1 /******************************************************************************
3 * Copyright(c) 2003 - 2008 Intel Corporation. All rights reserved.
5 * Portions of this file are derived from the ipw3945 project, as well
6 * as portions of the ieee80211 subsystem header files.
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of version 2 of the GNU General Public License as
10 * published by the Free Software Foundation.
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
17 * You should have received a copy of the GNU General Public License along with
18 * this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
21 * The full GNU General Public License is included in this distribution in the
22 * file called LICENSE.
24 * Contact Information:
25 * James P. Ketrenos <ipw2100-admin@linux.intel.com>
26 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
28 *****************************************************************************/
30 #include <linux/kernel.h>
31 #include <linux/module.h>
32 #include <linux/version.h>
33 #include <linux/init.h>
34 #include <linux/pci.h>
35 #include <linux/dma-mapping.h>
36 #include <linux/delay.h>
37 #include <linux/skbuff.h>
38 #include <linux/netdevice.h>
39 #include <linux/wireless.h>
40 #include <linux/firmware.h>
41 #include <linux/etherdevice.h>
42 #include <linux/if_arp.h>
44 #include <net/ieee80211_radiotap.h>
45 #include <net/mac80211.h>
47 #include <asm/div64.h>
49 #include "iwl-3945-core.h"
51 #include "iwl-helpers.h"
53 #ifdef CONFIG_IWL3945_DEBUG
54 u32 iwl3945_debug_level;
57 static int iwl3945_tx_queue_update_write_ptr(struct iwl3945_priv *priv,
58 struct iwl3945_tx_queue *txq);
60 /******************************************************************************
64 ******************************************************************************/
66 /* module parameters */
67 static int iwl3945_param_disable_hw_scan; /* def: 0 = use 3945's h/w scan */
68 static int iwl3945_param_debug; /* def: 0 = minimal debug log messages */
69 static int iwl3945_param_disable; /* def: 0 = enable radio */
70 static int iwl3945_param_antenna; /* def: 0 = both antennas (use diversity) */
71 int iwl3945_param_hwcrypto; /* def: 0 = use software encryption */
72 static int iwl3945_param_qos_enable = 1; /* def: 1 = use quality of service */
73 int iwl3945_param_queues_num = IWL_MAX_NUM_QUEUES; /* def: 8 Tx queues */
76 * module name, copyright, version, etc.
77 * NOTE: DRV_NAME is defined in iwlwifi.h for use by iwl-debug.h and printk
80 #define DRV_DESCRIPTION \
81 "Intel(R) PRO/Wireless 3945ABG/BG Network Connection driver for Linux"
83 #ifdef CONFIG_IWL3945_DEBUG
89 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
95 #define IWLWIFI_VERSION "1.2.26k" VD VS
96 #define DRV_COPYRIGHT "Copyright(c) 2003-2008 Intel Corporation"
97 #define DRV_VERSION IWLWIFI_VERSION
100 MODULE_DESCRIPTION(DRV_DESCRIPTION);
101 MODULE_VERSION(DRV_VERSION);
102 MODULE_AUTHOR(DRV_COPYRIGHT);
103 MODULE_LICENSE("GPL");
105 static __le16 *ieee80211_get_qos_ctrl(struct ieee80211_hdr *hdr)
107 u16 fc = le16_to_cpu(hdr->frame_control);
108 int hdr_len = ieee80211_get_hdrlen(fc);
110 if ((fc & 0x00cc) == (IEEE80211_STYPE_QOS_DATA | IEEE80211_FTYPE_DATA))
111 return (__le16 *) ((u8 *) hdr + hdr_len - QOS_CONTROL_LEN);
115 static const struct ieee80211_supported_band *iwl3945_get_band(
116 struct iwl3945_priv *priv, enum ieee80211_band band)
118 return priv->hw->wiphy->bands[band];
121 static int iwl3945_is_empty_essid(const char *essid, int essid_len)
123 /* Single white space is for Linksys APs */
124 if (essid_len == 1 && essid[0] == ' ')
127 /* Otherwise, if the entire essid is 0, we assume it is hidden */
130 if (essid[essid_len] != '\0')
137 static const char *iwl3945_escape_essid(const char *essid, u8 essid_len)
139 static char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
140 const char *s = essid;
143 if (iwl3945_is_empty_essid(essid, essid_len)) {
144 memcpy(escaped, "<hidden>", sizeof("<hidden>"));
148 essid_len = min(essid_len, (u8) IW_ESSID_MAX_SIZE);
149 while (essid_len--) {
161 /*************** DMA-QUEUE-GENERAL-FUNCTIONS *****
164 * Theory of operation
166 * A Tx or Rx queue resides in host DRAM, and is comprised of a circular buffer
167 * of buffer descriptors, each of which points to one or more data buffers for
168 * the device to read from or fill. Driver and device exchange status of each
169 * queue via "read" and "write" pointers. Driver keeps minimum of 2 empty
170 * entries in each circular buffer, to protect against confusing empty and full
173 * The device reads or writes the data in the queues via the device's several
174 * DMA/FIFO channels. Each queue is mapped to a single DMA channel.
176 * For Tx queue, there are low mark and high mark limits. If, after queuing
177 * the packet for Tx, free space become < low mark, Tx queue stopped. When
178 * reclaiming packets (on 'tx done IRQ), if free space become > high mark,
181 * The 3945 operates with six queues: One receive queue, one transmit queue
182 * (#4) for sending commands to the device firmware, and four transmit queues
183 * (#0-3) for data tx via EDCA. An additional 2 HCCA queues are unused.
184 ***************************************************/
186 int iwl3945_queue_space(const struct iwl3945_queue *q)
188 int s = q->read_ptr - q->write_ptr;
190 if (q->read_ptr > q->write_ptr)
195 /* keep some reserve to not confuse empty and full situations */
202 int iwl3945_x2_queue_used(const struct iwl3945_queue *q, int i)
204 return q->write_ptr > q->read_ptr ?
205 (i >= q->read_ptr && i < q->write_ptr) :
206 !(i < q->read_ptr && i >= q->write_ptr);
210 static inline u8 get_cmd_index(struct iwl3945_queue *q, u32 index, int is_huge)
212 /* This is for scan command, the big buffer at end of command array */
214 return q->n_window; /* must be power of 2 */
216 /* Otherwise, use normal size buffers */
217 return index & (q->n_window - 1);
221 * iwl3945_queue_init - Initialize queue's high/low-water and read/write indexes
223 static int iwl3945_queue_init(struct iwl3945_priv *priv, struct iwl3945_queue *q,
224 int count, int slots_num, u32 id)
227 q->n_window = slots_num;
230 /* count must be power-of-two size, otherwise iwl_queue_inc_wrap
231 * and iwl_queue_dec_wrap are broken. */
232 BUG_ON(!is_power_of_2(count));
234 /* slots_num must be power-of-two size, otherwise
235 * get_cmd_index is broken. */
236 BUG_ON(!is_power_of_2(slots_num));
238 q->low_mark = q->n_window / 4;
242 q->high_mark = q->n_window / 8;
243 if (q->high_mark < 2)
246 q->write_ptr = q->read_ptr = 0;
252 * iwl3945_tx_queue_alloc - Alloc driver data and TFD CB for one Tx/cmd queue
254 static int iwl3945_tx_queue_alloc(struct iwl3945_priv *priv,
255 struct iwl3945_tx_queue *txq, u32 id)
257 struct pci_dev *dev = priv->pci_dev;
259 /* Driver private data, only for Tx (not command) queues,
260 * not shared with device. */
261 if (id != IWL_CMD_QUEUE_NUM) {
262 txq->txb = kmalloc(sizeof(txq->txb[0]) *
263 TFD_QUEUE_SIZE_MAX, GFP_KERNEL);
265 IWL_ERROR("kmalloc for auxiliary BD "
266 "structures failed\n");
272 /* Circular buffer of transmit frame descriptors (TFDs),
273 * shared with device */
274 txq->bd = pci_alloc_consistent(dev,
275 sizeof(txq->bd[0]) * TFD_QUEUE_SIZE_MAX,
279 IWL_ERROR("pci_alloc_consistent(%zd) failed\n",
280 sizeof(txq->bd[0]) * TFD_QUEUE_SIZE_MAX);
297 * iwl3945_tx_queue_init - Allocate and initialize one tx/cmd queue
299 int iwl3945_tx_queue_init(struct iwl3945_priv *priv,
300 struct iwl3945_tx_queue *txq, int slots_num, u32 txq_id)
302 struct pci_dev *dev = priv->pci_dev;
307 * Alloc buffer array for commands (Tx or other types of commands).
308 * For the command queue (#4), allocate command space + one big
309 * command for scan, since scan command is very huge; the system will
310 * not have two scans at the same time, so only one is needed.
311 * For data Tx queues (all other queues), no super-size command
314 len = sizeof(struct iwl3945_cmd) * slots_num;
315 if (txq_id == IWL_CMD_QUEUE_NUM)
316 len += IWL_MAX_SCAN_SIZE;
317 txq->cmd = pci_alloc_consistent(dev, len, &txq->dma_addr_cmd);
321 /* Alloc driver data array and TFD circular buffer */
322 rc = iwl3945_tx_queue_alloc(priv, txq, txq_id);
324 pci_free_consistent(dev, len, txq->cmd, txq->dma_addr_cmd);
328 txq->need_update = 0;
330 /* TFD_QUEUE_SIZE_MAX must be power-of-two size, otherwise
331 * iwl_queue_inc_wrap and iwl_queue_dec_wrap are broken. */
332 BUILD_BUG_ON(TFD_QUEUE_SIZE_MAX & (TFD_QUEUE_SIZE_MAX - 1));
334 /* Initialize queue high/low-water, head/tail indexes */
335 iwl3945_queue_init(priv, &txq->q, TFD_QUEUE_SIZE_MAX, slots_num, txq_id);
337 /* Tell device where to find queue, enable DMA channel. */
338 iwl3945_hw_tx_queue_init(priv, txq);
344 * iwl3945_tx_queue_free - Deallocate DMA queue.
345 * @txq: Transmit queue to deallocate.
347 * Empty queue by removing and destroying all BD's.
349 * 0-fill, but do not free "txq" descriptor structure.
351 void iwl3945_tx_queue_free(struct iwl3945_priv *priv, struct iwl3945_tx_queue *txq)
353 struct iwl3945_queue *q = &txq->q;
354 struct pci_dev *dev = priv->pci_dev;
360 /* first, empty all BD's */
361 for (; q->write_ptr != q->read_ptr;
362 q->read_ptr = iwl_queue_inc_wrap(q->read_ptr, q->n_bd))
363 iwl3945_hw_txq_free_tfd(priv, txq);
365 len = sizeof(struct iwl3945_cmd) * q->n_window;
366 if (q->id == IWL_CMD_QUEUE_NUM)
367 len += IWL_MAX_SCAN_SIZE;
369 /* De-alloc array of command/tx buffers */
370 pci_free_consistent(dev, len, txq->cmd, txq->dma_addr_cmd);
372 /* De-alloc circular buffer of TFDs */
374 pci_free_consistent(dev, sizeof(struct iwl3945_tfd_frame) *
375 txq->q.n_bd, txq->bd, txq->q.dma_addr);
377 /* De-alloc array of per-TFD driver data */
383 /* 0-fill queue descriptor structure */
384 memset(txq, 0, sizeof(*txq));
387 const u8 iwl3945_broadcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
389 /*************** STATION TABLE MANAGEMENT ****
390 * mac80211 should be examined to determine if sta_info is duplicating
391 * the functionality provided here
394 /**************************************************************/
395 #if 0 /* temporary disable till we add real remove station */
397 * iwl3945_remove_station - Remove driver's knowledge of station.
399 * NOTE: This does not remove station from device's station table.
401 static u8 iwl3945_remove_station(struct iwl3945_priv *priv, const u8 *addr, int is_ap)
403 int index = IWL_INVALID_STATION;
407 spin_lock_irqsave(&priv->sta_lock, flags);
411 else if (is_broadcast_ether_addr(addr))
412 index = priv->hw_setting.bcast_sta_id;
414 for (i = IWL_STA_ID; i < priv->hw_setting.max_stations; i++)
415 if (priv->stations[i].used &&
416 !compare_ether_addr(priv->stations[i].sta.sta.addr,
422 if (unlikely(index == IWL_INVALID_STATION))
425 if (priv->stations[index].used) {
426 priv->stations[index].used = 0;
427 priv->num_stations--;
430 BUG_ON(priv->num_stations < 0);
433 spin_unlock_irqrestore(&priv->sta_lock, flags);
439 * iwl3945_clear_stations_table - Clear the driver's station table
441 * NOTE: This does not clear or otherwise alter the device's station table.
443 static void iwl3945_clear_stations_table(struct iwl3945_priv *priv)
447 spin_lock_irqsave(&priv->sta_lock, flags);
449 priv->num_stations = 0;
450 memset(priv->stations, 0, sizeof(priv->stations));
452 spin_unlock_irqrestore(&priv->sta_lock, flags);
456 * iwl3945_add_station - Add station to station tables in driver and device
458 u8 iwl3945_add_station(struct iwl3945_priv *priv, const u8 *addr, int is_ap, u8 flags)
461 int index = IWL_INVALID_STATION;
462 struct iwl3945_station_entry *station;
463 unsigned long flags_spin;
464 DECLARE_MAC_BUF(mac);
467 spin_lock_irqsave(&priv->sta_lock, flags_spin);
470 else if (is_broadcast_ether_addr(addr))
471 index = priv->hw_setting.bcast_sta_id;
473 for (i = IWL_STA_ID; i < priv->hw_setting.max_stations; i++) {
474 if (!compare_ether_addr(priv->stations[i].sta.sta.addr,
480 if (!priv->stations[i].used &&
481 index == IWL_INVALID_STATION)
485 /* These two conditions has the same outcome but keep them separate
486 since they have different meaning */
487 if (unlikely(index == IWL_INVALID_STATION)) {
488 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
492 if (priv->stations[index].used &&
493 !compare_ether_addr(priv->stations[index].sta.sta.addr, addr)) {
494 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
498 IWL_DEBUG_ASSOC("Add STA ID %d: %s\n", index, print_mac(mac, addr));
499 station = &priv->stations[index];
501 priv->num_stations++;
503 /* Set up the REPLY_ADD_STA command to send to device */
504 memset(&station->sta, 0, sizeof(struct iwl3945_addsta_cmd));
505 memcpy(station->sta.sta.addr, addr, ETH_ALEN);
506 station->sta.mode = 0;
507 station->sta.sta.sta_id = index;
508 station->sta.station_flags = 0;
510 if (priv->band == IEEE80211_BAND_5GHZ)
511 rate = IWL_RATE_6M_PLCP;
513 rate = IWL_RATE_1M_PLCP;
515 /* Turn on both antennas for the station... */
516 station->sta.rate_n_flags =
517 iwl3945_hw_set_rate_n_flags(rate, RATE_MCS_ANT_AB_MSK);
518 station->current_rate.rate_n_flags =
519 le16_to_cpu(station->sta.rate_n_flags);
521 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
523 /* Add station to device's station table */
524 iwl3945_send_add_station(priv, &station->sta, flags);
529 /*************** DRIVER STATUS FUNCTIONS *****/
531 static inline int iwl3945_is_ready(struct iwl3945_priv *priv)
533 /* The adapter is 'ready' if READY and GEO_CONFIGURED bits are
534 * set but EXIT_PENDING is not */
535 return test_bit(STATUS_READY, &priv->status) &&
536 test_bit(STATUS_GEO_CONFIGURED, &priv->status) &&
537 !test_bit(STATUS_EXIT_PENDING, &priv->status);
540 static inline int iwl3945_is_alive(struct iwl3945_priv *priv)
542 return test_bit(STATUS_ALIVE, &priv->status);
545 static inline int iwl3945_is_init(struct iwl3945_priv *priv)
547 return test_bit(STATUS_INIT, &priv->status);
550 static inline int iwl3945_is_rfkill(struct iwl3945_priv *priv)
552 return test_bit(STATUS_RF_KILL_HW, &priv->status) ||
553 test_bit(STATUS_RF_KILL_SW, &priv->status);
556 static inline int iwl3945_is_ready_rf(struct iwl3945_priv *priv)
559 if (iwl3945_is_rfkill(priv))
562 return iwl3945_is_ready(priv);
565 /*************** HOST COMMAND QUEUE FUNCTIONS *****/
567 #define IWL_CMD(x) case x : return #x
569 static const char *get_cmd_string(u8 cmd)
572 IWL_CMD(REPLY_ALIVE);
573 IWL_CMD(REPLY_ERROR);
575 IWL_CMD(REPLY_RXON_ASSOC);
576 IWL_CMD(REPLY_QOS_PARAM);
577 IWL_CMD(REPLY_RXON_TIMING);
578 IWL_CMD(REPLY_ADD_STA);
579 IWL_CMD(REPLY_REMOVE_STA);
580 IWL_CMD(REPLY_REMOVE_ALL_STA);
581 IWL_CMD(REPLY_3945_RX);
583 IWL_CMD(REPLY_RATE_SCALE);
584 IWL_CMD(REPLY_LEDS_CMD);
585 IWL_CMD(REPLY_TX_LINK_QUALITY_CMD);
586 IWL_CMD(RADAR_NOTIFICATION);
587 IWL_CMD(REPLY_QUIET_CMD);
588 IWL_CMD(REPLY_CHANNEL_SWITCH);
589 IWL_CMD(CHANNEL_SWITCH_NOTIFICATION);
590 IWL_CMD(REPLY_SPECTRUM_MEASUREMENT_CMD);
591 IWL_CMD(SPECTRUM_MEASURE_NOTIFICATION);
592 IWL_CMD(POWER_TABLE_CMD);
593 IWL_CMD(PM_SLEEP_NOTIFICATION);
594 IWL_CMD(PM_DEBUG_STATISTIC_NOTIFIC);
595 IWL_CMD(REPLY_SCAN_CMD);
596 IWL_CMD(REPLY_SCAN_ABORT_CMD);
597 IWL_CMD(SCAN_START_NOTIFICATION);
598 IWL_CMD(SCAN_RESULTS_NOTIFICATION);
599 IWL_CMD(SCAN_COMPLETE_NOTIFICATION);
600 IWL_CMD(BEACON_NOTIFICATION);
601 IWL_CMD(REPLY_TX_BEACON);
602 IWL_CMD(WHO_IS_AWAKE_NOTIFICATION);
603 IWL_CMD(QUIET_NOTIFICATION);
604 IWL_CMD(REPLY_TX_PWR_TABLE_CMD);
605 IWL_CMD(MEASURE_ABORT_NOTIFICATION);
606 IWL_CMD(REPLY_BT_CONFIG);
607 IWL_CMD(REPLY_STATISTICS_CMD);
608 IWL_CMD(STATISTICS_NOTIFICATION);
609 IWL_CMD(REPLY_CARD_STATE_CMD);
610 IWL_CMD(CARD_STATE_NOTIFICATION);
611 IWL_CMD(MISSED_BEACONS_NOTIFICATION);
618 #define HOST_COMPLETE_TIMEOUT (HZ / 2)
621 * iwl3945_enqueue_hcmd - enqueue a uCode command
622 * @priv: device private data point
623 * @cmd: a point to the ucode command structure
625 * The function returns < 0 values to indicate the operation is
626 * failed. On success, it turns the index (> 0) of command in the
629 static int iwl3945_enqueue_hcmd(struct iwl3945_priv *priv, struct iwl3945_host_cmd *cmd)
631 struct iwl3945_tx_queue *txq = &priv->txq[IWL_CMD_QUEUE_NUM];
632 struct iwl3945_queue *q = &txq->q;
633 struct iwl3945_tfd_frame *tfd;
635 struct iwl3945_cmd *out_cmd;
637 u16 fix_size = (u16)(cmd->len + sizeof(out_cmd->hdr));
638 dma_addr_t phys_addr;
644 /* If any of the command structures end up being larger than
645 * the TFD_MAX_PAYLOAD_SIZE, and it sent as a 'small' command then
646 * we will need to increase the size of the TFD entries */
647 BUG_ON((fix_size > TFD_MAX_PAYLOAD_SIZE) &&
648 !(cmd->meta.flags & CMD_SIZE_HUGE));
651 if (iwl3945_is_rfkill(priv)) {
652 IWL_DEBUG_INFO("Not sending command - RF KILL");
656 if (iwl3945_queue_space(q) < ((cmd->meta.flags & CMD_ASYNC) ? 2 : 1)) {
657 IWL_ERROR("No space for Tx\n");
661 spin_lock_irqsave(&priv->hcmd_lock, flags);
663 tfd = &txq->bd[q->write_ptr];
664 memset(tfd, 0, sizeof(*tfd));
666 control_flags = (u32 *) tfd;
668 idx = get_cmd_index(q, q->write_ptr, cmd->meta.flags & CMD_SIZE_HUGE);
669 out_cmd = &txq->cmd[idx];
671 out_cmd->hdr.cmd = cmd->id;
672 memcpy(&out_cmd->meta, &cmd->meta, sizeof(cmd->meta));
673 memcpy(&out_cmd->cmd.payload, cmd->data, cmd->len);
675 /* At this point, the out_cmd now has all of the incoming cmd
678 out_cmd->hdr.flags = 0;
679 out_cmd->hdr.sequence = cpu_to_le16(QUEUE_TO_SEQ(IWL_CMD_QUEUE_NUM) |
680 INDEX_TO_SEQ(q->write_ptr));
681 if (out_cmd->meta.flags & CMD_SIZE_HUGE)
682 out_cmd->hdr.sequence |= cpu_to_le16(SEQ_HUGE_FRAME);
684 phys_addr = txq->dma_addr_cmd + sizeof(txq->cmd[0]) * idx +
685 offsetof(struct iwl3945_cmd, hdr);
686 iwl3945_hw_txq_attach_buf_to_tfd(priv, tfd, phys_addr, fix_size);
688 pad = U32_PAD(cmd->len);
689 count = TFD_CTL_COUNT_GET(*control_flags);
690 *control_flags = TFD_CTL_COUNT_SET(count) | TFD_CTL_PAD_SET(pad);
692 IWL_DEBUG_HC("Sending command %s (#%x), seq: 0x%04X, "
693 "%d bytes at %d[%d]:%d\n",
694 get_cmd_string(out_cmd->hdr.cmd),
695 out_cmd->hdr.cmd, le16_to_cpu(out_cmd->hdr.sequence),
696 fix_size, q->write_ptr, idx, IWL_CMD_QUEUE_NUM);
698 txq->need_update = 1;
700 /* Increment and update queue's write index */
701 q->write_ptr = iwl_queue_inc_wrap(q->write_ptr, q->n_bd);
702 ret = iwl3945_tx_queue_update_write_ptr(priv, txq);
704 spin_unlock_irqrestore(&priv->hcmd_lock, flags);
705 return ret ? ret : idx;
708 static int iwl3945_send_cmd_async(struct iwl3945_priv *priv, struct iwl3945_host_cmd *cmd)
712 BUG_ON(!(cmd->meta.flags & CMD_ASYNC));
714 /* An asynchronous command can not expect an SKB to be set. */
715 BUG_ON(cmd->meta.flags & CMD_WANT_SKB);
717 /* An asynchronous command MUST have a callback. */
718 BUG_ON(!cmd->meta.u.callback);
720 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
723 ret = iwl3945_enqueue_hcmd(priv, cmd);
725 IWL_ERROR("Error sending %s: iwl3945_enqueue_hcmd failed: %d\n",
726 get_cmd_string(cmd->id), ret);
732 static int iwl3945_send_cmd_sync(struct iwl3945_priv *priv, struct iwl3945_host_cmd *cmd)
736 static atomic_t entry = ATOMIC_INIT(0); /* reentrance protection */
738 BUG_ON(cmd->meta.flags & CMD_ASYNC);
740 /* A synchronous command can not have a callback set. */
741 BUG_ON(cmd->meta.u.callback != NULL);
743 if (atomic_xchg(&entry, 1)) {
744 IWL_ERROR("Error sending %s: Already sending a host command\n",
745 get_cmd_string(cmd->id));
749 set_bit(STATUS_HCMD_ACTIVE, &priv->status);
751 if (cmd->meta.flags & CMD_WANT_SKB)
752 cmd->meta.source = &cmd->meta;
754 cmd_idx = iwl3945_enqueue_hcmd(priv, cmd);
757 IWL_ERROR("Error sending %s: iwl3945_enqueue_hcmd failed: %d\n",
758 get_cmd_string(cmd->id), ret);
762 ret = wait_event_interruptible_timeout(priv->wait_command_queue,
763 !test_bit(STATUS_HCMD_ACTIVE, &priv->status),
764 HOST_COMPLETE_TIMEOUT);
766 if (test_bit(STATUS_HCMD_ACTIVE, &priv->status)) {
767 IWL_ERROR("Error sending %s: time out after %dms.\n",
768 get_cmd_string(cmd->id),
769 jiffies_to_msecs(HOST_COMPLETE_TIMEOUT));
771 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
777 if (test_bit(STATUS_RF_KILL_HW, &priv->status)) {
778 IWL_DEBUG_INFO("Command %s aborted: RF KILL Switch\n",
779 get_cmd_string(cmd->id));
783 if (test_bit(STATUS_FW_ERROR, &priv->status)) {
784 IWL_DEBUG_INFO("Command %s failed: FW Error\n",
785 get_cmd_string(cmd->id));
789 if ((cmd->meta.flags & CMD_WANT_SKB) && !cmd->meta.u.skb) {
790 IWL_ERROR("Error: Response NULL in '%s'\n",
791 get_cmd_string(cmd->id));
800 if (cmd->meta.flags & CMD_WANT_SKB) {
801 struct iwl3945_cmd *qcmd;
803 /* Cancel the CMD_WANT_SKB flag for the cmd in the
804 * TX cmd queue. Otherwise in case the cmd comes
805 * in later, it will possibly set an invalid
806 * address (cmd->meta.source). */
807 qcmd = &priv->txq[IWL_CMD_QUEUE_NUM].cmd[cmd_idx];
808 qcmd->meta.flags &= ~CMD_WANT_SKB;
811 if (cmd->meta.u.skb) {
812 dev_kfree_skb_any(cmd->meta.u.skb);
813 cmd->meta.u.skb = NULL;
816 atomic_set(&entry, 0);
820 int iwl3945_send_cmd(struct iwl3945_priv *priv, struct iwl3945_host_cmd *cmd)
822 if (cmd->meta.flags & CMD_ASYNC)
823 return iwl3945_send_cmd_async(priv, cmd);
825 return iwl3945_send_cmd_sync(priv, cmd);
828 int iwl3945_send_cmd_pdu(struct iwl3945_priv *priv, u8 id, u16 len, const void *data)
830 struct iwl3945_host_cmd cmd = {
836 return iwl3945_send_cmd_sync(priv, &cmd);
839 static int __must_check iwl3945_send_cmd_u32(struct iwl3945_priv *priv, u8 id, u32 val)
841 struct iwl3945_host_cmd cmd = {
847 return iwl3945_send_cmd_sync(priv, &cmd);
850 int iwl3945_send_statistics_request(struct iwl3945_priv *priv)
852 return iwl3945_send_cmd_u32(priv, REPLY_STATISTICS_CMD, 0);
856 * iwl3945_set_rxon_channel - Set the phymode and channel values in staging RXON
857 * @band: 2.4 or 5 GHz band
858 * @channel: Any channel valid for the requested band
860 * In addition to setting the staging RXON, priv->band is also set.
862 * NOTE: Does not commit to the hardware; it sets appropriate bit fields
863 * in the staging RXON flag structure based on the band
865 static int iwl3945_set_rxon_channel(struct iwl3945_priv *priv,
866 enum ieee80211_band band,
869 if (!iwl3945_get_channel_info(priv, band, channel)) {
870 IWL_DEBUG_INFO("Could not set channel to %d [%d]\n",
875 if ((le16_to_cpu(priv->staging_rxon.channel) == channel) &&
876 (priv->band == band))
879 priv->staging_rxon.channel = cpu_to_le16(channel);
880 if (band == IEEE80211_BAND_5GHZ)
881 priv->staging_rxon.flags &= ~RXON_FLG_BAND_24G_MSK;
883 priv->staging_rxon.flags |= RXON_FLG_BAND_24G_MSK;
887 IWL_DEBUG_INFO("Staging channel set to %d [%d]\n", channel, band);
893 * iwl3945_check_rxon_cmd - validate RXON structure is valid
895 * NOTE: This is really only useful during development and can eventually
896 * be #ifdef'd out once the driver is stable and folks aren't actively
899 static int iwl3945_check_rxon_cmd(struct iwl3945_rxon_cmd *rxon)
904 if (rxon->flags & RXON_FLG_BAND_24G_MSK) {
905 error |= le32_to_cpu(rxon->flags &
906 (RXON_FLG_TGJ_NARROW_BAND_MSK |
907 RXON_FLG_RADAR_DETECT_MSK));
909 IWL_WARNING("check 24G fields %d | %d\n",
912 error |= (rxon->flags & RXON_FLG_SHORT_SLOT_MSK) ?
913 0 : le32_to_cpu(RXON_FLG_SHORT_SLOT_MSK);
915 IWL_WARNING("check 52 fields %d | %d\n",
917 error |= le32_to_cpu(rxon->flags & RXON_FLG_CCK_MSK);
919 IWL_WARNING("check 52 CCK %d | %d\n",
922 error |= (rxon->node_addr[0] | rxon->bssid_addr[0]) & 0x1;
924 IWL_WARNING("check mac addr %d | %d\n", counter++, error);
926 /* make sure basic rates 6Mbps and 1Mbps are supported */
927 error |= (((rxon->ofdm_basic_rates & IWL_RATE_6M_MASK) == 0) &&
928 ((rxon->cck_basic_rates & IWL_RATE_1M_MASK) == 0));
930 IWL_WARNING("check basic rate %d | %d\n", counter++, error);
932 error |= (le16_to_cpu(rxon->assoc_id) > 2007);
934 IWL_WARNING("check assoc id %d | %d\n", counter++, error);
936 error |= ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK))
937 == (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK));
939 IWL_WARNING("check CCK and short slot %d | %d\n",
942 error |= ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_AUTO_DETECT_MSK))
943 == (RXON_FLG_CCK_MSK | RXON_FLG_AUTO_DETECT_MSK));
945 IWL_WARNING("check CCK & auto detect %d | %d\n",
948 error |= ((rxon->flags & (RXON_FLG_AUTO_DETECT_MSK |
949 RXON_FLG_TGG_PROTECT_MSK)) == RXON_FLG_TGG_PROTECT_MSK);
951 IWL_WARNING("check TGG and auto detect %d | %d\n",
954 if ((rxon->flags & RXON_FLG_DIS_DIV_MSK))
955 error |= ((rxon->flags & (RXON_FLG_ANT_B_MSK |
956 RXON_FLG_ANT_A_MSK)) == 0);
958 IWL_WARNING("check antenna %d %d\n", counter++, error);
961 IWL_WARNING("Tuning to channel %d\n",
962 le16_to_cpu(rxon->channel));
965 IWL_ERROR("Not a valid iwl3945_rxon_assoc_cmd field values\n");
972 * iwl3945_full_rxon_required - check if full RXON (vs RXON_ASSOC) cmd is needed
973 * @priv: staging_rxon is compared to active_rxon
975 * If the RXON structure is changing enough to require a new tune,
976 * or is clearing the RXON_FILTER_ASSOC_MSK, then return 1 to indicate that
977 * a new tune (full RXON command, rather than RXON_ASSOC cmd) is required.
979 static int iwl3945_full_rxon_required(struct iwl3945_priv *priv)
982 /* These items are only settable from the full RXON command */
983 if (!(priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) ||
984 compare_ether_addr(priv->staging_rxon.bssid_addr,
985 priv->active_rxon.bssid_addr) ||
986 compare_ether_addr(priv->staging_rxon.node_addr,
987 priv->active_rxon.node_addr) ||
988 compare_ether_addr(priv->staging_rxon.wlap_bssid_addr,
989 priv->active_rxon.wlap_bssid_addr) ||
990 (priv->staging_rxon.dev_type != priv->active_rxon.dev_type) ||
991 (priv->staging_rxon.channel != priv->active_rxon.channel) ||
992 (priv->staging_rxon.air_propagation !=
993 priv->active_rxon.air_propagation) ||
994 (priv->staging_rxon.assoc_id != priv->active_rxon.assoc_id))
997 /* flags, filter_flags, ofdm_basic_rates, and cck_basic_rates can
998 * be updated with the RXON_ASSOC command -- however only some
999 * flag transitions are allowed using RXON_ASSOC */
1001 /* Check if we are not switching bands */
1002 if ((priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) !=
1003 (priv->active_rxon.flags & RXON_FLG_BAND_24G_MSK))
1006 /* Check if we are switching association toggle */
1007 if ((priv->staging_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) !=
1008 (priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK))
1014 static int iwl3945_send_rxon_assoc(struct iwl3945_priv *priv)
1017 struct iwl3945_rx_packet *res = NULL;
1018 struct iwl3945_rxon_assoc_cmd rxon_assoc;
1019 struct iwl3945_host_cmd cmd = {
1020 .id = REPLY_RXON_ASSOC,
1021 .len = sizeof(rxon_assoc),
1022 .meta.flags = CMD_WANT_SKB,
1023 .data = &rxon_assoc,
1025 const struct iwl3945_rxon_cmd *rxon1 = &priv->staging_rxon;
1026 const struct iwl3945_rxon_cmd *rxon2 = &priv->active_rxon;
1028 if ((rxon1->flags == rxon2->flags) &&
1029 (rxon1->filter_flags == rxon2->filter_flags) &&
1030 (rxon1->cck_basic_rates == rxon2->cck_basic_rates) &&
1031 (rxon1->ofdm_basic_rates == rxon2->ofdm_basic_rates)) {
1032 IWL_DEBUG_INFO("Using current RXON_ASSOC. Not resending.\n");
1036 rxon_assoc.flags = priv->staging_rxon.flags;
1037 rxon_assoc.filter_flags = priv->staging_rxon.filter_flags;
1038 rxon_assoc.ofdm_basic_rates = priv->staging_rxon.ofdm_basic_rates;
1039 rxon_assoc.cck_basic_rates = priv->staging_rxon.cck_basic_rates;
1040 rxon_assoc.reserved = 0;
1042 rc = iwl3945_send_cmd_sync(priv, &cmd);
1046 res = (struct iwl3945_rx_packet *)cmd.meta.u.skb->data;
1047 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1048 IWL_ERROR("Bad return from REPLY_RXON_ASSOC command\n");
1052 priv->alloc_rxb_skb--;
1053 dev_kfree_skb_any(cmd.meta.u.skb);
1059 * iwl3945_commit_rxon - commit staging_rxon to hardware
1061 * The RXON command in staging_rxon is committed to the hardware and
1062 * the active_rxon structure is updated with the new data. This
1063 * function correctly transitions out of the RXON_ASSOC_MSK state if
1064 * a HW tune is required based on the RXON structure changes.
