1 /*** -*- linux-c -*- **********************************************************
3 Driver for Atmel at76c502 at76c504 and at76c506 wireless cards.
5 Copyright 2000-2001 ATMEL Corporation.
6 Copyright 2003-2004 Simon Kelley.
8 This code was developed from version 2.1.1 of the Atmel drivers,
9 released by Atmel corp. under the GPL in December 2002. It also
10 includes code from the Linux aironet drivers (C) Benjamin Reed,
11 and the Linux PCMCIA package, (C) David Hinds and the Linux wireless
12 extensions, (C) Jean Tourrilhes.
14 The firmware module for reading the MAC address of the card comes from
15 net.russotto.AtmelMACFW, written by Matthew T. Russotto and copyright
16 by him. net.russotto.AtmelMACFW is used under the GPL license version 2.
17 This file contains the module in binary form and, under the terms
18 of the GPL, in source form. The source is located at the end of the file.
20 This program is free software; you can redistribute it and/or modify
21 it under the terms of the GNU General Public License as published by
22 the Free Software Foundation; either version 2 of the License, or
23 (at your option) any later version.
25 This software is distributed in the hope that it will be useful,
26 but WITHOUT ANY WARRANTY; without even the implied warranty of
27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 GNU General Public License for more details.
30 You should have received a copy of the GNU General Public License
31 along with Atmel wireless lan drivers; if not, see
32 <http://www.gnu.org/licenses/>.
34 For all queries about this code, please contact the current author,
35 Simon Kelley <simon@thekelleys.org.uk> and not Atmel Corporation.
37 Credit is due to HP UK and Cambridge Online Systems Ltd for supplying
38 hardware used during development of this driver.
40 ******************************************************************************/
42 #include <linux/interrupt.h>
44 #include <linux/kernel.h>
45 #include <linux/ptrace.h>
46 #include <linux/slab.h>
47 #include <linux/string.h>
48 #include <linux/ctype.h>
49 #include <linux/timer.h>
50 #include <asm/byteorder.h>
52 #include <asm/uaccess.h>
53 #include <linux/module.h>
54 #include <linux/netdevice.h>
55 #include <linux/etherdevice.h>
56 #include <linux/skbuff.h>
57 #include <linux/if_arp.h>
58 #include <linux/ioport.h>
59 #include <linux/fcntl.h>
60 #include <linux/delay.h>
61 #include <linux/wireless.h>
62 #include <net/iw_handler.h>
63 #include <linux/crc32.h>
64 #include <linux/proc_fs.h>
65 #include <linux/seq_file.h>
66 #include <linux/device.h>
67 #include <linux/moduleparam.h>
68 #include <linux/firmware.h>
69 #include <linux/jiffies.h>
70 #include <net/cfg80211.h>
73 #define DRIVER_MAJOR 0
74 #define DRIVER_MINOR 98
76 MODULE_AUTHOR("Simon Kelley");
77 MODULE_DESCRIPTION("Support for Atmel at76c50x 802.11 wireless ethernet cards.");
78 MODULE_LICENSE("GPL");
79 MODULE_SUPPORTED_DEVICE("Atmel at76c50x wireless cards");
81 /* The name of the firmware file to be loaded
82 over-rides any automatic selection */
83 static char *firmware = NULL;
84 module_param(firmware, charp, 0);
86 /* table of firmware file names */
90 const char *fw_file_ext;
92 { ATMEL_FW_TYPE_502, "atmel_at76c502", "bin" },
93 { ATMEL_FW_TYPE_502D, "atmel_at76c502d", "bin" },
94 { ATMEL_FW_TYPE_502E, "atmel_at76c502e", "bin" },
95 { ATMEL_FW_TYPE_502_3COM, "atmel_at76c502_3com", "bin" },
96 { ATMEL_FW_TYPE_504, "atmel_at76c504", "bin" },
97 { ATMEL_FW_TYPE_504_2958, "atmel_at76c504_2958", "bin" },
98 { ATMEL_FW_TYPE_504A_2958, "atmel_at76c504a_2958", "bin" },
99 { ATMEL_FW_TYPE_506, "atmel_at76c506", "bin" },
100 { ATMEL_FW_TYPE_NONE, NULL, NULL }
102 MODULE_FIRMWARE("atmel_at76c502-wpa.bin");
103 MODULE_FIRMWARE("atmel_at76c502.bin");
104 MODULE_FIRMWARE("atmel_at76c502d-wpa.bin");
105 MODULE_FIRMWARE("atmel_at76c502d.bin");
106 MODULE_FIRMWARE("atmel_at76c502e-wpa.bin");
107 MODULE_FIRMWARE("atmel_at76c502e.bin");
108 MODULE_FIRMWARE("atmel_at76c502_3com-wpa.bin");
109 MODULE_FIRMWARE("atmel_at76c502_3com.bin");
110 MODULE_FIRMWARE("atmel_at76c504-wpa.bin");
111 MODULE_FIRMWARE("atmel_at76c504.bin");
112 MODULE_FIRMWARE("atmel_at76c504_2958-wpa.bin");
113 MODULE_FIRMWARE("atmel_at76c504_2958.bin");
114 MODULE_FIRMWARE("atmel_at76c504a_2958-wpa.bin");
115 MODULE_FIRMWARE("atmel_at76c504a_2958.bin");
116 MODULE_FIRMWARE("atmel_at76c506-wpa.bin");
117 MODULE_FIRMWARE("atmel_at76c506.bin");
119 #define MAX_SSID_LENGTH 32
120 #define MGMT_JIFFIES (256 * HZ / 100)
122 #define MAX_BSS_ENTRIES 64
125 #define GCR 0x00 /* (SIR0) General Configuration Register */
126 #define BSR 0x02 /* (SIR1) Bank Switching Select Register */
129 #define MR1 0x12 /* Mirror Register 1 */
130 #define MR2 0x14 /* Mirror Register 2 */
131 #define MR3 0x16 /* Mirror Register 3 */
132 #define MR4 0x18 /* Mirror Register 4 */
138 * Constants for the GCR register.
140 #define GCR_REMAP 0x0400 /* Remap internal SRAM to 0 */
141 #define GCR_SWRES 0x0080 /* BIU reset (ARM and PAI are NOT reset) */
142 #define GCR_CORES 0x0060 /* Core Reset (ARM and PAI are reset) */
143 #define GCR_ENINT 0x0002 /* Enable Interrupts */
144 #define GCR_ACKINT 0x0008 /* Acknowledge Interrupts */
146 #define BSS_SRAM 0x0200 /* AMBA module selection --> SRAM */
147 #define BSS_IRAM 0x0100 /* AMBA module selection --> IRAM */
149 *Constants for the MR registers.
151 #define MAC_INIT_COMPLETE 0x0001 /* MAC init has been completed */
152 #define MAC_BOOT_COMPLETE 0x0010 /* MAC boot has been completed */
153 #define MAC_INIT_OK 0x0002 /* MAC boot has been completed */
155 #define MIB_MAX_DATA_BYTES 212
156 #define MIB_HEADER_SIZE 4 /* first four fields */
163 u8 data[MIB_MAX_DATA_BYTES];
181 #define RX_DESC_FLAG_VALID 0x80
182 #define RX_DESC_FLAG_CONSUMED 0x40
183 #define RX_DESC_FLAG_IDLE 0x00
185 #define RX_STATUS_SUCCESS 0x00
187 #define RX_DESC_MSDU_POS_OFFSET 4
188 #define RX_DESC_MSDU_SIZE_OFFSET 6
189 #define RX_DESC_FLAGS_OFFSET 8
190 #define RX_DESC_STATUS_OFFSET 9
191 #define RX_DESC_RSSI_OFFSET 11
192 #define RX_DESC_LINK_QUALITY_OFFSET 12
193 #define RX_DESC_PREAMBLE_TYPE_OFFSET 13
194 #define RX_DESC_DURATION_OFFSET 14
195 #define RX_DESC_RX_TIME_OFFSET 16
218 #define TX_DESC_NEXT_OFFSET 0
219 #define TX_DESC_POS_OFFSET 4
220 #define TX_DESC_SIZE_OFFSET 6
221 #define TX_DESC_FLAGS_OFFSET 8
222 #define TX_DESC_STATUS_OFFSET 9
223 #define TX_DESC_RETRY_OFFSET 10
224 #define TX_DESC_RATE_OFFSET 11
225 #define TX_DESC_KEY_INDEX_OFFSET 12
226 #define TX_DESC_CIPHER_TYPE_OFFSET 13
227 #define TX_DESC_CIPHER_LENGTH_OFFSET 14
228 #define TX_DESC_PACKET_TYPE_OFFSET 17
229 #define TX_DESC_HOST_LENGTH_OFFSET 18
235 #define TX_STATUS_SUCCESS 0x00
237 #define TX_FIRM_OWN 0x80
240 #define TX_ERROR 0x01
242 #define TX_PACKET_TYPE_DATA 0x01
243 #define TX_PACKET_TYPE_MGMT 0x02
245 #define ISR_EMPTY 0x00 /* no bits set in ISR */
246 #define ISR_TxCOMPLETE 0x01 /* packet transmitted */
247 #define ISR_RxCOMPLETE 0x02 /* packet received */
248 #define ISR_RxFRAMELOST 0x04 /* Rx Frame lost */
249 #define ISR_FATAL_ERROR 0x08 /* Fatal error */
250 #define ISR_COMMAND_COMPLETE 0x10 /* command completed */
251 #define ISR_OUT_OF_RANGE 0x20 /* command completed */
252 #define ISR_IBSS_MERGE 0x40 /* (4.1.2.30): IBSS merge */
253 #define ISR_GENERIC_IRQ 0x80
255 #define Local_Mib_Type 0x01
256 #define Mac_Address_Mib_Type 0x02
257 #define Mac_Mib_Type 0x03
258 #define Statistics_Mib_Type 0x04
259 #define Mac_Mgmt_Mib_Type 0x05
260 #define Mac_Wep_Mib_Type 0x06
261 #define Phy_Mib_Type 0x07
262 #define Multi_Domain_MIB 0x08
264 #define MAC_MGMT_MIB_CUR_BSSID_POS 14
265 #define MAC_MIB_FRAG_THRESHOLD_POS 8
266 #define MAC_MIB_RTS_THRESHOLD_POS 10
267 #define MAC_MIB_SHORT_RETRY_POS 16
268 #define MAC_MIB_LONG_RETRY_POS 17
269 #define MAC_MIB_SHORT_RETRY_LIMIT_POS 16
270 #define MAC_MGMT_MIB_BEACON_PER_POS 0
271 #define MAC_MGMT_MIB_STATION_ID_POS 6
272 #define MAC_MGMT_MIB_CUR_PRIVACY_POS 11
273 #define MAC_MGMT_MIB_CUR_BSSID_POS 14
274 #define MAC_MGMT_MIB_PS_MODE_POS 53
275 #define MAC_MGMT_MIB_LISTEN_INTERVAL_POS 54
276 #define MAC_MGMT_MIB_MULTI_DOMAIN_IMPLEMENTED 56
277 #define MAC_MGMT_MIB_MULTI_DOMAIN_ENABLED 57
278 #define PHY_MIB_CHANNEL_POS 14
279 #define PHY_MIB_RATE_SET_POS 20
280 #define PHY_MIB_REG_DOMAIN_POS 26
281 #define LOCAL_MIB_AUTO_TX_RATE_POS 3
282 #define LOCAL_MIB_SSID_SIZE 5
283 #define LOCAL_MIB_TX_PROMISCUOUS_POS 6
284 #define LOCAL_MIB_TX_MGMT_RATE_POS 7
285 #define LOCAL_MIB_TX_CONTROL_RATE_POS 8
286 #define LOCAL_MIB_PREAMBLE_TYPE 9
287 #define MAC_ADDR_MIB_MAC_ADDR_POS 0
289 #define CMD_Set_MIB_Vars 0x01
290 #define CMD_Get_MIB_Vars 0x02
291 #define CMD_Scan 0x03
292 #define CMD_Join 0x04
293 #define CMD_Start 0x05
294 #define CMD_EnableRadio 0x06
295 #define CMD_DisableRadio 0x07
296 #define CMD_SiteSurvey 0x0B
298 #define CMD_STATUS_IDLE 0x00
299 #define CMD_STATUS_COMPLETE 0x01
300 #define CMD_STATUS_UNKNOWN 0x02
301 #define CMD_STATUS_INVALID_PARAMETER 0x03
302 #define CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04
303 #define CMD_STATUS_TIME_OUT 0x07
304 #define CMD_STATUS_IN_PROGRESS 0x08
305 #define CMD_STATUS_REJECTED_RADIO_OFF 0x09
306 #define CMD_STATUS_HOST_ERROR 0xFF
307 #define CMD_STATUS_BUSY 0xFE
309 #define CMD_BLOCK_COMMAND_OFFSET 0
310 #define CMD_BLOCK_STATUS_OFFSET 1
311 #define CMD_BLOCK_PARAMETERS_OFFSET 4
313 #define SCAN_OPTIONS_SITE_SURVEY 0x80
315 #define MGMT_FRAME_BODY_OFFSET 24
316 #define MAX_AUTHENTICATION_RETRIES 3
317 #define MAX_ASSOCIATION_RETRIES 3
319 #define AUTHENTICATION_RESPONSE_TIME_OUT 1000
321 #define MAX_WIRELESS_BODY 2316 /* mtu is 2312, CRC is 4 */
322 #define LOOP_RETRY_LIMIT 500000
324 #define ACTIVE_MODE 1
327 #define MAX_ENCRYPTION_KEYS 4
328 #define MAX_ENCRYPTION_KEY_SIZE 40
331 * 802.11 related definitions
338 #define REG_DOMAIN_FCC 0x10 /* Channels 1-11 USA */
339 #define REG_DOMAIN_DOC 0x20 /* Channel 1-11 Canada */
340 #define REG_DOMAIN_ETSI 0x30 /* Channel 1-13 Europe (ex Spain/France) */
341 #define REG_DOMAIN_SPAIN 0x31 /* Channel 10-11 Spain */
342 #define REG_DOMAIN_FRANCE 0x32 /* Channel 10-13 France */
343 #define REG_DOMAIN_MKK 0x40 /* Channel 14 Japan */
344 #define REG_DOMAIN_MKK1 0x41 /* Channel 1-14 Japan(MKK1) */
345 #define REG_DOMAIN_ISRAEL 0x50 /* Channel 3-9 ISRAEL */
347 #define BSS_TYPE_AD_HOC 1
348 #define BSS_TYPE_INFRASTRUCTURE 2
350 #define SCAN_TYPE_ACTIVE 0
351 #define SCAN_TYPE_PASSIVE 1
353 #define LONG_PREAMBLE 0
354 #define SHORT_PREAMBLE 1
355 #define AUTO_PREAMBLE 2
357 #define DATA_FRAME_WS_HEADER_SIZE 30
359 /* promiscuous mode control */
360 #define PROM_MODE_OFF 0x0
361 #define PROM_MODE_UNKNOWN 0x1
362 #define PROM_MODE_CRC_FAILED 0x2
363 #define PROM_MODE_DUPLICATED 0x4
364 #define PROM_MODE_MGMT 0x8
365 #define PROM_MODE_CTRL 0x10
366 #define PROM_MODE_BAD_PROTOCOL 0x20
368 #define IFACE_INT_STATUS_OFFSET 0
369 #define IFACE_INT_MASK_OFFSET 1
370 #define IFACE_LOCKOUT_HOST_OFFSET 2
371 #define IFACE_LOCKOUT_MAC_OFFSET 3
372 #define IFACE_FUNC_CTRL_OFFSET 28
373 #define IFACE_MAC_STAT_OFFSET 30
374 #define IFACE_GENERIC_INT_TYPE_OFFSET 32
376 #define CIPHER_SUITE_NONE 0
377 #define CIPHER_SUITE_WEP_64 1
378 #define CIPHER_SUITE_TKIP 2
379 #define CIPHER_SUITE_AES 3
380 #define CIPHER_SUITE_CCX 4
381 #define CIPHER_SUITE_WEP_128 5
384 * IFACE MACROS & definitions
390 #define FUNC_CTRL_TxENABLE 0x10
391 #define FUNC_CTRL_RxENABLE 0x20
392 #define FUNC_CTRL_INIT_COMPLETE 0x01
394 /* A stub firmware image which reads the MAC address from NVRAM on the card.
