From 30423b1e69292d879238621ed2702d465c7e18a9 Mon Sep 17 00:00:00 2001 From: Frostie314159 Date: Tue, 18 Jun 2024 14:48:00 +0200 Subject: [PATCH 1/4] Implement AGC enablement. --- main/hardware.c | 17 +++++++++++++++++ main/hardware.h | 5 ++++- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/main/hardware.c b/main/hardware.c index ea85161..16dad4e 100644 --- a/main/hardware.c +++ b/main/hardware.c @@ -129,6 +129,23 @@ tx_hardware_slot_t tx_slots[TX_SLOT_CNT] = {0}; uint32_t seqnum = 0; +extern uint32_t esp_dport_access_reg_read(uint32_t); + +// [[openmac-coverage:implemented]] +void enabled_wifi_agc_openmac() { + write_register(0x3ff5c080, esp_dport_access_reg_read(0x3ff5c080) & ~(0x1)); + write_register(0x3ff5c030, (esp_dport_access_reg_read(0x3ff5c030) & 0xffffffcf) | 0x10); + write_register(0x3ff5c01c, (esp_dport_access_reg_read(0x3ff5c01c) & 0xff00ffff) | 0xc0000); + write_register(0x3ff5c038, esp_dport_access_reg_read(0x3ff5c038) & 0x4000000); +} +// [[openmac-coverage:implemented]] +void disable_wifi_agc_openmac() { + write_register(0x3ff5c01c, (esp_dport_access_reg_read(0x3ff5c01c) & 0xff00ffff) | 0x7f0000); + write_register(0x3ff5c038, esp_dport_access_reg_read(0x3ff5c038) & 0x4000000); + write_register(0x3ff5c030, esp_dport_access_reg_read(0x3ff5c030) & 0xffffffcf); + write_register(0x3ff5c080, esp_dport_access_reg_read(0x3ff5c080) & 0x1); +} + void log_dma_item(dma_list_item* item) { ESP_LOGD("dma_item", "cur=%p owner=%d has_data=%d length=%d size=%d packet=%p next=%p", item, item->owner, item->has_data, item->length, item->size, item->packet, item->next); } diff --git a/main/hardware.h b/main/hardware.h index edb7a93..63c819c 100644 --- a/main/hardware.h +++ b/main/hardware.h @@ -16,4 +16,7 @@ void wifi_hardware_task(hardware_mac_args* pvParameter); extern uint8_t module_mac_addr[6]; #define _MMIO_DWORD(mem_addr) (*(volatile uint32_t *)(mem_addr)) -#define _MMIO_ADDR(mem_addr) ((volatile uint32_t*)(mem_addr)) \ No newline at end of file +#define _MMIO_ADDR(mem_addr) ((volatile uint32_t*)(mem_addr)) + +void enabled_wifi_agc_openmac(); +void disable_wifi_agc_openmac(); From e4a57504a8a7d6bb89b95678f493e6fa11ffd844 Mon Sep 17 00:00:00 2001 From: Frostie314159 Date: Tue, 18 Jun 2024 14:48:01 +0200 Subject: [PATCH 2/4] Fixed typo. --- main/hardware.c | 2 +- main/hardware.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/main/hardware.c b/main/hardware.c index 16dad4e..74e7199 100644 --- a/main/hardware.c +++ b/main/hardware.c @@ -132,7 +132,7 @@ uint32_t seqnum = 0; extern uint32_t esp_dport_access_reg_read(uint32_t); // [[openmac-coverage:implemented]] -void enabled_wifi_agc_openmac() { +void enable_wifi_agc_openmac() { write_register(0x3ff5c080, esp_dport_access_reg_read(0x3ff5c080) & ~(0x1)); write_register(0x3ff5c030, (esp_dport_access_reg_read(0x3ff5c030) & 0xffffffcf) | 0x10); write_register(0x3ff5c01c, (esp_dport_access_reg_read(0x3ff5c01c) & 0xff00ffff) | 0xc0000); diff --git a/main/hardware.h b/main/hardware.h index 63c819c..51794e7 100644 --- a/main/hardware.h +++ b/main/hardware.h @@ -18,5 +18,5 @@ extern uint8_t module_mac_addr[6]; #define _MMIO_DWORD(mem_addr) (*(volatile uint32_t *)(mem_addr)) #define _MMIO_ADDR(mem_addr) ((volatile uint32_t*)(mem_addr)) -void enabled_wifi_agc_openmac(); +void enable_wifi_agc_openmac(); void disable_wifi_agc_openmac(); From 7ea233da79f42d503e843a125df989a82b399ea3 Mon Sep 17 00:00:00 2001 From: Frostie314159 Date: Tue, 18 Jun 2024 14:48:01 +0200 Subject: [PATCH 3/4] Moved all ghidra exports to one file. --- main/{chm.h => ghidra-exports.h} | 43 +++++++++++++++++++++++--------- main/hardware.c | 2 +- main/hwinit.c | 2 +- main/proprietary.h | 3 ++- 4 files changed, 35 insertions(+), 15 deletions(-) rename main/{chm.h => ghidra-exports.h} (81%) diff --git a/main/chm.h b/main/ghidra-exports.h similarity index 81% rename from main/chm.h rename to main/ghidra-exports.h index ef50d8a..c024943 100644 --- a/main/chm.h +++ b/main/ghidra-exports.h @@ -18,11 +18,6 @@ typedef unsigned long long undefined7; typedef unsigned long long undefined8; typedef unsigned short ushort; typedef unsigned short word; -typedef struct chm chm, *Pchm; - -typedef struct channel_specification channel_specification, *PChannelSpecification; - -typedef struct channel_information channel_information, *PChannelInformation; typedef enum