1 /*** -*- linux-c -*- ********************************************************** 2 3 Driver for Atmel at76c502 at76c504 and at76c506 wireless cards. 4 5 Copyright 2000-2001 ATMEL Corporation. 6 Copyright 2003-2004 Simon Kelley. 7 8 This code was developed from version 2.1.1 of the Atmel drivers, 9 released by Atmel corp. under the GPL in December 2002. It also 10 includes code from the Linux aironet drivers (C) Benjamin Reed, 11 and the Linux PCMCIA package, (C) David Hinds and the Linux wireless 12 extensions, (C) Jean Tourrilhes. 13 14 The firmware module for reading the MAC address of the card comes from 15 net.russotto.AtmelMACFW, written by Matthew T. Russotto and copyright 16 by him. net.russotto.AtmelMACFW is used under the GPL license version 2. 17 This file contains the module in binary form and, under the terms 18 of the GPL, in source form. The source is located at the end of the file. 19 20 This program is free software; you can redistribute it and/or modify 21 it under the terms of the GNU General Public License as published by 22 the Free Software Foundation; either version 2 of the License, or 23 (at your option) any later version. 24 25 This software is distributed in the hope that it will be useful, 26 but WITHOUT ANY WARRANTY; without even the implied warranty of 27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 28 GNU General Public License for more details. 29 30 You should have received a copy of the GNU General Public License 31 along with Atmel wireless lan drivers; if not, see 32 <http://www.gnu.org/licenses/>. 33 34 For all queries about this code, please contact the current author, 35 Simon Kelley <simon@thekelleys.org.uk> and not Atmel Corporation. 36 37 Credit is due to HP UK and Cambridge Online Systems Ltd for supplying 38 hardware used during development of this driver. 39 40 ******************************************************************************/ 41 42 #include <linux/interrupt.h> 43 44 #include <linux/kernel.h> 45 #include <linux/ptrace.h> 46 #include <linux/slab.h> 47 #include <linux/string.h> 48 #include <linux/timer.h> 49 #include <asm/byteorder.h> 50 #include <asm/io.h> 51 #include <asm/uaccess.h> 52 #include <linux/module.h> 53 #include <linux/netdevice.h> 54 #include <linux/etherdevice.h> 55 #include <linux/skbuff.h> 56 #include <linux/if_arp.h> 57 #include <linux/ioport.h> 58 #include <linux/fcntl.h> 59 #include <linux/delay.h> 60 #include <linux/wireless.h> 61 #include <net/iw_handler.h> 62 #include <linux/crc32.h> 63 #include <linux/proc_fs.h> 64 #include <linux/seq_file.h> 65 #include <linux/device.h> 66 #include <linux/moduleparam.h> 67 #include <linux/firmware.h> 68 #include <linux/jiffies.h> 69 #include <net/cfg80211.h> 70 #include "atmel.h" 71 72 #define DRIVER_MAJOR 0 73 #define DRIVER_MINOR 98 74 75 MODULE_AUTHOR("Simon Kelley"); 76 MODULE_DESCRIPTION("Support for Atmel at76c50x 802.11 wireless ethernet cards."); 77 MODULE_LICENSE("GPL"); 78 MODULE_SUPPORTED_DEVICE("Atmel at76c50x wireless cards"); 79 80 /* The name of the firmware file to be loaded 81 over-rides any automatic selection */ 82 static char *firmware = NULL; 83 module_param(firmware, charp, 0); 84 85 /* table of firmware file names */ 86 static struct { 87 AtmelFWType fw_type; 88 const char *fw_file; 89 const char *fw_file_ext; 90 } fw_table[] = { 91 { ATMEL_FW_TYPE_502, "atmel_at76c502", "bin" }, 92 { ATMEL_FW_TYPE_502D, "atmel_at76c502d", "bin" }, 93 { ATMEL_FW_TYPE_502E, "atmel_at76c502e", "bin" }, 94 { ATMEL_FW_TYPE_502_3COM, "atmel_at76c502_3com", "bin" }, 95 { ATMEL_FW_TYPE_504, "atmel_at76c504", "bin" }, 96 { ATMEL_FW_TYPE_504_2958, "atmel_at76c504_2958", "bin" }, 97 { ATMEL_FW_TYPE_504A_2958, "atmel_at76c504a_2958", "bin" }, 98 { ATMEL_FW_TYPE_506, "atmel_at76c506", "bin" }, 99 { ATMEL_FW_TYPE_NONE, NULL, NULL } 100 }; 101 MODULE_FIRMWARE("atmel_at76c502-wpa.bin"); 102 MODULE_FIRMWARE("atmel_at76c502.bin"); 103 MODULE_FIRMWARE("atmel_at76c502d-wpa.bin"); 104 MODULE_FIRMWARE("atmel_at76c502d.bin"); 105 MODULE_FIRMWARE("atmel_at76c502e-wpa.bin"); 106 MODULE_FIRMWARE("atmel_at76c502e.bin"); 107 MODULE_FIRMWARE("atmel_at76c502_3com-wpa.bin"); 108 MODULE_FIRMWARE("atmel_at76c502_3com.bin"); 109 MODULE_FIRMWARE("atmel_at76c504-wpa.bin"); 110 MODULE_FIRMWARE("atmel_at76c504.bin"); 111 MODULE_FIRMWARE("atmel_at76c504_2958-wpa.bin"); 112 MODULE_FIRMWARE("atmel_at76c504_2958.bin"); 113 MODULE_FIRMWARE("atmel_at76c504a_2958-wpa.bin"); 114 MODULE_FIRMWARE("atmel_at76c504a_2958.bin"); 115 MODULE_FIRMWARE("atmel_at76c506-wpa.bin"); 116 MODULE_FIRMWARE("atmel_at76c506.bin"); 117 118 #define MAX_SSID_LENGTH 32 119 #define MGMT_JIFFIES (256 * HZ / 100) 120 121 #define MAX_BSS_ENTRIES 64 122 123 /* registers */ 124 #define GCR 0x00 /* (SIR0) General Configuration Register */ 125 #define BSR 0x02 /* (SIR1) Bank Switching Select Register */ 126 #define AR 0x04 127 #define DR 0x08 128 #define MR1 0x12 /* Mirror Register 1 */ 129 #define MR2 0x14 /* Mirror Register 2 */ 130 #define MR3 0x16 /* Mirror Register 3 */ 131 #define MR4 0x18 /* Mirror Register 4 */ 132 133 #define GPR1 0x0c 134 #define GPR2 0x0e 135 #define GPR3 0x10 136 /* 137 * Constants for the GCR register. 138 */ 139 #define GCR_REMAP 0x0400 /* Remap internal SRAM to 0 */ 140 #define GCR_SWRES 0x0080 /* BIU reset (ARM and PAI are NOT reset) */ 141 #define GCR_CORES 0x0060 /* Core Reset (ARM and PAI are reset) */ 142 #define GCR_ENINT 0x0002 /* Enable Interrupts */ 143 #define GCR_ACKINT 0x0008 /* Acknowledge Interrupts */ 144 145 #define BSS_SRAM 0x0200 /* AMBA module selection --> SRAM */ 146 #define BSS_IRAM 0x0100 /* AMBA module selection --> IRAM */ 147 /* 148 *Constants for the MR registers. 149 */ 150 #define MAC_INIT_COMPLETE 0x0001 /* MAC init has been completed */ 151 #define MAC_BOOT_COMPLETE 0x0010 /* MAC boot has been completed */ 152 #define MAC_INIT_OK 0x0002 /* MAC boot has been completed */ 153 154 #define MIB_MAX_DATA_BYTES 212 155 #define MIB_HEADER_SIZE 4 /* first four fields */ 156 157 struct get_set_mib { 158 u8 type; 159 u8 size; 160 u8 index; 161 u8 reserved; 162 u8 data[MIB_MAX_DATA_BYTES]; 163 }; 164 165 struct rx_desc { 166 u32 Next; 167 u16 MsduPos; 168 u16 MsduSize; 169 170 u8 State; 171 u8 Status; 172 u8 Rate; 173 u8 Rssi; 174 u8 LinkQuality; 175 u8 PreambleType; 176 u16 Duration; 177 u32 RxTime; 178 }; 179 180 #define RX_DESC_FLAG_VALID 0x80 181 #define RX_DESC_FLAG_CONSUMED 0x40 182 #define RX_DESC_FLAG_IDLE 0x00 183 184 #define RX_STATUS_SUCCESS 0x00 185 186 #define RX_DESC_MSDU_POS_OFFSET 4 187 #define RX_DESC_MSDU_SIZE_OFFSET 6 188 #define RX_DESC_FLAGS_OFFSET 8 189 #define RX_DESC_STATUS_OFFSET 9 190 #define RX_DESC_RSSI_OFFSET 11 191 #define RX_DESC_LINK_QUALITY_OFFSET 12 192 #define RX_DESC_PREAMBLE_TYPE_OFFSET 13 193 #define RX_DESC_DURATION_OFFSET 14 194 #define RX_DESC_RX_TIME_OFFSET 16 195 196 struct tx_desc { 197 u32 NextDescriptor; 198 u16 TxStartOfFrame; 199 u16 TxLength; 200 201 u8 TxState; 202 u8 TxStatus; 203 u8 RetryCount; 204 205 u8 TxRate; 206 207 u8 KeyIndex; 208 u8 ChiperType; 209 u8 ChipreLength; 210 u8 Reserved1; 211 212 u8 Reserved; 213 u8 PacketType; 214 u16 HostTxLength; 215 }; 216 217 #define TX_DESC_NEXT_OFFSET 0 218 #define TX_DESC_POS_OFFSET 4 219 #define TX_DESC_SIZE_OFFSET 6 220 #define TX_DESC_FLAGS_OFFSET 8 221 #define TX_DESC_STATUS_OFFSET 9 222 #define TX_DESC_RETRY_OFFSET 10 223 #define TX_DESC_RATE_OFFSET 11 224 #define TX_DESC_KEY_INDEX_OFFSET 12 225 #define TX_DESC_CIPHER_TYPE_OFFSET 13 226 #define TX_DESC_CIPHER_LENGTH_OFFSET 14 227 #define TX_DESC_PACKET_TYPE_OFFSET 17 228 #define TX_DESC_HOST_LENGTH_OFFSET 18 229 230 /* 231 * Host-MAC interface 232 */ 233 234 #define TX_STATUS_SUCCESS 0x00 235 236 #define TX_FIRM_OWN 0x80 237 #define TX_DONE 0x40 238 239 #define TX_ERROR 0x01 240 241 #define TX_PACKET_TYPE_DATA 0x01 242 #define TX_PACKET_TYPE_MGMT 0x02 243 244 #define ISR_EMPTY 0x00 /* no bits set in ISR */ 245 #define ISR_TxCOMPLETE 0x01 /* packet transmitted */ 246 #define ISR_RxCOMPLETE 0x02 /* packet received */ 247 #define ISR_RxFRAMELOST 0x04 /* Rx Frame lost */ 248 #define ISR_FATAL_ERROR 0x08 /* Fatal error */ 249 #define ISR_COMMAND_COMPLETE 0x10 /* command completed */ 250 #define ISR_OUT_OF_RANGE 0x20 /* command completed */ 251 #define ISR_IBSS_MERGE 0x40 /* (4.1.2.30): IBSS merge */ 252 #define ISR_GENERIC_IRQ 0x80 253 254 #define Local_Mib_Type 0x01 255 #define Mac_Address_Mib_Type 0x02 256 #define Mac_Mib_Type 0x03 257 #define Statistics_Mib_Type 0x04 258 #define Mac_Mgmt_Mib_Type 0x05 259 #define Mac_Wep_Mib_Type 0x06 260 #define Phy_Mib_Type 0x07 261 #define Multi_Domain_MIB 0x08 262 263 #define MAC_MGMT_MIB_CUR_BSSID_POS 14 264 #define MAC_MIB_FRAG_THRESHOLD_POS 8 265 #define MAC_MIB_RTS_THRESHOLD_POS 10 266 #define MAC_MIB_SHORT_RETRY_POS 16 267 #define MAC_MIB_LONG_RETRY_POS 17 268 #define MAC_MIB_SHORT_RETRY_LIMIT_POS 16 269 #define MAC_MGMT_MIB_BEACON_PER_POS 0 270 #define MAC_MGMT_MIB_STATION_ID_POS 6 271 #define MAC_MGMT_MIB_CUR_PRIVACY_POS 11 272 #define MAC_MGMT_MIB_CUR_BSSID_POS 14 273 #define MAC_MGMT_MIB_PS_MODE_POS 53 274 #define MAC_MGMT_MIB_LISTEN_INTERVAL_POS 54 275 #define MAC_MGMT_MIB_MULTI_DOMAIN_IMPLEMENTED 56 276 #define MAC_MGMT_MIB_MULTI_DOMAIN_ENABLED 57 277 #define PHY_MIB_CHANNEL_POS 14 278 #define PHY_MIB_RATE_SET_POS 20 279 #define PHY_MIB_REG_DOMAIN_POS 26 280 #define LOCAL_MIB_AUTO_TX_RATE_POS 3 281 #define LOCAL_MIB_SSID_SIZE 5 282 #define LOCAL_MIB_TX_PROMISCUOUS_POS 6 283 #define LOCAL_MIB_TX_MGMT_RATE_POS 7 284 #define LOCAL_MIB_TX_CONTROL_RATE_POS 8 285 #define LOCAL_MIB_PREAMBLE_TYPE 9 286 #define MAC_ADDR_MIB_MAC_ADDR_POS 0 287 288 #define CMD_Set_MIB_Vars 0x01 289 #define CMD_Get_MIB_Vars 0x02 290 #define CMD_Scan 0x03 291 #define CMD_Join 0x04 292 #define CMD_Start 0x05 293 #define CMD_EnableRadio 0x06 294 #define CMD_DisableRadio 0x07 295 #define CMD_SiteSurvey 0x0B 296 297 #define CMD_STATUS_IDLE 0x00 298 #define CMD_STATUS_COMPLETE 0x01 299 #define CMD_STATUS_UNKNOWN 0x02 300 #define CMD_STATUS_INVALID_PARAMETER 0x03 301 #define CMD_STATUS_FUNCTION_NOT_SUPPORTED 0x04 302 #define CMD_STATUS_TIME_OUT 0x07 303 #define CMD_STATUS_IN_PROGRESS 0x08 304 #define CMD_STATUS_REJECTED_RADIO_OFF 0x09 305 #define CMD_STATUS_HOST_ERROR 0xFF 306 #define CMD_STATUS_BUSY 0xFE 307 308 #define CMD_BLOCK_COMMAND_OFFSET 0 309 #define CMD_BLOCK_STATUS_OFFSET 1 310 #define CMD_BLOCK_PARAMETERS_OFFSET 4 311 312 #define SCAN_OPTIONS_SITE_SURVEY 0x80 313 314 #define MGMT_FRAME_BODY_OFFSET 24 315 #define MAX_AUTHENTICATION_RETRIES 3 316 #define MAX_ASSOCIATION_RETRIES 3 317 318 #define AUTHENTICATION_RESPONSE_TIME_OUT 1000 319 320 #define MAX_WIRELESS_BODY 2316 /* mtu is 2312, CRC is 4 */ 321 #define LOOP_RETRY_LIMIT 500000 322 323 #define ACTIVE_MODE 1 324 #define PS_MODE 2 325 326 #define MAX_ENCRYPTION_KEYS 4 327 #define MAX_ENCRYPTION_KEY_SIZE 40 328 329 /* 330 * 802.11 related definitions 331 */ 332 333 /* 334 * Regulatory Domains 335 */ 336 337 #define REG_DOMAIN_FCC 0x10 /* Channels 1-11 USA */ 338 #define REG_DOMAIN_DOC 0x20 /* Channel 1-11 Canada */ 339 #define REG_DOMAIN_ETSI 0x30 /* Channel 1-13 Europe (ex Spain/France) */ 340 #define REG_DOMAIN_SPAIN 0x31 /* Channel 10-11 Spain */ 341 #define REG_DOMAIN_FRANCE 0x32 /* Channel 10-13 France */ 342 #define REG_DOMAIN_MKK 0x40 /* Channel 14 Japan */ 343 #define REG_DOMAIN_MKK1 0x41 /* Channel 1-14 Japan(MKK1) */ 344 #define REG_DOMAIN_ISRAEL 0x50 /* Channel 3-9 ISRAEL */ 345 346 #define BSS_TYPE_AD_HOC 1 347 #define BSS_TYPE_INFRASTRUCTURE 2 348 349 #define SCAN_TYPE_ACTIVE 0 350 #define SCAN_TYPE_PASSIVE 1 351 352 #define LONG_PREAMBLE 0 353 #define SHORT_PREAMBLE 1 354 #define AUTO_PREAMBLE 2 355 356 #define DATA_FRAME_WS_HEADER_SIZE 30 357 358 /* promiscuous mode control */ 359 #define PROM_MODE_OFF 0x0 360 #define PROM_MODE_UNKNOWN 0x1 361 #define PROM_MODE_CRC_FAILED 0x2 362 #define PROM_MODE_DUPLICATED 0x4 363 #define PROM_MODE_MGMT 0x8 364 #define PROM_MODE_CTRL 0x10 365 #define PROM_MODE_BAD_PROTOCOL 0x20 366 367 #define IFACE_INT_STATUS_OFFSET 0 368 #define IFACE_INT_MASK_OFFSET 1 369 #define IFACE_LOCKOUT_HOST_OFFSET 2 370 #define IFACE_LOCKOUT_MAC_OFFSET 3 371 #define IFACE_FUNC_CTRL_OFFSET 28 372 #define IFACE_MAC_STAT_OFFSET 30 373 #define IFACE_GENERIC_INT_TYPE_OFFSET 32 374 375 #define CIPHER_SUITE_NONE 0 376 #define CIPHER_SUITE_WEP_64 1 377 #define CIPHER_SUITE_TKIP 2 378 #define CIPHER_SUITE_AES 3 379 #define CIPHER_SUITE_CCX 4 380 #define CIPHER_SUITE_WEP_128 5 381 382 /* 383 * IFACE MACROS & definitions 384 */ 385 386 /* 387 * FuncCtrl field: 388 */ 389 #define FUNC_CTRL_TxENABLE 0x10 390 #define FUNC_CTRL_RxENABLE 0x20 391 #define FUNC_CTRL_INIT_COMPLETE 0x01 392 393 /* A stub firmware image which reads the MAC address from NVRAM on the card. 394 For copyright information and source see the end of this file. */ 395 static u8 mac_reader[] = { 396 0x06, 0x00, 0x00, 0xea, 0x04, 0x00, 0x00, 0xea, 0x03, 0x00, 0x00, 0xea, 0x02, 0x00, 0x00, 0xea, 397 0x01, 0x00, 0x00, 0xea, 0x00, 0x00, 0x00, 0xea, 0xff, 0xff, 0xff, 0xea, 0xfe, 0xff, 0xff, 0xea, 398 0xd3, 0x00, 0xa0, 0xe3, 0x00, 0xf0, 0x21, 0xe1, 0x0e, 0x04, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 399 0x81, 0x11, 0xa0, 0xe1, 0x00, 0x10, 0x81, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x1c, 0x10, 0x90, 0xe5, 400 0x10, 0x10, 0xc1, 0xe3, 0x1c, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 0x08, 0x10, 0x80, 0xe5, 401 0x02, 0x03, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 0xb0, 0x10, 0xc0, 0xe1, 0xb4, 0x10, 0xc0, 0xe1, 402 0xb8, 0x10, 0xc0, 0xe1, 0xbc, 0x10, 0xc0, 0xe1, 0x56, 0xdc, 0xa0, 0xe3, 0x21, 0x00, 0x00, 0xeb, 403 0x0a, 0x00, 0xa0, 0xe3, 0x1a, 0x00, 0x00, 0xeb, 0x10, 0x00, 0x00, 0xeb, 0x07, 0x00, 0x00, 0xeb, 404 0x02, 0x03, 0xa0, 0xe3, 0x02, 0x14, 0xa0, 0xe3, 0xb4, 0x10, 0xc0, 0xe1, 0x4c, 0x10, 0x9f, 0xe5, 405 0xbc, 0x10, 0xc0, 0xe1, 0x10, 0x10, 0xa0, 0xe3, 0xb8, 0x10, 0xc0, 0xe1, 0xfe, 0xff, 0xff, 0xea, 406 0x00, 0x40, 0x2d, 0xe9, 0x00, 0x20, 0xa0, 0xe3, 0x02, 0x3c, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 407 0x28, 0x00, 0x9f, 0xe5, 0x37, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 408 0x00, 0x40, 0x2d, 0xe9, 0x12, 0x2e, 0xa0, 0xe3, 0x06, 0x30, 0xa0, 0xe3, 0x00, 0x10, 0xa0, 0xe3, 409 0x02, 0x04, 0xa0, 0xe3, 0x2f, 0x00, 0x00, 0xeb, 0x00, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 410 0x00, 0x02, 0x00, 0x02, 0x80, 0x01, 0x90, 0xe0, 0x01, 0x00, 0x00, 0x0a, 0x01, 0x00, 0x50, 0xe2, 411 0xfc, 0xff, 0xff, 0xea, 0x1e, 0xff, 0x2f, 0xe1, 0x80, 0x10, 0xa0, 0xe3, 0xf3, 0x06, 0xa0, 0xe3, 412 0x00, 0x10, 0x80, 0xe5, 0x00, 0x10, 0xa0, 0xe3, 0x00, 0x10, 0x80, 0xe5, 0x01, 0x10, 0xa0, 0xe3, 413 0x04, 0x10, 0x80, 0xe5, 0x00, 0x10, 0x80, 0xe5, 0x0e, 0x34, 0xa0, 0xe3, 0x1c, 0x10, 0x93, 0xe5, 414 0x02, 0x1a, 0x81, 0xe3, 0x1c, 0x10, 0x83, 0xe5, 0x58, 0x11, 0x9f, 0xe5, 0x30, 0x10, 0x80, 0xe5, 415 0x54, 0x11, 0x9f, 0xe5, 0x34, 0x10, 0x80, 0xe5, 0x38, 0x10, 0x80, 0xe5, 0x3c, 0x10, 0x80, 0xe5, 416 0x10, 0x10, 0x90, 0xe5, 0x08, 0x00, 0x90, 0xe5, 0x1e, 0xff, 0x2f, 0xe1, 0xf3, 0x16, 0xa0, 0xe3, 417 0x08, 0x00, 0x91, 0xe5, 0x05, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 0x10, 0x00, 0x91, 0xe5, 418 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0xff, 0x00, 0xa0, 0xe3, 0x0c, 0x00, 0x81, 0xe5, 419 0x10, 0x00, 0x91, 0xe5, 0x02, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5, 420 0x10, 0x00, 0x91, 0xe5, 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x91, 0xe5, 421 0xff, 0x00, 0x00, 0xe2, 0x1e, 0xff, 0x2f, 0xe1, 0x30, 0x40, 0x2d, 0xe9, 0x00, 0x50, 0xa0, 0xe1, 422 0x03, 0x40, 0xa0, 0xe1, 0xa2, 0x02, 0xa0, 0xe1, 0x08, 0x00, 0x00, 0xe2, 0x03, 0x00, 0x80, 0xe2, 423 0xd8, 0x10, 0x9f, 0xe5, 0x00, 0x00, 0xc1, 0xe5, 0x01, 0x20, 0xc1, 0xe5, 0xe2, 0xff, 0xff, 0xeb, 424 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x1a, 0x14, 0x00, 0xa0, 0xe3, 0xc4, 0xff, 0xff, 0xeb, 425 0x04, 0x20, 0xa0, 0xe1, 0x05, 0x10, 0xa0, 0xe1, 0x02, 0x00, 0xa0, 0xe3, 0x01, 0x00, 0x00, 0xeb, 426 0x30, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x70, 0x40, 0x2d, 0xe9, 0xf3, 0x46, 0xa0, 0xe3, 427 0x00, 0x30, 0xa0, 0xe3, 0x00, 0x00, 0x50, 0xe3, 0x08, 0x00, 0x00, 0x9a, 0x8c, 0x50, 0x9f, 0xe5, 428 0x03, 0x60, 0xd5, 0xe7, 0x0c, 0x60, 0x84, 0xe5, 0x10, 0x60, 0x94, 0xe5, 0x02, 0x00, 0x16, 0xe3, 429 0xfc, 0xff, 0xff, 0x0a, 0x01, 0x30, 0x83, 0xe2, 0x00, 0x00, 0x53, 0xe1, 0xf7, 0xff, 0xff, 0x3a, 430 0xff, 0x30, 0xa0, 0xe3, 0x0c, 0x30, 0x84, 0xe5, 0x08, 0x00, 0x94, 0xe5, 0x10, 0x00, 0x94, 0xe5, 431 0x01, 0x00, 0x10, 0xe3, 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x00, 0x94, 0xe5, 0x00, 0x00, 0xa0, 0xe3, 432 0x00, 0x00, 0x52, 0xe3, 0x0b, 0x00, 0x00, 0x9a, 0x10, 0x50, 0x94, 0xe5, 0x02, 0x00, 0x15, 0xe3, 433 0xfc, 0xff, 0xff, 0x0a, 0x0c, 0x30, 0x84, 0xe5, 0x10, 0x50, 0x94, 0xe5, 0x01, 0x00, 0x15, 0xe3, 434 0xfc, 0xff, 0xff, 0x0a, 0x08, 0x50, 0x94, 0xe5, 0x01, 0x50, 0xc1, 0xe4, 0x01, 0x00, 0x80, 0xe2, 435 0x02, 0x00, 0x50, 0xe1, 0xf3, 0xff, 0xff, 0x3a, 0xc8, 0x00, 0xa0, 0xe3, 0x98, 0xff, 0xff, 0xeb, 436 0x70, 0x40, 0xbd, 0xe8, 0x1e, 0xff, 0x2f, 0xe1, 0x01, 0x0c, 0x00, 0x02, 0x01, 0x02, 0x00, 0x02, 437 0x00, 0x01, 0x00, 0x02 438 }; 439 440 struct atmel_private { 441 void *card; /* Bus dependent structure varies for PCcard */ 442 int (*present_callback)(void *); /* And callback which uses it */ 443 char firmware_id[32]; 444 AtmelFWType firmware_type; 445 u8 *firmware; 446 int firmware_length; 447 struct timer_list management_timer; 448 struct net_device *dev; 449 struct device *sys_dev; 450 struct iw_statistics wstats; 451 spinlock_t irqlock, timerlock; /* spinlocks */ 452 enum { BUS_TYPE_PCCARD, BUS_TYPE_PCI } bus_type; 453 enum { 454 CARD_TYPE_PARALLEL_FLASH, 455 CARD_TYPE_SPI_FLASH, 456 CARD_TYPE_EEPROM 457 } card_type; 458 int do_rx_crc; /* If we need to CRC incoming packets */ 459 int probe_crc; /* set if we don't yet know */ 460 int crc_ok_cnt, crc_ko_cnt; /* counters for probing */ 461 u16 rx_desc_head; 462 u16 tx_desc_free, tx_desc_head, tx_desc_tail, tx_desc_previous; 463 u16 tx_free_mem, tx_buff_head, tx_buff_tail; 464 465 u16 frag_seq, frag_len, frag_no; 466 u8 frag_source[6]; 467 468 u8 wep_is_on, default_key, exclude_unencrypted, encryption_level; 469 