1 /*** -*- linux-c -*- ********************************************************** 2 3 Driver for Atmel at76c502 at76c504 and at76c506 wireless cards. 4 5 Copyright 2000-2001 ATMEL Corporation. 6 Copyright 2003-2004 Simon Kelley. 7 8 This code was developed from version 2.1.1 of the Atmel drivers, 9 released by Atmel corp. under the GPL in December 2002. It also 10 includes code from the Linux aironet drivers (C) Benjamin Reed, 11 and the Linux PCMCIA package, (C) David Hinds and the Linux wireless 12 extensions, (C) Jean Tourrilhes. 13 14 The firmware module for reading the MAC address of the card comes from 15 net.russotto.AtmelMACFW, written by Matthew T. Russotto and copyright 16 by him. net.russotto.AtmelMACFW is used under the GPL license version 2. 17 This file contains the module in binary form and, under the terms 18 of the GPL, in source form. The source is located at the end of the file. 19 20 This program is free software; you can redistribute it and/or modify 21 it under the terms of the GNU General Public License as published by 22 the Free Software Foundation; either version 2 of the License, or 23 (at your option) any later version. 24 25 This software is distributed in the hope that it will be useful, 26 but WITHOUT ANY WARRANTY; without even the implied warranty of 27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 28 GNU General Public License for more details. 29 30 You should have received a copy of the GNU General Public License 31 along with Atmel wireless lan drivers; if not, see 32 <http://www.gnu.org/licenses/>. 33 34 For all queries about this code, please contact the current author, 35 Simon Kelley <simon@thekelleys.org.uk> and not Atmel Corporation. 36 37 Credit is due to HP UK and Cambridge Online Systems Ltd for supplying 38 hardware used during development of this driver. 39 40 ******************************************************************************/ 41 42 #include <linux/interrupt.h> 43 44 #include <linux/kernel.h> 45 #include <linux/ptrace.h> 46 #include <linux/slab.h> 47 #include <linux/string.h> 48 #include <linux/timer.h> 49 #include <asm/byteorder.h> 50 #include <asm/io.h> 51 #include <linux/uaccess.h> 52 #include <linux/module.h> 53 #include <linux/netdevice.h> 54 #include <linux/etherdevice.h> 55 #include <linux/skbuff.h> 56 #include <linux/if_arp.h> 57 #include <linux/ioport.h> 58 #include <linux/fcntl.h> 59 #include <linux/delay.h> 60 #include <linux/wireless.h> 61 #include <net/iw_handler.h> 62 #include <linux/crc32.h> 63 #include <linux/proc_fs.h> 64 #include <linux/seq_file.h> 65 #include <linux/device.h> 66 #include <linux/moduleparam.h> 67 #include <linux/firmware.h> 68 #include <linux/jiffies.h> 69 #include <net/cfg80211.h> 70 #include "atmel.h" 71 72 #define DRIVER_MAJOR 0 73 #define DRIVER_MINOR 98 74 75 MODULE_AUTHOR("Simon Kelley"); 76 MODULE_DESCRIPTION("Support for Atmel at76c50x 802.11 wireless ethernet cards."); 77 MODULE_LICENSE("GPL"); 78 79 /* The name of the firmware file to be loaded 80 over-rides any automatic selection */ 81 static char *firmware = NULL; 82 module_param(firmware, charp, 0); 83 84 /* table of firmware file names */ 85 static struct { 86 AtmelFWType fw_type; 87 const char *fw_file; 88 const char *fw_file_ext; 89 } fw_table[] = { 90 { ATMEL_FW_TYPE_502, "atmel_at76c502", "bin" }, 91 { ATMEL_FW_TYPE_502D, "atmel_at76c502d", "bin" }, 92 { ATMEL_FW_TYPE_502E, "atmel_at76c502e", "bin" }, 93 { ATMEL_FW_TYPE_502_3COM, "atmel_at76c502_3com", "bin" }, 94 { ATMEL_FW_TYPE_504, "atmel_at76c504", "bin" }, 95 { ATMEL_FW_TYPE_504_2958, "atmel_at76c504_2958", "bin" }, 96 { ATMEL_FW_TYPE_504A_2958, "atmel_at76c504a_2958", "bin" }, 97 { ATMEL_FW_TYPE_506, "atmel_at76c506", "bin" }, 98 { ATMEL_FW_TYPE_NONE, NULL, NULL } 99 }; 100 MODULE_FIRMWARE("atmel_at76c502-wpa.bin"); 101 MODULE_FIRMWARE("atmel_at76c502.bin"); 102 MODULE_FIRMWARE("atmel_at76c502d-wpa.bin"); 103 MODULE_FIRMWARE("atmel_at76c502d.bin"); 104 MODULE_FIRMWARE("atmel_at76c502e-wpa.bin"); 105 MODULE_FIRMWARE("atmel_at76c502e.bin"); 106 MODULE_FIRMWARE("atmel_at76c502_3com-wpa.bin"); 107 MODULE_FIRMWARE("atmel_at76c502_3com.bin"); 108 MODULE_FIRMWARE("atmel_at76c504-wpa.bin"); 109 MODULE_FIRMWARE("atmel_at76c504.bin"); 110 MODULE_FIRMWARE("atmel_at76c504_2958-wpa.bin"); 111 MODULE_FIRMWARE("atmel_at76c504_2958.bin"); 112 MODULE_FIRMWARE("atmel_at76c504a_2958-wpa.bin"); 113 MODULE_FIRMWARE("atmel_at76c504a_2958.bin"); 114 MODULE_FIRMWARE("atmel_at76c506-wpa.bin"); 115 MODULE_FIRMWARE("atmel_at76c506.bin"); 116 117 #define MAX_SSID_LENGTH 32 118 #define MGMT_JIFFIES (256 * HZ / 100) 119 120 #define MAX_BSS_ENTRIES 64 121 122 /* registers */ 123 #define GCR 0x00 /* (SIR0) General Configuration Register */ 124 #define BSR 0x02 /* (SIR1) Bank Switching Select Register */ 125 #define AR 0x04 126 #define DR 0x08 127 #define MR1 0x12 /* Mirror Register 1 */ 128 #define MR2 0x14 /* Mirror Register 2 */ 129 #define MR3 0x16 /* Mirror Register 3 */ 130 #define MR4 0x18 /* Mirror Register 4 */ 131 132 #define GPR1 0x0c 133 #define GPR2 0x0e 134 #define GPR3 0x10 135 /* 136 * Constants for the GCR register. 137 */ 138 #define GCR_REMAP 0x0400 /* Remap internal SRAM to 0 */ 139 #define GCR_SWRES 0x0080 /* BIU reset (ARM and PAI are NOT reset) */ 140 #define GCR_CORES 0x0060 /* Core Reset (ARM and PAI are reset) */ 141 #define GCR_ENINT 0x0002 /* Enable Interrupts */ 142 #define GCR_ACKINT 0x0008 /* Acknowledge Interrupts */ 143 144 #define BSS_SRAM 0x0200 /* AMBA module selection --> SRAM */ 145 #define BSS_IRAM 0x0100 /* AMBA module selection --> IRAM */ 146 /* 147 *Constants for the MR registers. 148 */ 149 #define MAC_INIT_COMPLETE 0x0001 /* MAC init has been completed */ 150 #define MAC_BOOT_COMPLETE 0x0010 /* MAC boot has been completed */ 151 #define MAC_INIT_OK 0x0002 /* MAC boot has been completed */ 152 153 #define MIB_MAX_DATA_BYTES 212 154 #define MIB_HEADER_SIZE 4 /* first four fields */ 155 156 struct get_set_mib { 157 u8 type; 158 u8 size; 159 u8 index; 160 u8 reserved; 161 u8 data[MIB_MAX_DATA_BYTES]; 162 }; 163 164 struct rx_desc { 165 u32 Next; 166 u16 MsduPos; 167 u16 MsduSize; 168 169 u8 State; 170 u8 Status; 171 u8 Rate; 172 u8 Rssi; 173 u8 LinkQuality; 174 u8 PreambleType; 175 u16 Duration; 176 u32 RxTime; 177 }; 178 179 #define RX_DESC_FLAG_VALID 0x80 180 #define RX_DESC_FLAG_CONSUMED 0x40 181 #define RX_DESC_FLAG_IDLE 0x00 182 183 #define RX_STATUS_SUCCESS 0x00 184 185 #define RX_DESC_MSDU_POS_OFFSET 4 186 #define RX_DESC_MSDU_SIZE_OFFSET 6 187 #define RX_DESC_FLAGS_OFFSET 8 188 #define RX_DESC_STATUS_OFFSET 9 189 #define RX_DESC_RSSI_OFFSET 11 190 #define RX_DESC_LINK_QUALITY_OFFSET 12 191 #define RX_DESC_PREAMBLE_TYPE_OFFSET 13 192 #define RX_DESC_DURATION_OFFSET 14 193 #define RX_DESC_RX_TIME_OFFSET 16 194 195 struct tx_desc { 196 u32 NextDescriptor; 197 u16 TxStartOfFrame; 198 u16 TxLength; 199 200 u8 TxState; 201 u8 TxStatus; 202 u8 RetryCount; 203 204 u8 TxRate; 205 206 u8 KeyIndex; 207 u8 ChiperType; 208 u8 ChipreLength; 209 u8 Reserved1; 210 211 u8 Reserved; 212 u8 PacketType; 213 u16 HostTxLength; 214 }; 215 216 #define TX_DESC_NEXT_OFFSET 0 217 #define TX_DESC_POS_OFFSET 4 218 #define TX_DESC_SIZE_OFFSET 6 219 #define TX_DESC_FLAGS_OFFSET 8 220 #define TX_DESC_STATUS_OFFSET 9 221 #define TX_DESC_RETRY_OFFSET 10 222 #define TX_DESC_RATE_OFFSET 11 223 #define TX_DESC_KEY_INDEX_OFFSET 12 224 #define TX_DESC_CIPHER_TYPE_OFFSET 13 225 #define TX_DESC_CIPHER_LENGTH_OFFSET 14 226 #define TX_DESC_PACKET_TYPE_OFFSET 17 227 #define TX_DESC_HOST_LENGTH_OFFSET 18 228 229 /* 230 * Host-MAC interface 231 */ 232 233 #define TX_STATUS_SUCCESS 0x00 234 235 #define TX_FIRM_OWN 0x80 236 #define TX_DONE 0x40 237 238 #define TX_ERROR 0x01 239 240 #define TX_PACKET_TYPE_DATA 0x01 241 #define TX_PACKET_TYPE_MGMT 0x02 242 243 #define ISR_EMPTY 0x00 /* no bits set in ISR */ 244 #define ISR_TxCOMPLETE 0x01 /* packet transmitted */ 245 #define ISR_RxCOMPLETE 0x02 /* packet received */ 246 #define ISR_RxFRAMELOST 0x04 /* Rx Frame lost */ 247 #define ISR_FATAL_ERROR 0x08 /* Fatal error */ 248 #define ISR_COMMAND_COMPLETE 0x10 /* command completed */ 249 #define ISR_OUT_OF_RANGE 0x20 /* command completed */ 250 #define ISR_IBSS_MERGE 0x40 /* (4.1.2.30): IBSS merge */ 251 #define ISR_GENERIC_IRQ 0x80 252 253 #define Local_Mib_Type 0x01 254 #define Mac_Address_Mib_Type 0x02 255 #define Mac_Mib_Type 0x03 256 #define Statistics_Mib_Type 0x04 257 #define Mac_Mgmt_Mib_Type 0x05 258 #define Mac_Wep_Mib_Type 0x06 259 #define Phy_Mib_Type 0x07 260 #define Multi_Domain_MIB 0x08 261 262 #define MAC_MGMT_MIB_CUR_BSSID_POS 14 263 #define MAC_MIB_FRAG_THRESHOLD_POS 8 264 #define MAC_MIB_RTS_THRESHOLD_POS 10 265 #define MAC_MIB_SHORT_RETRY_POS 16 266 #define MAC_MIB_LONG_RETRY_POS 17 267 #define MAC_MIB_SHORT_RETRY_LIMIT_POS 16 268 #define MAC_MGMT_MIB_BEACON_PER_POS 0 269 #define MAC_MGMT_MIB_STATION_ID_POS 6 270 #define MAC_MGMT_MIB_CUR_PRIVACY_POS 11 271 #define MAC_MGMT_MIB_CUR_BSSID_POS 14 272 #define MAC_MGMT_MIB_PS_MODE_POS 53 273 #define MAC_MGMT_MIB_LISTEN_INTERVAL_POS 54 274 #define MAC_MGMT_MIB_MULTI_DOMAIN_IMPLEMENTED 56 275 #define MAC_MGMT_MIB_MULTI_DOMAIN_ENABLED 57 276 #define PHY_MIB_CHANNEL_POS 14 277 #define PHY_MIB_RATE_SET_POS 20 278 #define PHY_MIB_REG_DOMAIN_POS 26 279 #define LOCAL_MIB_AUTO_TX_RATE_POS 3 280 #define LOCAL_MIB_SSID_SIZE 5 281 #define LOCAL_MIB_TX_PROMISCUOUS_POS 6 282 #define LOCAL_MIB_TX_MGMT_RATE_POS 7 283 #define LOCAL_MIB_TX_CONTROL_RATE_POS 8 284 #define LOCAL_MIB_PREAMBLE_TYPE 9 285 #define MAC_ADDR_MIB_MAC_ADDR_POS 0 286 287 #define CMD_Set_MIB_Vars 0x01 288 #define CMD_Get_MIB_Vars 0x02 289 #define CMD_Scan 0x03 290 #define CMD_Join 0x04 291 #define CMD_Start 0x05 292 #define CMD_EnableRadio 0x06 293 #define CMD_DisableRadio 0x07 294 #define CMD_SiteSurvey 0x0B 295 296 #define CMD_STATUS_IDLE 0x00 297 #define CMD_STATUS_COMPLETE 0x01 298 #define CMD_STATUS_UNKNOWN 0x02 299 #define CMD_STATUS_INVALID_PARAMETER 0x03 300 #define CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04 301 #define CMD_STATUS_TIME_OUT 0x07 302 #define CMD_STATUS_IN_PROGRESS 0x08 303 #define CMD_STATUS_REJECTED_RADIO_OFF 0x09 304 #define CMD_STATUS_HOST_ERROR 0xFF 305 #define CMD_STATUS_BUSY 0xFE 306 307 #define CMD_BLOCK_COMMAND_OFFSET 0 308 #define CMD_BLOCK_STATUS_OFFSET 1 309 #define CMD_BLOCK_PARAMETERS_OFFSET 4 310 311 #define SCAN_OPTIONS_SITE_SURVEY 0x80 312 313 #define MGMT_FRAME_BODY_OFFSET 24 314 #define MAX_AUTHENTICATION_RETRIES 3 315 #define MAX_ASSOCIATION_RETRIES 3 316 317 #define AUTHENTICATION_RESPONSE_TIME_OUT 1000 318 319 #define MAX_WIRELESS_BODY 2316 /* mtu is 2312, CRC is 4 */ 320 #define LOOP_RETRY_LIMIT 500000 321 322 #define ACTIVE_MODE 1 323 #define PS_MODE 2 324 325 #define MAX_ENCRYPTION_KEYS 4 326 #define MAX_ENCRYPTION_KEY_SIZE 40 327 328 /* 329 * 802.11 related definitions 330 */ 331 332 /* 333 * Regulatory Domains 334 */ 335 336 #define REG_DOMAIN_FCC 0x10 /* Channels 1-11 USA */ 337 #define REG_DOMAIN_DOC 0x20 /* Channel 1-11 Canada */ 338 #define REG_DOMAIN_ETSI 0x30 /* Channel 1-13 Europe (ex Spain/France) */ 339 #define REG_DOMAIN_SPAIN 0x31 /* Channel 10-11 Spain */ 340 #define REG_DOMAIN_FRANCE 0x32 /* Channel 10-13 France */ 341 #define REG_DOMAIN_MKK 0x40 /* Channel 14 Japan */ 342 #define REG_DOMAIN_MKK1 0x41 /* Channel 1-14 Japan(MKK1) */ 343 #define REG_DOMAIN_ISRAEL 0x50 /* Channel 3-9 ISRAEL */ 344 345 #define BSS_TYPE_AD_HOC 1 346 #define BSS_TYPE_INFRASTRUCTURE 2 347 348 #define SCAN_TYPE_ACTIVE 0 349 #define SCAN_TYPE_PASSIVE 1 350 351 #define LONG_PREAMBLE 0 352 #define SHORT_PREAMBLE 1 353 #define AUTO_PREAMBLE 2 354 355 #define DATA_FRAME_WS_HEADER_SIZE 30 356 357 /* promiscuous mode control */ 358 #define PROM_MODE_OFF 0x0 359 #define PROM_MODE_UNKNOWN 0x1 360 #define PROM_MODE_CRC_FAILED 0x2 361 #define PROM_MODE_DUPLICATED 0x4 362 #define PROM_MODE_MGMT 0x8 363 #define PROM_MODE_CTRL 0x10 364 #define PROM_MODE_BAD_PROTOCOL 0x20 365 366 #define IFACE_INT_STATUS_OFFSET 0 367 #define IFACE_INT_MASK_OFFSET 1 368 #define IFACE_LOCKOUT_HOST_OFFSET 2 369 #define IFACE_LOCKOUT_MAC_OFFSET 3 370 #define IFACE_FUNC_CTRL_OFFSET 28 371 #define IFACE_MAC_STAT_OFFSET 30 372 #define IFACE_GENERIC_INT_TYPE_OFFSET 32 373 374 #define CIPHER_SUITE_NONE 0 375 #define CIPHER_SUITE_WEP_64 1 376 #define CIPHER_SUITE_TKIP 2 377 #define CIPHER_SUITE_AES 3 378 #define CIPHER_SUITE_CCX 4 379 #define CIPHER_SUITE_WEP_128 5 380 381 /* 382 * IFACE MACROS & definitions 383 */ 384 385 /* 386 * FuncCtrl field: 387 */ 388 #define FUNC_CTRL_TxENABLE 0x10 389 #define FUNC_CTRL_RxENABLE 0x20 390 #define FUNC_CTRL_INIT_COMPLETE 0x01 391 392 /* A stub firmware image which reads the MAC address from NVRAM on the card. 393 For copyright information and source see the end of this file. */ 394 static u8 mac_reader[] = { 395 0x06, 0x00, 0x00, 0xea, 0x04, 0x00, 0x00, 0xea, 0x03, 0x00, 0x00, 0xea, 0x02, 0x00, 0x00, 0xea, 396 0x01, 0x00, 0x00, 0xea, 0x00, 0x00, 0x00, 0xea, 0xff, 0xff, 0xff, 0xea, 0xfe, 0xff, 0xff, 0xea, 397 0xd3, 0x00, 0xa0, 0xe3, 0x00, 0xf0, 0x21, 0xe1, 0x0e, 0x04, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 398 0x81, 0x11, 0xa0, 0xe1, 0x00, 0x10, 0x81, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x1c, 0x10, 0x90, 0xe5, 399 0x10, 0x10, 0xc1, 0xe3, 0x1c, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 0x08, 0x10, 0x80, 0xe5, 400 0x02, 0x03, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 0xb0, 0x10, 0xc0, 0xe1, 0xb4, 0x10, 0xc0, 0xe1, 401 0xb8, 0x10, 0xc0, 0xe1, 0xbc, 0x10, 0xc0, 0xe1, 0x56, 0xdc, 0xa0, 0xe3, 0x21, 0x00, 0x00, 0xeb, 402 0x0a, 0x00, 0xa0, 0xe3, 0x1a, 0x00, 0x00, 0xeb, 0x10, 0x00, 0x00, 0xeb, 0x07, 0x00, 0x00, 0xeb, 403 0x02, 0x03, 0xa0, 0xe3, 0x02, 0x14, 0xa0, 0xe3, 0xb4, 0x10, 0xc0, 0xe1, 0x4c, 0x10, 0x9f, 0xe5, 404 0xbc, 0x10, 0xc0, 0xe1, 0x10, 0x10, 0xa0, 0xe3, 0xb8, 0x10, 0xc0, 0xe1, 0xfe, 0xff, 0xff, 0xea, 405 0x00, 0x40, 0x2d, 0xe9, 0x00, 0x20, 0xa0, 0xe3, 0x02, 0x3c, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 406 0x28, 0x00, 0x9f, 0xe5, 0x37, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 407 0x00, 0x40, 0x2d, 0xe9, 0x12, 0x2e, 0xa0, 0xe3, 0x06, 0x30, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 408 0x02, 0x04, 0xa0, 0xe3, 0x2f, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 409 0x00, 0x02, 0x00, 0x02, 0x80, 0x01, 0x90, 0xe0, 0x01, 0x00, 0x00, 0x0a, 0x01, 0x00, 0x50, 0xe2, 410 0xfc, 0xff, 0xff, 0xea, 0x1e, 0xff, 0x2f, 0xe1, 0x80, 0x10, 0xa0, 0xe3, 0xf3, 0x06, 0xa0, 0xe3, 411 0x00, 0x10, 0x80, 0xe5, 0x00, 0x10, 0xa0, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 412 0x04, 0x10, 0x80, 0xe5, 0x00, 0x10, 0x80, 0xe5, 0x0e, 0x34, 0xa0, 0xe3, 0x1c, 0x10, 0x93, 0xe5, 413 0x02, 0x1a, 0x81, 0xe3, 0x1c, 0x10, 0x83, 0xe5, 0x58, 0x11, 0x9f, 0xe5, 0x30, 0x10, 0x80, 0xe5, 414 0x54, 0x11, 0x9f, 0xe5, 0x34, 0x10, 0x80, 0xe5, 0x38, 0x10, 0x80, 0xe5, 0x3c, 0x10, 0x80, 0xe5, 415 0x10, 0x10, 0x90, 0xe5, 0x08, 0x00, 0x90, 0xe5, 0x1e, 0xff, 0x2f, 0xe1, 0xf3, 0x16, 0xa0, 0xe3, 416 0x08, 0x00, 0x91, 0xe5, 0x05, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 0x10, 0x00, 0x91, 0xe5, 417 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0xff, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 418 0x10, 0x00, 0x91, 0xe5, 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5, 419 0x10, 0x00, 0x91, 0xe5, 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5, 420 0xff, 0x00, 0x00, 0xe2, 0x1e, 0xff, 0x2f, 0xe1, 0x30, 0x40, 0x2d, 0xe9, 0x00, 0x50, 0xa0, 0xe1, 421 0x03, 0x40, 0xa0, 0xe1, 0xa2, 0x02, 0xa0, 0xe1, 0x08, 0x00, 0x00, 0xe2, 0x03, 0x00, 0x80, 0xe2, 422 0xd8, 0x10, 0x9f, 0xe5, 0x00, 0x00, 0xc1, 0xe5, 0x01, 0x20, 0xc1, 0xe5, 0xe2, 0xff, 0xff, 0xeb, 423 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x1a, 0x14, 0x00, 0xa0, 0xe3, 0xc4, 0xff, 0xff, 0xeb, 424 0x04, 0x20, 0xa0, 0xe1, 0x05, 0x10, 0xa0, 0xe1, 0x02, 0x00, 0xa0, 0xe3, 0x01, 0x00, 0x00, 0xeb, 425 0x30, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x70, 0x40, 0x2d, 0xe9, 0xf3, 0x46, 0xa0, 0xe3, 426 0x00, 0x30, 0xa0, 0xe3, 0x00, 0x00, 0x50, 0xe3, 0x08, 0x00, 0x00, 0x9a, 0x8c, 0x50, 0x9f, 0xe5, 427 0x03, 0x60, 0xd5, 0xe7, 0x0c, 0x60, 0x84, 0xe5, 0x10, 0x60, 0x94, 0xe5, 0x02, 0x00, 0x16, 0xe3, 428 0xfc, 0xff, 0xff, 0x0a, 0x01, 0x30, 0x83, 0xe2, 0x00, 0x00, 0x53, 0xe1, 0xf7, 0xff, 0xff, 0x3a, 429 0xff, 0x30, 0xa0, 0xe3, 0x0c, 0x30, 0x84, 0xe5, 0x08, 0x00, 0x94, 0xe5, 0x10, 0x00, 0x94, 0xe5, 430 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x94, 0xe5, 0x00, 0x00, 0xa0, 0xe3, 431 0x00, 0x00, 0x52, 0xe3, 0x0b, 0x00, 0x00, 0x9a, 0x10, 0x50, 0x94, 0xe5, 0x02, 0x00, 0x15, 0xe3, 432 0xfc, 0xff, 0xff, 0x0a, 0x0c, 0x30, 0x84, 0xe5, 0x10, 0x50, 0x94, 0xe5, 0x01, 0x00, 0x15, 0xe3, 433 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x50, 0x94, 0xe5, 0x01, 0x50, 0xc1, 0xe4, 0x01, 0x00, 0x80, 0xe2, 434 0x02, 0x00, 0x50, 0xe1, 0xf3, 0xff, 0xff, 0x3a, 0xc8, 0x00, 0xa0, 0xe3, 0x98, 0xff, 0xff, 0xeb, 435 0x70, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x01, 0x0c, 0x00, 0x02, 0x01, 0x02, 0x00, 0x02, 436 0x00, 0x01, 0x00, 0x02 437 }; 438 439 struct atmel_private { 440 void *card; /* Bus dependent structure varies for PCcard */ 441 int (*present_callback)(void *); /* And callback which uses it */ 442 char firmware_id[32]; 443 AtmelFWType firmware_type; 444 u8 *firmware; 445 int firmware_length; 446 struct timer_list management_timer; 447 struct net_device *dev; 448 struct device *sys_dev; 449 struct iw_statistics wstats; 450 spinlock_t irqlock, timerlock; /* spinlocks */ 451 enum { BUS_TYPE_PCCARD, BUS_TYPE_PCI } bus_type; 452 enum { 453 CARD_TYPE_PARALLEL_FLASH, 454 CARD_TYPE_SPI_FLASH, 455 CARD_TYPE_EEPROM 456 } card_type; 457 int do_rx_crc; /* If we need to CRC incoming packets */ 458 int probe_crc; /* set if we don't yet know */ 459 int crc_ok_cnt, crc_ko_cnt; /* counters for probing */ 460 u16 rx_desc_head; 461 u16 tx_desc_free, tx_desc_head, tx_desc_tail, tx_desc_previous; 462 u16 tx_free_mem, tx_buff_head, tx_buff_tail; 463 464 u16 frag_seq, frag_len, frag_no; 465 u8 frag_source[6]; 466 467 u8 wep_is_on, default_key, exclude_unencrypted, encryption_level; 468 u8 group_cipher_suite, pairwise_cipher_suite; 469 u8 wep_keys[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE]; 470 int wep_key_len[MAX_ENCRYPTION_KEYS]; 471 int use_wpa, radio_on_broken; /* firmware dependent stuff. */ 472 473 u16 host_info_base; 474 struct host_info_struct { 475 /* NB this is matched to the hardware, don't change. */ 476 u8 volatile int_status; 477 u8 volatile int_mask; 478 u8 volatile lockout_host; 479 u8 volatile lockout_mac; 480 481 u16 tx_buff_pos; 482 u16 tx_buff_size; 483 u16 tx_desc_pos; 484 u16 tx_desc_count; 485 486 u16 rx_buff_pos; 487 u16 rx_buff_size; 488 u16 rx_desc_pos; 489 u16 rx_desc_count; 490 491 u16 build_version; 492 