1066 static int iwl3945_commit_rxon(struct iwl3945_priv *priv)
1068 /* cast away the const for active_rxon in this function */
1069 struct iwl3945_rxon_cmd *active_rxon = (void *)&priv->active_rxon;
1071 DECLARE_MAC_BUF(mac);
1073 if (!iwl3945_is_alive(priv))
1076 /* always get timestamp with Rx frame */
1077 priv->staging_rxon.flags |= RXON_FLG_TSF2HOST_MSK;
1079 /* select antenna */
1080 priv->staging_rxon.flags &=
1081 ~(RXON_FLG_DIS_DIV_MSK | RXON_FLG_ANT_SEL_MSK);
1082 priv->staging_rxon.flags |= iwl3945_get_antenna_flags(priv);
1084 rc = iwl3945_check_rxon_cmd(&priv->staging_rxon);
1086 IWL_ERROR("Invalid RXON configuration. Not committing.\n");
1090 /* If we don't need to send a full RXON, we can use
1091 * iwl3945_rxon_assoc_cmd which is used to reconfigure filter
1092 * and other flags for the current radio configuration. */
1093 if (!iwl3945_full_rxon_required(priv)) {
1094 rc = iwl3945_send_rxon_assoc(priv);
1096 IWL_ERROR("Error setting RXON_ASSOC "
1097 "configuration (%d).\n", rc);
1101 memcpy(active_rxon, &priv->staging_rxon, sizeof(*active_rxon));
1106 /* If we are currently associated and the new config requires
1107 * an RXON_ASSOC and the new config wants the associated mask enabled,
1108 * we must clear the associated from the active configuration
1109 * before we apply the new config */
1110 if (iwl3945_is_associated(priv) &&
1111 (priv->staging_rxon.filter_flags & RXON_FILTER_ASSOC_MSK)) {
1112 IWL_DEBUG_INFO("Toggling associated bit on current RXON\n");
1113 active_rxon->filter_flags &= ~RXON_FILTER_ASSOC_MSK;
1115 rc = iwl3945_send_cmd_pdu(priv, REPLY_RXON,
1116 sizeof(struct iwl3945_rxon_cmd),
1117 &priv->active_rxon);
1119 /* If the mask clearing failed then we set
1120 * active_rxon back to what it was previously */
1122 active_rxon->filter_flags |= RXON_FILTER_ASSOC_MSK;
1123 IWL_ERROR("Error clearing ASSOC_MSK on current "
1124 "configuration (%d).\n", rc);
1129 IWL_DEBUG_INFO("Sending RXON\n"
1130 "* with%s RXON_FILTER_ASSOC_MSK\n"
1133 ((priv->staging_rxon.filter_flags &
1134 RXON_FILTER_ASSOC_MSK) ? "" : "out"),
1135 le16_to_cpu(priv->staging_rxon.channel),
1136 print_mac(mac, priv->staging_rxon.bssid_addr));
1138 /* Apply the new configuration */
1139 rc = iwl3945_send_cmd_pdu(priv, REPLY_RXON,
1140 sizeof(struct iwl3945_rxon_cmd), &priv->staging_rxon);
1142 IWL_ERROR("Error setting new configuration (%d).\n", rc);
1146 memcpy(active_rxon, &priv->staging_rxon, sizeof(*active_rxon));
1148 iwl3945_clear_stations_table(priv);
1150 /* If we issue a new RXON command which required a tune then we must
1151 * send a new TXPOWER command or we won't be able to Tx any frames */
1152 rc = iwl3945_hw_reg_send_txpower(priv);
1154 IWL_ERROR("Error setting Tx power (%d).\n", rc);
1158 /* Add the broadcast address so we can send broadcast frames */
1159 if (iwl3945_add_station(priv, iwl3945_broadcast_addr, 0, 0) ==
1160 IWL_INVALID_STATION) {
1161 IWL_ERROR("Error adding BROADCAST address for transmit.\n");
1165 /* If we have set the ASSOC_MSK and we are in BSS mode then
1166 * add the IWL_AP_ID to the station rate table */
1167 if (iwl3945_is_associated(priv) &&
1168 (priv->iw_mode == IEEE80211_IF_TYPE_STA))
1169 if (iwl3945_add_station(priv, priv->active_rxon.bssid_addr, 1, 0)
1170 == IWL_INVALID_STATION) {
1171 IWL_ERROR("Error adding AP address for transmit.\n");
1175 /* Init the hardware's rate fallback order based on the band */
1176 rc = iwl3945_init_hw_rate_table(priv);
1178 IWL_ERROR("Error setting HW rate table: %02X\n", rc);
1185 static int iwl3945_send_bt_config(struct iwl3945_priv *priv)
1187 struct iwl3945_bt_cmd bt_cmd = {
1195 return iwl3945_send_cmd_pdu(priv, REPLY_BT_CONFIG,
1196 sizeof(struct iwl3945_bt_cmd), &bt_cmd);
1199 static int iwl3945_send_scan_abort(struct iwl3945_priv *priv)
1202 struct iwl3945_rx_packet *res;
1203 struct iwl3945_host_cmd cmd = {
1204 .id = REPLY_SCAN_ABORT_CMD,
1205 .meta.flags = CMD_WANT_SKB,
1208 /* If there isn't a scan actively going on in the hardware
1209 * then we are in between scan bands and not actually
1210 * actively scanning, so don't send the abort command */
1211 if (!test_bit(STATUS_SCAN_HW, &priv->status)) {
1212 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1216 rc = iwl3945_send_cmd_sync(priv, &cmd);
1218 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1222 res = (struct iwl3945_rx_packet *)cmd.meta.u.skb->data;
1223 if (res->u.status != CAN_ABORT_STATUS) {
1224 /* The scan abort will return 1 for success or
1225 * 2 for "failure". A failure condition can be
1226 * due to simply not being in an active scan which
1227 * can occur if we send the scan abort before we
1228 * the microcode has notified us that a scan is
1230 IWL_DEBUG_INFO("SCAN_ABORT returned %d.\n", res->u.status);
1231 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1232 clear_bit(STATUS_SCAN_HW, &priv->status);
1235 dev_kfree_skb_any(cmd.meta.u.skb);
1240 static int iwl3945_card_state_sync_callback(struct iwl3945_priv *priv,
1241 struct iwl3945_cmd *cmd,
1242 struct sk_buff *skb)
1250 * Use: Sets the device's internal card state to enable, disable, or halt
1252 * When in the 'enable' state the card operates as normal.
1253 * When in the 'disable' state, the card enters into a low power mode.
1254 * When in the 'halt' state, the card is shut down and must be fully
1255 * restarted to come back on.
1257 static int iwl3945_send_card_state(struct iwl3945_priv *priv, u32 flags, u8 meta_flag)
1259 struct iwl3945_host_cmd cmd = {
1260 .id = REPLY_CARD_STATE_CMD,
1263 .meta.flags = meta_flag,
1266 if (meta_flag & CMD_ASYNC)
1267 cmd.meta.u.callback = iwl3945_card_state_sync_callback;
1269 return iwl3945_send_cmd(priv, &cmd);
1272 static int iwl3945_add_sta_sync_callback(struct iwl3945_priv *priv,
1273 struct iwl3945_cmd *cmd, struct sk_buff *skb)
1275 struct iwl3945_rx_packet *res = NULL;
1278 IWL_ERROR("Error: Response NULL in REPLY_ADD_STA.\n");
1282 res = (struct iwl3945_rx_packet *)skb->data;
1283 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1284 IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
1289 switch (res->u.add_sta.status) {
1290 case ADD_STA_SUCCESS_MSK:
1296 /* We didn't cache the SKB; let the caller free it */
1300 int iwl3945_send_add_station(struct iwl3945_priv *priv,
1301 struct iwl3945_addsta_cmd *sta, u8 flags)
1303 struct iwl3945_rx_packet *res = NULL;
1305 struct iwl3945_host_cmd cmd = {
1306 .id = REPLY_ADD_STA,
1307 .len = sizeof(struct iwl3945_addsta_cmd),
1308 .meta.flags = flags,
1312 if (flags & CMD_ASYNC)
1313 cmd.meta.u.callback = iwl3945_add_sta_sync_callback;
1315 cmd.meta.flags |= CMD_WANT_SKB;
1317 rc = iwl3945_send_cmd(priv, &cmd);
1319 if (rc || (flags & CMD_ASYNC))
1322 res = (struct iwl3945_rx_packet *)cmd.meta.u.skb->data;
1323 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1324 IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
1330 switch (res->u.add_sta.status) {
1331 case ADD_STA_SUCCESS_MSK:
1332 IWL_DEBUG_INFO("REPLY_ADD_STA PASSED\n");
1336 IWL_WARNING("REPLY_ADD_STA failed\n");
1341 priv->alloc_rxb_skb--;
1342 dev_kfree_skb_any(cmd.meta.u.skb);
1347 static int iwl3945_update_sta_key_info(struct iwl3945_priv *priv,
1348 struct ieee80211_key_conf *keyconf,
1351 unsigned long flags;
1352 __le16 key_flags = 0;
1354 switch (keyconf->alg) {
1356 key_flags |= STA_KEY_FLG_CCMP;
1357 key_flags |= cpu_to_le16(
1358 keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
1359 key_flags &= ~STA_KEY_FLG_INVALID;
1366 spin_lock_irqsave(&priv->sta_lock, flags);
1367 priv->stations[sta_id].keyinfo.alg = keyconf->alg;
1368 priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
1369 memcpy(priv->stations[sta_id].keyinfo.key, keyconf->key,
1372 memcpy(priv->stations[sta_id].sta.key.key, keyconf->key,
1374 priv->stations[sta_id].sta.key.key_flags = key_flags;
1375 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
1376 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
1378 spin_unlock_irqrestore(&priv->sta_lock, flags);
1380 IWL_DEBUG_INFO("hwcrypto: modify ucode station key info\n");
1381 iwl3945_send_add_station(priv, &priv->stations[sta_id].sta, 0);
1385 static int iwl3945_clear_sta_key_info(struct iwl3945_priv *priv, u8 sta_id)
1387 unsigned long flags;
1389 spin_lock_irqsave(&priv->sta_lock, flags);
1390 memset(&priv->stations[sta_id].keyinfo, 0, sizeof(struct iwl3945_hw_key));
1391 memset(&priv->stations[sta_id].sta.key, 0, sizeof(struct iwl3945_keyinfo));
1392 priv->stations[sta_id].sta.key.key_flags = STA_KEY_FLG_NO_ENC;
1393 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
1394 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
1395 spin_unlock_irqrestore(&priv->sta_lock, flags);
1397 IWL_DEBUG_INFO("hwcrypto: clear ucode station key info\n");
1398 iwl3945_send_add_station(priv, &priv->stations[sta_id].sta, 0);
1402 static void iwl3945_clear_free_frames(struct iwl3945_priv *priv)
1404 struct list_head *element;
1406 IWL_DEBUG_INFO("%d frames on pre-allocated heap on clear.\n",
1407 priv->frames_count);
1409 while (!list_empty(&priv->free_frames)) {
1410 element = priv->free_frames.next;
1412 kfree(list_entry(element, struct iwl3945_frame, list));
1413 priv->frames_count--;
1416 if (priv->frames_count) {
1417 IWL_WARNING("%d frames still in use. Did we lose one?\n",
1418 priv->frames_count);
1419 priv->frames_count = 0;
1423 static struct iwl3945_frame *iwl3945_get_free_frame(struct iwl3945_priv *priv)
1425 struct iwl3945_frame *frame;
1426 struct list_head *element;
1427 if (list_empty(&priv->free_frames)) {
1428 frame = kzalloc(sizeof(*frame), GFP_KERNEL);
1430 IWL_ERROR("Could not allocate frame!\n");
1434 priv->frames_count++;
1438 element = priv->free_frames.next;
1440 return list_entry(element, struct iwl3945_frame, list);
1443 static void iwl3945_free_frame(struct iwl3945_priv *priv, struct iwl3945_frame *frame)
1445 memset(frame, 0, sizeof(*frame));
1446 list_add(&frame->list, &priv->free_frames);
1449 unsigned int iwl3945_fill_beacon_frame(struct iwl3945_priv *priv,
1450 struct ieee80211_hdr *hdr,
1451 const u8 *dest, int left)
1454 if (!iwl3945_is_associated(priv) || !priv->ibss_beacon ||
1455 ((priv->iw_mode != IEEE80211_IF_TYPE_IBSS) &&
1456 (priv->iw_mode != IEEE80211_IF_TYPE_AP)))
1459 if (priv->ibss_beacon->len > left)
1462 memcpy(hdr, priv->ibss_beacon->data, priv->ibss_beacon->len);
1464 return priv->ibss_beacon->len;
1467 static u8 iwl3945_rate_get_lowest_plcp(int rate_mask)
1471 for (i = IWL_RATE_1M_INDEX; i != IWL_RATE_INVALID;
1472 i = iwl3945_rates[i].next_ieee) {
1473 if (rate_mask & (1 << i))
1474 return iwl3945_rates[i].plcp;
1477 return IWL_RATE_INVALID;
1480 static int iwl3945_send_beacon_cmd(struct iwl3945_priv *priv)
1482 struct iwl3945_frame *frame;
1483 unsigned int frame_size;
1487 frame = iwl3945_get_free_frame(priv);
1490 IWL_ERROR("Could not obtain free frame buffer for beacon "
1495 if (!(priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK)) {
1496 rate = iwl3945_rate_get_lowest_plcp(priv->active_rate_basic &
1498 if (rate == IWL_INVALID_RATE)
1499 rate = IWL_RATE_6M_PLCP;
1501 rate = iwl3945_rate_get_lowest_plcp(priv->active_rate_basic & 0xF);
1502 if (rate == IWL_INVALID_RATE)
1503 rate = IWL_RATE_1M_PLCP;
1506 frame_size = iwl3945_hw_get_beacon_cmd(priv, frame, rate);
1508 rc = iwl3945_send_cmd_pdu(priv, REPLY_TX_BEACON, frame_size,
1511 iwl3945_free_frame(priv, frame);
1516 /******************************************************************************
1518 * EEPROM related functions
1520 ******************************************************************************/
1522 static void get_eeprom_mac(struct iwl3945_priv *priv, u8 *mac)
1524 memcpy(mac, priv->eeprom.mac_address, 6);
1528 * Clear the OWNER_MSK, to establish driver (instead of uCode running on
1529 * embedded controller) as EEPROM reader; each read is a series of pulses
1530 * to/from the EEPROM chip, not a single event, so even reads could conflict
1531 * if they weren't arbitrated by some ownership mechanism. Here, the driver
1532 * simply claims ownership, which should be safe when this function is called
1533 * (i.e. before loading uCode!).
1535 static inline int iwl3945_eeprom_acquire_semaphore(struct iwl3945_priv *priv)
1537 _iwl3945_clear_bit(priv, CSR_EEPROM_GP, CSR_EEPROM_GP_IF_OWNER_MSK);
1542 * iwl3945_eeprom_init - read EEPROM contents
1544 * Load the EEPROM contents from adapter into priv->eeprom
1546 * NOTE: This routine uses the non-debug IO access functions.
1548 int iwl3945_eeprom_init(struct iwl3945_priv *priv)
1550 u16 *e = (u16 *)&priv->eeprom;
1551 u32 gp = iwl3945_read32(priv, CSR_EEPROM_GP);
1553 int sz = sizeof(priv->eeprom);
1558 /* The EEPROM structure has several padding buffers within it
1559 * and when adding new EEPROM maps is subject to programmer errors
1560 * which may be very difficult to identify without explicitly
1561 * checking the resulting size of the eeprom map. */
1562 BUILD_BUG_ON(sizeof(priv->eeprom) != IWL_EEPROM_IMAGE_SIZE);
1564 if ((gp & CSR_EEPROM_GP_VALID_MSK) == CSR_EEPROM_GP_BAD_SIGNATURE) {
1565 IWL_ERROR("EEPROM not found, EEPROM_GP=0x%08x", gp);
1569 /* Make sure driver (instead of uCode) is allowed to read EEPROM */
1570 rc = iwl3945_eeprom_acquire_semaphore(priv);
1572 IWL_ERROR("Failed to acquire EEPROM semaphore.\n");
1576 /* eeprom is an array of 16bit values */
1577 for (addr = 0; addr < sz; addr += sizeof(u16)) {
1578 _iwl3945_write32(priv, CSR_EEPROM_REG, addr << 1);
1579 _iwl3945_clear_bit(priv, CSR_EEPROM_REG, CSR_EEPROM_REG_BIT_CMD);
1581 for (i = 0; i < IWL_EEPROM_ACCESS_TIMEOUT;
1582 i += IWL_EEPROM_ACCESS_DELAY) {
1583 r = _iwl3945_read_direct32(priv, CSR_EEPROM_REG);
1584 if (r & CSR_EEPROM_REG_READ_VALID_MSK)
1586 udelay(IWL_EEPROM_ACCESS_DELAY);
1589 if (!(r & CSR_EEPROM_REG_READ_VALID_MSK)) {
1590 IWL_ERROR("Time out reading EEPROM[%d]", addr);
1593 e[addr / 2] = le16_to_cpu((__force __le16)(r >> 16));
1599 static void iwl3945_unset_hw_setting(struct iwl3945_priv *priv)
1601 if (priv->hw_setting.shared_virt)
1602 pci_free_consistent(priv->pci_dev,
1603 sizeof(struct iwl3945_shared),
1604 priv->hw_setting.shared_virt,
1605 priv->hw_setting.shared_phys);
1609 * iwl3945_supported_rate_to_ie - fill in the supported rate in IE field
1611 * return : set the bit for each supported rate insert in ie
1613 static u16 iwl3945_supported_rate_to_ie(u8 *ie, u16 supported_rate,
1614 u16 basic_rate, int *left)
1616 u16 ret_rates = 0, bit;
1621 for (bit = 1, i = 0; i < IWL_RATE_COUNT; i++, bit <<= 1) {
1622 if (bit & supported_rate) {
1624 rates[*cnt] = iwl3945_rates[i].ieee |
1625 ((bit & basic_rate) ? 0x80 : 0x00);
1629 (*cnt >= IWL_SUPPORTED_RATES_IE_LEN))
1638 * iwl3945_fill_probe_req - fill in all required fields and IE for probe request
1640 static u16 iwl3945_fill_probe_req(struct iwl3945_priv *priv,
1641 struct ieee80211_mgmt *frame,
1642 int left, int is_direct)
1646 u16 active_rates, ret_rates, cck_rates;
1648 /* Make sure there is enough space for the probe request,
1649 * two mandatory IEs and the data */
1655 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
1656 memcpy(frame->da, iwl3945_broadcast_addr, ETH_ALEN);
1657 memcpy(frame->sa, priv->mac_addr, ETH_ALEN);
1658 memcpy(frame->bssid, iwl3945_broadcast_addr, ETH_ALEN);
1659 frame->seq_ctrl = 0;
1661 /* fill in our indirect SSID IE */
1668 pos = &(frame->u.probe_req.variable[0]);
1669 *pos++ = WLAN_EID_SSID;
1672 /* fill in our direct SSID IE... */
1675 left -= 2 + priv->essid_len;
1678 /* ... fill it in... */
1679 *pos++ = WLAN_EID_SSID;
1680 *pos++ = priv->essid_len;
1681 memcpy(pos, priv->essid, priv->essid_len);
1682 pos += priv->essid_len;
1683 len += 2 + priv->essid_len;
1686 /* fill in supported rate */
1692 /* ... fill it in... */
1693 *pos++ = WLAN_EID_SUPP_RATES;
1696 priv->active_rate = priv->rates_mask;
1697 active_rates = priv->active_rate;
1698 priv->active_rate_basic = priv->rates_mask & IWL_BASIC_RATES_MASK;
1700 cck_rates = IWL_CCK_RATES_MASK & active_rates;
1701 ret_rates = iwl3945_supported_rate_to_ie(pos, cck_rates,
1702 priv->active_rate_basic, &left);
1703 active_rates &= ~ret_rates;
1705 ret_rates = iwl3945_supported_rate_to_ie(pos, active_rates,
1706 priv->active_rate_basic, &left);
1707 active_rates &= ~ret_rates;
1711 if (active_rates == 0)
1714 /* fill in supported extended rate */
1719 /* ... fill it in... */
1720 *pos++ = WLAN_EID_EXT_SUPP_RATES;
1722 iwl3945_supported_rate_to_ie(pos, active_rates,
1723 priv->active_rate_basic, &left);
1734 static int iwl3945_send_qos_params_command(struct iwl3945_priv *priv,
1735 struct iwl3945_qosparam_cmd *qos)
1738 return iwl3945_send_cmd_pdu(priv, REPLY_QOS_PARAM,
1739 sizeof(struct iwl3945_qosparam_cmd), qos);
1742 static void iwl3945_reset_qos(struct iwl3945_priv *priv)
1748 unsigned long flags;
1751 spin_lock_irqsave(&priv->lock, flags);
1752 priv->qos_data.qos_active = 0;
1754 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS) {
1755 if (priv->qos_data.qos_enable)
1756 priv->qos_data.qos_active = 1;
1757 if (!(priv->active_rate & 0xfff0)) {
1761 } else if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
1762 if (priv->qos_data.qos_enable)
1763 priv->qos_data.qos_active = 1;
1764 } else if (!(priv->staging_rxon.flags & RXON_FLG_SHORT_SLOT_MSK)) {
1769 if (priv->qos_data.qos_active)
1772 priv->qos_data.def_qos_parm.ac[0].cw_min = cpu_to_le16(cw_min);
1773 priv->qos_data.def_qos_parm.ac[0].cw_max = cpu_to_le16(cw_max);
1774 priv->qos_data.def_qos_parm.ac[0].aifsn = aifs;
1775 priv->qos_data.def_qos_parm.ac[0].edca_txop = 0;
1776 priv->qos_data.def_qos_parm.ac[0].reserved1 = 0;
1778 if (priv->qos_data.qos_active) {
1780 priv->qos_data.def_qos_parm.ac[i].cw_min = cpu_to_le16(cw_min);
1781 priv->qos_data.def_qos_parm.ac[i].cw_max = cpu_to_le16(cw_max);
1782 priv->qos_data.def_qos_parm.ac[i].aifsn = 7;
1783 priv->qos_data.def_qos_parm.ac[i].edca_txop = 0;
1784 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1787 priv->qos_data.def_qos_parm.ac[i].cw_min =
1788 cpu_to_le16((cw_min + 1) / 2 - 1);
1789 priv->qos_data.def_qos_parm.ac[i].cw_max =
1790 cpu_to_le16(cw_max);
1791 priv->qos_data.def_qos_parm.ac[i].aifsn = 2;
1793 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1796 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1798 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1801 priv->qos_data.def_qos_parm.ac[i].cw_min =
1802 cpu_to_le16((cw_min + 1) / 4 - 1);
1803 priv->qos_data.def_qos_parm.ac[i].cw_max =
1804 cpu_to_le16((cw_max + 1) / 2 - 1);
1805 priv->qos_data.def_qos_parm.ac[i].aifsn = 2;
1806 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1808 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1811 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1814 for (i = 1; i < 4; i++) {
1815 priv->qos_data.def_qos_parm.ac[i].cw_min =
1816 cpu_to_le16(cw_min);
1817 priv->qos_data.def_qos_parm.ac[i].cw_max =
1818 cpu_to_le16(cw_max);
1819 priv->qos_data.def_qos_parm.ac[i].aifsn = aifs;
1820 priv->qos_data.def_qos_parm.ac[i].edca_txop = 0;
1821 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1824 IWL_DEBUG_QOS("set QoS to default \n");
1826 spin_unlock_irqrestore(&priv->lock, flags);
1829 static void iwl3945_activate_qos(struct iwl3945_priv *priv, u8 force)
1831 unsigned long flags;
1833 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
1836 if (!priv->qos_data.qos_enable)
1839 spin_lock_irqsave(&priv->lock, flags);
1840 priv->qos_data.def_qos_parm.qos_flags = 0;
1842 if (priv->qos_data.qos_cap.q_AP.queue_request &&
1843 !priv->qos_data.qos_cap.q_AP.txop_request)
1844 priv->qos_data.def_qos_parm.qos_flags |=
1845 QOS_PARAM_FLG_TXOP_TYPE_MSK;
1847 if (priv->qos_data.qos_active)
1848 priv->qos_data.def_qos_parm.qos_flags |=
1849 QOS_PARAM_FLG_UPDATE_EDCA_MSK;
1851 spin_unlock_irqrestore(&priv->lock, flags);
1853 if (force || iwl3945_is_associated(priv)) {
1854 IWL_DEBUG_QOS("send QoS cmd with Qos active %d \n",
1855 priv->qos_data.qos_active);
1857 iwl3945_send_qos_params_command(priv,
1858 &(priv->qos_data.def_qos_parm));
1863 * Power management (not Tx power!) functions
1865 #define MSEC_TO_USEC 1024
1867 #define NOSLP __constant_cpu_to_le32(0)
1868 #define SLP IWL_POWER_DRIVER_ALLOW_SLEEP_MSK
1869 #define SLP_TIMEOUT(T) __constant_cpu_to_le32((T) * MSEC_TO_USEC)
1870 #define SLP_VEC(X0, X1, X2, X3, X4) {__constant_cpu_to_le32(X0), \
1871 __constant_cpu_to_le32(X1), \
1872 __constant_cpu_to_le32(X2), \
1873 __constant_cpu_to_le32(X3), \
1874 __constant_cpu_to_le32(X4)}
1877 /* default power management (not Tx power) table values */
1879 static struct iwl3945_power_vec_entry range_0[IWL_POWER_AC] = {
1880 {{NOSLP, SLP_TIMEOUT(0), SLP_TIMEOUT(0), SLP_VEC(0, 0, 0, 0, 0)}, 0},
1881 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(500), SLP_VEC(1, 2, 3, 4, 4)}, 0},
1882 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(300), SLP_VEC(2, 4, 6, 7, 7)}, 0},
1883 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(100), SLP_VEC(2, 6, 9, 9, 10)}, 0},
1884 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(25), SLP_VEC(2, 7, 9, 9, 10)}, 1},
1885 {{SLP, SLP_TIMEOUT(25), SLP_TIMEOUT(25), SLP_VEC(4, 7, 10, 10, 10)}, 1}
1889 static struct iwl3945_power_vec_entry range_1[IWL_POWER_AC] = {
1890 {{NOSLP, SLP_TIMEOUT(0), SLP_TIMEOUT(0), SLP_VEC(0, 0, 0, 0, 0)}, 0},
1891 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(500),
1892 SLP_VEC(1, 2, 3, 4, 0xFF)}, 0},
1893 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(300),
1894 SLP_VEC(2, 4, 6, 7, 0xFF)}, 0},
1895 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(100),
1896 SLP_VEC(2, 6, 9, 9, 0xFF)}, 0},
1897 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(25), SLP_VEC(2, 7, 9, 9, 0xFF)}, 0},
1898 {{SLP, SLP_TIMEOUT(25), SLP_TIMEOUT(25),
1899 SLP_VEC(4, 7, 10, 10, 0xFF)}, 0}
1902 int iwl3945_power_init_handle(struct iwl3945_priv *priv)
1905 struct iwl3945_power_mgr *pow_data;
1906 int size = sizeof(struct iwl3945_power_vec_entry) * IWL_POWER_AC;
1909 IWL_DEBUG_POWER("Initialize power \n");
1911 pow_data = &(priv->power_data);
1913 memset(pow_data, 0, sizeof(*pow_data));
1915 pow_data->active_index = IWL_POWER_RANGE_0;
1916 pow_data->dtim_val = 0xffff;
1918 memcpy(&pow_data->pwr_range_0[0], &range_0[0], size);
1919 memcpy(&pow_data->pwr_range_1[0], &range_1[0], size);
1921 rc = pci_read_config_word(priv->pci_dev, PCI_LINK_CTRL, &pci_pm);
1925 struct iwl3945_powertable_cmd *cmd;
1927 IWL_DEBUG_POWER("adjust power command flags\n");
1929 for (i = 0; i < IWL_POWER_AC; i++) {
1930 cmd = &pow_data->pwr_range_0[i].cmd;
1933 cmd->flags &= ~IWL_POWER_PCI_PM_MSK;
1935 cmd->flags |= IWL_POWER_PCI_PM_MSK;
1941 static int iwl3945_update_power_cmd(struct iwl3945_priv *priv,
1942 struct iwl3945_powertable_cmd *cmd, u32 mode)
1947 struct iwl3945_power_vec_entry *range;
1949 struct iwl3945_power_mgr *pow_data;
1951 if (mode > IWL_POWER_INDEX_5) {
1952 IWL_DEBUG_POWER("Error invalid power mode \n");
1955 pow_data = &(priv->power_data);
1957 if (pow_data->active_index == IWL_POWER_RANGE_0)
1958 range = &pow_data->pwr_range_0[0];
1960 range = &pow_data->pwr_range_1[1];
1962 memcpy(cmd, &range[mode].cmd, sizeof(struct iwl3945_powertable_cmd));
1964 #ifdef IWL_MAC80211_DISABLE
1965 if (priv->assoc_network != NULL) {
1966 unsigned long flags;
1968 period = priv->assoc_network->tim.tim_period;
1970 #endif /*IWL_MAC80211_DISABLE */
1971 skip = range[mode].no_dtim;
1980 cmd->flags &= ~IWL_POWER_SLEEP_OVER_DTIM_MSK;
1982 __le32 slp_itrvl = cmd->sleep_interval[IWL_POWER_VEC_SIZE - 1];
1983 max_sleep = (le32_to_cpu(slp_itrvl) / period) * period;
1984 cmd->flags |= IWL_POWER_SLEEP_OVER_DTIM_MSK;
1987 for (i = 0; i < IWL_POWER_VEC_SIZE; i++) {
1988 if (le32_to_cpu(cmd->sleep_interval[i]) > max_sleep)
1989 cmd->sleep_interval[i] = cpu_to_le32(max_sleep);
1992 IWL_DEBUG_POWER("Flags value = 0x%08X\n", cmd->flags);
1993 IWL_DEBUG_POWER("Tx timeout = %u\n", le32_to_cpu(cmd->tx_data_timeout));
1994 IWL_DEBUG_POWER("Rx timeout = %u\n", le32_to_cpu(cmd->rx_data_timeout));
1995 IWL_DEBUG_POWER("Sleep interval vector = { %d , %d , %d , %d , %d }\n",
1996 le32_to_cpu(cmd->sleep_interval[0]),
1997 le32_to_cpu(cmd->sleep_interval[1]),
1998 le32_to_cpu(cmd->sleep_interval[2]),
1999 le32_to_cpu(cmd->sleep_interval[3]),
2000 le32_to_cpu(cmd->sleep_interval[4]));
2005 static int iwl3945_send_power_mode(struct iwl3945_priv *priv, u32 mode)
2007 u32 uninitialized_var(final_mode);
2009 struct iwl3945_powertable_cmd cmd;
2011 /* If on battery, set to 3,
2012 * if plugged into AC power, set to CAM ("continuously aware mode"),
2013 * else user level */
2015 case IWL_POWER_BATTERY:
2016 final_mode = IWL_POWER_INDEX_3;
2019 final_mode = IWL_POWER_MODE_CAM;
2026 iwl3945_update_power_cmd(priv, &cmd, final_mode);
2028 rc = iwl3945_send_cmd_pdu(priv, POWER_TABLE_CMD, sizeof(cmd), &cmd);
2030 if (final_mode == IWL_POWER_MODE_CAM)
2031 clear_bit(STATUS_POWER_PMI, &priv->status);
2033 set_bit(STATUS_POWER_PMI, &priv->status);
2038 int iwl3945_is_network_packet(struct iwl3945_priv *priv, struct ieee80211_hdr *header)
2040 /* Filter incoming packets to determine if they are targeted toward
2041 * this network, discarding packets coming from ourselves */
2042 switch (priv->iw_mode) {
2043 case IEEE80211_IF_TYPE_IBSS: /* Header: Dest. | Source | BSSID */
2044 /* packets from our adapter are dropped (echo) */
2045 if (!compare_ether_addr(header->addr2, priv->mac_addr))
2047 /* {broad,multi}cast packets to our IBSS go through */
2048 if (is_multicast_ether_addr(header->addr1))
2049 return !compare_ether_addr(header->addr3, priv->bssid);
2050 /* packets to our adapter go through */
2051 return !compare_ether_addr(header->addr1, priv->mac_addr);
2052 case IEEE80211_IF_TYPE_STA: /* Header: Dest. | AP{BSSID} | Source */
2053 /* packets from our adapter are dropped (echo) */
2054 if (!compare_ether_addr(header->addr3, priv->mac_addr))
2056 /* {broad,multi}cast packets to our BSS go through */
2057 if (is_multicast_ether_addr(header->addr1))
2058 return !compare_ether_addr(header->addr2, priv->bssid);
2059 /* packets to our adapter go through */
2060 return !compare_ether_addr(header->addr1, priv->mac_addr);
2067 * iwl3945_scan_cancel - Cancel any currently executing HW scan
2069 * NOTE: priv->mutex is not required before calling this function
2071 static int iwl3945_scan_cancel(struct iwl3945_priv *priv)
2073 if (!test_bit(STATUS_SCAN_HW, &priv->status)) {
2074 clear_bit(STATUS_SCANNING, &priv->status);
2078 if (test_bit(STATUS_SCANNING, &priv->status)) {
2079 if (!test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
2080 IWL_DEBUG_SCAN("Queuing scan abort.\n");
2081 set_bit(STATUS_SCAN_ABORTING, &priv->status);
2082 queue_work(priv->workqueue, &priv->abort_scan);
2085 IWL_DEBUG_SCAN("Scan abort already in progress.\n");
2087 return test_bit(STATUS_SCANNING, &priv->status);
2094 * iwl3945_scan_cancel_timeout - Cancel any currently executing HW scan
2095 * @ms: amount of time to wait (in milliseconds) for scan to abort
2097 * NOTE: priv->mutex must be held before calling this function
2099 static int iwl3945_scan_cancel_timeout(struct iwl3945_priv *priv, unsigned long ms)
2101 unsigned long now = jiffies;
2104 ret = iwl3945_scan_cancel(priv);
2106 mutex_unlock(&priv->mutex);
2107 while (!time_after(jiffies, now + msecs_to_jiffies(ms)) &&
2108 test_bit(STATUS_SCANNING, &priv->status))
2110 mutex_lock(&priv->mutex);
2112 return test_bit(STATUS_SCANNING, &priv->status);
2118 static void iwl3945_sequence_reset(struct iwl3945_priv *priv)
2120 /* Reset ieee stats */
2122 /* We don't reset the net_device_stats (ieee->stats) on
2125 priv->last_seq_num = -1;
2126 priv->last_frag_num = -1;
2127 priv->last_packet_time = 0;
2129 iwl3945_scan_cancel(priv);
2132 #define MAX_UCODE_BEACON_INTERVAL 1024
2133 #define INTEL_CONN_LISTEN_INTERVAL __constant_cpu_to_le16(0xA)
2135 static __le16 iwl3945_adjust_beacon_interval(u16 beacon_val)
2138 u16 beacon_factor = 0;
2141 (beacon_val + MAX_UCODE_BEACON_INTERVAL)
2142 / MAX_UCODE_BEACON_INTERVAL;
2143 new_val = beacon_val / beacon_factor;
2145 return cpu_to_le16(new_val);
2148 static void iwl3945_setup_rxon_timing(struct iwl3945_priv *priv)
2150 u64 interval_tm_unit;
2152 unsigned long flags;
2153 struct ieee80211_conf *conf = NULL;
2156 conf = ieee80211_get_hw_conf(priv->hw);
2158 spin_lock_irqsave(&priv->lock, flags);
2159 priv->rxon_timing.timestamp.dw[1] = cpu_to_le32(priv->timestamp1);
2160 priv->rxon_timing.timestamp.dw[0] = cpu_to_le32(priv->timestamp0);
2162 priv->rxon_timing.listen_interval = INTEL_CONN_LISTEN_INTERVAL;
2164 tsf = priv->timestamp1;
2165 tsf = ((tsf << 32) | priv->timestamp0);
2167 beacon_int = priv->beacon_int;
2168 spin_unlock_irqrestore(&priv->lock, flags);
2170 if (priv->iw_mode == IEEE80211_IF_TYPE_STA) {
2171 if (beacon_int == 0) {
2172 priv->rxon_timing.beacon_interval = cpu_to_le16(100);
2173 priv->rxon_timing.beacon_init_val = cpu_to_le32(102400);
2175 priv->rxon_timing.beacon_interval =
2176 cpu_to_le16(beacon_int);
2177 priv->rxon_timing.beacon_interval =
2178 iwl3945_adjust_beacon_interval(
2179 le16_to_cpu(priv->rxon_timing.beacon_interval));
2182 priv->rxon_timing.atim_window = 0;
2184 priv->rxon_timing.beacon_interval =
2185 iwl3945_adjust_beacon_interval(conf->beacon_int);
2186 /* TODO: we need to get atim_window from upper stack
2187 * for now we set to 0 */
2188 priv->rxon_timing.atim_window = 0;
2192 (le16_to_cpu(priv->rxon_timing.beacon_interval) * 1024);
2193 result = do_div(tsf, interval_tm_unit);
2194 priv->rxon_timing.beacon_init_val =
2195 cpu_to_le32((u32) ((u64) interval_tm_unit - result));
2198 ("beacon interval %d beacon timer %d beacon tim %d\n",
2199 le16_to_cpu(priv->rxon_timing.beacon_interval),
2200 le32_to_cpu(priv->rxon_timing.beacon_init_val),
2201 le16_to_cpu(priv->rxon_timing.atim_window));
2204 static int iwl3945_scan_initiate(struct iwl3945_priv *priv)
2206 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
2207 IWL_ERROR("APs don't scan.\n");
2211 if (!iwl3945_is_ready_rf(priv)) {
2212 IWL_DEBUG_SCAN("Aborting scan due to not ready.\n");
2216 if (test_bit(STATUS_SCANNING, &priv->status)) {
2217 IWL_DEBUG_SCAN("Scan already in progress.\n");
2221 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
2222 IWL_DEBUG_SCAN("Scan request while abort pending. "
2227 IWL_DEBUG_INFO("Starting scan...\n");
2228 priv->scan_bands = 2;
2229 set_bit(STATUS_SCANNING, &priv->status);
2230 priv->scan_start = jiffies;
2231 priv->scan_pass_start = priv->scan_start;
2233 queue_work(priv->workqueue, &priv->request_scan);
2238 static int iwl3945_set_rxon_hwcrypto(struct iwl3945_priv *priv, int hw_decrypt)
2240 struct iwl3945_rxon_cmd *rxon = &priv->staging_rxon;
2243 rxon->filter_flags &= ~RXON_FILTER_DIS_DECRYPT_MSK;
2245 rxon->filter_flags |= RXON_FILTER_DIS_DECRYPT_MSK;
2250 static void iwl3945_set_flags_for_phymode(struct iwl3945_priv *priv,
2251 enum ieee80211_band band)
2253 if (band == IEEE80211_BAND_5GHZ) {
2254 priv->staging_rxon.flags &=
2255 ~(RXON_FLG_BAND_24G_MSK | RXON_FLG_AUTO_DETECT_MSK
2256 | RXON_FLG_CCK_MSK);
2257 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
2259 /* Copied from iwl3945_bg_post_associate() */
2260 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2261 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
2263 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
2265 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
2266 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
2268 priv->staging_rxon.flags |= RXON_FLG_BAND_24G_MSK;
2269 priv->staging_rxon.flags |= RXON_FLG_AUTO_DETECT_MSK;
2270 priv->staging_rxon.flags &= ~RXON_FLG_CCK_MSK;
2275 * initialize rxon structure with default values from eeprom
2277 static void iwl3945_connection_init_rx_config(struct iwl3945_priv *priv)
2279 const struct iwl3945_channel_info *ch_info;
2281 memset(&priv->staging_rxon, 0, sizeof(priv->staging_rxon));
2283 switch (priv->iw_mode) {
2284 case IEEE80211_IF_TYPE_AP:
2285 priv->staging_rxon.dev_type = RXON_DEV_TYPE_AP;
2288 case IEEE80211_IF_TYPE_STA:
2289 priv->staging_rxon.dev_type = RXON_DEV_TYPE_ESS;
2290 priv->staging_rxon.filter_flags = RXON_FILTER_ACCEPT_GRP_MSK;
2293 case IEEE80211_IF_TYPE_IBSS:
2294 priv->staging_rxon.dev_type = RXON_DEV_TYPE_IBSS;
2295 priv->staging_rxon.flags = RXON_FLG_SHORT_PREAMBLE_MSK;
2296 priv->staging_rxon.filter_flags = RXON_FILTER_BCON_AWARE_MSK |
2297 RXON_FILTER_ACCEPT_GRP_MSK;
2300 case IEEE80211_IF_TYPE_MNTR:
2301 priv->staging_rxon.dev_type = RXON_DEV_TYPE_SNIFFER;
2302 priv->staging_rxon.filter_flags = RXON_FILTER_PROMISC_MSK |
2303 RXON_FILTER_CTL2HOST_MSK | RXON_FILTER_ACCEPT_GRP_MSK;
2308 /* TODO: Figure out when short_preamble would be set and cache from
2310 if (!hw_to_local(priv->hw)->short_preamble)
2311 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
2313 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
2316 ch_info = iwl3945_get_channel_info(priv, priv->band,
2317 le16_to_cpu(priv->staging_rxon.channel));
2320 ch_info = &priv->channel_info[0];
2323 * in some case A channels are all non IBSS
2324 * in this case force B/G channel
2326 if ((priv->iw_mode == IEEE80211_IF_TYPE_IBSS) &&
2327 !(is_channel_ibss(ch_info)))
2328 ch_info = &priv->channel_info[0];
2330 priv->staging_rxon.channel = cpu_to_le16(ch_info->channel);
2331 if (is_channel_a_band(ch_info))
2332 priv->band = IEEE80211_BAND_5GHZ;
2334 priv->band = IEEE80211_BAND_2GHZ;
2336 iwl3945_set_flags_for_phymode(priv, priv->band);
2338 priv->staging_rxon.ofdm_basic_rates =
2339 (IWL_OFDM_RATES_MASK >> IWL_FIRST_OFDM_RATE) & 0xFF;
2340 priv->staging_rxon.cck_basic_rates =
2341 (IWL_CCK_RATES_MASK >> IWL_FIRST_CCK_RATE) & 0xF;
2344 static int iwl3945_set_mode(struct iwl3945_priv *priv, int mode)
2346 if (mode == IEEE80211_IF_TYPE_IBSS) {
2347 const struct iwl3945_channel_info *ch_info;
2349 ch_info = iwl3945_get_channel_info(priv,
2351 le16_to_cpu(priv->staging_rxon.channel));
2353 if (!ch_info || !is_channel_ibss(ch_info)) {
2354 IWL_ERROR("channel %d not IBSS channel\n",
2355 le16_to_cpu(priv->staging_rxon.channel));
2360 priv->iw_mode = mode;
2362 iwl3945_connection_init_rx_config(priv);
2363 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
2365 iwl3945_clear_stations_table(priv);
2367 /* dont commit rxon if rf-kill is on*/
2368 if (!iwl3945_is_ready_rf(priv))
2371 cancel_delayed_work(&priv->scan_check);
2372 if (iwl3945_scan_cancel_timeout(priv, 100)) {
2373 IWL_WARNING("Aborted scan still in progress after 100ms\n");
2374 IWL_DEBUG_MAC80211("leaving - scan abort failed.\n");
2378 iwl3945_commit_rxon(priv);
2383 static void iwl3945_build_tx_cmd_hwcrypto(struct iwl3945_priv *priv,
2384 struct ieee80211_tx_control *ctl,
2385 struct iwl3945_cmd *cmd,
2386 struct sk_buff *skb_frag,
2389 struct iwl3945_hw_key *keyinfo = &priv->stations[ctl->key_idx].keyinfo;
2391 switch (keyinfo->alg) {
2393 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_CCM;
2394 memcpy(cmd->cmd.tx.key, keyinfo->key, keyinfo->keylen);
2395 IWL_DEBUG_TX("tx_cmd with aes hwcrypto\n");
2400 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_TKIP;
2403 memcpy(cmd->cmd.tx.tkip_mic.byte, skb_frag->tail - 8,
2406 memset(cmd->cmd.tx.tkip_mic.byte, 0, 8);
2411 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_WEP |
2412 (ctl->key_idx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT;
2414 if (keyinfo->keylen == 13)
2415 cmd->cmd.tx.sec_ctl |= TX_CMD_SEC_KEY128;
2417 memcpy(&cmd->cmd.tx.key[3], keyinfo->key, keyinfo->keylen);
2419 IWL_DEBUG_TX("Configuring packet for WEP encryption "
2420 "with key %d\n", ctl->key_idx);
2424 printk(KERN_ERR "Unknown encode alg %d\n", keyinfo->alg);
2430 * handle build REPLY_TX command notification.
