1 /*** -*- linux-c -*- **********************************************************
3 Driver for Atmel at76c502 at76c504 and at76c506 wireless cards.
5 Copyright 2000-2001 ATMEL Corporation.
6 Copyright 2003-2004 Simon Kelley.
8 This code was developed from version 2.1.1 of the Atmel drivers,
9 released by Atmel corp. under the GPL in December 2002. It also
10 includes code from the Linux aironet drivers (C) Benjamin Reed,
11 and the Linux PCMCIA package, (C) David Hinds and the Linux wireless
12 extensions, (C) Jean Tourrilhes.
14 The firmware module for reading the MAC address of the card comes from
15 net.russotto.AtmelMACFW, written by Matthew T. Russotto and copyright
16 by him. net.russotto.AtmelMACFW is used under the GPL license version 2.
17 This file contains the module in binary form and, under the terms
18 of the GPL, in source form. The source is located at the end of the file.
20 This program is free software; you can redistribute it and/or modify
21 it under the terms of the GNU General Public License as published by
22 the Free Software Foundation; either version 2 of the License, or
23 (at your option) any later version.
25 This software is distributed in the hope that it will be useful,
26 but WITHOUT ANY WARRANTY; without even the implied warranty of
27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 GNU General Public License for more details.
30 You should have received a copy of the GNU General Public License
31 along with Atmel wireless lan drivers; if not, see
32 <http://www.gnu.org/licenses/>.
34 For all queries about this code, please contact the current author,
37 Credit is due to HP UK and Cambridge Online Systems Ltd for supplying
38 hardware used during development of this driver.
40 ******************************************************************************/
42 #include <linux/interrupt.h>
44 #include <linux/kernel.h>
45 #include <linux/ptrace.h>
46 #include <linux/slab.h>
47 #include <linux/string.h>
48 #include <linux/timer.h>
49 #include <asm/byteorder.h>
51 #include <linux/uaccess.h>
52 #include <linux/module.h>
53 #include <linux/netdevice.h>
54 #include <linux/etherdevice.h>
55 #include <linux/skbuff.h>
56 #include <linux/if_arp.h>
57 #include <linux/ioport.h>
58 #include <linux/fcntl.h>
59 #include <linux/delay.h>
60 #include <linux/wireless.h>
61 #include <net/iw_handler.h>
62 #include <linux/crc32.h>
63 #include <linux/proc_fs.h>
64 #include <linux/seq_file.h>
65 #include <linux/device.h>
66 #include <linux/moduleparam.h>
67 #include <linux/firmware.h>
68 #include <linux/jiffies.h>
69 #include <net/cfg80211.h>
72 #define DRIVER_MAJOR 0
73 #define DRIVER_MINOR 98
75 MODULE_AUTHOR("Simon Kelley");
76 MODULE_DESCRIPTION("Support for Atmel at76c50x 802.11 wireless ethernet cards.");
77 MODULE_LICENSE("GPL");
79 /* The name of the firmware file to be loaded
80 over-rides any automatic selection */
81 static char *firmware = NULL;
82 module_param(firmware, charp, 0);
84 /* table of firmware file names */
88 const char *fw_file_ext;
90 { ATMEL_FW_TYPE_502, "atmel_at76c502", "bin" },
91 { ATMEL_FW_TYPE_502D, "atmel_at76c502d", "bin" },
92 { ATMEL_FW_TYPE_502E, "atmel_at76c502e", "bin" },
93 { ATMEL_FW_TYPE_502_3COM, "atmel_at76c502_3com", "bin" },
94 { ATMEL_FW_TYPE_504, "atmel_at76c504", "bin" },
95 { ATMEL_FW_TYPE_504_2958, "atmel_at76c504_2958", "bin" },
96 { ATMEL_FW_TYPE_504A_2958, "atmel_at76c504a_2958", "bin" },
97 { ATMEL_FW_TYPE_506, "atmel_at76c506", "bin" },
98 { ATMEL_FW_TYPE_NONE, NULL, NULL }
100 MODULE_FIRMWARE("atmel_at76c502-wpa.bin");
101 MODULE_FIRMWARE("atmel_at76c502.bin");
102 MODULE_FIRMWARE("atmel_at76c502d-wpa.bin");
103 MODULE_FIRMWARE("atmel_at76c502d.bin");
104 MODULE_FIRMWARE("atmel_at76c502e-wpa.bin");
105 MODULE_FIRMWARE("atmel_at76c502e.bin");
106 MODULE_FIRMWARE("atmel_at76c502_3com-wpa.bin");
107 MODULE_FIRMWARE("atmel_at76c502_3com.bin");
108 MODULE_FIRMWARE("atmel_at76c504-wpa.bin");
109 MODULE_FIRMWARE("atmel_at76c504.bin");
110 MODULE_FIRMWARE("atmel_at76c504_2958-wpa.bin");
111 MODULE_FIRMWARE("atmel_at76c504_2958.bin");
112 MODULE_FIRMWARE("atmel_at76c504a_2958-wpa.bin");
113 MODULE_FIRMWARE("atmel_at76c504a_2958.bin");
114 MODULE_FIRMWARE("atmel_at76c506-wpa.bin");
115 MODULE_FIRMWARE("atmel_at76c506.bin");
117 #define MAX_SSID_LENGTH 32
118 #define MGMT_JIFFIES (256 * HZ / 100)
120 #define MAX_BSS_ENTRIES 64
123 #define GCR 0x00 /* (SIR0) General Configuration Register */
124 #define BSR 0x02 /* (SIR1) Bank Switching Select Register */
127 #define MR1 0x12 /* Mirror Register 1 */
128 #define MR2 0x14 /* Mirror Register 2 */
129 #define MR3 0x16 /* Mirror Register 3 */
130 #define MR4 0x18 /* Mirror Register 4 */
136 * Constants for the GCR register.
138 #define GCR_REMAP 0x0400 /* Remap internal SRAM to 0 */
139 #define GCR_SWRES 0x0080 /* BIU reset (ARM and PAI are NOT reset) */
140 #define GCR_CORES 0x0060 /* Core Reset (ARM and PAI are reset) */
141 #define GCR_ENINT 0x0002 /* Enable Interrupts */
142 #define GCR_ACKINT 0x0008 /* Acknowledge Interrupts */
144 #define BSS_SRAM 0x0200 /* AMBA module selection --> SRAM */
145 #define BSS_IRAM 0x0100 /* AMBA module selection --> IRAM */
147 *Constants for the MR registers.
149 #define MAC_INIT_COMPLETE 0x0001 /* MAC init has been completed */
150 #define MAC_BOOT_COMPLETE 0x0010 /* MAC boot has been completed */
151 #define MAC_INIT_OK 0x0002 /* MAC boot has been completed */
153 #define MIB_MAX_DATA_BYTES 212
154 #define MIB_HEADER_SIZE 4 /* first four fields */
161 u8 data[MIB_MAX_DATA_BYTES];
179 #define RX_DESC_FLAG_VALID 0x80
180 #define RX_DESC_FLAG_CONSUMED 0x40
181 #define RX_DESC_FLAG_IDLE 0x00
183 #define RX_STATUS_SUCCESS 0x00
185 #define RX_DESC_MSDU_POS_OFFSET 4
186 #define RX_DESC_MSDU_SIZE_OFFSET 6
187 #define RX_DESC_FLAGS_OFFSET 8
188 #define RX_DESC_STATUS_OFFSET 9
189 #define RX_DESC_RSSI_OFFSET 11
190 #define RX_DESC_LINK_QUALITY_OFFSET 12
191 #define RX_DESC_PREAMBLE_TYPE_OFFSET 13
192 #define RX_DESC_DURATION_OFFSET 14
193 #define RX_DESC_RX_TIME_OFFSET 16
216 #define TX_DESC_NEXT_OFFSET 0
217 #define TX_DESC_POS_OFFSET 4
218 #define TX_DESC_SIZE_OFFSET 6
219 #define TX_DESC_FLAGS_OFFSET 8
220 #define TX_DESC_STATUS_OFFSET 9
221 #define TX_DESC_RETRY_OFFSET 10
222 #define TX_DESC_RATE_OFFSET 11
223 #define TX_DESC_KEY_INDEX_OFFSET 12
224 #define TX_DESC_CIPHER_TYPE_OFFSET 13
225 #define TX_DESC_CIPHER_LENGTH_OFFSET 14
226 #define TX_DESC_PACKET_TYPE_OFFSET 17
227 #define TX_DESC_HOST_LENGTH_OFFSET 18
233 #define TX_STATUS_SUCCESS 0x00
235 #define TX_FIRM_OWN 0x80
238 #define TX_ERROR 0x01
240 #define TX_PACKET_TYPE_DATA 0x01
241 #define TX_PACKET_TYPE_MGMT 0x02
243 #define ISR_EMPTY 0x00 /* no bits set in ISR */
244 #define ISR_TxCOMPLETE 0x01 /* packet transmitted */
245 #define ISR_RxCOMPLETE 0x02 /* packet received */
246 #define ISR_RxFRAMELOST 0x04 /* Rx Frame lost */
247 #define ISR_FATAL_ERROR 0x08 /* Fatal error */
248 #define ISR_COMMAND_COMPLETE 0x10 /* command completed */
249 #define ISR_OUT_OF_RANGE 0x20 /* command completed */
250 #define ISR_IBSS_MERGE 0x40 /* (4.1.2.30): IBSS merge */
251 #define ISR_GENERIC_IRQ 0x80
253 #define Local_Mib_Type 0x01
254 #define Mac_Address_Mib_Type 0x02
255 #define Mac_Mib_Type 0x03
256 #define Statistics_Mib_Type 0x04
257 #define Mac_Mgmt_Mib_Type 0x05
258 #define Mac_Wep_Mib_Type 0x06
259 #define Phy_Mib_Type 0x07
260 #define Multi_Domain_MIB 0x08
262 #define MAC_MGMT_MIB_CUR_BSSID_POS 14
263 #define MAC_MIB_FRAG_THRESHOLD_POS 8
264 #define MAC_MIB_RTS_THRESHOLD_POS 10
265 #define MAC_MIB_SHORT_RETRY_POS 16
266 #define MAC_MIB_LONG_RETRY_POS 17
267 #define MAC_MIB_SHORT_RETRY_LIMIT_POS 16
268 #define MAC_MGMT_MIB_BEACON_PER_POS 0
269 #define MAC_MGMT_MIB_STATION_ID_POS 6
270 #define MAC_MGMT_MIB_CUR_PRIVACY_POS 11
271 #define MAC_MGMT_MIB_CUR_BSSID_POS 14
272 #define MAC_MGMT_MIB_PS_MODE_POS 53
273 #define MAC_MGMT_MIB_LISTEN_INTERVAL_POS 54
274 #define MAC_MGMT_MIB_MULTI_DOMAIN_IMPLEMENTED 56
275 #define MAC_MGMT_MIB_MULTI_DOMAIN_ENABLED 57
276 #define PHY_MIB_CHANNEL_POS 14
277 #define PHY_MIB_RATE_SET_POS 20
278 #define PHY_MIB_REG_DOMAIN_POS 26
279 #define LOCAL_MIB_AUTO_TX_RATE_POS 3
280 #define LOCAL_MIB_SSID_SIZE 5
281 #define LOCAL_MIB_TX_PROMISCUOUS_POS 6
282 #define LOCAL_MIB_TX_MGMT_RATE_POS 7
283 #define LOCAL_MIB_TX_CONTROL_RATE_POS 8
284 #define LOCAL_MIB_PREAMBLE_TYPE 9
285 #define MAC_ADDR_MIB_MAC_ADDR_POS 0
287 #define CMD_Set_MIB_Vars 0x01
288 #define CMD_Get_MIB_Vars 0x02
289 #define CMD_Scan 0x03
290 #define CMD_Join 0x04
291 #define CMD_Start 0x05
292 #define CMD_EnableRadio 0x06
293 #define CMD_DisableRadio 0x07
294 #define CMD_SiteSurvey 0x0B
296 #define CMD_STATUS_IDLE 0x00
297 #define CMD_STATUS_COMPLETE 0x01
298 #define CMD_STATUS_UNKNOWN 0x02
299 #define CMD_STATUS_INVALID_PARAMETER 0x03
300 #define CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04
301 #define CMD_STATUS_TIME_OUT 0x07
302 #define CMD_STATUS_IN_PROGRESS 0x08
303 #define CMD_STATUS_REJECTED_RADIO_OFF 0x09
304 #define CMD_STATUS_HOST_ERROR 0xFF
305 #define CMD_STATUS_BUSY 0xFE
307 #define CMD_BLOCK_COMMAND_OFFSET 0
308 #define CMD_BLOCK_STATUS_OFFSET 1
309 #define CMD_BLOCK_PARAMETERS_OFFSET 4
311 #define SCAN_OPTIONS_SITE_SURVEY 0x80
313 #define MGMT_FRAME_BODY_OFFSET 24
314 #define MAX_AUTHENTICATION_RETRIES 3
315 #define MAX_ASSOCIATION_RETRIES 3
317 #define AUTHENTICATION_RESPONSE_TIME_OUT 1000
319 #define MAX_WIRELESS_BODY 2316 /* mtu is 2312, CRC is 4 */
320 #define LOOP_RETRY_LIMIT 500000
322 #define ACTIVE_MODE 1
325 #define MAX_ENCRYPTION_KEYS 4
326 #define MAX_ENCRYPTION_KEY_SIZE 40
329 * 802.11 related definitions
336 #define REG_DOMAIN_FCC 0x10 /* Channels 1-11 USA */
337 #define REG_DOMAIN_DOC 0x20 /* Channel 1-11 Canada */
338 #define REG_DOMAIN_ETSI 0x30 /* Channel 1-13 Europe (ex Spain/France) */
339 #define REG_DOMAIN_SPAIN 0x31 /* Channel 10-11 Spain */
340 #define REG_DOMAIN_FRANCE 0x32 /* Channel 10-13 France */
341 #define REG_DOMAIN_MKK 0x40 /* Channel 14 Japan */
342 #define REG_DOMAIN_MKK1 0x41 /* Channel 1-14 Japan(MKK1) */
343 #define REG_DOMAIN_ISRAEL 0x50 /* Channel 3-9 ISRAEL */
345 #define BSS_TYPE_AD_HOC 1
346 #define BSS_TYPE_INFRASTRUCTURE 2
348 #define SCAN_TYPE_ACTIVE 0
349 #define SCAN_TYPE_PASSIVE 1
351 #define LONG_PREAMBLE 0
352 #define SHORT_PREAMBLE 1
353 #define AUTO_PREAMBLE 2
355 #define DATA_FRAME_WS_HEADER_SIZE 30
357 /* promiscuous mode control */
358 #define PROM_MODE_OFF 0x0
359 #define PROM_MODE_UNKNOWN 0x1
360 #define PROM_MODE_CRC_FAILED 0x2
361 #define PROM_MODE_DUPLICATED 0x4
362 #define PROM_MODE_MGMT 0x8
363 #define PROM_MODE_CTRL 0x10
364 #define PROM_MODE_BAD_PROTOCOL 0x20
366 #define IFACE_INT_STATUS_OFFSET 0
367 #define IFACE_INT_MASK_OFFSET 1
368 #define IFACE_LOCKOUT_HOST_OFFSET 2
369 #define IFACE_LOCKOUT_MAC_OFFSET 3
370 #define IFACE_FUNC_CTRL_OFFSET 28
371 #define IFACE_MAC_STAT_OFFSET 30
372 #define IFACE_GENERIC_INT_TYPE_OFFSET 32
374 #define CIPHER_SUITE_NONE 0
375 #define CIPHER_SUITE_WEP_64 1
376 #define CIPHER_SUITE_TKIP 2
377 #define CIPHER_SUITE_AES 3
378 #define CIPHER_SUITE_CCX 4
379 #define CIPHER_SUITE_WEP_128 5
382 * IFACE MACROS & definitions
388 #define FUNC_CTRL_TxENABLE 0x10
389 #define FUNC_CTRL_RxENABLE 0x20
390 #define FUNC_CTRL_INIT_COMPLETE 0x01
392 /* A stub firmware image which reads the MAC address from NVRAM on the card.