395 For copyright information and source see the end of this file. */
396 static u8 mac_reader[] = {
397 0x06, 0x00, 0x00, 0xea, 0x04, 0x00, 0x00, 0xea, 0x03, 0x00, 0x00, 0xea, 0x02, 0x00, 0x00, 0xea,
398 0x01, 0x00, 0x00, 0xea, 0x00, 0x00, 0x00, 0xea, 0xff, 0xff, 0xff, 0xea, 0xfe, 0xff, 0xff, 0xea,
399 0xd3, 0x00, 0xa0, 0xe3, 0x00, 0xf0, 0x21, 0xe1, 0x0e, 0x04, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
400 0x81, 0x11, 0xa0, 0xe1, 0x00, 0x10, 0x81, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x1c, 0x10, 0x90, 0xe5,
401 0x10, 0x10, 0xc1, 0xe3, 0x1c, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 0x08, 0x10, 0x80, 0xe5,
402 0x02, 0x03, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 0xb0, 0x10, 0xc0, 0xe1, 0xb4, 0x10, 0xc0, 0xe1,
403 0xb8, 0x10, 0xc0, 0xe1, 0xbc, 0x10, 0xc0, 0xe1, 0x56, 0xdc, 0xa0, 0xe3, 0x21, 0x00, 0x00, 0xeb,
404 0x0a, 0x00, 0xa0, 0xe3, 0x1a, 0x00, 0x00, 0xeb, 0x10, 0x00, 0x00, 0xeb, 0x07, 0x00, 0x00, 0xeb,
405 0x02, 0x03, 0xa0, 0xe3, 0x02, 0x14, 0xa0, 0xe3, 0xb4, 0x10, 0xc0, 0xe1, 0x4c, 0x10, 0x9f, 0xe5,
406 0xbc, 0x10, 0xc0, 0xe1, 0x10, 0x10, 0xa0, 0xe3, 0xb8, 0x10, 0xc0, 0xe1, 0xfe, 0xff, 0xff, 0xea,
407 0x00, 0x40, 0x2d, 0xe9, 0x00, 0x20, 0xa0, 0xe3, 0x02, 0x3c, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
408 0x28, 0x00, 0x9f, 0xe5, 0x37, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1,
409 0x00, 0x40, 0x2d, 0xe9, 0x12, 0x2e, 0xa0, 0xe3, 0x06, 0x30, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
410 0x02, 0x04, 0xa0, 0xe3, 0x2f, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1,
411 0x00, 0x02, 0x00, 0x02, 0x80, 0x01, 0x90, 0xe0, 0x01, 0x00, 0x00, 0x0a, 0x01, 0x00, 0x50, 0xe2,
412 0xfc, 0xff, 0xff, 0xea, 0x1e, 0xff, 0x2f, 0xe1, 0x80, 0x10, 0xa0, 0xe3, 0xf3, 0x06, 0xa0, 0xe3,
413 0x00, 0x10, 0x80, 0xe5, 0x00, 0x10, 0xa0, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3,
414 0x04, 0x10, 0x80, 0xe5, 0x00, 0x10, 0x80, 0xe5, 0x0e, 0x34, 0xa0, 0xe3, 0x1c, 0x10, 0x93, 0xe5,
415 0x02, 0x1a, 0x81, 0xe3, 0x1c, 0x10, 0x83, 0xe5, 0x58, 0x11, 0x9f, 0xe5, 0x30, 0x10, 0x80, 0xe5,
416 0x54, 0x11, 0x9f, 0xe5, 0x34, 0x10, 0x80, 0xe5, 0x38, 0x10, 0x80, 0xe5, 0x3c, 0x10, 0x80, 0xe5,
417 0x10, 0x10, 0x90, 0xe5, 0x08, 0x00, 0x90, 0xe5, 0x1e, 0xff, 0x2f, 0xe1, 0xf3, 0x16, 0xa0, 0xe3,
418 0x08, 0x00, 0x91, 0xe5, 0x05, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 0x10, 0x00, 0x91, 0xe5,
419 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0xff, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5,
420 0x10, 0x00, 0x91, 0xe5, 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5,
421 0x10, 0x00, 0x91, 0xe5, 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5,
422 0xff, 0x00, 0x00, 0xe2, 0x1e, 0xff, 0x2f, 0xe1, 0x30, 0x40, 0x2d, 0xe9, 0x00, 0x50, 0xa0, 0xe1,
423 0x03, 0x40, 0xa0, 0xe1, 0xa2, 0x02, 0xa0, 0xe1, 0x08, 0x00, 0x00, 0xe2, 0x03, 0x00, 0x80, 0xe2,
424 0xd8, 0x10, 0x9f, 0xe5, 0x00, 0x00, 0xc1, 0xe5, 0x01, 0x20, 0xc1, 0xe5, 0xe2, 0xff, 0xff, 0xeb,
425 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x1a, 0x14, 0x00, 0xa0, 0xe3, 0xc4, 0xff, 0xff, 0xeb,
426 0x04, 0x20, 0xa0, 0xe1, 0x05, 0x10, 0xa0, 0xe1, 0x02, 0x00, 0xa0, 0xe3, 0x01, 0x00, 0x00, 0xeb,
427 0x30, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x70, 0x40, 0x2d, 0xe9, 0xf3, 0x46, 0xa0, 0xe3,
428 0x00, 0x30, 0xa0, 0xe3, 0x00, 0x00, 0x50, 0xe3, 0x08, 0x00, 0x00, 0x9a, 0x8c, 0x50, 0x9f, 0xe5,
429 0x03, 0x60, 0xd5, 0xe7, 0x0c, 0x60, 0x84, 0xe5, 0x10, 0x60, 0x94, 0xe5, 0x02, 0x00, 0x16, 0xe3,
430 0xfc, 0xff, 0xff, 0x0a, 0x01, 0x30, 0x83, 0xe2, 0x00, 0x00, 0x53, 0xe1, 0xf7, 0xff, 0xff, 0x3a,
431 0xff, 0x30, 0xa0, 0xe3, 0x0c, 0x30, 0x84, 0xe5, 0x08, 0x00, 0x94, 0xe5, 0x10, 0x00, 0x94, 0xe5,
432 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x94, 0xe5, 0x00, 0x00, 0xa0, 0xe3,
433 0x00, 0x00, 0x52, 0xe3, 0x0b, 0x00, 0x00, 0x9a, 0x10, 0x50, 0x94, 0xe5, 0x02, 0x00, 0x15, 0xe3,
434 0xfc, 0xff, 0xff, 0x0a, 0x0c, 0x30, 0x84, 0xe5, 0x10, 0x50, 0x94, 0xe5, 0x01, 0x00, 0x15, 0xe3,
435 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x50, 0x94, 0xe5, 0x01, 0x50, 0xc1, 0xe4, 0x01, 0x00, 0x80, 0xe2,
436 0x02, 0x00, 0x50, 0xe1, 0xf3, 0xff, 0xff, 0x3a, 0xc8, 0x00, 0xa0, 0xe3, 0x98, 0xff, 0xff, 0xeb,
437 0x70, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x01, 0x0c, 0x00, 0x02, 0x01, 0x02, 0x00, 0x02,
438 0x00, 0x01, 0x00, 0x02
441 struct atmel_private {
442 void *card; /* Bus dependent structure varies for PCcard */
443 int (*present_callback)(void *); /* And callback which uses it */
444 char firmware_id[32];
445 AtmelFWType firmware_type;
448 struct timer_list management_timer;
449 struct net_device *dev;
450 struct device *sys_dev;
451 struct iw_statistics wstats;
452 spinlock_t irqlock, timerlock; /* spinlocks */
453 enum { BUS_TYPE_PCCARD, BUS_TYPE_PCI } bus_type;
455 CARD_TYPE_PARALLEL_FLASH,
459 int do_rx_crc; /* If we need to CRC incoming packets */
460 int probe_crc; /* set if we don't yet know */
461 int crc_ok_cnt, crc_ko_cnt; /* counters for probing */
463 u16 tx_desc_free, tx_desc_head, tx_desc_tail, tx_desc_previous;
464 u16 tx_free_mem, tx_buff_head, tx_buff_tail;
466 u16 frag_seq, frag_len, frag_no;
469 u8 wep_is_on, default_key, exclude_unencrypted, encryption_level;
470 u8 group_cipher_suite, pairwise_cipher_suite;
471 u8 wep_keys[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
472 int wep_key_len[MAX_ENCRYPTION_KEYS];
473 int use_wpa, radio_on_broken; /* firmware dependent stuff. */
476 struct host_info_struct {
477 /* NB this is matched to the hardware, don't change. */
478 u8 volatile int_status;
479 u8 volatile int_mask;
480 u8 volatile lockout_host;
481 u8 volatile lockout_mac;
501 u16 generic_IRQ_type;
506 STATION_STATE_SCANNING,
507 STATION_STATE_JOINNING,
508 STATION_STATE_AUTHENTICATING,
509 STATION_STATE_ASSOCIATING,
511 STATION_STATE_REASSOCIATING,
513 STATION_STATE_MGMT_ERROR
516 int operating_mode, power_mode;
518 int beacons_this_sec;
520 int reg_domain, config_reg_domain;
525 int long_retry, short_retry;
527 int default_beacon_period, beacon_period, listen_interval;
528 int CurrentAuthentTransactionSeqNum, ExpectedAuthentTransactionSeqNum;
529 int AuthenticationRequestRetryCnt, AssociationRequestRetryCnt, ReAssociationRequestRetryCnt;
532 SITE_SURVEY_IN_PROGRESS,
533 SITE_SURVEY_COMPLETED
535 unsigned long last_survey;
537 int station_was_associated, station_is_associated;
549 u8 SSID[MAX_SSID_LENGTH];
550 } BSSinfo[MAX_BSS_ENTRIES];
551 int BSS_list_entries, current_BSS;
552 int connect_to_any_BSS;
553 int SSID_size, new_SSID_size;
554 u8 CurrentBSSID[6], BSSID[6];
555 u8 SSID[MAX_SSID_LENGTH], new_SSID[MAX_SSID_LENGTH];
556 u64 last_beacon_timestamp;
557 u8 rx_buf[MAX_WIRELESS_BODY];
560 static u8 atmel_basic_rates[4] = {0x82, 0x84, 0x0b, 0x16};
562 static const struct {
566 } channel_table[] = { { REG_DOMAIN_FCC, 1, 11, "USA" },
567 { REG_DOMAIN_DOC, 1, 11, "Canada" },
568 { REG_DOMAIN_ETSI, 1, 13, "Europe" },
569 { REG_DOMAIN_SPAIN, 10, 11, "Spain" },
570 { REG_DOMAIN_FRANCE, 10, 13, "France" },
571 { REG_DOMAIN_MKK, 14, 14, "MKK" },
572 { REG_DOMAIN_MKK1, 1, 14, "MKK1" },
573 { REG_DOMAIN_ISRAEL, 3, 9, "Israel"} };
575 static void build_wpa_mib(struct atmel_private *priv);
576 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd);
577 static void atmel_copy_to_card(struct net_device *dev, u16 dest,
578 const unsigned char *src, u16 len);
579 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
581 static void atmel_set_gcr(struct net_device *dev, u16 mask);
582 static void atmel_clear_gcr(struct net_device *dev, u16 mask);
583 static int atmel_lock_mac(struct atmel_private *priv);
584 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data);
585 static void atmel_command_irq(struct atmel_private *priv);
586 static int atmel_validate_channel(struct atmel_private *priv, int channel);
587 static void atmel_management_frame(struct atmel_private *priv,
588 struct ieee80211_hdr *header,
589 u16 frame_len, u8 rssi);
590 static void atmel_management_timer(u_long a);
591 static void atmel_send_command(struct atmel_private *priv, int command,
592 void *cmd, int cmd_size);
593 static int atmel_send_command_wait(struct atmel_private *priv, int command,
594 void *cmd, int cmd_size);
595 static void atmel_transmit_management_frame(struct atmel_private *priv,
596 struct ieee80211_hdr *header,
597 u8 *body, int body_len);
599 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index);
600 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index,
602 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
604 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
605 u8 *data, int data_len);
606 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
607 u8 *data, int data_len);
608 static void atmel_scan(struct atmel_private *priv, int specific_ssid);
609 static void atmel_join_bss(struct atmel_private *priv, int bss_index);
610 static void atmel_smooth_qual(struct atmel_private *priv);
611 static void atmel_writeAR(struct net_device *dev, u16 data);
612 static int probe_atmel_card(struct net_device *dev);
613 static int reset_atmel_card(struct net_device *dev);
614 static void atmel_enter_state(struct atmel_private *priv, int new_state);
615 int atmel_open (struct net_device *dev);
617 static inline u16 atmel_hi(struct atmel_private *priv, u16 offset)
619 return priv->host_info_base + offset;
622 static inline u16 atmel_co(struct atmel_private *priv, u16 offset)
624 return priv->host_info.command_pos + offset;
627 static inline u16 atmel_rx(struct atmel_private *priv, u16 offset, u16 desc)
629 return priv->host_info.rx_desc_pos + (sizeof(struct rx_desc) * desc) + offset;
632 static inline u16 atmel_tx(struct atmel_private *priv, u16 offset, u16 desc)
634 return priv->host_info.tx_desc_pos + (sizeof(struct tx_desc) * desc) + offset;
637 static inline u8 atmel_read8(struct net_device *dev, u16 offset)
639 return inb(dev->base_addr + offset);
642 static inline void atmel_write8(struct net_device *dev, u16 offset, u8 data)
644 outb(data, dev->base_addr + offset);
647 static inline u16 atmel_read16(struct net_device *dev, u16 offset)
649 return inw(dev->base_addr + offset);
652 static inline void atmel_write16(struct net_device *dev, u16 offset, u16 data)
654 outw(data, dev->base_addr + offset);
657 static inline u8 atmel_rmem8(struct atmel_private *priv, u16 pos)
659 atmel_writeAR(priv->dev, pos);
660 return atmel_read8(priv->dev, DR);
663 static inline void atmel_wmem8(struct atmel_private *priv, u16 pos, u16 data)
665 atmel_writeAR(priv->dev, pos);
666 atmel_write8(priv->dev, DR, data);
669 static inline u16 atmel_rmem16(struct atmel_private *priv, u16 pos)
671 atmel_writeAR(priv->dev, pos);
672 return atmel_read16(priv->dev, DR);
675 static inline void atmel_wmem16(struct atmel_private *priv, u16 pos, u16 data)
677 atmel_writeAR(priv->dev, pos);
678 atmel_write16(priv->dev, DR, data);
681 static const struct iw_handler_def atmel_handler_def;
683 static void tx_done_irq(struct atmel_private *priv)
688 atmel_rmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head)) == TX_DONE &&
689 i < priv->host_info.tx_desc_count;
691 u8 status = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_STATUS_OFFSET, priv->tx_desc_head));
692 u16 msdu_size = atmel_rmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_head));
693 u8 type = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_head));
695 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head), 0);
697 priv->tx_free_mem += msdu_size;
698 priv->tx_desc_free++;
700 if (priv->tx_buff_head + msdu_size > (priv->host_info.tx_buff_pos + priv->host_info.tx_buff_size))
701 priv->tx_buff_head = 0;
703 priv->tx_buff_head += msdu_size;
705 if (priv->tx_desc_head < (priv->host_info.tx_desc_count - 1))
706 priv->tx_desc_head++ ;
708 priv->tx_desc_head = 0;
710 if (type == TX_PACKET_TYPE_DATA) {
711 if (status == TX_STATUS_SUCCESS)
712 priv->dev->stats.tx_packets++;
714 priv->dev->stats.tx_errors++;
715 netif_wake_queue(priv->dev);
720 static u16 find_tx_buff(struct atmel_private *priv, u16 len)
722 u16 bottom_free = priv->host_info.tx_buff_size - priv->tx_buff_tail;
724 if (priv->tx_desc_free == 3 || priv->tx_free_mem < len)
727 if (bottom_free >= len)
728 return priv->host_info.tx_buff_pos + priv->tx_buff_tail;
730 if (priv->tx_free_mem - bottom_free >= len) {
731 priv->tx_buff_tail = 0;
732 return priv->host_info.tx_buff_pos;
738 static void tx_update_descriptor(struct atmel_private *priv, int is_bcast,
739 u16 len, u16 buff, u8 type)
741 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, priv->tx_desc_tail), buff);
742 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_tail), len);
744 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_HOST_LENGTH_OFFSET, priv->tx_desc_tail), len);
745 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_tail), type);
746 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RATE_OFFSET, priv->tx_desc_tail), priv->tx_rate);
747 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RETRY_OFFSET, priv->tx_desc_tail), 0);
749 int cipher_type, cipher_length;
751 cipher_type = priv->group_cipher_suite;
752 if (cipher_type == CIPHER_SUITE_WEP_64 ||
753 cipher_type == CIPHER_SUITE_WEP_128)
755 else if (cipher_type == CIPHER_SUITE_TKIP)
757 else if (priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_64 ||
758 priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_128) {
759 cipher_type = priv->pairwise_cipher_suite;
762 cipher_type = CIPHER_SUITE_NONE;
766 cipher_type = priv->pairwise_cipher_suite;
767 if (cipher_type == CIPHER_SUITE_WEP_64 ||
768 cipher_type == CIPHER_SUITE_WEP_128)
770 else if (cipher_type == CIPHER_SUITE_TKIP)
772 else if (priv->group_cipher_suite == CIPHER_SUITE_WEP_64 ||
773 priv->group_cipher_suite == CIPHER_SUITE_WEP_128) {
774 cipher_type = priv->group_cipher_suite;
777 cipher_type = CIPHER_SUITE_NONE;
782 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_TYPE_OFFSET, priv->tx_desc_tail),
784 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_LENGTH_OFFSET, priv->tx_desc_tail),
787 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_tail), 0x80000000L);
788 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_tail), TX_FIRM_OWN);
789 if (priv->tx_desc_previous != priv->tx_desc_tail)
790 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_previous), 0);
791 priv->tx_desc_previous = priv->tx_desc_tail;
792 if (priv->tx_desc_tail < (priv->host_info.tx_desc_count - 1))
793 priv->tx_desc_tail++;
795 priv->tx_desc_tail = 0;
796 priv->tx_desc_free--;
797 priv->tx_free_mem -= len;
800 static netdev_tx_t start_tx(struct sk_buff *skb, struct net_device *dev)
802 static const u8 SNAP_RFC1024[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
803 struct atmel_private *priv = netdev_priv(dev);
804 struct ieee80211_hdr header;
806 u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN;
808 if (priv->card && priv->present_callback &&
809 !(*priv->present_callback)(priv->card)) {
810 dev->stats.tx_errors++;
815 if (priv->station_state != STATION_STATE_READY) {
816 dev->stats.tx_errors++;
821 /* first ensure the timer func cannot run */
822 spin_lock_bh(&priv->timerlock);
823 /* then stop the hardware ISR */
824 spin_lock_irqsave(&priv->irqlock, flags);
825 /* nb doing the above in the opposite order will deadlock */
827 /* The Wireless Header is 30 bytes. In the Ethernet packet we "cut" the
828 12 first bytes (containing DA/SA) and put them in the appropriate
829 fields of the Wireless Header. Thus the packet length is then the
830 initial + 18 (+30-12) */
832 if (!(buff = find_tx_buff(priv, len + 18))) {
833 dev->stats.tx_dropped++;
834 spin_unlock_irqrestore(&priv->irqlock, flags);
835 spin_unlock_bh(&priv->timerlock);
836 netif_stop_queue(dev);
837 return NETDEV_TX_BUSY;
840 frame_ctl = IEEE80211_FTYPE_DATA;
841 header.duration_id = 0;
844 frame_ctl |= IEEE80211_FCTL_PROTECTED;
845 if (priv->operating_mode == IW_MODE_ADHOC) {
846 skb_copy_from_linear_data(skb, &header.addr1, ETH_ALEN);
847 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN);
848 memcpy(&header.addr3, priv->BSSID, ETH_ALEN);
850 frame_ctl |= IEEE80211_FCTL_TODS;
851 memcpy(&header.addr1, priv->CurrentBSSID, ETH_ALEN);
852 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN);
853 skb_copy_from_linear_data(skb, &header.addr3, ETH_ALEN);
857 memcpy(&header.addr4, SNAP_RFC1024, ETH_ALEN);
859 header.frame_control = cpu_to_le16(frame_ctl);
860 /* Copy the wireless header into the card */
861 atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE);
862 /* Copy the packet sans its 802.3 header addresses which have been replaced */
863 atmel_copy_to_card(dev, buff + DATA_FRAME_WS_HEADER_SIZE, skb->data + 12, len - 12);
864 priv->tx_buff_tail += len - 12 + DATA_FRAME_WS_HEADER_SIZE;
866 /* low bit of first byte of destination tells us if broadcast */
867 tx_update_descriptor(priv, *(skb->data) & 0x01, len + 18, buff, TX_PACKET_TYPE_DATA);
868 dev->stats.tx_bytes += len;
870 spin_unlock_irqrestore(&priv->irqlock, flags);
871 spin_unlock_bh(&priv->timerlock);
877 static void atmel_transmit_management_frame(struct atmel_private *priv,
878 struct ieee80211_hdr *header,
879 u8 *body, int body_len)
882 int len = MGMT_FRAME_BODY_OFFSET + body_len;
884 if (!(buff = find_tx_buff(priv, len)))
887 atmel_copy_to_card(priv->dev, buff, (u8 *)header, MGMT_FRAME_BODY_OFFSET);