u8 group_cipher_suite, pairwise_cipher_suite; 470 u8 wep_keys[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE]; 471 int wep_key_len[MAX_ENCRYPTION_KEYS]; 472 int use_wpa, radio_on_broken; /* firmware dependent stuff. */ 473 474 u16 host_info_base; 475 struct host_info_struct { 476 /* NB this is matched to the hardware, don't change. */ 477 u8 volatile int_status; 478 u8 volatile int_mask; 479 u8 volatile lockout_host; 480 u8 volatile lockout_mac; 481 482 u16 tx_buff_pos; 483 u16 tx_buff_size; 484 u16 tx_desc_pos; 485 u16 tx_desc_count; 486 487 u16 rx_buff_pos; 488 u16 rx_buff_size; 489 u16 rx_desc_pos; 490 u16 rx_desc_count; 491 492 u16 build_version; 493 u16 command_pos; 494 495 u16 major_version; 496 u16 minor_version; 497 498 u16 func_ctrl; 499 u16 mac_status; 500 u16 generic_IRQ_type; 501 u8 reserved[2]; 502 } host_info; 503 504 enum { 505 STATION_STATE_SCANNING, 506 STATION_STATE_JOINNING, 507 STATION_STATE_AUTHENTICATING, 508 STATION_STATE_ASSOCIATING, 509 STATION_STATE_READY, 510 STATION_STATE_REASSOCIATING, 511 STATION_STATE_DOWN, 512 STATION_STATE_MGMT_ERROR 513 } station_state; 514 515 int operating_mode, power_mode; 516 time_t last_qual; 517 int beacons_this_sec; 518 int channel; 519 int reg_domain, config_reg_domain; 520 int tx_rate; 521 int auto_tx_rate; 522 int rts_threshold; 523 int frag_threshold; 524 int long_retry, short_retry; 525 int preamble; 526 int default_beacon_period, beacon_period, listen_interval; 527 int CurrentAuthentTransactionSeqNum, ExpectedAuthentTransactionSeqNum; 528 int AuthenticationRequestRetryCnt, AssociationRequestRetryCnt, ReAssociationRequestRetryCnt; 529 enum { 530 SITE_SURVEY_IDLE, 531 SITE_SURVEY_IN_PROGRESS, 532 SITE_SURVEY_COMPLETED 533 } site_survey_state; 534 unsigned long last_survey; 535 536 int station_was_associated, station_is_associated; 537 int fast_scan; 538 539 struct bss_info { 540 int channel; 541 int SSIDsize; 542 int RSSI; 543 int UsingWEP; 544 int preamble; 545 int beacon_period; 546 int BSStype; 547 u8 BSSID[6]; 548 u8 SSID[MAX_SSID_LENGTH]; 549 } BSSinfo[MAX_BSS_ENTRIES]; 550 int BSS_list_entries, current_BSS; 551 int connect_to_any_BSS; 552 int SSID_size, new_SSID_size; 553 u8 CurrentBSSID[6], BSSID[6]; 554 u8 SSID[MAX_SSID_LENGTH], new_SSID[MAX_SSID_LENGTH]; 555 u64 last_beacon_timestamp; 556 u8 rx_buf[MAX_WIRELESS_BODY]; 557 }; 558 559 static u8 atmel_basic_rates[4] = {0x82, 0x84, 0x0b, 0x16}; 560 561 static const struct { 562 int reg_domain; 563 int min, max; 564 char *name; 565 } channel_table[] = { { REG_DOMAIN_FCC, 1, 11, "USA" }, 566 { REG_DOMAIN_DOC, 1, 11, "Canada" }, 567 { REG_DOMAIN_ETSI, 1, 13, "Europe" }, 568 { REG_DOMAIN_SPAIN, 10, 11, "Spain" }, 569 { REG_DOMAIN_FRANCE, 10, 13, "France" }, 570 { REG_DOMAIN_MKK, 14, 14, "MKK" }, 571 { REG_DOMAIN_MKK1, 1, 14, "MKK1" }, 572 { REG_DOMAIN_ISRAEL, 3, 9, "Israel"} }; 573 574 static void build_wpa_mib(struct atmel_private *priv); 575 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd); 576 static void atmel_copy_to_card(struct net_device *dev, u16 dest, 577 const unsigned char *src, u16 len); 578 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest, 579 u16 src, u16 len); 580 static void atmel_set_gcr(struct net_device *dev, u16 mask); 581 static void atmel_clear_gcr(struct net_device *dev, u16 mask); 582 static int atmel_lock_mac(struct atmel_private *priv); 583 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data); 584 static void atmel_command_irq(struct atmel_private *priv); 585 static int atmel_validate_channel(struct atmel_private *priv, int channel); 586 static void atmel_management_frame(struct atmel_private *priv, 587 struct ieee80211_hdr *header, 588 u16 frame_len, u8 rssi); 589 static void atmel_management_timer(u_long a); 590 static void atmel_send_command(struct atmel_private *priv, int command, 591 void *cmd, int cmd_size); 592 static int atmel_send_command_wait(struct atmel_private *priv, int command, 593 void *cmd, int cmd_size); 594 static void atmel_transmit_management_frame(struct atmel_private *priv, 595 struct ieee80211_hdr *header, 596 u8 *body, int body_len); 597 598 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index); 599 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, 600 u8 data); 601 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index, 602 u16 data); 603 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index, 604 u8 *data, int data_len); 605 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index, 606 u8 *data, int data_len); 607 static void atmel_scan(struct atmel_private *priv, int specific_ssid); 608 static void atmel_join_bss(struct atmel_private *priv, int bss_index); 609 static void atmel_smooth_qual(struct atmel_private *priv); 610 static void atmel_writeAR(struct net_device *dev, u16 data); 611 static int probe_atmel_card(struct net_device *dev); 612 static int reset_atmel_card(struct net_device *dev); 613 static void atmel_enter_state(struct atmel_private *priv, int new_state); 614 int atmel_open (struct net_device *dev); 615 616 static inline u16 atmel_hi(struct atmel_private *priv, u16 offset) 617 { 618 return priv->host_info_base + offset; 619 } 620 621 static inline u16 atmel_co(struct atmel_private *priv, u16 offset) 622 { 623 return priv->host_info.command_pos + offset; 624 } 625 626 static inline u16 atmel_rx(struct atmel_private *priv, u16 offset, u16 desc) 627 { 628 return priv->host_info.rx_desc_pos + (sizeof(struct rx_desc) * desc) + offset; 629 } 630 631 static inline u16 atmel_tx(struct atmel_private *priv, u16 offset, u16 desc) 632 { 633 return priv->host_info.tx_desc_pos + (sizeof(struct tx_desc) * desc) + offset; 634 } 635 636 static inline u8 atmel_read8(struct net_device *dev, u16 offset) 637 { 638 return inb(dev->base_addr + offset); 639 } 640 641 static inline void atmel_write8(struct net_device *dev, u16 offset, u8 data) 642 { 643 outb(data, dev->base_addr + offset); 644 } 645 646 static inline u16 atmel_read16(struct net_device *dev, u16 offset) 647 { 648 return inw(dev->base_addr + offset); 649 } 650 651 static inline void atmel_write16(struct net_device *dev, u16 offset, u16 data) 652 { 653 outw(data, dev->base_addr + offset); 654 } 655 656 static inline u8 atmel_rmem8(struct atmel_private *priv, u16 pos) 657 { 658 atmel_writeAR(priv->dev, pos); 659 return atmel_read8(priv->dev, DR); 660 } 661 662 static inline void atmel_wmem8(struct atmel_private *priv, u16 pos, u16 data) 663 { 664 atmel_writeAR(priv->dev, pos); 665 atmel_write8(priv->dev, DR, data); 666 } 667 668 static inline u16 atmel_rmem16(struct atmel_private *priv, u16 pos) 669 { 670 atmel_writeAR(priv->dev, pos); 671 return atmel_read16(priv->dev, DR); 672 } 673 674 static inline void atmel_wmem16(struct atmel_private *priv, u16 pos, u16 data) 675 { 676 atmel_writeAR(priv->dev, pos); 677 atmel_write16(priv->dev, DR, data); 678 } 679 680 static const struct iw_handler_def atmel_handler_def; 681 682 static void tx_done_irq(struct atmel_private *priv) 683 { 684 int i; 685 686 for (i = 0; 687 atmel_rmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head)) == TX_DONE && 688 i < priv->host_info.tx_desc_count; 689 i++) { 690 u8 status = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_STATUS_OFFSET, priv->tx_desc_head)); 691 u16 msdu_size = atmel_rmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_head)); 692 u8 type = atmel_rmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_head)); 693 694 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_head), 0); 695 696 priv->tx_free_mem += msdu_size; 697 priv->tx_desc_free++; 698 699 if (priv->tx_buff_head + msdu_size > (priv->host_info.tx_buff_pos + priv->host_info.tx_buff_size)) 700 priv->tx_buff_head = 0; 701 else 702 priv->tx_buff_head += msdu_size; 703 704 if (priv->tx_desc_head < (priv->host_info.tx_desc_count - 1)) 705 priv->tx_desc_head++ ; 706 else 707 priv->tx_desc_head = 0; 708 709 if (type == TX_PACKET_TYPE_DATA) { 710 if (status == TX_STATUS_SUCCESS) 711 priv->dev->stats.tx_packets++; 712 else 713 priv->dev->stats.tx_errors++; 714 netif_wake_queue(priv->dev); 715 } 716 } 717 } 718 719 static u16 find_tx_buff(struct atmel_private *priv, u16 len) 720 { 721 u16 bottom_free = priv->host_info.tx_buff_size - priv->tx_buff_tail; 722 723 if (priv->tx_desc_free == 3 || priv->tx_free_mem < len) 724 return 0; 725 726 if (bottom_free >= len) 727 return priv->host_info.tx_buff_pos + priv->tx_buff_tail; 728 729 if (priv->tx_free_mem - bottom_free >= len) { 730 priv->tx_buff_tail = 0; 731 return priv->host_info.tx_buff_pos; 732 } 733 734 return 0; 735 } 736 737 static void tx_update_descriptor(struct atmel_private *priv, int is_bcast, 738 u16 len, u16 buff, u8 type) 739 { 740 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, priv->tx_desc_tail), buff); 741 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, priv->tx_desc_tail), len); 742 if (!priv->use_wpa) 743 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_HOST_LENGTH_OFFSET, priv->tx_desc_tail), len); 744 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_PACKET_TYPE_OFFSET, priv->tx_desc_tail), type); 745 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RATE_OFFSET, priv->tx_desc_tail), priv->tx_rate); 746 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_RETRY_OFFSET, priv->tx_desc_tail), 0); 747 if (priv->use_wpa) { 748 int cipher_type, cipher_length; 749 if (is_bcast) { 750 cipher_type = priv->group_cipher_suite; 751 if (cipher_type == CIPHER_SUITE_WEP_64 || 752 cipher_type == CIPHER_SUITE_WEP_128) 753 cipher_length = 8; 754 else if (cipher_type == CIPHER_SUITE_TKIP) 755 cipher_length = 12; 756 else if (priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_64 || 757 priv->pairwise_cipher_suite == CIPHER_SUITE_WEP_128) { 758 cipher_type = priv->pairwise_cipher_suite; 759 cipher_length = 8; 760 } else { 761 cipher_type = CIPHER_SUITE_NONE; 762 cipher_length = 0; 763 } 764 } else { 765 cipher_type = priv->pairwise_cipher_suite; 766 if (cipher_type == CIPHER_SUITE_WEP_64 || 767 cipher_type == CIPHER_SUITE_WEP_128) 768 cipher_length = 8; 769 else if (cipher_type == CIPHER_SUITE_TKIP) 770 cipher_length = 12; 771 else if (priv->group_cipher_suite == CIPHER_SUITE_WEP_64 || 772 priv->group_cipher_suite == CIPHER_SUITE_WEP_128) { 773 cipher_type = priv->group_cipher_suite; 774 cipher_length = 8; 775 } else { 776 cipher_type = CIPHER_SUITE_NONE; 777 cipher_length = 0; 778 } 779 } 780 781 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_TYPE_OFFSET, priv->tx_desc_tail), 782 cipher_type); 783 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_CIPHER_LENGTH_OFFSET, priv->tx_desc_tail), 784 cipher_length); 785 } 786 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_tail), 0x80000000L); 787 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, priv->tx_desc_tail), TX_FIRM_OWN); 788 if (priv->tx_desc_previous != priv->tx_desc_tail) 789 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, priv->tx_desc_previous), 0); 790 priv->tx_desc_previous = priv->tx_desc_tail; 791 if (priv->tx_desc_tail < (priv->host_info.tx_desc_count - 1)) 792 priv->tx_desc_tail++; 793 else 794 priv->tx_desc_tail = 0; 795 priv->tx_desc_free--; 796 priv->tx_free_mem -= len; 797 } 798 799 static netdev_tx_t start_tx(struct sk_buff *skb, struct net_device *dev) 800 { 801 static const u8 SNAP_RFC1024[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; 802 struct atmel_private *priv = netdev_priv(dev); 803 struct ieee80211_hdr header; 804 unsigned long flags; 805 u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN; 806 807 if (priv->card && priv->present_callback && 808 !(*priv->present_callback)(priv->card)) { 809 dev->stats.tx_errors++; 810 dev_kfree_skb(skb); 811 return NETDEV_TX_OK; 812 } 813 814 if (priv->station_state != STATION_STATE_READY) { 815 dev->stats.tx_errors++; 816 dev_kfree_skb(skb); 817 return NETDEV_TX_OK; 818 } 819 820 /* first ensure the timer func cannot run */ 821 spin_lock_bh(&priv->timerlock); 822 /* then stop the hardware ISR */ 823 spin_lock_irqsave(&priv->irqlock, flags); 824 /* nb doing the above in the opposite order will deadlock */ 825 826 /* The Wireless Header is 30 bytes. In the Ethernet packet we "cut" the 827 12 first bytes (containing DA/SA) and put them in the appropriate 828 fields of the Wireless Header. Thus the packet length is then the 829 initial + 18 (+30-12) */ 830 831 if (!(buff = find_tx_buff(priv, len + 18))) { 832 dev->stats.tx_dropped++; 833 spin_unlock_irqrestore(&priv->irqlock, flags); 834 spin_unlock_bh(&priv->timerlock); 835 netif_stop_queue(dev); 836 return NETDEV_TX_BUSY; 837 } 838 839 frame_ctl = IEEE80211_FTYPE_DATA; 840 header.duration_id = 0; 841 header.seq_ctrl = 0; 842 if (priv->wep_is_on) 843 frame_ctl |= IEEE80211_FCTL_PROTECTED; 844 if (priv->operating_mode == IW_MODE_ADHOC) { 845 skb_copy_from_linear_data(skb, &header.addr1, ETH_ALEN); 846 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN); 847 memcpy(&header.addr3, priv->BSSID, ETH_ALEN); 848 } else { 849 frame_ctl |= IEEE80211_FCTL_TODS; 850 memcpy(&header.addr1, priv->CurrentBSSID, ETH_ALEN); 851 memcpy(&header.addr2, dev->dev_addr, ETH_ALEN); 852 skb_copy_from_linear_data(skb, &header.addr3, ETH_ALEN); 853 } 854 855 if (priv->use_wpa) 856 memcpy(&header.addr4, SNAP_RFC1024, ETH_ALEN); 857 858 header.frame_control = cpu_to_le16(frame_ctl); 859 /* Copy the wireless header into the card */ 860 atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE); 861 /* Copy the packet sans its 802.3 header addresses which have been replaced */ 862 atmel_copy_to_card(dev, buff + DATA_FRAME_WS_HEADER_SIZE, skb->data + 12, len - 12); 863 priv->tx_buff_tail += len - 12 + DATA_FRAME_WS_HEADER_SIZE; 864 865 /* low bit of first byte of destination tells us if broadcast */ 866 tx_update_descriptor(priv, *(skb->data) & 0x01, len + 18, buff, TX_PACKET_TYPE_DATA); 867 dev->stats.tx_bytes += len; 868 869 spin_unlock_irqrestore(&priv->irqlock, flags); 870 spin_unlock_bh(&priv->timerlock); 871 dev_kfree_skb(skb); 872 873 return NETDEV_TX_OK; 874 } 875 876 static void atmel_transmit_management_frame(struct atmel_private *priv, 877 struct ieee80211_hdr *header, 878 u8 *body, int body_len) 879 { 880 u16 buff; 881 int len = MGMT_FRAME_BODY_OFFSET + body_len; 882 883 if (!(buff = find_tx_buff(priv, len))) 884 return; 885 886 atmel_copy_to_card(priv->dev, buff, (u8 *)header, MGMT_FRAME_BODY_OFFSET); 887 atmel_copy_to_card(priv->dev, buff + MGMT_FRAME_BODY_OFFSET, body, body_len); 888 priv->tx_buff_tail += len; 889 tx_update_descriptor(priv, header->addr1[0] & 0x01, len, buff, TX_PACKET_TYPE_MGMT); 890 } 891 892 static void fast_rx_path(struct atmel_private *priv, 893 struct ieee80211_hdr *header, 894 u16 msdu_size, u16 rx_packet_loc, u32 crc) 895 { 896 /* fast path: unfragmented packet copy directly into skbuf */ 897 u8 mac4[6]; 898 struct sk_buff *skb; 899 unsigned char *skbp; 900 901 /* get the final, mac 4 header field, this tells us encapsulation */ 902 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc + 24, 6); 903 msdu_size -= 6; 904 905 if (priv->do_rx_crc) { 906 crc = crc32_le(crc, mac4, 6); 907 msdu_size -= 4; 908 } 909 910 if (!(skb = dev_alloc_skb(msdu_size + 14))) { 911 priv->dev->stats.rx_dropped++; 912 return; 913 } 914 915 skb_reserve(skb, 2); 916 skbp = skb_put(skb, msdu_size + 12); 917 atmel_copy_to_host(priv->dev, skbp + 12, rx_packet_loc + 30, msdu_size); 918 919 if (priv->do_rx_crc) { 920 u32 netcrc; 921 crc = crc32_le(crc, skbp + 12, msdu_size); 922 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + 30 + msdu_size, 4); 923 if ((crc ^ 0xffffffff) != netcrc) { 924 priv->dev->stats.rx_crc_errors++; 925 dev_kfree_skb(skb); 926 return; 927 } 928 } 929 930 memcpy(skbp, header->addr1, ETH_ALEN); /* destination address */ 931 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 932 memcpy(&skbp[ETH_ALEN], header->addr3, ETH_ALEN); 933 else 934 memcpy(&skbp[ETH_ALEN], header->addr2, ETH_ALEN); /* source address */ 935 936 skb->protocol = eth_type_trans(skb, priv->dev); 937 skb->ip_summed = CHECKSUM_NONE; 938 netif_rx(skb); 939 priv->dev->stats.rx_bytes += 12 + msdu_size; 940 priv->dev->stats.rx_packets++; 941 } 942 943 /* Test to see if the packet in card memory at packet_loc has a valid CRC 944 It doesn't matter that this is slow: it is only used to proble the first few 945 packets. */ 946 static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size) 947 { 948 int i = msdu_size - 4; 949 u32 netcrc, crc = 0xffffffff; 950 951 if (msdu_size < 4) 952 return 0; 953 954 atmel_copy_to_host(priv->dev, (void *)&netcrc, packet_loc + i, 4); 955 956 atmel_writeAR(priv->dev, packet_loc); 957 while (i--) { 958 u8 octet = atmel_read8(priv->dev, DR); 959 crc = crc32_le(crc, &octet, 1); 960 } 961 962 return (crc ^ 0xffffffff) == netcrc; 963 } 964 965 static void frag_rx_path(struct atmel_private *priv, 966 struct ieee80211_hdr *header, 967 u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no, 968 u8 frag_no, int more_frags) 969 { 970 u8 mac4[ETH_ALEN]; 971 u8 source[ETH_ALEN]; 972 struct sk_buff *skb; 973 974 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 975 memcpy(source, header->addr3, ETH_ALEN); 976 else 977 memcpy(source, header->addr2, ETH_ALEN); 978 979 rx_packet_loc += 24; /* skip header */ 980 981 if (priv->do_rx_crc) 982 msdu_size -= 4; 983 984 if (frag_no == 0) { /* first fragment */ 985 atmel_copy_to_host(priv->dev, mac4, rx_packet_loc, ETH_ALEN); 986 msdu_size -= ETH_ALEN; 987 rx_packet_loc += ETH_ALEN; 988 989 if (priv->do_rx_crc) 990 crc = crc32_le(crc, mac4, 6); 991 992 priv->frag_seq = seq_no; 993 priv->frag_no = 1; 994 priv->frag_len = msdu_size; 995 memcpy(priv->frag_source, source, ETH_ALEN); 996 memcpy(&priv->rx_buf[ETH_ALEN], source, ETH_ALEN); 997 memcpy(priv->rx_buf, header->addr1, ETH_ALEN); 998 999 atmel_copy_to_host(priv->dev, &priv->rx_buf[12], rx_packet_loc, msdu_size); 1000 1001 if (priv->do_rx_crc) { 1002 u32 netcrc; 1003 crc = crc32_le(crc, &priv->rx_buf[12], msdu_size); 1004 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4); 1005 if ((crc ^ 0xffffffff) != netcrc) { 1006 priv->dev->stats.rx_crc_errors++; 1007 eth_broadcast_addr(priv->frag_source); 1008 } 1009 } 1010 1011 } else if (priv->frag_no == frag_no && 1012 priv->frag_seq == seq_no && 1013 memcmp(priv->frag_source, source, ETH_ALEN) == 0) { 1014 1015 atmel_copy_to_host(priv->dev, &priv->rx_buf[12 + priv->frag_len], 1016 rx_packet_loc, msdu_size); 1017 if (priv->do_rx_crc) { 1018 u32 netcrc; 1019 crc = crc32_le(crc, 1020 &priv->rx_buf[12 + priv->frag_len], 1021 msdu_size); 1022 atmel_copy_to_host(priv->dev, (void *)&netcrc, rx_packet_loc + msdu_size, 4); 1023 if ((crc ^ 0xffffffff) != netcrc) { 1024 priv->dev->stats.rx_crc_errors++; 1025 eth_broadcast_addr(priv->frag_source); 1026 more_frags = 1; /* don't send broken assembly */ 1027 } 1028 } 1029 1030 priv->frag_len += msdu_size; 1031 priv->frag_no++; 1032 1033 if (!more_frags) { /* last one */ 1034 eth_broadcast_addr(priv->frag_source); 1035 if (!