1 /*** -*- linux-c -*- **********************************************************
2
3 Driver for Atmel at76c502 at76c504 and at76c506 wireless cards.
4
5 Copyright 2000-2001 ATMEL Corporation.
6 Copyright 2003-2004 Simon Kelley.
7
8 This code was developed from version 2.1.1 of the Atmel drivers,
9 released by Atmel corp. under the GPL in December 2002. It also
10 includes code from the Linux aironet drivers (C) Benjamin Reed,
11 and the Linux PCMCIA package, (C) David Hinds and the Linux wireless
12 extensions, (C) Jean Tourrilhes.
13
14 The firmware module for reading the MAC address of the card comes from
15 net.russotto.AtmelMACFW, written by Matthew T. Russotto and copyright
16 by him. net.russotto.AtmelMACFW is used under the GPL license version 2.
17 This file contains the module in binary form and, under the terms
18 of the GPL, in source form. The source is located at the end of the file.
19
20 This program is free software; you can redistribute it and/or modify
21 it under the terms of the GNU General Public License as published by
22 the Free Software Foundation; either version 2 of the License, or
23 (at your option) any later version.
24
25 This software is distributed in the hope that it will be useful,
26 but WITHOUT ANY WARRANTY; without even the implied warranty of
27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 GNU General Public License for more details.
29
30 You should have received a copy of the GNU General Public License
31 along with Atmel wireless lan drivers; if not, see
32 <http://www.gnu.org/licenses/>.
33
34 For all queries about this code, please contact the current author,
35 Simon Kelley <simon@thekelleys.org.uk> and not Atmel Corporation.
36
37 Credit is due to HP UK and Cambridge Online Systems Ltd for supplying
38 hardware used during development of this driver.
39
40 ******************************************************************************/
41
42 #include <linux/interrupt.h>
43
44 #include <linux/kernel.h>
45 #include <linux/ptrace.h>
46 #include <linux/slab.h>
47 #include <linux/string.h>
48 #include <linux/timer.h>
49 #include <asm/byteorder.h>
50 #include <asm/io.h>
51 #include <linux/uaccess.h>
52 #include <linux/module.h>
53 #include <linux/netdevice.h>
54 #include <linux/etherdevice.h>
55 #include <linux/skbuff.h>
56 #include <linux/if_arp.h>
57 #include <linux/ioport.h>
58 #include <linux/fcntl.h>
59 #include <linux/delay.h>
60 #include <linux/wireless.h>
61 #include <net/iw_handler.h>
62 #include <linux/crc32.h>
63 #include <linux/proc_fs.h>
64 #include <linux/seq_file.h>
65 #include <linux/device.h>
66 #include <linux/moduleparam.h>
67 #include <linux/firmware.h>
68 #include <linux/jiffies.h>
69 #include <net/cfg80211.h>
70 #include "atmel.h"
71
72 #define DRIVER_MAJOR 0
73 #define DRIVER_MINOR 98
74
75 MODULE_AUTHOR("Simon Kelley");
76 MODULE_DESCRIPTION("Support for Atmel at76c50x 802.11 wireless ethernet cards.");
77 MODULE_LICENSE("GPL");
78
79 /* The name of the firmware file to be loaded
80 over-rides any automatic selection */
81 static char *firmware = NULL;
82 module_param(firmware, charp, 0);
83
84 /* table of firmware file names */
85 static struct {
86 AtmelFWType fw_type;
87 const char *fw_file;
88 const char *fw_file_ext;
89 } fw_table[] = {
90 { ATMEL_FW_TYPE_502, "atmel_at76c502", "bin" },
91 { ATMEL_FW_TYPE_502D, "atmel_at76c502d", "bin" },
92 { ATMEL_FW_TYPE_502E, "atmel_at76c502e", "bin" },
93 { ATMEL_FW_TYPE_502_3COM, "atmel_at76c502_3com", "bin" },
94 { ATMEL_FW_TYPE_504, "atmel_at76c504", "bin" },
95 { ATMEL_FW_TYPE_504_2958, "atmel_at76c504_2958", "bin" },
96 { ATMEL_FW_TYPE_504A_2958, "atmel_at76c504a_2958", "bin" },
97 { ATMEL_FW_TYPE_506, "atmel_at76c506", "bin" },
98 { ATMEL_FW_TYPE_NONE, NULL, NULL }
99 };
100 MODULE_FIRMWARE("atmel_at76c502-wpa.bin");
101 MODULE_FIRMWARE("atmel_at76c502.bin");
102 MODULE_FIRMWARE("atmel_at76c502d-wpa.bin");
103 MODULE_FIRMWARE("atmel_at76c502d.bin");
104 MODULE_FIRMWARE("atmel_at76c502e-wpa.bin");
105 MODULE_FIRMWARE("atmel_at76c502e.bin");
106 MODULE_FIRMWARE("atmel_at76c502_3com-wpa.bin");
107 MODULE_FIRMWARE("atmel_at76c502_3com.bin");
108 MODULE_FIRMWARE("atmel_at76c504-wpa.bin");
109 MODULE_FIRMWARE("atmel_at76c504.bin");
110 MODULE_FIRMWARE("atmel_at76c504_2958-wpa.bin");
111 MODULE_FIRMWARE("atmel_at76c504_2958.bin");
112 MODULE_FIRMWARE("atmel_at76c504a_2958-wpa.bin");
113 MODULE_FIRMWARE("atmel_at76c504a_2958.bin");
114 MODULE_FIRMWARE("atmel_at76c506-wpa.bin");
115 MODULE_FIRMWARE("atmel_at76c506.bin");
116
117 #define MAX_SSID_LENGTH 32
118 #define MGMT_JIFFIES (256 * HZ / 100)
119
120 #define MAX_BSS_ENTRIES 64
121
122 /* registers */
123 #define GCR 0x00 /* (SIR0) General Configuration Register */
124 #define BSR 0x02 /* (SIR1) Bank Switching Select Register */
125 #define AR 0x04
126 #define DR 0x08
127 #define MR1 0x12 /* Mirror Register 1 */
128 #define MR2 0x14 /* Mirror Register 2 */
129 #define MR3 0x16 /* Mirror Register 3 */
130 #define MR4 0x18 /* Mirror Register 4 */
131
132 #define GPR1 0x0c
133 #define GPR2 0x0e
134 #define GPR3 0x10
135 /*
136 * Constants for the GCR register.
137 */
138 #define GCR_REMAP 0x0400 /* Remap internal SRAM to 0 */
139 #define GCR_SWRES 0x0080 /* BIU reset (ARM and PAI are NOT reset) */
140 #define GCR_CORES 0x0060 /* Core Reset (ARM and PAI are reset) */
141 #define GCR_ENINT 0x0002 /* Enable Interrupts */
142 #define GCR_ACKINT 0x0008 /* Acknowledge Interrupts */
143
144 #define BSS_SRAM 0x0200 /* AMBA module selection --> SRAM */
145 #define BSS_IRAM 0x0100 /* AMBA module selection --> IRAM */
146 /*
147 *Constants for the MR registers.
148 */
149 #define MAC_INIT_COMPLETE 0x0001 /* MAC init has been completed */
150 #define MAC_BOOT_COMPLETE 0x0010 /* MAC boot has been completed */
151 #define MAC_INIT_OK 0x0002 /* MAC boot has been completed */
152
153 #define MIB_MAX_DATA_BYTES 212
154 #define MIB_HEADER_SIZE 4 /* first four fields */
155
156 struct get_set_mib {
157 u8 type;
158 u8 size;
159 u8 index;
160 u8 reserved;
161 u8 data[MIB_MAX_DATA_BYTES];
162 };
163
164 struct rx_desc {
165 u32 Next;
166 u16 MsduPos;
167 u16 MsduSize;
168
169 u8 State;
170 u8 Status;
171 u8 Rate;
172 u8 Rssi;
173 u8 LinkQuality;
174 u8 PreambleType;
175 u16 Duration;
176 u32 RxTime;
177 };
178
179 #define RX_DESC_FLAG_VALID 0x80
180 #define RX_DESC_FLAG_CONSUMED 0x40
181 #define RX_DESC_FLAG_IDLE 0x00
182
183 #define RX_STATUS_SUCCESS 0x00
184
185 #define RX_DESC_MSDU_POS_OFFSET 4
186 #define RX_DESC_MSDU_SIZE_OFFSET 6
187 #define RX_DESC_FLAGS_OFFSET 8
188 #define RX_DESC_STATUS_OFFSET 9
189 #define RX_DESC_RSSI_OFFSET 11
190 #define RX_DESC_LINK_QUALITY_OFFSET 12
191 #define RX_DESC_PREAMBLE_TYPE_OFFSET 13
192 #define RX_DESC_DURATION_OFFSET 14
193 #define RX_DESC_RX_TIME_OFFSET 16
194
195 struct tx_desc {
196 u32 NextDescriptor;
197 u16 TxStartOfFrame;
198 u16 TxLength;
199
200 u8 TxState;
201 u8 TxStatus;
202 u8 RetryCount;
203
204 u8 TxRate;
205
206 u8 KeyIndex;
207 u8 ChiperType;
208 u8 ChipreLength;
209 u8 Reserved1;
210
211 u8 Reserved;
212 u8 PacketType;
213 u16 HostTxLength;
214 };
215
216 #define TX_DESC_NEXT_OFFSET 0
217 #define TX_DESC_POS_OFFSET 4
218 #define TX_DESC_SIZE_OFFSET 6
219 #define TX_DESC_FLAGS_OFFSET 8
220 #define TX_DESC_STATUS_OFFSET 9
221 #define TX_DESC_RETRY_OFFSET 10
222 #define TX_DESC_RATE_OFFSET 11
223 #define TX_DESC_KEY_INDEX_OFFSET 12
224 #define TX_DESC_CIPHER_TYPE_OFFSET 13
225 #define TX_DESC_CIPHER_LENGTH_OFFSET 14
226 #define TX_DESC_PACKET_TYPE_OFFSET 17
227 #define TX_DESC_HOST_LENGTH_OFFSET 18
228
229 /*
230 * Host-MAC interface
231 */
232
233 #define TX_STATUS_SUCCESS 0x00
234
235 #define TX_FIRM_OWN 0x80
236 #define TX_DONE 0x40
237
238 #define TX_ERROR 0x01
239
240 #define TX_PACKET_TYPE_DATA 0x01
241 #define TX_PACKET_TYPE_MGMT 0x02
242
243 #define ISR_EMPTY 0x00 /* no bits set in ISR */
244 #define ISR_TxCOMPLETE 0x01 /* packet transmitted */
245 #define ISR_RxCOMPLETE 0x02 /* packet received */
246 #define ISR_RxFRAMELOST 0x04 /* Rx Frame lost */
247 #define ISR_FATAL_ERROR 0x08 /* Fatal error */
248 #define ISR_COMMAND_COMPLETE 0x10 /* command completed */
249 #define ISR_OUT_OF_RANGE 0x20 /* command completed */
250 #define ISR_IBSS_MERGE 0x40 /* (4.1.2.30): IBSS merge */
251 #define ISR_GENERIC_IRQ 0x80
252
253 #define Local_Mib_Type 0x01
254 #define Mac_Address_Mib_Type 0x02
255 #define Mac_Mib_Type 0x03
256 #define Statistics_Mib_Type 0x04
257 #define Mac_Mgmt_Mib_Type 0x05
258 #define Mac_Wep_Mib_Type 0x06
259 #define Phy_Mib_Type 0x07
260 #define Multi_Domain_MIB 0x08
261
262 #define MAC_MGMT_MIB_CUR_BSSID_POS 14
263 #define MAC_MIB_FRAG_THRESHOLD_POS 8
264 #define MAC_MIB_RTS_THRESHOLD_POS 10
265 #define MAC_MIB_SHORT_RETRY_POS 16
266 #define MAC_MIB_LONG_RETRY_POS 17
267 #define MAC_MIB_SHORT_RETRY_LIMIT_POS 16
268 #define MAC_MGMT_MIB_BEACON_PER_POS 0
269 #define MAC_MGMT_MIB_STATION_ID_POS 6
270 #define MAC_MGMT_MIB_CUR_PRIVACY_POS 11
271 #define MAC_MGMT_MIB_CUR_BSSID_POS 14
272 #define MAC_MGMT_MIB_PS_MODE_POS 53
273 #define MAC_MGMT_MIB_LISTEN_INTERVAL_POS 54
274 #define MAC_MGMT_MIB_MULTI_DOMAIN_IMPLEMENTED 56
275 #define MAC_MGMT_MIB_MULTI_DOMAIN_ENABLED 57
276 #define PHY_MIB_CHANNEL_POS 14
277 #define PHY_MIB_RATE_SET_POS 20
278 #define PHY_MIB_REG_DOMAIN_POS 26
279 #define LOCAL_MIB_AUTO_TX_RATE_POS 3
280 #define LOCAL_MIB_SSID_SIZE 5
281 #define LOCAL_MIB_TX_PROMISCUOUS_POS 6
282 #define LOCAL_MIB_TX_MGMT_RATE_POS 7
283 #define LOCAL_MIB_TX_CONTROL_RATE_POS 8
284 #define LOCAL_MIB_PREAMBLE_TYPE 9
285 #define MAC_ADDR_MIB_MAC_ADDR_POS 0
286
287 #define CMD_Set_MIB_Vars 0x01
288 #define CMD_Get_MIB_Vars 0x02
289 #define CMD_Scan 0x03
290 #define CMD_Join 0x04
291 #define CMD_Start 0x05
292 #define CMD_EnableRadio 0x06
293 #define CMD_DisableRadio 0x07
294 #define CMD_SiteSurvey 0x0B
295
296 #define CMD_STATUS_IDLE 0x00
297 #define CMD_STATUS_COMPLETE 0x01
298 #define CMD_STATUS_UNKNOWN 0x02
299 #define CMD_STATUS_INVALID_PARAMETER 0x03
300 #define CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04
301 #define CMD_STATUS_TIME_OUT 0x07
302 #define CMD_STATUS_IN_PROGRESS 0x08
303 #define CMD_STATUS_REJECTED_RADIO_OFF 0x09
304 #define CMD_STATUS_HOST_ERROR 0xFF
305 #define CMD_STATUS_BUSY 0xFE
306
307 #define CMD_BLOCK_COMMAND_OFFSET 0
308 #define CMD_BLOCK_STATUS_OFFSET 1
309 #define CMD_BLOCK_PARAMETERS_OFFSET 4
310
311 #define SCAN_OPTIONS_SITE_SURVEY 0x80
312
313 #define MGMT_FRAME_BODY_OFFSET 24
314 #define MAX_AUTHENTICATION_RETRIES 3
315 #define MAX_ASSOCIATION_RETRIES 3
316
317 #define AUTHENTICATION_RESPONSE_TIME_OUT 1000
318
319 #define MAX_WIRELESS_BODY 2316 /* mtu is 2312, CRC is 4 */
320 #define LOOP_RETRY_LIMIT 500000
321
322 #define ACTIVE_MODE 1
323 #define PS_MODE 2
324
325 #define MAX_ENCRYPTION_KEYS 4
326 #define MAX_ENCRYPTION_KEY_SIZE 40
327
328 /*
329 * 802.11 related definitions
330 */
331
332 /*
333 * Regulatory Domains
334 */
335
336 #define REG_DOMAIN_FCC 0x10 /* Channels 1-11 USA */
337 #define REG_DOMAIN_DOC 0x20 /* Channel 1-11 Canada */
338 #define REG_DOMAIN_ETSI 0x30 /* Channel 1-13 Europe (ex Spain/France) */
339 #define REG_DOMAIN_SPAIN 0x31 /* Channel 10-11 Spain */
340 #define REG_DOMAIN_FRANCE 0x32 /* Channel 10-13 France */
341 #define REG_DOMAIN_MKK 0x40 /* Channel 14 Japan */
342 #define REG_DOMAIN_MKK1 0x41 /* Channel 1-14 Japan(MKK1) */
343 #define REG_DOMAIN_ISRAEL 0x50 /* Channel 3-9 ISRAEL */
344
345 #define BSS_TYPE_AD_HOC 1
346 #define BSS_TYPE_INFRASTRUCTURE 2
347
348 #define SCAN_TYPE_ACTIVE 0
349 #define SCAN_TYPE_PASSIVE 1
350
351 #define LONG_PREAMBLE 0
352 #define SHORT_PREAMBLE 1
353 #define AUTO_PREAMBLE 2
354
355 #define DATA_FRAME_WS_HEADER_SIZE 30
356
357 /* promiscuous mode control */
358 #define PROM_MODE_OFF 0x0
359 #define PROM_MODE_UNKNOWN 0x1
360 #define PROM_MODE_CRC_FAILED 0x2
361 #define PROM_MODE_DUPLICATED 0x4
362 #define PROM_MODE_MGMT 0x8
363 #define PROM_MODE_CTRL 0x10
364 #define PROM_MODE_BAD_PROTOCOL 0x20
365
366 #define IFACE_INT_STATUS_OFFSET 0
367 #define IFACE_INT_MASK_OFFSET 1
368 #define IFACE_LOCKOUT_HOST_OFFSET 2
369 #define IFACE_LOCKOUT_MAC_OFFSET 3
370 #define IFACE_FUNC_CTRL_OFFSET 28
371 #define IFACE_MAC_STAT_OFFSET 30
372 #define IFACE_GENERIC_INT_TYPE_OFFSET 32
373
374 #define CIPHER_SUITE_NONE 0
375 #define CIPHER_SUITE_WEP_64 1
376 #define CIPHER_SUITE_TKIP 2
377 #define CIPHER_SUITE_AES 3
378 #define CIPHER_SUITE_CCX 4
379 #define CIPHER_SUITE_WEP_128 5
380
381 /*
382 * IFACE MACROS & definitions
383 */
384
385 /*
386 * FuncCtrl field:
387 */
388 #define FUNC_CTRL_TxENABLE 0x10
389 #define FUNC_CTRL_RxENABLE 0x20
390 #define FUNC_CTRL_INIT_COMPLETE 0x01
391
392 /* A stub firmware image which reads the MAC address from NVRAM on the card.
