1 /******************************************************************************
3 Copyright(c) 2003 - 2006 Intel Corporation. All rights reserved.
5 This program is free software; you can redistribute it and/or modify it
6 under the terms of version 2 of the GNU General Public License as
7 published by the Free Software Foundation.
9 This program is distributed in the hope that it will be useful, but WITHOUT
10 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 You should have received a copy of the GNU General Public License along with
15 this program; if not, write to the Free Software Foundation, Inc., 59
16 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18 The full GNU General Public License is included in this distribution in the
22 James P. Ketrenos <ipw2100-admin@linux.intel.com>
23 Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
25 Portions of this file are based on the sample_* files provided by Wireless
26 Extensions 0.26 package and copyright (c) 1997-2003 Jean Tourrilhes
29 Portions of this file are based on the Host AP project,
30 Copyright (c) 2001-2002, SSH Communications Security Corp and Jouni Malinen
32 Copyright (c) 2002-2003, Jouni Malinen <j@w1.fi>
34 Portions of ipw2100_mod_firmware_load, ipw2100_do_mod_firmware_load, and
35 ipw2100_fw_load are loosely based on drivers/sound/sound_firmware.c
36 available in the 2.4.25 kernel sources, and are copyright (c) Alan Cox
38 ******************************************************************************/
41 Initial driver on which this is based was developed by Janusz Gorycki,
42 Maciej Urbaniak, and Maciej Sosnowski.
44 Promiscuous mode support added by Jacek Wysoczynski and Maciej Urbaniak.
48 Tx - Commands and Data
50 Firmware and host share a circular queue of Transmit Buffer Descriptors (TBDs)
51 Each TBD contains a pointer to the physical (dma_addr_t) address of data being
52 sent to the firmware as well as the length of the data.
54 The host writes to the TBD queue at the WRITE index. The WRITE index points
55 to the _next_ packet to be written and is advanced when after the TBD has been
58 The firmware pulls from the TBD queue at the READ index. The READ index points
59 to the currently being read entry, and is advanced once the firmware is
62 When data is sent to the firmware, the first TBD is used to indicate to the
63 firmware if a Command or Data is being sent. If it is Command, all of the
64 command information is contained within the physical address referred to by the
65 TBD. If it is Data, the first TBD indicates the type of data packet, number
66 of fragments, etc. The next TBD then referrs to the actual packet location.
68 The Tx flow cycle is as follows:
70 1) ipw2100_tx() is called by kernel with SKB to transmit
71 2) Packet is move from the tx_free_list and appended to the transmit pending
73 3) work is scheduled to move pending packets into the shared circular queue.
74 4) when placing packet in the circular queue, the incoming SKB is DMA mapped
75 to a physical address. That address is entered into a TBD. Two TBDs are
76 filled out. The first indicating a data packet, the second referring to the
78 5) the packet is removed from tx_pend_list and placed on the end of the
79 firmware pending list (fw_pend_list)
80 6) firmware is notified that the WRITE index has
81 7) Once the firmware has processed the TBD, INTA is triggered.
82 8) For each Tx interrupt received from the firmware, the READ index is checked
83 to see which TBDs are done being processed.
84 9) For each TBD that has been processed, the ISR pulls the oldest packet
85 from the fw_pend_list.
86 10)The packet structure contained in the fw_pend_list is then used
87 to unmap the DMA address and to free the SKB originally passed to the driver
89 11)The packet structure is placed onto the tx_free_list
91 The above steps are the same for commands, only the msg_free_list/msg_pend_list
92 are used instead of tx_free_list/tx_pend_list
96 Critical Sections / Locking :
98 There are two locks utilized. The first is the low level lock (priv->low_lock)
99 that protects the following:
101 - Access to the Tx/Rx queue lists via priv->low_lock. The lists are as follows:
103 tx_free_list : Holds pre-allocated Tx buffers.
104 TAIL modified in __ipw2100_tx_process()
105 HEAD modified in ipw2100_tx()
107 tx_pend_list : Holds used Tx buffers waiting to go into the TBD ring
108 TAIL modified ipw2100_tx()
109 HEAD modified by ipw2100_tx_send_data()
111 msg_free_list : Holds pre-allocated Msg (Command) buffers
112 TAIL modified in __ipw2100_tx_process()
113 HEAD modified in ipw2100_hw_send_command()
115 msg_pend_list : Holds used Msg buffers waiting to go into the TBD ring
116 TAIL modified in ipw2100_hw_send_command()
117 HEAD modified in ipw2100_tx_send_commands()
119 The flow of data on the TX side is as follows:
121 MSG_FREE_LIST + COMMAND => MSG_PEND_LIST => TBD => MSG_FREE_LIST
122 TX_FREE_LIST + DATA => TX_PEND_LIST => TBD => TX_FREE_LIST
124 The methods that work on the TBD ring are protected via priv->low_lock.
126 - The internal data state of the device itself
127 - Access to the firmware read/write indexes for the BD queues
130 All external entry functions are locked with the priv->action_lock to ensure
131 that only one external action is invoked at a time.
136 #include <linux/compiler.h>
137 #include <linux/errno.h>
138 #include <linux/if_arp.h>
139 #include <linux/in6.h>
140 #include <linux/in.h>
141 #include <linux/ip.h>
142 #include <linux/kernel.h>
143 #include <linux/kmod.h>
144 #include <linux/module.h>
145 #include <linux/netdevice.h>
146 #include <linux/ethtool.h>
147 #include <linux/pci.h>
148 #include <linux/dma-mapping.h>
149 #include <linux/proc_fs.h>
150 #include <linux/skbuff.h>
151 #include <asm/uaccess.h>
153 #include <linux/fs.h>
154 #include <linux/mm.h>
155 #include <linux/slab.h>
156 #include <linux/unistd.h>
157 #include <linux/stringify.h>
158 #include <linux/tcp.h>
159 #include <linux/types.h>
160 #include <linux/time.h>
161 #include <linux/firmware.h>
162 #include <linux/acpi.h>
163 #include <linux/ctype.h>
164 #include <linux/pm_qos_params.h>
168 #define IPW2100_VERSION "git-1.2.2"
170 #define DRV_NAME "ipw2100"
171 #define DRV_VERSION IPW2100_VERSION
172 #define DRV_DESCRIPTION "Intel(R) PRO/Wireless 2100 Network Driver"
173 #define DRV_COPYRIGHT "Copyright(c) 2003-2006 Intel Corporation"
175 /* Debugging stuff */
176 #ifdef CONFIG_IPW2100_DEBUG
177 #define IPW2100_RX_DEBUG /* Reception debugging */
180 MODULE_DESCRIPTION(DRV_DESCRIPTION);
181 MODULE_VERSION(DRV_VERSION);
182 MODULE_AUTHOR(DRV_COPYRIGHT);
183 MODULE_LICENSE("GPL");
185 static int debug = 0;
187 static int channel = 0;
188 static int associate = 0;
189 static int disable = 0;
191 static struct ipw2100_fw ipw2100_firmware;
194 #include <linux/moduleparam.h>
195 module_param(debug, int, 0444);
196 module_param(mode, int, 0444);
197 module_param(channel, int, 0444);
198 module_param(associate, int, 0444);
199 module_param(disable, int, 0444);
201 MODULE_PARM_DESC(debug, "debug level");
202 MODULE_PARM_DESC(mode, "network mode (0=BSS,1=IBSS,2=Monitor)");
203 MODULE_PARM_DESC(channel, "channel");
204 MODULE_PARM_DESC(associate, "auto associate when scanning (default off)");
205 MODULE_PARM_DESC(disable, "manually disable the radio (default 0 [radio on])");
207 static u32 ipw2100_debug_level = IPW_DL_NONE;
209 #ifdef CONFIG_IPW2100_DEBUG
210 #define IPW_DEBUG(level, message...) \
212 if (ipw2100_debug_level & (level)) { \
213 printk(KERN_DEBUG "ipw2100: %c %s ", \
214 in_interrupt() ? 'I' : 'U', __func__); \
219 #define IPW_DEBUG(level, message...) do {} while (0)
220 #endif /* CONFIG_IPW2100_DEBUG */
222 #ifdef CONFIG_IPW2100_DEBUG
223 static const char *command_types[] = {
225 "unused", /* HOST_ATTENTION */
227 "unused", /* SLEEP */
228 "unused", /* HOST_POWER_DOWN */
231 "unused", /* SET_IMR */
234 "AUTHENTICATION_TYPE",
237 "INTERNATIONAL_MODE",
252 "CLEAR_ALL_MULTICAST",
273 "AP_OR_STATION_TABLE",
277 "unused", /* SAVE_CALIBRATION */
278 "unused", /* RESTORE_CALIBRATION */
282 "HOST_PRE_POWER_DOWN",
283 "unused", /* HOST_INTERRUPT_COALESCING */
285 "CARD_DISABLE_PHY_OFF",
286 "MSDU_TX_RATES" "undefined",
288 "SET_STATION_STAT_BITS",
289 "CLEAR_STATIONS_STAT_BITS",
291 "SET_SECURITY_INFORMATION",
292 "DISASSOCIATION_BSSID",
297 /* Pre-decl until we get the code solid and then we can clean it up */
298 static void ipw2100_tx_send_commands(struct ipw2100_priv *priv);
299 static void ipw2100_tx_send_data(struct ipw2100_priv *priv);
300 static int ipw2100_adapter_setup(struct ipw2100_priv *priv);
302 static void ipw2100_queues_initialize(struct ipw2100_priv *priv);
303 static void ipw2100_queues_free(struct ipw2100_priv *priv);
304 static int ipw2100_queues_allocate(struct ipw2100_priv *priv);
306 static int ipw2100_fw_download(struct ipw2100_priv *priv,
307 struct ipw2100_fw *fw);
308 static int ipw2100_get_firmware(struct ipw2100_priv *priv,
309 struct ipw2100_fw *fw);
310 static int ipw2100_get_fwversion(struct ipw2100_priv *priv, char *buf,
312 static int ipw2100_get_ucodeversion(struct ipw2100_priv *priv, char *buf,
314 static void ipw2100_release_firmware(struct ipw2100_priv *priv,
315 struct ipw2100_fw *fw);
316 static int ipw2100_ucode_download(struct ipw2100_priv *priv,
317 struct ipw2100_fw *fw);
318 static void ipw2100_wx_event_work(struct work_struct *work);
319 static struct iw_statistics *ipw2100_wx_wireless_stats(struct net_device *dev);
320 static struct iw_handler_def ipw2100_wx_handler_def;
322 static inline void read_register(struct net_device *dev, u32 reg, u32 * val)
324 *val = readl((void __iomem *)(dev->base_addr + reg));
325 IPW_DEBUG_IO("r: 0x%08X => 0x%08X\n", reg, *val);
328 static inline void write_register(struct net_device *dev, u32 reg, u32 val)
330 writel(val, (void __iomem *)(dev->base_addr + reg));
331 IPW_DEBUG_IO("w: 0x%08X <= 0x%08X\n", reg, val);
334 static inline void read_register_word(struct net_device *dev, u32 reg,
337 *val = readw((void __iomem *)(dev->base_addr + reg));
338 IPW_DEBUG_IO("r: 0x%08X => %04X\n", reg, *val);
341 static inline void read_register_byte(struct net_device *dev, u32 reg, u8 * val)
343 *val = readb((void __iomem *)(dev->base_addr + reg));
344 IPW_DEBUG_IO("r: 0x%08X => %02X\n", reg, *val);
347 static inline void write_register_word(struct net_device *dev, u32 reg, u16 val)
349 writew(val, (void __iomem *)(dev->base_addr + reg));
350 IPW_DEBUG_IO("w: 0x%08X <= %04X\n", reg, val);
353 static inline void write_register_byte(struct net_device *dev, u32 reg, u8 val)
355 writeb(val, (void __iomem *)(dev->base_addr + reg));
356 IPW_DEBUG_IO("w: 0x%08X =< %02X\n", reg, val);
359 static inline void read_nic_dword(struct net_device *dev, u32 addr, u32 * val)
361 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS,
