projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
iwl3945: fix panic in iwl3945 driver
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / net / wireless / iwlwifi / iwl3945-base.c
1 /******************************************************************************
2 *
3 * Copyright(c) 2003 - 2009 Intel Corporation. All rights reserved.
4 *
5 * Portions of this file are derived from the ipw3945 project, as well
6 * as portions of the ieee80211 subsystem header files.
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of version 2 of the GNU General Public License as
10 * published by the Free Software Foundation.
11 *
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * more details.
16 *
17 * You should have received a copy of the GNU General Public License along with
18 * this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
20 *
21 * The full GNU General Public License is included in this distribution in the
22 * file called LICENSE.
23 *
24 * Contact Information:
25 * Intel Linux Wireless <ilw@linux.intel.com>
26 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
27 *
28 *****************************************************************************/
29
30 #include <linux/kernel.h>
31 #include <linux/module.h>
32 #include <linux/init.h>
33 #include <linux/pci.h>
34 #include <linux/dma-mapping.h>
35 #include <linux/delay.h>
36 #include <linux/sched.h>
37 #include <linux/skbuff.h>
38 #include <linux/netdevice.h>
39 #include <linux/wireless.h>
40 #include <linux/firmware.h>
41 #include <linux/etherdevice.h>
42 #include <linux/if_arp.h>
43
44 #include <net/ieee80211_radiotap.h>
45 #include <net/mac80211.h>
46
47 #include <asm/div64.h>
48
49 #define DRV_NAME "iwl3945"
50
51 #include "iwl-fh.h"
52 #include "iwl-3945-fh.h"
53 #include "iwl-commands.h"
54 #include "iwl-sta.h"
55 #include "iwl-3945.h"
56 #include "iwl-helpers.h"
57 #include "iwl-core.h"
58 #include "iwl-dev.h"
59
60 /*
61 * module name, copyright, version, etc.
62 */
63
64 #define DRV_DESCRIPTION \
65 "Intel(R) PRO/Wireless 3945ABG/BG Network Connection driver for Linux"
66
67 #ifdef CONFIG_IWLWIFI_DEBUG
68 #define VD "d"
69 #else
70 #define VD
71 #endif
72
73 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
74 #define VS "s"
75 #else
76 #define VS
77 #endif
78
79 #define DRV_VERSION IWLWIFI_VERSION VD VS
80 #define DRV_COPYRIGHT "Copyright(c) 2003-2009 Intel Corporation"
81 #define DRV_AUTHOR "<ilw@linux.intel.com>"
82
83 MODULE_DESCRIPTION(DRV_DESCRIPTION);
84 MODULE_VERSION(DRV_VERSION);
85 MODULE_AUTHOR(DRV_COPYRIGHT " " DRV_AUTHOR);
86 MODULE_LICENSE("GPL");
87
88 /* module parameters */
89 struct iwl_mod_params iwl3945_mod_params = {
90 .sw_crypto = 1,
91 .restart_fw = 1,
92 /* the rest are 0 by default */
93 };
94
95 /**
96 * iwl3945_get_antenna_flags - Get antenna flags for RXON command
97 * @priv: eeprom and antenna fields are used to determine antenna flags
98 *
99 * priv->eeprom39 is used to determine if antenna AUX/MAIN are reversed
100 * iwl3945_mod_params.antenna specifies the antenna diversity mode:
101 *
102 * IWL_ANTENNA_DIVERSITY - NIC selects best antenna by itself
103 * IWL_ANTENNA_MAIN - Force MAIN antenna
104 * IWL_ANTENNA_AUX - Force AUX antenna
105 */
106 __le32 iwl3945_get_antenna_flags(const struct iwl_priv *priv)
107 {
108 struct iwl3945_eeprom *eeprom = (struct iwl3945_eeprom *)priv->eeprom;
109
110 switch (iwl3945_mod_params.antenna) {
111 case IWL_ANTENNA_DIVERSITY:
112 return 0;
113
114 case IWL_ANTENNA_MAIN:
115 if (eeprom->antenna_switch_type)
116 return RXON_FLG_DIS_DIV_MSK | RXON_FLG_ANT_B_MSK;
117 return RXON_FLG_DIS_DIV_MSK | RXON_FLG_ANT_A_MSK;
118
119 case IWL_ANTENNA_AUX:
120 if (eeprom->antenna_switch_type)
121 return RXON_FLG_DIS_DIV_MSK | RXON_FLG_ANT_A_MSK;
122 return RXON_FLG_DIS_DIV_MSK | RXON_FLG_ANT_B_MSK;
123 }
124
125 /* bad antenna selector value */
126 IWL_ERR(priv, "Bad antenna selector value (0x%x)\n",
127 iwl3945_mod_params.antenna);
128
129 return 0; /* "diversity" is default if error */
130 }
131
132 static int iwl3945_set_ccmp_dynamic_key_info(struct iwl_priv *priv,
133 struct ieee80211_key_conf *keyconf,
134 u8 sta_id)
135 {
136 unsigned long flags;
137 __le16 key_flags = 0;
138 int ret;
139
140 key_flags |= (STA_KEY_FLG_CCMP | STA_KEY_FLG_MAP_KEY_MSK);
141 key_flags |= cpu_to_le16(keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
142
143 if (sta_id == priv->hw_params.bcast_sta_id)
144 key_flags |= STA_KEY_MULTICAST_MSK;
145
146 keyconf->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
147 keyconf->hw_key_idx = keyconf->keyidx;
148 key_flags &= ~STA_KEY_FLG_INVALID;
149
150 spin_lock_irqsave(&priv->sta_lock, flags);
151 priv->stations[sta_id].keyinfo.alg = keyconf->alg;
152 priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
153 memcpy(priv->stations[sta_id].keyinfo.key, keyconf->key,
154 keyconf->keylen);
155
156 memcpy(priv->stations[sta_id].sta.key.key, keyconf->key,
157 keyconf->keylen);
158
159 if ((priv->stations[sta_id].sta.key.key_flags & STA_KEY_FLG_ENCRYPT_MSK)
160 == STA_KEY_FLG_NO_ENC)
161 priv->stations[sta_id].sta.key.key_offset =
162 iwl_get_free_ucode_key_index(priv);
163 /* else, we are overriding an existing key => no need to allocated room
164 * in uCode. */
165
166 WARN(priv->stations[sta_id].sta.key.key_offset == WEP_INVALID_OFFSET,
167 "no space for a new key");
168
169 priv->stations[sta_id].sta.key.key_flags = key_flags;
170 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
171 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
172
173 IWL_DEBUG_INFO(priv, "hwcrypto: modify ucode station key info\n");
174
175 ret = iwl_send_add_sta(priv, &priv->stations[sta_id].sta, CMD_ASYNC);
176
177 spin_unlock_irqrestore(&priv->sta_lock, flags);
178
179 return ret;
180 }
181
182 static int iwl3945_set_tkip_dynamic_key_info(struct iwl_priv *priv,
183 struct ieee80211_key_conf *keyconf,
184 u8 sta_id)
185 {
186 return -EOPNOTSUPP;
187 }
188
189 static int iwl3945_set_wep_dynamic_key_info(struct iwl_priv *priv,
190 struct ieee80211_key_conf *keyconf,
191 u8 sta_id)
192 {
193 return -EOPNOTSUPP;
194 }
195
196 static int iwl3945_clear_sta_key_info(struct iwl_priv *priv, u8 sta_id)
197 {
198 unsigned long flags;
199
200 spin_lock_irqsave(&priv->sta_lock, flags);
201 memset(&priv->stations[sta_id].keyinfo, 0, sizeof(struct iwl_hw_key));
202 memset(&priv->stations[sta_id].sta.key, 0,
203 sizeof(struct iwl4965_keyinfo));
204 priv->stations[sta_id].sta.key.key_flags = STA_KEY_FLG_NO_ENC;
205 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
206 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
207 spin_unlock_irqrestore(&priv->sta_lock, flags);
208
209 IWL_DEBUG_INFO(priv, "hwcrypto: clear ucode station key info\n");
210 iwl_send_add_sta(priv, &priv->stations[sta_id].sta, 0);
211 return 0;
212 }
213
214 static int iwl3945_set_dynamic_key(struct iwl_priv *priv,
215 struct ieee80211_key_conf *keyconf, u8 sta_id)
216 {
217 int ret = 0;
218
219 keyconf->hw_key_idx = HW_KEY_DYNAMIC;
220
221 switch (keyconf->alg) {
222 case ALG_CCMP:
223 ret = iwl3945_set_ccmp_dynamic_key_info(priv, keyconf, sta_id);
224 break;
225 case ALG_TKIP:
226 ret = iwl3945_set_tkip_dynamic_key_info(priv, keyconf, sta_id);
227 break;
228 case ALG_WEP:
229 ret = iwl3945_set_wep_dynamic_key_info(priv, keyconf, sta_id);
230 break;
231 default:
232 IWL_ERR(priv, "Unknown alg: %s alg = %d\n", __func__, keyconf->alg);
233 ret = -EINVAL;
234 }
235
236 IWL_DEBUG_WEP(priv, "Set dynamic key: alg= %d len=%d idx=%d sta=%d ret=%d\n",
237 keyconf->alg, keyconf->keylen, keyconf->keyidx,
238 sta_id, ret);
239
240 return ret;
241 }
242
243 static int iwl3945_remove_static_key(struct iwl_priv *priv)
244 {
245 int ret = -EOPNOTSUPP;
246
247 return ret;
248 }
249
250 static int iwl3945_set_static_key(struct iwl_priv *priv,
251 struct ieee80211_key_conf *key)
252 {
253 if (key->alg == ALG_WEP)
254 return -EOPNOTSUPP;
255
256 IWL_ERR(priv, "Static key invalid: alg %d\n", key->alg);
257 return -EINVAL;
258 }
259
260 static void iwl3945_clear_free_frames(struct iwl_priv *priv)
261 {
262 struct list_head *element;
263
264 IWL_DEBUG_INFO(priv, "%d frames on pre-allocated heap on clear.\n",
265 priv->frames_count);
266
267 while (!list_empty(&priv->free_frames)) {
268 element = priv->free_frames.next;
269 list_del(element);
270 kfree(list_entry(element, struct iwl3945_frame, list));
271 priv->frames_count--;
272 }
273
274 if (priv->frames_count) {
275 IWL_WARN(priv, "%d frames still in use. Did we lose one?\n",
276 priv->frames_count);
277 priv->frames_count = 0;
278 }
279 }
280
281 static struct iwl3945_frame *iwl3945_get_free_frame(struct iwl_priv *priv)
282 {
283 struct iwl3945_frame *frame;
284 struct list_head *element;
285 if (list_empty(&priv->free_frames)) {
286 frame = kzalloc(sizeof(*frame), GFP_KERNEL);
287 if (!frame) {
288 IWL_ERR(priv, "Could not allocate frame!\n");
289 return NULL;
290 }
291
292 priv->frames_count++;
293 return frame;
294 }
295
296 element = priv->free_frames.next;
297 list_del(element);
298 return list_entry(element, struct iwl3945_frame, list);
299 }
300
301 static void iwl3945_free_frame(struct iwl_priv *priv, struct iwl3945_frame *frame)
302 {
303 memset(frame, 0, sizeof(*frame));
304 list_add(&frame->list, &priv->free_frames);
305 }
306
307 unsigned int iwl3945_fill_beacon_frame(struct iwl_priv *priv,
308 struct ieee80211_hdr *hdr,
309 int left)
310 {
311
312 if (!iwl_is_associated(priv) || !priv->ibss_beacon ||
313 ((priv->iw_mode != NL80211_IFTYPE_ADHOC) &&
314 (priv->iw_mode != NL80211_IFTYPE_AP)))
315 return 0;
316
317 if (priv->ibss_beacon->len > left)
318 return 0;
319
320 memcpy(hdr, priv->ibss_beacon->data, priv->ibss_beacon->len);
321
322 return priv->ibss_beacon->len;
323 }
324
325 static int iwl3945_send_beacon_cmd(struct iwl_priv *priv)
326 {
327 struct iwl3945_frame *frame;
328 unsigned int frame_size;
329 int rc;
330 u8 rate;
331
332 frame = iwl3945_get_free_frame(priv);
333
334 if (!frame) {
335 IWL_ERR(priv, "Could not obtain free frame buffer for beacon "
336 "command.\n");
337 return -ENOMEM;
338 }
339
340 rate = iwl_rate_get_lowest_plcp(priv);
341
342 frame_size = iwl3945_hw_get_beacon_cmd(priv, frame, rate);
343
344 rc = iwl_send_cmd_pdu(priv, REPLY_TX_BEACON, frame_size,
345 &frame->u.cmd[0]);
346
347 iwl3945_free_frame(priv, frame);
348
349 return rc;
350 }
351
352 static void iwl3945_unset_hw_params(struct iwl_priv *priv)
353 {
354 if (priv->shared_virt)
355 pci_free_consistent(priv->pci_dev,
356 sizeof(struct iwl3945_shared),
357 priv->shared_virt,
358 priv->shared_phys);
359 }
360
361 static void iwl3945_build_tx_cmd_hwcrypto(struct iwl_priv *priv,
362 struct ieee80211_tx_info *info,
363 struct iwl_device_cmd *cmd,
364 struct sk_buff *skb_frag,
365 int sta_id)
366 {
367 struct iwl3945_tx_cmd *tx_cmd = (struct iwl3945_tx_cmd *)cmd->cmd.payload;
368 struct iwl_hw_key *keyinfo = &priv->stations[sta_id].keyinfo;
369
370 switch (keyinfo->alg) {
371 case ALG_CCMP:
372 tx_cmd->sec_ctl = TX_CMD_SEC_CCM;
373 memcpy(tx_cmd->key, keyinfo->key, keyinfo->keylen);
374 IWL_DEBUG_TX(priv, "tx_cmd with AES hwcrypto\n");
375 break;
376
377 case ALG_TKIP:
378 break;
379
380 case ALG_WEP:
381 tx_cmd->sec_ctl = TX_CMD_SEC_WEP |
382 (info->control.hw_key->hw_key_idx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT;
383
384 if (keyinfo->keylen == 13)
385 tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
386
387 memcpy(&tx_cmd->key[3], keyinfo->key, keyinfo->keylen);
388
389 IWL_DEBUG_TX(priv, "Configuring packet for WEP encryption "
390 "with key %d\n", info->control.hw_key->hw_key_idx);
391 break;
392
393 default:
394 IWL_ERR(priv, "Unknown encode alg %d\n", keyinfo->alg);
395 break;
396 }
397 }
398
399 /*
400 * handle build REPLY_TX command notification.
401 */
402 static void iwl3945_build_tx_cmd_basic(struct iwl_priv *priv,
403 struct iwl_device_cmd *cmd,
404 struct ieee80211_tx_info *info,
405 struct ieee80211_hdr *hdr, u8 std_id)
406 {
407 struct iwl3945_tx_cmd *tx_cmd = (struct iwl3945_tx_cmd *)cmd->cmd.payload;
408 __le32 tx_flags = tx_cmd->tx_flags;
409 __le16 fc = hdr->frame_control;
410
411 tx_cmd->stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
412 if (!(info->flags & IEEE80211_TX_CTL_NO_ACK)) {
413 tx_flags |= TX_CMD_FLG_ACK_MSK;
414 if (ieee80211_is_mgmt(fc))
415 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
416 if (ieee80211_is_probe_resp(fc) &&
417 !(le16_to_cpu(hdr->seq_ctrl) & 0xf))
418 tx_flags |= TX_CMD_FLG_TSF_MSK;
419 } else {
420 tx_flags &= (~TX_CMD_FLG_ACK_MSK);
421 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
422 }
423
424 tx_cmd->sta_id = std_id;
425 if (ieee80211_has_morefrags(fc))
426 tx_flags |= TX_CMD_FLG_MORE_FRAG_MSK;
427
428 if (ieee80211_is_data_qos(fc)) {
429 u8 *qc = ieee80211_get_qos_ctl(hdr);
430 tx_cmd->tid_tspec = qc[0] & 0xf;
431 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK;
432 } else {
433 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
434 }
435
436 priv->cfg->ops->utils->rts_tx_cmd_flag(info, &tx_flags);
437
438 if ((tx_flags & TX_CMD_FLG_RTS_MSK) || (tx_flags & TX_CMD_FLG_CTS_MSK))
439 tx_flags |= TX_CMD_FLG_FULL_TXOP_PROT_MSK;
440
441 tx_flags &= ~(TX_CMD_FLG_ANT_SEL_MSK);
442 if (ieee80211_is_mgmt(fc)) {
443 if (ieee80211_is_assoc_req(fc) || ieee80211_is_reassoc_req(fc))
444 tx_cmd->timeout.pm_frame_timeout = cpu_to_le16(3);
445 else
446 tx_cmd->timeout.pm_frame_timeout = cpu_to_le16(2);
447 } else {
448 tx_cmd->timeout.pm_frame_timeout = 0;
449 }
450
451 tx_cmd->driver_txop = 0;
452 tx_cmd->tx_flags = tx_flags;
453 tx_cmd->next_frame_len = 0;
454 }
455
456 /*
457 * start REPLY_TX command process
458 */
459 static int iwl3945_tx_skb(struct iwl_priv *priv, struct sk_buff *skb)
460 {
461 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
462 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
463 struct iwl3945_tx_cmd *tx_cmd;
464 struct iwl_tx_queue *txq = NULL;
465 struct iwl_queue *q = NULL;
466 struct iwl_device_cmd *out_cmd;
467 struct iwl_cmd_meta *out_meta;
468 dma_addr_t phys_addr;
469 dma_addr_t txcmd_phys;
470 int txq_id = skb_get_queue_mapping(skb);
471 u16 len, idx, len_org, hdr_len; /* TODO: len_org is not used */
472 u8 id;
473 u8 unicast;
474 u8 sta_id;
475 u8 tid = 0;
476 u16 seq_number = 0;
477 __le16 fc;
478 u8 wait_write_ptr = 0;
479 u8 *qc = NULL;
480 unsigned long flags;
481 int rc;
482
483 spin_lock_irqsave(&priv->lock, flags);
484 if (iwl_is_rfkill(priv)) {
485 IWL_DEBUG_DROP(priv, "Dropping - RF KILL\n");
486 goto drop_unlock;
487 }
488
489 if ((ieee80211_get_tx_rate(priv->hw, info)->hw_value & 0xFF) == IWL_INVALID_RATE) {
490 IWL_ERR(priv, "ERROR: No TX rate available.\n");
491 goto drop_unlock;
492 }
493
494 unicast = !is_multicast_ether_addr(hdr->addr1);
495 id = 0;
496
497 fc = hdr->frame_control;
498
499 #ifdef CONFIG_IWLWIFI_DEBUG
500 if (ieee80211_is_auth(fc))
501 IWL_DEBUG_TX(priv, "Sending AUTH frame\n");
502 else if (ieee80211_is_assoc_req(fc))
503 IWL_DEBUG_TX(priv, "Sending ASSOC frame\n");
504 else if (ieee80211_is_reassoc_req(fc))
505 IWL_DEBUG_TX(priv, "Sending REASSOC frame\n");
506 #endif
507
508 /* drop all non-injected data frame if we are not associated */
509 if (ieee80211_is_data(fc) &&
510 !(info->flags & IEEE80211_TX_CTL_INJECTED) &&
511 (!iwl_is_associated(priv) ||
512 ((priv->iw_mode == NL80211_IFTYPE_STATION) && !priv->assoc_id))) {
513 IWL_DEBUG_DROP(priv, "Dropping - !iwl_is_associated\n");
514 goto drop_unlock;
515 }
516
517 spin_unlock_irqrestore(&priv->lock, flags);
518
519 hdr_len = ieee80211_hdrlen(fc);
520
521 /* Find (or create) index into station table for destination station */
522 if (info->flags & IEEE80211_TX_CTL_INJECTED)
523 sta_id = priv->hw_params.bcast_sta_id;
524 else
525 sta_id = iwl_get_sta_id(priv, hdr);
526 if (sta_id == IWL_INVALID_STATION) {
527 IWL_DEBUG_DROP(priv, "Dropping - INVALID STATION: %pM\n",
528 hdr->addr1);
529 goto drop;
530 }
531
532 IWL_DEBUG_RATE(priv, "station Id %d\n", sta_id);
533
534 if (ieee80211_is_data_qos(fc)) {
535 qc = ieee80211_get_qos_ctl(hdr);
536 tid = qc[0] & IEEE80211_QOS_CTL_TID_MASK;
537 if (unlikely(tid >= MAX_TID_COUNT))
538 goto drop;
539 seq_number = priv->stations[sta_id].tid[tid].seq_number &
540 IEEE80211_SCTL_SEQ;
541 hdr->seq_ctrl = cpu_to_le16(seq_number) |
542 (hdr->seq_ctrl &
543 cpu_to_le16(IEEE80211_SCTL_FRAG));
544 seq_number += 0x10;
545 }
546
547 /* Descriptor for chosen Tx queue */
548 txq = &priv->txq[txq_id];
549 q = &txq->q;
550
551 if ((iwl_queue_space(q) < q->high_mark))
552 goto drop;
553
554 spin_lock_irqsave(&priv->lock, flags);
555
556 idx = get_cmd_index(q, q->write_ptr, 0);
557
558 /* Set up driver data for this TFD */
559 memset(&(txq->txb[q->write_ptr]), 0, sizeof(struct iwl_tx_info));
560 txq->txb[q->write_ptr].skb[0] = skb;
561
562 /* Init first empty entry in queue's array of Tx/cmd buffers */
563 out_cmd = txq->cmd[idx];
564 out_meta = &txq->meta[idx];
565 tx_cmd = (struct iwl3945_tx_cmd *)out_cmd->cmd.payload;
566 memset(&out_cmd->hdr, 0, sizeof(out_cmd->hdr));
567 memset(tx_cmd, 0, sizeof(*tx_cmd));
568
569 /*
570 * Set up the Tx-command (not MAC!) header.
571 * Store the chosen Tx queue and TFD index within the sequence field;
572 * after Tx, uCode's Tx response will return this value so driver can
573 * locate the frame within the tx queue and do post-tx processing.