393 For copyright information and source see the end of this file. */
394 static u8 mac_reader[] = {
395 0x06, 0x00, 0x00, 0xea, 0x04, 0x00, 0x00, 0xea, 0x03, 0x00, 0x00, 0xea, 0x02, 0x00, 0x00, 0xea,
396 0x01, 0x00, 0x00, 0xea, 0x00, 0x00, 0x00, 0xea, 0xff, 0xff, 0xff, 0xea, 0xfe, 0xff, 0xff, 0xea,
397 0xd3, 0x00, 0xa0, 0xe3, 0x00, 0xf0, 0x21, 0xe1, 0x0e, 0x04, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
398 0x81, 0x11, 0xa0, 0xe1, 0x00, 0x10, 0x81, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x1c, 0x10, 0x90, 0xe5,
399 0x10, 0x10, 0xc1, 0xe3, 0x1c, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 0x08, 0x10, 0x80, 0xe5,
400 0x02, 0x03, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 0xb0, 0x10, 0xc0, 0xe1, 0xb4, 0x10, 0xc0, 0xe1,
401 0xb8, 0x10, 0xc0, 0xe1, 0xbc, 0x10, 0xc0, 0xe1, 0x56, 0xdc, 0xa0, 0xe3, 0x21, 0x00, 0x00, 0xeb,
402 0x0a, 0x00, 0xa0, 0xe3, 0x1a, 0x00, 0x00, 0xeb, 0x10, 0x00, 0x00, 0xeb, 0x07, 0x00, 0x00, 0xeb,
403 0x02, 0x03, 0xa0, 0xe3, 0x02, 0x14, 0xa0, 0xe3, 0xb4, 0x10, 0xc0, 0xe1, 0x4c, 0x10, 0x9f, 0xe5,
404 0xbc, 0x10, 0xc0, 0xe1, 0x10, 0x10, 0xa0, 0xe3, 0xb8, 0x10, 0xc0, 0xe1, 0xfe, 0xff, 0xff, 0xea,
405 0x00, 0x40, 0x2d, 0xe9, 0x00, 0x20, 0xa0, 0xe3, 0x02, 0x3c, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
406 0x28, 0x00, 0x9f, 0xe5, 0x37, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1,
407 0x00, 0x40, 0x2d, 0xe9, 0x12, 0x2e, 0xa0, 0xe3, 0x06, 0x30, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3,
408 0x02, 0x04, 0xa0, 0xe3, 0x2f, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1,
409 0x00, 0x02, 0x00, 0x02, 0x80, 0x01, 0x90, 0xe0, 0x01, 0x00, 0x00, 0x0a, 0x01, 0x00, 0x50, 0xe2,
410 0xfc, 0xff, 0xff, 0xea, 0x1e, 0xff, 0x2f, 0xe1, 0x80, 0x10, 0xa0, 0xe3, 0xf3, 0x06, 0xa0, 0xe3,
411 0x00, 0x10, 0x80, 0xe5, 0x00, 0x10, 0xa0, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3,
412 0x04, 0x10, 0x80, 0xe5, 0x00, 0x10, 0x80, 0xe5, 0x0e, 0x34, 0xa0, 0xe3, 0x1c, 0x10, 0x93, 0xe5,
413 0x02, 0x1a, 0x81, 0xe3, 0x1c, 0x10, 0x83, 0xe5, 0x58, 0x11, 0x9f, 0xe5, 0x30, 0x10, 0x80, 0xe5,
414 0x54, 0x11, 0x9f, 0xe5, 0x34, 0x10, 0x80, 0xe5, 0x38, 0x10, 0x80, 0xe5, 0x3c, 0x10, 0x80, 0xe5,
415 0x10, 0x10, 0x90, 0xe5, 0x08, 0x00, 0x90, 0xe5, 0x1e, 0xff, 0x2f, 0xe1, 0xf3, 0x16, 0xa0, 0xe3,
416 0x08, 0x00, 0x91, 0xe5, 0x05, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 0x10, 0x00, 0x91, 0xe5,
417 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0xff, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5,
418 0x10, 0x00, 0x91, 0xe5, 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5,
419 0x10, 0x00, 0x91, 0xe5, 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5,
420 0xff, 0x00, 0x00, 0xe2, 0x1e, 0xff, 0x2f, 0xe1, 0x30, 0x40, 0x2d, 0xe9, 0x00, 0x50, 0xa0, 0xe1,
421 0x03, 0x40, 0xa0, 0xe1, 0xa2, 0x02, 0xa0, 0xe1, 0x08, 0x00, 0x00, 0xe2, 0x03, 0x00, 0x80, 0xe2,
422 0xd8, 0x10, 0x9f, 0xe5, 0x00, 0x00, 0xc1, 0xe5, 0x01, 0x20, 0xc1, 0xe5, 0xe2, 0xff, 0xff, 0xeb,
423 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x1a, 0x14, 0x00, 0xa0, 0xe3, 0xc4, 0xff, 0xff, 0xeb,
424 0x04, 0x20, 0xa0, 0xe1, 0x05, 0x10, 0xa0, 0xe1, 0x02, 0x00, 0xa0, 0xe3, 0x01, 0x00, 0x00, 0xeb,
425 0x30, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x70, 0x40, 0x2d, 0xe9, 0xf3, 0x46, 0xa0, 0xe3,
426 0x00, 0x30, 0xa0, 0xe3, 0x00, 0x00, 0x50, 0xe3, 0x08, 0x00, 0x00, 0x9a, 0x8c, 0x50, 0x9f, 0xe5,
427 0x03, 0x60, 0xd5, 0xe7, 0x0c, 0x60, 0x84, 0xe5, 0x10, 0x60, 0x94, 0xe5, 0x02, 0x00, 0x16, 0xe3,
428 0xfc, 0xff, 0xff, 0x0a, 0x01, 0x30, 0x83, 0xe2, 0x00, 0x00, 0x53, 0xe1, 0xf7, 0xff, 0xff, 0x3a,
429 0xff, 0x30, 0xa0, 0xe3, 0x0c, 0x30, 0x84, 0xe5, 0x08, 0x00, 0x94, 0xe5, 0x10, 0x00, 0x94, 0xe5,
430 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x94, 0xe5, 0x00, 0x00, 0xa0, 0xe3,
431 0x00, 0x00, 0x52, 0xe3, 0x0b, 0x00, 0x00, 0x9a, 0x10, 0x50, 0x94, 0xe5, 0x02, 0x00, 0x15, 0xe3,
432 0xfc, 0xff, 0xff, 0x0a, 0x0c, 0x30, 0x84, 0xe5, 0x10, 0x50, 0x94, 0xe5, 0x01, 0x00, 0x15, 0xe3,
433 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x50, 0x94, 0xe5, 0x01, 0x50, 0xc1, 0xe4, 0x01, 0x00, 0x80, 0xe2,
434 0x02, 0x00, 0x50, 0xe1, 0xf3, 0xff, 0xff, 0x3a, 0xc8, 0x00, 0xa0, 0xe3, 0x98, 0xff, 0xff, 0xeb,
435 0x70, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x01, 0x0c, 0x00, 0x02, 0x01, 0x02, 0x00, 0x02,
436 0x00, 0x01, 0x00, 0x02
437 };
438
439 struct atmel_private {
440 void *card; /* Bus dependent structure varies for PCcard */
441 int (*present_callback)(void *); /* And callback which uses it */
442 char firmware_id[32];
443 AtmelFWType firmware_type;
444 u8 *firmware;
445 int firmware_length;
446 struct timer_list management_timer;
447 struct net_device *dev;
448 struct device *sys_dev;
449 struct iw_statistics wstats;
450 spinlock_t irqlock, timerlock; /* spinlocks */
451 enum { BUS_TYPE_PCCARD, BUS_TYPE_PCI } bus_type;
452 enum {
453 CARD_TYPE_PARALLEL_FLASH,
454 CARD_TYPE_SPI_FLASH,
455 CARD_TYPE_EEPROM
456 } card_type;
457 int do_rx_crc; /* If we need to CRC incoming packets */
458 int probe_crc; /* set if we don't yet know */
459 int crc_ok_cnt, crc_ko_cnt; /* counters for probing */
460 u16 rx_desc_head;
461 u16 tx_desc_free, tx_desc_head, tx_desc_tail, tx_desc_previous;
462 u16 tx_free_mem, tx_buff_head, tx_buff_tail;
463
464 u16 frag_seq, frag_len, frag_no;
465 u8 frag_source[6];
466
467 u8 wep_is_on, default_key, exclude_unencrypted, encryption_level;
468 u8 group_cipher_suite, pairwise_cipher_suite;
469 u8 wep_keys[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
470 int wep_key_len[MAX_ENCRYPTION_KEYS];
471 int use_wpa, radio_on_broken; /* firmware dependent stuff. */
472
473 u16 host_info_base;
474 struct host_info_struct {
475 /* NB this is matched to the hardware, don't change. */
476 u8 volatile int_status;
477 u8 volatile int_mask;
478 u8 volatile lockout_host;
479 u8 volatile lockout_mac;
480
481 u16 tx_buff_pos;
482 u16 tx_buff_size;
483 u16 tx_desc_pos;
484 u16 tx_desc_count;
485
486 u16 rx_buff_pos;
487 u16 rx_buff_size;
488 u16 rx_desc_pos;
489 u16 rx_desc_count;
490
491 u16 build_version;
492 u16 command_pos;
493
494 u16 major_version;
495 u16 minor_version;
496
497 u16 func_ctrl;
498 u16 mac_status;
499 u16 generic_IRQ_type;
500 u8 reserved[2];
501 } host_info;
502
503 enum {
504 STATION_STATE_SCANNING,
505 STATION_STATE_JOINNING,
506 STATION_STATE_AUTHENTICATING,
507 STATION_STATE_ASSOCIATING,
508 STATION_STATE_READY,
509 STATION_STATE_REASSOCIATING,
510 STATION_STATE_DOWN,
511 STATION_STATE_MGMT_ERROR
512 } station_state;
513
514 int operating_mode, power_mode;
515 unsigned long last_qual;
516 int beacons_this_sec;
517 int channel;
518 int reg_domain, config_reg_domain;
519 int tx_rate;
520 int auto_tx_rate;
521 int rts_threshold;
522 int frag_threshold;
523 int long_retry, short_retry;
524 int preamble;
525 int default_beacon_period, beacon_period, listen_interval;
526 int CurrentAuthentTransactionSeqNum, ExpectedAuthentTransactionSeqNum;
527 int AuthenticationRequestRetryCnt, AssociationRequestRetryCnt, ReAssociationRequestRetryCnt;
528 enum {
529 SITE_SURVEY_IDLE,
530 SITE_SURVEY_IN_PROGRESS,
531 SITE_SURVEY_COMPLETED
532 } site_survey_state;
533 unsigned long last_survey;
534
535 int station_was_associated, station_is_associated;
536 int fast_scan;
537
538 struct bss_info {
539 int channel;
540 int SSIDsize;
541 int RSSI;
542 int UsingWEP;
543 int preamble;
544 int beacon_period;
545 int BSStype;
546 u8 BSSID[6];
547 u8 SSID[MAX_SSID_LENGTH];
548 } BSSinfo[MAX_BSS_ENTRIES];
549 int BSS_list_entries, current_BSS;
550 int connect_to_any_BSS;
551 int SSID_size, new_SSID_size;
552 u8 CurrentBSSID[6], BSSID[6];
553 u8 SSID[MAX_SSID_LENGTH], new_SSID[MAX_SSID_LENGTH];
554 u64 last_beacon_timestamp;
555 u8 rx_buf[MAX_WIRELESS_BODY];
556 };
557
558 static u8 atmel_basic_rates[4] = {0x82, 0x84, 0x0b, 0x16};
559
560 static const struct {
561 int reg_domain;
562 int min, max;
563 char *name;
564 } channel_table[] = { { REG_DOMAIN_FCC, 1, 11, "USA" },
565 { REG_DOMAIN_DOC, 1, 11, "Canada" },
566 { REG_DOMAIN_ETSI, 1, 13, "Europe" },
567 { REG_DOMAIN_SPAIN, 10, 11, "Spain" },
568 { REG_DOMAIN_FRANCE, 10, 13, "France" },
569 { REG_DOMAIN_MKK, 14, 14, "MKK" },
570 { REG_DOMAIN_MKK1, 1, 14, "MKK1" },
571 { REG_DOMAIN_ISRAEL, 3, 9, "Israel"} };
572
573 static void build_wpa_mib(struct atmel_private *priv);
574 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd);
575 static void atmel_copy_to_card(struct net_device *dev, u16 dest,
576 const unsigned char *src, u16 len);
577 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
578 u16 src, u16 len);
579 static void atmel_set_gcr(struct net_device *dev, u16 mask);
580 static void atmel_clear_gcr(struct net_device *dev, u16 mask);
581 static int atmel_lock_mac(struct atmel_private *priv);
582 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data);
583 static void atmel_command_irq(struct atmel_private *priv);
584 static int atmel_validate_channel(struct atmel_private *priv, int channel);
585 static void atmel_management_frame(struct atmel_private *priv,
586 struct ieee80211_hdr *header,
587 u16 frame_len, u8 rssi);
588 static void atmel_management_timer(struct timer_list *t);
589 static void atmel_send_command(struct atmel_private *priv, int command,
590 void *cmd, int cmd_size);
591 static int atmel_send_command_wait(struct atmel_private *priv, int command,
592 void *cmd, int cmd_size);
593 static void atmel_transmit_management_frame(struct atmel_private *priv,
594 struct ieee80211_hdr *header,
595 u8 *body, int body_len);
596
597 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index);
598 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index,
599 u8 data);
600 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
601 u16 data);
602 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
603 const u8 *data, int data_len);
604 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
605 u8 *data, int data_len);
606 static void atmel_scan(struct atmel_private *priv, int specific_ssid);
607 static void atmel_join_bss(struct atmel_private *priv, int bss_index);
608 static void atmel_smooth_qual(struct atmel_private *priv);
609 static void atmel_writeAR(struct net_device *dev, u16 data);
610 static int probe_atmel_card(struct net_device *dev);
611 static int reset_atmel_card(struct net_device *dev);
612 static void atmel_enter_state(struct atmel_private *priv, int new_state);
613 int atmel_open (struct net_device *dev);
614
atmel_hi(struct atmel_private * priv,u16 offset)615 static inline u16 atmel_hi(struct atmel_private *priv, u16 offset)
616 {
617 return priv->host_info_base + offset;
618 }
619
atmel_co(struct atmel_private * priv,u16 offset)620 static inline u16 atmel_co(struct atmel_private *priv, u16 offset)
621 {
622 return priv->host_info.command_pos + offset;
623 }
624
atmel_rx(struct atmel_private * priv,u16 offset,u16 desc)625 static inline u16 atmel_rx(struct atmel_private *priv, u16 offset, u16 desc)
626 {
627 return priv->host_info.rx_desc_pos + (sizeof(struct rx_desc) * desc) + offset;
628 }
629
atmel_tx(struct atmel_private * priv,u16 offset,u16 desc)630 static inline u16 atmel_tx(struct atmel_private *priv, u16 offset, u16 desc)
631 {
632 return priv->host_info.tx_desc_pos + (sizeof(struct tx_desc) * desc) + offset;
633 }
634
atmel_read8(struct net_device * dev,u16 offset)635 static inline u8 atmel_read8(struct net_device *dev, u16 offset)
636 {
637 return inb(dev->base_addr + offset);
638 }
639
atmel_write8(struct net_device * dev,u16 offset,u8 data)640 static inline void atmel_write8(struct net_device *dev, u16 offset, u8 data)
641 {
642 outb(data, dev->base_addr + offset);
643 }
644
atmel_read16(struct net_device * dev,u16 offset)645 static inline u16 atmel_read16(struct net_device *dev, u16 offset)
646 {
647 return inw(dev->base_addr + offset);
648 }
649
atmel_write16(struct net_device * dev,u16 offset,u16 data)650 static inline void atmel_write16(struct net_device *dev, u16 offset, u16 data)
651 {
652 outw(data, dev->base_addr + offset);
653 }
654
atmel_rmem8(struct atmel_private * priv,u16 pos)655 static inline u8 atmel_rmem8(struct atmel_private *priv, u16 pos)
656 {
657 atmel_writeAR(priv->dev, pos);
658 return atmel_read8(priv->dev, DR);
659 }
660
atmel_wmem8(struct atmel_private * priv,u16 pos,u16 data)661 static inline void atmel_wmem8(struct atmel_private *priv, u16 pos, u16 data)
662 {
663 atmel_writeAR(priv->dev, pos);
664 atmel_write8(priv->dev, DR, data);
665 }
666
atmel_rmem16(struct atmel_private * priv,u16 pos)667 static inline u16 atmel_rmem16(struct atmel_private *priv, u16 pos)
668 {
669 atmel_writeAR(priv->dev, pos);
670 return atmel_read16(priv->dev, DR);
671 }
672
atmel_wmem16(struct atmel_private * priv,u16 pos,u16 data)673 static inline void atmel_wmem16(struct atmel_private *priv, u16 pos, u16 data)
674 {
675 atmel_writeAR(priv->dev, pos);
676 atmel_write16(priv->dev, DR, data);
677 }
678
679 static const struct iw_handler_def atmel_handler_def;
680
tx_done_irq(struct atmel_private * priv)681 static void tx_done_irq(struct atmel_private *priv)
682 {
683 int i;
684
685 for (i = 0;
686 atmel_rmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head)) == TX_DONE &&
687 i < priv->host_info.tx_desc_count;
688 i++) {
689 u8 status = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_STATUS_OFFSET, priv->tx_desc_head));
690 u16 msdu_size = atmel_rmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_head));
691 u8 type = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_head));
692
693 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head), 0);
694
695 priv->tx_free_mem += msdu_size;
696 priv->tx_desc_free++;
697
698 if (priv->tx_buff_head + msdu_size > (priv->host_info.tx_buff_pos + priv->host_info.tx_buff_size))
699 priv->tx_buff_head = 0;
700 else
701 priv->tx_buff_head += msdu_size;
702
703 if (priv->tx_desc_head < (priv->host_info.tx_desc_count - 1))
704 priv->tx_desc_head++ ;
705 else
706 priv->tx_desc_head = 0;
707
708 if (type == TX_PACKET_TYPE_DATA) {
709 if (status == TX_STATUS_SUCCESS)
710 priv->dev->stats.tx_packets++;
711 else
712 priv->dev->stats.tx_errors++;
713 netif_wake_queue(priv->dev);
714 }
715 }
716 }
717
find_tx_buff(struct atmel_private * priv,u16 len)718 static u16 find_tx_buff(struct atmel_private *priv, u16 len)
719 {
720 u16 bottom_free = priv->host_info.tx_buff_size - priv->tx_buff_tail;
721
722 if (priv->tx_desc_free == 3 || priv->tx_free_mem < len)
723 return 0;
724
725 if (bottom_free >= len)
726 return priv->host_info.tx_buff_pos + priv->tx_buff_tail;
727
728 if (priv->tx_free_mem - bottom_free >= len) {
729 priv->tx_buff_tail = 0;
730 return priv->host_info.tx_buff_pos;
731 }
732
733 return 0;
734 }
735
tx_update_descriptor(struct atmel_private * priv,int is_bcast,u16 len,u16 buff,u8 type)736 static void tx_update_descriptor(struct atmel_private *priv, int is_bcast,
737 u16 len, u16 buff, u8 type)
738 {
739 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, priv->tx_desc_tail), buff);
740 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_tail), len);
741 if (!priv->use_wpa)
742 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_HOST_LENGTH_OFFSET, priv->tx_desc_tail), len);
743 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_tail), type);
744 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RATE_OFFSET, priv->tx_desc_tail), priv->tx_rate);
745 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RETRY_OFFSET, priv->tx_desc_tail), 0);
746 if (priv->use_wpa) {
747 int cipher_type, cipher_length;
748 if (is_bcast) {
749 cipher_type = priv->group_cipher_suite;
750 if (cipher_type == CIPHER_SUITE_WEP_64 ||
751 cipher_type == CIPHER_SUITE_WEP_128)
752 cipher_length = 8;
753 else if (cipher_type == CIPHER_SUITE_TKIP)
754 cipher_length = 12;
755 else if (priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_64 ||
756 priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_128) {
757 cipher_type = priv->pairwise_cipher_suite;
758 cipher_length = 8;
759 } else {
760 cipher_type = CIPHER_SUITE_NONE;
761 cipher_length = 0;
762 }
763 } else {
764 cipher_type = priv->pairwise_cipher_suite;
765 if (cipher_type == CIPHER_SUITE_WEP_64 ||
766 cipher_type == CIPHER_SUITE_WEP_128)
767 cipher_length = 8;
768 else if (cipher_type == CIPHER_SUITE_TKIP)
769 cipher_length = 12;
770 else if (priv->group_cipher_suite == CIPHER_SUITE_WEP_64 ||
771 priv->group_cipher_suite == CIPHER_SUITE_WEP_128) {
772 cipher_type = priv->group_cipher_suite;
773 cipher_length = 8;
774 } else {
775 cipher_type = CIPHER_SUITE_NONE;
776 cipher_length = 0;
777 }
778 }
779
780 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_TYPE_OFFSET, priv->tx_desc_tail),
781 cipher_type);
782 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_LENGTH_OFFSET, priv->tx_desc_tail),
783 cipher_length);
784 }
785 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_tail), 0x80000000L);
786 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_tail), TX_FIRM_OWN);
787 if (priv->tx_desc_previous != priv->tx_desc_tail)
788 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_previous), 0);
789 priv->tx_desc_previous = priv->tx_desc_tail;
790 if (priv->tx_desc_tail < (priv->host_info.tx_desc_count - 1))
791 priv->tx_desc_tail++;
792 else
793 priv->tx_desc_tail = 0;
794 priv->tx_desc_free--;
795 priv->tx_free_mem -= len;
796 }
797
start_tx(struct sk_buff * skb,struct net_device * dev)798 static netdev_tx_t start_tx(struct sk_buff *skb, struct net_device *dev)
799 {
800 struct atmel_private *priv = netdev_priv(dev);
801 struct ieee80211_hdr header;
802 unsigned long flags;
803 u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN;
804
805 if (priv->card && priv->present_callback &&
806 !(*priv->present_callback)(priv->card)) {
807 dev->stats.tx_errors++;
808 dev_kfree_skb(skb);
809 return NETDEV_TX_OK;
810 }
811
812 if (priv->station_state != STATION_STATE_READY) {
813 dev->stats.tx_errors++;
814 dev_kfree_skb(skb);
815 return NETDEV_TX_OK;
816 }
817
818 /* first ensure the timer func cannot run */
819 spin_lock_bh(&priv->timerlock);
820 /* then stop the hardware ISR */
821 spin_lock_irqsave(&priv->irqlock, flags);
822 /* nb doing the above in the opposite order will deadlock */
823
824 /* The Wireless Header is 30 bytes. In the Ethernet packet we "cut" the
825 12 first bytes (containing DA/SA) and put them in the appropriate
826 fields of the Wireless Header. Thus the packet length is then the
827 initial + 18 (+30-12) */
828
829 if (!(buff = find_tx_buff(priv, len + 18))) {
830 dev->stats.tx_dropped++;
831 spin_unlock_irqrestore(&priv->irqlock, flags);
832 spin_unlock_bh(&priv->timerlock);
833 netif_stop_queue(dev);
834 return NETDEV_TX_BUSY;
835 }
836
837 frame_ctl = IEEE80211_FTYPE_DATA;
838 header.duration_id = 0;
839 header.seq_ctrl = 0;
840 if (priv->wep_is_on)
841 frame_ctl |= IEEE80211_FCTL_PROTECTED;
842 if (priv->operating_mode == IW_MODE_ADHOC) {
843 skb_copy_from_linear_data(skb, &header.addr1, ETH_ALEN);
844 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN);
845 memcpy(&header.addr3, priv->BSSID, ETH_ALEN);
846 } else {
847 frame_ctl |= IEEE80211_FCTL_TODS;
848 memcpy(&header.addr1, priv->CurrentBSSID, ETH_ALEN);
849 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN);
850 skb_copy_from_linear_data(skb, &header.addr3, ETH_ALEN);
851 }
852
853 if (priv->use_wpa)
854 memcpy(&header.addr4, rfc1042_header, ETH_ALEN);
855
856 header.frame_control = cpu_to_le16(frame_ctl);
857 /* Copy the wireless header into the card */
858 atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE);
859 /* Copy the packet sans its 802.3 header addresses which have been replaced */
860 atmel_copy_to_card(dev, buff + DATA_FRAME_WS_HEADER_SIZE, skb->data + 12, len - 12);
861 priv->tx_buff_tail += len - 12 + DATA_FRAME_WS_HEADER_SIZE;
862
863 /* low bit of first byte of destination tells us if broadcast */
864 tx_update_descriptor(priv, *(skb->data) & 0x01, len + 18, buff, TX_PACKET_TYPE_DATA);
865 dev->stats.tx_bytes += len;
866
867 spin_unlock_irqrestore(&priv->irqlock, flags);
868 spin_unlock_bh(&priv->timerlock);
869 dev_kfree_skb(skb);
870
871 return NETDEV_TX_OK;
872 }
873
atmel_transmit_management_frame(struct atmel_private * priv,struct ieee80211_hdr * header,u8 * body,int body_len)874 static void atmel_transmit_management_frame(struct atmel_private *priv,
875 struct ieee80211_hdr *header,
876 u8 *body, int body_len)
877 {
878 u16 buff;
879 int len = MGMT_FRAME_BODY_OFFSET + body_len;
880
881 if (!(buff = find_tx_buff(priv, len)))
882 return;
883
884 atmel_copy_to_card(priv->dev, buff, (u8 *)header, MGMT_FRAME_BODY_OFFSET);
885 atmel_copy_to_card(priv->dev, buff + MGMT_FRAME_BODY_OFFSET, body, body_len);
886 priv->tx_buff_tail += len;
887 tx_update_descriptor(priv, header->addr1[0] & 0x01, len, buff, TX_PACKET_TYPE_MGMT);
888 }
889
fast_rx_path(struct atmel_private * priv,struct ieee80211_hdr * header,u16 msdu_size,u16 rx_packet_loc,u32 crc)890 static void fast_rx_path(struct atmel_private *priv,
891 struct ieee80211_hdr *header,
892 u16 msdu_size, u16 rx_packet_loc, u32 crc)
893 {
894 /* fast path: unfragmented packet copy directly into skbuf */
895 u8 mac4[6];
896 struct sk_buff *skb;
897 unsigned char *skbp;
898
899 /* get the final, mac 4 header field, this tells us encapsulation */
900 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc + 24, 6);
901 msdu_size -= 6;
902
903 if (priv->do_rx_crc) {
904 crc = crc32_le(crc, mac4, 6);
905 msdu_size -= 4;
906 }
907
908 if (!(skb = dev_alloc_skb(msdu_size + 14))) {
909 priv->dev->stats.rx_dropped++;
910 return;
911 }
912
913 skb_reserve(skb, 2);
914 skbp = skb_put(skb, msdu_size + 12);
915 atmel_copy_to_host(priv->dev, skbp + 12, rx_packet_loc + 30, msdu_size);
916
917 if (priv->do_rx_crc) {
918 u32 netcrc;
919 crc = crc32_le(crc, skbp + 12, msdu_size);
920 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + 30 + msdu_size, 4);
921 if ((crc ^ 0xffffffff) != netcrc) {
922 priv->dev->stats.rx_crc_errors++;
923 dev_kfree_skb(skb);
924 return;
925 }
926 }
927
928 memcpy(skbp, header->addr1, ETH_ALEN); /* destination address */
929 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
930 memcpy(&skbp[ETH_ALEN], header->addr3, ETH_ALEN);
931 else
932 memcpy(&skbp[ETH_ALEN], header->addr2, ETH_ALEN); /* source address */
933
934 skb->protocol = eth_type_trans(skb, priv->dev);
935 skb->ip_summed = CHECKSUM_NONE;
936 netif_rx(skb);
937 priv->dev->stats.rx_bytes += 12 + msdu_size;
938 priv->dev->stats.rx_packets++;
939 }
940
941 /* Test to see if the packet in card memory at packet_loc has a valid CRC
942 It doesn't matter that this is slow: it is only used to proble the first few
943 packets. */
probe_crc(struct atmel_private * priv,u16 packet_loc,u16 msdu_size)944 static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size)
945 {
946 int i = msdu_size - 4;
947 u32 netcrc, crc = 0xffffffff;
948
949 if (msdu_size < 4)
950 return 0;
951
952 atmel_copy_to_host(priv->dev, (void *)&netcrc, packet_loc + i, 4);
953
954 atmel_writeAR(priv->dev, packet_loc);
955 while (i--) {
956 u8 octet = atmel_read8(priv->dev, DR);
957 crc = crc32_le(crc, &octet, 1);
958 }
959
960 return (crc ^ 0xffffffff) == netcrc;
961 }
962
frag_rx_path(struct atmel_private * priv,struct ieee80211_hdr * header,u16 msdu_size,u16 rx_packet_loc,u32 crc,u16 seq_no,u8 frag_no,int more_frags)963 static void frag_rx_path(struct atmel_private *priv,
964 struct ieee80211_hdr *header,
965 u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no,
966 u8 frag_no, int more_frags)
967 {
968 u8 mac4[ETH_ALEN];
969 u8 source[ETH_ALEN];
970 struct sk_buff *skb;
