summaryrefslogtreecommitdiff
path: root/sys/dev/wi
diff options
context:
space:
mode:
authorcvs2svn <cvs2svn@FreeBSD.org>2002-07-03 13:01:42 +0000
committercvs2svn <cvs2svn@FreeBSD.org>2002-07-03 13:01:42 +0000
commitdb0a3b09965d55f9dee7a58fb04e31df42b6ae73 (patch)
tree15796774b99f140ef7279f6e0a9e8762ca56f414 /sys/dev/wi
parentb8fd368d376570f335654782a15814d70c9d21c6 (diff)
parent7194701a4d8d2a0fc75c1b41fcb2a9447ed3a4ca (diff)
Notes
Diffstat (limited to 'sys/dev/wi')
-rw-r--r--sys/dev/wi/if_wavelan_ieee.h699
-rw-r--r--sys/dev/wi/if_wi.c3012
-rw-r--r--sys/dev/wi/if_wi_pccard.c212
-rw-r--r--sys/dev/wi/if_wi_pci.c234
-rw-r--r--sys/dev/wi/if_wireg.h628
-rw-r--r--sys/dev/wi/if_wivar.h225
-rw-r--r--sys/dev/wi/wi_hostap.c1266
-rw-r--r--sys/dev/wi/wi_hostap.h135
8 files changed, 6411 insertions, 0 deletions
diff --git a/sys/dev/wi/if_wavelan_ieee.h b/sys/dev/wi/if_wavelan_ieee.h
new file mode 100644
index 000000000000..2ba1dbf5b877
--- /dev/null
+++ b/sys/dev/wi/if_wavelan_ieee.h
@@ -0,0 +1,699 @@
+/*
+ * Copyright (c) 1997, 1998, 1999
+ * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Bill Paul.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _IF_WAVELAN_IEEE_H
+#define _IF_WAVELAN_IEEE_H
+
+/*
+ * This header defines a simple command interface to the FreeBSD
+ * WaveLAN/IEEE driver (wi) driver, which is used to set certain
+ * device-specific parameters which can't be easily managed through
+ * ifconfig(8). No, sysctl(2) is not the answer. I said a _simple_
+ * interface, didn't I.
+ */
+
+#ifndef SIOCSWAVELAN
+#define SIOCSWAVELAN SIOCSIFGENERIC
+#endif
+
+#ifndef SIOCGWAVELAN
+#define SIOCGWAVELAN SIOCGIFGENERIC
+#endif
+#define WI_RID_MONITOR_MODE 0x0500
+
+/*
+ * Technically I don't think there's a limit to a record
+ * length. The largest record is the one that contains the CIS
+ * data, which is 240 words long, so 256 should be a safe
+ * value.
+ */
+#define WI_MAX_DATALEN 512
+
+struct wi_req {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_val[WI_MAX_DATALEN];
+};
+
+/*
+ * Private LTV records (interpreted only by the driver). This is
+ * a minor kludge to allow reading the interface statistics from
+ * the driver.
+ */
+#define WI_RID_IFACE_STATS 0x0100
+#define WI_RID_MGMT_XMIT 0x0200
+#define WI_RID_ZERO_CACHE 0x0300
+#define WI_RID_READ_CACHE 0x0400
+
+struct wi_80211_hdr {
+ u_int16_t frame_ctl;
+ u_int16_t dur_id;
+ u_int8_t addr1[6];
+ u_int8_t addr2[6];
+ u_int8_t addr3[6];
+ u_int16_t seq_ctl;
+ u_int8_t addr4[6];
+};
+
+#define WI_FCTL_VERS 0x0002
+#define WI_FCTL_FTYPE 0x000C
+#define WI_FCTL_STYPE 0x00F0
+#define WI_FCTL_TODS 0x0100
+#define WI_FCTL_FROMDS 0x0200
+#define WI_FCTL_MOREFRAGS 0x0400
+#define WI_FCTL_RETRY 0x0800
+#define WI_FCTL_PM 0x1000
+#define WI_FCTL_MOREDATA 0x2000
+#define WI_FCTL_WEP 0x4000
+#define WI_FCTL_ORDER 0x8000
+
+#define WI_FTYPE_MGMT 0x0000
+#define WI_FTYPE_CTL 0x0004
+#define WI_FTYPE_DATA 0x0008
+
+#define WI_STYPE_MGMT_ASREQ 0x0000 /* association request */
+#define WI_STYPE_MGMT_ASRESP 0x0010 /* association response */
+#define WI_STYPE_MGMT_REASREQ 0x0020 /* reassociation request */
+#define WI_STYPE_MGMT_REASRESP 0x0030 /* reassociation response */
+#define WI_STYPE_MGMT_PROBEREQ 0x0040 /* probe request */
+#define WI_STYPE_MGMT_PROBERESP 0x0050 /* probe response */
+#define WI_STYPE_MGMT_BEACON 0x0080 /* beacon */
+#define WI_STYPE_MGMT_ATIM 0x0090 /* announcement traffic ind msg */
+#define WI_STYPE_MGMT_DISAS 0x00A0 /* disassociation */
+#define WI_STYPE_MGMT_AUTH 0x00B0 /* authentication */
+#define WI_STYPE_MGMT_DEAUTH 0x00C0 /* deauthentication */
+
+#define WI_STYPE_CTL_PSPOLL 0x00A0
+#define WI_STYPE_CTL_RTS 0x00B0
+#define WI_STYPE_CTL_CTS 0x00C0
+#define WI_STYPE_CTL_ACK 0x00D0
+#define WI_STYPE_CTL_CFEND 0x00E0
+#define WI_STYPE_CTL_CFENDACK 0x00F0
+
+struct wi_mgmt_hdr {
+ u_int16_t frame_ctl;
+ u_int16_t duration;
+ u_int8_t dst_addr[6];
+ u_int8_t src_addr[6];
+ u_int8_t bssid[6];
+ u_int16_t seq_ctl;
+};
+
+/*
+ * Lucent/wavelan IEEE signal strength cache
+ *
+ * driver keeps cache of last
+ * MAXWICACHE packets to arrive including signal strength info.
+ * daemons may read this via ioctl
+ *
+ * Each entry in the wi_sigcache has a unique macsrc.
+ */
+struct wi_sigcache {
+ char macsrc[6]; /* unique MAC address for entry */
+ int ipsrc; /* ip address associated with packet */
+ int signal; /* signal strength of the packet */
+ int noise; /* noise value */
+ int quality; /* quality of the packet */
+};
+
+#ifndef _KERNEL
+struct wi_counters {
+ u_int32_t wi_tx_unicast_frames;
+ u_int32_t wi_tx_multicast_frames;
+ u_int32_t wi_tx_fragments;
+ u_int32_t wi_tx_unicast_octets;
+ u_int32_t wi_tx_multicast_octets;
+ u_int32_t wi_tx_deferred_xmits;
+ u_int32_t wi_tx_single_retries;
+ u_int32_t wi_tx_multi_retries;
+ u_int32_t wi_tx_retry_limit;
+ u_int32_t wi_tx_discards;
+ u_int32_t wi_rx_unicast_frames;
+ u_int32_t wi_rx_multicast_frames;
+ u_int32_t wi_rx_fragments;
+ u_int32_t wi_rx_unicast_octets;
+ u_int32_t wi_rx_multicast_octets;
+ u_int32_t wi_rx_fcs_errors;
+ u_int32_t wi_rx_discards_nobuf;
+ u_int32_t wi_tx_discards_wrong_sa;
+ u_int32_t wi_rx_WEP_cant_decrypt;
+ u_int32_t wi_rx_msg_in_msg_frags;
+ u_int32_t wi_rx_msg_in_bad_msg_frags;
+};
+#endif
+
+/*
+ * Network parameters, static configuration entities.
+ */
+#define WI_RID_PORTTYPE 0xFC00 /* Connection control characteristics */
+#define WI_RID_MAC_NODE 0xFC01 /* MAC address of this station */
+#define WI_RID_DESIRED_SSID 0xFC02 /* Service Set ID for connection */
+#define WI_RID_OWN_CHNL 0xFC03 /* Comm channel for BSS creation */
+#define WI_RID_OWN_SSID 0xFC04 /* IBSS creation ID */
+#define WI_RID_OWN_ATIM_WIN 0xFC05 /* ATIM window time for IBSS creation */
+#define WI_RID_SYSTEM_SCALE 0xFC06 /* scale that specifies AP density */
+#define WI_RID_MAX_DATALEN 0xFC07 /* Max len of MAC frame body data */
+#define WI_RID_MAC_WDS 0xFC08 /* MAC addr of corresponding WDS node */
+#define WI_RID_PM_ENABLED 0xFC09 /* ESS power management enable */
+#define WI_RID_PM_EPS 0xFC0A /* PM EPS/PS mode */
+#define WI_RID_MCAST_RX 0xFC0B /* ESS PM mcast reception */
+#define WI_RID_MAX_SLEEP 0xFC0C /* max sleep time for ESS PM */
+#define WI_RID_HOLDOVER 0xFC0D /* holdover time for ESS PM */
+#define WI_RID_NODENAME 0xFC0E /* ID name of this node for diag */
+#define WI_RID_DTIM_PERIOD 0xFC10 /* beacon interval between DTIMs */
+#define WI_RID_WDS_ADDR1 0xFC11 /* port 1 MAC of WDS link node */
+#define WI_RID_WDS_ADDR2 0xFC12 /* port 1 MAC of WDS link node */
+#define WI_RID_WDS_ADDR3 0xFC13 /* port 1 MAC of WDS link node */
+#define WI_RID_WDS_ADDR4 0xFC14 /* port 1 MAC of WDS link node */
+#define WI_RID_WDS_ADDR5 0xFC15 /* port 1 MAC of WDS link node */
+#define WI_RID_WDS_ADDR6 0xFC16 /* port 1 MAC of WDS link node */
+#define WI_RID_MCAST_PM_BUF 0xFC17 /* PM buffering of mcast */
+#define WI_RID_ENCRYPTION 0xFC20 /* enable/disable WEP */
+#define WI_RID_AUTHTYPE 0xFC21 /* specify authentication type */
+#define WI_RID_P2_TX_CRYPT_KEY 0xFC23
+#define WI_RID_P2_CRYPT_KEY0 0xFC24
+#define WI_RID_P2_CRYPT_KEY1 0xFC25
+#define WI_RID_MICROWAVE_OVEN 0xFC25
+#define WI_RID_P2_CRYPT_KEY2 0xFC26
+#define WI_RID_P2_CRYPT_KEY3 0xFC27
+#define WI_RID_P2_ENCRYPTION 0xFC28
+#define PRIVACY_INVOKED 0x01
+#define EXCLUDE_UNENCRYPTED 0x02
+#define HOST_ENCRYPT 0x10
+#define IV_EVERY_FRAME 0x00 /* IV = Initialization Vector */
+#define IV_EVERY10_FRAME 0x20 /* every 10 frame IV reuse */
+#define IV_EVERY50_FRAME 0x40 /* every 50 frame IV reuse */
+#define IV_EVERY100_FRAME 0x60 /* every 100 frame IV reuse */
+#define HOST_DECRYPT 0x80
+#define WI_RID_WEP_MAPTABLE 0xFC29
+#define WI_RID_CNFAUTHMODE 0xFC2A
+#define WI_RID_ROAMING_MODE 0xFC2D
+#define WI_RID_BASIC_RATE 0xFCB3
+#define WI_RID_SUPPORT_RATE 0xFCB4
+
+/*
+ * Network parameters, dynamic configuration entities
+ */
+#define WI_RID_MCAST_LIST 0xFC80 /* list of multicast addrs */
+#define WI_RID_CREATE_IBSS 0xFC81 /* create IBSS */
+#define WI_RID_FRAG_THRESH 0xFC82 /* frag len, unicast msg xmit */
+#define WI_RID_RTS_THRESH 0xFC83 /* frame len for RTS/CTS handshake */
+#define WI_RID_TX_RATE 0xFC84 /* data rate for message xmit
+ * 0 == Fixed 1mbps
+ * 1 == Fixed 2mbps
+ * 2 == auto fallback
+ */
+#define WI_RID_PROMISC 0xFC85 /* enable promisc mode */
+#define WI_RID_FRAG_THRESH0 0xFC90
+#define WI_RID_FRAG_THRESH1 0xFC91
+#define WI_RID_FRAG_THRESH2 0xFC92
+#define WI_RID_FRAG_THRESH3 0xFC93
+#define WI_RID_FRAG_THRESH4 0xFC94
+#define WI_RID_FRAG_THRESH5 0xFC95
+#define WI_RID_FRAG_THRESH6 0xFC96
+#define WI_RID_RTS_THRESH0 0xFC97
+#define WI_RID_RTS_THRESH1 0xFC98
+#define WI_RID_RTS_THRESH2 0xFC99
+#define WI_RID_RTS_THRESH3 0xFC9A
+#define WI_RID_RTS_THRESH4 0xFC9B
+#define WI_RID_RTS_THRESH5 0xFC9C
+#define WI_RID_RTS_THRESH6 0xFC9D
+#define WI_RID_TX_RATE0 0xFC9E
+#define WI_RID_TX_RATE1 0xFC9F
+#define WI_RID_TX_RATE2 0xFCA0
+#define WI_RID_TX_RATE3 0xFCA1
+#define WI_RID_TX_RATE4 0xFCA2
+#define WI_RID_TX_RATE5 0xFCA3
+#define WI_RID_TX_RATE6 0xFCA4
+#define WI_RID_DEFLT_CRYPT_KEYS 0xFCB0
+#define WI_RID_TX_CRYPT_KEY 0xFCB1
+#define WI_RID_TICK_TIME 0xFCE0
+
+#ifndef _KERNEL
+struct wi_key {
+ u_int16_t wi_keylen;
+ u_int8_t wi_keydat[14];
+};
+
+struct wi_ltv_keys {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ struct wi_key wi_keys[4];
+};
+#endif
+
+/*
+ * NIC information
+ */
+#define WI_RID_DNLD_BUF 0xFD01
+#define WI_RID_MEMSZ 0xFD02 /* memory size info (XXX Lucent) */
+#define WI_RID_PRI_IDENTITY 0xFD02 /* primary funcs firmware ident (PRISM2) */
+#define WI_RID_PRI_SUP_RANGE 0xFD03 /* primary supplier compatibility */
+#define WI_RID_CIF_ACT_RANGE 0xFD04 /* controller sup. compatibility */
+#define WI_RID_SERIALNO 0xFD0A /* card serial number */
+#define WI_RID_CARD_ID 0xFD0B /* card identification */
+#define WI_RID_MFI_SUP_RANGE 0xFD0C /* modem supplier compatibility */
+#define WI_RID_CFI_SUP_RANGE 0xFD0D /* controller sup. compatibility */
+#define WI_RID_CHANNEL_LIST 0xFD10 /* allowd comm. frequencies. */
+#define WI_RID_REG_DOMAINS 0xFD11 /* list of intendted regulatory doms */
+#define WI_RID_TEMP_TYPE 0xFD12 /* hw temp range code */
+#define WI_RID_CIS 0xFD13 /* PC card info struct */
+#define WI_RID_STA_IDENTITY 0xFD20 /* station funcs firmware ident */
+#define WI_RID_STA_SUP_RANGE 0xFD21 /* station supplier compat */
+#define WI_RID_MFI_ACT_RANGE 0xFD22
+#define WI_RID_SYMBOL_IDENTITY 0xFD24
+#define WI_RID_CFI_ACT_RANGE 0xFD33
+#define WI_RID_COMMQUAL 0xFD43
+#define WI_RID_SCALETHRESH 0xFD46
+#define WI_RID_PCF 0xFD87
+
+/*
+ * MAC information
+ */
+#define WI_RID_PORT_STAT 0xFD40 /* actual MAC port con control stat */
+#define WI_RID_CURRENT_SSID 0xFD41 /* ID of actually connected SS */
+#define WI_RID_CURRENT_BSSID 0xFD42 /* ID of actually connected BSS */
+#define WI_RID_COMMS_QUALITY 0xFD43 /* quality of BSS connection */
+#define WI_RID_CUR_TX_RATE 0xFD44 /* current TX rate */
+#define WI_RID_OWN_BEACON_INT 0xFD45 /* beacon xmit time for BSS creation */
+#define WI_RID_CUR_SCALE_THRESH 0xFD46 /* actual system scane thresh setting */
+#define WI_RID_PROT_RESP_TIME 0xFD47 /* time to wait for resp to req msg */
+#define WI_RID_SHORT_RTR_LIM 0xFD48 /* max tx attempts for short frames */
+#define WI_RID_LONG_RTS_LIM 0xFD49 /* max tx attempts for long frames */
+#define WI_RID_MAX_TX_LIFE 0xFD4A /* max tx frame handling duration */
+#define WI_RID_MAX_RX_LIFE 0xFD4B /* max rx frame handling duration */
+#define WI_RID_CF_POLL 0xFD4C /* contention free pollable ind */
+#define WI_RID_AUTH_ALGS 0xFD4D /* auth algorithms available */
+#define WI_RID_AUTH_TYPE 0xFD4E /* availanle auth types */
+#define WI_RID_WEP_AVAIL 0xFD4F /* WEP privacy option available */
+#define WI_RID_CUR_TX_RATE1 0xFD80
+#define WI_RID_CUR_TX_RATE2 0xFD81
+#define WI_RID_CUR_TX_RATE3 0xFD82
+#define WI_RID_CUR_TX_RATE4 0xFD83
+#define WI_RID_CUR_TX_RATE5 0xFD84
+#define WI_RID_CUR_TX_RATE6 0xFD85
+#define WI_RID_OWN_MAC 0xFD86 /* unique local MAC addr */
+#define WI_RID_PCI_INFO 0xFD87 /* point coordination func cap */
+
+/*
+ * Modem information
+ */
+#define WI_RID_PHY_TYPE 0xFDC0 /* phys layer type indication */
+#define WI_RID_CURRENT_CHAN 0xFDC1 /* current frequency */
+#define WI_RID_PWR_STATE 0xFDC2 /* pwr consumption status */
+#define WI_RID_CCA_MODE 0xFDC3 /* clear chan assess mode indication */
+#define WI_RID_CCA_TIME 0xFDC4 /* clear chan assess time */
+#define WI_RID_MAC_PROC_DELAY 0xFDC5 /* MAC processing delay time */
+#define WI_RID_DATA_RATES 0xFDC6 /* supported data rates */
+
+/*
+ * bsd-airtools v0.2 - source-mods v0.2 [common.h]
+ * by h1kari - (c) Dachb0den Labs 2001
+ */
+
+/*
+ * Copyright (c) 2001 Dachb0den Labs.
+ * David Hulton <h1kari@dachb0den.com>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by David Hulton.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY David Hulton AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL David Hulton OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * standard hermes recieve frame used by wavelan/prism2 cards
+ */
+struct wi_rx_frame {
+ /*
+ * hermes prefix header. supplies information on the current status of
+ * the network and various other statistics gathered from the
+ * management/control frames as used internally.
+ */
+ u_int16_t wi_status;
+ u_int16_t wi_ts0;
+ u_int16_t wi_ts1;
+ u_int8_t wi_silence;
+ u_int8_t wi_signal;
+ u_int8_t wi_rate;
+ u_int8_t wi_rx_flow;
+ u_int16_t wi_rsvd0;
+ u_int16_t wi_rsvd1;
+ /*
+ * standard 80211 frame header. all packets have to use this header as
+ * per the AN9900 from intersil, even management/control. for
+ * management packets, they just threw the header into the data field,
+ * but for control packets the headers are lost in translation and
+ * therefore not all control packet info can be displayed.
+ */
+ u_int16_t wi_frame_ctl;
+ u_int16_t wi_id;
+ u_int8_t wi_addr1[6];
+ u_int8_t wi_addr2[6];
+ u_int8_t wi_addr3[6];
+ u_int16_t wi_seq_ctl;
+ u_int8_t wi_addr4[6];
+ u_int16_t wi_dat_len;
+ /*
+ * another wierdity with the drivers. they append a 802.3 header which
+ * is somewhat redundant, since all the same data is provided in the
+ * 802.11 header.
+ */
+ u_int8_t wi_dst_addr[6];
+ u_int8_t wi_src_addr[6];
+ u_int16_t wi_len;
+};
+#define WI_DATA_HDRLEN WI_802_11_OFFSET
+#define WI_MGMT_HDRLEN WI_802_11_OFFSET_RAW
+#define WI_CTL_HDRLEN WI_802_11_OFFSET_RAW
+
+
+/*
+ * all data packets have a snap (sub-network access protocol) header that
+ * isn't entirely definied, but added for ethernet compatibility.
+ */
+struct wi_snap_frame {
+ u_int16_t wi_dat[3];
+ u_int16_t wi_type;
+};
+
+
+/*
+ * management frame headers
+ * note: all management frames consist of a static header and variable length
+ * fields.
+ */
+
+/*
+ * variable length field structure
+ */
+struct wi_mgmt_var_hdr {
+ u_int8_t wi_code;
+ u_int8_t wi_len;
+ u_int8_t wi_data[256];
+};
+
+/*
+ * management beacon frame prefix
+ */
+struct wi_mgmt_beacon_hdr {
+ u_int32_t wi_ts0;
+ u_int32_t wi_ts1;
+ u_int16_t wi_interval;
+ u_int16_t wi_capinfo;
+};
+
+/*
+ * ibss announcement traffic indication message (atim) frame
+ * note: no parameters
+ */
+
+/*
+ * management disassociation frame
+ */
+struct wi_mgmt_disas_hdr {
+ u_int16_t wi_reason;
+};
+
+/*
+ * management association request frame prefix
+ */
+struct wi_mgmt_asreq_hdr {
+ u_int16_t wi_capinfo;
+ u_int16_t wi_interval;
+};
+
+/*
+ * management association response frame prefix
+ */
+struct wi_mgmt_asresp_hdr {
+ u_int16_t wi_capinfo;
+ u_int16_t wi_status;
+ u_int16_t wi_aid;
+};
+
+/*
+ * management reassociation request frame prefix
+ */
+struct wi_mgmt_reasreq_hdr {
+ u_int16_t wi_capinfo;
+ u_int16_t wi_interval;
+ u_int8_t wi_currap[6];
+};
+
+/*
+ * management reassociation response frame prefix
+ */
+struct wi_mgmt_reasresp_hdr {
+ u_int16_t wi_capinfo;
+ u_int16_t wi_status;
+ u_int16_t wi_aid;
+};
+
+/*
+ * management probe request frame prefix
+ * note: no static parameters, only variable length
+ */
+
+/*
+ * management probe response frame prefix
+ */
+struct wi_mgmt_proberesp_hdr {
+ u_int32_t wi_ts0;
+ u_int32_t wi_ts1;
+ u_int16_t wi_interval;
+ u_int16_t wi_capinfo;
+};
+
+/*
+ * management authentication frame prefix
+ */
+struct wi_mgmt_auth_hdr {
+ u_int16_t wi_algo;
+ u_int16_t wi_seq;
+ u_int16_t wi_status;
+};
+
+/*
+ * management deauthentication frame
+ */
+struct wi_mgmt_deauth_hdr {
+ u_int16_t wi_reason;
+};
+
+
+/*
+ * rid configuration register definitions
+ */
+#define WI_RID_SCAN_REQ 0xFCE1 /* scan request information */
+#define WI_RID_SCAN_RES 0xFD88 /* scan result information */
+
+#define WI_RID_PROCFRAME 0x3137 /* Return full frame information */
+#define WI_RID_PRISM2 0x3138 /* tell if we're a prism2 card or not */
+
+
+/*
+ * 802.11 definitions
+ */
+#define WI_STAT_BADCRC 0x0001
+#define WI_STAT_UNDECRYPTABLE 0x0002
+#define WI_STAT_ERRSTAT 0x0003
+#define WI_STAT_MAC_PORT 0x0700
+#define WI_STAT_1042 0x2000
+#define WI_STAT_TUNNEL 0x4000
+#define WI_STAT_WMP_MSG 0x6000
+#define WI_RXSTAT_MSG_TYPE 0xE000
+
+#define WI_FCTL_OPT_MASK 0xFF00
+#define WI_AID_SET 0xC000
+#define WI_AID_MASK 0x3FFF
+#define WI_SCTL_FRAGNUM_MASK 0x000F
+#define WI_SCTL_SEQNUM_MASK 0xFFF0
+
+#define WI_STAT_UNSPEC_FAIL 1
+#define WI_STAT_CAPINFO_FAIL 10
+#define WI_STAT_REAS_DENY 11
+#define WI_STAT_ASSOC_DENY 12
+#define WI_STAT_ALGO_FAIL 13
+#define WI_STAT_SEQ_FAIL 14
+#define WI_STAT_CHAL_FAIL 15
+#define WI_STAT_TOUT_FAIL 16
+#define WI_STAT_OVERL_DENY 17
+#define WI_STAT_RATE_DENY 18
+
+#define WI_FTYPE_MGMT 0x0000
+#define WI_FTYPE_CTL 0x0004
+#define WI_FTYPE_DATA 0x0008
+
+#define WI_FCTL_VERS 0x0002
+#define WI_FCTL_FTYPE 0x000C
+#define WI_FCTL_STYPE 0x00F0
+#define WI_FCTL_TODS 0x0100
+#define WI_FCTL_FROMDS 0x0200
+#define WI_FCTL_MOREFRAGS 0x0400
+#define WI_FCTL_RETRY 0x0800
+#define WI_FCTL_PM 0x1000
+#define WI_FCTL_MOREDATA 0x2000
+#define WI_FCTL_WEP 0x4000
+#define WI_FCTL_ORDER 0x8000
+
+#define WI_FCS_LEN 0x4 /* checksum length */
+
+
+/*
+ * management definitions
+ */
+#define WI_STYPE_MGMT_ASREQ 0x0000
+#define WI_STYPE_MGMT_ASRESP 0x0010
+#define WI_STYPE_MGMT_REASREQ 0x0020
+#define WI_STYPE_MGMT_REASRESP 0x0030
+#define WI_STYPE_MGMT_PROBEREQ 0x0040
+#define WI_STYPE_MGMT_PROBERESP 0x0050
+#define WI_STYPE_MGMT_BEACON 0x0080
+#define WI_STYPE_MGMT_ATIM 0x0090
+#define WI_STYPE_MGMT_DISAS 0x00A0
+#define WI_STYPE_MGMT_AUTH 0x00B0
+#define WI_STYPE_MGMT_DEAUTH 0x00C0
+
+#define WI_CAPINFO_ESS 0x01
+#define WI_CAPINFO_IBSS 0x02
+#define WI_CAPINFO_CFPOLL 0x04
+#define WI_CAPINFO_CFPOLLREQ 0x08
+#define WI_CAPINFO_PRIV 0x10
+
+#define WI_REASON_UNSPEC 1
+#define WI_REASON_AUTH_INVALID 2
+#define WI_REASON_DEAUTH_LEAVE 3
+#define WI_REASON_DISAS_INACT 4
+#define WI_REASON_DISAS_OVERL 5
+#define WI_REASON_CLASS2 6
+#define WI_REASON_CLASS3 7
+#define WI_REASON_DISAS_LEAVE 8
+#define WI_REASON_NOAUTH 9
+
+#define WI_VAR_SSID 0
+#define WI_VAR_SRATES 1
+#define WI_VAR_FH 2
+#define WI_VAR_DS 3
+#define WI_VAR_CF 4
+#define WI_VAR_TIM 5
+#define WI_VAR_IBSS 6
+#define WI_VAR_CHAL 16
+
+#define WI_VAR_SRATES_MASK 0x7F
+
+
+/*
+ * control definitions
+ */
+#define WI_STYPE_CTL_PSPOLL 0x00A0
+#define WI_STYPE_CTL_RTS 0x00B0
+#define WI_STYPE_CTL_CTS 0x00C0
+#define WI_STYPE_CTL_ACK 0x00D0
+#define WI_STYPE_CTL_CFEND 0x00E0
+#define WI_STYPE_CTL_CFENDCFACK 0x00F0
+
+
+/*
+ * ap scanning structures
+ */
+struct wi_scan_res {
+ u_int16_t wi_chan;
+ u_int16_t wi_noise;
+ u_int16_t wi_signal;
+ u_int8_t wi_bssid[6];
+ u_int16_t wi_interval;
+ u_int16_t wi_capinfo;
+ u_int16_t wi_ssid_len;
+ u_int8_t wi_ssid[32];
+ u_int8_t wi_srates[10];
+ u_int8_t wi_rate;
+ u_int8_t wi_rsvd;
+};
+#define WI_WAVELAN_RES_SIZE 50
+
+struct wi_scan_p2_hdr {
+ u_int16_t wi_rsvd;
+ u_int16_t wi_reason;
+};
+#define WI_PRISM2_RES_SIZE 62
+
+
+/*
+ * prism2 debug mode definitions
+ */
+#define SIOCSPRISM2DEBUG _IOW('i', 137, struct ifreq)
+#define SIOCGPRISM2DEBUG _IOWR('i', 138, struct ifreq)
+
+#define WI_CMD_DEBUG 0x0038 /* prism2 debug */
+
+#define WI_DEBUG_RESET 0x00
+#define WI_DEBUG_INIT 0x01
+#define WI_DEBUG_SLEEP 0x02
+#define WI_DEBUG_WAKE 0x03
+#define WI_DEBUG_CHAN 0x08
+#define WI_DEBUG_DELAYSUPP 0x09
+#define WI_DEBUG_TXSUPP 0x0A
+#define WI_DEBUG_MONITOR 0x0B
+#define WI_DEBUG_LEDTEST 0x0C
+#define WI_DEBUG_CONTTX 0x0E
+#define WI_DEBUG_STOPTEST 0x0F
+#define WI_DEBUG_CONTRX 0x10
+#define WI_DEBUG_SIGSTATE 0x11
+#define WI_DEBUG_CALENABLE 0x13
+#define WI_DEBUG_CONFBITS 0x15
+
+#endif
diff --git a/sys/dev/wi/if_wi.c b/sys/dev/wi/if_wi.c
new file mode 100644
index 000000000000..26b57d96439d
--- /dev/null
+++ b/sys/dev/wi/if_wi.c
@@ -0,0 +1,3012 @@
+/*
+ * Copyright (c) 1997, 1998, 1999
+ * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Bill Paul.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Lucent WaveLAN/IEEE 802.11 PCMCIA driver for FreeBSD.
