15 KiB
15 KiB
ROM wifi funcs
todo:
- disasm the wifi binary
$ find . -type f -name "*.o" -exec bash -c '
for file in "$@"; do
nm "$file" | grep ROM_ | sed "s|^|$file: |"
done' bash {} +
./lib_wlan_mp/rtl8711b_cmd.o: U ROM_WIFI_BCN_VALID
./lib_wlan_mp/rtl8711b_firmware.o: U ROM_WIFI_8051Reset
./lib_wlan_mp/rtl8711b_firmware.o: U ROM_WIFI_FWDownloadEnable
./lib_wlan_mp/rtl8711b_hal_efuse.o: U ROM_WIFI_EfuseParseTxPowerInfo
./lib_wlan_mp/lxbus_ops.o: 00000001 T ROM_WIFI_InitLxDma_patch
./lib_wlan_mp/phydm_CfoTracking.o: U ROM_odm_CfoTrackingFlow
./lib_wlan_mp/phydm_CfoTracking.o: U ROM_ODM_CfoTrackingReset
./lib_wlan_mp/phydm_CfoTracking.o: U ROM_odm_GetDefaultCrytaltalCap
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitAdaptiveCtrl
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_INIT_BeaconParameters
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitBurstPktLen
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitDriverInfoSize
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitEDCA
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitLLTTable
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitLxDma_patch
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitNetworkType
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitNormalChipRegPriority
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitOperationMode
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitPageBoundary
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitRateFallback
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitRCR
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitRetryFunction
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitSIFS
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitTransferPageSize
./lib_wlan_mp/lxbus_halinit.o: U ROM_WIFI_InitTxBufferBoundary
./lib_wlan_mp/lxbus_suspend.o: U ROM_WIFI_32K_Cmd
./lib_wlan_mp/phydm_HWConfig.o: U ROM_odm_EVMdbToPercentage
./lib_wlan_mp/phydm_HWConfig.o: U ROM_odm_QueryRxPwrPercentage
./lib_wlan_mp/phydm_HWConfig.o: U ROM_odm_SignalScaleMapping_8711B
./lib_wlan_mp/rtw_mp.o: U ROM_odm_FalseAlarmCounterStatistics
./lib_wlan_mp/rtw_mp.o: U ROM_odm_SetCrystalCap
./lib_wlan_mp/rtl8711b_xmit.o: U ROM_WIFI_BCN_VALID
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_ACM_CTRL
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_BASIC_RATE
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_BCN_FUNC
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_BSSID_SET
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_BWMapping
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_CAM_WRITE
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_CHECK_BSSID
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_CHECK_TXBUF
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_DISCONNECT
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_FIFO_CLEARN_UP
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_FillFakeTxdesc
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_FillTxdescSectype
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_INIT_BeaconParameters
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_MACADDR_SET
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_MEDIA_STATUS
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_MEDIA_STATUS1
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_PROMISC_Cmd
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_ReadChipVersion
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_RESP_SIFS
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_RESUME_TxBeacon
