xref: /openbmc/linux/drivers/net/wireless/atmel/atmel.c (revision 7ae9fb1b7ecbb5d85d07857943f677fd1a559b18)
1  /*** -*- linux-c -*- **********************************************************
2  
3       Driver for Atmel at76c502 at76c504 and at76c506 wireless cards.
4  
5  	Copyright 2000-2001 ATMEL Corporation.
6  	Copyright 2003-2004 Simon Kelley.
7  
8      This code was developed from version 2.1.1 of the Atmel drivers,
9      released by Atmel corp. under the GPL in December 2002. It also
10      includes code from the Linux aironet drivers (C) Benjamin Reed,
11      and the Linux PCMCIA package, (C) David Hinds and the Linux wireless
12      extensions, (C) Jean Tourrilhes.
13  
14      The firmware module for reading the MAC address of the card comes from
15      net.russotto.AtmelMACFW, written by Matthew T. Russotto and copyright
16      by him. net.russotto.AtmelMACFW is used under the GPL license version 2.
17      This file contains the module in binary form and, under the terms
18      of the GPL, in source form. The source is located at the end of the file.
19  
20      This program is free software; you can redistribute it and/or modify
21      it under the terms of the GNU General Public License as published by
22      the Free Software Foundation; either version 2 of the License, or
23      (at your option) any later version.
24  
25      This software is distributed in the hope that it will be useful,
26      but WITHOUT ANY WARRANTY; without even the implied warranty of
27      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
28      GNU General Public License for more details.
29  
30      You should have received a copy of the GNU General Public License
31      along with Atmel wireless lan drivers; if not, see
32      <http://www.gnu.org/licenses/>.
33  
34      For all queries about this code, please contact the current author,
35      Simon Kelley <simon@thekelleys.org.uk> and not Atmel Corporation.
36  
37      Credit is due to HP UK and Cambridge Online Systems Ltd for supplying
38      hardware used during development of this driver.
39  
40  ******************************************************************************/
41  
42  #include <linux/interrupt.h>
43  
44  #include <linux/kernel.h>
45  #include <linux/ptrace.h>
46  #include <linux/slab.h>
47  #include <linux/string.h>
48  #include <linux/timer.h>
49  #include <asm/byteorder.h>
50  #include <asm/io.h>
51  #include <linux/uaccess.h>
52  #include <linux/module.h>
53  #include <linux/netdevice.h>
54  #include <linux/etherdevice.h>
55  #include <linux/skbuff.h>
56  #include <linux/if_arp.h>
57  #include <linux/ioport.h>
58  #include <linux/fcntl.h>
59  #include <linux/delay.h>
60  #include <linux/wireless.h>
61  #include <net/iw_handler.h>
62  #include <linux/crc32.h>
63  #include <linux/proc_fs.h>
64  #include <linux/seq_file.h>
65  #include <linux/device.h>
66  #include <linux/moduleparam.h>
67  #include <linux/firmware.h>
68  #include <linux/jiffies.h>
69  #include <net/cfg80211.h>
70  #include "atmel.h"
71  
72  #define DRIVER_MAJOR 0
73  #define DRIVER_MINOR 98
74  
75  MODULE_AUTHOR("Simon Kelley");
76  MODULE_DESCRIPTION("Support for Atmel at76c50x 802.11 wireless ethernet cards.");
77  MODULE_LICENSE("GPL");
78  
79  /* The name of the firmware file to be loaded
80     over-rides any automatic selection */
81  static char *firmware = NULL;
82  module_param(firmware, charp, 0);
83  
84  /* table of firmware file names */
85  static struct {
86  	AtmelFWType fw_type;
87  	const char *fw_file;
88  	const char *fw_file_ext;
89  } fw_table[] = {
90  	{ ATMEL_FW_TYPE_502,		"atmel_at76c502",	"bin" },
91  	{ ATMEL_FW_TYPE_502D,		"atmel_at76c502d",	"bin" },
92  	{ ATMEL_FW_TYPE_502E,		"atmel_at76c502e",	"bin" },
93  	{ ATMEL_FW_TYPE_502_3COM,	"atmel_at76c502_3com",	"bin" },
94  	{ ATMEL_FW_TYPE_504,		"atmel_at76c504",	"bin" },
95  	{ ATMEL_FW_TYPE_504_2958,	"atmel_at76c504_2958",	"bin" },
96  	{ ATMEL_FW_TYPE_504A_2958,	"atmel_at76c504a_2958",	"bin" },
97  	{ ATMEL_FW_TYPE_506,		"atmel_at76c506",	"bin" },
98  	{ ATMEL_FW_TYPE_NONE,		NULL,			NULL }
99  };
100  MODULE_FIRMWARE("atmel_at76c502-wpa.bin");
101  MODULE_FIRMWARE("atmel_at76c502.bin");
102  MODULE_FIRMWARE("atmel_at76c502d-wpa.bin");
103  MODULE_FIRMWARE("atmel_at76c502d.bin");
104  MODULE_FIRMWARE("atmel_at76c502e-wpa.bin");
105  MODULE_FIRMWARE("atmel_at76c502e.bin");
106  MODULE_FIRMWARE("atmel_at76c502_3com-wpa.bin");
107  MODULE_FIRMWARE("atmel_at76c502_3com.bin");
108  MODULE_FIRMWARE("atmel_at76c504-wpa.bin");
109  MODULE_FIRMWARE("atmel_at76c504.bin");
110  MODULE_FIRMWARE("atmel_at76c504_2958-wpa.bin");
111  MODULE_FIRMWARE("atmel_at76c504_2958.bin");
112  MODULE_FIRMWARE("atmel_at76c504a_2958-wpa.bin");
113  MODULE_FIRMWARE("atmel_at76c504a_2958.bin");
114  MODULE_FIRMWARE("atmel_at76c506-wpa.bin");
115  MODULE_FIRMWARE("atmel_at76c506.bin");
116  
117  #define MAX_SSID_LENGTH 32
118  #define MGMT_JIFFIES (256 * HZ / 100)
119  
120  #define MAX_BSS_ENTRIES	64
121  
122  /* registers */
123  #define GCR  0x00    /* (SIR0)  General Configuration Register */
124  #define BSR  0x02    /* (SIR1)  Bank Switching Select Register */
125  #define AR   0x04
126  #define DR   0x08
127  #define MR1  0x12    /* Mirror Register 1 */
128  #define MR2  0x14    /* Mirror Register 2 */
129  #define MR3  0x16    /* Mirror Register 3 */
130  #define MR4  0x18    /* Mirror Register 4 */
131  
132  #define GPR1                            0x0c
133  #define GPR2                            0x0e
134  #define GPR3                            0x10
135  /*
136   * Constants for the GCR register.
137   */
138  #define GCR_REMAP     0x0400          /* Remap internal SRAM to 0 */
139  #define GCR_SWRES     0x0080          /* BIU reset (ARM and PAI are NOT reset) */
140  #define GCR_CORES     0x0060          /* Core Reset (ARM and PAI are reset) */
141  #define GCR_ENINT     0x0002          /* Enable Interrupts */
142  #define GCR_ACKINT    0x0008          /* Acknowledge Interrupts */
143  
144  #define BSS_SRAM      0x0200          /* AMBA module selection --> SRAM */
145  #define BSS_IRAM      0x0100          /* AMBA module selection --> IRAM */
146  /*
147   *Constants for the MR registers.
148   */
149  #define MAC_INIT_COMPLETE       0x0001        /* MAC init has been completed */
150  #define MAC_BOOT_COMPLETE       0x0010        /* MAC boot has been completed */
151  #define MAC_INIT_OK             0x0002        /* MAC boot has been completed */
152  
153  #define MIB_MAX_DATA_BYTES    212
154  #define MIB_HEADER_SIZE       4    /* first four fields */
155  
156  struct get_set_mib {
157  	u8 type;
158  	u8 size;
159  	u8 index;
160  	u8 reserved;
161  	u8 data[MIB_MAX_DATA_BYTES];
162  };
163  
164  struct rx_desc {
165  	u32          Next;
166  	u16          MsduPos;
167  	u16          MsduSize;
168  
169  	u8           State;
170  	u8           Status;
171  	u8           Rate;
172  	u8           Rssi;
173  	u8           LinkQuality;
174  	u8           PreambleType;
175  	u16          Duration;
176  	u32          RxTime;
177  };
178  
179  #define RX_DESC_FLAG_VALID       0x80
180  #define RX_DESC_FLAG_CONSUMED    0x40
181  #define RX_DESC_FLAG_IDLE        0x00
182  
183  #define RX_STATUS_SUCCESS        0x00
184  
185  #define RX_DESC_MSDU_POS_OFFSET      4
186  #define RX_DESC_MSDU_SIZE_OFFSET     6
187  #define RX_DESC_FLAGS_OFFSET         8
188  #define RX_DESC_STATUS_OFFSET        9
189  #define RX_DESC_RSSI_OFFSET          11
190  #define RX_DESC_LINK_QUALITY_OFFSET  12
191  #define RX_DESC_PREAMBLE_TYPE_OFFSET 13
192  #define RX_DESC_DURATION_OFFSET      14
193  #define RX_DESC_RX_TIME_OFFSET       16
194  
195  struct tx_desc {
196  	u32       NextDescriptor;
197  	u16       TxStartOfFrame;
198  	u16       TxLength;
199  
200  	u8        TxState;
201  	u8        TxStatus;
202  	u8        RetryCount;
203  
204  	u8        TxRate;
205  
206  	u8        KeyIndex;
207  	u8        ChiperType;
208  	u8        ChipreLength;
209  	u8        Reserved1;
210  
211  	u8        Reserved;
212  	u8        PacketType;
213  	u16       HostTxLength;
214  };
215  
216  #define TX_DESC_NEXT_OFFSET          0
217  #define TX_DESC_POS_OFFSET           4
218  #define TX_DESC_SIZE_OFFSET          6
219  #define TX_DESC_FLAGS_OFFSET         8
220  #define TX_DESC_STATUS_OFFSET        9
221  #define TX_DESC_RETRY_OFFSET         10
222  #define TX_DESC_RATE_OFFSET          11
223  #define TX_DESC_KEY_INDEX_OFFSET     12
224  #define TX_DESC_CIPHER_TYPE_OFFSET   13
225  #define TX_DESC_CIPHER_LENGTH_OFFSET 14
226  #define TX_DESC_PACKET_TYPE_OFFSET   17
227  #define TX_DESC_HOST_LENGTH_OFFSET   18
228  
229  /*
230   * Host-MAC interface
231   */
232  
233  #define TX_STATUS_SUCCESS       0x00
234  
235  #define TX_FIRM_OWN             0x80
236  #define TX_DONE                 0x40
237  
238  #define TX_ERROR                0x01
239  
240  #define TX_PACKET_TYPE_DATA     0x01
241  #define TX_PACKET_TYPE_MGMT     0x02
242  
243  #define ISR_EMPTY               0x00        /* no bits set in ISR */
244  #define ISR_TxCOMPLETE          0x01        /* packet transmitted */
245  #define ISR_RxCOMPLETE          0x02        /* packet received */
246  #define ISR_RxFRAMELOST         0x04        /* Rx Frame lost */
247  #define ISR_FATAL_ERROR         0x08        /* Fatal error */
248  #define ISR_COMMAND_COMPLETE    0x10        /* command completed */
249  #define ISR_OUT_OF_RANGE        0x20        /* command completed */
250  #define ISR_IBSS_MERGE          0x40        /* (4.1.2.30): IBSS merge */
251  #define ISR_GENERIC_IRQ         0x80
252  
253  #define Local_Mib_Type          0x01
254  #define Mac_Address_Mib_Type    0x02
255  #define Mac_Mib_Type            0x03
256  #define Statistics_Mib_Type     0x04
257  #define Mac_Mgmt_Mib_Type       0x05
258  #define Mac_Wep_Mib_Type        0x06
259  #define Phy_Mib_Type            0x07
260  #define Multi_Domain_MIB        0x08
261  
262  #define MAC_MGMT_MIB_CUR_BSSID_POS            14
263  #define MAC_MIB_FRAG_THRESHOLD_POS            8
264  #define MAC_MIB_RTS_THRESHOLD_POS             10
265  #define MAC_MIB_SHORT_RETRY_POS               16
266  #define MAC_MIB_LONG_RETRY_POS                17
267  #define MAC_MIB_SHORT_RETRY_LIMIT_POS         16
268  #define MAC_MGMT_MIB_BEACON_PER_POS           0
269  #define MAC_MGMT_MIB_STATION_ID_POS           6
270  #define MAC_MGMT_MIB_CUR_PRIVACY_POS          11
271  #define MAC_MGMT_MIB_CUR_BSSID_POS            14
272  #define MAC_MGMT_MIB_PS_MODE_POS              53
273  #define MAC_MGMT_MIB_LISTEN_INTERVAL_POS      54
274  #define MAC_MGMT_MIB_MULTI_DOMAIN_IMPLEMENTED 56
275  #define MAC_MGMT_MIB_MULTI_DOMAIN_ENABLED     57
276  #define PHY_MIB_CHANNEL_POS                   14
277  #define PHY_MIB_RATE_SET_POS                  20
278  #define PHY_MIB_REG_DOMAIN_POS                26
279  #define LOCAL_MIB_AUTO_TX_RATE_POS            3
280  #define LOCAL_MIB_SSID_SIZE                   5
281  #define LOCAL_MIB_TX_PROMISCUOUS_POS          6
282  #define LOCAL_MIB_TX_MGMT_RATE_POS            7
283  #define LOCAL_MIB_TX_CONTROL_RATE_POS         8
284  #define LOCAL_MIB_PREAMBLE_TYPE               9
285  #define MAC_ADDR_MIB_MAC_ADDR_POS             0
286  
287  #define         CMD_Set_MIB_Vars              0x01
288  #define         CMD_Get_MIB_Vars              0x02
289  #define         CMD_Scan                      0x03
290  #define         CMD_Join                      0x04
291  #define         CMD_Start                     0x05
292  #define         CMD_EnableRadio               0x06
293  #define         CMD_DisableRadio              0x07
294  #define         CMD_SiteSurvey                0x0B
295  
296  #define         CMD_STATUS_IDLE                   0x00
297  #define         CMD_STATUS_COMPLETE               0x01
298  #define         CMD_STATUS_UNKNOWN                0x02
299  #define         CMD_STATUS_INVALID_PARAMETER      0x03
300  #define         CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04
301  #define         CMD_STATUS_TIME_OUT               0x07
302  #define         CMD_STATUS_IN_PROGRESS            0x08
303  #define         CMD_STATUS_REJECTED_RADIO_OFF     0x09
304  #define         CMD_STATUS_HOST_ERROR             0xFF
305  #define         CMD_STATUS_BUSY                   0xFE
306  
307  #define CMD_BLOCK_COMMAND_OFFSET        0
308  #define CMD_BLOCK_STATUS_OFFSET         1
309  #define CMD_BLOCK_PARAMETERS_OFFSET     4
310  
311  #define SCAN_OPTIONS_SITE_SURVEY        0x80
312  
313  #define MGMT_FRAME_BODY_OFFSET		24
314  #define MAX_AUTHENTICATION_RETRIES	3
315  #define MAX_ASSOCIATION_RETRIES		3
316  
317  #define AUTHENTICATION_RESPONSE_TIME_OUT  1000
318  
319  #define MAX_WIRELESS_BODY  2316 /* mtu is 2312, CRC is 4 */
320  #define LOOP_RETRY_LIMIT   500000
321  
322  #define ACTIVE_MODE	1
323  #define PS_MODE		2
324  
325  #define MAX_ENCRYPTION_KEYS 4
326  #define MAX_ENCRYPTION_KEY_SIZE 40
327  
328  /*
329   * 802.11 related definitions
330   */
331  
332  /*
333   * Regulatory Domains
334   */
335  
336  #define REG_DOMAIN_FCC		0x10	/* Channels	1-11	USA				*/
337  #define REG_DOMAIN_DOC		0x20	/* Channel	1-11	Canada				*/
338  #define REG_DOMAIN_ETSI		0x30	/* Channel	1-13	Europe (ex Spain/France)	*/
339  #define REG_DOMAIN_SPAIN	0x31	/* Channel	10-11	Spain				*/
340  #define REG_DOMAIN_FRANCE	0x32	/* Channel	10-13	France				*/
341  #define REG_DOMAIN_MKK		0x40	/* Channel	14	Japan				*/
342  #define REG_DOMAIN_MKK1		0x41	/* Channel	1-14	Japan(MKK1)			*/
343  #define REG_DOMAIN_ISRAEL	0x50	/* Channel	3-9	ISRAEL				*/
344  
345  #define BSS_TYPE_AD_HOC		1
346  #define BSS_TYPE_INFRASTRUCTURE 2
347  
348  #define SCAN_TYPE_ACTIVE	0
349  #define SCAN_TYPE_PASSIVE	1
350  
351  #define LONG_PREAMBLE		0
352  #define SHORT_PREAMBLE		1
353  #define AUTO_PREAMBLE		2
354  
355  #define DATA_FRAME_WS_HEADER_SIZE   30
356  
357  /* promiscuous mode control */
358  #define PROM_MODE_OFF			0x0
359  #define PROM_MODE_UNKNOWN		0x1
360  #define PROM_MODE_CRC_FAILED		0x2
361  #define PROM_MODE_DUPLICATED		0x4
362  #define PROM_MODE_MGMT			0x8
363  #define PROM_MODE_CTRL			0x10
364  #define PROM_MODE_BAD_PROTOCOL		0x20
365  
366  #define IFACE_INT_STATUS_OFFSET		0
367  #define IFACE_INT_MASK_OFFSET		1
368  #define IFACE_LOCKOUT_HOST_OFFSET	2
369  #define IFACE_LOCKOUT_MAC_OFFSET	3
370  #define IFACE_FUNC_CTRL_OFFSET		28
371  #define IFACE_MAC_STAT_OFFSET		30
372  #define IFACE_GENERIC_INT_TYPE_OFFSET	32
373  
374  #define CIPHER_SUITE_NONE     0
375  #define CIPHER_SUITE_WEP_64   1
376  #define CIPHER_SUITE_TKIP     2
377  #define CIPHER_SUITE_AES      3
378  #define CIPHER_SUITE_CCX      4
379  #define CIPHER_SUITE_WEP_128  5
380  
381  /*
382   * IFACE MACROS & definitions
383   */
384  
385  /*
386   * FuncCtrl field:
387   */
388  #define FUNC_CTRL_TxENABLE		0x10
389  #define FUNC_CTRL_RxENABLE		0x20
390  #define FUNC_CTRL_INIT_COMPLETE		0x01
391  
392  /* A stub firmware image which reads the MAC address from NVRAM on the card.