u16 command_pos; 493 494 u16 major_version; 495 u16 minor_version; 496 497 u16 func_ctrl; 498 u16 mac_status; 499 u16 generic_IRQ_type; 500 u8 reserved[2]; 501 } host_info; 502 503 enum { 504 STATION_STATE_SCANNING, 505 STATION_STATE_JOINNING, 506 STATION_STATE_AUTHENTICATING, 507 STATION_STATE_ASSOCIATING, 508 STATION_STATE_READY, 509 STATION_STATE_REASSOCIATING, 510 STATION_STATE_DOWN, 511 STATION_STATE_MGMT_ERROR 512 } station_state; 513 514 int operating_mode, power_mode; 515 unsigned long last_qual; 516 int beacons_this_sec; 517 int channel; 518 int reg_domain, config_reg_domain; 519 int tx_rate; 520 int auto_tx_rate; 521 int rts_threshold; 522 int frag_threshold; 523 int long_retry, short_retry; 524 int preamble; 525 int default_beacon_period, beacon_period, listen_interval; 526 int CurrentAuthentTransactionSeqNum, ExpectedAuthentTransactionSeqNum; 527 int AuthenticationRequestRetryCnt, AssociationRequestRetryCnt, ReAssociationRequestRetryCnt; 528 enum { 529 SITE_SURVEY_IDLE, 530 SITE_SURVEY_IN_PROGRESS, 531 SITE_SURVEY_COMPLETED 532 } site_survey_state; 533 unsigned long last_survey; 534 535 int station_was_associated, station_is_associated; 536 int fast_scan; 537 538 struct bss_info { 539 int channel; 540 int SSIDsize; 541 int RSSI; 542 int UsingWEP; 543 int preamble; 544 int beacon_period; 545 int BSStype; 546 u8 BSSID[6]; 547 u8 SSID[MAX_SSID_LENGTH]; 548 } BSSinfo[MAX_BSS_ENTRIES]; 549 int BSS_list_entries, current_BSS; 550 int connect_to_any_BSS; 551 int SSID_size, new_SSID_size; 552 u8 CurrentBSSID[6], BSSID[6]; 553 u8 SSID[MAX_SSID_LENGTH], new_SSID[MAX_SSID_LENGTH]; 554 u64 last_beacon_timestamp; 555 u8 rx_buf[MAX_WIRELESS_BODY]; 556 }; 557 558 static u8 atmel_basic_rates[4] = {0x82, 0x84, 0x0b, 0x16}; 559 560 static const struct { 561 int reg_domain; 562 int min, max; 563 char *name; 564 } channel_table[] = { { REG_DOMAIN_FCC, 1, 11, "USA" }, 565 { REG_DOMAIN_DOC, 1, 11, "Canada" }, 566 { REG_DOMAIN_ETSI, 1, 13, "Europe" }, 567 { REG_DOMAIN_SPAIN, 10, 11, "Spain" }, 568 { REG_DOMAIN_FRANCE, 10, 13, "France" }, 569 { REG_DOMAIN_MKK, 14, 14, "MKK" }, 570 { REG_DOMAIN_MKK1, 1, 14, "MKK1" }, 571 { REG_DOMAIN_ISRAEL, 3, 9, "Israel"} }; 572 573 static void build_wpa_mib(struct atmel_private *priv); 574 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd); 575 static void atmel_copy_to_card(struct net_device *dev, u16 dest, 576 const unsigned char *src, u16 len); 577 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest, 578 u16 src, u16 len); 579 static void atmel_set_gcr(struct net_device *dev, u16 mask); 580 static void atmel_clear_gcr(struct net_device *dev, u16 mask); 581 static int atmel_lock_mac(struct atmel_private *priv); 582 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data); 583 static void atmel_command_irq(struct atmel_private *priv); 584 static int atmel_validate_channel(struct atmel_private *priv, int channel); 585 static void atmel_management_frame(struct atmel_private *priv, 586 struct ieee80211_hdr *header, 587 u16 frame_len, u8 rssi); 588 static void atmel_management_timer(struct timer_list *t); 589 static void atmel_send_command(struct atmel_private *priv, int command, 590 void *cmd, int cmd_size); 591 static int atmel_send_command_wait(struct atmel_private *priv, int command, 592 void *cmd, int cmd_size); 593 static void atmel_transmit_management_frame(struct atmel_private *priv, 594 struct ieee80211_hdr *header, 595 u8 *body, int body_len); 596 597 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index); 598 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, 599 u8 data); 600 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index, 601 u16 data); 602 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index, 603 const u8 *data, int data_len); 604 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index, 605 u8 *data, int data_len); 606 static void atmel_scan(struct atmel_private *priv, int specific_ssid); 607 static void atmel_join_bss(struct atmel_private *priv, int bss_index); 608 static void atmel_smooth_qual(struct atmel_private *priv); 609 static void atmel_writeAR(struct net_device *dev, u16 data); 610 static int probe_atmel_card(struct net_device *dev); 611 static int reset_atmel_card(struct net_device *dev); 612 static void atmel_enter_state(struct atmel_private *priv, int new_state); 613 int atmel_open (struct net_device *dev); 614 atmel_hi(struct atmel_private * priv,u16 offset)615 static inline u16 atmel_hi(struct atmel_private *priv, u16 offset) 616 { 617 return priv->host_info_base + offset; 618 } 619 atmel_co(struct atmel_private * priv,u16 offset)620 static inline u16 atmel_co(struct atmel_private *priv, u16 offset) 621 { 622 return priv->host_info.command_pos + offset; 623 } 624 atmel_rx(struct atmel_private * priv,u16 offset,u16 desc)625 static inline u16 atmel_rx(struct atmel_private *priv, u16 offset, u16 desc) 626 { 627 return priv->host_info.rx_desc_pos + (sizeof(struct rx_desc) * desc) + offset; 628 } 629 atmel_tx(struct atmel_private * priv,u16 offset,u16 desc)630 static inline u16 atmel_tx(struct atmel_private *priv, u16 offset, u16 desc) 631 { 632 return priv->host_info.tx_desc_pos + (sizeof(struct tx_desc) * desc) + offset; 633 } 634 atmel_read8(struct net_device * dev,u16 offset)635 static inline u8 atmel_read8(struct net_device *dev, u16 offset) 636 { 637 return inb(dev->base_addr + offset); 638 } 639 atmel_write8(struct net_device * dev,u16 offset,u8 data)640 static inline void atmel_write8(struct net_device *dev, u16 offset, u8 data) 641 { 642 outb(data, dev->base_addr + offset); 643 } 644 atmel_read16(struct net_device * dev,u16 offset)645 static inline u16 atmel_read16(struct net_device *dev, u16 offset) 646 { 647 return inw(dev->base_addr + offset); 648 } 649 atmel_write16(struct net_device * dev,u16 offset,u16 data)650 static inline void atmel_write16(struct net_device *dev, u16 offset, u16 data) 651 { 652 outw(data, dev->base_addr + offset); 653 } 654 atmel_rmem8(struct atmel_private * priv,u16 pos)655 static inline u8 atmel_rmem8(struct atmel_private *priv, u16 pos) 656 { 657 atmel_writeAR(priv->dev, pos); 658 return atmel_read8(priv->dev, DR); 659 } 660 atmel_wmem8(struct atmel_private * priv,u16 pos,u16 data)661 static inline void atmel_wmem8(struct atmel_private *priv, u16 pos, u16 data) 662 { 663 atmel_writeAR(priv->dev, pos); 664 atmel_write8(priv->dev, DR, data); 665 } 666 atmel_rmem16(struct atmel_private * priv,u16 pos)667 static inline u16 atmel_rmem16(struct atmel_private *priv, u16 pos) 668 { 669 atmel_writeAR(priv->dev, pos); 670 return atmel_read16(priv->dev, DR); 671 } 672 atmel_wmem16(struct atmel_private * priv,u16 pos,u16 data)673 static inline void atmel_wmem16(struct atmel_private *priv, u16 pos, u16 data) 674 { 675 atmel_writeAR(priv->dev, pos); 676 atmel_write16(priv->dev, DR, data); 677 } 678 679 static const struct iw_handler_def atmel_handler_def; 680 tx_done_irq(struct atmel_private * priv)681 static void tx_done_irq(struct atmel_private *priv) 682 { 683 int i; 684 685 for (i = 0; 686 atmel_rmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head)) == TX_DONE && 687 i < priv->host_info.tx_desc_count; 688 i++) { 689 u8 status = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_STATUS_OFFSET, priv->tx_desc_head)); 690 u16 msdu_size = atmel_rmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_head)); 691 u8 type = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_head)); 692 693 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head), 0); 694 695 priv->tx_free_mem += msdu_size; 696 priv->tx_desc_free++; 697 698 if (priv->tx_buff_head + msdu_size > (priv->host_info.tx_buff_pos + priv->host_info.tx_buff_size)) 699 priv->tx_buff_head = 0; 700 else 701 priv->tx_buff_head += msdu_size; 702 703 if (priv->tx_desc_head < (priv->host_info.tx_desc_count - 1)) 704 priv->tx_desc_head++ ; 705 else 706 priv->tx_desc_head = 0; 707 708 if (type == TX_PACKET_TYPE_DATA) { 709 if (status == TX_STATUS_SUCCESS) 710 priv->dev->stats.tx_packets++; 711 else 712 priv->dev->stats.tx_errors++; 713 netif_wake_queue(priv->dev); 714 } 715 } 716 } 717 find_tx_buff(struct atmel_private * priv,u16 len)718 static u16 find_tx_buff(struct atmel_private *priv, u16 len) 719 { 720 u16 bottom_free = priv->host_info.tx_buff_size - priv->tx_buff_tail; 721 722 if (priv->tx_desc_free == 3 || priv->tx_free_mem < len) 723 return 0; 724 725 if (bottom_free >= len) 726 return priv->host_info.tx_buff_pos + priv->tx_buff_tail; 727 728 if (priv->tx_free_mem - bottom_free >= len) { 729 priv->tx_buff_tail = 0; 730 return priv->host_info.tx_buff_pos; 731 } 732 733 return 0; 734 } 735 tx_update_descriptor(struct atmel_private * priv,int is_bcast,u16 len,u16 buff,u8 type)736 static void tx_update_descriptor(struct atmel_private *priv, int is_bcast, 737 u16 len, u16 buff, u8 type) 738 { 739 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, priv->tx_desc_tail), buff); 740 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_tail), len); 741 if (!priv->use_wpa) 742 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_HOST_LENGTH_OFFSET, priv->tx_desc_tail), len); 743 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_tail), type); 744 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RATE_OFFSET, priv->tx_desc_tail), priv->tx_rate); 745 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RETRY_OFFSET, priv->tx_desc_tail), 0); 746 if (priv->use_wpa) { 747 int cipher_type, cipher_length; 748 if (is_bcast) { 749 cipher_type = priv->group_cipher_suite; 750 if (cipher_type == CIPHER_SUITE_WEP_64 || 751 cipher_type == CIPHER_SUITE_WEP_128) 752 cipher_length = 8; 753 else if (cipher_type == CIPHER_SUITE_TKIP) 754 cipher_length = 12; 755 else if (priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_64 || 756 priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_128) { 757 cipher_type = priv->pairwise_cipher_suite; 758 cipher_length = 8; 759 } else { 760 cipher_type = CIPHER_SUITE_NONE; 761 cipher_length = 0; 762 } 763 } else { 764 cipher_type = priv->pairwise_cipher_suite; 765 if (cipher_type == CIPHER_SUITE_WEP_64 || 766 cipher_type == CIPHER_SUITE_WEP_128) 767 cipher_length = 8; 768 else if (cipher_type == CIPHER_SUITE_TKIP) 769 cipher_length = 12; 770 else if (priv->group_cipher_suite == CIPHER_SUITE_WEP_64 || 771 priv->group_cipher_suite == CIPHER_SUITE_WEP_128) { 772 cipher_type = priv->group_cipher_suite; 773 cipher_length = 8; 774 } else { 775 cipher_type = CIPHER_SUITE_NONE; 776 cipher_length = 0; 777 } 778 } 779 780 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_TYPE_OFFSET, priv->tx_desc_tail), 781 cipher_type); 782 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_LENGTH_OFFSET, priv->tx_desc_tail), 783 cipher_length); 784 } 785 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_tail), 0x80000000L); 786 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_tail), TX_FIRM_OWN); 787 if (priv->tx_desc_previous != priv->tx_desc_tail) 788 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_previous), 0); 789 priv->tx_desc_previous = priv->tx_desc_tail; 790 if (priv->tx_desc_tail < (priv->host_info.tx_desc_count - 1)) 791 priv->tx_desc_tail++; 792 else 793 priv->tx_desc_tail = 0; 794 priv->tx_desc_free--; 795 priv->tx_free_mem -= len; 796 } 797 start_tx(struct sk_buff * skb,struct net_device * dev)798 static netdev_tx_t start_tx(struct sk_buff *skb, struct net_device *dev) 799 { 800 struct atmel_private *priv = netdev_priv(dev); 801 struct ieee80211_hdr header; 802 unsigned long flags; 803 u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN; 804 805 if (priv->card && priv->present_callback && 806 !(*priv->present_callback)(priv->card)) { 807 dev->stats.tx_errors++; 808 dev_kfree_skb(skb); 809 return NETDEV_TX_OK; 810 } 811 812 if (priv->station_state != STATION_STATE_READY) { 813 dev->stats.tx_errors++; 814 dev_kfree_skb(skb); 815 return NETDEV_TX_OK; 816 } 817 818 /* first ensure the timer func cannot run */ 819 spin_lock_bh(&priv->timerlock); 820 /* then stop the hardware ISR */ 821 spin_lock_irqsave(&priv->irqlock, flags); 822 /* nb doing the above in the opposite order will deadlock */ 823 824 /* The Wireless Header is 30 bytes. In the Ethernet packet we "cut" the 825 12 first bytes (containing DA/SA) and put them in the appropriate 826 fields of the Wireless Header. Thus the packet length is then the 827 initial + 18 (+30-12) */ 828 829 if (!(buff = find_tx_buff(priv, len + 18))) { 830 dev->stats.tx_dropped++; 831 spin_unlock_irqrestore(&priv->irqlock, flags); 832 spin_unlock_bh(&priv->timerlock); 833 netif_stop_queue(dev); 834 return NETDEV_TX_BUSY; 835 } 836 837 frame_ctl = IEEE80211_FTYPE_DATA; 838 header.duration_id = 0; 839 header.seq_ctrl = 0; 840 if (priv->wep_is_on) 841 frame_ctl |= IEEE80211_FCTL_PROTECTED; 842 if (priv->operating_mode == IW_MODE_ADHOC) { 843 skb_copy_from_linear_data(skb, &header.addr1, ETH_ALEN); 844 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN); 845 memcpy(&header.addr3, priv->BSSID, ETH_ALEN); 846 } else { 847 frame_ctl |= IEEE80211_FCTL_TODS; 848 memcpy(&header.addr1, priv->CurrentBSSID, ETH_ALEN); 849 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN); 850 skb_copy_from_linear_data(skb, &header.addr3, ETH_ALEN); 851 } 852 853 if (priv->use_wpa) 854 memcpy(&header.addr4, rfc1042_header, ETH_ALEN); 855 856 header.frame_control = cpu_to_le16(frame_ctl); 857 /* Copy the wireless header into the card */ 858 atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE); 859 /* Copy the packet sans its 802.3 header addresses which have been replaced */ 860 atmel_copy_to_card(dev, buff + DATA_FRAME_WS_HEADER_SIZE, skb->data + 12, len - 12); 861 priv->tx_buff_tail += len - 12 + DATA_FRAME_WS_HEADER_SIZE; 862 863 /* low bit of first byte of destination tells us if broadcast */ 864 tx_update_descriptor(priv, *(skb->data) & 0x01, len + 18, buff, TX_PACKET_TYPE_DATA); 865 dev->stats.tx_bytes += len; 866 867 spin_unlock_irqrestore(&priv->irqlock, flags); 868 spin_unlock_bh(&priv->timerlock); 869 dev_kfree_skb(skb); 870 871 return NETDEV_TX_OK; 872 } 873 atmel_transmit_management_frame(struct atmel_private * priv,struct ieee80211_hdr * header,u8 * body,int body_len)874 static void atmel_transmit_management_frame(struct atmel_private *priv, 875 struct ieee80211_hdr *header, 876 u8 *body, int body_len) 877 { 878 u16 buff; 879 int len = MGMT_FRAME_BODY_OFFSET + body_len; 880 881 if (!(buff = find_tx_buff(priv, len))) 882 return; 883 884 atmel_copy_to_card(priv->dev, buff, (u8 *)header, MGMT_FRAME_BODY_OFFSET); 885 atmel_copy_to_card(priv->dev, buff + MGMT_FRAME_BODY_OFFSET, body, body_len); 886 priv->tx_buff_tail += len; 887 tx_update_descriptor(priv, header->addr1[0] & 0x01, len, buff, TX_PACKET_TYPE_MGMT); 888 } 889 fast_rx_path(struct atmel_private * priv,struct ieee80211_hdr * header,u16 msdu_size,u16 rx_packet_loc,u32 crc)890 static void fast_rx_path(struct atmel_private *priv, 891 struct ieee80211_hdr *header, 892 u16 msdu_size, u16 rx_packet_loc, u32 crc) 893 { 894 /* fast path: unfragmented packet copy directly into skbuf */ 895 u8 mac4[6]; 896 struct sk_buff *skb; 897 unsigned char *skbp; 898 899 /* get the final, mac 4 header field, this tells us encapsulation */ 900 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc + 24, 6); 901 msdu_size -= 6; 902 903 if (priv->do_rx_crc) { 904 crc = crc32_le(crc, mac4, 6); 905 msdu_size -= 4; 906 } 907 908 if (!(skb = dev_alloc_skb(msdu_size + 14))) { 909 priv->dev->stats.rx_dropped++; 910 return; 911 } 912 913 skb_reserve(skb, 2); 914 skbp = skb_put(skb, msdu_size + 12); 915 atmel_copy_to_host(priv->dev, skbp + 12, rx_packet_loc + 30, msdu_size); 916 917 if (priv->do_rx_crc) { 918 u32 netcrc; 919 crc = crc32_le(crc, skbp + 12, msdu_size); 920 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + 30 + msdu_size, 4); 921 if ((crc ^ 0xffffffff) != netcrc) { 922 priv->dev->stats.rx_crc_errors++; 923 dev_kfree_skb(skb); 924 return; 925 } 926 } 927 928 memcpy(skbp, header->addr1, ETH_ALEN); /* destination address */ 929 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 930 memcpy(&skbp[ETH_ALEN], header->addr3, ETH_ALEN); 931 else 932 memcpy(&skbp[ETH_ALEN], header->addr2, ETH_ALEN); /* source address */ 933 934 skb->protocol = eth_type_trans(skb, priv->dev); 935 skb->ip_summed = CHECKSUM_NONE; 936 netif_rx(skb); 937 priv->dev->stats.rx_bytes += 12 + msdu_size; 938 priv->dev->stats.rx_packets++; 939 } 940 941 /* Test to see if the packet in card memory at packet_loc has a valid CRC 942 It doesn't matter that this is slow: it is only used to proble the first few 943 packets. */ probe_crc(struct atmel_private * priv,u16 packet_loc,u16 msdu_size)944 static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size) 945 { 946 int i = msdu_size - 4; 947 u32 netcrc, crc = 0xffffffff; 948 949 if (msdu_size < 4) 950 return 0; 951 952 atmel_copy_to_host(priv->dev, (void *)&netcrc, packet_loc + i, 4); 953 954 atmel_writeAR(priv->dev, packet_loc); 955 while (i--) { 956 u8 octet = atmel_read8(priv->dev, DR); 957 crc = crc32_le(crc, &octet, 1); 958 } 959 960 return (crc ^ 0xffffffff) == netcrc; 961 } 962 frag_rx_path(struct atmel_private * priv,struct ieee80211_hdr * header,u16 msdu_size,u16 rx_packet_loc,u32 crc,u16 seq_no,u8 frag_no,int more_frags)963 static void frag_rx_path(struct atmel_private *priv, 964 struct ieee80211_hdr *header, 965 u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no, 966 u8 frag_no, int more_frags) 967 { 968 u8 mac4[ETH_ALEN]; 969 u8 source[ETH_ALEN]; 970 struct sk_buff *skb; 971 972 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 973 memcpy(source, header->addr3, ETH_ALEN); 974 else 975 memcpy(source, header->addr2, ETH_ALEN); 976 977 rx_packet_loc += 24; /* skip header */ 978 979 if (priv->do_rx_crc) 980 msdu_size -= 4; 981 982 if (frag_no == 0) { /* first fragment */ 983 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc, ETH_ALEN); 984 msdu_size -= ETH_ALEN; 985 rx_packet_loc += ETH_ALEN; 986 987 if (priv->do_rx_crc) 988 crc = crc32_le(crc, mac4, 6); 989 990 priv->frag_seq = seq_no; 991 priv->frag_no = 1; 992 priv->frag_len = msdu_size; 993 memcpy(priv->frag_source, source, ETH_ALEN); 994 memcpy(&priv->rx_buf[ETH_ALEN], source, ETH_ALEN); 995 memcpy(priv->rx_buf, header->addr1, ETH_ALEN); 996 997 atmel_copy_to_host(priv->dev, &priv->rx_buf[12], rx_packet_loc, msdu_size); 998 999 if (priv->do_rx_crc) { 1000 u32 netcrc; 1001 crc = crc32_le(crc, &priv->rx_buf[12], msdu_size); 1002 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4); 1003 if ((crc ^ 0xffffffff) != netcrc) { 1004 priv->dev->stats.rx_crc_errors++; 1005 eth_broadcast_addr(priv->frag_source); 1006 } 1007 } 1008 1009 } else if (priv->frag_no == frag_no && 1010 priv->frag_seq == seq_no && 1011 memcmp(priv->frag_source, source, ETH_ALEN) == 0) { 1012 1013 atmel_copy_to_host(priv->dev, &priv->rx_buf[12 + priv->frag_len], 1014 rx_packet_loc, msdu_size); 1015 if (priv->do_rx_crc) { 1016 u32 netcrc; 1017 crc = crc32_le(crc, 1018 &priv->rx_buf[12 + priv->frag_len], 1019 msdu_size); 1020 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4); 1021 if ((crc ^ 0xffffffff) != netcrc) { 1022 priv->dev->stats.rx_crc_errors++; 1023 eth_broadcast_addr(priv->frag_source); 1024 more_frags = 1; /* don't send broken assembly */ 1025 } 1026 } 1027 1028 priv->frag_len += msdu_size; 1029 priv->frag_no++; 1030 1031 if (!more_frags) { /* last one */ 1032 eth_broadcast_addr(priv->frag_source); 1033 if (!