2 * at76c503/at76c505 USB driver
4 * Copyright (c) 2002 - 2003 Oliver Kurth
5 * Copyright (c) 2004 Joerg Albert <joerg.albert@gmx.de>
6 * Copyright (c) 2004 Nick Jones
7 * Copyright (c) 2004 Balint Seeber <n0_5p4m_p13453@hotmail.com>
8 * Copyright (c) 2007 Guido Guenther <agx@sigxcpu.org>
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License as
12 * published by the Free Software Foundation; either version 2 of
13 * the License, or (at your option) any later version.
15 * This file is part of the Berlios driver for WLAN USB devices based on the
16 * Atmel AT76C503A/505/505A.
18 * Some iw_handler code was taken from airo.c, (C) 1999 Benjamin Reed
21 #include <linux/init.h>
22 #include <linux/kernel.h>
23 #include <linux/sched.h>
24 #include <linux/errno.h>
25 #include <linux/slab.h>
26 #include <linux/module.h>
27 #include <linux/spinlock.h>
28 #include <linux/list.h>
29 #include <linux/usb.h>
30 #include <linux/netdevice.h>
31 #include <linux/if_arp.h>
32 #include <linux/etherdevice.h>
33 #include <linux/ethtool.h>
34 #include <linux/wireless.h>
35 #include <net/iw_handler.h>
36 #include <net/ieee80211_radiotap.h>
37 #include <linux/firmware.h>
38 #include <linux/leds.h>
39 #include <linux/ieee80211.h>
43 /* Version information */
44 #define DRIVER_NAME "at76_usb"
45 #define DRIVER_VERSION "0.17"
46 #define DRIVER_DESC "Atmel at76x USB Wireless LAN Driver"
49 #define DBG_PROGRESS 0x00000001 /* authentication/accociation */
50 #define DBG_BSS_TABLE 0x00000002 /* show BSS table after scans */
51 #define DBG_IOCTL 0x00000004 /* ioctl calls / settings */
52 #define DBG_MAC_STATE 0x00000008 /* MAC state transitions */
53 #define DBG_TX_DATA 0x00000010 /* tx header */
54 #define DBG_TX_DATA_CONTENT 0x00000020 /* tx content */
55 #define DBG_TX_MGMT 0x00000040 /* tx management */
56 #define DBG_RX_DATA 0x00000080 /* rx data header */
57 #define DBG_RX_DATA_CONTENT 0x00000100 /* rx data content */
58 #define DBG_RX_MGMT 0x00000200 /* rx mgmt frame headers */
59 #define DBG_RX_BEACON 0x00000400 /* rx beacon */
60 #define DBG_RX_CTRL 0x00000800 /* rx control */
61 #define DBG_RX_MGMT_CONTENT 0x00001000 /* rx mgmt content */
62 #define DBG_RX_FRAGS 0x00002000 /* rx data fragment handling */
63 #define DBG_DEVSTART 0x00004000 /* fw download, device start */
64 #define DBG_URB 0x00008000 /* rx urb status, ... */
65 #define DBG_RX_ATMEL_HDR 0x00010000 /* Atmel-specific Rx headers */
66 #define DBG_PROC_ENTRY 0x00020000 /* procedure entries/exits */
67 #define DBG_PM 0x00040000 /* power management settings */
68 #define DBG_BSS_MATCH 0x00080000 /* BSS match failures */
69 #define DBG_PARAMS 0x00100000 /* show configured parameters */
70 #define DBG_WAIT_COMPLETE 0x00200000 /* command completion */
71 #define DBG_RX_FRAGS_SKB 0x00400000 /* skb header of Rx fragments */
72 #define DBG_BSS_TABLE_RM 0x00800000 /* purging bss table entries */
73 #define DBG_MONITOR_MODE 0x01000000 /* monitor mode */
74 #define DBG_MIB 0x02000000 /* dump all MIBs on startup */
75 #define DBG_MGMT_TIMER 0x04000000 /* dump mgmt_timer ops */
76 #define DBG_WE_EVENTS 0x08000000 /* dump wireless events */
77 #define DBG_FW 0x10000000 /* firmware download */
78 #define DBG_DFU 0x20000000 /* device firmware upgrade */
80 #define DBG_DEFAULTS 0
82 /* Use our own dbg macro */
83 #define at76_dbg(bits, format, arg...) \
85 if (at76_debug & (bits)) \
86 printk(KERN_DEBUG DRIVER_NAME ": " format "\n" , ## arg); \
89 static int at76_debug = DBG_DEFAULTS;
91 /* Protect against concurrent firmware loading and parsing */
92 static struct mutex fw_mutex;
94 static struct fwentry firmwares[] = {
96 [BOARD_503_ISL3861] = {"atmel_at76c503-i3861.bin"},
97 [BOARD_503_ISL3863] = {"atmel_at76c503-i3863.bin"},
98 [BOARD_503] = {"atmel_at76c503-rfmd.bin"},
99 [BOARD_503_ACC] = {"atmel_at76c503-rfmd-acc.bin"},
100 [BOARD_505] = {"atmel_at76c505-rfmd.bin"},
101 [BOARD_505_2958] = {"atmel_at76c505-rfmd2958.bin"},
102 [BOARD_505A] = {"atmel_at76c505a-rfmd2958.bin"},
103 [BOARD_505AMX] = {"atmel_at76c505amx-rfmd.bin"},
106 #define USB_DEVICE_DATA(__ops) .driver_info = (kernel_ulong_t)(__ops)
108 static struct usb_device_id dev_table[] = {
112 /* Generic AT76C503/3861 device */
113 {USB_DEVICE(0x03eb, 0x7603), USB_DEVICE_DATA(BOARD_503_ISL3861)},
114 /* Linksys WUSB11 v2.1/v2.6 */
115 {USB_DEVICE(0x066b, 0x2211), USB_DEVICE_DATA(BOARD_503_ISL3861)},
116 /* Netgear MA101 rev. A */
117 {USB_DEVICE(0x0864, 0x4100), USB_DEVICE_DATA(BOARD_503_ISL3861)},
118 /* Tekram U300C / Allnet ALL0193 */
119 {USB_DEVICE(0x0b3b, 0x1612), USB_DEVICE_DATA(BOARD_503_ISL3861)},
120 /* HP HN210W J7801A */
121 {USB_DEVICE(0x03f0, 0x011c), USB_DEVICE_DATA(BOARD_503_ISL3861)},
122 /* Sitecom/Z-Com/Zyxel M4Y-750 */
123 {USB_DEVICE(0x0cde, 0x0001), USB_DEVICE_DATA(BOARD_503_ISL3861)},
124 /* Dynalink/Askey WLL013 (intersil) */
125 {USB_DEVICE(0x069a, 0x0320), USB_DEVICE_DATA(BOARD_503_ISL3861)},
126 /* EZ connect 11Mpbs Wireless USB Adapter SMC2662W v1 */
127 {USB_DEVICE(0x0d5c, 0xa001), USB_DEVICE_DATA(BOARD_503_ISL3861)},
129 {USB_DEVICE(0x04a5, 0x9000), USB_DEVICE_DATA(BOARD_503_ISL3861)},
130 /* Addtron AWU-120, Compex WLU11 */
131 {USB_DEVICE(0x05dd, 0xff31), USB_DEVICE_DATA(BOARD_503_ISL3861)},
132 /* Intel AP310 AnyPoint II USB */
133 {USB_DEVICE(0x8086, 0x0200), USB_DEVICE_DATA(BOARD_503_ISL3861)},
135 {USB_DEVICE(0x0d8e, 0x7100), USB_DEVICE_DATA(BOARD_503_ISL3861)},
136 /* Arescom WL-210, FCC id 07J-GL2411USB */
137 {USB_DEVICE(0x0d8e, 0x7110), USB_DEVICE_DATA(BOARD_503_ISL3861)},
138 /* I-O DATA WN-B11/USB */
139 {USB_DEVICE(0x04bb, 0x0919), USB_DEVICE_DATA(BOARD_503_ISL3861)},
140 /* BT Voyager 1010 */
141 {USB_DEVICE(0x069a, 0x0821), USB_DEVICE_DATA(BOARD_503_ISL3861)},
145 /* Generic AT76C503/3863 device */
146 {USB_DEVICE(0x03eb, 0x7604), USB_DEVICE_DATA(BOARD_503_ISL3863)},
147 /* Samsung SWL-2100U */
148 {USB_DEVICE(0x055d, 0xa000), USB_DEVICE_DATA(BOARD_503_ISL3863)},
152 /* Generic AT76C503/RFMD device */
153 {USB_DEVICE(0x03eb, 0x7605), USB_DEVICE_DATA(BOARD_503)},
154 /* Dynalink/Askey WLL013 (rfmd) */
155 {USB_DEVICE(0x069a, 0x0321), USB_DEVICE_DATA(BOARD_503)},
156 /* Linksys WUSB11 v2.6 */
157 {USB_DEVICE(0x077b, 0x2219), USB_DEVICE_DATA(BOARD_503)},
158 /* Network Everywhere NWU11B */
159 {USB_DEVICE(0x077b, 0x2227), USB_DEVICE_DATA(BOARD_503)},
160 /* Netgear MA101 rev. B */
161 {USB_DEVICE(0x0864, 0x4102), USB_DEVICE_DATA(BOARD_503)},
162 /* D-Link DWL-120 rev. E */
163 {USB_DEVICE(0x2001, 0x3200), USB_DEVICE_DATA(BOARD_503)},
164 /* Actiontec 802UAT1, HWU01150-01UK */
165 {USB_DEVICE(0x1668, 0x7605), USB_DEVICE_DATA(BOARD_503)},
166 /* AirVast W-Buddie WN210 */
167 {USB_DEVICE(0x03eb, 0x4102), USB_DEVICE_DATA(BOARD_503)},
168 /* Dick Smith Electronics XH1153 802.11b USB adapter */
169 {USB_DEVICE(0x1371, 0x5743), USB_DEVICE_DATA(BOARD_503)},
171 {USB_DEVICE(0x1371, 0x0001), USB_DEVICE_DATA(BOARD_503)},
172 /* FiberLine FL-WL200U */
173 {USB_DEVICE(0x1371, 0x0002), USB_DEVICE_DATA(BOARD_503)},
174 /* BenQ AWL400 USB stick */
175 {USB_DEVICE(0x04a5, 0x9001), USB_DEVICE_DATA(BOARD_503)},
176 /* 3Com 3CRSHEW696 */
177 {USB_DEVICE(0x0506, 0x0a01), USB_DEVICE_DATA(BOARD_503)},
178 /* Siemens Santis ADSL WLAN USB adapter WLL 013 */
179 {USB_DEVICE(0x0681, 0x001b), USB_DEVICE_DATA(BOARD_503)},
180 /* Belkin F5D6050, version 2 */
181 {USB_DEVICE(0x050d, 0x0050), USB_DEVICE_DATA(BOARD_503)},
182 /* iBlitzz, BWU613 (not *B or *SB) */
183 {USB_DEVICE(0x07b8, 0xb000), USB_DEVICE_DATA(BOARD_503)},
184 /* Gigabyte GN-WLBM101 */
185 {USB_DEVICE(0x1044, 0x8003), USB_DEVICE_DATA(BOARD_503)},
186 /* Planex GW-US11S */
187 {USB_DEVICE(0x2019, 0x3220), USB_DEVICE_DATA(BOARD_503)},
188 /* Internal WLAN adapter in h5[4,5]xx series iPAQs */
189 {USB_DEVICE(0x049f, 0x0032), USB_DEVICE_DATA(BOARD_503)},
190 /* Corega Wireless LAN USB-11 mini */
191 {USB_DEVICE(0x07aa, 0x0011), USB_DEVICE_DATA(BOARD_503)},
192 /* Corega Wireless LAN USB-11 mini2 */
193 {USB_DEVICE(0x07aa, 0x0018), USB_DEVICE_DATA(BOARD_503)},
195 {USB_DEVICE(0x05dd, 0xff35), USB_DEVICE_DATA(BOARD_503)},
200 {USB_DEVICE(0x083a, 0x3501), USB_DEVICE_DATA(BOARD_503_ACC)},
201 /* Belkin F5D6050, SMC2662W v2, SMC2662W-AR */
202 {USB_DEVICE(0x0d5c, 0xa002), USB_DEVICE_DATA(BOARD_503_ACC)},
206 /* Generic AT76C505/RFMD */
207 {USB_DEVICE(0x03eb, 0x7606), USB_DEVICE_DATA(BOARD_505)},
211 /* Generic AT76C505/RFMD, OvisLink WL-1130USB */
212 {USB_DEVICE(0x03eb, 0x7613), USB_DEVICE_DATA(BOARD_505_2958)},
213 /* Fiberline FL-WL240U */
214 {USB_DEVICE(0x1371, 0x0014), USB_DEVICE_DATA(BOARD_505_2958)},
215 /* CNet CNUSB-611G */
216 {USB_DEVICE(0x1371, 0x0013), USB_DEVICE_DATA(BOARD_505_2958)},
217 /* Linksys WUSB11 v2.8 */
218 {USB_DEVICE(0x1915, 0x2233), USB_DEVICE_DATA(BOARD_505_2958)},
219 /* Xterasys XN-2122B, IBlitzz BWU613B/BWU613SB */
220 {USB_DEVICE(0x12fd, 0x1001), USB_DEVICE_DATA(BOARD_505_2958)},
221 /* Corega WLAN USB Stick 11 */
222 {USB_DEVICE(0x07aa, 0x7613), USB_DEVICE_DATA(BOARD_505_2958)},
223 /* Microstar MSI Box MS6978 */
224 {USB_DEVICE(0x0db0, 0x1020), USB_DEVICE_DATA(BOARD_505_2958)},
228 /* Generic AT76C505A device */
229 {USB_DEVICE(0x03eb, 0x7614), USB_DEVICE_DATA(BOARD_505A)},
230 /* Generic AT76C505AS device */
231 {USB_DEVICE(0x03eb, 0x7617), USB_DEVICE_DATA(BOARD_505A)},
232 /* Siemens Gigaset USB WLAN Adapter 11 */
233 {USB_DEVICE(0x1690, 0x0701), USB_DEVICE_DATA(BOARD_505A)},
234 /* OQO Model 01+ Internal Wi-Fi */
235 {USB_DEVICE(0x1557, 0x0002), USB_DEVICE_DATA(BOARD_505A)},
239 /* Generic AT76C505AMX device */
240 {USB_DEVICE(0x03eb, 0x7615), USB_DEVICE_DATA(BOARD_505AMX)},
244 MODULE_DEVICE_TABLE(usb, dev_table);
246 /* Supported rates of this hardware, bit 7 marks basic rates */
247 static const u8 hw_rates[] = { 0x82, 0x84, 0x0b, 0x16 };
249 /* Frequency of each channel in MHz */
250 static const long channel_frequency[] = {
251 2412, 2417, 2422, 2427, 2432, 2437, 2442,
252 2447, 2452, 2457, 2462, 2467, 2472, 2484
255 #define NUM_CHANNELS ARRAY_SIZE(channel_frequency)
257 static const char *const preambles[] = { "long", "short", "auto" };
259 static const char *const mac_states[] = {
261 [MAC_SCANNING] = "SCANNING",
263 [MAC_ASSOC] = "ASSOC",
264 [MAC_JOINING] = "JOINING",
265 [MAC_CONNECTED] = "CONNECTED",
266 [MAC_OWN_IBSS] = "OWN_IBSS"
269 /* Firmware download */
271 #define STATE_IDLE 0x00
272 #define STATE_DETACH 0x01
273 #define STATE_DFU_IDLE 0x02
274 #define STATE_DFU_DOWNLOAD_SYNC 0x03
275 #define STATE_DFU_DOWNLOAD_BUSY 0x04
276 #define STATE_DFU_DOWNLOAD_IDLE 0x05
277 #define STATE_DFU_MANIFEST_SYNC 0x06
278 #define STATE_DFU_MANIFEST 0x07
279 #define STATE_DFU_MANIFEST_WAIT_RESET 0x08
280 #define STATE_DFU_UPLOAD_IDLE 0x09
281 #define STATE_DFU_ERROR 0x0a
287 #define DFU_GETSTATUS 3
288 #define DFU_CLRSTATUS 4
289 #define DFU_GETSTATE 5
292 #define FW_BLOCK_SIZE 1024
295 unsigned char status;
296 unsigned char poll_timeout[3];
298 unsigned char string;
299 } __attribute__((packed));
301 static inline int at76_is_intersil(enum board_type board)
303 return (board == BOARD_503_ISL3861 || board == BOARD_503_ISL3863);
306 static inline int at76_is_503rfmd(enum board_type board)
308 return (board == BOARD_503 || board == BOARD_503_ACC);
311 static inline int at76_is_505a(enum board_type board)
313 return (board == BOARD_505A || board == BOARD_505AMX);
316 /* Load a block of the first (internal) part of the firmware */
317 static int at76_load_int_fw_block(struct usb_device *udev, int blockno,
318 void *block, int size)
320 return usb_control_msg(udev, usb_sndctrlpipe(udev, 0), DFU_DNLOAD,
321 USB_TYPE_CLASS | USB_DIR_OUT |
322 USB_RECIP_INTERFACE, blockno, 0, block, size,
323 USB_CTRL_GET_TIMEOUT);
326 static int at76_dfu_get_status(struct usb_device *udev,
327 struct dfu_status *status)
331 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), DFU_GETSTATUS,
332 USB_TYPE_CLASS | USB_DIR_IN | USB_RECIP_INTERFACE,
333 0, 0, status, sizeof(struct dfu_status),
334 USB_CTRL_GET_TIMEOUT);
338 static u8 at76_dfu_get_state(struct usb_device *udev, u8 *state)
342 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), DFU_GETSTATE,
343 USB_TYPE_CLASS | USB_DIR_IN | USB_RECIP_INTERFACE,
344 0, 0, state, 1, USB_CTRL_GET_TIMEOUT);
348 /* Convert timeout from the DFU status to jiffies */
349 static inline unsigned long at76_get_timeout(struct dfu_status *s)
351 return msecs_to_jiffies((s->poll_timeout[2] << 16)
352 | (s->poll_timeout[1] << 8)
353 | (s->poll_timeout[0]));
356 /* Load internal firmware from the buffer. If manifest_sync_timeout > 0, use
357 * its value in jiffies in the MANIFEST_SYNC state. */
358 static int at76_usbdfu_download(struct usb_device *udev, u8 *buf, u32 size,
359 int manifest_sync_timeout)
362 struct dfu_status dfu_stat_buf;
364 int need_dfu_state = 1;
371 at76_dbg(DBG_DFU, "%s( %p, %u, %d)", __func__, buf, size,
372 manifest_sync_timeout);
375 dev_printk(KERN_ERR, &udev->dev, "FW buffer length invalid!\n");
379 block = kmalloc(FW_BLOCK_SIZE, GFP_KERNEL);
384 if (need_dfu_state) {
385 ret = at76_dfu_get_state(udev, &dfu_state);
387 dev_printk(KERN_ERR, &udev->dev,
388 "cannot get DFU state: %d\n", ret);
395 case STATE_DFU_DOWNLOAD_SYNC:
396 at76_dbg(DBG_DFU, "STATE_DFU_DOWNLOAD_SYNC");
397 ret = at76_dfu_get_status(udev, &dfu_stat_buf);
399 dfu_state = dfu_stat_buf.state;
400 dfu_timeout = at76_get_timeout(&dfu_stat_buf);
403 dev_printk(KERN_ERR, &udev->dev,
404 "at76_dfu_get_status returned %d\n",
408 case STATE_DFU_DOWNLOAD_BUSY:
409 at76_dbg(DBG_DFU, "STATE_DFU_DOWNLOAD_BUSY");
412 at76_dbg(DBG_DFU, "DFU: Resetting device");
413 schedule_timeout_interruptible(dfu_timeout);
416 case STATE_DFU_DOWNLOAD_IDLE:
417 at76_dbg(DBG_DFU, "DOWNLOAD...");
420 at76_dbg(DBG_DFU, "DFU IDLE");
422 bsize = min_t(int, size, FW_BLOCK_SIZE);
423 memcpy(block, buf, bsize);
424 at76_dbg(DBG_DFU, "int fw, size left = %5d, "
425 "bsize = %4d, blockno = %2d", size, bsize,
428 at76_load_int_fw_block(udev, blockno, block, bsize);
434 dev_printk(KERN_ERR, &udev->dev,
435 "at76_load_int_fw_block "
436 "returned %d\n", ret);
440 case STATE_DFU_MANIFEST_SYNC:
441 at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST_SYNC");
443 ret = at76_dfu_get_status(udev, &dfu_stat_buf);
447 dfu_state = dfu_stat_buf.state;
448 dfu_timeout = at76_get_timeout(&dfu_stat_buf);
451 /* override the timeout from the status response,
452 needed for AT76C505A */
453 if (manifest_sync_timeout > 0)
454 dfu_timeout = manifest_sync_timeout;
456 at76_dbg(DBG_DFU, "DFU: Waiting for manifest phase");
457 schedule_timeout_interruptible(dfu_timeout);
460 case STATE_DFU_MANIFEST:
461 at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST");
465 case STATE_DFU_MANIFEST_WAIT_RESET:
466 at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST_WAIT_RESET");
470 case STATE_DFU_UPLOAD_IDLE:
471 at76_dbg(DBG_DFU, "STATE_DFU_UPLOAD_IDLE");
474 case STATE_DFU_ERROR:
475 at76_dbg(DBG_DFU, "STATE_DFU_ERROR");
480 at76_dbg(DBG_DFU, "DFU UNKNOWN STATE (%d)", dfu_state);
484 } while (!is_done && (ret >= 0));
494 /* Report that the scan results are ready */
495 static inline void at76_iwevent_scan_complete(struct net_device *netdev)
497 union iwreq_data wrqu;
498 wrqu.data.length = 0;
500 wireless_send_event(netdev, SIOCGIWSCAN, &wrqu, NULL);
501 at76_dbg(DBG_WE_EVENTS, "%s: SIOCGIWSCAN sent", netdev->name);
504 static inline void at76_iwevent_bss_connect(struct net_device *netdev,
507 union iwreq_data wrqu;
508 wrqu.data.length = 0;
510 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
511 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
512 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL);
513 at76_dbg(DBG_WE_EVENTS, "%s: %s: SIOCGIWAP sent", netdev->name,
517 static inline void at76_iwevent_bss_disconnect(struct net_device *netdev)
519 union iwreq_data wrqu;
520 wrqu.data.length = 0;
522 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
523 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
524 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL);
525 at76_dbg(DBG_WE_EVENTS, "%s: %s: SIOCGIWAP sent", netdev->name,
529 #define HEX2STR_BUFFERS 4
530 #define HEX2STR_MAX_LEN 64
531 #define BIN2HEX(x) ((x) < 10 ? '0' + (x) : (x) + 'A' - 10)
533 /* Convert binary data into hex string */
534 static char *hex2str(void *buf, int len)
536 static atomic_t a = ATOMIC_INIT(0);
537 static char bufs[HEX2STR_BUFFERS][3 * HEX2STR_MAX_LEN + 1];
538 char *ret = bufs[atomic_inc_return(&a) & (HEX2STR_BUFFERS - 1)];
542 if (len > HEX2STR_MAX_LEN)
543 len = HEX2STR_MAX_LEN;
551 *obuf++ = BIN2HEX(*ibuf >> 4);
552 *obuf++ = BIN2HEX(*ibuf & 0xf);
561 #define MAC2STR_BUFFERS 4
563 static inline char *mac2str(u8 *mac)
565 static atomic_t a = ATOMIC_INIT(0);
566 static char bufs[MAC2STR_BUFFERS][6 * 3];
569 str = bufs[atomic_inc_return(&a) & (MAC2STR_BUFFERS - 1)];
570 sprintf(str, "%02x:%02x:%02x:%02x:%02x:%02x",
571 mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
576 static int tx_activity;
577 static void at76_ledtrig_tx_timerfunc(unsigned long data);
578 static DEFINE_TIMER(ledtrig_tx_timer, at76_ledtrig_tx_timerfunc, 0, 0);
579 DEFINE_LED_TRIGGER(ledtrig_tx);
581 static void at76_ledtrig_tx_timerfunc(unsigned long data)
583 static int tx_lastactivity;
585 if (tx_lastactivity != tx_activity) {
586 tx_lastactivity = tx_activity;
587 led_trigger_event(ledtrig_tx, LED_FULL);
588 mod_timer(&ledtrig_tx_timer, jiffies + HZ / 4);
590 led_trigger_event(ledtrig_tx, LED_OFF);
593 static void at76_ledtrig_tx_activity(void)
596 if (!timer_pending(&ledtrig_tx_timer))
597 mod_timer(&ledtrig_tx_timer, jiffies + HZ / 4);
600 /* Check if the given ssid is hidden */
601 static inline int at76_is_hidden_ssid(u8 *ssid, int length)
603 static const u8 zeros[32];
608 if (length == 1 && ssid[0] == ' ')
611 return (memcmp(ssid, zeros, length) == 0);
614 static inline void at76_free_bss_list(struct at76_priv *priv)
616 struct list_head *next, *ptr;
619 spin_lock_irqsave(&priv->bss_list_spinlock, flags);
621 priv->curr_bss = NULL;
623 list_for_each_safe(ptr, next, &priv->bss_list) {
625 kfree(list_entry(ptr, struct bss_info, list));
628 spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
631 static int at76_remap(struct usb_device *udev)
634 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0a,
635 USB_TYPE_VENDOR | USB_DIR_OUT |
636 USB_RECIP_INTERFACE, 0, 0, NULL, 0,
637 USB_CTRL_GET_TIMEOUT);
643 static int at76_get_op_mode(struct usb_device *udev)
649 op_mode = kmalloc(1, GFP_NOIO);
652 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
653 USB_TYPE_VENDOR | USB_DIR_IN |
654 USB_RECIP_INTERFACE, 0x01, 0, op_mode, 1,
655 USB_CTRL_GET_TIMEOUT);
667 /* Load a block of the second ("external") part of the firmware */
668 static inline int at76_load_ext_fw_block(struct usb_device *udev, int blockno,
669 void *block, int size)
671 return usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0e,
672 USB_TYPE_VENDOR | USB_DIR_OUT | USB_RECIP_DEVICE,
673 0x0802, blockno, block, size,
674 USB_CTRL_GET_TIMEOUT);
677 static inline int at76_get_hw_cfg(struct usb_device *udev,
678 union at76_hwcfg *buf, int buf_size)
680 return usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
681 USB_TYPE_VENDOR | USB_DIR_IN |
682 USB_RECIP_INTERFACE, 0x0a02, 0,
683 buf, buf_size, USB_CTRL_GET_TIMEOUT);
686 /* Intersil boards use a different "value" for GetHWConfig requests */
687 static inline int at76_get_hw_cfg_intersil(struct usb_device *udev,
688 union at76_hwcfg *buf, int buf_size)
690 return usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
691 USB_TYPE_VENDOR | USB_DIR_IN |
692 USB_RECIP_INTERFACE, 0x0902, 0,
693 buf, buf_size, USB_CTRL_GET_TIMEOUT);
696 /* Get the hardware configuration for the adapter and put it to the appropriate
697 * fields of 'priv' (the GetHWConfig request and interpretation of the result
698 * depends on the board type) */
699 static int at76_get_hw_config(struct at76_priv *priv)
702 union at76_hwcfg *hwcfg = kmalloc(sizeof(*hwcfg), GFP_KERNEL);
707 if (at76_is_intersil(priv->board_type)) {
708 ret = at76_get_hw_cfg_intersil(priv->udev, hwcfg,
712 memcpy(priv->mac_addr, hwcfg->i.mac_addr, ETH_ALEN);
713 priv->regulatory_domain = hwcfg->i.regulatory_domain;
714 } else if (at76_is_503rfmd(priv->board_type)) {
715 ret = at76_get_hw_cfg(priv->udev, hwcfg, sizeof(hwcfg->r3));
718 memcpy(priv->mac_addr, hwcfg->r3.mac_addr, ETH_ALEN);
719 priv->regulatory_domain = hwcfg->r3.regulatory_domain;
721 ret = at76_get_hw_cfg(priv->udev, hwcfg, sizeof(hwcfg->r5));
724 memcpy(priv->mac_addr, hwcfg->r5.mac_addr, ETH_ALEN);
725 priv->regulatory_domain = hwcfg->r5.regulatory_domain;
731 printk(KERN_ERR "%s: cannot get HW Config (error %d)\n",
732 priv->netdev->name, ret);
737 static struct reg_domain const *at76_get_reg_domain(u16 code)
740 static struct reg_domain const fd_tab[] = {
741 {0x10, "FCC (USA)", 0x7ff}, /* ch 1-11 */
742 {0x20, "IC (Canada)", 0x7ff}, /* ch 1-11 */
743 {0x30, "ETSI (most of Europe)", 0x1fff}, /* ch 1-13 */
744 {0x31, "Spain", 0x600}, /* ch 10-11 */
745 {0x32, "France", 0x1e00}, /* ch 10-13 */
746 {0x40, "MKK (Japan)", 0x2000}, /* ch 14 */
747 {0x41, "MKK1 (Japan)", 0x3fff}, /* ch 1-14 */
748 {0x50, "Israel", 0x3fc}, /* ch 3-9 */
749 {0x00, "<unknown>", 0xffffffff} /* ch 1-32 */
752 /* Last entry is fallback for unknown domain code */
753 for (i = 0; i < ARRAY_SIZE(fd_tab) - 1; i++)
754 if (code == fd_tab[i].code)
760 static inline int at76_get_mib(struct usb_device *udev, u16 mib, void *buf,
765 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
766 USB_TYPE_VENDOR | USB_DIR_IN |
767 USB_RECIP_INTERFACE, mib << 8, 0, buf, buf_size,
768 USB_CTRL_GET_TIMEOUT);
769 if (ret >= 0 && ret != buf_size)
774 /* Return positive number for status, negative for an error */
775 static inline int at76_get_cmd_status(struct usb_device *udev, u8 cmd)
780 stat_buf = kmalloc(40, GFP_NOIO);
784 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x22,
785 USB_TYPE_VENDOR | USB_DIR_IN |
786 USB_RECIP_INTERFACE, cmd, 0, stat_buf,
787 40, USB_CTRL_GET_TIMEOUT);
795 static int at76_set_card_command(struct usb_device *udev, u8 cmd, void *buf,
799 struct at76_command *cmd_buf = kmalloc(sizeof(struct at76_command) +
800 buf_size, GFP_KERNEL);
806 cmd_buf->reserved = 0;
807 cmd_buf->size = cpu_to_le16(buf_size);
808 memcpy(cmd_buf->data, buf, buf_size);
810 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0e,
811 USB_TYPE_VENDOR | USB_DIR_OUT | USB_RECIP_DEVICE,
813 sizeof(struct at76_command) + buf_size,
814 USB_CTRL_GET_TIMEOUT);
819 #define MAKE_CMD_STATUS_CASE(c) case (c): return #c
820 static const char *at76_get_cmd_status_string(u8 cmd_status)
822 switch (cmd_status) {
823 MAKE_CMD_STATUS_CASE(CMD_STATUS_IDLE);
824 MAKE_CMD_STATUS_CASE(CMD_STATUS_COMPLETE);
825 MAKE_CMD_STATUS_CASE(CMD_STATUS_UNKNOWN);
826 MAKE_CMD_STATUS_CASE(CMD_STATUS_INVALID_PARAMETER);
827 MAKE_CMD_STATUS_CASE(CMD_STATUS_FUNCTION_NOT_SUPPORTED);
828 MAKE_CMD_STATUS_CASE(CMD_STATUS_TIME_OUT);
829 MAKE_CMD_STATUS_CASE(CMD_STATUS_IN_PROGRESS);
830 MAKE_CMD_STATUS_CASE(CMD_STATUS_HOST_FAILURE);
831 MAKE_CMD_STATUS_CASE(CMD_STATUS_SCAN_FAILED);
837 /* Wait until the command is completed */
838 static int at76_wait_completion(struct at76_priv *priv, int cmd)
841 unsigned long timeout = jiffies + CMD_COMPLETION_TIMEOUT;
844 status = at76_get_cmd_status(priv->udev, cmd);
846 printk(KERN_ERR "%s: at76_get_cmd_status failed: %d\n",
847 priv->netdev->name, status);
851 at76_dbg(DBG_WAIT_COMPLETE,
852 "%s: Waiting on cmd %d, status = %d (%s)",
853 priv->netdev->name, cmd, status,
854 at76_get_cmd_status_string(status));
856 if (status != CMD_STATUS_IN_PROGRESS
857 && status != CMD_STATUS_IDLE)
860 schedule_timeout_interruptible(HZ / 10); /* 100 ms */
861 if (time_after(jiffies, timeout)) {
863 "%s: completion timeout for command %d\n",
864 priv->netdev->name, cmd);
873 static int at76_set_mib(struct at76_priv *priv, struct set_mib_buffer *buf)
877 ret = at76_set_card_command(priv->udev, CMD_SET_MIB, buf,
878 offsetof(struct set_mib_buffer,
883 ret = at76_wait_completion(priv, CMD_SET_MIB);
884 if (ret != CMD_STATUS_COMPLETE) {
886 "%s: set_mib: at76_wait_completion failed "
887 "with %d\n", priv->netdev->name, ret);
894 /* Return < 0 on error, == 0 if no command sent, == 1 if cmd sent */
895 static int at76_set_radio(struct at76_priv *priv, int enable)
900 if (priv->radio_on == enable)
903 cmd = enable ? CMD_RADIO_ON : CMD_RADIO_OFF;
905 ret = at76_set_card_command(priv->udev, cmd, NULL, 0);
907 printk(KERN_ERR "%s: at76_set_card_command(%d) failed: %d\n",
908 priv->netdev->name, cmd, ret);
912 priv->radio_on = enable;
916 /* Set current power save mode (AT76_PM_OFF/AT76_PM_ON/AT76_PM_SMART) */
917 static int at76_set_pm_mode(struct at76_priv *priv)
921 priv->mib_buf.type = MIB_MAC_MGMT;
922 priv->mib_buf.size = 1;
923 priv->mib_buf.index = offsetof(struct mib_mac_mgmt, power_mgmt_mode);
924 priv->mib_buf.data.byte = priv->pm_mode;
926 ret = at76_set_mib(priv, &priv->mib_buf);
928 printk(KERN_ERR "%s: set_mib (pm_mode) failed: %d\n",
929 priv->netdev->name, ret);
934 /* Set the association id for power save mode */
935 static int at76_set_associd(struct at76_priv *priv, u16 id)
939 priv->mib_buf.type = MIB_MAC_MGMT;
940 priv->mib_buf.size = 2;
941 priv->mib_buf.index = offsetof(struct mib_mac_mgmt, station_id);
942 priv->mib_buf.data.word = cpu_to_le16(id);
944 ret = at76_set_mib(priv, &priv->mib_buf);
946 printk(KERN_ERR "%s: set_mib (associd) failed: %d\n",
947 priv->netdev->name, ret);
952 /* Set the listen interval for power save mode */
953 static int at76_set_listen_interval(struct at76_priv *priv, u16 interval)
957 priv->mib_buf.type = MIB_MAC;
958 priv->mib_buf.size = 2;
959 priv->mib_buf.index = offsetof(struct mib_mac, listen_interval);
960 priv->mib_buf.data.word = cpu_to_le16(interval);
962 ret = at76_set_mib(priv, &priv->mib_buf);
965 "%s: set_mib (listen_interval) failed: %d\n",
966 priv->netdev->name, ret);
971 static int at76_set_preamble(struct at76_priv *priv, u8 type)
975 priv->mib_buf.type = MIB_LOCAL;
976 priv->mib_buf.size = 1;
977 priv->mib_buf.index = offsetof(struct mib_local, preamble_type);
978 priv->mib_buf.data.byte = type;
980 ret = at76_set_mib(priv, &priv->mib_buf);
982 printk(KERN_ERR "%s: set_mib (preamble) failed: %d\n",
983 priv->netdev->name, ret);
988 static int at76_set_frag(struct at76_priv *priv, u16 size)
992 priv->mib_buf.type = MIB_MAC;
993 priv->mib_buf.size = 2;
994 priv->mib_buf.index = offsetof(struct mib_mac, frag_threshold);
995 priv->mib_buf.data.word = cpu_to_le16(size);
997 ret = at76_set_mib(priv, &priv->mib_buf);
999 printk(KERN_ERR "%s: set_mib (frag threshold) failed: %d\n",
1000 priv->netdev->name, ret);
1005 static int at76_set_rts(struct at76_priv *priv, u16 size)
1009 priv->mib_buf.type = MIB_MAC;
1010 priv->mib_buf.size = 2;
1011 priv->mib_buf.index = offsetof(struct mib_mac, rts_threshold);
1012 priv->mib_buf.data.word = cpu_to_le16(size);
1014 ret = at76_set_mib(priv, &priv->mib_buf);
1016 printk(KERN_ERR "%s: set_mib (rts) failed: %d\n",
1017 priv->netdev->name, ret);
1022 static int at76_set_autorate_fallback(struct at76_priv *priv, int onoff)
1026 priv->mib_buf.type = MIB_LOCAL;
1027 priv->mib_buf.size = 1;
1028 priv->mib_buf.index = offsetof(struct mib_local, txautorate_fallback);
1029 priv->mib_buf.data.byte = onoff;
1031 ret = at76_set_mib(priv, &priv->mib_buf);
1033 printk(KERN_ERR "%s: set_mib (autorate fallback) failed: %d\n",
1034 priv->netdev->name, ret);
1039 static int at76_add_mac_address(struct at76_priv *priv, void *addr)
1043 priv->mib_buf.type = MIB_MAC_ADDR;
1044 priv->mib_buf.size = ETH_ALEN;
1045 priv->mib_buf.index = offsetof(struct mib_mac_addr, mac_addr);
1046 memcpy(priv->mib_buf.data.addr, addr, ETH_ALEN);
1048 ret = at76_set_mib(priv, &priv->mib_buf);
1050 printk(KERN_ERR "%s: set_mib (MAC_ADDR, mac_addr) failed: %d\n",
1051 priv->netdev->name, ret);
1056 static void at76_dump_mib_mac_addr(struct at76_priv *priv)
1060 struct mib_mac_addr *m = kmalloc(sizeof(struct mib_mac_addr),
1066 ret = at76_get_mib(priv->udev, MIB_MAC_ADDR, m,
1067 sizeof(struct mib_mac_addr));
1069 printk(KERN_ERR "%s: at76_get_mib (MAC_ADDR) failed: %d\n",
1070 priv->netdev->name, ret);
1074 at76_dbg(DBG_MIB, "%s: MIB MAC_ADDR: mac_addr %s res 0x%x 0x%x",
1076 mac2str(m->mac_addr), m->res[0], m->res[1]);
1077 for (i = 0; i < ARRAY_SIZE(m->group_addr); i++)
1078 at76_dbg(DBG_MIB, "%s: MIB MAC_ADDR: group addr %d: %s, "
1079 "status %d", priv->netdev->name, i,
1080 mac2str(m->group_addr[i]), m->group_addr_status[i]);
1085 static void at76_dump_mib_mac_wep(struct at76_priv *priv)
1090 struct mib_mac_wep *m = kmalloc(sizeof(struct mib_mac_wep), GFP_KERNEL);
1095 ret = at76_get_mib(priv->udev, MIB_MAC_WEP, m,
1096 sizeof(struct mib_mac_wep));
1098 printk(KERN_ERR "%s: at76_get_mib (MAC_WEP) failed: %d\n",
1099 priv->netdev->name, ret);
1103 at76_dbg(DBG_MIB, "%s: MIB MAC_WEP: priv_invoked %u def_key_id %u "
1104 "key_len %u excl_unencr %u wep_icv_err %u wep_excluded %u "
1105 "encr_level %u key %d", priv->netdev->name,
1106 m->privacy_invoked, m->wep_default_key_id,
1107 m->wep_key_mapping_len, m->exclude_unencrypted,
1108 le32_to_cpu(m->wep_icv_error_count),
1109 le32_to_cpu(m->wep_excluded_count), m->encryption_level,
1110 m->wep_default_key_id);
1112 key_len = (m->encryption_level == 1) ?
