arlan: use netstats in net_device structure
[deliverable/linux.git] / drivers / net / wireless / atmel.c
... / ...
CommitLineData
1/*** -*- linux-c -*- **********************************************************
2
3 Driver for Atmel at76c502 at76c504 and at76c506 wireless cards.
4
5 Copyright 2000-2001 ATMEL Corporation.
6 Copyright 2003-2004 Simon Kelley.
7
8 This code was developed from version 2.1.1 of the Atmel drivers,
9 released by Atmel corp. under the GPL in December 2002. It also
10 includes code from the Linux aironet drivers (C) Benjamin Reed,
11 and the Linux PCMCIA package, (C) David Hinds and the Linux wireless
12 extensions, (C) Jean Tourrilhes.
13
14 The firmware module for reading the MAC address of the card comes from
15 net.russotto.AtmelMACFW, written by Matthew T. Russotto and copyright
16 by him. net.russotto.AtmelMACFW is used under the GPL license version 2.
17 This file contains the module in binary form and, under the terms
18 of the GPL, in source form. The source is located at the end of the file.
19
20 This program is free software; you can redistribute it and/or modify
21 it under the terms of the GNU General Public License as published by
22 the Free Software Foundation; either version 2 of the License, or
23 (at your option) any later version.
24
25 This software is distributed in the hope that it will be useful,
26 but WITHOUT ANY WARRANTY; without even the implied warranty of
27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 GNU General Public License for more details.
29
30 You should have received a copy of the GNU General Public License
31 along with Atmel wireless lan drivers; if not, write to the Free Software
32 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
33
34 For all queries about this code, please contact the current author,
35 Simon Kelley <simon@thekelleys.org.uk> and not Atmel Corporation.
36
37 Credit is due to HP UK and Cambridge Online Systems Ltd for supplying
38 hardware used during development of this driver.
39
40******************************************************************************/
41
42#include <linux/init.h>
43
44#include <linux/kernel.h>
45#include <linux/ptrace.h>
46#include <linux/slab.h>
47#include <linux/string.h>
48#include <linux/ctype.h>
49#include <linux/timer.h>
50#include <asm/io.h>
51#include <asm/system.h>
52#include <asm/uaccess.h>
53#include <linux/module.h>
54#include <linux/netdevice.h>
55#include <linux/etherdevice.h>
56#include <linux/skbuff.h>
57#include <linux/if_arp.h>
58#include <linux/ioport.h>
59#include <linux/fcntl.h>
60#include <linux/delay.h>
61#include <linux/wireless.h>
62#include <net/iw_handler.h>
63#include <linux/byteorder/generic.h>
64#include <linux/crc32.h>
65#include <linux/proc_fs.h>
66#include <linux/device.h>
67#include <linux/moduleparam.h>
68#include <linux/firmware.h>
69#include <linux/jiffies.h>
70#include <net/ieee80211.h>
71#include "atmel.h"
72
73#define DRIVER_MAJOR 0
74#define DRIVER_MINOR 98
75
76MODULE_AUTHOR("Simon Kelley");
77MODULE_DESCRIPTION("Support for Atmel at76c50x 802.11 wireless ethernet cards.");
78MODULE_LICENSE("GPL");
79MODULE_SUPPORTED_DEVICE("Atmel at76c50x wireless cards");
80
81/* The name of the firmware file to be loaded
82 over-rides any automatic selection */
83static char *firmware = NULL;
84module_param(firmware, charp, 0);
85
86/* table of firmware file names */
87static struct {
88 AtmelFWType fw_type;
89 const char *fw_file;
90 const char *fw_file_ext;
91} fw_table[] = {
92 { ATMEL_FW_TYPE_502, "atmel_at76c502", "bin" },
93 { ATMEL_FW_TYPE_502D, "atmel_at76c502d", "bin" },
94 { ATMEL_FW_TYPE_502E, "atmel_at76c502e", "bin" },
95 { ATMEL_FW_TYPE_502_3COM, "atmel_at76c502_3com", "bin" },
96 { ATMEL_FW_TYPE_504, "atmel_at76c504", "bin" },
97 { ATMEL_FW_TYPE_504_2958, "atmel_at76c504_2958", "bin" },
98 { ATMEL_FW_TYPE_504A_2958,"atmel_at76c504a_2958","bin" },
99 { ATMEL_FW_TYPE_506, "atmel_at76c506", "bin" },
100 { ATMEL_FW_TYPE_NONE, NULL, NULL }
101};
102
103#define MAX_SSID_LENGTH 32
104#define MGMT_JIFFIES (256 * HZ / 100)
105
106#define MAX_BSS_ENTRIES 64
107
108/* registers */
109#define GCR 0x00 // (SIR0) General Configuration Register
110#define BSR 0x02 // (SIR1) Bank Switching Select Register
111#define AR 0x04
112#define DR 0x08
113#define MR1 0x12 // Mirror Register 1
114#define MR2 0x14 // Mirror Register 2
115#define MR3 0x16 // Mirror Register 3
116#define MR4 0x18 // Mirror Register 4
117
118#define GPR1 0x0c
119#define GPR2 0x0e
120#define GPR3 0x10
121//
122// Constants for the GCR register.
123//
124#define GCR_REMAP 0x0400 // Remap internal SRAM to 0
125#define GCR_SWRES 0x0080 // BIU reset (ARM and PAI are NOT reset)
126#define GCR_CORES 0x0060 // Core Reset (ARM and PAI are reset)
127#define GCR_ENINT 0x0002 // Enable Interrupts
128#define GCR_ACKINT 0x0008 // Acknowledge Interrupts
129
130#define BSS_SRAM 0x0200 // AMBA module selection --> SRAM
131#define BSS_IRAM 0x0100 // AMBA module selection --> IRAM
132//
133// Constants for the MR registers.
134//
135#define MAC_INIT_COMPLETE 0x0001 // MAC init has been completed
136#define MAC_BOOT_COMPLETE 0x0010 // MAC boot has been completed
137#define MAC_INIT_OK 0x0002 // MAC boot has been completed
138
139#define MIB_MAX_DATA_BYTES 212
140#define MIB_HEADER_SIZE 4 /* first four fields */
141
142struct get_set_mib {
143 u8 type;
144 u8 size;
145 u8 index;
146 u8 reserved;
147 u8 data[MIB_MAX_DATA_BYTES];
148};
149
150struct rx_desc {
151 u32 Next;
152 u16 MsduPos;
153 u16 MsduSize;
154
155 u8 State;
156 u8 Status;
157 u8 Rate;
158 u8 Rssi;
159 u8 LinkQuality;
160 u8 PreambleType;
161 u16 Duration;
162 u32 RxTime;
163};
164
165#define RX_DESC_FLAG_VALID 0x80
166#define RX_DESC_FLAG_CONSUMED 0x40
167#define RX_DESC_FLAG_IDLE 0x00
168
169#define RX_STATUS_SUCCESS 0x00
170
171#define RX_DESC_MSDU_POS_OFFSET 4
172#define RX_DESC_MSDU_SIZE_OFFSET 6
173#define RX_DESC_FLAGS_OFFSET 8
174#define RX_DESC_STATUS_OFFSET 9
175#define RX_DESC_RSSI_OFFSET 11
176#define RX_DESC_LINK_QUALITY_OFFSET 12
177#define RX_DESC_PREAMBLE_TYPE_OFFSET 13
178#define RX_DESC_DURATION_OFFSET 14
179#define RX_DESC_RX_TIME_OFFSET 16
180
181struct tx_desc {
182 u32 NextDescriptor;
183 u16 TxStartOfFrame;
184 u16 TxLength;
185
186 u8 TxState;
187 u8 TxStatus;
188 u8 RetryCount;
189
190 u8 TxRate;
191
192 u8 KeyIndex;
193 u8 ChiperType;
194 u8 ChipreLength;
195 u8 Reserved1;
196
197 u8 Reserved;
198 u8 PacketType;
199 u16 HostTxLength;
200};
201
202#define TX_DESC_NEXT_OFFSET 0
203#define TX_DESC_POS_OFFSET 4
204#define TX_DESC_SIZE_OFFSET 6
205#define TX_DESC_FLAGS_OFFSET 8
206#define TX_DESC_STATUS_OFFSET 9
207#define TX_DESC_RETRY_OFFSET 10
208#define TX_DESC_RATE_OFFSET 11
209#define TX_DESC_KEY_INDEX_OFFSET 12
210#define TX_DESC_CIPHER_TYPE_OFFSET 13
211#define TX_DESC_CIPHER_LENGTH_OFFSET 14
212#define TX_DESC_PACKET_TYPE_OFFSET 17
213#define TX_DESC_HOST_LENGTH_OFFSET 18
214
215///////////////////////////////////////////////////////
216// Host-MAC interface
217///////////////////////////////////////////////////////
218
219#define TX_STATUS_SUCCESS 0x00
220
221#define TX_FIRM_OWN 0x80
222#define TX_DONE 0x40
223
224#define TX_ERROR 0x01
225
226#define TX_PACKET_TYPE_DATA 0x01
227#define TX_PACKET_TYPE_MGMT 0x02
228
229#define ISR_EMPTY 0x00 // no bits set in ISR
230#define ISR_TxCOMPLETE 0x01 // packet transmitted
231#define ISR_RxCOMPLETE 0x02 // packet received
232#define ISR_RxFRAMELOST 0x04 // Rx Frame lost
233#define ISR_FATAL_ERROR 0x08 // Fatal error
234#define ISR_COMMAND_COMPLETE 0x10 // command completed
235#define ISR_OUT_OF_RANGE 0x20 // command completed
236#define ISR_IBSS_MERGE 0x40 // (4.1.2.30): IBSS merge
237#define ISR_GENERIC_IRQ 0x80
238
239#define Local_Mib_Type 0x01
240#define Mac_Address_Mib_Type 0x02
241#define Mac_Mib_Type 0x03
242#define Statistics_Mib_Type 0x04
243#define Mac_Mgmt_Mib_Type 0x05
244#define Mac_Wep_Mib_Type 0x06
245#define Phy_Mib_Type 0x07
246#define Multi_Domain_MIB 0x08
247
248#define MAC_MGMT_MIB_CUR_BSSID_POS 14
249#define MAC_MIB_FRAG_THRESHOLD_POS 8
250#define MAC_MIB_RTS_THRESHOLD_POS 10
251#define MAC_MIB_SHORT_RETRY_POS 16
252#define MAC_MIB_LONG_RETRY_POS 17
253#define MAC_MIB_SHORT_RETRY_LIMIT_POS 16
254#define MAC_MGMT_MIB_BEACON_PER_POS 0
255#define MAC_MGMT_MIB_STATION_ID_POS 6
256#define MAC_MGMT_MIB_CUR_PRIVACY_POS 11
257#define MAC_MGMT_MIB_CUR_BSSID_POS 14
258#define MAC_MGMT_MIB_PS_MODE_POS 53
259#define MAC_MGMT_MIB_LISTEN_INTERVAL_POS 54
260#define MAC_MGMT_MIB_MULTI_DOMAIN_IMPLEMENTED 56
261#define MAC_MGMT_MIB_MULTI_DOMAIN_ENABLED 57
262#define PHY_MIB_CHANNEL_POS 14
263#define PHY_MIB_RATE_SET_POS 20
264#define PHY_MIB_REG_DOMAIN_POS 26
265#define LOCAL_MIB_AUTO_TX_RATE_POS 3
266#define LOCAL_MIB_SSID_SIZE 5
267#define LOCAL_MIB_TX_PROMISCUOUS_POS 6
268#define LOCAL_MIB_TX_MGMT_RATE_POS 7
269#define LOCAL_MIB_TX_CONTROL_RATE_POS 8
270#define LOCAL_MIB_PREAMBLE_TYPE 9
271#define MAC_ADDR_MIB_MAC_ADDR_POS 0
272
273#define CMD_Set_MIB_Vars 0x01
274#define CMD_Get_MIB_Vars 0x02
275#define CMD_Scan 0x03
276#define CMD_Join 0x04
277#define CMD_Start 0x05
278#define CMD_EnableRadio 0x06
279#define CMD_DisableRadio 0x07
280#define CMD_SiteSurvey 0x0B
281
282#define CMD_STATUS_IDLE 0x00
283#define CMD_STATUS_COMPLETE 0x01
284#define CMD_STATUS_UNKNOWN 0x02
285#define CMD_STATUS_INVALID_PARAMETER 0x03
286#define CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04
287#define CMD_STATUS_TIME_OUT 0x07
288#define CMD_STATUS_IN_PROGRESS 0x08
289#define CMD_STATUS_REJECTED_RADIO_OFF 0x09
290#define CMD_STATUS_HOST_ERROR 0xFF
291#define CMD_STATUS_BUSY 0xFE
292
293#define CMD_BLOCK_COMMAND_OFFSET 0
294#define CMD_BLOCK_STATUS_OFFSET 1
295#define CMD_BLOCK_PARAMETERS_OFFSET 4
296
297#define SCAN_OPTIONS_SITE_SURVEY 0x80
298
299#define MGMT_FRAME_BODY_OFFSET 24
300#define MAX_AUTHENTICATION_RETRIES 3
301#define MAX_ASSOCIATION_RETRIES 3
302
303#define AUTHENTICATION_RESPONSE_TIME_OUT 1000
304
305#define MAX_WIRELESS_BODY 2316 /* mtu is 2312, CRC is 4 */
306#define LOOP_RETRY_LIMIT 500000
307
308#define ACTIVE_MODE 1
309#define PS_MODE 2
310
311#define MAX_ENCRYPTION_KEYS 4
312#define MAX_ENCRYPTION_KEY_SIZE 40
313
314///////////////////////////////////////////////////////////////////////////
315// 802.11 related definitions
316///////////////////////////////////////////////////////////////////////////
317
318//
319// Regulatory Domains
320//
321
322#define REG_DOMAIN_FCC 0x10 //Channels 1-11 USA
323#define REG_DOMAIN_DOC 0x20 //Channel 1-11 Canada
324#define REG_DOMAIN_ETSI 0x30 //Channel 1-13 Europe (ex Spain/France)
325#define REG_DOMAIN_SPAIN 0x31 //Channel 10-11 Spain
326#define REG_DOMAIN_FRANCE 0x32 //Channel 10-13 France
327#define REG_DOMAIN_MKK 0x40 //Channel 14 Japan
328#define REG_DOMAIN_MKK1 0x41 //Channel 1-14 Japan(MKK1)
329#define REG_DOMAIN_ISRAEL 0x50 //Channel 3-9 ISRAEL
330
331#define BSS_TYPE_AD_HOC 1
332#define BSS_TYPE_INFRASTRUCTURE 2
333
334#define SCAN_TYPE_ACTIVE 0
335#define SCAN_TYPE_PASSIVE 1
336
337#define LONG_PREAMBLE 0
338#define SHORT_PREAMBLE 1
339#define AUTO_PREAMBLE 2
340
341#define DATA_FRAME_WS_HEADER_SIZE 30
342
343/* promiscuous mode control */
344#define PROM_MODE_OFF 0x0
345#define PROM_MODE_UNKNOWN 0x1
346#define PROM_MODE_CRC_FAILED 0x2
347#define PROM_MODE_DUPLICATED 0x4
348#define PROM_MODE_MGMT 0x8
349#define PROM_MODE_CTRL 0x10
350#define PROM_MODE_BAD_PROTOCOL 0x20
351
352#define IFACE_INT_STATUS_OFFSET 0
353#define IFACE_INT_MASK_OFFSET 1
354#define IFACE_LOCKOUT_HOST_OFFSET 2
355#define IFACE_LOCKOUT_MAC_OFFSET 3
356#define IFACE_FUNC_CTRL_OFFSET 28
357#define IFACE_MAC_STAT_OFFSET 30
358#define IFACE_GENERIC_INT_TYPE_OFFSET 32
359
360#define CIPHER_SUITE_NONE 0
361#define CIPHER_SUITE_WEP_64 1
362#define CIPHER_SUITE_TKIP 2
363#define CIPHER_SUITE_AES 3
364#define CIPHER_SUITE_CCX 4
365#define CIPHER_SUITE_WEP_128 5
366
367//
368// IFACE MACROS & definitions
369//
370//
371
372// FuncCtrl field:
373//
374#define FUNC_CTRL_TxENABLE 0x10
375#define FUNC_CTRL_RxENABLE 0x20
376#define FUNC_CTRL_INIT_COMPLETE 0x01
377
378/* A stub firmware image which reads the MAC address from NVRAM on the card.