971
972 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
973 memcpy(source, header->addr3, ETH_ALEN);
974 else
975 memcpy(source, header->addr2, ETH_ALEN);
976
977 rx_packet_loc += 24; /* skip header */
978
979 if (priv->do_rx_crc)
980 msdu_size -= 4;
981
982 if (frag_no == 0) { /* first fragment */
983 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc, ETH_ALEN);
984 msdu_size -= ETH_ALEN;
985 rx_packet_loc += ETH_ALEN;
986
987 if (priv->do_rx_crc)
988 crc = crc32_le(crc, mac4, 6);
989
990 priv->frag_seq = seq_no;
991 priv->frag_no = 1;
992 priv->frag_len = msdu_size;
993 memcpy(priv->frag_source, source, ETH_ALEN);
994 memcpy(&priv->rx_buf[ETH_ALEN], source, ETH_ALEN);
995 memcpy(priv->rx_buf, header->addr1, ETH_ALEN);
996
997 atmel_copy_to_host(priv->dev, &priv->rx_buf[12], rx_packet_loc, msdu_size);
998
999 if (priv->do_rx_crc) {
1000 u32 netcrc;
1001 crc = crc32_le(crc, &priv->rx_buf[12], msdu_size);
1002 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1003 if ((crc ^ 0xffffffff) != netcrc) {
1004 priv->dev->stats.rx_crc_errors++;
1005 eth_broadcast_addr(priv->frag_source);
1006 }
1007 }
1008
1009 } else if (priv->frag_no == frag_no &&
1010 priv->frag_seq == seq_no &&
1011 memcmp(priv->frag_source, source, ETH_ALEN) == 0) {
1012
1013 atmel_copy_to_host(priv->dev, &priv->rx_buf[12 + priv->frag_len],
1014 rx_packet_loc, msdu_size);
1015 if (priv->do_rx_crc) {
1016 u32 netcrc;
1017 crc = crc32_le(crc,
1018 &priv->rx_buf[12 + priv->frag_len],
1019 msdu_size);
1020 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4);
1021 if ((crc ^ 0xffffffff) != netcrc) {
1022 priv->dev->stats.rx_crc_errors++;
1023 eth_broadcast_addr(priv->frag_source);
1024 more_frags = 1; /* don't send broken assembly */
1025 }
1026 }
1027
1028 priv->frag_len += msdu_size;
1029 priv->frag_no++;
1030
1031 if (!more_frags) { /* last one */
1032 eth_broadcast_addr(priv->frag_source);
1033 if (!(skb = dev_alloc_skb(priv->frag_len + 14))) {
1034 priv->dev->stats.rx_dropped++;
1035 } else {
1036 skb_reserve(skb, 2);
1037 skb_put_data(skb, priv->rx_buf,
1038 priv->frag_len + 12);
1039 skb->protocol = eth_type_trans(skb, priv->dev);
1040 skb->ip_summed = CHECKSUM_NONE;
1041 netif_rx(skb);
1042 priv->dev->stats.rx_bytes += priv->frag_len + 12;
1043 priv->dev->stats.rx_packets++;
1044 }
1045 }
1046 } else
1047 priv->wstats.discard.fragment++;
1048 }
1049
rx_done_irq(struct atmel_private * priv)1050 static void rx_done_irq(struct atmel_private *priv)
1051 {
1052 int i;
1053 struct ieee80211_hdr header;
1054
1055 for (i = 0;
1056 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID &&
1057 i < priv->host_info.rx_desc_count;
1058 i++) {
1059
1060 u16 msdu_size, rx_packet_loc, frame_ctl, seq_control;
1061 u8 status = atmel_rmem8(priv, atmel_rx(priv, RX_DESC_STATUS_OFFSET, priv->rx_desc_head));
1062 u32 crc = 0xffffffff;
1063
1064 if (status != RX_STATUS_SUCCESS) {
1065 if (status == 0xc1) /* determined by experiment */
1066 priv->wstats.discard.nwid++;
1067 else
1068 priv->dev->stats.rx_errors++;
1069 goto next;
1070 }
1071
1072 msdu_size = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_SIZE_OFFSET, priv->rx_desc_head));
1073 rx_packet_loc = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_POS_OFFSET, priv->rx_desc_head));
1074
1075 if (msdu_size < 30) {
1076 priv->dev->stats.rx_errors++;
1077 goto next;
1078 }
1079
1080 /* Get header as far as end of seq_ctrl */
1081 atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24);
1082 frame_ctl = le16_to_cpu(header.frame_control);
1083 seq_control = le16_to_cpu(header.seq_ctrl);
1084
1085 /* probe for CRC use here if needed once five packets have
1086 arrived with the same crc status, we assume we know what's
1087 happening and stop probing */
1088 if (priv->probe_crc) {
1089 if (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED)) {
1090 priv->do_rx_crc = probe_crc(priv, rx_packet_loc, msdu_size);
1091 } else {
1092 priv->do_rx_crc = probe_crc(priv, rx_packet_loc + 24, msdu_size - 24);
1093 }
1094 if (priv->do_rx_crc) {
1095 if (priv->crc_ok_cnt++ > 5)
1096 priv->probe_crc = 0;
1097 } else {
1098 if (priv->crc_ko_cnt++ > 5)
1099 priv->probe_crc = 0;
1100 }
1101 }
1102
1103 /* don't CRC header when WEP in use */
1104 if (priv->do_rx_crc && (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED))) {
1105 crc = crc32_le(0xffffffff, (unsigned char *)&header, 24);
1106 }
1107 msdu_size -= 24; /* header */
1108
1109 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) {
1110 int more_fragments = frame_ctl & IEEE80211_FCTL_MOREFRAGS;
1111 u8 packet_fragment_no = seq_control & IEEE80211_SCTL_FRAG;
1112 u16 packet_sequence_no = (seq_control & IEEE80211_SCTL_SEQ) >> 4;
1113
1114 if (!more_fragments && packet_fragment_no == 0) {
1115 fast_rx_path(priv, &header, msdu_size, rx_packet_loc, crc);
1116 } else {
1117 frag_rx_path(priv, &header, msdu_size, rx_packet_loc, crc,
1118 packet_sequence_no, packet_fragment_no, more_fragments);
1119 }
1120 }
1121
1122 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1123 /* copy rest of packet into buffer */
1124 atmel_copy_to_host(priv->dev, (unsigned char *)&priv->rx_buf, rx_packet_loc + 24, msdu_size);
1125
1126 /* we use the same buffer for frag reassembly and control packets */
1127 eth_broadcast_addr(priv->frag_source);
1128
1129 if (priv->do_rx_crc) {
1130 /* last 4 octets is crc */
1131 msdu_size -= 4;
1132 crc = crc32_le(crc, (unsigned char *)&priv->rx_buf, msdu_size);
1133 if ((crc ^ 0xffffffff) != (*((u32 *)&priv->rx_buf[msdu_size]))) {
1134 priv->dev->stats.rx_crc_errors++;
1135 goto next;
1136 }
1137 }
1138
1139 atmel_management_frame(priv, &header, msdu_size,
1140 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_RSSI_OFFSET, priv->rx_desc_head)));
1141 }
1142
1143 next:
1144 /* release descriptor */
1145 atmel_wmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head), RX_DESC_FLAG_CONSUMED);
1146
1147 if (priv->rx_desc_head < (priv->host_info.rx_desc_count - 1))
1148 priv->rx_desc_head++;
1149 else
1150 priv->rx_desc_head = 0;
1151 }
1152 }
1153
service_interrupt(int irq,void * dev_id)1154 static irqreturn_t service_interrupt(int irq, void *dev_id)
1155 {
1156 struct net_device *dev = (struct net_device *) dev_id;
1157 struct atmel_private *priv = netdev_priv(dev);
1158 u8 isr;
1159 int i = -1;
1160 static const u8 irq_order[] = {
1161 ISR_OUT_OF_RANGE,
1162 ISR_RxCOMPLETE,
1163 ISR_TxCOMPLETE,
1164 ISR_RxFRAMELOST,
1165 ISR_FATAL_ERROR,
1166 ISR_COMMAND_COMPLETE,
1167 ISR_IBSS_MERGE,
1168 ISR_GENERIC_IRQ
1169 };
1170
1171 if (priv->card && priv->present_callback &&
1172 !(*priv->present_callback)(priv->card))
1173 return IRQ_HANDLED;
1174
1175 /* In this state upper-level code assumes it can mess with
1176 the card unhampered by interrupts which may change register state.
1177 Note that even though the card shouldn't generate interrupts
1178 the inturrupt line may be shared. This allows card setup
1179 to go on without disabling interrupts for a long time. */
1180 if (priv->station_state == STATION_STATE_DOWN)
1181 return IRQ_NONE;
1182
1183 atmel_clear_gcr(dev, GCR_ENINT); /* disable interrupts */
1184
1185 while (1) {
1186 if (!atmel_lock_mac(priv)) {
1187 /* failed to contact card */
1188 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1189 return IRQ_HANDLED;
1190 }
1191
1192 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1193 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1194
1195 if (!isr) {
1196 atmel_set_gcr(dev, GCR_ENINT); /* enable interrupts */
1197 return i == -1 ? IRQ_NONE : IRQ_HANDLED;
1198 }
1199
1200 atmel_set_gcr(dev, GCR_ACKINT); /* acknowledge interrupt */
1201
1202 for (i = 0; i < ARRAY_SIZE(irq_order); i++)
1203 if (isr & irq_order[i])
1204 break;
1205
1206 if (!atmel_lock_mac(priv)) {
1207 /* failed to contact card */
1208 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name);
1209 return IRQ_HANDLED;
1210 }
1211
1212 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET));
1213 isr ^= irq_order[i];
1214 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET), isr);
1215 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
1216
1217 switch (irq_order[i]) {
1218
1219 case ISR_OUT_OF_RANGE:
1220 if (priv->operating_mode == IW_MODE_INFRA &&
1221 priv->station_state == STATION_STATE_READY) {
1222 priv->station_is_associated = 0;
1223 atmel_scan(priv, 1);
1224 }
1225 break;
1226
1227 case ISR_RxFRAMELOST:
1228 priv->wstats.discard.misc++;
1229 fallthrough;
1230 case ISR_RxCOMPLETE:
1231 rx_done_irq(priv);
1232 break;
1233
1234 case ISR_TxCOMPLETE:
1235 tx_done_irq(priv);
1236 break;
1237
1238 case ISR_FATAL_ERROR:
1239 printk(KERN_ALERT "%s: *** FATAL error interrupt ***\n", dev->name);
1240 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
1241 break;
1242
1243 case ISR_COMMAND_COMPLETE:
1244 atmel_command_irq(priv);
1245 break;
1246
1247 case ISR_IBSS_MERGE:
1248 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
1249 priv->CurrentBSSID, 6);
1250 /* The WPA stuff cares about the current AP address */
1251 if (priv->use_wpa)
1252 build_wpa_mib(priv);
1253 break;
1254 case ISR_GENERIC_IRQ:
1255 printk(KERN_INFO "%s: Generic_irq received.\n", dev->name);
1256 break;
1257 }
1258 }
1259 }
1260
atmel_get_wireless_stats(struct net_device * dev)1261 static struct iw_statistics *atmel_get_wireless_stats(struct net_device *dev)
1262 {
1263 struct atmel_private *priv = netdev_priv(dev);
1264
1265 /* update the link quality here in case we are seeing no beacons
1266 at all to drive the process */
1267 atmel_smooth_qual(priv);
1268
1269 priv->wstats.status = priv->station_state;
1270
1271 if (priv->operating_mode == IW_MODE_INFRA) {
1272 if (priv->station_state != STATION_STATE_READY) {
1273 priv->wstats.qual.qual = 0;
1274 priv->wstats.qual.level = 0;
1275 priv->wstats.qual.updated = (IW_QUAL_QUAL_INVALID
1276 | IW_QUAL_LEVEL_INVALID);
1277 }
1278 priv->wstats.qual.noise = 0;
1279 priv->wstats.qual.updated |= IW_QUAL_NOISE_INVALID;
1280 } else {
1281 /* Quality levels cannot be determined in ad-hoc mode,
1282 because we can 'hear' more that one remote station. */
1283 priv->wstats.qual.qual = 0;
1284 priv->wstats.qual.level = 0;
1285 priv->wstats.qual.noise = 0;
1286 priv->wstats.qual.updated = IW_QUAL_QUAL_INVALID
1287 | IW_QUAL_LEVEL_INVALID
1288 | IW_QUAL_NOISE_INVALID;
1289 priv->wstats.miss.beacon = 0;
1290 }
1291
1292 return &priv->wstats;
1293 }
1294
atmel_set_mac_address(struct net_device * dev,void * p)1295 static int atmel_set_mac_address(struct net_device *dev, void *p)
1296 {
1297 struct sockaddr *addr = p;
1298
1299 eth_hw_addr_set(dev, addr->sa_data);
1300 return atmel_open(dev);
1301 }
1302
1303 EXPORT_SYMBOL(atmel_open);
1304
atmel_open(struct net_device * dev)1305 int atmel_open(struct net_device *dev)
1306 {
1307 struct atmel_private *priv = netdev_priv(dev);
1308 int i, channel, err;
1309
1310 /* any scheduled timer is no longer needed and might screw things up.. */
1311 del_timer_sync(&priv->management_timer);
1312
1313 /* Interrupts will not touch the card once in this state... */
1314 priv->station_state = STATION_STATE_DOWN;
1315
1316 if (priv->new_SSID_size) {
1317 memcpy(priv->SSID, priv->new_SSID, priv->new_SSID_size);
1318 priv->SSID_size = priv->new_SSID_size;
1319 priv->new_SSID_size = 0;
1320 }
1321 priv->BSS_list_entries = 0;
1322
1323 priv->AuthenticationRequestRetryCnt = 0;
1324 priv->AssociationRequestRetryCnt = 0;
1325 priv->ReAssociationRequestRetryCnt = 0;
1326 priv->CurrentAuthentTransactionSeqNum = 0x0001;
1327 priv->ExpectedAuthentTransactionSeqNum = 0x0002;
1328
1329 priv->site_survey_state = SITE_SURVEY_IDLE;
1330 priv->station_is_associated = 0;
1331
1332 err = reset_atmel_card(dev);
1333 if (err)
1334 return err;
1335
1336 if (priv->config_reg_domain) {
1337 priv->reg_domain = priv->config_reg_domain;
1338 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS, priv->reg_domain);
1339 } else {
1340 priv->reg_domain = atmel_get_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS);
1341 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1342 if (priv->reg_domain == channel_table[i].reg_domain)
1343 break;
1344 if (i == ARRAY_SIZE(channel_table)) {
1345 priv->reg_domain = REG_DOMAIN_MKK1;
1346 printk(KERN_ALERT "%s: failed to get regulatory domain: assuming MKK1.\n", dev->name);
1347 }
1348 }
1349
1350 if ((channel = atmel_validate_channel(priv, priv->channel)))
1351 priv->channel = channel;
1352
1353 /* this moves station_state on.... */
1354 atmel_scan(priv, 1);
1355
1356 atmel_set_gcr(priv->dev, GCR_ENINT); /* enable interrupts */
1357 return 0;
1358 }
1359
atmel_close(struct net_device * dev)1360 static int atmel_close(struct net_device *dev)
1361 {
1362 struct atmel_private *priv = netdev_priv(dev);
1363
1364 /* Send event to userspace that we are disassociating */
1365 if (priv->station_state == STATION_STATE_READY) {
1366 union iwreq_data wrqu;
1367
1368 wrqu.data.length = 0;
1369 wrqu.data.flags = 0;
1370 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1371 eth_zero_addr(wrqu.ap_addr.sa_data);
1372 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
1373 }
1374
1375 atmel_enter_state(priv, STATION_STATE_DOWN);
1376
1377 if (priv->bus_type == BUS_TYPE_PCCARD)
1378 atmel_write16(dev, GCR, 0x0060);
1379 atmel_write16(dev, GCR, 0x0040);
1380 return 0;
1381 }
1382
atmel_validate_channel(struct atmel_private * priv,int channel)1383 static int atmel_validate_channel(struct atmel_private *priv, int channel)
1384 {
1385 /* check that channel is OK, if so return zero,
1386 else return suitable default channel */
1387 int i;
1388
1389 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1390 if (priv->reg_domain == channel_table[i].reg_domain) {
1391 if (channel >= channel_table[i].min &&
1392 channel <= channel_table[i].max)
1393 return 0;
1394 else
1395 return channel_table[i].min;
1396 }
1397 return 0;
1398 }
1399
1400 #ifdef CONFIG_PROC_FS
atmel_proc_show(struct seq_file * m,void * v)1401 static int atmel_proc_show(struct seq_file *m, void *v)
1402 {
1403 struct atmel_private *priv = m->private;
1404 int i;
1405 char *s, *r, *c;
1406
1407 seq_printf(m, "Driver version:\t\t%d.%d\n", DRIVER_MAJOR, DRIVER_MINOR);
1408
1409 if (priv->station_state != STATION_STATE_DOWN) {
1410 seq_printf(m,
1411 "Firmware version:\t%d.%d build %d\n"
1412 "Firmware location:\t",
1413 priv->host_info.major_version,
1414 priv->host_info.minor_version,
1415 priv->host_info.build_version);
1416
1417 if (priv->card_type != CARD_TYPE_EEPROM)
1418 seq_puts(m, "on card\n");
1419 else if (priv->firmware)
1420 seq_printf(m, "%s loaded by host\n", priv->firmware_id);
1421 else
1422 seq_printf(m, "%s loaded by hotplug\n", priv->firmware_id);
1423
1424 switch (priv->card_type) {
1425 case CARD_TYPE_PARALLEL_FLASH:
1426 c = "Parallel flash";
1427 break;
1428 case CARD_TYPE_SPI_FLASH:
1429 c = "SPI flash\n";
1430 break;
1431 case CARD_TYPE_EEPROM:
1432 c = "EEPROM";
1433 break;
1434 default:
1435 c = "<unknown>";
1436 }
1437
1438 r = "<unknown>";
1439 for (i = 0; i < ARRAY_SIZE(channel_table); i++)
1440 if (priv->reg_domain == channel_table[i].reg_domain)
1441 r = channel_table[i].name;
1442
1443 seq_printf(m, "MAC memory type:\t%s\n", c);
1444 seq_printf(m, "Regulatory domain:\t%s\n", r);
1445 seq_printf(m, "Host CRC checking:\t%s\n",
1446 priv->do_rx_crc ? "On" : "Off");
1447 seq_printf(m, "WPA-capable firmware:\t%s\n",
1448 priv->use_wpa ? "Yes" : "No");
1449 }
1450
1451 switch (priv->station_state) {
1452 case STATION_STATE_SCANNING:
1453 s = "Scanning";
1454 break;
1455 case STATION_STATE_JOINNING:
1456 s = "Joining";
1457 break;
1458 case STATION_STATE_AUTHENTICATING:
1459 s = "Authenticating";
1460 break;
1461 case STATION_STATE_ASSOCIATING:
1462 s = "Associating";
1463 break;
1464 case STATION_STATE_READY:
1465 s = "Ready";
1466 break;
1467 case STATION_STATE_REASSOCIATING:
1468 s = "Reassociating";
1469 break;
1470 case STATION_STATE_MGMT_ERROR:
1471 s = "Management error";
1472 break;
1473 case STATION_STATE_DOWN:
1474 s = "Down";
1475 break;
1476 default:
1477 s = "<unknown>";
1478 }
1479
1480 seq_printf(m, "Current state:\t\t%s\n", s);
1481 return 0;
1482 }
1483 #endif
1484
1485 static const struct net_device_ops atmel_netdev_ops = {
1486 .ndo_open = atmel_open,
1487 .ndo_stop = atmel_close,
1488 .ndo_set_mac_address = atmel_set_mac_address,
1489 .ndo_start_xmit = start_tx,
1490 .ndo_do_ioctl = atmel_ioctl,
1491 .ndo_validate_addr = eth_validate_addr,
1492 };
1493
init_atmel_card(unsigned short irq,unsigned long port,const AtmelFWType fw_type,struct device * sys_dev,int (* card_present)(void *),void * card)1494 struct net_device *init_atmel_card(unsigned short irq, unsigned long port,
1495 const AtmelFWType fw_type,
1496 struct device *sys_dev,
1497 int (*card_present)(void *), void *card)
1498 {
1499 struct net_device *dev;
1500 struct atmel_private *priv;
1501 int rc;
1502
1503 /* Create the network device object. */
1504 dev = alloc_etherdev(sizeof(*priv));
1505 if (!dev)
1506 return NULL;
1507
1508 if (dev_alloc_name(dev, dev->name) < 0) {
1509 printk(KERN_ERR "atmel: Couldn't get name!\n");
1510 goto err_out_free;
1511 }
1512
1513 priv = netdev_priv(dev);
1514 priv->dev = dev;
1515 priv->sys_dev = sys_dev;
1516 priv->present_callback = card_present;
1517 priv->card = card;
1518 priv->firmware = NULL;
1519 priv->firmware_type = fw_type;
1520 if (firmware) /* module parameter */
1521 strscpy(priv->firmware_id, firmware, sizeof(priv->firmware_id));
1522 priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI;
1523 priv->station_state = STATION_STATE_DOWN;
1524 priv->do_rx_crc = 0;
1525 /* For PCMCIA cards, some chips need CRC, some don't
1526 so we have to probe. */
1527 if (priv->bus_type == BUS_TYPE_PCCARD) {
1528 priv->probe_crc = 1;
1529 priv->crc_ok_cnt = priv->crc_ko_cnt = 0;
1530 } else
1531 priv->probe_crc = 0;
1532 priv->last_qual = jiffies;
1533 priv->last_beacon_timestamp = 0;
1534 memset(priv->frag_source, 0xff, sizeof(priv->frag_source));
1535 eth_zero_addr(priv->BSSID);
1536 priv->CurrentBSSID[0] = 0xFF; /* Initialize to something invalid.... */
1537 priv->station_was_associated = 0;
1538
1539 priv->last_survey = jiffies;
1540 priv->preamble = LONG_PREAMBLE;
1541 priv->operating_mode = IW_MODE_INFRA;
1542 priv->connect_to_any_BSS = 0;
1543 priv->config_reg_domain = 0;
1544 priv->reg_domain = 0;
1545 priv->tx_rate = 3;
1546 priv->auto_tx_rate = 1;
1547 priv->channel = 4;
1548 priv->power_mode = 0;
1549 priv->SSID[0] = '\0';
1550 priv->SSID_size = 0;
1551 priv->new_SSID_size = 0;
1552 priv->frag_threshold = 2346;
1553 priv->rts_threshold = 2347;
1554 priv->short_retry = 7;
1555 priv->long_retry = 4;
1556
1557 priv->wep_is_on = 0;
1558 priv->default_key = 0;
1559 priv->encryption_level = 0;
1560 priv->exclude_unencrypted = 0;
1561 priv->group_cipher_suite = priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1562 priv->use_wpa = 0;
1563 memset(priv->wep_keys, 0, sizeof(priv->wep_keys));
1564 memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len));
1565
1566 priv->default_beacon_period = priv->beacon_period = 100;
1567 priv->listen_interval = 1;
1568
1569 timer_setup(&priv->management_timer, atmel_management_timer, 0);
1570 spin_lock_init(&priv->irqlock);
1571 spin_lock_init(&priv->timerlock);
1572
1573 dev->netdev_ops = &atmel_netdev_ops;
1574 dev->wireless_handlers = &atmel_handler_def;
1575 dev->irq = irq;
1576 dev->base_addr = port;
1577
1578 /* MTU range: 68 - 2312 */
1579 dev->min_mtu = 68;
1580 dev->max_mtu = MAX_WIRELESS_BODY - ETH_FCS_LEN;
1581
1582 SET_NETDEV_DEV(dev, sys_dev);
1583
1584 if ((rc = request_irq(dev->irq, service_interrupt, IRQF_SHARED, dev->name, dev))) {
1585 printk(KERN_ERR "%s: register interrupt %d failed, rc %d\n", dev->name, irq, rc);
1586 goto err_out_free;
1587 }
1588
1589 if (!request_region(dev->base_addr, 32,
1590 priv->bus_type == BUS_TYPE_PCCARD ? "atmel_cs" : "atmel_pci")) {
1591 goto err_out_irq;
1592 }
1593
1594 if (register_netdev(dev))
1595 goto err_out_res;
1596
1597 if (!probe_atmel_card(dev)) {
1598 unregister_netdev(dev);
1599 goto err_out_res;
1600 }
1601
1602 netif_carrier_off(dev);
1603
1604 if (!proc_create_single_data("driver/atmel", 0, NULL, atmel_proc_show,
1605 priv))
1606 printk(KERN_WARNING "atmel: unable to create /proc entry.\n");
1607
1608 printk(KERN_INFO "%s: Atmel at76c50x. Version %d.%d. MAC %pM\n",
1609 dev->name, DRIVER_MAJOR, DRIVER_MINOR, dev->dev_addr);
1610
1611 return dev;
1612
1613 err_out_res:
1614 release_region(dev->base_addr, 32);
1615 err_out_irq:
1616 free_irq(dev->irq, dev);
1617 err_out_free:
1618 free_netdev(dev);
1619 return NULL;
1620 }
1621
1622 EXPORT_SYMBOL(init_atmel_card);
1623
stop_atmel_card(struct net_device * dev)1624 void stop_atmel_card(struct net_device *dev)
1625 {
1626 struct atmel_private *priv = netdev_priv(dev);
1627
1628 /* put a brick on it... */
1629 if (priv->bus_type == BUS_TYPE_PCCARD)
1630 atmel_write16(dev, GCR, 0x0060);
1631 atmel_write16(dev, GCR, 0x0040);
1632
1633 del_timer_sync(&priv->management_timer);
1634 unregister_netdev(dev);
1635 remove_proc_entry("driver/atmel", NULL);
1636 free_irq(dev->irq, dev);
1637 kfree(priv->firmware);
1638 release_region(dev->base_addr, 32);
1639 free_netdev(dev);
1640 }
1641
1642 EXPORT_SYMBOL(stop_atmel_card);
1643
atmel_set_essid(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1644 static int atmel_set_essid(struct net_device *dev,
1645 struct iw_request_info *info,
1646 union iwreq_data *wrqu,
1647 char *extra)
1648 {
1649 struct iw_point *dwrq = &wrqu->essid;
1650 struct atmel_private *priv = netdev_priv(dev);
1651
1652 /* Check if we asked for `any' */
1653 if (dwrq->flags == 0) {
1654 priv->connect_to_any_BSS = 1;
1655 } else {
1656 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1657
1658 priv->connect_to_any_BSS = 0;
1659
1660 /* Check the size of the string */
1661 if (dwrq->length > MAX_SSID_LENGTH)
1662 return -E2BIG;
1663 if (index != 0)
1664 return -EINVAL;
1665
1666 memcpy(priv->new_SSID, extra, dwrq->length);
1667 priv->new_SSID_size = dwrq->length;
1668 }
1669
1670 return -EINPROGRESS;
1671 }
1672
atmel_get_essid(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1673 static int atmel_get_essid(struct net_device *dev,
1674 struct iw_request_info *info,
1675 union iwreq_data *wrqu,
1676 char *extra)
1677 {
1678 struct iw_point *dwrq = &wrqu->essid;
1679 struct atmel_private *priv = netdev_priv(dev);
1680
1681 /* Get the current SSID */
1682 if (priv->new_SSID_size != 0) {
1683 memcpy(extra, priv->new_SSID, priv->new_SSID_size);
1684 dwrq->length = priv->new_SSID_size;
1685 } else {
1686 memcpy(extra, priv->SSID, priv->SSID_size);
1687 dwrq->length = priv->SSID_size;
1688 }
1689
1690 dwrq->flags = !priv->connect_to_any_BSS; /* active */
1691
1692 return 0;
1693 }
1694
atmel_get_wap(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1695 static int atmel_get_wap(struct net_device *dev,
1696 struct iw_request_info *info,
1697 union iwreq_data *wrqu,
1698 char *extra)
1699 {
1700 struct sockaddr *awrq = &wrqu->ap_addr;
1701 struct atmel_private *priv = netdev_priv(dev);
1702 memcpy(awrq->sa_data, priv->CurrentBSSID, ETH_ALEN);
1703 awrq->sa_family = ARPHRD_ETHER;
1704
1705 return 0;
1706 }
1707
atmel_set_encode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1708 static int atmel_set_encode(struct net_device *dev,
1709 struct iw_request_info *info,
1710 union iwreq_data *wrqu,
1711 char *extra)
1712 {
1713 struct iw_point *dwrq = &wrqu->encoding;
1714 struct atmel_private *priv = netdev_priv(dev);
1715
1716 /* Basic checking: do we have a key to set ?