+ *
+ * Written by Bill Paul <wpaul@ctr.columbia.edu>
+ * Electrical Engineering Department
+ * Columbia University, New York City
+ */
+
+/*
+ * The WaveLAN/IEEE adapter is the second generation of the WaveLAN
+ * from Lucent. Unlike the older cards, the new ones are programmed
+ * entirely via a firmware-driven controller called the Hermes.
+ * Unfortunately, Lucent will not release the Hermes programming manual
+ * without an NDA (if at all). What they do release is an API library
+ * called the HCF (Hardware Control Functions) which is supposed to
+ * do the device-specific operations of a device driver for you. The
+ * publically available version of the HCF library (the 'HCF Light') is
+ * a) extremely gross, b) lacks certain features, particularly support
+ * for 802.11 frames, and c) is contaminated by the GNU Public License.
+ *
+ * This driver does not use the HCF or HCF Light at all. Instead, it
+ * programs the Hermes controller directly, using information gleaned
+ * from the HCF Light code and corresponding documentation.
+ *
+ * This driver supports the ISA, PCMCIA and PCI versions of the Lucent
+ * WaveLan cards (based on the Hermes chipset), as well as the newer
+ * Prism 2 chipsets with firmware from Intersil and Symbol.
+ */
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#if __FreeBSD_version >= 500033
+#include <sys/endian.h>
+#endif
+#include <sys/sockio.h>
+#include <sys/mbuf.h>
+#include <sys/proc.h>
+#include <sys/kernel.h>
+#include <sys/socket.h>
+#include <sys/module.h>
+#include <sys/bus.h>
+#include <sys/random.h>
+#include <sys/syslog.h>
+#include <sys/sysctl.h>
+
+#include <machine/bus.h>
+#include <machine/resource.h>
+#include <machine/clock.h>
+#include <sys/rman.h>
+
+#include <net/if.h>
+#include <net/if_arp.h>
+#include <net/ethernet.h>
+#include <net/if_dl.h>
+#include <net/if_media.h>
+#include <net/if_types.h>
+#include <net/if_ieee80211.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/in_var.h>
+#include <netinet/ip.h>
+#include <netinet/if_ether.h>
+
+#include <net/bpf.h>
+
+#include <dev/wi/if_wavelan_ieee.h>
+#include <dev/wi/wi_hostap.h>
+#include <dev/wi/if_wivar.h>
+#include <dev/wi/if_wireg.h>
+
+#if !defined(lint)
+static const char rcsid[] =
+ "$FreeBSD$";
+#endif
+
+static void wi_intr(void *);
+static void wi_reset(struct wi_softc *);
+static int wi_ioctl(struct ifnet *, u_long, caddr_t);
+static void wi_init(void *);
+static void wi_start(struct ifnet *);
+static void wi_stop(struct wi_softc *);
+static void wi_watchdog(struct ifnet *);
+static void wi_rxeof(struct wi_softc *);
+static void wi_txeof(struct wi_softc *, int);
+static void wi_update_stats(struct wi_softc *);
+static void wi_setmulti(struct wi_softc *);
+
+static int wi_cmd(struct wi_softc *, int, int, int, int);
+static int wi_read_record(struct wi_softc *, struct wi_ltv_gen *);
+static int wi_write_record(struct wi_softc *, struct wi_ltv_gen *);
+static int wi_read_data(struct wi_softc *, int, int, caddr_t, int);
+static int wi_write_data(struct wi_softc *, int, int, caddr_t, int);
+static int wi_seek(struct wi_softc *, int, int, int);
+static int wi_alloc_nicmem(struct wi_softc *, int, int *);
+static void wi_inquire(void *);
+static void wi_setdef(struct wi_softc *, struct wi_req *);
+
+#ifdef WICACHE
+static
+void wi_cache_store(struct wi_softc *, struct ether_header *,
+ struct mbuf *, unsigned short);
+#endif
+
+static int wi_get_cur_ssid(struct wi_softc *, char *, int *);
+static void wi_get_id(struct wi_softc *);
+static int wi_media_change(struct ifnet *);
+static void wi_media_status(struct ifnet *, struct ifmediareq *);
+
+static int wi_get_debug(struct wi_softc *, struct wi_req *);
+static int wi_set_debug(struct wi_softc *, struct wi_req *);
+
+devclass_t wi_devclass;
+
+struct wi_card_ident wi_card_ident[] = {
+ /* CARD_ID CARD_NAME FIRM_TYPE */
+ { WI_NIC_LUCENT_ID, WI_NIC_LUCENT_STR, WI_LUCENT },
+ { WI_NIC_SONY_ID, WI_NIC_SONY_STR, WI_LUCENT },
+ { WI_NIC_LUCENT_EMB_ID, WI_NIC_LUCENT_EMB_STR, WI_LUCENT },
+ { WI_NIC_EVB2_ID, WI_NIC_EVB2_STR, WI_INTERSIL },
+ { WI_NIC_HWB3763_ID, WI_NIC_HWB3763_STR, WI_INTERSIL },
+ { WI_NIC_HWB3163_ID, WI_NIC_HWB3163_STR, WI_INTERSIL },
+ { WI_NIC_HWB3163B_ID, WI_NIC_HWB3163B_STR, WI_INTERSIL },
+ { WI_NIC_EVB3_ID, WI_NIC_EVB3_STR, WI_INTERSIL },
+ { WI_NIC_HWB1153_ID, WI_NIC_HWB1153_STR, WI_INTERSIL },
+ { WI_NIC_P2_SST_ID, WI_NIC_P2_SST_STR, WI_INTERSIL },
+ { WI_NIC_EVB2_SST_ID, WI_NIC_EVB2_SST_STR, WI_INTERSIL },
+ { WI_NIC_3842_EVA_ID, WI_NIC_3842_EVA_STR, WI_INTERSIL },
+ { WI_NIC_3842_PCMCIA_AMD_ID, WI_NIC_3842_PCMCIA_STR, WI_INTERSIL },
+ { WI_NIC_3842_PCMCIA_SST_ID, WI_NIC_3842_PCMCIA_STR, WI_INTERSIL },
+ { WI_NIC_3842_PCMCIA_ATM_ID, WI_NIC_3842_PCMCIA_STR, WI_INTERSIL },
+ { WI_NIC_3842_MINI_AMD_ID, WI_NIC_3842_MINI_STR, WI_INTERSIL },
+ { WI_NIC_3842_MINI_SST_ID, WI_NIC_3842_MINI_STR, WI_INTERSIL },
+ { WI_NIC_3842_MINI_ATM_ID, WI_NIC_3842_MINI_STR, WI_INTERSIL },
+ { WI_NIC_3842_PCI_AMD_ID, WI_NIC_3842_PCI_STR, WI_INTERSIL },
+ { WI_NIC_3842_PCI_SST_ID, WI_NIC_3842_PCI_STR, WI_INTERSIL },
+ { WI_NIC_3842_PCI_ATM_ID, WI_NIC_3842_PCI_STR, WI_INTERSIL },
+ { WI_NIC_P3_PCMCIA_AMD_ID, WI_NIC_P3_PCMCIA_STR, WI_INTERSIL },
+ { WI_NIC_P3_PCMCIA_SST_ID, WI_NIC_P3_PCMCIA_STR, WI_INTERSIL },
+ { WI_NIC_P3_MINI_AMD_ID, WI_NIC_P3_MINI_STR, WI_INTERSIL },
+ { WI_NIC_P3_MINI_SST_ID, WI_NIC_P3_MINI_STR, WI_INTERSIL },
+ { 0, NULL, 0 },
+};
+
+int
+wi_generic_detach(dev)
+ device_t dev;
+{
+ struct wi_softc *sc;
+ struct ifnet *ifp;
+ int s;
+
+ sc = device_get_softc(dev);
+ WI_LOCK(sc, s);
+ ifp = &sc->arpcom.ac_if;
+
+ if (sc->wi_gone) {
+ device_printf(dev, "already unloaded\n");
+ WI_UNLOCK(sc, s);
+ return(ENODEV);
+ }
+
+ wi_stop(sc);
+
+ /* Delete all remaining media. */
+ ifmedia_removeall(&sc->ifmedia);
+
+ ether_ifdetach(ifp, ETHER_BPF_SUPPORTED);
+ bus_teardown_intr(dev, sc->irq, sc->wi_intrhand);
+ wi_free(dev);
+ sc->wi_gone = 1;
+
+ WI_UNLOCK(sc, s);
+#if __FreeBSD_version >= 500000
+ mtx_destroy(&sc->wi_mtx);
+#endif
+
+ return(0);
+}
+
+int
+wi_generic_attach(device_t dev)
+{
+ struct wi_softc *sc;
+ struct wi_ltv_macaddr mac;
+ struct wi_ltv_gen gen;
+ struct ifnet *ifp;
+ int error;
+ int s;
+
+ /* XXX maybe we need the splimp stuff here XXX */
+ sc = device_get_softc(dev);
+ ifp = &sc->arpcom.ac_if;
+
+ error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET,
+ wi_intr, sc, &sc->wi_intrhand);
+
+ if (error) {
+ device_printf(dev, "bus_setup_intr() failed! (%d)\n", error);
+ wi_free(dev);
+ return (error);
+ }
+
+#if __FreeBSD_version >= 500000
+ mtx_init(&sc->wi_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK,
+ MTX_DEF | MTX_RECURSE);
+#endif
+ WI_LOCK(sc, s);
+
+ /* Reset the NIC. */
+ wi_reset(sc);
+
+ /*
+ * Read the station address.
+ * And do it twice. I've seen PRISM-based cards that return
+ * an error when trying to read it the first time, which causes
+ * the probe to fail.
+ */
+ mac.wi_type = WI_RID_MAC_NODE;
+ mac.wi_len = 4;
+ wi_read_record(sc, (struct wi_ltv_gen *)&mac);
+ if ((error = wi_read_record(sc, (struct wi_ltv_gen *)&mac)) != 0) {
+ device_printf(dev, "mac read failed %d\n", error);
+ wi_free(dev);
+ return (error);
+ }
+ bcopy((char *)&mac.wi_mac_addr,
+ (char *)&sc->arpcom.ac_enaddr, ETHER_ADDR_LEN);
+
+ device_printf(dev, "802.11 address: %6D\n", sc->arpcom.ac_enaddr, ":");
+
+ wi_get_id(sc);
+
+ ifp->if_softc = sc;
+ ifp->if_unit = sc->wi_unit;
+ ifp->if_name = "wi";
+ ifp->if_mtu = ETHERMTU;
+ ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
+ ifp->if_ioctl = wi_ioctl;
+ ifp->if_output = ether_output;
+ ifp->if_start = wi_start;
+ ifp->if_watchdog = wi_watchdog;
+ ifp->if_init = wi_init;
+ ifp->if_baudrate = 10000000;
+ ifp->if_snd.ifq_maxlen = IFQ_MAXLEN;
+
+ bzero(sc->wi_node_name, sizeof(sc->wi_node_name));
+ bcopy(WI_DEFAULT_NODENAME, sc->wi_node_name,
+ sizeof(WI_DEFAULT_NODENAME) - 1);
+
+ bzero(sc->wi_net_name, sizeof(sc->wi_net_name));
+ bcopy(WI_DEFAULT_NETNAME, sc->wi_net_name,
+ sizeof(WI_DEFAULT_NETNAME) - 1);
+
+ bzero(sc->wi_ibss_name, sizeof(sc->wi_ibss_name));
+ bcopy(WI_DEFAULT_IBSS, sc->wi_ibss_name,
+ sizeof(WI_DEFAULT_IBSS) - 1);
+
+ sc->wi_portnum = WI_DEFAULT_PORT;
+ sc->wi_ptype = WI_PORTTYPE_BSS;
+ sc->wi_ap_density = WI_DEFAULT_AP_DENSITY;
+ sc->wi_rts_thresh = WI_DEFAULT_RTS_THRESH;
+ sc->wi_tx_rate = WI_DEFAULT_TX_RATE;
+ sc->wi_max_data_len = WI_DEFAULT_DATALEN;
+ sc->wi_create_ibss = WI_DEFAULT_CREATE_IBSS;
+ sc->wi_pm_enabled = WI_DEFAULT_PM_ENABLED;
+ sc->wi_max_sleep = WI_DEFAULT_MAX_SLEEP;
+ sc->wi_roaming = WI_DEFAULT_ROAMING;
+ sc->wi_authtype = WI_DEFAULT_AUTHTYPE;
+ sc->wi_authmode = IEEE80211_AUTH_OPEN;
+
+ /*
+ * Read the default channel from the NIC. This may vary
+ * depending on the country where the NIC was purchased, so
+ * we can't hard-code a default and expect it to work for
+ * everyone.
+ */
+ gen.wi_type = WI_RID_OWN_CHNL;
+ gen.wi_len = 2;
+ wi_read_record(sc, &gen);
+ sc->wi_channel = gen.wi_val;
+
+ /*
+ * Find out if we support WEP on this card.
+ */
+ gen.wi_type = WI_RID_WEP_AVAIL;
+ gen.wi_len = 2;
+ wi_read_record(sc, &gen);
+ sc->wi_has_wep = gen.wi_val;
+
+ if (bootverbose)
+ device_printf(sc->dev, "wi_has_wep = %d\n", sc->wi_has_wep);
+
+ /*
+ * Find supported rates.
+ */
+ gen.wi_type = WI_RID_TX_RATE;
+ gen.wi_len = 2;
+ wi_read_record(sc, &gen);
+ sc->wi_supprates = gen.wi_val;
+
+ bzero((char *)&sc->wi_stats, sizeof(sc->wi_stats));
+
+ wi_init(sc);
+ wi_stop(sc);
+
+ ifmedia_init(&sc->ifmedia, 0, wi_media_change, wi_media_status);
+ /* XXX: Should read from card capabilities */
+#define ADD(m, c) ifmedia_add(&sc->ifmedia, (m), (c), NULL)
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS1,
+ IFM_IEEE80211_ADHOC, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS1, 0, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS2,
+ IFM_IEEE80211_ADHOC, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS2, 0, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS5,
+ IFM_IEEE80211_ADHOC, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS5, 0, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS11,
+ IFM_IEEE80211_ADHOC, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS11, 0, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO,
+ IFM_IEEE80211_ADHOC, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO, 0, 0), 0);
+ if (sc->sc_firmware_type == WI_INTERSIL) {
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS1,
+ IFM_IEEE80211_HOSTAP, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS2,
+ IFM_IEEE80211_HOSTAP, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS5,
+ IFM_IEEE80211_HOSTAP, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS11,
+ IFM_IEEE80211_HOSTAP, 0), 0);
+ ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO,
+ IFM_IEEE80211_HOSTAP, 0), 0);
+ }
+#undef ADD
+ ifmedia_set(&sc->ifmedia, IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO,
+ 0, 0));
+
+
+ /*
+ * Call MI attach routine.
+ */
+ ether_ifattach(ifp, ETHER_BPF_SUPPORTED);
+ callout_handle_init(&sc->wi_stat_ch);
+ WI_UNLOCK(sc, s);
+
+ return(0);
+}
+
+static void
+wi_get_id(sc)
+ struct wi_softc *sc;
+{
+ struct wi_ltv_ver ver;
+ struct wi_card_ident *id;
+
+ /* getting chip identity */
+ memset(&ver, 0, sizeof(ver));
+ ver.wi_type = WI_RID_CARD_ID;
+ ver.wi_len = 5;
+ wi_read_record(sc, (struct wi_ltv_gen *)&ver);
+ device_printf(sc->dev, "using ");
+ sc->sc_firmware_type = WI_NOTYPE;
+ for (id = wi_card_ident; id->card_name != NULL; id++) {
+ if (le16toh(ver.wi_ver[0]) == id->card_id) {
+ printf("%s", id->card_name);
+ sc->sc_firmware_type = id->firm_type;
+ break;
+ }
+ }
+ if (sc->sc_firmware_type == WI_NOTYPE) {
+ if (le16toh(ver.wi_ver[0]) & 0x8000) {
+ printf("Unknown PRISM2 chip");
+ sc->sc_firmware_type = WI_INTERSIL;
+ } else {
+ printf("Unknown Lucent chip");
+ sc->sc_firmware_type = WI_LUCENT;
+ }
+ }
+
+ if (sc->sc_firmware_type != WI_LUCENT) {
+ /* get primary firmware version */
+ memset(&ver, 0, sizeof(ver));
+ ver.wi_type = WI_RID_PRI_IDENTITY;
+ ver.wi_len = 5;
+ wi_read_record(sc, (struct wi_ltv_gen *)&ver);
+ ver.wi_ver[1] = le16toh(ver.wi_ver[1]);
+ ver.wi_ver[2] = le16toh(ver.wi_ver[2]);
+ ver.wi_ver[3] = le16toh(ver.wi_ver[3]);
+ sc->sc_pri_firmware_ver = ver.wi_ver[2] * 10000 +
+ ver.wi_ver[3] * 100 + ver.wi_ver[1];
+ }
+
+ /* get station firmware version */
+ memset(&ver, 0, sizeof(ver));
+ ver.wi_type = WI_RID_STA_IDENTITY;
+ ver.wi_len = 5;
+ wi_read_record(sc, (struct wi_ltv_gen *)&ver);
+ ver.wi_ver[1] = le16toh(ver.wi_ver[1]);
+ ver.wi_ver[2] = le16toh(ver.wi_ver[2]);
+ ver.wi_ver[3] = le16toh(ver.wi_ver[3]);
+ sc->sc_sta_firmware_ver = ver.wi_ver[2] * 10000 +
+ ver.wi_ver[3] * 100 + ver.wi_ver[1];
+ if (sc->sc_firmware_type == WI_INTERSIL &&
+ (sc->sc_sta_firmware_ver == 10102 ||
+ sc->sc_sta_firmware_ver == 20102)) {
+ struct wi_ltv_str sver;
+ char *p;
+
+ memset(&sver, 0, sizeof(sver));
+ sver.wi_type = WI_RID_SYMBOL_IDENTITY;
+ sver.wi_len = 7;
+ /* value should be the format like "V2.00-11" */
+ if (wi_read_record(sc, (struct wi_ltv_gen *)&sver) == 0 &&
+ *(p = (char *)sver.wi_str) >= 'A' &&
+ p[2] == '.' && p[5] == '-' && p[8] == '\0') {
+ sc->sc_firmware_type = WI_SYMBOL;
+ sc->sc_sta_firmware_ver = (p[1] - '0') * 10000 +
+ (p[3] - '0') * 1000 + (p[4] - '0') * 100 +
+ (p[6] - '0') * 10 + (p[7] - '0');
+ }
+ }
+ printf("\n");
+ device_printf(sc->dev, "%s Firmware: ",
+ sc->sc_firmware_type == WI_LUCENT ? "Lucent" :
+ (sc->sc_firmware_type == WI_SYMBOL ? "Symbol" : "Intersil"));
+
+ /*
+ * The primary firmware is only valid on Prism based chipsets
+ * (INTERSIL or SYMBOL).
+ */
+ if (sc->sc_firmware_type != WI_LUCENT)
+ printf("Primary %u.%02u.%02u, ", sc->sc_pri_firmware_ver / 10000,
+ (sc->sc_pri_firmware_ver % 10000) / 100,
+ sc->sc_pri_firmware_ver % 100);
+ printf("Station %u.%02u.%02u\n",
+ sc->sc_sta_firmware_ver / 10000, (sc->sc_sta_firmware_ver % 10000) / 100,
+ sc->sc_sta_firmware_ver % 100);
+ return;
+}
+
+static void
+wi_rxeof(sc)
+ struct wi_softc *sc;
+{
+ struct ifnet *ifp;
+ struct ether_header *eh;
+ struct mbuf *m;
+ int id;
+
+ ifp = &sc->arpcom.ac_if;
+
+ id = CSR_READ_2(sc, WI_RX_FID);
+
+ /*
+ * if we have the procframe flag set, disregard all this and just
+ * read the data from the device.
+ */
+ if (sc->wi_procframe || sc->wi_debug.wi_monitor) {
+ struct wi_frame *rx_frame;
+ int datlen, hdrlen;
+
+ /* first allocate mbuf for packet storage */
+ MGETHDR(m, M_DONTWAIT, MT_DATA);
+ if (m == NULL) {
+ ifp->if_ierrors++;
+ return;
+ }
+ MCLGET(m, M_DONTWAIT);
+ if (!(m->m_flags & M_EXT)) {
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+
+ m->m_pkthdr.rcvif = ifp;
+
+ /* now read wi_frame first so we know how much data to read */
+ if (wi_read_data(sc, id, 0, mtod(m, caddr_t),
+ sizeof(struct wi_frame))) {
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+
+ rx_frame = mtod(m, struct wi_frame *);
+
+ switch ((rx_frame->wi_status & WI_STAT_MAC_PORT) >> 8) {
+ case 7:
+ switch (rx_frame->wi_frame_ctl & WI_FCTL_FTYPE) {
+ case WI_FTYPE_DATA:
+ hdrlen = WI_DATA_HDRLEN;
+ datlen = rx_frame->wi_dat_len + WI_FCS_LEN;
+ break;
+ case WI_FTYPE_MGMT:
+ hdrlen = WI_MGMT_HDRLEN;
+ datlen = rx_frame->wi_dat_len + WI_FCS_LEN;
+ break;
+ case WI_FTYPE_CTL:
+ /*
+ * prism2 cards don't pass control packets
+ * down properly or consistently, so we'll only
+ * pass down the header.
+ */
+ hdrlen = WI_CTL_HDRLEN;
+ datlen = 0;
+ break;
+ default:
+ device_printf(sc->dev, "received packet of "
+ "unknown type on port 7\n");
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+ break;
+ case 0:
+ hdrlen = WI_DATA_HDRLEN;
+ datlen = rx_frame->wi_dat_len + WI_FCS_LEN;
+ break;
+ default:
+ device_printf(sc->dev, "received packet on invalid "
+ "port (wi_status=0x%x)\n", rx_frame->wi_status);
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+
+ if ((hdrlen + datlen + 2) > MCLBYTES) {
+ device_printf(sc->dev, "oversized packet received "
+ "(wi_dat_len=%d, wi_status=0x%x)\n",
+ datlen, rx_frame->wi_status);
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+
+ if (wi_read_data(sc, id, hdrlen, mtod(m, caddr_t) + hdrlen,
+ datlen + 2)) {
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+
+ m->m_pkthdr.len = m->m_len = hdrlen + datlen;
+
+ ifp->if_ipackets++;
+
+ /* Handle BPF listeners. */
+ if (ifp->if_bpf)
+ bpf_mtap(ifp, m);
+
+ m_freem(m);
+ } else {
+ struct wi_frame rx_frame;
+
+ /* First read in the frame header */
+ if (wi_read_data(sc, id, 0, (caddr_t)&rx_frame,
+ sizeof(rx_frame))) {
+ ifp->if_ierrors++;
+ return;
+ }
+
+ if (rx_frame.wi_status & WI_STAT_ERRSTAT) {
+ ifp->if_ierrors++;
+ return;
+ }
+
+ MGETHDR(m, M_DONTWAIT, MT_DATA);
+ if (m == NULL) {
+ ifp->if_ierrors++;
+ return;
+ }
+ MCLGET(m, M_DONTWAIT);
+ if (!(m->m_flags & M_EXT)) {
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+
+ eh = mtod(m, struct ether_header *);
+ m->m_pkthdr.rcvif = ifp;
+
+ if (rx_frame.wi_status == WI_STAT_MGMT &&
+ sc->wi_ptype == WI_PORTTYPE_AP) {
+ if ((WI_802_11_OFFSET_RAW + rx_frame.wi_dat_len + 2) >
+ MCLBYTES) {
+ device_printf(sc->dev, "oversized mgmt packet "
+ "received in hostap mode "
+ "(wi_dat_len=%d, wi_status=0x%x)\n",
+ rx_frame.wi_dat_len, rx_frame.wi_status);
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+
+ /* Put the whole header in there. */
+ bcopy(&rx_frame, mtod(m, void *),
+ sizeof(struct wi_frame));
+ if (wi_read_data(sc, id, WI_802_11_OFFSET_RAW,
+ mtod(m, caddr_t) + WI_802_11_OFFSET_RAW,
+ rx_frame.wi_dat_len + 2)) {
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+ m->m_pkthdr.len = m->m_len =
+ WI_802_11_OFFSET_RAW + rx_frame.wi_dat_len;
+ /* XXX: consider giving packet to bhp? */
+ wihap_mgmt_input(sc, &rx_frame, m);
+ return;
+ }
+
+ if (rx_frame.wi_status == WI_STAT_1042 ||
+ rx_frame.wi_status == WI_STAT_TUNNEL ||
+ rx_frame.wi_status == WI_STAT_WMP_MSG) {
+ if((rx_frame.wi_dat_len + WI_SNAPHDR_LEN) > MCLBYTES) {
+ device_printf(sc->dev,
+ "oversized packet received "
+ "(wi_dat_len=%d, wi_status=0x%x)\n",
+ rx_frame.wi_dat_len, rx_frame.wi_status);
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+ m->m_pkthdr.len = m->m_len =
+ rx_frame.wi_dat_len + WI_SNAPHDR_LEN;
+
+#if 0
+ bcopy((char *)&rx_frame.wi_addr1,
+ (char *)&eh->ether_dhost, ETHER_ADDR_LEN);
+ if (sc->wi_ptype == WI_PORTTYPE_ADHOC) {
+ bcopy((char *)&rx_frame.wi_addr2,
+ (char *)&eh->ether_shost, ETHER_ADDR_LEN);
+ } else {
+ bcopy((char *)&rx_frame.wi_addr3,
+ (char *)&eh->ether_shost, ETHER_ADDR_LEN);
+ }
+#else
+ bcopy((char *)&rx_frame.wi_dst_addr,
+ (char *)&eh->ether_dhost, ETHER_ADDR_LEN);
+ bcopy((char *)&rx_frame.wi_src_addr,
+ (char *)&eh->ether_shost, ETHER_ADDR_LEN);
+#endif
+
+ bcopy((char *)&rx_frame.wi_type,
+ (char *)&eh->ether_type, ETHER_TYPE_LEN);
+
+ if (wi_read_data(sc, id, WI_802_11_OFFSET,
+ mtod(m, caddr_t) + sizeof(struct ether_header),
+ m->m_len + 2)) {
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+ } else {
+ if((rx_frame.wi_dat_len +
+ sizeof(struct ether_header)) > MCLBYTES) {
+ device_printf(sc->dev,
+ "oversized packet received "
+ "(wi_dat_len=%d, wi_status=0x%x)\n",
+ rx_frame.wi_dat_len, rx_frame.wi_status);
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+ m->m_pkthdr.len = m->m_len =
+ rx_frame.wi_dat_len + sizeof(struct ether_header);
+
+ if (wi_read_data(sc, id, WI_802_3_OFFSET,
+ mtod(m, caddr_t), m->m_len + 2)) {
+ m_freem(m);
+ ifp->if_ierrors++;
+ return;
+ }
+ }
+
+ ifp->if_ipackets++;
+
+ if (sc->wi_ptype == WI_PORTTYPE_AP) {
+ /*
+ * Give host AP code first crack at data
+ * packets. If it decides to handle it (or
+ * drop it), it will return a non-zero.
+ * Otherwise, it is destined for this host.
+ */
+ if (wihap_data_input(sc, &rx_frame, m))
+ return;
+ }
+ /* Receive packet. */
+ m_adj(m, sizeof(struct ether_header));
+#ifdef WICACHE
+ wi_cache_store(sc, eh, m, rx_frame.wi_q_info);
+#endif
+ ether_input(ifp, eh, m);
+ }
+}
+
+static void
+wi_txeof(sc, status)
+ struct wi_softc *sc;
+ int status;
+{
+ struct ifnet *ifp;
+
+ ifp = &sc->arpcom.ac_if;
+
+ ifp->if_timer = 0;
+ ifp->if_flags &= ~IFF_OACTIVE;
+
+ if (status & WI_EV_TX_EXC)
+ ifp->if_oerrors++;
+ else
+ ifp->if_opackets++;
+
+ return;
+}
+
+void
+wi_inquire(xsc)
+ void *xsc;
+{
+ struct wi_softc *sc;
+ struct ifnet *ifp;
+ int s;
+
+ sc = xsc;
+ ifp = &sc->arpcom.ac_if;
+
+ sc->wi_stat_ch = timeout(wi_inquire, sc, hz * 60);
+
+ /* Don't do this while we're transmitting */
+ if (ifp->if_flags & IFF_OACTIVE)
+ return;
+
+ WI_LOCK(sc, s);
+ wi_cmd(sc, WI_CMD_INQUIRE, WI_INFO_COUNTERS, 0, 0);
+ WI_UNLOCK(sc, s);
+
+ return;
+}
+
+void
+wi_update_stats(sc)
+ struct wi_softc *sc;
+{
+ struct wi_ltv_gen gen;
+ u_int16_t id;
+ struct ifnet *ifp;
+ u_int32_t *ptr;
+ int len, i;
+ u_int16_t t;
+
+ ifp = &sc->arpcom.ac_if;
+
+ id = CSR_READ_2(sc, WI_INFO_FID);
+
+ wi_read_data(sc, id, 0, (char *)&gen, 4);
+
+ /*
+ * if we just got our scan results, copy it over into the scan buffer
+ * so we can return it to anyone that asks for it. (add a little
+ * compatibility with the prism2 scanning mechanism)
+ */
+ if (gen.wi_type == WI_INFO_SCAN_RESULTS)
+ {
+ sc->wi_scanbuf_len = gen.wi_len;
+ wi_read_data(sc, id, 4, (char *)sc->wi_scanbuf,
+ sc->wi_scanbuf_len * 2);
+
+ return;
+ }
+ else if (gen.wi_type != WI_INFO_COUNTERS)
+ return;
+
+ len = (gen.wi_len - 1 < sizeof(sc->wi_stats) / 4) ?