(skb = dev_alloc_skb(priv->frag_len + 14))) { 1034 priv->dev->stats.rx_dropped++; 1035 } else { 1036 skb_reserve(skb, 2); 1037 skb_put_data(skb, priv->rx_buf, 1038 priv->frag_len + 12); 1039 skb->protocol = eth_type_trans(skb, priv->dev); 1040 skb->ip_summed = CHECKSUM_NONE; 1041 netif_rx(skb); 1042 priv->dev->stats.rx_bytes += priv->frag_len + 12; 1043 priv->dev->stats.rx_packets++; 1044 } 1045 } 1046 } else 1047 priv->wstats.discard.fragment++; 1048 } 1049 rx_done_irq(struct atmel_private * priv)1050 static void rx_done_irq(struct atmel_private *priv) 1051 { 1052 int i; 1053 struct ieee80211_hdr header; 1054 1055 for (i = 0; 1056 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID && 1057 i < priv->host_info.rx_desc_count; 1058 i++) { 1059 1060 u16 msdu_size, rx_packet_loc, frame_ctl, seq_control; 1061 u8 status = atmel_rmem8(priv, atmel_rx(priv, RX_DESC_STATUS_OFFSET, priv->rx_desc_head)); 1062 u32 crc = 0xffffffff; 1063 1064 if (status != RX_STATUS_SUCCESS) { 1065 if (status == 0xc1) /* determined by experiment */ 1066 priv->wstats.discard.nwid++; 1067 else 1068 priv->dev->stats.rx_errors++; 1069 goto next; 1070 } 1071 1072 msdu_size = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_SIZE_OFFSET, priv->rx_desc_head)); 1073 rx_packet_loc = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_POS_OFFSET, priv->rx_desc_head)); 1074 1075 if (msdu_size < 30) { 1076 priv->dev->stats.rx_errors++; 1077 goto next; 1078 } 1079 1080 /* Get header as far as end of seq_ctrl */ 1081 atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24); 1082 frame_ctl = le16_to_cpu(header.frame_control); 1083 seq_control = le16_to_cpu(header.seq_ctrl); 1084 1085 /* probe for CRC use here if needed once five packets have 1086 arrived with the same crc status, we assume we know what's 1087 happening and stop probing */ 1088 if (priv->probe_crc) { 1089 if (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED)) { 1090 priv->do_rx_crc = probe_crc(priv, rx_packet_loc, msdu_size); 1091 } else { 1092 priv->do_rx_crc = probe_crc(priv, rx_packet_loc + 24, msdu_size - 24); 1093 } 1094 if (priv->do_rx_crc) { 1095 if (priv->crc_ok_cnt++ > 5) 1096 priv->probe_crc = 0; 1097 } else { 1098 if (priv->crc_ko_cnt++ > 5) 1099 priv->probe_crc = 0; 1100 } 1101 } 1102 1103 /* don't CRC header when WEP in use */ 1104 if (priv->do_rx_crc && (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED))) { 1105 crc = crc32_le(0xffffffff, (unsigned char *)&header, 24); 1106 } 1107 msdu_size -= 24; /* header */ 1108 1109 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) { 1110 int more_fragments = frame_ctl & IEEE80211_FCTL_MOREFRAGS; 1111 u8 packet_fragment_no = seq_control & IEEE80211_SCTL_FRAG; 1112 u16 packet_sequence_no = (seq_control & IEEE80211_SCTL_SEQ) >> 4; 1113 1114 if (!more_fragments && packet_fragment_no == 0) { 1115 fast_rx_path(priv, &header, msdu_size, rx_packet_loc, crc); 1116 } else { 1117 frag_rx_path(priv, &header, msdu_size, rx_packet_loc, crc, 1118 packet_sequence_no, packet_fragment_no, more_fragments); 1119 } 1120 } 1121 1122 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) { 1123 /* copy rest of packet into buffer */ 1124 atmel_copy_to_host(priv->dev, (unsigned char *)&priv->rx_buf, rx_packet_loc + 24, msdu_size); 1125 1126 /* we use the same buffer for frag reassembly and control packets */ 1127 eth_broadcast_addr(priv->frag_source); 1128 1129 if (priv->do_rx_crc) { 1130 /* last 4 octets is crc */ 1131 msdu_size -= 4; 1132 crc = crc32_le(crc, (unsigned char *)&priv->rx_buf, msdu_size); 1133 if ((crc ^ 0xffffffff) != (*((u32 *)&priv->rx_buf[msdu_size]))) { 1134 priv->dev->stats.rx_crc_errors++; 1135 goto next; 1136 } 1137 } 1138 1139 atmel_management_frame(priv, &header, msdu_size, 1140 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_RSSI_OFFSET, priv->rx_desc_head))); 1141 } 1142 1143 next: 1144 /* release descriptor */ 1145 atmel_wmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head), RX_DESC_FLAG_CONSUMED); 1146 1147 if (priv->rx_desc_head < (priv->host_info.rx_desc_count - 1)) 1148 priv->rx_desc_head++; 1149 else 1150 priv->rx_desc_head = 0; 1151 } 1152 } 1153 service_interrupt(int irq,void * dev_id)1154 static irqreturn_t service_interrupt(int irq, void *dev_id) 1155 { 1156 struct net_device *dev = (struct net_device *) dev_id; 1157 struct atmel_private *priv = netdev_priv(dev); 1158 u8 isr; 1159 int i = -1; 1160 static const u8 irq_order[] = { 1161 ISR_OUT_OF_RANGE, 1162 ISR_RxCOMPLETE, 1163 ISR_TxCOMPLETE, 1164 ISR_RxFRAMELOST, 1165 ISR_FATAL_ERROR, 1166 ISR_COMMAND_COMPLETE, 1167 ISR_IBSS_MERGE, 1168 ISR_GENERIC_IRQ 1169 }; 1170 1171 if (priv->card && priv->present_callback && 1172 !(*priv->present_callback)(priv->card)) 1173 return IRQ_HANDLED; 1174 1175 /* In this state upper-level code assumes it can mess with 1176 the card unhampered by interrupts which may change register state. 1177 Note that even though the card shouldn't generate interrupts 1178 the inturrupt line may be shared. This allows card setup 1179 to go on without disabling interrupts for a long time. */ 1180 if (priv->station_state == STATION_STATE_DOWN) 1181 return IRQ_NONE; 1182 1183 atmel_clear_gcr(dev, GCR_ENINT); /* disable interrupts */ 1184 1185 while (1) { 1186 if (!atmel_lock_mac(priv)) { 1187 /* failed to contact card */ 1188 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name); 1189 return IRQ_HANDLED; 1190 } 1191 1192 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET)); 1193 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 1194 1195 if (!isr) { 1196 atmel_set_gcr(dev, GCR_ENINT); /* enable interrupts */ 1197 return i == -1 ? IRQ_NONE : IRQ_HANDLED; 1198 } 1199 1200 atmel_set_gcr(dev, GCR_ACKINT); /* acknowledge interrupt */ 1201 1202 for (i = 0; i < ARRAY_SIZE(irq_order); i++) 1203 if (isr & irq_order[i]) 1204 break; 1205 1206 if (!atmel_lock_mac(priv)) { 1207 /* failed to contact card */ 1208 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name); 1209 return IRQ_HANDLED; 1210 } 1211 1212 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET)); 1213 isr ^= irq_order[i]; 1214 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET), isr); 1215 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 1216 1217 switch (irq_order[i]) { 1218 1219 case ISR_OUT_OF_RANGE: 1220 if (priv->operating_mode == IW_MODE_INFRA && 1221 priv->station_state == STATION_STATE_READY) { 1222 priv->station_is_associated = 0; 1223 atmel_scan(priv, 1); 1224 } 1225 break; 1226 1227 case ISR_RxFRAMELOST: 1228 priv->wstats.discard.misc++; 1229 fallthrough; 1230 case ISR_RxCOMPLETE: 1231 rx_done_irq(priv); 1232 break; 1233 1234 case ISR_TxCOMPLETE: 1235 tx_done_irq(priv); 1236 break; 1237 1238 case ISR_FATAL_ERROR: 1239 printk(KERN_ALERT "%s: *** FATAL error interrupt ***\n", dev->name); 1240 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 1241 break; 1242 1243 case ISR_COMMAND_COMPLETE: 1244 atmel_command_irq(priv); 1245 break; 1246 1247 case ISR_IBSS_MERGE: 1248 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS, 1249 priv->CurrentBSSID, 6); 1250 /* The WPA stuff cares about the current AP address */ 1251 if (priv->use_wpa) 1252 build_wpa_mib(priv); 1253 break; 1254 case ISR_GENERIC_IRQ: 1255 printk(KERN_INFO "%s: Generic_irq received.\n", dev->name); 1256 break; 1257 } 1258 } 1259 } 1260 atmel_get_wireless_stats(struct net_device * dev)1261 static struct iw_statistics *atmel_get_wireless_stats(struct net_device *dev) 1262 { 1263 struct atmel_private *priv = netdev_priv(dev); 1264 1265 /* update the link quality here in case we are seeing no beacons 1266 at all to drive the process */ 1267 atmel_smooth_qual(priv); 1268 1269 priv->wstats.status = priv->station_state; 1270 1271 if (priv->operating_mode == IW_MODE_INFRA) { 1272 if (priv->station_state != STATION_STATE_READY) { 1273 priv->wstats.qual.qual = 0; 1274 priv->wstats.qual.level = 0; 1275 priv->wstats.qual.updated = (IW_QUAL_QUAL_INVALID 1276 | IW_QUAL_LEVEL_INVALID); 1277 } 1278 priv->wstats.qual.noise = 0; 1279 priv->wstats.qual.updated |= IW_QUAL_NOISE_INVALID; 1280 } else { 1281 /* Quality levels cannot be determined in ad-hoc mode, 1282 because we can 'hear' more that one remote station. */ 1283 priv->wstats.qual.qual = 0; 1284 priv->wstats.qual.level = 0; 1285 priv->wstats.qual.noise = 0; 1286 priv->wstats.qual.updated = IW_QUAL_QUAL_INVALID 1287 | IW_QUAL_LEVEL_INVALID 1288 | IW_QUAL_NOISE_INVALID; 1289 priv->wstats.miss.beacon = 0; 1290 } 1291 1292 return &priv->wstats; 1293 } 1294 atmel_set_mac_address(struct net_device * dev,void * p)1295 static int atmel_set_mac_address(struct net_device *dev, void *p) 1296 { 1297 struct sockaddr *addr = p; 1298 1299 eth_hw_addr_set(dev, addr->sa_data); 1300 return atmel_open(dev); 1301 } 1302 1303 EXPORT_SYMBOL(atmel_open); 1304 atmel_open(struct net_device * dev)1305 int atmel_open(struct net_device *dev) 1306 { 1307 struct atmel_private *priv = netdev_priv(dev); 1308 int i, channel, err; 1309 1310 /* any scheduled timer is no longer needed and might screw things up.. */ 1311 del_timer_sync(&priv->management_timer); 1312 1313 /* Interrupts will not touch the card once in this state... */ 1314 priv->station_state = STATION_STATE_DOWN; 1315 1316 if (priv->new_SSID_size) { 1317 memcpy(priv->SSID, priv->new_SSID, priv->new_SSID_size); 1318 priv->SSID_size = priv->new_SSID_size; 1319 priv->new_SSID_size = 0; 1320 } 1321 priv->BSS_list_entries = 0; 1322 1323 priv->AuthenticationRequestRetryCnt = 0; 1324 priv->AssociationRequestRetryCnt = 0; 1325 priv->ReAssociationRequestRetryCnt = 0; 1326 priv->CurrentAuthentTransactionSeqNum = 0x0001; 1327 priv->ExpectedAuthentTransactionSeqNum = 0x0002; 1328 1329 priv->site_survey_state = SITE_SURVEY_IDLE; 1330 priv->station_is_associated = 0; 1331 1332 err = reset_atmel_card(dev); 1333 if (err) 1334 return err; 1335 1336 if (priv->config_reg_domain) { 1337 priv->reg_domain = priv->config_reg_domain; 1338 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS, priv->reg_domain); 1339 } else { 1340 priv->reg_domain = atmel_get_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS); 1341 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1342 if (priv->reg_domain == channel_table[i].reg_domain) 1343 break; 1344 if (i == ARRAY_SIZE(channel_table)) { 1345 priv->reg_domain = REG_DOMAIN_MKK1; 1346 printk(KERN_ALERT "%s: failed to get regulatory domain: assuming MKK1.\n", dev->name); 1347 } 1348 } 1349 1350 if ((channel = atmel_validate_channel(priv, priv->channel))) 1351 priv->channel = channel; 1352 1353 /* this moves station_state on.... */ 1354 atmel_scan(priv, 1); 1355 1356 atmel_set_gcr(priv->dev, GCR_ENINT); /* enable interrupts */ 1357 return 0; 1358 } 1359 atmel_close(struct net_device * dev)1360 static int atmel_close(struct net_device *dev) 1361 { 1362 struct atmel_private *priv = netdev_priv(dev); 1363 1364 /* Send event to userspace that we are disassociating */ 1365 if (priv->station_state == STATION_STATE_READY) { 1366 union iwreq_data wrqu; 1367 1368 wrqu.data.length = 0; 1369 wrqu.data.flags = 0; 1370 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 1371 eth_zero_addr(wrqu.ap_addr.sa_data); 1372 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 1373 } 1374 1375 atmel_enter_state(priv, STATION_STATE_DOWN); 1376 1377 if (priv->bus_type == BUS_TYPE_PCCARD) 1378 atmel_write16(dev, GCR, 0x0060); 1379 atmel_write16(dev, GCR, 0x0040); 1380 return 0; 1381 } 1382 atmel_validate_channel(struct atmel_private * priv,int channel)1383 static int atmel_validate_channel(struct atmel_private *priv, int channel) 1384 { 1385 /* check that channel is OK, if so return zero, 1386 else return suitable default channel */ 1387 int i; 1388 1389 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1390 if (priv->reg_domain == channel_table[i].reg_domain) { 1391 if (channel >= channel_table[i].min && 1392 channel <= channel_table[i].max) 1393 return 0; 1394 else 1395 return channel_table[i].min; 1396 } 1397 return 0; 1398 } 1399 1400 #ifdef CONFIG_PROC_FS atmel_proc_show(struct seq_file * m,void * v)1401 static int atmel_proc_show(struct seq_file *m, void *v) 1402 { 1403 struct atmel_private *priv = m->private; 1404 int i; 1405 char *s, *r, *c; 1406 1407 seq_printf(m, "Driver version:\t\t%d.%d\n", DRIVER_MAJOR, DRIVER_MINOR); 1408 1409 if (priv->station_state != STATION_STATE_DOWN) { 1410 seq_printf(m, 1411 "Firmware version:\t%d.%d build %d\n" 1412 "Firmware location:\t", 1413 priv->host_info.major_version, 1414 priv->host_info.minor_version, 1415 priv->host_info.build_version); 1416 1417 if (priv->card_type != CARD_TYPE_EEPROM) 1418 seq_puts(m, "on card\n"); 1419 else if (priv->firmware) 1420 seq_printf(m, "%s loaded by host\n", priv->firmware_id); 1421 else 1422 seq_printf(m, "%s loaded by hotplug\n", priv->firmware_id); 1423 1424 switch (priv->card_type) { 1425 case CARD_TYPE_PARALLEL_FLASH: 1426 c = "Parallel flash"; 1427 break; 1428 case CARD_TYPE_SPI_FLASH: 1429 c = "SPI flash\n"; 1430 break; 1431 case CARD_TYPE_EEPROM: 1432 c = "EEPROM"; 1433 break; 1434 default: 1435 c = "<unknown>"; 1436 } 1437 1438 r = "<unknown>"; 1439 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1440 if (priv->reg_domain == channel_table[i].reg_domain) 1441 r = channel_table[i].name; 1442 1443 seq_printf(m, "MAC memory type:\t%s\n", c); 1444 seq_printf(m, "Regulatory domain:\t%s\n", r); 1445 seq_printf(m, "Host CRC checking:\t%s\n", 1446 priv->do_rx_crc ? "On" : "Off"); 1447 seq_printf(m, "WPA-capable firmware:\t%s\n", 1448 priv->use_wpa ? "Yes" : "No"); 1449 } 1450 1451 switch (priv->station_state) { 1452 case STATION_STATE_SCANNING: 1453 s = "Scanning"; 1454 break; 1455 case STATION_STATE_JOINNING: 1456 s = "Joining"; 1457 break; 1458 case STATION_STATE_AUTHENTICATING: 1459 s = "Authenticating"; 1460 break; 1461 case STATION_STATE_ASSOCIATING: 1462 s = "Associating"; 1463 break; 1464 case STATION_STATE_READY: 1465 s = "Ready"; 1466 break; 1467 case STATION_STATE_REASSOCIATING: 1468 s = "Reassociating"; 1469 break; 1470 case STATION_STATE_MGMT_ERROR: 1471 s = "Management error"; 1472 break; 1473 case STATION_STATE_DOWN: 1474 s = "Down"; 1475 break; 1476 default: 1477 s = "<unknown>"; 1478 } 1479 1480 seq_printf(m, "Current state:\t\t%s\n", s); 1481 return 0; 1482 } 1483 #endif 1484 1485 static const struct net_device_ops atmel_netdev_ops = { 1486 .ndo_open = atmel_open, 1487 .ndo_stop = atmel_close, 1488 .ndo_set_mac_address = atmel_set_mac_address, 1489 .ndo_start_xmit = start_tx, 1490 .ndo_do_ioctl = atmel_ioctl, 1491 .ndo_validate_addr = eth_validate_addr, 1492 }; 1493 init_atmel_card(unsigned short irq,unsigned long port,const AtmelFWType fw_type,struct device * sys_dev,int (* card_present)(void *),void * card)1494 struct net_device *init_atmel_card(unsigned short irq, unsigned long port, 1495 const AtmelFWType fw_type, 1496 struct device *sys_dev, 1497 int (*card_present)(void *), void *card) 1498 { 1499 struct net_device *dev; 1500 struct atmel_private *priv; 1501 int rc; 1502 1503 /* Create the network device object. */ 1504 dev = alloc_etherdev(sizeof(*priv)); 1505 if (!dev) 1506 return NULL; 1507 1508 if (dev_alloc_name(dev, dev->name) < 0) { 1509 printk(KERN_ERR "atmel: Couldn't get name!\n"); 1510 goto err_out_free; 1511 } 1512 1513 priv = netdev_priv(dev); 1514 priv->dev = dev; 1515 priv->sys_dev = sys_dev; 1516 priv->present_callback = card_present; 1517 priv->card = card; 1518 priv->firmware = NULL; 1519 priv->firmware_type = fw_type; 1520 if (firmware) /* module parameter */ 1521 strscpy(priv->firmware_id, firmware, sizeof(priv->firmware_id)); 1522 priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI; 1523 priv->station_state = STATION_STATE_DOWN; 1524 priv->do_rx_crc = 0; 1525 /* For PCMCIA cards, some chips need CRC, some don't 1526 so we have to probe. */ 1527 if (priv->bus_type == BUS_TYPE_PCCARD) { 1528 priv->probe_crc = 1; 1529 priv->crc_ok_cnt = priv->crc_ko_cnt = 0; 1530 } else 1531 priv->probe_crc = 0; 1532 priv->last_qual = jiffies; 1533 priv->last_beacon_timestamp = 0; 1534 memset(priv->frag_source, 0xff, sizeof(priv->frag_source)); 1535 eth_zero_addr(priv->BSSID); 1536 priv->CurrentBSSID[0] = 0xFF; /* Initialize to something invalid.... */ 1537 priv->station_was_associated = 0; 1538 1539 priv->last_survey = jiffies; 1540 priv->preamble = LONG_PREAMBLE; 1541 priv->operating_mode = IW_MODE_INFRA; 1542 priv->connect_to_any_BSS = 0; 1543 priv->config_reg_domain = 0; 1544 priv->reg_domain = 0; 1545 priv->tx_rate = 3; 1546 priv->auto_tx_rate = 1; 1547 priv->channel = 4; 1548 priv->power_mode = 0; 1549 priv->SSID[0] = '\0'; 1550 priv->SSID_size = 0; 1551 priv->new_SSID_size = 0; 1552 priv->frag_threshold = 2346; 1553 priv->rts_threshold = 2347; 1554 priv->short_retry = 7; 1555 priv->long_retry = 4; 1556 1557 priv->wep_is_on = 0; 1558 priv->default_key = 0; 1559 priv->encryption_level = 0; 1560 priv->exclude_unencrypted = 0; 1561 priv->group_cipher_suite = priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1562 priv->use_wpa = 0; 1563 memset(priv->wep_keys, 0, sizeof(priv->wep_keys)); 1564 memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len)); 1565 1566 priv->default_beacon_period = priv->beacon_period = 100; 1567 priv->listen_interval = 1; 1568 1569 timer_setup(&priv->management_timer, atmel_management_timer, 0); 1570 spin_lock_init(&priv->irqlock); 1571 spin_lock_init(&priv->timerlock); 1572 1573 dev->netdev_ops = &atmel_netdev_ops; 1574 dev->wireless_handlers = &atmel_handler_def; 1575 dev->irq = irq; 1576 dev->base_addr = port; 1577 1578 /* MTU range: 68 - 2312 */ 1579 dev->min_mtu = 68; 1580 dev->max_mtu = MAX_WIRELESS_BODY - ETH_FCS_LEN; 1581 1582 SET_NETDEV_DEV(dev, sys_dev); 1583 1584 if ((rc = request_irq(dev->irq, service_interrupt, IRQF_SHARED, dev->name, dev))) { 1585 printk(KERN_ERR "%s: register interrupt %d failed, rc %d\n", dev->name, irq, rc); 1586 goto err_out_free; 1587 } 1588 1589 if (!request_region(dev->base_addr, 32, 1590 priv->bus_type == BUS_TYPE_PCCARD ? "atmel_cs" : "atmel_pci")) { 1591 goto err_out_irq; 1592 } 1593 1594 if (register_netdev(dev)) 1595 goto err_out_res; 1596 1597 if (!probe_atmel_card(dev)) { 1598 unregister_netdev(dev); 1599 goto err_out_res; 1600 } 1601 1602 netif_carrier_off(dev); 1603 1604 if (!proc_create_single_data("driver/atmel", 0, NULL, atmel_proc_show, 1605 priv)) 1606 printk(KERN_WARNING "atmel: unable to create /proc entry.