393 For copyright information and source see the end of this file. */
394 static u8 mac_reader[] = {
395 0x06, 0x00, 0x00, 0xea, 0x04, 0x00, 0x00, 0xea, 0x03, 0x00, 0x00, 0xea, 0x02, 0x00, 0x00, 0xea,
396 0x01, 0x00, 0x00, 0xea, 0x00, 0x00, 0x00, 0xea, 0xff, 0xff, 0xff, 0xea, 0xfe, 0xff, 0xff, 0xea,
397 0xd3, 0x00, 0xa0, 0xe3, 0x00, 0xf0, 0x21, 0xe1, 0x0e, 0x04, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
398 0x81, 0x11, 0xa0, 0xe1, 0x00, 0x10, 0x81, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x1c, 0x10, 0x90, 0xe5,
399 0x10, 0x10, 0xc1, 0xe3, 0x1c, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 0x08, 0x10, 0x80, 0xe5,
400 0x02, 0x03, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 0xb0, 0x10, 0xc0, 0xe1, 0xb4, 0x10, 0xc0, 0xe1,
401 0xb8, 0x10, 0xc0, 0xe1, 0xbc, 0x10, 0xc0, 0xe1, 0x56, 0xdc, 0xa0, 0xe3, 0x21, 0x00, 0x00, 0xeb,
402 0x0a, 0x00, 0xa0, 0xe3, 0x1a, 0x00, 0x00, 0xeb, 0x10, 0x00, 0x00, 0xeb, 0x07, 0x00, 0x00, 0xeb,
403 0x02, 0x03, 0xa0, 0xe3, 0x02, 0x14, 0xa0, 0xe3, 0xb4, 0x10, 0xc0, 0xe1, 0x4c, 0x10, 0x9f, 0xe5,
404 0xbc, 0x10, 0xc0, 0xe1, 0x10, 0x10, 0xa0, 0xe3, 0xb8, 0x10, 0xc0, 0xe1, 0xfe, 0xff, 0xff, 0xea,
405 0x00, 0x40, 0x2d, 0xe9, 0x00, 0x20, 0xa0, 0xe3, 0x02, 0x3c, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
406 0x28, 0x00, 0x9f, 0xe5, 0x37, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1,
407 0x00, 0x40, 0x2d, 0xe9, 0x12, 0x2e, 0xa0, 0xe3, 0x06, 0x30, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
408 0x02, 0x04, 0xa0, 0xe3, 0x2f, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1,
409 0x00, 0x02, 0x00, 0x02, 0x80, 0x01, 0x90, 0xe0, 0x01, 0x00, 0x00, 0x0a, 0x01, 0x00, 0x50, 0xe2,
410 0xfc, 0xff, 0xff, 0xea, 0x1e, 0xff, 0x2f, 0xe1, 0x80, 0x10, 0xa0, 0xe3, 0xf3, 0x06, 0xa0, 0xe3,
411 0x00, 0x10, 0x80, 0xe5, 0x00, 0x10, 0xa0, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3,
412 0x04, 0x10, 0x80, 0xe5, 0x00, 0x10, 0x80, 0xe5, 0x0e, 0x34, 0xa0, 0xe3, 0x1c, 0x10, 0x93, 0xe5,
413 0x02, 0x1a, 0x81, 0xe3, 0x1c, 0x10, 0x83, 0xe5, 0x58, 0x11, 0x9f, 0xe5, 0x30, 0x10, 0x80, 0xe5,
414 0x54, 0x11, 0x9f, 0xe5, 0x34, 0x10, 0x80, 0xe5, 0x38, 0x10, 0x80, 0xe5, 0x3c, 0x10, 0x80, 0xe5,
415 0x10, 0x10, 0x90, 0xe5, 0x08, 0x00, 0x90, 0xe5, 0x1e, 0xff, 0x2f, 0xe1, 0xf3, 0x16, 0xa0, 0xe3,
416 0x08, 0x00, 0x91, 0xe5, 0x05, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 0x10, 0x00, 0x91, 0xe5,
417 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0xff, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5,
418 0x10, 0x00, 0x91, 0xe5, 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5,
419 0x10, 0x00, 0x91, 0xe5, 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5,
420 0xff, 0x00, 0x00, 0xe2, 0x1e, 0xff, 0x2f, 0xe1, 0x30, 0x40, 0x2d, 0xe9, 0x00, 0x50, 0xa0, 0xe1,
421 0x03, 0x40, 0xa0, 0xe1, 0xa2, 0x02, 0xa0, 0xe1, 0x08, 0x00, 0x00, 0xe2, 0x03, 0x00, 0x80, 0xe2,
422 0xd8, 0x10, 0x9f, 0xe5, 0x00, 0x00, 0xc1, 0xe5, 0x01, 0x20, 0xc1, 0xe5, 0xe2, 0xff, 0xff, 0xeb,
423 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x1a, 0x14, 0x00, 0xa0, 0xe3, 0xc4, 0xff, 0xff, 0xeb,
424 0x04, 0x20, 0xa0, 0xe1, 0x05, 0x10, 0xa0, 0xe1, 0x02, 0x00, 0xa0, 0xe3, 0x01, 0x00, 0x00, 0xeb,
425 0x30, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x70, 0x40, 0x2d, 0xe9, 0xf3, 0x46, 0xa0, 0xe3,
426 0x00, 0x30, 0xa0, 0xe3, 0x00, 0x00, 0x50, 0xe3, 0x08, 0x00, 0x00, 0x9a, 0x8c, 0x50, 0x9f, 0xe5,
427 0x03, 0x60, 0xd5, 0xe7, 0x0c, 0x60, 0x84, 0xe5, 0x10, 0x60, 0x94, 0xe5, 0x02, 0x00, 0x16, 0xe3,
428 0xfc, 0xff, 0xff, 0x0a, 0x01, 0x30, 0x83, 0xe2, 0x00, 0x00, 0x53, 0xe1, 0xf7, 0xff, 0xff, 0x3a,
429 0xff, 0x30, 0xa0, 0xe3, 0x0c, 0x30, 0x84, 0xe5, 0x08, 0x00, 0x94, 0xe5, 0x10, 0x00, 0x94, 0xe5,
430 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x94, 0xe5, 0x00, 0x00, 0xa0, 0xe3,
431 0x00, 0x00, 0x52, 0xe3, 0x0b, 0x00, 0x00, 0x9a, 0x10, 0x50, 0x94, 0xe5, 0x02, 0x00, 0x15, 0xe3,
432 0xfc, 0xff, 0xff, 0x0a, 0x0c, 0x30, 0x84, 0xe5, 0x10, 0x50, 0x94, 0xe5, 0x01, 0x00, 0x15, 0xe3,
433 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x50, 0x94, 0xe5, 0x01, 0x50, 0xc1, 0xe4, 0x01, 0x00, 0x80, 0xe2,
434 0x02, 0x00, 0x50, 0xe1, 0xf3, 0xff, 0xff, 0x3a, 0xc8, 0x00, 0xa0, 0xe3, 0x98, 0xff, 0xff, 0xeb,
435 0x70, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x01, 0x0c, 0x00, 0x02, 0x01, 0x02, 0x00, 0x02,
436 0x00, 0x01, 0x00, 0x02
439 struct atmel_private {
440 void *card; /* Bus dependent structure varies for PCcard */
441 int (*present_callback)(void *); /* And callback which uses it */
442 char firmware_id[32];
443 AtmelFWType firmware_type;
446 struct timer_list management_timer;
447 struct net_device *dev;
448 struct device *sys_dev;
449 struct iw_statistics wstats;
450 spinlock_t irqlock, timerlock; /* spinlocks */
451 enum { BUS_TYPE_PCCARD, BUS_TYPE_PCI } bus_type;
453 CARD_TYPE_PARALLEL_FLASH,
457 int do_rx_crc; /* If we need to CRC incoming packets */
458 int probe_crc; /* set if we don't yet know */
459 int crc_ok_cnt, crc_ko_cnt; /* counters for probing */
461 u16 tx_desc_free, tx_desc_head, tx_desc_tail, tx_desc_previous;
462 u16 tx_free_mem, tx_buff_head, tx_buff_tail;
464 u16 frag_seq, frag_len, frag_no;
467 u8 wep_is_on, default_key, exclude_unencrypted, encryption_level;
468 u8 group_cipher_suite, pairwise_cipher_suite;
469 u8 wep_keys[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
470 int wep_key_len[MAX_ENCRYPTION_KEYS];
471 int use_wpa, radio_on_broken; /* firmware dependent stuff. */
474 struct host_info_struct {
475 /* NB this is matched to the hardware, don't change. */
476 u8 volatile int_status;
477 u8 volatile int_mask;
478 u8 volatile lockout_host;
479 u8 volatile lockout_mac;
499 u16 generic_IRQ_type;
504 STATION_STATE_SCANNING,
505 STATION_STATE_JOINNING,
506 STATION_STATE_AUTHENTICATING,
507 STATION_STATE_ASSOCIATING,
509 STATION_STATE_REASSOCIATING,
511 STATION_STATE_MGMT_ERROR
514 int operating_mode, power_mode;
515 unsigned long last_qual;
516 int beacons_this_sec;
518 int reg_domain, config_reg_domain;
523 int long_retry, short_retry;
525 int default_beacon_period, beacon_period, listen_interval;
526 int CurrentAuthentTransactionSeqNum, ExpectedAuthentTransactionSeqNum;
527 int AuthenticationRequestRetryCnt, AssociationRequestRetryCnt, ReAssociationRequestRetryCnt;
530 SITE_SURVEY_IN_PROGRESS,
531 SITE_SURVEY_COMPLETED
533 unsigned long last_survey;
535 int station_was_associated, station_is_associated;
547 u8 SSID[MAX_SSID_LENGTH];
548 } BSSinfo[MAX_BSS_ENTRIES];
549 int BSS_list_entries, current_BSS;
550 int connect_to_any_BSS;
551 int SSID_size, new_SSID_size;
552 u8 CurrentBSSID[6], BSSID[6];
553 u8 SSID[MAX_SSID_LENGTH], new_SSID[MAX_SSID_LENGTH];
554 u64 last_beacon_timestamp;
555 u8 rx_buf[MAX_WIRELESS_BODY];
558 static u8 atmel_basic_rates[4] = {0x82, 0x84, 0x0b, 0x16};
560 static const struct {
564 } channel_table[] = { { REG_DOMAIN_FCC, 1, 11, "USA" },
565 { REG_DOMAIN_DOC, 1, 11, "Canada" },
566 { REG_DOMAIN_ETSI, 1, 13, "Europe" },
567 { REG_DOMAIN_SPAIN, 10, 11, "Spain" },
568 { REG_DOMAIN_FRANCE, 10, 13, "France" },
569 { REG_DOMAIN_MKK, 14, 14, "MKK" },
570 { REG_DOMAIN_MKK1, 1, 14, "MKK1" },
571 { REG_DOMAIN_ISRAEL, 3, 9, "Israel"} };
573 static void build_wpa_mib(struct atmel_private *priv);
574 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd);
575 static void atmel_copy_to_card(struct net_device *dev, u16 dest,
576 const unsigned char *src, u16 len);
577 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
579 static void atmel_set_gcr(struct net_device *dev, u16 mask);
580 static void atmel_clear_gcr(struct net_device *dev, u16 mask);
581 static int atmel_lock_mac(struct atmel_private *priv);
582 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data);
583 static void atmel_command_irq(struct atmel_private *priv);
584 static int atmel_validate_channel(struct atmel_private *priv, int channel);
585 static void atmel_management_frame(struct atmel_private *priv,
586 struct ieee80211_hdr *header,
587 u16 frame_len, u8 rssi);
588 static void atmel_management_timer(struct timer_list *t);
589 static void atmel_send_command(struct atmel_private *priv, int command,
590 void *cmd, int cmd_size);
591 static int atmel_send_command_wait(struct atmel_private *priv, int command,
592 void *cmd, int cmd_size);
593 static void atmel_transmit_management_frame(struct atmel_private *priv,
594 struct ieee80211_hdr *header,
595 u8 *body, int body_len);
597 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index);
598 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index,
600 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
602 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
603 const u8 *data, int data_len);
604 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
605 u8 *data, int data_len);
606 static void atmel_scan(struct atmel_private *priv, int specific_ssid);
607 static void atmel_join_bss(struct atmel_private *priv, int bss_index);
608 static void atmel_smooth_qual(struct atmel_private *priv);
609 static void atmel_writeAR(struct net_device *dev, u16 data);
610 static int probe_atmel_card(struct net_device *dev);
611 static int reset_atmel_card(struct net_device *dev);
612 static void atmel_enter_state(struct atmel_private *priv, int new_state);
613 int atmel_open (struct net_device *dev);
615 static inline u16 atmel_hi(struct atmel_private *priv, u16 offset)
617 return priv->host_info_base + offset;
620 static inline u16 atmel_co(struct atmel_private *priv, u16 offset)
622 return priv->host_info.command_pos + offset;
625 static inline u16 atmel_rx(struct atmel_private *priv, u16 offset, u16 desc)
627 return priv->host_info.rx_desc_pos + (sizeof(struct rx_desc) * desc) + offset;
630 static inline u16 atmel_tx(struct atmel_private *priv, u16 offset, u16 desc)
632 return priv->host_info.tx_desc_pos + (sizeof(struct tx_desc) * desc) + offset;
635 static inline u8 atmel_read8(struct net_device *dev, u16 offset)
637 return inb(dev->base_addr + offset);
640 static inline void atmel_write8(struct net_device *dev, u16 offset, u8 data)
642 outb(data, dev->base_addr + offset);
645 static inline u16 atmel_read16(struct net_device *dev, u16 offset)
647 return inw(dev->base_addr + offset);
650 static inline void atmel_write16(struct net_device *dev, u16 offset, u16 data)
652 outw(data, dev->base_addr + offset);
655 static inline u8 atmel_rmem8(struct atmel_private *priv, u16 pos)
657 atmel_writeAR(priv->dev, pos);
658 return atmel_read8(priv->dev, DR);
661 static inline void atmel_wmem8(struct atmel_private *priv, u16 pos, u16 data)
663 atmel_writeAR(priv->dev, pos);
664 atmel_write8(priv->dev, DR, data);
667 static inline u16 atmel_rmem16(struct atmel_private *priv, u16 pos)
669 atmel_writeAR(priv->dev, pos);
670 return atmel_read16(priv->dev, DR);
673 static inline void atmel_wmem16(struct atmel_private *priv, u16 pos, u16 data)
675 atmel_writeAR(priv->dev, pos);
676 atmel_write16(priv->dev, DR, data);
679 static const struct iw_handler_def atmel_handler_def;
681 static void tx_done_irq(struct atmel_private *priv)
686 atmel_rmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head)) == TX_DONE &&
687 i < priv->host_info.tx_desc_count;
689 u8 status = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_STATUS_OFFSET, priv->tx_desc_head));
690 u16 msdu_size = atmel_rmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_head));
691 u8 type = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_head));
693 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head), 0);
695 priv->tx_free_mem += msdu_size;
696 priv->tx_desc_free++;
698 if (priv->tx_buff_head + msdu_size > (priv->host_info.tx_buff_pos + priv->host_info.tx_buff_size))
699 priv->tx_buff_head = 0;
701 priv->tx_buff_head += msdu_size;
703 if (priv->tx_desc_head < (priv->host_info.tx_desc_count - 1))
704 priv->tx_desc_head++ ;
706 priv->tx_desc_head = 0;
708 if (type == TX_PACKET_TYPE_DATA) {
709 if (status == TX_STATUS_SUCCESS)
710 priv->dev->stats.tx_packets++;
712 priv->dev->stats.tx_errors++;
713 netif_wake_queue(priv->dev);
718 static u16 find_tx_buff(struct atmel_private *priv, u16 len)
720 u16 bottom_free = priv->host_info.tx_buff_size - priv->tx_buff_tail;
722 if (priv->tx_desc_free == 3 || priv->tx_free_mem < len)
725 if (bottom_free >= len)
726 return priv->host_info.tx_buff_pos + priv->tx_buff_tail;
728 if (priv->tx_free_mem - bottom_free >= len) {
729 priv->tx_buff_tail = 0;
730 return priv->host_info.tx_buff_pos;
736 static void tx_update_descriptor(struct atmel_private *priv, int is_bcast,
737 u16 len, u16 buff, u8 type)
739 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, priv->tx_desc_tail), buff);
740 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_tail), len);
742 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_HOST_LENGTH_OFFSET, priv->tx_desc_tail), len);
743 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_tail), type);
744 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RATE_OFFSET, priv->tx_desc_tail), priv->tx_rate);
745 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RETRY_OFFSET, priv->tx_desc_tail), 0);
747 int cipher_type, cipher_length;
749 cipher_type = priv->group_cipher_suite;
750 if (cipher_type == CIPHER_SUITE_WEP_64 ||
751 cipher_type == CIPHER_SUITE_WEP_128)
753 else if (cipher_type == CIPHER_SUITE_TKIP)
755 else if (priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_64 ||
756 priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_128) {
757 cipher_type = priv->pairwise_cipher_suite;
760 cipher_type = CIPHER_SUITE_NONE;
764 cipher_type = priv->pairwise_cipher_suite;
765 if (cipher_type == CIPHER_SUITE_WEP_64 ||
766 cipher_type == CIPHER_SUITE_WEP_128)
768 else if (cipher_type == CIPHER_SUITE_TKIP)
770 else if (priv->group_cipher_suite == CIPHER_SUITE_WEP_64 ||
771 priv->group_cipher_suite == CIPHER_SUITE_WEP_128) {
772 cipher_type = priv->group_cipher_suite;
775 cipher_type = CIPHER_SUITE_NONE;
780 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_TYPE_OFFSET, priv->tx_desc_tail),
782 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_LENGTH_OFFSET, priv->tx_desc_tail),
785 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_tail), 0x80000000L);
786 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_tail), TX_FIRM_OWN);
787 if (priv->tx_desc_previous != priv->tx_desc_tail)
788 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_previous), 0);
789 priv->tx_desc_previous = priv->tx_desc_tail;
790 if (priv->tx_desc_tail < (priv->host_info.tx_desc_count - 1))
791 priv->tx_desc_tail++;
793 priv->tx_desc_tail = 0;
794 priv->tx_desc_free--;
795 priv->tx_free_mem -= len;
798 static netdev_tx_t start_tx(struct sk_buff *skb, struct net_device *dev)
800 struct atmel_private *priv = netdev_priv(dev);
801 struct ieee80211_hdr header;
803 u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN;
805 if (priv->card && priv->present_callback &&
806 !(*priv->present_callback)(priv->card)) {
807 dev->stats.tx_errors++;
812 if (priv->station_state != STATION_STATE_READY) {
813 dev->stats.tx_errors++;
818 /* first ensure the timer func cannot run */
819 spin_lock_bh(&priv->timerlock);
820 /* then stop the hardware ISR */
821 spin_lock_irqsave(&priv->irqlock, flags);
822 /* nb doing the above in the opposite order will deadlock */
824 /* The Wireless Header is 30 bytes. In the Ethernet packet we "cut" the
825 12 first bytes (containing DA/SA) and put them in the appropriate
826 fields of the Wireless Header. Thus the packet length is then the
827 initial + 18 (+30-12) */
829 if (!(buff = find_tx_buff(priv, len + 18))) {
830 dev->stats.tx_dropped++;
831 spin_unlock_irqrestore(&priv->irqlock, flags);
832 spin_unlock_bh(&priv->timerlock);
833 netif_stop_queue(dev);
834 return NETDEV_TX_BUSY;
837 frame_ctl = IEEE80211_FTYPE_DATA;
838 header.duration_id = 0;
841 frame_ctl |= IEEE80211_FCTL_PROTECTED;
842 if (priv->operating_mode == IW_MODE_ADHOC) {
843 skb_copy_from_linear_data(skb, &header.addr1, ETH_ALEN);
844 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN);
845 memcpy(&header.addr3, priv->BSSID, ETH_ALEN);
847 frame_ctl |= IEEE80211_FCTL_TODS;
848 memcpy(&header.addr1, priv->CurrentBSSID, ETH_ALEN);
849 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN);
850 skb_copy_from_linear_data(skb, &header.addr3, ETH_ALEN);
854 memcpy(&header.addr4, rfc1042_header, ETH_ALEN);
856 header.frame_control = cpu_to_le16(frame_ctl);
857 /* Copy the wireless header into the card */
858 atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE);
859 /* Copy the packet sans its 802.3 header addresses which have been replaced */
860 atmel_copy_to_card(dev, buff + DATA_FRAME_WS_HEADER_SIZE, skb->data + 12, len - 12);
861 priv->tx_buff_tail += len - 12 + DATA_FRAME_WS_HEADER_SIZE;
863 /* low bit of first byte of destination tells us if broadcast */
864 tx_update_descriptor(priv, *(skb->data) & 0x01, len + 18, buff, TX_PACKET_TYPE_DATA);
865 dev->stats.tx_bytes += len;
867 spin_unlock_irqrestore(&priv->irqlock, flags);
868 spin_unlock_bh(&priv->timerlock);
874 static void atmel_transmit_management_frame(struct atmel_private *priv,
875 struct ieee80211_hdr *header,
876 u8 *body, int body_len)
