_MODE_ACTIVE		1
446 #define POWER_MODE_SAVE			2
447 #define POWER_MODE_SMART		3
448 
449 #define PREAMBLE_SHORT			1
450 #define PREAMBLE_LONG			0
451