chore: wifi

docs/create_peripherals_ida.py

@@ -0,0 +1,71 @@
+from ida_segment import *
+from ida_bytes import *
+
+
+def create_peripheral_segment(start_addr, name, size):
+    seg = segment_t()
+    seg.start_ea = start_addr
+    seg.end_ea = start_addr + size
+    seg.bitness = 1  # 32-bit
+    seg.align = saRelByte
+    seg.comb = scPub
+    seg.perm = SEGPERM_READ | SEGPERM_WRITE
+
+    if add_segm_ex(seg, name, "PERIPHERAL", ADDSEG_OR_DIE):
+        getseg(start_addr).type = SEG_DATA
+        set_segment_cmt(getseg(start_addr), "Volatile peripheral registers", True)
+        return True
+    return False
+
+
+def verify_no_overlaps(peripherals):
+    sorted_pairs = sorted(peripherals.items())
+    for i in range(len(sorted_pairs) - 1):
+        curr_addr, (curr_name, curr_size) = sorted_pairs[i]
+        next_addr, (next_name, _) = sorted_pairs[i + 1]
+
+        if curr_addr + curr_size > next_addr:
+            print(f"ERROR: Overlap between {curr_name} and {next_name}")
+            return False
+    return True
+
+
+def main():
+    peripherals = {
+        0x40000000: ("SYSTEM_CTRL", 0x200),
+        0x40000200: ("PERI_ON", 0x80),
+        0x40000280: ("PINMUX_REG", 0xD80),
+        0x40001000: ("GPIO_REG", 0x1000),
+        0x40002000: ("TIMER_REG", 0x800),
+        0x40002800: ("VENDOR_REG", 0x800),
+        0x40003000: ("LOG_UART_REG", 0x400),
+        0x40003400: ("RTC", 0x800),
+        0x40003C00: ("SPIC_CACHE", 0x400),
+        0x40010000: ("ADC_REG", 0x1000),
+        0x40020000: ("SPI_FLASH_CTRL", 0x1000),
+        0x40040000: ("UART0_REG", 0x400),
+        0x40040400: ("UART1_REG", 0x400),
+        0x40042000: ("SPI0_REG", 0x400),
+        0x40042400: ("SPI1_REG", 0x400),
+        0x40044000: ("I2C0_REG", 0x400),
+        0x40044400: ("I2C1_REG", 0x400),
+        0x40050000: ("SDIO_DEVICE_REG", 0x1000),
+        0x40060000: ("GDMA0_REG", 0x1000),
+        0x40061000: ("GDMA1_REG", 0x1000),
+        0x40062000: ("I2S0_REG", 0x1000),
+        0x40070000: ("CRYPTO_REG", 0x1000),
+        0x40080000: ("WIFI_REG", 0x40000),
+        0x400C0000: ("SIE_REG", 0x2000),
+        0x400C2000: ("USOC_REG", 0x2000),
+    }
+
+    if not verify_no_overlaps(peripherals):
+        return
+
+    for addr, (name, size) in sorted(peripherals.items()):
+        if not create_peripheral_segment(addr, name, size):
+            print(f"Failed to create segment {name}")
+
+
+if __name__ == "__main__":
+    main()

docs/wifi.md

@@ -0,0 +1,82 @@
+# ROM wifi funcs
+
+todo:
+
+- disasm the wifi binary
+
+```mermaid
+sequenceDiagram
+    participant Device
+    participant AP as Access Point
+    participant MAC as MAC Layer
+    participant PHY as PHY Layer
+
+    Note over Device,PHY: Initialization Phase
+    Device->>MAC: ROM_WIFI_InitMacClk
+    Device->>MAC: ROM_WIFI_Init32kClk
+    Device->>MAC: ROM_WIFI_InitLxDma
+    Device->>MAC: ROM_WIFI_INIT_MACADDR_SET
+    Device->>MAC: ROM_WIFI_InitNetworkType
+    Device->>MAC: ROM_WIFI_InitEDCA
+    Device->>PHY: ROM_WIFI_ENABLE_BB_RF
+
+    Note over Device,PHY: Connection Phase
+    Device->>AP: ROM_WIFI_Set_MLME_Sitesurvey
+    AP->>Device: Beacon Frames
+    Device->>MAC: ROM_WIFI_BCN_VALID
+    Device->>MAC: ROM_WIFI_CHECK_BSSID
+    Device->>MAC: ROM_WIFI_Set_MLME_JOIN
+    Device->>MAC: ROM_WIFI_BSSID_SET
+
+    Note over Device,PHY: Operation Phase
+    Device->>MAC: ROM_WIFI_Set_AC_Param
+    MAC->>Device: ROM_WIFI_CHECK_TXBUF
+    Device->>MAC: ROM_WIFI_SET_MAX_AGG_NUM
+
+    Note over Device,PHY: Security Setup
+    Device->>MAC: ROM_WIFI_SEC_CFG
+    Device->>MAC: ROM_WIFI_CAM_WRITE
+
+    Note over Device,PHY: Maintenance
+    Device->>MAC: ROM_WIFI_TSF_GetByPort
+    Device->>MAC: ROM_WIFI_IMR_UPDATE
+    Device->>MAC: ROM_WIFI_High_Queue_Empty_Check
+
+```
+
+1. init:
+
+   - sysclock init (`ROM_WIFI_InitMacClk`, `ROM_WIFI_Init32kClk`)
+   - DMA setup (`ROM_WIFI_InitLxDma`)
+   - MAC address config (`ROM_WIFI_INIT_MACADDR_SET`)
+   - Network type setup (`ROM_WIFI_InitNetworkType`)
+   - EDCA params for QoS (`ROM_WIFI_InitEDCA`)
+   - RF/Baseband enable (`ROM_WIFI_ENABLE_BB_RF`)
+
+2. connect:
+
+   - site survey to find networks (`ROM_WIFI_Set_MLME_Sitesurvey`)
+   - beacon validation (`ROM_WIFI_BCN_VALID`)
+   - BSSID checking (`ROM_WIFI_CHECK_BSSID`)
+   - join request (`ROM_WIFI_Set_MLME_JOIN`)
+   - BSSID setting (`ROM_WIFI_BSSID_SET`)
+
+3. config:
+
+   - AC (Access Category) param (`ROM_WIFI_Set_AC_Param`)
+   - Buffer management? (`ROM_WIFI_CHECK_TXBUF`)
+   - Aggregation configuration (`ROM_WIFI_SET_MAX_AGG_NUM`)
+
+4. security:
+
+   - Security configuration (`ROM_WIFI_SEC_CFG`)
+   - CAM (Content Addressable Memory) (`ROM_WIFI_CAM_WRITE`)
+
+5. maintain:
+   - TSF (Timing Synchronization Function) (`ROM_WIFI_TSF_GetByPort`)
+   - Interrupt mask updates (`ROM_WIFI_IMR_UPDATE`)
+   - Queue monitoring (`ROM_WIFI_High_Queue_Empty_Check`)
+
+- MU-EDCA (Multi-User EDCA) `ROM_WIFI_AX_MUEDCA_Para`
+- BSS Coloring `ROM_WIFI_AX_BSS_COLOR_SET`
+- OFDMA (Orthogonal Frequency Division Multiple Access)