879 int len = MGMT_FRAME_BODY_OFFSET + body_len;
881 if (!(buff = find_tx_buff(priv, len)))
884 atmel_copy_to_card(priv->dev, buff, (u8 *)header, MGMT_FRAME_BODY_OFFSET);
885 atmel_copy_to_card(priv->dev, buff + MGMT_FRAME_BODY_OFFSET, body, body_len);
886 priv->tx_buff_tail += len;
887 tx_update_descriptor(priv, header->addr1[0] & 0x01, len, buff, TX_PACKET_TYPE_MGMT);
890 static void fast_rx_path(struct atmel_private *priv,
891 struct ieee80211_hdr *header,
892 u16 msdu_size, u16 rx_packet_loc, u32 crc)
894 /* fast path: unfragmented packet copy directly into skbuf */
899 /* get the final, mac 4 header field, this tells us encapsulation */
900 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc + 24, 6);
903 if (priv->do_rx_crc) {
904 crc = crc32_le(crc, mac4, 6);
908 if (!(skb = dev_alloc_skb(msdu_size + 14))) {
909 priv->dev->stats.rx_dropped++;
914 skbp = skb_put(skb, msdu_size + 12);
915 atmel_copy_to_host(priv->dev, skbp + 12, rx_packet_loc + 30, msdu_size);
917 if (priv->do_rx_crc) {
919 crc = crc32_le(crc, skbp + 12, msdu_size);
920 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + 30 + msdu_size, 4);
921 if ((crc ^ 0xffffffff) != netcrc) {
922 priv->dev->stats.rx_crc_errors++;
928 memcpy(skbp, header->addr1, ETH_ALEN); /* destination address */
929 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
930 memcpy(&skbp[ETH_ALEN], header->addr3, ETH_ALEN);
932 memcpy(&skbp[ETH_ALEN], header->addr2, ETH_ALEN); /* source address */
934 skb->protocol = eth_type_trans(skb, priv->dev);
935 skb->ip_summed = CHECKSUM_NONE;
937 priv->dev->stats.rx_bytes += 12 + msdu_size;
938 priv->dev->stats.rx_packets++;
941 /* Test to see if the packet in card memory at packet_loc has a valid CRC
942 It doesn't matter that this is slow: it is only used to proble the first few
944 static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size)
946 int i = msdu_size - 4;
947 u32 netcrc, crc = 0xffffffff;
952 atmel_copy_to_host(priv->dev, (void *)&netcrc, packet_loc + i, 4);
954 atmel_writeAR(priv->dev, packet_loc);
956 u8 octet = atmel_read8(priv->dev, DR);
957 crc = crc32_le(crc, &octet, 1);
960 return (crc ^ 0xffffffff) == netcrc;
963 static void frag_rx_path(struct atmel_private *priv,
964 struct ieee80211_hdr *header,
965 u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no,
966 u8 frag_no, int more_frags)
972 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
973 memcpy(source, header->addr3, ETH_ALEN);
975 memcpy(source, header->addr2, ETH_ALEN);
977 rx_packet_loc += 24; /* skip header */
982 if (frag_no == 0) { /* first fragment */
983 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc, ETH_ALEN);
984 msdu_size -= ETH_ALEN;
985 rx_packet_loc += ETH_ALEN;
988 crc = crc32_le(crc, mac4, 6);
990 priv->frag_seq = seq_no;
992 priv->frag_len = msdu_size;
993 memcpy(priv->frag_source, source, ETH_ALEN);
994 memcpy(&priv->rx_buf[ETH_ALEN], source, ETH_ALEN);
995 memcpy(priv->rx_buf, header->addr1, ETH_ALEN);
997 atmel_copy_to_host(priv->dev, &priv->rx_buf[12], rx_packet_loc, msdu_size);
999 if (priv->do_rx_crc) {
1001 crc = crc32_le(crc, &priv->rx_buf[12], msdu_size);
1002 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1003 if ((crc ^ 0xffffffff) != netcrc) {
1004 priv->dev->stats.rx_crc_errors++;
1005 eth_broadcast_addr(priv->frag_source);
1009 } else if (priv->frag_no == frag_no &&
1010 priv->frag_seq == seq_no &&
1011 memcmp(priv->frag_source, source, ETH_ALEN) == 0) {
1013 atmel_copy_to_host(priv->dev, &priv->rx_buf[12 + priv->frag_len],
1014 rx_packet_loc, msdu_size);
1015 if (priv->do_rx_crc) {
1018 &priv->rx_buf[12 + priv->frag_len],
1020 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1021 if ((crc ^ 0xffffffff) != netcrc) {
1022 priv->dev->stats.rx_crc_errors++;
1023 eth_broadcast_addr(priv->frag_source);
1024 more_frags = 1; /* don't send broken assembly */
1028 priv->frag_len += msdu_size;
1031 if (!more_frags) { /* last one */
1032 eth_broadcast_addr(priv->frag_source);
1033 if (!(skb = dev_alloc_skb(priv->frag_len + 14))) {
1034 priv->dev->stats.rx_dropped++;
1036 skb_reserve(skb, 2);
1037 skb_put_data(skb, priv->rx_buf,
1038 priv->frag_len + 12);
1039 skb->protocol = eth_type_trans(skb, priv->dev);
1040 skb->ip_summed = CHECKSUM_NONE;
1042 priv->dev->stats.rx_bytes += priv->frag_len + 12;
1043 priv->dev->stats.rx_packets++;
1047 priv->wstats.discard.fragment++;
1050 static void rx_done_irq(struct atmel_private *priv)
1053 struct ieee80211_hdr header;
1056 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID &&
1057 i < priv->host_info.rx_desc_count;
1060 u16 msdu_size, rx_packet_loc, frame_ctl, seq_control;
1061 u8 status = atmel_rmem8(priv, atmel_rx(priv, RX_DESC_STATUS_OFFSET, priv->rx_desc_head));
1062 u32 crc = 0xffffffff;
1064 if (status != RX_STATUS_SUCCESS) {
1065 if (status == 0xc1) /* determined by experiment */
1066 priv->wstats.discard.nwid++;
1068 priv->dev->stats.rx_errors++;
1072 msdu_size = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_SIZE_OFFSET, priv->rx_desc_head));
1073 rx_packet_loc = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_POS_OFFSET, priv->rx_desc_head));
1075 if (msdu_size < 30) {
1076 priv->dev->stats.rx_errors++;
1080 /* Get header as far as end of seq_ctrl */
1081 atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24);
1082 frame_ctl = le16_to_cpu(header.frame_control);
1083 seq_control = le16_to_cpu(header.seq_ctrl);
1085 /* probe for CRC use here if needed once five packets have
1086 arrived with the same crc status, we assume we know what's
1087 happening and stop probing */
1088 if (priv->probe_crc) {
1089 if (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED)) {
1090 priv->do_rx_crc = probe_crc(priv, rx_packet_loc, msdu_size);
1092 priv->do_rx_crc = probe_crc(priv, rx_packet_loc + 24, msdu_size - 24);
1094 if (priv->do_rx_crc) {
1095 if (priv->crc_ok_cnt++ > 5)
1096 priv->probe_crc = 0;
1098 if (priv->crc_ko_cnt++ > 5)
1099 priv->probe_crc = 0;
1103 /* don't CRC header when WEP in use */
1104 if (priv->do_rx_crc && (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED))) {
1105 crc = crc32_le(0xffffffff, (unsigned char *)&header, 24);
1107 msdu_size -= 24; /* header */
1109 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) {
1110 int more_fragments = frame_ctl & IEEE80211_FCTL_MOREFRAGS;
1111 u8 packet_fragment_no = seq_control & IEEE80211_SCTL_FRAG;
1112 u16 packet_sequence_no = (seq_control & IEEE80211_SCTL_SEQ) >> 4;
1114 if (!more_fragments && packet_fragment_no == 0) {
1115 fast_rx_path(priv, &header, msdu_size, rx_packet_loc, crc);
1117 frag_rx_path(priv, &header, msdu_size, rx_packet_loc, crc,
1118 packet_sequence_no, packet_fragment_no, more_fragments);
1122 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1123 /* copy rest of packet into buffer */
1124 atmel_copy_to_host(priv->dev, (unsigned char *)&priv->rx_buf, rx_packet_loc + 24, msdu_size);
1126 /* we use the same buffer for frag reassembly and control packets */
1127 eth_broadcast_addr(priv->frag_source);
1129 if (priv->do_rx_crc) {
1130 /* last 4 octets is crc */
1132 crc = crc32_le(crc, (unsigned char *)&priv->rx_buf, msdu_size);
1133 if ((crc ^ 0xffffffff) != (*((u32 *)&priv->rx_buf[msdu_size]))) {
1134 priv->dev->stats.rx_crc_errors++;
1139 atmel_management_frame(priv, &header, msdu_size,
1140 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_RSSI_OFFSET, priv->rx_desc_head)));
1144 /* release descriptor */
1145 atmel_wmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head), RX_DESC_FLAG_CONSUMED);
1147 if (priv->rx_desc_head < (priv->host_info.rx_desc_count - 1))
1148 priv->rx_desc_head++;
1150 priv->rx_desc_head = 0;
1154 static irqreturn_t service_interrupt(int irq, void *dev_id)
1156 struct net_device *dev = (struct net_device *) dev_id;
1157 struct atmel_private *priv = netdev_priv(dev);
1160 static const u8 irq_order[] = {
1166 ISR_COMMAND_COMPLETE,
1171 if (priv->card && priv->present_callback &&
1172 !(*priv->present_callback)(priv->card))
1175 /* In this state upper-level code assumes it can mess with
1176 the card unhampered by interrupts which may change register state.
1177 Note that even though the card shouldn't generate interrupts
1178 the inturrupt line may be shared. This allows card setup
1179 to go on without disabling interrupts for a long time. */
1180 if (priv->station_state == STATION_STATE_DOWN)
1183 atmel_clear_gcr(dev, GCR_ENINT); /* disable interrupts */
1186 if (!atmel_lock_mac(priv)) {
1187 /* failed to contact card */
1188 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1192 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1193 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1196 atmel_set_gcr(dev, GCR_ENINT); /* enable interrupts */
1197 return i == -1 ? IRQ_NONE : IRQ_HANDLED;
1200 atmel_set_gcr(dev, GCR_ACKINT); /* acknowledge interrupt */
1202 for (i = 0; i < ARRAY_SIZE(irq_order); i++)
1203 if (isr & irq_order[i])
1206 if (!atmel_lock_mac(priv)) {
1207 /* failed to contact card */
1208 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1212 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1213 isr ^= irq_order[i];
1214 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET), isr);
1215 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1217 switch (irq_order[i]) {
1219 case ISR_OUT_OF_RANGE:
1220 if (priv->operating_mode == IW_MODE_INFRA &&
1221 priv->station_state == STATION_STATE_READY) {
1222 priv->station_is_associated = 0;
1223 atmel_scan(priv, 1);
1227 case ISR_RxFRAMELOST:
1228 priv->wstats.discard.misc++;
1230 case ISR_RxCOMPLETE:
1234 case ISR_TxCOMPLETE:
1238 case ISR_FATAL_ERROR:
1239 printk(KERN_ALERT "%s: *** FATAL error interrupt ***\n", dev->name);
1240 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
1243 case ISR_COMMAND_COMPLETE:
1244 atmel_command_irq(priv);
1247 case ISR_IBSS_MERGE:
1248 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
1249 priv->CurrentBSSID, 6);
1250 /* The WPA stuff cares about the current AP address */
1252 build_wpa_mib(priv);
1254 case ISR_GENERIC_IRQ:
1255 printk(KERN_INFO "%s: Generic_irq received.\n", dev->name);
1261 static struct iw_statistics *atmel_get_wireless_stats(struct net_device *dev)
1263 struct atmel_private *priv = netdev_priv(dev);
1265 /* update the link quality here in case we are seeing no beacons
1266 at all to drive the process */
1267 atmel_smooth_qual(priv);
1269 priv->wstats.status = priv->station_state;
1271 if (priv->operating_mode == IW_MODE_INFRA) {
1272 if (priv->station_state != STATION_STATE_READY) {
1273 priv->wstats.qual.qual = 0;
1274 priv->wstats.qual.level = 0;
1275 priv->wstats.qual.updated = (IW_QUAL_QUAL_INVALID
1276 | IW_QUAL_LEVEL_INVALID);
1278 priv->wstats.qual.noise = 0;
1279 priv->wstats.qual.updated |= IW_QUAL_NOISE_INVALID;
1281 /* Quality levels cannot be determined in ad-hoc mode,
1282 because we can 'hear' more that one remote station. */
1283 priv->wstats.qual.qual = 0;
1284 priv->wstats.qual.level = 0;
1285 priv->wstats.qual.noise = 0;
1286 priv->wstats.qual.updated = IW_QUAL_QUAL_INVALID
1287 | IW_QUAL_LEVEL_INVALID
1288 | IW_QUAL_NOISE_INVALID;
1289 priv->wstats.miss.beacon = 0;
1292 return &priv->wstats;
1295 static int atmel_set_mac_address(struct net_device *dev, void *p)
1297 struct sockaddr *addr = p;
1299 eth_hw_addr_set(dev, addr->sa_data);
1300 return atmel_open(dev);
1303 EXPORT_SYMBOL(atmel_open);
1305 int atmel_open(struct net_device *dev)
1307 struct atmel_private *priv = netdev_priv(dev);
1308 int i, channel, err;
1310 /* any scheduled timer is no longer needed and might screw things up.. */
1311 del_timer_sync(&priv->management_timer);
1313 /* Interrupts will not touch the card once in this state... */
1314 priv->station_state = STATION_STATE_DOWN;
1316 if (priv->new_SSID_size) {
1317 memcpy(priv->SSID, priv->new_SSID, priv->new_SSID_size);
1318 priv->SSID_size = priv->new_SSID_size;
1319 priv->new_SSID_size = 0;
1321 priv->BSS_list_entries = 0;
1323 priv->AuthenticationRequestRetryCnt = 0;
1324 priv->AssociationRequestRetryCnt = 0;
1325 priv->ReAssociationRequestRetryCnt = 0;
1326 priv->CurrentAuthentTransactionSeqNum = 0x0001;
1327 priv->ExpectedAuthentTransactionSeqNum = 0x0002;
1329 priv->site_survey_state = SITE_SURVEY_IDLE;
1330 priv->station_is_associated = 0;
1332 err = reset_atmel_card(dev);
1336 if (priv->config_reg_domain) {
1337 priv->reg_domain = priv->config_reg_domain;
1338 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS, priv->reg_domain);
1340 priv->reg_domain = atmel_get_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS);
1341 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1342 if (priv->reg_domain == channel_table[i].reg_domain)
1344 if (i == ARRAY_SIZE(channel_table)) {
1345 priv->reg_domain = REG_DOMAIN_MKK1;
1346 printk(KERN_ALERT "%s: failed to get regulatory domain: assuming MKK1.\n", dev->name);
1350 if ((channel = atmel_validate_channel(priv, priv->channel)))
1351 priv->channel = channel;
1353 /* this moves station_state on.... */
1354 atmel_scan(priv, 1);
1356 atmel_set_gcr(priv->dev, GCR_ENINT); /* enable interrupts */
1360 static int atmel_close(struct net_device *dev)
1362 struct atmel_private *priv = netdev_priv(dev);
1364 /* Send event to userspace that we are disassociating */
1365 if (priv->station_state == STATION_STATE_READY) {
1366 union iwreq_data wrqu;
1368 wrqu.data.length = 0;
1369 wrqu.data.flags = 0;
1370 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1371 eth_zero_addr(wrqu.ap_addr.sa_data);
1372 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
1375 atmel_enter_state(priv, STATION_STATE_DOWN);
1377 if (priv->bus_type == BUS_TYPE_PCCARD)
1378 atmel_write16(dev, GCR, 0x0060);
1379 atmel_write16(dev, GCR, 0x0040);
1383 static int atmel_validate_channel(struct atmel_private *priv, int channel)
1385 /* check that channel is OK, if so return zero,
1386 else return suitable default channel */
1389 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1390 if (priv->reg_domain == channel_table[i].reg_domain) {
1391 if (channel >= channel_table[i].min &&
1392 channel <= channel_table[i].max)
1395 return channel_table[i].min;
1400 #ifdef CONFIG_PROC_FS
1401 static int atmel_proc_show(struct seq_file *m, void *v)
1403 struct atmel_private *priv = m->private;
1407 seq_printf(m, "Driver version:\t\t%d.%d\n", DRIVER_MAJOR, DRIVER_MINOR);
1409 if (priv->station_state != STATION_STATE_DOWN) {
1411 "Firmware version:\t%d.%d build %d\n"
1412 "Firmware location:\t",
1413 priv->host_info.major_version,
1414 priv->host_info.minor_version,
1415 priv->host_info.build_version);
1417 if (priv->card_type != CARD_TYPE_EEPROM)
1418 seq_puts(m, "on card\n");
1419 else if (priv->firmware)
1420 seq_printf(m, "%s loaded by host\n", priv->firmware_id);
1422 seq_printf(m, "%s loaded by hotplug\n", priv->firmware_id);
1424 switch (priv->card_type) {
1425 case CARD_TYPE_PARALLEL_FLASH:
1426 c = "Parallel flash";
1428 case CARD_TYPE_SPI_FLASH:
1431 case CARD_TYPE_EEPROM:
1439 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1440 if (priv->reg_domain == channel_table[i].reg_domain)
1441 r = channel_table[i].name;
1443 seq_printf(m, "MAC memory type:\t%s\n", c);
1444 seq_printf(m, "Regulatory domain:\t%s\n", r);
1445 seq_printf(m, "Host CRC checking:\t%s\n",
1446 priv->do_rx_crc ? "On" : "Off");
1447 seq_printf(m, "WPA-capable firmware:\t%s\n",
1448 priv->use_wpa ? "Yes" : "No");
1451 switch (priv->station_state) {
1452 case STATION_STATE_SCANNING:
1455 case STATION_STATE_JOINNING:
1458 case STATION_STATE_AUTHENTICATING:
1459 s = "Authenticating";
1461 case STATION_STATE_ASSOCIATING:
1464 case STATION_STATE_READY:
1467 case STATION_STATE_REASSOCIATING:
1468 s = "Reassociating";
1470 case STATION_STATE_MGMT_ERROR:
1471 s = "Management error";
1473 case STATION_STATE_DOWN:
1480 seq_printf(m, "Current state:\t\t%s\n", s);
1485 static const struct net_device_ops atmel_netdev_ops = {
1486 .ndo_open = atmel_open,
1487 .ndo_stop = atmel_close,
1488 .ndo_set_mac_address = atmel_set_mac_address,
1489 .ndo_start_xmit = start_tx,
1490 .ndo_do_ioctl = atmel_ioctl,
1491 .ndo_validate_addr = eth_validate_addr,
1494 struct net_device *init_atmel_card(unsigned short irq, unsigned long port,
1495 const AtmelFWType fw_type,
1496 struct device *sys_dev,
1497 int (*card_present)(void *), void *card)
1499 struct net_device *dev;
1500 struct atmel_private *priv;
1503 /* Create the network device object. */
1504 dev = alloc_etherdev(sizeof(*priv));
1508 if (dev_alloc_name(dev, dev->name) < 0) {
1509 printk(KERN_ERR "atmel: Couldn't get name!\n");
1513 priv = netdev_priv(dev);
1515 priv->sys_dev = sys_dev;
1516 priv->present_callback = card_present;
1518 priv->firmware = NULL;
1519 priv->firmware_type = fw_type;
1520 if (firmware) /* module parameter */
1521 strlcpy(priv->firmware_id, firmware, sizeof(priv->firmware_id));
1522 priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI;
1523 priv->station_state = STATION_STATE_DOWN;
1524 priv->do_rx_crc = 0;
1525 /* For PCMCIA cards, some chips need CRC, some don't
1526 so we have to probe. */
1527 if (priv->bus_type == BUS_TYPE_PCCARD) {
1528 priv->probe_crc = 1;