379 For copyright information and source see the end of this file. */
380static u8 mac_reader[] = {
381 0x06,0x00,0x00,0xea,0x04,0x00,0x00,0xea,0x03,0x00,0x00,0xea,0x02,0x00,0x00,0xea,
382 0x01,0x00,0x00,0xea,0x00,0x00,0x00,0xea,0xff,0xff,0xff,0xea,0xfe,0xff,0xff,0xea,
383 0xd3,0x00,0xa0,0xe3,0x00,0xf0,0x21,0xe1,0x0e,0x04,0xa0,0xe3,0x00,0x10,0xa0,0xe3,
384 0x81,0x11,0xa0,0xe1,0x00,0x10,0x81,0xe3,0x00,0x10,0x80,0xe5,0x1c,0x10,0x90,0xe5,
385 0x10,0x10,0xc1,0xe3,0x1c,0x10,0x80,0xe5,0x01,0x10,0xa0,0xe3,0x08,0x10,0x80,0xe5,
386 0x02,0x03,0xa0,0xe3,0x00,0x10,0xa0,0xe3,0xb0,0x10,0xc0,0xe1,0xb4,0x10,0xc0,0xe1,
387 0xb8,0x10,0xc0,0xe1,0xbc,0x10,0xc0,0xe1,0x56,0xdc,0xa0,0xe3,0x21,0x00,0x00,0xeb,
388 0x0a,0x00,0xa0,0xe3,0x1a,0x00,0x00,0xeb,0x10,0x00,0x00,0xeb,0x07,0x00,0x00,0xeb,
389 0x02,0x03,0xa0,0xe3,0x02,0x14,0xa0,0xe3,0xb4,0x10,0xc0,0xe1,0x4c,0x10,0x9f,0xe5,
390 0xbc,0x10,0xc0,0xe1,0x10,0x10,0xa0,0xe3,0xb8,0x10,0xc0,0xe1,0xfe,0xff,0xff,0xea,
391 0x00,0x40,0x2d,0xe9,0x00,0x20,0xa0,0xe3,0x02,0x3c,0xa0,0xe3,0x00,0x10,0xa0,0xe3,
392 0x28,0x00,0x9f,0xe5,0x37,0x00,0x00,0xeb,0x00,0x40,0xbd,0xe8,0x1e,0xff,0x2f,0xe1,
393 0x00,0x40,0x2d,0xe9,0x12,0x2e,0xa0,0xe3,0x06,0x30,0xa0,0xe3,0x00,0x10,0xa0,0xe3,
394 0x02,0x04,0xa0,0xe3,0x2f,0x00,0x00,0xeb,0x00,0x40,0xbd,0xe8,0x1e,0xff,0x2f,0xe1,
395 0x00,0x02,0x00,0x02,0x80,0x01,0x90,0xe0,0x01,0x00,0x00,0x0a,0x01,0x00,0x50,0xe2,
396 0xfc,0xff,0xff,0xea,0x1e,0xff,0x2f,0xe1,0x80,0x10,0xa0,0xe3,0xf3,0x06,0xa0,0xe3,
397 0x00,0x10,0x80,0xe5,0x00,0x10,0xa0,0xe3,0x00,0x10,0x80,0xe5,0x01,0x10,0xa0,0xe3,
398 0x04,0x10,0x80,0xe5,0x00,0x10,0x80,0xe5,0x0e,0x34,0xa0,0xe3,0x1c,0x10,0x93,0xe5,
399 0x02,0x1a,0x81,0xe3,0x1c,0x10,0x83,0xe5,0x58,0x11,0x9f,0xe5,0x30,0x10,0x80,0xe5,
400 0x54,0x11,0x9f,0xe5,0x34,0x10,0x80,0xe5,0x38,0x10,0x80,0xe5,0x3c,0x10,0x80,0xe5,
401 0x10,0x10,0x90,0xe5,0x08,0x00,0x90,0xe5,0x1e,0xff,0x2f,0xe1,0xf3,0x16,0xa0,0xe3,
402 0x08,0x00,0x91,0xe5,0x05,0x00,0xa0,0xe3,0x0c,0x00,0x81,0xe5,0x10,0x00,0x91,0xe5,
403 0x02,0x00,0x10,0xe3,0xfc,0xff,0xff,0x0a,0xff,0x00,0xa0,0xe3,0x0c,0x00,0x81,0xe5,
404 0x10,0x00,0x91,0xe5,0x02,0x00,0x10,0xe3,0xfc,0xff,0xff,0x0a,0x08,0x00,0x91,0xe5,
405 0x10,0x00,0x91,0xe5,0x01,0x00,0x10,0xe3,0xfc,0xff,0xff,0x0a,0x08,0x00,0x91,0xe5,
406 0xff,0x00,0x00,0xe2,0x1e,0xff,0x2f,0xe1,0x30,0x40,0x2d,0xe9,0x00,0x50,0xa0,0xe1,
407 0x03,0x40,0xa0,0xe1,0xa2,0x02,0xa0,0xe1,0x08,0x00,0x00,0xe2,0x03,0x00,0x80,0xe2,
408 0xd8,0x10,0x9f,0xe5,0x00,0x00,0xc1,0xe5,0x01,0x20,0xc1,0xe5,0xe2,0xff,0xff,0xeb,
409 0x01,0x00,0x10,0xe3,0xfc,0xff,0xff,0x1a,0x14,0x00,0xa0,0xe3,0xc4,0xff,0xff,0xeb,
410 0x04,0x20,0xa0,0xe1,0x05,0x10,0xa0,0xe1,0x02,0x00,0xa0,0xe3,0x01,0x00,0x00,0xeb,
411 0x30,0x40,0xbd,0xe8,0x1e,0xff,0x2f,0xe1,0x70,0x40,0x2d,0xe9,0xf3,0x46,0xa0,0xe3,
412 0x00,0x30,0xa0,0xe3,0x00,0x00,0x50,0xe3,0x08,0x00,0x00,0x9a,0x8c,0x50,0x9f,0xe5,
413 0x03,0x60,0xd5,0xe7,0x0c,0x60,0x84,0xe5,0x10,0x60,0x94,0xe5,0x02,0x00,0x16,0xe3,
414 0xfc,0xff,0xff,0x0a,0x01,0x30,0x83,0xe2,0x00,0x00,0x53,0xe1,0xf7,0xff,0xff,0x3a,
415 0xff,0x30,0xa0,0xe3,0x0c,0x30,0x84,0xe5,0x08,0x00,0x94,0xe5,0x10,0x00,0x94,0xe5,
416 0x01,0x00,0x10,0xe3,0xfc,0xff,0xff,0x0a,0x08,0x00,0x94,0xe5,0x00,0x00,0xa0,0xe3,
417 0x00,0x00,0x52,0xe3,0x0b,0x00,0x00,0x9a,0x10,0x50,0x94,0xe5,0x02,0x00,0x15,0xe3,
418 0xfc,0xff,0xff,0x0a,0x0c,0x30,0x84,0xe5,0x10,0x50,0x94,0xe5,0x01,0x00,0x15,0xe3,
419 0xfc,0xff,0xff,0x0a,0x08,0x50,0x94,0xe5,0x01,0x50,0xc1,0xe4,0x01,0x00,0x80,0xe2,
420 0x02,0x00,0x50,0xe1,0xf3,0xff,0xff,0x3a,0xc8,0x00,0xa0,0xe3,0x98,0xff,0xff,0xeb,
421 0x70,0x40,0xbd,0xe8,0x1e,0xff,0x2f,0xe1,0x01,0x0c,0x00,0x02,0x01,0x02,0x00,0x02,
422 0x00,0x01,0x00,0x02
423};
424
425struct atmel_private {
426 void *card; /* Bus dependent stucture varies for PCcard */
427 int (*present_callback)(void *); /* And callback which uses it */
428 char firmware_id[32];
429 AtmelFWType firmware_type;
430 u8 *firmware;
431 int firmware_length;
432 struct timer_list management_timer;
433 struct net_device *dev;
434 struct device *sys_dev;
435 struct iw_statistics wstats;
436 struct net_device_stats stats; // device stats
437 spinlock_t irqlock, timerlock; // spinlocks
438 enum { BUS_TYPE_PCCARD, BUS_TYPE_PCI } bus_type;
439 enum {
440 CARD_TYPE_PARALLEL_FLASH,
441 CARD_TYPE_SPI_FLASH,
442 CARD_TYPE_EEPROM
443 } card_type;
444 int do_rx_crc; /* If we need to CRC incoming packets */
445 int probe_crc; /* set if we don't yet know */
446 int crc_ok_cnt, crc_ko_cnt; /* counters for probing */
447 u16 rx_desc_head;
448 u16 tx_desc_free, tx_desc_head, tx_desc_tail, tx_desc_previous;
449 u16 tx_free_mem, tx_buff_head, tx_buff_tail;
450
451 u16 frag_seq, frag_len, frag_no;
452 u8 frag_source[6];
453
454 u8 wep_is_on, default_key, exclude_unencrypted, encryption_level;
455 u8 group_cipher_suite, pairwise_cipher_suite;
456 u8 wep_keys[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
457 int wep_key_len[MAX_ENCRYPTION_KEYS];
458 int use_wpa, radio_on_broken; /* firmware dependent stuff. */
459
460 u16 host_info_base;
461 struct host_info_struct {
462 /* NB this is matched to the hardware, don't change. */
463 u8 volatile int_status;
464 u8 volatile int_mask;
465 u8 volatile lockout_host;
466 u8 volatile lockout_mac;
467
468 u16 tx_buff_pos;
469 u16 tx_buff_size;
470 u16 tx_desc_pos;
471 u16 tx_desc_count;
472
473 u16 rx_buff_pos;
474 u16 rx_buff_size;
475 u16 rx_desc_pos;
476 u16 rx_desc_count;
477
478 u16 build_version;
479 u16 command_pos;
480
481 u16 major_version;
482 u16 minor_version;
483
484 u16 func_ctrl;
485 u16 mac_status;
486 u16 generic_IRQ_type;
487 u8 reserved[2];
488 } host_info;
489
490 enum {
491 STATION_STATE_SCANNING,
492 STATION_STATE_JOINNING,
493 STATION_STATE_AUTHENTICATING,
494 STATION_STATE_ASSOCIATING,
495 STATION_STATE_READY,
496 STATION_STATE_REASSOCIATING,
497 STATION_STATE_DOWN,
498 STATION_STATE_MGMT_ERROR
499 } station_state;
500
501 int operating_mode, power_mode;
502 time_t last_qual;
503 int beacons_this_sec;
504 int channel;
505 int reg_domain, config_reg_domain;
506 int tx_rate;
507 int auto_tx_rate;
508 int rts_threshold;
509 int frag_threshold;
510 int long_retry, short_retry;
511 int preamble;
512 int default_beacon_period, beacon_period, listen_interval;
513 int CurrentAuthentTransactionSeqNum, ExpectedAuthentTransactionSeqNum;
514 int AuthenticationRequestRetryCnt, AssociationRequestRetryCnt, ReAssociationRequestRetryCnt;
515 enum {
516 SITE_SURVEY_IDLE,
517 SITE_SURVEY_IN_PROGRESS,
518 SITE_SURVEY_COMPLETED
519 } site_survey_state;
520 unsigned long last_survey;
521
522 int station_was_associated, station_is_associated;
523 int fast_scan;
524
525 struct bss_info {
526 int channel;
527 int SSIDsize;
528 int RSSI;
529 int UsingWEP;
530 int preamble;
531 int beacon_period;
532 int BSStype;
533 u8 BSSID[6];
534 u8 SSID[MAX_SSID_LENGTH];
535 } BSSinfo[MAX_BSS_ENTRIES];
536 int BSS_list_entries, current_BSS;
537 int connect_to_any_BSS;
538 int SSID_size, new_SSID_size;
539 u8 CurrentBSSID[6], BSSID[6];
540 u8 SSID[MAX_SSID_LENGTH], new_SSID[MAX_SSID_LENGTH];
541 u64 last_beacon_timestamp;
542 u8 rx_buf[MAX_WIRELESS_BODY];
543};
544
545static u8 atmel_basic_rates[4] = {0x82,0x84,0x0b,0x16};
546
547static const struct {
548 int reg_domain;
549 int min, max;
550 char *name;
551} channel_table[] = { { REG_DOMAIN_FCC, 1, 11, "USA" },
552 { REG_DOMAIN_DOC, 1, 11, "Canada" },
553 { REG_DOMAIN_ETSI, 1, 13, "Europe" },
554 { REG_DOMAIN_SPAIN, 10, 11, "Spain" },
555 { REG_DOMAIN_FRANCE, 10, 13, "France" },
556 { REG_DOMAIN_MKK, 14, 14, "MKK" },
557 { REG_DOMAIN_MKK1, 1, 14, "MKK1" },
558 { REG_DOMAIN_ISRAEL, 3, 9, "Israel"} };
559
560static void build_wpa_mib(struct atmel_private *priv);
561static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd);
562static void atmel_copy_to_card(struct net_device *dev, u16 dest,
563 unsigned char *src, u16 len);
564static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
565 u16 src, u16 len);
566static void atmel_set_gcr(struct net_device *dev, u16 mask);
567static void atmel_clear_gcr(struct net_device *dev, u16 mask);
568static int atmel_lock_mac(struct atmel_private *priv);
569static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data);
570static void atmel_command_irq(struct atmel_private *priv);
571static int atmel_validate_channel(struct atmel_private *priv, int channel);
572static void atmel_management_frame(struct atmel_private *priv,
573 struct ieee80211_hdr_4addr *header,
574 u16 frame_len, u8 rssi);
575static void atmel_management_timer(u_long a);
576static void atmel_send_command(struct atmel_private *priv, int command,
577 void *cmd, int cmd_size);
578static int atmel_send_command_wait(struct atmel_private *priv, int command,
579 void *cmd, int cmd_size);
580static void atmel_transmit_management_frame(struct atmel_private *priv,
581 struct ieee80211_hdr_4addr *header,
582 u8 *body, int body_len);
583
584static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index);
585static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index,
586 u8 data);
587static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
588 u16 data);
589static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
590 u8 *data, int data_len);
591static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
592 u8 *data, int data_len);
593static void atmel_scan(struct atmel_private *priv, int specific_ssid);
594static void atmel_join_bss(struct atmel_private *priv, int bss_index);
595static void atmel_smooth_qual(struct atmel_private *priv);
596static void atmel_writeAR(struct net_device *dev, u16 data);
597static int probe_atmel_card(struct net_device *dev);
598static int reset_atmel_card(struct net_device *dev);
599static void atmel_enter_state(struct atmel_private *priv, int new_state);
600int atmel_open (struct net_device *dev);
601
602static inline u16 atmel_hi(struct atmel_private *priv, u16 offset)
603{
604 return priv->host_info_base + offset;
605}
606
607static inline u16 atmel_co(struct atmel_private *priv, u16 offset)
608{
609 return priv->host_info.command_pos + offset;
610}
611
612static inline u16 atmel_rx(struct atmel_private *priv, u16 offset, u16 desc)
613{
614 return priv->host_info.rx_desc_pos + (sizeof(struct rx_desc) * desc) + offset;
615}
616
617static inline u16 atmel_tx(struct atmel_private *priv, u16 offset, u16 desc)
618{
619 return priv->host_info.tx_desc_pos + (sizeof(struct tx_desc) * desc) + offset;
620}
621
622static inline u8 atmel_read8(struct net_device *dev, u16 offset)
623{
624 return inb(dev->base_addr + offset);
625}
626
627static inline void atmel_write8(struct net_device *dev, u16 offset, u8 data)
628{
629 outb(data, dev->base_addr + offset);
630}
631
632static inline u16 atmel_read16(struct net_device *dev, u16 offset)
633{
634 return inw(dev->base_addr + offset);
635}
636
637static inline void atmel_write16(struct net_device *dev, u16 offset, u16 data)
638{
639 outw(data, dev->base_addr + offset);
640}
641
642static inline u8 atmel_rmem8(struct atmel_private *priv, u16 pos)
643{
644 atmel_writeAR(priv->dev, pos);
645 return atmel_read8(priv->dev, DR);
646}
647
648static inline void atmel_wmem8(struct atmel_private *priv, u16 pos, u16 data)
649{
650 atmel_writeAR(priv->dev, pos);
651 atmel_write8(priv->dev, DR, data);
652}
653
654static inline u16 atmel_rmem16(struct atmel_private *priv, u16 pos)
655{
656 atmel_writeAR(priv->dev, pos);
657 return atmel_read16(priv->dev, DR);
658}
659
660static inline void atmel_wmem16(struct atmel_private *priv, u16 pos, u16 data)
661{
662 atmel_writeAR(priv->dev, pos);
663 atmel_write16(priv->dev, DR, data);
664}
665
666static const struct iw_handler_def atmel_handler_def;
667
668static void tx_done_irq(struct atmel_private *priv)
669{
670 int i;
671
672 for (i = 0;
673 atmel_rmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head)) == TX_DONE &&
674 i < priv->host_info.tx_desc_count;
675 i++) {
676 u8 status = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_STATUS_OFFSET, priv->tx_desc_head));
677 u16 msdu_size = atmel_rmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_head));
678 u8 type = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_head));
679
680 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head), 0);
681
682 priv->tx_free_mem += msdu_size;
683 priv->tx_desc_free++;
684
685 if (priv->tx_buff_head + msdu_size > (priv->host_info.tx_buff_pos + priv->host_info.tx_buff_size))
686 priv->tx_buff_head = 0;
687 else
688 priv->tx_buff_head += msdu_size;
689
690 if (priv->tx_desc_head < (priv->host_info.tx_desc_count - 1))
691 priv->tx_desc_head++ ;
692 else
693 priv->tx_desc_head = 0;
694
695 if (type == TX_PACKET_TYPE_DATA) {
696 if (status == TX_STATUS_SUCCESS)
697 priv->stats.tx_packets++;
698 else
699 priv->stats.tx_errors++;
700 netif_wake_queue(priv->dev);
701 }
702 }
703}
704
705static u16 find_tx_buff(struct atmel_private *priv, u16 len)
706{
707 u16 bottom_free = priv->host_info.tx_buff_size - priv->tx_buff_tail;
708
709 if (priv->tx_desc_free == 3 || priv->tx_free_mem < len)
710 return 0;
711
712 if (bottom_free >= len)
713 return priv->host_info.tx_buff_pos + priv->tx_buff_tail;
714
715 if (priv->tx_free_mem - bottom_free >= len) {
716 priv->tx_buff_tail = 0;
717 return priv->host_info.tx_buff_pos;
718 }
719
720 return 0;
721}
722
723static void tx_update_descriptor(struct atmel_private *priv, int is_bcast,
724 u16 len, u16 buff, u8 type)
725{
726 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, priv->tx_desc_tail), buff);
727 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_tail), len);
728 if (!priv->use_wpa)
729 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_HOST_LENGTH_OFFSET, priv->tx_desc_tail), len);
730 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_tail), type);
731 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RATE_OFFSET, priv->tx_desc_tail), priv->tx_rate);
732 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RETRY_OFFSET, priv->tx_desc_tail), 0);
733 if (priv->use_wpa) {
734 int cipher_type, cipher_length;
735 if (is_bcast) {
736 cipher_type = priv->group_cipher_suite;
737 if (cipher_type == CIPHER_SUITE_WEP_64 ||
738 cipher_type == CIPHER_SUITE_WEP_128)
739 cipher_length = 8;
740 else if (cipher_type == CIPHER_SUITE_TKIP)
741 cipher_length = 12;
742 else if (priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_64 ||
743 priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_128) {
744 cipher_type = priv->pairwise_cipher_suite;
745 cipher_length = 8;
746 } else {
747 cipher_type = CIPHER_SUITE_NONE;
748 cipher_length = 0;
749 }
750 } else {
751 cipher_type = priv->pairwise_cipher_suite;
752 if (cipher_type == CIPHER_SUITE_WEP_64 ||
753 cipher_type == CIPHER_SUITE_WEP_128)
754 cipher_length = 8;
755 else if (cipher_type == CIPHER_SUITE_TKIP)
756 cipher_length = 12;
757 else if (priv->group_cipher_suite == CIPHER_SUITE_WEP_64 ||
758 priv->group_cipher_suite == CIPHER_SUITE_WEP_128) {
759 cipher_type = priv->group_cipher_suite;
760 cipher_length = 8;
761 } else {
762 cipher_type = CIPHER_SUITE_NONE;
763 cipher_length = 0;
764 }
765 }
766
767 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_TYPE_OFFSET, priv->tx_desc_tail),
768 cipher_type);
769 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_LENGTH_OFFSET, priv->tx_desc_tail),
770 cipher_length);
771 }
772 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_tail), 0x80000000L);
773 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_tail), TX_FIRM_OWN);
774 if (priv->tx_desc_previous != priv->tx_desc_tail)
775 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_previous), 0);
776 priv->tx_desc_previous = priv->tx_desc_tail;
777 if (priv->tx_desc_tail < (priv->host_info.tx_desc_count - 1))
778 priv->tx_desc_tail++;
779 else
780 priv->tx_desc_tail = 0;
781 priv->tx_desc_free--;
782 priv->tx_free_mem -= len;
783}
784
785static int start_tx(struct sk_buff *skb, struct net_device *dev)
786{
787 static const u8 SNAP_RFC1024[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
788 struct atmel_private *priv = netdev_priv(dev);
789 struct ieee80211_hdr_4addr header;
790 unsigned long flags;
791 u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN;
792
793 if (priv->card && priv->present_callback &&
794 !(*priv->present_callback)(priv->card)) {
795 priv->stats.tx_errors++;
796 dev_kfree_skb(skb);
797 return 0;
798 }
799
800 if (priv->station_state != STATION_STATE_READY) {
801 priv->stats.tx_errors++;
802 dev_kfree_skb(skb);
803 return 0;
804 }
805
806 /* first ensure the timer func cannot run */
807 spin_lock_bh(&priv->timerlock);
808 /* then stop the hardware ISR */
809 spin_lock_irqsave(&priv->irqlock, flags);
810 /* nb doing the above in the opposite order will deadlock */
811
812 /* The Wireless Header is 30 bytes. In the Ethernet packet we "cut" the
813 12 first bytes (containing DA/SA) and put them in the appropriate
814 fields of the Wireless Header. Thus the packet length is then the
815 initial + 18 (+30-12) */
816
817 if (!(buff = find_tx_buff(priv, len + 18))) {
818 priv->stats.tx_dropped++;
819 spin_unlock_irqrestore(&priv->irqlock, flags);
820 spin_unlock_bh(&priv->timerlock);
821 netif_stop_queue(dev);
822 return 1;
823 }
824
825 frame_ctl = IEEE80211_FTYPE_DATA;
826 header.duration_id = 0;
827 header.seq_ctl = 0;
828 if (priv->wep_is_on)
829 frame_ctl |= IEEE80211_FCTL_PROTECTED;
830 if (priv->operating_mode == IW_MODE_ADHOC) {
831 skb_copy_from_linear_data(skb, &header.addr1, 6);
832 memcpy(&header.addr2, dev->dev_addr, 6);
833 memcpy(&header.addr3, priv->BSSID, 6);
834 } else {
835 frame_ctl |= IEEE80211_FCTL_TODS;
836 memcpy(&header.addr1, priv->CurrentBSSID, 6);
837 memcpy(&header.addr2, dev->dev_addr, 6);
838 skb_copy_from_linear_data(skb, &header.addr3, 6);
839 }
840
841 if (priv->use_wpa)
842 memcpy(&header.addr4, SNAP_RFC1024, 6);
843
844 header.frame_ctl = cpu_to_le16(frame_ctl);
845 /* Copy the wireless header into the card */
846 atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE);
847 /* Copy the packet sans its 802.3 header addresses which have been replaced */
848 atmel_copy_to_card(dev, buff + DATA_FRAME_WS_HEADER_SIZE, skb->data + 12, len - 12);
849 priv->tx_buff_tail += len - 12 + DATA_FRAME_WS_HEADER_SIZE;
850
851 /* low bit of first byte of destination tells us if broadcast */
852 tx_update_descriptor(priv, *(skb->data) & 0x01, len + 18, buff, TX_PACKET_TYPE_DATA);
853 dev->trans_start = jiffies;
854 priv->stats.tx_bytes += len;
855
856 spin_unlock_irqrestore(&priv->irqlock, flags);
857 spin_unlock_bh(&priv->timerlock);
858 dev_kfree_skb(skb);
859
860 return 0;
861}
862
863static void atmel_transmit_management_frame(struct atmel_private *priv,
864 struct ieee80211_hdr_4addr *header,
865 u8 *body, int body_len)
866{
867 u16 buff;
868 int len = MGMT_FRAME_BODY_OFFSET + body_len;
869
870 if (!(buff = find_tx_buff(priv, len)))
871 return;
872
873 atmel_copy_to_card(priv->dev, buff, (u8 *)header, MGMT_FRAME_BODY_OFFSET);
874 atmel_copy_to_card(priv->dev, buff + MGMT_FRAME_BODY_OFFSET, body, body_len);
875 priv->tx_buff_tail += len;
876 tx_update_descriptor(priv, header->addr1[0] & 0x01, len, buff, TX_PACKET_TYPE_MGMT);
877}
878
879static void fast_rx_path(struct atmel_private *priv,
880 struct ieee80211_hdr_4addr *header,
881 u16 msdu_size, u16 rx_packet_loc, u32 crc)
882{
883 /* fast path: unfragmented packet copy directly into skbuf */
884 u8 mac4[6];
885 struct sk_buff *skb;
886 unsigned char *skbp;
887
888 /* get the final, mac 4 header field, this tells us encapsulation */
889 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc + 24, 6);
890 msdu_size -= 6;
891
892 if (priv->do_rx_crc) {
893 crc = crc32_le(crc, mac4, 6);
894 msdu_size -= 4;
895 }
896
897 if (!(skb = dev_alloc_skb(msdu_size + 14))) {
898 priv->stats.rx_dropped++;
899 return;
900 }
901
902 skb_reserve(skb, 2);
903 skbp = skb_put(skb, msdu_size + 12);
904 atmel_copy_to_host(priv->dev, skbp + 12, rx_packet_loc + 30, msdu_size);
905
906 if (priv->do_rx_crc) {
907 u32 netcrc;
908 crc = crc32_le(crc, skbp + 12, msdu_size);
909 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + 30 + msdu_size, 4);
910 if ((crc ^ 0xffffffff) != netcrc) {
911 priv->stats.rx_crc_errors++;
912 dev_kfree_skb(skb);
913 return;
914 }
915 }
916
917 memcpy(skbp, header->addr1, 6); /* destination address */
918 if (le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_FROMDS)
919 memcpy(&skbp[6], header->addr3, 6);
920 else
921 memcpy(&skbp[6], header->addr2, 6); /* source address */
922
923 priv->dev->last_rx = jiffies;
924 skb->protocol = eth_type_trans(skb, priv->dev);
925 skb->ip_summed = CHECKSUM_NONE;
926 netif_rx(skb);
927 priv->stats.rx_bytes += 12 + msdu_size;
928 priv->stats.rx_packets++;
929}
930
931/* Test to see if the packet in card memory at packet_loc has a valid CRC
932 It doesn't matter that this is slow: it is only used to proble the first few
933 packets. */
934static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size)
935{
936 int i = msdu_size - 4;
937 u32 netcrc, crc = 0xffffffff;
938
939 if (msdu_size < 4)
940 return 0;
941
942 atmel_copy_to_host(priv->dev, (void *)&netcrc, packet_loc + i, 4);
943
944 atmel_writeAR(priv->dev, packet_loc);
945 while (i--) {
946 u8 octet = atmel_read8(priv->dev, DR);
947 crc = crc32_le(crc, &octet, 1);
948 }
949
950 return (crc ^ 0xffffffff) == netcrc;
951}
952
953static void frag_rx_path(struct atmel_private *priv,
954 struct ieee80211_hdr_4addr *header,
955 u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no,
956 u8 frag_no, int more_frags)
957{
958 u8 mac4[6];
959 u8 source[6];
960 struct sk_buff *skb;
961
962 if (le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_FROMDS)
963 memcpy(source, header->addr3, 6);
964 else
965 memcpy(source, header->addr2, 6);
966
967 rx_packet_loc += 24; /* skip header */
968
969 if (priv->do_rx_crc)
970 msdu_size -= 4;
971
972 if (frag_no == 0) { /* first fragment */
973 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc, 6);
974 msdu_size -= 6;
975 rx_packet_loc += 6;
976
977 if (priv->do_rx_crc)
978 crc = crc32_le(crc, mac4, 6);
979
980 priv->frag_seq = seq_no;
981 priv->frag_no = 1;
982 priv->frag_len = msdu_size;
983 memcpy(priv->frag_source, source, 6);
984 memcpy(&priv->rx_buf[6], source, 6);
985 memcpy(priv->rx_buf, header->addr1, 6);
986
987 atmel_copy_to_host(priv->dev, &priv->rx_buf[12], rx_packet_loc, msdu_size);
988
989 if (priv->do_rx_crc) {
990 u32 netcrc;
991 crc = crc32_le(crc, &priv->rx_buf[12], msdu_size);
