1 /*** -*- linux-c -*- ********************************************************** 2 3 Driver for Atmel at76c502 at76c504 and at76c506 wireless cards. 4 5 Copyright 2000-2001 ATMEL Corporation. 6 Copyright 2003-2004 Simon Kelley. 7 8 This code was developed from version 2.1.1 of the Atmel drivers, 9 released by Atmel corp. under the GPL in December 2002. It also 10 includes code from the Linux aironet drivers (C) Benjamin Reed, 11 and the Linux PCMCIA package, (C) David Hinds and the Linux wireless 12 extensions, (C) Jean Tourrilhes. 13 14 The firmware module for reading the MAC address of the card comes from 15 net.russotto.AtmelMACFW, written by Matthew T. Russotto and copyright 16 by him. net.russotto.AtmelMACFW is used under the GPL license version 2. 17 This file contains the module in binary form and, under the terms 18 of the GPL, in source form. The source is located at the end of the file. 19 20 This program is free software; you can redistribute it and/or modify 21 it under the terms of the GNU General Public License as published by 22 the Free Software Foundation; either version 2 of the License, or 23 (at your option) any later version. 24 25 This software is distributed in the hope that it will be useful, 26 but WITHOUT ANY WARRANTY; without even the implied warranty of 27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 28 GNU General Public License for more details. 29 30 You should have received a copy of the GNU General Public License 31 along with Atmel wireless lan drivers; if not, see 32 <http://www.gnu.org/licenses/>. 33 34 For all queries about this code, please contact the current author, 35 Simon Kelley <simon@thekelleys.org.uk> and not Atmel Corporation. 36 37 Credit is due to HP UK and Cambridge Online Systems Ltd for supplying 38 hardware used during development of this driver. 39 40 ******************************************************************************/ 41 42 #include <linux/interrupt.h> 43 44 #include <linux/kernel.h> 45 #include <linux/ptrace.h> 46 #include <linux/slab.h> 47 #include <linux/string.h> 48 #include <linux/timer.h> 49 #include <asm/byteorder.h> 50 #include <asm/io.h> 51 #include <linux/uaccess.h> 52 #include <linux/module.h> 53 #include <linux/netdevice.h> 54 #include <linux/etherdevice.h> 55 #include <linux/skbuff.h> 56 #include <linux/if_arp.h> 57 #include <linux/ioport.h> 58 #include <linux/fcntl.h> 59 #include <linux/delay.h> 60 #include <linux/wireless.h> 61 #include <net/iw_handler.h> 62 #include <linux/crc32.h> 63 #include <linux/proc_fs.h> 64 #include <linux/seq_file.h> 65 #include <linux/device.h> 66 #include <linux/moduleparam.h> 67 #include <linux/firmware.h> 68 #include <linux/jiffies.h> 69 #include <net/cfg80211.h> 70 #include "atmel.h" 71 72 #define DRIVER_MAJOR 0 73 #define DRIVER_MINOR 98 74 75 MODULE_AUTHOR("Simon Kelley"); 76 MODULE_DESCRIPTION("Support for Atmel at76c50x 802.11 wireless ethernet cards."); 77 MODULE_LICENSE("GPL"); 78 MODULE_SUPPORTED_DEVICE("Atmel at76c50x wireless cards"); 79 80 /* The name of the firmware file to be loaded 81 over-rides any automatic selection */ 82 static char *firmware = NULL; 83 module_param(firmware, charp, 0); 84 85 /* table of firmware file names */ 86 static struct { 87 AtmelFWType fw_type; 88 const char *fw_file; 89 const char *fw_file_ext; 90 } fw_table[] = { 91 { ATMEL_FW_TYPE_502, "atmel_at76c502", "bin" }, 92 { ATMEL_FW_TYPE_502D, "atmel_at76c502d", "bin" }, 93 { ATMEL_FW_TYPE_502E, "atmel_at76c502e", "bin" }, 94 { ATMEL_FW_TYPE_502_3COM, "atmel_at76c502_3com", "bin" }, 95 { ATMEL_FW_TYPE_504, "atmel_at76c504", "bin" }, 96 { ATMEL_FW_TYPE_504_2958, "atmel_at76c504_2958", "bin" }, 97 { ATMEL_FW_TYPE_504A_2958, "atmel_at76c504a_2958", "bin" }, 98 { ATMEL_FW_TYPE_506, "atmel_at76c506", "bin" }, 99 { ATMEL_FW_TYPE_NONE, NULL, NULL } 100 }; 101 MODULE_FIRMWARE("atmel_at76c502-wpa.bin"); 102 MODULE_FIRMWARE("atmel_at76c502.bin"); 103 MODULE_FIRMWARE("atmel_at76c502d-wpa.bin"); 104 MODULE_FIRMWARE("atmel_at76c502d.bin"); 105 MODULE_FIRMWARE("atmel_at76c502e-wpa.bin"); 106 MODULE_FIRMWARE("atmel_at76c502e.bin"); 107 MODULE_FIRMWARE("atmel_at76c502_3com-wpa.bin"); 108 MODULE_FIRMWARE("atmel_at76c502_3com.bin"); 109 MODULE_FIRMWARE("atmel_at76c504-wpa.bin"); 110 MODULE_FIRMWARE("atmel_at76c504.bin"); 111 MODULE_FIRMWARE("atmel_at76c504_2958-wpa.bin"); 112 MODULE_FIRMWARE("atmel_at76c504_2958.bin"); 113 MODULE_FIRMWARE("atmel_at76c504a_2958-wpa.bin"); 114 MODULE_FIRMWARE("atmel_at76c504a_2958.bin"); 115 MODULE_FIRMWARE("atmel_at76c506-wpa.bin"); 116 MODULE_FIRMWARE("atmel_at76c506.bin"); 117 118 #define MAX_SSID_LENGTH 32 119 #define MGMT_JIFFIES (256 * HZ / 100) 120 121 #define MAX_BSS_ENTRIES 64 122 123 /* registers */ 124 #define GCR 0x00 /* (SIR0) General Configuration Register */ 125 #define BSR 0x02 /* (SIR1) Bank Switching Select Register */ 126 #define AR 0x04 127 #define DR 0x08 128 #define MR1 0x12 /* Mirror Register 1 */ 129 #define MR2 0x14 /* Mirror Register 2 */ 130 #define MR3 0x16 /* Mirror Register 3 */ 131 #define MR4 0x18 /* Mirror Register 4 */ 132 133 #define GPR1 0x0c 134 #define GPR2 0x0e 135 #define GPR3 0x10 136 /* 137 * Constants for the GCR register. 138 */ 139 #define GCR_REMAP 0x0400 /* Remap internal SRAM to 0 */ 140 #define GCR_SWRES 0x0080 /* BIU reset (ARM and PAI are NOT reset) */ 141 #define GCR_CORES 0x0060 /* Core Reset (ARM and PAI are reset) */ 142 #define GCR_ENINT 0x0002 /* Enable Interrupts */ 143 #define GCR_ACKINT 0x0008 /* Acknowledge Interrupts */ 144 145 #define BSS_SRAM 0x0200 /* AMBA module selection --> SRAM */ 146 #define BSS_IRAM 0x0100 /* AMBA module selection --> IRAM */ 147 /* 148 *Constants for the MR registers. 149 */ 150 #define MAC_INIT_COMPLETE 0x0001 /* MAC init has been completed */ 151 #define MAC_BOOT_COMPLETE 0x0010 /* MAC boot has been completed */ 152 #define MAC_INIT_OK 0x0002 /* MAC boot has been completed */ 153 154 #define MIB_MAX_DATA_BYTES 212 155 #define MIB_HEADER_SIZE 4 /* first four fields */ 156 157 struct get_set_mib { 158 u8 type; 159 u8 size; 160 u8 index; 161 u8 reserved; 162 u8 data[MIB_MAX_DATA_BYTES]; 163 }; 164 165 struct rx_desc { 166 u32 Next; 167 u16 MsduPos; 168 u16 MsduSize; 169 170 u8 State; 171 u8 Status; 172 u8 Rate; 173 u8 Rssi; 174 u8 LinkQuality; 175 u8 PreambleType; 176 u16 Duration; 177 u32 RxTime; 178 }; 179 180 #define RX_DESC_FLAG_VALID 0x80 181 #define RX_DESC_FLAG_CONSUMED 0x40 182 #define RX_DESC_FLAG_IDLE 0x00 183 184 #define RX_STATUS_SUCCESS 0x00 185 186 #define RX_DESC_MSDU_POS_OFFSET 4 187 #define RX_DESC_MSDU_SIZE_OFFSET 6 188 #define RX_DESC_FLAGS_OFFSET 8 189 #define RX_DESC_STATUS_OFFSET 9 190 #define RX_DESC_RSSI_OFFSET 11 191 #define RX_DESC_LINK_QUALITY_OFFSET 12 192 #define RX_DESC_PREAMBLE_TYPE_OFFSET 13 193 #define RX_DESC_DURATION_OFFSET 14 194 #define RX_DESC_RX_TIME_OFFSET 16 195 196 struct tx_desc { 197 u32 NextDescriptor; 198 u16 TxStartOfFrame; 199 u16 TxLength; 200 201 u8 TxState; 202 u8 TxStatus; 203 u8 RetryCount; 204 205 u8 TxRate; 206 207 u8 KeyIndex; 208 u8 ChiperType; 209 u8 ChipreLength; 210 u8 Reserved1; 211 212 u8 Reserved; 213 u8 PacketType; 214 u16 HostTxLength; 215 }; 216 217 #define TX_DESC_NEXT_OFFSET 0 218 #define TX_DESC_POS_OFFSET 4 219 #define TX_DESC_SIZE_OFFSET 6 220 #define TX_DESC_FLAGS_OFFSET 8 221 #define TX_DESC_STATUS_OFFSET 9 222 #define TX_DESC_RETRY_OFFSET 10 223 #define TX_DESC_RATE_OFFSET 11 224 #define TX_DESC_KEY_INDEX_OFFSET 12 225 #define TX_DESC_CIPHER_TYPE_OFFSET 13 226 #define TX_DESC_CIPHER_LENGTH_OFFSET 14 227 #define TX_DESC_PACKET_TYPE_OFFSET 17 228 #define TX_DESC_HOST_LENGTH_OFFSET 18 229 230 /* 231 * Host-MAC interface 232 */ 233 234 #define TX_STATUS_SUCCESS 0x00 235 236 #define TX_FIRM_OWN 0x80 237 #define TX_DONE 0x40 238 239 #define TX_ERROR 0x01 240 241 #define TX_PACKET_TYPE_DATA 0x01 242 #define TX_PACKET_TYPE_MGMT 0x02 243 244 #define ISR_EMPTY 0x00 /* no bits set in ISR */ 245 #define ISR_TxCOMPLETE 0x01 /* packet transmitted */ 246 #define ISR_RxCOMPLETE 0x02 /* packet received */ 247 #define ISR_RxFRAMELOST 0x04 /* Rx Frame lost */ 248 #define ISR_FATAL_ERROR 0x08 /* Fatal error */ 249 #define ISR_COMMAND_COMPLETE 0x10 /* command completed */ 250 #define ISR_OUT_OF_RANGE 0x20 /* command completed */ 251 #define ISR_IBSS_MERGE 0x40 /* (4.1.2.30): IBSS merge */ 252 #define ISR_GENERIC_IRQ 0x80 253 254 #define Local_Mib_Type 0x01 255 #define Mac_Address_Mib_Type 0x02 256 #define Mac_Mib_Type 0x03 257 #define Statistics_Mib_Type 0x04 258 #define Mac_Mgmt_Mib_Type 0x05 259 #define Mac_Wep_Mib_Type 0x06 260 #define Phy_Mib_Type 0x07 261 #define Multi_Domain_MIB 0x08 262 263 #define MAC_MGMT_MIB_CUR_BSSID_POS 14 264 #define MAC_MIB_FRAG_THRESHOLD_POS 8 265 #define MAC_MIB_RTS_THRESHOLD_POS 10 266 #define MAC_MIB_SHORT_RETRY_POS 16 267 #define MAC_MIB_LONG_RETRY_POS 17 268 #define MAC_MIB_SHORT_RETRY_LIMIT_POS 16 269 #define MAC_MGMT_MIB_BEACON_PER_POS 0 270 #define MAC_MGMT_MIB_STATION_ID_POS 6 271 #define MAC_MGMT_MIB_CUR_PRIVACY_POS 11 272 #define MAC_MGMT_MIB_CUR_BSSID_POS 14 273 #define MAC_MGMT_MIB_PS_MODE_POS 53 274 #define MAC_MGMT_MIB_LISTEN_INTERVAL_POS 54 275 #define MAC_MGMT_MIB_MULTI_DOMAIN_IMPLEMENTED 56 276 #define MAC_MGMT_MIB_MULTI_DOMAIN_ENABLED 57 277 #define PHY_MIB_CHANNEL_POS 14 278 #define PHY_MIB_RATE_SET_POS 20 279 #define PHY_MIB_REG_DOMAIN_POS 26 280 #define LOCAL_MIB_AUTO_TX_RATE_POS 3 281 #define LOCAL_MIB_SSID_SIZE 5 282 #define LOCAL_MIB_TX_PROMISCUOUS_POS 6 283 #define LOCAL_MIB_TX_MGMT_RATE_POS 7 284 #define LOCAL_MIB_TX_CONTROL_RATE_POS 8 285 #define LOCAL_MIB_PREAMBLE_TYPE 9 286 #define MAC_ADDR_MIB_MAC_ADDR_POS 0 287 288 #define CMD_Set_MIB_Vars 0x01 289 #define CMD_Get_MIB_Vars 0x02 290 #define CMD_Scan 0x03 291 #define CMD_Join 0x04 292 #define CMD_Start 0x05 293 #define CMD_EnableRadio 0x06 294 #define CMD_DisableRadio 0x07 295 #define CMD_SiteSurvey 0x0B 296 297 #define CMD_STATUS_IDLE 0x00 298 #define CMD_STATUS_COMPLETE 0x01 299 #define CMD_STATUS_UNKNOWN 0x02 300 #define CMD_STATUS_INVALID_PARAMETER 0x03 301 #define CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04 302 #define CMD_STATUS_TIME_OUT 0x07 303 #define CMD_STATUS_IN_PROGRESS 0x08 304 #define CMD_STATUS_REJECTED_RADIO_OFF 0x09 305 #define CMD_STATUS_HOST_ERROR 0xFF 306 #define CMD_STATUS_BUSY 0xFE 307 308 #define CMD_BLOCK_COMMAND_OFFSET 0 309 #define CMD_BLOCK_STATUS_OFFSET 1 310 #define CMD_BLOCK_PARAMETERS_OFFSET 4 311 312 #define SCAN_OPTIONS_SITE_SURVEY 0x80 313 314 #define MGMT_FRAME_BODY_OFFSET 24 315 #define MAX_AUTHENTICATION_RETRIES 3 316 #define MAX_ASSOCIATION_RETRIES 3 317 318 #define AUTHENTICATION_RESPONSE_TIME_OUT 1000 319 320 #define MAX_WIRELESS_BODY 2316 /* mtu is 2312, CRC is 4 */ 321 #define LOOP_RETRY_LIMIT 500000 322 323 #define ACTIVE_MODE 1 324 #define PS_MODE 2 325 326 #define MAX_ENCRYPTION_KEYS 4 327 #define MAX_ENCRYPTION_KEY_SIZE 40 328 329 /* 330 * 802.11 related definitions 331 */ 332 333 /* 334 * Regulatory Domains 335 */ 336 337 #define REG_DOMAIN_FCC 0x10 /* Channels 1-11 USA */ 338 #define REG_DOMAIN_DOC 0x20 /* Channel 1-11 Canada */ 339 #define REG_DOMAIN_ETSI 0x30 /* Channel 1-13 Europe (ex Spain/France) */ 340 #define REG_DOMAIN_SPAIN 0x31 /* Channel 10-11 Spain */ 341 #define REG_DOMAIN_FRANCE 0x32 /* Channel 10-13 France */ 342 #define REG_DOMAIN_MKK 0x40 /* Channel 14 Japan */ 343 #define REG_DOMAIN_MKK1 0x41 /* Channel 1-14 Japan(MKK1) */ 344 #define REG_DOMAIN_ISRAEL 0x50 /* Channel 3-9 ISRAEL */ 345 346 #define BSS_TYPE_AD_HOC 1 347 #define BSS_TYPE_INFRASTRUCTURE 2 348 349 #define SCAN_TYPE_ACTIVE 0 350 #define SCAN_TYPE_PASSIVE 1 351 352 #define LONG_PREAMBLE 0 353 #define SHORT_PREAMBLE 1 354 #define AUTO_PREAMBLE 2 355 356 #define DATA_FRAME_WS_HEADER_SIZE 30 357 358 /* promiscuous mode control */ 359 #define PROM_MODE_OFF 0x0 360 #define PROM_MODE_UNKNOWN 0x1 361 #define PROM_MODE_CRC_FAILED 0x2 362 #define PROM_MODE_DUPLICATED 0x4 363 #define PROM_MODE_MGMT 0x8 364 #define PROM_MODE_CTRL 0x10 365 #define PROM_MODE_BAD_PROTOCOL 0x20 366 367 #define IFACE_INT_STATUS_OFFSET 0 368 #define IFACE_INT_MASK_OFFSET 1 369 #define IFACE_LOCKOUT_HOST_OFFSET 2 370 #define IFACE_LOCKOUT_MAC_OFFSET 3 371 #define IFACE_FUNC_CTRL_OFFSET 28 372 #define IFACE_MAC_STAT_OFFSET 30 373 #define IFACE_GENERIC_INT_TYPE_OFFSET 32 374 375 #define CIPHER_SUITE_NONE 0 376 #define CIPHER_SUITE_WEP_64 1 377 #define CIPHER_SUITE_TKIP 2 378 #define CIPHER_SUITE_AES 3 379 #define CIPHER_SUITE_CCX 4 380 #define CIPHER_SUITE_WEP_128 5 381 382 /* 383 * IFACE MACROS & definitions 384 */ 385 386 /* 387 * FuncCtrl field: 388 */ 389 #define FUNC_CTRL_TxENABLE 0x10 390 #define FUNC_CTRL_RxENABLE 0x20 391 #define FUNC_CTRL_INIT_COMPLETE 0x01 392 393 /* A stub firmware image which reads the MAC address from NVRAM on the card. 394 For copyright information and source see the end of this file. */ 395 static u8 mac_reader[] = { 396 0x06, 0x00, 0x00, 0xea, 0x04, 0x00, 0x00, 0xea, 0x03, 0x00, 0x00, 0xea, 0x02, 0x00, 0x00, 0xea, 397 0x01, 0x00, 0x00, 0xea, 0x00, 0x00, 0x00, 0xea, 0xff, 0xff, 0xff, 0xea, 0xfe, 0xff, 0xff, 0xea, 398 0xd3, 0x00, 0xa0, 0xe3, 0x00, 0xf0, 0x21, 0xe1, 0x0e, 0x04, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 399 0x81, 0x11, 0xa0, 0xe1, 0x00, 0x10, 0x81, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x1c, 0x10, 0x90, 0xe5, 400 0x10, 0x10, 0xc1, 0xe3, 0x1c, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 0x08, 0x10, 0x80, 0xe5, 401 0x02, 0x03, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 0xb0, 0x10, 0xc0, 0xe1, 0xb4, 0x10, 0xc0, 0xe1, 402 0xb8, 0x10, 0xc0, 0xe1, 0xbc, 0x10, 0xc0, 0xe1, 0x56, 0xdc, 0xa0, 0xe3, 0x21, 0x00, 0x00, 0xeb, 403 0x0a, 0x00, 0xa0, 0xe3, 0x1a, 0x00, 0x00, 0xeb, 0x10, 0x00, 0x00, 0xeb, 0x07, 0x00, 0x00, 0xeb, 404 0x02, 0x03, 0xa0, 0xe3, 0x02, 0x14, 0xa0, 0xe3, 0xb4, 0x10, 0xc0, 0xe1, 0x4c, 0x10, 0x9f, 0xe5, 405 0xbc, 0x10, 0xc0, 0xe1, 0x10, 0x10, 0xa0, 0xe3, 0xb8, 0x10, 0xc0, 0xe1, 0xfe, 0xff, 0xff, 0xea, 406 0x00, 0x40, 0x2d, 0xe9, 0x00, 0x20, 0xa0, 0xe3, 0x02, 0x3c, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 407 0x28, 0x00, 0x9f, 0xe5, 0x37, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 408 0x00, 0x40, 0x2d, 0xe9, 0x12, 0x2e, 0xa0, 0xe3, 0x06, 0x30, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 409 0x02, 0x04, 0xa0, 0xe3, 0x2f, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 410 0x00, 0x02, 0x00, 0x02, 0x80, 0x01, 0x90, 0xe0, 0x01, 0x00, 0x00, 0x0a, 0x01, 0x00, 0x50, 0xe2, 411 0xfc, 0xff, 0xff, 0xea, 0x1e, 0xff, 0x2f, 0xe1, 0x80, 0x10, 0xa0, 0xe3, 0xf3, 0x06, 0xa0, 0xe3, 412 0x00, 0x10, 0x80, 0xe5, 0x00, 0x10, 0xa0, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 413 0x04, 0x10, 0x80, 0xe5, 0x00, 0x10, 0x80, 0xe5, 0x0e, 0x34, 0xa0, 0xe3, 0x1c, 0x10, 0x93, 0xe5, 414 0x02, 0x1a, 0x81, 0xe3, 0x1c, 0x10, 0x83, 0xe5, 0x58, 0x11, 0x9f, 0xe5, 0x30, 0x10, 0x80, 0xe5, 415 0x54, 0x11, 0x9f, 0xe5, 0x34, 0x10, 0x80, 0xe5, 0x38, 0x10, 0x80, 0xe5, 0x3c, 0x10, 0x80, 0xe5, 416 0x10, 0x10, 0x90, 0xe5, 0x08, 0x00, 0x90, 0xe5, 0x1e, 0xff, 0x2f, 0xe1, 0xf3, 0x16, 0xa0, 0xe3, 417 0x08, 0x00, 0x91, 0xe5, 0x05, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 0x10, 0x00, 0x91, 0xe5, 418 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0xff, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 419 0x10, 0x00, 0x91, 0xe5, 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5, 420 0x10, 0x00, 0x91, 0xe5, 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5, 421 0xff, 0x00, 0x00, 0xe2, 0x1e, 0xff, 0x2f, 0xe1, 0x30, 0x40, 0x2d, 0xe9, 0x00, 0x50, 0xa0, 0xe1, 422 0x03, 0x40, 0xa0, 0xe1, 0xa2, 0x02, 0xa0, 0xe1, 0x08, 0x00, 0x00, 0xe2, 0x03, 0x00, 0x80, 0xe2, 423 0xd8, 0x10, 0x9f, 0xe5, 0x00, 0x00, 0xc1, 0xe5, 0x01, 0x20, 0xc1, 0xe5, 0xe2, 0xff, 0xff, 0xeb, 424 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x1a, 0x14, 0x00, 0xa0, 0xe3, 0xc4, 0xff, 0xff, 0xeb, 425 0x04, 0x20, 0xa0, 0xe1, 0x05, 0x10, 0xa0, 0xe1, 0x02, 0x00, 0xa0, 0xe3, 0x01, 0x00, 0x00, 0xeb, 426 0x30, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x70, 0x40, 0x2d, 0xe9, 0xf3, 0x46, 0xa0, 0xe3, 427 0x00, 0x30, 0xa0, 0xe3, 0x00, 0x00, 0x50, 0xe3, 0x08, 0x00, 0x00, 0x9a, 0x8c, 0x50, 0x9f, 0xe5, 428 0x03, 0x60, 0xd5, 0xe7, 0x0c, 0x60, 0x84, 0xe5, 0x10, 0x60, 0x94, 0xe5, 0x02, 0x00, 0x16, 0xe3, 429 0xfc, 0xff, 0xff, 0x0a, 0x01, 0x30, 0x83, 0xe2, 0x00, 0x00, 0x53, 0xe1, 0xf7, 0xff, 0xff, 0x3a, 430 0xff, 0x30, 0xa0, 0xe3, 0x0c, 0x30, 0x84, 0xe5, 0x08, 0x00, 0x94, 0xe5, 0x10, 0x00, 0x94, 0xe5, 431 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x94, 0xe5, 0x00, 0x00, 0xa0, 0xe3, 432 0x00, 0x00, 0x52, 0xe3, 0x0b, 0x00, 0x00, 0x9a, 0x10, 0x50, 0x94, 0xe5, 0x02, 0x00, 0x15, 0xe3, 433 0xfc, 0xff, 0xff, 0x0a, 0x0c, 0x30, 0x84, 0xe5, 0x10, 0x50, 0x94, 0xe5, 0x01, 0x00, 0x15, 0xe3, 434 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x50, 0x94, 0xe5, 0x01, 0x50, 0xc1, 0xe4, 0x01, 0x00, 0x80, 0xe2, 435 0x02, 0x00, 0x50, 0xe1, 0xf3, 0xff, 0xff, 0x3a, 0xc8, 0x00, 0xa0, 0xe3, 0x98, 0xff, 0xff, 0xeb, 436 0x70, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x01, 0x0c, 0x00, 0x02, 0x01, 0x02, 0x00, 0x02, 437 0x00, 0x01, 0x00, 0x02 438 }; 439 440 struct atmel_private { 441 void *card; /* Bus dependent structure varies for PCcard */ 442 int (*present_callback)(void *); /* And callback which uses it */ 443 char firmware_id[32]; 444 AtmelFWType firmware_type; 445 u8 *firmware; 446 int firmware_length; 447 struct timer_list management_timer; 448 struct net_device *dev; 449 struct device *sys_dev; 450 struct iw_statistics wstats; 451 spinlock_t irqlock, timerlock; /* spinlocks */ 452 enum { BUS_TYPE_PCCARD, BUS_TYPE_PCI } bus_type; 453 enum { 454 CARD_TYPE_PARALLEL_FLASH, 455 CARD_TYPE_SPI_FLASH, 456 CARD_TYPE_EEPROM 457 } card_type; 458 int do_rx_crc; /* If we need to CRC incoming packets */ 459 int probe_crc; /* set if we don't yet know */ 460 int crc_ok_cnt, crc_ko_cnt; /* counters for probing */ 461 u16 rx_desc_head; 462 u16 tx_desc_free, tx_desc_head, tx_desc_tail, tx_desc_previous; 463 u16 tx_free_mem, tx_buff_head, tx_buff_tail; 464 465 u16 frag_seq, frag_len, frag_no; 466 u8 