1717 * Note : with the new API, it's impossible to get a NULL pointer.
1718 * Therefore, we need to check a key size == 0 instead.
1719 * New version of iwconfig properly set the IW_ENCODE_NOKEY flag
1720 * when no key is present (only change flags), but older versions
1721 * don't do it. - Jean II */
1722 if (dwrq->length > 0) {
1723 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1724 int current_index = priv->default_key;
1725 /* Check the size of the key */
1726 if (dwrq->length > 13) {
1727 return -EINVAL;
1728 }
1729 /* Check the index (none -> use current) */
1730 if (index < 0 || index >= 4)
1731 index = current_index;
1732 else
1733 priv->default_key = index;
1734 /* Set the length */
1735 if (dwrq->length > 5)
1736 priv->wep_key_len[index] = 13;
1737 else
1738 if (dwrq->length > 0)
1739 priv->wep_key_len[index] = 5;
1740 else
1741 /* Disable the key */
1742 priv->wep_key_len[index] = 0;
1743 /* Check if the key is not marked as invalid */
1744 if (!(dwrq->flags & IW_ENCODE_NOKEY)) {
1745 /* Cleanup */
1746 memset(priv->wep_keys[index], 0, 13);
1747 /* Copy the key in the driver */
1748 memcpy(priv->wep_keys[index], extra, dwrq->length);
1749 }
1750 /* WE specify that if a valid key is set, encryption
1751 * should be enabled (user may turn it off later)
1752 * This is also how "iwconfig ethX key on" works */
1753 if (index == current_index &&
1754 priv->wep_key_len[index] > 0) {
1755 priv->wep_is_on = 1;
1756 priv->exclude_unencrypted = 1;
1757 if (priv->wep_key_len[index] > 5) {
1758 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1759 priv->encryption_level = 2;
1760 } else {
1761 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1762 priv->encryption_level = 1;
1763 }
1764 }
1765 } else {
1766 /* Do we want to just set the transmit key index ? */
1767 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1768 if (index >= 0 && index < 4) {
1769 priv->default_key = index;
1770 } else
1771 /* Don't complain if only change the mode */
1772 if (!(dwrq->flags & IW_ENCODE_MODE))
1773 return -EINVAL;
1774 }
1775 /* Read the flags */
1776 if (dwrq->flags & IW_ENCODE_DISABLED) {
1777 priv->wep_is_on = 0;
1778 priv->encryption_level = 0;
1779 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1780 } else {
1781 priv->wep_is_on = 1;
1782 if (priv->wep_key_len[priv->default_key] > 5) {
1783 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1784 priv->encryption_level = 2;
1785 } else {
1786 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1787 priv->encryption_level = 1;
1788 }
1789 }
1790 if (dwrq->flags & IW_ENCODE_RESTRICTED)
1791 priv->exclude_unencrypted = 1;
1792 if (dwrq->flags & IW_ENCODE_OPEN)
1793 priv->exclude_unencrypted = 0;
1794
1795 return -EINPROGRESS; /* Call commit handler */
1796 }
1797
atmel_get_encode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1798 static int atmel_get_encode(struct net_device *dev,
1799 struct iw_request_info *info,
1800 union iwreq_data *wrqu,
1801 char *extra)
1802 {
1803 struct iw_point *dwrq = &wrqu->encoding;
1804 struct atmel_private *priv = netdev_priv(dev);
1805 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
1806
1807 if (!priv->wep_is_on)
1808 dwrq->flags = IW_ENCODE_DISABLED;
1809 else {
1810 if (priv->exclude_unencrypted)
1811 dwrq->flags = IW_ENCODE_RESTRICTED;
1812 else
1813 dwrq->flags = IW_ENCODE_OPEN;
1814 }
1815 /* Which key do we want ? -1 -> tx index */
1816 if (index < 0 || index >= 4)
1817 index = priv->default_key;
1818 dwrq->flags |= index + 1;
1819 /* Copy the key to the user buffer */
1820 dwrq->length = priv->wep_key_len[index];
1821 if (dwrq->length > 16) {
1822 dwrq->length = 0;
1823 } else {
1824 memset(extra, 0, 16);
1825 memcpy(extra, priv->wep_keys[index], dwrq->length);
1826 }
1827
1828 return 0;
1829 }
1830
atmel_set_encodeext(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1831 static int atmel_set_encodeext(struct net_device *dev,
1832 struct iw_request_info *info,
1833 union iwreq_data *wrqu,
1834 char *extra)
1835 {
1836 struct atmel_private *priv = netdev_priv(dev);
1837 struct iw_point *encoding = &wrqu->encoding;
1838 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1839 int idx, key_len, alg = ext->alg, set_key = 1;
1840
1841 /* Determine and validate the key index */
1842 idx = encoding->flags & IW_ENCODE_INDEX;
1843 if (idx) {
1844 if (idx < 1 || idx > 4)
1845 return -EINVAL;
1846 idx--;
1847 } else
1848 idx = priv->default_key;
1849
1850 if (encoding->flags & IW_ENCODE_DISABLED)
1851 alg = IW_ENCODE_ALG_NONE;
1852
1853 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
1854 priv->default_key = idx;
1855 set_key = ext->key_len > 0 ? 1 : 0;
1856 }
1857
1858 if (set_key) {
1859 /* Set the requested key first */
1860 switch (alg) {
1861 case IW_ENCODE_ALG_NONE:
1862 priv->wep_is_on = 0;
1863 priv->encryption_level = 0;
1864 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE;
1865 break;
1866 case IW_ENCODE_ALG_WEP:
1867 if (ext->key_len > 5) {
1868 priv->wep_key_len[idx] = 13;
1869 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128;
1870 priv->encryption_level = 2;
1871 } else if (ext->key_len > 0) {
1872 priv->wep_key_len[idx] = 5;
1873 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64;
1874 priv->encryption_level = 1;
1875 } else {
1876 return -EINVAL;
1877 }
1878 priv->wep_is_on = 1;
1879 memset(priv->wep_keys[idx], 0, 13);
1880 key_len = min ((int)ext->key_len, priv->wep_key_len[idx]);
1881 memcpy(priv->wep_keys[idx], ext->key, key_len);
1882 break;
1883 default:
1884 return -EINVAL;
1885 }
1886 }
1887
1888 return -EINPROGRESS;
1889 }
1890
atmel_get_encodeext(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1891 static int atmel_get_encodeext(struct net_device *dev,
1892 struct iw_request_info *info,
1893 union iwreq_data *wrqu,
1894 char *extra)
1895 {
1896 struct atmel_private *priv = netdev_priv(dev);
1897 struct iw_point *encoding = &wrqu->encoding;
1898 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
1899 int idx, max_key_len;
1900
1901 max_key_len = encoding->length - sizeof(*ext);
1902 if (max_key_len < 0)
1903 return -EINVAL;
1904
1905 idx = encoding->flags & IW_ENCODE_INDEX;
1906 if (idx) {
1907 if (idx < 1 || idx > 4)
1908 return -EINVAL;
1909 idx--;
1910 } else
1911 idx = priv->default_key;
1912
1913 encoding->flags = idx + 1;
1914 memset(ext, 0, sizeof(*ext));
1915
1916 if (!priv->wep_is_on) {
1917 ext->alg = IW_ENCODE_ALG_NONE;
1918 ext->key_len = 0;
1919 encoding->flags |= IW_ENCODE_DISABLED;
1920 } else {
1921 if (priv->encryption_level > 0)
1922 ext->alg = IW_ENCODE_ALG_WEP;
1923 else
1924 return -EINVAL;
1925
1926 ext->key_len = priv->wep_key_len[idx];
1927 memcpy(ext->key, priv->wep_keys[idx], ext->key_len);
1928 encoding->flags |= IW_ENCODE_ENABLED;
1929 }
1930
1931 return 0;
1932 }
1933
atmel_set_auth(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1934 static int atmel_set_auth(struct net_device *dev,
1935 struct iw_request_info *info,
1936 union iwreq_data *wrqu, char *extra)
1937 {
1938 struct atmel_private *priv = netdev_priv(dev);
1939 struct iw_param *param = &wrqu->param;
1940
1941 switch (param->flags & IW_AUTH_INDEX) {
1942 case IW_AUTH_WPA_VERSION:
1943 case IW_AUTH_CIPHER_PAIRWISE:
1944 case IW_AUTH_CIPHER_GROUP:
1945 case IW_AUTH_KEY_MGMT:
1946 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1947 case IW_AUTH_PRIVACY_INVOKED:
1948 /*
1949 * atmel does not use these parameters
1950 */
1951 break;
1952
1953 case IW_AUTH_DROP_UNENCRYPTED:
1954 priv->exclude_unencrypted = param->value ? 1 : 0;
1955 break;
1956
1957 case IW_AUTH_80211_AUTH_ALG: {
1958 if (param->value & IW_AUTH_ALG_SHARED_KEY) {
1959 priv->exclude_unencrypted = 1;
1960 } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) {
1961 priv->exclude_unencrypted = 0;
1962 } else
1963 return -EINVAL;
1964 break;
1965 }
1966
1967 case IW_AUTH_WPA_ENABLED:
1968 /* Silently accept disable of WPA */
1969 if (param->value > 0)
1970 return -EOPNOTSUPP;
1971 break;
1972
1973 default:
1974 return -EOPNOTSUPP;
1975 }
1976 return -EINPROGRESS;
1977 }
1978
atmel_get_auth(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)1979 static int atmel_get_auth(struct net_device *dev,
1980 struct iw_request_info *info,
1981 union iwreq_data *wrqu, char *extra)
1982 {
1983 struct atmel_private *priv = netdev_priv(dev);
1984 struct iw_param *param = &wrqu->param;
1985
1986 switch (param->flags & IW_AUTH_INDEX) {
1987 case IW_AUTH_DROP_UNENCRYPTED:
1988 param->value = priv->exclude_unencrypted;
1989 break;
1990
1991 case IW_AUTH_80211_AUTH_ALG:
1992 if (priv->exclude_unencrypted == 1)
1993 param->value = IW_AUTH_ALG_SHARED_KEY;
1994 else
1995 param->value = IW_AUTH_ALG_OPEN_SYSTEM;
1996 break;
1997
1998 case IW_AUTH_WPA_ENABLED:
1999 param->value = 0;
2000 break;
2001
2002 default:
2003 return -EOPNOTSUPP;
2004 }
2005 return 0;
2006 }
2007
2008
atmel_get_name(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2009 static int atmel_get_name(struct net_device *dev,
2010 struct iw_request_info *info,
2011 union iwreq_data *wrqu,
2012 char *extra)
2013 {
2014 strcpy(wrqu->name, "IEEE 802.11-DS");
2015 return 0;
2016 }
2017
atmel_set_rate(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2018 static int atmel_set_rate(struct net_device *dev,
2019 struct iw_request_info *info,
2020 union iwreq_data *wrqu,
2021 char *extra)
2022 {
2023 struct iw_param *vwrq = &wrqu->bitrate;
2024 struct atmel_private *priv = netdev_priv(dev);
2025
2026 if (vwrq->fixed == 0) {
2027 priv->tx_rate = 3;
2028 priv->auto_tx_rate = 1;
2029 } else {
2030 priv->auto_tx_rate = 0;
2031
2032 /* Which type of value ? */
2033 if ((vwrq->value < 4) && (vwrq->value >= 0)) {
2034 /* Setting by rate index */
2035 priv->tx_rate = vwrq->value;
2036 } else {
2037 /* Setting by frequency value */
2038 switch (vwrq->value) {
2039 case 1000000:
2040 priv->tx_rate = 0;
2041 break;
2042 case 2000000:
2043 priv->tx_rate = 1;
2044 break;
2045 case 5500000:
2046 priv->tx_rate = 2;
2047 break;
2048 case 11000000:
2049 priv->tx_rate = 3;
2050 break;
2051 default:
2052 return -EINVAL;
2053 }
2054 }
2055 }
2056
2057 return -EINPROGRESS;
2058 }
2059
atmel_set_mode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2060 static int atmel_set_mode(struct net_device *dev,
2061 struct iw_request_info *info,
2062 union iwreq_data *wrqu,
2063 char *extra)
2064 {
2065 __u32 *uwrq = &wrqu->mode;
2066 struct atmel_private *priv = netdev_priv(dev);
2067
2068 if (*uwrq != IW_MODE_ADHOC && *uwrq != IW_MODE_INFRA)
2069 return -EINVAL;
2070
2071 priv->operating_mode = *uwrq;
2072 return -EINPROGRESS;
2073 }
2074
atmel_get_mode(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2075 static int atmel_get_mode(struct net_device *dev,
2076 struct iw_request_info *info,
2077 union iwreq_data *wrqu,
2078 char *extra)
2079 {
2080 __u32 *uwrq = &wrqu->mode;
2081 struct atmel_private *priv = netdev_priv(dev);
2082
2083 *uwrq = priv->operating_mode;
2084 return 0;
2085 }
2086
atmel_get_rate(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2087 static int atmel_get_rate(struct net_device *dev,
2088 struct iw_request_info *info,
2089 union iwreq_data *wrqu,
2090 char *extra)
2091 {
2092 struct iw_param *vwrq = &wrqu->bitrate;
2093 struct atmel_private *priv = netdev_priv(dev);
2094
2095 if (priv->auto_tx_rate) {
2096 vwrq->fixed = 0;
2097 vwrq->value = 11000000;
2098 } else {
2099 vwrq->fixed = 1;
2100 switch (priv->tx_rate) {
2101 case 0:
2102 vwrq->value = 1000000;
2103 break;
2104 case 1:
2105 vwrq->value = 2000000;
2106 break;
2107 case 2:
2108 vwrq->value = 5500000;
2109 break;
2110 case 3:
2111 vwrq->value = 11000000;
2112 break;
2113 }
2114 }
2115 return 0;
2116 }
2117
atmel_set_power(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2118 static int atmel_set_power(struct net_device *dev,
2119 struct iw_request_info *info,
2120 union iwreq_data *wrqu,
2121 char *extra)
2122 {
2123 struct iw_param *vwrq = &wrqu->power;
2124 struct atmel_private *priv = netdev_priv(dev);
2125 priv->power_mode = vwrq->disabled ? 0 : 1;
2126 return -EINPROGRESS;
2127 }
2128
atmel_get_power(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2129 static int atmel_get_power(struct net_device *dev,
2130 struct iw_request_info *info,
2131 union iwreq_data *wrqu,
2132 char *extra)
2133 {
2134 struct iw_param *vwrq = &wrqu->power;
2135 struct atmel_private *priv = netdev_priv(dev);
2136 vwrq->disabled = priv->power_mode ? 0 : 1;
2137 vwrq->flags = IW_POWER_ON;
2138 return 0;
2139 }
2140
atmel_set_retry(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2141 static int atmel_set_retry(struct net_device *dev,
2142 struct iw_request_info *info,
2143 union iwreq_data *wrqu,
2144 char *extra)
2145 {
2146 struct iw_param *vwrq = &wrqu->retry;
2147 struct atmel_private *priv = netdev_priv(dev);
2148
2149 if (!vwrq->disabled && (vwrq->flags & IW_RETRY_LIMIT)) {
2150 if (vwrq->flags & IW_RETRY_LONG)
2151 priv->long_retry = vwrq->value;
2152 else if (vwrq->flags & IW_RETRY_SHORT)
2153 priv->short_retry = vwrq->value;
2154 else {
2155 /* No modifier : set both */
2156 priv->long_retry = vwrq->value;
2157 priv->short_retry = vwrq->value;
2158 }
2159 return -EINPROGRESS;
2160 }
2161
2162 return -EINVAL;
2163 }
2164
atmel_get_retry(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2165 static int atmel_get_retry(struct net_device *dev,
2166 struct iw_request_info *info,
2167 union iwreq_data *wrqu,
2168 char *extra)
2169 {
2170 struct iw_param *vwrq = &wrqu->retry;
2171 struct atmel_private *priv = netdev_priv(dev);
2172
2173 vwrq->disabled = 0; /* Can't be disabled */
2174
2175 /* Note : by default, display the short retry number */
2176 if (vwrq->flags & IW_RETRY_LONG) {
2177 vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
2178 vwrq->value = priv->long_retry;
2179 } else {
2180 vwrq->flags = IW_RETRY_LIMIT;
2181 vwrq->value = priv->short_retry;
2182 if (priv->long_retry != priv->short_retry)
2183 vwrq->flags |= IW_RETRY_SHORT;
2184 }
2185
2186 return 0;
2187 }
2188
atmel_set_rts(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2189 static int atmel_set_rts(struct net_device *dev,
2190 struct iw_request_info *info,
2191 union iwreq_data *wrqu,
2192 char *extra)
2193 {
2194 struct iw_param *vwrq = &wrqu->rts;
2195 struct atmel_private *priv = netdev_priv(dev);
2196 int rthr = vwrq->value;
2197
2198 if (vwrq->disabled)
2199 rthr = 2347;
2200 if ((rthr < 0) || (rthr > 2347)) {
2201 return -EINVAL;
2202 }
2203 priv->rts_threshold = rthr;
2204
2205 return -EINPROGRESS; /* Call commit handler */
2206 }
2207
atmel_get_rts(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2208 static int atmel_get_rts(struct net_device *dev,
2209 struct iw_request_info *info,
2210 union iwreq_data *wrqu,
2211 char *extra)
2212 {
2213 struct iw_param *vwrq = &wrqu->rts;
2214 struct atmel_private *priv = netdev_priv(dev);
2215
2216 vwrq->value = priv->rts_threshold;
2217 vwrq->disabled = (vwrq->value >= 2347);
2218 vwrq->fixed = 1;
2219
2220 return 0;
2221 }
2222
atmel_set_frag(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2223 static int atmel_set_frag(struct net_device *dev,
2224 struct iw_request_info *info,
2225 union iwreq_data *wrqu,
2226 char *extra)
2227 {
2228 struct iw_param *vwrq = &wrqu->frag;
2229 struct atmel_private *priv = netdev_priv(dev);
2230 int fthr = vwrq->value;
2231
2232 if (vwrq->disabled)
2233 fthr = 2346;
2234 if ((fthr < 256) || (fthr > 2346)) {
2235 return -EINVAL;
2236 }
2237 fthr &= ~0x1; /* Get an even value - is it really needed ??? */
2238 priv->frag_threshold = fthr;
2239
2240 return -EINPROGRESS; /* Call commit handler */
2241 }
2242
atmel_get_frag(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2243 static int atmel_get_frag(struct net_device *dev,
2244 struct iw_request_info *info,
2245 union iwreq_data *wrqu,
2246 char *extra)
2247 {
2248 struct iw_param *vwrq = &wrqu->frag;
2249 struct atmel_private *priv = netdev_priv(dev);
2250
2251 vwrq->value = priv->frag_threshold;
2252 vwrq->disabled = (vwrq->value >= 2346);
2253 vwrq->fixed = 1;
2254
2255 return 0;
2256 }
2257
atmel_set_freq(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2258 static int atmel_set_freq(struct net_device *dev,
2259 struct iw_request_info *info,
2260 union iwreq_data *wrqu,
2261 char *extra)
2262 {
2263 struct iw_freq *fwrq = &wrqu->freq;
2264 struct atmel_private *priv = netdev_priv(dev);
2265 int rc = -EINPROGRESS; /* Call commit handler */
2266
2267 /* If setting by frequency, convert to a channel */
2268 if (fwrq->e == 1) {
2269 int f = fwrq->m / 100000;
2270
2271 /* Hack to fall through... */
2272 fwrq->e = 0;
2273 fwrq->m = ieee80211_frequency_to_channel(f);
2274 }
2275 /* Setting by channel number */
2276 if (fwrq->m < 0 || fwrq->m > 1000 || fwrq->e > 0)
2277 rc = -EOPNOTSUPP;
2278 else {
2279 int channel = fwrq->m;
2280 if (atmel_validate_channel(priv, channel) == 0) {
2281 priv->channel = channel;
2282 } else {
2283 rc = -EINVAL;
2284 }
2285 }
2286 return rc;
2287 }
2288
atmel_get_freq(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2289 static int atmel_get_freq(struct net_device *dev,
2290 struct iw_request_info *info,
2291 union iwreq_data *wrqu,
2292 char *extra)
2293 {
2294 struct iw_freq *fwrq = &wrqu->freq;
2295 struct atmel_private *priv = netdev_priv(dev);
2296
2297 fwrq->m = priv->channel;
2298 fwrq->e = 0;
2299 return 0;
2300 }
2301
atmel_set_scan(struct net_device * dev,struct iw_request_info * info,union iwreq_data * dwrq,char * extra)2302 static int atmel_set_scan(struct net_device *dev,
2303 struct iw_request_info *info,
2304 union iwreq_data *dwrq,
2305 char *extra)
2306 {
2307 struct atmel_private *priv = netdev_priv(dev);
2308 unsigned long flags;
2309
2310 /* Note : you may have realised that, as this is a SET operation,
2311 * this is privileged and therefore a normal user can't
2312 * perform scanning.