574 */
575 out_cmd->hdr.cmd = REPLY_TX;
576 out_cmd->hdr.sequence = cpu_to_le16((u16)(QUEUE_TO_SEQ(txq_id) |
577 INDEX_TO_SEQ(q->write_ptr)));
578
579 /* Copy MAC header from skb into command buffer */
580 memcpy(tx_cmd->hdr, hdr, hdr_len);
581
582
583 if (info->control.hw_key)
584 iwl3945_build_tx_cmd_hwcrypto(priv, info, out_cmd, skb, sta_id);
585
586 /* TODO need this for burst mode later on */
587 iwl3945_build_tx_cmd_basic(priv, out_cmd, info, hdr, sta_id);
588
589 /* set is_hcca to 0; it probably will never be implemented */
590 iwl3945_hw_build_tx_cmd_rate(priv, out_cmd, info, hdr, sta_id, 0);
591
592 /* Total # bytes to be transmitted */
593 len = (u16)skb->len;
594 tx_cmd->len = cpu_to_le16(len);
595
596 iwl_dbg_log_tx_data_frame(priv, len, hdr);
597 iwl_update_stats(priv, true, fc, len);
598 tx_cmd->tx_flags &= ~TX_CMD_FLG_ANT_A_MSK;
599 tx_cmd->tx_flags &= ~TX_CMD_FLG_ANT_B_MSK;
600
601 if (!ieee80211_has_morefrags(hdr->frame_control)) {
602 txq->need_update = 1;
603 if (qc)
604 priv->stations[sta_id].tid[tid].seq_number = seq_number;
605 } else {
606 wait_write_ptr = 1;
607 txq->need_update = 0;
608 }
609
610 IWL_DEBUG_TX(priv, "sequence nr = 0X%x \n",
611 le16_to_cpu(out_cmd->hdr.sequence));
612 IWL_DEBUG_TX(priv, "tx_flags = 0X%x \n", le32_to_cpu(tx_cmd->tx_flags));
613 iwl_print_hex_dump(priv, IWL_DL_TX, tx_cmd, sizeof(*tx_cmd));
614 iwl_print_hex_dump(priv, IWL_DL_TX, (u8 *)tx_cmd->hdr,
615 ieee80211_hdrlen(fc));
616
617 /*
618 * Use the first empty entry in this queue's command buffer array
619 * to contain the Tx command and MAC header concatenated together
620 * (payload data will be in another buffer).
621 * Size of this varies, due to varying MAC header length.
622 * If end is not dword aligned, we'll have 2 extra bytes at the end
623 * of the MAC header (device reads on dword boundaries).
624 * We'll tell device about this padding later.
625 */
626 len = sizeof(struct iwl3945_tx_cmd) +
627 sizeof(struct iwl_cmd_header) + hdr_len;
628
629 len_org = len;
630 len = (len + 3) & ~3;
631
632 if (len_org != len)
633 len_org = 1;
634 else
635 len_org = 0;
636
637 /* Physical address of this Tx command's header (not MAC header!),
638 * within command buffer array. */
639 txcmd_phys = pci_map_single(priv->pci_dev, &out_cmd->hdr,
640 len, PCI_DMA_TODEVICE);
641 /* we do not map meta data ... so we can safely access address to
642 * provide to unmap command*/
643 pci_unmap_addr_set(out_meta, mapping, txcmd_phys);
644 pci_unmap_len_set(out_meta, len, len);
645
646 /* Add buffer containing Tx command and MAC(!) header to TFD's
647 * first entry */
648 priv->cfg->ops->lib->txq_attach_buf_to_tfd(priv, txq,
649 txcmd_phys, len, 1, 0);
650
651
652 /* Set up TFD's 2nd entry to point directly to remainder of skb,
653 * if any (802.11 null frames have no payload). */
654 len = skb->len - hdr_len;
655 if (len) {
656 phys_addr = pci_map_single(priv->pci_dev, skb->data + hdr_len,
657 len, PCI_DMA_TODEVICE);
658 priv->cfg->ops->lib->txq_attach_buf_to_tfd(priv, txq,
659 phys_addr, len,
660 0, U32_PAD(len));
661 }
662
663
664 /* Tell device the write index *just past* this latest filled TFD */
665 q->write_ptr = iwl_queue_inc_wrap(q->write_ptr, q->n_bd);
666 rc = iwl_txq_update_write_ptr(priv, txq);
667 spin_unlock_irqrestore(&priv->lock, flags);
668
669 if (rc)
670 return rc;
671
672 if ((iwl_queue_space(q) < q->high_mark)
673 && priv->mac80211_registered) {
674 if (wait_write_ptr) {
675 spin_lock_irqsave(&priv->lock, flags);
676 txq->need_update = 1;
677 iwl_txq_update_write_ptr(priv, txq);
678 spin_unlock_irqrestore(&priv->lock, flags);
679 }
680
681 iwl_stop_queue(priv, skb_get_queue_mapping(skb));
682 }
683
684 return 0;
685
686 drop_unlock:
687 spin_unlock_irqrestore(&priv->lock, flags);
688 drop:
689 return -1;
690 }
691
692 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
693
694 #include "iwl-spectrum.h"
695
696 #define BEACON_TIME_MASK_LOW 0x00FFFFFF
697 #define BEACON_TIME_MASK_HIGH 0xFF000000
698 #define TIME_UNIT 1024
699
700 /*
701 * extended beacon time format
702 * time in usec will be changed into a 32-bit value in 8:24 format
703 * the high 1 byte is the beacon counts
704 * the lower 3 bytes is the time in usec within one beacon interval
705 */
706
707 static u32 iwl3945_usecs_to_beacons(u32 usec, u32 beacon_interval)
708 {
709 u32 quot;
710 u32 rem;
711 u32 interval = beacon_interval * 1024;
712
713 if (!interval || !usec)
714 return 0;
715
716 quot = (usec / interval) & (BEACON_TIME_MASK_HIGH >> 24);
717 rem = (usec % interval) & BEACON_TIME_MASK_LOW;
718
719 return (quot << 24) + rem;
720 }
721
722 /* base is usually what we get from ucode with each received frame,
723 * the same as HW timer counter counting down
724 */
725
726 static __le32 iwl3945_add_beacon_time(u32 base, u32 addon, u32 beacon_interval)
727 {
728 u32 base_low = base & BEACON_TIME_MASK_LOW;
729 u32 addon_low = addon & BEACON_TIME_MASK_LOW;
730 u32 interval = beacon_interval * TIME_UNIT;
731 u32 res = (base & BEACON_TIME_MASK_HIGH) +
732 (addon & BEACON_TIME_MASK_HIGH);
733
734 if (base_low > addon_low)
735 res += base_low - addon_low;
736 else if (base_low < addon_low) {
737 res += interval + base_low - addon_low;
738 res += (1 << 24);
739 } else
740 res += (1 << 24);
741
742 return cpu_to_le32(res);
743 }
744
745 static int iwl3945_get_measurement(struct iwl_priv *priv,
746 struct ieee80211_measurement_params *params,
747 u8 type)
748 {
749 struct iwl_spectrum_cmd spectrum;
750 struct iwl_rx_packet *pkt;
751 struct iwl_host_cmd cmd = {
752 .id = REPLY_SPECTRUM_MEASUREMENT_CMD,
753 .data = (void *)&spectrum,
754 .flags = CMD_WANT_SKB,
755 };
756 u32 add_time = le64_to_cpu(params->start_time);
757 int rc;
758 int spectrum_resp_status;
759 int duration = le16_to_cpu(params->duration);
760
761 if (iwl_is_associated(priv))
762 add_time =
763 iwl3945_usecs_to_beacons(
764 le64_to_cpu(params->start_time) - priv->last_tsf,
765 le16_to_cpu(priv->rxon_timing.beacon_interval));
766
767 memset(&spectrum, 0, sizeof(spectrum));
768
769 spectrum.channel_count = cpu_to_le16(1);
770 spectrum.flags =
771 RXON_FLG_TSF2HOST_MSK | RXON_FLG_ANT_A_MSK | RXON_FLG_DIS_DIV_MSK;
772 spectrum.filter_flags = MEASUREMENT_FILTER_FLAG;
773 cmd.len = sizeof(spectrum);
774 spectrum.len = cpu_to_le16(cmd.len - sizeof(spectrum.len));
775
776 if (iwl_is_associated(priv))
777 spectrum.start_time =
778 iwl3945_add_beacon_time(priv->last_beacon_time,
779 add_time,
780 le16_to_cpu(priv->rxon_timing.beacon_interval));
781 else
782 spectrum.start_time = 0;
783
784 spectrum.channels[0].duration = cpu_to_le32(duration * TIME_UNIT);
785 spectrum.channels[0].channel = params->channel;
786 spectrum.channels[0].type = type;
787 if (priv->active_rxon.flags & RXON_FLG_BAND_24G_MSK)
788 spectrum.flags |= RXON_FLG_BAND_24G_MSK |
789 RXON_FLG_AUTO_DETECT_MSK | RXON_FLG_TGG_PROTECT_MSK;
790
791 rc = iwl_send_cmd_sync(priv, &cmd);
792 if (rc)
793 return rc;
794
795 pkt = (struct iwl_rx_packet *)cmd.reply_page;
796 if (pkt->hdr.flags & IWL_CMD_FAILED_MSK) {
797 IWL_ERR(priv, "Bad return from REPLY_RX_ON_ASSOC command\n");
798 rc = -EIO;
799 }
800
801 spectrum_resp_status = le16_to_cpu(pkt->u.spectrum.status);
802 switch (spectrum_resp_status) {
803 case 0: /* Command will be handled */
804 if (pkt->u.spectrum.id != 0xff) {
805 IWL_DEBUG_INFO(priv, "Replaced existing measurement: %d\n",
806 pkt->u.spectrum.id);
807 priv->measurement_status &= ~MEASUREMENT_READY;
808 }
809 priv->measurement_status |= MEASUREMENT_ACTIVE;
810 rc = 0;
811 break;
812
813 case 1: /* Command will not be handled */
814 rc = -EAGAIN;
815 break;
816 }
817
818 iwl_free_pages(priv, cmd.reply_page);
819
820 return rc;
821 }
822 #endif
823
824 static void iwl3945_rx_reply_alive(struct iwl_priv *priv,
825 struct iwl_rx_mem_buffer *rxb)
826 {
827 struct iwl_rx_packet *pkt = rxb_addr(rxb);
828 struct iwl_alive_resp *palive;
829 struct delayed_work *pwork;
830
831 palive = &pkt->u.alive_frame;
832
833 IWL_DEBUG_INFO(priv, "Alive ucode status 0x%08X revision "
834 "0x%01X 0x%01X\n",
835 palive->is_valid, palive->ver_type,
836 palive->ver_subtype);
837
838 if (palive->ver_subtype == INITIALIZE_SUBTYPE) {
839 IWL_DEBUG_INFO(priv, "Initialization Alive received.\n");
840 memcpy(&priv->card_alive_init, &pkt->u.alive_frame,
841 sizeof(struct iwl_alive_resp));
842 pwork = &priv->init_alive_start;
843 } else {
844 IWL_DEBUG_INFO(priv, "Runtime Alive received.\n");
845 memcpy(&priv->card_alive, &pkt->u.alive_frame,
846 sizeof(struct iwl_alive_resp));
847 pwork = &priv->alive_start;
848 iwl3945_disable_events(priv);
849 }
850
851 /* We delay the ALIVE response by 5ms to
852 * give the HW RF Kill time to activate... */
853 if (palive->is_valid == UCODE_VALID_OK)
854 queue_delayed_work(priv->workqueue, pwork,
855 msecs_to_jiffies(5));
856 else
857 IWL_WARN(priv, "uCode did not respond OK.\n");
858 }
859
860 static void iwl3945_rx_reply_add_sta(struct iwl_priv *priv,
861 struct iwl_rx_mem_buffer *rxb)
862 {
863 #ifdef CONFIG_IWLWIFI_DEBUG
864 struct iwl_rx_packet *pkt = rxb_addr(rxb);
865 #endif
866
867 IWL_DEBUG_RX(priv, "Received REPLY_ADD_STA: 0x%02X\n", pkt->u.status);
868 return;
869 }
870
871 static void iwl3945_bg_beacon_update(struct work_struct *work)
872 {
873 struct iwl_priv *priv =
874 container_of(work, struct iwl_priv, beacon_update);
875 struct sk_buff *beacon;
876
877 /* Pull updated AP beacon from mac80211. will fail if not in AP mode */
878 beacon = ieee80211_beacon_get(priv->hw, priv->vif);
879
880 if (!beacon) {
881 IWL_ERR(priv, "update beacon failed\n");
882 return;
883 }
884
885 mutex_lock(&priv->mutex);
886 /* new beacon skb is allocated every time; dispose previous.*/
887 if (priv->ibss_beacon)
888 dev_kfree_skb(priv->ibss_beacon);
889
890 priv->ibss_beacon = beacon;
891 mutex_unlock(&priv->mutex);
892
893 iwl3945_send_beacon_cmd(priv);
894 }
895
896 static void iwl3945_rx_beacon_notif(struct iwl_priv *priv,
897 struct iwl_rx_mem_buffer *rxb)
898 {
899 #ifdef CONFIG_IWLWIFI_DEBUG
900 struct iwl_rx_packet *pkt = rxb_addr(rxb);
901 struct iwl3945_beacon_notif *beacon = &(pkt->u.beacon_status);
902 u8 rate = beacon->beacon_notify_hdr.rate;
903
904 IWL_DEBUG_RX(priv, "beacon status %x retries %d iss %d "
905 "tsf %d %d rate %d\n",
906 le32_to_cpu(beacon->beacon_notify_hdr.status) & TX_STATUS_MSK,
907 beacon->beacon_notify_hdr.failure_frame,
908 le32_to_cpu(beacon->ibss_mgr_status),
909 le32_to_cpu(beacon->high_tsf),
910 le32_to_cpu(beacon->low_tsf), rate);
911 #endif
912
913 if ((priv->iw_mode == NL80211_IFTYPE_AP) &&
914 (!test_bit(STATUS_EXIT_PENDING, &priv->status)))
915 queue_work(priv->workqueue, &priv->beacon_update);
916 }
917
918 /* Handle notification from uCode that card's power state is changing
919 * due to software, hardware, or critical temperature RFKILL */
920 static void iwl3945_rx_card_state_notif(struct iwl_priv *priv,
921 struct iwl_rx_mem_buffer *rxb)
922 {
923 struct iwl_rx_packet *pkt = rxb_addr(rxb);
924 u32 flags = le32_to_cpu(pkt->u.card_state_notif.flags);
925 unsigned long status = priv->status;
926
927 IWL_WARN(priv, "Card state received: HW:%s SW:%s\n",
928 (flags & HW_CARD_DISABLED) ? "Kill" : "On",
929 (flags & SW_CARD_DISABLED) ? "Kill" : "On");
930
931 iwl_write32(priv, CSR_UCODE_DRV_GP1_SET,
932 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
933
934 if (flags & HW_CARD_DISABLED)
935 set_bit(STATUS_RF_KILL_HW, &priv->status);
936 else
937 clear_bit(STATUS_RF_KILL_HW, &priv->status);
938
939
940 iwl_scan_cancel(priv);
941
942 if ((test_bit(STATUS_RF_KILL_HW, &status) !=
943 test_bit(STATUS_RF_KILL_HW, &priv->status)))
944 wiphy_rfkill_set_hw_state(priv->hw->wiphy,
945 test_bit(STATUS_RF_KILL_HW, &priv->status));
946 else
947 wake_up_interruptible(&priv->wait_command_queue);
948 }
949
950 /**
951 * iwl3945_setup_rx_handlers - Initialize Rx handler callbacks
952 *
953 * Setup the RX handlers for each of the reply types sent from the uCode
954 * to the host.
955 *
956 * This function chains into the hardware specific files for them to setup
957 * any hardware specific handlers as well.
958 */
959 static void iwl3945_setup_rx_handlers(struct iwl_priv *priv)
960 {
961 priv->rx_handlers[REPLY_ALIVE] = iwl3945_rx_reply_alive;
962 priv->rx_handlers[REPLY_ADD_STA] = iwl3945_rx_reply_add_sta;
963 priv->rx_handlers[REPLY_ERROR] = iwl_rx_reply_error;
964 priv->rx_handlers[CHANNEL_SWITCH_NOTIFICATION] = iwl_rx_csa;
965 priv->rx_handlers[PM_SLEEP_NOTIFICATION] = iwl_rx_pm_sleep_notif;
966 priv->rx_handlers[PM_DEBUG_STATISTIC_NOTIFIC] =
967 iwl_rx_pm_debug_statistics_notif;
968 priv->rx_handlers[BEACON_NOTIFICATION] = iwl3945_rx_beacon_notif;
969
970 /*
971 * The same handler is used for both the REPLY to a discrete
972 * statistics request from the host as well as for the periodic
973 * statistics notifications (after received beacons) from the uCode.
974 */
975 priv->rx_handlers[REPLY_STATISTICS_CMD] = iwl3945_hw_rx_statistics;
976 priv->rx_handlers[STATISTICS_NOTIFICATION] = iwl3945_hw_rx_statistics;
977
978 iwl_setup_spectrum_handlers(priv);
979 iwl_setup_rx_scan_handlers(priv);
980 priv->rx_handlers[CARD_STATE_NOTIFICATION] = iwl3945_rx_card_state_notif;
981
982 /* Set up hardware specific Rx handlers */
983 iwl3945_hw_rx_handler_setup(priv);
984 }
985
986 /************************** RX-FUNCTIONS ****************************/
987 /*
988 * Rx theory of operation
989 *
990 * The host allocates 32 DMA target addresses and passes the host address
991 * to the firmware at register IWL_RFDS_TABLE_LOWER + N * RFD_SIZE where N is
992 * 0 to 31
993 *
994 * Rx Queue Indexes
995 * The host/firmware share two index registers for managing the Rx buffers.
996 *
997 * The READ index maps to the first position that the firmware may be writing
998 * to -- the driver can read up to (but not including) this position and get
999 * good data.
1000 * The READ index is managed by the firmware once the card is enabled.
1001 *
1002 * The WRITE index maps to the last position the driver has read from -- the
1003 * position preceding WRITE is the last slot the firmware can place a packet.
1004 *
1005 * The queue is empty (no good data) if WRITE = READ - 1, and is full if
1006 * WRITE = READ.
1007 *
1008 * During initialization, the host sets up the READ queue position to the first
1009 * INDEX position, and WRITE to the last (READ - 1 wrapped)
1010 *
1011 * When the firmware places a packet in a buffer, it will advance the READ index
1012 * and fire the RX interrupt. The driver can then query the READ index and
1013 * process as many packets as possible, moving the WRITE index forward as it
1014 * resets the Rx queue buffers with new memory.
1015 *
1016 * The management in the driver is as follows:
1017 * + A list of pre-allocated SKBs is stored in iwl->rxq->rx_free. When
1018 * iwl->rxq->free_count drops to or below RX_LOW_WATERMARK, work is scheduled
1019 * to replenish the iwl->rxq->rx_free.
1020 * + In iwl3945_rx_replenish (scheduled) if 'processed' != 'read' then the
1021 * iwl->rxq is replenished and the READ INDEX is updated (updating the
1022 * 'processed' and 'read' driver indexes as well)
1023 * + A received packet is processed and handed to the kernel network stack,
1024 * detached from the iwl->rxq. The driver 'processed' index is updated.
1025 * + The Host/Firmware iwl->rxq is replenished at tasklet time from the rx_free
1026 * list. If there are no allocated buffers in iwl->rxq->rx_free, the READ
1027 * INDEX is not incremented and iwl->status(RX_STALLED) is set. If there
1028 * were enough free buffers and RX_STALLED is set it is cleared.
1029 *
1030 *
1031 * Driver sequence:
1032 *
1033 * iwl3945_rx_replenish() Replenishes rx_free list from rx_used, and calls
1034 * iwl3945_rx_queue_restock
1035 * iwl3945_rx_queue_restock() Moves available buffers from rx_free into Rx
1036 * queue, updates firmware pointers, and updates
1037 * the WRITE index. If insufficient rx_free buffers
1038 * are available, schedules iwl3945_rx_replenish
1039 *
1040 * -- enable interrupts --
1041 * ISR - iwl3945_rx() Detach iwl_rx_mem_buffers from pool up to the
1042 * READ INDEX, detaching the SKB from the pool.
1043 * Moves the packet buffer from queue to rx_used.
1044 * Calls iwl3945_rx_queue_restock to refill any empty
1045 * slots.
1046 * ...
1047 *
1048 */
1049
1050 /**
1051 * iwl3945_dma_addr2rbd_ptr - convert a DMA address to a uCode read buffer ptr
1052 */
1053 static inline __le32 iwl3945_dma_addr2rbd_ptr(struct iwl_priv *priv,
1054 dma_addr_t dma_addr)
1055 {
1056 return cpu_to_le32((u32)dma_addr);
1057 }
1058
1059 /**
1060 * iwl3945_rx_queue_restock - refill RX queue from pre-allocated pool
1061 *
1062 * If there are slots in the RX queue that need to be restocked,
1063 * and we have free pre-allocated buffers, fill the ranks as much
1064 * as we can, pulling from rx_free.
1065 *
1066 * This moves the 'write' index forward to catch up with 'processed', and
1067 * also updates the memory address in the firmware to reference the new
1068 * target buffer.
1069 */
1070 static int iwl3945_rx_queue_restock(struct iwl_priv *priv)
1071 {
1072 struct iwl_rx_queue *rxq = &priv->rxq;
1073 struct list_head *element;
1074 struct iwl_rx_mem_buffer *rxb;
1075 unsigned long flags;
1076 int write, rc;
1077
1078 spin_lock_irqsave(&rxq->lock, flags);
1079 write = rxq->write & ~0x7;
1080 while ((iwl_rx_queue_space(rxq) > 0) && (rxq->free_count)) {
1081 /* Get next free Rx buffer, remove from free list */
1082 element = rxq->rx_free.next;
1083 rxb = list_entry(element, struct iwl_rx_mem_buffer, list);
1084 list_del(element);
1085
1086 /* Point to Rx buffer via next RBD in circular buffer */
1087 rxq->bd[rxq->write] = iwl3945_dma_addr2rbd_ptr(priv, rxb->page_dma);
1088 rxq->queue[rxq->write] = rxb;
1089 rxq->write = (rxq->write + 1) & RX_QUEUE_MASK;
1090 rxq->free_count--;
1091 }
1092 spin_unlock_irqrestore(&rxq->lock, flags);
1093 /* If the pre-allocated buffer pool is dropping low, schedule to
1094 * refill it */
1095 if (rxq->free_count <= RX_LOW_WATERMARK)
1096 queue_work(priv->workqueue, &priv->rx_replenish);
1097
1098
1099 /* If we've added more space for the firmware to place data, tell it.
1100 * Increment device's write pointer in multiples of 8. */
1101 if ((rxq->write_actual != (rxq->write & ~0x7))
1102 || (abs(rxq->write - rxq->read) > 7)) {
1103 spin_lock_irqsave(&rxq->lock, flags);
1104 rxq->need_update = 1;
1105 spin_unlock_irqrestore(&rxq->lock, flags);
1106 rc = iwl_rx_queue_update_write_ptr(priv, rxq);
1107 if (rc)
1108 return rc;
1109 }
1110
1111 return 0;
1112 }
1113
1114 /**
1115 * iwl3945_rx_replenish - Move all used packet from rx_used to rx_free
1116 *
1117 * When moving to rx_free an SKB is allocated for the slot.
1118 *
1119 * Also restock the Rx queue via iwl3945_rx_queue_restock.
1120 * This is called as a scheduled work item (except for during initialization)
1121 */
1122 static void iwl3945_rx_allocate(struct iwl_priv *priv, gfp_t priority)
1123 {
1124 struct iwl_rx_queue *rxq = &priv->rxq;
1125 struct list_head *element;
1126 struct iwl_rx_mem_buffer *rxb;
1127 struct page *page;
1128 unsigned long flags;
1129 gfp_t gfp_mask = priority;
1130
1131 while (1) {
1132 spin_lock_irqsave(&rxq->lock, flags);
1133
1134 if (list_empty(&rxq->rx_used)) {
1135 spin_unlock_irqrestore(&rxq->lock, flags);
1136 return;
1137 }
1138 spin_unlock_irqrestore(&rxq->lock, flags);
1139
1140 if (rxq->free_count > RX_LOW_WATERMARK)
1141 gfp_mask |= __GFP_NOWARN;
1142
1143 if (priv->hw_params.rx_page_order > 0)
1144 gfp_mask |= __GFP_COMP;
1145
1146 /* Alloc a new receive buffer */
1147 page = alloc_pages(gfp_mask, priv->hw_params.rx_page_order);
1148 if (!page) {
1149 if (net_ratelimit())
1150 IWL_DEBUG_INFO(priv, "Failed to allocate SKB buffer.\n");
1151 if ((rxq->free_count <= RX_LOW_WATERMARK) &&
1152 net_ratelimit())
1153 IWL_CRIT(priv, "Failed to allocate SKB buffer with %s. Only %u free buffers remaining.\n",
1154 priority == GFP_ATOMIC ? "GFP_ATOMIC" : "GFP_KERNEL",
1155 rxq->free_count);
1156 /* We don't reschedule replenish work here -- we will
1157 * call the restock method and if it still needs
1158 * more buffers it will schedule replenish */
1159 break;
1160 }
1161
1162 spin_lock_irqsave(&rxq->lock, flags);
1163 if (list_empty(&rxq->rx_used)) {
1164 spin_unlock_irqrestore(&rxq->lock, flags);
1165 __free_pages(page, priv->hw_params.rx_page_order);
1166 return;
1167 }
1168 element = rxq->rx_used.next;
1169 rxb = list_entry(element, struct iwl_rx_mem_buffer, list);
1170 list_del(element);
1171 spin_unlock_irqrestore(&rxq->lock, flags);
1172
1173 rxb->page = page;
1174 /* Get physical address of RB/SKB */
1175 rxb->page_dma = pci_map_page(priv->pci_dev, page, 0,
1176 PAGE_SIZE << priv->hw_params.rx_page_order,
1177 PCI_DMA_FROMDEVICE);
1178
1179 spin_lock_irqsave(&rxq->lock, flags);
1180
1181 list_add_tail(&rxb->list, &rxq->rx_free);
1182 rxq->free_count++;
1183 priv->alloc_rxb_page++;
1184
1185 spin_unlock_irqrestore(&rxq->lock, flags);
1186 }
1187 }
1188
1189 void iwl3945_rx_queue_reset(struct iwl_priv *priv, struct iwl_rx_queue *rxq)
1190 {
1191 unsigned long flags;
1192 int i;
1193 spin_lock_irqsave(&rxq->lock, flags);
1194 INIT_LIST_HEAD(&rxq->rx_free);
1195 INIT_LIST_HEAD(&rxq->rx_used);
1196 /* Fill the rx_used queue with _all_ of the Rx buffers */
1197 for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++) {
1198 /* In the reset function, these buffers may have been allocated
1199 * to an SKB, so we need to unmap and free potential storage */
1200 if (rxq->pool[i].page != NULL) {
1201 pci_unmap_page(priv->pci_dev, rxq->pool[i].page_dma,
1202 PAGE_SIZE << priv->hw_params.rx_page_order,
1203 PCI_DMA_FROMDEVICE);
1204 __iwl_free_pages(priv, rxq->pool[i].page);
1205 rxq->pool[i].page = NULL;
1206 }
1207 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
1208 }
1209
1210 /* Set us so that we have processed and used all buffers, but have
1211 * not restocked the Rx queue with fresh buffers */
1212 rxq->read = rxq->write = 0;
1213 rxq->write_actual = 0;
1214 rxq->free_count = 0;
1215 spin_unlock_irqrestore(&rxq->lock, flags);
1216 }
1217
1218 void iwl3945_rx_replenish(void *data)
1219 {
1220 struct iwl_priv *priv = data;
1221 unsigned long flags;
1222
1223 iwl3945_rx_allocate(priv, GFP_KERNEL);
1224
1225 spin_lock_irqsave(&priv->lock, flags);
1226 iwl3945_rx_queue_restock(priv);
1227 spin_unlock_irqrestore(&priv->lock, flags);
1228 }
1229
1230 static void iwl3945_rx_replenish_now(struct iwl_priv *priv)
1231 {
1232 iwl3945_rx_allocate(priv, GFP_ATOMIC);
1233
1234 iwl3945_rx_queue_restock(priv);
1235 }
1236
1237
1238 /* Assumes that the skb field of the buffers in 'pool' is kept accurate.
1239 * If an SKB has been detached, the POOL needs to have its SKB set to NULL
1240 * This free routine walks the list of POOL entries and if SKB is set to
1241 * non NULL it is unmapped and freed
1242 */
1243 static void iwl3945_rx_queue_free(struct iwl_priv *priv, struct iwl_rx_queue *rxq)
1244 {
1245 int i;
1246 for (i = 0; i < RX_QUEUE_SIZE + RX_FREE_BUFFERS; i++) {
1247 if (rxq->pool[i].page != NULL) {
1248 pci_unmap_page(priv->pci_dev, rxq->pool[i].page_dma,
1249 PAGE_SIZE << priv->hw_params.rx_page_order,
1250 PCI_DMA_FROMDEVICE);
1251 __iwl_free_pages(priv, rxq->pool[i].page);
1252 rxq->pool[i].page = NULL;
1253 }
1254 }
1255
1256 pci_free_consistent(priv->pci_dev, 4 * RX_QUEUE_SIZE, rxq->bd,
1257 rxq->dma_addr);
1258 pci_free_consistent(priv->pci_dev, sizeof(struct iwl_rb_status),
1259 rxq->rb_stts, rxq->rb_stts_dma);
1260 rxq->bd = NULL;
1261 rxq->rb_stts = NULL;
1262 }
1263
1264
1265 /* Convert linear signal-to-noise ratio into dB */
1266 static u8 ratio2dB[100] = {
1267 /* 0 1 2 3 4 5 6 7 8 9 */
1268 0, 0, 6, 10, 12, 14, 16, 17, 18, 19, /* 00 - 09 */
1269 20, 21, 22, 22, 23, 23, 24, 25, 26, 26, /* 10 - 19 */
1270 26, 26, 26, 27, 27, 28, 28, 28, 29, 29, /* 20 - 29 */
1271 29, 30, 30, 30, 31, 31, 31, 31, 32, 32, /* 30 - 39 */
1272 32, 32, 32, 33, 33, 33, 33, 33, 34, 34, /* 40 - 49 */
1273 34, 34, 34, 34, 35, 35, 35, 35, 35, 35, /* 50 - 59 */
1274 36, 36, 36, 36, 36, 36, 36, 37, 37, 37, /* 60 - 69 */
1275 37, 37, 37, 37, 37, 38, 38, 38, 38, 38, /* 70 - 79 */
1276 38, 38, 38, 38, 38, 39, 39, 39, 39, 39, /* 80 - 89 */
1277 39, 39, 39, 39, 39, 40, 40, 40, 40, 40 /* 90 - 99 */
1278 };
1279
1280 /* Calculates a relative dB value from a ratio of linear
1281 * (i.e. not dB) signal levels.
1282 * Conversion assumes that levels are voltages (20*log), not powers (10*log). */
1283 int iwl3945_calc_db_from_ratio(int sig_ratio)
1284 {
1285 /* 1000:1 or higher just report as 60 dB */
1286 if (sig_ratio >= 1000)
1287 return 60;
1288
1289 /* 100:1 or higher, divide by 10 and use table,
1290 * add 20 dB to make up for divide by 10 */
1291 if (sig_ratio >= 100)
1292 return 20 + (int)ratio2dB[sig_ratio/10];
1293
1294 /* We shouldn't see this */
1295 if (sig_ratio < 1)
1296 return 0;
1297
1298 /* Use table for ratios 1:1 - 99:1 */
1299 return (int)ratio2dB[sig_ratio];
1300 }
1301
1302 #define PERFECT_RSSI (-20) /* dBm */
1303 #define WORST_RSSI (-95) /* dBm */
1304 #define RSSI_RANGE (PERFECT_RSSI - WORST_RSSI)
1305
1306 /* Calculate an indication of rx signal quality (a percentage, not dBm!).
1307 * See http://www.ces.clemson.edu/linux/signal_quality.shtml for info
1308 * about formulas used below. */
1309 int iwl3945_calc_sig_qual(int rssi_dbm, int noise_dbm)
1310 {
1311 int sig_qual;
1312 int degradation = PERFECT_RSSI - rssi_dbm;
1313
1314 /* If we get a noise measurement, use signal-to-noise ratio (SNR)
1315 * as indicator; formula is (signal dbm - noise dbm).
1316 * SNR at or above 40 is a great signal (100%).
1317 * Below that, scale to fit SNR of 0 - 40 dB within 0 - 100% indicator.
1318 * Weakest usable signal is usually 10 - 15 dB SNR. */
1319 if (noise_dbm) {
1320 if (rssi_dbm - noise_dbm >= 40)
1321 return 100;
1322 else if (rssi_dbm < noise_dbm)
1323 return 0;
1324 sig_qual = ((rssi_dbm - noise_dbm) * 5) / 2;
1325
1326 /* Else use just the signal level.
1327 * This formula is a least squares fit of data points collected and
1328 * compared with a reference system that had a percentage (%) display
1329 * for signal quality. */
1330 } else
1331 sig_qual = (100 * (RSSI_RANGE * RSSI_RANGE) - degradation *
1332 (15 * RSSI_RANGE + 62 * degradation)) /
1333 (RSSI_RANGE * RSSI_RANGE);
1334
1335 if (sig_qual > 100)
1336 sig_qual = 100;
1337 else if (sig_qual < 1)
1338 sig_qual = 0;
1339
1340 return sig_qual;
1341 }
1342
1343 /**
1344 * iwl3945_rx_handle - Main entry function for receiving responses from uCode
1345 *
1346 * Uses the priv->rx_handlers callback function array to invoke
1347 * the appropriate handlers, including command responses,
1348 * frame-received notifications, and other notifications.
1349 */
1350 static void iwl3945_rx_handle(struct iwl_priv *priv)
1351 {
1352 struct iwl_rx_mem_buffer *rxb;
1353 struct iwl_rx_packet *pkt;
1354 struct iwl_rx_queue *rxq = &priv->rxq;
1355 u32 r, i;
1356 int reclaim;
1357 unsigned long flags;
1358 u8 fill_rx = 0;
1359 u32 count = 8;
1360 int total_empty = 0;
1361
1362 /* uCode's read index (stored in shared DRAM) indicates the last Rx
1363 * buffer that the driver may process (last buffer filled by ucode). */
1364 r = le16_to_cpu(rxq->rb_stts->closed_rb_num) & 0x0FFF;
1365 i = rxq->read;
1366
1367 /* calculate total frames need to be restock after handling RX */
1368 total_empty = r - rxq->write_actual;
1369 if (total_empty < 0)
1370 total_empty += RX_QUEUE_SIZE;
1371
1372 if (total_empty > (RX_QUEUE_SIZE / 2))
1373 fill_rx = 1;
1374 /* Rx interrupt, but nothing sent from uCode */
1375 if (i == r)
1376 IWL_DEBUG_RX(priv, "r = %d, i = %d\n", r, i);
1377
1378 while (i != r) {
1379 rxb = rxq->queue[i];
1380
1381 /* If an RXB doesn't have a Rx queue slot associated with it,
1382 * then a bug has been introduced in the queue refilling
1383 * routines -- catch it here */
1384 BUG_ON(rxb == NULL);
1385
1386 rxq->queue[i] = NULL;
1387
1388 pci_unmap_page(priv->pci_dev, rxb->page_dma,
1389 PAGE_SIZE << priv->hw_params.rx_page_order,
1390 PCI_DMA_FROMDEVICE);
1391 pkt = rxb_addr(rxb);
1392
1393 trace_iwlwifi_dev_rx(priv, pkt,
1394 le32_to_cpu(pkt->len_n_flags) & FH_RSCSR_FRAME_SIZE_MSK);
1395
1396 /* Reclaim a command buffer only if this packet is a response
1397 * to a (driver-originated) command.
1398 * If the packet (e.g. Rx frame) originated from uCode,
1399 * there is no command buffer to reclaim.
1400 * Ucode should set SEQ_RX_FRAME bit if ucode-originated,
1401 * but apparently a few don't get set; catch them here. */
1402 reclaim = !(pkt->hdr.sequence & SEQ_RX_FRAME) &&
1403 (pkt->hdr.cmd != STATISTICS_NOTIFICATION) &&
1404 (pkt->hdr.cmd != REPLY_TX);
1405
1406 /* Based on type of command response or notification,
1407 * handle those that need handling via function in
1408 * rx_handlers table. See iwl3945_setup_rx_handlers() */
1409 if (priv->rx_handlers[pkt->hdr.cmd]) {
1410 IWL_DEBUG_RX(priv, "r = %d, i = %d, %s, 0x%02x\n", r, i,
1411 get_cmd_string(pkt->hdr.cmd), pkt->hdr.cmd);
1412 priv->isr_stats.rx_handlers[pkt->hdr.cmd]++;
1413 priv->rx_handlers[pkt->hdr.cmd] (priv, rxb);
1414 } else {
1415 /* No handling needed */
1416 IWL_DEBUG_RX(priv,
1417 "r %d i %d No handler needed for %s, 0x%02x\n",
1418 r, i, get_cmd_string(pkt->hdr.cmd),
1419 pkt->hdr.cmd);
1420 }
1421
1422 /*
1423 * XXX: After here, we should always check rxb->page
1424 * against NULL before touching it or its virtual
1425 * memory (pkt). Because some rx_handler might have
1426 * already taken or freed the pages.
1427 */
1428
1429 if (reclaim) {
1430 /* Invoke any callbacks, transfer the buffer to caller,
1431 * and fire off the (possibly) blocking iwl_send_cmd()
1432 * as we reclaim the driver command queue */
1433 if (rxb->page)
1434 iwl_tx_cmd_complete(priv, rxb);
1435 else
1436 IWL_WARN(priv, "Claim null rxb?\n");
1437 }
1438
1439 /* Reuse the page if possible. For notification packets and
1440 * SKBs that fail to Rx correctly, add them back into the
1441 * rx_free list for reuse later. */
1442 spin_lock_irqsave(&rxq->lock, flags);
1443 if (rxb->page != NULL) {
1444 rxb->page_dma = pci_map_page(priv->pci_dev, rxb->page,
1445 0, PAGE_SIZE << priv->hw_params.rx_page_order,
1446 PCI_DMA_FROMDEVICE);
1447 list_add_tail(&rxb->list, &rxq->rx_free);
1448 rxq->free_count++;
1449 } else
1450 list_add_tail(&rxb->list, &rxq->rx_used);
1451
1452 spin_unlock_irqrestore(&rxq->lock, flags);
1453
1454 i = (i + 1) & RX_QUEUE_MASK;
1455 /* If there are a lot of unused frames,
1456 * restock the Rx queue so ucode won't assert. */
1457 if (fill_rx) {
1458 count++;
1459 if (count >= 8) {
1460 rxq->read = i;
1461 iwl3945_rx_replenish_now(priv);
1462 count = 0;
1463 }
1464 }
1465 }
1466
1467 /* Backtrack one entry */
1468 rxq->read = i;
1469 if (fill_rx)
1470 iwl3945_rx_replenish_now(priv);
1471 else
1472 iwl3945_rx_queue_restock(priv);
1473 }
1474
1475 /* call this function to flush any scheduled tasklet */
1476 static inline void iwl_synchronize_irq(struct iwl_priv *priv)
1477 {
1478 /* wait to make sure we flush pending tasklet*/
1479 synchronize_irq(priv->pci_dev->irq);
1480 tasklet_kill(&priv->irq_tasklet);
1481 }
1482
1483 static const char *desc_lookup(int i)
1484 {
1485 switch (i) {
1486 case 1:
1487 return "FAIL";
1488 case 2:
1489 return "BAD_PARAM";
1490 case 3:
1491 return "BAD_CHECKSUM";
1492 case 4:
1493 return "NMI_INTERRUPT";
1494 case 5:
1495 return "SYSASSERT";
1496 case 6:
1497 return "FATAL_ERROR";
1498 }
1499
1500 return "UNKNOWN";
1501 }
1502
1503 #define ERROR_START_OFFSET (1 * sizeof(u32))
1504 #define ERROR_ELEM_SIZE (7 * sizeof(u32))
1505
1506 void iwl3945_dump_nic_error_log(struct iwl_priv *priv)
1507 {
1508 u32 i;
1509 u32 desc, time, count, base, data1;
1510 u32 blink1, blink2, ilink1, ilink2;
1511
1512 base = le32_to_cpu(priv->card_alive.error_event_table_ptr);
1513
1514 if (!iwl3945_hw_valid_rtc_data_addr(base)) {
1515 IWL_ERR(priv, "Not valid error log pointer 0x%08X\n", base);
1516 return;
1517 }
1518
1519
1520 count = iwl_read_targ_mem(priv, base);
1521
1522 if (ERROR_START_OFFSET <= count * ERROR_ELEM_SIZE) {
1523 IWL_ERR(priv, "Start IWL Error Log Dump:\n");
1524 IWL_ERR(priv, "Status: 0x%08lX, count: %d\n",
1525 priv->status, count);
1526 }
1527
1528 IWL_ERR(priv, "Desc Time asrtPC blink2 "
1529 "ilink1 nmiPC Line\n");
1530 for (i = ERROR_START_OFFSET;
1531 i < (count * ERROR_ELEM_SIZE) + ERROR_START_OFFSET;
1532 i += ERROR_ELEM_SIZE) {
1533 desc = iwl_read_targ_mem(priv, base + i);
1534 time =
1535 iwl_read_targ_mem(priv, base + i + 1 * sizeof(u32));
1536 blink1 =
1537 iwl_read_targ_mem(priv, base + i + 2 * sizeof(u32));
1538 blink2 =
1539 iwl_read_targ_mem(priv, base + i + 3 * sizeof(u32));
1540 ilink1 =
1541 iwl_read_targ_mem(priv, base + i + 4 * sizeof(u32));
1542 ilink2 =
1543 iwl_read_targ_mem(priv, base + i + 5 * sizeof(u32));
1544 data1 =
1545 iwl_read_targ_mem(priv, base + i + 6 * sizeof(u32));
1546
1547 IWL_ERR(priv,
1548 "%-13s (#%d) %010u 0x%05X 0x%05X 0x%05X 0x%05X %u\n\n",
1549 desc_lookup(desc), desc, time, blink1, blink2,
1550 ilink1, ilink2, data1);
1551 trace_iwlwifi_dev_ucode_error(priv, desc, time, data1, 0,
1552 0, blink1, blink2, ilink1, ilink2);
1553 }
1554 }
1555
1556 #define EVENT_START_OFFSET (6 * sizeof(u32))
1557
1558 /**
1559 * iwl3945_print_event_log - Dump error event log to syslog
1560 *
1561 */
1562 static void iwl3945_print_event_log(struct iwl_priv *priv, u32 start_idx,
1563 u32 num_events, u32 mode)
1564 {
1565 u32 i;
1566 u32 base; /* SRAM byte address of event log header */
1567 u32 event_size; /* 2 u32s, or 3 u32s if timestamp recorded */
1568 u32 ptr; /* SRAM byte address of log data */
1569 u32 ev, time, data; /* event log data */
1570 unsigned long reg_flags;
1571
1572 if (num_events == 0)
1573 return;
1574
1575 base = le32_to_cpu(priv->card_alive.log_event_table_ptr);
1576
1577 if (mode == 0)
1578 event_size = 2 * sizeof(u32);
1579 else
1580 event_size = 3 * sizeof(u32);
1581
1582 ptr = base + EVENT_START_OFFSET + (start_idx * event_size);
1583
1584 /* Make sure device is powered up for SRAM reads */
1585 spin_lock_irqsave(&priv->reg_lock, reg_flags);
1586 iwl_grab_nic_access(priv);
1587
1588 /* Set starting address; reads will auto-increment */
1589 _iwl_write_direct32(priv, HBUS_TARG_MEM_RADDR, ptr);
1590 rmb();
1591
1592 /* "time" is actually "data" for mode 0 (no timestamp).
1593 * place event id # at far right for easier visual parsing. */
1594 for (i = 0; i < num_events; i++) {
1595 ev = _iwl_read_direct32(priv, HBUS_TARG_MEM_RDAT);
1596 time = _iwl_read_direct32(priv, HBUS_TARG_MEM_RDAT);
1597 if (mode == 0) {
1598 /* data, ev */
1599 IWL_ERR(priv, "0x%08x\t%04u\n", time, ev);
1600 trace_iwlwifi_dev_ucode_event(priv, 0, time, ev);
1601 } else {
1602 data = _iwl_read_direct32(priv, HBUS_TARG_MEM_RDAT);
1603 IWL_ERR(priv, "%010u\t0x%08x\t%04u\n", time, data, ev);
1604 trace_iwlwifi_dev_ucode_event(priv, time, data, ev);
1605 }
1606 }
1607
1608 /* Allow device to power down */
1609 iwl_release_nic_access(priv);
1610 spin_unlock_irqrestore(&priv->reg_lock, reg_flags);
1611 }
1612
1613 /**
1614 * iwl3945_print_last_event_logs - Dump the newest # of event log to syslog
1615 */
1616 static void iwl3945_print_last_event_logs(struct iwl_priv *priv, u32 capacity,
1617 u32 num_wraps, u32 next_entry,
1618 u32 size, u32 mode)
1619 {
1620 /*
1621 * display the newest DEFAULT_LOG_ENTRIES entries
1622 * i.e the entries just before the next ont that uCode would fill.
1623 */
1624 if (num_wraps) {
1625 if (next_entry < size) {
1626 iwl3945_print_event_log(priv,
1627 capacity - (size - next_entry),
1628 size - next_entry, mode);
1629 iwl3945_print_event_log(priv, 0,
1630 next_entry, mode);
1631 } else
1632 iwl3945_print_event_log(priv, next_entry - size,
1633 size, mode);
1634 } else {
1635 if (next_entry < size)
1636 iwl3945_print_event_log(priv, 0, next_entry, mode);
1637 else
1638 iwl3945_print_event_log(priv, next_entry - size,
1639 size, mode);
1640 }
1641 }
1642
1643 /* For sanity check only. Actual size is determined by uCode, typ. 512 */
1644 #define IWL3945_MAX_EVENT_LOG_SIZE (512)
1645
1646 #define DEFAULT_IWL3945_DUMP_EVENT_LOG_ENTRIES (20)
1647
1648 void iwl3945_dump_nic_event_log(struct iwl_priv *priv, bool full_log)
1649 {
1650 u32 base; /* SRAM byte address of event log header */
1651 u32 capacity; /* event log capacity in # entries */
1652 u32 mode; /* 0 - no timestamp, 1 - timestamp recorded */
1653 u32 num_wraps; /* # times uCode wrapped to top of log */
1654 u32 next_entry; /* index of next entry to be written by uCode */
1655 u32 size; /* # entries that we'll print */
1656
1657 base = le32_to_cpu(priv->card_alive.log_event_table_ptr);
1658 if (!iwl3945_hw_valid_rtc_data_addr(base)) {
1659 IWL_ERR(priv, "Invalid event log pointer 0x%08X\n", base);
1660 return;
1661 }
1662
1663 /* event log header */
1664 capacity = iwl_read_targ_mem(priv, base);
1665 mode = iwl_read_targ_mem(priv, base + (1 * sizeof(u32)));
1666 num_wraps = iwl_read_targ_mem(priv, base + (2 * sizeof(u32)));
1667 next_entry = iwl_read_targ_mem(priv, base + (3 * sizeof(u32)));
1668
1669 if (capacity > IWL3945_MAX_EVENT_LOG_SIZE) {
1670 IWL_ERR(priv, "Log capacity %d is bogus, limit to %d entries\n",
1671 capacity, IWL3945_MAX_EVENT_LOG_SIZE);
1672 capacity = IWL3945_MAX_EVENT_LOG_SIZE;
1673 }
1674
1675 if (next_entry > IWL3945_MAX_EVENT_LOG_SIZE) {
1676 IWL_ERR(priv, "Log write index %d is bogus, limit to %d\n",
1677 next_entry, IWL3945_MAX_EVENT_LOG_SIZE);
1678 next_entry = IWL3945_MAX_EVENT_LOG_SIZE;
1679 }
1680
1681 size = num_wraps ? capacity : next_entry;
1682
1683 /* bail out if nothing in log */
1684 if (size == 0) {
1685 IWL_ERR(priv, "Start IWL Event Log Dump: nothing in log\n");
1686 return;
1687 }
1688
1689 #ifdef CONFIG_IWLWIFI_DEBUG
1690 if (!(iwl_get_debug_level(priv) & IWL_DL_FW_ERRORS) && !full_log)
1691 size = (size > DEFAULT_IWL3945_DUMP_EVENT_LOG_ENTRIES)
1692 ? DEFAULT_IWL3945_DUMP_EVENT_LOG_ENTRIES : size;
1693 #else
1694 size = (size > DEFAULT_IWL3945_DUMP_EVENT_LOG_ENTRIES)
1695 ? DEFAULT_IWL3945_DUMP_EVENT_LOG_ENTRIES : size;
1696 #endif
1697
1698 IWL_ERR(priv, "Start IWL Event Log Dump: display last %d count\n",
1699 size);
1700
1701 #ifdef CONFIG_IWLWIFI_DEBUG
1702 if ((iwl_get_debug_level(priv) & IWL_DL_FW_ERRORS) || full_log) {
1703 /* if uCode has wrapped back to top of log,
1704 * start at the oldest entry,
1705 * i.e the next one that uCode would fill.
1706 */
1707 if (num_wraps)
1708 iwl3945_print_event_log(priv, next_entry,
1709 capacity - next_entry, mode);
1710
1711 /* (then/else) start at top of log */
1712 iwl3945_print_event_log(priv, 0, next_entry, mode);
1713 } else
1714 iwl3945_print_last_event_logs(priv, capacity, num_wraps,
1715 next_entry, size, mode);
1716 #else
1717 iwl3945_print_last_event_logs(priv, capacity, num_wraps,
1718 next_entry, size, mode);
1719 #endif
1720
1721 }
1722
1723 static void iwl3945_irq_tasklet(struct iwl_priv *priv)
1724 {
1725 u32 inta, handled = 0;
1726 u32 inta_fh;
1727 unsigned long flags;
1728 #ifdef CONFIG_IWLWIFI_DEBUG
1729 u32 inta_mask;
1730 #endif
1731
1732 spin_lock_irqsave(&priv->lock, flags);
1733
1734 /* Ack/clear/reset pending uCode interrupts.
1735 * Note: Some bits in CSR_INT are "OR" of bits in CSR_FH_INT_STATUS,
1736 * and will clear only when CSR_FH_INT_STATUS gets cleared. */
1737 inta = iwl_read32(priv, CSR_INT);
1738 iwl_write32(priv, CSR_INT, inta);
1739
1740 /* Ack/clear/reset pending flow-handler (DMA) interrupts.
1741 * Any new interrupts that happen after this, either while we're
1742 * in this tasklet, or later, will show up in next ISR/tasklet. */
1743 inta_fh = iwl_read32(priv, CSR_FH_INT_STATUS);
1744 iwl_write32(priv, CSR_FH_INT_STATUS, inta_fh);
1745
1746 #ifdef CONFIG_IWLWIFI_DEBUG
1747 if (iwl_get_debug_level(priv) & IWL_DL_ISR) {
1748 /* just for debug */
1749 inta_mask = iwl_read32(priv, CSR_INT_MASK);
1750 IWL_DEBUG_ISR(priv, "inta 0x%08x, enabled 0x%08x, fh 0x%08x\n",
1751 inta, inta_mask, inta_fh);
1752 }
1753 #endif
1754
1755 spin_unlock_irqrestore(&priv->lock, flags);
1756
1757 /* Since CSR_INT and CSR_FH_INT_STATUS reads and clears are not
1758 * atomic, make sure that inta covers all the interrupts that
1759 * we've discovered, even if FH interrupt came in just after
1760 * reading CSR_INT. */
1761 if (inta_fh & CSR39_FH_INT_RX_MASK)
1762 inta |= CSR_INT_BIT_FH_RX;
1763 if (inta_fh & CSR39_FH_INT_TX_MASK)
1764 inta |= CSR_INT_BIT_FH_TX;
1765
1766 /* Now service all interrupt bits discovered above. */
1767 if (inta & CSR_INT_BIT_HW_ERR) {
1768 IWL_ERR(priv, "Hardware error detected. Restarting.\n");
1769
1770 /* Tell the device to stop sending interrupts */
1771 iwl_disable_interrupts(priv);
1772
1773 priv->isr_stats.hw++;
1774 iwl_irq_handle_error(priv);
1775
1776 handled |= CSR_INT_BIT_HW_ERR;
1777
1778 return;
1779 }
1780
1781 #ifdef CONFIG_IWLWIFI_DEBUG
1782 if (iwl_get_debug_level(priv) & (IWL_DL_ISR)) {
1783 /* NIC fires this, but we don't use it, redundant with WAKEUP */
1784 if (inta & CSR_INT_BIT_SCD) {
1785 IWL_DEBUG_ISR(priv, "Scheduler finished to transmit "
1786 "the frame/frames.\n");
1787 priv->isr_stats.sch++;
1788 }
1789
1790 /* Alive notification via Rx interrupt will do the real work */
1791 if (inta & CSR_INT_BIT_ALIVE) {
1792 IWL_DEBUG_ISR(priv, "Alive interrupt\n");
1793 priv->isr_stats.alive++;
1794 }
1795 }
1796 #endif
1797 /* Safely ignore these bits for debug checks below */
1798 inta &= ~(CSR_INT_BIT_SCD | CSR_INT_BIT_ALIVE);
1799
1800 /* Error detected by uCode */
1801 if (inta & CSR_INT_BIT_SW_ERR) {
1802 IWL_ERR(priv, "Microcode SW error detected. "
1803 "Restarting 0x%X.\n", inta);
1804 priv->isr_stats.sw++;
1805 priv->isr_stats.sw_err = inta;
1806 iwl_irq_handle_error(priv);
1807 handled |= CSR_INT_BIT_SW_ERR;
1808 }
1809
1810 /* uCode wakes up after power-down sleep */
1811 if (inta & CSR_INT_BIT_WAKEUP) {
1812 IWL_DEBUG_ISR(priv, "Wakeup interrupt\n");
1813 iwl_rx_queue_update_write_ptr(priv, &priv->rxq);
1814 iwl_txq_update_write_ptr(priv, &priv->txq[0]);
1815 iwl_txq_update_write_ptr(priv, &priv->txq[1]);
1816 iwl_txq_update_write_ptr(priv, &priv->txq[2]);
1817 iwl_txq_update_write_ptr(priv, &priv->txq[3]);
1818 iwl_txq_update_write_ptr(priv, &priv->txq[4]);
1819 iwl_txq_update_write_ptr(priv, &priv->txq[5]);
1820
1821 priv->isr_stats.wakeup++;
1822 handled |= CSR_INT_BIT_WAKEUP;
1823 }
1824
1825 /* All uCode command responses, including Tx command responses,
1826 * Rx "responses" (frame-received notification), and other
1827 * notifications from uCode come through here*/
1828 if (inta & (CSR_INT_BIT_FH_RX | CSR_INT_BIT_SW_RX)) {
1829 iwl3945_rx_handle(priv);
1830 priv->isr_stats.rx++;
1831 handled |= (CSR_INT_BIT_FH_RX | CSR_INT_BIT_SW_RX);
1832 }
1833
1834 if (inta & CSR_INT_BIT_FH_TX) {
1835 IWL_DEBUG_ISR(priv, "Tx interrupt\n");
1836 priv->isr_stats.tx++;
1837
1838 iwl_write32(priv, CSR_FH_INT_STATUS, (1 << 6));
1839 iwl_write_direct32(priv, FH39_TCSR_CREDIT
1840 (FH39_SRVC_CHNL), 0x0);
1841 handled |= CSR_INT_BIT_FH_TX;
1842 }
1843
1844 if (inta & ~handled) {
1845 IWL_ERR(priv, "Unhandled INTA bits 0x%08x\n", inta & ~handled);
1846 priv->isr_stats.unhandled++;
1847 }
1848
1849 if (inta & ~priv->inta_mask) {
1850 IWL_WARN(priv, "Disabled INTA bits 0x%08x were pending\n",
1851 inta & ~priv->inta_mask);
1852 IWL_WARN(priv, " with FH_INT = 0x%08x\n", inta_fh);
1853 }
1854
1855 /* Re-enable all interrupts */
1856 /* only Re-enable if disabled by irq */
1857 if (test_bit(STATUS_INT_ENABLED, &priv->status))
1858 iwl_enable_interrupts(priv);
1859
1860 #ifdef CONFIG_IWLWIFI_DEBUG
1861 if (iwl_get_debug_level(priv) & (IWL_DL_ISR)) {
1862 inta = iwl_read32(priv, CSR_INT);
1863 inta_mask = iwl_read32(priv, CSR_INT_MASK);
1864 inta_fh = iwl_read32(priv, CSR_FH_INT_STATUS);
1865 IWL_DEBUG_ISR(priv, "End inta 0x%08x, enabled 0x%08x, fh 0x%08x, "
1866 "flags 0x%08lx\n", inta, inta_mask, inta_fh, flags);
1867 }
1868 #endif
1869 }
1870
1871 static int iwl3945_get_channels_for_scan(struct iwl_priv *priv,
1872 enum ieee80211_band band,
1873 u8 is_active, u8 n_probes,
1874 struct iwl3945_scan_channel *scan_ch)
1875 {
1876 struct ieee80211_channel *chan;
1877 const struct ieee80211_supported_band *sband;
1878 const struct iwl_channel_info *ch_info;
1879 u16 passive_dwell = 0;
1880 u16 active_dwell = 0;
1881 int added, i;
1882
1883 sband = iwl_get_hw_mode(priv, band);
1884 if (!sband)
1885 return 0;
1886
1887 active_dwell = iwl_get_active_dwell_time(priv, band, n_probes);
1888 passive_dwell = iwl_get_passive_dwell_time(priv, band);
1889
1890 if (passive_dwell <= active_dwell)
1891 passive_dwell = active_dwell + 1;
1892
1893 for (i = 0, added = 0; i < priv->scan_request->n_channels; i++) {
1894 chan = priv->scan_request->channels[i];
1895
1896 if (chan->band != band)
1897 continue;
1898
1899 scan_ch->channel = chan->hw_value;
1900
1901 ch_info = iwl_get_channel_info(priv, band, scan_ch->channel);
1902 if (!is_channel_valid(ch_info)) {
1903 IWL_DEBUG_SCAN(priv, "Channel %d is INVALID for this band.\n",
1904 scan_ch->channel);
1905 continue;
1906 }
1907
1908 scan_ch->active_dwell = cpu_to_le16(active_dwell);
1909 scan_ch->passive_dwell = cpu_to_le16(passive_dwell);
1910 /* If passive , set up for auto-switch
1911 * and use long active_dwell time.
1912 */
1913 if (!is_active || is_channel_passive(ch_info) ||
1914 (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN)) {
1915 scan_ch->type = 0; /* passive */
1916 if (IWL_UCODE_API(priv->ucode_ver) == 1)
1917 scan_ch->active_dwell = cpu_to_le16(passive_dwell - 1);
1918 } else {
1919 scan_ch->type = 1; /* active */
1920 }
1921
1922 /* Set direct probe bits. These may be used both for active
1923 * scan channels (probes gets sent right away),
1924 * or for passive channels (probes get se sent only after
1925 * hearing clear Rx packet).*/
1926 if (IWL_UCODE_API(priv->ucode_ver) >= 2) {
1927 if (n_probes)
1928 scan_ch->type |= IWL39_SCAN_PROBE_MASK(n_probes);
1929 } else {
1930 /* uCode v1 does not allow setting direct probe bits on
1931 * passive channel. */
1932 if ((scan_ch->type & 1) && n_probes)
1933 scan_ch->type |= IWL39_SCAN_PROBE_MASK(n_probes);
1934 }
1935
1936 /* Set txpower levels to defaults */
1937 scan_ch->tpc.dsp_atten = 110;
1938 /* scan_pwr_info->tpc.dsp_atten; */
1939
1940 /*scan_pwr_info->tpc.tx_gain; */
1941 if (band == IEEE80211_BAND_5GHZ)
1942 scan_ch->tpc.tx_gain = ((1 << 5) | (3 << 3)) | 3;
1943 else {
1944 scan_ch->tpc.tx_gain = ((1 << 5) | (5 << 3));
1945 /* NOTE: if we were doing 6Mb OFDM for scans we'd use
1946 * power level:
1947 * scan_ch->tpc.tx_gain = ((1 << 5) | (2 << 3)) | 3;
1948 */
1949 }
1950
1951 IWL_DEBUG_SCAN(priv, "Scanning %d [%s %d]\n",
1952 scan_ch->channel,
1953 (scan_ch->type & 1) ? "ACTIVE" : "PASSIVE",
1954 (scan_ch->type & 1) ?
1955 active_dwell : passive_dwell);
1956
1957 scan_ch++;
1958 added++;
1959 }
1960
1961 IWL_DEBUG_SCAN(priv, "total channels to scan %d \n", added);
1962 return added;
1963 }
1964
1965 static void iwl3945_init_hw_rates(struct iwl_priv *priv,
1966 struct ieee80211_rate *rates)
1967 {
1968 int i;
1969
1970 for (i = 0; i < IWL_RATE_COUNT; i++) {
1971 rates[i].bitrate = iwl3945_rates[i].ieee * 5;
1972 rates[i].hw_value = i; /* Rate scaling will work on indexes */
1973 rates[i].hw_value_short = i;
1974 rates[i].flags = 0;
1975 if ((i > IWL39_LAST_OFDM_RATE) || (i < IWL_FIRST_OFDM_RATE)) {
1976 /*
1977 * If CCK != 1M then set short preamble rate flag.
1978 */
1979 rates[i].flags |= (iwl3945_rates[i].plcp == 10) ?
1980 0 : IEEE80211_RATE_SHORT_PREAMBLE;
1981 }
1982 }
1983 }
1984
1985 /******************************************************************************
1986 *
1987 * uCode download functions
1988 *
1989 ******************************************************************************/
1990
1991 static void iwl3945_dealloc_ucode_pci(struct iwl_priv *priv)
1992 {
1993 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_code);
1994 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_data);
1995 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_data_backup);
1996 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_init);
1997 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_init_data);
1998 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_boot);
1999 }
2000
2001 /**
2002 * iwl3945_verify_inst_full - verify runtime uCode image in card vs. host,
2003 * looking at all data.
2004 */
2005 static int iwl3945_verify_inst_full(struct iwl_priv *priv, __le32 *image, u32 len)
2006 {
2007 u32 val;
2008 u32 save_len = len;
2009 int rc = 0;
2010 u32 errcnt;
2011
2012 IWL_DEBUG_INFO(priv, "ucode inst image size is %u\n", len);
2013
2014 iwl_write_direct32(priv, HBUS_TARG_MEM_RADDR,
2015 IWL39_RTC_INST_LOWER_BOUND);
2016
2017 errcnt = 0;
2018 for (; len > 0; len -= sizeof(u32), image++) {
2019 /* read data comes through single port, auto-incr addr */
2020 /* NOTE: Use the debugless read so we don't flood kernel log
2021 * if IWL_DL_IO is set */
2022 val = _iwl_read_direct32(priv, HBUS_TARG_MEM_RDAT);
2023 if (val != le32_to_cpu(*image)) {
2024 IWL_ERR(priv, "uCode INST section is invalid at "
2025 "offset 0x%x, is 0x%x, s/b 0x%x\n",
2026 save_len - len, val, le32_to_cpu(*image));
2027 rc = -EIO;
2028 errcnt++;
2029 if (errcnt >= 20)
2030 break;
2031 }
2032 }
2033
2034
2035 if (!errcnt)
2036 IWL_DEBUG_INFO(priv,
2037 "ucode image in INSTRUCTION memory is good\n");
2038
2039 return rc;
2040 }
2041
2042
2043 /**
2044 * iwl3945_verify_inst_sparse - verify runtime uCode image in card vs. host,
2045 * using sample data 100 bytes apart. If these sample points are good,
2046 * it's a pretty good bet that everything between them is good, too.
2047 */
2048 static int iwl3945_verify_inst_sparse(struct iwl_priv *priv, __le32 *image, u32 len)
2049 {
2050 u32 val;
2051 int rc = 0;
2052 u32 errcnt = 0;
2053 u32 i;
2054
2055 IWL_DEBUG_INFO(priv, "ucode inst image size is %u\n", len);
2056
2057 for (i = 0; i < len; i += 100, image += 100/sizeof(u32)) {
2058 /* read data comes through single port, auto-incr addr */
2059 /* NOTE: Use the debugless read so we don't flood kernel log
2060 * if IWL_DL_IO is set */
2061 iwl_write_direct32(priv, HBUS_TARG_MEM_RADDR,
2062 i + IWL39_RTC_INST_LOWER_BOUND);
2063 val = _iwl_read_direct32(priv, HBUS_TARG_MEM_RDAT);
2064 if (val != le32_to_cpu(*image)) {
2065 #if 0 /* Enable this if you want to see details */
2066 IWL_ERR(priv, "uCode INST section is invalid at "
2067 "offset 0x%x, is 0x%x, s/b 0x%x\n",
2068 i, val, *image);
2069 #endif
2070 rc = -EIO;
2071 errcnt++;
2072 if (errcnt >= 3)
2073 break;
2074 }
2075 }
2076
2077 return rc;
2078 }
2079
2080
2081 /**
2082 * iwl3945_verify_ucode - determine which instruction image is in SRAM,
2083 * and verify its contents
2084 */
2085 static int iwl3945_verify_ucode(struct iwl_priv *priv)
2086 {
2087 __le32 *image;
2088 u32 len;
2089 int rc = 0;
2090
2091 /* Try bootstrap */
2092 image = (__le32 *)priv->ucode_boot.v_addr;
2093 len = priv->ucode_boot.len;
2094 rc = iwl3945_verify_inst_sparse(priv, image, len);
2095 if (rc == 0) {
2096 IWL_DEBUG_INFO(priv, "Bootstrap uCode is good in inst SRAM\n");
2097 return 0;
2098 }
2099
2100 /* Try initialize */
2101 image = (__le32 *)priv->ucode_init.v_addr;
2102 len = priv->ucode_init.len;
2103 rc = iwl3945_verify_inst_sparse(priv, image, len);
2104 if (rc == 0) {
2105 IWL_DEBUG_INFO(priv, "Initialize uCode is good in inst SRAM\n");
2106 return 0;
2107 }
2108
2109 /* Try runtime/protocol */
2110 image = (__le32 *)priv->ucode_code.v_addr;
2111 len = priv->ucode_code.len;
2112 rc = iwl3945_verify_inst_sparse(priv, image, len);
2113 if (rc == 0) {
2114 IWL_DEBUG_INFO(priv, "Runtime uCode is good in inst SRAM\n");
2115 return 0;
2116 }
2117
2118 IWL_ERR(priv, "NO VALID UCODE IMAGE IN INSTRUCTION SRAM!!\n");
2119
2120 /* Since nothing seems to match, show first several data entries in
2121 * instruction SRAM, so maybe visual inspection will give a clue.
2122 * Selection of bootstrap image (vs. other images) is arbitrary. */
2123 image = (__le32 *)priv->ucode_boot.v_addr;
2124 len = priv->ucode_boot.len;
2125 rc = iwl3945_verify_inst_full(priv, image, len);
2126
2127 return rc;
2128 }
2129
2130 static void iwl3945_nic_start(struct iwl_priv *priv)
2131 {
2132 /* Remove all resets to allow NIC to operate */
2133 iwl_write32(priv, CSR_RESET, 0);
2134 }
2135
2136 /**
2137 * iwl3945_read_ucode - Read uCode images from disk file.
2138 *
2139 * Copy into buffers for card to fetch via bus-mastering
2140 */
2141 static int iwl3945_read_ucode(struct iwl_priv *priv)
2142 {
2143 const struct iwl_ucode_header *ucode;
2144 int ret = -EINVAL, index;
2145 const struct firmware *ucode_raw;
2146 /* firmware file name contains uCode/driver compatibility version */
2147 const char *name_pre = priv->cfg->fw_name_pre;
2148 const unsigned int api_max = priv->cfg->ucode_api_max;
2149 const unsigned int api_min = priv->cfg->ucode_api_min;
2150 char buf[25];
2151 u8 *src;
2152 size_t len;
2153 u32 api_ver, inst_size, data_size, init_size, init_data_size, boot_size;
2154
2155 /* Ask kernel firmware_class module to get the boot firmware off disk.
2156 * request_firmware() is synchronous, file is in memory on return. */
2157 for (index = api_max; index >= api_min; index--) {
2158 sprintf(buf, "%s%u%s", name_pre, index, ".ucode");
2159 ret = request_firmware(&ucode_raw, buf, &priv->pci_dev->dev);
2160 if (ret < 0) {
2161 IWL_ERR(priv, "%s firmware file req failed: %d\n",
2162 buf, ret);
2163 if (ret == -ENOENT)
2164 continue;
2165 else
2166 goto error;
2167 } else {
2168 if (index < api_max)
2169 IWL_ERR(priv, "Loaded firmware %s, "
2170 "which is deprecated. "
2171 " Please use API v%u instead.\n",
2172 buf, api_max);
2173 IWL_DEBUG_INFO(priv, "Got firmware '%s' file "
2174 "(%zd bytes) from disk\n",
2175 buf, ucode_raw->size);
2176 break;
2177 }
2178 }
2179
2180 if (ret < 0)
2181 goto error;
2182
2183 /* Make sure that we got at least our header! */
2184 if (ucode_raw->size < priv->cfg->ops->ucode->get_header_size(1)) {
2185 IWL_ERR(priv, "File size way too small!\n");
2186 ret = -EINVAL;
2187 goto err_release;
2188 }
2189
2190 /* Data from ucode file: header followed by uCode images */
2191 ucode = (struct iwl_ucode_header *)ucode_raw->data;
2192
2193 priv->ucode_ver = le32_to_cpu(ucode->ver);
2194 api_ver = IWL_UCODE_API(priv->ucode_ver);
2195 inst_size = priv->cfg->ops->ucode->get_inst_size(ucode, api_ver);
2196 data_size = priv->cfg->ops->ucode->get_data_size(ucode, api_ver);
2197 init_size = priv->cfg->ops->ucode->get_init_size(ucode, api_ver);
2198 init_data_size =
2199 priv->cfg->ops->ucode->get_init_data_size(ucode, api_ver);
2200 boot_size = priv->cfg->ops->ucode->get_boot_size(ucode, api_ver);
2201 src = priv->cfg->ops->ucode->get_data(ucode, api_ver);
2202
2203 /* api_ver should match the api version forming part of the
2204 * firmware filename ... but we don't check for that and only rely
2205 * on the API version read from firmware header from here on forward */
2206
2207 if (api_ver < api_min || api_ver > api_max) {
2208 IWL_ERR(priv, "Driver unable to support your firmware API. "
2209 "Driver supports v%u, firmware is v%u.\n",
2210 api_max, api_ver);
2211 priv->ucode_ver = 0;
2212 ret = -EINVAL;
2213 goto err_release;
2214 }
2215 if (api_ver != api_max)
2216 IWL_ERR(priv, "Firmware has old API version. Expected %u, "
2217 "got %u. New firmware can be obtained "
2218 "from http://www.intellinuxwireless.org.\n",
2219 api_max, api_ver);
2220
2221 IWL_INFO(priv, "loaded firmware version %u.%u.%u.%u\n",
2222 IWL_UCODE_MAJOR(priv->ucode_ver),
2223 IWL_UCODE_MINOR(priv->ucode_ver),
2224 IWL_UCODE_API(priv->ucode_ver),
2225 IWL_UCODE_SERIAL(priv->ucode_ver));
2226
2227 snprintf(priv->hw->wiphy->fw_version,
2228 sizeof(priv->hw->wiphy->fw_version),
2229 "%u.%u.%u.%u",
2230 IWL_UCODE_MAJOR(priv->ucode_ver),
2231 IWL_UCODE_MINOR(priv->ucode_ver),
2232 IWL_UCODE_API(priv->ucode_ver),
2233 IWL_UCODE_SERIAL(priv->ucode_ver));
2234
2235 IWL_DEBUG_INFO(priv, "f/w package hdr ucode version raw = 0x%x\n",
2236 priv->ucode_ver);
2237 IWL_DEBUG_INFO(priv, "f/w package hdr runtime inst size = %u\n",
2238 inst_size);
2239 IWL_DEBUG_INFO(priv, "f/w package hdr runtime data size = %u\n",
2240 data_size);
2241 IWL_DEBUG_INFO(priv, "f/w package hdr init inst size = %u\n",
2242 init_size);
2243 IWL_DEBUG_INFO(priv, "f/w package hdr init data size = %u\n",
2244 init_data_size);
2245 IWL_DEBUG_INFO(priv, "f/w package hdr boot inst size = %u\n",
2246 boot_size);
2247
2248
2249 /* Verify size of file vs. image size info in file's header */
2250 if (ucode_raw->size != priv->cfg->ops->ucode->get_header_size(api_ver) +
2251 inst_size + data_size + init_size +
2252 init_data_size + boot_size) {
2253
2254 IWL_DEBUG_INFO(priv,
2255 "uCode file size %zd does not match expected size\n",
2256 ucode_raw->size);
2257 ret = -EINVAL;
2258 goto err_release;
2259 }
2260
2261 /* Verify that uCode images will fit in card's SRAM */
2262 if (inst_size > IWL39_MAX_INST_SIZE) {
2263 IWL_DEBUG_INFO(priv, "uCode instr len %d too large to fit in\n",
2264 inst_size);
2265 ret = -EINVAL;
2266 goto err_release;
2267 }
2268
2269 if (data_size > IWL39_MAX_DATA_SIZE) {
2270 IWL_DEBUG_INFO(priv, "uCode data len %d too large to fit in\n",
2271 data_size);
2272 ret = -EINVAL;
2273 goto err_release;
2274 }
2275 if (init_size > IWL39_MAX_INST_SIZE) {
2276 IWL_DEBUG_INFO(priv,
2277 "uCode init instr len %d too large to fit in\n",
2278 init_size);
2279 ret = -EINVAL;
2280 goto err_release;
2281 }
2282 if (init_data_size > IWL39_MAX_DATA_SIZE) {
2283 IWL_DEBUG_INFO(priv,
2284 "uCode init data len %d too large to fit in\n",
2285 init_data_size);
2286 ret = -EINVAL;
2287 goto err_release;
2288 }
2289 if (boot_size > IWL39_MAX_BSM_SIZE) {
2290 IWL_DEBUG_INFO(priv,
2291 "uCode boot instr len %d too large to fit in\n",
2292 boot_size);
2293 ret = -EINVAL;
2294 goto err_release;
2295 }
2296
2297 /* Allocate ucode buffers for card's bus-master loading ... */
2298
2299 /* Runtime instructions and 2 copies of data:
2300 * 1) unmodified from disk
2301 * 2) backup cache for save/restore during power-downs */
2302 priv->ucode_code.len = inst_size;
2303 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_code);
2304
2305 priv->ucode_data.len = data_size;
2306 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_data);
2307
2308 priv->ucode_data_backup.len = data_size;
2309 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_data_backup);
2310
2311 if (!priv->ucode_code.v_addr || !priv->ucode_data.v_addr ||
2312 !priv->ucode_data_backup.v_addr)
2313 goto err_pci_alloc;
2314
2315 /* Initialization instructions and data */
2316 if (init_size && init_data_size) {
2317 priv->ucode_init.len = init_size;
2318 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_init);
2319
2320 priv->ucode_init_data.len = init_data_size;
2321 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_init_data);
2322
2323 if (!priv->ucode_init.v_addr || !priv->ucode_init_data.v_addr)
2324 goto err_pci_alloc;
2325 }
2326
2327 /* Bootstrap (instructions only, no data) */
2328 if (boot_size) {
2329 priv->ucode_boot.len = boot_size;
2330 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_boot);
2331
2332 if (!priv->ucode_boot.v_addr)
2333 goto err_pci_alloc;
2334 }
2335
2336 /* Copy images into buffers for card's bus-master reads ... */
2337
2338 /* Runtime instructions (first block of data in file) */
2339 len = inst_size;
2340 IWL_DEBUG_INFO(priv,
2341 "Copying (but not loading) uCode instr len %zd\n", len);
2342 memcpy(priv->ucode_code.v_addr, src, len);
2343 src += len;
2344
2345 IWL_DEBUG_INFO(priv, "uCode instr buf vaddr = 0x%p, paddr = 0x%08x\n",
2346 priv->ucode_code.v_addr, (u32)priv->ucode_code.p_addr);
2347
2348 /* Runtime data (2nd block)
2349 * NOTE: Copy into backup buffer will be done in iwl3945_up() */
2350 len = data_size;
2351 IWL_DEBUG_INFO(priv,
2352 "Copying (but not loading) uCode data len %zd\n", len);
2353 memcpy(priv->ucode_data.v_addr, src, len);
2354 memcpy(priv->ucode_data_backup.v_addr, src, len);
2355 src += len;
2356
2357 /* Initialization instructions (3rd block) */
2358 if (init_size) {
2359 len = init_size;
2360 IWL_DEBUG_INFO(priv,
2361 "Copying (but not loading) init instr len %zd\n", len);
2362 memcpy(priv->ucode_init.v_addr, src, len);
2363 src += len;
2364 }
2365
2366 /* Initialization data (4th block) */
2367 if (init_data_size) {
2368 len = init_data_size;
2369 IWL_DEBUG_INFO(priv,
2370 "Copying (but not loading) init data len %zd\n", len);
2371 memcpy(priv->ucode_init_data.v_addr, src, len);
2372 src += len;
2373 }
2374
2375 /* Bootstrap instructions (5th block) */
2376 len = boot_size;
2377 IWL_DEBUG_INFO(priv,
2378 "Copying (but not loading) boot instr len %zd\n", len);
2379 memcpy(priv->ucode_boot.v_addr, src, len);
2380
2381 /* We have our copies now, allow OS release its copies */
2382 release_firmware(ucode_raw);
2383 return 0;
2384
2385 err_pci_alloc:
2386 IWL_ERR(priv, "failed to allocate pci memory\n");
2387 ret = -ENOMEM;
2388 iwl3945_dealloc_ucode_pci(priv);
2389
2390 err_release:
2391 release_firmware(ucode_raw);
2392
2393 error:
2394 return ret;
2395 }
2396
2397
2398 /**
2399 * iwl3945_set_ucode_ptrs - Set uCode address location
2400 *
2401 * Tell initialization uCode where to find runtime uCode.
2402 *
2403 * BSM registers initially contain pointers to initialization uCode.
2404 * We need to replace them to load runtime uCode inst and data,
2405 * and to save runtime data when powering down.
2406 */
2407 static int iwl3945_set_ucode_ptrs(struct iwl_priv *priv)
2408 {
2409 dma_addr_t pinst;
2410 dma_addr_t pdata;
2411
2412 /* bits 31:0 for 3945 */
2413 pinst = priv->ucode_code.p_addr;
2414 pdata = priv->ucode_data_backup.p_addr;
2415
2416 /* Tell bootstrap uCode where to find image to load */
2417 iwl_write_prph(priv, BSM_DRAM_INST_PTR_REG, pinst);
2418 iwl_write_prph(priv, BSM_DRAM_DATA_PTR_REG, pdata);
2419 iwl_write_prph(priv, BSM_DRAM_DATA_BYTECOUNT_REG,
2420 priv->ucode_data.len);
2421
2422 /* Inst byte count must be last to set up, bit 31 signals uCode
2423 * that all new ptr/size info is in place */
2424 iwl_write_prph(priv, BSM_DRAM_INST_BYTECOUNT_REG,
2425 priv->ucode_code.len | BSM_DRAM_INST_LOAD);
2426
2427 IWL_DEBUG_INFO(priv, "Runtime uCode pointers are set.\n");
2428
2429 return 0;
2430 }
2431
2432 /**
2433 * iwl3945_init_alive_start - Called after REPLY_ALIVE notification received
2434 *
2435 * Called after REPLY_ALIVE notification received from "initialize" uCode.
2436 *
2437 * Tell "initialize" uCode to go ahead and load the runtime uCode.
2438 */
2439 static void iwl3945_init_alive_start(struct iwl_priv *priv)
2440 {
2441 /* Check alive response for "valid" sign from uCode */
2442 if (priv->card_alive_init.is_valid != UCODE_VALID_OK) {
2443 /* We had an error bringing up the hardware, so take it
2444 * all the way back down so we can try again */
2445 IWL_DEBUG_INFO(priv, "Initialize Alive failed.\n");
2446 goto restart;
2447 }
2448
2449 /* Bootstrap uCode has loaded initialize uCode ... verify inst image.
2450 * This is a paranoid check, because we would not have gotten the
2451 * "initialize" alive if code weren't properly loaded. */
2452 if (iwl3945_verify_ucode(priv)) {
2453 /* Runtime instruction load was bad;
2454 * take it all the way back down so we can try again */
2455 IWL_DEBUG_INFO(priv, "Bad \"initialize\" uCode load.\n");
2456 goto restart;
2457 }
2458
2459 /* Send pointers to protocol/runtime uCode image ... init code will
2460 * load and launch runtime uCode, which will send us another "Alive"
2461 * notification. */
2462 IWL_DEBUG_INFO(priv, "Initialization Alive received.\n");
2463 if (iwl3945_set_ucode_ptrs(priv)) {
2464 /* Runtime instruction load won't happen;
2465 * take it all the way back down so we can try again */
2466 IWL_DEBUG_INFO(priv, "Couldn't set up uCode pointers.\n");
2467 goto restart;
2468 }
2469 return;
2470
2471 restart:
2472 queue_work(priv->workqueue, &priv->restart);
2473 }
2474
2475 /**
2476 * iwl3945_alive_start - called after REPLY_ALIVE notification received
2477 * from protocol/runtime uCode (initialization uCode's
2478 * Alive gets handled by iwl3945_init_alive_start()).
2479 */
2480 static void iwl3945_alive_start(struct iwl_priv *priv)
2481 {
2482 int thermal_spin = 0;
2483 u32 rfkill;
2484
2485 IWL_DEBUG_INFO(priv, "Runtime Alive received.\n");
2486
2487 if (priv->card_alive.is_valid != UCODE_VALID_OK) {
2488 /* We had an error bringing up the hardware, so take it
2489 * all the way back down so we can try again */
2490 IWL_DEBUG_INFO(priv, "Alive failed.\n");
2491 goto restart;
2492 }
2493
2494 /* Initialize uCode has loaded Runtime uCode ... verify inst image.
2495 * This is a paranoid check, because we would not have gotten the
2496 * "runtime" alive if code weren't properly loaded. */
2497 if (iwl3945_verify_ucode(priv)) {
2498 /* Runtime instruction load was bad;
2499 * take it all the way back down so we can try again */
2500 IWL_DEBUG_INFO(priv, "Bad runtime uCode load.\n");
2501 goto restart;
2502 }
2503
2504 iwl_clear_stations_table(priv);
2505
2506 rfkill = iwl_read_prph(priv, APMG_RFKILL_REG);
2507 IWL_DEBUG_INFO(priv, "RFKILL status: 0x%x\n", rfkill);
2508
2509 if (rfkill & 0x1) {
2510 clear_bit(STATUS_RF_KILL_HW, &priv->status);
2511 /* if RFKILL is not on, then wait for thermal
2512 * sensor in adapter to kick in */
2513 while (iwl3945_hw_get_temperature(priv) == 0) {
2514 thermal_spin++;
2515 udelay(10);
2516 }
2517
2518 if (thermal_spin)
2519 IWL_DEBUG_INFO(priv, "Thermal calibration took %dus\n",
2520 thermal_spin * 10);
2521 } else
2522 set_bit(STATUS_RF_KILL_HW, &priv->status);
2523
2524 /* After the ALIVE response, we can send commands to 3945 uCode */
2525 set_bit(STATUS_ALIVE, &priv->status);
2526
2527 if (iwl_is_rfkill(priv))
2528 return;
2529
2530 ieee80211_wake_queues(priv->hw);
2531
2532 priv->active_rate = priv->rates_mask;
2533 priv->active_rate_basic = priv->rates_mask & IWL_BASIC_RATES_MASK;
2534
2535 iwl_power_update_mode(priv, true);
2536
2537 if (iwl_is_associated(priv)) {
2538 struct iwl3945_rxon_cmd *active_rxon =
2539 (struct iwl3945_rxon_cmd *)(&priv->active_rxon);
2540
2541 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
2542 active_rxon->filter_flags &= ~RXON_FILTER_ASSOC_MSK;
2543 } else {
2544 /* Initialize our rx_config data */
2545 iwl_connection_init_rx_config(priv, priv->iw_mode);
2546 }
2547
2548 /* Configure Bluetooth device coexistence support */
2549 iwl_send_bt_config(priv);
2550
2551 /* Configure the adapter for unassociated operation */
2552 iwlcore_commit_rxon(priv);
2553
2554 iwl3945_reg_txpower_periodic(priv);
2555
2556 iwl_leds_init(priv);
2557
2558 IWL_DEBUG_INFO(priv, "ALIVE processing complete.\n");
2559 set_bit(STATUS_READY, &priv->status);
2560 wake_up_interruptible(&priv->wait_command_queue);
2561
2562 /* reassociate for ADHOC mode */
2563 if (priv->vif && (priv->iw_mode == NL80211_IFTYPE_ADHOC)) {
2564 struct sk_buff *beacon = ieee80211_beacon_get(priv->hw,
2565 priv->vif);
2566 if (beacon)
2567 iwl_mac_beacon_update(priv->hw, beacon);
2568 }
2569
2570 if (test_and_clear_bit(STATUS_MODE_PENDING, &priv->status))
2571 iwl_set_mode(priv, priv->iw_mode);
2572
2573 return;
2574
2575 restart:
2576 queue_work(priv->workqueue, &priv->restart);
2577 }
2578
2579 static void iwl3945_cancel_deferred_work(struct iwl_priv *priv);
2580
2581 static void __iwl3945_down(struct iwl_priv *priv)
2582 {
2583 unsigned long flags;
2584 int exit_pending = test_bit(STATUS_EXIT_PENDING, &priv->status);
2585 struct ieee80211_conf *conf = NULL;
2586
2587 IWL_DEBUG_INFO(priv, DRV_NAME " is going down\n");
2588
2589 conf = ieee80211_get_hw_conf(priv->hw);
2590
2591 if (!exit_pending)
2592 set_bit(STATUS_EXIT_PENDING, &priv->status);
2593
2594 iwl_clear_stations_table(priv);
2595
2596 /* Unblock any waiting calls */
2597 wake_up_interruptible_all(&priv->wait_command_queue);
2598
2599 /* Wipe out the EXIT_PENDING status bit if we are not actually
2600 * exiting the module */
2601 if (!exit_pending)
2602 clear_bit(STATUS_EXIT_PENDING, &priv->status);
2603
2604 /* stop and reset the on-board processor */
2605 iwl_write32(priv, CSR_RESET, CSR_RESET_REG_FLAG_NEVO_RESET);
2606
2607 /* tell the device to stop sending interrupts */
2608 spin_lock_irqsave(&priv->lock, flags);
2609 iwl_disable_interrupts(priv);
2610 spin_unlock_irqrestore(&priv->lock, flags);
2611 iwl_synchronize_irq(priv);
2612
2613 if (priv->mac80211_registered)
2614 ieee80211_stop_queues(priv->hw);
2615
2616 /* If we have not previously called iwl3945_init() then
2617 * clear all bits but the RF Kill bits and return */
2618 if (!iwl_is_init(priv)) {
2619 priv->status = test_bit(STATUS_RF_KILL_HW, &priv->status) <<
2620 STATUS_RF_KILL_HW |
2621 test_bit(STATUS_GEO_CONFIGURED, &priv->status) <<
2622 STATUS_GEO_CONFIGURED |
2623 test_bit(STATUS_EXIT_PENDING, &priv->status) <<
2624 STATUS_EXIT_PENDING;
2625 goto exit;
2626 }
2627
2628 /* ...otherwise clear out all the status bits but the RF Kill
2629 * bit and continue taking the NIC down. */
2630 priv->status &= test_bit(STATUS_RF_KILL_HW, &priv->status) <<
2631 STATUS_RF_KILL_HW |
2632 test_bit(STATUS_GEO_CONFIGURED, &priv->status) <<
2633 STATUS_GEO_CONFIGURED |
2634 test_bit(STATUS_FW_ERROR, &priv->status) <<
2635 STATUS_FW_ERROR |
2636 test_bit(STATUS_EXIT_PENDING, &priv->status) <<
2637 STATUS_EXIT_PENDING;
2638
2639 iwl3945_hw_txq_ctx_stop(priv);
2640 iwl3945_hw_rxq_stop(priv);
2641
2642 /* Power-down device's busmaster DMA clocks */
2643 iwl_write_prph(priv, APMG_CLK_DIS_REG, APMG_CLK_VAL_DMA_CLK_RQT);
2644 udelay(5);
2645
2646 /* Stop the device, and put it in low power state */
2647 priv->cfg->ops->lib->apm_ops.stop(priv);
2648
2649 exit:
2650 memset(&priv->card_alive, 0, sizeof(struct iwl_alive_resp));
2651
2652 if (priv->ibss_beacon)
2653 dev_kfree_skb(priv->ibss_beacon);
2654 priv->ibss_beacon = NULL;
2655
2656 /* clear out any free frames */
2657 iwl3945_clear_free_frames(priv);
2658 }
2659
2660 static void iwl3945_down(struct iwl_priv *priv)
2661 {
2662 mutex_lock(&priv->mutex);
2663 __iwl3945_down(priv);
2664 mutex_unlock(&priv->mutex);
2665
2666 iwl3945_cancel_deferred_work(priv);
2667 }
2668
2669 #define MAX_HW_RESTARTS 5
2670
2671 static int __iwl3945_up(struct iwl_priv *priv)
2672 {
2673 int rc, i;
2674
2675 if (test_bit(STATUS_EXIT_PENDING, &priv->status)) {
2676 IWL_WARN(priv, "Exit pending; will not bring the NIC up\n");
2677 return -EIO;
2678 }
2679
2680 if (!priv->ucode_data_backup.v_addr || !priv->ucode_data.v_addr) {
2681 IWL_ERR(priv, "ucode not available for device bring up\n");
2682 return -EIO;
2683 }
2684
2685 /* If platform's RF_KILL switch is NOT set to KILL */
2686 if (iwl_read32(priv, CSR_GP_CNTRL) &
2687 CSR_GP_CNTRL_REG_FLAG_HW_RF_KILL_SW)
2688 clear_bit(STATUS_RF_KILL_HW, &priv->status);
2689 else {
2690 set_bit(STATUS_RF_KILL_HW, &priv->status);
2691 IWL_WARN(priv, "Radio disabled by HW RF Kill switch\n");
2692 return -ENODEV;
2693 }
2694
2695 iwl_write32(priv, CSR_INT, 0xFFFFFFFF);
2696
2697 rc = iwl3945_hw_nic_init(priv);
2698 if (rc) {
2699 IWL_ERR(priv, "Unable to int nic\n");
2700 return rc;
2701 }
2702
2703 /* make sure rfkill handshake bits are cleared */
2704 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
2705 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR,
2706 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
2707
2708 /* clear (again), then enable host interrupts */
2709 iwl_write32(priv, CSR_INT, 0xFFFFFFFF);
2710 iwl_enable_interrupts(priv);
2711
2712 /* really make sure rfkill handshake bits are cleared */
2713 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
2714 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
2715
2716 /* Copy original ucode data image from disk into backup cache.
2717 * This will be used to initialize the on-board processor's
2718 * data SRAM for a clean start when the runtime program first loads. */
2719 memcpy(priv->ucode_data_backup.v_addr, priv->ucode_data.v_addr,
2720 priv->ucode_data.len);
2721
2722 /* We return success when we resume from suspend and rf_kill is on. */
2723 if (test_bit(STATUS_RF_KILL_HW, &priv->status))
2724 return 0;
2725
2726 for (i = 0; i < MAX_HW_RESTARTS; i++) {
2727
2728 iwl_clear_stations_table(priv);
2729
2730 /* load bootstrap state machine,
2731 * load bootstrap program into processor's memory,
2732 * prepare to load the "initialize" uCode */
2733 priv->cfg->ops->lib->load_ucode(priv);
2734
2735 if (rc) {
2736 IWL_ERR(priv,
2737 "Unable to set up bootstrap uCode: %d\n", rc);
2738 continue;
2739 }
2740
2741 /* start card; "initialize" will load runtime ucode */
2742 iwl3945_nic_start(priv);
2743
2744 IWL_DEBUG_INFO(priv, DRV_NAME " is coming up\n");
2745
2746 return 0;
2747 }
2748
2749 set_bit(STATUS_EXIT_PENDING, &priv->status);
2750 __iwl3945_down(priv);
2751 clear_bit(STATUS_EXIT_PENDING, &priv->status);
2752
2753 /* tried to restart and config the device for as long as our
2754 * patience could withstand */
2755 IWL_ERR(priv, "Unable to initialize device after %d attempts.\n", i);
2756 return -EIO;
2757 }
2758
2759
2760 /*****************************************************************************
2761 *
2762 * Workqueue callbacks
2763 *
2764 *****************************************************************************/
2765
2766 static void iwl3945_bg_init_alive_start(struct work_struct *data)
2767 {
2768 struct iwl_priv *priv =
2769 container_of(data, struct iwl_priv, init_alive_start.work);
2770
2771 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
2772 return;
2773
2774 mutex_lock(&priv->mutex);
2775 iwl3945_init_alive_start(priv);
2776 mutex_unlock(&priv->mutex);
2777 }
2778
2779 static void iwl3945_bg_alive_start(struct work_struct *data)
2780 {
2781 struct iwl_priv *priv =
2782 container_of(data, struct iwl_priv, alive_start.work);
2783
2784 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
2785 return;
2786
2787 mutex_lock(&priv->mutex);
2788 iwl3945_alive_start(priv);
2789 mutex_unlock(&priv->mutex);
2790 }
2791
2792 /*
2793 * 3945 cannot interrupt driver when hardware rf kill switch toggles;
2794 * driver must poll CSR_GP_CNTRL_REG register for change. This register
2795 * *is* readable even when device has been SW_RESET into low power mode
2796 * (e.g. during RF KILL).
2797 */
2798 static void iwl3945_rfkill_poll(struct work_struct *data)
2799 {
2800 struct iwl_priv *priv =
2801 container_of(data, struct iwl_priv, rfkill_poll.work);
2802 bool old_rfkill = test_bit(STATUS_RF_KILL_HW, &priv->status);
2803 bool new_rfkill = !(iwl_read32(priv, CSR_GP_CNTRL)
2804 & CSR_GP_CNTRL_REG_FLAG_HW_RF_KILL_SW);
2805
2806 if (new_rfkill != old_rfkill) {
2807 if (new_rfkill)
2808 set_bit(STATUS_RF_KILL_HW, &priv->status);
2809 else
2810 clear_bit(STATUS_RF_KILL_HW, &priv->status);
2811
2812 wiphy_rfkill_set_hw_state(priv->hw->wiphy, new_rfkill);
2813
2814 IWL_DEBUG_RF_KILL(priv, "RF_KILL bit toggled to %s.\n",
2815 new_rfkill ? "disable radio" : "enable radio");
2816 }
2817
2818 /* Keep this running, even if radio now enabled. This will be
2819 * cancelled in mac_start() if system decides to start again */
2820 queue_delayed_work(priv->workqueue, &priv->rfkill_poll,
2821 round_jiffies_relative(2 * HZ));
2822
2823 }
2824
2825 #define IWL_SCAN_CHECK_WATCHDOG (7 * HZ)
2826 static void iwl3945_bg_request_scan(struct work_struct *data)
2827 {
2828 struct iwl_priv *priv =
2829 container_of(data, struct iwl_priv, request_scan);
2830 struct iwl_host_cmd cmd = {
2831 .id = REPLY_SCAN_CMD,
2832 .len = sizeof(struct iwl3945_scan_cmd),
2833 .flags = CMD_SIZE_HUGE,
2834 };
2835 int rc = 0;
2836 struct iwl3945_scan_cmd *scan;
2837 struct ieee80211_conf *conf = NULL;
2838 u8 n_probes = 0;
2839 enum ieee80211_band band;
2840 bool is_active = false;
2841
2842 conf = ieee80211_get_hw_conf(priv->hw);
2843
2844 mutex_lock(&priv->mutex);
2845
2846 cancel_delayed_work(&priv->scan_check);
2847
2848 if (!iwl_is_ready(priv)) {
2849 IWL_WARN(priv, "request scan called when driver not ready.\n");
2850 goto done;
2851 }
2852
2853 /* Make sure the scan wasn't canceled before this queued work
2854 * was given the chance to run... */
2855 if (!test_bit(STATUS_SCANNING, &priv->status))
2856 goto done;
2857
2858 /* This should never be called or scheduled if there is currently
2859 * a scan active in the hardware. */
2860 if (test_bit(STATUS_SCAN_HW, &priv->status)) {
2861 IWL_DEBUG_INFO(priv, "Multiple concurrent scan requests "
2862 "Ignoring second request.\n");
2863 rc = -EIO;
2864 goto done;
2865 }
2866
2867 if (test_bit(STATUS_EXIT_PENDING, &priv->status)) {
2868 IWL_DEBUG_SCAN(priv, "Aborting scan due to device shutdown\n");
2869 goto done;
2870 }
2871
2872 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
2873 IWL_DEBUG_HC(priv,
2874 "Scan request while abort pending. Queuing.\n");
2875 goto done;
2876 }
2877
2878 if (iwl_is_rfkill(priv)) {
2879 IWL_DEBUG_HC(priv, "Aborting scan due to RF Kill activation\n");
2880 goto done;
2881 }
2882
2883 if (!test_bit(STATUS_READY, &priv->status)) {
2884 IWL_DEBUG_HC(priv,
2885 "Scan request while uninitialized. Queuing.\n");
2886 goto done;
2887 }
2888
2889 if (!priv->scan_bands) {
2890 IWL_DEBUG_HC(priv, "Aborting scan due to no requested bands\n");
2891 goto done;
2892 }
2893
2894 if (!priv->scan) {
2895 priv->scan = kmalloc(sizeof(struct iwl3945_scan_cmd) +
2896 IWL_MAX_SCAN_SIZE, GFP_KERNEL);
2897 if (!priv->scan) {
2898 rc = -ENOMEM;
2899 goto done;
2900 }
2901 }
2902 scan = priv->scan;
2903 memset(scan, 0, sizeof(struct iwl3945_scan_cmd) + IWL_MAX_SCAN_SIZE);
2904
2905 scan->quiet_plcp_th = IWL_PLCP_QUIET_THRESH;
2906 scan->quiet_time = IWL_ACTIVE_QUIET_TIME;
2907
2908 if (iwl_is_associated(priv)) {
2909 u16 interval = 0;
2910 u32 extra;
2911 u32 suspend_time = 100;
2912 u32 scan_suspend_time = 100;
2913 unsigned long flags;
2914
2915 IWL_DEBUG_INFO(priv, "Scanning while associated...\n");
2916
2917 spin_lock_irqsave(&priv->lock, flags);
2918 interval = priv->beacon_int;
2919 spin_unlock_irqrestore(&priv->lock, flags);
2920
2921 scan->suspend_time = 0;
2922 scan->max_out_time = cpu_to_le32(200 * 1024);
2923 if (!interval)
2924 interval = suspend_time;
2925 /*
2926 * suspend time format:
2927 * 0-19: beacon interval in usec (time before exec.)
2928 * 20-23: 0
2929 * 24-31: number of beacons (suspend between channels)
2930 */
2931
2932 extra = (suspend_time / interval) << 24;
2933 scan_suspend_time = 0xFF0FFFFF &
2934 (extra | ((suspend_time % interval) * 1024));
2935
2936 scan->suspend_time = cpu_to_le32(scan_suspend_time);
2937 IWL_DEBUG_SCAN(priv, "suspend_time 0x%X beacon interval %d\n",
2938 scan_suspend_time, interval);
2939 }
2940
2941 if (priv->scan_request->n_ssids) {
2942 int i, p = 0;
2943 IWL_DEBUG_SCAN(priv, "Kicking off active scan\n");
2944 for (i = 0; i < priv->scan_request->n_ssids; i++) {
2945 /* always does wildcard anyway */
2946 if (!priv->scan_request->ssids[i].ssid_len)
2947 continue;
2948 scan->direct_scan[p].id = WLAN_EID_SSID;
2949 scan->direct_scan[p].len =
2950 priv->scan_request->ssids[i].ssid_len;
2951 memcpy(scan->direct_scan[p].ssid,
2952 priv->scan_request->ssids[i].ssid,
2953 priv->scan_request->ssids[i].ssid_len);
2954 n_probes++;
2955 p++;
2956 }
2957 is_active = true;
2958 } else
2959 IWL_DEBUG_SCAN(priv, "Kicking off passive scan.\n");
2960
2961 /* We don't build a direct scan probe request; the uCode will do
2962 * that based on the direct_mask added to each channel entry */
2963 scan->tx_cmd.tx_flags = TX_CMD_FLG_SEQ_CTL_MSK;
2964 scan->tx_cmd.sta_id = priv->hw_params.bcast_sta_id;
2965 scan->tx_cmd.stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
2966
2967 /* flags + rate selection */
2968
2969 if (priv->scan_bands & BIT(IEEE80211_BAND_2GHZ)) {
2970 scan->flags = RXON_FLG_BAND_24G_MSK | RXON_FLG_AUTO_DETECT_MSK;
2971 scan->tx_cmd.rate = IWL_RATE_1M_PLCP;
2972 scan->good_CRC_th = 0;
2973 band = IEEE80211_BAND_2GHZ;
2974 } else if (priv->scan_bands & BIT(IEEE80211_BAND_5GHZ)) {
2975 scan->tx_cmd.rate = IWL_RATE_6M_PLCP;
2976 /*
2977 * If active scaning is requested but a certain channel
2978 * is marked passive, we can do active scanning if we
2979 * detect transmissions.
2980 */
2981 scan->good_CRC_th = is_active ? IWL_GOOD_CRC_TH : 0;
2982 band = IEEE80211_BAND_5GHZ;
2983 } else {
2984 IWL_WARN(priv, "Invalid scan band count\n");
2985 goto done;
2986 }
2987
2988 scan->tx_cmd.len = cpu_to_le16(
2989 iwl_fill_probe_req(priv,
2990 (struct ieee80211_mgmt *)scan->data,
2991 priv->scan_request->ie,
2992 priv->scan_request->ie_len,
2993 IWL_MAX_SCAN_SIZE - sizeof(*scan)));
2994
2995 /* select Rx antennas */
2996 scan->flags |= iwl3945_get_antenna_flags(priv);
2997
2998 if (iwl_is_monitor_mode(priv))
2999 scan->filter_flags = RXON_FILTER_PROMISC_MSK;
3000
3001 scan->channel_count =
3002 iwl3945_get_channels_for_scan(priv, band, is_active, n_probes,
3003 (void *)&scan->data[le16_to_cpu(scan->tx_cmd.len)]);
3004
3005 if (scan->channel_count == 0) {
3006 IWL_DEBUG_SCAN(priv, "channel count %d\n", scan->channel_count);
3007 goto done;
3008 }
3009
3010 cmd.len += le16_to_cpu(scan->tx_cmd.len) +
3011 scan->channel_count * sizeof(struct iwl3945_scan_channel);
3012 cmd.data = scan;
3013 scan->len = cpu_to_le16(cmd.len);
3014
3015 set_bit(STATUS_SCAN_HW, &priv->status);
3016 rc = iwl_send_cmd_sync(priv, &cmd);
3017 if (rc)
3018 goto done;
3019
3020 queue_delayed_work(priv->workqueue, &priv->scan_check,
3021 IWL_SCAN_CHECK_WATCHDOG);
3022
3023 mutex_unlock(&priv->mutex);
3024 return;
3025
3026 done:
3027 /* can not perform scan make sure we clear scanning
3028 * bits from status so next scan request can be performed.
3029 * if we dont clear scanning status bit here all next scan
3030 * will fail
3031 */
3032 clear_bit(STATUS_SCAN_HW, &priv->status);
3033 clear_bit(STATUS_SCANNING, &priv->status);
3034
3035 /* inform mac80211 scan aborted */
3036 queue_work(priv->workqueue, &priv->scan_completed);
3037 mutex_unlock(&priv->mutex);
3038 }
3039
3040 static void iwl3945_bg_up(struct work_struct *data)
3041 {
3042 struct iwl_priv *priv = container_of(data, struct iwl_priv, up);
3043
3044 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
3045 return;
3046
3047 mutex_lock(&priv->mutex);
3048 __iwl3945_up(priv);
3049 mutex_unlock(&priv->mutex);
3050 }
3051
3052 static void iwl3945_bg_restart(struct work_struct *data)
3053 {
3054 struct iwl_priv *priv = container_of(data, struct iwl_priv, restart);
3055
3056 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
3057 return;
3058
3059 if (test_and_clear_bit(STATUS_FW_ERROR, &priv->status)) {
3060 mutex_lock(&priv->mutex);
3061 priv->vif = NULL;
3062 priv->is_open = 0;
3063 mutex_unlock(&priv->mutex);
3064 iwl3945_down(priv);
3065 ieee80211_restart_hw(priv->hw);
3066 } else {
3067 iwl3945_down(priv);
3068 queue_work(priv->workqueue, &priv->up);
3069 }
3070 }
3071
3072 static void iwl3945_bg_rx_replenish(struct work_struct *data)
3073 {
3074 struct iwl_priv *priv =
3075 container_of(data, struct iwl_priv, rx_replenish);
3076
3077 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
3078 return;
3079
3080 mutex_lock(&priv->mutex);
3081 iwl3945_rx_replenish(priv);
3082 mutex_unlock(&priv->mutex);
3083 }
3084
3085 #define IWL_DELAY_NEXT_SCAN (HZ*2)
3086
3087 void iwl3945_post_associate(struct iwl_priv *priv)
3088 {
3089 int rc = 0;
3090 struct ieee80211_conf *conf = NULL;
3091
3092 if (priv->iw_mode == NL80211_IFTYPE_AP) {
3093 IWL_ERR(priv, "%s Should not be called in AP mode\n", __func__);
3094 return;
3095 }
3096
3097
3098 IWL_DEBUG_ASSOC(priv, "Associated as %d to: %pM\n",
3099 priv->assoc_id, priv->active_rxon.bssid_addr);
3100
3101 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
3102 return;
3103
3104 if (!priv->vif || !priv->is_open)
3105 return;
3106
3107 iwl_scan_cancel_timeout(priv, 200);
3108
3109 conf = ieee80211_get_hw_conf(priv->hw);
3110
3111 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
3112 iwlcore_commit_rxon(priv);
3113
3114 memset(&priv->rxon_timing, 0, sizeof(struct iwl_rxon_time_cmd));
3115 iwl_setup_rxon_timing(priv);
3116 rc = iwl_send_cmd_pdu(priv, REPLY_RXON_TIMING,
3117 sizeof(priv->rxon_timing), &priv->rxon_timing);
3118 if (rc)
3119 IWL_WARN(priv, "REPLY_RXON_TIMING failed - "
3120 "Attempting to continue.\n");
3121
3122 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
3123
3124 priv->staging_rxon.assoc_id = cpu_to_le16(priv->assoc_id);
3125
3126 IWL_DEBUG_ASSOC(priv, "assoc id %d beacon interval %d\n",
3127 priv->assoc_id, priv->beacon_int);
3128
3129 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
3130 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
3131 else
3132 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
3133
3134 if (priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) {
3135 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
3136 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
3137 else
3138 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
3139
3140 if (priv->iw_mode == NL80211_IFTYPE_ADHOC)
3141 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
3142
3143 }
3144
3145 iwlcore_commit_rxon(priv);
3146
3147 switch (priv->iw_mode) {
3148 case NL80211_IFTYPE_STATION:
3149 iwl3945_rate_scale_init(priv->hw, IWL_AP_ID);
3150 break;
3151
3152 case NL80211_IFTYPE_ADHOC:
3153
3154 priv->assoc_id = 1;
3155 iwl_add_station(priv, priv->bssid, 0, CMD_SYNC, NULL);
3156 iwl3945_sync_sta(priv, IWL_STA_ID,
3157 (priv->band == IEEE80211_BAND_5GHZ) ?
3158 IWL_RATE_6M_PLCP : IWL_RATE_1M_PLCP,
3159 CMD_ASYNC);
3160 iwl3945_rate_scale_init(priv->hw, IWL_STA_ID);
3161 iwl3945_send_beacon_cmd(priv);
3162
3163 break;
3164
3165 default:
3166 IWL_ERR(priv, "%s Should not be called in %d mode\n",
3167 __func__, priv->iw_mode);
3168 break;
3169 }
3170
3171 iwl_activate_qos(priv, 0);
3172
3173 /* we have just associated, don't start scan too early */
3174 priv->next_scan_jiffies = jiffies + IWL_DELAY_NEXT_SCAN;
3175 }
3176
3177 /*****************************************************************************
3178 *
3179 * mac80211 entry point functions
3180 *
3181 *****************************************************************************/
3182
3183 #define UCODE_READY_TIMEOUT (2 * HZ)
3184
3185 static int iwl3945_mac_start(struct ieee80211_hw *hw)
3186 {
3187 struct iwl_priv *priv = hw->priv;
3188 int ret;
3189
3190 IWL_DEBUG_MAC80211(priv, "enter\n");
3191
3192 /* we should be verifying the device is ready to be opened */
3193 mutex_lock(&priv->mutex);
3194
3195 /* fetch ucode file from disk, alloc and copy to bus-master buffers ...
3196 * ucode filename and max sizes are card-specific. */
3197
3198 if (!priv->ucode_code.len) {
3199 ret = iwl3945_read_ucode(priv);
3200 if (ret) {
3201 IWL_ERR(priv, "Could not read microcode: %d\n", ret);
3202 mutex_unlock(&priv->mutex);
3203 goto out_release_irq;
3204 }
3205 }
3206
3207 ret = __iwl3945_up(priv);
3208
3209 mutex_unlock(&priv->mutex);
3210
3211 if (ret)
3212 goto out_release_irq;
3213
3214 IWL_DEBUG_INFO(priv, "Start UP work.\n");
3215
3216 /* Wait for START_ALIVE from ucode. Otherwise callbacks from
3217 * mac80211 will not be run successfully. */
3218 ret = wait_event_interruptible_timeout(priv->wait_command_queue,
3219 test_bit(STATUS_READY, &priv->status),
3220 UCODE_READY_TIMEOUT);
3221 if (!ret) {
3222 if (!test_bit(STATUS_READY, &priv->status)) {
3223 IWL_ERR(priv,
3224 "Wait for START_ALIVE timeout after %dms.\n",
3225 jiffies_to_msecs(UCODE_READY_TIMEOUT));
3226 ret = -ETIMEDOUT;
3227 goto out_release_irq;
3228 }
3229 }
3230
3231 /* ucode is running and will send rfkill notifications,
3232 * no need to poll the killswitch state anymore */
3233 cancel_delayed_work(&priv->rfkill_poll);
3234
3235 iwl_led_start(priv);
3236
3237 priv->is_open = 1;
3238 IWL_DEBUG_MAC80211(priv, "leave\n");
3239 return 0;
3240
3241 out_release_irq:
3242 priv->is_open = 0;
3243 IWL_DEBUG_MAC80211(priv, "leave - failed\n");
3244 return ret;
3245 }
3246
3247 static void iwl3945_mac_stop(struct ieee80211_hw *hw)
3248 {
3249 struct iwl_priv *priv = hw->priv;
3250
3251 IWL_DEBUG_MAC80211(priv, "enter\n");
3252
3253 if (!priv->is_open) {
3254 IWL_DEBUG_MAC80211(priv, "leave - skip\n");
3255 return;
3256 }
3257
3258 priv->is_open = 0;
3259
3260 if (iwl_is_ready_rf(priv)) {
3261 /* stop mac, cancel any scan request and clear
3262 * RXON_FILTER_ASSOC_MSK BIT
3263 */
3264 mutex_lock(&priv->mutex);
3265 iwl_scan_cancel_timeout(priv, 100);
3266 mutex_unlock(&priv->mutex);
3267 }
3268
3269 iwl3945_down(priv);
3270
3271 flush_workqueue(priv->workqueue);
3272
3273 /* start polling the killswitch state again */
3274 queue_delayed_work(priv->workqueue, &priv->rfkill_poll,
3275 round_jiffies_relative(2 * HZ));
3276
3277 IWL_DEBUG_MAC80211(priv, "leave\n");
3278 }
3279
3280 static int iwl3945_mac_tx(struct ieee80211_hw *hw, struct sk_buff *skb)
3281 {
3282 struct iwl_priv *priv = hw->priv;
3283
3284 IWL_DEBUG_MAC80211(priv, "enter\n");
3285
3286 IWL_DEBUG_TX(priv, "dev->xmit(%d bytes) at rate 0x%02x\n", skb->len,
3287 ieee80211_get_tx_rate(hw, IEEE80211_SKB_CB(skb))->bitrate);
3288
3289 if (iwl3945_tx_skb(priv, skb))
3290 dev_kfree_skb_any(skb);
3291
3292 IWL_DEBUG_MAC80211(priv, "leave\n");
3293 return NETDEV_TX_OK;
3294 }
3295
3296 void iwl3945_config_ap(struct iwl_priv *priv)
3297 {
3298 int rc = 0;
3299
3300 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
3301 return;
3302
3303 /* The following should be done only at AP bring up */
3304 if (!(iwl_is_associated(priv))) {
3305
3306 /* RXON - unassoc (to set timing command) */
3307 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
3308 iwlcore_commit_rxon(priv);
3309
3310 /* RXON Timing */
3311 memset(&priv->rxon_timing, 0, sizeof(struct iwl_rxon_time_cmd));
3312 iwl_setup_rxon_timing(priv);
3313 rc = iwl_send_cmd_pdu(priv, REPLY_RXON_TIMING,
3314 sizeof(priv->rxon_timing),
3315 &priv->rxon_timing);
3316 if (rc)
3317 IWL_WARN(priv, "REPLY_RXON_TIMING failed - "
3318 "Attempting to continue.\n");
3319
3320 /* FIXME: what should be the assoc_id for AP? */
3321 priv->staging_rxon.assoc_id = cpu_to_le16(priv->assoc_id);
3322 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
3323 priv->staging_rxon.flags |=
3324 RXON_FLG_SHORT_PREAMBLE_MSK;
3325 else
3326 priv->staging_rxon.flags &=
3327 ~RXON_FLG_SHORT_PREAMBLE_MSK;
3328
3329 if (priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) {
3330 if (priv->assoc_capability &
3331 WLAN_CAPABILITY_SHORT_SLOT_TIME)
3332 priv->staging_rxon.flags |=
3333 RXON_FLG_SHORT_SLOT_MSK;
3334 else
3335 priv->staging_rxon.flags &=
3336 ~RXON_FLG_SHORT_SLOT_MSK;
3337
3338 if (priv->iw_mode == NL80211_IFTYPE_ADHOC)
3339 priv->staging_rxon.flags &=
3340 ~RXON_FLG_SHORT_SLOT_MSK;
3341 }
3342 /* restore RXON assoc */
3343 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
3344 iwlcore_commit_rxon(priv);
3345 iwl_add_station(priv, iwl_bcast_addr, 0, CMD_SYNC, NULL);
3346 }
3347 iwl3945_send_beacon_cmd(priv);
3348
3349 /* FIXME - we need to add code here to detect a totally new
3350 * configuration, reset the AP, unassoc, rxon timing, assoc,
3351 * clear sta table, add BCAST sta... */
3352 }
3353
3354 static int iwl3945_mac_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3355 struct ieee80211_vif *vif,
3356 struct ieee80211_sta *sta,
3357 struct ieee80211_key_conf *key)
3358 {
3359 struct iwl_priv *priv = hw->priv;
3360 const u8 *addr;
3361 int ret = 0;
3362 u8 sta_id = IWL_INVALID_STATION;
3363 u8 static_key;
3364
3365 IWL_DEBUG_MAC80211(priv, "enter\n");
3366
3367 if (iwl3945_mod_params.sw_crypto) {
3368 IWL_DEBUG_MAC80211(priv, "leave - hwcrypto disabled\n");
3369 return -EOPNOTSUPP;
3370 }
3371
3372 addr = sta ? sta->addr : iwl_bcast_addr;
3373 static_key = !iwl_is_associated(priv);
3374
3375 if (!static_key) {
3376 sta_id = iwl_find_station(priv, addr);
3377 if (sta_id == IWL_INVALID_STATION) {
3378 IWL_DEBUG_MAC80211(priv, "leave - %pM not in station map.\n",
3379 addr);
3380 return -EINVAL;
3381 }
3382 }
3383
3384 mutex_lock(&priv->mutex);
3385 iwl_scan_cancel_timeout(priv, 100);
3386 mutex_unlock(&priv->mutex);
3387
3388 switch (cmd) {
3389 case SET_KEY:
3390 if (static_key)
3391 ret = iwl3945_set_static_key(priv, key);
3392 else
3393 ret = iwl3945_set_dynamic_key(priv, key, sta_id);
3394 IWL_DEBUG_MAC80211(priv, "enable hwcrypto key\n");
3395 break;
3396 case DISABLE_KEY:
3397 if (static_key)
3398 ret = iwl3945_remove_static_key(priv);
3399 else
3400 ret = iwl3945_clear_sta_key_info(priv, sta_id);
3401 IWL_DEBUG_MAC80211(priv, "disable hwcrypto key\n");
3402 break;
3403 default:
3404 ret = -EINVAL;
3405 }
3406
3407 IWL_DEBUG_MAC80211(priv, "leave\n");
3408
3409 return ret;
3410 }
3411
3412 /*****************************************************************************
3413 *
3414 * sysfs attributes
3415 *
3416 *****************************************************************************/
3417
3418 #ifdef CONFIG_IWLWIFI_DEBUG
3419
3420 /*
3421 * The following adds a new attribute to the sysfs representation
3422 * of this device driver (i.e. a new file in /sys/bus/pci/drivers/iwl/)
3423 * used for controlling the debug level.
3424 *
3425 * See the level definitions in iwl for details.
3426 *
3427 * The debug_level being managed using sysfs below is a per device debug
3428 * level that is used instead of the global debug level if it (the per
3429 * device debug level) is set.
3430 */
3431 static ssize_t show_debug_level(struct device *d,
3432 struct device_attribute *attr, char *buf)
3433 {
3434 struct iwl_priv *priv = dev_get_drvdata(d);
3435 return sprintf(buf, "0x%08X\n", iwl_get_debug_level(priv));
3436 }
3437 static ssize_t store_debug_level(struct device *d,
3438 struct device_attribute *attr,
3439 const char *buf, size_t count)
3440 {
3441 struct iwl_priv *priv = dev_get_drvdata(d);
3442 unsigned long val;
3443 int ret;
3444
3445 ret = strict_strtoul(buf, 0, &val);
3446 if (ret)
3447 IWL_INFO(priv, "%s is not in hex or decimal form.\n", buf);
3448 else {
3449 priv->debug_level = val;
3450 if (iwl_alloc_traffic_mem(priv))
3451 IWL_ERR(priv,
3452 "Not enough memory to generate traffic log\n");
3453 }
3454 return strnlen(buf, count);
3455 }
3456
3457 static DEVICE_ATTR(debug_level, S_IWUSR | S_IRUGO,
3458 show_debug_level, store_debug_level);
3459
3460 #endif /* CONFIG_IWLWIFI_DEBUG */
3461
3462 static ssize_t show_temperature(struct device *d,
3463 struct device_attribute *attr, char *buf)
3464 {
3465 struct iwl_priv *priv = dev_get_drvdata(d);
3466
3467 if (!iwl_is_alive(priv))
3468 return -EAGAIN;
3469
3470 return sprintf(buf, "%d\n", iwl3945_hw_get_temperature(priv));
3471 }
3472
3473 static DEVICE_ATTR(temperature, S_IRUGO, show_temperature, NULL);
3474
3475 static ssize_t show_tx_power(struct device *d,
3476 struct device_attribute *attr, char *buf)
3477 {
3478 struct iwl_priv *priv = dev_get_drvdata(d);
3479 return sprintf(buf, "%d\n", priv->tx_power_user_lmt);
3480 }
3481
3482 static ssize_t store_tx_power(struct device *d,
3483 struct device_attribute *attr,
3484 const char *buf, size_t count)
3485 {
3486 struct iwl_priv *priv = dev_get_drvdata(d);
3487 char *p = (char *)buf;
3488 u32 val;
3489
3490 val = simple_strtoul(p, &p, 10);
3491 if (p == buf)
3492 IWL_INFO(priv, ": %s is not in decimal form.\n", buf);
3493 else
3494 iwl3945_hw_reg_set_txpower(priv, val);
3495
3496 return count;
3497 }
3498
3499 static DEVICE_ATTR(tx_power, S_IWUSR | S_IRUGO, show_tx_power, store_tx_power);
3500
3501 static ssize_t show_flags(struct device *d,
3502 struct device_attribute *attr, char *buf)
3503 {
3504 struct iwl_priv *priv = dev_get_drvdata(d);
3505
3506 return sprintf(buf, "0x%04X\n", priv->active_rxon.flags);
3507 }
3508
3509 static ssize_t store_flags(struct device *d,
3510 struct device_attribute *attr,
3511 const char *buf, size_t count)
3512 {
3513 struct iwl_priv *priv = dev_get_drvdata(d);
3514 u32 flags = simple_strtoul(buf, NULL, 0);
3515
3516 mutex_lock(&priv->mutex);
3517 if (le32_to_cpu(priv->staging_rxon.flags) != flags) {
3518 /* Cancel any currently running scans... */
3519 if (iwl_scan_cancel_timeout(priv, 100))
3520 IWL_WARN(priv, "Could not cancel scan.\n");
3521 else {
3522 IWL_DEBUG_INFO(priv, "Committing rxon.flags = 0x%04X\n",
3523 flags);
3524 priv->staging_rxon.flags = cpu_to_le32(flags);
3525 iwlcore_commit_rxon(priv);
3526 }
3527 }
3528 mutex_unlock(&priv->mutex);
3529
3530 return count;
3531 }
3532
3533 static DEVICE_ATTR(flags, S_IWUSR | S_IRUGO, show_flags, store_flags);
3534
3535 static ssize_t show_filter_flags(struct device *d,
3536 struct device_attribute *attr, char *buf)
3537 {
3538 struct iwl_priv *priv = dev_get_drvdata(d);
3539
3540 return sprintf(buf, "0x%04X\n",
3541 le32_to_cpu(priv->active_rxon.filter_flags));
3542 }
3543
3544 static ssize_t store_filter_flags(struct device *d,
3545 struct device_attribute *attr,
3546 const char *buf, size_t count)
3547 {
3548 struct iwl_priv *priv = dev_get_drvdata(d);
3549 u32 filter_flags = simple_strtoul(buf, NULL, 0);
3550
3551 mutex_lock(&priv->mutex);
3552 if (le32_to_cpu(priv->staging_rxon.filter_flags) != filter_flags) {
3553 /* Cancel any currently running scans... */
3554 if (iwl_scan_cancel_timeout(priv, 100))
3555 IWL_WARN(priv, "Could not cancel scan.\n");
3556 else {
3557 IWL_DEBUG_INFO(priv, "Committing rxon.filter_flags = "
3558 "0x%04X\n", filter_flags);
3559 priv->staging_rxon.filter_flags =
3560 cpu_to_le32(filter_flags);
3561 iwlcore_commit_rxon(priv);
3562 }
3563 }
3564 mutex_unlock(&priv->mutex);
3565
3566 return count;
3567 }
3568
3569 static DEVICE_ATTR(filter_flags, S_IWUSR | S_IRUGO, show_filter_flags,
3570 store_filter_flags);
3571
3572 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
3573
3574 static ssize_t show_measurement(struct device *d,
3575 struct device_attribute *attr, char *buf)
3576 {
3577 struct iwl_priv *priv = dev_get_drvdata(d);
3578 struct iwl_spectrum_notification measure_report;
3579 u32 size = sizeof(measure_report), len = 0, ofs = 0;
3580 u8 *data = (u8 *)&measure_report;
3581 unsigned long flags;
3582
3583 spin_lock_irqsave(&priv->lock, flags);
3584 if (!(priv->measurement_status & MEASUREMENT_READY)) {
3585 spin_unlock_irqrestore(&priv->lock, flags);
3586 return 0;
3587 }
3588 memcpy(&measure_report, &priv->measure_report, size);
3589 priv->measurement_status = 0;
3590 spin_unlock_irqrestore(&priv->lock, flags);
3591
3592 while (size && (PAGE_SIZE - len)) {
3593 hex_dump_to_buffer(data + ofs, size, 16, 1, buf + len,
3594 PAGE_SIZE - len, 1);
3595 len = strlen(buf);
3596 if (PAGE_SIZE - len)
3597 buf[len++] = '\n';
3598
3599 ofs += 16;
3600 size -= min(size, 16U);
3601 }
3602
3603 return len;
3604 }
3605
3606 static ssize_t store_measurement(struct device *d,
3607 struct device_attribute *attr,
3608 const char *buf, size_t count)
3609 {
3610 struct iwl_priv *priv = dev_get_drvdata(d);
3611 struct ieee80211_measurement_params params = {
3612 .channel = le16_to_cpu(priv->active_rxon.channel),
3613 .start_time = cpu_to_le64(priv->last_tsf),
3614 .duration = cpu_to_le16(1),
3615 };
3616 u8 type = IWL_MEASURE_BASIC;
3617 u8 buffer[32];
3618 u8 channel;
3619
3620 if (count) {
3621 char *p = buffer;
3622 strncpy(buffer, buf, min(sizeof(buffer), count));
3623 channel = simple_strtoul(p, NULL, 0);
3624 if (channel)
3625 params.channel = channel;
3626
3627 p = buffer;
3628 while (*p && *p != ' ')
3629 p++;
3630 if (*p)
3631 type = simple_strtoul(p + 1, NULL, 0);
3632 }
3633
3634 IWL_DEBUG_INFO(priv, "Invoking measurement of type %d on "
3635 "channel %d (for '%s')\n", type, params.channel, buf);
3636 iwl3945_get_measurement(priv, &params, type);
3637
3638 return count;
3639 }
3640
3641 static DEVICE_ATTR(measurement, S_IRUSR | S_IWUSR,
3642 show_measurement, store_measurement);
3643 #endif /* CONFIG_IWL3945_SPECTRUM_MEASUREMENT */
3644
3645 static ssize_t store_retry_rate(struct device *d,
3646 struct device_attribute *attr,
3647 const char *buf, size_t count)
3648 {
3649 struct iwl_priv *priv = dev_get_drvdata(d);
3650
3651 priv->retry_rate = simple_strtoul(buf, NULL, 0);
3652 if (priv->retry_rate <= 0)
3653 priv->retry_rate = 1;
3654
3655 return count;
3656 }
3657
3658 static ssize_t show_retry_rate(struct device *d,
3659 struct device_attribute *attr, char *buf)
3660 {
3661 struct iwl_priv *priv = dev_get_drvdata(d);
3662 return sprintf(buf, "%d", priv->retry_rate);
3663 }
3664
3665 static DEVICE_ATTR(retry_rate, S_IWUSR | S_IRUSR, show_retry_rate,
3666 store_retry_rate);
3667
3668
3669 static ssize_t show_channels(struct device *d,
3670 struct device_attribute *attr, char *buf)
3671 {
3672 /* all this shit doesn't belong into sysfs anyway */
3673 return 0;
3674 }
3675
3676 static DEVICE_ATTR(channels, S_IRUSR, show_channels, NULL);
3677
3678 static ssize_t show_statistics(struct device *d,
3679 struct device_attribute *attr, char *buf)
3680 {
3681 struct iwl_priv *priv = dev_get_drvdata(d);
3682 u32 size = sizeof(struct iwl3945_notif_statistics);
3683 u32 len = 0, ofs = 0;
3684 u8 *data = (u8 *)&priv->statistics_39;
3685 int rc = 0;
3686
3687 if (!iwl_is_alive(priv))
3688 return -EAGAIN;
3689
3690 mutex_lock(&priv->mutex);
3691 rc = iwl_send_statistics_request(priv, CMD_SYNC, false);
3692 mutex_unlock(&priv->mutex);
3693
3694 if (rc) {
3695 len = sprintf(buf,
3696 "Error sending statistics request: 0x%08X\n", rc);
3697 return len;
3698 }
3699
3700 while (size && (PAGE_SIZE - len)) {
3701 hex_dump_to_buffer(data + ofs, size, 16, 1, buf + len,
3702 PAGE_SIZE - len, 1);
3703 len = strlen(buf);
3704 if (PAGE_SIZE - len)
3705 buf[len++] = '\n';
3706
3707 ofs += 16;
3708 size -= min(size, 16U);
3709 }
3710
3711 return len;
3712 }
3713
3714 static DEVICE_ATTR(statistics, S_IRUGO, show_statistics, NULL);
3715
3716 static ssize_t show_antenna(struct device *d,
3717 struct device_attribute *attr, char *buf)
3718 {
3719 struct iwl_priv *priv = dev_get_drvdata(d);
3720
3721 if (!iwl_is_alive(priv))
3722 return -EAGAIN;
3723
3724 return sprintf(buf, "%d\n", iwl3945_mod_params.antenna);
3725 }
3726
3727 static ssize_t store_antenna(struct device *d,
3728 struct device_attribute *attr,
3729 const char *buf, size_t count)
3730 {
3731 struct iwl_priv *priv __maybe_unused = dev_get_drvdata(d);
3732 int ant;
3733
3734 if (count == 0)
3735 return 0;
3736
3737 if (sscanf(buf, "%1i", &ant) != 1) {
3738 IWL_DEBUG_INFO(priv, "not in hex or decimal form.\n");
3739 return count;
3740 }
3741
3742 if ((ant >= 0) && (ant <= 2)) {
3743 IWL_DEBUG_INFO(priv, "Setting antenna select to %d.\n", ant);
3744 iwl3945_mod_params.antenna = (enum iwl3945_antenna)ant;
3745 } else
3746 IWL_DEBUG_INFO(priv, "Bad antenna select value %d.\n", ant);
3747
3748
3749 return count;
3750 }
3751
3752 static DEVICE_ATTR(antenna, S_IWUSR | S_IRUGO, show_antenna, store_antenna);
3753
3754 static ssize_t show_status(struct device *d,
3755 struct device_attribute *attr, char *buf)
3756 {
3757 struct iwl_priv *priv = dev_get_drvdata(d);
3758 if (!iwl_is_alive(priv))
3759 return -EAGAIN;
3760 return sprintf(buf, "0x%08x\n", (int)priv->status);
3761 }
3762
3763 static DEVICE_ATTR(status, S_IRUGO, show_status, NULL);
3764
3765 static ssize_t dump_error_log(struct device *d,
3766 struct device_attribute *attr,
3767 const char *buf, size_t count)
3768 {
3769 struct iwl_priv *priv = dev_get_drvdata(d);
3770 char *p = (char *)buf;
3771
3772 if (p[0] == '1')
3773 iwl3945_dump_nic_error_log(priv);
3774
3775 return strnlen(buf, count);
3776 }
3777
3778 static DEVICE_ATTR(dump_errors, S_IWUSR, NULL, dump_error_log);
3779
3780 /*****************************************************************************
3781 *
3782 * driver setup and tear down
3783 *
3784 *****************************************************************************/
3785
3786 static void iwl3945_setup_deferred_work(struct iwl_priv *priv)
3787 {
3788 priv->workqueue = create_singlethread_workqueue(DRV_NAME);
3789
3790 init_waitqueue_head(&priv->wait_command_queue);
3791
3792 INIT_WORK(&priv->up, iwl3945_bg_up);
3793 INIT_WORK(&priv->restart, iwl3945_bg_restart);
3794 INIT_WORK(&priv->rx_replenish, iwl3945_bg_rx_replenish);
3795 INIT_WORK(&priv->beacon_update, iwl3945_bg_beacon_update);
3796 INIT_DELAYED_WORK(&priv->init_alive_start, iwl3945_bg_init_alive_start);
3797 INIT_DELAYED_WORK(&priv->alive_start, iwl3945_bg_alive_start);
3798 INIT_DELAYED_WORK(&priv->rfkill_poll, iwl3945_rfkill_poll);
3799 INIT_WORK(&priv->scan_completed, iwl_bg_scan_completed);
3800 INIT_WORK(&priv->request_scan, iwl3945_bg_request_scan);
3801 INIT_WORK(&priv->abort_scan, iwl_bg_abort_scan);
3802 INIT_DELAYED_WORK(&priv->scan_check, iwl_bg_scan_check);
3803
3804 iwl3945_hw_setup_deferred_work(priv);
3805
3806 tasklet_init(&priv->irq_tasklet, (void (*)(unsigned long))
3807 iwl3945_irq_tasklet, (unsigned long)priv);
3808 }
3809
3810 static void iwl3945_cancel_deferred_work(struct iwl_priv *priv)
3811 {
3812 iwl3945_hw_cancel_deferred_work(priv);
3813
3814 cancel_delayed_work_sync(&priv->init_alive_start);
3815 cancel_delayed_work(&priv->scan_check);
3816 cancel_delayed_work(&priv->alive_start);
3817 cancel_work_sync(&priv->beacon_update);
3818 }
3819
3820 static struct attribute *iwl3945_sysfs_entries[] = {
3821 &dev_attr_antenna.attr,
3822 &dev_attr_channels.attr,
3823 &dev_attr_dump_errors.attr,
3824 &dev_attr_flags.attr,
3825 &dev_attr_filter_flags.attr,
3826 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
3827 &dev_attr_measurement.attr,
3828 #endif
3829 &dev_attr_retry_rate.attr,
3830 &dev_attr_statistics.attr,
3831 &dev_attr_status.attr,
3832 &dev_attr_temperature.attr,
3833 &dev_attr_tx_power.attr,
3834 #ifdef CONFIG_IWLWIFI_DEBUG
3835 &dev_attr_debug_level.attr,
3836 #endif
3837 NULL
3838 };
3839
3840 static struct attribute_group iwl3945_attribute_group = {
3841 .name = NULL, /* put in device directory */
3842 .attrs = iwl3945_sysfs_entries,
3843 };
3844
3845 static struct ieee80211_ops iwl3945_hw_ops = {
3846 .tx = iwl3945_mac_tx,
3847 .start = iwl3945_mac_start,
3848 .stop = iwl3945_mac_stop,
3849 .add_interface = iwl_mac_add_interface,
3850 .remove_interface = iwl_mac_remove_interface,
3851 .config = iwl_mac_config,
3852 .configure_filter = iwl_configure_filter,
3853 .set_key = iwl3945_mac_set_key,
3854 .get_tx_stats = iwl_mac_get_tx_stats,
3855 .conf_tx = iwl_mac_conf_tx,
3856 .reset_tsf = iwl_mac_reset_tsf,
3857 .bss_info_changed = iwl_bss_info_changed,
3858 .hw_scan = iwl_mac_hw_scan
3859 };
3860
3861 static int iwl3945_init_drv(struct iwl_priv *priv)
3862 {
3863 int ret;
3864 struct iwl3945_eeprom *eeprom = (struct iwl3945_eeprom *)priv->eeprom;
3865
3866 priv->retry_rate = 1;
3867 priv->ibss_beacon = NULL;
3868
3869 spin_lock_init(&priv->sta_lock);
3870 spin_lock_init(&priv->hcmd_lock);
3871
3872 INIT_LIST_HEAD(&priv->free_frames);
3873
3874 mutex_init(&priv->mutex);
3875
3876 /* Clear the driver's (not device's) station table */
3877 iwl_clear_stations_table(priv);
3878
3879 priv->ieee_channels = NULL;
3880 priv->ieee_rates = NULL;
3881 priv->band = IEEE80211_BAND_2GHZ;
3882
3883 priv->iw_mode = NL80211_IFTYPE_STATION;
3884
3885 iwl_reset_qos(priv);
3886
3887 priv->qos_data.qos_active = 0;
3888 priv->qos_data.qos_cap.val = 0;
3889
3890 priv->rates_mask = IWL_RATES_MASK;
3891 priv->tx_power_user_lmt = IWL_DEFAULT_TX_POWER;
3892
3893 if (eeprom->version < EEPROM_3945_EEPROM_VERSION) {
3894 IWL_WARN(priv, "Unsupported EEPROM version: 0x%04X\n",
3895 eeprom->version);
3896 ret = -EINVAL;
3897 goto err;
3898 }
3899 ret = iwl_init_channel_map(priv);
3900 if (ret) {
3901 IWL_ERR(priv, "initializing regulatory failed: %d\n", ret);
3902 goto err;
3903 }
3904
3905 /* Set up txpower settings in driver for all channels */
3906 if (iwl3945_txpower_set_from_eeprom(priv)) {
3907 ret = -EIO;
3908 goto err_free_channel_map;
3909 }
3910
3911 ret = iwlcore_init_geos(priv);
3912 if (ret) {
3913 IWL_ERR(priv, "initializing geos failed: %d\n", ret);
3914 goto err_free_channel_map;
3915 }
3916 iwl3945_init_hw_rates(priv, priv->ieee_rates);
3917
3918 return 0;
3919
3920 err_free_channel_map:
3921 iwl_free_channel_map(priv);
3922 err:
3923 return ret;
3924 }
3925
3926 static int iwl3945_setup_mac(struct iwl_priv *priv)
3927 {
3928 int ret;
3929 struct ieee80211_hw *hw = priv->hw;
3930
3931 hw->rate_control_algorithm = "iwl-3945-rs";
3932 hw->sta_data_size = sizeof(struct iwl3945_sta_priv);
3933
3934 /* Tell mac80211 our characteristics */
3935 hw->flags = IEEE80211_HW_SIGNAL_DBM |
3936 IEEE80211_HW_NOISE_DBM |
3937 IEEE80211_HW_SPECTRUM_MGMT;
3938
3939 if (!priv->cfg->broken_powersave)
3940 hw->flags |= IEEE80211_HW_SUPPORTS_PS |
3941 IEEE80211_HW_SUPPORTS_DYNAMIC_PS;
3942
3943 hw->wiphy->interface_modes =
3944 BIT(NL80211_IFTYPE_STATION) |
3945 BIT(NL80211_IFTYPE_ADHOC);
3946
3947 hw->wiphy->flags |= WIPHY_FLAG_STRICT_REGULATORY |
3948 WIPHY_FLAG_DISABLE_BEACON_HINTS;
3949
3950 hw->wiphy->max_scan_ssids = PROBE_OPTION_MAX_3945;
3951 /* we create the 802.11 header and a zero-length SSID element */
3952 hw->wiphy->max_scan_ie_len = IWL_MAX_PROBE_REQUEST - 24 - 2;
3953
3954 /* Default value; 4 EDCA QOS priorities */
3955 hw->queues = 4;
3956
3957 if (priv->bands[IEEE80211_BAND_2GHZ].n_channels)
3958 priv->hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
3959 &priv->bands[IEEE80211_BAND_2GHZ];
3960
3961 if (priv->bands[IEEE80211_BAND_5GHZ].n_channels)
3962 priv->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
3963 &priv->bands[IEEE80211_BAND_5GHZ];
3964
3965 ret = ieee80211_register_hw(priv->hw);
3966 if (ret) {
3967 IWL_ERR(priv, "Failed to register hw (error %d)\n", ret);
3968 return ret;
3969 }
3970 priv->mac80211_registered = 1;
3971
3972 return 0;
3973 }
3974
3975 static int iwl3945_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
3976 {
3977 int err = 0;
3978 struct iwl_priv *priv;
3979 struct ieee80211_hw *hw;
3980 struct iwl_cfg *cfg = (struct iwl_cfg *)(ent->driver_data);
3981 struct iwl3945_eeprom *eeprom;
3982 unsigned long flags;
3983
3984 /***********************
3985 * 1. Allocating HW data
3986 * ********************/
3987
3988 /* mac80211 allocates memory for this device instance, including
3989 * space for this driver's private structure */
3990 hw = iwl_alloc_all(cfg, &iwl3945_hw_ops);
3991 if (hw == NULL) {
3992 printk(KERN_ERR DRV_NAME "Can not allocate network device\n");
3993 err = -ENOMEM;
3994 goto out;
3995 }
3996 priv = hw->priv;
3997 SET_IEEE80211_DEV(hw, &pdev->dev);
3998
3999 /*
4000 * Disabling hardware scan means that mac80211 will perform scans
4001 * "the hard way", rather than using device's scan.
4002 */
4003 if (iwl3945_mod_params.disable_hw_scan) {
4004 IWL_DEBUG_INFO(priv, "Disabling hw_scan\n");
4005 iwl3945_hw_ops.hw_scan = NULL;
4006 }
4007
4008
4009 IWL_DEBUG_INFO(priv, "*** LOAD DRIVER ***\n");
4010 priv->cfg = cfg;
4011 priv->pci_dev = pdev;
4012 priv->inta_mask = CSR_INI_SET_MASK;
4013
4014 #ifdef CONFIG_IWLWIFI_DEBUG
4015 atomic_set(&priv->restrict_refcnt, 0);
4016 #endif
4017 if (iwl_alloc_traffic_mem(priv))
4018 IWL_ERR(priv, "Not enough memory to generate traffic log\n");
4019
4020 /***************************
4021 * 2. Initializing PCI bus
4022 * *************************/
4023 if (pci_enable_device(pdev)) {
4024 err = -ENODEV;
4025 goto out_ieee80211_free_hw;
4026 }
4027
4028 pci_set_master(pdev);
4029
4030 err = pci_set_dma_mask(pdev, DMA_BIT_MASK(32));
4031 if (!err)
4032 err = pci_set_consistent_dma_mask(pdev, DMA_BIT_MASK(32));
4033 if (err) {
4034 IWL_WARN(priv, "No suitable DMA available.\n");
4035 goto out_pci_disable_device;
4036 }
4037
4038 pci_set_drvdata(pdev, priv);
4039 err = pci_request_regions(pdev, DRV_NAME);
4040 if (err)
4041 goto out_pci_disable_device;
4042
4043 /***********************
4044 * 3. Read REV Register
4045 * ********************/
4046 priv->hw_base = pci_iomap(pdev, 0, 0);
4047 if (!priv->hw_base) {
4048 err = -ENODEV;
4049 goto out_pci_release_regions;
4050 }
4051
4052 IWL_DEBUG_INFO(priv, "pci_resource_len = 0x%08llx\n",
4053 (unsigned long long) pci_resource_len(pdev, 0));
4054 IWL_DEBUG_INFO(priv, "pci_resource_base = %p\n", priv->hw_base);
4055
4056 /* We disable the RETRY_TIMEOUT register (0x41) to keep
4057 * PCI Tx retries from interfering with C3 CPU state */
4058 pci_write_config_byte(pdev, 0x41, 0x00);
4059
4060 /* these spin locks will be used in apm_ops.init and EEPROM access
4061 * we should init now
4062 */
4063 spin_lock_init(&priv->reg_lock);
4064 spin_lock_init(&priv->lock);
4065
4066 /***********************
4067 * 4. Read EEPROM
4068 * ********************/
4069
4070 /* Read the EEPROM */
4071 err = iwl_eeprom_init(priv);
4072 if (err) {
4073 IWL_ERR(priv, "Unable to init EEPROM\n");
4074 goto out_iounmap;
4075 }
4076 /* MAC Address location in EEPROM same for 3945/4965 */
4077 eeprom = (struct iwl3945_eeprom *)priv->eeprom;
4078 memcpy(priv->mac_addr, eeprom->mac_address, ETH_ALEN);
4079 IWL_DEBUG_INFO(priv, "MAC address: %pM\n", priv->mac_addr);
4080 SET_IEEE80211_PERM_ADDR(priv->hw, priv->mac_addr);
4081
4082 /***********************
4083 * 5. Setup HW Constants
4084 * ********************/
4085 /* Device-specific setup */
4086 if (iwl3945_hw_set_hw_params(priv)) {
4087 IWL_ERR(priv, "failed to set hw settings\n");
4088 goto out_eeprom_free;
4089 }
4090
4091 /***********************
4092 * 6. Setup priv
4093 * ********************/
4094
4095 err = iwl3945_init_drv(priv);
4096 if (err) {
4097 IWL_ERR(priv, "initializing driver failed\n");
4098 goto out_unset_hw_params;
4099 }
4100
4101 IWL_INFO(priv, "Detected Intel Wireless WiFi Link %s\n",
4102 priv->cfg->name);
4103
4104 /***********************
4105 * 7. Setup Services
4106 * ********************/
4107
4108 spin_lock_irqsave(&priv->lock, flags);
4109 iwl_disable_interrupts(priv);
4110 spin_unlock_irqrestore(&priv->lock, flags);
4111
4112 pci_enable_msi(priv->pci_dev);
4113
4114 err = request_irq(priv->pci_dev->irq, priv->cfg->ops->lib->isr,
4115 IRQF_SHARED, DRV_NAME, priv);
4116 if (err) {
4117 IWL_ERR(priv, "Error allocating IRQ %d\n", priv->pci_dev->irq);
4118 goto out_disable_msi;
4119 }
4120
4121 err = sysfs_create_group(&pdev->dev.kobj, &iwl3945_attribute_group);
4122 if (err) {
4123 IWL_ERR(priv, "failed to create sysfs device attributes\n");
4124 goto out_release_irq;
4125 }
4126
4127 iwl_set_rxon_channel(priv,
4128 &priv->bands[IEEE80211_BAND_2GHZ].channels[5]);
4129 iwl3945_setup_deferred_work(priv);
4130 iwl3945_setup_rx_handlers(priv);
4131 iwl_power_initialize(priv);
4132
4133 /*********************************
4134 * 8. Setup and Register mac80211
4135 * *******************************/
4136
4137 iwl_enable_interrupts(priv);
4138
4139 err = iwl3945_setup_mac(priv);
4140 if (err)
4141 goto out_remove_sysfs;
4142
4143 err = iwl_dbgfs_register(priv, DRV_NAME);
4144 if (err)
4145 IWL_ERR(priv, "failed to create debugfs files. Ignoring error: %d\n", err);
4146
4147 /* Start monitoring the killswitch */
4148 queue_delayed_work(priv->workqueue, &priv->rfkill_poll,
4149 2 * HZ);
4150
4151 return 0;
4152
4153 out_remove_sysfs:
4154 destroy_workqueue(priv->workqueue);
4155 priv->workqueue = NULL;
4156 sysfs_remove_group(&pdev->dev.kobj, &iwl3945_attribute_group);
4157 out_release_irq:
4158 free_irq(priv->pci_dev->irq, priv);
4159 out_disable_msi:
4160 pci_disable_msi(priv->pci_dev);
4161 iwlcore_free_geos(priv);
4162 iwl_free_channel_map(priv);
4163 out_unset_hw_params:
4164 iwl3945_unset_hw_params(priv);
4165 out_eeprom_free:
4166 iwl_eeprom_free(priv);
4167 out_iounmap:
4168 pci_iounmap(pdev, priv->hw_base);
4169 out_pci_release_regions:
4170 pci_release_regions(pdev);
4171 out_pci_disable_device:
4172 pci_set_drvdata(pdev, NULL);
4173 pci_disable_device(pdev);
4174 out_ieee80211_free_hw:
4175 iwl_free_traffic_mem(priv);
4176 ieee80211_free_hw(priv->hw);
4177 out:
4178 return err;
4179 }
4180
4181 static void __devexit iwl3945_pci_remove(struct pci_dev *pdev)
4182 {
4183 struct iwl_priv *priv = pci_get_drvdata(pdev);
4184 unsigned long flags;
4185
4186 if (!priv)
4187 return;
4188
4189 IWL_DEBUG_INFO(priv, "*** UNLOAD DRIVER ***\n");
4190
4191 iwl_dbgfs_unregister(priv);
4192
4193 set_bit(STATUS_EXIT_PENDING, &priv->status);
4194
4195 if (priv->mac80211_registered) {
4196 ieee80211_unregister_hw(priv->hw);
4197 priv->mac80211_registered = 0;
4198 } else {
4199 iwl3945_down(priv);
4200 }
4201
4202 /*
4203 * Make sure device is reset to low power before unloading driver.
4204 * This may be redundant with iwl_down(), but there are paths to
4205 * run iwl_down() without calling apm_ops.stop(), and there are
4206 * paths to avoid running iwl_down() at all before leaving driver.
4207 * This (inexpensive) call *makes sure* device is reset.
4208 */
4209 priv->cfg->ops->lib->apm_ops.stop(priv);
4210
4211 /* make sure we flush any pending irq or
4212 * tasklet for the driver
4213 */
4214 spin_lock_irqsave(&priv->lock, flags);
4215 iwl_disable_interrupts(priv);
4216 spin_unlock_irqrestore(&priv->lock, flags);
4217
4218 iwl_synchronize_irq(priv);
4219
4220 sysfs_remove_group(&pdev->dev.kobj, &iwl3945_attribute_group);
4221
4222 cancel_delayed_work_sync(&priv->rfkill_poll);
4223
4224 iwl3945_dealloc_ucode_pci(priv);
4225
4226 if (priv->rxq.bd)
4227 iwl3945_rx_queue_free(priv, &priv->rxq);
4228 iwl3945_hw_txq_ctx_free(priv);
4229
4230 iwl3945_unset_hw_params(priv);
4231 iwl_clear_stations_table(priv);
4232
4233 /*netif_stop_queue(dev); */
4234 flush_workqueue(priv->workqueue);
4235
4236 /* ieee80211_unregister_hw calls iwl3945_mac_stop, which flushes
4237 * priv->workqueue... so we can't take down the workqueue
4238 * until now... */
4239 destroy_workqueue(priv->workqueue);
4240 priv->workqueue = NULL;
4241 iwl_free_traffic_mem(priv);
4242
4243 free_irq(pdev->irq, priv);
4244 pci_disable_msi(pdev);
4245
4246 pci_iounmap(pdev, priv->hw_base);
4247 pci_release_regions(pdev);
4248 pci_disable_device(pdev);
4249 pci_set_drvdata(pdev, NULL);
4250
4251 iwl_free_channel_map(priv);
4252 iwlcore_free_geos(priv);
4253 kfree(priv->scan);
4254 if (priv->ibss_beacon)
4255 dev_kfree_skb(priv->ibss_beacon);
4256
4257 ieee80211_free_hw(priv->hw);
4258 }
4259
4260
4261 /*****************************************************************************
4262 *
4263 * driver and module entry point
4264 *
4265 *****************************************************************************/
4266
4267 static struct pci_driver iwl3945_driver = {
4268 .name = DRV_NAME,
4269 .id_table = iwl3945_hw_card_ids,
4270 .probe = iwl3945_pci_probe,
4271 .remove = __devexit_p(iwl3945_pci_remove),
4272 #ifdef CONFIG_PM
4273 .suspend = iwl_pci_suspend,
4274 .resume = iwl_pci_resume,
4275 #endif
4276 };
4277
4278 static int __init iwl3945_init(void)
4279 {
4280
4281 int ret;
4282 printk(KERN_INFO DRV_NAME ": " DRV_DESCRIPTION ", " DRV_VERSION "\n");
4283 printk(KERN_INFO DRV_NAME ": " DRV_COPYRIGHT "\n");
4284
4285 ret = iwl3945_rate_control_register();
4286 if (ret) {
4287 printk(KERN_ERR DRV_NAME
4288 "Unable to register rate control algorithm: %d\n", ret);
4289 return ret;
4290 }
4291
4292 ret = pci_register_driver(&iwl3945_driver);
4293 if (ret) {
4294 printk(KERN_ERR DRV_NAME "Unable to initialize PCI module\n");
4295 goto error_register;
4296 }
4297
4298 return ret;
4299
4300 error_register:
4301 iwl3945_rate_control_unregister();
4302 return ret;
4303 }
4304
4305 static void __exit iwl3945_exit(void)
4306 {
4307 pci_unregister_driver(&iwl3945_driver);
4308 iwl3945_rate_control_unregister();
4309 }
4310
4311 MODULE_FIRMWARE(IWL3945_MODULE_FIRMWARE(IWL3945_UCODE_API_MAX));
4312
4313 module_param_named(antenna, iwl3945_mod_params.antenna, int, S_IRUGO);
4314 MODULE_PARM_DESC(antenna, "select antenna (1=Main, 2=Aux, default 0 [both])");
4315 module_param_named(swcrypto, iwl3945_mod_params.sw_crypto, int, S_IRUGO);
4316 MODULE_PARM_DESC(swcrypto,
4317 "using software crypto (default 1 [software])\n");
4318 #ifdef CONFIG_IWLWIFI_DEBUG
4319 module_param_named(debug, iwl_debug_level, uint, S_IRUGO | S_IWUSR);
4320 MODULE_PARM_DESC(debug, "debug output mask");
4321 #endif
4322 module_param_named(disable_hw_scan, iwl3945_mod_params.disable_hw_scan,
4323 int, S_IRUGO);
4324 MODULE_PARM_DESC(disable_hw_scan, "disable hardware scanning (default 0)");
4325 module_param_named(fw_restart3945, iwl3945_mod_params.restart_fw, int, S_IRUGO);
4326 MODULE_PARM_DESC(fw_restart3945, "restart firmware in case of error");
4327
4328 module_exit(iwl3945_exit);
4329 module_init(iwl3945_init);
kernel source for telekom puls (alcatel/mediatek)