1 From: Pavel Roskin <proski@gnu.org>
2 Subject: staging: at76_usb wireless driver
6 Add the at76_usb wireless driver to the staging tree while the
7 other kernel driver (out of tree) gets rewritten to use the internal
10 This patch comes directly from the Fedora kernel tree, with only the
11 directory placement of the files changed.
13 Signed-off-by: Pavel Roskin <proski@gnu.org>
14 Signed-off-by: John W. Linville <linville@tuxdriver.com>
15 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
18 drivers/staging/Kconfig | 2
19 drivers/staging/Makefile | 1
20 drivers/staging/at76_usb/Kconfig | 8
21 drivers/staging/at76_usb/Makefile | 1
22 drivers/staging/at76_usb/TODO | 2
23 drivers/staging/at76_usb/at76_usb.c | 5559 ++++++++++++++++++++++++++++++++++++
24 drivers/staging/at76_usb/at76_usb.h | 619 ++++
25 7 files changed, 6192 insertions(+)
28 +++ b/drivers/staging/at76_usb/at76_usb.c
31 + * at76c503/at76c505 USB driver
33 + * Copyright (c) 2002 - 2003 Oliver Kurth
34 + * Copyright (c) 2004 Joerg Albert <joerg.albert@gmx.de>
35 + * Copyright (c) 2004 Nick Jones
36 + * Copyright (c) 2004 Balint Seeber <n0_5p4m_p13453@hotmail.com>
37 + * Copyright (c) 2007 Guido Guenther <agx@sigxcpu.org>
39 + * This program is free software; you can redistribute it and/or
40 + * modify it under the terms of the GNU General Public License as
41 + * published by the Free Software Foundation; either version 2 of
42 + * the License, or (at your option) any later version.
44 + * This file is part of the Berlios driver for WLAN USB devices based on the
45 + * Atmel AT76C503A/505/505A.
47 + * Some iw_handler code was taken from airo.c, (C) 1999 Benjamin Reed
50 +#include <linux/init.h>
51 +#include <linux/kernel.h>
52 +#include <linux/sched.h>
53 +#include <linux/errno.h>
54 +#include <linux/slab.h>
55 +#include <linux/module.h>
56 +#include <linux/spinlock.h>
57 +#include <linux/list.h>
58 +#include <linux/usb.h>
59 +#include <linux/netdevice.h>
60 +#include <linux/if_arp.h>
61 +#include <linux/etherdevice.h>
62 +#include <linux/ethtool.h>
63 +#include <linux/wireless.h>
64 +#include <net/iw_handler.h>
65 +#include <net/ieee80211_radiotap.h>
66 +#include <linux/firmware.h>
67 +#include <linux/leds.h>
68 +#include <net/ieee80211.h>
70 +#include "at76_usb.h"
72 +/* Version information */
73 +#define DRIVER_NAME "at76_usb"
74 +#define DRIVER_VERSION "0.17"
75 +#define DRIVER_DESC "Atmel at76x USB Wireless LAN Driver"
77 +/* at76_debug bits */
78 +#define DBG_PROGRESS 0x00000001 /* authentication/accociation */
79 +#define DBG_BSS_TABLE 0x00000002 /* show BSS table after scans */
80 +#define DBG_IOCTL 0x00000004 /* ioctl calls / settings */
81 +#define DBG_MAC_STATE 0x00000008 /* MAC state transitions */
82 +#define DBG_TX_DATA 0x00000010 /* tx header */
83 +#define DBG_TX_DATA_CONTENT 0x00000020 /* tx content */
84 +#define DBG_TX_MGMT 0x00000040 /* tx management */
85 +#define DBG_RX_DATA 0x00000080 /* rx data header */
86 +#define DBG_RX_DATA_CONTENT 0x00000100 /* rx data content */
87 +#define DBG_RX_MGMT 0x00000200 /* rx mgmt frame headers */
88 +#define DBG_RX_BEACON 0x00000400 /* rx beacon */
89 +#define DBG_RX_CTRL 0x00000800 /* rx control */
90 +#define DBG_RX_MGMT_CONTENT 0x00001000 /* rx mgmt content */
91 +#define DBG_RX_FRAGS 0x00002000 /* rx data fragment handling */
92 +#define DBG_DEVSTART 0x00004000 /* fw download, device start */
93 +#define DBG_URB 0x00008000 /* rx urb status, ... */
94 +#define DBG_RX_ATMEL_HDR 0x00010000 /* Atmel-specific Rx headers */
95 +#define DBG_PROC_ENTRY 0x00020000 /* procedure entries/exits */
96 +#define DBG_PM 0x00040000 /* power management settings */
97 +#define DBG_BSS_MATCH 0x00080000 /* BSS match failures */
98 +#define DBG_PARAMS 0x00100000 /* show configured parameters */
99 +#define DBG_WAIT_COMPLETE 0x00200000 /* command completion */
100 +#define DBG_RX_FRAGS_SKB 0x00400000 /* skb header of Rx fragments */
101 +#define DBG_BSS_TABLE_RM 0x00800000 /* purging bss table entries */
102 +#define DBG_MONITOR_MODE 0x01000000 /* monitor mode */
103 +#define DBG_MIB 0x02000000 /* dump all MIBs on startup */
104 +#define DBG_MGMT_TIMER 0x04000000 /* dump mgmt_timer ops */
105 +#define DBG_WE_EVENTS 0x08000000 /* dump wireless events */
106 +#define DBG_FW 0x10000000 /* firmware download */
107 +#define DBG_DFU 0x20000000 /* device firmware upgrade */
109 +#define DBG_DEFAULTS 0
111 +/* Use our own dbg macro */
112 +#define at76_dbg(bits, format, arg...) \
114 + if (at76_debug & (bits)) \
115 + printk(KERN_DEBUG DRIVER_NAME ": " format "\n" , ## arg); \
118 +static int at76_debug = DBG_DEFAULTS;
120 +/* Protect against concurrent firmware loading and parsing */
121 +static struct mutex fw_mutex;
123 +static struct fwentry firmwares[] = {
125 + [BOARD_503_ISL3861] = {"atmel_at76c503-i3861.bin"},
126 + [BOARD_503_ISL3863] = {"atmel_at76c503-i3863.bin"},
127 + [BOARD_503] = {"atmel_at76c503-rfmd.bin"},
128 + [BOARD_503_ACC] = {"atmel_at76c503-rfmd-acc.bin"},
129 + [BOARD_505] = {"atmel_at76c505-rfmd.bin"},
130 + [BOARD_505_2958] = {"atmel_at76c505-rfmd2958.bin"},
131 + [BOARD_505A] = {"atmel_at76c505a-rfmd2958.bin"},
132 + [BOARD_505AMX] = {"atmel_at76c505amx-rfmd.bin"},
135 +#define USB_DEVICE_DATA(__ops) .driver_info = (kernel_ulong_t)(__ops)
137 +static struct usb_device_id dev_table[] = {
141 + /* Generic AT76C503/3861 device */
142 + {USB_DEVICE(0x03eb, 0x7603), USB_DEVICE_DATA(BOARD_503_ISL3861)},
143 + /* Linksys WUSB11 v2.1/v2.6 */
144 + {USB_DEVICE(0x066b, 0x2211), USB_DEVICE_DATA(BOARD_503_ISL3861)},
145 + /* Netgear MA101 rev. A */
146 + {USB_DEVICE(0x0864, 0x4100), USB_DEVICE_DATA(BOARD_503_ISL3861)},
147 + /* Tekram U300C / Allnet ALL0193 */
148 + {USB_DEVICE(0x0b3b, 0x1612), USB_DEVICE_DATA(BOARD_503_ISL3861)},
149 + /* HP HN210W J7801A */
150 + {USB_DEVICE(0x03f0, 0x011c), USB_DEVICE_DATA(BOARD_503_ISL3861)},
151 + /* Sitecom/Z-Com/Zyxel M4Y-750 */
152 + {USB_DEVICE(0x0cde, 0x0001), USB_DEVICE_DATA(BOARD_503_ISL3861)},
153 + /* Dynalink/Askey WLL013 (intersil) */
154 + {USB_DEVICE(0x069a, 0x0320), USB_DEVICE_DATA(BOARD_503_ISL3861)},
155 + /* EZ connect 11Mpbs Wireless USB Adapter SMC2662W v1 */
156 + {USB_DEVICE(0x0d5c, 0xa001), USB_DEVICE_DATA(BOARD_503_ISL3861)},
158 + {USB_DEVICE(0x04a5, 0x9000), USB_DEVICE_DATA(BOARD_503_ISL3861)},
159 + /* Addtron AWU-120, Compex WLU11 */
160 + {USB_DEVICE(0x05dd, 0xff31), USB_DEVICE_DATA(BOARD_503_ISL3861)},
161 + /* Intel AP310 AnyPoint II USB */
162 + {USB_DEVICE(0x8086, 0x0200), USB_DEVICE_DATA(BOARD_503_ISL3861)},
163 + /* Dynalink L11U */
164 + {USB_DEVICE(0x0d8e, 0x7100), USB_DEVICE_DATA(BOARD_503_ISL3861)},
165 + /* Arescom WL-210, FCC id 07J-GL2411USB */
166 + {USB_DEVICE(0x0d8e, 0x7110), USB_DEVICE_DATA(BOARD_503_ISL3861)},
167 + /* I-O DATA WN-B11/USB */
168 + {USB_DEVICE(0x04bb, 0x0919), USB_DEVICE_DATA(BOARD_503_ISL3861)},
169 + /* BT Voyager 1010 */
170 + {USB_DEVICE(0x069a, 0x0821), USB_DEVICE_DATA(BOARD_503_ISL3861)},
174 + /* Generic AT76C503/3863 device */
175 + {USB_DEVICE(0x03eb, 0x7604), USB_DEVICE_DATA(BOARD_503_ISL3863)},
176 + /* Samsung SWL-2100U */
177 + {USB_DEVICE(0x055d, 0xa000), USB_DEVICE_DATA(BOARD_503_ISL3863)},
181 + /* Generic AT76C503/RFMD device */
182 + {USB_DEVICE(0x03eb, 0x7605), USB_DEVICE_DATA(BOARD_503)},
183 + /* Dynalink/Askey WLL013 (rfmd) */
184 + {USB_DEVICE(0x069a, 0x0321), USB_DEVICE_DATA(BOARD_503)},
185 + /* Linksys WUSB11 v2.6 */
186 + {USB_DEVICE(0x077b, 0x2219), USB_DEVICE_DATA(BOARD_503)},
187 + /* Network Everywhere NWU11B */
188 + {USB_DEVICE(0x077b, 0x2227), USB_DEVICE_DATA(BOARD_503)},
189 + /* Netgear MA101 rev. B */
190 + {USB_DEVICE(0x0864, 0x4102), USB_DEVICE_DATA(BOARD_503)},
191 + /* D-Link DWL-120 rev. E */
192 + {USB_DEVICE(0x2001, 0x3200), USB_DEVICE_DATA(BOARD_503)},
193 + /* Actiontec 802UAT1, HWU01150-01UK */
194 + {USB_DEVICE(0x1668, 0x7605), USB_DEVICE_DATA(BOARD_503)},
195 + /* AirVast W-Buddie WN210 */
196 + {USB_DEVICE(0x03eb, 0x4102), USB_DEVICE_DATA(BOARD_503)},
197 + /* Dick Smith Electronics XH1153 802.11b USB adapter */
198 + {USB_DEVICE(0x1371, 0x5743), USB_DEVICE_DATA(BOARD_503)},
199 + /* CNet CNUSB611 */
200 + {USB_DEVICE(0x1371, 0x0001), USB_DEVICE_DATA(BOARD_503)},
201 + /* FiberLine FL-WL200U */
202 + {USB_DEVICE(0x1371, 0x0002), USB_DEVICE_DATA(BOARD_503)},
203 + /* BenQ AWL400 USB stick */
204 + {USB_DEVICE(0x04a5, 0x9001), USB_DEVICE_DATA(BOARD_503)},
205 + /* 3Com 3CRSHEW696 */
206 + {USB_DEVICE(0x0506, 0x0a01), USB_DEVICE_DATA(BOARD_503)},
207 + /* Siemens Santis ADSL WLAN USB adapter WLL 013 */
208 + {USB_DEVICE(0x0681, 0x001b), USB_DEVICE_DATA(BOARD_503)},
209 + /* Belkin F5D6050, version 2 */
210 + {USB_DEVICE(0x050d, 0x0050), USB_DEVICE_DATA(BOARD_503)},
211 + /* iBlitzz, BWU613 (not *B or *SB) */
212 + {USB_DEVICE(0x07b8, 0xb000), USB_DEVICE_DATA(BOARD_503)},
213 + /* Gigabyte GN-WLBM101 */
214 + {USB_DEVICE(0x1044, 0x8003), USB_DEVICE_DATA(BOARD_503)},
215 + /* Planex GW-US11S */
216 + {USB_DEVICE(0x2019, 0x3220), USB_DEVICE_DATA(BOARD_503)},
217 + /* Internal WLAN adapter in h5[4,5]xx series iPAQs */
218 + {USB_DEVICE(0x049f, 0x0032), USB_DEVICE_DATA(BOARD_503)},
219 + /* Corega Wireless LAN USB-11 mini */
220 + {USB_DEVICE(0x07aa, 0x0011), USB_DEVICE_DATA(BOARD_503)},
221 + /* Corega Wireless LAN USB-11 mini2 */
222 + {USB_DEVICE(0x07aa, 0x0018), USB_DEVICE_DATA(BOARD_503)},
223 + /* Uniden PCW100 */
224 + {USB_DEVICE(0x05dd, 0xff35), USB_DEVICE_DATA(BOARD_503)},
226 + * at76c503-rfmd-acc
229 + {USB_DEVICE(0x083a, 0x3501), USB_DEVICE_DATA(BOARD_503_ACC)},
230 + /* Belkin F5D6050, SMC2662W v2, SMC2662W-AR */
231 + {USB_DEVICE(0x0d5c, 0xa002), USB_DEVICE_DATA(BOARD_503_ACC)},
235 + /* Generic AT76C505/RFMD */
236 + {USB_DEVICE(0x03eb, 0x7606), USB_DEVICE_DATA(BOARD_505)},
238 + * at76c505-rfmd2958
240 + /* Generic AT76C505/RFMD, OvisLink WL-1130USB */
241 + {USB_DEVICE(0x03eb, 0x7613), USB_DEVICE_DATA(BOARD_505_2958)},
242 + /* Fiberline FL-WL240U */
243 + {USB_DEVICE(0x1371, 0x0014), USB_DEVICE_DATA(BOARD_505_2958)},
244 + /* CNet CNUSB-611G */
245 + {USB_DEVICE(0x1371, 0x0013), USB_DEVICE_DATA(BOARD_505_2958)},
246 + /* Linksys WUSB11 v2.8 */
247 + {USB_DEVICE(0x1915, 0x2233), USB_DEVICE_DATA(BOARD_505_2958)},
248 + /* Xterasys XN-2122B, IBlitzz BWU613B/BWU613SB */
249 + {USB_DEVICE(0x12fd, 0x1001), USB_DEVICE_DATA(BOARD_505_2958)},
250 + /* Corega WLAN USB Stick 11 */
251 + {USB_DEVICE(0x07aa, 0x7613), USB_DEVICE_DATA(BOARD_505_2958)},
252 + /* Microstar MSI Box MS6978 */
253 + {USB_DEVICE(0x0db0, 0x1020), USB_DEVICE_DATA(BOARD_505_2958)},
255 + * at76c505a-rfmd2958
257 + /* Generic AT76C505A device */
258 + {USB_DEVICE(0x03eb, 0x7614), USB_DEVICE_DATA(BOARD_505A)},
259 + /* Generic AT76C505AS device */
260 + {USB_DEVICE(0x03eb, 0x7617), USB_DEVICE_DATA(BOARD_505A)},
261 + /* Siemens Gigaset USB WLAN Adapter 11 */
262 + {USB_DEVICE(0x1690, 0x0701), USB_DEVICE_DATA(BOARD_505A)},
266 + /* Generic AT76C505AMX device */
267 + {USB_DEVICE(0x03eb, 0x7615), USB_DEVICE_DATA(BOARD_505AMX)},
271 +MODULE_DEVICE_TABLE(usb, dev_table);
273 +/* Supported rates of this hardware, bit 7 marks basic rates */
274 +static const u8 hw_rates[] = { 0x82, 0x84, 0x0b, 0x16 };
276 +/* Frequency of each channel in MHz */
277 +static const long channel_frequency[] = {
278 + 2412, 2417, 2422, 2427, 2432, 2437, 2442,
279 + 2447, 2452, 2457, 2462, 2467, 2472, 2484
282 +#define NUM_CHANNELS ARRAY_SIZE(channel_frequency)
284 +static const char *const preambles[] = { "long", "short", "auto" };
286 +static const char *const mac_states[] = {
287 + [MAC_INIT] = "INIT",
288 + [MAC_SCANNING] = "SCANNING",
289 + [MAC_AUTH] = "AUTH",
290 + [MAC_ASSOC] = "ASSOC",
291 + [MAC_JOINING] = "JOINING",
292 + [MAC_CONNECTED] = "CONNECTED",
293 + [MAC_OWN_IBSS] = "OWN_IBSS"
296 +/* Firmware download */
298 +#define STATE_IDLE 0x00
299 +#define STATE_DETACH 0x01
300 +#define STATE_DFU_IDLE 0x02
301 +#define STATE_DFU_DOWNLOAD_SYNC 0x03
302 +#define STATE_DFU_DOWNLOAD_BUSY 0x04
303 +#define STATE_DFU_DOWNLOAD_IDLE 0x05
304 +#define STATE_DFU_MANIFEST_SYNC 0x06
305 +#define STATE_DFU_MANIFEST 0x07
306 +#define STATE_DFU_MANIFEST_WAIT_RESET 0x08
307 +#define STATE_DFU_UPLOAD_IDLE 0x09
308 +#define STATE_DFU_ERROR 0x0a
311 +#define DFU_DETACH 0
312 +#define DFU_DNLOAD 1
313 +#define DFU_UPLOAD 2
314 +#define DFU_GETSTATUS 3
315 +#define DFU_CLRSTATUS 4
316 +#define DFU_GETSTATE 5
319 +#define FW_BLOCK_SIZE 1024
322 + unsigned char status;
323 + unsigned char poll_timeout[3];
324 + unsigned char state;
325 + unsigned char string;
326 +} __attribute__((packed));
328 +static inline int at76_is_intersil(enum board_type board)
330 + return (board == BOARD_503_ISL3861 || board == BOARD_503_ISL3863);
333 +static inline int at76_is_503rfmd(enum board_type board)
335 + return (board == BOARD_503 || board == BOARD_503_ACC);
338 +static inline int at76_is_505a(enum board_type board)
340 + return (board == BOARD_505A || board == BOARD_505AMX);
343 +/* Load a block of the first (internal) part of the firmware */
344 +static int at76_load_int_fw_block(struct usb_device *udev, int blockno,
345 + void *block, int size)
347 + return usb_control_msg(udev, usb_sndctrlpipe(udev, 0), DFU_DNLOAD,
348 + USB_TYPE_CLASS | USB_DIR_OUT |
349 + USB_RECIP_INTERFACE, blockno, 0, block, size,
350 + USB_CTRL_GET_TIMEOUT);
353 +static int at76_dfu_get_status(struct usb_device *udev,
354 + struct dfu_status *status)
358 + ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), DFU_GETSTATUS,
359 + USB_TYPE_CLASS | USB_DIR_IN | USB_RECIP_INTERFACE,
360 + 0, 0, status, sizeof(struct dfu_status),
361 + USB_CTRL_GET_TIMEOUT);
365 +static u8 at76_dfu_get_state(struct usb_device *udev, u8 *state)
369 + ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), DFU_GETSTATE,
370 + USB_TYPE_CLASS | USB_DIR_IN | USB_RECIP_INTERFACE,
371 + 0, 0, state, 1, USB_CTRL_GET_TIMEOUT);
375 +/* Convert timeout from the DFU status to jiffies */
376 +static inline unsigned long at76_get_timeout(struct dfu_status *s)
378 + return msecs_to_jiffies((s->poll_timeout[2] << 16)
379 + | (s->poll_timeout[1] << 8)
380 + | (s->poll_timeout[0]));
383 +/* Load internal firmware from the buffer. If manifest_sync_timeout > 0, use
384 + * its value in jiffies in the MANIFEST_SYNC state. */
385 +static int at76_usbdfu_download(struct usb_device *udev, u8 *buf, u32 size,
386 + int manifest_sync_timeout)
389 + struct dfu_status dfu_stat_buf;
391 + int need_dfu_state = 1;
394 + u32 dfu_timeout = 0;
398 + at76_dbg(DBG_DFU, "%s( %p, %u, %d)", __func__, buf, size,
399 + manifest_sync_timeout);
402 + dev_printk(KERN_ERR, &udev->dev, "FW buffer length invalid!\n");
406 + block = kmalloc(FW_BLOCK_SIZE, GFP_KERNEL);
411 + if (need_dfu_state) {
412 + ret = at76_dfu_get_state(udev, &dfu_state);
414 + dev_printk(KERN_ERR, &udev->dev,
415 + "cannot get DFU state: %d\n", ret);
418 + need_dfu_state = 0;
421 + switch (dfu_state) {
422 + case STATE_DFU_DOWNLOAD_SYNC:
423 + at76_dbg(DBG_DFU, "STATE_DFU_DOWNLOAD_SYNC");
424 + ret = at76_dfu_get_status(udev, &dfu_stat_buf);
426 + dfu_state = dfu_stat_buf.state;
427 + dfu_timeout = at76_get_timeout(&dfu_stat_buf);
428 + need_dfu_state = 0;
430 + dev_printk(KERN_ERR, &udev->dev,
431 + "at76_dfu_get_status returned %d\n",
435 + case STATE_DFU_DOWNLOAD_BUSY:
436 + at76_dbg(DBG_DFU, "STATE_DFU_DOWNLOAD_BUSY");
437 + need_dfu_state = 1;
439 + at76_dbg(DBG_DFU, "DFU: Resetting device");
440 + schedule_timeout_interruptible(dfu_timeout);
443 + case STATE_DFU_DOWNLOAD_IDLE:
444 + at76_dbg(DBG_DFU, "DOWNLOAD...");
446 + case STATE_DFU_IDLE:
447 + at76_dbg(DBG_DFU, "DFU IDLE");
449 + bsize = min_t(int, size, FW_BLOCK_SIZE);
450 + memcpy(block, buf, bsize);
451 + at76_dbg(DBG_DFU, "int fw, size left = %5d, "
452 + "bsize = %4d, blockno = %2d", size, bsize,
455 + at76_load_int_fw_block(udev, blockno, block, bsize);
461 + dev_printk(KERN_ERR, &udev->dev,
462 + "at76_load_int_fw_block "
463 + "returned %d\n", ret);
464 + need_dfu_state = 1;
467 + case STATE_DFU_MANIFEST_SYNC:
468 + at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST_SYNC");
470 + ret = at76_dfu_get_status(udev, &dfu_stat_buf);
474 + dfu_state = dfu_stat_buf.state;
475 + dfu_timeout = at76_get_timeout(&dfu_stat_buf);
476 + need_dfu_state = 0;
478 + /* override the timeout from the status response,
479 + needed for AT76C505A */
480 + if (manifest_sync_timeout > 0)
481 + dfu_timeout = manifest_sync_timeout;
483 + at76_dbg(DBG_DFU, "DFU: Waiting for manifest phase");
484 + schedule_timeout_interruptible(dfu_timeout);
487 + case STATE_DFU_MANIFEST:
488 + at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST");
492 + case STATE_DFU_MANIFEST_WAIT_RESET:
493 + at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST_WAIT_RESET");
497 + case STATE_DFU_UPLOAD_IDLE:
498 + at76_dbg(DBG_DFU, "STATE_DFU_UPLOAD_IDLE");
501 + case STATE_DFU_ERROR:
502 + at76_dbg(DBG_DFU, "STATE_DFU_ERROR");
507 + at76_dbg(DBG_DFU, "DFU UNKNOWN STATE (%d)", dfu_state);
511 + } while (!is_done && (ret >= 0));
521 +/* Report that the scan results are ready */
522 +static inline void at76_iwevent_scan_complete(struct net_device *netdev)
524 + union iwreq_data wrqu;
525 + wrqu.data.length = 0;
526 + wrqu.data.flags = 0;
527 + wireless_send_event(netdev, SIOCGIWSCAN, &wrqu, NULL);
528 + at76_dbg(DBG_WE_EVENTS, "%s: SIOCGIWSCAN sent", netdev->name);
531 +static inline void at76_iwevent_bss_connect(struct net_device *netdev,
534 + union iwreq_data wrqu;
535 + wrqu.data.length = 0;
536 + wrqu.data.flags = 0;
537 + memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
538 + wrqu.ap_addr.sa_family = ARPHRD_ETHER;
539 + wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL);
540 + at76_dbg(DBG_WE_EVENTS, "%s: %s: SIOCGIWAP sent", netdev->name,
544 +static inline void at76_iwevent_bss_disconnect(struct net_device *netdev)
546 + union iwreq_data wrqu;
547 + wrqu.data.length = 0;
548 + wrqu.data.flags = 0;
549 + memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
550 + wrqu.ap_addr.sa_family = ARPHRD_ETHER;
551 + wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL);
552 + at76_dbg(DBG_WE_EVENTS, "%s: %s: SIOCGIWAP sent", netdev->name,
556 +#define HEX2STR_BUFFERS 4
557 +#define HEX2STR_MAX_LEN 64
558 +#define BIN2HEX(x) ((x) < 10 ? '0' + (x) : (x) + 'A' - 10)
560 +/* Convert binary data into hex string */
561 +static char *hex2str(void *buf, int len)
563 + static atomic_t a = ATOMIC_INIT(0);
564 + static char bufs[HEX2STR_BUFFERS][3 * HEX2STR_MAX_LEN + 1];
565 + char *ret = bufs[atomic_inc_return(&a) & (HEX2STR_BUFFERS - 1)];
569 + if (len > HEX2STR_MAX_LEN)
570 + len = HEX2STR_MAX_LEN;
578 + *obuf++ = BIN2HEX(*ibuf >> 4);
579 + *obuf++ = BIN2HEX(*ibuf & 0xf);
588 +#define MAC2STR_BUFFERS 4
590 +static inline char *mac2str(u8 *mac)
592 + static atomic_t a = ATOMIC_INIT(0);
593 + static char bufs[MAC2STR_BUFFERS][6 * 3];
596 + str = bufs[atomic_inc_return(&a) & (MAC2STR_BUFFERS - 1)];
597 + sprintf(str, "%02x:%02x:%02x:%02x:%02x:%02x",
598 + mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
603 +static int tx_activity;
604 +static void at76_ledtrig_tx_timerfunc(unsigned long data);
605 +static DEFINE_TIMER(ledtrig_tx_timer, at76_ledtrig_tx_timerfunc, 0, 0);
606 +DEFINE_LED_TRIGGER(ledtrig_tx);
608 +static void at76_ledtrig_tx_timerfunc(unsigned long data)
610 + static int tx_lastactivity;
612 + if (tx_lastactivity != tx_activity) {
613 + tx_lastactivity = tx_activity;
614 + led_trigger_event(ledtrig_tx, LED_FULL);
615 + mod_timer(&ledtrig_tx_timer, jiffies + HZ / 4);
617 + led_trigger_event(ledtrig_tx, LED_OFF);
620 +static void at76_ledtrig_tx_activity(void)
623 + if (!timer_pending(&ledtrig_tx_timer))
624 + mod_timer(&ledtrig_tx_timer, jiffies + HZ / 4);
627 +/* Check if the given ssid is hidden */
628 +static inline int at76_is_hidden_ssid(u8 *ssid, int length)
630 + static const u8 zeros[32];
635 + if (length == 1 && ssid[0] == ' ')
638 + return (memcmp(ssid, zeros, length) == 0);
641 +static inline void at76_free_bss_list(struct at76_priv *priv)
643 + struct list_head *next, *ptr;
644 + unsigned long flags;
646 + spin_lock_irqsave(&priv->bss_list_spinlock, flags);
648 + priv->curr_bss = NULL;
650 + list_for_each_safe(ptr, next, &priv->bss_list) {
652 + kfree(list_entry(ptr, struct bss_info, list));
655 + spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
658 +static int at76_remap(struct usb_device *udev)
661 + ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0a,
662 + USB_TYPE_VENDOR | USB_DIR_OUT |
663 + USB_RECIP_INTERFACE, 0, 0, NULL, 0,
664 + USB_CTRL_GET_TIMEOUT);
670 +static int at76_get_op_mode(struct usb_device *udev)
675 + ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
676 + USB_TYPE_VENDOR | USB_DIR_IN |
677 + USB_RECIP_INTERFACE, 0x01, 0, &op_mode, 1,
678 + USB_CTRL_GET_TIMEOUT);
687 +/* Load a block of the second ("external") part of the firmware */
688 +static inline int at76_load_ext_fw_block(struct usb_device *udev, int blockno,
689 + void *block, int size)
691 + return usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0e,
692 + USB_TYPE_VENDOR | USB_DIR_OUT | USB_RECIP_DEVICE,
693 + 0x0802, blockno, block, size,
694 + USB_CTRL_GET_TIMEOUT);
697 +static inline int at76_get_hw_cfg(struct usb_device *udev,
698 + union at76_hwcfg *buf, int buf_size)
700 + return usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
701 + USB_TYPE_VENDOR | USB_DIR_IN |
702 + USB_RECIP_INTERFACE, 0x0a02, 0,