(skb = dev_alloc_skb(priv->frag_len + 14))) { 1036 priv->dev->stats.rx_dropped++; 1037 } else { 1038 skb_reserve(skb, 2); 1039 memcpy(skb_put(skb, priv->frag_len + 12), 1040 priv->rx_buf, 1041 priv->frag_len + 12); 1042 skb->protocol = eth_type_trans(skb, priv->dev); 1043 skb->ip_summed = CHECKSUM_NONE; 1044 netif_rx(skb); 1045 priv->dev->stats.rx_bytes += priv->frag_len + 12; 1046 priv->dev->stats.rx_packets++; 1047 } 1048 } 1049 } else 1050 priv->wstats.discard.fragment++; 1051 } 1052 1053 static void rx_done_irq(struct atmel_private *priv) 1054 { 1055 int i; 1056 struct ieee80211_hdr header; 1057 1058 for (i = 0; 1059 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID && 1060 i < priv->host_info.rx_desc_count; 1061 i++) { 1062 1063 u16 msdu_size, rx_packet_loc, frame_ctl, seq_control; 1064 u8 status = atmel_rmem8(priv, atmel_rx(priv, RX_DESC_STATUS_OFFSET, priv->rx_desc_head)); 1065 u32 crc = 0xffffffff; 1066 1067 if (status != RX_STATUS_SUCCESS) { 1068 if (status == 0xc1) /* determined by experiment */ 1069 priv->wstats.discard.nwid++; 1070 else 1071 priv->dev->stats.rx_errors++; 1072 goto next; 1073 } 1074 1075 msdu_size = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_SIZE_OFFSET, priv->rx_desc_head)); 1076 rx_packet_loc = atmel_rmem16(priv, atmel_rx(priv, RX_DESC_MSDU_POS_OFFSET, priv->rx_desc_head)); 1077 1078 if (msdu_size < 30) { 1079 priv->dev->stats.rx_errors++; 1080 goto next; 1081 } 1082 1083 /* Get header as far as end of seq_ctrl */ 1084 atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24); 1085 frame_ctl = le16_to_cpu(header.frame_control); 1086 seq_control = le16_to_cpu(header.seq_ctrl); 1087 1088 /* probe for CRC use here if needed once five packets have 1089 arrived with the same crc status, we assume we know what's 1090 happening and stop probing */ 1091 if (priv->probe_crc) { 1092 if (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED)) { 1093 priv->do_rx_crc = probe_crc(priv, rx_packet_loc, msdu_size); 1094 } else { 1095 priv->do_rx_crc = probe_crc(priv, rx_packet_loc + 24, msdu_size - 24); 1096 } 1097 if (priv->do_rx_crc) { 1098 if (priv->crc_ok_cnt++ > 5) 1099 priv->probe_crc = 0; 1100 } else { 1101 if (priv->crc_ko_cnt++ > 5) 1102 priv->probe_crc = 0; 1103 } 1104 } 1105 1106 /* don't CRC header when WEP in use */ 1107 if (priv->do_rx_crc && (!priv->wep_is_on || !(frame_ctl & IEEE80211_FCTL_PROTECTED))) { 1108 crc = crc32_le(0xffffffff, (unsigned char *)&header, 24); 1109 } 1110 msdu_size -= 24; /* header */ 1111 1112 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) { 1113 int more_fragments = frame_ctl & IEEE80211_FCTL_MOREFRAGS; 1114 u8 packet_fragment_no = seq_control & IEEE80211_SCTL_FRAG; 1115 u16 packet_sequence_no = (seq_control & IEEE80211_SCTL_SEQ) >> 4; 1116 1117 if (!more_fragments && packet_fragment_no == 0) { 1118 fast_rx_path(priv, &header, msdu_size, rx_packet_loc, crc); 1119 } else { 1120 frag_rx_path(priv, &header, msdu_size, rx_packet_loc, crc, 1121 packet_sequence_no, packet_fragment_no, more_fragments); 1122 } 1123 } 1124 1125 if ((frame_ctl & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) { 1126 /* copy rest of packet into buffer */ 1127 atmel_copy_to_host(priv->dev, (unsigned char *)&priv->rx_buf, rx_packet_loc + 24, msdu_size); 1128 1129 /* we use the same buffer for frag reassembly and control packets */ 1130 eth_broadcast_addr(priv->frag_source); 1131 1132 if (priv->do_rx_crc) { 1133 /* last 4 octets is crc */ 1134 msdu_size -= 4; 1135 crc = crc32_le(crc, (unsigned char *)&priv->rx_buf, msdu_size); 1136 if ((crc ^ 0xffffffff) != (*((u32 *)&priv->rx_buf[msdu_size]))) { 1137 priv->dev->stats.rx_crc_errors++; 1138 goto next; 1139 } 1140 } 1141 1142 atmel_management_frame(priv, &header, msdu_size, 1143 atmel_rmem8(priv, atmel_rx(priv, RX_DESC_RSSI_OFFSET, priv->rx_desc_head))); 1144 } 1145 1146 next: 1147 /* release descriptor */ 1148 atmel_wmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head), RX_DESC_FLAG_CONSUMED); 1149 1150 if (priv->rx_desc_head < (priv->host_info.rx_desc_count - 1)) 1151 priv->rx_desc_head++; 1152 else 1153 priv->rx_desc_head = 0; 1154 } 1155 } 1156 1157 static irqreturn_t service_interrupt(int irq, void *dev_id) 1158 { 1159 struct net_device *dev = (struct net_device *) dev_id; 1160 struct atmel_private *priv = netdev_priv(dev); 1161 u8 isr; 1162 int i = -1; 1163 static const u8 irq_order[] = { 1164 ISR_OUT_OF_RANGE, 1165 ISR_RxCOMPLETE, 1166 ISR_TxCOMPLETE, 1167 ISR_RxFRAMELOST, 1168 ISR_FATAL_ERROR, 1169 ISR_COMMAND_COMPLETE, 1170 ISR_IBSS_MERGE, 1171 ISR_GENERIC_IRQ 1172 }; 1173 1174 if (priv->card && priv->present_callback && 1175 !(*priv->present_callback)(priv->card)) 1176 return IRQ_HANDLED; 1177 1178 /* In this state upper-level code assumes it can mess with 1179 the card unhampered by interrupts which may change register state. 1180 Note that even though the card shouldn't generate interrupts 1181 the inturrupt line may be shared. This allows card setup 1182 to go on without disabling interrupts for a long time. */ 1183 if (priv->station_state == STATION_STATE_DOWN) 1184 return IRQ_NONE; 1185 1186 atmel_clear_gcr(dev, GCR_ENINT); /* disable interrupts */ 1187 1188 while (1) { 1189 if (!atmel_lock_mac(priv)) { 1190 /* failed to contact card */ 1191 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name); 1192 return IRQ_HANDLED; 1193 } 1194 1195 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET)); 1196 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 1197 1198 if (!isr) { 1199 atmel_set_gcr(dev, GCR_ENINT); /* enable interrupts */ 1200 return i == -1 ? IRQ_NONE : IRQ_HANDLED; 1201 } 1202 1203 atmel_set_gcr(dev, GCR_ACKINT); /* acknowledge interrupt */ 1204 1205 for (i = 0; i < ARRAY_SIZE(irq_order); i++) 1206 if (isr & irq_order[i]) 1207 break; 1208 1209 if (!atmel_lock_mac(priv)) { 1210 /* failed to contact card */ 1211 printk(KERN_ALERT "%s: failed to contact MAC.\n", dev->name); 1212 return IRQ_HANDLED; 1213 } 1214 1215 isr = atmel_rmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET)); 1216 isr ^= irq_order[i]; 1217 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_STATUS_OFFSET), isr); 1218 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 1219 1220 switch (irq_order[i]) { 1221 1222 case ISR_OUT_OF_RANGE: 1223 if (priv->operating_mode == IW_MODE_INFRA && 1224 priv->station_state == STATION_STATE_READY) { 1225 priv->station_is_associated = 0; 1226 atmel_scan(priv, 1); 1227 } 1228 break; 1229 1230 case ISR_RxFRAMELOST: 1231 priv->wstats.discard.misc++; 1232 /* fall through */ 1233 case ISR_RxCOMPLETE: 1234 rx_done_irq(priv); 1235 break; 1236 1237 case ISR_TxCOMPLETE: 1238 tx_done_irq(priv); 1239 break; 1240 1241 case ISR_FATAL_ERROR: 1242 printk(KERN_ALERT "%s: *** FATAL error interrupt ***\n", dev->name); 1243 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 1244 break; 1245 1246 case ISR_COMMAND_COMPLETE: 1247 atmel_command_irq(priv); 1248 break; 1249 1250 case ISR_IBSS_MERGE: 1251 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS, 1252 priv->CurrentBSSID, 6); 1253 /* The WPA stuff cares about the current AP address */ 1254 if (priv->use_wpa) 1255 build_wpa_mib(priv); 1256 break; 1257 case ISR_GENERIC_IRQ: 1258 printk(KERN_INFO "%s: Generic_irq received.\n", dev->name); 1259 break; 1260 } 1261 } 1262 } 1263 1264 static struct iw_statistics *atmel_get_wireless_stats(struct net_device *dev) 1265 { 1266 struct atmel_private *priv = netdev_priv(dev); 1267 1268 /* update the link quality here in case we are seeing no beacons 1269 at all to drive the process */ 1270 atmel_smooth_qual(priv); 1271 1272 priv->wstats.status = priv->station_state; 1273 1274 if (priv->operating_mode == IW_MODE_INFRA) { 1275 if (priv->station_state != STATION_STATE_READY) { 1276 priv->wstats.qual.qual = 0; 1277 priv->wstats.qual.level = 0; 1278 priv->wstats.qual.updated = (IW_QUAL_QUAL_INVALID 1279 | IW_QUAL_LEVEL_INVALID); 1280 } 1281 priv->wstats.qual.noise = 0; 1282 priv->wstats.qual.updated |= IW_QUAL_NOISE_INVALID; 1283 } else { 1284 /* Quality levels cannot be determined in ad-hoc mode, 1285 because we can 'hear' more that one remote station. */ 1286 priv->wstats.qual.qual = 0; 1287 priv->wstats.qual.level = 0; 1288 priv->wstats.qual.noise = 0; 1289 priv->wstats.qual.updated = IW_QUAL_QUAL_INVALID 1290 | IW_QUAL_LEVEL_INVALID 1291 | IW_QUAL_NOISE_INVALID; 1292 priv->wstats.miss.beacon = 0; 1293 } 1294 1295 return &priv->wstats; 1296 } 1297 1298 static int atmel_change_mtu(struct net_device *dev, int new_mtu) 1299 { 1300 if ((new_mtu < 68) || (new_mtu > 2312)) 1301 return -EINVAL; 1302 dev->mtu = new_mtu; 1303 return 0; 1304 } 1305 1306 static int atmel_set_mac_address(struct net_device *dev, void *p) 1307 { 1308 struct sockaddr *addr = p; 1309 1310 memcpy (dev->dev_addr, addr->sa_data, dev->addr_len); 1311 return atmel_open(dev); 1312 } 1313 1314 EXPORT_SYMBOL(atmel_open); 1315 1316 int atmel_open(struct net_device *dev) 1317 { 1318 struct atmel_private *priv = netdev_priv(dev); 1319 int i, channel, err; 1320 1321 /* any scheduled timer is no longer needed and might screw things up.. */ 1322 del_timer_sync(&priv->management_timer); 1323 1324 /* Interrupts will not touch the card once in this state... */ 1325 priv->station_state = STATION_STATE_DOWN; 1326 1327 if (priv->new_SSID_size) { 1328 memcpy(priv->SSID, priv->new_SSID, priv->new_SSID_size); 1329 priv->SSID_size = priv->new_SSID_size; 1330 priv->new_SSID_size = 0; 1331 } 1332 priv->BSS_list_entries = 0; 1333 1334 priv->AuthenticationRequestRetryCnt = 0; 1335 priv->AssociationRequestRetryCnt = 0; 1336 priv->ReAssociationRequestRetryCnt = 0; 1337 priv->CurrentAuthentTransactionSeqNum = 0x0001; 1338 priv->ExpectedAuthentTransactionSeqNum = 0x0002; 1339 1340 priv->site_survey_state = SITE_SURVEY_IDLE; 1341 priv->station_is_associated = 0; 1342 1343 err = reset_atmel_card(dev); 1344 if (err) 1345 return err; 1346 1347 if (priv->config_reg_domain) { 1348 priv->reg_domain = priv->config_reg_domain; 1349 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS, priv->reg_domain); 1350 } else { 1351 priv->reg_domain = atmel_get_mib8(priv, Phy_Mib_Type, PHY_MIB_REG_DOMAIN_POS); 1352 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1353 if (priv->reg_domain == channel_table[i].reg_domain) 1354 break; 1355 if (i == ARRAY_SIZE(channel_table)) { 1356 priv->reg_domain = REG_DOMAIN_MKK1; 1357 printk(KERN_ALERT "%s: failed to get regulatory domain: assuming MKK1.\n", dev->name); 1358 } 1359 } 1360 1361 if ((channel = atmel_validate_channel(priv, priv->channel))) 1362 priv->channel = channel; 1363 1364 /* this moves station_state on.... */ 1365 atmel_scan(priv, 1); 1366 1367 atmel_set_gcr(priv->dev, GCR_ENINT); /* enable interrupts */ 1368 return 0; 1369 } 1370 1371 static int atmel_close(struct net_device *dev) 1372 { 1373 struct atmel_private *priv = netdev_priv(dev); 1374 1375 /* Send event to userspace that we are disassociating */ 1376 if (priv->station_state == STATION_STATE_READY) { 1377 union iwreq_data wrqu; 1378 1379 wrqu.data.length = 0; 1380 wrqu.data.flags = 0; 1381 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 1382 eth_zero_addr(wrqu.ap_addr.sa_data); 1383 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 1384 } 1385 1386 atmel_enter_state(priv, STATION_STATE_DOWN); 1387 1388 if (priv->bus_type == BUS_TYPE_PCCARD) 1389 atmel_write16(dev, GCR, 0x0060); 1390 atmel_write16(dev, GCR, 0x0040); 1391 return 0; 1392 } 1393 1394 static int atmel_validate_channel(struct atmel_private *priv, int channel) 1395 { 1396 /* check that channel is OK, if so return zero, 1397 else return suitable default channel */ 1398 int i; 1399 1400 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1401 if (priv->reg_domain == channel_table[i].reg_domain) { 1402 if (channel >= channel_table[i].min && 1403 channel <= channel_table[i].max) 1404 return 0; 1405 else 1406 return channel_table[i].min; 1407 } 1408 return 0; 1409 } 1410 1411 static int atmel_proc_show(struct seq_file *m, void *v) 1412 { 1413 struct atmel_private *priv = m->private; 1414 int i; 1415 char *s, *r, *c; 1416 1417 seq_printf(m, "Driver version:\t\t%d.%d\n", DRIVER_MAJOR, DRIVER_MINOR); 1418 1419 if (priv->station_state != STATION_STATE_DOWN) { 1420 seq_printf(m, 1421 "Firmware version:\t%d.%d build %d\n" 1422 "Firmware location:\t", 1423 priv->host_info.major_version, 1424 priv->host_info.minor_version, 1425 priv->host_info.build_version); 1426 1427 if (priv->card_type != CARD_TYPE_EEPROM) 1428 seq_puts(m, "on card\n"); 1429 else if (priv->firmware) 1430 seq_printf(m, "%s loaded by host\n", priv->firmware_id); 1431 else 1432 seq_printf(m, "%s loaded by hotplug\n", priv->firmware_id); 1433 1434 switch (priv->card_type) { 1435 case CARD_TYPE_PARALLEL_FLASH: 1436 c = "Parallel flash"; 1437 break; 1438 case CARD_TYPE_SPI_FLASH: 1439 c = "SPI flash\n"; 1440 break; 1441 case CARD_TYPE_EEPROM: 1442 c = "EEPROM"; 1443 break; 1444 default: 1445 c = "<unknown>"; 1446 } 1447 1448 r = "<unknown>"; 1449 for (i = 0; i < ARRAY_SIZE(channel_table); i++) 1450 if (priv->reg_domain == channel_table[i].reg_domain) 1451 r = channel_table[i].name; 1452 1453 seq_printf(m, "MAC memory type:\t%s\n", c); 1454 seq_printf(m, "Regulatory domain:\t%s\n", r); 1455 seq_printf(m, "Host CRC checking:\t%s\n", 1456 priv->do_rx_crc ? "On" : "Off"); 1457 seq_printf(m, "WPA-capable firmware:\t%s\n", 1458 priv->use_wpa ? "Yes" : "No"); 1459 } 1460 1461 switch (priv->station_state) { 1462 case STATION_STATE_SCANNING: 1463 s = "Scanning"; 1464 break; 1465 case STATION_STATE_JOINNING: 1466 s = "Joining"; 1467 break; 1468 case STATION_STATE_AUTHENTICATING: 1469 s = "Authenticating"; 1470 break; 1471 case STATION_STATE_ASSOCIATING: 1472 s = "Associating"; 1473 break; 1474 case STATION_STATE_READY: 1475 s = "Ready"; 1476 break; 1477 case STATION_STATE_REASSOCIATING: 1478 s = "Reassociating"; 1479 break; 1480 case STATION_STATE_MGMT_ERROR: 1481 s = "Management error"; 1482 break; 1483 case STATION_STATE_DOWN: 1484 s = "Down"; 1485 break; 1486 default: 1487 s = "<unknown>"; 1488 } 1489 1490 seq_printf(m, "Current state:\t\t%s\n", s); 1491 return 0; 1492 } 1493 1494 static int atmel_proc_open(struct inode *inode, struct file *file) 1495 { 1496 return single_open(file, atmel_proc_show, PDE_DATA(inode)); 1497 } 1498 1499 static const struct file_operations atmel_proc_fops = { 1500 .open = atmel_proc_open, 1501 .read = seq_read, 1502 .llseek = seq_lseek, 1503 .release = single_release, 1504 }; 1505 1506 static const struct net_device_ops atmel_netdev_ops = { 1507 .ndo_open = atmel_open, 1508 .ndo_stop = atmel_close, 1509 .ndo_change_mtu = atmel_change_mtu, 1510 .ndo_set_mac_address = atmel_set_mac_address, 1511 .ndo_start_xmit = start_tx, 1512 .ndo_do_ioctl = atmel_ioctl, 1513 .ndo_validate_addr = eth_validate_addr, 1514 }; 1515 1516 struct net_device *init_atmel_card(unsigned short irq, unsigned long port, 1517 const AtmelFWType fw_type, 1518 struct device *sys_dev, 1519 int (*card_present)(void *), void *card) 1520 { 1521 struct net_device *dev; 1522 struct atmel_private *priv; 1523 int rc; 1524 1525 /* Create the network device object. */ 1526 dev = alloc_etherdev(sizeof(*priv)); 1527 if (!dev) 1528 return NULL; 1529 1530 if (dev_alloc_name(dev, dev->name) < 0) { 1531 printk(KERN_ERR "atmel: Couldn't get name!\n"); 1532 goto err_out_free; 1533 } 1534 1535 priv = netdev_priv(dev); 1536 priv->dev = dev; 1537 priv->sys_dev = sys_dev; 1538 priv->present_callback = card_present; 1539 priv->card = card; 1540 priv->firmware = NULL; 1541 priv->firmware_id[0] = '\0'; 1542 priv->firmware_type = fw_type; 1543 if (firmware) /* module parameter */ 1544 strcpy(priv->firmware_id, firmware); 1545 priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI; 1546 priv->station_state = STATION_STATE_DOWN; 1547 priv->do_rx_crc = 0; 1548 /* For PCMCIA cards, some chips need CRC, some don't 1549 so we have to probe. */ 1550 if (priv->bus_type == BUS_TYPE_PCCARD) { 1551 priv->probe_crc = 1; 1552 priv->crc_ok_cnt = priv->crc_ko_cnt = 0; 1553 } else 1554 priv->probe_crc = 0; 1555 priv->last_qual = jiffies; 1556 priv->last_beacon_timestamp = 0; 1557 memset(priv->frag_source, 0xff, sizeof(priv->frag_source)); 1558 eth_zero_addr(priv->BSSID); 1559 priv->CurrentBSSID[0] = 0xFF; /* Initialize to something invalid.... */ 1560 priv->station_was_associated = 0; 1561 1562 priv->last_survey = jiffies; 1563 priv->preamble = LONG_PREAMBLE; 1564 priv->operating_mode = IW_MODE_INFRA; 1565 priv->connect_to_any_BSS = 0; 1566 priv->config_reg_domain = 0; 1567 priv->reg_domain = 0; 1568 priv->tx_rate = 3; 1569 priv->auto_tx_rate = 1; 1570 priv->channel = 4; 1571 priv->power_mode = 0; 1572 priv->SSID[0] = '\0'; 1573 priv->SSID_size = 0; 1574 priv->new_SSID_size = 0; 1575 priv->frag_threshold = 2346; 1576 priv->rts_threshold = 2347; 1577 priv->short_retry = 7; 1578 priv->long_retry = 4; 1579 1580 priv->wep_is_on = 0; 1581 priv->default_key = 0; 1582 priv->encryption_level = 0; 1583 priv->exclude_unencrypted = 0; 1584 priv->group_cipher_suite = priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1585 priv->use_wpa = 0; 1586 memset(priv->wep_keys, 0, sizeof(priv->wep_keys)); 1587 memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len)); 1588 1589 priv->default_beacon_period = priv->beacon_period = 100; 1590 priv->listen_interval = 1; 1591 1592 init_timer(&priv->management_timer); 1593 spin_lock_init(&priv->irqlock); 1594 spin_lock_init(&priv->timerlock); 1595 priv->management_timer.function = atmel_management_timer; 1596 priv->management_timer.data = (unsigned long) dev; 1597 1598 dev->netdev_ops = &atmel_netdev_ops; 1599 dev->wireless_handlers = &atmel_handler_def; 1600 dev->irq = irq; 1601 dev->base_addr = port; 1602 1603 SET_NETDEV_DEV(dev, sys_dev); 1604 1605 if ((rc = request_irq(dev->irq, service_interrupt, IRQF_SHARED, dev->name, dev))) { 1606 printk(KERN_ERR "%s: register interrupt %d failed, rc %d\n", dev->name, irq, rc); 1607 goto err_out_free; 1608 } 1609 1610 if (!request_region(dev->base_addr, 32, 1611 priv->bus_type == BUS_TYPE_PCCARD ? "atmel_cs" : "atmel_pci")) { 1612 goto err_out_irq; 1613 } 1614 1615 if (register_netdev(dev)) 1616 goto err_out_res; 1617 1618 if (!probe_atmel_card(dev)) { 1619 unregister_netdev(dev); 1620 goto err_out_res; 1621 } 1622 1623 netif_carrier_off(dev); 1624 1625 if (!proc_create_data("driver/atmel", 0, NULL, &atmel_proc_fops, priv)) 1626 printk(KERN_WARNING "atmel: unable to create /proc entry.