362 addr & IPW_REG_INDIRECT_ADDR_MASK);
363 read_register(dev, IPW_REG_INDIRECT_ACCESS_DATA, val);
366 static inline void write_nic_dword(struct net_device *dev, u32 addr, u32 val)
368 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS,
369 addr & IPW_REG_INDIRECT_ADDR_MASK);
370 write_register(dev, IPW_REG_INDIRECT_ACCESS_DATA, val);
373 static inline void read_nic_word(struct net_device *dev, u32 addr, u16 * val)
375 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS,
376 addr & IPW_REG_INDIRECT_ADDR_MASK);
377 read_register_word(dev, IPW_REG_INDIRECT_ACCESS_DATA, val);
380 static inline void write_nic_word(struct net_device *dev, u32 addr, u16 val)
382 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS,
383 addr & IPW_REG_INDIRECT_ADDR_MASK);
384 write_register_word(dev, IPW_REG_INDIRECT_ACCESS_DATA, val);
387 static inline void read_nic_byte(struct net_device *dev, u32 addr, u8 * val)
389 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS,
390 addr & IPW_REG_INDIRECT_ADDR_MASK);
391 read_register_byte(dev, IPW_REG_INDIRECT_ACCESS_DATA, val);
394 static inline void write_nic_byte(struct net_device *dev, u32 addr, u8 val)
396 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS,
397 addr & IPW_REG_INDIRECT_ADDR_MASK);
398 write_register_byte(dev, IPW_REG_INDIRECT_ACCESS_DATA, val);
401 static inline void write_nic_auto_inc_address(struct net_device *dev, u32 addr)
403 write_register(dev, IPW_REG_AUTOINCREMENT_ADDRESS,
404 addr & IPW_REG_INDIRECT_ADDR_MASK);
407 static inline void write_nic_dword_auto_inc(struct net_device *dev, u32 val)
409 write_register(dev, IPW_REG_AUTOINCREMENT_DATA, val);
412 static void write_nic_memory(struct net_device *dev, u32 addr, u32 len,
420 /* read first nibble byte by byte */
421 aligned_addr = addr & (~0x3);
422 dif_len = addr - aligned_addr;
424 /* Start reading at aligned_addr + dif_len */
425 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS,
427 for (i = dif_len; i < 4; i++, buf++)
428 write_register_byte(dev,
429 IPW_REG_INDIRECT_ACCESS_DATA + i,
436 /* read DWs through autoincrement registers */
437 write_register(dev, IPW_REG_AUTOINCREMENT_ADDRESS, aligned_addr);
438 aligned_len = len & (~0x3);
439 for (i = 0; i < aligned_len; i += 4, buf += 4, aligned_addr += 4)
440 write_register(dev, IPW_REG_AUTOINCREMENT_DATA, *(u32 *) buf);
442 /* copy the last nibble */
443 dif_len = len - aligned_len;
444 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS, aligned_addr);
445 for (i = 0; i < dif_len; i++, buf++)
446 write_register_byte(dev, IPW_REG_INDIRECT_ACCESS_DATA + i,
450 static void read_nic_memory(struct net_device *dev, u32 addr, u32 len,
458 /* read first nibble byte by byte */
459 aligned_addr = addr & (~0x3);
460 dif_len = addr - aligned_addr;
462 /* Start reading at aligned_addr + dif_len */
463 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS,
465 for (i = dif_len; i < 4; i++, buf++)
466 read_register_byte(dev,
467 IPW_REG_INDIRECT_ACCESS_DATA + i,
474 /* read DWs through autoincrement registers */
475 write_register(dev, IPW_REG_AUTOINCREMENT_ADDRESS, aligned_addr);
476 aligned_len = len & (~0x3);
477 for (i = 0; i < aligned_len; i += 4, buf += 4, aligned_addr += 4)
478 read_register(dev, IPW_REG_AUTOINCREMENT_DATA, (u32 *) buf);
480 /* copy the last nibble */
481 dif_len = len - aligned_len;
482 write_register(dev, IPW_REG_INDIRECT_ACCESS_ADDRESS, aligned_addr);
483 for (i = 0; i < dif_len; i++, buf++)
484 read_register_byte(dev, IPW_REG_INDIRECT_ACCESS_DATA + i, buf);
487 static inline int ipw2100_hw_is_adapter_in_system(struct net_device *dev)
489 return (dev->base_addr &&
491 ((void __iomem *)(dev->base_addr +
492 IPW_REG_DOA_DEBUG_AREA_START))
493 == IPW_DATA_DOA_DEBUG_VALUE));
496 static int ipw2100_get_ordinal(struct ipw2100_priv *priv, u32 ord,
497 void *val, u32 * len)
499 struct ipw2100_ordinals *ordinals = &priv->ordinals;
506 if (ordinals->table1_addr == 0) {
507 printk(KERN_WARNING DRV_NAME ": attempt to use fw ordinals "
508 "before they have been loaded.\n");
512 if (IS_ORDINAL_TABLE_ONE(ordinals, ord)) {
513 if (*len < IPW_ORD_TAB_1_ENTRY_SIZE) {
514 *len = IPW_ORD_TAB_1_ENTRY_SIZE;
516 printk(KERN_WARNING DRV_NAME
517 ": ordinal buffer length too small, need %zd\n",
518 IPW_ORD_TAB_1_ENTRY_SIZE);
523 read_nic_dword(priv->net_dev,
524 ordinals->table1_addr + (ord << 2), &addr);
525 read_nic_dword(priv->net_dev, addr, val);
527 *len = IPW_ORD_TAB_1_ENTRY_SIZE;
532 if (IS_ORDINAL_TABLE_TWO(ordinals, ord)) {
534 ord -= IPW_START_ORD_TAB_2;
536 /* get the address of statistic */
537 read_nic_dword(priv->net_dev,
538 ordinals->table2_addr + (ord << 3), &addr);
540 /* get the second DW of statistics ;
541 * two 16-bit words - first is length, second is count */
542 read_nic_dword(priv->net_dev,
543 ordinals->table2_addr + (ord << 3) + sizeof(u32),
546 /* get each entry length */
547 field_len = *((u16 *) & field_info);
549 /* get number of entries */
550 field_count = *(((u16 *) & field_info) + 1);
552 /* abort if no enought memory */
553 total_length = field_len * field_count;
554 if (total_length > *len) {
563 /* read the ordinal data from the SRAM */
564 read_nic_memory(priv->net_dev, addr, total_length, val);
569 printk(KERN_WARNING DRV_NAME ": ordinal %d neither in table 1 nor "
570 "in table 2\n", ord);
575 static int ipw2100_set_ordinal(struct ipw2100_priv *priv, u32 ord, u32 * val,
578 struct ipw2100_ordinals *ordinals = &priv->ordinals;
581 if (IS_ORDINAL_TABLE_ONE(ordinals, ord)) {
582 if (*len != IPW_ORD_TAB_1_ENTRY_SIZE) {
583 *len = IPW_ORD_TAB_1_ENTRY_SIZE;
584 IPW_DEBUG_INFO("wrong size\n");
588 read_nic_dword(priv->net_dev,
589 ordinals->table1_addr + (ord << 2), &addr);
591 write_nic_dword(priv->net_dev, addr, *val);
593 *len = IPW_ORD_TAB_1_ENTRY_SIZE;
598 IPW_DEBUG_INFO("wrong table\n");
599 if (IS_ORDINAL_TABLE_TWO(ordinals, ord))
605 static char *snprint_line(char *buf, size_t count,
606 const u8 * data, u32 len, u32 ofs)
611 out = snprintf(buf, count, "%08X", ofs);
613 for (l = 0, i = 0; i < 2; i++) {
614 out += snprintf(buf + out, count - out, " ");
615 for (j = 0; j < 8 && l < len; j++, l++)
616 out += snprintf(buf + out, count - out, "%02X ",
619 out += snprintf(buf + out, count - out, " ");
622 out += snprintf(buf + out, count - out, " ");
623 for (l = 0, i = 0; i < 2; i++) {
624 out += snprintf(buf + out, count - out, " ");
625 for (j = 0; j < 8 && l < len; j++, l++) {
626 c = data[(i * 8 + j)];
627 if (!isascii(c) || !isprint(c))
630 out += snprintf(buf + out, count - out, "%c", c);
634 out += snprintf(buf + out, count - out, " ");
640 static void printk_buf(int level, const u8 * data, u32 len)
644 if (!(ipw2100_debug_level & level))
648 printk(KERN_DEBUG "%s\n",
649 snprint_line(line, sizeof(line), &data[ofs],
650 min(len, 16U), ofs));
652 len -= min(len, 16U);
656 #define MAX_RESET_BACKOFF 10
658 static void schedule_reset(struct ipw2100_priv *priv)
660 unsigned long now = get_seconds();
662 /* If we haven't received a reset request within the backoff period,
663 * then we can reset the backoff interval so this reset occurs
665 if (priv->reset_backoff &&
666 (now - priv->last_reset > priv->reset_backoff))
667 priv->reset_backoff = 0;
669 priv->last_reset = get_seconds();
671 if (!(priv->status & STATUS_RESET_PENDING)) {
672 IPW_DEBUG_INFO("%s: Scheduling firmware restart (%ds).\n",
673 priv->net_dev->name, priv->reset_backoff);
674 netif_carrier_off(priv->net_dev);
675 netif_stop_queue(priv->net_dev);
676 priv->status |= STATUS_RESET_PENDING;
677 if (priv->reset_backoff)
678 queue_delayed_work(priv->workqueue, &priv->reset_work,
679 priv->reset_backoff * HZ);
681 queue_delayed_work(priv->workqueue, &priv->reset_work,
684 if (priv->reset_backoff < MAX_RESET_BACKOFF)
685 priv->reset_backoff++;
687 wake_up_interruptible(&priv->wait_command_queue);
689 IPW_DEBUG_INFO("%s: Firmware restart already in progress.\n",
690 priv->net_dev->name);
694 #define HOST_COMPLETE_TIMEOUT (2 * HZ)
695 static int ipw2100_hw_send_command(struct ipw2100_priv *priv,
696 struct host_command *cmd)
698 struct list_head *element;
699 struct ipw2100_tx_packet *packet;
703 IPW_DEBUG_HC("Sending %s command (#%d), %d bytes\n",
704 command_types[cmd->host_command], cmd->host_command,
705 cmd->host_command_length);
706 printk_buf(IPW_DL_HC, (u8 *) cmd->host_command_parameters,
707 cmd->host_command_length);
709 spin_lock_irqsave(&priv->low_lock, flags);
711 if (priv->fatal_error) {
713 ("Attempt to send command while hardware in fatal error condition.\n");
718 if (!(priv->status & STATUS_RUNNING)) {
720 ("Attempt to send command while hardware is not running.\n");
725 if (priv->status & STATUS_CMD_ACTIVE) {
727 ("Attempt to send command while another command is pending.\n");
732 if (list_empty(&priv->msg_free_list)) {
733 IPW_DEBUG_INFO("no available msg buffers\n");
737 priv->status |= STATUS_CMD_ACTIVE;
738 priv->messages_sent++;
740 element = priv->msg_free_list.next;
742 packet = list_entry(element, struct ipw2100_tx_packet, list);
743 packet->jiffy_start = jiffies;
745 /* initialize the firmware command packet */
746 packet->info.c_struct.cmd->host_command_reg = cmd->host_command;
747 packet->info.c_struct.cmd->host_command_reg1 = cmd->host_command1;
748 packet->info.c_struct.cmd->host_command_len_reg =
749 cmd->host_command_length;
750 packet->info.c_struct.cmd->sequence = cmd->host_command_sequence;
752 memcpy(packet->info.c_struct.cmd->host_command_params_reg,
753 cmd->host_command_parameters,
754 sizeof(packet->info.c_struct.cmd->host_command_params_reg));
757 DEC_STAT(&priv->msg_free_stat);
759 list_add_tail(element, &priv->msg_pend_list);
760 INC_STAT(&priv->msg_pend_stat);
762 ipw2100_tx_send_commands(priv);
763 ipw2100_tx_send_data(priv);
765 spin_unlock_irqrestore(&priv->low_lock, flags);
768 * We must wait for this command to complete before another
769 * command can be sent... but if we wait more than 3 seconds
770 * then there is a problem.
774 wait_event_interruptible_timeout(priv->wait_command_queue,
776 status & STATUS_CMD_ACTIVE),
777 HOST_COMPLETE_TIMEOUT);
780 IPW_DEBUG_INFO("Command completion failed out after %dms.\n",
781 1000 * (HOST_COMPLETE_TIMEOUT / HZ));
782 priv->fatal_error = IPW2100_ERR_MSG_TIMEOUT;
783 priv->status &= ~STATUS_CMD_ACTIVE;
784 schedule_reset(priv);
788 if (priv->fatal_error) {
789 printk(KERN_WARNING DRV_NAME ": %s: firmware fatal error\n",
790 priv->net_dev->name);
794 /* !!!!! HACK TEST !!!!!
795 * When lots of debug trace statements are enabled, the driver
796 * doesn't seem to have as many firmware restart cycles...
798 * As a test, we're sticking in a 1/100s delay here */
799 schedule_timeout_uninterruptible(msecs_to_jiffies(10));
804 spin_unlock_irqrestore(&priv->low_lock, flags);
810 * Verify the values and data access of the hardware
811 * No locks needed or used. No functions called.