992 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
993 if ((crc ^ 0xffffffff) != netcrc) {
994 priv->stats.rx_crc_errors++;
995 memset(priv->frag_source, 0xff, 6);
996 }
997 }
998
999 } else if (priv->frag_no == frag_no &&
1000 priv->frag_seq == seq_no &&
1001 memcmp(priv->frag_source, source, 6) == 0) {
1002
1003 atmel_copy_to_host(priv->dev, &priv->rx_buf[12 + priv->frag_len],
1004 rx_packet_loc, msdu_size);
1005 if (priv->do_rx_crc) {
1006 u32 netcrc;
1007 crc = crc32_le(crc,
1008 &priv->rx_buf[12 + priv->frag_len],
1009 msdu_size);
1010 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1011 if ((crc ^ 0xffffffff) != netcrc) {
1012 priv->stats.rx_crc_errors++;
1013 memset(priv->frag_source, 0xff, 6);
1014 more_frags = 1; /* don't send broken assembly */
1015 }
1016 }
1017
1018 priv->frag_len += msdu_size;
1019 priv->frag_no++;
1020
1021 if (!more_frags) { /* last one */
1022 memset(priv->frag_source, 0xff, 6);
1023 if (!(skb = dev_alloc_skb(priv->frag_len + 14))) {
1024 priv->stats.rx_dropped++;
1025 } else {
1026 skb_reserve(skb, 2);
1027 memcpy(skb_put(skb, priv->frag_len + 12),
1028 priv->rx_buf,
1029 priv->frag_len + 12);
1030 priv->dev->last_rx = jiffies;
1031 skb->protocol = eth_type_trans(skb, priv->dev);
1032 skb->ip_summed = CHECKSUM_NONE;
1033 netif_rx(skb);
1034 priv->stats.rx_bytes += priv->frag_len + 12;
1035 priv->stats.rx_packets++;
1036 }
1037 }
1038 } else
1039 priv->wstats.discard.fragment++;
1040}
1041
1042static void rx_done_irq(struct atmel_private *priv)
1043{
1044 int i;
1045 struct ieee80211_hdr_4addr header;
1046
1047 for (i = 0;
1048 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID &&
1049 i < priv->host_info.rx_desc_count;
1050 i++) {
1051
1052 u16 msdu_size, rx_packet_loc, frame_ctl, seq_control;
1053 u8 status = atmel_rmem8(priv, atmel_rx(priv, RX_DESC_STATUS_OFFSET, priv->rx_desc_head));
1054 u32 crc = 0xffffffff;
1055
1056 if (status != RX_STATUS_SUCCESS) {
1057 if (status == 0xc1) /* determined by experiment */
1058 priv->wstats.discard.nwid++;
1059 else
1060 priv->stats.rx_errors++;
1061 goto next;
1062 }
1063
1064 msdu_size = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_SIZE_OFFSET, priv->rx_desc_head));
1065 rx_packet_loc = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_POS_OFFSET, priv->rx_desc_head));
1066
1067 if (msdu_size < 30) {
1068 priv->stats.rx_errors++;
1069 goto next;
1070 }
1071
1072 /* Get header as far as end of seq_ctl */
1073 atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24);
1074 frame_ctl = le16_to_cpu(header.frame_ctl);
1075 seq_control = le16_to_cpu(header.seq_ctl);
1076
1077 /* probe for CRC use here if needed once five packets have
1078 arrived with the same crc status, we assume we know what's
1079 happening and stop probing */
1080 if (priv->probe_crc) {
1081 if (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED)) {
1082 priv->do_rx_crc = probe_crc(priv, rx_packet_loc, msdu_size);
1083 } else {
1084 priv->do_rx_crc = probe_crc(priv, rx_packet_loc + 24, msdu_size - 24);
1085 }
1086 if (priv->do_rx_crc) {
1087 if (priv->crc_ok_cnt++ > 5)
1088 priv->probe_crc = 0;
1089 } else {
1090 if (priv->crc_ko_cnt++ > 5)
1091 priv->probe_crc = 0;
1092 }
1093 }
1094
1095 /* don't CRC header when WEP in use */
1096 if (priv->do_rx_crc && (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED))) {
1097 crc = crc32_le(0xffffffff, (unsigned char *)&header, 24);
1098 }
1099 msdu_size -= 24; /* header */
1100
1101 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) {
1102 int more_fragments = frame_ctl & IEEE80211_FCTL_MOREFRAGS;
1103 u8 packet_fragment_no = seq_control & IEEE80211_SCTL_FRAG;
1104 u16 packet_sequence_no = (seq_control & IEEE80211_SCTL_SEQ) >> 4;
1105
1106 if (!more_fragments && packet_fragment_no == 0) {
1107 fast_rx_path(priv, &header, msdu_size, rx_packet_loc, crc);
1108 } else {
1109 frag_rx_path(priv, &header, msdu_size, rx_packet_loc, crc,
1110 packet_sequence_no, packet_fragment_no, more_fragments);
1111 }
1112 }
1113
1114 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1115 /* copy rest of packet into buffer */
1116 atmel_copy_to_host(priv->dev, (unsigned char *)&priv->rx_buf, rx_packet_loc + 24, msdu_size);
1117
1118 /* we use the same buffer for frag reassembly and control packets */
1119 memset(priv->frag_source, 0xff, 6);
1120
1121 if (priv->do_rx_crc) {
1122 /* last 4 octets is crc */
1123 msdu_size -= 4;
1124 crc = crc32_le(crc, (unsigned char *)&priv->rx_buf, msdu_size);
1125 if ((crc ^ 0xffffffff) != (*((u32 *)&priv->rx_buf[msdu_size]))) {
1126 priv->stats.rx_crc_errors++;
1127 goto next;
1128 }
1129 }
1130
1131 atmel_management_frame(priv, &header, msdu_size,
1132 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_RSSI_OFFSET, priv->rx_desc_head)));
1133 }
1134
1135next:
1136 /* release descriptor */
1137 atmel_wmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head), RX_DESC_FLAG_CONSUMED);
1138
1139 if (priv->rx_desc_head < (priv->host_info.rx_desc_count - 1))
1140 priv->rx_desc_head++;
1141 else
1142 priv->rx_desc_head = 0;
1143 }
1144}
1145
1146static irqreturn_t service_interrupt(int irq, void *dev_id)
1147{
1148 struct net_device *dev = (struct net_device *) dev_id;
1149 struct atmel_private *priv = netdev_priv(dev);
1150 u8 isr;
1151 int i = -1;
1152 static u8 irq_order[] = {
1153 ISR_OUT_OF_RANGE,
1154 ISR_RxCOMPLETE,
1155 ISR_TxCOMPLETE,
1156 ISR_RxFRAMELOST,
1157 ISR_FATAL_ERROR,
1158 ISR_COMMAND_COMPLETE,
1159 ISR_IBSS_MERGE,
1160 ISR_GENERIC_IRQ
1161 };
1162
1163 if (priv->card && priv->present_callback &&
1164 !(*priv->present_callback)(priv->card))
1165 return IRQ_HANDLED;
1166
1167 /* In this state upper-level code assumes it can mess with
1168 the card unhampered by interrupts which may change register state.
1169 Note that even though the card shouldn't generate interrupts
1170 the inturrupt line may be shared. This allows card setup
1171 to go on without disabling interrupts for a long time. */
1172 if (priv->station_state == STATION_STATE_DOWN)
1173 return IRQ_NONE;
1174
1175 atmel_clear_gcr(dev, GCR_ENINT); /* disable interrupts */
1176
1177 while (1) {
1178 if (!atmel_lock_mac(priv)) {
1179 /* failed to contact card */
1180 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1181 return IRQ_HANDLED;
1182 }
1183
1184 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1185 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1186
1187 if (!isr) {
1188 atmel_set_gcr(dev, GCR_ENINT); /* enable interrupts */
1189 return i == -1 ? IRQ_NONE : IRQ_HANDLED;
1190 }
1191
1192 atmel_set_gcr(dev, GCR_ACKINT); /* acknowledge interrupt */
1193
1194 for (i = 0; i < ARRAY_SIZE(irq_order); i++)
1195 if (isr & irq_order[i])
1196 break;
1197
1198 if (!atmel_lock_mac(priv)) {
1199 /* failed to contact card */
1200 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1201 return IRQ_HANDLED;
1202 }
1203
1204 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1205 isr ^= irq_order[i];
1206 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET), isr);
1207 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1208
1209 switch (irq_order[i]) {
1210
1211 case ISR_OUT_OF_RANGE:
1212 if (priv->operating_mode == IW_MODE_INFRA &&
1213 priv->station_state == STATION_STATE_READY) {
1214 priv->station_is_associated = 0;
1215 atmel_scan(priv, 1);
1216 }
1217 break;
1218
1219 case ISR_RxFRAMELOST:
1220 priv->wstats.discard.misc++;
1221 /* fall through */
1222 case ISR_RxCOMPLETE:
1223 rx_done_irq(priv);
1224 break;
1225
1226 case ISR_TxCOMPLETE:
1227 tx_done_irq(priv);
1228 break;
1229
1230 case ISR_FATAL_ERROR:
1231 printk(KERN_ALERT "%s: *** FATAL error interrupt ***\n", dev->name);
1232 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
1233 break;
1234
1235 case ISR_COMMAND_COMPLETE:
1236 atmel_command_irq(priv);
1237 break;
1238
1239 case ISR_IBSS_MERGE:
1240 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
1241 priv->CurrentBSSID, 6);
1242 /* The WPA stuff cares about the current AP address */
1243 if (priv->use_wpa)
1244 build_wpa_mib(priv);
1245 break;
1246 case ISR_GENERIC_IRQ:
1247 printk(KERN_INFO "%s: Generic_irq received.\n", dev->name);
1248 break;
1249 }
1250 }
1251}
1252
1253static struct net_device_stats *atmel_get_stats(struct net_device *dev)
1254{
1255 struct atmel_private *priv = netdev_priv(dev);
1256 return &priv->stats;
1257}
1258
1259static struct iw_statistics *atmel_get_wireless_stats(struct net_device *dev)
1260{
1261 struct atmel_private *priv = netdev_priv(dev);
1262
1263 /* update the link quality here in case we are seeing no beacons
1264 at all to drive the process */
1265 atmel_smooth_qual(priv);
1266
1267 priv->wstats.status = priv->station_state;
1268
1269 if (priv->operating_mode == IW_MODE_INFRA) {
1270 if (priv->station_state != STATION_STATE_READY) {
1271 priv->wstats.qual.qual = 0;
1272 priv->wstats.qual.level = 0;
1273 priv->wstats.qual.updated = (IW_QUAL_QUAL_INVALID
1274 | IW_QUAL_LEVEL_INVALID);
1275 }
1276 priv->wstats.qual.noise = 0;
1277 priv->wstats.qual.updated |= IW_QUAL_NOISE_INVALID;
1278 } else {
1279 /* Quality levels cannot be determined in ad-hoc mode,
1280 because we can 'hear' more that one remote station. */
1281 priv->wstats.qual.qual = 0;
1282 priv->wstats.qual.level = 0;
1283 priv->wstats.qual.noise = 0;
1284 priv->wstats.qual.updated = IW_QUAL_QUAL_INVALID
1285 | IW_QUAL_LEVEL_INVALID
1286 | IW_QUAL_NOISE_INVALID;
1287 priv->wstats.miss.beacon = 0;
1288 }
1289
1290 return &priv->wstats;
1291}
1292
1293static int atmel_change_mtu(struct net_device *dev, int new_mtu)
1294{
1295 if ((new_mtu < 68) || (new_mtu > 2312))
1296 return -EINVAL;
1297 dev->mtu = new_mtu;
1298 return 0;
1299}
1300
1301static int atmel_set_mac_address(struct net_device *dev, void *p)
1302{
1303 struct sockaddr *addr = p;
1304
1305 memcpy (dev->dev_addr, addr->sa_data, dev->addr_len);
1306 return atmel_open(dev);
1307}
1308
1309EXPORT_SYMBOL(atmel_open);
1310
1311int atmel_open(struct net_device *dev)
1312{
1313 struct atmel_private *priv = netdev_priv(dev);
1314 int i, channel;
1315
1316 /* any scheduled timer is no longer needed and might screw things up.. */
1317 del_timer_sync(&priv->management_timer);
1318
1319 /* Interrupts will not touch the card once in this state... */
1320 priv->station_state = STATION_STATE_DOWN;
1321
1322 if (priv->new_SSID_size) {
1323 memcpy(priv->SSID, priv->new_SSID, priv->new_SSID_size);
1324 priv->SSID_size = priv->new_SSID_size;
1325 priv->new_SSID_size = 0;
1326 }
1327 priv->BSS_list_entries = 0;
1328
1329 priv->AuthenticationRequestRetryCnt = 0;
1330 priv->AssociationRequestRetryCnt = 0;
1331 priv->ReAssociationRequestRetryCnt = 0;
1332 priv->CurrentAuthentTransactionSeqNum = 0x0001;
1333 priv->ExpectedAuthentTransactionSeqNum = 0x0002;
1334
1335 priv->site_survey_state = SITE_SURVEY_IDLE;
1336 priv->station_is_associated = 0;
1337
1338 if (!reset_atmel_card(dev))
1339 return -EAGAIN;
1340
1341 if (priv->config_reg_domain) {
1342 priv->reg_domain = priv->config_reg_domain;
1343 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS, priv->reg_domain);
1344 } else {
1345 priv->reg_domain = atmel_get_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS);
1346 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1347 if (priv->reg_domain == channel_table[i].reg_domain)
1348 break;
1349 if (i == ARRAY_SIZE(channel_table)) {
1350 priv->reg_domain = REG_DOMAIN_MKK1;
1351 printk(KERN_ALERT "%s: failed to get regulatory domain: assuming MKK1.\n", dev->name);
1352 }
1353 }
1354
1355 if ((channel = atmel_validate_channel(priv, priv->channel)))
1356 priv->channel = channel;
1357
1358 /* this moves station_state on.... */
1359 atmel_scan(priv, 1);
1360
1361 atmel_set_gcr(priv->dev, GCR_ENINT); /* enable interrupts */
1362 return 0;
1363}
1364
1365static int atmel_close(struct net_device *dev)
1366{
1367 struct atmel_private *priv = netdev_priv(dev);
1368
1369 /* Send event to userspace that we are disassociating */
1370 if (priv->station_state == STATION_STATE_READY) {
1371 union iwreq_data wrqu;
1372
1373 wrqu.data.length = 0;
1374 wrqu.data.flags = 0;
1375 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1376 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
1377 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
1378 }
1379
1380 atmel_enter_state(priv, STATION_STATE_DOWN);
1381
1382 if (priv->bus_type == BUS_TYPE_PCCARD)
1383 atmel_write16(dev, GCR, 0x0060);
1384 atmel_write16(dev, GCR, 0x0040);
1385 return 0;
1386}
1387
1388static int atmel_validate_channel(struct atmel_private *priv, int channel)
1389{
1390 /* check that channel is OK, if so return zero,
1391 else return suitable default channel */
1392 int i;
1393
1394 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1395 if (priv->reg_domain == channel_table[i].reg_domain) {
1396 if (channel >= channel_table[i].min &&
1397 channel <= channel_table[i].max)
1398 return 0;
1399 else
1400 return channel_table[i].min;
1401 }
1402 return 0;
1403}
1404
1405static int atmel_proc_output (char *buf, struct atmel_private *priv)
1406{
1407 int i;
1408 char *p = buf;
1409 char *s, *r, *c;
1410
1411 p += sprintf(p, "Driver version:\t\t%d.%d\n",
1412 DRIVER_MAJOR, DRIVER_MINOR);
1413
1414 if (priv->station_state != STATION_STATE_DOWN) {
1415 p += sprintf(p, "Firmware version:\t%d.%d build %d\n"
1416 "Firmware location:\t",
1417 priv->host_info.major_version,
1418 priv->host_info.minor_version,
1419 priv->host_info.build_version);
1420
1421 if (priv->card_type != CARD_TYPE_EEPROM)
1422 p += sprintf(p, "on card\n");
1423 else if (priv->firmware)
1424 p += sprintf(p, "%s loaded by host\n",
1425 priv->firmware_id);
1426 else
1427 p += sprintf(p, "%s loaded by hotplug\n",
1428 priv->firmware_id);
1429
1430 switch (priv->card_type) {
1431 case CARD_TYPE_PARALLEL_FLASH: c = "Parallel flash"; break;
1432 case CARD_TYPE_SPI_FLASH: c = "SPI flash\n"; break;
1433 case CARD_TYPE_EEPROM: c = "EEPROM"; break;
1434 default: c = "<unknown>";
1435 }
1436
1437 r = "<unknown>";
1438 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1439 if (priv->reg_domain == channel_table[i].reg_domain)
1440 r = channel_table[i].name;
1441
1442 p += sprintf(p, "MAC memory type:\t%s\n", c);
1443 p += sprintf(p, "Regulatory domain:\t%s\n", r);
1444 p += sprintf(p, "Host CRC checking:\t%s\n",
1445 priv->do_rx_crc ? "On" : "Off");
1446 p += sprintf(p, "WPA-capable firmware:\t%s\n",
1447 priv->use_wpa ? "Yes" : "No");
1448 }
1449
1450 switch(priv->station_state) {
1451 case STATION_STATE_SCANNING: s = "Scanning"; break;
1452 case STATION_STATE_JOINNING: s = "Joining"; break;
1453 case STATION_STATE_AUTHENTICATING: s = "Authenticating"; break;
1454 case STATION_STATE_ASSOCIATING: s = "Associating"; break;
1455 case STATION_STATE_READY: s = "Ready"; break;
1456 case STATION_STATE_REASSOCIATING: s = "Reassociating"; break;
1457 case STATION_STATE_MGMT_ERROR: s = "Management error"; break;
1458 case STATION_STATE_DOWN: s = "Down"; break;
1459 default: s = "<unknown>";
1460 }
1461
1462 p += sprintf(p, "Current state:\t\t%s\n", s);
1463 return p - buf;
1464}
1465
1466static int atmel_read_proc(char *page, char **start, off_t off,
1467 int count, int *eof, void *data)
1468{
1469 struct atmel_private *priv = data;
1470 int len = atmel_proc_output (page, priv);
1471 if (len <= off+count) *eof = 1;
1472 *start = page + off;
1473 len -= off;
1474 if (len>count) len = count;
1475 if (len<0) len = 0;
1476 return len;
1477}
1478
1479struct net_device *init_atmel_card(unsigned short irq, unsigned long port,
1480 const AtmelFWType fw_type,
1481 struct device *sys_dev,
1482 int (*card_present)(void *), void *card)
1483{
1484 struct proc_dir_entry *ent;
1485 struct net_device *dev;
1486 struct atmel_private *priv;
1487 int rc;
1488 DECLARE_MAC_BUF(mac);
1489
1490 /* Create the network device object. */
1491 dev = alloc_etherdev(sizeof(*priv));
1492 if (!dev) {
1493 printk(KERN_ERR "atmel: Couldn't alloc_etherdev\n");
1494 return NULL;
1495 }
1496 if (dev_alloc_name(dev, dev->name) < 0) {
1497 printk(KERN_ERR "atmel: Couldn't get name!\n");
1498 goto err_out_free;
1499 }
1500
1501 priv = netdev_priv(dev);
1502 priv->dev = dev;
1503 priv->sys_dev = sys_dev;
1504 priv->present_callback = card_present;
1505 priv->card = card;
1506 priv->firmware = NULL;
1507 priv->firmware_id[0] = '\0';
1508 priv->firmware_type = fw_type;
1509 if (firmware) /* module parameter */
1510 strcpy(priv->firmware_id, firmware);
1511 priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI;
1512 priv->station_state = STATION_STATE_DOWN;
1513 priv->do_rx_crc = 0;
1514 /* For PCMCIA cards, some chips need CRC, some don't
1515 so we have to probe. */
1516 if (priv->bus_type == BUS_TYPE_PCCARD) {
1517 priv->probe_crc = 1;
1518 priv->crc_ok_cnt = priv->crc_ko_cnt = 0;
1519 } else
1520 priv->probe_crc = 0;
1521 memset(&priv->stats, 0, sizeof(priv->stats));
1522 memset(&priv->wstats, 0, sizeof(priv->wstats));
1523 priv->last_qual = jiffies;
1524 priv->last_beacon_timestamp = 0;
1525 memset(priv->frag_source, 0xff, sizeof(priv->frag_source));
1526 memset(priv->BSSID, 0, 6);
1527 priv->CurrentBSSID[0] = 0xFF; /* Initialize to something invalid.... */
1528 priv->station_was_associated = 0;
1529
1530 priv->last_survey = jiffies;
1531 priv->preamble = LONG_PREAMBLE;
1532 priv->operating_mode = IW_MODE_INFRA;
1533 priv->connect_to_any_BSS = 0;
1534 priv->config_reg_domain = 0;
1535 priv->reg_domain = 0;
1536 priv->tx_rate = 3;
1537 priv->auto_tx_rate = 1;
1538 priv->channel = 4;
1539 priv->power_mode = 0;
1540 priv->SSID[0] = '\0';
1541 priv->SSID_size = 0;
1542 priv->new_SSID_size = 0;
1543 priv->frag_threshold = 2346;
1544 priv->rts_threshold = 2347;
1545 priv->short_retry = 7;
1546 priv->long_retry = 4;
1547
1548 priv->wep_is_on = 0;
1549 priv->default_key = 0;
1550 priv->encryption_level = 0;
1551 priv->exclude_unencrypted = 0;
1552 priv->group_cipher_suite = priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1553 priv->use_wpa = 0;
1554 memset(priv->wep_keys, 0, sizeof(priv->wep_keys));
1555 memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len));
1556
1557 priv->default_beacon_period = priv->beacon_period = 100;
1558 priv->listen_interval = 1;
1559
1560 init_timer(&priv->management_timer);
1561 spin_lock_init(&priv->irqlock);
1562 spin_lock_init(&priv->timerlock);
1563 priv->management_timer.function = atmel_management_timer;
1564 priv->management_timer.data = (unsigned long) dev;
1565
1566 dev->open = atmel_open;
1567 dev->stop = atmel_close;
1568 dev->change_mtu = atmel_change_mtu;
1569 dev->set_mac_address = atmel_set_mac_address;
1570 dev->hard_start_xmit = start_tx;
1571 dev->get_stats = atmel_get_stats;
1572 dev->wireless_handlers = (struct iw_handler_def *)&atmel_handler_def;
1573 dev->do_ioctl = atmel_ioctl;
1574 dev->irq = irq;
1575 dev->base_addr = port;
1576
1577 SET_NETDEV_DEV(dev, sys_dev);
1578
1579 if ((rc = request_irq(dev->irq, service_interrupt, IRQF_SHARED, dev->name, dev))) {
1580 printk(KERN_ERR "%s: register interrupt %d failed, rc %d\n", dev->name, irq, rc);
1581 goto err_out_free;
1582 }
1583
1584 if (!request_region(dev->base_addr, 32,
1585 priv->bus_type == BUS_TYPE_PCCARD ? "atmel_cs" : "atmel_pci")) {
1586 goto err_out_irq;
1587 }
1588
1589 if (register_netdev(dev))
1590 goto err_out_res;
1591
1592 if (!probe_atmel_card(dev)){
1593 unregister_netdev(dev);
1594 goto err_out_res;
1595 }
1596
1597 netif_carrier_off(dev);
1598
1599 ent = create_proc_read_entry ("driver/atmel", 0, NULL, atmel_read_proc, priv);
1600 if (!ent)
1601 printk(KERN_WARNING "atmel: unable to create /proc entry.\n");
1602
1603 printk(KERN_INFO "%s: Atmel at76c50x. Version %d.%d. MAC %s\n",
1604 dev->name, DRIVER_MAJOR, DRIVER_MINOR, print_mac(mac, dev->dev_addr));
1605
1606 return dev;
1607
1608err_out_res:
1609 release_region( dev->base_addr, 32);
1610err_out_irq:
1611 free_irq(dev->irq, dev);
1612err_out_free:
1613 free_netdev(dev);
1614 return NULL;
1615}
1616
1617EXPORT_SYMBOL(init_atmel_card);
1618
1619void stop_atmel_card(struct net_device *dev)
1620{
1621 struct atmel_private *priv = netdev_priv(dev);
1622
1623 /* put a brick on it... */
1624 if (priv->bus_type == BUS_TYPE_PCCARD)
1625 atmel_write16(dev, GCR, 0x0060);
1626 atmel_write16(dev, GCR, 0x0040);
1627
1628 del_timer_sync(&priv->management_timer);
1629 unregister_netdev(dev);
1630 remove_proc_entry("driver/atmel", NULL);
1631 free_irq(dev->irq, dev);
1632 kfree(priv->firmware);
1633 release_region(dev->base_addr, 32);
1634 free_netdev(dev);
1635}
1636
1637EXPORT_SYMBOL(stop_atmel_card);
1638
1639static int atmel_set_essid(struct net_device *dev,
1640 struct iw_request_info *info,
1641 struct iw_point *dwrq,
1642 char *extra)
1643{
1644 struct atmel_private *priv = netdev_priv(dev);
1645
1646 /* Check if we asked for `any' */
1647 if(dwrq->flags == 0) {
1648 priv->connect_to_any_BSS = 1;
1649 } else {
1650 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1651
1652 priv->connect_to_any_BSS = 0;
1653
1654 /* Check the size of the string */
1655 if (dwrq->length > MAX_SSID_LENGTH)
1656 return -E2BIG;
1657 if (index != 0)
1658 return -EINVAL;
1659
1660 memcpy(priv->new_SSID, extra, dwrq->length);
1661 priv->new_SSID_size = dwrq->length;
1662 }
1663
1664 return -EINPROGRESS;
1665}
1666
1667static int atmel_get_essid(struct net_device *dev,
1668 struct iw_request_info *info,
1669 struct iw_point *dwrq,
1670 char *extra)
1671{
1672 struct atmel_private *priv = netdev_priv(dev);
1673
1674 /* Get the current SSID */
1675 if (priv->new_SSID_size != 0) {
1676 memcpy(extra, priv->new_SSID, priv->new_SSID_size);
1677 dwrq->length = priv->new_SSID_size;
1678 } else {
1679 memcpy(extra, priv->SSID, priv->SSID_size);
1680 dwrq->length = priv->SSID_size;
1681 }
1682
1683 dwrq->flags = !priv->connect_to_any_BSS; /* active */
1684
1685 return 0;
1686}
1687
1688static int atmel_get_wap(struct net_device *dev,
1689 struct iw_request_info *info,
1690 struct sockaddr *awrq,
1691 char *extra)
1692{
1693 struct atmel_private *priv = netdev_priv(dev);
1694 memcpy(awrq->sa_data, priv->CurrentBSSID, 6);
1695 awrq->sa_family = ARPHRD_ETHER;
1696
1697 return 0;
1698}
1699
1700static int atmel_set_encode(struct net_device *dev,
1701 struct iw_request_info *info,
1702 struct iw_point *dwrq,
1703 char *extra)
1704{
1705 struct atmel_private *priv = netdev_priv(dev);
1706
1707 /* Basic checking: do we have a key to set ?