393     For copyright information and source see the end of this file. */
394  static u8 mac_reader[] = {
395  	0x06, 0x00, 0x00, 0xea, 0x04, 0x00, 0x00, 0xea, 0x03, 0x00, 0x00, 0xea, 0x02, 0x00, 0x00, 0xea,
396  	0x01, 0x00, 0x00, 0xea, 0x00, 0x00, 0x00, 0xea, 0xff, 0xff, 0xff, 0xea, 0xfe, 0xff, 0xff, 0xea,
397  	0xd3, 0x00, 0xa0, 0xe3, 0x00, 0xf0, 0x21, 0xe1, 0x0e, 0x04, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
398  	0x81, 0x11, 0xa0, 0xe1, 0x00, 0x10, 0x81, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x1c, 0x10, 0x90, 0xe5,
399  	0x10, 0x10, 0xc1, 0xe3, 0x1c, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 0x08, 0x10, 0x80, 0xe5,
400  	0x02, 0x03, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 0xb0, 0x10, 0xc0, 0xe1, 0xb4, 0x10, 0xc0, 0xe1,
401  	0xb8, 0x10, 0xc0, 0xe1, 0xbc, 0x10, 0xc0, 0xe1, 0x56, 0xdc, 0xa0, 0xe3, 0x21, 0x00, 0x00, 0xeb,
402  	0x0a, 0x00, 0xa0, 0xe3, 0x1a, 0x00, 0x00, 0xeb, 0x10, 0x00, 0x00, 0xeb, 0x07, 0x00, 0x00, 0xeb,
403  	0x02, 0x03, 0xa0, 0xe3, 0x02, 0x14, 0xa0, 0xe3, 0xb4, 0x10, 0xc0, 0xe1, 0x4c, 0x10, 0x9f, 0xe5,
404  	0xbc, 0x10, 0xc0, 0xe1, 0x10, 0x10, 0xa0, 0xe3, 0xb8, 0x10, 0xc0, 0xe1, 0xfe, 0xff, 0xff, 0xea,
405  	0x00, 0x40, 0x2d, 0xe9, 0x00, 0x20, 0xa0, 0xe3, 0x02, 0x3c, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
406  	0x28, 0x00, 0x9f, 0xe5, 0x37, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1,
407  	0x00, 0x40, 0x2d, 0xe9, 0x12, 0x2e, 0xa0, 0xe3, 0x06, 0x30, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
408  	0x02, 0x04, 0xa0, 0xe3, 0x2f, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1,
409  	0x00, 0x02, 0x00, 0x02, 0x80, 0x01, 0x90, 0xe0, 0x01, 0x00, 0x00, 0x0a, 0x01, 0x00, 0x50, 0xe2,
410  	0xfc, 0xff, 0xff, 0xea, 0x1e, 0xff, 0x2f, 0xe1, 0x80, 0x10, 0xa0, 0xe3, 0xf3, 0x06, 0xa0, 0xe3,
411  	0x00, 0x10, 0x80, 0xe5, 0x00, 0x10, 0xa0, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3,
412  	0x04, 0x10, 0x80, 0xe5, 0x00, 0x10, 0x80, 0xe5, 0x0e, 0x34, 0xa0, 0xe3, 0x1c, 0x10, 0x93, 0xe5,
413  	0x02, 0x1a, 0x81, 0xe3, 0x1c, 0x10, 0x83, 0xe5, 0x58, 0x11, 0x9f, 0xe5, 0x30, 0x10, 0x80, 0xe5,
414  	0x54, 0x11, 0x9f, 0xe5, 0x34, 0x10, 0x80, 0xe5, 0x38, 0x10, 0x80, 0xe5, 0x3c, 0x10, 0x80, 0xe5,
415  	0x10, 0x10, 0x90, 0xe5, 0x08, 0x00, 0x90, 0xe5, 0x1e, 0xff, 0x2f, 0xe1, 0xf3, 0x16, 0xa0, 0xe3,
416  	0x08, 0x00, 0x91, 0xe5, 0x05, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 0x10, 0x00, 0x91, 0xe5,
417  	0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0xff, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5,
418  	0x10, 0x00, 0x91, 0xe5, 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5,
419  	0x10, 0x00, 0x91, 0xe5, 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5,
420  	0xff, 0x00, 0x00, 0xe2, 0x1e, 0xff, 0x2f, 0xe1, 0x30, 0x40, 0x2d, 0xe9, 0x00, 0x50, 0xa0, 0xe1,
421  	0x03, 0x40, 0xa0, 0xe1, 0xa2, 0x02, 0xa0, 0xe1, 0x08, 0x00, 0x00, 0xe2, 0x03, 0x00, 0x80, 0xe2,
422  	0xd8, 0x10, 0x9f, 0xe5, 0x00, 0x00, 0xc1, 0xe5, 0x01, 0x20, 0xc1, 0xe5, 0xe2, 0xff, 0xff, 0xeb,
423  	0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x1a, 0x14, 0x00, 0xa0, 0xe3, 0xc4, 0xff, 0xff, 0xeb,
424  	0x04, 0x20, 0xa0, 0xe1, 0x05, 0x10, 0xa0, 0xe1, 0x02, 0x00, 0xa0, 0xe3, 0x01, 0x00, 0x00, 0xeb,
425  	0x30, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x70, 0x40, 0x2d, 0xe9, 0xf3, 0x46, 0xa0, 0xe3,
426  	0x00, 0x30, 0xa0, 0xe3, 0x00, 0x00, 0x50, 0xe3, 0x08, 0x00, 0x00, 0x9a, 0x8c, 0x50, 0x9f, 0xe5,
427  	0x03, 0x60, 0xd5, 0xe7, 0x0c, 0x60, 0x84, 0xe5, 0x10, 0x60, 0x94, 0xe5, 0x02, 0x00, 0x16, 0xe3,
428  	0xfc, 0xff, 0xff, 0x0a, 0x01, 0x30, 0x83, 0xe2, 0x00, 0x00, 0x53, 0xe1, 0xf7, 0xff, 0xff, 0x3a,
429  	0xff, 0x30, 0xa0, 0xe3, 0x0c, 0x30, 0x84, 0xe5, 0x08, 0x00, 0x94, 0xe5, 0x10, 0x00, 0x94, 0xe5,
430  	0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x94, 0xe5, 0x00, 0x00, 0xa0, 0xe3,
431  	0x00, 0x00, 0x52, 0xe3, 0x0b, 0x00, 0x00, 0x9a, 0x10, 0x50, 0x94, 0xe5, 0x02, 0x00, 0x15, 0xe3,
432  	0xfc, 0xff, 0xff, 0x0a, 0x0c, 0x30, 0x84, 0xe5, 0x10, 0x50, 0x94, 0xe5, 0x01, 0x00, 0x15, 0xe3,
433  	0xfc, 0xff, 0xff, 0x0a, 0x08, 0x50, 0x94, 0xe5, 0x01, 0x50, 0xc1, 0xe4, 0x01, 0x00, 0x80, 0xe2,
434  	0x02, 0x00, 0x50, 0xe1, 0xf3, 0xff, 0xff, 0x3a, 0xc8, 0x00, 0xa0, 0xe3, 0x98, 0xff, 0xff, 0xeb,
435  	0x70, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x01, 0x0c, 0x00, 0x02, 0x01, 0x02, 0x00, 0x02,
436  	0x00, 0x01, 0x00, 0x02
437  };
438  
439  struct atmel_private {
440  	void *card; /* Bus dependent structure varies for PCcard */
441  	int (*present_callback)(void *); /* And callback which uses it */
442  	char firmware_id[32];
443  	AtmelFWType firmware_type;
444  	u8 *firmware;
445  	int firmware_length;
446  	struct timer_list management_timer;
447  	struct net_device *dev;
448  	struct device *sys_dev;
449  	struct iw_statistics wstats;
450  	spinlock_t irqlock, timerlock;	/* spinlocks */
451  	enum { BUS_TYPE_PCCARD, BUS_TYPE_PCI } bus_type;
452  	enum {
453  		CARD_TYPE_PARALLEL_FLASH,
454  		CARD_TYPE_SPI_FLASH,
455  		CARD_TYPE_EEPROM
456  	} card_type;
457  	int do_rx_crc; /* If we need to CRC incoming packets */
458  	int probe_crc; /* set if we don't yet know */
459  	int crc_ok_cnt, crc_ko_cnt; /* counters for probing */
460  	u16 rx_desc_head;
461  	u16 tx_desc_free, tx_desc_head, tx_desc_tail, tx_desc_previous;
462  	u16 tx_free_mem, tx_buff_head, tx_buff_tail;
463  
464  	u16 frag_seq, frag_len, frag_no;
465  	u8 frag_source[6];
466  
467  	u8 wep_is_on, default_key, exclude_unencrypted, encryption_level;
468  	u8 group_cipher_suite, pairwise_cipher_suite;
469  	u8 wep_keys[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
470  	int wep_key_len[MAX_ENCRYPTION_KEYS];
471  	int use_wpa, radio_on_broken; /* firmware dependent stuff. */
472  
473  	u16 host_info_base;
474  	struct host_info_struct {
475  		/* NB this is matched to the hardware, don't change. */
476  		u8 volatile int_status;
477  		u8 volatile int_mask;
478  		u8 volatile lockout_host;
479  		u8 volatile lockout_mac;
480  
481  		u16 tx_buff_pos;
482  		u16 tx_buff_size;
483  		u16 tx_desc_pos;
484  		u16 tx_desc_count;
485  
486  		u16 rx_buff_pos;
487  		u16 rx_buff_size;
488  		u16 rx_desc_pos;
489  		u16 rx_desc_count;
490  
491  		u16 build_version;
492  		u16 command_pos;
493  
494  		u16 major_version;
495  		u16 minor_version;
496  
497  		u16 func_ctrl;
498  		u16 mac_status;
499  		u16 generic_IRQ_type;
500  		u8  reserved[2];
501  	} host_info;
502  
503  	enum {
504  		STATION_STATE_SCANNING,
505  		STATION_STATE_JOINNING,
506  		STATION_STATE_AUTHENTICATING,
507  		STATION_STATE_ASSOCIATING,
508  		STATION_STATE_READY,
509  		STATION_STATE_REASSOCIATING,
510  		STATION_STATE_DOWN,
511  		STATION_STATE_MGMT_ERROR
512  	} station_state;
513  
514  	int operating_mode, power_mode;
515  	unsigned long last_qual;
516  	int beacons_this_sec;
517  	int channel;
518  	int reg_domain, config_reg_domain;
519  	int tx_rate;
520  	int auto_tx_rate;
521  	int rts_threshold;
522  	int frag_threshold;
523  	int long_retry, short_retry;
524  	int preamble;
525  	int default_beacon_period, beacon_period, listen_interval;
526  	int CurrentAuthentTransactionSeqNum, ExpectedAuthentTransactionSeqNum;
527  	int AuthenticationRequestRetryCnt, AssociationRequestRetryCnt, ReAssociationRequestRetryCnt;
528  	enum {
529  		SITE_SURVEY_IDLE,
530  		SITE_SURVEY_IN_PROGRESS,
531  		SITE_SURVEY_COMPLETED
532  	} site_survey_state;
533  	unsigned long last_survey;
534  
535  	int station_was_associated, station_is_associated;
536  	int fast_scan;
537  
538  	struct bss_info {
539  		int channel;
540  		int SSIDsize;
541  		int RSSI;
542  		int UsingWEP;
543  		int preamble;
544  		int beacon_period;
545  		int BSStype;
546  		u8 BSSID[6];
547  		u8 SSID[MAX_SSID_LENGTH];
548  	} BSSinfo[MAX_BSS_ENTRIES];
549  	int BSS_list_entries, current_BSS;
550  	int connect_to_any_BSS;
551  	int SSID_size, new_SSID_size;
552  	u8 CurrentBSSID[6], BSSID[6];
553  	u8 SSID[MAX_SSID_LENGTH], new_SSID[MAX_SSID_LENGTH];
554  	u64 last_beacon_timestamp;
555  	u8 rx_buf[MAX_WIRELESS_BODY];
556  };
557  
558  static u8 atmel_basic_rates[4] = {0x82, 0x84, 0x0b, 0x16};
559  
560  static const struct {
561  	int reg_domain;
562  	int min, max;
563  	char *name;
564  } channel_table[] = { { REG_DOMAIN_FCC, 1, 11, "USA" },
565  		      { REG_DOMAIN_DOC, 1, 11, "Canada" },
566  		      { REG_DOMAIN_ETSI, 1, 13, "Europe" },
567  		      { REG_DOMAIN_SPAIN, 10, 11, "Spain" },
568  		      { REG_DOMAIN_FRANCE, 10, 13, "France" },
569  		      { REG_DOMAIN_MKK, 14, 14, "MKK" },
570  		      { REG_DOMAIN_MKK1, 1, 14, "MKK1" },
571  		      { REG_DOMAIN_ISRAEL, 3, 9, "Israel"} };
572  
573  static void build_wpa_mib(struct atmel_private *priv);
574  static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd);
575  static void atmel_copy_to_card(struct net_device *dev, u16 dest,
576  			       const unsigned char *src, u16 len);
577  static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
578  			       u16 src, u16 len);
579  static void atmel_set_gcr(struct net_device *dev, u16 mask);
580  static void atmel_clear_gcr(struct net_device *dev, u16 mask);
581  static int atmel_lock_mac(struct atmel_private *priv);
582  static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data);
583  static void atmel_command_irq(struct atmel_private *priv);
584  static int atmel_validate_channel(struct atmel_private *priv, int channel);
585  static void atmel_management_frame(struct atmel_private *priv,
586  				   struct ieee80211_hdr *header,
587  				   u16 frame_len, u8 rssi);
588  static void atmel_management_timer(struct timer_list *t);
589  static void atmel_send_command(struct atmel_private *priv, int command,
590  			       void *cmd, int cmd_size);
591  static int atmel_send_command_wait(struct atmel_private *priv, int command,
592  				   void *cmd, int cmd_size);
593  static void atmel_transmit_management_frame(struct atmel_private *priv,
594  					    struct ieee80211_hdr *header,
595  					    u8 *body, int body_len);
596  
597  static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index);
598  static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index,
599  			   u8 data);
600  static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
601  			    u16 data);
602  static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
603  			  const u8 *data, int data_len);
604  static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
605  			  u8 *data, int data_len);
606  static void atmel_scan(struct atmel_private *priv, int specific_ssid);
607  static void atmel_join_bss(struct atmel_private *priv, int bss_index);
608  static void atmel_smooth_qual(struct atmel_private *priv);
609  static void atmel_writeAR(struct net_device *dev, u16 data);
610  static int probe_atmel_card(struct net_device *dev);
611  static int reset_atmel_card(struct net_device *dev);
612  static void atmel_enter_state(struct atmel_private *priv, int new_state);
613  int atmel_open (struct net_device *dev);
614  
atmel_hi(struct atmel_private * priv,u16 offset)615  static inline u16 atmel_hi(struct atmel_private *priv, u16 offset)
616  {
617  	return priv->host_info_base + offset;
618  }
619  
atmel_co(struct atmel_private * priv,u16 offset)620  static inline u16 atmel_co(struct atmel_private *priv, u16 offset)
621  {
622  	return priv->host_info.command_pos + offset;
623  }
624  
atmel_rx(struct atmel_private * priv,u16 offset,u16 desc)625  static inline u16 atmel_rx(struct atmel_private *priv, u16 offset, u16 desc)
626  {
627  	return priv->host_info.rx_desc_pos + (sizeof(struct rx_desc) * desc) + offset;
628  }
629  
atmel_tx(struct atmel_private * priv,u16 offset,u16 desc)630  static inline u16 atmel_tx(struct atmel_private *priv, u16 offset, u16 desc)
631  {
632  	return priv->host_info.tx_desc_pos + (sizeof(struct tx_desc) * desc) + offset;
633  }
634  
atmel_read8(struct net_device * dev,u16 offset)635  static inline u8 atmel_read8(struct net_device *dev, u16 offset)
636  {
637  	return inb(dev->base_addr + offset);
638  }
639  
atmel_write8(struct net_device * dev,u16 offset,u8 data)640  static inline void atmel_write8(struct net_device *dev, u16 offset, u8 data)
641  {
642  	outb(data, dev->base_addr + offset);
643  }
644  
atmel_read16(struct net_device * dev,u16 offset)645  static inline u16 atmel_read16(struct net_device *dev, u16 offset)
646  {
647  	return inw(dev->base_addr + offset);
648  }
649  
atmel_write16(struct net_device * dev,u16 offset,u16 data)650  static inline void atmel_write16(struct net_device *dev, u16 offset, u16 data)
651  {
652  	outw(data, dev->base_addr + offset);
653  }
654  
atmel_rmem8(struct atmel_private * priv,u16 pos)655  static inline u8 atmel_rmem8(struct atmel_private *priv, u16 pos)
656  {
657  	atmel_writeAR(priv->dev, pos);
658  	return atmel_read8(priv->dev, DR);
659  }
660  
atmel_wmem8(struct atmel_private * priv,u16 pos,u16 data)661  static inline void atmel_wmem8(struct atmel_private *priv, u16 pos, u16 data)
662  {
663  	atmel_writeAR(priv->dev, pos);
664  	atmel_write8(priv->dev, DR, data);
665  }
666  
atmel_rmem16(struct atmel_private * priv,u16 pos)667  static inline u16 atmel_rmem16(struct atmel_private *priv, u16 pos)
668  {
669  	atmel_writeAR(priv->dev, pos);
670  	return atmel_read16(priv->dev, DR);
671  }
672  
atmel_wmem16(struct atmel_private * priv,u16 pos,u16 data)673  static inline void atmel_wmem16(struct atmel_private *priv, u16 pos, u16 data)
674  {
675  	atmel_writeAR(priv->dev, pos);
676  	atmel_write16(priv->dev, DR, data);
677  }
678  
679  static const struct iw_handler_def atmel_handler_def;
680  
tx_done_irq(struct atmel_private * priv)681  static void tx_done_irq(struct atmel_private *priv)
682  {
683  	int i;
684  
685  	for (i = 0;
686  	     atmel_rmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head)) == TX_DONE &&
687  		     i < priv->host_info.tx_desc_count;
688  	     i++) {
689  		u8 status = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_STATUS_OFFSET, priv->tx_desc_head));
690  		u16 msdu_size = atmel_rmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_head));
691  		u8 type = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_head));
692  
693  		atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head), 0);
694  
695  		priv->tx_free_mem += msdu_size;
696  		priv->tx_desc_free++;
697  
698  		if (priv->tx_buff_head + msdu_size > (priv->host_info.tx_buff_pos + priv->host_info.tx_buff_size))
699  			priv->tx_buff_head = 0;
700  		else
701  			priv->tx_buff_head += msdu_size;
702  
703  		if (priv->tx_desc_head < (priv->host_info.tx_desc_count - 1))
704  			priv->tx_desc_head++ ;
705  		else
706  			priv->tx_desc_head = 0;
707  
708  		if (type == TX_PACKET_TYPE_DATA) {
709  			if (status == TX_STATUS_SUCCESS)
710  				priv->dev->stats.tx_packets++;
711  			else
712  				priv->dev->stats.tx_errors++;
713  			netif_wake_queue(priv->dev);
714  		}
715  	}
716  }
717  
find_tx_buff(struct atmel_private * priv,u16 len)718  static u16 find_tx_buff(struct atmel_private *priv, u16 len)
719  {
720  	u16 bottom_free = priv->host_info.tx_buff_size - priv->tx_buff_tail;
721  
722  	if (priv->tx_desc_free == 3 || priv->tx_free_mem < len)
723  		return 0;
724  
725  	if (bottom_free >= len)
726  		return priv->host_info.tx_buff_pos + priv->tx_buff_tail;
727  
728  	if (priv->tx_free_mem - bottom_free >= len) {
729  		priv->tx_buff_tail = 0;
730  		return priv->host_info.tx_buff_pos;
731  	}
732  
733  	return 0;
734  }
735  
tx_update_descriptor(struct atmel_private * priv,int is_bcast,u16 len,u16 buff,u8 type)736  static void tx_update_descriptor(struct atmel_private *priv, int is_bcast,
737  				 u16 len, u16 buff, u8 type)
738  {
739  	atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, priv->tx_desc_tail), buff);
740  	atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_tail), len);
741  	if (!priv->use_wpa)
742  		atmel_wmem16(priv, atmel_tx(priv, TX_DESC_HOST_LENGTH_OFFSET, priv->tx_desc_tail), len);
743  	atmel_wmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_tail), type);
744  	atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RATE_OFFSET, priv->tx_desc_tail), priv->tx_rate);
745  	atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RETRY_OFFSET, priv->tx_desc_tail), 0);
746  	if (priv->use_wpa) {
747  		int cipher_type, cipher_length;
748  		if (is_bcast) {
749  			cipher_type = priv->group_cipher_suite;
750  			if (cipher_type == CIPHER_SUITE_WEP_64 ||
751  			    cipher_type == CIPHER_SUITE_WEP_128)
752  				cipher_length = 8;
753  			else if (cipher_type == CIPHER_SUITE_TKIP)
754  				cipher_length = 12;
755  			else if (priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_64 ||
756  				 priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_128) {
757  				cipher_type = priv->pairwise_cipher_suite;
758  				cipher_length = 8;
759  			} else {
760  				cipher_type = CIPHER_SUITE_NONE;
761  				cipher_length = 0;
762  			}
763  		} else {
764  			cipher_type = priv->pairwise_cipher_suite;
765  			if (cipher_type == CIPHER_SUITE_WEP_64 ||
766  			    cipher_type == CIPHER_SUITE_WEP_128)
767  				cipher_length = 8;
768  			else if (cipher_type == CIPHER_SUITE_TKIP)
769  				cipher_length = 12;
770  			else if (priv->group_cipher_suite == CIPHER_SUITE_WEP_64 ||
771  				 priv->group_cipher_suite == CIPHER_SUITE_WEP_128) {
772  				cipher_type = priv->group_cipher_suite;
773  				cipher_length = 8;
774  			} else {
775  				cipher_type = CIPHER_SUITE_NONE;
776  				cipher_length = 0;
777  			}
778  		}
779  
780  		atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_TYPE_OFFSET, priv->tx_desc_tail),
781  			    cipher_type);
782  		atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_LENGTH_OFFSET, priv->tx_desc_tail),
783  			    cipher_length);
784  	}
785  	atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_tail), 0x80000000L);
786  	atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_tail), TX_FIRM_OWN);
787  	if (priv->tx_desc_previous != priv->tx_desc_tail)
788  		atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_previous), 0);
789  	priv->tx_desc_previous = priv->tx_desc_tail;
790  	if (priv->tx_desc_tail < (priv->host_info.tx_desc_count - 1))
791  		priv->tx_desc_tail++;
792  	else
793  		priv->tx_desc_tail = 0;
794  	priv->tx_desc_free--;
795  	priv->tx_free_mem -= len;
796  }
797  
start_tx(struct sk_buff * skb,struct net_device * dev)798  static netdev_tx_t start_tx(struct sk_buff *skb, struct net_device *dev)
799  {
800  	struct atmel_private *priv = netdev_priv(dev);
801  	struct ieee80211_hdr header;
802  	unsigned long flags;
803  	u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN;
804  
805  	if (priv->card && priv->present_callback &&
806  	    !(*priv->present_callback)(priv->card)) {
807  		dev->stats.tx_errors++;
808  		dev_kfree_skb(skb);
809  		return NETDEV_TX_OK;
810  	}
811  
812  	if (priv->station_state != STATION_STATE_READY) {
813  		dev->stats.tx_errors++;
814  		dev_kfree_skb(skb);
815  		return NETDEV_TX_OK;
816  	}
817  
818  	/* first ensure the timer func cannot run */
819  	spin_lock_bh(&priv->timerlock);
820  	/* then stop the hardware ISR */
821  	spin_lock_irqsave(&priv->irqlock, flags);
822  	/* nb doing the above in the opposite order will deadlock */
823  
824  	/* The Wireless Header is 30 bytes. In the Ethernet packet we "cut" the
825  	   12 first bytes (containing DA/SA) and put them in the appropriate
826  	   fields of the Wireless Header. Thus the packet length is then the
827  	   initial + 18 (+30-12) */
828  
829  	if (!(buff = find_tx_buff(priv, len + 18))) {
830  		dev->stats.tx_dropped++;
831  		spin_unlock_irqrestore(&priv->irqlock, flags);
832  		spin_unlock_bh(&priv->timerlock);
833  		netif_stop_queue(dev);
834  		return NETDEV_TX_BUSY;
835  	}
836  
837  	frame_ctl = IEEE80211_FTYPE_DATA;
838  	header.duration_id = 0;
839  	header.seq_ctrl = 0;
840  	if (priv->wep_is_on)
841  		frame_ctl |= IEEE80211_FCTL_PROTECTED;
842  	if (priv->operating_mode == IW_MODE_ADHOC) {
843  		skb_copy_from_linear_data(skb, &header.addr1, ETH_ALEN);
844  		memcpy(&header.addr2, dev->dev_addr, ETH_ALEN);
845  		memcpy(&header.addr3, priv->BSSID, ETH_ALEN);
846  	} else {
847  		frame_ctl |= IEEE80211_FCTL_TODS;
848  		memcpy(&header.addr1, priv->CurrentBSSID, ETH_ALEN);
849  		memcpy(&header.addr2, dev->dev_addr, ETH_ALEN);
850  		skb_copy_from_linear_data(skb, &header.addr3, ETH_ALEN);
851  	}
852  
853  	if (priv->use_wpa)
854  		memcpy(&header.addr4, rfc1042_header, ETH_ALEN);
855  
856  	header.frame_control = cpu_to_le16(frame_ctl);
857  	/* Copy the wireless header into the card */
858  	atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE);
859  	/* Copy the packet sans its 802.3 header addresses which have been replaced */
860  	atmel_copy_to_card(dev, buff + DATA_FRAME_WS_HEADER_SIZE, skb->data + 12, len - 12);
861  	priv->tx_buff_tail += len - 12 + DATA_FRAME_WS_HEADER_SIZE;
862  
863  	/* low bit of first byte of destination tells us if broadcast */
864  	tx_update_descriptor(priv, *(skb->data) & 0x01, len + 18, buff, TX_PACKET_TYPE_DATA);
865  	dev->stats.tx_bytes += len;
866  
867  	spin_unlock_irqrestore(&priv->irqlock, flags);
868  	spin_unlock_bh(&priv->timerlock);
869  	dev_kfree_skb(skb);
870  
871  	return NETDEV_TX_OK;
872  }
873  
atmel_transmit_management_frame(struct atmel_private * priv,struct ieee80211_hdr * header,u8 * body,int body_len)874  static void atmel_transmit_management_frame(struct atmel_private *priv,
875  					    struct ieee80211_hdr *header,
876  					    u8 *body, int body_len)
877  {
878  	u16 buff;
879  	int len = MGMT_FRAME_BODY_OFFSET + body_len;
880  
881  	if (!(buff = find_tx_buff(priv, len)))
882  		return;
883  
884  	atmel_copy_to_card(priv->dev, buff, (u8 *)header, MGMT_FRAME_BODY_OFFSET);
885  	atmel_copy_to_card(priv->dev, buff + MGMT_FRAME_BODY_OFFSET, body, body_len);
886  	priv->tx_buff_tail += len;
887  	tx_update_descriptor(priv, header->addr1[0] & 0x01, len, buff, TX_PACKET_TYPE_MGMT);
888  }
889  
fast_rx_path(struct atmel_private * priv,struct ieee80211_hdr * header,u16 msdu_size,u16 rx_packet_loc,u32 crc)890  static void fast_rx_path(struct atmel_private *priv,
891  			 struct ieee80211_hdr *header,
892  			 u16 msdu_size, u16 rx_packet_loc, u32 crc)
893  {
894  	/* fast path: unfragmented packet copy directly into skbuf */
895  	u8 mac4[6];
896  	struct sk_buff	*skb;
897  	unsigned char *skbp;
898  
899  	/* get the final, mac 4 header field, this tells us encapsulation */
900  	atmel_copy_to_host(priv->dev, mac4, rx_packet_loc + 24, 6);
901  	msdu_size -= 6;
902  
903  	if (priv->do_rx_crc) {
904  		crc = crc32_le(crc, mac4, 6);
905  		msdu_size -= 4;
906  	}
907  
908  	if (!(skb = dev_alloc_skb(msdu_size + 14))) {
909  		priv->dev->stats.rx_dropped++;
910  		return;
911  	}
912  
913  	skb_reserve(skb, 2);
914  	skbp = skb_put(skb, msdu_size + 12);
915  	atmel_copy_to_host(priv->dev, skbp + 12, rx_packet_loc + 30, msdu_size);
916  
917  	if (priv->do_rx_crc) {
918  		u32 netcrc;
919  		crc = crc32_le(crc, skbp + 12, msdu_size);
920  		atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + 30 + msdu_size, 4);
921  		if ((crc ^ 0xffffffff) != netcrc) {
922  			priv->dev->stats.rx_crc_errors++;
923  			dev_kfree_skb(skb);
924  			return;
925  		}
926  	}
927  
928  	memcpy(skbp, header->addr1, ETH_ALEN); /* destination address */
929  	if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
930  		memcpy(&skbp[ETH_ALEN], header->addr3, ETH_ALEN);
931  	else
932  		memcpy(&skbp[ETH_ALEN], header->addr2, ETH_ALEN); /* source address */
933  
934  	skb->protocol = eth_type_trans(skb, priv->dev);
935  	skb->ip_summed = CHECKSUM_NONE;
936  	netif_rx(skb);
937  	priv->dev->stats.rx_bytes += 12 + msdu_size;
938  	priv->dev->stats.rx_packets++;
939  }
940  
941  /* Test to see if the packet in card memory at packet_loc has a valid CRC
942     It doesn't matter that this is slow: it is only used to proble the first few
943     packets. */
probe_crc(struct atmel_private * priv,u16 packet_loc,u16 msdu_size)944  static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size)
945  {
946  	int i = msdu_size - 4;
947  	u32 netcrc, crc = 0xffffffff;
948  
949  	if (msdu_size < 4)
950  		return 0;
951  
952  	atmel_copy_to_host(priv->dev, (void *)&netcrc, packet_loc + i, 4);
953  
954  	atmel_writeAR(priv->dev, packet_loc);
955  	while (i--) {
956  		u8 octet = atmel_read8(priv->dev, DR);
957  		crc = crc32_le(crc, &octet, 1);
958  	}
959  
960  	return (crc ^ 0xffffffff) == netcrc;
961  }
962  
frag_rx_path(struct atmel_private * priv,struct ieee80211_hdr * header,u16 msdu_size,u16 rx_packet_loc,u32 crc,u16 seq_no,u8 frag_no,int more_frags)963  static void frag_rx_path(struct atmel_private *priv,
964  			 struct ieee80211_hdr *header,
965  			 u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no,
966  			 u8 frag_no, int more_frags)
967  {
968  	u8 mac4[ETH_ALEN];
969  	u8 source[ETH_ALEN];
970  	struct sk_buff *skb;
971  
972  	if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
973  		memcpy(source, header->addr3, ETH_ALEN);
974  	else
975  		memcpy(source, header->addr2, ETH_ALEN);
976  
977  	rx_packet_loc += 24; /* skip header */
978  
979  	if (priv->do_rx_crc)
980  		msdu_size -= 4;
981  
982  	if (frag_no == 0) { /* first fragment */