1529 priv->crc_ok_cnt = priv->crc_ko_cnt = 0;
1531 priv->probe_crc = 0;
1532 priv->last_qual = jiffies;
1533 priv->last_beacon_timestamp = 0;
1534 memset(priv->frag_source, 0xff, sizeof(priv->frag_source));
1535 eth_zero_addr(priv->BSSID);
1536 priv->CurrentBSSID[0] = 0xFF; /* Initialize to something invalid.... */
1537 priv->station_was_associated = 0;
1539 priv->last_survey = jiffies;
1540 priv->preamble = LONG_PREAMBLE;
1541 priv->operating_mode = IW_MODE_INFRA;
1542 priv->connect_to_any_BSS = 0;
1543 priv->config_reg_domain = 0;
1544 priv->reg_domain = 0;
1546 priv->auto_tx_rate = 1;
1548 priv->power_mode = 0;
1549 priv->SSID[0] = '\0';
1550 priv->SSID_size = 0;
1551 priv->new_SSID_size = 0;
1552 priv->frag_threshold = 2346;
1553 priv->rts_threshold = 2347;
1554 priv->short_retry = 7;
1555 priv->long_retry = 4;
1557 priv->wep_is_on = 0;
1558 priv->default_key = 0;
1559 priv->encryption_level = 0;
1560 priv->exclude_unencrypted = 0;
1561 priv->group_cipher_suite = priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1563 memset(priv->wep_keys, 0, sizeof(priv->wep_keys));
1564 memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len));
1566 priv->default_beacon_period = priv->beacon_period = 100;
1567 priv->listen_interval = 1;
1569 timer_setup(&priv->management_timer, atmel_management_timer, 0);
1570 spin_lock_init(&priv->irqlock);
1571 spin_lock_init(&priv->timerlock);
1573 dev->netdev_ops = &atmel_netdev_ops;
1574 dev->wireless_handlers = &atmel_handler_def;
1576 dev->base_addr = port;
1578 /* MTU range: 68 - 2312 */
1580 dev->max_mtu = MAX_WIRELESS_BODY - ETH_FCS_LEN;
1582 SET_NETDEV_DEV(dev, sys_dev);
1584 if ((rc = request_irq(dev->irq, service_interrupt, IRQF_SHARED, dev->name, dev))) {
1585 printk(KERN_ERR "%s: register interrupt %d failed, rc %d\n", dev->name, irq, rc);
1589 if (!request_region(dev->base_addr, 32,
1590 priv->bus_type == BUS_TYPE_PCCARD ? "atmel_cs" : "atmel_pci")) {
1594 if (register_netdev(dev))
1597 if (!probe_atmel_card(dev)) {
1598 unregister_netdev(dev);
1602 netif_carrier_off(dev);
1604 if (!proc_create_single_data("driver/atmel", 0, NULL, atmel_proc_show,
1606 printk(KERN_WARNING "atmel: unable to create /proc entry.\n");
1608 printk(KERN_INFO "%s: Atmel at76c50x. Version %d.%d. MAC %pM\n",
1609 dev->name, DRIVER_MAJOR, DRIVER_MINOR, dev->dev_addr);
1614 release_region(dev->base_addr, 32);
1616 free_irq(dev->irq, dev);
1622 EXPORT_SYMBOL(init_atmel_card);
1624 void stop_atmel_card(struct net_device *dev)
1626 struct atmel_private *priv = netdev_priv(dev);
1628 /* put a brick on it... */
1629 if (priv->bus_type == BUS_TYPE_PCCARD)
1630 atmel_write16(dev, GCR, 0x0060);
1631 atmel_write16(dev, GCR, 0x0040);
1633 del_timer_sync(&priv->management_timer);
1634 unregister_netdev(dev);
1635 remove_proc_entry("driver/atmel", NULL);
1636 free_irq(dev->irq, dev);
1637 kfree(priv->firmware);
1638 release_region(dev->base_addr, 32);
1642 EXPORT_SYMBOL(stop_atmel_card);
1644 static int atmel_set_essid(struct net_device *dev,
1645 struct iw_request_info *info,
1646 struct iw_point *dwrq,
1649 struct atmel_private *priv = netdev_priv(dev);
1651 /* Check if we asked for `any' */
1652 if (dwrq->flags == 0) {
1653 priv->connect_to_any_BSS = 1;
1655 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1657 priv->connect_to_any_BSS = 0;
1659 /* Check the size of the string */
1660 if (dwrq->length > MAX_SSID_LENGTH)
1665 memcpy(priv->new_SSID, extra, dwrq->length);
1666 priv->new_SSID_size = dwrq->length;
1669 return -EINPROGRESS;
1672 static int atmel_get_essid(struct net_device *dev,
1673 struct iw_request_info *info,
1674 struct iw_point *dwrq,
1677 struct atmel_private *priv = netdev_priv(dev);
1679 /* Get the current SSID */
1680 if (priv->new_SSID_size != 0) {
1681 memcpy(extra, priv->new_SSID, priv->new_SSID_size);
1682 dwrq->length = priv->new_SSID_size;
1684 memcpy(extra, priv->SSID, priv->SSID_size);
1685 dwrq->length = priv->SSID_size;
1688 dwrq->flags = !priv->connect_to_any_BSS; /* active */
1693 static int atmel_get_wap(struct net_device *dev,
1694 struct iw_request_info *info,
1695 struct sockaddr *awrq,
1698 struct atmel_private *priv = netdev_priv(dev);
1699 memcpy(awrq->sa_data, priv->CurrentBSSID, ETH_ALEN);
1700 awrq->sa_family = ARPHRD_ETHER;
1705 static int atmel_set_encode(struct net_device *dev,
1706 struct iw_request_info *info,
1707 struct iw_point *dwrq,
1710 struct atmel_private *priv = netdev_priv(dev);
1712 /* Basic checking: do we have a key to set ?
1713 * Note : with the new API, it's impossible to get a NULL pointer.
1714 * Therefore, we need to check a key size == 0 instead.
1715 * New version of iwconfig properly set the IW_ENCODE_NOKEY flag
1716 * when no key is present (only change flags), but older versions
1717 * don't do it. - Jean II */
1718 if (dwrq->length > 0) {
1719 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1720 int current_index = priv->default_key;
1721 /* Check the size of the key */
1722 if (dwrq->length > 13) {
1725 /* Check the index (none -> use current) */
1726 if (index < 0 || index >= 4)
1727 index = current_index;
1729 priv->default_key = index;
1730 /* Set the length */
1731 if (dwrq->length > 5)
1732 priv->wep_key_len[index] = 13;
1734 if (dwrq->length > 0)
1735 priv->wep_key_len[index] = 5;
1737 /* Disable the key */
1738 priv->wep_key_len[index] = 0;
1739 /* Check if the key is not marked as invalid */
1740 if (!(dwrq->flags & IW_ENCODE_NOKEY)) {
1742 memset(priv->wep_keys[index], 0, 13);
1743 /* Copy the key in the driver */
1744 memcpy(priv->wep_keys[index], extra, dwrq->length);
1746 /* WE specify that if a valid key is set, encryption
1747 * should be enabled (user may turn it off later)
1748 * This is also how "iwconfig ethX key on" works */
1749 if (index == current_index &&
1750 priv->wep_key_len[index] > 0) {
1751 priv->wep_is_on = 1;
1752 priv->exclude_unencrypted = 1;
1753 if (priv->wep_key_len[index] > 5) {
1754 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1755 priv->encryption_level = 2;
1757 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1758 priv->encryption_level = 1;
1762 /* Do we want to just set the transmit key index ? */
1763 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1764 if (index >= 0 && index < 4) {
1765 priv->default_key = index;
1767 /* Don't complain if only change the mode */
1768 if (!(dwrq->flags & IW_ENCODE_MODE))
1771 /* Read the flags */
1772 if (dwrq->flags & IW_ENCODE_DISABLED) {
1773 priv->wep_is_on = 0;
1774 priv->encryption_level = 0;
1775 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1777 priv->wep_is_on = 1;
1778 if (priv->wep_key_len[priv->default_key] > 5) {
1779 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1780 priv->encryption_level = 2;
1782 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1783 priv->encryption_level = 1;
1786 if (dwrq->flags & IW_ENCODE_RESTRICTED)
1787 priv->exclude_unencrypted = 1;
1788 if (dwrq->flags & IW_ENCODE_OPEN)
1789 priv->exclude_unencrypted = 0;
1791 return -EINPROGRESS; /* Call commit handler */
1794 static int atmel_get_encode(struct net_device *dev,
1795 struct iw_request_info *info,
1796 struct iw_point *dwrq,
1799 struct atmel_private *priv = netdev_priv(dev);
1800 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1802 if (!priv->wep_is_on)
1803 dwrq->flags = IW_ENCODE_DISABLED;
1805 if (priv->exclude_unencrypted)
1806 dwrq->flags = IW_ENCODE_RESTRICTED;
1808 dwrq->flags = IW_ENCODE_OPEN;
1810 /* Which key do we want ? -1 -> tx index */
1811 if (index < 0 || index >= 4)
1812 index = priv->default_key;
1813 dwrq->flags |= index + 1;
1814 /* Copy the key to the user buffer */
1815 dwrq->length = priv->wep_key_len[index];
1816 if (dwrq->length > 16) {
1819 memset(extra, 0, 16);
1820 memcpy(extra, priv->wep_keys[index], dwrq->length);
1826 static int atmel_set_encodeext(struct net_device *dev,
1827 struct iw_request_info *info,
1828 union iwreq_data *wrqu,
1831 struct atmel_private *priv = netdev_priv(dev);
1832 struct iw_point *encoding = &wrqu->encoding;
1833 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1834 int idx, key_len, alg = ext->alg, set_key = 1;
1836 /* Determine and validate the key index */
1837 idx = encoding->flags & IW_ENCODE_INDEX;
1839 if (idx < 1 || idx > 4)
1843 idx = priv->default_key;
1845 if (encoding->flags & IW_ENCODE_DISABLED)
1846 alg = IW_ENCODE_ALG_NONE;
1848 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
1849 priv->default_key = idx;
1850 set_key = ext->key_len > 0 ? 1 : 0;
1854 /* Set the requested key first */
1856 case IW_ENCODE_ALG_NONE:
1857 priv->wep_is_on = 0;
1858 priv->encryption_level = 0;
1859 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1861 case IW_ENCODE_ALG_WEP:
1862 if (ext->key_len > 5) {
1863 priv->wep_key_len[idx] = 13;
1864 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1865 priv->encryption_level = 2;
1866 } else if (ext->key_len > 0) {
1867 priv->wep_key_len[idx] = 5;
1868 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1869 priv->encryption_level = 1;
1873 priv->wep_is_on = 1;
1874 memset(priv->wep_keys[idx], 0, 13);
1875 key_len = min ((int)ext->key_len, priv->wep_key_len[idx]);
1876 memcpy(priv->wep_keys[idx], ext->key, key_len);
1883 return -EINPROGRESS;
1886 static int atmel_get_encodeext(struct net_device *dev,
1887 struct iw_request_info *info,
1888 union iwreq_data *wrqu,
1891 struct atmel_private *priv = netdev_priv(dev);
1892 struct iw_point *encoding = &wrqu->encoding;
1893 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1894 int idx, max_key_len;
1896 max_key_len = encoding->length - sizeof(*ext);
1897 if (max_key_len < 0)
1900 idx = encoding->flags & IW_ENCODE_INDEX;
1902 if (idx < 1 || idx > 4)
1906 idx = priv->default_key;
1908 encoding->flags = idx + 1;
1909 memset(ext, 0, sizeof(*ext));
1911 if (!priv->wep_is_on) {
1912 ext->alg = IW_ENCODE_ALG_NONE;
1914 encoding->flags |= IW_ENCODE_DISABLED;
1916 if (priv->encryption_level > 0)
1917 ext->alg = IW_ENCODE_ALG_WEP;
1921 ext->key_len = priv->wep_key_len[idx];
1922 memcpy(ext->key, priv->wep_keys[idx], ext->key_len);
1923 encoding->flags |= IW_ENCODE_ENABLED;
1929 static int atmel_set_auth(struct net_device *dev,
1930 struct iw_request_info *info,
1931 union iwreq_data *wrqu, char *extra)
1933 struct atmel_private *priv = netdev_priv(dev);
1934 struct iw_param *param = &wrqu->param;
1936 switch (param->flags & IW_AUTH_INDEX) {
1937 case IW_AUTH_WPA_VERSION:
1938 case IW_AUTH_CIPHER_PAIRWISE:
1939 case IW_AUTH_CIPHER_GROUP:
1940 case IW_AUTH_KEY_MGMT:
1941 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1942 case IW_AUTH_PRIVACY_INVOKED:
1944 * atmel does not use these parameters
1948 case IW_AUTH_DROP_UNENCRYPTED:
1949 priv->exclude_unencrypted = param->value ? 1 : 0;
1952 case IW_AUTH_80211_AUTH_ALG: {
1953 if (param->value & IW_AUTH_ALG_SHARED_KEY) {
1954 priv->exclude_unencrypted = 1;
1955 } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) {
1956 priv->exclude_unencrypted = 0;
1962 case IW_AUTH_WPA_ENABLED:
1963 /* Silently accept disable of WPA */
1964 if (param->value > 0)
1971 return -EINPROGRESS;
1974 static int atmel_get_auth(struct net_device *dev,
1975 struct iw_request_info *info,
1976 union iwreq_data *wrqu, char *extra)
1978 struct atmel_private *priv = netdev_priv(dev);
1979 struct iw_param *param = &wrqu->param;
1981 switch (param->flags & IW_AUTH_INDEX) {
1982 case IW_AUTH_DROP_UNENCRYPTED:
1983 param->value = priv->exclude_unencrypted;
1986 case IW_AUTH_80211_AUTH_ALG:
1987 if (priv->exclude_unencrypted == 1)
1988 param->value = IW_AUTH_ALG_SHARED_KEY;
1990 param->value = IW_AUTH_ALG_OPEN_SYSTEM;
1993 case IW_AUTH_WPA_ENABLED:
2004 static int atmel_get_name(struct net_device *dev,
2005 struct iw_request_info *info,
2009 strcpy(cwrq, "IEEE 802.11-DS");
2013 static int atmel_set_rate(struct net_device *dev,
2014 struct iw_request_info *info,
2015 struct iw_param *vwrq,
2018 struct atmel_private *priv = netdev_priv(dev);
2020 if (vwrq->fixed == 0) {
2022 priv->auto_tx_rate = 1;
2024 priv->auto_tx_rate = 0;
2026 /* Which type of value ? */
2027 if ((vwrq->value < 4) && (vwrq->value >= 0)) {
2028 /* Setting by rate index */
2029 priv->tx_rate = vwrq->value;
2031 /* Setting by frequency value */
2032 switch (vwrq->value) {
2051 return -EINPROGRESS;
2054 static int atmel_set_mode(struct net_device *dev,
2055 struct iw_request_info *info,
2059 struct atmel_private *priv = netdev_priv(dev);
2061 if (*uwrq != IW_MODE_ADHOC && *uwrq != IW_MODE_INFRA)
2064 priv->operating_mode = *uwrq;
2065 return -EINPROGRESS;
2068 static int atmel_get_mode(struct net_device *dev,
2069 struct iw_request_info *info,
2073 struct atmel_private *priv = netdev_priv(dev);
2075 *uwrq = priv->operating_mode;
2079 static int atmel_get_rate(struct net_device *dev,
2080 struct iw_request_info *info,
2081 struct iw_param *vwrq,
2084 struct atmel_private *priv = netdev_priv(dev);
2086 if (priv->auto_tx_rate) {
2088 vwrq->value = 11000000;
2091 switch (priv->tx_rate) {
2093 vwrq->value = 1000000;
2096 vwrq->value = 2000000;
2099 vwrq->value = 5500000;
2102 vwrq->value = 11000000;
2109 static int atmel_set_power(struct net_device *dev,
2110 struct iw_request_info *info,
2111 struct iw_param *vwrq,
2114 struct atmel_private *priv = netdev_priv(dev);
2115 priv->power_mode = vwrq->disabled ? 0 : 1;
2116 return -EINPROGRESS;
2119 static int atmel_get_power(struct net_device *dev,
2120 struct iw_request_info *info,
2121 struct iw_param *vwrq,
2124 struct atmel_private *priv = netdev_priv(dev);
2125 vwrq->disabled = priv->power_mode ? 0 : 1;
2126 vwrq->flags = IW_POWER_ON;
2130 static int atmel_set_retry(struct net_device *dev,
2131 struct iw_request_info *info,
2132 struct iw_param *vwrq,
2135 struct atmel_private *priv = netdev_priv(dev);
2137 if (!vwrq->disabled && (vwrq->flags & IW_RETRY_LIMIT)) {
2138 if (vwrq->flags & IW_RETRY_LONG)
2139 priv->long_retry = vwrq->value;
2140 else if (vwrq->flags & IW_RETRY_SHORT)
2141 priv->short_retry = vwrq->value;
2143 /* No modifier : set both */
2144 priv->long_retry = vwrq->value;
2145 priv->short_retry = vwrq->value;
2147 return -EINPROGRESS;
2153 static int atmel_get_retry(struct net_device *dev,
2154 struct iw_request_info *info,
2155 struct iw_param *vwrq,
2158 struct atmel_private *priv = netdev_priv(dev);
2160 vwrq->disabled = 0; /* Can't be disabled */
2162 /* Note : by default, display the short retry number */
2163 if (vwrq->flags & IW_RETRY_LONG) {
2164 vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
2165 vwrq->value = priv->long_retry;
2167 vwrq->flags = IW_RETRY_LIMIT;
2168 vwrq->value = priv->short_retry;
2169 if (priv->long_retry != priv->short_retry)
2170 vwrq->flags |= IW_RETRY_SHORT;
2176 static int atmel_set_rts(struct net_device *dev,
2177 struct iw_request_info *info,
2178 struct iw_param *vwrq,
2181 struct atmel_private *priv = netdev_priv(dev);
2182 int rthr = vwrq->value;
2186 if ((rthr < 0) || (rthr > 2347)) {
2189 priv->rts_threshold = rthr;
2191 return -EINPROGRESS; /* Call commit handler */
2194 static int atmel_get_rts(struct net_device *dev,
2195 struct iw_request_info *info,
2196 struct iw_param *vwrq,
2199 struct atmel_private *priv = netdev_priv(dev);
2201 vwrq->value = priv->rts_threshold;
2202 vwrq->disabled = (vwrq->value >= 2347);
2208 static int atmel_set_frag(struct net_device *dev,
2209 struct iw_request_info *info,
2210 struct iw_param *vwrq,
2213 struct atmel_private *priv = netdev_priv(dev);
2214 int fthr = vwrq->value;
2218 if ((fthr < 256) || (fthr > 2346)) {
2221 fthr &= ~0x1; /* Get an even value - is it really needed ??? */
2222 priv->frag_threshold = fthr;
2224 return -EINPROGRESS; /* Call commit handler */
2227 static int atmel_get_frag(struct net_device *dev,
2228 struct iw_request_info *info,
2229 struct iw_param *vwrq,
2232 struct atmel_private *priv = netdev_priv(dev);
2234 vwrq->value = priv->frag_threshold;
2235 vwrq->disabled = (vwrq->value >= 2346);
2241 static int atmel_set_freq(struct net_device *dev,
2242 struct iw_request_info *info,
2243 struct iw_freq *fwrq,
2246 struct atmel_private *priv = netdev_priv(dev);
2247 int rc = -EINPROGRESS; /* Call commit handler */
2249 /* If setting by frequency, convert to a channel */
2251 int f = fwrq->m / 100000;
2253 /* Hack to fall through... */
2255 fwrq->m = ieee80211_frequency_to_channel(f);
2257 /* Setting by channel number */
2258 if (fwrq->m < 0 || fwrq->m > 1000 || fwrq->e > 0)
2261 int channel = fwrq->m;
2262 if (atmel_validate_channel(priv, channel) == 0) {
2263 priv->channel = channel;
2271 static int atmel_get_freq(struct net_device *dev,
2272 struct iw_request_info *info,
2273 struct iw_freq *fwrq,
2276 struct atmel_private *priv = netdev_priv(dev);
2278 fwrq->m = priv->channel;
2283 static int atmel_set_scan(struct net_device *dev,
2284 struct iw_request_info *info,
2285 struct iw_point *dwrq,
2288 struct atmel_private *priv = netdev_priv(dev);
2289 unsigned long flags;
2291 /* Note : you may have realised that, as this is a SET operation,
2292 * this is privileged and therefore a normal user can't
2294 * This is not an error, while the device perform scanning,
2295 * traffic doesn't flow, so it's a perfect DoS...