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_SCMapping
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_SetOpmodeAP
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_SET_TSF
./lib_wlan_mp/rtl8711b_hal_init.o: U ROM_WIFI_STOP_TXBeacon
./lib_wlan_mp/HalPhyRf_8711B.o: U ROM_odm_SetCrystalCap
./lib_wlan_mp/rtl8711b_phycfg.o: U ROM_odm_SetCrystalCap
./lib_wlan/rtl8711b_cmd.o: U ROM_WIFI_BCN_VALID
./lib_wlan/rtl8711b_firmware.o: U ROM_WIFI_8051Reset
./lib_wlan/rtl8711b_firmware.o: U ROM_WIFI_FWDownloadEnable
./lib_wlan/rtl8711b_hal_efuse.o: U ROM_WIFI_EfuseParseTxPowerInfo
./lib_wlan/lxbus_ops.o: 00000001 T ROM_WIFI_InitLxDma_patch
./lib_wlan/phydm_CfoTracking.o: U ROM_odm_CfoTrackingFlow
./lib_wlan/phydm_CfoTracking.o: U ROM_ODM_CfoTrackingReset
./lib_wlan/phydm_CfoTracking.o: U ROM_odm_GetDefaultCrytaltalCap
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitAdaptiveCtrl
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_INIT_BeaconParameters
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitBurstPktLen
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitDriverInfoSize
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitEDCA
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitLLTTable
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitLxDma_patch
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitNetworkType
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitNormalChipRegPriority
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitOperationMode
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitPageBoundary
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitRateFallback
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitRCR
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitRetryFunction
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitSIFS
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitTransferPageSize
./lib_wlan/lxbus_halinit.o: U ROM_WIFI_InitTxBufferBoundary
./lib_wlan/lxbus_suspend.o: U ROM_WIFI_32K_Cmd
./lib_wlan/phydm_HWConfig.o: U ROM_odm_EVMdbToPercentage
./lib_wlan/phydm_HWConfig.o: U ROM_odm_QueryRxPwrPercentage
./lib_wlan/phydm_HWConfig.o: U ROM_odm_SignalScaleMapping_8711B
./lib_wlan/rtl8711b_xmit.o: U ROM_WIFI_BCN_VALID
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_ACM_CTRL
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_BASIC_RATE
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_BCN_FUNC
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_BSSID_SET
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_BWMapping
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_CAM_WRITE
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_CHECK_BSSID
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_CHECK_TXBUF
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_DISCONNECT
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_FIFO_CLEARN_UP
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_FillFakeTxdesc
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_FillTxdescSectype
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_INIT_BeaconParameters
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_MACADDR_SET
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_MEDIA_STATUS
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_MEDIA_STATUS1
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_PROMISC_Cmd
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_ReadChipVersion
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_RESP_SIFS
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_RESUME_TxBeacon