983  		atmel_copy_to_host(priv->dev, mac4, rx_packet_loc, ETH_ALEN);
984  		msdu_size -= ETH_ALEN;
985  		rx_packet_loc += ETH_ALEN;
986  
987  		if (priv->do_rx_crc)
988  			crc = crc32_le(crc, mac4, 6);
989  
990  		priv->frag_seq = seq_no;
991  		priv->frag_no = 1;
992  		priv->frag_len = msdu_size;
993  		memcpy(priv->frag_source, source, ETH_ALEN);
994  		memcpy(&priv->rx_buf[ETH_ALEN], source, ETH_ALEN);
995  		memcpy(priv->rx_buf, header->addr1, ETH_ALEN);
996  
997  		atmel_copy_to_host(priv->dev, &priv->rx_buf[12], rx_packet_loc, msdu_size);
998  
999  		if (priv->do_rx_crc) {
1000  			u32 netcrc;
1001  			crc = crc32_le(crc, &priv->rx_buf[12], msdu_size);
1002  			atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1003  			if ((crc ^ 0xffffffff) != netcrc) {
1004  				priv->dev->stats.rx_crc_errors++;
1005  				eth_broadcast_addr(priv->frag_source);
1006  			}
1007  		}
1008  
1009  	} else if (priv->frag_no == frag_no &&
1010  		   priv->frag_seq == seq_no &&
1011  		   memcmp(priv->frag_source, source, ETH_ALEN) == 0) {
1012  
1013  		atmel_copy_to_host(priv->dev, &priv->rx_buf[12 + priv->frag_len],
1014  				   rx_packet_loc, msdu_size);
1015  		if (priv->do_rx_crc) {
1016  			u32 netcrc;
1017  			crc = crc32_le(crc,
1018  				       &priv->rx_buf[12 + priv->frag_len],
1019  				       msdu_size);
1020  			atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1021  			if ((crc ^ 0xffffffff) != netcrc) {
1022  				priv->dev->stats.rx_crc_errors++;
1023  				eth_broadcast_addr(priv->frag_source);
1024  				more_frags = 1; /* don't send broken assembly */
1025  			}
1026  		}
1027  
1028  		priv->frag_len += msdu_size;
1029  		priv->frag_no++;
1030  
1031  		if (!more_frags) { /* last one */
1032  			eth_broadcast_addr(priv->frag_source);
1033  			if (!(skb = dev_alloc_skb(priv->frag_len + 14))) {
1034  				priv->dev->stats.rx_dropped++;
1035  			} else {
1036  				skb_reserve(skb, 2);
1037  				skb_put_data(skb, priv->rx_buf,
1038  				             priv->frag_len + 12);
1039  				skb->protocol = eth_type_trans(skb, priv->dev);
1040  				skb->ip_summed = CHECKSUM_NONE;
1041  				netif_rx(skb);
1042  				priv->dev->stats.rx_bytes += priv->frag_len + 12;
1043  				priv->dev->stats.rx_packets++;
1044  			}
1045  		}
1046  	} else
1047  		priv->wstats.discard.fragment++;
1048  }
1049  
rx_done_irq(struct atmel_private * priv)1050  static void rx_done_irq(struct atmel_private *priv)
1051  {
1052  	int i;
1053  	struct ieee80211_hdr header;
1054  
1055  	for (i = 0;
1056  	     atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID &&
1057  		     i < priv->host_info.rx_desc_count;
1058  	     i++) {
1059  
1060  		u16 msdu_size, rx_packet_loc, frame_ctl, seq_control;
1061  		u8 status = atmel_rmem8(priv, atmel_rx(priv, RX_DESC_STATUS_OFFSET, priv->rx_desc_head));
1062  		u32 crc = 0xffffffff;
1063  
1064  		if (status != RX_STATUS_SUCCESS) {
1065  			if (status == 0xc1) /* determined by experiment */
1066  				priv->wstats.discard.nwid++;
1067  			else
1068  				priv->dev->stats.rx_errors++;
1069  			goto next;
1070  		}
1071  
1072  		msdu_size = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_SIZE_OFFSET, priv->rx_desc_head));
1073  		rx_packet_loc = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_POS_OFFSET, priv->rx_desc_head));
1074  
1075  		if (msdu_size < 30) {
1076  			priv->dev->stats.rx_errors++;
1077  			goto next;
1078  		}
1079  
1080  		/* Get header as far as end of seq_ctrl */
1081  		atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24);
1082  		frame_ctl = le16_to_cpu(header.frame_control);
1083  		seq_control = le16_to_cpu(header.seq_ctrl);
1084  
1085  		/* probe for CRC use here if needed  once five packets have
1086  		   arrived with the same crc status, we assume we know what's
1087  		   happening and stop probing */
1088  		if (priv->probe_crc) {
1089  			if (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED)) {
1090  				priv->do_rx_crc = probe_crc(priv, rx_packet_loc, msdu_size);
1091  			} else {
1092  				priv->do_rx_crc = probe_crc(priv, rx_packet_loc + 24, msdu_size - 24);
1093  			}
1094  			if (priv->do_rx_crc) {
1095  				if (priv->crc_ok_cnt++ > 5)
1096  					priv->probe_crc = 0;
1097  			} else {
1098  				if (priv->crc_ko_cnt++ > 5)
1099  					priv->probe_crc = 0;
1100  			}
1101  		}
1102  
1103  		/* don't CRC header when WEP in use */
1104  		if (priv->do_rx_crc && (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED))) {
1105  			crc = crc32_le(0xffffffff, (unsigned char *)&header, 24);
1106  		}
1107  		msdu_size -= 24; /* header */
1108  
1109  		if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) {
1110  			int more_fragments = frame_ctl & IEEE80211_FCTL_MOREFRAGS;
1111  			u8 packet_fragment_no = seq_control & IEEE80211_SCTL_FRAG;
1112  			u16 packet_sequence_no = (seq_control & IEEE80211_SCTL_SEQ) >> 4;
1113  
1114  			if (!more_fragments && packet_fragment_no == 0) {
1115  				fast_rx_path(priv, &header, msdu_size, rx_packet_loc, crc);
1116  			} else {
1117  				frag_rx_path(priv, &header, msdu_size, rx_packet_loc, crc,
1118  					     packet_sequence_no, packet_fragment_no, more_fragments);
1119  			}
1120  		}
1121  
1122  		if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1123  			/* copy rest of packet into buffer */
1124  			atmel_copy_to_host(priv->dev, (unsigned char *)&priv->rx_buf, rx_packet_loc + 24, msdu_size);
1125  
1126  			/* we use the same buffer for frag reassembly and control packets */
1127  			eth_broadcast_addr(priv->frag_source);
1128  
1129  			if (priv->do_rx_crc) {
1130  				/* last 4 octets is crc */
1131  				msdu_size -= 4;
1132  				crc = crc32_le(crc, (unsigned char *)&priv->rx_buf, msdu_size);
1133  				if ((crc ^ 0xffffffff) != (*((u32 *)&priv->rx_buf[msdu_size]))) {
1134  					priv->dev->stats.rx_crc_errors++;
1135  					goto next;
1136  				}
1137  			}
1138  
1139  			atmel_management_frame(priv, &header, msdu_size,
1140  					       atmel_rmem8(priv, atmel_rx(priv, RX_DESC_RSSI_OFFSET, priv->rx_desc_head)));
1141  		}
1142  
1143  next:
1144  		/* release descriptor */
1145  		atmel_wmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head), RX_DESC_FLAG_CONSUMED);
1146  
1147  		if (priv->rx_desc_head < (priv->host_info.rx_desc_count - 1))
1148  			priv->rx_desc_head++;
1149  		else
1150  			priv->rx_desc_head = 0;
1151  	}
1152  }
1153  
service_interrupt(int irq,void * dev_id)1154  static irqreturn_t service_interrupt(int irq, void *dev_id)
1155  {
1156  	struct net_device *dev = (struct net_device *) dev_id;
1157  	struct atmel_private *priv = netdev_priv(dev);
1158  	u8 isr;
1159  	int i = -1;
1160  	static const u8 irq_order[] = {
1161  		ISR_OUT_OF_RANGE,
1162  		ISR_RxCOMPLETE,
1163  		ISR_TxCOMPLETE,
1164  		ISR_RxFRAMELOST,
1165  		ISR_FATAL_ERROR,
1166  		ISR_COMMAND_COMPLETE,
1167  		ISR_IBSS_MERGE,
1168  		ISR_GENERIC_IRQ
1169  	};
1170  
1171  	if (priv->card && priv->present_callback &&
1172  	    !(*priv->present_callback)(priv->card))
1173  		return IRQ_HANDLED;
1174  
1175  	/* In this state upper-level code assumes it can mess with
1176  	   the card unhampered by interrupts which may change register state.
1177  	   Note that even though the card shouldn't generate interrupts
1178  	   the inturrupt line may be shared. This allows card setup
1179  	   to go on without disabling interrupts for a long time. */
1180  	if (priv->station_state == STATION_STATE_DOWN)
1181  		return IRQ_NONE;
1182  
1183  	atmel_clear_gcr(dev, GCR_ENINT); /* disable interrupts */
1184  
1185  	while (1) {
1186  		if (!atmel_lock_mac(priv)) {
1187  			/* failed to contact card */
1188  			printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1189  			return IRQ_HANDLED;
1190  		}
1191  
1192  		isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1193  		atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1194  
1195  		if (!isr) {
1196  			atmel_set_gcr(dev, GCR_ENINT); /* enable interrupts */
1197  			return i == -1 ? IRQ_NONE : IRQ_HANDLED;
1198  		}
1199  
1200  		atmel_set_gcr(dev, GCR_ACKINT); /* acknowledge interrupt */
1201  
1202  		for (i = 0; i < ARRAY_SIZE(irq_order); i++)
1203  			if (isr & irq_order[i])
1204  				break;
1205  
1206  		if (!atmel_lock_mac(priv)) {
1207  			/* failed to contact card */
1208  			printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1209  			return IRQ_HANDLED;
1210  		}
1211  
1212  		isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1213  		isr ^= irq_order[i];
1214  		atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET), isr);
1215  		atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1216  
1217  		switch (irq_order[i]) {
1218  
1219  		case ISR_OUT_OF_RANGE:
1220  			if (priv->operating_mode == IW_MODE_INFRA &&
1221  			    priv->station_state == STATION_STATE_READY) {
1222  				priv->station_is_associated = 0;
1223  				atmel_scan(priv, 1);
1224  			}
1225  			break;
1226  
1227  		case ISR_RxFRAMELOST:
1228  			priv->wstats.discard.misc++;
1229  			fallthrough;
1230  		case ISR_RxCOMPLETE:
1231  			rx_done_irq(priv);
1232  			break;
1233  
1234  		case ISR_TxCOMPLETE:
1235  			tx_done_irq(priv);
1236  			break;
1237  
1238  		case ISR_FATAL_ERROR:
1239  			printk(KERN_ALERT "%s: *** FATAL error interrupt ***\n", dev->name);
1240  			atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
1241  			break;
1242  
1243  		case ISR_COMMAND_COMPLETE:
1244  			atmel_command_irq(priv);
1245  			break;
1246  
1247  		case ISR_IBSS_MERGE:
1248  			atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
1249  				      priv->CurrentBSSID, 6);
1250  			/* The WPA stuff cares about the current AP address */
1251  			if (priv->use_wpa)
1252  				build_wpa_mib(priv);
1253  			break;
1254  		case ISR_GENERIC_IRQ:
1255  			printk(KERN_INFO "%s: Generic_irq received.\n", dev->name);
1256  			break;
1257  		}
1258  	}
1259  }
1260  
atmel_get_wireless_stats(struct net_device * dev)1261  static struct iw_statistics *atmel_get_wireless_stats(struct net_device *dev)
1262  {
1263  	struct atmel_private *priv = netdev_priv(dev);
1264  
1265  	/* update the link quality here in case we are seeing no beacons
1266  	   at all to drive the process */
1267  	atmel_smooth_qual(priv);
1268  
1269  	priv->wstats.status = priv->station_state;
1270  
1271  	if (priv->operating_mode == IW_MODE_INFRA) {
1272  		if (priv->station_state != STATION_STATE_READY) {
1273  			priv->wstats.qual.qual = 0;
1274  			priv->wstats.qual.level = 0;
1275  			priv->wstats.qual.updated = (IW_QUAL_QUAL_INVALID
1276  					| IW_QUAL_LEVEL_INVALID);
1277  		}
1278  		priv->wstats.qual.noise = 0;
1279  		priv->wstats.qual.updated |= IW_QUAL_NOISE_INVALID;
1280  	} else {
1281  		/* Quality levels cannot be determined in ad-hoc mode,
1282  		   because we can 'hear' more that one remote station. */
1283  		priv->wstats.qual.qual = 0;
1284  		priv->wstats.qual.level	= 0;
1285  		priv->wstats.qual.noise	= 0;
1286  		priv->wstats.qual.updated = IW_QUAL_QUAL_INVALID
1287  					| IW_QUAL_LEVEL_INVALID
1288  					| IW_QUAL_NOISE_INVALID;
1289  		priv->wstats.miss.beacon = 0;
1290  	}
1291  
1292  	return &priv->wstats;
1293  }
1294  
atmel_set_mac_address(struct net_device * dev,void * p)1295  static int atmel_set_mac_address(struct net_device *dev, void *p)
1296  {
1297  	struct sockaddr *addr = p;
1298  
1299  	eth_hw_addr_set(dev, addr->sa_data);
1300  	return atmel_open(dev);
1301  }
1302  
1303  EXPORT_SYMBOL(atmel_open);
1304  
atmel_open(struct net_device * dev)1305  int atmel_open(struct net_device *dev)
1306  {
1307  	struct atmel_private *priv = netdev_priv(dev);
1308  	int i, channel, err;
1309  
1310  	/* any scheduled timer is no longer needed and might screw things up.. */
1311  	del_timer_sync(&priv->management_timer);
1312  
1313  	/* Interrupts will not touch the card once in this state... */
1314  	priv->station_state = STATION_STATE_DOWN;
1315  
1316  	if (priv->new_SSID_size) {
1317  		memcpy(priv->SSID, priv->new_SSID, priv->new_SSID_size);
1318  		priv->SSID_size = priv->new_SSID_size;
1319  		priv->new_SSID_size = 0;
1320  	}
1321  	priv->BSS_list_entries = 0;
1322  
1323  	priv->AuthenticationRequestRetryCnt = 0;
1324  	priv->AssociationRequestRetryCnt = 0;
1325  	priv->ReAssociationRequestRetryCnt = 0;
1326  	priv->CurrentAuthentTransactionSeqNum = 0x0001;
1327  	priv->ExpectedAuthentTransactionSeqNum = 0x0002;
1328  
1329  	priv->site_survey_state = SITE_SURVEY_IDLE;
1330  	priv->station_is_associated = 0;
1331  
1332  	err = reset_atmel_card(dev);
1333  	if (err)
1334  		return err;
1335  
1336  	if (priv->config_reg_domain) {
1337  		priv->reg_domain = priv->config_reg_domain;
1338  		atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS, priv->reg_domain);
1339  	} else {
1340  		priv->reg_domain = atmel_get_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS);
1341  		for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1342  			if (priv->reg_domain == channel_table[i].reg_domain)
1343  				break;
1344  		if (i == ARRAY_SIZE(channel_table)) {
1345  			priv->reg_domain = REG_DOMAIN_MKK1;
1346  			printk(KERN_ALERT "%s: failed to get regulatory domain: assuming MKK1.\n", dev->name);
1347  		}
1348  	}
1349  
1350  	if ((channel = atmel_validate_channel(priv, priv->channel)))
1351  		priv->channel = channel;
1352  
1353  	/* this moves station_state on.... */
1354  	atmel_scan(priv, 1);
1355  
1356  	atmel_set_gcr(priv->dev, GCR_ENINT); /* enable interrupts */
1357  	return 0;
1358  }
1359  
atmel_close(struct net_device * dev)1360  static int atmel_close(struct net_device *dev)
1361  {
1362  	struct atmel_private *priv = netdev_priv(dev);
1363  
1364  	/* Send event to userspace that we are disassociating */
1365  	if (priv->station_state == STATION_STATE_READY) {
1366  		union iwreq_data wrqu;
1367  
1368  		wrqu.data.length = 0;
1369  		wrqu.data.flags = 0;
1370  		wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1371  		eth_zero_addr(wrqu.ap_addr.sa_data);
1372  		wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
1373  	}
1374  
1375  	atmel_enter_state(priv, STATION_STATE_DOWN);
1376  
1377  	if (priv->bus_type == BUS_TYPE_PCCARD)
1378  		atmel_write16(dev, GCR, 0x0060);
1379  	atmel_write16(dev, GCR, 0x0040);
1380  	return 0;
1381  }
1382  
atmel_validate_channel(struct atmel_private * priv,int channel)1383  static int atmel_validate_channel(struct atmel_private *priv, int channel)
1384  {
1385  	/* check that channel is OK, if so return zero,
1386  	   else return suitable default channel */
1387  	int i;
1388  
1389  	for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1390  		if (priv->reg_domain == channel_table[i].reg_domain) {
1391  			if (channel >= channel_table[i].min &&
1392  			    channel <= channel_table[i].max)
1393  				return 0;
1394  			else
1395  				return channel_table[i].min;
1396  		}
1397  	return 0;
1398  }
1399  
1400  #ifdef CONFIG_PROC_FS
atmel_proc_show(struct seq_file * m,void * v)1401  static int atmel_proc_show(struct seq_file *m, void *v)
1402  {
1403  	struct atmel_private *priv = m->private;
1404  	int i;
1405  	char *s, *r, *c;
1406  
1407  	seq_printf(m, "Driver version:\t\t%d.%d\n", DRIVER_MAJOR, DRIVER_MINOR);
1408  
1409  	if (priv->station_state != STATION_STATE_DOWN) {
1410  		seq_printf(m,
1411  			   "Firmware version:\t%d.%d build %d\n"
1412  			   "Firmware location:\t",
1413  			   priv->host_info.major_version,
1414  			   priv->host_info.minor_version,
1415  			   priv->host_info.build_version);
1416  
1417  		if (priv->card_type != CARD_TYPE_EEPROM)
1418  			seq_puts(m, "on card\n");
1419  		else if (priv->firmware)
1420  			seq_printf(m, "%s loaded by host\n", priv->firmware_id);
1421  		else
1422  			seq_printf(m, "%s loaded by hotplug\n", priv->firmware_id);
1423  
1424  		switch (priv->card_type) {
1425  		case CARD_TYPE_PARALLEL_FLASH:
1426  			c = "Parallel flash";
1427  			break;
1428  		case CARD_TYPE_SPI_FLASH:
1429  			c = "SPI flash\n";
1430  			break;
1431  		case CARD_TYPE_EEPROM:
1432  			c = "EEPROM";
1433  			break;
1434  		default:
1435  			c = "<unknown>";
1436  		}
1437  
1438  		r = "<unknown>";
1439  		for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1440  			if (priv->reg_domain == channel_table[i].reg_domain)
1441  				r = channel_table[i].name;
1442  
1443  		seq_printf(m, "MAC memory type:\t%s\n", c);
1444  		seq_printf(m, "Regulatory domain:\t%s\n", r);
1445  		seq_printf(m, "Host CRC checking:\t%s\n",
1446  			 priv->do_rx_crc ? "On" : "Off");
1447  		seq_printf(m, "WPA-capable firmware:\t%s\n",
1448  			 priv->use_wpa ? "Yes" : "No");
1449  	}
1450  
1451  	switch (priv->station_state) {
1452  	case STATION_STATE_SCANNING:
1453  		s = "Scanning";
1454  		break;
1455  	case STATION_STATE_JOINNING:
1456  		s = "Joining";
1457  		break;
1458  	case STATION_STATE_AUTHENTICATING:
1459  		s = "Authenticating";
1460  		break;
1461  	case STATION_STATE_ASSOCIATING:
1462  		s = "Associating";
1463  		break;
1464  	case STATION_STATE_READY:
1465  		s = "Ready";
1466  		break;
1467  	case STATION_STATE_REASSOCIATING:
1468  		s = "Reassociating";
1469  		break;
1470  	case STATION_STATE_MGMT_ERROR:
1471  		s = "Management error";
1472  		break;
1473  	case STATION_STATE_DOWN:
1474  		s = "Down";
1475  		break;
1476  	default:
1477  		s = "<unknown>";
1478  	}
1479  
1480  	seq_printf(m, "Current state:\t\t%s\n", s);
1481  	return 0;
1482  }
1483  #endif
1484  
1485  static const struct net_device_ops atmel_netdev_ops = {
1486  	.ndo_open 		= atmel_open,
1487  	.ndo_stop		= atmel_close,
1488  	.ndo_set_mac_address 	= atmel_set_mac_address,
1489  	.ndo_start_xmit 	= start_tx,
1490  	.ndo_do_ioctl 		= atmel_ioctl,
1491  	.ndo_validate_addr	= eth_validate_addr,
1492  };
1493  
init_atmel_card(unsigned short irq,unsigned long port,const AtmelFWType fw_type,struct device * sys_dev,int (* card_present)(void *),void * card)1494  struct net_device *init_atmel_card(unsigned short irq, unsigned long port,
1495  				   const AtmelFWType fw_type,
1496  				   struct device *sys_dev,
1497  				   int (*card_present)(void *), void *card)
1498  {
1499  	struct net_device *dev;
1500  	struct atmel_private *priv;
1501  	int rc;
1502  
1503  	/* Create the network device object. */
1504  	dev = alloc_etherdev(sizeof(*priv));
1505  	if (!dev)
1506  		return NULL;
1507  
1508  	if (dev_alloc_name(dev, dev->name) < 0) {
1509  		printk(KERN_ERR "atmel: Couldn't get name!\n");
1510  		goto err_out_free;
1511  	}
1512  
1513  	priv = netdev_priv(dev);
1514  	priv->dev = dev;
1515  	priv->sys_dev = sys_dev;
1516  	priv->present_callback = card_present;
1517  	priv->card = card;
1518  	priv->firmware = NULL;
1519  	priv->firmware_type = fw_type;
1520  	if (firmware) /* module parameter */
1521  		strscpy(priv->firmware_id, firmware, sizeof(priv->firmware_id));
1522  	priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI;
1523  	priv->station_state = STATION_STATE_DOWN;
1524  	priv->do_rx_crc = 0;
1525  	/* For PCMCIA cards, some chips need CRC, some don't
1526  	   so we have to probe. */
1527  	if (priv->bus_type == BUS_TYPE_PCCARD) {
1528  		priv->probe_crc = 1;
1529  		priv->crc_ok_cnt = priv->crc_ko_cnt = 0;
1530  	} else
1531  		priv->probe_crc = 0;
1532  	priv->last_qual = jiffies;
1533  	priv->last_beacon_timestamp = 0;
1534  	memset(priv->frag_source, 0xff, sizeof(priv->frag_source));
1535  	eth_zero_addr(priv->BSSID);
1536  	priv->CurrentBSSID[0] = 0xFF; /* Initialize to something invalid.... */
1537  	priv->station_was_associated = 0;
1538  
1539  	priv->last_survey = jiffies;
1540  	priv->preamble = LONG_PREAMBLE;
1541  	priv->operating_mode = IW_MODE_INFRA;
1542  	priv->connect_to_any_BSS = 0;
1543  	priv->config_reg_domain = 0;
1544  	priv->reg_domain = 0;
1545  	priv->tx_rate = 3;
1546  	priv->auto_tx_rate = 1;
1547  	priv->channel = 4;
1548  	priv->power_mode = 0;
1549  	priv->SSID[0] = '\0';
1550  	priv->SSID_size = 0;
1551  	priv->new_SSID_size = 0;
1552  	priv->frag_threshold = 2346;
1553  	priv->rts_threshold = 2347;
1554  	priv->short_retry = 7;
1555  	priv->long_retry = 4;
1556  
1557  	priv->wep_is_on = 0;
1558  	priv->default_key = 0;
1559  	priv->encryption_level = 0;
1560  	priv->exclude_unencrypted = 0;
1561  	priv->group_cipher_suite = priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1562  	priv->use_wpa = 0;
1563  	memset(priv->wep_keys, 0, sizeof(priv->wep_keys));
1564  	memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len));
1565  
1566  	priv->default_beacon_period = priv->beacon_period = 100;
1567  	priv->listen_interval = 1;
1568  
1569  	timer_setup(&priv->management_timer, atmel_management_timer, 0);
1570  	spin_lock_init(&priv->irqlock);
1571  	spin_lock_init(&priv->timerlock);
1572  
1573  	dev->netdev_ops = &atmel_netdev_ops;
1574  	dev->wireless_handlers = &atmel_handler_def;
1575  	dev->irq = irq;
1576  	dev->base_addr = port;
1577  
1578  	/* MTU range: 68 - 2312 */
1579  	dev->min_mtu = 68;
1580  	dev->max_mtu = MAX_WIRELESS_BODY - ETH_FCS_LEN;
1581  
1582  	SET_NETDEV_DEV(dev, sys_dev);
1583  
1584  	if ((rc = request_irq(dev->irq, service_interrupt, IRQF_SHARED, dev->name, dev))) {
1585  		printk(KERN_ERR "%s: register interrupt %d failed, rc %d\n", dev->name, irq, rc);
1586  		goto err_out_free;
1587  	}
1588  
1589  	if (!request_region(dev->base_addr, 32,
1590  			    priv->bus_type == BUS_TYPE_PCCARD ?  "atmel_cs" : "atmel_pci")) {
1591  		goto err_out_irq;
1592  	}
1593  
1594  	if (register_netdev(dev))
1595  		goto err_out_res;
1596  
1597  	if (!probe_atmel_card(dev)) {
1598  		unregister_netdev(dev);
1599  		goto err_out_res;
1600  	}
1601  
1602  	netif_carrier_off(dev);
1603  
1604  	if (!proc_create_single_data("driver/atmel", 0, NULL, atmel_proc_show,
1605  			priv))
1606  		printk(KERN_WARNING "atmel: unable to create /proc entry.\n");
1607  
1608  	printk(KERN_INFO "%s: Atmel at76c50x. Version %d.%d. MAC %pM\n",
1609  	       dev->name, DRIVER_MAJOR, DRIVER_MINOR, dev->dev_addr);
1610  
1611  	return dev;
1612  
1613  err_out_res:
1614  	release_region(dev->base_addr, 32);
1615  err_out_irq:
1616  	free_irq(dev->irq, dev);
1617  err_out_free:
1618  	free_netdev(dev);
1619  	return NULL;
1620  }
1621  
1622  EXPORT_SYMBOL(init_atmel_card);
1623  
stop_atmel_card(struct net_device * dev)1624  void stop_atmel_card(struct net_device *dev)
1625  {
1626  	struct atmel_private *priv = netdev_priv(dev);
1627  
1628  	/* put a brick on it... */
1629  	if (priv->bus_type == BUS_TYPE_PCCARD)
1630  		atmel_write16(dev, GCR, 0x0060);
1631  	atmel_write16(dev, GCR, 0x0040);
1632  
1633  	del_timer_sync(&priv->management_timer);
1634  	unregister_netdev(dev);
1635  	remove_proc_entry("driver/atmel", NULL);
1636  	free_irq(dev->irq, dev);
1637  	kfree(priv->firmware);
1638  	release_region(dev->base_addr, 32);
1639  	free_netdev(dev);
1640  }
1641  
1642  EXPORT_SYMBOL(stop_atmel_card);
1643  
atmel_set_essid(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1644  static int atmel_set_essid(struct net_device *dev,
1645  			   struct iw_request_info *info,
1646  			   union iwreq_data *wrqu,
1647  			   char *extra)
1648  {
1649  	struct iw_point *dwrq = &wrqu->essid;
1650  	struct atmel_private *priv = netdev_priv(dev);
1651  
1652  	/* Check if we asked for `any' */
1653  	if (dwrq->flags == 0) {
1654  		priv->connect_to_any_BSS = 1;
1655  	} else {
1656  		int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1657  
1658  		priv->connect_to_any_BSS = 0;
1659  
1660  		/* Check the size of the string */
1661  		if (dwrq->length > MAX_SSID_LENGTH)
1662  			 return -E2BIG;
1663  		if (index != 0)
1664  			return -EINVAL;
1665  
1666  		memcpy(priv->new_SSID, extra, dwrq->length);
1667  		priv->new_SSID_size = dwrq->length;
1668  	}
1669  
1670  	return -EINPROGRESS;
1671  }
1672  
atmel_get_essid(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1673  static int atmel_get_essid(struct net_device *dev,
1674  			   struct iw_request_info *info,
1675  			   union iwreq_data *wrqu,
1676  			   char *extra)
1677  {
1678  	struct iw_point *dwrq = &wrqu->essid;
1679  	struct atmel_private *priv = netdev_priv(dev);
1680  
1681  	/* Get the current SSID */
1682  	if (priv->new_SSID_size != 0) {
1683  		memcpy(extra, priv->new_SSID, priv->new_SSID_size);
1684  		dwrq->length = priv->new_SSID_size;
1685  	} else {
1686  		memcpy(extra, priv->SSID, priv->SSID_size);
1687  		dwrq->length = priv->SSID_size;
1688  	}
1689  
1690  	dwrq->flags = !priv->connect_to_any_BSS; /* active */
1691  
1692  	return 0;
1693  }
1694  
atmel_get_wap(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1695  static int atmel_get_wap(struct net_device *dev,
1696  			 struct iw_request_info *info,
1697  			 union iwreq_data *wrqu,
1698  			 char *extra)
1699  {
1700  	struct sockaddr *awrq = &wrqu->ap_addr;
1701  	struct atmel_private *priv = netdev_priv(dev);
1702  	memcpy(awrq->sa_data, priv->CurrentBSSID, ETH_ALEN);
1703  	awrq->sa_family = ARPHRD_ETHER;
1704  
1705  	return 0;
1706  }
1707  
atmel_set_encode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1708  static int atmel_set_encode(struct net_device *dev,
1709  			    struct iw_request_info *info,
1710  			    union iwreq_data *wrqu,
1711  			    char *extra)
1712  {
1713  	struct iw_point *dwrq = &wrqu->encoding;
1714  	struct atmel_private *priv = netdev_priv(dev);
1715  
1716  	/* Basic checking: do we have a key to set ?