888 atmel_copy_to_card(priv->dev, buff + MGMT_FRAME_BODY_OFFSET, body, body_len);
889 priv->tx_buff_tail += len;
890 tx_update_descriptor(priv, header->addr1[0] & 0x01, len, buff, TX_PACKET_TYPE_MGMT);
893 static void fast_rx_path(struct atmel_private *priv,
894 struct ieee80211_hdr *header,
895 u16 msdu_size, u16 rx_packet_loc, u32 crc)
897 /* fast path: unfragmented packet copy directly into skbuf */
902 /* get the final, mac 4 header field, this tells us encapsulation */
903 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc + 24, 6);
906 if (priv->do_rx_crc) {
907 crc = crc32_le(crc, mac4, 6);
911 if (!(skb = dev_alloc_skb(msdu_size + 14))) {
912 priv->dev->stats.rx_dropped++;
917 skbp = skb_put(skb, msdu_size + 12);
918 atmel_copy_to_host(priv->dev, skbp + 12, rx_packet_loc + 30, msdu_size);
920 if (priv->do_rx_crc) {
922 crc = crc32_le(crc, skbp + 12, msdu_size);
923 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + 30 + msdu_size, 4);
924 if ((crc ^ 0xffffffff) != netcrc) {
925 priv->dev->stats.rx_crc_errors++;
931 memcpy(skbp, header->addr1, ETH_ALEN); /* destination address */
932 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
933 memcpy(&skbp[ETH_ALEN], header->addr3, ETH_ALEN);
935 memcpy(&skbp[ETH_ALEN], header->addr2, ETH_ALEN); /* source address */
937 skb->protocol = eth_type_trans(skb, priv->dev);
938 skb->ip_summed = CHECKSUM_NONE;
940 priv->dev->stats.rx_bytes += 12 + msdu_size;
941 priv->dev->stats.rx_packets++;
944 /* Test to see if the packet in card memory at packet_loc has a valid CRC
945 It doesn't matter that this is slow: it is only used to proble the first few
947 static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size)
949 int i = msdu_size - 4;
950 u32 netcrc, crc = 0xffffffff;
955 atmel_copy_to_host(priv->dev, (void *)&netcrc, packet_loc + i, 4);
957 atmel_writeAR(priv->dev, packet_loc);
959 u8 octet = atmel_read8(priv->dev, DR);
960 crc = crc32_le(crc, &octet, 1);
963 return (crc ^ 0xffffffff) == netcrc;
966 static void frag_rx_path(struct atmel_private *priv,
967 struct ieee80211_hdr *header,
968 u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no,
969 u8 frag_no, int more_frags)
975 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
976 memcpy(source, header->addr3, ETH_ALEN);
978 memcpy(source, header->addr2, ETH_ALEN);
980 rx_packet_loc += 24; /* skip header */
985 if (frag_no == 0) { /* first fragment */
986 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc, ETH_ALEN);
987 msdu_size -= ETH_ALEN;
988 rx_packet_loc += ETH_ALEN;
991 crc = crc32_le(crc, mac4, 6);
993 priv->frag_seq = seq_no;
995 priv->frag_len = msdu_size;
996 memcpy(priv->frag_source, source, ETH_ALEN);
997 memcpy(&priv->rx_buf[ETH_ALEN], source, ETH_ALEN);
998 memcpy(priv->rx_buf, header->addr1, ETH_ALEN);
1000 atmel_copy_to_host(priv->dev, &priv->rx_buf[12], rx_packet_loc, msdu_size);
1002 if (priv->do_rx_crc) {
1004 crc = crc32_le(crc, &priv->rx_buf[12], msdu_size);
1005 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1006 if ((crc ^ 0xffffffff) != netcrc) {
1007 priv->dev->stats.rx_crc_errors++;
1008 memset(priv->frag_source, 0xff, ETH_ALEN);
1012 } else if (priv->frag_no == frag_no &&
1013 priv->frag_seq == seq_no &&
1014 memcmp(priv->frag_source, source, ETH_ALEN) == 0) {
1016 atmel_copy_to_host(priv->dev, &priv->rx_buf[12 + priv->frag_len],
1017 rx_packet_loc, msdu_size);
1018 if (priv->do_rx_crc) {
1021 &priv->rx_buf[12 + priv->frag_len],
1023 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1024 if ((crc ^ 0xffffffff) != netcrc) {
1025 priv->dev->stats.rx_crc_errors++;
1026 memset(priv->frag_source, 0xff, ETH_ALEN);
1027 more_frags = 1; /* don't send broken assembly */
1031 priv->frag_len += msdu_size;
1034 if (!more_frags) { /* last one */
1035 memset(priv->frag_source, 0xff, ETH_ALEN);
1036 if (!(skb = dev_alloc_skb(priv->frag_len + 14))) {
1037 priv->dev->stats.rx_dropped++;
1039 skb_reserve(skb, 2);
1040 memcpy(skb_put(skb, priv->frag_len + 12),
1042 priv->frag_len + 12);
1043 skb->protocol = eth_type_trans(skb, priv->dev);
1044 skb->ip_summed = CHECKSUM_NONE;
1046 priv->dev->stats.rx_bytes += priv->frag_len + 12;
1047 priv->dev->stats.rx_packets++;
1051 priv->wstats.discard.fragment++;
1054 static void rx_done_irq(struct atmel_private *priv)
1057 struct ieee80211_hdr header;
1060 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID &&
1061 i < priv->host_info.rx_desc_count;
1064 u16 msdu_size, rx_packet_loc, frame_ctl, seq_control;
1065 u8 status = atmel_rmem8(priv, atmel_rx(priv, RX_DESC_STATUS_OFFSET, priv->rx_desc_head));
1066 u32 crc = 0xffffffff;
1068 if (status != RX_STATUS_SUCCESS) {
1069 if (status == 0xc1) /* determined by experiment */
1070 priv->wstats.discard.nwid++;
1072 priv->dev->stats.rx_errors++;
1076 msdu_size = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_SIZE_OFFSET, priv->rx_desc_head));
1077 rx_packet_loc = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_POS_OFFSET, priv->rx_desc_head));
1079 if (msdu_size < 30) {
1080 priv->dev->stats.rx_errors++;
1084 /* Get header as far as end of seq_ctrl */
1085 atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24);
1086 frame_ctl = le16_to_cpu(header.frame_control);
1087 seq_control = le16_to_cpu(header.seq_ctrl);
1089 /* probe for CRC use here if needed once five packets have
1090 arrived with the same crc status, we assume we know what's
1091 happening and stop probing */
1092 if (priv->probe_crc) {
1093 if (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED)) {
1094 priv->do_rx_crc = probe_crc(priv, rx_packet_loc, msdu_size);
1096 priv->do_rx_crc = probe_crc(priv, rx_packet_loc + 24, msdu_size - 24);
1098 if (priv->do_rx_crc) {
1099 if (priv->crc_ok_cnt++ > 5)
1100 priv->probe_crc = 0;
1102 if (priv->crc_ko_cnt++ > 5)
1103 priv->probe_crc = 0;
1107 /* don't CRC header when WEP in use */
1108 if (priv->do_rx_crc && (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED))) {
1109 crc = crc32_le(0xffffffff, (unsigned char *)&header, 24);
1111 msdu_size -= 24; /* header */
1113 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) {
1114 int more_fragments = frame_ctl & IEEE80211_FCTL_MOREFRAGS;
1115 u8 packet_fragment_no = seq_control & IEEE80211_SCTL_FRAG;
1116 u16 packet_sequence_no = (seq_control & IEEE80211_SCTL_SEQ) >> 4;
1118 if (!more_fragments && packet_fragment_no == 0) {
1119 fast_rx_path(priv, &header, msdu_size, rx_packet_loc, crc);
1121 frag_rx_path(priv, &header, msdu_size, rx_packet_loc, crc,
1122 packet_sequence_no, packet_fragment_no, more_fragments);
1126 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1127 /* copy rest of packet into buffer */
1128 atmel_copy_to_host(priv->dev, (unsigned char *)&priv->rx_buf, rx_packet_loc + 24, msdu_size);
1130 /* we use the same buffer for frag reassembly and control packets */
1131 memset(priv->frag_source, 0xff, ETH_ALEN);
1133 if (priv->do_rx_crc) {
1134 /* last 4 octets is crc */
1136 crc = crc32_le(crc, (unsigned char *)&priv->rx_buf, msdu_size);
1137 if ((crc ^ 0xffffffff) != (*((u32 *)&priv->rx_buf[msdu_size]))) {
1138 priv->dev->stats.rx_crc_errors++;
1143 atmel_management_frame(priv, &header, msdu_size,
1144 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_RSSI_OFFSET, priv->rx_desc_head)));
1148 /* release descriptor */
1149 atmel_wmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head), RX_DESC_FLAG_CONSUMED);
1151 if (priv->rx_desc_head < (priv->host_info.rx_desc_count - 1))
1152 priv->rx_desc_head++;
1154 priv->rx_desc_head = 0;
1158 static irqreturn_t service_interrupt(int irq, void *dev_id)
1160 struct net_device *dev = (struct net_device *) dev_id;
1161 struct atmel_private *priv = netdev_priv(dev);
1164 static const u8 irq_order[] = {
1170 ISR_COMMAND_COMPLETE,
1175 if (priv->card && priv->present_callback &&
1176 !(*priv->present_callback)(priv->card))
1179 /* In this state upper-level code assumes it can mess with
1180 the card unhampered by interrupts which may change register state.
1181 Note that even though the card shouldn't generate interrupts
1182 the inturrupt line may be shared. This allows card setup
1183 to go on without disabling interrupts for a long time. */
1184 if (priv->station_state == STATION_STATE_DOWN)
1187 atmel_clear_gcr(dev, GCR_ENINT); /* disable interrupts */
1190 if (!atmel_lock_mac(priv)) {
1191 /* failed to contact card */
1192 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1196 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1197 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1200 atmel_set_gcr(dev, GCR_ENINT); /* enable interrupts */
1201 return i == -1 ? IRQ_NONE : IRQ_HANDLED;
1204 atmel_set_gcr(dev, GCR_ACKINT); /* acknowledge interrupt */
1206 for (i = 0; i < ARRAY_SIZE(irq_order); i++)
1207 if (isr & irq_order[i])
1210 if (!atmel_lock_mac(priv)) {
1211 /* failed to contact card */
1212 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1216 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1217 isr ^= irq_order[i];
1218 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET), isr);
1219 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1221 switch (irq_order[i]) {
1223 case ISR_OUT_OF_RANGE:
1224 if (priv->operating_mode == IW_MODE_INFRA &&
1225 priv->station_state == STATION_STATE_READY) {
1226 priv->station_is_associated = 0;
1227 atmel_scan(priv, 1);
1231 case ISR_RxFRAMELOST:
1232 priv->wstats.discard.misc++;
1234 case ISR_RxCOMPLETE:
1238 case ISR_TxCOMPLETE:
1242 case ISR_FATAL_ERROR:
1243 printk(KERN_ALERT "%s: *** FATAL error interrupt ***\n", dev->name);
1244 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
1247 case ISR_COMMAND_COMPLETE:
1248 atmel_command_irq(priv);
1251 case ISR_IBSS_MERGE:
1252 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
1253 priv->CurrentBSSID, 6);
1254 /* The WPA stuff cares about the current AP address */
1256 build_wpa_mib(priv);
1258 case ISR_GENERIC_IRQ:
1259 printk(KERN_INFO "%s: Generic_irq received.\n", dev->name);
1265 static struct iw_statistics *atmel_get_wireless_stats(struct net_device *dev)
1267 struct atmel_private *priv = netdev_priv(dev);
1269 /* update the link quality here in case we are seeing no beacons
1270 at all to drive the process */
1271 atmel_smooth_qual(priv);
1273 priv->wstats.status = priv->station_state;
1275 if (priv->operating_mode == IW_MODE_INFRA) {
1276 if (priv->station_state != STATION_STATE_READY) {
1277 priv->wstats.qual.qual = 0;
1278 priv->wstats.qual.level = 0;
1279 priv->wstats.qual.updated = (IW_QUAL_QUAL_INVALID
1280 | IW_QUAL_LEVEL_INVALID);
1282 priv->wstats.qual.noise = 0;
1283 priv->wstats.qual.updated |= IW_QUAL_NOISE_INVALID;
1285 /* Quality levels cannot be determined in ad-hoc mode,
1286 because we can 'hear' more that one remote station. */
1287 priv->wstats.qual.qual = 0;
1288 priv->wstats.qual.level = 0;
1289 priv->wstats.qual.noise = 0;
1290 priv->wstats.qual.updated = IW_QUAL_QUAL_INVALID
1291 | IW_QUAL_LEVEL_INVALID
1292 | IW_QUAL_NOISE_INVALID;
1293 priv->wstats.miss.beacon = 0;
1296 return &priv->wstats;
1299 static int atmel_change_mtu(struct net_device *dev, int new_mtu)
1301 if ((new_mtu < 68) || (new_mtu > 2312))
1307 static int atmel_set_mac_address(struct net_device *dev, void *p)
1309 struct sockaddr *addr = p;
1311 memcpy (dev->dev_addr, addr->sa_data, dev->addr_len);
1312 return atmel_open(dev);
1315 EXPORT_SYMBOL(atmel_open);
1317 int atmel_open(struct net_device *dev)
1319 struct atmel_private *priv = netdev_priv(dev);
1320 int i, channel, err;
1322 /* any scheduled timer is no longer needed and might screw things up.. */
1323 del_timer_sync(&priv->management_timer);
1325 /* Interrupts will not touch the card once in this state... */
1326 priv->station_state = STATION_STATE_DOWN;
1328 if (priv->new_SSID_size) {
1329 memcpy(priv->SSID, priv->new_SSID, priv->new_SSID_size);
1330 priv->SSID_size = priv->new_SSID_size;
1331 priv->new_SSID_size = 0;
1333 priv->BSS_list_entries = 0;
1335 priv->AuthenticationRequestRetryCnt = 0;
1336 priv->AssociationRequestRetryCnt = 0;
1337 priv->ReAssociationRequestRetryCnt = 0;
1338 priv->CurrentAuthentTransactionSeqNum = 0x0001;
1339 priv->ExpectedAuthentTransactionSeqNum = 0x0002;
1341 priv->site_survey_state = SITE_SURVEY_IDLE;
1342 priv->station_is_associated = 0;
1344 err = reset_atmel_card(dev);
1348 if (priv->config_reg_domain) {
1349 priv->reg_domain = priv->config_reg_domain;
1350 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS, priv->reg_domain);
1352 priv->reg_domain = atmel_get_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS);
1353 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1354 if (priv->reg_domain == channel_table[i].reg_domain)
1356 if (i == ARRAY_SIZE(channel_table)) {
1357 priv->reg_domain = REG_DOMAIN_MKK1;
1358 printk(KERN_ALERT "%s: failed to get regulatory domain: assuming MKK1.\n", dev->name);
1362 if ((channel = atmel_validate_channel(priv, priv->channel)))
1363 priv->channel = channel;
1365 /* this moves station_state on.... */
1366 atmel_scan(priv, 1);
1368 atmel_set_gcr(priv->dev, GCR_ENINT); /* enable interrupts */
1372 static int atmel_close(struct net_device *dev)
1374 struct atmel_private *priv = netdev_priv(dev);
1376 /* Send event to userspace that we are disassociating */
1377 if (priv->station_state == STATION_STATE_READY) {
1378 union iwreq_data wrqu;
1380 wrqu.data.length = 0;
1381 wrqu.data.flags = 0;
1382 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1383 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
1384 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
1387 atmel_enter_state(priv, STATION_STATE_DOWN);
1389 if (priv->bus_type == BUS_TYPE_PCCARD)
1390 atmel_write16(dev, GCR, 0x0060);
1391 atmel_write16(dev, GCR, 0x0040);
1395 static int atmel_validate_channel(struct atmel_private *priv, int channel)
1397 /* check that channel is OK, if so return zero,
1398 else return suitable default channel */
1401 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1402 if (priv->reg_domain == channel_table[i].reg_domain) {
1403 if (channel >= channel_table[i].min &&
1404 channel <= channel_table[i].max)
1407 return channel_table[i].min;
1412 static int atmel_proc_show(struct seq_file *m, void *v)
1414 struct atmel_private *priv = m->private;
1418 seq_printf(m, "Driver version:\t\t%d.%d\n", DRIVER_MAJOR, DRIVER_MINOR);
1420 if (priv->station_state != STATION_STATE_DOWN) {
1422 "Firmware version:\t%d.%d build %d\n"
1423 "Firmware location:\t",
1424 priv->host_info.major_version,
1425 priv->host_info.minor_version,
1426 priv->host_info.build_version);
1428 if (priv->card_type != CARD_TYPE_EEPROM)
1429 seq_puts(m, "on card\n");
1430 else if (priv->firmware)
1431 seq_printf(m, "%s loaded by host\n", priv->firmware_id);
1433 seq_printf(m, "%s loaded by hotplug\n", priv->firmware_id);
1435 switch (priv->card_type) {
1436 case CARD_TYPE_PARALLEL_FLASH:
1437 c = "Parallel flash";
1439 case CARD_TYPE_SPI_FLASH:
1442 case CARD_TYPE_EEPROM:
1450 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1451 if (priv->reg_domain == channel_table[i].reg_domain)
1452 r = channel_table[i].name;
1454 seq_printf(m, "MAC memory type:\t%s\n", c);
1455 seq_printf(m, "Regulatory domain:\t%s\n", r);
1456 seq_printf(m, "Host CRC checking:\t%s\n",
1457 priv->do_rx_crc ? "On" : "Off");
1458 seq_printf(m, "WPA-capable firmware:\t%s\n",
1459 priv->use_wpa ? "Yes" : "No");
1462 switch (priv->station_state) {
1463 case STATION_STATE_SCANNING:
1466 case STATION_STATE_JOINNING:
1469 case STATION_STATE_AUTHENTICATING:
1470 s = "Authenticating";
1472 case STATION_STATE_ASSOCIATING:
1475 case STATION_STATE_READY:
1478 case STATION_STATE_REASSOCIATING:
1479 s = "Reassociating";
1481 case STATION_STATE_MGMT_ERROR:
1482 s = "Management error";
1484 case STATION_STATE_DOWN:
1491 seq_printf(m, "Current state:\t\t%s\n", s);
1495 static int atmel_proc_open(struct inode *inode, struct file *file)
1497 return single_open(file, atmel_proc_show, PDE_DATA(inode));
1500 static const struct file_operations atmel_proc_fops = {
1501 .open = atmel_proc_open,
1503 .llseek = seq_lseek,
1504 .release = single_release,
1507 static const struct net_device_ops atmel_netdev_ops = {
1508 .ndo_open = atmel_open,
1509 .ndo_stop = atmel_close,
1510 .ndo_change_mtu = atmel_change_mtu,
1511 .ndo_set_mac_address = atmel_set_mac_address,
1512 .ndo_start_xmit = start_tx,
1513 .ndo_do_ioctl = atmel_ioctl,
1514 .ndo_validate_addr = eth_validate_addr,
1517 struct net_device *init_atmel_card(unsigned short irq, unsigned long port,
1518 const AtmelFWType fw_type,
1519 struct device *sys_dev,
1520 int (*card_present)(void *), void *card)
1522 struct net_device *dev;
1523 struct atmel_private *priv;
1526 /* Create the network device object. */
1527 dev = alloc_etherdev(sizeof(*priv));
1531 if (dev_alloc_name(dev, dev->name) < 0) {
1532 printk(KERN_ERR "atmel: Couldn't get name!\n");
1536 priv = netdev_priv(dev);
1538 priv->sys_dev = sys_dev;
1539 priv->present_callback = card_present;
1541 priv->firmware = NULL;
1542 priv->firmware_id[0] = '\0';
1543 priv->firmware_type = fw_type;
1544 if (firmware) /* module parameter */
1545 strcpy(priv->firmware_id, firmware);
1546 priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI;
1547 priv->station_state = STATION_STATE_DOWN;
1548 priv->do_rx_crc = 0;