703 + buf, buf_size, USB_CTRL_GET_TIMEOUT);
706 +/* Intersil boards use a different "value" for GetHWConfig requests */
707 +static inline int at76_get_hw_cfg_intersil(struct usb_device *udev,
708 + union at76_hwcfg *buf, int buf_size)
710 + return usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
711 + USB_TYPE_VENDOR | USB_DIR_IN |
712 + USB_RECIP_INTERFACE, 0x0902, 0,
713 + buf, buf_size, USB_CTRL_GET_TIMEOUT);
716 +/* Get the hardware configuration for the adapter and put it to the appropriate
717 + * fields of 'priv' (the GetHWConfig request and interpretation of the result
718 + * depends on the board type) */
719 +static int at76_get_hw_config(struct at76_priv *priv)
722 + union at76_hwcfg *hwcfg = kmalloc(sizeof(*hwcfg), GFP_KERNEL);
727 + if (at76_is_intersil(priv->board_type)) {
728 + ret = at76_get_hw_cfg_intersil(priv->udev, hwcfg,
732 + memcpy(priv->mac_addr, hwcfg->i.mac_addr, ETH_ALEN);
733 + priv->regulatory_domain = hwcfg->i.regulatory_domain;
734 + } else if (at76_is_503rfmd(priv->board_type)) {
735 + ret = at76_get_hw_cfg(priv->udev, hwcfg, sizeof(hwcfg->r3));
738 + memcpy(priv->mac_addr, hwcfg->r3.mac_addr, ETH_ALEN);
739 + priv->regulatory_domain = hwcfg->r3.regulatory_domain;
741 + ret = at76_get_hw_cfg(priv->udev, hwcfg, sizeof(hwcfg->r5));
744 + memcpy(priv->mac_addr, hwcfg->r5.mac_addr, ETH_ALEN);
745 + priv->regulatory_domain = hwcfg->r5.regulatory_domain;
751 + printk(KERN_ERR "%s: cannot get HW Config (error %d)\n",
752 + priv->netdev->name, ret);
757 +static struct reg_domain const *at76_get_reg_domain(u16 code)
760 + static struct reg_domain const fd_tab[] = {
761 + {0x10, "FCC (USA)", 0x7ff}, /* ch 1-11 */
762 + {0x20, "IC (Canada)", 0x7ff}, /* ch 1-11 */
763 + {0x30, "ETSI (most of Europe)", 0x1fff}, /* ch 1-13 */
764 + {0x31, "Spain", 0x600}, /* ch 10-11 */
765 + {0x32, "France", 0x1e00}, /* ch 10-13 */
766 + {0x40, "MKK (Japan)", 0x2000}, /* ch 14 */
767 + {0x41, "MKK1 (Japan)", 0x3fff}, /* ch 1-14 */
768 + {0x50, "Israel", 0x3fc}, /* ch 3-9 */
769 + {0x00, "<unknown>", 0xffffffff} /* ch 1-32 */
772 + /* Last entry is fallback for unknown domain code */
773 + for (i = 0; i < ARRAY_SIZE(fd_tab) - 1; i++)
774 + if (code == fd_tab[i].code)
780 +static inline int at76_get_mib(struct usb_device *udev, u16 mib, void *buf,
785 + ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
786 + USB_TYPE_VENDOR | USB_DIR_IN |
787 + USB_RECIP_INTERFACE, mib << 8, 0, buf, buf_size,
788 + USB_CTRL_GET_TIMEOUT);
789 + if (ret >= 0 && ret != buf_size)
794 +/* Return positive number for status, negative for an error */
795 +static inline int at76_get_cmd_status(struct usb_device *udev, u8 cmd)
800 + ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x22,
801 + USB_TYPE_VENDOR | USB_DIR_IN |
802 + USB_RECIP_INTERFACE, cmd, 0, stat_buf,
803 + sizeof(stat_buf), USB_CTRL_GET_TIMEOUT);
807 + return stat_buf[5];
810 +static int at76_set_card_command(struct usb_device *udev, int cmd, void *buf,
814 + struct at76_command *cmd_buf = kmalloc(sizeof(struct at76_command) +
815 + buf_size, GFP_KERNEL);
820 + cmd_buf->cmd = cmd;
821 + cmd_buf->reserved = 0;
822 + cmd_buf->size = cpu_to_le16(buf_size);
823 + memcpy(cmd_buf->data, buf, buf_size);
825 + ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0e,
826 + USB_TYPE_VENDOR | USB_DIR_OUT | USB_RECIP_DEVICE,
828 + sizeof(struct at76_command) + buf_size,
829 + USB_CTRL_GET_TIMEOUT);
834 +#define MAKE_CMD_STATUS_CASE(c) case (c): return #c
835 +static const char *at76_get_cmd_status_string(u8 cmd_status)
837 + switch (cmd_status) {
838 + MAKE_CMD_STATUS_CASE(CMD_STATUS_IDLE);
839 + MAKE_CMD_STATUS_CASE(CMD_STATUS_COMPLETE);
840 + MAKE_CMD_STATUS_CASE(CMD_STATUS_UNKNOWN);
841 + MAKE_CMD_STATUS_CASE(CMD_STATUS_INVALID_PARAMETER);
842 + MAKE_CMD_STATUS_CASE(CMD_STATUS_FUNCTION_NOT_SUPPORTED);
843 + MAKE_CMD_STATUS_CASE(CMD_STATUS_TIME_OUT);
844 + MAKE_CMD_STATUS_CASE(CMD_STATUS_IN_PROGRESS);
845 + MAKE_CMD_STATUS_CASE(CMD_STATUS_HOST_FAILURE);
846 + MAKE_CMD_STATUS_CASE(CMD_STATUS_SCAN_FAILED);
852 +/* Wait until the command is completed */
853 +static int at76_wait_completion(struct at76_priv *priv, int cmd)
856 + unsigned long timeout = jiffies + CMD_COMPLETION_TIMEOUT;
859 + status = at76_get_cmd_status(priv->udev, cmd);
861 + printk(KERN_ERR "%s: at76_get_cmd_status failed: %d\n",
862 + priv->netdev->name, status);
866 + at76_dbg(DBG_WAIT_COMPLETE,
867 + "%s: Waiting on cmd %d, status = %d (%s)",
868 + priv->netdev->name, cmd, status,
869 + at76_get_cmd_status_string(status));
871 + if (status != CMD_STATUS_IN_PROGRESS
872 + && status != CMD_STATUS_IDLE)
875 + schedule_timeout_interruptible(HZ / 10); /* 100 ms */
876 + if (time_after(jiffies, timeout)) {
878 + "%s: completion timeout for command %d\n",
879 + priv->netdev->name, cmd);
880 + status = -ETIMEDOUT;
888 +static int at76_set_mib(struct at76_priv *priv, struct set_mib_buffer *buf)
892 + ret = at76_set_card_command(priv->udev, CMD_SET_MIB, buf,
893 + offsetof(struct set_mib_buffer,
894 + data) + buf->size);
898 + ret = at76_wait_completion(priv, CMD_SET_MIB);
899 + if (ret != CMD_STATUS_COMPLETE) {
901 + "%s: set_mib: at76_wait_completion failed "
902 + "with %d\n", priv->netdev->name, ret);
909 +/* Return < 0 on error, == 0 if no command sent, == 1 if cmd sent */
910 +static int at76_set_radio(struct at76_priv *priv, int enable)
915 + if (priv->radio_on == enable)
918 + cmd = enable ? CMD_RADIO_ON : CMD_RADIO_OFF;
920 + ret = at76_set_card_command(priv->udev, cmd, NULL, 0);
922 + printk(KERN_ERR "%s: at76_set_card_command(%d) failed: %d\n",
923 + priv->netdev->name, cmd, ret);
927 + priv->radio_on = enable;
931 +/* Set current power save mode (AT76_PM_OFF/AT76_PM_ON/AT76_PM_SMART) */
932 +static int at76_set_pm_mode(struct at76_priv *priv)
936 + priv->mib_buf.type = MIB_MAC_MGMT;
937 + priv->mib_buf.size = 1;
938 + priv->mib_buf.index = offsetof(struct mib_mac_mgmt, power_mgmt_mode);
939 + priv->mib_buf.data.byte = priv->pm_mode;
941 + ret = at76_set_mib(priv, &priv->mib_buf);
943 + printk(KERN_ERR "%s: set_mib (pm_mode) failed: %d\n",
944 + priv->netdev->name, ret);
949 +/* Set the association id for power save mode */
950 +static int at76_set_associd(struct at76_priv *priv, u16 id)
954 + priv->mib_buf.type = MIB_MAC_MGMT;
955 + priv->mib_buf.size = 2;
956 + priv->mib_buf.index = offsetof(struct mib_mac_mgmt, station_id);
957 + priv->mib_buf.data.word = cpu_to_le16(id);
959 + ret = at76_set_mib(priv, &priv->mib_buf);
961 + printk(KERN_ERR "%s: set_mib (associd) failed: %d\n",
962 + priv->netdev->name, ret);
967 +/* Set the listen interval for power save mode */
968 +static int at76_set_listen_interval(struct at76_priv *priv, u16 interval)
972 + priv->mib_buf.type = MIB_MAC;
973 + priv->mib_buf.size = 2;
974 + priv->mib_buf.index = offsetof(struct mib_mac, listen_interval);
975 + priv->mib_buf.data.word = cpu_to_le16(interval);
977 + ret = at76_set_mib(priv, &priv->mib_buf);
980 + "%s: set_mib (listen_interval) failed: %d\n",
981 + priv->netdev->name, ret);
986 +static int at76_set_preamble(struct at76_priv *priv, u8 type)
990 + priv->mib_buf.type = MIB_LOCAL;
991 + priv->mib_buf.size = 1;
992 + priv->mib_buf.index = offsetof(struct mib_local, preamble_type);
993 + priv->mib_buf.data.byte = type;
995 + ret = at76_set_mib(priv, &priv->mib_buf);
997 + printk(KERN_ERR "%s: set_mib (preamble) failed: %d\n",
998 + priv->netdev->name, ret);
1003 +static int at76_set_frag(struct at76_priv *priv, u16 size)
1007 + priv->mib_buf.type = MIB_MAC;
1008 + priv->mib_buf.size = 2;
1009 + priv->mib_buf.index = offsetof(struct mib_mac, frag_threshold);
1010 + priv->mib_buf.data.word = cpu_to_le16(size);
1012 + ret = at76_set_mib(priv, &priv->mib_buf);
1014 + printk(KERN_ERR "%s: set_mib (frag threshold) failed: %d\n",
1015 + priv->netdev->name, ret);
1020 +static int at76_set_rts(struct at76_priv *priv, u16 size)
1024 + priv->mib_buf.type = MIB_MAC;
1025 + priv->mib_buf.size = 2;
1026 + priv->mib_buf.index = offsetof(struct mib_mac, rts_threshold);
1027 + priv->mib_buf.data.word = cpu_to_le16(size);
1029 + ret = at76_set_mib(priv, &priv->mib_buf);
1031 + printk(KERN_ERR "%s: set_mib (rts) failed: %d\n",
1032 + priv->netdev->name, ret);
1037 +static int at76_set_autorate_fallback(struct at76_priv *priv, int onoff)
1041 + priv->mib_buf.type = MIB_LOCAL;
1042 + priv->mib_buf.size = 1;
1043 + priv->mib_buf.index = offsetof(struct mib_local, txautorate_fallback);
1044 + priv->mib_buf.data.byte = onoff;
1046 + ret = at76_set_mib(priv, &priv->mib_buf);
1048 + printk(KERN_ERR "%s: set_mib (autorate fallback) failed: %d\n",
1049 + priv->netdev->name, ret);
1054 +static int at76_add_mac_address(struct at76_priv *priv, void *addr)
1058 + priv->mib_buf.type = MIB_MAC_ADDR;
1059 + priv->mib_buf.size = ETH_ALEN;
1060 + priv->mib_buf.index = offsetof(struct mib_mac_addr, mac_addr);
1061 + memcpy(priv->mib_buf.data.addr, addr, ETH_ALEN);
1063 + ret = at76_set_mib(priv, &priv->mib_buf);
1065 + printk(KERN_ERR "%s: set_mib (MAC_ADDR, mac_addr) failed: %d\n",
1066 + priv->netdev->name, ret);
1071 +static void at76_dump_mib_mac_addr(struct at76_priv *priv)
1075 + struct mib_mac_addr *m = kmalloc(sizeof(struct mib_mac_addr),
1081 + ret = at76_get_mib(priv->udev, MIB_MAC_ADDR, m,
1082 + sizeof(struct mib_mac_addr));
1084 + printk(KERN_ERR "%s: at76_get_mib (MAC_ADDR) failed: %d\n",
1085 + priv->netdev->name, ret);
1089 + at76_dbg(DBG_MIB, "%s: MIB MAC_ADDR: mac_addr %s res 0x%x 0x%x",
1090 + priv->netdev->name,
1091 + mac2str(m->mac_addr), m->res[0], m->res[1]);
1092 + for (i = 0; i < ARRAY_SIZE(m->group_addr); i++)
1093 + at76_dbg(DBG_MIB, "%s: MIB MAC_ADDR: group addr %d: %s, "
1094 + "status %d", priv->netdev->name, i,
1095 + mac2str(m->group_addr[i]), m->group_addr_status[i]);
1100 +static void at76_dump_mib_mac_wep(struct at76_priv *priv)
1105 + struct mib_mac_wep *m = kmalloc(sizeof(struct mib_mac_wep), GFP_KERNEL);
1110 + ret = at76_get_mib(priv->udev, MIB_MAC_WEP, m,
1111 + sizeof(struct mib_mac_wep));
1113 + printk(KERN_ERR "%s: at76_get_mib (MAC_WEP) failed: %d\n",
1114 + priv->netdev->name, ret);
1118 + at76_dbg(DBG_MIB, "%s: MIB MAC_WEP: priv_invoked %u def_key_id %u "
1119 + "key_len %u excl_unencr %u wep_icv_err %u wep_excluded %u "
1120 + "encr_level %u key %d", priv->netdev->name,
1121 + m->privacy_invoked, m->wep_default_key_id,
1122 + m->wep_key_mapping_len, m->exclude_unencrypted,
1123 + le32_to_cpu(m->wep_icv_error_count),
1124 + le32_to_cpu(m->wep_excluded_count), m->encryption_level,
1125 + m->wep_default_key_id);
1127 + key_len = (m->encryption_level == 1) ?
1128 + WEP_SMALL_KEY_LEN : WEP_LARGE_KEY_LEN;
1130 + for (i = 0; i < WEP_KEYS; i++)
1131 + at76_dbg(DBG_MIB, "%s: MIB MAC_WEP: key %d: %s",
1132 + priv->netdev->name, i,
1133 + hex2str(m->wep_default_keyvalue[i], key_len));
1138 +static void at76_dump_mib_mac_mgmt(struct at76_priv *priv)
1141 + struct mib_mac_mgmt *m = kmalloc(sizeof(struct mib_mac_mgmt),
1147 + ret = at76_get_mib(priv->udev, MIB_MAC_MGMT, m,
1148 + sizeof(struct mib_mac_mgmt));
1150 + printk(KERN_ERR "%s: at76_get_mib (MAC_MGMT) failed: %d\n",
1151 + priv->netdev->name, ret);
1155 + at76_dbg(DBG_MIB, "%s: MIB MAC_MGMT: beacon_period %d CFP_max_duration "
1156 + "%d medium_occupancy_limit %d station_id 0x%x ATIM_window %d "
1157 + "CFP_mode %d privacy_opt_impl %d DTIM_period %d CFP_period %d "
1158 + "current_bssid %s current_essid %s current_bss_type %d "
1159 + "pm_mode %d ibss_change %d res %d "
1160 + "multi_domain_capability_implemented %d "
1161 + "international_roaming %d country_string %.3s",
1162 + priv->netdev->name, le16_to_cpu(m->beacon_period),
1163 + le16_to_cpu(m->CFP_max_duration),
1164 + le16_to_cpu(m->medium_occupancy_limit),
1165 + le16_to_cpu(m->station_id), le16_to_cpu(m->ATIM_window),
1166 + m->CFP_mode, m->privacy_option_implemented, m->DTIM_period,
1167 + m->CFP_period, mac2str(m->current_bssid),
1168 + hex2str(m->current_essid, IW_ESSID_MAX_SIZE),
1169 + m->current_bss_type, m->power_mgmt_mode, m->ibss_change,
1170 + m->res, m->multi_domain_capability_implemented,
1171 + m->multi_domain_capability_enabled, m->country_string);
1176 +static void at76_dump_mib_mac(struct at76_priv *priv)
1179 + struct mib_mac *m = kmalloc(sizeof(struct mib_mac), GFP_KERNEL);
1184 + ret = at76_get_mib(priv->udev, MIB_MAC, m, sizeof(struct mib_mac));
1186 + printk(KERN_ERR "%s: at76_get_mib (MAC) failed: %d\n",
1187 + priv->netdev->name, ret);
1191 + at76_dbg(DBG_MIB, "%s: MIB MAC: max_tx_msdu_lifetime %d "
1192 + "max_rx_lifetime %d frag_threshold %d rts_threshold %d "
1193 + "cwmin %d cwmax %d short_retry_time %d long_retry_time %d "
1194 + "scan_type %d scan_channel %d probe_delay %u "
1195 + "min_channel_time %d max_channel_time %d listen_int %d "
1196 + "desired_ssid %s desired_bssid %s desired_bsstype %d",
1197 + priv->netdev->name, le32_to_cpu(m->max_tx_msdu_lifetime),
1198 + le32_to_cpu(m->max_rx_lifetime),
1199 + le16_to_cpu(m->frag_threshold), le16_to_cpu(m->rts_threshold),
1200 + le16_to_cpu(m->cwmin), le16_to_cpu(m->cwmax),
1201 + m->short_retry_time, m->long_retry_time, m->scan_type,
1202 + m->scan_channel, le16_to_cpu(m->probe_delay),
1203 + le16_to_cpu(m->min_channel_time),
1204 + le16_to_cpu(m->max_channel_time),
1205 + le16_to_cpu(m->listen_interval),
1206 + hex2str(m->desired_ssid, IW_ESSID_MAX_SIZE),
1207 + mac2str(m->desired_bssid), m->desired_bsstype);
1212 +static void at76_dump_mib_phy(struct at76_priv *priv)
1215 + struct mib_phy *m = kmalloc(sizeof(struct mib_phy), GFP_KERNEL);
1220 + ret = at76_get_mib(priv->udev, MIB_PHY, m, sizeof(struct mib_phy));
1222 + printk(KERN_ERR "%s: at76_get_mib (PHY) failed: %d\n",
1223 + priv->netdev->name, ret);
1227 + at76_dbg(DBG_MIB, "%s: MIB PHY: ed_threshold %d slot_time %d "
1228 + "sifs_time %d preamble_length %d plcp_header_length %d "
1229 + "mpdu_max_length %d cca_mode_supported %d operation_rate_set "
1230 + "0x%x 0x%x 0x%x 0x%x channel_id %d current_cca_mode %d "
1231 + "phy_type %d current_reg_domain %d",
1232 + priv->netdev->name, le32_to_cpu(m->ed_threshold),
1233 + le16_to_cpu(m->slot_time), le16_to_cpu(m->sifs_time),
1234 + le16_to_cpu(m->preamble_length),
1235 + le16_to_cpu(m->plcp_header_length),
1236 + le16_to_cpu(m->mpdu_max_length),
1237 + le16_to_cpu(m->cca_mode_supported), m->operation_rate_set[0],
1238 + m->operation_rate_set[1], m->operation_rate_set[2],
1239 + m->operation_rate_set[3], m->channel_id, m->current_cca_mode,
1240 + m->phy_type, m->current_reg_domain);
1245 +static void at76_dump_mib_local(struct at76_priv *priv)
1248 + struct mib_local *m = kmalloc(sizeof(struct mib_phy), GFP_KERNEL);
1253 + ret = at76_get_mib(priv->udev, MIB_LOCAL, m, sizeof(struct mib_local));
1255 + printk(KERN_ERR "%s: at76_get_mib (LOCAL) failed: %d\n",
1256 + priv->netdev->name, ret);
1260 + at76_dbg(DBG_MIB, "%s: MIB LOCAL: beacon_enable %d "
1261 + "txautorate_fallback %d ssid_size %d promiscuous_mode %d "
1262 + "preamble_type %d", priv->netdev->name, m->beacon_enable,
1263 + m->txautorate_fallback, m->ssid_size, m->promiscuous_mode,
1264 + m->preamble_type);
1269 +static void at76_dump_mib_mdomain(struct at76_priv *priv)
1272 + struct mib_mdomain *m = kmalloc(sizeof(struct mib_mdomain), GFP_KERNEL);
1277 + ret = at76_get_mib(priv->udev, MIB_MDOMAIN, m,
1278 + sizeof(struct mib_mdomain));
1280 + printk(KERN_ERR "%s: at76_get_mib (MDOMAIN) failed: %d\n",
1281 + priv->netdev->name, ret);
1285 + at76_dbg(DBG_MIB, "%s: MIB MDOMAIN: channel_list %s",
1286 + priv->netdev->name,
1287 + hex2str(m->channel_list, sizeof(m->channel_list)));
1289 + at76_dbg(DBG_MIB, "%s: MIB MDOMAIN: tx_powerlevel %s",
1290 + priv->netdev->name,
1291 + hex2str(m->tx_powerlevel, sizeof(m->tx_powerlevel)));
1296 +static int at76_get_current_bssid(struct at76_priv *priv)
1299 + struct mib_mac_mgmt *mac_mgmt =
1300 + kmalloc(sizeof(struct mib_mac_mgmt), GFP_KERNEL);
1307 + ret = at76_get_mib(priv->udev, MIB_MAC_MGMT, mac_mgmt,
1308 + sizeof(struct mib_mac_mgmt));
1310 + printk(KERN_ERR "%s: at76_get_mib failed: %d\n",
1311 + priv->netdev->name, ret);
1314 + memcpy(priv->bssid, mac_mgmt->current_bssid, ETH_ALEN);
1315 + printk(KERN_INFO "%s: using BSSID %s\n", priv->netdev->name,
1316 + mac2str(priv->bssid));
1323 +static int at76_get_current_channel(struct at76_priv *priv)
1326 + struct mib_phy *phy = kmalloc(sizeof(struct mib_phy), GFP_KERNEL);
1332 + ret = at76_get_mib(priv->udev, MIB_PHY, phy, sizeof(struct mib_phy));
1334 + printk(KERN_ERR "%s: at76_get_mib(MIB_PHY) failed: %d\n",
1335 + priv->netdev->name, ret);
1338 + priv->channel = phy->channel_id;
1346 + * at76_start_scan - start a scan
1348 + * @use_essid - use the configured ESSID in non passive mode
1350 +static int at76_start_scan(struct at76_priv *priv, int use_essid)
1352 + struct at76_req_scan scan;
1354 + memset(&scan, 0, sizeof(struct at76_req_scan));
1355 + memset(scan.bssid, 0xff, ETH_ALEN);
1358 + memcpy(scan.essid, priv->essid, IW_ESSID_MAX_SIZE);
1359 + scan.essid_size = priv->essid_size;
1361 + scan.essid_size = 0;
1363 + /* jal: why should we start at a certain channel? we do scan the whole
1364 + range allowed by reg domain. */
1365 + scan.channel = priv->channel;
1367 + /* atmelwlandriver differs between scan type 0 and 1 (active/passive)
1368 + For ad-hoc mode, it uses type 0 only. */
1369 + scan.scan_type = priv->scan_mode;
1371 + /* INFO: For probe_delay, not multiplying by 1024 as this will be
1372 + slightly less than min_channel_time
1373 + (per spec: probe delay < min. channel time) */
1374 + scan.min_channel_time = cpu_to_le16(priv->scan_min_time);
1375 + scan.max_channel_time = cpu_to_le16(priv->scan_max_time);
1376 + scan.probe_delay = cpu_to_le16(priv->scan_min_time * 1000);
1377 + scan.international_scan = 0;
1379 + /* other values are set to 0 for type 0 */
1381 + at76_dbg(DBG_PROGRESS, "%s: start_scan (use_essid = %d, intl = %d, "
1382 + "channel = %d, probe_delay = %d, scan_min_time = %d, "
1383 + "scan_max_time = %d)",
1384 + priv->netdev->name, use_essid,
1385 + scan.international_scan, scan.channel,
1386 + le16_to_cpu(scan.probe_delay),
1387 + le16_to_cpu(scan.min_channel_time),
1388 + le16_to_cpu(scan.max_channel_time));
1390 + return at76_set_card_command(priv->udev, CMD_SCAN, &scan, sizeof(scan));
1393 +/* Enable monitor mode */
1394 +static int at76_start_monitor(struct at76_priv *priv)
1396 + struct at76_req_scan scan;
1399 + memset(&scan, 0, sizeof(struct at76_req_scan));
1400 + memset(scan.bssid, 0xff, ETH_ALEN);
1402 + scan.channel = priv->channel;
1403 + scan.scan_type = SCAN_TYPE_PASSIVE;
1404 + scan.international_scan = 0;
1406 + ret = at76_set_card_command(priv->udev, CMD_SCAN, &scan, sizeof(scan));
1408 + ret = at76_get_cmd_status(priv->udev, CMD_SCAN);
1413 +static int at76_start_ibss(struct at76_priv *priv)
1415 + struct at76_req_ibss bss;
1418 + WARN_ON(priv->mac_state != MAC_OWN_IBSS);
1419 + if (priv->mac_state != MAC_OWN_IBSS)
1422 + memset(&bss, 0, sizeof(struct at76_req_ibss));
1423 + memset(bss.bssid, 0xff, ETH_ALEN);
1424 + memcpy(bss.essid, priv->essid, IW_ESSID_MAX_SIZE);
1425 + bss.essid_size = priv->essid_size;
1426 + bss.bss_type = ADHOC_MODE;
1427 + bss.channel = priv->channel;
1429 + ret = at76_set_card_command(priv->udev, CMD_START_IBSS, &bss,
1430 + sizeof(struct at76_req_ibss));
1432 + printk(KERN_ERR "%s: start_ibss failed: %d\n",
1433 + priv->netdev->name, ret);
1437 + ret = at76_wait_completion(priv, CMD_START_IBSS);
1438 + if (ret != CMD_STATUS_COMPLETE) {
1439 + printk(KERN_ERR "%s: start_ibss failed to complete, %d\n",
1440 + priv->netdev->name, ret);
1444 + ret = at76_get_current_bssid(priv);
1448 + ret = at76_get_current_channel(priv);
1452 + /* not sure what this is good for ??? */
1453 + priv->mib_buf.type = MIB_MAC_MGMT;
1454 + priv->mib_buf.size = 1;
1455 + priv->mib_buf.index = offsetof(struct mib_mac_mgmt, ibss_change);
1456 + priv->mib_buf.data.byte = 0;
1458 + ret = at76_set_mib(priv, &priv->mib_buf);
1460 + printk(KERN_ERR "%s: set_mib (ibss change ok) failed: %d\n",
1461 + priv->netdev->name, ret);
1465 + netif_carrier_on(priv->netdev);
1466 + netif_start_queue(priv->netdev);
1470 +/* Request card to join BSS in managed or ad-hoc mode */
1471 +static int at76_join_bss(struct at76_priv *priv, struct bss_info *ptr)
1473 + struct at76_req_join join;
1477 + memset(&join, 0, sizeof(struct at76_req_join));
1478 + memcpy(join.bssid, ptr->bssid, ETH_ALEN);
1479 + memcpy(join.essid, ptr->ssid, ptr->ssid_len);
1480 + join.essid_size = ptr->ssid_len;
1481 + join.bss_type = (priv->iw_mode == IW_MODE_ADHOC ? 1 : 2);
1482 + join.channel = ptr->channel;
1483 + join.timeout = cpu_to_le16(2000);
1485 + at76_dbg(DBG_PROGRESS,
1486 + "%s join addr %s ssid %s type %d ch %d timeout %d",
1487 + priv->netdev->name, mac2str(join.bssid), join.essid,
1488 + join.bss_type, join.channel, le16_to_cpu(join.timeout));
1489 + return at76_set_card_command(priv->udev, CMD_JOIN, &join,
1490 + sizeof(struct at76_req_join));
1493 +/* Calculate padding from txbuf->wlength (which excludes the USB TX header),
1494 + likely to compensate a flaw in the AT76C503A USB part ... */
1495 +static inline int at76_calc_padding(int wlen)
1497 + /* add the USB TX header */
1498 + wlen += AT76_TX_HDRLEN;
1506 + return 64 + 50 - wlen;
1511 +/* We are doing a lot of things here in an interrupt. Need
1512 + a bh handler (Watching TV with a TV card is probably
1513 + a good test: if you see flickers, we are doing too much.