frag_source[6]; 467 468 u8 wep_is_on, default_key, exclude_unencrypted, encryption_level; 469 u8 group_cipher_suite, pairwise_cipher_suite; 470 u8 wep_keys[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE]; 471 int wep_key_len[MAX_ENCRYPTION_KEYS]; 472 int use_wpa, radio_on_broken; /* firmware dependent stuff. */ 473 474 u16 host_info_base; 475 struct host_info_struct { 476 /* NB this is matched to the hardware, don't change. */ 477 u8 volatile int_status; 478 u8 volatile int_mask; 479 u8 volatile lockout_host; 480 u8 volatile lockout_mac; 481 482 u16 tx_buff_pos; 483 u16 tx_buff_size; 484 u16 tx_desc_pos; 485 u16 tx_desc_count; 486 487 u16 rx_buff_pos; 488 u16 rx_buff_size; 489 u16 rx_desc_pos; 490 u16 rx_desc_count; 491 492 u16 build_version; 493 u16 command_pos; 494 495 u16 major_version; 496 u16 minor_version; 497 498 u16 func_ctrl; 499 u16 mac_status; 500 u16 generic_IRQ_type; 501 u8 reserved[2]; 502 } host_info; 503 504 enum { 505 STATION_STATE_SCANNING, 506 STATION_STATE_JOINNING, 507 STATION_STATE_AUTHENTICATING, 508 STATION_STATE_ASSOCIATING, 509 STATION_STATE_READY, 510 STATION_STATE_REASSOCIATING, 511 STATION_STATE_DOWN, 512 STATION_STATE_MGMT_ERROR 513 } station_state; 514 515 int operating_mode, power_mode; 516 unsigned long last_qual; 517 int beacons_this_sec; 518 int channel; 519 int reg_domain, config_reg_domain; 520 int tx_rate; 521 int auto_tx_rate; 522 int rts_threshold; 523 int frag_threshold; 524 int long_retry, short_retry; 525 int preamble; 526 int default_beacon_period, beacon_period, listen_interval; 527 int CurrentAuthentTransactionSeqNum, ExpectedAuthentTransactionSeqNum; 528 int AuthenticationRequestRetryCnt, AssociationRequestRetryCnt, ReAssociationRequestRetryCnt; 529 enum { 530 SITE_SURVEY_IDLE, 531 SITE_SURVEY_IN_PROGRESS, 532 SITE_SURVEY_COMPLETED 533 } site_survey_state; 534 unsigned long last_survey; 535 536 int station_was_associated, station_is_associated; 537 int fast_scan; 538 539 struct bss_info { 540 int channel; 541 int SSIDsize; 542 int RSSI; 543 int UsingWEP; 544 int preamble; 545 int beacon_period; 546 int BSStype; 547 u8 BSSID[6]; 548 u8 SSID[MAX_SSID_LENGTH]; 549 } BSSinfo[MAX_BSS_ENTRIES]; 550 int BSS_list_entries, current_BSS; 551 int connect_to_any_BSS; 552 int SSID_size, new_SSID_size; 553 u8 CurrentBSSID[6], BSSID[6]; 554 u8 SSID[MAX_SSID_LENGTH], new_SSID[MAX_SSID_LENGTH]; 555 u64 last_beacon_timestamp; 556 u8 rx_buf[MAX_WIRELESS_BODY]; 557 }; 558 559 static u8 atmel_basic_rates[4] = {0x82, 0x84, 0x0b, 0x16}; 560 561 static const struct { 562 int reg_domain; 563 int min, max; 564 char *name; 565 } channel_table[] = { { REG_DOMAIN_FCC, 1, 11, "USA" }, 566 { REG_DOMAIN_DOC, 1, 11, "Canada" }, 567 { REG_DOMAIN_ETSI, 1, 13, "Europe" }, 568 { REG_DOMAIN_SPAIN, 10, 11, "Spain" }, 569 { REG_DOMAIN_FRANCE, 10, 13, "France" }, 570 { REG_DOMAIN_MKK, 14, 14, "MKK" }, 571 { REG_DOMAIN_MKK1, 1, 14, "MKK1" }, 572 { REG_DOMAIN_ISRAEL, 3, 9, "Israel"} }; 573 574 static void build_wpa_mib(struct atmel_private *priv); 575 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd); 576 static void atmel_copy_to_card(struct net_device *dev, u16 dest, 577 const unsigned char *src, u16 len); 578 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest, 579 u16 src, u16 len); 580 static void atmel_set_gcr(struct net_device *dev, u16 mask); 581 static void atmel_clear_gcr(struct net_device *dev, u16 mask); 582 static int atmel_lock_mac(struct atmel_private *priv); 583 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data); 584 static void atmel_command_irq(struct atmel_private *priv); 585 static int atmel_validate_channel(struct atmel_private *priv, int channel); 586 static void atmel_management_frame(struct atmel_private *priv, 587 struct ieee80211_hdr *header, 588 u16 frame_len, u8 rssi); 589 static void atmel_management_timer(u_long a); 590 static void atmel_send_command(struct atmel_private *priv, int command, 591 void *cmd, int cmd_size); 592 static int atmel_send_command_wait(struct atmel_private *priv, int command, 593 void *cmd, int cmd_size); 594 static void atmel_transmit_management_frame(struct atmel_private *priv, 595 struct ieee80211_hdr *header, 596 u8 *body, int body_len); 597 598 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index); 599 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, 600 u8 data); 601 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index, 602 u16 data); 603 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index, 604 u8 *data, int data_len); 605 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index, 606 u8 *data, int data_len); 607 static void atmel_scan(struct atmel_private *priv, int specific_ssid); 608 static void atmel_join_bss(struct atmel_private *priv, int bss_index); 609 static void atmel_smooth_qual(struct atmel_private *priv); 610 static void atmel_writeAR(struct net_device *dev, u16 data); 611 static int probe_atmel_card(struct net_device *dev); 612 static int reset_atmel_card(struct net_device *dev); 613 static void atmel_enter_state(struct atmel_private *priv, int new_state); 614 int atmel_open (struct net_device *dev); 615 616 static inline u16 atmel_hi(struct atmel_private *priv, u16 offset) 617 { 618 return priv->host_info_base + offset; 619 } 620 621 static inline u16 atmel_co(struct atmel_private *priv, u16 offset) 622 { 623 return priv->host_info.command_pos + offset; 624 } 625 626 static inline u16 atmel_rx(struct atmel_private *priv, u16 offset, u16 desc) 627 { 628 return priv->host_info.rx_desc_pos + (sizeof(struct rx_desc) * desc) + offset; 629 } 630 631 static inline u16 atmel_tx(struct atmel_private *priv, u16 offset, u16 desc) 632 { 633 return priv->host_info.tx_desc_pos + (sizeof(struct tx_desc) * desc) + offset; 634 } 635 636 static inline u8 atmel_read8(struct net_device *dev, u16 offset) 637 { 638 return inb(dev->base_addr + offset); 639 } 640 641 static inline void atmel_write8(struct net_device *dev, u16 offset, u8 data) 642 { 643 outb(data, dev->base_addr + offset); 644 } 645 646 static inline u16 atmel_read16(struct net_device *dev, u16 offset) 647 { 648 return inw(dev->base_addr + offset); 649 } 650 651 static inline void atmel_write16(struct net_device *dev, u16 offset, u16 data) 652 { 653 outw(data, dev->base_addr + offset); 654 } 655 656 static inline u8 atmel_rmem8(struct atmel_private *priv, u16 pos) 657 { 658 atmel_writeAR(priv->dev, pos); 659 return atmel_read8(priv->dev, DR); 660 } 661 662 static inline void atmel_wmem8(struct atmel_private *priv, u16 pos, u16 data) 663 { 664 atmel_writeAR(priv->dev, pos); 665 atmel_write8(priv->dev, DR, data); 666 } 667 668 static inline u16 atmel_rmem16(struct atmel_private *priv, u16 pos) 669 { 670 atmel_writeAR(priv->dev, pos); 671 return atmel_read16(priv->dev, DR); 672 } 673 674 static inline void atmel_wmem16(struct atmel_private *priv, u16 pos, u16 data) 675 { 676 atmel_writeAR(priv->dev, pos); 677 atmel_write16(priv->dev, DR, data); 678 } 679 680 static const struct iw_handler_def atmel_handler_def; 681 682 static void tx_done_irq(struct atmel_private *priv) 683 { 684 int i; 685 686 for (i = 0; 687 atmel_rmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head)) == TX_DONE && 688 i < priv->host_info.tx_desc_count; 689 i++) { 690 u8 status = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_STATUS_OFFSET, priv->tx_desc_head)); 691 u16 msdu_size = atmel_rmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_head)); 692 u8 type = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_head)); 693 694 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head), 0); 695 696 priv->tx_free_mem += msdu_size; 697 priv->tx_desc_free++; 698 699 if (priv->tx_buff_head + msdu_size > (priv->host_info.tx_buff_pos + priv->host_info.tx_buff_size)) 700 priv->tx_buff_head = 0; 701 else 702 priv->tx_buff_head += msdu_size; 703 704 if (priv->tx_desc_head < (priv->host_info.tx_desc_count - 1)) 705 priv->tx_desc_head++ ; 706 else 707 priv->tx_desc_head = 0; 708 709 if (type == TX_PACKET_TYPE_DATA) { 710 if (status == TX_STATUS_SUCCESS) 711 priv->dev->stats.tx_packets++; 712 else 713 priv->dev->stats.tx_errors++; 714 netif_wake_queue(priv->dev); 715 } 716 } 717 } 718 719 static u16 find_tx_buff(struct atmel_private *priv, u16 len) 720 { 721 u16 bottom_free = priv->host_info.tx_buff_size - priv->tx_buff_tail; 722 723 if (priv->tx_desc_free == 3 || priv->tx_free_mem < len) 724 return 0; 725 726 if (bottom_free >= len) 727 return priv->host_info.tx_buff_pos + priv->tx_buff_tail; 728 729 if (priv->tx_free_mem - bottom_free >= len) { 730 priv->tx_buff_tail = 0; 731 return priv->host_info.tx_buff_pos; 732 } 733 734 return 0; 735 } 736 737 static void tx_update_descriptor(struct atmel_private *priv, int is_bcast, 738 u16 len, u16 buff, u8 type) 739 { 740 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, priv->tx_desc_tail), buff); 741 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_tail), len); 742 if (!priv->use_wpa) 743 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_HOST_LENGTH_OFFSET, priv->tx_desc_tail), len); 744 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_tail), type); 745 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RATE_OFFSET, priv->tx_desc_tail), priv->tx_rate); 746 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RETRY_OFFSET, priv->tx_desc_tail), 0); 747 if (priv->use_wpa) { 748 int cipher_type, cipher_length; 749 if (is_bcast) { 750 cipher_type = priv->group_cipher_suite; 751 if (cipher_type == CIPHER_SUITE_WEP_64 || 752 cipher_type == CIPHER_SUITE_WEP_128) 753 cipher_length = 8; 754 else if (cipher_type == CIPHER_SUITE_TKIP) 755 cipher_length = 12; 756 else if (priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_64 || 757 priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_128) { 758 cipher_type = priv->pairwise_cipher_suite; 759 cipher_length = 8; 760 } else { 761 cipher_type = CIPHER_SUITE_NONE; 762 cipher_length = 0; 763 } 764 } else { 765 cipher_type = priv->pairwise_cipher_suite; 766 if (cipher_type == CIPHER_SUITE_WEP_64 || 767 cipher_type == CIPHER_SUITE_WEP_128) 768 cipher_length = 8; 769 else if (cipher_type == CIPHER_SUITE_TKIP) 770 cipher_length = 12; 771 else if (priv->group_cipher_suite == CIPHER_SUITE_WEP_64 || 772 priv->group_cipher_suite == CIPHER_SUITE_WEP_128) { 773 cipher_type = priv->group_cipher_suite; 774 cipher_length = 8; 775 } else { 776 cipher_type = CIPHER_SUITE_NONE; 777 cipher_length = 0; 778 } 779 } 780 781 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_TYPE_OFFSET, priv->tx_desc_tail), 782 cipher_type); 783 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_LENGTH_OFFSET, priv->tx_desc_tail), 784 cipher_length); 785 } 786 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_tail), 0x80000000L); 787 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_tail), TX_FIRM_OWN); 788 if (priv->tx_desc_previous != priv->tx_desc_tail) 789 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_previous), 0); 790 priv->tx_desc_previous = priv->tx_desc_tail; 791 if (priv->tx_desc_tail < (priv->host_info.tx_desc_count - 1)) 792 priv->tx_desc_tail++; 793 else 794 priv->tx_desc_tail = 0; 795 priv->tx_desc_free--; 796 priv->tx_free_mem -= len; 797 } 798 799 static netdev_tx_t start_tx(struct sk_buff *skb, struct net_device *dev) 800 { 801 static const u8 SNAP_RFC1024[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; 802 struct atmel_private *priv = netdev_priv(dev); 803 struct ieee80211_hdr header; 804 unsigned long flags; 805 u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN; 806 807 if (priv->card && priv->present_callback && 808 !(*priv->present_callback)(priv->card)) { 809 dev->stats.tx_errors++; 810 dev_kfree_skb(skb); 811 return NETDEV_TX_OK; 812 } 813 814 if (priv->station_state != STATION_STATE_READY) { 815 dev->stats.tx_errors++; 816 dev_kfree_skb(skb); 817 return NETDEV_TX_OK; 818 } 819 820 /* first ensure the timer func cannot run */ 821 spin_lock_bh(&priv->timerlock); 822 /* then stop the hardware ISR */ 823 spin_lock_irqsave(&priv->irqlock, flags); 824 /* nb doing the above in the opposite order will deadlock */ 825 826 /* The Wireless Header is 30 bytes. In the Ethernet packet we "cut" the 827 12 first bytes (containing DA/SA) and put them in the appropriate 828 fields of the Wireless Header. Thus the packet length is then the 829 initial + 18 (+30-12) */ 830 831 if (!(buff = find_tx_buff(priv, len + 18))) { 832 dev->stats.tx_dropped++; 833 spin_unlock_irqrestore(&priv->irqlock, flags); 834 spin_unlock_bh(&priv->timerlock); 835 netif_stop_queue(dev); 836 return NETDEV_TX_BUSY; 837 } 838 839 frame_ctl = IEEE80211_FTYPE_DATA; 840 header.duration_id = 0; 841 header.seq_ctrl = 0; 842 if (priv->wep_is_on) 843 frame_ctl |= IEEE80211_FCTL_PROTECTED; 844 if (priv->operating_mode == IW_MODE_ADHOC) { 845 skb_copy_from_linear_data(skb, &header.addr1, ETH_ALEN); 846 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN); 847 memcpy(&header.addr3, priv->BSSID, ETH_ALEN); 848 } else { 849 frame_ctl |= IEEE80211_FCTL_TODS; 850 memcpy(&header.addr1, priv->CurrentBSSID, ETH_ALEN); 851 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN); 852 skb_copy_from_linear_data(skb, &header.addr3, ETH_ALEN); 853 } 854 855 if (priv->use_wpa) 856 memcpy(&header.addr4, SNAP_RFC1024, ETH_ALEN); 857 858 header.frame_control = cpu_to_le16(frame_ctl); 859 /* Copy the wireless header into the card */ 860 atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE); 861 /* Copy the packet sans its 802.3 header addresses which have been replaced */ 862 atmel_copy_to_card(dev, buff + DATA_FRAME_WS_HEADER_SIZE, skb->data + 12, len - 12); 863 priv->tx_buff_tail += len - 12 + DATA_FRAME_WS_HEADER_SIZE; 864 865 /* low bit of first byte of destination tells us if broadcast */ 866 tx_update_descriptor(priv, *(skb->data) & 0x01, len + 18, buff, TX_PACKET_TYPE_DATA); 867 dev->stats.tx_bytes += len; 868 869 spin_unlock_irqrestore(&priv->irqlock, flags); 870 spin_unlock_bh(&priv->timerlock); 871 dev_kfree_skb(skb); 872 873 return NETDEV_TX_OK; 874 } 875 876 static void atmel_transmit_management_frame(struct atmel_private *priv, 877 struct ieee80211_hdr *header, 878 u8 *body, int body_len) 879 { 880 u16 buff; 881 int len = MGMT_FRAME_BODY_OFFSET + body_len; 882 883 if (!(buff = find_tx_buff(priv, len))) 884 return; 885 886 atmel_copy_to_card(priv->dev, buff, (u8 *)header, MGMT_FRAME_BODY_OFFSET); 887 atmel_copy_to_card(priv->dev, buff + MGMT_FRAME_BODY_OFFSET, body, body_len); 888 priv->tx_buff_tail += len; 889 tx_update_descriptor(priv, header->addr1[0] & 0x01, len, buff, TX_PACKET_TYPE_MGMT); 890 } 891 892 static void fast_rx_path(struct atmel_private *priv, 893 struct ieee80211_hdr *header, 894 u16 msdu_size, u16 rx_packet_loc, u32 crc) 895 { 896 /* fast path: unfragmented packet copy directly into skbuf */ 897 u8 mac4[6]; 898 struct sk_buff *skb; 899 unsigned char *skbp; 900 901 /* get the final, mac 4 header field, this tells us encapsulation */ 902 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc + 24, 6); 903 msdu_size -= 6; 904 905 if (priv->do_rx_crc) { 906 crc = crc32_le(crc, mac4, 6); 907 msdu_size -= 4; 908 } 909 910 if (!(skb = dev_alloc_skb(msdu_size + 14))) { 911 priv->dev->stats.rx_dropped++; 912 return; 913 } 914 915 skb_reserve(skb, 2); 916 skbp = skb_put(skb, msdu_size + 12); 917 atmel_copy_to_host(priv->dev, skbp + 12, rx_packet_loc + 30, msdu_size); 918 919 if (priv->do_rx_crc) { 920 u32 netcrc; 921 crc = crc32_le(crc, skbp + 12, msdu_size); 922 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + 30 + msdu_size, 4); 923 if ((crc ^ 0xffffffff) != netcrc) { 924 priv->dev->stats.rx_crc_errors++; 925 dev_kfree_skb(skb); 926 return; 927 } 928 } 929 930 memcpy(skbp, header->addr1, ETH_ALEN); /* destination address */ 931 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 932 memcpy(&skbp[ETH_ALEN], header->addr3, ETH_ALEN); 933 else 934 memcpy(&skbp[ETH_ALEN], header->addr2, ETH_ALEN); /* source address */ 935 936 skb->protocol = eth_type_trans(skb, priv->dev); 937 skb->ip_summed = CHECKSUM_NONE; 938 netif_rx(skb); 939 priv->dev->stats.rx_bytes += 12 + msdu_size; 940 priv->dev->stats.rx_packets++; 941 } 942 943 /* Test to see if the packet in card memory at packet_loc has a valid CRC 944 It doesn't matter that this is slow: it is only used to proble the first few 945 packets. */ 946 static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size) 947 { 948 int i = msdu_size - 4; 949 u32 netcrc, crc = 0xffffffff; 950 951 if (msdu_size < 4) 952 return 0; 953 954 atmel_copy_to_host(priv->dev, (void *)&netcrc, packet_loc + i, 4); 955 956 atmel_writeAR(priv->dev, packet_loc); 957 while (i--) { 958 u8 octet = atmel_read8(priv->dev, DR); 959 crc = crc32_le(crc, &octet, 1); 960 } 961 962 return (crc ^ 0xffffffff) == netcrc; 963 } 964 965 static void frag_rx_path(struct atmel_private *priv, 966 struct ieee80211_hdr *header, 967 u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no, 968 u8 frag_no, int more_frags) 969 { 970 u8 mac4[ETH_ALEN]; 971 u8 source[ETH_ALEN]; 972 struct sk_buff *skb; 973 974 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 975 memcpy(source, header->addr3, ETH_ALEN); 976 else 977 memcpy(source, header->addr2, ETH_ALEN); 978 979 rx_packet_loc += 24; /* skip header */ 980 981 if (priv->do_rx_crc) 982 msdu_size -= 4; 983 984 if (frag_no == 0) { /* first fragment */ 985 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc, ETH_ALEN); 986 msdu_size -= ETH_ALEN; 987 rx_packet_loc += ETH_ALEN; 988 989 if (priv->do_rx_crc) 990 crc = crc32_le(crc, mac4, 6); 991 992 priv->frag_seq = seq_no; 993 priv->frag_no = 1; 994 priv->frag_len = msdu_size; 995 memcpy(priv->frag_source, source, ETH_ALEN); 996 memcpy(&priv->rx_buf[ETH_ALEN], source, ETH_ALEN); 997 memcpy(priv->rx_buf, header->addr1, ETH_ALEN); 998 999 atmel_copy_to_host(priv->dev, &priv->rx_buf[12], rx_packet_loc, msdu_size); 1000 1001 if (priv->do_rx_crc) { 1002 u32 netcrc; 1003 crc = crc32_le(crc, &priv->rx_buf[12], msdu_size); 1004 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4); 1005 if ((crc ^ 0xffffffff) != netcrc) { 1006 priv->dev->stats.rx_crc_errors++; 1007 eth_broadcast_addr(priv->frag_source); 1008 } 1009 } 1010 1011 } else if (priv->frag_no == frag_no && 1012 priv->frag_seq == seq_no && 1013 memcmp(priv->frag_source, source, ETH_ALEN) == 0) { 1014 1015 atmel_copy_to_host(priv->dev, &priv->rx_buf[12 + priv->frag_len], 1016 rx_packet_loc, msdu_size); 1017 if (priv->do_rx_crc) { 1018 u32 netcrc; 1019 crc = crc32_le(crc, 1020 &priv->rx_buf[12 + priv->frag_len], 1021 msdu_size); 1022 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4); 1023 if ((crc ^ 0xffffffff) != netcrc) { 1024 priv->dev->stats.rx_crc_errors++; 1025 eth_broadcast_addr(priv->frag_source); 1026 more_frags = 1; /* don't send broken assembly */ 1027 } 1028 } 1029 1030 priv->frag_len += msdu_size; 1031 priv->frag_no++; 1032 1033 if (!more_frags) { /* last one */ 1034 eth_broadcast_addr(priv->frag_source); 1035 if (!