1113 WEP_SMALL_KEY_LEN : WEP_LARGE_KEY_LEN;
1115 for (i = 0; i < WEP_KEYS; i++)
1116 at76_dbg(DBG_MIB, "%s: MIB MAC_WEP: key %d: %s",
1117 priv->netdev->name, i,
1118 hex2str(m->wep_default_keyvalue[i], key_len));
1123 static void at76_dump_mib_mac_mgmt(struct at76_priv *priv)
1126 struct mib_mac_mgmt *m = kmalloc(sizeof(struct mib_mac_mgmt),
1132 ret = at76_get_mib(priv->udev, MIB_MAC_MGMT, m,
1133 sizeof(struct mib_mac_mgmt));
1135 printk(KERN_ERR "%s: at76_get_mib (MAC_MGMT) failed: %d\n",
1136 priv->netdev->name, ret);
1140 at76_dbg(DBG_MIB, "%s: MIB MAC_MGMT: beacon_period %d CFP_max_duration "
1141 "%d medium_occupancy_limit %d station_id 0x%x ATIM_window %d "
1142 "CFP_mode %d privacy_opt_impl %d DTIM_period %d CFP_period %d "
1143 "current_bssid %s current_essid %s current_bss_type %d "
1144 "pm_mode %d ibss_change %d res %d "
1145 "multi_domain_capability_implemented %d "
1146 "international_roaming %d country_string %.3s",
1147 priv->netdev->name, le16_to_cpu(m->beacon_period),
1148 le16_to_cpu(m->CFP_max_duration),
1149 le16_to_cpu(m->medium_occupancy_limit),
1150 le16_to_cpu(m->station_id), le16_to_cpu(m->ATIM_window),
1151 m->CFP_mode, m->privacy_option_implemented, m->DTIM_period,
1152 m->CFP_period, mac2str(m->current_bssid),
1153 hex2str(m->current_essid, IW_ESSID_MAX_SIZE),
1154 m->current_bss_type, m->power_mgmt_mode, m->ibss_change,
1155 m->res, m->multi_domain_capability_implemented,
1156 m->multi_domain_capability_enabled, m->country_string);
1161 static void at76_dump_mib_mac(struct at76_priv *priv)
1164 struct mib_mac *m = kmalloc(sizeof(struct mib_mac), GFP_KERNEL);
1169 ret = at76_get_mib(priv->udev, MIB_MAC, m, sizeof(struct mib_mac));
1171 printk(KERN_ERR "%s: at76_get_mib (MAC) failed: %d\n",
1172 priv->netdev->name, ret);
1176 at76_dbg(DBG_MIB, "%s: MIB MAC: max_tx_msdu_lifetime %d "
1177 "max_rx_lifetime %d frag_threshold %d rts_threshold %d "
1178 "cwmin %d cwmax %d short_retry_time %d long_retry_time %d "
1179 "scan_type %d scan_channel %d probe_delay %u "
1180 "min_channel_time %d max_channel_time %d listen_int %d "
1181 "desired_ssid %s desired_bssid %s desired_bsstype %d",
1182 priv->netdev->name, le32_to_cpu(m->max_tx_msdu_lifetime),
1183 le32_to_cpu(m->max_rx_lifetime),
1184 le16_to_cpu(m->frag_threshold), le16_to_cpu(m->rts_threshold),
1185 le16_to_cpu(m->cwmin), le16_to_cpu(m->cwmax),
1186 m->short_retry_time, m->long_retry_time, m->scan_type,
1187 m->scan_channel, le16_to_cpu(m->probe_delay),
1188 le16_to_cpu(m->min_channel_time),
1189 le16_to_cpu(m->max_channel_time),
1190 le16_to_cpu(m->listen_interval),
1191 hex2str(m->desired_ssid, IW_ESSID_MAX_SIZE),
1192 mac2str(m->desired_bssid), m->desired_bsstype);
1197 static void at76_dump_mib_phy(struct at76_priv *priv)
1200 struct mib_phy *m = kmalloc(sizeof(struct mib_phy), GFP_KERNEL);
1205 ret = at76_get_mib(priv->udev, MIB_PHY, m, sizeof(struct mib_phy));
1207 printk(KERN_ERR "%s: at76_get_mib (PHY) failed: %d\n",
1208 priv->netdev->name, ret);
1212 at76_dbg(DBG_MIB, "%s: MIB PHY: ed_threshold %d slot_time %d "
1213 "sifs_time %d preamble_length %d plcp_header_length %d "
1214 "mpdu_max_length %d cca_mode_supported %d operation_rate_set "
1215 "0x%x 0x%x 0x%x 0x%x channel_id %d current_cca_mode %d "
1216 "phy_type %d current_reg_domain %d",
1217 priv->netdev->name, le32_to_cpu(m->ed_threshold),
1218 le16_to_cpu(m->slot_time), le16_to_cpu(m->sifs_time),
1219 le16_to_cpu(m->preamble_length),
1220 le16_to_cpu(m->plcp_header_length),
1221 le16_to_cpu(m->mpdu_max_length),
1222 le16_to_cpu(m->cca_mode_supported), m->operation_rate_set[0],
1223 m->operation_rate_set[1], m->operation_rate_set[2],
1224 m->operation_rate_set[3], m->channel_id, m->current_cca_mode,
1225 m->phy_type, m->current_reg_domain);
1230 static void at76_dump_mib_local(struct at76_priv *priv)
1233 struct mib_local *m = kmalloc(sizeof(struct mib_phy), GFP_KERNEL);
1238 ret = at76_get_mib(priv->udev, MIB_LOCAL, m, sizeof(struct mib_local));
1240 printk(KERN_ERR "%s: at76_get_mib (LOCAL) failed: %d\n",
1241 priv->netdev->name, ret);
1245 at76_dbg(DBG_MIB, "%s: MIB LOCAL: beacon_enable %d "
1246 "txautorate_fallback %d ssid_size %d promiscuous_mode %d "
1247 "preamble_type %d", priv->netdev->name, m->beacon_enable,
1248 m->txautorate_fallback, m->ssid_size, m->promiscuous_mode,
1254 static void at76_dump_mib_mdomain(struct at76_priv *priv)
1257 struct mib_mdomain *m = kmalloc(sizeof(struct mib_mdomain), GFP_KERNEL);
1262 ret = at76_get_mib(priv->udev, MIB_MDOMAIN, m,
1263 sizeof(struct mib_mdomain));
1265 printk(KERN_ERR "%s: at76_get_mib (MDOMAIN) failed: %d\n",
1266 priv->netdev->name, ret);
1270 at76_dbg(DBG_MIB, "%s: MIB MDOMAIN: channel_list %s",
1272 hex2str(m->channel_list, sizeof(m->channel_list)));
1274 at76_dbg(DBG_MIB, "%s: MIB MDOMAIN: tx_powerlevel %s",
1276 hex2str(m->tx_powerlevel, sizeof(m->tx_powerlevel)));
1281 static int at76_get_current_bssid(struct at76_priv *priv)
1284 struct mib_mac_mgmt *mac_mgmt =
1285 kmalloc(sizeof(struct mib_mac_mgmt), GFP_KERNEL);
1292 ret = at76_get_mib(priv->udev, MIB_MAC_MGMT, mac_mgmt,
1293 sizeof(struct mib_mac_mgmt));
1295 printk(KERN_ERR "%s: at76_get_mib failed: %d\n",
1296 priv->netdev->name, ret);
1299 memcpy(priv->bssid, mac_mgmt->current_bssid, ETH_ALEN);
1300 printk(KERN_INFO "%s: using BSSID %s\n", priv->netdev->name,
1301 mac2str(priv->bssid));
1308 static int at76_get_current_channel(struct at76_priv *priv)
1311 struct mib_phy *phy = kmalloc(sizeof(struct mib_phy), GFP_KERNEL);
1317 ret = at76_get_mib(priv->udev, MIB_PHY, phy, sizeof(struct mib_phy));
1319 printk(KERN_ERR "%s: at76_get_mib(MIB_PHY) failed: %d\n",
1320 priv->netdev->name, ret);
1323 priv->channel = phy->channel_id;
1331 * at76_start_scan - start a scan
1333 * @use_essid - use the configured ESSID in non passive mode
1335 static int at76_start_scan(struct at76_priv *priv, int use_essid)
1337 struct at76_req_scan scan;
1339 memset(&scan, 0, sizeof(struct at76_req_scan));
1340 memset(scan.bssid, 0xff, ETH_ALEN);
1343 memcpy(scan.essid, priv->essid, IW_ESSID_MAX_SIZE);
1344 scan.essid_size = priv->essid_size;
1346 scan.essid_size = 0;
1348 /* jal: why should we start at a certain channel? we do scan the whole
1349 range allowed by reg domain. */
1350 scan.channel = priv->channel;
1352 /* atmelwlandriver differs between scan type 0 and 1 (active/passive)
1353 For ad-hoc mode, it uses type 0 only. */
1354 scan.scan_type = priv->scan_mode;
1356 /* INFO: For probe_delay, not multiplying by 1024 as this will be
1357 slightly less than min_channel_time
1358 (per spec: probe delay < min. channel time) */
1359 scan.min_channel_time = cpu_to_le16(priv->scan_min_time);
1360 scan.max_channel_time = cpu_to_le16(priv->scan_max_time);
1361 scan.probe_delay = cpu_to_le16(priv->scan_min_time * 1000);
1362 scan.international_scan = 0;
1364 /* other values are set to 0 for type 0 */
1366 at76_dbg(DBG_PROGRESS, "%s: start_scan (use_essid = %d, intl = %d, "
1367 "channel = %d, probe_delay = %d, scan_min_time = %d, "
1368 "scan_max_time = %d)",
1369 priv->netdev->name, use_essid,
1370 scan.international_scan, scan.channel,
1371 le16_to_cpu(scan.probe_delay),
1372 le16_to_cpu(scan.min_channel_time),
1373 le16_to_cpu(scan.max_channel_time));
1375 return at76_set_card_command(priv->udev, CMD_SCAN, &scan, sizeof(scan));
1378 /* Enable monitor mode */
1379 static int at76_start_monitor(struct at76_priv *priv)
1381 struct at76_req_scan scan;
1384 memset(&scan, 0, sizeof(struct at76_req_scan));
1385 memset(scan.bssid, 0xff, ETH_ALEN);
1387 scan.channel = priv->channel;
1388 scan.scan_type = SCAN_TYPE_PASSIVE;
1389 scan.international_scan = 0;
1391 ret = at76_set_card_command(priv->udev, CMD_SCAN, &scan, sizeof(scan));
1393 ret = at76_get_cmd_status(priv->udev, CMD_SCAN);
1398 static int at76_start_ibss(struct at76_priv *priv)
1400 struct at76_req_ibss bss;
1403 WARN_ON(priv->mac_state != MAC_OWN_IBSS);
1404 if (priv->mac_state != MAC_OWN_IBSS)
1407 memset(&bss, 0, sizeof(struct at76_req_ibss));
1408 memset(bss.bssid, 0xff, ETH_ALEN);
1409 memcpy(bss.essid, priv->essid, IW_ESSID_MAX_SIZE);
1410 bss.essid_size = priv->essid_size;
1411 bss.bss_type = ADHOC_MODE;
1412 bss.channel = priv->channel;
1414 ret = at76_set_card_command(priv->udev, CMD_START_IBSS, &bss,
1415 sizeof(struct at76_req_ibss));
1417 printk(KERN_ERR "%s: start_ibss failed: %d\n",
1418 priv->netdev->name, ret);
1422 ret = at76_wait_completion(priv, CMD_START_IBSS);
1423 if (ret != CMD_STATUS_COMPLETE) {
1424 printk(KERN_ERR "%s: start_ibss failed to complete, %d\n",
1425 priv->netdev->name, ret);
1429 ret = at76_get_current_bssid(priv);
1433 ret = at76_get_current_channel(priv);
1437 /* not sure what this is good for ??? */
1438 priv->mib_buf.type = MIB_MAC_MGMT;
1439 priv->mib_buf.size = 1;
1440 priv->mib_buf.index = offsetof(struct mib_mac_mgmt, ibss_change);
1441 priv->mib_buf.data.byte = 0;
1443 ret = at76_set_mib(priv, &priv->mib_buf);
1445 printk(KERN_ERR "%s: set_mib (ibss change ok) failed: %d\n",
1446 priv->netdev->name, ret);
1450 netif_carrier_on(priv->netdev);
1451 netif_start_queue(priv->netdev);
1455 /* Request card to join BSS in managed or ad-hoc mode */
1456 static int at76_join_bss(struct at76_priv *priv, struct bss_info *ptr)
1458 struct at76_req_join join;
1462 memset(&join, 0, sizeof(struct at76_req_join));
1463 memcpy(join.bssid, ptr->bssid, ETH_ALEN);
1464 memcpy(join.essid, ptr->ssid, ptr->ssid_len);
1465 join.essid_size = ptr->ssid_len;
1466 join.bss_type = (priv->iw_mode == IW_MODE_ADHOC ? 1 : 2);
1467 join.channel = ptr->channel;
1468 join.timeout = cpu_to_le16(2000);
1470 at76_dbg(DBG_PROGRESS,
1471 "%s join addr %s ssid %s type %d ch %d timeout %d",
1472 priv->netdev->name, mac2str(join.bssid), join.essid,
1473 join.bss_type, join.channel, le16_to_cpu(join.timeout));
1474 return at76_set_card_command(priv->udev, CMD_JOIN, &join,
1475 sizeof(struct at76_req_join));
1478 /* Calculate padding from txbuf->wlength (which excludes the USB TX header),
1479 likely to compensate a flaw in the AT76C503A USB part ... */
1480 static inline int at76_calc_padding(int wlen)
1482 /* add the USB TX header */
1483 wlen += AT76_TX_HDRLEN;
1491 return 64 + 50 - wlen;
1496 /* We are doing a lot of things here in an interrupt. Need
1497 a bh handler (Watching TV with a TV card is probably
1498 a good test: if you see flickers, we are doing too much.