2298 if (priv->station_state == STATION_STATE_DOWN)
2301 /* Timeout old surveys. */
2302 if (time_after(jiffies, priv->last_survey + 20 * HZ))
2303 priv->site_survey_state = SITE_SURVEY_IDLE;
2304 priv->last_survey = jiffies;
2306 /* Initiate a scan command */
2307 if (priv->site_survey_state == SITE_SURVEY_IN_PROGRESS)
2310 del_timer_sync(&priv->management_timer);
2311 spin_lock_irqsave(&priv->irqlock, flags);
2313 priv->site_survey_state = SITE_SURVEY_IN_PROGRESS;
2314 priv->fast_scan = 0;
2315 atmel_scan(priv, 0);
2316 spin_unlock_irqrestore(&priv->irqlock, flags);
2321 static int atmel_get_scan(struct net_device *dev,
2322 struct iw_request_info *info,
2323 struct iw_point *dwrq,
2326 struct atmel_private *priv = netdev_priv(dev);
2328 char *current_ev = extra;
2329 struct iw_event iwe;
2331 if (priv->site_survey_state != SITE_SURVEY_COMPLETED)
2334 for (i = 0; i < priv->BSS_list_entries; i++) {
2335 iwe.cmd = SIOCGIWAP;
2336 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2337 memcpy(iwe.u.ap_addr.sa_data, priv->BSSinfo[i].BSSID, ETH_ALEN);
2338 current_ev = iwe_stream_add_event(info, current_ev,
2339 extra + IW_SCAN_MAX_DATA,
2340 &iwe, IW_EV_ADDR_LEN);
2342 iwe.u.data.length = priv->BSSinfo[i].SSIDsize;
2343 if (iwe.u.data.length > 32)
2344 iwe.u.data.length = 32;
2345 iwe.cmd = SIOCGIWESSID;
2346 iwe.u.data.flags = 1;
2347 current_ev = iwe_stream_add_point(info, current_ev,
2348 extra + IW_SCAN_MAX_DATA,
2349 &iwe, priv->BSSinfo[i].SSID);
2351 iwe.cmd = SIOCGIWMODE;
2352 iwe.u.mode = priv->BSSinfo[i].BSStype;
2353 current_ev = iwe_stream_add_event(info, current_ev,
2354 extra + IW_SCAN_MAX_DATA,
2355 &iwe, IW_EV_UINT_LEN);
2357 iwe.cmd = SIOCGIWFREQ;
2358 iwe.u.freq.m = priv->BSSinfo[i].channel;
2360 current_ev = iwe_stream_add_event(info, current_ev,
2361 extra + IW_SCAN_MAX_DATA,
2362 &iwe, IW_EV_FREQ_LEN);
2364 /* Add quality statistics */
2366 iwe.u.qual.level = priv->BSSinfo[i].RSSI;
2367 iwe.u.qual.qual = iwe.u.qual.level;
2368 /* iwe.u.qual.noise = SOMETHING */
2369 current_ev = iwe_stream_add_event(info, current_ev,
2370 extra + IW_SCAN_MAX_DATA,
2371 &iwe, IW_EV_QUAL_LEN);
2374 iwe.cmd = SIOCGIWENCODE;
2375 if (priv->BSSinfo[i].UsingWEP)
2376 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2378 iwe.u.data.flags = IW_ENCODE_DISABLED;
2379 iwe.u.data.length = 0;
2380 current_ev = iwe_stream_add_point(info, current_ev,
2381 extra + IW_SCAN_MAX_DATA,
2385 /* Length of data */
2386 dwrq->length = (current_ev - extra);
2392 static int atmel_get_range(struct net_device *dev,
2393 struct iw_request_info *info,
2394 struct iw_point *dwrq,
2397 struct atmel_private *priv = netdev_priv(dev);
2398 struct iw_range *range = (struct iw_range *) extra;
2401 dwrq->length = sizeof(struct iw_range);
2402 memset(range, 0, sizeof(struct iw_range));
2403 range->min_nwid = 0x0000;
2404 range->max_nwid = 0x0000;
2405 range->num_channels = 0;
2406 for (j = 0; j < ARRAY_SIZE(channel_table); j++)
2407 if (priv->reg_domain == channel_table[j].reg_domain) {
2408 range->num_channels = channel_table[j].max - channel_table[j].min + 1;
2411 if (range->num_channels != 0) {
2412 for (k = 0, i = channel_table[j].min; i <= channel_table[j].max; i++) {
2413 range->freq[k].i = i; /* List index */
2415 /* Values in MHz -> * 10^5 * 10 */
2416 range->freq[k].m = 100000 *
2417 ieee80211_channel_to_frequency(i, NL80211_BAND_2GHZ);
2418 range->freq[k++].e = 1;
2420 range->num_frequency = k;
2423 range->max_qual.qual = 100;
2424 range->max_qual.level = 100;
2425 range->max_qual.noise = 0;
2426 range->max_qual.updated = IW_QUAL_NOISE_INVALID;
2428 range->avg_qual.qual = 50;
2429 range->avg_qual.level = 50;
2430 range->avg_qual.noise = 0;
2431 range->avg_qual.updated = IW_QUAL_NOISE_INVALID;
2433 range->sensitivity = 0;
2435 range->bitrate[0] = 1000000;
2436 range->bitrate[1] = 2000000;
2437 range->bitrate[2] = 5500000;
2438 range->bitrate[3] = 11000000;
2439 range->num_bitrates = 4;
2442 range->max_rts = 2347;
2443 range->min_frag = 256;
2444 range->max_frag = 2346;
2446 range->encoding_size[0] = 5;
2447 range->encoding_size[1] = 13;
2448 range->num_encoding_sizes = 2;
2449 range->max_encoding_tokens = 4;
2451 range->pmp_flags = IW_POWER_ON;
2452 range->pmt_flags = IW_POWER_ON;
2455 range->we_version_source = WIRELESS_EXT;
2456 range->we_version_compiled = WIRELESS_EXT;
2457 range->retry_capa = IW_RETRY_LIMIT ;
2458 range->retry_flags = IW_RETRY_LIMIT;
2459 range->r_time_flags = 0;
2460 range->min_retry = 1;
2461 range->max_retry = 65535;
2466 static int atmel_set_wap(struct net_device *dev,
2467 struct iw_request_info *info,
2468 struct sockaddr *awrq,
2471 struct atmel_private *priv = netdev_priv(dev);
2473 static const u8 any[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
2474 static const u8 off[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
2475 unsigned long flags;
2477 if (awrq->sa_family != ARPHRD_ETHER)
2480 if (!memcmp(any, awrq->sa_data, 6) ||
2481 !memcmp(off, awrq->sa_data, 6)) {
2482 del_timer_sync(&priv->management_timer);
2483 spin_lock_irqsave(&priv->irqlock, flags);
2484 atmel_scan(priv, 1);
2485 spin_unlock_irqrestore(&priv->irqlock, flags);
2489 for (i = 0; i < priv->BSS_list_entries; i++) {
2490 if (memcmp(priv->BSSinfo[i].BSSID, awrq->sa_data, 6) == 0) {
2491 if (!priv->wep_is_on && priv->BSSinfo[i].UsingWEP) {
2493 } else if (priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) {
2496 del_timer_sync(&priv->management_timer);
2497 spin_lock_irqsave(&priv->irqlock, flags);
2498 atmel_join_bss(priv, i);
2499 spin_unlock_irqrestore(&priv->irqlock, flags);
2508 static int atmel_config_commit(struct net_device *dev,
2509 struct iw_request_info *info, /* NULL */
2510 void *zwrq, /* NULL */
2511 char *extra) /* NULL */
2513 return atmel_open(dev);
2516 static const iw_handler atmel_handler[] =
2518 (iw_handler) atmel_config_commit, /* SIOCSIWCOMMIT */
2519 (iw_handler) atmel_get_name, /* SIOCGIWNAME */
2520 (iw_handler) NULL, /* SIOCSIWNWID */
2521 (iw_handler) NULL, /* SIOCGIWNWID */
2522 (iw_handler) atmel_set_freq, /* SIOCSIWFREQ */
2523 (iw_handler) atmel_get_freq, /* SIOCGIWFREQ */
2524 (iw_handler) atmel_set_mode, /* SIOCSIWMODE */
2525 (iw_handler) atmel_get_mode, /* SIOCGIWMODE */
2526 (iw_handler) NULL, /* SIOCSIWSENS */
2527 (iw_handler) NULL, /* SIOCGIWSENS */
2528 (iw_handler) NULL, /* SIOCSIWRANGE */
2529 (iw_handler) atmel_get_range, /* SIOCGIWRANGE */
2530 (iw_handler) NULL, /* SIOCSIWPRIV */
2531 (iw_handler) NULL, /* SIOCGIWPRIV */
2532 (iw_handler) NULL, /* SIOCSIWSTATS */
2533 (iw_handler) NULL, /* SIOCGIWSTATS */
2534 (iw_handler) NULL, /* SIOCSIWSPY */
2535 (iw_handler) NULL, /* SIOCGIWSPY */
2536 (iw_handler) NULL, /* -- hole -- */
2537 (iw_handler) NULL, /* -- hole -- */
2538 (iw_handler) atmel_set_wap, /* SIOCSIWAP */
2539 (iw_handler) atmel_get_wap, /* SIOCGIWAP */
2540 (iw_handler) NULL, /* -- hole -- */
2541 (iw_handler) NULL, /* SIOCGIWAPLIST */
2542 (iw_handler) atmel_set_scan, /* SIOCSIWSCAN */
2543 (iw_handler) atmel_get_scan, /* SIOCGIWSCAN */
2544 (iw_handler) atmel_set_essid, /* SIOCSIWESSID */
2545 (iw_handler) atmel_get_essid, /* SIOCGIWESSID */
2546 (iw_handler) NULL, /* SIOCSIWNICKN */
2547 (iw_handler) NULL, /* SIOCGIWNICKN */
2548 (iw_handler) NULL, /* -- hole -- */
2549 (iw_handler) NULL, /* -- hole -- */
2550 (iw_handler) atmel_set_rate, /* SIOCSIWRATE */
2551 (iw_handler) atmel_get_rate, /* SIOCGIWRATE */
2552 (iw_handler) atmel_set_rts, /* SIOCSIWRTS */
2553 (iw_handler) atmel_get_rts, /* SIOCGIWRTS */
2554 (iw_handler) atmel_set_frag, /* SIOCSIWFRAG */
2555 (iw_handler) atmel_get_frag, /* SIOCGIWFRAG */
2556 (iw_handler) NULL, /* SIOCSIWTXPOW */
2557 (iw_handler) NULL, /* SIOCGIWTXPOW */
2558 (iw_handler) atmel_set_retry, /* SIOCSIWRETRY */
2559 (iw_handler) atmel_get_retry, /* SIOCGIWRETRY */
2560 (iw_handler) atmel_set_encode, /* SIOCSIWENCODE */
2561 (iw_handler) atmel_get_encode, /* SIOCGIWENCODE */
2562 (iw_handler) atmel_set_power, /* SIOCSIWPOWER */
2563 (iw_handler) atmel_get_power, /* SIOCGIWPOWER */
2564 (iw_handler) NULL, /* -- hole -- */
2565 (iw_handler) NULL, /* -- hole -- */
2566 (iw_handler) NULL, /* SIOCSIWGENIE */
2567 (iw_handler) NULL, /* SIOCGIWGENIE */
2568 (iw_handler) atmel_set_auth, /* SIOCSIWAUTH */
2569 (iw_handler) atmel_get_auth, /* SIOCGIWAUTH */
2570 (iw_handler) atmel_set_encodeext, /* SIOCSIWENCODEEXT */
2571 (iw_handler) atmel_get_encodeext, /* SIOCGIWENCODEEXT */
2572 (iw_handler) NULL, /* SIOCSIWPMKSA */
2575 static const iw_handler atmel_private_handler[] =
2577 NULL, /* SIOCIWFIRSTPRIV */
2580 struct atmel_priv_ioctl {
2582 unsigned char __user *data;
2586 #define ATMELFWL SIOCIWFIRSTPRIV
2587 #define ATMELIDIFC ATMELFWL + 1
2588 #define ATMELRD ATMELFWL + 2
2589 #define ATMELMAGIC 0x51807
2590 #define REGDOMAINSZ 20
2592 static const struct iw_priv_args atmel_private_args[] = {
2595 .set_args = IW_PRIV_TYPE_BYTE
2596 | IW_PRIV_SIZE_FIXED
2597 | sizeof(struct atmel_priv_ioctl),
2598 .get_args = IW_PRIV_TYPE_NONE,
2602 .set_args = IW_PRIV_TYPE_NONE,
2603 .get_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
2604 .name = "atmelidifc"
2607 .set_args = IW_PRIV_TYPE_CHAR | REGDOMAINSZ,
2608 .get_args = IW_PRIV_TYPE_NONE,
2613 static const struct iw_handler_def atmel_handler_def = {
2614 .num_standard = ARRAY_SIZE(atmel_handler),
2615 .num_private = ARRAY_SIZE(atmel_private_handler),
2616 .num_private_args = ARRAY_SIZE(atmel_private_args),
2617 .standard = (iw_handler *) atmel_handler,
2618 .private = (iw_handler *) atmel_private_handler,
2619 .private_args = (struct iw_priv_args *) atmel_private_args,
2620 .get_wireless_stats = atmel_get_wireless_stats
2623 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
2626 struct atmel_private *priv = netdev_priv(dev);
2627 struct atmel_priv_ioctl com;
2628 struct iwreq *wrq = (struct iwreq *) rq;
2629 unsigned char *new_firmware;
2630 char domain[REGDOMAINSZ + 1];
2634 wrq->u.param.value = ATMELMAGIC;
2638 if (copy_from_user(&com, rq->ifr_data, sizeof(com))) {
2643 if (!capable(CAP_NET_ADMIN)) {
2648 new_firmware = memdup_user(com.data, com.len);
2649 if (IS_ERR(new_firmware)) {
2650 rc = PTR_ERR(new_firmware);
2654 kfree(priv->firmware);
2656 priv->firmware = new_firmware;
2657 priv->firmware_length = com.len;
2658 strncpy(priv->firmware_id, com.id, 31);
2659 priv->firmware_id[31] = '\0';
2663 if (copy_from_user(domain, rq->ifr_data, REGDOMAINSZ)) {
2668 if (!capable(CAP_NET_ADMIN)) {
2673 domain[REGDOMAINSZ] = 0;
2675 for (i = 0; i < ARRAY_SIZE(channel_table); i++) {
2676 if (!strcasecmp(channel_table[i].name, domain)) {
2677 priv->config_reg_domain = channel_table[i].reg_domain;
2682 if (rc == 0 && priv->station_state != STATION_STATE_DOWN)
2683 rc = atmel_open(dev);
2702 static void atmel_enter_state(struct atmel_private *priv, int new_state)
2704 int old_state = priv->station_state;
2706 if (new_state == old_state)
2709 priv->station_state = new_state;
2711 if (new_state == STATION_STATE_READY) {
2712 netif_start_queue(priv->dev);
2713 netif_carrier_on(priv->dev);
2716 if (old_state == STATION_STATE_READY) {
2717 netif_carrier_off(priv->dev);
2718 if (netif_running(priv->dev))
2719 netif_stop_queue(priv->dev);
2720 priv->last_beacon_timestamp = 0;
2724 static void atmel_scan(struct atmel_private *priv, int specific_ssid)
2728 u8 SSID[MAX_SSID_LENGTH];
2732 __le16 min_channel_time;
2733 __le16 max_channel_time;
2738 eth_broadcast_addr(cmd.BSSID);
2740 if (priv->fast_scan) {
2741 cmd.SSID_size = priv->SSID_size;
2742 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2743 cmd.min_channel_time = cpu_to_le16(10);
2744 cmd.max_channel_time = cpu_to_le16(50);
2746 priv->BSS_list_entries = 0;
2748 cmd.min_channel_time = cpu_to_le16(10);
2749 cmd.max_channel_time = cpu_to_le16(120);
2755 cmd.options |= SCAN_OPTIONS_SITE_SURVEY;
2757 cmd.channel = (priv->channel & 0x7f);
2758 cmd.scan_type = SCAN_TYPE_ACTIVE;
2759 cmd.BSS_type = cpu_to_le16(priv->operating_mode == IW_MODE_ADHOC ?