1514 + Currently I do see flickers... even with our tasklet :-( )
1515 + Maybe because the bttv driver and usb-uhci use the same interrupt
1517 +/* Or maybe because our BH handler is preempting bttv's BH handler.. BHs don't
1518 + * solve everything.. (alex) */
1519 +static void at76_rx_callback(struct urb *urb)
1521 + struct at76_priv *priv = urb->context;
1523 + priv->rx_tasklet.data = (unsigned long)urb;
1524 + tasklet_schedule(&priv->rx_tasklet);
1528 +static void at76_tx_callback(struct urb *urb)
1530 + struct at76_priv *priv = urb->context;
1531 + struct net_device_stats *stats = &priv->stats;
1532 + unsigned long flags;
1533 + struct at76_tx_buffer *mgmt_buf;
1536 + switch (urb->status) {
1538 + stats->tx_packets++;
1542 + /* urb has been unlinked */
1545 + at76_dbg(DBG_URB, "%s - nonzero tx status received: %d",
1546 + __func__, urb->status);
1547 + stats->tx_errors++;
1551 + spin_lock_irqsave(&priv->mgmt_spinlock, flags);
1552 + mgmt_buf = priv->next_mgmt_bulk;
1553 + priv->next_mgmt_bulk = NULL;
1554 + spin_unlock_irqrestore(&priv->mgmt_spinlock, flags);
1557 + netif_wake_queue(priv->netdev);
1561 + /* we don't copy the padding bytes, but add them
1563 + memcpy(priv->bulk_out_buffer, mgmt_buf,
1564 + le16_to_cpu(mgmt_buf->wlength) + AT76_TX_HDRLEN);
1565 + usb_fill_bulk_urb(priv->tx_urb, priv->udev, priv->tx_pipe,
1566 + priv->bulk_out_buffer,
1567 + le16_to_cpu(mgmt_buf->wlength) + mgmt_buf->padding +
1568 + AT76_TX_HDRLEN, at76_tx_callback, priv);
1569 + ret = usb_submit_urb(priv->tx_urb, GFP_ATOMIC);
1571 + printk(KERN_ERR "%s: error in tx submit urb: %d\n",
1572 + priv->netdev->name, ret);
1577 +/* Send a management frame on bulk-out. txbuf->wlength must be set */
1578 +static int at76_tx_mgmt(struct at76_priv *priv, struct at76_tx_buffer *txbuf)
1580 + unsigned long flags;
1583 + void *oldbuf = NULL;
1585 + netif_carrier_off(priv->netdev); /* stop netdev watchdog */
1586 + netif_stop_queue(priv->netdev); /* stop tx data packets */
1588 + spin_lock_irqsave(&priv->mgmt_spinlock, flags);
1590 + urb_status = priv->tx_urb->status;
1591 + if (urb_status == -EINPROGRESS) {
1592 + /* cannot transmit now, put in the queue */
1593 + oldbuf = priv->next_mgmt_bulk;
1594 + priv->next_mgmt_bulk = txbuf;
1596 + spin_unlock_irqrestore(&priv->mgmt_spinlock, flags);
1599 + /* a data/mgmt tx is already pending in the URB -
1600 + if this is no error in some situations we must
1601 + implement a queue or silently modify the old msg */
1602 + printk(KERN_ERR "%s: removed pending mgmt buffer %s\n",
1603 + priv->netdev->name, hex2str(oldbuf, 64));
1608 + txbuf->tx_rate = TX_RATE_1MBIT;
1609 + txbuf->padding = at76_calc_padding(le16_to_cpu(txbuf->wlength));
1610 + memset(txbuf->reserved, 0, sizeof(txbuf->reserved));
1612 + if (priv->next_mgmt_bulk)
1613 + printk(KERN_ERR "%s: URB status %d, but mgmt is pending\n",
1614 + priv->netdev->name, urb_status);
1616 + at76_dbg(DBG_TX_MGMT,
1617 + "%s: tx mgmt: wlen %d tx_rate %d pad %d %s",
1618 + priv->netdev->name, le16_to_cpu(txbuf->wlength),
1619 + txbuf->tx_rate, txbuf->padding,
1620 + hex2str(txbuf->packet, le16_to_cpu(txbuf->wlength)));
1622 + /* txbuf was not consumed above -> send mgmt msg immediately */
1623 + memcpy(priv->bulk_out_buffer, txbuf,
1624 + le16_to_cpu(txbuf->wlength) + AT76_TX_HDRLEN);
1625 + usb_fill_bulk_urb(priv->tx_urb, priv->udev, priv->tx_pipe,
1626 + priv->bulk_out_buffer,
1627 + le16_to_cpu(txbuf->wlength) + txbuf->padding +
1628 + AT76_TX_HDRLEN, at76_tx_callback, priv);
1629 + ret = usb_submit_urb(priv->tx_urb, GFP_ATOMIC);
1631 + printk(KERN_ERR "%s: error in tx submit urb: %d\n",
1632 + priv->netdev->name, ret);
1639 +/* Go to the next information element */
1640 +static inline void next_ie(struct ieee80211_info_element **ie)
1642 + *ie = (struct ieee80211_info_element *)(&(*ie)->data[(*ie)->len]);
1645 +/* Challenge is the challenge string (in TLV format)
1646 + we got with seq_nr 2 for shared secret authentication only and
1647 + send in seq_nr 3 WEP encrypted to prove we have the correct WEP key;
1648 + otherwise it is NULL */
1649 +static int at76_auth_req(struct at76_priv *priv, struct bss_info *bss,
1650 + int seq_nr, struct ieee80211_info_element *challenge)
1652 + struct at76_tx_buffer *tx_buffer;
1653 + struct ieee80211_hdr_3addr *mgmt;
1654 + struct ieee80211_auth *req;
1655 + int buf_len = (seq_nr != 3 ? AUTH_FRAME_SIZE :
1656 + AUTH_FRAME_SIZE + 1 + 1 + challenge->len);
1659 + BUG_ON(seq_nr == 3 && !challenge);
1660 + tx_buffer = kmalloc(buf_len + MAX_PADDING_SIZE, GFP_ATOMIC);
1664 + req = (struct ieee80211_auth *)tx_buffer->packet;
1665 + mgmt = &req->header;
1667 + /* make wireless header */
1668 + /* first auth msg is not encrypted, only the second (seq_nr == 3) */
1670 + cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH |
1671 + (seq_nr == 3 ? IEEE80211_FCTL_PROTECTED : 0));
1673 + mgmt->duration_id = cpu_to_le16(0x8000);
1674 + memcpy(mgmt->addr1, bss->bssid, ETH_ALEN);
1675 + memcpy(mgmt->addr2, priv->netdev->dev_addr, ETH_ALEN);
1676 + memcpy(mgmt->addr3, bss->bssid, ETH_ALEN);
1677 + mgmt->seq_ctl = cpu_to_le16(0);
1679 + req->algorithm = cpu_to_le16(priv->auth_mode);
1680 + req->transaction = cpu_to_le16(seq_nr);
1681 + req->status = cpu_to_le16(0);
1684 + memcpy(req->info_element, challenge, 1 + 1 + challenge->len);
1686 + /* init. at76_priv tx header */
1687 + tx_buffer->wlength = cpu_to_le16(buf_len - AT76_TX_HDRLEN);
1688 + at76_dbg(DBG_TX_MGMT, "%s: AuthReq bssid %s alg %d seq_nr %d",
1689 + priv->netdev->name, mac2str(mgmt->addr3),
1690 + le16_to_cpu(req->algorithm), le16_to_cpu(req->transaction));
1692 + at76_dbg(DBG_TX_MGMT, "%s: AuthReq challenge: %s ...",
1693 + priv->netdev->name, hex2str(req->info_element, 18));
1695 + /* either send immediately (if no data tx is pending
1696 + or put it in pending list */
1697 + return at76_tx_mgmt(priv, tx_buffer);
1700 +static int at76_assoc_req(struct at76_priv *priv, struct bss_info *bss)
1702 + struct at76_tx_buffer *tx_buffer;
1703 + struct ieee80211_hdr_3addr *mgmt;
1704 + struct ieee80211_assoc_request *req;
1705 + struct ieee80211_info_element *ie;
1712 + tx_buffer = kmalloc(ASSOCREQ_MAX_SIZE + MAX_PADDING_SIZE, GFP_ATOMIC);
1716 + req = (struct ieee80211_assoc_request *)tx_buffer->packet;
1717 + mgmt = &req->header;
1718 + ie = req->info_element;
1720 + /* make wireless header */
1721 + mgmt->frame_ctl = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1722 + IEEE80211_STYPE_ASSOC_REQ);
1724 + mgmt->duration_id = cpu_to_le16(0x8000);
1725 + memcpy(mgmt->addr1, bss->bssid, ETH_ALEN);
1726 + memcpy(mgmt->addr2, priv->netdev->dev_addr, ETH_ALEN);
1727 + memcpy(mgmt->addr3, bss->bssid, ETH_ALEN);
1728 + mgmt->seq_ctl = cpu_to_le16(0);
1730 + /* we must set the Privacy bit in the capabilities to assure an
1731 + Agere-based AP with optional WEP transmits encrypted frames
1732 + to us. AP only set the Privacy bit in their capabilities
1733 + if WEP is mandatory in the BSS! */
1735 + if (priv->wep_enabled)
1736 + capa |= WLAN_CAPABILITY_PRIVACY;
1737 + if (priv->preamble_type != PREAMBLE_TYPE_LONG)
1738 + capa |= WLAN_CAPABILITY_SHORT_PREAMBLE;
1739 + req->capability = cpu_to_le16(capa);
1741 + req->listen_interval = cpu_to_le16(2 * bss->beacon_interval);
1743 + /* write TLV data elements */
1745 + ie->id = MFIE_TYPE_SSID;
1746 + ie->len = bss->ssid_len;
1747 + memcpy(ie->data, bss->ssid, bss->ssid_len);
1750 + ie->id = MFIE_TYPE_RATES;
1751 + ie->len = sizeof(hw_rates);
1752 + memcpy(ie->data, hw_rates, sizeof(hw_rates));
1753 + next_ie(&ie); /* ie points behind the supp_rates field */
1755 + /* init. at76_priv tx header */
1756 + tx_buffer->wlength = cpu_to_le16((u8 *)ie - (u8 *)mgmt);
1758 + ie = req->info_element;
1760 + essid_len = min_t(int, IW_ESSID_MAX_SIZE, ie->len);
1762 + next_ie(&ie); /* points to IE of rates now */
1763 + at76_dbg(DBG_TX_MGMT,
1764 + "%s: AssocReq bssid %s capa 0x%04x ssid %.*s rates %s",
1765 + priv->netdev->name, mac2str(mgmt->addr3),
1766 + le16_to_cpu(req->capability), essid_len, essid,
1767 + hex2str(ie->data, ie->len));
1769 + /* either send immediately (if no data tx is pending
1770 + or put it in pending list */
1771 + return at76_tx_mgmt(priv, tx_buffer);
1774 +/* We got to check the bss_list for old entries */
1775 +static void at76_bss_list_timeout(unsigned long par)
1777 + struct at76_priv *priv = (struct at76_priv *)par;
1778 + unsigned long flags;
1779 + struct list_head *lptr, *nptr;
1780 + struct bss_info *ptr;
1782 + spin_lock_irqsave(&priv->bss_list_spinlock, flags);
1784 + list_for_each_safe(lptr, nptr, &priv->bss_list) {
1786 + ptr = list_entry(lptr, struct bss_info, list);
1788 + if (ptr != priv->curr_bss
1789 + && time_after(jiffies, ptr->last_rx + BSS_LIST_TIMEOUT)) {
1790 + at76_dbg(DBG_BSS_TABLE_RM,
1791 + "%s: bss_list: removing old BSS %s ch %d",
1792 + priv->netdev->name, mac2str(ptr->bssid),
1794 + list_del(&ptr->list);
1798 + spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
1799 + /* restart the timer */
1800 + mod_timer(&priv->bss_list_timer, jiffies + BSS_LIST_TIMEOUT);
1803 +static inline void at76_set_mac_state(struct at76_priv *priv,
1804 + enum mac_state mac_state)
1806 + at76_dbg(DBG_MAC_STATE, "%s state: %s", priv->netdev->name,
1807 + mac_states[mac_state]);
1808 + priv->mac_state = mac_state;
1811 +static void at76_dump_bss_table(struct at76_priv *priv)
1813 + struct bss_info *ptr;
1814 + unsigned long flags;
1815 + struct list_head *lptr;
1817 + spin_lock_irqsave(&priv->bss_list_spinlock, flags);
1819 + at76_dbg(DBG_BSS_TABLE, "%s BSS table (curr=%p):", priv->netdev->name,
1822 + list_for_each(lptr, &priv->bss_list) {
1823 + ptr = list_entry(lptr, struct bss_info, list);
1824 + at76_dbg(DBG_BSS_TABLE, "0x%p: bssid %s channel %d ssid %.*s "
1825 + "(%s) capa 0x%04x rates %s rssi %d link %d noise %d",
1826 + ptr, mac2str(ptr->bssid), ptr->channel, ptr->ssid_len,
1827 + ptr->ssid, hex2str(ptr->ssid, ptr->ssid_len),
1828 + ptr->capa, hex2str(ptr->rates, ptr->rates_len),
1829 + ptr->rssi, ptr->link_qual, ptr->noise_level);
1831 + spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
1834 +/* Called upon successful association to mark interface as connected */
1835 +static void at76_work_assoc_done(struct work_struct *work)
1837 + struct at76_priv *priv = container_of(work, struct at76_priv,
1840 + mutex_lock(&priv->mtx);
1842 + WARN_ON(priv->mac_state != MAC_ASSOC);
1843 + WARN_ON(!priv->curr_bss);
1844 + if (priv->mac_state != MAC_ASSOC || !priv->curr_bss)
1847 + if (priv->iw_mode == IW_MODE_INFRA) {
1848 + if (priv->pm_mode != AT76_PM_OFF) {
1849 + /* calculate the listen interval in units of
1850 + beacon intervals of the curr_bss */
1851 + u32 pm_period_beacon = (priv->pm_period >> 10) /
1852 + priv->curr_bss->beacon_interval;
1854 + pm_period_beacon = max(pm_period_beacon, 2u);
1855 + pm_period_beacon = min(pm_period_beacon, 0xffffu);
1858 + "%s: pm_mode %d assoc id 0x%x listen int %d",
1859 + priv->netdev->name, priv->pm_mode,
1860 + priv->assoc_id, pm_period_beacon);
1862 + at76_set_associd(priv, priv->assoc_id);
1863 + at76_set_listen_interval(priv, (u16)pm_period_beacon);
1865 + schedule_delayed_work(&priv->dwork_beacon, BEACON_TIMEOUT);
1867 + at76_set_pm_mode(priv);
1869 + netif_carrier_on(priv->netdev);
1870 + netif_wake_queue(priv->netdev);
1871 + at76_set_mac_state(priv, MAC_CONNECTED);
1872 + at76_iwevent_bss_connect(priv->netdev, priv->curr_bss->bssid);
1873 + at76_dbg(DBG_PROGRESS, "%s: connected to BSSID %s",
1874 + priv->netdev->name, mac2str(priv->curr_bss->bssid));
1877 + mutex_unlock(&priv->mtx);
1880 +/* We only store the new mac address in netdev struct,
1881 + it gets set when the netdev is opened. */
1882 +static int at76_set_mac_address(struct net_device *netdev, void *addr)
1884 + struct sockaddr *mac = addr;
1885 + memcpy(netdev->dev_addr, mac->sa_data, ETH_ALEN);
1889 +static struct net_device_stats *at76_get_stats(struct net_device *netdev)
1891 + struct at76_priv *priv = netdev_priv(netdev);
1892 + return &priv->stats;
1895 +static struct iw_statistics *at76_get_wireless_stats(struct net_device *netdev)
1897 + struct at76_priv *priv = netdev_priv(netdev);
1899 + at76_dbg(DBG_IOCTL, "RETURN qual %d level %d noise %d updated %d",
1900 + priv->wstats.qual.qual, priv->wstats.qual.level,
1901 + priv->wstats.qual.noise, priv->wstats.qual.updated);
1903 + return &priv->wstats;
1906 +static void at76_set_multicast(struct net_device *netdev)
1908 + struct at76_priv *priv = netdev_priv(netdev);
1911 + promisc = ((netdev->flags & IFF_PROMISC) != 0);
1912 + if (promisc != priv->promisc) {
1913 + /* This gets called in interrupt, must reschedule */
1914 + priv->promisc = promisc;
1915 + schedule_work(&priv->work_set_promisc);
1919 +/* Stop all network activity, flush all pending tasks */
1920 +static void at76_quiesce(struct at76_priv *priv)
1922 + unsigned long flags;
1924 + netif_stop_queue(priv->netdev);
1925 + netif_carrier_off(priv->netdev);
1927 + at76_set_mac_state(priv, MAC_INIT);
1929 + cancel_delayed_work(&priv->dwork_get_scan);
1930 + cancel_delayed_work(&priv->dwork_beacon);
1931 + cancel_delayed_work(&priv->dwork_auth);
1932 + cancel_delayed_work(&priv->dwork_assoc);
1933 + cancel_delayed_work(&priv->dwork_restart);
1935 + spin_lock_irqsave(&priv->mgmt_spinlock, flags);
1936 + kfree(priv->next_mgmt_bulk);
1937 + priv->next_mgmt_bulk = NULL;
1938 + spin_unlock_irqrestore(&priv->mgmt_spinlock, flags);
1941 +/*******************************************************************************
1942 + * at76_priv implementations of iw_handler functions:
1944 +static int at76_iw_handler_commit(struct net_device *netdev,
1945 + struct iw_request_info *info,
1946 + void *null, char *extra)
1948 + struct at76_priv *priv = netdev_priv(netdev);
1950 + at76_dbg(DBG_IOCTL, "%s %s: restarting the device", netdev->name,
1953 + if (priv->mac_state != MAC_INIT)
1954 + at76_quiesce(priv);
1956 + /* Wait half second before the restart to process subsequent
1957 + * requests from the same iwconfig in a single restart */
1958 + schedule_delayed_work(&priv->dwork_restart, HZ / 2);
1963 +static int at76_iw_handler_get_name(struct net_device *netdev,
1964 + struct iw_request_info *info,
1965 + char *name, char *extra)
1967 + strcpy(name, "IEEE 802.11b");
1968 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWNAME - name %s", netdev->name, name);
1972 +static int at76_iw_handler_set_freq(struct net_device *netdev,
1973 + struct iw_request_info *info,
1974 + struct iw_freq *freq, char *extra)
1976 + struct at76_priv *priv = netdev_priv(netdev);
1978 + int ret = -EIWCOMMIT;
1979 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWFREQ - freq.m %d freq.e %d",
1980 + netdev->name, freq->m, freq->e);
1982 + if ((freq->e == 0) && (freq->m <= 1000))
1983 + /* Setting by channel number */
1986 + /* Setting by frequency - search the table */
1990 + for (i = 0; i < (6 - freq->e); i++)
1993 + for (i = 0; i < NUM_CHANNELS; i++) {
1994 + if (freq->m == (channel_frequency[i] * mult))
1999 + if (chan < 1 || !priv->domain)
2000 + /* non-positive channels are invalid
2001 + * we need a domain info to set the channel
2002 + * either that or an invalid frequency was
2003 + * provided by the user */
2005 + else if (!(priv->domain->channel_map & (1 << (chan - 1)))) {
2006 + printk(KERN_INFO "%s: channel %d not allowed for domain %s\n",
2007 + priv->netdev->name, chan, priv->domain->name);
2011 + if (ret == -EIWCOMMIT) {
2012 + priv->channel = chan;
2013 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWFREQ - ch %d", netdev->name,
2020 +static int at76_iw_handler_get_freq(struct net_device *netdev,
2021 + struct iw_request_info *info,
2022 + struct iw_freq *freq, char *extra)
2024 + struct at76_priv *priv = netdev_priv(netdev);
2026 + freq->m = priv->channel;
2029 + if (priv->channel)
2030 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWFREQ - freq %ld x 10e%d",
2031 + netdev->name, channel_frequency[priv->channel - 1], 6);
2033 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWFREQ - ch %d", netdev->name,
2039 +static int at76_iw_handler_set_mode(struct net_device *netdev,
2040 + struct iw_request_info *info,
2041 + __u32 *mode, char *extra)
2043 + struct at76_priv *priv = netdev_priv(netdev);
2045 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWMODE - %d", netdev->name, *mode);
2047 + if ((*mode != IW_MODE_ADHOC) && (*mode != IW_MODE_INFRA) &&
2048 + (*mode != IW_MODE_MONITOR))
2051 + priv->iw_mode = *mode;
2052 + if (priv->iw_mode != IW_MODE_INFRA)
2053 + priv->pm_mode = AT76_PM_OFF;
2055 + return -EIWCOMMIT;
2058 +static int at76_iw_handler_get_mode(struct net_device *netdev,
2059 + struct iw_request_info *info,
2060 + __u32 *mode, char *extra)
2062 + struct at76_priv *priv = netdev_priv(netdev);
2064 + *mode = priv->iw_mode;
2066 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWMODE - %d", netdev->name, *mode);
2071 +static int at76_iw_handler_get_range(struct net_device *netdev,
2072 + struct iw_request_info *info,
2073 + struct iw_point *data, char *extra)
2075 + /* inspired by atmel.c */
2076 + struct at76_priv *priv = netdev_priv(netdev);
2077 + struct iw_range *range = (struct iw_range *)extra;
2080 + data->length = sizeof(struct iw_range);
2081 + memset(range, 0, sizeof(struct iw_range));
2083 + /* TODO: range->throughput = xxxxxx; */
2085 + range->min_nwid = 0x0000;
2086 + range->max_nwid = 0x0000;
2088 + /* this driver doesn't maintain sensitivity information */
2089 + range->sensitivity = 0;
2091 + range->max_qual.qual = 100;
2092 + range->max_qual.level = 100;
2093 + range->max_qual.noise = 0;
2094 + range->max_qual.updated = IW_QUAL_NOISE_INVALID;
2096 + range->avg_qual.qual = 50;
2097 + range->avg_qual.level = 50;
2098 + range->avg_qual.noise = 0;
2099 + range->avg_qual.updated = IW_QUAL_NOISE_INVALID;
2101 + range->bitrate[0] = 1000000;
2102 + range->bitrate[1] = 2000000;
2103 + range->bitrate[2] = 5500000;
2104 + range->bitrate[3] = 11000000;
2105 + range->num_bitrates = 4;
2107 + range->min_rts = 0;
2108 + range->max_rts = MAX_RTS_THRESHOLD;
2110 + range->min_frag = MIN_FRAG_THRESHOLD;
2111 + range->max_frag = MAX_FRAG_THRESHOLD;
2113 + range->pmp_flags = IW_POWER_PERIOD;
2114 + range->pmt_flags = IW_POWER_ON;
2115 + range->pm_capa = IW_POWER_PERIOD | IW_POWER_ALL_R;
2117 + range->encoding_size[0] = WEP_SMALL_KEY_LEN;
2118 + range->encoding_size[1] = WEP_LARGE_KEY_LEN;
2119 + range->num_encoding_sizes = 2;
2120 + range->max_encoding_tokens = WEP_KEYS;
2122 + /* both WL-240U and Linksys WUSB11 v2.6 specify 15 dBm as output power
2123 + - take this for all (ignore antenna gains) */
2124 + range->txpower[0] = 15;
2125 + range->num_txpower = 1;
2126 + range->txpower_capa = IW_TXPOW_DBM;
2128 + range->we_version_source = WIRELESS_EXT;
2129 + range->we_version_compiled = WIRELESS_EXT;
2131 + /* same as the values used in atmel.c */
2132 + range->retry_capa = IW_RETRY_LIMIT;
2133 + range->retry_flags = IW_RETRY_LIMIT;
2134 + range->r_time_flags = 0;
2135 + range->min_retry = 1;
2136 + range->max_retry = 255;
2138 + range->num_channels = NUM_CHANNELS;
2139 + range->num_frequency = 0;
2141 + for (i = 0; i < NUM_CHANNELS; i++) {
2142 + /* test if channel map bit is raised */
2143 + if (priv->domain->channel_map & (0x1 << i)) {
2144 + range->num_frequency += 1;
2146 + range->freq[i].i = i + 1;
2147 + range->freq[i].m = channel_frequency[i] * 100000;
2148 + range->freq[i].e = 1; /* freq * 10^1 */
2152 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWRANGE", netdev->name);
2157 +static int at76_iw_handler_set_spy(struct net_device *netdev,
2158 + struct iw_request_info *info,
2159 + struct iw_point *data, char *extra)
2161 + struct at76_priv *priv = netdev_priv(netdev);
2164 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWSPY - number of addresses %d",
2165 + netdev->name, data->length);
2167 + spin_lock_bh(&priv->spy_spinlock);
2168 + ret = iw_handler_set_spy(priv->netdev, info, (union iwreq_data *)data,
2170 + spin_unlock_bh(&priv->spy_spinlock);
2175 +static int at76_iw_handler_get_spy(struct net_device *netdev,
2176 + struct iw_request_info *info,
2177 + struct iw_point *data, char *extra)
2180 + struct at76_priv *priv = netdev_priv(netdev);
2183 + spin_lock_bh(&priv->spy_spinlock);
2184 + ret = iw_handler_get_spy(priv->netdev, info,
2185 + (union iwreq_data *)data, extra);
2186 + spin_unlock_bh(&priv->spy_spinlock);
2188 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWSPY - number of addresses %d",
2189 + netdev->name, data->length);
2194 +static int at76_iw_handler_set_thrspy(struct net_device *netdev,
2195 + struct iw_request_info *info,
2196 + struct iw_point *data, char *extra)
2198 + struct at76_priv *priv = netdev_priv(netdev);
2201 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWTHRSPY - number of addresses %d)",
2202 + netdev->name, data->length);
2204 + spin_lock_bh(&priv->spy_spinlock);
2205 + ret = iw_handler_set_thrspy(netdev, info, (union iwreq_data *)data,
2207 + spin_unlock_bh(&priv->spy_spinlock);
2212 +static int at76_iw_handler_get_thrspy(struct net_device *netdev,
2213 + struct iw_request_info *info,
2214 + struct iw_point *data, char *extra)
2216 + struct at76_priv *priv = netdev_priv(netdev);
2219 + spin_lock_bh(&priv->spy_spinlock);
2220 + ret = iw_handler_get_thrspy(netdev, info, (union iwreq_data *)data,
2222 + spin_unlock_bh(&priv->spy_spinlock);
2224 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWTHRSPY - number of addresses %d)",
2225 + netdev->name, data->length);
2230 +static int at76_iw_handler_set_wap(struct net_device *netdev,
2231 + struct iw_request_info *info,
2232 + struct sockaddr *ap_addr, char *extra)
2234 + struct at76_priv *priv = netdev_priv(netdev);
2236 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWAP - wap/bssid %s", netdev->name,
2237 + mac2str(ap_addr->sa_data));
2239 + /* if the incoming address == ff:ff:ff:ff:ff:ff, the user has
2240 + chosen any or auto AP preference */
2241 + if (is_broadcast_ether_addr(ap_addr->sa_data)
2242 + || is_zero_ether_addr(ap_addr->sa_data))
2243 + priv->wanted_bssid_valid = 0;
2245 + /* user wants to set a preferred AP address */
2246 + priv->wanted_bssid_valid = 1;
2247 + memcpy(priv->wanted_bssid, ap_addr->sa_data, ETH_ALEN);
2250 + return -EIWCOMMIT;
2253 +static int at76_iw_handler_get_wap(struct net_device *netdev,
2254 + struct iw_request_info *info,
2255 + struct sockaddr *ap_addr, char *extra)
2257 + struct at76_priv *priv = netdev_priv(netdev);
2259 + ap_addr->sa_family = ARPHRD_ETHER;
2260 + memcpy(ap_addr->sa_data, priv->bssid, ETH_ALEN);
2262 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWAP - wap/bssid %s", netdev->name,
2263 + mac2str(ap_addr->sa_data));
2268 +static int at76_iw_handler_set_scan(struct net_device *netdev,
2269 + struct iw_request_info *info,
2270 + union iwreq_data *wrqu, char *extra)
2272 + struct at76_priv *priv = netdev_priv(netdev);
2275 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWSCAN", netdev->name);
2277 + if (mutex_lock_interruptible(&priv->mtx))
2280 + if (!netif_running(netdev)) {
2285 + /* jal: we don't allow "iwlist ethX scan" while we are
2286 + in monitor mode */
2287 + if (priv->iw_mode == IW_MODE_MONITOR) {
2292 + /* Discard old scan results */
2293 + if ((jiffies - priv->last_scan) > (20 * HZ))
2294 + priv->scan_state = SCAN_IDLE;
2295 + priv->last_scan = jiffies;
2297 + /* Initiate a scan command */
2298 + if (priv->scan_state == SCAN_IN_PROGRESS) {
2303 + priv->scan_state = SCAN_IN_PROGRESS;
2305 + at76_quiesce(priv);
2307 + /* Try to do passive or active scan if WE asks as. */
2308 + if (wrqu->data.length
2309 + && wrqu->data.length == sizeof(struct iw_scan_req)) {
2310 + struct iw_scan_req *req = (struct iw_scan_req *)extra;
2312 + if (req->scan_type == IW_SCAN_TYPE_PASSIVE)
2313 + priv->scan_mode = SCAN_TYPE_PASSIVE;
2314 + else if (req->scan_type == IW_SCAN_TYPE_ACTIVE)
2315 + priv->scan_mode = SCAN_TYPE_ACTIVE;
2317 + /* Sanity check values? */
2318 + if (req->min_channel_time > 0)
2319 + priv->scan_min_time = req->min_channel_time;
2321 + if (req->max_channel_time > 0)
2322 + priv->scan_max_time = req->max_channel_time;
2325 + /* change to scanning state */
2326 + at76_set_mac_state(priv, MAC_SCANNING);
2327 + schedule_work(&priv->work_start_scan);
2330 + mutex_unlock(&priv->mtx);
2334 +static int at76_iw_handler_get_scan(struct net_device *netdev,
2335 + struct iw_request_info *info,
2336 + struct iw_point *data, char *extra)
2338 + struct at76_priv *priv = netdev_priv(netdev);
2339 + unsigned long flags;
2340 + struct list_head *lptr, *nptr;
2341 + struct bss_info *curr_bss;
2342 + struct iw_event *iwe = kmalloc(sizeof(struct iw_event), GFP_KERNEL);
2343 + char *curr_val, *curr_pos = extra;
2346 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWSCAN", netdev->name);
2351 + if (priv->scan_state != SCAN_COMPLETED)
2352 + /* scan not yet finished */
2355 + spin_lock_irqsave(&priv->bss_list_spinlock, flags);
2357 + list_for_each_safe(lptr, nptr, &priv->bss_list) {
2358 + curr_bss = list_entry(lptr, struct bss_info, list);
2360 + iwe->cmd = SIOCGIWAP;
2361 + iwe->u.ap_addr.sa_family = ARPHRD_ETHER;
2362 + memcpy(iwe->u.ap_addr.sa_data, curr_bss->bssid, 6);
2363 + curr_pos = iwe_stream_add_event(info, curr_pos,
2364 + extra + IW_SCAN_MAX_DATA, iwe,
2367 + iwe->u.data.length = curr_bss->ssid_len;
2368 + iwe->cmd = SIOCGIWESSID;
2369 + iwe->u.data.flags = 1;
2371 + curr_pos = iwe_stream_add_point(info, curr_pos,
2372 + extra + IW_SCAN_MAX_DATA, iwe,
2375 + iwe->cmd = SIOCGIWMODE;
2376 + iwe->u.mode = (curr_bss->capa & WLAN_CAPABILITY_IBSS) ?