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_SCMapping
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_SetOpmodeAP
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_SET_TSF
./lib_wlan/rtl8711b_hal_init.o: U ROM_WIFI_STOP_TXBeacon
./lib_wlan/HalPhyRf_8711B.o: U ROM_odm_SetCrystalCap
./lib_wlan/rtl8711b_phycfg.o: U ROM_odm_SetCrystalCap
DMA
// 0x40080000
typedef struct {
// 0x000-0x1FF: MAC/BB control registers
uint32_t reserved1[...]; // 0x000-0x0FC
__IO uint32_t NET_TYPE; // 0x100 - bits [17:16] = network type
__IO uint8_t TRANSFER_PAGE_SIZE; // 0x104 - Transfer page size
uint8_t reserved[...]; // Fill to 0x108
__IO uint16_t REG_PRIORITY; // 0x10C - Priority configuration
uint32_t reserved[...];
__IO uint16_t PAGE_BOUNDARY; // 0x116 - Page Boundary config, set to 0x3F7F
uint32_t reserved[...]; // Continue to 0x200
// 0x200-0x2FF: System control/status
uint32_t reserved[...]; // 0x200-0x207
__IO uint8_t TX_BUFFER_BOUNDARY2; // 0x209
uint8_t reserved[...]; // 0x20A-0x20B
__IO uint32_t REG_20C; // 0x20C - DMA Global Enable (bit 28)
uint8_t reserved[...]; // 0x210-0x223
__IO uint32_t REG_224; // 0x224 - LLT Status (bit 16 = busy)
uint8_t reserved[...]; // 0x225-0x228
__IO uint8_t TX_BUFFER_BOUNDARY3; // 0x229
__IO uint8_t REG_22A; // 0x22A - sets bit 1 if a2 true
uint32_t reserved[52]; // -> 0x2FF
// 0x300-0x3FF: DMA & Queue
__IO uint32_t DMA_CTRL; // 0x300
__IO uint32_t reserved3;
__IO uint32_t QUEUE4; // 0x308
__IO uint32_t reserved4;
__IO uint32_t QUEUE5; // 0x310
__IO uint32_t reserved5;
__IO uint32_t TX_BASE; // 0x318
__IO uint32_t reserved6;
__IO uint32_t QUEUE1; // 0x320
__IO uint32_t reserved7;
__IO uint32_t QUEUE2; // 0x328
__IO uint32_t reserved8;
__IO uint32_t QUEUE3; // 0x330
__IO uint32_t reserved9;
__IO uint32_t RX_QUEUE; // 0x338
__IO uint32_t QUEUE6; // 0x340
uint32_t reserved[...];
__IO uint16_t Q_CFG[14]; // 0x380-0x39A
uint16_t reserved11;
uint32_t reserved[...];
__IO uint32_t DMA_MASK; // 0x3E8
uint32_t reserved[...];
// 0x400-0x4FF region
uint32_t reserved[...]; // 0x400-0x420
__IO uint8_t TX_BUFFER_BOUNDARY4; // 0x424
__IO uint8_t TX_BUFFER_BOUNDARY5; // 0x425
__IO uint16_t ADAPT_CTRL1; // 0x428 - a2 in both bytes or first SIFS timing? 4106
__IO uint16_t ADAPT_CTRL2; // 0x42A - (a3 & 0x3F) in both bytes
uint32_t reserved[4]; // 0x42C-0x43C
__IO uint32_t ADAPT_CTRL3; // 0x440 - a1 | (old[31:20] << 20)
uint32_t reserved[...]; // 0x444-0x456
__IO uint8_t TX_BUFFER_BOUNDARY6; // 0x457
uint32_t reserved4_2; // 0x458-0x45B
__IO uint8_t MODE_CTRL2; // 0x45C - Controlled by a2 parameter (80 or 0)
__IO uint8_t TX_BUFFER_BOUNDARY7; // 0x45D (same as BOUND7), InitTxBufferBoundary
uint8_t reserved[...];
__IO uint16_t SIFS3; // 0x514 - Third SIFS timing
__IO uint16_t SIFS4; // 0x516 - Fourth SIFS timing
// 0x600-0x6FF region
uint8_t reserved[...]; // 0x600-0x60E
__IO uint8_t DRIVER_INFO_SIZE; // 0x60F - Driver info size
__IO uint16_t SIFS2; // 0x63A - Second SIFS timing
} WIFI_TypeDef;
// TX Ring
typedef struct {
uint32_t base_addr; // TX_BASE
uint32_t reserved1[7]; // 28b
uint32_t queue1; // QUEUE1
uint32_t reserved2[7];
uint32_t queue2; // QUEUE2
uint32_t reserved3[7];
uint32_t queue3; // QUEUE3
uint32_t reserved4[7];
uint32_t queue4; // QUEUE4
uint32_t reserved5[7];
uint32_t queue5; // QUEUE5
uint32_t reserved6[7];
uint32_t queue6; // QUEUE6
uint32_t reserved7[7];
} TX_RING_TypeDef;
// RX Ring
typedef struct {
uint32_t base_addr; // RX_QUEUE
uint32_t reserved[7]; // ?
} RX_RING_TypeDef;
// wireless modes from cur_wireless_mode mapping
typedef enum {