1708 * Note : with the new API, it's impossible to get a NULL pointer.
1709 * Therefore, we need to check a key size == 0 instead.
1710 * New version of iwconfig properly set the IW_ENCODE_NOKEY flag
1711 * when no key is present (only change flags), but older versions
1712 * don't do it. - Jean II */
1713 if (dwrq->length > 0) {
1714 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1715 int current_index = priv->default_key;
1716 /* Check the size of the key */
1717 if (dwrq->length > 13) {
1718 return -EINVAL;
1719 }
1720 /* Check the index (none -> use current) */
1721 if (index < 0 || index >= 4)
1722 index = current_index;
1723 else
1724 priv->default_key = index;
1725 /* Set the length */
1726 if (dwrq->length > 5)
1727 priv->wep_key_len[index] = 13;
1728 else
1729 if (dwrq->length > 0)
1730 priv->wep_key_len[index] = 5;
1731 else
1732 /* Disable the key */
1733 priv->wep_key_len[index] = 0;
1734 /* Check if the key is not marked as invalid */
1735 if (!(dwrq->flags & IW_ENCODE_NOKEY)) {
1736 /* Cleanup */
1737 memset(priv->wep_keys[index], 0, 13);
1738 /* Copy the key in the driver */
1739 memcpy(priv->wep_keys[index], extra, dwrq->length);
1740 }
1741 /* WE specify that if a valid key is set, encryption
1742 * should be enabled (user may turn it off later)
1743 * This is also how "iwconfig ethX key on" works */
1744 if (index == current_index &&
1745 priv->wep_key_len[index] > 0) {
1746 priv->wep_is_on = 1;
1747 priv->exclude_unencrypted = 1;
1748 if (priv->wep_key_len[index] > 5) {
1749 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1750 priv->encryption_level = 2;
1751 } else {
1752 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1753 priv->encryption_level = 1;
1754 }
1755 }
1756 } else {
1757 /* Do we want to just set the transmit key index ? */
1758 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1759 if (index >= 0 && index < 4) {
1760 priv->default_key = index;
1761 } else
1762 /* Don't complain if only change the mode */
1763 if (!(dwrq->flags & IW_ENCODE_MODE))
1764 return -EINVAL;
1765 }
1766 /* Read the flags */
1767 if (dwrq->flags & IW_ENCODE_DISABLED) {
1768 priv->wep_is_on = 0;
1769 priv->encryption_level = 0;
1770 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1771 } else {
1772 priv->wep_is_on = 1;
1773 if (priv->wep_key_len[priv->default_key] > 5) {
1774 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1775 priv->encryption_level = 2;
1776 } else {
1777 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1778 priv->encryption_level = 1;
1779 }
1780 }
1781 if (dwrq->flags & IW_ENCODE_RESTRICTED)
1782 priv->exclude_unencrypted = 1;
1783 if(dwrq->flags & IW_ENCODE_OPEN)
1784 priv->exclude_unencrypted = 0;
1785
1786 return -EINPROGRESS; /* Call commit handler */
1787}
1788
1789static int atmel_get_encode(struct net_device *dev,
1790 struct iw_request_info *info,
1791 struct iw_point *dwrq,
1792 char *extra)
1793{
1794 struct atmel_private *priv = netdev_priv(dev);
1795 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1796
1797 if (!priv->wep_is_on)
1798 dwrq->flags = IW_ENCODE_DISABLED;
1799 else {
1800 if (priv->exclude_unencrypted)
1801 dwrq->flags = IW_ENCODE_RESTRICTED;
1802 else
1803 dwrq->flags = IW_ENCODE_OPEN;
1804 }
1805 /* Which key do we want ? -1 -> tx index */
1806 if (index < 0 || index >= 4)
1807 index = priv->default_key;
1808 dwrq->flags |= index + 1;
1809 /* Copy the key to the user buffer */
1810 dwrq->length = priv->wep_key_len[index];
1811 if (dwrq->length > 16) {
1812 dwrq->length=0;
1813 } else {
1814 memset(extra, 0, 16);
1815 memcpy(extra, priv->wep_keys[index], dwrq->length);
1816 }
1817
1818 return 0;
1819}
1820
1821static int atmel_set_encodeext(struct net_device *dev,
1822 struct iw_request_info *info,
1823 union iwreq_data *wrqu,
1824 char *extra)
1825{
1826 struct atmel_private *priv = netdev_priv(dev);
1827 struct iw_point *encoding = &wrqu->encoding;
1828 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1829 int idx, key_len, alg = ext->alg, set_key = 1;
1830
1831 /* Determine and validate the key index */
1832 idx = encoding->flags & IW_ENCODE_INDEX;
1833 if (idx) {
1834 if (idx < 1 || idx > WEP_KEYS)
1835 return -EINVAL;
1836 idx--;
1837 } else
1838 idx = priv->default_key;
1839
1840 if (encoding->flags & IW_ENCODE_DISABLED)
1841 alg = IW_ENCODE_ALG_NONE;
1842
1843 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
1844 priv->default_key = idx;
1845 set_key = ext->key_len > 0 ? 1 : 0;
1846 }
1847
1848 if (set_key) {
1849 /* Set the requested key first */
1850 switch (alg) {
1851 case IW_ENCODE_ALG_NONE:
1852 priv->wep_is_on = 0;
1853 priv->encryption_level = 0;
1854 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1855 break;
1856 case IW_ENCODE_ALG_WEP:
1857 if (ext->key_len > 5) {
1858 priv->wep_key_len[idx] = 13;
1859 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1860 priv->encryption_level = 2;
1861 } else if (ext->key_len > 0) {
1862 priv->wep_key_len[idx] = 5;
1863 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1864 priv->encryption_level = 1;
1865 } else {
1866 return -EINVAL;
1867 }
1868 priv->wep_is_on = 1;
1869 memset(priv->wep_keys[idx], 0, 13);
1870 key_len = min ((int)ext->key_len, priv->wep_key_len[idx]);
1871 memcpy(priv->wep_keys[idx], ext->key, key_len);
1872 break;
1873 default:
1874 return -EINVAL;
1875 }
1876 }
1877
1878 return -EINPROGRESS;
1879}
1880
1881static int atmel_get_encodeext(struct net_device *dev,
1882 struct iw_request_info *info,
1883 union iwreq_data *wrqu,
1884 char *extra)
1885{
1886 struct atmel_private *priv = netdev_priv(dev);
1887 struct iw_point *encoding = &wrqu->encoding;
1888 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1889 int idx, max_key_len;
1890
1891 max_key_len = encoding->length - sizeof(*ext);
1892 if (max_key_len < 0)
1893 return -EINVAL;
1894
1895 idx = encoding->flags & IW_ENCODE_INDEX;
1896 if (idx) {
1897 if (idx < 1 || idx > WEP_KEYS)
1898 return -EINVAL;
1899 idx--;
1900 } else
1901 idx = priv->default_key;
1902
1903 encoding->flags = idx + 1;
1904 memset(ext, 0, sizeof(*ext));
1905
1906 if (!priv->wep_is_on) {
1907 ext->alg = IW_ENCODE_ALG_NONE;
1908 ext->key_len = 0;
1909 encoding->flags |= IW_ENCODE_DISABLED;
1910 } else {
1911 if (priv->encryption_level > 0)
1912 ext->alg = IW_ENCODE_ALG_WEP;
1913 else
1914 return -EINVAL;
1915
1916 ext->key_len = priv->wep_key_len[idx];
1917 memcpy(ext->key, priv->wep_keys[idx], ext->key_len);
1918 encoding->flags |= IW_ENCODE_ENABLED;
1919 }
1920
1921 return 0;
1922}
1923
1924static int atmel_set_auth(struct net_device *dev,
1925 struct iw_request_info *info,
1926 union iwreq_data *wrqu, char *extra)
1927{
1928 struct atmel_private *priv = netdev_priv(dev);
1929 struct iw_param *param = &wrqu->param;
1930
1931 switch (param->flags & IW_AUTH_INDEX) {
1932 case IW_AUTH_WPA_VERSION:
1933 case IW_AUTH_CIPHER_PAIRWISE:
1934 case IW_AUTH_CIPHER_GROUP:
1935 case IW_AUTH_KEY_MGMT:
1936 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1937 case IW_AUTH_PRIVACY_INVOKED:
1938 /*
1939 * atmel does not use these parameters
1940 */
1941 break;
1942
1943 case IW_AUTH_DROP_UNENCRYPTED:
1944 priv->exclude_unencrypted = param->value ? 1 : 0;
1945 break;
1946
1947 case IW_AUTH_80211_AUTH_ALG: {
1948 if (param->value & IW_AUTH_ALG_SHARED_KEY) {
1949 priv->exclude_unencrypted = 1;
1950 } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) {
1951 priv->exclude_unencrypted = 0;
1952 } else
1953 return -EINVAL;
1954 break;
1955 }
1956
1957 case IW_AUTH_WPA_ENABLED:
1958 /* Silently accept disable of WPA */
1959 if (param->value > 0)
1960 return -EOPNOTSUPP;
1961 break;
1962
1963 default:
1964 return -EOPNOTSUPP;
1965 }
1966 return -EINPROGRESS;
1967}
1968
1969static int atmel_get_auth(struct net_device *dev,
1970 struct iw_request_info *info,
1971 union iwreq_data *wrqu, char *extra)
1972{
1973 struct atmel_private *priv = netdev_priv(dev);
1974 struct iw_param *param = &wrqu->param;
1975
1976 switch (param->flags & IW_AUTH_INDEX) {
1977 case IW_AUTH_DROP_UNENCRYPTED:
1978 param->value = priv->exclude_unencrypted;
1979 break;
1980
1981 case IW_AUTH_80211_AUTH_ALG:
1982 if (priv->exclude_unencrypted == 1)
1983 param->value = IW_AUTH_ALG_SHARED_KEY;
1984 else
1985 param->value = IW_AUTH_ALG_OPEN_SYSTEM;
1986 break;
1987
1988 case IW_AUTH_WPA_ENABLED:
1989 param->value = 0;
1990 break;
1991
1992 default:
1993 return -EOPNOTSUPP;
1994 }
1995 return 0;
1996}
1997
1998
1999static int atmel_get_name(struct net_device *dev,
2000 struct iw_request_info *info,
2001 char *cwrq,
2002 char *extra)
2003{
2004 strcpy(cwrq, "IEEE 802.11-DS");
2005 return 0;
2006}
2007
2008static int atmel_set_rate(struct net_device *dev,
2009 struct iw_request_info *info,
2010 struct iw_param *vwrq,
2011 char *extra)
2012{
2013 struct atmel_private *priv = netdev_priv(dev);
2014
2015 if (vwrq->fixed == 0) {
2016 priv->tx_rate = 3;
2017 priv->auto_tx_rate = 1;
2018 } else {
2019 priv->auto_tx_rate = 0;
2020
2021 /* Which type of value ? */
2022 if ((vwrq->value < 4) && (vwrq->value >= 0)) {
2023 /* Setting by rate index */
2024 priv->tx_rate = vwrq->value;
2025 } else {
2026 /* Setting by frequency value */
2027 switch (vwrq->value) {
2028 case 1000000: priv->tx_rate = 0; break;
2029 case 2000000: priv->tx_rate = 1; break;
2030 case 5500000: priv->tx_rate = 2; break;
2031 case 11000000: priv->tx_rate = 3; break;
2032 default: return -EINVAL;
2033 }
2034 }
2035 }
2036
2037 return -EINPROGRESS;
2038}
2039
2040static int atmel_set_mode(struct net_device *dev,
2041 struct iw_request_info *info,
2042 __u32 *uwrq,
2043 char *extra)
2044{
2045 struct atmel_private *priv = netdev_priv(dev);
2046
2047 if (*uwrq != IW_MODE_ADHOC && *uwrq != IW_MODE_INFRA)
2048 return -EINVAL;
2049
2050 priv->operating_mode = *uwrq;
2051 return -EINPROGRESS;
2052}
2053
2054static int atmel_get_mode(struct net_device *dev,
2055 struct iw_request_info *info,
2056 __u32 *uwrq,
2057 char *extra)
2058{
2059 struct atmel_private *priv = netdev_priv(dev);
2060
2061 *uwrq = priv->operating_mode;
2062 return 0;
2063}
2064
2065static int atmel_get_rate(struct net_device *dev,
2066 struct iw_request_info *info,
2067 struct iw_param *vwrq,
2068 char *extra)
2069{
2070 struct atmel_private *priv = netdev_priv(dev);
2071
2072 if (priv->auto_tx_rate) {
2073 vwrq->fixed = 0;
2074 vwrq->value = 11000000;
2075 } else {
2076 vwrq->fixed = 1;
2077 switch(priv->tx_rate) {
2078 case 0: vwrq->value = 1000000; break;
2079 case 1: vwrq->value = 2000000; break;
2080 case 2: vwrq->value = 5500000; break;
2081 case 3: vwrq->value = 11000000; break;
2082 }
2083 }
2084 return 0;
2085}
2086
2087static int atmel_set_power(struct net_device *dev,
2088 struct iw_request_info *info,
2089 struct iw_param *vwrq,
2090 char *extra)
2091{
2092 struct atmel_private *priv = netdev_priv(dev);
2093 priv->power_mode = vwrq->disabled ? 0 : 1;
2094 return -EINPROGRESS;
2095}
2096
2097static int atmel_get_power(struct net_device *dev,
2098 struct iw_request_info *info,
2099 struct iw_param *vwrq,
2100 char *extra)
2101{
2102 struct atmel_private *priv = netdev_priv(dev);
2103 vwrq->disabled = priv->power_mode ? 0 : 1;
2104 vwrq->flags = IW_POWER_ON;
2105 return 0;
2106}
2107
2108static int atmel_set_retry(struct net_device *dev,
2109 struct iw_request_info *info,
2110 struct iw_param *vwrq,
2111 char *extra)
2112{
2113 struct atmel_private *priv = netdev_priv(dev);
2114
2115 if (!vwrq->disabled && (vwrq->flags & IW_RETRY_LIMIT)) {
2116 if (vwrq->flags & IW_RETRY_LONG)
2117 priv->long_retry = vwrq->value;
2118 else if (vwrq->flags & IW_RETRY_SHORT)
2119 priv->short_retry = vwrq->value;
2120 else {
2121 /* No modifier : set both */
2122 priv->long_retry = vwrq->value;
2123 priv->short_retry = vwrq->value;
2124 }
2125 return -EINPROGRESS;
2126 }
2127
2128 return -EINVAL;
2129}
2130
2131static int atmel_get_retry(struct net_device *dev,
2132 struct iw_request_info *info,
2133 struct iw_param *vwrq,
2134 char *extra)
2135{
2136 struct atmel_private *priv = netdev_priv(dev);
2137
2138 vwrq->disabled = 0; /* Can't be disabled */
2139
2140 /* Note : by default, display the short retry number */
2141 if (vwrq->flags & IW_RETRY_LONG) {
2142 vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
2143 vwrq->value = priv->long_retry;
2144 } else {
2145 vwrq->flags = IW_RETRY_LIMIT;
2146 vwrq->value = priv->short_retry;
2147 if (priv->long_retry != priv->short_retry)
2148 vwrq->flags |= IW_RETRY_SHORT;
2149 }
2150
2151 return 0;
2152}
2153
2154static int atmel_set_rts(struct net_device *dev,
2155 struct iw_request_info *info,
2156 struct iw_param *vwrq,
2157 char *extra)
2158{
2159 struct atmel_private *priv = netdev_priv(dev);
2160 int rthr = vwrq->value;
2161
2162 if (vwrq->disabled)
2163 rthr = 2347;
2164 if ((rthr < 0) || (rthr > 2347)) {
2165 return -EINVAL;
2166 }
2167 priv->rts_threshold = rthr;
2168
2169 return -EINPROGRESS; /* Call commit handler */
2170}
2171
2172static int atmel_get_rts(struct net_device *dev,
2173 struct iw_request_info *info,
2174 struct iw_param *vwrq,
2175 char *extra)
2176{
2177 struct atmel_private *priv = netdev_priv(dev);
2178
2179 vwrq->value = priv->rts_threshold;
2180 vwrq->disabled = (vwrq->value >= 2347);
2181 vwrq->fixed = 1;
2182
2183 return 0;
2184}
2185
2186static int atmel_set_frag(struct net_device *dev,
2187 struct iw_request_info *info,
2188 struct iw_param *vwrq,
2189 char *extra)
2190{
2191 struct atmel_private *priv = netdev_priv(dev);
2192 int fthr = vwrq->value;
2193
2194 if (vwrq->disabled)
2195 fthr = 2346;
2196 if ((fthr < 256) || (fthr > 2346)) {
2197 return -EINVAL;
2198 }
2199 fthr &= ~0x1; /* Get an even value - is it really needed ??? */
2200 priv->frag_threshold = fthr;
2201
2202 return -EINPROGRESS; /* Call commit handler */
2203}
2204
2205static int atmel_get_frag(struct net_device *dev,
2206 struct iw_request_info *info,
2207 struct iw_param *vwrq,
2208 char *extra)
2209{
2210 struct atmel_private *priv = netdev_priv(dev);
2211
2212 vwrq->value = priv->frag_threshold;
2213 vwrq->disabled = (vwrq->value >= 2346);
2214 vwrq->fixed = 1;
2215
2216 return 0;
2217}
2218
2219static const long frequency_list[] = { 2412, 2417, 2422, 2427, 2432, 2437, 2442,
2220 2447, 2452, 2457, 2462, 2467, 2472, 2484 };
2221
2222static int atmel_set_freq(struct net_device *dev,
2223 struct iw_request_info *info,
2224 struct iw_freq *fwrq,
2225 char *extra)
2226{
2227 struct atmel_private *priv = netdev_priv(dev);
2228 int rc = -EINPROGRESS; /* Call commit handler */
2229
2230 /* If setting by frequency, convert to a channel */
2231 if ((fwrq->e == 1) &&
2232 (fwrq->m >= (int) 241200000) &&
2233 (fwrq->m <= (int) 248700000)) {
2234 int f = fwrq->m / 100000;
2235 int c = 0;
2236 while ((c < 14) && (f != frequency_list[c]))
2237 c++;
2238 /* Hack to fall through... */
2239 fwrq->e = 0;
2240 fwrq->m = c + 1;
2241 }
2242 /* Setting by channel number */
2243 if ((fwrq->m > 1000) || (fwrq->e > 0))
2244 rc = -EOPNOTSUPP;
2245 else {
2246 int channel = fwrq->m;
2247 if (atmel_validate_channel(priv, channel) == 0) {
2248 priv->channel = channel;
2249 } else {
2250 rc = -EINVAL;
2251 }
2252 }
2253 return rc;
2254}
2255
2256static int atmel_get_freq(struct net_device *dev,
2257 struct iw_request_info *info,
2258 struct iw_freq *fwrq,
2259 char *extra)
2260{
2261 struct atmel_private *priv = netdev_priv(dev);
2262
2263 fwrq->m = priv->channel;
2264 fwrq->e = 0;
2265 return 0;
2266}
2267
2268static int atmel_set_scan(struct net_device *dev,
2269 struct iw_request_info *info,
2270 struct iw_param *vwrq,
2271 char *extra)
2272{
2273 struct atmel_private *priv = netdev_priv(dev);
2274 unsigned long flags;
2275
2276 /* Note : you may have realised that, as this is a SET operation,
2277 * this is privileged and therefore a normal user can't
2278 * perform scanning.