\n"); 1607 1608 printk(KERN_INFO "%s: Atmel at76c50x. Version %d.%d. MAC %pM\n", 1609 dev->name, DRIVER_MAJOR, DRIVER_MINOR, dev->dev_addr); 1610 1611 return dev; 1612 1613 err_out_res: 1614 release_region(dev->base_addr, 32); 1615 err_out_irq: 1616 free_irq(dev->irq, dev); 1617 err_out_free: 1618 free_netdev(dev); 1619 return NULL; 1620 } 1621 1622 EXPORT_SYMBOL(init_atmel_card); 1623 stop_atmel_card(struct net_device * dev)1624 void stop_atmel_card(struct net_device *dev) 1625 { 1626 struct atmel_private *priv = netdev_priv(dev); 1627 1628 /* put a brick on it... */ 1629 if (priv->bus_type == BUS_TYPE_PCCARD) 1630 atmel_write16(dev, GCR, 0x0060); 1631 atmel_write16(dev, GCR, 0x0040); 1632 1633 del_timer_sync(&priv->management_timer); 1634 unregister_netdev(dev); 1635 remove_proc_entry("driver/atmel", NULL); 1636 free_irq(dev->irq, dev); 1637 kfree(priv->firmware); 1638 release_region(dev->base_addr, 32); 1639 free_netdev(dev); 1640 } 1641 1642 EXPORT_SYMBOL(stop_atmel_card); 1643 atmel_set_essid(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1644 static int atmel_set_essid(struct net_device *dev, 1645 struct iw_request_info *info, 1646 union iwreq_data *wrqu, 1647 char *extra) 1648 { 1649 struct iw_point *dwrq = &wrqu->essid; 1650 struct atmel_private *priv = netdev_priv(dev); 1651 1652 /* Check if we asked for `any' */ 1653 if (dwrq->flags == 0) { 1654 priv->connect_to_any_BSS = 1; 1655 } else { 1656 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1657 1658 priv->connect_to_any_BSS = 0; 1659 1660 /* Check the size of the string */ 1661 if (dwrq->length > MAX_SSID_LENGTH) 1662 return -E2BIG; 1663 if (index != 0) 1664 return -EINVAL; 1665 1666 memcpy(priv->new_SSID, extra, dwrq->length); 1667 priv->new_SSID_size = dwrq->length; 1668 } 1669 1670 return -EINPROGRESS; 1671 } 1672 atmel_get_essid(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1673 static int atmel_get_essid(struct net_device *dev, 1674 struct iw_request_info *info, 1675 union iwreq_data *wrqu, 1676 char *extra) 1677 { 1678 struct iw_point *dwrq = &wrqu->essid; 1679 struct atmel_private *priv = netdev_priv(dev); 1680 1681 /* Get the current SSID */ 1682 if (priv->new_SSID_size != 0) { 1683 memcpy(extra, priv->new_SSID, priv->new_SSID_size); 1684 dwrq->length = priv->new_SSID_size; 1685 } else { 1686 memcpy(extra, priv->SSID, priv->SSID_size); 1687 dwrq->length = priv->SSID_size; 1688 } 1689 1690 dwrq->flags = !priv->connect_to_any_BSS; /* active */ 1691 1692 return 0; 1693 } 1694 atmel_get_wap(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1695 static int atmel_get_wap(struct net_device *dev, 1696 struct iw_request_info *info, 1697 union iwreq_data *wrqu, 1698 char *extra) 1699 { 1700 struct sockaddr *awrq = &wrqu->ap_addr; 1701 struct atmel_private *priv = netdev_priv(dev); 1702 memcpy(awrq->sa_data, priv->CurrentBSSID, ETH_ALEN); 1703 awrq->sa_family = ARPHRD_ETHER; 1704 1705 return 0; 1706 } 1707 atmel_set_encode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1708 static int atmel_set_encode(struct net_device *dev, 1709 struct iw_request_info *info, 1710 union iwreq_data *wrqu, 1711 char *extra) 1712 { 1713 struct iw_point *dwrq = &wrqu->encoding; 1714 struct atmel_private *priv = netdev_priv(dev); 1715 1716 /* Basic checking: do we have a key to set ? 1717 * Note : with the new API, it's impossible to get a NULL pointer. 1718 * Therefore, we need to check a key size == 0 instead. 1719 * New version of iwconfig properly set the IW_ENCODE_NOKEY flag 1720 * when no key is present (only change flags), but older versions 1721 * don't do it. - Jean II */ 1722 if (dwrq->length > 0) { 1723 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1724 int current_index = priv->default_key; 1725 /* Check the size of the key */ 1726 if (dwrq->length > 13) { 1727 return -EINVAL; 1728 } 1729 /* Check the index (none -> use current) */ 1730 if (index < 0 || index >= 4) 1731 index = current_index; 1732 else 1733 priv->default_key = index; 1734 /* Set the length */ 1735 if (dwrq->length > 5) 1736 priv->wep_key_len[index] = 13; 1737 else 1738 if (dwrq->length > 0) 1739 priv->wep_key_len[index] = 5; 1740 else 1741 /* Disable the key */ 1742 priv->wep_key_len[index] = 0; 1743 /* Check if the key is not marked as invalid */ 1744 if (!(dwrq->flags & IW_ENCODE_NOKEY)) { 1745 /* Cleanup */ 1746 memset(priv->wep_keys[index], 0, 13); 1747 /* Copy the key in the driver */ 1748 memcpy(priv->wep_keys[index], extra, dwrq->length); 1749 } 1750 /* WE specify that if a valid key is set, encryption 1751 * should be enabled (user may turn it off later) 1752 * This is also how "iwconfig ethX key on" works */ 1753 if (index == current_index && 1754 priv->wep_key_len[index] > 0) { 1755 priv->wep_is_on = 1; 1756 priv->exclude_unencrypted = 1; 1757 if (priv->wep_key_len[index] > 5) { 1758 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1759 priv->encryption_level = 2; 1760 } else { 1761 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1762 priv->encryption_level = 1; 1763 } 1764 } 1765 } else { 1766 /* Do we want to just set the transmit key index ? */ 1767 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1768 if (index >= 0 && index < 4) { 1769 priv->default_key = index; 1770 } else 1771 /* Don't complain if only change the mode */ 1772 if (!(dwrq->flags & IW_ENCODE_MODE)) 1773 return -EINVAL; 1774 } 1775 /* Read the flags */ 1776 if (dwrq->flags & IW_ENCODE_DISABLED) { 1777 priv->wep_is_on = 0; 1778 priv->encryption_level = 0; 1779 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1780 } else { 1781 priv->wep_is_on = 1; 1782 if (priv->wep_key_len[priv->default_key] > 5) { 1783 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1784 priv->encryption_level = 2; 1785 } else { 1786 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1787 priv->encryption_level = 1; 1788 } 1789 } 1790 if (dwrq->flags & IW_ENCODE_RESTRICTED) 1791 priv->exclude_unencrypted = 1; 1792 if (dwrq->flags & IW_ENCODE_OPEN) 1793 priv->exclude_unencrypted = 0; 1794 1795 return -EINPROGRESS; /* Call commit handler */ 1796 } 1797 atmel_get_encode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1798 static int atmel_get_encode(struct net_device *dev, 1799 struct iw_request_info *info, 1800 union iwreq_data *wrqu, 1801 char *extra) 1802 { 1803 struct iw_point *dwrq = &wrqu->encoding; 1804 struct atmel_private *priv = netdev_priv(dev); 1805 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1806 1807 if (!priv->wep_is_on) 1808 dwrq->flags = IW_ENCODE_DISABLED; 1809 else { 1810 if (priv->exclude_unencrypted) 1811 dwrq->flags = IW_ENCODE_RESTRICTED; 1812 else 1813 dwrq->flags = IW_ENCODE_OPEN; 1814 } 1815 /* Which key do we want ? -1 -> tx index */ 1816 if (index < 0 || index >= 4) 1817 index = priv->default_key; 1818 dwrq->flags |= index + 1; 1819 /* Copy the key to the user buffer */ 1820 dwrq->length = priv->wep_key_len[index]; 1821 if (dwrq->length > 16) { 1822 dwrq->length = 0; 1823 } else { 1824 memset(extra, 0, 16); 1825 memcpy(extra, priv->wep_keys[index], dwrq->length); 1826 } 1827 1828 return 0; 1829 } 1830 atmel_set_encodeext(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1831 static int atmel_set_encodeext(struct net_device *dev, 1832 struct iw_request_info *info, 1833 union iwreq_data *wrqu, 1834 char *extra) 1835 { 1836 struct atmel_private *priv = netdev_priv(dev); 1837 struct iw_point *encoding = &wrqu->encoding; 1838 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra; 1839 int idx, key_len, alg = ext->alg, set_key = 1; 1840 1841 /* Determine and validate the key index */ 1842 idx = encoding->flags & IW_ENCODE_INDEX; 1843 if (idx) { 1844 if (idx < 1 || idx > 4) 1845 return -EINVAL; 1846 idx--; 1847 } else 1848 idx = priv->default_key; 1849 1850 if (encoding->flags & IW_ENCODE_DISABLED) 1851 alg = IW_ENCODE_ALG_NONE; 1852 1853 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) { 1854 priv->default_key = idx; 1855 set_key = ext->key_len > 0 ? 1 : 0; 1856 } 1857 1858 if (set_key) { 1859 /* Set the requested key first */ 1860 switch (alg) { 1861 case IW_ENCODE_ALG_NONE: 1862 priv->wep_is_on = 0; 1863 priv->encryption_level = 0; 1864 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1865 break; 1866 case IW_ENCODE_ALG_WEP: 1867 if (ext->key_len > 5) { 1868 priv->wep_key_len[idx] = 13; 1869 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1870 priv->encryption_level = 2; 1871 } else if (ext->key_len > 0) { 1872 priv->wep_key_len[idx] = 5; 1873 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1874 priv->encryption_level = 1; 1875 } else { 1876 return -EINVAL; 1877 } 1878 priv->wep_is_on = 1; 1879 memset(priv->wep_keys[idx], 0, 13); 1880 key_len = min ((int)ext->key_len, priv->wep_key_len[idx]); 1881 memcpy(priv->wep_keys[idx], ext->key, key_len); 1882 break; 1883 default: 1884 return -EINVAL; 1885 } 1886 } 1887 1888 return -EINPROGRESS; 1889 } 1890 atmel_get_encodeext(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1891 static int atmel_get_encodeext(struct net_device *dev, 1892 struct iw_request_info *info, 1893 union iwreq_data *wrqu, 1894 char *extra) 1895 { 1896 struct atmel_private *priv = netdev_priv(dev); 1897 struct iw_point *encoding = &wrqu->encoding; 1898 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra; 1899 int idx, max_key_len; 1900 1901 max_key_len = encoding->length - sizeof(*ext); 1902 if (max_key_len < 0) 1903 return -EINVAL; 1904 1905 idx = encoding->flags & IW_ENCODE_INDEX; 1906 if (idx) { 1907 if (idx < 1 || idx > 4) 1908 return -EINVAL; 1909 idx--; 1910 } else 1911 idx = priv->default_key; 1912 1913 encoding->flags = idx + 1; 1914 memset(ext, 0, sizeof(*ext)); 1915 1916 if (!priv->wep_is_on) { 1917 ext->alg = IW_ENCODE_ALG_NONE; 1918 ext->key_len = 0; 1919 encoding->flags |= IW_ENCODE_DISABLED; 1920 } else { 1921 if (priv->encryption_level > 0) 1922 ext->alg = IW_ENCODE_ALG_WEP; 1923 else 1924 return -EINVAL; 1925 1926 ext->key_len = priv->wep_key_len[idx]; 1927 memcpy(ext->key, priv->wep_keys[idx], ext->key_len); 1928 encoding->flags |= IW_ENCODE_ENABLED; 1929 } 1930 1931 return 0; 1932 } 1933 atmel_set_auth(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1934 static int atmel_set_auth(struct net_device *dev, 1935 struct iw_request_info *info, 1936 union iwreq_data *wrqu, char *extra) 1937 { 1938 struct atmel_private *priv = netdev_priv(dev); 1939 struct iw_param *param = &wrqu->param; 1940 1941 switch (param->flags & IW_AUTH_INDEX) { 1942 case IW_AUTH_WPA_VERSION: 1943 case IW_AUTH_CIPHER_PAIRWISE: 1944 case IW_AUTH_CIPHER_GROUP: 1945 case IW_AUTH_KEY_MGMT: 1946 case IW_AUTH_RX_UNENCRYPTED_EAPOL: 1947 case IW_AUTH_PRIVACY_INVOKED: 1948 /* 1949 * atmel does not use these parameters 1950 */ 1951 break; 1952 1953 case IW_AUTH_DROP_UNENCRYPTED: 1954 priv->exclude_unencrypted = param->value ? 1 : 0; 1955 break; 1956 1957 case IW_AUTH_80211_AUTH_ALG: { 1958 if (param->value & IW_AUTH_ALG_SHARED_KEY) { 1959 priv->exclude_unencrypted = 1; 1960 } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) { 1961 priv->exclude_unencrypted = 0; 1962 } else 1963 return -EINVAL; 1964 break; 1965 } 1966 1967 case IW_AUTH_WPA_ENABLED: 1968 /* Silently accept disable of WPA */ 1969 if (param->value > 0) 1970 return -EOPNOTSUPP; 1971 break; 1972 1973 default: 1974 return -EOPNOTSUPP; 1975 } 1976 return -EINPROGRESS; 1977 } 1978 atmel_get_auth(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1979 static int atmel_get_auth(struct net_device *dev, 1980 struct iw_request_info *info, 1981 union iwreq_data *wrqu, char *extra) 1982 { 1983 struct atmel_private *priv = netdev_priv(dev); 1984 struct iw_param *param = &wrqu->param; 1985 1986 switch (param->flags & IW_AUTH_INDEX) { 1987 case IW_AUTH_DROP_UNENCRYPTED: 1988 param->value = priv->exclude_unencrypted; 1989 break; 1990 1991 case IW_AUTH_80211_AUTH_ALG: 1992 if (priv->exclude_unencrypted == 1) 1993 param->value = IW_AUTH_ALG_SHARED_KEY; 1994 else 1995 param->value = IW_AUTH_ALG_OPEN_SYSTEM; 1996 break; 1997 1998 case IW_AUTH_WPA_ENABLED: 1999 param->value = 0; 2000 break; 2001 2002 default: 2003 return -EOPNOTSUPP; 2004 } 2005 return 0; 2006 } 2007 2008 atmel_get_name(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2009 static int atmel_get_name(struct net_device *dev, 2010 struct iw_request_info *info, 2011 union iwreq_data *wrqu, 2012 char *extra) 2013 { 2014 strcpy(wrqu->name, "IEEE 802.11-DS"); 2015 return 0; 2016 } 2017 atmel_set_rate(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2018 static int atmel_set_rate(struct net_device *dev, 2019 struct iw_request_info *info, 2020 union iwreq_data *wrqu, 2021 char *extra) 2022 { 2023 struct iw_param *vwrq = &wrqu->bitrate; 2024 struct atmel_private *priv = netdev_priv(dev); 2025 2026 if (vwrq->fixed == 0) { 2027 priv->tx_rate = 3; 2028 priv->auto_tx_rate = 1; 2029 } else { 2030 priv->auto_tx_rate = 0; 2031 2032 /* Which type of value ? */ 2033 if ((vwrq->value < 4) && (vwrq->value >= 0)) { 2034 /* Setting by rate index */ 2035 priv->tx_rate = vwrq->value; 2036 } else { 2037 /* Setting by frequency value */ 2038 switch (vwrq->value) { 2039 case 1000000: 2040 priv->tx_rate = 0; 2041 break; 2042 case 2000000: 2043 priv->tx_rate = 1; 2044 break; 2045 case 5500000: 2046 priv->tx_rate = 2; 2047 break; 2048 case 11000000: 2049 priv->tx_rate = 3; 2050 break; 2051 default: 2052 return -EINVAL; 2053 } 2054 } 2055 } 2056 2057 return -EINPROGRESS; 2058 } 2059 atmel_set_mode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2060 static int atmel_set_mode(struct net_device *dev, 2061 struct iw_request_info *info, 2062 union iwreq_data *wrqu, 2063 char *extra) 2064 { 2065 __u32 *uwrq = &wrqu->mode; 2066 struct atmel_private *priv = netdev_priv(dev); 2067 2068 if (*uwrq != IW_MODE_ADHOC && *uwrq != IW_MODE_INFRA) 2069 return -EINVAL; 2070 2071 priv->operating_mode = *uwrq; 2072 return -EINPROGRESS; 2073 } 2074 atmel_get_mode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2075 static int atmel_get_mode(struct net_device *dev, 2076 struct iw_request_info *info, 2077 union iwreq_data *wrqu, 2078 char *extra) 2079 { 2080 __u32 *uwrq = &wrqu->mode; 2081 struct atmel_private *priv = netdev_priv(dev); 2082 2083 *uwrq = priv->operating_mode; 2084 return 0; 2085 } 2086 atmel_get_rate(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2087 static int atmel_get_rate(struct net_device *dev, 2088 struct iw_request_info *info, 2089 union iwreq_data *wrqu, 2090 char *extra) 2091 { 2092 struct iw_param *vwrq = &wrqu->bitrate; 2093 struct atmel_private *priv = netdev_priv(dev); 2094 2095 if (priv->auto_tx_rate) { 2096 vwrq->fixed = 0; 2097 vwrq->value = 11000000; 2098 } else { 2099 vwrq->fixed = 1; 2100 switch (priv->tx_rate) { 2101 case 0: 2102 vwrq->value = 1000000; 2103 break; 2104 case 1: 2105 vwrq->value = 2000000; 2106 break; 2107 case 2: 2108 vwrq->value = 5500000; 2109 break; 2110 case 3: 2111 vwrq->value = 11000000; 2112 break; 2113 } 2114 } 2115 return 0; 2116 } 2117 atmel_set_power(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2118 static int atmel_set_power(struct net_device *dev, 2119 struct iw_request_info *info, 2120 union iwreq_data *wrqu, 2121 char *extra) 2122 { 2123 struct iw_param *vwrq = &wrqu->power; 2124 struct atmel_private *priv = netdev_priv(dev); 2125 priv->power_mode = vwrq->disabled ? 0 : 1; 2126 return -EINPROGRESS; 2127 } 2128 atmel_get_power(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2129 static int atmel_get_power(struct net_device *dev, 2130 struct iw_request_info *info, 2131 union iwreq_data *wrqu, 2132 char *extra) 2133 { 2134 struct iw_param *vwrq = &wrqu->power; 2135 struct atmel_private *priv = netdev_priv(dev); 2136 vwrq->disabled = priv->power_mode ? 0 : 1; 2137 vwrq->flags = IW_POWER_ON; 2138 return 0; 2139 } 2140 atmel_set_retry(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2141 static int atmel_set_retry(struct net_device *dev, 2142 struct iw_request_info *info, 2143 union iwreq_data *wrqu, 2144 char *extra) 2145 { 2146 struct iw_param *vwrq = &wrqu->retry; 2147 struct atmel_private *priv = netdev_priv(dev); 2148 2149 if (!vwrq->disabled && (vwrq->flags & IW_RETRY_LIMIT)) { 2150 if (vwrq->flags & IW_RETRY_LONG) 2151 priv->long_retry = vwrq->value; 2152 else if (vwrq->flags & IW_RETRY_SHORT) 2153 priv->short_retry = vwrq->value; 2154 else { 2155 /* No modifier : set both */ 2156 priv->long_retry = vwrq->value; 2157 priv->short_retry = vwrq->value; 2158 } 2159 return -EINPROGRESS; 2160 } 2161 2162 return -EINVAL; 2163 } 2164 atmel_get_retry(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2165 static int atmel_get_retry(struct net_device *dev, 2166 struct iw_request_info *info, 2167 union iwreq_data *wrqu, 2168 char *extra) 2169 { 2170 struct iw_param *vwrq = &wrqu->retry; 2171 struct atmel_private *priv = netdev_priv(dev); 2172 2173 vwrq->disabled = 0; /* Can't be disabled */ 2174 2175 /* Note : by default, display the short retry number */ 2176 if (vwrq->flags & IW_RETRY_LONG) { 2177 vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG; 2178 vwrq->value = priv->long_retry; 2179 } else { 2180 vwrq->flags = IW_RETRY_LIMIT; 2181 vwrq->value = priv->short_retry; 2182 if (priv->long_retry != priv->short_retry) 2183 vwrq->flags |= IW_RETRY_SHORT; 2184 } 2185 2186 return 0; 2187 } 2188 atmel_set_rts(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2189 static int atmel_set_rts(struct net_device *dev, 2190 struct iw_request_info *info, 2191 union iwreq_data *wrqu, 2192 char *extra) 2193 { 2194 struct iw_param *vwrq = &wrqu->rts; 2195 struct atmel_private *priv = netdev_priv(dev); 2196 int rthr = vwrq->value; 2197 2198 if (vwrq->disabled) 2199 rthr = 2347; 2200 if ((rthr < 0) || (rthr > 2347)) { 2201 return -EINVAL; 2202 } 2203 priv->rts_threshold = rthr; 2204 2205 return -EINPROGRESS; /* Call commit handler */ 2206 } 2207 atmel_get_rts(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2208 static int atmel_get_rts(struct net_device *dev, 2209 struct iw_request_info *info, 2210 union iwreq_data *wrqu, 2211 char *extra) 2212 { 2213 struct iw_param *vwrq = &wrqu->rts; 2214 struct atmel_private *priv = netdev_priv(dev); 2215 2216 vwrq->value = priv->rts_threshold; 2217 vwrq->disabled = (vwrq->value >= 2347); 2218 vwrq->fixed = 1; 2219 2220 return 0; 2221 } 2222 atmel_set_frag(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2223 static int atmel_set_frag(struct net_device *dev, 2224 struct iw_request_info *info, 2225 union iwreq_data *wrqu, 2226 char *extra) 2227 { 2228 struct iw_param *vwrq = &wrqu->frag; 2229 struct atmel_private *priv = netdev_priv(dev); 2230 int fthr = vwrq->value; 2231 2232 if (vwrq->disabled) 2233 fthr = 2346; 2234 if ((fthr < 256) || (fthr > 2346)) { 2235 return -EINVAL; 2236 } 2237 fthr &= ~0x1; /* Get an even value - is it really needed ??? */ 2238 priv->frag_threshold = fthr; 2239 2240 return -EINPROGRESS; /* Call commit handler */ 2241 } 2242 atmel_get_frag(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2243 static int atmel_get_frag(struct net_device *dev, 2244 struct iw_request_info *info, 2245 union iwreq_data *wrqu, 2246 char *extra) 2247 { 2248 struct iw_param *vwrq = &wrqu->frag; 2249 struct atmel_private *priv = netdev_priv(dev); 2250 2251 vwrq->value = priv->frag_threshold; 2252 vwrq->disabled = (vwrq->value >= 2346); 2253 vwrq->fixed = 1; 2254 2255 return 0; 2256 } 2257 atmel_set_freq(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2258 static int atmel_set_freq(struct net_device *dev, 2259 struct iw_request_info *info, 2260 union iwreq_data *wrqu, 2261 char *extra) 2262 { 2263 struct iw_freq *fwrq = &wrqu->freq; 2264 struct atmel_private *priv = netdev_priv(dev); 2265 int rc = -EINPROGRESS; /* Call commit handler */ 2266 2267 /* If setting by frequency, convert to a channel */ 2268 if (fwrq->e == 1) { 2269 int f = fwrq->m / 100000; 2270 2271 /* Hack to fall through... */ 2272 fwrq->e = 0; 2273 fwrq->m = ieee80211_frequency_to_channel(f); 2274 } 2275 /* Setting by channel number */ 2276 if (fwrq->m < 0 || fwrq->m > 1000 || fwrq->e > 0) 2277 rc = -EOPNOTSUPP; 2278 else { 2279 int channel = fwrq->m; 2280 if (atmel_validate_channel(priv, channel) == 0) { 2281 priv->channel = channel; 2282 } else { 2283 rc = -EINVAL; 2284 } 2285 } 2286 return rc; 2287 } 2288 atmel_get_freq(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2289 static int atmel_get_freq(struct net_device *dev, 2290 struct iw_request_info *info, 2291 union iwreq_data *wrqu, 2292 char *extra) 2293 { 2294 struct iw_freq *fwrq = &wrqu->freq; 2295 struct atmel_private *priv = netdev_priv(dev); 2296 2297 fwrq->m = priv->channel; 2298 fwrq->e = 0; 2299 return 0; 2300 } 2301 atmel_set_scan(struct net_device * dev,struct iw_request_info * info,union iwreq_data * dwrq,char * extra)2302 static int atmel_set_scan(struct net_device *dev, 2303 struct iw_request_info *info, 2304 union iwreq_data *dwrq, 2305 char *extra) 2306 { 2307 struct atmel_private *priv = netdev_priv(dev); 2308 unsigned long flags; 2309 2310 /* Note : you may have realised that, as this is a SET operation, 2311 * this is privileged and therefore a normal user can't 2312 * perform scanning. 