2432 static void iwl3945_build_tx_cmd_basic(struct iwl3945_priv *priv,
2433 struct iwl3945_cmd *cmd,
2434 struct ieee80211_tx_control *ctrl,
2435 struct ieee80211_hdr *hdr,
2436 int is_unicast, u8 std_id)
2439 u16 fc = le16_to_cpu(hdr->frame_control);
2440 __le32 tx_flags = cmd->cmd.tx.tx_flags;
2442 cmd->cmd.tx.stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
2443 if (!(ctrl->flags & IEEE80211_TXCTL_NO_ACK)) {
2444 tx_flags |= TX_CMD_FLG_ACK_MSK;
2445 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)
2446 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2447 if (ieee80211_is_probe_response(fc) &&
2448 !(le16_to_cpu(hdr->seq_ctrl) & 0xf))
2449 tx_flags |= TX_CMD_FLG_TSF_MSK;
2451 tx_flags &= (~TX_CMD_FLG_ACK_MSK);
2452 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2455 cmd->cmd.tx.sta_id = std_id;
2456 if (ieee80211_get_morefrag(hdr))
2457 tx_flags |= TX_CMD_FLG_MORE_FRAG_MSK;
2459 qc = ieee80211_get_qos_ctrl(hdr);
2461 cmd->cmd.tx.tid_tspec = (u8) (le16_to_cpu(*qc) & 0xf);
2462 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK;
2464 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2466 if (ctrl->flags & IEEE80211_TXCTL_USE_RTS_CTS) {
2467 tx_flags |= TX_CMD_FLG_RTS_MSK;
2468 tx_flags &= ~TX_CMD_FLG_CTS_MSK;
2469 } else if (ctrl->flags & IEEE80211_TXCTL_USE_CTS_PROTECT) {
2470 tx_flags &= ~TX_CMD_FLG_RTS_MSK;
2471 tx_flags |= TX_CMD_FLG_CTS_MSK;
2474 if ((tx_flags & TX_CMD_FLG_RTS_MSK) || (tx_flags & TX_CMD_FLG_CTS_MSK))
2475 tx_flags |= TX_CMD_FLG_FULL_TXOP_PROT_MSK;
2477 tx_flags &= ~(TX_CMD_FLG_ANT_SEL_MSK);
2478 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
2479 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_ASSOC_REQ ||
2480 (fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_REASSOC_REQ)
2481 cmd->cmd.tx.timeout.pm_frame_timeout = cpu_to_le16(3);
2483 cmd->cmd.tx.timeout.pm_frame_timeout = cpu_to_le16(2);
2485 cmd->cmd.tx.timeout.pm_frame_timeout = 0;
2486 #ifdef CONFIG_IWL3945_LEDS
2487 priv->rxtxpackets += le16_to_cpu(cmd->cmd.tx.len);
2491 cmd->cmd.tx.driver_txop = 0;
2492 cmd->cmd.tx.tx_flags = tx_flags;
2493 cmd->cmd.tx.next_frame_len = 0;
2497 * iwl3945_get_sta_id - Find station's index within station table
2499 static int iwl3945_get_sta_id(struct iwl3945_priv *priv, struct ieee80211_hdr *hdr)
2502 u16 fc = le16_to_cpu(hdr->frame_control);
2504 /* If this frame is broadcast or management, use broadcast station id */
2505 if (((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) ||
2506 is_multicast_ether_addr(hdr->addr1))
2507 return priv->hw_setting.bcast_sta_id;
2509 switch (priv->iw_mode) {
2511 /* If we are a client station in a BSS network, use the special
2512 * AP station entry (that's the only station we communicate with) */
2513 case IEEE80211_IF_TYPE_STA:
2516 /* If we are an AP, then find the station, or use BCAST */
2517 case IEEE80211_IF_TYPE_AP:
2518 sta_id = iwl3945_hw_find_station(priv, hdr->addr1);
2519 if (sta_id != IWL_INVALID_STATION)
2521 return priv->hw_setting.bcast_sta_id;
2523 /* If this frame is going out to an IBSS network, find the station,
2524 * or create a new station table entry */
2525 case IEEE80211_IF_TYPE_IBSS: {
2526 DECLARE_MAC_BUF(mac);
2528 /* Create new station table entry */
2529 sta_id = iwl3945_hw_find_station(priv, hdr->addr1);
2530 if (sta_id != IWL_INVALID_STATION)
2533 sta_id = iwl3945_add_station(priv, hdr->addr1, 0, CMD_ASYNC);
2535 if (sta_id != IWL_INVALID_STATION)
2538 IWL_DEBUG_DROP("Station %s not in station map. "
2539 "Defaulting to broadcast...\n",
2540 print_mac(mac, hdr->addr1));
2541 iwl3945_print_hex_dump(IWL_DL_DROP, (u8 *) hdr, sizeof(*hdr));
2542 return priv->hw_setting.bcast_sta_id;
2545 IWL_WARNING("Unknown mode of operation: %d", priv->iw_mode);
2546 return priv->hw_setting.bcast_sta_id;
2551 * start REPLY_TX command process
2553 static int iwl3945_tx_skb(struct iwl3945_priv *priv,
2554 struct sk_buff *skb, struct ieee80211_tx_control *ctl)
2556 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
2557 struct iwl3945_tfd_frame *tfd;
2559 int txq_id = ctl->queue;
2560 struct iwl3945_tx_queue *txq = NULL;
2561 struct iwl3945_queue *q = NULL;
2562 dma_addr_t phys_addr;
2563 dma_addr_t txcmd_phys;
2564 struct iwl3945_cmd *out_cmd = NULL;
2565 u16 len, idx, len_org;
2566 u8 id, hdr_len, unicast;
2571 u8 wait_write_ptr = 0;
2572 unsigned long flags;
2575 spin_lock_irqsave(&priv->lock, flags);
2576 if (iwl3945_is_rfkill(priv)) {
2577 IWL_DEBUG_DROP("Dropping - RF KILL\n");
2582 IWL_DEBUG_DROP("Dropping - !priv->vif\n");
2586 if ((ctl->tx_rate->hw_value & 0xFF) == IWL_INVALID_RATE) {
2587 IWL_ERROR("ERROR: No TX rate available.\n");
2591 unicast = !is_multicast_ether_addr(hdr->addr1);
2594 fc = le16_to_cpu(hdr->frame_control);
2596 #ifdef CONFIG_IWL3945_DEBUG
2597 if (ieee80211_is_auth(fc))
2598 IWL_DEBUG_TX("Sending AUTH frame\n");
2599 else if (ieee80211_is_assoc_request(fc))
2600 IWL_DEBUG_TX("Sending ASSOC frame\n");
2601 else if (ieee80211_is_reassoc_request(fc))
2602 IWL_DEBUG_TX("Sending REASSOC frame\n");
2605 /* drop all data frame if we are not associated */
2606 if ((!iwl3945_is_associated(priv) ||
2607 ((priv->iw_mode == IEEE80211_IF_TYPE_STA) && !priv->assoc_id)) &&
2608 ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
2609 IWL_DEBUG_DROP("Dropping - !iwl3945_is_associated\n");
2613 spin_unlock_irqrestore(&priv->lock, flags);
2615 hdr_len = ieee80211_get_hdrlen(fc);
2617 /* Find (or create) index into station table for destination station */
2618 sta_id = iwl3945_get_sta_id(priv, hdr);
2619 if (sta_id == IWL_INVALID_STATION) {
2620 DECLARE_MAC_BUF(mac);
2622 IWL_DEBUG_DROP("Dropping - INVALID STATION: %s\n",
2623 print_mac(mac, hdr->addr1));
2627 IWL_DEBUG_RATE("station Id %d\n", sta_id);
2629 qc = ieee80211_get_qos_ctrl(hdr);
2631 u8 tid = (u8)(le16_to_cpu(*qc) & 0xf);
2632 seq_number = priv->stations[sta_id].tid[tid].seq_number &
2634 hdr->seq_ctrl = cpu_to_le16(seq_number) |
2636 __constant_cpu_to_le16(IEEE80211_SCTL_FRAG));
2640 /* Descriptor for chosen Tx queue */
2641 txq = &priv->txq[txq_id];
2644 spin_lock_irqsave(&priv->lock, flags);
2646 /* Set up first empty TFD within this queue's circular TFD buffer */
2647 tfd = &txq->bd[q->write_ptr];
2648 memset(tfd, 0, sizeof(*tfd));
2649 control_flags = (u32 *) tfd;
2650 idx = get_cmd_index(q, q->write_ptr, 0);
2652 /* Set up driver data for this TFD */
2653 memset(&(txq->txb[q->write_ptr]), 0, sizeof(struct iwl3945_tx_info));
2654 txq->txb[q->write_ptr].skb[0] = skb;
2655 memcpy(&(txq->txb[q->write_ptr].status.control),
2656 ctl, sizeof(struct ieee80211_tx_control));
2658 /* Init first empty entry in queue's array of Tx/cmd buffers */
2659 out_cmd = &txq->cmd[idx];
2660 memset(&out_cmd->hdr, 0, sizeof(out_cmd->hdr));
2661 memset(&out_cmd->cmd.tx, 0, sizeof(out_cmd->cmd.tx));
2664 * Set up the Tx-command (not MAC!) header.
2665 * Store the chosen Tx queue and TFD index within the sequence field;
2666 * after Tx, uCode's Tx response will return this value so driver can
2667 * locate the frame within the tx queue and do post-tx processing.
2669 out_cmd->hdr.cmd = REPLY_TX;
2670 out_cmd->hdr.sequence = cpu_to_le16((u16)(QUEUE_TO_SEQ(txq_id) |
2671 INDEX_TO_SEQ(q->write_ptr)));
2673 /* Copy MAC header from skb into command buffer */
2674 memcpy(out_cmd->cmd.tx.hdr, hdr, hdr_len);
2677 * Use the first empty entry in this queue's command buffer array
2678 * to contain the Tx command and MAC header concatenated together
2679 * (payload data will be in another buffer).
2680 * Size of this varies, due to varying MAC header length.
2681 * If end is not dword aligned, we'll have 2 extra bytes at the end
2682 * of the MAC header (device reads on dword boundaries).
2683 * We'll tell device about this padding later.
2685 len = priv->hw_setting.tx_cmd_len +
2686 sizeof(struct iwl3945_cmd_header) + hdr_len;
2689 len = (len + 3) & ~3;
2696 /* Physical address of this Tx command's header (not MAC header!),
2697 * within command buffer array. */
2698 txcmd_phys = txq->dma_addr_cmd + sizeof(struct iwl3945_cmd) * idx +
2699 offsetof(struct iwl3945_cmd, hdr);
2701 /* Add buffer containing Tx command and MAC(!) header to TFD's
2703 iwl3945_hw_txq_attach_buf_to_tfd(priv, tfd, txcmd_phys, len);
2705 if (!(ctl->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
2706 iwl3945_build_tx_cmd_hwcrypto(priv, ctl, out_cmd, skb, 0);
2708 /* Set up TFD's 2nd entry to point directly to remainder of skb,
2709 * if any (802.11 null frames have no payload). */
2710 len = skb->len - hdr_len;
2712 phys_addr = pci_map_single(priv->pci_dev, skb->data + hdr_len,
2713 len, PCI_DMA_TODEVICE);
2714 iwl3945_hw_txq_attach_buf_to_tfd(priv, tfd, phys_addr, len);
2718 /* If there is no payload, then we use only one Tx buffer */
2719 *control_flags = TFD_CTL_COUNT_SET(1);
2721 /* Else use 2 buffers.
2722 * Tell 3945 about any padding after MAC header */
2723 *control_flags = TFD_CTL_COUNT_SET(2) |
2724 TFD_CTL_PAD_SET(U32_PAD(len));
2726 /* Total # bytes to be transmitted */
2727 len = (u16)skb->len;
2728 out_cmd->cmd.tx.len = cpu_to_le16(len);
2730 /* TODO need this for burst mode later on */
2731 iwl3945_build_tx_cmd_basic(priv, out_cmd, ctl, hdr, unicast, sta_id);
2733 /* set is_hcca to 0; it probably will never be implemented */
2734 iwl3945_hw_build_tx_cmd_rate(priv, out_cmd, ctl, hdr, sta_id, 0);
2736 out_cmd->cmd.tx.tx_flags &= ~TX_CMD_FLG_ANT_A_MSK;
2737 out_cmd->cmd.tx.tx_flags &= ~TX_CMD_FLG_ANT_B_MSK;
2739 if (!ieee80211_get_morefrag(hdr)) {
2740 txq->need_update = 1;
2742 u8 tid = (u8)(le16_to_cpu(*qc) & 0xf);
2743 priv->stations[sta_id].tid[tid].seq_number = seq_number;
2747 txq->need_update = 0;
2750 iwl3945_print_hex_dump(IWL_DL_TX, out_cmd->cmd.payload,
2751 sizeof(out_cmd->cmd.tx));
2753 iwl3945_print_hex_dump(IWL_DL_TX, (u8 *)out_cmd->cmd.tx.hdr,
2754 ieee80211_get_hdrlen(fc));
2756 /* Tell device the write index *just past* this latest filled TFD */
2757 q->write_ptr = iwl_queue_inc_wrap(q->write_ptr, q->n_bd);
2758 rc = iwl3945_tx_queue_update_write_ptr(priv, txq);
2759 spin_unlock_irqrestore(&priv->lock, flags);
2764 if ((iwl3945_queue_space(q) < q->high_mark)
2765 && priv->mac80211_registered) {
2766 if (wait_write_ptr) {
2767 spin_lock_irqsave(&priv->lock, flags);
2768 txq->need_update = 1;
2769 iwl3945_tx_queue_update_write_ptr(priv, txq);
2770 spin_unlock_irqrestore(&priv->lock, flags);
2773 ieee80211_stop_queue(priv->hw, ctl->queue);
2779 spin_unlock_irqrestore(&priv->lock, flags);
2784 static void iwl3945_set_rate(struct iwl3945_priv *priv)
2786 const struct ieee80211_supported_band *sband = NULL;
2787 struct ieee80211_rate *rate;
2790 sband = iwl3945_get_band(priv, priv->band);
2792 IWL_ERROR("Failed to set rate: unable to get hw mode\n");
2796 priv->active_rate = 0;
2797 priv->active_rate_basic = 0;
2799 IWL_DEBUG_RATE("Setting rates for %s GHz\n",
2800 sband->band == IEEE80211_BAND_2GHZ ? "2.4" : "5");
2802 for (i = 0; i < sband->n_bitrates; i++) {
2803 rate = &sband->bitrates[i];
2804 if ((rate->hw_value < IWL_RATE_COUNT) &&
2805 !(rate->flags & IEEE80211_CHAN_DISABLED)) {
2806 IWL_DEBUG_RATE("Adding rate index %d (plcp %d)\n",
2807 rate->hw_value, iwl3945_rates[rate->hw_value].plcp);
2808 priv->active_rate |= (1 << rate->hw_value);
2812 IWL_DEBUG_RATE("Set active_rate = %0x, active_rate_basic = %0x\n",
2813 priv->active_rate, priv->active_rate_basic);
2816 * If a basic rate is configured, then use it (adding IWL_RATE_1M_MASK)
2817 * otherwise set it to the default of all CCK rates and 6, 12, 24 for
2820 if (priv->active_rate_basic & IWL_CCK_BASIC_RATES_MASK)
2821 priv->staging_rxon.cck_basic_rates =
2822 ((priv->active_rate_basic &
2823 IWL_CCK_RATES_MASK) >> IWL_FIRST_CCK_RATE) & 0xF;
2825 priv->staging_rxon.cck_basic_rates =
2826 (IWL_CCK_BASIC_RATES_MASK >> IWL_FIRST_CCK_RATE) & 0xF;
2828 if (priv->active_rate_basic & IWL_OFDM_BASIC_RATES_MASK)
2829 priv->staging_rxon.ofdm_basic_rates =
2830 ((priv->active_rate_basic &
2831 (IWL_OFDM_BASIC_RATES_MASK | IWL_RATE_6M_MASK)) >>
2832 IWL_FIRST_OFDM_RATE) & 0xFF;
2834 priv->staging_rxon.ofdm_basic_rates =
2835 (IWL_OFDM_BASIC_RATES_MASK >> IWL_FIRST_OFDM_RATE) & 0xFF;
2838 static void iwl3945_radio_kill_sw(struct iwl3945_priv *priv, int disable_radio)
2840 unsigned long flags;
2842 if (!!disable_radio == test_bit(STATUS_RF_KILL_SW, &priv->status))
2845 IWL_DEBUG_RF_KILL("Manual SW RF KILL set to: RADIO %s\n",
2846 disable_radio ? "OFF" : "ON");
2848 if (disable_radio) {
2849 iwl3945_scan_cancel(priv);
2850 /* FIXME: This is a workaround for AP */
2851 if (priv->iw_mode != IEEE80211_IF_TYPE_AP) {
2852 spin_lock_irqsave(&priv->lock, flags);
2853 iwl3945_write32(priv, CSR_UCODE_DRV_GP1_SET,
2854 CSR_UCODE_SW_BIT_RFKILL);
2855 spin_unlock_irqrestore(&priv->lock, flags);
2856 iwl3945_send_card_state(priv, CARD_STATE_CMD_DISABLE, 0);
2857 set_bit(STATUS_RF_KILL_SW, &priv->status);
2862 spin_lock_irqsave(&priv->lock, flags);
2863 iwl3945_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
2865 clear_bit(STATUS_RF_KILL_SW, &priv->status);
2866 spin_unlock_irqrestore(&priv->lock, flags);
2871 spin_lock_irqsave(&priv->lock, flags);
2872 iwl3945_read32(priv, CSR_UCODE_DRV_GP1);
2873 if (!iwl3945_grab_nic_access(priv))
2874 iwl3945_release_nic_access(priv);
2875 spin_unlock_irqrestore(&priv->lock, flags);
2877 if (test_bit(STATUS_RF_KILL_HW, &priv->status)) {
2878 IWL_DEBUG_RF_KILL("Can not turn radio back on - "
2879 "disabled by HW switch\n");
2883 queue_work(priv->workqueue, &priv->restart);
2887 void iwl3945_set_decrypted_flag(struct iwl3945_priv *priv, struct sk_buff *skb,
2888 u32 decrypt_res, struct ieee80211_rx_status *stats)
2891 le16_to_cpu(((struct ieee80211_hdr *)skb->data)->frame_control);
2893 if (priv->active_rxon.filter_flags & RXON_FILTER_DIS_DECRYPT_MSK)
2896 if (!(fc & IEEE80211_FCTL_PROTECTED))
2899 IWL_DEBUG_RX("decrypt_res:0x%x\n", decrypt_res);
2900 switch (decrypt_res & RX_RES_STATUS_SEC_TYPE_MSK) {
2901 case RX_RES_STATUS_SEC_TYPE_TKIP:
2902 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
2903 RX_RES_STATUS_BAD_ICV_MIC)
2904 stats->flag |= RX_FLAG_MMIC_ERROR;
2905 case RX_RES_STATUS_SEC_TYPE_WEP:
2906 case RX_RES_STATUS_SEC_TYPE_CCMP:
2907 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
2908 RX_RES_STATUS_DECRYPT_OK) {
2909 IWL_DEBUG_RX("hw decrypt successfully!!!\n");
2910 stats->flag |= RX_FLAG_DECRYPTED;
2919 #define IWL_PACKET_RETRY_TIME HZ
2921 int iwl3945_is_duplicate_packet(struct iwl3945_priv *priv, struct ieee80211_hdr *header)
2923 u16 sc = le16_to_cpu(header->seq_ctrl);
2924 u16 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
2925 u16 frag = sc & IEEE80211_SCTL_FRAG;
2926 u16 *last_seq, *last_frag;
2927 unsigned long *last_time;
2929 switch (priv->iw_mode) {
2930 case IEEE80211_IF_TYPE_IBSS:{
2931 struct list_head *p;
2932 struct iwl3945_ibss_seq *entry = NULL;
2933 u8 *mac = header->addr2;
2934 int index = mac[5] & (IWL_IBSS_MAC_HASH_SIZE - 1);
2936 __list_for_each(p, &priv->ibss_mac_hash[index]) {
2937 entry = list_entry(p, struct iwl3945_ibss_seq, list);
2938 if (!compare_ether_addr(entry->mac, mac))
2941 if (p == &priv->ibss_mac_hash[index]) {
2942 entry = kzalloc(sizeof(*entry), GFP_ATOMIC);
2944 IWL_ERROR("Cannot malloc new mac entry\n");
2947 memcpy(entry->mac, mac, ETH_ALEN);
2948 entry->seq_num = seq;
2949 entry->frag_num = frag;
2950 entry->packet_time = jiffies;
2951 list_add(&entry->list, &priv->ibss_mac_hash[index]);
2954 last_seq = &entry->seq_num;
2955 last_frag = &entry->frag_num;
2956 last_time = &entry->packet_time;
2959 case IEEE80211_IF_TYPE_STA:
2960 last_seq = &priv->last_seq_num;
2961 last_frag = &priv->last_frag_num;
2962 last_time = &priv->last_packet_time;
2967 if ((*last_seq == seq) &&
2968 time_after(*last_time + IWL_PACKET_RETRY_TIME, jiffies)) {
2969 if (*last_frag == frag)
2971 if (*last_frag + 1 != frag)
2972 /* out-of-order fragment */
2978 *last_time = jiffies;
2985 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
2987 #include "iwl-spectrum.h"
2989 #define BEACON_TIME_MASK_LOW 0x00FFFFFF
2990 #define BEACON_TIME_MASK_HIGH 0xFF000000
2991 #define TIME_UNIT 1024
2994 * extended beacon time format
2995 * time in usec will be changed into a 32-bit value in 8:24 format
2996 * the high 1 byte is the beacon counts
2997 * the lower 3 bytes is the time in usec within one beacon interval
3000 static u32 iwl3945_usecs_to_beacons(u32 usec, u32 beacon_interval)
3004 u32 interval = beacon_interval * 1024;
3006 if (!interval || !usec)
3009 quot = (usec / interval) & (BEACON_TIME_MASK_HIGH >> 24);
3010 rem = (usec % interval) & BEACON_TIME_MASK_LOW;
3012 return (quot << 24) + rem;
3015 /* base is usually what we get from ucode with each received frame,
3016 * the same as HW timer counter counting down
3019 static __le32 iwl3945_add_beacon_time(u32 base, u32 addon, u32 beacon_interval)
3021 u32 base_low = base & BEACON_TIME_MASK_LOW;
3022 u32 addon_low = addon & BEACON_TIME_MASK_LOW;
3023 u32 interval = beacon_interval * TIME_UNIT;
3024 u32 res = (base & BEACON_TIME_MASK_HIGH) +
3025 (addon & BEACON_TIME_MASK_HIGH);
3027 if (base_low > addon_low)
3028 res += base_low - addon_low;
3029 else if (base_low < addon_low) {
3030 res += interval + base_low - addon_low;
3035 return cpu_to_le32(res);
3038 static int iwl3945_get_measurement(struct iwl3945_priv *priv,
3039 struct ieee80211_measurement_params *params,
3042 struct iwl3945_spectrum_cmd spectrum;
3043 struct iwl3945_rx_packet *res;
3044 struct iwl3945_host_cmd cmd = {
3045 .id = REPLY_SPECTRUM_MEASUREMENT_CMD,
3046 .data = (void *)&spectrum,
3047 .meta.flags = CMD_WANT_SKB,
3049 u32 add_time = le64_to_cpu(params->start_time);
3051 int spectrum_resp_status;
3052 int duration = le16_to_cpu(params->duration);
3054 if (iwl3945_is_associated(priv))
3056 iwl3945_usecs_to_beacons(
3057 le64_to_cpu(params->start_time) - priv->last_tsf,
3058 le16_to_cpu(priv->rxon_timing.beacon_interval));
3060 memset(&spectrum, 0, sizeof(spectrum));
3062 spectrum.channel_count = cpu_to_le16(1);
3064 RXON_FLG_TSF2HOST_MSK | RXON_FLG_ANT_A_MSK | RXON_FLG_DIS_DIV_MSK;
3065 spectrum.filter_flags = MEASUREMENT_FILTER_FLAG;
3066 cmd.len = sizeof(spectrum);
3067 spectrum.len = cpu_to_le16(cmd.len - sizeof(spectrum.len));
3069 if (iwl3945_is_associated(priv))
3070 spectrum.start_time =
3071 iwl3945_add_beacon_time(priv->last_beacon_time,
3073 le16_to_cpu(priv->rxon_timing.beacon_interval));
3075 spectrum.start_time = 0;
3077 spectrum.channels[0].duration = cpu_to_le32(duration * TIME_UNIT);
3078 spectrum.channels[0].channel = params->channel;
3079 spectrum.channels[0].type = type;
3080 if (priv->active_rxon.flags & RXON_FLG_BAND_24G_MSK)
3081 spectrum.flags |= RXON_FLG_BAND_24G_MSK |
3082 RXON_FLG_AUTO_DETECT_MSK | RXON_FLG_TGG_PROTECT_MSK;
3084 rc = iwl3945_send_cmd_sync(priv, &cmd);
3088 res = (struct iwl3945_rx_packet *)cmd.meta.u.skb->data;
3089 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
3090 IWL_ERROR("Bad return from REPLY_RX_ON_ASSOC command\n");
3094 spectrum_resp_status = le16_to_cpu(res->u.spectrum.status);
3095 switch (spectrum_resp_status) {
3096 case 0: /* Command will be handled */
3097 if (res->u.spectrum.id != 0xff) {
3098 IWL_DEBUG_INFO("Replaced existing measurement: %d\n",
3099 res->u.spectrum.id);
3100 priv->measurement_status &= ~MEASUREMENT_READY;
3102 priv->measurement_status |= MEASUREMENT_ACTIVE;
3106 case 1: /* Command will not be handled */
3111 dev_kfree_skb_any(cmd.meta.u.skb);
3117 static void iwl3945_rx_reply_alive(struct iwl3945_priv *priv,
3118 struct iwl3945_rx_mem_buffer *rxb)
3120 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3121 struct iwl3945_alive_resp *palive;
3122 struct delayed_work *pwork;
3124 palive = &pkt->u.alive_frame;
3126 IWL_DEBUG_INFO("Alive ucode status 0x%08X revision "
3128 palive->is_valid, palive->ver_type,
3129 palive->ver_subtype);
3131 if (palive->ver_subtype == INITIALIZE_SUBTYPE) {
3132 IWL_DEBUG_INFO("Initialization Alive received.\n");
3133 memcpy(&priv->card_alive_init,
3134 &pkt->u.alive_frame,
3135 sizeof(struct iwl3945_init_alive_resp));
3136 pwork = &priv->init_alive_start;
3138 IWL_DEBUG_INFO("Runtime Alive received.\n");
3139 memcpy(&priv->card_alive, &pkt->u.alive_frame,
3140 sizeof(struct iwl3945_alive_resp));
3141 pwork = &priv->alive_start;
3142 iwl3945_disable_events(priv);
3145 /* We delay the ALIVE response by 5ms to
3146 * give the HW RF Kill time to activate... */
3147 if (palive->is_valid == UCODE_VALID_OK)
3148 queue_delayed_work(priv->workqueue, pwork,
3149 msecs_to_jiffies(5));
3151 IWL_WARNING("uCode did not respond OK.\n");
3154 static void iwl3945_rx_reply_add_sta(struct iwl3945_priv *priv,
3155 struct iwl3945_rx_mem_buffer *rxb)
3157 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3159 IWL_DEBUG_RX("Received REPLY_ADD_STA: 0x%02X\n", pkt->u.status);
3163 static void iwl3945_rx_reply_error(struct iwl3945_priv *priv,
3164 struct iwl3945_rx_mem_buffer *rxb)
3166 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3168 IWL_ERROR("Error Reply type 0x%08X cmd %s (0x%02X) "
3169 "seq 0x%04X ser 0x%08X\n",
3170 le32_to_cpu(pkt->u.err_resp.error_type),
3171 get_cmd_string(pkt->u.err_resp.cmd_id),
3172 pkt->u.err_resp.cmd_id,
3173 le16_to_cpu(pkt->u.err_resp.bad_cmd_seq_num),
3174 le32_to_cpu(pkt->u.err_resp.error_info));
3177 #define TX_STATUS_ENTRY(x) case TX_STATUS_FAIL_ ## x: return #x
3179 static void iwl3945_rx_csa(struct iwl3945_priv *priv, struct iwl3945_rx_mem_buffer *rxb)
3181 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3182 struct iwl3945_rxon_cmd *rxon = (void *)&priv->active_rxon;
3183 struct iwl3945_csa_notification *csa = &(pkt->u.csa_notif);
3184 IWL_DEBUG_11H("CSA notif: channel %d, status %d\n",
3185 le16_to_cpu(csa->channel), le32_to_cpu(csa->status));
3186 rxon->channel = csa->channel;
3187 priv->staging_rxon.channel = csa->channel;
3190 static void iwl3945_rx_spectrum_measure_notif(struct iwl3945_priv *priv,
3191 struct iwl3945_rx_mem_buffer *rxb)
3193 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
3194 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3195 struct iwl3945_spectrum_notification *report = &(pkt->u.spectrum_notif);
3197 if (!report->state) {
3198 IWL_DEBUG(IWL_DL_11H | IWL_DL_INFO,
3199 "Spectrum Measure Notification: Start\n");
3203 memcpy(&priv->measure_report, report, sizeof(*report));
3204 priv->measurement_status |= MEASUREMENT_READY;
3208 static void iwl3945_rx_pm_sleep_notif(struct iwl3945_priv *priv,
3209 struct iwl3945_rx_mem_buffer *rxb)
3211 #ifdef CONFIG_IWL3945_DEBUG
3212 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3213 struct iwl3945_sleep_notification *sleep = &(pkt->u.sleep_notif);
3214 IWL_DEBUG_RX("sleep mode: %d, src: %d\n",
3215 sleep->pm_sleep_mode, sleep->pm_wakeup_src);
3219 static void iwl3945_rx_pm_debug_statistics_notif(struct iwl3945_priv *priv,
3220 struct iwl3945_rx_mem_buffer *rxb)
3222 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3223 IWL_DEBUG_RADIO("Dumping %d bytes of unhandled "
3224 "notification for %s:\n",
3225 le32_to_cpu(pkt->len), get_cmd_string(pkt->hdr.cmd));
3226 iwl3945_print_hex_dump(IWL_DL_RADIO, pkt->u.raw, le32_to_cpu(pkt->len));
3229 static void iwl3945_bg_beacon_update(struct work_struct *work)
3231 struct iwl3945_priv *priv =
3232 container_of(work, struct iwl3945_priv, beacon_update);
3233 struct sk_buff *beacon;
3235 /* Pull updated AP beacon from mac80211. will fail if not in AP mode */
3236 beacon = ieee80211_beacon_get(priv->hw, priv->vif, NULL);
3239 IWL_ERROR("update beacon failed\n");
3243 mutex_lock(&priv->mutex);
3244 /* new beacon skb is allocated every time; dispose previous.*/
3245 if (priv->ibss_beacon)
3246 dev_kfree_skb(priv->ibss_beacon);
3248 priv->ibss_beacon = beacon;
3249 mutex_unlock(&priv->mutex);
3251 iwl3945_send_beacon_cmd(priv);
3254 static void iwl3945_rx_beacon_notif(struct iwl3945_priv *priv,
3255 struct iwl3945_rx_mem_buffer *rxb)
3257 #ifdef CONFIG_IWL3945_DEBUG
3258 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3259 struct iwl3945_beacon_notif *beacon = &(pkt->u.beacon_status);
3260 u8 rate = beacon->beacon_notify_hdr.rate;
3262 IWL_DEBUG_RX("beacon status %x retries %d iss %d "
3263 "tsf %d %d rate %d\n",
3264 le32_to_cpu(beacon->beacon_notify_hdr.status) & TX_STATUS_MSK,
3265 beacon->beacon_notify_hdr.failure_frame,
3266 le32_to_cpu(beacon->ibss_mgr_status),
3267 le32_to_cpu(beacon->high_tsf),
3268 le32_to_cpu(beacon->low_tsf), rate);
3271 if ((priv->iw_mode == IEEE80211_IF_TYPE_AP) &&
3272 (!test_bit(STATUS_EXIT_PENDING, &priv->status)))
3273 queue_work(priv->workqueue, &priv->beacon_update);
3276 /* Service response to REPLY_SCAN_CMD (0x80) */
3277 static void iwl3945_rx_reply_scan(struct iwl3945_priv *priv,
3278 struct iwl3945_rx_mem_buffer *rxb)
3280 #ifdef CONFIG_IWL3945_DEBUG
3281 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3282 struct iwl3945_scanreq_notification *notif =
3283 (struct iwl3945_scanreq_notification *)pkt->u.raw;
3285 IWL_DEBUG_RX("Scan request status = 0x%x\n", notif->status);
3289 /* Service SCAN_START_NOTIFICATION (0x82) */
3290 static void iwl3945_rx_scan_start_notif(struct iwl3945_priv *priv,
3291 struct iwl3945_rx_mem_buffer *rxb)
3293 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3294 struct iwl3945_scanstart_notification *notif =
3295 (struct iwl3945_scanstart_notification *)pkt->u.raw;
3296 priv->scan_start_tsf = le32_to_cpu(notif->tsf_low);
3297 IWL_DEBUG_SCAN("Scan start: "
3299 "(TSF: 0x%08X:%08X) - %d (beacon timer %u)\n",
3301 notif->band ? "bg" : "a",
3303 notif->tsf_low, notif->status, notif->beacon_timer);
3306 /* Service SCAN_RESULTS_NOTIFICATION (0x83) */
3307 static void iwl3945_rx_scan_results_notif(struct iwl3945_priv *priv,
3308 struct iwl3945_rx_mem_buffer *rxb)
3310 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3311 struct iwl3945_scanresults_notification *notif =
3312 (struct iwl3945_scanresults_notification *)pkt->u.raw;
3314 IWL_DEBUG_SCAN("Scan ch.res: "
3316 "(TSF: 0x%08X:%08X) - %d "
3317 "elapsed=%lu usec (%dms since last)\n",
3319 notif->band ? "bg" : "a",
3320 le32_to_cpu(notif->tsf_high),
3321 le32_to_cpu(notif->tsf_low),
3322 le32_to_cpu(notif->statistics[0]),
3323 le32_to_cpu(notif->tsf_low) - priv->scan_start_tsf,
3324 jiffies_to_msecs(elapsed_jiffies
3325 (priv->last_scan_jiffies, jiffies)));
3327 priv->last_scan_jiffies = jiffies;
3328 priv->next_scan_jiffies = 0;
3331 /* Service SCAN_COMPLETE_NOTIFICATION (0x84) */
3332 static void iwl3945_rx_scan_complete_notif(struct iwl3945_priv *priv,
3333 struct iwl3945_rx_mem_buffer *rxb)
3335 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3336 struct iwl3945_scancomplete_notification *scan_notif = (void *)pkt->u.raw;
3338 IWL_DEBUG_SCAN("Scan complete: %d channels (TSF 0x%08X:%08X) - %d\n",
3339 scan_notif->scanned_channels,
3340 scan_notif->tsf_low,
3341 scan_notif->tsf_high, scan_notif->status);
3343 /* The HW is no longer scanning */
3344 clear_bit(STATUS_SCAN_HW, &priv->status);
3346 /* The scan completion notification came in, so kill that timer... */
3347 cancel_delayed_work(&priv->scan_check);
3349 IWL_DEBUG_INFO("Scan pass on %sGHz took %dms\n",
3350 (priv->scan_bands == 2) ? "2.4" : "5.2",
3351 jiffies_to_msecs(elapsed_jiffies
3352 (priv->scan_pass_start, jiffies)));
3354 /* Remove this scanned band from the list
3355 * of pending bands to scan */
3358 /* If a request to abort was given, or the scan did not succeed
3359 * then we reset the scan state machine and terminate,
3360 * re-queuing another scan if one has been requested */
3361 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
3362 IWL_DEBUG_INFO("Aborted scan completed.\n");
3363 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
3365 /* If there are more bands on this scan pass reschedule */
3366 if (priv->scan_bands > 0)
3370 priv->last_scan_jiffies = jiffies;
3371 priv->next_scan_jiffies = 0;
3372 IWL_DEBUG_INFO("Setting scan to off\n");
3374 clear_bit(STATUS_SCANNING, &priv->status);
3376 IWL_DEBUG_INFO("Scan took %dms\n",
3377 jiffies_to_msecs(elapsed_jiffies(priv->scan_start, jiffies)));
3379 queue_work(priv->workqueue, &priv->scan_completed);
3384 priv->scan_pass_start = jiffies;
3385 queue_work(priv->workqueue, &priv->request_scan);
3388 /* Handle notification from uCode that card's power state is changing
3389 * due to software, hardware, or critical temperature RFKILL */
3390 static void iwl3945_rx_card_state_notif(struct iwl3945_priv *priv,
3391 struct iwl3945_rx_mem_buffer *rxb)
3393 struct iwl3945_rx_packet *pkt = (void *)rxb->skb->data;
3394 u32 flags = le32_to_cpu(pkt->u.card_state_notif.flags);
3395 unsigned long status = priv->status;
3397 IWL_DEBUG_RF_KILL("Card state received: HW:%s SW:%s\n",
3398 (flags & HW_CARD_DISABLED) ? "Kill" : "On",
3399 (flags & SW_CARD_DISABLED) ? "Kill" : "On");
3401 iwl3945_write32(priv, CSR_UCODE_DRV_GP1_SET,
3402 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
3404 if (flags & HW_CARD_DISABLED)
3405 set_bit(STATUS_RF_KILL_HW, &priv->status);
3407 clear_bit(STATUS_RF_KILL_HW, &priv->status);
3410 if (flags & SW_CARD_DISABLED)
3411 set_bit(STATUS_RF_KILL_SW, &priv->status);
3413 clear_bit(STATUS_RF_KILL_SW, &priv->status);
3415 iwl3945_scan_cancel(priv);
3417 if ((test_bit(STATUS_RF_KILL_HW, &status) !=
3418 test_bit(STATUS_RF_KILL_HW, &priv->status)) ||
3419 (test_bit(STATUS_RF_KILL_SW, &status) !=
3420 test_bit(STATUS_RF_KILL_SW, &priv->status)))
3421 queue_work(priv->workqueue, &priv->rf_kill);
3423 wake_up_interruptible(&priv->wait_command_queue);
3427 * iwl3945_setup_rx_handlers - Initialize Rx handler callbacks
3429 * Setup the RX handlers for each of the reply types sent from the uCode
3432 * This function chains into the hardware specific files for them to setup
3433 * any hardware specific handlers as well.