2279 * This is not an error, while the device perform scanning,
2280 * traffic doesn't flow, so it's a perfect DoS...
2281 * Jean II */
2282
2283 if (priv->station_state == STATION_STATE_DOWN)
2284 return -EAGAIN;
2285
2286 /* Timeout old surveys. */
2287 if (time_after(jiffies, priv->last_survey + 20 * HZ))
2288 priv->site_survey_state = SITE_SURVEY_IDLE;
2289 priv->last_survey = jiffies;
2290
2291 /* Initiate a scan command */
2292 if (priv->site_survey_state == SITE_SURVEY_IN_PROGRESS)
2293 return -EBUSY;
2294
2295 del_timer_sync(&priv->management_timer);
2296 spin_lock_irqsave(&priv->irqlock, flags);
2297
2298 priv->site_survey_state = SITE_SURVEY_IN_PROGRESS;
2299 priv->fast_scan = 0;
2300 atmel_scan(priv, 0);
2301 spin_unlock_irqrestore(&priv->irqlock, flags);
2302
2303 return 0;
2304}
2305
2306static int atmel_get_scan(struct net_device *dev,
2307 struct iw_request_info *info,
2308 struct iw_point *dwrq,
2309 char *extra)
2310{
2311 struct atmel_private *priv = netdev_priv(dev);
2312 int i;
2313 char *current_ev = extra;
2314 struct iw_event iwe;
2315
2316 if (priv->site_survey_state != SITE_SURVEY_COMPLETED)
2317 return -EAGAIN;
2318
2319 for (i = 0; i < priv->BSS_list_entries; i++) {
2320 iwe.cmd = SIOCGIWAP;
2321 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2322 memcpy(iwe.u.ap_addr.sa_data, priv->BSSinfo[i].BSSID, 6);
2323 current_ev = iwe_stream_add_event(current_ev, extra + IW_SCAN_MAX_DATA, &iwe, IW_EV_ADDR_LEN);
2324
2325 iwe.u.data.length = priv->BSSinfo[i].SSIDsize;
2326 if (iwe.u.data.length > 32)
2327 iwe.u.data.length = 32;
2328 iwe.cmd = SIOCGIWESSID;
2329 iwe.u.data.flags = 1;
2330 current_ev = iwe_stream_add_point(current_ev, extra + IW_SCAN_MAX_DATA, &iwe, priv->BSSinfo[i].SSID);
2331
2332 iwe.cmd = SIOCGIWMODE;
2333 iwe.u.mode = priv->BSSinfo[i].BSStype;
2334 current_ev = iwe_stream_add_event(current_ev, extra + IW_SCAN_MAX_DATA, &iwe, IW_EV_UINT_LEN);
2335
2336 iwe.cmd = SIOCGIWFREQ;
2337 iwe.u.freq.m = priv->BSSinfo[i].channel;
2338 iwe.u.freq.e = 0;
2339 current_ev = iwe_stream_add_event(current_ev, extra + IW_SCAN_MAX_DATA, &iwe, IW_EV_FREQ_LEN);
2340
2341 /* Add quality statistics */
2342 iwe.cmd = IWEVQUAL;
2343 iwe.u.qual.level = priv->BSSinfo[i].RSSI;
2344 iwe.u.qual.qual = iwe.u.qual.level;
2345 /* iwe.u.qual.noise = SOMETHING */
2346 current_ev = iwe_stream_add_event(current_ev, extra + IW_SCAN_MAX_DATA , &iwe, IW_EV_QUAL_LEN);
2347
2348
2349 iwe.cmd = SIOCGIWENCODE;
2350 if (priv->BSSinfo[i].UsingWEP)
2351 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2352 else
2353 iwe.u.data.flags = IW_ENCODE_DISABLED;
2354 iwe.u.data.length = 0;
2355 current_ev = iwe_stream_add_point(current_ev, extra + IW_SCAN_MAX_DATA, &iwe, NULL);
2356 }
2357
2358 /* Length of data */
2359 dwrq->length = (current_ev - extra);
2360 dwrq->flags = 0;
2361
2362 return 0;
2363}
2364
2365static int atmel_get_range(struct net_device *dev,
2366 struct iw_request_info *info,
2367 struct iw_point *dwrq,
2368 char *extra)
2369{
2370 struct atmel_private *priv = netdev_priv(dev);
2371 struct iw_range *range = (struct iw_range *) extra;
2372 int k, i, j;
2373
2374 dwrq->length = sizeof(struct iw_range);
2375 memset(range, 0, sizeof(struct iw_range));
2376 range->min_nwid = 0x0000;
2377 range->max_nwid = 0x0000;
2378 range->num_channels = 0;
2379 for (j = 0; j < ARRAY_SIZE(channel_table); j++)
2380 if (priv->reg_domain == channel_table[j].reg_domain) {
2381 range->num_channels = channel_table[j].max - channel_table[j].min + 1;
2382 break;
2383 }
2384 if (range->num_channels != 0) {
2385 for (k = 0, i = channel_table[j].min; i <= channel_table[j].max; i++) {
2386 range->freq[k].i = i; /* List index */
2387 range->freq[k].m = frequency_list[i - 1] * 100000;
2388 range->freq[k++].e = 1; /* Values in table in MHz -> * 10^5 * 10 */
2389 }
2390 range->num_frequency = k;
2391 }
2392
2393 range->max_qual.qual = 100;
2394 range->max_qual.level = 100;
2395 range->max_qual.noise = 0;
2396 range->max_qual.updated = IW_QUAL_NOISE_INVALID;
2397
2398 range->avg_qual.qual = 50;
2399 range->avg_qual.level = 50;
2400 range->avg_qual.noise = 0;
2401 range->avg_qual.updated = IW_QUAL_NOISE_INVALID;
2402
2403 range->sensitivity = 0;
2404
2405 range->bitrate[0] = 1000000;
2406 range->bitrate[1] = 2000000;
2407 range->bitrate[2] = 5500000;
2408 range->bitrate[3] = 11000000;
2409 range->num_bitrates = 4;
2410
2411 range->min_rts = 0;
2412 range->max_rts = 2347;
2413 range->min_frag = 256;
2414 range->max_frag = 2346;
2415
2416 range->encoding_size[0] = 5;
2417 range->encoding_size[1] = 13;
2418 range->num_encoding_sizes = 2;
2419 range->max_encoding_tokens = 4;
2420
2421 range->pmp_flags = IW_POWER_ON;
2422 range->pmt_flags = IW_POWER_ON;
2423 range->pm_capa = 0;
2424
2425 range->we_version_source = WIRELESS_EXT;
2426 range->we_version_compiled = WIRELESS_EXT;
2427 range->retry_capa = IW_RETRY_LIMIT ;
2428 range->retry_flags = IW_RETRY_LIMIT;
2429 range->r_time_flags = 0;
2430 range->min_retry = 1;
2431 range->max_retry = 65535;
2432
2433 return 0;
2434}
2435
2436static int atmel_set_wap(struct net_device *dev,
2437 struct iw_request_info *info,
2438 struct sockaddr *awrq,
2439 char *extra)
2440{
2441 struct atmel_private *priv = netdev_priv(dev);
2442 int i;
2443 static const u8 any[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
2444 static const u8 off[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
2445 unsigned long flags;
2446
2447 if (awrq->sa_family != ARPHRD_ETHER)
2448 return -EINVAL;
2449
2450 if (!memcmp(any, awrq->sa_data, 6) ||
2451 !memcmp(off, awrq->sa_data, 6)) {
2452 del_timer_sync(&priv->management_timer);
2453 spin_lock_irqsave(&priv->irqlock, flags);
2454 atmel_scan(priv, 1);
2455 spin_unlock_irqrestore(&priv->irqlock, flags);
2456 return 0;
2457 }
2458
2459 for (i = 0; i < priv->BSS_list_entries; i++) {
2460 if (memcmp(priv->BSSinfo[i].BSSID, awrq->sa_data, 6) == 0) {
2461 if (!priv->wep_is_on && priv->BSSinfo[i].UsingWEP) {
2462 return -EINVAL;
2463 } else if (priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) {
2464 return -EINVAL;
2465 } else {
2466 del_timer_sync(&priv->management_timer);
2467 spin_lock_irqsave(&priv->irqlock, flags);
2468 atmel_join_bss(priv, i);
2469 spin_unlock_irqrestore(&priv->irqlock, flags);
2470 return 0;
2471 }
2472 }
2473 }
2474
2475 return -EINVAL;
2476}
2477
2478static int atmel_config_commit(struct net_device *dev,
2479 struct iw_request_info *info, /* NULL */
2480 void *zwrq, /* NULL */
2481 char *extra) /* NULL */
2482{
2483 return atmel_open(dev);
2484}
2485
2486static const iw_handler atmel_handler[] =
2487{
2488 (iw_handler) atmel_config_commit, /* SIOCSIWCOMMIT */
2489 (iw_handler) atmel_get_name, /* SIOCGIWNAME */
2490 (iw_handler) NULL, /* SIOCSIWNWID */
2491 (iw_handler) NULL, /* SIOCGIWNWID */
2492 (iw_handler) atmel_set_freq, /* SIOCSIWFREQ */
2493 (iw_handler) atmel_get_freq, /* SIOCGIWFREQ */
2494 (iw_handler) atmel_set_mode, /* SIOCSIWMODE */
2495 (iw_handler) atmel_get_mode, /* SIOCGIWMODE */
2496 (iw_handler) NULL, /* SIOCSIWSENS */
2497 (iw_handler) NULL, /* SIOCGIWSENS */
2498 (iw_handler) NULL, /* SIOCSIWRANGE */
2499 (iw_handler) atmel_get_range, /* SIOCGIWRANGE */
2500 (iw_handler) NULL, /* SIOCSIWPRIV */
2501 (iw_handler) NULL, /* SIOCGIWPRIV */
2502 (iw_handler) NULL, /* SIOCSIWSTATS */
2503 (iw_handler) NULL, /* SIOCGIWSTATS */
2504 (iw_handler) NULL, /* SIOCSIWSPY */
2505 (iw_handler) NULL, /* SIOCGIWSPY */
2506 (iw_handler) NULL, /* -- hole -- */
2507 (iw_handler) NULL, /* -- hole -- */
2508 (iw_handler) atmel_set_wap, /* SIOCSIWAP */
2509 (iw_handler) atmel_get_wap, /* SIOCGIWAP */
2510 (iw_handler) NULL, /* -- hole -- */
2511 (iw_handler) NULL, /* SIOCGIWAPLIST */
2512 (iw_handler) atmel_set_scan, /* SIOCSIWSCAN */
2513 (iw_handler) atmel_get_scan, /* SIOCGIWSCAN */
2514 (iw_handler) atmel_set_essid, /* SIOCSIWESSID */
2515 (iw_handler) atmel_get_essid, /* SIOCGIWESSID */
2516 (iw_handler) NULL, /* SIOCSIWNICKN */
2517 (iw_handler) NULL, /* SIOCGIWNICKN */
2518 (iw_handler) NULL, /* -- hole -- */
2519 (iw_handler) NULL, /* -- hole -- */
2520 (iw_handler) atmel_set_rate, /* SIOCSIWRATE */
2521 (iw_handler) atmel_get_rate, /* SIOCGIWRATE */
2522 (iw_handler) atmel_set_rts, /* SIOCSIWRTS */
2523 (iw_handler) atmel_get_rts, /* SIOCGIWRTS */
2524 (iw_handler) atmel_set_frag, /* SIOCSIWFRAG */
2525 (iw_handler) atmel_get_frag, /* SIOCGIWFRAG */
2526 (iw_handler) NULL, /* SIOCSIWTXPOW */
2527 (iw_handler) NULL, /* SIOCGIWTXPOW */
2528 (iw_handler) atmel_set_retry, /* SIOCSIWRETRY */
2529 (iw_handler) atmel_get_retry, /* SIOCGIWRETRY */
2530 (iw_handler) atmel_set_encode, /* SIOCSIWENCODE */
2531 (iw_handler) atmel_get_encode, /* SIOCGIWENCODE */
2532 (iw_handler) atmel_set_power, /* SIOCSIWPOWER */
2533 (iw_handler) atmel_get_power, /* SIOCGIWPOWER */
2534 (iw_handler) NULL, /* -- hole -- */
2535 (iw_handler) NULL, /* -- hole -- */
2536 (iw_handler) NULL, /* SIOCSIWGENIE */
2537 (iw_handler) NULL, /* SIOCGIWGENIE */
2538 (iw_handler) atmel_set_auth, /* SIOCSIWAUTH */
2539 (iw_handler) atmel_get_auth, /* SIOCGIWAUTH */
2540 (iw_handler) atmel_set_encodeext, /* SIOCSIWENCODEEXT */
2541 (iw_handler) atmel_get_encodeext, /* SIOCGIWENCODEEXT */
2542 (iw_handler) NULL, /* SIOCSIWPMKSA */
2543};
2544
2545static const iw_handler atmel_private_handler[] =
2546{
2547 NULL, /* SIOCIWFIRSTPRIV */
2548};
2549
2550typedef struct atmel_priv_ioctl {
2551 char id[32];
2552 unsigned char __user *data;
2553 unsigned short len;
2554} atmel_priv_ioctl;
2555
2556#define ATMELFWL SIOCIWFIRSTPRIV
2557#define ATMELIDIFC ATMELFWL + 1
2558#define ATMELRD ATMELFWL + 2
2559#define ATMELMAGIC 0x51807
2560#define REGDOMAINSZ 20
2561
2562static const struct iw_priv_args atmel_private_args[] = {
2563 {
2564 .cmd = ATMELFWL,
2565 .set_args = IW_PRIV_TYPE_BYTE
2566 | IW_PRIV_SIZE_FIXED
2567 | sizeof (atmel_priv_ioctl),
2568 .get_args = IW_PRIV_TYPE_NONE,
2569 .name = "atmelfwl"
2570 }, {
2571 .cmd = ATMELIDIFC,
2572 .set_args = IW_PRIV_TYPE_NONE,
2573 .get_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
2574 .name = "atmelidifc"
2575 }, {
2576 .cmd = ATMELRD,
2577 .set_args = IW_PRIV_TYPE_CHAR | REGDOMAINSZ,
2578 .get_args = IW_PRIV_TYPE_NONE,
2579 .name = "regdomain"
2580 },
2581};
2582
2583static const struct iw_handler_def atmel_handler_def =
2584{
2585 .num_standard = ARRAY_SIZE(atmel_handler),
2586 .num_private = ARRAY_SIZE(atmel_private_handler),
2587 .num_private_args = ARRAY_SIZE(atmel_private_args),
2588 .standard = (iw_handler *) atmel_handler,
2589 .private = (iw_handler *) atmel_private_handler,
2590 .private_args = (struct iw_priv_args *) atmel_private_args,
2591 .get_wireless_stats = atmel_get_wireless_stats
2592};
2593
2594static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
2595{
2596 int i, rc = 0;
2597 struct atmel_private *priv = netdev_priv(dev);
2598 atmel_priv_ioctl com;
2599 struct iwreq *wrq = (struct iwreq *) rq;
2600 unsigned char *new_firmware;
2601 char domain[REGDOMAINSZ + 1];
2602
2603 switch (cmd) {
2604 case ATMELIDIFC:
2605 wrq->u.param.value = ATMELMAGIC;
2606 break;
2607
2608 case ATMELFWL:
2609 if (copy_from_user(&com, rq->ifr_data, sizeof(com))) {
2610 rc = -EFAULT;
2611 break;
2612 }
2613
2614 if (!capable(CAP_NET_ADMIN)) {
2615 rc = -EPERM;
2616 break;
2617 }
2618
2619 if (!(new_firmware = kmalloc(com.len, GFP_KERNEL))) {
2620 rc = -ENOMEM;
2621 break;
2622 }
2623
2624 if (copy_from_user(new_firmware, com.data, com.len)) {
2625 kfree(new_firmware);
2626 rc = -EFAULT;
2627 break;
2628 }
2629
2630 kfree(priv->firmware);
2631
2632 priv->firmware = new_firmware;
2633 priv->firmware_length = com.len;
2634 strncpy(priv->firmware_id, com.id, 31);
2635 priv->firmware_id[31] = '\0';
2636 break;
2637
2638 case ATMELRD:
2639 if (copy_from_user(domain, rq->ifr_data, REGDOMAINSZ)) {
2640 rc = -EFAULT;
2641 break;
2642 }
2643
2644 if (!capable(CAP_NET_ADMIN)) {
2645 rc = -EPERM;
2646 break;
2647 }
2648
2649 domain[REGDOMAINSZ] = 0;
2650 rc = -EINVAL;
2651 for (i = 0; i < ARRAY_SIZE(channel_table); i++) {
2652 /* strcasecmp doesn't exist in the library */
2653 char *a = channel_table[i].name;
2654 char *b = domain;
2655 while (*a) {
2656 char c1 = *a++;
2657 char c2 = *b++;
2658 if (tolower(c1) != tolower(c2))
2659 break;
2660 }
2661 if (!*a && !*b) {
2662 priv->config_reg_domain = channel_table[i].reg_domain;
2663 rc = 0;
2664 }
2665 }
2666
2667 if (rc == 0 && priv->station_state != STATION_STATE_DOWN)
2668 rc = atmel_open(dev);
2669 break;
2670
2671 default:
2672 rc = -EOPNOTSUPP;
2673 }
2674
2675 return rc;
2676}
2677
2678struct auth_body {
2679 __le16 alg;
2680 __le16 trans_seq;
2681 __le16 status;
2682 u8 el_id;
2683 u8 chall_text_len;
2684 u8 chall_text[253];
2685};
2686
2687static void atmel_enter_state(struct atmel_private *priv, int new_state)
2688{
2689 int old_state = priv->station_state;
2690
2691 if (new_state == old_state)
2692 return;
2693
2694 priv->station_state = new_state;
2695
2696 if (new_state == STATION_STATE_READY) {
2697 netif_start_queue(priv->dev);
2698 netif_carrier_on(priv->dev);
2699 }
2700
2701 if (old_state == STATION_STATE_READY) {
2702 netif_carrier_off(priv->dev);
2703 if (netif_running(priv->dev))
2704 netif_stop_queue(priv->dev);
2705 priv->last_beacon_timestamp = 0;
2706 }
2707}
2708
2709static void atmel_scan(struct atmel_private *priv, int specific_ssid)
2710{
2711 struct {
2712 u8 BSSID[6];
2713 u8 SSID[MAX_SSID_LENGTH];
2714 u8 scan_type;
2715 u8 channel;
2716 __le16 BSS_type;
2717 __le16 min_channel_time;
2718 __le16 max_channel_time;
2719 u8 options;
2720 u8 SSID_size;
2721 } cmd;
2722
2723 memset(cmd.BSSID, 0xff, 6);
2724
2725 if (priv->fast_scan) {
2726 cmd.SSID_size = priv->SSID_size;
2727 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2728 cmd.min_channel_time = cpu_to_le16(10);
2729 cmd.max_channel_time = cpu_to_le16(50);
2730 } else {
2731 priv->BSS_list_entries = 0;
2732 cmd.SSID_size = 0;
2733 cmd.min_channel_time = cpu_to_le16(10);
2734 cmd.max_channel_time = cpu_to_le16(120);
2735 }
2736
2737 cmd.options = 0;
2738
2739 if (!specific_ssid)
2740 cmd.options |= SCAN_OPTIONS_SITE_SURVEY;
2741
2742 cmd.channel = (priv->channel & 0x7f);
2743 cmd.scan_type = SCAN_TYPE_ACTIVE;
2744 cmd.BSS_type = cpu_to_le16(priv->operating_mode == IW_MODE_ADHOC ?