1717  	 * Note : with the new API, it's impossible to get a NULL pointer.
1718  	 * Therefore, we need to check a key size == 0 instead.
1719  	 * New version of iwconfig properly set the IW_ENCODE_NOKEY flag
1720  	 * when no key is present (only change flags), but older versions
1721  	 * don't do it. - Jean II */
1722  	if (dwrq->length > 0) {
1723  		int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1724  		int current_index = priv->default_key;
1725  		/* Check the size of the key */
1726  		if (dwrq->length > 13) {
1727  			return -EINVAL;
1728  		}
1729  		/* Check the index (none -> use current) */
1730  		if (index < 0 || index >= 4)
1731  			index = current_index;
1732  		else
1733  			priv->default_key = index;
1734  		/* Set the length */
1735  		if (dwrq->length > 5)
1736  			priv->wep_key_len[index] = 13;
1737  		else
1738  			if (dwrq->length > 0)
1739  				priv->wep_key_len[index] = 5;
1740  			else
1741  				/* Disable the key */
1742  				priv->wep_key_len[index] = 0;
1743  		/* Check if the key is not marked as invalid */
1744  		if (!(dwrq->flags & IW_ENCODE_NOKEY)) {
1745  			/* Cleanup */
1746  			memset(priv->wep_keys[index], 0, 13);
1747  			/* Copy the key in the driver */
1748  			memcpy(priv->wep_keys[index], extra, dwrq->length);
1749  		}
1750  		/* WE specify that if a valid key is set, encryption
1751  		 * should be enabled (user may turn it off later)
1752  		 * This is also how "iwconfig ethX key on" works */
1753  		if (index == current_index &&
1754  		    priv->wep_key_len[index] > 0) {
1755  			priv->wep_is_on = 1;
1756  			priv->exclude_unencrypted = 1;
1757  			if (priv->wep_key_len[index] > 5) {
1758  				priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1759  				priv->encryption_level = 2;
1760  			} else {
1761  				priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1762  				priv->encryption_level = 1;
1763  			}
1764  		}
1765  	} else {
1766  		/* Do we want to just set the transmit key index ? */
1767  		int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1768  		if (index >= 0 && index < 4) {
1769  			priv->default_key = index;
1770  		} else
1771  			/* Don't complain if only change the mode */
1772  			if (!(dwrq->flags & IW_ENCODE_MODE))
1773  				return -EINVAL;
1774  	}
1775  	/* Read the flags */
1776  	if (dwrq->flags & IW_ENCODE_DISABLED) {
1777  		priv->wep_is_on = 0;
1778  		priv->encryption_level = 0;
1779  		priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1780  	} else {
1781  		priv->wep_is_on = 1;
1782  		if (priv->wep_key_len[priv->default_key] > 5) {
1783  			priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1784  			priv->encryption_level = 2;
1785  		} else {
1786  			priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1787  			priv->encryption_level = 1;
1788  		}
1789  	}
1790  	if (dwrq->flags & IW_ENCODE_RESTRICTED)
1791  		priv->exclude_unencrypted = 1;
1792  	if (dwrq->flags & IW_ENCODE_OPEN)
1793  		priv->exclude_unencrypted = 0;
1794  
1795  	return -EINPROGRESS;		/* Call commit handler */
1796  }
1797  
atmel_get_encode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1798  static int atmel_get_encode(struct net_device *dev,
1799  			    struct iw_request_info *info,
1800  			    union iwreq_data *wrqu,
1801  			    char *extra)
1802  {
1803  	struct iw_point *dwrq = &wrqu->encoding;
1804  	struct atmel_private *priv = netdev_priv(dev);
1805  	int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1806  
1807  	if (!priv->wep_is_on)
1808  		dwrq->flags = IW_ENCODE_DISABLED;
1809  	else {
1810  		if (priv->exclude_unencrypted)
1811  			dwrq->flags = IW_ENCODE_RESTRICTED;
1812  		else
1813  			dwrq->flags = IW_ENCODE_OPEN;
1814  	}
1815  		/* Which key do we want ? -1 -> tx index */
1816  	if (index < 0 || index >= 4)
1817  		index = priv->default_key;
1818  	dwrq->flags |= index + 1;
1819  	/* Copy the key to the user buffer */
1820  	dwrq->length = priv->wep_key_len[index];
1821  	if (dwrq->length > 16) {
1822  		dwrq->length = 0;
1823  	} else {
1824  		memset(extra, 0, 16);
1825  		memcpy(extra, priv->wep_keys[index], dwrq->length);
1826  	}
1827  
1828  	return 0;
1829  }
1830  
atmel_set_encodeext(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1831  static int atmel_set_encodeext(struct net_device *dev,
1832  			    struct iw_request_info *info,
1833  			    union iwreq_data *wrqu,
1834  			    char *extra)
1835  {
1836  	struct atmel_private *priv = netdev_priv(dev);
1837  	struct iw_point *encoding = &wrqu->encoding;
1838  	struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1839  	int idx, key_len, alg = ext->alg, set_key = 1;
1840  
1841  	/* Determine and validate the key index */
1842  	idx = encoding->flags & IW_ENCODE_INDEX;
1843  	if (idx) {
1844  		if (idx < 1 || idx > 4)
1845  			return -EINVAL;
1846  		idx--;
1847  	} else
1848  		idx = priv->default_key;
1849  
1850  	if (encoding->flags & IW_ENCODE_DISABLED)
1851  	    alg = IW_ENCODE_ALG_NONE;
1852  
1853  	if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
1854  		priv->default_key = idx;
1855  		set_key = ext->key_len > 0 ? 1 : 0;
1856  	}
1857  
1858  	if (set_key) {
1859  		/* Set the requested key first */
1860  		switch (alg) {
1861  		case IW_ENCODE_ALG_NONE:
1862  			priv->wep_is_on = 0;
1863  			priv->encryption_level = 0;
1864  			priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1865  			break;
1866  		case IW_ENCODE_ALG_WEP:
1867  			if (ext->key_len > 5) {
1868  				priv->wep_key_len[idx] = 13;
1869  				priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1870  				priv->encryption_level = 2;
1871  			} else if (ext->key_len > 0) {
1872  				priv->wep_key_len[idx] = 5;
1873  				priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1874  				priv->encryption_level = 1;
1875  			} else {
1876  				return -EINVAL;
1877  			}
1878  			priv->wep_is_on = 1;
1879  			memset(priv->wep_keys[idx], 0, 13);
1880  			key_len = min ((int)ext->key_len, priv->wep_key_len[idx]);
1881  			memcpy(priv->wep_keys[idx], ext->key, key_len);
1882  			break;
1883  		default:
1884  			return -EINVAL;
1885  		}
1886  	}
1887  
1888  	return -EINPROGRESS;
1889  }
1890  
atmel_get_encodeext(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1891  static int atmel_get_encodeext(struct net_device *dev,
1892  			    struct iw_request_info *info,
1893  			    union iwreq_data *wrqu,
1894  			    char *extra)
1895  {
1896  	struct atmel_private *priv = netdev_priv(dev);
1897  	struct iw_point *encoding = &wrqu->encoding;
1898  	struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1899  	int idx, max_key_len;
1900  
1901  	max_key_len = encoding->length - sizeof(*ext);
1902  	if (max_key_len < 0)
1903  		return -EINVAL;
1904  
1905  	idx = encoding->flags & IW_ENCODE_INDEX;
1906  	if (idx) {
1907  		if (idx < 1 || idx > 4)
1908  			return -EINVAL;
1909  		idx--;
1910  	} else
1911  		idx = priv->default_key;
1912  
1913  	encoding->flags = idx + 1;
1914  	memset(ext, 0, sizeof(*ext));
1915  
1916  	if (!priv->wep_is_on) {
1917  		ext->alg = IW_ENCODE_ALG_NONE;
1918  		ext->key_len = 0;
1919  		encoding->flags |= IW_ENCODE_DISABLED;
1920  	} else {
1921  		if (priv->encryption_level > 0)
1922  			ext->alg = IW_ENCODE_ALG_WEP;
1923  		else
1924  			return -EINVAL;
1925  
1926  		ext->key_len = priv->wep_key_len[idx];
1927  		memcpy(ext->key, priv->wep_keys[idx], ext->key_len);
1928  		encoding->flags |= IW_ENCODE_ENABLED;
1929  	}
1930  
1931  	return 0;
1932  }
1933  
atmel_set_auth(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1934  static int atmel_set_auth(struct net_device *dev,
1935  			       struct iw_request_info *info,
1936  			       union iwreq_data *wrqu, char *extra)
1937  {
1938  	struct atmel_private *priv = netdev_priv(dev);
1939  	struct iw_param *param = &wrqu->param;
1940  
1941  	switch (param->flags & IW_AUTH_INDEX) {
1942  	case IW_AUTH_WPA_VERSION:
1943  	case IW_AUTH_CIPHER_PAIRWISE:
1944  	case IW_AUTH_CIPHER_GROUP:
1945  	case IW_AUTH_KEY_MGMT:
1946  	case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1947  	case IW_AUTH_PRIVACY_INVOKED:
1948  		/*
1949  		 * atmel does not use these parameters
1950  		 */
1951  		break;
1952  
1953  	case IW_AUTH_DROP_UNENCRYPTED:
1954  		priv->exclude_unencrypted = param->value ? 1 : 0;
1955  		break;
1956  
1957  	case IW_AUTH_80211_AUTH_ALG: {
1958  			if (param->value & IW_AUTH_ALG_SHARED_KEY) {
1959  				priv->exclude_unencrypted = 1;
1960  			} else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) {
1961  				priv->exclude_unencrypted = 0;
1962  			} else
1963  				return -EINVAL;
1964  			break;
1965  		}
1966  
1967  	case IW_AUTH_WPA_ENABLED:
1968  		/* Silently accept disable of WPA */
1969  		if (param->value > 0)
1970  			return -EOPNOTSUPP;
1971  		break;
1972  
1973  	default:
1974  		return -EOPNOTSUPP;
1975  	}
1976  	return -EINPROGRESS;
1977  }
1978  
atmel_get_auth(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1979  static int atmel_get_auth(struct net_device *dev,
1980  			       struct iw_request_info *info,
1981  			       union iwreq_data *wrqu, char *extra)
1982  {
1983  	struct atmel_private *priv = netdev_priv(dev);
1984  	struct iw_param *param = &wrqu->param;
1985  
1986  	switch (param->flags & IW_AUTH_INDEX) {
1987  	case IW_AUTH_DROP_UNENCRYPTED:
1988  		param->value = priv->exclude_unencrypted;
1989  		break;
1990  
1991  	case IW_AUTH_80211_AUTH_ALG:
1992  		if (priv->exclude_unencrypted == 1)
1993  			param->value = IW_AUTH_ALG_SHARED_KEY;
1994  		else
1995  			param->value = IW_AUTH_ALG_OPEN_SYSTEM;
1996  		break;
1997  
1998  	case IW_AUTH_WPA_ENABLED:
1999  		param->value = 0;
2000  		break;
2001  
2002  	default:
2003  		return -EOPNOTSUPP;
2004  	}
2005  	return 0;
2006  }
2007  
2008  
atmel_get_name(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2009  static int atmel_get_name(struct net_device *dev,
2010  			  struct iw_request_info *info,
2011  			  union iwreq_data *wrqu,
2012  			  char *extra)
2013  {
2014  	strcpy(wrqu->name, "IEEE 802.11-DS");
2015  	return 0;
2016  }
2017  
atmel_set_rate(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2018  static int atmel_set_rate(struct net_device *dev,
2019  			  struct iw_request_info *info,
2020  			  union iwreq_data *wrqu,
2021  			  char *extra)
2022  {
2023  	struct iw_param *vwrq = &wrqu->bitrate;
2024  	struct atmel_private *priv = netdev_priv(dev);
2025  
2026  	if (vwrq->fixed == 0) {
2027  		priv->tx_rate = 3;
2028  		priv->auto_tx_rate = 1;
2029  	} else {
2030  		priv->auto_tx_rate = 0;
2031  
2032  		/* Which type of value ? */
2033  		if ((vwrq->value < 4) && (vwrq->value >= 0)) {
2034  			/* Setting by rate index */
2035  			priv->tx_rate = vwrq->value;
2036  		} else {
2037  		/* Setting by frequency value */
2038  			switch (vwrq->value) {
2039  			case  1000000:
2040  				priv->tx_rate = 0;
2041  				break;
2042  			case  2000000:
2043  				priv->tx_rate = 1;
2044  				break;
2045  			case  5500000:
2046  				priv->tx_rate = 2;
2047  				break;
2048  			case 11000000:
2049  				priv->tx_rate = 3;
2050  				break;
2051  			default:
2052  				return -EINVAL;
2053  			}
2054  		}
2055  	}
2056  
2057  	return -EINPROGRESS;
2058  }
2059  
atmel_set_mode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2060  static int atmel_set_mode(struct net_device *dev,
2061  			  struct iw_request_info *info,
2062  			  union iwreq_data *wrqu,
2063  			  char *extra)
2064  {
2065  	__u32 *uwrq = &wrqu->mode;
2066  	struct atmel_private *priv = netdev_priv(dev);
2067  
2068  	if (*uwrq != IW_MODE_ADHOC && *uwrq != IW_MODE_INFRA)
2069  		return -EINVAL;
2070  
2071  	priv->operating_mode = *uwrq;
2072  	return -EINPROGRESS;
2073  }
2074  
atmel_get_mode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2075  static int atmel_get_mode(struct net_device *dev,
2076  			  struct iw_request_info *info,
2077  			  union iwreq_data *wrqu,
2078  			  char *extra)
2079  {
2080  	__u32 *uwrq = &wrqu->mode;
2081  	struct atmel_private *priv = netdev_priv(dev);
2082  
2083  	*uwrq = priv->operating_mode;
2084  	return 0;
2085  }
2086  
atmel_get_rate(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2087  static int atmel_get_rate(struct net_device *dev,
2088  			 struct iw_request_info *info,
2089  			 union iwreq_data *wrqu,
2090  			 char *extra)
2091  {
2092  	struct iw_param *vwrq = &wrqu->bitrate;
2093  	struct atmel_private *priv = netdev_priv(dev);
2094  
2095  	if (priv->auto_tx_rate) {
2096  		vwrq->fixed = 0;
2097  		vwrq->value = 11000000;
2098  	} else {
2099  		vwrq->fixed = 1;
2100  		switch (priv->tx_rate) {
2101  		case 0:
2102  			vwrq->value =  1000000;
2103  			break;
2104  		case 1:
2105  			vwrq->value =  2000000;
2106  			break;
2107  		case 2:
2108  			vwrq->value =  5500000;
2109  			break;
2110  		case 3:
2111  			vwrq->value = 11000000;
2112  			break;
2113  		}
2114  	}
2115  	return 0;
2116  }
2117  
atmel_set_power(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2118  static int atmel_set_power(struct net_device *dev,
2119  			   struct iw_request_info *info,
2120  			   union iwreq_data *wrqu,
2121  			   char *extra)
2122  {
2123  	struct iw_param *vwrq = &wrqu->power;
2124  	struct atmel_private *priv = netdev_priv(dev);
2125  	priv->power_mode = vwrq->disabled ? 0 : 1;
2126  	return -EINPROGRESS;
2127  }
2128  
atmel_get_power(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2129  static int atmel_get_power(struct net_device *dev,
2130  			   struct iw_request_info *info,
2131  			   union iwreq_data *wrqu,
2132  			   char *extra)
2133  {
2134  	struct iw_param *vwrq = &wrqu->power;
2135  	struct atmel_private *priv = netdev_priv(dev);
2136  	vwrq->disabled = priv->power_mode ? 0 : 1;
2137  	vwrq->flags = IW_POWER_ON;
2138  	return 0;
2139  }
2140  
atmel_set_retry(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2141  static int atmel_set_retry(struct net_device *dev,
2142  			   struct iw_request_info *info,
2143  			   union iwreq_data *wrqu,
2144  			   char *extra)
2145  {
2146  	struct iw_param *vwrq = &wrqu->retry;
2147  	struct atmel_private *priv = netdev_priv(dev);
2148  
2149  	if (!vwrq->disabled && (vwrq->flags & IW_RETRY_LIMIT)) {
2150  		if (vwrq->flags & IW_RETRY_LONG)
2151  			priv->long_retry = vwrq->value;
2152  		else if (vwrq->flags & IW_RETRY_SHORT)
2153  			priv->short_retry = vwrq->value;
2154  		else {
2155  			/* No modifier : set both */
2156  			priv->long_retry = vwrq->value;
2157  			priv->short_retry = vwrq->value;
2158  		}
2159  		return -EINPROGRESS;
2160  	}
2161  
2162  	return -EINVAL;
2163  }
2164  
atmel_get_retry(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2165  static int atmel_get_retry(struct net_device *dev,
2166  			   struct iw_request_info *info,
2167  			   union iwreq_data *wrqu,
2168  			   char *extra)
2169  {
2170  	struct iw_param *vwrq = &wrqu->retry;
2171  	struct atmel_private *priv = netdev_priv(dev);
2172  
2173  	vwrq->disabled = 0;      /* Can't be disabled */
2174  
2175  	/* Note : by default, display the short retry number */
2176  	if (vwrq->flags & IW_RETRY_LONG) {
2177  		vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
2178  		vwrq->value = priv->long_retry;
2179  	} else {
2180  		vwrq->flags = IW_RETRY_LIMIT;
2181  		vwrq->value = priv->short_retry;
2182  		if (priv->long_retry != priv->short_retry)
2183  			vwrq->flags |= IW_RETRY_SHORT;
2184  	}
2185  
2186  	return 0;
2187  }
2188  
atmel_set_rts(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2189  static int atmel_set_rts(struct net_device *dev,
2190  			 struct iw_request_info *info,
2191  			 union iwreq_data *wrqu,
2192  			 char *extra)
2193  {
2194  	struct iw_param *vwrq = &wrqu->rts;
2195  	struct atmel_private *priv = netdev_priv(dev);
2196  	int rthr = vwrq->value;
2197  
2198  	if (vwrq->disabled)
2199  		rthr = 2347;
2200  	if ((rthr < 0) || (rthr > 2347)) {
2201  		return -EINVAL;
2202  	}
2203  	priv->rts_threshold = rthr;
2204  
2205  	return -EINPROGRESS;		/* Call commit handler */
2206  }
2207  
atmel_get_rts(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2208  static int atmel_get_rts(struct net_device *dev,
2209  			 struct iw_request_info *info,
2210  			 union iwreq_data *wrqu,
2211  			 char *extra)
2212  {
2213  	struct iw_param *vwrq = &wrqu->rts;
2214  	struct atmel_private *priv = netdev_priv(dev);
2215  
2216  	vwrq->value = priv->rts_threshold;
2217  	vwrq->disabled = (vwrq->value >= 2347);
2218  	vwrq->fixed = 1;
2219  
2220  	return 0;
2221  }
2222  
atmel_set_frag(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2223  static int atmel_set_frag(struct net_device *dev,
2224  			  struct iw_request_info *info,
2225  			  union iwreq_data *wrqu,
2226  			  char *extra)
2227  {
2228  	struct iw_param *vwrq = &wrqu->frag;
2229  	struct atmel_private *priv = netdev_priv(dev);
2230  	int fthr = vwrq->value;
2231  
2232  	if (vwrq->disabled)
2233  		fthr = 2346;
2234  	if ((fthr < 256) || (fthr > 2346)) {
2235  		return -EINVAL;
2236  	}
2237  	fthr &= ~0x1;	/* Get an even value - is it really needed ??? */
2238  	priv->frag_threshold = fthr;
2239  
2240  	return -EINPROGRESS;		/* Call commit handler */
2241  }
2242  
atmel_get_frag(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2243  static int atmel_get_frag(struct net_device *dev,
2244  			  struct iw_request_info *info,
2245  			  union iwreq_data *wrqu,
2246  			  char *extra)
2247  {
2248  	struct iw_param *vwrq = &wrqu->frag;
2249  	struct atmel_private *priv = netdev_priv(dev);
2250  
2251  	vwrq->value = priv->frag_threshold;
2252  	vwrq->disabled = (vwrq->value >= 2346);
2253  	vwrq->fixed = 1;
2254  
2255  	return 0;
2256  }
2257  
atmel_set_freq(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2258  static int atmel_set_freq(struct net_device *dev,
2259  			  struct iw_request_info *info,
2260  			  union iwreq_data *wrqu,
2261  			  char *extra)
2262  {
2263  	struct iw_freq *fwrq = &wrqu->freq;
2264  	struct atmel_private *priv = netdev_priv(dev);
2265  	int rc = -EINPROGRESS;		/* Call commit handler */
2266  
2267  	/* If setting by frequency, convert to a channel */
2268  	if (fwrq->e == 1) {
2269  		int f = fwrq->m / 100000;
2270  
2271  		/* Hack to fall through... */
2272  		fwrq->e = 0;
2273  		fwrq->m = ieee80211_frequency_to_channel(f);
2274  	}
2275  	/* Setting by channel number */
2276  	if (fwrq->m < 0 || fwrq->m > 1000 || fwrq->e > 0)
2277  		rc = -EOPNOTSUPP;
2278  	else {
2279  		int channel = fwrq->m;
2280  		if (atmel_validate_channel(priv, channel) == 0) {
2281  			priv->channel = channel;
2282  		} else {
2283  			rc = -EINVAL;
2284  		}
2285  	}
2286  	return rc;
2287  }
2288  
atmel_get_freq(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2289  static int atmel_get_freq(struct net_device *dev,
2290  			  struct iw_request_info *info,
2291  			  union iwreq_data *wrqu,
2292  			  char *extra)
2293  {
2294  	struct iw_freq *fwrq = &wrqu->freq;
2295  	struct atmel_private *priv = netdev_priv(dev);
2296  
2297  	fwrq->m = priv->channel;
2298  	fwrq->e = 0;
2299  	return 0;
2300  }
2301  
atmel_set_scan(struct net_device * dev,struct iw_request_info * info,union iwreq_data * dwrq,char * extra)2302  static int atmel_set_scan(struct net_device *dev,
2303  			  struct iw_request_info *info,
2304  			  union iwreq_data *dwrq,
2305  			  char *extra)
2306  {
2307  	struct atmel_private *priv = netdev_priv(dev);
2308  	unsigned long flags;
2309  
2310  	/* Note : you may have realised that, as this is a SET operation,
2311  	 * this is privileged and therefore a normal user can't
2312  	 * perform scanning.
