1 /* $NetBSD: if_upgtvar.h,v 1.7 2021/08/21 11:55:25 andvar Exp $ */ 2 /* $OpenBSD: if_upgtvar.h,v 1.15 2009/08/10 20:02:19 deraadt Exp $ */ 3 4 /* 5 * Copyright (c) 2007 Marcus Glocker <mglocker@openbsd.org> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 struct upgt_softc; 21 22 /* 23 * Radio tap. 24 */ 25 struct upgt_rx_radiotap_header { 26 struct ieee80211_radiotap_header wr_ihdr; 27 uint8_t wr_flags; 28 uint8_t wr_rate; 29 uint16_t wr_chan_freq; 30 uint16_t wr_chan_flags; 31 uint8_t wr_antsignal; 32 }; 33 34 #define UPGT_RX_RADIOTAP_PRESENT \ 35 ((1 << IEEE80211_RADIOTAP_FLAGS) | \ 36 (1 << IEEE80211_RADIOTAP_RATE) | \ 37 (1 << IEEE80211_RADIOTAP_CHANNEL) | \ 38 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL)) 39 40 struct upgt_tx_radiotap_header { 41 struct ieee80211_radiotap_header wt_ihdr; 42 uint8_t wt_flags; 43 uint8_t wt_rate; 44 uint16_t wt_chan_freq; 45 uint16_t wt_chan_flags; 46 }; 47 48 #define UPGT_TX_RADIOTAP_PRESENT \ 49 ((1 << IEEE80211_RADIOTAP_FLAGS) | \ 50 (1 << IEEE80211_RADIOTAP_RATE) | \ 51 (1 << IEEE80211_RADIOTAP_CHANNEL)) 52 53 /* 54 * General values. 55 */ 56 #define UPGT_IFACE_INDEX 0 57 #define UPGT_CONFIG_NO 1 58 #define UPGT_USB_TIMEOUT 1000 59 #define UPGT_FIRMWARE_TIMEOUT 10 60 61 #define UPGT_MEMADDR_FIRMWARE_START 0x00020000 /* 512 bytes large */ 62 #define UPGT_MEMSIZE_FRAME_HEAD 0x0070 63 #define UPGT_MEMSIZE_RX 0x3500 64 65 #define UPGT_TX_COUNT 6 66 67 /* device flags */ 68 #define UPGT_DEVICE_ATTACHED (1 << 0) 69 70 /* leds */ 71 #define UPGT_LED_OFF 0 72 #define UPGT_LED_ON 1 73 #define UPGT_LED_BLINK 2 74 75 /* 76 * USB xfers. 77 */ 78 struct upgt_data { 79 struct upgt_softc *sc; 80 struct usbd_xfer *xfer; 81 uint8_t *buf; 82 struct ieee80211_node *ni; 83 struct mbuf *m; 84 uint32_t addr; 85 }; 86 87 /* 88 * Firmware. 89 */ 90 #define UPGT_FW_BLOCK_SIZE 512 91 92 #define UPGT_BRA_FWTYPE_SIZE 4 93 #define UPGT_BRA_FWTYPE_LM86 "LM86" 94 #define UPGT_BRA_FWTYPE_LM87 "LM87" 95 #define UPGT_BRA_FWTYPE_FMAC "FMAC" 96 enum upgt_fw_type { 97 UPGT_FWTYPE_LM86, 98 UPGT_FWTYPE_LM87, 99 UPGT_FWTYPE_FMAC 100 }; 101 102 #define UPGT_BRA_TYPE_FW 0x80000001 103 #define UPGT_BRA_TYPE_VERSION 0x80000002 104 #define UPGT_BRA_TYPE_DEPIF 0x80000003 105 #define UPGT_BRA_TYPE_EXPIF 0x80000004 106 #define UPGT_BRA_TYPE_DESCR 0x80000101 107 #define UPGT_BRA_TYPE_END 0xff0000ff 108 struct upgt_fw_bra_option { 109 uint32_t type; 110 uint32_t len; 111 uint8_t data[]; 112 } __packed; 113 114 struct upgt_fw_bra_descr { 115 uint32_t unknown1; 116 uint32_t memaddr_space_start; 117 uint32_t memaddr_space_end; 118 uint32_t unknown2; 119 uint32_t unknown3; 120 uint8_t rates[20]; 121 } __packed; 122 123 #define UPGT_X2_SIGNATURE_SIZE 4 124 #define UPGT_X2_SIGNATURE "x2 " 125 struct upgt_fw_x2_header { 126 uint8_t signature[4]; 127 uint32_t startaddr; 128 uint32_t len; 129 uint32_t crc; 130 } __packed; 131 132 /* 133 * EEPROM. 