1549 /* For PCMCIA cards, some chips need CRC, some don't
1550 so we have to probe. */
1551 if (priv->bus_type == BUS_TYPE_PCCARD) {
1552 priv->probe_crc = 1;
1553 priv->crc_ok_cnt = priv->crc_ko_cnt = 0;
1555 priv->probe_crc = 0;
1556 priv->last_qual = jiffies;
1557 priv->last_beacon_timestamp = 0;
1558 memset(priv->frag_source, 0xff, sizeof(priv->frag_source));
1559 memset(priv->BSSID, 0, ETH_ALEN);
1560 priv->CurrentBSSID[0] = 0xFF; /* Initialize to something invalid.... */
1561 priv->station_was_associated = 0;
1563 priv->last_survey = jiffies;
1564 priv->preamble = LONG_PREAMBLE;
1565 priv->operating_mode = IW_MODE_INFRA;
1566 priv->connect_to_any_BSS = 0;
1567 priv->config_reg_domain = 0;
1568 priv->reg_domain = 0;
1570 priv->auto_tx_rate = 1;
1572 priv->power_mode = 0;
1573 priv->SSID[0] = '\0';
1574 priv->SSID_size = 0;
1575 priv->new_SSID_size = 0;
1576 priv->frag_threshold = 2346;
1577 priv->rts_threshold = 2347;
1578 priv->short_retry = 7;
1579 priv->long_retry = 4;
1581 priv->wep_is_on = 0;
1582 priv->default_key = 0;
1583 priv->encryption_level = 0;
1584 priv->exclude_unencrypted = 0;
1585 priv->group_cipher_suite = priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1587 memset(priv->wep_keys, 0, sizeof(priv->wep_keys));
1588 memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len));
1590 priv->default_beacon_period = priv->beacon_period = 100;
1591 priv->listen_interval = 1;
1593 init_timer(&priv->management_timer);
1594 spin_lock_init(&priv->irqlock);
1595 spin_lock_init(&priv->timerlock);
1596 priv->management_timer.function = atmel_management_timer;
1597 priv->management_timer.data = (unsigned long) dev;
1599 dev->netdev_ops = &atmel_netdev_ops;
1600 dev->wireless_handlers = &atmel_handler_def;
1602 dev->base_addr = port;
1604 SET_NETDEV_DEV(dev, sys_dev);
1606 if ((rc = request_irq(dev->irq, service_interrupt, IRQF_SHARED, dev->name, dev))) {
1607 printk(KERN_ERR "%s: register interrupt %d failed, rc %d\n", dev->name, irq, rc);
1611 if (!request_region(dev->base_addr, 32,
1612 priv->bus_type == BUS_TYPE_PCCARD ? "atmel_cs" : "atmel_pci")) {
1616 if (register_netdev(dev))
1619 if (!probe_atmel_card(dev)) {
1620 unregister_netdev(dev);
1624 netif_carrier_off(dev);
1626 if (!proc_create_data("driver/atmel", 0, NULL, &atmel_proc_fops, priv))
1627 printk(KERN_WARNING "atmel: unable to create /proc entry.\n");
1629 printk(KERN_INFO "%s: Atmel at76c50x. Version %d.%d. MAC %pM\n",
1630 dev->name, DRIVER_MAJOR, DRIVER_MINOR, dev->dev_addr);
1635 release_region(dev->base_addr, 32);
1637 free_irq(dev->irq, dev);
1643 EXPORT_SYMBOL(init_atmel_card);
1645 void stop_atmel_card(struct net_device *dev)
1647 struct atmel_private *priv = netdev_priv(dev);
1649 /* put a brick on it... */
1650 if (priv->bus_type == BUS_TYPE_PCCARD)
1651 atmel_write16(dev, GCR, 0x0060);
1652 atmel_write16(dev, GCR, 0x0040);
1654 del_timer_sync(&priv->management_timer);
1655 unregister_netdev(dev);
1656 remove_proc_entry("driver/atmel", NULL);
1657 free_irq(dev->irq, dev);
1658 kfree(priv->firmware);
1659 release_region(dev->base_addr, 32);
1663 EXPORT_SYMBOL(stop_atmel_card);
1665 static int atmel_set_essid(struct net_device *dev,
1666 struct iw_request_info *info,
1667 struct iw_point *dwrq,
1670 struct atmel_private *priv = netdev_priv(dev);
1672 /* Check if we asked for `any' */
1673 if (dwrq->flags == 0) {
1674 priv->connect_to_any_BSS = 1;
1676 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1678 priv->connect_to_any_BSS = 0;
1680 /* Check the size of the string */
1681 if (dwrq->length > MAX_SSID_LENGTH)
1686 memcpy(priv->new_SSID, extra, dwrq->length);
1687 priv->new_SSID_size = dwrq->length;
1690 return -EINPROGRESS;
1693 static int atmel_get_essid(struct net_device *dev,
1694 struct iw_request_info *info,
1695 struct iw_point *dwrq,
1698 struct atmel_private *priv = netdev_priv(dev);
1700 /* Get the current SSID */
1701 if (priv->new_SSID_size != 0) {
1702 memcpy(extra, priv->new_SSID, priv->new_SSID_size);
1703 dwrq->length = priv->new_SSID_size;
1705 memcpy(extra, priv->SSID, priv->SSID_size);
1706 dwrq->length = priv->SSID_size;
1709 dwrq->flags = !priv->connect_to_any_BSS; /* active */
1714 static int atmel_get_wap(struct net_device *dev,
1715 struct iw_request_info *info,
1716 struct sockaddr *awrq,
1719 struct atmel_private *priv = netdev_priv(dev);
1720 memcpy(awrq->sa_data, priv->CurrentBSSID, ETH_ALEN);
1721 awrq->sa_family = ARPHRD_ETHER;
1726 static int atmel_set_encode(struct net_device *dev,
1727 struct iw_request_info *info,
1728 struct iw_point *dwrq,
1731 struct atmel_private *priv = netdev_priv(dev);
1733 /* Basic checking: do we have a key to set ?
1734 * Note : with the new API, it's impossible to get a NULL pointer.
1735 * Therefore, we need to check a key size == 0 instead.
1736 * New version of iwconfig properly set the IW_ENCODE_NOKEY flag
1737 * when no key is present (only change flags), but older versions
1738 * don't do it. - Jean II */
1739 if (dwrq->length > 0) {
1740 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1741 int current_index = priv->default_key;
1742 /* Check the size of the key */
1743 if (dwrq->length > 13) {
1746 /* Check the index (none -> use current) */
1747 if (index < 0 || index >= 4)
1748 index = current_index;
1750 priv->default_key = index;
1751 /* Set the length */
1752 if (dwrq->length > 5)
1753 priv->wep_key_len[index] = 13;
1755 if (dwrq->length > 0)
1756 priv->wep_key_len[index] = 5;
1758 /* Disable the key */
1759 priv->wep_key_len[index] = 0;
1760 /* Check if the key is not marked as invalid */
1761 if (!(dwrq->flags & IW_ENCODE_NOKEY)) {
1763 memset(priv->wep_keys[index], 0, 13);
1764 /* Copy the key in the driver */
1765 memcpy(priv->wep_keys[index], extra, dwrq->length);
1767 /* WE specify that if a valid key is set, encryption
1768 * should be enabled (user may turn it off later)
1769 * This is also how "iwconfig ethX key on" works */
1770 if (index == current_index &&
1771 priv->wep_key_len[index] > 0) {
1772 priv->wep_is_on = 1;
1773 priv->exclude_unencrypted = 1;
1774 if (priv->wep_key_len[index] > 5) {
1775 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1776 priv->encryption_level = 2;
1778 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1779 priv->encryption_level = 1;
1783 /* Do we want to just set the transmit key index ? */
1784 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1785 if (index >= 0 && index < 4) {
1786 priv->default_key = index;
1788 /* Don't complain if only change the mode */
1789 if (!(dwrq->flags & IW_ENCODE_MODE))
1792 /* Read the flags */
1793 if (dwrq->flags & IW_ENCODE_DISABLED) {
1794 priv->wep_is_on = 0;
1795 priv->encryption_level = 0;
1796 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1798 priv->wep_is_on = 1;
1799 if (priv->wep_key_len[priv->default_key] > 5) {
1800 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1801 priv->encryption_level = 2;
1803 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1804 priv->encryption_level = 1;
1807 if (dwrq->flags & IW_ENCODE_RESTRICTED)
1808 priv->exclude_unencrypted = 1;
1809 if (dwrq->flags & IW_ENCODE_OPEN)
1810 priv->exclude_unencrypted = 0;
1812 return -EINPROGRESS; /* Call commit handler */
1815 static int atmel_get_encode(struct net_device *dev,
1816 struct iw_request_info *info,
1817 struct iw_point *dwrq,
1820 struct atmel_private *priv = netdev_priv(dev);
1821 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1823 if (!priv->wep_is_on)
1824 dwrq->flags = IW_ENCODE_DISABLED;
1826 if (priv->exclude_unencrypted)
1827 dwrq->flags = IW_ENCODE_RESTRICTED;
1829 dwrq->flags = IW_ENCODE_OPEN;
1831 /* Which key do we want ? -1 -> tx index */
1832 if (index < 0 || index >= 4)
1833 index = priv->default_key;
1834 dwrq->flags |= index + 1;
1835 /* Copy the key to the user buffer */
1836 dwrq->length = priv->wep_key_len[index];
1837 if (dwrq->length > 16) {
1840 memset(extra, 0, 16);
1841 memcpy(extra, priv->wep_keys[index], dwrq->length);
1847 static int atmel_set_encodeext(struct net_device *dev,
1848 struct iw_request_info *info,
1849 union iwreq_data *wrqu,
1852 struct atmel_private *priv = netdev_priv(dev);
1853 struct iw_point *encoding = &wrqu->encoding;
1854 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1855 int idx, key_len, alg = ext->alg, set_key = 1;
1857 /* Determine and validate the key index */
1858 idx = encoding->flags & IW_ENCODE_INDEX;
1860 if (idx < 1 || idx > 4)
1864 idx = priv->default_key;
1866 if (encoding->flags & IW_ENCODE_DISABLED)
1867 alg = IW_ENCODE_ALG_NONE;
1869 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
1870 priv->default_key = idx;
1871 set_key = ext->key_len > 0 ? 1 : 0;
1875 /* Set the requested key first */
1877 case IW_ENCODE_ALG_NONE:
1878 priv->wep_is_on = 0;
1879 priv->encryption_level = 0;
1880 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1882 case IW_ENCODE_ALG_WEP:
1883 if (ext->key_len > 5) {
1884 priv->wep_key_len[idx] = 13;
1885 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1886 priv->encryption_level = 2;
1887 } else if (ext->key_len > 0) {
1888 priv->wep_key_len[idx] = 5;
1889 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1890 priv->encryption_level = 1;
1894 priv->wep_is_on = 1;
1895 memset(priv->wep_keys[idx], 0, 13);
1896 key_len = min ((int)ext->key_len, priv->wep_key_len[idx]);
1897 memcpy(priv->wep_keys[idx], ext->key, key_len);
1904 return -EINPROGRESS;
1907 static int atmel_get_encodeext(struct net_device *dev,
1908 struct iw_request_info *info,
1909 union iwreq_data *wrqu,
1912 struct atmel_private *priv = netdev_priv(dev);
1913 struct iw_point *encoding = &wrqu->encoding;
1914 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1915 int idx, max_key_len;
1917 max_key_len = encoding->length - sizeof(*ext);
1918 if (max_key_len < 0)
1921 idx = encoding->flags & IW_ENCODE_INDEX;
1923 if (idx < 1 || idx > 4)
1927 idx = priv->default_key;
1929 encoding->flags = idx + 1;
1930 memset(ext, 0, sizeof(*ext));
1932 if (!priv->wep_is_on) {
1933 ext->alg = IW_ENCODE_ALG_NONE;
1935 encoding->flags |= IW_ENCODE_DISABLED;
1937 if (priv->encryption_level > 0)
1938 ext->alg = IW_ENCODE_ALG_WEP;
1942 ext->key_len = priv->wep_key_len[idx];
1943 memcpy(ext->key, priv->wep_keys[idx], ext->key_len);
1944 encoding->flags |= IW_ENCODE_ENABLED;
1950 static int atmel_set_auth(struct net_device *dev,
1951 struct iw_request_info *info,
1952 union iwreq_data *wrqu, char *extra)
1954 struct atmel_private *priv = netdev_priv(dev);
1955 struct iw_param *param = &wrqu->param;
1957 switch (param->flags & IW_AUTH_INDEX) {
1958 case IW_AUTH_WPA_VERSION:
1959 case IW_AUTH_CIPHER_PAIRWISE:
1960 case IW_AUTH_CIPHER_GROUP:
1961 case IW_AUTH_KEY_MGMT:
1962 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1963 case IW_AUTH_PRIVACY_INVOKED:
1965 * atmel does not use these parameters
1969 case IW_AUTH_DROP_UNENCRYPTED:
1970 priv->exclude_unencrypted = param->value ? 1 : 0;
1973 case IW_AUTH_80211_AUTH_ALG: {
1974 if (param->value & IW_AUTH_ALG_SHARED_KEY) {
1975 priv->exclude_unencrypted = 1;
1976 } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) {
1977 priv->exclude_unencrypted = 0;
1983 case IW_AUTH_WPA_ENABLED:
1984 /* Silently accept disable of WPA */
1985 if (param->value > 0)
1992 return -EINPROGRESS;
1995 static int atmel_get_auth(struct net_device *dev,
1996 struct iw_request_info *info,
1997 union iwreq_data *wrqu, char *extra)
1999 struct atmel_private *priv = netdev_priv(dev);
2000 struct iw_param *param = &wrqu->param;
2002 switch (param->flags & IW_AUTH_INDEX) {
2003 case IW_AUTH_DROP_UNENCRYPTED:
2004 param->value = priv->exclude_unencrypted;
2007 case IW_AUTH_80211_AUTH_ALG:
2008 if (priv->exclude_unencrypted == 1)
2009 param->value = IW_AUTH_ALG_SHARED_KEY;
2011 param->value = IW_AUTH_ALG_OPEN_SYSTEM;
2014 case IW_AUTH_WPA_ENABLED:
2025 static int atmel_get_name(struct net_device *dev,
2026 struct iw_request_info *info,
2030 strcpy(cwrq, "IEEE 802.11-DS");
2034 static int atmel_set_rate(struct net_device *dev,
2035 struct iw_request_info *info,
2036 struct iw_param *vwrq,
2039 struct atmel_private *priv = netdev_priv(dev);
2041 if (vwrq->fixed == 0) {
2043 priv->auto_tx_rate = 1;
2045 priv->auto_tx_rate = 0;
2047 /* Which type of value ? */
2048 if ((vwrq->value < 4) && (vwrq->value >= 0)) {
2049 /* Setting by rate index */
2050 priv->tx_rate = vwrq->value;
2052 /* Setting by frequency value */
2053 switch (vwrq->value) {
2072 return -EINPROGRESS;
2075 static int atmel_set_mode(struct net_device *dev,
2076 struct iw_request_info *info,
2080 struct atmel_private *priv = netdev_priv(dev);
2082 if (*uwrq != IW_MODE_ADHOC && *uwrq != IW_MODE_INFRA)
2085 priv->operating_mode = *uwrq;
2086 return -EINPROGRESS;
2089 static int atmel_get_mode(struct net_device *dev,
2090 struct iw_request_info *info,
2094 struct atmel_private *priv = netdev_priv(dev);
2096 *uwrq = priv->operating_mode;
2100 static int atmel_get_rate(struct net_device *dev,
2101 struct iw_request_info *info,
2102 struct iw_param *vwrq,
2105 struct atmel_private *priv = netdev_priv(dev);
2107 if (priv->auto_tx_rate) {
2109 vwrq->value = 11000000;
2112 switch (priv->tx_rate) {
2114 vwrq->value = 1000000;
2117 vwrq->value = 2000000;
2120 vwrq->value = 5500000;
2123 vwrq->value = 11000000;
2130 static int atmel_set_power(struct net_device *dev,
2131 struct iw_request_info *info,
2132 struct iw_param *vwrq,
2135 struct atmel_private *priv = netdev_priv(dev);
2136 priv->power_mode = vwrq->disabled ? 0 : 1;
2137 return -EINPROGRESS;
2140 static int atmel_get_power(struct net_device *dev,
2141 struct iw_request_info *info,
2142 struct iw_param *vwrq,
2145 struct atmel_private *priv = netdev_priv(dev);
2146 vwrq->disabled = priv->power_mode ? 0 : 1;
2147 vwrq->flags = IW_POWER_ON;
2151 static int atmel_set_retry(struct net_device *dev,
2152 struct iw_request_info *info,
2153 struct iw_param *vwrq,
2156 struct atmel_private *priv = netdev_priv(dev);
2158 if (!vwrq->disabled && (vwrq->flags & IW_RETRY_LIMIT)) {
2159 if (vwrq->flags & IW_RETRY_LONG)
2160 priv->long_retry = vwrq->value;
2161 else if (vwrq->flags & IW_RETRY_SHORT)
2162 priv->short_retry = vwrq->value;
2164 /* No modifier : set both */
2165 priv->long_retry = vwrq->value;
2166 priv->short_retry = vwrq->value;
2168 return -EINPROGRESS;
2174 static int atmel_get_retry(struct net_device *dev,
2175 struct iw_request_info *info,
2176 struct iw_param *vwrq,
2179 struct atmel_private *priv = netdev_priv(dev);
2181 vwrq->disabled = 0; /* Can't be disabled */
2183 /* Note : by default, display the short retry number */
2184 if (vwrq->flags & IW_RETRY_LONG) {
2185 vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
2186 vwrq->value = priv->long_retry;
2188 vwrq->flags = IW_RETRY_LIMIT;
2189 vwrq->value = priv->short_retry;
2190 if (priv->long_retry != priv->short_retry)
2191 vwrq->flags |= IW_RETRY_SHORT;
2197 static int atmel_set_rts(struct net_device *dev,
2198 struct iw_request_info *info,
2199 struct iw_param *vwrq,
2202 struct atmel_private *priv = netdev_priv(dev);
2203 int rthr = vwrq->value;
2207 if ((rthr < 0) || (rthr > 2347)) {
2210 priv->rts_threshold = rthr;
2212 return -EINPROGRESS; /* Call commit handler */
2215 static int atmel_get_rts(struct net_device *dev,
2216 struct iw_request_info *info,
2217 struct iw_param *vwrq,
2220 struct atmel_private *priv = netdev_priv(dev);
2222 vwrq->value = priv->rts_threshold;
2223 vwrq->disabled = (vwrq->value >= 2347);
2229 static int atmel_set_frag(struct net_device *dev,
2230 struct iw_request_info *info,
2231 struct iw_param *vwrq,
2234 struct atmel_private *priv = netdev_priv(dev);
2235 int fthr = vwrq->value;
2239 if ((fthr < 256) || (fthr > 2346)) {
2242 fthr &= ~0x1; /* Get an even value - is it really needed ??? */
2243 priv->frag_threshold = fthr;
2245 return -EINPROGRESS; /* Call commit handler */
2248 static int atmel_get_frag(struct net_device *dev,
2249 struct iw_request_info *info,
2250 struct iw_param *vwrq,
2253 struct atmel_private *priv = netdev_priv(dev);
2255 vwrq->value = priv->frag_threshold;
2256 vwrq->disabled = (vwrq->value >= 2346);
2262 static int atmel_set_freq(struct net_device *dev,
2263 struct iw_request_info *info,
2264 struct iw_freq *fwrq,
2267 struct atmel_private *priv = netdev_priv(dev);
2268 int rc = -EINPROGRESS; /* Call commit handler */
2270 /* If setting by frequency, convert to a channel */
2272 int f = fwrq->m / 100000;
2274 /* Hack to fall through... */
2276 fwrq->m = ieee80211_frequency_to_channel(f);
2278 /* Setting by channel number */
2279 if ((fwrq->m > 1000) || (fwrq->e > 0))
2282 int channel = fwrq->m;
2283 if (atmel_validate_channel(priv, channel) == 0) {
2284 priv->channel = channel;
2292 static int atmel_get_freq(struct net_device *dev,
2293 struct iw_request_info *info,
2294 struct iw_freq *fwrq,
2297 struct atmel_private *priv = netdev_priv(dev);
2299 fwrq->m = priv->channel;
2304 static int atmel_set_scan(struct net_device *dev,
2305 struct iw_request_info *info,
2306 struct iw_point *dwrq,
2309 struct atmel_private *priv = netdev_priv(dev);
2310 unsigned long flags;
2312 /* Note : you may have realised that, as this is a SET operation,
2313 * this is privileged and therefore a normal user can't
2315 * This is not an error, while the device perform scanning,
2316 * traffic doesn't flow, so it's a perfect DoS...