2378 + (curr_bss->capa & WLAN_CAPABILITY_ESS) ?
2379 + IW_MODE_MASTER : IW_MODE_AUTO;
2380 + /* IW_MODE_AUTO = 0 which I thought is
2381 + * the most logical value to return in this case */
2382 + curr_pos = iwe_stream_add_event(info, curr_pos,
2383 + extra + IW_SCAN_MAX_DATA, iwe,
2386 + iwe->cmd = SIOCGIWFREQ;
2387 + iwe->u.freq.m = curr_bss->channel;
2388 + iwe->u.freq.e = 0;
2389 + curr_pos = iwe_stream_add_event(info, curr_pos,
2390 + extra + IW_SCAN_MAX_DATA, iwe,
2393 + iwe->cmd = SIOCGIWENCODE;
2394 + if (curr_bss->capa & WLAN_CAPABILITY_PRIVACY)
2395 + iwe->u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2397 + iwe->u.data.flags = IW_ENCODE_DISABLED;
2399 + iwe->u.data.length = 0;
2400 + curr_pos = iwe_stream_add_point(info, curr_pos,
2401 + extra + IW_SCAN_MAX_DATA, iwe,
2404 + /* Add quality statistics */
2405 + iwe->cmd = IWEVQUAL;
2406 + iwe->u.qual.noise = 0;
2407 + iwe->u.qual.updated =
2408 + IW_QUAL_NOISE_INVALID | IW_QUAL_LEVEL_UPDATED;
2409 + iwe->u.qual.level = (curr_bss->rssi * 100 / 42);
2410 + if (iwe->u.qual.level > 100)
2411 + iwe->u.qual.level = 100;
2412 + if (at76_is_intersil(priv->board_type))
2413 + iwe->u.qual.qual = curr_bss->link_qual;
2415 + iwe->u.qual.qual = 0;
2416 + iwe->u.qual.updated |= IW_QUAL_QUAL_INVALID;
2418 + /* Add new value to event */
2419 + curr_pos = iwe_stream_add_event(info, curr_pos,
2420 + extra + IW_SCAN_MAX_DATA, iwe,
2423 + /* Rate: stuffing multiple values in a single event requires
2424 + * a bit more of magic - Jean II */
2425 + curr_val = curr_pos + IW_EV_LCP_LEN;
2427 + iwe->cmd = SIOCGIWRATE;
2428 + /* Those two flags are ignored... */
2429 + iwe->u.bitrate.fixed = 0;
2430 + iwe->u.bitrate.disabled = 0;
2431 + /* Max 8 values */
2432 + for (i = 0; i < curr_bss->rates_len; i++) {
2433 + /* Bit rate given in 500 kb/s units (+ 0x80) */
2434 + iwe->u.bitrate.value =
2435 + ((curr_bss->rates[i] & 0x7f) * 500000);
2436 + /* Add new value to event */
2437 + curr_val = iwe_stream_add_value(info, curr_pos,
2440 + IW_SCAN_MAX_DATA, iwe,
2444 + /* Check if we added any event */
2445 + if ((curr_val - curr_pos) > IW_EV_LCP_LEN)
2446 + curr_pos = curr_val;
2448 + /* more information may be sent back using IWECUSTOM */
2452 + spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
2454 + data->length = (curr_pos - extra);
2461 +static int at76_iw_handler_set_essid(struct net_device *netdev,
2462 + struct iw_request_info *info,
2463 + struct iw_point *data, char *extra)
2465 + struct at76_priv *priv = netdev_priv(netdev);
2467 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWESSID - %s", netdev->name, extra);
2469 + if (data->flags) {
2470 + memcpy(priv->essid, extra, data->length);
2471 + priv->essid_size = data->length;
2473 + priv->essid_size = 0; /* Use any SSID */
2475 + return -EIWCOMMIT;
2478 +static int at76_iw_handler_get_essid(struct net_device *netdev,
2479 + struct iw_request_info *info,
2480 + struct iw_point *data, char *extra)
2482 + struct at76_priv *priv = netdev_priv(netdev);
2484 + if (priv->essid_size) {
2485 + /* not the ANY ssid in priv->essid */
2487 + data->length = priv->essid_size;
2488 + memcpy(extra, priv->essid, data->length);
2490 + /* the ANY ssid was specified */
2491 + if (priv->mac_state == MAC_CONNECTED && priv->curr_bss) {
2492 + /* report the SSID we have found */
2494 + data->length = priv->curr_bss->ssid_len;
2495 + memcpy(extra, priv->curr_bss->ssid, data->length);
2497 + /* report ANY back */
2503 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWESSID - %.*s", netdev->name,
2504 + data->length, extra);
2509 +static int at76_iw_handler_set_rate(struct net_device *netdev,
2510 + struct iw_request_info *info,
2511 + struct iw_param *bitrate, char *extra)
2513 + struct at76_priv *priv = netdev_priv(netdev);
2514 + int ret = -EIWCOMMIT;
2516 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWRATE - %d", netdev->name,
2519 + switch (bitrate->value) {
2521 + priv->txrate = TX_RATE_AUTO;
2522 + break; /* auto rate */
2524 + priv->txrate = TX_RATE_1MBIT;
2527 + priv->txrate = TX_RATE_2MBIT;
2530 + priv->txrate = TX_RATE_5_5MBIT;
2533 + priv->txrate = TX_RATE_11MBIT;
2542 +static int at76_iw_handler_get_rate(struct net_device *netdev,
2543 + struct iw_request_info *info,
2544 + struct iw_param *bitrate, char *extra)
2546 + struct at76_priv *priv = netdev_priv(netdev);
2549 + switch (priv->txrate) {
2550 + /* return max rate if RATE_AUTO */
2551 + case TX_RATE_AUTO:
2552 + bitrate->value = 11000000;
2554 + case TX_RATE_1MBIT:
2555 + bitrate->value = 1000000;
2557 + case TX_RATE_2MBIT:
2558 + bitrate->value = 2000000;
2560 + case TX_RATE_5_5MBIT:
2561 + bitrate->value = 5500000;
2563 + case TX_RATE_11MBIT:
2564 + bitrate->value = 11000000;
2570 + bitrate->fixed = (priv->txrate != TX_RATE_AUTO);
2571 + bitrate->disabled = 0;
2573 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWRATE - %d", netdev->name,
2579 +static int at76_iw_handler_set_rts(struct net_device *netdev,
2580 + struct iw_request_info *info,
2581 + struct iw_param *rts, char *extra)
2583 + struct at76_priv *priv = netdev_priv(netdev);
2584 + int ret = -EIWCOMMIT;
2585 + int rthr = rts->value;
2587 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWRTS - value %d disabled %s",
2588 + netdev->name, rts->value, (rts->disabled) ? "true" : "false");
2590 + if (rts->disabled)
2591 + rthr = MAX_RTS_THRESHOLD;
2593 + if ((rthr < 0) || (rthr > MAX_RTS_THRESHOLD))
2596 + priv->rts_threshold = rthr;
2601 +static int at76_iw_handler_get_rts(struct net_device *netdev,
2602 + struct iw_request_info *info,
2603 + struct iw_param *rts, char *extra)
2605 + struct at76_priv *priv = netdev_priv(netdev);
2607 + rts->value = priv->rts_threshold;
2608 + rts->disabled = (rts->value >= MAX_RTS_THRESHOLD);
2611 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWRTS - value %d disabled %s",
2612 + netdev->name, rts->value, (rts->disabled) ? "true" : "false");
2617 +static int at76_iw_handler_set_frag(struct net_device *netdev,
2618 + struct iw_request_info *info,
2619 + struct iw_param *frag, char *extra)
2621 + struct at76_priv *priv = netdev_priv(netdev);
2622 + int ret = -EIWCOMMIT;
2623 + int fthr = frag->value;
2625 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWFRAG - value %d, disabled %s",
2626 + netdev->name, frag->value,
2627 + (frag->disabled) ? "true" : "false");
2629 + if (frag->disabled)
2630 + fthr = MAX_FRAG_THRESHOLD;
2632 + if ((fthr < MIN_FRAG_THRESHOLD) || (fthr > MAX_FRAG_THRESHOLD))
2635 + priv->frag_threshold = fthr & ~0x1; /* get an even value */
2640 +static int at76_iw_handler_get_frag(struct net_device *netdev,
2641 + struct iw_request_info *info,
2642 + struct iw_param *frag, char *extra)
2644 + struct at76_priv *priv = netdev_priv(netdev);
2646 + frag->value = priv->frag_threshold;
2647 + frag->disabled = (frag->value >= MAX_FRAG_THRESHOLD);
2650 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWFRAG - value %d, disabled %s",
2651 + netdev->name, frag->value,
2652 + (frag->disabled) ? "true" : "false");
2657 +static int at76_iw_handler_get_txpow(struct net_device *netdev,
2658 + struct iw_request_info *info,
2659 + struct iw_param *power, char *extra)
2661 + power->value = 15;
2662 + power->fixed = 1; /* No power control */
2663 + power->disabled = 0;
2664 + power->flags = IW_TXPOW_DBM;
2666 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWTXPOW - txpow %d dBm", netdev->name,
2672 +/* jal: short retry is handled by the firmware (at least 0.90.x),
2673 + while long retry is not (?) */
2674 +static int at76_iw_handler_set_retry(struct net_device *netdev,
2675 + struct iw_request_info *info,
2676 + struct iw_param *retry, char *extra)
2678 + struct at76_priv *priv = netdev_priv(netdev);
2679 + int ret = -EIWCOMMIT;
2681 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWRETRY disabled %d flags 0x%x val %d",
2682 + netdev->name, retry->disabled, retry->flags, retry->value);
2684 + if (!retry->disabled && (retry->flags & IW_RETRY_LIMIT)) {
2685 + if ((retry->flags & IW_RETRY_MIN) ||
2686 + !(retry->flags & IW_RETRY_MAX))
2687 + priv->short_retry_limit = retry->value;
2696 +/* Adapted (ripped) from atmel.c */
2697 +static int at76_iw_handler_get_retry(struct net_device *netdev,
2698 + struct iw_request_info *info,
2699 + struct iw_param *retry, char *extra)
2701 + struct at76_priv *priv = netdev_priv(netdev);
2703 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWRETRY", netdev->name);
2705 + retry->disabled = 0; /* Can't be disabled */
2706 + retry->flags = IW_RETRY_LIMIT;
2707 + retry->value = priv->short_retry_limit;
2712 +static int at76_iw_handler_set_encode(struct net_device *netdev,
2713 + struct iw_request_info *info,
2714 + struct iw_point *encoding, char *extra)
2716 + struct at76_priv *priv = netdev_priv(netdev);
2717 + int index = (encoding->flags & IW_ENCODE_INDEX) - 1;
2718 + int len = encoding->length;
2720 + at76_dbg(DBG_IOCTL, "%s: SIOCSIWENCODE - enc.flags %08x "
2721 + "pointer %p len %d", netdev->name, encoding->flags,
2722 + encoding->pointer, encoding->length);
2723 + at76_dbg(DBG_IOCTL,
2724 + "%s: SIOCSIWENCODE - old wepstate: enabled %s key_id %d "
2725 + "auth_mode %s", netdev->name,
2726 + (priv->wep_enabled) ? "true" : "false", priv->wep_key_id,
2727 + (priv->auth_mode ==
2728 + WLAN_AUTH_SHARED_KEY) ? "restricted" : "open");
2730 + /* take the old default key if index is invalid */
2731 + if ((index < 0) || (index >= WEP_KEYS))
2732 + index = priv->wep_key_id;
2735 + if (len > WEP_LARGE_KEY_LEN)
2736 + len = WEP_LARGE_KEY_LEN;
2738 + memset(priv->wep_keys[index], 0, WEP_KEY_LEN);
2739 + memcpy(priv->wep_keys[index], extra, len);
2740 + priv->wep_keys_len[index] = (len <= WEP_SMALL_KEY_LEN) ?
2741 + WEP_SMALL_KEY_LEN : WEP_LARGE_KEY_LEN;
2742 + priv->wep_enabled = 1;
2745 + priv->wep_key_id = index;
2746 + priv->wep_enabled = ((encoding->flags & IW_ENCODE_DISABLED) == 0);
2748 + if (encoding->flags & IW_ENCODE_RESTRICTED)
2749 + priv->auth_mode = WLAN_AUTH_SHARED_KEY;
2750 + if (encoding->flags & IW_ENCODE_OPEN)
2751 + priv->auth_mode = WLAN_AUTH_OPEN;
2753 + at76_dbg(DBG_IOCTL,
2754 + "%s: SIOCSIWENCODE - new wepstate: enabled %s key_id %d "
2755 + "key_len %d auth_mode %s", netdev->name,
2756 + (priv->wep_enabled) ? "true" : "false", priv->wep_key_id + 1,
2757 + priv->wep_keys_len[priv->wep_key_id],
2758 + (priv->auth_mode ==
2759 + WLAN_AUTH_SHARED_KEY) ? "restricted" : "open");
2761 + return -EIWCOMMIT;
2764 +static int at76_iw_handler_get_encode(struct net_device *netdev,
2765 + struct iw_request_info *info,
2766 + struct iw_point *encoding, char *extra)
2768 + struct at76_priv *priv = netdev_priv(netdev);
2769 + int index = (encoding->flags & IW_ENCODE_INDEX) - 1;
2771 + if ((index < 0) || (index >= WEP_KEYS))
2772 + index = priv->wep_key_id;
2775 + (priv->auth_mode == WLAN_AUTH_SHARED_KEY) ?
2776 + IW_ENCODE_RESTRICTED : IW_ENCODE_OPEN;
2778 + if (!priv->wep_enabled)
2779 + encoding->flags |= IW_ENCODE_DISABLED;
2781 + if (encoding->pointer) {
2782 + encoding->length = priv->wep_keys_len[index];
2784 + memcpy(extra, priv->wep_keys[index], priv->wep_keys_len[index]);
2786 + encoding->flags |= (index + 1);
2789 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWENCODE - enc.flags %08x "
2790 + "pointer %p len %d", netdev->name, encoding->flags,
2791 + encoding->pointer, encoding->length);
2792 + at76_dbg(DBG_IOCTL,
2793 + "%s: SIOCGIWENCODE - wepstate: enabled %s key_id %d "
2794 + "key_len %d auth_mode %s", netdev->name,
2795 + (priv->wep_enabled) ? "true" : "false", priv->wep_key_id + 1,
2796 + priv->wep_keys_len[priv->wep_key_id],
2797 + (priv->auth_mode ==
2798 + WLAN_AUTH_SHARED_KEY) ? "restricted" : "open");
2803 +static int at76_iw_handler_set_power(struct net_device *netdev,
2804 + struct iw_request_info *info,
2805 + struct iw_param *prq, char *extra)
2807 + int err = -EIWCOMMIT;
2808 + struct at76_priv *priv = netdev_priv(netdev);
2810 + at76_dbg(DBG_IOCTL,
2811 + "%s: SIOCSIWPOWER - disabled %s flags 0x%x value 0x%x",
2812 + netdev->name, (prq->disabled) ? "true" : "false", prq->flags,
2815 + if (prq->disabled)
2816 + priv->pm_mode = AT76_PM_OFF;
2818 + switch (prq->flags & IW_POWER_MODE) {
2819 + case IW_POWER_ALL_R:
2826 + if (prq->flags & IW_POWER_PERIOD)
2827 + priv->pm_period = prq->value;
2829 + if (prq->flags & IW_POWER_TIMEOUT) {
2833 + priv->pm_mode = AT76_PM_ON;
2839 +static int at76_iw_handler_get_power(struct net_device *netdev,
2840 + struct iw_request_info *info,
2841 + struct iw_param *power, char *extra)
2843 + struct at76_priv *priv = netdev_priv(netdev);
2845 + power->disabled = (priv->pm_mode == AT76_PM_OFF);
2846 + if (!power->disabled) {
2847 + power->flags = IW_POWER_PERIOD | IW_POWER_ALL_R;
2848 + power->value = priv->pm_period;
2851 + at76_dbg(DBG_IOCTL, "%s: SIOCGIWPOWER - %s flags 0x%x value 0x%x",
2852 + netdev->name, power->disabled ? "disabled" : "enabled",
2853 + power->flags, power->value);
2858 +/*******************************************************************************
2861 +static int at76_iw_set_short_preamble(struct net_device *netdev,
2862 + struct iw_request_info *info, char *name,
2865 + struct at76_priv *priv = netdev_priv(netdev);
2866 + int val = *((int *)name);
2867 + int ret = -EIWCOMMIT;
2869 + at76_dbg(DBG_IOCTL, "%s: AT76_SET_SHORT_PREAMBLE, %d",
2870 + netdev->name, val);
2872 + if (val < PREAMBLE_TYPE_LONG || val > PREAMBLE_TYPE_AUTO)
2875 + priv->preamble_type = val;
2880 +static int at76_iw_get_short_preamble(struct net_device *netdev,
2881 + struct iw_request_info *info,
2882 + union iwreq_data *wrqu, char *extra)
2884 + struct at76_priv *priv = netdev_priv(netdev);
2886 + snprintf(wrqu->name, sizeof(wrqu->name), "%s (%d)",
2887 + preambles[priv->preamble_type], priv->preamble_type);
2891 +static int at76_iw_set_debug(struct net_device *netdev,
2892 + struct iw_request_info *info,
2893 + struct iw_point *data, char *extra)
2898 + if (data->length > 0) {
2899 + val = simple_strtol(extra, &ptr, 0);
2902 + val = DBG_DEFAULTS;
2904 + at76_dbg(DBG_IOCTL, "%s: AT76_SET_DEBUG input %d: %s -> 0x%x",
2905 + netdev->name, data->length, extra, val);
2907 + val = DBG_DEFAULTS;
2909 + at76_dbg(DBG_IOCTL, "%s: AT76_SET_DEBUG, old 0x%x, new 0x%x",
2910 + netdev->name, at76_debug, val);
2912 + /* jal: some more output to pin down lockups */
2913 + at76_dbg(DBG_IOCTL, "%s: netif running %d queue_stopped %d "
2914 + "carrier_ok %d", netdev->name, netif_running(netdev),
2915 + netif_queue_stopped(netdev), netif_carrier_ok(netdev));
2922 +static int at76_iw_get_debug(struct net_device *netdev,
2923 + struct iw_request_info *info,
2924 + union iwreq_data *wrqu, char *extra)
2926 + snprintf(wrqu->name, sizeof(wrqu->name), "0x%08x", at76_debug);
2930 +static int at76_iw_set_powersave_mode(struct net_device *netdev,
2931 + struct iw_request_info *info, char *name,
2934 + struct at76_priv *priv = netdev_priv(netdev);
2935 + int val = *((int *)name);
2936 + int ret = -EIWCOMMIT;
2938 + at76_dbg(DBG_IOCTL, "%s: AT76_SET_POWERSAVE_MODE, %d (%s)",
2939 + netdev->name, val,
2940 + val == AT76_PM_OFF ? "active" : val == AT76_PM_ON ? "save" :
2941 + val == AT76_PM_SMART ? "smart save" : "<invalid>");
2942 + if (val < AT76_PM_OFF || val > AT76_PM_SMART)
2945 + priv->pm_mode = val;
2950 +static int at76_iw_get_powersave_mode(struct net_device *netdev,
2951 + struct iw_request_info *info,
2952 + union iwreq_data *wrqu, char *extra)
2954 + struct at76_priv *priv = netdev_priv(netdev);
2955 + int *param = (int *)extra;
2957 + param[0] = priv->pm_mode;
2961 +static int at76_iw_set_scan_times(struct net_device *netdev,
2962 + struct iw_request_info *info, char *name,
2965 + struct at76_priv *priv = netdev_priv(netdev);
2966 + int mint = *((int *)name);
2967 + int maxt = *((int *)name + 1);
2968 + int ret = -EIWCOMMIT;
2970 + at76_dbg(DBG_IOCTL, "%s: AT76_SET_SCAN_TIMES - min %d max %d",
2971 + netdev->name, mint, maxt);
2972 + if (mint <= 0 || maxt <= 0 || mint > maxt)
2975 + priv->scan_min_time = mint;
2976 + priv->scan_max_time = maxt;
2982 +static int at76_iw_get_scan_times(struct net_device *netdev,
2983 + struct iw_request_info *info,
2984 + union iwreq_data *wrqu, char *extra)
2986 + struct at76_priv *priv = netdev_priv(netdev);
2987 + int *param = (int *)extra;
2989 + param[0] = priv->scan_min_time;
2990 + param[1] = priv->scan_max_time;
2994 +static int at76_iw_set_scan_mode(struct net_device *netdev,
2995 + struct iw_request_info *info, char *name,
2998 + struct at76_priv *priv = netdev_priv(netdev);
2999 + int val = *((int *)name);
3000 + int ret = -EIWCOMMIT;
3002 + at76_dbg(DBG_IOCTL, "%s: AT76_SET_SCAN_MODE - mode %s",
3003 + netdev->name, (val = SCAN_TYPE_ACTIVE) ? "active" :
3004 + (val = SCAN_TYPE_PASSIVE) ? "passive" : "<invalid>");
3006 + if (val != SCAN_TYPE_ACTIVE && val != SCAN_TYPE_PASSIVE)
3009 + priv->scan_mode = val;
3014 +static int at76_iw_get_scan_mode(struct net_device *netdev,
3015 + struct iw_request_info *info,
3016 + union iwreq_data *wrqu, char *extra)
3018 + struct at76_priv *priv = netdev_priv(netdev);
3019 + int *param = (int *)extra;
3021 + param[0] = priv->scan_mode;
3025 +#define AT76_SET_HANDLER(h, f) [h - SIOCIWFIRST] = (iw_handler) f
3027 +/* Standard wireless handlers */
3028 +static const iw_handler at76_handlers[] = {
3029 + AT76_SET_HANDLER(SIOCSIWCOMMIT, at76_iw_handler_commit),
3030 + AT76_SET_HANDLER(SIOCGIWNAME, at76_iw_handler_get_name),
3031 + AT76_SET_HANDLER(SIOCSIWFREQ, at76_iw_handler_set_freq),
3032 + AT76_SET_HANDLER(SIOCGIWFREQ, at76_iw_handler_get_freq),
3033 + AT76_SET_HANDLER(SIOCSIWMODE, at76_iw_handler_set_mode),
3034 + AT76_SET_HANDLER(SIOCGIWMODE, at76_iw_handler_get_mode),
3035 + AT76_SET_HANDLER(SIOCGIWRANGE, at76_iw_handler_get_range),
3036 + AT76_SET_HANDLER(SIOCSIWSPY, at76_iw_handler_set_spy),
3037 + AT76_SET_HANDLER(SIOCGIWSPY, at76_iw_handler_get_spy),
3038 + AT76_SET_HANDLER(SIOCSIWTHRSPY, at76_iw_handler_set_thrspy),
3039 + AT76_SET_HANDLER(SIOCGIWTHRSPY, at76_iw_handler_get_thrspy),
3040 + AT76_SET_HANDLER(SIOCSIWAP, at76_iw_handler_set_wap),
3041 + AT76_SET_HANDLER(SIOCGIWAP, at76_iw_handler_get_wap),
3042 + AT76_SET_HANDLER(SIOCSIWSCAN, at76_iw_handler_set_scan),
3043 + AT76_SET_HANDLER(SIOCGIWSCAN, at76_iw_handler_get_scan),
3044 + AT76_SET_HANDLER(SIOCSIWESSID, at76_iw_handler_set_essid),
3045 + AT76_SET_HANDLER(SIOCGIWESSID, at76_iw_handler_get_essid),
3046 + AT76_SET_HANDLER(SIOCSIWRATE, at76_iw_handler_set_rate),
3047 + AT76_SET_HANDLER(SIOCGIWRATE, at76_iw_handler_get_rate),
3048 + AT76_SET_HANDLER(SIOCSIWRTS, at76_iw_handler_set_rts),
3049 + AT76_SET_HANDLER(SIOCGIWRTS, at76_iw_handler_get_rts),
3050 + AT76_SET_HANDLER(SIOCSIWFRAG, at76_iw_handler_set_frag),
3051 + AT76_SET_HANDLER(SIOCGIWFRAG, at76_iw_handler_get_frag),
3052 + AT76_SET_HANDLER(SIOCGIWTXPOW, at76_iw_handler_get_txpow),
3053 + AT76_SET_HANDLER(SIOCSIWRETRY, at76_iw_handler_set_retry),
3054 + AT76_SET_HANDLER(SIOCGIWRETRY, at76_iw_handler_get_retry),
3055 + AT76_SET_HANDLER(SIOCSIWENCODE, at76_iw_handler_set_encode),
3056 + AT76_SET_HANDLER(SIOCGIWENCODE, at76_iw_handler_get_encode),
3057 + AT76_SET_HANDLER(SIOCSIWPOWER, at76_iw_handler_set_power),
3058 + AT76_SET_HANDLER(SIOCGIWPOWER, at76_iw_handler_get_power)
3061 +#define AT76_SET_PRIV(h, f) [h - SIOCIWFIRSTPRIV] = (iw_handler) f
3063 +/* Private wireless handlers */
3064 +static const iw_handler at76_priv_handlers[] = {
3065 + AT76_SET_PRIV(AT76_SET_SHORT_PREAMBLE, at76_iw_set_short_preamble),
3066 + AT76_SET_PRIV(AT76_GET_SHORT_PREAMBLE, at76_iw_get_short_preamble),
3067 + AT76_SET_PRIV(AT76_SET_DEBUG, at76_iw_set_debug),
3068 + AT76_SET_PRIV(AT76_GET_DEBUG, at76_iw_get_debug),
3069 + AT76_SET_PRIV(AT76_SET_POWERSAVE_MODE, at76_iw_set_powersave_mode),
3070 + AT76_SET_PRIV(AT76_GET_POWERSAVE_MODE, at76_iw_get_powersave_mode),
3071 + AT76_SET_PRIV(AT76_SET_SCAN_TIMES, at76_iw_set_scan_times),
3072 + AT76_SET_PRIV(AT76_GET_SCAN_TIMES, at76_iw_get_scan_times),
3073 + AT76_SET_PRIV(AT76_SET_SCAN_MODE, at76_iw_set_scan_mode),
3074 + AT76_SET_PRIV(AT76_GET_SCAN_MODE, at76_iw_get_scan_mode),
3077 +/* Names and arguments of private wireless handlers */
3078 +static const struct iw_priv_args at76_priv_args[] = {
3079 + /* 0 - long, 1 - short */
3080 + {AT76_SET_SHORT_PREAMBLE,
3081 + IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, "set_preamble"},
3083 + {AT76_GET_SHORT_PREAMBLE,
3084 + 0, IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | 10, "get_preamble"},
3086 + /* we must pass the new debug mask as a string, because iwpriv cannot
3087 + * parse hex numbers starting with 0x :-( */
3089 + IW_PRIV_TYPE_CHAR | 10, 0, "set_debug"},
3092 + 0, IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | 10, "get_debug"},
3094 + /* 1 - active, 2 - power save, 3 - smart power save */
3095 + {AT76_SET_POWERSAVE_MODE,
3096 + IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, "set_powersave"},
3098 + {AT76_GET_POWERSAVE_MODE,
3099 + 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_powersave"},
3101 + /* min_channel_time, max_channel_time */
3102 + {AT76_SET_SCAN_TIMES,
3103 + IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2, 0, "set_scan_times"},
3105 + {AT76_GET_SCAN_TIMES,
3106 + 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2, "get_scan_times"},
3108 + /* 0 - active, 1 - passive scan */
3109 + {AT76_SET_SCAN_MODE,
3110 + IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, "set_scan_mode"},
3112 + {AT76_GET_SCAN_MODE,
3113 + 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_scan_mode"},