+ gen.wi_len - 1 : sizeof(sc->wi_stats) / 4;
+ ptr = (u_int32_t *)&sc->wi_stats;
+
+ for (i = 0; i < len - 1; i++) {
+ t = CSR_READ_2(sc, WI_DATA1);
+#ifdef WI_HERMES_STATS_WAR
+ if (t > 0xF000)
+ t = ~t & 0xFFFF;
+#endif
+ ptr[i] += t;
+ }
+
+ ifp->if_collisions = sc->wi_stats.wi_tx_single_retries +
+ sc->wi_stats.wi_tx_multi_retries +
+ sc->wi_stats.wi_tx_retry_limit;
+
+ return;
+}
+
+static void
+wi_intr(xsc)
+ void *xsc;
+{
+ struct wi_softc *sc = xsc;
+ struct ifnet *ifp;
+ u_int16_t status;
+ int s;
+
+ WI_LOCK(sc, s);
+
+ ifp = &sc->arpcom.ac_if;
+
+ if (sc->wi_gone || !(ifp->if_flags & IFF_UP)) {
+ CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
+ CSR_WRITE_2(sc, WI_INT_EN, 0);
+ WI_UNLOCK(sc, s);
+ return;
+ }
+
+ /* Disable interrupts. */
+ CSR_WRITE_2(sc, WI_INT_EN, 0);
+
+ status = CSR_READ_2(sc, WI_EVENT_STAT);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, ~WI_INTRS);
+
+ if (status & WI_EV_RX) {
+ wi_rxeof(sc);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_RX);
+ }
+
+ if (status & WI_EV_TX) {
+ wi_txeof(sc, status);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_TX);
+ }
+
+ if (status & WI_EV_ALLOC) {
+ int id;
+
+ id = CSR_READ_2(sc, WI_ALLOC_FID);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_ALLOC);
+ if (id == sc->wi_tx_data_id)
+ wi_txeof(sc, status);
+ }
+
+ if (status & WI_EV_INFO) {
+ wi_update_stats(sc);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_INFO);
+ }
+
+ if (status & WI_EV_TX_EXC) {
+ wi_txeof(sc, status);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_TX_EXC);
+ }
+
+ if (status & WI_EV_INFO_DROP) {
+ CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_INFO_DROP);
+ }
+
+ /* Re-enable interrupts. */
+ CSR_WRITE_2(sc, WI_INT_EN, WI_INTRS);
+
+ if (ifp->if_snd.ifq_head != NULL) {
+ wi_start(ifp);
+ }
+
+ WI_UNLOCK(sc, s);
+
+ return;
+}
+
+static int
+wi_cmd(sc, cmd, val0, val1, val2)
+ struct wi_softc *sc;
+ int cmd;
+ int val0;
+ int val1;
+ int val2;
+{
+ int i, s = 0;
+ static volatile int count = 0;
+
+ if (count > 1)
+ panic("Hey partner, hold on there!");
+ count++;
+
+ /* wait for the busy bit to clear */
+ for (i = 500; i > 0; i--) { /* 5s */
+ if (!(CSR_READ_2(sc, WI_COMMAND) & WI_CMD_BUSY)) {
+ break;
+ }
+ DELAY(10*1000); /* 10 m sec */
+ }
+ if (i == 0) {
+ device_printf(sc->dev, "wi_cmd: busy bit won't clear.\n" );
+ count--;
+ return(ETIMEDOUT);
+ }
+
+ CSR_WRITE_2(sc, WI_PARAM0, val0);
+ CSR_WRITE_2(sc, WI_PARAM1, val1);
+ CSR_WRITE_2(sc, WI_PARAM2, val2);
+ CSR_WRITE_2(sc, WI_COMMAND, cmd);
+
+ for (i = 0; i < WI_TIMEOUT; i++) {
+ /*
+ * Wait for 'command complete' bit to be
+ * set in the event status register.
+ */
+ s = CSR_READ_2(sc, WI_EVENT_STAT);
+ if (s & WI_EV_CMD) {
+ /* Ack the event and read result code. */
+ s = CSR_READ_2(sc, WI_STATUS);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_CMD);
+#ifdef foo
+ if ((s & WI_CMD_CODE_MASK) != (cmd & WI_CMD_CODE_MASK))
+ return(EIO);
+#endif
+ if (s & WI_STAT_CMD_RESULT) {
+ count--;
+ return(EIO);
+ }
+ break;
+ }
+ DELAY(WI_DELAY);
+ }
+
+ count--;
+ if (i == WI_TIMEOUT) {
+ device_printf(sc->dev,
+ "timeout in wi_cmd 0x%04x; event status 0x%04x\n", cmd, s);
+ return(ETIMEDOUT);
+ }
+ return(0);
+}
+
+static void
+wi_reset(sc)
+ struct wi_softc *sc;
+{
+#define WI_INIT_TRIES 3
+ int i;
+ int tries;
+
+ /* Symbol firmware cannot be initialized more than once */
+ if (sc->sc_firmware_type == WI_SYMBOL && sc->sc_enabled)
+ return;
+ if (sc->sc_firmware_type == WI_SYMBOL)
+ tries = 1;
+ else
+ tries = WI_INIT_TRIES;
+
+ for (i = 0; i < tries; i++) {
+ if (wi_cmd(sc, WI_CMD_INI, 0, 0, 0) == 0)
+ break;
+ DELAY(WI_DELAY * 1000);
+ }
+ sc->sc_enabled = 1;
+
+ if (i == tries) {
+ device_printf(sc->dev, "init failed\n");
+ return;
+ }
+
+ CSR_WRITE_2(sc, WI_INT_EN, 0);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
+
+ /* Calibrate timer. */
+ WI_SETVAL(WI_RID_TICK_TIME, 8);
+
+ return;
+}
+
+/*
+ * Read an LTV record from the NIC.
+ */
+static int
+wi_read_record(sc, ltv)
+ struct wi_softc *sc;
+ struct wi_ltv_gen *ltv;
+{
+ u_int16_t *ptr;
+ int i, len, code;
+ struct wi_ltv_gen *oltv, p2ltv;
+
+ oltv = ltv;
+ if (sc->sc_firmware_type != WI_LUCENT) {
+ switch (ltv->wi_type) {
+ case WI_RID_ENCRYPTION:
+ p2ltv.wi_type = WI_RID_P2_ENCRYPTION;
+ p2ltv.wi_len = 2;
+ ltv = &p2ltv;
+ break;
+ case WI_RID_TX_CRYPT_KEY:
+ p2ltv.wi_type = WI_RID_P2_TX_CRYPT_KEY;
+ p2ltv.wi_len = 2;
+ ltv = &p2ltv;
+ break;
+ case WI_RID_ROAMING_MODE:
+ if (sc->sc_firmware_type == WI_INTERSIL)
+ break;
+ /* not supported */
+ ltv->wi_len = 1;
+ return 0;
+ case WI_RID_MICROWAVE_OVEN:
+ /* not supported */
+ ltv->wi_len = 1;
+ return 0;
+ }
+ }
+
+ /* Tell the NIC to enter record read mode. */
+ if (wi_cmd(sc, WI_CMD_ACCESS|WI_ACCESS_READ, ltv->wi_type, 0, 0))
+ return(EIO);
+
+ /* Seek to the record. */
+ if (wi_seek(sc, ltv->wi_type, 0, WI_BAP1))
+ return(EIO);
+
+ /*
+ * Read the length and record type and make sure they
+ * match what we expect (this verifies that we have enough
+ * room to hold all of the returned data).
+ */
+ len = CSR_READ_2(sc, WI_DATA1);
+ if (len > ltv->wi_len)
+ return(ENOSPC);
+ code = CSR_READ_2(sc, WI_DATA1);
+ if (code != ltv->wi_type)
+ return(EIO);
+
+ ltv->wi_len = len;
+ ltv->wi_type = code;
+
+ /* Now read the data. */
+ ptr = &ltv->wi_val;
+ for (i = 0; i < ltv->wi_len - 1; i++)
+ ptr[i] = CSR_READ_2(sc, WI_DATA1);
+
+ if (sc->sc_firmware_type != WI_LUCENT) {
+ switch (oltv->wi_type) {
+ case WI_RID_TX_RATE:
+ case WI_RID_CUR_TX_RATE:
+ switch (ltv->wi_val) {
+ case 1: oltv->wi_val = 1; break;
+ case 2: oltv->wi_val = 2; break;
+ case 3: oltv->wi_val = 6; break;
+ case 4: oltv->wi_val = 5; break;
+ case 7: oltv->wi_val = 7; break;
+ case 8: oltv->wi_val = 11; break;
+ case 15: oltv->wi_val = 3; break;
+ default: oltv->wi_val = 0x100 + ltv->wi_val; break;
+ }
+ break;
+ case WI_RID_ENCRYPTION:
+ oltv->wi_len = 2;
+ if (ltv->wi_val & 0x01)
+ oltv->wi_val = 1;
+ else
+ oltv->wi_val = 0;
+ break;
+ case WI_RID_TX_CRYPT_KEY:
+ oltv->wi_len = 2;
+ oltv->wi_val = ltv->wi_val;
+ break;
+ case WI_RID_CNFAUTHMODE:
+ oltv->wi_len = 2;
+ if (le16toh(ltv->wi_val) & 0x01)
+ oltv->wi_val = htole16(1);
+ else if (le16toh(ltv->wi_val) & 0x02)
+ oltv->wi_val = htole16(2);
+ break;
+ }
+ }
+
+ return(0);
+}
+
+/*
+ * Same as read, except we inject data instead of reading it.
+ */
+static int
+wi_write_record(sc, ltv)
+ struct wi_softc *sc;
+ struct wi_ltv_gen *ltv;
+{
+ u_int16_t *ptr;
+ int i;
+ struct wi_ltv_gen p2ltv;
+
+ if (sc->sc_firmware_type != WI_LUCENT) {
+ switch (ltv->wi_type) {
+ case WI_RID_TX_RATE:
+ p2ltv.wi_type = WI_RID_TX_RATE;
+ p2ltv.wi_len = 2;
+ switch (ltv->wi_val) {
+ case 1: p2ltv.wi_val = 1; break;
+ case 2: p2ltv.wi_val = 2; break;
+ case 3: p2ltv.wi_val = 15; break;
+ case 5: p2ltv.wi_val = 4; break;
+ case 6: p2ltv.wi_val = 3; break;
+ case 7: p2ltv.wi_val = 7; break;
+ case 11: p2ltv.wi_val = 8; break;
+ default: return EINVAL;
+ }
+ ltv = &p2ltv;
+ break;
+ case WI_RID_ENCRYPTION:
+ p2ltv.wi_type = WI_RID_P2_ENCRYPTION;
+ p2ltv.wi_len = 2;
+ if (le16toh(ltv->wi_val)) {
+ p2ltv.wi_val =htole16(PRIVACY_INVOKED |
+ EXCLUDE_UNENCRYPTED);
+ if (sc->wi_ptype == WI_PORTTYPE_AP)
+ /*
+ * Disable tx encryption...
+ * it's broken.
+ */
+ p2ltv.wi_val |= htole16(HOST_ENCRYPT);
+ } else
+ p2ltv.wi_val =
+ htole16(HOST_ENCRYPT | HOST_DECRYPT);
+ ltv = &p2ltv;
+ break;
+ case WI_RID_TX_CRYPT_KEY:
+ p2ltv.wi_type = WI_RID_P2_TX_CRYPT_KEY;
+ p2ltv.wi_len = 2;
+ p2ltv.wi_val = ltv->wi_val;
+ ltv = &p2ltv;
+ break;
+ case WI_RID_DEFLT_CRYPT_KEYS:
+ {
+ int error;
+ int keylen;
+ struct wi_ltv_str ws;
+ struct wi_ltv_keys *wk =
+ (struct wi_ltv_keys *)ltv;
+
+ keylen = wk->wi_keys[sc->wi_tx_key].wi_keylen;
+
+ for (i = 0; i < 4; i++) {
+ bzero(&ws, sizeof(ws));
+ ws.wi_len = (keylen > 5) ? 8 : 4;
+ ws.wi_type = WI_RID_P2_CRYPT_KEY0 + i;
+ memcpy(ws.wi_str,
+ &wk->wi_keys[i].wi_keydat, keylen);
+ error = wi_write_record(sc,
+ (struct wi_ltv_gen *)&ws);
+ if (error)
+ return error;
+ }
+ return 0;
+ }
+ case WI_RID_CNFAUTHMODE:
+ p2ltv.wi_type = WI_RID_CNFAUTHMODE;
+ p2ltv.wi_len = 2;
+ if (le16toh(ltv->wi_val) == 1)
+ p2ltv.wi_val = htole16(0x01);
+ else if (le16toh(ltv->wi_val) == 2)
+ p2ltv.wi_val = htole16(0x02);
+ ltv = &p2ltv;
+ break;
+ case WI_RID_ROAMING_MODE:
+ if (sc->sc_firmware_type == WI_INTERSIL)
+ break;
+ /* not supported */
+ return 0;
+ case WI_RID_MICROWAVE_OVEN:
+ /* not supported */
+ return 0;
+ }
+ } else {
+ /* LUCENT */
+ switch (ltv->wi_type) {
+ case WI_RID_TX_RATE:
+ switch (ltv->wi_val) {
+ case 1: ltv->wi_val = 1; break; /* 1Mb/s fixed */
+ case 2: ltv->wi_val = 2; break; /* 2Mb/s fixed */
+ case 3: ltv->wi_val = 3; break; /* 11Mb/s auto */
+ case 5: ltv->wi_val = 4; break; /* 5.5Mb/s fixed */
+ case 6: ltv->wi_val = 6; break; /* 2Mb/s auto */
+ case 7: ltv->wi_val = 7; break; /* 5.5Mb/s auto */
+ case 11: ltv->wi_val = 5; break; /* 11Mb/s fixed */
+ default: return EINVAL;
+ }
+ }
+ }
+
+ if (wi_seek(sc, ltv->wi_type, 0, WI_BAP1))
+ return(EIO);
+
+ CSR_WRITE_2(sc, WI_DATA1, ltv->wi_len);
+ CSR_WRITE_2(sc, WI_DATA1, ltv->wi_type);
+
+ ptr = &ltv->wi_val;
+ for (i = 0; i < ltv->wi_len - 1; i++)
+ CSR_WRITE_2(sc, WI_DATA1, ptr[i]);
+
+ if (wi_cmd(sc, WI_CMD_ACCESS|WI_ACCESS_WRITE, ltv->wi_type, 0, 0))
+ return(EIO);
+
+ return(0);
+}
+
+static int
+wi_seek(sc, id, off, chan)
+ struct wi_softc *sc;
+ int id, off, chan;
+{
+ int i;
+ int selreg, offreg;
+ int status;
+
+ switch (chan) {
+ case WI_BAP0:
+ selreg = WI_SEL0;
+ offreg = WI_OFF0;
+ break;
+ case WI_BAP1:
+ selreg = WI_SEL1;
+ offreg = WI_OFF1;
+ break;
+ default:
+ device_printf(sc->dev, "invalid data path: %x\n", chan);
+ return(EIO);
+ }
+
+ CSR_WRITE_2(sc, selreg, id);
+ CSR_WRITE_2(sc, offreg, off);
+
+ for (i = 0; i < WI_TIMEOUT; i++) {
+ status = CSR_READ_2(sc, offreg);
+ if (!(status & (WI_OFF_BUSY|WI_OFF_ERR)))
+ break;
+ DELAY(WI_DELAY);
+ }
+
+ if (i == WI_TIMEOUT) {
+ device_printf(sc->dev, "timeout in wi_seek to %x/%x; last status %x\n",
+ id, off, status);
+ return(ETIMEDOUT);
+ }
+
+ return(0);
+}
+
+static int
+wi_read_data(sc, id, off, buf, len)
+ struct wi_softc *sc;
+ int id, off;
+ caddr_t buf;
+ int len;
+{
+ int i;
+ u_int16_t *ptr;
+
+ if (wi_seek(sc, id, off, WI_BAP1))
+ return(EIO);
+
+ ptr = (u_int16_t *)buf;
+ for (i = 0; i < len / 2; i++)
+ ptr[i] = CSR_READ_2(sc, WI_DATA1);
+
+ return(0);
+}
+
+/*
+ * According to the comments in the HCF Light code, there is a bug in
+ * the Hermes (or possibly in certain Hermes firmware revisions) where
+ * the chip's internal autoincrement counter gets thrown off during
+ * data writes: the autoincrement is missed, causing one data word to
+ * be overwritten and subsequent words to be written to the wrong memory
+ * locations. The end result is that we could end up transmitting bogus
+ * frames without realizing it. The workaround for this is to write a
+ * couple of extra guard words after the end of the transfer, then
+ * attempt to read then back. If we fail to locate the guard words where
+ * we expect them, we preform the transfer over again.
+ */
+static int
+wi_write_data(sc, id, off, buf, len)
+ struct wi_softc *sc;
+ int id, off;
+ caddr_t buf;
+ int len;
+{
+ int i;
+ u_int16_t *ptr;
+#ifdef WI_HERMES_AUTOINC_WAR
+ int retries;
+
+ retries = 512;
+again:
+#endif
+
+ if (wi_seek(sc, id, off, WI_BAP0))
+ return(EIO);
+
+ ptr = (u_int16_t *)buf;
+ for (i = 0; i < (len / 2); i++)
+ CSR_WRITE_2(sc, WI_DATA0, ptr[i]);
+
+#ifdef WI_HERMES_AUTOINC_WAR
+ CSR_WRITE_2(sc, WI_DATA0, 0x1234);
+ CSR_WRITE_2(sc, WI_DATA0, 0x5678);
+
+ if (wi_seek(sc, id, off + len, WI_BAP0))
+ return(EIO);
+
+ if (CSR_READ_2(sc, WI_DATA0) != 0x1234 ||
+ CSR_READ_2(sc, WI_DATA0) != 0x5678) {
+ if (--retries >= 0)
+ goto again;
+ device_printf(sc->dev, "wi_write_data device timeout\n");
+ return (EIO);
+ }
+#endif
+
+ return(0);
+}
+
+/*
+ * Allocate a region of memory inside the NIC and zero
+ * it out.
+ */
+static int
+wi_alloc_nicmem(sc, len, id)
+ struct wi_softc *sc;
+ int len;
+ int *id;
+{
+ int i;
+
+ if (wi_cmd(sc, WI_CMD_ALLOC_MEM, len, 0, 0)) {
+ device_printf(sc->dev,
+ "failed to allocate %d bytes on NIC\n", len);
+ return(ENOMEM);
+ }
+
+ for (i = 0; i < WI_TIMEOUT; i++) {
+ if (CSR_READ_2(sc, WI_EVENT_STAT) & WI_EV_ALLOC)
+ break;
+ DELAY(WI_DELAY);
+ }
+
+ if (i == WI_TIMEOUT) {
+ device_printf(sc->dev, "time out allocating memory on card\n");
+ return(ETIMEDOUT);
+ }
+
+ CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_ALLOC);
+ *id = CSR_READ_2(sc, WI_ALLOC_FID);
+
+ if (wi_seek(sc, *id, 0, WI_BAP0)) {
+ device_printf(sc->dev, "seek failed while allocating memory on card\n");
+ return(EIO);
+ }
+
+ for (i = 0; i < len / 2; i++)
+ CSR_WRITE_2(sc, WI_DATA0, 0);
+
+ return(0);
+}
+
+static void
+wi_setmulti(sc)
+ struct wi_softc *sc;
+{
+ struct ifnet *ifp;
+ int i = 0;
+ struct ifmultiaddr *ifma;
+ struct wi_ltv_mcast mcast;
+
+ ifp = &sc->arpcom.ac_if;
+
+ bzero((char *)&mcast, sizeof(mcast));
+
+ mcast.wi_type = WI_RID_MCAST_LIST;
+ mcast.wi_len = (3 * 16) + 1;
+
+ if (ifp->if_flags & IFF_ALLMULTI || ifp->if_flags & IFF_PROMISC) {
+ wi_write_record(sc, (struct wi_ltv_gen *)&mcast);
+ return;
+ }
+
+#if __FreeBSD_version < 500000
+ LIST_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
+#else
+ TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
+#endif
+ if (ifma->ifma_addr->sa_family != AF_LINK)
+ continue;
+ if (i < 16) {
+ bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr),
+ (char *)&mcast.wi_mcast[i], ETHER_ADDR_LEN);
+ i++;
+ } else {
+ bzero((char *)&mcast, sizeof(mcast));
+ break;
+ }
+ }
+
+ mcast.wi_len = (i * 3) + 1;
+ wi_write_record(sc, (struct wi_ltv_gen *)&mcast);
+
+ return;
+}
+
+static void
+wi_setdef(sc, wreq)
+ struct wi_softc *sc;
+ struct wi_req *wreq;
+{
+ struct sockaddr_dl *sdl;
+ struct ifaddr *ifa;
+ struct ifnet *ifp;
+
+ ifp = &sc->arpcom.ac_if;
+
+ switch(wreq->wi_type) {
+ case WI_RID_MAC_NODE:
+ ifa = ifaddr_byindex(ifp->if_index);
+ sdl = (struct sockaddr_dl *)ifa->ifa_addr;
+ bcopy((char *)&wreq->wi_val, (char *)&sc->arpcom.ac_enaddr,
+ ETHER_ADDR_LEN);
+ bcopy((char *)&wreq->wi_val, LLADDR(sdl), ETHER_ADDR_LEN);
+ break;
+ case WI_RID_PORTTYPE:
+ sc->wi_ptype = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_TX_RATE:
+ sc->wi_tx_rate = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_MAX_DATALEN:
+ sc->wi_max_data_len = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_RTS_THRESH:
+ sc->wi_rts_thresh = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_SYSTEM_SCALE:
+ sc->wi_ap_density = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_CREATE_IBSS:
+ sc->wi_create_ibss = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_OWN_CHNL:
+ sc->wi_channel = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_NODENAME:
+ bzero(sc->wi_node_name, sizeof(sc->wi_node_name));
+ bcopy((char *)&wreq->wi_val[1], sc->wi_node_name, 30);
+ break;
+ case WI_RID_DESIRED_SSID:
+ bzero(sc->wi_net_name, sizeof(sc->wi_net_name));
+ bcopy((char *)&wreq->wi_val[1], sc->wi_net_name, 30);
+ break;
+ case WI_RID_OWN_SSID:
+ bzero(sc->wi_ibss_name, sizeof(sc->wi_ibss_name));
+ bcopy((char *)&wreq->wi_val[1], sc->wi_ibss_name, 30);
+ break;
+ case WI_RID_PM_ENABLED:
+ sc->wi_pm_enabled = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_MICROWAVE_OVEN:
+ sc->wi_mor_enabled = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_MAX_SLEEP:
+ sc->wi_max_sleep = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_CNFAUTHMODE:
+ sc->wi_authtype = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_ROAMING_MODE:
+ sc->wi_roaming = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_ENCRYPTION:
+ sc->wi_use_wep = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_TX_CRYPT_KEY:
+ sc->wi_tx_key = le16toh(wreq->wi_val[0]);
+ break;
+ case WI_RID_DEFLT_CRYPT_KEYS:
+ bcopy((char *)wreq, (char *)&sc->wi_keys,
+ sizeof(struct wi_ltv_keys));
+ break;
+ default:
+ break;
+ }
+
+ /* Reinitialize WaveLAN. */
+ wi_init(sc);
+
+ return;
+}
+
+static int
+wi_ioctl(ifp, command, data)
+ struct ifnet *ifp;
+ u_long command;
+ caddr_t data;
+{
+ int error = 0;
+ int len;
+ u_int8_t tmpkey[14];
+ char tmpssid[IEEE80211_NWID_LEN];
+ struct wi_softc *sc;
+ struct wi_req wreq;
+ struct ifreq *ifr;
+ struct ieee80211req *ireq;
+#if __FreeBSD_version >= 500000
+ struct thread *td = curthread;
+#else
+ struct proc *td = curproc; /* Little white lie */
+#endif
+ int s;
+
+ sc = ifp->if_softc;
+ WI_LOCK(sc, s);
+ ifr = (struct ifreq *)data;
+ ireq = (struct ieee80211req *)data;
+
+ if (sc->wi_gone) {
+ error = ENODEV;
+ goto out;
+ }
+
+ switch(command) {
+ case SIOCSIFADDR:
+ case SIOCGIFADDR:
+ case SIOCSIFMTU:
+ error = ether_ioctl(ifp, command, data);
+ break;
+ case SIOCSIFFLAGS:
+ if (ifp->if_flags & IFF_UP) {
+ if (ifp->if_flags & IFF_RUNNING &&
+ ifp->if_flags & IFF_PROMISC &&
+ !(sc->wi_if_flags & IFF_PROMISC)) {
+ WI_SETVAL(WI_RID_PROMISC, 1);
+ } else if (ifp->if_flags & IFF_RUNNING &&
+ !(ifp->if_flags & IFF_PROMISC) &&
+ sc->wi_if_flags & IFF_PROMISC) {
+ WI_SETVAL(WI_RID_PROMISC, 0);
+ } else
+ wi_init(sc);
+ } else {
+ if (ifp->if_flags & IFF_RUNNING) {
+ wi_stop(sc);
+ }
+ }
+ sc->wi_if_flags = ifp->if_flags;
+ error = 0;
+ break;
+ case SIOCSIFMEDIA:
+ case SIOCGIFMEDIA:
+ error = ifmedia_ioctl(ifp, ifr, &sc->ifmedia, command);
+ break;
+ case SIOCADDMULTI:
+ case SIOCDELMULTI:
+ wi_setmulti(sc);
+ error = 0;
+ break;
+ case SIOCGWAVELAN:
+ error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
+ if (error)
+ break;
+ if (wreq.wi_len > WI_MAX_DATALEN) {
+ error = EINVAL;
+ break;
+ }
+ /* Don't show WEP keys to non-root users. */
+ if (wreq.wi_type == WI_RID_DEFLT_CRYPT_KEYS && suser(td))
+ break;
+ if (wreq.wi_type == WI_RID_IFACE_STATS) {
+ bcopy((char *)&sc->wi_stats, (char *)&wreq.wi_val,
+ sizeof(sc->wi_stats));
+ wreq.wi_len = (sizeof(sc->wi_stats) / 2) + 1;
+ } else if (wreq.wi_type == WI_RID_DEFLT_CRYPT_KEYS) {
+ bcopy((char *)&sc->wi_keys, (char *)&wreq,
+ sizeof(struct wi_ltv_keys));
+ }
+#ifdef WICACHE
+ else if (wreq.wi_type == WI_RID_ZERO_CACHE) {
+ sc->wi_sigitems = sc->wi_nextitem = 0;
+ } else if (wreq.wi_type == WI_RID_READ_CACHE) {
+ char *pt = (char *)&wreq.wi_val;
+ bcopy((char *)&sc->wi_sigitems,
+ (char *)pt, sizeof(int));
+ pt += (sizeof (int));
+ wreq.wi_len = sizeof(int) / 2;
+ bcopy((char *)&sc->wi_sigcache, (char *)pt,
+ sizeof(struct wi_sigcache) * sc->wi_sigitems);
+ wreq.wi_len += ((sizeof(struct wi_sigcache) *
+ sc->wi_sigitems) / 2) + 1;
+ }
+#endif
+ else if (wreq.wi_type == WI_RID_PROCFRAME) {
+ wreq.wi_len = 2;
+ wreq.wi_val[0] = sc->wi_procframe;
+ } else if (wreq.wi_type == WI_RID_PRISM2) {
+ wreq.wi_len = 2;
+ wreq.wi_val[0] = sc->sc_firmware_type != WI_LUCENT;
+ } else if (wreq.wi_type == WI_RID_SCAN_RES &&
+ sc->sc_firmware_type == WI_LUCENT) {
+ memcpy((char *)wreq.wi_val, (char *)sc->wi_scanbuf,
+ sc->wi_scanbuf_len * 2);
+ wreq.wi_len = sc->wi_scanbuf_len;
+ } else {
+ if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq)) {
+ error = EINVAL;
+ break;
+ }
+ }
+ error = copyout(&wreq, ifr->ifr_data, sizeof(wreq));
+ break;
+ case SIOCSWAVELAN:
+ if ((error = suser(td)))
+ goto out;
+ error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
+ if (error)
+ break;
+ if (wreq.wi_len > WI_MAX_DATALEN) {
+ error = EINVAL;
+ break;
+ }
+ if (wreq.wi_type == WI_RID_IFACE_STATS) {
+ error = EINVAL;
+ break;
+ } else if (wreq.wi_type == WI_RID_MGMT_XMIT) {
+ error = wi_mgmt_xmit(sc, (caddr_t)&wreq.wi_val,
+ wreq.wi_len);
+ } else if (wreq.wi_type == WI_RID_PROCFRAME) {
+ sc->wi_procframe = wreq.wi_val[0];
+ /*
+ * if we're getting a scan request from a wavelan card
+ * (non-prism2), send out a cmd_inquire to the card to scan
+ * results for the scan will be received through the info
+ * interrupt handler. otherwise the scan request can be
+ * directly handled by a prism2 card's rid interface.