2319 if (priv->station_state == STATION_STATE_DOWN)
2322 /* Timeout old surveys. */
2323 if (time_after(jiffies, priv->last_survey + 20 * HZ))
2324 priv->site_survey_state = SITE_SURVEY_IDLE;
2325 priv->last_survey = jiffies;
2327 /* Initiate a scan command */
2328 if (priv->site_survey_state == SITE_SURVEY_IN_PROGRESS)
2331 del_timer_sync(&priv->management_timer);
2332 spin_lock_irqsave(&priv->irqlock, flags);
2334 priv->site_survey_state = SITE_SURVEY_IN_PROGRESS;
2335 priv->fast_scan = 0;
2336 atmel_scan(priv, 0);
2337 spin_unlock_irqrestore(&priv->irqlock, flags);
2342 static int atmel_get_scan(struct net_device *dev,
2343 struct iw_request_info *info,
2344 struct iw_point *dwrq,
2347 struct atmel_private *priv = netdev_priv(dev);
2349 char *current_ev = extra;
2350 struct iw_event iwe;
2352 if (priv->site_survey_state != SITE_SURVEY_COMPLETED)
2355 for (i = 0; i < priv->BSS_list_entries; i++) {
2356 iwe.cmd = SIOCGIWAP;
2357 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2358 memcpy(iwe.u.ap_addr.sa_data, priv->BSSinfo[i].BSSID, ETH_ALEN);
2359 current_ev = iwe_stream_add_event(info, current_ev,
2360 extra + IW_SCAN_MAX_DATA,
2361 &iwe, IW_EV_ADDR_LEN);
2363 iwe.u.data.length = priv->BSSinfo[i].SSIDsize;
2364 if (iwe.u.data.length > 32)
2365 iwe.u.data.length = 32;
2366 iwe.cmd = SIOCGIWESSID;
2367 iwe.u.data.flags = 1;
2368 current_ev = iwe_stream_add_point(info, current_ev,
2369 extra + IW_SCAN_MAX_DATA,
2370 &iwe, priv->BSSinfo[i].SSID);
2372 iwe.cmd = SIOCGIWMODE;
2373 iwe.u.mode = priv->BSSinfo[i].BSStype;
2374 current_ev = iwe_stream_add_event(info, current_ev,
2375 extra + IW_SCAN_MAX_DATA,
2376 &iwe, IW_EV_UINT_LEN);
2378 iwe.cmd = SIOCGIWFREQ;
2379 iwe.u.freq.m = priv->BSSinfo[i].channel;
2381 current_ev = iwe_stream_add_event(info, current_ev,
2382 extra + IW_SCAN_MAX_DATA,
2383 &iwe, IW_EV_FREQ_LEN);
2385 /* Add quality statistics */
2387 iwe.u.qual.level = priv->BSSinfo[i].RSSI;
2388 iwe.u.qual.qual = iwe.u.qual.level;
2389 /* iwe.u.qual.noise = SOMETHING */
2390 current_ev = iwe_stream_add_event(info, current_ev,
2391 extra + IW_SCAN_MAX_DATA,
2392 &iwe, IW_EV_QUAL_LEN);
2395 iwe.cmd = SIOCGIWENCODE;
2396 if (priv->BSSinfo[i].UsingWEP)
2397 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2399 iwe.u.data.flags = IW_ENCODE_DISABLED;
2400 iwe.u.data.length = 0;
2401 current_ev = iwe_stream_add_point(info, current_ev,
2402 extra + IW_SCAN_MAX_DATA,
2406 /* Length of data */
2407 dwrq->length = (current_ev - extra);
2413 static int atmel_get_range(struct net_device *dev,
2414 struct iw_request_info *info,
2415 struct iw_point *dwrq,
2418 struct atmel_private *priv = netdev_priv(dev);
2419 struct iw_range *range = (struct iw_range *) extra;
2422 dwrq->length = sizeof(struct iw_range);
2423 memset(range, 0, sizeof(struct iw_range));
2424 range->min_nwid = 0x0000;
2425 range->max_nwid = 0x0000;
2426 range->num_channels = 0;
2427 for (j = 0; j < ARRAY_SIZE(channel_table); j++)
2428 if (priv->reg_domain == channel_table[j].reg_domain) {
2429 range->num_channels = channel_table[j].max - channel_table[j].min + 1;
2432 if (range->num_channels != 0) {
2433 for (k = 0, i = channel_table[j].min; i <= channel_table[j].max; i++) {
2434 range->freq[k].i = i; /* List index */
2436 /* Values in MHz -> * 10^5 * 10 */
2437 range->freq[k].m = 100000 *
2438 ieee80211_channel_to_frequency(i, IEEE80211_BAND_2GHZ);
2439 range->freq[k++].e = 1;
2441 range->num_frequency = k;
2444 range->max_qual.qual = 100;
2445 range->max_qual.level = 100;
2446 range->max_qual.noise = 0;
2447 range->max_qual.updated = IW_QUAL_NOISE_INVALID;
2449 range->avg_qual.qual = 50;
2450 range->avg_qual.level = 50;
2451 range->avg_qual.noise = 0;
2452 range->avg_qual.updated = IW_QUAL_NOISE_INVALID;
2454 range->sensitivity = 0;
2456 range->bitrate[0] = 1000000;
2457 range->bitrate[1] = 2000000;
2458 range->bitrate[2] = 5500000;
2459 range->bitrate[3] = 11000000;
2460 range->num_bitrates = 4;
2463 range->max_rts = 2347;
2464 range->min_frag = 256;
2465 range->max_frag = 2346;
2467 range->encoding_size[0] = 5;
2468 range->encoding_size[1] = 13;
2469 range->num_encoding_sizes = 2;
2470 range->max_encoding_tokens = 4;
2472 range->pmp_flags = IW_POWER_ON;
2473 range->pmt_flags = IW_POWER_ON;
2476 range->we_version_source = WIRELESS_EXT;
2477 range->we_version_compiled = WIRELESS_EXT;
2478 range->retry_capa = IW_RETRY_LIMIT ;
2479 range->retry_flags = IW_RETRY_LIMIT;
2480 range->r_time_flags = 0;
2481 range->min_retry = 1;
2482 range->max_retry = 65535;
2487 static int atmel_set_wap(struct net_device *dev,
2488 struct iw_request_info *info,
2489 struct sockaddr *awrq,
2492 struct atmel_private *priv = netdev_priv(dev);
2494 static const u8 any[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
2495 static const u8 off[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
2496 unsigned long flags;
2498 if (awrq->sa_family != ARPHRD_ETHER)
2501 if (!memcmp(any, awrq->sa_data, 6) ||
2502 !memcmp(off, awrq->sa_data, 6)) {
2503 del_timer_sync(&priv->management_timer);
2504 spin_lock_irqsave(&priv->irqlock, flags);
2505 atmel_scan(priv, 1);
2506 spin_unlock_irqrestore(&priv->irqlock, flags);
2510 for (i = 0; i < priv->BSS_list_entries; i++) {
2511 if (memcmp(priv->BSSinfo[i].BSSID, awrq->sa_data, 6) == 0) {
2512 if (!priv->wep_is_on && priv->BSSinfo[i].UsingWEP) {
2514 } else if (priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) {
2517 del_timer_sync(&priv->management_timer);
2518 spin_lock_irqsave(&priv->irqlock, flags);
2519 atmel_join_bss(priv, i);
2520 spin_unlock_irqrestore(&priv->irqlock, flags);
2529 static int atmel_config_commit(struct net_device *dev,
2530 struct iw_request_info *info, /* NULL */
2531 void *zwrq, /* NULL */
2532 char *extra) /* NULL */
2534 return atmel_open(dev);
2537 static const iw_handler atmel_handler[] =
2539 (iw_handler) atmel_config_commit, /* SIOCSIWCOMMIT */
2540 (iw_handler) atmel_get_name, /* SIOCGIWNAME */
2541 (iw_handler) NULL, /* SIOCSIWNWID */
2542 (iw_handler) NULL, /* SIOCGIWNWID */
2543 (iw_handler) atmel_set_freq, /* SIOCSIWFREQ */
2544 (iw_handler) atmel_get_freq, /* SIOCGIWFREQ */
2545 (iw_handler) atmel_set_mode, /* SIOCSIWMODE */
2546 (iw_handler) atmel_get_mode, /* SIOCGIWMODE */
2547 (iw_handler) NULL, /* SIOCSIWSENS */
2548 (iw_handler) NULL, /* SIOCGIWSENS */
2549 (iw_handler) NULL, /* SIOCSIWRANGE */
2550 (iw_handler) atmel_get_range, /* SIOCGIWRANGE */
2551 (iw_handler) NULL, /* SIOCSIWPRIV */
2552 (iw_handler) NULL, /* SIOCGIWPRIV */
2553 (iw_handler) NULL, /* SIOCSIWSTATS */
2554 (iw_handler) NULL, /* SIOCGIWSTATS */
2555 (iw_handler) NULL, /* SIOCSIWSPY */
2556 (iw_handler) NULL, /* SIOCGIWSPY */
2557 (iw_handler) NULL, /* -- hole -- */
2558 (iw_handler) NULL, /* -- hole -- */
2559 (iw_handler) atmel_set_wap, /* SIOCSIWAP */
2560 (iw_handler) atmel_get_wap, /* SIOCGIWAP */
2561 (iw_handler) NULL, /* -- hole -- */
2562 (iw_handler) NULL, /* SIOCGIWAPLIST */
2563 (iw_handler) atmel_set_scan, /* SIOCSIWSCAN */
2564 (iw_handler) atmel_get_scan, /* SIOCGIWSCAN */
2565 (iw_handler) atmel_set_essid, /* SIOCSIWESSID */
2566 (iw_handler) atmel_get_essid, /* SIOCGIWESSID */
2567 (iw_handler) NULL, /* SIOCSIWNICKN */
2568 (iw_handler) NULL, /* SIOCGIWNICKN */
2569 (iw_handler) NULL, /* -- hole -- */
2570 (iw_handler) NULL, /* -- hole -- */
2571 (iw_handler) atmel_set_rate, /* SIOCSIWRATE */
2572 (iw_handler) atmel_get_rate, /* SIOCGIWRATE */
2573 (iw_handler) atmel_set_rts, /* SIOCSIWRTS */
2574 (iw_handler) atmel_get_rts, /* SIOCGIWRTS */
2575 (iw_handler) atmel_set_frag, /* SIOCSIWFRAG */
2576 (iw_handler) atmel_get_frag, /* SIOCGIWFRAG */
2577 (iw_handler) NULL, /* SIOCSIWTXPOW */
2578 (iw_handler) NULL, /* SIOCGIWTXPOW */
2579 (iw_handler) atmel_set_retry, /* SIOCSIWRETRY */
2580 (iw_handler) atmel_get_retry, /* SIOCGIWRETRY */
2581 (iw_handler) atmel_set_encode, /* SIOCSIWENCODE */
2582 (iw_handler) atmel_get_encode, /* SIOCGIWENCODE */
2583 (iw_handler) atmel_set_power, /* SIOCSIWPOWER */
2584 (iw_handler) atmel_get_power, /* SIOCGIWPOWER */
2585 (iw_handler) NULL, /* -- hole -- */
2586 (iw_handler) NULL, /* -- hole -- */
2587 (iw_handler) NULL, /* SIOCSIWGENIE */
2588 (iw_handler) NULL, /* SIOCGIWGENIE */
2589 (iw_handler) atmel_set_auth, /* SIOCSIWAUTH */
2590 (iw_handler) atmel_get_auth, /* SIOCGIWAUTH */
2591 (iw_handler) atmel_set_encodeext, /* SIOCSIWENCODEEXT */
2592 (iw_handler) atmel_get_encodeext, /* SIOCGIWENCODEEXT */
2593 (iw_handler) NULL, /* SIOCSIWPMKSA */
2596 static const iw_handler atmel_private_handler[] =
2598 NULL, /* SIOCIWFIRSTPRIV */
2601 struct atmel_priv_ioctl {
2603 unsigned char __user *data;
2607 #define ATMELFWL SIOCIWFIRSTPRIV
2608 #define ATMELIDIFC ATMELFWL + 1
2609 #define ATMELRD ATMELFWL + 2
2610 #define ATMELMAGIC 0x51807
2611 #define REGDOMAINSZ 20
2613 static const struct iw_priv_args atmel_private_args[] = {
2616 .set_args = IW_PRIV_TYPE_BYTE
2617 | IW_PRIV_SIZE_FIXED
2618 | sizeof(struct atmel_priv_ioctl),
2619 .get_args = IW_PRIV_TYPE_NONE,
2623 .set_args = IW_PRIV_TYPE_NONE,
2624 .get_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
2625 .name = "atmelidifc"
2628 .set_args = IW_PRIV_TYPE_CHAR | REGDOMAINSZ,
2629 .get_args = IW_PRIV_TYPE_NONE,
2634 static const struct iw_handler_def atmel_handler_def = {
2635 .num_standard = ARRAY_SIZE(atmel_handler),
2636 .num_private = ARRAY_SIZE(atmel_private_handler),
2637 .num_private_args = ARRAY_SIZE(atmel_private_args),
2638 .standard = (iw_handler *) atmel_handler,
2639 .private = (iw_handler *) atmel_private_handler,
2640 .private_args = (struct iw_priv_args *) atmel_private_args,
2641 .get_wireless_stats = atmel_get_wireless_stats
2644 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
2647 struct atmel_private *priv = netdev_priv(dev);
2648 struct atmel_priv_ioctl com;
2649 struct iwreq *wrq = (struct iwreq *) rq;
2650 unsigned char *new_firmware;
2651 char domain[REGDOMAINSZ + 1];
2655 wrq->u.param.value = ATMELMAGIC;
2659 if (copy_from_user(&com, rq->ifr_data, sizeof(com))) {
2664 if (!capable(CAP_NET_ADMIN)) {
2669 if (!(new_firmware = kmalloc(com.len, GFP_KERNEL))) {
2674 if (copy_from_user(new_firmware, com.data, com.len)) {
2675 kfree(new_firmware);
2680 kfree(priv->firmware);
2682 priv->firmware = new_firmware;
2683 priv->firmware_length = com.len;
2684 strncpy(priv->firmware_id, com.id, 31);
2685 priv->firmware_id[31] = '\0';
2689 if (copy_from_user(domain, rq->ifr_data, REGDOMAINSZ)) {
2694 if (!capable(CAP_NET_ADMIN)) {
2699 domain[REGDOMAINSZ] = 0;
2701 for (i = 0; i < ARRAY_SIZE(channel_table); i++) {
2702 /* strcasecmp doesn't exist in the library */
2703 char *a = channel_table[i].name;
2708 if (tolower(c1) != tolower(c2))
2712 priv->config_reg_domain = channel_table[i].reg_domain;
2717 if (rc == 0 && priv->station_state != STATION_STATE_DOWN)
2718 rc = atmel_open(dev);
2737 static void atmel_enter_state(struct atmel_private *priv, int new_state)
2739 int old_state = priv->station_state;
2741 if (new_state == old_state)
2744 priv->station_state = new_state;
2746 if (new_state == STATION_STATE_READY) {
2747 netif_start_queue(priv->dev);
2748 netif_carrier_on(priv->dev);
2751 if (old_state == STATION_STATE_READY) {
2752 netif_carrier_off(priv->dev);
2753 if (netif_running(priv->dev))
2754 netif_stop_queue(priv->dev);
2755 priv->last_beacon_timestamp = 0;
2759 static void atmel_scan(struct atmel_private *priv, int specific_ssid)
2763 u8 SSID[MAX_SSID_LENGTH];
2767 __le16 min_channel_time;
2768 __le16 max_channel_time;
2773 memset(cmd.BSSID, 0xff, ETH_ALEN);
2775 if (priv->fast_scan) {
2776 cmd.SSID_size = priv->SSID_size;
2777 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2778 cmd.min_channel_time = cpu_to_le16(10);
2779 cmd.max_channel_time = cpu_to_le16(50);
2781 priv->BSS_list_entries = 0;
2783 cmd.min_channel_time = cpu_to_le16(10);
2784 cmd.max_channel_time = cpu_to_le16(120);
2790 cmd.options |= SCAN_OPTIONS_SITE_SURVEY;
2792 cmd.channel = (priv->channel & 0x7f);
2793 cmd.scan_type = SCAN_TYPE_ACTIVE;
2794 cmd.BSS_type = cpu_to_le16(priv->operating_mode == IW_MODE_ADHOC ?