3116 +static const struct iw_handler_def at76_handler_def = {
3117 + .num_standard = ARRAY_SIZE(at76_handlers),
3118 + .num_private = ARRAY_SIZE(at76_priv_handlers),
3119 + .num_private_args = ARRAY_SIZE(at76_priv_args),
3120 + .standard = at76_handlers,
3121 + .private = at76_priv_handlers,
3122 + .private_args = at76_priv_args,
3123 + .get_wireless_stats = at76_get_wireless_stats,
3126 +static const u8 snapsig[] = { 0xaa, 0xaa, 0x03 };
3128 +/* RFC 1042 encapsulates Ethernet frames in 802.2 SNAP (0xaa, 0xaa, 0x03) with
3129 + * a SNAP OID of 0 (0x00, 0x00, 0x00) */
3130 +static const u8 rfc1042sig[] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
3132 +static int at76_tx(struct sk_buff *skb, struct net_device *netdev)
3134 + struct at76_priv *priv = netdev_priv(netdev);
3135 + struct net_device_stats *stats = &priv->stats;
3139 + struct at76_tx_buffer *tx_buffer = priv->bulk_out_buffer;
3140 + struct ieee80211_hdr_3addr *i802_11_hdr =
3141 + (struct ieee80211_hdr_3addr *)tx_buffer->packet;
3142 + u8 *payload = i802_11_hdr->payload;
3143 + struct ethhdr *eh = (struct ethhdr *)skb->data;
3145 + if (netif_queue_stopped(netdev)) {
3146 + printk(KERN_ERR "%s: %s called while netdev is stopped\n",
3147 + netdev->name, __func__);
3148 + /* skip this packet */
3149 + dev_kfree_skb(skb);
3153 + if (priv->tx_urb->status == -EINPROGRESS) {
3154 + printk(KERN_ERR "%s: %s called while tx urb is pending\n",
3155 + netdev->name, __func__);
3156 + /* skip this packet */
3157 + dev_kfree_skb(skb);
3161 + if (skb->len < ETH_HLEN) {
3162 + printk(KERN_ERR "%s: %s: skb too short (%d)\n",
3163 + netdev->name, __func__, skb->len);
3164 + dev_kfree_skb(skb);
3168 + at76_ledtrig_tx_activity(); /* tell ledtrigger we send a packet */
3170 + /* we can get rid of memcpy if we set netdev->hard_header_len to
3171 + reserve enough space, but we would need to keep the skb around */
3173 + if (ntohs(eh->h_proto) <= ETH_DATA_LEN) {
3174 + /* this is a 802.3 packet */
3175 + if (skb->len >= ETH_HLEN + sizeof(rfc1042sig)
3176 + && skb->data[ETH_HLEN] == rfc1042sig[0]
3177 + && skb->data[ETH_HLEN + 1] == rfc1042sig[1]) {
3178 + /* higher layer delivered SNAP header - keep it */
3179 + memcpy(payload, skb->data + ETH_HLEN,
3180 + skb->len - ETH_HLEN);
3181 + wlen = IEEE80211_3ADDR_LEN + skb->len - ETH_HLEN;
3183 + printk(KERN_ERR "%s: dropping non-SNAP 802.2 packet "
3184 + "(DSAP 0x%02x SSAP 0x%02x cntrl 0x%02x)\n",
3185 + priv->netdev->name, skb->data[ETH_HLEN],
3186 + skb->data[ETH_HLEN + 1],
3187 + skb->data[ETH_HLEN + 2]);
3188 + dev_kfree_skb(skb);
3192 + /* add RFC 1042 header in front */
3193 + memcpy(payload, rfc1042sig, sizeof(rfc1042sig));
3194 + memcpy(payload + sizeof(rfc1042sig), &eh->h_proto,
3195 + skb->len - offsetof(struct ethhdr, h_proto));
3196 + wlen = IEEE80211_3ADDR_LEN + sizeof(rfc1042sig) + skb->len -
3197 + offsetof(struct ethhdr, h_proto);
3200 + /* make wireless header */
3201 + i802_11_hdr->frame_ctl =
3202 + cpu_to_le16(IEEE80211_FTYPE_DATA |
3203 + (priv->wep_enabled ? IEEE80211_FCTL_PROTECTED : 0) |
3205 + IW_MODE_INFRA ? IEEE80211_FCTL_TODS : 0));
3207 + if (priv->iw_mode == IW_MODE_ADHOC) {
3208 + memcpy(i802_11_hdr->addr1, eh->h_dest, ETH_ALEN);
3209 + memcpy(i802_11_hdr->addr2, eh->h_source, ETH_ALEN);
3210 + memcpy(i802_11_hdr->addr3, priv->bssid, ETH_ALEN);
3211 + } else if (priv->iw_mode == IW_MODE_INFRA) {
3212 + memcpy(i802_11_hdr->addr1, priv->bssid, ETH_ALEN);
3213 + memcpy(i802_11_hdr->addr2, eh->h_source, ETH_ALEN);
3214 + memcpy(i802_11_hdr->addr3, eh->h_dest, ETH_ALEN);
3217 + i802_11_hdr->duration_id = cpu_to_le16(0);
3218 + i802_11_hdr->seq_ctl = cpu_to_le16(0);
3220 + /* setup 'Atmel' header */
3221 + tx_buffer->wlength = cpu_to_le16(wlen);
3222 + tx_buffer->tx_rate = priv->txrate;
3223 + /* for broadcast destination addresses, the firmware 0.100.x
3224 + seems to choose the highest rate set with CMD_STARTUP in
3225 + basic_rate_set replacing this value */
3227 + memset(tx_buffer->reserved, 0, sizeof(tx_buffer->reserved));
3229 + tx_buffer->padding = at76_calc_padding(wlen);
3230 + submit_len = wlen + AT76_TX_HDRLEN + tx_buffer->padding;
3232 + at76_dbg(DBG_TX_DATA_CONTENT, "%s skb->data %s", priv->netdev->name,
3233 + hex2str(skb->data, 32));
3234 + at76_dbg(DBG_TX_DATA, "%s tx: wlen 0x%x pad 0x%x rate %d hdr %s",
3235 + priv->netdev->name,
3236 + le16_to_cpu(tx_buffer->wlength),
3237 + tx_buffer->padding, tx_buffer->tx_rate,
3238 + hex2str(i802_11_hdr, sizeof(*i802_11_hdr)));
3239 + at76_dbg(DBG_TX_DATA_CONTENT, "%s payload %s", priv->netdev->name,
3240 + hex2str(payload, 48));
3243 + netif_stop_queue(netdev);
3244 + netdev->trans_start = jiffies;
3246 + usb_fill_bulk_urb(priv->tx_urb, priv->udev, priv->tx_pipe, tx_buffer,
3247 + submit_len, at76_tx_callback, priv);
3248 + ret = usb_submit_urb(priv->tx_urb, GFP_ATOMIC);
3250 + stats->tx_errors++;
3251 + printk(KERN_ERR "%s: error in tx submit urb: %d\n",
3252 + netdev->name, ret);
3253 + if (ret == -EINVAL)
3255 + "%s: -EINVAL: tx urb %p hcpriv %p complete %p\n",
3256 + priv->netdev->name, priv->tx_urb,
3257 + priv->tx_urb->hcpriv, priv->tx_urb->complete);
3259 + stats->tx_bytes += skb->len;
3260 + dev_kfree_skb(skb);
3266 +static void at76_tx_timeout(struct net_device *netdev)
3268 + struct at76_priv *priv = netdev_priv(netdev);
3272 + dev_warn(&netdev->dev, "tx timeout.");
3274 + usb_unlink_urb(priv->tx_urb);
3275 + priv->stats.tx_errors++;
3278 +static int at76_submit_rx_urb(struct at76_priv *priv)
3282 + struct sk_buff *skb = priv->rx_skb;
3284 + if (!priv->rx_urb) {
3285 + printk(KERN_ERR "%s: %s: priv->rx_urb is NULL\n",
3286 + priv->netdev->name, __func__);
3291 + skb = dev_alloc_skb(sizeof(struct at76_rx_buffer));
3293 + printk(KERN_ERR "%s: cannot allocate rx skbuff\n",
3294 + priv->netdev->name);
3298 + priv->rx_skb = skb;
3300 + skb_push(skb, skb_headroom(skb));
3304 + size = skb_tailroom(skb);
3305 + usb_fill_bulk_urb(priv->rx_urb, priv->udev, priv->rx_pipe,
3306 + skb_put(skb, size), size, at76_rx_callback, priv);
3307 + ret = usb_submit_urb(priv->rx_urb, GFP_ATOMIC);
3309 + if (ret == -ENODEV)
3310 + at76_dbg(DBG_DEVSTART,
3311 + "usb_submit_urb returned -ENODEV");
3313 + printk(KERN_ERR "%s: rx, usb_submit_urb failed: %d\n",
3314 + priv->netdev->name, ret);
3318 + if (ret < 0 && ret != -ENODEV)
3319 + printk(KERN_ERR "%s: cannot submit rx urb - please unload the "
3320 + "driver and/or power cycle the device\n",
3321 + priv->netdev->name);
3326 +static int at76_open(struct net_device *netdev)
3328 + struct at76_priv *priv = netdev_priv(netdev);
3331 + at76_dbg(DBG_PROC_ENTRY, "%s(): entry", __func__);
3333 + if (mutex_lock_interruptible(&priv->mtx))
3336 + /* if netdev->dev_addr != priv->mac_addr we must
3337 + set the mac address in the device ! */
3338 + if (compare_ether_addr(netdev->dev_addr, priv->mac_addr)) {
3339 + if (at76_add_mac_address(priv, netdev->dev_addr) >= 0)
3340 + at76_dbg(DBG_PROGRESS, "%s: set new MAC addr %s",
3341 + netdev->name, mac2str(netdev->dev_addr));
3344 + priv->scan_state = SCAN_IDLE;
3345 + priv->last_scan = jiffies;
3347 + ret = at76_submit_rx_urb(priv);
3349 + printk(KERN_ERR "%s: open: submit_rx_urb failed: %d\n",
3350 + netdev->name, ret);
3354 + schedule_delayed_work(&priv->dwork_restart, 0);
3356 + at76_dbg(DBG_PROC_ENTRY, "%s(): end", __func__);
3358 + mutex_unlock(&priv->mtx);
3359 + return ret < 0 ? ret : 0;
3362 +static int at76_stop(struct net_device *netdev)
3364 + struct at76_priv *priv = netdev_priv(netdev);
3366 + at76_dbg(DBG_DEVSTART, "%s: ENTER", __func__);
3368 + if (mutex_lock_interruptible(&priv->mtx))
3371 + at76_quiesce(priv);
3373 + if (!priv->device_unplugged) {
3374 + /* We are called by "ifconfig ethX down", not because the
3375 + * device is not available anymore. */
3376 + at76_set_radio(priv, 0);
3378 + /* We unlink rx_urb because at76_open() re-submits it.
3379 + * If unplugged, at76_delete_device() takes care of it. */
3380 + usb_kill_urb(priv->rx_urb);
3383 + /* free the bss_list */
3384 + at76_free_bss_list(priv);
3386 + mutex_unlock(&priv->mtx);
3387 + at76_dbg(DBG_DEVSTART, "%s: EXIT", __func__);
3392 +static void at76_ethtool_get_drvinfo(struct net_device *netdev,
3393 + struct ethtool_drvinfo *info)
3395 + struct at76_priv *priv = netdev_priv(netdev);
3397 + strncpy(info->driver, DRIVER_NAME, sizeof(info->driver));
3398 + strncpy(info->version, DRIVER_VERSION, sizeof(info->version));
3400 + usb_make_path(priv->udev, info->bus_info, sizeof(info->bus_info));
3402 + snprintf(info->fw_version, sizeof(info->fw_version), "%d.%d.%d-%d",
3403 + priv->fw_version.major, priv->fw_version.minor,
3404 + priv->fw_version.patch, priv->fw_version.build);
3407 +static u32 at76_ethtool_get_link(struct net_device *netdev)
3409 + struct at76_priv *priv = netdev_priv(netdev);
3410 + return priv->mac_state == MAC_CONNECTED;
3413 +static struct ethtool_ops at76_ethtool_ops = {
3414 + .get_drvinfo = at76_ethtool_get_drvinfo,
3415 + .get_link = at76_ethtool_get_link,
3418 +/* Download external firmware */
3419 +static int at76_load_external_fw(struct usb_device *udev, struct fwentry *fwe)
3426 + u8 *buf = fwe->extfw;
3427 + int size = fwe->extfw_size;
3429 + if (!buf || !size)
3432 + op_mode = at76_get_op_mode(udev);
3433 + at76_dbg(DBG_DEVSTART, "opmode %d", op_mode);
3435 + if (op_mode != OPMODE_NORMAL_NIC_WITHOUT_FLASH) {
3436 + dev_printk(KERN_ERR, &udev->dev, "unexpected opmode %d\n",
3441 + block = kmalloc(FW_BLOCK_SIZE, GFP_KERNEL);
3445 + at76_dbg(DBG_DEVSTART, "downloading external firmware");
3447 + /* for fw >= 0.100, the device needs an extra empty block */
3449 + bsize = min_t(int, size, FW_BLOCK_SIZE);
3450 + memcpy(block, buf, bsize);
3451 + at76_dbg(DBG_DEVSTART,
3452 + "ext fw, size left = %5d, bsize = %4d, blockno = %2d",
3453 + size, bsize, blockno);
3454 + ret = at76_load_ext_fw_block(udev, blockno, block, bsize);
3455 + if (ret != bsize) {
3456 + dev_printk(KERN_ERR, &udev->dev,
3457 + "loading %dth firmware block failed: %d\n",
3464 + } while (bsize > 0);
3466 + if (at76_is_505a(fwe->board_type)) {
3467 + at76_dbg(DBG_DEVSTART, "200 ms delay for 505a");
3468 + schedule_timeout_interruptible(HZ / 5 + 1);
3474 + dev_printk(KERN_ERR, &udev->dev,
3475 + "downloading external firmware failed: %d\n", ret);
3479 +/* Download internal firmware */
3480 +static int at76_load_internal_fw(struct usb_device *udev, struct fwentry *fwe)
3483 + int need_remap = !at76_is_505a(fwe->board_type);
3485 + ret = at76_usbdfu_download(udev, fwe->intfw, fwe->intfw_size,
3486 + need_remap ? 0 : 2 * HZ);
3489 + dev_printk(KERN_ERR, &udev->dev,
3490 + "downloading internal fw failed with %d\n", ret);
3494 + at76_dbg(DBG_DEVSTART, "sending REMAP");
3496 + /* no REMAP for 505A (see SF driver) */
3498 + ret = at76_remap(udev);
3500 + dev_printk(KERN_ERR, &udev->dev,
3501 + "sending REMAP failed with %d\n", ret);
3506 + at76_dbg(DBG_DEVSTART, "sleeping for 2 seconds");
3507 + schedule_timeout_interruptible(2 * HZ + 1);
3508 + usb_reset_device(udev);
3514 +static int at76_match_essid(struct at76_priv *priv, struct bss_info *ptr)
3516 + /* common criteria for both modi */
3518 + int ret = (priv->essid_size == 0 /* ANY ssid */ ||
3519 + (priv->essid_size == ptr->ssid_len &&
3520 + !memcmp(priv->essid, ptr->ssid, ptr->ssid_len)));
3522 + at76_dbg(DBG_BSS_MATCH,
3523 + "%s bss table entry %p: essid didn't match",
3524 + priv->netdev->name, ptr);
3528 +static inline int at76_match_mode(struct at76_priv *priv, struct bss_info *ptr)
3532 + if (priv->iw_mode == IW_MODE_ADHOC)
3533 + ret = ptr->capa & WLAN_CAPABILITY_IBSS;
3535 + ret = ptr->capa & WLAN_CAPABILITY_ESS;
3537 + at76_dbg(DBG_BSS_MATCH,
3538 + "%s bss table entry %p: mode didn't match",
3539 + priv->netdev->name, ptr);
3543 +static int at76_match_rates(struct at76_priv *priv, struct bss_info *ptr)
3547 + for (i = 0; i < ptr->rates_len; i++) {
3548 + u8 rate = ptr->rates[i];
3550 + if (!(rate & 0x80))
3553 + /* this is a basic rate we have to support
3554 + (see IEEE802.11, ch. 7.3.2.2) */
3555 + if (rate != (0x80 | hw_rates[0])
3556 + && rate != (0x80 | hw_rates[1])
3557 + && rate != (0x80 | hw_rates[2])
3558 + && rate != (0x80 | hw_rates[3])) {
3559 + at76_dbg(DBG_BSS_MATCH,
3560 + "%s: bss table entry %p: basic rate %02x not "
3561 + "supported", priv->netdev->name, ptr, rate);
3566 + /* if we use short preamble, the bss must support it */
3567 + if (priv->preamble_type == PREAMBLE_TYPE_SHORT &&
3568 + !(ptr->capa & WLAN_CAPABILITY_SHORT_PREAMBLE)) {
3569 + at76_dbg(DBG_BSS_MATCH,
3570 + "%s: %p does not support short preamble",
3571 + priv->netdev->name, ptr);
3577 +static inline int at76_match_wep(struct at76_priv *priv, struct bss_info *ptr)
3579 + if (!priv->wep_enabled && ptr->capa & WLAN_CAPABILITY_PRIVACY) {
3580 + /* we have disabled WEP, but the BSS signals privacy */
3581 + at76_dbg(DBG_BSS_MATCH,
3582 + "%s: bss table entry %p: requires encryption",
3583 + priv->netdev->name, ptr);
3586 + /* otherwise if the BSS does not signal privacy it may well
3587 + accept encrypted packets from us ... */
3591 +static inline int at76_match_bssid(struct at76_priv *priv, struct bss_info *ptr)
3593 + if (!priv->wanted_bssid_valid ||
3594 + !compare_ether_addr(ptr->bssid, priv->wanted_bssid))
3597 + at76_dbg(DBG_BSS_MATCH,
3598 + "%s: requested bssid - %s does not match",
3599 + priv->netdev->name, mac2str(priv->wanted_bssid));
3600 + at76_dbg(DBG_BSS_MATCH,
3601 + " AP bssid - %s of bss table entry %p",
3602 + mac2str(ptr->bssid), ptr);
3607 + * at76_match_bss - try to find a matching bss in priv->bss
3609 + * last - last bss tried
3611 + * last == NULL signals a new round starting with priv->bss_list.next
3612 + * this function must be called inside an acquired priv->bss_list_spinlock
3613 + * otherwise the timeout on bss may remove the newly chosen entry
3615 +static struct bss_info *at76_match_bss(struct at76_priv *priv,
3616 + struct bss_info *last)
3618 + struct bss_info *ptr = NULL;
3619 + struct list_head *curr;
3621 + curr = last ? last->list.next : priv->bss_list.next;
3622 + while (curr != &priv->bss_list) {
3623 + ptr = list_entry(curr, struct bss_info, list);
3624 + if (at76_match_essid(priv, ptr) && at76_match_mode(priv, ptr)
3625 + && at76_match_wep(priv, ptr) && at76_match_rates(priv, ptr)
3626 + && at76_match_bssid(priv, ptr))
3628 + curr = curr->next;
3631 + if (curr == &priv->bss_list)
3633 + /* otherwise ptr points to the struct bss_info we have chosen */
3635 + at76_dbg(DBG_BSS_TABLE, "%s %s: returned %p", priv->netdev->name,
3640 +/* Start joining a matching BSS, or create own IBSS */
3641 +static void at76_work_join(struct work_struct *work)
3643 + struct at76_priv *priv = container_of(work, struct at76_priv,
3646 + unsigned long flags;
3648 + mutex_lock(&priv->mtx);
3650 + WARN_ON(priv->mac_state != MAC_JOINING);
3651 + if (priv->mac_state != MAC_JOINING)
3654 + /* secure the access to priv->curr_bss ! */
3655 + spin_lock_irqsave(&priv->bss_list_spinlock, flags);
3656 + priv->curr_bss = at76_match_bss(priv, priv->curr_bss);
3657 + spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
3659 + if (!priv->curr_bss) {
3660 + /* here we haven't found a matching (i)bss ... */
3661 + if (priv->iw_mode == IW_MODE_ADHOC) {
3662 + at76_set_mac_state(priv, MAC_OWN_IBSS);
3663 + at76_start_ibss(priv);
3666 + /* haven't found a matching BSS in infra mode - try again */
3667 + at76_set_mac_state(priv, MAC_SCANNING);
3668 + schedule_work(&priv->work_start_scan);
3672 + ret = at76_join_bss(priv, priv->curr_bss);
3674 + printk(KERN_ERR "%s: join_bss failed with %d\n",
3675 + priv->netdev->name, ret);
3679 + ret = at76_wait_completion(priv, CMD_JOIN);
3680 + if (ret != CMD_STATUS_COMPLETE) {
3681 + if (ret != CMD_STATUS_TIME_OUT)
3682 + printk(KERN_ERR "%s: join_bss completed with %d\n",
3683 + priv->netdev->name, ret);
3685 + printk(KERN_INFO "%s: join_bss ssid %s timed out\n",
3686 + priv->netdev->name,
3687 + mac2str(priv->curr_bss->bssid));
3689 + /* retry next BSS immediately */
3690 + schedule_work(&priv->work_join);
3694 + /* here we have joined the (I)BSS */
3695 + if (priv->iw_mode == IW_MODE_ADHOC) {
3696 + struct bss_info *bptr = priv->curr_bss;
3697 + at76_set_mac_state(priv, MAC_CONNECTED);
3698 + /* get ESSID, BSSID and channel for priv->curr_bss */
3699 + priv->essid_size = bptr->ssid_len;
3700 + memcpy(priv->essid, bptr->ssid, bptr->ssid_len);
3701 + memcpy(priv->bssid, bptr->bssid, ETH_ALEN);
3702 + priv->channel = bptr->channel;
3703 + at76_iwevent_bss_connect(priv->netdev, bptr->bssid);
3704 + netif_carrier_on(priv->netdev);
3705 + netif_start_queue(priv->netdev);
3706 + /* just to be sure */
3707 + cancel_delayed_work(&priv->dwork_get_scan);
3708 + cancel_delayed_work(&priv->dwork_auth);
3709 + cancel_delayed_work(&priv->dwork_assoc);
3711 + /* send auth req */
3712 + priv->retries = AUTH_RETRIES;
3713 + at76_set_mac_state(priv, MAC_AUTH);
3714 + at76_auth_req(priv, priv->curr_bss, 1, NULL);
3715 + at76_dbg(DBG_MGMT_TIMER,
3716 + "%s:%d: starting mgmt_timer + HZ", __func__, __LINE__);
3717 + schedule_delayed_work(&priv->dwork_auth, AUTH_TIMEOUT);
3721 + mutex_unlock(&priv->mtx);
3724 +/* Reap scan results */
3725 +static void at76_dwork_get_scan(struct work_struct *work)
3729 + struct at76_priv *priv = container_of(work, struct at76_priv,
3730 + dwork_get_scan.work);
3732 + mutex_lock(&priv->mtx);
3733 + WARN_ON(priv->mac_state != MAC_SCANNING);
3734 + if (priv->mac_state != MAC_SCANNING)
3737 + status = at76_get_cmd_status(priv->udev, CMD_SCAN);
3739 + printk(KERN_ERR "%s: %s: at76_get_cmd_status failed with %d\n",
3740 + priv->netdev->name, __func__, status);
3741 + status = CMD_STATUS_IN_PROGRESS;
3742 + /* INFO: Hope it was a one off error - if not, scanning
3743 + further down the line and stop this cycle */
3745 + at76_dbg(DBG_PROGRESS,
3746 + "%s %s: got cmd_status %d (state %s, need_any %d)",
3747 + priv->netdev->name, __func__, status,
3748 + mac_states[priv->mac_state], priv->scan_need_any);
3750 + if (status != CMD_STATUS_COMPLETE) {
3751 + if ((status != CMD_STATUS_IN_PROGRESS) &&
3752 + (status != CMD_STATUS_IDLE))
3753 + printk(KERN_ERR "%s: %s: Bad scan status: %s\n",
3754 + priv->netdev->name, __func__,
3755 + at76_get_cmd_status_string(status));
3757 + /* the first cmd status after scan start is always a IDLE ->
3758 + start the timer to poll again until COMPLETED */
3759 + at76_dbg(DBG_MGMT_TIMER,
3760 + "%s:%d: starting mgmt_timer for %d ticks",
3761 + __func__, __LINE__, SCAN_POLL_INTERVAL);
3762 + schedule_delayed_work(&priv->dwork_get_scan,
3763 + SCAN_POLL_INTERVAL);
3767 + if (at76_debug & DBG_BSS_TABLE)
3768 + at76_dump_bss_table(priv);
3770 + if (priv->scan_need_any) {
3771 + ret = at76_start_scan(priv, 0);
3774 + "%s: %s: start_scan (ANY) failed with %d\n",
3775 + priv->netdev->name, __func__, ret);
3776 + at76_dbg(DBG_MGMT_TIMER,
3777 + "%s:%d: starting mgmt_timer for %d ticks", __func__,
3778 + __LINE__, SCAN_POLL_INTERVAL);
3779 + schedule_delayed_work(&priv->dwork_get_scan,
3780 + SCAN_POLL_INTERVAL);
3781 + priv->scan_need_any = 0;
3783 + priv->scan_state = SCAN_COMPLETED;
3784 + /* report the end of scan to user space */
3785 + at76_iwevent_scan_complete(priv->netdev);
3786 + at76_set_mac_state(priv, MAC_JOINING);
3787 + schedule_work(&priv->work_join);
3791 + mutex_unlock(&priv->mtx);
3794 +/* Handle loss of beacons from the AP */
3795 +static void at76_dwork_beacon(struct work_struct *work)
3797 + struct at76_priv *priv = container_of(work, struct at76_priv,
3798 + dwork_beacon.work);
3800 + mutex_lock(&priv->mtx);
3801 + if (priv->mac_state != MAC_CONNECTED || priv->iw_mode != IW_MODE_INFRA)
3804 + /* We haven't received any beacons from out AP for BEACON_TIMEOUT */
3805 + printk(KERN_INFO "%s: lost beacon bssid %s\n",
3806 + priv->netdev->name, mac2str(priv->curr_bss->bssid));
3808 + netif_carrier_off(priv->netdev);
3809 + netif_stop_queue(priv->netdev);
3810 + at76_iwevent_bss_disconnect(priv->netdev);
3811 + at76_set_mac_state(priv, MAC_SCANNING);
3812 + schedule_work(&priv->work_start_scan);
3815 + mutex_unlock(&priv->mtx);
3818 +/* Handle authentication response timeout */
3819 +static void at76_dwork_auth(struct work_struct *work)
3821 + struct at76_priv *priv = container_of(work, struct at76_priv,
3824 + mutex_lock(&priv->mtx);
3825 + WARN_ON(priv->mac_state != MAC_AUTH);
3826 + if (priv->mac_state != MAC_AUTH)
3829 + at76_dbg(DBG_PROGRESS, "%s: authentication response timeout",
3830 + priv->netdev->name);
3832 + if (priv->retries-- >= 0) {
3833 + at76_auth_req(priv, priv->curr_bss, 1, NULL);
3834 + at76_dbg(DBG_MGMT_TIMER, "%s:%d: starting mgmt_timer + HZ",
3835 + __func__, __LINE__);
3836 + schedule_delayed_work(&priv->dwork_auth, AUTH_TIMEOUT);
3838 + /* try to get next matching BSS */
3839 + at76_set_mac_state(priv, MAC_JOINING);
3840 + schedule_work(&priv->work_join);
3844 + mutex_unlock(&priv->mtx);
3847 +/* Handle association response timeout */
3848 +static void at76_dwork_assoc(struct work_struct *work)
3850 + struct at76_priv *priv = container_of(work, struct at76_priv,
3851 + dwork_assoc.work);
3853 + mutex_lock(&priv->mtx);
3854 + WARN_ON(priv->mac_state != MAC_ASSOC);
3855 + if (priv->mac_state != MAC_ASSOC)
3858 + at76_dbg(DBG_PROGRESS, "%s: association response timeout",
3859 + priv->netdev->name);
3861 + if (priv->retries-- >= 0) {
3862 + at76_assoc_req(priv, priv->curr_bss);
3863 + at76_dbg(DBG_MGMT_TIMER, "%s:%d: starting mgmt_timer + HZ",
3864 + __func__, __LINE__);