2760 BSS_TYPE_AD_HOC : BSS_TYPE_INFRASTRUCTURE);
2762 atmel_send_command(priv, CMD_Scan, &cmd, sizeof(cmd));
2764 /* This must come after all hardware access to avoid being messed up
2765 by stuff happening in interrupt context after we leave STATE_DOWN */
2766 atmel_enter_state(priv, STATION_STATE_SCANNING);
2769 static void join(struct atmel_private *priv, int type)
2773 u8 SSID[MAX_SSID_LENGTH];
2774 u8 BSS_type; /* this is a short in a scan command - weird */
2781 cmd.SSID_size = priv->SSID_size;
2782 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2783 memcpy(cmd.BSSID, priv->CurrentBSSID, ETH_ALEN);
2784 cmd.channel = (priv->channel & 0x7f);
2785 cmd.BSS_type = type;
2786 cmd.timeout = cpu_to_le16(2000);
2788 atmel_send_command(priv, CMD_Join, &cmd, sizeof(cmd));
2791 static void start(struct atmel_private *priv, int type)
2795 u8 SSID[MAX_SSID_LENGTH];
2802 cmd.SSID_size = priv->SSID_size;
2803 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2804 memcpy(cmd.BSSID, priv->BSSID, ETH_ALEN);
2805 cmd.BSS_type = type;
2806 cmd.channel = (priv->channel & 0x7f);
2808 atmel_send_command(priv, CMD_Start, &cmd, sizeof(cmd));
2811 static void handle_beacon_probe(struct atmel_private *priv, u16 capability,
2815 int new = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ?
2816 SHORT_PREAMBLE : LONG_PREAMBLE;
2818 if (priv->preamble != new) {
2819 priv->preamble = new;
2821 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, new);
2824 if (priv->channel != channel) {
2825 priv->channel = channel;
2827 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_CHANNEL_POS, channel);
2831 priv->station_is_associated = 0;
2832 atmel_enter_state(priv, STATION_STATE_JOINNING);
2834 if (priv->operating_mode == IW_MODE_INFRA)
2835 join(priv, BSS_TYPE_INFRASTRUCTURE);
2837 join(priv, BSS_TYPE_AD_HOC);
2841 static void send_authentication_request(struct atmel_private *priv, u16 system,
2842 u8 *challenge, int challenge_len)
2844 struct ieee80211_hdr header;
2845 struct auth_body auth;
2847 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH);
2848 header.duration_id = cpu_to_le16(0x8000);
2849 header.seq_ctrl = 0;
2850 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN);
2851 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN);
2852 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN);
2854 if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1)
2855 /* no WEP for authentication frames with TrSeqNo 1 */
2856 header.frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
2858 auth.alg = cpu_to_le16(system);
2861 auth.trans_seq = cpu_to_le16(priv->CurrentAuthentTransactionSeqNum);
2862 priv->ExpectedAuthentTransactionSeqNum = priv->CurrentAuthentTransactionSeqNum+1;
2863 priv->CurrentAuthentTransactionSeqNum += 2;
2865 if (challenge_len != 0) {
2866 auth.el_id = 16; /* challenge_text */
2867 auth.chall_text_len = challenge_len;
2868 memcpy(auth.chall_text, challenge, challenge_len);
2869 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 8 + challenge_len);
2871 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 6);
2875 static void send_association_request(struct atmel_private *priv, int is_reassoc)
2879 struct ieee80211_hdr header;
2880 struct ass_req_format {
2882 __le16 listen_interval;
2883 u8 ap[ETH_ALEN]; /* nothing after here directly accessible */
2886 u8 ssid[MAX_SSID_LENGTH];
2892 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2893 (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ));
2894 header.duration_id = cpu_to_le16(0x8000);
2895 header.seq_ctrl = 0;
2897 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN);
2898 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN);
2899 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN);
2901 body.capability = cpu_to_le16(WLAN_CAPABILITY_ESS);
2902 if (priv->wep_is_on)
2903 body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY);
2904 if (priv->preamble == SHORT_PREAMBLE)
2905 body.capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE);
2907 body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period);
2909 /* current AP address - only in reassoc frame */
2911 memcpy(body.ap, priv->CurrentBSSID, ETH_ALEN);
2912 ssid_el_p = &body.ssid_el_id;
2913 bodysize = 18 + priv->SSID_size;
2915 ssid_el_p = &body.ap[0];
2916 bodysize = 12 + priv->SSID_size;
2919 ssid_el_p[0] = WLAN_EID_SSID;
2920 ssid_el_p[1] = priv->SSID_size;
2921 memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size);
2922 ssid_el_p[2 + priv->SSID_size] = WLAN_EID_SUPP_RATES;
2923 ssid_el_p[3 + priv->SSID_size] = 4; /* len of supported rates */
2924 memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4);
2926 atmel_transmit_management_frame(priv, &header, (void *)&body, bodysize);
2929 static int is_frame_from_current_bss(struct atmel_private *priv,
2930 struct ieee80211_hdr *header)
2932 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
2933 return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0;
2935 return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0;
2938 static int retrieve_bss(struct atmel_private *priv)
2941 int max_rssi = -128;
2944 if (priv->BSS_list_entries == 0)
2947 if (priv->connect_to_any_BSS) {
2948 /* Select a BSS with the max-RSSI but of the same type and of
2949 the same WEP mode and that it is not marked as 'bad' (i.e.
2950 we had previously failed to connect to this BSS with the
2951 settings that we currently use) */
2952 priv->current_BSS = 0;
2953 for (i = 0; i < priv->BSS_list_entries; i++) {
2954 if (priv->operating_mode == priv->BSSinfo[i].BSStype &&
2955 ((!priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) ||
2956 (priv->wep_is_on && priv->BSSinfo[i].UsingWEP)) &&
2957 !(priv->BSSinfo[i].channel & 0x80)) {
2958 max_rssi = priv->BSSinfo[i].RSSI;
2959 priv->current_BSS = max_index = i;
2965 for (i = 0; i < priv->BSS_list_entries; i++) {
2966 if (priv->SSID_size == priv->BSSinfo[i].SSIDsize &&
2967 memcmp(priv->SSID, priv->BSSinfo[i].SSID, priv->SSID_size) == 0 &&
2968 priv->operating_mode == priv->BSSinfo[i].BSStype &&
2969 atmel_validate_channel(priv, priv->BSSinfo[i].channel) == 0) {
2970 if (priv->BSSinfo[i].RSSI >= max_rssi) {
2971 max_rssi = priv->BSSinfo[i].RSSI;
2979 static void store_bss_info(struct atmel_private *priv,
2980 struct ieee80211_hdr *header, u16 capability,
2981 u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len,
2982 u8 *ssid, int is_beacon)
2984 u8 *bss = capability & WLAN_CAPABILITY_ESS ? header->addr2 : header->addr3;
2987 for (index = -1, i = 0; i < priv->BSS_list_entries; i++)
2988 if (memcmp(bss, priv->BSSinfo[i].BSSID, ETH_ALEN) == 0)
2991 /* If we process a probe and an entry from this BSS exists
2992 we will update the BSS entry with the info from this BSS.
2993 If we process a beacon we will only update RSSI */
2996 if (priv->BSS_list_entries == MAX_BSS_ENTRIES)
2998 index = priv->BSS_list_entries++;
2999 memcpy(priv->BSSinfo[index].BSSID, bss, ETH_ALEN);
3000 priv->BSSinfo[index].RSSI = rssi;
3002 if (rssi > priv->BSSinfo[index].RSSI)
3003 priv->BSSinfo[index].RSSI = rssi;
3008 priv->BSSinfo[index].channel = channel;
3009 priv->BSSinfo[index].beacon_period = beacon_period;
3010 priv->BSSinfo[index].UsingWEP = capability & WLAN_CAPABILITY_PRIVACY;
3011 memcpy(priv->BSSinfo[index].SSID, ssid, ssid_len);
3012 priv->BSSinfo[index].SSIDsize = ssid_len;
3014 if (capability & WLAN_CAPABILITY_IBSS)
3015 priv->BSSinfo[index].BSStype = IW_MODE_ADHOC;
3016 else if (capability & WLAN_CAPABILITY_ESS)
3017 priv->BSSinfo[index].BSStype = IW_MODE_INFRA;
3019 priv->BSSinfo[index].preamble = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ?
3020 SHORT_PREAMBLE : LONG_PREAMBLE;
3023 static void authenticate(struct atmel_private *priv, u16 frame_len)
3025 struct auth_body *auth = (struct auth_body *)priv->rx_buf;
3026 u16 status = le16_to_cpu(auth->status);
3027 u16 trans_seq_no = le16_to_cpu(auth->trans_seq);
3028 u16 system = le16_to_cpu(auth->alg);
3030 if (status == WLAN_STATUS_SUCCESS && !priv->wep_is_on) {
3032 if (priv->station_was_associated) {
3033 atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3034 send_association_request(priv, 1);
3037 atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3038 send_association_request(priv, 0);
3043 if (status == WLAN_STATUS_SUCCESS && priv->wep_is_on) {
3044 int should_associate = 0;
3046 if (trans_seq_no != priv->ExpectedAuthentTransactionSeqNum)
3049 if (system == WLAN_AUTH_OPEN) {
3050 if (trans_seq_no == 0x0002) {
3051 should_associate = 1;
3053 } else if (system == WLAN_AUTH_SHARED_KEY) {
3054 if (trans_seq_no == 0x0002 &&
3055 auth->el_id == WLAN_EID_CHALLENGE) {
3056 send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len);
3058 } else if (trans_seq_no == 0x0004) {
3059 should_associate = 1;
3063 if (should_associate) {
3064 if (priv->station_was_associated) {
3065 atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3066 send_association_request(priv, 1);
3069 atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3070 send_association_request(priv, 0);
3076 if (status == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
3077 /* Flip back and forth between WEP auth modes until the max
3078 * authentication tries has been exceeded.
3080 if (system == WLAN_AUTH_OPEN) {
3081 priv->CurrentAuthentTransactionSeqNum = 0x001;
3082 priv->exclude_unencrypted = 1;
3083 send_authentication_request(priv, WLAN_AUTH_SHARED_KEY, NULL, 0);
3085 } else if (system == WLAN_AUTH_SHARED_KEY
3086 && priv->wep_is_on) {
3087 priv->CurrentAuthentTransactionSeqNum = 0x001;
3088 priv->exclude_unencrypted = 0;
3089 send_authentication_request(priv, WLAN_AUTH_OPEN, NULL, 0);
3091 } else if (priv->connect_to_any_BSS) {
3094 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3096 if ((bss_index = retrieve_bss(priv)) != -1) {
3097 atmel_join_bss(priv, bss_index);
3103 priv->AuthenticationRequestRetryCnt = 0;
3104 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3105 priv->station_is_associated = 0;
3108 static void associate(struct atmel_private *priv, u16 frame_len, u16 subtype)
3110 struct ass_resp_format {
3117 } *ass_resp = (struct ass_resp_format *)priv->rx_buf;
3119 u16 status = le16_to_cpu(ass_resp->status);
3120 u16 ass_id = le16_to_cpu(ass_resp->ass_id);
3121 u16 rates_len = ass_resp->length > 4 ? 4 : ass_resp->length;
3123 union iwreq_data wrqu;
3125 if (frame_len < 8 + rates_len)
3128 if (status == WLAN_STATUS_SUCCESS) {
3129 if (subtype == IEEE80211_STYPE_ASSOC_RESP)
3130 priv->AssociationRequestRetryCnt = 0;
3132 priv->ReAssociationRequestRetryCnt = 0;
3134 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3135 MAC_MGMT_MIB_STATION_ID_POS, ass_id & 0x3fff);
3136 atmel_set_mib(priv, Phy_Mib_Type,
3137 PHY_MIB_RATE_SET_POS, ass_resp->rates, rates_len);
3138 if (priv->power_mode == 0) {
3139 priv->listen_interval = 1;
3140 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3141 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3142 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3143 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3145 priv->listen_interval = 2;
3146 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3147 MAC_MGMT_MIB_PS_MODE_POS, PS_MODE);
3148 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3149 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 2);
3152 priv->station_is_associated = 1;
3153 priv->station_was_associated = 1;
3154 atmel_enter_state(priv, STATION_STATE_READY);
3156 /* Send association event to userspace */
3157 wrqu.data.length = 0;
3158 wrqu.data.flags = 0;
3159 memcpy(wrqu.ap_addr.sa_data, priv->CurrentBSSID, ETH_ALEN);
3160 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
3161 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
3166 if (subtype == IEEE80211_STYPE_ASSOC_RESP &&
3167 status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3168 status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3169 priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3170 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3171 priv->AssociationRequestRetryCnt++;
3172 send_association_request(priv, 0);
3176 if (subtype == IEEE80211_STYPE_REASSOC_RESP &&
3177 status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3178 status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3179 priv->ReAssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3180 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3181 priv->ReAssociationRequestRetryCnt++;
3182 send_association_request(priv, 1);
3186 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3187 priv->station_is_associated = 0;
3189 if (priv->connect_to_any_BSS) {
3191 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3193 if ((bss_index = retrieve_bss(priv)) != -1)
3194 atmel_join_bss(priv, bss_index);
3198 static void atmel_join_bss(struct atmel_private *priv, int bss_index)
3200 struct bss_info *bss = &priv->BSSinfo[bss_index];
3202 memcpy(priv->CurrentBSSID, bss->BSSID, ETH_ALEN);
3203 memcpy(priv->SSID, bss->SSID, priv->SSID_size = bss->SSIDsize);
3205 /* The WPA stuff cares about the current AP address */
3207 build_wpa_mib(priv);
3209 /* When switching to AdHoc turn OFF Power Save if needed */
3211 if (bss->BSStype == IW_MODE_ADHOC &&
3212 priv->operating_mode != IW_MODE_ADHOC &&
3214 priv->power_mode = 0;
3215 priv->listen_interval = 1;
3216 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3217 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3218 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3219 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3222 priv->operating_mode = bss->BSStype;
3223 priv->channel = bss->channel & 0x7f;
3224 priv->beacon_period = bss->beacon_period;
3226 if (priv->preamble != bss->preamble) {
3227 priv->preamble = bss->preamble;
3228 atmel_set_mib8(priv, Local_Mib_Type,
3229 LOCAL_MIB_PREAMBLE_TYPE, bss->preamble);
3232 if (!priv->wep_is_on && bss->UsingWEP) {
3233 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3234 priv->station_is_associated = 0;
3238 if (priv->wep_is_on && !bss->UsingWEP) {
3239 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3240 priv->station_is_associated = 0;
3244 atmel_enter_state(priv, STATION_STATE_JOINNING);
3246 if (priv->operating_mode == IW_MODE_INFRA)
3247 join(priv, BSS_TYPE_INFRASTRUCTURE);
3249 join(priv, BSS_TYPE_AD_HOC);
3252 static void restart_search(struct atmel_private *priv)
3256 if (!priv->connect_to_any_BSS) {
3257 atmel_scan(priv, 1);
3259 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3261 if ((bss_index = retrieve_bss(priv)) != -1)
3262 atmel_join_bss(priv, bss_index);
3264 atmel_scan(priv, 0);
3268 static void smooth_rssi(struct atmel_private *priv, u8 rssi)
3270 u8 old = priv->wstats.qual.level;
3271 u8 max_rssi = 42; /* 502-rmfd-revd max by experiment, default for now */
3273 switch (priv->firmware_type) {
3274 case ATMEL_FW_TYPE_502E:
3275 max_rssi = 63; /* 502-rmfd-reve max by experiment */
3281 rssi = rssi * 100 / max_rssi;
3282 if ((rssi + old) % 2)
3283 priv->wstats.qual.level = (rssi + old) / 2 + 1;
3285 priv->wstats.qual.level = (rssi + old) / 2;
3286 priv->wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
3287 priv->wstats.qual.updated &= ~IW_QUAL_LEVEL_INVALID;
3290 static void atmel_smooth_qual(struct atmel_private *priv)
3292 unsigned long time_diff = (jiffies - priv->last_qual) / HZ;
3293 while (time_diff--) {
3294 priv->last_qual += HZ;
3295 priv->wstats.qual.qual = priv->wstats.qual.qual / 2;