813 static int ipw2100_verify(struct ipw2100_priv *priv)
818 u32 val1 = 0x76543210;
819 u32 val2 = 0xFEDCBA98;
821 /* Domain 0 check - all values should be DOA_DEBUG */
822 for (address = IPW_REG_DOA_DEBUG_AREA_START;
823 address < IPW_REG_DOA_DEBUG_AREA_END; address += sizeof(u32)) {
824 read_register(priv->net_dev, address, &data1);
825 if (data1 != IPW_DATA_DOA_DEBUG_VALUE)
829 /* Domain 1 check - use arbitrary read/write compare */
830 for (address = 0; address < 5; address++) {
831 /* The memory area is not used now */
832 write_register(priv->net_dev, IPW_REG_DOMAIN_1_OFFSET + 0x32,
834 write_register(priv->net_dev, IPW_REG_DOMAIN_1_OFFSET + 0x36,
836 read_register(priv->net_dev, IPW_REG_DOMAIN_1_OFFSET + 0x32,
838 read_register(priv->net_dev, IPW_REG_DOMAIN_1_OFFSET + 0x36,
840 if (val1 == data1 && val2 == data2)
849 * Loop until the CARD_DISABLED bit is the same value as the
852 * TODO: See if it would be more efficient to do a wait/wake
853 * cycle and have the completion event trigger the wakeup
856 #define IPW_CARD_DISABLE_COMPLETE_WAIT 100 // 100 milli
857 static int ipw2100_wait_for_card_state(struct ipw2100_priv *priv, int state)
861 u32 len = sizeof(card_state);
864 for (i = 0; i <= IPW_CARD_DISABLE_COMPLETE_WAIT * 1000; i += 50) {
865 err = ipw2100_get_ordinal(priv, IPW_ORD_CARD_DISABLED,
868 IPW_DEBUG_INFO("Query of CARD_DISABLED ordinal "
873 /* We'll break out if either the HW state says it is
874 * in the state we want, or if HOST_COMPLETE command
876 if ((card_state == state) ||
877 ((priv->status & STATUS_ENABLED) ?
878 IPW_HW_STATE_ENABLED : IPW_HW_STATE_DISABLED) == state) {
879 if (state == IPW_HW_STATE_ENABLED)
880 priv->status |= STATUS_ENABLED;
882 priv->status &= ~STATUS_ENABLED;
890 IPW_DEBUG_INFO("ipw2100_wait_for_card_state to %s state timed out\n",
891 state ? "DISABLED" : "ENABLED");
895 /*********************************************************************
896 Procedure : sw_reset_and_clock
897 Purpose : Asserts s/w reset, asserts clock initialization
898 and waits for clock stabilization
899 ********************************************************************/
900 static int sw_reset_and_clock(struct ipw2100_priv *priv)
906 write_register(priv->net_dev, IPW_REG_RESET_REG,
907 IPW_AUX_HOST_RESET_REG_SW_RESET);
909 // wait for clock stabilization
910 for (i = 0; i < 1000; i++) {
911 udelay(IPW_WAIT_RESET_ARC_COMPLETE_DELAY);
913 // check clock ready bit
914 read_register(priv->net_dev, IPW_REG_RESET_REG, &r);
915 if (r & IPW_AUX_HOST_RESET_REG_PRINCETON_RESET)
920 return -EIO; // TODO: better error value
922 /* set "initialization complete" bit to move adapter to
924 write_register(priv->net_dev, IPW_REG_GP_CNTRL,
925 IPW_AUX_HOST_GP_CNTRL_BIT_INIT_DONE);
927 /* wait for clock stabilization */
928 for (i = 0; i < 10000; i++) {
929 udelay(IPW_WAIT_CLOCK_STABILIZATION_DELAY * 4);
931 /* check clock ready bit */
932 read_register(priv->net_dev, IPW_REG_GP_CNTRL, &r);
933 if (r & IPW_AUX_HOST_GP_CNTRL_BIT_CLOCK_READY)
938 return -EIO; /* TODO: better error value */
940 /* set D0 standby bit */
941 read_register(priv->net_dev, IPW_REG_GP_CNTRL, &r);
942 write_register(priv->net_dev, IPW_REG_GP_CNTRL,
943 r | IPW_AUX_HOST_GP_CNTRL_BIT_HOST_ALLOWS_STANDBY);
948 /*********************************************************************
949 Procedure : ipw2100_download_firmware
950 Purpose : Initiaze adapter after power on.
952 1. assert s/w reset first!
953 2. awake clocks & wait for clock stabilization
954 3. hold ARC (don't ask me why...)
955 4. load Dino ucode and reset/clock init again
956 5. zero-out shared mem
958 *******************************************************************/
959 static int ipw2100_download_firmware(struct ipw2100_priv *priv)
965 /* Fetch the firmware and microcode */
966 struct ipw2100_fw ipw2100_firmware;
969 if (priv->fatal_error) {
970 IPW_DEBUG_ERROR("%s: ipw2100_download_firmware called after "
971 "fatal error %d. Interface must be brought down.\n",
972 priv->net_dev->name, priv->fatal_error);
976 if (!ipw2100_firmware.version) {
977 err = ipw2100_get_firmware(priv, &ipw2100_firmware);
979 IPW_DEBUG_ERROR("%s: ipw2100_get_firmware failed: %d\n",
980 priv->net_dev->name, err);
981 priv->fatal_error = IPW2100_ERR_FW_LOAD;
986 err = ipw2100_get_firmware(priv, &ipw2100_firmware);
988 IPW_DEBUG_ERROR("%s: ipw2100_get_firmware failed: %d\n",
989 priv->net_dev->name, err);
990 priv->fatal_error = IPW2100_ERR_FW_LOAD;
994 priv->firmware_version = ipw2100_firmware.version;
996 /* s/w reset and clock stabilization */
997 err = sw_reset_and_clock(priv);
999 IPW_DEBUG_ERROR("%s: sw_reset_and_clock failed: %d\n",
1000 priv->net_dev->name, err);
1004 err = ipw2100_verify(priv);
1006 IPW_DEBUG_ERROR("%s: ipw2100_verify failed: %d\n",
1007 priv->net_dev->name, err);
1012 write_nic_dword(priv->net_dev,
1013 IPW_INTERNAL_REGISTER_HALT_AND_RESET, 0x80000000);
1015 /* allow ARC to run */
1016 write_register(priv->net_dev, IPW_REG_RESET_REG, 0);
1018 /* load microcode */
1019 err = ipw2100_ucode_download(priv, &ipw2100_firmware);
1021 printk(KERN_ERR DRV_NAME ": %s: Error loading microcode: %d\n",
1022 priv->net_dev->name, err);
1027 write_nic_dword(priv->net_dev,
1028 IPW_INTERNAL_REGISTER_HALT_AND_RESET, 0x00000000);
1030 /* s/w reset and clock stabilization (again!!!) */
1031 err = sw_reset_and_clock(priv);
1033 printk(KERN_ERR DRV_NAME
1034 ": %s: sw_reset_and_clock failed: %d\n",
1035 priv->net_dev->name, err);
1040 err = ipw2100_fw_download(priv, &ipw2100_firmware);
1042 IPW_DEBUG_ERROR("%s: Error loading firmware: %d\n",
1043 priv->net_dev->name, err);
1048 * When the .resume method of the driver is called, the other
1049 * part of the system, i.e. the ide driver could still stay in
1050 * the suspend stage. This prevents us from loading the firmware
1051 * from the disk. --YZ
1054 /* free any storage allocated for firmware image */
1055 ipw2100_release_firmware(priv, &ipw2100_firmware);
1058 /* zero out Domain 1 area indirectly (Si requirement) */
1059 for (address = IPW_HOST_FW_SHARED_AREA0;
1060 address < IPW_HOST_FW_SHARED_AREA0_END; address += 4)
1061 write_nic_dword(priv->net_dev, address, 0);
1062 for (address = IPW_HOST_FW_SHARED_AREA1;
1063 address < IPW_HOST_FW_SHARED_AREA1_END; address += 4)
1064 write_nic_dword(priv->net_dev, address, 0);
1065 for (address = IPW_HOST_FW_SHARED_AREA2;
1066 address < IPW_HOST_FW_SHARED_AREA2_END; address += 4)
1067 write_nic_dword(priv->net_dev, address, 0);
1068 for (address = IPW_HOST_FW_SHARED_AREA3;
1069 address < IPW_HOST_FW_SHARED_AREA3_END; address += 4)
1070 write_nic_dword(priv->net_dev, address, 0);
1071 for (address = IPW_HOST_FW_INTERRUPT_AREA;
1072 address < IPW_HOST_FW_INTERRUPT_AREA_END; address += 4)
1073 write_nic_dword(priv->net_dev, address, 0);
1078 ipw2100_release_firmware(priv, &ipw2100_firmware);
1082 static inline void ipw2100_enable_interrupts(struct ipw2100_priv *priv)
1084 if (priv->status & STATUS_INT_ENABLED)
1086 priv->status |= STATUS_INT_ENABLED;
1087 write_register(priv->net_dev, IPW_REG_INTA_MASK, IPW_INTERRUPT_MASK);
1090 static inline void ipw2100_disable_interrupts(struct ipw2100_priv *priv)
1092 if (!(priv->status & STATUS_INT_ENABLED))
1094 priv->status &= ~STATUS_INT_ENABLED;
1095 write_register(priv->net_dev, IPW_REG_INTA_MASK, 0x0);
1098 static void ipw2100_initialize_ordinals(struct ipw2100_priv *priv)
1100 struct ipw2100_ordinals *ord = &priv->ordinals;
1102 IPW_DEBUG_INFO("enter\n");
1104 read_register(priv->net_dev, IPW_MEM_HOST_SHARED_ORDINALS_TABLE_1,
1107 read_register(priv->net_dev, IPW_MEM_HOST_SHARED_ORDINALS_TABLE_2,
1110 read_nic_dword(priv->net_dev, ord->table1_addr, &ord->table1_size);
1111 read_nic_dword(priv->net_dev, ord->table2_addr, &ord->table2_size);
1113 ord->table2_size &= 0x0000FFFF;
1115 IPW_DEBUG_INFO("table 1 size: %d\n", ord->table1_size);
1116 IPW_DEBUG_INFO("table 2 size: %d\n", ord->table2_size);
1117 IPW_DEBUG_INFO("exit\n");
1120 static inline void ipw2100_hw_set_gpio(struct ipw2100_priv *priv)
1124 * Set GPIO 3 writable by FW; GPIO 1 writable
1125 * by driver and enable clock
1127 reg = (IPW_BIT_GPIO_GPIO3_MASK | IPW_BIT_GPIO_GPIO1_ENABLE |
1128 IPW_BIT_GPIO_LED_OFF);
1129 write_register(priv->net_dev, IPW_REG_GPIO, reg);
1132 static int rf_kill_active(struct ipw2100_priv *priv)
1134 #define MAX_RF_KILL_CHECKS 5
1135 #define RF_KILL_CHECK_DELAY 40
1137 unsigned short value = 0;
1141 if (!(priv->hw_features & HW_FEATURE_RFKILL)) {
1142 priv->status &= ~STATUS_RF_KILL_HW;
1146 for (i = 0; i < MAX_RF_KILL_CHECKS; i++) {
1147 udelay(RF_KILL_CHECK_DELAY);
1148 read_register(priv->net_dev, IPW_REG_GPIO, ®);
1149 value = (value << 1) | ((reg & IPW_BIT_GPIO_RF_KILL) ? 0 : 1);
1153 priv->status |= STATUS_RF_KILL_HW;
1155 priv->status &= ~STATUS_RF_KILL_HW;
1157 return (value == 0);
1160 static int ipw2100_get_hw_features(struct ipw2100_priv *priv)
1166 * EEPROM_SRAM_DB_START_ADDRESS using ordinal in ordinal table 1
1169 if (ipw2100_get_ordinal
1170 (priv, IPW_ORD_EEPROM_SRAM_DB_BLOCK_START_ADDRESS, &addr, &len)) {
1171 IPW_DEBUG_INFO("failed querying ordinals at line %d\n",
1176 IPW_DEBUG_INFO("EEPROM address: %08X\n", addr);
1179 * EEPROM version is the byte at offset 0xfd in firmware
1180 * We read 4 bytes, then shift out the byte we actually want */
1181 read_nic_dword(priv->net_dev, addr + 0xFC, &val);
1182 priv->eeprom_version = (val >> 24) & 0xFF;
1183 IPW_DEBUG_INFO("EEPROM version: %d\n", priv->eeprom_version);
1186 * HW RF Kill enable is bit 0 in byte at offset 0x21 in firmware
1188 * notice that the EEPROM bit is reverse polarity, i.e.
1189 * bit = 0 signifies HW RF kill switch is supported
1190 * bit = 1 signifies HW RF kill switch is NOT supported
1192 read_nic_dword(priv->net_dev, addr + 0x20, &val);
1193 if (!((val >> 24) & 0x01))
1194 priv->hw_features |= HW_FEATURE_RFKILL;
1196 IPW_DEBUG_INFO("HW RF Kill: %ssupported.\n",
1197 (priv->hw_features & HW_FEATURE_RFKILL) ? "" : "not ");
1203 * Start firmware execution after power on and intialization
1206 * 2. Wait for f/w initialization completes;
1208 static int ipw2100_start_adapter(struct ipw2100_priv *priv)
1211 u32 inta, inta_mask, gpio;
1213 IPW_DEBUG_INFO("enter\n");
1215 if (priv->status & STATUS_RUNNING)
1219 * Initialize the hw - drive adapter to DO state by setting
1220 * init_done bit. Wait for clk_ready bit and Download
1223 if (ipw2100_download_firmware(priv)) {
1224 printk(KERN_ERR DRV_NAME
1225 ": %s: Failed to power on the adapter.\n",
1226 priv->net_dev->name);
1230 /* Clear the Tx, Rx and Msg queues and the r/w indexes
1231 * in the firmware RBD and TBD ring queue */
1232 ipw2100_queues_initialize(priv);
1234 ipw2100_hw_set_gpio(priv);
1236 /* TODO -- Look at disabling interrupts here to make sure none
1237 * get fired during FW initialization */
1239 /* Release ARC - clear reset bit */
1240 write_register(priv->net_dev, IPW_REG_RESET_REG, 0);
1242 /* wait for f/w intialization complete */
1243 IPW_DEBUG_FW("Waiting for f/w initialization to complete...\n");
1246 schedule_timeout_uninterruptible(msecs_to_jiffies(40));
1247 /* Todo... wait for sync command ... */
1249 read_register(priv->net_dev, IPW_REG_INTA, &inta);
1251 /* check "init done" bit */
1252 if (inta & IPW2100_INTA_FW_INIT_DONE) {
1253 /* reset "init done" bit */
1254 write_register(priv->net_dev, IPW_REG_INTA,
1255 IPW2100_INTA_FW_INIT_DONE);
1259 /* check error conditions : we check these after the firmware
1260 * check so that if there is an error, the interrupt handler
1261 * will see it and the adapter will be reset */
1263 (IPW2100_INTA_FATAL_ERROR | IPW2100_INTA_PARITY_ERROR)) {
1264 /* clear error conditions */
1265 write_register(priv->net_dev, IPW_REG_INTA,
1266 IPW2100_INTA_FATAL_ERROR |
1267 IPW2100_INTA_PARITY_ERROR);
1271 /* Clear out any pending INTAs since we aren't supposed to have
1272 * interrupts enabled at this point... */
1273 read_register(priv->net_dev, IPW_REG_INTA, &inta);
1274 read_register(priv->net_dev, IPW_REG_INTA_MASK, &inta_mask);
1275 inta &= IPW_INTERRUPT_MASK;
1276 /* Clear out any pending interrupts */
1277 if (inta & inta_mask)
1278 write_register(priv->net_dev, IPW_REG_INTA, inta);
1280 IPW_DEBUG_FW("f/w initialization complete: %s\n",
1281 i ? "SUCCESS" : "FAILED");
1284 printk(KERN_WARNING DRV_NAME
1285 ": %s: Firmware did not initialize.\n",
1286 priv->net_dev->name);
1290 /* allow firmware to write to GPIO1 & GPIO3 */
1291 read_register(priv->net_dev, IPW_REG_GPIO, &gpio);
1293 gpio |= (IPW_BIT_GPIO_GPIO1_MASK | IPW_BIT_GPIO_GPIO3_MASK);
1295 write_register(priv->net_dev, IPW_REG_GPIO, gpio);
1297 /* Ready to receive commands */
1298 priv->status |= STATUS_RUNNING;
1300 /* The adapter has been reset; we are not associated */
1301 priv->status &= ~(STATUS_ASSOCIATING | STATUS_ASSOCIATED);
1303 IPW_DEBUG_INFO("exit\n");
1308 static inline void ipw2100_reset_fatalerror(struct ipw2100_priv *priv)
1310 if (!priv->fatal_error)
1313 priv->fatal_errors[priv->fatal_index++] = priv->fatal_error;
1314 priv->fatal_index %= IPW2100_ERROR_QUEUE;
1315 priv->fatal_error = 0;
1318 /* NOTE: Our interrupt is disabled when this method is called */
1319 static int ipw2100_power_cycle_adapter(struct ipw2100_priv *priv)
1324 IPW_DEBUG_INFO("Power cycling the hardware.\n");
1326 ipw2100_hw_set_gpio(priv);
1328 /* Step 1. Stop Master Assert */
1329 write_register(priv->net_dev, IPW_REG_RESET_REG,
1330 IPW_AUX_HOST_RESET_REG_STOP_MASTER);
1332 /* Step 2. Wait for stop Master Assert
1333 * (not more then 50us, otherwise ret error */
1336 udelay(IPW_WAIT_RESET_MASTER_ASSERT_COMPLETE_DELAY);
1337 read_register(priv->net_dev, IPW_REG_RESET_REG, ®);
1339 if (reg & IPW_AUX_HOST_RESET_REG_MASTER_DISABLED)
1343 priv->status &= ~STATUS_RESET_PENDING;
1347 ("exit - waited too long for master assert stop\n");
1351 write_register(priv->net_dev, IPW_REG_RESET_REG,
1352 IPW_AUX_HOST_RESET_REG_SW_RESET);
1354 /* Reset any fatal_error conditions */
1355 ipw2100_reset_fatalerror(priv);
1357 /* At this point, the adapter is now stopped and disabled */
1358 priv->status &= ~(STATUS_RUNNING | STATUS_ASSOCIATING |
1359 STATUS_ASSOCIATED | STATUS_ENABLED);
1365 * Send the CARD_DISABLE_PHY_OFF comamnd to the card to disable it
1367 * After disabling, if the card was associated, a STATUS_ASSN_LOST will be sent.
1369 * STATUS_CARD_DISABLE_NOTIFICATION will be sent regardless of
1370 * if STATUS_ASSN_LOST is sent.
1372 static int ipw2100_hw_phy_off(struct ipw2100_priv *priv)
1375 #define HW_PHY_OFF_LOOP_DELAY (HZ / 5000)
1377 struct host_command cmd = {
1378 .host_command = CARD_DISABLE_PHY_OFF,
1379 .host_command_sequence = 0,
1380 .host_command_length = 0,
1385 IPW_DEBUG_HC("CARD_DISABLE_PHY_OFF\n");
1387 /* Turn off the radio */
1388 err = ipw2100_hw_send_command(priv, &cmd);
1392 for (i = 0; i < 2500; i++) {
1393 read_nic_dword(priv->net_dev, IPW2100_CONTROL_REG, &val1);
1394 read_nic_dword(priv->net_dev, IPW2100_COMMAND, &val2);
1396 if ((val1 & IPW2100_CONTROL_PHY_OFF) &&
1397 (val2 & IPW2100_COMMAND_PHY_OFF))
1400 schedule_timeout_uninterruptible(HW_PHY_OFF_LOOP_DELAY);
1406 static int ipw2100_enable_adapter(struct ipw2100_priv *priv)
1408 struct host_command cmd = {
1409 .host_command = HOST_COMPLETE,
1410 .host_command_sequence = 0,
1411 .host_command_length = 0
1415 IPW_DEBUG_HC("HOST_COMPLETE\n");
1417 if (priv->status & STATUS_ENABLED)
1420 mutex_lock(&priv->adapter_mutex);
1422 if (rf_kill_active(priv)) {
1423 IPW_DEBUG_HC("Command aborted due to RF kill active.\n");
1427 err = ipw2100_hw_send_command(priv, &cmd);
1429 IPW_DEBUG_INFO("Failed to send HOST_COMPLETE command\n");
1433 err = ipw2100_wait_for_card_state(priv, IPW_HW_STATE_ENABLED);
1435 IPW_DEBUG_INFO("%s: card not responding to init command.\n",
1436 priv->net_dev->name);
1440 if (priv->stop_hang_check) {
1441 priv->stop_hang_check = 0;
1442 queue_delayed_work(priv->workqueue, &priv->hang_check, HZ / 2);
1446 mutex_unlock(&priv->adapter_mutex);
1450 static int ipw2100_hw_stop_adapter(struct ipw2100_priv *priv)
1452 #define HW_POWER_DOWN_DELAY (msecs_to_jiffies(100))
1454 struct host_command cmd = {
1455 .host_command = HOST_PRE_POWER_DOWN,
1456 .host_command_sequence = 0,
1457 .host_command_length = 0,
1462 if (!(priv->status & STATUS_RUNNING))
1465 priv->status |= STATUS_STOPPING;
1467 /* We can only shut down the card if the firmware is operational. So,
1468 * if we haven't reset since a fatal_error, then we can not send the
1469 * shutdown commands. */
1470 if (!priv->fatal_error) {
1471 /* First, make sure the adapter is enabled so that the PHY_OFF
1472 * command can shut it down */
1473 ipw2100_enable_adapter(priv);
1475 err = ipw2100_hw_phy_off(priv);
1477 printk(KERN_WARNING DRV_NAME
1478 ": Error disabling radio %d\n", err);
1481 * If in D0-standby mode going directly to D3 may cause a
1482 * PCI bus violation. Therefore we must change out of the D0
1485 * Sending the PREPARE_FOR_POWER_DOWN will restrict the
1486 * hardware from going into standby mode and will transition
1487 * out of D0-standby if it is already in that state.
1489 * STATUS_PREPARE_POWER_DOWN_COMPLETE will be sent by the
1490 * driver upon completion. Once received, the driver can
1491 * proceed to the D3 state.
1493 * Prepare for power down command to fw. This command would
1494 * take HW out of D0-standby and prepare it for D3 state.
1496 * Currently FW does not support event notification for this
1497 * event. Therefore, skip waiting for it. Just wait a fixed
1500 IPW_DEBUG_HC("HOST_PRE_POWER_DOWN\n");
1502 err = ipw2100_hw_send_command(priv, &cmd);
1504 printk(KERN_WARNING DRV_NAME ": "
1505 "%s: Power down command failed: Error %d\n",
1506 priv->net_dev->name, err);
1508 schedule_timeout_uninterruptible(HW_POWER_DOWN_DELAY);
1511 priv->status &= ~STATUS_ENABLED;
1514 * Set GPIO 3 writable by FW; GPIO 1 writable
1515 * by driver and enable clock
1517 ipw2100_hw_set_gpio(priv);
1520 * Power down adapter. Sequence:
1521 * 1. Stop master assert (RESET_REG[9]=1)
1522 * 2. Wait for stop master (RESET_REG[8]==1)
1523 * 3. S/w reset assert (RESET_REG[7] = 1)
1526 /* Stop master assert */
1527 write_register(priv->net_dev, IPW_REG_RESET_REG,
1528 IPW_AUX_HOST_RESET_REG_STOP_MASTER);
1530 /* wait stop master not more than 50 usec.
1531 * Otherwise return error. */
1532 for (i = 5; i > 0; i--) {
1535 /* Check master stop bit */
1536 read_register(priv->net_dev, IPW_REG_RESET_REG, ®);
1538 if (reg & IPW_AUX_HOST_RESET_REG_MASTER_DISABLED)
1543 printk(KERN_WARNING DRV_NAME
1544 ": %s: Could now power down adapter.\n",
1545 priv->net_dev->name);
1547 /* assert s/w reset */
1548 write_register(priv->net_dev, IPW_REG_RESET_REG,
1549 IPW_AUX_HOST_RESET_REG_SW_RESET);
1551 priv->status &= ~(STATUS_RUNNING | STATUS_STOPPING);
1556 static int ipw2100_disable_adapter(struct ipw2100_priv *priv)
1558 struct host_command cmd = {
1559 .host_command = CARD_DISABLE,
1560 .host_command_sequence = 0,
1561 .host_command_length = 0
1565 IPW_DEBUG_HC("CARD_DISABLE\n");
1567 if (!(priv->status & STATUS_ENABLED))
1570 /* Make sure we clear the associated state */
1571 priv->status &= ~(STATUS_ASSOCIATED | STATUS_ASSOCIATING);
1573 if (!priv->stop_hang_check) {
1574 priv->stop_hang_check = 1;
1575 cancel_delayed_work(&priv->hang_check);
1578 mutex_lock(&priv->adapter_mutex);
1580 err = ipw2100_hw_send_command(priv, &cmd);
1582 printk(KERN_WARNING DRV_NAME
1583 ": exit - failed to send CARD_DISABLE command\n");
1587 err = ipw2100_wait_for_card_state(priv, IPW_HW_STATE_DISABLED);
1589 printk(KERN_WARNING DRV_NAME
1590 ": exit - card failed to change to DISABLED\n");
1594 IPW_DEBUG_INFO("TODO: implement scan state machine\n");
1597 mutex_unlock(&priv->adapter_mutex);
1601 static int ipw2100_set_scan_options(struct ipw2100_priv *priv)
1603 struct host_command cmd = {
1604 .host_command = SET_SCAN_OPTIONS,
1605 .host_command_sequence = 0,
1606 .host_command_length = 8
1610 IPW_DEBUG_INFO("enter\n");
1612 IPW_DEBUG_SCAN("setting scan options\n");
1614 cmd.host_command_parameters[0] = 0;
1616 if (!(priv->config & CFG_ASSOCIATE))
1617 cmd.host_command_parameters[0] |= IPW_SCAN_NOASSOCIATE;
1618 if ((priv->ieee->sec.flags & SEC_ENABLED) && priv->ieee->sec.enabled)
1619 cmd.host_command_parameters[0] |= IPW_SCAN_MIXED_CELL;
1620 if (priv->config & CFG_PASSIVE_SCAN)
1621 cmd.host_command_parameters[0] |= IPW_SCAN_PASSIVE;
1623 cmd.host_command_parameters[1] = priv->channel_mask;
1625 err = ipw2100_hw_send_command(priv, &cmd);
1627 IPW_DEBUG_HC("SET_SCAN_OPTIONS 0x%04X\n",
1628 cmd.host_command_parameters[0]);
1633 static int ipw2100_start_scan(struct ipw2100_priv *priv)
1635 struct host_command cmd = {
1636 .host_command = BROADCAST_SCAN,
1637 .host_command_sequence = 0,
1638 .host_command_length = 4
1642 IPW_DEBUG_HC("START_SCAN\n");
1644 cmd.host_command_parameters[0] = 0;
1646 /* No scanning if in monitor mode */
1647 if (priv->ieee->iw_mode == IW_MODE_MONITOR)
1650 if (priv->status & STATUS_SCANNING) {
1651 IPW_DEBUG_SCAN("Scan requested while already in scan...\n");
1655 IPW_DEBUG_INFO("enter\n");
1657 /* Not clearing here; doing so makes iwlist always return nothing...
1659 * We should modify the table logic to use aging tables vs. clearing
1660 * the table on each scan start.
1662 IPW_DEBUG_SCAN("starting scan\n");
1664 priv->status |= STATUS_SCANNING;
1665 err = ipw2100_hw_send_command(priv, &cmd);
1667 priv->status &= ~STATUS_SCANNING;
1669 IPW_DEBUG_INFO("exit\n");
1674 static const struct ieee80211_geo ipw_geos[] = {
1678 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
1679 {2427, 4}, {2432, 5}, {2437, 6},
1680 {2442, 7}, {2447, 8}, {2452, 9},
1681 {2457, 10}, {2462, 11}, {2467, 12},
1682 {2472, 13}, {2484, 14}},
1686 static int ipw2100_up(struct ipw2100_priv *priv, int deferred)
1688 unsigned long flags;
1691 u32 ord_len = sizeof(lock);
1693 /* Quite if manually disabled. */
1694 if (priv->status & STATUS_RF_KILL_SW) {
1695 IPW_DEBUG_INFO("%s: Radio is disabled by Manual Disable "
1696 "switch\n", priv->net_dev->name);
1700 /* the ipw2100 hardware really doesn't want power management delays
1701 * longer than 175usec
1703 pm_qos_update_requirement(PM_QOS_CPU_DMA_LATENCY, "ipw2100", 175);
1705 /* If the interrupt is enabled, turn it off... */
1706 spin_lock_irqsave(&priv->low_lock, flags);
1707 ipw2100_disable_interrupts(priv);
1709 /* Reset any fatal_error conditions */
1710 ipw2100_reset_fatalerror(priv);
1711 spin_unlock_irqrestore(&priv->low_lock, flags);
1713 if (priv->status & STATUS_POWERED ||
1714 (priv->status & STATUS_RESET_PENDING)) {
1715 /* Power cycle the card ... */
1716 if (ipw2100_power_cycle_adapter(priv)) {
1717 printk(KERN_WARNING DRV_NAME
1718 ": %s: Could not cycle adapter.\n",
1719 priv->net_dev->name);
1724 priv->status |= STATUS_POWERED;
1726 /* Load the firmware, start the clocks, etc. */
1727 if (ipw2100_start_adapter(priv)) {
1728 printk(KERN_ERR DRV_NAME
1729 ": %s: Failed to start the firmware.\n",
1730 priv->net_dev->name);
1735 ipw2100_initialize_ordinals(priv);
1737 /* Determine capabilities of this particular HW configuration */
1738 if (ipw2100_get_hw_features(priv)) {
1739 printk(KERN_ERR DRV_NAME
1740 ": %s: Failed to determine HW features.\n",
1741 priv->net_dev->name);
1746 /* Initialize the geo */
1747 if (ieee80211_set_geo(priv->ieee, &ipw_geos[0])) {
1748 printk(KERN_WARNING DRV_NAME "Could not set geo\n");
1751 priv->ieee->freq_band = IEEE80211_24GHZ_BAND;
1754 if (ipw2100_set_ordinal(priv, IPW_ORD_PERS_DB_LOCK, &lock, &ord_len)) {
1755 printk(KERN_ERR DRV_NAME
1756 ": %s: Failed to clear ordinal lock.\n",
1757 priv->net_dev->name);
1762 priv->status &= ~STATUS_SCANNING;
1764 if (rf_kill_active(priv)) {
1765 printk(KERN_INFO "%s: Radio is disabled by RF switch.\n",
1766 priv->net_dev->name);
1768 if (priv->stop_rf_kill) {
1769 priv->stop_rf_kill = 0;
1770 queue_delayed_work(priv->workqueue, &priv->rf_kill,
1771 round_jiffies_relative(HZ));
1777 /* Turn on the interrupt so that commands can be processed */
1778 ipw2100_enable_interrupts(priv);
1780 /* Send all of the commands that must be sent prior to
1782 if (ipw2100_adapter_setup(priv)) {
1783 printk(KERN_ERR DRV_NAME ": %s: Failed to start the card.\n",
1784 priv->net_dev->name);
1790 /* Enable the adapter - sends HOST_COMPLETE */
1791 if (ipw2100_enable_adapter(priv)) {
1792 printk(KERN_ERR DRV_NAME ": "
1793 "%s: failed in call to enable adapter.\n",
1794 priv->net_dev->name);
1795 ipw2100_hw_stop_adapter(priv);
1800 /* Start a scan . . . */
1801 ipw2100_set_scan_options(priv);
1802 ipw2100_start_scan(priv);
1809 /* Called by register_netdev() */
1810 static int ipw2100_net_init(struct net_device *dev)
1812 struct ipw2100_priv *priv = ieee80211_priv(dev);
1813 return ipw2100_up(priv, 1);
1816 static void ipw2100_down(struct ipw2100_priv *priv)
1818 unsigned long flags;
1819 union iwreq_data wrqu = {
1821 .sa_family = ARPHRD_ETHER}
1823 int associated = priv->status & STATUS_ASSOCIATED;
1825 /* Kill the RF switch timer */
1826 if (!priv->stop_rf_kill) {
1827 priv->stop_rf_kill = 1;
1828 cancel_delayed_work(&priv->rf_kill);
1831 /* Kill the firmare hang check timer */
1832 if (!priv->stop_hang_check) {
1833 priv->stop_hang_check = 1;
1834 cancel_delayed_work(&priv->hang_check);
1837 /* Kill any pending resets */
1838 if (priv->status & STATUS_RESET_PENDING)
1839 cancel_delayed_work(&priv->reset_work);
1841 /* Make sure the interrupt is on so that FW commands will be
1842 * processed correctly */
1843 spin_lock_irqsave(&priv->low_lock, flags);
1844 ipw2100_enable_interrupts(priv);
1845 spin_unlock_irqrestore(&priv->low_lock, flags);
1847 if (ipw2100_hw_stop_adapter(priv))
1848 printk(KERN_ERR DRV_NAME ": %s: Error stopping adapter.\n",
1849 priv->net_dev->name);
1851 /* Do not disable the interrupt until _after_ we disable
1852 * the adaptor. Otherwise the CARD_DISABLE command will never
1853 * be ack'd by the firmware */
1854 spin_lock_irqsave(&priv->low_lock, flags);
1855 ipw2100_disable_interrupts(priv);
1856 spin_unlock_irqrestore(&priv->low_lock, flags);
1858 pm_qos_update_requirement(PM_QOS_CPU_DMA_LATENCY, "ipw2100",
1859 PM_QOS_DEFAULT_VALUE);
1861 /* We have to signal any supplicant if we are disassociating */
1863 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL);
1865 priv->status &= ~(STATUS_ASSOCIATED | STATUS_ASSOCIATING);
1866 netif_carrier_off(priv->net_dev);
1867 netif_stop_queue(priv->net_dev);
1870 static void ipw2100_reset_adapter(struct work_struct *work)
1872 struct ipw2100_priv *priv =
1873 container_of(work, struct ipw2100_priv, reset_work.work);
1874 unsigned long flags;
1875 union iwreq_data wrqu = {
1877 .sa_family = ARPHRD_ETHER}
1879 int associated = priv->status & STATUS_ASSOCIATED;
1881 spin_lock_irqsave(&priv->low_lock, flags);
1882 IPW_DEBUG_INFO(": %s: Restarting adapter.\n", priv->net_dev->name);
1884 priv->status &= ~(STATUS_ASSOCIATED | STATUS_ASSOCIATING);
1885 priv->status |= STATUS_SECURITY_UPDATED;
1887 /* Force a power cycle even if interface hasn't been opened
1889 cancel_delayed_work(&priv->reset_work);
1890 priv->status |= STATUS_RESET_PENDING;
1891 spin_unlock_irqrestore(&priv->low_lock, flags);
1893 mutex_lock(&priv->action_mutex);
1894 /* stop timed checks so that they don't interfere with reset */
1895 priv->stop_hang_check = 1;
1896 cancel_delayed_work(&priv->hang_check);
1898 /* We have to signal any supplicant if we are disassociating */
1900 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL);
1902 ipw2100_up(priv, 0);
1903 mutex_unlock(&priv->action_mutex);
1907 static void isr_indicate_associated(struct ipw2100_priv *priv, u32 status)
1910 #define MAC_ASSOCIATION_READ_DELAY (HZ)
1911 int ret, len, essid_len;
1912 char essid[IW_ESSID_MAX_SIZE];
1919 * TBD: BSSID is usually 00:00:00:00:00:00 here and not
1920 * an actual MAC of the AP. Seems like FW sets this
1921 * address too late. Read it later and expose through
1922 * /proc or schedule a later task to query and update
1925 essid_len = IW_ESSID_MAX_SIZE;
1926 ret = ipw2100_get_ordinal(priv, IPW_ORD_STAT_ASSN_SSID,
1929 IPW_DEBUG_INFO("failed querying ordinals at line %d\n",
1935 ret = ipw2100_get_ordinal(priv, IPW_ORD_CURRENT_TX_RATE, &txrate, &len);
1937 IPW_DEBUG_INFO("failed querying ordinals at line %d\n",
1943 ret = ipw2100_get_ordinal(priv, IPW_ORD_OUR_FREQ, &chan, &len);
1945 IPW_DEBUG_INFO("failed querying ordinals at line %d\n",
1950 ipw2100_get_ordinal(priv, IPW_ORD_STAT_ASSN_AP_BSSID, &bssid, &len);
1952 IPW_DEBUG_INFO("failed querying ordinals at line %d\n",
1956 memcpy(priv->ieee->bssid, bssid, ETH_ALEN);
1959 case TX_RATE_1_MBIT:
1960 txratename = "1Mbps";
1962 case TX_RATE_2_MBIT:
1963 txratename = "2Mbsp";
1965 case TX_RATE_5_5_MBIT:
1966 txratename = "5.5Mbps";
1968 case TX_RATE_11_MBIT:
1969 txratename = "11Mbps";
1972 IPW_DEBUG_INFO("Unknown rate: %d\n", txrate);
1973 txratename = "unknown rate";
1977 IPW_DEBUG_INFO("%s: Associated with '%s' at %s, channel %d (BSSID=%pM)\n",
1978 priv->net_dev->name, escape_essid(essid, essid_len),
1979 txratename, chan, bssid);
1981 /* now we copy read ssid into dev */
1982 if (!(priv->config & CFG_STATIC_ESSID)) {
1983 priv->essid_len = min((u8) essid_len, (u8) IW_ESSID_MAX_SIZE);
1984 memcpy(priv->essid, essid, priv->essid_len);
1986 priv->channel = chan;
1987 memcpy(priv->bssid, bssid, ETH_ALEN);
1989 priv->status |= STATUS_ASSOCIATING;
1990 priv->connect_start = get_seconds();
1992 queue_delayed_work(priv->workqueue, &priv->wx_event_work, HZ / 10);
1995 static int ipw2100_set_essid(struct ipw2100_priv *priv, char *essid,
1996 int length, int batch_mode)
1998 int ssid_len = min(length, IW_ESSID_MAX_SIZE);
1999 struct host_command cmd = {
2000 .host_command = SSID,
2001 .host_command_sequence = 0,
2002 .host_command_length = ssid_len
2006 IPW_DEBUG_HC("SSID: '%s'\n", escape_essid(essid, ssid_len));
2009 memcpy(cmd.host_command_parameters, essid, ssid_len);
2012 err = ipw2100_disable_adapter(priv);
2017 /* Bug in FW currently doesn't honor bit 0 in SET_SCAN_OPTIONS to
2018 * disable auto association -- so we cheat by setting a bogus SSID */
2019 if (!ssid_len && !(priv->config & CFG_ASSOCIATE)) {
2021 u8 *bogus = (u8 *) cmd.host_command_parameters;
2022 for (i = 0; i < IW_ESSID_MAX_SIZE; i++)
2023 bogus[i] = 0x18 + i;
2024 cmd.host_command_length = IW_ESSID_MAX_SIZE;
2027 /* NOTE: We always send the SSID command even if the provided ESSID is
2028 * the same as what we currently think is set. */
2030 err = ipw2100_hw_send_command(priv, &cmd);
2032 memset(priv->essid + ssid_len, 0, IW_ESSID_MAX_SIZE - ssid_len);
2033 memcpy(priv->essid, essid, ssid_len);
2034 priv->essid_len = ssid_len;
2038 if (ipw2100_enable_adapter(priv))
2045 static void isr_indicate_association_lost(struct ipw2100_priv *priv, u32 status)
2047 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE | IPW_DL_ASSOC,
2048 "disassociated: '%s' %pM \n",
2049 escape_essid(priv->essid, priv->essid_len),
2052 priv->status &= ~(STATUS_ASSOCIATED | STATUS_ASSOCIATING);
2054 if (priv->status & STATUS_STOPPING) {
2055 IPW_DEBUG_INFO("Card is stopping itself, discard ASSN_LOST.\n");
2059 memset(priv->bssid, 0, ETH_ALEN);
2060 memset(priv->ieee->bssid, 0, ETH_ALEN);
2062 netif_carrier_off(priv->net_dev);
2063 netif_stop_queue(priv->net_dev);
2065 if (!(priv->status & STATUS_RUNNING))
2068 if (priv->status & STATUS_SECURITY_UPDATED)
2069 queue_delayed_work(priv->workqueue, &priv->security_work, 0);
2071 queue_delayed_work(priv->workqueue, &priv->wx_event_work, 0);
2074 static void isr_indicate_rf_kill(struct ipw2100_priv *priv, u32 status)
2076 IPW_DEBUG_INFO("%s: RF Kill state changed to radio OFF.\n",
2077 priv->net_dev->name);
2079 /* RF_KILL is now enabled (else we wouldn't be here) */
2080 priv->status |= STATUS_RF_KILL_HW;
2082 /* Make sure the RF Kill check timer is running */
2083 priv->stop_rf_kill = 0;
2084 cancel_delayed_work(&priv->rf_kill);
2085 queue_delayed_work(priv->workqueue, &priv->rf_kill,
2086 round_jiffies_relative(HZ));
2089 static void send_scan_event(void *data)
2091 struct ipw2100_priv *priv = data;
2092 union iwreq_data wrqu;
2094 wrqu.data.length = 0;
2095 wrqu.data.flags = 0;
2096 wireless_send_event(priv->net_dev, SIOCGIWSCAN, &wrqu, NULL);
2099 static void ipw2100_scan_event_later(struct work_struct *work)
2101 send_scan_event(container_of(work, struct ipw2100_priv,
2102 scan_event_later.work));
2105 static void ipw2100_scan_event_now(struct work_struct *work)
2107 send_scan_event(container_of(work, struct ipw2100_priv,
2111 static void isr_scan_complete(struct ipw2100_priv *priv, u32 status)
2113 IPW_DEBUG_SCAN("scan complete\n");
2114 /* Age the scan results... */
2115 priv->ieee->scans++;
2116 priv->status &= ~STATUS_SCANNING;
2118 /* Only userspace-requested scan completion events go out immediately */
2119 if (!priv->user_requested_scan) {
2120 if (!delayed_work_pending(&priv->scan_event_later))
2121 queue_delayed_work(priv->workqueue,
2122 &priv->scan_event_later,
2123 round_jiffies_relative(msecs_to_jiffies(4000)));
2125 priv->user_requested_scan = 0;
2126 cancel_delayed_work(&priv->scan_event_later);
2127 queue_work(priv->workqueue, &priv->scan_event_now);
2131 #ifdef CONFIG_IPW2100_DEBUG
2132 #define IPW2100_HANDLER(v, f) { v, f, # v }
2133 struct ipw2100_status_indicator {
2135 void (*cb) (struct ipw2100_priv * priv, u32 status);
2139 #define IPW2100_HANDLER(v, f) { v, f }
2140 struct ipw2100_status_indicator {
2142 void (*cb) (struct ipw2100_priv * priv, u32 status);
2144 #endif /* CONFIG_IPW2100_DEBUG */
2146 static void isr_indicate_scanning(struct ipw2100_priv *priv, u32 status)
2148 IPW_DEBUG_SCAN("Scanning...\n");
2149 priv->status |= STATUS_SCANNING;
2152 static const struct ipw2100_status_indicator status_handlers[] = {
2153 IPW2100_HANDLER(IPW_STATE_INITIALIZED, NULL),
2154 IPW2100_HANDLER(IPW_STATE_COUNTRY_FOUND, NULL),
2155 IPW2100_HANDLER(IPW_STATE_ASSOCIATED, isr_indicate_associated),
2156 IPW2100_HANDLER(IPW_STATE_ASSN_LOST, isr_indicate_association_lost),
2157 IPW2100_HANDLER(IPW_STATE_ASSN_CHANGED, NULL),
2158 IPW2100_HANDLER(IPW_STATE_SCAN_COMPLETE, isr_scan_complete),
2159 IPW2100_HANDLER(IPW_STATE_ENTERED_PSP, NULL),
2160 IPW2100_HANDLER(IPW_STATE_LEFT_PSP, NULL),
2161 IPW2100_HANDLER(IPW_STATE_RF_KILL, isr_indicate_rf_kill),
2162 IPW2100_HANDLER(IPW_STATE_DISABLED, NULL),
2163 IPW2100_HANDLER(IPW_STATE_POWER_DOWN, NULL),
2164 IPW2100_HANDLER(IPW_STATE_SCANNING, isr_indicate_scanning),
2165 IPW2100_HANDLER(-1, NULL)
2168 static void isr_status_change(struct ipw2100_priv *priv, int status)
2172 if (status == IPW_STATE_SCANNING &&
2173 priv->status & STATUS_ASSOCIATED &&
2174 !(priv->status & STATUS_SCANNING)) {
2175 IPW_DEBUG_INFO("Scan detected while associated, with "
2176 "no scan request. Restarting firmware.\n");
2178 /* Wake up any sleeping jobs */
2179 schedule_reset(priv);
2182 for (i = 0; status_handlers[i].status != -1; i++) {
2183 if (status == status_handlers[i].status) {
2184 IPW_DEBUG_NOTIF("Status change: %s\n",
2185 status_handlers[i].name);
2186 if (status_handlers[i].cb)
2187 status_handlers[i].cb(priv, status);
2188 priv->wstats.status = status;
2193 IPW_DEBUG_NOTIF("unknown status received: %04x\n", status);
2196 static void isr_rx_complete_command(struct ipw2100_priv *priv,
2197 struct ipw2100_cmd_header *cmd)
2199 #ifdef CONFIG_IPW2100_DEBUG
2200 if (cmd->host_command_reg < ARRAY_SIZE(command_types)) {
2201 IPW_DEBUG_HC("Command completed '%s (%d)'\n",
2202 command_types[cmd->host_command_reg],
2203 cmd->host_command_reg);
2206 if (cmd->host_command_reg == HOST_COMPLETE)
2207 priv->status |= STATUS_ENABLED;
2209 if (cmd->host_command_reg == CARD_DISABLE)
2210 priv->status &= ~STATUS_ENABLED;
2212 priv->status &= ~STATUS_CMD_ACTIVE;
2214 wake_up_interruptible(&priv->wait_command_queue);
2217 #ifdef CONFIG_IPW2100_DEBUG
2218 static const char *frame_types[] = {
2219 "COMMAND_STATUS_VAL",
2220 "STATUS_CHANGE_VAL",
2223 "HOST_NOTIFICATION_VAL"
2227 static int ipw2100_alloc_skb(struct ipw2100_priv *priv,
2228 struct ipw2100_rx_packet *packet)
2230 packet->skb = dev_alloc_skb(sizeof(struct ipw2100_rx));
2234 packet->rxp = (struct ipw2100_rx *)packet->skb->data;
2235 packet->dma_addr = pci_map_single(priv->pci_dev, packet->skb->data,
2236 sizeof(struct ipw2100_rx),
2237 PCI_DMA_FROMDEVICE);
2238 /* NOTE: pci_map_single does not return an error code, and 0 is a valid
2244 #define SEARCH_ERROR 0xffffffff
2245 #define SEARCH_FAIL 0xfffffffe
2246 #define SEARCH_SUCCESS 0xfffffff0
2247 #define SEARCH_DISCARD 0
2248 #define SEARCH_SNAPSHOT 1
2250 #define SNAPSHOT_ADDR(ofs) (priv->snapshot[((ofs) >> 12) & 0xff] + ((ofs) & 0xfff))
2251 static void ipw2100_snapshot_free(struct ipw2100_priv *priv)
2254 if (!priv->snapshot[0])
2256 for (i = 0; i < 0x30; i++)
2257 kfree(priv->snapshot[i]);
2258 priv->snapshot[0] = NULL;
2261 #ifdef IPW2100_DEBUG_C3
2262 static int ipw2100_snapshot_alloc(struct ipw2100_priv *priv)
2265 if (priv->snapshot[0])
2267 for (i = 0; i < 0x30; i++) {
2268 priv->snapshot[i] = kmalloc(0x1000, GFP_ATOMIC);
2269 if (!priv->snapshot[i]) {
2270 IPW_DEBUG_INFO("%s: Error allocating snapshot "
2271 "buffer %d\n", priv->net_dev->name, i);
2273 kfree(priv->snapshot[--i]);
2274 priv->snapshot[0] = NULL;
2282 static u32 ipw2100_match_buf(struct ipw2100_priv *priv, u8 * in_buf,
2283 size_t len, int mode)
2291 if (mode == SEARCH_SNAPSHOT) {
2292 if (!ipw2100_snapshot_alloc(priv))
2293 mode = SEARCH_DISCARD;
2296 for (ret = SEARCH_FAIL, i = 0; i < 0x30000; i += 4) {
2297 read_nic_dword(priv->net_dev, i, &tmp);
2298 if (mode == SEARCH_SNAPSHOT)
2299 *(u32 *) SNAPSHOT_ADDR(i) = tmp;
2300 if (ret == SEARCH_FAIL) {
2302 for (j = 0; j < 4; j++) {
2311 if ((s - in_buf) == len)
2312 ret = (i + j) - len + 1;
2314 } else if (mode == SEARCH_DISCARD)
2324 * 0) Disconnect the SKB from the firmware (just unmap)
2325 * 1) Pack the ETH header into the SKB
2326 * 2) Pass the SKB to the network stack
2328 * When packet is provided by the firmware, it contains the following:
2331 * . ieee80211_snap_hdr
2333 * The size of the constructed ethernet
2336 #ifdef IPW2100_RX_DEBUG
2337 static u8 packet_data[IPW_RX_NIC_BUFFER_LENGTH];
2340 static void ipw2100_corruption_detected(struct ipw2100_priv *priv, int i)
2342 #ifdef IPW2100_DEBUG_C3
2343 struct ipw2100_status *status = &priv->status_queue.drv[i];
2348 IPW_DEBUG_INFO(": PCI latency error detected at 0x%04zX.\n",
2349 i * sizeof(struct ipw2100_status));
2351 #ifdef IPW2100_DEBUG_C3
2352 /* Halt the fimrware so we can get a good image */
2353 write_register(priv->net_dev, IPW_REG_RESET_REG,
2354 IPW_AUX_HOST_RESET_REG_STOP_MASTER);
2357 udelay(IPW_WAIT_RESET_MASTER_ASSERT_COMPLETE_DELAY);
2358 read_register(priv->net_dev, IPW_REG_RESET_REG, ®);
2360 if (reg & IPW_AUX_HOST_RESET_REG_MASTER_DISABLED)
2364 match = ipw2100_match_buf(priv, (u8 *) status,
2365 sizeof(struct ipw2100_status),
2367 if (match < SEARCH_SUCCESS)
2368 IPW_DEBUG_INFO("%s: DMA status match in Firmware at "
2369 "offset 0x%06X, length %d:\n",
2370 priv->net_dev->name, match,
2371 sizeof(struct ipw2100_status));
2373 IPW_DEBUG_INFO("%s: No DMA status match in "
2374 "Firmware.\n", priv->net_dev->name);
2376 printk_buf((u8 *) priv->status_queue.drv,
2377 sizeof(struct ipw2100_status) * RX_QUEUE_LENGTH);
2380 priv->fatal_error = IPW2100_ERR_C3_CORRUPTION;
2381 priv->ieee->stats.rx_errors++;
2382 schedule_reset(priv);
2385 static void isr_rx(struct ipw2100_priv *priv, int i,
2386 struct ieee80211_rx_stats *stats)
2388 struct ipw2100_status *status = &priv->status_queue.drv[i];
2389 struct ipw2100_rx_packet *packet = &priv->rx_buffers[i];