3865 + schedule_delayed_work(&priv->dwork_assoc, ASSOC_TIMEOUT);
3867 + /* try to get next matching BSS */
3868 + at76_set_mac_state(priv, MAC_JOINING);
3869 + schedule_work(&priv->work_join);
3873 + mutex_unlock(&priv->mtx);
3876 +/* Read new bssid in ad-hoc mode */
3877 +static void at76_work_new_bss(struct work_struct *work)
3879 + struct at76_priv *priv = container_of(work, struct at76_priv,
3882 + struct mib_mac_mgmt mac_mgmt;
3884 + mutex_lock(&priv->mtx);
3886 + ret = at76_get_mib(priv->udev, MIB_MAC_MGMT, &mac_mgmt,
3887 + sizeof(struct mib_mac_mgmt));
3889 + printk(KERN_ERR "%s: at76_get_mib failed: %d\n",
3890 + priv->netdev->name, ret);
3894 + at76_dbg(DBG_PROGRESS, "ibss_change = 0x%2x", mac_mgmt.ibss_change);
3895 + memcpy(priv->bssid, mac_mgmt.current_bssid, ETH_ALEN);
3896 + at76_dbg(DBG_PROGRESS, "using BSSID %s", mac2str(priv->bssid));
3898 + at76_iwevent_bss_connect(priv->netdev, priv->bssid);
3900 + priv->mib_buf.type = MIB_MAC_MGMT;
3901 + priv->mib_buf.size = 1;
3902 + priv->mib_buf.index = offsetof(struct mib_mac_mgmt, ibss_change);
3903 + priv->mib_buf.data.byte = 0;
3905 + ret = at76_set_mib(priv, &priv->mib_buf);
3907 + printk(KERN_ERR "%s: set_mib (ibss change ok) failed: %d\n",
3908 + priv->netdev->name, ret);
3911 + mutex_unlock(&priv->mtx);
3914 +static int at76_startup_device(struct at76_priv *priv)
3916 + struct at76_card_config *ccfg = &priv->card_config;
3919 + at76_dbg(DBG_PARAMS,
3920 + "%s param: ssid %.*s (%s) mode %s ch %d wep %s key %d "
3921 + "keylen %d", priv->netdev->name, priv->essid_size, priv->essid,
3922 + hex2str(priv->essid, IW_ESSID_MAX_SIZE),
3923 + priv->iw_mode == IW_MODE_ADHOC ? "adhoc" : "infra",
3924 + priv->channel, priv->wep_enabled ? "enabled" : "disabled",
3925 + priv->wep_key_id, priv->wep_keys_len[priv->wep_key_id]);
3926 + at76_dbg(DBG_PARAMS,
3927 + "%s param: preamble %s rts %d retry %d frag %d "
3928 + "txrate %s auth_mode %d", priv->netdev->name,
3929 + preambles[priv->preamble_type], priv->rts_threshold,
3930 + priv->short_retry_limit, priv->frag_threshold,
3931 + priv->txrate == TX_RATE_1MBIT ? "1MBit" : priv->txrate ==
3932 + TX_RATE_2MBIT ? "2MBit" : priv->txrate ==
3933 + TX_RATE_5_5MBIT ? "5.5MBit" : priv->txrate ==
3934 + TX_RATE_11MBIT ? "11MBit" : priv->txrate ==
3935 + TX_RATE_AUTO ? "auto" : "<invalid>", priv->auth_mode);
3936 + at76_dbg(DBG_PARAMS,
3937 + "%s param: pm_mode %d pm_period %d auth_mode %s "
3938 + "scan_times %d %d scan_mode %s",
3939 + priv->netdev->name, priv->pm_mode, priv->pm_period,
3940 + priv->auth_mode == WLAN_AUTH_OPEN ? "open" : "shared_secret",
3941 + priv->scan_min_time, priv->scan_max_time,
3942 + priv->scan_mode == SCAN_TYPE_ACTIVE ? "active" : "passive");
3944 + memset(ccfg, 0, sizeof(struct at76_card_config));
3945 + ccfg->promiscuous_mode = 0;
3946 + ccfg->short_retry_limit = priv->short_retry_limit;
3948 + if (priv->wep_enabled) {
3949 + if (priv->wep_keys_len[priv->wep_key_id] > WEP_SMALL_KEY_LEN)
3950 + ccfg->encryption_type = 2;
3952 + ccfg->encryption_type = 1;
3954 + /* jal: always exclude unencrypted if WEP is active */
3955 + ccfg->exclude_unencrypted = 1;
3957 + ccfg->exclude_unencrypted = 0;
3958 + ccfg->encryption_type = 0;
3961 + ccfg->rts_threshold = cpu_to_le16(priv->rts_threshold);
3962 + ccfg->fragmentation_threshold = cpu_to_le16(priv->frag_threshold);
3964 + memcpy(ccfg->basic_rate_set, hw_rates, 4);
3965 + /* jal: really needed, we do a set_mib for autorate later ??? */
3966 + ccfg->auto_rate_fallback = (priv->txrate == TX_RATE_AUTO ? 1 : 0);
3967 + ccfg->channel = priv->channel;
3968 + ccfg->privacy_invoked = priv->wep_enabled;
3969 + memcpy(ccfg->current_ssid, priv->essid, IW_ESSID_MAX_SIZE);
3970 + ccfg->ssid_len = priv->essid_size;
3972 + ccfg->wep_default_key_id = priv->wep_key_id;
3973 + memcpy(ccfg->wep_default_key_value, priv->wep_keys, 4 * WEP_KEY_LEN);
3975 + ccfg->short_preamble = priv->preamble_type;
3976 + ccfg->beacon_period = cpu_to_le16(priv->beacon_period);
3978 + ret = at76_set_card_command(priv->udev, CMD_STARTUP, &priv->card_config,
3979 + sizeof(struct at76_card_config));
3981 + printk(KERN_ERR "%s: at76_set_card_command failed: %d\n",
3982 + priv->netdev->name, ret);
3986 + at76_wait_completion(priv, CMD_STARTUP);
3988 + /* remove BSSID from previous run */
3989 + memset(priv->bssid, 0, ETH_ALEN);
3991 + if (at76_set_radio(priv, 1) == 1)
3992 + at76_wait_completion(priv, CMD_RADIO_ON);
3994 + ret = at76_set_preamble(priv, priv->preamble_type);
3998 + ret = at76_set_frag(priv, priv->frag_threshold);
4002 + ret = at76_set_rts(priv, priv->rts_threshold);
4006 + ret = at76_set_autorate_fallback(priv,
4007 + priv->txrate == TX_RATE_AUTO ? 1 : 0);
4011 + ret = at76_set_pm_mode(priv);
4015 + if (at76_debug & DBG_MIB) {
4016 + at76_dump_mib_mac(priv);
4017 + at76_dump_mib_mac_addr(priv);
4018 + at76_dump_mib_mac_mgmt(priv);
4019 + at76_dump_mib_mac_wep(priv);
4020 + at76_dump_mib_mdomain(priv);
4021 + at76_dump_mib_phy(priv);
4022 + at76_dump_mib_local(priv);
4028 +/* Restart the interface */
4029 +static void at76_dwork_restart(struct work_struct *work)
4031 + struct at76_priv *priv = container_of(work, struct at76_priv,
4032 + dwork_restart.work);
4034 + mutex_lock(&priv->mtx);
4036 + netif_carrier_off(priv->netdev); /* stop netdev watchdog */
4037 + netif_stop_queue(priv->netdev); /* stop tx data packets */
4039 + at76_startup_device(priv);
4041 + if (priv->iw_mode != IW_MODE_MONITOR) {
4042 + priv->netdev->type = ARPHRD_ETHER;
4043 + at76_set_mac_state(priv, MAC_SCANNING);
4044 + schedule_work(&priv->work_start_scan);
4046 + priv->netdev->type = ARPHRD_IEEE80211_RADIOTAP;
4047 + at76_start_monitor(priv);
4050 + mutex_unlock(&priv->mtx);
4053 +/* Initiate scanning */
4054 +static void at76_work_start_scan(struct work_struct *work)
4056 + struct at76_priv *priv = container_of(work, struct at76_priv,
4060 + mutex_lock(&priv->mtx);
4062 + WARN_ON(priv->mac_state != MAC_SCANNING);
4063 + if (priv->mac_state != MAC_SCANNING)
4066 + /* only clear the bss list when a scan is actively initiated,
4067 + * otherwise simply rely on at76_bss_list_timeout */
4068 + if (priv->scan_state == SCAN_IN_PROGRESS) {
4069 + at76_free_bss_list(priv);
4070 + priv->scan_need_any = 1;
4072 + priv->scan_need_any = 0;
4074 + ret = at76_start_scan(priv, 1);
4077 + printk(KERN_ERR "%s: %s: start_scan failed with %d\n",
4078 + priv->netdev->name, __func__, ret);
4080 + at76_dbg(DBG_MGMT_TIMER,
4081 + "%s:%d: starting mgmt_timer for %d ticks",
4082 + __func__, __LINE__, SCAN_POLL_INTERVAL);
4083 + schedule_delayed_work(&priv->dwork_get_scan,
4084 + SCAN_POLL_INTERVAL);
4088 + mutex_unlock(&priv->mtx);
4091 +/* Enable or disable promiscuous mode */
4092 +static void at76_work_set_promisc(struct work_struct *work)
4094 + struct at76_priv *priv = container_of(work, struct at76_priv,
4095 + work_set_promisc);
4098 + mutex_lock(&priv->mtx);
4100 + priv->mib_buf.type = MIB_LOCAL;
4101 + priv->mib_buf.size = 1;
4102 + priv->mib_buf.index = offsetof(struct mib_local, promiscuous_mode);
4103 + priv->mib_buf.data.byte = priv->promisc ? 1 : 0;
4105 + ret = at76_set_mib(priv, &priv->mib_buf);
4107 + printk(KERN_ERR "%s: set_mib (promiscuous_mode) failed: %d\n",
4108 + priv->netdev->name, ret);
4110 + mutex_unlock(&priv->mtx);
4113 +/* Submit Rx urb back to the device */
4114 +static void at76_work_submit_rx(struct work_struct *work)
4116 + struct at76_priv *priv = container_of(work, struct at76_priv,
4119 + mutex_lock(&priv->mtx);
4120 + at76_submit_rx_urb(priv);
4121 + mutex_unlock(&priv->mtx);
4124 +/* We got an association response */
4125 +static void at76_rx_mgmt_assoc(struct at76_priv *priv,
4126 + struct at76_rx_buffer *buf)
4128 + struct ieee80211_assoc_response *resp =
4129 + (struct ieee80211_assoc_response *)buf->packet;
4130 + u16 assoc_id = le16_to_cpu(resp->aid);
4131 + u16 status = le16_to_cpu(resp->status);
4133 + at76_dbg(DBG_RX_MGMT, "%s: rx AssocResp bssid %s capa 0x%04x status "
4134 + "0x%04x assoc_id 0x%04x rates %s", priv->netdev->name,
4135 + mac2str(resp->header.addr3), le16_to_cpu(resp->capability),
4136 + status, assoc_id, hex2str(resp->info_element->data,
4137 + resp->info_element->len));
4139 + if (priv->mac_state != MAC_ASSOC) {
4140 + printk(KERN_INFO "%s: AssocResp in state %s ignored\n",
4141 + priv->netdev->name, mac_states[priv->mac_state]);
4145 + BUG_ON(!priv->curr_bss);
4147 + cancel_delayed_work(&priv->dwork_assoc);
4148 + if (status == WLAN_STATUS_SUCCESS) {
4149 + struct bss_info *ptr = priv->curr_bss;
4150 + priv->assoc_id = assoc_id & 0x3fff;
4151 + /* update iwconfig params */
4152 + memcpy(priv->bssid, ptr->bssid, ETH_ALEN);
4153 + memcpy(priv->essid, ptr->ssid, ptr->ssid_len);
4154 + priv->essid_size = ptr->ssid_len;
4155 + priv->channel = ptr->channel;
4156 + schedule_work(&priv->work_assoc_done);
4158 + at76_set_mac_state(priv, MAC_JOINING);
4159 + schedule_work(&priv->work_join);
4163 +/* Process disassociation request from the AP */
4164 +static void at76_rx_mgmt_disassoc(struct at76_priv *priv,
4165 + struct at76_rx_buffer *buf)
4167 + struct ieee80211_disassoc *resp =
4168 + (struct ieee80211_disassoc *)buf->packet;
4169 + struct ieee80211_hdr_3addr *mgmt = &resp->header;
4171 + at76_dbg(DBG_RX_MGMT,
4172 + "%s: rx DisAssoc bssid %s reason 0x%04x destination %s",
4173 + priv->netdev->name, mac2str(mgmt->addr3),
4174 + le16_to_cpu(resp->reason), mac2str(mgmt->addr1));
4176 + /* We are not connected, ignore */
4177 + if (priv->mac_state == MAC_SCANNING || priv->mac_state == MAC_INIT
4178 + || !priv->curr_bss)
4181 + /* Not our BSSID, ignore */
4182 + if (compare_ether_addr(mgmt->addr3, priv->curr_bss->bssid))
4185 + /* Not for our STA and not broadcast, ignore */
4186 + if (compare_ether_addr(priv->netdev->dev_addr, mgmt->addr1)
4187 + && !is_broadcast_ether_addr(mgmt->addr1))
4190 + if (priv->mac_state != MAC_ASSOC && priv->mac_state != MAC_CONNECTED
4191 + && priv->mac_state != MAC_JOINING) {
4192 + printk(KERN_INFO "%s: DisAssoc in state %s ignored\n",
4193 + priv->netdev->name, mac_states[priv->mac_state]);
4197 + if (priv->mac_state == MAC_CONNECTED) {
4198 + netif_carrier_off(priv->netdev);
4199 + netif_stop_queue(priv->netdev);
4200 + at76_iwevent_bss_disconnect(priv->netdev);
4202 + cancel_delayed_work(&priv->dwork_get_scan);
4203 + cancel_delayed_work(&priv->dwork_beacon);
4204 + cancel_delayed_work(&priv->dwork_auth);
4205 + cancel_delayed_work(&priv->dwork_assoc);
4206 + at76_set_mac_state(priv, MAC_JOINING);
4207 + schedule_work(&priv->work_join);
4210 +static void at76_rx_mgmt_auth(struct at76_priv *priv,
4211 + struct at76_rx_buffer *buf)
4213 + struct ieee80211_auth *resp = (struct ieee80211_auth *)buf->packet;
4214 + struct ieee80211_hdr_3addr *mgmt = &resp->header;
4215 + int seq_nr = le16_to_cpu(resp->transaction);
4216 + int alg = le16_to_cpu(resp->algorithm);
4217 + int status = le16_to_cpu(resp->status);
4219 + at76_dbg(DBG_RX_MGMT,
4220 + "%s: rx AuthFrame bssid %s alg %d seq_nr %d status %d "
4221 + "destination %s", priv->netdev->name, mac2str(mgmt->addr3),
4222 + alg, seq_nr, status, mac2str(mgmt->addr1));
4224 + if (alg == WLAN_AUTH_SHARED_KEY && seq_nr == 2)
4225 + at76_dbg(DBG_RX_MGMT, "%s: AuthFrame challenge %s ...",
4226 + priv->netdev->name, hex2str(resp->info_element, 18));
4228 + if (priv->mac_state != MAC_AUTH) {
4229 + printk(KERN_INFO "%s: ignored AuthFrame in state %s\n",
4230 + priv->netdev->name, mac_states[priv->mac_state]);
4233 + if (priv->auth_mode != alg) {
4234 + printk(KERN_INFO "%s: ignored AuthFrame for alg %d\n",
4235 + priv->netdev->name, alg);
4239 + BUG_ON(!priv->curr_bss);
4241 + /* Not our BSSID or not for our STA, ignore */
4242 + if (compare_ether_addr(mgmt->addr3, priv->curr_bss->bssid)
4243 + || compare_ether_addr(priv->netdev->dev_addr, mgmt->addr1))
4246 + cancel_delayed_work(&priv->dwork_auth);
4247 + if (status != WLAN_STATUS_SUCCESS) {
4248 + /* try to join next bss */
4249 + at76_set_mac_state(priv, MAC_JOINING);
4250 + schedule_work(&priv->work_join);
4254 + if (priv->auth_mode == WLAN_AUTH_OPEN || seq_nr == 4) {
4255 + priv->retries = ASSOC_RETRIES;
4256 + at76_set_mac_state(priv, MAC_ASSOC);
4257 + at76_assoc_req(priv, priv->curr_bss);
4258 + at76_dbg(DBG_MGMT_TIMER,
4259 + "%s:%d: starting mgmt_timer + HZ", __func__, __LINE__);
4260 + schedule_delayed_work(&priv->dwork_assoc, ASSOC_TIMEOUT);
4264 + WARN_ON(seq_nr != 2);
4265 + at76_auth_req(priv, priv->curr_bss, seq_nr + 1, resp->info_element);
4266 + at76_dbg(DBG_MGMT_TIMER, "%s:%d: starting mgmt_timer + HZ", __func__,
4268 + schedule_delayed_work(&priv->dwork_auth, AUTH_TIMEOUT);
4271 +static void at76_rx_mgmt_deauth(struct at76_priv *priv,
4272 + struct at76_rx_buffer *buf)
4274 + struct ieee80211_disassoc *resp =
4275 + (struct ieee80211_disassoc *)buf->packet;
4276 + struct ieee80211_hdr_3addr *mgmt = &resp->header;
4278 + at76_dbg(DBG_RX_MGMT | DBG_PROGRESS,
4279 + "%s: rx DeAuth bssid %s reason 0x%04x destination %s",
4280 + priv->netdev->name, mac2str(mgmt->addr3),
4281 + le16_to_cpu(resp->reason), mac2str(mgmt->addr1));
4283 + if (priv->mac_state != MAC_AUTH && priv->mac_state != MAC_ASSOC
4284 + && priv->mac_state != MAC_CONNECTED) {
4285 + printk(KERN_INFO "%s: DeAuth in state %s ignored\n",
4286 + priv->netdev->name, mac_states[priv->mac_state]);
4290 + BUG_ON(!priv->curr_bss);
4292 + /* Not our BSSID, ignore */
4293 + if (compare_ether_addr(mgmt->addr3, priv->curr_bss->bssid))
4296 + /* Not for our STA and not broadcast, ignore */
4297 + if (compare_ether_addr(priv->netdev->dev_addr, mgmt->addr1)
4298 + && !is_broadcast_ether_addr(mgmt->addr1))
4301 + if (priv->mac_state == MAC_CONNECTED)
4302 + at76_iwevent_bss_disconnect(priv->netdev);
4304 + at76_set_mac_state(priv, MAC_JOINING);
4305 + schedule_work(&priv->work_join);
4306 + cancel_delayed_work(&priv->dwork_get_scan);
4307 + cancel_delayed_work(&priv->dwork_beacon);
4308 + cancel_delayed_work(&priv->dwork_auth);
4309 + cancel_delayed_work(&priv->dwork_assoc);
4312 +static void at76_rx_mgmt_beacon(struct at76_priv *priv,
4313 + struct at76_rx_buffer *buf)
4316 + /* beacon content */
4317 + struct ieee80211_beacon *bdata = (struct ieee80211_beacon *)buf->packet;
4318 + struct ieee80211_hdr_3addr *mgmt = &bdata->header;
4320 + struct list_head *lptr;
4321 + struct bss_info *match; /* entry matching addr3 with its bssid */
4322 + int new_entry = 0;
4324 + struct ieee80211_info_element *ie;
4325 + int have_ssid = 0;
4326 + int have_rates = 0;
4327 + int have_channel = 0;
4328 + int keep_going = 1;
4329 + unsigned long flags;
4331 + spin_lock_irqsave(&priv->bss_list_spinlock, flags);
4332 + if (priv->mac_state == MAC_CONNECTED) {
4333 + /* in state MAC_CONNECTED we use the mgmt_timer to control
4334 + the beacon of the BSS */
4335 + BUG_ON(!priv->curr_bss);
4337 + if (!compare_ether_addr(priv->curr_bss->bssid, mgmt->addr3)) {
4338 + /* We got our AP's beacon, defer the timeout handler.
4339 + Kill pending work first, as schedule_delayed_work()
4341 + cancel_delayed_work(&priv->dwork_beacon);
4342 + schedule_delayed_work(&priv->dwork_beacon,
4344 + priv->curr_bss->rssi = buf->rssi;
4345 + priv->beacons_received++;
4350 + /* look if we have this BSS already in the list */
4353 + if (!list_empty(&priv->bss_list)) {
4354 + list_for_each(lptr, &priv->bss_list) {
4355 + struct bss_info *bss_ptr =
4356 + list_entry(lptr, struct bss_info, list);
4357 + if (!compare_ether_addr(bss_ptr->bssid, mgmt->addr3)) {
4365 + /* BSS not in the list - append it */
4366 + match = kzalloc(sizeof(struct bss_info), GFP_ATOMIC);
4368 + at76_dbg(DBG_BSS_TABLE,
4369 + "%s: cannot kmalloc new bss info (%zd byte)",
4370 + priv->netdev->name, sizeof(struct bss_info));
4374 + list_add_tail(&match->list, &priv->bss_list);
4377 + match->capa = le16_to_cpu(bdata->capability);
4378 + match->beacon_interval = le16_to_cpu(bdata->beacon_interval);
4379 + match->rssi = buf->rssi;
4380 + match->link_qual = buf->link_quality;
4381 + match->noise_level = buf->noise_level;
4382 + memcpy(match->bssid, mgmt->addr3, ETH_ALEN);
4383 + at76_dbg(DBG_RX_BEACON, "%s: bssid %s", priv->netdev->name,
4384 + mac2str(match->bssid));
4386 + ie = bdata->info_element;
4388 + /* length of var length beacon parameters */
4389 + varpar_len = min_t(int, le16_to_cpu(buf->wlength) -
4390 + sizeof(struct ieee80211_beacon),
4391 + BEACON_MAX_DATA_LENGTH);
4393 + /* This routine steps through the bdata->data array to get
4394 + * some useful information about the access point.
4395 + * Currently, this implementation supports receipt of: SSID,
4396 + * supported transfer rates and channel, in any order, with some
4397 + * tolerance for intermittent unknown codes (although this
4398 + * functionality may not be necessary as the useful information will
4399 + * usually arrive in consecutively, but there have been some
4400 + * reports of some of the useful information fields arriving in a
4401 + * different order).
4402 + * It does not support any more IE types although MFIE_TYPE_TIM may
4403 + * be supported (on my AP at least).
4404 + * The bdata->data array is about 1500 bytes long but only ~36 of those
4405 + * bytes are useful, hence the have_ssid etc optimizations. */
4407 + while (keep_going &&
4408 + ((&ie->data[ie->len] - (u8 *)bdata->info_element) <=
4413 + case MFIE_TYPE_SSID:
4417 + len = min_t(int, IW_ESSID_MAX_SIZE, ie->len);
4419 + /* we copy only if this is a new entry,
4420 + or the incoming SSID is not a hidden SSID. This
4421 + will protect us from overwriting a real SSID read
4422 + in a ProbeResponse with a hidden one from a
4423 + following beacon. */
4424 + if (!new_entry && at76_is_hidden_ssid(ie->data, len)) {
4429 + match->ssid_len = len;
4430 + memcpy(match->ssid, ie->data, len);
4431 + at76_dbg(DBG_RX_BEACON, "%s: SSID - %.*s",
4432 + priv->netdev->name, len, match->ssid);
4436 + case MFIE_TYPE_RATES:
4440 + match->rates_len =
4441 + min_t(int, sizeof(match->rates), ie->len);
4442 + memcpy(match->rates, ie->data, match->rates_len);
4444 + at76_dbg(DBG_RX_BEACON, "%s: SUPPORTED RATES %s",
4445 + priv->netdev->name,
4446 + hex2str(ie->data, ie->len));
4449 + case MFIE_TYPE_DS_SET:
4453 + match->channel = ie->data[0];
4455 + at76_dbg(DBG_RX_BEACON, "%s: CHANNEL - %d",
4456 + priv->netdev->name, match->channel);
4459 + case MFIE_TYPE_CF_SET:
4460 + case MFIE_TYPE_TIM:
4461 + case MFIE_TYPE_IBSS_SET:
4463 + at76_dbg(DBG_RX_BEACON, "%s: beacon IE id %d len %d %s",
4464 + priv->netdev->name, ie->id, ie->len,
4465 + hex2str(ie->data, ie->len));
4469 + /* advance to the next informational element */
4472 + /* Optimization: after all, the bdata->data array is
4473 + * varpar_len bytes long, whereas we get all of the useful
4474 + * information after only ~36 bytes, this saves us a lot of
4475 + * time (and trouble as the remaining portion of the array
4476 + * could be full of junk)
4477 + * Comment this out if you want to see what other information
4478 + * comes from the AP - although little of it may be useful */
4481 + at76_dbg(DBG_RX_BEACON, "%s: Finished processing beacon data",
4482 + priv->netdev->name);
4484 + match->last_rx = jiffies; /* record last rx of beacon */
4487 + spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
4490 +/* Calculate the link level from a given rx_buffer */
4491 +static void at76_calc_level(struct at76_priv *priv, struct at76_rx_buffer *buf,
4492 + struct iw_quality *qual)
4494 + /* just a guess for now, might be different for other chips */
4495 + int max_rssi = 42;
4497 + qual->level = (buf->rssi * 100 / max_rssi);
4498 + if (qual->level > 100)
4499 + qual->level = 100;
4500 + qual->updated |= IW_QUAL_LEVEL_UPDATED;
4503 +/* Calculate the link quality from a given rx_buffer */
4504 +static void at76_calc_qual(struct at76_priv *priv, struct at76_rx_buffer *buf,
4505 + struct iw_quality *qual)
4507 + if (at76_is_intersil(priv->board_type))
4508 + qual->qual = buf->link_quality;
4510 + unsigned long elapsed;
4512 + /* Update qual at most once a second */
4513 + elapsed = jiffies - priv->beacons_last_qual;
4514 + if (elapsed < 1 * HZ)
4517 + qual->qual = qual->level * priv->beacons_received *
4518 + msecs_to_jiffies(priv->beacon_period) / elapsed;
4520 + priv->beacons_last_qual = jiffies;
4521 + priv->beacons_received = 0;
4523 + qual->qual = (qual->qual > 100) ? 100 : qual->qual;
4524 + qual->updated |= IW_QUAL_QUAL_UPDATED;
4527 +/* Calculate the noise quality from a given rx_buffer */
4528 +static void at76_calc_noise(struct at76_priv *priv, struct at76_rx_buffer *buf,
4529 + struct iw_quality *qual)
4532 + qual->updated |= IW_QUAL_NOISE_INVALID;
4535 +static void at76_update_wstats(struct at76_priv *priv,
4536 + struct at76_rx_buffer *buf)
4538 + struct iw_quality *qual = &priv->wstats.qual;
4540 + if (buf->rssi && priv->mac_state == MAC_CONNECTED) {
4541 + qual->updated = 0;
4542 + at76_calc_level(priv, buf, qual);
4543 + at76_calc_qual(priv, buf, qual);
4544 + at76_calc_noise(priv, buf, qual);
4549 + qual->updated = IW_QUAL_ALL_INVALID;
4553 +static void at76_rx_mgmt(struct at76_priv *priv, struct at76_rx_buffer *buf)
4555 + struct ieee80211_hdr_3addr *mgmt =
4556 + (struct ieee80211_hdr_3addr *)buf->packet;
4557 + u16 framectl = le16_to_cpu(mgmt->frame_ctl);
4559 + /* update wstats */
4560 + if (priv->mac_state != MAC_INIT && priv->mac_state != MAC_SCANNING) {
4561 + /* jal: this is a dirty hack needed by Tim in ad-hoc mode */
4562 + /* Data packets always seem to have a 0 link level, so we
4563 + only read link quality info from management packets.