2313 * This is not an error, while the device perform scanning, 2314 * traffic doesn't flow, so it's a perfect DoS... 2315 * Jean II */ 2316 2317 if (priv->station_state == STATION_STATE_DOWN) 2318 return -EAGAIN; 2319 2320 /* Timeout old surveys. */ 2321 if (time_after(jiffies, priv->last_survey + 20 * HZ)) 2322 priv->site_survey_state = SITE_SURVEY_IDLE; 2323 priv->last_survey = jiffies; 2324 2325 /* Initiate a scan command */ 2326 if (priv->site_survey_state == SITE_SURVEY_IN_PROGRESS) 2327 return -EBUSY; 2328 2329 del_timer_sync(&priv->management_timer); 2330 spin_lock_irqsave(&priv->irqlock, flags); 2331 2332 priv->site_survey_state = SITE_SURVEY_IN_PROGRESS; 2333 priv->fast_scan = 0; 2334 atmel_scan(priv, 0); 2335 spin_unlock_irqrestore(&priv->irqlock, flags); 2336 2337 return 0; 2338 } 2339 atmel_get_scan(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2340 static int atmel_get_scan(struct net_device *dev, 2341 struct iw_request_info *info, 2342 union iwreq_data *wrqu, 2343 char *extra) 2344 { 2345 struct iw_point *dwrq = &wrqu->data; 2346 struct atmel_private *priv = netdev_priv(dev); 2347 int i; 2348 char *current_ev = extra; 2349 struct iw_event iwe; 2350 2351 if (priv->site_survey_state != SITE_SURVEY_COMPLETED) 2352 return -EAGAIN; 2353 2354 for (i = 0; i < priv->BSS_list_entries; i++) { 2355 iwe.cmd = SIOCGIWAP; 2356 iwe.u.ap_addr.sa_family = ARPHRD_ETHER; 2357 memcpy(iwe.u.ap_addr.sa_data, priv->BSSinfo[i].BSSID, ETH_ALEN); 2358 current_ev = iwe_stream_add_event(info, current_ev, 2359 extra + IW_SCAN_MAX_DATA, 2360 &iwe, IW_EV_ADDR_LEN); 2361 2362 iwe.u.data.length = priv->BSSinfo[i].SSIDsize; 2363 if (iwe.u.data.length > 32) 2364 iwe.u.data.length = 32; 2365 iwe.cmd = SIOCGIWESSID; 2366 iwe.u.data.flags = 1; 2367 current_ev = iwe_stream_add_point(info, current_ev, 2368 extra + IW_SCAN_MAX_DATA, 2369 &iwe, priv->BSSinfo[i].SSID); 2370 2371 iwe.cmd = SIOCGIWMODE; 2372 iwe.u.mode = priv->BSSinfo[i].BSStype; 2373 current_ev = iwe_stream_add_event(info, current_ev, 2374 extra + IW_SCAN_MAX_DATA, 2375 &iwe, IW_EV_UINT_LEN); 2376 2377 iwe.cmd = SIOCGIWFREQ; 2378 iwe.u.freq.m = priv->BSSinfo[i].channel; 2379 iwe.u.freq.e = 0; 2380 current_ev = iwe_stream_add_event(info, current_ev, 2381 extra + IW_SCAN_MAX_DATA, 2382 &iwe, IW_EV_FREQ_LEN); 2383 2384 /* Add quality statistics */ 2385 iwe.cmd = IWEVQUAL; 2386 iwe.u.qual.level = priv->BSSinfo[i].RSSI; 2387 iwe.u.qual.qual = iwe.u.qual.level; 2388 /* iwe.u.qual.noise = SOMETHING */ 2389 current_ev = iwe_stream_add_event(info, current_ev, 2390 extra + IW_SCAN_MAX_DATA, 2391 &iwe, IW_EV_QUAL_LEN); 2392 2393 2394 iwe.cmd = SIOCGIWENCODE; 2395 if (priv->BSSinfo[i].UsingWEP) 2396 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY; 2397 else 2398 iwe.u.data.flags = IW_ENCODE_DISABLED; 2399 iwe.u.data.length = 0; 2400 current_ev = iwe_stream_add_point(info, current_ev, 2401 extra + IW_SCAN_MAX_DATA, 2402 &iwe, NULL); 2403 } 2404 2405 /* Length of data */ 2406 dwrq->length = (current_ev - extra); 2407 dwrq->flags = 0; 2408 2409 return 0; 2410 } 2411 atmel_get_range(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2412 static int atmel_get_range(struct net_device *dev, 2413 struct iw_request_info *info, 2414 union iwreq_data *wrqu, 2415 char *extra) 2416 { 2417 struct iw_point *dwrq = &wrqu->data; 2418 struct atmel_private *priv = netdev_priv(dev); 2419 struct iw_range *range = (struct iw_range *) extra; 2420 int k, i, j; 2421 2422 dwrq->length = sizeof(struct iw_range); 2423 memset(range, 0, sizeof(struct iw_range)); 2424 range->min_nwid = 0x0000; 2425 range->max_nwid = 0x0000; 2426 range->num_channels = 0; 2427 for (j = 0; j < ARRAY_SIZE(channel_table); j++) 2428 if (priv->reg_domain == channel_table[j].reg_domain) { 2429 range->num_channels = channel_table[j].max - channel_table[j].min + 1; 2430 break; 2431 } 2432 if (range->num_channels != 0) { 2433 for (k = 0, i = channel_table[j].min; i <= channel_table[j].max; i++) { 2434 range->freq[k].i = i; /* List index */ 2435 2436 /* Values in MHz -> * 10^5 * 10 */ 2437 range->freq[k].m = 100000 * 2438 ieee80211_channel_to_frequency(i, NL80211_BAND_2GHZ); 2439 range->freq[k++].e = 1; 2440 } 2441 range->num_frequency = k; 2442 } 2443 2444 range->max_qual.qual = 100; 2445 range->max_qual.level = 100; 2446 range->max_qual.noise = 0; 2447 range->max_qual.updated = IW_QUAL_NOISE_INVALID; 2448 2449 range->avg_qual.qual = 50; 2450 range->avg_qual.level = 50; 2451 range->avg_qual.noise = 0; 2452 range->avg_qual.updated = IW_QUAL_NOISE_INVALID; 2453 2454 range->sensitivity = 0; 2455 2456 range->bitrate[0] = 1000000; 2457 range->bitrate[1] = 2000000; 2458 range->bitrate[2] = 5500000; 2459 range->bitrate[3] = 11000000; 2460 range->num_bitrates = 4; 2461 2462 range->min_rts = 0; 2463 range->max_rts = 2347; 2464 range->min_frag = 256; 2465 range->max_frag = 2346; 2466 2467 range->encoding_size[0] = 5; 2468 range->encoding_size[1] = 13; 2469 range->num_encoding_sizes = 2; 2470 range->max_encoding_tokens = 4; 2471 2472 range->pmp_flags = IW_POWER_ON; 2473 range->pmt_flags = IW_POWER_ON; 2474 range->pm_capa = 0; 2475 2476 range->we_version_source = WIRELESS_EXT; 2477 range->we_version_compiled = WIRELESS_EXT; 2478 range->retry_capa = IW_RETRY_LIMIT ; 2479 range->retry_flags = IW_RETRY_LIMIT; 2480 range->r_time_flags = 0; 2481 range->min_retry = 1; 2482 range->max_retry = 65535; 2483 2484 return 0; 2485 } 2486 atmel_set_wap(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2487 static int atmel_set_wap(struct net_device *dev, 2488 struct iw_request_info *info, 2489 union iwreq_data *wrqu, 2490 char *extra) 2491 { 2492 struct sockaddr *awrq = &wrqu->ap_addr; 2493 struct atmel_private *priv = netdev_priv(dev); 2494 int i; 2495 static const u8 any[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 2496 static const u8 off[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 2497 unsigned long flags; 2498 2499 if (awrq->sa_family != ARPHRD_ETHER) 2500 return -EINVAL; 2501 2502 if (!memcmp(any, awrq->sa_data, 6) || 2503 !memcmp(off, awrq->sa_data, 6)) { 2504 del_timer_sync(&priv->management_timer); 2505 spin_lock_irqsave(&priv->irqlock, flags); 2506 atmel_scan(priv, 1); 2507 spin_unlock_irqrestore(&priv->irqlock, flags); 2508 return 0; 2509 } 2510 2511 for (i = 0; i < priv->BSS_list_entries; i++) { 2512 if (memcmp(priv->BSSinfo[i].BSSID, awrq->sa_data, 6) == 0) { 2513 if (!priv->wep_is_on && priv->BSSinfo[i].UsingWEP) { 2514 return -EINVAL; 2515 } else if (priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) { 2516 return -EINVAL; 2517 } else { 2518 del_timer_sync(&priv->management_timer); 2519 spin_lock_irqsave(&priv->irqlock, flags); 2520 atmel_join_bss(priv, i); 2521 spin_unlock_irqrestore(&priv->irqlock, flags); 2522 return 0; 2523 } 2524 } 2525 } 2526 2527 return -EINVAL; 2528 } 2529 atmel_config_commit(struct net_device * dev,struct iw_request_info * info,union iwreq_data * zwrq,char * extra)2530 static int atmel_config_commit(struct net_device *dev, 2531 struct iw_request_info *info, /* NULL */ 2532 union iwreq_data *zwrq, /* NULL */ 2533 char *extra) /* NULL */ 2534 { 2535 return atmel_open(dev); 2536 } 2537 2538 static const iw_handler atmel_handler[] = 2539 { 2540 IW_HANDLER(SIOCSIWCOMMIT, atmel_config_commit), 2541 IW_HANDLER(SIOCGIWNAME, atmel_get_name), 2542 IW_HANDLER(SIOCSIWFREQ, atmel_set_freq), 2543 IW_HANDLER(SIOCGIWFREQ, atmel_get_freq), 2544 IW_HANDLER(SIOCSIWMODE, atmel_set_mode), 2545 IW_HANDLER(SIOCGIWMODE, atmel_get_mode), 2546 IW_HANDLER(SIOCGIWRANGE, atmel_get_range), 2547 IW_HANDLER(SIOCSIWAP, atmel_set_wap), 2548 IW_HANDLER(SIOCGIWAP, atmel_get_wap), 2549 IW_HANDLER(SIOCSIWSCAN, atmel_set_scan), 2550 IW_HANDLER(SIOCGIWSCAN, atmel_get_scan), 2551 IW_HANDLER(SIOCSIWESSID, atmel_set_essid), 2552 IW_HANDLER(SIOCGIWESSID, atmel_get_essid), 2553 IW_HANDLER(SIOCSIWRATE, atmel_set_rate), 2554 IW_HANDLER(SIOCGIWRATE, atmel_get_rate), 2555 IW_HANDLER(SIOCSIWRTS, atmel_set_rts), 2556 IW_HANDLER(SIOCGIWRTS, atmel_get_rts), 2557 IW_HANDLER(SIOCSIWFRAG, atmel_set_frag), 2558 IW_HANDLER(SIOCGIWFRAG, atmel_get_frag), 2559 IW_HANDLER(SIOCSIWRETRY, atmel_set_retry), 2560 IW_HANDLER(SIOCGIWRETRY, atmel_get_retry), 2561 IW_HANDLER(SIOCSIWENCODE, atmel_set_encode), 2562 IW_HANDLER(SIOCGIWENCODE, atmel_get_encode), 2563 IW_HANDLER(SIOCSIWPOWER, atmel_set_power), 2564 IW_HANDLER(SIOCGIWPOWER, atmel_get_power), 2565 IW_HANDLER(SIOCSIWAUTH, atmel_set_auth), 2566 IW_HANDLER(SIOCGIWAUTH, atmel_get_auth), 2567 IW_HANDLER(SIOCSIWENCODEEXT, atmel_set_encodeext), 2568 IW_HANDLER(SIOCGIWENCODEEXT, atmel_get_encodeext), 2569 }; 2570 2571 static const iw_handler atmel_private_handler[] = 2572 { 2573 NULL, /* SIOCIWFIRSTPRIV */ 2574 }; 2575 2576 struct atmel_priv_ioctl { 2577 char id[32]; 2578 unsigned char __user *data; 2579 unsigned short len; 2580 }; 2581 2582 #define ATMELFWL SIOCIWFIRSTPRIV 2583 #define ATMELIDIFC ATMELFWL + 1 2584 #define ATMELRD ATMELFWL + 2 2585 #define ATMELMAGIC 0x51807 2586 #define REGDOMAINSZ 20 2587 2588 static const struct iw_priv_args atmel_private_args[] = { 2589 { 2590 .cmd = ATMELFWL, 2591 .set_args = IW_PRIV_TYPE_BYTE 2592 | IW_PRIV_SIZE_FIXED 2593 | sizeof(struct atmel_priv_ioctl), 2594 .get_args = IW_PRIV_TYPE_NONE, 2595 .name = "atmelfwl" 2596 }, { 2597 .cmd = ATMELIDIFC, 2598 .set_args = IW_PRIV_TYPE_NONE, 2599 .get_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 2600 .name = "atmelidifc" 2601 }, { 2602 .cmd = ATMELRD, 2603 .set_args = IW_PRIV_TYPE_CHAR | REGDOMAINSZ, 2604 .get_args = IW_PRIV_TYPE_NONE, 2605 .name = "regdomain" 2606 }, 2607 }; 2608 2609 static const struct iw_handler_def atmel_handler_def = { 2610 .num_standard = ARRAY_SIZE(atmel_handler), 2611 .num_private = ARRAY_SIZE(atmel_private_handler), 2612 .num_private_args = ARRAY_SIZE(atmel_private_args), 2613 .standard = atmel_handler, 2614 .private = atmel_private_handler, 2615 .private_args = (struct iw_priv_args *) atmel_private_args, 2616 .get_wireless_stats = atmel_get_wireless_stats 2617 }; 2618 atmel_ioctl(struct net_device * dev,struct ifreq * rq,int cmd)2619 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) 2620 { 2621 int i, rc = 0; 2622 struct atmel_private *priv = netdev_priv(dev); 2623 struct atmel_priv_ioctl com; 2624 struct iwreq *wrq = (struct iwreq *) rq; 2625 unsigned char *new_firmware; 2626 char domain[REGDOMAINSZ + 1]; 2627 2628 switch (cmd) { 2629 case ATMELIDIFC: 2630 wrq->u.param.value = ATMELMAGIC; 2631 break; 2632 2633 case ATMELFWL: 2634 if (copy_from_user(&com, rq->ifr_data, sizeof(com))) { 2635 rc = -EFAULT; 2636 break; 2637 } 2638 2639 if (!capable(CAP_NET_ADMIN)) { 2640 rc = -EPERM; 2641 break; 2642 } 2643 2644 new_firmware = memdup_user(com.data, com.len); 2645 if (IS_ERR(new_firmware)) { 2646 rc = PTR_ERR(new_firmware); 2647 break; 2648 } 2649 2650 kfree(priv->firmware); 2651 2652 priv->firmware = new_firmware; 2653 priv->firmware_length = com.len; 2654 strncpy(priv->firmware_id, com.id, 31); 2655 priv->firmware_id[31] = '\0'; 2656 break; 2657 2658 case ATMELRD: 2659 if (copy_from_user(domain, rq->ifr_data, REGDOMAINSZ)) { 2660 rc = -EFAULT; 2661 break; 2662 } 2663 2664 if (!capable(CAP_NET_ADMIN)) { 2665 rc = -EPERM; 2666 break; 2667 } 2668 2669 domain[REGDOMAINSZ] = 0; 2670 rc = -EINVAL; 2671 for (i = 0; i < ARRAY_SIZE(channel_table); i++) { 2672 if (!strcasecmp(channel_table[i].name, domain)) { 2673 priv->config_reg_domain = channel_table[i].reg_domain; 2674 rc = 0; 2675 } 2676 } 2677 2678 if (rc == 0 && priv->station_state != STATION_STATE_DOWN) 2679 rc = atmel_open(dev); 2680 break; 2681 2682 default: 2683 rc = -EOPNOTSUPP; 2684 } 2685 2686 return rc; 2687 } 2688 2689 struct auth_body { 2690 __le16 alg; 2691 __le16 trans_seq; 2692 __le16 status; 2693 u8 el_id; 2694 u8 chall_text_len; 2695 u8 chall_text[253]; 2696 }; 2697 atmel_enter_state(struct atmel_private * priv,int new_state)2698 static void atmel_enter_state(struct atmel_private *priv, int new_state) 2699 { 2700 int old_state = priv->station_state; 2701 2702 if (new_state == old_state) 2703 return; 2704 2705 priv->station_state = new_state; 2706 2707 if (new_state == STATION_STATE_READY) { 2708 netif_start_queue(priv->dev); 2709 netif_carrier_on(priv->dev); 2710 } 2711 2712 if (old_state == STATION_STATE_READY) { 2713 netif_carrier_off(priv->dev); 2714 if (netif_running(priv->dev)) 2715 netif_stop_queue(priv->dev); 2716 priv->last_beacon_timestamp = 0; 2717 } 2718 } 2719 atmel_scan(struct atmel_private * priv,int specific_ssid)2720 static void atmel_scan(struct atmel_private *priv, int specific_ssid) 2721 { 2722 struct { 2723 u8 BSSID[ETH_ALEN]; 2724 u8 SSID[MAX_SSID_LENGTH]; 2725 u8 scan_type; 2726 u8 channel; 2727 __le16 BSS_type; 2728 __le16 min_channel_time; 2729 __le16 max_channel_time; 2730 u8 options; 2731 u8 SSID_size; 2732 } cmd; 2733 2734 eth_broadcast_addr(cmd.BSSID); 2735 2736 if (priv->fast_scan) { 2737 cmd.SSID_size = priv->SSID_size; 2738 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2739 cmd.min_channel_time = cpu_to_le16(10); 2740 cmd.max_channel_time = cpu_to_le16(50); 2741 } else { 2742 priv->BSS_list_entries = 0; 2743 cmd.SSID_size = 0; 2744 cmd.min_channel_time = cpu_to_le16(10); 2745 cmd.max_channel_time = cpu_to_le16(120); 2746 } 2747 2748 cmd.options = 0; 2749 2750 if (!specific_ssid) 2751 cmd.options |= SCAN_OPTIONS_SITE_SURVEY; 2752 2753 cmd.channel = (priv->channel & 0x7f); 2754 cmd.scan_type = SCAN_TYPE_ACTIVE; 2755 cmd.BSS_type = cpu_to_le16(priv->operating_mode == IW_MODE_ADHOC ? 2756 BSS_TYPE_AD_HOC : BSS_TYPE_INFRASTRUCTURE); 2757 2758 atmel_send_command(priv, CMD_Scan, &cmd, sizeof(cmd)); 2759 2760 /* This must come after all hardware access to avoid being messed up 2761 by stuff happening in interrupt context after we leave STATE_DOWN */ 2762 atmel_enter_state(priv, STATION_STATE_SCANNING); 2763 } 2764 join(struct atmel_private * priv,int type)2765 static void join(struct atmel_private *priv, int type) 2766 { 2767 struct { 2768 u8 BSSID[6]; 2769 u8 SSID[MAX_SSID_LENGTH]; 2770 u8 BSS_type; /* this is a short in a scan command - weird */ 2771 u8 channel; 2772 __le16 timeout; 2773 u8 SSID_size; 2774 u8 reserved; 2775 } cmd; 2776 2777 cmd.SSID_size = priv->SSID_size; 2778 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2779 memcpy(cmd.BSSID, priv->CurrentBSSID, ETH_ALEN); 2780 cmd.channel = (priv->channel & 0x7f); 2781 cmd.BSS_type = type; 2782 cmd.timeout = cpu_to_le16(2000); 2783 2784 atmel_send_command(priv, CMD_Join, &cmd, sizeof(cmd)); 2785 } 2786 start(struct atmel_private * priv,int type)2787 static void start(struct atmel_private *priv, int type) 2788 { 2789 struct { 2790 u8 BSSID[6]; 2791 u8 SSID[MAX_SSID_LENGTH]; 2792 u8 BSS_type; 2793 u8 channel; 2794 u8 SSID_size; 2795 u8 reserved[3]; 2796 } cmd; 2797 2798 cmd.SSID_size = priv->SSID_size; 2799 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2800 memcpy(cmd.BSSID, priv->BSSID, ETH_ALEN); 2801 cmd.BSS_type = type; 2802 cmd.channel = (priv->channel & 0x7f); 2803 2804 atmel_send_command(priv, CMD_Start, &cmd, sizeof(cmd)); 2805 } 2806 handle_beacon_probe(struct atmel_private * priv,u16 capability,u8 channel)2807 static void handle_beacon_probe(struct atmel_private *priv, u16 capability, 2808 u8 channel) 2809 { 2810 int rejoin = 0; 2811 int new = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ? 