2313  	 * This is not an error, while the device perform scanning,
2314  	 * traffic doesn't flow, so it's a perfect DoS...
2315  	 * Jean II */
2316  
2317  	if (priv->station_state == STATION_STATE_DOWN)
2318  		return -EAGAIN;
2319  
2320  	/* Timeout old surveys. */
2321  	if (time_after(jiffies, priv->last_survey + 20 * HZ))
2322  		priv->site_survey_state = SITE_SURVEY_IDLE;
2323  	priv->last_survey = jiffies;
2324  
2325  	/* Initiate a scan command */
2326  	if (priv->site_survey_state == SITE_SURVEY_IN_PROGRESS)
2327  		return -EBUSY;
2328  
2329  	del_timer_sync(&priv->management_timer);
2330  	spin_lock_irqsave(&priv->irqlock, flags);
2331  
2332  	priv->site_survey_state = SITE_SURVEY_IN_PROGRESS;
2333  	priv->fast_scan = 0;
2334  	atmel_scan(priv, 0);
2335  	spin_unlock_irqrestore(&priv->irqlock, flags);
2336  
2337  	return 0;
2338  }
2339  
atmel_get_scan(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2340  static int atmel_get_scan(struct net_device *dev,
2341  			  struct iw_request_info *info,
2342  			  union iwreq_data *wrqu,
2343  			  char *extra)
2344  {
2345  	struct iw_point *dwrq = &wrqu->data;
2346  	struct atmel_private *priv = netdev_priv(dev);
2347  	int i;
2348  	char *current_ev = extra;
2349  	struct iw_event	iwe;
2350  
2351  	if (priv->site_survey_state != SITE_SURVEY_COMPLETED)
2352  		return -EAGAIN;
2353  
2354  	for (i = 0; i < priv->BSS_list_entries; i++) {
2355  		iwe.cmd = SIOCGIWAP;
2356  		iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2357  		memcpy(iwe.u.ap_addr.sa_data, priv->BSSinfo[i].BSSID, ETH_ALEN);
2358  		current_ev = iwe_stream_add_event(info, current_ev,
2359  						  extra + IW_SCAN_MAX_DATA,
2360  						  &iwe, IW_EV_ADDR_LEN);
2361  
2362  		iwe.u.data.length =  priv->BSSinfo[i].SSIDsize;
2363  		if (iwe.u.data.length > 32)
2364  			iwe.u.data.length = 32;
2365  		iwe.cmd = SIOCGIWESSID;
2366  		iwe.u.data.flags = 1;
2367  		current_ev = iwe_stream_add_point(info, current_ev,
2368  						  extra + IW_SCAN_MAX_DATA,
2369  						  &iwe, priv->BSSinfo[i].SSID);
2370  
2371  		iwe.cmd = SIOCGIWMODE;
2372  		iwe.u.mode = priv->BSSinfo[i].BSStype;
2373  		current_ev = iwe_stream_add_event(info, current_ev,
2374  						  extra + IW_SCAN_MAX_DATA,
2375  						  &iwe, IW_EV_UINT_LEN);
2376  
2377  		iwe.cmd = SIOCGIWFREQ;
2378  		iwe.u.freq.m = priv->BSSinfo[i].channel;
2379  		iwe.u.freq.e = 0;
2380  		current_ev = iwe_stream_add_event(info, current_ev,
2381  						  extra + IW_SCAN_MAX_DATA,
2382  						  &iwe, IW_EV_FREQ_LEN);
2383  
2384  		/* Add quality statistics */
2385  		iwe.cmd = IWEVQUAL;
2386  		iwe.u.qual.level = priv->BSSinfo[i].RSSI;
2387  		iwe.u.qual.qual  = iwe.u.qual.level;
2388  		/* iwe.u.qual.noise  = SOMETHING */
2389  		current_ev = iwe_stream_add_event(info, current_ev,
2390  						  extra + IW_SCAN_MAX_DATA,
2391  						  &iwe, IW_EV_QUAL_LEN);
2392  
2393  
2394  		iwe.cmd = SIOCGIWENCODE;
2395  		if (priv->BSSinfo[i].UsingWEP)
2396  			iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2397  		else
2398  			iwe.u.data.flags = IW_ENCODE_DISABLED;
2399  		iwe.u.data.length = 0;
2400  		current_ev = iwe_stream_add_point(info, current_ev,
2401  						  extra + IW_SCAN_MAX_DATA,
2402  						  &iwe, NULL);
2403  	}
2404  
2405  	/* Length of data */
2406  	dwrq->length = (current_ev - extra);
2407  	dwrq->flags = 0;
2408  
2409  	return 0;
2410  }
2411  
atmel_get_range(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2412  static int atmel_get_range(struct net_device *dev,
2413  			   struct iw_request_info *info,
2414  			   union iwreq_data *wrqu,
2415  			   char *extra)
2416  {
2417  	struct iw_point *dwrq = &wrqu->data;
2418  	struct atmel_private *priv = netdev_priv(dev);
2419  	struct iw_range *range = (struct iw_range *) extra;
2420  	int k, i, j;
2421  
2422  	dwrq->length = sizeof(struct iw_range);
2423  	memset(range, 0, sizeof(struct iw_range));
2424  	range->min_nwid = 0x0000;
2425  	range->max_nwid = 0x0000;
2426  	range->num_channels = 0;
2427  	for (j = 0; j < ARRAY_SIZE(channel_table); j++)
2428  		if (priv->reg_domain == channel_table[j].reg_domain) {
2429  			range->num_channels = channel_table[j].max - channel_table[j].min + 1;
2430  			break;
2431  		}
2432  	if (range->num_channels != 0) {
2433  		for (k = 0, i = channel_table[j].min; i <= channel_table[j].max; i++) {
2434  			range->freq[k].i = i; /* List index */
2435  
2436  			/* Values in MHz -> * 10^5 * 10 */
2437  			range->freq[k].m = 100000 *
2438  			 ieee80211_channel_to_frequency(i, NL80211_BAND_2GHZ);
2439  			range->freq[k++].e = 1;
2440  		}
2441  		range->num_frequency = k;
2442  	}
2443  
2444  	range->max_qual.qual = 100;
2445  	range->max_qual.level = 100;
2446  	range->max_qual.noise = 0;
2447  	range->max_qual.updated = IW_QUAL_NOISE_INVALID;
2448  
2449  	range->avg_qual.qual = 50;
2450  	range->avg_qual.level = 50;
2451  	range->avg_qual.noise = 0;
2452  	range->avg_qual.updated = IW_QUAL_NOISE_INVALID;
2453  
2454  	range->sensitivity = 0;
2455  
2456  	range->bitrate[0] =  1000000;
2457  	range->bitrate[1] =  2000000;
2458  	range->bitrate[2] =  5500000;
2459  	range->bitrate[3] = 11000000;
2460  	range->num_bitrates = 4;
2461  
2462  	range->min_rts = 0;
2463  	range->max_rts = 2347;
2464  	range->min_frag = 256;
2465  	range->max_frag = 2346;
2466  
2467  	range->encoding_size[0] = 5;
2468  	range->encoding_size[1] = 13;
2469  	range->num_encoding_sizes = 2;
2470  	range->max_encoding_tokens = 4;
2471  
2472  	range->pmp_flags = IW_POWER_ON;
2473  	range->pmt_flags = IW_POWER_ON;
2474  	range->pm_capa = 0;
2475  
2476  	range->we_version_source = WIRELESS_EXT;
2477  	range->we_version_compiled = WIRELESS_EXT;
2478  	range->retry_capa = IW_RETRY_LIMIT ;
2479  	range->retry_flags = IW_RETRY_LIMIT;
2480  	range->r_time_flags = 0;
2481  	range->min_retry = 1;
2482  	range->max_retry = 65535;
2483  
2484  	return 0;
2485  }
2486  
atmel_set_wap(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2487  static int atmel_set_wap(struct net_device *dev,
2488  			 struct iw_request_info *info,
2489  			 union iwreq_data *wrqu,
2490  			 char *extra)
2491  {
2492  	struct sockaddr *awrq = &wrqu->ap_addr;
2493  	struct atmel_private *priv = netdev_priv(dev);
2494  	int i;
2495  	static const u8 any[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
2496  	static const u8 off[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
2497  	unsigned long flags;
2498  
2499  	if (awrq->sa_family != ARPHRD_ETHER)
2500  		return -EINVAL;
2501  
2502  	if (!memcmp(any, awrq->sa_data, 6) ||
2503  	    !memcmp(off, awrq->sa_data, 6)) {
2504  		del_timer_sync(&priv->management_timer);
2505  		spin_lock_irqsave(&priv->irqlock, flags);
2506  		atmel_scan(priv, 1);
2507  		spin_unlock_irqrestore(&priv->irqlock, flags);
2508  		return 0;
2509  	}
2510  
2511  	for (i = 0; i < priv->BSS_list_entries; i++) {
2512  		if (memcmp(priv->BSSinfo[i].BSSID, awrq->sa_data, 6) == 0) {
2513  			if (!priv->wep_is_on && priv->BSSinfo[i].UsingWEP) {
2514  				return -EINVAL;
2515  			} else if  (priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) {
2516  				return -EINVAL;
2517  			} else {
2518  				del_timer_sync(&priv->management_timer);
2519  				spin_lock_irqsave(&priv->irqlock, flags);
2520  				atmel_join_bss(priv, i);
2521  				spin_unlock_irqrestore(&priv->irqlock, flags);
2522  				return 0;
2523  			}
2524  		}
2525  	}
2526  
2527  	return -EINVAL;
2528  }
2529  
atmel_config_commit(struct net_device * dev,struct iw_request_info * info,union iwreq_data * zwrq,char * extra)2530  static int atmel_config_commit(struct net_device *dev,
2531  			       struct iw_request_info *info,	/* NULL */
2532  			       union iwreq_data *zwrq,		/* NULL */
2533  			       char *extra)			/* NULL */
2534  {
2535  	return atmel_open(dev);
2536  }
2537  
2538  static const iw_handler atmel_handler[] =
2539  {
2540  	IW_HANDLER(SIOCSIWCOMMIT,	atmel_config_commit),
2541  	IW_HANDLER(SIOCGIWNAME,		atmel_get_name),
2542  	IW_HANDLER(SIOCSIWFREQ,		atmel_set_freq),
2543  	IW_HANDLER(SIOCGIWFREQ,		atmel_get_freq),
2544  	IW_HANDLER(SIOCSIWMODE,		atmel_set_mode),
2545  	IW_HANDLER(SIOCGIWMODE,		atmel_get_mode),
2546  	IW_HANDLER(SIOCGIWRANGE,	atmel_get_range),
2547  	IW_HANDLER(SIOCSIWAP,		atmel_set_wap),
2548  	IW_HANDLER(SIOCGIWAP,		atmel_get_wap),
2549  	IW_HANDLER(SIOCSIWSCAN,		atmel_set_scan),
2550  	IW_HANDLER(SIOCGIWSCAN,		atmel_get_scan),
2551  	IW_HANDLER(SIOCSIWESSID,	atmel_set_essid),
2552  	IW_HANDLER(SIOCGIWESSID,	atmel_get_essid),
2553  	IW_HANDLER(SIOCSIWRATE,		atmel_set_rate),
2554  	IW_HANDLER(SIOCGIWRATE,		atmel_get_rate),
2555  	IW_HANDLER(SIOCSIWRTS,		atmel_set_rts),
2556  	IW_HANDLER(SIOCGIWRTS,		atmel_get_rts),
2557  	IW_HANDLER(SIOCSIWFRAG,		atmel_set_frag),
2558  	IW_HANDLER(SIOCGIWFRAG,		atmel_get_frag),
2559  	IW_HANDLER(SIOCSIWRETRY,	atmel_set_retry),
2560  	IW_HANDLER(SIOCGIWRETRY,	atmel_get_retry),
2561  	IW_HANDLER(SIOCSIWENCODE,	atmel_set_encode),
2562  	IW_HANDLER(SIOCGIWENCODE,	atmel_get_encode),
2563  	IW_HANDLER(SIOCSIWPOWER,	atmel_set_power),
2564  	IW_HANDLER(SIOCGIWPOWER,	atmel_get_power),
2565  	IW_HANDLER(SIOCSIWAUTH,		atmel_set_auth),
2566  	IW_HANDLER(SIOCGIWAUTH,		atmel_get_auth),
2567  	IW_HANDLER(SIOCSIWENCODEEXT,	atmel_set_encodeext),
2568  	IW_HANDLER(SIOCGIWENCODEEXT,	atmel_get_encodeext),
2569  };
2570  
2571  static const iw_handler atmel_private_handler[] =
2572  {
2573  	NULL,				/* SIOCIWFIRSTPRIV */
2574  };
2575  
2576  struct atmel_priv_ioctl {
2577  	char id[32];
2578  	unsigned char __user *data;
2579  	unsigned short len;
2580  };
2581  
2582  #define ATMELFWL	SIOCIWFIRSTPRIV
2583  #define ATMELIDIFC	ATMELFWL + 1
2584  #define ATMELRD		ATMELFWL + 2
2585  #define ATMELMAGIC 0x51807
2586  #define REGDOMAINSZ 20
2587  
2588  static const struct iw_priv_args atmel_private_args[] = {
2589  	{
2590  		.cmd = ATMELFWL,
2591  		.set_args = IW_PRIV_TYPE_BYTE
2592  				| IW_PRIV_SIZE_FIXED
2593  				| sizeof(struct atmel_priv_ioctl),
2594  		.get_args = IW_PRIV_TYPE_NONE,
2595  		.name = "atmelfwl"
2596  	}, {
2597  		.cmd = ATMELIDIFC,
2598  		.set_args = IW_PRIV_TYPE_NONE,
2599  		.get_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
2600  		.name = "atmelidifc"
2601  	}, {
2602  		.cmd = ATMELRD,
2603  		.set_args = IW_PRIV_TYPE_CHAR | REGDOMAINSZ,
2604  		.get_args = IW_PRIV_TYPE_NONE,
2605  		.name = "regdomain"
2606  	},
2607  };
2608  
2609  static const struct iw_handler_def atmel_handler_def = {
2610  	.num_standard	= ARRAY_SIZE(atmel_handler),
2611  	.num_private	= ARRAY_SIZE(atmel_private_handler),
2612  	.num_private_args = ARRAY_SIZE(atmel_private_args),
2613  	.standard	= atmel_handler,
2614  	.private	= atmel_private_handler,
2615  	.private_args	= (struct iw_priv_args *) atmel_private_args,
2616  	.get_wireless_stats = atmel_get_wireless_stats
2617  };
2618  
atmel_ioctl(struct net_device * dev,struct ifreq * rq,int cmd)2619  static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
2620  {
2621  	int i, rc = 0;
2622  	struct atmel_private *priv = netdev_priv(dev);
2623  	struct atmel_priv_ioctl com;
2624  	struct iwreq *wrq = (struct iwreq *) rq;
2625  	unsigned char *new_firmware;
2626  	char domain[REGDOMAINSZ + 1];
2627  
2628  	switch (cmd) {
2629  	case ATMELIDIFC:
2630  		wrq->u.param.value = ATMELMAGIC;
2631  		break;
2632  
2633  	case ATMELFWL:
2634  		if (copy_from_user(&com, rq->ifr_data, sizeof(com))) {
2635  			rc = -EFAULT;
2636  			break;
2637  		}
2638  
2639  		if (!capable(CAP_NET_ADMIN)) {
2640  			rc = -EPERM;
2641  			break;
2642  		}
2643  
2644  		new_firmware = memdup_user(com.data, com.len);
2645  		if (IS_ERR(new_firmware)) {
2646  			rc = PTR_ERR(new_firmware);
2647  			break;
2648  		}
2649  
2650  		kfree(priv->firmware);
2651  
2652  		priv->firmware = new_firmware;
2653  		priv->firmware_length = com.len;
2654  		strncpy(priv->firmware_id, com.id, 31);
2655  		priv->firmware_id[31] = '\0';
2656  		break;
2657  
2658  	case ATMELRD:
2659  		if (copy_from_user(domain, rq->ifr_data, REGDOMAINSZ)) {
2660  			rc = -EFAULT;
2661  			break;
2662  		}
2663  
2664  		if (!capable(CAP_NET_ADMIN)) {
2665  			rc = -EPERM;
2666  			break;
2667  		}
2668  
2669  		domain[REGDOMAINSZ] = 0;
2670  		rc = -EINVAL;
2671  		for (i = 0; i < ARRAY_SIZE(channel_table); i++) {
2672  			if (!strcasecmp(channel_table[i].name, domain)) {
2673  				priv->config_reg_domain = channel_table[i].reg_domain;
2674  				rc = 0;
2675  			}
2676  		}
2677  
2678  		if (rc == 0 &&  priv->station_state != STATION_STATE_DOWN)
2679  			rc = atmel_open(dev);
2680  		break;
2681  
2682  	default:
2683  		rc = -EOPNOTSUPP;
2684  	}
2685  
2686  	return rc;
2687  }
2688  
2689  struct auth_body {
2690  	__le16 alg;
2691  	__le16 trans_seq;
2692  	__le16 status;
2693  	u8 el_id;
2694  	u8 chall_text_len;
2695  	u8 chall_text[253];
2696  };
2697  
atmel_enter_state(struct atmel_private * priv,int new_state)2698  static void atmel_enter_state(struct atmel_private *priv, int new_state)
2699  {
2700  	int old_state = priv->station_state;
2701  
2702  	if (new_state == old_state)
2703  		return;
2704  
2705  	priv->station_state = new_state;
2706  
2707  	if (new_state == STATION_STATE_READY) {
2708  		netif_start_queue(priv->dev);
2709  		netif_carrier_on(priv->dev);
2710  	}
2711  
2712  	if (old_state == STATION_STATE_READY) {
2713  		netif_carrier_off(priv->dev);
2714  		if (netif_running(priv->dev))
2715  			netif_stop_queue(priv->dev);
2716  		priv->last_beacon_timestamp = 0;
2717  	}
2718  }
2719  
atmel_scan(struct atmel_private * priv,int specific_ssid)2720  static void atmel_scan(struct atmel_private *priv, int specific_ssid)
2721  {
2722  	struct {
2723  		u8 BSSID[ETH_ALEN];
2724  		u8 SSID[MAX_SSID_LENGTH];
2725  		u8 scan_type;
2726  		u8 channel;
2727  		__le16 BSS_type;
2728  		__le16 min_channel_time;
2729  		__le16 max_channel_time;
2730  		u8 options;
2731  		u8 SSID_size;
2732  	} cmd;
2733  
2734  	eth_broadcast_addr(cmd.BSSID);
2735  
2736  	if (priv->fast_scan) {
2737  		cmd.SSID_size = priv->SSID_size;
2738  		memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2739  		cmd.min_channel_time = cpu_to_le16(10);
2740  		cmd.max_channel_time = cpu_to_le16(50);
2741  	} else {
2742  		priv->BSS_list_entries = 0;
2743  		cmd.SSID_size = 0;
2744  		cmd.min_channel_time = cpu_to_le16(10);
2745  		cmd.max_channel_time = cpu_to_le16(120);
2746  	}
2747  
2748  	cmd.options = 0;
2749  
2750  	if (!specific_ssid)
2751  		cmd.options |= SCAN_OPTIONS_SITE_SURVEY;
2752  
2753  	cmd.channel = (priv->channel & 0x7f);
2754  	cmd.scan_type = SCAN_TYPE_ACTIVE;
2755  	cmd.BSS_type = cpu_to_le16(priv->operating_mode == IW_MODE_ADHOC ?