+ */
+ } else if (wreq.wi_type == WI_RID_SCAN_REQ &&
+ sc->sc_firmware_type == WI_LUCENT) {
+ wi_cmd(sc, WI_CMD_INQUIRE, WI_INFO_SCAN_RESULTS, 0, 0);
+ } else {
+ error = wi_write_record(sc, (struct wi_ltv_gen *)&wreq);
+ if (!error)
+ wi_setdef(sc, &wreq);
+ }
+ break;
+ case SIOCGPRISM2DEBUG:
+ error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
+ if (error)
+ break;
+ if (!(ifp->if_flags & IFF_RUNNING) ||
+ sc->sc_firmware_type == WI_LUCENT) {
+ error = EIO;
+ break;
+ }
+ error = wi_get_debug(sc, &wreq);
+ if (error == 0)
+ error = copyout(&wreq, ifr->ifr_data, sizeof(wreq));
+ break;
+ case SIOCSPRISM2DEBUG:
+ if ((error = suser(td)))
+ goto out;
+ error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
+ if (error)
+ break;
+ error = wi_set_debug(sc, &wreq);
+ break;
+ case SIOCG80211:
+ switch(ireq->i_type) {
+ case IEEE80211_IOC_SSID:
+ if(ireq->i_val == -1) {
+ bzero(tmpssid, IEEE80211_NWID_LEN);
+ error = wi_get_cur_ssid(sc, tmpssid, &len);
+ if (error != 0)
+ break;
+ error = copyout(tmpssid, ireq->i_data,
+ IEEE80211_NWID_LEN);
+ ireq->i_len = len;
+ } else if (ireq->i_val == 0) {
+ error = copyout(sc->wi_net_name,
+ ireq->i_data,
+ IEEE80211_NWID_LEN);
+ ireq->i_len = IEEE80211_NWID_LEN;
+ } else
+ error = EINVAL;
+ break;
+ case IEEE80211_IOC_NUMSSIDS:
+ ireq->i_val = 1;
+ break;
+ case IEEE80211_IOC_WEP:
+ if(!sc->wi_has_wep) {
+ ireq->i_val = IEEE80211_WEP_NOSUP;
+ } else {
+ if(sc->wi_use_wep) {
+ ireq->i_val =
+ IEEE80211_WEP_MIXED;
+ } else {
+ ireq->i_val =
+ IEEE80211_WEP_OFF;
+ }
+ }
+ break;
+ case IEEE80211_IOC_WEPKEY:
+ if(!sc->wi_has_wep ||
+ ireq->i_val < 0 || ireq->i_val > 3) {
+ error = EINVAL;
+ break;
+ }
+ len = sc->wi_keys.wi_keys[ireq->i_val].wi_keylen;
+ if (suser(td))
+ bcopy(sc->wi_keys.wi_keys[ireq->i_val].wi_keydat,
+ tmpkey, len);
+ else
+ bzero(tmpkey, len);
+
+ ireq->i_len = len;
+ error = copyout(tmpkey, ireq->i_data, len);
+
+ break;
+ case IEEE80211_IOC_NUMWEPKEYS:
+ if(!sc->wi_has_wep)
+ error = EINVAL;
+ else
+ ireq->i_val = 4;
+ break;
+ case IEEE80211_IOC_WEPTXKEY:
+ if(!sc->wi_has_wep)
+ error = EINVAL;
+ else
+ ireq->i_val = sc->wi_tx_key;
+ break;
+ case IEEE80211_IOC_AUTHMODE:
+ ireq->i_val = sc->wi_authmode;
+ break;
+ case IEEE80211_IOC_STATIONNAME:
+ error = copyout(sc->wi_node_name,
+ ireq->i_data, IEEE80211_NWID_LEN);
+ ireq->i_len = IEEE80211_NWID_LEN;
+ break;
+ case IEEE80211_IOC_CHANNEL:
+ wreq.wi_type = WI_RID_CURRENT_CHAN;
+ wreq.wi_len = WI_MAX_DATALEN;
+ if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq))
+ error = EINVAL;
+ else {
+ ireq->i_val = wreq.wi_val[0];
+ }
+ break;
+ case IEEE80211_IOC_POWERSAVE:
+ if(sc->wi_pm_enabled)
+ ireq->i_val = IEEE80211_POWERSAVE_ON;
+ else
+ ireq->i_val = IEEE80211_POWERSAVE_OFF;
+ break;
+ case IEEE80211_IOC_POWERSAVESLEEP:
+ ireq->i_val = sc->wi_max_sleep;
+ break;
+ default:
+ error = EINVAL;
+ }
+ break;
+ case SIOCS80211:
+ if ((error = suser(td)))
+ goto out;
+ switch(ireq->i_type) {
+ case IEEE80211_IOC_SSID:
+ if (ireq->i_val != 0 ||
+ ireq->i_len > IEEE80211_NWID_LEN) {
+ error = EINVAL;
+ break;
+ }
+ /* We set both of them */
+ bzero(sc->wi_net_name, IEEE80211_NWID_LEN);
+ error = copyin(ireq->i_data,
+ sc->wi_net_name, ireq->i_len);
+ bcopy(sc->wi_net_name, sc->wi_ibss_name, IEEE80211_NWID_LEN);
+ break;
+ case IEEE80211_IOC_WEP:
+ /*
+ * These cards only support one mode so
+ * we just turn wep on what ever is
+ * passed in if it's not OFF.
+ */
+ if (ireq->i_val == IEEE80211_WEP_OFF) {
+ sc->wi_use_wep = 0;
+ } else {
+ sc->wi_use_wep = 1;
+ }
+ break;
+ case IEEE80211_IOC_WEPKEY:
+ if (ireq->i_val < 0 || ireq->i_val > 3 ||
+ ireq->i_len > 13) {
+ error = EINVAL;
+ break;
+ }
+ bzero(sc->wi_keys.wi_keys[ireq->i_val].wi_keydat, 13);
+ error = copyin(ireq->i_data,
+ sc->wi_keys.wi_keys[ireq->i_val].wi_keydat,
+ ireq->i_len);
+ if(error)
+ break;
+ sc->wi_keys.wi_keys[ireq->i_val].wi_keylen =
+ ireq->i_len;
+ break;
+ case IEEE80211_IOC_WEPTXKEY:
+ if (ireq->i_val < 0 || ireq->i_val > 3) {
+ error = EINVAL;
+ break;
+ }
+ sc->wi_tx_key = ireq->i_val;
+ break;
+ case IEEE80211_IOC_AUTHMODE:
+ sc->wi_authmode = ireq->i_val;
+ break;
+ case IEEE80211_IOC_STATIONNAME:
+ if (ireq->i_len > 32) {
+ error = EINVAL;
+ break;
+ }
+ bzero(sc->wi_node_name, 32);
+ error = copyin(ireq->i_data,
+ sc->wi_node_name, ireq->i_len);
+ break;
+ case IEEE80211_IOC_CHANNEL:
+ /*
+ * The actual range is 1-14, but if you
+ * set it to 0 you get the default. So
+ * we let that work too.
+ */
+ if (ireq->i_val < 0 || ireq->i_val > 14) {
+ error = EINVAL;
+ break;
+ }
+ sc->wi_channel = ireq->i_val;
+ break;
+ case IEEE80211_IOC_POWERSAVE:
+ switch (ireq->i_val) {
+ case IEEE80211_POWERSAVE_OFF:
+ sc->wi_pm_enabled = 0;
+ break;
+ case IEEE80211_POWERSAVE_ON:
+ sc->wi_pm_enabled = 1;
+ break;
+ default:
+ error = EINVAL;
+ break;
+ }
+ break;
+ case IEEE80211_IOC_POWERSAVESLEEP:
+ if (ireq->i_val < 0) {
+ error = EINVAL;
+ break;
+ }
+ sc->wi_max_sleep = ireq->i_val;
+ break;
+ default:
+ error = EINVAL;
+ break;
+ }
+
+ /* Reinitialize WaveLAN. */
+ wi_init(sc);
+
+ break;
+ case SIOCHOSTAP_ADD:
+ case SIOCHOSTAP_DEL:
+ case SIOCHOSTAP_GET:
+ case SIOCHOSTAP_GETALL:
+ case SIOCHOSTAP_GFLAGS:
+ case SIOCHOSTAP_SFLAGS:
+ /* Send all Host AP specific ioctl's to Host AP code. */
+ error = wihap_ioctl(sc, command, data);
+ break;
+ default:
+ error = EINVAL;
+ break;
+ }
+out:
+ WI_UNLOCK(sc, s);
+
+ return(error);
+}
+
+static void
+wi_init(xsc)
+ void *xsc;
+{
+ struct wi_softc *sc = xsc;
+ struct ifnet *ifp = &sc->arpcom.ac_if;
+ struct wi_ltv_macaddr mac;
+ int id = 0;
+ int s;
+
+ WI_LOCK(sc, s);
+
+ if (sc->wi_gone) {
+ WI_UNLOCK(sc, s);
+ return;
+ }
+
+ if (ifp->if_flags & IFF_RUNNING)
+ wi_stop(sc);
+
+ wi_reset(sc);
+
+ /* Program max data length. */
+ WI_SETVAL(WI_RID_MAX_DATALEN, sc->wi_max_data_len);
+
+ /* Enable/disable IBSS creation. */
+ WI_SETVAL(WI_RID_CREATE_IBSS, sc->wi_create_ibss);
+
+ /* Set the port type. */
+ WI_SETVAL(WI_RID_PORTTYPE, sc->wi_ptype);
+
+ /* Program the RTS/CTS threshold. */
+ WI_SETVAL(WI_RID_RTS_THRESH, sc->wi_rts_thresh);
+
+ /* Program the TX rate */
+ WI_SETVAL(WI_RID_TX_RATE, sc->wi_tx_rate);
+
+ /* Access point density */
+ WI_SETVAL(WI_RID_SYSTEM_SCALE, sc->wi_ap_density);
+
+ /* Power Management Enabled */
+ WI_SETVAL(WI_RID_PM_ENABLED, sc->wi_pm_enabled);
+
+ /* Power Managment Max Sleep */
+ WI_SETVAL(WI_RID_MAX_SLEEP, sc->wi_max_sleep);
+
+ /* Roaming type */
+ WI_SETVAL(WI_RID_ROAMING_MODE, sc->wi_roaming);
+
+ /* Specify the IBSS name */
+ WI_SETSTR(WI_RID_OWN_SSID, sc->wi_ibss_name);
+
+ /* Specify the network name */
+ WI_SETSTR(WI_RID_DESIRED_SSID, sc->wi_net_name);
+
+ /* Specify the frequency to use */
+ WI_SETVAL(WI_RID_OWN_CHNL, sc->wi_channel);
+
+ /* Program the nodename. */
+ WI_SETSTR(WI_RID_NODENAME, sc->wi_node_name);
+
+ /* Specify the authentication mode. */
+ WI_SETVAL(WI_RID_CNFAUTHMODE, sc->wi_authmode);
+
+ /* Set our MAC address. */
+ mac.wi_len = 4;
+ mac.wi_type = WI_RID_MAC_NODE;
+ bcopy((char *)&sc->arpcom.ac_enaddr,
+ (char *)&mac.wi_mac_addr, ETHER_ADDR_LEN);
+ wi_write_record(sc, (struct wi_ltv_gen *)&mac);
+
+ /* Configure WEP. */
+ if (sc->wi_has_wep) {
+ WI_SETVAL(WI_RID_ENCRYPTION, sc->wi_use_wep);
+ WI_SETVAL(WI_RID_TX_CRYPT_KEY, sc->wi_tx_key);
+ sc->wi_keys.wi_len = (sizeof(struct wi_ltv_keys) / 2) + 1;
+ sc->wi_keys.wi_type = WI_RID_DEFLT_CRYPT_KEYS;
+ wi_write_record(sc, (struct wi_ltv_gen *)&sc->wi_keys);
+ if (sc->sc_firmware_type != WI_LUCENT && sc->wi_use_wep) {
+ /*
+ * ONLY HWB3163 EVAL-CARD Firmware version
+ * less than 0.8 variant2
+ *
+ * If promiscuous mode disable, Prism2 chip
+ * does not work with WEP .
+ * It is under investigation for details.
+ * (ichiro@netbsd.org)
+ */
+ if (sc->sc_firmware_type == WI_INTERSIL &&
+ sc->sc_sta_firmware_ver < 802 ) {
+ /* firm ver < 0.8 variant 2 */
+ WI_SETVAL(WI_RID_PROMISC, 1);
+ }
+ WI_SETVAL(WI_RID_CNFAUTHMODE, sc->wi_authtype);
+ }
+ }
+
+ /* Initialize promisc mode. */
+ if (ifp->if_flags & IFF_PROMISC) {
+ WI_SETVAL(WI_RID_PROMISC, 1);
+ } else {
+ WI_SETVAL(WI_RID_PROMISC, 0);
+ }
+
+ /* Set multicast filter. */
+ wi_setmulti(sc);
+
+ /* Enable desired port */
+ wi_cmd(sc, WI_CMD_ENABLE | sc->wi_portnum, 0, 0, 0);
+
+ if (wi_alloc_nicmem(sc, ETHER_MAX_LEN + sizeof(struct wi_frame) + 8, &id))
+ device_printf(sc->dev, "tx buffer allocation failed\n");
+ sc->wi_tx_data_id = id;
+
+ if (wi_alloc_nicmem(sc, ETHER_MAX_LEN + sizeof(struct wi_frame) + 8, &id))
+ device_printf(sc->dev, "mgmt. buffer allocation failed\n");
+ sc->wi_tx_mgmt_id = id;
+
+ /* enable interrupts */
+ CSR_WRITE_2(sc, WI_INT_EN, WI_INTRS);
+
+ wihap_init(sc);
+
+ ifp->if_flags |= IFF_RUNNING;
+ ifp->if_flags &= ~IFF_OACTIVE;
+
+ sc->wi_stat_ch = timeout(wi_inquire, sc, hz * 60);
+ WI_UNLOCK(sc, s);
+
+ return;
+}
+
+static u_int32_t crc32_tab[] = {
+ 0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L,
+ 0x706af48fL, 0xe963a535L, 0x9e6495a3L, 0x0edb8832L, 0x79dcb8a4L,
+ 0xe0d5e91eL, 0x97d2d988L, 0x09b64c2bL, 0x7eb17cbdL, 0xe7b82d07L,
+ 0x90bf1d91L, 0x1db71064L, 0x6ab020f2L, 0xf3b97148L, 0x84be41deL,
+ 0x1adad47dL, 0x6ddde4ebL, 0xf4d4b551L, 0x83d385c7L, 0x136c9856L,
+ 0x646ba8c0L, 0xfd62f97aL, 0x8a65c9ecL, 0x14015c4fL, 0x63066cd9L,
+ 0xfa0f3d63L, 0x8d080df5L, 0x3b6e20c8L, 0x4c69105eL, 0xd56041e4L,
+ 0xa2677172L, 0x3c03e4d1L, 0x4b04d447L, 0xd20d85fdL, 0xa50ab56bL,
+ 0x35b5a8faL, 0x42b2986cL, 0xdbbbc9d6L, 0xacbcf940L, 0x32d86ce3L,
+ 0x45df5c75L, 0xdcd60dcfL, 0xabd13d59L, 0x26d930acL, 0x51de003aL,
+ 0xc8d75180L, 0xbfd06116L, 0x21b4f4b5L, 0x56b3c423L, 0xcfba9599L,
+ 0xb8bda50fL, 0x2802b89eL, 0x5f058808L, 0xc60cd9b2L, 0xb10be924L,
+ 0x2f6f7c87L, 0x58684c11L, 0xc1611dabL, 0xb6662d3dL, 0x76dc4190L,
+ 0x01db7106L, 0x98d220bcL, 0xefd5102aL, 0x71b18589L, 0x06b6b51fL,
+ 0x9fbfe4a5L, 0xe8b8d433L, 0x7807c9a2L, 0x0f00f934L, 0x9609a88eL,
+ 0xe10e9818L, 0x7f6a0dbbL, 0x086d3d2dL, 0x91646c97L, 0xe6635c01L,
+ 0x6b6b51f4L, 0x1c6c6162L, 0x856530d8L, 0xf262004eL, 0x6c0695edL,
+ 0x1b01a57bL, 0x8208f4c1L, 0xf50fc457L, 0x65b0d9c6L, 0x12b7e950L,
+ 0x8bbeb8eaL, 0xfcb9887cL, 0x62dd1ddfL, 0x15da2d49L, 0x8cd37cf3L,
+ 0xfbd44c65L, 0x4db26158L, 0x3ab551ceL, 0xa3bc0074L, 0xd4bb30e2L,
+ 0x4adfa541L, 0x3dd895d7L, 0xa4d1c46dL, 0xd3d6f4fbL, 0x4369e96aL,
+ 0x346ed9fcL, 0xad678846L, 0xda60b8d0L, 0x44042d73L, 0x33031de5L,
+ 0xaa0a4c5fL, 0xdd0d7cc9L, 0x5005713cL, 0x270241aaL, 0xbe0b1010L,
+ 0xc90c2086L, 0x5768b525L, 0x206f85b3L, 0xb966d409L, 0xce61e49fL,
+ 0x5edef90eL, 0x29d9c998L, 0xb0d09822L, 0xc7d7a8b4L, 0x59b33d17L,
+ 0x2eb40d81L, 0xb7bd5c3bL, 0xc0ba6cadL, 0xedb88320L, 0x9abfb3b6L,
+ 0x03b6e20cL, 0x74b1d29aL, 0xead54739L, 0x9dd277afL, 0x04db2615L,
+ 0x73dc1683L, 0xe3630b12L, 0x94643b84L, 0x0d6d6a3eL, 0x7a6a5aa8L,
+ 0xe40ecf0bL, 0x9309ff9dL, 0x0a00ae27L, 0x7d079eb1L, 0xf00f9344L,
+ 0x8708a3d2L, 0x1e01f268L, 0x6906c2feL, 0xf762575dL, 0x806567cbL,
+ 0x196c3671L, 0x6e6b06e7L, 0xfed41b76L, 0x89d32be0L, 0x10da7a5aL,
+ 0x67dd4accL, 0xf9b9df6fL, 0x8ebeeff9L, 0x17b7be43L, 0x60b08ed5L,
+ 0xd6d6a3e8L, 0xa1d1937eL, 0x38d8c2c4L, 0x4fdff252L, 0xd1bb67f1L,
+ 0xa6bc5767L, 0x3fb506ddL, 0x48b2364bL, 0xd80d2bdaL, 0xaf0a1b4cL,
+ 0x36034af6L, 0x41047a60L, 0xdf60efc3L, 0xa867df55L, 0x316e8eefL,
+ 0x4669be79L, 0xcb61b38cL, 0xbc66831aL, 0x256fd2a0L, 0x5268e236L,
+ 0xcc0c7795L, 0xbb0b4703L, 0x220216b9L, 0x5505262fL, 0xc5ba3bbeL,
+ 0xb2bd0b28L, 0x2bb45a92L, 0x5cb36a04L, 0xc2d7ffa7L, 0xb5d0cf31L,
+ 0x2cd99e8bL, 0x5bdeae1dL, 0x9b64c2b0L, 0xec63f226L, 0x756aa39cL,
+ 0x026d930aL, 0x9c0906a9L, 0xeb0e363fL, 0x72076785L, 0x05005713L,
+ 0x95bf4a82L, 0xe2b87a14L, 0x7bb12baeL, 0x0cb61b38L, 0x92d28e9bL,
+ 0xe5d5be0dL, 0x7cdcefb7L, 0x0bdbdf21L, 0x86d3d2d4L, 0xf1d4e242L,
+ 0x68ddb3f8L, 0x1fda836eL, 0x81be16cdL, 0xf6b9265bL, 0x6fb077e1L,
+ 0x18b74777L, 0x88085ae6L, 0xff0f6a70L, 0x66063bcaL, 0x11010b5cL,
+ 0x8f659effL, 0xf862ae69L, 0x616bffd3L, 0x166ccf45L, 0xa00ae278L,
+ 0xd70dd2eeL, 0x4e048354L, 0x3903b3c2L, 0xa7672661L, 0xd06016f7L,
+ 0x4969474dL, 0x3e6e77dbL, 0xaed16a4aL, 0xd9d65adcL, 0x40df0b66L,
+ 0x37d83bf0L, 0xa9bcae53L, 0xdebb9ec5L, 0x47b2cf7fL, 0x30b5ffe9L,
+ 0xbdbdf21cL, 0xcabac28aL, 0x53b39330L, 0x24b4a3a6L, 0xbad03605L,
+ 0xcdd70693L, 0x54de5729L, 0x23d967bfL, 0xb3667a2eL, 0xc4614ab8L,
+ 0x5d681b02L, 0x2a6f2b94L, 0xb40bbe37L, 0xc30c8ea1L, 0x5a05df1bL,
+ 0x2d02ef8dL
+};
+
+#define RC4STATE 256
+#define RC4KEYLEN 16
+#define RC4SWAP(x,y) \
+ do { u_int8_t t = state[x]; state[x] = state[y]; state[y] = t; } while(0)
+
+static void
+wi_do_hostencrypt(struct wi_softc *sc, caddr_t buf, int len)
+{
+ u_int32_t i, crc, klen;
+ u_int8_t state[RC4STATE], key[RC4KEYLEN];
+ u_int8_t x, y, *dat;
+
+ if (!sc->wi_icv_flag) {
+ sc->wi_icv = arc4random();
+ sc->wi_icv_flag++;
+ } else
+ sc->wi_icv++;
+ /*
+ * Skip 'bad' IVs from Fluhrer/Mantin/Shamir:
+ * (B, 255, N) with 3 <= B < 8
+ */
+ if (sc->wi_icv >= 0x03ff00 &&
+ (sc->wi_icv & 0xf8ff00) == 0x00ff00)
+ sc->wi_icv += 0x000100;
+
+ /* prepend 24bit IV to tx key, byte order does not matter */
+ key[0] = sc->wi_icv >> 16;
+ key[1] = sc->wi_icv >> 8;
+ key[2] = sc->wi_icv;
+
+ klen = sc->wi_keys.wi_keys[sc->wi_tx_key].wi_keylen +
+ IEEE80211_WEP_IVLEN;
+ klen = (klen >= RC4KEYLEN) ? RC4KEYLEN : RC4KEYLEN/2;
+ bcopy((char *)&sc->wi_keys.wi_keys[sc->wi_tx_key].wi_keydat,
+ (char *)key + IEEE80211_WEP_IVLEN, klen - IEEE80211_WEP_IVLEN);
+
+ /* rc4 keysetup */
+ x = y = 0;
+ for (i = 0; i < RC4STATE; i++)
+ state[i] = i;
+ for (i = 0; i < RC4STATE; i++) {
+ y = (key[x] + state[i] + y) % RC4STATE;
+ RC4SWAP(i, y);
+ x = (x + 1) % klen;
+ }
+
+ /* output: IV, tx keyid, rc4(data), rc4(crc32(data)) */
+ dat = buf;
+ dat[0] = key[0];
+ dat[1] = key[1];
+ dat[2] = key[2];
+ dat[3] = sc->wi_tx_key << 6; /* pad and keyid */
+ dat += 4;
+
+ /* compute rc4 over data, crc32 over data */
+ crc = ~0;
+ x = y = 0;
+ for (i = 0; i < len; i++) {
+ x = (x + 1) % RC4STATE;
+ y = (state[x] + y) % RC4STATE;
+ RC4SWAP(x, y);
+ crc = crc32_tab[(crc ^ dat[i]) & 0xff] ^ (crc >> 8);
+ dat[i] ^= state[(state[x] + state[y]) % RC4STATE];
+ }
+ crc = ~crc;
+ dat += len;
+
+ /* append little-endian crc32 and encrypt */
+ dat[0] = crc;
+ dat[1] = crc >> 8;
+ dat[2] = crc >> 16;
+ dat[3] = crc >> 24;
+ for (i = 0; i < IEEE80211_WEP_CRCLEN; i++) {
+ x = (x + 1) % RC4STATE;
+ y = (state[x] + y) % RC4STATE;
+ RC4SWAP(x, y);
+ dat[i] ^= state[(state[x] + state[y]) % RC4STATE];
+ }
+}
+
+static void
+wi_start(ifp)
+ struct ifnet *ifp;
+{
+ struct wi_softc *sc;
+ struct mbuf *m0;
+ struct wi_frame tx_frame;
+ struct ether_header *eh;
+ int id;
+ int s;
+
+ sc = ifp->if_softc;
+ WI_LOCK(sc, s);
+
+ if (sc->wi_gone) {
+ WI_UNLOCK(sc, s);
+ return;
+ }
+
+ if (ifp->if_flags & IFF_OACTIVE) {
+ WI_UNLOCK(sc, s);
+ return;
+ }
+
+nextpkt:
+ IF_DEQUEUE(&ifp->if_snd, m0);
+ if (m0 == NULL) {
+ WI_UNLOCK(sc, s);
+ return;
+ }
+
+ bzero((char *)&tx_frame, sizeof(tx_frame));
+ tx_frame.wi_frame_ctl = htole16(WI_FTYPE_DATA);
+ id = sc->wi_tx_data_id;
+ eh = mtod(m0, struct ether_header *);
+
+ if (sc->wi_ptype == WI_PORTTYPE_AP) {
+ if (!wihap_check_tx(&sc->wi_hostap_info,
+ eh->ether_dhost, &tx_frame.wi_tx_rate)) {
+ if (ifp->if_flags & IFF_DEBUG)
+ printf("wi_start: dropping unassoc "
+ "dst %6D\n", eh->ether_dhost, ":");
+ m_freem(m0);
+ goto nextpkt;
+ }
+ }
+ /*
+ * Use RFC1042 encoding for IP and ARP datagrams,
+ * 802.3 for anything else.
+ */
+ if (ntohs(eh->ether_type) > ETHER_MAX_LEN) {
+ bcopy((char *)&eh->ether_dhost,
+ (char *)&tx_frame.wi_addr1, ETHER_ADDR_LEN);
+ if (sc->wi_ptype == WI_PORTTYPE_AP) {
+ tx_frame.wi_tx_ctl = WI_ENC_TX_MGMT; /* XXX */
+ tx_frame.wi_frame_ctl |= WI_FCTL_FROMDS;
+ if (sc->wi_use_wep)
+ tx_frame.wi_frame_ctl |= WI_FCTL_WEP;
+ bcopy((char *)&sc->arpcom.ac_enaddr,
+ (char *)&tx_frame.wi_addr2, ETHER_ADDR_LEN);
+ bcopy((char *)&eh->ether_shost,
+ (char *)&tx_frame.wi_addr3, ETHER_ADDR_LEN);
+ }
+ else
+ bcopy((char *)&eh->ether_shost,
+ (char *)&tx_frame.wi_addr2, ETHER_ADDR_LEN);
+ bcopy((char *)&eh->ether_dhost,
+ (char *)&tx_frame.wi_dst_addr, ETHER_ADDR_LEN);
+ bcopy((char *)&eh->ether_shost,
+ (char *)&tx_frame.wi_src_addr, ETHER_ADDR_LEN);
+
+ tx_frame.wi_dat_len = m0->m_pkthdr.len - WI_SNAPHDR_LEN;
+ tx_frame.wi_dat[0] = htons(WI_SNAP_WORD0);
+ tx_frame.wi_dat[1] = htons(WI_SNAP_WORD1);
+ tx_frame.wi_len = htons(m0->m_pkthdr.len - WI_SNAPHDR_LEN);
+ tx_frame.wi_type = eh->ether_type;
+
+ if (sc->wi_ptype == WI_PORTTYPE_AP && sc->wi_use_wep) {
+ /* Do host encryption. */
+ bcopy(&tx_frame.wi_dat[0], &sc->wi_txbuf[4], 8);
+ m_copydata(m0, sizeof(struct ether_header),
+ m0->m_pkthdr.len - sizeof(struct ether_header),
+ (caddr_t)&sc->wi_txbuf[12]);
+ wi_do_hostencrypt(sc, &sc->wi_txbuf[0],
+ tx_frame.wi_dat_len);
+ tx_frame.wi_dat_len += IEEE80211_WEP_IVLEN +
+ IEEE80211_WEP_KIDLEN + IEEE80211_WEP_CRCLEN;
+ wi_write_data(sc, id, 0, (caddr_t)&tx_frame,
+ sizeof(struct wi_frame));
+ wi_write_data(sc, id, WI_802_11_OFFSET_RAW,
+ (caddr_t)&sc->wi_txbuf, (m0->m_pkthdr.len -
+ sizeof(struct ether_header)) + 18);
+ } else {
+ m_copydata(m0, sizeof(struct ether_header),
+ m0->m_pkthdr.len - sizeof(struct ether_header),
+ (caddr_t)&sc->wi_txbuf);
+ wi_write_data(sc, id, 0, (caddr_t)&tx_frame,
+ sizeof(struct wi_frame));
+ wi_write_data(sc, id, WI_802_11_OFFSET,
+ (caddr_t)&sc->wi_txbuf, (m0->m_pkthdr.len -
+ sizeof(struct ether_header)) + 2);
+ }
+ } else {
+ tx_frame.wi_dat_len = m0->m_pkthdr.len;
+
+ if (sc->wi_ptype == WI_PORTTYPE_AP && sc->wi_use_wep) {
+ /* Do host encryption. */
+ printf( "XXX: host encrypt not implemented for 802.3\n" );
+ } else {
+ eh->ether_type = htons(m0->m_pkthdr.len -
+ WI_SNAPHDR_LEN);
+ m_copydata(m0, 0, m0->m_pkthdr.len,
+ (caddr_t)&sc->wi_txbuf);
+
+ wi_write_data(sc, id, 0, (caddr_t)&tx_frame,
+ sizeof(struct wi_frame));
+ wi_write_data(sc, id, WI_802_3_OFFSET,
+ (caddr_t)&sc->wi_txbuf, m0->m_pkthdr.len + 2);
+ }
+ }
+
+ /*
+ * If there's a BPF listner, bounce a copy of
+ * this frame to him. Also, don't send this to the bpf sniffer
+ * if we're in procframe or monitor sniffing mode.
+ */
+ if (!(sc->wi_procframe || sc->wi_debug.wi_monitor) && ifp->if_bpf)
+ bpf_mtap(ifp, m0);
+
+ m_freem(m0);
+
+ if (wi_cmd(sc, WI_CMD_TX|WI_RECLAIM, id, 0, 0))
+ device_printf(sc->dev, "xmit failed\n");
+
+ ifp->if_flags |= IFF_OACTIVE;
+
+ /*
+ * Set a timeout in case the chip goes out to lunch.