channel_width { HT20=0, @@ -30,7 +25,7 @@ typedef enum channel_width { HT40U=2 } channel_width; -struct channel_information { +typedef struct channel_information { char channel_number; undefined field1_0x1; ushort freq_mhz; @@ -39,14 +34,14 @@ struct channel_information { undefined field5_0x6; undefined field6_0x7; uint _flags; -}; +} channel_information; -struct channel_specification { +typedef struct channel_specification { byte channel; - enum channel_width channel_bandwidth; -}; + channel_width channel_bandwidth; +} channel_specification; -struct chm { +typedef struct chm { undefined *ic; undefined field1_0x4; undefined field2_0x5; @@ -130,5 +125,29 @@ struct chm { undefined field80_0xfc; undefined field81_0xfd; undefined field82_0xfe; -}; +} chm; + +typedef enum pp_signal { + PP_PROCESS_TX_QUEUE=3, + PP_TRANSMIT=5, + PP_IOCTL=6, + PP_IEEE80211_TIMER=7, + PP_TIMER=8, + PP_PROCESS_RX_PKT_HDR=13, + PP_WIFI_ASSERT=14, + PP_TASK_KILL=15, + PP_PROCESS_TX_DONE=16, + PP_RX_PKT=17, + PP_RESORT_TX_AMPDU=18, + PP_LMAC_PROCESS_TX_TIMEOUT=22, + PP_LMAC_PROCESS_TX_COMPLETE=23, + PP_LMAC_PROCESS_COLLISIONS_TASK=24, + PP_WDEV_PROCESS_RX_SUCCESS_DATA_ALL=25, + PP_WDEV_PROCESS_MISC_PKT=26 +} pp_signal; + +typedef struct pp_signal_struct { + enum pp_signal signal; + void *data; +} pp_signal_struct; diff --git a/main/hardware.c b/main/hardware.c index 74e7199..4cf7856 100644 --- a/main/hardware.c +++ b/main/hardware.c @@ -435,7 +435,7 @@ void wifi_hardware_task(hardware_mac_args* pvParameter) { // It reads from a queue that the proprietary WMAC interrupt handler writes to // We kill it to make sure that no proprietary code is running anymore ESP_LOGW(TAG, "Killing proprietary wifi task (ppTask)"); - pp_post(0xf, 0); + pp_post(PP_TASK_KILL, 0); setup_rx_chain(); diff --git a/main/hwinit.c b/main/hwinit.c index d071870..31712e9 100644 --- a/main/hwinit.c +++ b/main/hwinit.c @@ -2,7 +2,7 @@ #include "esp_log.h" #include "esp_phy_init.h" #include "hardware.h" -#include "chm.h" +#include "ghidra-exports.h" static const char* TAG = "hwinit"; diff --git a/main/proprietary.h b/main/proprietary.h index 862d897..19ac302 100644 --- a/main/proprietary.h +++ b/main/proprietary.h @@ -1,8 +1,9 @@ #pragma once #include +#include "ghidra-exports.h" // All extern function shown here are symbols in the binary blobs -extern bool pp_post(uint32_t requestnum, uint32_t argument); +extern bool pp_post(pp_signal requestnum, void* argument); // Interrupt-related functions extern void xt_unhandled_interrupt(void * arg); From 46bea8bf209855a5205e0655227fc8349be2349d Mon Sep 17 00:00:00 2001 From: Frostie314159 Date: Tue, 18 Jun 2024 14:48:01 +0200 Subject: [PATCH 4/4] Reordered functions in hwinit. --- main/hwinit.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/main/hwinit.c b/main/hwinit.c index 31712e9..5111263 100644 --- a/main/hwinit.c +++ b/main/hwinit.c @@ -41,10 +41,6 @@ void esp_phy_common_clock_enable(); void esp_phy_load_cal_and_init(); // End of open source symbols -// [[openmac-coverage:implemented]] -void wifi_station_start_openmac() { - // this does hal_enable_sta_tsf and ic_set_vif; which we already handle in open code -} void acquire_lock() { mutex_lock_wraper(g_wifi_global_lock); } @@ -52,11 +48,6 @@ void release_lock() { mutex_unlock_wraper(g_wifi_global_lock); } -// [[openmac-coverage:implemented]] -esp_err_t _do_wifi_start_openmac(wifi_mode_t mode) { - wifi_station_start_openmac(); - return ESP_OK; -} void esp_wifi_internal_update_mac_time_openmac(uint32_t diff) { g_wifi_mac_time_delta += diff; } @@ -105,7 +96,7 @@ void timer_process(void* unknown) { ieee80211_timer_process(0x7, 0x8, unknown); } void chm_init_openmac(void* ic) { - // The only refrence to this is upon init. + // The only reference to this is upon init. g_chm->field76_0x4f = 0xe; for (int channel = 0; channel < 14; channel++) { @@ -149,6 +140,16 @@ void wifi_hw_start_openmac(wifi_mode_t mode) { pm_noise_check_enable(); } +// [[openmac-coverage:implemented]] +void wifi_station_start_openmac() { + // this does hal_enable_sta_tsf and ic_set_vif; which we already handle in open code +} + +// [[openmac-coverage:implemented]] +esp_err_t _do_wifi_start_openmac(wifi_mode_t mode) { + wifi_station_start_openmac(); + return ESP_OK; +} void wifi_start_process_openmac() { ESP_ERROR_CHECK(adc2_wifi_acquire()); wifi_hw_start_openmac(0);