3296 priv->wstats.qual.qual +=
3297 priv->beacons_this_sec * priv->beacon_period * (priv->wstats.qual.level + 100) / 4000;
3298 priv->beacons_this_sec = 0;
3300 priv->wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
3301 priv->wstats.qual.updated &= ~IW_QUAL_QUAL_INVALID;
3304 /* deals with incoming management frames. */
3305 static void atmel_management_frame(struct atmel_private *priv,
3306 struct ieee80211_hdr *header,
3307 u16 frame_len, u8 rssi)
3311 subtype = le16_to_cpu(header->frame_control) & IEEE80211_FCTL_STYPE;
3313 case IEEE80211_STYPE_BEACON:
3314 case IEEE80211_STYPE_PROBE_RESP:
3316 /* beacon frame has multiple variable-length fields -
3317 never let an engineer loose with a data structure design. */
3319 struct beacon_format {
3332 } *beacon = (struct beacon_format *)priv->rx_buf;
3334 u8 channel, rates_length, ssid_length;
3335 u64 timestamp = le64_to_cpu(beacon->timestamp);
3336 u16 beacon_interval = le16_to_cpu(beacon->interval);
3337 u16 capability = le16_to_cpu(beacon->capability);
3338 u8 *beaconp = priv->rx_buf;
3339 ssid_length = beacon->ssid_length;
3340 /* this blows chunks. */
3341 if (frame_len < 14 || frame_len < ssid_length + 15)
3343 rates_length = beaconp[beacon->ssid_length + 15];
3344 if (frame_len < ssid_length + rates_length + 18)
3346 if (ssid_length > MAX_SSID_LENGTH)
3348 channel = beaconp[ssid_length + rates_length + 18];
3350 if (priv->station_state == STATION_STATE_READY) {
3351 smooth_rssi(priv, rssi);
3352 if (is_frame_from_current_bss(priv, header)) {
3353 priv->beacons_this_sec++;
3354 atmel_smooth_qual(priv);
3355 if (priv->last_beacon_timestamp) {
3356 /* Note truncate this to 32 bits - kernel can't divide a long long */
3357 u32 beacon_delay = timestamp - priv->last_beacon_timestamp;
3358 int beacons = beacon_delay / (beacon_interval * 1000);
3360 priv->wstats.miss.beacon += beacons - 1;
3362 priv->last_beacon_timestamp = timestamp;
3363 handle_beacon_probe(priv, capability, channel);
3367 if (priv->station_state == STATION_STATE_SCANNING)
3368 store_bss_info(priv, header, capability,
3369 beacon_interval, channel, rssi,
3371 &beacon->rates_el_id,
3372 subtype == IEEE80211_STYPE_BEACON);
3376 case IEEE80211_STYPE_AUTH:
3378 if (priv->station_state == STATION_STATE_AUTHENTICATING)
3379 authenticate(priv, frame_len);
3383 case IEEE80211_STYPE_ASSOC_RESP:
3384 case IEEE80211_STYPE_REASSOC_RESP:
3386 if (priv->station_state == STATION_STATE_ASSOCIATING ||
3387 priv->station_state == STATION_STATE_REASSOCIATING)
3388 associate(priv, frame_len, subtype);
3392 case IEEE80211_STYPE_DISASSOC:
3393 if (priv->station_is_associated &&
3394 priv->operating_mode == IW_MODE_INFRA &&
3395 is_frame_from_current_bss(priv, header)) {
3396 priv->station_was_associated = 0;
3397 priv->station_is_associated = 0;
3399 atmel_enter_state(priv, STATION_STATE_JOINNING);
3400 join(priv, BSS_TYPE_INFRASTRUCTURE);
3405 case IEEE80211_STYPE_DEAUTH:
3406 if (priv->operating_mode == IW_MODE_INFRA &&
3407 is_frame_from_current_bss(priv, header)) {
3408 priv->station_was_associated = 0;
3410 atmel_enter_state(priv, STATION_STATE_JOINNING);
3411 join(priv, BSS_TYPE_INFRASTRUCTURE);
3418 /* run when timer expires */
3419 static void atmel_management_timer(struct timer_list *t)
3421 struct atmel_private *priv = from_timer(priv, t, management_timer);
3422 unsigned long flags;
3424 /* Check if the card has been yanked. */
3425 if (priv->card && priv->present_callback &&
3426 !(*priv->present_callback)(priv->card))
3429 spin_lock_irqsave(&priv->irqlock, flags);
3431 switch (priv->station_state) {
3433 case STATION_STATE_AUTHENTICATING:
3434 if (priv->AuthenticationRequestRetryCnt >= MAX_AUTHENTICATION_RETRIES) {
3435 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3436 priv->station_is_associated = 0;
3437 priv->AuthenticationRequestRetryCnt = 0;
3438 restart_search(priv);
3440 int auth = WLAN_AUTH_OPEN;
3441 priv->AuthenticationRequestRetryCnt++;
3442 priv->CurrentAuthentTransactionSeqNum = 0x0001;
3443 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3444 if (priv->wep_is_on && priv->exclude_unencrypted)
3445 auth = WLAN_AUTH_SHARED_KEY;
3446 send_authentication_request(priv, auth, NULL, 0);
3450 case STATION_STATE_ASSOCIATING:
3451 if (priv->AssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3452 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3453 priv->station_is_associated = 0;
3454 priv->AssociationRequestRetryCnt = 0;
3455 restart_search(priv);
3457 priv->AssociationRequestRetryCnt++;
3458 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3459 send_association_request(priv, 0);
3463 case STATION_STATE_REASSOCIATING:
3464 if (priv->ReAssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3465 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3466 priv->station_is_associated = 0;
3467 priv->ReAssociationRequestRetryCnt = 0;
3468 restart_search(priv);
3470 priv->ReAssociationRequestRetryCnt++;
3471 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3472 send_association_request(priv, 1);
3480 spin_unlock_irqrestore(&priv->irqlock, flags);
3483 static void atmel_command_irq(struct atmel_private *priv)
3485 u8 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
3486 u8 command = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET));
3488 union iwreq_data wrqu;
3490 if (status == CMD_STATUS_IDLE ||
3491 status == CMD_STATUS_IN_PROGRESS)
3496 if (status == CMD_STATUS_COMPLETE) {
3497 priv->station_was_associated = priv->station_is_associated;
3498 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
3499 (u8 *)priv->CurrentBSSID, 6);
3500 atmel_enter_state(priv, STATION_STATE_READY);
3505 fast_scan = priv->fast_scan;
3506 priv->fast_scan = 0;
3508 if (status != CMD_STATUS_COMPLETE) {
3509 atmel_scan(priv, 1);
3511 int bss_index = retrieve_bss(priv);
3512 int notify_scan_complete = 1;
3513 if (bss_index != -1) {
3514 atmel_join_bss(priv, bss_index);
3515 } else if (priv->operating_mode == IW_MODE_ADHOC &&
3516 priv->SSID_size != 0) {
3517 start(priv, BSS_TYPE_AD_HOC);
3519 priv->fast_scan = !fast_scan;
3520 atmel_scan(priv, 1);
3521 notify_scan_complete = 0;
3523 priv->site_survey_state = SITE_SURVEY_COMPLETED;
3524 if (notify_scan_complete) {
3525 wrqu.data.length = 0;
3526 wrqu.data.flags = 0;
3527 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3532 case CMD_SiteSurvey:
3533 priv->fast_scan = 0;
3535 if (status != CMD_STATUS_COMPLETE)
3538 priv->site_survey_state = SITE_SURVEY_COMPLETED;
3539 if (priv->station_is_associated) {
3540 atmel_enter_state(priv, STATION_STATE_READY);
3541 wrqu.data.length = 0;
3542 wrqu.data.flags = 0;
3543 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3545 atmel_scan(priv, 1);
3550 if (status == CMD_STATUS_COMPLETE) {
3551 if (priv->operating_mode == IW_MODE_ADHOC) {
3552 priv->station_was_associated = priv->station_is_associated;
3553 atmel_enter_state(priv, STATION_STATE_READY);
3555 int auth = WLAN_AUTH_OPEN;
3556 priv->AuthenticationRequestRetryCnt = 0;
3557 atmel_enter_state(priv, STATION_STATE_AUTHENTICATING);
3559 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3560 priv->CurrentAuthentTransactionSeqNum = 0x0001;
3561 if (priv->wep_is_on && priv->exclude_unencrypted)
3562 auth = WLAN_AUTH_SHARED_KEY;
3563 send_authentication_request(priv, auth, NULL, 0);
3568 atmel_scan(priv, 1);
3572 static int atmel_wakeup_firmware(struct atmel_private *priv)
3574 struct host_info_struct *iface = &priv->host_info;
3578 if (priv->card_type == CARD_TYPE_SPI_FLASH)
3579 atmel_set_gcr(priv->dev, GCR_REMAP);
3581 /* wake up on-board processor */
3582 atmel_clear_gcr(priv->dev, 0x0040);
3583 atmel_write16(priv->dev, BSR, BSS_SRAM);
3585 if (priv->card_type == CARD_TYPE_SPI_FLASH)
3588 /* and wait for it */
3589 for (i = LOOP_RETRY_LIMIT; i; i--) {
3590 mr1 = atmel_read16(priv->dev, MR1);
3591 mr3 = atmel_read16(priv->dev, MR3);
3593 if (mr3 & MAC_BOOT_COMPLETE)
3595 if (mr1 & MAC_BOOT_COMPLETE &&
3596 priv->bus_type == BUS_TYPE_PCCARD)
3601 printk(KERN_ALERT "%s: MAC failed to boot.\n", priv->dev->name);
3605 if ((priv->host_info_base = atmel_read16(priv->dev, MR2)) == 0xffff) {
3606 printk(KERN_ALERT "%s: card missing.\n", priv->dev->name);
3610 /* now check for completion of MAC initialization through
3611 the FunCtrl field of the IFACE, poll MR1 to detect completion of
3612 MAC initialization, check completion status, set interrupt mask,
3613 enables interrupts and calls Tx and Rx initialization functions */
3615 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), FUNC_CTRL_INIT_COMPLETE);
3617 for (i = LOOP_RETRY_LIMIT; i; i--) {
3618 mr1 = atmel_read16(priv->dev, MR1);
3619 mr3 = atmel_read16(priv->dev, MR3);
3621 if (mr3 & MAC_INIT_COMPLETE)
3623 if (mr1 & MAC_INIT_COMPLETE &&
3624 priv->bus_type == BUS_TYPE_PCCARD)
3629 printk(KERN_ALERT "%s: MAC failed to initialise.\n",
3634 /* Check for MAC_INIT_OK only on the register that the MAC_INIT_OK was set */
3635 if ((mr3 & MAC_INIT_COMPLETE) &&
3636 !(atmel_read16(priv->dev, MR3) & MAC_INIT_OK)) {
3637 printk(KERN_ALERT "%s: MAC failed MR3 self-test.\n", priv->dev->name);
3640 if ((mr1 & MAC_INIT_COMPLETE) &&
3641 !(atmel_read16(priv->dev, MR1) & MAC_INIT_OK)) {
3642 printk(KERN_ALERT "%s: MAC failed MR1 self-test.\n", priv->dev->name);
3646 atmel_copy_to_host(priv->dev, (unsigned char *)iface,
3647 priv->host_info_base, sizeof(*iface));
3649 iface->tx_buff_pos = le16_to_cpu(iface->tx_buff_pos);
3650 iface->tx_buff_size = le16_to_cpu(iface->tx_buff_size);
3651 iface->tx_desc_pos = le16_to_cpu(iface->tx_desc_pos);
3652 iface->tx_desc_count = le16_to_cpu(iface->tx_desc_count);
3653 iface->rx_buff_pos = le16_to_cpu(iface->rx_buff_pos);
3654 iface->rx_buff_size = le16_to_cpu(iface->rx_buff_size);
3655 iface->rx_desc_pos = le16_to_cpu(iface->rx_desc_pos);
3656 iface->rx_desc_count = le16_to_cpu(iface->rx_desc_count);
3657 iface->build_version = le16_to_cpu(iface->build_version);
3658 iface->command_pos = le16_to_cpu(iface->command_pos);
3659 iface->major_version = le16_to_cpu(iface->major_version);
3660 iface->minor_version = le16_to_cpu(iface->minor_version);
3661 iface->func_ctrl = le16_to_cpu(iface->func_ctrl);
3662 iface->mac_status = le16_to_cpu(iface->mac_status);
3667 /* determine type of memory and MAC address */
3668 static int probe_atmel_card(struct net_device *dev)
3671 struct atmel_private *priv = netdev_priv(dev);
3672 u8 addr[ETH_ALEN] = {};
3675 if (priv->bus_type == BUS_TYPE_PCCARD)
3676 atmel_write16(dev, GCR, 0x0060);
3678 atmel_write16(dev, GCR, 0x0040);
3681 if (atmel_read16(dev, MR2) == 0) {
3682 /* No stored firmware so load a small stub which just
3683 tells us the MAC address */
3685 priv->card_type = CARD_TYPE_EEPROM;
3686 atmel_write16(dev, BSR, BSS_IRAM);
3687 atmel_copy_to_card(dev, 0, mac_reader, sizeof(mac_reader));
3688 atmel_set_gcr(dev, GCR_REMAP);
3689 atmel_clear_gcr(priv->dev, 0x0040);
3690 atmel_write16(dev, BSR, BSS_SRAM);
3691 for (i = LOOP_RETRY_LIMIT; i; i--)
3692 if (atmel_read16(dev, MR3) & MAC_BOOT_COMPLETE)
3695 printk(KERN_ALERT "%s: MAC failed to boot MAC address reader.\n", dev->name);
3698 atmel_copy_to_host(dev, addr, atmel_read16(dev, MR2), 6);
3699 eth_hw_addr_set(dev, addr);
3700 /* got address, now squash it again until the network
3701 interface is opened */
3702 if (priv->bus_type == BUS_TYPE_PCCARD)
3703 atmel_write16(dev, GCR, 0x0060);
3704 atmel_write16(dev, GCR, 0x0040);
3707 } else if (atmel_read16(dev, MR4) == 0) {
3708 /* Mac address easy in this case. */
3709 priv->card_type = CARD_TYPE_PARALLEL_FLASH;
3710 atmel_write16(dev, BSR, 1);
3711 atmel_copy_to_host(dev, addr, 0xc000, 6);
3712 eth_hw_addr_set(dev, addr);
3713 atmel_write16(dev, BSR, 0x200);
3716 /* Standard firmware in flash, boot it up and ask
3717 for the Mac Address */
3718 priv->card_type = CARD_TYPE_SPI_FLASH;
3719 if (atmel_wakeup_firmware(priv) == 0) {
3720 atmel_get_mib(priv, Mac_Address_Mib_Type, 0, addr, 6);
3721 eth_hw_addr_set(dev, addr);
3723 /* got address, now squash it again until the network
3724 interface is opened */
3725 if (priv->bus_type == BUS_TYPE_PCCARD)
3726 atmel_write16(dev, GCR, 0x0060);
3727 atmel_write16(dev, GCR, 0x0040);
3733 if (dev->dev_addr[0] == 0xFF) {
3734 static const u8 default_mac[] = {
3735 0x00, 0x04, 0x25, 0x00, 0x00, 0x00
3737 printk(KERN_ALERT "%s: *** Invalid MAC address. UPGRADE Firmware ****\n", dev->name);
3738 eth_hw_addr_set(dev, default_mac);
3745 /* Move the encyption information on the MIB structure.
3746 This routine is for the pre-WPA firmware: later firmware has
3747 a different format MIB and a different routine. */
3748 static void build_wep_mib(struct atmel_private *priv)
3750 struct { /* NB this is matched to the hardware, don't change. */
3752 u8 default_key; /* 0..3 */
3754 u8 exclude_unencrypted;
3756 u32 WEPICV_error_count;
3757 u32 WEP_excluded_count;
3759 u8 wep_keys[MAX_ENCRYPTION_KEYS][13];
3760 u8 encryption_level; /* 0, 1, 2 */
3765 mib.wep_is_on = priv->wep_is_on;
3766 if (priv->wep_is_on) {
3767 if (priv->wep_key_len[priv->default_key] > 5)
3768 mib.encryption_level = 2;
3770 mib.encryption_level = 1;
3772 mib.encryption_level = 0;
3775 mib.default_key = priv->default_key;
3776 mib.exclude_unencrypted = priv->exclude_unencrypted;
3778 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++)
3779 memcpy(mib.wep_keys[i], priv->wep_keys[i], 13);
3781 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3784 static void build_wpa_mib(struct atmel_private *priv)
3786 /* This is for the later (WPA enabled) firmware. */
3788 struct { /* NB this is matched to the hardware, don't change. */
3789 u8 cipher_default_key_value[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
3790 u8 receiver_address[ETH_ALEN];
3792 u8 default_key; /* 0..3 */
3794 u8 exclude_unencrypted;
3798 u32 WEPICV_error_count;
3799 u32 WEP_excluded_count;
3806 mib.wep_is_on = priv->wep_is_on;
3807 mib.exclude_unencrypted = priv->exclude_unencrypted;
3808 memcpy(mib.receiver_address, priv->CurrentBSSID, ETH_ALEN);
3810 /* zero all the keys before adding in valid ones. */
3811 memset(mib.cipher_default_key_value, 0, sizeof(mib.cipher_default_key_value));
3813 if (priv->wep_is_on) {
3814 /* There's a comment in the Atmel code to the effect that this
3815 is only valid when still using WEP, it may need to be set to
3816 something to use WPA */
3817 memset(mib.key_RSC, 0, sizeof(mib.key_RSC));
3819 mib.default_key = mib.group_key = 255;
3820 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) {
3821 if (priv->wep_key_len[i] > 0) {
3822 memcpy(mib.cipher_default_key_value[i], priv->wep_keys[i], MAX_ENCRYPTION_KEY_SIZE);
3823 if (i == priv->default_key) {
3824 mib.default_key = i;
3825 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 7;
3826 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->pairwise_cipher_suite;
3829 priv->group_cipher_suite = priv->pairwise_cipher_suite;
3830 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 1;
3831 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->group_cipher_suite;
3835 if (mib.default_key == 255)
3836 mib.default_key = mib.group_key != 255 ? mib.group_key : 0;
3837 if (mib.group_key == 255)
3838 mib.group_key = mib.default_key;
3842 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3845 static int reset_atmel_card(struct net_device *dev)
3847 /* do everything necessary to wake up the hardware, including
3848 waiting for the lightning strike and throwing the knife switch....