2812 SHORT_PREAMBLE : LONG_PREAMBLE; 2813 2814 if (priv->preamble != new) { 2815 priv->preamble = new; 2816 rejoin = 1; 2817 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, new); 2818 } 2819 2820 if (priv->channel != channel) { 2821 priv->channel = channel; 2822 rejoin = 1; 2823 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_CHANNEL_POS, channel); 2824 } 2825 2826 if (rejoin) { 2827 priv->station_is_associated = 0; 2828 atmel_enter_state(priv, STATION_STATE_JOINNING); 2829 2830 if (priv->operating_mode == IW_MODE_INFRA) 2831 join(priv, BSS_TYPE_INFRASTRUCTURE); 2832 else 2833 join(priv, BSS_TYPE_AD_HOC); 2834 } 2835 } 2836 send_authentication_request(struct atmel_private * priv,u16 system,u8 * challenge,int challenge_len)2837 static void send_authentication_request(struct atmel_private *priv, u16 system, 2838 u8 *challenge, int challenge_len) 2839 { 2840 struct ieee80211_hdr header; 2841 struct auth_body auth; 2842 2843 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH); 2844 header.duration_id = cpu_to_le16(0x8000); 2845 header.seq_ctrl = 0; 2846 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN); 2847 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN); 2848 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN); 2849 2850 if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1) 2851 /* no WEP for authentication frames with TrSeqNo 1 */ 2852 header.frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 2853 2854 auth.alg = cpu_to_le16(system); 2855 2856 auth.status = 0; 2857 auth.trans_seq = cpu_to_le16(priv->CurrentAuthentTransactionSeqNum); 2858 priv->ExpectedAuthentTransactionSeqNum = priv->CurrentAuthentTransactionSeqNum+1; 2859 priv->CurrentAuthentTransactionSeqNum += 2; 2860 2861 if (challenge_len != 0) { 2862 auth.el_id = 16; /* challenge_text */ 2863 auth.chall_text_len = challenge_len; 2864 memcpy(auth.chall_text, challenge, challenge_len); 2865 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 8 + challenge_len); 2866 } else { 2867 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 6); 2868 } 2869 } 2870 send_association_request(struct atmel_private * priv,int is_reassoc)2871 static void send_association_request(struct atmel_private *priv, int is_reassoc) 2872 { 2873 u8 *ssid_el_p; 2874 int bodysize; 2875 struct ieee80211_hdr header; 2876 struct ass_req_format { 2877 __le16 capability; 2878 __le16 listen_interval; 2879 u8 ap[ETH_ALEN]; /* nothing after here directly accessible */ 2880 u8 ssid_el_id; 2881 u8 ssid_len; 2882 u8 ssid[MAX_SSID_LENGTH]; 2883 u8 sup_rates_el_id; 2884 u8 sup_rates_len; 2885 u8 rates[4]; 2886 } body; 2887 2888 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 2889 (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ)); 2890 header.duration_id = cpu_to_le16(0x8000); 2891 header.seq_ctrl = 0; 2892 2893 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN); 2894 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN); 2895 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN); 2896 2897 body.capability = cpu_to_le16(WLAN_CAPABILITY_ESS); 2898 if (priv->wep_is_on) 2899 body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY); 2900 if (priv->preamble == SHORT_PREAMBLE) 2901 body.capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE); 2902 2903 body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period); 2904 2905 /* current AP address - only in reassoc frame */ 2906 if (is_reassoc) { 2907 memcpy(body.ap, priv->CurrentBSSID, ETH_ALEN); 2908 ssid_el_p = &body.ssid_el_id; 2909 bodysize = 18 + priv->SSID_size; 2910 } else { 2911 ssid_el_p = &body.ap[0]; 2912 bodysize = 12 + priv->SSID_size; 2913 } 2914 2915 ssid_el_p[0] = WLAN_EID_SSID; 2916 ssid_el_p[1] = priv->SSID_size; 2917 memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size); 2918 ssid_el_p[2 + priv->SSID_size] = WLAN_EID_SUPP_RATES; 2919 ssid_el_p[3 + priv->SSID_size] = 4; /* len of supported rates */ 2920 memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4); 2921 2922 atmel_transmit_management_frame(priv, &header, (void *)&body, bodysize); 2923 } 2924 is_frame_from_current_bss(struct atmel_private * priv,struct ieee80211_hdr * header)2925 static int is_frame_from_current_bss(struct atmel_private *priv, 2926 struct ieee80211_hdr *header) 2927 { 2928 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 2929 return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0; 2930 else 2931 return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0; 2932 } 2933 retrieve_bss(struct atmel_private * priv)2934 static int retrieve_bss(struct atmel_private *priv) 2935 { 2936 int i; 2937 int max_rssi = -128; 2938 int max_index = -1; 2939 2940 if (priv->BSS_list_entries == 0) 2941 return -1; 2942 2943 if (priv->connect_to_any_BSS) { 2944 /* Select a BSS with the max-RSSI but of the same type and of 2945 the same WEP mode and that it is not marked as 'bad' (i.e. 2946 we had previously failed to connect to this BSS with the 2947 settings that we currently use) */ 2948 priv->current_BSS = 0; 2949 for (i = 0; i < priv->BSS_list_entries; i++) { 2950 if (priv->operating_mode == priv->BSSinfo[i].BSStype && 2951 ((!priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) || 2952 (priv->wep_is_on && priv->BSSinfo[i].UsingWEP)) && 2953 !(priv->BSSinfo[i].channel & 0x80)) { 2954 max_rssi = priv->BSSinfo[i].RSSI; 2955 priv->current_BSS = max_index = i; 2956 } 2957 } 2958 return max_index; 2959 } 2960 2961 for (i = 0; i < priv->BSS_list_entries; i++) { 2962 if (priv->SSID_size == priv->BSSinfo[i].SSIDsize && 2963 memcmp(priv->SSID, priv->BSSinfo[i].SSID, priv->SSID_size) == 0 && 2964 priv->operating_mode == priv->BSSinfo[i].BSStype && 2965 atmel_validate_channel(priv, priv->BSSinfo[i].channel) == 0) { 2966 if (priv->BSSinfo[i].RSSI >= max_rssi) { 2967 max_rssi = priv->BSSinfo[i].RSSI; 2968 max_index = i; 2969 } 2970 } 2971 } 2972 return max_index; 2973 } 2974 store_bss_info(struct atmel_private * priv,struct ieee80211_hdr * header,u16 capability,u16 beacon_period,u8 channel,u8 rssi,u8 ssid_len,u8 * ssid,int is_beacon)2975 static void store_bss_info(struct atmel_private *priv, 2976 struct ieee80211_hdr *header, u16 capability, 2977 u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len, 2978 u8 *ssid, int is_beacon) 2979 { 2980 u8 *bss = capability & WLAN_CAPABILITY_ESS ? header->addr2 : header->addr3; 2981 int i, index; 2982 2983 for (index = -1, i = 0; i < priv->BSS_list_entries; i++) 2984 if (memcmp(bss, priv->BSSinfo[i].BSSID, ETH_ALEN) == 0) 2985 index = i; 2986 2987 /* If we process a probe and an entry from this BSS exists 2988 we will update the BSS entry with the info from this BSS. 2989 If we process a beacon we will only update RSSI */ 2990 2991 if (index == -1) { 2992 if (priv->BSS_list_entries == MAX_BSS_ENTRIES) 2993 return; 2994 index = priv->BSS_list_entries++; 2995 memcpy(priv->BSSinfo[index].BSSID, bss, ETH_ALEN); 2996 priv->BSSinfo[index].RSSI = rssi; 2997 } else { 2998 if (rssi > priv->BSSinfo[index].RSSI) 2999 priv->BSSinfo[index].RSSI = rssi; 3000 if (is_beacon) 3001 return; 3002 } 3003 3004 priv->BSSinfo[index].channel = channel; 3005 priv->BSSinfo[index].beacon_period = beacon_period; 3006 priv->BSSinfo[index].UsingWEP = capability & WLAN_CAPABILITY_PRIVACY; 3007 memcpy(priv->BSSinfo[index].SSID, ssid, ssid_len); 3008 priv->BSSinfo[index].SSIDsize = ssid_len; 3009 3010 if (capability & WLAN_CAPABILITY_IBSS) 3011 priv->BSSinfo[index].BSStype = IW_MODE_ADHOC; 3012 else if (capability & WLAN_CAPABILITY_ESS) 3013 priv->BSSinfo[index].BSStype = IW_MODE_INFRA; 3014 3015 priv->BSSinfo[index].preamble = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ? 3016 SHORT_PREAMBLE : LONG_PREAMBLE; 3017 } 3018 authenticate(struct atmel_private * priv,u16 frame_len)3019 static void authenticate(struct atmel_private *priv, u16 frame_len) 3020 { 3021 struct auth_body *auth = (struct auth_body *)priv->rx_buf; 3022 u16 status = le16_to_cpu(auth->status); 3023 u16 trans_seq_no = le16_to_cpu(auth->trans_seq); 3024 u16 system = le16_to_cpu(auth->alg); 3025 3026 if (status == WLAN_STATUS_SUCCESS && !priv->wep_is_on) { 3027 /* no WEP */ 3028 if (priv->station_was_associated) { 3029 atmel_enter_state(priv, STATION_STATE_REASSOCIATING); 3030 send_association_request(priv, 1); 3031 return; 3032 } else { 3033 atmel_enter_state(priv, STATION_STATE_ASSOCIATING); 3034 send_association_request(priv, 0); 3035 return; 3036 } 3037 } 3038 3039 if (status == WLAN_STATUS_SUCCESS && priv->wep_is_on) { 3040 int should_associate = 0; 3041 /* WEP */ 3042 if (trans_seq_no != priv->ExpectedAuthentTransactionSeqNum) 3043 return; 3044 3045 if (system == WLAN_AUTH_OPEN) { 3046 if (trans_seq_no == 0x0002) { 3047 should_associate = 1; 3048 } 3049 } else if (system == WLAN_AUTH_SHARED_KEY) { 3050 if (trans_seq_no == 0x0002 && 3051 auth->el_id == WLAN_EID_CHALLENGE) { 3052 send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len); 3053 return; 3054 } else if (trans_seq_no == 0x0004) { 3055 should_associate = 1; 3056 } 3057 } 3058 3059 if (should_associate) { 3060 if (priv->station_was_associated) { 3061 atmel_enter_state(priv, STATION_STATE_REASSOCIATING); 3062 send_association_request(priv, 1); 3063 return; 3064 } else { 3065 atmel_enter_state(priv, STATION_STATE_ASSOCIATING); 3066 send_association_request(priv, 0); 3067 return; 3068 } 3069 } 3070 } 3071 3072 if (status == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) { 3073 /* Flip back and forth between WEP auth modes until the max 3074 * authentication tries has been exceeded. 3075 */ 3076 if (system == WLAN_AUTH_OPEN) { 3077 priv->CurrentAuthentTransactionSeqNum = 0x001; 3078 priv->exclude_unencrypted = 1; 3079 send_authentication_request(priv, WLAN_AUTH_SHARED_KEY, NULL, 0); 3080 return; 3081 } else if (system == WLAN_AUTH_SHARED_KEY 3082 && priv->wep_is_on) { 3083 priv->CurrentAuthentTransactionSeqNum = 0x001; 3084 priv->exclude_unencrypted = 0; 3085 send_authentication_request(priv, WLAN_AUTH_OPEN, NULL, 0); 3086 return; 3087 } else if (priv->connect_to_any_BSS) { 3088 int bss_index; 3089 3090 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3091 3092 if ((bss_index = retrieve_bss(priv)) != -1) { 3093 atmel_join_bss(priv, bss_index); 3094 return; 3095 } 3096 } 3097 } 3098 3099 priv->AuthenticationRequestRetryCnt = 0; 3100 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3101 priv->station_is_associated = 0; 3102 } 3103 associate(struct atmel_private * priv,u16 frame_len,u16 subtype)3104 static void associate(struct atmel_private *priv, u16 frame_len, u16 subtype) 3105 { 3106 struct ass_resp_format { 3107 __le16 capability; 3108 __le16 status; 3109 __le16 ass_id; 3110 u8 el_id; 3111 u8 length; 3112 u8 rates[4]; 3113 } *ass_resp = (struct ass_resp_format *)priv->rx_buf; 3114 3115 u16 status = le16_to_cpu(ass_resp->status); 3116 u16 ass_id = le16_to_cpu(ass_resp->ass_id); 3117 u16 rates_len = ass_resp->length > 4 ? 4 : ass_resp->length; 3118 3119 union iwreq_data wrqu; 3120 3121 if (frame_len < 8 + rates_len) 3122 return; 3123 3124 if (status == WLAN_STATUS_SUCCESS) { 3125 if (subtype == IEEE80211_STYPE_ASSOC_RESP) 3126 priv->AssociationRequestRetryCnt = 0; 3127 else 3128 priv->ReAssociationRequestRetryCnt = 0; 3129 3130 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3131 MAC_MGMT_MIB_STATION_ID_POS, ass_id & 0x3fff); 3132 atmel_set_mib(priv, Phy_Mib_Type, 3133 PHY_MIB_RATE_SET_POS, ass_resp->rates, rates_len); 3134 if (priv->power_mode == 0) { 3135 priv->listen_interval = 1; 3136 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3137 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 3138 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3139 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 3140 } else { 3141 priv->listen_interval = 2; 3142 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3143 MAC_MGMT_MIB_PS_MODE_POS, PS_MODE); 3144 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3145 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 2); 3146 } 3147 3148 priv->station_is_associated = 1; 3149 priv->station_was_associated = 1; 3150 atmel_enter_state(priv, STATION_STATE_READY); 3151 3152 /* Send association event to userspace */ 3153 wrqu.data.length = 0; 3154 wrqu.data.flags = 0; 3155 memcpy(wrqu.ap_addr.sa_data, priv->CurrentBSSID, ETH_ALEN); 3156 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 3157 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 3158 3159 return; 3160 } 3161 3162 if (subtype == IEEE80211_STYPE_ASSOC_RESP && 3163 status != WLAN_STATUS_ASSOC_DENIED_RATES && 3164 status != WLAN_STATUS_CAPS_UNSUPPORTED && 3165 priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) { 3166 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3167 priv->AssociationRequestRetryCnt++; 3168 send_association_request(priv, 0); 3169 return; 3170 } 3171 3172 if (subtype == IEEE80211_STYPE_REASSOC_RESP && 3173 status != WLAN_STATUS_ASSOC_DENIED_RATES && 3174 status != WLAN_STATUS_CAPS_UNSUPPORTED && 3175 priv->ReAssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) { 3176 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3177 priv->ReAssociationRequestRetryCnt++; 3178 send_association_request(priv, 1); 3179 return; 3180 } 3181 3182 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3183 priv->station_is_associated = 0; 3184 3185 if (priv->connect_to_any_BSS) { 3186 int bss_index; 3187 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3188 3189 if ((bss_index = retrieve_bss(priv)) != -1) 3190 atmel_join_bss(priv, bss_index); 3191 } 3192 } 3193 atmel_join_bss(struct atmel_private * priv,int bss_index)3194 static void atmel_join_bss(struct atmel_private *priv, int bss_index) 3195 { 3196 struct bss_info *bss = &priv->BSSinfo[bss_index]; 3197 3198 memcpy(priv->CurrentBSSID, bss->BSSID, ETH_ALEN); 3199 memcpy(priv->SSID, bss->SSID, priv->SSID_size = bss->SSIDsize); 3200 3201 /* The WPA stuff cares about the current AP address */ 3202 if (priv->use_wpa) 3203 build_wpa_mib(priv); 3204 3205 /* When switching to AdHoc turn OFF Power Save if needed */ 3206 3207 if (bss->BSStype == IW_MODE_ADHOC && 3208 priv->operating_mode != IW_MODE_ADHOC && 3209 priv->power_mode) { 3210 priv->power_mode = 0; 3211 priv->listen_interval = 1; 3212 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3213 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 3214 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3215 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 3216 } 3217 3218 priv->operating_mode = bss->BSStype; 3219 priv->channel = bss->channel & 0x7f; 3220 priv->beacon_period = bss->beacon_period; 3221 3222 if (priv->preamble != bss->preamble) { 3223 priv->preamble = bss->preamble; 3224 atmel_set_mib8(priv, Local_Mib_Type, 3225 LOCAL_MIB_PREAMBLE_TYPE, bss->preamble); 3226 } 3227 3228 if (!priv->wep_is_on && bss->UsingWEP) { 3229 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3230 priv->station_is_associated = 0; 3231 return; 3232 } 3233 3234 if (priv->wep_is_on && !bss->UsingWEP) { 3235 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3236 priv->station_is_associated = 0; 3237 return; 3238 } 3239 3240 atmel_enter_state(priv, STATION_STATE_JOINNING); 3241 3242 if (priv->operating_mode == IW_MODE_INFRA) 3243 join(priv, BSS_TYPE_INFRASTRUCTURE); 3244 else 3245 join(priv, BSS_TYPE_AD_HOC); 3246 } 3247 restart_search(struct atmel_private * priv)3248 static void restart_search(struct atmel_private *priv) 3249 { 3250 int bss_index; 3251 3252 if (!priv->connect_to_any_BSS) { 3253 atmel_scan(priv, 1); 3254 } else { 3255 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3256 3257 if ((bss_index = retrieve_bss(priv)) != -1) 3258 atmel_join_bss(priv, bss_index); 3259 else 3260 atmel_scan(priv, 0); 3261 } 3262 } 3263 smooth_rssi(struct atmel_private * priv,u8 rssi)3264 static void smooth_rssi(struct atmel_private *priv, u8 rssi) 3265 { 3266 u8 old = priv->wstats.qual.level; 3267 u8 max_rssi = 42; /* 502-rmfd-revd max by experiment, default for now */ 3268 3269 switch (priv->firmware_type) { 3270 case ATMEL_FW_TYPE_502E: 3271 max_rssi = 63; /* 502-rmfd-reve max by experiment */ 3272 break; 3273 default: 3274 break; 3275 } 3276 3277 rssi = rssi * 100 / max_rssi; 3278 if ((rssi + old) % 2) 3279 priv->wstats.qual.level = (rssi + old) / 2 + 1; 3280 else 3281 priv->wstats.qual.level = (rssi + old) / 2; 3282 priv->wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED; 3283 priv->wstats.qual.updated &= ~IW_QUAL_LEVEL_INVALID; 3284 } 3285 atmel_smooth_qual(struct atmel_private * priv)3286 static void atmel_smooth_qual(struct atmel_private *priv) 3287 { 3288 unsigned long time_diff = (jiffies - priv->last_qual) / HZ; 3289 while (time_diff--) { 3290 priv->last_qual += HZ; 3291 priv->wstats.qual.qual = priv->wstats.qual.qual / 2; 3292 priv->wstats.qual.qual += 3293 priv->beacons_this_sec * priv->beacon_period * (priv->wstats.qual.level + 100) / 4000; 3294 priv->beacons_this_sec = 0; 3295 } 3296 priv->wstats.qual.updated |= IW_QUAL_QUAL_UPDATED; 3297 priv->wstats.qual.updated &= ~IW_QUAL_QUAL_INVALID; 3298 } 3299 3300 /* deals with incoming management frames. */ atmel_management_frame(struct atmel_private * priv,struct ieee80211_hdr * header,u16 frame_len,u8 rssi)3301 static void atmel_management_frame(struct atmel_private *priv, 3302 struct ieee80211_hdr *header, 3303 u16 frame_len, u8 rssi) 3304 { 3305 u16 subtype; 3306 3307 subtype = le16_to_cpu(header->frame_control) & IEEE80211_FCTL_STYPE; 3308 switch (subtype) { 3309 case IEEE80211_STYPE_BEACON: 3310 case IEEE80211_STYPE_PROBE_RESP: 3311 3312 /* beacon frame has multiple variable-length fields - 3313 never let an engineer loose with a data structure design. */ 3314 { 3315 struct beacon_format { 3316 __le64 timestamp; 3317 __le16 interval; 3318 __le16 capability; 3319 u8 ssid_el_id; 3320 u8 ssid_length; 3321 /* ssid here */ 3322 u8 rates_el_id; 3323 u8 rates_length; 3324 /* rates here */ 3325 u8 ds_el_id; 3326 u8 ds_length; 3327 /* ds here */ 3328 } *beacon = (struct beacon_format *)priv->rx_buf; 3329 3330 u8 channel, rates_length, ssid_length; 3331 u64 timestamp = le64_to_cpu(beacon->timestamp); 3332 u16 beacon_interval = le16_to_cpu(beacon->interval); 3333 u16 capability = le16_to_cpu(beacon->capability); 3334 u8 *beaconp = priv->rx_buf; 3335 ssid_length = beacon->ssid_length; 3336 /* this blows chunks. */ 3337 if (frame_len < 14 || frame_len < ssid_length + 15) 3338 return; 3339 rates_length = beaconp[beacon->ssid_length + 15]; 3340 if (frame_len < ssid_length + rates_length + 18) 3341 return; 3342 if (ssid_length > MAX_SSID_LENGTH) 3343 return; 3344 channel = beaconp[ssid_length + rates_length + 18]; 3345 3346 if (priv->station_state == STATION_STATE_READY) { 3347 smooth_rssi(priv, rssi); 3348 if (is_frame_from_current_bss(priv, header)) { 3349 priv->beacons_this_sec++; 3350 atmel_smooth_qual(priv); 3351 if (priv->last_beacon_timestamp) { 3352 /* Note truncate this to 32 bits - kernel can't divide a long */ 3353 u32 beacon_delay = timestamp - priv->last_beacon_timestamp; 3354 int beacons = beacon_delay / (beacon_interval * 1000); 3355 if (beacons > 1) 3356 priv->wstats.miss.beacon += beacons - 1; 3357 } 3358 priv->last_beacon_timestamp = timestamp; 3359 handle_beacon_probe(priv, capability, channel); 3360 } 3361 } 3362 3363 if (priv->station_state == STATION_STATE_SCANNING) 3364 store_bss_info(priv, header, capability, 3365 beacon_interval, channel, rssi, 3366 ssid_length, 3367 &beacon->rates_el_id, 3368 subtype == IEEE80211_STYPE_BEACON); 3369 } 3370 break; 3371 3372 case IEEE80211_STYPE_AUTH: 3373 3374 if (priv->station_state == STATION_STATE_AUTHENTICATING) 3375 authenticate(priv, frame_len); 3376 3377 break; 3378 3379 case IEEE80211_STYPE_ASSOC_RESP: 3380 case IEEE80211_STYPE_REASSOC_RESP: 3381 3382 if (priv->station_state == STATION_STATE_ASSOCIATING || 3383 priv->station_state == STATION_STATE_REASSOCIATING) 3384 associate(priv, frame_len, subtype); 3385 3386 break; 3387 3388 case IEEE80211_STYPE_DISASSOC: 3389 if (priv->station_is_associated && 3390 priv->operating_mode == IW_MODE_INFRA && 3391 is_frame_from_current_bss(priv, header)) { 3392 priv->station_was_associated = 0; 3393 priv->station_is_associated = 0; 3394 3395 atmel_enter_state(priv, STATION_STATE_JOINNING); 3396 join(priv, BSS_TYPE_INFRASTRUCTURE); 3397 } 3398 3399 break; 3400 3401 case IEEE80211_STYPE_DEAUTH: 3402 if (priv->operating_mode == IW_MODE_INFRA && 3403 is_frame_from_current_bss(priv, header)) { 3404 priv->station_was_associated = 0; 3405 3406 atmel_enter_state(priv, STATION_STATE_JOINNING); 3407 join(priv, BSS_TYPE_INFRASTRUCTURE); 3408 } 3409 3410 break; 3411 } 3412 } 3413 3414 /* run when timer expires */ atmel_management_timer(struct timer_list * t)3415 static void atmel_management_timer(struct timer_list *t) 3416 { 3417 struct atmel_private *priv = from_timer(priv, t, management_timer); 3418 unsigned long flags; 3419 3420 /* Check if the card has been yanked. */ 3421 if (priv->card && priv->present_callback && 3422 !