134 */ 135 #define UPGT_EEPROM_SIZE 8192 136 #define UPGT_EEPROM_BLOCK_SIZE 1020 137 138 struct upgt_eeprom_header { 139 /* 14 bytes */ 140 uint32_t magic; 141 uint16_t pad1; 142 uint16_t preamble_len; 143 uint32_t pad2; 144 /* data */ 145 } __packed; 146 147 #define UPGT_EEPROM_TYPE_END 0x0000 148 #define UPGT_EEPROM_TYPE_NAME 0x0001 149 #define UPGT_EEPROM_TYPE_SERIAL 0x0003 150 #define UPGT_EEPROM_TYPE_MAC 0x0101 151 #define UPGT_EEPROM_TYPE_HWRX 0x1001 152 #define UPGT_EEPROM_TYPE_CHIP 0x1002 153 #define UPGT_EEPROM_TYPE_FREQ3 0x1903 154 #define UPGT_EEPROM_TYPE_FREQ4 0x1904 155 #define UPGT_EEPROM_TYPE_FREQ5 0x1905 156 #define UPGT_EEPROM_TYPE_FREQ6 0x1906 157 #define UPGT_EEPROM_TYPE_OFF 0xffff 158 struct upgt_eeprom_option { 159 uint16_t len; 160 uint16_t type; 161 uint8_t data[]; 162 /* data */ 163 } __packed; 164 165 #define UPGT_EEPROM_RX_CONST 0x88 166 struct upgt_eeprom_option_hwrx { 167 uint32_t pad1; 168 uint8_t rxfilter; 169 uint8_t pad2[15]; 170 } __packed; 171 172 struct upgt_eeprom_freq3_header { 173 uint8_t flags; 174 uint8_t elements; 175 } __packed; 176 177 struct upgt_eeprom_freq4_header { 178 uint8_t flags; 179 uint8_t elements; 180 uint8_t settings; 181 uint8_t type; 182 } __packed; 183 184 struct upgt_eeprom_freq4_1 { 185 uint16_t freq; 186 uint8_t data[50]; 187 } __packed; 188 189 struct upgt_eeprom_freq4_2 { 190 uint16_t head; 191 uint8_t subtails[4]; 192 uint8_t tail; 193 } __packed; 194 195 /* 196 * LMAC protocol. 197 */ 198 struct upgt_lmac_mem { 199 uint32_t addr; 200 uint32_t chksum; 201 } __packed; 202 203 #define UPGT_H1_FLAGS_TX_MGMT 0x00 /* for TX: mgmt frame */ 204 #define UPGT_H1_FLAGS_TX_NO_CALLBACK 0x01 /* for TX: no USB callback */ 205 #define UPGT_H1_FLAGS_TX_DATA 0x10 /* for TX: data frame */ 206 #define UPGT_H1_TYPE_RX_DATA 0x00 /* 802.11 RX data frame */ 207 #define UPGT_H1_TYPE_RX_DATA_MGMT 0x04 /* 802.11 RX mgmt frame */ 208 #define UPGT_H1_TYPE_TX_DATA 0x40 /* 802.11 TX data frame */ 209 #define UPGT_H1_TYPE_CTRL 0x80 /* control frame */ 210 struct upgt_lmac_h1 { 211 /* 4 bytes */ 212 uint8_t flags; 213 uint8_t type; 214 uint16_t len; 215 } __packed; 216 217 #define UPGT_H2_TYPE_TX_ACK_NO 0x0000 218 #define UPGT_H2_TYPE_TX_ACK_YES 0x0001 219 #define UPGT_H2_TYPE_MACFILTER 0x0000 220 #define UPGT_H2_TYPE_CHANNEL 0x0001 221 #define UPGT_H2_TYPE_TX_DONE 0x0008 222 #define UPGT_H2_TYPE_STATS 0x000a 223 #define UPGT_H2_TYPE_EEPROM 0x000c 224 #define UPGT_H2_TYPE_LED 0x000d 225 #define UPGT_H2_FLAGS_TX_ACK_NO 0x0101 226 #define UPGT_H2_FLAGS_TX_ACK_YES 0x0707 227 struct upgt_lmac_h2 { 228 /* 8 bytes */ 229 uint32_t reqid; 230 uint16_t type; 231 uint16_t flags; 232 } __packed; 233 234 struct upgt_lmac_header { 235 /* 12 bytes */ 236 struct upgt_lmac_h1 header1; 237 struct upgt_lmac_h2 header2; 238 } __packed; 239 240 struct upgt_lmac_eeprom { 241 /* 16 bytes */ 242 struct upgt_lmac_h1 header1; 243 struct upgt_lmac_h2 header2; 244 uint16_t offset; 245 uint16_t len; 246 /* data */ 247 } __packed; 248 249 #define UPGT_FILTER_TYPE_NONE 0x0000 250 #define UPGT_FILTER_TYPE_STA 0x0001 251 #define UPGT_FILTER_TYPE_IBSS 0x0002 252 #define UPGT_FILTER_TYPE_HOSTAP 0x0004 253 #define UPGT_FILTER_TYPE_MONITOR 0x0010 254 #define UPGT_FILTER_TYPE_RESET 0x0020 255 #define UPGT_FILTER_UNKNOWN1 0x0002 256 #define UPGT_FILTER_UNKNOWN2 0x0ca8 257 #define UPGT_FILTER_UNKNOWN3 0xffff 258 struct upgt_lmac_filter { 259 struct upgt_lmac_h1 header1; 260 struct upgt_lmac_h2 header2; 261 /* 32 bytes */ 262 uint16_t type; 263 uint8_t dst[IEEE80211_ADDR_LEN]; 264 uint8_t src[IEEE80211_ADDR_LEN]; 265 uint16_t unknown1; 266 uint32_t rxaddr; 267 uint16_t unknown2; 268 uint32_t rxhw; 269 uint16_t unknown3; 270 uint32_t unknown4; 271 } __packed; 272 273 /* frequency 3 data */ 274 struct upgt_lmac_freq3 { 275 uint16_t freq; 276 uint8_t data[6]; 277 } __packed; 278 279 /* frequency 4 data */ 280 struct upgt_lmac_freq4 { 281 struct upgt_eeprom_freq4_2 cmd; 282 uint8_t pad; 283 }; 284 285 /* frequency 6 data */ 286 struct upgt_lmac_freq6 { 287 uint16_t freq; 288 uint8_t data[8]; 289 } __packed; 290 291 #define UPGT_CHANNEL_UNKNOWN1 0x0001 292 #define UPGT_CHANNEL_UNKNOWN2 0x0000 293 #define UPGT_CHANNEL_UNKNOWN3 0x48 294 struct upgt_lmac_channel { 295 struct upgt_lmac_h1 header1; 296 struct upgt_lmac_h2 header2; 297 /* 112 bytes */ 298 uint16_t unknown1; 299 uint16_t unknown2; 300 uint8_t pad1[20]; 301 struct upgt_lmac_freq6 freq6; 302 uint8_t settings; 303 uint8_t unknown3; 304 uint8_t freq3_1[4]; 305 struct upgt_lmac_freq4 freq4[8]; 306 uint8_t freq3_2[4]; 307 uint32_t pad2; 308 } __packed; 309 310 #define UPGT_LED_MODE_SET 0x0003 311 #define UPGT_LED_ACTION_OFF 0x0002 312 #define UPGT_LED_ACTION_ON 0x0003 313 #define UPGT_LED_ACTION_TMP_DUR 100 /* ms */ 314 struct upgt_lmac_led { 315 struct upgt_lmac_h1 header1; 316 struct upgt_lmac_h2 header2; 317 uint16_t mode; 318 uint16_t action_fix; 319 uint16_t action_tmp; 320 uint16_t action_tmp_dur; 321 } __packed; 322 323 struct upgt_lmac_stats { 324 struct upgt_lmac_h1 header1; 325 struct upgt_lmac_h2 header2; 326 uint8_t data[76]; 327 } __packed; 328 329 struct upgt_lmac_rx_desc { 330 struct upgt_lmac_h1 header1; 331 /* 16 bytes */ 332 uint16_t freq; 333 uint8_t unknown1; 334 uint8_t rate; 335 uint8_t rssi; 336 uint8_t pad; 337 uint16_t unknown2; 338 uint32_t timestamp; 339 uint32_t unknown3; 340 uint8_t data[]; 341 } __packed; 342 343 #define UPGT_TX_DESC_KEY_EXISTS 0x01 344 struct upgt_lmac_tx_desc_wep { 345 uint8_t key_exists; 346 uint8_t key_len; 347 uint8_t key_val[16]; 348 } __packed; 349 350 #define UPGT_TX_DESC_TYPE_BEACON 0x00000000 351 #define UPGT_TX_DESC_TYPE_PROBE 0x00000001 352 #define UPGT_TX_DESC_TYPE_MGMT 0x00000002 353 #define UPGT_TX_DESC_TYPE_DATA 