1 /******************************************************************************
3 * Copyright(c) 2003 - 2007 Intel Corporation. All rights reserved.
5 * Portions of this file are derived from the ipw3945 project, as well
6 * as portions of the ieee80211 subsystem header files.
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of version 2 of the GNU General Public License as
10 * published by the Free Software Foundation.
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
17 * You should have received a copy of the GNU General Public License along with
18 * this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
21 * The full GNU General Public License is included in this distribution in the
22 * file called LICENSE.
24 * Contact Information:
25 * James P. Ketrenos <ipw2100-admin@linux.intel.com>
26 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
28 *****************************************************************************/
30 #include <linux/kernel.h>
31 #include <linux/module.h>
32 #include <linux/version.h>
33 #include <linux/init.h>
34 #include <linux/pci.h>
35 #include <linux/dma-mapping.h>
36 #include <linux/delay.h>
37 #include <linux/skbuff.h>
38 #include <linux/netdevice.h>
39 #include <linux/wireless.h>
40 #include <linux/firmware.h>
41 #include <linux/etherdevice.h>
42 #include <linux/if_arp.h>
44 #include <net/mac80211.h>
46 #include <asm/div64.h>
50 #include "iwl-helpers.h"
52 #ifdef CONFIG_IWL4965_DEBUG
53 u32 iwl4965_debug_level;
56 static int iwl4965_tx_queue_update_write_ptr(struct iwl4965_priv *priv,
57 struct iwl4965_tx_queue *txq);
59 /******************************************************************************
63 ******************************************************************************/
65 /* module parameters */
66 static int iwl4965_param_disable_hw_scan; /* def: 0 = use 4965's h/w scan */
67 static int iwl4965_param_debug; /* def: 0 = minimal debug log messages */
68 static int iwl4965_param_disable; /* def: enable radio */
69 static int iwl4965_param_antenna; /* def: 0 = both antennas (use diversity) */
70 int iwl4965_param_hwcrypto; /* def: using software encryption */
71 static int iwl4965_param_qos_enable = 1; /* def: 1 = use quality of service */
72 int iwl4965_param_queues_num = IWL_MAX_NUM_QUEUES; /* def: 16 Tx queues */
73 int iwl4965_param_amsdu_size_8K; /* def: enable 8K amsdu size */
76 * module name, copyright, version, etc.
77 * NOTE: DRV_NAME is defined in iwlwifi.h for use by iwl-debug.h and printk
80 #define DRV_DESCRIPTION "Intel(R) Wireless WiFi Link 4965AGN driver for Linux"
82 #ifdef CONFIG_IWL4965_DEBUG
88 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
94 #define IWLWIFI_VERSION "1.2.26k" VD VS
95 #define DRV_COPYRIGHT "Copyright(c) 2003-2007 Intel Corporation"
96 #define DRV_VERSION IWLWIFI_VERSION
99 MODULE_DESCRIPTION(DRV_DESCRIPTION);
100 MODULE_VERSION(DRV_VERSION);
101 MODULE_AUTHOR(DRV_COPYRIGHT);
102 MODULE_LICENSE("GPL");
104 __le16 *ieee80211_get_qos_ctrl(struct ieee80211_hdr *hdr)
106 u16 fc = le16_to_cpu(hdr->frame_control);
107 int hdr_len = ieee80211_get_hdrlen(fc);
109 if ((fc & 0x00cc) == (IEEE80211_STYPE_QOS_DATA | IEEE80211_FTYPE_DATA))
110 return (__le16 *) ((u8 *) hdr + hdr_len - QOS_CONTROL_LEN);
114 static const struct ieee80211_supported_band *iwl4965_get_hw_mode(
115 struct iwl4965_priv *priv, enum ieee80211_band band)
117 return priv->hw->wiphy->bands[band];
120 static int iwl4965_is_empty_essid(const char *essid, int essid_len)
122 /* Single white space is for Linksys APs */
123 if (essid_len == 1 && essid[0] == ' ')
126 /* Otherwise, if the entire essid is 0, we assume it is hidden */
129 if (essid[essid_len] != '\0')
136 static const char *iwl4965_escape_essid(const char *essid, u8 essid_len)
138 static char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
139 const char *s = essid;
142 if (iwl4965_is_empty_essid(essid, essid_len)) {
143 memcpy(escaped, "<hidden>", sizeof("<hidden>"));
147 essid_len = min(essid_len, (u8) IW_ESSID_MAX_SIZE);
148 while (essid_len--) {
160 /*************** DMA-QUEUE-GENERAL-FUNCTIONS *****
163 * Theory of operation
165 * A Tx or Rx queue resides in host DRAM, and is comprised of a circular buffer
166 * of buffer descriptors, each of which points to one or more data buffers for
167 * the device to read from or fill. Driver and device exchange status of each
168 * queue via "read" and "write" pointers. Driver keeps minimum of 2 empty
169 * entries in each circular buffer, to protect against confusing empty and full
172 * The device reads or writes the data in the queues via the device's several
173 * DMA/FIFO channels. Each queue is mapped to a single DMA channel.
175 * For Tx queue, there are low mark and high mark limits. If, after queuing
176 * the packet for Tx, free space become < low mark, Tx queue stopped. When
177 * reclaiming packets (on 'tx done IRQ), if free space become > high mark,
180 * The 4965 operates with up to 17 queues: One receive queue, one transmit
181 * queue (#4) for sending commands to the device firmware, and 15 other
182 * Tx queues that may be mapped to prioritized Tx DMA/FIFO channels.
184 * See more detailed info in iwl-4965-hw.h.
185 ***************************************************/
187 int iwl4965_queue_space(const struct iwl4965_queue *q)
189 int s = q->read_ptr - q->write_ptr;
191 if (q->read_ptr > q->write_ptr)
196 /* keep some reserve to not confuse empty and full situations */
204 * iwl4965_queue_inc_wrap - increment queue index, wrap back to beginning
205 * @index -- current index
206 * @n_bd -- total number of entries in queue (must be power of 2)
208 static inline int iwl4965_queue_inc_wrap(int index, int n_bd)
210 return ++index & (n_bd - 1);
214 * iwl4965_queue_dec_wrap - decrement queue index, wrap back to end
215 * @index -- current index
216 * @n_bd -- total number of entries in queue (must be power of 2)
218 static inline int iwl4965_queue_dec_wrap(int index, int n_bd)
220 return --index & (n_bd - 1);
223 static inline int x2_queue_used(const struct iwl4965_queue *q, int i)
225 return q->write_ptr > q->read_ptr ?
226 (i >= q->read_ptr && i < q->write_ptr) :
227 !(i < q->read_ptr && i >= q->write_ptr);
230 static inline u8 get_cmd_index(struct iwl4965_queue *q, u32 index, int is_huge)
232 /* This is for scan command, the big buffer at end of command array */
234 return q->n_window; /* must be power of 2 */
236 /* Otherwise, use normal size buffers */
237 return index & (q->n_window - 1);
241 * iwl4965_queue_init - Initialize queue's high/low-water and read/write indexes
243 static int iwl4965_queue_init(struct iwl4965_priv *priv, struct iwl4965_queue *q,
244 int count, int slots_num, u32 id)
247 q->n_window = slots_num;
250 /* count must be power-of-two size, otherwise iwl4965_queue_inc_wrap
251 * and iwl4965_queue_dec_wrap are broken. */
252 BUG_ON(!is_power_of_2(count));
254 /* slots_num must be power-of-two size, otherwise
255 * get_cmd_index is broken. */
256 BUG_ON(!is_power_of_2(slots_num));
258 q->low_mark = q->n_window / 4;
262 q->high_mark = q->n_window / 8;
263 if (q->high_mark < 2)
266 q->write_ptr = q->read_ptr = 0;
272 * iwl4965_tx_queue_alloc - Alloc driver data and TFD CB for one Tx/cmd queue
274 static int iwl4965_tx_queue_alloc(struct iwl4965_priv *priv,
275 struct iwl4965_tx_queue *txq, u32 id)
277 struct pci_dev *dev = priv->pci_dev;
279 /* Driver private data, only for Tx (not command) queues,
280 * not shared with device. */
281 if (id != IWL_CMD_QUEUE_NUM) {
282 txq->txb = kmalloc(sizeof(txq->txb[0]) *
283 TFD_QUEUE_SIZE_MAX, GFP_KERNEL);
285 IWL_ERROR("kmalloc for auxiliary BD "
286 "structures failed\n");
292 /* Circular buffer of transmit frame descriptors (TFDs),
293 * shared with device */
294 txq->bd = pci_alloc_consistent(dev,
295 sizeof(txq->bd[0]) * TFD_QUEUE_SIZE_MAX,
299 IWL_ERROR("pci_alloc_consistent(%zd) failed\n",
300 sizeof(txq->bd[0]) * TFD_QUEUE_SIZE_MAX);
317 * iwl4965_tx_queue_init - Allocate and initialize one tx/cmd queue
319 int iwl4965_tx_queue_init(struct iwl4965_priv *priv,
320 struct iwl4965_tx_queue *txq, int slots_num, u32 txq_id)
322 struct pci_dev *dev = priv->pci_dev;
327 * Alloc buffer array for commands (Tx or other types of commands).
328 * For the command queue (#4), allocate command space + one big
329 * command for scan, since scan command is very huge; the system will
330 * not have two scans at the same time, so only one is needed.
331 * For normal Tx queues (all other queues), no super-size command
334 len = sizeof(struct iwl4965_cmd) * slots_num;
335 if (txq_id == IWL_CMD_QUEUE_NUM)
336 len += IWL_MAX_SCAN_SIZE;
337 txq->cmd = pci_alloc_consistent(dev, len, &txq->dma_addr_cmd);
341 /* Alloc driver data array and TFD circular buffer */
342 rc = iwl4965_tx_queue_alloc(priv, txq, txq_id);
344 pci_free_consistent(dev, len, txq->cmd, txq->dma_addr_cmd);
348 txq->need_update = 0;
350 /* TFD_QUEUE_SIZE_MAX must be power-of-two size, otherwise
351 * iwl4965_queue_inc_wrap and iwl4965_queue_dec_wrap are broken. */
352 BUILD_BUG_ON(TFD_QUEUE_SIZE_MAX & (TFD_QUEUE_SIZE_MAX - 1));
354 /* Initialize queue's high/low-water marks, and head/tail indexes */
355 iwl4965_queue_init(priv, &txq->q, TFD_QUEUE_SIZE_MAX, slots_num, txq_id);
357 /* Tell device where to find queue */
358 iwl4965_hw_tx_queue_init(priv, txq);
364 * iwl4965_tx_queue_free - Deallocate DMA queue.
365 * @txq: Transmit queue to deallocate.
367 * Empty queue by removing and destroying all BD's.
369 * 0-fill, but do not free "txq" descriptor structure.
371 void iwl4965_tx_queue_free(struct iwl4965_priv *priv, struct iwl4965_tx_queue *txq)
373 struct iwl4965_queue *q = &txq->q;
374 struct pci_dev *dev = priv->pci_dev;
380 /* first, empty all BD's */
381 for (; q->write_ptr != q->read_ptr;
382 q->read_ptr = iwl4965_queue_inc_wrap(q->read_ptr, q->n_bd))
383 iwl4965_hw_txq_free_tfd(priv, txq);
385 len = sizeof(struct iwl4965_cmd) * q->n_window;
386 if (q->id == IWL_CMD_QUEUE_NUM)
387 len += IWL_MAX_SCAN_SIZE;
389 /* De-alloc array of command/tx buffers */
390 pci_free_consistent(dev, len, txq->cmd, txq->dma_addr_cmd);
392 /* De-alloc circular buffer of TFDs */
394 pci_free_consistent(dev, sizeof(struct iwl4965_tfd_frame) *
395 txq->q.n_bd, txq->bd, txq->q.dma_addr);
397 /* De-alloc array of per-TFD driver data */
403 /* 0-fill queue descriptor structure */
404 memset(txq, 0, sizeof(*txq));
407 const u8 iwl4965_broadcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
409 /*************** STATION TABLE MANAGEMENT ****
410 * mac80211 should be examined to determine if sta_info is duplicating
411 * the functionality provided here
414 /**************************************************************/
416 #if 0 /* temporary disable till we add real remove station */
418 * iwl4965_remove_station - Remove driver's knowledge of station.
420 * NOTE: This does not remove station from device's station table.
422 static u8 iwl4965_remove_station(struct iwl4965_priv *priv, const u8 *addr, int is_ap)
424 int index = IWL_INVALID_STATION;
428 spin_lock_irqsave(&priv->sta_lock, flags);
432 else if (is_broadcast_ether_addr(addr))
433 index = priv->hw_setting.bcast_sta_id;
435 for (i = IWL_STA_ID; i < priv->hw_setting.max_stations; i++)
436 if (priv->stations[i].used &&
437 !compare_ether_addr(priv->stations[i].sta.sta.addr,
443 if (unlikely(index == IWL_INVALID_STATION))
446 if (priv->stations[index].used) {
447 priv->stations[index].used = 0;
448 priv->num_stations--;
451 BUG_ON(priv->num_stations < 0);
454 spin_unlock_irqrestore(&priv->sta_lock, flags);
460 * iwl4965_clear_stations_table - Clear the driver's station table
462 * NOTE: This does not clear or otherwise alter the device's station table.
464 static void iwl4965_clear_stations_table(struct iwl4965_priv *priv)
468 spin_lock_irqsave(&priv->sta_lock, flags);
470 priv->num_stations = 0;
471 memset(priv->stations, 0, sizeof(priv->stations));
473 spin_unlock_irqrestore(&priv->sta_lock, flags);
477 * iwl4965_add_station_flags - Add station to tables in driver and device
479 u8 iwl4965_add_station_flags(struct iwl4965_priv *priv, const u8 *addr,
480 int is_ap, u8 flags, void *ht_data)
483 int index = IWL_INVALID_STATION;
484 struct iwl4965_station_entry *station;
485 unsigned long flags_spin;
486 DECLARE_MAC_BUF(mac);
488 spin_lock_irqsave(&priv->sta_lock, flags_spin);
491 else if (is_broadcast_ether_addr(addr))
492 index = priv->hw_setting.bcast_sta_id;
494 for (i = IWL_STA_ID; i < priv->hw_setting.max_stations; i++) {
495 if (!compare_ether_addr(priv->stations[i].sta.sta.addr,
501 if (!priv->stations[i].used &&
502 index == IWL_INVALID_STATION)
507 /* These two conditions have the same outcome, but keep them separate
508 since they have different meanings */
509 if (unlikely(index == IWL_INVALID_STATION)) {
510 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
514 if (priv->stations[index].used &&
515 !compare_ether_addr(priv->stations[index].sta.sta.addr, addr)) {
516 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
521 IWL_DEBUG_ASSOC("Add STA ID %d: %s\n", index, print_mac(mac, addr));
522 station = &priv->stations[index];
524 priv->num_stations++;
526 /* Set up the REPLY_ADD_STA command to send to device */
527 memset(&station->sta, 0, sizeof(struct iwl4965_addsta_cmd));
528 memcpy(station->sta.sta.addr, addr, ETH_ALEN);
529 station->sta.mode = 0;
530 station->sta.sta.sta_id = index;
531 station->sta.station_flags = 0;
533 #ifdef CONFIG_IWL4965_HT
534 /* BCAST station and IBSS stations do not work in HT mode */
535 if (index != priv->hw_setting.bcast_sta_id &&
536 priv->iw_mode != IEEE80211_IF_TYPE_IBSS)
537 iwl4965_set_ht_add_station(priv, index,
538 (struct ieee80211_ht_info *) ht_data);
539 #endif /*CONFIG_IWL4965_HT*/
541 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
543 /* Add station to device's station table */
544 iwl4965_send_add_station(priv, &station->sta, flags);
549 /*************** DRIVER STATUS FUNCTIONS *****/
551 static inline int iwl4965_is_ready(struct iwl4965_priv *priv)
553 /* The adapter is 'ready' if READY and GEO_CONFIGURED bits are
554 * set but EXIT_PENDING is not */
555 return test_bit(STATUS_READY, &priv->status) &&
556 test_bit(STATUS_GEO_CONFIGURED, &priv->status) &&
557 !test_bit(STATUS_EXIT_PENDING, &priv->status);
560 static inline int iwl4965_is_alive(struct iwl4965_priv *priv)
562 return test_bit(STATUS_ALIVE, &priv->status);
565 static inline int iwl4965_is_init(struct iwl4965_priv *priv)
567 return test_bit(STATUS_INIT, &priv->status);
570 static inline int iwl4965_is_rfkill(struct iwl4965_priv *priv)
572 return test_bit(STATUS_RF_KILL_HW, &priv->status) ||
573 test_bit(STATUS_RF_KILL_SW, &priv->status);
576 static inline int iwl4965_is_ready_rf(struct iwl4965_priv *priv)
579 if (iwl4965_is_rfkill(priv))
582 return iwl4965_is_ready(priv);
585 /*************** HOST COMMAND QUEUE FUNCTIONS *****/
587 #define IWL_CMD(x) case x : return #x
589 static const char *get_cmd_string(u8 cmd)
592 IWL_CMD(REPLY_ALIVE);
593 IWL_CMD(REPLY_ERROR);
595 IWL_CMD(REPLY_RXON_ASSOC);
596 IWL_CMD(REPLY_QOS_PARAM);
597 IWL_CMD(REPLY_RXON_TIMING);
598 IWL_CMD(REPLY_ADD_STA);
599 IWL_CMD(REPLY_REMOVE_STA);
600 IWL_CMD(REPLY_REMOVE_ALL_STA);
602 IWL_CMD(REPLY_RATE_SCALE);
603 IWL_CMD(REPLY_LEDS_CMD);
604 IWL_CMD(REPLY_TX_LINK_QUALITY_CMD);
605 IWL_CMD(RADAR_NOTIFICATION);
606 IWL_CMD(REPLY_QUIET_CMD);
607 IWL_CMD(REPLY_CHANNEL_SWITCH);
608 IWL_CMD(CHANNEL_SWITCH_NOTIFICATION);
609 IWL_CMD(REPLY_SPECTRUM_MEASUREMENT_CMD);
610 IWL_CMD(SPECTRUM_MEASURE_NOTIFICATION);
611 IWL_CMD(POWER_TABLE_CMD);
612 IWL_CMD(PM_SLEEP_NOTIFICATION);
613 IWL_CMD(PM_DEBUG_STATISTIC_NOTIFIC);
614 IWL_CMD(REPLY_SCAN_CMD);
615 IWL_CMD(REPLY_SCAN_ABORT_CMD);
616 IWL_CMD(SCAN_START_NOTIFICATION);
617 IWL_CMD(SCAN_RESULTS_NOTIFICATION);
618 IWL_CMD(SCAN_COMPLETE_NOTIFICATION);
619 IWL_CMD(BEACON_NOTIFICATION);
620 IWL_CMD(REPLY_TX_BEACON);
621 IWL_CMD(WHO_IS_AWAKE_NOTIFICATION);
622 IWL_CMD(QUIET_NOTIFICATION);
623 IWL_CMD(REPLY_TX_PWR_TABLE_CMD);
624 IWL_CMD(MEASURE_ABORT_NOTIFICATION);
625 IWL_CMD(REPLY_BT_CONFIG);
626 IWL_CMD(REPLY_STATISTICS_CMD);
627 IWL_CMD(STATISTICS_NOTIFICATION);
628 IWL_CMD(REPLY_CARD_STATE_CMD);
629 IWL_CMD(CARD_STATE_NOTIFICATION);
630 IWL_CMD(MISSED_BEACONS_NOTIFICATION);
631 IWL_CMD(REPLY_CT_KILL_CONFIG_CMD);
632 IWL_CMD(SENSITIVITY_CMD);
633 IWL_CMD(REPLY_PHY_CALIBRATION_CMD);
634 IWL_CMD(REPLY_RX_PHY_CMD);
635 IWL_CMD(REPLY_RX_MPDU_CMD);
636 IWL_CMD(REPLY_4965_RX);
637 IWL_CMD(REPLY_COMPRESSED_BA);
644 #define HOST_COMPLETE_TIMEOUT (HZ / 2)
647 * iwl4965_enqueue_hcmd - enqueue a uCode command
648 * @priv: device private data point
649 * @cmd: a point to the ucode command structure
651 * The function returns < 0 values to indicate the operation is
652 * failed. On success, it turns the index (> 0) of command in the
655 static int iwl4965_enqueue_hcmd(struct iwl4965_priv *priv, struct iwl4965_host_cmd *cmd)
657 struct iwl4965_tx_queue *txq = &priv->txq[IWL_CMD_QUEUE_NUM];
658 struct iwl4965_queue *q = &txq->q;
659 struct iwl4965_tfd_frame *tfd;
661 struct iwl4965_cmd *out_cmd;
663 u16 fix_size = (u16)(cmd->len + sizeof(out_cmd->hdr));
664 dma_addr_t phys_addr;
668 /* If any of the command structures end up being larger than
669 * the TFD_MAX_PAYLOAD_SIZE, and it sent as a 'small' command then
670 * we will need to increase the size of the TFD entries */
671 BUG_ON((fix_size > TFD_MAX_PAYLOAD_SIZE) &&
672 !(cmd->meta.flags & CMD_SIZE_HUGE));
674 if (iwl4965_is_rfkill(priv)) {
675 IWL_DEBUG_INFO("Not sending command - RF KILL");
679 if (iwl4965_queue_space(q) < ((cmd->meta.flags & CMD_ASYNC) ? 2 : 1)) {
680 IWL_ERROR("No space for Tx\n");
684 spin_lock_irqsave(&priv->hcmd_lock, flags);
686 tfd = &txq->bd[q->write_ptr];
687 memset(tfd, 0, sizeof(*tfd));
689 control_flags = (u32 *) tfd;
691 idx = get_cmd_index(q, q->write_ptr, cmd->meta.flags & CMD_SIZE_HUGE);
692 out_cmd = &txq->cmd[idx];
694 out_cmd->hdr.cmd = cmd->id;
695 memcpy(&out_cmd->meta, &cmd->meta, sizeof(cmd->meta));
696 memcpy(&out_cmd->cmd.payload, cmd->data, cmd->len);
698 /* At this point, the out_cmd now has all of the incoming cmd
701 out_cmd->hdr.flags = 0;
702 out_cmd->hdr.sequence = cpu_to_le16(QUEUE_TO_SEQ(IWL_CMD_QUEUE_NUM) |
703 INDEX_TO_SEQ(q->write_ptr));
704 if (out_cmd->meta.flags & CMD_SIZE_HUGE)
705 out_cmd->hdr.sequence |= cpu_to_le16(SEQ_HUGE_FRAME);
707 phys_addr = txq->dma_addr_cmd + sizeof(txq->cmd[0]) * idx +
708 offsetof(struct iwl4965_cmd, hdr);
709 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, phys_addr, fix_size);
711 IWL_DEBUG_HC("Sending command %s (#%x), seq: 0x%04X, "
712 "%d bytes at %d[%d]:%d\n",
713 get_cmd_string(out_cmd->hdr.cmd),
714 out_cmd->hdr.cmd, le16_to_cpu(out_cmd->hdr.sequence),
715 fix_size, q->write_ptr, idx, IWL_CMD_QUEUE_NUM);
717 txq->need_update = 1;
719 /* Set up entry in queue's byte count circular buffer */
720 ret = iwl4965_tx_queue_update_wr_ptr(priv, txq, 0);
722 /* Increment and update queue's write index */
723 q->write_ptr = iwl4965_queue_inc_wrap(q->write_ptr, q->n_bd);
724 iwl4965_tx_queue_update_write_ptr(priv, txq);
726 spin_unlock_irqrestore(&priv->hcmd_lock, flags);
727 return ret ? ret : idx;
730 static int iwl4965_send_cmd_async(struct iwl4965_priv *priv, struct iwl4965_host_cmd *cmd)
734 BUG_ON(!(cmd->meta.flags & CMD_ASYNC));
736 /* An asynchronous command can not expect an SKB to be set. */
737 BUG_ON(cmd->meta.flags & CMD_WANT_SKB);
739 /* An asynchronous command MUST have a callback. */
740 BUG_ON(!cmd->meta.u.callback);
742 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
745 ret = iwl4965_enqueue_hcmd(priv, cmd);
747 IWL_ERROR("Error sending %s: iwl4965_enqueue_hcmd failed: %d\n",
748 get_cmd_string(cmd->id), ret);
754 static int iwl4965_send_cmd_sync(struct iwl4965_priv *priv, struct iwl4965_host_cmd *cmd)
758 static atomic_t entry = ATOMIC_INIT(0); /* reentrance protection */
760 BUG_ON(cmd->meta.flags & CMD_ASYNC);
762 /* A synchronous command can not have a callback set. */
763 BUG_ON(cmd->meta.u.callback != NULL);
765 if (atomic_xchg(&entry, 1)) {
766 IWL_ERROR("Error sending %s: Already sending a host command\n",
767 get_cmd_string(cmd->id));
771 set_bit(STATUS_HCMD_ACTIVE, &priv->status);
773 if (cmd->meta.flags & CMD_WANT_SKB)
774 cmd->meta.source = &cmd->meta;
776 cmd_idx = iwl4965_enqueue_hcmd(priv, cmd);
779 IWL_ERROR("Error sending %s: iwl4965_enqueue_hcmd failed: %d\n",
780 get_cmd_string(cmd->id), ret);
784 ret = wait_event_interruptible_timeout(priv->wait_command_queue,
785 !test_bit(STATUS_HCMD_ACTIVE, &priv->status),
786 HOST_COMPLETE_TIMEOUT);
788 if (test_bit(STATUS_HCMD_ACTIVE, &priv->status)) {
789 IWL_ERROR("Error sending %s: time out after %dms.\n",
790 get_cmd_string(cmd->id),
791 jiffies_to_msecs(HOST_COMPLETE_TIMEOUT));
793 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
799 if (test_bit(STATUS_RF_KILL_HW, &priv->status)) {
800 IWL_DEBUG_INFO("Command %s aborted: RF KILL Switch\n",
801 get_cmd_string(cmd->id));
805 if (test_bit(STATUS_FW_ERROR, &priv->status)) {
806 IWL_DEBUG_INFO("Command %s failed: FW Error\n",
807 get_cmd_string(cmd->id));
811 if ((cmd->meta.flags & CMD_WANT_SKB) && !cmd->meta.u.skb) {
812 IWL_ERROR("Error: Response NULL in '%s'\n",
813 get_cmd_string(cmd->id));
822 if (cmd->meta.flags & CMD_WANT_SKB) {
823 struct iwl4965_cmd *qcmd;
825 /* Cancel the CMD_WANT_SKB flag for the cmd in the
826 * TX cmd queue. Otherwise in case the cmd comes
827 * in later, it will possibly set an invalid
828 * address (cmd->meta.source). */
829 qcmd = &priv->txq[IWL_CMD_QUEUE_NUM].cmd[cmd_idx];
830 qcmd->meta.flags &= ~CMD_WANT_SKB;
833 if (cmd->meta.u.skb) {
834 dev_kfree_skb_any(cmd->meta.u.skb);
835 cmd->meta.u.skb = NULL;
838 atomic_set(&entry, 0);
842 int iwl4965_send_cmd(struct iwl4965_priv *priv, struct iwl4965_host_cmd *cmd)
844 if (cmd->meta.flags & CMD_ASYNC)
845 return iwl4965_send_cmd_async(priv, cmd);
847 return iwl4965_send_cmd_sync(priv, cmd);
850 int iwl4965_send_cmd_pdu(struct iwl4965_priv *priv, u8 id, u16 len, const void *data)
852 struct iwl4965_host_cmd cmd = {
858 return iwl4965_send_cmd_sync(priv, &cmd);
861 static int __must_check iwl4965_send_cmd_u32(struct iwl4965_priv *priv, u8 id, u32 val)
863 struct iwl4965_host_cmd cmd = {
869 return iwl4965_send_cmd_sync(priv, &cmd);
872 int iwl4965_send_statistics_request(struct iwl4965_priv *priv)
874 return iwl4965_send_cmd_u32(priv, REPLY_STATISTICS_CMD, 0);
878 * iwl4965_rxon_add_station - add station into station table.
880 * there is only one AP station with id= IWL_AP_ID
881 * NOTE: mutex must be held before calling this fnction
883 static int iwl4965_rxon_add_station(struct iwl4965_priv *priv,
884 const u8 *addr, int is_ap)
888 /* Add station to device's station table */
889 #ifdef CONFIG_IWL4965_HT
890 struct ieee80211_conf *conf = &priv->hw->conf;
891 struct ieee80211_ht_info *cur_ht_config = &conf->ht_conf;
894 (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) &&
895 (priv->iw_mode == IEEE80211_IF_TYPE_STA))
896 sta_id = iwl4965_add_station_flags(priv, addr, is_ap,
899 #endif /* CONFIG_IWL4965_HT */
900 sta_id = iwl4965_add_station_flags(priv, addr, is_ap,
903 /* Set up default rate scaling table in device's station table */
904 iwl4965_add_station(priv, addr, is_ap);
910 * iwl4965_set_rxon_channel - Set the phymode and channel values in staging RXON
911 * @phymode: MODE_IEEE80211A sets to 5.2GHz; all else set to 2.4GHz
912 * @channel: Any channel valid for the requested phymode
914 * In addition to setting the staging RXON, priv->phymode is also set.
916 * NOTE: Does not commit to the hardware; it sets appropriate bit fields
917 * in the staging RXON flag structure based on the phymode
919 static int iwl4965_set_rxon_channel(struct iwl4965_priv *priv,
920 enum ieee80211_band band,
923 if (!iwl4965_get_channel_info(priv, band, channel)) {
924 IWL_DEBUG_INFO("Could not set channel to %d [%d]\n",
929 if ((le16_to_cpu(priv->staging_rxon.channel) == channel) &&
930 (priv->band == band))
933 priv->staging_rxon.channel = cpu_to_le16(channel);
934 if (band == IEEE80211_BAND_5GHZ)
935 priv->staging_rxon.flags &= ~RXON_FLG_BAND_24G_MSK;
937 priv->staging_rxon.flags |= RXON_FLG_BAND_24G_MSK;
941 IWL_DEBUG_INFO("Staging channel set to %d [%d]\n", channel, band);
947 * iwl4965_check_rxon_cmd - validate RXON structure is valid
949 * NOTE: This is really only useful during development and can eventually
950 * be #ifdef'd out once the driver is stable and folks aren't actively
953 static int iwl4965_check_rxon_cmd(struct iwl4965_rxon_cmd *rxon)
958 if (rxon->flags & RXON_FLG_BAND_24G_MSK) {
959 error |= le32_to_cpu(rxon->flags &
960 (RXON_FLG_TGJ_NARROW_BAND_MSK |
961 RXON_FLG_RADAR_DETECT_MSK));
963 IWL_WARNING("check 24G fields %d | %d\n",
966 error |= (rxon->flags & RXON_FLG_SHORT_SLOT_MSK) ?
967 0 : le32_to_cpu(RXON_FLG_SHORT_SLOT_MSK);
969 IWL_WARNING("check 52 fields %d | %d\n",
971 error |= le32_to_cpu(rxon->flags & RXON_FLG_CCK_MSK);
973 IWL_WARNING("check 52 CCK %d | %d\n",
976 error |= (rxon->node_addr[0] | rxon->bssid_addr[0]) & 0x1;
978 IWL_WARNING("check mac addr %d | %d\n", counter++, error);
980 /* make sure basic rates 6Mbps and 1Mbps are supported */
981 error |= (((rxon->ofdm_basic_rates & IWL_RATE_6M_MASK) == 0) &&
982 ((rxon->cck_basic_rates & IWL_RATE_1M_MASK) == 0));
984 IWL_WARNING("check basic rate %d | %d\n", counter++, error);
986 error |= (le16_to_cpu(rxon->assoc_id) > 2007);
988 IWL_WARNING("check assoc id %d | %d\n", counter++, error);
990 error |= ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK))
991 == (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK));
993 IWL_WARNING("check CCK and short slot %d | %d\n",
996 error |= ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_AUTO_DETECT_MSK))
997 == (RXON_FLG_CCK_MSK | RXON_FLG_AUTO_DETECT_MSK));
999 IWL_WARNING("check CCK & auto detect %d | %d\n",
1002 error |= ((rxon->flags & (RXON_FLG_AUTO_DETECT_MSK |
1003 RXON_FLG_TGG_PROTECT_MSK)) == RXON_FLG_TGG_PROTECT_MSK);
1005 IWL_WARNING("check TGG and auto detect %d | %d\n",
1009 IWL_WARNING("Tuning to channel %d\n",
1010 le16_to_cpu(rxon->channel));
1013 IWL_ERROR("Not a valid iwl4965_rxon_assoc_cmd field values\n");
1020 * iwl4965_full_rxon_required - check if full RXON (vs RXON_ASSOC) cmd is needed
1021 * @priv: staging_rxon is compared to active_rxon
1023 * If the RXON structure is changing enough to require a new tune,
1024 * or is clearing the RXON_FILTER_ASSOC_MSK, then return 1 to indicate that
1025 * a new tune (full RXON command, rather than RXON_ASSOC cmd) is required.
1027 static int iwl4965_full_rxon_required(struct iwl4965_priv *priv)
1030 /* These items are only settable from the full RXON command */
1031 if (!(priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) ||
1032 compare_ether_addr(priv->staging_rxon.bssid_addr,
1033 priv->active_rxon.bssid_addr) ||
1034 compare_ether_addr(priv->staging_rxon.node_addr,
1035 priv->active_rxon.node_addr) ||
1036 compare_ether_addr(priv->staging_rxon.wlap_bssid_addr,
1037 priv->active_rxon.wlap_bssid_addr) ||
1038 (priv->staging_rxon.dev_type != priv->active_rxon.dev_type) ||
1039 (priv->staging_rxon.channel != priv->active_rxon.channel) ||
1040 (priv->staging_rxon.air_propagation !=
1041 priv->active_rxon.air_propagation) ||
1042 (priv->staging_rxon.ofdm_ht_single_stream_basic_rates !=
1043 priv->active_rxon.ofdm_ht_single_stream_basic_rates) ||
1044 (priv->staging_rxon.ofdm_ht_dual_stream_basic_rates !=
1045 priv->active_rxon.ofdm_ht_dual_stream_basic_rates) ||
1046 (priv->staging_rxon.rx_chain != priv->active_rxon.rx_chain) ||
1047 (priv->staging_rxon.assoc_id != priv->active_rxon.assoc_id))
1050 /* flags, filter_flags, ofdm_basic_rates, and cck_basic_rates can
1051 * be updated with the RXON_ASSOC command -- however only some
1052 * flag transitions are allowed using RXON_ASSOC */
1054 /* Check if we are not switching bands */
1055 if ((priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) !=
1056 (priv->active_rxon.flags & RXON_FLG_BAND_24G_MSK))
1059 /* Check if we are switching association toggle */
1060 if ((priv->staging_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) !=
1061 (priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK))
1067 static int iwl4965_send_rxon_assoc(struct iwl4965_priv *priv)
1070 struct iwl4965_rx_packet *res = NULL;
1071 struct iwl4965_rxon_assoc_cmd rxon_assoc;
1072 struct iwl4965_host_cmd cmd = {
1073 .id = REPLY_RXON_ASSOC,
1074 .len = sizeof(rxon_assoc),
1075 .meta.flags = CMD_WANT_SKB,
1076 .data = &rxon_assoc,
1078 const struct iwl4965_rxon_cmd *rxon1 = &priv->staging_rxon;
1079 const struct iwl4965_rxon_cmd *rxon2 = &priv->active_rxon;
1081 if ((rxon1->flags == rxon2->flags) &&
1082 (rxon1->filter_flags == rxon2->filter_flags) &&
1083 (rxon1->cck_basic_rates == rxon2->cck_basic_rates) &&
1084 (rxon1->ofdm_ht_single_stream_basic_rates ==
1085 rxon2->ofdm_ht_single_stream_basic_rates) &&
1086 (rxon1->ofdm_ht_dual_stream_basic_rates ==
1087 rxon2->ofdm_ht_dual_stream_basic_rates) &&
1088 (rxon1->rx_chain == rxon2->rx_chain) &&
1089 (rxon1->ofdm_basic_rates == rxon2->ofdm_basic_rates)) {
1090 IWL_DEBUG_INFO("Using current RXON_ASSOC. Not resending.\n");
1094 rxon_assoc.flags = priv->staging_rxon.flags;
1095 rxon_assoc.filter_flags = priv->staging_rxon.filter_flags;
1096 rxon_assoc.ofdm_basic_rates = priv->staging_rxon.ofdm_basic_rates;
1097 rxon_assoc.cck_basic_rates = priv->staging_rxon.cck_basic_rates;
1098 rxon_assoc.reserved = 0;
1099 rxon_assoc.ofdm_ht_single_stream_basic_rates =
1100 priv->staging_rxon.ofdm_ht_single_stream_basic_rates;
1101 rxon_assoc.ofdm_ht_dual_stream_basic_rates =
1102 priv->staging_rxon.ofdm_ht_dual_stream_basic_rates;
1103 rxon_assoc.rx_chain_select_flags = priv->staging_rxon.rx_chain;
1105 rc = iwl4965_send_cmd_sync(priv, &cmd);
1109 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
1110 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1111 IWL_ERROR("Bad return from REPLY_RXON_ASSOC command\n");
1115 priv->alloc_rxb_skb--;
1116 dev_kfree_skb_any(cmd.meta.u.skb);
1122 * iwl4965_commit_rxon - commit staging_rxon to hardware
1124 * The RXON command in staging_rxon is committed to the hardware and
1125 * the active_rxon structure is updated with the new data. This
1126 * function correctly transitions out of the RXON_ASSOC_MSK state if
1127 * a HW tune is required based on the RXON structure changes.
1129 static int iwl4965_commit_rxon(struct iwl4965_priv *priv)
1131 /* cast away the const for active_rxon in this function */
1132 struct iwl4965_rxon_cmd *active_rxon = (void *)&priv->active_rxon;
1133 DECLARE_MAC_BUF(mac);
1136 if (!iwl4965_is_alive(priv))
1139 /* always get timestamp with Rx frame */
1140 priv->staging_rxon.flags |= RXON_FLG_TSF2HOST_MSK;
1142 rc = iwl4965_check_rxon_cmd(&priv->staging_rxon);
1144 IWL_ERROR("Invalid RXON configuration. Not committing.\n");
1148 /* If we don't need to send a full RXON, we can use
1149 * iwl4965_rxon_assoc_cmd which is used to reconfigure filter
1150 * and other flags for the current radio configuration. */
1151 if (!iwl4965_full_rxon_required(priv)) {
1152 rc = iwl4965_send_rxon_assoc(priv);
1154 IWL_ERROR("Error setting RXON_ASSOC "
1155 "configuration (%d).\n", rc);
1159 memcpy(active_rxon, &priv->staging_rxon, sizeof(*active_rxon));
1164 /* station table will be cleared */
1165 priv->assoc_station_added = 0;
1167 #ifdef CONFIG_IWL4965_SENSITIVITY
1168 priv->sensitivity_data.state = IWL_SENS_CALIB_NEED_REINIT;
1169 if (!priv->error_recovering)
1170 priv->start_calib = 0;
1172 iwl4965_init_sensitivity(priv, CMD_ASYNC, 1);
1173 #endif /* CONFIG_IWL4965_SENSITIVITY */
1175 /* If we are currently associated and the new config requires
1176 * an RXON_ASSOC and the new config wants the associated mask enabled,
1177 * we must clear the associated from the active configuration
1178 * before we apply the new config */
1179 if (iwl4965_is_associated(priv) &&
1180 (priv->staging_rxon.filter_flags & RXON_FILTER_ASSOC_MSK)) {
1181 IWL_DEBUG_INFO("Toggling associated bit on current RXON\n");
1182 active_rxon->filter_flags &= ~RXON_FILTER_ASSOC_MSK;
1184 rc = iwl4965_send_cmd_pdu(priv, REPLY_RXON,
1185 sizeof(struct iwl4965_rxon_cmd),
1186 &priv->active_rxon);
1188 /* If the mask clearing failed then we set
1189 * active_rxon back to what it was previously */
1191 active_rxon->filter_flags |= RXON_FILTER_ASSOC_MSK;
1192 IWL_ERROR("Error clearing ASSOC_MSK on current "
1193 "configuration (%d).\n", rc);
1198 IWL_DEBUG_INFO("Sending RXON\n"
1199 "* with%s RXON_FILTER_ASSOC_MSK\n"
1202 ((priv->staging_rxon.filter_flags &
1203 RXON_FILTER_ASSOC_MSK) ? "" : "out"),
1204 le16_to_cpu(priv->staging_rxon.channel),
1205 print_mac(mac, priv->staging_rxon.bssid_addr));
1207 /* Apply the new configuration */
1208 rc = iwl4965_send_cmd_pdu(priv, REPLY_RXON,
1209 sizeof(struct iwl4965_rxon_cmd), &priv->staging_rxon);
1211 IWL_ERROR("Error setting new configuration (%d).\n", rc);
1215 iwl4965_clear_stations_table(priv);
1217 #ifdef CONFIG_IWL4965_SENSITIVITY
1218 if (!priv->error_recovering)
1219 priv->start_calib = 0;
1221 priv->sensitivity_data.state = IWL_SENS_CALIB_NEED_REINIT;
1222 iwl4965_init_sensitivity(priv, CMD_ASYNC, 1);
1223 #endif /* CONFIG_IWL4965_SENSITIVITY */
1225 memcpy(active_rxon, &priv->staging_rxon, sizeof(*active_rxon));
1227 /* If we issue a new RXON command which required a tune then we must
1228 * send a new TXPOWER command or we won't be able to Tx any frames */
1229 rc = iwl4965_hw_reg_send_txpower(priv);
1231 IWL_ERROR("Error setting Tx power (%d).\n", rc);
1235 /* Add the broadcast address so we can send broadcast frames */
1236 if (iwl4965_rxon_add_station(priv, iwl4965_broadcast_addr, 0) ==
1237 IWL_INVALID_STATION) {
1238 IWL_ERROR("Error adding BROADCAST address for transmit.\n");
1242 /* If we have set the ASSOC_MSK and we are in BSS mode then
1243 * add the IWL_AP_ID to the station rate table */
1244 if (iwl4965_is_associated(priv) &&
1245 (priv->iw_mode == IEEE80211_IF_TYPE_STA)) {
1246 if (iwl4965_rxon_add_station(priv, priv->active_rxon.bssid_addr, 1)
1247 == IWL_INVALID_STATION) {
1248 IWL_ERROR("Error adding AP address for transmit.\n");
1251 priv->assoc_station_added = 1;
1257 static int iwl4965_send_bt_config(struct iwl4965_priv *priv)
1259 struct iwl4965_bt_cmd bt_cmd = {
1267 return iwl4965_send_cmd_pdu(priv, REPLY_BT_CONFIG,
1268 sizeof(struct iwl4965_bt_cmd), &bt_cmd);
1271 static int iwl4965_send_scan_abort(struct iwl4965_priv *priv)
1274 struct iwl4965_rx_packet *res;
1275 struct iwl4965_host_cmd cmd = {
1276 .id = REPLY_SCAN_ABORT_CMD,
1277 .meta.flags = CMD_WANT_SKB,
1280 /* If there isn't a scan actively going on in the hardware
1281 * then we are in between scan bands and not actually
1282 * actively scanning, so don't send the abort command */
1283 if (!test_bit(STATUS_SCAN_HW, &priv->status)) {
1284 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1288 rc = iwl4965_send_cmd_sync(priv, &cmd);
1290 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1294 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
1295 if (res->u.status != CAN_ABORT_STATUS) {
1296 /* The scan abort will return 1 for success or
1297 * 2 for "failure". A failure condition can be
1298 * due to simply not being in an active scan which
1299 * can occur if we send the scan abort before we
1300 * the microcode has notified us that a scan is
1302 IWL_DEBUG_INFO("SCAN_ABORT returned %d.\n", res->u.status);
1303 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1304 clear_bit(STATUS_SCAN_HW, &priv->status);
1307 dev_kfree_skb_any(cmd.meta.u.skb);
1312 static int iwl4965_card_state_sync_callback(struct iwl4965_priv *priv,
1313 struct iwl4965_cmd *cmd,
1314 struct sk_buff *skb)
1322 * Use: Sets the device's internal card state to enable, disable, or halt
1324 * When in the 'enable' state the card operates as normal.
1325 * When in the 'disable' state, the card enters into a low power mode.
1326 * When in the 'halt' state, the card is shut down and must be fully
1327 * restarted to come back on.
1329 static int iwl4965_send_card_state(struct iwl4965_priv *priv, u32 flags, u8 meta_flag)
1331 struct iwl4965_host_cmd cmd = {
1332 .id = REPLY_CARD_STATE_CMD,
1335 .meta.flags = meta_flag,
1338 if (meta_flag & CMD_ASYNC)
1339 cmd.meta.u.callback = iwl4965_card_state_sync_callback;
1341 return iwl4965_send_cmd(priv, &cmd);
1344 static int iwl4965_add_sta_sync_callback(struct iwl4965_priv *priv,
1345 struct iwl4965_cmd *cmd, struct sk_buff *skb)
1347 struct iwl4965_rx_packet *res = NULL;
1350 IWL_ERROR("Error: Response NULL in REPLY_ADD_STA.\n");
1354 res = (struct iwl4965_rx_packet *)skb->data;
1355 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1356 IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
1361 switch (res->u.add_sta.status) {
1362 case ADD_STA_SUCCESS_MSK:
1368 /* We didn't cache the SKB; let the caller free it */
1372 int iwl4965_send_add_station(struct iwl4965_priv *priv,
1373 struct iwl4965_addsta_cmd *sta, u8 flags)
1375 struct iwl4965_rx_packet *res = NULL;
1377 struct iwl4965_host_cmd cmd = {
1378 .id = REPLY_ADD_STA,
1379 .len = sizeof(struct iwl4965_addsta_cmd),
1380 .meta.flags = flags,
1384 if (flags & CMD_ASYNC)
1385 cmd.meta.u.callback = iwl4965_add_sta_sync_callback;
1387 cmd.meta.flags |= CMD_WANT_SKB;
1389 rc = iwl4965_send_cmd(priv, &cmd);
1391 if (rc || (flags & CMD_ASYNC))
1394 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
1395 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1396 IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
1402 switch (res->u.add_sta.status) {
1403 case ADD_STA_SUCCESS_MSK:
1404 IWL_DEBUG_INFO("REPLY_ADD_STA PASSED\n");
1408 IWL_WARNING("REPLY_ADD_STA failed\n");
1413 priv->alloc_rxb_skb--;
1414 dev_kfree_skb_any(cmd.meta.u.skb);
1419 static int iwl4965_update_sta_key_info(struct iwl4965_priv *priv,
1420 struct ieee80211_key_conf *keyconf,
1423 unsigned long flags;
1424 __le16 key_flags = 0;
1426 switch (keyconf->alg) {
1428 key_flags |= STA_KEY_FLG_CCMP;
1429 key_flags |= cpu_to_le16(
1430 keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
1431 key_flags &= ~STA_KEY_FLG_INVALID;
1438 spin_lock_irqsave(&priv->sta_lock, flags);
1439 priv->stations[sta_id].keyinfo.alg = keyconf->alg;
1440 priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
1441 memcpy(priv->stations[sta_id].keyinfo.key, keyconf->key,
1444 memcpy(priv->stations[sta_id].sta.key.key, keyconf->key,
1446 priv->stations[sta_id].sta.key.key_flags = key_flags;
1447 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
1448 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
1450 spin_unlock_irqrestore(&priv->sta_lock, flags);
1452 IWL_DEBUG_INFO("hwcrypto: modify ucode station key info\n");
1453 iwl4965_send_add_station(priv, &priv->stations[sta_id].sta, 0);
1457 static int iwl4965_clear_sta_key_info(struct iwl4965_priv *priv, u8 sta_id)
1459 unsigned long flags;
1461 spin_lock_irqsave(&priv->sta_lock, flags);
1462 memset(&priv->stations[sta_id].keyinfo, 0, sizeof(struct iwl4965_hw_key));
1463 memset(&priv->stations[sta_id].sta.key, 0, sizeof(struct iwl4965_keyinfo));
1464 priv->stations[sta_id].sta.key.key_flags = STA_KEY_FLG_NO_ENC;
1465 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
1466 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
1467 spin_unlock_irqrestore(&priv->sta_lock, flags);
1469 IWL_DEBUG_INFO("hwcrypto: clear ucode station key info\n");
1470 iwl4965_send_add_station(priv, &priv->stations[sta_id].sta, 0);
1474 static void iwl4965_clear_free_frames(struct iwl4965_priv *priv)
1476 struct list_head *element;
1478 IWL_DEBUG_INFO("%d frames on pre-allocated heap on clear.\n",
1479 priv->frames_count);
1481 while (!list_empty(&priv->free_frames)) {
1482 element = priv->free_frames.next;
1484 kfree(list_entry(element, struct iwl4965_frame, list));
1485 priv->frames_count--;
1488 if (priv->frames_count) {
1489 IWL_WARNING("%d frames still in use. Did we lose one?\n",
1490 priv->frames_count);
1491 priv->frames_count = 0;
1495 static struct iwl4965_frame *iwl4965_get_free_frame(struct iwl4965_priv *priv)
1497 struct iwl4965_frame *frame;
1498 struct list_head *element;
1499 if (list_empty(&priv->free_frames)) {
1500 frame = kzalloc(sizeof(*frame), GFP_KERNEL);
1502 IWL_ERROR("Could not allocate frame!\n");
1506 priv->frames_count++;
1510 element = priv->free_frames.next;
1512 return list_entry(element, struct iwl4965_frame, list);
1515 static void iwl4965_free_frame(struct iwl4965_priv *priv, struct iwl4965_frame *frame)
1517 memset(frame, 0, sizeof(*frame));
1518 list_add(&frame->list, &priv->free_frames);
1521 unsigned int iwl4965_fill_beacon_frame(struct iwl4965_priv *priv,
1522 struct ieee80211_hdr *hdr,
1523 const u8 *dest, int left)
1526 if (!iwl4965_is_associated(priv) || !priv->ibss_beacon ||
1527 ((priv->iw_mode != IEEE80211_IF_TYPE_IBSS) &&
1528 (priv->iw_mode != IEEE80211_IF_TYPE_AP)))
1531 if (priv->ibss_beacon->len > left)
1534 memcpy(hdr, priv->ibss_beacon->data, priv->ibss_beacon->len);
1536 return priv->ibss_beacon->len;
1539 static u8 iwl4965_rate_get_lowest_plcp(int rate_mask)
1543 for (i = IWL_RATE_1M_INDEX; i != IWL_RATE_INVALID;
1544 i = iwl4965_rates[i].next_ieee) {
1545 if (rate_mask & (1 << i))
1546 return iwl4965_rates[i].plcp;
1549 return IWL_RATE_INVALID;
1552 static int iwl4965_send_beacon_cmd(struct iwl4965_priv *priv)
1554 struct iwl4965_frame *frame;
1555 unsigned int frame_size;
1559 frame = iwl4965_get_free_frame(priv);
1562 IWL_ERROR("Could not obtain free frame buffer for beacon "
1567 if (!(priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK)) {
1568 rate = iwl4965_rate_get_lowest_plcp(priv->active_rate_basic &
1570 if (rate == IWL_INVALID_RATE)
1571 rate = IWL_RATE_6M_PLCP;
1573 rate = iwl4965_rate_get_lowest_plcp(priv->active_rate_basic & 0xF);
1574 if (rate == IWL_INVALID_RATE)
1575 rate = IWL_RATE_1M_PLCP;
1578 frame_size = iwl4965_hw_get_beacon_cmd(priv, frame, rate);
1580 rc = iwl4965_send_cmd_pdu(priv, REPLY_TX_BEACON, frame_size,
1583 iwl4965_free_frame(priv, frame);
1588 /******************************************************************************
1590 * EEPROM related functions
1592 ******************************************************************************/
1594 static void get_eeprom_mac(struct iwl4965_priv *priv, u8 *mac)
1596 memcpy(mac, priv->eeprom.mac_address, 6);
1599 static inline void iwl4965_eeprom_release_semaphore(struct iwl4965_priv *priv)
1601 iwl4965_clear_bit(priv, CSR_HW_IF_CONFIG_REG,
1602 CSR_HW_IF_CONFIG_REG_BIT_EEPROM_OWN_SEM);
1606 * iwl4965_eeprom_init - read EEPROM contents
1608 * Load the EEPROM contents from adapter into priv->eeprom
1610 * NOTE: This routine uses the non-debug IO access functions.
1612 int iwl4965_eeprom_init(struct iwl4965_priv *priv)
1614 u16 *e = (u16 *)&priv->eeprom;
1615 u32 gp = iwl4965_read32(priv, CSR_EEPROM_GP);
1617 int sz = sizeof(priv->eeprom);
1622 /* The EEPROM structure has several padding buffers within it
1623 * and when adding new EEPROM maps is subject to programmer errors
1624 * which may be very difficult to identify without explicitly
1625 * checking the resulting size of the eeprom map. */
1626 BUILD_BUG_ON(sizeof(priv->eeprom) != IWL_EEPROM_IMAGE_SIZE);
1628 if ((gp & CSR_EEPROM_GP_VALID_MSK) == CSR_EEPROM_GP_BAD_SIGNATURE) {
1629 IWL_ERROR("EEPROM not found, EEPROM_GP=0x%08x", gp);
1633 /* Make sure driver (instead of uCode) is allowed to read EEPROM */
1634 rc = iwl4965_eeprom_acquire_semaphore(priv);
1636 IWL_ERROR("Failed to acquire EEPROM semaphore.\n");
1640 /* eeprom is an array of 16bit values */
1641 for (addr = 0; addr < sz; addr += sizeof(u16)) {
1642 _iwl4965_write32(priv, CSR_EEPROM_REG, addr << 1);
1643 _iwl4965_clear_bit(priv, CSR_EEPROM_REG, CSR_EEPROM_REG_BIT_CMD);
1645 for (i = 0; i < IWL_EEPROM_ACCESS_TIMEOUT;
1646 i += IWL_EEPROM_ACCESS_DELAY) {
1647 r = _iwl4965_read_direct32(priv, CSR_EEPROM_REG);
1648 if (r & CSR_EEPROM_REG_READ_VALID_MSK)
1650 udelay(IWL_EEPROM_ACCESS_DELAY);
1653 if (!(r & CSR_EEPROM_REG_READ_VALID_MSK)) {
1654 IWL_ERROR("Time out reading EEPROM[%d]", addr);
1658 e[addr / 2] = le16_to_cpu((__force __le16)(r >> 16));
1663 iwl4965_eeprom_release_semaphore(priv);
1667 /******************************************************************************
1669 * Misc. internal state and helper functions
1671 ******************************************************************************/
1673 static void iwl4965_unset_hw_setting(struct iwl4965_priv *priv)
1675 if (priv->hw_setting.shared_virt)
1676 pci_free_consistent(priv->pci_dev,
1677 sizeof(struct iwl4965_shared),
1678 priv->hw_setting.shared_virt,
1679 priv->hw_setting.shared_phys);
1683 * iwl4965_supported_rate_to_ie - fill in the supported rate in IE field
1685 * return : set the bit for each supported rate insert in ie
1687 static u16 iwl4965_supported_rate_to_ie(u8 *ie, u16 supported_rate,
1688 u16 basic_rate, int *left)
1690 u16 ret_rates = 0, bit;
1695 for (bit = 1, i = 0; i < IWL_RATE_COUNT; i++, bit <<= 1) {
1696 if (bit & supported_rate) {
1698 rates[*cnt] = iwl4965_rates[i].ieee |
1699 ((bit & basic_rate) ? 0x80 : 0x00);
1703 (*cnt >= IWL_SUPPORTED_RATES_IE_LEN))
1712 * iwl4965_fill_probe_req - fill in all required fields and IE for probe request
1714 static u16 iwl4965_fill_probe_req(struct iwl4965_priv *priv,
1715 enum ieee80211_band band,
1716 struct ieee80211_mgmt *frame,
1717 int left, int is_direct)
1721 u16 active_rates, ret_rates, cck_rates, active_rate_basic;
1722 #ifdef CONFIG_IWL4965_HT
1723 const struct ieee80211_supported_band *sband =
1724 iwl4965_get_hw_mode(priv, band);
1725 #endif /* CONFIG_IWL4965_HT */
1727 /* Make sure there is enough space for the probe request,
1728 * two mandatory IEs and the data */
1734 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
1735 memcpy(frame->da, iwl4965_broadcast_addr, ETH_ALEN);
1736 memcpy(frame->sa, priv->mac_addr, ETH_ALEN);
1737 memcpy(frame->bssid, iwl4965_broadcast_addr, ETH_ALEN);
1738 frame->seq_ctrl = 0;
1740 /* fill in our indirect SSID IE */
1747 pos = &(frame->u.probe_req.variable[0]);
1748 *pos++ = WLAN_EID_SSID;
1751 /* fill in our direct SSID IE... */
1754 left -= 2 + priv->essid_len;
1757 /* ... fill it in... */
1758 *pos++ = WLAN_EID_SSID;
1759 *pos++ = priv->essid_len;
1760 memcpy(pos, priv->essid, priv->essid_len);
1761 pos += priv->essid_len;
1762 len += 2 + priv->essid_len;
1765 /* fill in supported rate */
1771 /* ... fill it in... */
1772 *pos++ = WLAN_EID_SUPP_RATES;
1775 /* exclude 60M rate */
1776 active_rates = priv->rates_mask;
1777 active_rates &= ~IWL_RATE_60M_MASK;
1779 active_rate_basic = active_rates & IWL_BASIC_RATES_MASK;
1781 cck_rates = IWL_CCK_RATES_MASK & active_rates;
1782 ret_rates = iwl4965_supported_rate_to_ie(pos, cck_rates,
1783 active_rate_basic, &left);
1784 active_rates &= ~ret_rates;
1786 ret_rates = iwl4965_supported_rate_to_ie(pos, active_rates,
1787 active_rate_basic, &left);
1788 active_rates &= ~ret_rates;
1792 if (active_rates == 0)
1795 /* fill in supported extended rate */
1800 /* ... fill it in... */
1801 *pos++ = WLAN_EID_EXT_SUPP_RATES;
1803 iwl4965_supported_rate_to_ie(pos, active_rates,
1804 active_rate_basic, &left);
1808 #ifdef CONFIG_IWL4965_HT
1809 if (sband && sband->ht_info.ht_supported) {
1810 struct ieee80211_ht_cap *ht_cap;
1812 *pos++ = WLAN_EID_HT_CAPABILITY;
1813 *pos++ = sizeof(struct ieee80211_ht_cap);
1814 ht_cap = (struct ieee80211_ht_cap *)pos;
1815 ht_cap->cap_info = cpu_to_le16(sband->ht_info.cap);
1816 memcpy(ht_cap->supp_mcs_set, sband->ht_info.supp_mcs_set, 16);
1817 ht_cap->ampdu_params_info =(sband->ht_info.ampdu_factor &
1818 IEEE80211_HT_CAP_AMPDU_FACTOR) |
1819 ((sband->ht_info.ampdu_density << 2) &
1820 IEEE80211_HT_CAP_AMPDU_DENSITY);
1821 len += 2 + sizeof(struct ieee80211_ht_cap);
1823 #endif /*CONFIG_IWL4965_HT */
1832 static int iwl4965_send_qos_params_command(struct iwl4965_priv *priv,
1833 struct iwl4965_qosparam_cmd *qos)
1836 return iwl4965_send_cmd_pdu(priv, REPLY_QOS_PARAM,
1837 sizeof(struct iwl4965_qosparam_cmd), qos);
1840 static void iwl4965_reset_qos(struct iwl4965_priv *priv)
1846 unsigned long flags;
1849 spin_lock_irqsave(&priv->lock, flags);
1850 priv->qos_data.qos_active = 0;
1852 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS) {
1853 if (priv->qos_data.qos_enable)
1854 priv->qos_data.qos_active = 1;
1855 if (!(priv->active_rate & 0xfff0)) {
1859 } else if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
1860 if (priv->qos_data.qos_enable)
1861 priv->qos_data.qos_active = 1;
1862 } else if (!(priv->staging_rxon.flags & RXON_FLG_SHORT_SLOT_MSK)) {
1867 if (priv->qos_data.qos_active)
1870 priv->qos_data.def_qos_parm.ac[0].cw_min = cpu_to_le16(cw_min);
1871 priv->qos_data.def_qos_parm.ac[0].cw_max = cpu_to_le16(cw_max);
1872 priv->qos_data.def_qos_parm.ac[0].aifsn = aifs;
1873 priv->qos_data.def_qos_parm.ac[0].edca_txop = 0;
1874 priv->qos_data.def_qos_parm.ac[0].reserved1 = 0;
1876 if (priv->qos_data.qos_active) {
1878 priv->qos_data.def_qos_parm.ac[i].cw_min = cpu_to_le16(cw_min);
1879 priv->qos_data.def_qos_parm.ac[i].cw_max = cpu_to_le16(cw_max);
1880 priv->qos_data.def_qos_parm.ac[i].aifsn = 7;
1881 priv->qos_data.def_qos_parm.ac[i].edca_txop = 0;
1882 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1885 priv->qos_data.def_qos_parm.ac[i].cw_min =
1886 cpu_to_le16((cw_min + 1) / 2 - 1);
1887 priv->qos_data.def_qos_parm.ac[i].cw_max =
1888 cpu_to_le16(cw_max);
1889 priv->qos_data.def_qos_parm.ac[i].aifsn = 2;
1891 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1894 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1896 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1899 priv->qos_data.def_qos_parm.ac[i].cw_min =
1900 cpu_to_le16((cw_min + 1) / 4 - 1);
1901 priv->qos_data.def_qos_parm.ac[i].cw_max =
1902 cpu_to_le16((cw_max + 1) / 2 - 1);
1903 priv->qos_data.def_qos_parm.ac[i].aifsn = 2;
1904 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1906 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1909 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1912 for (i = 1; i < 4; i++) {
1913 priv->qos_data.def_qos_parm.ac[i].cw_min =
1914 cpu_to_le16(cw_min);
1915 priv->qos_data.def_qos_parm.ac[i].cw_max =
1916 cpu_to_le16(cw_max);
1917 priv->qos_data.def_qos_parm.ac[i].aifsn = aifs;
1918 priv->qos_data.def_qos_parm.ac[i].edca_txop = 0;
1919 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1922 IWL_DEBUG_QOS("set QoS to default \n");
1924 spin_unlock_irqrestore(&priv->lock, flags);
1927 static void iwl4965_activate_qos(struct iwl4965_priv *priv, u8 force)
1929 unsigned long flags;
1931 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
1934 if (!priv->qos_data.qos_enable)
1937 spin_lock_irqsave(&priv->lock, flags);
1938 priv->qos_data.def_qos_parm.qos_flags = 0;
1940 if (priv->qos_data.qos_cap.q_AP.queue_request &&
1941 !priv->qos_data.qos_cap.q_AP.txop_request)
1942 priv->qos_data.def_qos_parm.qos_flags |=
1943 QOS_PARAM_FLG_TXOP_TYPE_MSK;
1944 if (priv->qos_data.qos_active)
1945 priv->qos_data.def_qos_parm.qos_flags |=
1946 QOS_PARAM_FLG_UPDATE_EDCA_MSK;
1948 #ifdef CONFIG_IWL4965_HT
1949 if (priv->current_ht_config.is_ht)
1950 priv->qos_data.def_qos_parm.qos_flags |= QOS_PARAM_FLG_TGN_MSK;
1951 #endif /* CONFIG_IWL4965_HT */
1953 spin_unlock_irqrestore(&priv->lock, flags);
1955 if (force || iwl4965_is_associated(priv)) {
1956 IWL_DEBUG_QOS("send QoS cmd with Qos active=%d FLAGS=0x%X\n",
1957 priv->qos_data.qos_active,
1958 priv->qos_data.def_qos_parm.qos_flags);
1960 iwl4965_send_qos_params_command(priv,
1961 &(priv->qos_data.def_qos_parm));
1966 * Power management (not Tx power!) functions
1968 #define MSEC_TO_USEC 1024
1970 #define NOSLP __constant_cpu_to_le16(0), 0, 0
1971 #define SLP IWL_POWER_DRIVER_ALLOW_SLEEP_MSK, 0, 0
1972 #define SLP_TIMEOUT(T) __constant_cpu_to_le32((T) * MSEC_TO_USEC)
1973 #define SLP_VEC(X0, X1, X2, X3, X4) {__constant_cpu_to_le32(X0), \
1974 __constant_cpu_to_le32(X1), \
1975 __constant_cpu_to_le32(X2), \
1976 __constant_cpu_to_le32(X3), \
1977 __constant_cpu_to_le32(X4)}
1980 /* default power management (not Tx power) table values */
1982 static struct iwl4965_power_vec_entry range_0[IWL_POWER_AC] = {
1983 {{NOSLP, SLP_TIMEOUT(0), SLP_TIMEOUT(0), SLP_VEC(0, 0, 0, 0, 0)}, 0},
1984 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(500), SLP_VEC(1, 2, 3, 4, 4)}, 0},
1985 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(300), SLP_VEC(2, 4, 6, 7, 7)}, 0},
1986 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(100), SLP_VEC(2, 6, 9, 9, 10)}, 0},
1987 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(25), SLP_VEC(2, 7, 9, 9, 10)}, 1},
1988 {{SLP, SLP_TIMEOUT(25), SLP_TIMEOUT(25), SLP_VEC(4, 7, 10, 10, 10)}, 1}
1992 static struct iwl4965_power_vec_entry range_1[IWL_POWER_AC] = {
1993 {{NOSLP, SLP_TIMEOUT(0), SLP_TIMEOUT(0), SLP_VEC(0, 0, 0, 0, 0)}, 0},
1994 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(500),
1995 SLP_VEC(1, 2, 3, 4, 0xFF)}, 0},
1996 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(300),
1997 SLP_VEC(2, 4, 6, 7, 0xFF)}, 0},
1998 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(100),
1999 SLP_VEC(2, 6, 9, 9, 0xFF)}, 0},
2000 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(25), SLP_VEC(2, 7, 9, 9, 0xFF)}, 0},
2001 {{SLP, SLP_TIMEOUT(25), SLP_TIMEOUT(25),
2002 SLP_VEC(4, 7, 10, 10, 0xFF)}, 0}
2005 int iwl4965_power_init_handle(struct iwl4965_priv *priv)
2008 struct iwl4965_power_mgr *pow_data;
2009 int size = sizeof(struct iwl4965_power_vec_entry) * IWL_POWER_AC;
2012 IWL_DEBUG_POWER("Initialize power \n");
2014 pow_data = &(priv->power_data);
2016 memset(pow_data, 0, sizeof(*pow_data));
2018 pow_data->active_index = IWL_POWER_RANGE_0;
2019 pow_data->dtim_val = 0xffff;
2021 memcpy(&pow_data->pwr_range_0[0], &range_0[0], size);
2022 memcpy(&pow_data->pwr_range_1[0], &range_1[0], size);
2024 rc = pci_read_config_word(priv->pci_dev, PCI_LINK_CTRL, &pci_pm);
2028 struct iwl4965_powertable_cmd *cmd;
2030 IWL_DEBUG_POWER("adjust power command flags\n");
2032 for (i = 0; i < IWL_POWER_AC; i++) {
2033 cmd = &pow_data->pwr_range_0[i].cmd;
2036 cmd->flags &= ~IWL_POWER_PCI_PM_MSK;
2038 cmd->flags |= IWL_POWER_PCI_PM_MSK;
2044 static int iwl4965_update_power_cmd(struct iwl4965_priv *priv,
2045 struct iwl4965_powertable_cmd *cmd, u32 mode)
2050 struct iwl4965_power_vec_entry *range;
2052 struct iwl4965_power_mgr *pow_data;
2054 if (mode > IWL_POWER_INDEX_5) {
2055 IWL_DEBUG_POWER("Error invalid power mode \n");
2058 pow_data = &(priv->power_data);
2060 if (pow_data->active_index == IWL_POWER_RANGE_0)
2061 range = &pow_data->pwr_range_0[0];
2063 range = &pow_data->pwr_range_1[1];
2065 memcpy(cmd, &range[mode].cmd, sizeof(struct iwl4965_powertable_cmd));
2067 #ifdef IWL_MAC80211_DISABLE
2068 if (priv->assoc_network != NULL) {
2069 unsigned long flags;
2071 period = priv->assoc_network->tim.tim_period;
2073 #endif /*IWL_MAC80211_DISABLE */
2074 skip = range[mode].no_dtim;
2083 cmd->flags &= ~IWL_POWER_SLEEP_OVER_DTIM_MSK;
2085 __le32 slp_itrvl = cmd->sleep_interval[IWL_POWER_VEC_SIZE - 1];
2086 max_sleep = (le32_to_cpu(slp_itrvl) / period) * period;
2087 cmd->flags |= IWL_POWER_SLEEP_OVER_DTIM_MSK;
2090 for (i = 0; i < IWL_POWER_VEC_SIZE; i++) {
2091 if (le32_to_cpu(cmd->sleep_interval[i]) > max_sleep)
2092 cmd->sleep_interval[i] = cpu_to_le32(max_sleep);
2095 IWL_DEBUG_POWER("Flags value = 0x%08X\n", cmd->flags);
2096 IWL_DEBUG_POWER("Tx timeout = %u\n", le32_to_cpu(cmd->tx_data_timeout));
2097 IWL_DEBUG_POWER("Rx timeout = %u\n", le32_to_cpu(cmd->rx_data_timeout));
2098 IWL_DEBUG_POWER("Sleep interval vector = { %d , %d , %d , %d , %d }\n",
2099 le32_to_cpu(cmd->sleep_interval[0]),
2100 le32_to_cpu(cmd->sleep_interval[1]),
2101 le32_to_cpu(cmd->sleep_interval[2]),
2102 le32_to_cpu(cmd->sleep_interval[3]),
2103 le32_to_cpu(cmd->sleep_interval[4]));
2108 static int iwl4965_send_power_mode(struct iwl4965_priv *priv, u32 mode)
2110 u32 uninitialized_var(final_mode);
2112 struct iwl4965_powertable_cmd cmd;
2114 /* If on battery, set to 3,
2115 * if plugged into AC power, set to CAM ("continuously aware mode"),
2116 * else user level */
2118 case IWL_POWER_BATTERY:
2119 final_mode = IWL_POWER_INDEX_3;
2122 final_mode = IWL_POWER_MODE_CAM;
2129 cmd.keep_alive_beacons = 0;
2131 iwl4965_update_power_cmd(priv, &cmd, final_mode);
2133 rc = iwl4965_send_cmd_pdu(priv, POWER_TABLE_CMD, sizeof(cmd), &cmd);
2135 if (final_mode == IWL_POWER_MODE_CAM)
2136 clear_bit(STATUS_POWER_PMI, &priv->status);
2138 set_bit(STATUS_POWER_PMI, &priv->status);
2143 int iwl4965_is_network_packet(struct iwl4965_priv *priv, struct ieee80211_hdr *header)
2145 /* Filter incoming packets to determine if they are targeted toward
2146 * this network, discarding packets coming from ourselves */
2147 switch (priv->iw_mode) {
2148 case IEEE80211_IF_TYPE_IBSS: /* Header: Dest. | Source | BSSID */
2149 /* packets from our adapter are dropped (echo) */
2150 if (!compare_ether_addr(header->addr2, priv->mac_addr))
2152 /* {broad,multi}cast packets to our IBSS go through */
2153 if (is_multicast_ether_addr(header->addr1))
2154 return !compare_ether_addr(header->addr3, priv->bssid);
2155 /* packets to our adapter go through */
2156 return !compare_ether_addr(header->addr1, priv->mac_addr);
2157 case IEEE80211_IF_TYPE_STA: /* Header: Dest. | AP{BSSID} | Source */
2158 /* packets from our adapter are dropped (echo) */
2159 if (!compare_ether_addr(header->addr3, priv->mac_addr))
2161 /* {broad,multi}cast packets to our BSS go through */
2162 if (is_multicast_ether_addr(header->addr1))
2163 return !compare_ether_addr(header->addr2, priv->bssid);
2164 /* packets to our adapter go through */
2165 return !compare_ether_addr(header->addr1, priv->mac_addr);
2171 #define TX_STATUS_ENTRY(x) case TX_STATUS_FAIL_ ## x: return #x
2173 static const char *iwl4965_get_tx_fail_reason(u32 status)
2175 switch (status & TX_STATUS_MSK) {
2176 case TX_STATUS_SUCCESS:
2178 TX_STATUS_ENTRY(SHORT_LIMIT);
2179 TX_STATUS_ENTRY(LONG_LIMIT);
2180 TX_STATUS_ENTRY(FIFO_UNDERRUN);
2181 TX_STATUS_ENTRY(MGMNT_ABORT);
2182 TX_STATUS_ENTRY(NEXT_FRAG);
2183 TX_STATUS_ENTRY(LIFE_EXPIRE);
2184 TX_STATUS_ENTRY(DEST_PS);
2185 TX_STATUS_ENTRY(ABORTED);
2186 TX_STATUS_ENTRY(BT_RETRY);
2187 TX_STATUS_ENTRY(STA_INVALID);
2188 TX_STATUS_ENTRY(FRAG_DROPPED);
2189 TX_STATUS_ENTRY(TID_DISABLE);
2190 TX_STATUS_ENTRY(FRAME_FLUSHED);
2191 TX_STATUS_ENTRY(INSUFFICIENT_CF_POLL);
2192 TX_STATUS_ENTRY(TX_LOCKED);
2193 TX_STATUS_ENTRY(NO_BEACON_ON_RADAR);
2200 * iwl4965_scan_cancel - Cancel any currently executing HW scan
2202 * NOTE: priv->mutex is not required before calling this function
2204 static int iwl4965_scan_cancel(struct iwl4965_priv *priv)
2206 if (!test_bit(STATUS_SCAN_HW, &priv->status)) {
2207 clear_bit(STATUS_SCANNING, &priv->status);
2211 if (test_bit(STATUS_SCANNING, &priv->status)) {
2212 if (!test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
2213 IWL_DEBUG_SCAN("Queuing scan abort.\n");
2214 set_bit(STATUS_SCAN_ABORTING, &priv->status);
2215 queue_work(priv->workqueue, &priv->abort_scan);
2218 IWL_DEBUG_SCAN("Scan abort already in progress.\n");
2220 return test_bit(STATUS_SCANNING, &priv->status);
2227 * iwl4965_scan_cancel_timeout - Cancel any currently executing HW scan
2228 * @ms: amount of time to wait (in milliseconds) for scan to abort
2230 * NOTE: priv->mutex must be held before calling this function
2232 static int iwl4965_scan_cancel_timeout(struct iwl4965_priv *priv, unsigned long ms)
2234 unsigned long now = jiffies;
2237 ret = iwl4965_scan_cancel(priv);
2239 mutex_unlock(&priv->mutex);
2240 while (!time_after(jiffies, now + msecs_to_jiffies(ms)) &&
2241 test_bit(STATUS_SCANNING, &priv->status))
2243 mutex_lock(&priv->mutex);
2245 return test_bit(STATUS_SCANNING, &priv->status);
2251 static void iwl4965_sequence_reset(struct iwl4965_priv *priv)
2253 /* Reset ieee stats */
2255 /* We don't reset the net_device_stats (ieee->stats) on
2258 priv->last_seq_num = -1;
2259 priv->last_frag_num = -1;
2260 priv->last_packet_time = 0;
2262 iwl4965_scan_cancel(priv);
2265 #define MAX_UCODE_BEACON_INTERVAL 4096
2266 #define INTEL_CONN_LISTEN_INTERVAL __constant_cpu_to_le16(0xA)
2268 static __le16 iwl4965_adjust_beacon_interval(u16 beacon_val)
2271 u16 beacon_factor = 0;
2274 (beacon_val + MAX_UCODE_BEACON_INTERVAL)
2275 / MAX_UCODE_BEACON_INTERVAL;
2276 new_val = beacon_val / beacon_factor;
2278 return cpu_to_le16(new_val);
2281 static void iwl4965_setup_rxon_timing(struct iwl4965_priv *priv)
2283 u64 interval_tm_unit;
2285 unsigned long flags;
2286 struct ieee80211_conf *conf = NULL;
2289 conf = ieee80211_get_hw_conf(priv->hw);
2291 spin_lock_irqsave(&priv->lock, flags);
2292 priv->rxon_timing.timestamp.dw[1] = cpu_to_le32(priv->timestamp1);
2293 priv->rxon_timing.timestamp.dw[0] = cpu_to_le32(priv->timestamp0);
2295 priv->rxon_timing.listen_interval = INTEL_CONN_LISTEN_INTERVAL;
2297 tsf = priv->timestamp1;
2298 tsf = ((tsf << 32) | priv->timestamp0);
2300 beacon_int = priv->beacon_int;
2301 spin_unlock_irqrestore(&priv->lock, flags);
2303 if (priv->iw_mode == IEEE80211_IF_TYPE_STA) {
2304 if (beacon_int == 0) {
2305 priv->rxon_timing.beacon_interval = cpu_to_le16(100);
2306 priv->rxon_timing.beacon_init_val = cpu_to_le32(102400);
2308 priv->rxon_timing.beacon_interval =
2309 cpu_to_le16(beacon_int);
2310 priv->rxon_timing.beacon_interval =
2311 iwl4965_adjust_beacon_interval(
2312 le16_to_cpu(priv->rxon_timing.beacon_interval));
2315 priv->rxon_timing.atim_window = 0;
2317 priv->rxon_timing.beacon_interval =
2318 iwl4965_adjust_beacon_interval(conf->beacon_int);
2319 /* TODO: we need to get atim_window from upper stack
2320 * for now we set to 0 */
2321 priv->rxon_timing.atim_window = 0;
2325 (le16_to_cpu(priv->rxon_timing.beacon_interval) * 1024);
2326 result = do_div(tsf, interval_tm_unit);
2327 priv->rxon_timing.beacon_init_val =
2328 cpu_to_le32((u32) ((u64) interval_tm_unit - result));
2331 ("beacon interval %d beacon timer %d beacon tim %d\n",
2332 le16_to_cpu(priv->rxon_timing.beacon_interval),
2333 le32_to_cpu(priv->rxon_timing.beacon_init_val),
2334 le16_to_cpu(priv->rxon_timing.atim_window));
2337 static int iwl4965_scan_initiate(struct iwl4965_priv *priv)
2339 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
2340 IWL_ERROR("APs don't scan.\n");
2344 if (!iwl4965_is_ready_rf(priv)) {
2345 IWL_DEBUG_SCAN("Aborting scan due to not ready.\n");
2349 if (test_bit(STATUS_SCANNING, &priv->status)) {
2350 IWL_DEBUG_SCAN("Scan already in progress.\n");
2354 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
2355 IWL_DEBUG_SCAN("Scan request while abort pending. "
2360 IWL_DEBUG_INFO("Starting scan...\n");
2361 priv->scan_bands = 2;
2362 set_bit(STATUS_SCANNING, &priv->status);
2363 priv->scan_start = jiffies;
2364 priv->scan_pass_start = priv->scan_start;
2366 queue_work(priv->workqueue, &priv->request_scan);
2371 static int iwl4965_set_rxon_hwcrypto(struct iwl4965_priv *priv, int hw_decrypt)
2373 struct iwl4965_rxon_cmd *rxon = &priv->staging_rxon;
2376 rxon->filter_flags &= ~RXON_FILTER_DIS_DECRYPT_MSK;
2378 rxon->filter_flags |= RXON_FILTER_DIS_DECRYPT_MSK;
2383 static void iwl4965_set_flags_for_phymode(struct iwl4965_priv *priv,
2384 enum ieee80211_band band)
2386 if (band == IEEE80211_BAND_5GHZ) {
2387 priv->staging_rxon.flags &=
2388 ~(RXON_FLG_BAND_24G_MSK | RXON_FLG_AUTO_DETECT_MSK
2389 | RXON_FLG_CCK_MSK);
2390 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
2392 /* Copied from iwl4965_bg_post_associate() */
2393 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2394 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
2396 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
2398 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
2399 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
2401 priv->staging_rxon.flags |= RXON_FLG_BAND_24G_MSK;
2402 priv->staging_rxon.flags |= RXON_FLG_AUTO_DETECT_MSK;
2403 priv->staging_rxon.flags &= ~RXON_FLG_CCK_MSK;
2408 * initialize rxon structure with default values from eeprom
2410 static void iwl4965_connection_init_rx_config(struct iwl4965_priv *priv)
2412 const struct iwl4965_channel_info *ch_info;
2414 memset(&priv->staging_rxon, 0, sizeof(priv->staging_rxon));
2416 switch (priv->iw_mode) {
2417 case IEEE80211_IF_TYPE_AP:
2418 priv->staging_rxon.dev_type = RXON_DEV_TYPE_AP;
2421 case IEEE80211_IF_TYPE_STA:
2422 priv->staging_rxon.dev_type = RXON_DEV_TYPE_ESS;
2423 priv->staging_rxon.filter_flags = RXON_FILTER_ACCEPT_GRP_MSK;
2426 case IEEE80211_IF_TYPE_IBSS:
2427 priv->staging_rxon.dev_type = RXON_DEV_TYPE_IBSS;
2428 priv->staging_rxon.flags = RXON_FLG_SHORT_PREAMBLE_MSK;
2429 priv->staging_rxon.filter_flags = RXON_FILTER_BCON_AWARE_MSK |
2430 RXON_FILTER_ACCEPT_GRP_MSK;
2433 case IEEE80211_IF_TYPE_MNTR:
2434 priv->staging_rxon.dev_type = RXON_DEV_TYPE_SNIFFER;
2435 priv->staging_rxon.filter_flags = RXON_FILTER_PROMISC_MSK |
2436 RXON_FILTER_CTL2HOST_MSK | RXON_FILTER_ACCEPT_GRP_MSK;
2441 /* TODO: Figure out when short_preamble would be set and cache from
2443 if (!hw_to_local(priv->hw)->short_preamble)
2444 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
2446 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
2449 ch_info = iwl4965_get_channel_info(priv, priv->band,
2450 le16_to_cpu(priv->staging_rxon.channel));
2453 ch_info = &priv->channel_info[0];
2456 * in some case A channels are all non IBSS
2457 * in this case force B/G channel
2459 if ((priv->iw_mode == IEEE80211_IF_TYPE_IBSS) &&
2460 !(is_channel_ibss(ch_info)))
2461 ch_info = &priv->channel_info[0];
2463 priv->staging_rxon.channel = cpu_to_le16(ch_info->channel);
2464 priv->band = ch_info->band;
2466 iwl4965_set_flags_for_phymode(priv, priv->band);
2468 priv->staging_rxon.ofdm_basic_rates =
2469 (IWL_OFDM_RATES_MASK >> IWL_FIRST_OFDM_RATE) & 0xFF;
2470 priv->staging_rxon.cck_basic_rates =
2471 (IWL_CCK_RATES_MASK >> IWL_FIRST_CCK_RATE) & 0xF;
2473 priv->staging_rxon.flags &= ~(RXON_FLG_CHANNEL_MODE_MIXED_MSK |
2474 RXON_FLG_CHANNEL_MODE_PURE_40_MSK);
2475 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
2476 memcpy(priv->staging_rxon.wlap_bssid_addr, priv->mac_addr, ETH_ALEN);
2477 priv->staging_rxon.ofdm_ht_single_stream_basic_rates = 0xff;
2478 priv->staging_rxon.ofdm_ht_dual_stream_basic_rates = 0xff;
2479 iwl4965_set_rxon_chain(priv);
2482 static int iwl4965_set_mode(struct iwl4965_priv *priv, int mode)
2484 if (mode == IEEE80211_IF_TYPE_IBSS) {
2485 const struct iwl4965_channel_info *ch_info;
2487 ch_info = iwl4965_get_channel_info(priv,
2489 le16_to_cpu(priv->staging_rxon.channel));
2491 if (!ch_info || !is_channel_ibss(ch_info)) {
2492 IWL_ERROR("channel %d not IBSS channel\n",
2493 le16_to_cpu(priv->staging_rxon.channel));
2498 priv->iw_mode = mode;
2500 iwl4965_connection_init_rx_config(priv);
2501 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
2503 iwl4965_clear_stations_table(priv);
2505 /* dont commit rxon if rf-kill is on*/
2506 if (!iwl4965_is_ready_rf(priv))
2509 cancel_delayed_work(&priv->scan_check);
2510 if (iwl4965_scan_cancel_timeout(priv, 100)) {
2511 IWL_WARNING("Aborted scan still in progress after 100ms\n");
2512 IWL_DEBUG_MAC80211("leaving - scan abort failed.\n");
2516 iwl4965_commit_rxon(priv);
2521 static void iwl4965_build_tx_cmd_hwcrypto(struct iwl4965_priv *priv,
2522 struct ieee80211_tx_control *ctl,
2523 struct iwl4965_cmd *cmd,
2524 struct sk_buff *skb_frag,
2527 struct iwl4965_hw_key *keyinfo = &priv->stations[ctl->key_idx].keyinfo;
2529 switch (keyinfo->alg) {
2531 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_CCM;
2532 memcpy(cmd->cmd.tx.key, keyinfo->key, keyinfo->keylen);
2533 IWL_DEBUG_TX("tx_cmd with aes hwcrypto\n");
2538 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_TKIP;
2541 memcpy(cmd->cmd.tx.tkip_mic.byte, skb_frag->tail - 8,
2544 memset(cmd->cmd.tx.tkip_mic.byte, 0, 8);
2549 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_WEP |
2550 (ctl->key_idx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT;
2552 if (keyinfo->keylen == 13)
2553 cmd->cmd.tx.sec_ctl |= TX_CMD_SEC_KEY128;
2555 memcpy(&cmd->cmd.tx.key[3], keyinfo->key, keyinfo->keylen);
2557 IWL_DEBUG_TX("Configuring packet for WEP encryption "
2558 "with key %d\n", ctl->key_idx);
2562 printk(KERN_ERR "Unknown encode alg %d\n", keyinfo->alg);
2568 * handle build REPLY_TX command notification.
2570 static void iwl4965_build_tx_cmd_basic(struct iwl4965_priv *priv,
2571 struct iwl4965_cmd *cmd,
2572 struct ieee80211_tx_control *ctrl,
2573 struct ieee80211_hdr *hdr,
2574 int is_unicast, u8 std_id)
2577 u16 fc = le16_to_cpu(hdr->frame_control);
2578 __le32 tx_flags = cmd->cmd.tx.tx_flags;
2580 cmd->cmd.tx.stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
2581 if (!(ctrl->flags & IEEE80211_TXCTL_NO_ACK)) {
2582 tx_flags |= TX_CMD_FLG_ACK_MSK;
2583 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)
2584 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2585 if (ieee80211_is_probe_response(fc) &&
2586 !(le16_to_cpu(hdr->seq_ctrl) & 0xf))
2587 tx_flags |= TX_CMD_FLG_TSF_MSK;
2589 tx_flags &= (~TX_CMD_FLG_ACK_MSK);
2590 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2593 if (ieee80211_is_back_request(fc))
2594 tx_flags |= TX_CMD_FLG_ACK_MSK | TX_CMD_FLG_IMM_BA_RSP_MASK;
2597 cmd->cmd.tx.sta_id = std_id;
2598 if (ieee80211_get_morefrag(hdr))
2599 tx_flags |= TX_CMD_FLG_MORE_FRAG_MSK;
2601 qc = ieee80211_get_qos_ctrl(hdr);
2603 cmd->cmd.tx.tid_tspec = (u8) (le16_to_cpu(*qc) & 0xf);
2604 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK;
2606 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2608 if (ctrl->flags & IEEE80211_TXCTL_USE_RTS_CTS) {
2609 tx_flags |= TX_CMD_FLG_RTS_MSK;
2610 tx_flags &= ~TX_CMD_FLG_CTS_MSK;
2611 } else if (ctrl->flags & IEEE80211_TXCTL_USE_CTS_PROTECT) {
2612 tx_flags &= ~TX_CMD_FLG_RTS_MSK;
2613 tx_flags |= TX_CMD_FLG_CTS_MSK;
2616 if ((tx_flags & TX_CMD_FLG_RTS_MSK) || (tx_flags & TX_CMD_FLG_CTS_MSK))
2617 tx_flags |= TX_CMD_FLG_FULL_TXOP_PROT_MSK;
2619 tx_flags &= ~(TX_CMD_FLG_ANT_SEL_MSK);
2620 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
2621 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_ASSOC_REQ ||
2622 (fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_REASSOC_REQ)
2623 cmd->cmd.tx.timeout.pm_frame_timeout = cpu_to_le16(3);
2625 cmd->cmd.tx.timeout.pm_frame_timeout = cpu_to_le16(2);
2627 cmd->cmd.tx.timeout.pm_frame_timeout = 0;
2629 cmd->cmd.tx.driver_txop = 0;
2630 cmd->cmd.tx.tx_flags = tx_flags;
2631 cmd->cmd.tx.next_frame_len = 0;
2635 * iwl4965_get_sta_id - Find station's index within station table
2637 * If new IBSS station, create new entry in station table
2639 static int iwl4965_get_sta_id(struct iwl4965_priv *priv,
2640 struct ieee80211_hdr *hdr)
2643 u16 fc = le16_to_cpu(hdr->frame_control);
2644 DECLARE_MAC_BUF(mac);
2646 /* If this frame is broadcast or management, use broadcast station id */
2647 if (((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) ||
2648 is_multicast_ether_addr(hdr->addr1))
2649 return priv->hw_setting.bcast_sta_id;
2651 switch (priv->iw_mode) {
2653 /* If we are a client station in a BSS network, use the special
2654 * AP station entry (that's the only station we communicate with) */
2655 case IEEE80211_IF_TYPE_STA:
2658 /* If we are an AP, then find the station, or use BCAST */
2659 case IEEE80211_IF_TYPE_AP:
2660 sta_id = iwl4965_hw_find_station(priv, hdr->addr1);
2661 if (sta_id != IWL_INVALID_STATION)
2663 return priv->hw_setting.bcast_sta_id;
2665 /* If this frame is going out to an IBSS network, find the station,
2666 * or create a new station table entry */
2667 case IEEE80211_IF_TYPE_IBSS:
2668 sta_id = iwl4965_hw_find_station(priv, hdr->addr1);
2669 if (sta_id != IWL_INVALID_STATION)
2672 /* Create new station table entry */
2673 sta_id = iwl4965_add_station_flags(priv, hdr->addr1,
2674 0, CMD_ASYNC, NULL);
2676 if (sta_id != IWL_INVALID_STATION)
2679 IWL_DEBUG_DROP("Station %s not in station map. "
2680 "Defaulting to broadcast...\n",
2681 print_mac(mac, hdr->addr1));
2682 iwl4965_print_hex_dump(IWL_DL_DROP, (u8 *) hdr, sizeof(*hdr));
2683 return priv->hw_setting.bcast_sta_id;
2686 IWL_WARNING("Unknown mode of operation: %d", priv->iw_mode);
2687 return priv->hw_setting.bcast_sta_id;
2692 * start REPLY_TX command process
2694 static int iwl4965_tx_skb(struct iwl4965_priv *priv,
2695 struct sk_buff *skb, struct ieee80211_tx_control *ctl)
2697 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
2698 struct iwl4965_tfd_frame *tfd;
2700 int txq_id = ctl->queue;
2701 struct iwl4965_tx_queue *txq = NULL;
2702 struct iwl4965_queue *q = NULL;
2703 dma_addr_t phys_addr;
2704 dma_addr_t txcmd_phys;
2705 dma_addr_t scratch_phys;
2706 struct iwl4965_cmd *out_cmd = NULL;
2707 u16 len, idx, len_org;
2708 u8 id, hdr_len, unicast;
2713 u8 wait_write_ptr = 0;
2714 unsigned long flags;
2717 spin_lock_irqsave(&priv->lock, flags);
2718 if (iwl4965_is_rfkill(priv)) {
2719 IWL_DEBUG_DROP("Dropping - RF KILL\n");
2724 IWL_DEBUG_DROP("Dropping - !priv->vif\n");
2728 if ((ctl->tx_rate->hw_value & 0xFF) == IWL_INVALID_RATE) {
2729 IWL_ERROR("ERROR: No TX rate available.\n");
2733 unicast = !is_multicast_ether_addr(hdr->addr1);
2736 fc = le16_to_cpu(hdr->frame_control);
2738 #ifdef CONFIG_IWL4965_DEBUG
2739 if (ieee80211_is_auth(fc))
2740 IWL_DEBUG_TX("Sending AUTH frame\n");
2741 else if (ieee80211_is_assoc_request(fc))
2742 IWL_DEBUG_TX("Sending ASSOC frame\n");
2743 else if (ieee80211_is_reassoc_request(fc))
2744 IWL_DEBUG_TX("Sending REASSOC frame\n");
2747 /* drop all data frame if we are not associated */
2748 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
2749 (!iwl4965_is_associated(priv) ||
2750 ((priv->iw_mode == IEEE80211_IF_TYPE_STA) && !priv->assoc_id) ||
2751 !priv->assoc_station_added)) {
2752 IWL_DEBUG_DROP("Dropping - !iwl4965_is_associated\n");
2756 spin_unlock_irqrestore(&priv->lock, flags);
2758 hdr_len = ieee80211_get_hdrlen(fc);
2760 /* Find (or create) index into station table for destination station */
2761 sta_id = iwl4965_get_sta_id(priv, hdr);
2762 if (sta_id == IWL_INVALID_STATION) {
2763 DECLARE_MAC_BUF(mac);
2765 IWL_DEBUG_DROP("Dropping - INVALID STATION: %s\n",
2766 print_mac(mac, hdr->addr1));
2770 IWL_DEBUG_RATE("station Id %d\n", sta_id);
2772 qc = ieee80211_get_qos_ctrl(hdr);
2774 u8 tid = (u8)(le16_to_cpu(*qc) & 0xf);
2775 seq_number = priv->stations[sta_id].tid[tid].seq_number &
2777 hdr->seq_ctrl = cpu_to_le16(seq_number) |
2779 __constant_cpu_to_le16(IEEE80211_SCTL_FRAG));
2781 #ifdef CONFIG_IWL4965_HT
2782 /* aggregation is on for this <sta,tid> */
2783 if (ctl->flags & IEEE80211_TXCTL_AMPDU)
2784 txq_id = priv->stations[sta_id].tid[tid].agg.txq_id;
2785 priv->stations[sta_id].tid[tid].tfds_in_queue++;
2786 #endif /* CONFIG_IWL4965_HT */
2789 /* Descriptor for chosen Tx queue */
2790 txq = &priv->txq[txq_id];
2793 spin_lock_irqsave(&priv->lock, flags);
2795 /* Set up first empty TFD within this queue's circular TFD buffer */
2796 tfd = &txq->bd[q->write_ptr];
2797 memset(tfd, 0, sizeof(*tfd));
2798 control_flags = (u32 *) tfd;
2799 idx = get_cmd_index(q, q->write_ptr, 0);
2801 /* Set up driver data for this TFD */
2802 memset(&(txq->txb[q->write_ptr]), 0, sizeof(struct iwl4965_tx_info));
2803 txq->txb[q->write_ptr].skb[0] = skb;
2804 memcpy(&(txq->txb[q->write_ptr].status.control),
2805 ctl, sizeof(struct ieee80211_tx_control));
2807 /* Set up first empty entry in queue's array of Tx/cmd buffers */
2808 out_cmd = &txq->cmd[idx];
2809 memset(&out_cmd->hdr, 0, sizeof(out_cmd->hdr));
2810 memset(&out_cmd->cmd.tx, 0, sizeof(out_cmd->cmd.tx));
2813 * Set up the Tx-command (not MAC!) header.
2814 * Store the chosen Tx queue and TFD index within the sequence field;
2815 * after Tx, uCode's Tx response will return this value so driver can
2816 * locate the frame within the tx queue and do post-tx processing.
2818 out_cmd->hdr.cmd = REPLY_TX;
2819 out_cmd->hdr.sequence = cpu_to_le16((u16)(QUEUE_TO_SEQ(txq_id) |
2820 INDEX_TO_SEQ(q->write_ptr)));
2822 /* Copy MAC header from skb into command buffer */
2823 memcpy(out_cmd->cmd.tx.hdr, hdr, hdr_len);
2826 * Use the first empty entry in this queue's command buffer array
2827 * to contain the Tx command and MAC header concatenated together
2828 * (payload data will be in another buffer).
2829 * Size of this varies, due to varying MAC header length.
2830 * If end is not dword aligned, we'll have 2 extra bytes at the end
2831 * of the MAC header (device reads on dword boundaries).
2832 * We'll tell device about this padding later.
2834 len = priv->hw_setting.tx_cmd_len +
2835 sizeof(struct iwl4965_cmd_header) + hdr_len;
2838 len = (len + 3) & ~3;
2845 /* Physical address of this Tx command's header (not MAC header!),
2846 * within command buffer array. */
2847 txcmd_phys = txq->dma_addr_cmd + sizeof(struct iwl4965_cmd) * idx +
2848 offsetof(struct iwl4965_cmd, hdr);
2850 /* Add buffer containing Tx command and MAC(!) header to TFD's
2852 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, txcmd_phys, len);
2854 if (!(ctl->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
2855 iwl4965_build_tx_cmd_hwcrypto(priv, ctl, out_cmd, skb, 0);
2857 /* Set up TFD's 2nd entry to point directly to remainder of skb,
2858 * if any (802.11 null frames have no payload). */
2859 len = skb->len - hdr_len;
2861 phys_addr = pci_map_single(priv->pci_dev, skb->data + hdr_len,
2862 len, PCI_DMA_TODEVICE);
2863 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, phys_addr, len);
2866 /* Tell 4965 about any 2-byte padding after MAC header */
2868 out_cmd->cmd.tx.tx_flags |= TX_CMD_FLG_MH_PAD_MSK;
2870 /* Total # bytes to be transmitted */
2871 len = (u16)skb->len;
2872 out_cmd->cmd.tx.len = cpu_to_le16(len);
2874 /* TODO need this for burst mode later on */
2875 iwl4965_build_tx_cmd_basic(priv, out_cmd, ctl, hdr, unicast, sta_id);
2877 /* set is_hcca to 0; it probably will never be implemented */
2878 iwl4965_hw_build_tx_cmd_rate(priv, out_cmd, ctl, hdr, sta_id, 0);
2880 scratch_phys = txcmd_phys + sizeof(struct iwl4965_cmd_header) +
2881 offsetof(struct iwl4965_tx_cmd, scratch);
2882 out_cmd->cmd.tx.dram_lsb_ptr = cpu_to_le32(scratch_phys);
2883 out_cmd->cmd.tx.dram_msb_ptr = iwl_get_dma_hi_address(scratch_phys);
2885 if (!ieee80211_get_morefrag(hdr)) {
2886 txq->need_update = 1;
2888 u8 tid = (u8)(le16_to_cpu(*qc) & 0xf);
2889 priv->stations[sta_id].tid[tid].seq_number = seq_number;
2893 txq->need_update = 0;
2896 iwl4965_print_hex_dump(IWL_DL_TX, out_cmd->cmd.payload,
2897 sizeof(out_cmd->cmd.tx));
2899 iwl4965_print_hex_dump(IWL_DL_TX, (u8 *)out_cmd->cmd.tx.hdr,
2900 ieee80211_get_hdrlen(fc));
2902 /* Set up entry for this TFD in Tx byte-count array */
2903 iwl4965_tx_queue_update_wr_ptr(priv, txq, len);
2905 /* Tell device the write index *just past* this latest filled TFD */
2906 q->write_ptr = iwl4965_queue_inc_wrap(q->write_ptr, q->n_bd);
2907 rc = iwl4965_tx_queue_update_write_ptr(priv, txq);
2908 spin_unlock_irqrestore(&priv->lock, flags);
2913 if ((iwl4965_queue_space(q) < q->high_mark)
2914 && priv->mac80211_registered) {
2915 if (wait_write_ptr) {
2916 spin_lock_irqsave(&priv->lock, flags);
2917 txq->need_update = 1;
2918 iwl4965_tx_queue_update_write_ptr(priv, txq);
2919 spin_unlock_irqrestore(&priv->lock, flags);
2922 ieee80211_stop_queue(priv->hw, ctl->queue);
2928 spin_unlock_irqrestore(&priv->lock, flags);
2933 static void iwl4965_set_rate(struct iwl4965_priv *priv)
2935 const struct ieee80211_supported_band *hw = NULL;
2936 struct ieee80211_rate *rate;
2939 hw = iwl4965_get_hw_mode(priv, priv->band);
2941 IWL_ERROR("Failed to set rate: unable to get hw mode\n");
2945 priv->active_rate = 0;
2946 priv->active_rate_basic = 0;
2948 for (i = 0; i < hw->n_bitrates; i++) {
2949 rate = &(hw->bitrates[i]);
2950 if (rate->hw_value < IWL_RATE_COUNT)
2951 priv->active_rate |= (1 << rate->hw_value);
2954 IWL_DEBUG_RATE("Set active_rate = %0x, active_rate_basic = %0x\n",
2955 priv->active_rate, priv->active_rate_basic);
2958 * If a basic rate is configured, then use it (adding IWL_RATE_1M_MASK)
2959 * otherwise set it to the default of all CCK rates and 6, 12, 24 for
2962 if (priv->active_rate_basic & IWL_CCK_BASIC_RATES_MASK)
2963 priv->staging_rxon.cck_basic_rates =
2964 ((priv->active_rate_basic &
2965 IWL_CCK_RATES_MASK) >> IWL_FIRST_CCK_RATE) & 0xF;
2967 priv->staging_rxon.cck_basic_rates =
2968 (IWL_CCK_BASIC_RATES_MASK >> IWL_FIRST_CCK_RATE) & 0xF;
2970 if (priv->active_rate_basic & IWL_OFDM_BASIC_RATES_MASK)
2971 priv->staging_rxon.ofdm_basic_rates =
2972 ((priv->active_rate_basic &
2973 (IWL_OFDM_BASIC_RATES_MASK | IWL_RATE_6M_MASK)) >>
2974 IWL_FIRST_OFDM_RATE) & 0xFF;
2976 priv->staging_rxon.ofdm_basic_rates =
2977 (IWL_OFDM_BASIC_RATES_MASK >> IWL_FIRST_OFDM_RATE) & 0xFF;
2980 static void iwl4965_radio_kill_sw(struct iwl4965_priv *priv, int disable_radio)
2982 unsigned long flags;
2984 if (!!disable_radio == test_bit(STATUS_RF_KILL_SW, &priv->status))
2987 IWL_DEBUG_RF_KILL("Manual SW RF KILL set to: RADIO %s\n",
2988 disable_radio ? "OFF" : "ON");
2990 if (disable_radio) {
2991 iwl4965_scan_cancel(priv);
2992 /* FIXME: This is a workaround for AP */
2993 if (priv->iw_mode != IEEE80211_IF_TYPE_AP) {
2994 spin_lock_irqsave(&priv->lock, flags);
2995 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_SET,
2996 CSR_UCODE_SW_BIT_RFKILL);
2997 spin_unlock_irqrestore(&priv->lock, flags);
2998 iwl4965_send_card_state(priv, CARD_STATE_CMD_DISABLE, 0);
2999 set_bit(STATUS_RF_KILL_SW, &priv->status);
3004 spin_lock_irqsave(&priv->lock, flags);
3005 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
3007 clear_bit(STATUS_RF_KILL_SW, &priv->status);
3008 spin_unlock_irqrestore(&priv->lock, flags);
3013 spin_lock_irqsave(&priv->lock, flags);
3014 iwl4965_read32(priv, CSR_UCODE_DRV_GP1);
3015 if (!iwl4965_grab_nic_access(priv))
3016 iwl4965_release_nic_access(priv);
3017 spin_unlock_irqrestore(&priv->lock, flags);
3019 if (test_bit(STATUS_RF_KILL_HW, &priv->status)) {
3020 IWL_DEBUG_RF_KILL("Can not turn radio back on - "
3021 "disabled by HW switch\n");
3025 queue_work(priv->workqueue, &priv->restart);
3029 void iwl4965_set_decrypted_flag(struct iwl4965_priv *priv, struct sk_buff *skb,
3030 u32 decrypt_res, struct ieee80211_rx_status *stats)
3033 le16_to_cpu(((struct ieee80211_hdr *)skb->data)->frame_control);
3035 if (priv->active_rxon.filter_flags & RXON_FILTER_DIS_DECRYPT_MSK)
3038 if (!(fc & IEEE80211_FCTL_PROTECTED))
3041 IWL_DEBUG_RX("decrypt_res:0x%x\n", decrypt_res);
3042 switch (decrypt_res & RX_RES_STATUS_SEC_TYPE_MSK) {
3043 case RX_RES_STATUS_SEC_TYPE_TKIP:
3044 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
3045 RX_RES_STATUS_BAD_ICV_MIC)
3046 stats->flag |= RX_FLAG_MMIC_ERROR;
3047 case RX_RES_STATUS_SEC_TYPE_WEP:
3048 case RX_RES_STATUS_SEC_TYPE_CCMP:
3049 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
3050 RX_RES_STATUS_DECRYPT_OK) {
3051 IWL_DEBUG_RX("hw decrypt successfully!!!\n");
3052 stats->flag |= RX_FLAG_DECRYPTED;
3062 #define IWL_PACKET_RETRY_TIME HZ
3064 int iwl4965_is_duplicate_packet(struct iwl4965_priv *priv, struct ieee80211_hdr *header)
3066 u16 sc = le16_to_cpu(header->seq_ctrl);
3067 u16 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
3068 u16 frag = sc & IEEE80211_SCTL_FRAG;
3069 u16 *last_seq, *last_frag;
3070 unsigned long *last_time;
3072 switch (priv->iw_mode) {
3073 case IEEE80211_IF_TYPE_IBSS:{
3074 struct list_head *p;
3075 struct iwl4965_ibss_seq *entry = NULL;
3076 u8 *mac = header->addr2;
3077 int index = mac[5] & (IWL_IBSS_MAC_HASH_SIZE - 1);
3079 __list_for_each(p, &priv->ibss_mac_hash[index]) {
3080 entry = list_entry(p, struct iwl4965_ibss_seq, list);
3081 if (!compare_ether_addr(entry->mac, mac))
3084 if (p == &priv->ibss_mac_hash[index]) {
3085 entry = kzalloc(sizeof(*entry), GFP_ATOMIC);
3087 IWL_ERROR("Cannot malloc new mac entry\n");
3090 memcpy(entry->mac, mac, ETH_ALEN);
3091 entry->seq_num = seq;
3092 entry->frag_num = frag;
3093 entry->packet_time = jiffies;
3094 list_add(&entry->list, &priv->ibss_mac_hash[index]);
3097 last_seq = &entry->seq_num;
3098 last_frag = &entry->frag_num;
3099 last_time = &entry->packet_time;
3102 case IEEE80211_IF_TYPE_STA:
3103 last_seq = &priv->last_seq_num;
3104 last_frag = &priv->last_frag_num;
3105 last_time = &priv->last_packet_time;
3110 if ((*last_seq == seq) &&
3111 time_after(*last_time + IWL_PACKET_RETRY_TIME, jiffies)) {
3112 if (*last_frag == frag)
3114 if (*last_frag + 1 != frag)
3115 /* out-of-order fragment */
3121 *last_time = jiffies;
3128 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
3130 #include "iwl-spectrum.h"
3132 #define BEACON_TIME_MASK_LOW 0x00FFFFFF
3133 #define BEACON_TIME_MASK_HIGH 0xFF000000
3134 #define TIME_UNIT 1024
3137 * extended beacon time format
3138 * time in usec will be changed into a 32-bit value in 8:24 format
3139 * the high 1 byte is the beacon counts
3140 * the lower 3 bytes is the time in usec within one beacon interval
3143 static u32 iwl4965_usecs_to_beacons(u32 usec, u32 beacon_interval)
3147 u32 interval = beacon_interval * 1024;
3149 if (!interval || !usec)
3152 quot = (usec / interval) & (BEACON_TIME_MASK_HIGH >> 24);
3153 rem = (usec % interval) & BEACON_TIME_MASK_LOW;
3155 return (quot << 24) + rem;
3158 /* base is usually what we get from ucode with each received frame,
3159 * the same as HW timer counter counting down
3162 static __le32 iwl4965_add_beacon_time(u32 base, u32 addon, u32 beacon_interval)
3164 u32 base_low = base & BEACON_TIME_MASK_LOW;
3165 u32 addon_low = addon & BEACON_TIME_MASK_LOW;
3166 u32 interval = beacon_interval * TIME_UNIT;
3167 u32 res = (base & BEACON_TIME_MASK_HIGH) +
3168 (addon & BEACON_TIME_MASK_HIGH);
3170 if (base_low > addon_low)
3171 res += base_low - addon_low;
3172 else if (base_low < addon_low) {
3173 res += interval + base_low - addon_low;
3178 return cpu_to_le32(res);
3181 static int iwl4965_get_measurement(struct iwl4965_priv *priv,
3182 struct ieee80211_measurement_params *params,
3185 struct iwl4965_spectrum_cmd spectrum;
3186 struct iwl4965_rx_packet *res;
3187 struct iwl4965_host_cmd cmd = {
3188 .id = REPLY_SPECTRUM_MEASUREMENT_CMD,
3189 .data = (void *)&spectrum,
3190 .meta.flags = CMD_WANT_SKB,
3192 u32 add_time = le64_to_cpu(params->start_time);
3194 int spectrum_resp_status;
3195 int duration = le16_to_cpu(params->duration);
3197 if (iwl4965_is_associated(priv))
3199 iwl4965_usecs_to_beacons(
3200 le64_to_cpu(params->start_time) - priv->last_tsf,
3201 le16_to_cpu(priv->rxon_timing.beacon_interval));
3203 memset(&spectrum, 0, sizeof(spectrum));
3205 spectrum.channel_count = cpu_to_le16(1);
3207 RXON_FLG_TSF2HOST_MSK | RXON_FLG_ANT_A_MSK | RXON_FLG_DIS_DIV_MSK;
3208 spectrum.filter_flags = MEASUREMENT_FILTER_FLAG;
3209 cmd.len = sizeof(spectrum);
3210 spectrum.len = cpu_to_le16(cmd.len - sizeof(spectrum.len));
3212 if (iwl4965_is_associated(priv))
3213 spectrum.start_time =
3214 iwl4965_add_beacon_time(priv->last_beacon_time,
3216 le16_to_cpu(priv->rxon_timing.beacon_interval));
3218 spectrum.start_time = 0;
3220 spectrum.channels[0].duration = cpu_to_le32(duration * TIME_UNIT);
3221 spectrum.channels[0].channel = params->channel;
3222 spectrum.channels[0].type = type;
3223 if (priv->active_rxon.flags & RXON_FLG_BAND_24G_MSK)
3224 spectrum.flags |= RXON_FLG_BAND_24G_MSK |
3225 RXON_FLG_AUTO_DETECT_MSK | RXON_FLG_TGG_PROTECT_MSK;
3227 rc = iwl4965_send_cmd_sync(priv, &cmd);
3231 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
3232 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
3233 IWL_ERROR("Bad return from REPLY_RX_ON_ASSOC command\n");
3237 spectrum_resp_status = le16_to_cpu(res->u.spectrum.status);
3238 switch (spectrum_resp_status) {
3239 case 0: /* Command will be handled */
3240 if (res->u.spectrum.id != 0xff) {
3242 ("Replaced existing measurement: %d\n",
3243 res->u.spectrum.id);
3244 priv->measurement_status &= ~MEASUREMENT_READY;
3246 priv->measurement_status |= MEASUREMENT_ACTIVE;
3250 case 1: /* Command will not be handled */
3255 dev_kfree_skb_any(cmd.meta.u.skb);
3261 static void iwl4965_txstatus_to_ieee(struct iwl4965_priv *priv,
3262 struct iwl4965_tx_info *tx_sta)
3265 tx_sta->status.ack_signal = 0;
3266 tx_sta->status.excessive_retries = 0;
3267 tx_sta->status.queue_length = 0;
3268 tx_sta->status.queue_number = 0;
3271 ieee80211_tx_status_irqsafe(priv->hw,
3272 tx_sta->skb[0], &(tx_sta->status));
3274 ieee80211_tx_status(priv->hw,
3275 tx_sta->skb[0], &(tx_sta->status));
3277 tx_sta->skb[0] = NULL;
3281 * iwl4965_tx_queue_reclaim - Reclaim Tx queue entries already Tx'd
3283 * When FW advances 'R' index, all entries between old and new 'R' index
3284 * need to be reclaimed. As result, some free space forms. If there is
3285 * enough free space (> low mark), wake the stack that feeds us.
3287 int iwl4965_tx_queue_reclaim(struct iwl4965_priv *priv, int txq_id, int index)
3289 struct iwl4965_tx_queue *txq = &priv->txq[txq_id];
3290 struct iwl4965_queue *q = &txq->q;
3293 if ((index >= q->n_bd) || (x2_queue_used(q, index) == 0)) {
3294 IWL_ERROR("Read index for DMA queue txq id (%d), index %d, "
3295 "is out of range [0-%d] %d %d.\n", txq_id,
3296 index, q->n_bd, q->write_ptr, q->read_ptr);
3300 for (index = iwl4965_queue_inc_wrap(index, q->n_bd);
3301 q->read_ptr != index;
3302 q->read_ptr = iwl4965_queue_inc_wrap(q->read_ptr, q->n_bd)) {
3303 if (txq_id != IWL_CMD_QUEUE_NUM) {
3304 iwl4965_txstatus_to_ieee(priv,
3305 &(txq->txb[txq->q.read_ptr]));
3306 iwl4965_hw_txq_free_tfd(priv, txq);
3307 } else if (nfreed > 1) {
3308 IWL_ERROR("HCMD skipped: index (%d) %d %d\n", index,
3309 q->write_ptr, q->read_ptr);
3310 queue_work(priv->workqueue, &priv->restart);
3315 /* if (iwl4965_queue_space(q) > q->low_mark && (txq_id >= 0) &&
3316 (txq_id != IWL_CMD_QUEUE_NUM) &&
3317 priv->mac80211_registered)
3318 ieee80211_wake_queue(priv->hw, txq_id); */
3324 static int iwl4965_is_tx_success(u32 status)
3326 status &= TX_STATUS_MSK;
3327 return (status == TX_STATUS_SUCCESS)
3328 || (status == TX_STATUS_DIRECT_DONE);
3331 /******************************************************************************
3333 * Generic RX handler implementations
3335 ******************************************************************************/
3336 #ifdef CONFIG_IWL4965_HT
3338 static inline int iwl4965_get_ra_sta_id(struct iwl4965_priv *priv,
3339 struct ieee80211_hdr *hdr)
3341 if (priv->iw_mode == IEEE80211_IF_TYPE_STA)
3344 u8 *da = ieee80211_get_DA(hdr);
3345 return iwl4965_hw_find_station(priv, da);
3349 static struct ieee80211_hdr *iwl4965_tx_queue_get_hdr(
3350 struct iwl4965_priv *priv, int txq_id, int idx)
3352 if (priv->txq[txq_id].txb[idx].skb[0])
3353 return (struct ieee80211_hdr *)priv->txq[txq_id].
3354 txb[idx].skb[0]->data;
3358 static inline u32 iwl4965_get_scd_ssn(struct iwl4965_tx_resp *tx_resp)
3360 __le32 *scd_ssn = (__le32 *)((u32 *)&tx_resp->status +
3361 tx_resp->frame_count);
3362 return le32_to_cpu(*scd_ssn) & MAX_SN;
3367 * iwl4965_tx_status_reply_tx - Handle Tx rspnse for frames in aggregation queue
3369 static int iwl4965_tx_status_reply_tx(struct iwl4965_priv *priv,
3370 struct iwl4965_ht_agg *agg,
3371 struct iwl4965_tx_resp_agg *tx_resp,
3375 struct agg_tx_status *frame_status = &tx_resp->status;
3376 struct ieee80211_tx_status *tx_status = NULL;
3377 struct ieee80211_hdr *hdr = NULL;
3382 if (agg->wait_for_ba)
3383 IWL_DEBUG_TX_REPLY("got tx response w/o block-ack\n");
3385 agg->frame_count = tx_resp->frame_count;
3386 agg->start_idx = start_idx;
3387 agg->rate_n_flags = le32_to_cpu(tx_resp->rate_n_flags);
3390 /* # frames attempted by Tx command */
3391 if (agg->frame_count == 1) {
3392 /* Only one frame was attempted; no block-ack will arrive */
3393 status = le16_to_cpu(frame_status[0].status);
3394 seq = le16_to_cpu(frame_status[0].sequence);
3395 idx = SEQ_TO_INDEX(seq);
3396 txq_id = SEQ_TO_QUEUE(seq);
3398 /* FIXME: code repetition */
3399 IWL_DEBUG_TX_REPLY("FrameCnt = %d, StartIdx=%d idx=%d\n",
3400 agg->frame_count, agg->start_idx, idx);
3402 tx_status = &(priv->txq[txq_id].txb[idx].status);
3403 tx_status->retry_count = tx_resp->failure_frame;
3404 tx_status->queue_number = status & 0xff;
3405 tx_status->queue_length = tx_resp->failure_rts;
3406 tx_status->control.flags &= ~IEEE80211_TXCTL_AMPDU;
3407 tx_status->flags = iwl4965_is_tx_success(status)?
3408 IEEE80211_TX_STATUS_ACK : 0;
3409 iwl4965_hwrate_to_tx_control(priv,
3410 le32_to_cpu(tx_resp->rate_n_flags),
3411 &tx_status->control);
3412 /* FIXME: code repetition end */
3414 IWL_DEBUG_TX_REPLY("1 Frame 0x%x failure :%d\n",
3415 status & 0xff, tx_resp->failure_frame);
3416 IWL_DEBUG_TX_REPLY("Rate Info rate_n_flags=%x\n",
3417 iwl4965_hw_get_rate_n_flags(tx_resp->rate_n_flags));
3419 agg->wait_for_ba = 0;
3421 /* Two or more frames were attempted; expect block-ack */
3423 int start = agg->start_idx;
3425 /* Construct bit-map of pending frames within Tx window */
3426 for (i = 0; i < agg->frame_count; i++) {
3428 status = le16_to_cpu(frame_status[i].status);
3429 seq = le16_to_cpu(frame_status[i].sequence);
3430 idx = SEQ_TO_INDEX(seq);
3431 txq_id = SEQ_TO_QUEUE(seq);
3433 if (status & (AGG_TX_STATE_FEW_BYTES_MSK |
3434 AGG_TX_STATE_ABORT_MSK))
3437 IWL_DEBUG_TX_REPLY("FrameCnt = %d, txq_id=%d idx=%d\n",
3438 agg->frame_count, txq_id, idx);
3440 hdr = iwl4965_tx_queue_get_hdr(priv, txq_id, idx);
3442 sc = le16_to_cpu(hdr->seq_ctrl);
3443 if (idx != (SEQ_TO_SN(sc) & 0xff)) {
3444 IWL_ERROR("BUG_ON idx doesn't match seq control"
3445 " idx=%d, seq_idx=%d, seq=%d\n",
3451 IWL_DEBUG_TX_REPLY("AGG Frame i=%d idx %d seq=%d\n",
3452 i, idx, SEQ_TO_SN(sc));
3456 sh = (start - idx) + 0xff;
3457 bitmap = bitmap << sh;
3460 } else if (sh < -64)
3461 sh = 0xff - (start - idx);
3465 bitmap = bitmap << sh;
3468 bitmap |= (1 << sh);
3469 IWL_DEBUG_TX_REPLY("start=%d bitmap=0x%x\n",
3470 start, (u32)(bitmap & 0xFFFFFFFF));
3473 agg->bitmap = bitmap;
3474 agg->start_idx = start;
3475 agg->rate_n_flags = le32_to_cpu(tx_resp->rate_n_flags);
3476 IWL_DEBUG_TX_REPLY("Frames %d start_idx=%d bitmap=0x%llx\n",
3477 agg->frame_count, agg->start_idx,
3481 agg->wait_for_ba = 1;
3488 * iwl4965_rx_reply_tx - Handle standard (non-aggregation) Tx response
3490 static void iwl4965_rx_reply_tx(struct iwl4965_priv *priv,
3491 struct iwl4965_rx_mem_buffer *rxb)
3493 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3494 u16 sequence = le16_to_cpu(pkt->hdr.sequence);
3495 int txq_id = SEQ_TO_QUEUE(sequence);
3496 int index = SEQ_TO_INDEX(sequence);
3497 struct iwl4965_tx_queue *txq = &priv->txq[txq_id];
3498 struct ieee80211_tx_status *tx_status;
3499 struct iwl4965_tx_resp *tx_resp = (void *)&pkt->u.raw[0];
3500 u32 status = le32_to_cpu(tx_resp->status);
3501 #ifdef CONFIG_IWL4965_HT
3502 int tid = MAX_TID_COUNT, sta_id = IWL_INVALID_STATION;
3503 struct ieee80211_hdr *hdr;
3507 if ((index >= txq->q.n_bd) || (x2_queue_used(&txq->q, index) == 0)) {
3508 IWL_ERROR("Read index for DMA queue txq_id (%d) index %d "
3509 "is out of range [0-%d] %d %d\n", txq_id,
3510 index, txq->q.n_bd, txq->q.write_ptr,
3515 #ifdef CONFIG_IWL4965_HT
3516 hdr = iwl4965_tx_queue_get_hdr(priv, txq_id, index);
3517 qc = ieee80211_get_qos_ctrl(hdr);
3520 tid = le16_to_cpu(*qc) & 0xf;
3522 sta_id = iwl4965_get_ra_sta_id(priv, hdr);
3523 if (txq->sched_retry && unlikely(sta_id == IWL_INVALID_STATION)) {
3524 IWL_ERROR("Station not known\n");
3528 if (txq->sched_retry) {
3529 const u32 scd_ssn = iwl4965_get_scd_ssn(tx_resp);
3530 struct iwl4965_ht_agg *agg = NULL;
3535 agg = &priv->stations[sta_id].tid[tid].agg;
3537 iwl4965_tx_status_reply_tx(priv, agg,
3538 (struct iwl4965_tx_resp_agg *)tx_resp, index);
3540 if ((tx_resp->frame_count == 1) &&
3541 !iwl4965_is_tx_success(status)) {
3542 /* TODO: send BAR */
3545 if (txq->q.read_ptr != (scd_ssn & 0xff)) {
3547 index = iwl4965_queue_dec_wrap(scd_ssn & 0xff, txq->q.n_bd);
3548 IWL_DEBUG_TX_REPLY("Retry scheduler reclaim scd_ssn "
3549 "%d index %d\n", scd_ssn , index);
3550 freed = iwl4965_tx_queue_reclaim(priv, txq_id, index);
3551 priv->stations[sta_id].tid[tid].tfds_in_queue -= freed;
3553 if (iwl4965_queue_space(&txq->q) > txq->q.low_mark &&
3554 txq_id >= 0 && priv->mac80211_registered &&
3555 agg->state != IWL_EMPTYING_HW_QUEUE_DELBA)
3556 ieee80211_wake_queue(priv->hw, txq_id);
3558 iwl4965_check_empty_hw_queue(priv, sta_id, tid, txq_id);
3561 #endif /* CONFIG_IWL4965_HT */
3562 tx_status = &(txq->txb[txq->q.read_ptr].status);
3564 tx_status->retry_count = tx_resp->failure_frame;
3565 tx_status->queue_number = status;
3566 tx_status->queue_length = tx_resp->bt_kill_count;
3567 tx_status->queue_length |= tx_resp->failure_rts;
3569 iwl4965_is_tx_success(status) ? IEEE80211_TX_STATUS_ACK : 0;
3570 iwl4965_hwrate_to_tx_control(priv, le32_to_cpu(tx_resp->rate_n_flags),
3571 &tx_status->control);
3573 IWL_DEBUG_TX("Tx queue %d Status %s (0x%08x) rate_n_flags 0x%x "
3574 "retries %d\n", txq_id, iwl4965_get_tx_fail_reason(status),
3575 status, le32_to_cpu(tx_resp->rate_n_flags),
3576 tx_resp->failure_frame);
3578 IWL_DEBUG_TX_REPLY("Tx queue reclaim %d\n", index);
3580 int freed = iwl4965_tx_queue_reclaim(priv, txq_id, index);
3581 #ifdef CONFIG_IWL4965_HT
3582 if (tid != MAX_TID_COUNT)
3583 priv->stations[sta_id].tid[tid].tfds_in_queue -= freed;
3584 if (iwl4965_queue_space(&txq->q) > txq->q.low_mark &&
3586 priv->mac80211_registered)
3587 ieee80211_wake_queue(priv->hw, txq_id);
3588 if (tid != MAX_TID_COUNT)
3589 iwl4965_check_empty_hw_queue(priv, sta_id, tid, txq_id);
3592 #ifdef CONFIG_IWL4965_HT
3594 #endif /* CONFIG_IWL4965_HT */
3596 if (iwl_check_bits(status, TX_ABORT_REQUIRED_MSK))
3597 IWL_ERROR("TODO: Implement Tx ABORT REQUIRED!!!\n");
3601 static void iwl4965_rx_reply_alive(struct iwl4965_priv *priv,
3602 struct iwl4965_rx_mem_buffer *rxb)
3604 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3605 struct iwl4965_alive_resp *palive;
3606 struct delayed_work *pwork;
3608 palive = &pkt->u.alive_frame;
3610 IWL_DEBUG_INFO("Alive ucode status 0x%08X revision "
3612 palive->is_valid, palive->ver_type,
3613 palive->ver_subtype);
3615 if (palive->ver_subtype == INITIALIZE_SUBTYPE) {
3616 IWL_DEBUG_INFO("Initialization Alive received.\n");
3617 memcpy(&priv->card_alive_init,
3618 &pkt->u.alive_frame,
3619 sizeof(struct iwl4965_init_alive_resp));
3620 pwork = &priv->init_alive_start;
3622 IWL_DEBUG_INFO("Runtime Alive received.\n");
3623 memcpy(&priv->card_alive, &pkt->u.alive_frame,
3624 sizeof(struct iwl4965_alive_resp));
3625 pwork = &priv->alive_start;
3628 /* We delay the ALIVE response by 5ms to
3629 * give the HW RF Kill time to activate... */
3630 if (palive->is_valid == UCODE_VALID_OK)
3631 queue_delayed_work(priv->workqueue, pwork,
3632 msecs_to_jiffies(5));
3634 IWL_WARNING("uCode did not respond OK.\n");
3637 static void iwl4965_rx_reply_add_sta(struct iwl4965_priv *priv,
3638 struct iwl4965_rx_mem_buffer *rxb)
3640 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3642 IWL_DEBUG_RX("Received REPLY_ADD_STA: 0x%02X\n", pkt->u.status);
3646 static void iwl4965_rx_reply_error(struct iwl4965_priv *priv,
3647 struct iwl4965_rx_mem_buffer *rxb)
3649 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3651 IWL_ERROR("Error Reply type 0x%08X cmd %s (0x%02X) "
3652 "seq 0x%04X ser 0x%08X\n",
3653 le32_to_cpu(pkt->u.err_resp.error_type),
3654 get_cmd_string(pkt->u.err_resp.cmd_id),
3655 pkt->u.err_resp.cmd_id,
3656 le16_to_cpu(pkt->u.err_resp.bad_cmd_seq_num),
3657 le32_to_cpu(pkt->u.err_resp.error_info));
3660 #define TX_STATUS_ENTRY(x) case TX_STATUS_FAIL_ ## x: return #x
3662 static void iwl4965_rx_csa(struct iwl4965_priv *priv, struct iwl4965_rx_mem_buffer *rxb)
3664 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3665 struct iwl4965_rxon_cmd *rxon = (void *)&priv->active_rxon;
3666 struct iwl4965_csa_notification *csa = &(pkt->u.csa_notif);
3667 IWL_DEBUG_11H("CSA notif: channel %d, status %d\n",
3668 le16_to_cpu(csa->channel), le32_to_cpu(csa->status));
3669 rxon->channel = csa->channel;
3670 priv->staging_rxon.channel = csa->channel;
3673 static void iwl4965_rx_spectrum_measure_notif(struct iwl4965_priv *priv,
3674 struct iwl4965_rx_mem_buffer *rxb)
3676 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
3677 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3678 struct iwl4965_spectrum_notification *report = &(pkt->u.spectrum_notif);
3680 if (!report->state) {
3681 IWL_DEBUG(IWL_DL_11H | IWL_DL_INFO,
3682 "Spectrum Measure Notification: Start\n");
3686 memcpy(&priv->measure_report, report, sizeof(*report));
3687 priv->measurement_status |= MEASUREMENT_READY;
3691 static void iwl4965_rx_pm_sleep_notif(struct iwl4965_priv *priv,
3692 struct iwl4965_rx_mem_buffer *rxb)
3694 #ifdef CONFIG_IWL4965_DEBUG
3695 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3696 struct iwl4965_sleep_notification *sleep = &(pkt->u.sleep_notif);
3697 IWL_DEBUG_RX("sleep mode: %d, src: %d\n",
3698 sleep->pm_sleep_mode, sleep->pm_wakeup_src);
3702 static void iwl4965_rx_pm_debug_statistics_notif(struct iwl4965_priv *priv,
3703 struct iwl4965_rx_mem_buffer *rxb)
3705 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3706 IWL_DEBUG_RADIO("Dumping %d bytes of unhandled "
3707 "notification for %s:\n",
3708 le32_to_cpu(pkt->len), get_cmd_string(pkt->hdr.cmd));
3709 iwl4965_print_hex_dump(IWL_DL_RADIO, pkt->u.raw, le32_to_cpu(pkt->len));
3712 static void iwl4965_bg_beacon_update(struct work_struct *work)
3714 struct iwl4965_priv *priv =
3715 container_of(work, struct iwl4965_priv, beacon_update);
3716 struct sk_buff *beacon;
3718 /* Pull updated AP beacon from mac80211. will fail if not in AP mode */
3719 beacon = ieee80211_beacon_get(priv->hw, priv->vif, NULL);
3722 IWL_ERROR("update beacon failed\n");
3726 mutex_lock(&priv->mutex);
3727 /* new beacon skb is allocated every time; dispose previous.*/
3728 if (priv->ibss_beacon)
3729 dev_kfree_skb(priv->ibss_beacon);
3731 priv->ibss_beacon = beacon;
3732 mutex_unlock(&priv->mutex);
3734 iwl4965_send_beacon_cmd(priv);
3737 static void iwl4965_rx_beacon_notif(struct iwl4965_priv *priv,
3738 struct iwl4965_rx_mem_buffer *rxb)
3740 #ifdef CONFIG_IWL4965_DEBUG
3741 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3742 struct iwl4965_beacon_notif *beacon = &(pkt->u.beacon_status);
3743 u8 rate = iwl4965_hw_get_rate(beacon->beacon_notify_hdr.rate_n_flags);
3745 IWL_DEBUG_RX("beacon status %x retries %d iss %d "
3746 "tsf %d %d rate %d\n",
3747 le32_to_cpu(beacon->beacon_notify_hdr.status) & TX_STATUS_MSK,
3748 beacon->beacon_notify_hdr.failure_frame,
3749 le32_to_cpu(beacon->ibss_mgr_status),
3750 le32_to_cpu(beacon->high_tsf),
3751 le32_to_cpu(beacon->low_tsf), rate);
3754 if ((priv->iw_mode == IEEE80211_IF_TYPE_AP) &&
3755 (!test_bit(STATUS_EXIT_PENDING, &priv->status)))
3756 queue_work(priv->workqueue, &priv->beacon_update);
3759 /* Service response to REPLY_SCAN_CMD (0x80) */
3760 static void iwl4965_rx_reply_scan(struct iwl4965_priv *priv,
3761 struct iwl4965_rx_mem_buffer *rxb)
3763 #ifdef CONFIG_IWL4965_DEBUG
3764 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3765 struct iwl4965_scanreq_notification *notif =
3766 (struct iwl4965_scanreq_notification *)pkt->u.raw;
3768 IWL_DEBUG_RX("Scan request status = 0x%x\n", notif->status);
3772 /* Service SCAN_START_NOTIFICATION (0x82) */
3773 static void iwl4965_rx_scan_start_notif(struct iwl4965_priv *priv,
3774 struct iwl4965_rx_mem_buffer *rxb)
3776 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3777 struct iwl4965_scanstart_notification *notif =
3778 (struct iwl4965_scanstart_notification *)pkt->u.raw;
3779 priv->scan_start_tsf = le32_to_cpu(notif->tsf_low);
3780 IWL_DEBUG_SCAN("Scan start: "
3782 "(TSF: 0x%08X:%08X) - %d (beacon timer %u)\n",
3784 notif->band ? "bg" : "a",
3786 notif->tsf_low, notif->status, notif->beacon_timer);
3789 /* Service SCAN_RESULTS_NOTIFICATION (0x83) */
3790 static void iwl4965_rx_scan_results_notif(struct iwl4965_priv *priv,
3791 struct iwl4965_rx_mem_buffer *rxb)
3793 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3794 struct iwl4965_scanresults_notification *notif =
3795 (struct iwl4965_scanresults_notification *)pkt->u.raw;
3797 IWL_DEBUG_SCAN("Scan ch.res: "
3799 "(TSF: 0x%08X:%08X) - %d "
3800 "elapsed=%lu usec (%dms since last)\n",
3802 notif->band ? "bg" : "a",
3803 le32_to_cpu(notif->tsf_high),
3804 le32_to_cpu(notif->tsf_low),
3805 le32_to_cpu(notif->statistics[0]),
3806 le32_to_cpu(notif->tsf_low) - priv->scan_start_tsf,
3807 jiffies_to_msecs(elapsed_jiffies
3808 (priv->last_scan_jiffies, jiffies)));
3810 priv->last_scan_jiffies = jiffies;
3811 priv->next_scan_jiffies = 0;
3814 /* Service SCAN_COMPLETE_NOTIFICATION (0x84) */
3815 static void iwl4965_rx_scan_complete_notif(struct iwl4965_priv *priv,
3816 struct iwl4965_rx_mem_buffer *rxb)
3818 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3819 struct iwl4965_scancomplete_notification *scan_notif = (void *)pkt->u.raw;
3821 IWL_DEBUG_SCAN("Scan complete: %d channels (TSF 0x%08X:%08X) - %d\n",
3822 scan_notif->scanned_channels,
3823 scan_notif->tsf_low,
3824 scan_notif->tsf_high, scan_notif->status);
3826 /* The HW is no longer scanning */
3827 clear_bit(STATUS_SCAN_HW, &priv->status);
3829 /* The scan completion notification came in, so kill that timer... */
3830 cancel_delayed_work(&priv->scan_check);
3832 IWL_DEBUG_INFO("Scan pass on %sGHz took %dms\n",
3833 (priv->scan_bands == 2) ? "2.4" : "5.2",
3834 jiffies_to_msecs(elapsed_jiffies
3835 (priv->scan_pass_start, jiffies)));
3837 /* Remove this scanned band from the list
3838 * of pending bands to scan */
3841 /* If a request to abort was given, or the scan did not succeed
3842 * then we reset the scan state machine and terminate,
3843 * re-queuing another scan if one has been requested */
3844 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
3845 IWL_DEBUG_INFO("Aborted scan completed.\n");
3846 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
3848 /* If there are more bands on this scan pass reschedule */
3849 if (priv->scan_bands > 0)
3853 priv->last_scan_jiffies = jiffies;
3854 priv->next_scan_jiffies = 0;
3855 IWL_DEBUG_INFO("Setting scan to off\n");
3857 clear_bit(STATUS_SCANNING, &priv->status);
3859 IWL_DEBUG_INFO("Scan took %dms\n",
3860 jiffies_to_msecs(elapsed_jiffies(priv->scan_start, jiffies)));
3862 queue_work(priv->workqueue, &priv->scan_completed);
3867 priv->scan_pass_start = jiffies;
3868 queue_work(priv->workqueue, &priv->request_scan);
3871 /* Handle notification from uCode that card's power state is changing
3872 * due to software, hardware, or critical temperature RFKILL */
3873 static void iwl4965_rx_card_state_notif(struct iwl4965_priv *priv,
3874 struct iwl4965_rx_mem_buffer *rxb)
3876 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3877 u32 flags = le32_to_cpu(pkt->u.card_state_notif.flags);
3878 unsigned long status = priv->status;
3880 IWL_DEBUG_RF_KILL("Card state received: HW:%s SW:%s\n",
3881 (flags & HW_CARD_DISABLED) ? "Kill" : "On",
3882 (flags & SW_CARD_DISABLED) ? "Kill" : "On");
3884 if (flags & (SW_CARD_DISABLED | HW_CARD_DISABLED |
3885 RF_CARD_DISABLED)) {
3887 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_SET,
3888 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
3890 if (!iwl4965_grab_nic_access(priv)) {
3891 iwl4965_write_direct32(
3892 priv, HBUS_TARG_MBX_C,
3893 HBUS_TARG_MBX_C_REG_BIT_CMD_BLOCKED);
3895 iwl4965_release_nic_access(priv);
3898 if (!(flags & RXON_CARD_DISABLED)) {
3899 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_CLR,
3900 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
3901 if (!iwl4965_grab_nic_access(priv)) {
3902 iwl4965_write_direct32(
3903 priv, HBUS_TARG_MBX_C,
3904 HBUS_TARG_MBX_C_REG_BIT_CMD_BLOCKED);
3906 iwl4965_release_nic_access(priv);
3910 if (flags & RF_CARD_DISABLED) {
3911 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_SET,
3912 CSR_UCODE_DRV_GP1_REG_BIT_CT_KILL_EXIT);
3913 iwl4965_read32(priv, CSR_UCODE_DRV_GP1);
3914 if (!iwl4965_grab_nic_access(priv))
3915 iwl4965_release_nic_access(priv);
3919 if (flags & HW_CARD_DISABLED)
3920 set_bit(STATUS_RF_KILL_HW, &priv->status);
3922 clear_bit(STATUS_RF_KILL_HW, &priv->status);
3925 if (flags & SW_CARD_DISABLED)
3926 set_bit(STATUS_RF_KILL_SW, &priv->status);
3928 clear_bit(STATUS_RF_KILL_SW, &priv->status);
3930 if (!(flags & RXON_CARD_DISABLED))
3931 iwl4965_scan_cancel(priv);
3933 if ((test_bit(STATUS_RF_KILL_HW, &status) !=
3934 test_bit(STATUS_RF_KILL_HW, &priv->status)) ||
3935 (test_bit(STATUS_RF_KILL_SW, &status) !=
3936 test_bit(STATUS_RF_KILL_SW, &priv->status)))
3937 queue_work(priv->workqueue, &priv->rf_kill);
3939 wake_up_interruptible(&priv->wait_command_queue);
3943 * iwl4965_setup_rx_handlers - Initialize Rx handler callbacks
3945 * Setup the RX handlers for each of the reply types sent from the uCode
3948 * This function chains into the hardware specific files for them to setup
3949 * any hardware specific handlers as well.
3951 static void iwl4965_setup_rx_handlers(struct iwl4965_priv *priv)
3953 priv->rx_handlers[REPLY_ALIVE] = iwl4965_rx_reply_alive;
3954 priv->rx_handlers[REPLY_ADD_STA] = iwl4965_rx_reply_add_sta;
3955 priv->rx_handlers[REPLY_ERROR] = iwl4965_rx_reply_error;
3956 priv->rx_handlers[CHANNEL_SWITCH_NOTIFICATION] = iwl4965_rx_csa;
3957 priv->rx_handlers[SPECTRUM_MEASURE_NOTIFICATION] =
3958 iwl4965_rx_spectrum_measure_notif;
3959 priv->rx_handlers[PM_SLEEP_NOTIFICATION] = iwl4965_rx_pm_sleep_notif;
3960 priv->rx_handlers[PM_DEBUG_STATISTIC_NOTIFIC] =
3961 iwl4965_rx_pm_debug_statistics_notif;
3962 priv->rx_handlers[BEACON_NOTIFICATION] = iwl4965_rx_beacon_notif;
3965 * The same handler is used for both the REPLY to a discrete
3966 * statistics request from the host as well as for the periodic
3967 * statistics notifications (after received beacons) from the uCode.
3969 priv->rx_handlers[REPLY_STATISTICS_CMD] = iwl4965_hw_rx_statistics;
3970 priv->rx_handlers[STATISTICS_NOTIFICATION] = iwl4965_hw_rx_statistics;
3972 priv->rx_handlers[REPLY_SCAN_CMD] = iwl4965_rx_reply_scan;
3973 priv->rx_handlers[SCAN_START_NOTIFICATION] = iwl4965_rx_scan_start_notif;
3974 priv->rx_handlers[SCAN_RESULTS_NOTIFICATION] =
3975 iwl4965_rx_scan_results_notif;
3976 priv->rx_handlers[SCAN_COMPLETE_NOTIFICATION] =
3977 iwl4965_rx_scan_complete_notif;
3978 priv->rx_handlers[CARD_STATE_NOTIFICATION] = iwl4965_rx_card_state_notif;
3979 priv->rx_handlers[REPLY_TX] = iwl4965_rx_reply_tx;
3981 /* Set up hardware specific Rx handlers */
3982 iwl4965_hw_rx_handler_setup(priv);
3986 * iwl4965_tx_cmd_complete - Pull unused buffers off the queue and reclaim them
3987 * @rxb: Rx buffer to reclaim
3989 * If an Rx buffer has an async callback associated with it the callback
3990 * will be executed. The attached skb (if present) will only be freed
3991 * if the callback returns 1
3993 static void iwl4965_tx_cmd_complete(struct iwl4965_priv *priv,
3994 struct iwl4965_rx_mem_buffer *rxb)
3996 struct iwl4965_rx_packet *pkt = (struct iwl4965_rx_packet *)rxb->skb->data;
3997 u16 sequence = le16_to_cpu(pkt->hdr.sequence);
3998 int txq_id = SEQ_TO_QUEUE(sequence);
3999 int index = SEQ_TO_INDEX(sequence);
4000 int huge = sequence & SEQ_HUGE_FRAME;
4002 struct iwl4965_cmd *cmd;
4004 /* If a Tx command is being handled and it isn't in the actual
4005 * command queue then there a command routing bug has been introduced
4006 * in the queue management code. */
4007 if (txq_id != IWL_CMD_QUEUE_NUM)
4008 IWL_ERROR("Error wrong command queue %d command id 0x%X\n",
4009 txq_id, pkt->hdr.cmd);
4010 BUG_ON(txq_id != IWL_CMD_QUEUE_NUM);
4012 cmd_index = get_cmd_index(&priv->txq[IWL_CMD_QUEUE_NUM].q, index, huge);
4013 cmd = &priv->txq[IWL_CMD_QUEUE_NUM].cmd[cmd_index];
4015 /* Input error checking is done when commands are added to queue. */
4016 if (cmd->meta.flags & CMD_WANT_SKB) {
4017 cmd->meta.source->u.skb = rxb->skb;
4019 } else if (cmd->meta.u.callback &&
4020 !cmd->meta.u.callback(priv, cmd, rxb->skb))
4023 iwl4965_tx_queue_reclaim(priv, txq_id, index);
4025 if (!(cmd->meta.flags & CMD_ASYNC)) {
4026 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
4027 wake_up_interruptible(&priv->wait_command_queue);
4031 /************************** RX-FUNCTIONS ****************************/
4033 * Rx theory of operation
4035 * Driver allocates a circular buffer of Receive Buffer Descriptors (RBDs),
4036 * each of which point to Receive Buffers to be filled by 4965. These get
4037 * used not only for Rx frames, but for any command response or notification
4038 * from the 4965. The driver and 4965 manage the Rx buffers by means
4039 * of indexes into the circular buffer.
4042 * The host/firmware share two index registers for managing the Rx buffers.
4044 * The READ index maps to the first position that the firmware may be writing
4045 * to -- the driver can read up to (but not including) this position and get
4047 * The READ index is managed by the firmware once the card is enabled.
4049 * The WRITE index maps to the last position the driver has read from -- the
4050 * position preceding WRITE is the last slot the firmware can place a packet.
4052 * The queue is empty (no good data) if WRITE = READ - 1, and is full if
4055 * During initialization, the host sets up the READ queue position to the first
4056 * INDEX position, and WRITE to the last (READ - 1 wrapped)
4058 * When the firmware places a packet in a buffer, it will advance the READ index
4059 * and fire the RX interrupt. The driver can then query the READ index and
4060 * process as many packets as possible, moving the WRITE index forward as it
4061 * resets the Rx queue buffers with new memory.
4063 * The management in the driver is as follows:
4064 * + A list of pre-allocated SKBs is stored in iwl->rxq->rx_free. When
4065 * iwl->rxq->free_count drops to or below RX_LOW_WATERMARK, work is scheduled
4066 * to replenish the iwl->rxq->rx_free.
4067 * + In iwl4965_rx_replenish (scheduled) if 'processed' != 'read' then the
4068 * iwl->rxq is replenished and the READ INDEX is updated (updating the
4069 * 'processed' and 'read' driver indexes as well)
4070 * + A received packet is processed and handed to the kernel network stack,
4071 * detached from the iwl->rxq. The driver 'processed' index is updated.
4072 * + The Host/Firmware iwl->rxq is replenished at tasklet time from the rx_free
4073 * list. If there are no allocated buffers in iwl->rxq->rx_free, the READ
4074 * INDEX is not incremented and iwl->status(RX_STALLED) is set. If there
4075 * were enough free buffers and RX_STALLED is set it is cleared.
4080 * iwl4965_rx_queue_alloc() Allocates rx_free
4081 * iwl4965_rx_replenish() Replenishes rx_free list from rx_used, and calls
4082 * iwl4965_rx_queue_restock
4083 * iwl4965_rx_queue_restock() Moves available buffers from rx_free into Rx
4084 * queue, updates firmware pointers, and updates
4085 * the WRITE index. If insufficient rx_free buffers
4086 * are available, schedules iwl4965_rx_replenish
4088 * -- enable interrupts --
4089 * ISR - iwl4965_rx() Detach iwl4965_rx_mem_buffers from pool up to the
4090 * READ INDEX, detaching the SKB from the pool.
4091 * Moves the packet buffer from queue to rx_used.
4092 * Calls iwl4965_rx_queue_restock to refill any empty
4099 * iwl4965_rx_queue_space - Return number of free slots available in queue.
4101 static int iwl4965_rx_queue_space(const struct iwl4965_rx_queue *q)
4103 int s = q->read - q->write;
4106 /* keep some buffer to not confuse full and empty queue */
4114 * iwl4965_rx_queue_update_write_ptr - Update the write pointer for the RX queue
4116 int iwl4965_rx_queue_update_write_ptr(struct iwl4965_priv *priv, struct iwl4965_rx_queue *q)
4120 unsigned long flags;
4122 spin_lock_irqsave(&q->lock, flags);
4124 if (q->need_update == 0)
4127 /* If power-saving is in use, make sure device is awake */
4128 if (test_bit(STATUS_POWER_PMI, &priv->status)) {
4129 reg = iwl4965_read32(priv, CSR_UCODE_DRV_GP1);
4131 if (reg & CSR_UCODE_DRV_GP1_BIT_MAC_SLEEP) {
4132 iwl4965_set_bit(priv, CSR_GP_CNTRL,
4133 CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
4137 rc = iwl4965_grab_nic_access(priv);
4141 /* Device expects a multiple of 8 */
4142 iwl4965_write_direct32(priv, FH_RSCSR_CHNL0_WPTR,
4144 iwl4965_release_nic_access(priv);
4146 /* Else device is assumed to be awake */
4148 /* Device expects a multiple of 8 */
4149 iwl4965_write32(priv, FH_RSCSR_CHNL0_WPTR, q->write & ~0x7);
4155 spin_unlock_irqrestore(&q->lock, flags);
4160 * iwl4965_dma_addr2rbd_ptr - convert a DMA address to a uCode read buffer ptr
4162 static inline __le32 iwl4965_dma_addr2rbd_ptr(struct iwl4965_priv *priv,
4163 dma_addr_t dma_addr)
4165 return cpu_to_le32((u32)(dma_addr >> 8));
4170 * iwl4965_rx_queue_restock - refill RX queue from pre-allocated pool
4172 * If there are slots in the RX queue that need to be restocked,
4173 * and we have free pre-allocated buffers, fill the ranks as much
4174 * as we can, pulling from rx_free.
4176 * This moves the 'write' index forward to catch up with 'processed', and
4177 * also updates the memory address in the firmware to reference the new
4180 static int iwl4965_rx_queue_restock(struct iwl4965_priv *priv)
4182 struct iwl4965_rx_queue *rxq = &priv->rxq;
4183 struct list_head *element;
4184 struct iwl4965_rx_mem_buffer *rxb;
4185 unsigned long flags;
4188 spin_lock_irqsave(&rxq->lock, flags);
4189 write = rxq->write & ~0x7;
4190 while ((iwl4965_rx_queue_space(rxq) > 0) && (rxq->free_count)) {
4191 /* Get next free Rx buffer, remove from free list */
4192 element = rxq->rx_free.next;
4193 rxb = list_entry(element, struct iwl4965_rx_mem_buffer, list);
4196 /* Point to Rx buffer via next RBD in circular buffer */
4197 rxq->bd[rxq->write] = iwl4965_dma_addr2rbd_ptr(priv, rxb->dma_addr);
4198 rxq->queue[rxq->write] = rxb;
4199 rxq->write = (rxq->write + 1) & RX_QUEUE_MASK;
4202 spin_unlock_irqrestore(&rxq->lock, flags);
4203 /* If the pre-allocated buffer pool is dropping low, schedule to
4205 if (rxq->free_count <= RX_LOW_WATERMARK)
4206 queue_work(priv->workqueue, &priv->rx_replenish);
4209 /* If we've added more space for the firmware to place data, tell it.
4210 * Increment device's write pointer in multiples of 8. */
4211 if ((write != (rxq->write & ~0x7))
4212 || (abs(rxq->write - rxq->read) > 7)) {
4213 spin_lock_irqsave(&rxq->lock, flags);
4214 rxq->need_update = 1;
4215 spin_unlock_irqrestore(&rxq->lock, flags);
4216 rc = iwl4965_rx_queue_update_write_ptr(priv, rxq);
4225 * iwl4965_rx_replenish - Move all used packet from rx_used to rx_free
4227 * When moving to rx_free an SKB is allocated for the slot.
4229 * Also restock the Rx queue via iwl4965_rx_queue_restock.
4230 * This is called as a scheduled work item (except for during initialization)
4232 static void iwl4965_rx_allocate(struct iwl4965_priv *priv)
4234 struct iwl4965_rx_queue *rxq = &priv->rxq;
4235 struct list_head *element;
4236 struct iwl4965_rx_mem_buffer *rxb;
4237 unsigned long flags;
4238 spin_lock_irqsave(&rxq->lock, flags);
4239 while (!list_empty(&rxq->rx_used)) {
4240 element = rxq->rx_used.next;
4241 rxb = list_entry(element, struct iwl4965_rx_mem_buffer, list);
4243 /* Alloc a new receive buffer */
4245 alloc_skb(priv->hw_setting.rx_buf_size,
4246 __GFP_NOWARN | GFP_ATOMIC);
4248 if (net_ratelimit())
4249 printk(KERN_CRIT DRV_NAME
4250 ": Can not allocate SKB buffers\n");
4251 /* We don't reschedule replenish work here -- we will
4252 * call the restock method and if it still needs
4253 * more buffers it will schedule replenish */
4256 priv->alloc_rxb_skb++;
4259 /* Get physical address of RB/SKB */
4261 pci_map_single(priv->pci_dev, rxb->skb->data,
4262 priv->hw_setting.rx_buf_size, PCI_DMA_FROMDEVICE);
4263 list_add_tail(&rxb->list, &rxq->rx_free);
4266 spin_unlock_irqrestore(&rxq->lock, flags);
4270 * this should be called while priv->lock is locked
4272 static void __iwl4965_rx_replenish(void *data)
4274 struct iwl4965_priv *priv = data;
4276 iwl4965_rx_allocate(priv);
4277 iwl4965_rx_queue_restock(priv);
4281 void iwl4965_rx_replenish(void *data)
4283 struct iwl4965_priv *priv = data;
4284 unsigned long flags;
4286 iwl4965_rx_allocate(priv);
4288 spin_lock_irqsave(&priv->lock, flags);
4289 iwl4965_rx_queue_restock(priv);
4290 spin_unlock_irqrestore(&priv->lock, flags);
4293 /* Assumes that the skb field of the buffers in 'pool' is kept accurate.
4294 * If an SKB has been detached, the POOL needs to have its SKB set to NULL
4295 * This free routine walks the list of POOL entries and if SKB is set to
4296 * non NULL it is unmapped and freed
4298 static void iwl4965_rx_queue_free(struct iwl4965_priv *priv, struct iwl4965_rx_queue *rxq)
4301 for (i = 0; i < RX_QUEUE_SIZE + RX_FREE_BUFFERS; i++) {
4302 if (rxq->pool[i].skb != NULL) {
4303 pci_unmap_single(priv->pci_dev,
4304 rxq->pool[i].dma_addr,
4305 priv->hw_setting.rx_buf_size,
4306 PCI_DMA_FROMDEVICE);
4307 dev_kfree_skb(rxq->pool[i].skb);
4311 pci_free_consistent(priv->pci_dev, 4 * RX_QUEUE_SIZE, rxq->bd,
4316 int iwl4965_rx_queue_alloc(struct iwl4965_priv *priv)
4318 struct iwl4965_rx_queue *rxq = &priv->rxq;
4319 struct pci_dev *dev = priv->pci_dev;
4322 spin_lock_init(&rxq->lock);
4323 INIT_LIST_HEAD(&rxq->rx_free);
4324 INIT_LIST_HEAD(&rxq->rx_used);
4326 /* Alloc the circular buffer of Read Buffer Descriptors (RBDs) */
4327 rxq->bd = pci_alloc_consistent(dev, 4 * RX_QUEUE_SIZE, &rxq->dma_addr);
4331 /* Fill the rx_used queue with _all_ of the Rx buffers */
4332 for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++)
4333 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
4335 /* Set us so that we have processed and used all buffers, but have
4336 * not restocked the Rx queue with fresh buffers */
4337 rxq->read = rxq->write = 0;
4338 rxq->free_count = 0;
4339 rxq->need_update = 0;
4343 void iwl4965_rx_queue_reset(struct iwl4965_priv *priv, struct iwl4965_rx_queue *rxq)
4345 unsigned long flags;
4347 spin_lock_irqsave(&rxq->lock, flags);
4348 INIT_LIST_HEAD(&rxq->rx_free);
4349 INIT_LIST_HEAD(&rxq->rx_used);
4350 /* Fill the rx_used queue with _all_ of the Rx buffers */
4351 for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++) {
4352 /* In the reset function, these buffers may have been allocated
4353 * to an SKB, so we need to unmap and free potential storage */
4354 if (rxq->pool[i].skb != NULL) {
4355 pci_unmap_single(priv->pci_dev,
4356 rxq->pool[i].dma_addr,
4357 priv->hw_setting.rx_buf_size,
4358 PCI_DMA_FROMDEVICE);
4359 priv->alloc_rxb_skb--;
4360 dev_kfree_skb(rxq->pool[i].skb);
4361 rxq->pool[i].skb = NULL;
4363 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
4366 /* Set us so that we have processed and used all buffers, but have
4367 * not restocked the Rx queue with fresh buffers */
4368 rxq->read = rxq->write = 0;
4369 rxq->free_count = 0;
4370 spin_unlock_irqrestore(&rxq->lock, flags);
4373 /* Convert linear signal-to-noise ratio into dB */
4374 static u8 ratio2dB[100] = {
4375 /* 0 1 2 3 4 5 6 7 8 9 */
4376 0, 0, 6, 10, 12, 14, 16, 17, 18, 19, /* 00 - 09 */
4377 20, 21, 22, 22, 23, 23, 24, 25, 26, 26, /* 10 - 19 */
4378 26, 26, 26, 27, 27, 28, 28, 28, 29, 29, /* 20 - 29 */
4379 29, 30, 30, 30, 31, 31, 31, 31, 32, 32, /* 30 - 39 */
4380 32, 32, 32, 33, 33, 33, 33, 33, 34, 34, /* 40 - 49 */
4381 34, 34, 34, 34, 35, 35, 35, 35, 35, 35, /* 50 - 59 */
4382 36, 36, 36, 36, 36, 36, 36, 37, 37, 37, /* 60 - 69 */
4383 37, 37, 37, 37, 37, 38, 38, 38, 38, 38, /* 70 - 79 */
4384 38, 38, 38, 38, 38, 39, 39, 39, 39, 39, /* 80 - 89 */
4385 39, 39, 39, 39, 39, 40, 40, 40, 40, 40 /* 90 - 99 */
4388 /* Calculates a relative dB value from a ratio of linear
4389 * (i.e. not dB) signal levels.
4390 * Conversion assumes that levels are voltages (20*log), not powers (10*log). */
4391 int iwl4965_calc_db_from_ratio(int sig_ratio)
4393 /* 1000:1 or higher just report as 60 dB */
4394 if (sig_ratio >= 1000)
4397 /* 100:1 or higher, divide by 10 and use table,
4398 * add 20 dB to make up for divide by 10 */
4399 if (sig_ratio >= 100)
4400 return (20 + (int)ratio2dB[sig_ratio/10]);
4402 /* We shouldn't see this */
4406 /* Use table for ratios 1:1 - 99:1 */
4407 return (int)ratio2dB[sig_ratio];
4410 #define PERFECT_RSSI (-20) /* dBm */
4411 #define WORST_RSSI (-95) /* dBm */
4412 #define RSSI_RANGE (PERFECT_RSSI - WORST_RSSI)
4414 /* Calculate an indication of rx signal quality (a percentage, not dBm!).
4415 * See http://www.ces.clemson.edu/linux/signal_quality.shtml for info
4416 * about formulas used below. */
4417 int iwl4965_calc_sig_qual(int rssi_dbm, int noise_dbm)
4420 int degradation = PERFECT_RSSI - rssi_dbm;
4422 /* If we get a noise measurement, use signal-to-noise ratio (SNR)
4423 * as indicator; formula is (signal dbm - noise dbm).
4424 * SNR at or above 40 is a great signal (100%).
4425 * Below that, scale to fit SNR of 0 - 40 dB within 0 - 100% indicator.
4426 * Weakest usable signal is usually 10 - 15 dB SNR. */
4428 if (rssi_dbm - noise_dbm >= 40)
4430 else if (rssi_dbm < noise_dbm)
4432 sig_qual = ((rssi_dbm - noise_dbm) * 5) / 2;
4434 /* Else use just the signal level.
4435 * This formula is a least squares fit of data points collected and
4436 * compared with a reference system that had a percentage (%) display
4437 * for signal quality. */
4439 sig_qual = (100 * (RSSI_RANGE * RSSI_RANGE) - degradation *
4440 (15 * RSSI_RANGE + 62 * degradation)) /
4441 (RSSI_RANGE * RSSI_RANGE);
4445 else if (sig_qual < 1)
4452 * iwl4965_rx_handle - Main entry function for receiving responses from uCode
4454 * Uses the priv->rx_handlers callback function array to invoke
4455 * the appropriate handlers, including command responses,
4456 * frame-received notifications, and other notifications.
4458 static void iwl4965_rx_handle(struct iwl4965_priv *priv)
4460 struct iwl4965_rx_mem_buffer *rxb;
4461 struct iwl4965_rx_packet *pkt;
4462 struct iwl4965_rx_queue *rxq = &priv->rxq;
4465 unsigned long flags;
4469 /* uCode's read index (stored in shared DRAM) indicates the last Rx
4470 * buffer that the driver may process (last buffer filled by ucode). */
4471 r = iwl4965_hw_get_rx_read(priv);
4474 /* Rx interrupt, but nothing sent from uCode */
4476 IWL_DEBUG(IWL_DL_RX | IWL_DL_ISR, "r = %d, i = %d\n", r, i);
4478 if (iwl4965_rx_queue_space(rxq) > (RX_QUEUE_SIZE / 2))
4482 rxb = rxq->queue[i];
4484 /* If an RXB doesn't have a Rx queue slot associated with it,
4485 * then a bug has been introduced in the queue refilling
4486 * routines -- catch it here */
4487 BUG_ON(rxb == NULL);
4489 rxq->queue[i] = NULL;
4491 pci_dma_sync_single_for_cpu(priv->pci_dev, rxb->dma_addr,
4492 priv->hw_setting.rx_buf_size,
4493 PCI_DMA_FROMDEVICE);
4494 pkt = (struct iwl4965_rx_packet *)rxb->skb->data;
4496 /* Reclaim a command buffer only if this packet is a response
4497 * to a (driver-originated) command.
4498 * If the packet (e.g. Rx frame) originated from uCode,
4499 * there is no command buffer to reclaim.
4500 * Ucode should set SEQ_RX_FRAME bit if ucode-originated,
4501 * but apparently a few don't get set; catch them here. */
4502 reclaim = !(pkt->hdr.sequence & SEQ_RX_FRAME) &&
4503 (pkt->hdr.cmd != REPLY_RX_PHY_CMD) &&
4504 (pkt->hdr.cmd != REPLY_4965_RX) &&
4505 (pkt->hdr.cmd != REPLY_COMPRESSED_BA) &&
4506 (pkt->hdr.cmd != STATISTICS_NOTIFICATION) &&
4507 (pkt->hdr.cmd != REPLY_TX);
4509 /* Based on type of command response or notification,
4510 * handle those that need handling via function in
4511 * rx_handlers table. See iwl4965_setup_rx_handlers() */
4512 if (priv->rx_handlers[pkt->hdr.cmd]) {
4513 IWL_DEBUG(IWL_DL_HOST_COMMAND | IWL_DL_RX | IWL_DL_ISR,
4514 "r = %d, i = %d, %s, 0x%02x\n", r, i,
4515 get_cmd_string(pkt->hdr.cmd), pkt->hdr.cmd);
4516 priv->rx_handlers[pkt->hdr.cmd] (priv, rxb);
4518 /* No handling needed */
4519 IWL_DEBUG(IWL_DL_HOST_COMMAND | IWL_DL_RX | IWL_DL_ISR,
4520 "r %d i %d No handler needed for %s, 0x%02x\n",
4521 r, i, get_cmd_string(pkt->hdr.cmd),
4526 /* Invoke any callbacks, transfer the skb to caller, and
4527 * fire off the (possibly) blocking iwl4965_send_cmd()
4528 * as we reclaim the driver command queue */
4529 if (rxb && rxb->skb)
4530 iwl4965_tx_cmd_complete(priv, rxb);
4532 IWL_WARNING("Claim null rxb?\n");
4535 /* For now we just don't re-use anything. We can tweak this
4536 * later to try and re-use notification packets and SKBs that
4537 * fail to Rx correctly */
4538 if (rxb->skb != NULL) {
4539 priv->alloc_rxb_skb--;
4540 dev_kfree_skb_any(rxb->skb);
4544 pci_unmap_single(priv->pci_dev, rxb->dma_addr,
4545 priv->hw_setting.rx_buf_size,
4546 PCI_DMA_FROMDEVICE);
4547 spin_lock_irqsave(&rxq->lock, flags);
4548 list_add_tail(&rxb->list, &priv->rxq.rx_used);
4549 spin_unlock_irqrestore(&rxq->lock, flags);
4550 i = (i + 1) & RX_QUEUE_MASK;
4551 /* If there are a lot of unused frames,
4552 * restock the Rx queue so ucode wont assert. */
4557 __iwl4965_rx_replenish(priv);
4563 /* Backtrack one entry */
4565 iwl4965_rx_queue_restock(priv);
4569 * iwl4965_tx_queue_update_write_ptr - Send new write index to hardware
4571 static int iwl4965_tx_queue_update_write_ptr(struct iwl4965_priv *priv,
4572 struct iwl4965_tx_queue *txq)
4576 int txq_id = txq->q.id;
4578 if (txq->need_update == 0)
4581 /* if we're trying to save power */
4582 if (test_bit(STATUS_POWER_PMI, &priv->status)) {
4583 /* wake up nic if it's powered down ...
4584 * uCode will wake up, and interrupt us again, so next
4585 * time we'll skip this part. */
4586 reg = iwl4965_read32(priv, CSR_UCODE_DRV_GP1);
4588 if (reg & CSR_UCODE_DRV_GP1_BIT_MAC_SLEEP) {
4589 IWL_DEBUG_INFO("Requesting wakeup, GP1 = 0x%x\n", reg);
4590 iwl4965_set_bit(priv, CSR_GP_CNTRL,
4591 CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
4595 /* restore this queue's parameters in nic hardware. */
4596 rc = iwl4965_grab_nic_access(priv);
4599 iwl4965_write_direct32(priv, HBUS_TARG_WRPTR,
4600 txq->q.write_ptr | (txq_id << 8));
4601 iwl4965_release_nic_access(priv);
4603 /* else not in power-save mode, uCode will never sleep when we're
4604 * trying to tx (during RFKILL, we're not trying to tx). */
4606 iwl4965_write32(priv, HBUS_TARG_WRPTR,
4607 txq->q.write_ptr | (txq_id << 8));
4609 txq->need_update = 0;
4614 #ifdef CONFIG_IWL4965_DEBUG
4615 static void iwl4965_print_rx_config_cmd(struct iwl4965_rxon_cmd *rxon)
4617 DECLARE_MAC_BUF(mac);
4619 IWL_DEBUG_RADIO("RX CONFIG:\n");
4620 iwl4965_print_hex_dump(IWL_DL_RADIO, (u8 *) rxon, sizeof(*rxon));
4621 IWL_DEBUG_RADIO("u16 channel: 0x%x\n", le16_to_cpu(rxon->channel));
4622 IWL_DEBUG_RADIO("u32 flags: 0x%08X\n", le32_to_cpu(rxon->flags));
4623 IWL_DEBUG_RADIO("u32 filter_flags: 0x%08x\n",
4624 le32_to_cpu(rxon->filter_flags));
4625 IWL_DEBUG_RADIO("u8 dev_type: 0x%x\n", rxon->dev_type);
4626 IWL_DEBUG_RADIO("u8 ofdm_basic_rates: 0x%02x\n",
4627 rxon->ofdm_basic_rates);
4628 IWL_DEBUG_RADIO("u8 cck_basic_rates: 0x%02x\n", rxon->cck_basic_rates);
4629 IWL_DEBUG_RADIO("u8[6] node_addr: %s\n",
4630 print_mac(mac, rxon->node_addr));
4631 IWL_DEBUG_RADIO("u8[6] bssid_addr: %s\n",
4632 print_mac(mac, rxon->bssid_addr));
4633 IWL_DEBUG_RADIO("u16 assoc_id: 0x%x\n", le16_to_cpu(rxon->assoc_id));
4637 static void iwl4965_enable_interrupts(struct iwl4965_priv *priv)
4639 IWL_DEBUG_ISR("Enabling interrupts\n");
4640 set_bit(STATUS_INT_ENABLED, &priv->status);
4641 iwl4965_write32(priv, CSR_INT_MASK, CSR_INI_SET_MASK);
4644 static inline void iwl4965_disable_interrupts(struct iwl4965_priv *priv)
4646 clear_bit(STATUS_INT_ENABLED, &priv->status);
4648 /* disable interrupts from uCode/NIC to host */
4649 iwl4965_write32(priv, CSR_INT_MASK, 0x00000000);
4651 /* acknowledge/clear/reset any interrupts still pending
4652 * from uCode or flow handler (Rx/Tx DMA) */
4653 iwl4965_write32(priv, CSR_INT, 0xffffffff);
4654 iwl4965_write32(priv, CSR_FH_INT_STATUS, 0xffffffff);
4655 IWL_DEBUG_ISR("Disabled interrupts\n");
4658 static const char *desc_lookup(int i)
4666 return "BAD_CHECKSUM";
4668 return "NMI_INTERRUPT";
4672 return "FATAL_ERROR";
4678 #define ERROR_START_OFFSET (1 * sizeof(u32))
4679 #define ERROR_ELEM_SIZE (7 * sizeof(u32))
4681 static void iwl4965_dump_nic_error_log(struct iwl4965_priv *priv)
4684 u32 desc, time, count, base, data1;
4685 u32 blink1, blink2, ilink1, ilink2;
4688 base = le32_to_cpu(priv->card_alive.error_event_table_ptr);
4690 if (!iwl4965_hw_valid_rtc_data_addr(base)) {
4691 IWL_ERROR("Not valid error log pointer 0x%08X\n", base);
4695 rc = iwl4965_grab_nic_access(priv);
4697 IWL_WARNING("Can not read from adapter at this time.\n");
4701 count = iwl4965_read_targ_mem(priv, base);
4703 if (ERROR_START_OFFSET <= count * ERROR_ELEM_SIZE) {
4704 IWL_ERROR("Start IWL Error Log Dump:\n");
4705 IWL_ERROR("Status: 0x%08lX, count: %d\n", priv->status, count);
4708 desc = iwl4965_read_targ_mem(priv, base + 1 * sizeof(u32));
4709 blink1 = iwl4965_read_targ_mem(priv, base + 3 * sizeof(u32));
4710 blink2 = iwl4965_read_targ_mem(priv, base + 4 * sizeof(u32));
4711 ilink1 = iwl4965_read_targ_mem(priv, base + 5 * sizeof(u32));
4712 ilink2 = iwl4965_read_targ_mem(priv, base + 6 * sizeof(u32));
4713 data1 = iwl4965_read_targ_mem(priv, base + 7 * sizeof(u32));
4714 data2 = iwl4965_read_targ_mem(priv, base + 8 * sizeof(u32));
4715 line = iwl4965_read_targ_mem(priv, base + 9 * sizeof(u32));
4716 time = iwl4965_read_targ_mem(priv, base + 11 * sizeof(u32));
4718 IWL_ERROR("Desc Time "
4719 "data1 data2 line\n");
4720 IWL_ERROR("%-13s (#%d) %010u 0x%08X 0x%08X %u\n",
4721 desc_lookup(desc), desc, time, data1, data2, line);
4722 IWL_ERROR("blink1 blink2 ilink1 ilink2\n");
4723 IWL_ERROR("0x%05X 0x%05X 0x%05X 0x%05X\n", blink1, blink2,
4726 iwl4965_release_nic_access(priv);
4729 #define EVENT_START_OFFSET (4 * sizeof(u32))
4732 * iwl4965_print_event_log - Dump error event log to syslog
4734 * NOTE: Must be called with iwl4965_grab_nic_access() already obtained!
4736 static void iwl4965_print_event_log(struct iwl4965_priv *priv, u32 start_idx,
4737 u32 num_events, u32 mode)
4740 u32 base; /* SRAM byte address of event log header */
4741 u32 event_size; /* 2 u32s, or 3 u32s if timestamp recorded */
4742 u32 ptr; /* SRAM byte address of log data */
4743 u32 ev, time, data; /* event log data */
4745 if (num_events == 0)
4748 base = le32_to_cpu(priv->card_alive.log_event_table_ptr);
4751 event_size = 2 * sizeof(u32);
4753 event_size = 3 * sizeof(u32);
4755 ptr = base + EVENT_START_OFFSET + (start_idx * event_size);
4757 /* "time" is actually "data" for mode 0 (no timestamp).
4758 * place event id # at far right for easier visual parsing. */
4759 for (i = 0; i < num_events; i++) {
4760 ev = iwl4965_read_targ_mem(priv, ptr);
4762 time = iwl4965_read_targ_mem(priv, ptr);
4765 IWL_ERROR("0x%08x\t%04u\n", time, ev); /* data, ev */
4767 data = iwl4965_read_targ_mem(priv, ptr);
4769 IWL_ERROR("%010u\t0x%08x\t%04u\n", time, data, ev);
4774 static void iwl4965_dump_nic_event_log(struct iwl4965_priv *priv)
4777 u32 base; /* SRAM byte address of event log header */
4778 u32 capacity; /* event log capacity in # entries */
4779 u32 mode; /* 0 - no timestamp, 1 - timestamp recorded */
4780 u32 num_wraps; /* # times uCode wrapped to top of log */
4781 u32 next_entry; /* index of next entry to be written by uCode */
4782 u32 size; /* # entries that we'll print */
4784 base = le32_to_cpu(priv->card_alive.log_event_table_ptr);
4785 if (!iwl4965_hw_valid_rtc_data_addr(base)) {
4786 IWL_ERROR("Invalid event log pointer 0x%08X\n", base);
4790 rc = iwl4965_grab_nic_access(priv);
4792 IWL_WARNING("Can not read from adapter at this time.\n");
4796 /* event log header */
4797 capacity = iwl4965_read_targ_mem(priv, base);
4798 mode = iwl4965_read_targ_mem(priv, base + (1 * sizeof(u32)));
4799 num_wraps = iwl4965_read_targ_mem(priv, base + (2 * sizeof(u32)));
4800 next_entry = iwl4965_read_targ_mem(priv, base + (3 * sizeof(u32)));
4802 size = num_wraps ? capacity : next_entry;
4804 /* bail out if nothing in log */
4806 IWL_ERROR("Start IWL Event Log Dump: nothing in log\n");
4807 iwl4965_release_nic_access(priv);
4811 IWL_ERROR("Start IWL Event Log Dump: display count %d, wraps %d\n",
4814 /* if uCode has wrapped back to top of log, start at the oldest entry,
4815 * i.e the next one that uCode would fill. */
4817 iwl4965_print_event_log(priv, next_entry,
4818 capacity - next_entry, mode);
4820 /* (then/else) start at top of log */
4821 iwl4965_print_event_log(priv, 0, next_entry, mode);
4823 iwl4965_release_nic_access(priv);
4827 * iwl4965_irq_handle_error - called for HW or SW error interrupt from card
4829 static void iwl4965_irq_handle_error(struct iwl4965_priv *priv)
4831 /* Set the FW error flag -- cleared on iwl4965_down */
4832 set_bit(STATUS_FW_ERROR, &priv->status);
4834 /* Cancel currently queued command. */
4835 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
4837 #ifdef CONFIG_IWL4965_DEBUG
4838 if (iwl4965_debug_level & IWL_DL_FW_ERRORS) {
4839 iwl4965_dump_nic_error_log(priv);
4840 iwl4965_dump_nic_event_log(priv);
4841 iwl4965_print_rx_config_cmd(&priv->staging_rxon);
4845 wake_up_interruptible(&priv->wait_command_queue);
4847 /* Keep the restart process from trying to send host
4848 * commands by clearing the INIT status bit */
4849 clear_bit(STATUS_READY, &priv->status);
4851 if (!test_bit(STATUS_EXIT_PENDING, &priv->status)) {
4852 IWL_DEBUG(IWL_DL_INFO | IWL_DL_FW_ERRORS,
4853 "Restarting adapter due to uCode error.\n");
4855 if (iwl4965_is_associated(priv)) {
4856 memcpy(&priv->recovery_rxon, &priv->active_rxon,
4857 sizeof(priv->recovery_rxon));
4858 priv->error_recovering = 1;
4860 queue_work(priv->workqueue, &priv->restart);
4864 static void iwl4965_error_recovery(struct iwl4965_priv *priv)
4866 unsigned long flags;
4868 memcpy(&priv->staging_rxon, &priv->recovery_rxon,
4869 sizeof(priv->staging_rxon));
4870 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
4871 iwl4965_commit_rxon(priv);
4873 iwl4965_rxon_add_station(priv, priv->bssid, 1);
4875 spin_lock_irqsave(&priv->lock, flags);
4876 priv->assoc_id = le16_to_cpu(priv->staging_rxon.assoc_id);
4877 priv->error_recovering = 0;
4878 spin_unlock_irqrestore(&priv->lock, flags);
4881 static void iwl4965_irq_tasklet(struct iwl4965_priv *priv)
4883 u32 inta, handled = 0;
4885 unsigned long flags;
4886 #ifdef CONFIG_IWL4965_DEBUG
4890 spin_lock_irqsave(&priv->lock, flags);
4892 /* Ack/clear/reset pending uCode interrupts.
4893 * Note: Some bits in CSR_INT are "OR" of bits in CSR_FH_INT_STATUS,
4894 * and will clear only when CSR_FH_INT_STATUS gets cleared. */
4895 inta = iwl4965_read32(priv, CSR_INT);
4896 iwl4965_write32(priv, CSR_INT, inta);
4898 /* Ack/clear/reset pending flow-handler (DMA) interrupts.
4899 * Any new interrupts that happen after this, either while we're
4900 * in this tasklet, or later, will show up in next ISR/tasklet. */
4901 inta_fh = iwl4965_read32(priv, CSR_FH_INT_STATUS);
4902 iwl4965_write32(priv, CSR_FH_INT_STATUS, inta_fh);
4904 #ifdef CONFIG_IWL4965_DEBUG
4905 if (iwl4965_debug_level & IWL_DL_ISR) {
4906 /* just for debug */
4907 inta_mask = iwl4965_read32(priv, CSR_INT_MASK);
4908 IWL_DEBUG_ISR("inta 0x%08x, enabled 0x%08x, fh 0x%08x\n",
4909 inta, inta_mask, inta_fh);
4913 /* Since CSR_INT and CSR_FH_INT_STATUS reads and clears are not
4914 * atomic, make sure that inta covers all the interrupts that
4915 * we've discovered, even if FH interrupt came in just after
4916 * reading CSR_INT. */
4917 if (inta_fh & CSR49_FH_INT_RX_MASK)
4918 inta |= CSR_INT_BIT_FH_RX;
4919 if (inta_fh & CSR49_FH_INT_TX_MASK)
4920 inta |= CSR_INT_BIT_FH_TX;
4922 /* Now service all interrupt bits discovered above. */
4923 if (inta & CSR_INT_BIT_HW_ERR) {
4924 IWL_ERROR("Microcode HW error detected. Restarting.\n");
4926 /* Tell the device to stop sending interrupts */
4927 iwl4965_disable_interrupts(priv);
4929 iwl4965_irq_handle_error(priv);
4931 handled |= CSR_INT_BIT_HW_ERR;
4933 spin_unlock_irqrestore(&priv->lock, flags);
4938 #ifdef CONFIG_IWL4965_DEBUG
4939 if (iwl4965_debug_level & (IWL_DL_ISR)) {
4940 /* NIC fires this, but we don't use it, redundant with WAKEUP */
4941 if (inta & CSR_INT_BIT_SCD)
4942 IWL_DEBUG_ISR("Scheduler finished to transmit "
4943 "the frame/frames.\n");
4945 /* Alive notification via Rx interrupt will do the real work */
4946 if (inta & CSR_INT_BIT_ALIVE)
4947 IWL_DEBUG_ISR("Alive interrupt\n");
4950 /* Safely ignore these bits for debug checks below */
4951 inta &= ~(CSR_INT_BIT_SCD | CSR_INT_BIT_ALIVE);
4953 /* HW RF KILL switch toggled */
4954 if (inta & CSR_INT_BIT_RF_KILL) {
4956 if (!(iwl4965_read32(priv, CSR_GP_CNTRL) &
4957 CSR_GP_CNTRL_REG_FLAG_HW_RF_KILL_SW))
4960 IWL_DEBUG(IWL_DL_INFO | IWL_DL_RF_KILL | IWL_DL_ISR,
4961 "RF_KILL bit toggled to %s.\n",
4962 hw_rf_kill ? "disable radio":"enable radio");
4964 /* Queue restart only if RF_KILL switch was set to "kill"
4965 * when we loaded driver, and is now set to "enable".
4966 * After we're Alive, RF_KILL gets handled by
4967 * iwl4965_rx_card_state_notif() */
4968 if (!hw_rf_kill && !test_bit(STATUS_ALIVE, &priv->status)) {
4969 clear_bit(STATUS_RF_KILL_HW, &priv->status);
4970 queue_work(priv->workqueue, &priv->restart);
4973 handled |= CSR_INT_BIT_RF_KILL;
4976 /* Chip got too hot and stopped itself */
4977 if (inta & CSR_INT_BIT_CT_KILL) {
4978 IWL_ERROR("Microcode CT kill error detected.\n");
4979 handled |= CSR_INT_BIT_CT_KILL;
4982 /* Error detected by uCode */
4983 if (inta & CSR_INT_BIT_SW_ERR) {
4984 IWL_ERROR("Microcode SW error detected. Restarting 0x%X.\n",
4986 iwl4965_irq_handle_error(priv);
4987 handled |= CSR_INT_BIT_SW_ERR;
4990 /* uCode wakes up after power-down sleep */
4991 if (inta & CSR_INT_BIT_WAKEUP) {
4992 IWL_DEBUG_ISR("Wakeup interrupt\n");
4993 iwl4965_rx_queue_update_write_ptr(priv, &priv->rxq);
4994 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[0]);
4995 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[1]);
4996 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[2]);
4997 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[3]);
4998 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[4]);
4999 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[5]);
5001 handled |= CSR_INT_BIT_WAKEUP;
5004 /* All uCode command responses, including Tx command responses,
5005 * Rx "responses" (frame-received notification), and other
5006 * notifications from uCode come through here*/
5007 if (inta & (CSR_INT_BIT_FH_RX | CSR_INT_BIT_SW_RX)) {
5008 iwl4965_rx_handle(priv);
5009 handled |= (CSR_INT_BIT_FH_RX | CSR_INT_BIT_SW_RX);
5012 if (inta & CSR_INT_BIT_FH_TX) {
5013 IWL_DEBUG_ISR("Tx interrupt\n");
5014 handled |= CSR_INT_BIT_FH_TX;
5017 if (inta & ~handled)
5018 IWL_ERROR("Unhandled INTA bits 0x%08x\n", inta & ~handled);
5020 if (inta & ~CSR_INI_SET_MASK) {
5021 IWL_WARNING("Disabled INTA bits 0x%08x were pending\n",
5022 inta & ~CSR_INI_SET_MASK);
5023 IWL_WARNING(" with FH_INT = 0x%08x\n", inta_fh);
5026 /* Re-enable all interrupts */
5027 iwl4965_enable_interrupts(priv);
5029 #ifdef CONFIG_IWL4965_DEBUG
5030 if (iwl4965_debug_level & (IWL_DL_ISR)) {
5031 inta = iwl4965_read32(priv, CSR_INT);
5032 inta_mask = iwl4965_read32(priv, CSR_INT_MASK);
5033 inta_fh = iwl4965_read32(priv, CSR_FH_INT_STATUS);
5034 IWL_DEBUG_ISR("End inta 0x%08x, enabled 0x%08x, fh 0x%08x, "
5035 "flags 0x%08lx\n", inta, inta_mask, inta_fh, flags);
5038 spin_unlock_irqrestore(&priv->lock, flags);
5041 static irqreturn_t iwl4965_isr(int irq, void *data)
5043 struct iwl4965_priv *priv = data;
5044 u32 inta, inta_mask;
5049 spin_lock(&priv->lock);
5051 /* Disable (but don't clear!) interrupts here to avoid
5052 * back-to-back ISRs and sporadic interrupts from our NIC.
5053 * If we have something to service, the tasklet will re-enable ints.
5054 * If we *don't* have something, we'll re-enable before leaving here. */
5055 inta_mask = iwl4965_read32(priv, CSR_INT_MASK); /* just for debug */
5056 iwl4965_write32(priv, CSR_INT_MASK, 0x00000000);
5058 /* Discover which interrupts are active/pending */
5059 inta = iwl4965_read32(priv, CSR_INT);
5060 inta_fh = iwl4965_read32(priv, CSR_FH_INT_STATUS);
5062 /* Ignore interrupt if there's nothing in NIC to service.
5063 * This may be due to IRQ shared with another device,
5064 * or due to sporadic interrupts thrown from our NIC. */
5065 if (!inta && !inta_fh) {
5066 IWL_DEBUG_ISR("Ignore interrupt, inta == 0, inta_fh == 0\n");
5070 if ((inta == 0xFFFFFFFF) || ((inta & 0xFFFFFFF0) == 0xa5a5a5a0)) {
5071 /* Hardware disappeared. It might have already raised
5073 IWL_WARNING("HARDWARE GONE?? INTA == 0x%080x\n", inta);
5077 IWL_DEBUG_ISR("ISR inta 0x%08x, enabled 0x%08x, fh 0x%08x\n",
5078 inta, inta_mask, inta_fh);
5080 inta &= ~CSR_INT_BIT_SCD;
5082 /* iwl4965_irq_tasklet() will service interrupts and re-enable them */
5083 if (likely(inta || inta_fh))
5084 tasklet_schedule(&priv->irq_tasklet);
5087 spin_unlock(&priv->lock);
5091 /* re-enable interrupts here since we don't have anything to service. */
5092 iwl4965_enable_interrupts(priv);
5093 spin_unlock(&priv->lock);
5097 /************************** EEPROM BANDS ****************************
5099 * The iwl4965_eeprom_band definitions below provide the mapping from the
5100 * EEPROM contents to the specific channel number supported for each
5103 * For example, iwl4965_priv->eeprom.band_3_channels[4] from the band_3
5104 * definition below maps to physical channel 42 in the 5.2GHz spectrum.
5105 * The specific geography and calibration information for that channel
5106 * is contained in the eeprom map itself.
5108 * During init, we copy the eeprom information and channel map
5109 * information into priv->channel_info_24/52 and priv->channel_map_24/52
5111 * channel_map_24/52 provides the index in the channel_info array for a
5112 * given channel. We have to have two separate maps as there is channel
5113 * overlap with the 2.4GHz and 5.2GHz spectrum as seen in band_1 and
5116 * A value of 0xff stored in the channel_map indicates that the channel
5117 * is not supported by the hardware at all.
5119 * A value of 0xfe in the channel_map indicates that the channel is not
5120 * valid for Tx with the current hardware. This means that
5121 * while the system can tune and receive on a given channel, it may not
5122 * be able to associate or transmit any frames on that
5123 * channel. There is no corresponding channel information for that
5126 *********************************************************************/
5129 static const u8 iwl4965_eeprom_band_1[14] = {
5130 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
5134 static const u8 iwl4965_eeprom_band_2[] = { /* 4915-5080MHz */
5135 183, 184, 185, 187, 188, 189, 192, 196, 7, 8, 11, 12, 16
5138 static const u8 iwl4965_eeprom_band_3[] = { /* 5170-5320MHz */
5139 34, 36, 38, 40, 42, 44, 46, 48, 52, 56, 60, 64
5142 static const u8 iwl4965_eeprom_band_4[] = { /* 5500-5700MHz */
5143 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140
5146 static const u8 iwl4965_eeprom_band_5[] = { /* 5725-5825MHz */
5147 145, 149, 153, 157, 161, 165
5150 static u8 iwl4965_eeprom_band_6[] = { /* 2.4 FAT channel */
5154 static u8 iwl4965_eeprom_band_7[] = { /* 5.2 FAT channel */
5155 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157
5158 static void iwl4965_init_band_reference(const struct iwl4965_priv *priv,
5160 int *eeprom_ch_count,
5161 const struct iwl4965_eeprom_channel
5163 const u8 **eeprom_ch_index)
5166 case 1: /* 2.4GHz band */
5167 *eeprom_ch_count = ARRAY_SIZE(iwl4965_eeprom_band_1);
5168 *eeprom_ch_info = priv->eeprom.band_1_channels;
5169 *eeprom_ch_index = iwl4965_eeprom_band_1;
5171 case 2: /* 4.9GHz band */
5172 *eeprom_ch_count = ARRAY_SIZE(iwl4965_eeprom_band_2);
5173 *eeprom_ch_info = priv->eeprom.band_2_channels;
5174 *eeprom_ch_index = iwl4965_eeprom_band_2;
5176 case 3: /* 5.2GHz band */
5177 *eeprom_ch_count = ARRAY_SIZE(iwl4965_eeprom_band_3);
5178 *eeprom_ch_info = priv->eeprom.band_3_channels;
5179 *eeprom_ch_index = iwl4965_eeprom_band_3;
5181 case 4: /* 5.5GHz band */
5182 *eeprom_ch_count = ARRAY_SIZE(iwl4965_eeprom_band_4);
5183 *eeprom_ch_info = priv->eeprom.band_4_channels;
5184 *eeprom_ch_index = iwl4965_eeprom_band_4;
5186 case 5: /* 5.7GHz band */
5187 *eeprom_ch_count = ARRAY_SIZE(iwl4965_eeprom_band_5);
5188 *eeprom_ch_info = priv->eeprom.band_5_channels;
5189 *eeprom_ch_index = iwl4965_eeprom_band_5;
5191 case 6: /* 2.4GHz FAT channels */
5192 *eeprom_ch_count = ARRAY_SIZE(iwl4965_eeprom_band_6);
5193 *eeprom_ch_info = priv->eeprom.band_24_channels;
5194 *eeprom_ch_index = iwl4965_eeprom_band_6;
5196 case 7: /* 5 GHz FAT channels */
5197 *eeprom_ch_count = ARRAY_SIZE(iwl4965_eeprom_band_7);
5198 *eeprom_ch_info = priv->eeprom.band_52_channels;
5199 *eeprom_ch_index = iwl4965_eeprom_band_7;
5208 * iwl4965_get_channel_info - Find driver's private channel info
5210 * Based on band and channel number.
5212 const struct iwl4965_channel_info *iwl4965_get_channel_info(const struct iwl4965_priv *priv,
5213 enum ieee80211_band band, u16 channel)
5218 case IEEE80211_BAND_5GHZ:
5219 for (i = 14; i < priv->channel_count; i++) {
5220 if (priv->channel_info[i].channel == channel)
5221 return &priv->channel_info[i];
5224 case IEEE80211_BAND_2GHZ:
5225 if (channel >= 1 && channel <= 14)
5226 return &priv->channel_info[channel - 1];
5235 #define CHECK_AND_PRINT(x) ((eeprom_ch_info[ch].flags & EEPROM_CHANNEL_##x) \
5239 * iwl4965_init_channel_map - Set up driver's info for all possible channels
5241 static int iwl4965_init_channel_map(struct iwl4965_priv *priv)
5243 int eeprom_ch_count = 0;
5244 const u8 *eeprom_ch_index = NULL;
5245 const struct iwl4965_eeprom_channel *eeprom_ch_info = NULL;
5247 struct iwl4965_channel_info *ch_info;
5249 if (priv->channel_count) {
5250 IWL_DEBUG_INFO("Channel map already initialized.\n");
5254 if (priv->eeprom.version < 0x2f) {
5255 IWL_WARNING("Unsupported EEPROM version: 0x%04X\n",
5256 priv->eeprom.version);
5260 IWL_DEBUG_INFO("Initializing regulatory info from EEPROM\n");
5262 priv->channel_count =
5263 ARRAY_SIZE(iwl4965_eeprom_band_1) +
5264 ARRAY_SIZE(iwl4965_eeprom_band_2) +
5265 ARRAY_SIZE(iwl4965_eeprom_band_3) +
5266 ARRAY_SIZE(iwl4965_eeprom_band_4) +
5267 ARRAY_SIZE(iwl4965_eeprom_band_5);
5269 IWL_DEBUG_INFO("Parsing data for %d channels.\n", priv->channel_count);
5271 priv->channel_info = kzalloc(sizeof(struct iwl4965_channel_info) *
5272 priv->channel_count, GFP_KERNEL);
5273 if (!priv->channel_info) {
5274 IWL_ERROR("Could not allocate channel_info\n");
5275 priv->channel_count = 0;
5279 ch_info = priv->channel_info;
5281 /* Loop through the 5 EEPROM bands adding them in order to the
5282 * channel map we maintain (that contains additional information than
5283 * what just in the EEPROM) */
5284 for (band = 1; band <= 5; band++) {
5286 iwl4965_init_band_reference(priv, band, &eeprom_ch_count,
5287 &eeprom_ch_info, &eeprom_ch_index);
5289 /* Loop through each band adding each of the channels */
5290 for (ch = 0; ch < eeprom_ch_count; ch++) {
5291 ch_info->channel = eeprom_ch_index[ch];
5292 ch_info->band = (band == 1) ? IEEE80211_BAND_2GHZ :
5293 IEEE80211_BAND_5GHZ;
5295 /* permanently store EEPROM's channel regulatory flags
5296 * and max power in channel info database. */
5297 ch_info->eeprom = eeprom_ch_info[ch];
5299 /* Copy the run-time flags so they are there even on
5300 * invalid channels */
5301 ch_info->flags = eeprom_ch_info[ch].flags;
5303 if (!(is_channel_valid(ch_info))) {
5304 IWL_DEBUG_INFO("Ch. %d Flags %x [%sGHz] - "
5308 is_channel_a_band(ch_info) ?
5314 /* Initialize regulatory-based run-time data */
5315 ch_info->max_power_avg = ch_info->curr_txpow =
5316 eeprom_ch_info[ch].max_power_avg;
5317 ch_info->scan_power = eeprom_ch_info[ch].max_power_avg;
5318 ch_info->min_power = 0;
5320 IWL_DEBUG_INFO("Ch. %d [%sGHz] %s%s%s%s%s%s%s(0x%02x"
5321 " %ddBm): Ad-Hoc %ssupported\n",
5323 is_channel_a_band(ch_info) ?
5325 CHECK_AND_PRINT(VALID),
5326 CHECK_AND_PRINT(IBSS),
5327 CHECK_AND_PRINT(ACTIVE),
5328 CHECK_AND_PRINT(RADAR),
5329 CHECK_AND_PRINT(WIDE),
5330 CHECK_AND_PRINT(NARROW),
5331 CHECK_AND_PRINT(DFS),
5332 eeprom_ch_info[ch].flags,
5333 eeprom_ch_info[ch].max_power_avg,
5334 ((eeprom_ch_info[ch].
5335 flags & EEPROM_CHANNEL_IBSS)
5336 && !(eeprom_ch_info[ch].
5337 flags & EEPROM_CHANNEL_RADAR))
5340 /* Set the user_txpower_limit to the highest power
5341 * supported by any channel */
5342 if (eeprom_ch_info[ch].max_power_avg >
5343 priv->user_txpower_limit)
5344 priv->user_txpower_limit =
5345 eeprom_ch_info[ch].max_power_avg;
5351 /* Two additional EEPROM bands for 2.4 and 5 GHz FAT channels */
5352 for (band = 6; band <= 7; band++) {
5353 enum ieee80211_band ieeeband;
5354 u8 fat_extension_chan;
5356 iwl4965_init_band_reference(priv, band, &eeprom_ch_count,
5357 &eeprom_ch_info, &eeprom_ch_index);
5359 /* EEPROM band 6 is 2.4, band 7 is 5 GHz */
5360 ieeeband = (band == 6) ? IEEE80211_BAND_2GHZ : IEEE80211_BAND_5GHZ;
5362 /* Loop through each band adding each of the channels */
5363 for (ch = 0; ch < eeprom_ch_count; ch++) {
5366 ((eeprom_ch_index[ch] == 5) ||
5367 (eeprom_ch_index[ch] == 6) ||
5368 (eeprom_ch_index[ch] == 7)))
5369 fat_extension_chan = HT_IE_EXT_CHANNEL_MAX;
5371 fat_extension_chan = HT_IE_EXT_CHANNEL_ABOVE;
5373 /* Set up driver's info for lower half */
5374 iwl4965_set_fat_chan_info(priv, ieeeband,
5375 eeprom_ch_index[ch],
5376 &(eeprom_ch_info[ch]),
5377 fat_extension_chan);
5379 /* Set up driver's info for upper half */
5380 iwl4965_set_fat_chan_info(priv, ieeeband,
5381 (eeprom_ch_index[ch] + 4),
5382 &(eeprom_ch_info[ch]),
5383 HT_IE_EXT_CHANNEL_BELOW);
5391 * iwl4965_free_channel_map - undo allocations in iwl4965_init_channel_map
5393 static void iwl4965_free_channel_map(struct iwl4965_priv *priv)
5395 kfree(priv->channel_info);
5396 priv->channel_count = 0;
5399 /* For active scan, listen ACTIVE_DWELL_TIME (msec) on each channel after
5400 * sending probe req. This should be set long enough to hear probe responses
5401 * from more than one AP. */
5402 #define IWL_ACTIVE_DWELL_TIME_24 (20) /* all times in msec */
5403 #define IWL_ACTIVE_DWELL_TIME_52 (10)
5405 /* For faster active scanning, scan will move to the next channel if fewer than
5406 * PLCP_QUIET_THRESH packets are heard on this channel within
5407 * ACTIVE_QUIET_TIME after sending probe request. This shortens the dwell
5408 * time if it's a quiet channel (nothing responded to our probe, and there's
5409 * no other traffic).
5410 * Disable "quiet" feature by setting PLCP_QUIET_THRESH to 0. */
5411 #define IWL_PLCP_QUIET_THRESH __constant_cpu_to_le16(1) /* packets */
5412 #define IWL_ACTIVE_QUIET_TIME __constant_cpu_to_le16(5) /* msec */
5414 /* For passive scan, listen PASSIVE_DWELL_TIME (msec) on each channel.
5415 * Must be set longer than active dwell time.
5416 * For the most reliable scan, set > AP beacon interval (typically 100msec). */
5417 #define IWL_PASSIVE_DWELL_TIME_24 (20) /* all times in msec */
5418 #define IWL_PASSIVE_DWELL_TIME_52 (10)
5419 #define IWL_PASSIVE_DWELL_BASE (100)
5420 #define IWL_CHANNEL_TUNE_TIME 5
5422 static inline u16 iwl4965_get_active_dwell_time(struct iwl4965_priv *priv,
5423 enum ieee80211_band band)
5425 if (band == IEEE80211_BAND_5GHZ)
5426 return IWL_ACTIVE_DWELL_TIME_52;
5428 return IWL_ACTIVE_DWELL_TIME_24;
5431 static u16 iwl4965_get_passive_dwell_time(struct iwl4965_priv *priv,
5432 enum ieee80211_band band)
5434 u16 active = iwl4965_get_active_dwell_time(priv, band);
5435 u16 passive = (band != IEEE80211_BAND_5GHZ) ?
5436 IWL_PASSIVE_DWELL_BASE + IWL_PASSIVE_DWELL_TIME_24 :
5437 IWL_PASSIVE_DWELL_BASE + IWL_PASSIVE_DWELL_TIME_52;
5439 if (iwl4965_is_associated(priv)) {
5440 /* If we're associated, we clamp the maximum passive
5441 * dwell time to be 98% of the beacon interval (minus
5442 * 2 * channel tune time) */
5443 passive = priv->beacon_int;
5444 if ((passive > IWL_PASSIVE_DWELL_BASE) || !passive)
5445 passive = IWL_PASSIVE_DWELL_BASE;
5446 passive = (passive * 98) / 100 - IWL_CHANNEL_TUNE_TIME * 2;
5449 if (passive <= active)
5450 passive = active + 1;
5455 static int iwl4965_get_channels_for_scan(struct iwl4965_priv *priv,
5456 enum ieee80211_band band,
5457 u8 is_active, u8 direct_mask,
5458 struct iwl4965_scan_channel *scan_ch)
5460 const struct ieee80211_channel *channels = NULL;
5461 const struct ieee80211_supported_band *sband;
5462 const struct iwl4965_channel_info *ch_info;
5463 u16 passive_dwell = 0;
5464 u16 active_dwell = 0;
5467 sband = iwl4965_get_hw_mode(priv, band);
5471 channels = sband->channels;
5473 active_dwell = iwl4965_get_active_dwell_time(priv, band);
5474 passive_dwell = iwl4965_get_passive_dwell_time(priv, band);
5476 for (i = 0, added = 0; i < sband->n_channels; i++) {
5477 if (ieee80211_frequency_to_channel(channels[i].center_freq) ==
5478 le16_to_cpu(priv->active_rxon.channel)) {
5479 if (iwl4965_is_associated(priv)) {
5481 ("Skipping current channel %d\n",
5482 le16_to_cpu(priv->active_rxon.channel));
5485 } else if (priv->only_active_channel)
5488 scan_ch->channel = ieee80211_frequency_to_channel(channels[i].center_freq);
5490 ch_info = iwl4965_get_channel_info(priv, band,
5492 if (!is_channel_valid(ch_info)) {
5493 IWL_DEBUG_SCAN("Channel %d is INVALID for this SKU.\n",
5498 if (!is_active || is_channel_passive(ch_info) ||
5499 (channels[i].flags & IEEE80211_CHAN_PASSIVE_SCAN))
5500 scan_ch->type = 0; /* passive */
5502 scan_ch->type = 1; /* active */
5504 if (scan_ch->type & 1)
5505 scan_ch->type |= (direct_mask << 1);
5507 if (is_channel_narrow(ch_info))
5508 scan_ch->type |= (1 << 7);
5510 scan_ch->active_dwell = cpu_to_le16(active_dwell);
5511 scan_ch->passive_dwell = cpu_to_le16(passive_dwell);
5513 /* Set txpower levels to defaults */
5514 scan_ch->tpc.dsp_atten = 110;
5515 /* scan_pwr_info->tpc.dsp_atten; */
5517 /*scan_pwr_info->tpc.tx_gain; */
5518 if (band == IEEE80211_BAND_5GHZ)
5519 scan_ch->tpc.tx_gain = ((1 << 5) | (3 << 3)) | 3;
5521 scan_ch->tpc.tx_gain = ((1 << 5) | (5 << 3));
5522 /* NOTE: if we were doing 6Mb OFDM for scans we'd use
5524 * scan_ch->tpc.tx_gain = ((1 << 5) | (2 << 3)) | 3;
5528 IWL_DEBUG_SCAN("Scanning %d [%s %d]\n",
5530 (scan_ch->type & 1) ? "ACTIVE" : "PASSIVE",
5531 (scan_ch->type & 1) ?
5532 active_dwell : passive_dwell);
5538 IWL_DEBUG_SCAN("total channels to scan %d \n", added);
5542 static void iwl4965_init_hw_rates(struct iwl4965_priv *priv,
5543 struct ieee80211_rate *rates)
5547 for (i = 0; i < IWL_RATE_COUNT; i++) {
5548 rates[i].bitrate = iwl4965_rates[i].ieee * 5;
5549 rates[i].hw_value = i; /* Rate scaling will work on indexes */
5550 rates[i].hw_value_short = i;
5552 if ((i > IWL_LAST_OFDM_RATE) || (i < IWL_FIRST_OFDM_RATE)) {
5554 * If CCK != 1M then set short preamble rate flag.
5556 rates[i].flags |= (iwl4965_rates[i].plcp == 10) ?
5557 0 : IEEE80211_RATE_SHORT_PREAMBLE;
5563 * iwl4965_init_geos - Initialize mac80211's geo/channel info based from eeprom
5565 static int iwl4965_init_geos(struct iwl4965_priv *priv)
5567 struct iwl4965_channel_info *ch;
5568 struct ieee80211_supported_band *sband;
5569 struct ieee80211_channel *channels;
5570 struct ieee80211_channel *geo_ch;
5571 struct ieee80211_rate *rates;
5574 if (priv->bands[IEEE80211_BAND_2GHZ].n_bitrates ||
5575 priv->bands[IEEE80211_BAND_5GHZ].n_bitrates) {
5576 IWL_DEBUG_INFO("Geography modes already initialized.\n");
5577 set_bit(STATUS_GEO_CONFIGURED, &priv->status);
5581 channels = kzalloc(sizeof(struct ieee80211_channel) *
5582 priv->channel_count, GFP_KERNEL);
5586 rates = kzalloc((sizeof(struct ieee80211_rate) * (IWL_RATE_COUNT + 1)),
5593 /* 5.2GHz channels start after the 2.4GHz channels */
5594 sband = &priv->bands[IEEE80211_BAND_5GHZ];
5595 sband->channels = &channels[ARRAY_SIZE(iwl4965_eeprom_band_1)];
5597 sband->bitrates = &rates[IWL_FIRST_OFDM_RATE];
5598 sband->n_bitrates = IWL_RATE_COUNT - IWL_FIRST_OFDM_RATE;
5600 iwl4965_init_ht_hw_capab(&sband->ht_info, IEEE80211_BAND_5GHZ);
5602 sband = &priv->bands[IEEE80211_BAND_2GHZ];
5603 sband->channels = channels;
5605 sband->bitrates = rates;
5606 sband->n_bitrates = IWL_RATE_COUNT;
5608 iwl4965_init_ht_hw_capab(&sband->ht_info, IEEE80211_BAND_2GHZ);
5610 priv->ieee_channels = channels;
5611 priv->ieee_rates = rates;
5613 iwl4965_init_hw_rates(priv, rates);
5615 for (i = 0; i < priv->channel_count; i++) {
5616 ch = &priv->channel_info[i];
5618 /* FIXME: might be removed if scan is OK */
5619 if (!is_channel_valid(ch))
5622 if (is_channel_a_band(ch))
5623 sband = &priv->bands[IEEE80211_BAND_5GHZ];
5625 sband = &priv->bands[IEEE80211_BAND_2GHZ];
5627 geo_ch = &sband->channels[sband->n_channels++];
5629 geo_ch->center_freq = ieee80211_channel_to_frequency(ch->channel);
5630 geo_ch->max_power = ch->max_power_avg;
5631 geo_ch->max_antenna_gain = 0xff;
5632 geo_ch->hw_value = ch->channel;
5634 if (is_channel_valid(ch)) {
5635 if (!(ch->flags & EEPROM_CHANNEL_IBSS))
5636 geo_ch->flags |= IEEE80211_CHAN_NO_IBSS;
5638 if (!(ch->flags & EEPROM_CHANNEL_ACTIVE))
5639 geo_ch->flags |= IEEE80211_CHAN_PASSIVE_SCAN;
5641 if (ch->flags & EEPROM_CHANNEL_RADAR)
5642 geo_ch->flags |= IEEE80211_CHAN_RADAR;
5644 if (ch->max_power_avg > priv->max_channel_txpower_limit)
5645 priv->max_channel_txpower_limit =
5648 geo_ch->flags |= IEEE80211_CHAN_DISABLED;
5651 /* Save flags for reg domain usage */
5652 geo_ch->orig_flags = geo_ch->flags;
5654 IWL_DEBUG_INFO("Channel %d Freq=%d[%sGHz] %s flag=0%X\n",
5655 ch->channel, geo_ch->center_freq,
5656 is_channel_a_band(ch) ? "5.2" : "2.4",
5657 geo_ch->flags & IEEE80211_CHAN_DISABLED ?
5658 "restricted" : "valid",
5662 if ((priv->bands[IEEE80211_BAND_5GHZ].n_channels == 0) &&
5663 priv->cfg->sku & IWL_SKU_A) {
5664 printk(KERN_INFO DRV_NAME
5665 ": Incorrectly detected BG card as ABG. Please send "
5666 "your PCI ID 0x%04X:0x%04X to maintainer.\n",
5667 priv->pci_dev->device, priv->pci_dev->subsystem_device);
5668 priv->cfg->sku &= ~IWL_SKU_A;
5671 printk(KERN_INFO DRV_NAME
5672 ": Tunable channels: %d 802.11bg, %d 802.11a channels\n",
5673 priv->bands[IEEE80211_BAND_2GHZ].n_channels,
5674 priv->bands[IEEE80211_BAND_5GHZ].n_channels);
5676 priv->hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &priv->bands[IEEE80211_BAND_2GHZ];
5677 priv->hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &priv->bands[IEEE80211_BAND_5GHZ];
5679 set_bit(STATUS_GEO_CONFIGURED, &priv->status);
5685 * iwl4965_free_geos - undo allocations in iwl4965_init_geos
5687 static void iwl4965_free_geos(struct iwl4965_priv *priv)
5689 kfree(priv->ieee_channels);
5690 kfree(priv->ieee_rates);
5691 clear_bit(STATUS_GEO_CONFIGURED, &priv->status);
5694 /******************************************************************************
5696 * uCode download functions
5698 ******************************************************************************/
5700 static void iwl4965_dealloc_ucode_pci(struct iwl4965_priv *priv)
5702 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_code);
5703 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_data);
5704 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_data_backup);
5705 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_init);
5706 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_init_data);
5707 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_boot);
5711 * iwl4965_verify_inst_full - verify runtime uCode image in card vs. host,
5712 * looking at all data.
5714 static int iwl4965_verify_inst_full(struct iwl4965_priv *priv, __le32 *image,
5722 IWL_DEBUG_INFO("ucode inst image size is %u\n", len);
5724 rc = iwl4965_grab_nic_access(priv);
5728 iwl4965_write_direct32(priv, HBUS_TARG_MEM_RADDR, RTC_INST_LOWER_BOUND);
5731 for (; len > 0; len -= sizeof(u32), image++) {
5732 /* read data comes through single port, auto-incr addr */
5733 /* NOTE: Use the debugless read so we don't flood kernel log
5734 * if IWL_DL_IO is set */
5735 val = _iwl4965_read_direct32(priv, HBUS_TARG_MEM_RDAT);
5736 if (val != le32_to_cpu(*image)) {
5737 IWL_ERROR("uCode INST section is invalid at "
5738 "offset 0x%x, is 0x%x, s/b 0x%x\n",
5739 save_len - len, val, le32_to_cpu(*image));
5747 iwl4965_release_nic_access(priv);
5751 ("ucode image in INSTRUCTION memory is good\n");
5758 * iwl4965_verify_inst_sparse - verify runtime uCode image in card vs. host,
5759 * using sample data 100 bytes apart. If these sample points are good,
5760 * it's a pretty good bet that everything between them is good, too.
5762 static int iwl4965_verify_inst_sparse(struct iwl4965_priv *priv, __le32 *image, u32 len)
5769 IWL_DEBUG_INFO("ucode inst image size is %u\n", len);
5771 rc = iwl4965_grab_nic_access(priv);
5775 for (i = 0; i < len; i += 100, image += 100/sizeof(u32)) {
5776 /* read data comes through single port, auto-incr addr */
5777 /* NOTE: Use the debugless read so we don't flood kernel log
5778 * if IWL_DL_IO is set */
5779 iwl4965_write_direct32(priv, HBUS_TARG_MEM_RADDR,
5780 i + RTC_INST_LOWER_BOUND);
5781 val = _iwl4965_read_direct32(priv, HBUS_TARG_MEM_RDAT);
5782 if (val != le32_to_cpu(*image)) {
5783 #if 0 /* Enable this if you want to see details */
5784 IWL_ERROR("uCode INST section is invalid at "
5785 "offset 0x%x, is 0x%x, s/b 0x%x\n",
5795 iwl4965_release_nic_access(priv);
5802 * iwl4965_verify_ucode - determine which instruction image is in SRAM,
5803 * and verify its contents
5805 static int iwl4965_verify_ucode(struct iwl4965_priv *priv)
5812 image = (__le32 *)priv->ucode_boot.v_addr;
5813 len = priv->ucode_boot.len;
5814 rc = iwl4965_verify_inst_sparse(priv, image, len);
5816 IWL_DEBUG_INFO("Bootstrap uCode is good in inst SRAM\n");
5820 /* Try initialize */
5821 image = (__le32 *)priv->ucode_init.v_addr;
5822 len = priv->ucode_init.len;
5823 rc = iwl4965_verify_inst_sparse(priv, image, len);
5825 IWL_DEBUG_INFO("Initialize uCode is good in inst SRAM\n");
5829 /* Try runtime/protocol */
5830 image = (__le32 *)priv->ucode_code.v_addr;
5831 len = priv->ucode_code.len;
5832 rc = iwl4965_verify_inst_sparse(priv, image, len);
5834 IWL_DEBUG_INFO("Runtime uCode is good in inst SRAM\n");
5838 IWL_ERROR("NO VALID UCODE IMAGE IN INSTRUCTION SRAM!!\n");
5840 /* Since nothing seems to match, show first several data entries in
5841 * instruction SRAM, so maybe visual inspection will give a clue.
5842 * Selection of bootstrap image (vs. other images) is arbitrary. */
5843 image = (__le32 *)priv->ucode_boot.v_addr;
5844 len = priv->ucode_boot.len;
5845 rc = iwl4965_verify_inst_full(priv, image, len);
5851 /* check contents of special bootstrap uCode SRAM */
5852 static int iwl4965_verify_bsm(struct iwl4965_priv *priv)
5854 __le32 *image = priv->ucode_boot.v_addr;
5855 u32 len = priv->ucode_boot.len;
5859 IWL_DEBUG_INFO("Begin verify bsm\n");
5861 /* verify BSM SRAM contents */
5862 val = iwl4965_read_prph(priv, BSM_WR_DWCOUNT_REG);
5863 for (reg = BSM_SRAM_LOWER_BOUND;
5864 reg < BSM_SRAM_LOWER_BOUND + len;
5865 reg += sizeof(u32), image ++) {
5866 val = iwl4965_read_prph(priv, reg);
5867 if (val != le32_to_cpu(*image)) {
5868 IWL_ERROR("BSM uCode verification failed at "
5869 "addr 0x%08X+%u (of %u), is 0x%x, s/b 0x%x\n",
5870 BSM_SRAM_LOWER_BOUND,
5871 reg - BSM_SRAM_LOWER_BOUND, len,
5872 val, le32_to_cpu(*image));
5877 IWL_DEBUG_INFO("BSM bootstrap uCode image OK\n");
5883 * iwl4965_load_bsm - Load bootstrap instructions
5887 * The Bootstrap State Machine (BSM) stores a short bootstrap uCode program
5888 * in special SRAM that does not power down during RFKILL. When powering back
5889 * up after power-saving sleeps (or during initial uCode load), the BSM loads
5890 * the bootstrap program into the on-board processor, and starts it.
5892 * The bootstrap program loads (via DMA) instructions and data for a new
5893 * program from host DRAM locations indicated by the host driver in the
5894 * BSM_DRAM_* registers. Once the new program is loaded, it starts
5897 * When initializing the NIC, the host driver points the BSM to the
5898 * "initialize" uCode image. This uCode sets up some internal data, then
5899 * notifies host via "initialize alive" that it is complete.
5901 * The host then replaces the BSM_DRAM_* pointer values to point to the
5902 * normal runtime uCode instructions and a backup uCode data cache buffer
5903 * (filled initially with starting data values for the on-board processor),
5904 * then triggers the "initialize" uCode to load and launch the runtime uCode,
5905 * which begins normal operation.
5907 * When doing a power-save shutdown, runtime uCode saves data SRAM into
5908 * the backup data cache in DRAM before SRAM is powered down.
5910 * When powering back up, the BSM loads the bootstrap program. This reloads
5911 * the runtime uCode instructions and the backup data cache into SRAM,
5912 * and re-launches the runtime uCode from where it left off.
5914 static int iwl4965_load_bsm(struct iwl4965_priv *priv)
5916 __le32 *image = priv->ucode_boot.v_addr;
5917 u32 len = priv->ucode_boot.len;
5927 IWL_DEBUG_INFO("Begin load bsm\n");
5929 /* make sure bootstrap program is no larger than BSM's SRAM size */
5930 if (len > IWL_MAX_BSM_SIZE)
5933 /* Tell bootstrap uCode where to find the "Initialize" uCode
5934 * in host DRAM ... host DRAM physical address bits 35:4 for 4965.
5935 * NOTE: iwl4965_initialize_alive_start() will replace these values,
5936 * after the "initialize" uCode has run, to point to
5937 * runtime/protocol instructions and backup data cache. */
5938 pinst = priv->ucode_init.p_addr >> 4;
5939 pdata = priv->ucode_init_data.p_addr >> 4;
5940 inst_len = priv->ucode_init.len;
5941 data_len = priv->ucode_init_data.len;
5943 rc = iwl4965_grab_nic_access(priv);
5947 iwl4965_write_prph(priv, BSM_DRAM_INST_PTR_REG, pinst);
5948 iwl4965_write_prph(priv, BSM_DRAM_DATA_PTR_REG, pdata);
5949 iwl4965_write_prph(priv, BSM_DRAM_INST_BYTECOUNT_REG, inst_len);
5950 iwl4965_write_prph(priv, BSM_DRAM_DATA_BYTECOUNT_REG, data_len);
5952 /* Fill BSM memory with bootstrap instructions */
5953 for (reg_offset = BSM_SRAM_LOWER_BOUND;
5954 reg_offset < BSM_SRAM_LOWER_BOUND + len;
5955 reg_offset += sizeof(u32), image++)
5956 _iwl4965_write_prph(priv, reg_offset,
5957 le32_to_cpu(*image));
5959 rc = iwl4965_verify_bsm(priv);
5961 iwl4965_release_nic_access(priv);
5965 /* Tell BSM to copy from BSM SRAM into instruction SRAM, when asked */
5966 iwl4965_write_prph(priv, BSM_WR_MEM_SRC_REG, 0x0);
5967 iwl4965_write_prph(priv, BSM_WR_MEM_DST_REG,
5968 RTC_INST_LOWER_BOUND);
5969 iwl4965_write_prph(priv, BSM_WR_DWCOUNT_REG, len / sizeof(u32));
5971 /* Load bootstrap code into instruction SRAM now,
5972 * to prepare to load "initialize" uCode */
5973 iwl4965_write_prph(priv, BSM_WR_CTRL_REG,
5974 BSM_WR_CTRL_REG_BIT_START);
5976 /* Wait for load of bootstrap uCode to finish */
5977 for (i = 0; i < 100; i++) {
5978 done = iwl4965_read_prph(priv, BSM_WR_CTRL_REG);
5979 if (!(done & BSM_WR_CTRL_REG_BIT_START))
5984 IWL_DEBUG_INFO("BSM write complete, poll %d iterations\n", i);
5986 IWL_ERROR("BSM write did not complete!\n");
5990 /* Enable future boot loads whenever power management unit triggers it
5991 * (e.g. when powering back up after power-save shutdown) */
5992 iwl4965_write_prph(priv, BSM_WR_CTRL_REG,
5993 BSM_WR_CTRL_REG_BIT_START_EN);
5995 iwl4965_release_nic_access(priv);
6000 static void iwl4965_nic_start(struct iwl4965_priv *priv)
6002 /* Remove all resets to allow NIC to operate */
6003 iwl4965_write32(priv, CSR_RESET, 0);
6008 * iwl4965_read_ucode - Read uCode images from disk file.
6010 * Copy into buffers for card to fetch via bus-mastering
6012 static int iwl4965_read_ucode(struct iwl4965_priv *priv)
6014 struct iwl4965_ucode *ucode;
6016 const struct firmware *ucode_raw;
6017 const char *name = priv->cfg->fw_name;
6020 u32 ver, inst_size, data_size, init_size, init_data_size, boot_size;
6022 /* Ask kernel firmware_class module to get the boot firmware off disk.
6023 * request_firmware() is synchronous, file is in memory on return. */
6024 ret = request_firmware(&ucode_raw, name, &priv->pci_dev->dev);
6026 IWL_ERROR("%s firmware file req failed: Reason %d\n",
6031 IWL_DEBUG_INFO("Got firmware '%s' file (%zd bytes) from disk\n",
6032 name, ucode_raw->size);
6034 /* Make sure that we got at least our header! */
6035 if (ucode_raw->size < sizeof(*ucode)) {
6036 IWL_ERROR("File size way too small!\n");
6041 /* Data from ucode file: header followed by uCode images */
6042 ucode = (void *)ucode_raw->data;
6044 ver = le32_to_cpu(ucode->ver);
6045 inst_size = le32_to_cpu(ucode->inst_size);
6046 data_size = le32_to_cpu(ucode->data_size);
6047 init_size = le32_to_cpu(ucode->init_size);
6048 init_data_size = le32_to_cpu(ucode->init_data_size);
6049 boot_size = le32_to_cpu(ucode->boot_size);
6051 IWL_DEBUG_INFO("f/w package hdr ucode version = 0x%x\n", ver);
6052 IWL_DEBUG_INFO("f/w package hdr runtime inst size = %u\n",
6054 IWL_DEBUG_INFO("f/w package hdr runtime data size = %u\n",
6056 IWL_DEBUG_INFO("f/w package hdr init inst size = %u\n",
6058 IWL_DEBUG_INFO("f/w package hdr init data size = %u\n",
6060 IWL_DEBUG_INFO("f/w package hdr boot inst size = %u\n",
6063 /* Verify size of file vs. image size info in file's header */
6064 if (ucode_raw->size < sizeof(*ucode) +
6065 inst_size + data_size + init_size +
6066 init_data_size + boot_size) {
6068 IWL_DEBUG_INFO("uCode file size %d too small\n",
6069 (int)ucode_raw->size);
6074 /* Verify that uCode images will fit in card's SRAM */
6075 if (inst_size > IWL_MAX_INST_SIZE) {
6076 IWL_DEBUG_INFO("uCode instr len %d too large to fit in\n",
6082 if (data_size > IWL_MAX_DATA_SIZE) {
6083 IWL_DEBUG_INFO("uCode data len %d too large to fit in\n",
6088 if (init_size > IWL_MAX_INST_SIZE) {
6090 ("uCode init instr len %d too large to fit in\n",
6095 if (init_data_size > IWL_MAX_DATA_SIZE) {
6097 ("uCode init data len %d too large to fit in\n",
6102 if (boot_size > IWL_MAX_BSM_SIZE) {
6104 ("uCode boot instr len %d too large to fit in\n",
6110 /* Allocate ucode buffers for card's bus-master loading ... */
6112 /* Runtime instructions and 2 copies of data:
6113 * 1) unmodified from disk
6114 * 2) backup cache for save/restore during power-downs */
6115 priv->ucode_code.len = inst_size;
6116 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_code);
6118 priv->ucode_data.len = data_size;
6119 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_data);
6121 priv->ucode_data_backup.len = data_size;
6122 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_data_backup);
6124 /* Initialization instructions and data */
6125 if (init_size && init_data_size) {
6126 priv->ucode_init.len = init_size;
6127 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_init);
6129 priv->ucode_init_data.len = init_data_size;
6130 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_init_data);
6132 if (!priv->ucode_init.v_addr || !priv->ucode_init_data.v_addr)
6136 /* Bootstrap (instructions only, no data) */
6138 priv->ucode_boot.len = boot_size;
6139 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_boot);
6141 if (!priv->ucode_boot.v_addr)
6145 /* Copy images into buffers for card's bus-master reads ... */
6147 /* Runtime instructions (first block of data in file) */
6148 src = &ucode->data[0];
6149 len = priv->ucode_code.len;
6150 IWL_DEBUG_INFO("Copying (but not loading) uCode instr len %Zd\n", len);
6151 memcpy(priv->ucode_code.v_addr, src, len);
6152 IWL_DEBUG_INFO("uCode instr buf vaddr = 0x%p, paddr = 0x%08x\n",
6153 priv->ucode_code.v_addr, (u32)priv->ucode_code.p_addr);
6155 /* Runtime data (2nd block)
6156 * NOTE: Copy into backup buffer will be done in iwl4965_up() */
6157 src = &ucode->data[inst_size];
6158 len = priv->ucode_data.len;
6159 IWL_DEBUG_INFO("Copying (but not loading) uCode data len %Zd\n", len);
6160 memcpy(priv->ucode_data.v_addr, src, len);
6161 memcpy(priv->ucode_data_backup.v_addr, src, len);
6163 /* Initialization instructions (3rd block) */
6165 src = &ucode->data[inst_size + data_size];
6166 len = priv->ucode_init.len;
6167 IWL_DEBUG_INFO("Copying (but not loading) init instr len %Zd\n",
6169 memcpy(priv->ucode_init.v_addr, src, len);
6172 /* Initialization data (4th block) */
6173 if (init_data_size) {
6174 src = &ucode->data[inst_size + data_size + init_size];
6175 len = priv->ucode_init_data.len;
6176 IWL_DEBUG_INFO("Copying (but not loading) init data len %Zd\n",
6178 memcpy(priv->ucode_init_data.v_addr, src, len);
6181 /* Bootstrap instructions (5th block) */
6182 src = &ucode->data[inst_size + data_size + init_size + init_data_size];
6183 len = priv->ucode_boot.len;
6184 IWL_DEBUG_INFO("Copying (but not loading) boot instr len %Zd\n", len);
6185 memcpy(priv->ucode_boot.v_addr, src, len);
6187 /* We have our copies now, allow OS release its copies */
6188 release_firmware(ucode_raw);
6192 IWL_ERROR("failed to allocate pci memory\n");
6194 iwl4965_dealloc_ucode_pci(priv);
6197 release_firmware(ucode_raw);
6205 * iwl4965_set_ucode_ptrs - Set uCode address location
6207 * Tell initialization uCode where to find runtime uCode.
6209 * BSM registers initially contain pointers to initialization uCode.
6210 * We need to replace them to load runtime uCode inst and data,
6211 * and to save runtime data when powering down.
6213 static int iwl4965_set_ucode_ptrs(struct iwl4965_priv *priv)
6218 unsigned long flags;
6220 /* bits 35:4 for 4965 */
6221 pinst = priv->ucode_code.p_addr >> 4;
6222 pdata = priv->ucode_data_backup.p_addr >> 4;
6224 spin_lock_irqsave(&priv->lock, flags);
6225 rc = iwl4965_grab_nic_access(priv);
6227 spin_unlock_irqrestore(&priv->lock, flags);
6231 /* Tell bootstrap uCode where to find image to load */
6232 iwl4965_write_prph(priv, BSM_DRAM_INST_PTR_REG, pinst);
6233 iwl4965_write_prph(priv, BSM_DRAM_DATA_PTR_REG, pdata);
6234 iwl4965_write_prph(priv, BSM_DRAM_DATA_BYTECOUNT_REG,
6235 priv->ucode_data.len);
6237 /* Inst bytecount must be last to set up, bit 31 signals uCode
6238 * that all new ptr/size info is in place */
6239 iwl4965_write_prph(priv, BSM_DRAM_INST_BYTECOUNT_REG,
6240 priv->ucode_code.len | BSM_DRAM_INST_LOAD);
6242 iwl4965_release_nic_access(priv);
6244 spin_unlock_irqrestore(&priv->lock, flags);
6246 IWL_DEBUG_INFO("Runtime uCode pointers are set.\n");
6252 * iwl4965_init_alive_start - Called after REPLY_ALIVE notification received
6254 * Called after REPLY_ALIVE notification received from "initialize" uCode.
6256 * The 4965 "initialize" ALIVE reply contains calibration data for:
6257 * Voltage, temperature, and MIMO tx gain correction, now stored in priv
6258 * (3945 does not contain this data).
6260 * Tell "initialize" uCode to go ahead and load the runtime uCode.
6262 static void iwl4965_init_alive_start(struct iwl4965_priv *priv)
6264 /* Check alive response for "valid" sign from uCode */
6265 if (priv->card_alive_init.is_valid != UCODE_VALID_OK) {
6266 /* We had an error bringing up the hardware, so take it
6267 * all the way back down so we can try again */
6268 IWL_DEBUG_INFO("Initialize Alive failed.\n");
6272 /* Bootstrap uCode has loaded initialize uCode ... verify inst image.
6273 * This is a paranoid check, because we would not have gotten the
6274 * "initialize" alive if code weren't properly loaded. */
6275 if (iwl4965_verify_ucode(priv)) {
6276 /* Runtime instruction load was bad;
6277 * take it all the way back down so we can try again */
6278 IWL_DEBUG_INFO("Bad \"initialize\" uCode load.\n");
6282 /* Calculate temperature */
6283 priv->temperature = iwl4965_get_temperature(priv);
6285 /* Send pointers to protocol/runtime uCode image ... init code will
6286 * load and launch runtime uCode, which will send us another "Alive"
6288 IWL_DEBUG_INFO("Initialization Alive received.\n");
6289 if (iwl4965_set_ucode_ptrs(priv)) {
6290 /* Runtime instruction load won't happen;
6291 * take it all the way back down so we can try again */
6292 IWL_DEBUG_INFO("Couldn't set up uCode pointers.\n");
6298 queue_work(priv->workqueue, &priv->restart);
6303 * iwl4965_alive_start - called after REPLY_ALIVE notification received
6304 * from protocol/runtime uCode (initialization uCode's
6305 * Alive gets handled by iwl4965_init_alive_start()).
6307 static void iwl4965_alive_start(struct iwl4965_priv *priv)
6311 IWL_DEBUG_INFO("Runtime Alive received.\n");
6313 if (priv->card_alive.is_valid != UCODE_VALID_OK) {
6314 /* We had an error bringing up the hardware, so take it
6315 * all the way back down so we can try again */
6316 IWL_DEBUG_INFO("Alive failed.\n");
6320 /* Initialize uCode has loaded Runtime uCode ... verify inst image.
6321 * This is a paranoid check, because we would not have gotten the
6322 * "runtime" alive if code weren't properly loaded. */
6323 if (iwl4965_verify_ucode(priv)) {
6324 /* Runtime instruction load was bad;
6325 * take it all the way back down so we can try again */
6326 IWL_DEBUG_INFO("Bad runtime uCode load.\n");
6330 iwl4965_clear_stations_table(priv);
6332 rc = iwl4965_alive_notify(priv);
6334 IWL_WARNING("Could not complete ALIVE transition [ntf]: %d\n",
6339 /* After the ALIVE response, we can send host commands to 4965 uCode */
6340 set_bit(STATUS_ALIVE, &priv->status);
6342 /* Clear out the uCode error bit if it is set */
6343 clear_bit(STATUS_FW_ERROR, &priv->status);
6345 if (iwl4965_is_rfkill(priv))
6348 ieee80211_start_queues(priv->hw);
6350 priv->active_rate = priv->rates_mask;
6351 priv->active_rate_basic = priv->rates_mask & IWL_BASIC_RATES_MASK;
6353 iwl4965_send_power_mode(priv, IWL_POWER_LEVEL(priv->power_mode));
6355 if (iwl4965_is_associated(priv)) {
6356 struct iwl4965_rxon_cmd *active_rxon =
6357 (struct iwl4965_rxon_cmd *)(&priv->active_rxon);
6359 memcpy(&priv->staging_rxon, &priv->active_rxon,
6360 sizeof(priv->staging_rxon));
6361 active_rxon->filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6363 /* Initialize our rx_config data */
6364 iwl4965_connection_init_rx_config(priv);
6365 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
6368 /* Configure Bluetooth device coexistence support */
6369 iwl4965_send_bt_config(priv);
6371 /* Configure the adapter for unassociated operation */
6372 iwl4965_commit_rxon(priv);
6374 /* At this point, the NIC is initialized and operational */
6375 priv->notif_missed_beacons = 0;
6376 set_bit(STATUS_READY, &priv->status);
6378 iwl4965_rf_kill_ct_config(priv);
6380 IWL_DEBUG_INFO("ALIVE processing complete.\n");
6381 wake_up_interruptible(&priv->wait_command_queue);
6383 if (priv->error_recovering)
6384 iwl4965_error_recovery(priv);
6389 queue_work(priv->workqueue, &priv->restart);
6392 static void iwl4965_cancel_deferred_work(struct iwl4965_priv *priv);
6394 static void __iwl4965_down(struct iwl4965_priv *priv)
6396 unsigned long flags;
6397 int exit_pending = test_bit(STATUS_EXIT_PENDING, &priv->status);
6398 struct ieee80211_conf *conf = NULL;
6400 IWL_DEBUG_INFO(DRV_NAME " is going down\n");
6402 conf = ieee80211_get_hw_conf(priv->hw);
6405 set_bit(STATUS_EXIT_PENDING, &priv->status);
6407 iwl4965_clear_stations_table(priv);
6409 /* Unblock any waiting calls */
6410 wake_up_interruptible_all(&priv->wait_command_queue);
6412 /* Wipe out the EXIT_PENDING status bit if we are not actually
6413 * exiting the module */
6415 clear_bit(STATUS_EXIT_PENDING, &priv->status);
6417 /* stop and reset the on-board processor */
6418 iwl4965_write32(priv, CSR_RESET, CSR_RESET_REG_FLAG_NEVO_RESET);
6420 /* tell the device to stop sending interrupts */
6421 iwl4965_disable_interrupts(priv);
6423 if (priv->mac80211_registered)
6424 ieee80211_stop_queues(priv->hw);
6426 /* If we have not previously called iwl4965_init() then
6427 * clear all bits but the RF Kill and SUSPEND bits and return */
6428 if (!iwl4965_is_init(priv)) {
6429 priv->status = test_bit(STATUS_RF_KILL_HW, &priv->status) <<
6431 test_bit(STATUS_RF_KILL_SW, &priv->status) <<
6433 test_bit(STATUS_GEO_CONFIGURED, &priv->status) <<
6434 STATUS_GEO_CONFIGURED |
6435 test_bit(STATUS_IN_SUSPEND, &priv->status) <<
6440 /* ...otherwise clear out all the status bits but the RF Kill and
6441 * SUSPEND bits and continue taking the NIC down. */
6442 priv->status &= test_bit(STATUS_RF_KILL_HW, &priv->status) <<
6444 test_bit(STATUS_RF_KILL_SW, &priv->status) <<
6446 test_bit(STATUS_GEO_CONFIGURED, &priv->status) <<
6447 STATUS_GEO_CONFIGURED |
6448 test_bit(STATUS_IN_SUSPEND, &priv->status) <<
6450 test_bit(STATUS_FW_ERROR, &priv->status) <<
6453 spin_lock_irqsave(&priv->lock, flags);
6454 iwl4965_clear_bit(priv, CSR_GP_CNTRL,
6455 CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
6456 spin_unlock_irqrestore(&priv->lock, flags);
6458 iwl4965_hw_txq_ctx_stop(priv);
6459 iwl4965_hw_rxq_stop(priv);
6461 spin_lock_irqsave(&priv->lock, flags);
6462 if (!iwl4965_grab_nic_access(priv)) {
6463 iwl4965_write_prph(priv, APMG_CLK_DIS_REG,
6464 APMG_CLK_VAL_DMA_CLK_RQT);
6465 iwl4965_release_nic_access(priv);
6467 spin_unlock_irqrestore(&priv->lock, flags);
6471 iwl4965_hw_nic_stop_master(priv);
6472 iwl4965_set_bit(priv, CSR_RESET, CSR_RESET_REG_FLAG_SW_RESET);
6473 iwl4965_hw_nic_reset(priv);
6476 memset(&priv->card_alive, 0, sizeof(struct iwl4965_alive_resp));
6478 if (priv->ibss_beacon)
6479 dev_kfree_skb(priv->ibss_beacon);
6480 priv->ibss_beacon = NULL;
6482 /* clear out any free frames */
6483 iwl4965_clear_free_frames(priv);
6486 static void iwl4965_down(struct iwl4965_priv *priv)
6488 mutex_lock(&priv->mutex);
6489 __iwl4965_down(priv);
6490 mutex_unlock(&priv->mutex);
6492 iwl4965_cancel_deferred_work(priv);
6495 #define MAX_HW_RESTARTS 5
6497 static int __iwl4965_up(struct iwl4965_priv *priv)
6501 if (test_bit(STATUS_EXIT_PENDING, &priv->status)) {
6502 IWL_WARNING("Exit pending; will not bring the NIC up\n");
6506 if (test_bit(STATUS_RF_KILL_SW, &priv->status)) {
6507 IWL_WARNING("Radio disabled by SW RF kill (module "
6512 if (!priv->ucode_data_backup.v_addr || !priv->ucode_data.v_addr) {
6513 IWL_ERROR("ucode not available for device bringup\n");
6517 /* If platform's RF_KILL switch is NOT set to KILL */
6518 if (iwl4965_read32(priv, CSR_GP_CNTRL) &
6519 CSR_GP_CNTRL_REG_FLAG_HW_RF_KILL_SW)
6520 clear_bit(STATUS_RF_KILL_HW, &priv->status);
6522 set_bit(STATUS_RF_KILL_HW, &priv->status);
6523 if (!test_bit(STATUS_IN_SUSPEND, &priv->status)) {
6524 IWL_WARNING("Radio disabled by HW RF Kill switch\n");
6529 iwl4965_write32(priv, CSR_INT, 0xFFFFFFFF);
6531 rc = iwl4965_hw_nic_init(priv);
6533 IWL_ERROR("Unable to int nic\n");
6537 /* make sure rfkill handshake bits are cleared */
6538 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
6539 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_CLR,
6540 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
6542 /* clear (again), then enable host interrupts */
6543 iwl4965_write32(priv, CSR_INT, 0xFFFFFFFF);
6544 iwl4965_enable_interrupts(priv);
6546 /* really make sure rfkill handshake bits are cleared */
6547 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
6548 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
6550 /* Copy original ucode data image from disk into backup cache.
6551 * This will be used to initialize the on-board processor's
6552 * data SRAM for a clean start when the runtime program first loads. */
6553 memcpy(priv->ucode_data_backup.v_addr, priv->ucode_data.v_addr,
6554 priv->ucode_data.len);
6556 /* We return success when we resume from suspend and rf_kill is on. */
6557 if (test_bit(STATUS_RF_KILL_HW, &priv->status))
6560 for (i = 0; i < MAX_HW_RESTARTS; i++) {
6562 iwl4965_clear_stations_table(priv);
6564 /* load bootstrap state machine,
6565 * load bootstrap program into processor's memory,
6566 * prepare to load the "initialize" uCode */
6567 rc = iwl4965_load_bsm(priv);
6570 IWL_ERROR("Unable to set up bootstrap uCode: %d\n", rc);
6574 /* start card; "initialize" will load runtime ucode */
6575 iwl4965_nic_start(priv);
6577 IWL_DEBUG_INFO(DRV_NAME " is coming up\n");
6582 set_bit(STATUS_EXIT_PENDING, &priv->status);
6583 __iwl4965_down(priv);
6585 /* tried to restart and config the device for as long as our
6586 * patience could withstand */
6587 IWL_ERROR("Unable to initialize device after %d attempts.\n", i);
6592 /*****************************************************************************
6594 * Workqueue callbacks
6596 *****************************************************************************/
6598 static void iwl4965_bg_init_alive_start(struct work_struct *data)
6600 struct iwl4965_priv *priv =
6601 container_of(data, struct iwl4965_priv, init_alive_start.work);
6603 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6606 mutex_lock(&priv->mutex);
6607 iwl4965_init_alive_start(priv);
6608 mutex_unlock(&priv->mutex);
6611 static void iwl4965_bg_alive_start(struct work_struct *data)
6613 struct iwl4965_priv *priv =
6614 container_of(data, struct iwl4965_priv, alive_start.work);
6616 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6619 mutex_lock(&priv->mutex);
6620 iwl4965_alive_start(priv);
6621 mutex_unlock(&priv->mutex);
6624 static void iwl4965_bg_rf_kill(struct work_struct *work)
6626 struct iwl4965_priv *priv = container_of(work, struct iwl4965_priv, rf_kill);
6628 wake_up_interruptible(&priv->wait_command_queue);
6630 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6633 mutex_lock(&priv->mutex);
6635 if (!iwl4965_is_rfkill(priv)) {
6636 IWL_DEBUG(IWL_DL_INFO | IWL_DL_RF_KILL,
6637 "HW and/or SW RF Kill no longer active, restarting "
6639 if (!test_bit(STATUS_EXIT_PENDING, &priv->status))
6640 queue_work(priv->workqueue, &priv->restart);
6643 if (!test_bit(STATUS_RF_KILL_HW, &priv->status))
6644 IWL_DEBUG_RF_KILL("Can not turn radio back on - "
6645 "disabled by SW switch\n");
6647 IWL_WARNING("Radio Frequency Kill Switch is On:\n"
6648 "Kill switch must be turned off for "
6649 "wireless networking to work.\n");
6651 mutex_unlock(&priv->mutex);
6654 #define IWL_SCAN_CHECK_WATCHDOG (7 * HZ)
6656 static void iwl4965_bg_scan_check(struct work_struct *data)
6658 struct iwl4965_priv *priv =
6659 container_of(data, struct iwl4965_priv, scan_check.work);
6661 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6664 mutex_lock(&priv->mutex);
6665 if (test_bit(STATUS_SCANNING, &priv->status) ||
6666 test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
6667 IWL_DEBUG(IWL_DL_INFO | IWL_DL_SCAN,
6668 "Scan completion watchdog resetting adapter (%dms)\n",
6669 jiffies_to_msecs(IWL_SCAN_CHECK_WATCHDOG));
6671 if (!test_bit(STATUS_EXIT_PENDING, &priv->status))
6672 iwl4965_send_scan_abort(priv);
6674 mutex_unlock(&priv->mutex);
6677 static void iwl4965_bg_request_scan(struct work_struct *data)
6679 struct iwl4965_priv *priv =
6680 container_of(data, struct iwl4965_priv, request_scan);
6681 struct iwl4965_host_cmd cmd = {
6682 .id = REPLY_SCAN_CMD,
6683 .len = sizeof(struct iwl4965_scan_cmd),
6684 .meta.flags = CMD_SIZE_HUGE,
6687 struct iwl4965_scan_cmd *scan;
6688 struct ieee80211_conf *conf = NULL;
6690 enum ieee80211_band band;
6693 conf = ieee80211_get_hw_conf(priv->hw);
6695 mutex_lock(&priv->mutex);
6697 if (!iwl4965_is_ready(priv)) {
6698 IWL_WARNING("request scan called when driver not ready.\n");
6702 /* Make sure the scan wasn't cancelled before this queued work
6703 * was given the chance to run... */
6704 if (!test_bit(STATUS_SCANNING, &priv->status))
6707 /* This should never be called or scheduled if there is currently
6708 * a scan active in the hardware. */
6709 if (test_bit(STATUS_SCAN_HW, &priv->status)) {
6710 IWL_DEBUG_INFO("Multiple concurrent scan requests in parallel. "
6711 "Ignoring second request.\n");
6716 if (test_bit(STATUS_EXIT_PENDING, &priv->status)) {
6717 IWL_DEBUG_SCAN("Aborting scan due to device shutdown\n");
6721 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
6722 IWL_DEBUG_HC("Scan request while abort pending. Queuing.\n");
6726 if (iwl4965_is_rfkill(priv)) {
6727 IWL_DEBUG_HC("Aborting scan due to RF Kill activation\n");
6731 if (!test_bit(STATUS_READY, &priv->status)) {
6732 IWL_DEBUG_HC("Scan request while uninitialized. Queuing.\n");
6736 if (!priv->scan_bands) {
6737 IWL_DEBUG_HC("Aborting scan due to no requested bands\n");
6742 priv->scan = kmalloc(sizeof(struct iwl4965_scan_cmd) +
6743 IWL_MAX_SCAN_SIZE, GFP_KERNEL);
6750 memset(scan, 0, sizeof(struct iwl4965_scan_cmd) + IWL_MAX_SCAN_SIZE);
6752 scan->quiet_plcp_th = IWL_PLCP_QUIET_THRESH;
6753 scan->quiet_time = IWL_ACTIVE_QUIET_TIME;
6755 if (iwl4965_is_associated(priv)) {
6758 u32 suspend_time = 100;
6759 u32 scan_suspend_time = 100;
6760 unsigned long flags;
6762 IWL_DEBUG_INFO("Scanning while associated...\n");
6764 spin_lock_irqsave(&priv->lock, flags);
6765 interval = priv->beacon_int;
6766 spin_unlock_irqrestore(&priv->lock, flags);
6768 scan->suspend_time = 0;
6769 scan->max_out_time = cpu_to_le32(200 * 1024);
6771 interval = suspend_time;
6773 extra = (suspend_time / interval) << 22;
6774 scan_suspend_time = (extra |
6775 ((suspend_time % interval) * 1024));
6776 scan->suspend_time = cpu_to_le32(scan_suspend_time);
6777 IWL_DEBUG_SCAN("suspend_time 0x%X beacon interval %d\n",
6778 scan_suspend_time, interval);
6781 /* We should add the ability for user to lock to PASSIVE ONLY */
6782 if (priv->one_direct_scan) {
6784 ("Kicking off one direct scan for '%s'\n",
6785 iwl4965_escape_essid(priv->direct_ssid,
6786 priv->direct_ssid_len));
6787 scan->direct_scan[0].id = WLAN_EID_SSID;
6788 scan->direct_scan[0].len = priv->direct_ssid_len;
6789 memcpy(scan->direct_scan[0].ssid,
6790 priv->direct_ssid, priv->direct_ssid_len);
6792 } else if (!iwl4965_is_associated(priv) && priv->essid_len) {
6793 scan->direct_scan[0].id = WLAN_EID_SSID;
6794 scan->direct_scan[0].len = priv->essid_len;
6795 memcpy(scan->direct_scan[0].ssid, priv->essid, priv->essid_len);
6800 scan->tx_cmd.tx_flags = TX_CMD_FLG_SEQ_CTL_MSK;
6801 scan->tx_cmd.sta_id = priv->hw_setting.bcast_sta_id;
6802 scan->tx_cmd.stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
6805 switch (priv->scan_bands) {
6807 scan->flags = RXON_FLG_BAND_24G_MSK | RXON_FLG_AUTO_DETECT_MSK;
6808 scan->tx_cmd.rate_n_flags =
6809 iwl4965_hw_set_rate_n_flags(IWL_RATE_1M_PLCP,
6810 RATE_MCS_ANT_B_MSK|RATE_MCS_CCK_MSK);
6812 scan->good_CRC_th = 0;
6813 band = IEEE80211_BAND_2GHZ;
6817 scan->tx_cmd.rate_n_flags =
6818 iwl4965_hw_set_rate_n_flags(IWL_RATE_6M_PLCP,
6819 RATE_MCS_ANT_B_MSK);
6820 scan->good_CRC_th = IWL_GOOD_CRC_TH;
6821 band = IEEE80211_BAND_5GHZ;
6825 IWL_WARNING("Invalid scan band count\n");
6829 /* We don't build a direct scan probe request; the uCode will do
6830 * that based on the direct_mask added to each channel entry */
6831 cmd_len = iwl4965_fill_probe_req(priv, band,
6832 (struct ieee80211_mgmt *)scan->data,
6833 IWL_MAX_SCAN_SIZE - sizeof(*scan), 0);
6835 scan->tx_cmd.len = cpu_to_le16(cmd_len);
6836 /* select Rx chains */
6838 /* Force use of chains B and C (0x6) for scan Rx.
6839 * Avoid A (0x1) because of its off-channel reception on A-band.
6840 * MIMO is not used here, but value is required to make uCode happy. */
6841 scan->rx_chain = RXON_RX_CHAIN_DRIVER_FORCE_MSK |
6842 cpu_to_le16((0x7 << RXON_RX_CHAIN_VALID_POS) |
6843 (0x6 << RXON_RX_CHAIN_FORCE_SEL_POS) |
6844 (0x7 << RXON_RX_CHAIN_FORCE_MIMO_SEL_POS));
6846 if (priv->iw_mode == IEEE80211_IF_TYPE_MNTR)
6847 scan->filter_flags = RXON_FILTER_PROMISC_MSK;
6851 ("Initiating direct scan for %s.\n",
6852 iwl4965_escape_essid(priv->essid, priv->essid_len));
6854 IWL_DEBUG_SCAN("Initiating indirect scan.\n");
6856 scan->channel_count =
6857 iwl4965_get_channels_for_scan(
6858 priv, band, 1, /* active */
6860 (void *)&scan->data[le16_to_cpu(scan->tx_cmd.len)]);
6862 cmd.len += le16_to_cpu(scan->tx_cmd.len) +
6863 scan->channel_count * sizeof(struct iwl4965_scan_channel);
6865 scan->len = cpu_to_le16(cmd.len);
6867 set_bit(STATUS_SCAN_HW, &priv->status);
6868 rc = iwl4965_send_cmd_sync(priv, &cmd);
6872 queue_delayed_work(priv->workqueue, &priv->scan_check,
6873 IWL_SCAN_CHECK_WATCHDOG);
6875 mutex_unlock(&priv->mutex);
6879 /* inform mac80211 scan aborted */
6880 queue_work(priv->workqueue, &priv->scan_completed);
6881 mutex_unlock(&priv->mutex);
6884 static void iwl4965_bg_up(struct work_struct *data)
6886 struct iwl4965_priv *priv = container_of(data, struct iwl4965_priv, up);
6888 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6891 mutex_lock(&priv->mutex);
6893 mutex_unlock(&priv->mutex);
6896 static void iwl4965_bg_restart(struct work_struct *data)
6898 struct iwl4965_priv *priv = container_of(data, struct iwl4965_priv, restart);
6900 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6904 queue_work(priv->workqueue, &priv->up);
6907 static void iwl4965_bg_rx_replenish(struct work_struct *data)
6909 struct iwl4965_priv *priv =
6910 container_of(data, struct iwl4965_priv, rx_replenish);
6912 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6915 mutex_lock(&priv->mutex);
6916 iwl4965_rx_replenish(priv);
6917 mutex_unlock(&priv->mutex);
6920 #define IWL_DELAY_NEXT_SCAN (HZ*2)
6922 static void iwl4965_bg_post_associate(struct work_struct *data)
6924 struct iwl4965_priv *priv = container_of(data, struct iwl4965_priv,
6925 post_associate.work);
6928 struct ieee80211_conf *conf = NULL;
6929 DECLARE_MAC_BUF(mac);
6931 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
6932 IWL_ERROR("%s Should not be called in AP mode\n", __FUNCTION__);
6936 IWL_DEBUG_ASSOC("Associated as %d to: %s\n",
6938 print_mac(mac, priv->active_rxon.bssid_addr));
6941 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6944 mutex_lock(&priv->mutex);
6946 if (!priv->vif || !priv->is_open) {
6947 mutex_unlock(&priv->mutex);
6950 iwl4965_scan_cancel_timeout(priv, 200);
6952 conf = ieee80211_get_hw_conf(priv->hw);
6954 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6955 iwl4965_commit_rxon(priv);
6957 memset(&priv->rxon_timing, 0, sizeof(struct iwl4965_rxon_time_cmd));
6958 iwl4965_setup_rxon_timing(priv);
6959 rc = iwl4965_send_cmd_pdu(priv, REPLY_RXON_TIMING,
6960 sizeof(priv->rxon_timing), &priv->rxon_timing);
6962 IWL_WARNING("REPLY_RXON_TIMING failed - "
6963 "Attempting to continue.\n");
6965 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
6967 #ifdef CONFIG_IWL4965_HT
6968 if (priv->current_ht_config.is_ht)
6969 iwl4965_set_rxon_ht(priv, &priv->current_ht_config);
6970 #endif /* CONFIG_IWL4965_HT*/
6971 iwl4965_set_rxon_chain(priv);
6972 priv->staging_rxon.assoc_id = cpu_to_le16(priv->assoc_id);
6974 IWL_DEBUG_ASSOC("assoc id %d beacon interval %d\n",
6975 priv->assoc_id, priv->beacon_int);
6977 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
6978 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
6980 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
6982 if (priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) {
6983 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
6984 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
6986 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
6988 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
6989 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
6993 iwl4965_commit_rxon(priv);
6995 switch (priv->iw_mode) {
6996 case IEEE80211_IF_TYPE_STA:
6997 iwl4965_rate_scale_init(priv->hw, IWL_AP_ID);
7000 case IEEE80211_IF_TYPE_IBSS:
7002 /* clear out the station table */
7003 iwl4965_clear_stations_table(priv);
7005 iwl4965_rxon_add_station(priv, iwl4965_broadcast_addr, 0);
7006 iwl4965_rxon_add_station(priv, priv->bssid, 0);
7007 iwl4965_rate_scale_init(priv->hw, IWL_STA_ID);
7008 iwl4965_send_beacon_cmd(priv);
7013 IWL_ERROR("%s Should not be called in %d mode\n",
7014 __FUNCTION__, priv->iw_mode);
7018 iwl4965_sequence_reset(priv);
7020 #ifdef CONFIG_IWL4965_SENSITIVITY
7021 /* Enable Rx differential gain and sensitivity calibrations */
7022 iwl4965_chain_noise_reset(priv);
7023 priv->start_calib = 1;
7024 #endif /* CONFIG_IWL4965_SENSITIVITY */
7026 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
7027 priv->assoc_station_added = 1;
7029 iwl4965_activate_qos(priv, 0);
7031 /* we have just associated, don't start scan too early */
7032 priv->next_scan_jiffies = jiffies + IWL_DELAY_NEXT_SCAN;
7033 mutex_unlock(&priv->mutex);
7036 static void iwl4965_bg_abort_scan(struct work_struct *work)
7038 struct iwl4965_priv *priv = container_of(work, struct iwl4965_priv, abort_scan);
7040 if (!iwl4965_is_ready(priv))
7043 mutex_lock(&priv->mutex);
7045 set_bit(STATUS_SCAN_ABORTING, &priv->status);
7046 iwl4965_send_scan_abort(priv);
7048 mutex_unlock(&priv->mutex);
7051 static int iwl4965_mac_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf);
7053 static void iwl4965_bg_scan_completed(struct work_struct *work)
7055 struct iwl4965_priv *priv =
7056 container_of(work, struct iwl4965_priv, scan_completed);
7058 IWL_DEBUG(IWL_DL_INFO | IWL_DL_SCAN, "SCAN complete scan\n");
7060 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
7063 if (test_bit(STATUS_CONF_PENDING, &priv->status))
7064 iwl4965_mac_config(priv->hw, ieee80211_get_hw_conf(priv->hw));
7066 ieee80211_scan_completed(priv->hw);
7068 /* Since setting the TXPOWER may have been deferred while
7069 * performing the scan, fire one off */
7070 mutex_lock(&priv->mutex);
7071 iwl4965_hw_reg_send_txpower(priv);
7072 mutex_unlock(&priv->mutex);
7075 /*****************************************************************************
7077 * mac80211 entry point functions
7079 *****************************************************************************/
7081 #define UCODE_READY_TIMEOUT (2 * HZ)
7083 static int iwl4965_mac_start(struct ieee80211_hw *hw)
7085 struct iwl4965_priv *priv = hw->priv;
7088 IWL_DEBUG_MAC80211("enter\n");
7090 if (pci_enable_device(priv->pci_dev)) {
7091 IWL_ERROR("Fail to pci_enable_device\n");
7094 pci_restore_state(priv->pci_dev);
7095 pci_enable_msi(priv->pci_dev);
7097 ret = request_irq(priv->pci_dev->irq, iwl4965_isr, IRQF_SHARED,
7100 IWL_ERROR("Error allocating IRQ %d\n", priv->pci_dev->irq);
7101 goto out_disable_msi;
7104 /* we should be verifying the device is ready to be opened */
7105 mutex_lock(&priv->mutex);
7107 memset(&priv->staging_rxon, 0, sizeof(struct iwl4965_rxon_cmd));
7108 /* fetch ucode file from disk, alloc and copy to bus-master buffers ...
7109 * ucode filename and max sizes are card-specific. */
7111 if (!priv->ucode_code.len) {
7112 ret = iwl4965_read_ucode(priv);
7114 IWL_ERROR("Could not read microcode: %d\n", ret);
7115 mutex_unlock(&priv->mutex);
7116 goto out_release_irq;
7120 ret = __iwl4965_up(priv);
7122 mutex_unlock(&priv->mutex);
7125 goto out_release_irq;
7127 IWL_DEBUG_INFO("Start UP work done.\n");
7129 if (test_bit(STATUS_IN_SUSPEND, &priv->status))
7132 /* Wait for START_ALIVE from ucode. Otherwise callbacks from
7133 * mac80211 will not be run successfully. */
7134 ret = wait_event_interruptible_timeout(priv->wait_command_queue,
7135 test_bit(STATUS_READY, &priv->status),
7136 UCODE_READY_TIMEOUT);
7138 if (!test_bit(STATUS_READY, &priv->status)) {
7139 IWL_ERROR("Wait for START_ALIVE timeout after %dms.\n",
7140 jiffies_to_msecs(UCODE_READY_TIMEOUT));
7142 goto out_release_irq;
7147 IWL_DEBUG_MAC80211("leave\n");
7151 free_irq(priv->pci_dev->irq, priv);
7153 pci_disable_msi(priv->pci_dev);
7154 pci_disable_device(priv->pci_dev);
7156 IWL_DEBUG_MAC80211("leave - failed\n");
7160 static void iwl4965_mac_stop(struct ieee80211_hw *hw)
7162 struct iwl4965_priv *priv = hw->priv;
7164 IWL_DEBUG_MAC80211("enter\n");
7166 if (!priv->is_open) {
7167 IWL_DEBUG_MAC80211("leave - skip\n");
7173 if (iwl4965_is_ready_rf(priv)) {
7174 /* stop mac, cancel any scan request and clear
7175 * RXON_FILTER_ASSOC_MSK BIT
7177 mutex_lock(&priv->mutex);
7178 iwl4965_scan_cancel_timeout(priv, 100);
7179 cancel_delayed_work(&priv->post_associate);
7180 mutex_unlock(&priv->mutex);
7185 flush_workqueue(priv->workqueue);
7186 free_irq(priv->pci_dev->irq, priv);
7187 pci_disable_msi(priv->pci_dev);
7188 pci_save_state(priv->pci_dev);
7189 pci_disable_device(priv->pci_dev);
7191 IWL_DEBUG_MAC80211("leave\n");
7194 static int iwl4965_mac_tx(struct ieee80211_hw *hw, struct sk_buff *skb,
7195 struct ieee80211_tx_control *ctl)
7197 struct iwl4965_priv *priv = hw->priv;
7199 IWL_DEBUG_MAC80211("enter\n");
7201 if (priv->iw_mode == IEEE80211_IF_TYPE_MNTR) {
7202 IWL_DEBUG_MAC80211("leave - monitor\n");
7206 IWL_DEBUG_TX("dev->xmit(%d bytes) at rate 0x%02x\n", skb->len,
7207 ctl->tx_rate->bitrate);
7209 if (iwl4965_tx_skb(priv, skb, ctl))
7210 dev_kfree_skb_any(skb);
7212 IWL_DEBUG_MAC80211("leave\n");
7216 static int iwl4965_mac_add_interface(struct ieee80211_hw *hw,
7217 struct ieee80211_if_init_conf *conf)
7219 struct iwl4965_priv *priv = hw->priv;
7220 unsigned long flags;
7221 DECLARE_MAC_BUF(mac);
7223 IWL_DEBUG_MAC80211("enter: type %d\n", conf->type);
7226 IWL_DEBUG_MAC80211("leave - vif != NULL\n");
7230 spin_lock_irqsave(&priv->lock, flags);
7231 priv->vif = conf->vif;
7233 spin_unlock_irqrestore(&priv->lock, flags);
7235 mutex_lock(&priv->mutex);
7237 if (conf->mac_addr) {
7238 IWL_DEBUG_MAC80211("Set %s\n", print_mac(mac, conf->mac_addr));
7239 memcpy(priv->mac_addr, conf->mac_addr, ETH_ALEN);
7242 if (iwl4965_is_ready(priv))
7243 iwl4965_set_mode(priv, conf->type);
7245 mutex_unlock(&priv->mutex);
7247 IWL_DEBUG_MAC80211("leave\n");
7252 * iwl4965_mac_config - mac80211 config callback
7254 * We ignore conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME since it seems to
7255 * be set inappropriately and the driver currently sets the hardware up to
7256 * use it whenever needed.
7258 static int iwl4965_mac_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf)
7260 struct iwl4965_priv *priv = hw->priv;
7261 const struct iwl4965_channel_info *ch_info;
7262 unsigned long flags;
7265 mutex_lock(&priv->mutex);
7266 IWL_DEBUG_MAC80211("enter to channel %d\n", conf->channel->hw_value);
7268 priv->add_radiotap = !!(conf->flags & IEEE80211_CONF_RADIOTAP);
7270 if (!iwl4965_is_ready(priv)) {
7271 IWL_DEBUG_MAC80211("leave - not ready\n");
7276 if (unlikely(!iwl4965_param_disable_hw_scan &&
7277 test_bit(STATUS_SCANNING, &priv->status))) {
7278 IWL_DEBUG_MAC80211("leave - scanning\n");
7279 set_bit(STATUS_CONF_PENDING, &priv->status);
7280 mutex_unlock(&priv->mutex);
7284 spin_lock_irqsave(&priv->lock, flags);
7286 ch_info = iwl4965_get_channel_info(priv, conf->channel->band,
7287 ieee80211_frequency_to_channel(conf->channel->center_freq));
7288 if (!is_channel_valid(ch_info)) {
7289 IWL_DEBUG_MAC80211("leave - invalid channel\n");
7290 spin_unlock_irqrestore(&priv->lock, flags);
7295 #ifdef CONFIG_IWL4965_HT
7296 /* if we are switching from ht to 2.4 clear flags
7297 * from any ht related info since 2.4 does not
7299 if ((le16_to_cpu(priv->staging_rxon.channel) != conf->channel->hw_value)
7300 #ifdef IEEE80211_CONF_CHANNEL_SWITCH
7301 && !(conf->flags & IEEE80211_CONF_CHANNEL_SWITCH)
7304 priv->staging_rxon.flags = 0;
7305 #endif /* CONFIG_IWL4965_HT */
7307 iwl4965_set_rxon_channel(priv, conf->channel->band,
7308 ieee80211_frequency_to_channel(conf->channel->center_freq));
7310 iwl4965_set_flags_for_phymode(priv, conf->channel->band);
7312 /* The list of supported rates and rate mask can be different
7313 * for each band; since the band may have changed, reset
7314 * the rate mask to what mac80211 lists */
7315 iwl4965_set_rate(priv);
7317 spin_unlock_irqrestore(&priv->lock, flags);
7319 #ifdef IEEE80211_CONF_CHANNEL_SWITCH
7320 if (conf->flags & IEEE80211_CONF_CHANNEL_SWITCH) {
7321 iwl4965_hw_channel_switch(priv, conf->channel);
7326 iwl4965_radio_kill_sw(priv, !conf->radio_enabled);
7328 if (!conf->radio_enabled) {
7329 IWL_DEBUG_MAC80211("leave - radio disabled\n");
7333 if (iwl4965_is_rfkill(priv)) {
7334 IWL_DEBUG_MAC80211("leave - RF kill\n");
7339 iwl4965_set_rate(priv);
7341 if (memcmp(&priv->active_rxon,
7342 &priv->staging_rxon, sizeof(priv->staging_rxon)))
7343 iwl4965_commit_rxon(priv);
7345 IWL_DEBUG_INFO("No re-sending same RXON configuration.\n");
7347 IWL_DEBUG_MAC80211("leave\n");
7350 clear_bit(STATUS_CONF_PENDING, &priv->status);
7351 mutex_unlock(&priv->mutex);
7355 static void iwl4965_config_ap(struct iwl4965_priv *priv)
7359 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
7362 /* The following should be done only at AP bring up */
7363 if ((priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) == 0) {
7365 /* RXON - unassoc (to set timing command) */
7366 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
7367 iwl4965_commit_rxon(priv);
7370 memset(&priv->rxon_timing, 0, sizeof(struct iwl4965_rxon_time_cmd));
7371 iwl4965_setup_rxon_timing(priv);
7372 rc = iwl4965_send_cmd_pdu(priv, REPLY_RXON_TIMING,
7373 sizeof(priv->rxon_timing), &priv->rxon_timing);
7375 IWL_WARNING("REPLY_RXON_TIMING failed - "
7376 "Attempting to continue.\n");
7378 iwl4965_set_rxon_chain(priv);
7380 /* FIXME: what should be the assoc_id for AP? */
7381 priv->staging_rxon.assoc_id = cpu_to_le16(priv->assoc_id);
7382 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
7383 priv->staging_rxon.flags |=
7384 RXON_FLG_SHORT_PREAMBLE_MSK;
7386 priv->staging_rxon.flags &=
7387 ~RXON_FLG_SHORT_PREAMBLE_MSK;
7389 if (priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) {
7390 if (priv->assoc_capability &
7391 WLAN_CAPABILITY_SHORT_SLOT_TIME)
7392 priv->staging_rxon.flags |=
7393 RXON_FLG_SHORT_SLOT_MSK;
7395 priv->staging_rxon.flags &=
7396 ~RXON_FLG_SHORT_SLOT_MSK;
7398 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
7399 priv->staging_rxon.flags &=
7400 ~RXON_FLG_SHORT_SLOT_MSK;
7402 /* restore RXON assoc */
7403 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
7404 iwl4965_commit_rxon(priv);
7405 iwl4965_activate_qos(priv, 1);
7406 iwl4965_rxon_add_station(priv, iwl4965_broadcast_addr, 0);
7408 iwl4965_send_beacon_cmd(priv);
7410 /* FIXME - we need to add code here to detect a totally new
7411 * configuration, reset the AP, unassoc, rxon timing, assoc,
7412 * clear sta table, add BCAST sta... */
7415 static int iwl4965_mac_config_interface(struct ieee80211_hw *hw,
7416 struct ieee80211_vif *vif,
7417 struct ieee80211_if_conf *conf)
7419 struct iwl4965_priv *priv = hw->priv;
7420 DECLARE_MAC_BUF(mac);
7421 unsigned long flags;
7427 if ((priv->iw_mode == IEEE80211_IF_TYPE_AP) &&
7428 (!conf->beacon || !conf->ssid_len)) {
7430 ("Leaving in AP mode because HostAPD is not ready.\n");
7434 if (!iwl4965_is_alive(priv))
7437 mutex_lock(&priv->mutex);
7440 IWL_DEBUG_MAC80211("bssid: %s\n",
7441 print_mac(mac, conf->bssid));
7444 * very dubious code was here; the probe filtering flag is never set:
7446 if (unlikely(test_bit(STATUS_SCANNING, &priv->status)) &&
7447 !(priv->hw->flags & IEEE80211_HW_NO_PROBE_FILTERING)) {
7449 if (unlikely(test_bit(STATUS_SCANNING, &priv->status))) {
7450 IWL_DEBUG_MAC80211("leave - scanning\n");
7451 mutex_unlock(&priv->mutex);
7455 if (priv->vif != vif) {
7456 IWL_DEBUG_MAC80211("leave - priv->vif != vif\n");
7457 mutex_unlock(&priv->mutex);
7461 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
7463 conf->bssid = priv->mac_addr;
7464 memcpy(priv->bssid, priv->mac_addr, ETH_ALEN);
7465 IWL_DEBUG_MAC80211("bssid was set to: %s\n",
7466 print_mac(mac, conf->bssid));
7468 if (priv->ibss_beacon)
7469 dev_kfree_skb(priv->ibss_beacon);
7471 priv->ibss_beacon = conf->beacon;
7474 if (iwl4965_is_rfkill(priv))
7477 if (conf->bssid && !is_zero_ether_addr(conf->bssid) &&
7478 !is_multicast_ether_addr(conf->bssid)) {
7479 /* If there is currently a HW scan going on in the background
7480 * then we need to cancel it else the RXON below will fail. */
7481 if (iwl4965_scan_cancel_timeout(priv, 100)) {
7482 IWL_WARNING("Aborted scan still in progress "
7484 IWL_DEBUG_MAC80211("leaving - scan abort failed.\n");
7485 mutex_unlock(&priv->mutex);
7488 memcpy(priv->staging_rxon.bssid_addr, conf->bssid, ETH_ALEN);
7490 /* TODO: Audit driver for usage of these members and see
7491 * if mac80211 deprecates them (priv->bssid looks like it
7492 * shouldn't be there, but I haven't scanned the IBSS code
7493 * to verify) - jpk */
7494 memcpy(priv->bssid, conf->bssid, ETH_ALEN);
7496 if (priv->iw_mode == IEEE80211_IF_TYPE_AP)
7497 iwl4965_config_ap(priv);
7499 rc = iwl4965_commit_rxon(priv);
7500 if ((priv->iw_mode == IEEE80211_IF_TYPE_STA) && rc)
7501 iwl4965_rxon_add_station(
7502 priv, priv->active_rxon.bssid_addr, 1);
7506 iwl4965_scan_cancel_timeout(priv, 100);
7507 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
7508 iwl4965_commit_rxon(priv);
7512 spin_lock_irqsave(&priv->lock, flags);
7513 if (!conf->ssid_len)
7514 memset(priv->essid, 0, IW_ESSID_MAX_SIZE);
7516 memcpy(priv->essid, conf->ssid, conf->ssid_len);
7518 priv->essid_len = conf->ssid_len;
7519 spin_unlock_irqrestore(&priv->lock, flags);
7521 IWL_DEBUG_MAC80211("leave\n");
7522 mutex_unlock(&priv->mutex);
7527 static void iwl4965_configure_filter(struct ieee80211_hw *hw,
7528 unsigned int changed_flags,
7529 unsigned int *total_flags,
7530 int mc_count, struct dev_addr_list *mc_list)
7534 * see also iwl4965_connection_init_rx_config
7539 static void iwl4965_mac_remove_interface(struct ieee80211_hw *hw,
7540 struct ieee80211_if_init_conf *conf)
7542 struct iwl4965_priv *priv = hw->priv;
7544 IWL_DEBUG_MAC80211("enter\n");
7546 mutex_lock(&priv->mutex);
7548 if (iwl4965_is_ready_rf(priv)) {
7549 iwl4965_scan_cancel_timeout(priv, 100);
7550 cancel_delayed_work(&priv->post_associate);
7551 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
7552 iwl4965_commit_rxon(priv);
7554 if (priv->vif == conf->vif) {
7556 memset(priv->bssid, 0, ETH_ALEN);
7557 memset(priv->essid, 0, IW_ESSID_MAX_SIZE);
7558 priv->essid_len = 0;
7560 mutex_unlock(&priv->mutex);
7562 IWL_DEBUG_MAC80211("leave\n");
7566 static void iwl4965_bss_info_changed(struct ieee80211_hw *hw,
7567 struct ieee80211_vif *vif,
7568 struct ieee80211_bss_conf *bss_conf,
7571 struct iwl4965_priv *priv = hw->priv;
7573 if (changes & BSS_CHANGED_ERP_PREAMBLE) {
7574 if (bss_conf->use_short_preamble)
7575 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
7577 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
7580 if (changes & BSS_CHANGED_ERP_CTS_PROT) {
7581 if (bss_conf->use_cts_prot && (priv->band != IEEE80211_BAND_5GHZ))
7582 priv->staging_rxon.flags |= RXON_FLG_TGG_PROTECT_MSK;
7584 priv->staging_rxon.flags &= ~RXON_FLG_TGG_PROTECT_MSK;
7587 if (changes & BSS_CHANGED_ASSOC) {
7590 * do stuff instead of sniffing assoc resp
7594 if (iwl4965_is_associated(priv))
7595 iwl4965_send_rxon_assoc(priv);
7598 static int iwl4965_mac_hw_scan(struct ieee80211_hw *hw, u8 *ssid, size_t len)
7601 unsigned long flags;
7602 struct iwl4965_priv *priv = hw->priv;
7604 IWL_DEBUG_MAC80211("enter\n");
7606 mutex_lock(&priv->mutex);
7607 spin_lock_irqsave(&priv->lock, flags);
7609 if (!iwl4965_is_ready_rf(priv)) {
7611 IWL_DEBUG_MAC80211("leave - not ready or exit pending\n");
7615 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) { /* APs don't scan */
7617 IWL_ERROR("ERROR: APs don't scan\n");
7621 /* we don't schedule scan within next_scan_jiffies period */
7622 if (priv->next_scan_jiffies &&
7623 time_after(priv->next_scan_jiffies, jiffies)) {
7627 /* if we just finished scan ask for delay */
7628 if (priv->last_scan_jiffies && time_after(priv->last_scan_jiffies +
7629 IWL_DELAY_NEXT_SCAN, jiffies)) {
7634 IWL_DEBUG_SCAN("direct scan for %s [%d]\n ",
7635 iwl4965_escape_essid(ssid, len), (int)len);
7637 priv->one_direct_scan = 1;
7638 priv->direct_ssid_len = (u8)
7639 min((u8) len, (u8) IW_ESSID_MAX_SIZE);
7640 memcpy(priv->direct_ssid, ssid, priv->direct_ssid_len);
7642 priv->one_direct_scan = 0;
7644 rc = iwl4965_scan_initiate(priv);
7646 IWL_DEBUG_MAC80211("leave\n");
7649 spin_unlock_irqrestore(&priv->lock, flags);
7650 mutex_unlock(&priv->mutex);
7655 static int iwl4965_mac_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
7656 const u8 *local_addr, const u8 *addr,
7657 struct ieee80211_key_conf *key)
7659 struct iwl4965_priv *priv = hw->priv;
7660 DECLARE_MAC_BUF(mac);
7664 IWL_DEBUG_MAC80211("enter\n");
7666 if (!iwl4965_param_hwcrypto) {
7667 IWL_DEBUG_MAC80211("leave - hwcrypto disabled\n");
7671 if (is_zero_ether_addr(addr))
7672 /* only support pairwise keys */
7675 sta_id = iwl4965_hw_find_station(priv, addr);
7676 if (sta_id == IWL_INVALID_STATION) {
7677 IWL_DEBUG_MAC80211("leave - %s not in station map.\n",
7678 print_mac(mac, addr));
7682 mutex_lock(&priv->mutex);
7684 iwl4965_scan_cancel_timeout(priv, 100);
7688 rc = iwl4965_update_sta_key_info(priv, key, sta_id);
7690 iwl4965_set_rxon_hwcrypto(priv, 1);
7691 iwl4965_commit_rxon(priv);
7692 key->hw_key_idx = sta_id;
7693 IWL_DEBUG_MAC80211("set_key success, using hwcrypto\n");
7694 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
7698 rc = iwl4965_clear_sta_key_info(priv, sta_id);
7700 iwl4965_set_rxon_hwcrypto(priv, 0);
7701 iwl4965_commit_rxon(priv);
7702 IWL_DEBUG_MAC80211("disable hwcrypto key\n");
7709 IWL_DEBUG_MAC80211("leave\n");
7710 mutex_unlock(&priv->mutex);
7715 static int iwl4965_mac_conf_tx(struct ieee80211_hw *hw, int queue,
7716 const struct ieee80211_tx_queue_params *params)
7718 struct iwl4965_priv *priv = hw->priv;
7719 unsigned long flags;
7722 IWL_DEBUG_MAC80211("enter\n");
7724 if (!iwl4965_is_ready_rf(priv)) {
7725 IWL_DEBUG_MAC80211("leave - RF not ready\n");
7729 if (queue >= AC_NUM) {
7730 IWL_DEBUG_MAC80211("leave - queue >= AC_NUM %d\n", queue);
7734 if (!priv->qos_data.qos_enable) {
7735 priv->qos_data.qos_active = 0;
7736 IWL_DEBUG_MAC80211("leave - qos not enabled\n");
7739 q = AC_NUM - 1 - queue;
7741 spin_lock_irqsave(&priv->lock, flags);
7743 priv->qos_data.def_qos_parm.ac[q].cw_min = cpu_to_le16(params->cw_min);
7744 priv->qos_data.def_qos_parm.ac[q].cw_max = cpu_to_le16(params->cw_max);
7745 priv->qos_data.def_qos_parm.ac[q].aifsn = params->aifs;
7746 priv->qos_data.def_qos_parm.ac[q].edca_txop =
7747 cpu_to_le16((params->txop * 32));
7749 priv->qos_data.def_qos_parm.ac[q].reserved1 = 0;
7750 priv->qos_data.qos_active = 1;
7752 spin_unlock_irqrestore(&priv->lock, flags);
7754 mutex_lock(&priv->mutex);
7755 if (priv->iw_mode == IEEE80211_IF_TYPE_AP)
7756 iwl4965_activate_qos(priv, 1);
7757 else if (priv->assoc_id && iwl4965_is_associated(priv))
7758 iwl4965_activate_qos(priv, 0);
7760 mutex_unlock(&priv->mutex);
7762 IWL_DEBUG_MAC80211("leave\n");
7766 static int iwl4965_mac_get_tx_stats(struct ieee80211_hw *hw,
7767 struct ieee80211_tx_queue_stats *stats)
7769 struct iwl4965_priv *priv = hw->priv;
7771 struct iwl4965_tx_queue *txq;
7772 struct iwl4965_queue *q;
7773 unsigned long flags;
7775 IWL_DEBUG_MAC80211("enter\n");
7777 if (!iwl4965_is_ready_rf(priv)) {
7778 IWL_DEBUG_MAC80211("leave - RF not ready\n");
7782 spin_lock_irqsave(&priv->lock, flags);
7784 for (i = 0; i < AC_NUM; i++) {
7785 txq = &priv->txq[i];
7787 avail = iwl4965_queue_space(q);
7789 stats->data[i].len = q->n_window - avail;
7790 stats->data[i].limit = q->n_window - q->high_mark;
7791 stats->data[i].count = q->n_window;
7794 spin_unlock_irqrestore(&priv->lock, flags);
7796 IWL_DEBUG_MAC80211("leave\n");
7801 static int iwl4965_mac_get_stats(struct ieee80211_hw *hw,
7802 struct ieee80211_low_level_stats *stats)
7804 IWL_DEBUG_MAC80211("enter\n");
7805 IWL_DEBUG_MAC80211("leave\n");
7810 static u64 iwl4965_mac_get_tsf(struct ieee80211_hw *hw)
7812 IWL_DEBUG_MAC80211("enter\n");
7813 IWL_DEBUG_MAC80211("leave\n");
7818 static void iwl4965_mac_reset_tsf(struct ieee80211_hw *hw)
7820 struct iwl4965_priv *priv = hw->priv;
7821 unsigned long flags;
7823 mutex_lock(&priv->mutex);
7824 IWL_DEBUG_MAC80211("enter\n");
7826 priv->lq_mngr.lq_ready = 0;
7827 #ifdef CONFIG_IWL4965_HT
7828 spin_lock_irqsave(&priv->lock, flags);
7829 memset(&priv->current_ht_config, 0, sizeof(struct iwl_ht_info));
7830 spin_unlock_irqrestore(&priv->lock, flags);
7831 #endif /* CONFIG_IWL4965_HT */
7833 iwl4965_reset_qos(priv);
7835 cancel_delayed_work(&priv->post_associate);
7837 spin_lock_irqsave(&priv->lock, flags);
7839 priv->assoc_capability = 0;
7840 priv->call_post_assoc_from_beacon = 0;
7841 priv->assoc_station_added = 0;
7843 /* new association get rid of ibss beacon skb */
7844 if (priv->ibss_beacon)
7845 dev_kfree_skb(priv->ibss_beacon);
7847 priv->ibss_beacon = NULL;
7849 priv->beacon_int = priv->hw->conf.beacon_int;
7850 priv->timestamp1 = 0;
7851 priv->timestamp0 = 0;
7852 if ((priv->iw_mode == IEEE80211_IF_TYPE_STA))
7853 priv->beacon_int = 0;
7855 spin_unlock_irqrestore(&priv->lock, flags);
7857 if (!iwl4965_is_ready_rf(priv)) {
7858 IWL_DEBUG_MAC80211("leave - not ready\n");
7859 mutex_unlock(&priv->mutex);
7863 /* we are restarting association process
7864 * clear RXON_FILTER_ASSOC_MSK bit
7866 if (priv->iw_mode != IEEE80211_IF_TYPE_AP) {
7867 iwl4965_scan_cancel_timeout(priv, 100);
7868 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
7869 iwl4965_commit_rxon(priv);
7872 /* Per mac80211.h: This is only used in IBSS mode... */
7873 if (priv->iw_mode != IEEE80211_IF_TYPE_IBSS) {
7875 IWL_DEBUG_MAC80211("leave - not in IBSS\n");
7876 mutex_unlock(&priv->mutex);
7880 priv->only_active_channel = 0;
7882 iwl4965_set_rate(priv);
7884 mutex_unlock(&priv->mutex);
7886 IWL_DEBUG_MAC80211("leave\n");
7889 static int iwl4965_mac_beacon_update(struct ieee80211_hw *hw, struct sk_buff *skb,
7890 struct ieee80211_tx_control *control)
7892 struct iwl4965_priv *priv = hw->priv;
7893 unsigned long flags;
7895 mutex_lock(&priv->mutex);
7896 IWL_DEBUG_MAC80211("enter\n");
7898 if (!iwl4965_is_ready_rf(priv)) {
7899 IWL_DEBUG_MAC80211("leave - RF not ready\n");
7900 mutex_unlock(&priv->mutex);
7904 if (priv->iw_mode != IEEE80211_IF_TYPE_IBSS) {
7905 IWL_DEBUG_MAC80211("leave - not IBSS\n");
7906 mutex_unlock(&priv->mutex);
7910 spin_lock_irqsave(&priv->lock, flags);
7912 if (priv->ibss_beacon)
7913 dev_kfree_skb(priv->ibss_beacon);
7915 priv->ibss_beacon = skb;
7919 IWL_DEBUG_MAC80211("leave\n");
7920 spin_unlock_irqrestore(&priv->lock, flags);
7922 iwl4965_reset_qos(priv);
7924 queue_work(priv->workqueue, &priv->post_associate.work);
7926 mutex_unlock(&priv->mutex);
7931 #ifdef CONFIG_IWL4965_HT
7933 static void iwl4965_ht_info_fill(struct ieee80211_conf *conf,
7934 struct iwl4965_priv *priv)
7936 struct iwl_ht_info *iwl_conf = &priv->current_ht_config;
7937 struct ieee80211_ht_info *ht_conf = &conf->ht_conf;
7938 struct ieee80211_ht_bss_info *ht_bss_conf = &conf->ht_bss_conf;
7940 IWL_DEBUG_MAC80211("enter: \n");
7942 if (!(conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE)) {
7943 iwl_conf->is_ht = 0;
7947 iwl_conf->is_ht = 1;
7948 priv->ps_mode = (u8)((ht_conf->cap & IEEE80211_HT_CAP_MIMO_PS) >> 2);
7950 if (ht_conf->cap & IEEE80211_HT_CAP_SGI_20)
7951 iwl_conf->sgf |= 0x1;
7952 if (ht_conf->cap & IEEE80211_HT_CAP_SGI_40)
7953 iwl_conf->sgf |= 0x2;
7955 iwl_conf->is_green_field = !!(ht_conf->cap & IEEE80211_HT_CAP_GRN_FLD);
7956 iwl_conf->max_amsdu_size =
7957 !!(ht_conf->cap & IEEE80211_HT_CAP_MAX_AMSDU);
7959 iwl_conf->supported_chan_width =
7960 !!(ht_conf->cap & IEEE80211_HT_CAP_SUP_WIDTH);
7961 iwl_conf->extension_chan_offset =
7962 ht_bss_conf->bss_cap & IEEE80211_HT_IE_CHA_SEC_OFFSET;
7963 /* If no above or below channel supplied disable FAT channel */
7964 if (iwl_conf->extension_chan_offset != IWL_EXT_CHANNEL_OFFSET_ABOVE &&
7965 iwl_conf->extension_chan_offset != IWL_EXT_CHANNEL_OFFSET_BELOW)
7966 iwl_conf->supported_chan_width = 0;
7968 iwl_conf->tx_mimo_ps_mode =
7969 (u8)((ht_conf->cap & IEEE80211_HT_CAP_MIMO_PS) >> 2);
7970 memcpy(iwl_conf->supp_mcs_set, ht_conf->supp_mcs_set, 16);
7972 iwl_conf->control_channel = ht_bss_conf->primary_channel;
7973 iwl_conf->tx_chan_width =
7974 !!(ht_bss_conf->bss_cap & IEEE80211_HT_IE_CHA_WIDTH);
7975 iwl_conf->ht_protection =
7976 ht_bss_conf->bss_op_mode & IEEE80211_HT_IE_HT_PROTECTION;
7977 iwl_conf->non_GF_STA_present =
7978 !!(ht_bss_conf->bss_op_mode & IEEE80211_HT_IE_NON_GF_STA_PRSNT);
7980 IWL_DEBUG_MAC80211("control channel %d\n",
7981 iwl_conf->control_channel);
7982 IWL_DEBUG_MAC80211("leave\n");
7985 static int iwl4965_mac_conf_ht(struct ieee80211_hw *hw,
7986 struct ieee80211_conf *conf)
7988 struct iwl4965_priv *priv = hw->priv;
7990 IWL_DEBUG_MAC80211("enter: \n");
7992 iwl4965_ht_info_fill(conf, priv);
7993 iwl4965_set_rxon_chain(priv);
7995 if (priv && priv->assoc_id &&
7996 (priv->iw_mode == IEEE80211_IF_TYPE_STA)) {
7997 unsigned long flags;
7999 spin_lock_irqsave(&priv->lock, flags);
8000 if (priv->beacon_int)
8001 queue_work(priv->workqueue, &priv->post_associate.work);
8003 priv->call_post_assoc_from_beacon = 1;
8004 spin_unlock_irqrestore(&priv->lock, flags);
8007 IWL_DEBUG_MAC80211("leave:\n");
8011 #endif /*CONFIG_IWL4965_HT*/
8013 /*****************************************************************************
8017 *****************************************************************************/
8019 #ifdef CONFIG_IWL4965_DEBUG
8022 * The following adds a new attribute to the sysfs representation
8023 * of this device driver (i.e. a new file in /sys/bus/pci/drivers/iwl/)
8024 * used for controlling the debug level.
