Here comes the next version of the MBIM driver. Changes since last version:
- incorporated suggestions from mpi@ - renamed to "umb" Only file "mbim.h" which contains MBIM protocol related stuff continues to use "mbim" as prefix. - No longer takes fake addresses nor does it try to restore them I would be glad to hear from some people trying this with a real MBIM device. Gerhard Index: sbin/ifconfig/ifconfig.8 =================================================================== RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v retrieving revision 1.267 diff -u -p -u -p -r1.267 ifconfig.8 --- sbin/ifconfig/ifconfig.8 6 Apr 2016 10:07:14 -0000 1.267 +++ sbin/ifconfig/ifconfig.8 8 Jun 2016 12:52:59 -0000 @@ -519,6 +519,8 @@ tunnel .Xr vxlan 4 ) .It .Xr vlan 4 +.It +.Xr umb 4 .El .\" BRIDGE .Sh BRIDGE @@ -1645,6 +1647,67 @@ will be assigned 802.1Q tag 5. Disassociate from the parent interface. This breaks the link between the vlan interface and its parent, clears its vlan tag, flags, and link address, and shuts the interface down. +.El +.\" UMB +.Sh UMB +.nr nS 1 +.Bk -words +.Nm ifconfig +.Ar umb-interface +.Op Cm pin Ar pin +.Op Cm chgpin Ar oldpin Ar newpin +.Op Cm puk Ar puk Ar newpin +.Op Oo Fl Oc Ns Cm apn Ar apn +.Op Oo Fl Oc Ns Cm class Ar class,class,... +.Op Oo Fl Oc Ns Cm roaming +.Ek +.nr nS 0 +.Pp +The following options are available for an +.Xr umb 4 +interface: +.Bl -tag -width Ds +.It Cm pin Ar pin +Enter the PIN required to unlock the SIM card. Most SIM cards will not +allow to establish a network association without providing a PIN. +.It Cm chgpin Ar oldpin Ar newpin +Permanently changes the PIN of the SIM card from the current value +.Ar oldpin +to +.Ar newpin . +.It Cm puk Ar puk Ar newpin +Sets the PIN of the SIM card to +.Ar newpin +using the PUK +.Ar puk +to validate the request. +.It Cm apn Ar apn +Set the "Access Point Name" required by your network provider. +.It Fl apn +Clear the current "Access Point Name" value. +.It Cm class +List all available cell classes. +.It Cm class Ar class,class,... +Set the preferred cell classes. Apart from those listed by +.Nm Cm class +the following aliases can be used: +.Ar 4G, +.Ar 3G, +and +.Ar 2G. +.It Fl class +Clear any cell class preferences. +.It Cm roaming +Enable data roaming. +.It Fl roaming +Disable data roaming. +.It Cm up +As soon as the interface is marked as "up", the +.Xr umb 4 +device will try to establish a data connection with the service provider. +.It Cm down +Marking the interface as "down" will terminate any existing data connection +and deregister with the service provider. .El .Sh EXAMPLES Assign the Index: sbin/ifconfig/ifconfig.c =================================================================== RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v retrieving revision 1.322 diff -u -p -u -p -r1.322 ifconfig.c --- sbin/ifconfig/ifconfig.c 3 May 2016 17:52:33 -0000 1.322 +++ sbin/ifconfig/ifconfig.c 8 Jun 2016 12:52:59 -0000 @@ -107,6 +107,10 @@ #include <ifaddrs.h> #include "brconfig.h" +#ifndef SMALL +#include <dev/usb/mbim.h> +#include <dev/usb/if_umb.h> +#endif /* SMALL */ #define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) @@ -145,6 +149,7 @@ int showmediaflag; int showcapsflag; int shownet80211chans; int shownet80211nodes; +int showclasses; void notealias(const char *, int); void setifaddr(const char *, int); @@ -275,6 +280,18 @@ void unsetifdesc(const char *, int); void printifhwfeatures(const char *, int); void setpair(const char *, int); void unsetpair(const char *, int); +void umb_status(void); +void umb_printclasses(char *, int); +int umb_parse_classes(const char *); +void umb_setpin(const char *, int); +void umb_chgpin(const char *, const char *); +void umb_puk(const char *, const char *); +void umb_pinop(int, int, const char *, const char *); +void umb_apn(const char *, int); +void umb_setclass(const char *, int); +void umb_roaming(const char *, int); +void utf16_to_char(uint16_t *, int, char *, size_t); +int char_to_utf16(const char *, uint16_t *, size_t); #else void setignore(const char *, int); #endif @@ -486,6 +503,15 @@ const struct cmd { { "-descr", 1, 0, unsetifdesc }, { "wol", IFXF_WOL, 0, setifxflags }, { "-wol", -IFXF_WOL, 0, setifxflags }, + { "pin", NEXTARG, 0, umb_setpin }, + { "chgpin", NEXTARG2, 0, NULL, umb_chgpin }, + { "puk", NEXTARG2, 0, NULL, umb_puk }, + { "apn", NEXTARG, 0, umb_apn }, + { "-apn", -1, 0, umb_apn }, + { "class", NEXTARG0, 0, umb_setclass }, + { "-class", -1, 0, umb_setclass }, + { "roaming", 1, 0, umb_roaming }, + { "-roaming", 0, 0, umb_roaming }, { "patch", NEXTARG, 0, setpair }, { "-patch", 1, 0, unsetpair }, #else /* SMALL */ @@ -2942,6 +2968,7 @@ status(int link, struct sockaddr_dl *sdl mpe_status(); mpw_status(); pflow_status(); + umb_status(); #endif trunk_status(); getifgroups(); @@ -4875,6 +4902,403 @@ setifpriority(const char *id, int param) if (ioctl(s, SIOCSIFPRIORITY, (caddr_t)&ifr) < 0) warn("SIOCSIFPRIORITY"); } + + +const struct umb_valdescr umb_regstate[] = MBIM_REGSTATE_DESCRIPTIONS; +const struct umb_valdescr umb_dataclass[] = MBIM_DATACLASS_DESCRIPTIONS; +const struct umb_valdescr umb_simstate[] = MBIM_SIMSTATE_DESCRIPTIONS; +const struct umb_valdescr umb_istate[] = UMB_INTERNAL_STATE_DESCRIPTIONS; +const struct umb_valdescr umb_pktstate[] = MBIM_PKTSRV_STATE_DESCRIPTIONS; +const struct umb_valdescr umb_actstate[] = MBIM_ACTIVATION_STATE_DESCRIPTIONS; + +const struct umb_valdescr umb_classalias[] = { + { MBIM_DATACLASS_GPRS | MBIM_DATACLASS_EDGE, "2g" }, + { MBIM_DATACLASS_UMTS | MBIM_DATACLASS_HSDPA | MBIM_DATACLASS_HSUPA, + "3g" }, + { MBIM_DATACLASS_LTE, "4g" }, + { 0, NULL } +}; + +int +umb_descr2val(const struct umb_valdescr *vdp, char *str) +{ + while (vdp->descr != NULL) { + if (!strcasecmp(vdp->descr, str)) + return vdp->val; + vdp++; + } + return 0; +} + +void +umb_status(void) +{ + struct umb_info mi; + char provider[UMB_PROVIDERNAME_MAXLEN+1]; + char roamingtxt[UMB_ROAMINGTEXT_MAXLEN+1]; + char devid[UMB_DEVID_MAXLEN+1]; + char fwinfo[UMB_FWINFO_MAXLEN+1]; + char hwinfo[UMB_HWINFO_MAXLEN+1]; + char sid[UMB_SUBSCRIBERID_MAXLEN+1]; + char iccid[UMB_ICCID_MAXLEN+1]; + char apn[UMB_APN_MAXLEN+1]; + char pn[UMB_PHONENR_MAXLEN+1]; + int i, n; + + memset((char *)&mi, 0, sizeof(mi)); + ifr.ifr_data = (caddr_t)&mi; + if (ioctl(s, SIOCGUMBINFO, (caddr_t)&ifr) == -1) + return; + + if (mi.nwerror) { + /* 3GPP 24.008 Cause Code */ + printf("\terror: "); + switch (mi.nwerror) { + case 2: + printf("SIM not activated"); + break; + case 4: + printf("Roaming not supported"); + break; + case 6: + printf("SIM reported stolen"); + break; + case 7: + printf("No GPRS subscription"); + break; + case 8: + printf("GPRS and non-GPRS services not allowed"); + break; + case 11: + printf("Subscription expired"); + break; + case 12: + printf("Subscription does not cover current location"); + break; + case 13: + printf("No roaming in this location"); + break; + case 14: + printf("GPRS not supported"); + break; + case 15: + printf("No subscription for the service"); + break; + case 17: + printf("Registration failed"); + break; + case 22: + printf("Network congestion"); + break; + default: + printf("Error code %d", mi.nwerror); + break; + } + printf("\n"); + } + + printf("\troaming %s registration %s", + mi.enable_roaming ? "enabled" : "disabled", + umb_val2descr(umb_regstate, mi.regstate)); + utf16_to_char(mi.roamingtxt, UMB_ROAMINGTEXT_MAXLEN, + roamingtxt, sizeof (roamingtxt)); + if (roamingtxt[0]) + printf(" [%s]", roamingtxt); + printf("\n"); + + if (showclasses) + umb_printclasses("available classes", mi.supportedclasses); + printf("\tstate %s cell-class %s", + umb_val2descr(umb_istate, mi.state), + umb_val2descr(umb_dataclass, mi.highestclass)); + if (mi.rssi != UMB_VALUE_UNKNOWN && mi.rssi != 0) + printf(" rssi %ddBm", mi.rssi); + if (mi.uplink_speed != 0 || mi.downlink_speed != 0) { + char s[2][FMT_SCALED_STRSIZE]; + if (fmt_scaled(mi.uplink_speed, s[0]) != 0) + snprintf(s[0], sizeof (s[0]), "%llu", mi.uplink_speed); + if (fmt_scaled(mi.downlink_speed, s[1]) != 0) + snprintf(s[1], sizeof (s[1]), "%llu", mi.downlink_speed); + printf(" speed %sps up %sps down", s[0], s[1]); + } + printf("\n"); + + printf("\tSIM %s PIN ", umb_val2descr(umb_simstate, mi.sim_state)); + switch (mi.pin_state) { + case UMB_PIN_REQUIRED: + printf("required"); + break; + case UMB_PIN_UNLOCKED: + printf("valid"); + break; + case UMB_PUK_REQUIRED: + printf("locked (PUK required)"); + break; + default: + printf("unkown state (%d)", mi.pin_state); + break; + } + if (mi.pin_attempts_left != UMB_VALUE_UNKNOWN) + printf(" (%d attempts left)", mi.pin_attempts_left); + printf("\n"); + + utf16_to_char(mi.sid, UMB_SUBSCRIBERID_MAXLEN, sid, sizeof (sid)); + utf16_to_char(mi.iccid, UMB_ICCID_MAXLEN, iccid, sizeof (iccid)); + utf16_to_char(mi.provider, UMB_PROVIDERNAME_MAXLEN, + provider, sizeof (provider)); + if (sid[0] || iccid[0] || provider[0]) { + printf("\t"); + n = 0; + if (sid[0]) + printf("%ssubscriber-id %s", n++ ? " " : "", sid); + if (iccid[0]) + printf("%sICC-id %s", n++ ? " " : "", iccid); + if (provider[0]) + printf("%sprovider %s", n ? " " : "", provider); + printf("\n"); + } + + utf16_to_char(mi.hwinfo, UMB_HWINFO_MAXLEN, hwinfo, sizeof (hwinfo)); + utf16_to_char(mi.devid, UMB_DEVID_MAXLEN, devid, sizeof (devid)); + utf16_to_char(mi.fwinfo, UMB_FWINFO_MAXLEN, fwinfo, sizeof (fwinfo)); + if (hwinfo[0] || devid[0] || fwinfo[0]) { + printf("\t"); + n = 0; + if (hwinfo[0]) + printf("%sdevice %s", n++ ? " " : "", hwinfo); + if (devid[0]) { + printf("%s", n++ ? " " : ""); + switch (mi.cellclass) { + case MBIM_CELLCLASS_GSM: + printf("IMEI"); + break; + case MBIM_CELLCLASS_CDMA: + n = strlen(devid); + if (n == 8 || n == 11) { + printf("ESN"); + break; + } else if (n == 14 || n == 18) { + printf("MEID"); + break; + } + /*FALLTHROUGH*/ + default: + printf("ID"); + break; + } + printf(" %s", devid); + } + if (fwinfo[0]) + printf("%sfirmware %s", n++ ? " " : "", fwinfo); + printf("\n"); + } + + utf16_to_char(mi.pn, UMB_PHONENR_MAXLEN, pn, sizeof (pn)); + utf16_to_char(mi.apn, UMB_APN_MAXLEN, apn, sizeof (apn)); + if (pn[0] || apn[0]) { + printf("\t"); + n = 0; + if (pn[0]) + printf("%sphone# +%s", n++ ? " " : "", pn); + if (apn[0]) + printf("%sAPN %s", n++ ? " " : "", apn); + printf("\n"); + } + + for (i = 0, n = 0; i < UMB_MAX_DNSSRV; i++) { + if (mi.ipv4dns[i] == INADDR_ANY) + break; + printf("%s %s", n++ ? "" : "\tdns", + inet_ntoa(*(struct in_addr *)&mi.ipv4dns[i])); + } + if (n) + printf("\n"); +} + +void +umb_printclasses(char *tag, int c) +{ + int i; + char *sep = ""; + + printf("\t%s: ", tag); + i = 0; + while (umb_dataclass[i].descr) { + if (umb_dataclass[i].val & c) { + printf("%s%s", sep, umb_dataclass[i].descr); + sep = ","; + } + i++; + } + printf("\n"); +} + +int +umb_parse_classes(const char *spec) +{ + char *optlist, *str; + int c = 0, v; + + if ((optlist = strdup(spec)) == NULL) + err(1, "strdup"); + str = strtok(optlist, ","); + while (str != NULL) { + if ((v = umb_descr2val(umb_dataclass, str)) != 0 || + (v = umb_descr2val(umb_classalias, str)) != 0) + c |= v; + str = strtok(NULL, ","); + } + free(optlist); + return c; +} + +void +umb_setpin(const char *pin, int d) +{ + umb_pinop(MBIM_PIN_OP_ENTER, 0, pin, NULL); +} + +void +umb_chgpin(const char *pin, const char *newpin) +{ + umb_pinop(MBIM_PIN_OP_CHANGE, 0, pin, newpin); +} + +void +umb_puk(const char *pin, const char *newpin) +{ + umb_pinop(MBIM_PIN_OP_ENTER, 1, pin, newpin); +} + +void +umb_pinop(int op, int is_puk, const char *pin, const char *newpin) +{ + struct umb_parameter mp; + + memset(&mp, 0, sizeof (mp)); + ifr.ifr_data = (caddr_t)∓ + if (ioctl(s, SIOCGUMBPARAM, (caddr_t)&ifr) == -1) + err(1, "SIOCGUMBPARAM"); + + mp.op = op; + mp.is_puk = is_puk; + if ((mp.pinlen = char_to_utf16(pin, (uint16_t *)mp.pin, + sizeof (mp.pin))) == -1) + errx(1, "PIN too long"); + + if (newpin) { + if ((mp.newpinlen = char_to_utf16(newpin, (uint16_t *)mp.newpin, + sizeof (mp.newpin))) == -1) + errx(1, "new PIN too long"); + } + + if (ioctl(s, SIOCSUMBPARAM, (caddr_t)&ifr) == -1) + err(1, "SIOCSUMBPARAM"); +} + +void +umb_apn(const char *apn, int d) +{ + struct umb_parameter mp; + + memset(&mp, 0, sizeof (mp)); + ifr.ifr_data = (caddr_t)∓ + if (ioctl(s, SIOCGUMBPARAM, (caddr_t)&ifr) == -1) + err(1, "SIOCGUMBPARAM"); + + if (d != 0) + memset(mp.apn, 0, sizeof (mp.apn)); + else if ((mp.apnlen = char_to_utf16(apn, mp.apn, + sizeof (mp.apn))) == -1) + errx(1, "APN too long"); + + if (ioctl(s, SIOCSUMBPARAM, (caddr_t)&ifr) == -1) + err(1, "SIOCSUMBPARAM"); +} + +void +umb_setclass(const char *val, int d) +{ + struct umb_parameter mp; + + if (val == NULL) { + if (showclasses) + usage(1); + showclasses = 1; + return; + } + + memset(&mp, 0, sizeof (mp)); + ifr.ifr_data = (caddr_t)∓ + if (ioctl(s, SIOCGUMBPARAM, (caddr_t)&ifr) == -1) + err(1, "SIOCGUMBPARAM"); + if (d != -1) + mp.preferredclasses = umb_parse_classes(val); + else + mp.preferredclasses = MBIM_DATACLASS_NONE; + if (ioctl(s, SIOCSUMBPARAM, (caddr_t)&ifr) == -1) + err(1, "SIOCSUMBPARAM"); +} + +void +umb_roaming(const char *val, int d) +{ + struct umb_parameter mp; + + memset(&mp, 0, sizeof (mp)); + ifr.ifr_data = (caddr_t)∓ + if (ioctl(s, SIOCGUMBPARAM, (caddr_t)&ifr) == -1) + err(1, "SIOCGUMBPARAM"); + mp.roaming = d; + if (ioctl(s, SIOCSUMBPARAM, (caddr_t)&ifr) == -1) + err(1, "SIOCSUMBPARAM"); +} + +void +utf16_to_char(uint16_t *in, int inlen, char *out, size_t outlen) +{ + uint16_t c; + + while (outlen > 0) { + c = inlen > 0 ? letoh16(*in) : 0; + if (c == 0 || --outlen == 0) { + /* always NUL terminate result */ +done: + *out = '\0'; + break; + } + *out++ = isascii(c) ? (char)c : '?'; + in++; + inlen -= sizeof (*in); + } +} + +int +char_to_utf16(const char *in, uint16_t *out, size_t outlen) +{ + int n = 0; + uint16_t c; + + for (;;) { + c = *in++; + + if (c == '\0') { + /* + * NUL termination is not required, but zero out the + * residual buffer + */ + memset(out, 0, outlen); + return n; + } + if (outlen < sizeof (*out)) + return -1; + + *out++ = htole16(c); + n += sizeof (*out); + outlen -= sizeof (*out); + } +} + #endif #define SIN(x) ((struct sockaddr_in *) &(x)) Index: share/man/man4/Makefile =================================================================== RCS file: /cvs/src/share/man/man4/Makefile,v retrieving revision 1.622 diff -u -p -u -p -r1.622 Makefile --- share/man/man4/Makefile 3 Jun 2016 19:16:59 -0000 1.622 +++ share/man/man4/Makefile 8 Jun 2016 12:52:59 -0000 @@ -60,8 +60,8 @@ MAN= aac.4 ac97.4 acphy.4 \ ucom.4 uchcom.4 ucycom.4 uslhcom.4 udav.4 udcf.4 udl.4 udp.4 udsbr.4 \ uftdi.4 ugen.4 ugl.4 ugold.4 uguru.4 uhci.4 uhid.4 uhidev.4 uipaq.4 \ uk.4 ukbd.4 \ - ukphy.4 ulpt.4 umass.4 umbg.4 umcs.4 umct.4 umidi.4 umodem.4 ums.4 \ - umsm.4 unix.4 uonerng.4 uow.4 uoaklux.4 uoakrh.4 uoakv.4 upd.4 \ + ukphy.4 ulpt.4 umass.4 umb.4 umbg.4 umcs.4 umct.4 umidi.4 umodem.4 \ + ums.4 umsm.4 unix.4 uonerng.4 uow.4 uoaklux.4 uoakrh.4 uoakv.4 upd.4 \ upgt.4 upl.4 uplcom.4 ural.4 url.4 urlphy.4 \ urndis.4 urtw.4 urtwn.4 usb.4 usbf.4 uscom.4 uslcom.4 usps.4 \ uthum.4 uticom.4 utpms.4 utwitch.4 utrh.4 uts.4 utvfu.4 uvideo.4 \ Index: share/man/man4/umb.4 =================================================================== RCS file: share/man/man4/umb.4 diff -N share/man/man4/umb.4 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ share/man/man4/umb.4 8 Jun 2016 12:52:59 -0000 @@ -0,0 +1,79 @@ +.