(skb = dev_alloc_skb(priv->frag_len + 14))) { 1036 priv->dev->stats.rx_dropped++; 1037 } else { 1038 skb_reserve(skb, 2); 1039 skb_put_data(skb, priv->rx_buf, 1040 priv->frag_len + 12); 1041 skb->protocol = eth_type_trans(skb, priv->dev); 1042 skb->ip_summed = CHECKSUM_NONE; 1043 netif_rx(skb); 1044 priv->dev->stats.rx_bytes += priv->frag_len + 12; 1045 priv->dev->stats.rx_packets++; 1046 } 1047 } 1048 } else 1049 priv->wstats.discard.fragment++; 1050 } 1051 1052 static void rx_done_irq(struct atmel_private *priv) 1053 { 1054 int i; 1055 struct ieee80211_hdr header; 1056 1057 for (i = 0; 1058 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID && 1059 i < priv->host_info.rx_desc_count; 1060 i++) { 1061 1062 u16 msdu_size, rx_packet_loc, frame_ctl, seq_control; 1063 u8 status = atmel_rmem8(priv, atmel_rx(priv, RX_DESC_STATUS_OFFSET, priv->rx_desc_head)); 1064 u32 crc = 0xffffffff; 1065 1066 if (status != RX_STATUS_SUCCESS) { 1067 if (status == 0xc1) /* determined by experiment */ 1068 priv->wstats.discard.nwid++; 1069 else 1070 priv->dev->stats.rx_errors++; 1071 goto next; 1072 } 1073 1074 msdu_size = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_SIZE_OFFSET, priv->rx_desc_head)); 1075 rx_packet_loc = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_POS_OFFSET, priv->rx_desc_head)); 1076 1077 if (msdu_size < 30) { 1078 priv->dev->stats.rx_errors++; 1079 goto next; 1080 } 1081 1082 /* Get header as far as end of seq_ctrl */ 1083 atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24); 1084 frame_ctl = le16_to_cpu(header.frame_control); 1085 seq_control = le16_to_cpu(header.seq_ctrl); 1086 1087 /* probe for CRC use here if needed once five packets have 1088 arrived with the same crc status, we assume we know what's 1089 happening and stop probing */ 1090 if (priv->probe_crc) { 1091 if (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED)) { 1092 priv->do_rx_crc = probe_crc(priv, rx_packet_loc, msdu_size); 1093 } else { 1094 priv->do_rx_crc = probe_crc(priv, rx_packet_loc + 24, msdu_size - 24); 1095 } 1096 if (priv->do_rx_crc) { 1097 if (priv->crc_ok_cnt++ > 5) 1098 priv->probe_crc = 0; 1099 } else { 1100 if (priv->crc_ko_cnt++ > 5) 1101 priv->probe_crc = 0; 1102 } 1103 } 1104 1105 /* don't CRC header when WEP in use */ 1106 if (priv->do_rx_crc && (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED))) { 1107 crc = crc32_le(0xffffffff, (unsigned char *)&header, 24); 1108 } 1109 msdu_size -= 24; /* header */ 1110 1111 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) { 1112 int more_fragments = frame_ctl & IEEE80211_FCTL_MOREFRAGS; 1113 u8 packet_fragment_no = seq_control & IEEE80211_SCTL_FRAG; 1114 u16 packet_sequence_no = (seq_control & IEEE80211_SCTL_SEQ) >> 4; 1115 1116 if (!more_fragments && packet_fragment_no == 0) { 1117 fast_rx_path(priv, &header, msdu_size, rx_packet_loc, crc); 1118 } else { 1119 frag_rx_path(priv, &header, msdu_size, rx_packet_loc, crc, 1120 packet_sequence_no, packet_fragment_no, more_fragments); 1121 } 1122 } 1123 1124 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) { 1125 /* copy rest of packet into buffer */ 1126 atmel_copy_to_host(priv->dev, (unsigned char *)&priv->rx_buf, rx_packet_loc + 24, msdu_size); 1127 1128 /* we use the same buffer for frag reassembly and control packets */ 1129 eth_broadcast_addr(priv->frag_source); 1130 1131 if (priv->do_rx_crc) { 1132 /* last 4 octets is crc */ 1133 msdu_size -= 4; 1134 crc = crc32_le(crc, (unsigned char *)&priv->rx_buf, msdu_size); 1135 if ((crc ^ 0xffffffff) != (*((u32 *)&priv->rx_buf[msdu_size]))) { 1136 priv->dev->stats.rx_crc_errors++; 1137 goto next; 1138 } 1139 } 1140 1141 atmel_management_frame(priv, &header, msdu_size, 1142 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_RSSI_OFFSET, priv->rx_desc_head))); 1143 } 1144 1145 next: 1146 /* release descriptor */ 1147 atmel_wmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head), RX_DESC_FLAG_CONSUMED); 1148 1149 if (priv->rx_desc_head < (priv->host_info.rx_desc_count - 1)) 1150 priv->rx_desc_head++; 1151 else 1152 priv->rx_desc_head = 0; 1153 } 1154 } 1155 1156 static irqreturn_t service_interrupt(int irq, void *dev_id) 1157 { 1158 struct net_device *dev = (struct net_device *) dev_id; 1159 struct atmel_private *priv = netdev_priv(dev); 1160 u8 isr; 1161 int i = -1; 1162 static const u8 irq_order[] = { 1163 ISR_OUT_OF_RANGE, 1164 ISR_RxCOMPLETE, 1165 ISR_TxCOMPLETE, 1166 ISR_RxFRAMELOST, 1167 ISR_FATAL_ERROR, 1168 ISR_COMMAND_COMPLETE, 1169 ISR_IBSS_MERGE, 1170 ISR_GENERIC_IRQ 1171 }; 1172 1173 if (priv->card && priv->present_callback && 1174 !(*priv->present_callback)(priv->card)) 1175 return IRQ_HANDLED; 1176 1177 /* In this state upper-level code assumes it can mess with 1178 the card unhampered by interrupts which may change register state. 1179 Note that even though the card shouldn't generate interrupts 1180 the inturrupt line may be shared. This allows card setup 1181 to go on without disabling interrupts for a long time. */ 1182 if (priv->station_state == STATION_STATE_DOWN) 1183 return IRQ_NONE; 1184 1185 atmel_clear_gcr(dev, GCR_ENINT); /* disable interrupts */ 1186 1187 while (1) { 1188 if (!atmel_lock_mac(priv)) { 1189 /* failed to contact card */ 1190 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name); 1191 return IRQ_HANDLED; 1192 } 1193 1194 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET)); 1195 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 1196 1197 if (!isr) { 1198 atmel_set_gcr(dev, GCR_ENINT); /* enable interrupts */ 1199 return i == -1 ? IRQ_NONE : IRQ_HANDLED; 1200 } 1201 1202 atmel_set_gcr(dev, GCR_ACKINT); /* acknowledge interrupt */ 1203 1204 for (i = 0; i < ARRAY_SIZE(irq_order); i++) 1205 if (isr & irq_order[i]) 1206 break; 1207 1208 if (!atmel_lock_mac(priv)) { 1209 /* failed to contact card */ 1210 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name); 1211 return IRQ_HANDLED; 1212 } 1213 1214 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET)); 1215 isr ^= irq_order[i]; 1216 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET), isr); 1217 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 1218 1219 switch (irq_order[i]) { 1220 1221 case ISR_OUT_OF_RANGE: 1222 if (priv->operating_mode == IW_MODE_INFRA && 1223 priv->station_state == STATION_STATE_READY) { 1224 priv->station_is_associated = 0; 1225 atmel_scan(priv, 1); 1226 } 1227 break; 1228 1229 case ISR_RxFRAMELOST: 1230 priv->wstats.discard.misc++; 1231 /* fall through */ 1232 case ISR_RxCOMPLETE: 1233 rx_done_irq(priv); 1234 break; 1235 1236 case ISR_TxCOMPLETE: 1237 tx_done_irq(priv); 1238 break; 1239 1240 case ISR_FATAL_ERROR: 1241 printk(KERN_ALERT "%s: *** FATAL error interrupt ***\n", dev->name); 1242 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 1243 break; 1244 1245 case ISR_COMMAND_COMPLETE: 1246 atmel_command_irq(priv); 1247 break; 1248 1249 case ISR_IBSS_MERGE: 1250 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS, 1251 priv->CurrentBSSID, 6); 1252 /* The WPA stuff cares about the current AP address */ 1253 if (priv->use_wpa) 1254 build_wpa_mib(priv); 1255 break; 1256 case ISR_GENERIC_IRQ: 1257 printk(KERN_INFO "%s: Generic_irq received.\n", dev->name); 1258 break; 1259 } 1260 } 1261 } 1262 1263 static struct iw_statistics *atmel_get_wireless_stats(struct net_device *dev) 1264 { 1265 struct atmel_private *priv = netdev_priv(dev); 1266 1267 /* update the link quality here in case we are seeing no beacons 1268 at all to drive the process */ 1269 atmel_smooth_qual(priv); 1270 1271 priv->wstats.status = priv->station_state; 1272 1273 if (priv->operating_mode == IW_MODE_INFRA) { 1274 if (priv->station_state != STATION_STATE_READY) { 1275 priv->wstats.qual.qual = 0; 1276 priv->wstats.qual.level = 0; 1277 priv->wstats.qual.updated = (IW_QUAL_QUAL_INVALID 1278 | IW_QUAL_LEVEL_INVALID); 1279 } 1280 priv->wstats.qual.noise = 0; 1281 priv->wstats.qual.updated |= IW_QUAL_NOISE_INVALID; 1282 } else { 1283 /* Quality levels cannot be determined in ad-hoc mode, 1284 because we can 'hear' more that one remote station. */ 1285 priv->wstats.qual.qual = 0; 1286 priv->wstats.qual.level = 0; 1287 priv->wstats.qual.noise = 0; 1288 priv->wstats.qual.updated = IW_QUAL_QUAL_INVALID 1289 | IW_QUAL_LEVEL_INVALID 1290 | IW_QUAL_NOISE_INVALID; 1291 priv->wstats.miss.beacon = 0; 1292 } 1293 1294 return &priv->wstats; 1295 } 1296 1297 static int atmel_set_mac_address(struct net_device *dev, void *p) 1298 { 1299 struct sockaddr *addr = p; 1300 1301 memcpy (dev->dev_addr, addr->sa_data, dev->addr_len); 1302 return atmel_open(dev); 1303 } 1304 1305 EXPORT_SYMBOL(atmel_open); 1306 1307 int atmel_open(struct net_device *dev) 1308 { 1309 struct atmel_private *priv = netdev_priv(dev); 1310 int i, channel, err; 1311 1312 /* any scheduled timer is no longer needed and might screw things up.. */ 1313 del_timer_sync(&priv->management_timer); 1314 1315 /* Interrupts will not touch the card once in this state... */ 1316 priv->station_state = STATION_STATE_DOWN; 1317 1318 if (priv->new_SSID_size) { 1319 memcpy(priv->SSID, priv->new_SSID, priv->new_SSID_size); 1320 priv->SSID_size = priv->new_SSID_size; 1321 priv->new_SSID_size = 0; 1322 } 1323 priv->BSS_list_entries = 0; 1324 1325 priv->AuthenticationRequestRetryCnt = 0; 1326 priv->AssociationRequestRetryCnt = 0; 1327 priv->ReAssociationRequestRetryCnt = 0; 1328 priv->CurrentAuthentTransactionSeqNum = 0x0001; 1329 priv->ExpectedAuthentTransactionSeqNum = 0x0002; 1330 1331 priv->site_survey_state = SITE_SURVEY_IDLE; 1332 priv->station_is_associated = 0; 1333 1334 err = reset_atmel_card(dev); 1335 if (err) 1336 return err; 1337 1338 if (priv->config_reg_domain) { 1339 priv->reg_domain = priv->config_reg_domain; 1340 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS, priv->reg_domain); 1341 } else { 1342 priv->reg_domain = atmel_get_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS); 1343 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1344 if (priv->reg_domain == channel_table[i].reg_domain) 1345 break; 1346 if (i == ARRAY_SIZE(channel_table)) { 1347 priv->reg_domain = REG_DOMAIN_MKK1; 1348 printk(KERN_ALERT "%s: failed to get regulatory domain: assuming MKK1.\n", dev->name); 1349 } 1350 } 1351 1352 if ((channel = atmel_validate_channel(priv, priv->channel))) 1353 priv->channel = channel; 1354 1355 /* this moves station_state on.... */ 1356 atmel_scan(priv, 1); 1357 1358 atmel_set_gcr(priv->dev, GCR_ENINT); /* enable interrupts */ 1359 return 0; 1360 } 1361 1362 static int atmel_close(struct net_device *dev) 1363 { 1364 struct atmel_private *priv = netdev_priv(dev); 1365 1366 /* Send event to userspace that we are disassociating */ 1367 if (priv->station_state == STATION_STATE_READY) { 1368 union iwreq_data wrqu; 1369 1370 wrqu.data.length = 0; 1371 wrqu.data.flags = 0; 1372 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 1373 eth_zero_addr(wrqu.ap_addr.sa_data); 1374 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 1375 } 1376 1377 atmel_enter_state(priv, STATION_STATE_DOWN); 1378 1379 if (priv->bus_type == BUS_TYPE_PCCARD) 1380 atmel_write16(dev, GCR, 0x0060); 1381 atmel_write16(dev, GCR, 0x0040); 1382 return 0; 1383 } 1384 1385 static int atmel_validate_channel(struct atmel_private *priv, int channel) 1386 { 1387 /* check that channel is OK, if so return zero, 1388 else return suitable default channel */ 1389 int i; 1390 1391 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1392 if (priv->reg_domain == channel_table[i].reg_domain) { 1393 if (channel >= channel_table[i].min && 1394 channel <= channel_table[i].max) 1395 return 0; 1396 else 1397 return channel_table[i].min; 1398 } 1399 return 0; 1400 } 1401 1402 static int atmel_proc_show(struct seq_file *m, void *v) 1403 { 1404 struct atmel_private *priv = m->private; 1405 int i; 1406 char *s, *r, *c; 1407 1408 seq_printf(m, "Driver version:\t\t%d.%d\n", DRIVER_MAJOR, DRIVER_MINOR); 1409 1410 if (priv->station_state != STATION_STATE_DOWN) { 1411 seq_printf(m, 1412 "Firmware version:\t%d.%d build %d\n" 1413 "Firmware location:\t", 1414 priv->host_info.major_version, 1415 priv->host_info.minor_version, 1416 priv->host_info.build_version); 1417 1418 if (priv->card_type != CARD_TYPE_EEPROM) 1419 seq_puts(m, "on card\n"); 1420 else if (priv->firmware) 1421 seq_printf(m, "%s loaded by host\n", priv->firmware_id); 1422 else 1423 seq_printf(m, "%s loaded by hotplug\n", priv->firmware_id); 1424 1425 switch (priv->card_type) { 1426 case CARD_TYPE_PARALLEL_FLASH: 1427 c = "Parallel flash"; 1428 break; 1429 case CARD_TYPE_SPI_FLASH: 1430 c = "SPI flash\n"; 1431 break; 1432 case CARD_TYPE_EEPROM: 1433 c = "EEPROM"; 1434 break; 1435 default: 1436 c = "<unknown>"; 1437 } 1438 1439 r = "<unknown>"; 1440 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1441 if (priv->reg_domain == channel_table[i].reg_domain) 1442 r = channel_table[i].name; 1443 1444 seq_printf(m, "MAC memory type:\t%s\n", c); 1445 seq_printf(m, "Regulatory domain:\t%s\n", r); 1446 seq_printf(m, "Host CRC checking:\t%s\n", 1447 priv->do_rx_crc ? "On" : "Off"); 1448 seq_printf(m, "WPA-capable firmware:\t%s\n", 1449 priv->use_wpa ? "Yes" : "No"); 1450 } 1451 1452 switch (priv->station_state) { 1453 case STATION_STATE_SCANNING: 1454 s = "Scanning"; 1455 break; 1456 case STATION_STATE_JOINNING: 1457 s = "Joining"; 1458 break; 1459 case STATION_STATE_AUTHENTICATING: 1460 s = "Authenticating"; 1461 break; 1462 case STATION_STATE_ASSOCIATING: 1463 s = "Associating"; 1464 break; 1465 case STATION_STATE_READY: 1466 s = "Ready"; 1467 break; 1468 case STATION_STATE_REASSOCIATING: 1469 s = "Reassociating"; 1470 break; 1471 case STATION_STATE_MGMT_ERROR: 1472 s = "Management error"; 1473 break; 1474 case STATION_STATE_DOWN: 1475 s = "Down"; 1476 break; 1477 default: 1478 s = "<unknown>"; 1479 } 1480 1481 seq_printf(m, "Current state:\t\t%s\n", s); 1482 return 0; 1483 } 1484 1485 static int atmel_proc_open(struct inode *inode, struct file *file) 1486 { 1487 return single_open(file, atmel_proc_show, PDE_DATA(inode)); 1488 } 1489 1490 static const struct file_operations atmel_proc_fops = { 1491 .open = atmel_proc_open, 1492 .read = seq_read, 1493 .llseek = seq_lseek, 1494 .release = single_release, 1495 }; 1496 1497 static const struct net_device_ops atmel_netdev_ops = { 1498 .ndo_open = atmel_open, 1499 .ndo_stop = atmel_close, 1500 .ndo_set_mac_address = atmel_set_mac_address, 1501 .ndo_start_xmit = start_tx, 1502 .ndo_do_ioctl = atmel_ioctl, 1503 .ndo_validate_addr = eth_validate_addr, 1504 }; 1505 1506 struct net_device *init_atmel_card(unsigned short irq, unsigned long port, 1507 const AtmelFWType fw_type, 1508 struct device *sys_dev, 1509 int (*card_present)(void *), void *card) 1510 { 1511 struct net_device *dev; 1512 struct atmel_private *priv; 1513 int rc; 1514 1515 /* Create the network device object. */ 1516 dev = alloc_etherdev(sizeof(*priv)); 1517 if (!dev) 1518 return NULL; 1519 1520 if (dev_alloc_name(dev, dev->name) < 0) { 1521 printk(KERN_ERR "atmel: Couldn't get name!\n"); 1522 goto err_out_free; 1523 } 1524 1525 priv = netdev_priv(dev); 1526 priv->dev = dev; 1527 priv->sys_dev = sys_dev; 1528 priv->present_callback = card_present; 1529 priv->card = card; 1530 priv->firmware = NULL; 1531 priv->firmware_id[0] = '\0'; 1532 priv->firmware_type = fw_type; 1533 if (firmware) /* module parameter */ 1534 strcpy(priv->firmware_id, firmware); 1535 priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI; 1536 priv->station_state = STATION_STATE_DOWN; 1537 priv->do_rx_crc = 0; 1538 /* For PCMCIA cards, some chips need CRC, some don't 1539 so we have to probe. */ 1540 if (priv->bus_type == BUS_TYPE_PCCARD) { 1541 priv->probe_crc = 1; 1542 priv->crc_ok_cnt = priv->crc_ko_cnt = 0; 1543 } else 1544 priv->probe_crc = 0; 1545 priv->last_qual = jiffies; 1546 priv->last_beacon_timestamp = 0; 1547 memset(priv->frag_source, 0xff, sizeof(priv->frag_source)); 1548 eth_zero_addr(priv->BSSID); 1549 priv->CurrentBSSID[0] = 0xFF; /* Initialize to something invalid.... */ 1550 priv->station_was_associated = 0; 1551 1552 priv->last_survey = jiffies; 1553 priv->preamble = LONG_PREAMBLE; 1554 priv->operating_mode = IW_MODE_INFRA; 1555 priv->connect_to_any_BSS = 0; 1556 priv->config_reg_domain = 0; 1557 priv->reg_domain = 0; 1558 priv->tx_rate = 3; 1559 priv->auto_tx_rate = 1; 1560 priv->channel = 4; 1561 priv->power_mode = 0; 1562 priv->SSID[0] = '\0'; 1563 priv->SSID_size = 0; 1564 priv->new_SSID_size = 0; 1565 priv->frag_threshold = 2346; 1566 priv->rts_threshold = 2347; 1567 priv->short_retry = 7; 1568 priv->long_retry = 4; 1569 1570 priv->wep_is_on = 0; 1571 priv->default_key = 0; 1572 priv->encryption_level = 0; 1573 priv->exclude_unencrypted = 0; 1574 priv->group_cipher_suite = priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1575 priv->use_wpa = 0; 1576 memset(priv->wep_keys, 0, sizeof(priv->wep_keys)); 1577 memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len)); 1578 1579 priv->default_beacon_period = priv->beacon_period = 100; 1580 priv->listen_interval = 1; 1581 1582 setup_timer(&priv->management_timer, atmel_management_timer, 1583 (unsigned long)dev); 1584 spin_lock_init(&priv->irqlock); 1585 spin_lock_init(&priv->timerlock); 1586 1587 dev->netdev_ops = &atmel_netdev_ops; 1588 dev->wireless_handlers = &atmel_handler_def; 1589 dev->irq = irq; 1590 dev->base_addr = port; 1591 1592 /* MTU range: 68 - 2312 */ 1593 dev->min_mtu = 68; 1594 dev->max_mtu = MAX_WIRELESS_BODY - ETH_FCS_LEN; 1595 1596 SET_NETDEV_DEV(dev, sys_dev); 1597 1598 if ((rc = request_irq(dev->irq, service_interrupt, IRQF_SHARED, dev->name, dev))) { 1599 printk(KERN_ERR "%s: register interrupt %d failed, rc %d\n", dev->name, irq, rc); 1600 goto err_out_free; 1601 } 1602 1603 if (!request_region(dev->base_addr, 32, 1604 priv->bus_type == BUS_TYPE_PCCARD ? "atmel_cs" : "atmel_pci")) { 1605 goto err_out_irq; 1606 } 1607 1608 if (register_netdev(dev)) 1609 goto err_out_res; 1610 1611 if (!probe_atmel_card(dev)) { 1612 unregister_netdev(dev); 1613 goto err_out_res; 1614 } 1615 1616 netif_carrier_off(dev); 1617 1618 if (!proc_create_data("driver/atmel", 0, NULL, &atmel_proc_fops, priv)) 1619 printk(KERN_WARNING "atmel: unable to create /proc entry.