1499 Currently I do see flickers... even with our tasklet :-( )
1500 Maybe because the bttv driver and usb-uhci use the same interrupt
1502 /* Or maybe because our BH handler is preempting bttv's BH handler.. BHs don't
1503 * solve everything.. (alex) */
1504 static void at76_rx_callback(struct urb *urb)
1506 struct at76_priv *priv = urb->context;
1508 priv->rx_tasklet.data = (unsigned long)urb;
1509 tasklet_schedule(&priv->rx_tasklet);
1513 static void at76_tx_callback(struct urb *urb)
1515 struct at76_priv *priv = urb->context;
1516 struct net_device_stats *stats = &priv->stats;
1517 unsigned long flags;
1518 struct at76_tx_buffer *mgmt_buf;
1521 switch (urb->status) {
1523 stats->tx_packets++;
1527 /* urb has been unlinked */
1530 at76_dbg(DBG_URB, "%s - nonzero tx status received: %d",
1531 __func__, urb->status);
1536 spin_lock_irqsave(&priv->mgmt_spinlock, flags);
1537 mgmt_buf = priv->next_mgmt_bulk;
1538 priv->next_mgmt_bulk = NULL;
1539 spin_unlock_irqrestore(&priv->mgmt_spinlock, flags);
1542 netif_wake_queue(priv->netdev);
1546 /* we don't copy the padding bytes, but add them
1548 memcpy(priv->bulk_out_buffer, mgmt_buf,
1549 le16_to_cpu(mgmt_buf->wlength) + AT76_TX_HDRLEN);
1550 usb_fill_bulk_urb(priv->tx_urb, priv->udev, priv->tx_pipe,
1551 priv->bulk_out_buffer,
1552 le16_to_cpu(mgmt_buf->wlength) + mgmt_buf->padding +
1553 AT76_TX_HDRLEN, at76_tx_callback, priv);
1554 ret = usb_submit_urb(priv->tx_urb, GFP_ATOMIC);
1556 printk(KERN_ERR "%s: error in tx submit urb: %d\n",
1557 priv->netdev->name, ret);
1562 /* Send a management frame on bulk-out. txbuf->wlength must be set */
1563 static int at76_tx_mgmt(struct at76_priv *priv, struct at76_tx_buffer *txbuf)
1565 unsigned long flags;
1568 void *oldbuf = NULL;
1570 netif_carrier_off(priv->netdev); /* stop netdev watchdog */
1571 netif_stop_queue(priv->netdev); /* stop tx data packets */
1573 spin_lock_irqsave(&priv->mgmt_spinlock, flags);
1575 urb_status = priv->tx_urb->status;
1576 if (urb_status == -EINPROGRESS) {
1577 /* cannot transmit now, put in the queue */
1578 oldbuf = priv->next_mgmt_bulk;
1579 priv->next_mgmt_bulk = txbuf;
1581 spin_unlock_irqrestore(&priv->mgmt_spinlock, flags);
1584 /* a data/mgmt tx is already pending in the URB -
1585 if this is no error in some situations we must
1586 implement a queue or silently modify the old msg */
1587 printk(KERN_ERR "%s: removed pending mgmt buffer %s\n",
1588 priv->netdev->name, hex2str(oldbuf, 64));
1593 txbuf->tx_rate = TX_RATE_1MBIT;
1594 txbuf->padding = at76_calc_padding(le16_to_cpu(txbuf->wlength));
1595 memset(txbuf->reserved, 0, sizeof(txbuf->reserved));
1597 if (priv->next_mgmt_bulk)
1598 printk(KERN_ERR "%s: URB status %d, but mgmt is pending\n",
1599 priv->netdev->name, urb_status);
1601 at76_dbg(DBG_TX_MGMT,
1602 "%s: tx mgmt: wlen %d tx_rate %d pad %d %s",
1603 priv->netdev->name, le16_to_cpu(txbuf->wlength),
1604 txbuf->tx_rate, txbuf->padding,
1605 hex2str(txbuf->packet, le16_to_cpu(txbuf->wlength)));
1607 /* txbuf was not consumed above -> send mgmt msg immediately */
1608 memcpy(priv->bulk_out_buffer, txbuf,
1609 le16_to_cpu(txbuf->wlength) + AT76_TX_HDRLEN);
1610 usb_fill_bulk_urb(priv->tx_urb, priv->udev, priv->tx_pipe,
1611 priv->bulk_out_buffer,
1612 le16_to_cpu(txbuf->wlength) + txbuf->padding +
1613 AT76_TX_HDRLEN, at76_tx_callback, priv);
1614 ret = usb_submit_urb(priv->tx_urb, GFP_ATOMIC);
1616 printk(KERN_ERR "%s: error in tx submit urb: %d\n",
1617 priv->netdev->name, ret);
1624 /* Go to the next information element */
1625 static inline void next_ie(struct ieee80211_info_element **ie)
1627 *ie = (struct ieee80211_info_element *)(&(*ie)->data[(*ie)->len]);
1630 /* Challenge is the challenge string (in TLV format)
1631 we got with seq_nr 2 for shared secret authentication only and
1632 send in seq_nr 3 WEP encrypted to prove we have the correct WEP key;
1633 otherwise it is NULL */
1634 static int at76_auth_req(struct at76_priv *priv, struct bss_info *bss,
1635 int seq_nr, struct ieee80211_info_element *challenge)
1637 struct at76_tx_buffer *tx_buffer;
1638 struct ieee80211_hdr_3addr *mgmt;
1639 struct ieee80211_auth *req;
1640 int buf_len = (seq_nr != 3 ? AUTH_FRAME_SIZE :
1641 AUTH_FRAME_SIZE + 1 + 1 + challenge->len);
1644 BUG_ON(seq_nr == 3 && !challenge);
1645 tx_buffer = kmalloc(buf_len + MAX_PADDING_SIZE, GFP_ATOMIC);
1649 req = (struct ieee80211_auth *)tx_buffer->packet;
1650 mgmt = &req->header;
1652 /* make wireless header */
1653 /* first auth msg is not encrypted, only the second (seq_nr == 3) */
1655 cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH |
1656 (seq_nr == 3 ? IEEE80211_FCTL_PROTECTED : 0));
1658 mgmt->duration_id = cpu_to_le16(0x8000);
1659 memcpy(mgmt->addr1, bss->bssid, ETH_ALEN);
1660 memcpy(mgmt->addr2, priv->netdev->dev_addr, ETH_ALEN);
1661 memcpy(mgmt->addr3, bss->bssid, ETH_ALEN);
1662 mgmt->seq_ctl = cpu_to_le16(0);
1664 req->algorithm = cpu_to_le16(priv->auth_mode);
1665 req->transaction = cpu_to_le16(seq_nr);
1666 req->status = cpu_to_le16(0);
1669 memcpy(req->info_element, challenge, 1 + 1 + challenge->len);
1671 /* init. at76_priv tx header */
1672 tx_buffer->wlength = cpu_to_le16(buf_len - AT76_TX_HDRLEN);
1673 at76_dbg(DBG_TX_MGMT, "%s: AuthReq bssid %s alg %d seq_nr %d",
1674 priv->netdev->name, mac2str(mgmt->addr3),
1675 le16_to_cpu(req->algorithm), le16_to_cpu(req->transaction));
1677 at76_dbg(DBG_TX_MGMT, "%s: AuthReq challenge: %s ...",
1678 priv->netdev->name, hex2str(req->info_element, 18));
1680 /* either send immediately (if no data tx is pending
1681 or put it in pending list */
1682 return at76_tx_mgmt(priv, tx_buffer);
1685 static int at76_assoc_req(struct at76_priv *priv, struct bss_info *bss)
1687 struct at76_tx_buffer *tx_buffer;
1688 struct ieee80211_hdr_3addr *mgmt;
1689 struct ieee80211_assoc_request *req;
1690 struct ieee80211_info_element *ie;
1697 tx_buffer = kmalloc(ASSOCREQ_MAX_SIZE + MAX_PADDING_SIZE, GFP_ATOMIC);
1701 req = (struct ieee80211_assoc_request *)tx_buffer->packet;
1702 mgmt = &req->header;
1703 ie = req->info_element;
1705 /* make wireless header */
1706 mgmt->frame_ctl = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1707 IEEE80211_STYPE_ASSOC_REQ);
1709 mgmt->duration_id = cpu_to_le16(0x8000);
1710 memcpy(mgmt->addr1, bss->bssid, ETH_ALEN);
1711 memcpy(mgmt->addr2, priv->netdev->dev_addr, ETH_ALEN);
1712 memcpy(mgmt->addr3, bss->bssid, ETH_ALEN);
1713 mgmt->seq_ctl = cpu_to_le16(0);
1715 /* we must set the Privacy bit in the capabilities to assure an
1716 Agere-based AP with optional WEP transmits encrypted frames
1717 to us. AP only set the Privacy bit in their capabilities
1718 if WEP is mandatory in the BSS! */
1720 if (priv->wep_enabled)
1721 capa |= WLAN_CAPABILITY_PRIVACY;
1722 if (priv->preamble_type != PREAMBLE_TYPE_LONG)
1723 capa |= WLAN_CAPABILITY_SHORT_PREAMBLE;
1724 req->capability = cpu_to_le16(capa);
1726 req->listen_interval = cpu_to_le16(2 * bss->beacon_interval);
1728 /* write TLV data elements */
1730 ie->id = WLAN_EID_SSID;
1731 ie->len = bss->ssid_len;
1732 memcpy(ie->data, bss->ssid, bss->ssid_len);
1735 ie->id = WLAN_EID_SUPP_RATES;
1736 ie->len = sizeof(hw_rates);
1737 memcpy(ie->data, hw_rates, sizeof(hw_rates));
1738 next_ie(&ie); /* ie points behind the supp_rates field */
1740 /* init. at76_priv tx header */
1741 tx_buffer->wlength = cpu_to_le16((u8 *)ie - (u8 *)mgmt);
1743 ie = req->info_element;
1745 essid_len = min_t(int, IW_ESSID_MAX_SIZE, ie->len);
1747 next_ie(&ie); /* points to IE of rates now */
1748 at76_dbg(DBG_TX_MGMT,
1749 "%s: AssocReq bssid %s capa 0x%04x ssid %.*s rates %s",
1750 priv->netdev->name, mac2str(mgmt->addr3),
1751 le16_to_cpu(req->capability), essid_len, essid,
1752 hex2str(ie->data, ie->len));
1754 /* either send immediately (if no data tx is pending
1755 or put it in pending list */
1756 return at76_tx_mgmt(priv, tx_buffer);
1759 /* We got to check the bss_list for old entries */
1760 static void at76_bss_list_timeout(unsigned long par)
1762 struct at76_priv *priv = (struct at76_priv *)par;
1763 unsigned long flags;
1764 struct list_head *lptr, *nptr;
1765 struct bss_info *ptr;
1767 spin_lock_irqsave(&priv->bss_list_spinlock, flags);
1769 list_for_each_safe(lptr, nptr, &priv->bss_list) {
1771 ptr = list_entry(lptr, struct bss_info, list);
1773 if (ptr != priv->curr_bss
1774 && time_after(jiffies, ptr->last_rx + BSS_LIST_TIMEOUT)) {
1775 at76_dbg(DBG_BSS_TABLE_RM,
1776 "%s: bss_list: removing old BSS %s ch %d",
1777 priv->netdev->name, mac2str(ptr->bssid),
1779 list_del(&ptr->list);
1783 spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
1784 /* restart the timer */
1785 mod_timer(&priv->bss_list_timer, jiffies + BSS_LIST_TIMEOUT);
1788 static inline void at76_set_mac_state(struct at76_priv *priv,
1789 enum mac_state mac_state)
1791 at76_dbg(DBG_MAC_STATE, "%s state: %s", priv->netdev->name,
1792 mac_states[mac_state]);
1793 priv->mac_state = mac_state;
1796 static void at76_dump_bss_table(struct at76_priv *priv)
1798 struct bss_info *ptr;
1799 unsigned long flags;
1800 struct list_head *lptr;
1802 spin_lock_irqsave(&priv->bss_list_spinlock, flags);
1804 at76_dbg(DBG_BSS_TABLE, "%s BSS table (curr=%p):", priv->netdev->name,
1807 list_for_each(lptr, &priv->bss_list) {
1808 ptr = list_entry(lptr, struct bss_info, list);
1809 at76_dbg(DBG_BSS_TABLE, "0x%p: bssid %s channel %d ssid %.*s "
1810 "(%s) capa 0x%04x rates %s rssi %d link %d noise %d",
1811 ptr, mac2str(ptr->bssid), ptr->channel, ptr->ssid_len,
1812 ptr->ssid, hex2str(ptr->ssid, ptr->ssid_len),
1813 ptr->capa, hex2str(ptr->rates, ptr->rates_len),
1814 ptr->rssi, ptr->link_qual, ptr->noise_level);
1816 spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
1819 /* Called upon successful association to mark interface as connected */
1820 static void at76_work_assoc_done(struct work_struct *work)
1822 struct at76_priv *priv = container_of(work, struct at76_priv,
1825 mutex_lock(&priv->mtx);
1827 WARN_ON(priv->mac_state != MAC_ASSOC);
1828 WARN_ON(!priv->curr_bss);
1829 if (priv->mac_state != MAC_ASSOC || !priv->curr_bss)
1832 if (priv->iw_mode == IW_MODE_INFRA) {
1833 if (priv->pm_mode != AT76_PM_OFF) {
1834 /* calculate the listen interval in units of
1835 beacon intervals of the curr_bss */
1836 u32 pm_period_beacon = (priv->pm_period >> 10) /
1837 priv->curr_bss->beacon_interval;
1839 pm_period_beacon = max(pm_period_beacon, 2u);
1840 pm_period_beacon = min(pm_period_beacon, 0xffffu);
1843 "%s: pm_mode %d assoc id 0x%x listen int %d",
1844 priv->netdev->name, priv->pm_mode,
1845 priv->assoc_id, pm_period_beacon);
1847 at76_set_associd(priv, priv->assoc_id);
1848 at76_set_listen_interval(priv, (u16)pm_period_beacon);
1850 schedule_delayed_work(&priv->dwork_beacon, BEACON_TIMEOUT);
1852 at76_set_pm_mode(priv);
1854 netif_carrier_on(priv->netdev);
1855 netif_wake_queue(priv->netdev);
1856 at76_set_mac_state(priv, MAC_CONNECTED);
1857 at76_iwevent_bss_connect(priv->netdev, priv->curr_bss->bssid);
1858 at76_dbg(DBG_PROGRESS, "%s: connected to BSSID %s",
1859 priv->netdev->name, mac2str(priv->curr_bss->bssid));
1862 mutex_unlock(&priv->mtx);
1865 /* We only store the new mac address in netdev struct,
1866 it gets set when the netdev is opened. */
1867 static int at76_set_mac_address(struct net_device *netdev, void *addr)
1869 struct sockaddr *mac = addr;
1870 memcpy(netdev->dev_addr, mac->sa_data, ETH_ALEN);
1874 static struct net_device_stats *at76_get_stats(struct net_device *netdev)
1876 struct at76_priv *priv = netdev_priv(netdev);
1877 return &priv->stats;
1880 static struct iw_statistics *at76_get_wireless_stats(struct net_device *netdev)
1882 struct at76_priv *priv = netdev_priv(netdev);
1884 at76_dbg(DBG_IOCTL, "RETURN qual %d level %d noise %d updated %d",
1885 priv->wstats.qual.qual, priv->wstats.qual.level,
1886 priv->wstats.qual.noise, priv->wstats.qual.updated);
1888 return &priv->wstats;
1891 static void at76_set_multicast(struct net_device *netdev)
1893 struct at76_priv *priv = netdev_priv(netdev);
1896 promisc = ((netdev->flags & IFF_PROMISC) != 0);
1897 if (promisc != priv->promisc) {
1898 /* This gets called in interrupt, must reschedule */
1899 priv->promisc = promisc;
1900 schedule_work(&priv->work_set_promisc);
1904 /* Stop all network activity, flush all pending tasks */
1905 static void at76_quiesce(struct at76_priv *priv)
1907 unsigned long flags;
1909 netif_stop_queue(priv->netdev);
1910 netif_carrier_off(priv->netdev);
1912 at76_set_mac_state(priv, MAC_INIT);
1914 cancel_delayed_work(&priv->dwork_get_scan);
1915 cancel_delayed_work(&priv->dwork_beacon);
1916 cancel_delayed_work(&priv->dwork_auth);
1917 cancel_delayed_work(&priv->dwork_assoc);
1918 cancel_delayed_work(&priv->dwork_restart);
1920 spin_lock_irqsave(&priv->mgmt_spinlock, flags);
1921 kfree(priv->next_mgmt_bulk);
1922 priv->next_mgmt_bulk = NULL;
1923 spin_unlock_irqrestore(&priv->mgmt_spinlock, flags);
1926 /*******************************************************************************
1927 * at76_priv implementations of iw_handler functions:
1929 static int at76_iw_handler_commit(struct net_device *netdev,
1930 struct iw_request_info *info,
1931 void *null, char *extra)
1933 struct at76_priv *priv = netdev_priv(netdev);
1935 at76_dbg(DBG_IOCTL, "%s %s: restarting the device", netdev->name,
1938 if (priv->mac_state != MAC_INIT)
1941 /* Wait half second before the restart to process subsequent
1942 * requests from the same iwconfig in a single restart */
1943 schedule_delayed_work(&priv->dwork_restart, HZ / 2);
1948 static int at76_iw_handler_get_name(struct net_device *netdev,
1949 struct iw_request_info *info,
1950 char *name, char *extra)
1952 strcpy(name, "IEEE 802.11b");
1953 at76_dbg(DBG_IOCTL, "%s: SIOCGIWNAME - name %s", netdev->name, name);
1957 static int at76_iw_handler_set_freq(struct net_device *netdev,
1958 struct iw_request_info *info,
1959 struct iw_freq *freq, char *extra)
1961 struct at76_priv *priv = netdev_priv(netdev);
1963 int ret = -EIWCOMMIT;
1964 at76_dbg(DBG_IOCTL, "%s: SIOCSIWFREQ - freq.m %d freq.e %d",
1965 netdev->name, freq->m, freq->e);
1967 if ((freq->e == 0) && (freq->m <= 1000))
1968 /* Setting by channel number */
1971 /* Setting by frequency - search the table */
1975 for (i = 0; i < (6 - freq->e); i++)
1978 for (i = 0; i < NUM_CHANNELS; i++) {
1979 if (freq->m == (channel_frequency[i] * mult))
1984 if (chan < 1 || !priv->domain)
1985 /* non-positive channels are invalid
1986 * we need a domain info to set the channel
1987 * either that or an invalid frequency was
1988 * provided by the user */
1990 else if (!(priv->domain->channel_map & (1 << (chan - 1)))) {
1991 printk(KERN_INFO "%s: channel %d not allowed for domain %s\n",
1992 priv->netdev->name, chan, priv->domain->name);
1996 if (ret == -EIWCOMMIT) {
1997 priv->channel = chan;
1998 at76_dbg(DBG_IOCTL, "%s: SIOCSIWFREQ - ch %d", netdev->name,
2005 static int at76_iw_handler_get_freq(struct net_device *netdev,
2006 struct iw_request_info *info,
2007 struct iw_freq *freq, char *extra)
2009 struct at76_priv *priv = netdev_priv(netdev);
2011 freq->m = priv->channel;
2015 at76_dbg(DBG_IOCTL, "%s: SIOCGIWFREQ - freq %ld x 10e%d",
2016 netdev->name, channel_frequency[priv->channel - 1], 6);
2018 at76_dbg(DBG_IOCTL, "%s: SIOCGIWFREQ - ch %d", netdev->name,
2024 static int at76_iw_handler_set_mode(struct net_device *netdev,
2025 struct iw_request_info *info,
2026 __u32 *mode, char *extra)
2028 struct at76_priv *priv = netdev_priv(netdev);
2030 at76_dbg(DBG_IOCTL, "%s: SIOCSIWMODE - %d", netdev->name, *mode);
2032 if ((*mode != IW_MODE_ADHOC) && (*mode != IW_MODE_INFRA) &&
2033 (*mode != IW_MODE_MONITOR))
2036 priv->iw_mode = *mode;
2037 if (priv->iw_mode != IW_MODE_INFRA)
2038 priv->pm_mode = AT76_PM_OFF;
2043 static int at76_iw_handler_get_mode(struct net_device *netdev,
2044 struct iw_request_info *info,
2045 __u32 *mode, char *extra)
2047 struct at76_priv *priv = netdev_priv(netdev);
2049 *mode = priv->iw_mode;
2051 at76_dbg(DBG_IOCTL, "%s: SIOCGIWMODE - %d", netdev->name, *mode);
2056 static int at76_iw_handler_get_range(struct net_device *netdev,
2057 struct iw_request_info *info,
2058 struct iw_point *data, char *extra)
2060 /* inspired by atmel.c */
2061 struct at76_priv *priv = netdev_priv(netdev);
2062 struct iw_range *range = (struct iw_range *)extra;
2065 data->length = sizeof(struct iw_range);
2066 memset(range, 0, sizeof(struct iw_range));
2068 /* TODO: range->throughput = xxxxxx; */
2070 range->min_nwid = 0x0000;
2071 range->max_nwid = 0x0000;
2073 /* this driver doesn't maintain sensitivity information */
2074 range->sensitivity = 0;
2076 range->max_qual.qual = 100;
2077 range->max_qual.level = 100;
2078 range->max_qual.noise = 0;
2079 range->max_qual.updated = IW_QUAL_NOISE_INVALID;
2081 range->avg_qual.qual = 50;
2082 range->avg_qual.level = 50;
2083 range->avg_qual.noise = 0;
2084 range->avg_qual.updated = IW_QUAL_NOISE_INVALID;
2086 range->bitrate[0] = 1000000;
2087 range->bitrate[1] = 2000000;
2088 range->bitrate[2] = 5500000;
2089 range->bitrate[3] = 11000000;
2090 range->num_bitrates = 4;
2093 range->max_rts = MAX_RTS_THRESHOLD;
2095 range->min_frag = MIN_FRAG_THRESHOLD;
2096 range->max_frag = MAX_FRAG_THRESHOLD;
2098 range->pmp_flags = IW_POWER_PERIOD;
2099 range->pmt_flags = IW_POWER_ON;
2100 range->pm_capa = IW_POWER_PERIOD | IW_POWER_ALL_R;
2102 range->encoding_size[0] = WEP_SMALL_KEY_LEN;
2103 range->encoding_size[1] = WEP_LARGE_KEY_LEN;
2104 range->num_encoding_sizes = 2;
2105 range->max_encoding_tokens = WEP_KEYS;
2107 /* both WL-240U and Linksys WUSB11 v2.6 specify 15 dBm as output power
2108 - take this for all (ignore antenna gains) */
2109 range->txpower[0] = 15;
2110 range->num_txpower = 1;
2111 range->txpower_capa = IW_TXPOW_DBM;
2113 range->we_version_source = WIRELESS_EXT;
2114 range->we_version_compiled = WIRELESS_EXT;
2116 /* same as the values used in atmel.c */
2117 range->retry_capa = IW_RETRY_LIMIT;
2118 range->retry_flags = IW_RETRY_LIMIT;
2119 range->r_time_flags = 0;
2120 range->min_retry = 1;
2121 range->max_retry = 255;
2123 range->num_channels = NUM_CHANNELS;
2124 range->num_frequency = 0;
2126 for (i = 0; i < NUM_CHANNELS; i++) {
2127 /* test if channel map bit is raised */
2128 if (priv->domain->channel_map & (0x1 << i)) {
2129 range->num_frequency += 1;
2131 range->freq[i].i = i + 1;
2132 range->freq[i].m = channel_frequency[i] * 100000;
2133 range->freq[i].e = 1; /* freq * 10^1 */
2137 at76_dbg(DBG_IOCTL, "%s: SIOCGIWRANGE", netdev->name);
2142 static int at76_iw_handler_set_spy(struct net_device *netdev,
2143 struct iw_request_info *info,
2144 struct iw_point *data, char *extra)
2146 struct at76_priv *priv = netdev_priv(netdev);
2149 at76_dbg(DBG_IOCTL, "%s: SIOCSIWSPY - number of addresses %d",
2150 netdev->name, data->length);
2152 spin_lock_bh(&priv->spy_spinlock);
2153 ret = iw_handler_set_spy(priv->netdev, info, (union iwreq_data *)data,
2155 spin_unlock_bh(&priv->spy_spinlock);
2160 static int at76_iw_handler_get_spy(struct net_device *netdev,
2161 struct iw_request_info *info,
2162 struct iw_point *data, char *extra)
2165 struct at76_priv *priv = netdev_priv(netdev);
2168 spin_lock_bh(&priv->spy_spinlock);
2169 ret = iw_handler_get_spy(priv->netdev, info,
2170 (union iwreq_data *)data, extra);
2171 spin_unlock_bh(&priv->spy_spinlock);
2173 at76_dbg(DBG_IOCTL, "%s: SIOCGIWSPY - number of addresses %d",
2174 netdev->name, data->length);
2179 static int at76_iw_handler_set_thrspy(struct net_device *netdev,
2180 struct iw_request_info *info,
2181 struct iw_point *data, char *extra)
2183 struct at76_priv *priv = netdev_priv(netdev);
2186 at76_dbg(DBG_IOCTL, "%s: SIOCSIWTHRSPY - number of addresses %d)",
2187 netdev->name, data->length);
2189 spin_lock_bh(&priv->spy_spinlock);
2190 ret = iw_handler_set_thrspy(netdev, info, (union iwreq_data *)data,
2192 spin_unlock_bh(&priv->spy_spinlock);
2197 static int at76_iw_handler_get_thrspy(struct net_device *netdev,
2198 struct iw_request_info *info,
2199 struct iw_point *data, char *extra)
2201 struct at76_priv *priv = netdev_priv(netdev);
2204 spin_lock_bh(&priv->spy_spinlock);
2205 ret = iw_handler_get_thrspy(netdev, info, (union iwreq_data *)data,
2207 spin_unlock_bh(&priv->spy_spinlock);
2209 at76_dbg(DBG_IOCTL, "%s: SIOCGIWTHRSPY - number of addresses %d)",
2210 netdev->name, data->length);
2215 static int at76_iw_handler_set_wap(struct net_device *netdev,
2216 struct iw_request_info *info,
2217 struct sockaddr *ap_addr, char *extra)
2219 struct at76_priv *priv = netdev_priv(netdev);
2221 at76_dbg(DBG_IOCTL, "%s: SIOCSIWAP - wap/bssid %s", netdev->name,
2222 mac2str(ap_addr->sa_data));
2224 /* if the incoming address == ff:ff:ff:ff:ff:ff, the user has
2225 chosen any or auto AP preference */
2226 if (is_broadcast_ether_addr(ap_addr->sa_data)
2227 || is_zero_ether_addr(ap_addr->sa_data))
2228 priv->wanted_bssid_valid = 0;
2230 /* user wants to set a preferred AP address */
2231 priv->wanted_bssid_valid = 1;
2232 memcpy(priv->wanted_bssid, ap_addr->sa_data, ETH_ALEN);
2238 static int at76_iw_handler_get_wap(struct net_device *netdev,
2239 struct iw_request_info *info,
2240 struct sockaddr *ap_addr, char *extra)
2242 struct at76_priv *priv = netdev_priv(netdev);
2244 ap_addr->sa_family = ARPHRD_ETHER;
2245 memcpy(ap_addr->sa_data, priv->bssid, ETH_ALEN);
2247 at76_dbg(DBG_IOCTL, "%s: SIOCGIWAP - wap/bssid %s", netdev->name,
2248 mac2str(ap_addr->sa_data));
2253 static int at76_iw_handler_set_scan(struct net_device *netdev,
2254 struct iw_request_info *info,
2255 union iwreq_data *wrqu, char *extra)
2257 struct at76_priv *priv = netdev_priv(netdev);
2260 at76_dbg(DBG_IOCTL, "%s: SIOCSIWSCAN", netdev->name);
2262 if (mutex_lock_interruptible(&priv->mtx))
2265 if (!netif_running(netdev)) {
2270 /* jal: we don't allow "iwlist ethX scan" while we are
2272 if (priv->iw_mode == IW_MODE_MONITOR) {
2277 /* Discard old scan results */
2278 if ((jiffies - priv->last_scan) > (20 * HZ))
2279 priv->scan_state = SCAN_IDLE;
2280 priv->last_scan = jiffies;
2282 /* Initiate a scan command */
2283 if (priv->scan_state == SCAN_IN_PROGRESS) {
2288 priv->scan_state = SCAN_IN_PROGRESS;
2292 /* Try to do passive or active scan if WE asks as. */
2293 if (wrqu->data.length
2294 && wrqu->data.length == sizeof(struct iw_scan_req)) {
2295 struct iw_scan_req *req = (struct iw_scan_req *)extra;
2297 if (req->scan_type == IW_SCAN_TYPE_PASSIVE)
2298 priv->scan_mode = SCAN_TYPE_PASSIVE;
2299 else if (req->scan_type == IW_SCAN_TYPE_ACTIVE)
2300 priv->scan_mode = SCAN_TYPE_ACTIVE;
2302 /* Sanity check values? */
2303 if (req->min_channel_time > 0)
2304 priv->scan_min_time = req->min_channel_time;
2306 if (req->max_channel_time > 0)
2307 priv->scan_max_time = req->max_channel_time;
2310 /* change to scanning state */
2311 at76_set_mac_state(priv, MAC_SCANNING);
2312 schedule_work(&priv->work_start_scan);
2315 mutex_unlock(&priv->mtx);
2319 static int at76_iw_handler_get_scan(struct net_device *netdev,
2320 struct iw_request_info *info,
2321 struct iw_point *data, char *extra)
2323 struct at76_priv *priv = netdev_priv(netdev);
2324 unsigned long flags;
2325 struct list_head *lptr, *nptr;
2326 struct bss_info *curr_bss;
2327 struct iw_event *iwe = kmalloc(sizeof(struct iw_event), GFP_KERNEL);
2328 char *curr_val, *curr_pos = extra;
2331 at76_dbg(DBG_IOCTL, "%s: SIOCGIWSCAN", netdev->name);
2336 if (priv->scan_state != SCAN_COMPLETED) {
2337 /* scan not yet finished */
2342 spin_lock_irqsave(&priv->bss_list_spinlock, flags);
2344 list_for_each_safe(lptr, nptr, &priv->bss_list) {
2345 curr_bss = list_entry(lptr, struct bss_info, list);
2347 iwe->cmd = SIOCGIWAP;
2348 iwe->u.ap_addr.sa_family = ARPHRD_ETHER;
2349 memcpy(iwe->u.ap_addr.sa_data, curr_bss->bssid, 6);
2350 curr_pos = iwe_stream_add_event(info, curr_pos,
2351 extra + IW_SCAN_MAX_DATA, iwe,
2354 iwe->u.data.length = curr_bss->ssid_len;
2355 iwe->cmd = SIOCGIWESSID;
2356 iwe->u.data.flags = 1;
2358 curr_pos = iwe_stream_add_point(info, curr_pos,
2359 extra + IW_SCAN_MAX_DATA, iwe,
2362 iwe->cmd = SIOCGIWMODE;
2363 iwe->u.mode = (curr_bss->capa & WLAN_CAPABILITY_IBSS) ?