3435 static void iwl3945_setup_rx_handlers(struct iwl3945_priv *priv)
3437 priv->rx_handlers[REPLY_ALIVE] = iwl3945_rx_reply_alive;
3438 priv->rx_handlers[REPLY_ADD_STA] = iwl3945_rx_reply_add_sta;
3439 priv->rx_handlers[REPLY_ERROR] = iwl3945_rx_reply_error;
3440 priv->rx_handlers[CHANNEL_SWITCH_NOTIFICATION] = iwl3945_rx_csa;
3441 priv->rx_handlers[SPECTRUM_MEASURE_NOTIFICATION] =
3442 iwl3945_rx_spectrum_measure_notif;
3443 priv->rx_handlers[PM_SLEEP_NOTIFICATION] = iwl3945_rx_pm_sleep_notif;
3444 priv->rx_handlers[PM_DEBUG_STATISTIC_NOTIFIC] =
3445 iwl3945_rx_pm_debug_statistics_notif;
3446 priv->rx_handlers[BEACON_NOTIFICATION] = iwl3945_rx_beacon_notif;
3449 * The same handler is used for both the REPLY to a discrete
3450 * statistics request from the host as well as for the periodic
3451 * statistics notifications (after received beacons) from the uCode.
3453 priv->rx_handlers[REPLY_STATISTICS_CMD] = iwl3945_hw_rx_statistics;
3454 priv->rx_handlers[STATISTICS_NOTIFICATION] = iwl3945_hw_rx_statistics;
3456 priv->rx_handlers[REPLY_SCAN_CMD] = iwl3945_rx_reply_scan;
3457 priv->rx_handlers[SCAN_START_NOTIFICATION] = iwl3945_rx_scan_start_notif;
3458 priv->rx_handlers[SCAN_RESULTS_NOTIFICATION] =
3459 iwl3945_rx_scan_results_notif;
3460 priv->rx_handlers[SCAN_COMPLETE_NOTIFICATION] =
3461 iwl3945_rx_scan_complete_notif;
3462 priv->rx_handlers[CARD_STATE_NOTIFICATION] = iwl3945_rx_card_state_notif;
3464 /* Set up hardware specific Rx handlers */
3465 iwl3945_hw_rx_handler_setup(priv);
3469 * iwl3945_cmd_queue_reclaim - Reclaim CMD queue entries
3470 * When FW advances 'R' index, all entries between old and new 'R' index
3471 * need to be reclaimed.
3473 static void iwl3945_cmd_queue_reclaim(struct iwl3945_priv *priv,
3474 int txq_id, int index)
3476 struct iwl3945_tx_queue *txq = &priv->txq[txq_id];
3477 struct iwl3945_queue *q = &txq->q;
3480 if ((index >= q->n_bd) || (iwl3945_x2_queue_used(q, index) == 0)) {
3481 IWL_ERROR("Read index for DMA queue txq id (%d), index %d, "
3482 "is out of range [0-%d] %d %d.\n", txq_id,
3483 index, q->n_bd, q->write_ptr, q->read_ptr);
3487 for (index = iwl_queue_inc_wrap(index, q->n_bd); q->read_ptr != index;
3488 q->read_ptr = iwl_queue_inc_wrap(q->read_ptr, q->n_bd)) {
3490 IWL_ERROR("HCMD skipped: index (%d) %d %d\n", index,
3491 q->write_ptr, q->read_ptr);
3492 queue_work(priv->workqueue, &priv->restart);
3501 * iwl3945_tx_cmd_complete - Pull unused buffers off the queue and reclaim them
3502 * @rxb: Rx buffer to reclaim
3504 * If an Rx buffer has an async callback associated with it the callback
3505 * will be executed. The attached skb (if present) will only be freed
3506 * if the callback returns 1
3508 static void iwl3945_tx_cmd_complete(struct iwl3945_priv *priv,
3509 struct iwl3945_rx_mem_buffer *rxb)
3511 struct iwl3945_rx_packet *pkt = (struct iwl3945_rx_packet *)rxb->skb->data;
3512 u16 sequence = le16_to_cpu(pkt->hdr.sequence);
3513 int txq_id = SEQ_TO_QUEUE(sequence);
3514 int index = SEQ_TO_INDEX(sequence);
3515 int huge = sequence & SEQ_HUGE_FRAME;
3517 struct iwl3945_cmd *cmd;
3519 BUG_ON(txq_id != IWL_CMD_QUEUE_NUM);
3521 cmd_index = get_cmd_index(&priv->txq[IWL_CMD_QUEUE_NUM].q, index, huge);
3522 cmd = &priv->txq[IWL_CMD_QUEUE_NUM].cmd[cmd_index];
3524 /* Input error checking is done when commands are added to queue. */
3525 if (cmd->meta.flags & CMD_WANT_SKB) {
3526 cmd->meta.source->u.skb = rxb->skb;
3528 } else if (cmd->meta.u.callback &&
3529 !cmd->meta.u.callback(priv, cmd, rxb->skb))
3532 iwl3945_cmd_queue_reclaim(priv, txq_id, index);
3534 if (!(cmd->meta.flags & CMD_ASYNC)) {
3535 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
3536 wake_up_interruptible(&priv->wait_command_queue);
3540 /************************** RX-FUNCTIONS ****************************/
3542 * Rx theory of operation
3544 * The host allocates 32 DMA target addresses and passes the host address
3545 * to the firmware at register IWL_RFDS_TABLE_LOWER + N * RFD_SIZE where N is
3549 * The host/firmware share two index registers for managing the Rx buffers.
3551 * The READ index maps to the first position that the firmware may be writing
3552 * to -- the driver can read up to (but not including) this position and get
3554 * The READ index is managed by the firmware once the card is enabled.
3556 * The WRITE index maps to the last position the driver has read from -- the
3557 * position preceding WRITE is the last slot the firmware can place a packet.
3559 * The queue is empty (no good data) if WRITE = READ - 1, and is full if
3562 * During initialization, the host sets up the READ queue position to the first
3563 * INDEX position, and WRITE to the last (READ - 1 wrapped)
3565 * When the firmware places a packet in a buffer, it will advance the READ index
3566 * and fire the RX interrupt. The driver can then query the READ index and
3567 * process as many packets as possible, moving the WRITE index forward as it
3568 * resets the Rx queue buffers with new memory.
3570 * The management in the driver is as follows:
3571 * + A list of pre-allocated SKBs is stored in iwl->rxq->rx_free. When
3572 * iwl->rxq->free_count drops to or below RX_LOW_WATERMARK, work is scheduled
3573 * to replenish the iwl->rxq->rx_free.
3574 * + In iwl3945_rx_replenish (scheduled) if 'processed' != 'read' then the
3575 * iwl->rxq is replenished and the READ INDEX is updated (updating the
3576 * 'processed' and 'read' driver indexes as well)
3577 * + A received packet is processed and handed to the kernel network stack,
3578 * detached from the iwl->rxq. The driver 'processed' index is updated.
3579 * + The Host/Firmware iwl->rxq is replenished at tasklet time from the rx_free
3580 * list. If there are no allocated buffers in iwl->rxq->rx_free, the READ
3581 * INDEX is not incremented and iwl->status(RX_STALLED) is set. If there
3582 * were enough free buffers and RX_STALLED is set it is cleared.
3587 * iwl3945_rx_queue_alloc() Allocates rx_free
3588 * iwl3945_rx_replenish() Replenishes rx_free list from rx_used, and calls
3589 * iwl3945_rx_queue_restock
3590 * iwl3945_rx_queue_restock() Moves available buffers from rx_free into Rx
3591 * queue, updates firmware pointers, and updates
3592 * the WRITE index. If insufficient rx_free buffers
3593 * are available, schedules iwl3945_rx_replenish
3595 * -- enable interrupts --
3596 * ISR - iwl3945_rx() Detach iwl3945_rx_mem_buffers from pool up to the
3597 * READ INDEX, detaching the SKB from the pool.
3598 * Moves the packet buffer from queue to rx_used.
3599 * Calls iwl3945_rx_queue_restock to refill any empty
3606 * iwl3945_rx_queue_space - Return number of free slots available in queue.
3608 static int iwl3945_rx_queue_space(const struct iwl3945_rx_queue *q)
3610 int s = q->read - q->write;
3613 /* keep some buffer to not confuse full and empty queue */
3621 * iwl3945_rx_queue_update_write_ptr - Update the write pointer for the RX queue
3623 int iwl3945_rx_queue_update_write_ptr(struct iwl3945_priv *priv, struct iwl3945_rx_queue *q)
3627 unsigned long flags;
3629 spin_lock_irqsave(&q->lock, flags);
3631 if (q->need_update == 0)
3634 /* If power-saving is in use, make sure device is awake */
3635 if (test_bit(STATUS_POWER_PMI, &priv->status)) {
3636 reg = iwl3945_read32(priv, CSR_UCODE_DRV_GP1);
3638 if (reg & CSR_UCODE_DRV_GP1_BIT_MAC_SLEEP) {
3639 iwl3945_set_bit(priv, CSR_GP_CNTRL,
3640 CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
3644 rc = iwl3945_grab_nic_access(priv);
3648 /* Device expects a multiple of 8 */
3649 iwl3945_write_direct32(priv, FH_RSCSR_CHNL0_WPTR,
3651 iwl3945_release_nic_access(priv);
3653 /* Else device is assumed to be awake */
3655 /* Device expects a multiple of 8 */
3656 iwl3945_write32(priv, FH_RSCSR_CHNL0_WPTR, q->write & ~0x7);
3662 spin_unlock_irqrestore(&q->lock, flags);
3667 * iwl3945_dma_addr2rbd_ptr - convert a DMA address to a uCode read buffer ptr
3669 static inline __le32 iwl3945_dma_addr2rbd_ptr(struct iwl3945_priv *priv,
3670 dma_addr_t dma_addr)
3672 return cpu_to_le32((u32)dma_addr);
3676 * iwl3945_rx_queue_restock - refill RX queue from pre-allocated pool
3678 * If there are slots in the RX queue that need to be restocked,
3679 * and we have free pre-allocated buffers, fill the ranks as much
3680 * as we can, pulling from rx_free.
3682 * This moves the 'write' index forward to catch up with 'processed', and
3683 * also updates the memory address in the firmware to reference the new
3686 static int iwl3945_rx_queue_restock(struct iwl3945_priv *priv)
3688 struct iwl3945_rx_queue *rxq = &priv->rxq;
3689 struct list_head *element;
3690 struct iwl3945_rx_mem_buffer *rxb;
3691 unsigned long flags;
3694 spin_lock_irqsave(&rxq->lock, flags);
3695 write = rxq->write & ~0x7;
3696 while ((iwl3945_rx_queue_space(rxq) > 0) && (rxq->free_count)) {
3697 /* Get next free Rx buffer, remove from free list */
3698 element = rxq->rx_free.next;
3699 rxb = list_entry(element, struct iwl3945_rx_mem_buffer, list);
3702 /* Point to Rx buffer via next RBD in circular buffer */
3703 rxq->bd[rxq->write] = iwl3945_dma_addr2rbd_ptr(priv, rxb->dma_addr);
3704 rxq->queue[rxq->write] = rxb;
3705 rxq->write = (rxq->write + 1) & RX_QUEUE_MASK;
3708 spin_unlock_irqrestore(&rxq->lock, flags);
3709 /* If the pre-allocated buffer pool is dropping low, schedule to
3711 if (rxq->free_count <= RX_LOW_WATERMARK)
3712 queue_work(priv->workqueue, &priv->rx_replenish);
3715 /* If we've added more space for the firmware to place data, tell it.
3716 * Increment device's write pointer in multiples of 8. */
3717 if ((write != (rxq->write & ~0x7))
3718 || (abs(rxq->write - rxq->read) > 7)) {
3719 spin_lock_irqsave(&rxq->lock, flags);
3720 rxq->need_update = 1;
3721 spin_unlock_irqrestore(&rxq->lock, flags);
3722 rc = iwl3945_rx_queue_update_write_ptr(priv, rxq);
3731 * iwl3945_rx_replenish - Move all used packet from rx_used to rx_free
3733 * When moving to rx_free an SKB is allocated for the slot.
3735 * Also restock the Rx queue via iwl3945_rx_queue_restock.
3736 * This is called as a scheduled work item (except for during initialization)
3738 static void iwl3945_rx_allocate(struct iwl3945_priv *priv)
3740 struct iwl3945_rx_queue *rxq = &priv->rxq;
3741 struct list_head *element;
3742 struct iwl3945_rx_mem_buffer *rxb;
3743 unsigned long flags;
3744 spin_lock_irqsave(&rxq->lock, flags);
3745 while (!list_empty(&rxq->rx_used)) {
3746 element = rxq->rx_used.next;
3747 rxb = list_entry(element, struct iwl3945_rx_mem_buffer, list);
3749 /* Alloc a new receive buffer */
3751 alloc_skb(IWL_RX_BUF_SIZE, __GFP_NOWARN | GFP_ATOMIC);
3753 if (net_ratelimit())
3754 printk(KERN_CRIT DRV_NAME
3755 ": Can not allocate SKB buffers\n");
3756 /* We don't reschedule replenish work here -- we will
3757 * call the restock method and if it still needs
3758 * more buffers it will schedule replenish */
3762 /* If radiotap head is required, reserve some headroom here.
3763 * The physical head count is a variable rx_stats->phy_count.
3764 * We reserve 4 bytes here. Plus these extra bytes, the
3765 * headroom of the physical head should be enough for the
3766 * radiotap head that iwl3945 supported. See iwl3945_rt.
3768 skb_reserve(rxb->skb, 4);
3770 priv->alloc_rxb_skb++;
3773 /* Get physical address of RB/SKB */
3775 pci_map_single(priv->pci_dev, rxb->skb->data,
3776 IWL_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
3777 list_add_tail(&rxb->list, &rxq->rx_free);
3780 spin_unlock_irqrestore(&rxq->lock, flags);
3784 * this should be called while priv->lock is locked
3786 static void __iwl3945_rx_replenish(void *data)
3788 struct iwl3945_priv *priv = data;
3790 iwl3945_rx_allocate(priv);
3791 iwl3945_rx_queue_restock(priv);
3795 void iwl3945_rx_replenish(void *data)
3797 struct iwl3945_priv *priv = data;
3798 unsigned long flags;
3800 iwl3945_rx_allocate(priv);
3802 spin_lock_irqsave(&priv->lock, flags);
3803 iwl3945_rx_queue_restock(priv);
3804 spin_unlock_irqrestore(&priv->lock, flags);
3807 /* Assumes that the skb field of the buffers in 'pool' is kept accurate.
3808 * If an SKB has been detached, the POOL needs to have its SKB set to NULL
3809 * This free routine walks the list of POOL entries and if SKB is set to
3810 * non NULL it is unmapped and freed
3812 static void iwl3945_rx_queue_free(struct iwl3945_priv *priv, struct iwl3945_rx_queue *rxq)
3815 for (i = 0; i < RX_QUEUE_SIZE + RX_FREE_BUFFERS; i++) {
3816 if (rxq->pool[i].skb != NULL) {
3817 pci_unmap_single(priv->pci_dev,
3818 rxq->pool[i].dma_addr,
3819 IWL_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
3820 dev_kfree_skb(rxq->pool[i].skb);
3824 pci_free_consistent(priv->pci_dev, 4 * RX_QUEUE_SIZE, rxq->bd,
3829 int iwl3945_rx_queue_alloc(struct iwl3945_priv *priv)
3831 struct iwl3945_rx_queue *rxq = &priv->rxq;
3832 struct pci_dev *dev = priv->pci_dev;
3835 spin_lock_init(&rxq->lock);
3836 INIT_LIST_HEAD(&rxq->rx_free);
3837 INIT_LIST_HEAD(&rxq->rx_used);
3839 /* Alloc the circular buffer of Read Buffer Descriptors (RBDs) */
3840 rxq->bd = pci_alloc_consistent(dev, 4 * RX_QUEUE_SIZE, &rxq->dma_addr);
3844 /* Fill the rx_used queue with _all_ of the Rx buffers */
3845 for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++)
3846 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
3848 /* Set us so that we have processed and used all buffers, but have
3849 * not restocked the Rx queue with fresh buffers */
3850 rxq->read = rxq->write = 0;
3851 rxq->free_count = 0;
3852 rxq->need_update = 0;
3856 void iwl3945_rx_queue_reset(struct iwl3945_priv *priv, struct iwl3945_rx_queue *rxq)
3858 unsigned long flags;
3860 spin_lock_irqsave(&rxq->lock, flags);
3861 INIT_LIST_HEAD(&rxq->rx_free);
3862 INIT_LIST_HEAD(&rxq->rx_used);
3863 /* Fill the rx_used queue with _all_ of the Rx buffers */
3864 for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++) {
3865 /* In the reset function, these buffers may have been allocated
3866 * to an SKB, so we need to unmap and free potential storage */
3867 if (rxq->pool[i].skb != NULL) {
3868 pci_unmap_single(priv->pci_dev,
3869 rxq->pool[i].dma_addr,
3870 IWL_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
3871 priv->alloc_rxb_skb--;
3872 dev_kfree_skb(rxq->pool[i].skb);
3873 rxq->pool[i].skb = NULL;
3875 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
3878 /* Set us so that we have processed and used all buffers, but have
3879 * not restocked the Rx queue with fresh buffers */
3880 rxq->read = rxq->write = 0;
3881 rxq->free_count = 0;
3882 spin_unlock_irqrestore(&rxq->lock, flags);
3885 /* Convert linear signal-to-noise ratio into dB */
3886 static u8 ratio2dB[100] = {
3887 /* 0 1 2 3 4 5 6 7 8 9 */
3888 0, 0, 6, 10, 12, 14, 16, 17, 18, 19, /* 00 - 09 */
3889 20, 21, 22, 22, 23, 23, 24, 25, 26, 26, /* 10 - 19 */
3890 26, 26, 26, 27, 27, 28, 28, 28, 29, 29, /* 20 - 29 */
3891 29, 30, 30, 30, 31, 31, 31, 31, 32, 32, /* 30 - 39 */
3892 32, 32, 32, 33, 33, 33, 33, 33, 34, 34, /* 40 - 49 */
3893 34, 34, 34, 34, 35, 35, 35, 35, 35, 35, /* 50 - 59 */
3894 36, 36, 36, 36, 36, 36, 36, 37, 37, 37, /* 60 - 69 */
3895 37, 37, 37, 37, 37, 38, 38, 38, 38, 38, /* 70 - 79 */
3896 38, 38, 38, 38, 38, 39, 39, 39, 39, 39, /* 80 - 89 */
3897 39, 39, 39, 39, 39, 40, 40, 40, 40, 40 /* 90 - 99 */
3900 /* Calculates a relative dB value from a ratio of linear
3901 * (i.e. not dB) signal levels.
3902 * Conversion assumes that levels are voltages (20*log), not powers (10*log). */
3903 int iwl3945_calc_db_from_ratio(int sig_ratio)
3905 /* 1000:1 or higher just report as 60 dB */
3906 if (sig_ratio >= 1000)
3909 /* 100:1 or higher, divide by 10 and use table,
3910 * add 20 dB to make up for divide by 10 */
3911 if (sig_ratio >= 100)
3912 return (20 + (int)ratio2dB[sig_ratio/10]);
3914 /* We shouldn't see this */
3918 /* Use table for ratios 1:1 - 99:1 */
3919 return (int)ratio2dB[sig_ratio];
3922 #define PERFECT_RSSI (-20) /* dBm */
3923 #define WORST_RSSI (-95) /* dBm */
3924 #define RSSI_RANGE (PERFECT_RSSI - WORST_RSSI)
3926 /* Calculate an indication of rx signal quality (a percentage, not dBm!).
3927 * See http://www.ces.clemson.edu/linux/signal_quality.shtml for info
3928 * about formulas used below. */
3929 int iwl3945_calc_sig_qual(int rssi_dbm, int noise_dbm)
3932 int degradation = PERFECT_RSSI - rssi_dbm;
3934 /* If we get a noise measurement, use signal-to-noise ratio (SNR)
3935 * as indicator; formula is (signal dbm - noise dbm).
3936 * SNR at or above 40 is a great signal (100%).
3937 * Below that, scale to fit SNR of 0 - 40 dB within 0 - 100% indicator.
3938 * Weakest usable signal is usually 10 - 15 dB SNR. */
3940 if (rssi_dbm - noise_dbm >= 40)
3942 else if (rssi_dbm < noise_dbm)
3944 sig_qual = ((rssi_dbm - noise_dbm) * 5) / 2;
3946 /* Else use just the signal level.
3947 * This formula is a least squares fit of data points collected and
3948 * compared with a reference system that had a percentage (%) display
3949 * for signal quality. */
3951 sig_qual = (100 * (RSSI_RANGE * RSSI_RANGE) - degradation *
3952 (15 * RSSI_RANGE + 62 * degradation)) /
3953 (RSSI_RANGE * RSSI_RANGE);
3957 else if (sig_qual < 1)
3964 * iwl3945_rx_handle - Main entry function for receiving responses from uCode
3966 * Uses the priv->rx_handlers callback function array to invoke
3967 * the appropriate handlers, including command responses,
3968 * frame-received notifications, and other notifications.
3970 static void iwl3945_rx_handle(struct iwl3945_priv *priv)
3972 struct iwl3945_rx_mem_buffer *rxb;
3973 struct iwl3945_rx_packet *pkt;
3974 struct iwl3945_rx_queue *rxq = &priv->rxq;
3977 unsigned long flags;
3981 /* uCode's read index (stored in shared DRAM) indicates the last Rx
3982 * buffer that the driver may process (last buffer filled by ucode). */
3983 r = iwl3945_hw_get_rx_read(priv);
3986 if (iwl3945_rx_queue_space(rxq) > (RX_QUEUE_SIZE / 2))
3988 /* Rx interrupt, but nothing sent from uCode */
3990 IWL_DEBUG(IWL_DL_RX | IWL_DL_ISR, "r = %d, i = %d\n", r, i);
3993 rxb = rxq->queue[i];
3995 /* If an RXB doesn't have a Rx queue slot associated with it,
3996 * then a bug has been introduced in the queue refilling
3997 * routines -- catch it here */
3998 BUG_ON(rxb == NULL);
4000 rxq->queue[i] = NULL;
4002 pci_dma_sync_single_for_cpu(priv->pci_dev, rxb->dma_addr,
4004 PCI_DMA_FROMDEVICE);
4005 pkt = (struct iwl3945_rx_packet *)rxb->skb->data;
4007 /* Reclaim a command buffer only if this packet is a response
4008 * to a (driver-originated) command.
4009 * If the packet (e.g. Rx frame) originated from uCode,
4010 * there is no command buffer to reclaim.
4011 * Ucode should set SEQ_RX_FRAME bit if ucode-originated,
4012 * but apparently a few don't get set; catch them here. */
4013 reclaim = !(pkt->hdr.sequence & SEQ_RX_FRAME) &&
4014 (pkt->hdr.cmd != STATISTICS_NOTIFICATION) &&
4015 (pkt->hdr.cmd != REPLY_TX);
4017 /* Based on type of command response or notification,
4018 * handle those that need handling via function in
4019 * rx_handlers table. See iwl3945_setup_rx_handlers() */
4020 if (priv->rx_handlers[pkt->hdr.cmd]) {
4021 IWL_DEBUG(IWL_DL_HOST_COMMAND | IWL_DL_RX | IWL_DL_ISR,
4022 "r = %d, i = %d, %s, 0x%02x\n", r, i,
4023 get_cmd_string(pkt->hdr.cmd), pkt->hdr.cmd);
4024 priv->rx_handlers[pkt->hdr.cmd] (priv, rxb);
4026 /* No handling needed */
4027 IWL_DEBUG(IWL_DL_HOST_COMMAND | IWL_DL_RX | IWL_DL_ISR,
4028 "r %d i %d No handler needed for %s, 0x%02x\n",
4029 r, i, get_cmd_string(pkt->hdr.cmd),
4034 /* Invoke any callbacks, transfer the skb to caller, and
4035 * fire off the (possibly) blocking iwl3945_send_cmd()
4036 * as we reclaim the driver command queue */
4037 if (rxb && rxb->skb)
4038 iwl3945_tx_cmd_complete(priv, rxb);
4040 IWL_WARNING("Claim null rxb?\n");
4043 /* For now we just don't re-use anything. We can tweak this
4044 * later to try and re-use notification packets and SKBs that
4045 * fail to Rx correctly */
4046 if (rxb->skb != NULL) {
4047 priv->alloc_rxb_skb--;
4048 dev_kfree_skb_any(rxb->skb);
4052 pci_unmap_single(priv->pci_dev, rxb->dma_addr,
4053 IWL_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
4054 spin_lock_irqsave(&rxq->lock, flags);
4055 list_add_tail(&rxb->list, &priv->rxq.rx_used);
4056 spin_unlock_irqrestore(&rxq->lock, flags);
4057 i = (i + 1) & RX_QUEUE_MASK;
4058 /* If there are a lot of unused frames,
4059 * restock the Rx queue so ucode won't assert. */
4064 __iwl3945_rx_replenish(priv);
4070 /* Backtrack one entry */
4072 iwl3945_rx_queue_restock(priv);
4076 * iwl3945_tx_queue_update_write_ptr - Send new write index to hardware
4078 static int iwl3945_tx_queue_update_write_ptr(struct iwl3945_priv *priv,
4079 struct iwl3945_tx_queue *txq)
4083 int txq_id = txq->q.id;
4085 if (txq->need_update == 0)
4088 /* if we're trying to save power */
4089 if (test_bit(STATUS_POWER_PMI, &priv->status)) {
4090 /* wake up nic if it's powered down ...