2745 BSS_TYPE_AD_HOC : BSS_TYPE_INFRASTRUCTURE);
2746
2747 atmel_send_command(priv, CMD_Scan, &cmd, sizeof(cmd));
2748
2749 /* This must come after all hardware access to avoid being messed up
2750 by stuff happening in interrupt context after we leave STATE_DOWN */
2751 atmel_enter_state(priv, STATION_STATE_SCANNING);
2752}
2753
2754static void join(struct atmel_private *priv, int type)
2755{
2756 struct {
2757 u8 BSSID[6];
2758 u8 SSID[MAX_SSID_LENGTH];
2759 u8 BSS_type; /* this is a short in a scan command - weird */
2760 u8 channel;
2761 __le16 timeout;
2762 u8 SSID_size;
2763 u8 reserved;
2764 } cmd;
2765
2766 cmd.SSID_size = priv->SSID_size;
2767 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2768 memcpy(cmd.BSSID, priv->CurrentBSSID, 6);
2769 cmd.channel = (priv->channel & 0x7f);
2770 cmd.BSS_type = type;
2771 cmd.timeout = cpu_to_le16(2000);
2772
2773 atmel_send_command(priv, CMD_Join, &cmd, sizeof(cmd));
2774}
2775
2776static void start(struct atmel_private *priv, int type)
2777{
2778 struct {
2779 u8 BSSID[6];
2780 u8 SSID[MAX_SSID_LENGTH];
2781 u8 BSS_type;
2782 u8 channel;
2783 u8 SSID_size;
2784 u8 reserved[3];
2785 } cmd;
2786
2787 cmd.SSID_size = priv->SSID_size;
2788 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2789 memcpy(cmd.BSSID, priv->BSSID, 6);
2790 cmd.BSS_type = type;
2791 cmd.channel = (priv->channel & 0x7f);
2792
2793 atmel_send_command(priv, CMD_Start, &cmd, sizeof(cmd));
2794}
2795
2796static void handle_beacon_probe(struct atmel_private *priv, u16 capability,
2797 u8 channel)
2798{
2799 int rejoin = 0;
2800 int new = capability & MFIE_TYPE_POWER_CONSTRAINT ?
2801 SHORT_PREAMBLE : LONG_PREAMBLE;
2802
2803 if (priv->preamble != new) {
2804 priv->preamble = new;
2805 rejoin = 1;
2806 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, new);
2807 }
2808
2809 if (priv->channel != channel) {
2810 priv->channel = channel;
2811 rejoin = 1;
2812 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_CHANNEL_POS, channel);
2813 }
2814
2815 if (rejoin) {
2816 priv->station_is_associated = 0;
2817 atmel_enter_state(priv, STATION_STATE_JOINNING);
2818
2819 if (priv->operating_mode == IW_MODE_INFRA)
2820 join(priv, BSS_TYPE_INFRASTRUCTURE);
2821 else
2822 join(priv, BSS_TYPE_AD_HOC);
2823 }
2824}
2825
2826static void send_authentication_request(struct atmel_private *priv, u16 system,
2827 u8 *challenge, int challenge_len)
2828{
2829 struct ieee80211_hdr_4addr header;
2830 struct auth_body auth;
2831
2832 header.frame_ctl = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH);
2833 header.duration_id = cpu_to_le16(0x8000);
2834 header.seq_ctl = 0;
2835 memcpy(header.addr1, priv->CurrentBSSID, 6);
2836 memcpy(header.addr2, priv->dev->dev_addr, 6);
2837 memcpy(header.addr3, priv->CurrentBSSID, 6);
2838
2839 if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1)
2840 /* no WEP for authentication frames with TrSeqNo 1 */
2841 header.frame_ctl |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
2842
2843 auth.alg = cpu_to_le16(system);
2844
2845 auth.status = 0;
2846 auth.trans_seq = cpu_to_le16(priv->CurrentAuthentTransactionSeqNum);
2847 priv->ExpectedAuthentTransactionSeqNum = priv->CurrentAuthentTransactionSeqNum+1;
2848 priv->CurrentAuthentTransactionSeqNum += 2;
2849
2850 if (challenge_len != 0) {
2851 auth.el_id = 16; /* challenge_text */
2852 auth.chall_text_len = challenge_len;
2853 memcpy(auth.chall_text, challenge, challenge_len);
2854 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 8 + challenge_len);
2855 } else {
2856 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 6);
2857 }
2858}
2859
2860static void send_association_request(struct atmel_private *priv, int is_reassoc)
2861{
2862 u8 *ssid_el_p;
2863 int bodysize;
2864 struct ieee80211_hdr_4addr header;
2865 struct ass_req_format {
2866 __le16 capability;
2867 __le16 listen_interval;
2868 u8 ap[6]; /* nothing after here directly accessible */
2869 u8 ssid_el_id;
2870 u8 ssid_len;
2871 u8 ssid[MAX_SSID_LENGTH];
2872 u8 sup_rates_el_id;
2873 u8 sup_rates_len;
2874 u8 rates[4];
2875 } body;
2876
2877 header.frame_ctl = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2878 (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ));
2879 header.duration_id = cpu_to_le16(0x8000);
2880 header.seq_ctl = 0;
2881
2882 memcpy(header.addr1, priv->CurrentBSSID, 6);
2883 memcpy(header.addr2, priv->dev->dev_addr, 6);
2884 memcpy(header.addr3, priv->CurrentBSSID, 6);
2885
2886 body.capability = cpu_to_le16(WLAN_CAPABILITY_ESS);
2887 if (priv->wep_is_on)
2888 body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY);
2889 if (priv->preamble == SHORT_PREAMBLE)
2890 body.capability |= cpu_to_le16(MFIE_TYPE_POWER_CONSTRAINT);
2891
2892 body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period);
2893
2894 /* current AP address - only in reassoc frame */
2895 if (is_reassoc) {
2896 memcpy(body.ap, priv->CurrentBSSID, 6);
2897 ssid_el_p = (u8 *)&body.ssid_el_id;
2898 bodysize = 18 + priv->SSID_size;
2899 } else {
2900 ssid_el_p = (u8 *)&body.ap[0];
2901 bodysize = 12 + priv->SSID_size;
2902 }
2903
2904 ssid_el_p[0] = MFIE_TYPE_SSID;
2905 ssid_el_p[1] = priv->SSID_size;
2906 memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size);
2907 ssid_el_p[2 + priv->SSID_size] = MFIE_TYPE_RATES;
2908 ssid_el_p[3 + priv->SSID_size] = 4; /* len of suported rates */
2909 memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4);
2910
2911 atmel_transmit_management_frame(priv, &header, (void *)&body, bodysize);
2912}
2913
2914static int is_frame_from_current_bss(struct atmel_private *priv,
2915 struct ieee80211_hdr_4addr *header)
2916{
2917 if (le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_FROMDS)
2918 return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0;
2919 else
2920 return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0;
2921}
2922
2923static int retrieve_bss(struct atmel_private *priv)
2924{
2925 int i;
2926 int max_rssi = -128;
2927 int max_index = -1;
2928
2929 if (priv->BSS_list_entries == 0)
2930 return -1;
2931
2932 if (priv->connect_to_any_BSS) {
2933 /* Select a BSS with the max-RSSI but of the same type and of
2934 the same WEP mode and that it is not marked as 'bad' (i.e.
2935 we had previously failed to connect to this BSS with the
2936 settings that we currently use) */
2937 priv->current_BSS = 0;
2938 for (i = 0; i < priv->BSS_list_entries; i++) {
2939 if (priv->operating_mode == priv->BSSinfo[i].BSStype &&
2940 ((!priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) ||
2941 (priv->wep_is_on && priv->BSSinfo[i].UsingWEP)) &&
2942 !(priv->BSSinfo[i].channel & 0x80)) {
2943 max_rssi = priv->BSSinfo[i].RSSI;
2944 priv->current_BSS = max_index = i;
2945 }
2946 }
2947 return max_index;
2948 }
2949
2950 for (i = 0; i < priv->BSS_list_entries; i++) {
2951 if (priv->SSID_size == priv->BSSinfo[i].SSIDsize &&
2952 memcmp(priv->SSID, priv->BSSinfo[i].SSID, priv->SSID_size) == 0 &&
2953 priv->operating_mode == priv->BSSinfo[i].BSStype &&
2954 atmel_validate_channel(priv, priv->BSSinfo[i].channel) == 0) {
2955 if (priv->BSSinfo[i].RSSI >= max_rssi) {
2956 max_rssi = priv->BSSinfo[i].RSSI;
2957 max_index = i;
2958 }
2959 }
2960 }
2961 return max_index;
2962}
2963
2964static void store_bss_info(struct atmel_private *priv,
2965 struct ieee80211_hdr_4addr *header, u16 capability,
2966 u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len,
2967 u8 *ssid, int is_beacon)
2968{
2969 u8 *bss = capability & WLAN_CAPABILITY_ESS ? header->addr2 : header->addr3;
2970 int i, index;
2971
2972 for (index = -1, i = 0; i < priv->BSS_list_entries; i++)
2973 if (memcmp(bss, priv->BSSinfo[i].BSSID, 6) == 0)
2974 index = i;
2975
2976 /* If we process a probe and an entry from this BSS exists
2977 we will update the BSS entry with the info from this BSS.
2978 If we process a beacon we will only update RSSI */
2979
2980 if (index == -1) {
2981 if (priv->BSS_list_entries == MAX_BSS_ENTRIES)
2982 return;
2983 index = priv->BSS_list_entries++;
2984 memcpy(priv->BSSinfo[index].BSSID, bss, 6);
2985 priv->BSSinfo[index].RSSI = rssi;
2986 } else {
2987 if (rssi > priv->BSSinfo[index].RSSI)
2988 priv->BSSinfo[index].RSSI = rssi;
2989 if (is_beacon)
2990 return;
2991 }
2992
2993 priv->BSSinfo[index].channel = channel;
2994 priv->BSSinfo[index].beacon_period = beacon_period;
2995 priv->BSSinfo[index].UsingWEP = capability & WLAN_CAPABILITY_PRIVACY;
2996 memcpy(priv->BSSinfo[index].SSID, ssid, ssid_len);
2997 priv->BSSinfo[index].SSIDsize = ssid_len;
2998
2999 if (capability & WLAN_CAPABILITY_IBSS)
3000 priv->BSSinfo[index].BSStype = IW_MODE_ADHOC;
3001 else if (capability & WLAN_CAPABILITY_ESS)
3002 priv->BSSinfo[index].BSStype =IW_MODE_INFRA;
3003
3004 priv->BSSinfo[index].preamble = capability & MFIE_TYPE_POWER_CONSTRAINT ?
3005 SHORT_PREAMBLE : LONG_PREAMBLE;
3006}
3007
3008static void authenticate(struct atmel_private *priv, u16 frame_len)
3009{
3010 struct auth_body *auth = (struct auth_body *)priv->rx_buf;
3011 u16 status = le16_to_cpu(auth->status);
3012 u16 trans_seq_no = le16_to_cpu(auth->trans_seq);
3013 u16 system = le16_to_cpu(auth->alg);
3014
3015 if (status == WLAN_STATUS_SUCCESS && !priv->wep_is_on) {
3016 /* no WEP */
3017 if (priv->station_was_associated) {
3018 atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3019 send_association_request(priv, 1);
3020 return;
3021 } else {
3022 atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3023 send_association_request(priv, 0);
3024 return;
3025 }
3026 }
3027
3028 if (status == WLAN_STATUS_SUCCESS && priv->wep_is_on) {
3029 int should_associate = 0;
3030 /* WEP */
3031 if (trans_seq_no != priv->ExpectedAuthentTransactionSeqNum)
3032 return;
3033
3034 if (system == WLAN_AUTH_OPEN) {
3035 if (trans_seq_no == 0x0002) {
3036 should_associate = 1;
3037 }
3038 } else if (system == WLAN_AUTH_SHARED_KEY) {
3039 if (trans_seq_no == 0x0002 &&
3040 auth->el_id == MFIE_TYPE_CHALLENGE) {
3041 send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len);
3042 return;
3043 } else if (trans_seq_no == 0x0004) {
3044 should_associate = 1;
3045 }
3046 }
3047
3048 if (should_associate) {
3049 if(priv->station_was_associated) {
3050 atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3051 send_association_request(priv, 1);
3052 return;
3053 } else {
3054 atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3055 send_association_request(priv, 0);
3056 return;
3057 }
3058 }
3059 }
3060
3061 if (status == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
3062 /* Do opensystem first, then try sharedkey */
3063 if (system == WLAN_AUTH_OPEN) {
3064 priv->CurrentAuthentTransactionSeqNum = 0x001;
3065 priv->exclude_unencrypted = 1;
3066 send_authentication_request(priv, WLAN_AUTH_SHARED_KEY, NULL, 0);
3067 return;
3068 } else if (priv->connect_to_any_BSS) {
3069 int bss_index;
3070
3071 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3072
3073 if ((bss_index = retrieve_bss(priv)) != -1) {
3074 atmel_join_bss(priv, bss_index);
3075 return;
3076 }
3077 }
3078 }
3079
3080 priv->AuthenticationRequestRetryCnt = 0;
3081 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3082 priv->station_is_associated = 0;
3083}
3084
3085static void associate(struct atmel_private *priv, u16 frame_len, u16 subtype)
3086{
3087 struct ass_resp_format {
3088 __le16 capability;
3089 __le16 status;
3090 __le16 ass_id;
3091 u8 el_id;
3092 u8 length;
3093 u8 rates[4];
3094 } *ass_resp = (struct ass_resp_format *)priv->rx_buf;
3095
3096 u16 status = le16_to_cpu(ass_resp->status);
3097 u16 ass_id = le16_to_cpu(ass_resp->ass_id);
3098 u16 rates_len = ass_resp->length > 4 ? 4 : ass_resp->length;
3099
3100 union iwreq_data wrqu;
3101
3102 if (frame_len < 8 + rates_len)
3103 return;
3104
3105 if (status == WLAN_STATUS_SUCCESS) {
3106 if (subtype == IEEE80211_STYPE_ASSOC_RESP)
3107 priv->AssociationRequestRetryCnt = 0;
3108 else
3109 priv->ReAssociationRequestRetryCnt = 0;
3110
3111 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3112 MAC_MGMT_MIB_STATION_ID_POS, ass_id & 0x3fff);
3113 atmel_set_mib(priv, Phy_Mib_Type,
3114 PHY_MIB_RATE_SET_POS, ass_resp->rates, rates_len);
3115 if (priv->power_mode == 0) {
3116 priv->listen_interval = 1;
3117 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3118 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3119 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3120 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3121 } else {
3122 priv->listen_interval = 2;
3123 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3124 MAC_MGMT_MIB_PS_MODE_POS, PS_MODE);
3125 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3126 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 2);
3127 }
3128
3129 priv->station_is_associated = 1;
3130 priv->station_was_associated = 1;
3131 atmel_enter_state(priv, STATION_STATE_READY);
3132
3133 /* Send association event to userspace */
3134 wrqu.data.length = 0;
3135 wrqu.data.flags = 0;
3136 memcpy(wrqu.ap_addr.sa_data, priv->CurrentBSSID, ETH_ALEN);
3137 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
3138 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
3139
3140 return;
3141 }
3142
3143 if (subtype == IEEE80211_STYPE_ASSOC_RESP &&
3144 status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3145 status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3146 priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3147 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3148 priv->AssociationRequestRetryCnt++;
3149 send_association_request(priv, 0);
3150 return;
3151 }
3152
3153 if (subtype == IEEE80211_STYPE_REASSOC_RESP &&
3154 status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3155 status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3156 priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3157 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3158 priv->ReAssociationRequestRetryCnt++;
3159 send_association_request(priv, 1);
3160 return;
3161 }
3162
3163 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3164 priv->station_is_associated = 0;
3165
3166 if (priv->connect_to_any_BSS) {
3167 int bss_index;
3168 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3169
3170 if ((bss_index = retrieve_bss(priv)) != -1)
3171 atmel_join_bss(priv, bss_index);
3172 }
3173}
3174
3175void atmel_join_bss(struct atmel_private *priv, int bss_index)
3176{
3177 struct bss_info *bss = &priv->BSSinfo[bss_index];
3178
3179 memcpy(priv->CurrentBSSID, bss->BSSID, 6);
3180 memcpy(priv->SSID, bss->SSID, priv->SSID_size = bss->SSIDsize);
3181
3182 /* The WPA stuff cares about the current AP address */
3183 if (priv->use_wpa)
3184 build_wpa_mib(priv);
3185
3186 /* When switching to AdHoc turn OFF Power Save if needed */
3187
3188 if (bss->BSStype == IW_MODE_ADHOC &&
3189 priv->operating_mode != IW_MODE_ADHOC &&
3190 priv->power_mode) {
3191 priv->power_mode = 0;
3192 priv->listen_interval = 1;
3193 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3194 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3195 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3196 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3197 }
3198
3199 priv->operating_mode = bss->BSStype;
3200 priv->channel = bss->channel & 0x7f;
3201 priv->beacon_period = bss->beacon_period;
3202
3203 if (priv->preamble != bss->preamble) {
3204 priv->preamble = bss->preamble;
3205 atmel_set_mib8(priv, Local_Mib_Type,
3206 LOCAL_MIB_PREAMBLE_TYPE, bss->preamble);
3207 }
3208
3209 if (!priv->wep_is_on && bss->UsingWEP) {
3210 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3211 priv->station_is_associated = 0;
3212 return;
3213 }
3214
3215 if (priv->wep_is_on && !bss->UsingWEP) {
3216 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3217 priv->station_is_associated = 0;
3218 return;
3219 }
3220
3221 atmel_enter_state(priv, STATION_STATE_JOINNING);
3222
3223 if (priv->operating_mode == IW_MODE_INFRA)
3224 join(priv, BSS_TYPE_INFRASTRUCTURE);
3225 else
3226 join(priv, BSS_TYPE_AD_HOC);
3227}
3228
3229static void restart_search(struct atmel_private *priv)
3230{
3231 int bss_index;
3232
3233 if (!priv->connect_to_any_BSS) {
3234 atmel_scan(priv, 1);
3235 } else {
3236 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3237
3238 if ((bss_index = retrieve_bss(priv)) != -1)
3239 atmel_join_bss(priv, bss_index);
3240 else
3241 atmel_scan(priv, 0);
3242 }
3243}
3244
3245static void smooth_rssi(struct atmel_private *priv, u8 rssi)
3246{
3247 u8 old = priv->wstats.qual.level;
3248 u8 max_rssi = 42; /* 502-rmfd-revd max by experiment, default for now */
3249
3250 switch (priv->firmware_type) {
3251 case ATMEL_FW_TYPE_502E:
3252 max_rssi = 63; /* 502-rmfd-reve max by experiment */
3253 break;
3254 default:
3255 break;
3256 }
3257
3258 rssi = rssi * 100 / max_rssi;
3259 if ((rssi + old) % 2)
3260 priv->wstats.qual.level = (rssi + old) / 2 + 1;
3261 else
3262 priv->wstats.qual.level = (rssi + old) / 2;
3263 priv->wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
3264 priv->wstats.qual.updated &= ~IW_QUAL_LEVEL_INVALID;
3265}
3266
3267static void atmel_smooth_qual(struct atmel_private *priv)
3268{
3269 unsigned long time_diff = (jiffies - priv->last_qual) / HZ;
3270 while (time_diff--) {
3271 priv->last_qual += HZ;
3272 priv->wstats.qual.qual = priv->wstats.qual.qual / 2;
3273 priv->wstats.qual.qual +=
3274 priv->beacons_this_sec * priv->beacon_period * (priv->wstats.qual.level + 100) / 4000;
3275 priv->beacons_this_sec = 0;
3276 }
3277 priv->wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
3278 priv->wstats.qual.updated &= ~IW_QUAL_QUAL_INVALID;
3279}
3280
3281/* deals with incoming managment frames. */
3282static void atmel_management_frame(struct atmel_private *priv,
3283 struct ieee80211_hdr_4addr *header,
3284 u16 frame_len, u8 rssi)
3285{
3286 u16 subtype;
3287
3288 subtype = le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_STYPE;
3289 switch (subtype) {
3290 case IEEE80211_STYPE_BEACON:
3291 case IEEE80211_STYPE_PROBE_RESP:
3292
3293 /* beacon frame has multiple variable-length fields -
3294 never let an engineer loose with a data structure design. */
3295 {
3296 struct beacon_format {
3297 __le64 timestamp;
3298 __le16 interval;
3299 __le16 capability;
3300 u8 ssid_el_id;
3301 u8 ssid_length;
3302 /* ssid here */
3303 u8 rates_el_id;
3304 u8 rates_length;
3305 /* rates here */
3306 u8 ds_el_id;
3307 u8 ds_length;
3308 /* ds here */
3309 } *beacon = (struct beacon_format *)priv->rx_buf;
3310
3311 u8 channel, rates_length, ssid_length;
3312 u64 timestamp = le64_to_cpu(beacon->timestamp);
3313 u16 beacon_interval = le16_to_cpu(beacon->interval);
3314 u16 capability = le16_to_cpu(beacon->capability);
3315 u8 *beaconp = priv->rx_buf;
3316 ssid_length = beacon->ssid_length;
3317 /* this blows chunks. */
3318 if (frame_len < 14 || frame_len < ssid_length + 15)
3319 return;
3320 rates_length = beaconp[beacon->ssid_length + 15];
3321 if (frame_len < ssid_length + rates_length + 18)
3322 return;
3323 if (ssid_length > MAX_SSID_LENGTH)
3324 return;
3325 channel = beaconp[ssid_length + rates_length + 18];
3326
3327 if (priv->station_state == STATION_STATE_READY) {
3328 smooth_rssi(priv, rssi);
3329 if (is_frame_from_current_bss(priv, header)) {
3330 priv->beacons_this_sec++;