2756  		BSS_TYPE_AD_HOC : BSS_TYPE_INFRASTRUCTURE);
2757  
2758  	atmel_send_command(priv, CMD_Scan, &cmd, sizeof(cmd));
2759  
2760  	/* This must come after all hardware access to avoid being messed up
2761  	   by stuff happening in interrupt context after we leave STATE_DOWN */
2762  	atmel_enter_state(priv, STATION_STATE_SCANNING);
2763  }
2764  
join(struct atmel_private * priv,int type)2765  static void join(struct atmel_private *priv, int type)
2766  {
2767  	struct {
2768  		u8 BSSID[6];
2769  		u8 SSID[MAX_SSID_LENGTH];
2770  		u8 BSS_type; /* this is a short in a scan command - weird */
2771  		u8 channel;
2772  		__le16 timeout;
2773  		u8 SSID_size;
2774  		u8 reserved;
2775  	} cmd;
2776  
2777  	cmd.SSID_size = priv->SSID_size;
2778  	memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2779  	memcpy(cmd.BSSID, priv->CurrentBSSID, ETH_ALEN);
2780  	cmd.channel = (priv->channel & 0x7f);
2781  	cmd.BSS_type = type;
2782  	cmd.timeout = cpu_to_le16(2000);
2783  
2784  	atmel_send_command(priv, CMD_Join, &cmd, sizeof(cmd));
2785  }
2786  
start(struct atmel_private * priv,int type)2787  static void start(struct atmel_private *priv, int type)
2788  {
2789  	struct {
2790  		u8 BSSID[6];
2791  		u8 SSID[MAX_SSID_LENGTH];
2792  		u8 BSS_type;
2793  		u8 channel;
2794  		u8 SSID_size;
2795  		u8 reserved[3];
2796  	} cmd;
2797  
2798  	cmd.SSID_size = priv->SSID_size;
2799  	memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2800  	memcpy(cmd.BSSID, priv->BSSID, ETH_ALEN);
2801  	cmd.BSS_type = type;
2802  	cmd.channel = (priv->channel & 0x7f);
2803  
2804  	atmel_send_command(priv, CMD_Start, &cmd, sizeof(cmd));
2805  }
2806  
handle_beacon_probe(struct atmel_private * priv,u16 capability,u8 channel)2807  static void handle_beacon_probe(struct atmel_private *priv, u16 capability,
2808  				u8 channel)
2809  {
2810  	int rejoin = 0;
2811  	int new = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ?
2812  		SHORT_PREAMBLE : LONG_PREAMBLE;
2813  
2814  	if (priv->preamble != new) {
2815  		priv->preamble = new;
2816  		rejoin = 1;
2817  		atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, new);
2818  	}
2819  
2820  	if (priv->channel != channel) {
2821  		priv->channel = channel;
2822  		rejoin = 1;
2823  		atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_CHANNEL_POS, channel);
2824  	}
2825  
2826  	if (rejoin) {
2827  		priv->station_is_associated = 0;
2828  		atmel_enter_state(priv, STATION_STATE_JOINNING);
2829  
2830  		if (priv->operating_mode == IW_MODE_INFRA)
2831  			join(priv, BSS_TYPE_INFRASTRUCTURE);
2832  		else
2833  			join(priv, BSS_TYPE_AD_HOC);
2834  	}
2835  }
2836  
send_authentication_request(struct atmel_private * priv,u16 system,u8 * challenge,int challenge_len)2837  static void send_authentication_request(struct atmel_private *priv, u16 system,
2838  					u8 *challenge, int challenge_len)
2839  {
2840  	struct ieee80211_hdr header;
2841  	struct auth_body auth;
2842  
2843  	header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH);
2844  	header.duration_id = cpu_to_le16(0x8000);
2845  	header.seq_ctrl = 0;
2846  	memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN);
2847  	memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN);
2848  	memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN);
2849  
2850  	if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1)
2851  		/* no WEP for authentication frames with TrSeqNo 1 */
2852  		header.frame_control |=  cpu_to_le16(IEEE80211_FCTL_PROTECTED);
2853  
2854  	auth.alg = cpu_to_le16(system);
2855  
2856  	auth.status = 0;
2857  	auth.trans_seq = cpu_to_le16(priv->CurrentAuthentTransactionSeqNum);
2858  	priv->ExpectedAuthentTransactionSeqNum = priv->CurrentAuthentTransactionSeqNum+1;
2859  	priv->CurrentAuthentTransactionSeqNum += 2;
2860  
2861  	if (challenge_len != 0)	{
2862  		auth.el_id = 16; /* challenge_text */
2863  		auth.chall_text_len = challenge_len;
2864  		memcpy(auth.chall_text, challenge, challenge_len);
2865  		atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 8 + challenge_len);
2866  	} else {
2867  		atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 6);
2868  	}
2869  }
2870  
send_association_request(struct atmel_private * priv,int is_reassoc)2871  static void send_association_request(struct atmel_private *priv, int is_reassoc)
2872  {
2873  	u8 *ssid_el_p;
2874  	int bodysize;
2875  	struct ieee80211_hdr header;
2876  	struct ass_req_format {
2877  		__le16 capability;
2878  		__le16 listen_interval;
2879  		u8 ap[ETH_ALEN]; /* nothing after here directly accessible */
2880  		u8 ssid_el_id;
2881  		u8 ssid_len;
2882  		u8 ssid[MAX_SSID_LENGTH];
2883  		u8 sup_rates_el_id;
2884  		u8 sup_rates_len;
2885  		u8 rates[4];
2886  	} body;
2887  
2888  	header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2889  		(is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ));
2890  	header.duration_id = cpu_to_le16(0x8000);
2891  	header.seq_ctrl = 0;
2892  
2893  	memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN);
2894  	memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN);
2895  	memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN);
2896  
2897  	body.capability = cpu_to_le16(WLAN_CAPABILITY_ESS);
2898  	if (priv->wep_is_on)
2899  		body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY);
2900  	if (priv->preamble == SHORT_PREAMBLE)
2901  		body.capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE);
2902  
2903  	body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period);
2904  
2905  	/* current AP address - only in reassoc frame */
2906  	if (is_reassoc) {
2907  		memcpy(body.ap, priv->CurrentBSSID, ETH_ALEN);
2908  		ssid_el_p = &body.ssid_el_id;
2909  		bodysize = 18 + priv->SSID_size;
2910  	} else {
2911  		ssid_el_p = &body.ap[0];
2912  		bodysize = 12 + priv->SSID_size;
2913  	}
2914  
2915  	ssid_el_p[0] = WLAN_EID_SSID;
2916  	ssid_el_p[1] = priv->SSID_size;
2917  	memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size);
2918  	ssid_el_p[2 + priv->SSID_size] = WLAN_EID_SUPP_RATES;
2919  	ssid_el_p[3 + priv->SSID_size] = 4; /* len of supported rates */
2920  	memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4);
2921  
2922  	atmel_transmit_management_frame(priv, &header, (void *)&body, bodysize);
2923  }
2924  
is_frame_from_current_bss(struct atmel_private * priv,struct ieee80211_hdr * header)2925  static int is_frame_from_current_bss(struct atmel_private *priv,
2926  				     struct ieee80211_hdr *header)
2927  {
2928  	if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
2929  		return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0;
2930  	else
2931  		return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0;
2932  }
2933  
retrieve_bss(struct atmel_private * priv)2934  static int retrieve_bss(struct atmel_private *priv)
2935  {
2936  	int i;
2937  	int max_rssi = -128;
2938  	int max_index = -1;
2939  
2940  	if (priv->BSS_list_entries == 0)
2941  		return -1;
2942  
2943  	if (priv->connect_to_any_BSS) {
2944  		/* Select a BSS with the max-RSSI but of the same type and of
2945  		   the same WEP mode and that it is not marked as 'bad' (i.e.
2946  		   we had previously failed to connect to this BSS with the
2947  		   settings that we currently use) */
2948  		priv->current_BSS = 0;
2949  		for (i = 0; i < priv->BSS_list_entries; i++) {
2950  			if (priv->operating_mode == priv->BSSinfo[i].BSStype &&
2951  			    ((!priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) ||
2952  			     (priv->wep_is_on && priv->BSSinfo[i].UsingWEP)) &&
2953  			    !(priv->BSSinfo[i].channel & 0x80)) {
2954  				max_rssi = priv->BSSinfo[i].RSSI;
2955  				priv->current_BSS = max_index = i;
2956  			}
2957  		}
2958  		return max_index;
2959  	}
2960  
2961  	for (i = 0; i < priv->BSS_list_entries; i++) {
2962  		if (priv->SSID_size == priv->BSSinfo[i].SSIDsize &&
2963  		    memcmp(priv->SSID, priv->BSSinfo[i].SSID, priv->SSID_size) == 0 &&
2964  		    priv->operating_mode == priv->BSSinfo[i].BSStype &&
2965  		    atmel_validate_channel(priv, priv->BSSinfo[i].channel) == 0) {
2966  			if (priv->BSSinfo[i].RSSI >= max_rssi) {
2967  				max_rssi = priv->BSSinfo[i].RSSI;
2968  				max_index = i;
2969  			}
2970  		}
2971  	}
2972  	return max_index;
2973  }
2974  
store_bss_info(struct atmel_private * priv,struct ieee80211_hdr * header,u16 capability,u16 beacon_period,u8 channel,u8 rssi,u8 ssid_len,u8 * ssid,int is_beacon)2975  static void store_bss_info(struct atmel_private *priv,
2976  			   struct ieee80211_hdr *header, u16 capability,
2977  			   u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len,
2978  			   u8 *ssid, int is_beacon)
2979  {
2980  	u8 *bss = capability & WLAN_CAPABILITY_ESS ? header->addr2 : header->addr3;
2981  	int i, index;
2982  
2983  	for (index = -1, i = 0; i < priv->BSS_list_entries; i++)
2984  		if (memcmp(bss, priv->BSSinfo[i].BSSID, ETH_ALEN) == 0)
2985  			index = i;
2986  
2987  	/* If we process a probe and an entry from this BSS exists
2988  	   we will update the BSS entry with the info from this BSS.
2989  	   If we process a beacon we will only update RSSI */
2990  
2991  	if (index == -1) {
2992  		if (priv->BSS_list_entries == MAX_BSS_ENTRIES)
2993  			return;
2994  		index = priv->BSS_list_entries++;
2995  		memcpy(priv->BSSinfo[index].BSSID, bss, ETH_ALEN);
2996  		priv->BSSinfo[index].RSSI = rssi;
2997  	} else {
2998  		if (rssi > priv->BSSinfo[index].RSSI)
2999  			priv->BSSinfo[index].RSSI = rssi;
3000  		if (is_beacon)
3001  			return;
3002  	}
3003  
3004  	priv->BSSinfo[index].channel = channel;
3005  	priv->BSSinfo[index].beacon_period = beacon_period;
3006  	priv->BSSinfo[index].UsingWEP = capability & WLAN_CAPABILITY_PRIVACY;
3007  	memcpy(priv->BSSinfo[index].SSID, ssid, ssid_len);
3008  	priv->BSSinfo[index].SSIDsize = ssid_len;
3009  
3010  	if (capability & WLAN_CAPABILITY_IBSS)
3011  		priv->BSSinfo[index].BSStype = IW_MODE_ADHOC;
3012  	else if (capability & WLAN_CAPABILITY_ESS)
3013  		priv->BSSinfo[index].BSStype = IW_MODE_INFRA;
3014  
3015  	priv->BSSinfo[index].preamble = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ?
3016  		SHORT_PREAMBLE : LONG_PREAMBLE;
3017  }
3018  
authenticate(struct atmel_private * priv,u16 frame_len)3019  static void authenticate(struct atmel_private *priv, u16 frame_len)
3020  {
3021  	struct auth_body *auth = (struct auth_body *)priv->rx_buf;
3022  	u16 status = le16_to_cpu(auth->status);
3023  	u16 trans_seq_no = le16_to_cpu(auth->trans_seq);
3024  	u16 system = le16_to_cpu(auth->alg);
3025  
3026  	if (status == WLAN_STATUS_SUCCESS && !priv->wep_is_on) {
3027  		/* no WEP */
3028  		if (priv->station_was_associated) {
3029  			atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3030  			send_association_request(priv, 1);
3031  			return;
3032  		} else {
3033  			atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3034  			send_association_request(priv, 0);
3035  			return;
3036  		}
3037  	}
3038  
3039  	if (status == WLAN_STATUS_SUCCESS && priv->wep_is_on) {
3040  		int should_associate = 0;
3041  		/* WEP */
3042  		if (trans_seq_no != priv->ExpectedAuthentTransactionSeqNum)
3043  			return;
3044  
3045  		if (system == WLAN_AUTH_OPEN) {
3046  			if (trans_seq_no == 0x0002) {
3047  				should_associate = 1;
3048  			}
3049  		} else if (system == WLAN_AUTH_SHARED_KEY) {
3050  			if (trans_seq_no == 0x0002 &&
3051  			    auth->el_id == WLAN_EID_CHALLENGE) {
3052  				send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len);
3053  				return;
3054  			} else if (trans_seq_no == 0x0004) {
3055  				should_associate = 1;
3056  			}
3057  		}
3058  
3059  		if (should_associate) {
3060  			if (priv->station_was_associated) {
3061  				atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3062  				send_association_request(priv, 1);
3063  				return;
3064  			} else {
3065  				atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3066  				send_association_request(priv, 0);
3067  				return;
3068  			}
3069  		}
3070  	}
3071  
3072  	if (status == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
3073  		/* Flip back and forth between WEP auth modes until the max
3074  		 * authentication tries has been exceeded.
3075  		 */
3076  		if (system == WLAN_AUTH_OPEN) {
3077  			priv->CurrentAuthentTransactionSeqNum = 0x001;
3078  			priv->exclude_unencrypted = 1;
3079  			send_authentication_request(priv, WLAN_AUTH_SHARED_KEY, NULL, 0);
3080  			return;
3081  		} else if (system == WLAN_AUTH_SHARED_KEY
3082  			   && priv->wep_is_on) {
3083  			priv->CurrentAuthentTransactionSeqNum = 0x001;
3084  			priv->exclude_unencrypted = 0;
3085  			send_authentication_request(priv, WLAN_AUTH_OPEN, NULL, 0);
3086  			return;
3087  		} else if (priv->connect_to_any_BSS) {
3088  			int bss_index;
3089  
3090  			priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3091  
3092  			if ((bss_index  = retrieve_bss(priv)) != -1) {
3093  				atmel_join_bss(priv, bss_index);
3094  				return;
3095  			}
3096  		}
3097  	}
3098  
3099  	priv->AuthenticationRequestRetryCnt = 0;
3100  	atmel_enter_state(priv,  STATION_STATE_MGMT_ERROR);
3101  	priv->station_is_associated = 0;
3102  }
3103  
associate(struct atmel_private * priv,u16 frame_len,u16 subtype)3104  static void associate(struct atmel_private *priv, u16 frame_len, u16 subtype)
3105  {
3106  	struct ass_resp_format {
3107  		__le16 capability;
3108  		__le16 status;
3109  		__le16 ass_id;
3110  		u8 el_id;
3111  		u8 length;
3112  		u8 rates[4];
3113  	} *ass_resp = (struct ass_resp_format *)priv->rx_buf;
3114  
3115  	u16 status = le16_to_cpu(ass_resp->status);
3116  	u16 ass_id = le16_to_cpu(ass_resp->ass_id);
3117  	u16 rates_len = ass_resp->length > 4 ? 4 : ass_resp->length;
3118  
3119  	union iwreq_data wrqu;
3120  
3121  	if (frame_len < 8 + rates_len)
3122  		return;
3123  
3124  	if (status == WLAN_STATUS_SUCCESS) {
3125  		if (subtype == IEEE80211_STYPE_ASSOC_RESP)
3126  			priv->AssociationRequestRetryCnt = 0;
3127  		else
3128  			priv->ReAssociationRequestRetryCnt = 0;
3129  
3130  		atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3131  				MAC_MGMT_MIB_STATION_ID_POS, ass_id & 0x3fff);
3132  		atmel_set_mib(priv, Phy_Mib_Type,
3133  			      PHY_MIB_RATE_SET_POS, ass_resp->rates, rates_len);
3134  		if (priv->power_mode == 0) {
3135  			priv->listen_interval = 1;
3136  			atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3137  				       MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3138  			atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3139  					MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3140  		} else {
3141  			priv->listen_interval = 2;
3142  			atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3143  				       MAC_MGMT_MIB_PS_MODE_POS,  PS_MODE);
3144  			atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3145  					MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 2);
3146  		}
3147  
3148  		priv->station_is_associated = 1;
3149  		priv->station_was_associated = 1;
3150  		atmel_enter_state(priv, STATION_STATE_READY);
3151  
3152  		/* Send association event to userspace */
3153  		wrqu.data.length = 0;
3154  		wrqu.data.flags = 0;
3155  		memcpy(wrqu.ap_addr.sa_data, priv->CurrentBSSID, ETH_ALEN);
3156  		wrqu.ap_addr.sa_family = ARPHRD_ETHER;
3157  		wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
3158  
3159  		return;
3160  	}
3161  
3162  	if (subtype == IEEE80211_STYPE_ASSOC_RESP &&
3163  	    status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3164  	    status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3165  	    priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3166  		mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3167  		priv->AssociationRequestRetryCnt++;
3168  		send_association_request(priv, 0);
3169  		return;
3170  	}
3171  
3172  	if (subtype == IEEE80211_STYPE_REASSOC_RESP &&
3173  	    status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3174  	    status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3175  	    priv->ReAssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3176  		mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3177  		priv->ReAssociationRequestRetryCnt++;
3178  		send_association_request(priv, 1);
3179  		return;
3180  	}
3181  
3182  	atmel_enter_state(priv,  STATION_STATE_MGMT_ERROR);
3183  	priv->station_is_associated = 0;
3184  
3185  	if (priv->connect_to_any_BSS) {
3186  		int bss_index;
3187  		priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3188  
3189  		if ((bss_index = retrieve_bss(priv)) != -1)
3190  			atmel_join_bss(priv, bss_index);
3191  	}
3192  }
3193  
atmel_join_bss(struct atmel_private * priv,int bss_index)3194  static void atmel_join_bss(struct atmel_private *priv, int bss_index)
3195  {
3196  	struct bss_info *bss =  &priv->BSSinfo[bss_index];
3197  
3198  	memcpy(priv->CurrentBSSID, bss->BSSID, ETH_ALEN);
3199  	memcpy(priv->SSID, bss->SSID, priv->SSID_size = bss->SSIDsize);
3200  
3201  	/* The WPA stuff cares about the current AP address */
3202  	if (priv->use_wpa)
3203  		build_wpa_mib(priv);
3204  
3205  	/* When switching to AdHoc turn OFF Power Save if needed */
3206  
3207  	if (bss->BSStype == IW_MODE_ADHOC &&
3208  	    priv->operating_mode != IW_MODE_ADHOC &&
3209  	    priv->power_mode) {
3210  		priv->power_mode = 0;
3211  		priv->listen_interval = 1;
3212  		atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3213  			       MAC_MGMT_MIB_PS_MODE_POS,  ACTIVE_MODE);
3214  		atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3215  				MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3216  	}
3217  
3218  	priv->operating_mode = bss->BSStype;
3219  	priv->channel = bss->channel & 0x7f;
3220  	priv->beacon_period = bss->beacon_period;
3221  
3222  	if (priv->preamble != bss->preamble) {
3223  		priv->preamble = bss->preamble;
3224  		atmel_set_mib8(priv, Local_Mib_Type,
3225  			       LOCAL_MIB_PREAMBLE_TYPE, bss->preamble);
3226  	}
3227  
3228  	if (!priv->wep_is_on && bss->UsingWEP) {
3229  		atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3230  		priv->station_is_associated = 0;
3231  		return;
3232  	}
3233  
3234  	if (priv->wep_is_on && !bss->UsingWEP) {
3235  		atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3236  		priv->station_is_associated = 0;
3237  		return;
3238  	}
3239  
3240  	atmel_enter_state(priv, STATION_STATE_JOINNING);
3241  
3242  	if (priv->operating_mode == IW_MODE_INFRA)
3243  		join(priv, BSS_TYPE_INFRASTRUCTURE);
3244  	else
3245  		join(priv, BSS_TYPE_AD_HOC);
3246  }
3247  
restart_search(struct atmel_private * priv)3248  static void restart_search(struct atmel_private *priv)
3249  {
3250  	int bss_index;
3251  
3252  	if (!priv->connect_to_any_BSS) {
3253  		atmel_scan(priv, 1);
3254  	} else {
3255  		priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3256  
3257  		if ((bss_index = retrieve_bss(priv)) != -1)
3258  			atmel_join_bss(priv, bss_index);
3259  		else
3260  			atmel_scan(priv, 0);
3261  	}
3262  }
3263  
smooth_rssi(struct atmel_private * priv,u8 rssi)3264  static void smooth_rssi(struct atmel_private *priv, u8 rssi)
3265  {
3266  	u8 old = priv->wstats.qual.level;
3267  	u8 max_rssi = 42; /* 502-rmfd-revd max by experiment, default for now */
3268  
3269  	switch (priv->firmware_type) {
3270  	case ATMEL_FW_TYPE_502E:
3271  		max_rssi = 63; /* 502-rmfd-reve max by experiment */
3272  		break;
3273  	default:
3274  		break;
3275  	}
3276  
3277  	rssi = rssi * 100 / max_rssi;
3278  	if ((rssi + old) % 2)
3279  		priv->wstats.qual.level = (rssi + old) / 2 + 1;
3280  	else
3281  		priv->wstats.qual.level = (rssi + old) / 2;
3282  	priv->wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
3283  	priv->wstats.qual.updated &= ~IW_QUAL_LEVEL_INVALID;
3284  }
3285  
atmel_smooth_qual(struct atmel_private * priv)3286  static void atmel_smooth_qual(struct atmel_private *priv)
3287  {
3288  	unsigned long time_diff = (jiffies - priv->last_qual) / HZ;
3289  	while (time_diff--) {
3290  		priv->last_qual += HZ;
3291  		priv->wstats.qual.qual = priv->wstats.qual.qual / 2;
3292  		priv->wstats.qual.qual +=
3293  			priv->beacons_this_sec * priv->beacon_period * (priv->wstats.qual.level + 100) / 4000;
3294  		priv->beacons_this_sec = 0;
3295  	}
3296  	priv->wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
3297  	priv->wstats.qual.updated &= ~IW_QUAL_QUAL_INVALID;
3298  }
3299  
3300  /* deals with incoming management frames. */
atmel_management_frame(struct atmel_private * priv,struct ieee80211_hdr * header,u16 frame_len,u8 rssi)3301  static void atmel_management_frame(struct atmel_private *priv,
3302  				   struct ieee80211_hdr *header,
3303  				   u16 frame_len, u8 rssi)
3304  {
3305  	u16 subtype;
3306  
3307  	subtype = le16_to_cpu(header->frame_control) & IEEE80211_FCTL_STYPE;
3308  	switch (subtype) {
3309  	case IEEE80211_STYPE_BEACON:
3310  	case IEEE80211_STYPE_PROBE_RESP:
3311  
3312  		/* beacon frame has multiple variable-length fields -
3313  		   never let an engineer loose with a data structure design. */
3314  		{
3315  			struct beacon_format {
3316  				__le64 timestamp;
3317  				__le16 interval;
3318  				__le16 capability;
3319  				u8 ssid_el_id;
3320  				u8 ssid_length;
3321  				/* ssid here */
3322  				u8 rates_el_id;
3323  				u8 rates_length;
3324  				/* rates here */
3325  				u8 ds_el_id;
3326  				u8 ds_length;
3327  				/* ds here */
3328  			} *beacon = (struct beacon_format *)priv->rx_buf;
3329  
3330  			u8 channel, rates_length, ssid_length;
3331  			u64 timestamp = le64_to_cpu(beacon->timestamp);
3332  			u16 beacon_interval = le16_to_cpu(beacon->interval);
3333  			u16 capability = le16_to_cpu(beacon->capability);
3334  			u8 *beaconp = priv->rx_buf;
3335  			ssid_length = beacon->ssid_length;
3336  			/* this blows chunks. */
3337  			if (frame_len < 14 || frame_len < ssid_length + 15)
3338  				return;
3339  			rates_length = beaconp[beacon->ssid_length + 15];
3340  			if (frame_len < ssid_length + rates_length + 18)
3341  				return;