4564 + Atmel driver actually averages the present, and previous
4565 + values, we just present the raw value at the moment - TJS */
4566 + if (priv->iw_mode == IW_MODE_ADHOC
4567 + || (priv->curr_bss
4568 + && !compare_ether_addr(mgmt->addr3,
4569 + priv->curr_bss->bssid)))
4570 + at76_update_wstats(priv, buf);
4573 + at76_dbg(DBG_RX_MGMT_CONTENT, "%s rx mgmt framectl 0x%x %s",
4574 + priv->netdev->name, framectl,
4575 + hex2str(mgmt, le16_to_cpu(buf->wlength)));
4577 + switch (framectl & IEEE80211_FCTL_STYPE) {
4578 + case IEEE80211_STYPE_BEACON:
4579 + case IEEE80211_STYPE_PROBE_RESP:
4580 + at76_rx_mgmt_beacon(priv, buf);
4583 + case IEEE80211_STYPE_ASSOC_RESP:
4584 + at76_rx_mgmt_assoc(priv, buf);
4587 + case IEEE80211_STYPE_DISASSOC:
4588 + at76_rx_mgmt_disassoc(priv, buf);
4591 + case IEEE80211_STYPE_AUTH:
4592 + at76_rx_mgmt_auth(priv, buf);
4595 + case IEEE80211_STYPE_DEAUTH:
4596 + at76_rx_mgmt_deauth(priv, buf);
4600 + printk(KERN_DEBUG "%s: ignoring frame with framectl 0x%04x\n",
4601 + priv->netdev->name, framectl);
4607 +/* Convert the 802.11 header into an ethernet-style header, make skb
4608 + * ready for consumption by netif_rx() */
4609 +static void at76_ieee80211_to_eth(struct sk_buff *skb, int iw_mode)
4611 + struct ieee80211_hdr_3addr *i802_11_hdr;
4612 + struct ethhdr *eth_hdr_p;
4616 + i802_11_hdr = (struct ieee80211_hdr_3addr *)skb->data;
4618 + /* That would be the ethernet header if the hardware converted
4619 + * the frame for us. Make sure the source and the destination
4620 + * match the 802.11 header. Which hardware does it? */
4621 + eth_hdr_p = (struct ethhdr *)skb_pull(skb, IEEE80211_3ADDR_LEN);
4623 + dest_addr = i802_11_hdr->addr1;
4624 + if (iw_mode == IW_MODE_ADHOC)
4625 + src_addr = i802_11_hdr->addr2;
4627 + src_addr = i802_11_hdr->addr3;
4629 + if (!compare_ether_addr(eth_hdr_p->h_source, src_addr) &&
4630 + !compare_ether_addr(eth_hdr_p->h_dest, dest_addr))
4631 + /* Yes, we already have an ethernet header */
4632 + skb_reset_mac_header(skb);
4636 + /* Need to build an ethernet header */
4637 + if (!memcmp(skb->data, snapsig, sizeof(snapsig))) {
4638 + /* SNAP frame - decapsulate, keep proto */
4639 + skb_push(skb, offsetof(struct ethhdr, h_proto) -
4640 + sizeof(rfc1042sig));
4643 + /* 802.3 frame, proto is length */
4645 + skb_push(skb, ETH_HLEN);
4648 + skb_reset_mac_header(skb);
4649 + eth_hdr_p = eth_hdr(skb);
4650 + /* This needs to be done in this order (eth_hdr_p->h_dest may
4651 + * overlap src_addr) */
4652 + memcpy(eth_hdr_p->h_source, src_addr, ETH_ALEN);
4653 + memcpy(eth_hdr_p->h_dest, dest_addr, ETH_ALEN);
4655 + eth_hdr_p->h_proto = htons(len);
4658 + skb->protocol = eth_type_trans(skb, skb->dev);
4661 +/* Check for fragmented data in priv->rx_skb. If the packet was no fragment
4662 + or it was the last of a fragment set a skb containing the whole packet
4663 + is returned for further processing. Otherwise we get NULL and are
4664 + done and the packet is either stored inside the fragment buffer
4665 + or thrown away. Every returned skb starts with the ieee802_11 header
4666 + and contains _no_ FCS at the end */
4667 +static struct sk_buff *at76_check_for_rx_frags(struct at76_priv *priv)
4669 + struct sk_buff *skb = priv->rx_skb;
4670 + struct at76_rx_buffer *buf = (struct at76_rx_buffer *)skb->data;
4671 + struct ieee80211_hdr_3addr *i802_11_hdr =
4672 + (struct ieee80211_hdr_3addr *)buf->packet;
4673 + /* seq_ctrl, fragment_number, sequence number of new packet */
4674 + u16 sctl = le16_to_cpu(i802_11_hdr->seq_ctl);
4675 + u16 fragnr = sctl & 0xf;
4676 + u16 seqnr = sctl >> 4;
4677 + u16 frame_ctl = le16_to_cpu(i802_11_hdr->frame_ctl);
4679 + /* Length including the IEEE802.11 header, but without the trailing
4680 + * FCS and without the Atmel Rx header */
4681 + int length = le16_to_cpu(buf->wlength) - IEEE80211_FCS_LEN;
4683 + /* where does the data payload start in skb->data ? */
4684 + u8 *data = i802_11_hdr->payload;
4686 + /* length of payload, excl. the trailing FCS */
4687 + int data_len = length - IEEE80211_3ADDR_LEN;
4690 + struct rx_data_buf *bptr, *optr;
4691 + unsigned long oldest = ~0UL;
4693 + at76_dbg(DBG_RX_FRAGS,
4694 + "%s: rx data frame_ctl %04x addr2 %s seq/frag %d/%d "
4695 + "length %d data %d: %s ...", priv->netdev->name, frame_ctl,
4696 + mac2str(i802_11_hdr->addr2), seqnr, fragnr, length, data_len,
4697 + hex2str(data, 32));
4699 + at76_dbg(DBG_RX_FRAGS_SKB, "%s: incoming skb: head %p data %p "
4700 + "tail %p end %p len %d", priv->netdev->name, skb->head,
4701 + skb->data, skb_tail_pointer(skb), skb_end_pointer(skb),
4704 + if (data_len < 0) {
4705 + /* make sure data starts in the buffer */
4706 + printk(KERN_INFO "%s: data frame too short\n",
4707 + priv->netdev->name);
4711 + WARN_ON(length <= AT76_RX_HDRLEN);
4712 + if (length <= AT76_RX_HDRLEN)
4715 + /* remove the at76_rx_buffer header - we don't need it anymore */
4716 + /* we need the IEEE802.11 header (for the addresses) if this packet
4717 + is the first of a chain */
4718 + skb_pull(skb, AT76_RX_HDRLEN);
4720 + /* remove FCS at end */
4721 + skb_trim(skb, length);
4723 + at76_dbg(DBG_RX_FRAGS_SKB, "%s: trimmed skb: head %p data %p tail %p "
4724 + "end %p len %d data %p data_len %d", priv->netdev->name,
4725 + skb->head, skb->data, skb_tail_pointer(skb),
4726 + skb_end_pointer(skb), skb->len, data, data_len);
4728 + if (fragnr == 0 && !(frame_ctl & IEEE80211_FCTL_MOREFRAGS)) {
4729 + /* unfragmented packet received */
4730 + /* Use a new skb for the next receive */
4731 + priv->rx_skb = NULL;
4732 + at76_dbg(DBG_RX_FRAGS, "%s: unfragmented", priv->netdev->name);
4736 + /* look if we've got a chain for the sender address.
4737 + afterwards optr points to first free or the oldest entry,
4738 + or, if i < NR_RX_DATA_BUF, bptr points to the entry for the
4740 + /* determining the oldest entry doesn't cope with jiffies wrapping
4741 + but I don't care to delete a young entry at these rare moments ... */
4743 + bptr = priv->rx_data;
4745 + for (i = 0; i < NR_RX_DATA_BUF; i++, bptr++) {
4752 + if (!compare_ether_addr(i802_11_hdr->addr2, bptr->sender))
4757 + oldest = bptr->last_rx;
4758 + } else if (bptr->last_rx < oldest)
4762 + if (i < NR_RX_DATA_BUF) {
4764 + at76_dbg(DBG_RX_FRAGS, "%s: %d. cacheentry (seq/frag = %d/%d) "
4765 + "matched sender addr",
4766 + priv->netdev->name, i, bptr->seqnr, bptr->fragnr);
4768 + /* bptr points to an entry for the sender address */
4769 + if (bptr->seqnr == seqnr) {
4771 + /* the fragment has the current sequence number */
4772 + if (((bptr->fragnr + 1) & 0xf) != fragnr) {
4773 + /* wrong fragment number -> ignore it */
4774 + /* is & 0xf necessary above ??? */
4775 + at76_dbg(DBG_RX_FRAGS,
4776 + "%s: frag nr mismatch: %d + 1 != %d",
4777 + priv->netdev->name, bptr->fragnr,
4781 + bptr->last_rx = jiffies;
4782 + /* the next following fragment number ->
4783 + add the data at the end */
4785 + /* for test only ??? */
4786 + left = skb_tailroom(bptr->skb);
4787 + if (left < data_len)
4789 + "%s: only %d byte free (need %d)\n",
4790 + priv->netdev->name, left, data_len);
4792 + memcpy(skb_put(bptr->skb, data_len), data,
4795 + bptr->fragnr = fragnr;
4796 + if (frame_ctl & IEEE80211_FCTL_MOREFRAGS)
4799 + /* this was the last fragment - send it */
4801 + bptr->skb = NULL; /* free the entry */
4802 + at76_dbg(DBG_RX_FRAGS, "%s: last frag of seq %d",
4803 + priv->netdev->name, seqnr);
4807 + /* got another sequence number */
4808 + if (fragnr == 0) {
4809 + /* it's the start of a new chain - replace the
4810 + old one by this */
4811 + /* bptr->sender has the correct value already */
4812 + at76_dbg(DBG_RX_FRAGS,
4813 + "%s: start of new seq %d, removing old seq %d",
4814 + priv->netdev->name, seqnr, bptr->seqnr);
4815 + bptr->seqnr = seqnr;
4817 + bptr->last_rx = jiffies;
4818 + /* swap bptr->skb and priv->rx_skb */
4820 + bptr->skb = priv->rx_skb;
4821 + priv->rx_skb = skb;
4823 + /* it from the middle of a new chain ->
4824 + delete the old entry and skip the new one */
4825 + at76_dbg(DBG_RX_FRAGS,
4826 + "%s: middle of new seq %d (%d) "
4827 + "removing old seq %d",
4828 + priv->netdev->name, seqnr, fragnr,
4830 + dev_kfree_skb(bptr->skb);
4836 + /* if we didn't find a chain for the sender address, optr
4837 + points either to the first free or the oldest entry */
4839 + if (fragnr != 0) {
4840 + /* this is not the begin of a fragment chain ... */
4841 + at76_dbg(DBG_RX_FRAGS,
4842 + "%s: no chain for non-first fragment (%d)",
4843 + priv->netdev->name, fragnr);
4849 + /* swap the skb's */
4851 + optr->skb = priv->rx_skb;
4852 + priv->rx_skb = skb;
4854 + at76_dbg(DBG_RX_FRAGS,
4855 + "%s: free old contents: sender %s seq/frag %d/%d",
4856 + priv->netdev->name, mac2str(optr->sender),
4857 + optr->seqnr, optr->fragnr);
4860 + /* take the skb from priv->rx_skb */
4861 + optr->skb = priv->rx_skb;
4862 + /* let at76_submit_rx_urb() allocate a new skb */
4863 + priv->rx_skb = NULL;
4865 + at76_dbg(DBG_RX_FRAGS, "%s: use a free entry",
4866 + priv->netdev->name);
4868 + memcpy(optr->sender, i802_11_hdr->addr2, ETH_ALEN);
4869 + optr->seqnr = seqnr;
4871 + optr->last_rx = jiffies;
4876 +/* Rx interrupt: we expect the complete data buffer in priv->rx_skb */
4877 +static void at76_rx_data(struct at76_priv *priv)
4879 + struct net_device *netdev = priv->netdev;
4880 + struct net_device_stats *stats = &priv->stats;
4881 + struct sk_buff *skb = priv->rx_skb;
4882 + struct at76_rx_buffer *buf = (struct at76_rx_buffer *)skb->data;
4883 + struct ieee80211_hdr_3addr *i802_11_hdr;
4884 + int length = le16_to_cpu(buf->wlength);
4886 + at76_dbg(DBG_RX_DATA, "%s received data packet: %s", netdev->name,
4887 + hex2str(skb->data, AT76_RX_HDRLEN));
4889 + at76_dbg(DBG_RX_DATA_CONTENT, "rx packet: %s",
4890 + hex2str(skb->data + AT76_RX_HDRLEN, length));
4892 + skb = at76_check_for_rx_frags(priv);
4896 + /* Atmel header and the FCS are already removed */
4897 + i802_11_hdr = (struct ieee80211_hdr_3addr *)skb->data;
4899 + skb->dev = netdev;
4900 + skb->ip_summed = CHECKSUM_NONE; /* TODO: should check CRC */
4902 + if (is_broadcast_ether_addr(i802_11_hdr->addr1)) {
4903 + if (!compare_ether_addr(i802_11_hdr->addr1, netdev->broadcast))
4904 + skb->pkt_type = PACKET_BROADCAST;
4906 + skb->pkt_type = PACKET_MULTICAST;
4907 + } else if (compare_ether_addr(i802_11_hdr->addr1, netdev->dev_addr))
4908 + skb->pkt_type = PACKET_OTHERHOST;
4910 + at76_ieee80211_to_eth(skb, priv->iw_mode);
4912 + netdev->last_rx = jiffies;
4914 + stats->rx_packets++;
4915 + stats->rx_bytes += length;
4920 +static void at76_rx_monitor_mode(struct at76_priv *priv)
4922 + struct at76_rx_radiotap *rt;
4925 + struct net_device *netdev = priv->netdev;
4926 + struct at76_rx_buffer *buf =
4927 + (struct at76_rx_buffer *)priv->rx_skb->data;
4928 + /* length including the IEEE802.11 header and the trailing FCS,
4929 + but not at76_rx_buffer */
4930 + int length = le16_to_cpu(buf->wlength);
4931 + struct sk_buff *skb = priv->rx_skb;
4932 + struct net_device_stats *stats = &priv->stats;
4934 + if (length < IEEE80211_FCS_LEN) {
4935 + /* buffer contains no data */
4936 + at76_dbg(DBG_MONITOR_MODE,
4937 + "%s: MONITOR MODE: rx skb without data",
4938 + priv->netdev->name);
4942 + skblen = sizeof(struct at76_rx_radiotap) + length;
4944 + skb = dev_alloc_skb(skblen);
4946 + printk(KERN_ERR "%s: MONITOR MODE: dev_alloc_skb for radiotap "
4947 + "header returned NULL\n", priv->netdev->name);
4951 + skb_put(skb, skblen);
4953 + rt = (struct at76_rx_radiotap *)skb->data;
4954 + payload = skb->data + sizeof(struct at76_rx_radiotap);
4956 + rt->rt_hdr.it_version = 0;
4957 + rt->rt_hdr.it_pad = 0;
4958 + rt->rt_hdr.it_len = cpu_to_le16(sizeof(struct at76_rx_radiotap));
4959 + rt->rt_hdr.it_present = cpu_to_le32(AT76_RX_RADIOTAP_PRESENT);
4961 + rt->rt_tsft = cpu_to_le64(le32_to_cpu(buf->rx_time));
4962 + rt->rt_rate = hw_rates[buf->rx_rate] & (~0x80);
4963 + rt->rt_signal = buf->rssi;
4964 + rt->rt_noise = buf->noise_level;
4965 + rt->rt_flags = IEEE80211_RADIOTAP_F_FCS;
4966 + if (buf->fragmentation)
4967 + rt->rt_flags |= IEEE80211_RADIOTAP_F_FRAG;
4969 + memcpy(payload, buf->packet, length);
4970 + skb->dev = netdev;
4971 + skb->ip_summed = CHECKSUM_NONE;
4972 + skb_reset_mac_header(skb);
4973 + skb->pkt_type = PACKET_OTHERHOST;
4974 + skb->protocol = htons(ETH_P_802_2);
4976 + netdev->last_rx = jiffies;
4978 + stats->rx_packets++;
4979 + stats->rx_bytes += length;
4982 +/* Check if we spy on the sender address in buf and update stats */
4983 +static void at76_iwspy_update(struct at76_priv *priv,
4984 + struct at76_rx_buffer *buf)
4986 + struct ieee80211_hdr_3addr *hdr =
4987 + (struct ieee80211_hdr_3addr *)buf->packet;
4988 + struct iw_quality qual;
4990 + /* We can only set the level here */
4991 + qual.updated = IW_QUAL_QUAL_INVALID | IW_QUAL_NOISE_INVALID;
4994 + at76_calc_level(priv, buf, &qual);
4996 + spin_lock_bh(&priv->spy_spinlock);
4998 + if (priv->spy_data.spy_number > 0)
4999 + wireless_spy_update(priv->netdev, hdr->addr2, &qual);
5001 + spin_unlock_bh(&priv->spy_spinlock);
5004 +static void at76_rx_tasklet(unsigned long param)
5006 + struct urb *urb = (struct urb *)param;
5007 + struct at76_priv *priv = urb->context;
5008 + struct net_device *netdev = priv->netdev;
5009 + struct at76_rx_buffer *buf;
5010 + struct ieee80211_hdr_3addr *i802_11_hdr;
5013 + if (priv->device_unplugged) {
5014 + at76_dbg(DBG_DEVSTART, "device unplugged");
5016 + at76_dbg(DBG_DEVSTART, "urb status %d", urb->status);
5020 + if (!priv->rx_skb || !netdev || !priv->rx_skb->data)
5023 + buf = (struct at76_rx_buffer *)priv->rx_skb->data;
5025 + i802_11_hdr = (struct ieee80211_hdr_3addr *)buf->packet;
5027 + frame_ctl = le16_to_cpu(i802_11_hdr->frame_ctl);
5029 + if (urb->status != 0) {
5030 + if (urb->status != -ENOENT && urb->status != -ECONNRESET)
5032 + "%s %s: - nonzero Rx bulk status received: %d",
5033 + __func__, netdev->name, urb->status);
5037 + at76_dbg(DBG_RX_ATMEL_HDR,
5038 + "%s: rx frame: rate %d rssi %d noise %d link %d %s",
5039 + priv->netdev->name, buf->rx_rate, buf->rssi, buf->noise_level,
5040 + buf->link_quality, hex2str(i802_11_hdr, 48));
5041 + if (priv->iw_mode == IW_MODE_MONITOR) {
5042 + at76_rx_monitor_mode(priv);
5046 + /* there is a new bssid around, accept it: */
5047 + if (buf->newbss && priv->iw_mode == IW_MODE_ADHOC) {
5048 + at76_dbg(DBG_PROGRESS, "%s: rx newbss", netdev->name);
5049 + schedule_work(&priv->work_new_bss);
5052 + switch (frame_ctl & IEEE80211_FCTL_FTYPE) {
5053 + case IEEE80211_FTYPE_DATA:
5054 + at76_rx_data(priv);
5057 + case IEEE80211_FTYPE_MGMT:
5058 + /* jal: TODO: find out if we can update iwspy also on
5059 + other frames than management (might depend on the
5060 + radio chip / firmware version !) */
5062 + at76_iwspy_update(priv, buf);
5064 + at76_rx_mgmt(priv, buf);
5067 + case IEEE80211_FTYPE_CTL:
5068 + at76_dbg(DBG_RX_CTRL, "%s: ignored ctrl frame: %04x",
5069 + priv->netdev->name, frame_ctl);
5073 + printk(KERN_DEBUG "%s: ignoring frame with framectl 0x%04x\n",
5074 + priv->netdev->name, frame_ctl);
5077 + at76_submit_rx_urb(priv);
5080 +/* Load firmware into kernel memory and parse it */
5081 +static struct fwentry *at76_load_firmware(struct usb_device *udev,
5082 + enum board_type board_type)
5086 + struct at76_fw_header *fwh;
5087 + struct fwentry *fwe = &firmwares[board_type];
5089 + mutex_lock(&fw_mutex);
5091 + if (fwe->loaded) {
5092 + at76_dbg(DBG_FW, "re-using previously loaded fw");
5096 + at76_dbg(DBG_FW, "downloading firmware %s", fwe->fwname);
5097 + ret = request_firmware(&fwe->fw, fwe->fwname, &udev->dev);
5099 + dev_printk(KERN_ERR, &udev->dev, "firmware %s not found!\n",
5101 + dev_printk(KERN_ERR, &udev->dev,
5102 + "you may need to download the firmware from "
5103 + "http://developer.berlios.de/projects/at76c503a/");
5107 + at76_dbg(DBG_FW, "got it.");
5108 + fwh = (struct at76_fw_header *)(fwe->fw->data);
5110 + if (fwe->fw->size <= sizeof(*fwh)) {
5111 + dev_printk(KERN_ERR, &udev->dev,
5112 + "firmware is too short (0x%zx)\n", fwe->fw->size);
5116 + /* CRC currently not checked */
5117 + fwe->board_type = le32_to_cpu(fwh->board_type);
5118 + if (fwe->board_type != board_type) {
5119 + dev_printk(KERN_ERR, &udev->dev,
5120 + "board type mismatch, requested %u, got %u\n",
5121 + board_type, fwe->board_type);
5125 + fwe->fw_version.major = fwh->major;
5126 + fwe->fw_version.minor = fwh->minor;
5127 + fwe->fw_version.patch = fwh->patch;
5128 + fwe->fw_version.build = fwh->build;
5130 + str = (char *)fwh + le32_to_cpu(fwh->str_offset);
5131 + fwe->intfw = (u8 *)fwh + le32_to_cpu(fwh->int_fw_offset);
5132 + fwe->intfw_size = le32_to_cpu(fwh->int_fw_len);
5133 + fwe->extfw = (u8 *)fwh + le32_to_cpu(fwh->ext_fw_offset);
5134 + fwe->extfw_size = le32_to_cpu(fwh->ext_fw_len);
5138 + dev_printk(KERN_DEBUG, &udev->dev,
5139 + "using firmware %s (version %d.%d.%d-%d)\n",
5140 + fwe->fwname, fwh->major, fwh->minor, fwh->patch, fwh->build);
5142 + at76_dbg(DBG_DEVSTART, "board %u, int %d:%d, ext %d:%d", board_type,
5143 + le32_to_cpu(fwh->int_fw_offset), le32_to_cpu(fwh->int_fw_len),
5144 + le32_to_cpu(fwh->ext_fw_offset), le32_to_cpu(fwh->ext_fw_len));
5145 + at76_dbg(DBG_DEVSTART, "firmware id %s", str);
5148 + mutex_unlock(&fw_mutex);
5156 +/* Allocate network device and initialize private data */
5157 +static struct at76_priv *at76_alloc_new_device(struct usb_device *udev)
5159 + struct net_device *netdev;
5160 + struct at76_priv *priv;
5163 + /* allocate memory for our device state and initialize it */
5164 + netdev = alloc_etherdev(sizeof(struct at76_priv));
5166 + dev_printk(KERN_ERR, &udev->dev, "out of memory\n");
5170 + priv = netdev_priv(netdev);
5172 + priv->udev = udev;
5173 + priv->netdev = netdev;
5175 + mutex_init(&priv->mtx);
5176 + INIT_WORK(&priv->work_assoc_done, at76_work_assoc_done);
5177 + INIT_WORK(&priv->work_join, at76_work_join);
5178 + INIT_WORK(&priv->work_new_bss, at76_work_new_bss);
5179 + INIT_WORK(&priv->work_start_scan, at76_work_start_scan);
5180 + INIT_WORK(&priv->work_set_promisc, at76_work_set_promisc);
5181 + INIT_WORK(&priv->work_submit_rx, at76_work_submit_rx);
5182 + INIT_DELAYED_WORK(&priv->dwork_restart, at76_dwork_restart);
5183 + INIT_DELAYED_WORK(&priv->dwork_get_scan, at76_dwork_get_scan);
5184 + INIT_DELAYED_WORK(&priv->dwork_beacon, at76_dwork_beacon);
5185 + INIT_DELAYED_WORK(&priv->dwork_auth, at76_dwork_auth);
5186 + INIT_DELAYED_WORK(&priv->dwork_assoc, at76_dwork_assoc);
5188 + spin_lock_init(&priv->mgmt_spinlock);
5189 + priv->next_mgmt_bulk = NULL;
5190 + priv->mac_state = MAC_INIT;
5192 + /* initialize empty BSS list */
5193 + priv->curr_bss = NULL;
5194 + INIT_LIST_HEAD(&priv->bss_list);
5195 + spin_lock_init(&priv->bss_list_spinlock);
5197 + init_timer(&priv->bss_list_timer);
5198 + priv->bss_list_timer.data = (unsigned long)priv;
5199 + priv->bss_list_timer.function = at76_bss_list_timeout;
5201 + spin_lock_init(&priv->spy_spinlock);
5203 + /* mark all rx data entries as unused */
5204 + for (i = 0; i < NR_RX_DATA_BUF; i++)
5205 + priv->rx_data[i].skb = NULL;
5207 + priv->rx_tasklet.func = at76_rx_tasklet;
5208 + priv->rx_tasklet.data = 0;
5210 + priv->pm_mode = AT76_PM_OFF;
5211 + priv->pm_period = 0;
5216 +static int at76_alloc_urbs(struct at76_priv *priv,
5217 + struct usb_interface *interface)
5219 + struct usb_endpoint_descriptor *endpoint, *ep_in, *ep_out;
5222 + struct usb_host_interface *iface_desc;
5224 + at76_dbg(DBG_PROC_ENTRY, "%s: ENTER", __func__);
5226 + at76_dbg(DBG_URB, "%s: NumEndpoints %d ", __func__,
5227 + interface->altsetting[0].desc.bNumEndpoints);
5231 + iface_desc = interface->cur_altsetting;
5232 + for (i = 0; i < iface_desc->desc.bNumEndpoints; i++) {
5233 + endpoint = &iface_desc->endpoint[i].desc;
5235 + at76_dbg(DBG_URB, "%s: %d. endpoint: addr 0x%x attr 0x%x",
5236 + __func__, i, endpoint->bEndpointAddress,
5237 + endpoint->bmAttributes);
5239 + if (!ep_in && usb_endpoint_is_bulk_in(endpoint))
5242 + if (!ep_out && usb_endpoint_is_bulk_out(endpoint))
5243 + ep_out = endpoint;
5246 + if (!ep_in || !ep_out) {
5247 + dev_printk(KERN_ERR, &interface->dev,
5248 + "bulk endpoints missing\n");
5252 + priv->rx_pipe = usb_rcvbulkpipe(priv->udev, ep_in->bEndpointAddress);
5253 + priv->tx_pipe = usb_sndbulkpipe(priv->udev, ep_out->bEndpointAddress);
5255 + priv->rx_urb = usb_alloc_urb(0, GFP_KERNEL);
5256 + priv->tx_urb = usb_alloc_urb(0, GFP_KERNEL);
5257 + if (!priv->rx_urb || !priv->tx_urb) {
5258 + dev_printk(KERN_ERR, &interface->dev, "cannot allocate URB\n");
5262 + buffer_size = sizeof(struct at76_tx_buffer) + MAX_PADDING_SIZE;
5263 + priv->bulk_out_buffer = kmalloc(buffer_size, GFP_KERNEL);
5264 + if (!priv->bulk_out_buffer) {
5265 + dev_printk(KERN_ERR, &interface->dev,
5266 + "cannot allocate output buffer\n");
5270 + at76_dbg(DBG_PROC_ENTRY, "%s: EXIT", __func__);
5275 +/* Register network device and initialize the hardware */
5276 +static int at76_init_new_device(struct at76_priv *priv,
5277 + struct usb_interface *interface)
5279 + struct net_device *netdev = priv->netdev;
5282 + /* set up the endpoint information */
5283 + /* check out the endpoints */
5285 + at76_dbg(DBG_DEVSTART, "USB interface: %d endpoints",
5286 + interface->cur_altsetting->desc.bNumEndpoints);
5288 + ret = at76_alloc_urbs(priv, interface);
5293 + ret = at76_get_hw_config(priv);
5295 + dev_printk(KERN_ERR, &interface->dev,
5296 + "cannot get MAC address\n");
5300 + priv->domain = at76_get_reg_domain(priv->regulatory_domain);
5301 + /* init. netdev->dev_addr */
5302 + memcpy(netdev->dev_addr, priv->mac_addr, ETH_ALEN);
5304 + priv->channel = DEF_CHANNEL;
5305 + priv->iw_mode = IW_MODE_INFRA;
5306 + priv->rts_threshold = DEF_RTS_THRESHOLD;
5307 + priv->frag_threshold = DEF_FRAG_THRESHOLD;
5308 + priv->short_retry_limit = DEF_SHORT_RETRY_LIMIT;
5309 + priv->txrate = TX_RATE_AUTO;
5310 + priv->preamble_type = PREAMBLE_TYPE_LONG;
5311 + priv->beacon_period = 100;
5312 + priv->beacons_last_qual = jiffies;
5313 + priv->auth_mode = WLAN_AUTH_OPEN;
5314 + priv->scan_min_time = DEF_SCAN_MIN_TIME;
5315 + priv->scan_max_time = DEF_SCAN_MAX_TIME;
5316 + priv->scan_mode = SCAN_TYPE_ACTIVE;
5318 + netdev->flags &= ~IFF_MULTICAST; /* not yet or never */
5319 + netdev->open = at76_open;
5320 + netdev->stop = at76_stop;
5321 + netdev->get_stats = at76_get_stats;
5322 + netdev->ethtool_ops = &at76_ethtool_ops;
5324 + /* Add pointers to enable iwspy support. */
5325 + priv->wireless_data.spy_data = &priv->spy_data;
5326 + netdev->wireless_data = &priv->wireless_data;
5328 + netdev->hard_start_xmit = at76_tx;
5329 + netdev->tx_timeout = at76_tx_timeout;
5330 + netdev->watchdog_timeo = 2 * HZ;
5331 + netdev->wireless_handlers = &at76_handler_def;
5332 + netdev->set_multicast_list = at76_set_multicast;
5333 + netdev->set_mac_address = at76_set_mac_address;
5334 + dev_alloc_name(netdev, "wlan%d");
5336 + ret = register_netdev(priv->netdev);
5338 + dev_printk(KERN_ERR, &interface->dev,
5339 + "cannot register netdevice (status %d)!\n", ret);
5342 + priv->netdev_registered = 1;
5344 + printk(KERN_INFO "%s: USB %s, MAC %s, firmware %d.%d.%d-%d\n",
5345 + netdev->name, interface->dev.bus_id, mac2str(priv->mac_addr),
5346 + priv->fw_version.major, priv->fw_version.minor,
5347 + priv->fw_version.patch, priv->fw_version.build);
5348 + printk(KERN_INFO "%s: regulatory domain 0x%02x: %s\n", netdev->name,
5349 + priv->regulatory_domain, priv->domain->name);
5351 + /* we let this timer run the whole time this driver instance lives */
5352 + mod_timer(&priv->bss_list_timer, jiffies + BSS_LIST_TIMEOUT);
5358 +static void at76_delete_device(struct at76_priv *priv)
5362 + at76_dbg(DBG_PROC_ENTRY, "%s: ENTER", __func__);
5364 + /* The device is gone, don't bother turning it off */
5365 + priv->device_unplugged = 1;
5367 + if (priv->netdev_registered)
5368 + unregister_netdev(priv->netdev);
5370 + /* assuming we used keventd, it must quiesce too */
5371 + flush_scheduled_work();
5373 + kfree(priv->bulk_out_buffer);
5375 + if (priv->tx_urb) {
5376 + usb_kill_urb(priv->tx_urb);
5377 + usb_free_urb(priv->tx_urb);
5379 + if (priv->rx_urb) {
5380 + usb_kill_urb(priv->rx_urb);
5381 + usb_free_urb(priv->rx_urb);
5384 + at76_dbg(DBG_PROC_ENTRY, "%s: unlinked urbs", __func__);
5387 + kfree_skb(priv->rx_skb);
5389 + at76_free_bss_list(priv);
5390 + del_timer_sync(&priv->bss_list_timer);
5391 + cancel_delayed_work(&priv->dwork_get_scan);
5392 + cancel_delayed_work(&priv->dwork_beacon);
5393 + cancel_delayed_work(&priv->dwork_auth);
5394 + cancel_delayed_work(&priv->dwork_assoc);
5396 + if (priv->mac_state == MAC_CONNECTED)
5397 + at76_iwevent_bss_disconnect(priv->netdev);
5399 + for (i = 0; i < NR_RX_DATA_BUF; i++)
5400 + if (priv->rx_data[i].skb) {
5401 + dev_kfree_skb(priv->rx_data[i].skb);
5402 + priv->rx_data[i].skb = NULL;
5404 + usb_put_dev(priv->udev);
5406 + at76_dbg(DBG_PROC_ENTRY, "%s: before freeing priv/netdev", __func__);
5407 + free_netdev(priv->netdev); /* priv is in netdev */
5409 + at76_dbg(DBG_PROC_ENTRY, "%s: EXIT", __func__);
5412 +static int at76_probe(struct usb_interface *interface,
5413 + const struct usb_device_id *id)
5416 + struct at76_priv *priv;
5417 + struct fwentry *fwe;
5418 + struct usb_device *udev;
5420 + int need_ext_fw = 0;
5421 + struct mib_fw_version fwv;
5422 + int board_type = (int)id->driver_info;
5424 + udev = usb_get_dev(interface_to_usbdev(interface));
5426 + /* Load firmware into kernel memory */
5427 + fwe = at76_load_firmware(udev, board_type);
5433 + op_mode = at76_get_op_mode(udev);
5435 + at76_dbg(DBG_DEVSTART, "opmode %d", op_mode);
5437 + /* we get OPMODE_NONE with 2.4.23, SMC2662W-AR ???
