1 /* $OpenBSD: pgtreg.h,v 1.7 2006/10/11 12:10:19 claudio Exp $ */
2
3 /*
4 * Copyright (c) 2006 Claudio Jeker <claudio@openbsd.org>
5 * Copyright (c) 2006 Marcus Glocker <mglocker@openbsd.org>
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 /*
21 * Copyright (c) 2004 Fujitsu Laboratories of America, Inc.
22 * Copyright (c) 2004 Brian Fundakowski Feldman
23 * All rights reserved.
24 *
25 * Redistribution and use in source and binary forms, with or without
26 * modification, are permitted provided that the following conditions
27 * are met:
28 * 1. Redistributions of source code must retain the above copyright
29 * notice, this list of conditions and the following disclaimer.
30 * 2. Redistributions in binary form must reproduce the above copyright
31 * notice, this list of conditions and the following disclaimer in the
32 * documentation and/or other materials provided with the distribution.
33 *
34 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
35 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
36 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
37 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
38 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
39 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
40 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
41 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
42 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
43 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
44 * SUCH DAMAGE.
45 */
46
47 #ifndef __PGTREG_H__
48 #define __PGTREG_H__
49
50 /* Sizes, delays, etc. */
51 #define PGT_TX_LIST_CNT 32
52 #define PGT_RX_LIST_CNT 8
53 #define PGT_FRAG_SIZE 1536 /* overkill for mgmt frames */
54 #define PGT_DIRECT_MEMORY_OFFSET 0x1000
55 #define PGT_DIRECT_MEMORY_SIZE 0x1000
56 #define PGT_FIRMWARE_INTERNAL_OFFSET 0x20000
57 #define PGT_WRITEIO_DELAY 10
58 #define PGT_RESET_DELAY 50000
59
60 /* Registers */
61 #define PGT_REG_DEV_INT 0x0000 /* device interrupt */
62 #define PGT_DEV_INT_RESET 0x00000001
63 #define PGT_DEV_INT_UPDATE 0x00000002
64 #define PGT_DEV_INT_WAKEUP 0x00000008
65 #define PGT_DEV_INT_SLEEP 0x00000010
66 #define PGT_REG_INT_STAT 0x0010 /* interrupt status */
67 #define PGT_INT_STAT_UPDATE 0x00000002
68 #define PGT_INT_STAT_INIT 0x00000004
69 #define PGT_INT_STAT_WAKEUP 0x00000008
70 #define PGT_INT_STAT_SLEEP 0x00000010
71 #define PGT_INT_STAT_UNKNOWN0 0x00004000
72 #define PGT_INT_STAT_UNKNOWN1 0x80000000
73 #define PGT_INT_STAT_SOURCES 0x8000401e
74 #define PGT_REG_INT_ACK 0x0014 /* interrupt acknowledgement */
75 #define PGT_REG_INT_EN 0x0018 /* interrupt enable */
76 #define PGT_REG_CTRL_BLK_BASE 0x0020 /* control block address */
77 #define PGT_REG_GEN_PURP_COM 0x0024
78 #define PGT_REG_DIR_MEM_BASE 0x0030
79 #define PGT_REG_CTRL_STAT 0x0078
80 #define PGT_CTRL_STAT_SLEEPMODE 0x00000200
81 #define PGT_CTRL_STAT_CLOCKRUN 0x00800000
82 #define PGT_CTRL_STAT_RESET 0x10000000
83 #define PGT_CTRL_STAT_RAMBOOT 0x20000000
84 #define PGT_CTRL_STAT_STARTHALTED 0x40000000
85 #define PGT_CTRL_STAT_HOST_OVERRIDE 0x80000000
86
87 /*
88 * The control block consists of a set of queues for low- and high-priority
89 * data, and management, transmission and reception queues. There is a
90 * set of indices that gives the index (modulo queue size) of the current
91 * progress in each. Nearly all configuration is done from the management
92 * queue interface. Almost every structure is little-endian.