2313 * This is not an error, while the device perform scanning,
2314 * traffic doesn't flow, so it's a perfect DoS...
2315 * Jean II */
2316
2317 if (priv->station_state == STATION_STATE_DOWN)
2318 return -EAGAIN;
2319
2320 /* Timeout old surveys. */
2321 if (time_after(jiffies, priv->last_survey + 20 * HZ))
2322 priv->site_survey_state = SITE_SURVEY_IDLE;
2323 priv->last_survey = jiffies;
2324
2325 /* Initiate a scan command */
2326 if (priv->site_survey_state == SITE_SURVEY_IN_PROGRESS)
2327 return -EBUSY;
2328
2329 del_timer_sync(&priv->management_timer);
2330 spin_lock_irqsave(&priv->irqlock, flags);
2331
2332 priv->site_survey_state = SITE_SURVEY_IN_PROGRESS;
2333 priv->fast_scan = 0;
2334 atmel_scan(priv, 0);
2335 spin_unlock_irqrestore(&priv->irqlock, flags);
2336
2337 return 0;
2338 }
2339
atmel_get_scan(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2340 static int atmel_get_scan(struct net_device *dev,
2341 struct iw_request_info *info,
2342 union iwreq_data *wrqu,
2343 char *extra)
2344 {
2345 struct iw_point *dwrq = &wrqu->data;
2346 struct atmel_private *priv = netdev_priv(dev);
2347 int i;
2348 char *current_ev = extra;
2349 struct iw_event iwe;
2350
2351 if (priv->site_survey_state != SITE_SURVEY_COMPLETED)
2352 return -EAGAIN;
2353
2354 for (i = 0; i < priv->BSS_list_entries; i++) {
2355 iwe.cmd = SIOCGIWAP;
2356 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2357 memcpy(iwe.u.ap_addr.sa_data, priv->BSSinfo[i].BSSID, ETH_ALEN);
2358 current_ev = iwe_stream_add_event(info, current_ev,
2359 extra + IW_SCAN_MAX_DATA,
2360 &iwe, IW_EV_ADDR_LEN);
2361
2362 iwe.u.data.length = priv->BSSinfo[i].SSIDsize;
2363 if (iwe.u.data.length > 32)
2364 iwe.u.data.length = 32;
2365 iwe.cmd = SIOCGIWESSID;
2366 iwe.u.data.flags = 1;
2367 current_ev = iwe_stream_add_point(info, current_ev,
2368 extra + IW_SCAN_MAX_DATA,
2369 &iwe, priv->BSSinfo[i].SSID);
2370
2371 iwe.cmd = SIOCGIWMODE;
2372 iwe.u.mode = priv->BSSinfo[i].BSStype;
2373 current_ev = iwe_stream_add_event(info, current_ev,
2374 extra + IW_SCAN_MAX_DATA,
2375 &iwe, IW_EV_UINT_LEN);
2376
2377 iwe.cmd = SIOCGIWFREQ;
2378 iwe.u.freq.m = priv->BSSinfo[i].channel;
2379 iwe.u.freq.e = 0;
2380 current_ev = iwe_stream_add_event(info, current_ev,
2381 extra + IW_SCAN_MAX_DATA,
2382 &iwe, IW_EV_FREQ_LEN);
2383
2384 /* Add quality statistics */
2385 iwe.cmd = IWEVQUAL;
2386 iwe.u.qual.level = priv->BSSinfo[i].RSSI;
2387 iwe.u.qual.qual = iwe.u.qual.level;
2388 /* iwe.u.qual.noise = SOMETHING */
2389 current_ev = iwe_stream_add_event(info, current_ev,
2390 extra + IW_SCAN_MAX_DATA,
2391 &iwe, IW_EV_QUAL_LEN);
2392
2393
2394 iwe.cmd = SIOCGIWENCODE;
2395 if (priv->BSSinfo[i].UsingWEP)
2396 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2397 else
2398 iwe.u.data.flags = IW_ENCODE_DISABLED;
2399 iwe.u.data.length = 0;
2400 current_ev = iwe_stream_add_point(info, current_ev,
2401 extra + IW_SCAN_MAX_DATA,
2402 &iwe, NULL);
2403 }
2404
2405 /* Length of data */
2406 dwrq->length = (current_ev - extra);
2407 dwrq->flags = 0;
2408
2409 return 0;
2410 }
2411
atmel_get_range(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2412 static int atmel_get_range(struct net_device *dev,
2413 struct iw_request_info *info,
2414 union iwreq_data *wrqu,
2415 char *extra)
2416 {
2417 struct iw_point *dwrq = &wrqu->data;
2418 struct atmel_private *priv = netdev_priv(dev);
2419 struct iw_range *range = (struct iw_range *) extra;
2420 int k, i, j;
2421
2422 dwrq->length = sizeof(struct iw_range);
2423 memset(range, 0, sizeof(struct iw_range));
2424 range->min_nwid = 0x0000;
2425 range->max_nwid = 0x0000;
2426 range->num_channels = 0;
2427 for (j = 0; j < ARRAY_SIZE(channel_table); j++)
2428 if (priv->reg_domain == channel_table[j].reg_domain) {
2429 range->num_channels = channel_table[j].max - channel_table[j].min + 1;
2430 break;
2431 }
2432 if (range->num_channels != 0) {
2433 for (k = 0, i = channel_table[j].min; i <= channel_table[j].max; i++) {
2434 range->freq[k].i = i; /* List index */
2435
2436 /* Values in MHz -> * 10^5 * 10 */
2437 range->freq[k].m = 100000 *
2438 ieee80211_channel_to_frequency(i, NL80211_BAND_2GHZ);
2439 range->freq[k++].e = 1;
2440 }
2441 range->num_frequency = k;
2442 }
2443
2444 range->max_qual.qual = 100;
2445 range->max_qual.level = 100;
2446 range->max_qual.noise = 0;
2447 range->max_qual.updated = IW_QUAL_NOISE_INVALID;
2448
2449 range->avg_qual.qual = 50;
2450 range->avg_qual.level = 50;
2451 range->avg_qual.noise = 0;
2452 range->avg_qual.updated = IW_QUAL_NOISE_INVALID;
2453
2454 range->sensitivity = 0;
2455
2456 range->bitrate[0] = 1000000;
2457 range->bitrate[1] = 2000000;
2458 range->bitrate[2] = 5500000;
2459 range->bitrate[3] = 11000000;
2460 range->num_bitrates = 4;
2461
2462 range->min_rts = 0;
2463 range->max_rts = 2347;
2464 range->min_frag = 256;
2465 range->max_frag = 2346;
2466
2467 range->encoding_size[0] = 5;
2468 range->encoding_size[1] = 13;
2469 range->num_encoding_sizes = 2;
2470 range->max_encoding_tokens = 4;
2471
2472 range->pmp_flags = IW_POWER_ON;
2473 range->pmt_flags = IW_POWER_ON;
2474 range->pm_capa = 0;
2475
2476 range->we_version_source = WIRELESS_EXT;
2477 range->we_version_compiled = WIRELESS_EXT;
2478 range->retry_capa = IW_RETRY_LIMIT ;
2479 range->retry_flags = IW_RETRY_LIMIT;
2480 range->r_time_flags = 0;
2481 range->min_retry = 1;
2482 range->max_retry = 65535;
2483
2484 return 0;
2485 }
2486
atmel_set_wap(struct net_device * dev,struct iw_request_info * info,union iwreq_data * wrqu,char * extra)2487 static int atmel_set_wap(struct net_device *dev,
2488 struct iw_request_info *info,
2489 union iwreq_data *wrqu,
2490 char *extra)
2491 {
2492 struct sockaddr *awrq = &wrqu->ap_addr;
2493 struct atmel_private *priv = netdev_priv(dev);
2494 int i;
2495 static const u8 any[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
2496 static const u8 off[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
2497 unsigned long flags;
2498
2499 if (awrq->sa_family != ARPHRD_ETHER)
2500 return -EINVAL;
2501
2502 if (!memcmp(any, awrq->sa_data, 6) ||
2503 !memcmp(off, awrq->sa_data, 6)) {
2504 del_timer_sync(&priv->management_timer);
2505 spin_lock_irqsave(&priv->irqlock, flags);
2506 atmel_scan(priv, 1);
2507 spin_unlock_irqrestore(&priv->irqlock, flags);
2508 return 0;
2509 }
2510
2511 for (i = 0; i < priv->BSS_list_entries; i++) {
2512 if (memcmp(priv->BSSinfo[i].BSSID, awrq->sa_data, 6) == 0) {
2513 if (!priv->wep_is_on && priv->BSSinfo[i].UsingWEP) {
2514 return -EINVAL;
2515 } else if (priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) {
2516 return -EINVAL;
2517 } else {
2518 del_timer_sync(&priv->management_timer);
2519 spin_lock_irqsave(&priv->irqlock, flags);
2520 atmel_join_bss(priv, i);
2521 spin_unlock_irqrestore(&priv->irqlock, flags);
2522 return 0;
2523 }
2524 }
2525 }
2526
2527 return -EINVAL;
2528 }
2529
atmel_config_commit(struct net_device * dev,struct iw_request_info * info,union iwreq_data * zwrq,char * extra)2530 static int atmel_config_commit(struct net_device *dev,
2531 struct iw_request_info *info, /* NULL */
2532 union iwreq_data *zwrq, /* NULL */
2533 char *extra) /* NULL */
2534 {
2535 return atmel_open(dev);
2536 }
2537
2538 static const iw_handler atmel_handler[] =
2539 {
2540 IW_HANDLER(SIOCSIWCOMMIT, atmel_config_commit),
2541 IW_HANDLER(SIOCGIWNAME, atmel_get_name),
2542 IW_HANDLER(SIOCSIWFREQ, atmel_set_freq),
2543 IW_HANDLER(SIOCGIWFREQ, atmel_get_freq),
2544 IW_HANDLER(SIOCSIWMODE, atmel_set_mode),
2545 IW_HANDLER(SIOCGIWMODE, atmel_get_mode),
2546 IW_HANDLER(SIOCGIWRANGE, atmel_get_range),
2547 IW_HANDLER(SIOCSIWAP, atmel_set_wap),
2548 IW_HANDLER(SIOCGIWAP, atmel_get_wap),
2549 IW_HANDLER(SIOCSIWSCAN, atmel_set_scan),
2550 IW_HANDLER(SIOCGIWSCAN, atmel_get_scan),
2551 IW_HANDLER(SIOCSIWESSID, atmel_set_essid),
2552 IW_HANDLER(SIOCGIWESSID, atmel_get_essid),
2553 IW_HANDLER(SIOCSIWRATE, atmel_set_rate),
2554 IW_HANDLER(SIOCGIWRATE, atmel_get_rate),
2555 IW_HANDLER(SIOCSIWRTS, atmel_set_rts),
2556 IW_HANDLER(SIOCGIWRTS, atmel_get_rts),
2557 IW_HANDLER(SIOCSIWFRAG, atmel_set_frag),
2558 IW_HANDLER(SIOCGIWFRAG, atmel_get_frag),
2559 IW_HANDLER(SIOCSIWRETRY, atmel_set_retry),
2560 IW_HANDLER(SIOCGIWRETRY, atmel_get_retry),
2561 IW_HANDLER(SIOCSIWENCODE, atmel_set_encode),
2562 IW_HANDLER(SIOCGIWENCODE, atmel_get_encode),
2563 IW_HANDLER(SIOCSIWPOWER, atmel_set_power),
2564 IW_HANDLER(SIOCGIWPOWER, atmel_get_power),
2565 IW_HANDLER(SIOCSIWAUTH, atmel_set_auth),
2566 IW_HANDLER(SIOCGIWAUTH, atmel_get_auth),
2567 IW_HANDLER(SIOCSIWENCODEEXT, atmel_set_encodeext),
2568 IW_HANDLER(SIOCGIWENCODEEXT, atmel_get_encodeext),
2569 };
2570
2571 static const iw_handler atmel_private_handler[] =
2572 {
2573 NULL, /* SIOCIWFIRSTPRIV */
2574 };
2575
2576 struct atmel_priv_ioctl {
2577 char id[32];
2578 unsigned char __user *data;
2579 unsigned short len;
2580 };
2581
2582 #define ATMELFWL SIOCIWFIRSTPRIV
2583 #define ATMELIDIFC ATMELFWL + 1
2584 #define ATMELRD ATMELFWL + 2
2585 #define ATMELMAGIC 0x51807
2586 #define REGDOMAINSZ 20
2587
2588 static const struct iw_priv_args atmel_private_args[] = {
2589 {
2590 .cmd = ATMELFWL,
2591 .set_args = IW_PRIV_TYPE_BYTE
2592 | IW_PRIV_SIZE_FIXED
2593 | sizeof(struct atmel_priv_ioctl),
2594 .get_args = IW_PRIV_TYPE_NONE,
2595 .name = "atmelfwl"
2596 }, {
2597 .cmd = ATMELIDIFC,
2598 .set_args = IW_PRIV_TYPE_NONE,
2599 .get_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
2600 .name = "atmelidifc"
2601 }, {
2602 .cmd = ATMELRD,
2603 .set_args = IW_PRIV_TYPE_CHAR | REGDOMAINSZ,
2604 .get_args = IW_PRIV_TYPE_NONE,
2605 .name = "regdomain"
2606 },
2607 };
2608
2609 static const struct iw_handler_def atmel_handler_def = {
2610 .num_standard = ARRAY_SIZE(atmel_handler),
2611 .num_private = ARRAY_SIZE(atmel_private_handler),
2612 .num_private_args = ARRAY_SIZE(atmel_private_args),
2613 .standard = atmel_handler,
2614 .private = atmel_private_handler,
2615 .private_args = (struct iw_priv_args *) atmel_private_args,
2616 .get_wireless_stats = atmel_get_wireless_stats
2617 };
2618
atmel_ioctl(struct net_device * dev,struct ifreq * rq,int cmd)2619 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
2620 {
2621 int i, rc = 0;
2622 struct atmel_private *priv = netdev_priv(dev);
2623 struct atmel_priv_ioctl com;
2624 struct iwreq *wrq = (struct iwreq *) rq;
2625 unsigned char *new_firmware;
2626 char domain[REGDOMAINSZ + 1];
2627
2628 switch (cmd) {
2629 case ATMELIDIFC:
2630 wrq->u.param.value = ATMELMAGIC;
2631 break;
2632
2633 case ATMELFWL:
2634 if (copy_from_user(&com, rq->ifr_data, sizeof(com))) {
2635 rc = -EFAULT;
2636 break;
2637 }
2638
2639 if (!capable(CAP_NET_ADMIN)) {
2640 rc = -EPERM;
2641 break;
2642 }
2643
2644 new_firmware = memdup_user(com.data, com.len);
2645 if (IS_ERR(new_firmware)) {
2646 rc = PTR_ERR(new_firmware);
2647 break;
2648 }
2649
2650 kfree(priv->firmware);
2651
2652 priv->firmware = new_firmware;
2653 priv->firmware_length = com.len;
2654 strncpy(priv->firmware_id, com.id, 31);
2655 priv->firmware_id[31] = '\0';
2656 break;
2657
2658 case ATMELRD:
2659 if (copy_from_user(domain, rq->ifr_data, REGDOMAINSZ)) {
2660 rc = -EFAULT;
2661 break;
2662 }
2663
2664 if (!capable(CAP_NET_ADMIN)) {
2665 rc = -EPERM;
2666 break;
2667 }
2668
2669 domain[REGDOMAINSZ] = 0;
2670 rc = -EINVAL;
2671 for (i = 0; i < ARRAY_SIZE(channel_table); i++) {
2672 if (!strcasecmp(channel_table[i].name, domain)) {
2673 priv->config_reg_domain = channel_table[i].reg_domain;
2674 rc = 0;
2675 }
2676 }
2677
2678 if (rc == 0 && priv->station_state != STATION_STATE_DOWN)
2679 rc = atmel_open(dev);
2680 break;
2681
2682 default:
2683 rc = -EOPNOTSUPP;
2684 }
2685
2686 return rc;
2687 }
2688
2689 struct auth_body {
2690 __le16 alg;
2691 __le16 trans_seq;
2692 __le16 status;
2693 u8 el_id;
2694 u8 chall_text_len;
2695 u8 chall_text[253];
2696 };
2697
atmel_enter_state(struct atmel_private * priv,int new_state)2698 static void atmel_enter_state(struct atmel_private *priv, int new_state)
2699 {
2700 int old_state = priv->station_state;
2701
2702 if (new_state == old_state)
2703 return;
2704
2705 priv->station_state = new_state;
2706
2707 if (new_state == STATION_STATE_READY) {
2708 netif_start_queue(priv->dev);
2709 netif_carrier_on(priv->dev);
2710 }
2711
2712 if (old_state == STATION_STATE_READY) {
2713 netif_carrier_off(priv->dev);
2714 if (netif_running(priv->dev))
2715 netif_stop_queue(priv->dev);
2716 priv->last_beacon_timestamp = 0;
2717 }
2718 }
2719
atmel_scan(struct atmel_private * priv,int specific_ssid)2720 static void atmel_scan(struct atmel_private *priv, int specific_ssid)
2721 {
2722 struct {
2723 u8 BSSID[ETH_ALEN];
2724 u8 SSID[MAX_SSID_LENGTH];
2725 u8 scan_type;
2726 u8 channel;
2727 __le16 BSS_type;
2728 __le16 min_channel_time;
2729 __le16 max_channel_time;
2730 u8 options;
2731 u8 SSID_size;
2732 } cmd;
2733
2734 eth_broadcast_addr(cmd.BSSID);
2735
2736 if (priv->fast_scan) {
2737 cmd.SSID_size = priv->SSID_size;
2738 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2739 cmd.min_channel_time = cpu_to_le16(10);
2740 cmd.max_channel_time = cpu_to_le16(50);
2741 } else {
2742 priv->BSS_list_entries = 0;
2743 cmd.SSID_size = 0;
2744 cmd.min_channel_time = cpu_to_le16(10);
2745 cmd.max_channel_time = cpu_to_le16(120);
2746 }
2747
2748 cmd.options = 0;
2749
2750 if (!specific_ssid)
2751 cmd.options |= SCAN_OPTIONS_SITE_SURVEY;
2752
2753 cmd.channel = (priv->channel & 0x7f);
2754 cmd.scan_type = SCAN_TYPE_ACTIVE;
2755 cmd.BSS_type = cpu_to_le16(priv->operating_mode == IW_MODE_ADHOC ?