WIRELESS_MODE_2 = 2, // First valid value (v2 starts from 0)
// ... up to WIRELESS_MODE_16, v2 > 0xE check
} WIRELESS_MODE;
// HalData[60] seems to be some hardware capability/mode that affects a2
typedef struct _ADAPTER {
uint8_t *HalData; // HalData[60] determines MODE_CTRL2 value
struct {
uint8_t cur_wireless_mode; // current wireless mode
} mlmeextpriv;
// ... other fields
} ADAPTER, *PADAPTER;
// Network type values (2-bit field)
#define NET_TYPE_MASK (3 << 16) // 0x00030000
#define NET_TYPE_SHIFT 16
// REG_PRIORITY bit fields
#define PRIO_1_MASK (0x3 << 8) // a1 & 3
#define PRIO_2_MASK (0x3 << 10) // a2 & 3
#define PRIO_3_MASK (0x3 << 12) // a5 & 3
#define PRIO_4_MASK (0x3 << 4) // a4 & 3
#define PRIO_5_MASK (0x3 << 6) // a3 << 6
#define PRIO_6_MASK (0x3 << 14) // a6 << 14
#define PRIO_BASE_MASK 0x7 // preserved bits
// Called with (1,1,2,3,3,3)
// Would set bits:
// [15:14] = 3 (a6)
// [13:12] = 3 (a5)
// [11:10] = 1 (a2)
// [9:8] = 1 (a1)
// [7:6] = 2 (a3)
// [5:4] = 3 (a4)
// [2:0] = preserved
// ADAPT_CTRL
// Called with (1048561, 16, 48)
// ADAPT_CTRL1 = 0x1010 (16 | (16 << 8))
// ADAPT_CTRL2 = 0x3030 ((48 & 0x3F) | ((48 & 0x3F) << 8))
// ADAPT_CTRL3 preserves top 12 bits, lower 20 from 1048561
sequenceDiagram
participant Device
participant AP as Access Point
participant MAC as MAC Layer
participant PHY as PHY Layer
Note over Device,PHY: Initialization Phase
Device->>MAC: ROM_WIFI_InitMacClk
Device->>MAC: ROM_WIFI_Init32kClk
Device->>MAC: ROM_WIFI_InitLxDma
Device->>MAC: ROM_WIFI_INIT_MACADDR_SET
Device->>MAC: ROM_WIFI_InitNetworkType
Device->>MAC: ROM_WIFI_InitEDCA
Device->>PHY: ROM_WIFI_ENABLE_BB_RF
Note over Device,PHY: Connection Phase
Device->>AP: ROM_WIFI_Set_MLME_Sitesurvey
AP->>Device: Beacon Frames
Device->>MAC: ROM_WIFI_BCN_VALID
Device->>MAC: ROM_WIFI_CHECK_BSSID
Device->>MAC: ROM_WIFI_Set_MLME_JOIN
Device->>MAC: ROM_WIFI_BSSID_SET
Note over Device,PHY: Operation Phase
Device->>MAC: ROM_WIFI_Set_AC_Param
MAC->>Device: ROM_WIFI_CHECK_TXBUF
Device->>MAC: ROM_WIFI_SET_MAX_AGG_NUM
Note over Device,PHY: Security Setup
Device->>MAC: ROM_WIFI_SEC_CFG
Device->>MAC: ROM_WIFI_CAM_WRITE
Note over Device,PHY: Maintenance
Device->>MAC: ROM_WIFI_TSF_GetByPort
Device->>MAC: ROM_WIFI_IMR_UPDATE
Device->>MAC: ROM_WIFI_High_Queue_Empty_Check
-
init:
- sysclock init (
ROM_WIFI_InitMacClk,ROM_WIFI_Init32kClk) - DMA setup (
ROM_WIFI_InitLxDma) - MAC address config (
ROM_WIFI_INIT_MACADDR_SET) - Network type setup (
ROM_WIFI_InitNetworkType) - EDCA params for QoS (
ROM_WIFI_InitEDCA) - RF/Baseband enable (
ROM_WIFI_ENABLE_BB_RF)
- sysclock init (
-
connect:
- site survey to find networks (
ROM_WIFI_Set_MLME_Sitesurvey) - beacon validation (
ROM_WIFI_BCN_VALID) - BSSID checking (
ROM_WIFI_CHECK_BSSID) - join request (
ROM_WIFI_Set_MLME_JOIN) - BSSID setting (
ROM_WIFI_BSSID_SET)
- site survey to find networks (
-
config:
- AC (Access Category) param (
ROM_WIFI_Set_AC_Param) - Buffer management? (
ROM_WIFI_CHECK_TXBUF) - Aggregation configuration (
ROM_WIFI_SET_MAX_AGG_NUM)
- AC (Access Category) param (
-
security:
- Security configuration (
ROM_WIFI_SEC_CFG) - CAM (Content Addressable Memory) (
ROM_WIFI_CAM_WRITE)
- Security configuration (
-
maintain:
- TSF (Timing Synchronization Function) (
ROM_WIFI_TSF_GetByPort) - Interrupt mask updates (
ROM_WIFI_IMR_UPDATE) - Queue monitoring (
ROM_WIFI_High_Queue_Empty_Check)
- TSF (Timing Synchronization Function) (
- MU-EDCA (Multi-User EDCA)
ROM_WIFI_AX_MUEDCA_Para - BSS Coloring
ROM_WIFI_AX_BSS_COLOR_SET - OFDMA (Orthogonal Frequency Division Multiple Access)