2365 (curr_bss->capa & WLAN_CAPABILITY_ESS) ?
2366 IW_MODE_MASTER : IW_MODE_AUTO;
2367 /* IW_MODE_AUTO = 0 which I thought is
2368 * the most logical value to return in this case */
2369 curr_pos = iwe_stream_add_event(info, curr_pos,
2370 extra + IW_SCAN_MAX_DATA, iwe,
2373 iwe->cmd = SIOCGIWFREQ;
2374 iwe->u.freq.m = curr_bss->channel;
2376 curr_pos = iwe_stream_add_event(info, curr_pos,
2377 extra + IW_SCAN_MAX_DATA, iwe,
2380 iwe->cmd = SIOCGIWENCODE;
2381 if (curr_bss->capa & WLAN_CAPABILITY_PRIVACY)
2382 iwe->u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2384 iwe->u.data.flags = IW_ENCODE_DISABLED;
2386 iwe->u.data.length = 0;
2387 curr_pos = iwe_stream_add_point(info, curr_pos,
2388 extra + IW_SCAN_MAX_DATA, iwe,
2391 /* Add quality statistics */
2392 iwe->cmd = IWEVQUAL;
2393 iwe->u.qual.noise = 0;
2394 iwe->u.qual.updated =
2395 IW_QUAL_NOISE_INVALID | IW_QUAL_LEVEL_UPDATED;
2396 iwe->u.qual.level = (curr_bss->rssi * 100 / 42);
2397 if (iwe->u.qual.level > 100)
2398 iwe->u.qual.level = 100;
2399 if (at76_is_intersil(priv->board_type))
2400 iwe->u.qual.qual = curr_bss->link_qual;
2402 iwe->u.qual.qual = 0;
2403 iwe->u.qual.updated |= IW_QUAL_QUAL_INVALID;
2405 /* Add new value to event */
2406 curr_pos = iwe_stream_add_event(info, curr_pos,
2407 extra + IW_SCAN_MAX_DATA, iwe,
2410 /* Rate: stuffing multiple values in a single event requires
2411 * a bit more of magic - Jean II */
2412 curr_val = curr_pos + IW_EV_LCP_LEN;
2414 iwe->cmd = SIOCGIWRATE;
2415 /* Those two flags are ignored... */
2416 iwe->u.bitrate.fixed = 0;
2417 iwe->u.bitrate.disabled = 0;
2419 for (i = 0; i < curr_bss->rates_len; i++) {
2420 /* Bit rate given in 500 kb/s units (+ 0x80) */
2421 iwe->u.bitrate.value =
2422 ((curr_bss->rates[i] & 0x7f) * 500000);
2423 /* Add new value to event */
2424 curr_val = iwe_stream_add_value(info, curr_pos,
2427 IW_SCAN_MAX_DATA, iwe,
2431 /* Check if we added any event */
2432 if ((curr_val - curr_pos) > IW_EV_LCP_LEN)
2433 curr_pos = curr_val;
2435 /* more information may be sent back using IWECUSTOM */
2439 spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
2441 data->length = (curr_pos - extra);
2448 static int at76_iw_handler_set_essid(struct net_device *netdev,
2449 struct iw_request_info *info,
2450 struct iw_point *data, char *extra)
2452 struct at76_priv *priv = netdev_priv(netdev);
2454 at76_dbg(DBG_IOCTL, "%s: SIOCSIWESSID - %s", netdev->name, extra);
2457 memcpy(priv->essid, extra, data->length);
2458 priv->essid_size = data->length;
2460 priv->essid_size = 0; /* Use any SSID */
2465 static int at76_iw_handler_get_essid(struct net_device *netdev,
2466 struct iw_request_info *info,
2467 struct iw_point *data, char *extra)
2469 struct at76_priv *priv = netdev_priv(netdev);
2471 if (priv->essid_size) {
2472 /* not the ANY ssid in priv->essid */
2474 data->length = priv->essid_size;
2475 memcpy(extra, priv->essid, data->length);
2477 /* the ANY ssid was specified */
2478 if (priv->mac_state == MAC_CONNECTED && priv->curr_bss) {
2479 /* report the SSID we have found */
2481 data->length = priv->curr_bss->ssid_len;
2482 memcpy(extra, priv->curr_bss->ssid, data->length);
2484 /* report ANY back */
2490 at76_dbg(DBG_IOCTL, "%s: SIOCGIWESSID - %.*s", netdev->name,
2491 data->length, extra);
2496 static int at76_iw_handler_set_rate(struct net_device *netdev,
2497 struct iw_request_info *info,
2498 struct iw_param *bitrate, char *extra)
2500 struct at76_priv *priv = netdev_priv(netdev);
2501 int ret = -EIWCOMMIT;
2503 at76_dbg(DBG_IOCTL, "%s: SIOCSIWRATE - %d", netdev->name,
2506 switch (bitrate->value) {
2508 priv->txrate = TX_RATE_AUTO;
2509 break; /* auto rate */
2511 priv->txrate = TX_RATE_1MBIT;
2514 priv->txrate = TX_RATE_2MBIT;
2517 priv->txrate = TX_RATE_5_5MBIT;
2520 priv->txrate = TX_RATE_11MBIT;
2529 static int at76_iw_handler_get_rate(struct net_device *netdev,
2530 struct iw_request_info *info,
2531 struct iw_param *bitrate, char *extra)
2533 struct at76_priv *priv = netdev_priv(netdev);
2536 switch (priv->txrate) {
2537 /* return max rate if RATE_AUTO */
2539 bitrate->value = 11000000;
2542 bitrate->value = 1000000;
2545 bitrate->value = 2000000;
2547 case TX_RATE_5_5MBIT:
2548 bitrate->value = 5500000;
2550 case TX_RATE_11MBIT:
2551 bitrate->value = 11000000;
2557 bitrate->fixed = (priv->txrate != TX_RATE_AUTO);
2558 bitrate->disabled = 0;
2560 at76_dbg(DBG_IOCTL, "%s: SIOCGIWRATE - %d", netdev->name,
2566 static int at76_iw_handler_set_rts(struct net_device *netdev,
2567 struct iw_request_info *info,
2568 struct iw_param *rts, char *extra)
2570 struct at76_priv *priv = netdev_priv(netdev);
2571 int ret = -EIWCOMMIT;
2572 int rthr = rts->value;
2574 at76_dbg(DBG_IOCTL, "%s: SIOCSIWRTS - value %d disabled %s",
2575 netdev->name, rts->value, (rts->disabled) ? "true" : "false");
2578 rthr = MAX_RTS_THRESHOLD;
2580 if ((rthr < 0) || (rthr > MAX_RTS_THRESHOLD))
2583 priv->rts_threshold = rthr;
2588 static int at76_iw_handler_get_rts(struct net_device *netdev,
2589 struct iw_request_info *info,
2590 struct iw_param *rts, char *extra)
2592 struct at76_priv *priv = netdev_priv(netdev);
2594 rts->value = priv->rts_threshold;
2595 rts->disabled = (rts->value >= MAX_RTS_THRESHOLD);
2598 at76_dbg(DBG_IOCTL, "%s: SIOCGIWRTS - value %d disabled %s",
2599 netdev->name, rts->value, (rts->disabled) ? "true" : "false");
2604 static int at76_iw_handler_set_frag(struct net_device *netdev,
2605 struct iw_request_info *info,
2606 struct iw_param *frag, char *extra)
2608 struct at76_priv *priv = netdev_priv(netdev);
2609 int ret = -EIWCOMMIT;
2610 int fthr = frag->value;
2612 at76_dbg(DBG_IOCTL, "%s: SIOCSIWFRAG - value %d, disabled %s",
2613 netdev->name, frag->value,
2614 (frag->disabled) ? "true" : "false");
2617 fthr = MAX_FRAG_THRESHOLD;
2619 if ((fthr < MIN_FRAG_THRESHOLD) || (fthr > MAX_FRAG_THRESHOLD))
2622 priv->frag_threshold = fthr & ~0x1; /* get an even value */
2627 static int at76_iw_handler_get_frag(struct net_device *netdev,
2628 struct iw_request_info *info,
2629 struct iw_param *frag, char *extra)
2631 struct at76_priv *priv = netdev_priv(netdev);
2633 frag->value = priv->frag_threshold;
2634 frag->disabled = (frag->value >= MAX_FRAG_THRESHOLD);
2637 at76_dbg(DBG_IOCTL, "%s: SIOCGIWFRAG - value %d, disabled %s",
2638 netdev->name, frag->value,
2639 (frag->disabled) ? "true" : "false");
2644 static int at76_iw_handler_get_txpow(struct net_device *netdev,
2645 struct iw_request_info *info,
2646 struct iw_param *power, char *extra)
2649 power->fixed = 1; /* No power control */
2650 power->disabled = 0;
2651 power->flags = IW_TXPOW_DBM;
2653 at76_dbg(DBG_IOCTL, "%s: SIOCGIWTXPOW - txpow %d dBm", netdev->name,
2659 /* jal: short retry is handled by the firmware (at least 0.90.x),
2660 while long retry is not (?) */
2661 static int at76_iw_handler_set_retry(struct net_device *netdev,
2662 struct iw_request_info *info,
2663 struct iw_param *retry, char *extra)
2665 struct at76_priv *priv = netdev_priv(netdev);
2666 int ret = -EIWCOMMIT;
2668 at76_dbg(DBG_IOCTL, "%s: SIOCSIWRETRY disabled %d flags 0x%x val %d",
2669 netdev->name, retry->disabled, retry->flags, retry->value);
2671 if (!retry->disabled && (retry->flags & IW_RETRY_LIMIT)) {
2672 if ((retry->flags & IW_RETRY_MIN) ||
2673 !(retry->flags & IW_RETRY_MAX))
2674 priv->short_retry_limit = retry->value;
2683 /* Adapted (ripped) from atmel.c */
2684 static int at76_iw_handler_get_retry(struct net_device *netdev,
2685 struct iw_request_info *info,
2686 struct iw_param *retry, char *extra)
2688 struct at76_priv *priv = netdev_priv(netdev);
2690 at76_dbg(DBG_IOCTL, "%s: SIOCGIWRETRY", netdev->name);
2692 retry->disabled = 0; /* Can't be disabled */
2693 retry->flags = IW_RETRY_LIMIT;
2694 retry->value = priv->short_retry_limit;
2699 static int at76_iw_handler_set_encode(struct net_device *netdev,
2700 struct iw_request_info *info,
2701 struct iw_point *encoding, char *extra)
2703 struct at76_priv *priv = netdev_priv(netdev);
2704 int index = (encoding->flags & IW_ENCODE_INDEX) - 1;
2705 int len = encoding->length;
2707 at76_dbg(DBG_IOCTL, "%s: SIOCSIWENCODE - enc.flags %08x "
2708 "pointer %p len %d", netdev->name, encoding->flags,
2709 encoding->pointer, encoding->length);
2711 "%s: SIOCSIWENCODE - old wepstate: enabled %s key_id %d "
2712 "auth_mode %s", netdev->name,
2713 (priv->wep_enabled) ? "true" : "false", priv->wep_key_id,
2715 WLAN_AUTH_SHARED_KEY) ? "restricted" : "open");
2717 /* take the old default key if index is invalid */
2718 if ((index < 0) || (index >= WEP_KEYS))
2719 index = priv->wep_key_id;
2722 if (len > WEP_LARGE_KEY_LEN)
2723 len = WEP_LARGE_KEY_LEN;
2725 memset(priv->wep_keys[index], 0, WEP_KEY_LEN);
2726 memcpy(priv->wep_keys[index], extra, len);
2727 priv->wep_keys_len[index] = (len <= WEP_SMALL_KEY_LEN) ?
2728 WEP_SMALL_KEY_LEN : WEP_LARGE_KEY_LEN;
2729 priv->wep_enabled = 1;
2732 priv->wep_key_id = index;
2733 priv->wep_enabled = ((encoding->flags & IW_ENCODE_DISABLED) == 0);
2735 if (encoding->flags & IW_ENCODE_RESTRICTED)
2736 priv->auth_mode = WLAN_AUTH_SHARED_KEY;
2737 if (encoding->flags & IW_ENCODE_OPEN)
2738 priv->auth_mode = WLAN_AUTH_OPEN;
2741 "%s: SIOCSIWENCODE - new wepstate: enabled %s key_id %d "
2742 "key_len %d auth_mode %s", netdev->name,
2743 (priv->wep_enabled) ? "true" : "false", priv->wep_key_id + 1,
2744 priv->wep_keys_len[priv->wep_key_id],
2746 WLAN_AUTH_SHARED_KEY) ? "restricted" : "open");
2751 static int at76_iw_handler_get_encode(struct net_device *netdev,
2752 struct iw_request_info *info,
2753 struct iw_point *encoding, char *extra)
2755 struct at76_priv *priv = netdev_priv(netdev);
2756 int index = (encoding->flags & IW_ENCODE_INDEX) - 1;
2758 if ((index < 0) || (index >= WEP_KEYS))
2759 index = priv->wep_key_id;
2762 (priv->auth_mode == WLAN_AUTH_SHARED_KEY) ?