4091 * uCode will wake up, and interrupt us again, so next
4092 * time we'll skip this part. */
4093 reg = iwl3945_read32(priv, CSR_UCODE_DRV_GP1);
4095 if (reg & CSR_UCODE_DRV_GP1_BIT_MAC_SLEEP) {
4096 IWL_DEBUG_INFO("Requesting wakeup, GP1 = 0x%x\n", reg);
4097 iwl3945_set_bit(priv, CSR_GP_CNTRL,
4098 CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
4102 /* restore this queue's parameters in nic hardware. */
4103 rc = iwl3945_grab_nic_access(priv);
4106 iwl3945_write_direct32(priv, HBUS_TARG_WRPTR,
4107 txq->q.write_ptr | (txq_id << 8));
4108 iwl3945_release_nic_access(priv);
4110 /* else not in power-save mode, uCode will never sleep when we're
4111 * trying to tx (during RFKILL, we're not trying to tx). */
4113 iwl3945_write32(priv, HBUS_TARG_WRPTR,
4114 txq->q.write_ptr | (txq_id << 8));
4116 txq->need_update = 0;
4121 #ifdef CONFIG_IWL3945_DEBUG
4122 static void iwl3945_print_rx_config_cmd(struct iwl3945_rxon_cmd *rxon)
4124 DECLARE_MAC_BUF(mac);
4126 IWL_DEBUG_RADIO("RX CONFIG:\n");
4127 iwl3945_print_hex_dump(IWL_DL_RADIO, (u8 *) rxon, sizeof(*rxon));
4128 IWL_DEBUG_RADIO("u16 channel: 0x%x\n", le16_to_cpu(rxon->channel));
4129 IWL_DEBUG_RADIO("u32 flags: 0x%08X\n", le32_to_cpu(rxon->flags));
4130 IWL_DEBUG_RADIO("u32 filter_flags: 0x%08x\n",
4131 le32_to_cpu(rxon->filter_flags));
4132 IWL_DEBUG_RADIO("u8 dev_type: 0x%x\n", rxon->dev_type);
4133 IWL_DEBUG_RADIO("u8 ofdm_basic_rates: 0x%02x\n",
4134 rxon->ofdm_basic_rates);
4135 IWL_DEBUG_RADIO("u8 cck_basic_rates: 0x%02x\n", rxon->cck_basic_rates);
4136 IWL_DEBUG_RADIO("u8[6] node_addr: %s\n",
4137 print_mac(mac, rxon->node_addr));
4138 IWL_DEBUG_RADIO("u8[6] bssid_addr: %s\n",
4139 print_mac(mac, rxon->bssid_addr));
4140 IWL_DEBUG_RADIO("u16 assoc_id: 0x%x\n", le16_to_cpu(rxon->assoc_id));
4144 static void iwl3945_enable_interrupts(struct iwl3945_priv *priv)
4146 IWL_DEBUG_ISR("Enabling interrupts\n");
4147 set_bit(STATUS_INT_ENABLED, &priv->status);
4148 iwl3945_write32(priv, CSR_INT_MASK, CSR_INI_SET_MASK);
4151 static inline void iwl3945_disable_interrupts(struct iwl3945_priv *priv)
4153 clear_bit(STATUS_INT_ENABLED, &priv->status);
4155 /* disable interrupts from uCode/NIC to host */
4156 iwl3945_write32(priv, CSR_INT_MASK, 0x00000000);
4158 /* acknowledge/clear/reset any interrupts still pending
4159 * from uCode or flow handler (Rx/Tx DMA) */
4160 iwl3945_write32(priv, CSR_INT, 0xffffffff);
4161 iwl3945_write32(priv, CSR_FH_INT_STATUS, 0xffffffff);
4162 IWL_DEBUG_ISR("Disabled interrupts\n");
4165 static const char *desc_lookup(int i)
4173 return "BAD_CHECKSUM";
4175 return "NMI_INTERRUPT";
4179 return "FATAL_ERROR";
4185 #define ERROR_START_OFFSET (1 * sizeof(u32))
4186 #define ERROR_ELEM_SIZE (7 * sizeof(u32))
4188 static void iwl3945_dump_nic_error_log(struct iwl3945_priv *priv)
4191 u32 desc, time, count, base, data1;
4192 u32 blink1, blink2, ilink1, ilink2;
4195 base = le32_to_cpu(priv->card_alive.error_event_table_ptr);
4197 if (!iwl3945_hw_valid_rtc_data_addr(base)) {
4198 IWL_ERROR("Not valid error log pointer 0x%08X\n", base);
4202 rc = iwl3945_grab_nic_access(priv);
4204 IWL_WARNING("Can not read from adapter at this time.\n");
4208 count = iwl3945_read_targ_mem(priv, base);
4210 if (ERROR_START_OFFSET <= count * ERROR_ELEM_SIZE) {
4211 IWL_ERROR("Start IWL Error Log Dump:\n");
4212 IWL_ERROR("Status: 0x%08lX, count: %d\n", priv->status, count);
4215 IWL_ERROR("Desc Time asrtPC blink2 "
4216 "ilink1 nmiPC Line\n");
4217 for (i = ERROR_START_OFFSET;
4218 i < (count * ERROR_ELEM_SIZE) + ERROR_START_OFFSET;
4219 i += ERROR_ELEM_SIZE) {
4220 desc = iwl3945_read_targ_mem(priv, base + i);
4222 iwl3945_read_targ_mem(priv, base + i + 1 * sizeof(u32));
4224 iwl3945_read_targ_mem(priv, base + i + 2 * sizeof(u32));
4226 iwl3945_read_targ_mem(priv, base + i + 3 * sizeof(u32));
4228 iwl3945_read_targ_mem(priv, base + i + 4 * sizeof(u32));
4230 iwl3945_read_targ_mem(priv, base + i + 5 * sizeof(u32));
4232 iwl3945_read_targ_mem(priv, base + i + 6 * sizeof(u32));
4235 ("%-13s (#%d) %010u 0x%05X 0x%05X 0x%05X 0x%05X %u\n\n",
4236 desc_lookup(desc), desc, time, blink1, blink2,
4237 ilink1, ilink2, data1);
4240 iwl3945_release_nic_access(priv);
4244 #define EVENT_START_OFFSET (6 * sizeof(u32))
4247 * iwl3945_print_event_log - Dump error event log to syslog
4249 * NOTE: Must be called with iwl3945_grab_nic_access() already obtained!
4251 static void iwl3945_print_event_log(struct iwl3945_priv *priv, u32 start_idx,
4252 u32 num_events, u32 mode)
4255 u32 base; /* SRAM byte address of event log header */
4256 u32 event_size; /* 2 u32s, or 3 u32s if timestamp recorded */
4257 u32 ptr; /* SRAM byte address of log data */
4258 u32 ev, time, data; /* event log data */
4260 if (num_events == 0)
4263 base = le32_to_cpu(priv->card_alive.log_event_table_ptr);
4266 event_size = 2 * sizeof(u32);
4268 event_size = 3 * sizeof(u32);
4270 ptr = base + EVENT_START_OFFSET + (start_idx * event_size);
4272 /* "time" is actually "data" for mode 0 (no timestamp).
4273 * place event id # at far right for easier visual parsing. */
4274 for (i = 0; i < num_events; i++) {
4275 ev = iwl3945_read_targ_mem(priv, ptr);
4277 time = iwl3945_read_targ_mem(priv, ptr);
4280 IWL_ERROR("0x%08x\t%04u\n", time, ev); /* data, ev */
4282 data = iwl3945_read_targ_mem(priv, ptr);
4284 IWL_ERROR("%010u\t0x%08x\t%04u\n", time, data, ev);
4289 static void iwl3945_dump_nic_event_log(struct iwl3945_priv *priv)
4292 u32 base; /* SRAM byte address of event log header */
4293 u32 capacity; /* event log capacity in # entries */
4294 u32 mode; /* 0 - no timestamp, 1 - timestamp recorded */
4295 u32 num_wraps; /* # times uCode wrapped to top of log */
4296 u32 next_entry; /* index of next entry to be written by uCode */
4297 u32 size; /* # entries that we'll print */
4299 base = le32_to_cpu(priv->card_alive.log_event_table_ptr);
4300 if (!iwl3945_hw_valid_rtc_data_addr(base)) {
4301 IWL_ERROR("Invalid event log pointer 0x%08X\n", base);
4305 rc = iwl3945_grab_nic_access(priv);
4307 IWL_WARNING("Can not read from adapter at this time.\n");
4311 /* event log header */
4312 capacity = iwl3945_read_targ_mem(priv, base);
4313 mode = iwl3945_read_targ_mem(priv, base + (1 * sizeof(u32)));
4314 num_wraps = iwl3945_read_targ_mem(priv, base + (2 * sizeof(u32)));
4315 next_entry = iwl3945_read_targ_mem(priv, base + (3 * sizeof(u32)));
4317 size = num_wraps ? capacity : next_entry;
4319 /* bail out if nothing in log */
4321 IWL_ERROR("Start IWL Event Log Dump: nothing in log\n");
4322 iwl3945_release_nic_access(priv);
4326 IWL_ERROR("Start IWL Event Log Dump: display count %d, wraps %d\n",
4329 /* if uCode has wrapped back to top of log, start at the oldest entry,
4330 * i.e the next one that uCode would fill. */
4332 iwl3945_print_event_log(priv, next_entry,
4333 capacity - next_entry, mode);
4335 /* (then/else) start at top of log */
4336 iwl3945_print_event_log(priv, 0, next_entry, mode);
4338 iwl3945_release_nic_access(priv);
4342 * iwl3945_irq_handle_error - called for HW or SW error interrupt from card
4344 static void iwl3945_irq_handle_error(struct iwl3945_priv *priv)
4346 /* Set the FW error flag -- cleared on iwl3945_down */
4347 set_bit(STATUS_FW_ERROR, &priv->status);
4349 /* Cancel currently queued command. */
4350 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
4352 #ifdef CONFIG_IWL3945_DEBUG
4353 if (iwl3945_debug_level & IWL_DL_FW_ERRORS) {
4354 iwl3945_dump_nic_error_log(priv);
4355 iwl3945_dump_nic_event_log(priv);
4356 iwl3945_print_rx_config_cmd(&priv->staging_rxon);
4360 wake_up_interruptible(&priv->wait_command_queue);
4362 /* Keep the restart process from trying to send host
4363 * commands by clearing the INIT status bit */
4364 clear_bit(STATUS_READY, &priv->status);
4366 if (!test_bit(STATUS_EXIT_PENDING, &priv->status)) {
4367 IWL_DEBUG(IWL_DL_INFO | IWL_DL_FW_ERRORS,
4368 "Restarting adapter due to uCode error.\n");
4370 if (iwl3945_is_associated(priv)) {
4371 memcpy(&priv->recovery_rxon, &priv->active_rxon,
4372 sizeof(priv->recovery_rxon));
4373 priv->error_recovering = 1;
4375 queue_work(priv->workqueue, &priv->restart);
4379 static void iwl3945_error_recovery(struct iwl3945_priv *priv)
4381 unsigned long flags;
4383 memcpy(&priv->staging_rxon, &priv->recovery_rxon,
4384 sizeof(priv->staging_rxon));
4385 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
4386 iwl3945_commit_rxon(priv);
4388 iwl3945_add_station(priv, priv->bssid, 1, 0);
4390 spin_lock_irqsave(&priv->lock, flags);
4391 priv->assoc_id = le16_to_cpu(priv->staging_rxon.assoc_id);
4392 priv->error_recovering = 0;
4393 spin_unlock_irqrestore(&priv->lock, flags);
4396 static void iwl3945_irq_tasklet(struct iwl3945_priv *priv)
4398 u32 inta, handled = 0;
4400 unsigned long flags;
4401 #ifdef CONFIG_IWL3945_DEBUG
4405 spin_lock_irqsave(&priv->lock, flags);
4407 /* Ack/clear/reset pending uCode interrupts.
4408 * Note: Some bits in CSR_INT are "OR" of bits in CSR_FH_INT_STATUS,
4409 * and will clear only when CSR_FH_INT_STATUS gets cleared. */
4410 inta = iwl3945_read32(priv, CSR_INT);
4411 iwl3945_write32(priv, CSR_INT, inta);
4413 /* Ack/clear/reset pending flow-handler (DMA) interrupts.
4414 * Any new interrupts that happen after this, either while we're
4415 * in this tasklet, or later, will show up in next ISR/tasklet. */
4416 inta_fh = iwl3945_read32(priv, CSR_FH_INT_STATUS);
4417 iwl3945_write32(priv, CSR_FH_INT_STATUS, inta_fh);
4419 #ifdef CONFIG_IWL3945_DEBUG
4420 if (iwl3945_debug_level & IWL_DL_ISR) {
4421 /* just for debug */
4422 inta_mask = iwl3945_read32(priv, CSR_INT_MASK);
4423 IWL_DEBUG_ISR("inta 0x%08x, enabled 0x%08x, fh 0x%08x\n",
4424 inta, inta_mask, inta_fh);
4428 /* Since CSR_INT and CSR_FH_INT_STATUS reads and clears are not
4429 * atomic, make sure that inta covers all the interrupts that
4430 * we've discovered, even if FH interrupt came in just after
4431 * reading CSR_INT. */
4432 if (inta_fh & CSR39_FH_INT_RX_MASK)
4433 inta |= CSR_INT_BIT_FH_RX;
4434 if (inta_fh & CSR39_FH_INT_TX_MASK)
4435 inta |= CSR_INT_BIT_FH_TX;
4437 /* Now service all interrupt bits discovered above. */
4438 if (inta & CSR_INT_BIT_HW_ERR) {
4439 IWL_ERROR("Microcode HW error detected. Restarting.\n");
4441 /* Tell the device to stop sending interrupts */
4442 iwl3945_disable_interrupts(priv);
4444 iwl3945_irq_handle_error(priv);
4446 handled |= CSR_INT_BIT_HW_ERR;
4448 spin_unlock_irqrestore(&priv->lock, flags);
4453 #ifdef CONFIG_IWL3945_DEBUG
4454 if (iwl3945_debug_level & (IWL_DL_ISR)) {
4455 /* NIC fires this, but we don't use it, redundant with WAKEUP */
4456 if (inta & CSR_INT_BIT_SCD)
4457 IWL_DEBUG_ISR("Scheduler finished to transmit "
4458 "the frame/frames.\n");
4460 /* Alive notification via Rx interrupt will do the real work */
4461 if (inta & CSR_INT_BIT_ALIVE)
4462 IWL_DEBUG_ISR("Alive interrupt\n");
4465 /* Safely ignore these bits for debug checks below */
4466 inta &= ~(CSR_INT_BIT_SCD | CSR_INT_BIT_ALIVE);
4468 /* HW RF KILL switch toggled (4965 only) */
4469 if (inta & CSR_INT_BIT_RF_KILL) {
4471 if (!(iwl3945_read32(priv, CSR_GP_CNTRL) &
4472 CSR_GP_CNTRL_REG_FLAG_HW_RF_KILL_SW))
4475 IWL_DEBUG(IWL_DL_INFO | IWL_DL_RF_KILL | IWL_DL_ISR,
4476 "RF_KILL bit toggled to %s.\n",
4477 hw_rf_kill ? "disable radio":"enable radio");
4479 /* Queue restart only if RF_KILL switch was set to "kill"
4480 * when we loaded driver, and is now set to "enable".
4481 * After we're Alive, RF_KILL gets handled by
4482 * iwl3945_rx_card_state_notif() */
4483 if (!hw_rf_kill && !test_bit(STATUS_ALIVE, &priv->status)) {
4484 clear_bit(STATUS_RF_KILL_HW, &priv->status);
4485 queue_work(priv->workqueue, &priv->restart);
4488 handled |= CSR_INT_BIT_RF_KILL;
4491 /* Chip got too hot and stopped itself (4965 only) */
4492 if (inta & CSR_INT_BIT_CT_KILL) {
4493 IWL_ERROR("Microcode CT kill error detected.\n");
4494 handled |= CSR_INT_BIT_CT_KILL;
4497 /* Error detected by uCode */
4498 if (inta & CSR_INT_BIT_SW_ERR) {
4499 IWL_ERROR("Microcode SW error detected. Restarting 0x%X.\n",
4501 iwl3945_irq_handle_error(priv);
4502 handled |= CSR_INT_BIT_SW_ERR;
4505 /* uCode wakes up after power-down sleep */
4506 if (inta & CSR_INT_BIT_WAKEUP) {
4507 IWL_DEBUG_ISR("Wakeup interrupt\n");
4508 iwl3945_rx_queue_update_write_ptr(priv, &priv->rxq);
4509 iwl3945_tx_queue_update_write_ptr(priv, &priv->txq[0]);
4510 iwl3945_tx_queue_update_write_ptr(priv, &priv->txq[1]);
4511 iwl3945_tx_queue_update_write_ptr(priv, &priv->txq[2]);
4512 iwl3945_tx_queue_update_write_ptr(priv, &priv->txq[3]);
4513 iwl3945_tx_queue_update_write_ptr(priv, &priv->txq[4]);
4514 iwl3945_tx_queue_update_write_ptr(priv, &priv->txq[5]);
4516 handled |= CSR_INT_BIT_WAKEUP;
4519 /* All uCode command responses, including Tx command responses,
4520 * Rx "responses" (frame-received notification), and other
4521 * notifications from uCode come through here*/
4522 if (inta & (CSR_INT_BIT_FH_RX | CSR_INT_BIT_SW_RX)) {
4523 iwl3945_rx_handle(priv);
4524 handled |= (CSR_INT_BIT_FH_RX | CSR_INT_BIT_SW_RX);
4527 if (inta & CSR_INT_BIT_FH_TX) {
4528 IWL_DEBUG_ISR("Tx interrupt\n");
4530 iwl3945_write32(priv, CSR_FH_INT_STATUS, (1 << 6));
4531 if (!iwl3945_grab_nic_access(priv)) {
4532 iwl3945_write_direct32(priv,
4534 (ALM_FH_SRVC_CHNL), 0x0);
4535 iwl3945_release_nic_access(priv);
4537 handled |= CSR_INT_BIT_FH_TX;
4540 if (inta & ~handled)
4541 IWL_ERROR("Unhandled INTA bits 0x%08x\n", inta & ~handled);
4543 if (inta & ~CSR_INI_SET_MASK) {
4544 IWL_WARNING("Disabled INTA bits 0x%08x were pending\n",
4545 inta & ~CSR_INI_SET_MASK);
4546 IWL_WARNING(" with FH_INT = 0x%08x\n", inta_fh);
4549 /* Re-enable all interrupts */
4550 iwl3945_enable_interrupts(priv);
4552 #ifdef CONFIG_IWL3945_DEBUG
4553 if (iwl3945_debug_level & (IWL_DL_ISR)) {
4554 inta = iwl3945_read32(priv, CSR_INT);
4555 inta_mask = iwl3945_read32(priv, CSR_INT_MASK);
4556 inta_fh = iwl3945_read32(priv, CSR_FH_INT_STATUS);
4557 IWL_DEBUG_ISR("End inta 0x%08x, enabled 0x%08x, fh 0x%08x, "
4558 "flags 0x%08lx\n", inta, inta_mask, inta_fh, flags);
4561 spin_unlock_irqrestore(&priv->lock, flags);
4564 static irqreturn_t iwl3945_isr(int irq, void *data)
4566 struct iwl3945_priv *priv = data;
4567 u32 inta, inta_mask;
4572 spin_lock(&priv->lock);
4574 /* Disable (but don't clear!) interrupts here to avoid
4575 * back-to-back ISRs and sporadic interrupts from our NIC.
4576 * If we have something to service, the tasklet will re-enable ints.
4577 * If we *don't* have something, we'll re-enable before leaving here. */
4578 inta_mask = iwl3945_read32(priv, CSR_INT_MASK); /* just for debug */
4579 iwl3945_write32(priv, CSR_INT_MASK, 0x00000000);
4581 /* Discover which interrupts are active/pending */
4582 inta = iwl3945_read32(priv, CSR_INT);
4583 inta_fh = iwl3945_read32(priv, CSR_FH_INT_STATUS);
4585 /* Ignore interrupt if there's nothing in NIC to service.
4586 * This may be due to IRQ shared with another device,
4587 * or due to sporadic interrupts thrown from our NIC. */
4588 if (!inta && !inta_fh) {
4589 IWL_DEBUG_ISR("Ignore interrupt, inta == 0, inta_fh == 0\n");
4593 if ((inta == 0xFFFFFFFF) || ((inta & 0xFFFFFFF0) == 0xa5a5a5a0)) {
4594 /* Hardware disappeared */
4595 IWL_WARNING("HARDWARE GONE?? INTA == 0x%080x\n", inta);
4599 IWL_DEBUG_ISR("ISR inta 0x%08x, enabled 0x%08x, fh 0x%08x\n",
4600 inta, inta_mask, inta_fh);
4602 inta &= ~CSR_INT_BIT_SCD;
4604 /* iwl3945_irq_tasklet() will service interrupts and re-enable them */
4605 if (likely(inta || inta_fh))
4606 tasklet_schedule(&priv->irq_tasklet);
4608 spin_unlock(&priv->lock);
4613 /* re-enable interrupts here since we don't have anything to service. */
4614 iwl3945_enable_interrupts(priv);
4615 spin_unlock(&priv->lock);
4619 /************************** EEPROM BANDS ****************************
4621 * The iwl3945_eeprom_band definitions below provide the mapping from the
4622 * EEPROM contents to the specific channel number supported for each
4625 * For example, iwl3945_priv->eeprom.band_3_channels[4] from the band_3
4626 * definition below maps to physical channel 42 in the 5.2GHz spectrum.
4627 * The specific geography and calibration information for that channel
4628 * is contained in the eeprom map itself.
4630 * During init, we copy the eeprom information and channel map
4631 * information into priv->channel_info_24/52 and priv->channel_map_24/52
4633 * channel_map_24/52 provides the index in the channel_info array for a
4634 * given channel. We have to have two separate maps as there is channel
4635 * overlap with the 2.4GHz and 5.2GHz spectrum as seen in band_1 and
4638 * A value of 0xff stored in the channel_map indicates that the channel
4639 * is not supported by the hardware at all.
4641 * A value of 0xfe in the channel_map indicates that the channel is not
4642 * valid for Tx with the current hardware. This means that
4643 * while the system can tune and receive on a given channel, it may not
4644 * be able to associate or transmit any frames on that
4645 * channel. There is no corresponding channel information for that
4648 *********************************************************************/
4651 static const u8 iwl3945_eeprom_band_1[14] = {
4652 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
4656 static const u8 iwl3945_eeprom_band_2[] = { /* 4915-5080MHz */
4657 183, 184, 185, 187, 188, 189, 192, 196, 7, 8, 11, 12, 16
4660 static const u8 iwl3945_eeprom_band_3[] = { /* 5170-5320MHz */
4661 34, 36, 38, 40, 42, 44, 46, 48, 52, 56, 60, 64
4664 static const u8 iwl3945_eeprom_band_4[] = { /* 5500-5700MHz */
4665 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140
4668 static const u8 iwl3945_eeprom_band_5[] = { /* 5725-5825MHz */
4669 145, 149, 153, 157, 161, 165
4672 static void iwl3945_init_band_reference(const struct iwl3945_priv *priv, int band,
4673 int *eeprom_ch_count,
4674 const struct iwl3945_eeprom_channel
4676 const u8 **eeprom_ch_index)
4679 case 1: /* 2.4GHz band */
4680 *eeprom_ch_count = ARRAY_SIZE(iwl3945_eeprom_band_1);
4681 *eeprom_ch_info = priv->eeprom.band_1_channels;
4682 *eeprom_ch_index = iwl3945_eeprom_band_1;
4684 case 2: /* 4.9GHz band */
4685 *eeprom_ch_count = ARRAY_SIZE(iwl3945_eeprom_band_2);
4686 *eeprom_ch_info = priv->eeprom.band_2_channels;
4687 *eeprom_ch_index = iwl3945_eeprom_band_2;
4689 case 3: /* 5.2GHz band */
4690 *eeprom_ch_count = ARRAY_SIZE(iwl3945_eeprom_band_3);
4691 *eeprom_ch_info = priv->eeprom.band_3_channels;
4692 *eeprom_ch_index = iwl3945_eeprom_band_3;
4694 case 4: /* 5.5GHz band */
4695 *eeprom_ch_count = ARRAY_SIZE(iwl3945_eeprom_band_4);
4696 *eeprom_ch_info = priv->eeprom.band_4_channels;
4697 *eeprom_ch_index = iwl3945_eeprom_band_4;
4699 case 5: /* 5.7GHz band */
4700 *eeprom_ch_count = ARRAY_SIZE(iwl3945_eeprom_band_5);
4701 *eeprom_ch_info = priv->eeprom.band_5_channels;
4702 *eeprom_ch_index = iwl3945_eeprom_band_5;
4711 * iwl3945_get_channel_info - Find driver's private channel info
4713 * Based on band and channel number.
4715 const struct iwl3945_channel_info *iwl3945_get_channel_info(const struct iwl3945_priv *priv,
4716 enum ieee80211_band band, u16 channel)
4721 case IEEE80211_BAND_5GHZ:
4722 for (i = 14; i < priv->channel_count; i++) {
4723 if (priv->channel_info[i].channel == channel)
4724 return &priv->channel_info[i];
4728 case IEEE80211_BAND_2GHZ:
4729 if (channel >= 1 && channel <= 14)
4730 return &priv->channel_info[channel - 1];
4732 case IEEE80211_NUM_BANDS:
4739 #define CHECK_AND_PRINT(x) ((eeprom_ch_info[ch].flags & EEPROM_CHANNEL_##x) \
4743 * iwl3945_init_channel_map - Set up driver's info for all possible channels
4745 static int iwl3945_init_channel_map(struct iwl3945_priv *priv)
4747 int eeprom_ch_count = 0;
4748 const u8 *eeprom_ch_index = NULL;
4749 const struct iwl3945_eeprom_channel *eeprom_ch_info = NULL;
4751 struct iwl3945_channel_info *ch_info;
4753 if (priv->channel_count) {
4754 IWL_DEBUG_INFO("Channel map already initialized.\n");
4758 if (priv->eeprom.version < 0x2f) {
4759 IWL_WARNING("Unsupported EEPROM version: 0x%04X\n",
4760 priv->eeprom.version);
4764 IWL_DEBUG_INFO("Initializing regulatory info from EEPROM\n");
4766 priv->channel_count =
4767 ARRAY_SIZE(iwl3945_eeprom_band_1) +
4768 ARRAY_SIZE(iwl3945_eeprom_band_2) +
4769 ARRAY_SIZE(iwl3945_eeprom_band_3) +
4770 ARRAY_SIZE(iwl3945_eeprom_band_4) +
4771 ARRAY_SIZE(iwl3945_eeprom_band_5);
4773 IWL_DEBUG_INFO("Parsing data for %d channels.\n", priv->channel_count);
4775 priv->channel_info = kzalloc(sizeof(struct iwl3945_channel_info) *
4776 priv->channel_count, GFP_KERNEL);
4777 if (!priv->channel_info) {
4778 IWL_ERROR("Could not allocate channel_info\n");
4779 priv->channel_count = 0;
4783 ch_info = priv->channel_info;
4785 /* Loop through the 5 EEPROM bands adding them in order to the
4786 * channel map we maintain (that contains additional information than
4787 * what just in the EEPROM) */
4788 for (band = 1; band <= 5; band++) {
4790 iwl3945_init_band_reference(priv, band, &eeprom_ch_count,
4791 &eeprom_ch_info, &eeprom_ch_index);
4793 /* Loop through each band adding each of the channels */
4794 for (ch = 0; ch < eeprom_ch_count; ch++) {
4795 ch_info->channel = eeprom_ch_index[ch];
4796 ch_info->band = (band == 1) ? IEEE80211_BAND_2GHZ :
4797 IEEE80211_BAND_5GHZ;
4799 /* permanently store EEPROM's channel regulatory flags
4800 * and max power in channel info database. */
4801 ch_info->eeprom = eeprom_ch_info[ch];
4803 /* Copy the run-time flags so they are there even on
4804 * invalid channels */
4805 ch_info->flags = eeprom_ch_info[ch].flags;
4807 if (!(is_channel_valid(ch_info))) {
4808 IWL_DEBUG_INFO("Ch. %d Flags %x [%sGHz] - "
4812 is_channel_a_band(ch_info) ?
4818 /* Initialize regulatory-based run-time data */
4819 ch_info->max_power_avg = ch_info->curr_txpow =
4820 eeprom_ch_info[ch].max_power_avg;
4821 ch_info->scan_power = eeprom_ch_info[ch].max_power_avg;
4822 ch_info->min_power = 0;
4824 IWL_DEBUG_INFO("Ch. %d [%sGHz] %s%s%s%s%s%s%s(0x%02x"
4825 " %ddBm): Ad-Hoc %ssupported\n",
4827 is_channel_a_band(ch_info) ?
4829 CHECK_AND_PRINT(VALID),
4830 CHECK_AND_PRINT(IBSS),
4831 CHECK_AND_PRINT(ACTIVE),
4832 CHECK_AND_PRINT(RADAR),
4833 CHECK_AND_PRINT(WIDE),
4834 CHECK_AND_PRINT(NARROW),
4835 CHECK_AND_PRINT(DFS),
4836 eeprom_ch_info[ch].flags,
4837 eeprom_ch_info[ch].max_power_avg,
4838 ((eeprom_ch_info[ch].
4839 flags & EEPROM_CHANNEL_IBSS)
4840 && !(eeprom_ch_info[ch].
4841 flags & EEPROM_CHANNEL_RADAR))
4844 /* Set the user_txpower_limit to the highest power
4845 * supported by any channel */
4846 if (eeprom_ch_info[ch].max_power_avg >
4847 priv->user_txpower_limit)
4848 priv->user_txpower_limit =
4849 eeprom_ch_info[ch].max_power_avg;
4855 /* Set up txpower settings in driver for all channels */
4856 if (iwl3945_txpower_set_from_eeprom(priv))
4863 * iwl3945_free_channel_map - undo allocations in iwl3945_init_channel_map
4865 static void iwl3945_free_channel_map(struct iwl3945_priv *priv)
4867 kfree(priv->channel_info);
4868 priv->channel_count = 0;
4871 /* For active scan, listen ACTIVE_DWELL_TIME (msec) on each channel after
4872 * sending probe req. This should be set long enough to hear probe responses
4873 * from more than one AP. */
4874 #define IWL_ACTIVE_DWELL_TIME_24 (20) /* all times in msec */
4875 #define IWL_ACTIVE_DWELL_TIME_52 (10)
4877 /* For faster active scanning, scan will move to the next channel if fewer than
4878 * PLCP_QUIET_THRESH packets are heard on this channel within
4879 * ACTIVE_QUIET_TIME after sending probe request. This shortens the dwell
4880 * time if it's a quiet channel (nothing responded to our probe, and there's
4881 * no other traffic).
4882 * Disable "quiet" feature by setting PLCP_QUIET_THRESH to 0. */
4883 #define IWL_PLCP_QUIET_THRESH __constant_cpu_to_le16(1) /* packets */
4884 #define IWL_ACTIVE_QUIET_TIME __constant_cpu_to_le16(5) /* msec */
4886 /* For passive scan, listen PASSIVE_DWELL_TIME (msec) on each channel.
4887 * Must be set longer than active dwell time.
4888 * For the most reliable scan, set > AP beacon interval (typically 100msec). */
4889 #define IWL_PASSIVE_DWELL_TIME_24 (20) /* all times in msec */
4890 #define IWL_PASSIVE_DWELL_TIME_52 (10)
4891 #define IWL_PASSIVE_DWELL_BASE (100)
4892 #define IWL_CHANNEL_TUNE_TIME 5
4894 static inline u16 iwl3945_get_active_dwell_time(struct iwl3945_priv *priv,
4895 enum ieee80211_band band)
4897 if (band == IEEE80211_BAND_5GHZ)
4898 return IWL_ACTIVE_DWELL_TIME_52;
4900 return IWL_ACTIVE_DWELL_TIME_24;
4903 static u16 iwl3945_get_passive_dwell_time(struct iwl3945_priv *priv,
4904 enum ieee80211_band band)
4906 u16 active = iwl3945_get_active_dwell_time(priv, band);
4907 u16 passive = (band == IEEE80211_BAND_2GHZ) ?
4908 IWL_PASSIVE_DWELL_BASE + IWL_PASSIVE_DWELL_TIME_24 :
4909 IWL_PASSIVE_DWELL_BASE + IWL_PASSIVE_DWELL_TIME_52;
4911 if (iwl3945_is_associated(priv)) {
4912 /* If we're associated, we clamp the maximum passive
4913 * dwell time to be 98% of the beacon interval (minus
4914 * 2 * channel tune time) */
4915 passive = priv->beacon_int;
4916 if ((passive > IWL_PASSIVE_DWELL_BASE) || !passive)
4917 passive = IWL_PASSIVE_DWELL_BASE;
4918 passive = (passive * 98) / 100 - IWL_CHANNEL_TUNE_TIME * 2;
4921 if (passive <= active)
4922 passive = active + 1;
4927 static int iwl3945_get_channels_for_scan(struct iwl3945_priv *priv,
4928 enum ieee80211_band band,
4929 u8 is_active, u8 direct_mask,
4930 struct iwl3945_scan_channel *scan_ch)
4932 const struct ieee80211_channel *channels = NULL;
4933 const struct ieee80211_supported_band *sband;
4934 const struct iwl3945_channel_info *ch_info;
4935 u16 passive_dwell = 0;
4936 u16 active_dwell = 0;
4939 sband = iwl3945_get_band(priv, band);
4943 channels = sband->channels;
4945 active_dwell = iwl3945_get_active_dwell_time(priv, band);
4946 passive_dwell = iwl3945_get_passive_dwell_time(priv, band);
4948 for (i = 0, added = 0; i < sband->n_channels; i++) {
4949 if (channels[i].hw_value ==
4950 le16_to_cpu(priv->active_rxon.channel)) {
4951 if (iwl3945_is_associated(priv)) {
4953 ("Skipping current channel %d\n",
4954 le16_to_cpu(priv->active_rxon.channel));
4957 } else if (priv->only_active_channel)
4960 scan_ch->channel = channels[i].hw_value;
4962 ch_info = iwl3945_get_channel_info(priv, band, scan_ch->channel);
4963 if (!is_channel_valid(ch_info)) {
4964 IWL_DEBUG_SCAN("Channel %d is INVALID for this SKU.\n",
4969 if (!is_active || is_channel_passive(ch_info) ||
4970 (channels[i].flags & IEEE80211_CHAN_PASSIVE_SCAN))
4971 scan_ch->type = 0; /* passive */
4973 scan_ch->type = 1; /* active */
4975 if (scan_ch->type & 1)
4976 scan_ch->type |= (direct_mask << 1);
4978 if (is_channel_narrow(ch_info))
4979 scan_ch->type |= (1 << 7);
4981 scan_ch->active_dwell = cpu_to_le16(active_dwell);
4982 scan_ch->passive_dwell = cpu_to_le16(passive_dwell);
4984 /* Set txpower levels to defaults */
4985 scan_ch->tpc.dsp_atten = 110;
4986 /* scan_pwr_info->tpc.dsp_atten; */
4988 /*scan_pwr_info->tpc.tx_gain; */
4989 if (band == IEEE80211_BAND_5GHZ)
4990 scan_ch->tpc.tx_gain = ((1 << 5) | (3 << 3)) | 3;
4992 scan_ch->tpc.tx_gain = ((1 << 5) | (5 << 3));
4993 /* NOTE: if we were doing 6Mb OFDM for scans we'd use
4995 * scan_ch->tpc.tx_gain = ((1 << 5) | (2 << 3)) | 3;
4999 IWL_DEBUG_SCAN("Scanning %d [%s %d]\n",
5001 (scan_ch->type & 1) ? "ACTIVE" : "PASSIVE",
5002 (scan_ch->type & 1) ?
5003 active_dwell : passive_dwell);
5009 IWL_DEBUG_SCAN("total channels to scan %d \n", added);
5013 static void iwl3945_init_hw_rates(struct iwl3945_priv *priv,
5014 struct ieee80211_rate *rates)
5018 for (i = 0; i < IWL_RATE_COUNT; i++) {
5019 rates[i].bitrate = iwl3945_rates[i].ieee * 5;
5020 rates[i].hw_value = i; /* Rate scaling will work on indexes */
5021 rates[i].hw_value_short = i;
5023 if ((i > IWL_LAST_OFDM_RATE) || (i < IWL_FIRST_OFDM_RATE)) {
5025 * If CCK != 1M then set short preamble rate flag.
5027 rates[i].flags |= (iwl3945_rates[i].plcp == 10) ?