\n"); 1620 1621 printk(KERN_INFO "%s: Atmel at76c50x. Version %d.%d. MAC %pM\n", 1622 dev->name, DRIVER_MAJOR, DRIVER_MINOR, dev->dev_addr); 1623 1624 return dev; 1625 1626 err_out_res: 1627 release_region(dev->base_addr, 32); 1628 err_out_irq: 1629 free_irq(dev->irq, dev); 1630 err_out_free: 1631 free_netdev(dev); 1632 return NULL; 1633 } 1634 1635 EXPORT_SYMBOL(init_atmel_card); 1636 1637 void stop_atmel_card(struct net_device *dev) 1638 { 1639 struct atmel_private *priv = netdev_priv(dev); 1640 1641 /* put a brick on it... */ 1642 if (priv->bus_type == BUS_TYPE_PCCARD) 1643 atmel_write16(dev, GCR, 0x0060); 1644 atmel_write16(dev, GCR, 0x0040); 1645 1646 del_timer_sync(&priv->management_timer); 1647 unregister_netdev(dev); 1648 remove_proc_entry("driver/atmel", NULL); 1649 free_irq(dev->irq, dev); 1650 kfree(priv->firmware); 1651 release_region(dev->base_addr, 32); 1652 free_netdev(dev); 1653 } 1654 1655 EXPORT_SYMBOL(stop_atmel_card); 1656 1657 static int atmel_set_essid(struct net_device *dev, 1658 struct iw_request_info *info, 1659 struct iw_point *dwrq, 1660 char *extra) 1661 { 1662 struct atmel_private *priv = netdev_priv(dev); 1663 1664 /* Check if we asked for `any' */ 1665 if (dwrq->flags == 0) { 1666 priv->connect_to_any_BSS = 1; 1667 } else { 1668 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1669 1670 priv->connect_to_any_BSS = 0; 1671 1672 /* Check the size of the string */ 1673 if (dwrq->length > MAX_SSID_LENGTH) 1674 return -E2BIG; 1675 if (index != 0) 1676 return -EINVAL; 1677 1678 memcpy(priv->new_SSID, extra, dwrq->length); 1679 priv->new_SSID_size = dwrq->length; 1680 } 1681 1682 return -EINPROGRESS; 1683 } 1684 1685 static int atmel_get_essid(struct net_device *dev, 1686 struct iw_request_info *info, 1687 struct iw_point *dwrq, 1688 char *extra) 1689 { 1690 struct atmel_private *priv = netdev_priv(dev); 1691 1692 /* Get the current SSID */ 1693 if (priv->new_SSID_size != 0) { 1694 memcpy(extra, priv->new_SSID, priv->new_SSID_size); 1695 dwrq->length = priv->new_SSID_size; 1696 } else { 1697 memcpy(extra, priv->SSID, priv->SSID_size); 1698 dwrq->length = priv->SSID_size; 1699 } 1700 1701 dwrq->flags = !priv->connect_to_any_BSS; /* active */ 1702 1703 return 0; 1704 } 1705 1706 static int atmel_get_wap(struct net_device *dev, 1707 struct iw_request_info *info, 1708 struct sockaddr *awrq, 1709 char *extra) 1710 { 1711 struct atmel_private *priv = netdev_priv(dev); 1712 memcpy(awrq->sa_data, priv->CurrentBSSID, ETH_ALEN); 1713 awrq->sa_family = ARPHRD_ETHER; 1714 1715 return 0; 1716 } 1717 1718 static int atmel_set_encode(struct net_device *dev, 1719 struct iw_request_info *info, 1720 struct iw_point *dwrq, 1721 char *extra) 1722 { 1723 struct atmel_private *priv = netdev_priv(dev); 1724 1725 /* Basic checking: do we have a key to set ? 1726 * Note : with the new API, it's impossible to get a NULL pointer. 1727 * Therefore, we need to check a key size == 0 instead. 1728 * New version of iwconfig properly set the IW_ENCODE_NOKEY flag 1729 * when no key is present (only change flags), but older versions 1730 * don't do it. - Jean II */ 1731 if (dwrq->length > 0) { 1732 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1733 int current_index = priv->default_key; 1734 /* Check the size of the key */ 1735 if (dwrq->length > 13) { 1736 return -EINVAL; 1737 } 1738 /* Check the index (none -> use current) */ 1739 if (index < 0 || index >= 4) 1740 index = current_index; 1741 else 1742 priv->default_key = index; 1743 /* Set the length */ 1744 if (dwrq->length > 5) 1745 priv->wep_key_len[index] = 13; 1746 else 1747 if (dwrq->length > 0) 1748 priv->wep_key_len[index] = 5; 1749 else 1750 /* Disable the key */ 1751 priv->wep_key_len[index] = 0; 1752 /* Check if the key is not marked as invalid */ 1753 if (!(dwrq->flags & IW_ENCODE_NOKEY)) { 1754 /* Cleanup */ 1755 memset(priv->wep_keys[index], 0, 13); 1756 /* Copy the key in the driver */ 1757 memcpy(priv->wep_keys[index], extra, dwrq->length); 1758 } 1759 /* WE specify that if a valid key is set, encryption 1760 * should be enabled (user may turn it off later) 1761 * This is also how "iwconfig ethX key on" works */ 1762 if (index == current_index && 1763 priv->wep_key_len[index] > 0) { 1764 priv->wep_is_on = 1; 1765 priv->exclude_unencrypted = 1; 1766 if (priv->wep_key_len[index] > 5) { 1767 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1768 priv->encryption_level = 2; 1769 } else { 1770 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1771 priv->encryption_level = 1; 1772 } 1773 } 1774 } else { 1775 /* Do we want to just set the transmit key index ? */ 1776 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1777 if (index >= 0 && index < 4) { 1778 priv->default_key = index; 1779 } else 1780 /* Don't complain if only change the mode */ 1781 if (!(dwrq->flags & IW_ENCODE_MODE)) 1782 return -EINVAL; 1783 } 1784 /* Read the flags */ 1785 if (dwrq->flags & IW_ENCODE_DISABLED) { 1786 priv->wep_is_on = 0; 1787 priv->encryption_level = 0; 1788 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1789 } else { 1790 priv->wep_is_on = 1; 1791 if (priv->wep_key_len[priv->default_key] > 5) { 1792 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1793 priv->encryption_level = 2; 1794 } else { 1795 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1796 priv->encryption_level = 1; 1797 } 1798 } 1799 if (dwrq->flags & IW_ENCODE_RESTRICTED) 1800 priv->exclude_unencrypted = 1; 1801 if (dwrq->flags & IW_ENCODE_OPEN) 1802 priv->exclude_unencrypted = 0; 1803 1804 return -EINPROGRESS; /* Call commit handler */ 1805 } 1806 1807 static int atmel_get_encode(struct net_device *dev, 1808 struct iw_request_info *info, 1809 struct iw_point *dwrq, 1810 char *extra) 1811 { 1812 struct atmel_private *priv = netdev_priv(dev); 1813 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1814 1815 if (!priv->wep_is_on) 1816 dwrq->flags = IW_ENCODE_DISABLED; 1817 else { 1818 if (priv->exclude_unencrypted) 1819 dwrq->flags = IW_ENCODE_RESTRICTED; 1820 else 1821 dwrq->flags = IW_ENCODE_OPEN; 1822 } 1823 /* Which key do we want ? -1 -> tx index */ 1824 if (index < 0 || index >= 4) 1825 index = priv->default_key; 1826 dwrq->flags |= index + 1; 1827 /* Copy the key to the user buffer */ 1828 dwrq->length = priv->wep_key_len[index]; 1829 if (dwrq->length > 16) { 1830 dwrq->length = 0; 1831 } else { 1832 memset(extra, 0, 16); 1833 memcpy(extra, priv->wep_keys[index], dwrq->length); 1834 } 1835 1836 return 0; 1837 } 1838 1839 static int atmel_set_encodeext(struct net_device *dev, 1840 struct iw_request_info *info, 1841 union iwreq_data *wrqu, 1842 char *extra) 1843 { 1844 struct atmel_private *priv = netdev_priv(dev); 1845 struct iw_point *encoding = &wrqu->encoding; 1846 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra; 1847 int idx, key_len, alg = ext->alg, set_key = 1; 1848 1849 /* Determine and validate the key index */ 1850 idx = encoding->flags & IW_ENCODE_INDEX; 1851 if (idx) { 1852 if (idx < 1 || idx > 4) 1853 return -EINVAL; 1854 idx--; 1855 } else 1856 idx = priv->default_key; 1857 1858 if (encoding->flags & IW_ENCODE_DISABLED) 1859 alg = IW_ENCODE_ALG_NONE; 1860 1861 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) { 1862 priv->default_key = idx; 1863 set_key = ext->key_len > 0 ? 1 : 0; 1864 } 1865 1866 if (set_key) { 1867 /* Set the requested key first */ 1868 switch (alg) { 1869 case IW_ENCODE_ALG_NONE: 1870 priv->wep_is_on = 0; 1871 priv->encryption_level = 0; 1872 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1873 break; 1874 case IW_ENCODE_ALG_WEP: 1875 if (ext->key_len > 5) { 1876 priv->wep_key_len[idx] = 13; 1877 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1878 priv->encryption_level = 2; 1879 } else if (ext->key_len > 0) { 1880 priv->wep_key_len[idx] = 5; 1881 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1882 priv->encryption_level = 1; 1883 } else { 1884 return -EINVAL; 1885 } 1886 priv->wep_is_on = 1; 1887 memset(priv->wep_keys[idx], 0, 13); 1888 key_len = min ((int)ext->key_len, priv->wep_key_len[idx]); 1889 memcpy(priv->wep_keys[idx], ext->key, key_len); 1890 break; 1891 default: 1892 return -EINVAL; 1893 } 1894 } 1895 1896 return -EINPROGRESS; 1897 } 1898 1899 static int atmel_get_encodeext(struct net_device *dev, 1900 struct iw_request_info *info, 1901 union iwreq_data *wrqu, 1902 char *extra) 1903 { 1904 struct atmel_private *priv = netdev_priv(dev); 1905 struct iw_point *encoding = &wrqu->encoding; 1906 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra; 1907 int idx, max_key_len; 1908 1909 max_key_len = encoding->length - sizeof(*ext); 1910 if (max_key_len < 0) 1911 return -EINVAL; 1912 1913 idx = encoding->flags & IW_ENCODE_INDEX; 1914 if (idx) { 1915 if (idx < 1 || idx > 4) 1916 return -EINVAL; 1917 idx--; 1918 } else 1919 idx = priv->default_key; 1920 1921 encoding->flags = idx + 1; 1922 memset(ext, 0, sizeof(*ext)); 1923 1924 if (!priv->wep_is_on) { 1925 ext->alg = IW_ENCODE_ALG_NONE; 1926 ext->key_len = 0; 1927 encoding->flags |= IW_ENCODE_DISABLED; 1928 } else { 1929 if (priv->encryption_level > 0) 1930 ext->alg = IW_ENCODE_ALG_WEP; 1931 else 1932 return -EINVAL; 1933 1934 ext->key_len = priv->wep_key_len[idx]; 1935 memcpy(ext->key, priv->wep_keys[idx], ext->key_len); 1936 encoding->flags |= IW_ENCODE_ENABLED; 1937 } 1938 1939 return 0; 1940 } 1941 1942 static int atmel_set_auth(struct net_device *dev, 1943 struct iw_request_info *info, 1944 union iwreq_data *wrqu, char *extra) 1945 { 1946 struct atmel_private *priv = netdev_priv(dev); 1947 struct iw_param *param = &wrqu->param; 1948 1949 switch (param->flags & IW_AUTH_INDEX) { 1950 case IW_AUTH_WPA_VERSION: 1951 case IW_AUTH_CIPHER_PAIRWISE: 1952 case IW_AUTH_CIPHER_GROUP: 1953 case IW_AUTH_KEY_MGMT: 1954 case IW_AUTH_RX_UNENCRYPTED_EAPOL: 1955 case IW_AUTH_PRIVACY_INVOKED: 1956 /* 1957 * atmel does not use these parameters 1958 */ 1959 break; 1960 1961 case IW_AUTH_DROP_UNENCRYPTED: 1962 priv->exclude_unencrypted = param->value ? 1 : 0; 1963 break; 1964 1965 case IW_AUTH_80211_AUTH_ALG: { 1966 if (param->value & IW_AUTH_ALG_SHARED_KEY) { 1967 priv->exclude_unencrypted = 1; 1968 } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) { 1969 priv->exclude_unencrypted = 0; 1970 } else 1971 return -EINVAL; 1972 break; 1973 } 1974 1975 case IW_AUTH_WPA_ENABLED: 1976 /* Silently accept disable of WPA */ 1977 if (param->value > 0) 1978 return -EOPNOTSUPP; 1979 break; 1980 1981 default: 1982 return -EOPNOTSUPP; 1983 } 1984 return -EINPROGRESS; 1985 } 1986 1987 static int atmel_get_auth(struct net_device *dev, 1988 struct iw_request_info *info, 1989 union iwreq_data *wrqu, char *extra) 1990 { 1991 struct atmel_private *priv = netdev_priv(dev); 1992 struct iw_param *param = &wrqu->param; 1993 1994 switch (param->flags & IW_AUTH_INDEX) { 1995 case IW_AUTH_DROP_UNENCRYPTED: 1996 param->value = priv->exclude_unencrypted; 1997 break; 1998 1999 case IW_AUTH_80211_AUTH_ALG: 2000 if (priv->exclude_unencrypted == 1) 2001 param->value = IW_AUTH_ALG_SHARED_KEY; 2002 else 2003 param->value = IW_AUTH_ALG_OPEN_SYSTEM; 2004 break; 2005 2006 case IW_AUTH_WPA_ENABLED: 2007 param->value = 0; 2008 break; 2009 2010 default: 2011 return -EOPNOTSUPP; 2012 } 2013 return 0; 2014 } 2015 2016 2017 static int atmel_get_name(struct net_device *dev, 2018 struct iw_request_info *info, 2019 char *cwrq, 2020 char *extra) 2021 { 2022 strcpy(cwrq, "IEEE 802.11-DS"); 2023 return 0; 2024 } 2025 2026 static int atmel_set_rate(struct net_device *dev, 2027 struct iw_request_info *info, 2028 struct iw_param *vwrq, 2029 char *extra) 2030 { 2031 struct atmel_private *priv = netdev_priv(dev); 2032 2033 if (vwrq->fixed == 0) { 2034 priv->tx_rate = 3; 2035 priv->auto_tx_rate = 1; 2036 } else { 2037 priv->auto_tx_rate = 0; 2038 2039 /* Which type of value ? */ 2040 if ((vwrq->value < 4) && (vwrq->value >= 0)) { 2041 /* Setting by rate index */ 2042 priv->tx_rate = vwrq->value; 2043 } else { 2044 /* Setting by frequency value */ 2045 switch (vwrq->value) { 2046 case 1000000: 2047 priv->tx_rate = 0; 2048 break; 2049 case 2000000: 2050 priv->tx_rate = 1; 2051 break; 2052 case 5500000: 2053 priv->tx_rate = 2; 2054 break; 2055 case 11000000: 2056 priv->tx_rate = 3; 2057 break; 2058 default: 2059 return -EINVAL; 2060 } 2061 } 2062 } 2063 2064 return -EINPROGRESS; 2065 } 2066 2067 static int atmel_set_mode(struct net_device *dev, 2068 struct iw_request_info *info, 2069 __u32 *uwrq, 2070 char *extra) 2071 { 2072 struct atmel_private *priv = netdev_priv(dev); 2073 2074 if (*uwrq != IW_MODE_ADHOC && *uwrq != IW_MODE_INFRA) 2075 return -EINVAL; 2076 2077 priv->operating_mode = *uwrq; 2078 return -EINPROGRESS; 2079 } 2080 2081 static int atmel_get_mode(struct net_device *dev, 2082 struct iw_request_info *info, 2083 __u32 *uwrq, 2084 char *extra) 2085 { 2086 struct atmel_private *priv = netdev_priv(dev); 2087 2088 *uwrq = priv->operating_mode; 2089 return 0; 2090 } 2091 2092 static int atmel_get_rate(struct net_device *dev, 2093 struct iw_request_info *info, 2094 struct iw_param *vwrq, 2095 char *extra) 2096 { 2097 struct atmel_private *priv = netdev_priv(dev); 2098 2099 if (priv->auto_tx_rate) { 2100 vwrq->fixed = 0; 2101 vwrq->value = 11000000; 2102 } else { 2103 vwrq->fixed = 1; 2104 switch (priv->tx_rate) { 2105 case 0: 2106 vwrq->value = 1000000; 2107 break; 2108 case 1: 2109 vwrq->value = 2000000; 2110 break; 2111 case 2: 2112 vwrq->value = 5500000; 2113 break; 2114 case 3: 2115 vwrq->value = 11000000; 2116 break; 2117 } 2118 } 2119 return 0; 2120 } 2121 2122 static int atmel_set_power(struct net_device *dev, 2123 struct iw_request_info *info, 2124 struct iw_param *vwrq, 2125 char *extra) 2126 { 2127 struct atmel_private *priv = netdev_priv(dev); 2128 priv->power_mode = vwrq->disabled ? 0 : 1; 2129 return -EINPROGRESS; 2130 } 2131 2132 static int atmel_get_power(struct net_device *dev, 2133 struct iw_request_info *info, 2134 struct iw_param *vwrq, 2135 char *extra) 2136 { 2137 struct atmel_private *priv = netdev_priv(dev); 2138 vwrq->disabled = priv->power_mode ? 0 : 1; 2139 vwrq->flags = IW_POWER_ON; 2140 return 0; 2141 } 2142 2143 static int atmel_set_retry(struct net_device *dev, 2144 struct iw_request_info *info, 2145 struct iw_param *vwrq, 2146 char *extra) 2147 { 2148 struct atmel_private *priv = netdev_priv(dev); 2149 2150 if (!vwrq->disabled && (vwrq->flags & IW_RETRY_LIMIT)) { 2151 if (vwrq->flags & IW_RETRY_LONG) 2152 priv->long_retry = vwrq->value; 2153 else if (vwrq->flags & IW_RETRY_SHORT) 2154 priv->short_retry = vwrq->value; 2155 else { 2156 /* No modifier : set both */ 2157 priv->long_retry = vwrq->value; 2158 priv->short_retry = vwrq->value; 2159 } 2160 return -EINPROGRESS; 2161 } 2162 2163 return -EINVAL; 2164 } 2165 2166 static int atmel_get_retry(struct net_device *dev, 2167 struct iw_request_info *info, 2168 struct iw_param *vwrq, 2169 char *extra) 2170 { 2171 struct atmel_private *priv = netdev_priv(dev); 2172 2173 vwrq->disabled = 0; /* Can't be disabled */ 2174 2175 /* Note : by default, display the short retry number */ 2176 if (vwrq->flags & IW_RETRY_LONG) { 2177 vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG; 2178 vwrq->value = priv->long_retry; 2179 } else { 2180 vwrq->flags = IW_RETRY_LIMIT; 2181 vwrq->value = priv->short_retry; 2182 if (priv->long_retry != priv->short_retry) 2183 vwrq->flags |= IW_RETRY_SHORT; 2184 } 2185 2186 return 0; 2187 } 2188 2189 static int atmel_set_rts(struct net_device *dev, 2190 struct iw_request_info *info, 2191 struct iw_param *vwrq, 2192 char *extra) 2193 { 2194 struct atmel_private *priv = netdev_priv(dev); 2195 int rthr = vwrq->value; 2196 2197 if (vwrq->disabled) 2198 rthr = 2347; 2199 if ((rthr < 0) || (rthr > 2347)) { 2200 return -EINVAL; 2201 } 2202 priv->rts_threshold = rthr; 2203 2204 return -EINPROGRESS; /* Call commit handler */ 2205 } 2206 2207 static int atmel_get_rts(struct net_device *dev, 2208 struct iw_request_info *info, 2209 struct iw_param *vwrq, 2210 char *extra) 2211 { 2212 struct atmel_private *priv = netdev_priv(dev); 2213 2214 vwrq->value = priv->rts_threshold; 2215 vwrq->disabled = (vwrq->value >= 2347); 2216 vwrq->fixed = 1; 2217 2218 return 0; 2219 } 2220 2221 static int atmel_set_frag(struct net_device *dev, 2222 struct iw_request_info *info, 2223 struct iw_param *vwrq, 2224 char *extra) 2225 { 2226 struct atmel_private *priv = netdev_priv(dev); 2227 int fthr = vwrq->value; 2228 2229 if (vwrq->disabled) 2230 fthr = 2346; 2231 if ((fthr < 256) || (fthr > 2346)) { 2232 return -EINVAL; 2233 } 2234 fthr &= ~0x1; /* Get an even value - is it really needed ??? */ 2235 priv->frag_threshold = fthr; 2236 2237 return -EINPROGRESS; /* Call commit handler */ 2238 } 2239 2240 static int atmel_get_frag(struct net_device *dev, 2241 struct iw_request_info *info, 2242 struct iw_param *vwrq, 2243 char *extra) 2244 { 2245 struct atmel_private *priv = netdev_priv(dev); 2246 2247 vwrq->value = priv->frag_threshold; 2248 vwrq->disabled = (vwrq->value >= 2346); 2249 vwrq->fixed = 1; 2250 2251 return 0; 2252 } 2253 2254 static int atmel_set_freq(struct net_device *dev, 2255 struct iw_request_info *info, 2256 struct iw_freq *fwrq, 2257 char *extra) 2258 { 2259 struct atmel_private *priv = netdev_priv(dev); 2260 int rc = -EINPROGRESS; /* Call commit handler */ 2261 2262 /* If setting by frequency, convert to a channel */ 2263 if (fwrq->e == 1) { 2264 int f = fwrq->m / 100000; 2265 2266 /* Hack to fall through... */ 2267 fwrq->e = 0; 2268 fwrq->m = ieee80211_frequency_to_channel(f); 2269 } 2270 /* Setting by channel number */ 2271 if (fwrq->m < 0 || fwrq->m > 1000 || fwrq->e > 0) 2272 rc = -EOPNOTSUPP; 2273 else { 2274 int channel = fwrq->m; 2275 if (atmel_validate_channel(priv, channel) == 0) { 2276 priv->channel = channel; 2277 } else { 2278 rc = -EINVAL; 2279 } 2280 } 2281 return rc; 2282 } 2283 2284 static int atmel_get_freq(struct net_device *dev, 2285 struct iw_request_info *info, 2286 struct iw_freq *fwrq, 2287 char *extra) 2288 { 2289 struct atmel_private *priv = netdev_priv(dev); 2290 2291 fwrq->m = priv->channel; 2292 fwrq->e = 0; 2293 return 0; 2294 } 2295 2296 static int atmel_set_scan(struct net_device *dev, 2297 struct iw_request_info *info, 2298 struct iw_point *dwrq, 2299 char *extra) 2300 { 2301 struct atmel_private *priv = netdev_priv(dev); 2302 unsigned long flags; 2303 2304 /* Note : you may have realised that, as this is a SET operation, 2305 * this is privileged and therefore a normal user can't 2306 * perform scanning. 2307 * This is not an error, while the device perform scanning, 2308 * traffic doesn't flow, so it's a perfect DoS... 2309 * Jean II */ 2310 2311 if (priv->station_state == STATION_STATE_DOWN) 2312 return -EAGAIN; 2313 2314 /* Timeout old surveys. */ 2315 if (time_after(jiffies, priv->last_survey + 20 * HZ)) 2316 priv->site_survey_state = SITE_SURVEY_IDLE; 2317 priv->last_survey = jiffies; 2318 2319 /* Initiate a scan command */ 2320 if (priv->site_survey_state == SITE_SURVEY_IN_PROGRESS) 2321 return -EBUSY; 2322 2323 del_timer_sync(&priv->management_timer); 2324 spin_lock_irqsave(&priv->irqlock, flags); 2325 2326 priv->site_survey_state = SITE_SURVEY_IN_PROGRESS; 2327 priv->fast_scan = 0; 2328 atmel_scan(priv, 0); 2329 spin_unlock_irqrestore(&priv->irqlock, flags); 2330 2331 return 0; 2332 } 2333 2334 static int atmel_get_scan(struct net_device *dev, 2335 struct iw_request_info *info, 2336 struct iw_point *dwrq, 2337 char *extra) 2338 { 2339 struct atmel_private *priv = netdev_priv(dev); 2340 int i; 2341 char *current_ev = extra; 2342 struct iw_event iwe; 2343 2344 if (priv->site_survey_state != SITE_SURVEY_COMPLETED) 2345 return -EAGAIN; 2346 2347 for (i = 0; i < priv->BSS_list_entries; i++) { 2348 iwe.cmd = SIOCGIWAP; 2349 iwe.u.ap_addr.sa_family = ARPHRD_ETHER; 2350 memcpy(iwe.u.ap_addr.sa_data, priv->BSSinfo[i].BSSID, ETH_ALEN); 2351 current_ev = iwe_stream_add_event(info, current_ev, 2352 extra + IW_SCAN_MAX_DATA, 2353 &iwe, IW_EV_ADDR_LEN); 2354 2355 iwe.u.data.length = priv->BSSinfo[i].SSIDsize; 2356 if (iwe.u.data.length > 32) 2357 iwe.u.data.length = 32; 2358 iwe.cmd = SIOCGIWESSID; 2359 iwe.u.data.flags = 1; 2360 current_ev = iwe_stream_add_point(info, current_ev, 2361 extra + IW_SCAN_MAX_DATA, 2362 &iwe, priv->BSSinfo[i].SSID); 2363 2364 iwe.cmd = SIOCGIWMODE; 2365 iwe.u.mode = priv->BSSinfo[i].BSStype; 2366 current_ev = iwe_stream_add_event(info, current_ev, 2367 extra + IW_SCAN_MAX_DATA, 2368 &iwe, IW_EV_UINT_LEN); 2369 2370 iwe.cmd = SIOCGIWFREQ; 2371 iwe.u.freq.m = priv->BSSinfo[i].channel; 2372 iwe.u.freq.e = 0; 2373 current_ev = iwe_stream_add_event(info, current_ev, 2374 extra + IW_SCAN_MAX_DATA, 2375 &iwe, IW_EV_FREQ_LEN); 2376 2377 /* Add quality statistics */ 2378 iwe.cmd = IWEVQUAL; 2379 iwe.u.qual.level = priv->BSSinfo[i].RSSI; 2380 iwe.u.qual.qual = iwe.u.qual.level; 2381 /* iwe.u.qual.noise = SOMETHING */ 2382 current_ev = iwe_stream_add_event(info, current_ev, 2383 extra + IW_SCAN_MAX_DATA, 2384 &iwe, IW_EV_QUAL_LEN); 2385 2386 2387 iwe.cmd = SIOCGIWENCODE; 2388 if (priv->BSSinfo[i].UsingWEP) 2389 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY; 2390 else 2391 iwe.u.data.flags = IW_ENCODE_DISABLED; 2392 iwe.u.data.length = 0; 2393 current_ev = iwe_stream_add_point(info, current_ev, 2394 extra + IW_SCAN_MAX_DATA, 2395 &iwe, NULL); 2396 } 2397 2398 /* Length of data */ 2399 dwrq->length = (current_ev - extra); 2400 dwrq->flags = 0; 2401 2402 return 0; 2403 } 2404 2405 static int atmel_get_range(struct net_device *dev, 2406 struct iw_request_info *info, 2407 struct iw_point *dwrq, 2408 char *extra) 2409 { 2410 struct atmel_private *priv = netdev_priv(dev); 2411 struct iw_range *range = (struct iw_range *) extra; 2412 int k, i, j; 2413 2414 dwrq->length = sizeof(struct iw_range); 2415 memset(range, 0, sizeof(struct iw_range)); 2416 range->min_nwid = 0x0000; 2417 range->max_nwid = 0x0000; 2418 range->num_channels = 0; 2419 for (j = 0; j < ARRAY_SIZE(channel_table); j++) 2420 if (priv->reg_domain == channel_table[j].reg_domain) { 2421 range->num_channels = channel_table[j].max - channel_table[j].min + 1; 2422 break; 2423 } 2424 if (range->num_channels != 0) { 2425 for (k = 0, i = channel_table[j].min; i <= channel_table[j].max; i++) { 2426 range->freq[k].i = i; /* List index */ 2427 2428 /* Values in MHz -> * 10^5 * 10 */ 2429 range->freq[k].m = 100000 * 2430 ieee80211_channel_to_frequency(i, NL80211_BAND_2GHZ); 2431 range->freq[k++].e = 1; 2432 } 2433 range->num_frequency = k; 2434 } 2435 2436 range->max_qual.qual = 100; 2437 range->max_qual.level = 100; 2438 range->max_qual.noise = 0; 2439 range->max_qual.updated = IW_QUAL_NOISE_INVALID; 2440 2441 range->avg_qual.qual = 50; 2442 range->avg_qual.level = 50; 2443 range->avg_qual.noise = 0; 2444 range->avg_qual.updated = IW_QUAL_NOISE_INVALID; 2445 2446 range->sensitivity = 0; 2447 2448 range->bitrate[0] = 1000000; 2449 range->bitrate[1] = 2000000; 2450 range->bitrate[2] = 5500000; 2451 range->bitrate[3] = 11000000; 2452 range->num_bitrates = 4; 2453 2454 range->min_rts = 0; 2455 range->max_rts = 2347; 2456 range->min_frag = 256; 2457 range->max_frag = 2346; 2458 2459 range->encoding_size[0] = 5; 2460 range->encoding_size[1] = 13; 2461 range->num_encoding_sizes = 2; 2462 range->max_encoding_tokens = 4; 2463 2464 range->pmp_flags = IW_POWER_ON; 2465 range->pmt_flags = IW_POWER_ON; 2466 range->pm_capa = 0; 2467 2468 range->we_version_source = WIRELESS_EXT; 2469 range->we_version_compiled = WIRELESS_EXT; 2470 range->retry_capa = IW_RETRY_LIMIT ; 2471 range->retry_flags = IW_RETRY_LIMIT; 2472 range->r_time_flags = 0; 2473 range->min_retry = 1; 2474 range->max_retry = 65535; 2475 2476 return 0; 2477 } 2478 2479 static int atmel_set_wap(struct net_device *dev, 2480 struct iw_request_info *info, 2481 struct sockaddr *awrq, 2482 char *extra) 2483 { 2484 struct atmel_private *priv = netdev_priv(dev); 2485 int i; 2486 static const u8 any[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 2487 static const u8 off[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 2488 unsigned long flags; 2489 2490 if (awrq->sa_family != ARPHRD_ETHER) 2491 return -EINVAL; 2492 2493 if (!memcmp(any, awrq->sa_data, 6) || 2494 !memcmp(off, awrq->sa_data, 6)) { 2495 del_timer_sync(&priv->management_timer); 2496 spin_lock_irqsave(&priv->irqlock, flags); 2497 atmel_scan(priv, 1); 2498 spin_unlock_irqrestore(&priv->irqlock, flags); 2499 return 0; 2500 } 2501 2502 for (i = 0; i < priv->BSS_list_entries; i++) { 2503 if (memcmp(priv->BSSinfo[i].BSSID, awrq->sa_data, 6) == 0) { 2504 if (!priv->wep_is_on && priv->BSSinfo[i].UsingWEP) { 2505 return -EINVAL; 2506 } else if (priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) { 2507 return -EINVAL; 2508 } else { 2509 del_timer_sync(&priv->management_timer); 2510 spin_lock_irqsave(&priv->irqlock, flags); 2511 atmel_join_bss(priv, i); 2512 spin_unlock_irqrestore(&priv->irqlock, flags); 2513 return 0; 2514 } 2515 } 2516 } 2517 2518 return -EINVAL; 2519 } 2520 2521 static int atmel_config_commit(struct net_device *dev, 2522 struct iw_request_info *info, /* NULL */ 2523 void *zwrq, /* NULL */ 2524 char *extra) /* NULL */ 2525 { 2526 return atmel_open(dev); 2527 } 2528 2529 static const iw_handler atmel_handler[] = 2530 { 2531 (iw_handler) atmel_config_commit, /* SIOCSIWCOMMIT */ 2532 (iw_handler) atmel_get_name, /* SIOCGIWNAME */ 2533 (iw_handler) NULL, /* SIOCSIWNWID */ 2534 (iw_handler) NULL, /* SIOCGIWNWID */ 2535 (iw_handler) atmel_set_freq, /* SIOCSIWFREQ */ 2536 (iw_handler) atmel_get_freq, /* SIOCGIWFREQ */ 2537 (iw_handler) atmel_set_mode, /* SIOCSIWMODE */ 2538 (iw_handler) atmel_get_mode, /* SIOCGIWMODE */ 2539 (iw_handler) NULL, /* SIOCSIWSENS */ 2540 (iw_handler) NULL, /* SIOCGIWSENS */ 2541 (iw_handler) NULL, /* SIOCSIWRANGE */ 2542 (iw_handler) atmel_get_range, /* SIOCGIWRANGE */ 2543 (iw_handler) NULL, /* SIOCSIWPRIV */ 2544 (iw_handler) NULL, /* SIOCGIWPRIV */ 2545 (iw_handler) NULL, /* SIOCSIWSTATS */ 2546 (iw_handler) NULL, /* SIOCGIWSTATS */ 2547 (iw_handler) NULL, /* SIOCSIWSPY */ 2548 (iw_handler) NULL, /* SIOCGIWSPY */ 2549 (iw_handler) NULL, /* -- hole -- */ 2550 (iw_handler) NULL, /* -- hole -- */ 2551 (iw_handler) atmel_set_wap, /* SIOCSIWAP */ 2552 (iw_handler) atmel_get_wap, /* SIOCGIWAP */ 2553 (iw_handler) NULL, /* -- hole -- */ 2554 (iw_handler) NULL, /* SIOCGIWAPLIST */ 2555 (iw_handler) atmel_set_scan, /* SIOCSIWSCAN */ 2556 (iw_handler) atmel_get_scan, /* SIOCGIWSCAN */ 2557 (iw_handler) atmel_set_essid, /* SIOCSIWESSID */ 2558 (iw_handler) atmel_get_essid, /* SIOCGIWESSID */ 2559 (iw_handler) NULL, /* SIOCSIWNICKN */ 2560 (iw_handler) NULL, /* SIOCGIWNICKN */ 2561 (iw_handler) NULL, /* -- hole -- */ 2562 (iw_handler) NULL, /* -- hole -- */ 2563 (iw_handler) atmel_set_rate, /* SIOCSIWRATE */ 2564 (iw_handler) atmel_get_rate, /* SIOCGIWRATE */ 2565 (iw_handler) atmel_set_rts, /* SIOCSIWRTS */ 2566 (iw_handler) atmel_get_rts, /* SIOCGIWRTS */ 2567 (iw_handler) atmel_set_frag, /* SIOCSIWFRAG */ 2568 (iw_handler) atmel_get_frag, /* SIOCGIWFRAG */ 2569 (iw_handler) NULL, /* SIOCSIWTXPOW */ 2570 (iw_handler) NULL, /* SIOCGIWTXPOW */ 2571 (iw_handler) atmel_set_retry, /* SIOCSIWRETRY */ 2572 (iw_handler) atmel_get_retry, /* SIOCGIWRETRY */ 2573 (iw_handler) atmel_set_encode, /* SIOCSIWENCODE */ 2574 (iw_handler) atmel_get_encode, /* SIOCGIWENCODE */ 2575 (iw_handler) atmel_set_power, /* SIOCSIWPOWER */ 2576 (iw_handler) atmel_get_power, /* SIOCGIWPOWER */ 2577 (iw_handler) NULL, /* -- hole -- */ 2578 (iw_handler) NULL, /* -- hole -- */ 2579 (iw_handler) NULL, /* SIOCSIWGENIE */ 2580 (iw_handler) NULL, /* SIOCGIWGENIE */ 2581 (iw_handler) atmel_set_auth, /* SIOCSIWAUTH */ 2582 (iw_handler) atmel_get_auth, /* SIOCGIWAUTH */ 2583 (iw_handler) atmel_set_encodeext, /* SIOCSIWENCODEEXT */ 2584 (iw_handler) atmel_get_encodeext, /* SIOCGIWENCODEEXT */ 2585 (iw_handler) NULL, /* SIOCSIWPMKSA */ 2586 }; 2587 2588 static const iw_handler atmel_private_handler[] = 2589 { 2590 NULL, /* SIOCIWFIRSTPRIV */ 2591 }; 2592 2593 struct atmel_priv_ioctl { 2594 char id[32]; 2595 unsigned char __user *data; 2596 unsigned short len; 2597 }; 2598 2599 #define ATMELFWL SIOCIWFIRSTPRIV 2600 #define ATMELIDIFC ATMELFWL + 1 2601 #define ATMELRD ATMELFWL + 2 2602 #define ATMELMAGIC 0x51807 2603 #define REGDOMAINSZ 20 2604 2605 static const struct iw_priv_args atmel_private_args[] = { 2606 { 2607 .cmd = ATMELFWL, 2608 .set_args = IW_PRIV_TYPE_BYTE 2609 | IW_PRIV_SIZE_FIXED 2610 | sizeof(struct atmel_priv_ioctl), 2611 .get_args = IW_PRIV_TYPE_NONE, 2612 .name = "atmelfwl" 2613 }, { 2614 .cmd = ATMELIDIFC, 2615 .set_args = IW_PRIV_TYPE_NONE, 2616 .get_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 2617 .name = "atmelidifc" 2618 }, { 2619 .cmd = ATMELRD, 2620 .set_args = IW_PRIV_TYPE_CHAR | REGDOMAINSZ, 2621 .get_args = IW_PRIV_TYPE_NONE, 2622 .name = "regdomain" 2623 }, 2624 }; 2625 2626 static const struct iw_handler_def atmel_handler_def = { 2627 .num_standard = ARRAY_SIZE(atmel_handler), 2628 .num_private = ARRAY_SIZE(atmel_private_handler), 2629 .num_private_args = ARRAY_SIZE(atmel_private_args), 2630 .standard = (iw_handler *) atmel_handler, 2631 .private = (iw_handler *) atmel_private_handler, 2632 .private_args = (struct iw_priv_args *) atmel_private_args, 2633 .get_wireless_stats = atmel_get_wireless_stats 2634 }; 2635 2636 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) 2637 { 2638 int i, rc = 0; 2639 struct atmel_private *priv = netdev_priv(dev); 2640 struct atmel_priv_ioctl com; 2641 struct iwreq *wrq = (struct iwreq *) rq; 2642 unsigned char *new_firmware; 2643 char domain[REGDOMAINSZ + 1]; 2644 2645 switch (cmd) { 2646 case ATMELIDIFC: 2647 wrq->u.param.value = ATMELMAGIC; 2648 break; 2649 2650 case ATMELFWL: 2651 if (copy_from_user(&com, rq->ifr_data, sizeof(com))) { 2652 rc = -EFAULT; 2653 break; 2654 } 2655 2656 if (!capable(CAP_NET_ADMIN)) { 2657 rc = -EPERM; 2658 break; 2659 } 2660 2661 if (!(new_firmware = kmalloc(com.len, GFP_KERNEL))) { 2662 rc = -ENOMEM; 2663 break; 2664 } 2665 2666 if (copy_from_user(new_firmware, com.data, com.len)) { 2667 kfree(new_firmware); 2668 rc = -EFAULT; 2669 break; 2670 } 2671 2672 kfree(priv->firmware); 2673 2674 priv->firmware = new_firmware; 2675 priv->firmware_length = com.len; 2676 strncpy(priv->firmware_id, com.id, 31); 2677 priv->firmware_id[31] = '\0'; 2678 break; 2679 2680 case ATMELRD: 2681 if (copy_from_user(domain, rq->ifr_data, REGDOMAINSZ)) { 2682 rc = -EFAULT; 2683 break; 2684 } 2685 2686 if (!capable(CAP_NET_ADMIN)) { 2687 rc = -EPERM; 2688 break; 2689 } 2690 2691 domain[REGDOMAINSZ] = 0; 2692 rc = -EINVAL; 2693 for (i = 0; i < ARRAY_SIZE(channel_table); i++) { 2694 if (!strcasecmp(channel_table[i].name, domain)) { 2695 priv->config_reg_domain = channel_table[i].reg_domain; 2696 rc = 0; 2697 } 2698 } 2699 2700 if (rc == 0 && priv->station_state != STATION_STATE_DOWN) 2701 rc = atmel_open(dev); 2702 break; 2703 2704 default: 2705 rc = -EOPNOTSUPP; 2706 } 2707 2708 return rc; 2709 } 2710 2711 struct auth_body { 2712 __le16 alg; 2713 __le16 trans_seq; 2714 __le16 status; 2715 u8 el_id; 2716 u8 chall_text_len; 2717 u8 chall_text[253]; 2718 }; 2719 2720 static void atmel_enter_state(struct atmel_private *priv, int new_state) 2721 { 2722 int old_state = priv->station_state; 2723 2724 if (new_state == old_state) 2725 return; 2726 2727 priv->station_state = new_state; 2728 2729 if (new_state == STATION_STATE_READY) { 2730 netif_start_queue(priv->dev); 2731 netif_carrier_on(priv->dev); 2732 } 2733 2734 if (old_state == STATION_STATE_READY) { 2735 netif_carrier_off(priv->dev); 2736 if (netif_running(priv->dev)) 2737 netif_stop_queue(priv->dev); 2738 priv->last_beacon_timestamp = 0; 2739 } 2740 } 2741 2742 static void atmel_scan(struct atmel_private *priv, int specific_ssid) 2743 { 2744 struct { 2745 u8 BSSID[ETH_ALEN]; 2746 u8 SSID[MAX_SSID_LENGTH]; 2747 u8 scan_type; 2748 u8 channel; 2749 __le16 BSS_type; 2750 __le16 min_channel_time; 2751 __le16 max_channel_time; 2752 u8 options; 2753 u8 SSID_size; 2754 } cmd; 2755 2756 eth_broadcast_addr(cmd.BSSID); 2757 2758 if (priv->fast_scan) { 2759 cmd.SSID_size = priv->SSID_size; 2760 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2761 cmd.min_channel_time = cpu_to_le16(10); 2762 cmd.max_channel_time = cpu_to_le16(50); 2763 } else { 2764 priv->BSS_list_entries = 0; 2765 cmd.SSID_size = 0; 2766 cmd.min_channel_time = cpu_to_le16(10); 2767 cmd.max_channel_time = cpu_to_le16(120); 2768 } 2769 2770 cmd.options = 0; 2771 2772 if (!specific_ssid) 2773 cmd.options |= SCAN_OPTIONS_SITE_SURVEY; 2774 2775 cmd.channel = (priv->channel & 0x7f); 2776 cmd.scan_type = SCAN_TYPE_ACTIVE; 2777 cmd.BSS_type = cpu_to_le16(priv->operating_mode == IW_MODE_ADHOC ? 2778 BSS_TYPE_AD_HOC : BSS_TYPE_INFRASTRUCTURE); 2779 2780 atmel_send_command(priv, CMD_Scan, &cmd, sizeof(cmd)); 2781 2782 /* This must come after all hardware access to avoid being messed up 2783 by stuff happening in interrupt context after we leave STATE_DOWN */ 2784 atmel_enter_state(priv, STATION_STATE_SCANNING); 2785 } 2786 2787 static void join(struct atmel_private *priv, int type) 2788 { 2789 struct { 2790 u8 BSSID[6]; 2791 u8 SSID[MAX_SSID_LENGTH]; 2792 u8 BSS_type; /* this is a short in a scan command - weird */ 2793 u8 channel; 2794 __le16 timeout; 2795 u8 SSID_size; 2796 u8 reserved; 2797 } cmd; 2798 2799 cmd.SSID_size = priv->SSID_size; 2800 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2801 memcpy(cmd.BSSID, priv->CurrentBSSID, ETH_ALEN); 2802 cmd.channel = (priv->channel & 0x7f); 2803 cmd.BSS_type = type; 2804 cmd.timeout = cpu_to_le16(2000); 2805 2806 atmel_send_command(priv, CMD_Join, &cmd, sizeof(cmd)); 2807 } 2808 2809 static void start(struct atmel_private *priv, int type) 2810 { 2811 struct { 2812 u8 BSSID[6]; 2813 u8 SSID[MAX_SSID_LENGTH]; 2814 u8 BSS_type; 2815 u8 channel; 2816 u8 SSID_size; 2817 u8 reserved[3]; 2818 } cmd; 2819 2820 cmd.SSID_size = priv->SSID_size; 2821 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2822 memcpy(cmd.BSSID, priv->BSSID, ETH_ALEN); 2823 cmd.BSS_type = type; 2824 cmd.channel = (priv->channel & 0x7f); 2825 2826 atmel_send_command(priv, CMD_Start, &cmd, sizeof(cmd)); 2827 } 2828 2829 static void handle_beacon_probe(struct atmel_private *priv, u16 capability, 2830 u8 channel) 2831 { 2832 int rejoin = 0; 2833 int new = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ? 