0x00000004 354 #define UPGT_TX_DESC_PAD3_SIZE 2 355 struct upgt_lmac_tx_desc { 356 struct upgt_lmac_h1 header1; 357 struct upgt_lmac_h2 header2; 358 uint8_t rates[8]; 359 uint16_t pad1; 360 struct upgt_lmac_tx_desc_wep wep_key; 361 uint32_t type; 362 uint32_t pad2; 363 uint32_t unknown1; 364 uint32_t unknown2; 365 uint8_t pad3[2]; 366 /* 802.11 frame data */ 367 } __packed; 368 369 #define UPGT_TX_DONE_DESC_STATUS_OK 0x0001 370 struct upgt_lmac_tx_done_desc { 371 struct upgt_lmac_h1 header1; 372 struct upgt_lmac_h2 header2; 373 uint16_t status; 374 uint16_t rssi; 375 uint16_t seq; 376 uint16_t unknown; 377 } __packed; 378 379 /* 380 * Prism memory. 381 */ 382 struct upgt_memory_page { 383 uint8_t used; 384 uint32_t addr; 385 } __packed; 386 387 #define UPGT_MEMORY_MAX_PAGES 8 388 struct upgt_memory { 389 uint8_t pages; 390 struct upgt_memory_page page[UPGT_MEMORY_MAX_PAGES]; 391 } __packed; 392 393 /* 394 * Softc. 395 */ 396 struct upgt_softc { 397 device_t sc_dev; 398 struct ethercom sc_ec; 399 #define sc_if sc_ec.ec_if 400 401 enum { 402 UPGT_INIT_NONE, 403 UPGT_INIT_INITED 404 } sc_init_state; 405 struct usbd_device * sc_udev; 406 struct usbd_interface * sc_iface; 407 int sc_rx_no; 408 int sc_tx_no; 409 struct usb_task sc_task_newstate; 410 struct usb_task sc_task_tx; 411 struct usbd_pipe * sc_rx_pipeh; 412 struct usbd_pipe * sc_tx_pipeh; 413 414 struct upgt_data tx_data[UPGT_TX_COUNT]; 415 struct upgt_data rx_data; 416 struct upgt_data cmd_data; 417 int tx_queued; 418 kmutex_t sc_mtx; 419 kcondvar_t sc_cv; 420 421 kmutex_t sc_media_mtx; /* XXX */ 422 423 uint8_t sc_device_type; 424 struct ieee80211com sc_ic; 425 enum ieee80211_state sc_state; 426 int sc_arg; 427 int (*sc_newstate)(struct ieee80211com *, 428 enum ieee80211_state, int); 429 callout_t scan_to; 430 callout_t led_to; 431 int sc_led_blink; 432 uint8_t sc_cur_rateset[8]; 433 434 int sc_flags; 435 uint8_t *sc_fw; 436 size_t sc_fw_size; 437 int sc_fw_type; 438 439 /* memory addresses on device */ 440 uint32_t sc_memaddr_frame_start; 441 uint32_t sc_memaddr_frame_end; 442 uint32_t sc_memaddr_rx_start; 443 struct upgt_memory sc_memory; 444 445 /* data which we found in the EEPROM */ 446 uint8_t sc_eeprom[UPGT_EEPROM_SIZE]; 447 uint16_t sc_eeprom_hwrx; 448 struct upgt_lmac_freq3 sc_eeprom_freq3[IEEE80211_CHAN_MAX]; 449 struct upgt_lmac_freq4 sc_eeprom_freq4[IEEE80211_CHAN_MAX][8]; 450 struct upgt_lmac_freq6 sc_eeprom_freq6[IEEE80211_CHAN_MAX]; 451 uint8_t sc_eeprom_freq6_settings; 452 453 /* radio tap */ 454 struct bpf_if *sc_drvbpf; 455 456 /* RX */ 457 union { 458 struct upgt_rx_radiotap_header th; 459 uint8_t pad[64]; 460 } sc_rxtapu; 461 #define sc_rxtap sc_rxtapu.th 462 int sc_rxtap_len; 463 464 /* TX */ 465 union { 466 struct upgt_tx_radiotap_header th; 467 uint8_t pad[64]; 468 } sc_txtapu; 469 #define sc_txtap sc_txtapu.th 470 int sc_txtap_len; 471 }; 472