5028 0 : IEEE80211_RATE_SHORT_PREAMBLE;
5034 * iwl3945_init_geos - Initialize mac80211's geo/channel info based from eeprom
5036 static int iwl3945_init_geos(struct iwl3945_priv *priv)
5038 struct iwl3945_channel_info *ch;
5039 struct ieee80211_supported_band *sband;
5040 struct ieee80211_channel *channels;
5041 struct ieee80211_channel *geo_ch;
5042 struct ieee80211_rate *rates;
5045 if (priv->bands[IEEE80211_BAND_2GHZ].n_bitrates ||
5046 priv->bands[IEEE80211_BAND_5GHZ].n_bitrates) {
5047 IWL_DEBUG_INFO("Geography modes already initialized.\n");
5048 set_bit(STATUS_GEO_CONFIGURED, &priv->status);
5052 channels = kzalloc(sizeof(struct ieee80211_channel) *
5053 priv->channel_count, GFP_KERNEL);
5057 rates = kzalloc((sizeof(struct ieee80211_rate) * (IWL_RATE_COUNT + 1)),
5064 /* 5.2GHz channels start after the 2.4GHz channels */
5065 sband = &priv->bands[IEEE80211_BAND_5GHZ];
5066 sband->channels = &channels[ARRAY_SIZE(iwl3945_eeprom_band_1)];
5068 sband->bitrates = &rates[IWL_FIRST_OFDM_RATE];
5069 sband->n_bitrates = IWL_RATE_COUNT - IWL_FIRST_OFDM_RATE;
5071 sband = &priv->bands[IEEE80211_BAND_2GHZ];
5072 sband->channels = channels;
5074 sband->bitrates = rates;
5075 sband->n_bitrates = IWL_RATE_COUNT;
5077 priv->ieee_channels = channels;
5078 priv->ieee_rates = rates;
5080 iwl3945_init_hw_rates(priv, rates);
5082 for (i = 0; i < priv->channel_count; i++) {
5083 ch = &priv->channel_info[i];
5085 /* FIXME: might be removed if scan is OK*/
5086 if (!is_channel_valid(ch))
5089 if (is_channel_a_band(ch))
5090 sband = &priv->bands[IEEE80211_BAND_5GHZ];
5092 sband = &priv->bands[IEEE80211_BAND_2GHZ];
5094 geo_ch = &sband->channels[sband->n_channels++];
5096 geo_ch->center_freq = ieee80211_channel_to_frequency(ch->channel);
5097 geo_ch->max_power = ch->max_power_avg;
5098 geo_ch->max_antenna_gain = 0xff;
5099 geo_ch->hw_value = ch->channel;
5101 if (is_channel_valid(ch)) {
5102 if (!(ch->flags & EEPROM_CHANNEL_IBSS))
5103 geo_ch->flags |= IEEE80211_CHAN_NO_IBSS;
5105 if (!(ch->flags & EEPROM_CHANNEL_ACTIVE))
5106 geo_ch->flags |= IEEE80211_CHAN_PASSIVE_SCAN;
5108 if (ch->flags & EEPROM_CHANNEL_RADAR)
5109 geo_ch->flags |= IEEE80211_CHAN_RADAR;
5111 if (ch->max_power_avg > priv->max_channel_txpower_limit)
5112 priv->max_channel_txpower_limit =
5115 geo_ch->flags |= IEEE80211_CHAN_DISABLED;
5118 /* Save flags for reg domain usage */
5119 geo_ch->orig_flags = geo_ch->flags;
5121 IWL_DEBUG_INFO("Channel %d Freq=%d[%sGHz] %s flag=0%X\n",
5122 ch->channel, geo_ch->center_freq,
5123 is_channel_a_band(ch) ? "5.2" : "2.4",
5124 geo_ch->flags & IEEE80211_CHAN_DISABLED ?
5125 "restricted" : "valid",
5129 if ((priv->bands[IEEE80211_BAND_5GHZ].n_channels == 0) &&
5130 priv->cfg->sku & IWL_SKU_A) {
5131 printk(KERN_INFO DRV_NAME
5132 ": Incorrectly detected BG card as ABG. Please send "
5133 "your PCI ID 0x%04X:0x%04X to maintainer.\n",
5134 priv->pci_dev->device, priv->pci_dev->subsystem_device);
5135 priv->cfg->sku &= ~IWL_SKU_A;
5138 printk(KERN_INFO DRV_NAME
5139 ": Tunable channels: %d 802.11bg, %d 802.11a channels\n",
5140 priv->bands[IEEE80211_BAND_2GHZ].n_channels,
5141 priv->bands[IEEE80211_BAND_5GHZ].n_channels);
5143 if (priv->bands[IEEE80211_BAND_2GHZ].n_channels)
5144 priv->hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
5145 &priv->bands[IEEE80211_BAND_2GHZ];
5146 if (priv->bands[IEEE80211_BAND_5GHZ].n_channels)
5147 priv->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
5148 &priv->bands[IEEE80211_BAND_5GHZ];
5150 set_bit(STATUS_GEO_CONFIGURED, &priv->status);
5156 * iwl3945_free_geos - undo allocations in iwl3945_init_geos
5158 static void iwl3945_free_geos(struct iwl3945_priv *priv)
5160 kfree(priv->ieee_channels);
5161 kfree(priv->ieee_rates);
5162 clear_bit(STATUS_GEO_CONFIGURED, &priv->status);
5165 /******************************************************************************
5167 * uCode download functions
5169 ******************************************************************************/
5171 static void iwl3945_dealloc_ucode_pci(struct iwl3945_priv *priv)
5173 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_code);
5174 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_data);
5175 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_data_backup);
5176 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_init);
5177 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_init_data);
5178 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_boot);
5182 * iwl3945_verify_inst_full - verify runtime uCode image in card vs. host,
5183 * looking at all data.
5185 static int iwl3945_verify_inst_full(struct iwl3945_priv *priv, __le32 * image, u32 len)
5192 IWL_DEBUG_INFO("ucode inst image size is %u\n", len);
5194 rc = iwl3945_grab_nic_access(priv);
5198 iwl3945_write_direct32(priv, HBUS_TARG_MEM_RADDR, RTC_INST_LOWER_BOUND);
5201 for (; len > 0; len -= sizeof(u32), image++) {
5202 /* read data comes through single port, auto-incr addr */
5203 /* NOTE: Use the debugless read so we don't flood kernel log
5204 * if IWL_DL_IO is set */
5205 val = _iwl3945_read_direct32(priv, HBUS_TARG_MEM_RDAT);
5206 if (val != le32_to_cpu(*image)) {
5207 IWL_ERROR("uCode INST section is invalid at "
5208 "offset 0x%x, is 0x%x, s/b 0x%x\n",
5209 save_len - len, val, le32_to_cpu(*image));
5217 iwl3945_release_nic_access(priv);
5220 IWL_DEBUG_INFO("ucode image in INSTRUCTION memory is good\n");
5227 * iwl3945_verify_inst_sparse - verify runtime uCode image in card vs. host,
5228 * using sample data 100 bytes apart. If these sample points are good,
5229 * it's a pretty good bet that everything between them is good, too.
5231 static int iwl3945_verify_inst_sparse(struct iwl3945_priv *priv, __le32 *image, u32 len)
5238 IWL_DEBUG_INFO("ucode inst image size is %u\n", len);
5240 rc = iwl3945_grab_nic_access(priv);
5244 for (i = 0; i < len; i += 100, image += 100/sizeof(u32)) {
5245 /* read data comes through single port, auto-incr addr */
5246 /* NOTE: Use the debugless read so we don't flood kernel log
5247 * if IWL_DL_IO is set */
5248 iwl3945_write_direct32(priv, HBUS_TARG_MEM_RADDR,
5249 i + RTC_INST_LOWER_BOUND);
5250 val = _iwl3945_read_direct32(priv, HBUS_TARG_MEM_RDAT);
5251 if (val != le32_to_cpu(*image)) {
5252 #if 0 /* Enable this if you want to see details */
5253 IWL_ERROR("uCode INST section is invalid at "
5254 "offset 0x%x, is 0x%x, s/b 0x%x\n",
5264 iwl3945_release_nic_access(priv);
5271 * iwl3945_verify_ucode - determine which instruction image is in SRAM,
5272 * and verify its contents
5274 static int iwl3945_verify_ucode(struct iwl3945_priv *priv)
5281 image = (__le32 *)priv->ucode_boot.v_addr;
5282 len = priv->ucode_boot.len;
5283 rc = iwl3945_verify_inst_sparse(priv, image, len);
5285 IWL_DEBUG_INFO("Bootstrap uCode is good in inst SRAM\n");
5289 /* Try initialize */
5290 image = (__le32 *)priv->ucode_init.v_addr;
5291 len = priv->ucode_init.len;
5292 rc = iwl3945_verify_inst_sparse(priv, image, len);
5294 IWL_DEBUG_INFO("Initialize uCode is good in inst SRAM\n");
5298 /* Try runtime/protocol */
5299 image = (__le32 *)priv->ucode_code.v_addr;
5300 len = priv->ucode_code.len;
5301 rc = iwl3945_verify_inst_sparse(priv, image, len);
5303 IWL_DEBUG_INFO("Runtime uCode is good in inst SRAM\n");
5307 IWL_ERROR("NO VALID UCODE IMAGE IN INSTRUCTION SRAM!!\n");
5309 /* Since nothing seems to match, show first several data entries in
5310 * instruction SRAM, so maybe visual inspection will give a clue.
5311 * Selection of bootstrap image (vs. other images) is arbitrary. */
5312 image = (__le32 *)priv->ucode_boot.v_addr;
5313 len = priv->ucode_boot.len;
5314 rc = iwl3945_verify_inst_full(priv, image, len);
5320 /* check contents of special bootstrap uCode SRAM */
5321 static int iwl3945_verify_bsm(struct iwl3945_priv *priv)
5323 __le32 *image = priv->ucode_boot.v_addr;
5324 u32 len = priv->ucode_boot.len;
5328 IWL_DEBUG_INFO("Begin verify bsm\n");
5330 /* verify BSM SRAM contents */
5331 val = iwl3945_read_prph(priv, BSM_WR_DWCOUNT_REG);
5332 for (reg = BSM_SRAM_LOWER_BOUND;
5333 reg < BSM_SRAM_LOWER_BOUND + len;
5334 reg += sizeof(u32), image ++) {
5335 val = iwl3945_read_prph(priv, reg);
5336 if (val != le32_to_cpu(*image)) {
5337 IWL_ERROR("BSM uCode verification failed at "
5338 "addr 0x%08X+%u (of %u), is 0x%x, s/b 0x%x\n",
5339 BSM_SRAM_LOWER_BOUND,
5340 reg - BSM_SRAM_LOWER_BOUND, len,
5341 val, le32_to_cpu(*image));
5346 IWL_DEBUG_INFO("BSM bootstrap uCode image OK\n");
5352 * iwl3945_load_bsm - Load bootstrap instructions
5356 * The Bootstrap State Machine (BSM) stores a short bootstrap uCode program
5357 * in special SRAM that does not power down during RFKILL. When powering back
5358 * up after power-saving sleeps (or during initial uCode load), the BSM loads
5359 * the bootstrap program into the on-board processor, and starts it.
5361 * The bootstrap program loads (via DMA) instructions and data for a new
5362 * program from host DRAM locations indicated by the host driver in the
5363 * BSM_DRAM_* registers. Once the new program is loaded, it starts
5366 * When initializing the NIC, the host driver points the BSM to the
5367 * "initialize" uCode image. This uCode sets up some internal data, then
5368 * notifies host via "initialize alive" that it is complete.
5370 * The host then replaces the BSM_DRAM_* pointer values to point to the
5371 * normal runtime uCode instructions and a backup uCode data cache buffer
5372 * (filled initially with starting data values for the on-board processor),
5373 * then triggers the "initialize" uCode to load and launch the runtime uCode,
5374 * which begins normal operation.
5376 * When doing a power-save shutdown, runtime uCode saves data SRAM into
5377 * the backup data cache in DRAM before SRAM is powered down.
5379 * When powering back up, the BSM loads the bootstrap program. This reloads
5380 * the runtime uCode instructions and the backup data cache into SRAM,
5381 * and re-launches the runtime uCode from where it left off.
5383 static int iwl3945_load_bsm(struct iwl3945_priv *priv)
5385 __le32 *image = priv->ucode_boot.v_addr;
5386 u32 len = priv->ucode_boot.len;
5396 IWL_DEBUG_INFO("Begin load bsm\n");
5398 /* make sure bootstrap program is no larger than BSM's SRAM size */
5399 if (len > IWL_MAX_BSM_SIZE)
5402 /* Tell bootstrap uCode where to find the "Initialize" uCode
5403 * in host DRAM ... host DRAM physical address bits 31:0 for 3945.
5404 * NOTE: iwl3945_initialize_alive_start() will replace these values,
5405 * after the "initialize" uCode has run, to point to
5406 * runtime/protocol instructions and backup data cache. */
5407 pinst = priv->ucode_init.p_addr;
5408 pdata = priv->ucode_init_data.p_addr;
5409 inst_len = priv->ucode_init.len;
5410 data_len = priv->ucode_init_data.len;
5412 rc = iwl3945_grab_nic_access(priv);
5416 iwl3945_write_prph(priv, BSM_DRAM_INST_PTR_REG, pinst);
5417 iwl3945_write_prph(priv, BSM_DRAM_DATA_PTR_REG, pdata);
5418 iwl3945_write_prph(priv, BSM_DRAM_INST_BYTECOUNT_REG, inst_len);
5419 iwl3945_write_prph(priv, BSM_DRAM_DATA_BYTECOUNT_REG, data_len);
5421 /* Fill BSM memory with bootstrap instructions */
5422 for (reg_offset = BSM_SRAM_LOWER_BOUND;
5423 reg_offset < BSM_SRAM_LOWER_BOUND + len;
5424 reg_offset += sizeof(u32), image++)
5425 _iwl3945_write_prph(priv, reg_offset,
5426 le32_to_cpu(*image));
5428 rc = iwl3945_verify_bsm(priv);
5430 iwl3945_release_nic_access(priv);
5434 /* Tell BSM to copy from BSM SRAM into instruction SRAM, when asked */
5435 iwl3945_write_prph(priv, BSM_WR_MEM_SRC_REG, 0x0);
5436 iwl3945_write_prph(priv, BSM_WR_MEM_DST_REG,
5437 RTC_INST_LOWER_BOUND);
5438 iwl3945_write_prph(priv, BSM_WR_DWCOUNT_REG, len / sizeof(u32));
5440 /* Load bootstrap code into instruction SRAM now,
5441 * to prepare to load "initialize" uCode */
5442 iwl3945_write_prph(priv, BSM_WR_CTRL_REG,
5443 BSM_WR_CTRL_REG_BIT_START);
5445 /* Wait for load of bootstrap uCode to finish */
5446 for (i = 0; i < 100; i++) {
5447 done = iwl3945_read_prph(priv, BSM_WR_CTRL_REG);
5448 if (!(done & BSM_WR_CTRL_REG_BIT_START))
5453 IWL_DEBUG_INFO("BSM write complete, poll %d iterations\n", i);
5455 IWL_ERROR("BSM write did not complete!\n");
5459 /* Enable future boot loads whenever power management unit triggers it
5460 * (e.g. when powering back up after power-save shutdown) */
5461 iwl3945_write_prph(priv, BSM_WR_CTRL_REG,
5462 BSM_WR_CTRL_REG_BIT_START_EN);
5464 iwl3945_release_nic_access(priv);
5469 static void iwl3945_nic_start(struct iwl3945_priv *priv)
5471 /* Remove all resets to allow NIC to operate */
5472 iwl3945_write32(priv, CSR_RESET, 0);
5476 * iwl3945_read_ucode - Read uCode images from disk file.
5478 * Copy into buffers for card to fetch via bus-mastering
5480 static int iwl3945_read_ucode(struct iwl3945_priv *priv)
5482 struct iwl3945_ucode *ucode;
5484 const struct firmware *ucode_raw;
5485 /* firmware file name contains uCode/driver compatibility version */
5486 const char *name = priv->cfg->fw_name;
5489 u32 ver, inst_size, data_size, init_size, init_data_size, boot_size;
5491 /* Ask kernel firmware_class module to get the boot firmware off disk.
5492 * request_firmware() is synchronous, file is in memory on return. */
5493 ret = request_firmware(&ucode_raw, name, &priv->pci_dev->dev);
5495 IWL_ERROR("%s firmware file req failed: Reason %d\n",
5500 IWL_DEBUG_INFO("Got firmware '%s' file (%zd bytes) from disk\n",
5501 name, ucode_raw->size);
5503 /* Make sure that we got at least our header! */
5504 if (ucode_raw->size < sizeof(*ucode)) {
5505 IWL_ERROR("File size way too small!\n");
5510 /* Data from ucode file: header followed by uCode images */
5511 ucode = (void *)ucode_raw->data;
5513 ver = le32_to_cpu(ucode->ver);
5514 inst_size = le32_to_cpu(ucode->inst_size);
5515 data_size = le32_to_cpu(ucode->data_size);
5516 init_size = le32_to_cpu(ucode->init_size);
5517 init_data_size = le32_to_cpu(ucode->init_data_size);
5518 boot_size = le32_to_cpu(ucode->boot_size);
5520 IWL_DEBUG_INFO("f/w package hdr ucode version = 0x%x\n", ver);
5521 IWL_DEBUG_INFO("f/w package hdr runtime inst size = %u\n", inst_size);
5522 IWL_DEBUG_INFO("f/w package hdr runtime data size = %u\n", data_size);
5523 IWL_DEBUG_INFO("f/w package hdr init inst size = %u\n", init_size);
5524 IWL_DEBUG_INFO("f/w package hdr init data size = %u\n", init_data_size);
5525 IWL_DEBUG_INFO("f/w package hdr boot inst size = %u\n", boot_size);
5527 /* Verify size of file vs. image size info in file's header */
5528 if (ucode_raw->size < sizeof(*ucode) +
5529 inst_size + data_size + init_size +
5530 init_data_size + boot_size) {
5532 IWL_DEBUG_INFO("uCode file size %d too small\n",
5533 (int)ucode_raw->size);
5538 /* Verify that uCode images will fit in card's SRAM */
5539 if (inst_size > IWL_MAX_INST_SIZE) {
5540 IWL_DEBUG_INFO("uCode instr len %d too large to fit in\n",
5546 if (data_size > IWL_MAX_DATA_SIZE) {
5547 IWL_DEBUG_INFO("uCode data len %d too large to fit in\n",
5552 if (init_size > IWL_MAX_INST_SIZE) {
5553 IWL_DEBUG_INFO("uCode init instr len %d too large to fit in\n",
5558 if (init_data_size > IWL_MAX_DATA_SIZE) {
5559 IWL_DEBUG_INFO("uCode init data len %d too large to fit in\n",
5564 if (boot_size > IWL_MAX_BSM_SIZE) {
5565 IWL_DEBUG_INFO("uCode boot instr len %d too large to fit in\n",
5571 /* Allocate ucode buffers for card's bus-master loading ... */
5573 /* Runtime instructions and 2 copies of data:
5574 * 1) unmodified from disk
5575 * 2) backup cache for save/restore during power-downs */
5576 priv->ucode_code.len = inst_size;
5577 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_code);
5579 priv->ucode_data.len = data_size;
5580 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_data);
5582 priv->ucode_data_backup.len = data_size;
5583 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_data_backup);
5585 if (!priv->ucode_code.v_addr || !priv->ucode_data.v_addr ||
5586 !priv->ucode_data_backup.v_addr)
5589 /* Initialization instructions and data */
5590 if (init_size && init_data_size) {
5591 priv->ucode_init.len = init_size;
5592 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_init);
5594 priv->ucode_init_data.len = init_data_size;
5595 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_init_data);
5597 if (!priv->ucode_init.v_addr || !priv->ucode_init_data.v_addr)
5601 /* Bootstrap (instructions only, no data) */
5603 priv->ucode_boot.len = boot_size;
5604 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_boot);
5606 if (!priv->ucode_boot.v_addr)
5610 /* Copy images into buffers for card's bus-master reads ... */
5612 /* Runtime instructions (first block of data in file) */
5613 src = &ucode->data[0];
5614 len = priv->ucode_code.len;
5615 IWL_DEBUG_INFO("Copying (but not loading) uCode instr len %Zd\n", len);
5616 memcpy(priv->ucode_code.v_addr, src, len);
5617 IWL_DEBUG_INFO("uCode instr buf vaddr = 0x%p, paddr = 0x%08x\n",
5618 priv->ucode_code.v_addr, (u32)priv->ucode_code.p_addr);
5620 /* Runtime data (2nd block)
5621 * NOTE: Copy into backup buffer will be done in iwl3945_up() */
5622 src = &ucode->data[inst_size];
5623 len = priv->ucode_data.len;
5624 IWL_DEBUG_INFO("Copying (but not loading) uCode data len %Zd\n", len);
5625 memcpy(priv->ucode_data.v_addr, src, len);
5626 memcpy(priv->ucode_data_backup.v_addr, src, len);
5628 /* Initialization instructions (3rd block) */
5630 src = &ucode->data[inst_size + data_size];
5631 len = priv->ucode_init.len;
5632 IWL_DEBUG_INFO("Copying (but not loading) init instr len %Zd\n",
5634 memcpy(priv->ucode_init.v_addr, src, len);
5637 /* Initialization data (4th block) */
5638 if (init_data_size) {
5639 src = &ucode->data[inst_size + data_size + init_size];
5640 len = priv->ucode_init_data.len;
5641 IWL_DEBUG_INFO("Copying (but not loading) init data len %d\n",
5643 memcpy(priv->ucode_init_data.v_addr, src, len);
5646 /* Bootstrap instructions (5th block) */
5647 src = &ucode->data[inst_size + data_size + init_size + init_data_size];
5648 len = priv->ucode_boot.len;
5649 IWL_DEBUG_INFO("Copying (but not loading) boot instr len %d\n",
5651 memcpy(priv->ucode_boot.v_addr, src, len);
5653 /* We have our copies now, allow OS release its copies */
5654 release_firmware(ucode_raw);
5658 IWL_ERROR("failed to allocate pci memory\n");
5660 iwl3945_dealloc_ucode_pci(priv);
5663 release_firmware(ucode_raw);
5671 * iwl3945_set_ucode_ptrs - Set uCode address location
5673 * Tell initialization uCode where to find runtime uCode.
5675 * BSM registers initially contain pointers to initialization uCode.
5676 * We need to replace them to load runtime uCode inst and data,
5677 * and to save runtime data when powering down.
5679 static int iwl3945_set_ucode_ptrs(struct iwl3945_priv *priv)
5684 unsigned long flags;
5686 /* bits 31:0 for 3945 */
5687 pinst = priv->ucode_code.p_addr;
5688 pdata = priv->ucode_data_backup.p_addr;
5690 spin_lock_irqsave(&priv->lock, flags);
5691 rc = iwl3945_grab_nic_access(priv);
5693 spin_unlock_irqrestore(&priv->lock, flags);
5697 /* Tell bootstrap uCode where to find image to load */
5698 iwl3945_write_prph(priv, BSM_DRAM_INST_PTR_REG, pinst);
5699 iwl3945_write_prph(priv, BSM_DRAM_DATA_PTR_REG, pdata);
5700 iwl3945_write_prph(priv, BSM_DRAM_DATA_BYTECOUNT_REG,
5701 priv->ucode_data.len);
5703 /* Inst bytecount must be last to set up, bit 31 signals uCode
5704 * that all new ptr/size info is in place */
5705 iwl3945_write_prph(priv, BSM_DRAM_INST_BYTECOUNT_REG,
5706 priv->ucode_code.len | BSM_DRAM_INST_LOAD);
5708 iwl3945_release_nic_access(priv);
5710 spin_unlock_irqrestore(&priv->lock, flags);
5712 IWL_DEBUG_INFO("Runtime uCode pointers are set.\n");
5718 * iwl3945_init_alive_start - Called after REPLY_ALIVE notification received
5720 * Called after REPLY_ALIVE notification received from "initialize" uCode.
5722 * Tell "initialize" uCode to go ahead and load the runtime uCode.
5724 static void iwl3945_init_alive_start(struct iwl3945_priv *priv)
5726 /* Check alive response for "valid" sign from uCode */
5727 if (priv->card_alive_init.is_valid != UCODE_VALID_OK) {
5728 /* We had an error bringing up the hardware, so take it
5729 * all the way back down so we can try again */
5730 IWL_DEBUG_INFO("Initialize Alive failed.\n");
5734 /* Bootstrap uCode has loaded initialize uCode ... verify inst image.
5735 * This is a paranoid check, because we would not have gotten the
5736 * "initialize" alive if code weren't properly loaded. */
5737 if (iwl3945_verify_ucode(priv)) {
5738 /* Runtime instruction load was bad;
5739 * take it all the way back down so we can try again */
5740 IWL_DEBUG_INFO("Bad \"initialize\" uCode load.\n");
5744 /* Send pointers to protocol/runtime uCode image ... init code will
5745 * load and launch runtime uCode, which will send us another "Alive"
5747 IWL_DEBUG_INFO("Initialization Alive received.\n");
5748 if (iwl3945_set_ucode_ptrs(priv)) {
5749 /* Runtime instruction load won't happen;
5750 * take it all the way back down so we can try again */
5751 IWL_DEBUG_INFO("Couldn't set up uCode pointers.\n");
5757 queue_work(priv->workqueue, &priv->restart);
5762 * iwl3945_alive_start - called after REPLY_ALIVE notification received
5763 * from protocol/runtime uCode (initialization uCode's
5764 * Alive gets handled by iwl3945_init_alive_start()).
5766 static void iwl3945_alive_start(struct iwl3945_priv *priv)
5769 int thermal_spin = 0;
5772 IWL_DEBUG_INFO("Runtime Alive received.\n");
5774 if (priv->card_alive.is_valid != UCODE_VALID_OK) {
5775 /* We had an error bringing up the hardware, so take it
5776 * all the way back down so we can try again */
5777 IWL_DEBUG_INFO("Alive failed.\n");
5781 /* Initialize uCode has loaded Runtime uCode ... verify inst image.
5782 * This is a paranoid check, because we would not have gotten the
5783 * "runtime" alive if code weren't properly loaded. */
5784 if (iwl3945_verify_ucode(priv)) {
5785 /* Runtime instruction load was bad;
5786 * take it all the way back down so we can try again */
5787 IWL_DEBUG_INFO("Bad runtime uCode load.\n");
5791 iwl3945_clear_stations_table(priv);
5793 rc = iwl3945_grab_nic_access(priv);
5795 IWL_WARNING("Can not read rfkill status from adapter\n");
5799 rfkill = iwl3945_read_prph(priv, APMG_RFKILL_REG);
5800 IWL_DEBUG_INFO("RFKILL status: 0x%x\n", rfkill);
5801 iwl3945_release_nic_access(priv);
5804 clear_bit(STATUS_RF_KILL_HW, &priv->status);
5805 /* if rfkill is not on, then wait for thermal
5806 * sensor in adapter to kick in */
5807 while (iwl3945_hw_get_temperature(priv) == 0) {
5813 IWL_DEBUG_INFO("Thermal calibration took %dus\n",
5816 set_bit(STATUS_RF_KILL_HW, &priv->status);
5818 /* After the ALIVE response, we can send commands to 3945 uCode */
5819 set_bit(STATUS_ALIVE, &priv->status);
5821 /* Clear out the uCode error bit if it is set */
5822 clear_bit(STATUS_FW_ERROR, &priv->status);
5824 if (iwl3945_is_rfkill(priv))
5827 ieee80211_start_queues(priv->hw);
5829 priv->active_rate = priv->rates_mask;
5830 priv->active_rate_basic = priv->rates_mask & IWL_BASIC_RATES_MASK;
5832 iwl3945_send_power_mode(priv, IWL_POWER_LEVEL(priv->power_mode));
5834 if (iwl3945_is_associated(priv)) {
5835 struct iwl3945_rxon_cmd *active_rxon =
5836 (struct iwl3945_rxon_cmd *)(&priv->active_rxon);
5838 memcpy(&priv->staging_rxon, &priv->active_rxon,
5839 sizeof(priv->staging_rxon));
5840 active_rxon->filter_flags &= ~RXON_FILTER_ASSOC_MSK;
5842 /* Initialize our rx_config data */
5843 iwl3945_connection_init_rx_config(priv);
5844 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
5847 /* Configure Bluetooth device coexistence support */
5848 iwl3945_send_bt_config(priv);
5850 /* Configure the adapter for unassociated operation */
5851 iwl3945_commit_rxon(priv);
5853 /* At this point, the NIC is initialized and operational */
5854 priv->notif_missed_beacons = 0;
5855 set_bit(STATUS_READY, &priv->status);
5857 iwl3945_reg_txpower_periodic(priv);
5859 IWL_DEBUG_INFO("ALIVE processing complete.\n");
5860 wake_up_interruptible(&priv->wait_command_queue);
5862 iwl3945_led_register(priv);
5864 if (priv->error_recovering)
5865 iwl3945_error_recovery(priv);
5870 queue_work(priv->workqueue, &priv->restart);
5873 static void iwl3945_cancel_deferred_work(struct iwl3945_priv *priv);
5875 static void __iwl3945_down(struct iwl3945_priv *priv)
5877 unsigned long flags;
5878 int exit_pending = test_bit(STATUS_EXIT_PENDING, &priv->status);
5879 struct ieee80211_conf *conf = NULL;
5881 IWL_DEBUG_INFO(DRV_NAME " is going down\n");
5883 conf = ieee80211_get_hw_conf(priv->hw);
5886 set_bit(STATUS_EXIT_PENDING, &priv->status);
5888 iwl3945_led_unregister(priv);
5889 iwl3945_clear_stations_table(priv);
5891 /* Unblock any waiting calls */
5892 wake_up_interruptible_all(&priv->wait_command_queue);
5894 /* Wipe out the EXIT_PENDING status bit if we are not actually
5895 * exiting the module */
5897 clear_bit(STATUS_EXIT_PENDING, &priv->status);
5899 /* stop and reset the on-board processor */
5900 iwl3945_write32(priv, CSR_RESET, CSR_RESET_REG_FLAG_NEVO_RESET);
5902 /* tell the device to stop sending interrupts */
5903 iwl3945_disable_interrupts(priv);
5905 if (priv->mac80211_registered)
5906 ieee80211_stop_queues(priv->hw);
5908 /* If we have not previously called iwl3945_init() then
5909 * clear all bits but the RF Kill and SUSPEND bits and return */
5910 if (!iwl3945_is_init(priv)) {
5911 priv->status = test_bit(STATUS_RF_KILL_HW, &priv->status) <<
5913 test_bit(STATUS_RF_KILL_SW, &priv->status) <<
5915 test_bit(STATUS_GEO_CONFIGURED, &priv->status) <<
5916 STATUS_GEO_CONFIGURED |
5917 test_bit(STATUS_IN_SUSPEND, &priv->status) <<
5922 /* ...otherwise clear out all the status bits but the RF Kill and
5923 * SUSPEND bits and continue taking the NIC down. */
5924 priv->status &= test_bit(STATUS_RF_KILL_HW, &priv->status) <<
5926 test_bit(STATUS_RF_KILL_SW, &priv->status) <<
5928 test_bit(STATUS_GEO_CONFIGURED, &priv->status) <<
5929 STATUS_GEO_CONFIGURED |
5930 test_bit(STATUS_IN_SUSPEND, &priv->status) <<
5932 test_bit(STATUS_FW_ERROR, &priv->status) <<
5935 spin_lock_irqsave(&priv->lock, flags);
5936 iwl3945_clear_bit(priv, CSR_GP_CNTRL, CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
5937 spin_unlock_irqrestore(&priv->lock, flags);
5939 iwl3945_hw_txq_ctx_stop(priv);
5940 iwl3945_hw_rxq_stop(priv);
5942 spin_lock_irqsave(&priv->lock, flags);
5943 if (!iwl3945_grab_nic_access(priv)) {
5944 iwl3945_write_prph(priv, APMG_CLK_DIS_REG,
5945 APMG_CLK_VAL_DMA_CLK_RQT);
5946 iwl3945_release_nic_access(priv);
5948 spin_unlock_irqrestore(&priv->lock, flags);
5952 iwl3945_hw_nic_stop_master(priv);
5953 iwl3945_set_bit(priv, CSR_RESET, CSR_RESET_REG_FLAG_SW_RESET);
5954 iwl3945_hw_nic_reset(priv);
5957 memset(&priv->card_alive, 0, sizeof(struct iwl3945_alive_resp));
5959 if (priv->ibss_beacon)
5960 dev_kfree_skb(priv->ibss_beacon);
5961 priv->ibss_beacon = NULL;
5963 /* clear out any free frames */
5964 iwl3945_clear_free_frames(priv);
5967 static void iwl3945_down(struct iwl3945_priv *priv)
5969 mutex_lock(&priv->mutex);
5970 __iwl3945_down(priv);
5971 mutex_unlock(&priv->mutex);
5973 iwl3945_cancel_deferred_work(priv);
5976 #define MAX_HW_RESTARTS 5
5978 static int __iwl3945_up(struct iwl3945_priv *priv)
5982 if (test_bit(STATUS_EXIT_PENDING, &priv->status)) {
5983 IWL_WARNING("Exit pending; will not bring the NIC up\n");
5987 if (test_bit(STATUS_RF_KILL_SW, &priv->status)) {
5988 IWL_WARNING("Radio disabled by SW RF kill (module "
5993 if (!priv->ucode_data_backup.v_addr || !priv->ucode_data.v_addr) {
5994 IWL_ERROR("ucode not available for device bringup\n");
5998 /* If platform's RF_KILL switch is NOT set to KILL */
5999 if (iwl3945_read32(priv, CSR_GP_CNTRL) &
6000 CSR_GP_CNTRL_REG_FLAG_HW_RF_KILL_SW)
6001 clear_bit(STATUS_RF_KILL_HW, &priv->status);
6003 set_bit(STATUS_RF_KILL_HW, &priv->status);
6004 if (!test_bit(STATUS_IN_SUSPEND, &priv->status)) {
6005 IWL_WARNING("Radio disabled by HW RF Kill switch\n");
6010 iwl3945_write32(priv, CSR_INT, 0xFFFFFFFF);
6012 rc = iwl3945_hw_nic_init(priv);
6014 IWL_ERROR("Unable to int nic\n");
6018 /* make sure rfkill handshake bits are cleared */
6019 iwl3945_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
6020 iwl3945_write32(priv, CSR_UCODE_DRV_GP1_CLR,
6021 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
6023 /* clear (again), then enable host interrupts */
6024 iwl3945_write32(priv, CSR_INT, 0xFFFFFFFF);
6025 iwl3945_enable_interrupts(priv);
6027 /* really make sure rfkill handshake bits are cleared */
6028 iwl3945_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
6029 iwl3945_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
6031 /* Copy original ucode data image from disk into backup cache.