8026 * See the level definitions in iwl for details.
8029 static ssize_t show_debug_level(struct device_driver *d, char *buf)
8031 return sprintf(buf, "0x%08X\n", iwl4965_debug_level);
8033 static ssize_t store_debug_level(struct device_driver *d,
8034 const char *buf, size_t count)
8036 char *p = (char *)buf;
8039 val = simple_strtoul(p, &p, 0);
8041 printk(KERN_INFO DRV_NAME
8042 ": %s is not in hex or decimal form.\n", buf);
8044 iwl4965_debug_level = val;
8046 return strnlen(buf, count);
8049 static DRIVER_ATTR(debug_level, S_IWUSR | S_IRUGO,
8050 show_debug_level, store_debug_level);
8052 #endif /* CONFIG_IWL4965_DEBUG */
8054 static ssize_t show_rf_kill(struct device *d,
8055 struct device_attribute *attr, char *buf)
8058 * 0 - RF kill not enabled
8059 * 1 - SW based RF kill active (sysfs)
8060 * 2 - HW based RF kill active
8061 * 3 - Both HW and SW based RF kill active
8063 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8064 int val = (test_bit(STATUS_RF_KILL_SW, &priv->status) ? 0x1 : 0x0) |
8065 (test_bit(STATUS_RF_KILL_HW, &priv->status) ? 0x2 : 0x0);
8067 return sprintf(buf, "%i\n", val);
8070 static ssize_t store_rf_kill(struct device *d,
8071 struct device_attribute *attr,
8072 const char *buf, size_t count)
8074 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8076 mutex_lock(&priv->mutex);
8077 iwl4965_radio_kill_sw(priv, buf[0] == '1');
8078 mutex_unlock(&priv->mutex);
8083 static DEVICE_ATTR(rf_kill, S_IWUSR | S_IRUGO, show_rf_kill, store_rf_kill);
8085 static ssize_t show_temperature(struct device *d,
8086 struct device_attribute *attr, char *buf)
8088 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8090 if (!iwl4965_is_alive(priv))
8093 return sprintf(buf, "%d\n", iwl4965_hw_get_temperature(priv));
8096 static DEVICE_ATTR(temperature, S_IRUGO, show_temperature, NULL);
8098 static ssize_t show_rs_window(struct device *d,
8099 struct device_attribute *attr,
8102 struct iwl4965_priv *priv = d->driver_data;
8103 return iwl4965_fill_rs_info(priv->hw, buf, IWL_AP_ID);
8105 static DEVICE_ATTR(rs_window, S_IRUGO, show_rs_window, NULL);
8107 static ssize_t show_tx_power(struct device *d,
8108 struct device_attribute *attr, char *buf)
8110 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8111 return sprintf(buf, "%d\n", priv->user_txpower_limit);
8114 static ssize_t store_tx_power(struct device *d,
8115 struct device_attribute *attr,
8116 const char *buf, size_t count)
8118 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8119 char *p = (char *)buf;
8122 val = simple_strtoul(p, &p, 10);
8124 printk(KERN_INFO DRV_NAME
8125 ": %s is not in decimal form.\n", buf);
8127 iwl4965_hw_reg_set_txpower(priv, val);
8132 static DEVICE_ATTR(tx_power, S_IWUSR | S_IRUGO, show_tx_power, store_tx_power);
8134 static ssize_t show_flags(struct device *d,
8135 struct device_attribute *attr, char *buf)
8137 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8139 return sprintf(buf, "0x%04X\n", priv->active_rxon.flags);
8142 static ssize_t store_flags(struct device *d,
8143 struct device_attribute *attr,
8144 const char *buf, size_t count)
8146 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8147 u32 flags = simple_strtoul(buf, NULL, 0);
8149 mutex_lock(&priv->mutex);
8150 if (le32_to_cpu(priv->staging_rxon.flags) != flags) {
8151 /* Cancel any currently running scans... */
8152 if (iwl4965_scan_cancel_timeout(priv, 100))
8153 IWL_WARNING("Could not cancel scan.\n");
8155 IWL_DEBUG_INFO("Committing rxon.flags = 0x%04X\n",
8157 priv->staging_rxon.flags = cpu_to_le32(flags);
8158 iwl4965_commit_rxon(priv);
8161 mutex_unlock(&priv->mutex);
8166 static DEVICE_ATTR(flags, S_IWUSR | S_IRUGO, show_flags, store_flags);
8168 static ssize_t show_filter_flags(struct device *d,
8169 struct device_attribute *attr, char *buf)
8171 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8173 return sprintf(buf, "0x%04X\n",
8174 le32_to_cpu(priv->active_rxon.filter_flags));
8177 static ssize_t store_filter_flags(struct device *d,
8178 struct device_attribute *attr,
8179 const char *buf, size_t count)
8181 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8182 u32 filter_flags = simple_strtoul(buf, NULL, 0);
8184 mutex_lock(&priv->mutex);
8185 if (le32_to_cpu(priv->staging_rxon.filter_flags) != filter_flags) {
8186 /* Cancel any currently running scans... */
8187 if (iwl4965_scan_cancel_timeout(priv, 100))
8188 IWL_WARNING("Could not cancel scan.\n");
8190 IWL_DEBUG_INFO("Committing rxon.filter_flags = "
8191 "0x%04X\n", filter_flags);
8192 priv->staging_rxon.filter_flags =
8193 cpu_to_le32(filter_flags);
8194 iwl4965_commit_rxon(priv);
8197 mutex_unlock(&priv->mutex);
8202 static DEVICE_ATTR(filter_flags, S_IWUSR | S_IRUGO, show_filter_flags,
8203 store_filter_flags);
8205 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
8207 static ssize_t show_measurement(struct device *d,
8208 struct device_attribute *attr, char *buf)
8210 struct iwl4965_priv *priv = dev_get_drvdata(d);
8211 struct iwl4965_spectrum_notification measure_report;
8212 u32 size = sizeof(measure_report), len = 0, ofs = 0;
8213 u8 *data = (u8 *) & measure_report;
8214 unsigned long flags;
8216 spin_lock_irqsave(&priv->lock, flags);
8217 if (!(priv->measurement_status & MEASUREMENT_READY)) {
8218 spin_unlock_irqrestore(&priv->lock, flags);
8221 memcpy(&measure_report, &priv->measure_report, size);
8222 priv->measurement_status = 0;
8223 spin_unlock_irqrestore(&priv->lock, flags);
8225 while (size && (PAGE_SIZE - len)) {
8226 hex_dump_to_buffer(data + ofs, size, 16, 1, buf + len,
8227 PAGE_SIZE - len, 1);
8229 if (PAGE_SIZE - len)
8233 size -= min(size, 16U);
8239 static ssize_t store_measurement(struct device *d,
8240 struct device_attribute *attr,
8241 const char *buf, size_t count)
8243 struct iwl4965_priv *priv = dev_get_drvdata(d);
8244 struct ieee80211_measurement_params params = {
8245 .channel = le16_to_cpu(priv->active_rxon.channel),
8246 .start_time = cpu_to_le64(priv->last_tsf),
8247 .duration = cpu_to_le16(1),
8249 u8 type = IWL_MEASURE_BASIC;
8255 strncpy(buffer, buf, min(sizeof(buffer), count));
8256 channel = simple_strtoul(p, NULL, 0);
8258 params.channel = channel;
8261 while (*p && *p != ' ')
8264 type = simple_strtoul(p + 1, NULL, 0);
8267 IWL_DEBUG_INFO("Invoking measurement of type %d on "
8268 "channel %d (for '%s')\n", type, params.channel, buf);
8269 iwl4965_get_measurement(priv, ¶ms, type);
8274 static DEVICE_ATTR(measurement, S_IRUSR | S_IWUSR,
8275 show_measurement, store_measurement);
8276 #endif /* CONFIG_IWL4965_SPECTRUM_MEASUREMENT */
8278 static ssize_t store_retry_rate(struct device *d,
8279 struct device_attribute *attr,
8280 const char *buf, size_t count)
8282 struct iwl4965_priv *priv = dev_get_drvdata(d);
8284 priv->retry_rate = simple_strtoul(buf, NULL, 0);
8285 if (priv->retry_rate <= 0)
8286 priv->retry_rate = 1;
8291 static ssize_t show_retry_rate(struct device *d,
8292 struct device_attribute *attr, char *buf)
8294 struct iwl4965_priv *priv = dev_get_drvdata(d);
8295 return sprintf(buf, "%d", priv->retry_rate);
8298 static DEVICE_ATTR(retry_rate, S_IWUSR | S_IRUSR, show_retry_rate,
8301 static ssize_t store_power_level(struct device *d,
8302 struct device_attribute *attr,
8303 const char *buf, size_t count)
8305 struct iwl4965_priv *priv = dev_get_drvdata(d);
8309 mode = simple_strtoul(buf, NULL, 0);
8310 mutex_lock(&priv->mutex);
8312 if (!iwl4965_is_ready(priv)) {
8317 if ((mode < 1) || (mode > IWL_POWER_LIMIT) || (mode == IWL_POWER_AC))
8318 mode = IWL_POWER_AC;
8320 mode |= IWL_POWER_ENABLED;
8322 if (mode != priv->power_mode) {
8323 rc = iwl4965_send_power_mode(priv, IWL_POWER_LEVEL(mode));
8325 IWL_DEBUG_MAC80211("failed setting power mode.\n");
8328 priv->power_mode = mode;
8334 mutex_unlock(&priv->mutex);
8338 #define MAX_WX_STRING 80
8340 /* Values are in microsecond */
8341 static const s32 timeout_duration[] = {
8348 static const s32 period_duration[] = {
8356 static ssize_t show_power_level(struct device *d,
8357 struct device_attribute *attr, char *buf)
8359 struct iwl4965_priv *priv = dev_get_drvdata(d);
8360 int level = IWL_POWER_LEVEL(priv->power_mode);
8363 p += sprintf(p, "%d ", level);
8365 case IWL_POWER_MODE_CAM:
8367 p += sprintf(p, "(AC)");
8369 case IWL_POWER_BATTERY:
8370 p += sprintf(p, "(BATTERY)");
8374 "(Timeout %dms, Period %dms)",
8375 timeout_duration[level - 1] / 1000,
8376 period_duration[level - 1] / 1000);
8379 if (!(priv->power_mode & IWL_POWER_ENABLED))
8380 p += sprintf(p, " OFF\n");
8382 p += sprintf(p, " \n");
8384 return (p - buf + 1);
8388 static DEVICE_ATTR(power_level, S_IWUSR | S_IRUSR, show_power_level,
8391 static ssize_t show_channels(struct device *d,
8392 struct device_attribute *attr, char *buf)
8394 /* all this shit doesn't belong into sysfs anyway */
8398 static DEVICE_ATTR(channels, S_IRUSR, show_channels, NULL);
8400 static ssize_t show_statistics(struct device *d,
8401 struct device_attribute *attr, char *buf)
8403 struct iwl4965_priv *priv = dev_get_drvdata(d);
8404 u32 size = sizeof(struct iwl4965_notif_statistics);
8405 u32 len = 0, ofs = 0;
8406 u8 *data = (u8 *) & priv->statistics;
8409 if (!iwl4965_is_alive(priv))
8412 mutex_lock(&priv->mutex);
8413 rc = iwl4965_send_statistics_request(priv);
8414 mutex_unlock(&priv->mutex);
8418 "Error sending statistics request: 0x%08X\n", rc);
8422 while (size && (PAGE_SIZE - len)) {
8423 hex_dump_to_buffer(data + ofs, size, 16, 1, buf + len,
8424 PAGE_SIZE - len, 1);
8426 if (PAGE_SIZE - len)
8430 size -= min(size, 16U);
8436 static DEVICE_ATTR(statistics, S_IRUGO, show_statistics, NULL);
8438 static ssize_t show_antenna(struct device *d,
8439 struct device_attribute *attr, char *buf)
8441 struct iwl4965_priv *priv = dev_get_drvdata(d);
8443 if (!iwl4965_is_alive(priv))
8446 return sprintf(buf, "%d\n", priv->antenna);
8449 static ssize_t store_antenna(struct device *d,
8450 struct device_attribute *attr,
8451 const char *buf, size_t count)
8454 struct iwl4965_priv *priv = dev_get_drvdata(d);
8459 if (sscanf(buf, "%1i", &ant) != 1) {
8460 IWL_DEBUG_INFO("not in hex or decimal form.\n");
8464 if ((ant >= 0) && (ant <= 2)) {
8465 IWL_DEBUG_INFO("Setting antenna select to %d.\n", ant);
8466 priv->antenna = (enum iwl4965_antenna)ant;
8468 IWL_DEBUG_INFO("Bad antenna select value %d.\n", ant);
8474 static DEVICE_ATTR(antenna, S_IWUSR | S_IRUGO, show_antenna, store_antenna);
8476 static ssize_t show_status(struct device *d,
8477 struct device_attribute *attr, char *buf)
8479 struct iwl4965_priv *priv = (struct iwl4965_priv *)d->driver_data;
8480 if (!iwl4965_is_alive(priv))
8482 return sprintf(buf, "0x%08x\n", (int)priv->status);
8485 static DEVICE_ATTR(status, S_IRUGO, show_status, NULL);
8487 static ssize_t dump_error_log(struct device *d,
8488 struct device_attribute *attr,
8489 const char *buf, size_t count)
8491 char *p = (char *)buf;
8494 iwl4965_dump_nic_error_log((struct iwl4965_priv *)d->driver_data);
8496 return strnlen(buf, count);
8499 static DEVICE_ATTR(dump_errors, S_IWUSR, NULL, dump_error_log);
8501 static ssize_t dump_event_log(struct device *d,
8502 struct device_attribute *attr,
8503 const char *buf, size_t count)
8505 char *p = (char *)buf;
8508 iwl4965_dump_nic_event_log((struct iwl4965_priv *)d->driver_data);
8510 return strnlen(buf, count);
8513 static DEVICE_ATTR(dump_events, S_IWUSR, NULL, dump_event_log);
8515 /*****************************************************************************
8517 * driver setup and teardown
8519 *****************************************************************************/
8521 static void iwl4965_setup_deferred_work(struct iwl4965_priv *priv)
8523 priv->workqueue = create_workqueue(DRV_NAME);
8525 init_waitqueue_head(&priv->wait_command_queue);
8527 INIT_WORK(&priv->up, iwl4965_bg_up);
8528 INIT_WORK(&priv->restart, iwl4965_bg_restart);
8529 INIT_WORK(&priv->rx_replenish, iwl4965_bg_rx_replenish);
8530 INIT_WORK(&priv->scan_completed, iwl4965_bg_scan_completed);
8531 INIT_WORK(&priv->request_scan, iwl4965_bg_request_scan);
8532 INIT_WORK(&priv->abort_scan, iwl4965_bg_abort_scan);
8533 INIT_WORK(&priv->rf_kill, iwl4965_bg_rf_kill);
8534 INIT_WORK(&priv->beacon_update, iwl4965_bg_beacon_update);
8535 INIT_DELAYED_WORK(&priv->post_associate, iwl4965_bg_post_associate);
8536 INIT_DELAYED_WORK(&priv->init_alive_start, iwl4965_bg_init_alive_start);
8537 INIT_DELAYED_WORK(&priv->alive_start, iwl4965_bg_alive_start);
8538 INIT_DELAYED_WORK(&priv->scan_check, iwl4965_bg_scan_check);
8540 iwl4965_hw_setup_deferred_work(priv);
8542 tasklet_init(&priv->irq_tasklet, (void (*)(unsigned long))
8543 iwl4965_irq_tasklet, (unsigned long)priv);
8546 static void iwl4965_cancel_deferred_work(struct iwl4965_priv *priv)
8548 iwl4965_hw_cancel_deferred_work(priv);
8550 cancel_delayed_work_sync(&priv->init_alive_start);
8551 cancel_delayed_work(&priv->scan_check);
8552 cancel_delayed_work(&priv->alive_start);
8553 cancel_delayed_work(&priv->post_associate);
8554 cancel_work_sync(&priv->beacon_update);
8557 static struct attribute *iwl4965_sysfs_entries[] = {
8558 &dev_attr_antenna.attr,
8559 &dev_attr_channels.attr,
8560 &dev_attr_dump_errors.attr,
8561 &dev_attr_dump_events.attr,
8562 &dev_attr_flags.attr,
8563 &dev_attr_filter_flags.attr,
8564 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
8565 &dev_attr_measurement.attr,
8567 &dev_attr_power_level.attr,
8568 &dev_attr_retry_rate.attr,
8569 &dev_attr_rf_kill.attr,
8570 &dev_attr_rs_window.attr,
8571 &dev_attr_statistics.attr,
8572 &dev_attr_status.attr,
8573 &dev_attr_temperature.attr,
8574 &dev_attr_tx_power.attr,
8579 static struct attribute_group iwl4965_attribute_group = {
8580 .name = NULL, /* put in device directory */
8581 .attrs = iwl4965_sysfs_entries,
8584 static struct ieee80211_ops iwl4965_hw_ops = {
8585 .tx = iwl4965_mac_tx,
8586 .start = iwl4965_mac_start,
8587 .stop = iwl4965_mac_stop,
8588 .add_interface = iwl4965_mac_add_interface,
8589 .remove_interface = iwl4965_mac_remove_interface,
8590 .config = iwl4965_mac_config,
8591 .config_interface = iwl4965_mac_config_interface,
8592 .configure_filter = iwl4965_configure_filter,
8593 .set_key = iwl4965_mac_set_key,
8594 .get_stats = iwl4965_mac_get_stats,
8595 .get_tx_stats = iwl4965_mac_get_tx_stats,
8596 .conf_tx = iwl4965_mac_conf_tx,
8597 .get_tsf = iwl4965_mac_get_tsf,
8598 .reset_tsf = iwl4965_mac_reset_tsf,
8599 .beacon_update = iwl4965_mac_beacon_update,
8600 .bss_info_changed = iwl4965_bss_info_changed,
8601 #ifdef CONFIG_IWL4965_HT
8602 .conf_ht = iwl4965_mac_conf_ht,
8603 .ampdu_action = iwl4965_mac_ampdu_action,
8604 #endif /* CONFIG_IWL4965_HT */
8605 .hw_scan = iwl4965_mac_hw_scan
8608 static int iwl4965_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
8611 struct iwl4965_priv *priv;
8612 struct ieee80211_hw *hw;
8613 struct iwl_cfg *cfg = (struct iwl_cfg *)(ent->driver_data);
8615 DECLARE_MAC_BUF(mac);
8617 /* Disabling hardware scan means that mac80211 will perform scans
8618 * "the hard way", rather than using device's scan. */
8619 if (iwl4965_param_disable_hw_scan) {
8620 IWL_DEBUG_INFO("Disabling hw_scan\n");
8621 iwl4965_hw_ops.hw_scan = NULL;
8624 if ((iwl4965_param_queues_num > IWL_MAX_NUM_QUEUES) ||
8625 (iwl4965_param_queues_num < IWL_MIN_NUM_QUEUES)) {
8626 IWL_ERROR("invalid queues_num, should be between %d and %d\n",
8627 IWL_MIN_NUM_QUEUES, IWL_MAX_NUM_QUEUES);
8632 /* mac80211 allocates memory for this device instance, including
8633 * space for this driver's private structure */
8634 hw = ieee80211_alloc_hw(sizeof(struct iwl4965_priv), &iwl4965_hw_ops);
8636 IWL_ERROR("Can not allocate network device\n");
8640 SET_IEEE80211_DEV(hw, &pdev->dev);
8642 hw->rate_control_algorithm = "iwl-4965-rs";
8644 IWL_DEBUG_INFO("*** LOAD DRIVER ***\n");
8649 priv->pci_dev = pdev;
8650 priv->antenna = (enum iwl4965_antenna)iwl4965_param_antenna;
8651 #ifdef CONFIG_IWL4965_DEBUG
8652 iwl4965_debug_level = iwl4965_param_debug;
8653 atomic_set(&priv->restrict_refcnt, 0);
8655 priv->retry_rate = 1;
8657 priv->ibss_beacon = NULL;
8659 /* Tell mac80211 and its clients (e.g. Wireless Extensions)
8660 * the range of signal quality values that we'll provide.
8661 * Negative values for level/noise indicate that we'll provide dBm.
8662 * For WE, at least, non-0 values here *enable* display of values
8663 * in app (iwconfig). */
8664 hw->max_rssi = -20; /* signal level, negative indicates dBm */
8665 hw->max_noise = -20; /* noise level, negative indicates dBm */
8666 hw->max_signal = 100; /* link quality indication (%) */
8668 /* Tell mac80211 our Tx characteristics */
8669 hw->flags = IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE;
8671 /* Default value; 4 EDCA QOS priorities */
8673 #ifdef CONFIG_IWL4965_HT
8674 /* Enhanced value; more queues, to support 11n aggregation */
8676 #endif /* CONFIG_IWL4965_HT */
8678 spin_lock_init(&priv->lock);
8679 spin_lock_init(&priv->power_data.lock);
8680 spin_lock_init(&priv->sta_lock);
8681 spin_lock_init(&priv->hcmd_lock);
8682 spin_lock_init(&priv->lq_mngr.lock);
8684 for (i = 0; i < IWL_IBSS_MAC_HASH_SIZE; i++)
8685 INIT_LIST_HEAD(&priv->ibss_mac_hash[i]);
8687 INIT_LIST_HEAD(&priv->free_frames);
8689 mutex_init(&priv->mutex);
8690 if (pci_enable_device(pdev)) {
8692 goto out_ieee80211_free_hw;
8695 pci_set_master(pdev);
8697 /* Clear the driver's (not device's) station table */
8698 iwl4965_clear_stations_table(priv);
8700 priv->data_retry_limit = -1;
8701 priv->ieee_channels = NULL;
8702 priv->ieee_rates = NULL;
8703 priv->band = IEEE80211_BAND_2GHZ;
8705 err = pci_set_dma_mask(pdev, DMA_32BIT_MASK);
8707 err = pci_set_consistent_dma_mask(pdev, DMA_32BIT_MASK);
8709 printk(KERN_WARNING DRV_NAME ": No suitable DMA available.\n");
8710 goto out_pci_disable_device;
8713 pci_set_drvdata(pdev, priv);
8714 err = pci_request_regions(pdev, DRV_NAME);
8716 goto out_pci_disable_device;
8718 /* We disable the RETRY_TIMEOUT register (0x41) to keep
8719 * PCI Tx retries from interfering with C3 CPU state */
8720 pci_write_config_byte(pdev, 0x41, 0x00);
8722 priv->hw_base = pci_iomap(pdev, 0, 0);
8723 if (!priv->hw_base) {
8725 goto out_pci_release_regions;
8728 IWL_DEBUG_INFO("pci_resource_len = 0x%08llx\n",
8729 (unsigned long long) pci_resource_len(pdev, 0));
8730 IWL_DEBUG_INFO("pci_resource_base = %p\n", priv->hw_base);
8732 /* Initialize module parameter values here */
8734 /* Disable radio (SW RF KILL) via parameter when loading driver */
8735 if (iwl4965_param_disable) {
8736 set_bit(STATUS_RF_KILL_SW, &priv->status);
8737 IWL_DEBUG_INFO("Radio disabled.\n");
8740 priv->iw_mode = IEEE80211_IF_TYPE_STA;
8743 priv->use_ant_b_for_management_frame = 1; /* start with ant B */
8744 priv->valid_antenna = 0x7; /* assume all 3 connected */
8745 priv->ps_mode = IWL_MIMO_PS_NONE;
8747 /* Choose which receivers/antennas to use */
8748 iwl4965_set_rxon_chain(priv);
8751 printk(KERN_INFO DRV_NAME
8752 ": Detected Intel Wireless WiFi Link %s\n", priv->cfg->name);
8754 /* Device-specific setup */
8755 if (iwl4965_hw_set_hw_setting(priv)) {
8756 IWL_ERROR("failed to set hw settings\n");
8760 if (iwl4965_param_qos_enable)
8761 priv->qos_data.qos_enable = 1;
8763 iwl4965_reset_qos(priv);
8765 priv->qos_data.qos_active = 0;
8766 priv->qos_data.qos_cap.val = 0;
8768 iwl4965_set_rxon_channel(priv, IEEE80211_BAND_2GHZ, 6);
8769 iwl4965_setup_deferred_work(priv);
8770 iwl4965_setup_rx_handlers(priv);
8772 priv->rates_mask = IWL_RATES_MASK;
8773 /* If power management is turned on, default to AC mode */
8774 priv->power_mode = IWL_POWER_AC;
8775 priv->user_txpower_limit = IWL_DEFAULT_TX_POWER;
8777 iwl4965_disable_interrupts(priv);
8779 err = sysfs_create_group(&pdev->dev.kobj, &iwl4965_attribute_group);
8781 IWL_ERROR("failed to create sysfs device attributes\n");
8782 goto out_release_irq;
8786 iwl4965_set_bit(priv, CSR_GIO_CHICKEN_BITS,
8787 CSR_GIO_CHICKEN_BITS_REG_BIT_DIS_L0S_EXIT_TIMER);
8789 iwl4965_set_bit(priv, CSR_GP_CNTRL, CSR_GP_CNTRL_REG_FLAG_INIT_DONE);
8790 err = iwl4965_poll_bit(priv, CSR_GP_CNTRL,
8791 CSR_GP_CNTRL_REG_FLAG_MAC_CLOCK_READY,
8792 CSR_GP_CNTRL_REG_FLAG_MAC_CLOCK_READY, 25000);
8794 IWL_DEBUG_INFO("Failed to init the card\n");
8795 goto out_remove_sysfs;
8797 /* Read the EEPROM */
8798 err = iwl4965_eeprom_init(priv);
8800 IWL_ERROR("Unable to init EEPROM\n");
8801 goto out_remove_sysfs;
8803 /* MAC Address location in EEPROM same for 3945/4965 */
8804 get_eeprom_mac(priv, priv->mac_addr);
8805 IWL_DEBUG_INFO("MAC address: %s\n", print_mac(mac, priv->mac_addr));
8806 SET_IEEE80211_PERM_ADDR(priv->hw, priv->mac_addr);
8808 err = iwl4965_init_channel_map(priv);
8810 IWL_ERROR("initializing regulatory failed: %d\n", err);
8811 goto out_remove_sysfs;
8814 err = iwl4965_init_geos(priv);
8816 IWL_ERROR("initializing geos failed: %d\n", err);
8817 goto out_free_channel_map;
8820 iwl4965_rate_control_register(priv->hw);
8821 err = ieee80211_register_hw(priv->hw);
8823 IWL_ERROR("Failed to register network device (error %d)\n", err);
8827 priv->hw->conf.beacon_int = 100;
8828 priv->mac80211_registered = 1;
8829 pci_save_state(pdev);
8830 pci_disable_device(pdev);
8835 iwl4965_free_geos(priv);
8836 out_free_channel_map:
8837 iwl4965_free_channel_map(priv);
8839 sysfs_remove_group(&pdev->dev.kobj, &iwl4965_attribute_group);
8842 destroy_workqueue(priv->workqueue);
8843 priv->workqueue = NULL;
8844 iwl4965_unset_hw_setting(priv);
8847 pci_iounmap(pdev, priv->hw_base);
8848 out_pci_release_regions:
8849 pci_release_regions(pdev);
8850 out_pci_disable_device:
8851 pci_disable_device(pdev);
8852 pci_set_drvdata(pdev, NULL);
8853 out_ieee80211_free_hw:
8854 ieee80211_free_hw(priv->hw);
8859 static void iwl4965_pci_remove(struct pci_dev *pdev)
8861 struct iwl4965_priv *priv = pci_get_drvdata(pdev);
8862 struct list_head *p, *q;
8868 IWL_DEBUG_INFO("*** UNLOAD DRIVER ***\n");
8870 set_bit(STATUS_EXIT_PENDING, &priv->status);
8874 /* Free MAC hash list for ADHOC */
8875 for (i = 0; i < IWL_IBSS_MAC_HASH_SIZE; i++) {
8876 list_for_each_safe(p, q, &priv->ibss_mac_hash[i]) {
8878 kfree(list_entry(p, struct iwl4965_ibss_seq, list));
8882 sysfs_remove_group(&pdev->dev.kobj, &iwl4965_attribute_group);
8884 iwl4965_dealloc_ucode_pci(priv);
8887 iwl4965_rx_queue_free(priv, &priv->rxq);
8888 iwl4965_hw_txq_ctx_free(priv);
8890 iwl4965_unset_hw_setting(priv);
8891 iwl4965_clear_stations_table(priv);
8893 if (priv->mac80211_registered) {
8894 ieee80211_unregister_hw(priv->hw);
8895 iwl4965_rate_control_unregister(priv->hw);
8898 /*netif_stop_queue(dev); */
8899 flush_workqueue(priv->workqueue);
8901 /* ieee80211_unregister_hw calls iwl4965_mac_stop, which flushes
8902 * priv->workqueue... so we can't take down the workqueue
8904 destroy_workqueue(priv->workqueue);
8905 priv->workqueue = NULL;
8907 pci_iounmap(pdev, priv->hw_base);
8908 pci_release_regions(pdev);
8909 pci_disable_device(pdev);
8910 pci_set_drvdata(pdev, NULL);
8912 iwl4965_free_channel_map(priv);
8913 iwl4965_free_geos(priv);
8915 if (priv->ibss_beacon)
8916 dev_kfree_skb(priv->ibss_beacon);
8918 ieee80211_free_hw(priv->hw);
8923 static int iwl4965_pci_suspend(struct pci_dev *pdev, pm_message_t state)
8925 struct iwl4965_priv *priv = pci_get_drvdata(pdev);
8927 if (priv->is_open) {
8928 set_bit(STATUS_IN_SUSPEND, &priv->status);
8929 iwl4965_mac_stop(priv->hw);
8933 pci_set_power_state(pdev, PCI_D3hot);
8938 static int iwl4965_pci_resume(struct pci_dev *pdev)
8940 struct iwl4965_priv *priv = pci_get_drvdata(pdev);
8942 pci_set_power_state(pdev, PCI_D0);
8945 iwl4965_mac_start(priv->hw);
8947 clear_bit(STATUS_IN_SUSPEND, &priv->status);
8951 #endif /* CONFIG_PM */
8953 /*****************************************************************************
8955 * driver and module entry point
8957 *****************************************************************************/
8959 static struct pci_driver iwl4965_driver = {
8961 .id_table = iwl4965_hw_card_ids,
8962 .probe = iwl4965_pci_probe,
8963 .remove = __devexit_p(iwl4965_pci_remove),
8965 .suspend = iwl4965_pci_suspend,
8966 .resume = iwl4965_pci_resume,
8970 static int __init iwl4965_init(void)
8974 printk(KERN_INFO DRV_NAME ": " DRV_DESCRIPTION ", " DRV_VERSION "\n");
8975 printk(KERN_INFO DRV_NAME ": " DRV_COPYRIGHT "\n");
8976 ret = pci_register_driver(&iwl4965_driver);
8978 IWL_ERROR("Unable to initialize PCI module\n");
8981 #ifdef CONFIG_IWL4965_DEBUG
8982 ret = driver_create_file(&iwl4965_driver.driver, &driver_attr_debug_level);
8984 IWL_ERROR("Unable to create driver sysfs file\n");
8985 pci_unregister_driver(&iwl4965_driver);
8993 static void __exit iwl4965_exit(void)
8995 #ifdef CONFIG_IWL4965_DEBUG
8996 driver_remove_file(&iwl4965_driver.driver, &driver_attr_debug_level);
8998 pci_unregister_driver(&iwl4965_driver);
9001 module_param_named(antenna, iwl4965_param_antenna, int, 0444);
9002 MODULE_PARM_DESC(antenna, "select antenna (1=Main, 2=Aux, default 0 [both])");
9003 module_param_named(disable, iwl4965_param_disable, int, 0444);
9004 MODULE_PARM_DESC(disable, "manually disable the radio (default 0 [radio on])");
9005 module_param_named(hwcrypto, iwl4965_param_hwcrypto, int, 0444);
9006 MODULE_PARM_DESC(hwcrypto,
9007 "using hardware crypto engine (default 0 [software])\n");
9008 module_param_named(debug, iwl4965_param_debug, int, 0444);
9009 MODULE_PARM_DESC(debug, "debug output mask");
9010 module_param_named(disable_hw_scan, iwl4965_param_disable_hw_scan, int, 0444);
9011 MODULE_PARM_DESC(disable_hw_scan, "disable hardware scanning (default 0)");
9013 module_param_named(queues_num, iwl4965_param_queues_num, int, 0444);
9014 MODULE_PARM_DESC(queues_num, "number of hw queues.");
9017 module_param_named(qos_enable, iwl4965_param_qos_enable, int, 0444);
9018 MODULE_PARM_DESC(qos_enable, "enable all QoS functionality");
9019 module_param_named(amsdu_size_8K, iwl4965_param_amsdu_size_8K, int, 0444);
9020 MODULE_PARM_DESC(amsdu_size_8K, "enable 8K amsdu size");
9022 module_exit(iwl4965_exit);
9023 module_init(iwl4965_init);
git.openpandora.org / pandora-kernel.git / blob