2391 IPW_DEBUG_RX("Handler...\n");
2393 if (unlikely(status->frame_size > skb_tailroom(packet->skb))) {
2394 IPW_DEBUG_INFO("%s: frame_size (%u) > skb_tailroom (%u)!"
2396 priv->net_dev->name,
2397 status->frame_size, skb_tailroom(packet->skb));
2398 priv->ieee->stats.rx_errors++;
2402 if (unlikely(!netif_running(priv->net_dev))) {
2403 priv->ieee->stats.rx_errors++;
2404 priv->wstats.discard.misc++;
2405 IPW_DEBUG_DROP("Dropping packet while interface is not up.\n");
2409 if (unlikely(priv->ieee->iw_mode != IW_MODE_MONITOR &&
2410 !(priv->status & STATUS_ASSOCIATED))) {
2411 IPW_DEBUG_DROP("Dropping packet while not associated.\n");
2412 priv->wstats.discard.misc++;
2416 pci_unmap_single(priv->pci_dev,
2418 sizeof(struct ipw2100_rx), PCI_DMA_FROMDEVICE);
2420 skb_put(packet->skb, status->frame_size);
2422 #ifdef IPW2100_RX_DEBUG
2423 /* Make a copy of the frame so we can dump it to the logs if
2424 * ieee80211_rx fails */
2425 skb_copy_from_linear_data(packet->skb, packet_data,
2426 min_t(u32, status->frame_size,
2427 IPW_RX_NIC_BUFFER_LENGTH));
2430 if (!ieee80211_rx(priv->ieee, packet->skb, stats)) {
2431 #ifdef IPW2100_RX_DEBUG
2432 IPW_DEBUG_DROP("%s: Non consumed packet:\n",
2433 priv->net_dev->name);
2434 printk_buf(IPW_DL_DROP, packet_data, status->frame_size);
2436 priv->ieee->stats.rx_errors++;
2438 /* ieee80211_rx failed, so it didn't free the SKB */
2439 dev_kfree_skb_any(packet->skb);
2443 /* We need to allocate a new SKB and attach it to the RDB. */
2444 if (unlikely(ipw2100_alloc_skb(priv, packet))) {
2445 printk(KERN_WARNING DRV_NAME ": "
2446 "%s: Unable to allocate SKB onto RBD ring - disabling "
2447 "adapter.\n", priv->net_dev->name);
2448 /* TODO: schedule adapter shutdown */
2449 IPW_DEBUG_INFO("TODO: Shutdown adapter...\n");
2452 /* Update the RDB entry */
2453 priv->rx_queue.drv[i].host_addr = packet->dma_addr;
2456 #ifdef CONFIG_IPW2100_MONITOR
2458 static void isr_rx_monitor(struct ipw2100_priv *priv, int i,
2459 struct ieee80211_rx_stats *stats)
2461 struct ipw2100_status *status = &priv->status_queue.drv[i];
2462 struct ipw2100_rx_packet *packet = &priv->rx_buffers[i];
2464 /* Magic struct that slots into the radiotap header -- no reason
2465 * to build this manually element by element, we can write it much
2466 * more efficiently than we can parse it. ORDER MATTERS HERE */
2468 struct ieee80211_radiotap_header rt_hdr;
2469 s8 rt_dbmsignal; /* signal in dbM, kluged to signed */
2472 IPW_DEBUG_RX("Handler...\n");
2474 if (unlikely(status->frame_size > skb_tailroom(packet->skb) -
2475 sizeof(struct ipw_rt_hdr))) {
2476 IPW_DEBUG_INFO("%s: frame_size (%u) > skb_tailroom (%u)!"
2478 priv->net_dev->name,
2480 skb_tailroom(packet->skb));
2481 priv->ieee->stats.rx_errors++;
2485 if (unlikely(!netif_running(priv->net_dev))) {
2486 priv->ieee->stats.rx_errors++;
2487 priv->wstats.discard.misc++;
2488 IPW_DEBUG_DROP("Dropping packet while interface is not up.\n");
2492 if (unlikely(priv->config & CFG_CRC_CHECK &&
2493 status->flags & IPW_STATUS_FLAG_CRC_ERROR)) {
2494 IPW_DEBUG_RX("CRC error in packet. Dropping.\n");
2495 priv->ieee->stats.rx_errors++;
2499 pci_unmap_single(priv->pci_dev, packet->dma_addr,
2500 sizeof(struct ipw2100_rx), PCI_DMA_FROMDEVICE);
2501 memmove(packet->skb->data + sizeof(struct ipw_rt_hdr),
2502 packet->skb->data, status->frame_size);
2504 ipw_rt = (struct ipw_rt_hdr *) packet->skb->data;
2506 ipw_rt->rt_hdr.it_version = PKTHDR_RADIOTAP_VERSION;
2507 ipw_rt->rt_hdr.it_pad = 0; /* always good to zero */
2508 ipw_rt->rt_hdr.it_len = cpu_to_le16(sizeof(struct ipw_rt_hdr)); /* total hdr+data */
2510 ipw_rt->rt_hdr.it_present = cpu_to_le32(1 << IEEE80211_RADIOTAP_DBM_ANTSIGNAL);
2512 ipw_rt->rt_dbmsignal = status->rssi + IPW2100_RSSI_TO_DBM;
2514 skb_put(packet->skb, status->frame_size + sizeof(struct ipw_rt_hdr));
2516 if (!ieee80211_rx(priv->ieee, packet->skb, stats)) {
2517 priv->ieee->stats.rx_errors++;
2519 /* ieee80211_rx failed, so it didn't free the SKB */
2520 dev_kfree_skb_any(packet->skb);
2524 /* We need to allocate a new SKB and attach it to the RDB. */
2525 if (unlikely(ipw2100_alloc_skb(priv, packet))) {
2527 "%s: Unable to allocate SKB onto RBD ring - disabling "
2528 "adapter.\n", priv->net_dev->name);
2529 /* TODO: schedule adapter shutdown */
2530 IPW_DEBUG_INFO("TODO: Shutdown adapter...\n");
2533 /* Update the RDB entry */
2534 priv->rx_queue.drv[i].host_addr = packet->dma_addr;
2539 static int ipw2100_corruption_check(struct ipw2100_priv *priv, int i)
2541 struct ipw2100_status *status = &priv->status_queue.drv[i];
2542 struct ipw2100_rx *u = priv->rx_buffers[i].rxp;
2543 u16 frame_type = status->status_fields & STATUS_TYPE_MASK;
2545 switch (frame_type) {
2546 case COMMAND_STATUS_VAL:
2547 return (status->frame_size != sizeof(u->rx_data.command));
2548 case STATUS_CHANGE_VAL:
2549 return (status->frame_size != sizeof(u->rx_data.status));
2550 case HOST_NOTIFICATION_VAL:
2551 return (status->frame_size < sizeof(u->rx_data.notification));
2552 case P80211_DATA_VAL:
2553 case P8023_DATA_VAL:
2554 #ifdef CONFIG_IPW2100_MONITOR
2557 switch (WLAN_FC_GET_TYPE(le16_to_cpu(u->rx_data.header.frame_ctl))) {
2558 case IEEE80211_FTYPE_MGMT:
2559 case IEEE80211_FTYPE_CTL:
2561 case IEEE80211_FTYPE_DATA:
2562 return (status->frame_size >
2563 IPW_MAX_802_11_PAYLOAD_LENGTH);
2572 * ipw2100 interrupts are disabled at this point, and the ISR
2573 * is the only code that calls this method. So, we do not need
2574 * to play with any locks.
2576 * RX Queue works as follows:
2578 * Read index - firmware places packet in entry identified by the
2579 * Read index and advances Read index. In this manner,
2580 * Read index will always point to the next packet to
2581 * be filled--but not yet valid.
2583 * Write index - driver fills this entry with an unused RBD entry.
2584 * This entry has not filled by the firmware yet.
2586 * In between the W and R indexes are the RBDs that have been received
2587 * but not yet processed.
2589 * The process of handling packets will start at WRITE + 1 and advance
2590 * until it reaches the READ index.
2592 * The WRITE index is cached in the variable 'priv->rx_queue.next'.
2595 static void __ipw2100_rx_process(struct ipw2100_priv *priv)
2597 struct ipw2100_bd_queue *rxq = &priv->rx_queue;
2598 struct ipw2100_status_queue *sq = &priv->status_queue;
2599 struct ipw2100_rx_packet *packet;
2602 struct ipw2100_rx *u;
2603 struct ieee80211_rx_stats stats = {
2604 .mac_time = jiffies,
2607 read_register(priv->net_dev, IPW_MEM_HOST_SHARED_RX_READ_INDEX, &r);
2608 read_register(priv->net_dev, IPW_MEM_HOST_SHARED_RX_WRITE_INDEX, &w);
2610 if (r >= rxq->entries) {
2611 IPW_DEBUG_RX("exit - bad read index\n");
2615 i = (rxq->next + 1) % rxq->entries;
2618 /* IPW_DEBUG_RX("r = %d : w = %d : processing = %d\n",
2619 r, rxq->next, i); */
2621 packet = &priv->rx_buffers[i];
2623 /* Sync the DMA for the STATUS buffer so CPU is sure to get
2624 * the correct values */
2625 pci_dma_sync_single_for_cpu(priv->pci_dev,
2627 sizeof(struct ipw2100_status) * i,
2628 sizeof(struct ipw2100_status),
2629 PCI_DMA_FROMDEVICE);
2631 /* Sync the DMA for the RX buffer so CPU is sure to get
2632 * the correct values */
2633 pci_dma_sync_single_for_cpu(priv->pci_dev, packet->dma_addr,
2634 sizeof(struct ipw2100_rx),
2635 PCI_DMA_FROMDEVICE);
2637 if (unlikely(ipw2100_corruption_check(priv, i))) {
2638 ipw2100_corruption_detected(priv, i);
2643 frame_type = sq->drv[i].status_fields & STATUS_TYPE_MASK;
2644 stats.rssi = sq->drv[i].rssi + IPW2100_RSSI_TO_DBM;
2645 stats.len = sq->drv[i].frame_size;
2648 if (stats.rssi != 0)
2649 stats.mask |= IEEE80211_STATMASK_RSSI;
2650 stats.freq = IEEE80211_24GHZ_BAND;
2652 IPW_DEBUG_RX("%s: '%s' frame type received (%d).\n",
2653 priv->net_dev->name, frame_types[frame_type],
2656 switch (frame_type) {
2657 case COMMAND_STATUS_VAL:
2658 /* Reset Rx watchdog */
2659 isr_rx_complete_command(priv, &u->rx_data.command);
2662 case STATUS_CHANGE_VAL:
2663 isr_status_change(priv, u->rx_data.status);
2666 case P80211_DATA_VAL:
2667 case P8023_DATA_VAL:
2668 #ifdef CONFIG_IPW2100_MONITOR
2669 if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
2670 isr_rx_monitor(priv, i, &stats);
2674 if (stats.len < sizeof(struct ieee80211_hdr_3addr))
2676 switch (WLAN_FC_GET_TYPE(le16_to_cpu(u->rx_data.header.frame_ctl))) {
2677 case IEEE80211_FTYPE_MGMT:
2678 ieee80211_rx_mgt(priv->ieee,
2679 &u->rx_data.header, &stats);
2682 case IEEE80211_FTYPE_CTL:
2685 case IEEE80211_FTYPE_DATA:
2686 isr_rx(priv, i, &stats);
2694 /* clear status field associated with this RBD */
2695 rxq->drv[i].status.info.field = 0;
2697 i = (i + 1) % rxq->entries;
2701 /* backtrack one entry, wrapping to end if at 0 */
2702 rxq->next = (i ? i : rxq->entries) - 1;
2704 write_register(priv->net_dev,
2705 IPW_MEM_HOST_SHARED_RX_WRITE_INDEX, rxq->next);
2710 * __ipw2100_tx_process
2712 * This routine will determine whether the next packet on
2713 * the fw_pend_list has been processed by the firmware yet.
2715 * If not, then it does nothing and returns.
2717 * If so, then it removes the item from the fw_pend_list, frees
2718 * any associated storage, and places the item back on the
2719 * free list of its source (either msg_free_list or tx_free_list)
2721 * TX Queue works as follows:
2723 * Read index - points to the next TBD that the firmware will
2724 * process. The firmware will read the data, and once
2725 * done processing, it will advance the Read index.
2727 * Write index - driver fills this entry with an constructed TBD
2728 * entry. The Write index is not advanced until the
2729 * packet has been configured.
2731 * In between the W and R indexes are the TBDs that have NOT been
2732 * processed. Lagging behind the R index are packets that have
2733 * been processed but have not been freed by the driver.
2735 * In order to free old storage, an internal index will be maintained
2736 * that points to the next packet to be freed. When all used
2737 * packets have been freed, the oldest index will be the same as the
2738 * firmware's read index.
2740 * The OLDEST index is cached in the variable 'priv->tx_queue.oldest'
2742 * Because the TBD structure can not contain arbitrary data, the
2743 * driver must keep an internal queue of cached allocations such that
2744 * it can put that data back into the tx_free_list and msg_free_list
2745 * for use by future command and data packets.
2748 static int __ipw2100_tx_process(struct ipw2100_priv *priv)
2750 struct ipw2100_bd_queue *txq = &priv->tx_queue;
2751 struct ipw2100_bd *tbd;
2752 struct list_head *element;
2753 struct ipw2100_tx_packet *packet;
2754 int descriptors_used;
2756 u32 r, w, frag_num = 0;
2758 if (list_empty(&priv->fw_pend_list))
2761 element = priv->fw_pend_list.next;
2763 packet = list_entry(element, struct ipw2100_tx_packet, list);
2764 tbd = &txq->drv[packet->index];
2766 /* Determine how many TBD entries must be finished... */
2767 switch (packet->type) {
2769 /* COMMAND uses only one slot; don't advance */
2770 descriptors_used = 1;
2775 /* DATA uses two slots; advance and loop position. */
2776 descriptors_used = tbd->num_fragments;
2777 frag_num = tbd->num_fragments - 1;
2778 e = txq->oldest + frag_num;
2783 printk(KERN_WARNING DRV_NAME ": %s: Bad fw_pend_list entry!\n",
2784 priv->net_dev->name);
2788 /* if the last TBD is not done by NIC yet, then packet is
2789 * not ready to be released.
2792 read_register(priv->net_dev, IPW_MEM_HOST_SHARED_TX_QUEUE_READ_INDEX,
2794 read_register(priv->net_dev, IPW_MEM_HOST_SHARED_TX_QUEUE_WRITE_INDEX,
2797 printk(KERN_WARNING DRV_NAME ": %s: write index mismatch\n",
2798 priv->net_dev->name);
2801 * txq->next is the index of the last packet written txq->oldest is
2802 * the index of the r is the index of the next packet to be read by
2807 * Quick graphic to help you visualize the following
2808 * if / else statement
2810 * ===>| s---->|===============
2812 * | a | b | c | d | e | f | g | h | i | j | k | l
2816 * w - updated by driver
2817 * r - updated by firmware
2818 * s - start of oldest BD entry (txq->oldest)
2819 * e - end of oldest BD entry
2822 if (!((r <= w && (e < r || e >= w)) || (e < r && e >= w))) {
2823 IPW_DEBUG_TX("exit - no processed packets ready to release.\n");
2828 DEC_STAT(&priv->fw_pend_stat);
2830 #ifdef CONFIG_IPW2100_DEBUG
2832 int i = txq->oldest;
2833 IPW_DEBUG_TX("TX%d V=%p P=%04X T=%04X L=%d\n", i,
2835 (u32) (txq->nic + i * sizeof(struct ipw2100_bd)),
2836 txq->drv[i].host_addr, txq->drv[i].buf_length);
2838 if (packet->type == DATA) {
2839 i = (i + 1) % txq->entries;
2841 IPW_DEBUG_TX("TX%d V=%p P=%04X T=%04X L=%d\n", i,
2843 (u32) (txq->nic + i *
2844 sizeof(struct ipw2100_bd)),
2845 (u32) txq->drv[i].host_addr,
2846 txq->drv[i].buf_length);
2851 switch (packet->type) {
2853 if (txq->drv[txq->oldest].status.info.fields.txType != 0)
2854 printk(KERN_WARNING DRV_NAME ": %s: Queue mismatch. "
2855 "Expecting DATA TBD but pulled "
2856 "something else: ids %d=%d.\n",
2857 priv->net_dev->name, txq->oldest, packet->index);
2859 /* DATA packet; we have to unmap and free the SKB */
2860 for (i = 0; i < frag_num; i++) {
2861 tbd = &txq->drv[(packet->index + 1 + i) % txq->entries];
2863 IPW_DEBUG_TX("TX%d P=%08x L=%d\n",
2864 (packet->index + 1 + i) % txq->entries,
2865 tbd->host_addr, tbd->buf_length);
2867 pci_unmap_single(priv->pci_dev,
2869 tbd->buf_length, PCI_DMA_TODEVICE);
2872 ieee80211_txb_free(packet->info.d_struct.txb);
2873 packet->info.d_struct.txb = NULL;
2875 list_add_tail(element, &priv->tx_free_list);
2876 INC_STAT(&priv->tx_free_stat);
2878 /* We have a free slot in the Tx queue, so wake up the
2879 * transmit layer if it is stopped. */
2880 if (priv->status & STATUS_ASSOCIATED)
2881 netif_wake_queue(priv->net_dev);
2883 /* A packet was processed by the hardware, so update the
2885 priv->net_dev->trans_start = jiffies;
2890 if (txq->drv[txq->oldest].status.info.fields.txType != 1)
2891 printk(KERN_WARNING DRV_NAME ": %s: Queue mismatch. "
2892 "Expecting COMMAND TBD but pulled "
2893 "something else: ids %d=%d.\n",
2894 priv->net_dev->name, txq->oldest, packet->index);
2896 #ifdef CONFIG_IPW2100_DEBUG
2897 if (packet->info.c_struct.cmd->host_command_reg <
2898 ARRAY_SIZE(command_types))
2899 IPW_DEBUG_TX("Command '%s (%d)' processed: %d.\n",
2900 command_types[packet->info.c_struct.cmd->
2902 packet->info.c_struct.cmd->
2904 packet->info.c_struct.cmd->cmd_status_reg);
2907 list_add_tail(element, &priv->msg_free_list);
2908 INC_STAT(&priv->msg_free_stat);
2912 /* advance oldest used TBD pointer to start of next entry */
2913 txq->oldest = (e + 1) % txq->entries;
2914 /* increase available TBDs number */
2915 txq->available += descriptors_used;
2916 SET_STAT(&priv->txq_stat, txq->available);
2918 IPW_DEBUG_TX("packet latency (send to process) %ld jiffies\n",
2919 jiffies - packet->jiffy_start);
2921 return (!list_empty(&priv->fw_pend_list));
2924 static inline void __ipw2100_tx_complete(struct ipw2100_priv *priv)
2928 while (__ipw2100_tx_process(priv) && i < 200)
2932 printk(KERN_WARNING DRV_NAME ": "
2933 "%s: Driver is running slow (%d iters).\n",
2934 priv->net_dev->name, i);
2938 static void ipw2100_tx_send_commands(struct ipw2100_priv *priv)
2940 struct list_head *element;
2941 struct ipw2100_tx_packet *packet;
2942 struct ipw2100_bd_queue *txq = &priv->tx_queue;
2943 struct ipw2100_bd *tbd;
2944 int next = txq->next;
2946 while (!list_empty(&priv->msg_pend_list)) {
2947 /* if there isn't enough space in TBD queue, then
2948 * don't stuff a new one in.
2949 * NOTE: 3 are needed as a command will take one,
2950 * and there is a minimum of 2 that must be
2951 * maintained between the r and w indexes
2953 if (txq->available <= 3) {
2954 IPW_DEBUG_TX("no room in tx_queue\n");
2958 element = priv->msg_pend_list.next;
2960 DEC_STAT(&priv->msg_pend_stat);
2962 packet = list_entry(element, struct ipw2100_tx_packet, list);
2964 IPW_DEBUG_TX("using TBD at virt=%p, phys=%p\n",
2965 &txq->drv[txq->next],
2966 (void *)(txq->nic + txq->next *
2967 sizeof(struct ipw2100_bd)));
2969 packet->index = txq->next;
2971 tbd = &txq->drv[txq->next];
2973 /* initialize TBD */
2974 tbd->host_addr = packet->info.c_struct.cmd_phys;
2975 tbd->buf_length = sizeof(struct ipw2100_cmd_header);
2976 /* not marking number of fragments causes problems
2977 * with f/w debug version */
2978 tbd->num_fragments = 1;
2979 tbd->status.info.field =
2980 IPW_BD_STATUS_TX_FRAME_COMMAND |
2981 IPW_BD_STATUS_TX_INTERRUPT_ENABLE;
2983 /* update TBD queue counters */
2985 txq->next %= txq->entries;
2987 DEC_STAT(&priv->txq_stat);
2989 list_add_tail(element, &priv->fw_pend_list);
2990 INC_STAT(&priv->fw_pend_stat);
2993 if (txq->next != next) {
2994 /* kick off the DMA by notifying firmware the
2995 * write index has moved; make sure TBD stores are sync'd */
2997 write_register(priv->net_dev,
2998 IPW_MEM_HOST_SHARED_TX_QUEUE_WRITE_INDEX,
3004 * ipw2100_tx_send_data
3007 static void ipw2100_tx_send_data(struct ipw2100_priv *priv)
3009 struct list_head *element;
3010 struct ipw2100_tx_packet *packet;
3011 struct ipw2100_bd_queue *txq = &priv->tx_queue;
3012 struct ipw2100_bd *tbd;
3013 int next = txq->next;
3015 struct ipw2100_data_header *ipw_hdr;
3016 struct ieee80211_hdr_3addr *hdr;
3018 while (!list_empty(&priv->tx_pend_list)) {
3019 /* if there isn't enough space in TBD queue, then
3020 * don't stuff a new one in.
3021 * NOTE: 4 are needed as a data will take two,
3022 * and there is a minimum of 2 that must be
3023 * maintained between the r and w indexes
3025 element = priv->tx_pend_list.next;
3026 packet = list_entry(element, struct ipw2100_tx_packet, list);
3028 if (unlikely(1 + packet->info.d_struct.txb->nr_frags >
3030 /* TODO: Support merging buffers if more than
3031 * IPW_MAX_BDS are used */
3032 IPW_DEBUG_INFO("%s: Maximum BD theshold exceeded. "
3033 "Increase fragmentation level.\n",
3034 priv->net_dev->name);
3037 if (txq->available <= 3 + packet->info.d_struct.txb->nr_frags) {
3038 IPW_DEBUG_TX("no room in tx_queue\n");
3043 DEC_STAT(&priv->tx_pend_stat);
3045 tbd = &txq->drv[txq->next];
3047 packet->index = txq->next;
3049 ipw_hdr = packet->info.d_struct.data;
3050 hdr = (struct ieee80211_hdr_3addr *)packet->info.d_struct.txb->
3053 if (priv->ieee->iw_mode == IW_MODE_INFRA) {
3054 /* To DS: Addr1 = BSSID, Addr2 = SA,
3056 memcpy(ipw_hdr->src_addr, hdr->addr2, ETH_ALEN);
3057 memcpy(ipw_hdr->dst_addr, hdr->addr3, ETH_ALEN);
3058 } else if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
3059 /* not From/To DS: Addr1 = DA, Addr2 = SA,
3061 memcpy(ipw_hdr->src_addr, hdr->addr2, ETH_ALEN);
3062 memcpy(ipw_hdr->dst_addr, hdr->addr1, ETH_ALEN);
3065 ipw_hdr->host_command_reg = SEND;
3066 ipw_hdr->host_command_reg1 = 0;
3068 /* For now we only support host based encryption */
3069 ipw_hdr->needs_encryption = 0;
3070 ipw_hdr->encrypted = packet->info.d_struct.txb->encrypted;
3071 if (packet->info.d_struct.txb->nr_frags > 1)
3072 ipw_hdr->fragment_size =
3073 packet->info.d_struct.txb->frag_size -
3074 IEEE80211_3ADDR_LEN;
3076 ipw_hdr->fragment_size = 0;
3078 tbd->host_addr = packet->info.d_struct.data_phys;
3079 tbd->buf_length = sizeof(struct ipw2100_data_header);
3080 tbd->num_fragments = 1 + packet->info.d_struct.txb->nr_frags;
3081 tbd->status.info.field =
3082 IPW_BD_STATUS_TX_FRAME_802_3 |
3083 IPW_BD_STATUS_TX_FRAME_NOT_LAST_FRAGMENT;
3085 txq->next %= txq->entries;
3087 IPW_DEBUG_TX("data header tbd TX%d P=%08x L=%d\n",
3088 packet->index, tbd->host_addr, tbd->buf_length);
git.openpandora.org / pandora-kernel.git / blob