6032 * This will be used to initialize the on-board processor's
6033 * data SRAM for a clean start when the runtime program first loads. */
6034 memcpy(priv->ucode_data_backup.v_addr, priv->ucode_data.v_addr,
6035 priv->ucode_data.len);
6037 /* We return success when we resume from suspend and rf_kill is on. */
6038 if (test_bit(STATUS_RF_KILL_HW, &priv->status))
6041 for (i = 0; i < MAX_HW_RESTARTS; i++) {
6043 iwl3945_clear_stations_table(priv);
6045 /* load bootstrap state machine,
6046 * load bootstrap program into processor's memory,
6047 * prepare to load the "initialize" uCode */
6048 rc = iwl3945_load_bsm(priv);
6051 IWL_ERROR("Unable to set up bootstrap uCode: %d\n", rc);
6055 /* start card; "initialize" will load runtime ucode */
6056 iwl3945_nic_start(priv);
6058 IWL_DEBUG_INFO(DRV_NAME " is coming up\n");
6063 set_bit(STATUS_EXIT_PENDING, &priv->status);
6064 __iwl3945_down(priv);
6066 /* tried to restart and config the device for as long as our
6067 * patience could withstand */
6068 IWL_ERROR("Unable to initialize device after %d attempts.\n", i);
6073 /*****************************************************************************
6075 * Workqueue callbacks
6077 *****************************************************************************/
6079 static void iwl3945_bg_init_alive_start(struct work_struct *data)
6081 struct iwl3945_priv *priv =
6082 container_of(data, struct iwl3945_priv, init_alive_start.work);
6084 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6087 mutex_lock(&priv->mutex);
6088 iwl3945_init_alive_start(priv);
6089 mutex_unlock(&priv->mutex);
6092 static void iwl3945_bg_alive_start(struct work_struct *data)
6094 struct iwl3945_priv *priv =
6095 container_of(data, struct iwl3945_priv, alive_start.work);
6097 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6100 mutex_lock(&priv->mutex);
6101 iwl3945_alive_start(priv);
6102 mutex_unlock(&priv->mutex);
6105 static void iwl3945_bg_rf_kill(struct work_struct *work)
6107 struct iwl3945_priv *priv = container_of(work, struct iwl3945_priv, rf_kill);
6109 wake_up_interruptible(&priv->wait_command_queue);
6111 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6114 mutex_lock(&priv->mutex);
6116 if (!iwl3945_is_rfkill(priv)) {
6117 IWL_DEBUG(IWL_DL_INFO | IWL_DL_RF_KILL,
6118 "HW and/or SW RF Kill no longer active, restarting "
6120 if (!test_bit(STATUS_EXIT_PENDING, &priv->status))
6121 queue_work(priv->workqueue, &priv->restart);
6124 if (!test_bit(STATUS_RF_KILL_HW, &priv->status))
6125 IWL_DEBUG_RF_KILL("Can not turn radio back on - "
6126 "disabled by SW switch\n");
6128 IWL_WARNING("Radio Frequency Kill Switch is On:\n"
6129 "Kill switch must be turned off for "
6130 "wireless networking to work.\n");
6132 mutex_unlock(&priv->mutex);
6135 #define IWL_SCAN_CHECK_WATCHDOG (7 * HZ)
6137 static void iwl3945_bg_scan_check(struct work_struct *data)
6139 struct iwl3945_priv *priv =
6140 container_of(data, struct iwl3945_priv, scan_check.work);
6142 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6145 mutex_lock(&priv->mutex);
6146 if (test_bit(STATUS_SCANNING, &priv->status) ||
6147 test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
6148 IWL_DEBUG(IWL_DL_INFO | IWL_DL_SCAN,
6149 "Scan completion watchdog resetting adapter (%dms)\n",
6150 jiffies_to_msecs(IWL_SCAN_CHECK_WATCHDOG));
6152 if (!test_bit(STATUS_EXIT_PENDING, &priv->status))
6153 iwl3945_send_scan_abort(priv);
6155 mutex_unlock(&priv->mutex);
6158 static void iwl3945_bg_request_scan(struct work_struct *data)
6160 struct iwl3945_priv *priv =
6161 container_of(data, struct iwl3945_priv, request_scan);
6162 struct iwl3945_host_cmd cmd = {
6163 .id = REPLY_SCAN_CMD,
6164 .len = sizeof(struct iwl3945_scan_cmd),
6165 .meta.flags = CMD_SIZE_HUGE,
6168 struct iwl3945_scan_cmd *scan;
6169 struct ieee80211_conf *conf = NULL;
6171 enum ieee80211_band band;
6173 conf = ieee80211_get_hw_conf(priv->hw);
6175 mutex_lock(&priv->mutex);
6177 if (!iwl3945_is_ready(priv)) {
6178 IWL_WARNING("request scan called when driver not ready.\n");
6182 /* Make sure the scan wasn't cancelled before this queued work
6183 * was given the chance to run... */
6184 if (!test_bit(STATUS_SCANNING, &priv->status))
6187 /* This should never be called or scheduled if there is currently
6188 * a scan active in the hardware. */
6189 if (test_bit(STATUS_SCAN_HW, &priv->status)) {
6190 IWL_DEBUG_INFO("Multiple concurrent scan requests in parallel. "
6191 "Ignoring second request.\n");
6196 if (test_bit(STATUS_EXIT_PENDING, &priv->status)) {
6197 IWL_DEBUG_SCAN("Aborting scan due to device shutdown\n");
6201 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
6202 IWL_DEBUG_HC("Scan request while abort pending. Queuing.\n");
6206 if (iwl3945_is_rfkill(priv)) {
6207 IWL_DEBUG_HC("Aborting scan due to RF Kill activation\n");
6211 if (!test_bit(STATUS_READY, &priv->status)) {
6212 IWL_DEBUG_HC("Scan request while uninitialized. Queuing.\n");
6216 if (!priv->scan_bands) {
6217 IWL_DEBUG_HC("Aborting scan due to no requested bands\n");
6222 priv->scan = kmalloc(sizeof(struct iwl3945_scan_cmd) +
6223 IWL_MAX_SCAN_SIZE, GFP_KERNEL);
6230 memset(scan, 0, sizeof(struct iwl3945_scan_cmd) + IWL_MAX_SCAN_SIZE);
6232 scan->quiet_plcp_th = IWL_PLCP_QUIET_THRESH;
6233 scan->quiet_time = IWL_ACTIVE_QUIET_TIME;
6235 if (iwl3945_is_associated(priv)) {
6238 u32 suspend_time = 100;
6239 u32 scan_suspend_time = 100;
6240 unsigned long flags;
6242 IWL_DEBUG_INFO("Scanning while associated...\n");
6244 spin_lock_irqsave(&priv->lock, flags);
6245 interval = priv->beacon_int;
6246 spin_unlock_irqrestore(&priv->lock, flags);
6248 scan->suspend_time = 0;
6249 scan->max_out_time = cpu_to_le32(200 * 1024);
6251 interval = suspend_time;
6253 * suspend time format:
6254 * 0-19: beacon interval in usec (time before exec.)
6256 * 24-31: number of beacons (suspend between channels)
6259 extra = (suspend_time / interval) << 24;
6260 scan_suspend_time = 0xFF0FFFFF &
6261 (extra | ((suspend_time % interval) * 1024));
6263 scan->suspend_time = cpu_to_le32(scan_suspend_time);
6264 IWL_DEBUG_SCAN("suspend_time 0x%X beacon interval %d\n",
6265 scan_suspend_time, interval);
6268 /* We should add the ability for user to lock to PASSIVE ONLY */
6269 if (priv->one_direct_scan) {
6271 ("Kicking off one direct scan for '%s'\n",
6272 iwl3945_escape_essid(priv->direct_ssid,
6273 priv->direct_ssid_len));
6274 scan->direct_scan[0].id = WLAN_EID_SSID;
6275 scan->direct_scan[0].len = priv->direct_ssid_len;
6276 memcpy(scan->direct_scan[0].ssid,
6277 priv->direct_ssid, priv->direct_ssid_len);
6279 } else if (!iwl3945_is_associated(priv) && priv->essid_len) {
6280 scan->direct_scan[0].id = WLAN_EID_SSID;
6281 scan->direct_scan[0].len = priv->essid_len;
6282 memcpy(scan->direct_scan[0].ssid, priv->essid, priv->essid_len);
6287 /* We don't build a direct scan probe request; the uCode will do
6288 * that based on the direct_mask added to each channel entry */
6289 scan->tx_cmd.len = cpu_to_le16(
6290 iwl3945_fill_probe_req(priv, (struct ieee80211_mgmt *)scan->data,
6291 IWL_MAX_SCAN_SIZE - sizeof(*scan), 0));
6292 scan->tx_cmd.tx_flags = TX_CMD_FLG_SEQ_CTL_MSK;
6293 scan->tx_cmd.sta_id = priv->hw_setting.bcast_sta_id;
6294 scan->tx_cmd.stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
6296 /* flags + rate selection */
6298 switch (priv->scan_bands) {
6300 scan->flags = RXON_FLG_BAND_24G_MSK | RXON_FLG_AUTO_DETECT_MSK;
6301 scan->tx_cmd.rate = IWL_RATE_1M_PLCP;
6302 scan->good_CRC_th = 0;
6303 band = IEEE80211_BAND_2GHZ;
6307 scan->tx_cmd.rate = IWL_RATE_6M_PLCP;
6308 scan->good_CRC_th = IWL_GOOD_CRC_TH;
6309 band = IEEE80211_BAND_5GHZ;
6313 IWL_WARNING("Invalid scan band count\n");
6317 /* select Rx antennas */
6318 scan->flags |= iwl3945_get_antenna_flags(priv);
6320 if (priv->iw_mode == IEEE80211_IF_TYPE_MNTR)
6321 scan->filter_flags = RXON_FILTER_PROMISC_MSK;
6325 ("Initiating direct scan for %s.\n",
6326 iwl3945_escape_essid(priv->essid, priv->essid_len));
6327 scan->channel_count =
6328 iwl3945_get_channels_for_scan(
6329 priv, band, 1, /* active */
6331 (void *)&scan->data[le16_to_cpu(scan->tx_cmd.len)]);
6333 IWL_DEBUG_SCAN("Initiating indirect scan.\n");
6334 scan->channel_count =
6335 iwl3945_get_channels_for_scan(
6336 priv, band, 0, /* passive */
6338 (void *)&scan->data[le16_to_cpu(scan->tx_cmd.len)]);
6341 cmd.len += le16_to_cpu(scan->tx_cmd.len) +
6342 scan->channel_count * sizeof(struct iwl3945_scan_channel);
6344 scan->len = cpu_to_le16(cmd.len);
6346 set_bit(STATUS_SCAN_HW, &priv->status);
6347 rc = iwl3945_send_cmd_sync(priv, &cmd);
6351 queue_delayed_work(priv->workqueue, &priv->scan_check,
6352 IWL_SCAN_CHECK_WATCHDOG);
6354 mutex_unlock(&priv->mutex);
6358 /* inform mac80211 scan aborted */
6359 queue_work(priv->workqueue, &priv->scan_completed);
6360 mutex_unlock(&priv->mutex);
6363 static void iwl3945_bg_up(struct work_struct *data)
6365 struct iwl3945_priv *priv = container_of(data, struct iwl3945_priv, up);
6367 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6370 mutex_lock(&priv->mutex);
6372 mutex_unlock(&priv->mutex);
6375 static void iwl3945_bg_restart(struct work_struct *data)
6377 struct iwl3945_priv *priv = container_of(data, struct iwl3945_priv, restart);
6379 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6383 queue_work(priv->workqueue, &priv->up);
6386 static void iwl3945_bg_rx_replenish(struct work_struct *data)
6388 struct iwl3945_priv *priv =
6389 container_of(data, struct iwl3945_priv, rx_replenish);
6391 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6394 mutex_lock(&priv->mutex);
6395 iwl3945_rx_replenish(priv);
6396 mutex_unlock(&priv->mutex);
6399 #define IWL_DELAY_NEXT_SCAN (HZ*2)
6401 static void iwl3945_bg_post_associate(struct work_struct *data)
6403 struct iwl3945_priv *priv = container_of(data, struct iwl3945_priv,
6404 post_associate.work);
6407 struct ieee80211_conf *conf = NULL;
6408 DECLARE_MAC_BUF(mac);
6410 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
6411 IWL_ERROR("%s Should not be called in AP mode\n", __FUNCTION__);
6416 IWL_DEBUG_ASSOC("Associated as %d to: %s\n",
6418 print_mac(mac, priv->active_rxon.bssid_addr));
6420 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6423 mutex_lock(&priv->mutex);
6425 if (!priv->vif || !priv->is_open) {
6426 mutex_unlock(&priv->mutex);
6429 iwl3945_scan_cancel_timeout(priv, 200);
6431 conf = ieee80211_get_hw_conf(priv->hw);
6433 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6434 iwl3945_commit_rxon(priv);
6436 memset(&priv->rxon_timing, 0, sizeof(struct iwl3945_rxon_time_cmd));
6437 iwl3945_setup_rxon_timing(priv);
6438 rc = iwl3945_send_cmd_pdu(priv, REPLY_RXON_TIMING,
6439 sizeof(priv->rxon_timing), &priv->rxon_timing);
6441 IWL_WARNING("REPLY_RXON_TIMING failed - "
6442 "Attempting to continue.\n");
6444 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
6446 priv->staging_rxon.assoc_id = cpu_to_le16(priv->assoc_id);
6448 IWL_DEBUG_ASSOC("assoc id %d beacon interval %d\n",
6449 priv->assoc_id, priv->beacon_int);
6451 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
6452 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
6454 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
6456 if (priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) {
6457 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
6458 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
6460 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
6462 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
6463 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
6467 iwl3945_commit_rxon(priv);
6469 switch (priv->iw_mode) {
6470 case IEEE80211_IF_TYPE_STA:
6471 iwl3945_rate_scale_init(priv->hw, IWL_AP_ID);
6474 case IEEE80211_IF_TYPE_IBSS:
6476 /* clear out the station table */
6477 iwl3945_clear_stations_table(priv);
6479 iwl3945_add_station(priv, iwl3945_broadcast_addr, 0, 0);
6480 iwl3945_add_station(priv, priv->bssid, 0, 0);
6481 iwl3945_sync_sta(priv, IWL_STA_ID,
6482 (priv->band == IEEE80211_BAND_5GHZ) ?
6483 IWL_RATE_6M_PLCP : IWL_RATE_1M_PLCP,
6485 iwl3945_rate_scale_init(priv->hw, IWL_STA_ID);
6486 iwl3945_send_beacon_cmd(priv);
6491 IWL_ERROR("%s Should not be called in %d mode\n",
6492 __FUNCTION__, priv->iw_mode);
6496 iwl3945_sequence_reset(priv);
6498 iwl3945_activate_qos(priv, 0);
6500 /* we have just associated, don't start scan too early */
6501 priv->next_scan_jiffies = jiffies + IWL_DELAY_NEXT_SCAN;
6502 mutex_unlock(&priv->mutex);
6505 static void iwl3945_bg_abort_scan(struct work_struct *work)
6507 struct iwl3945_priv *priv = container_of(work, struct iwl3945_priv, abort_scan);
6509 if (!iwl3945_is_ready(priv))
6512 mutex_lock(&priv->mutex);
6514 set_bit(STATUS_SCAN_ABORTING, &priv->status);
6515 iwl3945_send_scan_abort(priv);
6517 mutex_unlock(&priv->mutex);
6520 static int iwl3945_mac_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf);
6522 static void iwl3945_bg_scan_completed(struct work_struct *work)
6524 struct iwl3945_priv *priv =
6525 container_of(work, struct iwl3945_priv, scan_completed);
6527 IWL_DEBUG(IWL_DL_INFO | IWL_DL_SCAN, "SCAN complete scan\n");
6529 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6532 if (test_bit(STATUS_CONF_PENDING, &priv->status))
6533 iwl3945_mac_config(priv->hw, ieee80211_get_hw_conf(priv->hw));
6535 ieee80211_scan_completed(priv->hw);
6537 /* Since setting the TXPOWER may have been deferred while
6538 * performing the scan, fire one off */
6539 mutex_lock(&priv->mutex);
6540 iwl3945_hw_reg_send_txpower(priv);
6541 mutex_unlock(&priv->mutex);
6544 /*****************************************************************************
6546 * mac80211 entry point functions
6548 *****************************************************************************/
6550 #define UCODE_READY_TIMEOUT (2 * HZ)
6552 static int iwl3945_mac_start(struct ieee80211_hw *hw)
6554 struct iwl3945_priv *priv = hw->priv;
6557 IWL_DEBUG_MAC80211("enter\n");
6559 if (pci_enable_device(priv->pci_dev)) {
6560 IWL_ERROR("Fail to pci_enable_device\n");
6563 pci_restore_state(priv->pci_dev);
6564 pci_enable_msi(priv->pci_dev);
6566 ret = request_irq(priv->pci_dev->irq, iwl3945_isr, IRQF_SHARED,
6569 IWL_ERROR("Error allocating IRQ %d\n", priv->pci_dev->irq);
6570 goto out_disable_msi;
6573 /* we should be verifying the device is ready to be opened */
6574 mutex_lock(&priv->mutex);
6576 memset(&priv->staging_rxon, 0, sizeof(struct iwl3945_rxon_cmd));
6577 /* fetch ucode file from disk, alloc and copy to bus-master buffers ...
6578 * ucode filename and max sizes are card-specific. */
6580 if (!priv->ucode_code.len) {
6581 ret = iwl3945_read_ucode(priv);
6583 IWL_ERROR("Could not read microcode: %d\n", ret);
6584 mutex_unlock(&priv->mutex);
6585 goto out_release_irq;
6589 ret = __iwl3945_up(priv);
6591 mutex_unlock(&priv->mutex);
6594 goto out_release_irq;
6596 IWL_DEBUG_INFO("Start UP work.\n");
6598 if (test_bit(STATUS_IN_SUSPEND, &priv->status))
6601 /* Wait for START_ALIVE from ucode. Otherwise callbacks from
6602 * mac80211 will not be run successfully. */
6603 ret = wait_event_interruptible_timeout(priv->wait_command_queue,
6604 test_bit(STATUS_READY, &priv->status),
6605 UCODE_READY_TIMEOUT);
6607 if (!test_bit(STATUS_READY, &priv->status)) {
6608 IWL_ERROR("Wait for START_ALIVE timeout after %dms.\n",
6609 jiffies_to_msecs(UCODE_READY_TIMEOUT));
6611 goto out_release_irq;
6616 IWL_DEBUG_MAC80211("leave\n");
6620 free_irq(priv->pci_dev->irq, priv);
6622 pci_disable_msi(priv->pci_dev);
6623 pci_disable_device(priv->pci_dev);
6625 IWL_DEBUG_MAC80211("leave - failed\n");
6629 static void iwl3945_mac_stop(struct ieee80211_hw *hw)
6631 struct iwl3945_priv *priv = hw->priv;
6633 IWL_DEBUG_MAC80211("enter\n");
6635 if (!priv->is_open) {
6636 IWL_DEBUG_MAC80211("leave - skip\n");
6642 if (iwl3945_is_ready_rf(priv)) {
6643 /* stop mac, cancel any scan request and clear
6644 * RXON_FILTER_ASSOC_MSK BIT
6646 mutex_lock(&priv->mutex);
6647 iwl3945_scan_cancel_timeout(priv, 100);
6648 cancel_delayed_work(&priv->post_associate);
6649 mutex_unlock(&priv->mutex);
6654 flush_workqueue(priv->workqueue);
6655 free_irq(priv->pci_dev->irq, priv);
6656 pci_disable_msi(priv->pci_dev);
6657 pci_save_state(priv->pci_dev);
6658 pci_disable_device(priv->pci_dev);
6660 IWL_DEBUG_MAC80211("leave\n");
6663 static int iwl3945_mac_tx(struct ieee80211_hw *hw, struct sk_buff *skb,
6664 struct ieee80211_tx_control *ctl)
6666 struct iwl3945_priv *priv = hw->priv;
6668 IWL_DEBUG_MAC80211("enter\n");
6670 if (priv->iw_mode == IEEE80211_IF_TYPE_MNTR) {
6671 IWL_DEBUG_MAC80211("leave - monitor\n");
6675 IWL_DEBUG_TX("dev->xmit(%d bytes) at rate 0x%02x\n", skb->len,
6676 ctl->tx_rate->bitrate);
6678 if (iwl3945_tx_skb(priv, skb, ctl))
6679 dev_kfree_skb_any(skb);
6681 IWL_DEBUG_MAC80211("leave\n");
6685 static int iwl3945_mac_add_interface(struct ieee80211_hw *hw,
6686 struct ieee80211_if_init_conf *conf)
6688 struct iwl3945_priv *priv = hw->priv;
6689 unsigned long flags;
6690 DECLARE_MAC_BUF(mac);
6692 IWL_DEBUG_MAC80211("enter: type %d\n", conf->type);
6695 IWL_DEBUG_MAC80211("leave - vif != NULL\n");
6699 spin_lock_irqsave(&priv->lock, flags);
6700 priv->vif = conf->vif;
6702 spin_unlock_irqrestore(&priv->lock, flags);
6704 mutex_lock(&priv->mutex);
6706 if (conf->mac_addr) {
6707 IWL_DEBUG_MAC80211("Set: %s\n", print_mac(mac, conf->mac_addr));
6708 memcpy(priv->mac_addr, conf->mac_addr, ETH_ALEN);
6711 if (iwl3945_is_ready(priv))
6712 iwl3945_set_mode(priv, conf->type);
6714 mutex_unlock(&priv->mutex);
6716 IWL_DEBUG_MAC80211("leave\n");
6721 * iwl3945_mac_config - mac80211 config callback
6723 * We ignore conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME since it seems to
6724 * be set inappropriately and the driver currently sets the hardware up to
6725 * use it whenever needed.
6727 static int iwl3945_mac_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf)
6729 struct iwl3945_priv *priv = hw->priv;
6730 const struct iwl3945_channel_info *ch_info;
6731 unsigned long flags;
6734 mutex_lock(&priv->mutex);
6735 IWL_DEBUG_MAC80211("enter to channel %d\n", conf->channel->hw_value);
6737 priv->add_radiotap = !!(conf->flags & IEEE80211_CONF_RADIOTAP);
6739 if (!iwl3945_is_ready(priv)) {
6740 IWL_DEBUG_MAC80211("leave - not ready\n");
6745 if (unlikely(!iwl3945_param_disable_hw_scan &&
6746 test_bit(STATUS_SCANNING, &priv->status))) {
6747 IWL_DEBUG_MAC80211("leave - scanning\n");
6748 set_bit(STATUS_CONF_PENDING, &priv->status);
6749 mutex_unlock(&priv->mutex);
6753 spin_lock_irqsave(&priv->lock, flags);
6755 ch_info = iwl3945_get_channel_info(priv, conf->channel->band,
6756 conf->channel->hw_value);
6757 if (!is_channel_valid(ch_info)) {
6758 IWL_DEBUG_SCAN("Channel %d [%d] is INVALID for this SKU.\n",
6759 conf->channel->hw_value, conf->channel->band);
6760 IWL_DEBUG_MAC80211("leave - invalid channel\n");
6761 spin_unlock_irqrestore(&priv->lock, flags);
6766 iwl3945_set_rxon_channel(priv, conf->channel->band, conf->channel->hw_value);
6768 iwl3945_set_flags_for_phymode(priv, conf->channel->band);
6770 /* The list of supported rates and rate mask can be different
6771 * for each phymode; since the phymode may have changed, reset
6772 * the rate mask to what mac80211 lists */
6773 iwl3945_set_rate(priv);
6775 spin_unlock_irqrestore(&priv->lock, flags);
6777 #ifdef IEEE80211_CONF_CHANNEL_SWITCH
6778 if (conf->flags & IEEE80211_CONF_CHANNEL_SWITCH) {
6779 iwl3945_hw_channel_switch(priv, conf->channel);
6784 iwl3945_radio_kill_sw(priv, !conf->radio_enabled);
6786 if (!conf->radio_enabled) {
6787 IWL_DEBUG_MAC80211("leave - radio disabled\n");
6791 if (iwl3945_is_rfkill(priv)) {
6792 IWL_DEBUG_MAC80211("leave - RF kill\n");
6797 iwl3945_set_rate(priv);
6799 if (memcmp(&priv->active_rxon,
6800 &priv->staging_rxon, sizeof(priv->staging_rxon)))
6801 iwl3945_commit_rxon(priv);
6803 IWL_DEBUG_INFO("No re-sending same RXON configuration.\n");
6805 IWL_DEBUG_MAC80211("leave\n");
6808 clear_bit(STATUS_CONF_PENDING, &priv->status);
6809 mutex_unlock(&priv->mutex);
6813 static void iwl3945_config_ap(struct iwl3945_priv *priv)
6817 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6820 /* The following should be done only at AP bring up */
6821 if ((priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) == 0) {
6823 /* RXON - unassoc (to set timing command) */
6824 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6825 iwl3945_commit_rxon(priv);
6828 memset(&priv->rxon_timing, 0, sizeof(struct iwl3945_rxon_time_cmd));
6829 iwl3945_setup_rxon_timing(priv);
6830 rc = iwl3945_send_cmd_pdu(priv, REPLY_RXON_TIMING,
6831 sizeof(priv->rxon_timing), &priv->rxon_timing);
6833 IWL_WARNING("REPLY_RXON_TIMING failed - "
6834 "Attempting to continue.\n");
6836 /* FIXME: what should be the assoc_id for AP? */
6837 priv->staging_rxon.assoc_id = cpu_to_le16(priv->assoc_id);
6838 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
6839 priv->staging_rxon.flags |=
6840 RXON_FLG_SHORT_PREAMBLE_MSK;
6842 priv->staging_rxon.flags &=
6843 ~RXON_FLG_SHORT_PREAMBLE_MSK;
6845 if (priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) {
6846 if (priv->assoc_capability &
6847 WLAN_CAPABILITY_SHORT_SLOT_TIME)
6848 priv->staging_rxon.flags |=
6849 RXON_FLG_SHORT_SLOT_MSK;
6851 priv->staging_rxon.flags &=
6852 ~RXON_FLG_SHORT_SLOT_MSK;
6854 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
6855 priv->staging_rxon.flags &=
6856 ~RXON_FLG_SHORT_SLOT_MSK;
6858 /* restore RXON assoc */
6859 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
6860 iwl3945_commit_rxon(priv);
6861 iwl3945_add_station(priv, iwl3945_broadcast_addr, 0, 0);
6863 iwl3945_send_beacon_cmd(priv);
6865 /* FIXME - we need to add code here to detect a totally new
6866 * configuration, reset the AP, unassoc, rxon timing, assoc,
6867 * clear sta table, add BCAST sta... */
6870 static int iwl3945_mac_config_interface(struct ieee80211_hw *hw,
6871 struct ieee80211_vif *vif,
6872 struct ieee80211_if_conf *conf)
6874 struct iwl3945_priv *priv = hw->priv;
6875 DECLARE_MAC_BUF(mac);
6876 unsigned long flags;
6882 if (priv->vif != vif) {
6883 IWL_DEBUG_MAC80211("leave - priv->vif != vif\n");
6884 mutex_unlock(&priv->mutex);
6888 /* XXX: this MUST use conf->mac_addr */
6890 if ((priv->iw_mode == IEEE80211_IF_TYPE_AP) &&
6891 (!conf->beacon || !conf->ssid_len)) {
6893 ("Leaving in AP mode because HostAPD is not ready.\n");
6897 if (!iwl3945_is_alive(priv))
6900 mutex_lock(&priv->mutex);
6903 IWL_DEBUG_MAC80211("bssid: %s\n",
6904 print_mac(mac, conf->bssid));
6907 * very dubious code was here; the probe filtering flag is never set:
6909 if (unlikely(test_bit(STATUS_SCANNING, &priv->status)) &&
6910 !(priv->hw->flags & IEEE80211_HW_NO_PROBE_FILTERING)) {
6913 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
6915 conf->bssid = priv->mac_addr;
6916 memcpy(priv->bssid, priv->mac_addr, ETH_ALEN);
6917 IWL_DEBUG_MAC80211("bssid was set to: %s\n",
6918 print_mac(mac, conf->bssid));
6920 if (priv->ibss_beacon)
6921 dev_kfree_skb(priv->ibss_beacon);
6923 priv->ibss_beacon = conf->beacon;
6926 if (iwl3945_is_rfkill(priv))
6929 if (conf->bssid && !is_zero_ether_addr(conf->bssid) &&
6930 !is_multicast_ether_addr(conf->bssid)) {
6931 /* If there is currently a HW scan going on in the background
6932 * then we need to cancel it else the RXON below will fail. */
6933 if (iwl3945_scan_cancel_timeout(priv, 100)) {
6934 IWL_WARNING("Aborted scan still in progress "
6936 IWL_DEBUG_MAC80211("leaving - scan abort failed.\n");
6937 mutex_unlock(&priv->mutex);
6940 memcpy(priv->staging_rxon.bssid_addr, conf->bssid, ETH_ALEN);
6942 /* TODO: Audit driver for usage of these members and see
6943 * if mac80211 deprecates them (priv->bssid looks like it
6944 * shouldn't be there, but I haven't scanned the IBSS code
6945 * to verify) - jpk */
6946 memcpy(priv->bssid, conf->bssid, ETH_ALEN);
6948 if (priv->iw_mode == IEEE80211_IF_TYPE_AP)
6949 iwl3945_config_ap(priv);
6951 rc = iwl3945_commit_rxon(priv);
6952 if ((priv->iw_mode == IEEE80211_IF_TYPE_STA) && rc)
6953 iwl3945_add_station(priv,
6954 priv->active_rxon.bssid_addr, 1, 0);
6958 iwl3945_scan_cancel_timeout(priv, 100);
6959 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6960 iwl3945_commit_rxon(priv);
6964 spin_lock_irqsave(&priv->lock, flags);
6965 if (!conf->ssid_len)
6966 memset(priv->essid, 0, IW_ESSID_MAX_SIZE);
6968 memcpy(priv->essid, conf->ssid, conf->ssid_len);
6970 priv->essid_len = conf->ssid_len;
6971 spin_unlock_irqrestore(&priv->lock, flags);
6973 IWL_DEBUG_MAC80211("leave\n");
6974 mutex_unlock(&priv->mutex);
6979 static void iwl3945_configure_filter(struct ieee80211_hw *hw,
6980 unsigned int changed_flags,
6981 unsigned int *total_flags,
6982 int mc_count, struct dev_addr_list *mc_list)
6986 * see also iwl3945_connection_init_rx_config
6991 static void iwl3945_mac_remove_interface(struct ieee80211_hw *hw,
6992 struct ieee80211_if_init_conf *conf)
6994 struct iwl3945_priv *priv = hw->priv;
6996 IWL_DEBUG_MAC80211("enter\n");
6998 mutex_lock(&priv->mutex);
7000 if (iwl3945_is_ready_rf(priv)) {
7001 iwl3945_scan_cancel_timeout(priv, 100);
7002 cancel_delayed_work(&priv->post_associate);
7003 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
7004 iwl3945_commit_rxon(priv);
7006 if (priv->vif == conf->vif) {
7008 memset(priv->bssid, 0, ETH_ALEN);
7009 memset(priv->essid, 0, IW_ESSID_MAX_SIZE);
7010 priv->essid_len = 0;
7012 mutex_unlock(&priv->mutex);
7014 IWL_DEBUG_MAC80211("leave\n");
7017 static int iwl3945_mac_hw_scan(struct ieee80211_hw *hw, u8 *ssid, size_t len)
7020 unsigned long flags;
7021 struct iwl3945_priv *priv = hw->priv;
7023 IWL_DEBUG_MAC80211("enter\n");
7025 mutex_lock(&priv->mutex);
7026 spin_lock_irqsave(&priv->lock, flags);
7028 if (!iwl3945_is_ready_rf(priv)) {
7030 IWL_DEBUG_MAC80211("leave - not ready or exit pending\n");
7034 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) { /* APs don't scan */
7036 IWL_ERROR("ERROR: APs don't scan\n");
7040 /* we don't schedule scan within next_scan_jiffies period */
7041 if (priv->next_scan_jiffies &&
7042 time_after(priv->next_scan_jiffies, jiffies)) {
7046 /* if we just finished scan ask for delay */
7047 if (priv->last_scan_jiffies && time_after(priv->last_scan_jiffies +
7048 IWL_DELAY_NEXT_SCAN, jiffies)) {
7053 IWL_DEBUG_SCAN("direct scan for %s [%d]\n ",
7054 iwl3945_escape_essid(ssid, len), (int)len);
7056 priv->one_direct_scan = 1;
7057 priv->direct_ssid_len = (u8)
7058 min((u8) len, (u8) IW_ESSID_MAX_SIZE);
7059 memcpy(priv->direct_ssid, ssid, priv->direct_ssid_len);
7061 priv->one_direct_scan = 0;
7063 rc = iwl3945_scan_initiate(priv);
7065 IWL_DEBUG_MAC80211("leave\n");
7068 spin_unlock_irqrestore(&priv->lock, flags);
7069 mutex_unlock(&priv->mutex);
7074 static int iwl3945_mac_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
7075 const u8 *local_addr, const u8 *addr,
7076 struct ieee80211_key_conf *key)
7078 struct iwl3945_priv *priv = hw->priv;
7082 IWL_DEBUG_MAC80211("enter\n");
7084 if (!iwl3945_param_hwcrypto) {
7085 IWL_DEBUG_MAC80211("leave - hwcrypto disabled\n");
7089 if (is_zero_ether_addr(addr))
7090 /* only support pairwise keys */
7093 sta_id = iwl3945_hw_find_station(priv, addr);
7094 if (sta_id == IWL_INVALID_STATION) {
7095 DECLARE_MAC_BUF(mac);
7097 IWL_DEBUG_MAC80211("leave - %s not in station map.\n",
7098 print_mac(mac, addr));
7102 mutex_lock(&priv->mutex);
7104 iwl3945_scan_cancel_timeout(priv, 100);
7108 rc = iwl3945_update_sta_key_info(priv, key, sta_id);
7110 iwl3945_set_rxon_hwcrypto(priv, 1);
7111 iwl3945_commit_rxon(priv);
7112 key->hw_key_idx = sta_id;
7113 IWL_DEBUG_MAC80211("set_key success, using hwcrypto\n");
7114 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
7118 rc = iwl3945_clear_sta_key_info(priv, sta_id);
7120 iwl3945_set_rxon_hwcrypto(priv, 0);
7121 iwl3945_commit_rxon(priv);
7122 IWL_DEBUG_MAC80211("disable hwcrypto key\n");
7129 IWL_DEBUG_MAC80211("leave\n");
7130 mutex_unlock(&priv->mutex);
7135 static int iwl3945_mac_conf_tx(struct ieee80211_hw *hw, int queue,
7136 const struct ieee80211_tx_queue_params *params)
7138 struct iwl3945_priv *priv = hw->priv;
7139 unsigned long flags;
7142 IWL_DEBUG_MAC80211("enter\n");
7144 if (!iwl3945_is_ready_rf(priv)) {
7145 IWL_DEBUG_MAC80211("leave - RF not ready\n");
7149 if (queue >= AC_NUM) {
7150 IWL_DEBUG_MAC80211("leave - queue >= AC_NUM %d\n", queue);
7154 if (!priv->qos_data.qos_enable) {
7155 priv->qos_data.qos_active = 0;
7156 IWL_DEBUG_MAC80211("leave - qos not enabled\n");
7159 q = AC_NUM - 1 - queue;
7161 spin_lock_irqsave(&priv->lock, flags);
7163 priv->qos_data.def_qos_parm.ac[q].cw_min = cpu_to_le16(params->cw_min);
7164 priv->qos_data.def_qos_parm.ac[q].cw_max = cpu_to_le16(params->cw_max);
7165 priv->qos_data.def_qos_parm.ac[q].aifsn = params->aifs;
7166 priv->qos_data.def_qos_parm.ac[q].edca_txop =
7167 cpu_to_le16((params->txop * 32));
7169 priv->qos_data.def_qos_parm.ac[q].reserved1 = 0;
7170 priv->qos_data.qos_active = 1;
7172 spin_unlock_irqrestore(&priv->lock, flags);
7174 mutex_lock(&priv->mutex);
7175 if (priv->iw_mode == IEEE80211_IF_TYPE_AP)
7176 iwl3945_activate_qos(priv, 1);
7177 else if (priv->assoc_id && iwl3945_is_associated(priv))
7178 iwl3945_activate_qos(priv, 0);
7180 mutex_unlock(&priv->mutex);
7182 IWL_DEBUG_MAC80211("leave\n");
7186 static int iwl3945_mac_get_tx_stats(struct ieee80211_hw *hw,
7187 struct ieee80211_tx_queue_stats *stats)
7189 struct iwl3945_priv *priv = hw->priv;
7191 struct iwl3945_tx_queue *txq;
7192 struct iwl3945_queue *q;
7193 unsigned long flags;
7195 IWL_DEBUG_MAC80211("enter\n");
7197 if (!iwl3945_is_ready_rf(priv)) {
7198 IWL_DEBUG_MAC80211("leave - RF not ready\n");
7202 spin_lock_irqsave(&priv->lock, flags);
7204 for (i = 0; i < AC_NUM; i++) {
7205 txq = &priv->txq[i];
7207 avail = iwl3945_queue_space(q);
7209 stats->data[i].len = q->n_window - avail;
7210 stats->data[i].limit = q->n_window - q->high_mark;
7211 stats->data[i].count = q->n_window;
7214 spin_unlock_irqrestore(&priv->lock, flags);
7216 IWL_DEBUG_MAC80211("leave\n");
7221 static int iwl3945_mac_get_stats(struct ieee80211_hw *hw,
7222 struct ieee80211_low_level_stats *stats)
7224 IWL_DEBUG_MAC80211("enter\n");
7225 IWL_DEBUG_MAC80211("leave\n");
7230 static u64 iwl3945_mac_get_tsf(struct ieee80211_hw *hw)
7232 IWL_DEBUG_MAC80211("enter\n");
7233 IWL_DEBUG_MAC80211("leave\n");
7238 static void iwl3945_mac_reset_tsf(struct ieee80211_hw *hw)
7240 struct iwl3945_priv *priv = hw->priv;
7241 unsigned long flags;
7243 mutex_lock(&priv->mutex);
7244 IWL_DEBUG_MAC80211("enter\n");
7246 iwl3945_reset_qos(priv);
7248 cancel_delayed_work(&priv->post_associate);
7250 spin_lock_irqsave(&priv->lock, flags);
7252 priv->assoc_capability = 0;
7253 priv->call_post_assoc_from_beacon = 0;
7255 /* new association get rid of ibss beacon skb */
7256 if (priv->ibss_beacon)
7257 dev_kfree_skb(priv->ibss_beacon);
7259 priv->ibss_beacon = NULL;
7261 priv->beacon_int = priv->hw->conf.beacon_int;
7262 priv->timestamp1 = 0;
7263 priv->timestamp0 = 0;
7264 if ((priv->iw_mode == IEEE80211_IF_TYPE_STA))
7265 priv->beacon_int = 0;
7267 spin_unlock_irqrestore(&priv->lock, flags);
7269 if (!iwl3945_is_ready_rf(priv)) {
7270 IWL_DEBUG_MAC80211("leave - not ready\n");
7271 mutex_unlock(&priv->mutex);
7275 /* we are restarting association process
7276 * clear RXON_FILTER_ASSOC_MSK bit
7278 if (priv->iw_mode != IEEE80211_IF_TYPE_AP) {
7279 iwl3945_scan_cancel_timeout(priv, 100);
7280 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
7281 iwl3945_commit_rxon(priv);
7284 /* Per mac80211.h: This is only used in IBSS mode... */
7285 if (priv->iw_mode != IEEE80211_IF_TYPE_IBSS) {
7287 IWL_DEBUG_MAC80211("leave - not in IBSS\n");
7288 mutex_unlock(&priv->mutex);
7292 priv->only_active_channel = 0;
7294 iwl3945_set_rate(priv);
7296 mutex_unlock(&priv->mutex);
7298 IWL_DEBUG_MAC80211("leave\n");
7302 static int iwl3945_mac_beacon_update(struct ieee80211_hw *hw, struct sk_buff *skb,
7303 struct ieee80211_tx_control *control)
7305 struct iwl3945_priv *priv = hw->priv;
7306 unsigned long flags;
7308 mutex_lock(&priv->mutex);
7309 IWL_DEBUG_MAC80211("enter\n");
7311 if (!iwl3945_is_ready_rf(priv)) {
7312 IWL_DEBUG_MAC80211("leave - RF not ready\n");
7313 mutex_unlock(&priv->mutex);
7317 if (priv->iw_mode != IEEE80211_IF_TYPE_IBSS) {
7318 IWL_DEBUG_MAC80211("leave - not IBSS\n");
7319 mutex_unlock(&priv->mutex);
7323 spin_lock_irqsave(&priv->lock, flags);
7325 if (priv->ibss_beacon)
7326 dev_kfree_skb(priv->ibss_beacon);
7328 priv->ibss_beacon = skb;
7332 IWL_DEBUG_MAC80211("leave\n");
7333 spin_unlock_irqrestore(&priv->lock, flags);
7335 iwl3945_reset_qos(priv);
7337 queue_work(priv->workqueue, &priv->post_associate.work);
7339 mutex_unlock(&priv->mutex);
7344 /*****************************************************************************
7348 *****************************************************************************/
7350 #ifdef CONFIG_IWL3945_DEBUG
7353 * The following adds a new attribute to the sysfs representation
7354 * of this device driver (i.e. a new file in /sys/bus/pci/drivers/iwl/)
7355 * used for controlling the debug level.