\n"); 1627 1628 printk(KERN_INFO "%s: Atmel at76c50x. Version %d.%d. MAC %pM\n", 1629 dev->name, DRIVER_MAJOR, DRIVER_MINOR, dev->dev_addr); 1630 1631 return dev; 1632 1633 err_out_res: 1634 release_region(dev->base_addr, 32); 1635 err_out_irq: 1636 free_irq(dev->irq, dev); 1637 err_out_free: 1638 free_netdev(dev); 1639 return NULL; 1640 } 1641 1642 EXPORT_SYMBOL(init_atmel_card); 1643 1644 void stop_atmel_card(struct net_device *dev) 1645 { 1646 struct atmel_private *priv = netdev_priv(dev); 1647 1648 /* put a brick on it... */ 1649 if (priv->bus_type == BUS_TYPE_PCCARD) 1650 atmel_write16(dev, GCR, 0x0060); 1651 atmel_write16(dev, GCR, 0x0040); 1652 1653 del_timer_sync(&priv->management_timer); 1654 unregister_netdev(dev); 1655 remove_proc_entry("driver/atmel", NULL); 1656 free_irq(dev->irq, dev); 1657 kfree(priv->firmware); 1658 release_region(dev->base_addr, 32); 1659 free_netdev(dev); 1660 } 1661 1662 EXPORT_SYMBOL(stop_atmel_card); 1663 1664 static int atmel_set_essid(struct net_device *dev, 1665 struct iw_request_info *info, 1666 struct iw_point *dwrq, 1667 char *extra) 1668 { 1669 struct atmel_private *priv = netdev_priv(dev); 1670 1671 /* Check if we asked for `any' */ 1672 if (dwrq->flags == 0) { 1673 priv->connect_to_any_BSS = 1; 1674 } else { 1675 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1676 1677 priv->connect_to_any_BSS = 0; 1678 1679 /* Check the size of the string */ 1680 if (dwrq->length > MAX_SSID_LENGTH) 1681 return -E2BIG; 1682 if (index != 0) 1683 return -EINVAL; 1684 1685 memcpy(priv->new_SSID, extra, dwrq->length); 1686 priv->new_SSID_size = dwrq->length; 1687 } 1688 1689 return -EINPROGRESS; 1690 } 1691 1692 static int atmel_get_essid(struct net_device *dev, 1693 struct iw_request_info *info, 1694 struct iw_point *dwrq, 1695 char *extra) 1696 { 1697 struct atmel_private *priv = netdev_priv(dev); 1698 1699 /* Get the current SSID */ 1700 if (priv->new_SSID_size != 0) { 1701 memcpy(extra, priv->new_SSID, priv->new_SSID_size); 1702 dwrq->length = priv->new_SSID_size; 1703 } else { 1704 memcpy(extra, priv->SSID, priv->SSID_size); 1705 dwrq->length = priv->SSID_size; 1706 } 1707 1708 dwrq->flags = !priv->connect_to_any_BSS; /* active */ 1709 1710 return 0; 1711 } 1712 1713 static int atmel_get_wap(struct net_device *dev, 1714 struct iw_request_info *info, 1715 struct sockaddr *awrq, 1716 char *extra) 1717 { 1718 struct atmel_private *priv = netdev_priv(dev); 1719 memcpy(awrq->sa_data, priv->CurrentBSSID, ETH_ALEN); 1720 awrq->sa_family = ARPHRD_ETHER; 1721 1722 return 0; 1723 } 1724 1725 static int atmel_set_encode(struct net_device *dev, 1726 struct iw_request_info *info, 1727 struct iw_point *dwrq, 1728 char *extra) 1729 { 1730 struct atmel_private *priv = netdev_priv(dev); 1731 1732 /* Basic checking: do we have a key to set ? 1733 * Note : with the new API, it's impossible to get a NULL pointer. 1734 * Therefore, we need to check a key size == 0 instead. 1735 * New version of iwconfig properly set the IW_ENCODE_NOKEY flag 1736 * when no key is present (only change flags), but older versions 1737 * don't do it. - Jean II */ 1738 if (dwrq->length > 0) { 1739 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1740 int current_index = priv->default_key; 1741 /* Check the size of the key */ 1742 if (dwrq->length > 13) { 1743 return -EINVAL; 1744 } 1745 /* Check the index (none -> use current) */ 1746 if (index < 0 || index >= 4) 1747 index = current_index; 1748 else 1749 priv->default_key = index; 1750 /* Set the length */ 1751 if (dwrq->length > 5) 1752 priv->wep_key_len[index] = 13; 1753 else 1754 if (dwrq->length > 0) 1755 priv->wep_key_len[index] = 5; 1756 else 1757 /* Disable the key */ 1758 priv->wep_key_len[index] = 0; 1759 /* Check if the key is not marked as invalid */ 1760 if (!(dwrq->flags & IW_ENCODE_NOKEY)) { 1761 /* Cleanup */ 1762 memset(priv->wep_keys[index], 0, 13); 1763 /* Copy the key in the driver */ 1764 memcpy(priv->wep_keys[index], extra, dwrq->length); 1765 } 1766 /* WE specify that if a valid key is set, encryption 1767 * should be enabled (user may turn it off later) 1768 * This is also how "iwconfig ethX key on" works */ 1769 if (index == current_index && 1770 priv->wep_key_len[index] > 0) { 1771 priv->wep_is_on = 1; 1772 priv->exclude_unencrypted = 1; 1773 if (priv->wep_key_len[index] > 5) { 1774 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1775 priv->encryption_level = 2; 1776 } else { 1777 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1778 priv->encryption_level = 1; 1779 } 1780 } 1781 } else { 1782 /* Do we want to just set the transmit key index ? */ 1783 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1784 if (index >= 0 && index < 4) { 1785 priv->default_key = index; 1786 } else 1787 /* Don't complain if only change the mode */ 1788 if (!(dwrq->flags & IW_ENCODE_MODE)) 1789 return -EINVAL; 1790 } 1791 /* Read the flags */ 1792 if (dwrq->flags & IW_ENCODE_DISABLED) { 1793 priv->wep_is_on = 0; 1794 priv->encryption_level = 0; 1795 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1796 } else { 1797 priv->wep_is_on = 1; 1798 if (priv->wep_key_len[priv->default_key] > 5) { 1799 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1800 priv->encryption_level = 2; 1801 } else { 1802 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1803 priv->encryption_level = 1; 1804 } 1805 } 1806 if (dwrq->flags & IW_ENCODE_RESTRICTED) 1807 priv->exclude_unencrypted = 1; 1808 if (dwrq->flags & IW_ENCODE_OPEN) 1809 priv->exclude_unencrypted = 0; 1810 1811 return -EINPROGRESS; /* Call commit handler */ 1812 } 1813 1814 static int atmel_get_encode(struct net_device *dev, 1815 struct iw_request_info *info, 1816 struct iw_point *dwrq, 1817 char *extra) 1818 { 1819 struct atmel_private *priv = netdev_priv(dev); 1820 int index = (dwrq->flags & IW_ENCODE_INDEX) - 1; 1821 1822 if (!priv->wep_is_on) 1823 dwrq->flags = IW_ENCODE_DISABLED; 1824 else { 1825 if (priv->exclude_unencrypted) 1826 dwrq->flags = IW_ENCODE_RESTRICTED; 1827 else 1828 dwrq->flags = IW_ENCODE_OPEN; 1829 } 1830 /* Which key do we want ? -1 -> tx index */ 1831 if (index < 0 || index >= 4) 1832 index = priv->default_key; 1833 dwrq->flags |= index + 1; 1834 /* Copy the key to the user buffer */ 1835 dwrq->length = priv->wep_key_len[index]; 1836 if (dwrq->length > 16) { 1837 dwrq->length = 0; 1838 } else { 1839 memset(extra, 0, 16); 1840 memcpy(extra, priv->wep_keys[index], dwrq->length); 1841 } 1842 1843 return 0; 1844 } 1845 1846 static int atmel_set_encodeext(struct net_device *dev, 1847 struct iw_request_info *info, 1848 union iwreq_data *wrqu, 1849 char *extra) 1850 { 1851 struct atmel_private *priv = netdev_priv(dev); 1852 struct iw_point *encoding = &wrqu->encoding; 1853 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra; 1854 int idx, key_len, alg = ext->alg, set_key = 1; 1855 1856 /* Determine and validate the key index */ 1857 idx = encoding->flags & IW_ENCODE_INDEX; 1858 if (idx) { 1859 if (idx < 1 || idx > 4) 1860 return -EINVAL; 1861 idx--; 1862 } else 1863 idx = priv->default_key; 1864 1865 if (encoding->flags & IW_ENCODE_DISABLED) 1866 alg = IW_ENCODE_ALG_NONE; 1867 1868 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) { 1869 priv->default_key = idx; 1870 set_key = ext->key_len > 0 ? 1 : 0; 1871 } 1872 1873 if (set_key) { 1874 /* Set the requested key first */ 1875 switch (alg) { 1876 case IW_ENCODE_ALG_NONE: 1877 priv->wep_is_on = 0; 1878 priv->encryption_level = 0; 1879 priv->pairwise_cipher_suite = CIPHER_SUITE_NONE; 1880 break; 1881 case IW_ENCODE_ALG_WEP: 1882 if (ext->key_len > 5) { 1883 priv->wep_key_len[idx] = 13; 1884 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_128; 1885 priv->encryption_level = 2; 1886 } else if (ext->key_len > 0) { 1887 priv->wep_key_len[idx] = 5; 1888 priv->pairwise_cipher_suite = CIPHER_SUITE_WEP_64; 1889 priv->encryption_level = 1; 1890 } else { 1891 return -EINVAL; 1892 } 1893 priv->wep_is_on = 1; 1894 memset(priv->wep_keys[idx], 0, 13); 1895 key_len = min ((int)ext->key_len, priv->wep_key_len[idx]); 1896 memcpy(priv->wep_keys[idx], ext->key, key_len); 1897 break; 1898 default: 1899 return -EINVAL; 1900 } 1901 } 1902 1903 return -EINPROGRESS; 1904 } 1905 1906 static int atmel_get_encodeext(struct net_device *dev, 1907 struct iw_request_info *info, 1908 union iwreq_data *wrqu, 1909 char *extra) 1910 { 1911 struct atmel_private *priv = netdev_priv(dev); 1912 struct iw_point *encoding = &wrqu->encoding; 1913 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra; 1914 int idx, max_key_len; 1915 1916 max_key_len = encoding->length - sizeof(*ext); 1917 if (max_key_len < 0) 1918 return -EINVAL; 1919 1920 idx = encoding->flags & IW_ENCODE_INDEX; 1921 if (idx) { 1922 if (idx < 1 || idx > 4) 1923 return -EINVAL; 1924 idx--; 1925 } else 1926 idx = priv->default_key; 1927 1928 encoding->flags = idx + 1; 1929 memset(ext, 0, sizeof(*ext)); 1930 1931 if (!priv->wep_is_on) { 1932 ext->alg = IW_ENCODE_ALG_NONE; 1933 ext->key_len = 0; 1934 encoding->flags |= IW_ENCODE_DISABLED; 1935 } else { 1936 if (priv->encryption_level > 0) 1937 ext->alg = IW_ENCODE_ALG_WEP; 1938 else 1939 return -EINVAL; 1940 1941 ext->key_len = priv->wep_key_len[idx]; 1942 memcpy(ext->key, priv->wep_keys[idx], ext->key_len); 1943 encoding->flags |= IW_ENCODE_ENABLED; 1944 } 1945 1946 return 0; 1947 } 1948 1949 static int atmel_set_auth(struct net_device *dev, 1950 struct iw_request_info *info, 1951 union iwreq_data *wrqu, char *extra) 1952 { 1953 struct atmel_private *priv = netdev_priv(dev); 1954 struct iw_param *param = &wrqu->param; 1955 1956 switch (param->flags & IW_AUTH_INDEX) { 1957 case IW_AUTH_WPA_VERSION: 1958 case IW_AUTH_CIPHER_PAIRWISE: 1959 case IW_AUTH_CIPHER_GROUP: 1960 case IW_AUTH_KEY_MGMT: 1961 case IW_AUTH_RX_UNENCRYPTED_EAPOL: 1962 case IW_AUTH_PRIVACY_INVOKED: 1963 /* 1964 * atmel does not use these parameters 1965 */ 1966 break; 1967 1968 case IW_AUTH_DROP_UNENCRYPTED: 1969 priv->exclude_unencrypted = param->value ? 1 : 0; 1970 break; 1971 1972 case IW_AUTH_80211_AUTH_ALG: { 1973 if (param->value & IW_AUTH_ALG_SHARED_KEY) { 1974 priv->exclude_unencrypted = 1; 1975 } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) { 1976 priv->exclude_unencrypted = 0; 1977 } else 1978 return -EINVAL; 1979 break; 1980 } 1981 1982 case IW_AUTH_WPA_ENABLED: 1983 /* Silently accept disable of WPA */ 1984 if (param->value > 0) 1985 return -EOPNOTSUPP; 1986 break; 1987 1988 default: 1989 return -EOPNOTSUPP; 1990 } 1991 return -EINPROGRESS; 1992 } 1993 1994 static int atmel_get_auth(struct net_device *dev, 1995 struct iw_request_info *info, 1996 union iwreq_data *wrqu, char *extra) 1997 { 1998 struct atmel_private *priv = netdev_priv(dev); 1999 struct iw_param *param = &wrqu->param; 2000 2001 switch (param->flags & IW_AUTH_INDEX) { 2002 case IW_AUTH_DROP_UNENCRYPTED: 2003 param->value = priv->exclude_unencrypted; 2004 break; 2005 2006 case IW_AUTH_80211_AUTH_ALG: 2007 if (priv->exclude_unencrypted == 1) 2008 param->value = IW_AUTH_ALG_SHARED_KEY; 2009 else 2010 param->value = IW_AUTH_ALG_OPEN_SYSTEM; 2011 break; 2012 2013 case IW_AUTH_WPA_ENABLED: 2014 param->value = 0; 2015 break; 2016 2017 default: 2018 return -EOPNOTSUPP; 2019 } 2020 return 0; 2021 } 2022 2023 2024 static int atmel_get_name(struct net_device *dev, 2025 struct iw_request_info *info, 2026 char *cwrq, 2027 char *extra) 2028 { 2029 strcpy(cwrq, "IEEE 802.11-DS"); 2030 return 0; 2031 } 2032 2033 static int atmel_set_rate(struct net_device *dev, 2034 struct iw_request_info *info, 2035 struct iw_param *vwrq, 2036 char *extra) 2037 { 2038 struct atmel_private *priv = netdev_priv(dev); 2039 2040 if (vwrq->fixed == 0) { 2041 priv->tx_rate = 3; 2042 priv->auto_tx_rate = 1; 2043 } else { 2044 priv->auto_tx_rate = 0; 2045 2046 /* Which type of value ? */ 2047 if ((vwrq->value < 4) && (vwrq->value >= 0)) { 2048 /* Setting by rate index */ 2049 priv->tx_rate = vwrq->value; 2050 } else { 2051 /* Setting by frequency value */ 2052 switch (vwrq->value) { 2053 case 1000000: 2054 priv->tx_rate = 0; 2055 break; 2056 case 2000000: 2057 priv->tx_rate = 1; 2058 break; 2059 case 5500000: 2060 priv->tx_rate = 2; 2061 break; 2062 case 11000000: 2063 priv->tx_rate = 3; 2064 break; 2065 default: 2066 return -EINVAL; 2067 } 2068 } 2069 } 2070 2071 return -EINPROGRESS; 2072 } 2073 2074 static int atmel_set_mode(struct net_device *dev, 2075 struct iw_request_info *info, 2076 __u32 *uwrq, 2077 char *extra) 2078 { 2079 struct atmel_private *priv = netdev_priv(dev); 2080 2081 if (*uwrq != IW_MODE_ADHOC && *uwrq != IW_MODE_INFRA) 2082 return -EINVAL; 2083 2084 priv->operating_mode = *uwrq; 2085 return -EINPROGRESS; 2086 } 2087 2088 static int atmel_get_mode(struct net_device *dev, 2089 struct iw_request_info *info, 2090 __u32 *uwrq, 2091 char *extra) 2092 { 2093 struct atmel_private *priv = netdev_priv(dev); 2094 2095 *uwrq = priv->operating_mode; 2096 return 0; 2097 } 2098 2099 static int atmel_get_rate(struct net_device *dev, 2100 struct iw_request_info *info, 2101 struct iw_param *vwrq, 2102 char *extra) 2103 { 2104 struct atmel_private *priv = netdev_priv(dev); 2105 2106 if (priv->auto_tx_rate) { 2107 vwrq->fixed = 0; 2108 vwrq->value = 11000000; 2109 } else { 2110 vwrq->fixed = 1; 2111 switch (priv->tx_rate) { 2112 case 0: 2113 vwrq->value = 1000000; 2114 break; 2115 case 1: 2116 vwrq->value = 2000000; 2117 break; 2118 case 2: 2119 vwrq->value = 5500000; 2120 break; 2121 case 3: 2122 vwrq->value = 11000000; 2123 break; 2124 } 2125 } 2126 return 0; 2127 } 2128 2129 static int atmel_set_power(struct net_device *dev, 2130 struct iw_request_info *info, 2131 struct iw_param *vwrq, 2132 char *extra) 2133 { 2134 struct atmel_private *priv = netdev_priv(dev); 2135 priv->power_mode = vwrq->disabled ? 0 : 1; 2136 return -EINPROGRESS; 2137 } 2138 2139 static int atmel_get_power(struct net_device *dev, 2140 struct iw_request_info *info, 2141 struct iw_param *vwrq, 2142 char *extra) 2143 { 2144 struct atmel_private *priv = netdev_priv(dev); 2145 vwrq->disabled = priv->power_mode ? 0 : 1; 2146 vwrq->flags = IW_POWER_ON; 2147 return 0; 2148 } 2149 2150 static int atmel_set_retry(struct net_device *dev, 2151 struct iw_request_info *info, 2152 struct iw_param *vwrq, 2153 char *extra) 2154 { 2155 struct atmel_private *priv = netdev_priv(dev); 2156 2157 if (!vwrq->disabled && (vwrq->flags & IW_RETRY_LIMIT)) { 2158 if (vwrq->flags & IW_RETRY_LONG) 2159 priv->long_retry = vwrq->value; 2160 else if (vwrq->flags & IW_RETRY_SHORT) 2161 priv->short_retry = vwrq->value; 2162 else { 2163 /* No modifier : set both */ 2164 priv->long_retry = vwrq->value; 2165 priv->short_retry = vwrq->value; 2166 } 2167 return -EINPROGRESS; 2168 } 2169 2170 return -EINVAL; 2171 } 2172 2173 static int atmel_get_retry(struct net_device *dev, 2174 struct iw_request_info *info, 2175 struct iw_param *vwrq, 2176 char *extra) 2177 { 2178 struct atmel_private *priv = netdev_priv(dev); 2179 2180 vwrq->disabled = 0; /* Can't be disabled */ 2181 2182 /* Note : by default, display the short retry number */ 2183 if (vwrq->flags & IW_RETRY_LONG) { 2184 vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG; 2185 vwrq->value = priv->long_retry; 2186 } else { 2187 vwrq->flags = IW_RETRY_LIMIT; 2188 vwrq->value = priv->short_retry; 2189 if (priv->long_retry != priv->short_retry) 2190 vwrq->flags |= IW_RETRY_SHORT; 2191 } 2192 2193 return 0; 2194 } 2195 2196 static int atmel_set_rts(struct net_device *dev, 2197 struct iw_request_info *info, 2198 struct iw_param *vwrq, 2199 char *extra) 2200 { 2201 struct atmel_private *priv = netdev_priv(dev); 2202 int rthr = vwrq->value; 2203 2204 if (vwrq->disabled) 2205 rthr = 2347; 2206 if ((rthr < 0) || (rthr > 2347)) { 2207 return -EINVAL; 2208 } 2209 priv->rts_threshold = rthr; 2210 2211 return -EINPROGRESS; /* Call commit handler */ 2212 } 2213 2214 static int atmel_get_rts(struct net_device *dev, 2215 struct iw_request_info *info, 2216 struct iw_param *vwrq, 2217 char *extra) 2218 { 2219 struct atmel_private *priv = netdev_priv(dev); 2220 2221 vwrq->value = priv->rts_threshold; 2222 vwrq->disabled = (vwrq->value >= 2347); 2223 vwrq->fixed = 1; 2224 2225 return 0; 2226 } 2227 2228 static int atmel_set_frag(struct net_device *dev, 2229 struct iw_request_info *info, 2230 struct iw_param *vwrq, 2231 char *extra) 2232 { 2233 struct atmel_private *priv = netdev_priv(dev); 2234 int fthr = vwrq->value; 2235 2236 if (vwrq->disabled) 2237 fthr = 2346; 2238 if ((fthr < 256) || (fthr > 2346)) { 2239 return -EINVAL; 2240 } 2241 fthr &= ~0x1; /* Get an even value - is it really needed ??? */ 2242 priv->frag_threshold = fthr; 2243 2244 return -EINPROGRESS; /* Call commit handler */ 2245 } 2246 2247 static int atmel_get_frag(struct net_device *dev, 2248 struct iw_request_info *info, 2249 struct iw_param *vwrq, 2250 char *extra) 2251 { 2252 struct atmel_private *priv = netdev_priv(dev); 2253 2254 vwrq->value = priv->frag_threshold; 2255 vwrq->disabled = (vwrq->value >= 2346); 2256 vwrq->fixed = 1; 2257 2258 return 0; 2259 } 2260 2261 static int atmel_set_freq(struct net_device *dev, 2262 struct iw_request_info *info, 2263 struct iw_freq *fwrq, 2264 char *extra) 2265 { 2266 struct atmel_private *priv = netdev_priv(dev); 2267 int rc = -EINPROGRESS; /* Call commit handler */ 2268 2269 /* If setting by frequency, convert to a channel */ 2270 if (fwrq->e == 1) { 2271 int f = fwrq->m / 100000; 2272 2273 /* Hack to fall through... */ 2274 fwrq->e = 0; 2275 fwrq->m = ieee80211_frequency_to_channel(f); 2276 } 2277 /* Setting by channel number */ 2278 if ((fwrq->m > 1000) || (fwrq->e > 0)) 2279 rc = -EOPNOTSUPP; 2280 else { 2281 int channel = fwrq->m; 2282 if (atmel_validate_channel(priv, channel) == 0) { 2283 priv->channel = channel; 2284 } else { 2285 rc = -EINVAL; 2286 } 2287 } 2288 return rc; 2289 } 2290 2291 static int atmel_get_freq(struct net_device *dev, 2292 struct iw_request_info *info, 2293 struct iw_freq *fwrq, 2294 char *extra) 2295 { 2296 struct atmel_private *priv = netdev_priv(dev); 2297 2298 fwrq->m = priv->channel; 2299 fwrq->e = 0; 2300 return 0; 2301 } 2302 2303 static int atmel_set_scan(struct net_device *dev, 2304 struct iw_request_info *info, 2305 struct iw_point *dwrq, 2306 char *extra) 2307 { 2308 struct atmel_private *priv = netdev_priv(dev); 2309 unsigned long flags; 2310 2311 /* Note : you may have realised that, as this is a SET operation, 2312 * this is privileged and therefore a normal user can't 2313 * perform scanning. 2314 * This is not an error, while the device perform scanning, 2315 * traffic doesn't flow, so it's a perfect DoS... 2316 * Jean II */ 2317 2318 if (priv->station_state == STATION_STATE_DOWN) 2319 return -EAGAIN; 2320 2321 /* Timeout old surveys. */ 2322 if (time_after(jiffies, priv->last_survey + 20 * HZ)) 2323 priv->site_survey_state = SITE_SURVEY_IDLE; 2324 priv->last_survey = jiffies; 2325 2326 /* Initiate a scan command */ 2327 if (priv->site_survey_state == SITE_SURVEY_IN_PROGRESS) 2328 return -EBUSY; 2329 2330 del_timer_sync(&priv->management_timer); 2331 spin_lock_irqsave(&priv->irqlock, flags); 2332 2333 priv->site_survey_state = SITE_SURVEY_IN_PROGRESS; 2334 priv->fast_scan = 0; 2335 atmel_scan(priv, 0); 2336 spin_unlock_irqrestore(&priv->irqlock, flags); 2337 2338 return 0; 2339 } 2340 2341 static int atmel_get_scan(struct net_device *dev, 2342 struct iw_request_info *info, 2343 struct iw_point *dwrq, 2344 char *extra) 2345 { 2346 struct atmel_private *priv = netdev_priv(dev); 2347 int i; 2348 char *current_ev = extra; 2349 struct iw_event iwe; 2350 2351 if (priv->site_survey_state != SITE_SURVEY_COMPLETED) 2352 return -EAGAIN; 2353 2354 for (i = 0; i < priv->BSS_list_entries; i++) { 2355 iwe.cmd = SIOCGIWAP; 2356 iwe.u.ap_addr.sa_family = ARPHRD_ETHER; 2357 memcpy(iwe.u.ap_addr.sa_data, priv->BSSinfo[i].BSSID, ETH_ALEN); 2358 current_ev = iwe_stream_add_event(info, current_ev, 2359 extra + IW_SCAN_MAX_DATA, 2360 &iwe, IW_EV_ADDR_LEN); 2361 2362 iwe.u.data.length = priv->BSSinfo[i].SSIDsize; 2363 if (iwe.u.data.length > 32) 2364 iwe.u.data.length = 32; 2365 iwe.cmd = SIOCGIWESSID; 2366 iwe.u.data.flags = 1; 2367 current_ev = iwe_stream_add_point(info, current_ev, 2368 extra + IW_SCAN_MAX_DATA, 2369 &iwe, priv->BSSinfo[i].SSID); 2370 2371 iwe.cmd = SIOCGIWMODE; 2372 iwe.u.mode = priv->BSSinfo[i].BSStype; 2373 current_ev = iwe_stream_add_event(info, current_ev, 2374 extra + IW_SCAN_MAX_DATA, 2375 &iwe, IW_EV_UINT_LEN); 2376 2377 iwe.cmd = SIOCGIWFREQ; 2378 iwe.u.freq.m = priv->BSSinfo[i].channel; 2379 iwe.u.freq.e = 0; 2380 current_ev = iwe_stream_add_event(info, current_ev, 2381 extra + IW_SCAN_MAX_DATA, 2382 &iwe, IW_EV_FREQ_LEN); 2383 2384 /* Add quality statistics */ 2385 iwe.cmd = IWEVQUAL; 2386 iwe.u.qual.level = priv->BSSinfo[i].RSSI; 2387 iwe.u.qual.qual = iwe.u.qual.level; 2388 /* iwe.u.qual.noise = SOMETHING */ 2389 current_ev = iwe_stream_add_event(info, current_ev, 2390 extra + IW_SCAN_MAX_DATA, 2391 &iwe, IW_EV_QUAL_LEN); 2392 2393 2394 iwe.cmd = SIOCGIWENCODE; 2395 if (priv->BSSinfo[i].UsingWEP) 2396 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY; 2397 else 2398 iwe.u.data.flags = IW_ENCODE_DISABLED; 2399 iwe.u.data.length = 0; 2400 current_ev = iwe_stream_add_point(info, current_ev, 2401 extra + IW_SCAN_MAX_DATA, 2402 &iwe, NULL); 2403 } 2404 2405 /* Length of data */ 2406 dwrq->length = (current_ev - extra); 2407 dwrq->flags = 0; 2408 2409 return 0; 2410 } 2411 2412 static int atmel_get_range(struct net_device *dev, 2413 struct iw_request_info *info, 2414 struct iw_point *dwrq, 2415 char *extra) 2416 { 2417 struct atmel_private *priv = netdev_priv(dev); 2418 struct iw_range *range = (struct iw_range *) extra; 2419 int k, i, j; 2420 2421 dwrq->length = sizeof(struct iw_range); 2422 memset(range, 0, sizeof(struct iw_range)); 2423 range->min_nwid = 0x0000; 2424 range->max_nwid = 0x0000; 2425 range->num_channels = 0; 2426 for (j = 0; j < ARRAY_SIZE(channel_table); j++) 2427 if (priv->reg_domain == channel_table[j].reg_domain) { 2428 range->num_channels = channel_table[j].max - channel_table[j].min + 1; 2429 break; 2430 } 2431 if (range->num_channels != 0) { 2432 for (k = 0, i = channel_table[j].min; i <= channel_table[j].max; i++) { 2433 range->freq[k].i = i; /* List index */ 2434 2435 /* Values in MHz -> * 10^5 * 10 */ 2436 range->freq[k].m = 100000 * 2437 ieee80211_channel_to_frequency(i, IEEE80211_BAND_2GHZ); 2438 range->freq[k++].e = 1; 2439 } 2440 range->num_frequency = k; 2441 } 2442 2443 range->max_qual.qual = 100; 2444 range->max_qual.level = 100; 2445 range->max_qual.noise = 0; 2446 range->max_qual.updated = IW_QUAL_NOISE_INVALID; 2447 2448 range->avg_qual.qual = 50; 2449 range->avg_qual.level = 50; 2450 range->avg_qual.noise = 0; 2451 range->avg_qual.updated = IW_QUAL_NOISE_INVALID; 2452 2453 range->sensitivity = 0; 2454 2455 range->bitrate[0] = 1000000; 2456 range->bitrate[1] = 2000000; 2457 range->bitrate[2] = 5500000; 2458 range->bitrate[3] = 11000000; 2459 range->num_bitrates = 4; 2460 2461 range->min_rts = 0; 2462 range->max_rts = 2347; 2463 range->min_frag = 256; 2464 range->max_frag = 2346; 2465 2466 range->encoding_size[0] = 5; 2467 range->encoding_size[1] = 13; 2468 range->num_encoding_sizes = 2; 2469 range->max_encoding_tokens = 4; 2470 2471 range->pmp_flags = IW_POWER_ON; 2472 range->pmt_flags = IW_POWER_ON; 2473 range->pm_capa = 0; 2474 2475 range->we_version_source = WIRELESS_EXT; 2476 range->we_version_compiled = WIRELESS_EXT; 2477 range->retry_capa = IW_RETRY_LIMIT ; 2478 range->retry_flags = IW_RETRY_LIMIT; 2479 range->r_time_flags = 0; 2480 range->min_retry = 1; 2481 range->max_retry = 65535; 2482 2483 return 0; 2484 } 2485 2486 static int atmel_set_wap(struct net_device *dev, 2487 struct iw_request_info *info, 2488 struct sockaddr *awrq, 2489 char *extra) 2490 { 2491 struct atmel_private *priv = netdev_priv(dev); 2492 int i; 2493 static const u8 any[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 2494 static const u8 off[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 2495 unsigned long flags; 2496 2497 if (awrq->sa_family != ARPHRD_ETHER) 2498 return -EINVAL; 2499 2500 if (!memcmp(any, awrq->sa_data, 6) || 2501 !memcmp(off, awrq->sa_data, 6)) { 2502 del_timer_sync(&priv->management_timer); 2503 spin_lock_irqsave(&priv->irqlock, flags); 2504 atmel_scan(priv, 1); 2505 spin_unlock_irqrestore(&priv->irqlock, flags); 2506 return 0; 2507 } 2508 2509 for (i = 0; i < priv->BSS_list_entries; i++) { 2510 if (memcmp(priv->BSSinfo[i].BSSID, awrq->sa_data, 6) == 0) { 2511 if (!priv->wep_is_on && priv->BSSinfo[i].UsingWEP) { 2512 return -EINVAL; 2513 } else if (priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) { 2514 return -EINVAL; 2515 } else { 2516 del_timer_sync(&priv->management_timer); 2517 spin_lock_irqsave(&priv->irqlock, flags); 2518 atmel_join_bss(priv, i); 2519 spin_unlock_irqrestore(&priv->irqlock, flags); 2520 return 0; 2521 } 2522 } 2523 } 2524 2525 return -EINVAL; 2526 } 2527 2528 static int atmel_config_commit(struct net_device *dev, 2529 struct iw_request_info *info, /* NULL */ 2530 void *zwrq, /* NULL */ 2531 char *extra) /* NULL */ 2532 { 2533 return atmel_open(dev); 2534 } 2535 2536 static const iw_handler atmel_handler[] = 2537 { 2538 (iw_handler) atmel_config_commit, /* SIOCSIWCOMMIT */ 2539 (iw_handler) atmel_get_name, /* SIOCGIWNAME */ 2540 (iw_handler) NULL, /* SIOCSIWNWID */ 2541 (iw_handler) NULL, /* SIOCGIWNWID */ 2542 (iw_handler) atmel_set_freq, /* SIOCSIWFREQ */ 2543 (iw_handler) atmel_get_freq, /* SIOCGIWFREQ */ 2544 (iw_handler) atmel_set_mode, /* SIOCSIWMODE */ 2545 (iw_handler) atmel_get_mode, /* SIOCGIWMODE */ 2546 (iw_handler) NULL, /* SIOCSIWSENS */ 2547 (iw_handler) NULL, /* SIOCGIWSENS */ 2548 (iw_handler) NULL, /* SIOCSIWRANGE */ 2549 (iw_handler) atmel_get_range, /* SIOCGIWRANGE */ 2550 (iw_handler) NULL, /* SIOCSIWPRIV */ 2551 (iw_handler) NULL, /* SIOCGIWPRIV */ 2552 (iw_handler) NULL, /* SIOCSIWSTATS */ 2553 (iw_handler) NULL, /* SIOCGIWSTATS */ 2554 (iw_handler) NULL, /* SIOCSIWSPY */ 2555 (iw_handler) NULL, /* SIOCGIWSPY */ 2556 (iw_handler) NULL, /* -- hole -- */ 2557 (iw_handler) NULL, /* -- hole -- */ 2558 (iw_handler) atmel_set_wap, /* SIOCSIWAP */ 2559 (iw_handler) atmel_get_wap, /* SIOCGIWAP */ 2560 (iw_handler) NULL, /* -- hole -- */ 2561 (iw_handler) NULL, /* SIOCGIWAPLIST */ 2562 (iw_handler) atmel_set_scan, /* SIOCSIWSCAN */ 2563 (iw_handler) atmel_get_scan, /* SIOCGIWSCAN */ 2564 (iw_handler) atmel_set_essid, /* SIOCSIWESSID */ 2565 (iw_handler) atmel_get_essid, /* SIOCGIWESSID */ 2566 (iw_handler) NULL, /* SIOCSIWNICKN */ 2567 (iw_handler) NULL, /* SIOCGIWNICKN */ 2568 (iw_handler) NULL, /* -- hole -- */ 2569 (iw_handler) NULL, /* -- hole -- */ 2570 (iw_handler) atmel_set_rate, /* SIOCSIWRATE */ 2571 (iw_handler) atmel_get_rate, /* SIOCGIWRATE */ 2572 (iw_handler) atmel_set_rts, /* SIOCSIWRTS */ 2573 (iw_handler) atmel_get_rts, /* SIOCGIWRTS */ 2574 (iw_handler) atmel_set_frag, /* SIOCSIWFRAG */ 2575 (iw_handler) atmel_get_frag, /* SIOCGIWFRAG */ 2576 (iw_handler) NULL, /* SIOCSIWTXPOW */ 2577 (iw_handler) NULL, /* SIOCGIWTXPOW */ 2578 (iw_handler) atmel_set_retry, /* SIOCSIWRETRY */ 2579 (iw_handler) atmel_get_retry, /* SIOCGIWRETRY */ 2580 (iw_handler) atmel_set_encode, /* SIOCSIWENCODE */ 2581 (iw_handler) atmel_get_encode, /* SIOCGIWENCODE */ 2582 (iw_handler) atmel_set_power, /* SIOCSIWPOWER */ 2583 (iw_handler) atmel_get_power, /* SIOCGIWPOWER */ 2584 (iw_handler) NULL, /* -- hole -- */ 2585 (iw_handler) NULL, /* -- hole -- */ 2586 (iw_handler) NULL, /* SIOCSIWGENIE */ 2587 (iw_handler) NULL, /* SIOCGIWGENIE */ 2588 (iw_handler) atmel_set_auth, /* SIOCSIWAUTH */ 2589 (iw_handler) atmel_get_auth, /* SIOCGIWAUTH */ 2590 (iw_handler) atmel_set_encodeext, /* SIOCSIWENCODEEXT */ 2591 (iw_handler) atmel_get_encodeext, /* SIOCGIWENCODEEXT */ 2592 (iw_handler) NULL, /* SIOCSIWPMKSA */ 2593 }; 2594 2595 static const iw_handler atmel_private_handler[] = 2596 { 2597 NULL, /* SIOCIWFIRSTPRIV */ 2598 }; 2599 2600 struct atmel_priv_ioctl { 2601 char id[32]; 2602 unsigned char __user *data; 2603 unsigned short len; 2604 }; 2605 2606 #define ATMELFWL SIOCIWFIRSTPRIV 2607 #define ATMELIDIFC ATMELFWL + 1 2608 #define ATMELRD ATMELFWL + 2 2609 #define ATMELMAGIC 0x51807 2610 #define REGDOMAINSZ 20 2611 2612 static const struct iw_priv_args atmel_private_args[] = { 2613 { 2614 .cmd = ATMELFWL, 2615 .set_args = IW_PRIV_TYPE_BYTE 2616 | IW_PRIV_SIZE_FIXED 2617 | sizeof(struct atmel_priv_ioctl), 2618 .get_args = IW_PRIV_TYPE_NONE, 2619 .name = "atmelfwl" 2620 }, { 2621 .cmd = ATMELIDIFC, 2622 .set_args = IW_PRIV_TYPE_NONE, 2623 .get_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 2624 .name = "atmelidifc" 2625 }, { 2626 .cmd = ATMELRD, 2627 .set_args = IW_PRIV_TYPE_CHAR | REGDOMAINSZ, 2628 .get_args = IW_PRIV_TYPE_NONE, 2629 .name = "regdomain" 2630 }, 2631 }; 2632 2633 static const struct iw_handler_def atmel_handler_def = { 2634 .num_standard = ARRAY_SIZE(atmel_handler), 2635 .num_private = ARRAY_SIZE(atmel_private_handler), 2636 .num_private_args = ARRAY_SIZE(atmel_private_args), 2637 .standard = (iw_handler *) atmel_handler, 2638 .private = (iw_handler *) atmel_private_handler, 2639 .private_args = (struct iw_priv_args *) atmel_private_args, 2640 .get_wireless_stats = atmel_get_wireless_stats 2641 }; 2642 2643 static int atmel_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) 2644 { 2645 int i, rc = 0; 2646 struct atmel_private *priv = netdev_priv(dev); 2647 struct atmel_priv_ioctl com; 2648 struct iwreq *wrq = (struct iwreq *) rq; 2649 unsigned char *new_firmware; 2650 char domain[REGDOMAINSZ + 1]; 2651 2652 switch (cmd) { 2653 case ATMELIDIFC: 2654 wrq->u.param.value = ATMELMAGIC; 2655 break; 2656 2657 case ATMELFWL: 2658 if (copy_from_user(&com, rq->ifr_data, sizeof(com))) { 2659 rc = -EFAULT; 2660 break; 2661 } 2662 2663 if (!capable(CAP_NET_ADMIN)) { 2664 rc = -EPERM; 2665 break; 2666 } 2667 2668 if (!(new_firmware = kmalloc(com.len, GFP_KERNEL))) { 2669 rc = -ENOMEM; 2670 break; 2671 } 2672 2673 if (copy_from_user(new_firmware, com.data, com.len)) { 2674 kfree(new_firmware); 2675 rc = -EFAULT; 2676 break; 2677 } 2678 2679 kfree(priv->firmware); 2680 2681 priv->firmware = new_firmware; 2682 priv->firmware_length = com.len; 2683 strncpy(priv->firmware_id, com.id, 31); 2684 priv->firmware_id[31] = '\0'; 2685 break; 2686 2687 case ATMELRD: 2688 if (copy_from_user(domain, rq->ifr_data, REGDOMAINSZ)) { 2689 rc = -EFAULT; 2690 break; 2691 } 2692 2693 if (!capable(CAP_NET_ADMIN)) { 2694 rc = -EPERM; 2695 break; 2696 } 2697 2698 domain[REGDOMAINSZ] = 0; 2699 rc = -EINVAL; 2700 for (i = 0; i < ARRAY_SIZE(channel_table); i++) { 2701 if (!strcasecmp(channel_table[i].name, domain)) { 2702 priv->config_reg_domain = channel_table[i].reg_domain; 2703 rc = 0; 2704 } 2705 } 2706 2707 if (rc == 0 && priv->station_state != STATION_STATE_DOWN) 2708 rc = atmel_open(dev); 2709 break; 2710 2711 default: 2712 rc = -EOPNOTSUPP; 2713 } 2714 2715 return rc; 2716 } 2717 2718 struct auth_body { 2719 __le16 alg; 2720 __le16 trans_seq; 2721 __le16 status; 2722 u8 el_id; 2723 u8 chall_text_len; 2724 u8 chall_text[253]; 2725 }; 2726 2727 static void atmel_enter_state(struct atmel_private *priv, int new_state) 2728 { 2729 int old_state = priv->station_state; 2730 2731 if (new_state == old_state) 2732 return; 2733 2734 priv->station_state = new_state; 2735 2736 if (new_state == STATION_STATE_READY) { 2737 netif_start_queue(priv->dev); 2738 netif_carrier_on(priv->dev); 2739 } 2740 2741 if (old_state == STATION_STATE_READY) { 2742 netif_carrier_off(priv->dev); 2743 if (netif_running(priv->dev)) 2744 netif_stop_queue(priv->dev); 2745 priv->last_beacon_timestamp = 0; 2746 } 2747 } 2748 2749 static void atmel_scan(struct atmel_private *priv, int specific_ssid) 2750 { 2751 struct { 2752 u8 BSSID[ETH_ALEN]; 2753 u8 SSID[MAX_SSID_LENGTH]; 2754 u8 scan_type; 2755 u8 channel; 2756 __le16 BSS_type; 2757 __le16 min_channel_time; 2758 __le16 max_channel_time; 2759 u8 options; 2760 u8 SSID_size; 2761 } cmd; 2762 2763 eth_broadcast_addr(cmd.BSSID); 2764 2765 if (priv->fast_scan) { 2766 cmd.SSID_size = priv->SSID_size; 2767 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2768 cmd.min_channel_time = cpu_to_le16(10); 2769 cmd.max_channel_time = cpu_to_le16(50); 2770 } else { 2771 priv->BSS_list_entries = 0; 2772 cmd.SSID_size = 0; 2773 cmd.min_channel_time = cpu_to_le16(10); 2774 cmd.max_channel_time = cpu_to_le16(120); 2775 } 2776 2777 cmd.options = 0; 2778 2779 if (!specific_ssid) 2780 cmd.options |= SCAN_OPTIONS_SITE_SURVEY; 2781 2782 cmd.channel = (priv->channel & 0x7f); 2783 cmd.scan_type = SCAN_TYPE_ACTIVE; 2784 cmd.BSS_type = cpu_to_le16(priv->operating_mode == IW_MODE_ADHOC ? 2785 BSS_TYPE_AD_HOC : BSS_TYPE_INFRASTRUCTURE); 2786 2787 atmel_send_command(priv, CMD_Scan, &cmd, sizeof(cmd)); 2788 2789 /* This must come after all hardware access to avoid being messed up 2790 by stuff happening in interrupt context after we leave STATE_DOWN */ 2791 atmel_enter_state(priv, STATION_STATE_SCANNING); 2792 } 2793 2794 static void join(struct atmel_private *priv, int type) 2795 { 2796 struct { 2797 u8 BSSID[6]; 2798 u8 SSID[MAX_SSID_LENGTH]; 2799 u8 BSS_type; /* this is a short in a scan command - weird */ 2800 u8 channel; 2801 __le16 timeout; 2802 u8 SSID_size; 2803 u8 reserved; 2804 } cmd; 2805 2806 cmd.SSID_size = priv->SSID_size; 2807 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2808 memcpy(cmd.BSSID, priv->CurrentBSSID, ETH_ALEN); 2809 cmd.channel = (priv->channel & 0x7f); 2810 cmd.BSS_type = type; 2811 cmd.timeout = cpu_to_le16(2000); 2812 2813 atmel_send_command(priv, CMD_Join, &cmd, sizeof(cmd)); 2814 } 2815 2816 static void start(struct atmel_private *priv, int type) 2817 { 2818 struct { 2819 u8 BSSID[6]; 2820 u8 SSID[MAX_SSID_LENGTH]; 2821 u8 BSS_type; 2822 u8 channel; 2823 u8 SSID_size; 2824 u8 reserved[3]; 2825 } cmd; 2826 2827 cmd.SSID_size = priv->SSID_size; 2828 memcpy(cmd.SSID, priv->SSID, priv->SSID_size); 2829 memcpy(cmd.BSSID, priv->BSSID, ETH_ALEN); 2830 cmd.BSS_type = type; 2831 cmd.channel = (priv->channel & 0x7f); 2832 2833 atmel_send_command(priv, CMD_Start, &cmd, sizeof(cmd)); 2834 } 2835 2836 static void handle_beacon_probe(struct atmel_private *priv, u16 capability, 2837 u8 channel) 2838 { 2839 int rejoin = 0; 2840 int new = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ? 2841 SHORT_PREAMBLE : LONG_PREAMBLE; 2842 2843 if (priv->preamble != new) { 2844 priv->preamble = new; 2845 rejoin = 1; 2846 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, new); 2847 } 2848 2849 if (priv->channel != channel) { 2850 priv->channel = channel; 2851 rejoin = 1; 2852 atmel_set_mib8(priv, Phy_Mib_Type, PHY_MIB_CHANNEL_POS, channel); 2853 } 2854 2855 if (rejoin) { 2856 priv->station_is_associated = 0; 2857 atmel_enter_state(priv, STATION_STATE_JOINNING); 2858 2859 if (priv->operating_mode == IW_MODE_INFRA) 2860 join(priv, BSS_TYPE_INFRASTRUCTURE); 2861 else 2862 join(priv, BSS_TYPE_AD_HOC); 2863 } 2864 } 2865 2866 static void send_authentication_request(struct atmel_private *priv, u16 system, 2867 u8 *challenge, int challenge_len) 2868 { 2869 struct ieee80211_hdr header; 2870 struct auth_body auth; 2871 2872 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH); 2873 header.duration_id = cpu_to_le16(0x8000); 2874 header.seq_ctrl = 0; 2875 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN); 2876 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN); 2877 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN); 2878 2879 if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1) 2880 /* no WEP for authentication frames with TrSeqNo 1 */ 2881 header.frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 2882 2883 auth.alg = cpu_to_le16(system); 2884 2885 auth.status = 0; 2886 auth.trans_seq = cpu_to_le16(priv->CurrentAuthentTransactionSeqNum); 2887 priv->ExpectedAuthentTransactionSeqNum = priv->CurrentAuthentTransactionSeqNum+1; 2888 priv->CurrentAuthentTransactionSeqNum += 2; 2889 2890 if (challenge_len != 0) { 2891 auth.el_id = 16; /* challenge_text */ 2892 auth.chall_text_len = challenge_len; 2893 memcpy(auth.chall_text, challenge, challenge_len); 2894 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 8 + challenge_len); 2895 } else { 2896 atmel_transmit_management_frame(priv, &header, (u8 *)&auth, 6); 2897 } 2898 } 2899 2900 static void send_association_request(struct atmel_private *priv, int is_reassoc) 2901 { 2902 u8 *ssid_el_p; 2903 int bodysize; 2904 struct ieee80211_hdr header; 2905 struct ass_req_format { 2906 __le16 capability; 2907 __le16 listen_interval; 2908 u8 ap[ETH_ALEN]; /* nothing after here directly accessible */ 2909 u8 ssid_el_id; 2910 u8 ssid_len; 2911 u8 ssid[MAX_SSID_LENGTH]; 2912 u8 sup_rates_el_id; 2913 u8 sup_rates_len; 2914 u8 rates[4]; 2915 } body; 2916 2917 header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 2918 (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ)); 2919 header.duration_id = cpu_to_le16(0x8000); 2920 header.seq_ctrl = 0; 2921 2922 memcpy(header.addr1, priv->CurrentBSSID, ETH_ALEN); 2923 memcpy(header.addr2, priv->dev->dev_addr, ETH_ALEN); 2924 memcpy(header.addr3, priv->CurrentBSSID, ETH_ALEN); 2925 2926 body.capability = cpu_to_le16(WLAN_CAPABILITY_ESS); 2927 if (priv->wep_is_on) 2928 body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY); 2929 if (priv->preamble == SHORT_PREAMBLE) 2930 body.capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE); 2931 2932 body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period); 2933 2934 /* current AP address - only in reassoc frame */ 2935 if (is_reassoc) { 2936 memcpy(body.ap, priv->CurrentBSSID, ETH_ALEN); 2937 ssid_el_p = &body.ssid_el_id; 2938 bodysize = 18 + priv->SSID_size; 2939 } else { 2940 ssid_el_p = &body.ap[0]; 2941 bodysize = 12 + priv->SSID_size; 2942 } 2943 2944 ssid_el_p[0] = WLAN_EID_SSID; 2945 ssid_el_p[1] = priv->SSID_size; 2946 memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size); 2947 ssid_el_p[2 + priv->SSID_size] = WLAN_EID_SUPP_RATES; 2948 ssid_el_p[3 + priv->SSID_size] = 4; /* len of supported rates */ 2949 memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4); 2950 2951 atmel_transmit_management_frame(priv, &header, (void *)&body, bodysize); 2952 } 2953 2954 static int is_frame_from_current_bss(struct atmel_private *priv, 2955 struct ieee80211_hdr *header) 2956 { 2957 if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) 2958 return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0; 2959 else 2960 return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0; 2961 } 2962 2963 static int retrieve_bss(struct atmel_private *priv) 2964 { 2965 int i; 2966 int max_rssi = -128; 2967 int max_index = -1; 2968 2969 if (priv->BSS_list_entries == 0) 2970 return -1; 2971 2972 if (priv->connect_to_any_BSS) { 2973 /* Select a BSS with the max-RSSI but of the same type and of 2974 the same WEP mode and that it is not marked as 'bad' (i.e. 2975 we had previously failed to connect to this BSS with the 2976 settings that we currently use) */ 2977 priv->current_BSS = 0; 2978 for (i = 0; i < priv->BSS_list_entries; i++) { 2979 if (priv->operating_mode == priv->BSSinfo[i].BSStype && 2980 ((!priv->wep_is_on && !priv->BSSinfo[i].UsingWEP) || 2981 (priv->wep_is_on && priv->BSSinfo[i].UsingWEP)) && 2982 !(priv->BSSinfo[i].channel & 0x80)) { 2983 max_rssi = priv->BSSinfo[i].RSSI; 2984 priv->current_BSS = max_index = i; 2985 } 2986 } 2987 return max_index; 2988 } 2989 2990 for (i = 0; i < priv->BSS_list_entries; i++) { 2991 if (priv->SSID_size == priv->BSSinfo[i].SSIDsize && 2992 memcmp(priv->SSID, priv->BSSinfo[i].SSID, priv->SSID_size) == 0 && 2993 priv->operating_mode == priv->BSSinfo[i].BSStype && 2994 atmel_validate_channel(priv, priv->BSSinfo[i].channel) == 0) { 2995 if (priv->BSSinfo[i].RSSI >= max_rssi) { 2996 max_rssi = priv->BSSinfo[i].RSSI; 2997 max_index = i; 2998 } 2999 } 3000 } 3001 return max_index; 3002 } 3003 3004 static void store_bss_info(struct atmel_private *priv, 3005 struct ieee80211_hdr *header, u16 capability, 3006 u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len, 3007 u8 *ssid, int is_beacon) 3008 { 3009 u8 *bss = capability & WLAN_CAPABILITY_ESS ? header->addr2 : header->addr3; 3010 int i, index; 3011 3012 for (index = -1, i = 0; i < priv->BSS_list_entries; i++) 3013 if (memcmp(bss, priv->BSSinfo[i].BSSID, ETH_ALEN) == 0) 3014 index = i; 3015 3016 /* If we process a probe and an entry from this BSS exists 3017 we will update the BSS entry with the info from this BSS. 3018 If we process a beacon we will only update RSSI */ 3019 3020 if (index == -1) { 3021 if (priv->BSS_list_entries == MAX_BSS_ENTRIES) 3022 return; 3023 index = priv->BSS_list_entries++; 3024 memcpy(priv->BSSinfo[index].BSSID, bss, ETH_ALEN); 3025 priv->BSSinfo[index].RSSI = rssi; 3026 } else { 3027 if (rssi > priv->BSSinfo[index].RSSI) 3028 priv->BSSinfo[index].RSSI = rssi; 3029 if (is_beacon) 3030 return; 3031 } 3032 3033 priv->BSSinfo[index].channel = channel; 3034 priv->BSSinfo[index].beacon_period = beacon_period; 3035 priv->BSSinfo[index].UsingWEP = capability & WLAN_CAPABILITY_PRIVACY; 3036 memcpy(priv->BSSinfo[index].SSID, ssid, ssid_len); 3037 priv->BSSinfo[index].SSIDsize = ssid_len; 3038 3039 if (capability & WLAN_CAPABILITY_IBSS) 3040 priv->BSSinfo[index].BSStype = IW_MODE_ADHOC; 3041 else if (capability & WLAN_CAPABILITY_ESS) 3042 priv->BSSinfo[index].BSStype = IW_MODE_INFRA; 3043 3044 priv->BSSinfo[index].preamble = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ? 3045 SHORT_PREAMBLE : LONG_PREAMBLE; 3046 } 3047 3048 static void authenticate(struct atmel_private *priv, u16 frame_len) 3049 { 3050 struct auth_body *auth = (struct auth_body *)priv->rx_buf; 3051 u16 status = le16_to_cpu(auth->status); 3052 u16 trans_seq_no = le16_to_cpu(auth->trans_seq); 3053 u16 system = le16_to_cpu(auth->alg); 3054 3055 if (status == WLAN_STATUS_SUCCESS && !priv->wep_is_on) { 3056 /* no WEP */ 3057 if (priv->station_was_associated) { 3058 atmel_enter_state(priv, STATION_STATE_REASSOCIATING); 3059 send_association_request(priv, 1); 3060 return; 3061 } else { 3062 atmel_enter_state(priv, STATION_STATE_ASSOCIATING); 3063 send_association_request(priv, 0); 3064 return; 3065 } 3066 } 3067 3068 if (status == WLAN_STATUS_SUCCESS && priv->wep_is_on) { 3069 int should_associate = 0; 3070 /* WEP */ 3071 if (trans_seq_no != priv->ExpectedAuthentTransactionSeqNum) 3072 return; 3073 3074 if (system == WLAN_AUTH_OPEN) { 3075 if (trans_seq_no == 0x0002) { 3076 should_associate = 1; 3077 } 3078 } else if (system == WLAN_AUTH_SHARED_KEY) { 3079 if (trans_seq_no == 0x0002 && 3080 auth->el_id == WLAN_EID_CHALLENGE) { 3081 send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len); 3082 return; 3083 } else if (trans_seq_no == 0x0004) { 3084 should_associate = 1; 3085 } 3086 } 3087 3088 if (should_associate) { 3089 if (priv->station_was_associated) { 3090 atmel_enter_state(priv, STATION_STATE_REASSOCIATING); 3091 send_association_request(priv, 1); 3092 return; 3093 } else { 3094 atmel_enter_state(priv, STATION_STATE_ASSOCIATING); 3095 send_association_request(priv, 0); 3096 return; 3097 } 3098 } 3099 } 3100 3101 if (status == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) { 3102 /* Flip back and forth between WEP auth modes until the max 3103 * authentication tries has been exceeded. 3104 */ 3105 if (system == WLAN_AUTH_OPEN) { 3106 priv->CurrentAuthentTransactionSeqNum = 0x001; 3107 priv->exclude_unencrypted = 1; 3108 send_authentication_request(priv, WLAN_AUTH_SHARED_KEY, NULL, 0); 3109 return; 3110 } else if (system == WLAN_AUTH_SHARED_KEY 3111 && priv->wep_is_on) { 3112 priv->CurrentAuthentTransactionSeqNum = 0x001; 3113 priv->exclude_unencrypted = 0; 3114 send_authentication_request(priv, WLAN_AUTH_OPEN, NULL, 0); 3115 return; 3116 } else if (priv->connect_to_any_BSS) { 3117 int bss_index; 3118 3119 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3120 3121 if ((bss_index = retrieve_bss(priv)) != -1) { 3122 atmel_join_bss(priv, bss_index); 3123 return; 3124 } 3125 } 3126 } 3127 3128 priv->AuthenticationRequestRetryCnt = 0; 3129 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3130 priv->station_is_associated = 0; 3131 } 3132 3133 static void associate(struct atmel_private *priv, u16 frame_len, u16 subtype) 3134 { 3135 struct ass_resp_format { 3136 __le16 capability; 3137 __le16 status; 3138 __le16 ass_id; 3139 u8 el_id; 3140 u8 length; 3141 u8 rates[4]; 3142 } *ass_resp = (struct ass_resp_format *)priv->rx_buf; 3143 3144 u16 status = le16_to_cpu(ass_resp->status); 3145 u16 ass_id = le16_to_cpu(ass_resp->ass_id); 3146 u16 rates_len = ass_resp->length > 4 ? 4 : ass_resp->length; 3147 3148 union iwreq_data wrqu; 3149 3150 if (frame_len < 8 + rates_len) 3151 return; 3152 3153 if (status == WLAN_STATUS_SUCCESS) { 3154 if (subtype == IEEE80211_STYPE_ASSOC_RESP) 3155 priv->AssociationRequestRetryCnt = 0; 3156 else 3157 priv->ReAssociationRequestRetryCnt = 0; 3158 3159 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3160 MAC_MGMT_MIB_STATION_ID_POS, ass_id & 0x3fff); 3161 atmel_set_mib(priv, Phy_Mib_Type, 3162 PHY_MIB_RATE_SET_POS, ass_resp->rates, rates_len); 3163 if (priv->power_mode == 0) { 3164 priv->listen_interval = 1; 3165 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3166 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 3167 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3168 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 3169 } else { 3170 priv->listen_interval = 2; 3171 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3172 MAC_MGMT_MIB_PS_MODE_POS, PS_MODE); 3173 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3174 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 2); 3175 } 3176 3177 priv->station_is_associated = 1; 3178 priv->station_was_associated = 1; 3179 atmel_enter_state(priv, STATION_STATE_READY); 3180 3181 /* Send association event to userspace */ 3182 wrqu.data.length = 0; 3183 wrqu.data.flags = 0; 3184 memcpy(wrqu.ap_addr.sa_data, priv->CurrentBSSID, ETH_ALEN); 3185 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 3186 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 3187 3188 return; 3189 } 3190 3191 if (subtype == IEEE80211_STYPE_ASSOC_RESP && 3192 status != WLAN_STATUS_ASSOC_DENIED_RATES && 3193 status != WLAN_STATUS_CAPS_UNSUPPORTED && 3194 priv->AssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) { 3195 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3196 priv->AssociationRequestRetryCnt++; 3197 send_association_request(priv, 0); 3198 return; 3199 } 3200 3201 if (subtype == IEEE80211_STYPE_REASSOC_RESP && 3202 status != WLAN_STATUS_ASSOC_DENIED_RATES && 3203 status != WLAN_STATUS_CAPS_UNSUPPORTED && 3204 priv->ReAssociationRequestRetryCnt < MAX_ASSOCIATION_RETRIES) { 3205 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3206 priv->ReAssociationRequestRetryCnt++; 3207 send_association_request(priv, 1); 3208 return; 3209 } 3210 3211 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3212 priv->station_is_associated = 0; 3213 3214 if (priv->connect_to_any_BSS) { 3215 int bss_index; 3216 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3217 3218 if ((bss_index = retrieve_bss(priv)) != -1) 3219 atmel_join_bss(priv, bss_index); 3220 } 3221 } 3222 3223 static void atmel_join_bss(struct atmel_private *priv, int bss_index) 3224 { 3225 struct bss_info *bss = &priv->BSSinfo[bss_index]; 3226 3227 memcpy(priv->CurrentBSSID, bss->BSSID, ETH_ALEN); 3228 memcpy(priv->SSID, bss->SSID, priv->SSID_size = bss->SSIDsize); 3229 3230 /* The WPA stuff cares about the current AP address */ 3231 if (priv->use_wpa) 3232 build_wpa_mib(priv); 3233 3234 /* When switching to AdHoc turn OFF Power Save if needed */ 3235 3236 if (bss->BSStype == IW_MODE_ADHOC && 3237 priv->operating_mode != IW_MODE_ADHOC && 3238 priv->power_mode) { 3239 priv->power_mode = 0; 3240 priv->listen_interval = 1; 3241 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, 3242 MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 3243 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, 3244 MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 3245 } 3246 3247 priv->operating_mode = bss->BSStype; 3248 priv->channel = bss->channel & 0x7f; 3249 priv->beacon_period = bss->beacon_period; 3250 3251 if (priv->preamble != bss->preamble) { 3252 priv->preamble = bss->preamble; 3253 atmel_set_mib8(priv, Local_Mib_Type, 3254 LOCAL_MIB_PREAMBLE_TYPE, bss->preamble); 3255 } 3256 3257 if (!priv->wep_is_on && bss->UsingWEP) { 3258 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3259 priv->station_is_associated = 0; 3260 return; 3261 } 3262 3263 if (priv->wep_is_on && !bss->UsingWEP) { 3264 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3265 priv->station_is_associated = 0; 3266 return; 3267 } 3268 3269 atmel_enter_state(priv, STATION_STATE_JOINNING); 3270 3271 if (priv->operating_mode == IW_MODE_INFRA) 3272 join(priv, BSS_TYPE_INFRASTRUCTURE); 3273 else 3274 join(priv, BSS_TYPE_AD_HOC); 3275 } 3276 3277 static void restart_search(struct atmel_private *priv) 3278 { 3279 int bss_index; 3280 3281 if (!priv->connect_to_any_BSS) { 3282 atmel_scan(priv, 1); 3283 } else { 3284 priv->BSSinfo[(int)(priv->current_BSS)].channel |= 0x80; 3285 3286 if ((bss_index = retrieve_bss(priv)) != -1) 3287 atmel_join_bss(priv, bss_index); 3288 else 3289 atmel_scan(priv, 0); 3290 } 3291 } 3292 3293 static void smooth_rssi(struct atmel_private *priv, u8 rssi) 3294 { 3295 u8 old = priv->wstats.qual.level; 3296 u8 max_rssi = 42; /* 502-rmfd-revd max by experiment, default for now */ 3297 3298 switch (priv->firmware_type) { 3299 case ATMEL_FW_TYPE_502E: 3300 max_rssi = 63; /* 502-rmfd-reve max by experiment */ 3301 break; 3302 default: 3303 break; 3304 } 3305 3306 rssi = rssi * 100 / max_rssi; 3307 if ((rssi + old) % 2) 3308 priv->wstats.qual.level = (rssi + old) / 2 + 1; 3309 else 3310 priv->wstats.qual.level = (rssi + old) / 2; 3311 priv->wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED; 3312 priv->wstats.qual.updated &= ~IW_QUAL_LEVEL_INVALID; 3313 } 3314 3315 static void atmel_smooth_qual(struct atmel_private *priv) 3316 { 3317 unsigned long time_diff = (jiffies - priv->last_qual) / HZ; 3318 while (time_diff--) { 3319 priv->last_qual += HZ; 3320 priv->wstats.qual.qual = priv->wstats.qual.qual / 2; 3321 priv->wstats.qual.qual += 3322 priv->beacons_this_sec * priv->beacon_period * (priv->wstats.qual.level + 100) / 4000; 3323 priv->beacons_this_sec = 0; 3324 } 3325 priv->wstats.qual.updated |= IW_QUAL_QUAL_UPDATED; 3326 priv->wstats.qual.updated &= ~IW_QUAL_QUAL_INVALID; 3327 } 3328 3329 /* deals with incoming management frames. */ 3330 static void atmel_management_frame(struct atmel_private *priv, 3331 struct ieee80211_hdr *header, 3332 u16 frame_len, u8 rssi) 3333 { 3334 u16 subtype; 3335 3336 subtype = le16_to_cpu(header->frame_control) & IEEE80211_FCTL_STYPE; 3337 switch (subtype) { 3338 case IEEE80211_STYPE_BEACON: 3339 case IEEE80211_STYPE_PROBE_RESP: 3340 3341 /* beacon frame has multiple variable-length fields - 3342 never let an engineer loose with a data structure design. */ 3343 { 3344 struct beacon_format { 3345 __le64 timestamp; 3346 __le16 interval; 3347 __le16 capability; 3348 u8 ssid_el_id; 3349 u8 ssid_length; 3350 /* ssid here */ 3351 u8 rates_el_id; 3352 u8 rates_length; 3353 /* rates here */ 3354 u8 ds_el_id; 3355 u8 ds_length; 3356 /* ds here */ 3357 } *beacon = (struct beacon_format *)priv->rx_buf; 3358 3359 u8 channel, rates_length, ssid_length; 3360 u64 timestamp = le64_to_cpu(beacon->timestamp); 3361 u16 beacon_interval = le16_to_cpu(beacon->interval); 3362 u16 capability = le16_to_cpu(beacon->capability); 3363 u8 *beaconp = priv->rx_buf; 3364 ssid_length = beacon->ssid_length; 3365 /* this blows chunks. */ 3366 if (frame_len < 14 || frame_len < ssid_length + 15) 3367 return; 3368 rates_length = beaconp[beacon->ssid_length + 15]; 3369 if (frame_len < ssid_length + rates_length + 18) 3370 return; 3371 if (ssid_length > MAX_SSID_LENGTH) 3372 return; 3373 channel = beaconp[ssid_length + rates_length + 18]; 3374 3375 if (priv->station_state == STATION_STATE_READY) { 3376 smooth_rssi(priv, rssi); 3377 if (is_frame_from_current_bss(priv, header)) { 3378 priv->beacons_this_sec++; 3379 atmel_smooth_qual(priv); 3380 if (priv->last_beacon_timestamp) { 3381 /* Note truncate this to 32 bits - kernel can't divide a long long */ 3382 u32 beacon_delay = timestamp - priv->last_beacon_timestamp; 3383 int beacons = beacon_delay / (beacon_interval * 1000); 3384 if (beacons > 1) 3385 priv->wstats.miss.beacon += beacons - 1; 3386 } 3387 priv->last_beacon_timestamp = timestamp; 3388 handle_beacon_probe(priv, capability, channel); 3389 } 3390 } 3391 3392 if (priv->station_state == STATION_STATE_SCANNING) 3393 store_bss_info(priv, header, capability, 3394 beacon_interval, channel, rssi, 3395 ssid_length, 3396 &beacon->rates_el_id, 3397 subtype == IEEE80211_STYPE_BEACON); 3398 } 3399 break; 3400 3401 case IEEE80211_STYPE_AUTH: 3402 3403 if (priv->station_state == STATION_STATE_AUTHENTICATING) 3404 authenticate(priv, frame_len); 3405 3406 break; 3407 3408 case IEEE80211_STYPE_ASSOC_RESP: 3409 case IEEE80211_STYPE_REASSOC_RESP: 3410 3411 if (priv->station_state == STATION_STATE_ASSOCIATING || 3412 priv->station_state == STATION_STATE_REASSOCIATING) 3413 associate(priv, frame_len, subtype); 3414 3415 break; 3416 3417 case IEEE80211_STYPE_DISASSOC: 3418 if (priv->station_is_associated && 3419 priv->operating_mode == IW_MODE_INFRA && 3420 is_frame_from_current_bss(priv, header)) { 3421 priv->station_was_associated = 0; 3422 priv->station_is_associated = 0; 3423 3424 atmel_enter_state(priv, STATION_STATE_JOINNING); 3425 join(priv, BSS_TYPE_INFRASTRUCTURE); 3426 } 3427 3428 break; 3429 3430 case IEEE80211_STYPE_DEAUTH: 3431 if (priv->operating_mode == IW_MODE_INFRA && 3432 is_frame_from_current_bss(priv, header)) { 3433 priv->station_was_associated = 0; 3434 3435 atmel_enter_state(priv, STATION_STATE_JOINNING); 3436 join(priv, BSS_TYPE_INFRASTRUCTURE); 3437 } 3438 3439 break; 3440 } 3441 } 3442 3443 /* run when timer expires */ 3444 static void atmel_management_timer(u_long a) 3445 { 3446 struct net_device *dev = (struct net_device *) a; 3447 struct atmel_private *priv = netdev_priv(dev); 3448 unsigned long flags; 3449 3450 /* Check if the card has been yanked. */ 3451 if (priv->card && priv->present_callback && 3452 !(*priv->present_callback)(priv->card)) 3453 return; 3454 3455 spin_lock_irqsave(&priv->irqlock, flags); 3456 3457 switch (priv->station_state) { 3458 3459 case STATION_STATE_AUTHENTICATING: 3460 if (priv->AuthenticationRequestRetryCnt >= MAX_AUTHENTICATION_RETRIES) { 3461 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3462 priv->station_is_associated = 0; 3463 priv->AuthenticationRequestRetryCnt = 0; 3464 restart_search(priv); 3465 } else { 3466 int auth = WLAN_AUTH_OPEN; 3467 priv->AuthenticationRequestRetryCnt++; 3468 priv->CurrentAuthentTransactionSeqNum = 0x0001; 3469 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3470 if (priv->wep_is_on && priv->exclude_unencrypted) 3471 auth = WLAN_AUTH_SHARED_KEY; 3472 send_authentication_request(priv, auth, NULL, 0); 3473 } 3474 break; 3475 3476 case STATION_STATE_ASSOCIATING: 3477 if (priv->AssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) { 3478 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3479 priv->station_is_associated = 0; 3480 priv->AssociationRequestRetryCnt = 0; 3481 restart_search(priv); 3482 } else { 3483 priv->AssociationRequestRetryCnt++; 3484 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3485 send_association_request(priv, 0); 3486 } 3487 break; 3488 3489 case STATION_STATE_REASSOCIATING: 3490 if (priv->ReAssociationRequestRetryCnt == MAX_ASSOCIATION_RETRIES) { 3491 atmel_enter_state(priv, STATION_STATE_MGMT_ERROR); 3492 priv->station_is_associated = 0; 3493 priv->ReAssociationRequestRetryCnt = 0; 3494 restart_search(priv); 3495 } else { 3496 priv->ReAssociationRequestRetryCnt++; 3497 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3498 send_association_request(priv, 1); 3499 } 3500 break; 3501 3502 default: 3503 break; 3504 } 3505 3506 spin_unlock_irqrestore(&priv->irqlock, flags); 3507 } 3508 3509 static void atmel_command_irq(struct atmel_private *priv) 3510 { 3511 u8 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET)); 3512 u8 command = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET)); 3513 int fast_scan; 3514 union iwreq_data wrqu; 3515 3516 if (status == CMD_STATUS_IDLE || 3517 status == CMD_STATUS_IN_PROGRESS) 3518 return; 3519 3520 switch (command) { 3521 case CMD_Start: 3522 if (status == CMD_STATUS_COMPLETE) { 3523 priv->station_was_associated = priv->station_is_associated; 3524 atmel_get_mib(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_BSSID_POS, 3525 (u8 *)priv->CurrentBSSID, 6); 3526 atmel_enter_state(priv, STATION_STATE_READY); 3527 } 3528 break; 3529 3530 case CMD_Scan: 3531 fast_scan = priv->fast_scan; 3532 priv->fast_scan = 0; 3533 3534 if (status != CMD_STATUS_COMPLETE) { 3535 atmel_scan(priv, 1); 3536 } else { 3537 int bss_index = retrieve_bss(priv); 3538 int notify_scan_complete = 1; 3539 if (bss_index != -1) { 3540 atmel_join_bss(priv, bss_index); 3541 } else if (priv->operating_mode == IW_MODE_ADHOC && 3542 priv->SSID_size != 0) { 3543 start(priv, BSS_TYPE_AD_HOC); 3544 } else { 3545 priv->fast_scan = !fast_scan; 3546 atmel_scan(priv, 1); 3547 notify_scan_complete = 0; 3548 } 3549 priv->site_survey_state = SITE_SURVEY_COMPLETED; 3550 if (notify_scan_complete) { 3551 wrqu.data.length = 0; 3552 wrqu.data.flags = 0; 3553 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL); 3554 } 3555 } 3556 break; 3557 3558 case CMD_SiteSurvey: 3559 priv->fast_scan = 0; 3560 3561 if (status != CMD_STATUS_COMPLETE) 3562 return; 3563 3564 priv->site_survey_state = SITE_SURVEY_COMPLETED; 3565 if (priv->station_is_associated) { 3566 atmel_enter_state(priv, STATION_STATE_READY); 3567 wrqu.data.length = 0; 3568 wrqu.data.flags = 0; 3569 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL); 3570 } else { 3571 atmel_scan(priv, 1); 3572 } 3573 break; 3574 3575 case CMD_Join: 3576 if (status == CMD_STATUS_COMPLETE) { 3577 if (priv->operating_mode == IW_MODE_ADHOC) { 3578 priv->station_was_associated = priv->station_is_associated; 3579 atmel_enter_state(priv, STATION_STATE_READY); 3580 } else { 3581 int auth = WLAN_AUTH_OPEN; 3582 priv->AuthenticationRequestRetryCnt = 0; 3583 atmel_enter_state(priv, STATION_STATE_AUTHENTICATING); 3584 3585 mod_timer(&priv->management_timer, jiffies + MGMT_JIFFIES); 3586 priv->CurrentAuthentTransactionSeqNum = 0x0001; 3587 if (priv->wep_is_on && priv->exclude_unencrypted) 3588 auth = WLAN_AUTH_SHARED_KEY; 3589 send_authentication_request(priv, auth, NULL, 0); 3590 } 3591 return; 3592 } 3593 3594 atmel_scan(priv, 1); 3595 } 3596 } 3597 3598 static int atmel_wakeup_firmware(struct atmel_private *priv) 3599 { 3600 struct host_info_struct *iface = &priv->host_info; 3601 u16 mr1, mr3; 3602 int i; 3603 3604 if (priv->card_type == CARD_TYPE_SPI_FLASH) 3605 atmel_set_gcr(priv->dev, GCR_REMAP); 3606 3607 /* wake up on-board processor */ 3608 atmel_clear_gcr(priv->dev, 0x0040); 3609 atmel_write16(priv->dev, BSR, BSS_SRAM); 3610 3611 if (priv->card_type == CARD_TYPE_SPI_FLASH) 3612 mdelay(100); 3613 3614 /* and wait for it */ 3615 for (i = LOOP_RETRY_LIMIT; i; i--) { 3616 mr1 = atmel_read16(priv->dev, MR1); 3617 mr3 = atmel_read16(priv->dev, MR3); 3618 3619 if (mr3 & MAC_BOOT_COMPLETE) 3620 break; 3621 if (mr1 & MAC_BOOT_COMPLETE && 3622 priv->bus_type == BUS_TYPE_PCCARD) 3623 break; 3624 } 3625 3626 if (i == 0) { 3627 printk(KERN_ALERT "%s: MAC failed to boot.\n", priv->dev->name); 3628 return -EIO; 3629 } 3630 3631 if ((priv->host_info_base = atmel_read16(priv->dev, MR2)) == 0xffff) { 3632 printk(KERN_ALERT "%s: card missing.\n", priv->dev->name); 3633 return -ENODEV; 3634 } 3635 3636 /* now check for completion of MAC initialization through 3637 the FunCtrl field of the IFACE, poll MR1 to detect completion of 3638 MAC initialization, check completion status, set interrupt mask, 3639 enables interrupts and calls Tx and Rx initialization functions */ 3640 3641 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), FUNC_CTRL_INIT_COMPLETE); 3642 3643 for (i = LOOP_RETRY_LIMIT; i; i--) { 3644 mr1 = atmel_read16(priv->dev, MR1); 3645 mr3 = atmel_read16(priv->dev, MR3); 3646 3647 if (mr3 & MAC_INIT_COMPLETE) 3648 break; 3649 if (mr1 & MAC_INIT_COMPLETE && 3650 priv->bus_type == BUS_TYPE_PCCARD) 3651 break; 3652 } 3653 3654 if (i == 0) { 3655 printk(KERN_ALERT "%s: MAC failed to initialise.\n", 3656 priv->dev->name); 3657 return -EIO; 3658 } 3659 3660 /* Check for MAC_INIT_OK only on the register that the MAC_INIT_OK was set */ 3661 if ((mr3 & MAC_INIT_COMPLETE) && 3662 !(atmel_read16(priv->dev, MR3) & MAC_INIT_OK)) { 3663 printk(KERN_ALERT "%s: MAC failed MR3 self-test.\n", priv->dev->name); 3664 return -EIO; 3665 } 3666 if ((mr1 & MAC_INIT_COMPLETE) && 3667 !(atmel_read16(priv->dev, MR1) & MAC_INIT_OK)) { 3668 printk(KERN_ALERT "%s: MAC failed MR1 self-test.\n", priv->dev->name); 3669 return -EIO; 3670 } 3671 3672 atmel_copy_to_host(priv->dev, (unsigned char *)iface, 3673 priv->host_info_base, sizeof(*iface)); 3674 3675 iface->tx_buff_pos = le16_to_cpu(iface->tx_buff_pos); 3676 iface->tx_buff_size = le16_to_cpu(iface->tx_buff_size); 3677 iface->tx_desc_pos = le16_to_cpu(iface->tx_desc_pos); 3678 iface->tx_desc_count = le16_to_cpu(iface->tx_desc_count); 3679 iface->rx_buff_pos = le16_to_cpu(iface->rx_buff_pos); 3680 iface->rx_buff_size = le16_to_cpu(iface->rx_buff_size); 3681 iface->rx_desc_pos = le16_to_cpu(iface->rx_desc_pos); 3682 iface->rx_desc_count = le16_to_cpu(iface->rx_desc_count); 3683 iface->build_version = le16_to_cpu(iface->build_version); 3684 iface->command_pos = le16_to_cpu(iface->command_pos); 3685 iface->major_version = le16_to_cpu(iface->major_version); 3686 iface->minor_version = le16_to_cpu(iface->minor_version); 3687 iface->func_ctrl = le16_to_cpu(iface->func_ctrl); 3688 iface->mac_status = le16_to_cpu(iface->mac_status); 3689 3690 return 0; 3691 } 3692 3693 /* determine type of memory and MAC address */ 3694 static int probe_atmel_card(struct net_device *dev) 3695 { 3696 int rc = 0; 3697 struct atmel_private *priv = netdev_priv(dev); 3698 3699 /* reset pccard */ 3700 if (priv->bus_type == BUS_TYPE_PCCARD) 3701 atmel_write16(dev, GCR, 0x0060); 3702 3703 atmel_write16(dev, GCR, 0x0040); 3704 mdelay(500); 3705 3706 if (atmel_read16(dev, MR2) == 0) { 3707 /* No stored firmware so load a small stub which just 3708 tells us the MAC address */ 3709 int i; 3710 priv->card_type = CARD_TYPE_EEPROM; 3711 atmel_write16(dev, BSR, BSS_IRAM); 3712 atmel_copy_to_card(dev, 0, mac_reader, sizeof(mac_reader)); 3713 atmel_set_gcr(dev, GCR_REMAP); 3714 atmel_clear_gcr(priv->dev, 0x0040); 3715 atmel_write16(dev, BSR, BSS_SRAM); 3716 for (i = LOOP_RETRY_LIMIT; i; i--) 3717 if (atmel_read16(dev, MR3) & MAC_BOOT_COMPLETE) 3718 break; 3719 if (i == 0) { 3720 printk(KERN_ALERT "%s: MAC failed to boot MAC address reader.\n", dev->name); 3721 } else { 3722 atmel_copy_to_host(dev, dev->dev_addr, atmel_read16(dev, MR2), 6); 3723 /* got address, now squash it again until the network 3724 interface is opened */ 3725 if (priv->bus_type == BUS_TYPE_PCCARD) 3726 atmel_write16(dev, GCR, 0x0060); 3727 atmel_write16(dev, GCR, 0x0040); 3728 rc = 1; 3729 } 3730 } else if (atmel_read16(dev, MR4) == 0) { 3731 /* Mac address easy in this case. */ 3732 priv->card_type = CARD_TYPE_PARALLEL_FLASH; 3733 atmel_write16(dev, BSR, 1); 3734 atmel_copy_to_host(dev, dev->dev_addr, 0xc000, 6); 3735 atmel_write16(dev, BSR, 0x200); 3736 rc = 1; 3737 } else { 3738 /* Standard firmware in flash, boot it up and ask 3739 for the Mac Address */ 3740 priv->card_type = CARD_TYPE_SPI_FLASH; 3741 if (atmel_wakeup_firmware(priv) == 0) { 3742 atmel_get_mib(priv, Mac_Address_Mib_Type, 0, dev->dev_addr, 6); 3743 3744 /* got address, now squash it again until the network 3745 interface is opened */ 3746 if (priv->bus_type == BUS_TYPE_PCCARD) 3747 atmel_write16(dev, GCR, 0x0060); 3748 atmel_write16(dev, GCR, 0x0040); 3749 rc = 1; 3750 } 3751 } 3752 3753 if (rc) { 3754 if (dev->dev_addr[0] == 0xFF) { 3755 static const u8 default_mac[] = { 3756 0x00, 0x04, 0x25, 0x00, 0x00, 0x00 3757 }; 3758 printk(KERN_ALERT "%s: *** Invalid MAC address. UPGRADE Firmware ****\n", dev->name); 3759 memcpy(dev->dev_addr, default_mac, ETH_ALEN); 3760 } 3761 } 3762 3763 return rc; 3764 } 3765 3766 /* Move the encyption information on the MIB structure. 3767 This routine is for the pre-WPA firmware: later firmware has 3768 a different format MIB and a different routine. */ 3769 static void build_wep_mib(struct atmel_private *priv) 3770 { 3771 struct { /* NB this is matched to the hardware, don't change. */ 3772 u8 wep_is_on; 3773 u8 default_key; /* 0..3 */ 3774 u8 reserved; 3775 u8 exclude_unencrypted; 3776 3777 u32 WEPICV_error_count; 3778 u32 WEP_excluded_count; 3779 3780 u8 wep_keys[MAX_ENCRYPTION_KEYS][13]; 3781 u8 encryption_level; /* 0, 1, 2 */ 3782 u8 reserved2[3]; 3783 } mib; 3784 int i; 3785 3786 mib.wep_is_on = priv->wep_is_on; 3787 if (priv->wep_is_on) { 3788 if (priv->wep_key_len[priv->default_key] > 5) 3789 mib.encryption_level = 2; 3790 else 3791 mib.encryption_level = 1; 3792 } else { 3793 mib.encryption_level = 0; 3794 } 3795 3796 mib.default_key = priv->default_key; 3797 mib.exclude_unencrypted = priv->exclude_unencrypted; 3798 3799 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) 3800 memcpy(mib.wep_keys[i], priv->wep_keys[i], 13); 3801 3802 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib)); 3803 } 3804 3805 static void build_wpa_mib(struct atmel_private *priv) 3806 { 3807 /* This is for the later (WPA enabled) firmware. */ 3808 3809 struct { /* NB this is matched to the hardware, don't change. */ 3810 u8 cipher_default_key_value[MAX_ENCRYPTION_KEYS][MAX_ENCRYPTION_KEY_SIZE]; 3811 u8 receiver_address[ETH_ALEN]; 3812 u8 wep_is_on; 3813 u8 default_key; /* 0..3 */ 3814 u8 group_key; 3815 u8 exclude_unencrypted; 3816 u8 encryption_type; 3817 u8 reserved; 3818 3819 u32 WEPICV_error_count; 3820 u32 WEP_excluded_count; 3821 3822 u8 key_RSC[4][8]; 3823 } mib; 3824 3825 int i; 3826 3827 mib.wep_is_on = priv->wep_is_on; 3828 mib.exclude_unencrypted = priv->exclude_unencrypted; 3829 memcpy(mib.receiver_address, priv->CurrentBSSID, ETH_ALEN); 3830 3831 /* zero all the keys before adding in valid ones. */ 3832 memset(mib.cipher_default_key_value, 0, sizeof(mib.cipher_default_key_value)); 3833 3834 if (priv->wep_is_on) { 3835 /* There's a comment in the Atmel code to the effect that this 3836 is only valid when still using WEP, it may need to be set to 3837 something to use WPA */ 3838 memset(mib.key_RSC, 0, sizeof(mib.key_RSC)); 3839 3840 mib.default_key = mib.group_key = 255; 3841 for (i = 0; i < MAX_ENCRYPTION_KEYS; i++) { 3842 if (priv->wep_key_len[i] > 0) { 3843 memcpy(mib.cipher_default_key_value[i], priv->wep_keys[i], MAX_ENCRYPTION_KEY_SIZE); 3844 if (i == priv->default_key) { 3845 mib.default_key = i; 3846 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 7; 3847 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->pairwise_cipher_suite; 3848 } else { 3849 mib.group_key = i; 3850 priv->group_cipher_suite = priv->pairwise_cipher_suite; 3851 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-1] = 1; 3852 mib.cipher_default_key_value[i][MAX_ENCRYPTION_KEY_SIZE-2] = priv->group_cipher_suite; 3853 } 3854 } 3855 } 3856 if (mib.default_key == 255) 3857 mib.default_key = mib.group_key != 255 ? mib.group_key : 0; 3858 if (mib.group_key == 255) 3859 mib.group_key = mib.default_key; 3860 3861 } 3862 3863 atmel_set_mib(priv, Mac_Wep_Mib_Type, 0, (u8 *)&mib, sizeof(mib)); 3864 } 3865 3866 static int reset_atmel_card(struct net_device *dev) 3867 { 3868 /* do everything necessary to wake up the hardware, including 3869 waiting for the lightning strike and throwing the knife switch.... 3870 3871 set all the Mib values which matter in the card to match 3872 their settings in the atmel_private structure. Some of these 3873 can be altered on the fly, but many (WEP, infrastucture or ad-hoc) 3874 can only be changed by tearing down the world and coming back through 3875 here. 3876 3877 This routine is also responsible for initialising some 3878 hardware-specific fields in the atmel_private structure, 3879 including a copy of the firmware's hostinfo structure 3880 which is the route into the rest of the firmware datastructures. */ 3881 3882 struct atmel_private *priv = netdev_priv(dev); 3883 u8 configuration; 3884 int old_state = priv->station_state; 3885 int err = 0; 3886 3887 /* data to add to the firmware names, in priority order 3888 this implemenents firmware versioning */ 3889 3890 static char *firmware_modifier[] = { 3891 "-wpa", 3892 "", 3893 NULL 3894 }; 3895 3896 /* reset pccard */ 3897 if (priv->bus_type == BUS_TYPE_PCCARD) 3898 atmel_write16(priv->dev, GCR, 0x0060); 3899 3900 /* stop card , disable interrupts */ 3901 atmel_write16(priv->dev, GCR, 0x0040); 3902 3903 if (priv->card_type == CARD_TYPE_EEPROM) { 3904 /* copy in firmware if needed */ 3905 const struct firmware *fw_entry = NULL; 3906 const unsigned char *fw; 3907 int len = priv->firmware_length; 3908 if (!(fw = priv->firmware)) { 3909 if (priv->firmware_type == ATMEL_FW_TYPE_NONE) { 3910 if (strlen(priv->firmware_id) == 0) { 3911 printk(KERN_INFO 3912 "%s: card type is unknown: assuming at76c502 firmware is OK.\n", 3913 dev->name); 3914 printk(KERN_INFO 3915 "%s: if not, use the firmware= module parameter.\n", 3916 dev->name); 3917 strcpy(priv->firmware_id, "atmel_at76c502.bin"); 3918 } 3919 err = request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev); 3920 if (err != 0) { 3921 printk(KERN_ALERT 3922 "%s: firmware %s is missing, cannot continue.\n", 3923 dev->name, priv->firmware_id); 3924 return err; 3925 } 3926 } else { 3927 int fw_index = 0; 3928 int success = 0; 3929 3930 /* get firmware filename entry based on firmware type ID */ 3931 while (fw_table[fw_index].fw_type != priv->firmware_type 3932 && fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) 3933 fw_index++; 3934 3935 /* construct the actual firmware file name */ 3936 if (fw_table[fw_index].fw_type != ATMEL_FW_TYPE_NONE) { 3937 int i; 3938 for (i = 0; firmware_modifier[i]; i++) { 3939 snprintf(priv->firmware_id, 32, "%s%s.%s", fw_table[fw_index].fw_file, 3940 firmware_modifier[i], fw_table[fw_index].fw_file_ext); 3941 priv->firmware_id[31] = '\0'; 3942 if (request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev) == 0) { 3943 success = 1; 3944 break; 3945 } 3946 } 3947 } 3948 if (!success) { 3949 printk(KERN_ALERT 3950 "%s: firmware %s is missing, cannot start.\n", 3951 dev->name, priv->firmware_id); 3952 priv->firmware_id[0] = '\0'; 3953 return -ENOENT; 3954 } 3955 } 3956 3957 fw = fw_entry->data; 3958 len = fw_entry->size; 3959 } 3960 3961 if (len <= 0x6000) { 3962 atmel_write16(priv->dev, BSR, BSS_IRAM); 3963 atmel_copy_to_card(priv->dev, 0, fw, len); 3964 atmel_set_gcr(priv->dev, GCR_REMAP); 3965 } else { 3966 /* Remap */ 3967 atmel_set_gcr(priv->dev, GCR_REMAP); 3968 atmel_write16(priv->dev, BSR, BSS_IRAM); 3969 atmel_copy_to_card(priv->dev, 0, fw, 0x6000); 3970 atmel_write16(priv->dev, BSR, 0x2ff); 3971 atmel_copy_to_card(priv->dev, 0x8000, &fw[0x6000], len - 0x6000); 3972 } 3973 3974 release_firmware(fw_entry); 3975 } 3976 3977 err = atmel_wakeup_firmware(priv); 3978 if (err != 0) 3979 return err; 3980 3981 /* Check the version and set the correct flag for wpa stuff, 3982 old and new firmware is incompatible. 