+ */
+ ifp->if_timer = 5;
+
+ WI_UNLOCK(sc, s);
+ return;
+}
+
+int
+wi_mgmt_xmit(sc, data, len)
+ struct wi_softc *sc;
+ caddr_t data;
+ int len;
+{
+ struct wi_frame tx_frame;
+ int id;
+ struct wi_80211_hdr *hdr;
+ caddr_t dptr;
+
+ if (sc->wi_gone)
+ return(ENODEV);
+
+ hdr = (struct wi_80211_hdr *)data;
+ dptr = data + sizeof(struct wi_80211_hdr);
+
+ bzero((char *)&tx_frame, sizeof(tx_frame));
+ id = sc->wi_tx_mgmt_id;
+
+ bcopy((char *)hdr, (char *)&tx_frame.wi_frame_ctl,
+ sizeof(struct wi_80211_hdr));
+
+ tx_frame.wi_tx_ctl = WI_ENC_TX_MGMT;
+ tx_frame.wi_dat_len = len - sizeof(struct wi_80211_hdr);
+ tx_frame.wi_len = htons(tx_frame.wi_dat_len);
+
+ wi_write_data(sc, id, 0, (caddr_t)&tx_frame, sizeof(struct wi_frame));
+ wi_write_data(sc, id, WI_802_11_OFFSET_RAW, dptr,
+ len - sizeof(struct wi_80211_hdr) + 2);
+
+ if (wi_cmd(sc, WI_CMD_TX|WI_RECLAIM, id, 0, 0)) {
+ device_printf(sc->dev, "xmit failed\n");
+ return(EIO);
+ }
+
+ return(0);
+}
+
+static void
+wi_stop(sc)
+ struct wi_softc *sc;
+{
+ struct ifnet *ifp;
+ int s;
+
+ WI_LOCK(sc, s);
+
+ if (sc->wi_gone) {
+ WI_UNLOCK(sc, s);
+ return;
+ }
+
+ wihap_shutdown(sc);
+
+ ifp = &sc->arpcom.ac_if;
+
+ /*
+ * If the card is gone and the memory port isn't mapped, we will
+ * (hopefully) get 0xffff back from the status read, which is not
+ * a valid status value.
+ */
+ if (CSR_READ_2(sc, WI_STATUS) != 0xffff) {
+ CSR_WRITE_2(sc, WI_INT_EN, 0);
+ wi_cmd(sc, WI_CMD_DISABLE|sc->wi_portnum, 0, 0, 0);
+ }
+
+ untimeout(wi_inquire, sc, sc->wi_stat_ch);
+
+ ifp->if_flags &= ~(IFF_RUNNING|IFF_OACTIVE);
+
+ WI_UNLOCK(sc, s);
+ return;
+}
+
+static void
+wi_watchdog(ifp)
+ struct ifnet *ifp;
+{
+ struct wi_softc *sc;
+
+ sc = ifp->if_softc;
+
+ device_printf(sc->dev, "watchdog timeout\n");
+
+ wi_init(sc);
+
+ ifp->if_oerrors++;
+
+ return;
+}
+
+int
+wi_alloc(dev, rid)
+ device_t dev;
+ int rid;
+{
+ struct wi_softc *sc = device_get_softc(dev);
+
+ if (sc->wi_bus_type != WI_BUS_PCI_NATIVE) {
+ sc->iobase_rid = rid;
+ sc->iobase = bus_alloc_resource(dev, SYS_RES_IOPORT,
+ &sc->iobase_rid, 0, ~0, (1 << 6),
+ rman_make_alignment_flags(1 << 6) | RF_ACTIVE);
+ if (!sc->iobase) {
+ device_printf(dev, "No I/O space?!\n");
+ return (ENXIO);
+ }
+
+ sc->wi_io_addr = rman_get_start(sc->iobase);
+ sc->wi_btag = rman_get_bustag(sc->iobase);
+ sc->wi_bhandle = rman_get_bushandle(sc->iobase);
+ } else {
+ sc->mem_rid = rid;
+ sc->mem = bus_alloc_resource(dev, SYS_RES_MEMORY,
+ &sc->mem_rid, 0, ~0, 1, RF_ACTIVE);
+
+ if (!sc->mem) {
+ device_printf(dev, "No Mem space on prism2.5?\n");
+ return (ENXIO);
+ }
+
+ sc->wi_btag = rman_get_bustag(sc->mem);
+ sc->wi_bhandle = rman_get_bushandle(sc->mem);
+ }
+
+
+ sc->irq_rid = 0;
+ sc->irq = bus_alloc_resource(dev, SYS_RES_IRQ, &sc->irq_rid,
+ 0, ~0, 1, RF_ACTIVE |
+ ((sc->wi_bus_type == WI_BUS_PCCARD) ? 0 : RF_SHAREABLE));
+
+ if (!sc->irq) {
+ wi_free(dev);
+ device_printf(dev, "No irq?!\n");
+ return (ENXIO);
+ }
+
+ sc->dev = dev;
+ sc->wi_unit = device_get_unit(dev);
+
+ return (0);
+}
+
+void
+wi_free(dev)
+ device_t dev;
+{
+ struct wi_softc *sc = device_get_softc(dev);
+
+ if (sc->iobase != NULL) {
+ bus_release_resource(dev, SYS_RES_IOPORT, sc->iobase_rid, sc->iobase);
+ sc->iobase = NULL;
+ }
+ if (sc->irq != NULL) {
+ bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq);
+ sc->irq = NULL;
+ }
+ if (sc->mem != NULL) {
+ bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem);
+ sc->mem = NULL;
+ }
+
+ return;
+}
+
+void
+wi_shutdown(dev)
+ device_t dev;
+{
+ struct wi_softc *sc;
+
+ sc = device_get_softc(dev);
+ wi_stop(sc);
+
+ return;
+}
+
+#ifdef WICACHE
+/* wavelan signal strength cache code.
+ * store signal/noise/quality on per MAC src basis in
+ * a small fixed cache. The cache wraps if > MAX slots
+ * used. The cache may be zeroed out to start over.
+ * Two simple filters exist to reduce computation:
+ * 1. ip only (literally 0x800) which may be used
+ * to ignore some packets. It defaults to ip only.
+ * it could be used to focus on broadcast, non-IP 802.11 beacons.
+ * 2. multicast/broadcast only. This may be used to
+ * ignore unicast packets and only cache signal strength
+ * for multicast/broadcast packets (beacons); e.g., Mobile-IP
+ * beacons and not unicast traffic.
+ *
+ * The cache stores (MAC src(index), IP src (major clue), signal,
+ * quality, noise)
+ *
+ * No apologies for storing IP src here. It's easy and saves much
+ * trouble elsewhere. The cache is assumed to be INET dependent,
+ * although it need not be.
+ */
+
+#ifdef documentation
+
+int wi_sigitems; /* number of cached entries */
+struct wi_sigcache wi_sigcache[MAXWICACHE]; /* array of cache entries */
+int wi_nextitem; /* index/# of entries */
+
+
+#endif
+
+/* control variables for cache filtering. Basic idea is
+ * to reduce cost (e.g., to only Mobile-IP agent beacons
+ * which are broadcast or multicast). Still you might
+ * want to measure signal strength with unicast ping packets
+ * on a pt. to pt. ant. setup.
+ */
+/* set true if you want to limit cache items to broadcast/mcast
+ * only packets (not unicast). Useful for mobile-ip beacons which
+ * are broadcast/multicast at network layer. Default is all packets
+ * so ping/unicast will work say with pt. to pt. antennae setup.
+ */
+static int wi_cache_mcastonly = 0;
+SYSCTL_INT(_machdep, OID_AUTO, wi_cache_mcastonly, CTLFLAG_RW,
+ &wi_cache_mcastonly, 0, "");
+
+/* set true if you want to limit cache items to IP packets only
+*/
+static int wi_cache_iponly = 1;
+SYSCTL_INT(_machdep, OID_AUTO, wi_cache_iponly, CTLFLAG_RW,
+ &wi_cache_iponly, 0, "");
+
+/*
+ * Original comments:
+ * -----------------
+ * wi_cache_store, per rx packet store signal
+ * strength in MAC (src) indexed cache.
+ *
+ * follows linux driver in how signal strength is computed.
+ * In ad hoc mode, we use the rx_quality field.
+ * signal and noise are trimmed to fit in the range from 47..138.
+ * rx_quality field MSB is signal strength.
+ * rx_quality field LSB is noise.
+ * "quality" is (signal - noise) as is log value.
+ * note: quality CAN be negative.
+ *
+ * In BSS mode, we use the RID for communication quality.
+ * TBD: BSS mode is currently untested.
+ *
+ * Bill's comments:
+ * ---------------
+ * Actually, we use the rx_quality field all the time for both "ad-hoc"
+ * and BSS modes. Why? Because reading an RID is really, really expensive:
+ * there's a bunch of PIO operations that have to be done to read a record
+ * from the NIC, and reading the comms quality RID each time a packet is
+ * received can really hurt performance. We don't have to do this anyway:
+ * the comms quality field only reflects the values in the rx_quality field
+ * anyway. The comms quality RID is only meaningful in infrastructure mode,
+ * but the values it contains are updated based on the rx_quality from
+ * frames received from the access point.
+ *
+ * Also, according to Lucent, the signal strength and noise level values
+ * can be converted to dBms by subtracting 149, so I've modified the code
+ * to do that instead of the scaling it did originally.
+ */
+static void
+wi_cache_store(struct wi_softc *sc, struct ether_header *eh,
+ struct mbuf *m, unsigned short rx_quality)
+{
+ struct ip *ip = 0;
+ int i;
+ static int cache_slot = 0; /* use this cache entry */
+ static int wrapindex = 0; /* next "free" cache entry */
+ int sig, noise;
+ int sawip=0;
+
+ /*
+ * filters:
+ * 1. ip only
+ * 2. configurable filter to throw out unicast packets,
+ * keep multicast only.
+ */
+
+ if ((ntohs(eh->ether_type) == ETHERTYPE_IP)) {
+ sawip = 1;
+ }
+
+ /*
+ * filter for ip packets only
+ */
+ if (wi_cache_iponly && !sawip) {
+ return;
+ }
+
+ /*
+ * filter for broadcast/multicast only
+ */
+ if (wi_cache_mcastonly && ((eh->ether_dhost[0] & 1) == 0)) {
+ return;
+ }
+
+#ifdef SIGDEBUG
+ printf("wi%d: q value %x (MSB=0x%x, LSB=0x%x) \n", sc->wi_unit,
+ rx_quality & 0xffff, rx_quality >> 8, rx_quality & 0xff);
+#endif
+
+ /*
+ * find the ip header. we want to store the ip_src
+ * address.
+ */
+ if (sawip)
+ ip = mtod(m, struct ip *);
+
+ /*
+ * do a linear search for a matching MAC address
+ * in the cache table
+ * . MAC address is 6 bytes,
+ * . var w_nextitem holds total number of entries already cached
+ */
+ for(i = 0; i < sc->wi_nextitem; i++) {
+ if (! bcmp(eh->ether_shost , sc->wi_sigcache[i].macsrc, 6 )) {
+ /*
+ * Match!,
+ * so we already have this entry,
+ * update the data
+ */
+ break;
+ }
+ }
+
+ /*
+ * did we find a matching mac address?
+ * if yes, then overwrite a previously existing cache entry
+ */
+ if (i < sc->wi_nextitem ) {
+ cache_slot = i;
+ }
+ /*
+ * else, have a new address entry,so
+ * add this new entry,
+ * if table full, then we need to replace LRU entry
+ */
+ else {
+
+ /*
+ * check for space in cache table
+ * note: wi_nextitem also holds number of entries
+ * added in the cache table
+ */
+ if ( sc->wi_nextitem < MAXWICACHE ) {
+ cache_slot = sc->wi_nextitem;
+ sc->wi_nextitem++;
+ sc->wi_sigitems = sc->wi_nextitem;
+ }
+ /* no space found, so simply wrap with wrap index
+ * and "zap" the next entry
+ */
+ else {
+ if (wrapindex == MAXWICACHE) {
+ wrapindex = 0;
+ }
+ cache_slot = wrapindex++;
+ }
+ }
+
+ /*
+ * invariant: cache_slot now points at some slot
+ * in cache.
+ */
+ if (cache_slot < 0 || cache_slot >= MAXWICACHE) {
+ log(LOG_ERR, "wi_cache_store, bad index: %d of "
+ "[0..%d], gross cache error\n",
+ cache_slot, MAXWICACHE);
+ return;
+ }
+
+ /*
+ * store items in cache
+ * .ip source address
+ * .mac src
+ * .signal, etc.
+ */
+ if (sawip)
+ sc->wi_sigcache[cache_slot].ipsrc = ip->ip_src.s_addr;
+ bcopy( eh->ether_shost, sc->wi_sigcache[cache_slot].macsrc, 6);
+
+ sig = (rx_quality >> 8) & 0xFF;
+ noise = rx_quality & 0xFF;
+ sc->wi_sigcache[cache_slot].signal = sig - 149;
+ sc->wi_sigcache[cache_slot].noise = noise - 149;
+ sc->wi_sigcache[cache_slot].quality = sig - noise;
+
+ return;
+}
+#endif
+
+static int
+wi_get_cur_ssid(sc, ssid, len)
+ struct wi_softc *sc;
+ char *ssid;
+ int *len;
+{
+ int error = 0;
+ struct wi_req wreq;
+
+ wreq.wi_len = WI_MAX_DATALEN;
+ switch (sc->wi_ptype) {
+ case WI_PORTTYPE_AP:
+ *len = IEEE80211_NWID_LEN;
+ bcopy(sc->wi_net_name, ssid, IEEE80211_NWID_LEN);
+ break;
+ case WI_PORTTYPE_ADHOC:
+ wreq.wi_type = WI_RID_CURRENT_SSID;
+ error = wi_read_record(sc, (struct wi_ltv_gen *)&wreq);
+ if (error != 0)
+ break;
+ if (wreq.wi_val[0] > IEEE80211_NWID_LEN) {
+ error = EINVAL;
+ break;
+ }
+ *len = wreq.wi_val[0];
+ bcopy(&wreq.wi_val[1], ssid, IEEE80211_NWID_LEN);
+ break;
+ case WI_PORTTYPE_BSS:
+ wreq.wi_type = WI_RID_COMMQUAL;
+ error = wi_read_record(sc, (struct wi_ltv_gen *)&wreq);
+ if (error != 0)
+ break;
+ if (wreq.wi_val[0] != 0) /* associated */ {
+ wreq.wi_type = WI_RID_CURRENT_SSID;
+ wreq.wi_len = WI_MAX_DATALEN;
+ error = wi_read_record(sc, (struct wi_ltv_gen *)&wreq);
+ if (error != 0)
+ break;
+ if (wreq.wi_val[0] > IEEE80211_NWID_LEN) {
+ error = EINVAL;
+ break;
+ }
+ *len = wreq.wi_val[0];
+ bcopy(&wreq.wi_val[1], ssid, IEEE80211_NWID_LEN);
+ } else {
+ *len = IEEE80211_NWID_LEN;
+ bcopy(sc->wi_net_name, ssid, IEEE80211_NWID_LEN);
+ }
+ break;
+ default:
+ error = EINVAL;
+ break;
+ }
+
+ return error;
+}
+
+static int
+wi_media_change(ifp)
+ struct ifnet *ifp;
+{
+ struct wi_softc *sc = ifp->if_softc;
+ int otype = sc->wi_ptype;
+ int orate = sc->wi_tx_rate;
+
+ if ((sc->ifmedia.ifm_cur->ifm_media & IFM_IEEE80211_ADHOC) != 0)
+ sc->wi_ptype = WI_PORTTYPE_ADHOC;
+ else if ((sc->ifmedia.ifm_cur->ifm_media & IFM_IEEE80211_HOSTAP) != 0)
+ sc->wi_ptype = WI_PORTTYPE_AP;
+ else
+ sc->wi_ptype = WI_PORTTYPE_BSS;
+
+ switch (IFM_SUBTYPE(sc->ifmedia.ifm_cur->ifm_media)) {
+ case IFM_IEEE80211_DS1:
+ sc->wi_tx_rate = 1;
+ break;
+ case IFM_IEEE80211_DS2:
+ sc->wi_tx_rate = 2;
+ break;
+ case IFM_IEEE80211_DS5:
+ sc->wi_tx_rate = 5;
+ break;
+ case IFM_IEEE80211_DS11:
+ sc->wi_tx_rate = 11;
+ break;
+ case IFM_AUTO:
+ sc->wi_tx_rate = 3;
+ break;
+ }
+
+ if (otype != sc->wi_ptype ||
+ orate != sc->wi_tx_rate)
+ wi_init(sc);
+
+ return(0);
+}
+
+static void
+wi_media_status(ifp, imr)
+ struct ifnet *ifp;
+ struct ifmediareq *imr;
+{
+ struct wi_req wreq;
+ struct wi_softc *sc = ifp->if_softc;
+
+ if (sc->wi_tx_rate == 3) {
+ imr->ifm_active = IFM_IEEE80211|IFM_AUTO;
+ if (sc->wi_ptype == WI_PORTTYPE_ADHOC)
+ imr->ifm_active |= IFM_IEEE80211_ADHOC;
+ else if (sc->wi_ptype == WI_PORTTYPE_AP)
+ imr->ifm_active |= IFM_IEEE80211_HOSTAP;
+ wreq.wi_type = WI_RID_CUR_TX_RATE;
+ wreq.wi_len = WI_MAX_DATALEN;
+ if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq) == 0) {
+ switch(wreq.wi_val[0]) {
+ case 1:
+ imr->ifm_active |= IFM_IEEE80211_DS1;
+ break;
+ case 2:
+ imr->ifm_active |= IFM_IEEE80211_DS2;
+ break;
+ case 6:
+ imr->ifm_active |= IFM_IEEE80211_DS5;
+ break;
+ case 11:
+ imr->ifm_active |= IFM_IEEE80211_DS11;
+ break;
+ }
+ }
+ } else {
+ imr->ifm_active = sc->ifmedia.ifm_cur->ifm_media;
+ }
+
+ imr->ifm_status = IFM_AVALID;
+ if (sc->wi_ptype == WI_PORTTYPE_ADHOC)
+ /*
+ * XXX: It would be nice if we could give some actually
+ * useful status like whether we joined another IBSS or
+ * created one ourselves.
+ */
+ imr->ifm_status |= IFM_ACTIVE;
+ else if (sc->wi_ptype == WI_PORTTYPE_AP)
+ imr->ifm_status |= IFM_ACTIVE;
+ else {
+ wreq.wi_type = WI_RID_COMMQUAL;
+ wreq.wi_len = WI_MAX_DATALEN;
+ if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq) == 0 &&
+ wreq.wi_val[0] != 0)
+ imr->ifm_status |= IFM_ACTIVE;
+ }
+}
+
+static int
+wi_get_debug(sc, wreq)
+ struct wi_softc *sc;
+ struct wi_req *wreq;
+{
+ int error = 0;
+
+ wreq->wi_len = 1;
+
+ switch (wreq->wi_type) {
+ case WI_DEBUG_SLEEP:
+ wreq->wi_len++;
+ wreq->wi_val[0] = sc->wi_debug.wi_sleep;
+ break;
+ case WI_DEBUG_DELAYSUPP:
+ wreq->wi_len++;
+ wreq->wi_val[0] = sc->wi_debug.wi_delaysupp;
+ break;
+ case WI_DEBUG_TXSUPP:
+ wreq->wi_len++;
+ wreq->wi_val[0] = sc->wi_debug.wi_txsupp;
+ break;
+ case WI_DEBUG_MONITOR:
+ wreq->wi_len++;
+ wreq->wi_val[0] = sc->wi_debug.wi_monitor;
+ break;
+ case WI_DEBUG_LEDTEST:
+ wreq->wi_len += 3;
+ wreq->wi_val[0] = sc->wi_debug.wi_ledtest;
+ wreq->wi_val[1] = sc->wi_debug.wi_ledtest_param0;
+ wreq->wi_val[2] = sc->wi_debug.wi_ledtest_param1;
+ break;
+ case WI_DEBUG_CONTTX:
+ wreq->wi_len += 2;
+ wreq->wi_val[0] = sc->wi_debug.wi_conttx;
+ wreq->wi_val[1] = sc->wi_debug.wi_conttx_param0;
+ break;
+ case WI_DEBUG_CONTRX:
+ wreq->wi_len++;
+ wreq->wi_val[0] = sc->wi_debug.wi_contrx;
+ break;
+ case WI_DEBUG_SIGSTATE:
+ wreq->wi_len += 2;
+ wreq->wi_val[0] = sc->wi_debug.wi_sigstate;
+ wreq->wi_val[1] = sc->wi_debug.wi_sigstate_param0;
+ break;
+ case WI_DEBUG_CONFBITS:
+ wreq->wi_len += 2;
+ wreq->wi_val[0] = sc->wi_debug.wi_confbits;
+ wreq->wi_val[1] = sc->wi_debug.wi_confbits_param0;
+ break;
+ default:
+ error = EIO;
+ break;
+ }
+
+ return (error);
+}
+
+static int
+wi_set_debug(sc, wreq)
+ struct wi_softc *sc;
+ struct wi_req *wreq;
+{
+ int error = 0;
+ u_int16_t cmd, param0 = 0, param1 = 0;
+
+ switch (wreq->wi_type) {
+ case WI_DEBUG_RESET:
+ case WI_DEBUG_INIT:
+ case WI_DEBUG_CALENABLE:
+ break;
+ case WI_DEBUG_SLEEP:
+ sc->wi_debug.wi_sleep = 1;
+ break;
+ case WI_DEBUG_WAKE:
+ sc->wi_debug.wi_sleep = 0;
+ break;
+ case WI_DEBUG_CHAN:
+ param0 = wreq->wi_val[0];
+ break;
+ case WI_DEBUG_DELAYSUPP:
+ sc->wi_debug.wi_delaysupp = 1;
+ break;
+ case WI_DEBUG_TXSUPP:
+ sc->wi_debug.wi_txsupp = 1;
+ break;
+ case WI_DEBUG_MONITOR:
+ sc->wi_debug.wi_monitor = 1;
+ break;
+ case WI_DEBUG_LEDTEST:
+ param0 = wreq->wi_val[0];
+ param1 = wreq->wi_val[1];
+ sc->wi_debug.wi_ledtest = 1;
+ sc->wi_debug.wi_ledtest_param0 = param0;
+ sc->wi_debug.wi_ledtest_param1 = param1;
+ break;
+ case WI_DEBUG_CONTTX:
+ param0 = wreq->wi_val[0];
+ sc->wi_debug.wi_conttx = 1;
+ sc->wi_debug.wi_conttx_param0 = param0;
+ break;
+ case WI_DEBUG_STOPTEST:
+ sc->wi_debug.wi_delaysupp = 0;
+ sc->wi_debug.wi_txsupp = 0;
+ sc->wi_debug.wi_monitor = 0;
+ sc->wi_debug.wi_ledtest = 0;
+ sc->wi_debug.wi_ledtest_param0 = 0;
+ sc->wi_debug.wi_ledtest_param1 = 0;
+ sc->wi_debug.wi_conttx = 0;
+ sc->wi_debug.wi_conttx_param0 = 0;
+ sc->wi_debug.wi_contrx = 0;
+ sc->wi_debug.wi_sigstate = 0;
+ sc->wi_debug.wi_sigstate_param0 = 0;
+ break;
+ case WI_DEBUG_CONTRX:
+ sc->wi_debug.wi_contrx = 1;
+ break;
+ case WI_DEBUG_SIGSTATE:
+ param0 = wreq->wi_val[0];
+ sc->wi_debug.wi_sigstate = 1;
+ sc->wi_debug.wi_sigstate_param0 = param0;
+ break;
+ case WI_DEBUG_CONFBITS:
+ param0 = wreq->wi_val[0];
+ param1 = wreq->wi_val[1];
+ sc->wi_debug.wi_confbits = param0;
+ sc->wi_debug.wi_confbits_param0 = param1;
+ break;
+ default:
+ error = EIO;
+ break;
+ }
+
+ if (error)
+ return (error);
+
+ cmd = WI_CMD_DEBUG | (wreq->wi_type << 8);
+ error = wi_cmd(sc, cmd, param0, param1, 0);
+
+ return (error);
+}
diff --git a/sys/dev/wi/if_wi_pccard.c b/sys/dev/wi/if_wi_pccard.c
new file mode 100644
index 000000000000..ce3500390d16
--- /dev/null
+++ b/sys/dev/wi/if_wi_pccard.c
@@ -0,0 +1,212 @@
+/*
+ * Copyright (c) 1997, 1998, 1999
+ * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Bill Paul.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Lucent WaveLAN/IEEE 802.11 PCMCIA driver for FreeBSD.
+ *
+ * Written by Bill Paul <wpaul@ctr.columbia.edu>
+ * Electrical Engineering Department
+ * Columbia University, New York City
+ */
+
+#include <sys/param.h>
+#include <sys/kernel.h>
+#include <sys/socket.h>
+#include <sys/systm.h>
+#include <sys/module.h>
+#include <sys/bus.h>
+
+#include <machine/bus.h>
+#include <machine/resource.h>
+#include <sys/rman.h>
+
+#include <net/if.h>
+#include <net/if_arp.h>
+#include <net/ethernet.h>
+#include <net/if_dl.h>
+#include <net/if_media.h>
+#include <net/if_types.h>
+#include <net/if_ieee80211.h>
+
+#include <dev/pccard/pccardvar.h>
+#if __FreeBSD_version >= 500000
+#include <dev/pccard/pccarddevs.h>
+#endif
+
+#include <dev/wi/if_wavelan_ieee.h>
+#include <dev/wi/wi_hostap.h>
+#include <dev/wi/if_wivar.h>
+#include <dev/wi/if_wireg.h>
+
+#include "card_if.h"
+
+#if !defined(lint)
+static const char rcsid[] =
+ "$FreeBSD$";
+#endif
+
+static int wi_pccard_probe(device_t);
+static int wi_pccard_attach(device_t);
+
+#if __FreeBSD_version < 500000
+static device_method_t wi_pccard_methods[] = {
+ /* Device interface */
+ DEVMETHOD(device_probe, wi_pccard_probe),
+ DEVMETHOD(device_attach, wi_pccard_attach),
+ DEVMETHOD(device_detach, wi_generic_detach),
+ DEVMETHOD(device_shutdown, wi_shutdown),
+
+ { 0, 0 }
+};
+
+#else
+static int wi_pccard_match(device_t);
+
+static device_method_t wi_pccard_methods[] = {
+ /* Device interface */
+ DEVMETHOD(device_probe, pccard_compat_probe),
+ DEVMETHOD(device_attach, pccard_compat_attach),
+ DEVMETHOD(device_detach, wi_generic_detach),
+ DEVMETHOD(device_shutdown, wi_shutdown),
+
+ /* Card interface */
+ DEVMETHOD(card_compat_match, wi_pccard_match),
+ DEVMETHOD(card_compat_probe, wi_pccard_probe),
+ DEVMETHOD(card_compat_attach, wi_pccard_attach),
+
+ { 0, 0 }
+};
+
+#endif
+
+static driver_t wi_pccard_driver = {
+ "wi",
+ wi_pccard_methods,
+ sizeof(struct wi_softc)
+};
+
+DRIVER_MODULE(if_wi, pccard, wi_pccard_driver, wi_devclass, 0, 0);
+
+#if __FreeBSD_version >= 500000
+static const struct pccard_product wi_pccard_products[] = {
+ PCMCIA_CARD(3COM, 3CRWE737A, 0),
+ PCMCIA_CARD(3COM, 3CRWE777A, 0),
+ PCMCIA_CARD(ACTIONTEC, HWC01170, 0),
+ PCMCIA_CARD(ADDTRON, AWP100, 0),
+ PCMCIA_CARD(BUFFALO, WLI_PCM_S11, 0),
+ PCMCIA_CARD(BUFFALO, WLI_CF_S11G, 0),
+ PCMCIA_CARD(COMPAQ, NC5004, 0),
+ PCMCIA_CARD(CONTEC, FX_DS110_PCC, 0),
+ PCMCIA_CARD(COREGA, WIRELESS_LAN_PCC_11, 0),
+ PCMCIA_CARD(COREGA, WIRELESS_LAN_PCCA_11, 0),
+ PCMCIA_CARD(COREGA, WIRELESS_LAN_PCCB_11, 0),
+ PCMCIA_CARD(ELSA, XI300_IEEE, 0),
+ PCMCIA_CARD(ELSA, XI800_IEEE, 0),
+ PCMCIA_CARD(EMTAC, WLAN, 0),
+ PCMCIA_CARD(ERICSSON, WIRELESSLAN, 0),
+ PCMCIA_CARD(GEMTEK, WLAN, 0),
+ PCMCIA_CARD(HWN, AIRWAY80211, 0),
+ PCMCIA_CARD(INTEL, PRO_WLAN_2011, 0),
+ PCMCIA_CARD(INTERSIL, PRISM2, 0),
+ PCMCIA_CARD(IODATA2, WNB11PCM, 0),
+ PCMCIA_CARD(LINKSYS2, IWN, 0),
+ PCMCIA_CARD(LINKSYS2, IWN2, 0),
+ /* Now that we do PRISM detection, I don't think we need these - imp */
+ PCMCIA_CARD2(LUCENT, WAVELAN_IEEE, NANOSPEED_PRISM2, 0),
+ PCMCIA_CARD2(LUCENT, WAVELAN_IEEE, NEC_CMZ_RT_WP, 0),
+ PCMCIA_CARD2(LUCENT, WAVELAN_IEEE, NTT_ME_WLAN, 0),
+ PCMCIA_CARD2(LUCENT, WAVELAN_IEEE, SMC_2632W, 0),
+ /* Must be after other LUCENT ones because it is less specific */
+ PCMCIA_CARD(LUCENT, WAVELAN_IEEE, 0),
+ PCMCIA_CARD(PROXIM, RANGELANDS_8430, 0),
+ PCMCIA_CARD(SAMSUNG, SWL_2000N, 0),
+ PCMCIA_CARD(SIMPLETECH, SPECTRUM24_ALT, 0),
+ PCMCIA_CARD(SOCKET, LP_WLAN_CF, 0),
+ PCMCIA_CARD(SYMBOL, LA4100, 0),
+ PCMCIA_CARD(TDK, LAK_CD011WL, 0),
+ { NULL }
+};
+
+static int
+wi_pccard_match(dev)
+ device_t dev;
+{
+ const struct pccard_product *pp;
+
+ if ((pp = pccard_product_lookup(dev, wi_pccard_products,
+ sizeof(wi_pccard_products[0]), NULL)) != NULL) {
+ device_set_desc(dev, pp->pp_name);
+ return 0;
+ }
+ return ENXIO;
+}
+#endif
+
+static int
+wi_pccard_probe(dev)
+ device_t dev;
+{
+ struct wi_softc *sc;
+ int error;
+
+ sc = device_get_softc(dev);
+ sc->wi_gone = 0;
+ sc->wi_bus_type = WI_BUS_PCCARD;
+
+ error = wi_alloc(dev, 0);
+ if (error)
+ return (error);
+
+ wi_free(dev);
+
+ /* Make sure interrupts are disabled. */
+ CSR_WRITE_2(sc, WI_INT_EN, 0);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
+
+ return (0);
+}
+
+static int
+wi_pccard_attach(device_t dev)
+{
+ struct wi_softc *sc;
+ int error;
+
+ sc = device_get_softc(dev);
+
+ error = wi_alloc(dev, 0);
+ if (error) {
+ device_printf(dev, "wi_alloc() failed! (%d)\n", error);
+ return (error);
+ }
+ return (wi_generic_attach(dev));
+}
diff --git a/sys/dev/wi/if_wi_pci.c b/sys/dev/wi/if_wi_pci.c
new file mode 100644
index 000000000000..8f6174687e2a
--- /dev/null
+++ b/sys/dev/wi/if_wi_pci.c
@@ -0,0 +1,234 @@
+/*
+ * Copyright (c) 1997, 1998, 1999
+ * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Bill Paul.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+/*
+ * Lucent WaveLAN/IEEE 802.11 PCMCIA driver for FreeBSD.