2795 BSS_TYPE_AD_HOC : BSS_TYPE_INFRASTRUCTURE);
2797 atmel_send_command(priv, CMD_Scan, &cmd, sizeof(cmd));
2799 /* This must come after all hardware access to avoid being messed up
2800 by stuff happening in interrupt context after we leave STATE_DOWN */
2801 atmel_enter_state(priv, STATION_STATE_SCANNING);
2804 static void join(struct atmel_private *priv, int type)
2808 u8 SSID[MAX_SSID_LENGTH];
2809 u8 BSS_type; /* this is a short in a scan command - weird */
2816 cmd.SSID_size = priv->SSID_size;
2817 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2818 memcpy(cmd.BSSID, priv->CurrentBSSID, ETH_ALEN);
2819 cmd.channel = (priv->channel & 0x7f);
2820 cmd.BSS_type = type;
2821 cmd.timeout = cpu_to_le16(2000);
2823 atmel_send_command(priv, CMD_Join, &cmd, sizeof(cmd));
2826 static void start(struct atmel_private *priv, int type)
2830 u8 SSID[MAX_SSID_LENGTH];
2837 cmd.SSID_size = priv->SSID_size;
2838 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2839 memcpy(cmd.BSSID, priv->BSSID, ETH_ALEN);
2840 cmd.BSS_type = type;
2841 cmd.channel = (priv->channel & 0x7f);
2843 atmel_send_command(priv, CMD_Start, &cmd, sizeof(cmd));
2846 static void handle_beacon_probe(struct atmel_private *priv, u16 capability,
2850 int new = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ?
2851 SHORT_PREAMBLE : LONG_PREAMBLE;
2853 if (priv->preamble != new) {
2854 priv->preamble = new;
2856 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, new);
2859 if (priv->channel != channel) {
2860 priv->channel = channel;
2862 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_CHANNEL_POS, channel);
2866 priv->station_is_associated = 0;
2867 atmel_enter_state(priv, STATION_STATE_JOINNING);
2869 if (priv->operating_mode == IW_MODE_INFRA)
2870 join(priv, BSS_TYPE_INFRASTRUCTURE);
2872 join(priv, BSS_TYPE_AD_HOC);
2876 static void send_authentication_request(struct atmel_private *priv, u16 system,
2877 u8 *challenge, int challenge_len)
2879 struct ieee80211_hdr header;
2880 struct auth_body auth;
2882 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH);
2883 header.duration_id = cpu_to_le16(0x8000);
2884 header.seq_ctrl = 0;
2885 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN);
2886 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN);
2887 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN);
2889 if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1)
2890 /* no WEP for authentication frames with TrSeqNo 1 */
2891 header.frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
2893 auth.alg = cpu_to_le16(system);
2896 auth.trans_seq = cpu_to_le16(priv->CurrentAuthentTransactionSeqNum);
2897 priv->ExpectedAuthentTransactionSeqNum = priv->CurrentAuthentTransactionSeqNum+1;
2898 priv->CurrentAuthentTransactionSeqNum += 2;
2900 if (challenge_len != 0) {
2901 auth.el_id = 16; /* challenge_text */
2902 auth.chall_text_len = challenge_len;
2903 memcpy(auth.chall_text, challenge, challenge_len);
2904 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 8 + challenge_len);
2906 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 6);
2910 static void send_association_request(struct atmel_private *priv, int is_reassoc)
2914 struct ieee80211_hdr header;
2915 struct ass_req_format {
2917 __le16 listen_interval;
2918 u8 ap[ETH_ALEN]; /* nothing after here directly accessible */
2921 u8 ssid[MAX_SSID_LENGTH];
2927 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2928 (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ));
2929 header.duration_id = cpu_to_le16(0x8000);
2930 header.seq_ctrl = 0;
2932 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN);
2933 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN);
2934 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN);
2936 body.capability = cpu_to_le16(WLAN_CAPABILITY_ESS);
2937 if (priv->wep_is_on)
2938 body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY);
2939 if (priv->preamble == SHORT_PREAMBLE)
2940 body.capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE);
2942 body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period);
2944 /* current AP address - only in reassoc frame */
2946 memcpy(body.ap, priv->CurrentBSSID, ETH_ALEN);
2947 ssid_el_p = &body.ssid_el_id;
2948 bodysize = 18 + priv->SSID_size;
2950 ssid_el_p = &body.ap[0];
2951 bodysize = 12 + priv->SSID_size;
2954 ssid_el_p[0] = WLAN_EID_SSID;
2955 ssid_el_p[1] = priv->SSID_size;
2956 memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size);
2957 ssid_el_p[2 + priv->SSID_size] = WLAN_EID_SUPP_RATES;
2958 ssid_el_p[3 + priv->SSID_size] = 4; /* len of supported rates */
2959 memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4);
2961 atmel_transmit_management_frame(priv, &header, (void *)&body, bodysize);
2964 static int is_frame_from_current_bss(struct atmel_private *priv,
2965 struct ieee80211_hdr *header)
2967 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
2968 return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0;
2970 return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0;
2973 static int retrieve_bss(struct atmel_private *priv)
2976 int max_rssi = -128;
2979 if (priv->BSS_list_entries == 0)
2982 if (priv->connect_to_any_BSS) {
2983 /* Select a BSS with the max-RSSI but of the same type and of
2984 the same WEP mode and that it is not marked as 'bad' (i.e.
2985 we had previously failed to connect to this BSS with the
2986 settings that we currently use) */
2987 priv->current_BSS = 0;
2988 for (i = 0; i < priv->BSS_list_entries; i++) {
2989 if (priv->operating_mode == priv->BSSinfo[i].BSStype &&
2990 ((!priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) ||
2991 (priv->wep_is_on && priv->BSSinfo[i].UsingWEP)) &&
2992 !(priv->BSSinfo[i].channel & 0x80)) {
2993 max_rssi = priv->BSSinfo[i].RSSI;
2994 priv->current_BSS = max_index = i;
3000 for (i = 0; i < priv->BSS_list_entries; i++) {
3001 if (priv->SSID_size == priv->BSSinfo[i].SSIDsize &&
3002 memcmp(priv->SSID, priv->BSSinfo[i].SSID, priv->SSID_size) == 0 &&
3003 priv->operating_mode == priv->BSSinfo[i].BSStype &&
3004 atmel_validate_channel(priv, priv->BSSinfo[i].channel) == 0) {
3005 if (priv->BSSinfo[i].RSSI >= max_rssi) {
3006 max_rssi = priv->BSSinfo[i].RSSI;
3014 static void store_bss_info(struct atmel_private *priv,
3015 struct ieee80211_hdr *header, u16 capability,
3016 u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len,
3017 u8 *ssid, int is_beacon)
3019 u8 *bss = capability & WLAN_CAPABILITY_ESS ? header->addr2 : header->addr3;
3022 for (index = -1, i = 0; i < priv->BSS_list_entries; i++)
3023 if (memcmp(bss, priv->BSSinfo[i].BSSID, ETH_ALEN) == 0)
3026 /* If we process a probe and an entry from this BSS exists
3027 we will update the BSS entry with the info from this BSS.
3028 If we process a beacon we will only update RSSI */
3031 if (priv->BSS_list_entries == MAX_BSS_ENTRIES)
3033 index = priv->BSS_list_entries++;
3034 memcpy(priv->BSSinfo[index].BSSID, bss, ETH_ALEN);
3035 priv->BSSinfo[index].RSSI = rssi;
3037 if (rssi > priv->BSSinfo[index].RSSI)
3038 priv->BSSinfo[index].RSSI = rssi;
3043 priv->BSSinfo[index].channel = channel;
3044 priv->BSSinfo[index].beacon_period = beacon_period;
3045 priv->BSSinfo[index].UsingWEP = capability & WLAN_CAPABILITY_PRIVACY;
3046 memcpy(priv->BSSinfo[index].SSID, ssid, ssid_len);
3047 priv->BSSinfo[index].SSIDsize = ssid_len;
3049 if (capability & WLAN_CAPABILITY_IBSS)
3050 priv->BSSinfo[index].BSStype = IW_MODE_ADHOC;
3051 else if (capability & WLAN_CAPABILITY_ESS)
3052 priv->BSSinfo[index].BSStype = IW_MODE_INFRA;
3054 priv->BSSinfo[index].preamble = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ?
3055 SHORT_PREAMBLE : LONG_PREAMBLE;
3058 static void authenticate(struct atmel_private *priv, u16 frame_len)
3060 struct auth_body *auth = (struct auth_body *)priv->rx_buf;
3061 u16 status = le16_to_cpu(auth->status);
3062 u16 trans_seq_no = le16_to_cpu(auth->trans_seq);
3063 u16 system = le16_to_cpu(auth->alg);
3065 if (status == WLAN_STATUS_SUCCESS && !priv->wep_is_on) {
3067 if (priv->station_was_associated) {
3068 atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3069 send_association_request(priv, 1);
3072 atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3073 send_association_request(priv, 0);
3078 if (status == WLAN_STATUS_SUCCESS && priv->wep_is_on) {
3079 int should_associate = 0;
3081 if (trans_seq_no != priv->ExpectedAuthentTransactionSeqNum)
3084 if (system == WLAN_AUTH_OPEN) {
3085 if (trans_seq_no == 0x0002) {
3086 should_associate = 1;
3088 } else if (system == WLAN_AUTH_SHARED_KEY) {
3089 if (trans_seq_no == 0x0002 &&
3090 auth->el_id == WLAN_EID_CHALLENGE) {
3091 send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len);
3093 } else if (trans_seq_no == 0x0004) {
3094 should_associate = 1;
3098 if (should_associate) {
3099 if (priv->station_was_associated) {
3100 atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3101 send_association_request(priv, 1);
3104 atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3105 send_association_request(priv, 0);
3111 if (status == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
3112 /* Flip back and forth between WEP auth modes until the max
3113 * authentication tries has been exceeded.
3115 if (system == WLAN_AUTH_OPEN) {
3116 priv->CurrentAuthentTransactionSeqNum = 0x001;
3117 priv->exclude_unencrypted = 1;
3118 send_authentication_request(priv, WLAN_AUTH_SHARED_KEY, NULL, 0);
3120 } else if (system == WLAN_AUTH_SHARED_KEY
3121 && priv->wep_is_on) {
3122 priv->CurrentAuthentTransactionSeqNum = 0x001;
3123 priv->exclude_unencrypted = 0;
3124 send_authentication_request(priv, WLAN_AUTH_OPEN, NULL, 0);
3126 } else if (priv->connect_to_any_BSS) {
3129 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3131 if ((bss_index = retrieve_bss(priv)) != -1) {
3132 atmel_join_bss(priv, bss_index);
3138 priv->AuthenticationRequestRetryCnt = 0;
3139 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3140 priv->station_is_associated = 0;
3143 static void associate(struct atmel_private *priv, u16 frame_len, u16 subtype)
3145 struct ass_resp_format {
3152 } *ass_resp = (struct ass_resp_format *)priv->rx_buf;
3154 u16 status = le16_to_cpu(ass_resp->status);
3155 u16 ass_id = le16_to_cpu(ass_resp->ass_id);
3156 u16 rates_len = ass_resp->length > 4 ? 4 : ass_resp->length;
3158 union iwreq_data wrqu;
3160 if (frame_len < 8 + rates_len)
3163 if (status == WLAN_STATUS_SUCCESS) {
3164 if (subtype == IEEE80211_STYPE_ASSOC_RESP)
3165 priv->AssociationRequestRetryCnt = 0;
3167 priv->ReAssociationRequestRetryCnt = 0;
3169 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3170 MAC_MGMT_MIB_STATION_ID_POS, ass_id & 0x3fff);
3171 atmel_set_mib(priv, Phy_Mib_Type,
3172 PHY_MIB_RATE_SET_POS, ass_resp->rates, rates_len);
3173 if (priv->power_mode == 0) {
3174 priv->listen_interval = 1;
3175 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3176 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3177 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3178 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3180 priv->listen_interval = 2;
3181 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3182 MAC_MGMT_MIB_PS_MODE_POS, PS_MODE);
3183 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3184 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 2);
3187 priv->station_is_associated = 1;
3188 priv->station_was_associated = 1;
3189 atmel_enter_state(priv, STATION_STATE_READY);
3191 /* Send association event to userspace */
3192 wrqu.data.length = 0;
3193 wrqu.data.flags = 0;
3194 memcpy(wrqu.ap_addr.sa_data, priv->CurrentBSSID, ETH_ALEN);
3195 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
3196 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
3201 if (subtype == IEEE80211_STYPE_ASSOC_RESP &&
3202 status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3203 status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3204 priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3205 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3206 priv->AssociationRequestRetryCnt++;
3207 send_association_request(priv, 0);
3211 if (subtype == IEEE80211_STYPE_REASSOC_RESP &&
3212 status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3213 status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3214 priv->ReAssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3215 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3216 priv->ReAssociationRequestRetryCnt++;
3217 send_association_request(priv, 1);
3221 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3222 priv->station_is_associated = 0;
3224 if (priv->connect_to_any_BSS) {
3226 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3228 if ((bss_index = retrieve_bss(priv)) != -1)
3229 atmel_join_bss(priv, bss_index);
3233 static void atmel_join_bss(struct atmel_private *priv, int bss_index)
3235 struct bss_info *bss = &priv->BSSinfo[bss_index];
3237 memcpy(priv->CurrentBSSID, bss->BSSID, ETH_ALEN);
3238 memcpy(priv->SSID, bss->SSID, priv->SSID_size = bss->SSIDsize);
3240 /* The WPA stuff cares about the current AP address */
3242 build_wpa_mib(priv);
3244 /* When switching to AdHoc turn OFF Power Save if needed */
3246 if (bss->BSStype == IW_MODE_ADHOC &&
3247 priv->operating_mode != IW_MODE_ADHOC &&
3249 priv->power_mode = 0;
3250 priv->listen_interval = 1;
3251 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3252 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3253 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3254 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3257 priv->operating_mode = bss->BSStype;
3258 priv->channel = bss->channel & 0x7f;
3259 priv->beacon_period = bss->beacon_period;
3261 if (priv->preamble != bss->preamble) {
3262 priv->preamble = bss->preamble;
3263 atmel_set_mib8(priv, Local_Mib_Type,
3264 LOCAL_MIB_PREAMBLE_TYPE, bss->preamble);
3267 if (!priv->wep_is_on && bss->UsingWEP) {
3268 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3269 priv->station_is_associated = 0;
3273 if (priv->wep_is_on && !bss->UsingWEP) {
3274 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3275 priv->station_is_associated = 0;
3279 atmel_enter_state(priv, STATION_STATE_JOINNING);
3281 if (priv->operating_mode == IW_MODE_INFRA)
3282 join(priv, BSS_TYPE_INFRASTRUCTURE);
3284 join(priv, BSS_TYPE_AD_HOC);
3287 static void restart_search(struct atmel_private *priv)
3291 if (!priv->connect_to_any_BSS) {
3292 atmel_scan(priv, 1);
3294 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3296 if ((bss_index = retrieve_bss(priv)) != -1)
3297 atmel_join_bss(priv, bss_index);
3299 atmel_scan(priv, 0);
3303 static void smooth_rssi(struct atmel_private *priv, u8 rssi)
3305 u8 old = priv->wstats.qual.level;
3306 u8 max_rssi = 42; /* 502-rmfd-revd max by experiment, default for now */
3308 switch (priv->firmware_type) {
3309 case ATMEL_FW_TYPE_502E:
3310 max_rssi = 63; /* 502-rmfd-reve max by experiment */
3316 rssi = rssi * 100 / max_rssi;
3317 if ((rssi + old) % 2)
3318 priv->wstats.qual.level = (rssi + old) / 2 + 1;
3320 priv->wstats.qual.level = (rssi + old) / 2;
3321 priv->wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
3322 priv->wstats.qual.updated &= ~IW_QUAL_LEVEL_INVALID;
3325 static void atmel_smooth_qual(struct atmel_private *priv)
3327 unsigned long time_diff = (jiffies - priv->last_qual) / HZ;
3328 while (time_diff--) {
3329 priv->last_qual += HZ;