3983 The pre-wpa 3com firmware reports major version 5, 3984 the wpa 3com firmware is major version 4 and doesn't need 3985 the 3com broken-ness filter. */ 3986 priv->use_wpa = (priv->host_info.major_version == 4); 3987 priv->radio_on_broken = (priv->host_info.major_version == 5); 3988 3989 /* unmask all irq sources */ 3990 atmel_wmem8(priv, atmel_hi(priv, IFACE_INT_MASK_OFFSET), 0xff); 3991 3992 /* int Tx system and enable Tx */ 3993 atmel_wmem8(priv, atmel_tx(priv, TX_DESC_FLAGS_OFFSET, 0), 0); 3994 atmel_wmem32(priv, atmel_tx(priv, TX_DESC_NEXT_OFFSET, 0), 0x80000000L); 3995 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_POS_OFFSET, 0), 0); 3996 atmel_wmem16(priv, atmel_tx(priv, TX_DESC_SIZE_OFFSET, 0), 0); 3997 3998 priv->tx_desc_free = priv->host_info.tx_desc_count; 3999 priv->tx_desc_head = 0; 4000 priv->tx_desc_tail = 0; 4001 priv->tx_desc_previous = 0; 4002 priv->tx_free_mem = priv->host_info.tx_buff_size; 4003 priv->tx_buff_head = 0; 4004 priv->tx_buff_tail = 0; 4005 4006 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET)); 4007 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), 4008 configuration | FUNC_CTRL_TxENABLE); 4009 4010 /* init Rx system and enable */ 4011 priv->rx_desc_head = 0; 4012 4013 configuration = atmel_rmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET)); 4014 atmel_wmem8(priv, atmel_hi(priv, IFACE_FUNC_CTRL_OFFSET), 4015 configuration | FUNC_CTRL_RxENABLE); 4016 4017 if (!priv->radio_on_broken) { 4018 if (atmel_send_command_wait(priv, CMD_EnableRadio, NULL, 0) == 4019 CMD_STATUS_REJECTED_RADIO_OFF) { 4020 printk(KERN_INFO "%s: cannot turn the radio on.\n", 4021 dev->name); 4022 return -EIO; 4023 } 4024 } 4025 4026 /* set up enough MIB values to run. */ 4027 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_AUTO_TX_RATE_POS, priv->auto_tx_rate); 4028 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_TX_PROMISCUOUS_POS, PROM_MODE_OFF); 4029 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_RTS_THRESHOLD_POS, priv->rts_threshold); 4030 atmel_set_mib16(priv, Mac_Mib_Type, MAC_MIB_FRAG_THRESHOLD_POS, priv->frag_threshold); 4031 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_SHORT_RETRY_POS, priv->short_retry); 4032 atmel_set_mib8(priv, Mac_Mib_Type, MAC_MIB_LONG_RETRY_POS, priv->long_retry); 4033 atmel_set_mib8(priv, Local_Mib_Type, LOCAL_MIB_PREAMBLE_TYPE, priv->preamble); 4034 atmel_set_mib(priv, Mac_Address_Mib_Type, MAC_ADDR_MIB_MAC_ADDR_POS, 4035 priv->dev->dev_addr, 6); 4036 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_PS_MODE_POS, ACTIVE_MODE); 4037 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_LISTEN_INTERVAL_POS, 1); 4038 atmel_set_mib16(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_BEACON_PER_POS, priv->default_beacon_period); 4039 atmel_set_mib(priv, Phy_Mib_Type, PHY_MIB_RATE_SET_POS, atmel_basic_rates, 4); 4040 atmel_set_mib8(priv, Mac_Mgmt_Mib_Type, MAC_MGMT_MIB_CUR_PRIVACY_POS, priv->wep_is_on); 4041 if (priv->use_wpa) 4042 build_wpa_mib(priv); 4043 else 4044 build_wep_mib(priv); 4045 4046 if (old_state == STATION_STATE_READY) { 4047 union iwreq_data wrqu; 4048 4049 wrqu.data.length = 0; 4050 wrqu.data.flags = 0; 4051 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 4052 eth_zero_addr(wrqu.ap_addr.sa_data); 4053 wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL); 4054 } 4055 4056 return 0; 4057 } 4058 4059 static void atmel_send_command(struct atmel_private *priv, int command, 4060 void *cmd, int cmd_size) 4061 { 4062 if (cmd) 4063 atmel_copy_to_card(priv->dev, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET), 4064 cmd, cmd_size); 4065 4066 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_COMMAND_OFFSET), command); 4067 atmel_wmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET), 0); 4068 } 4069 4070 static int atmel_send_command_wait(struct atmel_private *priv, int command, 4071 void *cmd, int cmd_size) 4072 { 4073 int i, status; 4074 4075 atmel_send_command(priv, command, cmd, cmd_size); 4076 4077 for (i = 5000; i; i--) { 4078 status = atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_STATUS_OFFSET)); 4079 if (status != CMD_STATUS_IDLE && 4080 status != CMD_STATUS_IN_PROGRESS) 4081 break; 4082 udelay(20); 4083 } 4084 4085 if (i == 0) { 4086 printk(KERN_ALERT "%s: failed to contact MAC.\n", priv->dev->name); 4087 status = CMD_STATUS_HOST_ERROR; 4088 } else { 4089 if (command != CMD_EnableRadio) 4090 status = CMD_STATUS_COMPLETE; 4091 } 4092 4093 return status; 4094 } 4095 4096 static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index) 4097 { 4098 struct get_set_mib m; 4099 m.type = type; 4100 m.size = 1; 4101 m.index = index; 4102 4103 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + 1); 4104 return atmel_rmem8(priv, atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE)); 4105 } 4106 4107 static void atmel_set_mib8(struct atmel_private *priv, u8 type, u8 index, u8 data) 4108 { 4109 struct get_set_mib m; 4110 m.type = type; 4111 m.size = 1; 4112 m.index = index; 4113 m.data[0] = data; 4114 4115 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 1); 4116 } 4117 4118 static void atmel_set_mib16(struct atmel_private *priv, u8 type, u8 index, 4119 u16 data) 4120 { 4121 struct get_set_mib m; 4122 m.type = type; 4123 m.size = 2; 4124 m.index = index; 4125 m.data[0] = data; 4126 m.data[1] = data >> 8; 4127 4128 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + 2); 4129 } 4130 4131 static void atmel_set_mib(struct atmel_private *priv, u8 type, u8 index, 4132 u8 *data, int data_len) 4133 { 4134 struct get_set_mib m; 4135 m.type = type; 4136 m.size = data_len; 4137 m.index = index; 4138 4139 if (data_len > MIB_MAX_DATA_BYTES) 4140 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name); 4141 4142 memcpy(m.data, data, data_len); 4143 atmel_send_command_wait(priv, CMD_Set_MIB_Vars, &m, MIB_HEADER_SIZE + data_len); 4144 } 4145 4146 static void atmel_get_mib(struct atmel_private *priv, u8 type, u8 index, 4147 u8 *data, int data_len) 4148 { 4149 struct get_set_mib m; 4150 m.type = type; 4151 m.size = data_len; 4152 m.index = index; 4153 4154 if (data_len > MIB_MAX_DATA_BYTES) 4155 printk(KERN_ALERT "%s: MIB buffer too small.\n", priv->dev->name); 4156 4157 atmel_send_command_wait(priv, CMD_Get_MIB_Vars, &m, MIB_HEADER_SIZE + data_len); 4158 atmel_copy_to_host(priv->dev, data, 4159 atmel_co(priv, CMD_BLOCK_PARAMETERS_OFFSET + MIB_HEADER_SIZE), data_len); 4160 } 4161 4162 static void atmel_writeAR(struct net_device *dev, u16 data) 4163 { 4164 int i; 4165 outw(data, dev->base_addr + AR); 4166 /* Address register appears to need some convincing..... */ 4167 for (i = 0; data != inw(dev->base_addr + AR) && i < 10; i++) 4168 outw(data, dev->base_addr + AR); 4169 } 4170 4171 static void atmel_copy_to_card(struct net_device *dev, u16 dest, 4172 const unsigned char *src, u16 len) 4173 { 4174 int i; 4175 atmel_writeAR(dev, dest); 4176 if (dest % 2) { 4177 atmel_write8(dev, DR, *src); 4178 src++; len--; 4179 } 4180 for (i = len; i > 1 ; i -= 2) { 4181 u8 lb = *src++; 4182 u8 hb = *src++; 4183 atmel_write16(dev, DR, lb | (hb << 8)); 4184 } 4185 if (i) 4186 atmel_write8(dev, DR, *src); 4187 } 4188 4189 static void atmel_copy_to_host(struct net_device *dev, unsigned char *dest, 4190 u16 src, u16 len) 4191 { 4192 int i; 4193 atmel_writeAR(dev, src); 4194 if (src % 2) { 4195 *dest = atmel_read8(dev, DR); 4196 dest++; len--; 4197 } 4198 for (i = len; i > 1 ; i -= 2) { 4199 u16 hw = atmel_read16(dev, DR); 4200 *dest++ = hw; 4201 *dest++ = hw >> 8; 4202 } 4203 if (i) 4204 *dest = atmel_read8(dev, DR); 4205 } 4206 4207 static void atmel_set_gcr(struct net_device *dev, u16 mask) 4208 { 4209 outw(inw(dev->base_addr + GCR) | mask, dev->base_addr + GCR); 4210 } 4211 4212 static void atmel_clear_gcr(struct net_device *dev, u16 mask) 4213 { 4214 outw(inw(dev->base_addr + GCR) & ~mask, dev->base_addr + GCR); 4215 } 4216 4217 static int atmel_lock_mac(struct atmel_private *priv) 4218 { 4219 int i, j = 20; 4220 retry: 4221 for (i = 5000; i; i--) { 4222 if (!atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) 4223 break; 4224 udelay(20); 4225 } 4226 4227 if (!i) 4228 return 0; /* timed out */ 4229 4230 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 1); 4231 if (atmel_rmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_HOST_OFFSET))) { 4232 atmel_wmem8(priv, atmel_hi(priv, IFACE_LOCKOUT_MAC_OFFSET), 0); 4233 if (!j--) 4234 return 0; /* timed out */ 4235 goto retry; 4236 } 4237 4238 return 1; 4239 } 4240 4241 static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data) 4242 { 4243 atmel_writeAR(priv->dev, pos); 4244 atmel_write16(priv->dev, DR, data); /* card is little-endian */ 4245 atmel_write16(priv->dev, DR, data >> 16); 4246 } 4247 4248 /***************************************************************************/ 4249 /* There follows the source form of the MAC address reading firmware */ 4250 /***************************************************************************/ 4251 #if 0 4252 4253 /* Copyright 2003 Matthew T. Russotto */ 4254 /* But derived from the Atmel 76C502 firmware written by Atmel and */ 4255 /* included in "atmel wireless lan drivers" package */ 4256 /** 4257 This file is part of net.russotto.AtmelMACFW, hereto referred to 4258 as AtmelMACFW 4259 4260 AtmelMACFW is free software; you can redistribute it and/or modify 4261 it under the terms of the GNU General Public License version 2 4262 as published by the Free Software Foundation. 4263 4264 AtmelMACFW is distributed in the hope that it will be useful, 4265 but WITHOUT ANY WARRANTY; without even the implied warranty of 4266 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 4267 GNU General Public License for more details. 4268 4269 You should have received a copy of the GNU General Public License 4270 along with AtmelMACFW; if not, see <http://www.gnu.org/licenses/>. 4271 4272 ****************************************************************************/ 4273 /* This firmware should work on the 76C502 RFMD, RFMD_D, and RFMD_E */ 4274 /* It will probably work on the 76C504 and 76C502 RFMD_3COM */ 4275 /* It only works on SPI EEPROM versions of the card. */ 4276 4277 /* This firmware initializes the SPI controller and clock, reads the MAC */ 4278 /* address from the EEPROM into SRAM, and puts the SRAM offset of the MAC */ 4279 /* address in MR2, and sets MR3 to 0x10 to indicate it is done */ 4280 /* It also puts a complete copy of the EEPROM in SRAM with the offset in */ 4281 /* MR4, for investigational purposes (maybe we can determine chip type */ 4282 /* from that?) */ 4283 4284 .org 0 4285 .set MRBASE, 0x8000000 4286 .set CPSR_INITIAL, 0xD3 /* IRQ/FIQ disabled, ARM mode, Supervisor state */ 4287 .set CPSR_USER, 0xD1 /* IRQ/FIQ disabled, ARM mode, USER state */ 4288 .set SRAM_BASE, 0x02000000 4289 .set SP_BASE, 0x0F300000 4290 .set UNK_BASE, 0x0F000000 /* Some internal device, but which one? */ 4291 .set SPI_CGEN_BASE, 0x0E000000 /* Some internal device, but which one? */ 4292 .set UNK3_BASE, 0x02014000 /* Some internal device, but which one? */ 4293 .set STACK_BASE, 0x5600 4294 .set SP_SR, 0x10 4295 .set SP_TDRE, 2 /* status register bit -- TDR empty */ 4296 .set SP_RDRF, 1 /* status register bit -- RDR full */ 4297 .set SP_SWRST, 0x80 4298 .set SP_SPIEN, 0x1 4299 .set SP_CR, 0 /* control register */ 4300 .set SP_MR, 4 /* mode register */ 4301 .set SP_RDR, 0x08 /* Read Data Register */ 4302 .set SP_TDR, 0x0C /* Transmit Data Register */ 4303 .set SP_CSR0, 0x30 /* chip select registers */ 4304 .set SP_CSR1, 0x34 4305 .set SP_CSR2, 0x38 4306 .set SP_CSR3, 0x3C 4307 .set NVRAM_CMD_RDSR, 5 /* read status register */ 4308 .set NVRAM_CMD_READ, 3 /* read data */ 4309 .set NVRAM_SR_RDY, 1 /* RDY bit. This bit is inverted */ 4310 .set SPI_8CLOCKS, 0xFF /* Writing this to the TDR doesn't do anything to the 4311 serial output, since SO is normally high. But it 4312 does cause 8 clock cycles and thus 8 bits to be 4313 clocked in to the chip. See Atmel's SPI 4314 controller (e.g. AT91M55800) timing and 4K 4315 SPI EEPROM manuals */ 4316 4317 .set NVRAM_SCRATCH, 0x02000100 /* arbitrary area for scratchpad memory */ 4318 .set NVRAM_IMAGE, 0x02000200 4319 .set NVRAM_LENGTH, 0x0200 4320 .set MAC_ADDRESS_MIB, SRAM_BASE 4321 .set MAC_ADDRESS_LENGTH, 6 4322 .set MAC_BOOT_FLAG, 0x10 4323 .set MR1, 0 4324 .set MR2, 4 4325 .set MR3, 8 4326 .set MR4, 0xC 4327 RESET_VECTOR: 4328 b RESET_HANDLER 4329 UNDEF_VECTOR: 4330 b HALT1 4331 SWI_VECTOR: 4332 b HALT1 4333 IABORT_VECTOR: 4334 b HALT1 4335 DABORT_VECTOR: 4336 RESERVED_VECTOR: 4337 b HALT1 4338 IRQ_VECTOR: 4339 b HALT1 4340 FIQ_VECTOR: 4341 b HALT1 4342 HALT1: b HALT1 4343 RESET_HANDLER: 4344 mov r0, #CPSR_INITIAL 4345 msr CPSR_c, r0 /* This is probably unnecessary */ 4346 4347 /* I'm guessing this is initializing clock generator electronics for SPI */ 4348 ldr r0, =SPI_CGEN_BASE 4349 mov r1, #0 4350 mov r1, r1, lsl #3 4351 orr r1, r1, #0 4352 str r1, [r0] 4353 ldr r1, [r0, #28] 4354 bic r1, r1, #16 4355 str r1, [r0, #28] 4356 mov r1, #1 4357 str r1, [r0, #8] 4358 4359 ldr r0, =MRBASE 4360 mov r1, #0 4361 strh r1, [r0, #MR1] 4362 strh r1, [r0, #MR2] 4363 strh r1, [r0, #MR3] 4364 strh r1, [r0, #MR4] 4365 4366 mov sp, #STACK_BASE 4367 bl SP_INIT 4368 mov r0, #10 4369 bl DELAY9 4370 bl GET_MAC_ADDR 4371 bl GET_WHOLE_NVRAM 4372 ldr r0, =MRBASE 4373 ldr r1, =MAC_ADDRESS_MIB 4374 strh r1, [r0, #MR2] 4375 ldr r1, =NVRAM_IMAGE 4376 strh r1, [r0, #MR4] 4377 mov r1, #MAC_BOOT_FLAG 4378 strh r1, [r0, #MR3] 4379 HALT2: b HALT2 4380 .func Get_Whole_NVRAM, GET_WHOLE_NVRAM 4381 GET_WHOLE_NVRAM: 4382 stmdb sp!, {lr} 4383 mov r2, #0 /* 0th bytes of NVRAM */ 4384 mov r3, #NVRAM_LENGTH 4385 mov r1, #0 /* not used in routine */ 4386 ldr r0, =NVRAM_IMAGE 4387 bl NVRAM_XFER 4388 ldmia sp!, {lr} 4389 bx lr 4390 .endfunc 4391 4392 .func Get_MAC_Addr, GET_MAC_ADDR 4393 GET_MAC_ADDR: 4394 stmdb sp!, {lr} 4395 mov r2, #0x120 /* address of MAC Address within NVRAM */ 4396 mov r3, #MAC_ADDRESS_LENGTH 4397 mov r1, #0 /* not used in routine */ 4398 ldr r0, =MAC_ADDRESS_MIB 4399 bl NVRAM_XFER 4400 ldmia sp!, {lr} 4401 bx lr 4402 .endfunc 4403 .ltorg 4404 .func Delay9, DELAY9 4405 DELAY9: 4406 adds r0, r0, r0, LSL #3 /* r0 = r0 * 9 */ 4407 DELAYLOOP: 4408 beq DELAY9_done 4409 subs r0, r0, #1 4410 b DELAYLOOP 4411 DELAY9_done: 4412 bx lr 4413 .endfunc 4414 4415 .func SP_Init, SP_INIT 4416 SP_INIT: 4417 mov r1, #SP_SWRST 4418 ldr r0, =SP_BASE 4419 str r1, [r0, #SP_CR] /* reset the SPI */ 4420 mov r1, #0 4421 str r1, [r0, #SP_CR] /* release SPI from reset state */ 4422 mov r1, #SP_SPIEN 4423 str r1, [r0, #SP_MR] /* set the SPI to MASTER mode*/ 4424 str r1, [r0, #SP_CR] /* enable the SPI */ 4425 4426 /* My guess would be this turns on the SPI clock */ 4427 ldr r3, =SPI_CGEN_BASE 4428 ldr r1, [r3, #28] 4429 orr r1, r1, #0x2000 4430 str r1, [r3, #28] 4431 4432 ldr r1, =0x2000c01 4433 str r1, [r0, #SP_CSR0] 4434 ldr r1, =0x2000201 4435 str r1, [r0, #SP_CSR1] 4436 str r1, [r0, #SP_CSR2] 4437 str r1, [r0, #SP_CSR3] 4438 ldr r1, [r0, #SP_SR] 4439 ldr r0, [r0, #SP_RDR] 4440 bx lr 4441 .endfunc 4442 .func NVRAM_Init, NVRAM_INIT 4443 NVRAM_INIT: 4444 ldr r1, =SP_BASE 4445 ldr r0, [r1, #SP_RDR] 4446 mov r0, #NVRAM_CMD_RDSR 4447 str r0, [r1, #SP_TDR] 4448 SP_loop1: 4449 ldr r0, [r1, #SP_SR] 4450 tst r0, #SP_TDRE 4451 beq SP_loop1 4452 4453 mov r0, #SPI_8CLOCKS 4454 str r0, [r1, #SP_TDR] 4455 SP_loop2: 4456 ldr r0, [r1, #SP_SR] 4457 tst r0, #SP_TDRE 4458 beq SP_loop2 4459 4460 ldr r0, [r1, #SP_RDR] 4461 SP_loop3: 4462 ldr r0, [r1, #SP_SR] 4463 tst r0, #SP_RDRF 4464 beq SP_loop3 4465 4466 ldr r0, [r1, #SP_RDR] 4467 and r0, r0, #255 4468 bx lr 4469 .endfunc 4470 4471 .func NVRAM_Xfer, NVRAM_XFER 4472 /* r0 = dest address */ 4473 /* r1 = not used */ 4474 /* r2 = src address within NVRAM */ 4475 /* r3 = length */ 4476 NVRAM_XFER: 4477 stmdb sp!, {r4, r5, lr} 4478 mov r5, r0 /* save r0 (dest address) */ 4479 mov r4, r3 /* save r3 (length) */ 4480 mov r0, r2, LSR #5 /* SPI memories put A8 in the command field */ 4481 and r0, r0, #8 4482 add r0, r0, #NVRAM_CMD_READ 4483 ldr r1, =NVRAM_SCRATCH 4484 strb r0, [r1, #0] /* save command in NVRAM_SCRATCH[0] */ 4485 strb r2, [r1, #1] /* save low byte of source address in NVRAM_SCRATCH[1] */ 4486 _local1: 4487 bl NVRAM_INIT 4488 tst r0, #NVRAM_SR_RDY 4489 bne _local1 4490 mov r0, #20 4491 bl DELAY9 4492 mov r2, r4 /* length */ 4493 mov r1, r5 /* dest address */ 4494 mov r0, #2 /* bytes to transfer in command */ 4495 bl NVRAM_XFER2 4496 ldmia sp!, {r4, r5, lr} 4497 bx lr 4498 .endfunc 4499 4500 .func NVRAM_Xfer2, NVRAM_XFER2 4501 NVRAM_XFER2: 4502 stmdb sp!, {r4, r5, r6, lr} 4503 ldr r4, =SP_BASE 4504 mov r3, #0 4505 cmp r0, #0 4506 bls _local2 4507 ldr r5, =NVRAM_SCRATCH 4508 _local4: 4509 ldrb r6, [r5, r3] 4510 str r6, [r4, #SP_TDR] 4511 _local3: 4512 ldr r6, [r4, #SP_SR] 4513 tst r6, #SP_TDRE 4514 beq _local3 4515 add r3, r3, #1 4516 cmp r3, r0 /* r0 is # of bytes to send out (command+addr) */ 4517 blo _local4 4518 _local2: 4519 mov r3, #SPI_8CLOCKS 4520 str r3, [r4, #SP_TDR] 4521 ldr r0, [r4, #SP_RDR] 4522 _local5: 4523 ldr r0, [r4, #SP_SR] 4524 tst r0, #SP_RDRF 4525 beq _local5 4526 ldr r0, [r4, #SP_RDR] /* what's this byte? It's the byte read while writing the TDR -- nonsense, because the NVRAM doesn't read and write at the same time */ 4527 mov r0, #0 4528 cmp r2, #0 /* r2 is # of bytes to copy in */ 4529 bls _local6 4530 _local7: 4531 ldr r5, [r4, #SP_SR] 4532 tst r5, #SP_TDRE 4533 beq _local7 4534 str r3, [r4, #SP_TDR] /* r3 has SPI_8CLOCKS */ 4535 _local8: 4536 ldr r5, [r4, #SP_SR] 4537 tst r5, #SP_RDRF 4538 beq _local8 4539 ldr r5, [r4, #SP_RDR] /* but didn't we read this byte above? */ 4540 strb r5, [r1], #1 /* postindexed */ 4541 add r0, r0, #1 4542 cmp r0, r2 4543 blo _local7 /* since we don't send another address, the NVRAM must be capable of sequential reads */ 4544 _local6: 4545 mov r0, #200 4546 bl DELAY9 4547 ldmia sp!, {r4, r5, r6, lr} 4548 bx lr 4549 #endif 4550