3850 set all the Mib values which matter in the card to match
3851 their settings in the atmel_private structure. Some of these
3852 can be altered on the fly, but many (WEP, infrastructure or ad-hoc)
3853 can only be changed by tearing down the world and coming back through
3856 This routine is also responsible for initialising some
3857 hardware-specific fields in the atmel_private structure,
3858 including a copy of the firmware's hostinfo structure
3859 which is the route into the rest of the firmware datastructures. */
3861 struct atmel_private *priv = netdev_priv(dev);
3863 int old_state = priv->station_state;
3866 /* data to add to the firmware names, in priority order
3867 this implemenents firmware versioning */
3869 static char *firmware_modifier[] = {
3876 if (priv->bus_type == BUS_TYPE_PCCARD)
3877 atmel_write16(priv->dev, GCR, 0x0060);
3879 /* stop card , disable interrupts */
3880 atmel_write16(priv->dev, GCR, 0x0040);
3882 if (priv->card_type == CARD_TYPE_EEPROM) {
3883 /* copy in firmware if needed */
3884 const struct firmware *fw_entry = NULL;
3885 const unsigned char *fw;
3886 int len = priv->firmware_length;
3887 if (!(fw = priv->firmware)) {
3888 if (priv->firmware_type == ATMEL_FW_TYPE_NONE) {
3889 if (strlen(priv->firmware_id) == 0) {
3891 "%s: card type is unknown: assuming at76c502 firmware is OK.\n",
3894 "%s: if not, use the firmware= module parameter.\n",
3896 strcpy(priv->firmware_id, "atmel_at76c502.bin");
3898 err = request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev);
3901 "%s: firmware %s is missing, cannot continue.\n",
3902 dev->name, priv->firmware_id);
3909 /* get firmware filename entry based on firmware type ID */
3910 while (fw_table[fw_index].fw_type != priv->firmware_type
3911 && fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE)
3914 /* construct the actual firmware file name */
3915 if (fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) {
3917 for (i = 0; firmware_modifier[i]; i++) {
3918 snprintf(priv->firmware_id, 32, "%s%s.%s", fw_table[fw_index].fw_file,
3919 firmware_modifier[i], fw_table[fw_index].fw_file_ext);
3920 priv->firmware_id[31] = '\0';
3921 if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) == 0) {
3929 "%s: firmware %s is missing, cannot start.\n",
3930 dev->name, priv->firmware_id);
3931 priv->firmware_id[0] = '\0';
3936 fw = fw_entry->data;
3937 len = fw_entry->size;
3940 if (len <= 0x6000) {
3941 atmel_write16(priv->dev, BSR, BSS_IRAM);
3942 atmel_copy_to_card(priv->dev, 0, fw, len);
3943 atmel_set_gcr(priv->dev, GCR_REMAP);
3946 atmel_set_gcr(priv->dev, GCR_REMAP);
3947 atmel_write16(priv->dev, BSR, BSS_IRAM);
3948 atmel_copy_to_card(priv->dev, 0, fw, 0x6000);
3949 atmel_write16(priv->dev, BSR, 0x2ff);
3950 atmel_copy_to_card(priv->dev, 0x8000, &fw[0x6000], len - 0x6000);
3953 release_firmware(fw_entry);
3956 err = atmel_wakeup_firmware(priv);
3960 /* Check the version and set the correct flag for wpa stuff,
3961 old and new firmware is incompatible.
3962 The pre-wpa 3com firmware reports major version 5,
3963 the wpa 3com firmware is major version 4 and doesn't need
3964 the 3com broken-ness filter. */
3965 priv->use_wpa = (priv->host_info.major_version == 4);
3966 priv->radio_on_broken = (priv->host_info.major_version == 5);
3968 /* unmask all irq sources */
3969 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_MASK_OFFSET), 0xff);
3971 /* int Tx system and enable Tx */
3972 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, 0), 0);
3973 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, 0), 0x80000000L);
3974 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, 0), 0);
3975 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, 0), 0);
3977 priv->tx_desc_free = priv->host_info.tx_desc_count;
3978 priv->tx_desc_head = 0;
3979 priv->tx_desc_tail = 0;
3980 priv->tx_desc_previous = 0;
3981 priv->tx_free_mem = priv->host_info.tx_buff_size;
3982 priv->tx_buff_head = 0;
3983 priv->tx_buff_tail = 0;
3985 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
3986 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
3987 configuration | FUNC_CTRL_TxENABLE);
3989 /* init Rx system and enable */
3990 priv->rx_desc_head = 0;
3992 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
3993 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
3994 configuration | FUNC_CTRL_RxENABLE);
3996 if (!priv->radio_on_broken) {
3997 if (atmel_send_command_wait(priv, CMD_EnableRadio, NULL, 0) ==
3998 CMD_STATUS_REJECTED_RADIO_OFF) {
3999 printk(KERN_INFO "%s: cannot turn the radio on.\n",
4005 /* set up enough MIB values to run. */
4006 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_AUTO_TX_RATE_POS, priv->auto_tx_rate);
4007 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_TX_PROMISCUOUS_POS, PROM_MODE_OFF);
4008 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_RTS_THRESHOLD_POS, priv->rts_threshold);
4009 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_FRAG_THRESHOLD_POS, priv->frag_threshold);
4010 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_SHORT_RETRY_POS, priv->short_retry);
4011 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_LONG_RETRY_POS, priv->long_retry);
4012 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, priv->preamble);
4013 atmel_set_mib(priv, Mac_Address_Mib_Type, MAC_ADDR_MIB_MAC_ADDR_POS,
4014 priv->dev->dev_addr, 6);
4015 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
4016 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
4017 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_BEACON_PER_POS, priv->default_beacon_period);
4018 atmel_set_mib(priv, Phy_Mib_Type, PHY_MIB_RATE_SET_POS, atmel_basic_rates, 4);
4019 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_PRIVACY_POS, priv->wep_is_on);
4021 build_wpa_mib(priv);
4023 build_wep_mib(priv);
4025 if (old_state == STATION_STATE_READY) {
4026 union iwreq_data wrqu;
4028 wrqu.data.length = 0;
4029 wrqu.data.flags = 0;
4030 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
4031 eth_zero_addr(wrqu.ap_addr.sa_data);
4032 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
4038 static void atmel_send_command(struct atmel_private *priv, int command,
4039 void *cmd, int cmd_size)
4042 atmel_copy_to_card(priv->dev, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET),
4045 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET), command);
4046 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET), 0);
4049 static int atmel_send_command_wait(struct atmel_private *priv, int command,
4050 void *cmd, int cmd_size)
4054 atmel_send_command(priv, command, cmd, cmd_size);
4056 for (i = 5000; i; i--) {
4057 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
4058 if (status != CMD_STATUS_IDLE &&
4059 status != CMD_STATUS_IN_PROGRESS)
4065 printk(KERN_ALERT "%s: failed to contact MAC.\n", priv->dev->name);
4066 status = CMD_STATUS_HOST_ERROR;
4068 if (command != CMD_EnableRadio)
4069 status = CMD_STATUS_COMPLETE;
4075 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index)
4077 struct get_set_mib m;
4082 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4083 return atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE));
4086 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, u8 data)
4088 struct get_set_mib m;
4094 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4097 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
4100 struct get_set_mib m;
4105 m.data[1] = data >> 8;
4107 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 2);
4110 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
4111 const u8 *data, int data_len)
4113 struct get_set_mib m;
4118 if (data_len > MIB_MAX_DATA_BYTES)
4119 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4121 memcpy(m.data, data, data_len);
4122 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4125 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
4126 u8 *data, int data_len)
4128 struct get_set_mib m;
4133 if (data_len > MIB_MAX_DATA_BYTES)
4134 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4136 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4137 atmel_copy_to_host(priv->dev, data,
4138 atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE), data_len);
4141 static void atmel_writeAR(struct net_device *dev, u16 data)
4144 outw(data, dev->base_addr + AR);
4145 /* Address register appears to need some convincing..... */
4146 for (i = 0; data != inw(dev->base_addr + AR) && i < 10; i++)
4147 outw(data, dev->base_addr + AR);
4150 static void atmel_copy_to_card(struct net_device *dev, u16 dest,
4151 const unsigned char *src, u16 len)
4154 atmel_writeAR(dev, dest);
4156 atmel_write8(dev, DR, *src);
4159 for (i = len; i > 1 ; i -= 2) {
4162 atmel_write16(dev, DR, lb | (hb << 8));
4165 atmel_write8(dev, DR, *src);
4168 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
4172 atmel_writeAR(dev, src);
4174 *dest = atmel_read8(dev, DR);
4177 for (i = len; i > 1 ; i -= 2) {
4178 u16 hw = atmel_read16(dev, DR);
4183 *dest = atmel_read8(dev, DR);
4186 static void atmel_set_gcr(struct net_device *dev, u16 mask)
4188 outw(inw(dev->base_addr + GCR) | mask, dev->base_addr + GCR);
4191 static void atmel_clear_gcr(struct net_device *dev, u16 mask)
4193 outw(inw(dev->base_addr + GCR) & ~mask, dev->base_addr + GCR);
4196 static int atmel_lock_mac(struct atmel_private *priv)
4200 for (i = 5000; i; i--) {
4201 if (!atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET)))
4207 return 0; /* timed out */
4209 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 1);
4210 if (atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) {
4211 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
4213 return 0; /* timed out */
4220 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data)
4222 atmel_writeAR(priv->dev, pos);
4223 atmel_write16(priv->dev, DR, data); /* card is little-endian */
4224 atmel_write16(priv->dev, DR, data >> 16);
4227 /***************************************************************************/
4228 /* There follows the source form of the MAC address reading firmware */
4229 /***************************************************************************/
4232 /* Copyright 2003 Matthew T. Russotto */
4233 /* But derived from the Atmel 76C502 firmware written by Atmel and */
4234 /* included in "atmel wireless lan drivers" package */
4236 This file is part of net.russotto.AtmelMACFW, hereto referred to
4239 AtmelMACFW is free software; you can redistribute it and/or modify
4240 it under the terms of the GNU General Public License version 2
4241 as published by the Free Software Foundation.
4243 AtmelMACFW is distributed in the hope that it will be useful,
4244 but WITHOUT ANY WARRANTY; without even the implied warranty of
4245 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4246 GNU General Public License for more details.
4248 You should have received a copy of the GNU General Public License
4249 along with AtmelMACFW; if not, see <http://www.gnu.org/licenses/>.
4251 ****************************************************************************/
4252 /* This firmware should work on the 76C502 RFMD, RFMD_D, and RFMD_E */
4253 /* It will probably work on the 76C504 and 76C502 RFMD_3COM */
4254 /* It only works on SPI EEPROM versions of the card. */
4256 /* This firmware initializes the SPI controller and clock, reads the MAC */
4257 /* address from the EEPROM into SRAM, and puts the SRAM offset of the MAC */
4258 /* address in MR2, and sets MR3 to 0x10 to indicate it is done */
4259 /* It also puts a complete copy of the EEPROM in SRAM with the offset in */
4260 /* MR4, for investigational purposes (maybe we can determine chip type */
4264 .set MRBASE, 0x8000000
4265 .set CPSR_INITIAL, 0xD3 /* IRQ/FIQ disabled, ARM mode, Supervisor state */
4266 .set CPSR_USER, 0xD1 /* IRQ/FIQ disabled, ARM mode, USER state */
4267 .set SRAM_BASE, 0x02000000
4268 .set SP_BASE, 0x0F300000
4269 .set UNK_BASE, 0x0F000000 /* Some internal device, but which one? */
4270 .set SPI_CGEN_BASE, 0x0E000000 /* Some internal device, but which one? */
4271 .set UNK3_BASE, 0x02014000 /* Some internal device, but which one? */
4272 .set STACK_BASE, 0x5600
4274 .set SP_TDRE, 2 /* status register bit -- TDR empty */
4275 .set SP_RDRF, 1 /* status register bit -- RDR full */
4278 .set SP_CR, 0 /* control register */
4279 .set SP_MR, 4 /* mode register */
4280 .set SP_RDR, 0x08 /* Read Data Register */
4281 .set SP_TDR, 0x0C /* Transmit Data Register */
4282 .set SP_CSR0, 0x30 /* chip select registers */
4286 .set NVRAM_CMD_RDSR, 5 /* read status register */
4287 .set NVRAM_CMD_READ, 3 /* read data */
4288 .set NVRAM_SR_RDY, 1 /* RDY bit. This bit is inverted */
4289 .set SPI_8CLOCKS, 0xFF /* Writing this to the TDR doesn't do anything to the
4290 serial output, since SO is normally high. But it
4291 does cause 8 clock cycles and thus 8 bits to be
4292 clocked in to the chip. See Atmel's SPI
4293 controller (e.g. AT91M55800) timing and 4K
4294 SPI EEPROM manuals */
4296 .set NVRAM_SCRATCH, 0x02000100 /* arbitrary area for scratchpad memory */
4297 .set NVRAM_IMAGE, 0x02000200
4298 .set NVRAM_LENGTH, 0x0200
4299 .set MAC_ADDRESS_MIB, SRAM_BASE
4300 .set MAC_ADDRESS_LENGTH, 6
4301 .set MAC_BOOT_FLAG, 0x10
4323 mov r0, #CPSR_INITIAL
4324 msr CPSR_c, r0 /* This is probably unnecessary */
4326 /* I'm guessing this is initializing clock generator electronics for SPI */
4327 ldr r0, =SPI_CGEN_BASE
4352 ldr r1, =MAC_ADDRESS_MIB
4354 ldr r1, =NVRAM_IMAGE
4356 mov r1, #MAC_BOOT_FLAG
4359 .func Get_Whole_NVRAM, GET_WHOLE_NVRAM
4362 mov r2, #0 /* 0th bytes of NVRAM */
4363 mov r3, #NVRAM_LENGTH
4364 mov r1, #0 /* not used in routine */
4365 ldr r0, =NVRAM_IMAGE
4371 .func Get_MAC_Addr, GET_MAC_ADDR
4374 mov r2, #0x120 /* address of MAC Address within NVRAM */
4375 mov r3, #MAC_ADDRESS_LENGTH
4376 mov r1, #0 /* not used in routine */
4377 ldr r0, =MAC_ADDRESS_MIB
4383 .func Delay9, DELAY9
4385 adds r0, r0, r0, LSL #3 /* r0 = r0 * 9 */
4394 .func SP_Init, SP_INIT
4398 str r1, [r0, #SP_CR] /* reset the SPI */
4400 str r1, [r0, #SP_CR] /* release SPI from reset state */
4402 str r1, [r0, #SP_MR] /* set the SPI to MASTER mode*/
4403 str r1, [r0, #SP_CR] /* enable the SPI */
4405 /* My guess would be this turns on the SPI clock */
4406 ldr r3, =SPI_CGEN_BASE
4412 str r1, [r0, #SP_CSR0]
4414 str r1, [r0, #SP_CSR1]
4415 str r1, [r0, #SP_CSR2]
4416 str r1, [r0, #SP_CSR3]
4417 ldr r1, [r0, #SP_SR]
4418 ldr r0, [r0, #SP_RDR]
4421 .func NVRAM_Init, NVRAM_INIT
4424 ldr r0, [r1, #SP_RDR]
4425 mov r0, #NVRAM_CMD_RDSR
4426 str r0, [r1, #SP_TDR]
4428 ldr r0, [r1, #SP_SR]
4432 mov r0, #SPI_8CLOCKS
4433 str r0, [r1, #SP_TDR]
4435 ldr r0, [r1, #SP_SR]
4439 ldr r0, [r1, #SP_RDR]
4441 ldr r0, [r1, #SP_SR]
4445 ldr r0, [r1, #SP_RDR]
4450 .func NVRAM_Xfer, NVRAM_XFER
4451 /* r0 = dest address */
4453 /* r2 = src address within NVRAM */
4456 stmdb sp!, {r4, r5, lr}
4457 mov r5, r0 /* save r0 (dest address) */
4458 mov r4, r3 /* save r3 (length) */
4459 mov r0, r2, LSR #5 /* SPI memories put A8 in the command field */
4461 add r0, r0, #NVRAM_CMD_READ
4462 ldr r1, =NVRAM_SCRATCH
4463 strb r0, [r1, #0] /* save command in NVRAM_SCRATCH[0] */
4464 strb r2, [r1, #1] /* save low byte of source address in NVRAM_SCRATCH[1] */
4467 tst r0, #NVRAM_SR_RDY
4471 mov r2, r4 /* length */
4472 mov r1, r5 /* dest address */
4473 mov r0, #2 /* bytes to transfer in command */
4475 ldmia sp!, {r4, r5, lr}
4479 .func NVRAM_Xfer2, NVRAM_XFER2
4481 stmdb sp!, {r4, r5, r6, lr}
4486 ldr r5, =NVRAM_SCRATCH
4489 str r6, [r4, #SP_TDR]
4491 ldr r6, [r4, #SP_SR]
4495 cmp r3, r0 /* r0 is # of bytes to send out (command+addr) */
4498 mov r3, #SPI_8CLOCKS
4499 str r3, [r4, #SP_TDR]
4500 ldr r0, [r4, #SP_RDR]
4502 ldr r0, [r4, #SP_SR]
4505 ldr r0, [r4, #SP_RDR] /* what's this byte? It's the byte read while writing the TDR -- nonsense, because the NVRAM doesn't read and write at the same time */
4507 cmp r2, #0 /* r2 is # of bytes to copy in */
4510 ldr r5, [r4, #SP_SR]
4513 str r3, [r4, #SP_TDR] /* r3 has SPI_8CLOCKS */
4515 ldr r5, [r4, #SP_SR]
4518 ldr r5, [r4, #SP_RDR] /* but didn't we read this byte above? */
4519 strb r5, [r1], #1 /* postindexed */
4522 blo _local7 /* since we don't send another address, the NVRAM must be capable of sequential reads */
4526 ldmia sp!, {r4, r5, r6, lr}
projects / linux.git / blob