2763 IW_ENCODE_RESTRICTED : IW_ENCODE_OPEN;
2765 if (!priv->wep_enabled)
2766 encoding->flags |= IW_ENCODE_DISABLED;
2768 if (encoding->pointer) {
2769 encoding->length = priv->wep_keys_len[index];
2771 memcpy(extra, priv->wep_keys[index], priv->wep_keys_len[index]);
2773 encoding->flags |= (index + 1);
2776 at76_dbg(DBG_IOCTL, "%s: SIOCGIWENCODE - enc.flags %08x "
2777 "pointer %p len %d", netdev->name, encoding->flags,
2778 encoding->pointer, encoding->length);
2780 "%s: SIOCGIWENCODE - wepstate: enabled %s key_id %d "
2781 "key_len %d auth_mode %s", netdev->name,
2782 (priv->wep_enabled) ? "true" : "false", priv->wep_key_id + 1,
2783 priv->wep_keys_len[priv->wep_key_id],
2785 WLAN_AUTH_SHARED_KEY) ? "restricted" : "open");
2790 static int at76_iw_handler_set_power(struct net_device *netdev,
2791 struct iw_request_info *info,
2792 struct iw_param *prq, char *extra)
2794 int err = -EIWCOMMIT;
2795 struct at76_priv *priv = netdev_priv(netdev);
2798 "%s: SIOCSIWPOWER - disabled %s flags 0x%x value 0x%x",
2799 netdev->name, (prq->disabled) ? "true" : "false", prq->flags,
2803 priv->pm_mode = AT76_PM_OFF;
2805 switch (prq->flags & IW_POWER_MODE) {
2806 case IW_POWER_ALL_R:
2813 if (prq->flags & IW_POWER_PERIOD)
2814 priv->pm_period = prq->value;
2816 if (prq->flags & IW_POWER_TIMEOUT) {
2820 priv->pm_mode = AT76_PM_ON;
2826 static int at76_iw_handler_get_power(struct net_device *netdev,
2827 struct iw_request_info *info,
2828 struct iw_param *power, char *extra)
2830 struct at76_priv *priv = netdev_priv(netdev);
2832 power->disabled = (priv->pm_mode == AT76_PM_OFF);
2833 if (!power->disabled) {
2834 power->flags = IW_POWER_PERIOD | IW_POWER_ALL_R;
2835 power->value = priv->pm_period;
2838 at76_dbg(DBG_IOCTL, "%s: SIOCGIWPOWER - %s flags 0x%x value 0x%x",
2839 netdev->name, power->disabled ? "disabled" : "enabled",
2840 power->flags, power->value);
2845 /*******************************************************************************
2848 static int at76_iw_set_short_preamble(struct net_device *netdev,
2849 struct iw_request_info *info, char *name,
2852 struct at76_priv *priv = netdev_priv(netdev);
2853 int val = *((int *)name);
2854 int ret = -EIWCOMMIT;
2856 at76_dbg(DBG_IOCTL, "%s: AT76_SET_SHORT_PREAMBLE, %d",
2859 if (val < PREAMBLE_TYPE_LONG || val > PREAMBLE_TYPE_AUTO)
2862 priv->preamble_type = val;
2867 static int at76_iw_get_short_preamble(struct net_device *netdev,
2868 struct iw_request_info *info,
2869 union iwreq_data *wrqu, char *extra)
2871 struct at76_priv *priv = netdev_priv(netdev);
2873 snprintf(wrqu->name, sizeof(wrqu->name), "%s (%d)",
2874 preambles[priv->preamble_type], priv->preamble_type);
2878 static int at76_iw_set_debug(struct net_device *netdev,
2879 struct iw_request_info *info,
2880 struct iw_point *data, char *extra)
2885 if (data->length > 0) {
2886 val = simple_strtol(extra, &ptr, 0);
2891 at76_dbg(DBG_IOCTL, "%s: AT76_SET_DEBUG input %d: %s -> 0x%x",
2892 netdev->name, data->length, extra, val);
2896 at76_dbg(DBG_IOCTL, "%s: AT76_SET_DEBUG, old 0x%x, new 0x%x",
2897 netdev->name, at76_debug, val);
2899 /* jal: some more output to pin down lockups */
2900 at76_dbg(DBG_IOCTL, "%s: netif running %d queue_stopped %d "
2901 "carrier_ok %d", netdev->name, netif_running(netdev),
2902 netif_queue_stopped(netdev), netif_carrier_ok(netdev));
2909 static int at76_iw_get_debug(struct net_device *netdev,
2910 struct iw_request_info *info,
2911 union iwreq_data *wrqu, char *extra)
2913 snprintf(wrqu->name, sizeof(wrqu->name), "0x%08x", at76_debug);
2917 static int at76_iw_set_powersave_mode(struct net_device *netdev,
2918 struct iw_request_info *info, char *name,
2921 struct at76_priv *priv = netdev_priv(netdev);
2922 int val = *((int *)name);
2923 int ret = -EIWCOMMIT;
2925 at76_dbg(DBG_IOCTL, "%s: AT76_SET_POWERSAVE_MODE, %d (%s)",
2927 val == AT76_PM_OFF ? "active" : val == AT76_PM_ON ? "save" :
2928 val == AT76_PM_SMART ? "smart save" : "<invalid>");
2929 if (val < AT76_PM_OFF || val > AT76_PM_SMART)
2932 priv->pm_mode = val;
2937 static int at76_iw_get_powersave_mode(struct net_device *netdev,
2938 struct iw_request_info *info,
2939 union iwreq_data *wrqu, char *extra)
2941 struct at76_priv *priv = netdev_priv(netdev);
2942 int *param = (int *)extra;
2944 param[0] = priv->pm_mode;
2948 static int at76_iw_set_scan_times(struct net_device *netdev,
2949 struct iw_request_info *info, char *name,
2952 struct at76_priv *priv = netdev_priv(netdev);
2953 int mint = *((int *)name);
2954 int maxt = *((int *)name + 1);
2955 int ret = -EIWCOMMIT;
2957 at76_dbg(DBG_IOCTL, "%s: AT76_SET_SCAN_TIMES - min %d max %d",
2958 netdev->name, mint, maxt);
2959 if (mint <= 0 || maxt <= 0 || mint > maxt)
2962 priv->scan_min_time = mint;
2963 priv->scan_max_time = maxt;
2969 static int at76_iw_get_scan_times(struct net_device *netdev,
2970 struct iw_request_info *info,
2971 union iwreq_data *wrqu, char *extra)
2973 struct at76_priv *priv = netdev_priv(netdev);
2974 int *param = (int *)extra;
2976 param[0] = priv->scan_min_time;
2977 param[1] = priv->scan_max_time;
2981 static int at76_iw_set_scan_mode(struct net_device *netdev,
2982 struct iw_request_info *info, char *name,
2985 struct at76_priv *priv = netdev_priv(netdev);
2986 int val = *((int *)name);
2987 int ret = -EIWCOMMIT;
2989 at76_dbg(DBG_IOCTL, "%s: AT76_SET_SCAN_MODE - mode %s",
2990 netdev->name, (val = SCAN_TYPE_ACTIVE) ? "active" :
2991 (val = SCAN_TYPE_PASSIVE) ? "passive" : "<invalid>");
2993 if (val != SCAN_TYPE_ACTIVE && val != SCAN_TYPE_PASSIVE)
2996 priv->scan_mode = val;
3001 static int at76_iw_get_scan_mode(struct net_device *netdev,
3002 struct iw_request_info *info,
3003 union iwreq_data *wrqu, char *extra)
3005 struct at76_priv *priv = netdev_priv(netdev);
3006 int *param = (int *)extra;
3008 param[0] = priv->scan_mode;
3012 #define AT76_SET_HANDLER(h, f) [h - SIOCIWFIRST] = (iw_handler) f
3014 /* Standard wireless handlers */
3015 static const iw_handler at76_handlers[] = {
3016 AT76_SET_HANDLER(SIOCSIWCOMMIT, at76_iw_handler_commit),
3017 AT76_SET_HANDLER(SIOCGIWNAME, at76_iw_handler_get_name),
3018 AT76_SET_HANDLER(SIOCSIWFREQ, at76_iw_handler_set_freq),
3019 AT76_SET_HANDLER(SIOCGIWFREQ, at76_iw_handler_get_freq),
3020 AT76_SET_HANDLER(SIOCSIWMODE, at76_iw_handler_set_mode),
3021 AT76_SET_HANDLER(SIOCGIWMODE, at76_iw_handler_get_mode),
3022 AT76_SET_HANDLER(SIOCGIWRANGE, at76_iw_handler_get_range),
3023 AT76_SET_HANDLER(SIOCSIWSPY, at76_iw_handler_set_spy),
3024 AT76_SET_HANDLER(SIOCGIWSPY, at76_iw_handler_get_spy),
3025 AT76_SET_HANDLER(SIOCSIWTHRSPY, at76_iw_handler_set_thrspy),
3026 AT76_SET_HANDLER(SIOCGIWTHRSPY, at76_iw_handler_get_thrspy),
3027 AT76_SET_HANDLER(SIOCSIWAP, at76_iw_handler_set_wap),
3028 AT76_SET_HANDLER(SIOCGIWAP, at76_iw_handler_get_wap),
3029 AT76_SET_HANDLER(SIOCSIWSCAN, at76_iw_handler_set_scan),
3030 AT76_SET_HANDLER(SIOCGIWSCAN, at76_iw_handler_get_scan),
3031 AT76_SET_HANDLER(SIOCSIWESSID, at76_iw_handler_set_essid),
3032 AT76_SET_HANDLER(SIOCGIWESSID, at76_iw_handler_get_essid),
3033 AT76_SET_HANDLER(SIOCSIWRATE, at76_iw_handler_set_rate),
3034 AT76_SET_HANDLER(SIOCGIWRATE, at76_iw_handler_get_rate),
3035 AT76_SET_HANDLER(SIOCSIWRTS, at76_iw_handler_set_rts),
3036 AT76_SET_HANDLER(SIOCGIWRTS, at76_iw_handler_get_rts),
3037 AT76_SET_HANDLER(SIOCSIWFRAG, at76_iw_handler_set_frag),
3038 AT76_SET_HANDLER(SIOCGIWFRAG, at76_iw_handler_get_frag),
3039 AT76_SET_HANDLER(SIOCGIWTXPOW, at76_iw_handler_get_txpow),
3040 AT76_SET_HANDLER(SIOCSIWRETRY, at76_iw_handler_set_retry),
3041 AT76_SET_HANDLER(SIOCGIWRETRY, at76_iw_handler_get_retry),
3042 AT76_SET_HANDLER(SIOCSIWENCODE, at76_iw_handler_set_encode),
3043 AT76_SET_HANDLER(SIOCGIWENCODE, at76_iw_handler_get_encode),
3044 AT76_SET_HANDLER(SIOCSIWPOWER, at76_iw_handler_set_power),
3045 AT76_SET_HANDLER(SIOCGIWPOWER, at76_iw_handler_get_power)
3048 #define AT76_SET_PRIV(h, f) [h - SIOCIWFIRSTPRIV] = (iw_handler) f
3050 /* Private wireless handlers */
3051 static const iw_handler at76_priv_handlers[] = {
3052 AT76_SET_PRIV(AT76_SET_SHORT_PREAMBLE, at76_iw_set_short_preamble),
3053 AT76_SET_PRIV(AT76_GET_SHORT_PREAMBLE, at76_iw_get_short_preamble),
3054 AT76_SET_PRIV(AT76_SET_DEBUG, at76_iw_set_debug),
3055 AT76_SET_PRIV(AT76_GET_DEBUG, at76_iw_get_debug),
3056 AT76_SET_PRIV(AT76_SET_POWERSAVE_MODE, at76_iw_set_powersave_mode),
3057 AT76_SET_PRIV(AT76_GET_POWERSAVE_MODE, at76_iw_get_powersave_mode),
3058 AT76_SET_PRIV(AT76_SET_SCAN_TIMES, at76_iw_set_scan_times),
3059 AT76_SET_PRIV(AT76_GET_SCAN_TIMES, at76_iw_get_scan_times),
3060 AT76_SET_PRIV(AT76_SET_SCAN_MODE, at76_iw_set_scan_mode),
3061 AT76_SET_PRIV(AT76_GET_SCAN_MODE, at76_iw_get_scan_mode),
3064 /* Names and arguments of private wireless handlers */
3065 static const struct iw_priv_args at76_priv_args[] = {
3066 /* 0 - long, 1 - short */
3067 {AT76_SET_SHORT_PREAMBLE,
3068 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, "set_preamble"},
3070 {AT76_GET_SHORT_PREAMBLE,
3071 0, IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | 10, "get_preamble"},
3073 /* we must pass the new debug mask as a string, because iwpriv cannot
3074 * parse hex numbers starting with 0x :-( */
3076 IW_PRIV_TYPE_CHAR | 10, 0, "set_debug"},
3079 0, IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | 10, "get_debug"},
3081 /* 1 - active, 2 - power save, 3 - smart power save */
3082 {AT76_SET_POWERSAVE_MODE,
3083 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, "set_powersave"},
3085 {AT76_GET_POWERSAVE_MODE,
3086 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_powersave"},
3088 /* min_channel_time, max_channel_time */
3089 {AT76_SET_SCAN_TIMES,
3090 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2, 0, "set_scan_times"},
3092 {AT76_GET_SCAN_TIMES,
3093 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2, "get_scan_times"},
3095 /* 0 - active, 1 - passive scan */
3096 {AT76_SET_SCAN_MODE,
3097 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, "set_scan_mode"},
3099 {AT76_GET_SCAN_MODE,
3100 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_scan_mode"},
3103 static const struct iw_handler_def at76_handler_def = {
3104 .num_standard = ARRAY_SIZE(at76_handlers),
3105 .num_private = ARRAY_SIZE(at76_priv_handlers),
3106 .num_private_args = ARRAY_SIZE(at76_priv_args),
3107 .standard = at76_handlers,
3108 .private = at76_priv_handlers,
3109 .private_args = at76_priv_args,
3110 .get_wireless_stats = at76_get_wireless_stats,
3113 static const u8 snapsig[] = { 0xaa, 0xaa, 0x03 };
3115 /* RFC 1042 encapsulates Ethernet frames in 802.2 SNAP (0xaa, 0xaa, 0x03) with
3116 * a SNAP OID of 0 (0x00, 0x00, 0x00) */
3117 static const u8 rfc1042sig[] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
3119 static int at76_tx(struct sk_buff *skb, struct net_device *netdev)
3121 struct at76_priv *priv = netdev_priv(netdev);
3122 struct net_device_stats *stats = &priv->stats;
3126 struct at76_tx_buffer *tx_buffer = priv->bulk_out_buffer;
3127 struct ieee80211_hdr_3addr *i802_11_hdr =
3128 (struct ieee80211_hdr_3addr *)tx_buffer->packet;
3129 u8 *payload = i802_11_hdr->payload;
3130 struct ethhdr *eh = (struct ethhdr *)skb->data;
3132 if (netif_queue_stopped(netdev)) {
3133 printk(KERN_ERR "%s: %s called while netdev is stopped\n",
3134 netdev->name, __func__);
3135 /* skip this packet */
3137 return NETDEV_TX_OK;
3140 if (priv->tx_urb->status == -EINPROGRESS) {
3141 printk(KERN_ERR "%s: %s called while tx urb is pending\n",
3142 netdev->name, __func__);
3143 /* skip this packet */
3145 return NETDEV_TX_OK;
3148 if (skb->len < ETH_HLEN) {
3149 printk(KERN_ERR "%s: %s: skb too short (%d)\n",
3150 netdev->name, __func__, skb->len);
3152 return NETDEV_TX_OK;
3155 at76_ledtrig_tx_activity(); /* tell ledtrigger we send a packet */
3157 /* we can get rid of memcpy if we set netdev->hard_header_len to
3158 reserve enough space, but we would need to keep the skb around */
3160 if (ntohs(eh->h_proto) <= ETH_DATA_LEN) {
3161 /* this is a 802.3 packet */
3162 if (skb->len >= ETH_HLEN + sizeof(rfc1042sig)
3163 && skb->data[ETH_HLEN] == rfc1042sig[0]
3164 && skb->data[ETH_HLEN + 1] == rfc1042sig[1]) {
3165 /* higher layer delivered SNAP header - keep it */
3166 memcpy(payload, skb->data + ETH_HLEN,
3167 skb->len - ETH_HLEN);
3168 wlen = IEEE80211_3ADDR_LEN + skb->len - ETH_HLEN;
3170 printk(KERN_ERR "%s: dropping non-SNAP 802.2 packet "
3171 "(DSAP 0x%02x SSAP 0x%02x cntrl 0x%02x)\n",
3172 priv->netdev->name, skb->data[ETH_HLEN],
3173 skb->data[ETH_HLEN + 1],
3174 skb->data[ETH_HLEN + 2]);
3176 return NETDEV_TX_OK;
3179 /* add RFC 1042 header in front */
3180 memcpy(payload, rfc1042sig, sizeof(rfc1042sig));
3181 memcpy(payload + sizeof(rfc1042sig), &eh->h_proto,
3182 skb->len - offsetof(struct ethhdr, h_proto));
3183 wlen = IEEE80211_3ADDR_LEN + sizeof(rfc1042sig) + skb->len -
3184 offsetof(struct ethhdr, h_proto);
3187 /* make wireless header */
3188 i802_11_hdr->frame_ctl =
3189 cpu_to_le16(IEEE80211_FTYPE_DATA |
3190 (priv->wep_enabled ? IEEE80211_FCTL_PROTECTED : 0) |
3192 IW_MODE_INFRA ? IEEE80211_FCTL_TODS : 0));
3194 if (priv->iw_mode == IW_MODE_ADHOC) {
3195 memcpy(i802_11_hdr->addr1, eh->h_dest, ETH_ALEN);
3196 memcpy(i802_11_hdr->addr2, eh->h_source, ETH_ALEN);
3197 memcpy(i802_11_hdr->addr3, priv->bssid, ETH_ALEN);
3198 } else if (priv->iw_mode == IW_MODE_INFRA) {
3199 memcpy(i802_11_hdr->addr1, priv->bssid, ETH_ALEN);
3200 memcpy(i802_11_hdr->addr2, eh->h_source, ETH_ALEN);
3201 memcpy(i802_11_hdr->addr3, eh->h_dest, ETH_ALEN);
3204 i802_11_hdr->duration_id = cpu_to_le16(0);
3205 i802_11_hdr->seq_ctl = cpu_to_le16(0);
3207 /* setup 'Atmel' header */
3208 tx_buffer->wlength = cpu_to_le16(wlen);
3209 tx_buffer->tx_rate = priv->txrate;
3210 /* for broadcast destination addresses, the firmware 0.100.x
3211 seems to choose the highest rate set with CMD_STARTUP in
3212 basic_rate_set replacing this value */
3214 memset(tx_buffer->reserved, 0, sizeof(tx_buffer->reserved));
3216 tx_buffer->padding = at76_calc_padding(wlen);
3217 submit_len = wlen + AT76_TX_HDRLEN + tx_buffer->padding;
3219 at76_dbg(DBG_TX_DATA_CONTENT, "%s skb->data %s", priv->netdev->name,
3220 hex2str(skb->data, 32));
3221 at76_dbg(DBG_TX_DATA, "%s tx: wlen 0x%x pad 0x%x rate %d hdr %s",
3223 le16_to_cpu(tx_buffer->wlength),
3224 tx_buffer->padding, tx_buffer->tx_rate,
3225 hex2str(i802_11_hdr, sizeof(*i802_11_hdr)));
3226 at76_dbg(DBG_TX_DATA_CONTENT, "%s payload %s", priv->netdev->name,
3227 hex2str(payload, 48));
3230 netif_stop_queue(netdev);
3231 netdev->trans_start = jiffies;
3233 usb_fill_bulk_urb(priv->tx_urb, priv->udev, priv->tx_pipe, tx_buffer,
3234 submit_len, at76_tx_callback, priv);
3235 ret = usb_submit_urb(priv->tx_urb, GFP_ATOMIC);
3238 printk(KERN_ERR "%s: error in tx submit urb: %d\n",
3242 "%s: -EINVAL: tx urb %p hcpriv %p complete %p\n",
3243 priv->netdev->name, priv->tx_urb,
3244 priv->tx_urb->hcpriv, priv->tx_urb->complete);
3246 stats->tx_bytes += skb->len;
3249 return NETDEV_TX_OK;
3252 static void at76_tx_timeout(struct net_device *netdev)
3254 struct at76_priv *priv = netdev_priv(netdev);
3258 dev_warn(&netdev->dev, "tx timeout.");
3260 usb_unlink_urb(priv->tx_urb);
3261 priv->stats.tx_errors++;
3264 static int at76_submit_rx_urb(struct at76_priv *priv)
3268 struct sk_buff *skb = priv->rx_skb;
3270 if (!priv->rx_urb) {
3271 printk(KERN_ERR "%s: %s: priv->rx_urb is NULL\n",
3272 priv->netdev->name, __func__);
3277 skb = dev_alloc_skb(sizeof(struct at76_rx_buffer));
3279 printk(KERN_ERR "%s: cannot allocate rx skbuff\n",
3280 priv->netdev->name);
3286 skb_push(skb, skb_headroom(skb));
3290 size = skb_tailroom(skb);
3291 usb_fill_bulk_urb(priv->rx_urb, priv->udev, priv->rx_pipe,
3292 skb_put(skb, size), size, at76_rx_callback, priv);
3293 ret = usb_submit_urb(priv->rx_urb, GFP_ATOMIC);
3296 at76_dbg(DBG_DEVSTART,
3297 "usb_submit_urb returned -ENODEV");
3299 printk(KERN_ERR "%s: rx, usb_submit_urb failed: %d\n",
3300 priv->netdev->name, ret);
3304 if (ret < 0 && ret != -ENODEV)
3305 printk(KERN_ERR "%s: cannot submit rx urb - please unload the "
3306 "driver and/or power cycle the device\n",
3307 priv->netdev->name);
3312 static int at76_open(struct net_device *netdev)
3314 struct at76_priv *priv = netdev_priv(netdev);
3317 at76_dbg(DBG_PROC_ENTRY, "%s(): entry", __func__);
3319 if (mutex_lock_interruptible(&priv->mtx))
3322 /* if netdev->dev_addr != priv->mac_addr we must
3323 set the mac address in the device ! */
3324 if (compare_ether_addr(netdev->dev_addr, priv->mac_addr)) {
3325 if (at76_add_mac_address(priv, netdev->dev_addr) >= 0)
3326 at76_dbg(DBG_PROGRESS, "%s: set new MAC addr %s",
3327 netdev->name, mac2str(netdev->dev_addr));
3330 priv->scan_state = SCAN_IDLE;
3331 priv->last_scan = jiffies;
3333 ret = at76_submit_rx_urb(priv);
3335 printk(KERN_ERR "%s: open: submit_rx_urb failed: %d\n",
3340 schedule_delayed_work(&priv->dwork_restart, 0);
3342 at76_dbg(DBG_PROC_ENTRY, "%s(): end", __func__);
3344 mutex_unlock(&priv->mtx);
3345 return ret < 0 ? ret : 0;
3348 static int at76_stop(struct net_device *netdev)
3350 struct at76_priv *priv = netdev_priv(netdev);
3352 at76_dbg(DBG_DEVSTART, "%s: ENTER", __func__);
3354 if (mutex_lock_interruptible(&priv->mtx))
3359 if (!priv->device_unplugged) {
3360 /* We are called by "ifconfig ethX down", not because the
3361 * device is not available anymore. */
3362 at76_set_radio(priv, 0);
3364 /* We unlink rx_urb because at76_open() re-submits it.
3365 * If unplugged, at76_delete_device() takes care of it. */
3366 usb_kill_urb(priv->rx_urb);
3369 /* free the bss_list */
3370 at76_free_bss_list(priv);
3372 mutex_unlock(&priv->mtx);
3373 at76_dbg(DBG_DEVSTART, "%s: EXIT", __func__);
3378 static void at76_ethtool_get_drvinfo(struct net_device *netdev,
3379 struct ethtool_drvinfo *info)
3381 struct at76_priv *priv = netdev_priv(netdev);
3383 strncpy(info->driver, DRIVER_NAME, sizeof(info->driver));
3384 strncpy(info->version, DRIVER_VERSION, sizeof(info->version));
3386 usb_make_path(priv->udev, info->bus_info, sizeof(info->bus_info));
3388 snprintf(info->fw_version, sizeof(info->fw_version), "%d.%d.%d-%d",
3389 priv->fw_version.major, priv->fw_version.minor,
3390 priv->fw_version.patch, priv->fw_version.build);
3393 static u32 at76_ethtool_get_link(struct net_device *netdev)
3395 struct at76_priv *priv = netdev_priv(netdev);
3396 return priv->mac_state == MAC_CONNECTED;
3399 static const struct ethtool_ops at76_ethtool_ops = {
3400 .get_drvinfo = at76_ethtool_get_drvinfo,
3401 .get_link = at76_ethtool_get_link,
3404 /* Download external firmware */
3405 static int at76_load_external_fw(struct usb_device *udev, struct fwentry *fwe)
3412 u8 *buf = fwe->extfw;
3413 int size = fwe->extfw_size;
3418 op_mode = at76_get_op_mode(udev);
3419 at76_dbg(DBG_DEVSTART, "opmode %d", op_mode);
3421 if (op_mode != OPMODE_NORMAL_NIC_WITHOUT_FLASH) {
3422 dev_printk(KERN_ERR, &udev->dev, "unexpected opmode %d\n",
3427 block = kmalloc(FW_BLOCK_SIZE, GFP_KERNEL);
3431 at76_dbg(DBG_DEVSTART, "downloading external firmware");
3433 /* for fw >= 0.100, the device needs an extra empty block */
3435 bsize = min_t(int, size, FW_BLOCK_SIZE);
3436 memcpy(block, buf, bsize);
3437 at76_dbg(DBG_DEVSTART,
3438 "ext fw, size left = %5d, bsize = %4d, blockno = %2d",
3439 size, bsize, blockno);
3440 ret = at76_load_ext_fw_block(udev, blockno, block, bsize);
3442 dev_printk(KERN_ERR, &udev->dev,
3443 "loading %dth firmware block failed: %d\n",
3450 } while (bsize > 0);
3452 if (at76_is_505a(fwe->board_type)) {
3453 at76_dbg(DBG_DEVSTART, "200 ms delay for 505a");
3454 schedule_timeout_interruptible(HZ / 5 + 1);
3460 dev_printk(KERN_ERR, &udev->dev,
3461 "downloading external firmware failed: %d\n", ret);
3465 /* Download internal firmware */
3466 static int at76_load_internal_fw(struct usb_device *udev, struct fwentry *fwe)
3469 int need_remap = !at76_is_505a(fwe->board_type);
3471 ret = at76_usbdfu_download(udev, fwe->intfw, fwe->intfw_size,
3472 need_remap ? 0 : 2 * HZ);
3475 dev_printk(KERN_ERR, &udev->dev,
3476 "downloading internal fw failed with %d\n", ret);
3480 at76_dbg(DBG_DEVSTART, "sending REMAP");
3482 /* no REMAP for 505A (see SF driver) */
3484 ret = at76_remap(udev);
3486 dev_printk(KERN_ERR, &udev->dev,
3487 "sending REMAP failed with %d\n", ret);
3492 at76_dbg(DBG_DEVSTART, "sleeping for 2 seconds");
3493 schedule_timeout_interruptible(2 * HZ + 1);
3494 usb_reset_device(udev);
3500 static int at76_match_essid(struct at76_priv *priv, struct bss_info *ptr)
3502 /* common criteria for both modi */
3504 int ret = (priv->essid_size == 0 /* ANY ssid */ ||
3505 (priv->essid_size == ptr->ssid_len &&
3506 !memcmp(priv->essid, ptr->ssid, ptr->ssid_len)));
3508 at76_dbg(DBG_BSS_MATCH,
3509 "%s bss table entry %p: essid didn't match",
3510 priv->netdev->name, ptr);
3514 static inline int at76_match_mode(struct at76_priv *priv, struct bss_info *ptr)
3518 if (priv->iw_mode == IW_MODE_ADHOC)
3519 ret = ptr->capa & WLAN_CAPABILITY_IBSS;
3521 ret = ptr->capa & WLAN_CAPABILITY_ESS;
3523 at76_dbg(DBG_BSS_MATCH,
3524 "%s bss table entry %p: mode didn't match",
3525 priv->netdev->name, ptr);
3529 static int at76_match_rates(struct at76_priv *priv, struct bss_info *ptr)
3533 for (i = 0; i < ptr->rates_len; i++) {
3534 u8 rate = ptr->rates[i];
3539 /* this is a basic rate we have to support
3540 (see IEEE802.11, ch. 7.3.2.2) */
3541 if (rate != (0x80 | hw_rates[0])
3542 && rate != (0x80 | hw_rates[1])
3543 && rate != (0x80 | hw_rates[2])
3544 && rate != (0x80 | hw_rates[3])) {
3545 at76_dbg(DBG_BSS_MATCH,
3546 "%s: bss table entry %p: basic rate %02x not "
3547 "supported", priv->netdev->name, ptr, rate);
3552 /* if we use short preamble, the bss must support it */
3553 if (priv->preamble_type == PREAMBLE_TYPE_SHORT &&
3554 !(ptr->capa & WLAN_CAPABILITY_SHORT_PREAMBLE)) {
3555 at76_dbg(DBG_BSS_MATCH,
3556 "%s: %p does not support short preamble",
3557 priv->netdev->name, ptr);
3563 static inline int at76_match_wep(struct at76_priv *priv, struct bss_info *ptr)
3565 if (!priv->wep_enabled && ptr->capa & WLAN_CAPABILITY_PRIVACY) {
3566 /* we have disabled WEP, but the BSS signals privacy */
3567 at76_dbg(DBG_BSS_MATCH,
3568 "%s: bss table entry %p: requires encryption",
3569 priv->netdev->name, ptr);
3572 /* otherwise if the BSS does not signal privacy it may well
3573 accept encrypted packets from us ... */
3577 static inline int at76_match_bssid(struct at76_priv *priv, struct bss_info *ptr)
3579 if (!priv->wanted_bssid_valid ||
3580 !compare_ether_addr(ptr->bssid, priv->wanted_bssid))
3583 at76_dbg(DBG_BSS_MATCH,
3584 "%s: requested bssid - %s does not match",
3585 priv->netdev->name, mac2str(priv->wanted_bssid));
3586 at76_dbg(DBG_BSS_MATCH,
3587 " AP bssid - %s of bss table entry %p",
3588 mac2str(ptr->bssid), ptr);
3593 * at76_match_bss - try to find a matching bss in priv->bss
3595 * last - last bss tried
3597 * last == NULL signals a new round starting with priv->bss_list.next
3598 * this function must be called inside an acquired priv->bss_list_spinlock
3599 * otherwise the timeout on bss may remove the newly chosen entry
3601 static struct bss_info *at76_match_bss(struct at76_priv *priv,
3602 struct bss_info *last)
3604 struct bss_info *ptr = NULL;
3605 struct list_head *curr;
3607 curr = last ? last->list.next : priv->bss_list.next;
3608 while (curr != &priv->bss_list) {
3609 ptr = list_entry(curr, struct bss_info, list);
3610 if (at76_match_essid(priv, ptr) && at76_match_mode(priv, ptr)
3611 && at76_match_wep(priv, ptr) && at76_match_rates(priv, ptr)
3612 && at76_match_bssid(priv, ptr))
3617 if (curr == &priv->bss_list)
3619 /* otherwise ptr points to the struct bss_info we have chosen */
3621 at76_dbg(DBG_BSS_TABLE, "%s %s: returned %p", priv->netdev->name,
3626 /* Start joining a matching BSS, or create own IBSS */
3627 static void at76_work_join(struct work_struct *work)
3629 struct at76_priv *priv = container_of(work, struct at76_priv,
3632 unsigned long flags;
3634 mutex_lock(&priv->mtx);
3636 WARN_ON(priv->mac_state != MAC_JOINING);
3637 if (priv->mac_state != MAC_JOINING)
3640 /* secure the access to priv->curr_bss ! */
3641 spin_lock_irqsave(&priv->bss_list_spinlock, flags);
3642 priv->curr_bss = at76_match_bss(priv, priv->curr_bss);
3643 spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
3645 if (!priv->curr_bss) {
3646 /* here we haven't found a matching (i)bss ... */
3647 if (priv->iw_mode == IW_MODE_ADHOC) {
3648 at76_set_mac_state(priv, MAC_OWN_IBSS);
3649 at76_start_ibss(priv);
3652 /* haven't found a matching BSS in infra mode - try again */
3653 at76_set_mac_state(priv, MAC_SCANNING);
3654 schedule_work(&priv->work_start_scan);
3658 ret = at76_join_bss(priv, priv->curr_bss);
3660 printk(KERN_ERR "%s: join_bss failed with %d\n",
3661 priv->netdev->name, ret);
3665 ret = at76_wait_completion(priv, CMD_JOIN);
3666 if (ret != CMD_STATUS_COMPLETE) {
3667 if (ret != CMD_STATUS_TIME_OUT)
3668 printk(KERN_ERR "%s: join_bss completed with %d\n",
3669 priv->netdev->name, ret);
3671 printk(KERN_INFO "%s: join_bss ssid %s timed out\n",
3673 mac2str(priv->curr_bss->bssid));
3675 /* retry next BSS immediately */
3676 schedule_work(&priv->work_join);
3680 /* here we have joined the (I)BSS */
3681 if (priv->iw_mode == IW_MODE_ADHOC) {
3682 struct bss_info *bptr = priv->curr_bss;
3683 at76_set_mac_state(priv, MAC_CONNECTED);
3684 /* get ESSID, BSSID and channel for priv->curr_bss */
3685 priv->essid_size = bptr->ssid_len;
3686 memcpy(priv->essid, bptr->ssid, bptr->ssid_len);
3687 memcpy(priv->bssid, bptr->bssid, ETH_ALEN);
3688 priv->channel = bptr->channel;
3689 at76_iwevent_bss_connect(priv->netdev, bptr->bssid);
3690 netif_carrier_on(priv->netdev);
3691 netif_start_queue(priv->netdev);
3692 /* just to be sure */
3693 cancel_delayed_work(&priv->dwork_get_scan);
3694 cancel_delayed_work(&priv->dwork_auth);
3695 cancel_delayed_work(&priv->dwork_assoc);
3698 priv->retries = AUTH_RETRIES;
3699 at76_set_mac_state(priv, MAC_AUTH);
3700 at76_auth_req(priv, priv->curr_bss, 1, NULL);
3701 at76_dbg(DBG_MGMT_TIMER,
3702 "%s:%d: starting mgmt_timer + HZ", __func__, __LINE__);
3703 schedule_delayed_work(&priv->dwork_auth, AUTH_TIMEOUT);
3707 mutex_unlock(&priv->mtx);
3710 /* Reap scan results */
3711 static void at76_dwork_get_scan(struct work_struct *work)
3715 struct at76_priv *priv = container_of(work, struct at76_priv,
3716 dwork_get_scan.work);
3718 mutex_lock(&priv->mtx);
3719 WARN_ON(priv->mac_state != MAC_SCANNING);
3720 if (priv->mac_state != MAC_SCANNING)
3723 status = at76_get_cmd_status(priv->udev, CMD_SCAN);
3725 printk(KERN_ERR "%s: %s: at76_get_cmd_status failed with %d\n",
3726 priv->netdev->name, __func__, status);
3727 status = CMD_STATUS_IN_PROGRESS;
3728 /* INFO: Hope it was a one off error - if not, scanning
3729 further down the line and stop this cycle */
3731 at76_dbg(DBG_PROGRESS,
3732 "%s %s: got cmd_status %d (state %s, need_any %d)",
3733 priv->netdev->name, __func__, status,
3734 mac_states[priv->mac_state], priv->scan_need_any);
3736 if (status != CMD_STATUS_COMPLETE) {
3737 if ((status != CMD_STATUS_IN_PROGRESS) &&
3738 (status != CMD_STATUS_IDLE))
3739 printk(KERN_ERR "%s: %s: Bad scan status: %s\n",
3740 priv->netdev->name, __func__,
3741 at76_get_cmd_status_string(status));
3743 /* the first cmd status after scan start is always a IDLE ->
3744 start the timer to poll again until COMPLETED */
3745 at76_dbg(DBG_MGMT_TIMER,
3746 "%s:%d: starting mgmt_timer for %d ticks",
3747 __func__, __LINE__, SCAN_POLL_INTERVAL);
3748 schedule_delayed_work(&priv->dwork_get_scan,
3749 SCAN_POLL_INTERVAL);
3753 if (at76_debug & DBG_BSS_TABLE)
3754 at76_dump_bss_table(priv);
3756 if (priv->scan_need_any) {
3757 ret = at76_start_scan(priv, 0);
3760 "%s: %s: start_scan (ANY) failed with %d\n",
3761 priv->netdev->name, __func__, ret);
3762 at76_dbg(DBG_MGMT_TIMER,
3763 "%s:%d: starting mgmt_timer for %d ticks", __func__,
3764 __LINE__, SCAN_POLL_INTERVAL);
3765 schedule_delayed_work(&priv->dwork_get_scan,
3766 SCAN_POLL_INTERVAL);
3767 priv->scan_need_any = 0;
3769 priv->scan_state = SCAN_COMPLETED;
3770 /* report the end of scan to user space */
3771 at76_iwevent_scan_complete(priv->netdev);
3772 at76_set_mac_state(priv, MAC_JOINING);
3773 schedule_work(&priv->work_join);
3777 mutex_unlock(&priv->mtx);
3780 /* Handle loss of beacons from the AP */
3781 static void at76_dwork_beacon(struct work_struct *work)
3783 struct at76_priv *priv = container_of(work, struct at76_priv,
3786 mutex_lock(&priv->mtx);
3787 if (priv->mac_state != MAC_CONNECTED || priv->iw_mode != IW_MODE_INFRA)
3790 /* We haven't received any beacons from out AP for BEACON_TIMEOUT */
3791 printk(KERN_INFO "%s: lost beacon bssid %s\n",
3792 priv->netdev->name, mac2str(priv->curr_bss->bssid));
3794 netif_carrier_off(priv->netdev);
3795 netif_stop_queue(priv->netdev);
3796 at76_iwevent_bss_disconnect(priv->netdev);
3797 at76_set_mac_state(priv, MAC_SCANNING);
3798 schedule_work(&priv->work_start_scan);
3801 mutex_unlock(&priv->mtx);
3804 /* Handle authentication response timeout */
3805 static void at76_dwork_auth(struct work_struct *work)
3807 struct at76_priv *priv = container_of(work, struct at76_priv,
3810 mutex_lock(&priv->mtx);
3811 WARN_ON(priv->mac_state != MAC_AUTH);
3812 if (priv->mac_state != MAC_AUTH)
3815 at76_dbg(DBG_PROGRESS, "%s: authentication response timeout",
3816 priv->netdev->name);
3818 if (priv->retries-- >= 0) {
3819 at76_auth_req(priv, priv->curr_bss, 1, NULL);
3820 at76_dbg(DBG_MGMT_TIMER, "%s:%d: starting mgmt_timer + HZ",
3821 __func__, __LINE__);
3822 schedule_delayed_work(&priv->dwork_auth, AUTH_TIMEOUT);
3824 /* try to get next matching BSS */
3825 at76_set_mac_state(priv, MAC_JOINING);
3826 schedule_work(&priv->work_join);
3830 mutex_unlock(&priv->mtx);
3833 /* Handle association response timeout */
3834 static void at76_dwork_assoc(struct work_struct *work)
3836 struct at76_priv *priv = container_of(work, struct at76_priv,
3839 mutex_lock(&priv->mtx);
3840 WARN_ON(priv->mac_state != MAC_ASSOC);
3841 if (priv->mac_state != MAC_ASSOC)
3844 at76_dbg(DBG_PROGRESS, "%s: association response timeout",
3845 priv->netdev->name);
3847 if (priv->retries-- >= 0) {
3848 at76_assoc_req(priv, priv->curr_bss);
3849 at76_dbg(DBG_MGMT_TIMER, "%s:%d: starting mgmt_timer + HZ",
3850 __func__, __LINE__);
3851 schedule_delayed_work(&priv->dwork_assoc, ASSOC_TIMEOUT);
3853 /* try to get next matching BSS */
3854 at76_set_mac_state(priv, MAC_JOINING);
3855 schedule_work(&priv->work_join);
3859 mutex_unlock(&priv->mtx);
3862 /* Read new bssid in ad-hoc mode */
3863 static void at76_work_new_bss(struct work_struct *work)
3865 struct at76_priv *priv = container_of(work, struct at76_priv,
3868 struct mib_mac_mgmt mac_mgmt;
3870 mutex_lock(&priv->mtx);
3872 ret = at76_get_mib(priv->udev, MIB_MAC_MGMT, &mac_mgmt,
3873 sizeof(struct mib_mac_mgmt));
3875 printk(KERN_ERR "%s: at76_get_mib failed: %d\n",
3876 priv->netdev->name, ret);
3880 at76_dbg(DBG_PROGRESS, "ibss_change = 0x%2x", mac_mgmt.ibss_change);
3881 memcpy(priv->bssid, mac_mgmt.current_bssid, ETH_ALEN);
3882 at76_dbg(DBG_PROGRESS, "using BSSID %s", mac2str(priv->bssid));
3884 at76_iwevent_bss_connect(priv->netdev, priv->bssid);
3886 priv->mib_buf.type = MIB_MAC_MGMT;
3887 priv->mib_buf.size = 1;
3888 priv->mib_buf.index = offsetof(struct mib_mac_mgmt, ibss_change);
3889 priv->mib_buf.data.byte = 0;
3891 ret = at76_set_mib(priv, &priv->mib_buf);
3893 printk(KERN_ERR "%s: set_mib (ibss change ok) failed: %d\n",
3894 priv->netdev->name, ret);