2834 SHORT_PREAMBLE : LONG_PREAMBLE; 2835 2836 if (priv->preamble != new) { 2837 priv->preamble = new; 2838 rejoin = 1; 2839 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, new); 2840 } 2841 2842 if (priv->channel != channel) { 2843 priv->channel = channel; 2844 rejoin = 1; 2845 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_CHANNEL_POS, channel); 2846 } 2847 2848 if (rejoin) { 2849 priv->station_is_associated = 0; 2850 atmel_enter_state(priv, STATION_STATE_JOINNING); 2851 2852 if (priv->operating_mode == IW_MODE_INFRA) 2853 join(priv, BSS_TYPE_INFRASTRUCTURE); 2854 else 2855 join(priv, BSS_TYPE_AD_HOC); 2856 } 2857 } 2858 2859 static void send_authentication_request(struct atmel_private *priv, u16 system, 2860 u8 *challenge, int challenge_len) 2861 { 2862 struct ieee80211_hdr header; 2863 struct auth_body auth; 2864 2865 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH); 2866 header.duration_id = cpu_to_le16(0x8000); 2867 header.seq_ctrl = 0; 2868 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN); 2869 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN); 2870 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN); 2871 2872 if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1) 2873 /* no WEP for authentication frames with TrSeqNo 1 */ 2874 header.frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 2875 2876 auth.alg = cpu_to_le16(system); 2877 2878 auth.status = 0; 2879 auth.trans_seq = cpu_to_le16(priv->CurrentAuthentTransactionSeqNum); 2880 priv->ExpectedAuthentTransactionSeqNum = priv->CurrentAuthentTransactionSeqNum+1; 2881 priv->CurrentAuthentTransactionSeqNum += 2; 2882 2883 if (challenge_len != 0) { 2884 auth.el_id = 16; /* challenge_text */ 2885 auth.chall_text_len = challenge_len; 2886 memcpy(auth.chall_text, challenge, challenge_len); 2887 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 8 + challenge_len); 2888 } else { 2889 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 6); 2890 } 2891 } 2892 2893 static void send_association_request(struct atmel_private *priv, int is_reassoc) 2894 { 2895 u8 *ssid_el_p; 2896 int bodysize; 2897 struct ieee80211_hdr header; 2898 struct ass_req_format { 2899 __le16 capability; 2900 __le16 listen_interval; 2901 u8 ap[ETH_ALEN]; /* nothing after here directly accessible */ 2902 u8 ssid_el_id; 2903 u8 ssid_len; 2904 u8 ssid[MAX_SSID_LENGTH]; 2905 u8 sup_rates_el_id; 2906 u8 sup_rates_len; 2907 u8 rates[4]; 2908 } body; 2909 2910 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 2911 (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ)); 2912 header.duration_id = cpu_to_le16(0x8000); 2913 header.seq_ctrl = 0; 2914 2915 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN); 2916 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN); 2917 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN); 2918 2919 body.capability = cpu_to_le16(WLAN_CAPABILITY_ESS); 2920 if (priv->wep_is_on) 2921 body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY); 2922 if (priv->preamble == SHORT_PREAMBLE) 2923 body.capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE); 2924 2925 body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period); 2926 2927 /* current AP address - only in reassoc frame */ 2928 if (is_reassoc) { 2929 memcpy(body.ap, priv->CurrentBSSID, ETH_ALEN); 2930 ssid_el_p = &body.ssid_el_id; 2931 bodysize = 18 + priv->SSID_size; 2932 } else { 2933 ssid_el_p = &body.ap[0]; 2934 bodysize = 12 + priv->SSID_size; 2935 } 2936 2937 ssid_el_p[0] = WLAN_EID_SSID; 2938 ssid_el_p[1] = priv->SSID_size; 2939 memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size); 2940 ssid_el_p[2 + priv->SSID_size] = WLAN_EID_SUPP_RATES; 2941 ssid_el_p[3 + priv->SSID_size] = 4; /* len of supported rates */ 2942 memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4); 2943 2944 atmel_transmit_management_frame(priv, &header, (void *)&body, bodysize); 2945 } 2946 2947 static int is_frame_from_current_bss(struct atmel_private *priv, 2948 struct ieee80211_hdr *header) 2949 { 2950 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 2951 return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0; 2952 else 2953 return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0; 2954 } 2955 2956 static int retrieve_bss(struct atmel_private *priv) 2957 { 2958 int i; 2959 int max_rssi = -128; 2960 int max_index = -1; 2961 2962 if (priv->BSS_list_entries == 0) 2963 return -1; 2964 2965 if (priv->connect_to_any_BSS) { 2966 /* Select a BSS with the max-RSSI but of the same type and of 2967 the same WEP mode and that it is not marked as 'bad' (i.e. 2968 we had previously failed to connect to this BSS with the 2969 settings that we currently use) */ 2970 priv->current_BSS = 0; 2971 for (i = 0; i < priv->BSS_list_entries; i++) { 2972 if (priv->operating_mode == priv->BSSinfo[i].BSStype && 2973 ((!priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) || 2974 (priv->wep_is_on && priv->BSSinfo[i].UsingWEP)) && 2975 !(priv->BSSinfo[i].channel & 0x80)) { 2976 max_rssi = priv->BSSinfo[i].RSSI; 2977 priv->current_BSS = max_index = i; 2978 } 2979 } 2980 return max_index; 2981 } 2982 2983 for (i = 0; i < priv->BSS_list_entries; i++) { 2984 if (priv->SSID_size == priv->BSSinfo[i].SSIDsize && 2985 memcmp(priv->SSID, priv->BSSinfo[i].SSID, priv->SSID_size) == 0 && 2986 priv->operating_mode == priv->BSSinfo[i].BSStype && 2987 atmel_validate_channel(priv, priv->BSSinfo[i].channel) == 0) { 2988 if (priv->BSSinfo[i].RSSI >= max_rssi) { 2989 max_rssi = priv->BSSinfo[i].RSSI; 2990 max_index = i; 2991 } 2992 } 2993 } 2994 return max_index; 2995 } 2996 2997 static void store_bss_info(struct atmel_private *priv, 2998 struct ieee80211_hdr *header, u16 capability, 2999 u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len, 3000 u8 *ssid, int is_beacon) 3001 { 3002 u8 *bss = capability & WLAN_CAPABILITY_ESS ? header->addr2 : header->addr3; 3003 int i, index; 3004 3005 for (index = -1, i = 0; i < priv->BSS_list_entries; i++) 3006 if (memcmp(bss, priv->BSSinfo[i].BSSID, ETH_ALEN) == 0) 3007 index = i; 3008 3009 /* If we process a probe and an entry from this BSS exists 3010 we will update the BSS entry with the info from this BSS. 3011 If we process a beacon we will only update RSSI */ 3012 3013 if (index == -1) { 3014 if (priv->BSS_list_entries == MAX_BSS_ENTRIES) 3015 return; 3016 index = priv->BSS_list_entries++; 3017 memcpy(priv->BSSinfo[index].BSSID, bss, ETH_ALEN); 3018 priv->BSSinfo[index].RSSI = rssi; 3019 } else { 3020 if (rssi > priv->BSSinfo[index].RSSI) 3021 priv->BSSinfo[index].RSSI = rssi; 3022 if (is_beacon) 3023 return; 3024 } 3025 3026 priv->BSSinfo[index].channel = channel; 3027 priv->BSSinfo[index].beacon_period = beacon_period; 3028 priv->BSSinfo[index].UsingWEP = capability & WLAN_CAPABILITY_PRIVACY; 3029 memcpy(priv->BSSinfo[index].SSID, ssid, ssid_len); 3030 priv->BSSinfo[index].SSIDsize = ssid_len; 3031 3032 if (capability & WLAN_CAPABILITY_IBSS) 3033 priv->BSSinfo[index].BSStype = IW_MODE_ADHOC; 3034 else if (capability & WLAN_CAPABILITY_ESS) 3035 priv->BSSinfo[index].BSStype = IW_MODE_INFRA; 3036 3037 priv->BSSinfo[index].preamble = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ? 3038 SHORT_PREAMBLE : LONG_PREAMBLE; 3039 } 3040 3041 static void authenticate(struct atmel_private *priv, u16 frame_len) 3042 { 3043 struct auth_body *auth = (struct auth_body *)priv->rx_buf; 3044 u16 status = le16_to_cpu(auth->status); 3045 u16 trans_seq_no = le16_to_cpu(auth->trans_seq); 3046 u16 system = le16_to_cpu(auth->alg); 3047 3048 if (status == WLAN_STATUS_SUCCESS && !priv->wep_is_on) { 3049 /* no WEP */ 3050 if (priv->station_was_associated) { 3051 atmel_enter_state(priv, STATION_STATE_REASSOCIATING); 3052 send_association_request(priv, 1); 3053 return; 3054 } else { 3055 atmel_enter_state(priv, STATION_STATE_ASSOCIATING); 3056 send_association_request(priv, 0); 3057 return; 3058 } 3059 } 3060 3061 if (status == WLAN_STATUS_SUCCESS && priv->wep_is_on) { 3062 int should_associate = 0; 3063 /* WEP */ 3064 if (trans_seq_no != priv->ExpectedAuthentTransactionSeqNum) 3065 return; 3066 3067 if (system == WLAN_AUTH_OPEN) { 3068 if (trans_seq_no == 0x0002) { 3069 should_associate = 1; 3070 } 3071 } else if (system == WLAN_AUTH_SHARED_KEY) { 3072 if (trans_seq_no == 0x0002 && 3073 auth->el_id == WLAN_EID_CHALLENGE) { 3074 send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len); 3075 return; 3076 } else if (trans_seq_no == 0x0004) { 3077 should_associate = 1; 3078 } 3079 } 3080 3081 if (should_associate) { 3082 if (priv->station_was_associated) { 3083 atmel_enter_state(priv, STATION_STATE_REASSOCIATING); 3084 send_association_request(priv, 1); 3085 return; 3086 } else { 3087 atmel_enter_state(priv, STATION_STATE_ASSOCIATING); 3088 send_association_request(priv, 0); 3089 return; 3090 } 3091 } 3092 } 3093 3094 if (status == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) { 3095 /* Flip back and forth between WEP auth modes until the max 3096 * authentication tries has been exceeded. 3097 */ 3098 if (system == WLAN_AUTH_OPEN) { 3099 priv->CurrentAuthentTransactionSeqNum = 0x001; 3100 priv->exclude_unencrypted = 1; 3101 send_authentication_request(priv, WLAN_AUTH_SHARED_KEY, NULL, 0); 3102 return; 3103 } else if (system == WLAN_AUTH_SHARED_KEY 3104 && priv->wep_is_on) { 3105 priv->CurrentAuthentTransactionSeqNum = 0x001; 3106 priv->exclude_unencrypted = 0; 3107 send_authentication_request(priv, WLAN_AUTH_OPEN, NULL, 0); 3108 return; 3109 } else if (priv->connect_to_any_BSS) { 3110 int bss_index; 3111 3112 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3113 3114 if ((bss_index = retrieve_bss(priv)) != -1) { 3115 atmel_join_bss(priv, bss_index); 3116 return; 3117 } 3118 } 3119 } 3120 3121 priv->AuthenticationRequestRetryCnt = 0; 3122 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3123 priv->station_is_associated = 0; 3124 } 3125 3126 static void associate(struct atmel_private *priv, u16 frame_len, u16 subtype) 3127 { 3128 struct ass_resp_format { 3129 __le16 capability; 3130 __le16 status; 3131 __le16 ass_id; 3132 u8 el_id; 3133 u8 length; 3134 u8 rates[4]; 3135 } *ass_resp = (struct ass_resp_format *)priv->rx_buf; 3136 3137 u16 status = le16_to_cpu(ass_resp->status); 3138 u16 ass_id = le16_to_cpu(ass_resp->ass_id); 3139 u16 rates_len = ass_resp->length > 4 ? 4 : ass_resp->length; 3140 3141 union iwreq_data wrqu; 3142 3143 if (frame_len < 8 + rates_len) 3144 return; 3145 3146 if (status == WLAN_STATUS_SUCCESS) { 3147 if (subtype == IEEE80211_STYPE_ASSOC_RESP) 3148 priv->AssociationRequestRetryCnt = 0; 3149 else 3150 priv->ReAssociationRequestRetryCnt = 0; 3151 3152 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3153 MAC_MGMT_MIB_STATION_ID_POS, ass_id & 0x3fff); 3154 atmel_set_mib(priv, Phy_Mib_Type, 3155 PHY_MIB_RATE_SET_POS, ass_resp->rates, rates_len); 3156 if (priv->power_mode == 0) { 3157 priv->listen_interval = 1; 3158 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3159 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 3160 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3161 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 3162 } else { 3163 priv->listen_interval = 2; 3164 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3165 MAC_MGMT_MIB_PS_MODE_POS, PS_MODE); 3166 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3167 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 2); 3168 } 3169 3170 priv->station_is_associated = 1; 3171 priv->station_was_associated = 1; 3172 atmel_enter_state(priv, STATION_STATE_READY); 3173 3174 /* Send association event to userspace */ 3175 wrqu.data.length = 0; 3176 wrqu.data.flags = 0; 3177 memcpy(wrqu.ap_addr.sa_data, priv->CurrentBSSID, ETH_ALEN); 3178 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 3179 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 3180 3181 return; 3182 } 3183 3184 if (subtype == IEEE80211_STYPE_ASSOC_RESP && 3185 status != WLAN_STATUS_ASSOC_DENIED_RATES && 3186 status != WLAN_STATUS_CAPS_UNSUPPORTED && 3187 priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) { 3188 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3189 priv->AssociationRequestRetryCnt++; 3190 send_association_request(priv, 0); 3191 return; 3192 } 3193 3194 if (subtype == IEEE80211_STYPE_REASSOC_RESP && 3195 status != WLAN_STATUS_ASSOC_DENIED_RATES && 3196 status != WLAN_STATUS_CAPS_UNSUPPORTED && 3197 priv->ReAssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) { 3198 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3199 priv->ReAssociationRequestRetryCnt++; 3200 send_association_request(priv, 1); 3201 return; 3202 } 3203 3204 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3205 priv->station_is_associated = 0; 3206 3207 if (priv->connect_to_any_BSS) { 3208 int bss_index; 3209 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3210 3211 if ((bss_index = retrieve_bss(priv)) != -1) 3212 atmel_join_bss(priv, bss_index); 3213 } 3214 } 3215 3216 static void atmel_join_bss(struct atmel_private *priv, int bss_index) 3217 { 3218 struct bss_info *bss = &priv->BSSinfo[bss_index]; 3219 3220 memcpy(priv->CurrentBSSID, bss->BSSID, ETH_ALEN); 3221 memcpy(priv->SSID, bss->SSID, priv->SSID_size = bss->SSIDsize); 3222 3223 /* The WPA stuff cares about the current AP address */ 3224 if (priv->use_wpa) 3225 build_wpa_mib(priv); 3226 3227 /* When switching to AdHoc turn OFF Power Save if needed */ 3228 3229 if (bss->BSStype == IW_MODE_ADHOC && 3230 priv->operating_mode != IW_MODE_ADHOC && 3231 priv->power_mode) { 3232 priv->power_mode = 0; 3233 priv->listen_interval = 1; 3234 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3235 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 3236 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3237 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 3238 } 3239 3240 priv->operating_mode = bss->BSStype; 3241 priv->channel = bss->channel & 0x7f; 3242 priv->beacon_period = bss->beacon_period; 3243 3244 if (priv->preamble != bss->preamble) { 3245 priv->preamble = bss->preamble; 3246 atmel_set_mib8(priv, Local_Mib_Type, 3247 LOCAL_MIB_PREAMBLE_TYPE, bss->preamble); 3248 } 3249 3250 if (!priv->wep_is_on && bss->UsingWEP) { 3251 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3252 priv->station_is_associated = 0; 3253 return; 3254 } 3255 3256 if (priv->wep_is_on && !bss->UsingWEP) { 3257 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3258 priv->station_is_associated = 0; 3259 return; 3260 } 3261 3262 atmel_enter_state(priv, STATION_STATE_JOINNING); 3263 3264 if (priv->operating_mode == IW_MODE_INFRA) 3265 join(priv, BSS_TYPE_INFRASTRUCTURE); 3266 else 3267 join(priv, BSS_TYPE_AD_HOC); 3268 } 3269 3270 static void restart_search(struct atmel_private *priv) 3271 { 3272 int bss_index; 3273 3274 if (!priv->connect_to_any_BSS) { 3275 atmel_scan(priv, 1); 3276 } else { 3277 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3278 3279 if ((bss_index = retrieve_bss(priv)) != -1) 3280 atmel_join_bss(priv, bss_index); 3281 else 3282 atmel_scan(priv, 0); 3283 } 3284 } 3285 3286 static void smooth_rssi(struct atmel_private *priv, u8 rssi) 3287 { 3288 u8 old = priv->wstats.qual.level; 3289 u8 max_rssi = 42; /* 502-rmfd-revd max by experiment, default for now */ 3290 3291 switch (priv->firmware_type) { 3292 case ATMEL_FW_TYPE_502E: 3293 max_rssi = 63; /* 502-rmfd-reve max by experiment */ 3294 break; 3295 default: 3296 break; 3297 } 3298 3299 rssi = rssi * 100 / max_rssi; 3300 if ((rssi + old) % 2) 3301 priv->wstats.qual.level = (rssi + old) / 2 + 1; 3302 else 3303 priv->wstats.qual.level = (rssi + old) / 2; 3304 priv->wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED; 3305 priv->wstats.qual.updated &= ~IW_QUAL_LEVEL_INVALID; 3306 } 3307 3308 static void atmel_smooth_qual(struct atmel_private *priv) 3309 { 3310 unsigned long time_diff = (jiffies - priv->last_qual) / HZ; 3311 while (time_diff--) { 3312 priv->last_qual += HZ; 3313 priv->wstats.qual.qual = priv->wstats.qual.qual / 2; 3314 priv->wstats.qual.qual += 3315 priv->beacons_this_sec * priv->beacon_period * (priv->wstats.qual.level + 100) / 4000; 3316 priv->beacons_this_sec = 0; 3317 } 3318 priv->wstats.qual.updated |= IW_QUAL_QUAL_UPDATED; 3319 priv->wstats.qual.updated &= ~IW_QUAL_QUAL_INVALID; 3320 } 3321 3322 /* deals with incoming management frames. */ 3323 static void atmel_management_frame(struct atmel_private *priv, 3324 struct ieee80211_hdr *header, 3325 u16 frame_len, u8 rssi) 3326 { 3327 u16 subtype; 3328 3329 subtype = le16_to_cpu(header->frame_control) & IEEE80211_FCTL_STYPE; 3330 switch (subtype) { 3331 case IEEE80211_STYPE_BEACON: 3332 case IEEE80211_STYPE_PROBE_RESP: 3333 3334 /* beacon frame has multiple variable-length fields - 3335 never let an engineer loose with a data structure design. */ 3336 { 3337 struct beacon_format { 3338 __le64 timestamp; 3339 __le16 interval; 3340 __le16 capability; 3341 u8 ssid_el_id; 3342 u8 ssid_length; 3343 /* ssid here */ 3344 u8 rates_el_id; 3345 u8 rates_length; 3346 /* rates here */ 3347 u8 ds_el_id; 3348 u8 ds_length; 3349 /* ds here */ 3350 } *beacon = (struct beacon_format *)priv->rx_buf; 3351 3352 u8 channel, rates_length, ssid_length; 3353 u64 timestamp = le64_to_cpu(beacon->timestamp); 3354 u16 beacon_interval = le16_to_cpu(beacon->interval); 3355 u16 capability = le16_to_cpu(beacon->capability); 3356 u8 *beaconp = priv->rx_buf; 3357 ssid_length = beacon->ssid_length; 3358 /* this blows chunks. */ 3359 if (frame_len < 14 || frame_len < ssid_length + 15) 3360 return; 3361 rates_length = beaconp[beacon->ssid_length + 15]; 3362 if (frame_len < ssid_length + rates_length + 18) 3363 return; 3364 if (ssid_length > MAX_SSID_LENGTH) 3365 return; 3366 channel = beaconp[ssid_length + rates_length + 18]; 3367 3368 if (priv->station_state == STATION_STATE_READY) { 3369 smooth_rssi(priv, rssi); 3370 if (is_frame_from_current_bss(priv, header)) { 3371 priv->beacons_this_sec++; 3372 atmel_smooth_qual(priv); 3373 if (priv->last_beacon_timestamp) { 3374 /* Note truncate this to 32 bits - kernel can't divide a long long */ 3375 u32 beacon_delay = timestamp - priv->last_beacon_timestamp; 3376 int beacons = beacon_delay / (beacon_interval * 1000); 3377 if (beacons > 1) 3378 priv->wstats.miss.beacon += beacons - 1; 3379 } 3380 priv->last_beacon_timestamp = timestamp; 3381 handle_beacon_probe(priv, capability, channel); 3382 } 3383 } 3384 3385 if (priv->station_state == STATION_STATE_SCANNING) 3386 store_bss_info(priv, header, capability, 3387 beacon_interval, channel, rssi, 3388 ssid_length, 3389 &beacon->rates_el_id, 3390 subtype == IEEE80211_STYPE_BEACON); 3391 } 3392 break; 3393 3394 case IEEE80211_STYPE_AUTH: 3395 3396 if (priv->station_state == STATION_STATE_AUTHENTICATING) 3397 authenticate(priv, frame_len); 3398 3399 break; 3400 3401 case IEEE80211_STYPE_ASSOC_RESP: 3402 case IEEE80211_STYPE_REASSOC_RESP: 3403 3404 if (priv->station_state == STATION_STATE_ASSOCIATING || 3405 priv->station_state == STATION_STATE_REASSOCIATING) 3406 associate(priv, frame_len, subtype); 3407 3408 break; 3409 3410 case IEEE80211_STYPE_DISASSOC: 3411 if (priv->station_is_associated && 3412 priv->operating_mode == IW_MODE_INFRA && 3413 is_frame_from_current_bss(priv, header)) { 3414 priv->station_was_associated = 0; 3415 priv->station_is_associated = 0; 3416 3417 atmel_enter_state(priv, STATION_STATE_JOINNING); 3418 join(priv, BSS_TYPE_INFRASTRUCTURE); 3419 } 3420 3421 break; 3422 3423 case IEEE80211_STYPE_DEAUTH: 3424 if (priv->operating_mode == IW_MODE_INFRA && 3425 is_frame_from_current_bss(priv, header)) { 3426 priv->station_was_associated = 0; 3427 3428 atmel_enter_state(priv, STATION_STATE_JOINNING); 3429 join(priv, BSS_TYPE_INFRASTRUCTURE); 3430 } 3431 3432 break; 3433 } 3434 } 3435 3436 /* run when timer expires */ 3437 static void atmel_management_timer(u_long a) 3438 { 3439 struct net_device *dev = (struct net_device *) a; 3440 struct atmel_private *priv = netdev_priv(dev); 3441 unsigned long flags; 3442 3443 /* Check if the card has been yanked. */ 3444 if (priv->card && priv->present_callback && 3445 !