3342  			if (ssid_length >  MAX_SSID_LENGTH)
3343  				return;
3344  			channel = beaconp[ssid_length + rates_length + 18];
3345  
3346  			if (priv->station_state == STATION_STATE_READY) {
3347  				smooth_rssi(priv, rssi);
3348  				if (is_frame_from_current_bss(priv, header)) {
3349  					priv->beacons_this_sec++;
3350  					atmel_smooth_qual(priv);
3351  					if (priv->last_beacon_timestamp) {
3352  						/* Note truncate this to 32 bits - kernel can't divide a long */
3353  						u32 beacon_delay = timestamp - priv->last_beacon_timestamp;
3354  						int beacons = beacon_delay / (beacon_interval * 1000);
3355  						if (beacons > 1)
3356  							priv->wstats.miss.beacon += beacons - 1;
3357  					}
3358  					priv->last_beacon_timestamp = timestamp;
3359  					handle_beacon_probe(priv, capability, channel);
3360  				}
3361  			}
3362  
3363  			if (priv->station_state == STATION_STATE_SCANNING)
3364  				store_bss_info(priv, header, capability,
3365  					       beacon_interval, channel, rssi,
3366  					       ssid_length,
3367  					       &beacon->rates_el_id,
3368  					       subtype == IEEE80211_STYPE_BEACON);
3369  		}
3370  		break;
3371  
3372  	case IEEE80211_STYPE_AUTH:
3373  
3374  		if (priv->station_state == STATION_STATE_AUTHENTICATING)
3375  			authenticate(priv, frame_len);
3376  
3377  		break;
3378  
3379  	case IEEE80211_STYPE_ASSOC_RESP:
3380  	case IEEE80211_STYPE_REASSOC_RESP:
3381  
3382  		if (priv->station_state == STATION_STATE_ASSOCIATING ||
3383  		    priv->station_state == STATION_STATE_REASSOCIATING)
3384  			associate(priv, frame_len, subtype);
3385  
3386  		break;
3387  
3388  	case IEEE80211_STYPE_DISASSOC:
3389  		if (priv->station_is_associated &&
3390  		    priv->operating_mode == IW_MODE_INFRA &&
3391  		    is_frame_from_current_bss(priv, header)) {
3392  			priv->station_was_associated = 0;
3393  			priv->station_is_associated = 0;
3394  
3395  			atmel_enter_state(priv, STATION_STATE_JOINNING);
3396  			join(priv, BSS_TYPE_INFRASTRUCTURE);
3397  		}
3398  
3399  		break;
3400  
3401  	case IEEE80211_STYPE_DEAUTH:
3402  		if (priv->operating_mode == IW_MODE_INFRA &&
3403  		    is_frame_from_current_bss(priv, header)) {
3404  			priv->station_was_associated = 0;
3405  
3406  			atmel_enter_state(priv, STATION_STATE_JOINNING);
3407  			join(priv, BSS_TYPE_INFRASTRUCTURE);
3408  		}
3409  
3410  		break;
3411  	}
3412  }
3413  
3414  /* run when timer expires */
atmel_management_timer(struct timer_list * t)3415  static void atmel_management_timer(struct timer_list *t)
3416  {
3417  	struct atmel_private *priv = from_timer(priv, t, management_timer);
3418  	unsigned long flags;
3419  
3420  	/* Check if the card has been yanked. */
3421  	if (priv->card && priv->present_callback &&
3422  		!(*priv->present_callback)(priv->card))
3423  		return;
3424  
3425  	spin_lock_irqsave(&priv->irqlock, flags);
3426  
3427  	switch (priv->station_state) {
3428  
3429  	case STATION_STATE_AUTHENTICATING:
3430  		if (priv->AuthenticationRequestRetryCnt >= MAX_AUTHENTICATION_RETRIES) {
3431  			atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3432  			priv->station_is_associated = 0;
3433  			priv->AuthenticationRequestRetryCnt = 0;
3434  			restart_search(priv);
3435  		} else {
3436  			int auth = WLAN_AUTH_OPEN;
3437  			priv->AuthenticationRequestRetryCnt++;
3438  			priv->CurrentAuthentTransactionSeqNum = 0x0001;
3439  			mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3440  			if (priv->wep_is_on && priv->exclude_unencrypted)
3441  				auth = WLAN_AUTH_SHARED_KEY;
3442  			send_authentication_request(priv, auth, NULL, 0);
3443  	  }
3444  	  break;
3445  
3446  	case STATION_STATE_ASSOCIATING:
3447  		if (priv->AssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3448  			atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3449  			priv->station_is_associated = 0;
3450  			priv->AssociationRequestRetryCnt = 0;
3451  			restart_search(priv);
3452  		} else {
3453  			priv->AssociationRequestRetryCnt++;
3454  			mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3455  			send_association_request(priv, 0);
3456  		}
3457  	  break;
3458  
3459  	case STATION_STATE_REASSOCIATING:
3460  		if (priv->ReAssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3461  			atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3462  			priv->station_is_associated = 0;
3463  			priv->ReAssociationRequestRetryCnt = 0;
3464  			restart_search(priv);
3465  		} else {
3466  			priv->ReAssociationRequestRetryCnt++;
3467  			mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3468  			send_association_request(priv, 1);
3469  		}
3470  		break;
3471  
3472  	default:
3473  		break;
3474  	}
3475  
3476  	spin_unlock_irqrestore(&priv->irqlock, flags);
3477  }
3478  
atmel_command_irq(struct atmel_private * priv)3479  static void atmel_command_irq(struct atmel_private *priv)
3480  {
3481  	u8 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
3482  	u8 command = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET));
3483  	int fast_scan;
3484  	union iwreq_data wrqu;
3485  
3486  	if (status == CMD_STATUS_IDLE ||
3487  	    status == CMD_STATUS_IN_PROGRESS)
3488  		return;
3489  
3490  	switch (command) {
3491  	case CMD_Start:
3492  		if (status == CMD_STATUS_COMPLETE) {
3493  			priv->station_was_associated = priv->station_is_associated;
3494  			atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
3495  				      (u8 *)priv->CurrentBSSID, 6);
3496  			atmel_enter_state(priv, STATION_STATE_READY);
3497  		}
3498  		break;
3499  
3500  	case CMD_Scan:
3501  		fast_scan = priv->fast_scan;
3502  		priv->fast_scan = 0;
3503  
3504  		if (status != CMD_STATUS_COMPLETE) {
3505  			atmel_scan(priv, 1);
3506  		} else {
3507  			int bss_index = retrieve_bss(priv);
3508  			int notify_scan_complete = 1;
3509  			if (bss_index != -1) {
3510  				atmel_join_bss(priv, bss_index);
3511  			} else if (priv->operating_mode == IW_MODE_ADHOC &&
3512  				   priv->SSID_size != 0) {
3513  				start(priv, BSS_TYPE_AD_HOC);
3514  			} else {
3515  				priv->fast_scan = !fast_scan;
3516  				atmel_scan(priv, 1);
3517  				notify_scan_complete = 0;
3518  			}
3519  			priv->site_survey_state = SITE_SURVEY_COMPLETED;
3520  			if (notify_scan_complete) {
3521  				wrqu.data.length = 0;
3522  				wrqu.data.flags = 0;
3523  				wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3524  			}
3525  		}
3526  		break;
3527  
3528  	case CMD_SiteSurvey:
3529  		priv->fast_scan = 0;
3530  
3531  		if (status != CMD_STATUS_COMPLETE)
3532  			return;
3533  
3534  		priv->site_survey_state = SITE_SURVEY_COMPLETED;
3535  		if (priv->station_is_associated) {
3536  			atmel_enter_state(priv, STATION_STATE_READY);
3537  			wrqu.data.length = 0;
3538  			wrqu.data.flags = 0;
3539  			wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3540  		} else {
3541  			atmel_scan(priv, 1);
3542  		}
3543  		break;
3544  
3545  	case CMD_Join:
3546  		if (status == CMD_STATUS_COMPLETE) {
3547  			if (priv->operating_mode == IW_MODE_ADHOC) {
3548  				priv->station_was_associated = priv->station_is_associated;
3549  				atmel_enter_state(priv, STATION_STATE_READY);
3550  			} else {
3551  				int auth = WLAN_AUTH_OPEN;
3552  				priv->AuthenticationRequestRetryCnt = 0;
3553  				atmel_enter_state(priv, STATION_STATE_AUTHENTICATING);
3554  
3555  				mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3556  				priv->CurrentAuthentTransactionSeqNum = 0x0001;
3557  				if (priv->wep_is_on && priv->exclude_unencrypted)
3558  					auth = WLAN_AUTH_SHARED_KEY;
3559  				send_authentication_request(priv, auth, NULL, 0);
3560  			}
3561  			return;
3562  		}
3563  
3564  		atmel_scan(priv, 1);
3565  	}
3566  }
3567  
atmel_wakeup_firmware(struct atmel_private * priv)3568  static int atmel_wakeup_firmware(struct atmel_private *priv)
3569  {
3570  	struct host_info_struct *iface = &priv->host_info;
3571  	u16 mr1, mr3;
3572  	int i;
3573  
3574  	if (priv->card_type == CARD_TYPE_SPI_FLASH)
3575  		atmel_set_gcr(priv->dev, GCR_REMAP);
3576  
3577  	/* wake up on-board processor */
3578  	atmel_clear_gcr(priv->dev, 0x0040);
3579  	atmel_write16(priv->dev, BSR, BSS_SRAM);
3580  
3581  	if (priv->card_type == CARD_TYPE_SPI_FLASH)
3582  		mdelay(100);
3583  
3584  	/* and wait for it */
3585  	for (i = LOOP_RETRY_LIMIT; i; i--) {
3586  		mr1 = atmel_read16(priv->dev, MR1);
3587  		mr3 = atmel_read16(priv->dev, MR3);
3588  
3589  		if (mr3 & MAC_BOOT_COMPLETE)
3590  			break;
3591  		if (mr1 & MAC_BOOT_COMPLETE &&
3592  		    priv->bus_type == BUS_TYPE_PCCARD)
3593  			break;
3594  	}
3595  
3596  	if (i == 0) {
3597  		printk(KERN_ALERT "%s: MAC failed to boot.\n", priv->dev->name);
3598  		return -EIO;
3599  	}
3600  
3601  	if ((priv->host_info_base = atmel_read16(priv->dev, MR2)) == 0xffff) {
3602  		printk(KERN_ALERT "%s: card missing.\n", priv->dev->name);
3603  		return -ENODEV;
3604  	}
3605  
3606  	/* now check for completion of MAC initialization through
3607  	   the FunCtrl field of the IFACE, poll MR1 to detect completion of
3608  	   MAC initialization, check completion status, set interrupt mask,
3609  	   enables interrupts and calls Tx and Rx initialization functions */
3610  
3611  	atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), FUNC_CTRL_INIT_COMPLETE);
3612  
3613  	for (i = LOOP_RETRY_LIMIT; i; i--) {
3614  		mr1 = atmel_read16(priv->dev, MR1);
3615  		mr3 = atmel_read16(priv->dev, MR3);
3616  
3617  		if (mr3 & MAC_INIT_COMPLETE)
3618  			break;
3619  		if (mr1 & MAC_INIT_COMPLETE &&
3620  		    priv->bus_type == BUS_TYPE_PCCARD)
3621  			break;
3622  	}
3623  
3624  	if (i == 0) {
3625  		printk(KERN_ALERT "%s: MAC failed to initialise.\n",
3626  				priv->dev->name);
3627  		return -EIO;
3628  	}
3629  
3630  	/* Check for MAC_INIT_OK only on the register that the MAC_INIT_OK was set */
3631  	if ((mr3 & MAC_INIT_COMPLETE) &&
3632  	    !(atmel_read16(priv->dev, MR3) & MAC_INIT_OK)) {
3633  		printk(KERN_ALERT "%s: MAC failed MR3 self-test.\n", priv->dev->name);
3634  		return -EIO;
3635  	}
3636  	if ((mr1 & MAC_INIT_COMPLETE) &&
3637  	    !(atmel_read16(priv->dev, MR1) & MAC_INIT_OK)) {
3638  		printk(KERN_ALERT "%s: MAC failed MR1 self-test.\n", priv->dev->name);
3639  		return -EIO;
3640  	}
3641  
3642  	atmel_copy_to_host(priv->dev, (unsigned char *)iface,
3643  			   priv->host_info_base, sizeof(*iface));
3644  
3645  	iface->tx_buff_pos = le16_to_cpu(iface->tx_buff_pos);
3646  	iface->tx_buff_size = le16_to_cpu(iface->tx_buff_size);
3647  	iface->tx_desc_pos = le16_to_cpu(iface->tx_desc_pos);
3648  	iface->tx_desc_count = le16_to_cpu(iface->tx_desc_count);
3649  	iface->rx_buff_pos = le16_to_cpu(iface->rx_buff_pos);
3650  	iface->rx_buff_size = le16_to_cpu(iface->rx_buff_size);
3651  	iface->rx_desc_pos = le16_to_cpu(iface->rx_desc_pos);
3652  	iface->rx_desc_count = le16_to_cpu(iface->rx_desc_count);
3653  	iface->build_version = le16_to_cpu(iface->build_version);
3654  	iface->command_pos = le16_to_cpu(iface->command_pos);
3655  	iface->major_version = le16_to_cpu(iface->major_version);
3656  	iface->minor_version = le16_to_cpu(iface->minor_version);
3657  	iface->func_ctrl = le16_to_cpu(iface->func_ctrl);
3658  	iface->mac_status = le16_to_cpu(iface->mac_status);
3659  
3660  	return 0;
3661  }
3662  
3663  /* determine type of memory and MAC address */
probe_atmel_card(struct net_device * dev)3664  static int probe_atmel_card(struct net_device *dev)
3665  {
3666  	int rc = 0;
3667  	struct atmel_private *priv = netdev_priv(dev);
3668  	u8 addr[ETH_ALEN] = {};
3669  
3670  	/* reset pccard */
3671  	if (priv->bus_type == BUS_TYPE_PCCARD)
3672  		atmel_write16(dev, GCR, 0x0060);
3673  
3674  	atmel_write16(dev, GCR, 0x0040);
3675  	msleep(500);
3676  
3677  	if (atmel_read16(dev, MR2) == 0) {
3678  		/* No stored firmware so load a small stub which just
3679  		   tells us the MAC address */
3680  		int i;
3681  		priv->card_type = CARD_TYPE_EEPROM;
3682  		atmel_write16(dev, BSR, BSS_IRAM);
3683  		atmel_copy_to_card(dev, 0, mac_reader, sizeof(mac_reader));
3684  		atmel_set_gcr(dev, GCR_REMAP);
3685  		atmel_clear_gcr(priv->dev, 0x0040);
3686  		atmel_write16(dev, BSR, BSS_SRAM);
3687  		for (i = LOOP_RETRY_LIMIT; i; i--)
3688  			if (atmel_read16(dev, MR3) & MAC_BOOT_COMPLETE)
3689  				break;
3690  		if (i == 0) {
3691  			printk(KERN_ALERT "%s: MAC failed to boot MAC address reader.\n", dev->name);
3692  		} else {
3693  
3694  			atmel_copy_to_host(dev, addr, atmel_read16(dev, MR2), 6);
3695  			eth_hw_addr_set(dev, addr);
3696  			/* got address, now squash it again until the network
3697  			   interface is opened */
3698  			if (priv->bus_type == BUS_TYPE_PCCARD)
3699  				atmel_write16(dev, GCR, 0x0060);
3700  			atmel_write16(dev, GCR, 0x0040);
3701  			rc = 1;
3702  		}
3703  	} else if (atmel_read16(dev, MR4) == 0) {
3704  		/* Mac address easy in this case. */
3705  		priv->card_type = CARD_TYPE_PARALLEL_FLASH;
3706  		atmel_write16(dev,  BSR, 1);
3707  		atmel_copy_to_host(dev, addr, 0xc000, 6);
3708  		eth_hw_addr_set(dev, addr);
3709  		atmel_write16(dev,  BSR, 0x200);
3710  		rc = 1;
3711  	} else {
3712  		/* Standard firmware in flash, boot it up and ask
3713  		   for the Mac Address */
3714  		priv->card_type = CARD_TYPE_SPI_FLASH;
3715  		if (atmel_wakeup_firmware(priv) == 0) {
3716  			atmel_get_mib(priv, Mac_Address_Mib_Type, 0, addr, 6);
3717  			eth_hw_addr_set(dev, addr);
3718  
3719  			/* got address, now squash it again until the network
3720  			   interface is opened */
3721  			if (priv->bus_type == BUS_TYPE_PCCARD)
3722  				atmel_write16(dev, GCR, 0x0060);
3723  			atmel_write16(dev, GCR, 0x0040);
3724  			rc = 1;
3725  		}
3726  	}
3727  
3728  	if (rc) {
3729  		if (dev->dev_addr[0] == 0xFF) {
3730  			static const u8 default_mac[] = {
3731  				0x00, 0x04, 0x25, 0x00, 0x00, 0x00
3732  			};
3733  			printk(KERN_ALERT "%s: *** Invalid MAC address. UPGRADE Firmware ****\n", dev->name);
3734  			eth_hw_addr_set(dev, default_mac);
3735  		}
3736  	}
3737  
3738  	return rc;
3739  }
3740  
3741  /* Move the encyption information on the MIB structure.
3742     This routine is for the pre-WPA firmware: later firmware has
3743     a different format MIB and a different routine. */
build_wep_mib(struct atmel_private * priv)3744  static void build_wep_mib(struct atmel_private *priv)
3745  {
3746  	struct { /* NB this is matched to the hardware, don't change. */
3747  		u8 wep_is_on;
3748  		u8 default_key; /* 0..3 */
3749  		u8 reserved;
3750  		u8 exclude_unencrypted;
3751  
3752  		u32 WEPICV_error_count;
3753  		u32 WEP_excluded_count;
3754  
3755  		u8 wep_keys[MAX_ENCRYPTION_KEYS][13];
3756  		u8 encryption_level; /* 0, 1, 2 */
3757  		u8 reserved2[3];
3758  	} mib;
3759  	int i;
3760  
3761  	mib.wep_is_on = priv->wep_is_on;
3762  	if (priv->wep_is_on) {
3763  		if (priv->wep_key_len[priv->default_key] > 5)
3764  			mib.encryption_level = 2;
3765  		else
3766  			mib.encryption_level = 1;
3767  	} else {
3768  		mib.encryption_level = 0;
3769  	}
3770  
3771  	mib.default_key = priv->default_key;
3772  	mib.exclude_unencrypted = priv->exclude_unencrypted;
3773  
3774  	for (i = 0; i < MAX_ENCRYPTION_KEYS; i++)
3775  		memcpy(mib.wep_keys[i], priv->wep_keys[i], 13);
3776  
3777  	atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3778  }
3779  
build_wpa_mib(struct atmel_private * priv)3780  static void build_wpa_mib(struct atmel_private *priv)
3781  {
3782  	/* This is for the later (WPA enabled) firmware. */
3783  
3784  	struct { /* NB this is matched to the hardware, don't change. */
3785  		u8 cipher_default_key_value[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
3786  		u8 receiver_address[ETH_ALEN];
3787  		u8 wep_is_on;
3788  		u8 default_key; /* 0..3 */
3789  		u8 group_key;
3790  		u8 exclude_unencrypted;
3791  		u8 encryption_type;
3792  		u8 reserved;
3793  
3794  		u32 WEPICV_error_count;
3795  		u32 WEP_excluded_count;
3796  
3797  		u8 key_RSC[4][8];
3798  	} mib;
3799  
3800  	int i;
3801  
3802  	mib.wep_is_on = priv->wep_is_on;
3803  	mib.exclude_unencrypted = priv->exclude_unencrypted;
3804  	memcpy(mib.receiver_address, priv->CurrentBSSID, ETH_ALEN);
3805  
3806  	/* zero all the keys before adding in valid ones. */
3807  	memset(mib.cipher_default_key_value, 0, sizeof(mib.cipher_default_key_value));
3808  
3809  	if (priv->wep_is_on) {
3810  		/* There's a comment in the Atmel code to the effect that this
3811  		   is only valid when still using WEP, it may need to be set to
3812  		   something to use WPA */
3813  		memset(mib.key_RSC, 0, sizeof(mib.key_RSC));
3814  
3815  		mib.default_key = mib.group_key = 255;
3816  		for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) {
3817  			if (priv->wep_key_len[i] > 0) {
3818  				memcpy(mib.cipher_default_key_value[i], priv->wep_keys[i], MAX_ENCRYPTION_KEY_SIZE);
3819  				if (i == priv->default_key) {
3820  					mib.default_key = i;
3821  					mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 7;
3822  					mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->pairwise_cipher_suite;
3823  				} else {
3824  					mib.group_key = i;
3825  					priv->group_cipher_suite = priv->pairwise_cipher_suite;
3826  					mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 1;
3827  					mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->group_cipher_suite;
3828  				}
3829  			}
3830  		}
3831  		if (mib.default_key == 255)
3832  			mib.default_key = mib.group_key != 255 ? mib.group_key : 0;
3833  		if (mib.group_key == 255)
3834  			mib.group_key = mib.default_key;
3835  
3836  	}
3837  
3838  	atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3839  }
3840  
reset_atmel_card(struct net_device * dev)3841  static int reset_atmel_card(struct net_device *dev)
3842  {
3843  	/* do everything necessary to wake up the hardware, including
3844  	   waiting for the lightning strike and throwing the knife switch....
3845  
3846  	   set all the Mib values which matter in the card to match
3847  	   their settings in the atmel_private structure. Some of these
3848  	   can be altered on the fly, but many (WEP, infrastructure or ad-hoc)
3849  	   can only be changed by tearing down the world and coming back through
3850  	   here.
3851  
3852  	   This routine is also responsible for initialising some
3853  	   hardware-specific fields in the atmel_private structure,
3854  	   including a copy of the firmware's hostinfo structure
3855  	   which is the route into the rest of the firmware datastructures. */
3856  
3857  	struct atmel_private *priv = netdev_priv(dev);
3858  	u8 configuration;
3859  	int old_state = priv->station_state;
3860  	int err = 0;
3861  
3862  	/* data to add to the firmware names, in priority order
3863  	   this implemenents firmware versioning */
3864  
3865  	static char *firmware_modifier[] = {
3866  		"-wpa",
3867  		"",
3868  		NULL
3869  	};
3870  
3871  	/* reset pccard */
3872  	if (priv->bus_type == BUS_TYPE_PCCARD)
3873  		atmel_write16(priv->dev, GCR, 0x0060);
3874  
3875  	/* stop card , disable interrupts */
3876  	atmel_write16(priv->dev, GCR, 0x0040);
3877  
3878  	if (priv->card_type == CARD_TYPE_EEPROM) {
3879  		/* copy in firmware if needed */
3880  		const struct firmware *fw_entry = NULL;
3881  		const unsigned char *fw;
3882  		int len = priv->firmware_length;
3883  		if (!(fw = priv->firmware)) {
3884  			if (priv->firmware_type == ATMEL_FW_TYPE_NONE) {
3885  				if (strlen(priv->firmware_id) == 0) {
3886  					printk(KERN_INFO
3887  					       "%s: card type is unknown: assuming at76c502 firmware is OK.\n",
3888  					       dev->name);
3889  					printk(KERN_INFO
3890  					       "%s: if not, use the firmware= module parameter.\n",
3891  					       dev->name);
3892  					strcpy(priv->firmware_id, "atmel_at76c502.bin");
3893  				}
3894  				err = request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev);
3895  				if (err != 0) {
3896  					printk(KERN_ALERT
3897  					       "%s: firmware %s is missing, cannot continue.\n",
3898  					       dev->name, priv->firmware_id);
3899  					return err;
3900  				}
3901  			} else {
3902  				int fw_index = 0;
3903  				int success = 0;
3904  
3905  				/* get firmware filename entry based on firmware type ID */
3906  				while (fw_table[fw_index].fw_type != priv->firmware_type
3907  						&& fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE)
3908  					fw_index++;
3909  
3910  				/* construct the actual firmware file name */
3911  				if (fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) {
3912  					int i;
3913  					for (i = 0; firmware_modifier[i]; i++) {
3914  						snprintf(priv->firmware_id, 32, "%s%s.%s", fw_table[fw_index].fw_file,
3915  							firmware_modifier[i], fw_table[fw_index].fw_file_ext);
3916  						priv->firmware_id[31] = '\0';
3917  						if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) == 0) {
3918  							success = 1;
3919  							break;
3920  						}
3921  					}
3922  				}
3923  				if (!success) {
3924  					printk(KERN_ALERT
3925  					       "%s: firmware %s is missing, cannot start.\n",
3926  					       dev->name, priv->firmware_id);
3927  					priv->firmware_id[0] = '\0';
3928  					return -ENOENT;
3929  				}
3930  			}
3931  
3932  			fw = fw_entry->data;
3933  			len = fw_entry->size;
3934  		}
3935  
3936  		if (len <= 0x6000) {
3937  			atmel_write16(priv->dev, BSR, BSS_IRAM);
3938  			atmel_copy_to_card(priv->dev, 0, fw, len);
3939  			atmel_set_gcr(priv->dev, GCR_REMAP);
3940  		} else {
3941  			/* Remap */
3942  			atmel_set_gcr(priv->dev, GCR_REMAP);
3943  			atmel_write16(priv->dev, BSR, BSS_IRAM);
3944  			atmel_copy_to_card(priv->dev, 0, fw, 0x6000);
3945  			atmel_write16(priv->dev, BSR, 0x2ff);
3946  			atmel_copy_to_card(priv->dev, 0x8000, &fw[0x6000], len - 0x6000);
3947  		}
3948  
3949  		release_firmware(fw_entry);
3950  	}
3951  
3952  	err = atmel_wakeup_firmware(priv);
3953  	if (err != 0)
3954  		return err;
3955  
3956  	/* Check the version and set the correct flag for wpa stuff,
3957  	   old and new firmware is incompatible.