3330 priv->wstats.qual.qual = priv->wstats.qual.qual / 2;
3331 priv->wstats.qual.qual +=
3332 priv->beacons_this_sec * priv->beacon_period * (priv->wstats.qual.level + 100) / 4000;
3333 priv->beacons_this_sec = 0;
3335 priv->wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
3336 priv->wstats.qual.updated &= ~IW_QUAL_QUAL_INVALID;
3339 /* deals with incoming management frames. */
3340 static void atmel_management_frame(struct atmel_private *priv,
3341 struct ieee80211_hdr *header,
3342 u16 frame_len, u8 rssi)
3346 subtype = le16_to_cpu(header->frame_control) & IEEE80211_FCTL_STYPE;
3348 case IEEE80211_STYPE_BEACON:
3349 case IEEE80211_STYPE_PROBE_RESP:
3351 /* beacon frame has multiple variable-length fields -
3352 never let an engineer loose with a data structure design. */
3354 struct beacon_format {
3367 } *beacon = (struct beacon_format *)priv->rx_buf;
3369 u8 channel, rates_length, ssid_length;
3370 u64 timestamp = le64_to_cpu(beacon->timestamp);
3371 u16 beacon_interval = le16_to_cpu(beacon->interval);
3372 u16 capability = le16_to_cpu(beacon->capability);
3373 u8 *beaconp = priv->rx_buf;
3374 ssid_length = beacon->ssid_length;
3375 /* this blows chunks. */
3376 if (frame_len < 14 || frame_len < ssid_length + 15)
3378 rates_length = beaconp[beacon->ssid_length + 15];
3379 if (frame_len < ssid_length + rates_length + 18)
3381 if (ssid_length > MAX_SSID_LENGTH)
3383 channel = beaconp[ssid_length + rates_length + 18];
3385 if (priv->station_state == STATION_STATE_READY) {
3386 smooth_rssi(priv, rssi);
3387 if (is_frame_from_current_bss(priv, header)) {
3388 priv->beacons_this_sec++;
3389 atmel_smooth_qual(priv);
3390 if (priv->last_beacon_timestamp) {
3391 /* Note truncate this to 32 bits - kernel can't divide a long long */
3392 u32 beacon_delay = timestamp - priv->last_beacon_timestamp;
3393 int beacons = beacon_delay / (beacon_interval * 1000);
3395 priv->wstats.miss.beacon += beacons - 1;
3397 priv->last_beacon_timestamp = timestamp;
3398 handle_beacon_probe(priv, capability, channel);
3402 if (priv->station_state == STATION_STATE_SCANNING)
3403 store_bss_info(priv, header, capability,
3404 beacon_interval, channel, rssi,
3406 &beacon->rates_el_id,
3407 subtype == IEEE80211_STYPE_BEACON);
3411 case IEEE80211_STYPE_AUTH:
3413 if (priv->station_state == STATION_STATE_AUTHENTICATING)
3414 authenticate(priv, frame_len);
3418 case IEEE80211_STYPE_ASSOC_RESP:
3419 case IEEE80211_STYPE_REASSOC_RESP:
3421 if (priv->station_state == STATION_STATE_ASSOCIATING ||
3422 priv->station_state == STATION_STATE_REASSOCIATING)
3423 associate(priv, frame_len, subtype);
3427 case IEEE80211_STYPE_DISASSOC:
3428 if (priv->station_is_associated &&
3429 priv->operating_mode == IW_MODE_INFRA &&
3430 is_frame_from_current_bss(priv, header)) {
3431 priv->station_was_associated = 0;
3432 priv->station_is_associated = 0;
3434 atmel_enter_state(priv, STATION_STATE_JOINNING);
3435 join(priv, BSS_TYPE_INFRASTRUCTURE);
3440 case IEEE80211_STYPE_DEAUTH:
3441 if (priv->operating_mode == IW_MODE_INFRA &&
3442 is_frame_from_current_bss(priv, header)) {
3443 priv->station_was_associated = 0;
3445 atmel_enter_state(priv, STATION_STATE_JOINNING);
3446 join(priv, BSS_TYPE_INFRASTRUCTURE);
3453 /* run when timer expires */
3454 static void atmel_management_timer(u_long a)
3456 struct net_device *dev = (struct net_device *) a;
3457 struct atmel_private *priv = netdev_priv(dev);
3458 unsigned long flags;
3460 /* Check if the card has been yanked. */
3461 if (priv->card && priv->present_callback &&
3462 !(*priv->present_callback)(priv->card))
3465 spin_lock_irqsave(&priv->irqlock, flags);
3467 switch (priv->station_state) {
3469 case STATION_STATE_AUTHENTICATING:
3470 if (priv->AuthenticationRequestRetryCnt >= MAX_AUTHENTICATION_RETRIES) {
3471 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3472 priv->station_is_associated = 0;
3473 priv->AuthenticationRequestRetryCnt = 0;
3474 restart_search(priv);
3476 int auth = WLAN_AUTH_OPEN;
3477 priv->AuthenticationRequestRetryCnt++;
3478 priv->CurrentAuthentTransactionSeqNum = 0x0001;
3479 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3480 if (priv->wep_is_on && priv->exclude_unencrypted)
3481 auth = WLAN_AUTH_SHARED_KEY;
3482 send_authentication_request(priv, auth, NULL, 0);
3486 case STATION_STATE_ASSOCIATING:
3487 if (priv->AssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3488 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3489 priv->station_is_associated = 0;
3490 priv->AssociationRequestRetryCnt = 0;
3491 restart_search(priv);
3493 priv->AssociationRequestRetryCnt++;
3494 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3495 send_association_request(priv, 0);
3499 case STATION_STATE_REASSOCIATING:
3500 if (priv->ReAssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3501 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3502 priv->station_is_associated = 0;
3503 priv->ReAssociationRequestRetryCnt = 0;
3504 restart_search(priv);
3506 priv->ReAssociationRequestRetryCnt++;
3507 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3508 send_association_request(priv, 1);
3516 spin_unlock_irqrestore(&priv->irqlock, flags);
3519 static void atmel_command_irq(struct atmel_private *priv)
3521 u8 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
3522 u8 command = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET));
3524 union iwreq_data wrqu;
3526 if (status == CMD_STATUS_IDLE ||
3527 status == CMD_STATUS_IN_PROGRESS)
3532 if (status == CMD_STATUS_COMPLETE) {
3533 priv->station_was_associated = priv->station_is_associated;
3534 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
3535 (u8 *)priv->CurrentBSSID, 6);
3536 atmel_enter_state(priv, STATION_STATE_READY);
3541 fast_scan = priv->fast_scan;
3542 priv->fast_scan = 0;
3544 if (status != CMD_STATUS_COMPLETE) {
3545 atmel_scan(priv, 1);
3547 int bss_index = retrieve_bss(priv);
3548 int notify_scan_complete = 1;
3549 if (bss_index != -1) {
3550 atmel_join_bss(priv, bss_index);
3551 } else if (priv->operating_mode == IW_MODE_ADHOC &&
3552 priv->SSID_size != 0) {
3553 start(priv, BSS_TYPE_AD_HOC);
3555 priv->fast_scan = !fast_scan;
3556 atmel_scan(priv, 1);
3557 notify_scan_complete = 0;
3559 priv->site_survey_state = SITE_SURVEY_COMPLETED;
3560 if (notify_scan_complete) {
3561 wrqu.data.length = 0;
3562 wrqu.data.flags = 0;
3563 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3568 case CMD_SiteSurvey:
3569 priv->fast_scan = 0;
3571 if (status != CMD_STATUS_COMPLETE)
3574 priv->site_survey_state = SITE_SURVEY_COMPLETED;
3575 if (priv->station_is_associated) {
3576 atmel_enter_state(priv, STATION_STATE_READY);
3577 wrqu.data.length = 0;
3578 wrqu.data.flags = 0;
3579 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3581 atmel_scan(priv, 1);
3586 if (status == CMD_STATUS_COMPLETE) {
3587 if (priv->operating_mode == IW_MODE_ADHOC) {
3588 priv->station_was_associated = priv->station_is_associated;
3589 atmel_enter_state(priv, STATION_STATE_READY);
3591 int auth = WLAN_AUTH_OPEN;
3592 priv->AuthenticationRequestRetryCnt = 0;
3593 atmel_enter_state(priv, STATION_STATE_AUTHENTICATING);
3595 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3596 priv->CurrentAuthentTransactionSeqNum = 0x0001;
3597 if (priv->wep_is_on && priv->exclude_unencrypted)
3598 auth = WLAN_AUTH_SHARED_KEY;
3599 send_authentication_request(priv, auth, NULL, 0);
3604 atmel_scan(priv, 1);
3608 static int atmel_wakeup_firmware(struct atmel_private *priv)
3610 struct host_info_struct *iface = &priv->host_info;
3614 if (priv->card_type == CARD_TYPE_SPI_FLASH)
3615 atmel_set_gcr(priv->dev, GCR_REMAP);
3617 /* wake up on-board processor */
3618 atmel_clear_gcr(priv->dev, 0x0040);
3619 atmel_write16(priv->dev, BSR, BSS_SRAM);
3621 if (priv->card_type == CARD_TYPE_SPI_FLASH)
3624 /* and wait for it */
3625 for (i = LOOP_RETRY_LIMIT; i; i--) {
3626 mr1 = atmel_read16(priv->dev, MR1);
3627 mr3 = atmel_read16(priv->dev, MR3);
3629 if (mr3 & MAC_BOOT_COMPLETE)
3631 if (mr1 & MAC_BOOT_COMPLETE &&
3632 priv->bus_type == BUS_TYPE_PCCARD)
3637 printk(KERN_ALERT "%s: MAC failed to boot.\n", priv->dev->name);
3641 if ((priv->host_info_base = atmel_read16(priv->dev, MR2)) == 0xffff) {
3642 printk(KERN_ALERT "%s: card missing.\n", priv->dev->name);
3646 /* now check for completion of MAC initialization through
3647 the FunCtrl field of the IFACE, poll MR1 to detect completion of
3648 MAC initialization, check completion status, set interrupt mask,
3649 enables interrupts and calls Tx and Rx initialization functions */
3651 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), FUNC_CTRL_INIT_COMPLETE);
3653 for (i = LOOP_RETRY_LIMIT; i; i--) {
3654 mr1 = atmel_read16(priv->dev, MR1);
3655 mr3 = atmel_read16(priv->dev, MR3);
3657 if (mr3 & MAC_INIT_COMPLETE)
3659 if (mr1 & MAC_INIT_COMPLETE &&
3660 priv->bus_type == BUS_TYPE_PCCARD)
3665 printk(KERN_ALERT "%s: MAC failed to initialise.\n",
3670 /* Check for MAC_INIT_OK only on the register that the MAC_INIT_OK was set */
3671 if ((mr3 & MAC_INIT_COMPLETE) &&
3672 !(atmel_read16(priv->dev, MR3) & MAC_INIT_OK)) {
3673 printk(KERN_ALERT "%s: MAC failed MR3 self-test.\n", priv->dev->name);
3676 if ((mr1 & MAC_INIT_COMPLETE) &&
3677 !(atmel_read16(priv->dev, MR1) & MAC_INIT_OK)) {
3678 printk(KERN_ALERT "%s: MAC failed MR1 self-test.\n", priv->dev->name);
3682 atmel_copy_to_host(priv->dev, (unsigned char *)iface,
3683 priv->host_info_base, sizeof(*iface));
3685 iface->tx_buff_pos = le16_to_cpu(iface->tx_buff_pos);
3686 iface->tx_buff_size = le16_to_cpu(iface->tx_buff_size);
3687 iface->tx_desc_pos = le16_to_cpu(iface->tx_desc_pos);
3688 iface->tx_desc_count = le16_to_cpu(iface->tx_desc_count);
3689 iface->rx_buff_pos = le16_to_cpu(iface->rx_buff_pos);
3690 iface->rx_buff_size = le16_to_cpu(iface->rx_buff_size);
3691 iface->rx_desc_pos = le16_to_cpu(iface->rx_desc_pos);
3692 iface->rx_desc_count = le16_to_cpu(iface->rx_desc_count);
3693 iface->build_version = le16_to_cpu(iface->build_version);
3694 iface->command_pos = le16_to_cpu(iface->command_pos);
3695 iface->major_version = le16_to_cpu(iface->major_version);
3696 iface->minor_version = le16_to_cpu(iface->minor_version);
3697 iface->func_ctrl = le16_to_cpu(iface->func_ctrl);
3698 iface->mac_status = le16_to_cpu(iface->mac_status);
3703 /* determine type of memory and MAC address */
3704 static int probe_atmel_card(struct net_device *dev)
3707 struct atmel_private *priv = netdev_priv(dev);
3710 if (priv->bus_type == BUS_TYPE_PCCARD)
3711 atmel_write16(dev, GCR, 0x0060);
3713 atmel_write16(dev, GCR, 0x0040);
3716 if (atmel_read16(dev, MR2) == 0) {
3717 /* No stored firmware so load a small stub which just
3718 tells us the MAC address */
3720 priv->card_type = CARD_TYPE_EEPROM;
3721 atmel_write16(dev, BSR, BSS_IRAM);
3722 atmel_copy_to_card(dev, 0, mac_reader, sizeof(mac_reader));
3723 atmel_set_gcr(dev, GCR_REMAP);
3724 atmel_clear_gcr(priv->dev, 0x0040);
3725 atmel_write16(dev, BSR, BSS_SRAM);
3726 for (i = LOOP_RETRY_LIMIT; i; i--)
3727 if (atmel_read16(dev, MR3) & MAC_BOOT_COMPLETE)
3730 printk(KERN_ALERT "%s: MAC failed to boot MAC address reader.\n", dev->name);
3732 atmel_copy_to_host(dev, dev->dev_addr, atmel_read16(dev, MR2), 6);
3733 /* got address, now squash it again until the network
3734 interface is opened */
3735 if (priv->bus_type == BUS_TYPE_PCCARD)
3736 atmel_write16(dev, GCR, 0x0060);
3737 atmel_write16(dev, GCR, 0x0040);
3740 } else if (atmel_read16(dev, MR4) == 0) {
3741 /* Mac address easy in this case. */
3742 priv->card_type = CARD_TYPE_PARALLEL_FLASH;
3743 atmel_write16(dev, BSR, 1);
3744 atmel_copy_to_host(dev, dev->dev_addr, 0xc000, 6);
3745 atmel_write16(dev, BSR, 0x200);
3748 /* Standard firmware in flash, boot it up and ask
3749 for the Mac Address */
3750 priv->card_type = CARD_TYPE_SPI_FLASH;
3751 if (atmel_wakeup_firmware(priv) == 0) {
3752 atmel_get_mib(priv, Mac_Address_Mib_Type, 0, dev->dev_addr, 6);
3754 /* got address, now squash it again until the network
3755 interface is opened */
3756 if (priv->bus_type == BUS_TYPE_PCCARD)
3757 atmel_write16(dev, GCR, 0x0060);
3758 atmel_write16(dev, GCR, 0x0040);
3764 if (dev->dev_addr[0] == 0xFF) {
3765 static const u8 default_mac[] = {
3766 0x00, 0x04, 0x25, 0x00, 0x00, 0x00
3768 printk(KERN_ALERT "%s: *** Invalid MAC address. UPGRADE Firmware ****\n", dev->name);
3769 memcpy(dev->dev_addr, default_mac, ETH_ALEN);
3776 /* Move the encyption information on the MIB structure.
3777 This routine is for the pre-WPA firmware: later firmware has
3778 a different format MIB and a different routine. */
3779 static void build_wep_mib(struct atmel_private *priv)
3781 struct { /* NB this is matched to the hardware, don't change. */
3783 u8 default_key; /* 0..3 */
3785 u8 exclude_unencrypted;
3787 u32 WEPICV_error_count;
3788 u32 WEP_excluded_count;
3790 u8 wep_keys[MAX_ENCRYPTION_KEYS][13];
3791 u8 encryption_level; /* 0, 1, 2 */
3796 mib.wep_is_on = priv->wep_is_on;
3797 if (priv->wep_is_on) {
3798 if (priv->wep_key_len[priv->default_key] > 5)
3799 mib.encryption_level = 2;
3801 mib.encryption_level = 1;
3803 mib.encryption_level = 0;
3806 mib.default_key = priv->default_key;
3807 mib.exclude_unencrypted = priv->exclude_unencrypted;
3809 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++)
3810 memcpy(mib.wep_keys[i], priv->wep_keys[i], 13);
3812 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3815 static void build_wpa_mib(struct atmel_private *priv)
3817 /* This is for the later (WPA enabled) firmware. */
3819 struct { /* NB this is matched to the hardware, don't change. */
3820 u8 cipher_default_key_value[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
3821 u8 receiver_address[ETH_ALEN];
3823 u8 default_key; /* 0..3 */
3825 u8 exclude_unencrypted;
3829 u32 WEPICV_error_count;
3830 u32 WEP_excluded_count;
3837 mib.wep_is_on = priv->wep_is_on;
3838 mib.exclude_unencrypted = priv->exclude_unencrypted;
3839 memcpy(mib.receiver_address, priv->CurrentBSSID, ETH_ALEN);
3841 /* zero all the keys before adding in valid ones. */
3842 memset(mib.cipher_default_key_value, 0, sizeof(mib.cipher_default_key_value));
3844 if (priv->wep_is_on) {
3845 /* There's a comment in the Atmel code to the effect that this
3846 is only valid when still using WEP, it may need to be set to
3847 something to use WPA */
3848 memset(mib.key_RSC, 0, sizeof(mib.key_RSC));
3850 mib.default_key = mib.group_key = 255;
3851 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) {
3852 if (priv->wep_key_len[i] > 0) {
3853 memcpy(mib.cipher_default_key_value[i], priv->wep_keys[i], MAX_ENCRYPTION_KEY_SIZE);
3854 if (i == priv->default_key) {
3855 mib.default_key = i;
3856 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 7;
3857 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->pairwise_cipher_suite;
3860 priv->group_cipher_suite = priv->pairwise_cipher_suite;
3861 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 1;
3862 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->group_cipher_suite;
3866 if (mib.default_key == 255)
3867 mib.default_key = mib.group_key != 255 ? mib.group_key : 0;
3868 if (mib.group_key == 255)
3869 mib.group_key = mib.default_key;
3873 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3876 static int reset_atmel_card(struct net_device *dev)
3878 /* do everything necessary to wake up the hardware, including
3879 waiting for the lightning strike and throwing the knife switch....