3331 atmel_smooth_qual(priv);
3332 if (priv->last_beacon_timestamp) {
3333 /* Note truncate this to 32 bits - kernel can't divide a long long */
3334 u32 beacon_delay = timestamp - priv->last_beacon_timestamp;
3335 int beacons = beacon_delay / (beacon_interval * 1000);
3336 if (beacons > 1)
3337 priv->wstats.miss.beacon += beacons - 1;
3338 }
3339 priv->last_beacon_timestamp = timestamp;
3340 handle_beacon_probe(priv, capability, channel);
3341 }
3342 }
3343
3344 if (priv->station_state == STATION_STATE_SCANNING)
3345 store_bss_info(priv, header, capability,
3346 beacon_interval, channel, rssi,
3347 ssid_length,
3348 &beacon->rates_el_id,
3349 subtype == IEEE80211_STYPE_BEACON);
3350 }
3351 break;
3352
3353 case IEEE80211_STYPE_AUTH:
3354
3355 if (priv->station_state == STATION_STATE_AUTHENTICATING)
3356 authenticate(priv, frame_len);
3357
3358 break;
3359
3360 case IEEE80211_STYPE_ASSOC_RESP:
3361 case IEEE80211_STYPE_REASSOC_RESP:
3362
3363 if (priv->station_state == STATION_STATE_ASSOCIATING ||
3364 priv->station_state == STATION_STATE_REASSOCIATING)
3365 associate(priv, frame_len, subtype);
3366
3367 break;
3368
3369 case IEEE80211_STYPE_DISASSOC:
3370 if (priv->station_is_associated &&
3371 priv->operating_mode == IW_MODE_INFRA &&
3372 is_frame_from_current_bss(priv, header)) {
3373 priv->station_was_associated = 0;
3374 priv->station_is_associated = 0;
3375
3376 atmel_enter_state(priv, STATION_STATE_JOINNING);
3377 join(priv, BSS_TYPE_INFRASTRUCTURE);
3378 }
3379
3380 break;
3381
3382 case IEEE80211_STYPE_DEAUTH:
3383 if (priv->operating_mode == IW_MODE_INFRA &&
3384 is_frame_from_current_bss(priv, header)) {
3385 priv->station_was_associated = 0;
3386
3387 atmel_enter_state(priv, STATION_STATE_JOINNING);
3388 join(priv, BSS_TYPE_INFRASTRUCTURE);
3389 }
3390
3391 break;
3392 }
3393}
3394
3395/* run when timer expires */
3396static void atmel_management_timer(u_long a)
3397{
3398 struct net_device *dev = (struct net_device *) a;
3399 struct atmel_private *priv = netdev_priv(dev);
3400 unsigned long flags;
3401
3402 /* Check if the card has been yanked. */
3403 if (priv->card && priv->present_callback &&
3404 !(*priv->present_callback)(priv->card))
3405 return;
3406
3407 spin_lock_irqsave(&priv->irqlock, flags);
3408
3409 switch (priv->station_state) {
3410
3411 case STATION_STATE_AUTHENTICATING:
3412 if (priv->AuthenticationRequestRetryCnt >= MAX_AUTHENTICATION_RETRIES) {
3413 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3414 priv->station_is_associated = 0;
3415 priv->AuthenticationRequestRetryCnt = 0;
3416 restart_search(priv);
3417 } else {
3418 int auth = WLAN_AUTH_OPEN;
3419 priv->AuthenticationRequestRetryCnt++;
3420 priv->CurrentAuthentTransactionSeqNum = 0x0001;
3421 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3422 if (priv->wep_is_on && priv->exclude_unencrypted)
3423 auth = WLAN_AUTH_SHARED_KEY;
3424 send_authentication_request(priv, auth, NULL, 0);
3425 }
3426 break;
3427
3428 case STATION_STATE_ASSOCIATING:
3429 if (priv->AssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3430 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3431 priv->station_is_associated = 0;
3432 priv->AssociationRequestRetryCnt = 0;
3433 restart_search(priv);
3434 } else {
3435 priv->AssociationRequestRetryCnt++;
3436 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3437 send_association_request(priv, 0);
3438 }
3439 break;
3440
3441 case STATION_STATE_REASSOCIATING:
3442 if (priv->ReAssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3443 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3444 priv->station_is_associated = 0;
3445 priv->ReAssociationRequestRetryCnt = 0;
3446 restart_search(priv);
3447 } else {
3448 priv->ReAssociationRequestRetryCnt++;
3449 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3450 send_association_request(priv, 1);
3451 }
3452 break;
3453
3454 default:
3455 break;
3456 }
3457
3458 spin_unlock_irqrestore(&priv->irqlock, flags);
3459}
3460
3461static void atmel_command_irq(struct atmel_private *priv)
3462{
3463 u8 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
3464 u8 command = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET));
3465 int fast_scan;
3466 union iwreq_data wrqu;
3467
3468 if (status == CMD_STATUS_IDLE ||
3469 status == CMD_STATUS_IN_PROGRESS)
3470 return;
3471
3472 switch (command){
3473
3474 case CMD_Start:
3475 if (status == CMD_STATUS_COMPLETE) {
3476 priv->station_was_associated = priv->station_is_associated;
3477 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
3478 (u8 *)priv->CurrentBSSID, 6);
3479 atmel_enter_state(priv, STATION_STATE_READY);
3480 }
3481 break;
3482
3483 case CMD_Scan:
3484 fast_scan = priv->fast_scan;
3485 priv->fast_scan = 0;
3486
3487 if (status != CMD_STATUS_COMPLETE) {
3488 atmel_scan(priv, 1);
3489 } else {
3490 int bss_index = retrieve_bss(priv);
3491 int notify_scan_complete = 1;
3492 if (bss_index != -1) {
3493 atmel_join_bss(priv, bss_index);
3494 } else if (priv->operating_mode == IW_MODE_ADHOC &&
3495 priv->SSID_size != 0) {
3496 start(priv, BSS_TYPE_AD_HOC);
3497 } else {
3498 priv->fast_scan = !fast_scan;
3499 atmel_scan(priv, 1);
3500 notify_scan_complete = 0;
3501 }
3502 priv->site_survey_state = SITE_SURVEY_COMPLETED;
3503 if (notify_scan_complete) {
3504 wrqu.data.length = 0;
3505 wrqu.data.flags = 0;
3506 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3507 }
3508 }
3509 break;
3510
3511 case CMD_SiteSurvey:
3512 priv->fast_scan = 0;
3513
3514 if (status != CMD_STATUS_COMPLETE)
3515 return;
3516
3517 priv->site_survey_state = SITE_SURVEY_COMPLETED;
3518 if (priv->station_is_associated) {
3519 atmel_enter_state(priv, STATION_STATE_READY);
3520 wrqu.data.length = 0;
3521 wrqu.data.flags = 0;
3522 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3523 } else {
3524 atmel_scan(priv, 1);
3525 }
3526 break;
3527
3528 case CMD_Join:
3529 if (status == CMD_STATUS_COMPLETE) {
3530 if (priv->operating_mode == IW_MODE_ADHOC) {
3531 priv->station_was_associated = priv->station_is_associated;
3532 atmel_enter_state(priv, STATION_STATE_READY);
3533 } else {
3534 int auth = WLAN_AUTH_OPEN;
3535 priv->AuthenticationRequestRetryCnt = 0;
3536 atmel_enter_state(priv, STATION_STATE_AUTHENTICATING);
3537
3538 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3539 priv->CurrentAuthentTransactionSeqNum = 0x0001;
3540 if (priv->wep_is_on && priv->exclude_unencrypted)
3541 auth = WLAN_AUTH_SHARED_KEY;
3542 send_authentication_request(priv, auth, NULL, 0);
3543 }
3544 return;
3545 }
3546
3547 atmel_scan(priv, 1);
3548 }
3549}
3550
3551static int atmel_wakeup_firmware(struct atmel_private *priv)
3552{
3553 struct host_info_struct *iface = &priv->host_info;
3554 u16 mr1, mr3;
3555 int i;
3556
3557 if (priv->card_type == CARD_TYPE_SPI_FLASH)
3558 atmel_set_gcr(priv->dev, GCR_REMAP);
3559
3560 /* wake up on-board processor */
3561 atmel_clear_gcr(priv->dev, 0x0040);
3562 atmel_write16(priv->dev, BSR, BSS_SRAM);
3563
3564 if (priv->card_type == CARD_TYPE_SPI_FLASH)
3565 mdelay(100);
3566
3567 /* and wait for it */
3568 for (i = LOOP_RETRY_LIMIT; i; i--) {
3569 mr1 = atmel_read16(priv->dev, MR1);
3570 mr3 = atmel_read16(priv->dev, MR3);
3571
3572 if (mr3 & MAC_BOOT_COMPLETE)
3573 break;
3574 if (mr1 & MAC_BOOT_COMPLETE &&
3575 priv->bus_type == BUS_TYPE_PCCARD)
3576 break;
3577 }
3578
3579 if (i == 0) {
3580 printk(KERN_ALERT "%s: MAC failed to boot.\n", priv->dev->name);
3581 return 0;
3582 }
3583
3584 if ((priv->host_info_base = atmel_read16(priv->dev, MR2)) == 0xffff) {
3585 printk(KERN_ALERT "%s: card missing.\n", priv->dev->name);
3586 return 0;
3587 }
3588
3589 /* now check for completion of MAC initialization through
3590 the FunCtrl field of the IFACE, poll MR1 to detect completion of
3591 MAC initialization, check completion status, set interrupt mask,
3592 enables interrupts and calls Tx and Rx initialization functions */
3593
3594 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), FUNC_CTRL_INIT_COMPLETE);
3595
3596 for (i = LOOP_RETRY_LIMIT; i; i--) {
3597 mr1 = atmel_read16(priv->dev, MR1);
3598 mr3 = atmel_read16(priv->dev, MR3);
3599
3600 if (mr3 & MAC_INIT_COMPLETE)
3601 break;
3602 if (mr1 & MAC_INIT_COMPLETE &&
3603 priv->bus_type == BUS_TYPE_PCCARD)
3604 break;
3605 }
3606
3607 if (i == 0) {
3608 printk(KERN_ALERT "%s: MAC failed to initialise.\n",
3609 priv->dev->name);
3610 return 0;
3611 }
3612
3613 /* Check for MAC_INIT_OK only on the register that the MAC_INIT_OK was set */
3614 if ((mr3 & MAC_INIT_COMPLETE) &&
3615 !(atmel_read16(priv->dev, MR3) & MAC_INIT_OK)) {
3616 printk(KERN_ALERT "%s: MAC failed MR3 self-test.\n", priv->dev->name);
3617 return 0;
3618 }
3619 if ((mr1 & MAC_INIT_COMPLETE) &&
3620 !(atmel_read16(priv->dev, MR1) & MAC_INIT_OK)) {
3621 printk(KERN_ALERT "%s: MAC failed MR1 self-test.\n", priv->dev->name);
3622 return 0;
3623 }
3624
3625 atmel_copy_to_host(priv->dev, (unsigned char *)iface,
3626 priv->host_info_base, sizeof(*iface));
3627
3628 iface->tx_buff_pos = le16_to_cpu(iface->tx_buff_pos);
3629 iface->tx_buff_size = le16_to_cpu(iface->tx_buff_size);
3630 iface->tx_desc_pos = le16_to_cpu(iface->tx_desc_pos);
3631 iface->tx_desc_count = le16_to_cpu(iface->tx_desc_count);
3632 iface->rx_buff_pos = le16_to_cpu(iface->rx_buff_pos);
3633 iface->rx_buff_size = le16_to_cpu(iface->rx_buff_size);
3634 iface->rx_desc_pos = le16_to_cpu(iface->rx_desc_pos);
3635 iface->rx_desc_count = le16_to_cpu(iface->rx_desc_count);
3636 iface->build_version = le16_to_cpu(iface->build_version);
3637 iface->command_pos = le16_to_cpu(iface->command_pos);
3638 iface->major_version = le16_to_cpu(iface->major_version);
3639 iface->minor_version = le16_to_cpu(iface->minor_version);
3640 iface->func_ctrl = le16_to_cpu(iface->func_ctrl);
3641 iface->mac_status = le16_to_cpu(iface->mac_status);
3642
3643 return 1;
3644}
3645
3646/* determine type of memory and MAC address */
3647static int probe_atmel_card(struct net_device *dev)
3648{
3649 int rc = 0;
3650 struct atmel_private *priv = netdev_priv(dev);
3651
3652 /* reset pccard */
3653 if (priv->bus_type == BUS_TYPE_PCCARD)
3654 atmel_write16(dev, GCR, 0x0060);
3655
3656 atmel_write16(dev, GCR, 0x0040);
3657 mdelay(500);
3658
3659 if (atmel_read16(dev, MR2) == 0) {
3660 /* No stored firmware so load a small stub which just
3661 tells us the MAC address */
3662 int i;
3663 priv->card_type = CARD_TYPE_EEPROM;
3664 atmel_write16(dev, BSR, BSS_IRAM);
3665 atmel_copy_to_card(dev, 0, mac_reader, sizeof(mac_reader));
3666 atmel_set_gcr(dev, GCR_REMAP);
3667 atmel_clear_gcr(priv->dev, 0x0040);
3668 atmel_write16(dev, BSR, BSS_SRAM);
3669 for (i = LOOP_RETRY_LIMIT; i; i--)
3670 if (atmel_read16(dev, MR3) & MAC_BOOT_COMPLETE)
3671 break;
3672 if (i == 0) {
3673 printk(KERN_ALERT "%s: MAC failed to boot MAC address reader.\n", dev->name);
3674 } else {
3675 atmel_copy_to_host(dev, dev->dev_addr, atmel_read16(dev, MR2), 6);
3676 /* got address, now squash it again until the network
3677 interface is opened */
3678 if (priv->bus_type == BUS_TYPE_PCCARD)
3679 atmel_write16(dev, GCR, 0x0060);
3680 atmel_write16(dev, GCR, 0x0040);
3681 rc = 1;
3682 }
3683 } else if (atmel_read16(dev, MR4) == 0) {
3684 /* Mac address easy in this case. */
3685 priv->card_type = CARD_TYPE_PARALLEL_FLASH;
3686 atmel_write16(dev, BSR, 1);
3687 atmel_copy_to_host(dev, dev->dev_addr, 0xc000, 6);
3688 atmel_write16(dev, BSR, 0x200);
3689 rc = 1;
3690 } else {
3691 /* Standard firmware in flash, boot it up and ask
3692 for the Mac Address */
3693 priv->card_type = CARD_TYPE_SPI_FLASH;
3694 if (atmel_wakeup_firmware(priv)) {
3695 atmel_get_mib(priv, Mac_Address_Mib_Type, 0, dev->dev_addr, 6);
3696
3697 /* got address, now squash it again until the network
3698 interface is opened */
3699 if (priv->bus_type == BUS_TYPE_PCCARD)
3700 atmel_write16(dev, GCR, 0x0060);
3701 atmel_write16(dev, GCR, 0x0040);
3702 rc = 1;
3703 }
3704 }
3705
3706 if (rc) {
3707 if (dev->dev_addr[0] == 0xFF) {
3708 u8 default_mac[] = {0x00,0x04, 0x25, 0x00, 0x00, 0x00};
3709 printk(KERN_ALERT "%s: *** Invalid MAC address. UPGRADE Firmware ****\n", dev->name);
3710 memcpy(dev->dev_addr, default_mac, 6);
3711 }
3712 }
3713
3714 return rc;
3715}
3716
3717/* Move the encyption information on the MIB structure.
3718 This routine is for the pre-WPA firmware: later firmware has
3719 a different format MIB and a different routine. */
3720static void build_wep_mib(struct atmel_private *priv)
3721{
3722 struct { /* NB this is matched to the hardware, don't change. */
3723 u8 wep_is_on;
3724 u8 default_key; /* 0..3 */
3725 u8 reserved;
3726 u8 exclude_unencrypted;
3727
3728 u32 WEPICV_error_count;
3729 u32 WEP_excluded_count;
3730
3731 u8 wep_keys[MAX_ENCRYPTION_KEYS][13];
3732 u8 encryption_level; /* 0, 1, 2 */
3733 u8 reserved2[3];
3734 } mib;
3735 int i;
3736
3737 mib.wep_is_on = priv->wep_is_on;
3738 if (priv->wep_is_on) {
3739 if (priv->wep_key_len[priv->default_key] > 5)
3740 mib.encryption_level = 2;
3741 else
3742 mib.encryption_level = 1;
3743 } else {
3744 mib.encryption_level = 0;
3745 }
3746
3747 mib.default_key = priv->default_key;
3748 mib.exclude_unencrypted = priv->exclude_unencrypted;
3749
3750 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++)
3751 memcpy(mib.wep_keys[i], priv->wep_keys[i], 13);
3752
3753 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3754}
3755
3756static void build_wpa_mib(struct atmel_private *priv)
3757{
3758 /* This is for the later (WPA enabled) firmware. */
3759
3760 struct { /* NB this is matched to the hardware, don't change. */
3761 u8 cipher_default_key_value[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
3762 u8 receiver_address[6];
3763 u8 wep_is_on;
3764 u8 default_key; /* 0..3 */
3765 u8 group_key;
3766 u8 exclude_unencrypted;
3767 u8 encryption_type;
3768 u8 reserved;
3769
3770 u32 WEPICV_error_count;
3771 u32 WEP_excluded_count;
3772
3773 u8 key_RSC[4][8];
3774 } mib;
3775
3776 int i;
3777
3778 mib.wep_is_on = priv->wep_is_on;
3779 mib.exclude_unencrypted = priv->exclude_unencrypted;
3780 memcpy(mib.receiver_address, priv->CurrentBSSID, 6);
3781
3782 /* zero all the keys before adding in valid ones. */
3783 memset(mib.cipher_default_key_value, 0, sizeof(mib.cipher_default_key_value));
3784
3785 if (priv->wep_is_on) {
3786 /* There's a comment in the Atmel code to the effect that this
3787 is only valid when still using WEP, it may need to be set to
3788 something to use WPA */
3789 memset(mib.key_RSC, 0, sizeof(mib.key_RSC));
3790
3791 mib.default_key = mib.group_key = 255;
3792 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) {
3793 if (priv->wep_key_len[i] > 0) {
3794 memcpy(mib.cipher_default_key_value[i], priv->wep_keys[i], MAX_ENCRYPTION_KEY_SIZE);
3795 if (i == priv->default_key) {
3796 mib.default_key = i;
3797 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 7;
3798 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->pairwise_cipher_suite;
3799 } else {
3800 mib.group_key = i;
3801 priv->group_cipher_suite = priv->pairwise_cipher_suite;
3802 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 1;
3803 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->group_cipher_suite;
3804 }
3805 }
3806 }
3807 if (mib.default_key == 255)
3808 mib.default_key = mib.group_key != 255 ? mib.group_key : 0;
3809 if (mib.group_key == 255)
3810 mib.group_key = mib.default_key;
3811
3812 }
3813
3814 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3815}
3816
3817static int reset_atmel_card(struct net_device *dev)
3818{
3819 /* do everything necessary to wake up the hardware, including
3820 waiting for the lightning strike and throwing the knife switch....
3821
3822 set all the Mib values which matter in the card to match
3823 their settings in the atmel_private structure. Some of these
3824 can be altered on the fly, but many (WEP, infrastucture or ad-hoc)
3825 can only be changed by tearing down the world and coming back through
3826 here.
3827
3828 This routine is also responsible for initialising some
3829 hardware-specific fields in the atmel_private structure,
3830 including a copy of the firmware's hostinfo stucture
3831 which is the route into the rest of the firmare datastructures. */
3832
3833 struct atmel_private *priv = netdev_priv(dev);
3834 u8 configuration;
3835 int old_state = priv->station_state;
3836
3837 /* data to add to the firmware names, in priority order
3838 this implemenents firmware versioning */
3839
3840 static char *firmware_modifier[] = {
3841 "-wpa",
3842 "",
3843 NULL
3844 };
3845
3846 /* reset pccard */
3847 if (priv->bus_type == BUS_TYPE_PCCARD)
3848 atmel_write16(priv->dev, GCR, 0x0060);
3849
3850 /* stop card , disable interrupts */
3851 atmel_write16(priv->dev, GCR, 0x0040);
3852
3853 if (priv->card_type == CARD_TYPE_EEPROM) {
3854 /* copy in firmware if needed */
3855 const struct firmware *fw_entry = NULL;
3856 unsigned char *fw;
3857 int len = priv->firmware_length;
3858 if (!(fw = priv->firmware)) {
3859 if (priv->firmware_type == ATMEL_FW_TYPE_NONE) {
3860 if (strlen(priv->firmware_id) == 0) {
3861 printk(KERN_INFO
3862 "%s: card type is unknown: assuming at76c502 firmware is OK.\n",
3863 dev->name);
3864 printk(KERN_INFO
3865 "%s: if not, use the firmware= module parameter.\n",
3866 dev->name);
3867 strcpy(priv->firmware_id, "atmel_at76c502.bin");
3868 }
3869 if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) != 0) {
3870 printk(KERN_ALERT
3871 "%s: firmware %s is missing, cannot continue.\n",
3872 dev->name, priv->firmware_id);
3873 return 0;
3874 }
3875 } else {
3876 int fw_index = 0;
3877 int success = 0;
3878
3879 /* get firmware filename entry based on firmware type ID */
3880 while (fw_table[fw_index].fw_type != priv->firmware_type
3881 && fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE)
3882 fw_index++;
3883
3884 /* construct the actual firmware file name */
3885 if (fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) {
3886 int i;
3887 for (i = 0; firmware_modifier[i]; i++) {
3888 snprintf(priv->firmware_id, 32, "%s%s.%s", fw_table[fw_index].fw_file,
3889 firmware_modifier[i], fw_table[fw_index].fw_file_ext);
3890 priv->firmware_id[31] = '\0';
3891 if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) == 0) {
3892 success = 1;
3893 break;
3894 }
3895 }
3896 }
3897 if (!success) {
3898 printk(KERN_ALERT
3899 "%s: firmware %s is missing, cannot start.\n",
3900 dev->name, priv->firmware_id);
3901 priv->firmware_id[0] = '\0';
3902 return 0;
3903 }
3904 }
3905
3906 fw = fw_entry->data;
3907 len = fw_entry->size;
3908 }
3909
3910 if (len <= 0x6000) {
3911 atmel_write16(priv->dev, BSR, BSS_IRAM);
3912 atmel_copy_to_card(priv->dev, 0, fw, len);
3913 atmel_set_gcr(priv->dev, GCR_REMAP);
3914 } else {
3915 /* Remap */
3916 atmel_set_gcr(priv->dev, GCR_REMAP);
3917 atmel_write16(priv->dev, BSR, BSS_IRAM);
3918 atmel_copy_to_card(priv->dev, 0, fw, 0x6000);
3919 atmel_write16(priv->dev, BSR, 0x2ff);
3920 atmel_copy_to_card(priv->dev, 0x8000, &fw[0x6000], len - 0x6000);
3921 }
3922
3923 if (fw_entry)
3924 release_firmware(fw_entry);
3925 }
3926
3927 if (!atmel_wakeup_firmware(priv))
3928 return 0;
3929
3930 /* Check the version and set the correct flag for wpa stuff,
3931 old and new firmware is incompatible.