93 */
94 enum pgt_queue {
95 PGT_QUEUE_DATA_LOW_RX = 0,
96 PGT_QUEUE_DATA_LOW_TX = 1,
97 PGT_QUEUE_DATA_HIGH_RX = 2,
98 PGT_QUEUE_DATA_HIGH_TX = 3,
99 PGT_QUEUE_MGMT_RX = 4,
100 PGT_QUEUE_MGMT_TX = 5
101 };
102
103 #define PGT_QUEUE_COUNT 6
104 #define PGT_QUEUE_DATA_RX_SIZE 8
105 #define PGT_QUEUE_DATA_TX_SIZE 32
106 #define PGT_QUEUE_MGMT_SIZE 4
107 #define PGT_QUEUE_FULL_THRESHOLD 8
108
109 struct pgt_frag {
110 uint32_t pf_addr; /* physical host address */
111 uint16_t pf_size;
112 uint16_t pf_flags;
113 #define PF_FLAG_MF 0x0001 /* more frags (frame continues) */
114 };
115
116 struct pgt_control_block {
117 uint32_t pcb_driver_curfrag[PGT_QUEUE_COUNT];
118 uint32_t pcb_device_curfrag[PGT_QUEUE_COUNT];
119 struct pgt_frag pcb_data_low_rx[PGT_QUEUE_DATA_RX_SIZE];
120 struct pgt_frag pcb_data_low_tx[PGT_QUEUE_DATA_TX_SIZE];
121 struct pgt_frag pcb_data_high_rx[PGT_QUEUE_DATA_RX_SIZE];
122 struct pgt_frag pcb_data_high_tx[PGT_QUEUE_DATA_TX_SIZE];
123 struct pgt_frag pcb_mgmt_rx[PGT_QUEUE_MGMT_SIZE];
124 struct pgt_frag pcb_mgmt_tx[PGT_QUEUE_MGMT_SIZE];
125 uint32_t pcb_padding;
126 };
127
128 /*
129 * Unlike the rest of the structures, this is big-endian by default.
130 * The Linux driver defines a PIMFOR_ETHERTYPE as 0x8828 (why?)
131 */
132 enum pgt_mgmt_operation {
133 PMF_OP_GET = 0,
134 PMF_OP_SET = 1,
135 PMF_OP_RESPONSE = 2,
136 PMF_OP_ERROR = 3,
137 PMF_OP_TRAP = 4
138 /* may be more */
139 };
140
141 struct pgt_mgmt_frame {
142 uint8_t pmf_version;
143 #define PMF_VER 0x01
144 uint8_t pmf_operation;
145 uint32_t pmf_oid;
146 uint8_t pmf_device;
147 #define PMF_DEV 0x00
148 uint8_t pmf_flags;
149 #define PMF_FLAG_APP 0x01 /* application origin (?) */
150 #define PMF_FLAG_LE 0x02 /* little-endian */
151 #define PMF_FLAG_VALID (PMF_FLAG_APP | PMF_FLAG_LE)
152 uint32_t pmf_size;
153 /* data[]; */
154 } __packed;
155
156 struct pgt_rx_header {
157 uint16_t pra_unknown0; /* always 0x0000 */
158 uint16_t pra_length; /* always 0x1400 */
159 uint32_t pra_clock; /* 1MHz timestamp */
160 uint8_t pra_flags;
161 #define PRA_FLAG_BAD 0x01
162 uint8_t pra_unknown1;
163 uint8_t pra_rate;
164 uint8_t pra_unknown2;
165 uint16_t pra_frequency;
166 uint16_t pra_unknown3;
167 uint8_t pra_rssi;
168 uint8_t pra_pad[3];
169 } __packed;
170
171 struct pgt_rx_annex {
172 uint8_t pra_ether_dhost[ETHER_ADDR_LEN];
173 uint8_t pra_ether_shost[ETHER_ADDR_LEN];
174 struct pgt_rx_header pra_header;
175 uint16_t pra_ether_type;
176 } __packed;
177
178 /*
179 * OIDs used to communicate management information.
180 */
181 enum pgt_oid {
182 PGT_OID_MAC_ADDRESS = 0x00000000,
183 /* uint8_t ether[6]; */
184 PGT_OID_LINK_STATE = 0x00000001,
185 /* uint32_t rate; (500kbps units) */
186 PGT_OID_BSS_TYPE = 0x10000000,
187 /* uint32_t network; */
188 #define PGT_BSS_TYPE_NONE 0
189 #define PGT_BSS_TYPE_STA 1
190 #define PGT_BSS_TYPE_IBSS 2
191 #define PGT_BSS_TYPE_ANY 3
192 PGT_OID_BSSID = 0x10000001,
193 /* uint8_t bssid[6]; */
194 PGT_OID_SSID = 0x10000002,
195 /* struct pgt_obj_ssid; */
196 PGT_OID_COUNTRY = 0x10000005,
197 /* uint32_t country; guessing until I see some foreign hardware... */
198 #define PGT_COUNTRY_USA 0
199 PGT_OID_SSID_OVERRIDE = 0x10000006,
200 /* struct pgt_obj_ssid; */
201 PGT_OID_AUTH_MODE = 0x12000000,
202 /* uint32_t auth; */
203 #define PGT_AUTH_MODE_NONE 0
204 #define PGT_AUTH_MODE_OPEN 1
205 #define PGT_AUTH_MODE_SHARED 2
206 #define PGT_AUTH_MODE_BOTH 3
207 PGT_OID_PRIVACY_INVOKED = 0x12000001,
208 /* uint32_t privacy; */
209 PGT_OID_EXCLUDE_UNENCRYPTED = 0x12000002,
210 /* uint32_t exunencrypted; */
211 PGT_OID_DEFAULT_KEYNUM = 0x12000003,
212 /* uint32_t defkey; */
213 PGT_OID_DEFAULT_KEY0 = 0x12000004,
214 /* struct pgt_obj_key; */
215 PGT_OID_DEFAULT_KEY1 = 0x12000005,
216 /* struct pgt_obj_key; */
217 PGT_OID_DEFAULT_KEY2 = 0x12000006,
218 /* struct pgt_obj_key; */
219 PGT_OID_DEFAULT_KEY3 = 0x12000007,
220 /* struct pgt_obj_key; */
221 PGT_OID_STA_KEY = 0x12000008,
222 PGT_OID_PSM = 0x14000000,
223 /* uint32_t powersave; */
224 PGT_OID_EAPAUTHSTA = 0x150007de,
225 /* uint8_t sta[6]; */
226 PGT_OID_EAPUNAUTHSTA = 0x150007df,
227 /* uint8_t sta[6]; */
228 PGT_OID_DOT1X = 0x150007e0,
229 /* uint32_t dot1x; */
230 #define PGT_DOT1X_AUTH_NONE 0
231 #define PGT_DOT1X_AUTH_ENABLED 1
232 #define PGT_DOT1X_KEYTX_ENABLED 2
233 PGT_OID_SLOT_TIME = 0x17000000,
234 /* uint32_t slottime; */
235 PGT_OID_CHANNEL = 0x17000007,
236 /* uint32_t channel; */
237 PGT_OID_PREAMBLE_MODE = 0x17000009,
238 /* uint32_t preamble; */
239 #define PGT_OID_PREAMBLE_MODE_LONG 0
240 #define PGT_OID_PREAMBLE_MODE_SHORT 1
241 #define PGT_OID_PREAMBLE_MODE_DYNAMIC 2
242 PGT_OID_RATES = 0x1700000a,
243 /* uint8_t rates[]; nul terminated */
244 PGT_OID_RSSI_VECTOR = 0x1700000d,
245 PGT_OID_OUTPUT_POWER_TABLE = 0x1700000e,
246 PGT_OID_OUTPUT_POWER = 0x1700000f,
247 PGT_OID_SUPPORTED_RATES = 0x17000010,
248 /* uint8_t rates[]; nul terminated */
249 PGT_OID_NOISE_FLOOR = 0x17000013,
250 /* uint32_t noise; */
251 PGT_OID_SLOT_MODE = 0x17000017,
252 /* uint32_t slot; */
253 #define PGT_OID_SLOT_MODE_LONG 0
254 #define PGT_OID_SLOT_MODE_SHORT 1
255 #define PGT_OID_SLOT_MODE_DYNAMIC 2
256 PGT_OID_EXTENDED_RATES = 0x17000020,
257 /* uint8_t rates[]; nul terminated */
258 PGT_OID_FREQUENCY = 0x17000011,
259 /* uint32_t frequency; */
260 PGT_OID_SUPPORTED_FREQUENCIES = 0x17000012,
261 /* struct pgt_obj_freq; */
262 PGT_OID_PROFILE = 0x17000019,
263 /* uint32_t profile; */
264 #define PGT_PROFILE_B_ONLY 0
265 #define PGT_PROFILE_MIXED_G_WIFI 1
266 #define PGT_PROFILE_MIXED_LONG 2
267 #define PGT_PROFILE_G_ONLY 3
268 #define PGT_PROFILE_TEST 4
269 #define PGT_PROFILE_B_WIFI 5
270 #define PGT_PROFILE_A_ONLY 6
271 #define PGT_PROFILE_MIXED_SHORT 7
272 PGT_OID_DEAUTHENTICATE = 0x18000000,
273 /* struct pgt_obj_mlme; */
274 PGT_OID_AUTHENTICATE = 0x18000001,
275 /* struct pgt_obj_mlme; */
276 PGT_OID_DISASSOCIATE = 0x18000002,
277 /* struct pgt_obj_mlme; */
278 PGT_OID_ASSOCIATE = 0x18000003,
279 /* struct pgt_obj_mlme; */
280 PGT_OID_SCAN = 0x18000004,
281 PGT_OID_BEACON = 0x18000005,
282 /* struct pgt_obj_mlmeex; */
283 PGT_OID_PROBE = 0x18000006,
284 /* struct pgt_obj_mlmeex; */
285 PGT_OID_DEAUTHENTICATEEX = 0x18000007,
286 /* struct pgt_obj_mlmeex; */
287 PGT_OID_AUTHENTICATEEX = 0x18000008,
288 /* struct pgt_obj_mlmeex; */
289 PGT_OID_DISASSOCIATEEX = 0x18000009,
290 /* struct pgt_obj_mlmeex; */
291 PGT_OID_ASSOCIATEEX = 0x1800000a,
292 /* struct pgt_obj_mlmeex; */
293 PGT_OID_REASSOCIATE = 0x1800000b,
294 /* struct pgt_obj_mlmeex; */
295 PGT_OID_REASSOCIATEEX = 0x1800000c,
296 /* struct pgt_obj_mlmeex; */
297 PGT_OID_MLME_AUTO_LEVEL = 0x19000001,
298 /* uint32_t mlme; */
299 #define PGT_MLME_AUTO_LEVEL_AUTO 0
300 #define PGT_MLME_AUTO_LEVEL_INTERMEDIATE 1
301 #define PGT_MLME_AUTO_LEVEL_EXTENDED 2
302 /* struct pgt_obj_buffer;*/
303 PGT_OID_PSM_BUFFER = 0x19000004,
304 /* struct pgt_obj_buffer;*/
305 #define PGT_PSM_BUFFER_FRAME_COUNT 64
306 PGT_OID_MAX_FRAME_BURST = 0x1b000008,
307 /* uint32_t max_usec_grouped; */
308 PGT_OID_BSS_FIND = 0x1c000042,
309 /* struct pgt_obj_bss; */
310 PGT_OID_BSS_LIST = 0x1c000043,
311 /* struct pgt_obj_bsslist; */
312 /* Initial settings. */
313 PGT_OID_MODE = 0xff020003,
314 /* uint32_t mode; */
315 #define PGT_MODE_PROMISCUOUS 0
316 #define PGT_MODE_CLIENT 1
317 #define PGT_MODE_AP 2
318 #define PGT_MODE_SNIFFER 3
319 PGT_OID_CONFIG = 0xff020008,
320 /* uint32_t flags; */
321 #define PGT_CONFIG_MANUAL_RUN 0x00000001
322 #define PGT_CONFIG_FRAME_TRAP 0x00000002
323 #define PGT_CONFIG_RX_ANNEX 0x00000004
324 #define PGT_CONFIG_TX_ANNEX 0x00000008
325 #define PGT_CONFIG_WDS 0x00000010
326 PGT_OID_PHY = 0xff02000d,
327 #define PGT_OID_PHY_2400MHZ 0x00000001
328 #define PGT_OID_PHY_5000MHZ 0x00000002
329 #define PGT_OID_PHY_FAA 0x80000000
330 };
331
332 /*
333 * Structures used to communicate via the OIDs.
334 */
335 struct pgt_obj_ssid {
336 uint8_t pos_length;
337 char pos_ssid[33];
338 } __packed;
339
340 struct pgt_obj_key {
341 uint8_t pok_type;
342 #define PGT_OBJ_KEY_TYPE_WEP 0
343 #define PGT_OBJ_KEY_TYPE_TKIP 1
344 uint8_t pok_length;
345 uint8_t pok_key[32];
346 } __packed;
347
348 /*
349 * Each mlme received includes the current 802.11 state.
350 */
351 #define PGT_MLME_STATE_NONE 0
352 #define PGT_MLME_STATE_AUTHING 1
353 #define PGT_MLME_STATE_AUTH 2
354 #define PGT_MLME_STATE_ASSOCING 3
355
356 #define PGT_MLME_STATE_ASSOC 5
357 #define PGT_MLME_STATE_IBSS 6
358 #define PGT_MLME_STATE_WDS 7
359
360 struct pgt_obj_mlme {
361 uint8_t pom_address[6];
362 uint16_t pom_id; /* 802.11 association number */
363 uint16_t pom_state;
364 uint16_t pom_code; /* 802.11 reason code */
365 } __packed;
366
367 struct pgt_obj_mlmeex {
368 uint8_t pom_address[6];
369 uint16_t pom_id;
370 uint16_t pom_state;
371 uint16_t pom_code;
372 uint16_t pom_size;
373 uint8_t pom_data[0];
374 } __packed;
375
376 struct pgt_obj_buffer {
377 uint32_t pob_size;
378 uint32_t pob_addr;
379 } __packed;
380
381 struct pgt_obj_bss {
382 uint8_t pob_address[6];
383 uint16_t pob_padding0;
384 uint8_t pob_state;
385 uint8_t pob_reserved;
386 uint16_t pob_age;
387 uint8_t pob_quality;
388 uint8_t pob_rssi;
389 struct pgt_obj_ssid pob_ssid;
390 uint16_t pob_channel;
391 uint8_t pob_beacon_period;
392 uint8_t pob_dtim_period;
393 uint16_t pob_capinfo;
394 uint16_t pob_rates;
395 uint16_t pob_basic_rates;
396 uint16_t pob_padding1;
397 } __packed;
398
399 struct pgt_obj_bsslist {
400 uint32_t pob_count;
401 struct pgt_obj_bss pob_bsslist[0];
402 #define PGT_OBJ_BSSLIST_NBSS 24
403 } __packed;
404
405 struct pgt_obj_frequencies {
406 uint16_t pof_count;
407 uint16_t pof_freqlist_mhz[0];
408 } __packed;
409
410 #endif