5438 + we get 204 with 2.4.23, Fiberline FL-WL240u (505A+RFMD2958) ??? */
5440 + if (op_mode == OPMODE_HW_CONFIG_MODE) {
5441 + dev_printk(KERN_ERR, &interface->dev,
5442 + "cannot handle a device in HW_CONFIG_MODE\n");
5447 + if (op_mode != OPMODE_NORMAL_NIC_WITH_FLASH
5448 + && op_mode != OPMODE_NORMAL_NIC_WITHOUT_FLASH) {
5449 + /* download internal firmware part */
5450 + dev_printk(KERN_DEBUG, &interface->dev,
5451 + "downloading internal firmware\n");
5452 + ret = at76_load_internal_fw(udev, fwe);
5454 + dev_printk(KERN_ERR, &interface->dev,
5455 + "error %d downloading internal firmware\n",
5459 + usb_put_dev(udev);
5463 + /* Internal firmware already inside the device. Get firmware
5464 + * version to test if external firmware is loaded.
5465 + * This works only for newer firmware, e.g. the Intersil 0.90.x
5466 + * says "control timeout on ep0in" and subsequent
5467 + * at76_get_op_mode() fail too :-( */
5469 + /* if version >= 0.100.x.y or device with built-in flash we can
5470 + * query the device for the fw version */
5471 + if ((fwe->fw_version.major > 0 || fwe->fw_version.minor >= 100)
5472 + || (op_mode == OPMODE_NORMAL_NIC_WITH_FLASH)) {
5473 + ret = at76_get_mib(udev, MIB_FW_VERSION, &fwv, sizeof(fwv));
5474 + if (ret < 0 || (fwv.major | fwv.minor) == 0)
5477 + /* No way to check firmware version, reload to be sure */
5480 + if (need_ext_fw) {
5481 + dev_printk(KERN_DEBUG, &interface->dev,
5482 + "downloading external firmware\n");
5484 + ret = at76_load_external_fw(udev, fwe);
5488 + /* Re-check firmware version */
5489 + ret = at76_get_mib(udev, MIB_FW_VERSION, &fwv, sizeof(fwv));
5491 + dev_printk(KERN_ERR, &interface->dev,
5492 + "error %d getting firmware version\n", ret);
5497 + priv = at76_alloc_new_device(udev);
5503 + SET_NETDEV_DEV(priv->netdev, &interface->dev);
5504 + usb_set_intfdata(interface, priv);
5506 + memcpy(&priv->fw_version, &fwv, sizeof(struct mib_fw_version));
5507 + priv->board_type = board_type;
5509 + ret = at76_init_new_device(priv, interface);
5511 + at76_delete_device(priv);
5516 + usb_put_dev(udev);
5520 +static void at76_disconnect(struct usb_interface *interface)
5522 + struct at76_priv *priv;
5524 + priv = usb_get_intfdata(interface);
5525 + usb_set_intfdata(interface, NULL);
5527 + /* Disconnect after loading internal firmware */
5531 + printk(KERN_INFO "%s: disconnecting\n", priv->netdev->name);
5532 + at76_delete_device(priv);
5533 + dev_printk(KERN_INFO, &interface->dev, "disconnected\n");
5536 +/* Structure for registering this driver with the USB subsystem */
5537 +static struct usb_driver at76_driver = {
5538 + .name = DRIVER_NAME,
5539 + .probe = at76_probe,
5540 + .disconnect = at76_disconnect,
5541 + .id_table = dev_table,
5544 +static int __init at76_mod_init(void)
5548 + printk(KERN_INFO DRIVER_DESC " " DRIVER_VERSION " loading\n");
5550 + mutex_init(&fw_mutex);
5552 + /* register this driver with the USB subsystem */
5553 + result = usb_register(&at76_driver);
5555 + printk(KERN_ERR DRIVER_NAME
5556 + ": usb_register failed (status %d)\n", result);
5558 + led_trigger_register_simple("at76_usb-tx", &ledtrig_tx);
5562 +static void __exit at76_mod_exit(void)
5566 + printk(KERN_INFO DRIVER_DESC " " DRIVER_VERSION " unloading\n");
5567 + usb_deregister(&at76_driver);
5568 + for (i = 0; i < ARRAY_SIZE(firmwares); i++) {
5569 + if (firmwares[i].fw)
5570 + release_firmware(firmwares[i].fw);
5572 + led_trigger_unregister_simple(ledtrig_tx);
5575 +module_param_named(debug, at76_debug, int, 0600);
5576 +MODULE_PARM_DESC(debug, "Debugging level");
5578 +module_init(at76_mod_init);
5579 +module_exit(at76_mod_exit);
5581 +MODULE_AUTHOR("Oliver Kurth <oku@masqmail.cx>");
5582 +MODULE_AUTHOR("Joerg Albert <joerg.albert@gmx.de>");
5583 +MODULE_AUTHOR("Alex <alex@foogod.com>");
5584 +MODULE_AUTHOR("Nick Jones");
5585 +MODULE_AUTHOR("Balint Seeber <n0_5p4m_p13453@hotmail.com>");
5586 +MODULE_AUTHOR("Pavel Roskin <proski@gnu.org>");
5587 +MODULE_DESCRIPTION(DRIVER_DESC);
5588 +MODULE_LICENSE("GPL");
5590 +++ b/drivers/staging/at76_usb/at76_usb.h
5593 + * Copyright (c) 2002,2003 Oliver Kurth
5594 + * (c) 2003,2004 Joerg Albert <joerg.albert@gmx.de>
5595 + * (c) 2007 Guido Guenther <agx@sigxcpu.org>
5597 + * This program is free software; you can redistribute it and/or
5598 + * modify it under the terms of the GNU General Public License as
5599 + * published by the Free Software Foundation; either version 2 of
5600 + * the License, or (at your option) any later version.
5602 + * This driver was based on information from the Sourceforge driver
5603 + * released and maintained by Atmel:
5605 + * http://sourceforge.net/projects/atmelwlandriver/
5607 + * Although the code was completely re-written,
5608 + * it would have been impossible without Atmel's decision to
5609 + * release an Open Source driver (unfortunately the firmware was
5610 + * kept binary only). Thanks for that decision to Atmel!
5613 +#ifndef _AT76_USB_H
5614 +#define _AT76_USB_H
5618 + BOARD_503_ISL3861 = 1,
5619 + BOARD_503_ISL3863 = 2,
5621 + BOARD_503_ACC = 4,
5623 + BOARD_505_2958 = 6,
5628 +/* our private ioctl's */
5629 +/* preamble length (0 - long, 1 - short, 2 - auto) */
5630 +#define AT76_SET_SHORT_PREAMBLE (SIOCIWFIRSTPRIV + 0)
5631 +#define AT76_GET_SHORT_PREAMBLE (SIOCIWFIRSTPRIV + 1)
5632 +/* which debug channels are enabled */
5633 +#define AT76_SET_DEBUG (SIOCIWFIRSTPRIV + 2)
5634 +#define AT76_GET_DEBUG (SIOCIWFIRSTPRIV + 3)
5635 +/* power save mode (incl. the Atmel proprietary smart save mode) */
5636 +#define AT76_SET_POWERSAVE_MODE (SIOCIWFIRSTPRIV + 4)
5637 +#define AT76_GET_POWERSAVE_MODE (SIOCIWFIRSTPRIV + 5)
5638 +/* min and max channel times for scan */
5639 +#define AT76_SET_SCAN_TIMES (SIOCIWFIRSTPRIV + 6)
5640 +#define AT76_GET_SCAN_TIMES (SIOCIWFIRSTPRIV + 7)
5641 +/* scan mode (0 - active, 1 - passive) */
5642 +#define AT76_SET_SCAN_MODE (SIOCIWFIRSTPRIV + 8)
5643 +#define AT76_GET_SCAN_MODE (SIOCIWFIRSTPRIV + 9)
5645 +#define CMD_STATUS_IDLE 0x00
5646 +#define CMD_STATUS_COMPLETE 0x01
5647 +#define CMD_STATUS_UNKNOWN 0x02
5648 +#define CMD_STATUS_INVALID_PARAMETER 0x03
5649 +#define CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04
5650 +#define CMD_STATUS_TIME_OUT 0x07
5651 +#define CMD_STATUS_IN_PROGRESS 0x08
5652 +#define CMD_STATUS_HOST_FAILURE 0xff
5653 +#define CMD_STATUS_SCAN_FAILED 0xf0
5655 +/* answers to get op mode */
5656 +#define OPMODE_NONE 0x00
5657 +#define OPMODE_NORMAL_NIC_WITH_FLASH 0x01
5658 +#define OPMODE_HW_CONFIG_MODE 0x02
5659 +#define OPMODE_DFU_MODE_WITH_FLASH 0x03
5660 +#define OPMODE_NORMAL_NIC_WITHOUT_FLASH 0x04
5662 +#define CMD_SET_MIB 0x01
5663 +#define CMD_GET_MIB 0x02
5664 +#define CMD_SCAN 0x03
5665 +#define CMD_JOIN 0x04
5666 +#define CMD_START_IBSS 0x05
5667 +#define CMD_RADIO_ON 0x06
5668 +#define CMD_RADIO_OFF 0x07
5669 +#define CMD_STARTUP 0x0B
5671 +#define MIB_LOCAL 0x01
5672 +#define MIB_MAC_ADDR 0x02
5673 +#define MIB_MAC 0x03
5674 +#define MIB_MAC_MGMT 0x05
5675 +#define MIB_MAC_WEP 0x06
5676 +#define MIB_PHY 0x07
5677 +#define MIB_FW_VERSION 0x08
5678 +#define MIB_MDOMAIN 0x09
5680 +#define ADHOC_MODE 1
5681 +#define INFRASTRUCTURE_MODE 2
5683 +/* values for struct mib_local, field preamble_type */
5684 +#define PREAMBLE_TYPE_LONG 0
5685 +#define PREAMBLE_TYPE_SHORT 1
5686 +#define PREAMBLE_TYPE_AUTO 2
5688 +/* values for tx_rate */
5689 +#define TX_RATE_1MBIT 0
5690 +#define TX_RATE_2MBIT 1
5691 +#define TX_RATE_5_5MBIT 2
5692 +#define TX_RATE_11MBIT 3
5693 +#define TX_RATE_AUTO 4
5695 +/* power management modes */
5696 +#define AT76_PM_OFF 1
5697 +#define AT76_PM_ON 2
5698 +#define AT76_PM_SMART 3
5700 +struct hwcfg_r505 {
5701 + u8 cr39_values[14];
5705 + u8 mac_addr[ETH_ALEN];
5706 + u8 regulatory_domain;
5708 + u8 cr15_values[14];
5710 +} __attribute__((packed));
5712 +struct hwcfg_rfmd {
5713 + u8 cr20_values[14];
5714 + u8 cr21_values[14];
5717 + u8 mac_addr[ETH_ALEN];
5718 + u8 regulatory_domain;
5719 + u8 low_power_values[14];
5720 + u8 normal_power_values[14];
5722 +} __attribute__((packed));
5724 +struct hwcfg_intersil {
5725 + u8 mac_addr[ETH_ALEN];
5726 + u8 cr31_values[14];
5727 + u8 cr58_values[14];
5729 + u8 regulatory_domain;
5731 +} __attribute__((packed));
5734 + struct hwcfg_intersil i;
5735 + struct hwcfg_rfmd r3;
5736 + struct hwcfg_r505 r5;
5739 +#define WEP_SMALL_KEY_LEN (40 / 8)
5740 +#define WEP_LARGE_KEY_LEN (104 / 8)
5742 +struct at76_card_config {
5743 + u8 exclude_unencrypted;
5744 + u8 promiscuous_mode;
5745 + u8 short_retry_limit;
5746 + u8 encryption_type;
5747 + __le16 rts_threshold;
5748 + __le16 fragmentation_threshold; /* 256..2346 */
5749 + u8 basic_rate_set[4];
5750 + u8 auto_rate_fallback; /* 0,1 */
5752 + u8 privacy_invoked;
5753 + u8 wep_default_key_id; /* 0..3 */
5754 + u8 current_ssid[32];
5755 + u8 wep_default_key_value[4][WEP_KEY_LEN];
5757 + u8 short_preamble;
5758 + __le16 beacon_period;
5759 +} __attribute__((packed));
5761 +struct at76_command {
5766 +} __attribute__((packed));
5768 +/* Length of Atmel-specific Rx header before 802.11 frame */
5769 +#define AT76_RX_HDRLEN offsetof(struct at76_rx_buffer, packet)
5771 +struct at76_rx_buffer {
5780 + u8 packet[IEEE80211_FRAME_LEN + IEEE80211_FCS_LEN];
5781 +} __attribute__((packed));
5783 +/* Length of Atmel-specific Tx header before 802.11 frame */
5784 +#define AT76_TX_HDRLEN offsetof(struct at76_tx_buffer, packet)
5786 +struct at76_tx_buffer {
5791 + u8 packet[IEEE80211_FRAME_LEN + IEEE80211_FCS_LEN];
5792 +} __attribute__((packed));
5794 +/* defines for scan_type below */
5795 +#define SCAN_TYPE_ACTIVE 0
5796 +#define SCAN_TYPE_PASSIVE 1
5798 +struct at76_req_scan {
5799 + u8 bssid[ETH_ALEN];
5803 + __le16 probe_delay;
5804 + __le16 min_channel_time;
5805 + __le16 max_channel_time;
5807 + u8 international_scan;
5808 +} __attribute__((packed));
5810 +struct at76_req_ibss {
5811 + u8 bssid[ETH_ALEN];
5817 +} __attribute__((packed));
5819 +struct at76_req_join {
5820 + u8 bssid[ETH_ALEN];
5827 +} __attribute__((packed));
5829 +struct set_mib_buffer {
5837 + u8 addr[ETH_ALEN];
5839 +} __attribute__((packed));
5844 + u8 txautorate_fallback;
5847 + u8 promiscuous_mode;
5851 +} __attribute__((packed));
5853 +struct mib_mac_addr {
5854 + u8 mac_addr[ETH_ALEN];
5855 + u8 res[2]; /* ??? */
5856 + u8 group_addr[4][ETH_ALEN];
5857 + u8 group_addr_status[4];
5858 +} __attribute__((packed));
5861 + __le32 max_tx_msdu_lifetime;
5862 + __le32 max_rx_lifetime;
5863 + __le16 frag_threshold;
5864 + __le16 rts_threshold;
5867 + u8 short_retry_time;
5868 + u8 long_retry_time;
5869 + u8 scan_type; /* active or passive */
5871 + __le16 probe_delay; /* delay before ProbeReq in active scan, RO */
5872 + __le16 min_channel_time;
5873 + __le16 max_channel_time;
5874 + __le16 listen_interval;
5875 + u8 desired_ssid[32];
5876 + u8 desired_bssid[ETH_ALEN];
5877 + u8 desired_bsstype; /* ad-hoc or infrastructure */
5879 +} __attribute__((packed));
5881 +struct mib_mac_mgmt {
5882 + __le16 beacon_period;
5883 + __le16 CFP_max_duration;
5884 + __le16 medium_occupancy_limit;
5885 + __le16 station_id; /* assoc id */
5886 + __le16 ATIM_window;
5888 + u8 privacy_option_implemented;
5891 + u8 current_bssid[ETH_ALEN];
5892 + u8 current_essid[32];
5893 + u8 current_bss_type;
5894 + u8 power_mgmt_mode;
5895 + /* rfmd and 505 */
5898 + u8 multi_domain_capability_implemented;
5899 + u8 multi_domain_capability_enabled;
5900 + u8 country_string[3];
5902 +} __attribute__((packed));
5904 +struct mib_mac_wep {
5905 + u8 privacy_invoked; /* 0 disable encr., 1 enable encr */
5906 + u8 wep_default_key_id;
5907 + u8 wep_key_mapping_len;
5908 + u8 exclude_unencrypted;
5909 + __le32 wep_icv_error_count;
5910 + __le32 wep_excluded_count;
5911 + u8 wep_default_keyvalue[WEP_KEYS][WEP_KEY_LEN];
5912 + u8 encryption_level; /* 1 for 40bit, 2 for 104bit encryption */
5913 +} __attribute__((packed));
5916 + __le32 ed_threshold;
5920 + __le16 preamble_length;
5921 + __le16 plcp_header_length;
5922 + __le16 mpdu_max_length;
5923 + __le16 cca_mode_supported;
5925 + u8 operation_rate_set[4];
5927 + u8 current_cca_mode;
5929 + u8 current_reg_domain;
5930 +} __attribute__((packed));
5932 +struct mib_fw_version {
5937 +} __attribute__((packed));
5939 +struct mib_mdomain {
5940 + u8 tx_powerlevel[14];
5941 + u8 channel_list[14]; /* 0 for invalid channels */
5942 +} __attribute__((packed));
5944 +struct at76_fw_header {
5945 + __le32 crc; /* CRC32 of the whole image */
5946 + __le32 board_type; /* firmware compatibility code */
5947 + u8 build; /* firmware build number */
5948 + u8 patch; /* firmware patch level */
5949 + u8 minor; /* firmware minor version */
5950 + u8 major; /* firmware major version */
5951 + __le32 str_offset; /* offset of the copyright string */
5952 + __le32 int_fw_offset; /* internal firmware image offset */
5953 + __le32 int_fw_len; /* internal firmware image length */
5954 + __le32 ext_fw_offset; /* external firmware image offset */
5955 + __le32 ext_fw_len; /* external firmware image length */
5956 +} __attribute__((packed));
5968 +/* a description of a regulatory domain and the allowed channels */
5969 +struct reg_domain {
5972 + u32 channel_map; /* if bit N is set, channel (N+1) is allowed */
5975 +/* how long do we keep a (I)BSS in the bss_list in jiffies
5976 + this should be long enough for the user to retrieve the table
5977 + (by iwlist ?) after the device started, because all entries from
5978 + other channels than the one the device locks on get removed, too */
5979 +#define BSS_LIST_TIMEOUT (120 * HZ)
5980 +/* struct to store BSS info found during scan */
5981 +#define BSS_LIST_MAX_RATE_LEN 32 /* 32 rates should be enough ... */
5984 + struct list_head list;
5986 + u8 bssid[ETH_ALEN]; /* bssid */
5987 + u8 ssid[IW_ESSID_MAX_SIZE]; /* essid */
5988 + u8 ssid_len; /* length of ssid above */
5990 + u16 capa; /* BSS capabilities */
5991 + u16 beacon_interval; /* beacon interval, Kus (1024 microseconds) */
5992 + u8 rates[BSS_LIST_MAX_RATE_LEN]; /* supported rates in units of
5993 + 500 kbps, ORed with 0x80 for
5997 + /* quality of received beacon */
6002 + unsigned long last_rx; /* time (jiffies) of last beacon received */
6005 +/* a rx data buffer to collect rx fragments */
6006 +struct rx_data_buf {
6007 + u8 sender[ETH_ALEN]; /* sender address */
6008 + u16 seqnr; /* sequence number */
6009 + u16 fragnr; /* last fragment received */
6010 + unsigned long last_rx; /* jiffies of last rx */
6011 + struct sk_buff *skb; /* == NULL if entry is free */
6014 +#define NR_RX_DATA_BUF 8
6016 +/* Data for one loaded firmware file */
6018 + const char *const fwname;
6019 + const struct firmware *fw;
6022 + /* pointer to loaded firmware, no need to free */
6023 + u8 *extfw; /* external firmware, extfw_size bytes long */
6024 + u8 *intfw; /* internal firmware, intfw_size bytes long */
6025 + enum board_type board_type; /* board type */
6026 + struct mib_fw_version fw_version;
6027 + int loaded; /* Loaded and parsed successfully */
6031 + struct usb_device *udev; /* USB device pointer */
6032 + struct net_device *netdev; /* net device pointer */
6033 + struct net_device_stats stats; /* net device stats */
6034 + struct iw_statistics wstats; /* wireless stats */
6036 + struct sk_buff *rx_skb; /* skbuff for receiving data */
6037 + void *bulk_out_buffer; /* buffer for sending data */
6039 + struct urb *tx_urb; /* URB for sending data */
6040 + struct urb *rx_urb; /* URB for receiving data */
6042 + unsigned int tx_pipe; /* bulk out pipe */
6043 + unsigned int rx_pipe; /* bulk in pipe */
6045 + struct mutex mtx; /* locks this structure */
6048 + struct work_struct work_assoc_done;
6049 + struct work_struct work_join;
6050 + struct work_struct work_new_bss;
6051 + struct work_struct work_start_scan;
6052 + struct work_struct work_set_promisc;
6053 + struct work_struct work_submit_rx;
6054 + struct delayed_work dwork_restart;
6055 + struct delayed_work dwork_get_scan;
6056 + struct delayed_work dwork_beacon;
6057 + struct delayed_work dwork_auth;
6058 + struct delayed_work dwork_assoc;
6060 + struct tasklet_struct rx_tasklet;
6062 + /* the WEP stuff */
6063 + int wep_enabled; /* 1 if WEP is enabled */
6064 + int wep_key_id; /* key id to be used */
6065 + u8 wep_keys[WEP_KEYS][WEP_KEY_LEN]; /* the four WEP keys,
6066 + 5 or 13 bytes are used */
6067 + u8 wep_keys_len[WEP_KEYS]; /* the length of the above keys */
6071 + u8 bssid[ETH_ALEN];
6072 + u8 essid[IW_ESSID_MAX_SIZE];
6077 + int preamble_type; /* 0 - long, 1 - short, 2 - auto */
6078 + int auth_mode; /* authentication type: 0 open, 1 shared key */
6079 + int txrate; /* 0,1,2,3 = 1,2,5.5,11 Mbps, 4 is auto */
6080 + int frag_threshold; /* threshold for fragmentation of tx packets */
6081 + int rts_threshold; /* threshold for RTS mechanism */
6082 + int short_retry_limit;
6084 + int scan_min_time; /* scan min channel time */
6085 + int scan_max_time; /* scan max channel time */
6086 + int scan_mode; /* SCAN_TYPE_ACTIVE, SCAN_TYPE_PASSIVE */
6087 + int scan_need_any; /* if set, need to scan for any ESSID */
6089 + /* the list we got from scanning */
6090 + spinlock_t bss_list_spinlock; /* protects bss_list operations */
6091 + struct list_head bss_list; /* list of BSS we got beacons from */
6092 + struct timer_list bss_list_timer; /* timer to purge old entries
6094 + struct bss_info *curr_bss; /* current BSS */
6095 + u16 assoc_id; /* current association ID, if associated */
6097 + u8 wanted_bssid[ETH_ALEN];
6098 + int wanted_bssid_valid; /* != 0 if wanted_bssid is to be used */
6100 + /* some data for infrastructure mode only */
6101 + spinlock_t mgmt_spinlock; /* this spinlock protects access to
6104 + struct at76_tx_buffer *next_mgmt_bulk; /* pending management msg to
6105 + send via bulk out */
6106 + enum mac_state mac_state;
6114 + int retries; /* remaining retries in case of timeout when
6115 + * sending AuthReq or AssocReq */
6116 + u8 pm_mode; /* power management mode */
6117 + u32 pm_period; /* power management period in microseconds */
6119 + struct reg_domain const *domain; /* reg domain description */
6121 + /* iwspy support */
6122 + spinlock_t spy_spinlock;
6123 + struct iw_spy_data spy_data;
6125 + struct iw_public_data wireless_data;
6127 + /* These fields contain HW config provided by the device (not all of
6128 + * these fields are used by all board types) */
6129 + u8 mac_addr[ETH_ALEN];
6130 + u8 regulatory_domain;
6132 + struct at76_card_config card_config;
6134 + /* store rx fragments until complete */
6135 + struct rx_data_buf rx_data[NR_RX_DATA_BUF];
6137 + enum board_type board_type;
6138 + struct mib_fw_version fw_version;
6140 + unsigned int device_unplugged:1;
6141 + unsigned int netdev_registered:1;
6142 + struct set_mib_buffer mib_buf; /* global buffer for set_mib calls */
6144 + /* beacon counting */
6145 + int beacon_period; /* period of mgmt beacons, Kus */
6146 + int beacons_received;
6147 + unsigned long beacons_last_qual; /* time we restarted counting
6151 +struct at76_rx_radiotap {
6152 + struct ieee80211_radiotap_header rt_hdr;
6160 +#define AT76_RX_RADIOTAP_PRESENT \
6161 + ((1 << IEEE80211_RADIOTAP_TSFT) | \
6162 + (1 << IEEE80211_RADIOTAP_FLAGS) | \
6163 + (1 << IEEE80211_RADIOTAP_RATE) | \
6164 + (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL) | \
6165 + (1 << IEEE80211_RADIOTAP_DB_ANTNOISE))
6167 +#define BEACON_MAX_DATA_LENGTH 1500
6169 +/* the maximum size of an AssocReq packet */
6170 +#define ASSOCREQ_MAX_SIZE \
6171 + (AT76_TX_HDRLEN + sizeof(struct ieee80211_assoc_request) + \
6172 + 1 + 1 + IW_ESSID_MAX_SIZE + 1 + 1 + 4)
6174 +/* for shared secret auth, add the challenge text size */
6175 +#define AUTH_FRAME_SIZE (AT76_TX_HDRLEN + sizeof(struct ieee80211_auth))
6177 +/* Maximal number of AuthReq retries */
6178 +#define AUTH_RETRIES 3
6180 +/* Maximal number of AssocReq retries */
6181 +#define ASSOC_RETRIES 3
6183 +/* Beacon timeout in managed mode when we are connected */
6184 +#define BEACON_TIMEOUT (10 * HZ)
6186 +/* Timeout for authentication response */
6187 +#define AUTH_TIMEOUT (1 * HZ)
6189 +/* Timeout for association response */
6190 +#define ASSOC_TIMEOUT (1 * HZ)
6192 +/* Polling interval when scan is running */
6193 +#define SCAN_POLL_INTERVAL (HZ / 4)
6195 +/* Command completion timeout */
6196 +#define CMD_COMPLETION_TIMEOUT (5 * HZ)
6198 +#define DEF_RTS_THRESHOLD 1536
6199 +#define DEF_FRAG_THRESHOLD 1536
6200 +#define DEF_SHORT_RETRY_LIMIT 8
6201 +#define DEF_CHANNEL 10
6202 +#define DEF_SCAN_MIN_TIME 10
6203 +#define DEF_SCAN_MAX_TIME 120
6205 +#define MAX_RTS_THRESHOLD (MAX_FRAG_THRESHOLD + 1)
6207 +/* the max padding size for tx in bytes (see calc_padding) */
6208 +#define MAX_PADDING_SIZE 53
6210 +#endif /* _AT76_USB_H */
6212 +++ b/drivers/staging/at76_usb/Kconfig
6215 + tristate "Atmel at76c503/at76c505/at76c505a USB cards"
6216 + depends on WLAN_80211 && USB
6220 + Enable support for USB Wireless devices using Atmel at76c503,
6221 + at76c505 or at76c505a chips.
6223 +++ b/drivers/staging/at76_usb/Makefile
6225 +obj-$(CONFIG_USB_ATMEL) += at76_usb.o
6227 +++ b/drivers/staging/at76_usb/TODO
6229 +rewrite the driver to use the proper in-kernel wireless stack
6230 +instead of using its own.
6231 --- a/drivers/staging/Kconfig
6232 +++ b/drivers/staging/Kconfig
6233 @@ -41,4 +41,6 @@ source "drivers/staging/wlan-ng/Kconfig"
6235 source "drivers/staging/echo/Kconfig"
6237 +source "drivers/staging/at76_usb/Kconfig"
6240 --- a/drivers/staging/Makefile
6241 +++ b/drivers/staging/Makefile
6242 @@ -12,3 +12,4 @@ obj-$(CONFIG_USB_IP_COMMON) += usbip/
6243 obj-$(CONFIG_W35UND) += winbond/
6244 obj-$(CONFIG_PRISM2_USB) += wlan-ng/
6245 obj-$(CONFIG_ECHO) += echo/
6246 +obj-$(CONFIG_USB_ATMEL) += at76_usb/
projects / people / pmueller / ipfire-2.x.git / blob