(*priv->present_callback)(priv->card)) 3446 return; 3447 3448 spin_lock_irqsave(&priv->irqlock, flags); 3449 3450 switch (priv->station_state) { 3451 3452 case STATION_STATE_AUTHENTICATING: 3453 if (priv->AuthenticationRequestRetryCnt >= MAX_AUTHENTICATION_RETRIES) { 3454 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3455 priv->station_is_associated = 0; 3456 priv->AuthenticationRequestRetryCnt = 0; 3457 restart_search(priv); 3458 } else { 3459 int auth = WLAN_AUTH_OPEN; 3460 priv->AuthenticationRequestRetryCnt++; 3461 priv->CurrentAuthentTransactionSeqNum = 0x0001; 3462 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3463 if (priv->wep_is_on && priv->exclude_unencrypted) 3464 auth = WLAN_AUTH_SHARED_KEY; 3465 send_authentication_request(priv, auth, NULL, 0); 3466 } 3467 break; 3468 3469 case STATION_STATE_ASSOCIATING: 3470 if (priv->AssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) { 3471 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3472 priv->station_is_associated = 0; 3473 priv->AssociationRequestRetryCnt = 0; 3474 restart_search(priv); 3475 } else { 3476 priv->AssociationRequestRetryCnt++; 3477 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3478 send_association_request(priv, 0); 3479 } 3480 break; 3481 3482 case STATION_STATE_REASSOCIATING: 3483 if (priv->ReAssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) { 3484 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3485 priv->station_is_associated = 0; 3486 priv->ReAssociationRequestRetryCnt = 0; 3487 restart_search(priv); 3488 } else { 3489 priv->ReAssociationRequestRetryCnt++; 3490 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3491 send_association_request(priv, 1); 3492 } 3493 break; 3494 3495 default: 3496 break; 3497 } 3498 3499 spin_unlock_irqrestore(&priv->irqlock, flags); 3500 } 3501 3502 static void atmel_command_irq(struct atmel_private *priv) 3503 { 3504 u8 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET)); 3505 u8 command = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET)); 3506 int fast_scan; 3507 union iwreq_data wrqu; 3508 3509 if (status == CMD_STATUS_IDLE || 3510 status == CMD_STATUS_IN_PROGRESS) 3511 return; 3512 3513 switch (command) { 3514 case CMD_Start: 3515 if (status == CMD_STATUS_COMPLETE) { 3516 priv->station_was_associated = priv->station_is_associated; 3517 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS, 3518 (u8 *)priv->CurrentBSSID, 6); 3519 atmel_enter_state(priv, STATION_STATE_READY); 3520 } 3521 break; 3522 3523 case CMD_Scan: 3524 fast_scan = priv->fast_scan; 3525 priv->fast_scan = 0; 3526 3527 if (status != CMD_STATUS_COMPLETE) { 3528 atmel_scan(priv, 1); 3529 } else { 3530 int bss_index = retrieve_bss(priv); 3531 int notify_scan_complete = 1; 3532 if (bss_index != -1) { 3533 atmel_join_bss(priv, bss_index); 3534 } else if (priv->operating_mode == IW_MODE_ADHOC && 3535 priv->SSID_size != 0) { 3536 start(priv, BSS_TYPE_AD_HOC); 3537 } else { 3538 priv->fast_scan = !fast_scan; 3539 atmel_scan(priv, 1); 3540 notify_scan_complete = 0; 3541 } 3542 priv->site_survey_state = SITE_SURVEY_COMPLETED; 3543 if (notify_scan_complete) { 3544 wrqu.data.length = 0; 3545 wrqu.data.flags = 0; 3546 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL); 3547 } 3548 } 3549 break; 3550 3551 case CMD_SiteSurvey: 3552 priv->fast_scan = 0; 3553 3554 if (status != CMD_STATUS_COMPLETE) 3555 return; 3556 3557 priv->site_survey_state = SITE_SURVEY_COMPLETED; 3558 if (priv->station_is_associated) { 3559 atmel_enter_state(priv, STATION_STATE_READY); 3560 wrqu.data.length = 0; 3561 wrqu.data.flags = 0; 3562 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL); 3563 } else { 3564 atmel_scan(priv, 1); 3565 } 3566 break; 3567 3568 case CMD_Join: 3569 if (status == CMD_STATUS_COMPLETE) { 3570 if (priv->operating_mode == IW_MODE_ADHOC) { 3571 priv->station_was_associated = priv->station_is_associated; 3572 atmel_enter_state(priv, STATION_STATE_READY); 3573 } else { 3574 int auth = WLAN_AUTH_OPEN; 3575 priv->AuthenticationRequestRetryCnt = 0; 3576 atmel_enter_state(priv, STATION_STATE_AUTHENTICATING); 3577 3578 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3579 priv->CurrentAuthentTransactionSeqNum = 0x0001; 3580 if (priv->wep_is_on && priv->exclude_unencrypted) 3581 auth = WLAN_AUTH_SHARED_KEY; 3582 send_authentication_request(priv, auth, NULL, 0); 3583 } 3584 return; 3585 } 3586 3587 atmel_scan(priv, 1); 3588 } 3589 } 3590 3591 static int atmel_wakeup_firmware(struct atmel_private *priv) 3592 { 3593 struct host_info_struct *iface = &priv->host_info; 3594 u16 mr1, mr3; 3595 int i; 3596 3597 if (priv->card_type == CARD_TYPE_SPI_FLASH) 3598 atmel_set_gcr(priv->dev, GCR_REMAP); 3599 3600 /* wake up on-board processor */ 3601 atmel_clear_gcr(priv->dev, 0x0040); 3602 atmel_write16(priv->dev, BSR, BSS_SRAM); 3603 3604 if (priv->card_type == CARD_TYPE_SPI_FLASH) 3605 mdelay(100); 3606 3607 /* and wait for it */ 3608 for (i = LOOP_RETRY_LIMIT; i; i--) { 3609 mr1 = atmel_read16(priv->dev, MR1); 3610 mr3 = atmel_read16(priv->dev, MR3); 3611 3612 if (mr3 & MAC_BOOT_COMPLETE) 3613 break; 3614 if (mr1 & MAC_BOOT_COMPLETE && 3615 priv->bus_type == BUS_TYPE_PCCARD) 3616 break; 3617 } 3618 3619 if (i == 0) { 3620 printk(KERN_ALERT "%s: MAC failed to boot.\n", priv->dev->name); 3621 return -EIO; 3622 } 3623 3624 if ((priv->host_info_base = atmel_read16(priv->dev, MR2)) == 0xffff) { 3625 printk(KERN_ALERT "%s: card missing.\n", priv->dev->name); 3626 return -ENODEV; 3627 } 3628 3629 /* now check for completion of MAC initialization through 3630 the FunCtrl field of the IFACE, poll MR1 to detect completion of 3631 MAC initialization, check completion status, set interrupt mask, 3632 enables interrupts and calls Tx and Rx initialization functions */ 3633 3634 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), FUNC_CTRL_INIT_COMPLETE); 3635 3636 for (i = LOOP_RETRY_LIMIT; i; i--) { 3637 mr1 = atmel_read16(priv->dev, MR1); 3638 mr3 = atmel_read16(priv->dev, MR3); 3639 3640 if (mr3 & MAC_INIT_COMPLETE) 3641 break; 3642 if (mr1 & MAC_INIT_COMPLETE && 3643 priv->bus_type == BUS_TYPE_PCCARD) 3644 break; 3645 } 3646 3647 if (i == 0) { 3648 printk(KERN_ALERT "%s: MAC failed to initialise.\n", 3649 priv->dev->name); 3650 return -EIO; 3651 } 3652 3653 /* Check for MAC_INIT_OK only on the register that the MAC_INIT_OK was set */ 3654 if ((mr3 & MAC_INIT_COMPLETE) && 3655 !(atmel_read16(priv->dev, MR3) & MAC_INIT_OK)) { 3656 printk(KERN_ALERT "%s: MAC failed MR3 self-test.\n", priv->dev->name); 3657 return -EIO; 3658 } 3659 if ((mr1 & MAC_INIT_COMPLETE) && 3660 !(atmel_read16(priv->dev, MR1) & MAC_INIT_OK)) { 3661 printk(KERN_ALERT "%s: MAC failed MR1 self-test.\n", priv->dev->name); 3662 return -EIO; 3663 } 3664 3665 atmel_copy_to_host(priv->dev, (unsigned char *)iface, 3666 priv->host_info_base, sizeof(*iface)); 3667 3668 iface->tx_buff_pos = le16_to_cpu(iface->tx_buff_pos); 3669 iface->tx_buff_size = le16_to_cpu(iface->tx_buff_size); 3670 iface->tx_desc_pos = le16_to_cpu(iface->tx_desc_pos); 3671 iface->tx_desc_count = le16_to_cpu(iface->tx_desc_count); 3672 iface->rx_buff_pos = le16_to_cpu(iface->rx_buff_pos); 3673 iface->rx_buff_size = le16_to_cpu(iface->rx_buff_size); 3674 iface->rx_desc_pos = le16_to_cpu(iface->rx_desc_pos); 3675 iface->rx_desc_count = le16_to_cpu(iface->rx_desc_count); 3676 iface->build_version = le16_to_cpu(iface->build_version); 3677 iface->command_pos = le16_to_cpu(iface->command_pos); 3678 iface->major_version = le16_to_cpu(iface->major_version); 3679 iface->minor_version = le16_to_cpu(iface->minor_version); 3680 iface->func_ctrl = le16_to_cpu(iface->func_ctrl); 3681 iface->mac_status = le16_to_cpu(iface->mac_status); 3682 3683 return 0; 3684 } 3685 3686 /* determine type of memory and MAC address */ 3687 static int probe_atmel_card(struct net_device *dev) 3688 { 3689 int rc = 0; 3690 struct atmel_private *priv = netdev_priv(dev); 3691 3692 /* reset pccard */ 3693 if (priv->bus_type == BUS_TYPE_PCCARD) 3694 atmel_write16(dev, GCR, 0x0060); 3695 3696 atmel_write16(dev, GCR, 0x0040); 3697 mdelay(500); 3698 3699 if (atmel_read16(dev, MR2) == 0) { 3700 /* No stored firmware so load a small stub which just 3701 tells us the MAC address */ 3702 int i; 3703 priv->card_type = CARD_TYPE_EEPROM; 3704 atmel_write16(dev, BSR, BSS_IRAM); 3705 atmel_copy_to_card(dev, 0, mac_reader, sizeof(mac_reader)); 3706 atmel_set_gcr(dev, GCR_REMAP); 3707 atmel_clear_gcr(priv->dev, 0x0040); 3708 atmel_write16(dev, BSR, BSS_SRAM); 3709 for (i = LOOP_RETRY_LIMIT; i; i--) 3710 if (atmel_read16(dev, MR3) & MAC_BOOT_COMPLETE) 3711 break; 3712 if (i == 0) { 3713 printk(KERN_ALERT "%s: MAC failed to boot MAC address reader.\n", dev->name); 3714 } else { 3715 atmel_copy_to_host(dev, dev->dev_addr, atmel_read16(dev, MR2), 6); 3716 /* got address, now squash it again until the network 3717 interface is opened */ 3718 if (priv->bus_type == BUS_TYPE_PCCARD) 3719 atmel_write16(dev, GCR, 0x0060); 3720 atmel_write16(dev, GCR, 0x0040); 3721 rc = 1; 3722 } 3723 } else if (atmel_read16(dev, MR4) == 0) { 3724 /* Mac address easy in this case. */ 3725 priv->card_type = CARD_TYPE_PARALLEL_FLASH; 3726 atmel_write16(dev, BSR, 1); 3727 atmel_copy_to_host(dev, dev->dev_addr, 0xc000, 6); 3728 atmel_write16(dev, BSR, 0x200); 3729 rc = 1; 3730 } else { 3731 /* Standard firmware in flash, boot it up and ask 3732 for the Mac Address */ 3733 priv->card_type = CARD_TYPE_SPI_FLASH; 3734 if (atmel_wakeup_firmware(priv) == 0) { 3735 atmel_get_mib(priv, Mac_Address_Mib_Type, 0, dev->dev_addr, 6); 3736 3737 /* got address, now squash it again until the network 3738 interface is opened */ 3739 if (priv->bus_type == BUS_TYPE_PCCARD) 3740 atmel_write16(dev, GCR, 0x0060); 3741 atmel_write16(dev, GCR, 0x0040); 3742 rc = 1; 3743 } 3744 } 3745 3746 if (rc) { 3747 if (dev->dev_addr[0] == 0xFF) { 3748 static const u8 default_mac[] = { 3749 0x00, 0x04, 0x25, 0x00, 0x00, 0x00 3750 }; 3751 printk(KERN_ALERT "%s: *** Invalid MAC address. UPGRADE Firmware ****\n", dev->name); 3752 memcpy(dev->dev_addr, default_mac, ETH_ALEN); 3753 } 3754 } 3755 3756 return rc; 3757 } 3758 3759 /* Move the encyption information on the MIB structure. 3760 This routine is for the pre-WPA firmware: later firmware has 3761 a different format MIB and a different routine. */ 3762 static void build_wep_mib(struct atmel_private *priv) 3763 { 3764 struct { /* NB this is matched to the hardware, don't change. */ 3765 u8 wep_is_on; 3766 u8 default_key; /* 0..3 */ 3767 u8 reserved; 3768 u8 exclude_unencrypted; 3769 3770 u32 WEPICV_error_count; 3771 u32 WEP_excluded_count; 3772 3773 u8 wep_keys[MAX_ENCRYPTION_KEYS][13]; 3774 u8 encryption_level; /* 0, 1, 2 */ 3775 u8 reserved2[3]; 3776 } mib; 3777 int i; 3778 3779 mib.wep_is_on = priv->wep_is_on; 3780 if (priv->wep_is_on) { 3781 if (priv->wep_key_len[priv->default_key] > 5) 3782 mib.encryption_level = 2; 3783 else 3784 mib.encryption_level = 1; 3785 } else { 3786 mib.encryption_level = 0; 3787 } 3788 3789 mib.default_key = priv->default_key; 3790 mib.exclude_unencrypted = priv->exclude_unencrypted; 3791 3792 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) 3793 memcpy(mib.wep_keys[i], priv->wep_keys[i], 13); 3794 3795 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib)); 3796 } 3797 3798 static void build_wpa_mib(struct atmel_private *priv) 3799 { 3800 /* This is for the later (WPA enabled) firmware. */ 3801 3802 struct { /* NB this is matched to the hardware, don't change. */ 3803 u8 cipher_default_key_value[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE]; 3804 u8 receiver_address[ETH_ALEN]; 3805 u8 wep_is_on; 3806 u8 default_key; /* 0..3 */ 3807 u8 group_key; 3808 u8 exclude_unencrypted; 3809 u8 encryption_type; 3810 u8 reserved; 3811 3812 u32 WEPICV_error_count; 3813 u32 WEP_excluded_count; 3814 3815 u8 key_RSC[4][8]; 3816 } mib; 3817 3818 int i; 3819 3820 mib.wep_is_on = priv->wep_is_on; 3821 mib.exclude_unencrypted = priv->exclude_unencrypted; 3822 memcpy(mib.receiver_address, priv->CurrentBSSID, ETH_ALEN); 3823 3824 /* zero all the keys before adding in valid ones. */ 3825 memset(mib.cipher_default_key_value, 0, sizeof(mib.cipher_default_key_value)); 3826 3827 if (priv->wep_is_on) { 3828 /* There's a comment in the Atmel code to the effect that this 3829 is only valid when still using WEP, it may need to be set to 3830 something to use WPA */ 3831 memset(mib.key_RSC, 0, sizeof(mib.key_RSC)); 3832 3833 mib.default_key = mib.group_key = 255; 3834 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) { 3835 if (priv->wep_key_len[i] > 0) { 3836 memcpy(mib.cipher_default_key_value[i], priv->wep_keys[i], MAX_ENCRYPTION_KEY_SIZE); 3837 if (i == priv->default_key) { 3838 mib.default_key = i; 3839 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 7; 3840 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->pairwise_cipher_suite; 3841 } else { 3842 mib.group_key = i; 3843 priv->group_cipher_suite = priv->pairwise_cipher_suite; 3844 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 1; 3845 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->group_cipher_suite; 3846 } 3847 } 3848 } 3849 if (mib.default_key == 255) 3850 mib.default_key = mib.group_key != 255 ? mib.group_key : 0; 3851 if (mib.group_key == 255) 3852 mib.group_key = mib.default_key; 3853 3854 } 3855 3856 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib)); 3857 } 3858 3859 static int reset_atmel_card(struct net_device *dev) 3860 { 3861 /* do everything necessary to wake up the hardware, including 3862 waiting for the lightning strike and throwing the knife switch.... 3863 3864 set all the Mib values which matter in the card to match 3865 their settings in the atmel_private structure. Some of these 3866 can be altered on the fly, but many (WEP, infrastucture or ad-hoc) 3867 can only be changed by tearing down the world and coming back through 3868 here. 3869 3870 This routine is also responsible for initialising some 3871 hardware-specific fields in the atmel_private structure, 3872 including a copy of the firmware's hostinfo structure 3873 which is the route into the rest of the firmware datastructures. */ 3874 3875 struct atmel_private *priv = netdev_priv(dev); 3876 u8 configuration; 3877 int old_state = priv->station_state; 3878 int err = 0; 3879 3880 /* data to add to the firmware names, in priority order 3881 this implemenents firmware versioning */ 3882 3883 static char *firmware_modifier[] = { 3884 "-wpa", 3885 "", 3886 NULL 3887 }; 3888 3889 /* reset pccard */ 3890 if (priv->bus_type == BUS_TYPE_PCCARD) 3891 atmel_write16(priv->dev, GCR, 0x0060); 3892 3893 /* stop card , disable interrupts */ 3894 atmel_write16(priv->dev, GCR, 0x0040); 3895 3896 if (priv->card_type == CARD_TYPE_EEPROM) { 3897 /* copy in firmware if needed */ 3898 const struct firmware *fw_entry = NULL; 3899 const unsigned char *fw; 3900 int len = priv->firmware_length; 3901 if (!(fw = priv->firmware)) { 3902 if (priv->firmware_type == ATMEL_FW_TYPE_NONE) { 3903 if (strlen(priv->firmware_id) == 0) { 3904 printk(KERN_INFO 3905 "%s: card type is unknown: assuming at76c502 firmware is OK.\n", 3906 dev->name); 3907 printk(KERN_INFO 3908 "%s: if not, use the firmware= module parameter.\n", 3909 dev->name); 3910 strcpy(priv->firmware_id, "atmel_at76c502.bin"); 3911 } 3912 err = request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev); 3913 if (err != 0) { 3914 printk(KERN_ALERT 3915 "%s: firmware %s is missing, cannot continue.\n", 3916 dev->name, priv->firmware_id); 3917 return err; 3918 } 3919 } else { 3920 int fw_index = 0; 3921 int success = 0; 3922 3923 /* get firmware filename entry based on firmware type ID */ 3924 while (fw_table[fw_index].fw_type != priv->firmware_type 3925 && fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) 3926 fw_index++; 3927 3928 /* construct the actual firmware file name */ 3929 if (fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) { 3930 int i; 3931 for (i = 0; firmware_modifier[i]; i++) { 3932 snprintf(priv->firmware_id, 32, "%s%s.%s", fw_table[fw_index].fw_file, 3933 firmware_modifier[i], fw_table[fw_index].fw_file_ext); 3934 priv->firmware_id[31] = '\0'; 3935 if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) == 0) { 3936 success = 1; 3937 break; 3938 } 3939 } 3940 } 3941 if (!success) { 3942 printk(KERN_ALERT 3943 "%s: firmware %s is missing, cannot start.\n", 3944 dev->name, priv->firmware_id); 3945 priv->firmware_id[0] = '\0'; 3946 return -ENOENT; 3947 } 3948 } 3949 3950 fw = fw_entry->data; 3951 len = fw_entry->size; 3952 } 3953 3954 if (len <= 0x6000) { 3955 atmel_write16(priv->dev, BSR, BSS_IRAM); 3956 atmel_copy_to_card(priv->dev, 0, fw, len); 3957 atmel_set_gcr(priv->dev, GCR_REMAP); 3958 } else { 3959 /* Remap */ 3960 atmel_set_gcr(priv->dev, GCR_REMAP); 3961 atmel_write16(priv->dev, BSR, BSS_IRAM); 3962 atmel_copy_to_card(priv->dev, 0, fw, 0x6000); 3963 atmel_write16(priv->dev, BSR, 0x2ff); 3964 atmel_copy_to_card(priv->dev, 0x8000, &fw[0x6000], len - 0x6000); 3965 } 3966 3967 release_firmware(fw_entry); 3968 } 3969 3970 err = atmel_wakeup_firmware(priv); 3971 if (err != 0) 3972 return err; 3973 3974 /* Check the version and set the correct flag for wpa stuff, 3975 old and new firmware is incompatible. 