2756 BSS_TYPE_AD_HOC : BSS_TYPE_INFRASTRUCTURE);
2757
2758 atmel_send_command(priv, CMD_Scan, &cmd, sizeof(cmd));
2759
2760 /* This must come after all hardware access to avoid being messed up
2761 by stuff happening in interrupt context after we leave STATE_DOWN */
2762 atmel_enter_state(priv, STATION_STATE_SCANNING);
2763 }
2764
join(struct atmel_private * priv,int type)2765 static void join(struct atmel_private *priv, int type)
2766 {
2767 struct {
2768 u8 BSSID[6];
2769 u8 SSID[MAX_SSID_LENGTH];
2770 u8 BSS_type; /* this is a short in a scan command - weird */
2771 u8 channel;
2772 __le16 timeout;
2773 u8 SSID_size;
2774 u8 reserved;
2775 } cmd;
2776
2777 cmd.SSID_size = priv->SSID_size;
2778 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2779 memcpy(cmd.BSSID, priv->CurrentBSSID, ETH_ALEN);
2780 cmd.channel = (priv->channel & 0x7f);
2781 cmd.BSS_type = type;
2782 cmd.timeout = cpu_to_le16(2000);
2783
2784 atmel_send_command(priv, CMD_Join, &cmd, sizeof(cmd));
2785 }
2786
start(struct atmel_private * priv,int type)2787 static void start(struct atmel_private *priv, int type)
2788 {
2789 struct {
2790 u8 BSSID[6];
2791 u8 SSID[MAX_SSID_LENGTH];
2792 u8 BSS_type;
2793 u8 channel;
2794 u8 SSID_size;
2795 u8 reserved[3];
2796 } cmd;
2797
2798 cmd.SSID_size = priv->SSID_size;
2799 memcpy(cmd.SSID, priv->SSID, priv->SSID_size);
2800 memcpy(cmd.BSSID, priv->BSSID, ETH_ALEN);
2801 cmd.BSS_type = type;
2802 cmd.channel = (priv->channel & 0x7f);
2803
2804 atmel_send_command(priv, CMD_Start, &cmd, sizeof(cmd));
2805 }
2806
handle_beacon_probe(struct atmel_private * priv,u16 capability,u8 channel)2807 static void handle_beacon_probe(struct atmel_private *priv, u16 capability,
2808 u8 channel)
2809 {
2810 int rejoin = 0;
2811 int new = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ?
2812 SHORT_PREAMBLE : LONG_PREAMBLE;
2813
2814 if (priv->preamble != new) {
2815 priv->preamble = new;
2816 rejoin = 1;
2817 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, new);
2818 }
2819
2820 if (priv->channel != channel) {
2821 priv->channel = channel;
2822 rejoin = 1;
2823 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_CHANNEL_POS, channel);
2824 }
2825
2826 if (rejoin) {
2827 priv->station_is_associated = 0;
2828 atmel_enter_state(priv, STATION_STATE_JOINNING);
2829
2830 if (priv->operating_mode == IW_MODE_INFRA)
2831 join(priv, BSS_TYPE_INFRASTRUCTURE);
2832 else
2833 join(priv, BSS_TYPE_AD_HOC);
2834 }
2835 }
2836
send_authentication_request(struct atmel_private * priv,u16 system,u8 * challenge,int challenge_len)2837 static void send_authentication_request(struct atmel_private *priv, u16 system,
2838 u8 *challenge, int challenge_len)
2839 {
2840 struct ieee80211_hdr header;
2841 struct auth_body auth;
2842
2843 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH);
2844 header.duration_id = cpu_to_le16(0x8000);
2845 header.seq_ctrl = 0;
2846 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN);
2847 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN);
2848 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN);
2849
2850 if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1)
2851 /* no WEP for authentication frames with TrSeqNo 1 */
2852 header.frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
2853
2854 auth.alg = cpu_to_le16(system);
2855
2856 auth.status = 0;
2857 auth.trans_seq = cpu_to_le16(priv->CurrentAuthentTransactionSeqNum);
2858 priv->ExpectedAuthentTransactionSeqNum = priv->CurrentAuthentTransactionSeqNum+1;
2859 priv->CurrentAuthentTransactionSeqNum += 2;
2860
2861 if (challenge_len != 0) {
2862 auth.el_id = 16; /* challenge_text */
2863 auth.chall_text_len = challenge_len;
2864 memcpy(auth.chall_text, challenge, challenge_len);
2865 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 8 + challenge_len);
2866 } else {
2867 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 6);
2868 }
2869 }
2870
send_association_request(struct atmel_private * priv,int is_reassoc)2871 static void send_association_request(struct atmel_private *priv, int is_reassoc)
2872 {
2873 u8 *ssid_el_p;
2874 int bodysize;
2875 struct ieee80211_hdr header;
2876 struct ass_req_format {
2877 __le16 capability;
2878 __le16 listen_interval;
2879 u8 ap[ETH_ALEN]; /* nothing after here directly accessible */
2880 u8 ssid_el_id;
2881 u8 ssid_len;
2882 u8 ssid[MAX_SSID_LENGTH];
2883 u8 sup_rates_el_id;
2884 u8 sup_rates_len;
2885 u8 rates[4];
2886 } body;
2887
2888 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2889 (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ));
2890 header.duration_id = cpu_to_le16(0x8000);
2891 header.seq_ctrl = 0;
2892
2893 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN);
2894 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN);
2895 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN);
2896
2897 body.capability = cpu_to_le16(WLAN_CAPABILITY_ESS);
2898 if (priv->wep_is_on)
2899 body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY);
2900 if (priv->preamble == SHORT_PREAMBLE)
2901 body.capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE);
2902
2903 body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period);
2904
2905 /* current AP address - only in reassoc frame */
2906 if (is_reassoc) {
2907 memcpy(body.ap, priv->CurrentBSSID, ETH_ALEN);
2908 ssid_el_p = &body.ssid_el_id;
2909 bodysize = 18 + priv->SSID_size;
2910 } else {
2911 ssid_el_p = &body.ap[0];
2912 bodysize = 12 + priv->SSID_size;
2913 }
2914
2915 ssid_el_p[0] = WLAN_EID_SSID;
2916 ssid_el_p[1] = priv->SSID_size;
2917 memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size);
2918 ssid_el_p[2 + priv->SSID_size] = WLAN_EID_SUPP_RATES;
2919 ssid_el_p[3 + priv->SSID_size] = 4; /* len of supported rates */
2920 memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4);
2921
2922 atmel_transmit_management_frame(priv, &header, (void *)&body, bodysize);
2923 }
2924
is_frame_from_current_bss(struct atmel_private * priv,struct ieee80211_hdr * header)2925 static int is_frame_from_current_bss(struct atmel_private *priv,
2926 struct ieee80211_hdr *header)
2927 {
2928 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS)
2929 return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0;
2930 else
2931 return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0;
2932 }
2933
retrieve_bss(struct atmel_private * priv)2934 static int retrieve_bss(struct atmel_private *priv)
2935 {
2936 int i;
2937 int max_rssi = -128;
2938 int max_index = -1;
2939
2940 if (priv->BSS_list_entries == 0)
2941 return -1;
2942
2943 if (priv->connect_to_any_BSS) {
2944 /* Select a BSS with the max-RSSI but of the same type and of
2945 the same WEP mode and that it is not marked as 'bad' (i.e.
2946 we had previously failed to connect to this BSS with the
2947 settings that we currently use) */
2948 priv->current_BSS = 0;
2949 for (i = 0; i < priv->BSS_list_entries; i++) {
2950 if (priv->operating_mode == priv->BSSinfo[i].BSStype &&
2951 ((!priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) ||
2952 (priv->wep_is_on && priv->BSSinfo[i].UsingWEP)) &&
2953 !(priv->BSSinfo[i].channel & 0x80)) {
2954 max_rssi = priv->BSSinfo[i].RSSI;
2955 priv->current_BSS = max_index = i;
2956 }
2957 }
2958 return max_index;
2959 }
2960
2961 for (i = 0; i < priv->BSS_list_entries; i++) {
2962 if (priv->SSID_size == priv->BSSinfo[i].SSIDsize &&
2963 memcmp(priv->SSID, priv->BSSinfo[i].SSID, priv->SSID_size) == 0 &&
2964 priv->operating_mode == priv->BSSinfo[i].BSStype &&
2965 atmel_validate_channel(priv, priv->BSSinfo[i].channel) == 0) {
2966 if (priv->BSSinfo[i].RSSI >= max_rssi) {
2967 max_rssi = priv->BSSinfo[i].RSSI;
2968 max_index = i;
2969 }
2970 }
2971 }
2972 return max_index;
2973 }
2974
store_bss_info(struct atmel_private * priv,struct ieee80211_hdr * header,u16 capability,u16 beacon_period,u8 channel,u8 rssi,u8 ssid_len,u8 * ssid,int is_beacon)2975 static void store_bss_info(struct atmel_private *priv,
2976 struct ieee80211_hdr *header, u16 capability,
2977 u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len,
2978 u8 *ssid, int is_beacon)
2979 {
2980 u8 *bss = capability & WLAN_CAPABILITY_ESS ? header->addr2 : header->addr3;
2981 int i, index;
2982
2983 for (index = -1, i = 0; i < priv->BSS_list_entries; i++)
2984 if (memcmp(bss, priv->BSSinfo[i].BSSID, ETH_ALEN) == 0)
2985 index = i;
2986
2987 /* If we process a probe and an entry from this BSS exists
2988 we will update the BSS entry with the info from this BSS.
2989 If we process a beacon we will only update RSSI */
2990
2991 if (index == -1) {
2992 if (priv->BSS_list_entries == MAX_BSS_ENTRIES)
2993 return;
2994 index = priv->BSS_list_entries++;
2995 memcpy(priv->BSSinfo[index].BSSID, bss, ETH_ALEN);
2996 priv->BSSinfo[index].RSSI = rssi;
2997 } else {
2998 if (rssi > priv->BSSinfo[index].RSSI)
2999 priv->BSSinfo[index].RSSI = rssi;
3000 if (is_beacon)
3001 return;
3002 }
3003
3004 priv->BSSinfo[index].channel = channel;
3005 priv->BSSinfo[index].beacon_period = beacon_period;
3006 priv->BSSinfo[index].UsingWEP = capability & WLAN_CAPABILITY_PRIVACY;
3007 memcpy(priv->BSSinfo[index].SSID, ssid, ssid_len);
3008 priv->BSSinfo[index].SSIDsize = ssid_len;
3009
3010 if (capability & WLAN_CAPABILITY_IBSS)
3011 priv->BSSinfo[index].BSStype = IW_MODE_ADHOC;
3012 else if (capability & WLAN_CAPABILITY_ESS)
3013 priv->BSSinfo[index].BSStype = IW_MODE_INFRA;
3014
3015 priv->BSSinfo[index].preamble = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ?
3016 SHORT_PREAMBLE : LONG_PREAMBLE;
3017 }
3018
authenticate(struct atmel_private * priv,u16 frame_len)3019 static void authenticate(struct atmel_private *priv, u16 frame_len)
3020 {
3021 struct auth_body *auth = (struct auth_body *)priv->rx_buf;
3022 u16 status = le16_to_cpu(auth->status);
3023 u16 trans_seq_no = le16_to_cpu(auth->trans_seq);
3024 u16 system = le16_to_cpu(auth->alg);
3025
3026 if (status == WLAN_STATUS_SUCCESS && !priv->wep_is_on) {
3027 /* no WEP */
3028 if (priv->station_was_associated) {
3029 atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3030 send_association_request(priv, 1);
3031 return;
3032 } else {
3033 atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3034 send_association_request(priv, 0);
3035 return;
3036 }
3037 }
3038
3039 if (status == WLAN_STATUS_SUCCESS && priv->wep_is_on) {
3040 int should_associate = 0;
3041 /* WEP */
3042 if (trans_seq_no != priv->ExpectedAuthentTransactionSeqNum)
3043 return;
3044
3045 if (system == WLAN_AUTH_OPEN) {
3046 if (trans_seq_no == 0x0002) {
3047 should_associate = 1;
3048 }
3049 } else if (system == WLAN_AUTH_SHARED_KEY) {
3050 if (trans_seq_no == 0x0002 &&
3051 auth->el_id == WLAN_EID_CHALLENGE) {
3052 send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len);
3053 return;
3054 } else if (trans_seq_no == 0x0004) {
3055 should_associate = 1;
3056 }
3057 }
3058
3059 if (should_associate) {
3060 if (priv->station_was_associated) {
3061 atmel_enter_state(priv, STATION_STATE_REASSOCIATING);
3062 send_association_request(priv, 1);
3063 return;
3064 } else {
3065 atmel_enter_state(priv, STATION_STATE_ASSOCIATING);
3066 send_association_request(priv, 0);
3067 return;
3068 }
3069 }
3070 }
3071
3072 if (status == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
3073 /* Flip back and forth between WEP auth modes until the max
3074 * authentication tries has been exceeded.
3075 */
3076 if (system == WLAN_AUTH_OPEN) {
3077 priv->CurrentAuthentTransactionSeqNum = 0x001;
3078 priv->exclude_unencrypted = 1;
3079 send_authentication_request(priv, WLAN_AUTH_SHARED_KEY, NULL, 0);
3080 return;
3081 } else if (system == WLAN_AUTH_SHARED_KEY
3082 && priv->wep_is_on) {
3083 priv->CurrentAuthentTransactionSeqNum = 0x001;
3084 priv->exclude_unencrypted = 0;
3085 send_authentication_request(priv, WLAN_AUTH_OPEN, NULL, 0);
3086 return;
3087 } else if (priv->connect_to_any_BSS) {
3088 int bss_index;
3089
3090 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3091
3092 if ((bss_index = retrieve_bss(priv)) != -1) {
3093 atmel_join_bss(priv, bss_index);
3094 return;
3095 }
3096 }
3097 }
3098
3099 priv->AuthenticationRequestRetryCnt = 0;
3100 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3101 priv->station_is_associated = 0;
3102 }
3103
associate(struct atmel_private * priv,u16 frame_len,u16 subtype)3104 static void associate(struct atmel_private *priv, u16 frame_len, u16 subtype)
3105 {
3106 struct ass_resp_format {
3107 __le16 capability;
3108 __le16 status;
3109 __le16 ass_id;
3110 u8 el_id;
3111 u8 length;
3112 u8 rates[4];
3113 } *ass_resp = (struct ass_resp_format *)priv->rx_buf;
3114
3115 u16 status = le16_to_cpu(ass_resp->status);
3116 u16 ass_id = le16_to_cpu(ass_resp->ass_id);
3117 u16 rates_len = ass_resp->length > 4 ? 4 : ass_resp->length;
3118
3119 union iwreq_data wrqu;
3120
3121 if (frame_len < 8 + rates_len)
3122 return;
3123
3124 if (status == WLAN_STATUS_SUCCESS) {
3125 if (subtype == IEEE80211_STYPE_ASSOC_RESP)
3126 priv->AssociationRequestRetryCnt = 0;
3127 else
3128 priv->ReAssociationRequestRetryCnt = 0;
3129
3130 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3131 MAC_MGMT_MIB_STATION_ID_POS, ass_id & 0x3fff);
3132 atmel_set_mib(priv, Phy_Mib_Type,
3133 PHY_MIB_RATE_SET_POS, ass_resp->rates, rates_len);
3134 if (priv->power_mode == 0) {
3135 priv->listen_interval = 1;
3136 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3137 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3138 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3139 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3140 } else {
3141 priv->listen_interval = 2;
3142 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3143 MAC_MGMT_MIB_PS_MODE_POS, PS_MODE);
3144 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3145 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 2);
3146 }
3147
3148 priv->station_is_associated = 1;
3149 priv->station_was_associated = 1;
3150 atmel_enter_state(priv, STATION_STATE_READY);
3151
3152 /* Send association event to userspace */
3153 wrqu.data.length = 0;
3154 wrqu.data.flags = 0;
3155 memcpy(wrqu.ap_addr.sa_data, priv->CurrentBSSID, ETH_ALEN);
3156 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
3157 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
3158
3159 return;
3160 }
3161
3162 if (subtype == IEEE80211_STYPE_ASSOC_RESP &&
3163 status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3164 status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3165 priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3166 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3167 priv->AssociationRequestRetryCnt++;
3168 send_association_request(priv, 0);
3169 return;
3170 }
3171
3172 if (subtype == IEEE80211_STYPE_REASSOC_RESP &&
3173 status != WLAN_STATUS_ASSOC_DENIED_RATES &&
3174 status != WLAN_STATUS_CAPS_UNSUPPORTED &&
3175 priv->ReAssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) {
3176 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3177 priv->ReAssociationRequestRetryCnt++;
3178 send_association_request(priv, 1);
3179 return;
3180 }
3181
3182 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3183 priv->station_is_associated = 0;
3184
3185 if (priv->connect_to_any_BSS) {
3186 int bss_index;
3187 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3188
3189 if ((bss_index = retrieve_bss(priv)) != -1)
3190 atmel_join_bss(priv, bss_index);
3191 }
3192 }
3193
atmel_join_bss(struct atmel_private * priv,int bss_index)3194 static void atmel_join_bss(struct atmel_private *priv, int bss_index)
3195 {
3196 struct bss_info *bss = &priv->BSSinfo[bss_index];
3197
3198 memcpy(priv->CurrentBSSID, bss->BSSID, ETH_ALEN);
3199 memcpy(priv->SSID, bss->SSID, priv->SSID_size = bss->SSIDsize);
3200
3201 /* The WPA stuff cares about the current AP address */
3202 if (priv->use_wpa)
3203 build_wpa_mib(priv);
3204
3205 /* When switching to AdHoc turn OFF Power Save if needed */
3206
3207 if (bss->BSStype == IW_MODE_ADHOC &&
3208 priv->operating_mode != IW_MODE_ADHOC &&
3209 priv->power_mode) {
3210 priv->power_mode = 0;
3211 priv->listen_interval = 1;
3212 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type,
3213 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
3214 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type,
3215 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
3216 }
3217
3218 priv->operating_mode = bss->BSStype;
3219 priv->channel = bss->channel & 0x7f;
3220 priv->beacon_period = bss->beacon_period;
3221
3222 if (priv->preamble != bss->preamble) {
3223 priv->preamble = bss->preamble;
3224 atmel_set_mib8(priv, Local_Mib_Type,
3225 LOCAL_MIB_PREAMBLE_TYPE, bss->preamble);
3226 }
3227
3228 if (!priv->wep_is_on && bss->UsingWEP) {
3229 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3230 priv->station_is_associated = 0;
3231 return;
3232 }
3233
3234 if (priv->wep_is_on && !bss->UsingWEP) {
3235 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3236 priv->station_is_associated = 0;
3237 return;
3238 }
3239
3240 atmel_enter_state(priv, STATION_STATE_JOINNING);
3241
3242 if (priv->operating_mode == IW_MODE_INFRA)
3243 join(priv, BSS_TYPE_INFRASTRUCTURE);
3244 else
3245 join(priv, BSS_TYPE_AD_HOC);
3246 }
3247
restart_search(struct atmel_private * priv)3248 static void restart_search(struct atmel_private *priv)
3249 {
3250 int bss_index;
3251
3252 if (!priv->connect_to_any_BSS) {
3253 atmel_scan(priv, 1);
3254 } else {
3255 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80;
3256
3257 if ((bss_index = retrieve_bss(priv)) != -1)
3258 atmel_join_bss(priv, bss_index);
3259 else
3260 atmel_scan(priv, 0);
3261 }
3262 }
3263
smooth_rssi(struct atmel_private * priv,u8 rssi)3264 static void smooth_rssi(struct atmel_private *priv, u8 rssi)
3265 {
3266 u8 old = priv->wstats.qual.level;
3267 u8 max_rssi = 42; /* 502-rmfd-revd max by experiment, default for now */
3268
3269 switch (priv->firmware_type) {
3270 case ATMEL_FW_TYPE_502E:
3271 max_rssi = 63; /* 502-rmfd-reve max by experiment */
3272 break;
3273 default:
3274 break;
3275 }
3276
3277 rssi = rssi * 100 / max_rssi;
3278 if ((rssi + old) % 2)
3279 priv->wstats.qual.level = (rssi + old) / 2 + 1;
3280 else
3281 priv->wstats.qual.level = (rssi + old) / 2;
3282 priv->wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
3283 priv->wstats.qual.updated &= ~IW_QUAL_LEVEL_INVALID;
3284 }
3285
atmel_smooth_qual(struct atmel_private * priv)3286 static void atmel_smooth_qual(struct atmel_private *priv)
3287 {
3288 unsigned long time_diff = (jiffies - priv->last_qual) / HZ;
3289 while (time_diff--) {
3290 priv->last_qual += HZ;
3291 priv->wstats.qual.qual = priv->wstats.qual.qual / 2;
3292 priv->wstats.qual.qual +=
3293 priv->beacons_this_sec * priv->beacon_period * (priv->wstats.qual.level + 100) / 4000;
3294 priv->beacons_this_sec = 0;
3295 }
3296 priv->wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
3297 priv->wstats.qual.updated &= ~IW_QUAL_QUAL_INVALID;
3298 }
3299
3300 /* deals with incoming management frames. */
atmel_management_frame(struct atmel_private * priv,struct ieee80211_hdr * header,u16 frame_len,u8 rssi)3301 static void atmel_management_frame(struct atmel_private *priv,
3302 struct ieee80211_hdr *header,
3303 u16 frame_len, u8 rssi)
3304 {
3305 u16 subtype;
3306
3307 subtype = le16_to_cpu(header->frame_control) & IEEE80211_FCTL_STYPE;
3308 switch (subtype) {
3309 case IEEE80211_STYPE_BEACON:
3310 case IEEE80211_STYPE_PROBE_RESP:
3311
3312 /* beacon frame has multiple variable-length fields -
3313 never let an engineer loose with a data structure design. */
3314 {
3315 struct beacon_format {
3316 __le64 timestamp;
3317 __le16 interval;
3318 __le16 capability;
3319 u8 ssid_el_id;
3320 u8 ssid_length;
3321 /* ssid here */
3322 u8 rates_el_id;
3323 u8 rates_length;
3324 /* rates here */
3325 u8 ds_el_id;
3326 u8 ds_length;
3327 /* ds here */
3328 } *beacon = (struct beacon_format *)priv->rx_buf;
3329
3330 u8 channel, rates_length, ssid_length;
3331 u64 timestamp = le64_to_cpu(beacon->timestamp);
3332 u16 beacon_interval = le16_to_cpu(beacon->interval);
3333 u16 capability = le16_to_cpu(beacon->capability);
3334 u8 *beaconp = priv->rx_buf;
3335 ssid_length = beacon->ssid_length;
3336 /* this blows chunks. */
3337 if (frame_len < 14 || frame_len < ssid_length + 15)
3338 return;
3339 rates_length = beaconp[beacon->ssid_length + 15];
3340 if (frame_len < ssid_length + rates_length + 18)
3341 return;
3342 if (ssid_length > MAX_SSID_LENGTH)
3343 return;
3344 channel = beaconp[ssid_length + rates_length + 18];
3345
3346 if (priv->station_state == STATION_STATE_READY) {
3347 smooth_rssi(priv, rssi);
3348 if (is_frame_from_current_bss(priv, header)) {
3349 priv->beacons_this_sec++;
3350 atmel_smooth_qual(priv);
3351 if (priv->last_beacon_timestamp) {
3352 /* Note truncate this to 32 bits - kernel can't divide a long */
3353 u32 beacon_delay = timestamp - priv->last_beacon_timestamp;
3354 int beacons = beacon_delay / (beacon_interval * 1000);
3355 if (beacons > 1)
3356 priv->wstats.miss.beacon += beacons - 1;
3357 }
3358 priv->last_beacon_timestamp = timestamp;
3359 handle_beacon_probe(priv, capability, channel);
3360 }
3361 }
3362
3363 if (priv->station_state == STATION_STATE_SCANNING)
3364 store_bss_info(priv, header, capability,
3365 beacon_interval, channel, rssi,
3366 ssid_length,
3367 &beacon->rates_el_id,
3368 subtype == IEEE80211_STYPE_BEACON);
3369 }
3370 break;
3371
3372 case IEEE80211_STYPE_AUTH:
3373
3374 if (priv->station_state == STATION_STATE_AUTHENTICATING)
3375 authenticate(priv, frame_len);
3376
3377 break;
3378
3379 case IEEE80211_STYPE_ASSOC_RESP:
3380 case IEEE80211_STYPE_REASSOC_RESP:
3381
3382 if (priv->station_state == STATION_STATE_ASSOCIATING ||
3383 priv->station_state == STATION_STATE_REASSOCIATING)
3384 associate(priv, frame_len, subtype);
3385
3386 break;
3387
3388 case IEEE80211_STYPE_DISASSOC:
3389 if (priv->station_is_associated &&
3390 priv->operating_mode == IW_MODE_INFRA &&
3391 is_frame_from_current_bss(priv, header)) {
3392 priv->station_was_associated = 0;
3393 priv->station_is_associated = 0;
3394
3395 atmel_enter_state(priv, STATION_STATE_JOINNING);
3396 join(priv, BSS_TYPE_INFRASTRUCTURE);
3397 }
3398
3399 break;
3400
3401 case IEEE80211_STYPE_DEAUTH:
3402 if (priv->operating_mode == IW_MODE_INFRA &&
3403 is_frame_from_current_bss(priv, header)) {
3404 priv->station_was_associated = 0;
3405
3406 atmel_enter_state(priv, STATION_STATE_JOINNING);
3407 join(priv, BSS_TYPE_INFRASTRUCTURE);
3408 }
3409
3410 break;
3411 }
3412 }
3413
3414 /* run when timer expires */
atmel_management_timer(struct timer_list * t)3415 static void atmel_management_timer(struct timer_list *t)
3416 {
3417 struct atmel_private *priv = from_timer(priv, t, management_timer);
3418 unsigned long flags;
3419
3420 /* Check if the card has been yanked. */
3421 if (priv->card && priv->present_callback &&
3422 !(*priv->present_callback)(priv->card))
3423 return;
3424
3425 spin_lock_irqsave(&priv->irqlock, flags);
3426
3427 switch (priv->station_state) {
3428
3429 case STATION_STATE_AUTHENTICATING:
3430 if (priv->AuthenticationRequestRetryCnt >= MAX_AUTHENTICATION_RETRIES) {
3431 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3432 priv->station_is_associated = 0;
3433 priv->AuthenticationRequestRetryCnt = 0;
3434 restart_search(priv);
3435 } else {
3436 int auth = WLAN_AUTH_OPEN;
3437 priv->AuthenticationRequestRetryCnt++;
3438 priv->CurrentAuthentTransactionSeqNum = 0x0001;
3439 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3440 if (priv->wep_is_on && priv->exclude_unencrypted)
3441 auth = WLAN_AUTH_SHARED_KEY;
3442 send_authentication_request(priv, auth, NULL, 0);
3443 }
3444 break;
3445
3446 case STATION_STATE_ASSOCIATING:
3447 if (priv->AssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3448 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3449 priv->station_is_associated = 0;
3450 priv->AssociationRequestRetryCnt = 0;
3451 restart_search(priv);
3452 } else {
3453 priv->AssociationRequestRetryCnt++;
3454 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3455 send_association_request(priv, 0);
3456 }
3457 break;
3458
3459 case STATION_STATE_REASSOCIATING:
3460 if (priv->ReAssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) {
3461 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR);
3462 priv->station_is_associated = 0;
3463 priv->ReAssociationRequestRetryCnt = 0;
3464 restart_search(priv);
3465 } else {
3466 priv->ReAssociationRequestRetryCnt++;
3467 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3468 send_association_request(priv, 1);
3469 }
3470 break;
3471
3472 default:
3473 break;
3474 }
3475
3476 spin_unlock_irqrestore(&priv->irqlock, flags);
3477 }
3478
atmel_command_irq(struct atmel_private * priv)3479 static void atmel_command_irq(struct atmel_private *priv)
3480 {
3481 u8 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
3482 u8 command = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET));
3483 int fast_scan;
3484 union iwreq_data wrqu;
3485
3486 if (status == CMD_STATUS_IDLE ||
3487 status == CMD_STATUS_IN_PROGRESS)
3488 return;
3489
3490 switch (command) {
3491 case CMD_Start:
3492 if (status == CMD_STATUS_COMPLETE) {
3493 priv->station_was_associated = priv->station_is_associated;
3494 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS,
3495 (u8 *)priv->CurrentBSSID, 6);
3496 atmel_enter_state(priv, STATION_STATE_READY);
3497 }
3498 break;
3499
3500 case CMD_Scan:
3501 fast_scan = priv->fast_scan;
3502 priv->fast_scan = 0;
3503
3504 if (status != CMD_STATUS_COMPLETE) {
3505 atmel_scan(priv, 1);
3506 } else {
3507 int bss_index = retrieve_bss(priv);
3508 int notify_scan_complete = 1;
3509 if (bss_index != -1) {
3510 atmel_join_bss(priv, bss_index);
3511 } else if (priv->operating_mode == IW_MODE_ADHOC &&
3512 priv->SSID_size != 0) {
3513 start(priv, BSS_TYPE_AD_HOC);
3514 } else {
3515 priv->fast_scan = !fast_scan;
3516 atmel_scan(priv, 1);
3517 notify_scan_complete = 0;
3518 }
3519 priv->site_survey_state = SITE_SURVEY_COMPLETED;
3520 if (notify_scan_complete) {
3521 wrqu.data.length = 0;
3522 wrqu.data.flags = 0;
3523 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3524 }
3525 }
3526 break;
3527
3528 case CMD_SiteSurvey:
3529 priv->fast_scan = 0;
3530
3531 if (status != CMD_STATUS_COMPLETE)
3532 return;
3533
3534 priv->site_survey_state = SITE_SURVEY_COMPLETED;
3535 if (priv->station_is_associated) {
3536 atmel_enter_state(priv, STATION_STATE_READY);
3537 wrqu.data.length = 0;
3538 wrqu.data.flags = 0;
3539 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
3540 } else {
3541 atmel_scan(priv, 1);
3542 }
3543 break;
3544
3545 case CMD_Join:
3546 if (status == CMD_STATUS_COMPLETE) {
3547 if (priv->operating_mode == IW_MODE_ADHOC) {
3548 priv->station_was_associated = priv->station_is_associated;
3549 atmel_enter_state(priv, STATION_STATE_READY);
3550 } else {
3551 int auth = WLAN_AUTH_OPEN;
3552 priv->AuthenticationRequestRetryCnt = 0;
3553 atmel_enter_state(priv, STATION_STATE_AUTHENTICATING);
3554
3555 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES);
3556 priv->CurrentAuthentTransactionSeqNum = 0x0001;
3557 if (priv->wep_is_on && priv->exclude_unencrypted)
3558 auth = WLAN_AUTH_SHARED_KEY;
3559 send_authentication_request(priv, auth, NULL, 0);
3560 }
3561 return;
3562 }
3563
3564 atmel_scan(priv, 1);
3565 }
3566 }
3567
atmel_wakeup_firmware(struct atmel_private * priv)3568 static int atmel_wakeup_firmware(struct atmel_private *priv)
3569 {
3570 struct host_info_struct *iface = &priv->host_info;
3571 u16 mr1, mr3;
3572 int i;
3573
3574 if (priv->card_type == CARD_TYPE_SPI_FLASH)
3575 atmel_set_gcr(priv->dev, GCR_REMAP);
3576
3577 /* wake up on-board processor */
3578 atmel_clear_gcr(priv->dev, 0x0040);
3579 atmel_write16(priv->dev, BSR, BSS_SRAM);
3580
3581 if (priv->card_type == CARD_TYPE_SPI_FLASH)
3582 mdelay(100);
3583
3584 /* and wait for it */
3585 for (i = LOOP_RETRY_LIMIT; i; i--) {
3586 mr1 = atmel_read16(priv->dev, MR1);
3587 mr3 = atmel_read16(priv->dev, MR3);
3588
3589 if (mr3 & MAC_BOOT_COMPLETE)
3590 break;
3591 if (mr1 & MAC_BOOT_COMPLETE &&
3592 priv->bus_type == BUS_TYPE_PCCARD)
3593 break;
3594 }
3595
3596 if (i == 0) {
3597 printk(KERN_ALERT "%s: MAC failed to boot.\n", priv->dev->name);
3598 return -EIO;
3599 }
3600
3601 if ((priv->host_info_base = atmel_read16(priv->dev, MR2)) == 0xffff) {
3602 printk(KERN_ALERT "%s: card missing.\n", priv->dev->name);
3603 return -ENODEV;
3604 }
3605
3606 /* now check for completion of MAC initialization through
3607 the FunCtrl field of the IFACE, poll MR1 to detect completion of
3608 MAC initialization, check completion status, set interrupt mask,
3609 enables interrupts and calls Tx and Rx initialization functions */
3610
3611 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), FUNC_CTRL_INIT_COMPLETE);
3612
3613 for (i = LOOP_RETRY_LIMIT; i; i--) {
3614 mr1 = atmel_read16(priv->dev, MR1);
3615 mr3 = atmel_read16(priv->dev, MR3);
3616
3617 if (mr3 & MAC_INIT_COMPLETE)
3618 break;
3619 if (mr1 & MAC_INIT_COMPLETE &&
3620 priv->bus_type == BUS_TYPE_PCCARD)
3621 break;
3622 }
3623
3624 if (i == 0) {
3625 printk(KERN_ALERT "%s: MAC failed to initialise.\n",
3626 priv->dev->name);
3627 return -EIO;
3628 }
3629
3630 /* Check for MAC_INIT_OK only on the register that the MAC_INIT_OK was set */
3631 if ((mr3 & MAC_INIT_COMPLETE) &&
3632 !(atmel_read16(priv->dev, MR3) & MAC_INIT_OK)) {
3633 printk(KERN_ALERT "%s: MAC failed MR3 self-test.\n", priv->dev->name);
3634 return -EIO;
3635 }
3636 if ((mr1 & MAC_INIT_COMPLETE) &&
3637 !(atmel_read16(priv->dev, MR1) & MAC_INIT_OK)) {
3638 printk(KERN_ALERT "%s: MAC failed MR1 self-test.\n", priv->dev->name);
3639 return -EIO;
3640 }
3641
3642 atmel_copy_to_host(priv->dev, (unsigned char *)iface,
3643 priv->host_info_base, sizeof(*iface));
3644
3645 iface->tx_buff_pos = le16_to_cpu(iface->tx_buff_pos);
3646 iface->tx_buff_size = le16_to_cpu(iface->tx_buff_size);
3647 iface->tx_desc_pos = le16_to_cpu(iface->tx_desc_pos);
3648 iface->tx_desc_count = le16_to_cpu(iface->tx_desc_count);
3649 iface->rx_buff_pos = le16_to_cpu(iface->rx_buff_pos);
3650 iface->rx_buff_size = le16_to_cpu(iface->rx_buff_size);
3651 iface->rx_desc_pos = le16_to_cpu(iface->rx_desc_pos);
3652 iface->rx_desc_count = le16_to_cpu(iface->rx_desc_count);
3653 iface->build_version = le16_to_cpu(iface->build_version);
3654 iface->command_pos = le16_to_cpu(iface->command_pos);
3655 iface->major_version = le16_to_cpu(iface->major_version);
3656 iface->minor_version = le16_to_cpu(iface->minor_version);
3657 iface->func_ctrl = le16_to_cpu(iface->func_ctrl);
3658 iface->mac_status = le16_to_cpu(iface->mac_status);
3659
3660 return 0;
3661 }
3662
3663 /* determine type of memory and MAC address */
probe_atmel_card(struct net_device * dev)3664 static int probe_atmel_card(struct net_device *dev)
3665 {
3666 int rc = 0;
3667 struct atmel_private *priv = netdev_priv(dev);
3668 u8 addr[ETH_ALEN] = {};
3669
3670 /* reset pccard */
3671 if (priv->bus_type == BUS_TYPE_PCCARD)
3672 atmel_write16(dev, GCR, 0x0060);
3673
3674 atmel_write16(dev, GCR, 0x0040);
3675 msleep(500);
3676
3677 if (atmel_read16(dev, MR2) == 0) {
3678 /* No stored firmware so load a small stub which just
3679 tells us the MAC address */
3680 int i;
3681 priv->card_type = CARD_TYPE_EEPROM;
3682 atmel_write16(dev, BSR, BSS_IRAM);
3683 atmel_copy_to_card(dev, 0, mac_reader, sizeof(mac_reader));
3684 atmel_set_gcr(dev, GCR_REMAP);
3685 atmel_clear_gcr(priv->dev, 0x0040);
3686 atmel_write16(dev, BSR, BSS_SRAM);
3687 for (i = LOOP_RETRY_LIMIT; i; i--)
3688 if (atmel_read16(dev, MR3) & MAC_BOOT_COMPLETE)
3689 break;
3690 if (i == 0) {
3691 printk(KERN_ALERT "%s: MAC failed to boot MAC address reader.\n", dev->name);
3692 } else {
3693
3694 atmel_copy_to_host(dev, addr, atmel_read16(dev, MR2), 6);
3695 eth_hw_addr_set(dev, addr);
3696 /* got address, now squash it again until the network
3697 interface is opened */
3698 if (priv->bus_type == BUS_TYPE_PCCARD)
3699 atmel_write16(dev, GCR, 0x0060);
3700 atmel_write16(dev, GCR, 0x0040);
3701 rc = 1;
3702 }
3703 } else if (atmel_read16(dev, MR4) == 0) {
3704 /* Mac address easy in this case. */
3705 priv->card_type = CARD_TYPE_PARALLEL_FLASH;
3706 atmel_write16(dev, BSR, 1);
3707 atmel_copy_to_host(dev, addr, 0xc000, 6);
3708 eth_hw_addr_set(dev, addr);
3709 atmel_write16(dev, BSR, 0x200);
3710 rc = 1;
3711 } else {
3712 /* Standard firmware in flash, boot it up and ask
3713 for the Mac Address */
3714 priv->card_type = CARD_TYPE_SPI_FLASH;
3715 if (atmel_wakeup_firmware(priv) == 0) {
3716 atmel_get_mib(priv, Mac_Address_Mib_Type, 0, addr, 6);
3717 eth_hw_addr_set(dev, addr);
3718
3719 /* got address, now squash it again until the network
3720 interface is opened */
3721 if (priv->bus_type == BUS_TYPE_PCCARD)
3722 atmel_write16(dev, GCR, 0x0060);
3723 atmel_write16(dev, GCR, 0x0040);
3724 rc = 1;
3725 }
3726 }
3727
3728 if (rc) {
3729 if (dev->dev_addr[0] == 0xFF) {
3730 static const u8 default_mac[] = {
3731 0x00, 0x04, 0x25, 0x00, 0x00, 0x00
3732 };
3733 printk(KERN_ALERT "%s: *** Invalid MAC address. UPGRADE Firmware ****\n", dev->name);
3734 eth_hw_addr_set(dev, default_mac);
3735 }
3736 }
3737
3738 return rc;
3739 }
3740
3741 /* Move the encyption information on the MIB structure.
3742 This routine is for the pre-WPA firmware: later firmware has
3743 a different format MIB and a different routine. */
build_wep_mib(struct atmel_private * priv)3744 static void build_wep_mib(struct atmel_private *priv)
3745 {
3746 struct { /* NB this is matched to the hardware, don't change. */
3747 u8 wep_is_on;
3748 u8 default_key; /* 0..3 */
3749 u8 reserved;
3750 u8 exclude_unencrypted;
3751
3752 u32 WEPICV_error_count;
3753 u32 WEP_excluded_count;
3754
3755 u8 wep_keys[MAX_ENCRYPTION_KEYS][13];
3756 u8 encryption_level; /* 0, 1, 2 */
3757 u8 reserved2[3];
3758 } mib;
3759 int i;
3760
3761 mib.wep_is_on = priv->wep_is_on;
3762 if (priv->wep_is_on) {
3763 if (priv->wep_key_len[priv->default_key] > 5)
3764 mib.encryption_level = 2;
3765 else
3766 mib.encryption_level = 1;
3767 } else {
3768 mib.encryption_level = 0;
3769 }
3770
3771 mib.default_key = priv->default_key;
3772 mib.exclude_unencrypted = priv->exclude_unencrypted;
3773
3774 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++)
3775 memcpy(mib.wep_keys[i], priv->wep_keys[i], 13);
3776
3777 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3778 }
3779
build_wpa_mib(struct atmel_private * priv)3780 static void build_wpa_mib(struct atmel_private *priv)
3781 {
3782 /* This is for the later (WPA enabled) firmware. */
3783
3784 struct { /* NB this is matched to the hardware, don't change. */
3785 u8 cipher_default_key_value[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE];
3786 u8 receiver_address[ETH_ALEN];
3787 u8 wep_is_on;
3788 u8 default_key; /* 0..3 */
3789 u8 group_key;
3790 u8 exclude_unencrypted;
3791 u8 encryption_type;
3792 u8 reserved;
3793
3794 u32 WEPICV_error_count;
3795 u32 WEP_excluded_count;
3796
3797 u8 key_RSC[4][8];
3798 } mib;
3799
3800 int i;
3801
3802 mib.wep_is_on = priv->wep_is_on;
3803 mib.exclude_unencrypted = priv->exclude_unencrypted;
3804 memcpy(mib.receiver_address, priv->CurrentBSSID, ETH_ALEN);
3805
3806 /* zero all the keys before adding in valid ones. */
3807 memset(mib.cipher_default_key_value, 0, sizeof(mib.cipher_default_key_value));
3808
3809 if (priv->wep_is_on) {
3810 /* There's a comment in the Atmel code to the effect that this
3811 is only valid when still using WEP, it may need to be set to
3812 something to use WPA */
3813 memset(mib.key_RSC, 0, sizeof(mib.key_RSC));
3814
3815 mib.default_key = mib.group_key = 255;
3816 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) {
3817 if (priv->wep_key_len[i] > 0) {
3818 memcpy(mib.cipher_default_key_value[i], priv->wep_keys[i], MAX_ENCRYPTION_KEY_SIZE);
3819 if (i == priv->default_key) {
3820 mib.default_key = i;
3821 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 7;
3822 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->pairwise_cipher_suite;
3823 } else {
3824 mib.group_key = i;
3825 priv->group_cipher_suite = priv->pairwise_cipher_suite;
3826 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 1;
3827 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->group_cipher_suite;
3828 }
3829 }
3830 }
3831 if (mib.default_key == 255)
3832 mib.default_key = mib.group_key != 255 ? mib.group_key : 0;
3833 if (mib.group_key == 255)
3834 mib.group_key = mib.default_key;
3835
3836 }
3837
3838 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib));
3839 }
3840
reset_atmel_card(struct net_device * dev)3841 static int reset_atmel_card(struct net_device *dev)
3842 {
3843 /* do everything necessary to wake up the hardware, including
3844 waiting for the lightning strike and throwing the knife switch....
3845
3846 set all the Mib values which matter in the card to match
3847 their settings in the atmel_private structure. Some of these
3848 can be altered on the fly, but many (WEP, infrastructure or ad-hoc)
3849 can only be changed by tearing down the world and coming back through
3850 here.
3851
3852 This routine is also responsible for initialising some
3853 hardware-specific fields in the atmel_private structure,
3854 including a copy of the firmware's hostinfo structure
3855 which is the route into the rest of the firmware datastructures. */
3856
3857 struct atmel_private *priv = netdev_priv(dev);
3858 u8 configuration;
3859 int old_state = priv->station_state;
3860 int err = 0;
3861
3862 /* data to add to the firmware names, in priority order
3863 this implemenents firmware versioning */
3864
3865 static char *firmware_modifier[] = {
3866 "-wpa",
3867 "",
3868 NULL
3869 };
3870
3871 /* reset pccard */
3872 if (priv->bus_type == BUS_TYPE_PCCARD)
3873 atmel_write16(priv->dev, GCR, 0x0060);
3874
3875 /* stop card , disable interrupts */
3876 atmel_write16(priv->dev, GCR, 0x0040);
3877
3878 if (priv->card_type == CARD_TYPE_EEPROM) {
3879 /* copy in firmware if needed */
3880 const struct firmware *fw_entry = NULL;
3881 const unsigned char *fw;
3882 int len = priv->firmware_length;
3883 if (!(fw = priv->firmware)) {
3884 if (priv->firmware_type == ATMEL_FW_TYPE_NONE) {
3885 if (strlen(priv->firmware_id) == 0) {
3886 printk(KERN_INFO
3887 "%s: card type is unknown: assuming at76c502 firmware is OK.\n",
3888 dev->name);
3889 printk(KERN_INFO
3890 "%s: if not, use the firmware= module parameter.\n",
3891 dev->name);
3892 strcpy(priv->firmware_id, "atmel_at76c502.bin");
3893 }
3894 err = request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev);
3895 if (err != 0) {
3896 printk(KERN_ALERT
3897 "%s: firmware %s is missing, cannot continue.\n",
3898 dev->name, priv->firmware_id);
3899 return err;
3900 }
3901 } else {
3902 int fw_index = 0;
3903 int success = 0;
3904
3905 /* get firmware filename entry based on firmware type ID */
3906 while (fw_table[fw_index].fw_type != priv->firmware_type
3907 && fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE)
3908 fw_index++;
3909
3910 /* construct the actual firmware file name */
3911 if (fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) {
3912 int i;
3913 for (i = 0; firmware_modifier[i]; i++) {
3914 snprintf(priv->firmware_id, 32, "%s%s.%s", fw_table[fw_index].fw_file,
3915 firmware_modifier[i], fw_table[fw_index].fw_file_ext);
3916 priv->firmware_id[31] = '\0';
3917 if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) == 0) {
3918 success = 1;
3919 break;
3920 }
3921 }
3922 }
3923 if (!success) {
3924 printk(KERN_ALERT
3925 "%s: firmware %s is missing, cannot start.\n",
3926 dev->name, priv->firmware_id);
3927 priv->firmware_id[0] = '\0';
3928 return -ENOENT;
3929 }
3930 }
3931
3932 fw = fw_entry->data;
3933 len = fw_entry->size;
3934 }
3935
3936 if (len <= 0x6000) {
3937 atmel_write16(priv->dev, BSR, BSS_IRAM);
3938 atmel_copy_to_card(priv->dev, 0, fw, len);
3939 atmel_set_gcr(priv->dev, GCR_REMAP);
3940 } else {
3941 /* Remap */
3942 atmel_set_gcr(priv->dev, GCR_REMAP);
3943 atmel_write16(priv->dev, BSR, BSS_IRAM);
3944 atmel_copy_to_card(priv->dev, 0, fw, 0x6000);
3945 atmel_write16(priv->dev, BSR, 0x2ff);
3946 atmel_copy_to_card(priv->dev, 0x8000, &fw[0x6000], len - 0x6000);
3947 }
3948
3949 release_firmware(fw_entry);
3950 }
3951
3952 err = atmel_wakeup_firmware(priv);
3953 if (err != 0)
3954 return err;
3955
3956 /* Check the version and set the correct flag for wpa stuff,
3957 old and new firmware is incompatible.
3958 The pre-wpa 3com firmware reports major version 5,
3959 the wpa 3com firmware is major version 4 and doesn't need
3960 the 3com broken-ness filter. */
3961 priv->use_wpa = (priv->host_info.major_version == 4);
3962 priv->radio_on_broken = (priv->host_info.major_version == 5);
3963
3964 /* unmask all irq sources */
3965 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_MASK_OFFSET), 0xff);
3966
3967 /* int Tx system and enable Tx */
3968 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, 0), 0);
3969 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, 0), 0x80000000L);
3970 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, 0), 0);
3971 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, 0), 0);
3972
3973 priv->tx_desc_free = priv->host_info.tx_desc_count;
3974 priv->tx_desc_head = 0;
3975 priv->tx_desc_tail = 0;
3976 priv->tx_desc_previous = 0;
3977 priv->tx_free_mem = priv->host_info.tx_buff_size;
3978 priv->tx_buff_head = 0;
3979 priv->tx_buff_tail = 0;
3980
3981 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
3982 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
3983 configuration | FUNC_CTRL_TxENABLE);
3984
3985 /* init Rx system and enable */
3986 priv->rx_desc_head = 0;
3987
3988 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET));
3989 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET),
3990 configuration | FUNC_CTRL_RxENABLE);
3991
3992 if (!priv->radio_on_broken) {
3993 if (atmel_send_command_wait(priv, CMD_EnableRadio, NULL, 0) ==
3994 CMD_STATUS_REJECTED_RADIO_OFF) {
3995 printk(KERN_INFO "%s: cannot turn the radio on.\n",
3996 dev->name);
3997 return -EIO;
3998 }
3999 }
4000
4001 /* set up enough MIB values to run. */
4002 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_AUTO_TX_RATE_POS, priv->auto_tx_rate);
4003 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_TX_PROMISCUOUS_POS, PROM_MODE_OFF);
4004 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_RTS_THRESHOLD_POS, priv->rts_threshold);
4005 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_FRAG_THRESHOLD_POS, priv->frag_threshold);
4006 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_SHORT_RETRY_POS, priv->short_retry);
4007 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_LONG_RETRY_POS, priv->long_retry);
4008 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, priv->preamble);
4009 atmel_set_mib(priv, Mac_Address_Mib_Type, MAC_ADDR_MIB_MAC_ADDR_POS,
4010 priv->dev->dev_addr, 6);
4011 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE);
4012 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1);
4013 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_BEACON_PER_POS, priv->default_beacon_period);
4014 atmel_set_mib(priv, Phy_Mib_Type, PHY_MIB_RATE_SET_POS, atmel_basic_rates, 4);
4015 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_PRIVACY_POS, priv->wep_is_on);
4016 if (priv->use_wpa)
4017 build_wpa_mib(priv);
4018 else
4019 build_wep_mib(priv);
4020
4021 if (old_state == STATION_STATE_READY) {
4022 union iwreq_data wrqu;
4023
4024 wrqu.data.length = 0;
4025 wrqu.data.flags = 0;
4026 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
4027 eth_zero_addr(wrqu.ap_addr.sa_data);
4028 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
4029 }
4030
4031 return 0;
4032 }
4033
atmel_send_command(struct atmel_private * priv,int command,void * cmd,int cmd_size)4034 static void atmel_send_command(struct atmel_private *priv, int command,
4035 void *cmd, int cmd_size)
4036 {
4037 if (cmd)
4038 atmel_copy_to_card(priv->dev, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET),
4039 cmd, cmd_size);
4040
4041 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET), command);
4042 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET), 0);
4043 }
4044
atmel_send_command_wait(struct atmel_private * priv,int command,void * cmd,int cmd_size)4045 static int atmel_send_command_wait(struct atmel_private *priv, int command,
4046 void *cmd, int cmd_size)
4047 {
4048 int i, status;
4049
4050 atmel_send_command(priv, command, cmd, cmd_size);
4051
4052 for (i = 5000; i; i--) {
4053 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET));
4054 if (status != CMD_STATUS_IDLE &&
4055 status != CMD_STATUS_IN_PROGRESS)
4056 break;
4057 udelay(20);
4058 }
4059
4060 if (i == 0) {
4061 printk(KERN_ALERT "%s: failed to contact MAC.\n", priv->dev->name);
4062 status = CMD_STATUS_HOST_ERROR;
4063 } else {
4064 if (command != CMD_EnableRadio)
4065 status = CMD_STATUS_COMPLETE;
4066 }
4067
4068 return status;
4069 }
4070
atmel_get_mib8(struct atmel_private * priv,u8 type,u8 index)4071 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index)
4072 {
4073 struct get_set_mib m;
4074 m.type = type;
4075 m.size = 1;
4076 m.index = index;
4077
4078 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4079 return atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE));
4080 }
4081
atmel_set_mib8(struct atmel_private * priv,u8 type,u8 index,u8 data)4082 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, u8 data)
4083 {
4084 struct get_set_mib m;
4085 m.type = type;
4086 m.size = 1;
4087 m.index = index;
4088 m.data[0] = data;
4089
4090 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 1);
4091 }
4092
atmel_set_mib16(struct atmel_private * priv,u8 type,u8 index,u16 data)4093 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index,
4094 u16 data)
4095 {
4096 struct get_set_mib m;
4097 m.type = type;
4098 m.size = 2;
4099 m.index = index;
4100 m.data[0] = data;
4101 m.data[1] = data >> 8;
4102
4103 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 2);
4104 }
4105
atmel_set_mib(struct atmel_private * priv,u8 type,u8 index,const u8 * data,int data_len)4106 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index,
4107 const u8 *data, int data_len)
4108 {
4109 struct get_set_mib m;
4110 m.type = type;
4111 m.size = data_len;
4112 m.index = index;
4113
4114 if (data_len > MIB_MAX_DATA_BYTES)
4115 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4116
4117 memcpy(m.data, data, data_len);
4118 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4119 }
4120
atmel_get_mib(struct atmel_private * priv,u8 type,u8 index,u8 * data,int data_len)4121 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index,
4122 u8 *data, int data_len)
4123 {
4124 struct get_set_mib m;
4125 m.type = type;
4126 m.size = data_len;
4127 m.index = index;
4128
4129 if (data_len > MIB_MAX_DATA_BYTES)
4130 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name);
4131
4132 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + data_len);
4133 atmel_copy_to_host(priv->dev, data,
4134 atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE), data_len);
4135 }
4136
atmel_writeAR(struct net_device * dev,u16 data)4137 static void atmel_writeAR(struct net_device *dev, u16 data)
4138 {
4139 int i;
4140 outw(data, dev->base_addr + AR);
4141 /* Address register appears to need some convincing..... */
4142 for (i = 0; data != inw(dev->base_addr + AR) && i < 10; i++)
4143 outw(data, dev->base_addr + AR);
4144 }
4145
atmel_copy_to_card(struct net_device * dev,u16 dest,const unsigned char * src,u16 len)4146 static void atmel_copy_to_card(struct net_device *dev, u16 dest,
4147 const unsigned char *src, u16 len)
4148 {
4149 int i;
4150 atmel_writeAR(dev, dest);
4151 if (dest % 2) {
4152 atmel_write8(dev, DR, *src);
4153 src++; len--;
4154 }
4155 for (i = len; i > 1 ; i -= 2) {
4156 u8 lb = *src++;
4157 u8 hb = *src++;
4158 atmel_write16(dev, DR, lb | (hb << 8));
4159 }
4160 if (i)
4161 atmel_write8(dev, DR, *src);
4162 }
4163
atmel_copy_to_host(struct net_device * dev,unsigned char * dest,u16 src,u16 len)4164 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest,
4165 u16 src, u16 len)
4166 {
4167 int i;
4168 atmel_writeAR(dev, src);
4169 if (src % 2) {
4170 *dest = atmel_read8(dev, DR);
4171 dest++; len--;
4172 }
4173 for (i = len; i > 1 ; i -= 2) {
4174 u16 hw = atmel_read16(dev, DR);
4175 *dest++ = hw;
4176 *dest++ = hw >> 8;
4177 }
4178 if (i)
4179 *dest = atmel_read8(dev, DR);
4180 }
4181
atmel_set_gcr(struct net_device * dev,u16 mask)4182 static void atmel_set_gcr(struct net_device *dev, u16 mask)
4183 {
4184 outw(inw(dev->base_addr + GCR) | mask, dev->base_addr + GCR);
4185 }
4186
atmel_clear_gcr(struct net_device * dev,u16 mask)4187 static void atmel_clear_gcr(struct net_device *dev, u16 mask)
4188 {
4189 outw(inw(dev->base_addr + GCR) & ~mask, dev->base_addr + GCR);
4190 }
4191
atmel_lock_mac(struct atmel_private * priv)4192 static int atmel_lock_mac(struct atmel_private *priv)
4193 {
4194 int i, j = 20;
4195 retry:
4196 for (i = 5000; i; i--) {
4197 if (!atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET)))
4198 break;
4199 udelay(20);
4200 }
4201
4202 if (!i)
4203 return 0; /* timed out */
4204
4205 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 1);
4206 if (atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) {
4207 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0);
4208 if (!j--)
4209 return 0; /* timed out */
4210 goto retry;
4211 }
4212
4213 return 1;
4214 }
4215
atmel_wmem32(struct atmel_private * priv,u16 pos,u32 data)4216 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data)
4217 {
4218 atmel_writeAR(priv->dev, pos);
4219 atmel_write16(priv->dev, DR, data); /* card is little-endian */
4220 atmel_write16(priv->dev, DR, data >> 16);
4221 }
4222
4223 /***************************************************************************/
4224 /* There follows the source form of the MAC address reading firmware */
4225 /***************************************************************************/
4226 #if 0
4227
4228 /* Copyright 2003 Matthew T. Russotto */
4229 /* But derived from the Atmel 76C502 firmware written by Atmel and */
4230 /* included in "atmel wireless lan drivers" package */
4231 /*
4232 This file is part of net.russotto.AtmelMACFW, hereto referred to
4233 as AtmelMACFW
4234
4235 AtmelMACFW is free software; you can redistribute it and/or modify
4236 it under the terms of the GNU General Public License version 2
4237 as published by the Free Software Foundation.
4238
4239 AtmelMACFW is distributed in the hope that it will be useful,
4240 but WITHOUT ANY WARRANTY; without even the implied warranty of
4241 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4242 GNU General Public License for more details.
4243
4244 You should have received a copy of the GNU General Public License
4245 along with AtmelMACFW; if not, see <http://www.gnu.org/licenses/>.
4246
4247 ****************************************************************************/
4248 /* This firmware should work on the 76C502 RFMD, RFMD_D, and RFMD_E */
4249 /* It will probably work on the 76C504 and 76C502 RFMD_3COM */
4250 /* It only works on SPI EEPROM versions of the card. */
4251
4252 /* This firmware initializes the SPI controller and clock, reads the MAC */
4253 /* address from the EEPROM into SRAM, and puts the SRAM offset of the MAC */
4254 /* address in MR2, and sets MR3 to 0x10 to indicate it is done */
4255 /* It also puts a complete copy of the EEPROM in SRAM with the offset in */
4256 /* MR4, for investigational purposes (maybe we can determine chip type */
4257 /* from that?) */
4258
4259 .org 0
4260 .set MRBASE, 0x8000000
4261 .set CPSR_INITIAL, 0xD3 /* IRQ/FIQ disabled, ARM mode, Supervisor state */
4262 .set CPSR_USER, 0xD1 /* IRQ/FIQ disabled, ARM mode, USER state */
4263 .set SRAM_BASE, 0x02000000
4264 .set SP_BASE, 0x0F300000
4265 .set UNK_BASE, 0x0F000000 /* Some internal device, but which one? */
4266 .set SPI_CGEN_BASE, 0x0E000000 /* Some internal device, but which one? */
4267 .set UNK3_BASE, 0x02014000 /* Some internal device, but which one? */
4268 .set STACK_BASE, 0x5600
4269 .set SP_SR, 0x10
4270 .set SP_TDRE, 2 /* status register bit -- TDR empty */
4271 .set SP_RDRF, 1 /* status register bit -- RDR full */
4272 .set SP_SWRST, 0x80
4273 .set SP_SPIEN, 0x1
4274 .set SP_CR, 0 /* control register */
4275 .set SP_MR, 4 /* mode register */
4276 .set SP_RDR, 0x08 /* Read Data Register */
4277 .set SP_TDR, 0x0C /* Transmit Data Register */
4278 .set SP_CSR0, 0x30 /* chip select registers */
4279 .set SP_CSR1, 0x34
4280 .set SP_CSR2, 0x38
4281 .set SP_CSR3, 0x3C
4282 .set NVRAM_CMD_RDSR, 5 /* read status register */
4283 .set NVRAM_CMD_READ, 3 /* read data */
4284 .set NVRAM_SR_RDY, 1 /* RDY bit. This bit is inverted */
4285 .set SPI_8CLOCKS, 0xFF /* Writing this to the TDR doesn't do anything to the
4286 serial output, since SO is normally high. But it
4287 does cause 8 clock cycles and thus 8 bits to be
4288 clocked in to the chip. See Atmel's SPI
4289 controller (e.g. AT91M55800) timing and 4K
4290 SPI EEPROM manuals */
4291
4292 .set NVRAM_SCRATCH, 0x02000100 /* arbitrary area for scratchpad memory */
4293 .set NVRAM_IMAGE, 0x02000200
4294 .set NVRAM_LENGTH, 0x0200
4295 .set MAC_ADDRESS_MIB, SRAM_BASE
4296 .set MAC_ADDRESS_LENGTH, 6
4297 .set MAC_BOOT_FLAG, 0x10
4298 .set MR1, 0
4299 .set MR2, 4
4300 .set MR3, 8
4301 .set MR4, 0xC
4302 RESET_VECTOR:
4303 b RESET_HANDLER
4304 UNDEF_VECTOR:
4305 b HALT1
4306 SWI_VECTOR:
4307 b HALT1
4308 IABORT_VECTOR:
4309 b HALT1
4310 DABORT_VECTOR:
4311 RESERVED_VECTOR:
4312 b HALT1
4313 IRQ_VECTOR:
4314 b HALT1
4315 FIQ_VECTOR:
4316 b HALT1
4317 HALT1: b HALT1
4318 RESET_HANDLER:
4319 mov r0, #CPSR_INITIAL
4320 msr CPSR_c, r0 /* This is probably unnecessary */
4321
4322 /* I'm guessing this is initializing clock generator electronics for SPI */
4323 ldr r0, =SPI_CGEN_BASE
4324 mov r1, #0
4325 mov r1, r1, lsl #3
4326 orr r1, r1, #0
4327 str r1, [r0]
4328 ldr r1, [r0, #28]
4329 bic r1, r1, #16
4330 str r1, [r0, #28]
4331 mov r1, #1
4332 str r1, [r0, #8]
4333
4334 ldr r0, =MRBASE
4335 mov r1, #0
4336 strh r1, [r0, #MR1]
4337 strh r1, [r0, #MR2]
4338 strh r1, [r0, #MR3]
4339 strh r1, [r0, #MR4]
4340
4341 mov sp, #STACK_BASE
4342 bl SP_INIT
4343 mov r0, #10
4344 bl DELAY9
4345 bl GET_MAC_ADDR
4346 bl GET_WHOLE_NVRAM
4347 ldr r0, =MRBASE
4348 ldr r1, =MAC_ADDRESS_MIB
4349 strh r1, [r0, #MR2]
4350 ldr r1, =NVRAM_IMAGE
4351 strh r1, [r0, #MR4]
4352 mov r1, #MAC_BOOT_FLAG
4353 strh r1, [r0, #MR3]
4354 HALT2: b HALT2
4355 .func Get_Whole_NVRAM, GET_WHOLE_NVRAM
4356 GET_WHOLE_NVRAM:
4357 stmdb sp!, {lr}
4358 mov r2, #0 /* 0th bytes of NVRAM */
4359 mov r3, #NVRAM_LENGTH
4360 mov r1, #0 /* not used in routine */
4361 ldr r0, =NVRAM_IMAGE
4362 bl NVRAM_XFER
4363 ldmia sp!, {lr}
4364 bx lr
4365 .endfunc
4366
4367 .func Get_MAC_Addr, GET_MAC_ADDR
4368 GET_MAC_ADDR:
4369 stmdb sp!, {lr}
4370 mov r2, #0x120 /* address of MAC Address within NVRAM */
4371 mov r3, #MAC_ADDRESS_LENGTH
4372 mov r1, #0 /* not used in routine */
4373 ldr r0, =MAC_ADDRESS_MIB
4374 bl NVRAM_XFER
4375 ldmia sp!, {lr}
4376 bx lr
4377 .endfunc
4378 .ltorg
4379 .func Delay9, DELAY9
4380 DELAY9:
4381 adds r0, r0, r0, LSL #3 /* r0 = r0 * 9 */
4382 DELAYLOOP:
4383 beq DELAY9_done
4384 subs r0, r0, #1
4385 b DELAYLOOP
4386 DELAY9_done:
4387 bx lr
4388 .endfunc
4389
4390 .func SP_Init, SP_INIT
4391 SP_INIT:
4392 mov r1, #SP_SWRST
4393 ldr r0, =SP_BASE
4394 str r1, [r0, #SP_CR] /* reset the SPI */
4395 mov r1, #0
4396 str r1, [r0, #SP_CR] /* release SPI from reset state */
4397 mov r1, #SP_SPIEN
4398 str r1, [r0, #SP_MR] /* set the SPI to MASTER mode*/
4399 str r1, [r0, #SP_CR] /* enable the SPI */
4400
4401 /* My guess would be this turns on the SPI clock */
4402 ldr r3, =SPI_CGEN_BASE
4403 ldr r1, [r3, #28]
4404 orr r1, r1, #0x2000
4405 str r1, [r3, #28]
4406
4407 ldr r1, =0x2000c01
4408 str r1, [r0, #SP_CSR0]
4409 ldr r1, =0x2000201
4410 str r1, [r0, #SP_CSR1]
4411 str r1, [r0, #SP_CSR2]
4412 str r1, [r0, #SP_CSR3]
4413 ldr r1, [r0, #SP_SR]
4414 ldr r0, [r0, #SP_RDR]
4415 bx lr
4416 .endfunc
4417 .func NVRAM_Init, NVRAM_INIT
4418 NVRAM_INIT:
4419 ldr r1, =SP_BASE
4420 ldr r0, [r1, #SP_RDR]
4421 mov r0, #NVRAM_CMD_RDSR
4422 str r0, [r1, #SP_TDR]
4423 SP_loop1:
4424 ldr r0, [r1, #SP_SR]
4425 tst r0, #SP_TDRE
4426 beq SP_loop1
4427
4428 mov r0, #SPI_8CLOCKS
4429 str r0, [r1, #SP_TDR]
4430 SP_loop2:
4431 ldr r0, [r1, #SP_SR]
4432 tst r0, #SP_TDRE
4433 beq SP_loop2
4434
4435 ldr r0, [r1, #SP_RDR]
4436 SP_loop3:
4437 ldr r0, [r1, #SP_SR]
4438 tst r0, #SP_RDRF
4439 beq SP_loop3
4440
4441 ldr r0, [r1, #SP_RDR]
4442 and r0, r0, #255
4443 bx lr
4444 .endfunc
4445
4446 .func NVRAM_Xfer, NVRAM_XFER
4447 /* r0 = dest address */
4448 /* r1 = not used */
4449 /* r2 = src address within NVRAM */
4450 /* r3 = length */
4451 NVRAM_XFER:
4452 stmdb sp!, {r4, r5, lr}
4453 mov r5, r0 /* save r0 (dest address) */
4454 mov r4, r3 /* save r3 (length) */
4455 mov r0, r2, LSR #5 /* SPI memories put A8 in the command field */
4456 and r0, r0, #8
4457 add r0, r0, #NVRAM_CMD_READ
4458 ldr r1, =NVRAM_SCRATCH
4459 strb r0, [r1, #0] /* save command in NVRAM_SCRATCH[0] */
4460 strb r2, [r1, #1] /* save low byte of source address in NVRAM_SCRATCH[1] */
4461 _local1:
4462 bl NVRAM_INIT
4463 tst r0, #NVRAM_SR_RDY
4464 bne _local1
4465 mov r0, #20
4466 bl DELAY9
4467 mov r2, r4 /* length */
4468 mov r1, r5 /* dest address */
4469 mov r0, #2 /* bytes to transfer in command */
4470 bl NVRAM_XFER2
4471 ldmia sp!, {r4, r5, lr}
4472 bx lr
4473 .endfunc
4474
4475 .func NVRAM_Xfer2, NVRAM_XFER2
4476 NVRAM_XFER2:
4477 stmdb sp!, {r4, r5, r6, lr}
4478 ldr r4, =SP_BASE
4479 mov r3, #0
4480 cmp r0, #0
4481 bls _local2
4482 ldr r5, =NVRAM_SCRATCH
4483 _local4:
4484 ldrb r6, [r5, r3]
4485 str r6, [r4, #SP_TDR]
4486 _local3:
4487 ldr r6, [r4, #SP_SR]
4488 tst r6, #SP_TDRE
4489 beq _local3
4490 add r3, r3, #1
4491 cmp r3, r0 /* r0 is # of bytes to send out (command+addr) */
4492 blo _local4
4493 _local2:
4494 mov r3, #SPI_8CLOCKS
4495 str r3, [r4, #SP_TDR]
4496 ldr r0, [r4, #SP_RDR]
4497 _local5:
4498 ldr r0, [r4, #SP_SR]
4499 tst r0, #SP_RDRF
4500 beq _local5
4501 ldr r0, [r4, #SP_RDR] /* what's this byte? It's the byte read while writing the TDR -- nonsense, because the NVRAM doesn't read and write at the same time */
4502 mov r0, #0
4503 cmp r2, #0 /* r2 is # of bytes to copy in */
4504 bls _local6
4505 _local7:
4506 ldr r5, [r4, #SP_SR]
4507 tst r5, #SP_TDRE
4508 beq _local7
4509 str r3, [r4, #SP_TDR] /* r3 has SPI_8CLOCKS */
4510 _local8:
4511 ldr r5, [r4, #SP_SR]
4512 tst r5, #SP_RDRF
4513 beq _local8
4514 ldr r5, [r4, #SP_RDR] /* but didn't we read this byte above? */
4515 strb r5, [r1], #1 /* postindexed */
4516 add r0, r0, #1
4517 cmp r0, r2
4518 blo _local7 /* since we don't send another address, the NVRAM must be capable of sequential reads */
4519 _local6:
4520 mov r0, #200
4521 bl DELAY9
4522 ldmia sp!, {r4, r5, r6, lr}
4523 bx lr
4524 #endif
4525