(*priv->present_callback)(priv->card)) 3423 return; 3424 3425 spin_lock_irqsave(&priv->irqlock, flags); 3426 3427 switch (priv->station_state) { 3428 3429 case STATION_STATE_AUTHENTICATING: 3430 if (priv->AuthenticationRequestRetryCnt >= MAX_AUTHENTICATION_RETRIES) { 3431 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3432 priv->station_is_associated = 0; 3433 priv->AuthenticationRequestRetryCnt = 0; 3434 restart_search(priv); 3435 } else { 3436 int auth = WLAN_AUTH_OPEN; 3437 priv->AuthenticationRequestRetryCnt++; 3438 priv->CurrentAuthentTransactionSeqNum = 0x0001; 3439 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3440 if (priv->wep_is_on && priv->exclude_unencrypted) 3441 auth = WLAN_AUTH_SHARED_KEY; 3442 send_authentication_request(priv, auth, NULL, 0); 3443 } 3444 break; 3445 3446 case STATION_STATE_ASSOCIATING: 3447 if (priv->AssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) { 3448 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3449 priv->station_is_associated = 0; 3450 priv->AssociationRequestRetryCnt = 0; 3451 restart_search(priv); 3452 } else { 3453 priv->AssociationRequestRetryCnt++; 3454 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3455 send_association_request(priv, 0); 3456 } 3457 break; 3458 3459 case STATION_STATE_REASSOCIATING: 3460 if (priv->ReAssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) { 3461 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3462 priv->station_is_associated = 0; 3463 priv->ReAssociationRequestRetryCnt = 0; 3464 restart_search(priv); 3465 } else { 3466 priv->ReAssociationRequestRetryCnt++; 3467 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3468 send_association_request(priv, 1); 3469 } 3470 break; 3471 3472 default: 3473 break; 3474 } 3475 3476 spin_unlock_irqrestore(&priv->irqlock, flags); 3477 } 3478 atmel_command_irq(struct atmel_private * priv)3479 static void atmel_command_irq(struct atmel_private *priv) 3480 { 3481 u8 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET)); 3482 u8 command = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET)); 3483 int fast_scan; 3484 union iwreq_data wrqu; 3485 3486 if (status == CMD_STATUS_IDLE || 3487 status == CMD_STATUS_IN_PROGRESS) 3488 return; 3489 3490 switch (command) { 3491 case CMD_Start: 3492 if (status == CMD_STATUS_COMPLETE) { 3493 priv->station_was_associated = priv->station_is_associated; 3494 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS, 3495 (u8 *)priv->CurrentBSSID, 6); 3496 atmel_enter_state(priv, STATION_STATE_READY); 3497 } 3498 break; 3499 3500 case CMD_Scan: 3501 fast_scan = priv->fast_scan; 3502 priv->fast_scan = 0; 3503 3504 if (status != CMD_STATUS_COMPLETE) { 3505 atmel_scan(priv, 1); 3506 } else { 3507 int bss_index = retrieve_bss(priv); 3508 int notify_scan_complete = 1; 3509 if (bss_index != -1) { 3510 atmel_join_bss(priv, bss_index); 3511 } else if (priv->operating_mode == IW_MODE_ADHOC && 3512 priv->SSID_size != 0) { 3513 start(priv, BSS_TYPE_AD_HOC); 3514 } else { 3515 priv->fast_scan = !fast_scan; 3516 atmel_scan(priv, 1); 3517 notify_scan_complete = 0; 3518 } 3519 priv->site_survey_state = SITE_SURVEY_COMPLETED; 3520 if (notify_scan_complete) { 3521 wrqu.data.length = 0; 3522 wrqu.data.flags = 0; 3523 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL); 3524 } 3525 } 3526 break; 3527 3528 case CMD_SiteSurvey: 3529 priv->fast_scan = 0; 3530 3531 if (status != CMD_STATUS_COMPLETE) 3532 return; 3533 3534 priv->site_survey_state = SITE_SURVEY_COMPLETED; 3535 if (priv->station_is_associated) { 3536 atmel_enter_state(priv, STATION_STATE_READY); 3537 wrqu.data.length = 0; 3538 wrqu.data.flags = 0; 3539 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL); 3540 } else { 3541 atmel_scan(priv, 1); 3542 } 3543 break; 3544 3545 case CMD_Join: 3546 if (status == CMD_STATUS_COMPLETE) { 3547 if (priv->operating_mode == IW_MODE_ADHOC) { 3548 priv->station_was_associated = priv->station_is_associated; 3549 atmel_enter_state(priv, STATION_STATE_READY); 3550 } else { 3551 int auth = WLAN_AUTH_OPEN; 3552 priv->AuthenticationRequestRetryCnt = 0; 3553 atmel_enter_state(priv, STATION_STATE_AUTHENTICATING); 3554 3555 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3556 priv->CurrentAuthentTransactionSeqNum = 0x0001; 3557 if (priv->wep_is_on && priv->exclude_unencrypted) 3558 auth = WLAN_AUTH_SHARED_KEY; 3559 send_authentication_request(priv, auth, NULL, 0); 3560 } 3561 return; 3562 } 3563 3564 atmel_scan(priv, 1); 3565 } 3566 } 3567 atmel_wakeup_firmware(struct atmel_private * priv)3568 static int atmel_wakeup_firmware(struct atmel_private *priv) 3569 { 3570 struct host_info_struct *iface = &priv->host_info; 3571 u16 mr1, mr3; 3572 int i; 3573 3574 if (priv->card_type == CARD_TYPE_SPI_FLASH) 3575 atmel_set_gcr(priv->dev, GCR_REMAP); 3576 3577 /* wake up on-board processor */ 3578 atmel_clear_gcr(priv->dev, 0x0040); 3579 atmel_write16(priv->dev, BSR, BSS_SRAM); 3580 3581 if (priv->card_type == CARD_TYPE_SPI_FLASH) 3582 mdelay(100); 3583 3584 /* and wait for it */ 3585 for (i = LOOP_RETRY_LIMIT; i; i--) { 3586 mr1 = atmel_read16(priv->dev, MR1); 3587 mr3 = atmel_read16(priv->dev, MR3); 3588 3589 if (mr3 & MAC_BOOT_COMPLETE) 3590 break; 3591 if (mr1 & MAC_BOOT_COMPLETE && 3592 priv->bus_type == BUS_TYPE_PCCARD) 3593 break; 3594 } 3595 3596 if (i == 0) { 3597 printk(KERN_ALERT "%s: MAC failed to boot.\n", priv->dev->name); 3598 return -EIO; 3599 } 3600 3601 if ((priv->host_info_base = atmel_read16(priv->dev, MR2)) == 0xffff) { 3602 printk(KERN_ALERT "%s: card missing.\n", priv->dev->name); 3603 return -ENODEV; 3604 } 3605 3606 /* now check for completion of MAC initialization through 3607 the FunCtrl field of the IFACE, poll MR1 to detect completion of 3608 MAC initialization, check completion status, set interrupt mask, 3609 enables interrupts and calls Tx and Rx initialization functions */ 3610 3611 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), FUNC_CTRL_INIT_COMPLETE); 3612 3613 for (i = LOOP_RETRY_LIMIT; i; i--) { 3614 mr1 = atmel_read16(priv->dev, MR1); 3615 mr3 = atmel_read16(priv->dev, MR3); 3616 3617 if (mr3 & MAC_INIT_COMPLETE) 3618 break; 3619 if (mr1 & MAC_INIT_COMPLETE && 3620 priv->bus_type == BUS_TYPE_PCCARD) 3621 break; 3622 } 3623 3624 if (i == 0) { 3625 printk(KERN_ALERT "%s: MAC failed to initialise.\n", 3626 priv->dev->name); 3627 return -EIO; 3628 } 3629 3630 /* Check for MAC_INIT_OK only on the register that the MAC_INIT_OK was set */ 3631 if ((mr3 & MAC_INIT_COMPLETE) && 3632 !(atmel_read16(priv->dev, MR3) & MAC_INIT_OK)) { 3633 printk(KERN_ALERT "%s: MAC failed MR3 self-test.\n", priv->dev->name); 3634 return -EIO; 3635 } 3636 if ((mr1 & MAC_INIT_COMPLETE) && 3637 !(atmel_read16(priv->dev, MR1) & MAC_INIT_OK)) { 3638 printk(KERN_ALERT "%s: MAC failed MR1 self-test.\n", priv->dev->name); 3639 return -EIO; 3640 } 3641 3642 atmel_copy_to_host(priv->dev, (unsigned char *)iface, 3643 priv->host_info_base, sizeof(*iface)); 3644 3645 iface->tx_buff_pos = le16_to_cpu(iface->tx_buff_pos); 3646 iface->tx_buff_size = le16_to_cpu(iface->tx_buff_size); 3647 iface->tx_desc_pos = le16_to_cpu(iface->tx_desc_pos); 3648 iface->tx_desc_count = le16_to_cpu(iface->tx_desc_count); 3649 iface->rx_buff_pos = le16_to_cpu(iface->rx_buff_pos); 3650 iface->rx_buff_size = le16_to_cpu(iface->rx_buff_size); 3651 iface->rx_desc_pos = le16_to_cpu(iface->rx_desc_pos); 3652 iface->rx_desc_count = le16_to_cpu(iface->rx_desc_count); 3653 iface->build_version = le16_to_cpu(iface->build_version); 3654 iface->command_pos = le16_to_cpu(iface->command_pos); 3655 iface->major_version = le16_to_cpu(iface->major_version); 3656 iface->minor_version = le16_to_cpu(iface->minor_version); 3657 iface->func_ctrl = le16_to_cpu(iface->func_ctrl); 3658 iface->mac_status = le16_to_cpu(iface->mac_status); 3659 3660 return 0; 3661 } 3662 3663 /* determine type of memory and MAC address */ probe_atmel_card(struct net_device * dev)3664 static int probe_atmel_card(struct net_device *dev) 3665 { 3666 int rc = 0; 3667 struct atmel_private *priv = netdev_priv(dev); 3668 u8 addr[ETH_ALEN] = {}; 3669 3670 /* reset pccard */ 3671 if (priv->bus_type == BUS_TYPE_PCCARD) 3672 atmel_write16(dev, GCR, 0x0060); 3673 3674 atmel_write16(dev, GCR, 0x0040); 3675 msleep(500); 3676 3677 if (atmel_read16(dev, MR2) == 0) { 3678 /* No stored firmware so load a small stub which just 3679 tells us the MAC address */ 3680 int i; 3681 priv->card_type = CARD_TYPE_EEPROM; 3682 atmel_write16(dev, BSR, BSS_IRAM); 3683 atmel_copy_to_card(dev, 0, mac_reader, sizeof(mac_reader)); 3684 atmel_set_gcr(dev, GCR_REMAP); 3685 atmel_clear_gcr(priv->dev, 0x0040); 3686 atmel_write16(dev, BSR, BSS_SRAM); 3687 for (i = LOOP_RETRY_LIMIT; i; i--) 3688 if (atmel_read16(dev, MR3) & MAC_BOOT_COMPLETE) 3689 break; 3690 if (i == 0) { 3691 printk(KERN_ALERT "%s: MAC failed to boot MAC address reader.\n", dev->name); 3692 } else { 3693 3694 atmel_copy_to_host(dev, addr, atmel_read16(dev, MR2), 6); 3695 eth_hw_addr_set(dev, addr); 3696 /* got address, now squash it again until the network 3697 interface is opened */ 3698 if (priv->bus_type == BUS_TYPE_PCCARD) 3699 atmel_write16(dev, GCR, 0x0060); 3700 atmel_write16(dev, GCR, 0x0040); 3701 rc = 1; 3702 } 3703 } else if (atmel_read16(dev, MR4) == 0) { 3704 /* Mac address easy in this case. */ 3705 priv->card_type = CARD_TYPE_PARALLEL_FLASH; 3706 atmel_write16(dev, BSR, 1); 3707 atmel_copy_to_host(dev, addr, 0xc000, 6); 3708 eth_hw_addr_set(dev, addr); 3709 atmel_write16(dev, BSR, 0x200); 3710 rc = 1; 3711 } else { 3712 /* Standard firmware in flash, boot it up and ask 3713 for the Mac Address */ 3714 priv->card_type = CARD_TYPE_SPI_FLASH; 3715 if (atmel_wakeup_firmware(priv) == 0) { 3716 atmel_get_mib(priv, Mac_Address_Mib_Type, 0, addr, 6); 3717 eth_hw_addr_set(dev, addr); 3718 3719 /* got address, now squash it again until the network 3720 interface is opened */ 3721 if (priv->bus_type == BUS_TYPE_PCCARD) 3722 atmel_write16(dev, GCR, 0x0060); 3723 atmel_write16(dev, GCR, 0x0040); 3724 rc = 1; 3725 } 3726 } 3727 3728 if (rc) { 3729 if (dev->dev_addr[0] == 0xFF) { 3730 static const u8 default_mac[] = { 3731 0x00, 0x04, 0x25, 0x00, 0x00, 0x00 3732 }; 3733 printk(KERN_ALERT "%s: *** Invalid MAC address. UPGRADE Firmware ****\n", dev->name); 3734 eth_hw_addr_set(dev, default_mac); 3735 } 3736 } 3737 3738 return rc; 3739 } 3740 3741 /* Move the encyption information on the MIB structure. 3742 This routine is for the pre-WPA firmware: later firmware has 3743 a different format MIB and a different routine. */ build_wep_mib(struct atmel_private * priv)3744 static void build_wep_mib(struct atmel_private *priv) 3745 { 3746 struct { /* NB this is matched to the hardware, don't change. */ 3747 u8 wep_is_on; 3748 u8 default_key; /* 0..3 */ 3749 u8 reserved; 3750 u8 exclude_unencrypted; 3751 3752 u32 WEPICV_error_count; 3753 u32 WEP_excluded_count; 3754 3755 u8 wep_keys[MAX_ENCRYPTION_KEYS][13]; 3756 u8 encryption_level; /* 0, 1, 2 */ 3757 u8 reserved2[3]; 3758 } mib; 3759 int i; 3760 3761 mib.wep_is_on = priv->wep_is_on; 3762 if (priv->wep_is_on) { 3763 if (priv->wep_key_len[priv->default_key] > 5) 3764 mib.encryption_level = 2; 3765 else 3766 mib.encryption_level = 1; 3767 } else { 3768 mib.encryption_level = 0; 3769 } 3770 3771 mib.default_key = priv->default_key; 3772 mib.exclude_unencrypted = priv->exclude_unencrypted; 3773 3774 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) 3775 memcpy(mib.wep_keys[i], priv->wep_keys[i], 13); 3776 3777 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib)); 3778 } 3779 build_wpa_mib(struct atmel_private * priv)3780 static void build_wpa_mib(struct atmel_private *priv) 3781 { 3782 /* This is for the later (WPA enabled) firmware. */ 3783 3784 struct { /* NB this is matched to the hardware, don't change. */ 3785 u8 cipher_default_key_value[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE]; 3786 u8 receiver_address[ETH_ALEN]; 3787 u8 wep_is_on; 3788 u8 default_key; /* 0..3 */ 3789 u8 group_key; 3790 u8 exclude_unencrypted; 3791 u8 encryption_type; 3792 u8 reserved; 3793 3794 u32 WEPICV_error_count; 3795 u32 WEP_excluded_count; 3796 3797 u8 key_RSC[4][8]; 3798 } mib; 3799 3800 int i; 3801 3802 mib.wep_is_on = priv->wep_is_on; 3803 mib.exclude_unencrypted = priv->exclude_unencrypted; 3804 memcpy(mib.receiver_address, priv->CurrentBSSID, ETH_ALEN); 3805 3806 /* zero all the keys before adding in valid ones. */ 3807 memset(mib.cipher_default_key_value, 0, sizeof(mib.cipher_default_key_value)); 3808 3809 if (priv->wep_is_on) { 3810 /* There's a comment in the Atmel code to the effect that this 3811 is only valid when still using WEP, it may need to be set to 3812 something to use WPA */ 3813 memset(mib.key_RSC, 0, sizeof(mib.key_RSC)); 3814 3815 mib.default_key = mib.group_key = 255; 3816 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) { 3817 if (priv->wep_key_len[i] > 0) { 3818 memcpy(mib.cipher_default_key_value[i], priv->wep_keys[i], MAX_ENCRYPTION_KEY_SIZE); 3819 if (i == priv->default_key) { 3820 mib.default_key = i; 3821 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 7; 3822 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->pairwise_cipher_suite; 3823 } else { 3824 mib.group_key = i; 3825 priv->group_cipher_suite = priv->pairwise_cipher_suite; 3826 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 1; 3827 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->group_cipher_suite; 3828 } 3829 } 3830 } 3831 if (mib.default_key == 255) 3832 mib.default_key = mib.group_key != 255 ? mib.group_key : 0; 3833 if (mib.group_key == 255) 3834 mib.group_key = mib.default_key; 3835 3836 } 3837 3838 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib)); 3839 } 3840 reset_atmel_card(struct net_device * dev)3841 static int reset_atmel_card(struct net_device *dev) 3842 { 3843 /* do everything necessary to wake up the hardware, including 3844 waiting for the lightning strike and throwing the knife switch.... 3845 3846 set all the Mib values which matter in the card to match 3847 their settings in the atmel_private structure. Some of these 3848 can be altered on the fly, but many (WEP, infrastructure or ad-hoc) 3849 can only be changed by tearing down the world and coming back through 3850 here. 3851 3852 This routine is also responsible for initialising some 3853 hardware-specific fields in the atmel_private structure, 3854 including a copy of the firmware's hostinfo structure 3855 which is the route into the rest of the firmware datastructures. */ 3856 3857 struct atmel_private *priv = netdev_priv(dev); 3858 u8 configuration; 3859 int old_state = priv->station_state; 3860 int err = 0; 3861 3862 /* data to add to the firmware names, in priority order 3863 this implemenents firmware versioning */ 3864 3865 static char *firmware_modifier[] = { 3866 "-wpa", 3867 "", 3868 NULL 3869 }; 3870 3871 /* reset pccard */ 3872 if (priv->bus_type == BUS_TYPE_PCCARD) 3873 atmel_write16(priv->dev, GCR, 0x0060); 3874 3875 /* stop card , disable interrupts */ 3876 atmel_write16(priv->dev, GCR, 0x0040); 3877 3878 if (priv->card_type == CARD_TYPE_EEPROM) { 3879 /* copy in firmware if needed */ 3880 const struct firmware *fw_entry = NULL; 3881 const unsigned char *fw; 3882 int len = priv->firmware_length; 3883 if (!(fw = priv->firmware)) { 3884 if (priv->firmware_type == ATMEL_FW_TYPE_NONE) { 3885 if (strlen(priv->firmware_id) == 0) { 3886 printk(KERN_INFO 3887 "%s: card type is unknown: assuming at76c502 firmware is OK.\n", 3888 dev->name); 3889 printk(KERN_INFO 3890 "%s: if not, use the firmware= module parameter.\n", 3891 dev->name); 3892 strcpy(priv->firmware_id, "atmel_at76c502.bin"); 3893 } 3894 err = request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev); 3895 if (err != 0) { 3896 printk(KERN_ALERT 3897 "%s: firmware %s is missing, cannot continue.\n", 3898 dev->name, priv->firmware_id); 3899 return err; 3900 } 3901 } else { 3902 int fw_index = 0; 3903 int success = 0; 3904 3905 /* get firmware filename entry based on firmware type ID */ 3906 while (fw_table[fw_index].fw_type != priv->firmware_type 3907 && fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) 3908 fw_index++; 3909 3910 /* construct the actual firmware file name */ 3911 if (fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) { 3912 int i; 3913 for (i = 0; firmware_modifier[i]; i++) { 3914 snprintf(priv->firmware_id, 32, "%s%s.%s", fw_table[fw_index].fw_file, 3915 firmware_modifier[i], fw_table[fw_index].fw_file_ext); 3916 priv->firmware_id[31] = '\0'; 3917 if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) == 0) { 3918 success = 1; 3919 break; 3920 } 3921 } 3922 } 3923 if (!success) { 3924 printk(KERN_ALERT 3925 "%s: firmware %s is missing, cannot start.\n", 3926 dev->name, priv->firmware_id); 3927 priv->firmware_id[0] = '\0'; 3928 return -ENOENT; 3929 } 3930 } 3931 3932 fw = fw_entry->data; 3933 len = fw_entry->size; 3934 } 3935 3936 if (len <= 0x6000) { 3937 atmel_write16(priv->dev, BSR, BSS_IRAM); 3938 atmel_copy_to_card(priv->dev, 0, fw, len); 3939 atmel_set_gcr(priv->dev, GCR_REMAP); 3940 } else { 3941 /* Remap */ 3942 atmel_set_gcr(priv->dev, GCR_REMAP); 3943 atmel_write16(priv->dev, BSR, BSS_IRAM); 3944 atmel_copy_to_card(priv->dev, 0, fw, 0x6000); 3945 atmel_write16(priv->dev, BSR, 0x2ff); 3946 atmel_copy_to_card(priv->dev, 0x8000, &fw[0x6000], len - 0x6000); 3947 } 3948 3949 release_firmware(fw_entry); 3950 } 3951 3952 err = atmel_wakeup_firmware(priv); 3953 if (err != 0) 3954 return err; 3955 3956 /* Check the version and set the correct flag for wpa stuff, 3957 old and new firmware is incompatible. 3958 The pre-wpa 3com firmware reports major version 5, 3959 the wpa 3com firmware is major version 4 and doesn't need 3960 the 3com broken-ness filter. */ 3961 priv->use_wpa = (priv->host_info.major_version == 4); 3962 priv->radio_on_broken = (priv->host_info.major_version == 5); 3963 3964 /* unmask all irq sources */ 3965 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_MASK_OFFSET), 0xff); 3966 3967 /* int Tx system and enable Tx */ 3968 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, 0), 0); 3969 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, 0), 0x80000000L); 3970 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, 0), 0); 3971 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, 0), 0); 3972 3973 priv->tx_desc_free = priv->host_info.tx_desc_count; 3974 priv->tx_desc_head = 0; 3975 priv->tx_desc_tail = 0; 3976 priv->tx_desc_previous = 0; 3977 priv->tx_free_mem = priv->host_info.tx_buff_size; 3978 priv->tx_buff_head = 0; 3979 priv->tx_buff_tail = 0; 3980 3981 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET)); 3982 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), 3983 configuration | FUNC_CTRL_TxENABLE); 3984 3985 /* init Rx system and enable */ 3986 priv->rx_desc_head = 0; 3987 3988 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET)); 3989 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), 3990 configuration | FUNC_CTRL_RxENABLE); 3991 3992 if (!priv->radio_on_broken) { 3993 if (atmel_send_command_wait(priv, CMD_EnableRadio, NULL, 0) == 3994 CMD_STATUS_REJECTED_RADIO_OFF) { 3995 printk(KERN_INFO "%s: cannot turn the radio on.\n", 3996 dev->name); 3997 return -EIO; 3998 } 3999 } 4000 4001 /* set up enough MIB values to run. */ 4002 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_AUTO_TX_RATE_POS, priv->auto_tx_rate); 4003 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_TX_PROMISCUOUS_POS, PROM_MODE_OFF); 4004 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_RTS_THRESHOLD_POS, priv->rts_threshold); 4005 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_FRAG_THRESHOLD_POS, priv->frag_threshold); 4006 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_SHORT_RETRY_POS, priv->short_retry); 4007 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_LONG_RETRY_POS, priv->long_retry); 4008 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, priv->preamble); 4009 atmel_set_mib(priv, Mac_Address_Mib_Type, MAC_ADDR_MIB_MAC_ADDR_POS, 4010 priv->dev->dev_addr, 6); 4011 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 4012 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 4013 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_BEACON_PER_POS, priv->default_beacon_period); 4014 atmel_set_mib(priv, Phy_Mib_Type, PHY_MIB_RATE_SET_POS, atmel_basic_rates, 4); 4015 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_PRIVACY_POS, priv->wep_is_on); 4016 if (priv->use_wpa) 4017 build_wpa_mib(priv); 4018 else 4019 build_wep_mib(priv); 4020 4021 if (old_state == STATION_STATE_READY) { 4022 union iwreq_data wrqu; 4023 4024 wrqu.data.length = 0; 4025 wrqu.data.flags = 0; 4026 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 4027 eth_zero_addr(wrqu.ap_addr.sa_data); 4028 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 4029 } 4030 4031 return 0; 4032 } 4033 atmel_send_command(struct atmel_private * priv,int command,void * cmd,int cmd_size)4034 static void atmel_send_command(struct atmel_private *priv, int command, 4035 void *cmd, int cmd_size) 4036 { 4037 if (cmd) 4038 atmel_copy_to_card(priv->dev, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET), 4039 cmd, cmd_size); 4040 4041 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET), command); 4042 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET), 0); 4043 } 4044 atmel_send_command_wait(struct atmel_private * priv,int command,void * cmd,int cmd_size)4045 static int atmel_send_command_wait(struct atmel_private *priv, int command, 4046 void *cmd, int cmd_size) 4047 { 4048 int i, status; 4049 4050 atmel_send_command(priv, command, cmd, cmd_size); 4051 4052 for (i = 5000; i; i--) { 4053 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET)); 4054 if (status != CMD_STATUS_IDLE && 4055 status != CMD_STATUS_IN_PROGRESS) 4056 break; 4057 udelay(20); 4058 } 4059 4060 if (i == 0) { 4061 printk(KERN_ALERT "%s: failed to contact MAC.\n", priv->dev->name); 4062 status = CMD_STATUS_HOST_ERROR; 4063 } else { 4064 if (command != CMD_EnableRadio) 4065 status = CMD_STATUS_COMPLETE; 4066 } 4067 4068 return status; 4069 } 4070 atmel_get_mib8(struct atmel_private * priv,u8 type,u8 index)4071 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index) 4072 { 4073 struct get_set_mib m; 4074 m.type = type; 4075 m.size = 1; 4076 m.index = index; 4077 4078 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + 1); 4079 return atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE)); 4080 } 4081 atmel_set_mib8(struct atmel_private * priv,u8 type,u8 index,u8 data)4082 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, u8 data) 4083 { 4084 struct get_set_mib m; 4085 m.type = type; 4086 m.size = 1; 4087 m.index = index; 4088 m.data[0] = data; 4089 4090 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 1); 4091 } 4092 atmel_set_mib16(struct atmel_private * priv,u8 type,u8 index,u16 data)4093 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index, 4094 u16 data) 4095 { 4096 struct get_set_mib m; 4097 m.type = type; 4098 m.size = 2; 4099 m.index = index; 4100 m.data[0] = data; 4101 m.data[1] = data >> 8; 4102 4103 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 2); 4104 } 4105 atmel_set_mib(struct atmel_private * priv,u8 type,u8 index,const u8 * data,int data_len)4106 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index, 4107 const u8 *data, int data_len) 4108 { 4109 struct get_set_mib m; 4110 m.type = type; 4111 m.size = data_len; 4112 m.index = index; 4113 4114 if (data_len > MIB_MAX_DATA_BYTES) 4115 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name); 4116 4117 memcpy(m.data, data, data_len); 4118 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + data_len); 4119 } 4120 atmel_get_mib(struct atmel_private * priv,u8 type,u8 index,u8 * data,int data_len)4121 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index, 4122 u8 *data, int data_len) 4123 { 4124 struct get_set_mib m; 4125 m.type = type; 4126 m.size = data_len; 4127 m.index = index; 4128 4129 if (data_len > MIB_MAX_DATA_BYTES) 4130 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name); 4131 4132 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + data_len); 4133 atmel_copy_to_host(priv->dev, data, 4134 atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE), data_len); 4135 } 4136 atmel_writeAR(struct net_device * dev,u16 data)4137 static void atmel_writeAR(struct net_device *dev, u16 data) 4138 { 4139 int i; 4140 outw(data, dev->base_addr + AR); 4141 /* Address register appears to need some convincing..... */ 4142 for (i = 0; data != inw(dev->base_addr + AR) && i < 10; i++) 4143 outw(data, dev->base_addr + AR); 4144 } 4145 atmel_copy_to_card(struct net_device * dev,u16 dest,const unsigned char * src,u16 len)4146 static void atmel_copy_to_card(struct net_device *dev, u16 dest, 4147 const unsigned char *src, u16 len) 4148 { 4149 int i; 4150 atmel_writeAR(dev, dest); 4151 if (dest % 2) { 4152 atmel_write8(dev, DR, *src); 4153 src++; len--; 4154 } 4155 for (i = len; i > 1 ; i -= 2) { 4156 u8 lb = *src++; 4157 u8 hb = *src++; 4158 atmel_write16(dev, DR, lb | (hb << 8)); 4159 } 4160 if (i) 4161 atmel_write8(dev, DR, *src); 4162 } 4163 atmel_copy_to_host(struct net_device * dev,unsigned char * dest,u16 src,u16 len)4164 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest, 4165 u16 src, u16 len) 4166 { 4167 int i; 4168 atmel_writeAR(dev, src); 4169 if (src % 2) { 4170 *dest = atmel_read8(dev, DR); 4171 dest++; len--; 4172 } 4173 for (i = len; i > 1 ; i -= 2) { 4174 u16 hw = atmel_read16(dev, DR); 4175 *dest++ = hw; 4176 *dest++ = hw >> 8; 4177 } 4178 if (i) 4179 *dest = atmel_read8(dev, DR); 4180 } 4181 atmel_set_gcr(struct net_device * dev,u16 mask)4182 static void atmel_set_gcr(struct net_device *dev, u16 mask) 4183 { 4184 outw(inw(dev->base_addr + GCR) | mask, dev->base_addr + GCR); 4185 } 4186 atmel_clear_gcr(struct net_device * dev,u16 mask)4187 static void atmel_clear_gcr(struct net_device *dev, u16 mask) 4188 { 4189 outw(inw(dev->base_addr + GCR) & ~mask, dev->base_addr + GCR); 4190 } 4191 atmel_lock_mac(struct atmel_private * priv)4192 static int atmel_lock_mac(struct atmel_private *priv) 4193 { 4194 int i, j = 20; 4195 retry: 4196 for (i = 5000; i; i--) { 4197 if (!atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) 4198 break; 4199 udelay(20); 4200 } 4201 4202 if (!i) 4203 return 0; /* timed out */ 4204 4205 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 1); 4206 if (atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) { 4207 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 4208 if (!j--) 4209 return 0; /* timed out */ 4210 goto retry; 4211 } 4212 4213 return 1; 4214 } 4215 atmel_wmem32(struct atmel_private * priv,u16 pos,u32 data)4216 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data) 4217 { 4218 atmel_writeAR(priv->dev, pos); 4219 atmel_write16(priv->dev, DR, data); /* card is little-endian */ 4220 atmel_write16(priv->dev, DR, data >> 16); 4221 } 4222 4223 /***************************************************************************/ 4224 /* There follows the source form of the MAC address reading firmware */ 4225 /***************************************************************************/ 4226 #if 0 4227 4228 /* Copyright 2003 Matthew T. Russotto */ 4229 /* But derived from the Atmel 76C502 firmware written by Atmel and */ 4230 /* included in "atmel wireless lan drivers" package */ 4231 /* 4232 This file is part of net.russotto.AtmelMACFW, hereto referred to 4233 as AtmelMACFW 4234 4235 AtmelMACFW is free software; you can redistribute it and/or modify 4236 it under the terms of the GNU General Public License version 2 4237 as published by the Free Software Foundation. 4238 4239 AtmelMACFW is distributed in the hope that it will be useful, 4240 but WITHOUT ANY WARRANTY; without even the implied warranty of 4241 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 4242 GNU General Public License for more details. 4243 4244 You should have received a copy of the GNU General Public License 4245 along with AtmelMACFW; if not, see <http://www.gnu.org/licenses/>. 4246 4247 ****************************************************************************/ 4248 /* This firmware should work on the 76C502 RFMD, RFMD_D, and RFMD_E */ 4249 /* It will probably work on the 76C504 and 76C502 RFMD_3COM */ 4250 /* It only works on SPI EEPROM versions of the card. */ 4251 4252 /* This firmware initializes the SPI controller and clock, reads the MAC */ 4253 /* address from the EEPROM into SRAM, and puts the SRAM offset of the MAC */ 4254 /* address in MR2, and sets MR3 to 0x10 to indicate it is done */ 4255 /* It also puts a complete copy of the EEPROM in SRAM with the offset in */ 4256 /* MR4, for investigational purposes (maybe we can determine chip type */ 4257 /* from that?) */ 4258 4259 .org 0 4260 .set MRBASE, 0x8000000 4261 .set CPSR_INITIAL, 0xD3 /* IRQ/FIQ disabled, ARM mode, Supervisor state */ 4262 .set CPSR_USER, 0xD1 /* IRQ/FIQ disabled, ARM mode, USER state */ 4263 .set SRAM_BASE, 0x02000000 4264 .set SP_BASE, 0x0F300000 4265 .set UNK_BASE, 0x0F000000 /* Some internal device, but which one? */ 4266 .set SPI_CGEN_BASE, 0x0E000000 /* Some internal device, but which one? */ 4267 .set UNK3_BASE, 0x02014000 /* Some internal device, but which one? */ 4268 .set STACK_BASE, 0x5600 4269 .set SP_SR, 0x10 4270 .set SP_TDRE, 2 /* status register bit -- TDR empty */ 4271 .set SP_RDRF, 1 /* status register bit -- RDR full */ 4272 .set SP_SWRST, 0x80 4273 .set SP_SPIEN, 0x1 4274 .set SP_CR, 0 /* control register */ 4275 .set SP_MR, 4 /* mode register */ 4276 .set SP_RDR, 0x08 /* Read Data Register */ 4277 .set SP_TDR, 0x0C /* Transmit Data Register */ 4278 .set SP_CSR0, 0x30 /* chip select registers */ 4279 .set SP_CSR1, 0x34 4280 .set SP_CSR2, 0x38 4281 .set SP_CSR3, 0x3C 4282 .set NVRAM_CMD_RDSR, 5 /* read status register */ 4283 .set NVRAM_CMD_READ, 3 /* read data */ 4284 .set NVRAM_SR_RDY, 1 /* RDY bit. This bit is inverted */ 4285 .set SPI_8CLOCKS, 0xFF /* Writing this to the TDR doesn't do anything to the 4286 serial output, since SO is normally high. But it 4287 does cause 8 clock cycles and thus 8 bits to be 4288 clocked in to the chip. See Atmel's SPI 4289 controller (e.g. AT91M55800) timing and 4K 4290 SPI EEPROM manuals */ 4291 4292 .set NVRAM_SCRATCH, 0x02000100 /* arbitrary area for scratchpad memory */ 4293 .set NVRAM_IMAGE, 0x02000200 4294 .set NVRAM_LENGTH, 0x0200 4295 .set MAC_ADDRESS_MIB, SRAM_BASE 4296 .set MAC_ADDRESS_LENGTH, 6 4297 .set MAC_BOOT_FLAG, 0x10 4298 .set MR1, 0 4299 .set MR2, 4 4300 .set MR3, 8 4301 .set MR4, 0xC 4302 RESET_VECTOR: 4303 b RESET_HANDLER 4304 UNDEF_VECTOR: 4305 b HALT1 4306 SWI_VECTOR: 4307 b HALT1 4308 IABORT_VECTOR: 4309 b HALT1 4310 DABORT_VECTOR: 4311 RESERVED_VECTOR: 4312 b HALT1 4313 IRQ_VECTOR: 4314 b HALT1 4315 FIQ_VECTOR: 4316 b HALT1 4317 HALT1: b HALT1 4318 RESET_HANDLER: 4319 mov r0, #CPSR_INITIAL 4320 msr CPSR_c, r0 /* This is probably unnecessary */ 4321 4322 /* I'm guessing this is initializing clock generator electronics for SPI */ 4323 ldr r0, =SPI_CGEN_BASE 4324 mov r1, #0 4325 mov r1, r1, lsl #3 4326 orr r1, r1, #0 4327 str r1, [r0] 4328 ldr r1, [r0, #28] 4329 bic r1, r1, #16 4330 str r1, [r0, #28] 4331 mov r1, #1 4332 str r1, [r0, #8] 4333 4334 ldr r0, =MRBASE 4335 mov r1, #0 4336 strh r1, [r0, #MR1] 4337 strh r1, [r0, #MR2] 4338 strh r1, [r0, #MR3] 4339 strh r1, [r0, #MR4] 4340 4341 mov sp, #STACK_BASE 4342 bl SP_INIT 4343 mov r0, #10 4344 bl DELAY9 4345 bl GET_MAC_ADDR 4346 bl GET_WHOLE_NVRAM 4347 ldr r0, =MRBASE 4348 ldr r1, =MAC_ADDRESS_MIB 4349 strh r1, [r0, #MR2] 4350 ldr r1, =NVRAM_IMAGE 4351 strh r1, [r0, #MR4] 4352 mov r1, #MAC_BOOT_FLAG 4353 strh r1, [r0, #MR3] 4354 HALT2: b HALT2 4355 .func Get_Whole_NVRAM, GET_WHOLE_NVRAM 4356 GET_WHOLE_NVRAM: 4357 stmdb sp!, {lr} 4358 mov r2, #0 /* 0th bytes of NVRAM */ 4359 mov r3, #NVRAM_LENGTH 4360 mov r1, #0 /* not used in routine */ 4361 ldr r0, =NVRAM_IMAGE 4362 bl NVRAM_XFER 4363 ldmia sp!, {lr} 4364 bx lr 4365 .endfunc 4366 4367 .func Get_MAC_Addr, GET_MAC_ADDR 4368 GET_MAC_ADDR: 4369 stmdb sp!, {lr} 4370 mov r2, #0x120 /* address of MAC Address within NVRAM */ 4371 mov r3, #MAC_ADDRESS_LENGTH 4372 mov r1, #0 /* not used in routine */ 4373 ldr r0, =MAC_ADDRESS_MIB 4374 bl NVRAM_XFER 4375 ldmia sp!, {lr} 4376 bx lr 4377 .endfunc 4378 .ltorg 4379 .func Delay9, DELAY9 4380 DELAY9: 4381 adds r0, r0, r0, LSL #3 /* r0 = r0 * 9 */ 4382 DELAYLOOP: 4383 beq DELAY9_done 4384 subs r0, r0, #1 4385 b DELAYLOOP 4386 DELAY9_done: 4387 bx lr 4388 .endfunc 4389 4390 .func SP_Init, SP_INIT 4391 SP_INIT: 4392 mov r1, #SP_SWRST 4393 ldr r0, =SP_BASE 4394 str r1, [r0, #SP_CR] /* reset the SPI */ 4395 mov r1, #0 4396 str r1, [r0, #SP_CR] /* release SPI from reset state */ 4397 mov r1, #SP_SPIEN 4398 str r1, [r0, #SP_MR] /* set the SPI to MASTER mode*/ 4399 str r1, [r0, #SP_CR] /* enable the SPI */ 4400 4401 /* My guess would be this turns on the SPI clock */ 4402 ldr r3, =SPI_CGEN_BASE 4403 ldr r1, [r3, #28] 4404 orr r1, r1, #0x2000 4405 str r1, [r3, #28] 4406 4407 ldr r1, =0x2000c01 4408 str r1, [r0, #SP_CSR0] 4409 ldr r1, =0x2000201 4410 str r1, [r0, #SP_CSR1] 4411 str r1, [r0, #SP_CSR2] 4412 str r1, [r0, #SP_CSR3] 4413 ldr r1, [r0, #SP_SR] 4414 ldr r0, [r0, #SP_RDR] 4415 bx lr 4416 .endfunc 4417 .func NVRAM_Init, NVRAM_INIT 4418 NVRAM_INIT: 4419 ldr r1, =SP_BASE 4420 ldr r0, [r1, #SP_RDR] 4421 mov r0, #NVRAM_CMD_RDSR 4422 str r0, [r1, #SP_TDR] 4423 SP_loop1: 4424 ldr r0, [r1, #SP_SR] 4425 tst r0, #SP_TDRE 4426 beq SP_loop1 4427 4428 mov r0, #SPI_8CLOCKS 4429 str r0, [r1, #SP_TDR] 4430 SP_loop2: 4431 ldr r0, [r1, #SP_SR] 4432 tst r0, #SP_TDRE 4433 beq SP_loop2 4434 4435 ldr r0, [r1, #SP_RDR] 4436 SP_loop3: 4437 ldr r0, [r1, #SP_SR] 4438 tst r0, #SP_RDRF 4439 beq SP_loop3 4440 4441 ldr r0, [r1, #SP_RDR] 4442 and r0, r0, #255 4443 bx lr 4444 .endfunc 4445 4446 .func NVRAM_Xfer, NVRAM_XFER 4447 /* r0 = dest address */ 4448 /* r1 = not used */ 4449 /* r2 = src address within NVRAM */ 4450 /* r3 = length */ 4451 NVRAM_XFER: 4452 stmdb sp!, {r4, r5, lr} 4453 mov r5, r0 /* save r0 (dest address) */ 4454 mov r4, r3 /* save r3 (length) */ 4455 mov r0, r2, LSR #5 /* SPI memories put A8 in the command field */ 4456 and r0, r0, #8 4457 add r0, r0, #NVRAM_CMD_READ 4458 ldr r1, =NVRAM_SCRATCH 4459 strb r0, [r1, #0] /* save command in NVRAM_SCRATCH[0] */ 4460 strb r2, [r1, #1] /* save low byte of source address in NVRAM_SCRATCH[1] */ 4461 _local1: 4462 bl NVRAM_INIT 4463 tst r0, #NVRAM_SR_RDY 4464 bne _local1 4465 mov r0, #20 4466 bl DELAY9 4467 mov r2, r4 /* length */ 4468 mov r1, r5 /* dest address */ 4469 mov r0, #2 /* bytes to transfer in command */ 4470 bl NVRAM_XFER2 4471 ldmia sp!, {r4, r5, lr} 4472 bx lr 4473 .endfunc 4474 4475 .func NVRAM_Xfer2, NVRAM_XFER2 4476 NVRAM_XFER2: 4477 stmdb sp!, {r4, r5, r6, lr} 4478 ldr r4, =SP_BASE 4479 mov r3, #0 4480 cmp r0, #0 4481 bls _local2 4482 ldr r5, =NVRAM_SCRATCH 4483 _local4: 4484 ldrb r6, [r5, r3] 4485 str r6, [r4, #SP_TDR] 4486 _local3: 4487 ldr r6, [r4, #SP_SR] 4488 tst r6, #SP_TDRE 4489 beq _local3 4490 add r3, r3, #1 4491 cmp r3, r0 /* r0 is # of bytes to send out (command+addr) */ 4492 blo _local4 4493 _local2: 4494 mov r3, #SPI_8CLOCKS 4495 str r3, [r4, #SP_TDR] 4496 ldr r0, [r4, #SP_RDR] 4497 _local5: 4498 ldr r0, [r4, #SP_SR] 4499 tst r0, #SP_RDRF 4500 beq _local5 4501 ldr r0, [r4, #SP_RDR] /* what's this byte? It's the byte read while writing the TDR -- nonsense, because the NVRAM doesn't read and write at the same time */ 4502 mov r0, #0 4503 cmp r2, #0 /* r2 is # of bytes to copy in */ 4504 bls _local6 4505 _local7: 4506 ldr r5, [r4, #SP_SR] 4507 tst r5, #SP_TDRE 4508 beq _local7 4509 str r3, [r4, #SP_TDR] /* r3 has SPI_8CLOCKS */ 4510 _local8: 4511 ldr r5, [r4, #SP_SR] 4512 tst r5, #SP_RDRF 4513 beq _local8 4514 ldr r5, [r4, #SP_RDR] /* but didn't we read this byte above? */ 4515 strb r5, [r1], #1 /* postindexed */ 4516 add r0, r0, #1 4517 cmp r0, r2 4518 blo _local7 /* since we don't send another address, the NVRAM must be capable of sequential reads */ 4519 _local6: 4520 mov r0, #200 4521 bl DELAY9 4522 ldmia sp!, {r4, r5, r6, lr} 4523 bx lr 4524 #endif 4525