+ *
+ * Written by Bill Paul <wpaul@ctr.columbia.edu>
+ * Electrical Engineering Department
+ * Columbia University, New York City
+ */
+
+#include <sys/param.h>
+#include <sys/kernel.h>
+#include <sys/socket.h>
+#include <sys/systm.h>
+#include <sys/module.h>
+#include <sys/bus.h>
+
+#include <machine/bus.h>
+#include <machine/resource.h>
+#include <machine/clock.h>
+#include <sys/rman.h>
+
+#include <pci/pcireg.h>
+#include <pci/pcivar.h>
+
+#include <net/if.h>
+#include <net/if_arp.h>
+#include <net/ethernet.h>
+#include <net/if_media.h>
+#include <net/if_types.h>
+#include <net/if_ieee80211.h>
+
+#include <dev/wi/if_wavelan_ieee.h>
+#include <dev/wi/wi_hostap.h>
+#include <dev/wi/if_wivar.h>
+#include <dev/wi/if_wireg.h>
+
+static int wi_pci_probe(device_t);
+static int wi_pci_attach(device_t);
+
+static device_method_t wi_pci_methods[] = {
+ /* Device interface */
+ DEVMETHOD(device_probe, wi_pci_probe),
+ DEVMETHOD(device_attach, wi_pci_attach),
+ DEVMETHOD(device_detach, wi_generic_detach),
+ DEVMETHOD(device_shutdown, wi_shutdown),
+
+ { 0, 0 }
+};
+
+static driver_t wi_pci_driver = {
+ "wi",
+ wi_pci_methods,
+ sizeof(struct wi_softc)
+};
+
+static struct {
+ unsigned int vendor,device;
+ int bus_type;
+ char *desc;
+} pci_ids[] = {
+ /* Sorted by description */
+ {0x10b7, 0x7770, WI_BUS_PCI_PLX, "3Com Airconnect"},
+ {0x16ab, 0x1101, WI_BUS_PCI_PLX, "GLPRISM2 WaveLAN"},
+ {0x1260, 0x3873, WI_BUS_PCI_NATIVE, "Intersil Prism2.5"},
+ {0x16ab, 0x1102, WI_BUS_PCI_PLX, "Linksys WDT11"},
+ {0x1385, 0x4100, WI_BUS_PCI_PLX, "Netgear MA301"},
+ {0x1638, 0x1100, WI_BUS_PCI_PLX, "PRISM2STA WaveLAN"},
+ {0x111a, 0x1023, WI_BUS_PCI_PLX, "Siemens SpeedStream"},
+ {0, 0, 0, NULL}
+};
+
+DRIVER_MODULE(if_wi, pci, wi_pci_driver, wi_devclass, 0, 0);
+
+static int
+wi_pci_probe(dev)
+ device_t dev;
+{
+ struct wi_softc *sc;
+ int i;
+
+ sc = device_get_softc(dev);
+ for(i=0; pci_ids[i].vendor != 0; i++) {
+ if ((pci_get_vendor(dev) == pci_ids[i].vendor) &&
+ (pci_get_device(dev) == pci_ids[i].device)) {
+ sc->wi_bus_type = pci_ids[i].bus_type;
+ device_set_desc(dev, pci_ids[i].desc);
+ return (0);
+ }
+ }
+ return(ENXIO);
+}
+
+static int
+wi_pci_attach(device_t dev)
+{
+ struct wi_softc *sc;
+ u_int32_t command, wanted;
+ u_int16_t reg;
+ int error;
+ int timeout;
+
+ sc = device_get_softc(dev);
+
+ command = pci_read_config(dev, PCIR_COMMAND, 4);
+ wanted = PCIM_CMD_PORTEN|PCIM_CMD_MEMEN;
+ command |= wanted;
+ pci_write_config(dev, PCIR_COMMAND, command, 4);
+ command = pci_read_config(dev, PCIR_COMMAND, 4);
+ if ((command & wanted) != wanted) {
+ device_printf(dev, "wi_pci_attach() failed to enable pci!\n");
+ return (ENXIO);
+ }
+
+ if (sc->wi_bus_type != WI_BUS_PCI_NATIVE) {
+ error = wi_alloc(dev, WI_PCI_IORES);
+ if (error)
+ return (error);
+
+ /* Make sure interrupts are disabled. */
+ CSR_WRITE_2(sc, WI_INT_EN, 0);
+ CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
+
+ /* We have to do a magic PLX poke to enable interrupts */
+ sc->local_rid = WI_PCI_LOCALRES;
+ sc->local = bus_alloc_resource(dev, SYS_RES_IOPORT,
+ &sc->local_rid, 0, ~0, 1, RF_ACTIVE);
+ sc->wi_localtag = rman_get_bustag(sc->local);
+ sc->wi_localhandle = rman_get_bushandle(sc->local);
+ command = bus_space_read_4(sc->wi_localtag, sc->wi_localhandle,
+ WI_LOCAL_INTCSR);
+ command |= WI_LOCAL_INTEN;
+ bus_space_write_4(sc->wi_localtag, sc->wi_localhandle,
+ WI_LOCAL_INTCSR, command);
+ bus_release_resource(dev, SYS_RES_IOPORT, sc->local_rid,
+ sc->local);
+ sc->local = NULL;
+
+ sc->mem_rid = WI_PCI_MEMRES;
+ sc->mem = bus_alloc_resource(dev, SYS_RES_MEMORY, &sc->mem_rid,
+ 0, ~0, 1, RF_ACTIVE);
+ if (sc->mem == NULL) {
+ device_printf(dev, "couldn't allocate memory\n");
+ wi_free(dev);
+ return (ENXIO);
+ }
+ sc->wi_bmemtag = rman_get_bustag(sc->mem);
+ sc->wi_bmemhandle = rman_get_bushandle(sc->mem);
+
+ /*
+ * From Linux driver:
+ * Write COR to enable PC card
+ * This is a subset of the protocol that the pccard bus code
+ * would do.
+ */
+ CSM_WRITE_1(sc, WI_COR_OFFSET, WI_COR_VALUE);
+ reg = CSM_READ_1(sc, WI_COR_OFFSET);
+ if (reg != WI_COR_VALUE) {
+ device_printf(dev, "CSM_READ_1(WI_COR_OFFSET) "
+ "wanted %d, got %d\n", WI_COR_VALUE, reg);
+ wi_free(dev);
+ return (ENXIO);
+ }
+ } else {
+ error = wi_alloc(dev, WI_PCI_LMEMRES);
+ if (error)
+ return (error);
+
+ CSR_WRITE_2(sc, WI_HFA384X_PCICOR_OFF, 0x0080);
+ DELAY(250000);
+
+ CSR_WRITE_2(sc, WI_HFA384X_PCICOR_OFF, 0x0000);
+ DELAY(500000);
+
+ timeout=2000000;
+ while ((--timeout > 0) &&
+ (CSR_READ_2(sc, WI_COMMAND) & WI_CMD_BUSY))
+ DELAY(10);
+
+ if (timeout == 0) {
+ device_printf(dev, "couldn't reset prism2.5 core.\n");
+ wi_free(dev);
+ return(ENXIO);
+ }
+ }
+
+ CSR_WRITE_2(sc, WI_HFA384X_SWSUPPORT0_OFF, WI_PRISM2STA_MAGIC);
+ reg = CSR_READ_2(sc, WI_HFA384X_SWSUPPORT0_OFF);
+ if (reg != WI_PRISM2STA_MAGIC) {
+ device_printf(dev,
+ "CSR_READ_2(WI_HFA384X_SWSUPPORT0_OFF) "
+ "wanted %d, got %d\n", WI_PRISM2STA_MAGIC, reg);
+ wi_free(dev);
+ return (ENXIO);
+ }
+
+ error = wi_generic_attach(dev);
+ if (error != 0)
+ return (error);
+
+ return (0);
+}
diff --git a/sys/dev/wi/if_wireg.h b/sys/dev/wi/if_wireg.h
new file mode 100644
index 000000000000..7a0298702b39
--- /dev/null
+++ b/sys/dev/wi/if_wireg.h
@@ -0,0 +1,628 @@
+/*
+ * Copyright (c) 1997, 1998, 1999
+ * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Bill Paul.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#define WI_DELAY 5
+#define WI_TIMEOUT (500000/WI_DELAY) /* 500 ms */
+
+#define WI_PORT0 0
+#define WI_PORT1 1
+#define WI_PORT2 2
+#define WI_PORT3 3
+#define WI_PORT4 4
+#define WI_PORT5 5
+
+#define WI_PCI_LMEMRES 0x10 /* PCI Memory (native PCI implementations) */
+#define WI_PCI_LOCALRES 0x14 /* The PLX chip's local registers */
+#define WI_PCI_MEMRES 0x18 /* The PCCard's attribute memory */
+#define WI_PCI_IORES 0x1C /* The PCCard's I/O space */
+
+#define WI_LOCAL_INTCSR 0x4c
+#define WI_LOCAL_INTEN 0x40
+#define WI_HFA384X_SWSUPPORT0_OFF 0x28
+#define WI_PRISM2STA_MAGIC 0x4A2D
+#define WI_HFA384X_PCICOR_OFF 0x26
+
+/* Default port: 0 (only 0 exists on stations) */
+#define WI_DEFAULT_PORT (WI_PORT0 << 8)
+
+/* Default TX rate: 2Mbps, auto fallback */
+#define WI_DEFAULT_TX_RATE 3
+
+/* Default network name: ANY */
+/*
+ * [sommerfeld 1999/07/15] Changed from "ANY" to ""; according to Bill Fenner,
+ * ANY is used in MS driver user interfaces, while "" is used over the
+ * wire..
+ */
+#define WI_DEFAULT_NETNAME ""
+
+#define WI_DEFAULT_AP_DENSITY 1
+
+#define WI_DEFAULT_RTS_THRESH 2347
+
+#define WI_DEFAULT_DATALEN 2304
+
+#define WI_DEFAULT_CREATE_IBSS 0
+
+#define WI_DEFAULT_PM_ENABLED 0
+
+#define WI_DEFAULT_MAX_SLEEP 100
+
+#define WI_DEFAULT_ROAMING 1
+
+#define WI_DEFAULT_AUTHTYPE 1
+
+#ifdef __NetBSD__
+#define OS_STRING_NAME "NetBSD"
+#endif
+#ifdef __FreeBSD__
+#define OS_STRING_NAME "FreeBSD"
+#endif
+#ifdef __OpenBSD__
+#define OS_STRING_NAME "OpenBSD"
+#endif
+
+#define WI_DEFAULT_NODENAME OS_STRING_NAME " WaveLAN/IEEE node"
+
+#define WI_DEFAULT_IBSS OS_STRING_NAME " IBSS"
+
+#define WI_DEFAULT_CHAN 3
+
+#define WI_BUS_PCCARD 0 /* pccard device */
+#define WI_BUS_PCI_PLX 1 /* PCI card w/ PLX PCI/PCMICA bridge */
+#define WI_BUS_PCI_NATIVE 2 /* native PCI device (Prism 2.5) */
+
+/*
+ * register space access macros
+ */
+#define CSR_WRITE_4(sc, reg, val) \
+ bus_space_write_4((sc)->wi_btag, (sc)->wi_bhandle, \
+ (sc)->wi_bus_type == WI_BUS_PCI_NATIVE ? (reg)*2 : (reg), val)
+#define CSR_WRITE_2(sc, reg, val) \
+ bus_space_write_2((sc)->wi_btag, (sc)->wi_bhandle, \
+ (sc)->wi_bus_type == WI_BUS_PCI_NATIVE ? (reg)*2 : (reg), val)
+#define CSR_WRITE_1(sc, reg, val) \
+ bus_space_write_1((sc)->wi_btag, (sc)->wi_bhandle, \
+ (sc)->wi_bus_type == WI_BUS_PCI_NATIVE ? (reg)*2 : (reg), val)
+
+#define CSR_READ_4(sc, reg) \
+ bus_space_read_4((sc)->wi_btag, (sc)->wi_bhandle, \
+ (sc)->wi_bus_type == WI_BUS_PCI_NATIVE ? (reg)*2 : (reg))
+#define CSR_READ_2(sc, reg) \
+ bus_space_read_2((sc)->wi_btag, (sc)->wi_bhandle, \
+ (sc)->wi_bus_type == WI_BUS_PCI_NATIVE ? (reg)*2 : (reg))
+#define CSR_READ_1(sc, reg) \
+ bus_space_read_1((sc)->wi_btag, (sc)->wi_bhandle, \
+ (sc)->wi_bus_type == WI_BUS_PCI_NATIVE ? (reg)*2 : (reg))
+
+#define CSM_WRITE_1(sc, off, val) \
+ bus_space_write_1((sc)->wi_bmemtag, (sc)->wi_bmemhandle, off, val)
+
+#define CSM_READ_1(sc, off) \
+ bus_space_read_1((sc)->wi_bmemtag, (sc)->wi_bmemhandle, off)
+
+/*
+ * The WaveLAN/IEEE cards contain an 802.11 MAC controller which Lucent
+ * calls 'Hermes.' In typical fashion, getting documentation about this
+ * controller is about as easy as squeezing blood from a stone. Here
+ * is more or less what I know:
+ *
+ * - The Hermes controller is firmware driven, and the host interacts
+ * with the Hermes via a firmware interface, which can change.
+ *
+ * - The Hermes is described in a document called: "Hermes Firmware
+ * WaveLAN/IEEE Station Functions," document #010245, which of course
+ * Lucent will not release without an NDA.
+ *
+ * - Lucent has created a library called HCF (Hardware Control Functions)
+ * though which it wants developers to interact with the card. The HCF
+ * is needlessly complex, ill conceived and badly documented. Actually,
+ * the comments in the HCP code itself aren't bad, but the publically
+ * available manual that comes with it is awful, probably due largely to
+ * the fact that it has been emasculated in order to hide information
+ * that Lucent wants to keep proprietary. The purpose of the HCF seems
+ * to be to insulate the driver programmer from the Hermes itself so that
+ * Lucent has an excuse not to release programming in for it.
+ *
+ * - Lucent only makes available documentation and code for 'HCF Light'
+ * which is a stripped down version of HCF with certain features not
+ * implemented, most notably support for 802.11 frames.
+ *
+ * - The HCF code which I have seen blows goats. Whoever decided to
+ * use a 132 column format should be shot.
+ *
+ * Rather than actually use the Lucent HCF library, I have stripped all
+ * the useful information from it and used it to create a driver in the
+ * usual BSD form. Note: I don't want to hear anybody whining about the
+ * fact that the Lucent code is GPLed and mine isn't. I did not actually
+ * put any of Lucent's code in this driver: I only used it as a reference
+ * to obtain information about the underlying hardware. The Hermes
+ * programming interface is not GPLed, so bite me.
+ */
+
+/*
+ * Size of Hermes & Prism2 I/O space.
+ */
+#define WI_IOSIZ 0x40
+
+/*
+ * Hermes & Prism2 register definitions
+ */
+
+/* Hermes command/status registers. */
+#define WI_COMMAND 0x00
+#define WI_PARAM0 0x02
+#define WI_PARAM1 0x04
+#define WI_PARAM2 0x06
+#define WI_STATUS 0x08
+#define WI_RESP0 0x0A
+#define WI_RESP1 0x0C
+#define WI_RESP2 0x0E
+
+/* Command register values. */
+#define WI_CMD_BUSY 0x8000 /* busy bit */
+#define WI_CMD_INI 0x0000 /* initialize */
+#define WI_CMD_ENABLE 0x0001 /* enable */
+#define WI_CMD_DISABLE 0x0002 /* disable */
+#define WI_CMD_DIAG 0x0003
+#define WI_CMD_ALLOC_MEM 0x000A /* allocate NIC memory */
+#define WI_CMD_TX 0x000B /* transmit */
+#define WI_CMD_NOTIFY 0x0010
+#define WI_CMD_INQUIRE 0x0011
+#define WI_CMD_ACCESS 0x0021
+#define WI_CMD_PROGRAM 0x0022
+
+#define WI_CMD_CODE_MASK 0x003F
+
+/*
+ * Reclaim qualifier bit, applicable to the
+ * TX and INQUIRE commands.
+ */
+#define WI_RECLAIM 0x0100 /* reclaim NIC memory */
+
+/*
+ * ACCESS command qualifier bits.
+ */
+#define WI_ACCESS_READ 0x0000
+#define WI_ACCESS_WRITE 0x0100
+
+/*
+ * PROGRAM command qualifier bits.
+ */
+#define WI_PROGRAM_DISABLE 0x0000
+#define WI_PROGRAM_ENABLE_RAM 0x0100
+#define WI_PROGRAM_ENABLE_NVRAM 0x0200
+#define WI_PROGRAM_NVRAM 0x0300
+
+/* Status register values */
+#define WI_STAT_CMD_CODE 0x003F
+#define WI_STAT_DIAG_ERR 0x0100
+#define WI_STAT_INQ_ERR 0x0500
+#define WI_STAT_CMD_RESULT 0x7F00
+
+/* memory handle management registers */
+#define WI_INFO_FID 0x10
+#define WI_RX_FID 0x20
+#define WI_ALLOC_FID 0x22
+#define WI_TX_CMP_FID 0x24
+
+/*
+ * Buffer Access Path (BAP) registers.
+ * These are I/O channels. I believe you can use each one for
+ * any desired purpose independently of the other. In general
+ * though, we use BAP1 for reading and writing LTV records and
+ * reading received data frames, and BAP0 for writing transmit
+ * frames. This is a convention though, not a rule.
+ */
+#define WI_SEL0 0x18
+#define WI_SEL1 0x1A
+#define WI_OFF0 0x1C
+#define WI_OFF1 0x1E
+#define WI_DATA0 0x36
+#define WI_DATA1 0x38
+#define WI_BAP0 WI_DATA0
+#define WI_BAP1 WI_DATA1
+
+#define WI_OFF_BUSY 0x8000
+#define WI_OFF_ERR 0x4000
+#define WI_OFF_DATAOFF 0x0FFF
+
+/* Event registers */
+#define WI_EVENT_STAT 0x30 /* Event status */
+#define WI_INT_EN 0x32 /* Interrupt enable/disable */
+#define WI_EVENT_ACK 0x34 /* Ack event */
+
+/* Events */
+#define WI_EV_TICK 0x8000 /* aux timer tick */
+#define WI_EV_RES 0x4000 /* controller h/w error (time out) */
+#define WI_EV_INFO_DROP 0x2000 /* no RAM to build unsolicited frame */
+#define WI_EV_NO_CARD 0x0800 /* card removed (hunh?) */
+#define WI_EV_DUIF_RX 0x0400 /* wavelan management packet received */
+#define WI_EV_INFO 0x0080 /* async info frame */
+#define WI_EV_CMD 0x0010 /* command completed */
+#define WI_EV_ALLOC 0x0008 /* async alloc/reclaim completed */
+#define WI_EV_TX_EXC 0x0004 /* async xmit completed with failure */
+#define WI_EV_TX 0x0002 /* async xmit completed succesfully */
+#define WI_EV_RX 0x0001 /* async rx completed */
+
+#define WI_INTRS \
+ (WI_EV_RX|WI_EV_TX|WI_EV_TX_EXC|WI_EV_ALLOC|WI_EV_INFO|WI_EV_INFO_DROP)
+
+/* Host software registers */
+#define WI_SW0 0x28
+#define WI_SW1 0x2A
+#define WI_SW2 0x2C
+#define WI_SW3 0x2E /* does not appear in Prism2 */
+
+#define WI_CNTL 0x14
+
+#define WI_CNTL_AUX_ENA 0xC000
+#define WI_CNTL_AUX_ENA_STAT 0xC000
+#define WI_CNTL_AUX_DIS_STAT 0x0000
+#define WI_CNTL_AUX_ENA_CNTL 0x8000
+#define WI_CNTL_AUX_DIS_CNTL 0x4000
+
+#define WI_AUX_PAGE 0x3A
+#define WI_AUX_OFFSET 0x3C
+#define WI_AUX_DATA 0x3E
+
+#define WI_COR_OFFSET 0x3e0
+#define WI_COR_VALUE 0x41
+
+/*
+ * One form of communication with the Hermes is with what Lucent calls
+ * LTV records, where LTV stands for Length, Type and Value. The length
+ * and type are 16 bits and are in native byte order. The value is in
+ * multiples of 16 bits and is in little endian byte order.
+ */
+struct wi_ltv_gen {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_val;
+};
+
+struct wi_ltv_str {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_str[17];
+};
+
+#define WI_SETVAL(recno, val) \
+ do { \
+ struct wi_ltv_gen g; \
+ \
+ g.wi_len = 2; \
+ g.wi_type = recno; \
+ g.wi_val = htole16(val); \
+ wi_write_record(sc, &g); \
+ } while (0)
+
+#define WI_SETSTR(recno, str) \
+ do { \
+ struct wi_ltv_str s; \
+ int l; \
+ \
+ l = (strlen(str) + 1) & ~0x1; \
+ bzero((char *)&s, sizeof(s)); \
+ s.wi_len = (l / 2) + 2; \
+ s.wi_type = recno; \
+ s.wi_str[0] = htole16(strlen(str)); \
+ bcopy(str, (char *)&s.wi_str[1], strlen(str)); \
+ wi_write_record(sc, (struct wi_ltv_gen *)&s); \
+ } while (0)
+
+/*
+ * Download buffer location and length (0xFD01).
+ */
+struct wi_ltv_dnld_buf {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_buf_pg; /* page addr of intermediate dl buf*/
+ u_int16_t wi_buf_off; /* offset of idb */
+ u_int16_t wi_buf_len; /* len of idb */
+};
+
+/*
+ * Mem sizes (0xFD02).
+ */
+struct wi_ltv_memsz {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_mem_ram;
+ u_int16_t wi_mem_nvram;
+};
+
+/*
+ * NIC Identification (0xFD0B, 0xFD20)
+ */
+struct wi_ltv_ver {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_ver[4];
+};
+
+/* define card ident */
+#define WI_NIC_LUCENT_ID 0x0001
+#define WI_NIC_LUCENT_STR "Lucent Technologies, WaveLAN/IEEE"
+
+#define WI_NIC_SONY_ID 0x0002
+#define WI_NIC_SONY_STR "Sony WaveLAN/IEEE"
+
+#define WI_NIC_LUCENT_EMB_ID 0x0005
+#define WI_NIC_LUCENT_EMB_STR "Lucent Embedded WaveLAN/IEEE"
+
+#define WI_NIC_EVB2_ID 0x8000
+#define WI_NIC_EVB2_STR "RF:PRISM2 MAC:HFA3841"
+
+#define WI_NIC_HWB3763_ID 0x8001
+#define WI_NIC_HWB3763_STR "RF:PRISM2 MAC:HFA3841 CARD:HWB3763 rev.B"
+
+#define WI_NIC_HWB3163_ID 0x8002
+#define WI_NIC_HWB3163_STR "RF:PRISM2 MAC:HFA3841 CARD:HWB3163 rev.A"
+
+#define WI_NIC_HWB3163B_ID 0x8003
+#define WI_NIC_HWB3163B_STR "RF:PRISM2 MAC:HFA3841 CARD:HWB3163 rev.B"
+
+#define WI_NIC_EVB3_ID 0x8004
+#define WI_NIC_EVB3_STR "RF:PRISM2 MAC:HFA3842 CARD:HFA3842 EVAL"
+
+#define WI_NIC_HWB1153_ID 0x8007
+#define WI_NIC_HWB1153_STR "RF:PRISM1 MAC:HFA3841 CARD:HWB1153"
+
+#define WI_NIC_P2_SST_ID 0x8008 /* Prism2 with SST flush */
+#define WI_NIC_P2_SST_STR "RF:PRISM2 MAC:HFA3841 CARD:HWB3163-SST-flash"
+
+#define WI_NIC_EVB2_SST_ID 0x8009
+#define WI_NIC_EVB2_SST_STR "RF:PRISM2 MAC:HFA3841 CARD:HWB3163-SST-flash"
+
+#define WI_NIC_3842_EVA_ID 0x800A /* 3842 Evaluation Board */
+#define WI_NIC_3842_EVA_STR "RF:PRISM2 MAC:HFA3842 CARD:HFA3842 EVAL"
+
+#define WI_NIC_3842_PCMCIA_AMD_ID 0x800B /* Prism2.5 PCMCIA */
+#define WI_NIC_3842_PCMCIA_SST_ID 0x800C
+#define WI_NIC_3842_PCMCIA_ATM_ID 0x800D
+#define WI_NIC_3842_PCMCIA_STR "RF:PRISM2.5 MAC:ISL3873"
+
+#define WI_NIC_3842_MINI_AMD_ID 0x8012 /* Prism2.5 Mini-PCI */
+#define WI_NIC_3842_MINI_SST_ID 0x8013
+#define WI_NIC_3842_MINI_ATM_ID 0x8014
+#define WI_NIC_3842_MINI_STR "RF:PRISM2.5 MAC:ISL3874A(Mini-PCI)"
+
+#define WI_NIC_3842_PCI_AMD_ID 0x8016 /* Prism2.5 PCI-bridge */
+#define WI_NIC_3842_PCI_SST_ID 0x8017
+#define WI_NIC_3842_PCI_ATM_ID 0x8018
+#define WI_NIC_3842_PCI_STR "RF:PRISM2.5 MAC:ISL3874A(PCI-bridge)"
+
+#define WI_NIC_P3_PCMCIA_AMD_ID 0x801A /* Prism3 PCMCIA */
+#define WI_NIC_P3_PCMCIA_SST_ID 0x801B
+#define WI_NIC_P3_PCMCIA_STR "RF:PRISM3(PCMCIA)"
+
+#define WI_NIC_P3_MINI_AMD_ID 0x8021 /* Prism3 Mini-PCI */
+#define WI_NIC_P3_MINI_SST_ID 0x8022
+#define WI_NIC_P3_MINI_STR "RF:PRISM3(Mini-PCI)"
+
+/*
+ * List of intended regulatory domains (0xFD11).
+ */
+struct wi_ltv_domains {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_domains[6];
+};
+
+/*
+ * CIS struct (0xFD13).
+ */
+struct wi_ltv_cis {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_cis[240];
+};
+
+/*
+ * Communications quality (0xFD43).
+ */
+struct wi_ltv_commqual {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_coms_qual;
+ u_int16_t wi_sig_lvl;
+ u_int16_t wi_noise_lvl;
+};
+
+/*
+ * Actual system scale thresholds (0xFC06, 0xFD46).
+ */
+struct wi_ltv_scalethresh {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_energy_detect;
+ u_int16_t wi_carrier_detect;
+ u_int16_t wi_defer;
+ u_int16_t wi_cell_search;
+ u_int16_t wi_out_of_range;
+ u_int16_t wi_delta_snr;
+};
+
+/*
+ * PCF info struct (0xFD87).
+ */
+struct wi_ltv_pcf {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_energy_detect;
+ u_int16_t wi_carrier_detect;
+ u_int16_t wi_defer;
+ u_int16_t wi_cell_search;
+ u_int16_t wi_range;
+};
+
+/*
+ * Connection control characteristics. (0xFC00)
+ * 0 == IBSS (802.11 compliant mode) (Only PRISM2)
+ * 1 == Basic Service Set (BSS)
+ * 2 == Wireless Distribudion System (WDS)
+ * 3 == Pseudo IBSS
+ * (Only PRISM2; not 802.11 compliant mode, testing use only)
+ * 6 == HOST AP (Only PRISM2)
+ */
+#define WI_PORTTYPE_IBSS 0x0
+#define WI_PORTTYPE_BSS 0x1
+#define WI_PORTTYPE_WDS 0x2
+#define WI_PORTTYPE_ADHOC 0x3
+#define WI_PORTTYPE_AP 0x6
+
+/*
+ * Mac addresses. (0xFC01, 0xFC08)
+ */
+struct wi_ltv_macaddr {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_mac_addr[3];
+};
+
+/*
+ * Station set identification (SSID). (0xFC02, 0xFC04)
+ */
+struct wi_ltv_ssid {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_id[17];
+};
+
+/*
+ * Set our station name. (0xFC0E)
+ */
+struct wi_ltv_nodename {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ u_int16_t wi_nodename[17];
+};
+
+/*
+ * Multicast addresses to be put in filter. We're
+ * allowed up to 16 addresses in the filter. (0xFC80)
+ */
+struct wi_ltv_mcast {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ struct ether_addr wi_mcast[16];
+};
+
+/*
+ * supported rates. (0xFCB4)
+ */
+#define WI_SUPPRATES_1M 0x0001
+#define WI_SUPPRATES_2M 0x0002
+#define WI_SUPPRATES_5M 0x0004
+#define WI_SUPPRATES_11M 0x0008
+
+/*
+ * Information frame types.
+ */
+#define WI_INFO_NOTIFY 0xF000 /* Handover address */
+#define WI_INFO_COUNTERS 0xF100 /* Statistics counters */
+#define WI_INFO_SCAN_RESULTS 0xF101 /* Scan results */
+#define WI_INFO_LINK_STAT 0xF200 /* Link status */
+#define WI_INFO_ASSOC_STAT 0xF201 /* Association status */
+
+/*
+ * Hermes transmit/receive frame structure
+ */
+struct wi_frame {
+ u_int16_t wi_status; /* 0x00 */
+ u_int16_t wi_rsvd0; /* 0x02 */
+ u_int16_t wi_rsvd1; /* 0x04 */
+ u_int16_t wi_q_info; /* 0x06 */
+ u_int16_t wi_rsvd2; /* 0x08 */
+ u_int8_t wi_tx_rtry; /* 0x0A */
+ u_int8_t wi_tx_rate; /* 0x0B */
+ u_int16_t wi_tx_ctl; /* 0x0C */
+ u_int16_t wi_frame_ctl; /* 0x0E */
+ u_int16_t wi_id; /* 0x10 */
+ u_int8_t wi_addr1[6]; /* 0x12 */
+ u_int8_t wi_addr2[6]; /* 0x18 */
+ u_int8_t wi_addr3[6]; /* 0x1E */
+ u_int16_t wi_seq_ctl; /* 0x24 */
+ u_int8_t wi_addr4[6]; /* 0x26 */
+ u_int16_t wi_dat_len; /* 0x2C */
+ u_int8_t wi_dst_addr[6]; /* 0x2E */
+ u_int8_t wi_src_addr[6]; /* 0x34 */
+ u_int16_t wi_len; /* 0x3A */
+ u_int16_t wi_dat[3]; /* 0x3C */ /* SNAP header */
+ u_int16_t wi_type; /* 0x42 */
+};
+
+#define WI_802_3_OFFSET 0x2E
+#define WI_802_11_OFFSET 0x44
+#define WI_802_11_OFFSET_RAW 0x3C
+#define WI_802_11_OFFSET_HDR 0x0E
+
+#define WI_STAT_BADCRC 0x0001
+#define WI_STAT_UNDECRYPTABLE 0x0002
+#define WI_STAT_ERRSTAT 0x0003
+#define WI_STAT_MAC_PORT 0x0700
+#define WI_STAT_1042 0x2000 /* RFC1042 encoded */
+#define WI_STAT_TUNNEL 0x4000 /* Bridge-tunnel encoded */
+#define WI_STAT_WMP_MSG 0x6000 /* WaveLAN-II management protocol */
+#define WI_STAT_MGMT 0x8000 /* 802.11b management frames */
+#define WI_RXSTAT_MSG_TYPE 0xE000
+
+#define WI_ENC_TX_802_3 0x00
+#define WI_ENC_TX_802_11 0x11
+#define WI_ENC_TX_MGMT 0x08
+#define WI_ENC_TX_E_II 0x0E
+
+#define WI_ENC_TX_1042 0x00
+#define WI_ENC_TX_TUNNEL 0xF8
+
+#define WI_TXCNTL_MACPORT 0x00FF
+#define WI_TXCNTL_STRUCTTYPE 0xFF00
+#define WI_TXCNTL_TX_EX 0x0004
+#define WI_TXCNTL_TX_OK 0x0002
+#define WI_TXCNTL_NOCRYPT 0x0080
+
+/*
+ * SNAP (sub-network access protocol) constants for transmission
+ * of IP datagrams over IEEE 802 networks, taken from RFC1042.
+ * We need these for the LLC/SNAP header fields in the TX/RX frame
+ * structure.
+ */
+#define WI_SNAP_K1 0xaa /* assigned global SAP for SNAP */
+#define WI_SNAP_K2 0x00
+#define WI_SNAP_CONTROL 0x03 /* unnumbered information format */
+#define WI_SNAP_WORD0 (WI_SNAP_K1 | (WI_SNAP_K1 << 8))
+#define WI_SNAP_WORD1 (WI_SNAP_K2 | (WI_SNAP_CONTROL << 8))
+#define WI_SNAPHDR_LEN 0x6
+#define WI_FCS_LEN 0x4
diff --git a/sys/dev/wi/if_wivar.h b/sys/dev/wi/if_wivar.h
new file mode 100644
index 000000000000..470ba6d81eb4
--- /dev/null
+++ b/sys/dev/wi/if_wivar.h
@@ -0,0 +1,225 @@
+/*
+ * Copyright (c) 2002
+ * M Warner Losh <imp@freebsd.org>. All rights reserved.
+ * Copyright (c) 1997, 1998, 1999
+ * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Bill Paul.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#define WICACHE /* turn on signal strength cache code */
+#define MAXWICACHE 10
+
+struct wi_counters {
+ u_int32_t wi_tx_unicast_frames;
+ u_int32_t wi_tx_multicast_frames;
+ u_int32_t wi_tx_fragments;
+ u_int32_t wi_tx_unicast_octets;
+ u_int32_t wi_tx_multicast_octets;
+ u_int32_t wi_tx_deferred_xmits;
+ u_int32_t wi_tx_single_retries;
+ u_int32_t wi_tx_multi_retries;
+ u_int32_t wi_tx_retry_limit;
+ u_int32_t wi_tx_discards;
+ u_int32_t wi_rx_unicast_frames;
+ u_int32_t wi_rx_multicast_frames;
+ u_int32_t wi_rx_fragments;
+ u_int32_t wi_rx_unicast_octets;
+ u_int32_t wi_rx_multicast_octets;
+ u_int32_t wi_rx_fcs_errors;
+ u_int32_t wi_rx_discards_nobuf;
+ u_int32_t wi_tx_discards_wrong_sa;
+ u_int32_t wi_rx_WEP_cant_decrypt;
+ u_int32_t wi_rx_msg_in_msg_frags;
+ u_int32_t wi_rx_msg_in_bad_msg_frags;
+};
+
+/*
+ * Encryption controls. We can enable or disable encryption as
+ * well as specify up to 4 encryption keys. We can also specify
+ * which of the four keys will be used for transmit encryption.
+ */
+#define WI_RID_ENCRYPTION 0xFC20
+#define WI_RID_AUTHTYPE 0xFC21
+#define WI_RID_DEFLT_CRYPT_KEYS 0xFCB0
+#define WI_RID_TX_CRYPT_KEY 0xFCB1
+#define WI_RID_WEP_AVAIL 0xFD4F
+#define WI_RID_P2_TX_CRYPT_KEY 0xFC23
+#define WI_RID_P2_CRYPT_KEY0 0xFC24
+#define WI_RID_P2_CRYPT_KEY1 0xFC25
+#define WI_RID_MICROWAVE_OVEN 0xFC25
+#define WI_RID_P2_CRYPT_KEY2 0xFC26
+#define WI_RID_P2_CRYPT_KEY3 0xFC27
+#define WI_RID_P2_ENCRYPTION 0xFC28
+#define WI_RID_ROAMING_MODE 0xFC2D
+#define WI_RID_CUR_TX_RATE 0xFD44 /* current TX rate */
+struct wi_key {
+ u_int16_t wi_keylen;
+ u_int8_t wi_keydat[14];
+};
+
+struct wi_ltv_keys {
+ u_int16_t wi_len;
+ u_int16_t wi_type;
+ struct wi_key wi_keys[4];
+};
+
+struct wi_softc {
+ struct arpcom arpcom;
+ struct ifmedia ifmedia;
+ device_t dev;
+ int wi_unit;
+ struct resource * local;
+ int local_rid;
+ struct resource * iobase;
+ int iobase_rid;
+ struct resource * irq;
+ int irq_rid;
+ struct resource * mem;
+ int mem_rid;
+ bus_space_handle_t wi_localhandle;
+ bus_space_tag_t wi_localtag;
+ bus_space_handle_t wi_bhandle;
+ bus_space_tag_t wi_btag;
+ bus_space_handle_t wi_bmemhandle;
+ bus_space_tag_t wi_bmemtag;
+ void * wi_intrhand;
+ int sc_firmware_type;
+#define WI_NOTYPE 0
+#define WI_LUCENT 1
+#define WI_INTERSIL 2
+#define WI_SYMBOL 3
+ int sc_pri_firmware_ver; /* Primary firmware */
+ int sc_sta_firmware_ver; /* Station firmware */
+ int sc_enabled;
+ int wi_io_addr;
+ int wi_tx_data_id;
+ int wi_tx_mgmt_id;
+ int wi_gone;
+ int wi_if_flags;
+ u_int16_t wi_procframe;
+ u_int16_t wi_ptype;
+ u_int16_t wi_portnum;
+ u_int16_t wi_max_data_len;
+ u_int16_t wi_rts_thresh;
+ u_int16_t wi_ap_density;
+ u_int16_t wi_tx_rate;
+ u_int16_t wi_create_ibss;
+ u_int16_t wi_channel;
+ u_int16_t wi_pm_enabled;
+ u_int16_t wi_mor_enabled;
+ u_int16_t wi_max_sleep;
+ u_int16_t wi_supprates;
+ u_int16_t wi_authtype;
+ u_int16_t wi_roaming;
+ char wi_node_name[32];
+ char wi_net_name[32];
+ char wi_ibss_name[32];
+ u_int8_t wi_txbuf[1596];
+ u_int8_t wi_scanbuf[1596];
+ int wi_scanbuf_len;
+ struct wi_counters wi_stats;
+ int wi_has_wep;
+ int wi_use_wep;
+ int wi_authmode;
+ int wi_tx_key;
+ struct wi_ltv_keys wi_keys;
+#ifdef WICACHE
+ int wi_sigitems;
+ struct wi_sigcache wi_sigcache[MAXWICACHE];
+ int wi_nextitem;
+#endif
+ struct wihap_info wi_hostap_info;
+ u_int32_t wi_icv;
+ int wi_icv_flag;
+ struct callout_handle wi_stat_ch;
+#if __FreeBSD_version >= 500000
+ struct mtx wi_mtx;
+#endif
+ int wi_nic_type;
+ int wi_bus_type; /* Bus attachment type */
+ struct {
+ u_int16_t wi_sleep;
+ u_int16_t wi_delaysupp;
+ u_int16_t wi_txsupp;
+ u_int16_t wi_monitor;
+ u_int16_t wi_ledtest;
+ u_int16_t wi_ledtest_param0;
+ u_int16_t wi_ledtest_param1;
+ u_int16_t wi_conttx;
+ u_int16_t wi_conttx_param0;
+ u_int16_t wi_contrx;
+ u_int16_t wi_sigstate;
+ u_int16_t wi_sigstate_param0;
+ u_int16_t wi_confbits;
+ u_int16_t wi_confbits_param0;
+ } wi_debug;
+
+};
+
+struct wi_card_ident {
+ u_int16_t card_id;
+ char *card_name;
+ u_int8_t firm_type;
+};
+
+#if __FreeBSD_version < 500000
+/*
+ * Various compat hacks/kludges
+ */
+#define le16toh(x) (x)
+#define htole16(x) (x)
+#define ifaddr_byindex(idx) ifnet_addrs[(idx) - 1];
+#define WI_LOCK(_sc, _s) s = splimp()
+#define WI_UNLOCK(_sc, _s) splx(s)
+#define IF_HANDOFF(q, m, ifp) \
+ if (IF_QFULL((q))) { \
+ IF_DROP((q)); \
+ m_freem((m)); \
+ } else { \
+ (ifp)->if_obytes += (m)->m_pkthdr.len; \
+ if ((m)->m_flags & M_MCAST) \
+ (ifp)->if_omcasts++; \
+ IF_ENQUEUE((q), (m)); \
+ if (((ifp)->if_flags & IFF_OACTIVE) == 0) \
+ (*(ifp)->if_start)((ifp)); \
+ }
+#else
+#define WI_LOCK(_sc, _s) _s = 1
+#define WI_UNLOCK(_sc, _s)
+#endif
+
+int wi_generic_attach(device_t);
+int wi_generic_detach(device_t);
+void wi_shutdown(device_t);
+int wi_alloc(device_t, int);
+void wi_free(device_t);
+extern devclass_t wi_devclass;
+int wi_mgmt_xmit(struct wi_softc *, caddr_t, int);
diff --git a/sys/dev/wi/wi_hostap.c b/sys/dev/wi/wi_hostap.c
new file mode 100644
index 000000000000..4224dc710bf3
--- /dev/null
+++ b/sys/dev/wi/wi_hostap.c
@@ -0,0 +1,1266 @@
+/*
+ * Copyright (c) 2002
+ * Thomas Skibo <skibo@pacbell.net>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Thomas Skibo.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Thomas Skibo AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Thomas Skibo OR HIS DRINKING PALS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+/* This is experimental Host AP software for Prism 2 802.11b interfaces.
+ *
+ * Much of this is based upon the "Linux Host AP driver Host AP driver
+ * for Intersil Prism2" by Jouni Malinen <jkm@ssh.com> or <jkmaline@cc.hut.fi>.
+ */
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#if __FreeBSD_version >= 500033
+#include <sys/endian.h>
+#endif
+#include <sys/sockio.h>
+#include <sys/mbuf.h>
+#include <sys/malloc.h>
+#include <sys/kernel.h>
+#include <sys/proc.h>
+#include <sys/ucred.h>
+#include <sys/socket.h>
+#include <sys/module.h>
+#include <sys/queue.h>
+#include <sys/bus.h>
+#include <sys/syslog.h>
+#include <sys/sysctl.h>
+
+#include <machine/bus.h>
+#include <machine/resource.h>
+#include <machine/clock.h>
+#include <machine/md_var.h>
+#include <machine/bus_pio.h>
+#include <sys/rman.h>
+
+#include <net/if.h>
+#include <net/if_arp.h>
+#include <net/ethernet.h>
+#include <net/if_dl.h>
+#include <net/if_media.h>
+#include <net/if_types.h>
+#include <net/if_ieee80211.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/in_var.h>
+#include <netinet/ip.h>
+#include <netinet/if_ether.h>
+
+#include <dev/wi/if_wavelan_ieee.h>
+#include <dev/wi/wi_hostap.h>
+#include <dev/wi/if_wivar.h>
+#include <dev/wi/if_wireg.h>
+
+MALLOC_DEFINE(M_HAP_STA, "hostap_sta", "if_wi host AP mode station entry");
+
+static void wihap_sta_timeout(void *v);
+static struct wihap_sta_info *wihap_sta_alloc(struct wi_softc *sc,
+ u_int8_t *addr);
+static void wihap_sta_delete(struct wihap_sta_info *sta);
+static struct wihap_sta_info *wihap_sta_find(struct wihap_info *whi,
+ u_int8_t *addr);
+static int wihap_sta_is_assoc(struct wihap_info *whi, u_int8_t addr[]);
+static void wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
+ caddr_t pkt, int len);
+static void wihap_sta_deauth(struct wi_softc *sc, u_int8_t sta_addr[],
+ u_int16_t reason);
+static void wihap_deauth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
+ caddr_t pkt, int len);
+static void wihap_assoc_req(struct wi_softc *sc, struct wi_frame *rxfrm,
+ caddr_t pkt, int len);
+static void wihap_sta_disassoc(struct wi_softc *sc,
+ struct wihap_sta_info *sta, u_int16_t reason);
+static void wihap_disassoc_req(struct wi_softc *sc, struct wi_frame *rxfrm,
+ caddr_t pkt, int len);
+
+/*
+ * Spl use in this driver.
+ *
+ * splnet is used everywhere here to block timeouts when we need to do
+ * so.
+ */
+
+/*
+ * take_hword()
+ *
+ * Used for parsing management frames. The pkt pointer and length
+ * variables are updated after the value is removed.
+ */
+static __inline u_int16_t
+take_hword(caddr_t *ppkt, int *plen)
+{
+ u_int16_t s = le16toh(* (u_int16_t *) *ppkt);
+ *ppkt += sizeof(u_int16_t);
+ *plen -= sizeof(u_int16_t);
+ return s;
+}
+
+/* take_tlv()
+ *
+ * Parse out TLV element from a packet, check for underflow of packet
+ * or overflow of buffer, update pkt/len.
+ */
+static int
+take_tlv(caddr_t *ppkt, int *plen, int id_expect, void *dst, int maxlen)
+{
+ u_int8_t id, len;
+
+ if (*plen < 2)
+ return -1;
+
+ id = ((u_int8_t *)*ppkt)[0];
+ len = ((u_int8_t *)*ppkt)[1];
+
+ if (id != id_expect || *plen < len+2 || maxlen < len)
+ return -1;
+
+ bcopy(*ppkt + 2, dst, len);
+ *plen -= 2 + len;
+ *ppkt += 2 + len;
+
+ return (len);
+}
+
+/* put_hword()
+ * Put half-word element into management frames.
+ */
+static __inline void
+put_hword(caddr_t *ppkt, u_int16_t s)
+{
+ * (u_int16_t *) *ppkt = htole16(s);
+ *ppkt += sizeof(u_int16_t);
+}
+
+/* put_tlv()
+ * Put TLV elements into management frames.
+ */
+static void
+put_tlv(caddr_t *ppkt, u_int8_t id, void *src, u_int8_t len)
+{
+ (*ppkt)[0] = id;
+ (*ppkt)[1] = len;
+ bcopy(src, (*ppkt) + 2, len);
+ *ppkt += 2 + len;
+}
+
+static int
+put_rates(caddr_t *ppkt, u_int16_t rates)
+{
+ u_int8_t ratebuf[8];
+ int len = 0;
+
+ if (rates & WI_SUPPRATES_1M)
+ ratebuf[len++] = 0x82;
+ if (rates & WI_SUPPRATES_2M)
+ ratebuf[len++] = 0x84;
+ if (rates & WI_SUPPRATES_5M)
+ ratebuf[len++] = 0x8b;
+ if (rates & WI_SUPPRATES_11M)
+ ratebuf[len++] = 0x96;
+
+ put_tlv(ppkt, IEEE80211_ELEMID_RATES, ratebuf, len);
+ return len;
+}
+
+/* wihap_init()
+ *
+ * Initialize host AP data structures. Called even if port type is
+ * not AP.
+ */
+void
+wihap_init(struct wi_softc *sc)
+{
+ int i;
+ struct wihap_info *whi = &sc->wi_hostap_info;
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_init: sc=0x%x whi=0x%x\n", (int)sc, (int)whi);
+
+ bzero(whi, sizeof(struct wihap_info));
+
+ if (sc->wi_ptype != WI_PORTTYPE_AP)
+ return;
+
+ whi->apflags = WIHAPFL_ACTIVE;
+
+ LIST_INIT(&whi->sta_list);
+ for (i = 0; i < WI_STA_HASH_SIZE; i++)
+ LIST_INIT(&whi->sta_hash[i]);
+
+ whi->inactivity_time = WIHAP_DFLT_INACTIVITY_TIME;
+}
+
+/* wihap_sta_disassoc()
+ *
+ * Send a disassociation frame to a specified station.
+ */
+static void
+wihap_sta_disassoc(struct wi_softc *sc,
+ struct wihap_sta_info *sta, u_int16_t reason)
+{
+ struct wi_80211_hdr *resp_hdr;
+ caddr_t pkt;
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("Sending disassoc to sta %6D\n", sta->addr, ":");
+
+ /* Send disassoc packet. */
+ resp_hdr = (struct wi_80211_hdr *) sc->wi_txbuf;
+ bzero(resp_hdr, sizeof(struct wi_80211_hdr));
+ resp_hdr->frame_ctl = WI_FTYPE_MGMT | WI_STYPE_MGMT_DISAS;
+ pkt = sc->wi_txbuf + sizeof(struct wi_80211_hdr);
+
+ bcopy(sta->addr, resp_hdr->addr1, ETHER_ADDR_LEN);
+ bcopy(sc->arpcom.ac_enaddr, resp_hdr->addr2, ETHER_ADDR_LEN);
+ bcopy(sc->arpcom.ac_enaddr, resp_hdr->addr3, ETHER_ADDR_LEN);
+
+ put_hword(&pkt, reason);
+
+ wi_mgmt_xmit(sc, sc->wi_txbuf, 2 + sizeof(struct wi_80211_hdr));
+}
+
+/* wihap_sta_deauth()
+ *
+ * Send a deauthentication message to a specified station.
+ */
+static void
+wihap_sta_deauth(struct wi_softc *sc, u_int8_t sta_addr[],
+ u_int16_t reason)
+{
+ struct wi_80211_hdr *resp_hdr;
+ caddr_t pkt;
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("Sending deauth to sta %6D\n", sta_addr, ":");
+
+ /* Send deauth packet. */
+ resp_hdr = (struct wi_80211_hdr *) sc->wi_txbuf;
+ bzero(resp_hdr, sizeof(struct wi_80211_hdr));
+ resp_hdr->frame_ctl = htole16(WI_FTYPE_MGMT | WI_STYPE_MGMT_DEAUTH);
+ pkt = sc->wi_txbuf + sizeof(struct wi_80211_hdr);
+
+ bcopy(sta_addr, resp_hdr->addr1, ETHER_ADDR_LEN);
+ bcopy(sc->arpcom.ac_enaddr, resp_hdr->addr2, ETHER_ADDR_LEN);
+ bcopy(sc->arpcom.ac_enaddr, resp_hdr->addr3, ETHER_ADDR_LEN);
+
+ put_hword(&pkt, reason);
+
+ wi_mgmt_xmit(sc, sc->wi_txbuf, 2 + sizeof(struct wi_80211_hdr));
+}
+
+/* wihap_shutdown()
+ *
+ * Disassociate all stations and free up data structures.
+ */
+void
+wihap_shutdown(struct wi_softc *sc)
+{
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ struct wihap_sta_info *sta, *next;
+ int s;
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_shutdown: sc=0x%x whi=0x%x\n",
+ (int)sc, (int)whi);
+
+ if (!(whi->apflags & WIHAPFL_ACTIVE))
+ return;
+
+ /* XXX: I read somewhere you can deauth all the stations with
+ * a single broadcast. Maybe try that someday.
+ */
+
+ s = splnet();
+ sta = LIST_FIRST(&whi->sta_list);
+ while (sta) {
+ untimeout(wihap_sta_timeout, sta, sta->tmo);
+ if (!sc->wi_gone) {
+ /* Disassociate station. */
+ if (sta->flags & WI_SIFLAGS_ASSOC)
+ wihap_sta_disassoc(sc, sta,
+ IEEE80211_REASON_ASSOC_LEAVE);
+ /* Deauth station. */
+ if (sta->flags & WI_SIFLAGS_AUTHEN)
+ wihap_sta_deauth(sc, sta->addr,
+ IEEE80211_REASON_AUTH_LEAVE);
+ }
+
+ /* Delete the structure. */
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_shutdown: FREE(sta=0x%x)\n", (int)sta);
+ next = LIST_NEXT(sta, list);
+ FREE(sta, M_HAP_STA);
+ sta = next;
+ }
+
+ whi->apflags = 0;
+ splx(s);
+}
+
+/* sta_hash_func()
+ * Hash function for finding stations from ethernet address.
+ */
+static __inline int
+sta_hash_func(u_int8_t addr[])
+{
+ return ((addr[3] + addr[4] + addr[5]) % WI_STA_HASH_SIZE);
+}
+
+/* addr_cmp(): Maybe this is a faster way to compare addresses? */
+static __inline int
+addr_cmp(u_int8_t a[], u_int8_t b[])
+{
+ return (*(u_int16_t *)(a + 4) == *(u_int16_t *)(b + 4) &&
+ *(u_int32_t *)(a ) == *(u_int32_t *)(b));
+}
+
+void
+wihap_sta_timeout(void *v)
+{
+ struct wihap_sta_info *sta = v;
+ struct wi_softc *sc = sta->sc;
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ int s;
+
+ s = splnet();
+ if (sta->flags & WI_SIFLAGS_ASSOC) {
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ device_printf(sc->dev, "inactivity disassoc: %6D\n",
+ sta->addr, ":");
+
+ /* Disassoc station. */
+ wihap_sta_disassoc(sc, sta, IEEE80211_REASON_ASSOC_EXPIRE);
+ sta->flags &= ~WI_SIFLAGS_ASSOC;
+
+ sta->tmo = timeout(wihap_sta_timeout, sta,
+ hz * whi->inactivity_time);
+
+ } else if (sta->flags & WI_SIFLAGS_AUTHEN) {
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ device_printf(sc->dev, "inactivity disassoc: %6D\n",
+ sta->addr, ":");
+
+ /* Deauthenticate station. */
+ wihap_sta_deauth(sc, sta->addr, IEEE80211_REASON_AUTH_EXPIRE);
+ sta->flags &= ~WI_SIFLAGS_AUTHEN;
+
+ /* Delete the station if it's not permanent. */
+ if (!(sta->flags & WI_SIFLAGS_PERM))
+ wihap_sta_delete(sta);
+ }
+ splx(s);
+}
+
+/* wihap_sta_delete()
+ * Delete a single station and free up its data structure.
+ */
+static void
+wihap_sta_delete(struct wihap_sta_info *sta)
+{
+ struct wi_softc *sc = sta->sc;
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ int i = sta->asid - 0xc001;
+
+ untimeout(wihap_sta_timeout, sta, sta->tmo);
+
+ whi->asid_inuse_mask[i >> 4] &= ~(1UL << (i & 0xf));
+
+ LIST_REMOVE(sta, list);
+ LIST_REMOVE(sta, hash);
+ if (sta->challenge)
+ FREE(sta->challenge, M_TEMP);
+ FREE(sta, M_HAP_STA);
+ whi->n_stations--;
+}
+
+/* wihap_sta_alloc()
+ *
+ * Create a new station data structure and put it in the list
+ * and hash table.
+ */
+static struct wihap_sta_info *
+wihap_sta_alloc(struct wi_softc *sc, u_int8_t *addr)
+{
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ struct wihap_sta_info *sta;
+ int i, hash = sta_hash_func(addr);
+
+ /* Allocate structure. */
+ MALLOC(sta, struct wihap_sta_info *, sizeof(struct wihap_sta_info),
+ M_HAP_STA, M_NOWAIT);
+ if (sta == NULL)
+ return(NULL);
+
+ bzero(sta, sizeof(struct wihap_sta_info));
+
+ /* Allocate an ASID. */
+ i=hash<<4;
+ while (whi->asid_inuse_mask[i >> 4] & (1UL << (i & 0xf)))
+ i = (i == (WI_STA_HASH_SIZE << 4) - 1) ? 0 : (i + 1);
+ whi->asid_inuse_mask[i >> 4] |= (1UL << (i & 0xf));
+ sta->asid = 0xc001 + i;
+
+ /* Insert in list and hash list. */
+ LIST_INSERT_HEAD(&whi->sta_list, sta, list);
+ LIST_INSERT_HEAD(&whi->sta_hash[hash], sta, hash);
+
+ sta->sc = sc;
+ whi->n_stations++;
+ bcopy(addr, &sta->addr, ETHER_ADDR_LEN);
+
+ return(sta);
+}
+
+/* wihap_sta_find()
+ *
+ * Find station structure given address.
+ */
+static struct wihap_sta_info *
+wihap_sta_find(struct wihap_info *whi, u_int8_t *addr)
+{
+ int i;
+ struct wihap_sta_info *sta;
+
+ i = sta_hash_func(addr);
+ LIST_FOREACH(sta, &whi->sta_hash[i], hash)
+ if (addr_cmp(addr,sta->addr))
+ return sta;
+
+ return (NULL);
+}
+
+static int
+wihap_check_rates(struct wihap_sta_info *sta, u_int8_t rates[], int rates_len)
+{
+ struct wi_softc *sc = sta->sc;
+ int i;
+
+ sta->rates = 0;
+ sta->tx_max_rate = 0;
+ for (i=0; i<rates_len; i++)
+ switch (rates[i] & 0x7f) {
+ case 0x02:
+ sta->rates |= WI_SUPPRATES_1M;
+ break;
+ case 0x04:
+ sta->rates |= WI_SUPPRATES_2M;
+ if (sta->tx_max_rate<1)
+ sta->tx_max_rate = 1;
+ break;
+ case 0x0b:
+ sta->rates |= WI_SUPPRATES_5M;
+ if (sta->tx_max_rate<2)
+ sta->tx_max_rate = 2;
+ break;
+ case 0x16:
+ sta->rates |= WI_SUPPRATES_11M;
+ sta->tx_max_rate = 3;
+ break;
+ }
+
+ sta->rates &= sc->wi_supprates;
+ sta->tx_curr_rate = sta->tx_max_rate;
+
+ return (sta->rates == 0 ? -1 : 0);
+}
+
+
+/* wihap_auth_req()
+ *
+ * Handle incoming authentication request. Only handle OPEN
+ * requests.
+ */
+static void
+wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
+ caddr_t pkt, int len)
+{
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ struct wihap_sta_info *sta;
+
+ u_int16_t algo;
+ u_int16_t seq;
+ u_int16_t status;
+ int i, challenge_len;
+ u_int32_t challenge[32];
+
+ struct wi_80211_hdr *resp_hdr;
+
+ if (len < 6)
+ return;
+
+ /* Break open packet. */
+ algo = take_hword(&pkt, &len);
+ seq = take_hword(&pkt, &len);
+ status = take_hword(&pkt, &len);
+ challenge_len = 0;
+ if (len > 0 && (challenge_len = take_tlv(&pkt, &len,
+ IEEE80211_ELEMID_CHALLENGE, challenge, sizeof(challenge))) < 0)
+ return;
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_auth_req: station %6D algo=0x%x seq=0x%x\n",
+ rxfrm->wi_addr2, ":", algo, seq);
+
+ /* Find or create station info. */
+ sta = wihap_sta_find(whi, rxfrm->wi_addr2);
+ if (sta == NULL) {
+
+ /* Are we allowing new stations?