\" $OpenBSD: mdoc.template,v 1.15 2014/03/31 00:09:54 dlg Exp $ +.\" +.\" Copyright (c) 2016 genua mbH +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.Dd $Mdocdate$ +.Dt UMB 4 +.Os +.Sh NAME +.Nm umb +.Nd USB Mobile Broadband Interface Model (MBIM) +.Sh SYNOPSIS +.Cd "umb* at uhub?" +.Sh DESCRIPTION +The +.Nm +driver provides support for USB MBIM devices. Those devices allow to +establish connections via celluar networks such as GPRS, UMTS, LTE, etc. +.Pp +The +.Nm +device appears as a regular point-to-point network interface, +transporting raw IP frames. +.Pp +Required configuration parameters like PIN and APN have to be set +via +.Xr ifconfig 8 . +Once the SIM card has has been unlocked with the correct PIN, it +will remain in this state until the device is power-cycled. +In case the device is connected to an "always-on" USB port, +it is possible to connect to a provider without entering the +PIN again even afer a reboot of the system. +.Pp +If a default gateway route is configured for the +.Nm +network interface, the driver will modify the destination IP address +dynamically, according to the information sent by the network provider. +.Sh HARDWARE +The following devices are known to be supported by the +.Nm +driver: +.Pp +.Bl -tag -width Ds -offset indent -compact +.It Tn Sierra Wireless MC8305 +.It Tn Sierra Wireless EM8805 +.El +.Pp +There are probably a lot more devices that also work flawlessly. +If some devices fail to provide a confirming MBIM implementation, +their vendor and product IDs should be added to the driver's blacklist +manually. Since most device offer multiple interfaces, blacklisted ones +will probably be attached by some other driver, e.g. +.Xr umsm 4 . +.Sh SEE ALSO +.Xr intro 4 , +.Xr netintro 4 , +.Xr usb 4 , +.Xr hostname.if 5 , +.Xr ifconfig 8 +.Xr route 8 +.Rs +.%T "Universal Serial Bus Communications Class Subclass Specification for Mobile Broadband Interface Model" +.%U http://www.usb.org/developers/docs/devclass_docs/MBIM10Errata1_073013.zip +.Re +.Sh CAVEATS +The +.Nm +driver currently does not support IPv6 addresses. Index: share/man/man4/usb.4 =================================================================== RCS file: /cvs/src/share/man/man4/usb.4,v retrieving revision 1.176 diff -u -p -u -p -r1.176 usb.4 --- share/man/man4/usb.4 4 Jun 2016 20:54:13 -0000 1.176 +++ share/man/man4/usb.4 8 Jun 2016 12:52:59 -0000 @@ -279,6 +279,11 @@ USBRH temperature and humidity sensor .It Xr utwitch 4 YUREX USB twitch/jiggle of knee sensor .El +.Ss WAN network devices +.Bl -tag -width 12n -offset ind -compact +.It Xr umb 4 +USB Mobile Broadband device +.El .Ss Miscellaneous devices .Bl -tag -width 12n -offset ind -compact .It Xr ualea 4 Index: sys/arch/amd64/conf/GENERIC =================================================================== RCS file: /cvs/src/sys/arch/amd64/conf/GENERIC,v retrieving revision 1.419 diff -u -p -u -p -r1.419 GENERIC --- sys/arch/amd64/conf/GENERIC 1 Jun 2016 09:48:20 -0000 1.419 +++ sys/arch/amd64/conf/GENERIC 8 Jun 2016 12:52:59 -0000 @@ -279,6 +279,7 @@ urtw* at uhub? # Realtek 8187 rsu* at uhub? # Realtek RTL8188SU/RTL8191SU/RTL8192SU urtwn* at uhub? # Realtek RTL8188CU/RTL8192CU udcf* at uhub? # Gude Expert mouseCLOCK +umb* at uhub? # Mobile Broadband Interface Model uthum* at uhidev? # TEMPerHUM sensor ugold* at uhidev? # gold TEMPer sensor utrh* at uhidev? # USBRH sensor Index: sys/arch/i386/conf/GENERIC =================================================================== RCS file: /cvs/src/sys/arch/i386/conf/GENERIC,v retrieving revision 1.815 diff -u -p -u -p -r1.815 GENERIC --- sys/arch/i386/conf/GENERIC 1 Jun 2016 11:39:59 -0000 1.815 +++ sys/arch/i386/conf/GENERIC 8 Jun 2016 12:52:59 -0000 @@ -314,6 +314,7 @@ rsu* at uhub? # Realtek RTL8188SU/RTL81 urtwn* at uhub? # Realtek RTL8188CU/RTL8192CU udcf* at uhub? # Gude Expert mouseCLOCK umbg* at uhub? # Meinberg Funkuhren USB5131 +umb* at uhub? # Mobile Broadband Interface Model uthum* at uhidev? # TEMPerHUM sensor ugold* at uhidev? # gold TEMPer sensor utrh* at uhidev? # USBRH sensor Index: sys/dev/usb/files.usb =================================================================== RCS file: /cvs/src/sys/dev/usb/files.usb,v retrieving revision 1.127 diff -u -p -u -p -r1.127 files.usb --- sys/dev/usb/files.usb 1 Jun 2016 09:48:20 -0000 1.127 +++ sys/dev/usb/files.usb 8 Jun 2016 12:52:59 -0000 @@ -402,6 +402,11 @@ device otus: ether, ifnet, ifmedia, wlan attach otus at uhub file dev/usb/if_otus.c otus +# Mobile Broadband Interface Model +device umb: ifnet, ifmedia +attach umb at uhub +file dev/usb/if_umb.c umb + # USB logical device device usbf {} attach usbf at usbdev Index: sys/dev/usb/if_umb.c =================================================================== RCS file: sys/dev/usb/if_umb.c diff -N sys/dev/usb/if_umb.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/dev/usb/if_umb.c 8 Jun 2016 12:52:59 -0000 @@ -0,0 +1,2316 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2016 genua mbH + * All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Mobile Broadband Interface Model + * http://www.usb.org/developers/docs/devclass_docs/MBIM-Compliance-1.0.pdf + */ +#include "bpfilter.h" + +#include <sys/param.h> +#include <sys/mbuf.h> +#include <sys/socket.h> +#include <sys/systm.h> +#include <sys/syslog.h> + +#if NBPFILTER > 0 +#include <net/bpf.h> +#endif +#include <net/if.h> +#include <net/if_var.h> +#include <net/if_types.h> + +#include <netinet/in.h> +#include <netinet/in_var.h> +#include <netinet/ip.h> + +#include <machine/bus.h> + +#include <dev/usb/usb.h> +#include <dev/usb/usbdi.h> +#include <dev/usb/usbdivar.h> +#include <dev/usb/usbdi_util.h> +#include <dev/usb/usbdevs.h> +#include <dev/usb/usbcdc.h> + +#include <dev/usb/mbim.h> +#include <dev/usb/if_umb.h> + +#ifdef UMB_DEBUG +#define DPRINTF(x...) \ + do { if (umb_debug) log(LOG_DEBUG, x); } while (0) + +#define DPRINTFN(n, x...) \ + do { if (umb_debug >= (n)) log(LOG_DEBUG, x); } while (0) + +#define DDUMPN(n, b, l) \ + do { \ + if (umb_debug >= (n)) \ + umb_dump((b), (l)); \ + } while (0) + +int umb_debug = 0; +char *umb_uuid2str(uint8_t [MBIM_UUID_LEN]); +void umb_dump(void *, int); + +#else +#define DPRINTF(x...) do { } while (0) +#define DPRINTFN(n, x...) do { } while (0) +#define DDUMPN(n, b, l) do { } while (0) +#endif + +#define DEVNAM(sc) (((struct umb_softc *)(sc))->sc_dev.dv_xname) + +/* + * State change timeout + */ +#define UMB_STATE_CHANGE_TIMEOUT 30 + +/* + * State change flags + */ +#define UMB_NS_DONT_DROP 0x0001 /* do not drop below current state */ +#define UMB_NS_DONT_RAISE 0x0002 /* do not raise below current state */ + +/* + * Diagnostic macros + */ +const struct umb_valdescr umb_regstates[] = MBIM_REGSTATE_DESCRIPTIONS; +const struct umb_valdescr umb_dataclasses[] = MBIM_DATACLASS_DESCRIPTIONS; +const struct umb_valdescr umb_simstate[] = MBIM_SIMSTATE_DESCRIPTIONS; +const struct umb_valdescr umb_messages[] = MBIM_MESSAGES_DESCRIPTIONS; +const struct umb_valdescr umb_status[] = MBIM_STATUS_DESCRIPTIONS; +const struct umb_valdescr umb_cids[] = MBIM_CID_DESCRIPTIONS; +const struct umb_valdescr umb_pktstate[] = MBIM_PKTSRV_STATE_DESCRIPTIONS; +const struct umb_valdescr umb_actstate[] = MBIM_ACTIVATION_STATE_DESCRIPTIONS; +const struct umb_valdescr umb_error[] = MBIM_ERROR_DESCRIPTIONS; +const struct umb_valdescr umb_pintype[] = MBIM_PINTYPE_DESCRIPTIONS; +const struct umb_valdescr umb_istate[] = UMB_INTERNAL_STATE_DESCRIPTIONS; + +#define umb_regstate(c) umb_val2descr(umb_regstates, (c)) +#define umb_dataclass(c) umb_val2descr(umb_dataclasses, (c)) +#define umb_simstate(s) umb_val2descr(umb_simstate, (s)) +#define umb_request2str(m) umb_val2descr(umb_messages, (m)) +#define umb_status2str(s) umb_val2descr(umb_status, (s)) +#define umb_cid2str(c) umb_val2descr(umb_cids, (c)) +#define umb_packet_state(s) umb_val2descr(umb_pktstate, (s)) +#define umb_activation(s) umb_val2descr(umb_actstate, (s)) +#define umb_error2str(e) umb_val2descr(umb_error, (e)) +#define umb_pin_type(t) umb_val2descr(umb_pintype, (t)) +#define umb_istate(s) umb_val2descr(umb_istate, (s)) + +int umb_match(struct device *, void *, void *); +void umb_attach(struct device *, struct device *, void *); +int umb_detach(struct device *, int); +int umb_alloc_xfers(struct umb_softc *); +void umb_free_xfers(struct umb_softc *); +int umb_alloc_bulkpipes(struct umb_softc *); +void umb_close_bulkpipes(struct umb_softc *); +int umb_ioctl(struct ifnet *, u_long, caddr_t); +int umb_output(struct ifnet *, struct mbuf *, struct sockaddr *, + struct rtentry *); +int umb_input(struct ifnet *, struct mbuf *, void *); +void umb_start(struct ifnet *); +void umb_watchdog(struct ifnet *); +void umb_statechg_timeout(void *); + +void umb_newstate(struct umb_softc *, enum umb_state, int); +void umb_state_task(void *); +void umb_up(struct umb_softc *); +void umb_down(struct umb_softc *, int); + +void umb_get_response_task(void *); + +void umb_decode_response(struct umb_softc *, void *, int); +void umb_handle_indicate_status_msg(struct umb_softc *, void *, + int); +void umb_handle_opendone_msg(struct umb_softc *, void *, int); +void umb_handle_closedone_msg(struct umb_softc *, void *, int); +int umb_decode_register_state(struct umb_softc *, void *, int); +int umb_decode_devices_caps(struct umb_softc *, void *, int); +int umb_decode_subscriber_status(struct umb_softc *, void *, int); +int umb_decode_radio_state(struct umb_softc *, void *, int); +int umb_decode_pin(struct umb_softc *, void *, int); +int umb_decode_packet_service(struct umb_softc *, void *, int); +int umb_decode_signal_state(struct umb_softc *, void *, int); +int umb_decode_connect_info(struct umb_softc *, void *, int); +int umb_decode_ip_configuration(struct umb_softc *, void *, int); +void umb_rx(struct umb_softc *); +void umb_rxeof(struct usbd_xfer *, void *, usbd_status); +int umb_encap(struct umb_softc *, struct mbuf *); +void umb_txeof(struct usbd_xfer *, void *, usbd_status); +void umb_decap(struct umb_softc *, struct usbd_xfer *); + +usbd_status umb_send_encap_command(struct umb_softc *, void *, int); +int umb_get_encap_response(struct umb_softc *, void *, int *); +void umb_ctrl_msg(struct umb_softc *, uint32_t, void *, int); + +void umb_open(struct umb_softc *); +void umb_close(struct umb_softc *); + +int umb_setpin(struct umb_softc *, int, int, void *, int, void *, + int); +void umb_setdataclass(struct umb_softc *); +void umb_radio(struct umb_softc *, int); +void umb_packet_service(struct umb_softc *, int); +void umb_connect(struct umb_softc *); +void umb_disconnect(struct umb_softc *); +void umb_send_connect(struct umb_softc *, int); + +void umb_qry_ipconfig(struct umb_softc *); +void umb_cmd(struct umb_softc *, int, int, void *, int); +void umb_command_done(struct umb_softc *, void *, int); +void umb_decode_cid(struct umb_softc *, uint32_t, void *, int); + +void umb_intr(struct usbd_xfer *, void *, usbd_status); + +char *umb_ntop(struct sockaddr *); + +int umb_xfer_tout = USBD_DEFAULT_TIMEOUT; + +uint8_t umb_uuid_basic_connect[] = MBIM_UUID_BASIC_CONNECT; +uint8_t umb_uuid_context_internet[] = MBIM_UUID_CONTEXT_INTERNET; +uint32_t umb_session_id = 0; + +struct cfdriver umb_cd = { + NULL, "umb", DV_DULL +}; + +const struct cfattach umb_ca = { + sizeof (struct umb_softc), + umb_match, + umb_attach, + umb_detach, + NULL, +}; + +int umb_delay = 4000; + +/* + * Normally, MBIM devices are detected by their interface class and subclass. + * But for some models that have multiple configurations, it is better to + * match by vendor and product id so that we can select the desired + * configuration ourselves. + * + * OTOH, some devices identifiy themself als an MBIM device but fail to speak + * the MBIM protocol. + */ +struct umb_products { + struct usb_devno dev; + int confno; +}; +const struct umb_products umb_devs[] = { + /* + * Add devices here to force them to attach as umb. + * Format: { { VID, PID }, CONFIGNO } + */ +}; + +#define umb_lookup(vid, pid) \ + ((const struct umb_products *)usb_lookup(umb_devs, vid, pid)) + +int +umb_match(struct device *parent, void *match, void *aux) +{ + struct usb_attach_arg *uaa = aux; + usb_interface_descriptor_t *id; + + if (umb_lookup(uaa->vendor, uaa->product) != NULL) + return UMATCH_VENDOR_PRODUCT; + if (!uaa->iface) + return UMATCH_NONE; + if ((id = usbd_get_interface_descriptor(uaa->iface)) == NULL) + return UMATCH_NONE; + if (id->bInterfaceClass != UICLASS_CDC || + id->bInterfaceSubClass != + UISUBCLASS_MOBILE_BROADBAND_INTERFACE_MODEL || + id->bNumEndpoints != 1) + return UMATCH_NONE; + + return UMATCH_DEVCLASS_DEVSUBCLASS; +} + +void +umb_attach(struct device *parent, struct device *self, void *aux) +{ + struct umb_softc *sc = (struct umb_softc *)self; + struct usb_attach_arg *uaa = aux; + usbd_status status; + struct usbd_desc_iter iter; + const usb_descriptor_t *desc; + int v; + struct mbim_descriptor *md; + int i; + struct usbd_interface *ctrl_iface = NULL; + int ctrl_ep; + uint8_t data_ifaceno; + usb_interface_descriptor_t *id; + usb_config_descriptor_t *cd; + usb_endpoint_descriptor_t *ed; + int altnum; + int s; + struct ifnet *ifp; + int hard_mtu; + + sc->sc_udev = uaa->device; + + if (uaa->configno < 0) { + /* + * In case the device was matched by VID/PID instead of + * InterfaceClass/InterfaceSubClass, we have to pick the + * correct configuration ourself. + */ + uaa->configno = umb_lookup(uaa->vendor, uaa->product)->confno; + DPRINTF("%s: switching to config #%d\n", DEVNAM(sc), + uaa->configno); + status = usbd_set_config_no(sc->sc_udev, uaa->configno, 1); + if (status) { + printf("%s: failed to switch to config #%d: %s\n", + DEVNAM(sc), uaa->configno, usbd_errstr(status)); + goto fail; + } + } + + sc->sc_ver_maj = sc->sc_ver_min = -1; + usbd_desc_iter_init(sc->sc_udev, &iter); + hard_mtu = MBIM_MAXSEGSZ_MINVAL; + while ((desc = usbd_desc_iter_next(&iter))) { + if (desc->bDescriptorType != UDESC_CS_INTERFACE) + continue; + switch (desc->bDescriptorSubtype) { + case UDESCSUB_MBIM: + md = (struct mbim_descriptor *)desc; + v = UGETW(md->bcdMBIMVersion); + sc->sc_ver_maj = MBIM_VER_MAJOR(v); + sc->sc_ver_min = MBIM_VER_MINOR(v); + sc->sc_ctrl_len = UGETW(md->wMaxControlMessage); + /* Never trust a USB device! Could try to exploit us */ + if (sc->sc_ctrl_len < MBIM_CTRLMSG_MINLEN || + sc->sc_ctrl_len > MBIM_CTRLMSG_MAXLEN) { + printf("%s: control message len %d out of " + "bounds [%d .. %d]\n", DEVNAM(sc), + sc->sc_ctrl_len, MBIM_CTRLMSG_MINLEN, + MBIM_CTRLMSG_MAXLEN); + /* cont. anyway */ + } + sc->sc_maxpktlen = UGETW(md->wMaxSegmentSize); + if (sc->sc_maxpktlen < MBIM_MAXSEGSZ_MINVAL) { + printf("%s: ignoring invalid segment size %d\n", + DEVNAM(sc), sc->sc_maxpktlen); + /* cont. anyway */ + sc->sc_maxpktlen = 8 * 1024; + } + hard_mtu = sc->sc_maxpktlen; + DPRINTFN(2, "%s: ctrl_len=%d, maxpktlen=%d, cap=0x%x\n", + DEVNAM(sc), sc->sc_ctrl_len, sc->sc_maxpktlen, + md->bmNetworkCapabilities); + break; + default: + break; + } + } + if (sc->sc_ver_maj < 0) { + printf("%s: missing MBIM descriptor\n", DEVNAM(sc)); + goto fail; + } + + for (i = 0; i < sc->sc_udev->cdesc->bNumInterface; i++) { + if (usbd_iface_claimed(sc->sc_udev, i)) + continue; + id = usbd_get_interface_descriptor(&sc->sc_udev->ifaces[i]); + if (id == NULL) + continue; + if (id->bInterfaceClass == UICLASS_CDC && + id->bInterfaceSubClass == + UISUBCLASS_MOBILE_BROADBAND_INTERFACE_MODEL) { + ctrl_iface = &sc->sc_udev->ifaces[i]; + sc->sc_ctrl_ifaceno = id->bInterfaceNumber; + usbd_claim_iface(sc->sc_udev, i); + } else if (id->bInterfaceClass == UICLASS_CDC_DATA && + id->bInterfaceSubClass == UISUBCLASS_DATA && + id->bInterfaceProtocol == UIPROTO_DATA_MBIM) { + sc->sc_data_iface = &sc->sc_udev->ifaces[i]; + data_ifaceno = id->bInterfaceNumber; + usbd_claim_iface(sc->sc_udev, i); + } + } + if (ctrl_iface == NULL) { + printf("%s: no control interface found\n", DEVNAM(sc)); + goto fail; + } + if (sc->sc_data_iface == NULL) { + printf("%s: no data interface found\n", DEVNAM(sc)); + goto fail; + } + + id = usbd_get_interface_descriptor(ctrl_iface); + ctrl_ep = -1; + for (i = 0; i < id->bNumEndpoints && ctrl_ep == -1; i++) { + ed = usbd_interface2endpoint_descriptor(ctrl_iface, i); + if (ed == NULL) + break; + if (UE_GET_XFERTYPE(ed->bmAttributes) == UE_INTERRUPT && + UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) + ctrl_ep = ed->bEndpointAddress; + } + if (ctrl_ep == -1) { + printf("%s: missing interrupt endpoint\n", DEVNAM(sc)); + goto fail; + } + + cd = usbd_get_config_descriptor(sc->sc_udev); + id = usbd_get_interface_descriptor(sc->sc_data_iface); + altnum = usbd_get_no_alts(cd, id->bInterfaceNumber); + if (MBIM_INTERFACE_ALTSETTING >= altnum) { + printf("%s: missing alt setting %d for interface #%d\n", + DEVNAM(sc), MBIM_INTERFACE_ALTSETTING, data_ifaceno); + goto fail; + } + sc->sc_rx_ep = sc->sc_tx_ep = -1; + if ((status = usbd_set_interface(sc->sc_data_iface, + MBIM_INTERFACE_ALTSETTING))) { + printf("%s: select alt setting %d for interface #%d " + "failed: %s\n", DEVNAM(sc), MBIM_INTERFACE_ALTSETTING, + data_ifaceno, usbd_errstr(status)); + goto fail; + } + id = usbd_get_interface_descriptor(sc->sc_data_iface); + for (i = 0; i < id->bNumEndpoints; i++) { + if ((ed = usbd_interface2endpoint_descriptor(sc->sc_data_iface, + i)) == NULL) + break; + if (UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK && + UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) + sc->sc_rx_ep = ed->bEndpointAddress; + else if (UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK && + UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_OUT) + sc->sc_tx_ep = ed->bEndpointAddress; + } + if (sc->sc_rx_ep == -1 || sc->sc_tx_ep == -1) { + printf("%s: missing bulk endpoints\n", DEVNAM(sc)); + goto fail; + } + + DPRINTFN(2, "%s: ctrl-ifno#%d: ep-ctrl=%d, data-ifno#%d: ep-rx=%d, " + "ep-tx=%d\n", DEVNAM(sc), sc->sc_ctrl_ifaceno, + UE_GET_ADDR(ctrl_ep), data_ifaceno, + UE_GET_ADDR(sc->sc_rx_ep), UE_GET_ADDR(sc->sc_tx_ep)); + + usb_init_task(&sc->sc_umb_task, umb_state_task, sc, + USB_TASK_TYPE_GENERIC); + usb_init_task(&sc->sc_get_response_task, umb_get_response_task, sc, + USB_TASK_TYPE_GENERIC); + timeout_set(&sc->sc_statechg_timer, umb_statechg_timeout, sc); + + if (usbd_open_pipe_intr(ctrl_iface, ctrl_ep, USBD_SHORT_XFER_OK, + &sc->sc_ctrl_pipe, sc, &sc->sc_intr_msg, sizeof (sc->sc_intr_msg), + umb_intr, USBD_DEFAULT_INTERVAL)) { + printf("%s: failed to open control pipe\n", DEVNAM(sc)); + goto fail; + } + sc->sc_resp_buf = malloc(sc->sc_ctrl_len, M_USBDEV, M_NOWAIT); + if (sc->sc_resp_buf == NULL) { + printf("%s: allocation of resp buffer failed\n", DEVNAM(sc)); + goto fail; + } + sc->sc_ctrl_msg = malloc(sc->sc_ctrl_len, M_USBDEV, M_NOWAIT); + if (sc->sc_ctrl_msg == NULL) { + printf("%s: allocation of ctrl msg buffer failed\n", + DEVNAM(sc)); + goto fail; + } + + sc->sc_info.regstate = MBIM_REGSTATE_UNKNOWN; + sc->sc_info.pin_attempts_left = UMB_VALUE_UNKNOWN; + sc->sc_info.rssi = UMB_VALUE_UNKNOWN; + sc->sc_info.ber = UMB_VALUE_UNKNOWN; + + s = splnet(); + ifp = GET_IFP(sc); + ifp->if_flags = IFF_SIMPLEX | IFF_MULTICAST | IFF_POINTOPOINT; + ifp->if_ioctl = umb_ioctl; + ifp->if_start = umb_start; + ifp->if_rtrequest = p2p_rtrequest; + + ifp->if_watchdog = umb_watchdog; + strlcpy(ifp->if_xname, DEVNAM(sc), IFNAMSIZ); + ifp->if_link_state = LINK_STATE_DOWN; + + ifp->if_type = IFT_MBIM; + ifp->if_addrlen = 0; + ifp->if_hdrlen = sizeof (struct ncm_header16) + + sizeof (struct ncm_pointer16); + ifp->if_mtu = 1500; /* use a common default */ + ifp->if_hardmtu = hard_mtu; + ifp->if_output = umb_output; + if_attach(ifp); + if_ih_insert(ifp, umb_input, NULL); + if_alloc_sadl(ifp); + ifp->if_softc = sc; +#if NBPFILTER > 0 + bpfattach(&ifp->if_bpf, ifp, DLT_RAW, 0); +#endif + /* + * Open the device now so that we are able to query device information. + * XXX maybe close when done? + */ + umb_open(sc); + splx(s); + + printf("%s: vers %d.%d\n", DEVNAM(sc), sc->sc_ver_maj, sc->sc_ver_min); + return; + +fail: + usbd_deactivate(sc->sc_udev); + return; +} + +int +umb_detach(struct device *self, int flags) +{ + struct umb_softc *sc = (struct umb_softc *)self; + struct ifnet *ifp = GET_IFP(sc); + int s; + + s = splnet(); + if (ifp->if_flags & IFF_RUNNING) + umb_down(sc, 1); + umb_close(sc); + + usb_rem_wait_task(sc->sc_udev, &sc->sc_get_response_task); + if (timeout_initialized(&sc->sc_statechg_timer)) + timeout_del(&sc->sc_statechg_timer); + sc->sc_nresp = 0; + usb_rem_wait_task(sc->sc_udev, &sc->sc_umb_task); + if (sc->sc_ctrl_pipe) { + usbd_close_pipe(sc->sc_ctrl_pipe); + sc->sc_ctrl_pipe = NULL; + } + if (sc->sc_ctrl_msg) { + free(sc->sc_ctrl_msg, M_USBDEV, sc->sc_ctrl_len); + sc->sc_ctrl_msg = NULL; + } + if (sc->sc_resp_buf) { + free(sc->sc_resp_buf, M_USBDEV, sc->sc_ctrl_len); + sc->sc_resp_buf = NULL; + } + if (ifp->if_softc != NULL) { + if_ih_remove(ifp, umb_input, NULL); + if_detach(ifp); + } + + splx(s); + return 0; +} + +int +umb_alloc_xfers(struct umb_softc *sc) +{ + if (!sc->sc_rx_xfer) { + if ((sc->sc_rx_xfer = usbd_alloc_xfer(sc->sc_udev)) != NULL) + sc->sc_rx_buf = usbd_alloc_buffer(sc->sc_rx_xfer, + sc->sc_maxpktlen + MBIM_HDR32_LEN); + } + if (!sc->sc_tx_xfer) { + if ((sc->sc_tx_xfer = usbd_alloc_xfer(sc->sc_udev)) != NULL) + sc->sc_tx_buf = usbd_alloc_buffer(sc->sc_tx_xfer, + sc->sc_maxpktlen + MBIM_HDR16_LEN); + } + return (sc->sc_rx_buf && sc->sc_tx_buf) ? 1 : 0; +} + +void +umb_free_xfers(struct umb_softc *sc) +{ + if (sc->sc_rx_xfer) { + /* implicit usbd_free_buffer() */ + usbd_free_xfer(sc->sc_rx_xfer); + sc->sc_rx_xfer = NULL; + sc->sc_rx_buf = NULL; + } + if (sc->sc_tx_xfer) { + usbd_free_xfer(sc->sc_tx_xfer); + sc->sc_tx_xfer = NULL; + sc->sc_tx_buf = NULL; + } + if (sc->sc_tx_m) { + m_freem(sc->sc_tx_m); + sc->sc_tx_m = NULL; + } +} + +int +umb_alloc_bulkpipes(struct umb_softc *sc) +{ + struct ifnet *ifp = GET_IFP(sc); + + if (!(ifp->if_flags & IFF_RUNNING)) { + if (usbd_open_pipe(sc->sc_data_iface, sc->sc_rx_ep, + USBD_EXCLUSIVE_USE, &sc->sc_rx_pipe)) + return 0; + if (usbd_open_pipe(sc->sc_data_iface, sc->sc_tx_ep, + USBD_EXCLUSIVE_USE, &sc->sc_tx_pipe)) + return 0; + + ifp->if_flags |= IFF_RUNNING; + ifq_clr_oactive(&ifp->if_snd); + umb_rx(sc); + } + return 1; +} + +void +umb_close_bulkpipes(struct umb_softc *sc) +{ + struct ifnet *ifp = GET_IFP(sc); + + ifp->if_flags &= ~IFF_RUNNING; + ifq_clr_oactive(&ifp->if_snd); + ifp->if_timer = 0; + if (sc->sc_rx_pipe) { + usbd_close_pipe(sc->sc_rx_pipe); + sc->sc_rx_pipe = NULL; + } + if (sc->sc_tx_pipe) { + usbd_close_pipe(sc->sc_tx_pipe); + sc->sc_tx_pipe = NULL; + } +} + +int +umb_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) +{ + struct proc *p = curproc; + struct umb_softc *sc = ifp->if_softc; + struct ifreq *ifr = (struct ifreq *)data; + int s, error = 0; + struct umb_parameter mp; + + if (usbd_is_dying(sc->sc_udev)) + return EIO; + + s = splnet(); + switch (cmd) { + case SIOCSIFFLAGS: + usb_add_task(sc->sc_udev, &sc->sc_umb_task); + break; + case SIOCGUMBINFO: + error = copyout(&sc->sc_info, ifr->ifr_data, + sizeof (sc->sc_info)); + break; + case SIOCSUMBPARAM: + if ((error = suser(p, 0)) != 0) + break; + if ((error = copyin(ifr->ifr_data, &mp, sizeof (mp))) != 0) + break; + + if ((error = umb_setpin(sc, mp.op, mp.is_puk, mp.pin, mp.pinlen, + mp.newpin, mp.newpinlen)) != 0) + break; + + if (mp.apnlen < 0 || mp.apnlen > sizeof (sc->sc_info.apn)) { + error = EINVAL; + break; + } + sc->sc_roaming = mp.roaming ? 1 : 0; + memset(sc->sc_info.apn, 0, sizeof (sc->sc_info.apn)); + memcpy(sc->sc_info.apn, mp.apn, mp.apnlen); + sc->sc_info.apnlen = mp.apnlen; + sc->sc_info.preferredclasses = mp.preferredclasses; + umb_setdataclass(sc); + break; + case SIOCGUMBPARAM: + memset(&mp, 0, sizeof (mp)); + memcpy(mp.apn, sc->sc_info.apn, sc->sc_info.apnlen); + mp.apnlen = sc->sc_info.apnlen; + mp.roaming = sc->sc_roaming; + mp.preferredclasses = sc->sc_info.preferredclasses; + error = copyout(&mp, ifr->ifr_data, sizeof (mp)); + break; + case SIOCSIFMTU: + /* Does this include the NCM headers and tail? */ + if (ifr->ifr_mtu > ifp->if_hardmtu) { + error = EINVAL; + break; + } + ifp->if_mtu = ifr->ifr_mtu; + break; + case SIOCGIFMTU: + ifr->ifr_mtu = ifp->if_mtu; + break; + case SIOCGIFHARDMTU: + ifr->ifr_hardmtu = ifp->if_hardmtu; + break; + case SIOCSIFADDR: + case SIOCAIFADDR: + case SIOCSIFDSTADDR: + case SIOCADDMULTI: + case SIOCDELMULTI: + break; + default: + error = ENOTTY; + break; + } + splx(s); + return error; +} + +int +umb_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, + struct rtentry *rtp) +{ + if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) { + m_freem(m); + return ENETDOWN; + } + return if_enqueue(ifp, m); +} + +int +umb_input(struct ifnet *ifp, struct mbuf *m, void *cookie) +{ + struct niqueue *inq; + uint8_t ipv; + + if ((ifp->if_flags & IFF_UP) == 0) { + m_freem(m); + return 1; + } + if (m->m_pkthdr.len < sizeof (struct ip)) { + ifp->if_ierrors++; + DPRINTFN(4, "%s: dropping short packet (len %d)\n", __func__, + m->m_pkthdr.len); + m_freem(m); + return 1; + } + m->m_pkthdr.ph_rtableid = ifp->if_rdomain; + m_copydata(m, 0, sizeof (ipv), &ipv); + ipv >>= 4; + + ifp->if_ibytes += m->m_pkthdr.len; + switch (ipv) { + case 4: + inq = &ipintrq; + break; + case 6: + inq = &ip6intrq; + break; + default: + ifp->if_ierrors++; + DPRINTFN(4, "%s: dropping packet with bad IP version (%d)\n", + __func__, ipv); + m_freem(m); + return 1; + } + niq_enqueue(inq, m); + return 1; +} + +void +umb_start(struct ifnet *ifp) +{ + struct umb_softc *sc = ifp->if_softc; + struct mbuf *m_head = NULL; + + if (usbd_is_dying(sc->sc_udev) || + !(ifp->if_flags & IFF_RUNNING) || + ifq_is_oactive(&ifp->if_snd)) + return; + + m_head = ifq_deq_begin(&ifp->if_snd); + if (m_head == NULL) + return; + + if (!umb_encap(sc, m_head)) { + ifq_deq_rollback(&ifp->if_snd, m_head); + ifq_set_oactive(&ifp->if_snd); + return; + } + ifq_deq_commit(&ifp->if_snd, m_head); + +#if NBPFILTER > 0 + if (ifp->if_bpf) + bpf_mtap(ifp->if_bpf, m_head, BPF_DIRECTION_OUT); +#endif + + ifq_set_oactive(&ifp->if_snd); + ifp->if_timer = (2 * umb_xfer_tout) / 1000; +} + +void +umb_watchdog(struct ifnet *ifp) +{ + struct umb_softc *sc = ifp->if_softc; + + if (usbd_is_dying(sc->sc_udev)) + return; + + ifp->if_oerrors++; + printf("%s: watchdog timeout\n", DEVNAM(sc)); + /* XXX FIXME: re-initialize device */ + return; +} + +void +umb_statechg_timeout(void *arg) +{ + struct umb_softc *sc = arg; + + printf("%s: state change time out\n",DEVNAM(sc)); + usb_add_task(sc->sc_udev, &sc->sc_umb_task); +} + +void +umb_newstate(struct umb_softc *sc, enum umb_state newstate, int flags) +{ + if (newstate == sc->sc_state) + return; + if (((flags & UMB_NS_DONT_DROP) && newstate < sc->sc_state) || + ((flags & UMB_NS_DONT_RAISE) && newstate > sc->sc_state)) + return; + log(LOG_DEBUG, "%s: state going %s from '%s' to '%s'\n", DEVNAM(sc), + newstate > sc->sc_state ? "up" : "down", + umb_istate(sc->sc_state), umb_istate(newstate)); + sc->sc_state = newstate; + usb_add_task(sc->sc_udev, &sc->sc_umb_task); +} + +void +umb_state_task(void *arg) +{ + struct umb_softc *sc = arg; + struct ifnet *ifp = GET_IFP(sc); + struct ifreq ifr; + struct in_aliasreq ifra; + int s; + int state; + + s = splnet(); + if (ifp->if_flags & IFF_UP) + umb_up(sc); + else + umb_down(sc, 0); + + state = sc->sc_state == UMB_S_UP ? LINK_STATE_UP : LINK_STATE_DOWN; + if (ifp->if_link_state != state) { + log(LOG_INFO, "%s: link state changed from %s to %s\n", + DEVNAM(sc), + LINK_STATE_IS_UP(ifp->if_link_state) ? "up" : "down", + LINK_STATE_IS_UP(state) ? "up" : "down"); + ifp->if_link_state = state; + if (!LINK_STATE_IS_UP(state)) { + /* + * Purge any existing addresses + */ + memset(sc->sc_info.ipv4dns, 0, + sizeof (sc->sc_info.ipv4dns)); + if (in_ioctl(SIOCGIFADDR, (caddr_t)&ifr, ifp, 1) == 0 && + satosin(&ifr.ifr_addr)->sin_addr.s_addr != + INADDR_ANY) { + memset(&ifra, 0, sizeof (ifra)); + memcpy(&ifra.ifra_addr, &ifr.ifr_addr, + sizeof (ifra.ifra_addr)); + in_ioctl(SIOCDIFADDR, (caddr_t)&ifra, ifp, 1); + } + } + if_link_state_change(ifp); + } + splx(s); +} + +void +umb_up(struct umb_softc *sc) +{ + struct ifnet *ifp = GET_IFP(sc); + + splassert(IPL_NET); + + switch (sc->sc_state) { + case UMB_S_DOWN: + DPRINTF("%s: init: opening ...\n", DEVNAM(sc)); + umb_open(sc); + break; + case UMB_S_OPEN: + DPRINTF("%s: init: turning radio on ...\n", DEVNAM(sc)); + umb_radio(sc, 1); + break; + case UMB_S_RADIO: + DPRINTF("%s: init: checking SIM state ...\n", DEVNAM(sc)); + umb_cmd(sc, MBIM_CID_SUBSCRIBER_READY_STATUS, MBIM_CMDOP_QRY, + NULL, 0); + break; + case UMB_S_SIMREADY: + DPRINTF("%s: init: attaching ...\n", DEVNAM(sc)); + umb_packet_service(sc, 1); + break; + case UMB_S_ATTACHED: + sc->sc_tx_seq = 0; + if (!umb_alloc_xfers(sc)) { + umb_free_xfers(sc); + log(LOG_ERR, "%s: allocation of xfers failed\n", + DEVNAM(sc)); + break; + } + DPRINTF("%s: init: connecting ...\n", DEVNAM(sc)); + umb_connect(sc); + break; + case UMB_S_CONNECTED: + DPRINTF("%s: init: getting IP config ...\n", DEVNAM(sc)); + umb_qry_ipconfig(sc); + break; + case UMB_S_UP: + DPRINTF("%s: init: reached state UP\n", DEVNAM(sc)); + if (!umb_alloc_bulkpipes(sc)) { + log(LOG_ERR, "%s: opening bulk pipes failed\n", + DEVNAM(sc)); + ifp->if_flags &= ~IFF_UP; + umb_down(sc, 1); + } + break; + } + if (sc->sc_state < UMB_S_UP) + timeout_add_sec(&sc->sc_statechg_timer, + UMB_STATE_CHANGE_TIMEOUT); + else + timeout_del(&sc->sc_statechg_timer); + return; +} + +void +umb_down(struct umb_softc *sc, int force) +{ + splassert(IPL_NET); + + umb_close_bulkpipes(sc); + if (sc->sc_state < UMB_S_CONNECTED) + umb_free_xfers(sc); + + switch (sc->sc_state) { + case UMB_S_UP: + case UMB_S_CONNECTED: + DPRINTF("%s: stop: disconnecting ...\n", DEVNAM(sc)); + umb_disconnect(sc); + if (!force) + break; + /*FALLTHROUGH*/ + case UMB_S_ATTACHED: + DPRINTF("%s: stop: detaching ...\n", DEVNAM(sc)); + umb_packet_service(sc, 0); + if (!force) + break; + /*FALLTHROUGH*/ + case UMB_S_SIMREADY: + case UMB_S_RADIO: + DPRINTF("%s: stop: turning radio off ...\n", DEVNAM(sc)); + umb_radio(sc, 0); + if (!force) + break; + /*FALLTHROUGH*/ + case UMB_S_OPEN: + case UMB_S_DOWN: + /* Do not close the device */ + DPRINTF("%s: stop: reached state DOWN\n", DEVNAM(sc)); + break; + } + if (force) + sc->sc_state = UMB_S_OPEN; + + if (sc->sc_state > UMB_S_OPEN) + timeout_add_sec(&sc->sc_statechg_timer, + UMB_STATE_CHANGE_TIMEOUT); + else + timeout_del(&sc->sc_statechg_timer); +} + +void +umb_get_response_task(void *arg) +{ + struct umb_softc *sc = arg; + int len; + int s; + + /* + * Function is required to send on RESPONSE_AVAILABLE notification for + * each encapsulated response that is to be processed by the host. + * But of course, we can receive multiple notifications before the + * response task is run. + */ + s = splusb(); + while (sc->sc_nresp > 0) { + --sc->sc_nresp; + len = sc->sc_ctrl_len; + if (umb_get_encap_response(sc, sc->sc_resp_buf, &len)) + umb_decode_response(sc, sc->sc_resp_buf, len); + } + splx(s); +} + +void +umb_decode_response(struct umb_softc *sc, void *response, int len) +{ + struct mbim_msghdr *hdr = response; + struct mbim_fragmented_msg_hdr *fraghdr; + uint32_t type; + uint32_t tid; + + DPRINTFN(3, "%s: got response: len %d\n", DEVNAM(sc), len); + DDUMPN(4, response, len); + + if (len < sizeof (*hdr) || letoh32(hdr->len) != len) { + /* + * We should probably cancel a transaction, but since the + * message is too short, we cannot decode the transaction + * id (tid) and hence don't know, whom to cancel. Must wait + * for the timeout. + */ + DPRINTF("%s: received short response (len %d)\n", + DEVNAM(sc), len); + return; + } + + /* + * XXX FIXME: if message is fragmented, store it until last frag + * is received and then re-assemble all fragments. + */ + type = letoh32(hdr->type); + tid = letoh32(hdr->tid); + switch (type) { + case MBIM_INDICATE_STATUS_MSG: + case MBIM_COMMAND_DONE: + fraghdr = response; + if (letoh32(fraghdr->frag.nfrag) != 1) { + DPRINTF("%s: discarding fragmented messages\n", + DEVNAM(sc)); + return; + } + break; + default: + break; + } + + DPRINTF("%s: <- rcv %s (tid %u)\n", DEVNAM(sc), umb_request2str(type), + tid); + switch (type) { + case MBIM_FUNCTION_ERROR_MSG: + case MBIM_HOST_ERROR_MSG: + { + struct mbim_f2h_hosterr *e; + int err; + + if (len >= sizeof (*e)) { + e = response; + err = letoh32(e->err); + + DPRINTF("%s: %s message, error %s (tid %u)\n", + DEVNAM(sc), umb_request2str(type), + umb_error2str(err), tid); + if (err == MBIM_ERROR_NOT_OPENED) + umb_newstate(sc, UMB_S_DOWN, 0); + } + break; + } + case MBIM_INDICATE_STATUS_MSG: + umb_handle_indicate_status_msg(sc, response, len); + break; + case MBIM_OPEN_DONE: + umb_handle_opendone_msg(sc, response, len); + break; + case MBIM_CLOSE_DONE: + umb_handle_closedone_msg(sc, response, len); + break; + case MBIM_COMMAND_DONE: + umb_command_done(sc, response, len); + break; + default: + DPRINTF("%s: discard messsage %s\n", DEVNAM(sc), + umb_request2str(type)); + break; + } +} + +void +umb_handle_indicate_status_msg(struct umb_softc *sc, void *data, int len) +{ + struct mbim_f2h_indicate_status *m = data; + uint32_t infolen; + uint32_t cid; + + if (len < sizeof (*m)) { + DPRINTF("%s: discard short %s messsage\n", DEVNAM(sc), + umb_request2str(letoh32(m->hdr.type))); + return; + } + if (memcmp(m->devid, umb_uuid_basic_connect, sizeof (m->devid))) { + DPRINTF("%s: discard %s messsage for other UUID '%s'\n", + DEVNAM(sc), umb_request2str(letoh32(m->hdr.type)), + umb_uuid2str(m->devid)); + return; + } + infolen = letoh32(m->infolen); + if (len < sizeof (*m) + infolen) { + DPRINTF("%s: discard truncated %s messsage (want %d, got %d)\n", + DEVNAM(sc), umb_request2str(letoh32(m->hdr.type)), + (int)sizeof (*m) + infolen, len); + return; + } + + cid = letoh32(m->cid); + DPRINTF("%s: indicate %s status\n", DEVNAM(sc), umb_cid2str(cid)); + umb_decode_cid(sc, cid, m->info, infolen); +} + +void +umb_handle_opendone_msg(struct umb_softc *sc, void *data, int len) +{ + struct mbim_f2h_openclosedone *resp = data; + uint32_t status; + + status = letoh32(resp->status); + if (status == MBIM_STATUS_SUCCESS) { + if (sc->sc_maxsessions == 0) { + umb_cmd(sc, MBIM_CID_DEVICE_CAPS, MBIM_CMDOP_QRY, NULL, + 0); + umb_cmd(sc, MBIM_CID_PIN, MBIM_CMDOP_QRY, NULL, 0); + umb_cmd(sc, MBIM_CID_REGISTER_STATE, MBIM_CMDOP_QRY, + NULL, 0); + } + umb_newstate(sc, UMB_S_OPEN, UMB_NS_DONT_DROP); + } else + log(LOG_ERR, "%s: open error: %s\n", DEVNAM(sc), + umb_status2str(status)); + return; +} + +void +umb_handle_closedone_msg(struct umb_softc *sc, void *data, int len) +{ + struct mbim_f2h_openclosedone *resp = data; + uint32_t status; + + status = letoh32(resp->status); + if (status == MBIM_STATUS_SUCCESS) + umb_newstate(sc, UMB_S_DOWN, 0); + else + DPRINTF("%s: close error: %s\n", DEVNAM(sc), + umb_status2str(status)); + return; +} + +static inline void +umb_getinfobuf(void *in, int inlen, uint32_t offs, uint32_t sz, + void *out, size_t outlen) +{ + offs = letoh32(offs); + sz = letoh32(sz); + if (inlen >= offs + sz) { + memset(out, 0, outlen); + memcpy(out, in + offs, MIN(sz, outlen)); + } +} + +static inline int +umb_padding(void *data, int len, size_t sz) +{ + char *p = data; + int np = 0; + + while (len < sz && (len % 4) != 0) { + *p++ = '\0'; + len++; + np++; + } + return np; +} + +static inline int +umb_addstr(void *buf, size_t bufsz, int *offs, void *str, int slen, + uint32_t *offsmember, uint32_t *sizemember) +{ + if (*offs + slen > bufsz) + return 0; + + *sizemember = htole32((uint32_t)slen); + if (slen && str) { + *offsmember = htole32((uint32_t)*offs); + memcpy(buf + *offs, str, slen); + *offs += slen; + *offs += umb_padding(buf, *offs, bufsz); + } else + *offsmember = htole32(0); + return 1; +} + +int +umb_decode_register_state(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_registration_state_info *rs = data; + + if (len < sizeof (*rs)) + return 0; + sc->sc_info.nwerror = letoh32(rs->nwerror); + sc->sc_info.regstate = letoh32(rs->regstate); + sc->sc_info.regmode = letoh32(rs->regmode); + sc->sc_info.cellclass = letoh32(rs->curcellclass); + + /* XXX should we remember the provider_id? */ + umb_getinfobuf(data, len, rs->provname_offs, rs->provname_size, + sc->sc_info.provider, sizeof (sc->sc_info.provider)); + umb_getinfobuf(data, len, rs->roamingtxt_offs, rs->roamingtxt_size, + sc->sc_info.roamingtxt, sizeof (sc->sc_info.roamingtxt)); + + DPRINTFN(2, "%s: %s, availclass 0x%x, class 0x%x, regmode %d\n", + DEVNAM(sc), umb_regstate(sc->sc_info.regstate), + letoh32(rs->availclasses), sc->sc_info.cellclass, + sc->sc_info.regmode); + + if (sc->sc_info.regstate == MBIM_REGSTATE_ROAMING && + !sc->sc_roaming && + sc->sc_info.activation == MBIM_ACTIVATION_STATE_ACTIVATED) { + log(LOG_INFO, "%s: disconnecting from roaming network\n", + DEVNAM(sc)); + umb_newstate(sc, UMB_S_ATTACHED, UMB_NS_DONT_RAISE); + } + return 1; +} + +int +umb_decode_devices_caps(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_device_caps *dc = data; + + if (len < sizeof (*dc)) + return 0; + sc->sc_maxsessions = letoh32(dc->max_sessions); + sc->sc_info.supportedclasses = letoh32(dc->dataclass); + umb_getinfobuf(data, len, dc->devid_offs, dc->devid_size, + sc->sc_info.devid, sizeof (sc->sc_info.devid)); + umb_getinfobuf(data, len, dc->fwinfo_offs, dc->fwinfo_size, + sc->sc_info.fwinfo, sizeof (sc->sc_info.fwinfo)); + umb_getinfobuf(data, len, dc->hwinfo_offs, dc->hwinfo_size, + sc->sc_info.hwinfo, sizeof (sc->sc_info.hwinfo)); + DPRINTFN(2, "%s: max sessions %d, supported classes 0x%x\n", + DEVNAM(sc), sc->sc_maxsessions, sc->sc_info.supportedclasses); + return 1; +} + +int +umb_decode_subscriber_status(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_subscriber_ready_info *si = data; + int npn; + + if (len < sizeof (*si)) + return 0; + sc->sc_info.sim_state = letoh32(si->ready); + + umb_getinfobuf(data, len, si->sid_offs, si->sid_size, + sc->sc_info.sid, sizeof (sc->sc_info.sid)); + umb_getinfobuf(data, len, si->icc_offs, si->icc_size, + sc->sc_info.iccid, sizeof (sc->sc_info.iccid)); + + npn = letoh32(si->no_pn); + if (npn > 0) + umb_getinfobuf(data, len, si->pn[0].offs, si->pn[0].size, + sc->sc_info.pn, sizeof (sc->sc_info.pn)); + else + memset(sc->sc_info.pn, 0, sizeof (sc->sc_info.pn)); + + if (sc->sc_info.sim_state == MBIM_SIMSTATE_LOCKED) + sc->sc_info.pin_state = UMB_PUK_REQUIRED; + log(LOG_INFO, "%s: SIM %s\n", DEVNAM(sc), + umb_simstate(sc->sc_info.sim_state)); + if (sc->sc_info.sim_state == MBIM_SIMSTATE_INITIALIZED) + umb_newstate(sc, UMB_S_SIMREADY, UMB_NS_DONT_DROP); + return 1; +} + +int +umb_decode_radio_state(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_radio_state_info *rs = data; + + if (len < sizeof (*rs)) + return 0; + + sc->sc_info.hw_radio_on = + (letoh32(rs->hw_state) == MBIM_RADIO_STATE_ON) ? 1 : 0; + sc->sc_info.sw_radio_on = + (letoh32(rs->sw_state) == MBIM_RADIO_STATE_ON) ? 1 : 0; + if (!sc->sc_info.hw_radio_on) { + log(LOG_INFO, "%s: radio is off by rfkill switch\n", + DEVNAM(sc)); + /* + * XXX do we need a time to poll the state of the rfkill switch + * or will the device send an unsolicited notification + * in case the state changes? + */ + umb_newstate(sc, UMB_S_OPEN, 0); + } else if (!sc->sc_info.sw_radio_on) { + log(LOG_INFO, "%s: radio is off\n", DEVNAM(sc)); + umb_newstate(sc, UMB_S_OPEN, 0); + } else + umb_newstate(sc, UMB_S_RADIO, UMB_NS_DONT_DROP); + return 1; +} + +int +umb_decode_pin(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_pin_info *pi = data; + uint32_t attempts_left; + + if (len < sizeof (*pi)) + return 0; + + attempts_left = letoh32(pi->remaining_attempts); + if (attempts_left != 0xffffffff) + sc->sc_info.pin_attempts_left = attempts_left; + + switch (letoh32(pi->state)) { + case MBIM_PIN_STATE_UNLOCKED: + sc->sc_info.pin_state = UMB_PIN_UNLOCKED; + break; + case MBIM_PIN_STATE_LOCKED: + switch (letoh32(pi->type)) { + case MBIM_PIN_TYPE_PIN1: + sc->sc_info.pin_state = UMB_PIN_REQUIRED; + break; + case MBIM_PIN_TYPE_PUK1: + sc->sc_info.pin_state = UMB_PUK_REQUIRED; + break; + case MBIM_PIN_TYPE_PIN2: + case MBIM_PIN_TYPE_PUK2: + /* Assume that PIN1 was accepted */ + sc->sc_info.pin_state = UMB_PIN_UNLOCKED; + break; + } + break; + } + log(LOG_INFO, "%s: %s state %s (%d attempts left)\n", + DEVNAM(sc), umb_pin_type(letoh32(pi->type)), + (letoh32(pi->state) == MBIM_PIN_STATE_UNLOCKED) ? + "unlocked" : "locked", + letoh32(pi->remaining_attempts)); + + /* + * In case the PIN was set after IFF_UP, retrigger the state machine + */ + usb_add_task(sc->sc_udev, &sc->sc_umb_task); + return 1; +} + +int +umb_decode_packet_service(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_packet_service_info *psi = data; + int state, highestclass; + uint64_t up_speed, down_speed; + struct ifnet *ifp = GET_IFP(sc); + + if (len < sizeof (*psi)) + return 0; + + sc->sc_info.nwerror = letoh32(psi->nwerror); + state = letoh32(psi->state); + highestclass = letoh32(psi->highest_dataclass); + up_speed = letoh64(psi->uplink_speed); + down_speed = letoh64(psi->downlink_speed); + if (sc->sc_info.packetstate != state || + sc->sc_info.uplink_speed != up_speed || + sc->sc_info.downlink_speed != down_speed) { + log(LOG_INFO, "%s: packet service ", DEVNAM(sc)); + if (sc->sc_info.packetstate != state) + addlog("changed from %s to ", + umb_packet_state(sc->sc_info.packetstate)); + addlog("%s, class %s, speed: %llu up / %llu down\n", + umb_packet_state(state), umb_dataclass(highestclass), + up_speed, down_speed); + } + sc->sc_info.packetstate = state; + sc->sc_info.highestclass = highestclass; + sc->sc_info.uplink_speed = up_speed; + sc->sc_info.downlink_speed = down_speed; + + if (sc->sc_info.regmode == MBIM_REGMODE_AUTOMATIC) { + /* + * For devices using automatic registration mode, just proceed, + * once registration has completed. + */ + if (ifp->if_flags & IFF_UP) { + switch (sc->sc_info.regstate) { + case MBIM_REGSTATE_HOME: + case MBIM_REGSTATE_ROAMING: + case MBIM_REGSTATE_PARTNER: + umb_newstate(sc, UMB_S_ATTACHED, + UMB_NS_DONT_DROP); + break; + default: + break; + } + } else + umb_newstate(sc, UMB_S_SIMREADY, UMB_NS_DONT_RAISE); + } else switch (sc->sc_info.packetstate) { + case MBIM_PKTSERVICE_STATE_ATTACHED: + umb_newstate(sc, UMB_S_ATTACHED, UMB_NS_DONT_DROP); + break; + case MBIM_PKTSERVICE_STATE_DETACHED: + umb_newstate(sc, UMB_S_SIMREADY, UMB_NS_DONT_RAISE); + break; + } + return 1; +} + +int +umb_decode_signal_state(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_signal_state *ss = data; + int rssi; + + if (len < sizeof (*ss)) + return 0; + + if (letoh32(ss->rssi) == 99) + rssi = UMB_VALUE_UNKNOWN; + else { + rssi = -113 + 2 * letoh32(ss->rssi); + if (sc->sc_info.rssi != rssi && + sc->sc_state >= UMB_S_CONNECTED) + log(LOG_INFO, "%s: rssi %d dBm\n", DEVNAM(sc), rssi); + } + sc->sc_info.rssi = rssi; + sc->sc_info.ber = letoh32(ss->err_rate); + if (sc->sc_info.ber == -99) + sc->sc_info.ber = UMB_VALUE_UNKNOWN; + return 1; +} + +int +umb_decode_connect_info(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_connect_info *ci = data; + int act; + + if (len < sizeof (*ci)) + return 0; + + if (letoh32(ci->sessionid) != umb_session_id) { + DPRINTF("%s: discard connection info for session %u\n", + DEVNAM(sc), letoh32(ci->sessionid)); + return 1; + } + if (memcmp(ci->context, umb_uuid_context_internet, + sizeof (ci->context))) { + DPRINTF("%s: discard connection info for other context\n", + DEVNAM(sc)); + return 1; + } + act = letoh32(ci->activation); + if (sc->sc_info.activation != act) { + log(LOG_INFO, "%s: connection %s\n", DEVNAM(sc), + umb_activation(act)); + if (letoh32(ci->iptype) != MBIM_CONTEXT_IPTYPE_DEFAULT && + letoh32(ci->iptype) != MBIM_CONTEXT_IPTYPE_IPV4) + log(LOG_DEBUG, "%s: got iptype %d connection\n", + DEVNAM(sc), letoh32(ci->iptype)); + + sc->sc_info.activation = act; + sc->sc_info.nwerror = letoh32(ci->nwerror); + + if (sc->sc_info.activation == MBIM_ACTIVATION_STATE_ACTIVATED) + umb_newstate(sc, UMB_S_CONNECTED, UMB_NS_DONT_DROP); + else if (sc->sc_info.activation == + MBIM_ACTIVATION_STATE_DEACTIVATED) + umb_newstate(sc, UMB_S_ATTACHED, 0); + /* else: other states are purely transitional */ + } + return 1; +} + +int +umb_decode_ip_configuration(struct umb_softc *sc, void *data, int len) +{ + struct mbim_cid_ip_configuration_info *ic = data; + struct ifnet *ifp = GET_IFP(sc); + int s; + uint32_t avail; + uint32_t val; + int n, i; + int off; + struct mbim_cid_ipv4_element ipv4elem; + struct in_aliasreq ifra; + struct sockaddr_in *sin; + int state = -1; + int rv; + + if (len < sizeof (*ic)) + return 0; + if (letoh32(ic->sessionid) != umb_session_id) { + DPRINTF("%s: ignore IP configration for session id %d\n", + DEVNAM(sc), letoh32(ic->sessionid)); + return 0; + } + s = splnet(); + + /* + * IPv4 configuation + */ + avail = letoh32(ic->ipv4_available); + if (avail & MBIM_IPCONF_HAS_ADDRINFO) { + n = letoh32(ic->ipv4_naddr); + off = letoh32(ic->ipv4_addroffs); + + if (n == 0 || off + sizeof (ipv4elem) > len) + goto done; + + /* Only pick the first one */ + memcpy(&ipv4elem, data + off, sizeof (ipv4elem)); + ipv4elem.addr = letoh32(ipv4elem.addr); + ipv4elem.prefixlen = letoh32(ipv4elem.prefixlen); + + memset(&ifra, 0, sizeof (ifra)); + sin = (struct sockaddr_in *)&ifra.ifra_addr; + sin->sin_family = AF_INET; + sin->sin_len = sizeof (ifra.ifra_addr); + sin->sin_addr.s_addr = ipv4elem.addr; + + sin = (struct sockaddr_in *)&ifra.ifra_dstaddr; + sin->sin_family = AF_INET; + sin->sin_len = sizeof (ifra.ifra_dstaddr); + if (avail & MBIM_IPCONF_HAS_GWINFO) { + off = letoh32(ic->ipv4_gwoffs); + sin->sin_addr.s_addr = + letoh32(*((uint32_t *)(data + off))); + } + + sin = (struct sockaddr_in *)&ifra.ifra_mask; + sin->sin_family = AF_INET; + sin->sin_len = sizeof (ifra.ifra_mask); + in_len2mask(&sin->sin_addr, ipv4elem.prefixlen); + + if ((rv = in_ioctl(SIOCAIFADDR, (caddr_t)&ifra, ifp, 1)) == 0) { + log(LOG_INFO, "%s: IPv4 addr %s, mask %s, gateway %s\n", + DEVNAM(ifp->if_softc), + umb_ntop(sintosa(&ifra.ifra_addr)), + umb_ntop(sintosa(&ifra.ifra_mask)), + umb_ntop(sintosa(&ifra.ifra_dstaddr))); + state = UMB_S_UP; + } else + log(LOG_ERR, "%s: unable to set IPv4 address, " + "error %d\n", DEVNAM(ifp->if_softc), rv); + } + + memset(sc->sc_info.ipv4dns, 0, sizeof (sc->sc_info.ipv4dns)); + if (avail & MBIM_IPCONF_HAS_DNSINFO) { + n = letoh32(ic->ipv4_ndnssrv); + off = letoh32(ic->ipv4_dnssrvoffs); + i = 0; + while (n-- > 0) { + if (off + sizeof (uint32_t) > len) + break; + val = letoh32(*((uint32_t *)(data + off))); + if (i < UMB_MAX_DNSSRV) + sc->sc_info.ipv4dns[i++] = val; + off += sizeof (uint32_t); + } + } + + if ((avail & MBIM_IPCONF_HAS_MTUINFO)) { + val = letoh32(ic->ipv4_mtu); + if (ifp->if_hardmtu != val && val <= sc->sc_maxpktlen) { + ifp->if_hardmtu = val; + if (ifp->if_mtu > val) + ifp->if_mtu = val; + log(LOG_INFO, "%s: MTU is %d\n", DEVNAM(sc), val); + } + } + + avail = letoh32(ic->ipv6_available); + if (avail & MBIM_IPCONF_HAS_ADDRINFO) { + /* XXX FIXME: IPv6 configuation missing */ + log(LOG_INFO, "%s: ignoring IPv6 configuration\n", DEVNAM(sc)); + } + if (state != -1) + umb_newstate(sc, state, 0); + +done: + splx(s); + return 1; +} + +void +umb_rx(struct umb_softc *sc) +{ + usbd_setup_xfer(sc->sc_rx_xfer, sc->sc_rx_pipe, sc, sc->sc_rx_buf, + sc->sc_maxpktlen, USBD_SHORT_XFER_OK | USBD_NO_COPY, + USBD_NO_TIMEOUT, umb_rxeof); + usbd_transfer(sc->sc_rx_xfer); +} + +void +umb_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status) +{ + struct umb_softc *sc = priv; + struct ifnet *ifp = GET_IFP(sc); + + if (usbd_is_dying(sc->sc_udev) || !(ifp->if_flags & IFF_RUNNING)) + return; + + if (status != USBD_NORMAL_COMPLETION) { + if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) + return; + DPRINTF("%s: rx error: %s\n", DEVNAM(sc), usbd_errstr(status)); + if (status == USBD_STALLED) + usbd_clear_endpoint_stall_async(sc->sc_rx_pipe); + if (++sc->sc_rx_nerr > 100) { + log(LOG_ERR, "%s: too many rx errors, disabling\n", + DEVNAM(sc)); + usbd_deactivate(sc->sc_udev); + } + } else { + sc->sc_rx_nerr = 0; + umb_decap(sc, xfer); + } + + umb_rx(sc); + return; +} + +int +umb_encap(struct umb_softc *sc, struct mbuf *m) +{ + struct ncm_header16 *hdr; + struct ncm_pointer16 *ptr; + usbd_status err; + int len; + + KASSERT(sc->sc_tx_m == NULL); + + hdr = sc->sc_tx_buf; + ptr = (struct ncm_pointer16 *)(hdr + 1); + + USETDW(hdr->dwSignature, NCM_HDR16_SIG); + USETW(hdr->wHeaderLength, sizeof (*hdr)); + USETW(hdr->wSequence, sc->sc_tx_seq); + sc->sc_tx_seq++; + USETW(hdr->wNdpIndex, sizeof (*hdr)); + + len = m->m_pkthdr.len; + USETDW(ptr->dwSignature, MBIM_NCM_NTH16_SIG(umb_session_id)); + USETW(ptr->wLength, sizeof (*ptr)); + USETW(ptr->wNextNdpIndex, 0); + USETW(ptr->dgram[0].wDatagramIndex, MBIM_HDR16_LEN); + USETW(ptr->dgram[0].wDatagramLen, len); + USETW(ptr->dgram[1].wDatagramIndex, 0); + USETW(ptr->dgram[1].wDatagramLen, 0); + + m_copydata(m, 0, len, (caddr_t)(ptr + 1)); + sc->sc_tx_m = m; + len += MBIM_HDR16_LEN; + USETW(hdr->wBlockLength, len); + + DPRINTFN(3, "%s: encap %d bytes\n", DEVNAM(sc), len); + DDUMPN(5, sc->sc_tx_buf, len); + usbd_setup_xfer(sc->sc_tx_xfer, sc->sc_tx_pipe, sc, sc->sc_tx_buf, len, + USBD_FORCE_SHORT_XFER | USBD_NO_COPY, umb_xfer_tout, umb_txeof); + err = usbd_transfer(sc->sc_tx_xfer); + if (err != USBD_IN_PROGRESS) { + DPRINTF("%s: start tx error: %s\n", DEVNAM(sc), + usbd_errstr(err)); + return 0; + } + return 1; +} + +void +umb_txeof(struct usbd_xfer *xfer, void *priv, usbd_status status) +{ + struct umb_softc *sc = priv; + struct ifnet *ifp = GET_IFP(sc); + int s; + + s = splnet(); + ifq_clr_oactive(&ifp->if_snd); + ifp->if_timer = 0; + + m_freem(sc->sc_tx_m); + sc->sc_tx_m = NULL; + + if (status != USBD_NORMAL_COMPLETION) { + if (status != USBD_NOT_STARTED && status != USBD_CANCELLED) { + ifp->if_oerrors++; + DPRINTF("%s: tx error: %s\n", DEVNAM(sc), + usbd_errstr(status)); + if (status == USBD_STALLED) + usbd_clear_endpoint_stall_async(sc->sc_tx_pipe); + } + } else { + ifp->if_opackets++; + if (IFQ_IS_EMPTY(&ifp->if_snd) == 0) + umb_start(ifp); + } + + splx(s); +} + +void +umb_decap(struct umb_softc *sc, struct usbd_xfer *xfer) +{ + struct ifnet *ifp = GET_IFP(sc); + int s; + void *buf; + uint32_t len; + char *dp; + struct ncm_header16 *hdr16; + struct ncm_header32 *hdr32; + struct ncm_pointer16 *ptr16; + struct ncm_pointer16_dgram *dgram16; + struct ncm_pointer32_dgram *dgram32; + uint32_t hsig, psig; + int hlen, blen; + int ptrlen, ptroff, dgentryoff; + uint32_t doff, dlen; + struct mbuf_list ml = MBUF_LIST_INITIALIZER(); + struct mbuf *m; + + usbd_get_xfer_status(xfer, NULL, &buf, &len, NULL); + DPRINTFN(4, "%s: recv %d bytes\n", DEVNAM(sc), len); + DDUMPN(5, buf, len); + s = splnet(); + if (len < sizeof (*hdr16)) + goto toosmall; + if (len > sc->sc_maxpktlen) { + DPRINTF("%s: packet too large (%d)\n", DEVNAM(sc), len); + goto fail; + } + + hdr16 = (struct ncm_header16 *)buf; + hsig = UGETDW(hdr16->dwSignature); + hlen = UGETW(hdr16->wHeaderLength); + switch (hsig) { + case NCM_HDR16_SIG: + blen = UGETW(hdr16->wBlockLength); + if (hlen != sizeof (*hdr16)) { + DPRINTF("%s: bad header len %d for NTH16 (exp %zu)\n", + DEVNAM(sc), hlen, sizeof (*hdr16)); + goto fail; + } + break; + case NCM_HDR32_SIG: + hdr32 = (struct ncm_header32 *)hdr16; + blen = UGETDW(hdr32->dwBlockLength); + if (hlen != sizeof (*hdr32)) { + DPRINTF("%s: bad header len %d for NTH32 (exp %zu)\n", + DEVNAM(sc), hlen, sizeof (*hdr32)); + goto fail; + } + break; + default: + DPRINTF("%s: unsupported NCM header signature (0x%08x)\n", + DEVNAM(sc), hsig); + goto fail; + } + if (len < hlen) + goto toosmall; + if (len < blen) { + DPRINTF("%s: bad NTB len (%d) for %d bytes of data\n", + DEVNAM(sc), blen, len); + goto fail; + } + + ptroff = hlen; + ptr16 = (struct ncm_pointer16 *)(buf + ptroff); + psig = UGETDW(ptr16->dwSignature); + ptrlen = UGETW(ptr16->wLength); + if (len < ptrlen + ptroff) + goto toosmall; + if (!MBIM_NCM_NTH16_ISISG(psig) && !MBIM_NCM_NTH32_ISISG(psig)) { + DPRINTF("%s: unsupported NCM pointer signature (0x%08x)\n", + DEVNAM(sc), psig); + goto fail; + } + + switch (hsig) { + case NCM_HDR16_SIG: + dgentryoff = offsetof(struct ncm_pointer16, dgram); + break; + case NCM_HDR32_SIG: + dgentryoff = offsetof(struct ncm_pointer32, dgram); + break; + default: + goto fail; + } + + while (dgentryoff < ptrlen) { + switch (hsig) { + case NCM_HDR16_SIG: + if (ptroff + dgentryoff < sizeof (*dgram16)) + goto done; + dgram16 = (struct ncm_pointer16_dgram *) + (buf + ptroff + dgentryoff); + dgentryoff += sizeof (*dgram16); + dlen = UGETW(dgram16->wDatagramLen); + doff = UGETW(dgram16->wDatagramIndex); + break; + case NCM_HDR32_SIG: + if (ptroff + dgentryoff < sizeof (*dgram32)) + goto done; + dgram32 = (struct ncm_pointer32_dgram *) + (buf + ptroff + dgentryoff); + dgentryoff += sizeof (*dgram32); + dlen = UGETDW(dgram32->dwDatagramLen); + doff = UGETDW(dgram32->dwDatagramIndex); + break; + default: + ifp->if_ierrors++; + goto done; + } + + /* Terminating zero entry */ + if (dlen == 0 && doff == 0) + break; + if (len < dlen + doff) { + /* Skip giant datagram but continue processing */ + DPRINTF("%s: datagram too large (%d @ off %d)\n", + DEVNAM(sc), dlen, doff); + continue; + } + + dp = buf + doff; + DPRINTFN(3, "%s: decap %d bytes\n", DEVNAM(sc), dlen); + m = m_devget(dp, dlen, 0); + if (m == NULL) { + ifp->if_iqdrops++; + continue; + } + + ml_enqueue(&ml, m); + } +done: + if_input(ifp, &ml); + splx(s); + return; +toosmall: + DPRINTF("%s: packet too small (%d)\n", DEVNAM(sc), len); +fail: + ifp->if_ierrors++; + splx(s); +} + +usbd_status +umb_send_encap_command(struct umb_softc *sc, void *data, int len) +{ + struct usbd_xfer *xfer; + usb_device_request_t req; + char *buf; + + if (len > sc->sc_ctrl_len) + return USBD_INVAL; + + if ((xfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) + return USBD_NOMEM; + if ((buf = usbd_alloc_buffer(xfer, len)) == NULL) { + usbd_free_xfer(xfer); + return USBD_NOMEM; + } + memcpy(buf, data, len); + + /* XXX FIXME: if (total len > sc->sc_ctrl_len) => must fragment */ + req.bmRequestType = UT_WRITE_CLASS_INTERFACE; + req.bRequest = UCDC_SEND_ENCAPSULATED_COMMAND; + USETW(req.wValue, 0); + USETW(req.wIndex, sc->sc_ctrl_ifaceno); + USETW(req.wLength, len); + DELAY(umb_delay); + return usbd_request_async(xfer, &req, NULL, NULL); +} + +int +umb_get_encap_response(struct umb_softc *sc, void *buf, int *len) +{ + usb_device_request_t req; + usbd_status err; + + req.bmRequestType = UT_READ_CLASS_INTERFACE; + req.bRequest = UCDC_GET_ENCAPSULATED_RESPONSE; + USETW(req.wValue, 0); + USETW(req.wIndex, sc->sc_ctrl_ifaceno); + USETW(req.wLength, *len); + /* XXX FIXME: re-assemble fragments */ + + DELAY(umb_delay); + err = usbd_do_request_flags(sc->sc_udev, &req, buf, USBD_SHORT_XFER_OK, + len, umb_xfer_tout); + if (err == USBD_NORMAL_COMPLETION) + return 1; + DPRINTF("%s: ctrl recv: %s\n", DEVNAM(sc), usbd_errstr(err)); + return 0; +} + +void +umb_ctrl_msg(struct umb_softc *sc, uint32_t req, void *data, int len) +{ + uint32_t tid; + struct mbim_msghdr *hdr = data; + usbd_status err; + int s; + + assertwaitok(); + if (usbd_is_dying(sc->sc_udev)) + return; + if (len < sizeof (*hdr)) + return; + tid = ++sc->sc_tid; + + hdr->type = htole32(req); + hdr->len = htole32(len); + hdr->tid = htole32(tid); + +#ifdef UMB_DEBUG + if (umb_debug) { + const char *op, *str; + if (req == MBIM_COMMAND_MSG) { + struct mbim_h2f_cmd *c = data; + if (letoh32(c->op) == MBIM_CMDOP_SET) + op = "set"; + else + op = "qry"; + str = umb_cid2str(letoh32(c->cid)); + } else { + op = "snd"; + str = umb_request2str(req); + } + DPRINTF("%s: -> %s %s (tid %u)\n", DEVNAM(sc), op, str, tid); + } +#endif + s = splusb(); + err = umb_send_encap_command(sc, data, len); + splx(s); + if (err != USBD_NORMAL_COMPLETION) { + log(LOG_ERR, "%s: send %s msg (tid %u) failed: %s\n", + DEVNAM(sc), umb_request2str(req), tid, usbd_errstr(err)); + + /* will affect other transactions, too */ + usbd_abort_pipe(sc->sc_udev->default_pipe); + } else { + DPRINTFN(2, "%s: sent %s (tid %u)\n", DEVNAM(sc), + umb_request2str(req), tid); + DDUMPN(3, data, len); + } + return; +} + +void +umb_open(struct umb_softc *sc) +{ + struct mbim_h2f_openmsg msg; + + memset(&msg, 0, sizeof (msg)); + msg.maxlen = htole32(sc->sc_ctrl_len); + umb_ctrl_msg(sc, MBIM_OPEN_MSG, &msg, sizeof (msg)); + return; +} + +void +umb_close(struct umb_softc *sc) +{ + struct mbim_h2f_closemsg msg; + + memset(&msg, 0, sizeof (msg)); + umb_ctrl_msg(sc, MBIM_CLOSE_MSG, &msg, sizeof (msg)); +} + +int +umb_setpin(struct umb_softc *sc, int op, int is_puk, void *pin, int pinlen, + void *newpin, int newpinlen) +{ + struct mbim_cid_pin cp; + int off; + + if (pinlen == 0) + return 0; + if (pinlen < 0 || pinlen > MBIM_PIN_MAXLEN || + newpinlen < 0 || newpinlen > MBIM_PIN_MAXLEN || + op < 0 || op > MBIM_PIN_OP_CHANGE || + (is_puk && op != MBIM_PIN_OP_ENTER)) + return EINVAL; + + memset(&cp, 0, sizeof (cp)); + cp.type = htole32(is_puk ? MBIM_PIN_TYPE_PUK1 : MBIM_PIN_TYPE_PIN1); + + off = offsetof(struct mbim_cid_pin, data); + if (!umb_addstr(&cp, sizeof (cp), &off, pin, pinlen, + &cp.pin_offs, &cp.pin_size)) + return EINVAL; + + cp.op = htole32(op); + if (newpinlen) { + if (!umb_addstr(&cp, sizeof (cp), &off, newpin, newpinlen, + &cp.newpin_offs, &cp.newpin_size)) + return EINVAL; + } else { + if ((op == MBIM_PIN_OP_CHANGE) || is_puk) + return EINVAL; + if (!umb_addstr(&cp, sizeof (cp), &off, NULL, 0, + &cp.newpin_offs, &cp.newpin_size)) + return EINVAL; + } + umb_cmd(sc, MBIM_CID_PIN, MBIM_CMDOP_SET, &cp, off); + return 0; +} + +void +umb_setdataclass(struct umb_softc *sc) +{ + struct mbim_cid_registration_state rs; + uint32_t classes; + + if (sc->sc_info.supportedclasses == MBIM_DATACLASS_NONE) + return; + + memset(&rs, 0, sizeof (rs)); + rs.regaction = htole32(MBIM_REGACTION_AUTOMATIC); + classes = sc->sc_info.supportedclasses; + if (sc->sc_info.preferredclasses != MBIM_DATACLASS_NONE) + classes &= sc->sc_info.preferredclasses; + rs.data_class = htole32(classes); + umb_cmd(sc, MBIM_CID_REGISTER_STATE, MBIM_CMDOP_SET, &rs, sizeof (rs)); +} + +void +umb_radio(struct umb_softc *sc, int on) +{ + struct mbim_cid_radio_state s; + + DPRINTF("%s: set radio %s\n", DEVNAM(sc), on ? "on" : "off"); + memset(&s, 0, sizeof (s)); + s.state = htole32(on ? MBIM_RADIO_STATE_ON : MBIM_RADIO_STATE_OFF); + umb_cmd(sc, MBIM_CID_RADIO_STATE, MBIM_CMDOP_SET, &s, sizeof (s)); +} + +void +umb_packet_service(struct umb_softc *sc, int attach) +{ + struct mbim_cid_packet_service s; + + DPRINTF("%s: %s packet service\n", DEVNAM(sc), + attach ? "attach" : "detach"); + memset(&s, 0, sizeof (s)); + s.action = htole32(attach ? + MBIM_PKTSERVICE_ACTION_ATTACH : MBIM_PKTSERVICE_ACTION_DETACH); + umb_cmd(sc, MBIM_CID_PACKET_SERVICE, MBIM_CMDOP_SET, &s, sizeof (s)); +} + +void +umb_connect(struct umb_softc *sc) +{ + if (sc->sc_info.regstate == MBIM_REGSTATE_ROAMING && !sc->sc_roaming) { + log(LOG_INFO, "%s: connection disabled in roaming network\n", + DEVNAM(sc)); + return; + } + log(LOG_DEBUG, "%s: connecting ...\n", DEVNAM(sc)); + umb_send_connect(sc, MBIM_CONNECT_ACTIVATE); +} + +void +umb_disconnect(struct umb_softc *sc) +{ + log(LOG_DEBUG, "%s: disconnecting ...\n", DEVNAM(sc)); + umb_send_connect(sc, MBIM_CONNECT_DEACTIVATE); +} + +void +umb_send_connect(struct umb_softc *sc, int command) +{ + struct mbim_cid_connect *c; + int off; + + /* Too large or the stack */ + c = malloc(sizeof (*c), M_USBDEV, M_WAIT|M_ZERO); + c->sessionid = htole32(umb_session_id); + c->command = htole32(command); + off = offsetof(struct mbim_cid_connect, data); + if (!umb_addstr(c, sizeof (*c), &off, sc->sc_info.apn, + sc->sc_info.apnlen, &c->access_offs, &c->access_size)) + goto done; + /* XXX FIXME: support user name and passphrase */ + c->user_offs = htole32(0); + c->user_size = htole32(0); + c->passwd_offs = htole32(0); + c->passwd_size = htole32(0); + c->authprot = htole32(MBIM_AUTHPROT_NONE); + c->compression = htole32(MBIM_COMPRESSION_NONE); + c->iptype = htole32(MBIM_CONTEXT_IPTYPE_IPV4); + memcpy(c->context, umb_uuid_context_internet, sizeof (c->context)); + umb_cmd(sc, MBIM_CID_CONNECT, MBIM_CMDOP_SET, c, off); +done: + free(c, M_USBDEV, sizeof (*c)); + return; +} + +void +umb_qry_ipconfig(struct umb_softc *sc) +{ + struct mbim_cid_ip_configuration_info ipc; + + memset(&ipc, 0, sizeof (ipc)); + ipc.sessionid = htole32(umb_session_id); + umb_cmd(sc, MBIM_CID_IP_CONFIGURATION, MBIM_CMDOP_QRY, + &ipc, sizeof (ipc)); +} + +void +umb_cmd(struct umb_softc *sc, int cid, int op, void *data, int len) +{ + struct mbim_h2f_cmd *cmd; + int totlen; + + /* XXX FIXME support sending fragments */ + if (sizeof (*cmd) + len > sc->sc_ctrl_len) { + DPRINTF("%s: set %s msg too long: cannot send\n", + DEVNAM(sc), umb_cid2str(cid)); + return; + } + cmd = sc->sc_ctrl_msg; + memset(cmd, 0, sizeof (*cmd)); + cmd->frag.nfrag = htole32(1); + memcpy(cmd->devid, umb_uuid_basic_connect, sizeof (cmd->devid)); + cmd->cid = htole32(cid); + cmd->op = htole32(op); + cmd->infolen = htole32(len); + totlen = sizeof (*cmd); + if (len > 0) { + memcpy(cmd + 1, data, len); + totlen += len; + } + umb_ctrl_msg(sc, MBIM_COMMAND_MSG, cmd, totlen); +} + +void +umb_command_done(struct umb_softc *sc, void *data, int len) +{ + struct mbim_f2h_cmddone *cmd = data; + uint32_t status; + uint32_t cid; + uint32_t infolen; + + if (len < sizeof (*cmd)) { + DPRINTF("%s: discard short %s messsage\n", DEVNAM(sc), + umb_request2str(letoh32(cmd->hdr.type))); + return; + } + cid = letoh32(cmd->cid); + if (memcmp(cmd->devid, umb_uuid_basic_connect, sizeof (cmd->devid))) { + DPRINTF("%s: discard %s messsage for other UUID '%s'\n", + DEVNAM(sc), umb_request2str(letoh32(cmd->hdr.type)), + umb_uuid2str(cmd->devid)); + return; + } + + status = letoh32(cmd->status); + switch (status) { + case MBIM_STATUS_SUCCESS: + break; + case MBIM_STATUS_NOT_INITIALIZED: + log(LOG_ERR, "%s: SIM not initialized (PIN missing)\n", + DEVNAM(sc)); + return; + case MBIM_STATUS_PIN_REQUIRED: + sc->sc_info.pin_state = UMB_PIN_REQUIRED; + /*FALLTHROUGH*/ + default: + log(LOG_ERR, "%s: set/qry %s failed: %s\n", DEVNAM(sc), + umb_cid2str(cid), umb_status2str(status)); + return; + } + + infolen = letoh32(cmd->infolen); + if (len < sizeof (*cmd) + infolen) { + DPRINTF("%s: discard truncated %s messsage (want %d, got %d)\n", + DEVNAM(sc), umb_cid2str(cid), + (int)sizeof (*cmd) + infolen, len); + return; + } + DPRINTFN(2, "%s: set/qry %s done\n", DEVNAM(sc), umb_cid2str(cid)); + umb_decode_cid(sc, cid, cmd->info, infolen); +} + +void +umb_decode_cid(struct umb_softc *sc, uint32_t cid, void *data, int len) +{ + int ok = 1; + + switch (cid) { + case MBIM_CID_DEVICE_CAPS: + ok = umb_decode_devices_caps(sc, data, len); + break; + case MBIM_CID_SUBSCRIBER_READY_STATUS: + ok = umb_decode_subscriber_status(sc, data, len); + break; + case MBIM_CID_RADIO_STATE: + ok = umb_decode_radio_state(sc, data, len); + break; + case MBIM_CID_PIN: + ok = umb_decode_pin(sc, data, len); + break; + case MBIM_CID_REGISTER_STATE: + ok = umb_decode_register_state(sc, data, len); + break; + case MBIM_CID_PACKET_SERVICE: + ok = umb_decode_packet_service(sc, data, len); + break; + case MBIM_CID_SIGNAL_STATE: + ok = umb_decode_signal_state(sc, data, len); + break; + case MBIM_CID_CONNECT: + ok = umb_decode_connect_info(sc, data, len); + break; + case MBIM_CID_IP_CONFIGURATION: + ok = umb_decode_ip_configuration(sc, data, len); + break; + default: + /* + * Note: the above list is incomplete and only contains + * mandatory CIDs from the BASIC_CONNECT set. + * So alternate values are not unusual. + */ + DPRINTFN(4, "%s: ignore %s\n", DEVNAM(sc), umb_cid2str(cid)); + break; + } + if (!ok) + DPRINTF("%s: discard %s with bad info length %d\n", + DEVNAM(sc), umb_cid2str(cid), len); + return; +} + +void +umb_intr(struct usbd_xfer *xfer, void *priv, usbd_status status) +{ + struct umb_softc *sc = priv; + int total_len; + + if (status != USBD_NORMAL_COMPLETION) { + DPRINTF("%s: notification error: %s\n", DEVNAM(sc), + usbd_errstr(status)); + if (status == USBD_STALLED) + usbd_clear_endpoint_stall_async(sc->sc_ctrl_pipe); + return; + } + usbd_get_xfer_status(xfer, NULL, NULL, &total_len, NULL); + if (total_len < UCDC_NOTIFICATION_LENGTH) { + DPRINTF("%s: short notification (%d<%d)\n", DEVNAM(sc), + total_len, UCDC_NOTIFICATION_LENGTH); + return; + } + if (sc->sc_intr_msg.bmRequestType != UCDC_NOTIFICATION) { + DPRINTF("%s: unexpected notification (type=0x%02x)\n", + DEVNAM(sc), sc->sc_intr_msg.bmRequestType); + return; + } + + switch (sc->sc_intr_msg.bNotification) { + case UCDC_N_NETWORK_CONNECTION: + log(LOG_DEBUG, "%s: network %sconnected\n", DEVNAM(sc), + UGETW(sc->sc_intr_msg.wValue) ? "" : "dis"); + break; + case UCDC_N_RESPONSE_AVAILABLE: + DPRINTFN(2, "%s: umb_intr: response available\n", DEVNAM(sc)); + ++sc->sc_nresp; + usb_add_task(sc->sc_udev, &sc->sc_get_response_task); + break; + case UCDC_N_CONNECTION_SPEED_CHANGE: + DPRINTFN(2, "%s: umb_intr: connection speed changed\n", + DEVNAM(sc)); + break; + default: + DPRINTF("%s: unexpected notifiation (0x%02x)\n", + DEVNAM(sc), sc->sc_intr_msg.bNotification); + break; + } +} + +/* + * Diagnostic routines + */ +char * +umb_ntop(struct sockaddr *sa) +{ +#define NUMBUFS 4 + static char astr[NUMBUFS][INET_ADDRSTRLEN]; + static unsigned nbuf = 0; + char *s; + + s = astr[nbuf++]; + if (nbuf >= NUMBUFS) + nbuf = 0; + + switch (sa->sa_family) { + case AF_INET: + default: + inet_ntop(AF_INET, &satosin(sa)->sin_addr, s, sizeof (astr[0])); + break; + case AF_INET6: + inet_ntop(AF_INET6, &satosin6(sa)->sin6_addr, s, + sizeof (astr[0])); + break; + } + return s; +} + +#ifdef UMB_DEBUG +char * +umb_uuid2str(uint8_t uuid[MBIM_UUID_LEN]) +{ + static char uuidstr[2 * MBIM_UUID_LEN + 5]; + +#define UUID_BFMT "%02X" +#define UUID_SEP "-" + snprintf(uuidstr, sizeof (uuidstr), + UUID_BFMT UUID_BFMT UUID_BFMT UUID_BFMT UUID_SEP + UUID_BFMT UUID_BFMT UUID_SEP + UUID_BFMT UUID_BFMT UUID_SEP + UUID_BFMT UUID_BFMT UUID_SEP + UUID_BFMT UUID_BFMT UUID_BFMT UUID_BFMT UUID_BFMT UUID_BFMT, + uuid[0], uuid[1], uuid[2], uuid[3], uuid[4], uuid[5], + uuid[6], uuid[7], uuid[8], uuid[9], uuid[10], uuid[11], + uuid[12], uuid[13], uuid[14], uuid[15]); + return uuidstr; +} + +void +umb_dump(void *buf, int len) +{ + int i = 0; + uint8_t *c = buf; + + if (len == 0) + return; + while (i < len) { + if ((i % 16) == 0) { + if (i > 0) + addlog("\n"); + log(LOG_DEBUG, "%4d: ", i); + } + addlog(" %02x", *c); + c++; + i++; + } + addlog("\n"); +} +#endif /* UMB_DEBUG */ Index: sys/dev/usb/if_umb.h =================================================================== RCS file: sys/dev/usb/if_umb.h diff -N sys/dev/usb/if_umb.h --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/dev/usb/if_umb.h 8 Jun 2016 12:52:59 -0000 @@ -0,0 +1,372 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2016 genua mbH + * All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Mobile Broadband Interface Model + * http://www.usb.org/developers/docs/devclass_docs/MBIM-Compliance-1.0.pdf + */ + +struct umb_valdescr { + int val; + char *descr; +}; + +static const char * +umb_val2descr(const struct umb_valdescr *vdp, int val) +{ + static char sval[32]; + + while (vdp->descr != NULL) { + if (vdp->val == val) + return vdp->descr; + vdp++; + } + snprintf(sval, sizeof (sval), "#%d", val); + return sval; +} + +#define MBIM_REGSTATE_DESCRIPTIONS { \ + { MBIM_REGSTATE_UNKNOWN, "unknown" }, \ + { MBIM_REGSTATE_DEREGISTERED, "not registered" }, \ + { MBIM_REGSTATE_SEARCHING, "searching" }, \ + { MBIM_REGSTATE_HOME, "home network" }, \ + { MBIM_REGSTATE_ROAMING, "roaming network" }, \ + { MBIM_REGSTATE_PARTNER, "partner network" }, \ + { MBIM_REGSTATE_DENIED, "access denied" }, \ + { 0, NULL } } + +#define MBIM_DATACLASS_DESCRIPTIONS { \ + { MBIM_DATACLASS_NONE, "none" }, \ + { MBIM_DATACLASS_GPRS, "GPRS" }, \ + { MBIM_DATACLASS_EDGE, "EDGE" }, \ + { MBIM_DATACLASS_UMTS, "UMTS" }, \ + { MBIM_DATACLASS_HSDPA, "HSDPA" }, \ + { MBIM_DATACLASS_HSUPA, "HSUPA" }, \ + { MBIM_DATACLASS_HSDPA|MBIM_DATACLASS_HSUPA, "HSPA" }, \ + { MBIM_DATACLASS_LTE, "LTE" }, \ + { MBIM_DATACLASS_1XRTT, "CDMA2000" }, \ + { MBIM_DATACLASS_1XEVDO, "CDMA2000" }, \ + { MBIM_DATACLASS_1XEVDO_REV_A, "CDMA2000" }, \ + { MBIM_DATACLASS_1XEVDV, "CDMA2000" }, \ + { MBIM_DATACLASS_3XRTT, "CDMA2000" }, \ + { MBIM_DATACLASS_1XEVDO_REV_B, "CDMA2000" }, \ + { MBIM_DATACLASS_UMB, "CDMA2000" }, \ + { MBIM_DATACLASS_CUSTOM, "custom" }, \ + { 0, NULL } } + +#define MBIM_1TO1_DESCRIPTION(m) { (m), #m } +#define MBIM_MESSAGES_DESCRIPTIONS { \ + MBIM_1TO1_DESCRIPTION(MBIM_OPEN_MSG), \ + MBIM_1TO1_DESCRIPTION(MBIM_CLOSE_MSG), \ + MBIM_1TO1_DESCRIPTION(MBIM_COMMAND_MSG), \ + MBIM_1TO1_DESCRIPTION(MBIM_HOST_ERROR_MSG), \ + MBIM_1TO1_DESCRIPTION(MBIM_OPEN_DONE), \ + MBIM_1TO1_DESCRIPTION(MBIM_CLOSE_DONE), \ + MBIM_1TO1_DESCRIPTION(MBIM_COMMAND_DONE), \ + MBIM_1TO1_DESCRIPTION(MBIM_FUNCTION_ERROR_MSG), \ + MBIM_1TO1_DESCRIPTION(MBIM_INDICATE_STATUS_MSG), \ + { 0, NULL } } + +#define MBIM_STATUS_DESCRIPTION(m) { MBIM_STATUS_ ## m, #m } +#define MBIM_STATUS_DESCRIPTIONS { \ + MBIM_STATUS_DESCRIPTION(SUCCESS), \ + MBIM_STATUS_DESCRIPTION(BUSY), \ + MBIM_STATUS_DESCRIPTION(FAILURE), \ + MBIM_STATUS_DESCRIPTION(SIM_NOT_INSERTED), \ + MBIM_STATUS_DESCRIPTION(BAD_SIM), \ + MBIM_STATUS_DESCRIPTION(PIN_REQUIRED), \ + MBIM_STATUS_DESCRIPTION(PIN_DISABLED), \ + MBIM_STATUS_DESCRIPTION(NOT_REGISTERED), \ + MBIM_STATUS_DESCRIPTION(PROVIDERS_NOT_FOUND), \ + MBIM_STATUS_DESCRIPTION(NO_DEVICE_SUPPORT), \ + MBIM_STATUS_DESCRIPTION(PROVIDER_NOT_VISIBLE), \ + MBIM_STATUS_DESCRIPTION(DATA_CLASS_NOT_AVAILABLE), \ + MBIM_STATUS_DESCRIPTION(PACKET_SERVICE_DETACHED), \ + MBIM_STATUS_DESCRIPTION(MAX_ACTIVATED_CONTEXTS), \ + MBIM_STATUS_DESCRIPTION(NOT_INITIALIZED), \ + MBIM_STATUS_DESCRIPTION(VOICE_CALL_IN_PROGRESS), \ + MBIM_STATUS_DESCRIPTION(CONTEXT_NOT_ACTIVATED), \ + MBIM_STATUS_DESCRIPTION(SERVICE_NOT_ACTIVATED), \ + MBIM_STATUS_DESCRIPTION(INVALID_ACCESS_STRING), \ + MBIM_STATUS_DESCRIPTION(INVALID_USER_NAME_PWD), \ + MBIM_STATUS_DESCRIPTION(RADIO_POWER_OFF), \ + MBIM_STATUS_DESCRIPTION(INVALID_PARAMETERS), \ + MBIM_STATUS_DESCRIPTION(READ_FAILURE), \ + MBIM_STATUS_DESCRIPTION(WRITE_FAILURE), \ + MBIM_STATUS_DESCRIPTION(NO_PHONEBOOK), \ + MBIM_STATUS_DESCRIPTION(PARAMETER_TOO_LONG), \ + MBIM_STATUS_DESCRIPTION(STK_BUSY), \ + MBIM_STATUS_DESCRIPTION(OPERATION_NOT_ALLOWED), \ + MBIM_STATUS_DESCRIPTION(MEMORY_FAILURE), \ + MBIM_STATUS_DESCRIPTION(INVALID_MEMORY_INDEX), \ + MBIM_STATUS_DESCRIPTION(MEMORY_FULL), \ + MBIM_STATUS_DESCRIPTION(FILTER_NOT_SUPPORTED), \ + MBIM_STATUS_DESCRIPTION(DSS_INSTANCE_LIMIT), \ + MBIM_STATUS_DESCRIPTION(INVALID_DEVICE_SERVICE_OPERATION), \ + MBIM_STATUS_DESCRIPTION(AUTH_INCORRECT_AUTN), \ + MBIM_STATUS_DESCRIPTION(AUTH_SYNC_FAILURE), \ + MBIM_STATUS_DESCRIPTION(AUTH_AMF_NOT_SET), \ + MBIM_STATUS_DESCRIPTION(CONTEXT_NOT_SUPPORTED), \ + MBIM_STATUS_DESCRIPTION(SMS_UNKNOWN_SMSC_ADDRESS), \ + MBIM_STATUS_DESCRIPTION(SMS_NETWORK_TIMEOUT), \ + MBIM_STATUS_DESCRIPTION(SMS_LANG_NOT_SUPPORTED), \ + MBIM_STATUS_DESCRIPTION(SMS_ENCODING_NOT_SUPPORTED), \ + MBIM_STATUS_DESCRIPTION(SMS_FORMAT_NOT_SUPPORTED), \ + { 0, NULL } } + +#define MBIM_ERROR_DESCRIPTION(m) { MBIM_ERROR_ ## m, #m } +#define MBIM_ERROR_DESCRIPTIONS { \ + MBIM_ERROR_DESCRIPTION(TIMEOUT_FRAGMENT), \ + MBIM_ERROR_DESCRIPTION(FRAGMENT_OUT_OF_SEQUENCE), \ + MBIM_ERROR_DESCRIPTION(LENGTH_MISMATCH), \ + MBIM_ERROR_DESCRIPTION(DUPLICATED_TID), \ + MBIM_ERROR_DESCRIPTION(NOT_OPENED), \ + MBIM_ERROR_DESCRIPTION(UNKNOWN), \ + MBIM_ERROR_DESCRIPTION(CANCEL), \ + MBIM_ERROR_DESCRIPTION(MAX_TRANSFER), \ + { 0, NULL } } + +#define MBIM_CID_DESCRIPTIONS { \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_DEVICE_CAPS), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_SUBSCRIBER_READY_STATUS), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_RADIO_STATE), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_PIN), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_PIN_LIST), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_HOME_PROVIDER), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_PREFERRED_PROVIDERS), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_VISIBLE_PROVIDERS), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_REGISTER_STATE), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_PACKET_SERVICE), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_SIGNAL_STATE), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_CONNECT), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_PROVISIONED_CONTEXTS), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_SERVICE_ACTIVATION), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_IP_CONFIGURATION), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_DEVICE_SERVICES), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_DEVICE_SERVICE_SUBSCRIBE_LIST), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_PACKET_STATISTICS), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_NETWORK_IDLE_HINT), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_EMERGENCY_MODE), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_IP_PACKET_FILTERS), \ + MBIM_1TO1_DESCRIPTION(MBIM_CID_MULTICARRIER_PROVIDERS), \ + { 0, NULL } } + +#define MBIM_SIMSTATE_DESCRIPTIONS { \ + { MBIM_SIMSTATE_NOTINITIALIZED, "not initialized" }, \ + { MBIM_SIMSTATE_INITIALIZED, "initialized" }, \ + { MBIM_SIMSTATE_NOTINSERTED, "not inserted" }, \ + { MBIM_SIMSTATE_BADSIM, "bad type" }, \ + { MBIM_SIMSTATE_FAILURE, "failed" }, \ + { MBIM_SIMSTATE_NOTACTIVATED, "not activated" }, \ + { MBIM_SIMSTATE_LOCKED, "locked" }, \ + { 0, NULL } } + +#define MBIM_PINTYPE_DESCRIPTIONS { \ + { MBIM_PIN_TYPE_NONE, "none" }, \ + { MBIM_PIN_TYPE_CUSTOM, "custom" }, \ + { MBIM_PIN_TYPE_PIN1, "PIN1" }, \ + { MBIM_PIN_TYPE_PIN2, "PIN2" }, \ + { MBIM_PIN_TYPE_DEV_SIM_PIN, "device PIN" }, \ + { MBIM_PIN_TYPE_DEV_FIRST_SIM_PIN, "device 1st PIN" }, \ + { MBIM_PIN_TYPE_NETWORK_PIN, "network PIN" }, \ + { MBIM_PIN_TYPE_NETWORK_SUBSET_PIN, "network subset PIN" }, \ + { MBIM_PIN_TYPE_SERVICE_PROVIDER_PIN, "provider PIN" }, \ + { MBIM_PIN_TYPE_CORPORATE_PIN, "corporate PIN" }, \ + { MBIM_PIN_TYPE_SUBSIDY_LOCK, "subsidy lock" }, \ + { MBIM_PIN_TYPE_PUK1, "PUK" }, \ + { MBIM_PIN_TYPE_PUK2, "PUK2" }, \ + { MBIM_PIN_TYPE_DEV_FIRST_SIM_PUK, "device 1st PUK" }, \ + { MBIM_PIN_TYPE_NETWORK_PUK, "network PUK" }, \ + { MBIM_PIN_TYPE_NETWORK_SUBSET_PUK, "network subset PUK" }, \ + { MBIM_PIN_TYPE_SERVICE_PROVIDER_PUK, "provider PUK" }, \ + { MBIM_PIN_TYPE_CORPORATE_PUK, "corporate PUK" }, \ + { 0, NULL } } + +#define MBIM_PKTSRV_STATE_DESCRIPTIONS { \ + { MBIM_PKTSERVICE_STATE_UNKNOWN, "unknown" }, \ + { MBIM_PKTSERVICE_STATE_ATTACHING, "attaching" }, \ + { MBIM_PKTSERVICE_STATE_ATTACHED, "attached" }, \ + { MBIM_PKTSERVICE_STATE_DETACHING, "detaching" }, \ + { MBIM_PKTSERVICE_STATE_DETACHED, "detached" }, \ + { 0, NULL } } + +#define MBIM_ACTIVATION_STATE_DESCRIPTIONS { \ + { MBIM_ACTIVATION_STATE_UNKNOWN, "unknown" }, \ + { MBIM_ACTIVATION_STATE_ACTIVATED, "activated" }, \ + { MBIM_ACTIVATION_STATE_ACTIVATING, "activating" }, \ + { MBIM_ACTIVATION_STATE_DEACTIVATED, "deactivated" }, \ + { MBIM_ACTIVATION_STATE_DEACTIVATING, "deactivating" }, \ + { 0, NULL } } + +/* + * Driver internal state + */ +enum umb_state { + UMB_S_DOWN = 0, /* interface down */ + UMB_S_OPEN, /* MBIM device has been opened */ + UMB_S_RADIO, /* radio is on */ + UMB_S_SIMREADY, /* SIM is ready */ + UMB_S_ATTACHED, /* packet service is attached */ + UMB_S_CONNECTED, /* connected to provider */ + UMB_S_UP, /* have IP configuration */ +}; + +#define UMB_INTERNAL_STATE_DESCRIPTIONS { \ + { UMB_S_DOWN, "down" }, \ + { UMB_S_OPEN, "open" }, \ + { UMB_S_RADIO, "radio on" }, \ + { UMB_S_SIMREADY, "SIM is ready" }, \ + { UMB_S_ATTACHED, "attached" }, \ + { UMB_S_CONNECTED, "connected" }, \ + { UMB_S_UP, "up" }, \ + { 0, NULL } } + +/* + * UMB parameters (SIOC[GS]UMBPARAM ioctls) + */ +struct umb_parameter { + int op; + int is_puk; + char pin[MBIM_PIN_MAXLEN]; + int pinlen; + + char newpin[MBIM_PIN_MAXLEN]; + int newpinlen; + +#define UMB_APN_MAXLEN 100 + uint16_t apn[UMB_APN_MAXLEN]; + int apnlen; + + int roaming; + uint32_t preferredclasses; +}; + +/* + * UMB device status info (SIOCGUMBINFO ioctl) + */ +struct umb_info { + enum umb_state state; + int enable_roaming; +#define UMB_PIN_REQUIRED 0 +#define UMB_PIN_UNLOCKED 1 +#define UMB_PUK_REQUIRED 2 + int pin_state; + int pin_attempts_left; + int activation; + int sim_state; + int regstate; + int regmode; + int nwerror; + int packetstate; + uint32_t supportedclasses; /* what the hw supports */ + uint32_t preferredclasses; /* what the user prefers */ + uint32_t highestclass; /* what the network offers */ + uint32_t cellclass; +#define UMB_PROVIDERNAME_MAXLEN 20 + uint16_t provider[UMB_PROVIDERNAME_MAXLEN]; +#define UMB_PHONENR_MAXLEN 22 + uint16_t pn[UMB_PHONENR_MAXLEN]; +#define UMB_SUBSCRIBERID_MAXLEN 15 + uint16_t sid[UMB_SUBSCRIBERID_MAXLEN]; +#define UMB_ICCID_MAXLEN 20 + uint16_t iccid[UMB_ICCID_MAXLEN]; +#define UMB_ROAMINGTEXT_MAXLEN 63 + uint16_t roamingtxt[UMB_ROAMINGTEXT_MAXLEN]; + +#define UMB_DEVID_MAXLEN 18 + uint16_t devid[UMB_DEVID_MAXLEN]; +#define UMB_FWINFO_MAXLEN 30 + uint16_t fwinfo[UMB_FWINFO_MAXLEN]; +#define UMB_HWINFO_MAXLEN 30 + uint16_t hwinfo[UMB_HWINFO_MAXLEN]; + + uint16_t apn[UMB_APN_MAXLEN]; + int apnlen; + +#define UMB_VALUE_UNKNOWN -999 + int rssi; +#define UMB_BER_EXCELLENT 0 +#define UMB_BER_VERYGOOD 1 +#define UMB_BER_GOOD 2 +#define UMB_BER_OK 3 +#define UMB_BER_MEDIUM 4 +#define UMB_BER_BAD 5 +#define UMB_BER_VERYBAD 6 +#define UMB_BER_EXTREMELYBAD 7 + int ber; + + int hw_radio_on; + int sw_radio_on; + + uint64_t uplink_speed; + uint64_t downlink_speed; + +#define UMB_MAX_DNSSRV 2 + u_int32_t ipv4dns[UMB_MAX_DNSSRV]; +}; + +#ifdef _KERNEL +/* + * UMB device + */ +struct umb_softc { + struct device sc_dev; + struct ifnet sc_if; +#define GET_IFP(sc) (&(sc)->sc_if) + struct usbd_device *sc_udev; + + int sc_ver_maj; + int sc_ver_min; + int sc_ctrl_len; + int sc_maxpktlen; + int sc_maxsessions; + + struct usb_task sc_umb_task; + struct usb_task sc_get_response_task; + int sc_nresp; + struct timeout sc_statechg_timer; + + uint8_t sc_ctrl_ifaceno; + struct usbd_pipe *sc_ctrl_pipe; + struct usb_cdc_notification sc_intr_msg; + struct usbd_interface *sc_data_iface; + + void *sc_resp_buf; + void *sc_ctrl_msg; + + int sc_rx_ep; + struct usbd_xfer *sc_rx_xfer; + void *sc_rx_buf; + struct usbd_pipe *sc_rx_pipe; + unsigned sc_rx_nerr; + + int sc_tx_ep; + struct usbd_xfer *sc_tx_xfer; + void *sc_tx_buf; + struct usbd_pipe *sc_tx_pipe; + struct mbuf *sc_tx_m; + uint32_t sc_tx_seq; + + uint32_t sc_tid; + +#define sc_state sc_info.state +#define sc_roaming sc_info.enable_roaming + struct umb_info sc_info; +}; +#endif /* _KERNEL */ Index: sys/dev/usb/mbim.h =================================================================== RCS file: sys/dev/usb/mbim.h diff -N sys/dev/usb/mbim.h --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/dev/usb/mbim.h 8 Jun 2016 12:52:59 -0000 @@ -0,0 +1,670 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2016 genua mbH + * All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Mobile Broadband Interface Model + * http://www.usb.org/developers/docs/devclass_docs/MBIM-Compliance-1.0.pdf + */ +#ifndef _MBIM_H_ +#define _MBIM_H_ + +#define UDESCSUB_MBIM 27 +#define MBIM_INTERFACE_ALTSETTING 1 + +#define MBIM_RESET_FUNCTION 0x05 + +/* + * Registration state (MBIM_REGISTER_STATE) + */ +#define MBIM_REGSTATE_UNKNOWN 0 +#define MBIM_REGSTATE_DEREGISTERED 1 +#define MBIM_REGSTATE_SEARCHING 2 +#define MBIM_REGSTATE_HOME 3 +#define MBIM_REGSTATE_ROAMING 4 +#define MBIM_REGSTATE_PARTNER 5 +#define MBIM_REGSTATE_DENIED 6 + +/* + * Data classes mask (MBIM_DATA_CLASS) + */ +#define MBIM_DATACLASS_NONE 0x00000000 +#define MBIM_DATACLASS_GPRS 0x00000001 +#define MBIM_DATACLASS_EDGE 0x00000002 +#define MBIM_DATACLASS_UMTS 0x00000004 +#define MBIM_DATACLASS_HSDPA 0x00000008 +#define MBIM_DATACLASS_HSUPA 0x00000010 +#define MBIM_DATACLASS_LTE 0x00000020 +#define MBIM_DATACLASS_1XRTT 0x00010000 +#define MBIM_DATACLASS_1XEVDO 0x00020000 +#define MBIM_DATACLASS_1XEVDO_REV_A 0x00040000 +#define MBIM_DATACLASS_1XEVDV 0x00080000 +#define MBIM_DATACLASS_3XRTT 0x00100000 +#define MBIM_DATACLASS_1XEVDO_REV_B 0x00200000 +#define MBIM_DATACLASS_UMB 0x00400000 +#define MBIM_DATACLASS_CUSTOM 0x80000000 + +/* + * Cell classes mask (MBIM_CELLULAR_CLASS) + */ +#define MBIM_CELLCLASS_GSM 0x00000001 +#define MBIM_CELLCLASS_CDMA 0x00000002 + +/* + * UUIDs + */ +#define MBIM_UUID_LEN 16 + +#define MBIM_UUID_BASIC_CONNECT { \ + 0xa2, 0x89, 0xcc, 0x33, 0xbc, 0xbb, 0x8b, 0x4f, \ + 0xb6, 0xb0, 0x13, 0x3e, 0xc2, 0xaa, 0xe6, 0xdf \ + } + +#define MBIM_UUID_CONTEXT_INTERNET { \ + 0x7e, 0x5e, 0x2a, 0x7e, 0x4e, 0x6f, 0x72, 0x72, \ + 0x73, 0x6b, 0x65, 0x6e, 0x7e, 0x5e, 0x2a, 0x7e \ + } + +#define MBIM_UUID_CONTEXT_VPN { \ + 0x9b, 0x9f, 0x7b, 0xbe, 0x89, 0x52, 0x44, 0xb7, \ + 0x83, 0xac, 0xca, 0x41, 0x31, 0x8d, 0xf7, 0xa0 \ + } + +#define MBIM_CTRLMSG_MINLEN 64 +#define MBIM_CTRLMSG_MAXLEN (4 * 1204) + +#define MBIM_MAXSEGSZ_MINVAL (2 * 1024) + +/* + * Control messages (host to function) + */ +#define MBIM_OPEN_MSG 1U +#define MBIM_CLOSE_MSG 2U +#define MBIM_COMMAND_MSG 3U +#define MBIM_HOST_ERROR_MSG 4U + +/* + * Control messages (function to host) + */ +#define MBIM_OPEN_DONE 0x80000001U +#define MBIM_CLOSE_DONE 0x80000002U +#define MBIM_COMMAND_DONE 0x80000003U +#define MBIM_FUNCTION_ERROR_MSG 0x80000004U +#define MBIM_INDICATE_STATUS_MSG 0x80000007U + +/* + * Generic status codes + */ +#define MBIM_STATUS_SUCCESS 0 +#define MBIM_STATUS_BUSY 1 +#define MBIM_STATUS_FAILURE 2 +#define MBIM_STATUS_SIM_NOT_INSERTED 3 +#define MBIM_STATUS_BAD_SIM 4 +#define MBIM_STATUS_PIN_REQUIRED 5 +#define MBIM_STATUS_PIN_DISABLED 6 +#define MBIM_STATUS_NOT_REGISTERED 7 +#define MBIM_STATUS_PROVIDERS_NOT_FOUND 8 +#define MBIM_STATUS_NO_DEVICE_SUPPORT 9 +#define MBIM_STATUS_PROVIDER_NOT_VISIBLE 10 +#define MBIM_STATUS_DATA_CLASS_NOT_AVAILABLE 11 +#define MBIM_STATUS_PACKET_SERVICE_DETACHED 12 +#define MBIM_STATUS_MAX_ACTIVATED_CONTEXTS 13 +#define MBIM_STATUS_NOT_INITIALIZED 14 +#define MBIM_STATUS_VOICE_CALL_IN_PROGRESS 15 +#define MBIM_STATUS_CONTEXT_NOT_ACTIVATED 16 +#define MBIM_STATUS_SERVICE_NOT_ACTIVATED 17 +#define MBIM_STATUS_INVALID_ACCESS_STRING 18 +#define MBIM_STATUS_INVALID_USER_NAME_PWD 19 +#define MBIM_STATUS_RADIO_POWER_OFF 20 +#define MBIM_STATUS_INVALID_PARAMETERS 21 +#define MBIM_STATUS_READ_FAILURE 22 +#define MBIM_STATUS_WRITE_FAILURE 23 +#define MBIM_STATUS_NO_PHONEBOOK 25 +#define MBIM_STATUS_PARAMETER_TOO_LONG 26 +#define MBIM_STATUS_STK_BUSY 27 +#define MBIM_STATUS_OPERATION_NOT_ALLOWED 28 +#define MBIM_STATUS_MEMORY_FAILURE 29 +#define MBIM_STATUS_INVALID_MEMORY_INDEX 30 +#define MBIM_STATUS_MEMORY_FULL 31 +#define MBIM_STATUS_FILTER_NOT_SUPPORTED 32 +#define MBIM_STATUS_DSS_INSTANCE_LIMIT 33 +#define MBIM_STATUS_INVALID_DEVICE_SERVICE_OPERATION 34 +#define MBIM_STATUS_AUTH_INCORRECT_AUTN 35 +#define MBIM_STATUS_AUTH_SYNC_FAILURE 36 +#define MBIM_STATUS_AUTH_AMF_NOT_SET 37 +#define MBIM_STATUS_CONTEXT_NOT_SUPPORTED 38 +#define MBIM_STATUS_SMS_UNKNOWN_SMSC_ADDRESS 100 +#define MBIM_STATUS_SMS_NETWORK_TIMEOUT 101 +#define MBIM_STATUS_SMS_LANG_NOT_SUPPORTED 102 +#define MBIM_STATUS_SMS_ENCODING_NOT_SUPPORTED 103 +#define MBIM_STATUS_SMS_FORMAT_NOT_SUPPORTED 104 + +/* + * Message formats + */ +struct mbim_msghdr { + /* Msg header */ + uint32_t type; /* message type */ + uint32_t len; /* message length */ + uint32_t tid; /* transaction id */ +} __packed; + +struct mbim_fraghdr { + uint32_t nfrag; /* total # of fragments */ + uint32_t currfrag; /* current fragment */ +} __packed; + +struct mbim_fragmented_msg_hdr { + struct mbim_msghdr hdr; + struct mbim_fraghdr frag; +} __packed; + +struct mbim_h2f_openmsg { + struct mbim_msghdr hdr; + uint32_t maxlen; +} __packed; + +struct mbim_h2f_closemsg { + struct mbim_msghdr hdr; +} __packed; + +struct mbim_h2f_cmd { + struct mbim_msghdr hdr; + struct mbim_fraghdr frag; + uint8_t devid[MBIM_UUID_LEN]; + uint32_t cid; /* command id */ +#define MBIM_CMDOP_QRY 0 +#define MBIM_CMDOP_SET 1 + uint32_t op; + uint32_t infolen; + uint8_t info[]; +} __packed; + +struct mbim_f2h_indicate_status { + struct mbim_msghdr hdr; + struct mbim_fraghdr frag; + uint8_t devid[MBIM_UUID_LEN]; + uint32_t cid; /* command id */ + uint32_t infolen; + uint8_t info[]; +} __packed; + +struct mbim_f2h_hosterr { + struct mbim_msghdr hdr; + +#define MBIM_ERROR_TIMEOUT_FRAGMENT 1 +#define MBIM_ERROR_FRAGMENT_OUT_OF_SEQUENCE 2 +#define MBIM_ERROR_LENGTH_MISMATCH 3 +#define MBIM_ERROR_DUPLICATED_TID 4 +#define MBIM_ERROR_NOT_OPENED 5 +#define MBIM_ERROR_UNKNOWN 6 +#define MBIM_ERROR_CANCEL 7 +#define MBIM_ERROR_MAX_TRANSFER 8 + uint32_t err; +} __packed; + +struct mbim_f2h_openclosedone { + struct mbim_msghdr hdr; + int32_t status; +} __packed; + +struct mbim_f2h_cmddone { + struct mbim_msghdr hdr; + struct mbim_fraghdr frag; + uint8_t devid[MBIM_UUID_LEN]; + uint32_t cid; /* command id */ + int32_t status; + uint32_t infolen; + uint8_t info[]; +} __packed; + +/* + * Messages and commands for MBIM_UUID_BASIC_CONNECT + */ +#define MBIM_CID_DEVICE_CAPS 1 +#define MBIM_CID_SUBSCRIBER_READY_STATUS 2 +#define MBIM_CID_RADIO_STATE 3 +#define MBIM_CID_PIN 4 +#define MBIM_CID_PIN_LIST 5 +#define MBIM_CID_HOME_PROVIDER 6 +#define MBIM_CID_PREFERRED_PROVIDERS 7 +#define MBIM_CID_VISIBLE_PROVIDERS 8 +#define MBIM_CID_REGISTER_STATE 9 +#define MBIM_CID_PACKET_SERVICE 10 +#define MBIM_CID_SIGNAL_STATE 11 +#define MBIM_CID_CONNECT 12 +#define MBIM_CID_PROVISIONED_CONTEXTS 13 +#define MBIM_CID_SERVICE_ACTIVATION 14 +#define MBIM_CID_IP_CONFIGURATION 15 +#define MBIM_CID_DEVICE_SERVICES 16 +#define MBIM_CID_DEVICE_SERVICE_SUBSCRIBE_LIST 19 +#define MBIM_CID_PACKET_STATISTICS 20 +#define MBIM_CID_NETWORK_IDLE_HINT 21 +#define MBIM_CID_EMERGENCY_MODE 22 +#define MBIM_CID_IP_PACKET_FILTERS 23 +#define MBIM_CID_MULTICARRIER_PROVIDERS 24 + +struct mbim_cid_subscriber_ready_info { +#define MBIM_SIMSTATE_NOTINITIALIZED 0 +#define MBIM_SIMSTATE_INITIALIZED 1 +#define MBIM_SIMSTATE_NOTINSERTED 2 +#define MBIM_SIMSTATE_BADSIM 3 +#define MBIM_SIMSTATE_FAILURE 4 +#define MBIM_SIMSTATE_NOTACTIVATED 5 +#define MBIM_SIMSTATE_LOCKED 6 + uint32_t ready; + + uint32_t sid_offs; + uint32_t sid_size; + + uint32_t icc_offs; + uint32_t icc_size; + +#define MBIM_SIMUNIQEID_NONE 0 +#define MBIM_SIMUNIQEID_PROTECT 1 + uint32_t info; + + uint32_t no_pn; + struct { + uint32_t offs; + uint32_t size; + } + pn[]; +} __packed; + +struct mbim_cid_radio_state { +#define MBIM_RADIO_STATE_OFF 0 +#define MBIM_RADIO_STATE_ON 1 + uint32_t state; +} __packed; + +struct mbim_cid_radio_state_info { + uint32_t hw_state; + uint32_t sw_state; +} __packed; + +struct mbim_cid_pin { +#define MBIM_PIN_TYPE_NONE 0 +#define MBIM_PIN_TYPE_CUSTOM 1 +#define MBIM_PIN_TYPE_PIN1 2 +#define MBIM_PIN_TYPE_PIN2 3 +#define MBIM_PIN_TYPE_DEV_SIM_PIN 4 +#define MBIM_PIN_TYPE_DEV_FIRST_SIM_PIN 5 +#define MBIM_PIN_TYPE_NETWORK_PIN 6 +#define MBIM_PIN_TYPE_NETWORK_SUBSET_PIN 7 +#define MBIM_PIN_TYPE_SERVICE_PROVIDER_PIN 8 +#define MBIM_PIN_TYPE_CORPORATE_PIN 9 +#define MBIM_PIN_TYPE_SUBSIDY_LOCK 10 +#define MBIM_PIN_TYPE_PUK1 11 +#define MBIM_PIN_TYPE_PUK2 12 +#define MBIM_PIN_TYPE_DEV_FIRST_SIM_PUK 13 +#define MBIM_PIN_TYPE_NETWORK_PUK 14 +#define MBIM_PIN_TYPE_NETWORK_SUBSET_PUK 15 +#define MBIM_PIN_TYPE_SERVICE_PROVIDER_PUK 16 +#define MBIM_PIN_TYPE_CORPORATE_PUK 17 + uint32_t type; + +#define MBIM_PIN_OP_ENTER 0 +#define MBIM_PIN_OP_ENABLE 1 +#define MBIM_PIN_OP_DISABLE 2 +#define MBIM_PIN_OP_CHANGE 3 + uint32_t op; + uint32_t pin_offs; + uint32_t pin_size; + uint32_t newpin_offs; + uint32_t newpin_size; +#define MBIM_PIN_MAXLEN 32 + uint8_t data[2 * MBIM_PIN_MAXLEN]; +} __packed; + +struct mbim_cid_pin_info { + uint32_t type; + +#define MBIM_PIN_STATE_UNLOCKED 0 +#define MBIM_PIN_STATE_LOCKED 1 + uint32_t state; + uint32_t remaining_attempts; +} __packed; + +struct mbim_cid_pin_list_info { + struct mbim_pin_desc { + +#define MBIM_PINMODE_NOTSUPPORTED 0 +#define MBIM_PINMODE_ENABLED 1 +#define MBIM_PINMODE_DISABLED 2 + uint32_t mode; + +#define MBIM_PINFORMAT_UNKNOWN 0 +#define MBIM_PINFORMAT_NUMERIC 1 +#define MBIM_PINFORMAT_ALPHANUMERIC 2 + uint32_t format; + + uint32_t minlen; + uint32_t maxlen; + } + pin1, + pin2, + dev_sim_pin, + first_dev_sim_pin, + net_pin, + net_sub_pin, + svp_pin, + corp_pin, + subsidy_lock, + custom; +} __packed; + +struct mbim_cid_device_caps { +#define MBIM_DEVTYPE_UNKNOWN 0 +#define MBIM_DEVTYPE_EMBEDDED 1 +#define MBIM_DEVTYPE_REMOVABLE 2 +#define MBIM_DEVTYPE_REMOTE 3 + uint32_t devtype; + + uint32_t cellclass; /* values: MBIM_CELLULAR_CLASS */ + uint32_t voiceclass; + uint32_t simclass; + uint32_t dataclass; /* values: MBIM_DATA_CLASS */ + uint32_t smscaps; + uint32_t cntrlcaps; + uint32_t max_sessions; + + uint32_t custdataclass_offs; + uint32_t custdataclass_size; + + uint32_t devid_offs; + uint32_t devid_size; + + uint32_t fwinfo_offs; + uint32_t fwinfo_size; + + uint32_t hwinfo_offs; + uint32_t hwinfo_size; + + uint32_t data[]; +} __packed; + +struct mbim_cid_registration_state { + uint32_t provid_offs; + uint32_t provid_size; + +#define MBIM_REGACTION_AUTOMATIC 0 +#define MBIM_REGACTION_MANUAL 1 + uint32_t regaction; + uint32_t data_class; + + uint32_t data[]; +} __packed; + +struct mbim_cid_registration_state_info { + uint32_t nwerror; + + uint32_t regstate; /* values: MBIM_REGISTER_STATE */ + +#define MBIM_REGMODE_UNKNOWN 0 +#define MBIM_REGMODE_AUTOMATIC 1 +#define MBIM_REGMODE_MANUAL 2 + uint32_t regmode; + + uint32_t availclasses; /* values: MBIM_DATA_CLASS */ + uint32_t curcellclass; /* values: MBIM_CELLULAR_CLASS */ + + uint32_t provid_offs; + uint32_t provid_size; + + uint32_t provname_offs; + uint32_t provname_size; + + uint32_t roamingtxt_offs; + uint32_t roamingtxt_size; + +#define MBIM_REGFLAGS_NONE 0 +#define MBIM_REGFLAGS_MANUAL_NOT_AVAILABLE 1 +#define MBIM_REGFLAGS_PACKETSERVICE_AUTOATTACH 2 + uint32_t regflag; + + uint32_t data[]; +} __packed; + +struct mbim_cid_packet_service { +#define MBIM_PKTSERVICE_ACTION_ATTACH 0 +#define MBIM_PKTSERVICE_ACTION_DETACH 1 + uint32_t action; +} __packed; + +struct mbim_cid_packet_service_info { + uint32_t nwerror; + +#define MBIM_PKTSERVICE_STATE_UNKNOWN 0 +#define MBIM_PKTSERVICE_STATE_ATTACHING 1 +#define MBIM_PKTSERVICE_STATE_ATTACHED 2 +#define MBIM_PKTSERVICE_STATE_DETACHING 3 +#define MBIM_PKTSERVICE_STATE_DETACHED 4 + uint32_t state; + + uint32_t highest_dataclass; + uint64_t uplink_speed; + uint64_t downlink_speed; +} __packed; + +struct mbim_cid_signal_state { + uint32_t rssi; + uint32_t err_rate; + uint32_t ss_intvl; + uint32_t rssi_thr; + uint32_t err_thr; +} __packed; + +struct mbim_cid_connect { + uint32_t sessionid; + +#define MBIM_CONNECT_DEACTIVATE 0 +#define MBIM_CONNECT_ACTIVATE 1 + uint32_t command; + +#define MBIM_ACCESS_MAXLEN 200 + uint32_t access_offs; + uint32_t access_size; + +#define MBIM_USER_MAXLEN 510 + uint32_t user_offs; + uint32_t user_size; + +#define MBIM_PASSWD_MAXLEN 510 + uint32_t passwd_offs; + uint32_t passwd_size; + +#define MBIM_COMPRESSION_NONE 0 +#define MBIM_COMPRESSION_ENABLE 1 + uint32_t compression; + +#define MBIM_AUTHPROT_NONE 0 +#define MBIM_AUTHPROT_PAP 1 +#define MBIM_AUTHPROT_CHAP 2 +#define MBIM_AUTHPROT_MSCHAP 3 + uint32_t authprot; + +#define MBIM_CONTEXT_IPTYPE_DEFAULT 0 +#define MBIM_CONTEXT_IPTYPE_IPV4 1 +#define MBIM_CONTEXT_IPTYPE_IPV6 2 +#define MBIM_CONTEXT_IPTYPE_IPV4V6 3 +#define MBIM_CONTEXT_IPTYPE_IPV4ANDV6 4 + uint32_t iptype; + + uint8_t context[MBIM_UUID_LEN]; + + uint8_t data[MBIM_ACCESS_MAXLEN + MBIM_USER_MAXLEN + + MBIM_PASSWD_MAXLEN]; + +} __packed; + +struct mbim_cid_connect_info { + uint32_t sessionid; + +#define MBIM_ACTIVATION_STATE_UNKNOWN 0 +#define MBIM_ACTIVATION_STATE_ACTIVATED 1 +#define MBIM_ACTIVATION_STATE_ACTIVATING 2 +#define MBIM_ACTIVATION_STATE_DEACTIVATED 3 +#define MBIM_ACTIVATION_STATE_DEACTIVATING 4 + uint32_t activation; + + uint32_t voice; + uint32_t iptype; + uint8_t context[MBIM_UUID_LEN]; + uint32_t nwerror; +} __packed; + +struct mbim_cid_ipv4_element { + uint32_t prefixlen; + uint32_t addr; +} __packed; + +struct mbim_cid_ipv6_element { + uint32_t prefixlen; + uint8_t addr[16]; +} __packed; + +struct mbim_cid_ip_configuration_info { + uint32_t sessionid; + +#define MBIM_IPCONF_HAS_ADDRINFO 0x0001 +#define MBIM_IPCONF_HAS_GWINFO 0x0002 +#define MBIM_IPCONF_HAS_DNSINFO 0x0004 +#define MBIM_IPCONF_HAS_MTUINFO 0x0008 + uint32_t ipv4_available; + uint32_t ipv6_available; + + uint32_t ipv4_naddr; + uint32_t ipv4_addroffs; + uint32_t ipv6_naddr; + uint32_t ipv6_addroffs; + + uint32_t ipv4_gwoffs; + uint32_t ipv6_gwoffs; + + uint32_t ipv4_ndnssrv; + uint32_t ipv4_dnssrvoffs; + uint32_t ipv6_ndnssrv; + uint32_t ipv6_dnssrvoffs; + + uint32_t ipv4_mtu; + uint32_t ipv6_mtu; + + uint32_t data[]; +} __packed; + +struct mbim_cid_packet_statistics_info { + uint32_t in_discards; + uint32_t in_errors; + uint64_t in_octets; + uint64_t in_packets; + uint64_t out_octets; + uint64_t out_packets; + uint32_t out_errors; + uint32_t out_discards; +} __packed; + + +#ifdef _KERNEL + +struct mbim_descriptor { + uByte bLength; + uByte bDescriptorType; + uByte bDescriptorSubtype; +#define MBIM_VER_MAJOR(v) (((v) >> 8) & 0x0f) +#define MBIM_VER_MINOR(v) ((v) & 0x0f) + uWord bcdMBIMVersion; + uWord wMaxControlMessage; + uByte bNumberFilters; + uByte bMaxFilterSize; + uWord wMaxSegmentSize; + uByte bmNetworkCapabilities; +} __packed; + +/* + * NCM Encoding + */ +#define MBIM_HDR16_LEN \ + (sizeof (struct ncm_header16) + sizeof (struct ncm_pointer16)) +#define MBIM_HDR32_LEN \ + (sizeof (struct ncm_header32) + sizeof (struct ncm_pointer32)) + +struct ncm_header16 { +#define NCM_HDR16_SIG 0x484d434e + uDWord dwSignature; + uWord wHeaderLength; + uWord wSequence; + uWord wBlockLength; + uWord wNdpIndex; +} __packed; + +struct ncm_header32 { +#define NCM_HDR32_SIG 0x686d636e + uDWord dwSignature; + uWord wHeaderLength; + uWord wSequence; + uDWord dwBlockLength; + uDWord dwNdpIndex; +} __packed; + + +#define MBIM_NCM_NTH_SIDSHIFT 24 +#define MBIM_NCM_NTH_GETSID(s) (((s) > MBIM_NCM_NTH_SIDSHIFT) & 0xff) + +struct ncm_pointer16_dgram { + uWord wDatagramIndex; + uWord wDatagramLen; +} __packed; + +struct ncm_pointer16 { +#define MBIM_NCM_NTH16_IPS 0x00535049 +#define MBIM_NCM_NTH16_ISISG(s) (((s) & 0x00ffffff) == MBIM_NCM_NTH16_IPS) +#define MBIM_NCM_NTH16_SIG(s) \ + ((((s) & 0xff) << MBIM_NCM_NTH_SIDSHIFT) | MBIM_NCM_NTH16_IPS) + uDWord dwSignature; + uWord wLength; + uWord wNextNdpIndex; + + /* Minimum is two datagrams, but can be more */ + struct ncm_pointer16_dgram dgram[2]; +} __packed; + +struct ncm_pointer32_dgram { + uDWord dwDatagramIndex; + uDWord dwDatagramLen; +} __packed; + +struct ncm_pointer32 { +#define MBIM_NCM_NTH32_IPS 0x00737069 +#define MBIM_NCM_NTH32_ISISG(s) \ + (((s) & 0x00ffffff) == MBIM_NCM_NTH32_IPS) +#define MBIM_NCM_NTH32_SIG(s) \ + ((((s) & 0xff) << MBIM_NCM_NTH_SIDSHIFT) | MBIM_NCM_NTH32_IPS) + uDWord dwSignature; + uWord wLength; + uWord wReserved6; + uDWord dwNextNdpIndex; + uDWord dwReserved12; + + /* Minimum is two datagrams, but can be more */ + struct ncm_pointer32_dgram dgram[2]; +} __packed; + +#endif /* _KERNEL */ + +#endif /* _MBIM_H_ */ Index: sys/dev/usb/uhub.c =================================================================== RCS file: /cvs/src/sys/dev/usb/uhub.c,v retrieving revision 1.88 diff -u -p -u -p -r1.88 uhub.c --- sys/dev/usb/uhub.c 29 Nov 2015 16:30:48 -0000 1.88 +++ sys/dev/usb/uhub.c 8 Jun 2016 12:52:59 -0000 @@ -523,7 +523,9 @@ uhub_port_connect(struct uhub_softc *sc, { struct usbd_port *up = &sc->sc_hub->hub->ports[port-1]; int speed; + int retry = 1; +again: /* We have a connect status change, handle it. */ usbd_clear_port_feature(sc->sc_hub, port, UHF_C_PORT_CONNECTION); @@ -613,6 +615,11 @@ uhub_port_connect(struct uhub_softc *sc, * some other serious problem. Since we cannot leave * at 0 we have to disable the port instead. */ + if (retry--) { + printf("%s: port %d: retrying\n", DEVNAME(sc), port); + goto again; + } + printf("%s: device problem, disabling port %d\n", DEVNAME(sc), port); usbd_clear_port_feature(sc->sc_hub, port, UHF_PORT_ENABLE); Index: sys/dev/usb/usb.h =================================================================== RCS file: /cvs/src/sys/dev/usb/usb.h,v retrieving revision 1.55 diff -u -p -u -p -r1.55 usb.h --- sys/dev/usb/usb.h 24 May 2016 05:35:01 -0000 1.55 +++ sys/dev/usb/usb.h 8 Jun 2016 12:52:59 -0000 @@ -508,6 +508,7 @@ typedef struct usb_port_status usb_port_ #define UISUBCLASS_ETHERNET_NETWORKING_CONTROL_MODEL 6 #define UISUBCLASS_ATM_NETWORKING_CONTROL_MODEL 7 #define UISUBCLASS_MOBILE_DIRECT_LINE_MODEL 10 +#define UISUBCLASS_MOBILE_BROADBAND_INTERFACE_MODEL 14 #define UIPROTO_CDC_AT 1 #define UICLASS_HID 0x03 @@ -545,6 +546,7 @@ typedef struct usb_port_status usb_port_ #define UICLASS_CDC_DATA 0x0a #define UISUBCLASS_DATA 0 +#define UIPROTO_DATA_MBIM 0x02 /* MBIM */ #define UIPROTO_DATA_ISDNBRI 0x30 /* Physical iface */ #define UIPROTO_DATA_HDLC 0x31 /* HDLC */ #define UIPROTO_DATA_TRANSPARENT 0x32 /* Transparent */ Index: sys/net/if_types.h =================================================================== RCS file: /cvs/src/sys/net/if_types.h,v retrieving revision 1.20 diff -u -p -u -p -r1.20 if_types.h --- sys/net/if_types.h 7 Mar 2016 19:33:26 -0000 1.20 +++ sys/net/if_types.h 8 Jun 2016 12:52:59 -0000 @@ -268,5 +268,6 @@ #define IFT_CARP 0xf7 /* Common Address Redundancy Protocol */ #define IFT_BLUETOOTH 0xf8 /* Bluetooth */ #define IFT_PFLOW 0xf9 /* pflow */ +#define IFT_MBIM 0xfa /* Mobile Broadband Interface Model */ #endif /* _NET_IF_TYPES_H_ */ Index: sys/netinet/in.c =================================================================== RCS file: /cvs/src/sys/netinet/in.c,v retrieving revision 1.127 diff -u -p -u -p -r1.127 in.c --- sys/netinet/in.c 18 Apr 2016 06:43:51 -0000 1.127 +++ sys/netinet/in.c 8 Jun 2016 12:53:00 -0000 @@ -83,9 +83,7 @@ void in_socktrim(struct sockaddr_in *); -void in_len2mask(struct in_addr *, int); -int in_lifaddr_ioctl(struct socket *, u_long, caddr_t, - struct ifnet *); +int in_lifaddr_ioctl(u_long, caddr_t, struct ifnet *, int); void in_purgeaddr(struct ifaddr *); int in_addhost(struct in_ifaddr *, struct sockaddr_in *); @@ -172,14 +170,11 @@ in_len2mask(struct in_addr *mask, int le int in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp) { - struct ifreq *ifr = (struct ifreq *)data; - struct ifaddr *ifa; - struct in_ifaddr *ia = NULL; - struct in_aliasreq *ifra = (struct in_aliasreq *)data; - struct sockaddr_in oldaddr; - int error; - int newifaddr; - int s; + int privileged; + + privileged = 0; + if ((so->so_state & SS_PRIV) != 0) + privileged++; switch (cmd) { #ifdef MROUTING @@ -189,18 +184,33 @@ in_control(struct socket *so, u_long cmd #endif /* MROUTING */ case SIOCALIFADDR: case SIOCDLIFADDR: - if ((so->so_state & SS_PRIV) == 0) + if (!privileged) return (EPERM); /* FALLTHROUGH */ case SIOCGLIFADDR: if (ifp == NULL) return (EINVAL); - return in_lifaddr_ioctl(so, cmd, data, ifp); + return in_lifaddr_ioctl(cmd, data, ifp, privileged); default: if (ifp == NULL) return (EOPNOTSUPP); } + return (in_ioctl(cmd, data, ifp, privileged)); +} + +int +in_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, int privileged) +{ + struct ifreq *ifr = (struct ifreq *)data; + struct ifaddr *ifa; + struct in_ifaddr *ia = NULL; + struct in_aliasreq *ifra = (struct in_aliasreq *)data; + struct sockaddr_in oldaddr; + int error; + int newifaddr; + int s; + TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { if (ifa->ifa_addr->sa_family == AF_INET) { ia = ifatoia(ifa); @@ -225,7 +235,7 @@ in_control(struct socket *so, u_long cmd return (EADDRNOTAVAIL); /* FALLTHROUGH */ case SIOCSIFADDR: - if ((so->so_state & SS_PRIV) == 0) + if (!privileged) return (EPERM); if (ia == NULL) { @@ -250,7 +260,7 @@ in_control(struct socket *so, u_long cmd case SIOCSIFNETMASK: case SIOCSIFDSTADDR: case SIOCSIFBRDADDR: - if ((so->so_state & SS_PRIV) == 0) + if (!privileged) return (EPERM); /* FALLTHROUGH */ @@ -410,8 +420,7 @@ in_control(struct socket *so, u_long cmd * other values may be returned from in_ioctl() */ int -in_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, - struct ifnet *ifp) +in_lifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, int privileged) { struct if_laddrreq *iflr = (struct if_laddrreq *)data; struct ifaddr *ifa; @@ -481,7 +490,7 @@ in_lifaddr_ioctl(struct socket *so, u_lo ifra.ifra_mask.sin_len = sizeof(struct sockaddr_in); in_len2mask(&ifra.ifra_mask.sin_addr, iflr->prefixlen); - return in_control(so, SIOCAIFADDR, (caddr_t)&ifra, ifp); + return in_ioctl(SIOCAIFADDR, (caddr_t)&ifra, ifp, privileged); } case SIOCGLIFADDR: case SIOCDLIFADDR: @@ -566,7 +575,8 @@ in_lifaddr_ioctl(struct socket *so, u_lo memcpy(&ifra.ifra_dstaddr, &ia->ia_sockmask, ia->ia_sockmask.sin_len); - return in_control(so, SIOCDIFADDR, (caddr_t)&ifra, ifp); + return in_ioctl(SIOCDIFADDR, (caddr_t)&ifra, ifp, + privileged); } } } Index: sys/netinet/in.h =================================================================== RCS file: /cvs/src/sys/netinet/in.h,v retrieving revision 1.115 diff -u -p -u -p -r1.115 in.h --- sys/netinet/in.h 20 Oct 2015 20:22:42 -0000 1.115 +++ sys/netinet/in.h 8 Jun 2016 12:53:00 -0000 @@ -791,6 +791,7 @@ extern struct in_addr zeroin_addr; struct mbuf; +void in_purgeaddr(struct ifaddr *); int in_broadcast(struct in_addr, u_int); int in_canforward(struct in_addr); int in_cksum(struct mbuf *, int); @@ -798,6 +799,7 @@ int in4_cksum(struct mbuf *, u_int8_t void in_proto_cksum_out(struct mbuf *, struct ifnet *); void in_ifdetach(struct ifnet *); int in_mask2len(struct in_addr *); +void in_len2mask(struct in_addr *, int); char *inet_ntoa(struct in_addr); int inet_nat64(int, const void *, void *, const void *, u_int8_t); Index: sys/netinet/in_var.h =================================================================== RCS file: /cvs/src/sys/netinet/in_var.h,v retrieving revision 1.38 diff -u -p -u -p -r1.38 in_var.h --- sys/netinet/in_var.h 21 Jan 2016 11:23:48 -0000 1.38 +++ sys/netinet/in_var.h 8 Jun 2016 12:53:00 -0000 @@ -157,6 +157,7 @@ void in_delmulti(struct in_multi *); int in_hasmulti(struct in_addr *, struct ifnet *); void in_ifscrub(struct ifnet *, struct in_ifaddr *); int in_control(struct socket *, u_long, caddr_t, struct ifnet *); +int in_ioctl(u_long, caddr_t, struct ifnet *, int); void in_prefixlen2mask(struct in_addr *, int); #endif Index: sys/netinet6/in6.c =================================================================== RCS file: /cvs/src/sys/netinet6/in6.c,v retrieving revision 1.186 diff -u -p -u -p -r1.186 in6.c --- sys/netinet6/in6.c 3 Mar 2016 12:57:15 -0000 1.186 +++ sys/netinet6/in6.c 8 Jun 2016 12:53:00 -0000 @@ -118,7 +118,8 @@ const struct in6_addr in6mask64 = IN6MAS const struct in6_addr in6mask96 = IN6MASK96; const struct in6_addr in6mask128 = IN6MASK128; -int in6_lifaddr_ioctl(struct socket *, u_long, caddr_t, struct ifnet *); +int in6_lifaddr_ioctl(u_long, caddr_t, struct ifnet *, int); +int in6_ioctl(u_long, caddr_t, struct ifnet *, int); int in6_ifinit(struct ifnet *, struct in6_ifaddr *, int); void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); @@ -165,11 +166,7 @@ in6_mask2len(struct in6_addr *mask, u_ch int in6_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp) { - struct in6_ifreq *ifr = (struct in6_ifreq *)data; - struct in6_ifaddr *ia6 = NULL; - struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; - struct sockaddr_in6 *sa6; - int s, privileged; + int privileged; privileged = 0; if ((so->so_state & SS_PRIV) != 0) @@ -183,6 +180,18 @@ in6_control(struct socket *so, u_long cm } #endif + return (in6_ioctl(cmd, data, ifp, privileged)); +} + +int +in6_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, int privileged) +{ + struct in6_ifreq *ifr = (struct in6_ifreq *)data; + struct in6_ifaddr *ia6 = NULL; + struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; + struct sockaddr_in6 *sa6; + int s; + if (ifp == NULL) return (EOPNOTSUPP); @@ -206,7 +215,7 @@ in6_control(struct socket *so, u_long cm return (EPERM); /* FALLTHROUGH */ case SIOCGLIFADDR: - return in6_lifaddr_ioctl(so, cmd, data, ifp); + return in6_lifaddr_ioctl(cmd, data, ifp, privileged); } /* @@ -939,8 +948,7 @@ in6_unlink_ifa(struct in6_ifaddr *ia6, s * address encoding scheme. (see figure on page 8) */ int -in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, - struct ifnet *ifp) +in6_lifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, int privileged) { struct if_laddrreq *iflr = (struct if_laddrreq *)data; struct ifaddr *ifa; @@ -1047,7 +1055,8 @@ in6_lifaddr_ioctl(struct socket *so, u_l in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; - return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp); + return in6_ioctl(SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, + privileged); } case SIOCGLIFADDR: case SIOCDLIFADDR: @@ -1142,8 +1151,8 @@ in6_lifaddr_ioctl(struct socket *so, u_l ia6->ia_prefixmask.sin6_len); ifra.ifra_flags = ia6->ia6_flags; - return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, - ifp); + return in6_ioctl(SIOCDIFADDR_IN6, (caddr_t)&ifra, ifp, + privileged); } } } Index: sys/netinet6/in6_var.h =================================================================== RCS file: /cvs/src/sys/netinet6/in6_var.h,v retrieving revision 1.62 diff -u -p -u -p -r1.62 in6_var.h --- sys/netinet6/in6_var.h 3 Mar 2016 12:57:15 -0000 1.62 +++ sys/netinet6/in6_var.h 8 Jun 2016 12:53:00 -0000 @@ -394,6 +394,7 @@ int in6_hasmulti(struct in6_addr *, stru struct in6_multi_mship *in6_joingroup(struct ifnet *, struct in6_addr *, int *); int in6_leavegroup(struct in6_multi_mship *); int in6_control(struct socket *, u_long, caddr_t, struct ifnet *); +int in6_ioctl(u_long, caddr_t, struct ifnet *, int); int in6_update_ifa(struct ifnet *, struct in6_aliasreq *, struct in6_ifaddr *); void in6_purgeaddr(struct ifaddr *); Index: sys/sys/sockio.h =================================================================== RCS file: /cvs/src/sys/sys/sockio.h,v retrieving revision 1.64 diff -u -p -u -p -r1.64 sockio.h --- sys/sys/sockio.h 31 May 2016 22:35:02 -0000 1.64 +++ sys/sys/sockio.h 8 Jun 2016 12:53:00 -0000 @@ -202,6 +202,10 @@ #define SIOCGIFPARENT _IOWR('i', 179, struct if_parent) /* get parent if */ #define SIOCDIFPARENT _IOW('i', 180, struct ifreq) /* del parent if */ +#define SIOCGUMBINFO _IOWR('i', 190, struct ifreq) /* get MBIM info */ +#define SIOCSUMBPARAM _IOW('i', 191, struct ifreq) /* set MBIM param */ +#define SIOCGUMBPARAM _IOWR('i', 192, struct ifreq) /* get MBIM param */ + #define SIOCSVH _IOWR('i', 245, struct ifreq) /* set carp param */ #define SIOCGVH _IOWR('i', 246, struct ifreq) /* get carp param */