3958  	   The pre-wpa 3com firmware reports major version 5,
3959  	   the wpa 3com firmware is major version 4 and doesn't need
3960  	   the 3com broken-ness filter. */
3961  	priv->use_wpa = (priv->host_info.major_version == 4);
3962  	priv->radio_on_broken = (priv->host_info.major_version == 5);
3963  
3964  	/* unmask all irq sources */
3965  	atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_MASK_OFFSET), 0xff);
3966  
3967  	/* int Tx system and enable Tx */
3968  	atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, 0), 0);
3969  	atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, 0), 0x80000000L);
3970  	atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, 0), 0);
3971  	atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, 0), 0);
3972  
3973  	priv->tx_desc_free = priv->host_info.tx_desc_count;
3974  	priv->tx_desc_head = 0;
3975  	priv->tx_desc_tail = 0;
3976  	priv->tx_desc_previous = 0;
3977  	priv->tx_free_mem = priv->host_info.tx_buff_size;
3978  	priv->tx_buff_head = 0;
3979  	priv->tx_buff_tail = 0;
3980  
3981  	configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
3982  	atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
3983  				   configuration | FUNC_CTRL_TxENABLE);
3984  
3985  	/* init Rx system and enable */
3986  	priv->rx_desc_head = 0;
3987  
3988  	configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
3989  	atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
3990  				   configuration | FUNC_CTRL_RxENABLE);
3991  
3992  	if (!priv->radio_on_broken) {
3993  		if (atmel_send_command_wait(priv, CMD_EnableRadio, NULL, 0) ==
3994  		    CMD_STATUS_REJECTED_RADIO_OFF) {
3995  			printk(KERN_INFO "%s: cannot turn the radio on.\n",
3996  			       dev->name);
3997  			return -EIO;
3998  		}
3999  	}
4000  
4001  	/* set up enough MIB values to run. */
4002  	atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_AUTO_TX_RATE_POS, priv->auto_tx_rate);
4003  	atmel_set_mib8(priv, Local_Mib_Type,  LOCAL_MIB_TX_PROMISCUOUS_POS,  PROM_MODE_OFF);
4004  	atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_RTS_THRESHOLD_POS, priv->rts_threshold);
4005  	atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_FRAG_THRESHOLD_POS, priv->frag_threshold);
4006  	atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_SHORT_RETRY_POS, priv->short_retry);
4007  	atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_LONG_RETRY_POS, priv->long_retry);
4008  	atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, priv->preamble);
4009  	atmel_set_mib(priv, Mac_Address_Mib_Type, MAC_ADDR_MIB_MAC_ADDR_POS,
4010  		      priv->dev->dev_addr, 6);
4011  	atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
4012  	atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
4013  	atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_BEACON_PER_POS, priv->default_beacon_period);
4014  	atmel_set_mib(priv, Phy_Mib_Type, PHY_MIB_RATE_SET_POS, atmel_basic_rates, 4);
4015  	atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_PRIVACY_POS, priv->wep_is_on);
4016  	if (priv->use_wpa)
4017  		build_wpa_mib(priv);
4018  	else
4019  		build_wep_mib(priv);
4020  
4021  	if (old_state == STATION_STATE_READY) {
4022  		union iwreq_data wrqu;
4023  
4024  		wrqu.data.length = 0;
4025  		wrqu.data.flags = 0;
4026  		wrqu.ap_addr.sa_family = ARPHRD_ETHER;
4027  		eth_zero_addr(wrqu.ap_addr.sa_data);
4028  		wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
4029  	}
4030  
4031  	return 0;
4032  }
4033  
atmel_send_command(struct atmel_private * priv,int command,void * cmd,int cmd_size)4034  static void atmel_send_command(struct atmel_private *priv, int command,
4035  			       void *cmd, int cmd_size)
4036  {
4037  	if (cmd)
4038  		atmel_copy_to_card(priv->dev, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET),
4039  				   cmd, cmd_size);
4040  
4041  	atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET), command);
4042  	atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET), 0);
4043  }
4044  
atmel_send_command_wait(struct atmel_private * priv,int command,void * cmd,int cmd_size)4045  static int atmel_send_command_wait(struct atmel_private *priv, int command,
4046  				   void *cmd, int cmd_size)
4047  {
4048  	int i, status;
4049  
4050  	atmel_send_command(priv, command, cmd, cmd_size);
4051  
4052  	for (i = 5000; i; i--) {
4053  		status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
4054  		if (status != CMD_STATUS_IDLE &&
4055  		    status != CMD_STATUS_IN_PROGRESS)
4056  			break;
4057  		udelay(20);
4058  	}
4059  
4060  	if (i == 0) {
4061  		printk(KERN_ALERT "%s: failed to contact MAC.\n", priv->dev->name);
4062  		status =  CMD_STATUS_HOST_ERROR;
4063  	} else {
4064  		if (command != CMD_EnableRadio)
4065  			status = CMD_STATUS_COMPLETE;
4066  	}
4067  
4068  	return status;
4069  }
4070  
atmel_get_mib8(struct atmel_private * priv,u8 type,u8 index)4071  static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index)
4072  {
4073  	struct get_set_mib m;
4074  	m.type = type;
4075  	m.size = 1;
4076  	m.index = index;
4077  
4078  	atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4079  	return atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE));
4080  }
4081  
atmel_set_mib8(struct atmel_private * priv,u8 type,u8 index,u8 data)4082  static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, u8 data)
4083  {
4084  	struct get_set_mib m;
4085  	m.type = type;
4086  	m.size = 1;
4087  	m.index = index;
4088  	m.data[0] = data;
4089  
4090  	atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4091  }
4092  
atmel_set_mib16(struct atmel_private * priv,u8 type,u8 index,u16 data)4093  static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
4094  			    u16 data)
4095  {
4096  	struct get_set_mib m;
4097  	m.type = type;
4098  	m.size = 2;
4099  	m.index = index;
4100  	m.data[0] = data;
4101  	m.data[1] = data >> 8;
4102  
4103  	atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 2);
4104  }
4105  
atmel_set_mib(struct atmel_private * priv,u8 type,u8 index,const u8 * data,int data_len)4106  static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
4107  			  const u8 *data, int data_len)
4108  {
4109  	struct get_set_mib m;
4110  	m.type = type;
4111  	m.size = data_len;
4112  	m.index = index;
4113  
4114  	if (data_len > MIB_MAX_DATA_BYTES)
4115  		printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4116  
4117  	memcpy(m.data, data, data_len);
4118  	atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4119  }
4120  
atmel_get_mib(struct atmel_private * priv,u8 type,u8 index,u8 * data,int data_len)4121  static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
4122  			  u8 *data, int data_len)
4123  {
4124  	struct get_set_mib m;
4125  	m.type = type;
4126  	m.size = data_len;
4127  	m.index = index;
4128  
4129  	if (data_len > MIB_MAX_DATA_BYTES)
4130  		printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4131  
4132  	atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4133  	atmel_copy_to_host(priv->dev, data,
4134  			   atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE), data_len);
4135  }
4136  
atmel_writeAR(struct net_device * dev,u16 data)4137  static void atmel_writeAR(struct net_device *dev, u16 data)
4138  {
4139  	int i;
4140  	outw(data, dev->base_addr + AR);
4141  	/* Address register appears to need some convincing..... */
4142  	for (i = 0; data != inw(dev->base_addr + AR) && i < 10; i++)
4143  		outw(data, dev->base_addr + AR);
4144  }
4145  
atmel_copy_to_card(struct net_device * dev,u16 dest,const unsigned char * src,u16 len)4146  static void atmel_copy_to_card(struct net_device *dev, u16 dest,
4147  			       const unsigned char *src, u16 len)
4148  {
4149  	int i;
4150  	atmel_writeAR(dev, dest);
4151  	if (dest % 2) {
4152  		atmel_write8(dev, DR, *src);
4153  		src++; len--;
4154  	}
4155  	for (i = len; i > 1 ; i -= 2) {
4156  		u8 lb = *src++;
4157  		u8 hb = *src++;
4158  		atmel_write16(dev, DR, lb | (hb << 8));
4159  	}
4160  	if (i)
4161  		atmel_write8(dev, DR, *src);
4162  }
4163  
atmel_copy_to_host(struct net_device * dev,unsigned char * dest,u16 src,u16 len)4164  static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
4165  			       u16 src, u16 len)
4166  {
4167  	int i;
4168  	atmel_writeAR(dev, src);
4169  	if (src % 2) {
4170  		*dest = atmel_read8(dev, DR);
4171  		dest++; len--;
4172  	}
4173  	for (i = len; i > 1 ; i -= 2) {
4174  		u16 hw = atmel_read16(dev, DR);
4175  		*dest++ = hw;
4176  		*dest++ = hw >> 8;
4177  	}
4178  	if (i)
4179  		*dest = atmel_read8(dev, DR);
4180  }
4181  
atmel_set_gcr(struct net_device * dev,u16 mask)4182  static void atmel_set_gcr(struct net_device *dev, u16 mask)
4183  {
4184  	outw(inw(dev->base_addr + GCR) | mask, dev->base_addr + GCR);
4185  }
4186  
atmel_clear_gcr(struct net_device * dev,u16 mask)4187  static void atmel_clear_gcr(struct net_device *dev, u16 mask)
4188  {
4189  	outw(inw(dev->base_addr + GCR) & ~mask, dev->base_addr + GCR);
4190  }
4191  
atmel_lock_mac(struct atmel_private * priv)4192  static int atmel_lock_mac(struct atmel_private *priv)
4193  {
4194  	int i, j = 20;
4195   retry:
4196  	for (i = 5000; i; i--) {
4197  		if (!atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET)))
4198  			break;
4199  		udelay(20);
4200  	}
4201  
4202  	if (!i)
4203  		return 0; /* timed out */
4204  
4205  	atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 1);
4206  	if (atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) {
4207  		atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
4208  		if (!j--)
4209  			return 0; /* timed out */
4210  		goto retry;
4211  	}
4212  
4213  	return 1;
4214  }
4215  
atmel_wmem32(struct atmel_private * priv,u16 pos,u32 data)4216  static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data)
4217  {
4218  	atmel_writeAR(priv->dev, pos);
4219  	atmel_write16(priv->dev, DR, data); /* card is little-endian */
4220  	atmel_write16(priv->dev, DR, data >> 16);
4221  }
4222  
4223  /***************************************************************************/
4224  /* There follows the source form of the MAC address reading firmware       */
4225  /***************************************************************************/
4226  #if 0
4227  
4228  /* Copyright 2003 Matthew T. Russotto                                      */
4229  /* But derived from the Atmel 76C502 firmware written by Atmel and         */
4230  /* included in "atmel wireless lan drivers" package                        */
4231  /*
4232      This file is part of net.russotto.AtmelMACFW, hereto referred to
4233      as AtmelMACFW
4234  
4235      AtmelMACFW is free software; you can redistribute it and/or modify
4236      it under the terms of the GNU General Public License version 2
4237      as published by the Free Software Foundation.
4238  
4239      AtmelMACFW is distributed in the hope that it will be useful,
4240      but WITHOUT ANY WARRANTY; without even the implied warranty of
4241      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
4242      GNU General Public License for more details.
4243  
4244      You should have received a copy of the GNU General Public License
4245      along with AtmelMACFW; if not, see <http://www.gnu.org/licenses/>.
4246  
4247  ****************************************************************************/
4248  /* This firmware should work on the 76C502 RFMD, RFMD_D, and RFMD_E        */
4249  /* It will probably work on the 76C504 and 76C502 RFMD_3COM                */
4250  /* It only works on SPI EEPROM versions of the card.                       */
4251  
4252  /* This firmware initializes the SPI controller and clock, reads the MAC   */
4253  /* address from the EEPROM into SRAM, and puts the SRAM offset of the MAC  */
4254  /* address in MR2, and sets MR3 to 0x10 to indicate it is done             */
4255  /* It also puts a complete copy of the EEPROM in SRAM with the offset in   */
4256  /* MR4, for investigational purposes (maybe we can determine chip type     */
4257  /* from that?)                                                             */
4258  
4259  	.org 0
4260      .set MRBASE, 0x8000000
4261  	.set CPSR_INITIAL, 0xD3 /* IRQ/FIQ disabled, ARM mode, Supervisor state */
4262  	.set CPSR_USER, 0xD1 /* IRQ/FIQ disabled, ARM mode, USER state */
4263  	.set SRAM_BASE,  0x02000000
4264  	.set SP_BASE,    0x0F300000
4265  	.set UNK_BASE,   0x0F000000 /* Some internal device, but which one? */
4266  	.set SPI_CGEN_BASE,  0x0E000000 /* Some internal device, but which one? */
4267  	.set UNK3_BASE,  0x02014000 /* Some internal device, but which one? */
4268  	.set STACK_BASE, 0x5600
4269  	.set SP_SR, 0x10
4270  	.set SP_TDRE, 2 /* status register bit -- TDR empty */
4271  	.set SP_RDRF, 1 /* status register bit -- RDR full */
4272  	.set SP_SWRST, 0x80
4273  	.set SP_SPIEN, 0x1
4274  	.set SP_CR, 0   /* control register */
4275  	.set SP_MR, 4   /* mode register */
4276  	.set SP_RDR, 0x08 /* Read Data Register */
4277  	.set SP_TDR, 0x0C /* Transmit Data Register */
4278  	.set SP_CSR0, 0x30 /* chip select registers */
4279  	.set SP_CSR1, 0x34
4280  	.set SP_CSR2, 0x38
4281  	.set SP_CSR3, 0x3C
4282  	.set NVRAM_CMD_RDSR, 5 /* read status register */
4283  	.set NVRAM_CMD_READ, 3 /* read data */
4284  	.set NVRAM_SR_RDY, 1 /* RDY bit.  This bit is inverted */
4285  	.set SPI_8CLOCKS, 0xFF /* Writing this to the TDR doesn't do anything to the
4286  				  serial output, since SO is normally high.  But it
4287  				  does cause 8 clock cycles and thus 8 bits to be
4288  				  clocked in to the chip.  See Atmel's SPI
4289  				  controller (e.g. AT91M55800) timing and 4K
4290  				  SPI EEPROM manuals */
4291  
4292  	.set NVRAM_SCRATCH, 0x02000100  /* arbitrary area for scratchpad memory */
4293  	.set NVRAM_IMAGE, 0x02000200
4294  	.set NVRAM_LENGTH, 0x0200
4295  	.set MAC_ADDRESS_MIB, SRAM_BASE
4296  	.set MAC_ADDRESS_LENGTH, 6
4297  	.set MAC_BOOT_FLAG, 0x10
4298  	.set MR1, 0
4299  	.set MR2, 4
4300  	.set MR3, 8
4301  	.set MR4, 0xC
4302  RESET_VECTOR:
4303  	b RESET_HANDLER
4304  UNDEF_VECTOR:
4305  	b HALT1
4306  SWI_VECTOR:
4307  	b HALT1
4308  IABORT_VECTOR:
4309  	b HALT1
4310  DABORT_VECTOR:
4311  RESERVED_VECTOR:
4312  	b HALT1
4313  IRQ_VECTOR:
4314  	b HALT1
4315  FIQ_VECTOR:
4316  	b HALT1
4317  HALT1:	b HALT1
4318  RESET_HANDLER:
4319  	mov     r0, #CPSR_INITIAL
4320  	msr	CPSR_c, r0	/* This is probably unnecessary */
4321  
4322  /* I'm guessing this is initializing clock generator electronics for SPI */
4323  	ldr	r0, =SPI_CGEN_BASE
4324  	mov	r1, #0
4325  	mov	r1, r1, lsl #3
4326  	orr	r1, r1, #0
4327  	str	r1, [r0]
4328  	ldr	r1, [r0, #28]
4329  	bic	r1, r1, #16
4330  	str	r1, [r0, #28]
4331  	mov	r1, #1
4332  	str	r1, [r0, #8]
4333  
4334  	ldr	r0, =MRBASE
4335  	mov	r1, #0
4336  	strh	r1, [r0, #MR1]
4337  	strh	r1, [r0, #MR2]
4338  	strh	r1, [r0, #MR3]
4339  	strh	r1, [r0, #MR4]
4340  
4341  	mov	sp, #STACK_BASE
4342  	bl	SP_INIT
4343  	mov	r0, #10
4344  	bl	DELAY9
4345  	bl	GET_MAC_ADDR
4346  	bl	GET_WHOLE_NVRAM
4347  	ldr	r0, =MRBASE
4348  	ldr	r1, =MAC_ADDRESS_MIB
4349  	strh	r1, [r0, #MR2]
4350  	ldr	r1, =NVRAM_IMAGE
4351  	strh	r1, [r0, #MR4]
4352  	mov	r1, #MAC_BOOT_FLAG
4353  	strh	r1, [r0, #MR3]
4354  HALT2:	b HALT2
4355  .func Get_Whole_NVRAM, GET_WHOLE_NVRAM
4356  GET_WHOLE_NVRAM:
4357  	stmdb	sp!, {lr}
4358  	mov	r2, #0 /* 0th bytes of NVRAM */
4359  	mov	r3, #NVRAM_LENGTH
4360  	mov	r1, #0		/* not used in routine */
4361  	ldr	r0, =NVRAM_IMAGE
4362  	bl	NVRAM_XFER
4363  	ldmia	sp!, {lr}
4364  	bx	lr
4365  .endfunc
4366  
4367  .func Get_MAC_Addr, GET_MAC_ADDR
4368  GET_MAC_ADDR:
4369  	stmdb	sp!, {lr}
4370  	mov	r2, #0x120	/* address of MAC Address within NVRAM */
4371  	mov	r3, #MAC_ADDRESS_LENGTH
4372  	mov	r1, #0		/* not used in routine */
4373  	ldr	r0, =MAC_ADDRESS_MIB
4374  	bl	NVRAM_XFER
4375  	ldmia	sp!, {lr}
4376  	bx	lr
4377  .endfunc
4378  .ltorg
4379  .func Delay9, DELAY9
4380  DELAY9:
4381  	adds	r0, r0, r0, LSL #3   /* r0 = r0 * 9 */
4382  DELAYLOOP:
4383  	beq	DELAY9_done
4384  	subs	r0, r0, #1
4385  	b	DELAYLOOP
4386  DELAY9_done:
4387  	bx	lr
4388  .endfunc
4389  
4390  .func SP_Init, SP_INIT
4391  SP_INIT:
4392  	mov	r1, #SP_SWRST
4393  	ldr	r0, =SP_BASE
4394  	str	r1, [r0, #SP_CR] /* reset the SPI */
4395  	mov	r1, #0
4396  	str	r1, [r0, #SP_CR] /* release SPI from reset state */
4397  	mov	r1, #SP_SPIEN
4398  	str	r1, [r0, #SP_MR] /* set the SPI to MASTER mode*/
4399  	str	r1, [r0, #SP_CR] /* enable the SPI */
4400  
4401  /*  My guess would be this turns on the SPI clock */
4402  	ldr	r3, =SPI_CGEN_BASE
4403  	ldr	r1, [r3, #28]
4404  	orr	r1, r1, #0x2000
4405  	str	r1, [r3, #28]
4406  
4407  	ldr	r1, =0x2000c01
4408  	str	r1, [r0, #SP_CSR0]
4409  	ldr	r1, =0x2000201
4410  	str	r1, [r0, #SP_CSR1]
4411  	str	r1, [r0, #SP_CSR2]
4412  	str	r1, [r0, #SP_CSR3]
4413  	ldr	r1, [r0, #SP_SR]
4414  	ldr	r0, [r0, #SP_RDR]
4415  	bx	lr
4416  .endfunc
4417  .func NVRAM_Init, NVRAM_INIT
4418  NVRAM_INIT:
4419  	ldr	r1, =SP_BASE
4420  	ldr	r0, [r1, #SP_RDR]
4421  	mov	r0, #NVRAM_CMD_RDSR
4422  	str	r0, [r1, #SP_TDR]
4423  SP_loop1:
4424  	ldr	r0, [r1, #SP_SR]
4425  	tst	r0, #SP_TDRE
4426  	beq	SP_loop1
4427  
4428  	mov	r0, #SPI_8CLOCKS
4429  	str	r0, [r1, #SP_TDR]
4430  SP_loop2:
4431  	ldr	r0, [r1, #SP_SR]
4432  	tst	r0, #SP_TDRE
4433  	beq	SP_loop2
4434  
4435  	ldr	r0, [r1, #SP_RDR]
4436  SP_loop3:
4437  	ldr	r0, [r1, #SP_SR]
4438  	tst	r0, #SP_RDRF
4439  	beq	SP_loop3
4440  
4441  	ldr	r0, [r1, #SP_RDR]
4442  	and	r0, r0, #255
4443  	bx	lr
4444  .endfunc
4445  
4446  .func NVRAM_Xfer, NVRAM_XFER
4447  	/* r0 = dest address */
4448  	/* r1 = not used */
4449  	/* r2 = src address within NVRAM */
4450  	/* r3 = length */
4451  NVRAM_XFER:
4452  	stmdb	sp!, {r4, r5, lr}
4453  	mov	r5, r0		/* save r0 (dest address) */
4454  	mov	r4, r3		/* save r3 (length) */
4455  	mov	r0, r2, LSR #5 /*  SPI memories put A8 in the command field */
4456  	and	r0, r0, #8
4457  	add	r0, r0, #NVRAM_CMD_READ
4458  	ldr	r1, =NVRAM_SCRATCH
4459  	strb	r0, [r1, #0]	/* save command in NVRAM_SCRATCH[0] */
4460  	strb	r2, [r1, #1]    /* save low byte of source address in NVRAM_SCRATCH[1] */
4461  _local1:
4462  	bl	NVRAM_INIT
4463  	tst	r0, #NVRAM_SR_RDY
4464  	bne	_local1
4465  	mov	r0, #20
4466  	bl	DELAY9
4467  	mov	r2, r4		/* length */
4468  	mov	r1, r5		/* dest address */
4469  	mov	r0, #2		/* bytes to transfer in command */
4470  	bl	NVRAM_XFER2
4471  	ldmia	sp!, {r4, r5, lr}
4472  	bx	lr
4473  .endfunc
4474  
4475  .func NVRAM_Xfer2, NVRAM_XFER2
4476  NVRAM_XFER2:
4477  	stmdb	sp!, {r4, r5, r6, lr}
4478  	ldr	r4, =SP_BASE
4479  	mov	r3, #0
4480  	cmp	r0, #0
4481  	bls	_local2
4482  	ldr	r5, =NVRAM_SCRATCH
4483  _local4:
4484  	ldrb	r6, [r5, r3]
4485  	str	r6, [r4, #SP_TDR]
4486  _local3:
4487  	ldr	r6, [r4, #SP_SR]
4488  	tst	r6, #SP_TDRE
4489  	beq	_local3
4490  	add	r3, r3, #1
4491  	cmp	r3, r0 /* r0 is # of bytes to send out (command+addr) */
4492  	blo	_local4
4493  _local2:
4494  	mov	r3, #SPI_8CLOCKS
4495  	str	r3, [r4, #SP_TDR]
4496  	ldr	r0, [r4, #SP_RDR]
4497  _local5:
4498  	ldr	r0, [r4, #SP_SR]
4499  	tst	r0, #SP_RDRF
4500  	beq	_local5
4501  	ldr	r0, [r4, #SP_RDR] /* what's this byte?  It's the byte read while writing the TDR -- nonsense, because the NVRAM doesn't read and write at the same time */
4502  	mov	r0, #0
4503  	cmp	r2, #0  /* r2 is # of bytes to copy in */
4504  	bls	_local6
4505  _local7:
4506  	ldr	r5, [r4, #SP_SR]
4507  	tst	r5, #SP_TDRE
4508  	beq	_local7
4509  	str	r3, [r4, #SP_TDR]  /* r3 has SPI_8CLOCKS */
4510  _local8:
4511  	ldr	r5, [r4, #SP_SR]
4512  	tst	r5, #SP_RDRF
4513  	beq	_local8
4514  	ldr	r5, [r4, #SP_RDR] /* but didn't we read this byte above? */
4515  	strb	r5, [r1], #1 /* postindexed */
4516  	add	r0, r0, #1
4517  	cmp	r0, r2
4518  	blo	_local7 /* since we don't send another address, the NVRAM must be capable of sequential reads */
4519  _local6:
4520  	mov	r0, #200
4521  	bl	DELAY9
4522  	ldmia	sp!, {r4, r5, r6, lr}
4523  	bx	lr
4524  #endif
4525