3932 The pre-wpa 3com firmware reports major version 5,
3933 the wpa 3com firmware is major version 4 and doesn't need
3934 the 3com broken-ness filter. */
3935 priv->use_wpa = (priv->host_info.major_version == 4);
3936 priv->radio_on_broken = (priv->host_info.major_version == 5);
3937
3938 /* unmask all irq sources */
3939 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_MASK_OFFSET), 0xff);
3940
3941 /* int Tx system and enable Tx */
3942 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, 0), 0);
3943 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, 0), 0x80000000L);
3944 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, 0), 0);
3945 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, 0), 0);
3946
3947 priv->tx_desc_free = priv->host_info.tx_desc_count;
3948 priv->tx_desc_head = 0;
3949 priv->tx_desc_tail = 0;
3950 priv->tx_desc_previous = 0;
3951 priv->tx_free_mem = priv->host_info.tx_buff_size;
3952 priv->tx_buff_head = 0;
3953 priv->tx_buff_tail = 0;
3954
3955 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
3956 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
3957 configuration | FUNC_CTRL_TxENABLE);
3958
3959 /* init Rx system and enable */
3960 priv->rx_desc_head = 0;
3961
3962 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
3963 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
3964 configuration | FUNC_CTRL_RxENABLE);
3965
3966 if (!priv->radio_on_broken) {
3967 if (atmel_send_command_wait(priv, CMD_EnableRadio, NULL, 0) ==
3968 CMD_STATUS_REJECTED_RADIO_OFF) {
3969 printk(KERN_INFO
3970 "%s: cannot turn the radio on. (Hey radio, you're beautiful!)\n",
3971 dev->name);
3972 return 0;
3973 }
3974 }
3975
3976 /* set up enough MIB values to run. */
3977 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_AUTO_TX_RATE_POS, priv->auto_tx_rate);
3978 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_TX_PROMISCUOUS_POS, PROM_MODE_OFF);
3979 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_RTS_THRESHOLD_POS, priv->rts_threshold);
3980 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_FRAG_THRESHOLD_POS, priv->frag_threshold);
3981 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_SHORT_RETRY_POS, priv->short_retry);
3982 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_LONG_RETRY_POS, priv->long_retry);
3983 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, priv->preamble);
3984 atmel_set_mib(priv, Mac_Address_Mib_Type, MAC_ADDR_MIB_MAC_ADDR_POS,
3985 priv->dev->dev_addr, 6);
3986 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3987 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3988 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_BEACON_PER_POS, priv->default_beacon_period);
3989 atmel_set_mib(priv, Phy_Mib_Type, PHY_MIB_RATE_SET_POS, atmel_basic_rates, 4);
3990 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_PRIVACY_POS, priv->wep_is_on);
3991 if (priv->use_wpa)
3992 build_wpa_mib(priv);
3993 else
3994 build_wep_mib(priv);
3995
3996 if (old_state == STATION_STATE_READY)
3997 {
3998 union iwreq_data wrqu;
3999
4000 wrqu.data.length = 0;
4001 wrqu.data.flags = 0;
4002 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
4003 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
4004 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
4005 }
4006
4007 return 1;
4008}
4009
4010static void atmel_send_command(struct atmel_private *priv, int command,
4011 void *cmd, int cmd_size)
4012{
4013 if (cmd)
4014 atmel_copy_to_card(priv->dev, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET),
4015 cmd, cmd_size);
4016
4017 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET), command);
4018 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET), 0);
4019}
4020
4021static int atmel_send_command_wait(struct atmel_private *priv, int command,
4022 void *cmd, int cmd_size)
4023{
4024 int i, status;
4025
4026 atmel_send_command(priv, command, cmd, cmd_size);
4027
4028 for (i = 5000; i; i--) {
4029 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
4030 if (status != CMD_STATUS_IDLE &&
4031 status != CMD_STATUS_IN_PROGRESS)
4032 break;
4033 udelay(20);
4034 }
4035
4036 if (i == 0) {
4037 printk(KERN_ALERT "%s: failed to contact MAC.\n", priv->dev->name);
4038 status = CMD_STATUS_HOST_ERROR;
4039 } else {
4040 if (command != CMD_EnableRadio)
4041 status = CMD_STATUS_COMPLETE;
4042 }
4043
4044 return status;
4045}
4046
4047static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index)
4048{
4049 struct get_set_mib m;
4050 m.type = type;
4051 m.size = 1;
4052 m.index = index;
4053
4054 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4055 return atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE));
4056}
4057
4058static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, u8 data)
4059{
4060 struct get_set_mib m;
4061 m.type = type;
4062 m.size = 1;
4063 m.index = index;
4064 m.data[0] = data;
4065
4066 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4067}
4068
4069static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
4070 u16 data)
4071{
4072 struct get_set_mib m;
4073 m.type = type;
4074 m.size = 2;
4075 m.index = index;
4076 m.data[0] = data;
4077 m.data[1] = data >> 8;
4078
4079 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 2);
4080}
4081
4082static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
4083 u8 *data, int data_len)
4084{
4085 struct get_set_mib m;
4086 m.type = type;
4087 m.size = data_len;
4088 m.index = index;
4089
4090 if (data_len > MIB_MAX_DATA_BYTES)
4091 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4092
4093 memcpy(m.data, data, data_len);
4094 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4095}
4096
4097static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
4098 u8 *data, int data_len)
4099{
4100 struct get_set_mib m;
4101 m.type = type;
4102 m.size = data_len;
4103 m.index = index;
4104
4105 if (data_len > MIB_MAX_DATA_BYTES)
4106 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4107
4108 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4109 atmel_copy_to_host(priv->dev, data,
4110 atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE), data_len);
4111}
4112
4113static void atmel_writeAR(struct net_device *dev, u16 data)
4114{
4115 int i;
4116 outw(data, dev->base_addr + AR);
4117 /* Address register appears to need some convincing..... */
4118 for (i = 0; data != inw(dev->base_addr + AR) && i < 10; i++)
4119 outw(data, dev->base_addr + AR);
4120}
4121
4122static void atmel_copy_to_card(struct net_device *dev, u16 dest,
4123 unsigned char *src, u16 len)
4124{
4125 int i;
4126 atmel_writeAR(dev, dest);
4127 if (dest % 2) {
4128 atmel_write8(dev, DR, *src);
4129 src++; len--;
4130 }
4131 for (i = len; i > 1 ; i -= 2) {
4132 u8 lb = *src++;
4133 u8 hb = *src++;
4134 atmel_write16(dev, DR, lb | (hb << 8));
4135 }
4136 if (i)
4137 atmel_write8(dev, DR, *src);
4138}
4139
4140static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
4141 u16 src, u16 len)
4142{
4143 int i;
4144 atmel_writeAR(dev, src);
4145 if (src % 2) {
4146 *dest = atmel_read8(dev, DR);
4147 dest++; len--;
4148 }
4149 for (i = len; i > 1 ; i -= 2) {
4150 u16 hw = atmel_read16(dev, DR);
4151 *dest++ = hw;
4152 *dest++ = hw >> 8;
4153 }
4154 if (i)
4155 *dest = atmel_read8(dev, DR);
4156}
4157
4158static void atmel_set_gcr(struct net_device *dev, u16 mask)
4159{
4160 outw(inw(dev->base_addr + GCR) | mask, dev->base_addr + GCR);
4161}
4162
4163static void atmel_clear_gcr(struct net_device *dev, u16 mask)
4164{
4165 outw(inw(dev->base_addr + GCR) & ~mask, dev->base_addr + GCR);
4166}
4167
4168static int atmel_lock_mac(struct atmel_private *priv)
4169{
4170 int i, j = 20;
4171 retry:
4172 for (i = 5000; i; i--) {
4173 if (!atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET)))
4174 break;
4175 udelay(20);
4176 }
4177
4178 if (!i)
4179 return 0; /* timed out */
4180
4181 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 1);
4182 if (atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) {
4183 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
4184 if (!j--)
4185 return 0; /* timed out */
4186 goto retry;
4187 }
4188
4189 return 1;
4190}
4191
4192static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data)
4193{
4194 atmel_writeAR(priv->dev, pos);
4195 atmel_write16(priv->dev, DR, data); /* card is little-endian */
4196 atmel_write16(priv->dev, DR, data >> 16);
4197}
4198
4199/***************************************************************************/
4200/* There follows the source form of the MAC address reading firmware */
4201/***************************************************************************/
4202#if 0
4203
4204/* Copyright 2003 Matthew T. Russotto */
4205/* But derived from the Atmel 76C502 firmware written by Atmel and */
4206/* included in "atmel wireless lan drivers" package */
4207/**
4208 This file is part of net.russotto.AtmelMACFW, hereto referred to
4209 as AtmelMACFW
4210
4211 AtmelMACFW is free software; you can redistribute it and/or modify
4212 it under the terms of the GNU General Public License version 2
4213 as published by the Free Software Foundation.
4214
4215 AtmelMACFW is distributed in the hope that it will be useful,
4216 but WITHOUT ANY WARRANTY; without even the implied warranty of
4217 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4218 GNU General Public License for more details.
4219
4220 You should have received a copy of the GNU General Public License
4221 along with AtmelMACFW; if not, write to the Free Software
4222 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
4223
4224****************************************************************************/
4225/* This firmware should work on the 76C502 RFMD, RFMD_D, and RFMD_E */
4226/* It will probably work on the 76C504 and 76C502 RFMD_3COM */
4227/* It only works on SPI EEPROM versions of the card. */
4228
4229/* This firmware initializes the SPI controller and clock, reads the MAC */
4230/* address from the EEPROM into SRAM, and puts the SRAM offset of the MAC */
4231/* address in MR2, and sets MR3 to 0x10 to indicate it is done */
4232/* It also puts a complete copy of the EEPROM in SRAM with the offset in */
4233/* MR4, for investigational purposes (maybe we can determine chip type */
4234/* from that?) */
4235
4236 .org 0
4237 .set MRBASE, 0x8000000
4238 .set CPSR_INITIAL, 0xD3 /* IRQ/FIQ disabled, ARM mode, Supervisor state */
4239 .set CPSR_USER, 0xD1 /* IRQ/FIQ disabled, ARM mode, USER state */
4240 .set SRAM_BASE, 0x02000000
4241 .set SP_BASE, 0x0F300000
4242 .set UNK_BASE, 0x0F000000 /* Some internal device, but which one? */
4243 .set SPI_CGEN_BASE, 0x0E000000 /* Some internal device, but which one? */
4244 .set UNK3_BASE, 0x02014000 /* Some internal device, but which one? */
4245 .set STACK_BASE, 0x5600
4246 .set SP_SR, 0x10
4247 .set SP_TDRE, 2 /* status register bit -- TDR empty */
4248 .set SP_RDRF, 1 /* status register bit -- RDR full */
4249 .set SP_SWRST, 0x80
4250 .set SP_SPIEN, 0x1
4251 .set SP_CR, 0 /* control register */
4252 .set SP_MR, 4 /* mode register */
4253 .set SP_RDR, 0x08 /* Read Data Register */
4254 .set SP_TDR, 0x0C /* Transmit Data Register */
4255 .set SP_CSR0, 0x30 /* chip select registers */
4256 .set SP_CSR1, 0x34
4257 .set SP_CSR2, 0x38
4258 .set SP_CSR3, 0x3C
4259 .set NVRAM_CMD_RDSR, 5 /* read status register */
4260 .set NVRAM_CMD_READ, 3 /* read data */
4261 .set NVRAM_SR_RDY, 1 /* RDY bit. This bit is inverted */
4262 .set SPI_8CLOCKS, 0xFF /* Writing this to the TDR doesn't do anything to the
4263 serial output, since SO is normally high. But it
4264 does cause 8 clock cycles and thus 8 bits to be
4265 clocked in to the chip. See Atmel's SPI
4266 controller (e.g. AT91M55800) timing and 4K
4267 SPI EEPROM manuals */
4268
4269 .set NVRAM_SCRATCH, 0x02000100 /* arbitrary area for scratchpad memory */
4270 .set NVRAM_IMAGE, 0x02000200
4271 .set NVRAM_LENGTH, 0x0200
4272 .set MAC_ADDRESS_MIB, SRAM_BASE
4273 .set MAC_ADDRESS_LENGTH, 6
4274 .set MAC_BOOT_FLAG, 0x10
4275 .set MR1, 0
4276 .set MR2, 4
4277 .set MR3, 8
4278 .set MR4, 0xC
4279RESET_VECTOR:
4280 b RESET_HANDLER
4281UNDEF_VECTOR:
4282 b HALT1
4283SWI_VECTOR:
4284 b HALT1
4285IABORT_VECTOR:
4286 b HALT1
4287DABORT_VECTOR:
4288RESERVED_VECTOR:
4289 b HALT1
4290IRQ_VECTOR:
4291 b HALT1
4292FIQ_VECTOR:
4293 b HALT1
4294HALT1: b HALT1
4295RESET_HANDLER:
4296 mov r0, #CPSR_INITIAL
4297 msr CPSR_c, r0 /* This is probably unnecessary */
4298
4299/* I'm guessing this is initializing clock generator electronics for SPI */
4300 ldr r0, =SPI_CGEN_BASE
4301 mov r1, #0
4302 mov r1, r1, lsl #3
4303 orr r1,r1, #0
4304 str r1, [r0]
4305 ldr r1, [r0, #28]
4306 bic r1, r1, #16
4307 str r1, [r0, #28]
4308 mov r1, #1
4309 str r1, [r0, #8]
4310
4311 ldr r0, =MRBASE
4312 mov r1, #0
4313 strh r1, [r0, #MR1]
4314 strh r1, [r0, #MR2]
4315 strh r1, [r0, #MR3]
4316 strh r1, [r0, #MR4]
4317
4318 mov sp, #STACK_BASE
4319 bl SP_INIT
4320 mov r0, #10
4321 bl DELAY9
4322 bl GET_MAC_ADDR
4323 bl GET_WHOLE_NVRAM
4324 ldr r0, =MRBASE
4325 ldr r1, =MAC_ADDRESS_MIB
4326 strh r1, [r0, #MR2]
4327 ldr r1, =NVRAM_IMAGE
4328 strh r1, [r0, #MR4]
4329 mov r1, #MAC_BOOT_FLAG
4330 strh r1, [r0, #MR3]
4331HALT2: b HALT2
4332.func Get_Whole_NVRAM, GET_WHOLE_NVRAM
4333GET_WHOLE_NVRAM:
4334 stmdb sp!, {lr}
4335 mov r2, #0 /* 0th bytes of NVRAM */
4336 mov r3, #NVRAM_LENGTH
4337 mov r1, #0 /* not used in routine */
4338 ldr r0, =NVRAM_IMAGE
4339 bl NVRAM_XFER
4340 ldmia sp!, {lr}
4341 bx lr
4342.endfunc
4343
4344.func Get_MAC_Addr, GET_MAC_ADDR
4345GET_MAC_ADDR:
4346 stmdb sp!, {lr}
4347 mov r2, #0x120 /* address of MAC Address within NVRAM */
4348 mov r3, #MAC_ADDRESS_LENGTH
4349 mov r1, #0 /* not used in routine */
4350 ldr r0, =MAC_ADDRESS_MIB
4351 bl NVRAM_XFER
4352 ldmia sp!, {lr}
4353 bx lr
4354.endfunc
4355.ltorg
4356.func Delay9, DELAY9
4357DELAY9:
4358 adds r0, r0, r0, LSL #3 /* r0 = r0 * 9 */
4359DELAYLOOP:
4360 beq DELAY9_done
4361 subs r0, r0, #1
4362 b DELAYLOOP
4363DELAY9_done:
4364 bx lr
4365.endfunc
4366
4367.func SP_Init, SP_INIT
4368SP_INIT:
4369 mov r1, #SP_SWRST
4370 ldr r0, =SP_BASE
4371 str r1, [r0, #SP_CR] /* reset the SPI */
4372 mov r1, #0
4373 str r1, [r0, #SP_CR] /* release SPI from reset state */
4374 mov r1, #SP_SPIEN
4375 str r1, [r0, #SP_MR] /* set the SPI to MASTER mode*/
4376 str r1, [r0, #SP_CR] /* enable the SPI */
4377
4378/* My guess would be this turns on the SPI clock */
4379 ldr r3, =SPI_CGEN_BASE
4380 ldr r1, [r3, #28]
4381 orr r1, r1, #0x2000
4382 str r1, [r3, #28]
4383
4384 ldr r1, =0x2000c01
4385 str r1, [r0, #SP_CSR0]
4386 ldr r1, =0x2000201
4387 str r1, [r0, #SP_CSR1]
4388 str r1, [r0, #SP_CSR2]
4389 str r1, [r0, #SP_CSR3]
4390 ldr r1, [r0, #SP_SR]
4391 ldr r0, [r0, #SP_RDR]
4392 bx lr
4393.endfunc
4394.func NVRAM_Init, NVRAM_INIT
4395NVRAM_INIT:
4396 ldr r1, =SP_BASE
4397 ldr r0, [r1, #SP_RDR]
4398 mov r0, #NVRAM_CMD_RDSR
4399 str r0, [r1, #SP_TDR]
4400SP_loop1:
4401 ldr r0, [r1, #SP_SR]
4402 tst r0, #SP_TDRE
4403 beq SP_loop1
4404
4405 mov r0, #SPI_8CLOCKS
4406 str r0, [r1, #SP_TDR]
4407SP_loop2:
4408 ldr r0, [r1, #SP_SR]
4409 tst r0, #SP_TDRE
4410 beq SP_loop2
4411
4412 ldr r0, [r1, #SP_RDR]
4413SP_loop3:
4414 ldr r0, [r1, #SP_SR]
4415 tst r0, #SP_RDRF
4416 beq SP_loop3
4417
4418 ldr r0, [r1, #SP_RDR]
4419 and r0, r0, #255
4420 bx lr
4421.endfunc
4422
4423.func NVRAM_Xfer, NVRAM_XFER
4424 /* r0 = dest address */
4425 /* r1 = not used */
4426 /* r2 = src address within NVRAM */
4427 /* r3 = length */
4428NVRAM_XFER:
4429 stmdb sp!, {r4, r5, lr}
4430 mov r5, r0 /* save r0 (dest address) */
4431 mov r4, r3 /* save r3 (length) */
4432 mov r0, r2, LSR #5 /* SPI memories put A8 in the command field */
4433 and r0, r0, #8
4434 add r0, r0, #NVRAM_CMD_READ
4435 ldr r1, =NVRAM_SCRATCH
4436 strb r0, [r1, #0] /* save command in NVRAM_SCRATCH[0] */
4437 strb r2, [r1, #1] /* save low byte of source address in NVRAM_SCRATCH[1] */
4438_local1:
4439 bl NVRAM_INIT
4440 tst r0, #NVRAM_SR_RDY
4441 bne _local1
4442 mov r0, #20
4443 bl DELAY9
4444 mov r2, r4 /* length */
4445 mov r1, r5 /* dest address */
4446 mov r0, #2 /* bytes to transfer in command */
4447 bl NVRAM_XFER2
4448 ldmia sp!, {r4, r5, lr}
4449 bx lr
4450.endfunc
4451
4452.func NVRAM_Xfer2, NVRAM_XFER2
4453NVRAM_XFER2:
4454 stmdb sp!, {r4, r5, r6, lr}
4455 ldr r4, =SP_BASE
4456 mov r3, #0
4457 cmp r0, #0
4458 bls _local2
4459 ldr r5, =NVRAM_SCRATCH
4460_local4:
4461 ldrb r6, [r5, r3]
4462 str r6, [r4, #SP_TDR]
4463_local3:
4464 ldr r6, [r4, #SP_SR]
4465 tst r6, #SP_TDRE
4466 beq _local3
4467 add r3, r3, #1
4468 cmp r3, r0 /* r0 is # of bytes to send out (command+addr) */
4469 blo _local4
4470_local2:
4471 mov r3, #SPI_8CLOCKS
4472 str r3, [r4, #SP_TDR]
4473 ldr r0, [r4, #SP_RDR]
4474_local5:
4475 ldr r0, [r4, #SP_SR]
4476 tst r0, #SP_RDRF
4477 beq _local5
4478 ldr r0, [r4, #SP_RDR] /* what's this byte? It's the byte read while writing the TDR -- nonsense, because the NVRAM doesn't read and write at the same time */
4479 mov r0, #0
4480 cmp r2, #0 /* r2 is # of bytes to copy in */
4481 bls _local6
4482_local7:
4483 ldr r5, [r4, #SP_SR]
4484 tst r5, #SP_TDRE
4485 beq _local7
4486 str r3, [r4, #SP_TDR] /* r3 has SPI_8CLOCKS */
4487_local8:
4488 ldr r5, [r4, #SP_SR]
4489 tst r5, #SP_RDRF
4490 beq _local8
4491 ldr r5, [r4, #SP_RDR] /* but didn't we read this byte above? */
4492 strb r5, [r1], #1 /* postindexed */
4493 add r0, r0, #1
4494 cmp r0, r2
4495 blo _local7 /* since we don't send another address, the NVRAM must be capable of sequential reads */
4496_local6:
4497 mov r0, #200
4498 bl DELAY9
4499 ldmia sp!, {r4, r5, r6, lr}
4500 bx lr
4501#endif
This page took 0.038952 seconds and 5 git commands to generate.