1 /* orinoco.c - (formerly known as dldwd_cs.c and orinoco_cs.c)
3 * A driver for Hermes or Prism 2 chipset based PCMCIA wireless
4 * adaptors, with Lucent/Agere, Intersil or Symbol firmware.
6 * Current maintainers (as of 29 September 2003) are:
7 * Pavel Roskin <proski AT gnu.org>
8 * and David Gibson <hermes AT gibson.dropbear.id.au>
10 * (C) Copyright David Gibson, IBM Corporation 2001-2003.
11 * Copyright (C) 2000 David Gibson, Linuxcare Australia.
12 * With some help from :
13 * Copyright (C) 2001 Jean Tourrilhes, HP Labs
14 * Copyright (C) 2001 Benjamin Herrenschmidt
16 * Based on dummy_cs.c 1.27 2000/06/12 21:27:25
18 * Portions based on wvlan_cs.c 1.0.6, Copyright Andreas Neuhaus <andy
19 * AT fasta.fh-dortmund.de>
20 * http://www.stud.fh-dortmund.de/~andy/wvlan/
22 * The contents of this file are subject to the Mozilla Public License
23 * Version 1.1 (the "License"); you may not use this file except in
24 * compliance with the License. You may obtain a copy of the License
25 * at http://www.mozilla.org/MPL/
27 * Software distributed under the License is distributed on an "AS IS"
28 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
29 * the License for the specific language governing rights and
30 * limitations under the License.
32 * The initial developer of the original code is David A. Hinds
33 * <dahinds AT users.sourceforge.net>. Portions created by David
34 * A. Hinds are Copyright (C) 1999 David A. Hinds. All Rights
37 * Alternatively, the contents of this file may be used under the
38 * terms of the GNU General Public License version 2 (the "GPL"), in
39 * which case the provisions of the GPL are applicable instead of the
40 * above. If you wish to allow the use of your version of this file
41 * only under the terms of the GPL and not to allow others to use your
42 * version of this file under the MPL, indicate your decision by
43 * deleting the provisions above and replace them with the notice and
44 * other provisions required by the GPL. If you do not delete the
45 * provisions above, a recipient may use your version of this file
46 * under either the MPL or the GPL. */
50 * o Handle de-encapsulation within network layer, provide 802.11
51 * headers (patch from Thomas 'Dent' Mirlacher)
52 * o Fix possible races in SPY handling.
53 * o Disconnect wireless extensions from fundamental configuration.
54 * o (maybe) Software WEP support (patch from Stano Meduna).
55 * o (maybe) Use multiple Tx buffers - driver handling queue
56 * rather than firmware.
59 /* Locking and synchronization:
61 * The basic principle is that everything is serialized through a
62 * single spinlock, priv->lock. The lock is used in user, bh and irq
63 * context, so when taken outside hardirq context it should always be
64 * taken with interrupts disabled. The lock protects both the
65 * hardware and the struct orinoco_private.
67 * Another flag, priv->hw_unavailable indicates that the hardware is
68 * unavailable for an extended period of time (e.g. suspended, or in
69 * the middle of a hard reset). This flag is protected by the
70 * spinlock. All code which touches the hardware should check the
71 * flag after taking the lock, and if it is set, give up on whatever
72 * they are doing and drop the lock again. The orinoco_lock()
73 * function handles this (it unlocks and returns -EBUSY if
74 * hw_unavailable is non-zero).
77 #define DRIVER_NAME "orinoco"
79 #include <linux/module.h>
80 #include <linux/kernel.h>
81 #include <linux/init.h>
82 #include <linux/delay.h>
83 #include <linux/netdevice.h>
84 #include <linux/etherdevice.h>
85 #include <linux/ethtool.h>
86 #include <linux/firmware.h>
87 #include <linux/suspend.h>
88 #include <linux/if_arp.h>
89 #include <linux/wireless.h>
90 #include <linux/ieee80211.h>
91 #include <net/iw_handler.h>
93 #include <linux/scatterlist.h>
94 #include <linux/crypto.h>
96 #include "hermes_rid.h"
97 #include "hermes_dld.h"
100 /********************************************************************/
101 /* Module information */
102 /********************************************************************/
104 MODULE_AUTHOR("Pavel Roskin <proski@gnu.org> & David Gibson <hermes@gibson.dropbear.id.au>");
105 MODULE_DESCRIPTION("Driver for Lucent Orinoco, Prism II based and similar wireless cards");
106 MODULE_LICENSE("Dual MPL/GPL");
108 /* Level of debugging. Used in the macros in orinoco.h */
110 int orinoco_debug = ORINOCO_DEBUG;
111 module_param(orinoco_debug, int, 0644);
112 MODULE_PARM_DESC(orinoco_debug, "Debug level");
113 EXPORT_SYMBOL(orinoco_debug);
116 static int suppress_linkstatus; /* = 0 */
117 module_param(suppress_linkstatus, bool, 0644);
118 MODULE_PARM_DESC(suppress_linkstatus, "Don't log link status changes");
119 static int ignore_disconnect; /* = 0 */
120 module_param(ignore_disconnect, int, 0644);
121 MODULE_PARM_DESC(ignore_disconnect, "Don't report lost link to the network layer");
123 static int force_monitor; /* = 0 */
124 module_param(force_monitor, int, 0644);
125 MODULE_PARM_DESC(force_monitor, "Allow monitor mode for all firmware versions");
127 /********************************************************************/
128 /* Compile time configuration and compatibility stuff */
129 /********************************************************************/
131 /* We do this this way to avoid ifdefs in the actual code */
133 #define SPY_NUMBER(priv) (priv->spy_data.spy_number)
135 #define SPY_NUMBER(priv) 0
136 #endif /* WIRELESS_SPY */
138 /********************************************************************/
139 /* Internal constants */
140 /********************************************************************/
142 /* 802.2 LLC/SNAP header used for Ethernet encapsulation over 802.11 */
143 static const u8 encaps_hdr[] = {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00};
144 #define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2)
146 #define ORINOCO_MIN_MTU 256
147 #define ORINOCO_MAX_MTU (IEEE80211_MAX_DATA_LEN - ENCAPS_OVERHEAD)
149 #define SYMBOL_MAX_VER_LEN (14)
152 #define MAX_IRQLOOPS_PER_IRQ 10
153 #define MAX_IRQLOOPS_PER_JIFFY (20000/HZ) /* Based on a guestimate of
154 * how many events the
156 * legitimately generate */
157 #define SMALL_KEY_SIZE 5
158 #define LARGE_KEY_SIZE 13
159 #define TX_NICBUF_SIZE_BUG 1585 /* Bug in Symbol firmware */
161 #define DUMMY_FID 0xFFFF
163 /*#define MAX_MULTICAST(priv) (priv->firmware_type == FIRMWARE_TYPE_AGERE ? \
164 HERMES_MAX_MULTICAST : 0)*/
165 #define MAX_MULTICAST(priv) (HERMES_MAX_MULTICAST)
167 #define ORINOCO_INTEN (HERMES_EV_RX | HERMES_EV_ALLOC \
168 | HERMES_EV_TX | HERMES_EV_TXEXC \
169 | HERMES_EV_WTERR | HERMES_EV_INFO \
170 | HERMES_EV_INFDROP )
172 #define MAX_RID_LEN 1024
174 static const struct iw_handler_def orinoco_handler_def;
175 static const struct ethtool_ops orinoco_ethtool_ops;
177 /********************************************************************/
179 /********************************************************************/
181 #define NUM_CHANNELS 14
183 /* This tables gives the actual meanings of the bitrate IDs returned
184 * by the firmware. */
186 int bitrate; /* in 100s of kilobits */
188 u16 agere_txratectrl;
189 u16 intersil_txratectrl;
190 } bitrate_table[] = {
191 {110, 1, 3, 15}, /* Entry 0 is the default */
200 #define BITRATE_TABLE_SIZE ARRAY_SIZE(bitrate_table)
202 /********************************************************************/
204 /********************************************************************/
206 /* Beginning of the Tx descriptor, used in TxExc handling */
207 struct hermes_txexc_data {
208 struct hermes_tx_descriptor desc;
212 } __attribute__ ((packed));
214 /* Rx frame header except compatibility 802.3 header */
215 struct hermes_rx_descriptor {
236 } __attribute__ ((packed));
238 struct orinoco_rx_data {
239 struct hermes_rx_descriptor *desc;
241 struct list_head list;
244 /********************************************************************/
245 /* Function prototypes */
246 /********************************************************************/
248 static int __orinoco_program_rids(struct net_device *dev);
249 static void __orinoco_set_multicast_list(struct net_device *dev);
251 /********************************************************************/
252 /* Michael MIC crypto setup */
253 /********************************************************************/
254 #define MICHAEL_MIC_LEN 8
255 static int orinoco_mic_init(struct orinoco_private *priv)
257 priv->tx_tfm_mic = crypto_alloc_hash("michael_mic", 0, 0);
258 if (IS_ERR(priv->tx_tfm_mic)) {
259 printk(KERN_DEBUG "orinoco_mic_init: could not allocate "
260 "crypto API michael_mic\n");
261 priv->tx_tfm_mic = NULL;
265 priv->rx_tfm_mic = crypto_alloc_hash("michael_mic", 0, 0);
266 if (IS_ERR(priv->rx_tfm_mic)) {
267 printk(KERN_DEBUG "orinoco_mic_init: could not allocate "
268 "crypto API michael_mic\n");
269 priv->rx_tfm_mic = NULL;
276 static void orinoco_mic_free(struct orinoco_private *priv)
278 if (priv->tx_tfm_mic)
279 crypto_free_hash(priv->tx_tfm_mic);
280 if (priv->rx_tfm_mic)
281 crypto_free_hash(priv->rx_tfm_mic);
284 static int michael_mic(struct crypto_hash *tfm_michael, u8 *key,
285 u8 *da, u8 *sa, u8 priority,
286 u8 *data, size_t data_len, u8 *mic)
288 struct hash_desc desc;
289 struct scatterlist sg[2];
290 u8 hdr[ETH_HLEN + 2]; /* size of header + padding */
292 if (tfm_michael == NULL) {
293 printk(KERN_WARNING "michael_mic: tfm_michael == NULL\n");
297 /* Copy header into buffer. We need the padding on the end zeroed */
298 memcpy(&hdr[0], da, ETH_ALEN);
299 memcpy(&hdr[ETH_ALEN], sa, ETH_ALEN);
300 hdr[ETH_ALEN*2] = priority;
301 hdr[ETH_ALEN*2+1] = 0;
302 hdr[ETH_ALEN*2+2] = 0;
303 hdr[ETH_ALEN*2+3] = 0;
305 /* Use scatter gather to MIC header and data in one go */
306 sg_init_table(sg, 2);
307 sg_set_buf(&sg[0], hdr, sizeof(hdr));
308 sg_set_buf(&sg[1], data, data_len);
310 if (crypto_hash_setkey(tfm_michael, key, MIC_KEYLEN))
313 desc.tfm = tfm_michael;
315 return crypto_hash_digest(&desc, sg, data_len + sizeof(hdr),
319 /********************************************************************/
320 /* Internal helper functions */
321 /********************************************************************/
323 static inline void set_port_type(struct orinoco_private *priv)
325 switch (priv->iw_mode) {
328 priv->createibss = 0;
331 if (priv->prefer_port3) {
333 priv->createibss = 0;
335 priv->port_type = priv->ibss_port;
336 priv->createibss = 1;
339 case IW_MODE_MONITOR:
341 priv->createibss = 0;
344 printk(KERN_ERR "%s: Invalid priv->iw_mode in set_port_type()\n",
349 #define ORINOCO_MAX_BSS_COUNT 64
350 static int orinoco_bss_data_allocate(struct orinoco_private *priv)
352 if (priv->bss_xbss_data)
355 if (priv->has_ext_scan)
356 priv->bss_xbss_data = kzalloc(ORINOCO_MAX_BSS_COUNT *
357 sizeof(struct xbss_element),
360 priv->bss_xbss_data = kzalloc(ORINOCO_MAX_BSS_COUNT *
361 sizeof(struct bss_element),
364 if (!priv->bss_xbss_data) {
365 printk(KERN_WARNING "Out of memory allocating beacons");
371 static void orinoco_bss_data_free(struct orinoco_private *priv)
373 kfree(priv->bss_xbss_data);
374 priv->bss_xbss_data = NULL;
377 #define PRIV_BSS ((struct bss_element *)priv->bss_xbss_data)
378 #define PRIV_XBSS ((struct xbss_element *)priv->bss_xbss_data)
379 static void orinoco_bss_data_init(struct orinoco_private *priv)
383 INIT_LIST_HEAD(&priv->bss_free_list);
384 INIT_LIST_HEAD(&priv->bss_list);
385 if (priv->has_ext_scan)
386 for (i = 0; i < ORINOCO_MAX_BSS_COUNT; i++)
387 list_add_tail(&(PRIV_XBSS[i].list),
388 &priv->bss_free_list);
390 for (i = 0; i < ORINOCO_MAX_BSS_COUNT; i++)
391 list_add_tail(&(PRIV_BSS[i].list),
392 &priv->bss_free_list);
396 static inline u8 *orinoco_get_ie(u8 *data, size_t len,
397 enum ieee80211_eid eid)
400 while ((p + 2) < (data + len)) {
408 #define WPA_OUI_TYPE "\x00\x50\xF2\x01"
409 #define WPA_SELECTOR_LEN 4
410 static inline u8 *orinoco_get_wpa_ie(u8 *data, size_t len)
413 while ((p + 2 + WPA_SELECTOR_LEN) < (data + len)) {
414 if ((p[0] == WLAN_EID_GENERIC) &&
415 (memcmp(&p[2], WPA_OUI_TYPE, WPA_SELECTOR_LEN) == 0))
423 /********************************************************************/
424 /* Download functionality */
425 /********************************************************************/
435 const static struct fw_info orinoco_fw[] = {
436 { NULL, "agere_sta_fw.bin", "agere_ap_fw.bin", 0x00390000, 1000 },
437 { NULL, "prism_sta_fw.bin", "prism_ap_fw.bin", 0, 1024 },
438 { "symbol_sp24t_prim_fw", "symbol_sp24t_sec_fw", NULL, 0x00003100, 512 }
441 /* Structure used to access fields in FW
442 * Make sure LE decoding macros are used
444 struct orinoco_fw_header {
445 char hdr_vers[6]; /* ASCII string for header version */
446 __le16 headersize; /* Total length of header */
447 __le32 entry_point; /* NIC entry point */
448 __le32 blocks; /* Number of blocks to program */
449 __le32 block_offset; /* Offset of block data from eof header */
450 __le32 pdr_offset; /* Offset to PDR data from eof header */
451 __le32 pri_offset; /* Offset to primary plug data */
452 __le32 compat_offset; /* Offset to compatibility data*/
453 char signature[0]; /* FW signature length headersize-20 */
454 } __attribute__ ((packed));
456 /* Download either STA or AP firmware into the card. */
458 orinoco_dl_firmware(struct orinoco_private *priv,
459 const struct fw_info *fw,
462 /* Plug Data Area (PDA) */
465 hermes_t *hw = &priv->hw;
466 const struct firmware *fw_entry;
467 const struct orinoco_fw_header *hdr;
468 const unsigned char *first_block;
469 const unsigned char *end;
470 const char *firmware;
471 struct net_device *dev = priv->ndev;
474 pda = kzalloc(fw->pda_size, GFP_KERNEL);
479 firmware = fw->ap_fw;
481 firmware = fw->sta_fw;
483 printk(KERN_DEBUG "%s: Attempting to download firmware %s\n",
484 dev->name, firmware);
486 /* Read current plug data */
487 err = hermes_read_pda(hw, pda, fw->pda_addr, fw->pda_size, 0);
488 printk(KERN_DEBUG "%s: Read PDA returned %d\n", dev->name, err);
492 if (!priv->cached_fw) {
493 err = request_firmware(&fw_entry, firmware, priv->dev);
496 printk(KERN_ERR "%s: Cannot find firmware %s\n",
497 dev->name, firmware);
502 fw_entry = priv->cached_fw;
504 hdr = (const struct orinoco_fw_header *) fw_entry->data;
506 /* Enable aux port to allow programming */
507 err = hermesi_program_init(hw, le32_to_cpu(hdr->entry_point));
508 printk(KERN_DEBUG "%s: Program init returned %d\n", dev->name, err);
513 first_block = (fw_entry->data +
514 le16_to_cpu(hdr->headersize) +
515 le32_to_cpu(hdr->block_offset));
516 end = fw_entry->data + fw_entry->size;
518 err = hermes_program(hw, first_block, end);
519 printk(KERN_DEBUG "%s: Program returned %d\n", dev->name, err);
523 /* Update production data */
524 first_block = (fw_entry->data +
525 le16_to_cpu(hdr->headersize) +
526 le32_to_cpu(hdr->pdr_offset));
528 err = hermes_apply_pda_with_defaults(hw, first_block, pda);
529 printk(KERN_DEBUG "%s: Apply PDA returned %d\n", dev->name, err);
533 /* Tell card we've finished */
534 err = hermesi_program_end(hw);
535 printk(KERN_DEBUG "%s: Program end returned %d\n", dev->name, err);
539 /* Check if we're running */
540 printk(KERN_DEBUG "%s: hermes_present returned %d\n",
541 dev->name, hermes_present(hw));
544 /* If we requested the firmware, release it. */
545 if (!priv->cached_fw)
546 release_firmware(fw_entry);
554 #define TEXT_END 0x1A /* End of text header */
557 * Process a firmware image - stop the card, load the firmware, reset
558 * the card and make sure it responds. For the secondary firmware take
559 * care of the PDA - read it and then write it on top of the firmware.
562 symbol_dl_image(struct orinoco_private *priv, const struct fw_info *fw,
563 const unsigned char *image, const unsigned char *end,
566 hermes_t *hw = &priv->hw;
568 const unsigned char *ptr;
569 const unsigned char *first_block;
571 /* Plug Data Area (PDA) */
574 /* Binary block begins after the 0x1A marker */
576 while (*ptr++ != TEXT_END);
579 /* Read the PDA from EEPROM */
581 pda = kzalloc(fw->pda_size, GFP_KERNEL);
585 ret = hermes_read_pda(hw, pda, fw->pda_addr, fw->pda_size, 1);
590 /* Stop the firmware, so that it can be safely rewritten */
592 ret = priv->stop_fw(priv, 1);
597 /* Program the adapter with new firmware */
598 ret = hermes_program(hw, first_block, end);
602 /* Write the PDA to the adapter */
604 size_t len = hermes_blocks_length(first_block);
605 ptr = first_block + len;
606 ret = hermes_apply_pda(hw, ptr, pda);
612 /* Run the firmware */
614 ret = priv->stop_fw(priv, 0);
619 /* Reset hermes chip and make sure it responds */
620 ret = hermes_init(hw);
622 /* hermes_reset() should return 0 with the secondary firmware */
623 if (secondary && ret != 0)
626 /* And this should work with any firmware */
627 if (!hermes_present(hw))
639 * Download the firmware into the card, this also does a PCMCIA soft
640 * reset on the card, to make sure it's in a sane state.
643 symbol_dl_firmware(struct orinoco_private *priv,
644 const struct fw_info *fw)
646 struct net_device *dev = priv->ndev;
648 const struct firmware *fw_entry;
650 if (!priv->cached_pri_fw) {
651 if (request_firmware(&fw_entry, fw->pri_fw, priv->dev) != 0) {
652 printk(KERN_ERR "%s: Cannot find firmware: %s\n",
653 dev->name, fw->pri_fw);
657 fw_entry = priv->cached_pri_fw;
659 /* Load primary firmware */
660 ret = symbol_dl_image(priv, fw, fw_entry->data,
661 fw_entry->data + fw_entry->size, 0);
663 if (!priv->cached_pri_fw)
664 release_firmware(fw_entry);
666 printk(KERN_ERR "%s: Primary firmware download failed\n",
671 if (!priv->cached_fw) {
672 if (request_firmware(&fw_entry, fw->sta_fw, priv->dev) != 0) {
673 printk(KERN_ERR "%s: Cannot find firmware: %s\n",
674 dev->name, fw->sta_fw);
678 fw_entry = priv->cached_fw;
680 /* Load secondary firmware */
681 ret = symbol_dl_image(priv, fw, fw_entry->data,
682 fw_entry->data + fw_entry->size, 1);
683 if (!priv->cached_fw)
684 release_firmware(fw_entry);
686 printk(KERN_ERR "%s: Secondary firmware download failed\n",
693 static int orinoco_download(struct orinoco_private *priv)
696 /* Reload firmware */
697 switch (priv->firmware_type) {
698 case FIRMWARE_TYPE_AGERE:
699 /* case FIRMWARE_TYPE_INTERSIL: */
700 err = orinoco_dl_firmware(priv,
701 &orinoco_fw[priv->firmware_type], 0);
704 case FIRMWARE_TYPE_SYMBOL:
705 err = symbol_dl_firmware(priv,
706 &orinoco_fw[priv->firmware_type]);
708 case FIRMWARE_TYPE_INTERSIL:
711 /* TODO: if we fail we probably need to reinitialise
717 #if defined(CONFIG_HERMES_CACHE_FW_ON_INIT) || defined(CONFIG_PM_SLEEP)
718 static void orinoco_cache_fw(struct orinoco_private *priv, int ap)
720 const struct firmware *fw_entry = NULL;
724 pri_fw = orinoco_fw[priv->firmware_type].pri_fw;
726 fw = orinoco_fw[priv->firmware_type].ap_fw;
728 fw = orinoco_fw[priv->firmware_type].sta_fw;
731 if (request_firmware(&fw_entry, pri_fw, priv->dev) == 0)
732 priv->cached_pri_fw = fw_entry;
736 if (request_firmware(&fw_entry, fw, priv->dev) == 0)
737 priv->cached_fw = fw_entry;
741 static void orinoco_uncache_fw(struct orinoco_private *priv)
743 if (priv->cached_pri_fw)
744 release_firmware(priv->cached_pri_fw);
746 release_firmware(priv->cached_fw);
748 priv->cached_pri_fw = NULL;
749 priv->cached_fw = NULL;
752 #define orinoco_cache_fw(priv, ap)
753 #define orinoco_uncache_fw(priv)
756 /********************************************************************/
758 /********************************************************************/
760 static int orinoco_open(struct net_device *dev)
762 struct orinoco_private *priv = netdev_priv(dev);
766 if (orinoco_lock(priv, &flags) != 0)
769 err = __orinoco_up(dev);
774 orinoco_unlock(priv, &flags);
779 static int orinoco_stop(struct net_device *dev)
781 struct orinoco_private *priv = netdev_priv(dev);
784 /* We mustn't use orinoco_lock() here, because we need to be
785 able to close the interface even if hw_unavailable is set
786 (e.g. as we're released after a PC Card removal) */
787 spin_lock_irq(&priv->lock);
791 err = __orinoco_down(dev);
793 spin_unlock_irq(&priv->lock);
798 static struct net_device_stats *orinoco_get_stats(struct net_device *dev)
800 struct orinoco_private *priv = netdev_priv(dev);
805 static struct iw_statistics *orinoco_get_wireless_stats(struct net_device *dev)
807 struct orinoco_private *priv = netdev_priv(dev);
808 hermes_t *hw = &priv->hw;
809 struct iw_statistics *wstats = &priv->wstats;
813 if (! netif_device_present(dev)) {
814 printk(KERN_WARNING "%s: get_wireless_stats() called while device not present\n",
816 return NULL; /* FIXME: Can we do better than this? */
819 /* If busy, return the old stats. Returning NULL may cause
820 * the interface to disappear from /proc/net/wireless */
821 if (orinoco_lock(priv, &flags) != 0)
824 /* We can't really wait for the tallies inquiry command to
825 * complete, so we just use the previous results and trigger
826 * a new tallies inquiry command for next time - Jean II */
827 /* FIXME: Really we should wait for the inquiry to come back -
828 * as it is the stats we give don't make a whole lot of sense.
829 * Unfortunately, it's not clear how to do that within the
830 * wireless extensions framework: I think we're in user
831 * context, but a lock seems to be held by the time we get in
832 * here so we're not safe to sleep here. */
833 hermes_inquire(hw, HERMES_INQ_TALLIES);
835 if (priv->iw_mode == IW_MODE_ADHOC) {
836 memset(&wstats->qual, 0, sizeof(wstats->qual));
837 /* If a spy address is defined, we report stats of the
838 * first spy address - Jean II */
839 if (SPY_NUMBER(priv)) {
840 wstats->qual.qual = priv->spy_data.spy_stat[0].qual;
841 wstats->qual.level = priv->spy_data.spy_stat[0].level;
842 wstats->qual.noise = priv->spy_data.spy_stat[0].noise;
843 wstats->qual.updated = priv->spy_data.spy_stat[0].updated;
847 __le16 qual, signal, noise, unused;
848 } __attribute__ ((packed)) cq;
850 err = HERMES_READ_RECORD(hw, USER_BAP,
851 HERMES_RID_COMMSQUALITY, &cq);
854 wstats->qual.qual = (int)le16_to_cpu(cq.qual);
855 wstats->qual.level = (int)le16_to_cpu(cq.signal) - 0x95;
856 wstats->qual.noise = (int)le16_to_cpu(cq.noise) - 0x95;
857 wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
861 orinoco_unlock(priv, &flags);
865 static void orinoco_set_multicast_list(struct net_device *dev)
867 struct orinoco_private *priv = netdev_priv(dev);
870 if (orinoco_lock(priv, &flags) != 0) {
871 printk(KERN_DEBUG "%s: orinoco_set_multicast_list() "
872 "called when hw_unavailable\n", dev->name);
876 __orinoco_set_multicast_list(dev);
877 orinoco_unlock(priv, &flags);
880 static int orinoco_change_mtu(struct net_device *dev, int new_mtu)
882 struct orinoco_private *priv = netdev_priv(dev);
884 if ( (new_mtu < ORINOCO_MIN_MTU) || (new_mtu > ORINOCO_MAX_MTU) )
887 /* MTU + encapsulation + header length */
888 if ( (new_mtu + ENCAPS_OVERHEAD + sizeof(struct ieee80211_hdr)) >
889 (priv->nicbuf_size - ETH_HLEN) )
897 /********************************************************************/
899 /********************************************************************/
901 static int orinoco_xmit(struct sk_buff *skb, struct net_device *dev)
903 struct orinoco_private *priv = netdev_priv(dev);
904 struct net_device_stats *stats = &priv->stats;
905 hermes_t *hw = &priv->hw;
907 u16 txfid = priv->txfid;
912 if (! netif_running(dev)) {
913 printk(KERN_ERR "%s: Tx on stopped device!\n",
915 return NETDEV_TX_BUSY;
918 if (netif_queue_stopped(dev)) {
919 printk(KERN_DEBUG "%s: Tx while transmitter busy!\n",
921 return NETDEV_TX_BUSY;
924 if (orinoco_lock(priv, &flags) != 0) {
925 printk(KERN_ERR "%s: orinoco_xmit() called while hw_unavailable\n",
927 return NETDEV_TX_BUSY;
930 if (! netif_carrier_ok(dev) || (priv->iw_mode == IW_MODE_MONITOR)) {
931 /* Oops, the firmware hasn't established a connection,
932 silently drop the packet (this seems to be the
937 /* Check packet length */
938 if (skb->len < ETH_HLEN)
941 tx_control = HERMES_TXCTRL_TX_OK | HERMES_TXCTRL_TX_EX;
943 if (priv->encode_alg == IW_ENCODE_ALG_TKIP)
944 tx_control |= (priv->tx_key << HERMES_MIC_KEY_ID_SHIFT) |
947 if (priv->has_alt_txcntl) {
948 /* WPA enabled firmwares have tx_cntl at the end of
949 * the 802.11 header. So write zeroed descriptor and
950 * 802.11 header at the same time
952 char desc[HERMES_802_3_OFFSET];
953 __le16 *txcntl = (__le16 *) &desc[HERMES_TXCNTL2_OFFSET];
955 memset(&desc, 0, sizeof(desc));
957 *txcntl = cpu_to_le16(tx_control);
958 err = hermes_bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
962 printk(KERN_ERR "%s: Error %d writing Tx "
963 "descriptor to BAP\n", dev->name, err);
967 struct hermes_tx_descriptor desc;
969 memset(&desc, 0, sizeof(desc));
971 desc.tx_control = cpu_to_le16(tx_control);
972 err = hermes_bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
976 printk(KERN_ERR "%s: Error %d writing Tx "
977 "descriptor to BAP\n", dev->name, err);
981 /* Clear the 802.11 header and data length fields - some
982 * firmwares (e.g. Lucent/Agere 8.xx) appear to get confused
983 * if this isn't done. */
984 hermes_clear_words(hw, HERMES_DATA0,
985 HERMES_802_3_OFFSET - HERMES_802_11_OFFSET);
988 eh = (struct ethhdr *)skb->data;
990 /* Encapsulate Ethernet-II frames */
991 if (ntohs(eh->h_proto) > ETH_DATA_LEN) { /* Ethernet-II frame */
992 struct header_struct {
993 struct ethhdr eth; /* 802.3 header */
994 u8 encap[6]; /* 802.2 header */
995 } __attribute__ ((packed)) hdr;
997 /* Strip destination and source from the data */
998 skb_pull(skb, 2 * ETH_ALEN);
1000 /* And move them to a separate header */
1001 memcpy(&hdr.eth, eh, 2 * ETH_ALEN);
1002 hdr.eth.h_proto = htons(sizeof(encaps_hdr) + skb->len);
1003 memcpy(hdr.encap, encaps_hdr, sizeof(encaps_hdr));
1005 /* Insert the SNAP header */
1006 if (skb_headroom(skb) < sizeof(hdr)) {
1008 "%s: Not enough headroom for 802.2 headers %d\n",
1009 dev->name, skb_headroom(skb));
1012 eh = (struct ethhdr *) skb_push(skb, sizeof(hdr));
1013 memcpy(eh, &hdr, sizeof(hdr));
1016 err = hermes_bap_pwrite(hw, USER_BAP, skb->data, skb->len,
1017 txfid, HERMES_802_3_OFFSET);
1019 printk(KERN_ERR "%s: Error %d writing packet to BAP\n",
1024 /* Calculate Michael MIC */
1025 if (priv->encode_alg == IW_ENCODE_ALG_TKIP) {
1026 u8 mic_buf[MICHAEL_MIC_LEN + 1];
1032 /* MIC start is on an odd boundary */
1033 mic_buf[0] = skb->data[skb->len - 1];
1035 offset = skb->len - 1;
1036 len = MICHAEL_MIC_LEN + 1;
1040 len = MICHAEL_MIC_LEN;
1043 michael_mic(priv->tx_tfm_mic,
1044 priv->tkip_key[priv->tx_key].tx_mic,
1045 eh->h_dest, eh->h_source, 0 /* priority */,
1046 skb->data + ETH_HLEN, skb->len - ETH_HLEN, mic);
1049 err = hermes_bap_pwrite(hw, USER_BAP, &mic_buf[0], len,
1050 txfid, HERMES_802_3_OFFSET + offset);
1052 printk(KERN_ERR "%s: Error %d writing MIC to BAP\n",
1058 /* Finally, we actually initiate the send */
1059 netif_stop_queue(dev);
1061 err = hermes_docmd_wait(hw, HERMES_CMD_TX | HERMES_CMD_RECL,
1064 netif_start_queue(dev);
1065 if (net_ratelimit())
1066 printk(KERN_ERR "%s: Error %d transmitting packet\n",
1071 dev->trans_start = jiffies;
1072 stats->tx_bytes += HERMES_802_3_OFFSET + skb->len;
1077 stats->tx_dropped++;
1080 orinoco_unlock(priv, &flags);
1082 return NETDEV_TX_OK;
1086 schedule_work(&priv->reset_work);
1087 orinoco_unlock(priv, &flags);
1088 return NETDEV_TX_BUSY;
1091 static void __orinoco_ev_alloc(struct net_device *dev, hermes_t *hw)
1093 struct orinoco_private *priv = netdev_priv(dev);
1094 u16 fid = hermes_read_regn(hw, ALLOCFID);
1096 if (fid != priv->txfid) {
1097 if (fid != DUMMY_FID)
1098 printk(KERN_WARNING "%s: Allocate event on unexpected fid (%04X)\n",
1103 hermes_write_regn(hw, ALLOCFID, DUMMY_FID);
1106 static void __orinoco_ev_tx(struct net_device *dev, hermes_t *hw)
1108 struct orinoco_private *priv = netdev_priv(dev);
1109 struct net_device_stats *stats = &priv->stats;
1111 stats->tx_packets++;
1113 netif_wake_queue(dev);
1115 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
1118 static void __orinoco_ev_txexc(struct net_device *dev, hermes_t *hw)
1120 struct orinoco_private *priv = netdev_priv(dev);
1121 struct net_device_stats *stats = &priv->stats;
1122 u16 fid = hermes_read_regn(hw, TXCOMPLFID);
1124 struct hermes_txexc_data hdr;
1127 if (fid == DUMMY_FID)
1128 return; /* Nothing's really happened */
1130 /* Read part of the frame header - we need status and addr1 */
1131 err = hermes_bap_pread(hw, IRQ_BAP, &hdr,
1132 sizeof(struct hermes_txexc_data),
1135 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
1139 printk(KERN_WARNING "%s: Unable to read descriptor on Tx error "
1140 "(FID=%04X error %d)\n",
1141 dev->name, fid, err);
1145 DEBUG(1, "%s: Tx error, err %d (FID=%04X)\n", dev->name,
1148 /* We produce a TXDROP event only for retry or lifetime
1149 * exceeded, because that's the only status that really mean
1150 * that this particular node went away.
1151 * Other errors means that *we* screwed up. - Jean II */
1152 status = le16_to_cpu(hdr.desc.status);
1153 if (status & (HERMES_TXSTAT_RETRYERR | HERMES_TXSTAT_AGEDERR)) {
1154 union iwreq_data wrqu;
1156 /* Copy 802.11 dest address.
1157 * We use the 802.11 header because the frame may
1158 * not be 802.3 or may be mangled...
1159 * In Ad-Hoc mode, it will be the node address.
1160 * In managed mode, it will be most likely the AP addr
1161 * User space will figure out how to convert it to
1162 * whatever it needs (IP address or else).
1164 memcpy(wrqu.addr.sa_data, hdr.addr1, ETH_ALEN);
1165 wrqu.addr.sa_family = ARPHRD_ETHER;
1167 /* Send event to user space */
1168 wireless_send_event(dev, IWEVTXDROP, &wrqu, NULL);
1171 netif_wake_queue(dev);
1174 static void orinoco_tx_timeout(struct net_device *dev)
1176 struct orinoco_private *priv = netdev_priv(dev);
1177 struct net_device_stats *stats = &priv->stats;
1178 struct hermes *hw = &priv->hw;
1180 printk(KERN_WARNING "%s: Tx timeout! "
1181 "ALLOCFID=%04x, TXCOMPLFID=%04x, EVSTAT=%04x\n",
1182 dev->name, hermes_read_regn(hw, ALLOCFID),
1183 hermes_read_regn(hw, TXCOMPLFID), hermes_read_regn(hw, EVSTAT));
1187 schedule_work(&priv->reset_work);
1190 /********************************************************************/
1191 /* Rx path (data frames) */
1192 /********************************************************************/
1194 /* Does the frame have a SNAP header indicating it should be
1195 * de-encapsulated to Ethernet-II? */
1196 static inline int is_ethersnap(void *_hdr)
1200 /* We de-encapsulate all packets which, a) have SNAP headers
1201 * (i.e. SSAP=DSAP=0xaa and CTRL=0x3 in the 802.2 LLC header
1202 * and where b) the OUI of the SNAP header is 00:00:00 or
1203 * 00:00:f8 - we need both because different APs appear to use
1204 * different OUIs for some reason */
1205 return (memcmp(hdr, &encaps_hdr, 5) == 0)
1206 && ( (hdr[5] == 0x00) || (hdr[5] == 0xf8) );
1209 static inline void orinoco_spy_gather(struct net_device *dev, u_char *mac,
1210 int level, int noise)
1212 struct iw_quality wstats;
1213 wstats.level = level - 0x95;
1214 wstats.noise = noise - 0x95;
1215 wstats.qual = (level > noise) ? (level - noise) : 0;
1216 wstats.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
1217 /* Update spy records */
1218 wireless_spy_update(dev, mac, &wstats);
1221 static void orinoco_stat_gather(struct net_device *dev,
1222 struct sk_buff *skb,
1223 struct hermes_rx_descriptor *desc)
1225 struct orinoco_private *priv = netdev_priv(dev);
1227 /* Using spy support with lots of Rx packets, like in an
1228 * infrastructure (AP), will really slow down everything, because
1229 * the MAC address must be compared to each entry of the spy list.
1230 * If the user really asks for it (set some address in the
1231 * spy list), we do it, but he will pay the price.
1232 * Note that to get here, you need both WIRELESS_SPY
1233 * compiled in AND some addresses in the list !!!
1235 /* Note : gcc will optimise the whole section away if
1236 * WIRELESS_SPY is not defined... - Jean II */
1237 if (SPY_NUMBER(priv)) {
1238 orinoco_spy_gather(dev, skb_mac_header(skb) + ETH_ALEN,
1239 desc->signal, desc->silence);
1244 * orinoco_rx_monitor - handle received monitor frames.
1247 * dev network device
1248 * rxfid received FID
1249 * desc rx descriptor of the frame
1251 * Call context: interrupt
1253 static void orinoco_rx_monitor(struct net_device *dev, u16 rxfid,
1254 struct hermes_rx_descriptor *desc)
1256 u32 hdrlen = 30; /* return full header by default */
1261 struct sk_buff *skb;
1262 struct orinoco_private *priv = netdev_priv(dev);
1263 struct net_device_stats *stats = &priv->stats;
1264 hermes_t *hw = &priv->hw;
1266 len = le16_to_cpu(desc->data_len);
1268 /* Determine the size of the header and the data */
1269 fc = le16_to_cpu(desc->frame_ctl);
1270 switch (fc & IEEE80211_FCTL_FTYPE) {
1271 case IEEE80211_FTYPE_DATA:
1272 if ((fc & IEEE80211_FCTL_TODS)
1273 && (fc & IEEE80211_FCTL_FROMDS))
1279 case IEEE80211_FTYPE_MGMT:
1283 case IEEE80211_FTYPE_CTL:
1284 switch (fc & IEEE80211_FCTL_STYPE) {
1285 case IEEE80211_STYPE_PSPOLL:
1286 case IEEE80211_STYPE_RTS:
1287 case IEEE80211_STYPE_CFEND:
1288 case IEEE80211_STYPE_CFENDACK:
1291 case IEEE80211_STYPE_CTS:
1292 case IEEE80211_STYPE_ACK:
1298 /* Unknown frame type */
1302 /* sanity check the length */
1303 if (datalen > IEEE80211_MAX_DATA_LEN + 12) {
1304 printk(KERN_DEBUG "%s: oversized monitor frame, "
1305 "data length = %d\n", dev->name, datalen);
1306 stats->rx_length_errors++;
1310 skb = dev_alloc_skb(hdrlen + datalen);
1312 printk(KERN_WARNING "%s: Cannot allocate skb for monitor frame\n",
1317 /* Copy the 802.11 header to the skb */
1318 memcpy(skb_put(skb, hdrlen), &(desc->frame_ctl), hdrlen);
1319 skb_reset_mac_header(skb);
1321 /* If any, copy the data from the card to the skb */
1323 err = hermes_bap_pread(hw, IRQ_BAP, skb_put(skb, datalen),
1324 ALIGN(datalen, 2), rxfid,
1325 HERMES_802_2_OFFSET);
1327 printk(KERN_ERR "%s: error %d reading monitor frame\n",
1334 skb->ip_summed = CHECKSUM_NONE;
1335 skb->pkt_type = PACKET_OTHERHOST;
1336 skb->protocol = __constant_htons(ETH_P_802_2);
1338 stats->rx_packets++;
1339 stats->rx_bytes += skb->len;
1345 dev_kfree_skb_irq(skb);
1348 stats->rx_dropped++;
1351 /* Get tsc from the firmware */
1352 static int orinoco_hw_get_tkip_iv(struct orinoco_private *priv, int key,
1355 hermes_t *hw = &priv->hw;
1357 u8 tsc_arr[4][IW_ENCODE_SEQ_MAX_SIZE];
1359 if ((key < 0) || (key > 4))
1362 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_TKIP_IV,
1363 sizeof(tsc_arr), NULL, &tsc_arr);
1365 memcpy(tsc, &tsc_arr[key][0], sizeof(tsc_arr[0]));
1370 static void __orinoco_ev_rx(struct net_device *dev, hermes_t *hw)
1372 struct orinoco_private *priv = netdev_priv(dev);
1373 struct net_device_stats *stats = &priv->stats;
1374 struct iw_statistics *wstats = &priv->wstats;
1375 struct sk_buff *skb = NULL;
1378 struct hermes_rx_descriptor *desc;
1379 struct orinoco_rx_data *rx_data;
1382 desc = kmalloc(sizeof(*desc), GFP_ATOMIC);
1385 "%s: Can't allocate space for RX descriptor\n",
1390 rxfid = hermes_read_regn(hw, RXFID);
1392 err = hermes_bap_pread(hw, IRQ_BAP, desc, sizeof(*desc),
1395 printk(KERN_ERR "%s: error %d reading Rx descriptor. "
1396 "Frame dropped.\n", dev->name, err);
1400 status = le16_to_cpu(desc->status);
1402 if (status & HERMES_RXSTAT_BADCRC) {
1403 DEBUG(1, "%s: Bad CRC on Rx. Frame dropped.\n",
1405 stats->rx_crc_errors++;
1409 /* Handle frames in monitor mode */
1410 if (priv->iw_mode == IW_MODE_MONITOR) {
1411 orinoco_rx_monitor(dev, rxfid, desc);
1415 if (status & HERMES_RXSTAT_UNDECRYPTABLE) {
1416 DEBUG(1, "%s: Undecryptable frame on Rx. Frame dropped.\n",
1418 wstats->discard.code++;
1422 length = le16_to_cpu(desc->data_len);
1425 if (length < 3) { /* No for even an 802.2 LLC header */
1426 /* At least on Symbol firmware with PCF we get quite a
1427 lot of these legitimately - Poll frames with no
1431 if (length > IEEE80211_MAX_DATA_LEN) {
1432 printk(KERN_WARNING "%s: Oversized frame received (%d bytes)\n",
1434 stats->rx_length_errors++;
1438 /* Payload size does not include Michael MIC. Increase payload
1439 * size to read it together with the data. */
1440 if (status & HERMES_RXSTAT_MIC)
1441 length += MICHAEL_MIC_LEN;
1443 /* We need space for the packet data itself, plus an ethernet
1444 header, plus 2 bytes so we can align the IP header on a
1445 32bit boundary, plus 1 byte so we can read in odd length
1446 packets from the card, which has an IO granularity of 16
1448 skb = dev_alloc_skb(length+ETH_HLEN+2+1);
1450 printk(KERN_WARNING "%s: Can't allocate skb for Rx\n",
1455 /* We'll prepend the header, so reserve space for it. The worst
1456 case is no decapsulation, when 802.3 header is prepended and
1457 nothing is removed. 2 is for aligning the IP header. */
1458 skb_reserve(skb, ETH_HLEN + 2);
1460 err = hermes_bap_pread(hw, IRQ_BAP, skb_put(skb, length),
1461 ALIGN(length, 2), rxfid,
1462 HERMES_802_2_OFFSET);
1464 printk(KERN_ERR "%s: error %d reading frame. "
1465 "Frame dropped.\n", dev->name, err);
1469 /* Add desc and skb to rx queue */
1470 rx_data = kzalloc(sizeof(*rx_data), GFP_ATOMIC);
1472 printk(KERN_WARNING "%s: Can't allocate RX packet\n",
1476 rx_data->desc = desc;
1478 list_add_tail(&rx_data->list, &priv->rx_list);
1479 tasklet_schedule(&priv->rx_tasklet);
1484 dev_kfree_skb_irq(skb);
1487 stats->rx_dropped++;
1492 static void orinoco_rx(struct net_device *dev,
1493 struct hermes_rx_descriptor *desc,
1494 struct sk_buff *skb)
1496 struct orinoco_private *priv = netdev_priv(dev);
1497 struct net_device_stats *stats = &priv->stats;
1502 status = le16_to_cpu(desc->status);
1503 length = le16_to_cpu(desc->data_len);
1504 fc = le16_to_cpu(desc->frame_ctl);
1506 /* Calculate and check MIC */
1507 if (status & HERMES_RXSTAT_MIC) {
1508 int key_id = ((status & HERMES_RXSTAT_MIC_KEY_ID) >>
1509 HERMES_MIC_KEY_ID_SHIFT);
1510 u8 mic[MICHAEL_MIC_LEN];
1512 u8 *src = (fc & IEEE80211_FCTL_FROMDS) ?
1513 desc->addr3 : desc->addr2;
1515 /* Extract Michael MIC from payload */
1516 rxmic = skb->data + skb->len - MICHAEL_MIC_LEN;
1518 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
1519 length -= MICHAEL_MIC_LEN;
1521 michael_mic(priv->rx_tfm_mic,
1522 priv->tkip_key[key_id].rx_mic,
1525 0, /* priority or QoS? */
1530 if (memcmp(mic, rxmic,
1532 union iwreq_data wrqu;
1533 struct iw_michaelmicfailure wxmic;
1535 printk(KERN_WARNING "%s: "
1536 "Invalid Michael MIC in data frame from %pM, "
1538 dev->name, src, key_id);
1540 /* TODO: update stats */
1542 /* Notify userspace */
1543 memset(&wxmic, 0, sizeof(wxmic));
1544 wxmic.flags = key_id & IW_MICFAILURE_KEY_ID;
1545 wxmic.flags |= (desc->addr1[0] & 1) ?
1546 IW_MICFAILURE_GROUP : IW_MICFAILURE_PAIRWISE;
1547 wxmic.src_addr.sa_family = ARPHRD_ETHER;
1548 memcpy(wxmic.src_addr.sa_data, src, ETH_ALEN);
1550 (void) orinoco_hw_get_tkip_iv(priv, key_id,
1553 memset(&wrqu, 0, sizeof(wrqu));
1554 wrqu.data.length = sizeof(wxmic);
1555 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu,
1562 /* Handle decapsulation
1563 * In most cases, the firmware tell us about SNAP frames.
1564 * For some reason, the SNAP frames sent by LinkSys APs
1565 * are not properly recognised by most firmwares.
1566 * So, check ourselves */
1567 if (length >= ENCAPS_OVERHEAD &&
1568 (((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_1042) ||
1569 ((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_TUNNEL) ||
1570 is_ethersnap(skb->data))) {
1571 /* These indicate a SNAP within 802.2 LLC within
1572 802.11 frame which we'll need to de-encapsulate to
1573 the original EthernetII frame. */
1574 hdr = (struct ethhdr *)skb_push(skb, ETH_HLEN - ENCAPS_OVERHEAD);
1576 /* 802.3 frame - prepend 802.3 header as is */
1577 hdr = (struct ethhdr *)skb_push(skb, ETH_HLEN);
1578 hdr->h_proto = htons(length);
1580 memcpy(hdr->h_dest, desc->addr1, ETH_ALEN);
1581 if (fc & IEEE80211_FCTL_FROMDS)
1582 memcpy(hdr->h_source, desc->addr3, ETH_ALEN);
1584 memcpy(hdr->h_source, desc->addr2, ETH_ALEN);
1586 skb->protocol = eth_type_trans(skb, dev);
1587 skb->ip_summed = CHECKSUM_NONE;
1588 if (fc & IEEE80211_FCTL_TODS)
1589 skb->pkt_type = PACKET_OTHERHOST;
1591 /* Process the wireless stats if needed */
1592 orinoco_stat_gather(dev, skb, desc);
1594 /* Pass the packet to the networking stack */
1596 stats->rx_packets++;
1597 stats->rx_bytes += length;
1604 stats->rx_dropped++;
1607 static void orinoco_rx_isr_tasklet(unsigned long data)
1609 struct net_device *dev = (struct net_device *) data;
1610 struct orinoco_private *priv = netdev_priv(dev);
1611 struct orinoco_rx_data *rx_data, *temp;
1612 struct hermes_rx_descriptor *desc;
1613 struct sk_buff *skb;
1614 unsigned long flags;
1616 /* orinoco_rx requires the driver lock, and we also need to
1617 * protect priv->rx_list, so just hold the lock over the
1620 * If orinoco_lock fails, we've unplugged the card. In this
1621 * case just abort. */
1622 if (orinoco_lock(priv, &flags) != 0)
1625 /* extract desc and skb from queue */
1626 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
1627 desc = rx_data->desc;
1629 list_del(&rx_data->list);
1632 orinoco_rx(dev, desc, skb);
1637 orinoco_unlock(priv, &flags);
1640 /********************************************************************/
1641 /* Rx path (info frames) */
1642 /********************************************************************/
1644 static void print_linkstatus(struct net_device *dev, u16 status)
1648 if (suppress_linkstatus)
1652 case HERMES_LINKSTATUS_NOT_CONNECTED:
1653 s = "Not Connected";
1655 case HERMES_LINKSTATUS_CONNECTED:
1658 case HERMES_LINKSTATUS_DISCONNECTED:
1661 case HERMES_LINKSTATUS_AP_CHANGE:
1664 case HERMES_LINKSTATUS_AP_OUT_OF_RANGE:
1665 s = "AP Out of Range";
1667 case HERMES_LINKSTATUS_AP_IN_RANGE:
1670 case HERMES_LINKSTATUS_ASSOC_FAILED:
1671 s = "Association Failed";
1677 printk(KERN_DEBUG "%s: New link status: %s (%04x)\n",
1678 dev->name, s, status);
1681 /* Search scan results for requested BSSID, join it if found */
1682 static void orinoco_join_ap(struct work_struct *work)
1684 struct orinoco_private *priv =
1685 container_of(work, struct orinoco_private, join_work);
1686 struct net_device *dev = priv->ndev;
1687 struct hermes *hw = &priv->hw;
1689 unsigned long flags;
1693 } __attribute__ ((packed)) req;
1694 const int atom_len = offsetof(struct prism2_scan_apinfo, atim);
1695 struct prism2_scan_apinfo *atom = NULL;
1701 /* Allocate buffer for scan results */
1702 buf = kmalloc(MAX_SCAN_LEN, GFP_KERNEL);
1706 if (orinoco_lock(priv, &flags) != 0)
1709 /* Sanity checks in case user changed something in the meantime */
1710 if (! priv->bssid_fixed)
1713 if (strlen(priv->desired_essid) == 0)
1716 /* Read scan results from the firmware */
1717 err = hermes_read_ltv(hw, USER_BAP,
1718 HERMES_RID_SCANRESULTSTABLE,
1719 MAX_SCAN_LEN, &len, buf);
1721 printk(KERN_ERR "%s: Cannot read scan results\n",
1726 len = HERMES_RECLEN_TO_BYTES(len);
1728 /* Go through the scan results looking for the channel of the AP
1729 * we were requested to join */
1730 for (; offset + atom_len <= len; offset += atom_len) {
1731 atom = (struct prism2_scan_apinfo *) (buf + offset);
1732 if (memcmp(&atom->bssid, priv->desired_bssid, ETH_ALEN) == 0) {
1739 DEBUG(1, "%s: Requested AP not found in scan results\n",
1744 memcpy(req.bssid, priv->desired_bssid, ETH_ALEN);
1745 req.channel = atom->channel; /* both are little-endian */
1746 err = HERMES_WRITE_RECORD(hw, USER_BAP, HERMES_RID_CNFJOINREQUEST,
1749 printk(KERN_ERR "%s: Error issuing join request\n", dev->name);
1752 orinoco_unlock(priv, &flags);
1758 /* Send new BSSID to userspace */
1759 static void orinoco_send_bssid_wevent(struct orinoco_private *priv)
1761 struct net_device *dev = priv->ndev;
1762 struct hermes *hw = &priv->hw;
1763 union iwreq_data wrqu;
1766 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTBSSID,
1767 ETH_ALEN, NULL, wrqu.ap_addr.sa_data);
1771 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1773 /* Send event to user space */
1774 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
1777 static void orinoco_send_assocreqie_wevent(struct orinoco_private *priv)
1779 struct net_device *dev = priv->ndev;
1780 struct hermes *hw = &priv->hw;
1781 union iwreq_data wrqu;
1789 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_ASSOC_REQ_INFO,
1790 sizeof(buf), NULL, &buf);
1794 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1796 int rem = sizeof(buf) - (ie - &buf[0]);
1797 wrqu.data.length = ie[1] + 2;
1798 if (wrqu.data.length > rem)
1799 wrqu.data.length = rem;
1801 if (wrqu.data.length)
1802 /* Send event to user space */
1803 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, ie);
1807 static void orinoco_send_assocrespie_wevent(struct orinoco_private *priv)
1809 struct net_device *dev = priv->ndev;
1810 struct hermes *hw = &priv->hw;
1811 union iwreq_data wrqu;
1813 u8 buf[88]; /* TODO: verify max size or IW_GENERIC_IE_MAX */
1819 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_ASSOC_RESP_INFO,
1820 sizeof(buf), NULL, &buf);
1824 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1826 int rem = sizeof(buf) - (ie - &buf[0]);
1827 wrqu.data.length = ie[1] + 2;
1828 if (wrqu.data.length > rem)
1829 wrqu.data.length = rem;
1831 if (wrqu.data.length)
1832 /* Send event to user space */
1833 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, ie);
1837 static void orinoco_send_wevents(struct work_struct *work)
1839 struct orinoco_private *priv =
1840 container_of(work, struct orinoco_private, wevent_work);
1841 unsigned long flags;
1843 if (orinoco_lock(priv, &flags) != 0)
1846 orinoco_send_assocreqie_wevent(priv);
1847 orinoco_send_assocrespie_wevent(priv);
1848 orinoco_send_bssid_wevent(priv);
1850 orinoco_unlock(priv, &flags);
1853 static inline void orinoco_clear_scan_results(struct orinoco_private *priv,
1854 unsigned long scan_age)
1856 if (priv->has_ext_scan) {
1857 struct xbss_element *bss;
1858 struct xbss_element *tmp_bss;
1860 /* Blow away current list of scan results */
1861 list_for_each_entry_safe(bss, tmp_bss, &priv->bss_list, list) {
1863 time_after(jiffies, bss->last_scanned + scan_age)) {
1864 list_move_tail(&bss->list,
1865 &priv->bss_free_list);
1866 /* Don't blow away ->list, just BSS data */
1867 memset(&bss->bss, 0, sizeof(bss->bss));
1868 bss->last_scanned = 0;
1872 struct bss_element *bss;
1873 struct bss_element *tmp_bss;
1875 /* Blow away current list of scan results */
1876 list_for_each_entry_safe(bss, tmp_bss, &priv->bss_list, list) {
1878 time_after(jiffies, bss->last_scanned + scan_age)) {
1879 list_move_tail(&bss->list,
1880 &priv->bss_free_list);
1881 /* Don't blow away ->list, just BSS data */
1882 memset(&bss->bss, 0, sizeof(bss->bss));
1883 bss->last_scanned = 0;
1889 static void orinoco_add_ext_scan_result(struct orinoco_private *priv,
1890 struct agere_ext_scan_info *atom)
1892 struct xbss_element *bss = NULL;
1895 /* Try to update an existing bss first */
1896 list_for_each_entry(bss, &priv->bss_list, list) {
1897 if (compare_ether_addr(bss->bss.bssid, atom->bssid))
1900 if (bss->bss.data[1] != atom->data[1])
1902 if (memcmp(&bss->bss.data[2], &atom->data[2],
1909 /* Grab a bss off the free list */
1910 if (!found && !list_empty(&priv->bss_free_list)) {
1911 bss = list_entry(priv->bss_free_list.next,
1912 struct xbss_element, list);
1913 list_del(priv->bss_free_list.next);
1915 list_add_tail(&bss->list, &priv->bss_list);
1919 /* Always update the BSS to get latest beacon info */
1920 memcpy(&bss->bss, atom, sizeof(bss->bss));
1921 bss->last_scanned = jiffies;
1925 static int orinoco_process_scan_results(struct net_device *dev,
1929 struct orinoco_private *priv = netdev_priv(dev);
1930 int offset; /* In the scan data */
1931 union hermes_scan_info *atom;
1934 switch (priv->firmware_type) {
1935 case FIRMWARE_TYPE_AGERE:
1936 atom_len = sizeof(struct agere_scan_apinfo);
1939 case FIRMWARE_TYPE_SYMBOL:
1940 /* Lack of documentation necessitates this hack.
1941 * Different firmwares have 68 or 76 byte long atoms.
1942 * We try modulo first. If the length divides by both,
1943 * we check what would be the channel in the second
1944 * frame for a 68-byte atom. 76-byte atoms have 0 there.
1945 * Valid channel cannot be 0. */
1950 else if (len >= 1292 && buf[68] == 0)
1956 case FIRMWARE_TYPE_INTERSIL:
1958 if (priv->has_hostscan) {
1959 atom_len = le16_to_cpup((__le16 *)buf);
1960 /* Sanity check for atom_len */
1961 if (atom_len < sizeof(struct prism2_scan_apinfo)) {
1962 printk(KERN_ERR "%s: Invalid atom_len in scan "
1963 "data: %d\n", dev->name, atom_len);
1967 atom_len = offsetof(struct prism2_scan_apinfo, atim);
1973 /* Check that we got an whole number of atoms */
1974 if ((len - offset) % atom_len) {
1975 printk(KERN_ERR "%s: Unexpected scan data length %d, "
1976 "atom_len %d, offset %d\n", dev->name, len,
1981 orinoco_clear_scan_results(priv, msecs_to_jiffies(15000));
1983 /* Read the entries one by one */
1984 for (; offset + atom_len <= len; offset += atom_len) {
1986 struct bss_element *bss = NULL;
1989 atom = (union hermes_scan_info *) (buf + offset);
1991 /* Try to update an existing bss first */
1992 list_for_each_entry(bss, &priv->bss_list, list) {
1993 if (compare_ether_addr(bss->bss.a.bssid, atom->a.bssid))
1995 if (le16_to_cpu(bss->bss.a.essid_len) !=
1996 le16_to_cpu(atom->a.essid_len))
1998 if (memcmp(bss->bss.a.essid, atom->a.essid,
1999 le16_to_cpu(atom->a.essid_len)))
2005 /* Grab a bss off the free list */
2006 if (!found && !list_empty(&priv->bss_free_list)) {
2007 bss = list_entry(priv->bss_free_list.next,
2008 struct bss_element, list);
2009 list_del(priv->bss_free_list.next);
2011 list_add_tail(&bss->list, &priv->bss_list);
2015 /* Always update the BSS to get latest beacon info */
2016 memcpy(&bss->bss, atom, sizeof(bss->bss));
2017 bss->last_scanned = jiffies;
2024 static void __orinoco_ev_info(struct net_device *dev, hermes_t *hw)
2026 struct orinoco_private *priv = netdev_priv(dev);
2031 } __attribute__ ((packed)) info;
2035 /* This is an answer to an INQUIRE command that we did earlier,
2036 * or an information "event" generated by the card
2037 * The controller return to us a pseudo frame containing
2038 * the information in question - Jean II */
2039 infofid = hermes_read_regn(hw, INFOFID);
2041 /* Read the info frame header - don't try too hard */
2042 err = hermes_bap_pread(hw, IRQ_BAP, &info, sizeof(info),
2045 printk(KERN_ERR "%s: error %d reading info frame. "
2046 "Frame dropped.\n", dev->name, err);
2050 len = HERMES_RECLEN_TO_BYTES(le16_to_cpu(info.len));
2051 type = le16_to_cpu(info.type);
2054 case HERMES_INQ_TALLIES: {
2055 struct hermes_tallies_frame tallies;
2056 struct iw_statistics *wstats = &priv->wstats;
2058 if (len > sizeof(tallies)) {
2059 printk(KERN_WARNING "%s: Tallies frame too long (%d bytes)\n",
2061 len = sizeof(tallies);
2064 err = hermes_bap_pread(hw, IRQ_BAP, &tallies, len,
2065 infofid, sizeof(info));
2069 /* Increment our various counters */
2070 /* wstats->discard.nwid - no wrong BSSID stuff */
2071 wstats->discard.code +=
2072 le16_to_cpu(tallies.RxWEPUndecryptable);
2073 if (len == sizeof(tallies))
2074 wstats->discard.code +=
2075 le16_to_cpu(tallies.RxDiscards_WEPICVError) +
2076 le16_to_cpu(tallies.RxDiscards_WEPExcluded);
2077 wstats->discard.misc +=
2078 le16_to_cpu(tallies.TxDiscardsWrongSA);
2079 wstats->discard.fragment +=
2080 le16_to_cpu(tallies.RxMsgInBadMsgFragments);
2081 wstats->discard.retries +=
2082 le16_to_cpu(tallies.TxRetryLimitExceeded);
2083 /* wstats->miss.beacon - no match */
2086 case HERMES_INQ_LINKSTATUS: {
2087 struct hermes_linkstatus linkstatus;
2091 if (priv->iw_mode == IW_MODE_MONITOR)
2094 if (len != sizeof(linkstatus)) {
2095 printk(KERN_WARNING "%s: Unexpected size for linkstatus frame (%d bytes)\n",
2100 err = hermes_bap_pread(hw, IRQ_BAP, &linkstatus, len,
2101 infofid, sizeof(info));
2104 newstatus = le16_to_cpu(linkstatus.linkstatus);
2106 /* Symbol firmware uses "out of range" to signal that
2107 * the hostscan frame can be requested. */
2108 if (newstatus == HERMES_LINKSTATUS_AP_OUT_OF_RANGE &&
2109 priv->firmware_type == FIRMWARE_TYPE_SYMBOL &&
2110 priv->has_hostscan && priv->scan_inprogress) {
2111 hermes_inquire(hw, HERMES_INQ_HOSTSCAN_SYMBOL);
2115 connected = (newstatus == HERMES_LINKSTATUS_CONNECTED)
2116 || (newstatus == HERMES_LINKSTATUS_AP_CHANGE)
2117 || (newstatus == HERMES_LINKSTATUS_AP_IN_RANGE);
2120 netif_carrier_on(dev);
2121 else if (!ignore_disconnect)
2122 netif_carrier_off(dev);
2124 if (newstatus != priv->last_linkstatus) {
2125 priv->last_linkstatus = newstatus;
2126 print_linkstatus(dev, newstatus);
2127 /* The info frame contains only one word which is the
2128 * status (see hermes.h). The status is pretty boring
2129 * in itself, that's why we export the new BSSID...
2131 schedule_work(&priv->wevent_work);
2135 case HERMES_INQ_SCAN:
2136 if (!priv->scan_inprogress && priv->bssid_fixed &&
2137 priv->firmware_type == FIRMWARE_TYPE_INTERSIL) {
2138 schedule_work(&priv->join_work);
2142 case HERMES_INQ_HOSTSCAN:
2143 case HERMES_INQ_HOSTSCAN_SYMBOL: {
2144 /* Result of a scanning. Contains information about
2145 * cells in the vicinity - Jean II */
2146 union iwreq_data wrqu;
2149 /* Scan is no longer in progress */
2150 priv->scan_inprogress = 0;
2154 printk(KERN_WARNING "%s: Scan results too large (%d bytes)\n",
2159 /* Allocate buffer for results */
2160 buf = kmalloc(len, GFP_ATOMIC);
2162 /* No memory, so can't printk()... */
2165 /* Read scan data */
2166 err = hermes_bap_pread(hw, IRQ_BAP, (void *) buf, len,
2167 infofid, sizeof(info));
2173 #ifdef ORINOCO_DEBUG
2176 printk(KERN_DEBUG "Scan result [%02X", buf[0]);
2177 for(i = 1; i < (len * 2); i++)
2178 printk(":%02X", buf[i]);
2181 #endif /* ORINOCO_DEBUG */
2183 if (orinoco_process_scan_results(dev, buf, len) == 0) {
2184 /* Send an empty event to user space.
2185 * We don't send the received data on the event because
2186 * it would require us to do complex transcoding, and
2187 * we want to minimise the work done in the irq handler
2188 * Use a request to extract the data - Jean II */
2189 wrqu.data.length = 0;
2190 wrqu.data.flags = 0;
2191 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2196 case HERMES_INQ_CHANNELINFO:
2198 struct agere_ext_scan_info *bss;
2200 if (!priv->scan_inprogress) {
2201 printk(KERN_DEBUG "%s: Got chaninfo without scan, "
2202 "len=%d\n", dev->name, len);
2206 /* An empty result indicates that the scan is complete */
2208 union iwreq_data wrqu;
2210 /* Scan is no longer in progress */
2211 priv->scan_inprogress = 0;
2213 wrqu.data.length = 0;
2214 wrqu.data.flags = 0;
2215 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2220 else if (len > sizeof(*bss)) {
2222 "%s: Ext scan results too large (%d bytes). "
2223 "Truncating results to %zd bytes.\n",
2224 dev->name, len, sizeof(*bss));
2226 } else if (len < (offsetof(struct agere_ext_scan_info,
2228 /* Drop this result now so we don't have to
2229 * keep checking later */
2231 "%s: Ext scan results too short (%d bytes)\n",
2236 bss = kmalloc(sizeof(*bss), GFP_ATOMIC);
2240 /* Read scan data */
2241 err = hermes_bap_pread(hw, IRQ_BAP, (void *) bss, len,
2242 infofid, sizeof(info));
2248 orinoco_add_ext_scan_result(priv, bss);
2253 case HERMES_INQ_SEC_STAT_AGERE:
2254 /* Security status (Agere specific) */
2255 /* Ignore this frame for now */
2256 if (priv->firmware_type == FIRMWARE_TYPE_AGERE)
2260 printk(KERN_DEBUG "%s: Unknown information frame received: "
2261 "type 0x%04x, length %d\n", dev->name, type, len);
2262 /* We don't actually do anything about it */
2267 static void __orinoco_ev_infdrop(struct net_device *dev, hermes_t *hw)
2269 if (net_ratelimit())
2270 printk(KERN_DEBUG "%s: Information frame lost.\n", dev->name);
2273 /********************************************************************/
2274 /* Internal hardware control routines */
2275 /********************************************************************/
2277 int __orinoco_up(struct net_device *dev)
2279 struct orinoco_private *priv = netdev_priv(dev);
2280 struct hermes *hw = &priv->hw;
2283 netif_carrier_off(dev); /* just to make sure */
2285 err = __orinoco_program_rids(dev);
2287 printk(KERN_ERR "%s: Error %d configuring card\n",
2292 /* Fire things up again */
2293 hermes_set_irqmask(hw, ORINOCO_INTEN);
2294 err = hermes_enable_port(hw, 0);
2296 printk(KERN_ERR "%s: Error %d enabling MAC port\n",
2301 netif_start_queue(dev);
2306 int __orinoco_down(struct net_device *dev)
2308 struct orinoco_private *priv = netdev_priv(dev);
2309 struct hermes *hw = &priv->hw;
2312 netif_stop_queue(dev);
2314 if (! priv->hw_unavailable) {
2315 if (! priv->broken_disableport) {
2316 err = hermes_disable_port(hw, 0);
2318 /* Some firmwares (e.g. Intersil 1.3.x) seem
2319 * to have problems disabling the port, oh
2321 printk(KERN_WARNING "%s: Error %d disabling MAC port\n",
2323 priv->broken_disableport = 1;
2326 hermes_set_irqmask(hw, 0);
2327 hermes_write_regn(hw, EVACK, 0xffff);
2330 /* firmware will have to reassociate */
2331 netif_carrier_off(dev);
2332 priv->last_linkstatus = 0xffff;
2337 static int orinoco_allocate_fid(struct net_device *dev)
2339 struct orinoco_private *priv = netdev_priv(dev);
2340 struct hermes *hw = &priv->hw;
2343 err = hermes_allocate(hw, priv->nicbuf_size, &priv->txfid);
2344 if (err == -EIO && priv->nicbuf_size > TX_NICBUF_SIZE_BUG) {
2345 /* Try workaround for old Symbol firmware bug */
2346 printk(KERN_WARNING "%s: firmware ALLOC bug detected "
2347 "(old Symbol firmware?). Trying to work around... ",
2350 priv->nicbuf_size = TX_NICBUF_SIZE_BUG;
2351 err = hermes_allocate(hw, priv->nicbuf_size, &priv->txfid);
2353 printk("failed!\n");
2361 int orinoco_reinit_firmware(struct net_device *dev)
2363 struct orinoco_private *priv = netdev_priv(dev);
2364 struct hermes *hw = &priv->hw;
2367 err = hermes_init(hw);
2368 if (priv->do_fw_download && !err) {
2369 err = orinoco_download(priv);
2371 priv->do_fw_download = 0;
2374 err = orinoco_allocate_fid(dev);
2379 static int __orinoco_hw_set_bitrate(struct orinoco_private *priv)
2381 hermes_t *hw = &priv->hw;
2384 if (priv->bitratemode >= BITRATE_TABLE_SIZE) {
2385 printk(KERN_ERR "%s: BUG: Invalid bitrate mode %d\n",
2386 priv->ndev->name, priv->bitratemode);
2390 switch (priv->firmware_type) {
2391 case FIRMWARE_TYPE_AGERE:
2392 err = hermes_write_wordrec(hw, USER_BAP,
2393 HERMES_RID_CNFTXRATECONTROL,
2394 bitrate_table[priv->bitratemode].agere_txratectrl);
2396 case FIRMWARE_TYPE_INTERSIL:
2397 case FIRMWARE_TYPE_SYMBOL:
2398 err = hermes_write_wordrec(hw, USER_BAP,
2399 HERMES_RID_CNFTXRATECONTROL,
2400 bitrate_table[priv->bitratemode].intersil_txratectrl);
2409 /* Set fixed AP address */
2410 static int __orinoco_hw_set_wap(struct orinoco_private *priv)
2414 hermes_t *hw = &priv->hw;
2416 switch (priv->firmware_type) {
2417 case FIRMWARE_TYPE_AGERE:
2420 case FIRMWARE_TYPE_INTERSIL:
2421 if (priv->bssid_fixed)
2426 err = hermes_write_wordrec(hw, USER_BAP,
2427 HERMES_RID_CNFROAMINGMODE,
2430 case FIRMWARE_TYPE_SYMBOL:
2431 err = HERMES_WRITE_RECORD(hw, USER_BAP,
2432 HERMES_RID_CNFMANDATORYBSSID_SYMBOL,
2433 &priv->desired_bssid);
2439 /* Change the WEP keys and/or the current keys. Can be called
2440 * either from __orinoco_hw_setup_enc() or directly from
2441 * orinoco_ioctl_setiwencode(). In the later case the association
2442 * with the AP is not broken (if the firmware can handle it),
2443 * which is needed for 802.1x implementations. */
2444 static int __orinoco_hw_setup_wepkeys(struct orinoco_private *priv)
2446 hermes_t *hw = &priv->hw;
2449 switch (priv->firmware_type) {
2450 case FIRMWARE_TYPE_AGERE:
2451 err = HERMES_WRITE_RECORD(hw, USER_BAP,
2452 HERMES_RID_CNFWEPKEYS_AGERE,
2456 err = hermes_write_wordrec(hw, USER_BAP,
2457 HERMES_RID_CNFTXKEY_AGERE,
2462 case FIRMWARE_TYPE_INTERSIL:
2463 case FIRMWARE_TYPE_SYMBOL:
2468 /* Force uniform key length to work around firmware bugs */
2469 keylen = le16_to_cpu(priv->keys[priv->tx_key].len);
2471 if (keylen > LARGE_KEY_SIZE) {
2472 printk(KERN_ERR "%s: BUG: Key %d has oversize length %d.\n",
2473 priv->ndev->name, priv->tx_key, keylen);
2477 /* Write all 4 keys */
2478 for(i = 0; i < ORINOCO_MAX_KEYS; i++) {
2479 err = hermes_write_ltv(hw, USER_BAP,
2480 HERMES_RID_CNFDEFAULTKEY0 + i,
2481 HERMES_BYTES_TO_RECLEN(keylen),
2482 priv->keys[i].data);
2487 /* Write the index of the key used in transmission */
2488 err = hermes_write_wordrec(hw, USER_BAP,
2489 HERMES_RID_CNFWEPDEFAULTKEYID,
2500 static int __orinoco_hw_setup_enc(struct orinoco_private *priv)
2502 hermes_t *hw = &priv->hw;
2504 int master_wep_flag;
2508 /* Setup WEP keys for WEP and WPA */
2509 if (priv->encode_alg)
2510 __orinoco_hw_setup_wepkeys(priv);
2512 if (priv->wep_restrict)
2513 auth_flag = HERMES_AUTH_SHARED_KEY;
2515 auth_flag = HERMES_AUTH_OPEN;
2517 if (priv->wpa_enabled)
2519 else if (priv->encode_alg == IW_ENCODE_ALG_WEP)
2524 switch (priv->firmware_type) {
2525 case FIRMWARE_TYPE_AGERE: /* Agere style WEP */
2526 if (priv->encode_alg == IW_ENCODE_ALG_WEP) {
2527 /* Enable the shared-key authentication. */
2528 err = hermes_write_wordrec(hw, USER_BAP,
2529 HERMES_RID_CNFAUTHENTICATION_AGERE,
2532 err = hermes_write_wordrec(hw, USER_BAP,
2533 HERMES_RID_CNFWEPENABLED_AGERE,
2538 if (priv->has_wpa) {
2539 /* Set WPA key management */
2540 err = hermes_write_wordrec(hw, USER_BAP,
2541 HERMES_RID_CNFSETWPAAUTHMGMTSUITE_AGERE,
2549 case FIRMWARE_TYPE_INTERSIL: /* Intersil style WEP */
2550 case FIRMWARE_TYPE_SYMBOL: /* Symbol style WEP */
2551 if (priv->encode_alg == IW_ENCODE_ALG_WEP) {
2552 if (priv->wep_restrict ||
2553 (priv->firmware_type == FIRMWARE_TYPE_SYMBOL))
2554 master_wep_flag = HERMES_WEP_PRIVACY_INVOKED |
2555 HERMES_WEP_EXCL_UNENCRYPTED;
2557 master_wep_flag = HERMES_WEP_PRIVACY_INVOKED;
2559 err = hermes_write_wordrec(hw, USER_BAP,
2560 HERMES_RID_CNFAUTHENTICATION,
2565 master_wep_flag = 0;
2567 if (priv->iw_mode == IW_MODE_MONITOR)
2568 master_wep_flag |= HERMES_WEP_HOST_DECRYPT;
2570 /* Master WEP setting : on/off */
2571 err = hermes_write_wordrec(hw, USER_BAP,
2572 HERMES_RID_CNFWEPFLAGS_INTERSIL,
2583 /* key must be 32 bytes, including the tx and rx MIC keys.
2584 * rsc must be 8 bytes
2585 * tsc must be 8 bytes or NULL
2587 static int __orinoco_hw_set_tkip_key(hermes_t *hw, int key_idx, int set_tx,
2588 u8 *key, u8 *rsc, u8 *tsc)
2592 u8 rsc[IW_ENCODE_SEQ_MAX_SIZE];
2593 u8 key[TKIP_KEYLEN];
2594 u8 tx_mic[MIC_KEYLEN];
2595 u8 rx_mic[MIC_KEYLEN];
2596 u8 tsc[IW_ENCODE_SEQ_MAX_SIZE];
2597 } __attribute__ ((packed)) buf;
2608 buf.idx = cpu_to_le16(key_idx);
2609 memcpy(buf.key, key,
2610 sizeof(buf.key) + sizeof(buf.tx_mic) + sizeof(buf.rx_mic));
2613 memset(buf.rsc, 0, sizeof(buf.rsc));
2615 memcpy(buf.rsc, rsc, sizeof(buf.rsc));
2618 memset(buf.tsc, 0, sizeof(buf.tsc));
2621 memcpy(buf.tsc, tsc, sizeof(buf.tsc));
2624 /* Wait upto 100ms for tx queue to empty */
2629 ret = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_TXQUEUEEMPTY,
2633 } while ((k > 0) && xmitting);
2638 err = HERMES_WRITE_RECORD(hw, USER_BAP,
2639 HERMES_RID_CNFADDDEFAULTTKIPKEY_AGERE,
2642 return ret ? ret : err;
2645 static int orinoco_clear_tkip_key(struct orinoco_private *priv,
2648 hermes_t *hw = &priv->hw;
2651 memset(&priv->tkip_key[key_idx], 0, sizeof(priv->tkip_key[key_idx]));
2652 err = hermes_write_wordrec(hw, USER_BAP,
2653 HERMES_RID_CNFREMDEFAULTTKIPKEY_AGERE,
2656 printk(KERN_WARNING "%s: Error %d clearing TKIP key %d\n",
2657 priv->ndev->name, err, key_idx);
2661 static int __orinoco_program_rids(struct net_device *dev)
2663 struct orinoco_private *priv = netdev_priv(dev);
2664 hermes_t *hw = &priv->hw;
2666 struct hermes_idstring idbuf;
2668 /* Set the MAC address */
2669 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
2670 HERMES_BYTES_TO_RECLEN(ETH_ALEN), dev->dev_addr);
2672 printk(KERN_ERR "%s: Error %d setting MAC address\n",
2677 /* Set up the link mode */
2678 err = hermes_write_wordrec(hw, USER_BAP, HERMES_RID_CNFPORTTYPE,
2681 printk(KERN_ERR "%s: Error %d setting port type\n",
2685 /* Set the channel/frequency */
2686 if (priv->channel != 0 && priv->iw_mode != IW_MODE_INFRA) {
2687 err = hermes_write_wordrec(hw, USER_BAP,
2688 HERMES_RID_CNFOWNCHANNEL,
2691 printk(KERN_ERR "%s: Error %d setting channel %d\n",
2692 dev->name, err, priv->channel);
2697 if (priv->has_ibss) {
2700 if ((strlen(priv->desired_essid) == 0) && (priv->createibss)) {
2701 printk(KERN_WARNING "%s: This firmware requires an "
2702 "ESSID in IBSS-Ad-Hoc mode.\n", dev->name);
2703 /* With wvlan_cs, in this case, we would crash.
2704 * hopefully, this driver will behave better...
2708 createibss = priv->createibss;
2711 err = hermes_write_wordrec(hw, USER_BAP,
2712 HERMES_RID_CNFCREATEIBSS,
2715 printk(KERN_ERR "%s: Error %d setting CREATEIBSS\n",
2721 /* Set the desired BSSID */
2722 err = __orinoco_hw_set_wap(priv);
2724 printk(KERN_ERR "%s: Error %d setting AP address\n",
2728 /* Set the desired ESSID */
2729 idbuf.len = cpu_to_le16(strlen(priv->desired_essid));
2730 memcpy(&idbuf.val, priv->desired_essid, sizeof(idbuf.val));
2731 /* WinXP wants partner to configure OWNSSID even in IBSS mode. (jimc) */
2732 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNSSID,
2733 HERMES_BYTES_TO_RECLEN(strlen(priv->desired_essid)+2),
2736 printk(KERN_ERR "%s: Error %d setting OWNSSID\n",
2740 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFDESIREDSSID,
2741 HERMES_BYTES_TO_RECLEN(strlen(priv->desired_essid)+2),
2744 printk(KERN_ERR "%s: Error %d setting DESIREDSSID\n",
2749 /* Set the station name */
2750 idbuf.len = cpu_to_le16(strlen(priv->nick));
2751 memcpy(&idbuf.val, priv->nick, sizeof(idbuf.val));
2752 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNNAME,
2753 HERMES_BYTES_TO_RECLEN(strlen(priv->nick)+2),
2756 printk(KERN_ERR "%s: Error %d setting nickname\n",
2761 /* Set AP density */
2762 if (priv->has_sensitivity) {
2763 err = hermes_write_wordrec(hw, USER_BAP,
2764 HERMES_RID_CNFSYSTEMSCALE,
2767 printk(KERN_WARNING "%s: Error %d setting SYSTEMSCALE. "
2768 "Disabling sensitivity control\n",
2771 priv->has_sensitivity = 0;
2775 /* Set RTS threshold */
2776 err = hermes_write_wordrec(hw, USER_BAP, HERMES_RID_CNFRTSTHRESHOLD,
2779 printk(KERN_ERR "%s: Error %d setting RTS threshold\n",
2784 /* Set fragmentation threshold or MWO robustness */
2786 err = hermes_write_wordrec(hw, USER_BAP,
2787 HERMES_RID_CNFMWOROBUST_AGERE,
2790 err = hermes_write_wordrec(hw, USER_BAP,
2791 HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
2794 printk(KERN_ERR "%s: Error %d setting fragmentation\n",
2800 err = __orinoco_hw_set_bitrate(priv);
2802 printk(KERN_ERR "%s: Error %d setting bitrate\n",
2807 /* Set power management */
2809 err = hermes_write_wordrec(hw, USER_BAP,
2810 HERMES_RID_CNFPMENABLED,
2813 printk(KERN_ERR "%s: Error %d setting up PM\n",
2818 err = hermes_write_wordrec(hw, USER_BAP,
2819 HERMES_RID_CNFMULTICASTRECEIVE,
2822 printk(KERN_ERR "%s: Error %d setting up PM\n",
2826 err = hermes_write_wordrec(hw, USER_BAP,
2827 HERMES_RID_CNFMAXSLEEPDURATION,
2830 printk(KERN_ERR "%s: Error %d setting up PM\n",
2834 err = hermes_write_wordrec(hw, USER_BAP,
2835 HERMES_RID_CNFPMHOLDOVERDURATION,
2838 printk(KERN_ERR "%s: Error %d setting up PM\n",
2844 /* Set preamble - only for Symbol so far... */
2845 if (priv->has_preamble) {
2846 err = hermes_write_wordrec(hw, USER_BAP,
2847 HERMES_RID_CNFPREAMBLE_SYMBOL,
2850 printk(KERN_ERR "%s: Error %d setting preamble\n",
2856 /* Set up encryption */
2857 if (priv->has_wep || priv->has_wpa) {
2858 err = __orinoco_hw_setup_enc(priv);
2860 printk(KERN_ERR "%s: Error %d activating encryption\n",
2866 if (priv->iw_mode == IW_MODE_MONITOR) {
2867 /* Enable monitor mode */
2868 dev->type = ARPHRD_IEEE80211;
2869 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
2870 HERMES_TEST_MONITOR, 0, NULL);
2872 /* Disable monitor mode */
2873 dev->type = ARPHRD_ETHER;
2874 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
2875 HERMES_TEST_STOP, 0, NULL);
2880 /* Set promiscuity / multicast*/
2881 priv->promiscuous = 0;
2884 /* FIXME: what about netif_tx_lock */
2885 __orinoco_set_multicast_list(dev);
2890 /* FIXME: return int? */
2892 __orinoco_set_multicast_list(struct net_device *dev)
2894 struct orinoco_private *priv = netdev_priv(dev);
2895 hermes_t *hw = &priv->hw;
2897 int promisc, mc_count;
2899 /* The Hermes doesn't seem to have an allmulti mode, so we go
2900 * into promiscuous mode and let the upper levels deal. */
2901 if ( (dev->flags & IFF_PROMISC) || (dev->flags & IFF_ALLMULTI) ||
2902 (dev->mc_count > MAX_MULTICAST(priv)) ) {
2907 mc_count = dev->mc_count;
2910 if (promisc != priv->promiscuous) {
2911 err = hermes_write_wordrec(hw, USER_BAP,
2912 HERMES_RID_CNFPROMISCUOUSMODE,
2915 printk(KERN_ERR "%s: Error %d setting PROMISCUOUSMODE to 1.\n",
2918 priv->promiscuous = promisc;
2921 /* If we're not in promiscuous mode, then we need to set the
2922 * group address if either we want to multicast, or if we were
2923 * multicasting and want to stop */
2924 if (! promisc && (mc_count || priv->mc_count) ) {
2925 struct dev_mc_list *p = dev->mc_list;
2926 struct hermes_multicast mclist;
2929 for (i = 0; i < mc_count; i++) {
2930 /* paranoia: is list shorter than mc_count? */
2932 /* paranoia: bad address size in list? */
2933 BUG_ON(p->dmi_addrlen != ETH_ALEN);
2935 memcpy(mclist.addr[i], p->dmi_addr, ETH_ALEN);
2940 printk(KERN_WARNING "%s: Multicast list is "
2941 "longer than mc_count\n", dev->name);
2943 err = hermes_write_ltv(hw, USER_BAP,
2944 HERMES_RID_CNFGROUPADDRESSES,
2945 HERMES_BYTES_TO_RECLEN(mc_count * ETH_ALEN),
2948 printk(KERN_ERR "%s: Error %d setting multicast list.\n",
2951 priv->mc_count = mc_count;
2955 /* This must be called from user context, without locks held - use
2956 * schedule_work() */
2957 static void orinoco_reset(struct work_struct *work)
2959 struct orinoco_private *priv =
2960 container_of(work, struct orinoco_private, reset_work);
2961 struct net_device *dev = priv->ndev;
2962 struct hermes *hw = &priv->hw;
2964 unsigned long flags;
2966 if (orinoco_lock(priv, &flags) != 0)
2967 /* When the hardware becomes available again, whatever
2968 * detects that is responsible for re-initializing
2969 * it. So no need for anything further */
2972 netif_stop_queue(dev);
2974 /* Shut off interrupts. Depending on what state the hardware
2975 * is in, this might not work, but we'll try anyway */
2976 hermes_set_irqmask(hw, 0);
2977 hermes_write_regn(hw, EVACK, 0xffff);
2979 priv->hw_unavailable++;
2980 priv->last_linkstatus = 0xffff; /* firmware will have to reassociate */
2981 netif_carrier_off(dev);
2983 orinoco_unlock(priv, &flags);
2985 /* Scanning support: Cleanup of driver struct */
2986 orinoco_clear_scan_results(priv, 0);
2987 priv->scan_inprogress = 0;
2989 if (priv->hard_reset) {
2990 err = (*priv->hard_reset)(priv);
2992 printk(KERN_ERR "%s: orinoco_reset: Error %d "
2993 "performing hard reset\n", dev->name, err);
2998 err = orinoco_reinit_firmware(dev);
3000 printk(KERN_ERR "%s: orinoco_reset: Error %d re-initializing firmware\n",
3005 spin_lock_irq(&priv->lock); /* This has to be called from user context */
3007 priv->hw_unavailable--;
3009 /* priv->open or priv->hw_unavailable might have changed while
3010 * we dropped the lock */
3011 if (priv->open && (! priv->hw_unavailable)) {
3012 err = __orinoco_up(dev);
3014 printk(KERN_ERR "%s: orinoco_reset: Error %d reenabling card\n",
3017 dev->trans_start = jiffies;
3020 spin_unlock_irq(&priv->lock);
3024 hermes_set_irqmask(hw, 0);
3025 netif_device_detach(dev);
3026 printk(KERN_ERR "%s: Device has been disabled!\n", dev->name);
3029 /********************************************************************/
3030 /* Interrupt handler */
3031 /********************************************************************/
3033 static void __orinoco_ev_tick(struct net_device *dev, hermes_t *hw)
3035 printk(KERN_DEBUG "%s: TICK\n", dev->name);
3038 static void __orinoco_ev_wterr(struct net_device *dev, hermes_t *hw)
3040 /* This seems to happen a fair bit under load, but ignoring it
3041 seems to work fine...*/
3042 printk(KERN_DEBUG "%s: MAC controller error (WTERR). Ignoring.\n",
3046 irqreturn_t orinoco_interrupt(int irq, void *dev_id)
3048 struct net_device *dev = dev_id;
3049 struct orinoco_private *priv = netdev_priv(dev);
3050 hermes_t *hw = &priv->hw;
3051 int count = MAX_IRQLOOPS_PER_IRQ;
3053 /* These are used to detect a runaway interrupt situation */
3054 /* If we get more than MAX_IRQLOOPS_PER_JIFFY iterations in a jiffy,
3055 * we panic and shut down the hardware */
3056 static int last_irq_jiffy = 0; /* jiffies value the last time
3058 static int loops_this_jiffy = 0;
3059 unsigned long flags;
3061 if (orinoco_lock(priv, &flags) != 0) {
3062 /* If hw is unavailable - we don't know if the irq was
3067 evstat = hermes_read_regn(hw, EVSTAT);
3068 events = evstat & hw->inten;
3070 orinoco_unlock(priv, &flags);
3074 if (jiffies != last_irq_jiffy)
3075 loops_this_jiffy = 0;
3076 last_irq_jiffy = jiffies;
3078 while (events && count--) {
3079 if (++loops_this_jiffy > MAX_IRQLOOPS_PER_JIFFY) {
3080 printk(KERN_WARNING "%s: IRQ handler is looping too "
3081 "much! Resetting.\n", dev->name);
3082 /* Disable interrupts for now */
3083 hermes_set_irqmask(hw, 0);
3084 schedule_work(&priv->reset_work);
3088 /* Check the card hasn't been removed */
3089 if (! hermes_present(hw)) {
3090 DEBUG(0, "orinoco_interrupt(): card removed\n");
3094 if (events & HERMES_EV_TICK)
3095 __orinoco_ev_tick(dev, hw);
3096 if (events & HERMES_EV_WTERR)
3097 __orinoco_ev_wterr(dev, hw);
3098 if (events & HERMES_EV_INFDROP)
3099 __orinoco_ev_infdrop(dev, hw);
3100 if (events & HERMES_EV_INFO)
3101 __orinoco_ev_info(dev, hw);
3102 if (events & HERMES_EV_RX)
3103 __orinoco_ev_rx(dev, hw);
3104 if (events & HERMES_EV_TXEXC)
3105 __orinoco_ev_txexc(dev, hw);
3106 if (events & HERMES_EV_TX)
3107 __orinoco_ev_tx(dev, hw);
3108 if (events & HERMES_EV_ALLOC)
3109 __orinoco_ev_alloc(dev, hw);
3111 hermes_write_regn(hw, EVACK, evstat);
3113 evstat = hermes_read_regn(hw, EVSTAT);
3114 events = evstat & hw->inten;
3117 orinoco_unlock(priv, &flags);
3121 /********************************************************************/
3122 /* Power management */
3123 /********************************************************************/
3124 #if defined(CONFIG_PM_SLEEP) && !defined(CONFIG_HERMES_CACHE_FW_ON_INIT)
3125 static int orinoco_pm_notifier(struct notifier_block *notifier,
3126 unsigned long pm_event,
3129 struct orinoco_private *priv = container_of(notifier,
3130 struct orinoco_private,
3133 /* All we need to do is cache the firmware before suspend, and
3134 * release it when we come out.
3136 * Only need to do this if we're downloading firmware. */
3137 if (!priv->do_fw_download)
3141 case PM_HIBERNATION_PREPARE:
3142 case PM_SUSPEND_PREPARE:
3143 orinoco_cache_fw(priv, 0);
3146 case PM_POST_RESTORE:
3147 /* Restore from hibernation failed. We need to clean
3148 * up in exactly the same way, so fall through. */
3149 case PM_POST_HIBERNATION:
3150 case PM_POST_SUSPEND:
3151 orinoco_uncache_fw(priv);
3154 case PM_RESTORE_PREPARE:
3161 #else /* !PM_SLEEP || HERMES_CACHE_FW_ON_INIT */
3162 #define orinoco_pm_notifier NULL
3165 /********************************************************************/
3166 /* Initialization */
3167 /********************************************************************/
3170 u16 id, variant, major, minor;
3171 } __attribute__ ((packed));
3173 static inline fwtype_t determine_firmware_type(struct comp_id *nic_id)
3175 if (nic_id->id < 0x8000)
3176 return FIRMWARE_TYPE_AGERE;
3177 else if (nic_id->id == 0x8000 && nic_id->major == 0)
3178 return FIRMWARE_TYPE_SYMBOL;
3180 return FIRMWARE_TYPE_INTERSIL;
3183 /* Set priv->firmware type, determine firmware properties */
3184 static int determine_firmware(struct net_device *dev)
3186 struct orinoco_private *priv = netdev_priv(dev);
3187 hermes_t *hw = &priv->hw;
3189 struct comp_id nic_id, sta_id;
3190 unsigned int firmver;
3191 char tmp[SYMBOL_MAX_VER_LEN+1] __attribute__((aligned(2)));
3193 /* Get the hardware version */
3194 err = HERMES_READ_RECORD(hw, USER_BAP, HERMES_RID_NICID, &nic_id);
3196 printk(KERN_ERR "%s: Cannot read hardware identity: error %d\n",
3201 le16_to_cpus(&nic_id.id);
3202 le16_to_cpus(&nic_id.variant);
3203 le16_to_cpus(&nic_id.major);
3204 le16_to_cpus(&nic_id.minor);
3205 printk(KERN_DEBUG "%s: Hardware identity %04x:%04x:%04x:%04x\n",
3206 dev->name, nic_id.id, nic_id.variant,
3207 nic_id.major, nic_id.minor);
3209 priv->firmware_type = determine_firmware_type(&nic_id);
3211 /* Get the firmware version */
3212 err = HERMES_READ_RECORD(hw, USER_BAP, HERMES_RID_STAID, &sta_id);
3214 printk(KERN_ERR "%s: Cannot read station identity: error %d\n",
3219 le16_to_cpus(&sta_id.id);
3220 le16_to_cpus(&sta_id.variant);
3221 le16_to_cpus(&sta_id.major);
3222 le16_to_cpus(&sta_id.minor);
3223 printk(KERN_DEBUG "%s: Station identity %04x:%04x:%04x:%04x\n",
3224 dev->name, sta_id.id, sta_id.variant,
3225 sta_id.major, sta_id.minor);
3227 switch (sta_id.id) {
3229 printk(KERN_ERR "%s: Primary firmware is active\n",
3233 printk(KERN_ERR "%s: Tertiary firmware is active\n",
3236 case 0x1f: /* Intersil, Agere, Symbol Spectrum24 */
3237 case 0x21: /* Symbol Spectrum24 Trilogy */
3240 printk(KERN_NOTICE "%s: Unknown station ID, please report\n",
3245 /* Default capabilities */
3246 priv->has_sensitivity = 1;
3248 priv->has_preamble = 0;
3249 priv->has_port3 = 1;
3252 priv->has_big_wep = 0;
3253 priv->has_alt_txcntl = 0;
3254 priv->has_ext_scan = 0;
3256 priv->do_fw_download = 0;
3258 /* Determine capabilities from the firmware version */
3259 switch (priv->firmware_type) {
3260 case FIRMWARE_TYPE_AGERE:
3261 /* Lucent Wavelan IEEE, Lucent Orinoco, Cabletron RoamAbout,
3262 ELSA, Melco, HP, IBM, Dell 1150, Compaq 110/210 */
3263 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
3264 "Lucent/Agere %d.%02d", sta_id.major, sta_id.minor);
3266 firmver = ((unsigned long)sta_id.major << 16) | sta_id.minor;
3268 priv->has_ibss = (firmver >= 0x60006);
3269 priv->has_wep = (firmver >= 0x40020);
3270 priv->has_big_wep = 1; /* FIXME: this is wrong - how do we tell
3271 Gold cards from the others? */
3272 priv->has_mwo = (firmver >= 0x60000);
3273 priv->has_pm = (firmver >= 0x40020); /* Don't work in 7.52 ? */
3274 priv->ibss_port = 1;
3275 priv->has_hostscan = (firmver >= 0x8000a);
3276 priv->do_fw_download = 1;
3277 priv->broken_monitor = (firmver >= 0x80000);
3278 priv->has_alt_txcntl = (firmver >= 0x90000); /* All 9.x ? */
3279 priv->has_ext_scan = (firmver >= 0x90000); /* All 9.x ? */
3280 priv->has_wpa = (firmver >= 0x9002a);
3281 /* Tested with Agere firmware :
3282 * 1.16 ; 4.08 ; 4.52 ; 6.04 ; 6.16 ; 7.28 => Jean II
3283 * Tested CableTron firmware : 4.32 => Anton */
3285 case FIRMWARE_TYPE_SYMBOL:
3286 /* Symbol , 3Com AirConnect, Intel, Ericsson WLAN */
3287 /* Intel MAC : 00:02:B3:* */
3288 /* 3Com MAC : 00:50:DA:* */
3289 memset(tmp, 0, sizeof(tmp));
3290 /* Get the Symbol firmware version */
3291 err = hermes_read_ltv(hw, USER_BAP,
3292 HERMES_RID_SECONDARYVERSION_SYMBOL,
3293 SYMBOL_MAX_VER_LEN, NULL, &tmp);
3296 "%s: Error %d reading Symbol firmware info. Wildly guessing capabilities...\n",
3301 /* The firmware revision is a string, the format is
3302 * something like : "V2.20-01".
3303 * Quick and dirty parsing... - Jean II
3305 firmver = ((tmp[1] - '0') << 16) | ((tmp[3] - '0') << 12)
3306 | ((tmp[4] - '0') << 8) | ((tmp[6] - '0') << 4)
3309 tmp[SYMBOL_MAX_VER_LEN] = '\0';
3312 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
3315 priv->has_ibss = (firmver >= 0x20000);
3316 priv->has_wep = (firmver >= 0x15012);
3317 priv->has_big_wep = (firmver >= 0x20000);
3318 priv->has_pm = (firmver >= 0x20000 && firmver < 0x22000) ||
3319 (firmver >= 0x29000 && firmver < 0x30000) ||
3321 priv->has_preamble = (firmver >= 0x20000);
3322 priv->ibss_port = 4;
3324 /* Symbol firmware is found on various cards, but
3325 * there has been no attempt to check firmware
3326 * download on non-spectrum_cs based cards.
3328 * Given that the Agere firmware download works
3329 * differently, we should avoid doing a firmware
3330 * download with the Symbol algorithm on non-spectrum
3333 * For now we can identify a spectrum_cs based card
3334 * because it has a firmware reset function.
3336 priv->do_fw_download = (priv->stop_fw != NULL);
3338 priv->broken_disableport = (firmver == 0x25013) ||
3339 (firmver >= 0x30000 && firmver <= 0x31000);
3340 priv->has_hostscan = (firmver >= 0x31001) ||
3341 (firmver >= 0x29057 && firmver < 0x30000);
3342 /* Tested with Intel firmware : 0x20015 => Jean II */
3343 /* Tested with 3Com firmware : 0x15012 & 0x22001 => Jean II */
3345 case FIRMWARE_TYPE_INTERSIL:
3346 /* D-Link, Linksys, Adtron, ZoomAir, and many others...
3347 * Samsung, Compaq 100/200 and Proxim are slightly
3348 * different and less well tested */
3349 /* D-Link MAC : 00:40:05:* */
3350 /* Addtron MAC : 00:90:D1:* */
3351 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
3352 "Intersil %d.%d.%d", sta_id.major, sta_id.minor,
3355 firmver = ((unsigned long)sta_id.major << 16) |
3356 ((unsigned long)sta_id.minor << 8) | sta_id.variant;
3358 priv->has_ibss = (firmver >= 0x000700); /* FIXME */
3359 priv->has_big_wep = priv->has_wep = (firmver >= 0x000800);
3360 priv->has_pm = (firmver >= 0x000700);
3361 priv->has_hostscan = (firmver >= 0x010301);
3363 if (firmver >= 0x000800)
3364 priv->ibss_port = 0;
3366 printk(KERN_NOTICE "%s: Intersil firmware earlier "
3367 "than v0.8.x - several features not supported\n",
3369 priv->ibss_port = 1;
3373 printk(KERN_DEBUG "%s: Firmware determined as %s\n", dev->name,
3379 static int orinoco_init(struct net_device *dev)
3381 struct orinoco_private *priv = netdev_priv(dev);
3382 hermes_t *hw = &priv->hw;
3384 struct hermes_idstring nickbuf;
3388 /* No need to lock, the hw_unavailable flag is already set in
3389 * alloc_orinocodev() */
3390 priv->nicbuf_size = IEEE80211_MAX_FRAME_LEN + ETH_HLEN;
3392 /* Initialize the firmware */
3393 err = hermes_init(hw);
3395 printk(KERN_ERR "%s: failed to initialize firmware (err = %d)\n",
3400 err = determine_firmware(dev);
3402 printk(KERN_ERR "%s: Incompatible firmware, aborting\n",
3407 if (priv->do_fw_download) {
3408 #ifdef CONFIG_HERMES_CACHE_FW_ON_INIT
3409 orinoco_cache_fw(priv, 0);
3412 err = orinoco_download(priv);
3414 priv->do_fw_download = 0;
3416 /* Check firmware version again */
3417 err = determine_firmware(dev);
3419 printk(KERN_ERR "%s: Incompatible firmware, aborting\n",
3425 if (priv->has_port3)
3426 printk(KERN_DEBUG "%s: Ad-hoc demo mode supported\n", dev->name);
3428 printk(KERN_DEBUG "%s: IEEE standard IBSS ad-hoc mode supported\n",
3430 if (priv->has_wep) {
3431 printk(KERN_DEBUG "%s: WEP supported, ", dev->name);
3432 if (priv->has_big_wep)
3433 printk("104-bit key\n");
3435 printk("40-bit key\n");
3437 if (priv->has_wpa) {
3438 printk(KERN_DEBUG "%s: WPA-PSK supported\n", dev->name);
3439 if (orinoco_mic_init(priv)) {
3440 printk(KERN_ERR "%s: Failed to setup MIC crypto "
3441 "algorithm. Disabling WPA support\n", dev->name);
3446 /* Now we have the firmware capabilities, allocate appropiate
3447 * sized scan buffers */
3448 if (orinoco_bss_data_allocate(priv))
3450 orinoco_bss_data_init(priv);
3452 /* Get the MAC address */
3453 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
3454 ETH_ALEN, NULL, dev->dev_addr);
3456 printk(KERN_WARNING "%s: failed to read MAC address!\n",
3461 printk(KERN_DEBUG "%s: MAC address %pM\n",
3462 dev->name, dev->dev_addr);
3464 /* Get the station name */
3465 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CNFOWNNAME,
3466 sizeof(nickbuf), &reclen, &nickbuf);
3468 printk(KERN_ERR "%s: failed to read station name\n",
3473 len = min(IW_ESSID_MAX_SIZE, (int)le16_to_cpu(nickbuf.len));
3475 len = min(IW_ESSID_MAX_SIZE, 2 * reclen);
3476 memcpy(priv->nick, &nickbuf.val, len);
3477 priv->nick[len] = '\0';
3479 printk(KERN_DEBUG "%s: Station name \"%s\"\n", dev->name, priv->nick);
3481 err = orinoco_allocate_fid(dev);
3483 printk(KERN_ERR "%s: failed to allocate NIC buffer!\n",
3488 /* Get allowed channels */
3489 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CHANNELLIST,
3490 &priv->channel_mask);
3492 printk(KERN_ERR "%s: failed to read channel list!\n",
3497 /* Get initial AP density */
3498 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFSYSTEMSCALE,
3500 if (err || priv->ap_density < 1 || priv->ap_density > 3) {
3501 priv->has_sensitivity = 0;
3504 /* Get initial RTS threshold */
3505 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFRTSTHRESHOLD,
3508 printk(KERN_ERR "%s: failed to read RTS threshold!\n",
3513 /* Get initial fragmentation settings */
3515 err = hermes_read_wordrec(hw, USER_BAP,
3516 HERMES_RID_CNFMWOROBUST_AGERE,
3519 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
3520 &priv->frag_thresh);
3522 printk(KERN_ERR "%s: failed to read fragmentation settings!\n",
3527 /* Power management setup */
3531 err = hermes_read_wordrec(hw, USER_BAP,
3532 HERMES_RID_CNFMAXSLEEPDURATION,
3535 printk(KERN_ERR "%s: failed to read power management period!\n",
3539 err = hermes_read_wordrec(hw, USER_BAP,
3540 HERMES_RID_CNFPMHOLDOVERDURATION,
3543 printk(KERN_ERR "%s: failed to read power management timeout!\n",
3549 /* Preamble setup */
3550 if (priv->has_preamble) {
3551 err = hermes_read_wordrec(hw, USER_BAP,
3552 HERMES_RID_CNFPREAMBLE_SYMBOL,
3558 /* Set up the default configuration */
3559 priv->iw_mode = IW_MODE_INFRA;
3560 /* By default use IEEE/IBSS ad-hoc mode if we have it */
3561 priv->prefer_port3 = priv->has_port3 && (! priv->has_ibss);
3562 set_port_type(priv);
3563 priv->channel = 0; /* use firmware default */
3565 priv->promiscuous = 0;
3566 priv->encode_alg = IW_ENCODE_ALG_NONE;
3568 priv->wpa_enabled = 0;
3569 priv->tkip_cm_active = 0;
3571 priv->wpa_ie_len = 0;
3572 priv->wpa_ie = NULL;
3574 /* Make the hardware available, as long as it hasn't been
3575 * removed elsewhere (e.g. by PCMCIA hot unplug) */
3576 spin_lock_irq(&priv->lock);
3577 priv->hw_unavailable--;
3578 spin_unlock_irq(&priv->lock);
3580 printk(KERN_DEBUG "%s: ready\n", dev->name);
3586 static const struct net_device_ops orinoco_netdev_ops = {
3587 .ndo_init = orinoco_init,
3588 .ndo_open = orinoco_open,
3589 .ndo_stop = orinoco_stop,
3590 .ndo_start_xmit = orinoco_xmit,
3591 .ndo_set_multicast_list = orinoco_set_multicast_list,
3592 .ndo_change_mtu = orinoco_change_mtu,
3593 .ndo_tx_timeout = orinoco_tx_timeout,
3594 .ndo_get_stats = orinoco_get_stats,
3598 *alloc_orinocodev(int sizeof_card,
3599 struct device *device,
3600 int (*hard_reset)(struct orinoco_private *),
3601 int (*stop_fw)(struct orinoco_private *, int))
3603 struct net_device *dev;
3604 struct orinoco_private *priv;
3606 dev = alloc_etherdev(sizeof(struct orinoco_private) + sizeof_card);
3609 priv = netdev_priv(dev);
3612 priv->card = (void *)((unsigned long)priv
3613 + sizeof(struct orinoco_private));
3618 /* Setup / override net_device fields */
3619 dev->netdev_ops = &orinoco_netdev_ops;
3620 dev->watchdog_timeo = HZ; /* 1 second timeout */
3621 dev->ethtool_ops = &orinoco_ethtool_ops;
3622 dev->wireless_handlers = (struct iw_handler_def *)&orinoco_handler_def;
3624 priv->wireless_data.spy_data = &priv->spy_data;
3625 dev->wireless_data = &priv->wireless_data;
3627 /* we use the default eth_mac_addr for setting the MAC addr */
3629 /* Reserve space in skb for the SNAP header */
3630 dev->hard_header_len += ENCAPS_OVERHEAD;
3632 /* Set up default callbacks */
3633 priv->hard_reset = hard_reset;
3634 priv->stop_fw = stop_fw;
3636 spin_lock_init(&priv->lock);
3638 priv->hw_unavailable = 1; /* orinoco_init() must clear this
3639 * before anything else touches the
3641 INIT_WORK(&priv->reset_work, orinoco_reset);
3642 INIT_WORK(&priv->join_work, orinoco_join_ap);
3643 INIT_WORK(&priv->wevent_work, orinoco_send_wevents);
3645 INIT_LIST_HEAD(&priv->rx_list);
3646 tasklet_init(&priv->rx_tasklet, orinoco_rx_isr_tasklet,
3647 (unsigned long) dev);
3649 netif_carrier_off(dev);
3650 priv->last_linkstatus = 0xffff;
3652 priv->cached_pri_fw = NULL;
3653 priv->cached_fw = NULL;
3655 /* Register PM notifiers */
3656 priv->pm_notifier.notifier_call = orinoco_pm_notifier;
3657 register_pm_notifier(&priv->pm_notifier);
3662 void free_orinocodev(struct net_device *dev)
3664 struct orinoco_private *priv = netdev_priv(dev);
3665 struct orinoco_rx_data *rx_data, *temp;
3667 /* If the tasklet is scheduled when we call tasklet_kill it
3668 * will run one final time. However the tasklet will only
3669 * drain priv->rx_list if the hw is still available. */
3670 tasklet_kill(&priv->rx_tasklet);
3672 /* Explicitly drain priv->rx_list */
3673 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
3674 list_del(&rx_data->list);
3676 dev_kfree_skb(rx_data->skb);
3677 kfree(rx_data->desc);
3681 unregister_pm_notifier(&priv->pm_notifier);
3682 orinoco_uncache_fw(priv);
3684 priv->wpa_ie_len = 0;
3685 kfree(priv->wpa_ie);
3686 orinoco_mic_free(priv);
3687 orinoco_bss_data_free(priv);
3691 /********************************************************************/
3692 /* Wireless extensions */
3693 /********************************************************************/
3695 /* Return : < 0 -> error code ; >= 0 -> length */
3696 static int orinoco_hw_get_essid(struct orinoco_private *priv, int *active,
3697 char buf[IW_ESSID_MAX_SIZE+1])
3699 hermes_t *hw = &priv->hw;
3701 struct hermes_idstring essidbuf;
3702 char *p = (char *)(&essidbuf.val);
3704 unsigned long flags;
3706 if (orinoco_lock(priv, &flags) != 0)
3709 if (strlen(priv->desired_essid) > 0) {
3710 /* We read the desired SSID from the hardware rather
3711 than from priv->desired_essid, just in case the
3712 firmware is allowed to change it on us. I'm not
3714 /* My guess is that the OWNSSID should always be whatever
3715 * we set to the card, whereas CURRENT_SSID is the one that
3716 * may change... - Jean II */
3721 rid = (priv->port_type == 3) ? HERMES_RID_CNFOWNSSID :
3722 HERMES_RID_CNFDESIREDSSID;
3724 err = hermes_read_ltv(hw, USER_BAP, rid, sizeof(essidbuf),
3731 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTSSID,
3732 sizeof(essidbuf), NULL, &essidbuf);
3737 len = le16_to_cpu(essidbuf.len);
3738 BUG_ON(len > IW_ESSID_MAX_SIZE);
3740 memset(buf, 0, IW_ESSID_MAX_SIZE);
3741 memcpy(buf, p, len);
3745 orinoco_unlock(priv, &flags);
3750 static int orinoco_hw_get_freq(struct orinoco_private *priv)
3753 hermes_t *hw = &priv->hw;
3757 unsigned long flags;
3759 if (orinoco_lock(priv, &flags) != 0)
3762 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CURRENTCHANNEL, &channel);
3766 /* Intersil firmware 1.3.5 returns 0 when the interface is down */
3772 if ( (channel < 1) || (channel > NUM_CHANNELS) ) {
3773 printk(KERN_WARNING "%s: Channel out of range (%d)!\n",
3774 priv->ndev->name, channel);
3779 freq = ieee80211_dsss_chan_to_freq(channel);
3782 orinoco_unlock(priv, &flags);
3786 return err ? err : freq;
3789 static int orinoco_hw_get_bitratelist(struct orinoco_private *priv,
3790 int *numrates, s32 *rates, int max)
3792 hermes_t *hw = &priv->hw;
3793 struct hermes_idstring list;
3794 unsigned char *p = (unsigned char *)&list.val;
3798 unsigned long flags;
3800 if (orinoco_lock(priv, &flags) != 0)
3803 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_SUPPORTEDDATARATES,
3804 sizeof(list), NULL, &list);
3805 orinoco_unlock(priv, &flags);
3810 num = le16_to_cpu(list.len);
3812 num = min(num, max);
3814 for (i = 0; i < num; i++) {
3815 rates[i] = (p[i] & 0x7f) * 500000; /* convert to bps */
3821 static int orinoco_ioctl_getname(struct net_device *dev,
3822 struct iw_request_info *info,
3826 struct orinoco_private *priv = netdev_priv(dev);
3830 err = orinoco_hw_get_bitratelist(priv, &numrates, NULL, 0);
3832 if (!err && (numrates > 2))
3833 strcpy(name, "IEEE 802.11b");
3835 strcpy(name, "IEEE 802.11-DS");
3840 static int orinoco_ioctl_setwap(struct net_device *dev,
3841 struct iw_request_info *info,
3842 struct sockaddr *ap_addr,
3845 struct orinoco_private *priv = netdev_priv(dev);
3846 int err = -EINPROGRESS; /* Call commit handler */
3847 unsigned long flags;
3848 static const u8 off_addr[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
3849 static const u8 any_addr[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
3851 if (orinoco_lock(priv, &flags) != 0)
3854 /* Enable automatic roaming - no sanity checks are needed */
3855 if (memcmp(&ap_addr->sa_data, off_addr, ETH_ALEN) == 0 ||
3856 memcmp(&ap_addr->sa_data, any_addr, ETH_ALEN) == 0) {
3857 priv->bssid_fixed = 0;
3858 memset(priv->desired_bssid, 0, ETH_ALEN);
3860 /* "off" means keep existing connection */
3861 if (ap_addr->sa_data[0] == 0) {
3862 __orinoco_hw_set_wap(priv);
3868 if (priv->firmware_type == FIRMWARE_TYPE_AGERE) {
3869 printk(KERN_WARNING "%s: Lucent/Agere firmware doesn't "
3870 "support manual roaming\n",
3876 if (priv->iw_mode != IW_MODE_INFRA) {
3877 printk(KERN_WARNING "%s: Manual roaming supported only in "
3878 "managed mode\n", dev->name);
3883 /* Intersil firmware hangs without Desired ESSID */
3884 if (priv->firmware_type == FIRMWARE_TYPE_INTERSIL &&
3885 strlen(priv->desired_essid) == 0) {
3886 printk(KERN_WARNING "%s: Desired ESSID must be set for "
3887 "manual roaming\n", dev->name);
3892 /* Finally, enable manual roaming */
3893 priv->bssid_fixed = 1;
3894 memcpy(priv->desired_bssid, &ap_addr->sa_data, ETH_ALEN);
3897 orinoco_unlock(priv, &flags);
3901 static int orinoco_ioctl_getwap(struct net_device *dev,
3902 struct iw_request_info *info,
3903 struct sockaddr *ap_addr,
3906 struct orinoco_private *priv = netdev_priv(dev);
3908 hermes_t *hw = &priv->hw;
3910 unsigned long flags;
3912 if (orinoco_lock(priv, &flags) != 0)
3915 ap_addr->sa_family = ARPHRD_ETHER;
3916 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTBSSID,
3917 ETH_ALEN, NULL, ap_addr->sa_data);
3919 orinoco_unlock(priv, &flags);
3924 static int orinoco_ioctl_setmode(struct net_device *dev,
3925 struct iw_request_info *info,
3929 struct orinoco_private *priv = netdev_priv(dev);
3930 int err = -EINPROGRESS; /* Call commit handler */
3931 unsigned long flags;
3933 if (priv->iw_mode == *mode)
3936 if (orinoco_lock(priv, &flags) != 0)
3941 if (!priv->has_ibss && !priv->has_port3)
3948 case IW_MODE_MONITOR:
3949 if (priv->broken_monitor && !force_monitor) {
3950 printk(KERN_WARNING "%s: Monitor mode support is "
3951 "buggy in this firmware, not enabling\n",
3962 if (err == -EINPROGRESS) {
3963 priv->iw_mode = *mode;
3964 set_port_type(priv);
3967 orinoco_unlock(priv, &flags);
3972 static int orinoco_ioctl_getmode(struct net_device *dev,
3973 struct iw_request_info *info,
3977 struct orinoco_private *priv = netdev_priv(dev);
3979 *mode = priv->iw_mode;
3983 static int orinoco_ioctl_getiwrange(struct net_device *dev,
3984 struct iw_request_info *info,
3985 struct iw_point *rrq,
3988 struct orinoco_private *priv = netdev_priv(dev);
3990 struct iw_range *range = (struct iw_range *) extra;
3994 rrq->length = sizeof(struct iw_range);
3995 memset(range, 0, sizeof(struct iw_range));
3997 range->we_version_compiled = WIRELESS_EXT;
3998 range->we_version_source = 22;
4000 /* Set available channels/frequencies */
4001 range->num_channels = NUM_CHANNELS;
4003 for (i = 0; i < NUM_CHANNELS; i++) {
4004 if (priv->channel_mask & (1 << i)) {
4005 range->freq[k].i = i + 1;
4006 range->freq[k].m = (ieee80211_dsss_chan_to_freq(i + 1) *
4008 range->freq[k].e = 1;
4012 if (k >= IW_MAX_FREQUENCIES)
4015 range->num_frequency = k;
4016 range->sensitivity = 3;
4018 if (priv->has_wep) {
4019 range->max_encoding_tokens = ORINOCO_MAX_KEYS;
4020 range->encoding_size[0] = SMALL_KEY_SIZE;
4021 range->num_encoding_sizes = 1;
4023 if (priv->has_big_wep) {
4024 range->encoding_size[1] = LARGE_KEY_SIZE;
4025 range->num_encoding_sizes = 2;
4030 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_CIPHER_TKIP;
4032 if ((priv->iw_mode == IW_MODE_ADHOC) && (!SPY_NUMBER(priv))){
4033 /* Quality stats meaningless in ad-hoc mode */
4035 range->max_qual.qual = 0x8b - 0x2f;
4036 range->max_qual.level = 0x2f - 0x95 - 1;
4037 range->max_qual.noise = 0x2f - 0x95 - 1;
4038 /* Need to get better values */
4039 range->avg_qual.qual = 0x24;
4040 range->avg_qual.level = 0xC2;
4041 range->avg_qual.noise = 0x9E;
4044 err = orinoco_hw_get_bitratelist(priv, &numrates,
4045 range->bitrate, IW_MAX_BITRATES);
4048 range->num_bitrates = numrates;
4050 /* Set an indication of the max TCP throughput in bit/s that we can
4051 * expect using this interface. May be use for QoS stuff...
4054 range->throughput = 5 * 1000 * 1000; /* ~5 Mb/s */
4056 range->throughput = 1.5 * 1000 * 1000; /* ~1.5 Mb/s */
4059 range->max_rts = 2347;
4060 range->min_frag = 256;
4061 range->max_frag = 2346;
4064 range->max_pmp = 65535000;
4066 range->max_pmt = 65535 * 1000; /* ??? */
4067 range->pmp_flags = IW_POWER_PERIOD;
4068 range->pmt_flags = IW_POWER_TIMEOUT;
4069 range->pm_capa = IW_POWER_PERIOD | IW_POWER_TIMEOUT | IW_POWER_UNICAST_R;
4071 range->retry_capa = IW_RETRY_LIMIT | IW_RETRY_LIFETIME;
4072 range->retry_flags = IW_RETRY_LIMIT;
4073 range->r_time_flags = IW_RETRY_LIFETIME;
4074 range->min_retry = 0;
4075 range->max_retry = 65535; /* ??? */
4076 range->min_r_time = 0;
4077 range->max_r_time = 65535 * 1000; /* ??? */
4079 if (priv->firmware_type == FIRMWARE_TYPE_AGERE)
4080 range->scan_capa = IW_SCAN_CAPA_ESSID;
4082 range->scan_capa = IW_SCAN_CAPA_NONE;
4084 /* Event capability (kernel) */
4085 IW_EVENT_CAPA_SET_KERNEL(range->event_capa);
4086 /* Event capability (driver) */
4087 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWTHRSPY);
4088 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
4089 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
4090 IW_EVENT_CAPA_SET(range->event_capa, IWEVTXDROP);
4095 static int orinoco_ioctl_setiwencode(struct net_device *dev,
4096 struct iw_request_info *info,
4097 struct iw_point *erq,
4100 struct orinoco_private *priv = netdev_priv(dev);
4101 int index = (erq->flags & IW_ENCODE_INDEX) - 1;
4102 int setindex = priv->tx_key;
4103 int encode_alg = priv->encode_alg;
4104 int restricted = priv->wep_restrict;
4106 int err = -EINPROGRESS; /* Call commit handler */
4107 unsigned long flags;
4109 if (! priv->has_wep)
4113 /* We actually have a key to set - check its length */
4114 if (erq->length > LARGE_KEY_SIZE)
4117 if ( (erq->length > SMALL_KEY_SIZE) && !priv->has_big_wep )
4121 if (orinoco_lock(priv, &flags) != 0)
4124 /* Clear any TKIP key we have */
4125 if ((priv->has_wpa) && (priv->encode_alg == IW_ENCODE_ALG_TKIP))
4126 (void) orinoco_clear_tkip_key(priv, setindex);
4128 if (erq->length > 0) {
4129 if ((index < 0) || (index >= ORINOCO_MAX_KEYS))
4130 index = priv->tx_key;
4132 /* Adjust key length to a supported value */
4133 if (erq->length > SMALL_KEY_SIZE) {
4134 xlen = LARGE_KEY_SIZE;
4135 } else if (erq->length > 0) {
4136 xlen = SMALL_KEY_SIZE;
4140 /* Switch on WEP if off */
4141 if ((encode_alg != IW_ENCODE_ALG_WEP) && (xlen > 0)) {
4143 encode_alg = IW_ENCODE_ALG_WEP;
4146 /* Important note : if the user do "iwconfig eth0 enc off",
4147 * we will arrive there with an index of -1. This is valid
4148 * but need to be taken care off... Jean II */
4149 if ((index < 0) || (index >= ORINOCO_MAX_KEYS)) {
4150 if((index != -1) || (erq->flags == 0)) {
4155 /* Set the index : Check that the key is valid */
4156 if(priv->keys[index].len == 0) {
4164 if (erq->flags & IW_ENCODE_DISABLED)
4165 encode_alg = IW_ENCODE_ALG_NONE;
4166 if (erq->flags & IW_ENCODE_OPEN)
4168 if (erq->flags & IW_ENCODE_RESTRICTED)
4171 if (erq->pointer && erq->length > 0) {
4172 priv->keys[index].len = cpu_to_le16(xlen);
4173 memset(priv->keys[index].data, 0,
4174 sizeof(priv->keys[index].data));
4175 memcpy(priv->keys[index].data, keybuf, erq->length);
4177 priv->tx_key = setindex;
4179 /* Try fast key change if connected and only keys are changed */
4180 if ((priv->encode_alg == encode_alg) &&
4181 (priv->wep_restrict == restricted) &&
4182 netif_carrier_ok(dev)) {
4183 err = __orinoco_hw_setup_wepkeys(priv);
4184 /* No need to commit if successful */
4188 priv->encode_alg = encode_alg;
4189 priv->wep_restrict = restricted;
4192 orinoco_unlock(priv, &flags);
4197 static int orinoco_ioctl_getiwencode(struct net_device *dev,
4198 struct iw_request_info *info,
4199 struct iw_point *erq,
4202 struct orinoco_private *priv = netdev_priv(dev);
4203 int index = (erq->flags & IW_ENCODE_INDEX) - 1;
4205 unsigned long flags;
4207 if (! priv->has_wep)
4210 if (orinoco_lock(priv, &flags) != 0)
4213 if ((index < 0) || (index >= ORINOCO_MAX_KEYS))
4214 index = priv->tx_key;
4217 if (!priv->encode_alg)
4218 erq->flags |= IW_ENCODE_DISABLED;
4219 erq->flags |= index + 1;
4221 if (priv->wep_restrict)
4222 erq->flags |= IW_ENCODE_RESTRICTED;
4224 erq->flags |= IW_ENCODE_OPEN;
4226 xlen = le16_to_cpu(priv->keys[index].len);
4230 memcpy(keybuf, priv->keys[index].data, ORINOCO_MAX_KEY_SIZE);
4232 orinoco_unlock(priv, &flags);
4236 static int orinoco_ioctl_setessid(struct net_device *dev,
4237 struct iw_request_info *info,
4238 struct iw_point *erq,
4241 struct orinoco_private *priv = netdev_priv(dev);
4242 unsigned long flags;
4244 /* Note : ESSID is ignored in Ad-Hoc demo mode, but we can set it
4245 * anyway... - Jean II */
4247 /* Hum... Should not use Wireless Extension constant (may change),
4248 * should use our own... - Jean II */
4249 if (erq->length > IW_ESSID_MAX_SIZE)
4252 if (orinoco_lock(priv, &flags) != 0)
4255 /* NULL the string (for NULL termination & ESSID = ANY) - Jean II */
4256 memset(priv->desired_essid, 0, sizeof(priv->desired_essid));
4258 /* If not ANY, get the new ESSID */
4260 memcpy(priv->desired_essid, essidbuf, erq->length);
4263 orinoco_unlock(priv, &flags);
4265 return -EINPROGRESS; /* Call commit handler */
4268 static int orinoco_ioctl_getessid(struct net_device *dev,
4269 struct iw_request_info *info,
4270 struct iw_point *erq,
4273 struct orinoco_private *priv = netdev_priv(dev);
4276 unsigned long flags;
4278 if (netif_running(dev)) {
4279 err = orinoco_hw_get_essid(priv, &active, essidbuf);
4284 if (orinoco_lock(priv, &flags) != 0)
4286 memcpy(essidbuf, priv->desired_essid, IW_ESSID_MAX_SIZE);
4287 erq->length = strlen(priv->desired_essid);
4288 orinoco_unlock(priv, &flags);
4296 static int orinoco_ioctl_setnick(struct net_device *dev,
4297 struct iw_request_info *info,
4298 struct iw_point *nrq,
4301 struct orinoco_private *priv = netdev_priv(dev);
4302 unsigned long flags;
4304 if (nrq->length > IW_ESSID_MAX_SIZE)
4307 if (orinoco_lock(priv, &flags) != 0)
4310 memset(priv->nick, 0, sizeof(priv->nick));
4311 memcpy(priv->nick, nickbuf, nrq->length);
4313 orinoco_unlock(priv, &flags);
4315 return -EINPROGRESS; /* Call commit handler */
4318 static int orinoco_ioctl_getnick(struct net_device *dev,
4319 struct iw_request_info *info,
4320 struct iw_point *nrq,
4323 struct orinoco_private *priv = netdev_priv(dev);
4324 unsigned long flags;
4326 if (orinoco_lock(priv, &flags) != 0)
4329 memcpy(nickbuf, priv->nick, IW_ESSID_MAX_SIZE);
4330 orinoco_unlock(priv, &flags);
4332 nrq->length = strlen(priv->nick);
4337 static int orinoco_ioctl_setfreq(struct net_device *dev,
4338 struct iw_request_info *info,
4339 struct iw_freq *frq,
4342 struct orinoco_private *priv = netdev_priv(dev);
4344 unsigned long flags;
4345 int err = -EINPROGRESS; /* Call commit handler */
4347 /* In infrastructure mode the AP sets the channel */
4348 if (priv->iw_mode == IW_MODE_INFRA)
4351 if ( (frq->e == 0) && (frq->m <= 1000) ) {
4352 /* Setting by channel number */
4355 /* Setting by frequency */
4359 /* Calculate denominator to rescale to MHz */
4360 for (i = 0; i < (6 - frq->e); i++)
4363 chan = ieee80211_freq_to_dsss_chan(frq->m / denom);
4366 if ( (chan < 1) || (chan > NUM_CHANNELS) ||
4367 ! (priv->channel_mask & (1 << (chan-1)) ) )
4370 if (orinoco_lock(priv, &flags) != 0)
4373 priv->channel = chan;
4374 if (priv->iw_mode == IW_MODE_MONITOR) {
4375 /* Fast channel change - no commit if successful */
4376 hermes_t *hw = &priv->hw;
4377 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
4378 HERMES_TEST_SET_CHANNEL,
4381 orinoco_unlock(priv, &flags);
4386 static int orinoco_ioctl_getfreq(struct net_device *dev,
4387 struct iw_request_info *info,
4388 struct iw_freq *frq,
4391 struct orinoco_private *priv = netdev_priv(dev);
4394 /* Locking done in there */
4395 tmp = orinoco_hw_get_freq(priv);
4400 frq->m = tmp * 100000;
4406 static int orinoco_ioctl_getsens(struct net_device *dev,
4407 struct iw_request_info *info,
4408 struct iw_param *srq,
4411 struct orinoco_private *priv = netdev_priv(dev);
4412 hermes_t *hw = &priv->hw;
4415 unsigned long flags;
4417 if (!priv->has_sensitivity)
4420 if (orinoco_lock(priv, &flags) != 0)
4422 err = hermes_read_wordrec(hw, USER_BAP,
4423 HERMES_RID_CNFSYSTEMSCALE, &val);
4424 orinoco_unlock(priv, &flags);
4430 srq->fixed = 0; /* auto */
4435 static int orinoco_ioctl_setsens(struct net_device *dev,
4436 struct iw_request_info *info,
4437 struct iw_param *srq,
4440 struct orinoco_private *priv = netdev_priv(dev);
4441 int val = srq->value;
4442 unsigned long flags;
4444 if (!priv->has_sensitivity)
4447 if ((val < 1) || (val > 3))
4450 if (orinoco_lock(priv, &flags) != 0)
4452 priv->ap_density = val;
4453 orinoco_unlock(priv, &flags);
4455 return -EINPROGRESS; /* Call commit handler */
4458 static int orinoco_ioctl_setrts(struct net_device *dev,
4459 struct iw_request_info *info,
4460 struct iw_param *rrq,
4463 struct orinoco_private *priv = netdev_priv(dev);
4464 int val = rrq->value;
4465 unsigned long flags;
4470 if ( (val < 0) || (val > 2347) )
4473 if (orinoco_lock(priv, &flags) != 0)
4476 priv->rts_thresh = val;
4477 orinoco_unlock(priv, &flags);
4479 return -EINPROGRESS; /* Call commit handler */
4482 static int orinoco_ioctl_getrts(struct net_device *dev,
4483 struct iw_request_info *info,
4484 struct iw_param *rrq,
4487 struct orinoco_private *priv = netdev_priv(dev);
4489 rrq->value = priv->rts_thresh;
4490 rrq->disabled = (rrq->value == 2347);
4496 static int orinoco_ioctl_setfrag(struct net_device *dev,
4497 struct iw_request_info *info,
4498 struct iw_param *frq,
4501 struct orinoco_private *priv = netdev_priv(dev);
4502 int err = -EINPROGRESS; /* Call commit handler */
4503 unsigned long flags;
4505 if (orinoco_lock(priv, &flags) != 0)
4508 if (priv->has_mwo) {
4510 priv->mwo_robust = 0;
4513 printk(KERN_WARNING "%s: Fixed fragmentation is "
4514 "not supported on this firmware. "
4515 "Using MWO robust instead.\n", dev->name);
4516 priv->mwo_robust = 1;
4520 priv->frag_thresh = 2346;
4522 if ( (frq->value < 256) || (frq->value > 2346) )
4525 priv->frag_thresh = frq->value & ~0x1; /* must be even */
4529 orinoco_unlock(priv, &flags);
4534 static int orinoco_ioctl_getfrag(struct net_device *dev,
4535 struct iw_request_info *info,
4536 struct iw_param *frq,
4539 struct orinoco_private *priv = netdev_priv(dev);
4540 hermes_t *hw = &priv->hw;
4543 unsigned long flags;
4545 if (orinoco_lock(priv, &flags) != 0)
4548 if (priv->has_mwo) {
4549 err = hermes_read_wordrec(hw, USER_BAP,
4550 HERMES_RID_CNFMWOROBUST_AGERE,
4555 frq->value = val ? 2347 : 0;
4556 frq->disabled = ! val;
4559 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
4565 frq->disabled = (val >= 2346);
4569 orinoco_unlock(priv, &flags);
4574 static int orinoco_ioctl_setrate(struct net_device *dev,
4575 struct iw_request_info *info,
4576 struct iw_param *rrq,
4579 struct orinoco_private *priv = netdev_priv(dev);
4581 int bitrate; /* 100s of kilobits */
4583 unsigned long flags;
4585 /* As the user space doesn't know our highest rate, it uses -1
4586 * to ask us to set the highest rate. Test it using "iwconfig
4587 * ethX rate auto" - Jean II */
4588 if (rrq->value == -1)
4591 if (rrq->value % 100000)
4593 bitrate = rrq->value / 100000;
4596 if ( (bitrate != 10) && (bitrate != 20) &&
4597 (bitrate != 55) && (bitrate != 110) )
4600 for (i = 0; i < BITRATE_TABLE_SIZE; i++)
4601 if ( (bitrate_table[i].bitrate == bitrate) &&
4602 (bitrate_table[i].automatic == ! rrq->fixed) ) {
4610 if (orinoco_lock(priv, &flags) != 0)
4612 priv->bitratemode = ratemode;
4613 orinoco_unlock(priv, &flags);
4615 return -EINPROGRESS;
4618 static int orinoco_ioctl_getrate(struct net_device *dev,
4619 struct iw_request_info *info,
4620 struct iw_param *rrq,
4623 struct orinoco_private *priv = netdev_priv(dev);
4624 hermes_t *hw = &priv->hw;
4629 unsigned long flags;
4631 if (orinoco_lock(priv, &flags) != 0)
4634 ratemode = priv->bitratemode;
4636 BUG_ON((ratemode < 0) || (ratemode >= BITRATE_TABLE_SIZE));
4638 rrq->value = bitrate_table[ratemode].bitrate * 100000;
4639 rrq->fixed = ! bitrate_table[ratemode].automatic;
4642 /* If the interface is running we try to find more about the
4644 if (netif_running(dev)) {
4645 err = hermes_read_wordrec(hw, USER_BAP,
4646 HERMES_RID_CURRENTTXRATE, &val);
4650 switch (priv->firmware_type) {
4651 case FIRMWARE_TYPE_AGERE: /* Lucent style rate */
4652 /* Note : in Lucent firmware, the return value of
4653 * HERMES_RID_CURRENTTXRATE is the bitrate in Mb/s,
4654 * and therefore is totally different from the
4655 * encoding of HERMES_RID_CNFTXRATECONTROL.
4656 * Don't forget that 6Mb/s is really 5.5Mb/s */
4658 rrq->value = 5500000;
4660 rrq->value = val * 1000000;
4662 case FIRMWARE_TYPE_INTERSIL: /* Intersil style rate */
4663 case FIRMWARE_TYPE_SYMBOL: /* Symbol style rate */
4664 for (i = 0; i < BITRATE_TABLE_SIZE; i++)
4665 if (bitrate_table[i].intersil_txratectrl == val) {
4669 if (i >= BITRATE_TABLE_SIZE)
4670 printk(KERN_INFO "%s: Unable to determine current bitrate (0x%04hx)\n",
4673 rrq->value = bitrate_table[ratemode].bitrate * 100000;
4681 orinoco_unlock(priv, &flags);
4686 static int orinoco_ioctl_setpower(struct net_device *dev,
4687 struct iw_request_info *info,
4688 struct iw_param *prq,
4691 struct orinoco_private *priv = netdev_priv(dev);
4692 int err = -EINPROGRESS; /* Call commit handler */
4693 unsigned long flags;
4695 if (orinoco_lock(priv, &flags) != 0)
4698 if (prq->disabled) {
4701 switch (prq->flags & IW_POWER_MODE) {
4702 case IW_POWER_UNICAST_R:
4706 case IW_POWER_ALL_R:
4711 /* No flags : but we may have a value - Jean II */
4718 if (prq->flags & IW_POWER_TIMEOUT) {
4720 priv->pm_timeout = prq->value / 1000;
4722 if (prq->flags & IW_POWER_PERIOD) {
4724 priv->pm_period = prq->value / 1000;
4726 /* It's valid to not have a value if we are just toggling
4727 * the flags... Jean II */
4735 orinoco_unlock(priv, &flags);
4740 static int orinoco_ioctl_getpower(struct net_device *dev,
4741 struct iw_request_info *info,
4742 struct iw_param *prq,
4745 struct orinoco_private *priv = netdev_priv(dev);
4746 hermes_t *hw = &priv->hw;
4748 u16 enable, period, timeout, mcast;
4749 unsigned long flags;
4751 if (orinoco_lock(priv, &flags) != 0)
4754 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFPMENABLED, &enable);
4758 err = hermes_read_wordrec(hw, USER_BAP,
4759 HERMES_RID_CNFMAXSLEEPDURATION, &period);
4763 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFPMHOLDOVERDURATION, &timeout);
4767 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFMULTICASTRECEIVE, &mcast);
4771 prq->disabled = !enable;
4772 /* Note : by default, display the period */
4773 if ((prq->flags & IW_POWER_TYPE) == IW_POWER_TIMEOUT) {
4774 prq->flags = IW_POWER_TIMEOUT;
4775 prq->value = timeout * 1000;
4777 prq->flags = IW_POWER_PERIOD;
4778 prq->value = period * 1000;
4781 prq->flags |= IW_POWER_ALL_R;
4783 prq->flags |= IW_POWER_UNICAST_R;
4786 orinoco_unlock(priv, &flags);
4791 static int orinoco_ioctl_set_encodeext(struct net_device *dev,
4792 struct iw_request_info *info,
4793 union iwreq_data *wrqu,
4796 struct orinoco_private *priv = netdev_priv(dev);
4797 struct iw_point *encoding = &wrqu->encoding;
4798 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
4799 int idx, alg = ext->alg, set_key = 1;
4800 unsigned long flags;
4804 if (orinoco_lock(priv, &flags) != 0)
4807 /* Determine and validate the key index */
4808 idx = encoding->flags & IW_ENCODE_INDEX;
4810 if ((idx < 1) || (idx > 4))
4816 if (encoding->flags & IW_ENCODE_DISABLED)
4817 alg = IW_ENCODE_ALG_NONE;
4819 if (priv->has_wpa && (alg != IW_ENCODE_ALG_TKIP)) {
4820 /* Clear any TKIP TX key we had */
4821 (void) orinoco_clear_tkip_key(priv, priv->tx_key);
4824 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
4826 set_key = ((alg == IW_ENCODE_ALG_TKIP) ||
4827 (ext->key_len > 0)) ? 1 : 0;
4831 /* Set the requested key first */
4833 case IW_ENCODE_ALG_NONE:
4834 priv->encode_alg = alg;
4835 priv->keys[idx].len = 0;
4838 case IW_ENCODE_ALG_WEP:
4839 if (ext->key_len > SMALL_KEY_SIZE)
4840 key_len = LARGE_KEY_SIZE;
4841 else if (ext->key_len > 0)
4842 key_len = SMALL_KEY_SIZE;
4846 priv->encode_alg = alg;
4847 priv->keys[idx].len = cpu_to_le16(key_len);
4849 key_len = min(ext->key_len, key_len);
4851 memset(priv->keys[idx].data, 0, ORINOCO_MAX_KEY_SIZE);
4852 memcpy(priv->keys[idx].data, ext->key, key_len);
4855 case IW_ENCODE_ALG_TKIP:
4857 hermes_t *hw = &priv->hw;
4860 if (!priv->has_wpa ||
4861 (ext->key_len > sizeof(priv->tkip_key[0])))
4864 priv->encode_alg = alg;
4865 memset(&priv->tkip_key[idx], 0,
4866 sizeof(priv->tkip_key[idx]));
4867 memcpy(&priv->tkip_key[idx], ext->key, ext->key_len);
4869 if (ext->ext_flags & IW_ENCODE_EXT_RX_SEQ_VALID)
4870 tkip_iv = &ext->rx_seq[0];
4872 err = __orinoco_hw_set_tkip_key(hw, idx,
4873 ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY,
4874 (u8 *) &priv->tkip_key[idx],
4877 printk(KERN_ERR "%s: Error %d setting TKIP key"
4878 "\n", dev->name, err);
4888 orinoco_unlock(priv, &flags);
4893 static int orinoco_ioctl_get_encodeext(struct net_device *dev,
4894 struct iw_request_info *info,
4895 union iwreq_data *wrqu,
4898 struct orinoco_private *priv = netdev_priv(dev);
4899 struct iw_point *encoding = &wrqu->encoding;
4900 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
4901 int idx, max_key_len;
4902 unsigned long flags;
4905 if (orinoco_lock(priv, &flags) != 0)
4909 max_key_len = encoding->length - sizeof(*ext);
4910 if (max_key_len < 0)
4913 idx = encoding->flags & IW_ENCODE_INDEX;
4915 if ((idx < 1) || (idx > 4))
4921 encoding->flags = idx + 1;
4922 memset(ext, 0, sizeof(*ext));
4924 ext->alg = priv->encode_alg;
4925 switch (priv->encode_alg) {
4926 case IW_ENCODE_ALG_NONE:
4928 encoding->flags |= IW_ENCODE_DISABLED;
4930 case IW_ENCODE_ALG_WEP:
4931 ext->key_len = min_t(u16, le16_to_cpu(priv->keys[idx].len),
4933 memcpy(ext->key, priv->keys[idx].data, ext->key_len);
4934 encoding->flags |= IW_ENCODE_ENABLED;
4936 case IW_ENCODE_ALG_TKIP:
4937 ext->key_len = min_t(u16, sizeof(struct orinoco_tkip_key),
4939 memcpy(ext->key, &priv->tkip_key[idx], ext->key_len);
4940 encoding->flags |= IW_ENCODE_ENABLED;
4946 orinoco_unlock(priv, &flags);
4951 static int orinoco_ioctl_set_auth(struct net_device *dev,
4952 struct iw_request_info *info,
4953 union iwreq_data *wrqu, char *extra)
4955 struct orinoco_private *priv = netdev_priv(dev);
4956 hermes_t *hw = &priv->hw;
4957 struct iw_param *param = &wrqu->param;
4958 unsigned long flags;
4959 int ret = -EINPROGRESS;
4961 if (orinoco_lock(priv, &flags) != 0)
4964 switch (param->flags & IW_AUTH_INDEX) {
4965 case IW_AUTH_WPA_VERSION:
4966 case IW_AUTH_CIPHER_PAIRWISE:
4967 case IW_AUTH_CIPHER_GROUP:
4968 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
4969 case IW_AUTH_PRIVACY_INVOKED:
4970 case IW_AUTH_DROP_UNENCRYPTED:
4972 * orinoco does not use these parameters
4976 case IW_AUTH_KEY_MGMT:
4977 /* wl_lkm implies value 2 == PSK for Hermes I
4978 * which ties in with WEXT
4979 * no other hints tho :(
4981 priv->key_mgmt = param->value;
4984 case IW_AUTH_TKIP_COUNTERMEASURES:
4985 /* When countermeasures are enabled, shut down the
4986 * card; when disabled, re-enable the card. This must
4987 * take effect immediately.
4989 * TODO: Make sure that the EAPOL message is getting
4990 * out before card disabled
4993 priv->tkip_cm_active = 1;
4994 ret = hermes_enable_port(hw, 0);
4996 priv->tkip_cm_active = 0;
4997 ret = hermes_disable_port(hw, 0);
5001 case IW_AUTH_80211_AUTH_ALG:
5002 if (param->value & IW_AUTH_ALG_SHARED_KEY)
5003 priv->wep_restrict = 1;
5004 else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM)
5005 priv->wep_restrict = 0;
5010 case IW_AUTH_WPA_ENABLED:
5011 if (priv->has_wpa) {
5012 priv->wpa_enabled = param->value ? 1 : 0;
5016 /* else silently accept disable of WPA */
5017 priv->wpa_enabled = 0;
5025 orinoco_unlock(priv, &flags);
5029 static int orinoco_ioctl_get_auth(struct net_device *dev,
5030 struct iw_request_info *info,
5031 union iwreq_data *wrqu, char *extra)
5033 struct orinoco_private *priv = netdev_priv(dev);
5034 struct iw_param *param = &wrqu->param;
5035 unsigned long flags;
5038 if (orinoco_lock(priv, &flags) != 0)
5041 switch (param->flags & IW_AUTH_INDEX) {
5042 case IW_AUTH_KEY_MGMT:
5043 param->value = priv->key_mgmt;
5046 case IW_AUTH_TKIP_COUNTERMEASURES:
5047 param->value = priv->tkip_cm_active;
5050 case IW_AUTH_80211_AUTH_ALG:
5051 if (priv->wep_restrict)
5052 param->value = IW_AUTH_ALG_SHARED_KEY;
5054 param->value = IW_AUTH_ALG_OPEN_SYSTEM;
5057 case IW_AUTH_WPA_ENABLED:
5058 param->value = priv->wpa_enabled;
5065 orinoco_unlock(priv, &flags);
5069 static int orinoco_ioctl_set_genie(struct net_device *dev,
5070 struct iw_request_info *info,
5071 union iwreq_data *wrqu, char *extra)
5073 struct orinoco_private *priv = netdev_priv(dev);
5075 unsigned long flags;
5077 /* cut off at IEEE80211_MAX_DATA_LEN */
5078 if ((wrqu->data.length > IEEE80211_MAX_DATA_LEN) ||
5079 (wrqu->data.length && (extra == NULL)))
5082 if (wrqu->data.length) {
5083 buf = kmalloc(wrqu->data.length, GFP_KERNEL);
5087 memcpy(buf, extra, wrqu->data.length);
5091 if (orinoco_lock(priv, &flags) != 0) {
5096 kfree(priv->wpa_ie);
5098 priv->wpa_ie_len = wrqu->data.length;
5101 /* Looks like wl_lkm wants to check the auth alg, and
5102 * somehow pass it to the firmware.
5103 * Instead it just calls the key mgmt rid
5104 * - we do this in set auth.
5108 orinoco_unlock(priv, &flags);
5112 static int orinoco_ioctl_get_genie(struct net_device *dev,
5113 struct iw_request_info *info,
5114 union iwreq_data *wrqu, char *extra)
5116 struct orinoco_private *priv = netdev_priv(dev);
5117 unsigned long flags;
5120 if (orinoco_lock(priv, &flags) != 0)
5123 if ((priv->wpa_ie_len == 0) || (priv->wpa_ie == NULL)) {
5124 wrqu->data.length = 0;
5128 if (wrqu->data.length < priv->wpa_ie_len) {
5133 wrqu->data.length = priv->wpa_ie_len;
5134 memcpy(extra, priv->wpa_ie, priv->wpa_ie_len);
5137 orinoco_unlock(priv, &flags);
5141 static int orinoco_ioctl_set_mlme(struct net_device *dev,
5142 struct iw_request_info *info,
5143 union iwreq_data *wrqu, char *extra)
5145 struct orinoco_private *priv = netdev_priv(dev);
5146 hermes_t *hw = &priv->hw;
5147 struct iw_mlme *mlme = (struct iw_mlme *)extra;
5148 unsigned long flags;
5151 if (orinoco_lock(priv, &flags) != 0)
5154 switch (mlme->cmd) {
5155 case IW_MLME_DEAUTH:
5156 /* silently ignore */
5159 case IW_MLME_DISASSOC:
5164 } __attribute__ ((packed)) buf;
5166 memcpy(buf.addr, mlme->addr.sa_data, ETH_ALEN);
5167 buf.reason_code = cpu_to_le16(mlme->reason_code);
5168 ret = HERMES_WRITE_RECORD(hw, USER_BAP,
5169 HERMES_RID_CNFDISASSOCIATE,
5177 orinoco_unlock(priv, &flags);
5181 static int orinoco_ioctl_getretry(struct net_device *dev,
5182 struct iw_request_info *info,
5183 struct iw_param *rrq,
5186 struct orinoco_private *priv = netdev_priv(dev);
5187 hermes_t *hw = &priv->hw;
5189 u16 short_limit, long_limit, lifetime;
5190 unsigned long flags;
5192 if (orinoco_lock(priv, &flags) != 0)
5195 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_SHORTRETRYLIMIT,
5200 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_LONGRETRYLIMIT,
5205 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_MAXTRANSMITLIFETIME,
5210 rrq->disabled = 0; /* Can't be disabled */
5212 /* Note : by default, display the retry number */
5213 if ((rrq->flags & IW_RETRY_TYPE) == IW_RETRY_LIFETIME) {
5214 rrq->flags = IW_RETRY_LIFETIME;
5215 rrq->value = lifetime * 1000; /* ??? */
5217 /* By default, display the min number */
5218 if ((rrq->flags & IW_RETRY_LONG)) {
5219 rrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
5220 rrq->value = long_limit;
5222 rrq->flags = IW_RETRY_LIMIT;
5223 rrq->value = short_limit;
5224 if(short_limit != long_limit)
5225 rrq->flags |= IW_RETRY_SHORT;
5230 orinoco_unlock(priv, &flags);
5235 static int orinoco_ioctl_reset(struct net_device *dev,
5236 struct iw_request_info *info,
5240 struct orinoco_private *priv = netdev_priv(dev);
5242 if (! capable(CAP_NET_ADMIN))
5245 if (info->cmd == (SIOCIWFIRSTPRIV + 0x1)) {
5246 printk(KERN_DEBUG "%s: Forcing reset!\n", dev->name);
5248 /* Firmware reset */
5249 orinoco_reset(&priv->reset_work);
5251 printk(KERN_DEBUG "%s: Force scheduling reset!\n", dev->name);
5253 schedule_work(&priv->reset_work);
5259 static int orinoco_ioctl_setibssport(struct net_device *dev,
5260 struct iw_request_info *info,
5265 struct orinoco_private *priv = netdev_priv(dev);
5266 int val = *( (int *) extra );
5267 unsigned long flags;
5269 if (orinoco_lock(priv, &flags) != 0)
5272 priv->ibss_port = val ;
5274 /* Actually update the mode we are using */
5275 set_port_type(priv);
5277 orinoco_unlock(priv, &flags);
5278 return -EINPROGRESS; /* Call commit handler */
5281 static int orinoco_ioctl_getibssport(struct net_device *dev,
5282 struct iw_request_info *info,
5286 struct orinoco_private *priv = netdev_priv(dev);
5287 int *val = (int *) extra;
5289 *val = priv->ibss_port;
5293 static int orinoco_ioctl_setport3(struct net_device *dev,
5294 struct iw_request_info *info,
5298 struct orinoco_private *priv = netdev_priv(dev);
5299 int val = *( (int *) extra );
5301 unsigned long flags;
5303 if (orinoco_lock(priv, &flags) != 0)
5307 case 0: /* Try to do IEEE ad-hoc mode */
5308 if (! priv->has_ibss) {
5312 priv->prefer_port3 = 0;
5316 case 1: /* Try to do Lucent proprietary ad-hoc mode */
5317 if (! priv->has_port3) {
5321 priv->prefer_port3 = 1;
5329 /* Actually update the mode we are using */
5330 set_port_type(priv);
5334 orinoco_unlock(priv, &flags);
5339 static int orinoco_ioctl_getport3(struct net_device *dev,
5340 struct iw_request_info *info,
5344 struct orinoco_private *priv = netdev_priv(dev);
5345 int *val = (int *) extra;
5347 *val = priv->prefer_port3;
5351 static int orinoco_ioctl_setpreamble(struct net_device *dev,
5352 struct iw_request_info *info,
5356 struct orinoco_private *priv = netdev_priv(dev);
5357 unsigned long flags;
5360 if (! priv->has_preamble)
5363 /* 802.11b has recently defined some short preamble.
5364 * Basically, the Phy header has been reduced in size.
5365 * This increase performance, especially at high rates
5366 * (the preamble is transmitted at 1Mb/s), unfortunately
5367 * this give compatibility troubles... - Jean II */
5368 val = *( (int *) extra );
5370 if (orinoco_lock(priv, &flags) != 0)
5378 orinoco_unlock(priv, &flags);
5380 return -EINPROGRESS; /* Call commit handler */
5383 static int orinoco_ioctl_getpreamble(struct net_device *dev,
5384 struct iw_request_info *info,
5388 struct orinoco_private *priv = netdev_priv(dev);
5389 int *val = (int *) extra;
5391 if (! priv->has_preamble)
5394 *val = priv->preamble;
5398 /* ioctl interface to hermes_read_ltv()
5399 * To use with iwpriv, pass the RID as the token argument, e.g.
5400 * iwpriv get_rid [0xfc00]
5401 * At least Wireless Tools 25 is required to use iwpriv.
5402 * For Wireless Tools 25 and 26 append "dummy" are the end. */
5403 static int orinoco_ioctl_getrid(struct net_device *dev,
5404 struct iw_request_info *info,
5405 struct iw_point *data,
5408 struct orinoco_private *priv = netdev_priv(dev);
5409 hermes_t *hw = &priv->hw;
5410 int rid = data->flags;
5413 unsigned long flags;
5415 /* It's a "get" function, but we don't want users to access the
5416 * WEP key and other raw firmware data */
5417 if (! capable(CAP_NET_ADMIN))
5420 if (rid < 0xfc00 || rid > 0xffff)
5423 if (orinoco_lock(priv, &flags) != 0)
5426 err = hermes_read_ltv(hw, USER_BAP, rid, MAX_RID_LEN, &length,
5431 data->length = min_t(u16, HERMES_RECLEN_TO_BYTES(length),
5435 orinoco_unlock(priv, &flags);
5439 /* Trigger a scan (look for other cells in the vicinity) */
5440 static int orinoco_ioctl_setscan(struct net_device *dev,
5441 struct iw_request_info *info,
5442 struct iw_point *srq,
5445 struct orinoco_private *priv = netdev_priv(dev);
5446 hermes_t *hw = &priv->hw;
5447 struct iw_scan_req *si = (struct iw_scan_req *) extra;
5449 unsigned long flags;
5451 /* Note : you may have realised that, as this is a SET operation,
5452 * this is privileged and therefore a normal user can't
5454 * This is not an error, while the device perform scanning,
5455 * traffic doesn't flow, so it's a perfect DoS...
5458 if (orinoco_lock(priv, &flags) != 0)
5461 /* Scanning with port 0 disabled would fail */
5462 if (!netif_running(dev)) {
5467 /* In monitor mode, the scan results are always empty.
5468 * Probe responses are passed to the driver as received
5469 * frames and could be processed in software. */
5470 if (priv->iw_mode == IW_MODE_MONITOR) {
5475 /* Note : because we don't lock out the irq handler, the way
5476 * we access scan variables in priv is critical.
5477 * o scan_inprogress : not touched by irq handler
5478 * o scan_mode : not touched by irq handler
5479 * Before modifying anything on those variables, please think hard !
5483 priv->scan_mode = srq->flags;
5485 /* Always trigger scanning, even if it's in progress.
5486 * This way, if the info frame get lost, we will recover somewhat
5487 * gracefully - Jean II */
5489 if (priv->has_hostscan) {
5490 switch (priv->firmware_type) {
5491 case FIRMWARE_TYPE_SYMBOL:
5492 err = hermes_write_wordrec(hw, USER_BAP,
5493 HERMES_RID_CNFHOSTSCAN_SYMBOL,
5494 HERMES_HOSTSCAN_SYMBOL_ONCE |
5495 HERMES_HOSTSCAN_SYMBOL_BCAST);
5497 case FIRMWARE_TYPE_INTERSIL: {
5500 req[0] = cpu_to_le16(0x3fff); /* All channels */
5501 req[1] = cpu_to_le16(0x0001); /* rate 1 Mbps */
5502 req[2] = 0; /* Any ESSID */
5503 err = HERMES_WRITE_RECORD(hw, USER_BAP,
5504 HERMES_RID_CNFHOSTSCAN, &req);
5507 case FIRMWARE_TYPE_AGERE:
5508 if (priv->scan_mode & IW_SCAN_THIS_ESSID) {
5509 struct hermes_idstring idbuf;
5510 size_t len = min(sizeof(idbuf.val),
5511 (size_t) si->essid_len);
5512 idbuf.len = cpu_to_le16(len);
5513 memcpy(idbuf.val, si->essid, len);
5515 err = hermes_write_ltv(hw, USER_BAP,
5516 HERMES_RID_CNFSCANSSID_AGERE,
5517 HERMES_BYTES_TO_RECLEN(len + 2),
5520 err = hermes_write_wordrec(hw, USER_BAP,
5521 HERMES_RID_CNFSCANSSID_AGERE,
5526 if (priv->has_ext_scan) {
5527 /* Clear scan results at the start of
5528 * an extended scan */
5529 orinoco_clear_scan_results(priv,
5530 msecs_to_jiffies(15000));
5532 /* TODO: Is this available on older firmware?
5533 * Can we use it to scan specific channels
5534 * for IW_SCAN_THIS_FREQ? */
5535 err = hermes_write_wordrec(hw, USER_BAP,
5536 HERMES_RID_CNFSCANCHANNELS2GHZ,
5541 err = hermes_inquire(hw,
5542 HERMES_INQ_CHANNELINFO);
5544 err = hermes_inquire(hw, HERMES_INQ_SCAN);
5548 err = hermes_inquire(hw, HERMES_INQ_SCAN);
5550 /* One more client */
5552 priv->scan_inprogress = 1;
5555 orinoco_unlock(priv, &flags);
5559 #define MAX_CUSTOM_LEN 64
5561 /* Translate scan data returned from the card to a card independant
5562 * format that the Wireless Tools will understand - Jean II */
5563 static inline char *orinoco_translate_scan(struct net_device *dev,
5564 struct iw_request_info *info,
5567 union hermes_scan_info *bss,
5568 unsigned long last_scanned)
5570 struct orinoco_private *priv = netdev_priv(dev);
5573 struct iw_event iwe; /* Temporary buffer */
5574 char custom[MAX_CUSTOM_LEN];
5576 memset(&iwe, 0, sizeof(iwe));
5578 /* First entry *MUST* be the AP MAC address */
5579 iwe.cmd = SIOCGIWAP;
5580 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
5581 memcpy(iwe.u.ap_addr.sa_data, bss->a.bssid, ETH_ALEN);
5582 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5583 &iwe, IW_EV_ADDR_LEN);
5585 /* Other entries will be displayed in the order we give them */
5588 iwe.u.data.length = le16_to_cpu(bss->a.essid_len);
5589 if (iwe.u.data.length > 32)
5590 iwe.u.data.length = 32;
5591 iwe.cmd = SIOCGIWESSID;
5592 iwe.u.data.flags = 1;
5593 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5594 &iwe, bss->a.essid);
5597 iwe.cmd = SIOCGIWMODE;
5598 capabilities = le16_to_cpu(bss->a.capabilities);
5599 if (capabilities & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
5600 if (capabilities & WLAN_CAPABILITY_ESS)
5601 iwe.u.mode = IW_MODE_MASTER;
5603 iwe.u.mode = IW_MODE_ADHOC;
5604 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5605 &iwe, IW_EV_UINT_LEN);
5608 channel = bss->s.channel;
5609 if ((channel >= 1) && (channel <= NUM_CHANNELS)) {
5610 /* Add channel and frequency */
5611 iwe.cmd = SIOCGIWFREQ;
5612 iwe.u.freq.m = channel;
5614 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5615 &iwe, IW_EV_FREQ_LEN);
5617 iwe.u.freq.m = ieee80211_dsss_chan_to_freq(channel) * 100000;
5619 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5620 &iwe, IW_EV_FREQ_LEN);
5623 /* Add quality statistics. level and noise in dB. No link quality */
5625 iwe.u.qual.updated = IW_QUAL_DBM | IW_QUAL_QUAL_INVALID;
5626 iwe.u.qual.level = (__u8) le16_to_cpu(bss->a.level) - 0x95;
5627 iwe.u.qual.noise = (__u8) le16_to_cpu(bss->a.noise) - 0x95;
5628 /* Wireless tools prior to 27.pre22 will show link quality
5629 * anyway, so we provide a reasonable value. */
5630 if (iwe.u.qual.level > iwe.u.qual.noise)
5631 iwe.u.qual.qual = iwe.u.qual.level - iwe.u.qual.noise;
5633 iwe.u.qual.qual = 0;
5634 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5635 &iwe, IW_EV_QUAL_LEN);
5637 /* Add encryption capability */
5638 iwe.cmd = SIOCGIWENCODE;
5639 if (capabilities & WLAN_CAPABILITY_PRIVACY)
5640 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
5642 iwe.u.data.flags = IW_ENCODE_DISABLED;
5643 iwe.u.data.length = 0;
5644 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5647 /* Bit rate is not available in Lucent/Agere firmwares */
5648 if (priv->firmware_type != FIRMWARE_TYPE_AGERE) {
5649 char *current_val = current_ev + iwe_stream_lcp_len(info);
5653 if (priv->firmware_type == FIRMWARE_TYPE_SYMBOL)
5658 iwe.cmd = SIOCGIWRATE;
5659 /* Those two flags are ignored... */
5660 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
5662 for (i = 0; i < 10; i += step) {
5663 /* NULL terminated */
5664 if (bss->p.rates[i] == 0x0)
5666 /* Bit rate given in 500 kb/s units (+ 0x80) */
5667 iwe.u.bitrate.value =
5668 ((bss->p.rates[i] & 0x7f) * 500000);
5669 current_val = iwe_stream_add_value(info, current_ev,
5674 /* Check if we added any event */
5675 if ((current_val - current_ev) > iwe_stream_lcp_len(info))
5676 current_ev = current_val;
5679 /* Beacon interval */
5680 iwe.cmd = IWEVCUSTOM;
5681 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5683 le16_to_cpu(bss->a.beacon_interv));
5684 if (iwe.u.data.length)
5685 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5689 iwe.cmd = IWEVCUSTOM;
5690 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5693 if (iwe.u.data.length)
5694 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5697 /* Add EXTRA: Age to display seconds since last beacon/probe response
5698 * for given network. */
5699 iwe.cmd = IWEVCUSTOM;
5700 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5701 " Last beacon: %dms ago",
5702 jiffies_to_msecs(jiffies - last_scanned));
5703 if (iwe.u.data.length)
5704 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5710 static inline char *orinoco_translate_ext_scan(struct net_device *dev,
5711 struct iw_request_info *info,
5714 struct agere_ext_scan_info *bss,
5715 unsigned long last_scanned)
5719 struct iw_event iwe; /* Temporary buffer */
5720 char custom[MAX_CUSTOM_LEN];
5723 memset(&iwe, 0, sizeof(iwe));
5725 /* First entry *MUST* be the AP MAC address */
5726 iwe.cmd = SIOCGIWAP;
5727 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
5728 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
5729 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5730 &iwe, IW_EV_ADDR_LEN);
5732 /* Other entries will be displayed in the order we give them */
5736 iwe.u.data.length = ie[1];
5737 if (iwe.u.data.length) {
5738 if (iwe.u.data.length > 32)
5739 iwe.u.data.length = 32;
5740 iwe.cmd = SIOCGIWESSID;
5741 iwe.u.data.flags = 1;
5742 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5747 capabilities = le16_to_cpu(bss->capabilities);
5748 if (capabilities & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
5749 iwe.cmd = SIOCGIWMODE;
5750 if (capabilities & WLAN_CAPABILITY_ESS)
5751 iwe.u.mode = IW_MODE_MASTER;
5753 iwe.u.mode = IW_MODE_ADHOC;
5754 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5755 &iwe, IW_EV_UINT_LEN);
5758 ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_DS_PARAMS);
5759 channel = ie ? ie[2] : 0;
5760 if ((channel >= 1) && (channel <= NUM_CHANNELS)) {
5761 /* Add channel and frequency */
5762 iwe.cmd = SIOCGIWFREQ;
5763 iwe.u.freq.m = channel;
5765 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5766 &iwe, IW_EV_FREQ_LEN);
5768 iwe.u.freq.m = ieee80211_dsss_chan_to_freq(channel) * 100000;
5770 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5771 &iwe, IW_EV_FREQ_LEN);
5774 /* Add quality statistics. level and noise in dB. No link quality */
5776 iwe.u.qual.updated = IW_QUAL_DBM | IW_QUAL_QUAL_INVALID;
5777 iwe.u.qual.level = bss->level - 0x95;
5778 iwe.u.qual.noise = bss->noise - 0x95;
5779 /* Wireless tools prior to 27.pre22 will show link quality
5780 * anyway, so we provide a reasonable value. */
5781 if (iwe.u.qual.level > iwe.u.qual.noise)
5782 iwe.u.qual.qual = iwe.u.qual.level - iwe.u.qual.noise;
5784 iwe.u.qual.qual = 0;
5785 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5786 &iwe, IW_EV_QUAL_LEN);
5788 /* Add encryption capability */
5789 iwe.cmd = SIOCGIWENCODE;
5790 if (capabilities & WLAN_CAPABILITY_PRIVACY)
5791 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
5793 iwe.u.data.flags = IW_ENCODE_DISABLED;
5794 iwe.u.data.length = 0;
5795 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5799 ie = orinoco_get_wpa_ie(bss->data, sizeof(bss->data));
5801 iwe.cmd = IWEVGENIE;
5802 iwe.u.data.length = ie[1] + 2;
5803 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5808 ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_RSN);
5810 iwe.cmd = IWEVGENIE;
5811 iwe.u.data.length = ie[1] + 2;
5812 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5816 ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_SUPP_RATES);
5818 char *p = current_ev + iwe_stream_lcp_len(info);
5821 iwe.cmd = SIOCGIWRATE;
5822 /* Those two flags are ignored... */
5823 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
5825 for (i = 2; i < (ie[1] + 2); i++) {
5826 iwe.u.bitrate.value = ((ie[i] & 0x7F) * 500000);
5827 p = iwe_stream_add_value(info, current_ev, p, end_buf,
5828 &iwe, IW_EV_PARAM_LEN);
5830 /* Check if we added any event */
5831 if (p > (current_ev + iwe_stream_lcp_len(info)))
5836 iwe.cmd = IWEVCUSTOM;
5838 snprintf(custom, MAX_CUSTOM_LEN, "tsf=%016llx",
5839 (unsigned long long) le64_to_cpu(bss->timestamp));
5840 if (iwe.u.data.length)
5841 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5844 /* Beacon interval */
5845 iwe.cmd = IWEVCUSTOM;
5846 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5848 le16_to_cpu(bss->beacon_interval));
5849 if (iwe.u.data.length)
5850 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5854 iwe.cmd = IWEVCUSTOM;
5855 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5858 if (iwe.u.data.length)
5859 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5862 /* Add EXTRA: Age to display seconds since last beacon/probe response
5863 * for given network. */
5864 iwe.cmd = IWEVCUSTOM;
5865 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5866 " Last beacon: %dms ago",
5867 jiffies_to_msecs(jiffies - last_scanned));
5868 if (iwe.u.data.length)
5869 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5875 /* Return results of a scan */
5876 static int orinoco_ioctl_getscan(struct net_device *dev,
5877 struct iw_request_info *info,
5878 struct iw_point *srq,
5881 struct orinoco_private *priv = netdev_priv(dev);
5883 unsigned long flags;
5884 char *current_ev = extra;
5886 if (orinoco_lock(priv, &flags) != 0)
5889 if (priv->scan_inprogress) {
5890 /* Important note : we don't want to block the caller
5891 * until results are ready for various reasons.
5892 * First, managing wait queues is complex and racy.
5893 * Second, we grab some rtnetlink lock before comming
5894 * here (in dev_ioctl()).
5895 * Third, we generate an Wireless Event, so the
5896 * caller can wait itself on that - Jean II */
5901 if (priv->has_ext_scan) {
5902 struct xbss_element *bss;
5904 list_for_each_entry(bss, &priv->bss_list, list) {
5905 /* Translate this entry to WE format */
5907 orinoco_translate_ext_scan(dev, info,
5909 extra + srq->length,
5913 /* Check if there is space for one more entry */
5914 if ((extra + srq->length - current_ev)
5915 <= IW_EV_ADDR_LEN) {
5916 /* Ask user space to try again with a
5924 struct bss_element *bss;
5926 list_for_each_entry(bss, &priv->bss_list, list) {
5927 /* Translate this entry to WE format */
5928 current_ev = orinoco_translate_scan(dev, info,
5930 extra + srq->length,
5934 /* Check if there is space for one more entry */
5935 if ((extra + srq->length - current_ev)
5936 <= IW_EV_ADDR_LEN) {
5937 /* Ask user space to try again with a
5945 srq->length = (current_ev - extra);
5946 srq->flags = (__u16) priv->scan_mode;
5949 orinoco_unlock(priv, &flags);
5953 /* Commit handler, called after set operations */
5954 static int orinoco_ioctl_commit(struct net_device *dev,
5955 struct iw_request_info *info,
5959 struct orinoco_private *priv = netdev_priv(dev);
5960 struct hermes *hw = &priv->hw;
5961 unsigned long flags;
5967 if (priv->broken_disableport) {
5968 orinoco_reset(&priv->reset_work);
5972 if (orinoco_lock(priv, &flags) != 0)
5975 err = hermes_disable_port(hw, 0);
5977 printk(KERN_WARNING "%s: Unable to disable port "
5978 "while reconfiguring card\n", dev->name);
5979 priv->broken_disableport = 1;
5983 err = __orinoco_program_rids(dev);
5985 printk(KERN_WARNING "%s: Unable to reconfigure card\n",
5990 err = hermes_enable_port(hw, 0);
5992 printk(KERN_WARNING "%s: Unable to enable port while reconfiguring card\n",
5999 printk(KERN_WARNING "%s: Resetting instead...\n", dev->name);
6000 schedule_work(&priv->reset_work);
6004 orinoco_unlock(priv, &flags);
6008 static const struct iw_priv_args orinoco_privtab[] = {
6009 { SIOCIWFIRSTPRIV + 0x0, 0, 0, "force_reset" },
6010 { SIOCIWFIRSTPRIV + 0x1, 0, 0, "card_reset" },
6011 { SIOCIWFIRSTPRIV + 0x2, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6013 { SIOCIWFIRSTPRIV + 0x3, 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6015 { SIOCIWFIRSTPRIV + 0x4, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6016 0, "set_preamble" },
6017 { SIOCIWFIRSTPRIV + 0x5, 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6019 { SIOCIWFIRSTPRIV + 0x6, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6020 0, "set_ibssport" },
6021 { SIOCIWFIRSTPRIV + 0x7, 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6023 { SIOCIWFIRSTPRIV + 0x9, 0, IW_PRIV_TYPE_BYTE | MAX_RID_LEN,
6029 * Structures to export the Wireless Handlers
6032 #define STD_IW_HANDLER(id, func) \
6033 [IW_IOCTL_IDX(id)] = (iw_handler) func
6034 static const iw_handler orinoco_handler[] = {
6035 STD_IW_HANDLER(SIOCSIWCOMMIT, orinoco_ioctl_commit),
6036 STD_IW_HANDLER(SIOCGIWNAME, orinoco_ioctl_getname),
6037 STD_IW_HANDLER(SIOCSIWFREQ, orinoco_ioctl_setfreq),
6038 STD_IW_HANDLER(SIOCGIWFREQ, orinoco_ioctl_getfreq),
6039 STD_IW_HANDLER(SIOCSIWMODE, orinoco_ioctl_setmode),
6040 STD_IW_HANDLER(SIOCGIWMODE, orinoco_ioctl_getmode),
6041 STD_IW_HANDLER(SIOCSIWSENS, orinoco_ioctl_setsens),
6042 STD_IW_HANDLER(SIOCGIWSENS, orinoco_ioctl_getsens),
6043 STD_IW_HANDLER(SIOCGIWRANGE, orinoco_ioctl_getiwrange),
6044 STD_IW_HANDLER(SIOCSIWSPY, iw_handler_set_spy),
6045 STD_IW_HANDLER(SIOCGIWSPY, iw_handler_get_spy),
6046 STD_IW_HANDLER(SIOCSIWTHRSPY, iw_handler_set_thrspy),
6047 STD_IW_HANDLER(SIOCGIWTHRSPY, iw_handler_get_thrspy),
6048 STD_IW_HANDLER(SIOCSIWAP, orinoco_ioctl_setwap),
6049 STD_IW_HANDLER(SIOCGIWAP, orinoco_ioctl_getwap),
6050 STD_IW_HANDLER(SIOCSIWSCAN, orinoco_ioctl_setscan),
6051 STD_IW_HANDLER(SIOCGIWSCAN, orinoco_ioctl_getscan),
6052 STD_IW_HANDLER(SIOCSIWESSID, orinoco_ioctl_setessid),
6053 STD_IW_HANDLER(SIOCGIWESSID, orinoco_ioctl_getessid),
6054 STD_IW_HANDLER(SIOCSIWNICKN, orinoco_ioctl_setnick),
6055 STD_IW_HANDLER(SIOCGIWNICKN, orinoco_ioctl_getnick),
6056 STD_IW_HANDLER(SIOCSIWRATE, orinoco_ioctl_setrate),
6057 STD_IW_HANDLER(SIOCGIWRATE, orinoco_ioctl_getrate),
6058 STD_IW_HANDLER(SIOCSIWRTS, orinoco_ioctl_setrts),
6059 STD_IW_HANDLER(SIOCGIWRTS, orinoco_ioctl_getrts),
6060 STD_IW_HANDLER(SIOCSIWFRAG, orinoco_ioctl_setfrag),
6061 STD_IW_HANDLER(SIOCGIWFRAG, orinoco_ioctl_getfrag),
6062 STD_IW_HANDLER(SIOCGIWRETRY, orinoco_ioctl_getretry),
6063 STD_IW_HANDLER(SIOCSIWENCODE, orinoco_ioctl_setiwencode),
6064 STD_IW_HANDLER(SIOCGIWENCODE, orinoco_ioctl_getiwencode),
6065 STD_IW_HANDLER(SIOCSIWPOWER, orinoco_ioctl_setpower),
6066 STD_IW_HANDLER(SIOCGIWPOWER, orinoco_ioctl_getpower),
6067 STD_IW_HANDLER(SIOCSIWGENIE, orinoco_ioctl_set_genie),
6068 STD_IW_HANDLER(SIOCGIWGENIE, orinoco_ioctl_get_genie),
6069 STD_IW_HANDLER(SIOCSIWMLME, orinoco_ioctl_set_mlme),
6070 STD_IW_HANDLER(SIOCSIWAUTH, orinoco_ioctl_set_auth),
6071 STD_IW_HANDLER(SIOCGIWAUTH, orinoco_ioctl_get_auth),
6072 STD_IW_HANDLER(SIOCSIWENCODEEXT, orinoco_ioctl_set_encodeext),
6073 STD_IW_HANDLER(SIOCGIWENCODEEXT, orinoco_ioctl_get_encodeext),
6078 Added typecasting since we no longer use iwreq_data -- Moustafa
6080 static const iw_handler orinoco_private_handler[] = {
6081 [0] = (iw_handler) orinoco_ioctl_reset,
6082 [1] = (iw_handler) orinoco_ioctl_reset,
6083 [2] = (iw_handler) orinoco_ioctl_setport3,
6084 [3] = (iw_handler) orinoco_ioctl_getport3,
6085 [4] = (iw_handler) orinoco_ioctl_setpreamble,
6086 [5] = (iw_handler) orinoco_ioctl_getpreamble,
6087 [6] = (iw_handler) orinoco_ioctl_setibssport,
6088 [7] = (iw_handler) orinoco_ioctl_getibssport,
6089 [9] = (iw_handler) orinoco_ioctl_getrid,
6092 static const struct iw_handler_def orinoco_handler_def = {
6093 .num_standard = ARRAY_SIZE(orinoco_handler),
6094 .num_private = ARRAY_SIZE(orinoco_private_handler),
6095 .num_private_args = ARRAY_SIZE(orinoco_privtab),
6096 .standard = orinoco_handler,
6097 .private = orinoco_private_handler,
6098 .private_args = orinoco_privtab,
6099 .get_wireless_stats = orinoco_get_wireless_stats,
6102 static void orinoco_get_drvinfo(struct net_device *dev,
6103 struct ethtool_drvinfo *info)
6105 struct orinoco_private *priv = netdev_priv(dev);
6107 strncpy(info->driver, DRIVER_NAME, sizeof(info->driver) - 1);
6108 strncpy(info->version, DRIVER_VERSION, sizeof(info->version) - 1);
6109 strncpy(info->fw_version, priv->fw_name, sizeof(info->fw_version) - 1);
6110 if (dev->dev.parent)
6111 strncpy(info->bus_info, dev_name(dev->dev.parent),
6112 sizeof(info->bus_info) - 1);
6114 snprintf(info->bus_info, sizeof(info->bus_info) - 1,
6115 "PCMCIA %p", priv->hw.iobase);
6118 static const struct ethtool_ops orinoco_ethtool_ops = {
6119 .get_drvinfo = orinoco_get_drvinfo,
6120 .get_link = ethtool_op_get_link,
6123 /********************************************************************/
6124 /* Module initialization */
6125 /********************************************************************/
6127 EXPORT_SYMBOL(alloc_orinocodev);
6128 EXPORT_SYMBOL(free_orinocodev);
6130 EXPORT_SYMBOL(__orinoco_up);
6131 EXPORT_SYMBOL(__orinoco_down);
6132 EXPORT_SYMBOL(orinoco_reinit_firmware);
6134 EXPORT_SYMBOL(orinoco_interrupt);
6136 /* Can't be declared "const" or the whole __initdata section will
6138 static char version[] __initdata = DRIVER_NAME " " DRIVER_VERSION
6139 " (David Gibson <hermes@gibson.dropbear.id.au>, "
6140 "Pavel Roskin <proski@gnu.org>, et al)";
6142 static int __init init_orinoco(void)
6144 printk(KERN_DEBUG "%s\n", version);
6148 static void __exit exit_orinoco(void)
6152 module_init(init_orinoco);
6153 module_exit(exit_orinoco);
git.openpandora.org / pandora-kernel.git / blob