3976 The pre-wpa 3com firmware reports major version 5, 3977 the wpa 3com firmware is major version 4 and doesn't need 3978 the 3com broken-ness filter. */ 3979 priv->use_wpa = (priv->host_info.major_version == 4); 3980 priv->radio_on_broken = (priv->host_info.major_version == 5); 3981 3982 /* unmask all irq sources */ 3983 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_MASK_OFFSET), 0xff); 3984 3985 /* int Tx system and enable Tx */ 3986 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, 0), 0); 3987 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, 0), 0x80000000L); 3988 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, 0), 0); 3989 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, 0), 0); 3990 3991 priv->tx_desc_free = priv->host_info.tx_desc_count; 3992 priv->tx_desc_head = 0; 3993 priv->tx_desc_tail = 0; 3994 priv->tx_desc_previous = 0; 3995 priv->tx_free_mem = priv->host_info.tx_buff_size; 3996 priv->tx_buff_head = 0; 3997 priv->tx_buff_tail = 0; 3998 3999 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET)); 4000 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), 4001 configuration | FUNC_CTRL_TxENABLE); 4002 4003 /* init Rx system and enable */ 4004 priv->rx_desc_head = 0; 4005 4006 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET)); 4007 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), 4008 configuration | FUNC_CTRL_RxENABLE); 4009 4010 if (!priv->radio_on_broken) { 4011 if (atmel_send_command_wait(priv, CMD_EnableRadio, NULL, 0) == 4012 CMD_STATUS_REJECTED_RADIO_OFF) { 4013 printk(KERN_INFO "%s: cannot turn the radio on.\n", 4014 dev->name); 4015 return -EIO; 4016 } 4017 } 4018 4019 /* set up enough MIB values to run. */ 4020 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_AUTO_TX_RATE_POS, priv->auto_tx_rate); 4021 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_TX_PROMISCUOUS_POS, PROM_MODE_OFF); 4022 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_RTS_THRESHOLD_POS, priv->rts_threshold); 4023 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_FRAG_THRESHOLD_POS, priv->frag_threshold); 4024 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_SHORT_RETRY_POS, priv->short_retry); 4025 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_LONG_RETRY_POS, priv->long_retry); 4026 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, priv->preamble); 4027 atmel_set_mib(priv, Mac_Address_Mib_Type, MAC_ADDR_MIB_MAC_ADDR_POS, 4028 priv->dev->dev_addr, 6); 4029 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 4030 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 4031 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_BEACON_PER_POS, priv->default_beacon_period); 4032 atmel_set_mib(priv, Phy_Mib_Type, PHY_MIB_RATE_SET_POS, atmel_basic_rates, 4); 4033 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_PRIVACY_POS, priv->wep_is_on); 4034 if (priv->use_wpa) 4035 build_wpa_mib(priv); 4036 else 4037 build_wep_mib(priv); 4038 4039 if (old_state == STATION_STATE_READY) { 4040 union iwreq_data wrqu; 4041 4042 wrqu.data.length = 0; 4043 wrqu.data.flags = 0; 4044 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 4045 eth_zero_addr(wrqu.ap_addr.sa_data); 4046 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 4047 } 4048 4049 return 0; 4050 } 4051 4052 static void atmel_send_command(struct atmel_private *priv, int command, 4053 void *cmd, int cmd_size) 4054 { 4055 if (cmd) 4056 atmel_copy_to_card(priv->dev, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET), 4057 cmd, cmd_size); 4058 4059 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET), command); 4060 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET), 0); 4061 } 4062 4063 static int atmel_send_command_wait(struct atmel_private *priv, int command, 4064 void *cmd, int cmd_size) 4065 { 4066 int i, status; 4067 4068 atmel_send_command(priv, command, cmd, cmd_size); 4069 4070 for (i = 5000; i; i--) { 4071 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET)); 4072 if (status != CMD_STATUS_IDLE && 4073 status != CMD_STATUS_IN_PROGRESS) 4074 break; 4075 udelay(20); 4076 } 4077 4078 if (i == 0) { 4079 printk(KERN_ALERT "%s: failed to contact MAC.\n", priv->dev->name); 4080 status = CMD_STATUS_HOST_ERROR; 4081 } else { 4082 if (command != CMD_EnableRadio) 4083 status = CMD_STATUS_COMPLETE; 4084 } 4085 4086 return status; 4087 } 4088 4089 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index) 4090 { 4091 struct get_set_mib m; 4092 m.type = type; 4093 m.size = 1; 4094 m.index = index; 4095 4096 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + 1); 4097 return atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE)); 4098 } 4099 4100 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, u8 data) 4101 { 4102 struct get_set_mib m; 4103 m.type = type; 4104 m.size = 1; 4105 m.index = index; 4106 m.data[0] = data; 4107 4108 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 1); 4109 } 4110 4111 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index, 4112 u16 data) 4113 { 4114 struct get_set_mib m; 4115 m.type = type; 4116 m.size = 2; 4117 m.index = index; 4118 m.data[0] = data; 4119 m.data[1] = data >> 8; 4120 4121 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 2); 4122 } 4123 4124 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index, 4125 u8 *data, int data_len) 4126 { 4127 struct get_set_mib m; 4128 m.type = type; 4129 m.size = data_len; 4130 m.index = index; 4131 4132 if (data_len > MIB_MAX_DATA_BYTES) 4133 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name); 4134 4135 memcpy(m.data, data, data_len); 4136 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + data_len); 4137 } 4138 4139 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index, 4140 u8 *data, int data_len) 4141 { 4142 struct get_set_mib m; 4143 m.type = type; 4144 m.size = data_len; 4145 m.index = index; 4146 4147 if (data_len > MIB_MAX_DATA_BYTES) 4148 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name); 4149 4150 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + data_len); 4151 atmel_copy_to_host(priv->dev, data, 4152 atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE), data_len); 4153 } 4154 4155 static void atmel_writeAR(struct net_device *dev, u16 data) 4156 { 4157 int i; 4158 outw(data, dev->base_addr + AR); 4159 /* Address register appears to need some convincing..... */ 4160 for (i = 0; data != inw(dev->base_addr + AR) && i < 10; i++) 4161 outw(data, dev->base_addr + AR); 4162 } 4163 4164 static void atmel_copy_to_card(struct net_device *dev, u16 dest, 4165 const unsigned char *src, u16 len) 4166 { 4167 int i; 4168 atmel_writeAR(dev, dest); 4169 if (dest % 2) { 4170 atmel_write8(dev, DR, *src); 4171 src++; len--; 4172 } 4173 for (i = len; i > 1 ; i -= 2) { 4174 u8 lb = *src++; 4175 u8 hb = *src++; 4176 atmel_write16(dev, DR, lb | (hb << 8)); 4177 } 4178 if (i) 4179 atmel_write8(dev, DR, *src); 4180 } 4181 4182 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest, 4183 u16 src, u16 len) 4184 { 4185 int i; 4186 atmel_writeAR(dev, src); 4187 if (src % 2) { 4188 *dest = atmel_read8(dev, DR); 4189 dest++; len--; 4190 } 4191 for (i = len; i > 1 ; i -= 2) { 4192 u16 hw = atmel_read16(dev, DR); 4193 *dest++ = hw; 4194 *dest++ = hw >> 8; 4195 } 4196 if (i) 4197 *dest = atmel_read8(dev, DR); 4198 } 4199 4200 static void atmel_set_gcr(struct net_device *dev, u16 mask) 4201 { 4202 outw(inw(dev->base_addr + GCR) | mask, dev->base_addr + GCR); 4203 } 4204 4205 static void atmel_clear_gcr(struct net_device *dev, u16 mask) 4206 { 4207 outw(inw(dev->base_addr + GCR) & ~mask, dev->base_addr + GCR); 4208 } 4209 4210 static int atmel_lock_mac(struct atmel_private *priv) 4211 { 4212 int i, j = 20; 4213 retry: 4214 for (i = 5000; i; i--) { 4215 if (!atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) 4216 break; 4217 udelay(20); 4218 } 4219 4220 if (!i) 4221 return 0; /* timed out */ 4222 4223 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 1); 4224 if (atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) { 4225 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 4226 if (!j--) 4227 return 0; /* timed out */ 4228 goto retry; 4229 } 4230 4231 return 1; 4232 } 4233 4234 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data) 4235 { 4236 atmel_writeAR(priv->dev, pos); 4237 atmel_write16(priv->dev, DR, data); /* card is little-endian */ 4238 atmel_write16(priv->dev, DR, data >> 16); 4239 } 4240 4241 /***************************************************************************/ 4242 /* There follows the source form of the MAC address reading firmware */ 4243 /***************************************************************************/ 4244 #if 0 4245 4246 /* Copyright 2003 Matthew T. Russotto */ 4247 /* But derived from the Atmel 76C502 firmware written by Atmel and */ 4248 /* included in "atmel wireless lan drivers" package */ 4249 /** 4250 This file is part of net.russotto.AtmelMACFW, hereto referred to 4251 as AtmelMACFW 4252 4253 AtmelMACFW is free software; you can redistribute it and/or modify 4254 it under the terms of the GNU General Public License version 2 4255 as published by the Free Software Foundation. 4256 4257 AtmelMACFW is distributed in the hope that it will be useful, 4258 but WITHOUT ANY WARRANTY; without even the implied warranty of 4259 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 4260 GNU General Public License for more details. 4261 4262 You should have received a copy of the GNU General Public License 4263 along with AtmelMACFW; if not, see <http://www.gnu.org/licenses/>. 4264 4265 ****************************************************************************/ 4266 /* This firmware should work on the 76C502 RFMD, RFMD_D, and RFMD_E */ 4267 /* It will probably work on the 76C504 and 76C502 RFMD_3COM */ 4268 /* It only works on SPI EEPROM versions of the card. */ 4269 4270 /* This firmware initializes the SPI controller and clock, reads the MAC */ 4271 /* address from the EEPROM into SRAM, and puts the SRAM offset of the MAC */ 4272 /* address in MR2, and sets MR3 to 0x10 to indicate it is done */ 4273 /* It also puts a complete copy of the EEPROM in SRAM with the offset in */ 4274 /* MR4, for investigational purposes (maybe we can determine chip type */ 4275 /* from that?) */ 4276 4277 .org 0 4278 .set MRBASE, 0x8000000 4279 .set CPSR_INITIAL, 0xD3 /* IRQ/FIQ disabled, ARM mode, Supervisor state */ 4280 .set CPSR_USER, 0xD1 /* IRQ/FIQ disabled, ARM mode, USER state */ 4281 .set SRAM_BASE, 0x02000000 4282 .set SP_BASE, 0x0F300000 4283 .set UNK_BASE, 0x0F000000 /* Some internal device, but which one? */ 4284 .set SPI_CGEN_BASE, 0x0E000000 /* Some internal device, but which one? */ 4285 .set UNK3_BASE, 0x02014000 /* Some internal device, but which one? */ 4286 .set STACK_BASE, 0x5600 4287 .set SP_SR, 0x10 4288 .set SP_TDRE, 2 /* status register bit -- TDR empty */ 4289 .set SP_RDRF, 1 /* status register bit -- RDR full */ 4290 .set SP_SWRST, 0x80 4291 .set SP_SPIEN, 0x1 4292 .set SP_CR, 0 /* control register */ 4293 .set SP_MR, 4 /* mode register */ 4294 .set SP_RDR, 0x08 /* Read Data Register */ 4295 .set SP_TDR, 0x0C /* Transmit Data Register */ 4296 .set SP_CSR0, 0x30 /* chip select registers */ 4297 .set SP_CSR1, 0x34 4298 .set SP_CSR2, 0x38 4299 .set SP_CSR3, 0x3C 4300 .set NVRAM_CMD_RDSR, 5 /* read status register */ 4301 .set NVRAM_CMD_READ, 3 /* read data */ 4302 .set NVRAM_SR_RDY, 1 /* RDY bit. This bit is inverted */ 4303 .set SPI_8CLOCKS, 0xFF /* Writing this to the TDR doesn't do anything to the 4304 serial output, since SO is normally high. But it 4305 does cause 8 clock cycles and thus 8 bits to be 4306 clocked in to the chip. See Atmel's SPI 4307 controller (e.g. AT91M55800) timing and 4K 4308 SPI EEPROM manuals */ 4309 4310 .set NVRAM_SCRATCH, 0x02000100 /* arbitrary area for scratchpad memory */ 4311 .set NVRAM_IMAGE, 0x02000200 4312 .set NVRAM_LENGTH, 0x0200 4313 .set MAC_ADDRESS_MIB, SRAM_BASE 4314 .set MAC_ADDRESS_LENGTH, 6 4315 .set MAC_BOOT_FLAG, 0x10 4316 .set MR1, 0 4317 .set MR2, 4 4318 .set MR3, 8 4319 .set MR4, 0xC 4320 RESET_VECTOR: 4321 b RESET_HANDLER 4322 UNDEF_VECTOR: 4323 b HALT1 4324 SWI_VECTOR: 4325 b HALT1 4326 IABORT_VECTOR: 4327 b HALT1 4328 DABORT_VECTOR: 4329 RESERVED_VECTOR: 4330 b HALT1 4331 IRQ_VECTOR: 4332 b HALT1 4333 FIQ_VECTOR: 4334 b HALT1 4335 HALT1: b HALT1 4336 RESET_HANDLER: 4337 mov r0, #CPSR_INITIAL 4338 msr CPSR_c, r0 /* This is probably unnecessary */ 4339 4340 /* I'm guessing this is initializing clock generator electronics for SPI */ 4341 ldr r0, =SPI_CGEN_BASE 4342 mov r1, #0 4343 mov r1, r1, lsl #3 4344 orr r1, r1, #0 4345 str r1, [r0] 4346 ldr r1, [r0, #28] 4347 bic r1, r1, #16 4348 str r1, [r0, #28] 4349 mov r1, #1 4350 str r1, [r0, #8] 4351 4352 ldr r0, =MRBASE 4353 mov r1, #0 4354 strh r1, [r0, #MR1] 4355 strh r1, [r0, #MR2] 4356 strh r1, [r0, #MR3] 4357 strh r1, [r0, #MR4] 4358 4359 mov sp, #STACK_BASE 4360 bl SP_INIT 4361 mov r0, #10 4362 bl DELAY9 4363 bl GET_MAC_ADDR 4364 bl GET_WHOLE_NVRAM 4365 ldr r0, =MRBASE 4366 ldr r1, =MAC_ADDRESS_MIB 4367 strh r1, [r0, #MR2] 4368 ldr r1, =NVRAM_IMAGE 4369 strh r1, [r0, #MR4] 4370 mov r1, #MAC_BOOT_FLAG 4371 strh r1, [r0, #MR3] 4372 HALT2: b HALT2 4373 .func Get_Whole_NVRAM, GET_WHOLE_NVRAM 4374 GET_WHOLE_NVRAM: 4375 stmdb sp!, {lr} 4376 mov r2, #0 /* 0th bytes of NVRAM */ 4377 mov r3, #NVRAM_LENGTH 4378 mov r1, #0 /* not used in routine */ 4379 ldr r0, =NVRAM_IMAGE 4380 bl NVRAM_XFER 4381 ldmia sp!, {lr} 4382 bx lr 4383 .endfunc 4384 4385 .func Get_MAC_Addr, GET_MAC_ADDR 4386 GET_MAC_ADDR: 4387 stmdb sp!, {lr} 4388 mov r2, #0x120 /* address of MAC Address within NVRAM */ 4389 mov r3, #MAC_ADDRESS_LENGTH 4390 mov r1, #0 /* not used in routine */ 4391 ldr r0, =MAC_ADDRESS_MIB 4392 bl NVRAM_XFER 4393 ldmia sp!, {lr} 4394 bx lr 4395 .endfunc 4396 .ltorg 4397 .func Delay9, DELAY9 4398 DELAY9: 4399 adds r0, r0, r0, LSL #3 /* r0 = r0 * 9 */ 4400 DELAYLOOP: 4401 beq DELAY9_done 4402 subs r0, r0, #1 4403 b DELAYLOOP 4404 DELAY9_done: 4405 bx lr 4406 .endfunc 4407 4408 .func SP_Init, SP_INIT 4409 SP_INIT: 4410 mov r1, #SP_SWRST 4411 ldr r0, =SP_BASE 4412 str r1, [r0, #SP_CR] /* reset the SPI */ 4413 mov r1, #0 4414 str r1, [r0, #SP_CR] /* release SPI from reset state */ 4415 mov r1, #SP_SPIEN 4416 str r1, [r0, #SP_MR] /* set the SPI to MASTER mode*/ 4417 str r1, [r0, #SP_CR] /* enable the SPI */ 4418 4419 /* My guess would be this turns on the SPI clock */ 4420 ldr r3, =SPI_CGEN_BASE 4421 ldr r1, [r3, #28] 4422 orr r1, r1, #0x2000 4423 str r1, [r3, #28] 4424 4425 ldr r1, =0x2000c01 4426 str r1, [r0, #SP_CSR0] 4427 ldr r1, =0x2000201 4428 str r1, [r0, #SP_CSR1] 4429 str r1, [r0, #SP_CSR2] 4430 str r1, [r0, #SP_CSR3] 4431 ldr r1, [r0, #SP_SR] 4432 ldr r0, [r0, #SP_RDR] 4433 bx lr 4434 .endfunc 4435 .func NVRAM_Init, NVRAM_INIT 4436 NVRAM_INIT: 4437 ldr r1, =SP_BASE 4438 ldr r0, [r1, #SP_RDR] 4439 mov r0, #NVRAM_CMD_RDSR 4440 str r0, [r1, #SP_TDR] 4441 SP_loop1: 4442 ldr r0, [r1, #SP_SR] 4443 tst r0, #SP_TDRE 4444 beq SP_loop1 4445 4446 mov r0, #SPI_8CLOCKS 4447 str r0, [r1, #SP_TDR] 4448 SP_loop2: 4449 ldr r0, [r1, #SP_SR] 4450 tst r0, #SP_TDRE 4451 beq SP_loop2 4452 4453 ldr r0, [r1, #SP_RDR] 4454 SP_loop3: 4455 ldr r0, [r1, #SP_SR] 4456 tst r0, #SP_RDRF 4457 beq SP_loop3 4458 4459 ldr r0, [r1, #SP_RDR] 4460 and r0, r0, #255 4461 bx lr 4462 .endfunc 4463 4464 .func NVRAM_Xfer, NVRAM_XFER 4465 /* r0 = dest address */ 4466 /* r1 = not used */ 4467 /* r2 = src address within NVRAM */ 4468 /* r3 = length */ 4469 NVRAM_XFER: 4470 stmdb sp!, {r4, r5, lr} 4471 mov r5, r0 /* save r0 (dest address) */ 4472 mov r4, r3 /* save r3 (length) */ 4473 mov r0, r2, LSR #5 /* SPI memories put A8 in the command field */ 4474 and r0, r0, #8 4475 add r0, r0, #NVRAM_CMD_READ 4476 ldr r1, =NVRAM_SCRATCH 4477 strb r0, [r1, #0] /* save command in NVRAM_SCRATCH[0] */ 4478 strb r2, [r1, #1] /* save low byte of source address in NVRAM_SCRATCH[1] */ 4479 _local1: 4480 bl NVRAM_INIT 4481 tst r0, #NVRAM_SR_RDY 4482 bne _local1 4483 mov r0, #20 4484 bl DELAY9 4485 mov r2, r4 /* length */ 4486 mov r1, r5 /* dest address */ 4487 mov r0, #2 /* bytes to transfer in command */ 4488 bl NVRAM_XFER2 4489 ldmia sp!, {r4, r5, lr} 4490 bx lr 4491 .endfunc 4492 4493 .func NVRAM_Xfer2, NVRAM_XFER2 4494 NVRAM_XFER2: 4495 stmdb sp!, {r4, r5, r6, lr} 4496 ldr r4, =SP_BASE 4497 mov r3, #0 4498 cmp r0, #0 4499 bls _local2 4500 ldr r5, =NVRAM_SCRATCH 4501 _local4: 4502 ldrb r6, [r5, r3] 4503 str r6, [r4, #SP_TDR] 4504 _local3: 4505 ldr r6, [r4, #SP_SR] 4506 tst r6, #SP_TDRE 4507 beq _local3 4508 add r3, r3, #1 4509 cmp r3, r0 /* r0 is # of bytes to send out (command+addr) */ 4510 blo _local4 4511 _local2: 4512 mov r3, #SPI_8CLOCKS 4513 str r3, [r4, #SP_TDR] 4514 ldr r0, [r4, #SP_RDR] 4515 _local5: 4516 ldr r0, [r4, #SP_SR] 4517 tst r0, #SP_RDRF 4518 beq _local5 4519 ldr r0, [r4, #SP_RDR] /* what's this byte? It's the byte read while writing the TDR -- nonsense, because the NVRAM doesn't read and write at the same time */ 4520 mov r0, #0 4521 cmp r2, #0 /* r2 is # of bytes to copy in */ 4522 bls _local6 4523 _local7: 4524 ldr r5, [r4, #SP_SR] 4525 tst r5, #SP_TDRE 4526 beq _local7 4527 str r3, [r4, #SP_TDR] /* r3 has SPI_8CLOCKS */ 4528 _local8: 4529 ldr r5, [r4, #SP_SR] 4530 tst r5, #SP_RDRF 4531 beq _local8 4532 ldr r5, [r4, #SP_RDR] /* but didn't we read this byte above? */ 4533 strb r5, [r1], #1 /* postindexed */ 4534 add r0, r0, #1 4535 cmp r0, r2 4536 blo _local7 /* since we don't send another address, the NVRAM must be capable of sequential reads */ 4537 _local6: 4538 mov r0, #200 4539 bl DELAY9 4540 ldmia sp!, {r4, r5, r6, lr} 4541 bx lr 4542 #endif 4543