7357 * See the level definitions in iwl for details.
7360 static ssize_t show_debug_level(struct device_driver *d, char *buf)
7362 return sprintf(buf, "0x%08X\n", iwl3945_debug_level);
7364 static ssize_t store_debug_level(struct device_driver *d,
7365 const char *buf, size_t count)
7367 char *p = (char *)buf;
7370 val = simple_strtoul(p, &p, 0);
7372 printk(KERN_INFO DRV_NAME
7373 ": %s is not in hex or decimal form.\n", buf);
7375 iwl3945_debug_level = val;
7377 return strnlen(buf, count);
7380 static DRIVER_ATTR(debug_level, S_IWUSR | S_IRUGO,
7381 show_debug_level, store_debug_level);
7383 #endif /* CONFIG_IWL3945_DEBUG */
7385 static ssize_t show_rf_kill(struct device *d,
7386 struct device_attribute *attr, char *buf)
7389 * 0 - RF kill not enabled
7390 * 1 - SW based RF kill active (sysfs)
7391 * 2 - HW based RF kill active
7392 * 3 - Both HW and SW based RF kill active
7394 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7395 int val = (test_bit(STATUS_RF_KILL_SW, &priv->status) ? 0x1 : 0x0) |
7396 (test_bit(STATUS_RF_KILL_HW, &priv->status) ? 0x2 : 0x0);
7398 return sprintf(buf, "%i\n", val);
7401 static ssize_t store_rf_kill(struct device *d,
7402 struct device_attribute *attr,
7403 const char *buf, size_t count)
7405 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7407 mutex_lock(&priv->mutex);
7408 iwl3945_radio_kill_sw(priv, buf[0] == '1');
7409 mutex_unlock(&priv->mutex);
7414 static DEVICE_ATTR(rf_kill, S_IWUSR | S_IRUGO, show_rf_kill, store_rf_kill);
7416 static ssize_t show_temperature(struct device *d,
7417 struct device_attribute *attr, char *buf)
7419 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7421 if (!iwl3945_is_alive(priv))
7424 return sprintf(buf, "%d\n", iwl3945_hw_get_temperature(priv));
7427 static DEVICE_ATTR(temperature, S_IRUGO, show_temperature, NULL);
7429 static ssize_t show_rs_window(struct device *d,
7430 struct device_attribute *attr,
7433 struct iwl3945_priv *priv = d->driver_data;
7434 return iwl3945_fill_rs_info(priv->hw, buf, IWL_AP_ID);
7436 static DEVICE_ATTR(rs_window, S_IRUGO, show_rs_window, NULL);
7438 static ssize_t show_tx_power(struct device *d,
7439 struct device_attribute *attr, char *buf)
7441 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7442 return sprintf(buf, "%d\n", priv->user_txpower_limit);
7445 static ssize_t store_tx_power(struct device *d,
7446 struct device_attribute *attr,
7447 const char *buf, size_t count)
7449 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7450 char *p = (char *)buf;
7453 val = simple_strtoul(p, &p, 10);
7455 printk(KERN_INFO DRV_NAME
7456 ": %s is not in decimal form.\n", buf);
7458 iwl3945_hw_reg_set_txpower(priv, val);
7463 static DEVICE_ATTR(tx_power, S_IWUSR | S_IRUGO, show_tx_power, store_tx_power);
7465 static ssize_t show_flags(struct device *d,
7466 struct device_attribute *attr, char *buf)
7468 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7470 return sprintf(buf, "0x%04X\n", priv->active_rxon.flags);
7473 static ssize_t store_flags(struct device *d,
7474 struct device_attribute *attr,
7475 const char *buf, size_t count)
7477 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7478 u32 flags = simple_strtoul(buf, NULL, 0);
7480 mutex_lock(&priv->mutex);
7481 if (le32_to_cpu(priv->staging_rxon.flags) != flags) {
7482 /* Cancel any currently running scans... */
7483 if (iwl3945_scan_cancel_timeout(priv, 100))
7484 IWL_WARNING("Could not cancel scan.\n");
7486 IWL_DEBUG_INFO("Committing rxon.flags = 0x%04X\n",
7488 priv->staging_rxon.flags = cpu_to_le32(flags);
7489 iwl3945_commit_rxon(priv);
7492 mutex_unlock(&priv->mutex);
7497 static DEVICE_ATTR(flags, S_IWUSR | S_IRUGO, show_flags, store_flags);
7499 static ssize_t show_filter_flags(struct device *d,
7500 struct device_attribute *attr, char *buf)
7502 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7504 return sprintf(buf, "0x%04X\n",
7505 le32_to_cpu(priv->active_rxon.filter_flags));
7508 static ssize_t store_filter_flags(struct device *d,
7509 struct device_attribute *attr,
7510 const char *buf, size_t count)
7512 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7513 u32 filter_flags = simple_strtoul(buf, NULL, 0);
7515 mutex_lock(&priv->mutex);
7516 if (le32_to_cpu(priv->staging_rxon.filter_flags) != filter_flags) {
7517 /* Cancel any currently running scans... */
7518 if (iwl3945_scan_cancel_timeout(priv, 100))
7519 IWL_WARNING("Could not cancel scan.\n");
7521 IWL_DEBUG_INFO("Committing rxon.filter_flags = "
7522 "0x%04X\n", filter_flags);
7523 priv->staging_rxon.filter_flags =
7524 cpu_to_le32(filter_flags);
7525 iwl3945_commit_rxon(priv);
7528 mutex_unlock(&priv->mutex);
7533 static DEVICE_ATTR(filter_flags, S_IWUSR | S_IRUGO, show_filter_flags,
7534 store_filter_flags);
7536 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
7538 static ssize_t show_measurement(struct device *d,
7539 struct device_attribute *attr, char *buf)
7541 struct iwl3945_priv *priv = dev_get_drvdata(d);
7542 struct iwl3945_spectrum_notification measure_report;
7543 u32 size = sizeof(measure_report), len = 0, ofs = 0;
7544 u8 *data = (u8 *) & measure_report;
7545 unsigned long flags;
7547 spin_lock_irqsave(&priv->lock, flags);
7548 if (!(priv->measurement_status & MEASUREMENT_READY)) {
7549 spin_unlock_irqrestore(&priv->lock, flags);
7552 memcpy(&measure_report, &priv->measure_report, size);
7553 priv->measurement_status = 0;
7554 spin_unlock_irqrestore(&priv->lock, flags);
7556 while (size && (PAGE_SIZE - len)) {
7557 hex_dump_to_buffer(data + ofs, size, 16, 1, buf + len,
7558 PAGE_SIZE - len, 1);
7560 if (PAGE_SIZE - len)
7564 size -= min(size, 16U);
7570 static ssize_t store_measurement(struct device *d,
7571 struct device_attribute *attr,
7572 const char *buf, size_t count)
7574 struct iwl3945_priv *priv = dev_get_drvdata(d);
7575 struct ieee80211_measurement_params params = {
7576 .channel = le16_to_cpu(priv->active_rxon.channel),
7577 .start_time = cpu_to_le64(priv->last_tsf),
7578 .duration = cpu_to_le16(1),
7580 u8 type = IWL_MEASURE_BASIC;
7586 strncpy(buffer, buf, min(sizeof(buffer), count));
7587 channel = simple_strtoul(p, NULL, 0);
7589 params.channel = channel;
7592 while (*p && *p != ' ')
7595 type = simple_strtoul(p + 1, NULL, 0);
7598 IWL_DEBUG_INFO("Invoking measurement of type %d on "
7599 "channel %d (for '%s')\n", type, params.channel, buf);
7600 iwl3945_get_measurement(priv, ¶ms, type);
7605 static DEVICE_ATTR(measurement, S_IRUSR | S_IWUSR,
7606 show_measurement, store_measurement);
7607 #endif /* CONFIG_IWL3945_SPECTRUM_MEASUREMENT */
7609 static ssize_t store_retry_rate(struct device *d,
7610 struct device_attribute *attr,
7611 const char *buf, size_t count)
7613 struct iwl3945_priv *priv = dev_get_drvdata(d);
7615 priv->retry_rate = simple_strtoul(buf, NULL, 0);
7616 if (priv->retry_rate <= 0)
7617 priv->retry_rate = 1;
7622 static ssize_t show_retry_rate(struct device *d,
7623 struct device_attribute *attr, char *buf)
7625 struct iwl3945_priv *priv = dev_get_drvdata(d);
7626 return sprintf(buf, "%d", priv->retry_rate);
7629 static DEVICE_ATTR(retry_rate, S_IWUSR | S_IRUSR, show_retry_rate,
7632 static ssize_t store_power_level(struct device *d,
7633 struct device_attribute *attr,
7634 const char *buf, size_t count)
7636 struct iwl3945_priv *priv = dev_get_drvdata(d);
7640 mode = simple_strtoul(buf, NULL, 0);
7641 mutex_lock(&priv->mutex);
7643 if (!iwl3945_is_ready(priv)) {
7648 if ((mode < 1) || (mode > IWL_POWER_LIMIT) || (mode == IWL_POWER_AC))
7649 mode = IWL_POWER_AC;
7651 mode |= IWL_POWER_ENABLED;
7653 if (mode != priv->power_mode) {
7654 rc = iwl3945_send_power_mode(priv, IWL_POWER_LEVEL(mode));
7656 IWL_DEBUG_MAC80211("failed setting power mode.\n");
7659 priv->power_mode = mode;
7665 mutex_unlock(&priv->mutex);
7669 #define MAX_WX_STRING 80
7671 /* Values are in microsecond */
7672 static const s32 timeout_duration[] = {
7679 static const s32 period_duration[] = {
7687 static ssize_t show_power_level(struct device *d,
7688 struct device_attribute *attr, char *buf)
7690 struct iwl3945_priv *priv = dev_get_drvdata(d);
7691 int level = IWL_POWER_LEVEL(priv->power_mode);
7694 p += sprintf(p, "%d ", level);
7696 case IWL_POWER_MODE_CAM:
7698 p += sprintf(p, "(AC)");
7700 case IWL_POWER_BATTERY:
7701 p += sprintf(p, "(BATTERY)");
7705 "(Timeout %dms, Period %dms)",
7706 timeout_duration[level - 1] / 1000,
7707 period_duration[level - 1] / 1000);
7710 if (!(priv->power_mode & IWL_POWER_ENABLED))
7711 p += sprintf(p, " OFF\n");
7713 p += sprintf(p, " \n");
7715 return (p - buf + 1);
7719 static DEVICE_ATTR(power_level, S_IWUSR | S_IRUSR, show_power_level,
7722 static ssize_t show_channels(struct device *d,
7723 struct device_attribute *attr, char *buf)
7725 /* all this shit doesn't belong into sysfs anyway */
7729 static DEVICE_ATTR(channels, S_IRUSR, show_channels, NULL);
7731 static ssize_t show_statistics(struct device *d,
7732 struct device_attribute *attr, char *buf)
7734 struct iwl3945_priv *priv = dev_get_drvdata(d);
7735 u32 size = sizeof(struct iwl3945_notif_statistics);
7736 u32 len = 0, ofs = 0;
7737 u8 *data = (u8 *) & priv->statistics;
7740 if (!iwl3945_is_alive(priv))
7743 mutex_lock(&priv->mutex);
7744 rc = iwl3945_send_statistics_request(priv);
7745 mutex_unlock(&priv->mutex);
7749 "Error sending statistics request: 0x%08X\n", rc);
7753 while (size && (PAGE_SIZE - len)) {
7754 hex_dump_to_buffer(data + ofs, size, 16, 1, buf + len,
7755 PAGE_SIZE - len, 1);
7757 if (PAGE_SIZE - len)
7761 size -= min(size, 16U);
7767 static DEVICE_ATTR(statistics, S_IRUGO, show_statistics, NULL);
7769 static ssize_t show_antenna(struct device *d,
7770 struct device_attribute *attr, char *buf)
7772 struct iwl3945_priv *priv = dev_get_drvdata(d);
7774 if (!iwl3945_is_alive(priv))
7777 return sprintf(buf, "%d\n", priv->antenna);
7780 static ssize_t store_antenna(struct device *d,
7781 struct device_attribute *attr,
7782 const char *buf, size_t count)
7785 struct iwl3945_priv *priv = dev_get_drvdata(d);
7790 if (sscanf(buf, "%1i", &ant) != 1) {
7791 IWL_DEBUG_INFO("not in hex or decimal form.\n");
7795 if ((ant >= 0) && (ant <= 2)) {
7796 IWL_DEBUG_INFO("Setting antenna select to %d.\n", ant);
7797 priv->antenna = (enum iwl3945_antenna)ant;
7799 IWL_DEBUG_INFO("Bad antenna select value %d.\n", ant);
7805 static DEVICE_ATTR(antenna, S_IWUSR | S_IRUGO, show_antenna, store_antenna);
7807 static ssize_t show_status(struct device *d,
7808 struct device_attribute *attr, char *buf)
7810 struct iwl3945_priv *priv = (struct iwl3945_priv *)d->driver_data;
7811 if (!iwl3945_is_alive(priv))
7813 return sprintf(buf, "0x%08x\n", (int)priv->status);
7816 static DEVICE_ATTR(status, S_IRUGO, show_status, NULL);
7818 static ssize_t dump_error_log(struct device *d,
7819 struct device_attribute *attr,
7820 const char *buf, size_t count)
7822 char *p = (char *)buf;
7825 iwl3945_dump_nic_error_log((struct iwl3945_priv *)d->driver_data);
7827 return strnlen(buf, count);
7830 static DEVICE_ATTR(dump_errors, S_IWUSR, NULL, dump_error_log);
7832 static ssize_t dump_event_log(struct device *d,
7833 struct device_attribute *attr,
7834 const char *buf, size_t count)
7836 char *p = (char *)buf;
7839 iwl3945_dump_nic_event_log((struct iwl3945_priv *)d->driver_data);
7841 return strnlen(buf, count);
7844 static DEVICE_ATTR(dump_events, S_IWUSR, NULL, dump_event_log);
7846 /*****************************************************************************
7848 * driver setup and teardown
7850 *****************************************************************************/
7852 static void iwl3945_setup_deferred_work(struct iwl3945_priv *priv)
7854 priv->workqueue = create_workqueue(DRV_NAME);
7856 init_waitqueue_head(&priv->wait_command_queue);
7858 INIT_WORK(&priv->up, iwl3945_bg_up);
7859 INIT_WORK(&priv->restart, iwl3945_bg_restart);
7860 INIT_WORK(&priv->rx_replenish, iwl3945_bg_rx_replenish);
7861 INIT_WORK(&priv->scan_completed, iwl3945_bg_scan_completed);
7862 INIT_WORK(&priv->request_scan, iwl3945_bg_request_scan);
7863 INIT_WORK(&priv->abort_scan, iwl3945_bg_abort_scan);
7864 INIT_WORK(&priv->rf_kill, iwl3945_bg_rf_kill);
7865 INIT_WORK(&priv->beacon_update, iwl3945_bg_beacon_update);
7866 INIT_DELAYED_WORK(&priv->post_associate, iwl3945_bg_post_associate);
7867 INIT_DELAYED_WORK(&priv->init_alive_start, iwl3945_bg_init_alive_start);
7868 INIT_DELAYED_WORK(&priv->alive_start, iwl3945_bg_alive_start);
7869 INIT_DELAYED_WORK(&priv->scan_check, iwl3945_bg_scan_check);
7871 iwl3945_hw_setup_deferred_work(priv);
7873 tasklet_init(&priv->irq_tasklet, (void (*)(unsigned long))
7874 iwl3945_irq_tasklet, (unsigned long)priv);
7877 static void iwl3945_cancel_deferred_work(struct iwl3945_priv *priv)
7879 iwl3945_hw_cancel_deferred_work(priv);
7881 cancel_delayed_work_sync(&priv->init_alive_start);
7882 cancel_delayed_work(&priv->scan_check);
7883 cancel_delayed_work(&priv->alive_start);
7884 cancel_delayed_work(&priv->post_associate);
7885 cancel_work_sync(&priv->beacon_update);
7888 static struct attribute *iwl3945_sysfs_entries[] = {
7889 &dev_attr_antenna.attr,
7890 &dev_attr_channels.attr,
7891 &dev_attr_dump_errors.attr,
7892 &dev_attr_dump_events.attr,
7893 &dev_attr_flags.attr,
7894 &dev_attr_filter_flags.attr,
7895 #ifdef CONFIG_IWL3945_SPECTRUM_MEASUREMENT
7896 &dev_attr_measurement.attr,
7898 &dev_attr_power_level.attr,
7899 &dev_attr_retry_rate.attr,
7900 &dev_attr_rf_kill.attr,
7901 &dev_attr_rs_window.attr,
7902 &dev_attr_statistics.attr,
7903 &dev_attr_status.attr,
7904 &dev_attr_temperature.attr,
7905 &dev_attr_tx_power.attr,
7910 static struct attribute_group iwl3945_attribute_group = {
7911 .name = NULL, /* put in device directory */
7912 .attrs = iwl3945_sysfs_entries,
7915 static struct ieee80211_ops iwl3945_hw_ops = {
7916 .tx = iwl3945_mac_tx,
7917 .start = iwl3945_mac_start,
7918 .stop = iwl3945_mac_stop,
7919 .add_interface = iwl3945_mac_add_interface,
7920 .remove_interface = iwl3945_mac_remove_interface,
7921 .config = iwl3945_mac_config,
7922 .config_interface = iwl3945_mac_config_interface,
7923 .configure_filter = iwl3945_configure_filter,
7924 .set_key = iwl3945_mac_set_key,
7925 .get_stats = iwl3945_mac_get_stats,
7926 .get_tx_stats = iwl3945_mac_get_tx_stats,
7927 .conf_tx = iwl3945_mac_conf_tx,
7928 .get_tsf = iwl3945_mac_get_tsf,
7929 .reset_tsf = iwl3945_mac_reset_tsf,
7930 .beacon_update = iwl3945_mac_beacon_update,
7931 .hw_scan = iwl3945_mac_hw_scan
7934 static int iwl3945_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
7937 struct iwl3945_priv *priv;
7938 struct ieee80211_hw *hw;
7939 struct iwl_3945_cfg *cfg = (struct iwl_3945_cfg *)(ent->driver_data);
7941 DECLARE_MAC_BUF(mac);
7943 /* Disabling hardware scan means that mac80211 will perform scans
7944 * "the hard way", rather than using device's scan. */
7945 if (iwl3945_param_disable_hw_scan) {
7946 IWL_DEBUG_INFO("Disabling hw_scan\n");
7947 iwl3945_hw_ops.hw_scan = NULL;
7950 if ((iwl3945_param_queues_num > IWL_MAX_NUM_QUEUES) ||
7951 (iwl3945_param_queues_num < IWL_MIN_NUM_QUEUES)) {
7952 IWL_ERROR("invalid queues_num, should be between %d and %d\n",
7953 IWL_MIN_NUM_QUEUES, IWL_MAX_NUM_QUEUES);
7958 /* mac80211 allocates memory for this device instance, including
7959 * space for this driver's private structure */
7960 hw = ieee80211_alloc_hw(sizeof(struct iwl3945_priv), &iwl3945_hw_ops);
7962 IWL_ERROR("Can not allocate network device\n");
7966 SET_IEEE80211_DEV(hw, &pdev->dev);
7968 hw->rate_control_algorithm = "iwl-3945-rs";
7970 IWL_DEBUG_INFO("*** LOAD DRIVER ***\n");
7974 priv->pci_dev = pdev;
7977 /* Select antenna (may be helpful if only one antenna is connected) */
7978 priv->antenna = (enum iwl3945_antenna)iwl3945_param_antenna;
7979 #ifdef CONFIG_IWL3945_DEBUG
7980 iwl3945_debug_level = iwl3945_param_debug;
7981 atomic_set(&priv->restrict_refcnt, 0);
7983 priv->retry_rate = 1;
7985 priv->ibss_beacon = NULL;
7987 /* Tell mac80211 and its clients (e.g. Wireless Extensions)
7988 * the range of signal quality values that we'll provide.
7989 * Negative values for level/noise indicate that we'll provide dBm.
7990 * For WE, at least, non-0 values here *enable* display of values
7991 * in app (iwconfig). */
7992 hw->max_rssi = -20; /* signal level, negative indicates dBm */
7993 hw->max_noise = -20; /* noise level, negative indicates dBm */
7994 hw->max_signal = 100; /* link quality indication (%) */
7996 /* Tell mac80211 our Tx characteristics */
7997 hw->flags = IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE;
7999 /* 4 EDCA QOS priorities */
8002 spin_lock_init(&priv->lock);
8003 spin_lock_init(&priv->power_data.lock);
8004 spin_lock_init(&priv->sta_lock);
8005 spin_lock_init(&priv->hcmd_lock);
8007 for (i = 0; i < IWL_IBSS_MAC_HASH_SIZE; i++)
8008 INIT_LIST_HEAD(&priv->ibss_mac_hash[i]);
8010 INIT_LIST_HEAD(&priv->free_frames);
8012 mutex_init(&priv->mutex);
8013 if (pci_enable_device(pdev)) {
8015 goto out_ieee80211_free_hw;
8018 pci_set_master(pdev);
8020 /* Clear the driver's (not device's) station table */
8021 iwl3945_clear_stations_table(priv);
8023 priv->data_retry_limit = -1;
8024 priv->ieee_channels = NULL;
8025 priv->ieee_rates = NULL;
8026 priv->band = IEEE80211_BAND_2GHZ;
8028 err = pci_set_dma_mask(pdev, DMA_32BIT_MASK);
8030 err = pci_set_consistent_dma_mask(pdev, DMA_32BIT_MASK);
8032 printk(KERN_WARNING DRV_NAME ": No suitable DMA available.\n");
8033 goto out_pci_disable_device;
8036 pci_set_drvdata(pdev, priv);
8037 err = pci_request_regions(pdev, DRV_NAME);
8039 goto out_pci_disable_device;
8041 /* We disable the RETRY_TIMEOUT register (0x41) to keep
8042 * PCI Tx retries from interfering with C3 CPU state */
8043 pci_write_config_byte(pdev, 0x41, 0x00);
8045 priv->hw_base = pci_iomap(pdev, 0, 0);
8046 if (!priv->hw_base) {
8048 goto out_pci_release_regions;
8051 IWL_DEBUG_INFO("pci_resource_len = 0x%08llx\n",
8052 (unsigned long long) pci_resource_len(pdev, 0));
8053 IWL_DEBUG_INFO("pci_resource_base = %p\n", priv->hw_base);
8055 /* Initialize module parameter values here */
8057 /* Disable radio (SW RF KILL) via parameter when loading driver */
8058 if (iwl3945_param_disable) {
8059 set_bit(STATUS_RF_KILL_SW, &priv->status);
8060 IWL_DEBUG_INFO("Radio disabled.\n");
8063 priv->iw_mode = IEEE80211_IF_TYPE_STA;
8065 printk(KERN_INFO DRV_NAME
8066 ": Detected Intel Wireless WiFi Link %s\n", priv->cfg->name);
8068 /* Device-specific setup */
8069 if (iwl3945_hw_set_hw_setting(priv)) {
8070 IWL_ERROR("failed to set hw settings\n");
8074 if (iwl3945_param_qos_enable)
8075 priv->qos_data.qos_enable = 1;
8077 iwl3945_reset_qos(priv);
8079 priv->qos_data.qos_active = 0;
8080 priv->qos_data.qos_cap.val = 0;
8082 iwl3945_set_rxon_channel(priv, IEEE80211_BAND_2GHZ, 6);
8083 iwl3945_setup_deferred_work(priv);
8084 iwl3945_setup_rx_handlers(priv);
8086 priv->rates_mask = IWL_RATES_MASK;
8087 /* If power management is turned on, default to AC mode */
8088 priv->power_mode = IWL_POWER_AC;
8089 priv->user_txpower_limit = IWL_DEFAULT_TX_POWER;
8091 iwl3945_disable_interrupts(priv);
8093 err = sysfs_create_group(&pdev->dev.kobj, &iwl3945_attribute_group);
8095 IWL_ERROR("failed to create sysfs device attributes\n");
8096 goto out_release_irq;
8100 iwl3945_set_bit(priv, CSR_GIO_CHICKEN_BITS,
8101 CSR_GIO_CHICKEN_BITS_REG_BIT_DIS_L0S_EXIT_TIMER);
8103 iwl3945_set_bit(priv, CSR_GP_CNTRL, CSR_GP_CNTRL_REG_FLAG_INIT_DONE);
8104 err = iwl3945_poll_bit(priv, CSR_GP_CNTRL,
8105 CSR_GP_CNTRL_REG_FLAG_MAC_CLOCK_READY,
8106 CSR_GP_CNTRL_REG_FLAG_MAC_CLOCK_READY, 25000);
8108 IWL_DEBUG_INFO("Failed to init the card\n");
8109 goto out_remove_sysfs;
8111 /* Read the EEPROM */
8112 err = iwl3945_eeprom_init(priv);
8114 IWL_ERROR("Unable to init EEPROM\n");
8115 goto out_remove_sysfs;
8117 /* MAC Address location in EEPROM same for 3945/4965 */
8118 get_eeprom_mac(priv, priv->mac_addr);
8119 IWL_DEBUG_INFO("MAC address: %s\n", print_mac(mac, priv->mac_addr));
8120 SET_IEEE80211_PERM_ADDR(priv->hw, priv->mac_addr);
8122 err = iwl3945_init_channel_map(priv);
8124 IWL_ERROR("initializing regulatory failed: %d\n", err);
8125 goto out_remove_sysfs;
8128 err = iwl3945_init_geos(priv);
8130 IWL_ERROR("initializing geos failed: %d\n", err);
8131 goto out_free_channel_map;
8134 iwl3945_rate_control_register(priv->hw);
8135 err = ieee80211_register_hw(priv->hw);
8137 IWL_ERROR("Failed to register network device (error %d)\n", err);
8141 priv->hw->conf.beacon_int = 100;
8142 priv->mac80211_registered = 1;
8143 pci_save_state(pdev);
8144 pci_disable_device(pdev);
8149 iwl3945_free_geos(priv);
8150 out_free_channel_map:
8151 iwl3945_free_channel_map(priv);
8153 sysfs_remove_group(&pdev->dev.kobj, &iwl3945_attribute_group);
8156 destroy_workqueue(priv->workqueue);
8157 priv->workqueue = NULL;
8158 iwl3945_unset_hw_setting(priv);
8161 pci_iounmap(pdev, priv->hw_base);
8162 out_pci_release_regions:
8163 pci_release_regions(pdev);
8164 out_pci_disable_device:
8165 pci_disable_device(pdev);
8166 pci_set_drvdata(pdev, NULL);
8167 out_ieee80211_free_hw:
8168 ieee80211_free_hw(priv->hw);
8173 static void iwl3945_pci_remove(struct pci_dev *pdev)
8175 struct iwl3945_priv *priv = pci_get_drvdata(pdev);
8176 struct list_head *p, *q;
8182 IWL_DEBUG_INFO("*** UNLOAD DRIVER ***\n");
8184 set_bit(STATUS_EXIT_PENDING, &priv->status);
8188 /* Free MAC hash list for ADHOC */
8189 for (i = 0; i < IWL_IBSS_MAC_HASH_SIZE; i++) {
8190 list_for_each_safe(p, q, &priv->ibss_mac_hash[i]) {
8192 kfree(list_entry(p, struct iwl3945_ibss_seq, list));
8196 sysfs_remove_group(&pdev->dev.kobj, &iwl3945_attribute_group);
8198 iwl3945_dealloc_ucode_pci(priv);
8201 iwl3945_rx_queue_free(priv, &priv->rxq);
8202 iwl3945_hw_txq_ctx_free(priv);
8204 iwl3945_unset_hw_setting(priv);
8205 iwl3945_clear_stations_table(priv);
8207 if (priv->mac80211_registered) {
8208 ieee80211_unregister_hw(priv->hw);
8209 iwl3945_rate_control_unregister(priv->hw);
8212 /*netif_stop_queue(dev); */
8213 flush_workqueue(priv->workqueue);
8215 /* ieee80211_unregister_hw calls iwl3945_mac_stop, which flushes
8216 * priv->workqueue... so we can't take down the workqueue
8218 destroy_workqueue(priv->workqueue);
8219 priv->workqueue = NULL;
8221 pci_iounmap(pdev, priv->hw_base);
8222 pci_release_regions(pdev);
8223 pci_disable_device(pdev);
8224 pci_set_drvdata(pdev, NULL);
8226 iwl3945_free_channel_map(priv);
8227 iwl3945_free_geos(priv);
8229 if (priv->ibss_beacon)
8230 dev_kfree_skb(priv->ibss_beacon);
8232 ieee80211_free_hw(priv->hw);
8237 static int iwl3945_pci_suspend(struct pci_dev *pdev, pm_message_t state)
8239 struct iwl3945_priv *priv = pci_get_drvdata(pdev);
8241 if (priv->is_open) {
8242 set_bit(STATUS_IN_SUSPEND, &priv->status);
8243 iwl3945_mac_stop(priv->hw);
8247 pci_set_power_state(pdev, PCI_D3hot);
8252 static int iwl3945_pci_resume(struct pci_dev *pdev)
8254 struct iwl3945_priv *priv = pci_get_drvdata(pdev);
8256 pci_set_power_state(pdev, PCI_D0);
8259 iwl3945_mac_start(priv->hw);
8261 clear_bit(STATUS_IN_SUSPEND, &priv->status);
8265 #endif /* CONFIG_PM */
8267 /*****************************************************************************
8269 * driver and module entry point
8271 *****************************************************************************/
8273 static struct pci_driver iwl3945_driver = {
8275 .id_table = iwl3945_hw_card_ids,
8276 .probe = iwl3945_pci_probe,
8277 .remove = __devexit_p(iwl3945_pci_remove),
8279 .suspend = iwl3945_pci_suspend,
8280 .resume = iwl3945_pci_resume,
8284 static int __init iwl3945_init(void)
8288 printk(KERN_INFO DRV_NAME ": " DRV_DESCRIPTION ", " DRV_VERSION "\n");
8289 printk(KERN_INFO DRV_NAME ": " DRV_COPYRIGHT "\n");
8290 ret = pci_register_driver(&iwl3945_driver);
8292 IWL_ERROR("Unable to initialize PCI module\n");
8295 #ifdef CONFIG_IWL3945_DEBUG
8296 ret = driver_create_file(&iwl3945_driver.driver, &driver_attr_debug_level);
8298 IWL_ERROR("Unable to create driver sysfs file\n");
8299 pci_unregister_driver(&iwl3945_driver);
8307 static void __exit iwl3945_exit(void)
8309 #ifdef CONFIG_IWL3945_DEBUG
8310 driver_remove_file(&iwl3945_driver.driver, &driver_attr_debug_level);
8312 pci_unregister_driver(&iwl3945_driver);
8315 module_param_named(antenna, iwl3945_param_antenna, int, 0444);
8316 MODULE_PARM_DESC(antenna, "select antenna (1=Main, 2=Aux, default 0 [both])");
8317 module_param_named(disable, iwl3945_param_disable, int, 0444);
8318 MODULE_PARM_DESC(disable, "manually disable the radio (default 0 [radio on])");
8319 module_param_named(hwcrypto, iwl3945_param_hwcrypto, int, 0444);
8320 MODULE_PARM_DESC(hwcrypto,
8321 "using hardware crypto engine (default 0 [software])\n");
8322 module_param_named(debug, iwl3945_param_debug, int, 0444);
8323 MODULE_PARM_DESC(debug, "debug output mask");
8324 module_param_named(disable_hw_scan, iwl3945_param_disable_hw_scan, int, 0444);
8325 MODULE_PARM_DESC(disable_hw_scan, "disable hardware scanning (default 0)");
8327 module_param_named(queues_num, iwl3945_param_queues_num, int, 0444);
8328 MODULE_PARM_DESC(queues_num, "number of hw queues.");
8331 module_param_named(qos_enable, iwl3945_param_qos_enable, int, 0444);
8332 MODULE_PARM_DESC(qos_enable, "enable all QoS functionality");
8334 module_exit(iwl3945_exit);
8335 module_init(iwl3945_init);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob