projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tcp: make sure xmit goal size never becomes zero
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / net / wireless / orinoco / main.c
CommitLineData
47445cb9 1/* main.c - (formerly known as dldwd_cs.c, orinoco_cs.c and orinoco.c)
1da177e4
LT		 2 *
3 * A driver for Hermes or Prism 2 chipset based PCMCIA wireless
4 * adaptors, with Lucent/Agere, Intersil or Symbol firmware.
5 *
6 * Current maintainers (as of 29 September 2003) are:
7 * Pavel Roskin <proski AT gnu.org>
8 * and David Gibson <hermes AT gibson.dropbear.id.au>
9 *
10 * (C) Copyright David Gibson, IBM Corporation 2001-2003.
11 * Copyright (C) 2000 David Gibson, Linuxcare Australia.
12 * With some help from :
13 * Copyright (C) 2001 Jean Tourrilhes, HP Labs
14 * Copyright (C) 2001 Benjamin Herrenschmidt
15 *
16 * Based on dummy_cs.c 1.27 2000/06/12 21:27:25
17 *
18 * Portions based on wvlan_cs.c 1.0.6, Copyright Andreas Neuhaus <andy
19 * AT fasta.fh-dortmund.de>
20 * http://www.stud.fh-dortmund.de/~andy/wvlan/
21 *
22 * The contents of this file are subject to the Mozilla Public License
23 * Version 1.1 (the "License"); you may not use this file except in
24 * compliance with the License. You may obtain a copy of the License
25 * at http://www.mozilla.org/MPL/
26 *
27 * Software distributed under the License is distributed on an "AS IS"
28 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
29 * the License for the specific language governing rights and
30 * limitations under the License.
31 *
32 * The initial developer of the original code is David A. Hinds
33 * <dahinds AT users.sourceforge.net>. Portions created by David
34 * A. Hinds are Copyright (C) 1999 David A. Hinds. All Rights
35 * Reserved.
36 *
37 * Alternatively, the contents of this file may be used under the
38 * terms of the GNU General Public License version 2 (the "GPL"), in
39 * which case the provisions of the GPL are applicable instead of the
40 * above. If you wish to allow the use of your version of this file
41 * only under the terms of the GPL and not to allow others to use your
42 * version of this file under the MPL, indicate your decision by
43 * deleting the provisions above and replace them with the notice and
44 * other provisions required by the GPL. If you do not delete the
45 * provisions above, a recipient may use your version of this file
46 * under either the MPL or the GPL. */
47
48/*
1da177e4 49 * TODO
1da177e4
LT		 50 * o Handle de-encapsulation within network layer, provide 802.11
51 * headers (patch from Thomas 'Dent' Mirlacher)
1da177e4
LT		 52 * o Fix possible races in SPY handling.
53 * o Disconnect wireless extensions from fundamental configuration.
54 * o (maybe) Software WEP support (patch from Stano Meduna).
55 * o (maybe) Use multiple Tx buffers - driver handling queue
56 * rather than firmware.
57 */
58
59/* Locking and synchronization:
60 *
61 * The basic principle is that everything is serialized through a
62 * single spinlock, priv->lock. The lock is used in user, bh and irq
63 * context, so when taken outside hardirq context it should always be
64 * taken with interrupts disabled. The lock protects both the
65 * hardware and the struct orinoco_private.
66 *
67 * Another flag, priv->hw_unavailable indicates that the hardware is
68 * unavailable for an extended period of time (e.g. suspended, or in
69 * the middle of a hard reset). This flag is protected by the
70 * spinlock. All code which touches the hardware should check the
71 * flag after taking the lock, and if it is set, give up on whatever
72 * they are doing and drop the lock again. The orinoco_lock()
73 * function handles this (it unlocks and returns -EBUSY if
74 * hw_unavailable is non-zero).
75 */
76
77#define DRIVER_NAME "orinoco"
78
1da177e4
LT		 79#include <linux/module.h>
80#include <linux/kernel.h>
81#include <linux/init.h>
d03032af 82#include <linux/delay.h>
1da177e4 83#include <linux/netdevice.h>
1da177e4 84#include <linux/etherdevice.h>
1fab2e8b 85#include <linux/ethtool.h>
39d1ffee 86#include <linux/suspend.h>
9c974fb1 87#include <linux/if_arp.h>
1da177e4 88#include <linux/wireless.h>
2c706002 89#include <linux/ieee80211.h>
620554e4 90#include <net/iw_handler.h>
1da177e4 91
1da177e4 92#include "hermes_rid.h"
3994d502 93#include "hermes_dld.h"
712a4342 94#include "hw.h"
fb791b1c 95#include "scan.h"
4adb474b 96#include "mic.h"
37a2e566 97#include "fw.h"
cb1576a8
DK		 98#include "wext.h"
99#include "main.h"
fb791b1c 100
1da177e4 101#include "orinoco.h"
1da177e4
LT		 102
103/********************************************************************/
104/* Module information */
105/********************************************************************/
106
b2f30a0a
DK		 107MODULE_AUTHOR("Pavel Roskin <proski@gnu.org> & "
108 "David Gibson <hermes@gibson.dropbear.id.au>");
109MODULE_DESCRIPTION("Driver for Lucent Orinoco, Prism II based "
110 "and similar wireless cards");
1da177e4
LT		 111MODULE_LICENSE("Dual MPL/GPL");
112
113/* Level of debugging. Used in the macros in orinoco.h */
114#ifdef ORINOCO_DEBUG
115int orinoco_debug = ORINOCO_DEBUG;
2131266d 116EXPORT_SYMBOL(orinoco_debug);
1da177e4
LT		 117module_param(orinoco_debug, int, 0644);
118MODULE_PARM_DESC(orinoco_debug, "Debug level");
1da177e4
LT		 119#endif
120
121static int suppress_linkstatus; /* = 0 */
122module_param(suppress_linkstatus, bool, 0644);
123MODULE_PARM_DESC(suppress_linkstatus, "Don't log link status changes");
b2f30a0a 124
7bb7c3a3
DG		 125static int ignore_disconnect; /* = 0 */
126module_param(ignore_disconnect, int, 0644);
b2f30a0a
DK		 127MODULE_PARM_DESC(ignore_disconnect,
128 "Don't report lost link to the network layer");
1da177e4 129
cb1576a8 130int force_monitor; /* = 0 */
98c4cae1
CH		 131module_param(force_monitor, int, 0644);
132MODULE_PARM_DESC(force_monitor, "Allow monitor mode for all firmware versions");
133
1da177e4
LT		 134/********************************************************************/
135/* Internal constants */
136/********************************************************************/
137
95dd91fb
CH		 138/* 802.2 LLC/SNAP header used for Ethernet encapsulation over 802.11 */
139static const u8 encaps_hdr[] = {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00};
140#define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2)
141
1da177e4 142#define ORINOCO_MIN_MTU 256
2c706002 143#define ORINOCO_MAX_MTU (IEEE80211_MAX_DATA_LEN - ENCAPS_OVERHEAD)
1da177e4
LT		 144
145#define SYMBOL_MAX_VER_LEN (14)
1da177e4
LT		 146#define MAX_IRQLOOPS_PER_IRQ 10
147#define MAX_IRQLOOPS_PER_JIFFY (20000/HZ) /* Based on a guestimate of
148 * how many events the
149 * device could
150 * legitimately generate */
1da177e4
LT		 151#define TX_NICBUF_SIZE_BUG 1585 /* Bug in Symbol firmware */
152
153#define DUMMY_FID 0xFFFF
154
155/*#define MAX_MULTICAST(priv) (priv->firmware_type == FIRMWARE_TYPE_AGERE ? \
156 HERMES_MAX_MULTICAST : 0)*/
157#define MAX_MULTICAST(priv) (HERMES_MAX_MULTICAST)
158
159#define ORINOCO_INTEN (HERMES_EV_RX | HERMES_EV_ALLOC \
160 | HERMES_EV_TX | HERMES_EV_TXEXC \
161 | HERMES_EV_WTERR | HERMES_EV_INFO \
a94e8427 162 | HERMES_EV_INFDROP)
1da177e4 163
7282d491 164static const struct ethtool_ops orinoco_ethtool_ops;
620554e4 165
1da177e4
LT		 166/********************************************************************/
167/* Data types */
168/********************************************************************/
169
30c2d3b4
PR		 170/* Beginning of the Tx descriptor, used in TxExc handling */
171struct hermes_txexc_data {
172 struct hermes_tx_descriptor desc;
d133ae4c
PR		 173 __le16 frame_ctl;
174 __le16 duration_id;
95dd91fb 175 u8 addr1[ETH_ALEN];
1da177e4
LT		 176} __attribute__ ((packed));
177
8f2abf44 178/* Rx frame header except compatibility 802.3 header */
1da177e4 179struct hermes_rx_descriptor {
8f2abf44 180 /* Control */
d133ae4c
PR		 181 __le16 status;
182 __le32 time;
1da177e4
LT		 183 u8 silence;
184 u8 signal;
185 u8 rate;
186 u8 rxflow;
d133ae4c 187 __le32 reserved;
8f2abf44
CH		 188
189 /* 802.11 header */
d133ae4c
PR		 190 __le16 frame_ctl;
191 __le16 duration_id;
8f2abf44
CH		 192 u8 addr1[ETH_ALEN];
193 u8 addr2[ETH_ALEN];
194 u8 addr3[ETH_ALEN];
d133ae4c 195 __le16 seq_ctl;
8f2abf44
CH		 196 u8 addr4[ETH_ALEN];
197
198 /* Data length */
d133ae4c 199 __le16 data_len;
1da177e4
LT		 200} __attribute__ ((packed));
201
47166791
DK		 202struct orinoco_rx_data {
203 struct hermes_rx_descriptor *desc;
204 struct sk_buff *skb;
205 struct list_head list;
206};
207
1da177e4
LT		 208/********************************************************************/
209/* Function prototypes */
210/********************************************************************/
211
1da177e4 212static void __orinoco_set_multicast_list(struct net_device *dev);
1da177e4
LT		 213
214/********************************************************************/
215/* Internal helper functions */
216/********************************************************************/
217
cb1576a8 218void set_port_type(struct orinoco_private *priv)
1da177e4
LT		 219{
220 switch (priv->iw_mode) {
221 case IW_MODE_INFRA:
222 priv->port_type = 1;
223 priv->createibss = 0;
224 break;
225 case IW_MODE_ADHOC:
226 if (priv->prefer_port3) {
227 priv->port_type = 3;
228 priv->createibss = 0;
229 } else {
230 priv->port_type = priv->ibss_port;
231 priv->createibss = 1;
232 }
233 break;
98c4cae1
CH		 234 case IW_MODE_MONITOR:
235 priv->port_type = 3;
236 priv->createibss = 0;
237 break;
1da177e4
LT		 238 default:
239 printk(KERN_ERR "%s: Invalid priv->iw_mode in set_port_type()\n",
240 priv->ndev->name);
241 }
242}
243
244/********************************************************************/
245/* Device methods */
246/********************************************************************/
247
248static int orinoco_open(struct net_device *dev)
249{
250 struct orinoco_private *priv = netdev_priv(dev);
251 unsigned long flags;
252 int err;
253
254 if (orinoco_lock(priv, &flags) != 0)
255 return -EBUSY;
256
257 err = __orinoco_up(dev);
258
a94e8427 259 if (!err)
1da177e4
LT		 260 priv->open = 1;
261
262 orinoco_unlock(priv, &flags);
263
264 return err;
265}
266
ad8f451b 267static int orinoco_stop(struct net_device *dev)
1da177e4
LT		 268{
269 struct orinoco_private *priv = netdev_priv(dev);
270 int err = 0;
271
272 /* We mustn't use orinoco_lock() here, because we need to be
273 able to close the interface even if hw_unavailable is set
274 (e.g. as we're released after a PC Card removal) */
275 spin_lock_irq(&priv->lock);
276
277 priv->open = 0;
278
279 err = __orinoco_down(dev);
280
281 spin_unlock_irq(&priv->lock);
282
283 return err;
284}
285
286static struct net_device_stats *orinoco_get_stats(struct net_device *dev)
287{
288 struct orinoco_private *priv = netdev_priv(dev);
6fe9deb1 289
1da177e4
LT		 290 return &priv->stats;
291}
292
1da177e4
LT		 293static void orinoco_set_multicast_list(struct net_device *dev)
294{
295 struct orinoco_private *priv = netdev_priv(dev);
296 unsigned long flags;
297
298 if (orinoco_lock(priv, &flags) != 0) {
299 printk(KERN_DEBUG "%s: orinoco_set_multicast_list() "
300 "called when hw_unavailable\n", dev->name);
301 return;
302 }
303
304 __orinoco_set_multicast_list(dev);
305 orinoco_unlock(priv, &flags);
306}
307
308static int orinoco_change_mtu(struct net_device *dev, int new_mtu)
309{
310 struct orinoco_private *priv = netdev_priv(dev);
311
a94e8427 312 if ((new_mtu < ORINOCO_MIN_MTU) || (new_mtu > ORINOCO_MAX_MTU))
1da177e4
LT		 313 return -EINVAL;
314
2c706002 315 /* MTU + encapsulation + header length */
a94e8427
DK		 316 if ((new_mtu + ENCAPS_OVERHEAD + sizeof(struct ieee80211_hdr)) >
317 (priv->nicbuf_size - ETH_HLEN))
1da177e4
LT		 318 return -EINVAL;
319
320 dev->mtu = new_mtu;
321
322 return 0;
323}
324
325/********************************************************************/
326/* Tx path */
327/********************************************************************/
328
329static int orinoco_xmit(struct sk_buff *skb, struct net_device *dev)
330{
331 struct orinoco_private *priv = netdev_priv(dev);
332 struct net_device_stats *stats = &priv->stats;
333 hermes_t *hw = &priv->hw;
334 int err = 0;
335 u16 txfid = priv->txfid;
1da177e4 336 struct ethhdr *eh;
6eecad77 337 int tx_control;
1da177e4
LT		 338 unsigned long flags;
339
a94e8427 340 if (!netif_running(dev)) {
1da177e4
LT		 341 printk(KERN_ERR "%s: Tx on stopped device!\n",
342 dev->name);
b34b867e 343 return NETDEV_TX_BUSY;
1da177e4 344 }
6fe9deb1 345
1da177e4 346 if (netif_queue_stopped(dev)) {
6fe9deb1 347 printk(KERN_DEBUG "%s: Tx while transmitter busy!\n",
1da177e4 348 dev->name);
b34b867e 349 return NETDEV_TX_BUSY;
1da177e4 350 }
6fe9deb1 351
1da177e4
LT		 352 if (orinoco_lock(priv, &flags) != 0) {
353 printk(KERN_ERR "%s: orinoco_xmit() called while hw_unavailable\n",
354 dev->name);
b34b867e 355 return NETDEV_TX_BUSY;
1da177e4
LT		 356 }
357
a94e8427 358 if (!netif_carrier_ok(dev) || (priv->iw_mode == IW_MODE_MONITOR)) {
1da177e4 359 /* Oops, the firmware hasn't established a connection,
6fe9deb1
DK		 360 silently drop the packet (this seems to be the
361 safest approach). */
470e2aa6 362 goto drop;
1da177e4
LT		 363 }
364
8d5be088 365 /* Check packet length */
a28dc81d 366 if (skb->len < ETH_HLEN)
470e2aa6 367 goto drop;
1da177e4 368
6eecad77
DK		 369 tx_control = HERMES_TXCTRL_TX_OK | HERMES_TXCTRL_TX_EX;
370
23edcc41
DK		 371 if (priv->encode_alg == IW_ENCODE_ALG_TKIP)
372 tx_control |= (priv->tx_key << HERMES_MIC_KEY_ID_SHIFT) |
373 HERMES_TXCTRL_MIC;
374
6eecad77
DK		 375 if (priv->has_alt_txcntl) {
376 /* WPA enabled firmwares have tx_cntl at the end of
377 * the 802.11 header. So write zeroed descriptor and
378 * 802.11 header at the same time
379 */
380 char desc[HERMES_802_3_OFFSET];
381 __le16 *txcntl = (__le16 *) &desc[HERMES_TXCNTL2_OFFSET];
382
383 memset(&desc, 0, sizeof(desc));
384
385 *txcntl = cpu_to_le16(tx_control);
386 err = hermes_bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
387 txfid, 0);
388 if (err) {
389 if (net_ratelimit())
390 printk(KERN_ERR "%s: Error %d writing Tx "
391 "descriptor to BAP\n", dev->name, err);
392 goto busy;
393 }
394 } else {
395 struct hermes_tx_descriptor desc;
396
397 memset(&desc, 0, sizeof(desc));
398
399 desc.tx_control = cpu_to_le16(tx_control);
400 err = hermes_bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
401 txfid, 0);
402 if (err) {
403 if (net_ratelimit())
404 printk(KERN_ERR "%s: Error %d writing Tx "
405 "descriptor to BAP\n", dev->name, err);
406 goto busy;
407 }
1da177e4 408
6eecad77
DK		 409 /* Clear the 802.11 header and data length fields - some
410 * firmwares (e.g. Lucent/Agere 8.xx) appear to get confused
411 * if this isn't done. */
412 hermes_clear_words(hw, HERMES_DATA0,
413 HERMES_802_3_OFFSET - HERMES_802_11_OFFSET);
414 }
1da177e4 415
23edcc41
DK		 416 eh = (struct ethhdr *)skb->data;
417
1da177e4
LT		 418 /* Encapsulate Ethernet-II frames */
419 if (ntohs(eh->h_proto) > ETH_DATA_LEN) { /* Ethernet-II frame */
a28dc81d
PR		 420 struct header_struct {
421 struct ethhdr eth; /* 802.3 header */
422 u8 encap[6]; /* 802.2 header */
423 } __attribute__ ((packed)) hdr;
424
425 /* Strip destination and source from the data */
426 skb_pull(skb, 2 * ETH_ALEN);
a28dc81d
PR		 427
428 /* And move them to a separate header */
429 memcpy(&hdr.eth, eh, 2 * ETH_ALEN);
430 hdr.eth.h_proto = htons(sizeof(encaps_hdr) + skb->len);
431 memcpy(hdr.encap, encaps_hdr, sizeof(encaps_hdr));
432
23edcc41
DK		 433 /* Insert the SNAP header */
434 if (skb_headroom(skb) < sizeof(hdr)) {
435 printk(KERN_ERR
436 "%s: Not enough headroom for 802.2 headers %d\n",
437 dev->name, skb_headroom(skb));
438 goto drop;
1da177e4 439 }
23edcc41
DK		 440 eh = (struct ethhdr *) skb_push(skb, sizeof(hdr));
441 memcpy(eh, &hdr, sizeof(hdr));
1da177e4
LT		 442 }
443
a28dc81d 444 err = hermes_bap_pwrite(hw, USER_BAP, skb->data, skb->len,
23edcc41 445 txfid, HERMES_802_3_OFFSET);
1da177e4
LT		 446 if (err) {
447 printk(KERN_ERR "%s: Error %d writing packet to BAP\n",
448 dev->name, err);
470e2aa6 449 goto busy;
1da177e4
LT		 450 }
451
23edcc41
DK		 452 /* Calculate Michael MIC */
453 if (priv->encode_alg == IW_ENCODE_ALG_TKIP) {
454 u8 mic_buf[MICHAEL_MIC_LEN + 1];
455 u8 *mic;
456 size_t offset;
457 size_t len;
458
459 if (skb->len % 2) {
460 /* MIC start is on an odd boundary */
461 mic_buf[0] = skb->data[skb->len - 1];
462 mic = &mic_buf[1];
463 offset = skb->len - 1;
464 len = MICHAEL_MIC_LEN + 1;
465 } else {
466 mic = &mic_buf[0];
467 offset = skb->len;
468 len = MICHAEL_MIC_LEN;
469 }
470
4adb474b 471 orinoco_mic(priv->tx_tfm_mic,
23edcc41
DK		 472 priv->tkip_key[priv->tx_key].tx_mic,
473 eh->h_dest, eh->h_source, 0 /* priority */,
474 skb->data + ETH_HLEN, skb->len - ETH_HLEN, mic);
475
476 /* Write the MIC */
477 err = hermes_bap_pwrite(hw, USER_BAP, &mic_buf[0], len,
478 txfid, HERMES_802_3_OFFSET + offset);
479 if (err) {
480 printk(KERN_ERR "%s: Error %d writing MIC to BAP\n",
481 dev->name, err);
482 goto busy;
483 }
484 }
485
1da177e4
LT		 486 /* Finally, we actually initiate the send */
487 netif_stop_queue(dev);
488
489 err = hermes_docmd_wait(hw, HERMES_CMD_TX | HERMES_CMD_RECL,
490 txfid, NULL);
491 if (err) {
492 netif_start_queue(dev);
c367c21c
AM		 493 if (net_ratelimit())
494 printk(KERN_ERR "%s: Error %d transmitting packet\n",
495 dev->name, err);
470e2aa6 496 goto busy;
1da177e4
LT		 497 }
498
499 dev->trans_start = jiffies;
23edcc41 500 stats->tx_bytes += HERMES_802_3_OFFSET + skb->len;
470e2aa6 501 goto ok;
1da177e4 502
470e2aa6
PR		 503 drop:
504 stats->tx_errors++;
505 stats->tx_dropped++;
1da177e4 506
470e2aa6
PR		 507 ok:
508 orinoco_unlock(priv, &flags);
1da177e4 509 dev_kfree_skb(skb);
b34b867e 510 return NETDEV_TX_OK;
1da177e4 511
470e2aa6 512 busy:
2c1bd260
JB		 513 if (err == -EIO)
514 schedule_work(&priv->reset_work);
1da177e4 515 orinoco_unlock(priv, &flags);
b34b867e 516 return NETDEV_TX_BUSY;
1da177e4
LT		 517}
518
519static void __orinoco_ev_alloc(struct net_device *dev, hermes_t *hw)
520{
521 struct orinoco_private *priv = netdev_priv(dev);
522 u16 fid = hermes_read_regn(hw, ALLOCFID);
523
524 if (fid != priv->txfid) {
525 if (fid != DUMMY_FID)
526 printk(KERN_WARNING "%s: Allocate event on unexpected fid (%04X)\n",
527 dev->name, fid);
528 return;
529 }
530
531 hermes_write_regn(hw, ALLOCFID, DUMMY_FID);
532}
533
534static void __orinoco_ev_tx(struct net_device *dev, hermes_t *hw)
535{
536 struct orinoco_private *priv = netdev_priv(dev);
537 struct net_device_stats *stats = &priv->stats;
538
539 stats->tx_packets++;
540
541 netif_wake_queue(dev);
542
543 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
544}
545
546static void __orinoco_ev_txexc(struct net_device *dev, hermes_t *hw)
547{
548 struct orinoco_private *priv = netdev_priv(dev);
549 struct net_device_stats *stats = &priv->stats;
550 u16 fid = hermes_read_regn(hw, TXCOMPLFID);
d133ae4c 551 u16 status;
30c2d3b4 552 struct hermes_txexc_data hdr;
1da177e4
LT		 553 int err = 0;
554
555 if (fid == DUMMY_FID)
556 return; /* Nothing's really happened */
557
48ca7038 558 /* Read part of the frame header - we need status and addr1 */
95dd91fb 559 err = hermes_bap_pread(hw, IRQ_BAP, &hdr,
30c2d3b4 560 sizeof(struct hermes_txexc_data),
95dd91fb
CH		 561 fid, 0);
562
563 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
564 stats->tx_errors++;
565
1da177e4
LT		 566 if (err) {
567 printk(KERN_WARNING "%s: Unable to read descriptor on Tx error "
568 "(FID=%04X error %d)\n",
569 dev->name, fid, err);
95dd91fb 570 return;
1da177e4 571 }
6fe9deb1 572
95dd91fb
CH		 573 DEBUG(1, "%s: Tx error, err %d (FID=%04X)\n", dev->name,
574 err, fid);
6fe9deb1 575
95dd91fb
CH		 576 /* We produce a TXDROP event only for retry or lifetime
577 * exceeded, because that's the only status that really mean
578 * that this particular node went away.
579 * Other errors means that *we* screwed up. - Jean II */
30c2d3b4 580 status = le16_to_cpu(hdr.desc.status);
d133ae4c 581 if (status & (HERMES_TXSTAT_RETRYERR | HERMES_TXSTAT_AGEDERR)) {
95dd91fb
CH		 582 union iwreq_data wrqu;
583
584 /* Copy 802.11 dest address.
585 * We use the 802.11 header because the frame may
586 * not be 802.3 or may be mangled...
587 * In Ad-Hoc mode, it will be the node address.
588 * In managed mode, it will be most likely the AP addr
589 * User space will figure out how to convert it to
590 * whatever it needs (IP address or else).
591 * - Jean II */
592 memcpy(wrqu.addr.sa_data, hdr.addr1, ETH_ALEN);
593 wrqu.addr.sa_family = ARPHRD_ETHER;
594
595 /* Send event to user space */
596 wireless_send_event(dev, IWEVTXDROP, &wrqu, NULL);
597 }
1da177e4
LT		 598
599 netif_wake_queue(dev);
1da177e4
LT		 600}
601
602static void orinoco_tx_timeout(struct net_device *dev)
603{
604 struct orinoco_private *priv = netdev_priv(dev);
605 struct net_device_stats *stats = &priv->stats;
606 struct hermes *hw = &priv->hw;
607
608 printk(KERN_WARNING "%s: Tx timeout! "
609 "ALLOCFID=%04x, TXCOMPLFID=%04x, EVSTAT=%04x\n",
610 dev->name, hermes_read_regn(hw, ALLOCFID),
611 hermes_read_regn(hw, TXCOMPLFID), hermes_read_regn(hw, EVSTAT));
612
613 stats->tx_errors++;
614
615 schedule_work(&priv->reset_work);
616}
617
618/********************************************************************/
619/* Rx path (data frames) */
620/********************************************************************/
621
622/* Does the frame have a SNAP header indicating it should be
623 * de-encapsulated to Ethernet-II? */
624static inline int is_ethersnap(void *_hdr)
625{
626 u8 *hdr = _hdr;
627
628 /* We de-encapsulate all packets which, a) have SNAP headers
629 * (i.e. SSAP=DSAP=0xaa and CTRL=0x3 in the 802.2 LLC header
630 * and where b) the OUI of the SNAP header is 00:00:00 or
631 * 00:00:f8 - we need both because different APs appear to use
632 * different OUIs for some reason */
633 return (memcmp(hdr, &encaps_hdr, 5) == 0)
a94e8427 634 && ((hdr[5] == 0x00) || (hdr[5] == 0xf8));
1da177e4
LT		 635}
636
637static inline void orinoco_spy_gather(struct net_device *dev, u_char *mac,
638 int level, int noise)
639{
343c686c
PR		 640 struct iw_quality wstats;
641 wstats.level = level - 0x95;
642 wstats.noise = noise - 0x95;
643 wstats.qual = (level > noise) ? (level - noise) : 0;
f941f859 644 wstats.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
343c686c
PR		 645 /* Update spy records */
646 wireless_spy_update(dev, mac, &wstats);
1da177e4
LT		 647}
648
649static void orinoco_stat_gather(struct net_device *dev,
650 struct sk_buff *skb,
651 struct hermes_rx_descriptor *desc)
652{
653 struct orinoco_private *priv = netdev_priv(dev);
654
655 /* Using spy support with lots of Rx packets, like in an
656 * infrastructure (AP), will really slow down everything, because
657 * the MAC address must be compared to each entry of the spy list.
658 * If the user really asks for it (set some address in the
659 * spy list), we do it, but he will pay the price.
660 * Note that to get here, you need both WIRELESS_SPY
661 * compiled in AND some addresses in the list !!!
662 */
663 /* Note : gcc will optimise the whole section away if
664 * WIRELESS_SPY is not defined... - Jean II */
665 if (SPY_NUMBER(priv)) {
98e399f8 666 orinoco_spy_gather(dev, skb_mac_header(skb) + ETH_ALEN,
1da177e4
LT		 667 desc->signal, desc->silence);
668 }
669}
670
98c4cae1
CH		 671/*
672 * orinoco_rx_monitor - handle received monitor frames.
673 *
674 * Arguments:
675 * dev network device
676 * rxfid received FID
677 * desc rx descriptor of the frame
678 *
679 * Call context: interrupt
680 */
681static void orinoco_rx_monitor(struct net_device *dev, u16 rxfid,
682 struct hermes_rx_descriptor *desc)
683{
684 u32 hdrlen = 30; /* return full header by default */
685 u32 datalen = 0;
686 u16 fc;
687 int err;
688 int len;
689 struct sk_buff *skb;
690 struct orinoco_private *priv = netdev_priv(dev);
691 struct net_device_stats *stats = &priv->stats;
692 hermes_t *hw = &priv->hw;
693
694 len = le16_to_cpu(desc->data_len);
695
696 /* Determine the size of the header and the data */
697 fc = le16_to_cpu(desc->frame_ctl);
698 switch (fc & IEEE80211_FCTL_FTYPE) {
699 case IEEE80211_FTYPE_DATA:
700 if ((fc & IEEE80211_FCTL_TODS)
701 && (fc & IEEE80211_FCTL_FROMDS))
702 hdrlen = 30;
703 else
704 hdrlen = 24;
705 datalen = len;
706 break;
707 case IEEE80211_FTYPE_MGMT:
708 hdrlen = 24;
709 datalen = len;
710 break;
711 case IEEE80211_FTYPE_CTL:
712 switch (fc & IEEE80211_FCTL_STYPE) {
713 case IEEE80211_STYPE_PSPOLL:
714 case IEEE80211_STYPE_RTS:
715 case IEEE80211_STYPE_CFEND:
716 case IEEE80211_STYPE_CFENDACK:
717 hdrlen = 16;
718 break;
719 case IEEE80211_STYPE_CTS:
720 case IEEE80211_STYPE_ACK:
721 hdrlen = 10;
722 break;
723 }
724 break;
725 default:
726 /* Unknown frame type */
727 break;
728 }
729
730 /* sanity check the length */
2c706002 731 if (datalen > IEEE80211_MAX_DATA_LEN + 12) {
98c4cae1
CH		 732 printk(KERN_DEBUG "%s: oversized monitor frame, "
733 "data length = %d\n", dev->name, datalen);
98c4cae1
CH		 734 stats->rx_length_errors++;
735 goto update_stats;
736 }
737
738 skb = dev_alloc_skb(hdrlen + datalen);
739 if (!skb) {
740 printk(KERN_WARNING "%s: Cannot allocate skb for monitor frame\n",
741 dev->name);
bb6e093d 742 goto update_stats;
98c4cae1
CH		 743 }
744
745 /* Copy the 802.11 header to the skb */
746 memcpy(skb_put(skb, hdrlen), &(desc->frame_ctl), hdrlen);
459a98ed 747 skb_reset_mac_header(skb);
98c4cae1
CH		 748
749 /* If any, copy the data from the card to the skb */
750 if (datalen > 0) {
751 err = hermes_bap_pread(hw, IRQ_BAP, skb_put(skb, datalen),
752 ALIGN(datalen, 2), rxfid,
753 HERMES_802_2_OFFSET);
754 if (err) {
755 printk(KERN_ERR "%s: error %d reading monitor frame\n",
756 dev->name, err);
757 goto drop;
758 }
759 }
760
761 skb->dev = dev;
762 skb->ip_summed = CHECKSUM_NONE;
763 skb->pkt_type = PACKET_OTHERHOST;
c1b4aa3f 764 skb->protocol = cpu_to_be16(ETH_P_802_2);
6fe9deb1 765
98c4cae1
CH		 766 stats->rx_packets++;
767 stats->rx_bytes += skb->len;
768
769 netif_rx(skb);
770 return;
771
772 drop:
773 dev_kfree_skb_irq(skb);
774 update_stats:
775 stats->rx_errors++;
776 stats->rx_dropped++;
777}
778
1da177e4
LT		 779static void __orinoco_ev_rx(struct net_device *dev, hermes_t *hw)
780{
781 struct orinoco_private *priv = netdev_priv(dev);
782 struct net_device_stats *stats = &priv->stats;
783 struct iw_statistics *wstats = &priv->wstats;
784 struct sk_buff *skb = NULL;
31afcef3 785 u16 rxfid, status;
8f2abf44 786 int length;
31afcef3
DK		 787 struct hermes_rx_descriptor *desc;
788 struct orinoco_rx_data *rx_data;
1da177e4
LT		 789 int err;
790
31afcef3
DK		 791 desc = kmalloc(sizeof(*desc), GFP_ATOMIC);
792 if (!desc) {
793 printk(KERN_WARNING
794 "%s: Can't allocate space for RX descriptor\n",
795 dev->name);
796 goto update_stats;
797 }
798
1da177e4
LT		 799 rxfid = hermes_read_regn(hw, RXFID);
800
31afcef3 801 err = hermes_bap_pread(hw, IRQ_BAP, desc, sizeof(*desc),
1da177e4
LT		 802 rxfid, 0);
803 if (err) {
804 printk(KERN_ERR "%s: error %d reading Rx descriptor. "
805 "Frame dropped.\n", dev->name, err);
98c4cae1 806 goto update_stats;
1da177e4
LT		 807 }
808
31afcef3 809 status = le16_to_cpu(desc->status);
1da177e4 810
98c4cae1
CH		 811 if (status & HERMES_RXSTAT_BADCRC) {
812 DEBUG(1, "%s: Bad CRC on Rx. Frame dropped.\n",
813 dev->name);
814 stats->rx_crc_errors++;
815 goto update_stats;
1da177e4
LT		 816 }
817
98c4cae1
CH		 818 /* Handle frames in monitor mode */
819 if (priv->iw_mode == IW_MODE_MONITOR) {
31afcef3
DK		 820 orinoco_rx_monitor(dev, rxfid, desc);
821 goto out;
98c4cae1 822 }
1da177e4 823
98c4cae1
CH		 824 if (status & HERMES_RXSTAT_UNDECRYPTABLE) {
825 DEBUG(1, "%s: Undecryptable frame on Rx. Frame dropped.\n",
826 dev->name);
827 wstats->discard.code++;
828 goto update_stats;
1da177e4
LT		 829 }
830
31afcef3 831 length = le16_to_cpu(desc->data_len);
8f2abf44 832
1da177e4
LT		 833 /* Sanity checks */
834 if (length < 3) { /* No for even an 802.2 LLC header */
835 /* At least on Symbol firmware with PCF we get quite a
6fe9deb1
DK		 836 lot of these legitimately - Poll frames with no
837 data. */
31afcef3 838 goto out;
1da177e4 839 }
2c706002 840 if (length > IEEE80211_MAX_DATA_LEN) {
1da177e4
LT		 841 printk(KERN_WARNING "%s: Oversized frame received (%d bytes)\n",
842 dev->name, length);
843 stats->rx_length_errors++;
98c4cae1 844 goto update_stats;
1da177e4
LT		 845 }
846
23edcc41
DK		 847 /* Payload size does not include Michael MIC. Increase payload
848 * size to read it together with the data. */
849 if (status & HERMES_RXSTAT_MIC)
850 length += MICHAEL_MIC_LEN;
851
1da177e4
LT		 852 /* We need space for the packet data itself, plus an ethernet
853 header, plus 2 bytes so we can align the IP header on a
854 32bit boundary, plus 1 byte so we can read in odd length
855 packets from the card, which has an IO granularity of 16
6fe9deb1 856 bits */
1da177e4
LT		 857 skb = dev_alloc_skb(length+ETH_HLEN+2+1);
858 if (!skb) {
859 printk(KERN_WARNING "%s: Can't allocate skb for Rx\n",
860 dev->name);
98c4cae1 861 goto update_stats;
1da177e4
LT		 862 }
863
8f2abf44
CH		 864 /* We'll prepend the header, so reserve space for it. The worst
865 case is no decapsulation, when 802.3 header is prepended and
866 nothing is removed. 2 is for aligning the IP header. */
867 skb_reserve(skb, ETH_HLEN + 2);
868
869 err = hermes_bap_pread(hw, IRQ_BAP, skb_put(skb, length),
870 ALIGN(length, 2), rxfid,
871 HERMES_802_2_OFFSET);
872 if (err) {
873 printk(KERN_ERR "%s: error %d reading frame. "
874 "Frame dropped.\n", dev->name, err);
8f2abf44
CH		 875 goto drop;
876 }
1da177e4 877
31afcef3
DK		 878 /* Add desc and skb to rx queue */
879 rx_data = kzalloc(sizeof(*rx_data), GFP_ATOMIC);
880 if (!rx_data) {
881 printk(KERN_WARNING "%s: Can't allocate RX packet\n",
882 dev->name);
883 goto drop;
884 }
885 rx_data->desc = desc;
886 rx_data->skb = skb;
887 list_add_tail(&rx_data->list, &priv->rx_list);
888 tasklet_schedule(&priv->rx_tasklet);
889
890 return;
891
892drop:
893 dev_kfree_skb_irq(skb);
894update_stats:
895 stats->rx_errors++;
896 stats->rx_dropped++;
897out:
898 kfree(desc);
899}
900
901static void orinoco_rx(struct net_device *dev,
902 struct hermes_rx_descriptor *desc,
903 struct sk_buff *skb)
904{
905 struct orinoco_private *priv = netdev_priv(dev);
906 struct net_device_stats *stats = &priv->stats;
907 u16 status, fc;
908 int length;
909 struct ethhdr *hdr;
910
911 status = le16_to_cpu(desc->status);
912 length = le16_to_cpu(desc->data_len);
913 fc = le16_to_cpu(desc->frame_ctl);
914
23edcc41
DK		 915 /* Calculate and check MIC */
916 if (status & HERMES_RXSTAT_MIC) {
917 int key_id = ((status & HERMES_RXSTAT_MIC_KEY_ID) >>
918 HERMES_MIC_KEY_ID_SHIFT);
919 u8 mic[MICHAEL_MIC_LEN];
920 u8 *rxmic;
921 u8 *src = (fc & IEEE80211_FCTL_FROMDS) ?
922 desc->addr3 : desc->addr2;
923
924 /* Extract Michael MIC from payload */
925 rxmic = skb->data + skb->len - MICHAEL_MIC_LEN;
926
927 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
928 length -= MICHAEL_MIC_LEN;
929
4adb474b 930 orinoco_mic(priv->rx_tfm_mic,
23edcc41
DK		 931 priv->tkip_key[key_id].rx_mic,
932 desc->addr1,
933 src,
934 0, /* priority or QoS? */
935 skb->data,
936 skb->len,
937 &mic[0]);
938
939 if (memcmp(mic, rxmic,
940 MICHAEL_MIC_LEN)) {
941 union iwreq_data wrqu;
942 struct iw_michaelmicfailure wxmic;
23edcc41
DK		 943
944 printk(KERN_WARNING "%s: "
e174961c 945 "Invalid Michael MIC in data frame from %pM, "
23edcc41 946 "using key %i\n",
e174961c 947 dev->name, src, key_id);
23edcc41
DK		 948
949 /* TODO: update stats */
950
951 /* Notify userspace */
952 memset(&wxmic, 0, sizeof(wxmic));
953 wxmic.flags = key_id & IW_MICFAILURE_KEY_ID;
954 wxmic.flags |= (desc->addr1[0] & 1) ?
955 IW_MICFAILURE_GROUP : IW_MICFAILURE_PAIRWISE;
956 wxmic.src_addr.sa_family = ARPHRD_ETHER;
957 memcpy(wxmic.src_addr.sa_data, src, ETH_ALEN);
958
959 (void) orinoco_hw_get_tkip_iv(priv, key_id,
960 &wxmic.tsc[0]);
961
962 memset(&wrqu, 0, sizeof(wrqu));
963 wrqu.data.length = sizeof(wxmic);
964 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu,
965 (char *) &wxmic);
966
967 goto drop;
968 }
969 }
970
1da177e4
LT		 971 /* Handle decapsulation
972 * In most cases, the firmware tell us about SNAP frames.
973 * For some reason, the SNAP frames sent by LinkSys APs
974 * are not properly recognised by most firmwares.
975 * So, check ourselves */
8f2abf44
CH		 976 if (length >= ENCAPS_OVERHEAD &&
977 (((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_1042) ||
978 ((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_TUNNEL) ||
979 is_ethersnap(skb->data))) {
1da177e4
LT		 980 /* These indicate a SNAP within 802.2 LLC within
981 802.11 frame which we'll need to de-encapsulate to
982 the original EthernetII frame. */
b2f30a0a
DK		 983 hdr = (struct ethhdr *)skb_push(skb,
984 ETH_HLEN - ENCAPS_OVERHEAD);
1da177e4 985 } else {
8f2abf44
CH		 986 /* 802.3 frame - prepend 802.3 header as is */
987 hdr = (struct ethhdr *)skb_push(skb, ETH_HLEN);
988 hdr->h_proto = htons(length);
1da177e4 989 }
31afcef3 990 memcpy(hdr->h_dest, desc->addr1, ETH_ALEN);
8f2abf44 991 if (fc & IEEE80211_FCTL_FROMDS)
31afcef3 992 memcpy(hdr->h_source, desc->addr3, ETH_ALEN);
8f2abf44 993 else
31afcef3 994 memcpy(hdr->h_source, desc->addr2, ETH_ALEN);
1da177e4 995
1da177e4
LT		 996 skb->protocol = eth_type_trans(skb, dev);
997 skb->ip_summed = CHECKSUM_NONE;
8f2abf44
CH		 998 if (fc & IEEE80211_FCTL_TODS)
999 skb->pkt_type = PACKET_OTHERHOST;
6fe9deb1 1000
1da177e4 1001 /* Process the wireless stats if needed */
31afcef3 1002 orinoco_stat_gather(dev, skb, desc);
1da177e4
LT		 1003
1004 /* Pass the packet to the networking stack */
1005 netif_rx(skb);
1006 stats->rx_packets++;
1007 stats->rx_bytes += length;
1008
1009 return;
23edcc41
DK		 1010
1011 drop:
1012 dev_kfree_skb(skb);
1013 stats->rx_errors++;
1014 stats->rx_dropped++;
31afcef3 1015}
1da177e4 1016
31afcef3
DK		 1017static void orinoco_rx_isr_tasklet(unsigned long data)
1018{
1019 struct net_device *dev = (struct net_device *) data;
1020 struct orinoco_private *priv = netdev_priv(dev);
1021 struct orinoco_rx_data *rx_data, *temp;
1022 struct hermes_rx_descriptor *desc;
1023 struct sk_buff *skb;
20953ad6
DK		 1024 unsigned long flags;
1025
1026 /* orinoco_rx requires the driver lock, and we also need to
1027 * protect priv->rx_list, so just hold the lock over the
1028 * lot.
1029 *
1030 * If orinoco_lock fails, we've unplugged the card. In this
1031 * case just abort. */
1032 if (orinoco_lock(priv, &flags) != 0)
1033 return;
31afcef3
DK		 1034
1035 /* extract desc and skb from queue */
1036 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
1037 desc = rx_data->desc;
1038 skb = rx_data->skb;
1039 list_del(&rx_data->list);
1040 kfree(rx_data);
1041
1042 orinoco_rx(dev, desc, skb);
1043
1044 kfree(desc);
1045 }
20953ad6
DK		 1046
1047 orinoco_unlock(priv, &flags);
1da177e4
LT		 1048}
1049
1050/********************************************************************/
1051/* Rx path (info frames) */
1052/********************************************************************/
1053
1054static void print_linkstatus(struct net_device *dev, u16 status)
1055{
2131266d 1056 char *s;
1da177e4
LT		 1057
1058 if (suppress_linkstatus)
1059 return;
1060
1061 switch (status) {
1062 case HERMES_LINKSTATUS_NOT_CONNECTED:
1063 s = "Not Connected";
1064 break;
1065 case HERMES_LINKSTATUS_CONNECTED:
1066 s = "Connected";
1067 break;
1068 case HERMES_LINKSTATUS_DISCONNECTED:
1069 s = "Disconnected";
1070 break;
1071 case HERMES_LINKSTATUS_AP_CHANGE:
1072 s = "AP Changed";
1073 break;
1074 case HERMES_LINKSTATUS_AP_OUT_OF_RANGE:
1075 s = "AP Out of Range";
1076 break;
1077 case HERMES_LINKSTATUS_AP_IN_RANGE:
1078 s = "AP In Range";
1079 break;
1080 case HERMES_LINKSTATUS_ASSOC_FAILED:
1081 s = "Association Failed";
1082 break;
1083 default:
1084 s = "UNKNOWN";
1085 }
6fe9deb1 1086
11eaea41 1087 printk(KERN_DEBUG "%s: New link status: %s (%04x)\n",
1da177e4
LT		 1088 dev->name, s, status);
1089}
1090
16739b06 1091/* Search scan results for requested BSSID, join it if found */
c4028958 1092static void orinoco_join_ap(struct work_struct *work)
16739b06 1093{
c4028958
DH		 1094 struct orinoco_private *priv =
1095 container_of(work, struct orinoco_private, join_work);
1096 struct net_device *dev = priv->ndev;
16739b06
CH		 1097 struct hermes *hw = &priv->hw;
1098 int err;
1099 unsigned long flags;
1100 struct join_req {
1101 u8 bssid[ETH_ALEN];
d133ae4c 1102 __le16 channel;
16739b06
CH		 1103 } __attribute__ ((packed)) req;
1104 const int atom_len = offsetof(struct prism2_scan_apinfo, atim);
c89cc225 1105 struct prism2_scan_apinfo *atom = NULL;
16739b06 1106 int offset = 4;
c89cc225 1107 int found = 0;
16739b06
CH		 1108 u8 *buf;
1109 u16 len;
1110
1111 /* Allocate buffer for scan results */
1112 buf = kmalloc(MAX_SCAN_LEN, GFP_KERNEL);
a94e8427 1113 if (!buf)
16739b06
CH		 1114 return;
1115
1116 if (orinoco_lock(priv, &flags) != 0)
f3cb4cc1 1117 goto fail_lock;
16739b06
CH		 1118
1119 /* Sanity checks in case user changed something in the meantime */
a94e8427 1120 if (!priv->bssid_fixed)
16739b06
CH		 1121 goto out;
1122
1123 if (strlen(priv->desired_essid) == 0)
1124 goto out;
1125
1126 /* Read scan results from the firmware */
1127 err = hermes_read_ltv(hw, USER_BAP,
1128 HERMES_RID_SCANRESULTSTABLE,
1129 MAX_SCAN_LEN, &len, buf);
1130 if (err) {
1131 printk(KERN_ERR "%s: Cannot read scan results\n",
1132 dev->name);
1133 goto out;
1134 }
1135
1136 len = HERMES_RECLEN_TO_BYTES(len);
1137
1138 /* Go through the scan results looking for the channel of the AP
1139 * we were requested to join */
1140 for (; offset + atom_len <= len; offset += atom_len) {
1141 atom = (struct prism2_scan_apinfo *) (buf + offset);
c89cc225
PR		 1142 if (memcmp(&atom->bssid, priv->desired_bssid, ETH_ALEN) == 0) {
1143 found = 1;
1144 break;
1145 }
16739b06
CH		 1146 }
1147
a94e8427 1148 if (!found) {
c89cc225
PR		 1149 DEBUG(1, "%s: Requested AP not found in scan results\n",
1150 dev->name);
1151 goto out;
1152 }
16739b06 1153
16739b06
CH		 1154 memcpy(req.bssid, priv->desired_bssid, ETH_ALEN);
1155 req.channel = atom->channel; /* both are little-endian */
1156 err = HERMES_WRITE_RECORD(hw, USER_BAP, HERMES_RID_CNFJOINREQUEST,
1157 &req);
1158 if (err)
1159 printk(KERN_ERR "%s: Error issuing join request\n", dev->name);
1160
1161 out:
16739b06 1162 orinoco_unlock(priv, &flags);
f3cb4cc1
PR		 1163
1164 fail_lock:
1165 kfree(buf);
16739b06
CH		 1166}
1167
95dd91fb 1168/* Send new BSSID to userspace */
6cd90b1c 1169static void orinoco_send_bssid_wevent(struct orinoco_private *priv)
95dd91fb 1170{
c4028958 1171 struct net_device *dev = priv->ndev;
95dd91fb
CH		 1172 struct hermes *hw = &priv->hw;
1173 union iwreq_data wrqu;
1174 int err;
95dd91fb 1175
499b702a 1176 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTBSSID,
95dd91fb
CH		 1177 ETH_ALEN, NULL, wrqu.ap_addr.sa_data);
1178 if (err != 0)
6cd90b1c 1179 return;
95dd91fb
CH		 1180
1181 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1182
1183 /* Send event to user space */
1184 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
6cd90b1c
DK		 1185}
1186
06009fda
DK		 1187static void orinoco_send_assocreqie_wevent(struct orinoco_private *priv)
1188{
1189 struct net_device *dev = priv->ndev;
1190 struct hermes *hw = &priv->hw;
1191 union iwreq_data wrqu;
1192 int err;
1193 u8 buf[88];
1194 u8 *ie;
1195
1196 if (!priv->has_wpa)
1197 return;
1198
499b702a 1199 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_ASSOC_REQ_INFO,
06009fda
DK		 1200 sizeof(buf), NULL, &buf);
1201 if (err != 0)
1202 return;
1203
1204 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1205 if (ie) {
1206 int rem = sizeof(buf) - (ie - &buf[0]);
1207 wrqu.data.length = ie[1] + 2;
1208 if (wrqu.data.length > rem)
1209 wrqu.data.length = rem;
1210
1211 if (wrqu.data.length)
1212 /* Send event to user space */
1213 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, ie);
1214 }
1215}
1216
1217static void orinoco_send_assocrespie_wevent(struct orinoco_private *priv)
1218{
1219 struct net_device *dev = priv->ndev;
1220 struct hermes *hw = &priv->hw;
1221 union iwreq_data wrqu;
1222 int err;
1223 u8 buf[88]; /* TODO: verify max size or IW_GENERIC_IE_MAX */
1224 u8 *ie;
1225
1226 if (!priv->has_wpa)
1227 return;
1228
499b702a 1229 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_ASSOC_RESP_INFO,
06009fda
DK		 1230 sizeof(buf), NULL, &buf);
1231 if (err != 0)
1232 return;
1233
1234 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1235 if (ie) {
1236 int rem = sizeof(buf) - (ie - &buf[0]);
1237 wrqu.data.length = ie[1] + 2;
1238 if (wrqu.data.length > rem)
1239 wrqu.data.length = rem;
1240
1241 if (wrqu.data.length)
1242 /* Send event to user space */
1243 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, ie);
1244 }
1245}
1246
6cd90b1c
DK		 1247static void orinoco_send_wevents(struct work_struct *work)
1248{
1249 struct orinoco_private *priv =
1250 container_of(work, struct orinoco_private, wevent_work);
1251 unsigned long flags;
1252
1253 if (orinoco_lock(priv, &flags) != 0)
1254 return;
1255
06009fda
DK		 1256 orinoco_send_assocreqie_wevent(priv);
1257 orinoco_send_assocrespie_wevent(priv);
6cd90b1c 1258 orinoco_send_bssid_wevent(priv);
8aeabc37 1259
95dd91fb
CH		 1260 orinoco_unlock(priv, &flags);
1261}
1262
1da177e4
LT		 1263static void __orinoco_ev_info(struct net_device *dev, hermes_t *hw)
1264{
1265 struct orinoco_private *priv = netdev_priv(dev);
1266 u16 infofid;
1267 struct {
d133ae4c
PR		 1268 __le16 len;
1269 __le16 type;
1da177e4
LT		 1270 } __attribute__ ((packed)) info;
1271 int len, type;
1272 int err;
1273
1274 /* This is an answer to an INQUIRE command that we did earlier,
1275 * or an information "event" generated by the card
1276 * The controller return to us a pseudo frame containing
1277 * the information in question - Jean II */
1278 infofid = hermes_read_regn(hw, INFOFID);
1279
1280 /* Read the info frame header - don't try too hard */
1281 err = hermes_bap_pread(hw, IRQ_BAP, &info, sizeof(info),
1282 infofid, 0);
1283 if (err) {
1284 printk(KERN_ERR "%s: error %d reading info frame. "
1285 "Frame dropped.\n", dev->name, err);
1286 return;
1287 }
6fe9deb1 1288
1da177e4
LT		 1289 len = HERMES_RECLEN_TO_BYTES(le16_to_cpu(info.len));
1290 type = le16_to_cpu(info.type);
1291
1292 switch (type) {
1293 case HERMES_INQ_TALLIES: {
1294 struct hermes_tallies_frame tallies;
1295 struct iw_statistics *wstats = &priv->wstats;
6fe9deb1 1296
1da177e4
LT		 1297 if (len > sizeof(tallies)) {
1298 printk(KERN_WARNING "%s: Tallies frame too long (%d bytes)\n",
1299 dev->name, len);
1300 len = sizeof(tallies);
1301 }
6fe9deb1 1302
84d8a2fb
CH		 1303 err = hermes_bap_pread(hw, IRQ_BAP, &tallies, len,
1304 infofid, sizeof(info));
1305 if (err)
1306 break;
6fe9deb1 1307
1da177e4
LT		 1308 /* Increment our various counters */
1309 /* wstats->discard.nwid - no wrong BSSID stuff */
1310 wstats->discard.code +=
1311 le16_to_cpu(tallies.RxWEPUndecryptable);
6fe9deb1 1312 if (len == sizeof(tallies))
1da177e4
LT		 1313 wstats->discard.code +=
1314 le16_to_cpu(tallies.RxDiscards_WEPICVError) +
1315 le16_to_cpu(tallies.RxDiscards_WEPExcluded);
1316 wstats->discard.misc +=
1317 le16_to_cpu(tallies.TxDiscardsWrongSA);
1318 wstats->discard.fragment +=
1319 le16_to_cpu(tallies.RxMsgInBadMsgFragments);
1320 wstats->discard.retries +=
1321 le16_to_cpu(tallies.TxRetryLimitExceeded);
1322 /* wstats->miss.beacon - no match */
1323 }
1324 break;
1325 case HERMES_INQ_LINKSTATUS: {
1326 struct hermes_linkstatus linkstatus;
1327 u16 newstatus;
1328 int connected;
1329
8f2abf44
CH		 1330 if (priv->iw_mode == IW_MODE_MONITOR)
1331 break;
1332
1da177e4
LT		 1333 if (len != sizeof(linkstatus)) {
1334 printk(KERN_WARNING "%s: Unexpected size for linkstatus frame (%d bytes)\n",
1335 dev->name, len);
1336 break;
1337 }
1338
84d8a2fb
CH		 1339 err = hermes_bap_pread(hw, IRQ_BAP, &linkstatus, len,
1340 infofid, sizeof(info));
1341 if (err)
1342 break;
1da177e4
LT		 1343 newstatus = le16_to_cpu(linkstatus.linkstatus);
1344
95dd91fb
CH		 1345 /* Symbol firmware uses "out of range" to signal that
1346 * the hostscan frame can be requested. */
1347 if (newstatus == HERMES_LINKSTATUS_AP_OUT_OF_RANGE &&
1348 priv->firmware_type == FIRMWARE_TYPE_SYMBOL &&
1349 priv->has_hostscan && priv->scan_inprogress) {
1350 hermes_inquire(hw, HERMES_INQ_HOSTSCAN_SYMBOL);
1351 break;
1352 }
1353
1da177e4
LT		 1354 connected = (newstatus == HERMES_LINKSTATUS_CONNECTED)
1355 || (newstatus == HERMES_LINKSTATUS_AP_CHANGE)
1356 || (newstatus == HERMES_LINKSTATUS_AP_IN_RANGE);
1357
1358 if (connected)
1359 netif_carrier_on(dev);
7bb7c3a3 1360 else if (!ignore_disconnect)
1da177e4
LT		 1361 netif_carrier_off(dev);
1362
95dd91fb
CH		 1363 if (newstatus != priv->last_linkstatus) {
1364 priv->last_linkstatus = newstatus;
1da177e4 1365 print_linkstatus(dev, newstatus);
95dd91fb
CH		 1366 /* The info frame contains only one word which is the
1367 * status (see hermes.h). The status is pretty boring
1368 * in itself, that's why we export the new BSSID...
1369 * Jean II */
1370 schedule_work(&priv->wevent_work);
1371 }
1372 }
1373 break;
1374 case HERMES_INQ_SCAN:
1375 if (!priv->scan_inprogress && priv->bssid_fixed &&
1376 priv->firmware_type == FIRMWARE_TYPE_INTERSIL) {
1377 schedule_work(&priv->join_work);
1378 break;
1379 }
1380 /* fall through */
1381 case HERMES_INQ_HOSTSCAN:
1382 case HERMES_INQ_HOSTSCAN_SYMBOL: {
1383 /* Result of a scanning. Contains information about
1384 * cells in the vicinity - Jean II */
1385 union iwreq_data wrqu;
1386 unsigned char *buf;
1387
1e3428e9
DW		 1388 /* Scan is no longer in progress */
1389 priv->scan_inprogress = 0;
1390
95dd91fb
CH		 1391 /* Sanity check */
1392 if (len > 4096) {
1393 printk(KERN_WARNING "%s: Scan results too large (%d bytes)\n",
1394 dev->name, len);
1395 break;
1396 }
1397
95dd91fb
CH		 1398 /* Allocate buffer for results */
1399 buf = kmalloc(len, GFP_ATOMIC);
1400 if (buf == NULL)
1401 /* No memory, so can't printk()... */
1402 break;
1403
1404 /* Read scan data */
1405 err = hermes_bap_pread(hw, IRQ_BAP, (void *) buf, len,
1406 infofid, sizeof(info));
708218b0
PR		 1407 if (err) {
1408 kfree(buf);
95dd91fb 1409 break;
708218b0 1410 }
1da177e4 1411
95dd91fb
CH		 1412#ifdef ORINOCO_DEBUG
1413 {
1414 int i;
1415 printk(KERN_DEBUG "Scan result [%02X", buf[0]);
a94e8427 1416 for (i = 1; i < (len * 2); i++)
95dd91fb
CH		 1417 printk(":%02X", buf[i]);
1418 printk("]\n");
1419 }
1420#endif /* ORINOCO_DEBUG */
1421
aea48b15 1422 if (orinoco_process_scan_results(priv, buf, len) == 0) {
1e3428e9
DW		 1423 /* Send an empty event to user space.
1424 * We don't send the received data on the event because
1425 * it would require us to do complex transcoding, and
1426 * we want to minimise the work done in the irq handler
1427 * Use a request to extract the data - Jean II */
1428 wrqu.data.length = 0;
1429 wrqu.data.flags = 0;
1430 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
1431 }
1432 kfree(buf);
1da177e4
LT		 1433 }
1434 break;
01632fa4
DK		 1435 case HERMES_INQ_CHANNELINFO:
1436 {
1437 struct agere_ext_scan_info *bss;
1438
1439 if (!priv->scan_inprogress) {
1440 printk(KERN_DEBUG "%s: Got chaninfo without scan, "
1441 "len=%d\n", dev->name, len);
1442 break;
1443 }
1444
1445 /* An empty result indicates that the scan is complete */
1446 if (len == 0) {
1447 union iwreq_data wrqu;
1448
1449 /* Scan is no longer in progress */
1450 priv->scan_inprogress = 0;
1451
1452 wrqu.data.length = 0;
1453 wrqu.data.flags = 0;
1454 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
1455 break;
1456 }
1457
1458 /* Sanity check */
1459 else if (len > sizeof(*bss)) {
1460 printk(KERN_WARNING
1461 "%s: Ext scan results too large (%d bytes). "
1462 "Truncating results to %zd bytes.\n",
1463 dev->name, len, sizeof(*bss));
1464 len = sizeof(*bss);
1465 } else if (len < (offsetof(struct agere_ext_scan_info,
1466 data) + 2)) {
1467 /* Drop this result now so we don't have to
1468 * keep checking later */
1469 printk(KERN_WARNING
1470 "%s: Ext scan results too short (%d bytes)\n",
1471 dev->name, len);
1472 break;
1473 }
1474
1475 bss = kmalloc(sizeof(*bss), GFP_ATOMIC);
1476 if (bss == NULL)
1477 break;
1478
1479 /* Read scan data */
1480 err = hermes_bap_pread(hw, IRQ_BAP, (void *) bss, len,
1481 infofid, sizeof(info));
1482 if (err) {
1483 kfree(bss);
1484 break;
1485 }
1486
1487 orinoco_add_ext_scan_result(priv, bss);
1488
1489 kfree(bss);
1490 break;
1491 }
95dd91fb
CH		 1492 case HERMES_INQ_SEC_STAT_AGERE:
1493 /* Security status (Agere specific) */
1494 /* Ignore this frame for now */
1495 if (priv->firmware_type == FIRMWARE_TYPE_AGERE)
1496 break;
1497 /* fall through */
1da177e4
LT		 1498 default:
1499 printk(KERN_DEBUG "%s: Unknown information frame received: "
1500 "type 0x%04x, length %d\n", dev->name, type, len);
1501 /* We don't actually do anything about it */
1502 break;
1503 }
1504}
1505
1506static void __orinoco_ev_infdrop(struct net_device *dev, hermes_t *hw)
1507{
1508 if (net_ratelimit())
1509 printk(KERN_DEBUG "%s: Information frame lost.\n", dev->name);
1510}
1511
1512/********************************************************************/
1513/* Internal hardware control routines */
1514/********************************************************************/
1515
1516int __orinoco_up(struct net_device *dev)
1517{
1518 struct orinoco_private *priv = netdev_priv(dev);
1519 struct hermes *hw = &priv->hw;
1520 int err;
1521
84d8a2fb
CH		 1522 netif_carrier_off(dev); /* just to make sure */
1523
1da177e4
LT		 1524 err = __orinoco_program_rids(dev);
1525 if (err) {
1526 printk(KERN_ERR "%s: Error %d configuring card\n",
1527 dev->name, err);
1528 return err;
1529 }
1530
1531 /* Fire things up again */
1532 hermes_set_irqmask(hw, ORINOCO_INTEN);
1533 err = hermes_enable_port(hw, 0);
1534 if (err) {
1535 printk(KERN_ERR "%s: Error %d enabling MAC port\n",
1536 dev->name, err);
1537 return err;
1538 }
1539
1540 netif_start_queue(dev);
1541
1542 return 0;
1543}
2131266d 1544EXPORT_SYMBOL(__orinoco_up);
1da177e4
LT		 1545
1546int __orinoco_down(struct net_device *dev)
1547{
1548 struct orinoco_private *priv = netdev_priv(dev);
1549 struct hermes *hw = &priv->hw;
1550 int err;
1551
1552 netif_stop_queue(dev);
1553
a94e8427
DK		 1554 if (!priv->hw_unavailable) {
1555 if (!priv->broken_disableport) {
1da177e4
LT		 1556 err = hermes_disable_port(hw, 0);
1557 if (err) {
1558 /* Some firmwares (e.g. Intersil 1.3.x) seem
1559 * to have problems disabling the port, oh
1560 * well, too bad. */
1561 printk(KERN_WARNING "%s: Error %d disabling MAC port\n",
1562 dev->name, err);
1563 priv->broken_disableport = 1;
1564 }
1565 }
1566 hermes_set_irqmask(hw, 0);
1567 hermes_write_regn(hw, EVACK, 0xffff);
1568 }
6fe9deb1 1569
1da177e4
LT		 1570 /* firmware will have to reassociate */
1571 netif_carrier_off(dev);
1572 priv->last_linkstatus = 0xffff;
1573
1574 return 0;
1575}
2131266d 1576EXPORT_SYMBOL(__orinoco_down);
1da177e4 1577
37a6c611 1578static int orinoco_allocate_fid(struct net_device *dev)
1da177e4
LT		 1579{
1580 struct orinoco_private *priv = netdev_priv(dev);
1581 struct hermes *hw = &priv->hw;
1582 int err;
1583
1da177e4 1584 err = hermes_allocate(hw, priv->nicbuf_size, &priv->txfid);
b24d4582 1585 if (err == -EIO && priv->nicbuf_size > TX_NICBUF_SIZE_BUG) {
1da177e4 1586 /* Try workaround for old Symbol firmware bug */
1da177e4
LT		 1587 priv->nicbuf_size = TX_NICBUF_SIZE_BUG;
1588 err = hermes_allocate(hw, priv->nicbuf_size, &priv->txfid);
2131266d
DK		 1589
1590 printk(KERN_WARNING "%s: firmware ALLOC bug detected "
1591 "(old Symbol firmware?). Work around %s\n",
1592 dev->name, err ? "failed!" : "ok.");
1da177e4
LT		 1593 }
1594
1595 return err;
1596}
1597
37a6c611
PR		 1598int orinoco_reinit_firmware(struct net_device *dev)
1599{
1600 struct orinoco_private *priv = netdev_priv(dev);
1601 struct hermes *hw = &priv->hw;
1602 int err;
1603
1604 err = hermes_init(hw);
0df6cbb7
AB		 1605 if (priv->do_fw_download && !err) {
1606 err = orinoco_download(priv);
1607 if (err)
1608 priv->do_fw_download = 0;
1609 }
37a6c611
PR		 1610 if (!err)
1611 err = orinoco_allocate_fid(dev);
1612
1613 return err;
1614}
2131266d 1615EXPORT_SYMBOL(orinoco_reinit_firmware);
37a6c611 1616
cb1576a8 1617int __orinoco_program_rids(struct net_device *dev)
1da177e4
LT		 1618{
1619 struct orinoco_private *priv = netdev_priv(dev);
1620 hermes_t *hw = &priv->hw;
1621 int err;
1622 struct hermes_idstring idbuf;
1623
1624 /* Set the MAC address */
1625 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
1626 HERMES_BYTES_TO_RECLEN(ETH_ALEN), dev->dev_addr);
1627 if (err) {
1628 printk(KERN_ERR "%s: Error %d setting MAC address\n",
1629 dev->name, err);
1630 return err;
1631 }
1632
1633 /* Set up the link mode */
1634 err = hermes_write_wordrec(hw, USER_BAP, HERMES_RID_CNFPORTTYPE,
1635 priv->port_type);
1636 if (err) {
1637 printk(KERN_ERR "%s: Error %d setting port type\n",
1638 dev->name, err);
1639 return err;
1640 }
1641 /* Set the channel/frequency */
d51d8b1f
DG		 1642 if (priv->channel != 0 && priv->iw_mode != IW_MODE_INFRA) {
1643 err = hermes_write_wordrec(hw, USER_BAP,
1644 HERMES_RID_CNFOWNCHANNEL,
1645 priv->channel);
1646 if (err) {
1647 printk(KERN_ERR "%s: Error %d setting channel %d\n",
1648 dev->name, err, priv->channel);
1649 return err;
1650 }
1da177e4
LT		 1651 }
1652
1653 if (priv->has_ibss) {
1654 u16 createibss;
1655
1656 if ((strlen(priv->desired_essid) == 0) && (priv->createibss)) {
1657 printk(KERN_WARNING "%s: This firmware requires an "
1658 "ESSID in IBSS-Ad-Hoc mode.\n", dev->name);
1659 /* With wvlan_cs, in this case, we would crash.
1660 * hopefully, this driver will behave better...
1661 * Jean II */
1662 createibss = 0;
1663 } else {
1664 createibss = priv->createibss;
1665 }
6fe9deb1 1666
1da177e4
LT		 1667 err = hermes_write_wordrec(hw, USER_BAP,
1668 HERMES_RID_CNFCREATEIBSS,
1669 createibss);
1670 if (err) {
1671 printk(KERN_ERR "%s: Error %d setting CREATEIBSS\n",
1672 dev->name, err);
1673 return err;
1674 }
1675 }
1676
16739b06
CH		 1677 /* Set the desired BSSID */
1678 err = __orinoco_hw_set_wap(priv);
1679 if (err) {
1680 printk(KERN_ERR "%s: Error %d setting AP address\n",
1681 dev->name, err);
1682 return err;
1683 }
1da177e4
LT		 1684 /* Set the desired ESSID */
1685 idbuf.len = cpu_to_le16(strlen(priv->desired_essid));
1686 memcpy(&idbuf.val, priv->desired_essid, sizeof(idbuf.val));
1687 /* WinXP wants partner to configure OWNSSID even in IBSS mode. (jimc) */
1688 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNSSID,
b2f30a0a
DK		 1689 HERMES_BYTES_TO_RECLEN(strlen(priv->desired_essid)+2),
1690 &idbuf);
1da177e4
LT		 1691 if (err) {
1692 printk(KERN_ERR "%s: Error %d setting OWNSSID\n",
1693 dev->name, err);
1694 return err;
1695 }
1696 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFDESIREDSSID,
b2f30a0a
DK		 1697 HERMES_BYTES_TO_RECLEN(strlen(priv->desired_essid)+2),
1698 &idbuf);
1da177e4
LT		 1699 if (err) {
1700 printk(KERN_ERR "%s: Error %d setting DESIREDSSID\n",
1701 dev->name, err);
1702 return err;
1703 }
1704
1705 /* Set the station name */
1706 idbuf.len = cpu_to_le16(strlen(priv->nick));
1707 memcpy(&idbuf.val, priv->nick, sizeof(idbuf.val));
1708 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNNAME,
1709 HERMES_BYTES_TO_RECLEN(strlen(priv->nick)+2),
1710 &idbuf);
1711 if (err) {
1712 printk(KERN_ERR "%s: Error %d setting nickname\n",
1713 dev->name, err);
1714 return err;
1715 }
1716
1717 /* Set AP density */
1718 if (priv->has_sensitivity) {
1719 err = hermes_write_wordrec(hw, USER_BAP,
1720 HERMES_RID_CNFSYSTEMSCALE,
1721 priv->ap_density);
1722 if (err) {
b2f30a0a 1723 printk(KERN_WARNING "%s: Error %d setting SYSTEMSCALE. "
1da177e4
LT		 1724 "Disabling sensitivity control\n",
1725 dev->name, err);
1726
1727 priv->has_sensitivity = 0;
1728 }
1729 }
1730
1731 /* Set RTS threshold */
1732 err = hermes_write_wordrec(hw, USER_BAP, HERMES_RID_CNFRTSTHRESHOLD,
1733 priv->rts_thresh);
1734 if (err) {
1735 printk(KERN_ERR "%s: Error %d setting RTS threshold\n",
1736 dev->name, err);
1737 return err;
1738 }
1739
1740 /* Set fragmentation threshold or MWO robustness */
1741 if (priv->has_mwo)
1742 err = hermes_write_wordrec(hw, USER_BAP,
1743 HERMES_RID_CNFMWOROBUST_AGERE,
1744 priv->mwo_robust);
1745 else
1746 err = hermes_write_wordrec(hw, USER_BAP,
1747 HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
1748 priv->frag_thresh);
1749 if (err) {
1750 printk(KERN_ERR "%s: Error %d setting fragmentation\n",
1751 dev->name, err);
1752 return err;
1753 }
1754
1755 /* Set bitrate */
1756 err = __orinoco_hw_set_bitrate(priv);
1757 if (err) {
1758 printk(KERN_ERR "%s: Error %d setting bitrate\n",
1759 dev->name, err);
1760 return err;
1761 }
1762
1763 /* Set power management */
1764 if (priv->has_pm) {
1765 err = hermes_write_wordrec(hw, USER_BAP,
1766 HERMES_RID_CNFPMENABLED,
1767 priv->pm_on);
1768 if (err) {
1769 printk(KERN_ERR "%s: Error %d setting up PM\n",
1770 dev->name, err);
1771 return err;
1772 }
1773
1774 err = hermes_write_wordrec(hw, USER_BAP,
1775 HERMES_RID_CNFMULTICASTRECEIVE,
1776 priv->pm_mcast);
1777 if (err) {
1778 printk(KERN_ERR "%s: Error %d setting up PM\n",
1779 dev->name, err);
1780 return err;
1781 }
1782 err = hermes_write_wordrec(hw, USER_BAP,
1783 HERMES_RID_CNFMAXSLEEPDURATION,
1784 priv->pm_period);
1785 if (err) {
1786 printk(KERN_ERR "%s: Error %d setting up PM\n",
1787 dev->name, err);
1788 return err;
1789 }
1790 err = hermes_write_wordrec(hw, USER_BAP,
1791 HERMES_RID_CNFPMHOLDOVERDURATION,
1792 priv->pm_timeout);
1793 if (err) {
1794 printk(KERN_ERR "%s: Error %d setting up PM\n",
1795 dev->name, err);
1796 return err;
1797 }
1798 }
1799
1800 /* Set preamble - only for Symbol so far... */
1801 if (priv->has_preamble) {
1802 err = hermes_write_wordrec(hw, USER_BAP,
1803 HERMES_RID_CNFPREAMBLE_SYMBOL,
1804 priv->preamble);
1805 if (err) {
1806 printk(KERN_ERR "%s: Error %d setting preamble\n",
1807 dev->name, err);
1808 return err;
1809 }
1810 }
1811
1812 /* Set up encryption */
d03032af
DK		 1813 if (priv->has_wep || priv->has_wpa) {
1814 err = __orinoco_hw_setup_enc(priv);
1da177e4 1815 if (err) {
d03032af 1816 printk(KERN_ERR "%s: Error %d activating encryption\n",
1da177e4
LT		 1817 dev->name, err);
1818 return err;
1819 }
1820 }
1821
98c4cae1
CH		 1822 if (priv->iw_mode == IW_MODE_MONITOR) {
1823 /* Enable monitor mode */
1824 dev->type = ARPHRD_IEEE80211;
6fe9deb1 1825 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
98c4cae1
CH		 1826 HERMES_TEST_MONITOR, 0, NULL);
1827 } else {
1828 /* Disable monitor mode */
1829 dev->type = ARPHRD_ETHER;
1830 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
1831 HERMES_TEST_STOP, 0, NULL);
1832 }
1833 if (err)
1834 return err;
1835
1da177e4
LT		 1836 /* Set promiscuity / multicast*/
1837 priv->promiscuous = 0;
1838 priv->mc_count = 0;
932ff279
HX		 1839
1840 /* FIXME: what about netif_tx_lock */
1841 __orinoco_set_multicast_list(dev);
1da177e4
LT		 1842
1843 return 0;
1844}
1845
5865d015
DK		 1846/* FIXME: return int? */
1847static void
1848__orinoco_set_multicast_list(struct net_device *dev)
1849{
1850 struct orinoco_private *priv = netdev_priv(dev);
1851 int err = 0;
1852 int promisc, mc_count;
1853
1854 /* The Hermes doesn't seem to have an allmulti mode, so we go
1855 * into promiscuous mode and let the upper levels deal. */
1856 if ((dev->flags & IFF_PROMISC) || (dev->flags & IFF_ALLMULTI) ||
1857 (dev->mc_count > MAX_MULTICAST(priv))) {
1858 promisc = 1;
1859 mc_count = 0;
1860 } else {
1861 promisc = 0;
1862 mc_count = dev->mc_count;
1863 }
1864
1865 err = __orinoco_hw_set_multicast_list(priv, dev->mc_list, mc_count,
1866 promisc);
1da177e4
LT		 1867}
1868
1da177e4
LT		 1869/* This must be called from user context, without locks held - use
1870 * schedule_work() */
cb1576a8 1871void orinoco_reset(struct work_struct *work)
1da177e4 1872{
c4028958
DH		 1873 struct orinoco_private *priv =
1874 container_of(work, struct orinoco_private, reset_work);
1875 struct net_device *dev = priv->ndev;
1da177e4 1876 struct hermes *hw = &priv->hw;
8551cb98 1877 int err;
1da177e4
LT		 1878 unsigned long flags;
1879
1880 if (orinoco_lock(priv, &flags) != 0)
1881 /* When the hardware becomes available again, whatever
1882 * detects that is responsible for re-initializing
1883 * it. So no need for anything further */
1884 return;
1885
1886 netif_stop_queue(dev);
1887
1888 /* Shut off interrupts. Depending on what state the hardware
1889 * is in, this might not work, but we'll try anyway */
1890 hermes_set_irqmask(hw, 0);
1891 hermes_write_regn(hw, EVACK, 0xffff);
1892
1893 priv->hw_unavailable++;
1894 priv->last_linkstatus = 0xffff; /* firmware will have to reassociate */
1895 netif_carrier_off(dev);
1896
1897 orinoco_unlock(priv, &flags);
1898
6fe9deb1 1899 /* Scanning support: Cleanup of driver struct */
1e3428e9 1900 orinoco_clear_scan_results(priv, 0);
95dd91fb
CH		 1901 priv->scan_inprogress = 0;
1902
8551cb98 1903 if (priv->hard_reset) {
1da177e4 1904 err = (*priv->hard_reset)(priv);
8551cb98
CH		 1905 if (err) {
1906 printk(KERN_ERR "%s: orinoco_reset: Error %d "
1907 "performing hard reset\n", dev->name, err);
1908 goto disable;
1909 }
1da177e4
LT		 1910 }
1911
1912 err = orinoco_reinit_firmware(dev);
1913 if (err) {
1914 printk(KERN_ERR "%s: orinoco_reset: Error %d re-initializing firmware\n",
1915 dev->name, err);
8551cb98 1916 goto disable;
1da177e4
LT		 1917 }
1918
b2f30a0a
DK		 1919 /* This has to be called from user context */
1920 spin_lock_irq(&priv->lock);
1da177e4
LT		 1921
1922 priv->hw_unavailable--;
1923
1924 /* priv->open or priv->hw_unavailable might have changed while
1925 * we dropped the lock */
a94e8427 1926 if (priv->open && (!priv->hw_unavailable)) {
1da177e4
LT		 1927 err = __orinoco_up(dev);
1928 if (err) {
1929 printk(KERN_ERR "%s: orinoco_reset: Error %d reenabling card\n",
1930 dev->name, err);
1931 } else
1932 dev->trans_start = jiffies;
1933 }
1934
1935 spin_unlock_irq(&priv->lock);
1936
1937 return;
8551cb98
CH		 1938 disable:
1939 hermes_set_irqmask(hw, 0);
1940 netif_device_detach(dev);
1941 printk(KERN_ERR "%s: Device has been disabled!\n", dev->name);
1da177e4
LT		 1942}
1943
1944/********************************************************************/
1945/* Interrupt handler */
1946/********************************************************************/
1947
1948static void __orinoco_ev_tick(struct net_device *dev, hermes_t *hw)
1949{
1950 printk(KERN_DEBUG "%s: TICK\n", dev->name);
1951}
1952
1953static void __orinoco_ev_wterr(struct net_device *dev, hermes_t *hw)
1954{
1955 /* This seems to happen a fair bit under load, but ignoring it
1956 seems to work fine...*/
1957 printk(KERN_DEBUG "%s: MAC controller error (WTERR). Ignoring.\n",
1958 dev->name);
1959}
1960
7d12e780 1961irqreturn_t orinoco_interrupt(int irq, void *dev_id)
1da177e4 1962{
c31f28e7 1963 struct net_device *dev = dev_id;
1da177e4
LT		 1964 struct orinoco_private *priv = netdev_priv(dev);
1965 hermes_t *hw = &priv->hw;
1966 int count = MAX_IRQLOOPS_PER_IRQ;
1967 u16 evstat, events;
2131266d
DK		 1968 /* These are used to detect a runaway interrupt situation.
1969 *
1970 * If we get more than MAX_IRQLOOPS_PER_JIFFY iterations in a jiffy,
1971 * we panic and shut down the hardware
1972 */
1973 /* jiffies value the last time we were called */
1974 static int last_irq_jiffy; /* = 0 */
1975 static int loops_this_jiffy; /* = 0 */
1da177e4
LT		 1976 unsigned long flags;
1977
1978 if (orinoco_lock(priv, &flags) != 0) {
1979 /* If hw is unavailable - we don't know if the irq was
1980 * for us or not */
1981 return IRQ_HANDLED;
1982 }
1983
1984 evstat = hermes_read_regn(hw, EVSTAT);
1985 events = evstat & hw->inten;
a94e8427 1986 if (!events) {
1da177e4
LT		 1987 orinoco_unlock(priv, &flags);
1988 return IRQ_NONE;
1989 }
6fe9deb1 1990
1da177e4
LT		 1991 if (jiffies != last_irq_jiffy)
1992 loops_this_jiffy = 0;
1993 last_irq_jiffy = jiffies;
1994
1995 while (events && count--) {
1996 if (++loops_this_jiffy > MAX_IRQLOOPS_PER_JIFFY) {
1997 printk(KERN_WARNING "%s: IRQ handler is looping too "
1998 "much! Resetting.\n", dev->name);
1999 /* Disable interrupts for now */
2000 hermes_set_irqmask(hw, 0);
2001 schedule_work(&priv->reset_work);
2002 break;
2003 }
2004
2005 /* Check the card hasn't been removed */
a94e8427 2006 if (!hermes_present(hw)) {
1da177e4
LT		 2007 DEBUG(0, "orinoco_interrupt(): card removed\n");
2008 break;
2009 }
2010
2011 if (events & HERMES_EV_TICK)
2012 __orinoco_ev_tick(dev, hw);
2013 if (events & HERMES_EV_WTERR)
2014 __orinoco_ev_wterr(dev, hw);
2015 if (events & HERMES_EV_INFDROP)
2016 __orinoco_ev_infdrop(dev, hw);
2017 if (events & HERMES_EV_INFO)
2018 __orinoco_ev_info(dev, hw);
2019 if (events & HERMES_EV_RX)
2020 __orinoco_ev_rx(dev, hw);
2021 if (events & HERMES_EV_TXEXC)
2022 __orinoco_ev_txexc(dev, hw);
2023 if (events & HERMES_EV_TX)
2024 __orinoco_ev_tx(dev, hw);
2025 if (events & HERMES_EV_ALLOC)
2026 __orinoco_ev_alloc(dev, hw);
6fe9deb1 2027
84d8a2fb 2028 hermes_write_regn(hw, EVACK, evstat);
1da177e4
LT		 2029
2030 evstat = hermes_read_regn(hw, EVSTAT);
2031 events = evstat & hw->inten;
2032 };
2033
2034 orinoco_unlock(priv, &flags);
2035 return IRQ_HANDLED;
2036}
2131266d 2037EXPORT_SYMBOL(orinoco_interrupt);
1da177e4 2038
39d1ffee
DK		 2039/********************************************************************/
2040/* Power management */
2041/********************************************************************/
2042#if defined(CONFIG_PM_SLEEP) && !defined(CONFIG_HERMES_CACHE_FW_ON_INIT)
2043static int orinoco_pm_notifier(struct notifier_block *notifier,
2044 unsigned long pm_event,
2045 void *unused)
2046{
2047 struct orinoco_private *priv = container_of(notifier,
2048 struct orinoco_private,
2049 pm_notifier);
2050
2051 /* All we need to do is cache the firmware before suspend, and
2052 * release it when we come out.
2053 *
2054 * Only need to do this if we're downloading firmware. */
2055 if (!priv->do_fw_download)
2056 return NOTIFY_DONE;
2057
2058 switch (pm_event) {
2059 case PM_HIBERNATION_PREPARE:
2060 case PM_SUSPEND_PREPARE:
2061 orinoco_cache_fw(priv, 0);
2062 break;
2063
2064 case PM_POST_RESTORE:
2065 /* Restore from hibernation failed. We need to clean
2066 * up in exactly the same way, so fall through. */
2067 case PM_POST_HIBERNATION:
2068 case PM_POST_SUSPEND:
2069 orinoco_uncache_fw(priv);
2070 break;
2071
2072 case PM_RESTORE_PREPARE:
2073 default:
2074 break;
2075 }
2076
2077 return NOTIFY_DONE;
2078}
f11c179e
DM		 2079
2080static void orinoco_register_pm_notifier(struct orinoco_private *priv)
2081{
2082 priv->pm_notifier.notifier_call = orinoco_pm_notifier;
2083 register_pm_notifier(&priv->pm_notifier);
2084}
2085
2086static void orinoco_unregister_pm_notifier(struct orinoco_private *priv)
2087{
2088 unregister_pm_notifier(&priv->pm_notifier);
2089}
39d1ffee 2090#else /* !PM_SLEEP || HERMES_CACHE_FW_ON_INIT */
f11c179e
DM		 2091#define orinoco_register_pm_notifier(priv) do { } while(0)
2092#define orinoco_unregister_pm_notifier(priv) do { } while(0)
39d1ffee
DK		 2093#endif
2094
1da177e4
LT		 2095/********************************************************************/
2096/* Initialization */
2097/********************************************************************/
2098
2099struct comp_id {
2100 u16 id, variant, major, minor;
2101} __attribute__ ((packed));
2102
2103static inline fwtype_t determine_firmware_type(struct comp_id *nic_id)
2104{
2105 if (nic_id->id < 0x8000)
2106 return FIRMWARE_TYPE_AGERE;
2107 else if (nic_id->id == 0x8000 && nic_id->major == 0)
2108 return FIRMWARE_TYPE_SYMBOL;
2109 else
2110 return FIRMWARE_TYPE_INTERSIL;
2111}
2112
2113/* Set priv->firmware type, determine firmware properties */
2114static int determine_firmware(struct net_device *dev)
2115{
2116 struct orinoco_private *priv = netdev_priv(dev);
2117 hermes_t *hw = &priv->hw;
2118 int err;
2119 struct comp_id nic_id, sta_id;
2120 unsigned int firmver;
dde6d43d 2121 char tmp[SYMBOL_MAX_VER_LEN+1] __attribute__((aligned(2)));
1da177e4
LT		 2122
2123 /* Get the hardware version */
2124 err = HERMES_READ_RECORD(hw, USER_BAP, HERMES_RID_NICID, &nic_id);
2125 if (err) {
2126 printk(KERN_ERR "%s: Cannot read hardware identity: error %d\n",
2127 dev->name, err);
2128 return err;
2129 }
2130
2131 le16_to_cpus(&nic_id.id);
2132 le16_to_cpus(&nic_id.variant);
2133 le16_to_cpus(&nic_id.major);
2134 le16_to_cpus(&nic_id.minor);
2135 printk(KERN_DEBUG "%s: Hardware identity %04x:%04x:%04x:%04x\n",
2136 dev->name, nic_id.id, nic_id.variant,
2137 nic_id.major, nic_id.minor);
2138
2139 priv->firmware_type = determine_firmware_type(&nic_id);
2140
2141 /* Get the firmware version */
2142 err = HERMES_READ_RECORD(hw, USER_BAP, HERMES_RID_STAID, &sta_id);
2143 if (err) {
2144 printk(KERN_ERR "%s: Cannot read station identity: error %d\n",
2145 dev->name, err);
2146 return err;
2147 }
2148
2149 le16_to_cpus(&sta_id.id);
2150 le16_to_cpus(&sta_id.variant);
2151 le16_to_cpus(&sta_id.major);
2152 le16_to_cpus(&sta_id.minor);
2153 printk(KERN_DEBUG "%s: Station identity %04x:%04x:%04x:%04x\n",
2154 dev->name, sta_id.id, sta_id.variant,
2155 sta_id.major, sta_id.minor);
2156
2157 switch (sta_id.id) {
2158 case 0x15:
2159 printk(KERN_ERR "%s: Primary firmware is active\n",
2160 dev->name);
2161 return -ENODEV;
2162 case 0x14b:
2163 printk(KERN_ERR "%s: Tertiary firmware is active\n",
2164 dev->name);
2165 return -ENODEV;
2166 case 0x1f: /* Intersil, Agere, Symbol Spectrum24 */
2167 case 0x21: /* Symbol Spectrum24 Trilogy */
2168 break;
2169 default:
2170 printk(KERN_NOTICE "%s: Unknown station ID, please report\n",
2171 dev->name);
2172 break;
2173 }
2174
2175 /* Default capabilities */
2176 priv->has_sensitivity = 1;
2177 priv->has_mwo = 0;
2178 priv->has_preamble = 0;
2179 priv->has_port3 = 1;
2180 priv->has_ibss = 1;
2181 priv->has_wep = 0;
2182 priv->has_big_wep = 0;
6eecad77 2183 priv->has_alt_txcntl = 0;
01632fa4 2184 priv->has_ext_scan = 0;
d03032af 2185 priv->has_wpa = 0;
3994d502 2186 priv->do_fw_download = 0;
1da177e4
LT		 2187
2188 /* Determine capabilities from the firmware version */
2189 switch (priv->firmware_type) {
2190 case FIRMWARE_TYPE_AGERE:
2191 /* Lucent Wavelan IEEE, Lucent Orinoco, Cabletron RoamAbout,
2192 ELSA, Melco, HP, IBM, Dell 1150, Compaq 110/210 */
2193 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
2194 "Lucent/Agere %d.%02d", sta_id.major, sta_id.minor);
2195
2196 firmver = ((unsigned long)sta_id.major << 16) | sta_id.minor;
2197
2198 priv->has_ibss = (firmver >= 0x60006);
2199 priv->has_wep = (firmver >= 0x40020);
2200 priv->has_big_wep = 1; /* FIXME: this is wrong - how do we tell
2201 Gold cards from the others? */
2202 priv->has_mwo = (firmver >= 0x60000);
2203 priv->has_pm = (firmver >= 0x40020); /* Don't work in 7.52 ? */
2204 priv->ibss_port = 1;
95dd91fb 2205 priv->has_hostscan = (firmver >= 0x8000a);
3994d502 2206 priv->do_fw_download = 1;
98c4cae1 2207 priv->broken_monitor = (firmver >= 0x80000);
6eecad77 2208 priv->has_alt_txcntl = (firmver >= 0x90000); /* All 9.x ? */
01632fa4 2209 priv->has_ext_scan = (firmver >= 0x90000); /* All 9.x ? */
d03032af 2210 priv->has_wpa = (firmver >= 0x9002a);
1da177e4
LT		 2211 /* Tested with Agere firmware :
2212 * 1.16 ; 4.08 ; 4.52 ; 6.04 ; 6.16 ; 7.28 => Jean II
2213 * Tested CableTron firmware : 4.32 => Anton */
2214 break;
2215 case FIRMWARE_TYPE_SYMBOL:
2216 /* Symbol , 3Com AirConnect, Intel, Ericsson WLAN */
2217 /* Intel MAC : 00:02:B3:* */
2218 /* 3Com MAC : 00:50:DA:* */
2219 memset(tmp, 0, sizeof(tmp));
2220 /* Get the Symbol firmware version */
2221 err = hermes_read_ltv(hw, USER_BAP,
2222 HERMES_RID_SECONDARYVERSION_SYMBOL,
2223 SYMBOL_MAX_VER_LEN, NULL, &tmp);
2224 if (err) {
2225 printk(KERN_WARNING
b2f30a0a
DK		 2226 "%s: Error %d reading Symbol firmware info. "
2227 "Wildly guessing capabilities...\n",
1da177e4
LT		 2228 dev->name, err);
2229 firmver = 0;
2230 tmp[0] = '\0';
2231 } else {
2232 /* The firmware revision is a string, the format is
2233 * something like : "V2.20-01".
2234 * Quick and dirty parsing... - Jean II
2235 */
b2f30a0a
DK		 2236 firmver = ((tmp[1] - '0') << 16)
2237 | ((tmp[3] - '0') << 12)
2238 | ((tmp[4] - '0') << 8)
2239 | ((tmp[6] - '0') << 4)
1da177e4
LT		 2240 | (tmp[7] - '0');
2241
2242 tmp[SYMBOL_MAX_VER_LEN] = '\0';
2243 }
2244
2245 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
2246 "Symbol %s", tmp);
2247
2248 priv->has_ibss = (firmver >= 0x20000);
2249 priv->has_wep = (firmver >= 0x15012);
2250 priv->has_big_wep = (firmver >= 0x20000);
6fe9deb1 2251 priv->has_pm = (firmver >= 0x20000 && firmver < 0x22000) ||
1da177e4
LT		 2252 (firmver >= 0x29000 && firmver < 0x30000) ||
2253 firmver >= 0x31000;
2254 priv->has_preamble = (firmver >= 0x20000);
2255 priv->ibss_port = 4;
3994d502
DK		 2256
2257 /* Symbol firmware is found on various cards, but
2258 * there has been no attempt to check firmware
2259 * download on non-spectrum_cs based cards.
2260 *
2261 * Given that the Agere firmware download works
2262 * differently, we should avoid doing a firmware
2263 * download with the Symbol algorithm on non-spectrum
2264 * cards.
2265 *
2266 * For now we can identify a spectrum_cs based card
2267 * because it has a firmware reset function.
2268 */
2269 priv->do_fw_download = (priv->stop_fw != NULL);
2270
6fe9deb1 2271 priv->broken_disableport = (firmver == 0x25013) ||
b2f30a0a 2272 (firmver >= 0x30000 && firmver <= 0x31000);
95dd91fb
CH		 2273 priv->has_hostscan = (firmver >= 0x31001) ||
2274 (firmver >= 0x29057 && firmver < 0x30000);
1da177e4
LT		 2275 /* Tested with Intel firmware : 0x20015 => Jean II */
2276 /* Tested with 3Com firmware : 0x15012 & 0x22001 => Jean II */
2277 break;
2278 case FIRMWARE_TYPE_INTERSIL:
2279 /* D-Link, Linksys, Adtron, ZoomAir, and many others...
2280 * Samsung, Compaq 100/200 and Proxim are slightly
2281 * different and less well tested */
2282 /* D-Link MAC : 00:40:05:* */
2283 /* Addtron MAC : 00:90:D1:* */
2284 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
2285 "Intersil %d.%d.%d", sta_id.major, sta_id.minor,
2286 sta_id.variant);
2287
2288 firmver = ((unsigned long)sta_id.major << 16) |
2289 ((unsigned long)sta_id.minor << 8) | sta_id.variant;
2290
2291 priv->has_ibss = (firmver >= 0x000700); /* FIXME */
2292 priv->has_big_wep = priv->has_wep = (firmver >= 0x000800);
2293 priv->has_pm = (firmver >= 0x000700);
95dd91fb 2294 priv->has_hostscan = (firmver >= 0x010301);
1da177e4
LT		 2295
2296 if (firmver >= 0x000800)
2297 priv->ibss_port = 0;
2298 else {
2299 printk(KERN_NOTICE "%s: Intersil firmware earlier "
2300 "than v0.8.x - several features not supported\n",
2301 dev->name);
2302 priv->ibss_port = 1;
2303 }
2304 break;
2305 }
2306 printk(KERN_DEBUG "%s: Firmware determined as %s\n", dev->name,
2307 priv->fw_name);
2308
2309 return 0;
2310}
2311
2312static int orinoco_init(struct net_device *dev)
2313{
2314 struct orinoco_private *priv = netdev_priv(dev);
2315 hermes_t *hw = &priv->hw;
2316 int err = 0;
2317 struct hermes_idstring nickbuf;
2318 u16 reclen;
2319 int len;
2320
1da177e4
LT		 2321 /* No need to lock, the hw_unavailable flag is already set in
2322 * alloc_orinocodev() */
2c706002 2323 priv->nicbuf_size = IEEE80211_MAX_FRAME_LEN + ETH_HLEN;
1da177e4
LT		 2324
2325 /* Initialize the firmware */
37a6c611 2326 err = hermes_init(hw);
1da177e4
LT		 2327 if (err != 0) {
2328 printk(KERN_ERR "%s: failed to initialize firmware (err = %d)\n",
2329 dev->name, err);
2330 goto out;
2331 }
2332
2333 err = determine_firmware(dev);
2334 if (err != 0) {
2335 printk(KERN_ERR "%s: Incompatible firmware, aborting\n",
2336 dev->name);
2337 goto out;
2338 }
2339
3994d502 2340 if (priv->do_fw_download) {
39d1ffee 2341#ifdef CONFIG_HERMES_CACHE_FW_ON_INIT
74734312 2342 orinoco_cache_fw(priv, 0);
39d1ffee 2343#endif
74734312 2344
3994d502
DK		 2345 err = orinoco_download(priv);
2346 if (err)
2347 priv->do_fw_download = 0;
2348
2349 /* Check firmware version again */
2350 err = determine_firmware(dev);
2351 if (err != 0) {
2352 printk(KERN_ERR "%s: Incompatible firmware, aborting\n",
2353 dev->name);
2354 goto out;
2355 }
2356 }
2357
1da177e4 2358 if (priv->has_port3)
b2f30a0a
DK		 2359 printk(KERN_DEBUG "%s: Ad-hoc demo mode supported\n",
2360 dev->name);
1da177e4
LT		 2361 if (priv->has_ibss)
2362 printk(KERN_DEBUG "%s: IEEE standard IBSS ad-hoc mode supported\n",
2363 dev->name);
2364 if (priv->has_wep) {
2131266d
DK		 2365 printk(KERN_DEBUG "%s: WEP supported, %s-bit key\n", dev->name,
2366 priv->has_big_wep ? "104" : "40");
1da177e4 2367 }
23edcc41 2368 if (priv->has_wpa) {
d03032af 2369 printk(KERN_DEBUG "%s: WPA-PSK supported\n", dev->name);
23edcc41
DK		 2370 if (orinoco_mic_init(priv)) {
2371 printk(KERN_ERR "%s: Failed to setup MIC crypto "
2372 "algorithm. Disabling WPA support\n", dev->name);
2373 priv->has_wpa = 0;
2374 }
2375 }
1da177e4 2376
01632fa4
DK		 2377 /* Now we have the firmware capabilities, allocate appropiate
2378 * sized scan buffers */
2379 if (orinoco_bss_data_allocate(priv))
2380 goto out;
2381 orinoco_bss_data_init(priv);
2382
1da177e4
LT		 2383 /* Get the MAC address */
2384 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
2385 ETH_ALEN, NULL, dev->dev_addr);
2386 if (err) {
2387 printk(KERN_WARNING "%s: failed to read MAC address!\n",
2388 dev->name);
2389 goto out;
2390 }
2391
e174961c
JB		 2392 printk(KERN_DEBUG "%s: MAC address %pM\n",
2393 dev->name, dev->dev_addr);
1da177e4
LT		 2394
2395 /* Get the station name */
2396 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CNFOWNNAME,
2397 sizeof(nickbuf), &reclen, &nickbuf);
2398 if (err) {
2399 printk(KERN_ERR "%s: failed to read station name\n",
2400 dev->name);
2401 goto out;
2402 }
2403 if (nickbuf.len)
2404 len = min(IW_ESSID_MAX_SIZE, (int)le16_to_cpu(nickbuf.len));
2405 else
2406 len = min(IW_ESSID_MAX_SIZE, 2 * reclen);
2407 memcpy(priv->nick, &nickbuf.val, len);
2408 priv->nick[len] = '\0';
2409
2410 printk(KERN_DEBUG "%s: Station name \"%s\"\n", dev->name, priv->nick);
2411
37a6c611
PR		 2412 err = orinoco_allocate_fid(dev);
2413 if (err) {
2414 printk(KERN_ERR "%s: failed to allocate NIC buffer!\n",
2415 dev->name);
2416 goto out;
2417 }
2418
1da177e4
LT		 2419 /* Get allowed channels */
2420 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CHANNELLIST,
2421 &priv->channel_mask);
2422 if (err) {
2423 printk(KERN_ERR "%s: failed to read channel list!\n",
2424 dev->name);
2425 goto out;
2426 }
2427
2428 /* Get initial AP density */
2429 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFSYSTEMSCALE,
2430 &priv->ap_density);
566f2d9e 2431 if (err || priv->ap_density < 1 || priv->ap_density > 3)
1da177e4 2432 priv->has_sensitivity = 0;
1da177e4
LT		 2433
2434 /* Get initial RTS threshold */
2435 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFRTSTHRESHOLD,
2436 &priv->rts_thresh);
2437 if (err) {
2438 printk(KERN_ERR "%s: failed to read RTS threshold!\n",
2439 dev->name);
2440 goto out;
2441 }
2442
2443 /* Get initial fragmentation settings */
2444 if (priv->has_mwo)
2445 err = hermes_read_wordrec(hw, USER_BAP,
2446 HERMES_RID_CNFMWOROBUST_AGERE,
2447 &priv->mwo_robust);
2448 else
b2f30a0a
DK		 2449 err = hermes_read_wordrec(hw, USER_BAP,
2450 HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
1da177e4
LT		 2451 &priv->frag_thresh);
2452 if (err) {
2453 printk(KERN_ERR "%s: failed to read fragmentation settings!\n",
2454 dev->name);
2455 goto out;
2456 }
2457
2458 /* Power management setup */
2459 if (priv->has_pm) {
2460 priv->pm_on = 0;
2461 priv->pm_mcast = 1;
2462 err = hermes_read_wordrec(hw, USER_BAP,
2463 HERMES_RID_CNFMAXSLEEPDURATION,
2464 &priv->pm_period);
2465 if (err) {
2466 printk(KERN_ERR "%s: failed to read power management period!\n",
2467 dev->name);
2468 goto out;
2469 }
2470 err = hermes_read_wordrec(hw, USER_BAP,
2471 HERMES_RID_CNFPMHOLDOVERDURATION,
2472 &priv->pm_timeout);
2473 if (err) {
2474 printk(KERN_ERR "%s: failed to read power management timeout!\n",
2475 dev->name);
2476 goto out;
2477 }
2478 }
2479
2480 /* Preamble setup */
2481 if (priv->has_preamble) {
2482 err = hermes_read_wordrec(hw, USER_BAP,
2483 HERMES_RID_CNFPREAMBLE_SYMBOL,
2484 &priv->preamble);
2485 if (err)
2486 goto out;
2487 }
6fe9deb1 2488
1da177e4
LT		 2489 /* Set up the default configuration */
2490 priv->iw_mode = IW_MODE_INFRA;
2491 /* By default use IEEE/IBSS ad-hoc mode if we have it */
a94e8427 2492 priv->prefer_port3 = priv->has_port3 && (!priv->has_ibss);
1da177e4 2493 set_port_type(priv);
d51d8b1f 2494 priv->channel = 0; /* use firmware default */
1da177e4
LT		 2495
2496 priv->promiscuous = 0;
4ae6ee2d 2497 priv->encode_alg = IW_ENCODE_ALG_NONE;
1da177e4 2498 priv->tx_key = 0;
d03032af
DK		 2499 priv->wpa_enabled = 0;
2500 priv->tkip_cm_active = 0;
2501 priv->key_mgmt = 0;
2502 priv->wpa_ie_len = 0;
2503 priv->wpa_ie = NULL;
1da177e4 2504
1da177e4
LT		 2505 /* Make the hardware available, as long as it hasn't been
2506 * removed elsewhere (e.g. by PCMCIA hot unplug) */
2507 spin_lock_irq(&priv->lock);
2508 priv->hw_unavailable--;
2509 spin_unlock_irq(&priv->lock);
2510
2511 printk(KERN_DEBUG "%s: ready\n", dev->name);
2512
2513 out:
1da177e4
LT		 2514 return err;
2515}
2516
89ea4090
AB		 2517static const struct net_device_ops orinoco_netdev_ops = {
2518 .ndo_init = orinoco_init,
2519 .ndo_open = orinoco_open,
2520 .ndo_stop = orinoco_stop,
2521 .ndo_start_xmit = orinoco_xmit,
2522 .ndo_set_multicast_list = orinoco_set_multicast_list,
2523 .ndo_change_mtu = orinoco_change_mtu,
2524 .ndo_tx_timeout = orinoco_tx_timeout,
2525 .ndo_get_stats = orinoco_get_stats,
2526};
2527
3994d502
DK		 2528struct net_device
2529*alloc_orinocodev(int sizeof_card,
2530 struct device *device,
2531 int (*hard_reset)(struct orinoco_private *),
2532 int (*stop_fw)(struct orinoco_private *, int))
1da177e4
LT		 2533{
2534 struct net_device *dev;
2535 struct orinoco_private *priv;
2536
2537 dev = alloc_etherdev(sizeof(struct orinoco_private) + sizeof_card);
e129a948 2538 if (!dev)
1da177e4
LT		 2539 return NULL;
2540 priv = netdev_priv(dev);
2541 priv->ndev = dev;
2542 if (sizeof_card)
84d8a2fb 2543 priv->card = (void *)((unsigned long)priv
1da177e4
LT		 2544 + sizeof(struct orinoco_private));
2545 else
2546 priv->card = NULL;
3994d502 2547 priv->dev = device;
1da177e4
LT		 2548
2549 /* Setup / override net_device fields */
89ea4090 2550 dev->netdev_ops = &orinoco_netdev_ops;
1da177e4 2551 dev->watchdog_timeo = HZ; /* 1 second timeout */
1fab2e8b 2552 dev->ethtool_ops = &orinoco_ethtool_ops;
e129a948 2553 dev->wireless_handlers = &orinoco_handler_def;
343c686c
PR		 2554#ifdef WIRELESS_SPY
2555 priv->wireless_data.spy_data = &priv->spy_data;
2556 dev->wireless_data = &priv->wireless_data;
2557#endif
1da177e4
LT		 2558 /* we use the default eth_mac_addr for setting the MAC addr */
2559
23edcc41
DK		 2560 /* Reserve space in skb for the SNAP header */
2561 dev->hard_header_len += ENCAPS_OVERHEAD;
2562
1da177e4 2563 /* Set up default callbacks */
1da177e4 2564 priv->hard_reset = hard_reset;
3994d502 2565 priv->stop_fw = stop_fw;
1da177e4
LT		 2566
2567 spin_lock_init(&priv->lock);
2568 priv->open = 0;
2569 priv->hw_unavailable = 1; /* orinoco_init() must clear this
2570 * before anything else touches the
2571 * hardware */
c4028958
DH		 2572 INIT_WORK(&priv->reset_work, orinoco_reset);
2573 INIT_WORK(&priv->join_work, orinoco_join_ap);
2574 INIT_WORK(&priv->wevent_work, orinoco_send_wevents);
1da177e4 2575
31afcef3
DK		 2576 INIT_LIST_HEAD(&priv->rx_list);
2577 tasklet_init(&priv->rx_tasklet, orinoco_rx_isr_tasklet,
2578 (unsigned long) dev);
2579
1da177e4
LT		 2580 netif_carrier_off(dev);
2581 priv->last_linkstatus = 0xffff;
2582
2cea7b26 2583 priv->cached_pri_fw = NULL;
4fb30784
AB		 2584 priv->cached_fw = NULL;
2585
39d1ffee 2586 /* Register PM notifiers */
f11c179e 2587 orinoco_register_pm_notifier(priv);
39d1ffee 2588
1da177e4 2589 return dev;
1da177e4 2590}
2131266d 2591EXPORT_SYMBOL(alloc_orinocodev);
1da177e4
LT		 2592
2593void free_orinocodev(struct net_device *dev)
2594{
95dd91fb 2595 struct orinoco_private *priv = netdev_priv(dev);
20953ad6 2596 struct orinoco_rx_data *rx_data, *temp;
95dd91fb 2597
20953ad6
DK		 2598 /* If the tasklet is scheduled when we call tasklet_kill it
2599 * will run one final time. However the tasklet will only
2600 * drain priv->rx_list if the hw is still available. */
31afcef3 2601 tasklet_kill(&priv->rx_tasklet);
74734312 2602
20953ad6
DK		 2603 /* Explicitly drain priv->rx_list */
2604 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
2605 list_del(&rx_data->list);
2606
2607 dev_kfree_skb(rx_data->skb);
2608 kfree(rx_data->desc);
2609 kfree(rx_data);
2610 }
2611
f11c179e 2612 orinoco_unregister_pm_notifier(priv);
74734312
DK		 2613 orinoco_uncache_fw(priv);
2614
d03032af
DK		 2615 priv->wpa_ie_len = 0;
2616 kfree(priv->wpa_ie);
23edcc41 2617 orinoco_mic_free(priv);
1e3428e9 2618 orinoco_bss_data_free(priv);
1da177e4
LT		 2619 free_netdev(dev);
2620}
2131266d 2621EXPORT_SYMBOL(free_orinocodev);
1da177e4 2622
1fab2e8b
CH		 2623static void orinoco_get_drvinfo(struct net_device *dev,
2624 struct ethtool_drvinfo *info)
2625{
2626 struct orinoco_private *priv = netdev_priv(dev);
1da177e4 2627
1fab2e8b
CH		 2628 strncpy(info->driver, DRIVER_NAME, sizeof(info->driver) - 1);
2629 strncpy(info->version, DRIVER_VERSION, sizeof(info->version) - 1);
2630 strncpy(info->fw_version, priv->fw_name, sizeof(info->fw_version) - 1);
43cb76d9 2631 if (dev->dev.parent)
fb28ad35 2632 strncpy(info->bus_info, dev_name(dev->dev.parent),
1fab2e8b
CH		 2633 sizeof(info->bus_info) - 1);
2634 else
2635 snprintf(info->bus_info, sizeof(info->bus_info) - 1,
2636 "PCMCIA %p", priv->hw.iobase);
1da177e4
LT		 2637}
2638
7282d491 2639static const struct ethtool_ops orinoco_ethtool_ops = {
1fab2e8b
CH		 2640 .get_drvinfo = orinoco_get_drvinfo,
2641 .get_link = ethtool_op_get_link,
2642};
1da177e4 2643
1da177e4
LT		 2644/********************************************************************/
2645/* Module initialization */
2646/********************************************************************/
2647
1da177e4
LT		 2648/* Can't be declared "const" or the whole __initdata section will
2649 * become const */
2650static char version[] __initdata = DRIVER_NAME " " DRIVER_VERSION
2651 " (David Gibson <hermes@gibson.dropbear.id.au>, "
2652 "Pavel Roskin <proski@gnu.org>, et al)";
2653
2654static int __init init_orinoco(void)
2655{
2656 printk(KERN_DEBUG "%s\n", version);
2657 return 0;
2658}
2659
2660static void __exit exit_orinoco(void)
2661{
2662}
2663
2664module_init(init_orinoco);
2665module_exit(exit_orinoco);
kernel source for telekom puls (alcatel/mediatek)