+ */
+ if (whi->apflags & WIHAPFL_MAC_FILT) {
+ status = IEEE80211_STATUS_OTHER; /* XXX */
+ goto fail;
+ }
+
+ /* Check for too many stations.
+ */
+ if (whi->n_stations >= WIHAP_MAX_STATIONS) {
+ status = IEEE80211_STATUS_TOO_MANY_STATIONS;
+ goto fail;
+ }
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_auth_req: new station\n");
+
+ /* Create new station. */
+ sta = wihap_sta_alloc(sc, rxfrm->wi_addr2);
+ if (sta == NULL) {
+ /* Out of memory! */
+ status = IEEE80211_STATUS_TOO_MANY_STATIONS;
+ goto fail;
+ }
+ }
+
+ /* Note: it's okay to leave the station info structure around
+ * if the authen fails. It'll be timed out eventually.
+ */
+ switch (algo) {
+ case IEEE80211_AUTH_ALG_OPEN:
+ if (sc->wi_authmode != IEEE80211_AUTH_OPEN) {
+ seq = 2;
+ status = IEEE80211_STATUS_ALG;
+ goto fail;
+ }
+ if (seq != 1) {
+ seq = 2;
+ status = IEEE80211_STATUS_SEQUENCE;
+ goto fail;
+ }
+ challenge_len = 0;
+ seq = 2;
+ sta->flags |= WI_SIFLAGS_AUTHEN;
+ break;
+ case IEEE80211_AUTH_ALG_SHARED:
+ if (sc->wi_authmode != IEEE80211_AUTH_SHARED) {
+ seq = 2;
+ status = IEEE80211_STATUS_ALG;
+ goto fail;
+ }
+ switch (seq) {
+ case 1:
+ /* Create a challenge frame. */
+ if (!sta->challenge) {
+ MALLOC(sta->challenge, u_int32_t *, 128,
+ M_TEMP, M_NOWAIT);
+ if (!sta->challenge)
+ return;
+ }
+ for (i = 0; i < 32; i++)
+ challenge[i] = sta->challenge[i] =
+ arc4random();
+ challenge_len = 128;
+ seq = 2;
+ break;
+ case 3:
+ if (challenge_len != 128 || !sta->challenge ||
+ !(le16toh(rxfrm->wi_frame_ctl) & WI_FCTL_WEP)) {
+ status = IEEE80211_STATUS_CHALLENGE;
+ goto fail;
+ }
+ challenge_len = 0;
+ seq = 4;
+
+ /* Check the challenge text. (Was decrypted by
+ * the adapter.)
+ */
+ for (i=0; i<32; i++)
+ if (sta->challenge[i] != challenge[i]) {
+ status = IEEE80211_STATUS_CHALLENGE;
+ FREE(sta->challenge, M_TEMP);
+ sta->challenge = NULL;
+ goto fail;
+ }
+
+ sta->flags |= WI_SIFLAGS_AUTHEN;
+ FREE(sta->challenge, M_TEMP);
+ sta->challenge = NULL;
+ break;
+ default:
+ seq = 2;
+ status = IEEE80211_STATUS_SEQUENCE;
+ goto fail;
+ } /* switch (seq) */
+ break;
+ default:
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_auth_req: algorithm unsupported: 0x%x\n",
+ algo);
+ status = IEEE80211_STATUS_ALG;
+ goto fail;
+ } /* switch (algo) */
+
+ status = IEEE80211_STATUS_SUCCESS;
+
+fail:
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_auth_req: returns status=0x%x\n", status);
+
+ /* Send response. */
+ resp_hdr = (struct wi_80211_hdr *) sc->wi_txbuf;
+ bzero(resp_hdr, sizeof(struct wi_80211_hdr));
+ resp_hdr->frame_ctl = htole16(WI_FTYPE_MGMT | WI_STYPE_MGMT_AUTH);
+ bcopy(rxfrm->wi_addr2, resp_hdr->addr1, ETHER_ADDR_LEN);
+ bcopy(sc->arpcom.ac_enaddr, resp_hdr->addr2, ETHER_ADDR_LEN);
+ bcopy(sc->arpcom.ac_enaddr, resp_hdr->addr3, ETHER_ADDR_LEN);
+
+ pkt = &sc->wi_txbuf[sizeof(struct wi_80211_hdr)];
+ put_hword(&pkt, algo);
+ put_hword(&pkt, seq);
+ put_hword(&pkt, status);
+ if (challenge_len>0)
+ put_tlv(&pkt, IEEE80211_ELEMID_CHALLENGE,
+ challenge, challenge_len);
+
+ wi_mgmt_xmit(sc, sc->wi_txbuf, 6 + sizeof(struct wi_80211_hdr) +
+ (challenge_len > 0 ? challenge_len + 2 : 0) );
+}
+
+
+/* wihap_assoc_req()
+ *
+ * Handle incoming association and reassociation requests.
+ */
+static void
+wihap_assoc_req(struct wi_softc *sc, struct wi_frame *rxfrm,
+ caddr_t pkt, int len)
+{
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ struct wihap_sta_info *sta;
+ struct wi_80211_hdr *resp_hdr;
+ u_int16_t capinfo;
+ u_int16_t lstintvl;
+ u_int8_t rates[8];
+ int ssid_len, rates_len;
+ char ssid[33];
+ u_int16_t status;
+ u_int16_t asid = 0;
+
+ if (len < 8)
+ return;
+
+ /* Pull out request parameters. */
+ capinfo = take_hword(&pkt, &len);
+ lstintvl = take_hword(&pkt, &len);
+ if ((ssid_len = take_tlv(&pkt, &len, IEEE80211_ELEMID_SSID,
+ ssid, sizeof(ssid) - 1))<0)
+ return;
+ ssid[ssid_len] = '\0';
+ if ((rates_len = take_tlv(&pkt, &len, IEEE80211_ELEMID_RATES,
+ rates, sizeof(rates)))<0)
+ return;
+
+ if ((rxfrm->wi_frame_ctl & htole16(WI_FCTL_STYPE)) ==
+ htole16(WI_STYPE_MGMT_REASREQ)) {
+ /* Reassociation Request-- * Current AP. (Ignore?) */
+ if (len < 6)
+ return;
+ }
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_assoc_req: from station %6D\n",
+ rxfrm->wi_addr2, ":");
+
+ /* If SSID doesn't match, simply drop. */
+ if (strcmp(sc->wi_net_name, ssid) != 0) {
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_assoc_req: bad ssid: '%s' != '%s'\n",
+ ssid, sc->wi_net_name);
+ return;
+ }
+
+ /* Is this station authenticated yet? */
+ sta = wihap_sta_find(whi, rxfrm->wi_addr2);
+ if (sta == NULL || !(sta->flags & WI_SIFLAGS_AUTHEN)) {
+ wihap_sta_deauth(sc, rxfrm->wi_addr2,
+ IEEE80211_REASON_NOT_AUTHED);
+ return;
+ }
+
+ /* Check supported rates against ours. */
+ if (wihap_check_rates(sta, rates, rates_len) < 0) {
+ status = IEEE80211_STATUS_RATES;
+ goto fail;
+ }
+
+ /* Check capinfo.
+ * Check for ESS, not IBSS.
+ * Check WEP/PRIVACY flags match.
+ * Refuse stations requesting to be put on CF-polling list.
+ */
+ sta->capinfo = capinfo;
+ status = IEEE80211_STATUS_CAPINFO;
+ if ((capinfo & (IEEE80211_CAPINFO_ESS | IEEE80211_CAPINFO_IBSS)) !=
+ IEEE80211_CAPINFO_ESS) {
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_assoc_req: capinfo mismatch: "
+ "client using IBSS mode\n");
+ goto fail;
+
+ }
+ if ((sc->wi_use_wep && !(capinfo & IEEE80211_CAPINFO_PRIVACY)) ||
+ (!sc->wi_use_wep && (capinfo & IEEE80211_CAPINFO_PRIVACY))) {
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_assoc_req: capinfo mismatch: client "
+ "%susing WEP\n", sc->wi_use_wep ? "not " : "");
+ goto fail;
+ }
+ if ((capinfo & (IEEE80211_CAPINFO_CF_POLLABLE |
+ IEEE80211_CAPINFO_CF_POLLREQ)) == IEEE80211_CAPINFO_CF_POLLABLE) {
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_assoc_req: capinfo mismatch: "
+ "client requested CF polling\n");
+ goto fail;
+ }
+
+ /* Use ASID is allocated by whi_sta_alloc(). */
+ asid = sta->asid;
+
+ if (sta->flags & WI_SIFLAGS_ASSOC) {
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_assoc_req: already assoc'ed?\n");
+ }
+
+ sta->flags |= WI_SIFLAGS_ASSOC;
+ sta->inactivity_timer = whi->inactivity_time;
+ status = IEEE80211_STATUS_SUCCESS;
+
+fail:
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_assoc_req: returns status=0x%x\n", status);
+
+ /* Send response. */
+ resp_hdr = (struct wi_80211_hdr *) sc->wi_txbuf;
+ bzero(resp_hdr, sizeof(struct wi_80211_hdr));
+ resp_hdr->frame_ctl = htole16(WI_FTYPE_MGMT | WI_STYPE_MGMT_ASRESP);
+ pkt = sc->wi_txbuf + sizeof(struct wi_80211_hdr);
+
+ bcopy(rxfrm->wi_addr2, resp_hdr->addr1, ETHER_ADDR_LEN);
+ bcopy(sc->arpcom.ac_enaddr, resp_hdr->addr2, ETHER_ADDR_LEN);
+ bcopy(sc->arpcom.ac_enaddr, resp_hdr->addr3, ETHER_ADDR_LEN);
+
+ put_hword(&pkt, capinfo);
+ put_hword(&pkt, status);
+ put_hword(&pkt, asid);
+ rates_len = put_rates(&pkt, sc->wi_supprates);
+
+ wi_mgmt_xmit(sc, sc->wi_txbuf,
+ 8 + rates_len + sizeof(struct wi_80211_hdr));
+}
+
+/* wihap_deauth_req()
+ *
+ * Handle deauthentication requests. Delete the station.
+ */
+static void
+wihap_deauth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
+ caddr_t pkt, int len)
+{
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ struct wihap_sta_info *sta;
+ u_int16_t reason;
+
+ if (len<2)
+ return;
+
+ reason = take_hword(&pkt, &len);
+
+ sta = wihap_sta_find(whi, rxfrm->wi_addr2);
+ if (sta == NULL) {
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_deauth_req: unknown station: 6D\n",
+ rxfrm->wi_addr2, ":");
+ }
+ else
+ wihap_sta_delete(sta);
+}
+
+/* wihap_disassoc_req()
+ *
+ * Handle disassociation requests. Just reset the assoc flag.
+ * We'll free up the station resources when we get a deauth
+ * request or when it times out.
+ */
+static void
+wihap_disassoc_req(struct wi_softc *sc, struct wi_frame *rxfrm,
+ caddr_t pkt, int len)
+{
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ struct wihap_sta_info *sta;
+ u_int16_t reason;
+
+ if (len < 2)
+ return;
+
+ reason = take_hword(&pkt, &len);
+
+ sta = wihap_sta_find(whi, rxfrm->wi_addr2);
+ if (sta == NULL) {
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_disassoc_req: unknown station: 6D\n",
+ rxfrm->wi_addr2, ":");
+ }
+ else if (!(sta->flags & WI_SIFLAGS_AUTHEN)) {
+ /*
+ * If station is not authenticated, send deauthentication
+ * frame.
+ */
+ wihap_sta_deauth(sc, rxfrm->wi_addr2,
+ IEEE80211_REASON_NOT_AUTHED);
+ return;
+ }
+ else
+ sta->flags &= ~WI_SIFLAGS_ASSOC;
+}
+
+/* wihap_debug_frame_type()
+ *
+ * Print out frame type. Used in early debugging.
+ */
+static __inline void
+wihap_debug_frame_type(struct wi_frame *rxfrm)
+{
+ printf("wihap_mgmt_input: len=%d ", le16toh(rxfrm->wi_dat_len));
+
+ if ((rxfrm->wi_frame_ctl & htole16(WI_FCTL_FTYPE)) ==
+ htole16(WI_FTYPE_MGMT)) {
+
+ printf("MGMT: ");
+
+ switch (le16toh(rxfrm->wi_frame_ctl) & WI_FCTL_STYPE) {
+ case WI_STYPE_MGMT_ASREQ:
+ printf("assoc req: \n");
+ break;
+ case WI_STYPE_MGMT_ASRESP:
+ printf("assoc resp: \n");
+ break;
+ case WI_STYPE_MGMT_REASREQ:
+ printf("reassoc req: \n");
+ break;
+ case WI_STYPE_MGMT_REASRESP:
+ printf("reassoc resp: \n");
+ break;
+ case WI_STYPE_MGMT_PROBEREQ:
+ printf("probe req: \n");
+ break;
+ case WI_STYPE_MGMT_PROBERESP:
+ printf("probe resp: \n");
+ break;
+ case WI_STYPE_MGMT_BEACON:
+ printf("beacon: \n");
+ break;
+ case WI_STYPE_MGMT_ATIM:
+ printf("ann traf ind \n");
+ break;
+ case WI_STYPE_MGMT_DISAS:
+ printf("disassociation: \n");
+ break;
+ case WI_STYPE_MGMT_AUTH:
+ printf("auth: \n");
+ break;
+ case WI_STYPE_MGMT_DEAUTH:
+ printf("deauth: \n");
+ break;
+ default:
+ printf("unknown (stype=0x%x)\n",
+ le16toh(rxfrm->wi_frame_ctl) & WI_FCTL_STYPE);
+ }
+
+ }
+ else {
+ printf("ftype=0x%x (ctl=0x%x)\n",
+ le16toh(rxfrm->wi_frame_ctl) & WI_FCTL_FTYPE,
+ le16toh(rxfrm->wi_frame_ctl));
+ }
+}
+
+/* wihap_mgmt_input:
+ *
+ * Called for each management frame received in host ap mode.
+ * wihap_mgmt_input() is expected to free the mbuf.
+ */
+void
+wihap_mgmt_input(struct wi_softc *sc, struct wi_frame *rxfrm, struct mbuf *m)
+{
+ caddr_t pkt;
+ int s, len;
+
+ if (sc->arpcom.ac_if.if_flags & IFF_DEBUG)
+ wihap_debug_frame_type(rxfrm);
+
+ pkt = mtod(m, caddr_t) + WI_802_11_OFFSET_RAW;
+ len = m->m_len - WI_802_11_OFFSET_RAW;
+
+ if ((rxfrm->wi_frame_ctl & htole16(WI_FCTL_FTYPE)) ==
+ htole16(WI_FTYPE_MGMT)) {
+
+ /* any of the following will mess w/ the station list */
+ s = splnet();
+ switch (le16toh(rxfrm->wi_frame_ctl) & WI_FCTL_STYPE) {
+ case WI_STYPE_MGMT_ASREQ:
+ wihap_assoc_req(sc, rxfrm, pkt, len);
+ break;
+ case WI_STYPE_MGMT_ASRESP:
+ break;
+ case WI_STYPE_MGMT_REASREQ:
+ wihap_assoc_req(sc, rxfrm, pkt, len);
+ break;
+ case WI_STYPE_MGMT_REASRESP:
+ break;
+ case WI_STYPE_MGMT_PROBEREQ:
+ break;
+ case WI_STYPE_MGMT_PROBERESP:
+ break;
+ case WI_STYPE_MGMT_BEACON:
+ break;
+ case WI_STYPE_MGMT_ATIM:
+ break;
+ case WI_STYPE_MGMT_DISAS:
+ wihap_disassoc_req(sc, rxfrm, pkt, len);
+ break;
+ case WI_STYPE_MGMT_AUTH:
+ wihap_auth_req(sc, rxfrm, pkt, len);
+ break;
+ case WI_STYPE_MGMT_DEAUTH:
+ wihap_deauth_req(sc, rxfrm, pkt, len);
+ break;
+ }
+ splx(s);
+ }
+
+ m_freem(m);
+}
+
+/* wihap_sta_is_assoc()
+ *
+ * Determine if a station is assoc'ed. Update its activity
+ * counter as a side-effect.
+ */
+static int
+wihap_sta_is_assoc(struct wihap_info *whi, u_int8_t addr[])
+{
+ struct wihap_sta_info *sta;
+ int retval, s;
+
+ s = splnet();
+ retval = 0;
+ sta = wihap_sta_find(whi, addr);
+ if (sta != NULL && (sta->flags & WI_SIFLAGS_ASSOC)) {
+ /* Keep it active. */
+ untimeout(wihap_sta_timeout, sta, sta->tmo);
+ sta->tmo = timeout(wihap_sta_timeout, sta,
+ hz * whi->inactivity_time);
+ retval = 1;
+ }
+ splx(s);
+ return (retval);
+}
+
+/* wihap_check_tx()
+ *
+ * Determine if a station is assoc'ed, get its tx rate, and update
+ * its activity.
+ */
+int
+wihap_check_tx(struct wihap_info *whi, u_int8_t addr[], u_int8_t *txrate)
+{
+ struct wihap_sta_info *sta;
+ static u_int8_t txratetable[] = { 10, 20, 55, 110 };
+ int s;
+
+ if (addr[0] & 0x01) {
+ *txrate = 0; /* XXX: multicast rate? */
+ return(1);
+ }
+ s = splnet();
+ sta = wihap_sta_find(whi, addr);
+ if (sta != NULL && (sta->flags & WI_SIFLAGS_ASSOC)) {
+ /* Keep it active. */
+ untimeout(wihap_sta_timeout, sta, sta->tmo);
+ sta->tmo = timeout(wihap_sta_timeout, sta,
+ hz * whi->inactivity_time);
+ *txrate = txratetable[ sta->tx_curr_rate ];
+ splx(s);
+ return(1);
+ }
+ splx(s);
+
+ return(0);
+}
+
+/*
+ * wihap_data_input()
+ *
+ * Handle all data input on interface when in Host AP mode.
+ * Some packets are destined for this machine, others are
+ * repeated to other stations.
+ *
+ * If wihap_data_input() returns a non-zero, it has processed
+ * the packet and will free the mbuf.
+ */
+int
+wihap_data_input(struct wi_softc *sc, struct wi_frame *rxfrm, struct mbuf *m)
+{
+ struct ifnet *ifp = &sc->arpcom.ac_if;
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ struct wihap_sta_info *sta;
+ int mcast, s;
+
+ /* TODS flag must be set. */
+ if (!(rxfrm->wi_frame_ctl & htole16(WI_FCTL_TODS))) {
+ if (ifp->if_flags & IFF_DEBUG)
+ printf("wihap_data_input: no TODS src=%6D\n",
+ rxfrm->wi_addr2, ":");
+ m_freem(m);
+ return(1);
+ }
+
+ /* Check BSSID. (Is this necessary?) */
+ if (!addr_cmp(rxfrm->wi_addr1, sc->arpcom.ac_enaddr)) {
+ if (ifp->if_flags & IFF_DEBUG)
+ printf("wihap_data_input: incorrect bss: %6D\n",
+ rxfrm->wi_addr1, ":");
+ m_freem(m);
+ return (1);
+ }
+
+ s = splnet();
+
+ /* Find source station. */
+ sta = wihap_sta_find(whi, rxfrm->wi_addr2);
+
+ /* Source station must be associated. */
+ if (sta == NULL || !(sta->flags & WI_SIFLAGS_ASSOC)) {
+ if (ifp->if_flags & IFF_DEBUG)
+ printf("wihap_data_input: dropping unassoc src %6D\n",
+ rxfrm->wi_addr2, ":");
+ splx(s);
+ m_freem(m);
+ return(1);
+ }
+
+ untimeout(wihap_sta_timeout, sta, sta->tmo);
+ sta->tmo = timeout(wihap_sta_timeout, sta,
+ hz * whi->inactivity_time);
+ sta->sig_info = le16toh(rxfrm->wi_q_info);
+
+ splx(s);
+
+ /* Repeat this packet to BSS? */
+ mcast = (rxfrm->wi_addr3[0] & 0x01) != 0;
+ if (mcast || wihap_sta_is_assoc(whi, rxfrm->wi_addr3)) {
+
+ /* If it's multicast, make a copy.
+ */
+ if (mcast) {
+ m = m_copym(m, 0, M_COPYALL, M_DONTWAIT);
+ if (m == NULL)
+ return(0);
+ m->m_flags |= M_MCAST; /* XXX */
+ }
+
+ /* Queue up for repeating.
+ */
+ IF_HANDOFF(&ifp->if_snd, m, ifp);
+ return (!mcast);
+ }
+
+ return(0);
+}
+
+/* wihap_ioctl()
+ *
+ * Handle Host AP specific ioctls. Called from wi_ioctl().
+ */
+int
+wihap_ioctl(struct wi_softc *sc, u_long command, caddr_t data)
+{
+ struct ifreq *ifr = (struct ifreq *) data;
+ struct wihap_info *whi = &sc->wi_hostap_info;
+ struct wihap_sta_info *sta;
+ struct hostap_getall reqall;
+ struct hostap_sta reqsta;
+ struct hostap_sta stabuf;
+ int s, error = 0, n, flag;
+#if __FreeBSD_version >= 500000
+ struct thread *td = curthread;
+#else
+ struct proc *td = curproc; /* Little white lie */
+#endif
+
+ if (!(sc->arpcom.ac_if.if_flags & IFF_RUNNING))
+ return ENODEV;
+
+ switch (command) {
+ case SIOCHOSTAP_DEL:
+ if ((error = suser(td)))
+ break;
+ if ((error = copyin(ifr->ifr_data, &reqsta, sizeof(reqsta))))
+ break;
+ s = splnet();
+ sta = wihap_sta_find(whi, reqsta.addr);
+ if (sta == NULL)
+ error = ENOENT;
+ else {
+ /* Disassociate station. */
+ if (sta->flags & WI_SIFLAGS_ASSOC)
+ wihap_sta_disassoc(sc, sta,
+ IEEE80211_REASON_ASSOC_LEAVE);
+ /* Deauth station. */
+ if (sta->flags & WI_SIFLAGS_AUTHEN)
+ wihap_sta_deauth(sc, sta->addr,
+ IEEE80211_REASON_AUTH_LEAVE);
+
+ wihap_sta_delete(sta);
+ }
+ splx(s);
+ break;
+
+ case SIOCHOSTAP_GET:
+ if ((error = copyin(ifr->ifr_data, &reqsta, sizeof(reqsta))))
+ break;
+ s = splnet();
+ sta = wihap_sta_find(whi, reqsta.addr);
+ if (sta == NULL) {
+ error = ENOENT;
+ splx(s);
+ } else {
+ reqsta.flags = sta->flags;
+ reqsta.asid = sta->asid;
+ reqsta.capinfo = sta->capinfo;
+ reqsta.sig_info = sta->sig_info;
+ reqsta.rates = sta->rates;
+ splx(s);
+ error = copyout(&reqsta, ifr->ifr_data,
+ sizeof(reqsta));
+ }
+ break;
+
+ case SIOCHOSTAP_ADD:
+ if ((error = suser(td)))
+ break;
+ if ((error = copyin(ifr->ifr_data, &reqsta, sizeof(reqsta))))
+ break;
+ s = splnet();
+ sta = wihap_sta_find(whi, reqsta.addr);
+ if (sta != NULL) {
+ error = EEXIST;
+ splx(s);
+ break;
+ }
+ if (whi->n_stations >= WIHAP_MAX_STATIONS) {
+ error = ENOSPC;
+ splx(s);
+ break;
+ }
+ sta = wihap_sta_alloc(sc, reqsta.addr);
+ sta->flags = reqsta.flags;
+ sta->tmo = timeout(wihap_sta_timeout, sta,
+ hz * whi->inactivity_time);
+ splx(s);
+ break;
+
+ case SIOCHOSTAP_SFLAGS:
+ if ((error = suser(td)))
+ break;
+ if ((error = copyin(ifr->ifr_data, &flag, sizeof(int))))
+ break;
+
+ whi->apflags = (whi->apflags & WIHAPFL_CANTCHANGE) |
+ (flag & ~WIHAPFL_CANTCHANGE);
+ break;
+
+ case SIOCHOSTAP_GFLAGS:
+ flag = (int) whi->apflags;
+ error = copyout(&flag, ifr->ifr_data, sizeof(int));
+ break;
+
+ case SIOCHOSTAP_GETALL:
+ if ((error = copyin(ifr->ifr_data, &reqall, sizeof(reqall))))
+ break;
+
+ reqall.nstations = whi->n_stations;
+ n = 0;
+ s = splnet();
+ sta = LIST_FIRST(&whi->sta_list);
+ while (sta && reqall.size >= n+sizeof(struct hostap_sta)) {
+
+ bcopy(sta->addr, stabuf.addr, ETHER_ADDR_LEN);
+ stabuf.asid = sta->asid;
+ stabuf.flags = sta->flags;
+ stabuf.capinfo = sta->capinfo;
+ stabuf.sig_info = sta->sig_info;
+ stabuf.rates = sta->rates;
+
+ error = copyout(&stabuf, (caddr_t) reqall.addr + n,
+ sizeof(struct hostap_sta));
+ if (error)
+ break;
+
+ sta = LIST_NEXT(sta, list);
+ n += sizeof(struct hostap_sta);
+ }
+ splx(s);
+
+ if (!error)
+ error = copyout(&reqall, ifr->ifr_data,
+ sizeof(reqall));
+ break;
+ default:
+ printf("wihap_ioctl: i shouldn't get other ioctls!\n");
+ error = EINVAL;
+ }
+
+ return(error);
+}
diff --git a/sys/dev/wi/wi_hostap.h b/sys/dev/wi/wi_hostap.h
new file mode 100644
index 000000000000..681f955c47b4
--- /dev/null
+++ b/sys/dev/wi/wi_hostap.h
@@ -0,0 +1,135 @@
+/*
+ * Copyright (c) 2002
+ * Thomas Skibo <skibo@pacbell.net>. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Thomas Skibo.
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Thomas Skibo AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL Thomas Skibo OR HIS DRINKING PALS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef __WI_HOSTAP_H__
+#define __WI_HOSTAP_H__
+
+#define WIHAP_MAX_STATIONS 1800
+
+struct hostap_sta {
+ u_int8_t addr[6];
+ u_int16_t asid;
+ u_int16_t flags;
+ u_int16_t sig_info; /* 15:8 signal, 7:0 noise */
+ u_int16_t capinfo;
+ u_int8_t rates;
+};
+
+#define HOSTAP_FLAGS_AUTHEN 0x0001
+#define HOSTAP_FLAGS_ASSOC 0x0002
+#define HOSTAP_FLAGS_PERM 0x0004
+
+#define SIOCHOSTAP_GET _IOWR('i', 210, struct ifreq)
+#define SIOCHOSTAP_ADD _IOWR('i', 211, struct ifreq)
+#define SIOCHOSTAP_DEL _IOWR('i', 212, struct ifreq)
+#define SIOCHOSTAP_GETALL _IOWR('i', 213, struct ifreq)
+#define SIOCHOSTAP_GFLAGS _IOWR('i', 214, struct ifreq)
+#define SIOCHOSTAP_SFLAGS _IOWR('i', 215, struct ifreq)
+
+/* Flags for SIOCHOSTAP_GFLAGS/SFLAGS */
+#define WIHAPFL_ACTIVE 0x0001
+#define WIHAPFL_MAC_FILT 0x0002
+
+/* Flags set inernally only: */
+#define WIHAPFL_CANTCHANGE (WIHAPFL_ACTIVE)
+
+struct hostap_getall {
+ int nstations;
+ struct hostap_sta *addr;
+ int size;
+};
+
+
+
+#ifdef _KERNEL
+struct wihap_sta_info {
+ LIST_ENTRY(wihap_sta_info) list;
+ LIST_ENTRY(wihap_sta_info) hash;
+
+ struct wi_softc *sc;
+ u_int8_t addr[6];
+ u_short flags;
+ int inactivity_timer;
+
+ u_int16_t asid;
+ u_int16_t capinfo;
+ u_int16_t sig_info; /* 15:8 signal, 7:0 noise */
+ u_int8_t rates;
+ u_int8_t tx_curr_rate;
+ u_int8_t tx_max_rate;
+ u_int32_t *challenge;
+ struct callout_handle tmo;
+};
+
+#define WI_SIFLAGS_ASSOC HOSTAP_FLAGS_ASSOC
+#define WI_SIFLAGS_AUTHEN HOSTAP_FLAGS_AUTHEN
+#define WI_SIFLAGS_PERM HOSTAP_FLAGS_PERM
+
+#define WI_STA_HASH_SIZE 113
+
+#if WI_STA_HASH_SIZE*16 >= 2007 /* will generate ASID's too large. */
+#error "WI_STA_HASH_SIZE too big"
+#endif
+#if WI_STA_HASH_SIZE*16 < WIHAP_MAX_STATIONS
+#error "WI_STA_HASH_SIZE too small"
+#endif
+
+struct wihap_info {
+ LIST_HEAD(sta_list, wihap_sta_info) sta_list;
+ LIST_HEAD(sta_hash, wihap_sta_info) sta_hash[WI_STA_HASH_SIZE];
+
+ u_int16_t apflags;
+
+ int n_stations;
+ u_int16_t asid_inuse_mask[WI_STA_HASH_SIZE];
+
+ int inactivity_time;
+};
+
+#define WIHAP_INTERVAL 5
+#define WIHAP_DFLT_INACTIVITY_TIME 120 /* 2 minutes */
+
+struct wi_softc;
+struct wi_frame;
+
+void wihap_timer(void *);
+void wihap_mgmt_input(struct wi_softc *, struct wi_frame *, struct mbuf *);
+int wihap_data_input(struct wi_softc *, struct wi_frame *, struct mbuf *);
+int wihap_check_tx(struct wihap_info *, u_int8_t [], u_int8_t *);
+void wihap_init(struct wi_softc *);
+void wihap_shutdown(struct wi_softc *);
+int wihap_ioctl(struct wi_softc *, u_long, caddr_t);
+
+#endif /* _KERNEL */
+#endif /* __WI_HOSTAP_H__ */
generated by cgit v1.3 (git 2.53.0) at 2026-04-19 20:10:12 +0000