3881 set all the Mib values which matter in the card to match
3882 their settings in the atmel_private structure. Some of these
3883 can be altered on the fly, but many (WEP, infrastucture or ad-hoc)
3884 can only be changed by tearing down the world and coming back through
3887 This routine is also responsible for initialising some
3888 hardware-specific fields in the atmel_private structure,
3889 including a copy of the firmware's hostinfo structure
3890 which is the route into the rest of the firmware datastructures. */
3892 struct atmel_private *priv = netdev_priv(dev);
3894 int old_state = priv->station_state;
3897 /* data to add to the firmware names, in priority order
3898 this implemenents firmware versioning */
3900 static char *firmware_modifier[] = {
3907 if (priv->bus_type == BUS_TYPE_PCCARD)
3908 atmel_write16(priv->dev, GCR, 0x0060);
3910 /* stop card , disable interrupts */
3911 atmel_write16(priv->dev, GCR, 0x0040);
3913 if (priv->card_type == CARD_TYPE_EEPROM) {
3914 /* copy in firmware if needed */
3915 const struct firmware *fw_entry = NULL;
3916 const unsigned char *fw;
3917 int len = priv->firmware_length;
3918 if (!(fw = priv->firmware)) {
3919 if (priv->firmware_type == ATMEL_FW_TYPE_NONE) {
3920 if (strlen(priv->firmware_id) == 0) {
3922 "%s: card type is unknown: assuming at76c502 firmware is OK.\n",
3925 "%s: if not, use the firmware= module parameter.\n",
3927 strcpy(priv->firmware_id, "atmel_at76c502.bin");
3929 err = request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev);
3932 "%s: firmware %s is missing, cannot continue.\n",
3933 dev->name, priv->firmware_id);
3940 /* get firmware filename entry based on firmware type ID */
3941 while (fw_table[fw_index].fw_type != priv->firmware_type
3942 && fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE)
3945 /* construct the actual firmware file name */
3946 if (fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) {
3948 for (i = 0; firmware_modifier[i]; i++) {
3949 snprintf(priv->firmware_id, 32, "%s%s.%s", fw_table[fw_index].fw_file,
3950 firmware_modifier[i], fw_table[fw_index].fw_file_ext);
3951 priv->firmware_id[31] = '\0';
3952 if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) == 0) {
3960 "%s: firmware %s is missing, cannot start.\n",
3961 dev->name, priv->firmware_id);
3962 priv->firmware_id[0] = '\0';
3967 fw = fw_entry->data;
3968 len = fw_entry->size;
3971 if (len <= 0x6000) {
3972 atmel_write16(priv->dev, BSR, BSS_IRAM);
3973 atmel_copy_to_card(priv->dev, 0, fw, len);
3974 atmel_set_gcr(priv->dev, GCR_REMAP);
3977 atmel_set_gcr(priv->dev, GCR_REMAP);
3978 atmel_write16(priv->dev, BSR, BSS_IRAM);
3979 atmel_copy_to_card(priv->dev, 0, fw, 0x6000);
3980 atmel_write16(priv->dev, BSR, 0x2ff);
3981 atmel_copy_to_card(priv->dev, 0x8000, &fw[0x6000], len - 0x6000);
3984 release_firmware(fw_entry);
3987 err = atmel_wakeup_firmware(priv);
3991 /* Check the version and set the correct flag for wpa stuff,
3992 old and new firmware is incompatible.
3993 The pre-wpa 3com firmware reports major version 5,
3994 the wpa 3com firmware is major version 4 and doesn't need
3995 the 3com broken-ness filter. */
3996 priv->use_wpa = (priv->host_info.major_version == 4);
3997 priv->radio_on_broken = (priv->host_info.major_version == 5);
3999 /* unmask all irq sources */
4000 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_MASK_OFFSET), 0xff);
4002 /* int Tx system and enable Tx */
4003 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, 0), 0);
4004 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, 0), 0x80000000L);
4005 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, 0), 0);
4006 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, 0), 0);
4008 priv->tx_desc_free = priv->host_info.tx_desc_count;
4009 priv->tx_desc_head = 0;
4010 priv->tx_desc_tail = 0;
4011 priv->tx_desc_previous = 0;
4012 priv->tx_free_mem = priv->host_info.tx_buff_size;
4013 priv->tx_buff_head = 0;
4014 priv->tx_buff_tail = 0;
4016 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
4017 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
4018 configuration | FUNC_CTRL_TxENABLE);
4020 /* init Rx system and enable */
4021 priv->rx_desc_head = 0;
4023 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
4024 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
4025 configuration | FUNC_CTRL_RxENABLE);
4027 if (!priv->radio_on_broken) {
4028 if (atmel_send_command_wait(priv, CMD_EnableRadio, NULL, 0) ==
4029 CMD_STATUS_REJECTED_RADIO_OFF) {
4030 printk(KERN_INFO "%s: cannot turn the radio on.\n",
4036 /* set up enough MIB values to run. */
4037 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_AUTO_TX_RATE_POS, priv->auto_tx_rate);
4038 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_TX_PROMISCUOUS_POS, PROM_MODE_OFF);
4039 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_RTS_THRESHOLD_POS, priv->rts_threshold);
4040 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_FRAG_THRESHOLD_POS, priv->frag_threshold);
4041 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_SHORT_RETRY_POS, priv->short_retry);
4042 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_LONG_RETRY_POS, priv->long_retry);
4043 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, priv->preamble);
4044 atmel_set_mib(priv, Mac_Address_Mib_Type, MAC_ADDR_MIB_MAC_ADDR_POS,
4045 priv->dev->dev_addr, 6);
4046 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
4047 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
4048 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_BEACON_PER_POS, priv->default_beacon_period);
4049 atmel_set_mib(priv, Phy_Mib_Type, PHY_MIB_RATE_SET_POS, atmel_basic_rates, 4);
4050 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_PRIVACY_POS, priv->wep_is_on);
4052 build_wpa_mib(priv);
4054 build_wep_mib(priv);
4056 if (old_state == STATION_STATE_READY) {
4057 union iwreq_data wrqu;
4059 wrqu.data.length = 0;
4060 wrqu.data.flags = 0;
4061 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
4062 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
4063 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
4069 static void atmel_send_command(struct atmel_private *priv, int command,
4070 void *cmd, int cmd_size)
4073 atmel_copy_to_card(priv->dev, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET),
4076 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET), command);
4077 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET), 0);
4080 static int atmel_send_command_wait(struct atmel_private *priv, int command,
4081 void *cmd, int cmd_size)
4085 atmel_send_command(priv, command, cmd, cmd_size);
4087 for (i = 5000; i; i--) {
4088 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
4089 if (status != CMD_STATUS_IDLE &&
4090 status != CMD_STATUS_IN_PROGRESS)
4096 printk(KERN_ALERT "%s: failed to contact MAC.\n", priv->dev->name);
4097 status = CMD_STATUS_HOST_ERROR;
4099 if (command != CMD_EnableRadio)
4100 status = CMD_STATUS_COMPLETE;
4106 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index)
4108 struct get_set_mib m;
4113 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4114 return atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE));
4117 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, u8 data)
4119 struct get_set_mib m;
4125 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4128 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
4131 struct get_set_mib m;
4136 m.data[1] = data >> 8;
4138 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 2);
4141 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
4142 u8 *data, int data_len)
4144 struct get_set_mib m;
4149 if (data_len > MIB_MAX_DATA_BYTES)
4150 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4152 memcpy(m.data, data, data_len);
4153 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4156 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
4157 u8 *data, int data_len)
4159 struct get_set_mib m;
4164 if (data_len > MIB_MAX_DATA_BYTES)
4165 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4167 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4168 atmel_copy_to_host(priv->dev, data,
4169 atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE), data_len);
4172 static void atmel_writeAR(struct net_device *dev, u16 data)
4175 outw(data, dev->base_addr + AR);
4176 /* Address register appears to need some convincing..... */
4177 for (i = 0; data != inw(dev->base_addr + AR) && i < 10; i++)
4178 outw(data, dev->base_addr + AR);
4181 static void atmel_copy_to_card(struct net_device *dev, u16 dest,
4182 const unsigned char *src, u16 len)
4185 atmel_writeAR(dev, dest);
4187 atmel_write8(dev, DR, *src);
4190 for (i = len; i > 1 ; i -= 2) {
4193 atmel_write16(dev, DR, lb | (hb << 8));
4196 atmel_write8(dev, DR, *src);
4199 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
4203 atmel_writeAR(dev, src);
4205 *dest = atmel_read8(dev, DR);
4208 for (i = len; i > 1 ; i -= 2) {
4209 u16 hw = atmel_read16(dev, DR);
4214 *dest = atmel_read8(dev, DR);
4217 static void atmel_set_gcr(struct net_device *dev, u16 mask)
4219 outw(inw(dev->base_addr + GCR) | mask, dev->base_addr + GCR);
4222 static void atmel_clear_gcr(struct net_device *dev, u16 mask)
4224 outw(inw(dev->base_addr + GCR) & ~mask, dev->base_addr + GCR);
4227 static int atmel_lock_mac(struct atmel_private *priv)
4231 for (i = 5000; i; i--) {
4232 if (!atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET)))
4238 return 0; /* timed out */
4240 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 1);
4241 if (atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) {
4242 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
4244 return 0; /* timed out */
4251 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data)
4253 atmel_writeAR(priv->dev, pos);
4254 atmel_write16(priv->dev, DR, data); /* card is little-endian */
4255 atmel_write16(priv->dev, DR, data >> 16);
4258 /***************************************************************************/
4259 /* There follows the source form of the MAC address reading firmware */
4260 /***************************************************************************/
4263 /* Copyright 2003 Matthew T. Russotto */
4264 /* But derived from the Atmel 76C502 firmware written by Atmel and */
4265 /* included in "atmel wireless lan drivers" package */
4267 This file is part of net.russotto.AtmelMACFW, hereto referred to
4270 AtmelMACFW is free software; you can redistribute it and/or modify
4271 it under the terms of the GNU General Public License version 2
4272 as published by the Free Software Foundation.
4274 AtmelMACFW is distributed in the hope that it will be useful,
4275 but WITHOUT ANY WARRANTY; without even the implied warranty of
4276 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4277 GNU General Public License for more details.
4279 You should have received a copy of the GNU General Public License
4280 along with AtmelMACFW; if not, see <http://www.gnu.org/licenses/>.
4282 ****************************************************************************/
4283 /* This firmware should work on the 76C502 RFMD, RFMD_D, and RFMD_E */
4284 /* It will probably work on the 76C504 and 76C502 RFMD_3COM */
4285 /* It only works on SPI EEPROM versions of the card. */
4287 /* This firmware initializes the SPI controller and clock, reads the MAC */
4288 /* address from the EEPROM into SRAM, and puts the SRAM offset of the MAC */
4289 /* address in MR2, and sets MR3 to 0x10 to indicate it is done */
4290 /* It also puts a complete copy of the EEPROM in SRAM with the offset in */
4291 /* MR4, for investigational purposes (maybe we can determine chip type */
4295 .set MRBASE, 0x8000000
4296 .set CPSR_INITIAL, 0xD3 /* IRQ/FIQ disabled, ARM mode, Supervisor state */
4297 .set CPSR_USER, 0xD1 /* IRQ/FIQ disabled, ARM mode, USER state */
4298 .set SRAM_BASE, 0x02000000
4299 .set SP_BASE, 0x0F300000
4300 .set UNK_BASE, 0x0F000000 /* Some internal device, but which one? */
4301 .set SPI_CGEN_BASE, 0x0E000000 /* Some internal device, but which one? */
4302 .set UNK3_BASE, 0x02014000 /* Some internal device, but which one? */
4303 .set STACK_BASE, 0x5600
4305 .set SP_TDRE, 2 /* status register bit -- TDR empty */
4306 .set SP_RDRF, 1 /* status register bit -- RDR full */
4309 .set SP_CR, 0 /* control register */
4310 .set SP_MR, 4 /* mode register */
4311 .set SP_RDR, 0x08 /* Read Data Register */
4312 .set SP_TDR, 0x0C /* Transmit Data Register */
4313 .set SP_CSR0, 0x30 /* chip select registers */
4317 .set NVRAM_CMD_RDSR, 5 /* read status register */
4318 .set NVRAM_CMD_READ, 3 /* read data */
4319 .set NVRAM_SR_RDY, 1 /* RDY bit. This bit is inverted */
4320 .set SPI_8CLOCKS, 0xFF /* Writing this to the TDR doesn't do anything to the
4321 serial output, since SO is normally high. But it
4322 does cause 8 clock cycles and thus 8 bits to be
4323 clocked in to the chip. See Atmel's SPI
4324 controller (e.g. AT91M55800) timing and 4K
4325 SPI EEPROM manuals */
4327 .set NVRAM_SCRATCH, 0x02000100 /* arbitrary area for scratchpad memory */
4328 .set NVRAM_IMAGE, 0x02000200
4329 .set NVRAM_LENGTH, 0x0200
4330 .set MAC_ADDRESS_MIB, SRAM_BASE
4331 .set MAC_ADDRESS_LENGTH, 6
4332 .set MAC_BOOT_FLAG, 0x10
4354 mov r0, #CPSR_INITIAL
4355 msr CPSR_c, r0 /* This is probably unnecessary */
4357 /* I'm guessing this is initializing clock generator electronics for SPI */
4358 ldr r0, =SPI_CGEN_BASE
4383 ldr r1, =MAC_ADDRESS_MIB
4385 ldr r1, =NVRAM_IMAGE
4387 mov r1, #MAC_BOOT_FLAG
4390 .func Get_Whole_NVRAM, GET_WHOLE_NVRAM
4393 mov r2, #0 /* 0th bytes of NVRAM */
4394 mov r3, #NVRAM_LENGTH
4395 mov r1, #0 /* not used in routine */
4396 ldr r0, =NVRAM_IMAGE
4402 .func Get_MAC_Addr, GET_MAC_ADDR
4405 mov r2, #0x120 /* address of MAC Address within NVRAM */
4406 mov r3, #MAC_ADDRESS_LENGTH
4407 mov r1, #0 /* not used in routine */
4408 ldr r0, =MAC_ADDRESS_MIB
4414 .func Delay9, DELAY9
4416 adds r0, r0, r0, LSL #3 /* r0 = r0 * 9 */
4425 .func SP_Init, SP_INIT
4429 str r1, [r0, #SP_CR] /* reset the SPI */
4431 str r1, [r0, #SP_CR] /* release SPI from reset state */
4433 str r1, [r0, #SP_MR] /* set the SPI to MASTER mode*/
4434 str r1, [r0, #SP_CR] /* enable the SPI */
4436 /* My guess would be this turns on the SPI clock */
4437 ldr r3, =SPI_CGEN_BASE
4443 str r1, [r0, #SP_CSR0]
4445 str r1, [r0, #SP_CSR1]
4446 str r1, [r0, #SP_CSR2]
4447 str r1, [r0, #SP_CSR3]
4448 ldr r1, [r0, #SP_SR]
4449 ldr r0, [r0, #SP_RDR]
4452 .func NVRAM_Init, NVRAM_INIT
4455 ldr r0, [r1, #SP_RDR]
4456 mov r0, #NVRAM_CMD_RDSR
4457 str r0, [r1, #SP_TDR]
4459 ldr r0, [r1, #SP_SR]
4463 mov r0, #SPI_8CLOCKS
4464 str r0, [r1, #SP_TDR]
4466 ldr r0, [r1, #SP_SR]
4470 ldr r0, [r1, #SP_RDR]
4472 ldr r0, [r1, #SP_SR]
4476 ldr r0, [r1, #SP_RDR]
4481 .func NVRAM_Xfer, NVRAM_XFER
4482 /* r0 = dest address */
4484 /* r2 = src address within NVRAM */
4487 stmdb sp!, {r4, r5, lr}
4488 mov r5, r0 /* save r0 (dest address) */
4489 mov r4, r3 /* save r3 (length) */
4490 mov r0, r2, LSR #5 /* SPI memories put A8 in the command field */
4492 add r0, r0, #NVRAM_CMD_READ
4493 ldr r1, =NVRAM_SCRATCH
4494 strb r0, [r1, #0] /* save command in NVRAM_SCRATCH[0] */
4495 strb r2, [r1, #1] /* save low byte of source address in NVRAM_SCRATCH[1] */
4498 tst r0, #NVRAM_SR_RDY
4502 mov r2, r4 /* length */
4503 mov r1, r5 /* dest address */
4504 mov r0, #2 /* bytes to transfer in command */
4506 ldmia sp!, {r4, r5, lr}
4510 .func NVRAM_Xfer2, NVRAM_XFER2
4512 stmdb sp!, {r4, r5, r6, lr}
4517 ldr r5, =NVRAM_SCRATCH
4520 str r6, [r4, #SP_TDR]
4522 ldr r6, [r4, #SP_SR]
4526 cmp r3, r0 /* r0 is # of bytes to send out (command+addr) */
4529 mov r3, #SPI_8CLOCKS
4530 str r3, [r4, #SP_TDR]
4531 ldr r0, [r4, #SP_RDR]
4533 ldr r0, [r4, #SP_SR]
4536 ldr r0, [r4, #SP_RDR] /* what's this byte? It's the byte read while writing the TDR -- nonsense, because the NVRAM doesn't read and write at the same time */
4538 cmp r2, #0 /* r2 is # of bytes to copy in */
4541 ldr r5, [r4, #SP_SR]
4544 str r3, [r4, #SP_TDR] /* r3 has SPI_8CLOCKS */
4546 ldr r5, [r4, #SP_SR]
4549 ldr r5, [r4, #SP_RDR] /* but didn't we read this byte above? */
4550 strb r5, [r1], #1 /* postindexed */
4553 blo _local7 /* since we don't send another address, the NVRAM must be capable of sequential reads */
4557 ldmia sp!, {r4, r5, r6, lr}
projects / cascardo / linux.git / blob