3897 mutex_unlock(&priv->mtx);
3900 static int at76_startup_device(struct at76_priv *priv)
3902 struct at76_card_config *ccfg = &priv->card_config;
3905 at76_dbg(DBG_PARAMS,
3906 "%s param: ssid %.*s (%s) mode %s ch %d wep %s key %d "
3907 "keylen %d", priv->netdev->name, priv->essid_size, priv->essid,
3908 hex2str(priv->essid, IW_ESSID_MAX_SIZE),
3909 priv->iw_mode == IW_MODE_ADHOC ? "adhoc" : "infra",
3910 priv->channel, priv->wep_enabled ? "enabled" : "disabled",
3911 priv->wep_key_id, priv->wep_keys_len[priv->wep_key_id]);
3912 at76_dbg(DBG_PARAMS,
3913 "%s param: preamble %s rts %d retry %d frag %d "
3914 "txrate %s auth_mode %d", priv->netdev->name,
3915 preambles[priv->preamble_type], priv->rts_threshold,
3916 priv->short_retry_limit, priv->frag_threshold,
3917 priv->txrate == TX_RATE_1MBIT ? "1MBit" : priv->txrate ==
3918 TX_RATE_2MBIT ? "2MBit" : priv->txrate ==
3919 TX_RATE_5_5MBIT ? "5.5MBit" : priv->txrate ==
3920 TX_RATE_11MBIT ? "11MBit" : priv->txrate ==
3921 TX_RATE_AUTO ? "auto" : "<invalid>", priv->auth_mode);
3922 at76_dbg(DBG_PARAMS,
3923 "%s param: pm_mode %d pm_period %d auth_mode %s "
3924 "scan_times %d %d scan_mode %s",
3925 priv->netdev->name, priv->pm_mode, priv->pm_period,
3926 priv->auth_mode == WLAN_AUTH_OPEN ? "open" : "shared_secret",
3927 priv->scan_min_time, priv->scan_max_time,
3928 priv->scan_mode == SCAN_TYPE_ACTIVE ? "active" : "passive");
3930 memset(ccfg, 0, sizeof(struct at76_card_config));
3931 ccfg->promiscuous_mode = 0;
3932 ccfg->short_retry_limit = priv->short_retry_limit;
3934 if (priv->wep_enabled) {
3935 if (priv->wep_keys_len[priv->wep_key_id] > WEP_SMALL_KEY_LEN)
3936 ccfg->encryption_type = 2;
3938 ccfg->encryption_type = 1;
3940 /* jal: always exclude unencrypted if WEP is active */
3941 ccfg->exclude_unencrypted = 1;
3943 ccfg->exclude_unencrypted = 0;
3944 ccfg->encryption_type = 0;
3947 ccfg->rts_threshold = cpu_to_le16(priv->rts_threshold);
3948 ccfg->fragmentation_threshold = cpu_to_le16(priv->frag_threshold);
3950 memcpy(ccfg->basic_rate_set, hw_rates, 4);
3951 /* jal: really needed, we do a set_mib for autorate later ??? */
3952 ccfg->auto_rate_fallback = (priv->txrate == TX_RATE_AUTO ? 1 : 0);
3953 ccfg->channel = priv->channel;
3954 ccfg->privacy_invoked = priv->wep_enabled;
3955 memcpy(ccfg->current_ssid, priv->essid, IW_ESSID_MAX_SIZE);
3956 ccfg->ssid_len = priv->essid_size;
3958 ccfg->wep_default_key_id = priv->wep_key_id;
3959 memcpy(ccfg->wep_default_key_value, priv->wep_keys, 4 * WEP_KEY_LEN);
3961 ccfg->short_preamble = priv->preamble_type;
3962 ccfg->beacon_period = cpu_to_le16(priv->beacon_period);
3964 ret = at76_set_card_command(priv->udev, CMD_STARTUP, &priv->card_config,
3965 sizeof(struct at76_card_config));
3967 printk(KERN_ERR "%s: at76_set_card_command failed: %d\n",
3968 priv->netdev->name, ret);
3972 at76_wait_completion(priv, CMD_STARTUP);
3974 /* remove BSSID from previous run */
3975 memset(priv->bssid, 0, ETH_ALEN);
3977 if (at76_set_radio(priv, 1) == 1)
3978 at76_wait_completion(priv, CMD_RADIO_ON);
3980 ret = at76_set_preamble(priv, priv->preamble_type);
3984 ret = at76_set_frag(priv, priv->frag_threshold);
3988 ret = at76_set_rts(priv, priv->rts_threshold);
3992 ret = at76_set_autorate_fallback(priv,
3993 priv->txrate == TX_RATE_AUTO ? 1 : 0);
3997 ret = at76_set_pm_mode(priv);
4001 if (at76_debug & DBG_MIB) {
4002 at76_dump_mib_mac(priv);
4003 at76_dump_mib_mac_addr(priv);
4004 at76_dump_mib_mac_mgmt(priv);
4005 at76_dump_mib_mac_wep(priv);
4006 at76_dump_mib_mdomain(priv);
4007 at76_dump_mib_phy(priv);
4008 at76_dump_mib_local(priv);
4014 /* Restart the interface */
4015 static void at76_dwork_restart(struct work_struct *work)
4017 struct at76_priv *priv = container_of(work, struct at76_priv,
4018 dwork_restart.work);
4020 mutex_lock(&priv->mtx);
4022 netif_carrier_off(priv->netdev); /* stop netdev watchdog */
4023 netif_stop_queue(priv->netdev); /* stop tx data packets */
4025 at76_startup_device(priv);
4027 if (priv->iw_mode != IW_MODE_MONITOR) {
4028 priv->netdev->type = ARPHRD_ETHER;
4029 at76_set_mac_state(priv, MAC_SCANNING);
4030 schedule_work(&priv->work_start_scan);
4032 priv->netdev->type = ARPHRD_IEEE80211_RADIOTAP;
4033 at76_start_monitor(priv);
4036 mutex_unlock(&priv->mtx);
4039 /* Initiate scanning */
4040 static void at76_work_start_scan(struct work_struct *work)
4042 struct at76_priv *priv = container_of(work, struct at76_priv,
4046 mutex_lock(&priv->mtx);
4048 WARN_ON(priv->mac_state != MAC_SCANNING);
4049 if (priv->mac_state != MAC_SCANNING)
4052 /* only clear the bss list when a scan is actively initiated,
4053 * otherwise simply rely on at76_bss_list_timeout */
4054 if (priv->scan_state == SCAN_IN_PROGRESS) {
4055 at76_free_bss_list(priv);
4056 priv->scan_need_any = 1;
4058 priv->scan_need_any = 0;
4060 ret = at76_start_scan(priv, 1);
4063 printk(KERN_ERR "%s: %s: start_scan failed with %d\n",
4064 priv->netdev->name, __func__, ret);
4066 at76_dbg(DBG_MGMT_TIMER,
4067 "%s:%d: starting mgmt_timer for %d ticks",
4068 __func__, __LINE__, SCAN_POLL_INTERVAL);
4069 schedule_delayed_work(&priv->dwork_get_scan,
4070 SCAN_POLL_INTERVAL);
4074 mutex_unlock(&priv->mtx);
4077 /* Enable or disable promiscuous mode */
4078 static void at76_work_set_promisc(struct work_struct *work)
4080 struct at76_priv *priv = container_of(work, struct at76_priv,
4084 mutex_lock(&priv->mtx);
4086 priv->mib_buf.type = MIB_LOCAL;
4087 priv->mib_buf.size = 1;
4088 priv->mib_buf.index = offsetof(struct mib_local, promiscuous_mode);
4089 priv->mib_buf.data.byte = priv->promisc ? 1 : 0;
4091 ret = at76_set_mib(priv, &priv->mib_buf);
4093 printk(KERN_ERR "%s: set_mib (promiscuous_mode) failed: %d\n",
4094 priv->netdev->name, ret);
4096 mutex_unlock(&priv->mtx);
4099 /* Submit Rx urb back to the device */
4100 static void at76_work_submit_rx(struct work_struct *work)
4102 struct at76_priv *priv = container_of(work, struct at76_priv,
4105 mutex_lock(&priv->mtx);
4106 at76_submit_rx_urb(priv);
4107 mutex_unlock(&priv->mtx);
4110 /* We got an association response */
4111 static void at76_rx_mgmt_assoc(struct at76_priv *priv,
4112 struct at76_rx_buffer *buf)
4114 struct ieee80211_assoc_response *resp =
4115 (struct ieee80211_assoc_response *)buf->packet;
4116 u16 assoc_id = le16_to_cpu(resp->aid);
4117 u16 status = le16_to_cpu(resp->status);
4119 at76_dbg(DBG_RX_MGMT, "%s: rx AssocResp bssid %s capa 0x%04x status "
4120 "0x%04x assoc_id 0x%04x rates %s", priv->netdev->name,
4121 mac2str(resp->header.addr3), le16_to_cpu(resp->capability),
4122 status, assoc_id, hex2str(resp->info_element->data,
4123 resp->info_element->len));
4125 if (priv->mac_state != MAC_ASSOC) {
4126 printk(KERN_INFO "%s: AssocResp in state %s ignored\n",
4127 priv->netdev->name, mac_states[priv->mac_state]);
4131 BUG_ON(!priv->curr_bss);
4133 cancel_delayed_work(&priv->dwork_assoc);
4134 if (status == WLAN_STATUS_SUCCESS) {
4135 struct bss_info *ptr = priv->curr_bss;
4136 priv->assoc_id = assoc_id & 0x3fff;
4137 /* update iwconfig params */
4138 memcpy(priv->bssid, ptr->bssid, ETH_ALEN);
4139 memcpy(priv->essid, ptr->ssid, ptr->ssid_len);
4140 priv->essid_size = ptr->ssid_len;
4141 priv->channel = ptr->channel;
4142 schedule_work(&priv->work_assoc_done);
4144 at76_set_mac_state(priv, MAC_JOINING);
4145 schedule_work(&priv->work_join);
4149 /* Process disassociation request from the AP */
4150 static void at76_rx_mgmt_disassoc(struct at76_priv *priv,
4151 struct at76_rx_buffer *buf)
4153 struct ieee80211_disassoc *resp =
4154 (struct ieee80211_disassoc *)buf->packet;
4155 struct ieee80211_hdr_3addr *mgmt = &resp->header;
4157 at76_dbg(DBG_RX_MGMT,
4158 "%s: rx DisAssoc bssid %s reason 0x%04x destination %s",
4159 priv->netdev->name, mac2str(mgmt->addr3),
4160 le16_to_cpu(resp->reason), mac2str(mgmt->addr1));
4162 /* We are not connected, ignore */
4163 if (priv->mac_state == MAC_SCANNING || priv->mac_state == MAC_INIT
4167 /* Not our BSSID, ignore */
4168 if (compare_ether_addr(mgmt->addr3, priv->curr_bss->bssid))
4171 /* Not for our STA and not broadcast, ignore */
4172 if (compare_ether_addr(priv->netdev->dev_addr, mgmt->addr1)
4173 && !is_broadcast_ether_addr(mgmt->addr1))
4176 if (priv->mac_state != MAC_ASSOC && priv->mac_state != MAC_CONNECTED
4177 && priv->mac_state != MAC_JOINING) {
4178 printk(KERN_INFO "%s: DisAssoc in state %s ignored\n",
4179 priv->netdev->name, mac_states[priv->mac_state]);
4183 if (priv->mac_state == MAC_CONNECTED) {
4184 netif_carrier_off(priv->netdev);
4185 netif_stop_queue(priv->netdev);
4186 at76_iwevent_bss_disconnect(priv->netdev);
4188 cancel_delayed_work(&priv->dwork_get_scan);
4189 cancel_delayed_work(&priv->dwork_beacon);
4190 cancel_delayed_work(&priv->dwork_auth);
4191 cancel_delayed_work(&priv->dwork_assoc);
4192 at76_set_mac_state(priv, MAC_JOINING);
4193 schedule_work(&priv->work_join);
4196 static void at76_rx_mgmt_auth(struct at76_priv *priv,
4197 struct at76_rx_buffer *buf)
4199 struct ieee80211_auth *resp = (struct ieee80211_auth *)buf->packet;
4200 struct ieee80211_hdr_3addr *mgmt = &resp->header;
4201 int seq_nr = le16_to_cpu(resp->transaction);
4202 int alg = le16_to_cpu(resp->algorithm);
4203 int status = le16_to_cpu(resp->status);
4205 at76_dbg(DBG_RX_MGMT,
4206 "%s: rx AuthFrame bssid %s alg %d seq_nr %d status %d "
4207 "destination %s", priv->netdev->name, mac2str(mgmt->addr3),
4208 alg, seq_nr, status, mac2str(mgmt->addr1));
4210 if (alg == WLAN_AUTH_SHARED_KEY && seq_nr == 2)
4211 at76_dbg(DBG_RX_MGMT, "%s: AuthFrame challenge %s ...",
4212 priv->netdev->name, hex2str(resp->info_element, 18));
4214 if (priv->mac_state != MAC_AUTH) {
4215 printk(KERN_INFO "%s: ignored AuthFrame in state %s\n",
4216 priv->netdev->name, mac_states[priv->mac_state]);
4219 if (priv->auth_mode != alg) {
4220 printk(KERN_INFO "%s: ignored AuthFrame for alg %d\n",
4221 priv->netdev->name, alg);
4225 BUG_ON(!priv->curr_bss);
4227 /* Not our BSSID or not for our STA, ignore */
4228 if (compare_ether_addr(mgmt->addr3, priv->curr_bss->bssid)
4229 || compare_ether_addr(priv->netdev->dev_addr, mgmt->addr1))
4232 cancel_delayed_work(&priv->dwork_auth);
4233 if (status != WLAN_STATUS_SUCCESS) {
4234 /* try to join next bss */
4235 at76_set_mac_state(priv, MAC_JOINING);
4236 schedule_work(&priv->work_join);
4240 if (priv->auth_mode == WLAN_AUTH_OPEN || seq_nr == 4) {
4241 priv->retries = ASSOC_RETRIES;
4242 at76_set_mac_state(priv, MAC_ASSOC);
4243 at76_assoc_req(priv, priv->curr_bss);
4244 at76_dbg(DBG_MGMT_TIMER,
4245 "%s:%d: starting mgmt_timer + HZ", __func__, __LINE__);
4246 schedule_delayed_work(&priv->dwork_assoc, ASSOC_TIMEOUT);
4250 WARN_ON(seq_nr != 2);
4251 at76_auth_req(priv, priv->curr_bss, seq_nr + 1, resp->info_element);
4252 at76_dbg(DBG_MGMT_TIMER, "%s:%d: starting mgmt_timer + HZ", __func__,
4254 schedule_delayed_work(&priv->dwork_auth, AUTH_TIMEOUT);
4257 static void at76_rx_mgmt_deauth(struct at76_priv *priv,
4258 struct at76_rx_buffer *buf)
4260 struct ieee80211_disassoc *resp =
4261 (struct ieee80211_disassoc *)buf->packet;
4262 struct ieee80211_hdr_3addr *mgmt = &resp->header;
4264 at76_dbg(DBG_RX_MGMT | DBG_PROGRESS,
4265 "%s: rx DeAuth bssid %s reason 0x%04x destination %s",
4266 priv->netdev->name, mac2str(mgmt->addr3),
4267 le16_to_cpu(resp->reason), mac2str(mgmt->addr1));
4269 if (priv->mac_state != MAC_AUTH && priv->mac_state != MAC_ASSOC
4270 && priv->mac_state != MAC_CONNECTED) {
4271 printk(KERN_INFO "%s: DeAuth in state %s ignored\n",
4272 priv->netdev->name, mac_states[priv->mac_state]);
4276 BUG_ON(!priv->curr_bss);
4278 /* Not our BSSID, ignore */
4279 if (compare_ether_addr(mgmt->addr3, priv->curr_bss->bssid))
4282 /* Not for our STA and not broadcast, ignore */
4283 if (compare_ether_addr(priv->netdev->dev_addr, mgmt->addr1)
4284 && !is_broadcast_ether_addr(mgmt->addr1))
4287 if (priv->mac_state == MAC_CONNECTED)
4288 at76_iwevent_bss_disconnect(priv->netdev);
4290 at76_set_mac_state(priv, MAC_JOINING);
4291 schedule_work(&priv->work_join);
4292 cancel_delayed_work(&priv->dwork_get_scan);
4293 cancel_delayed_work(&priv->dwork_beacon);
4294 cancel_delayed_work(&priv->dwork_auth);
4295 cancel_delayed_work(&priv->dwork_assoc);
4298 static void at76_rx_mgmt_beacon(struct at76_priv *priv,
4299 struct at76_rx_buffer *buf)
4302 /* beacon content */
4303 struct ieee80211_beacon *bdata = (struct ieee80211_beacon *)buf->packet;
4304 struct ieee80211_hdr_3addr *mgmt = &bdata->header;
4306 struct list_head *lptr;
4307 struct bss_info *match; /* entry matching addr3 with its bssid */
4310 struct ieee80211_info_element *ie;
4313 int have_channel = 0;
4315 unsigned long flags;
4317 spin_lock_irqsave(&priv->bss_list_spinlock, flags);
4318 if (priv->mac_state == MAC_CONNECTED) {
4319 /* in state MAC_CONNECTED we use the mgmt_timer to control
4320 the beacon of the BSS */
4321 BUG_ON(!priv->curr_bss);
4323 if (!compare_ether_addr(priv->curr_bss->bssid, mgmt->addr3)) {
4324 /* We got our AP's beacon, defer the timeout handler.
4325 Kill pending work first, as schedule_delayed_work()
4327 cancel_delayed_work(&priv->dwork_beacon);
4328 schedule_delayed_work(&priv->dwork_beacon,
4330 priv->curr_bss->rssi = buf->rssi;
4331 priv->beacons_received++;
4336 /* look if we have this BSS already in the list */
4339 if (!list_empty(&priv->bss_list)) {
4340 list_for_each(lptr, &priv->bss_list) {
4341 struct bss_info *bss_ptr =
4342 list_entry(lptr, struct bss_info, list);
4343 if (!compare_ether_addr(bss_ptr->bssid, mgmt->addr3)) {
4351 /* BSS not in the list - append it */
4352 match = kzalloc(sizeof(struct bss_info), GFP_ATOMIC);
4354 at76_dbg(DBG_BSS_TABLE,
4355 "%s: cannot kmalloc new bss info (%zd byte)",
4356 priv->netdev->name, sizeof(struct bss_info));
4360 list_add_tail(&match->list, &priv->bss_list);
4363 match->capa = le16_to_cpu(bdata->capability);
4364 match->beacon_interval = le16_to_cpu(bdata->beacon_interval);
4365 match->rssi = buf->rssi;
4366 match->link_qual = buf->link_quality;
4367 match->noise_level = buf->noise_level;
4368 memcpy(match->bssid, mgmt->addr3, ETH_ALEN);
4369 at76_dbg(DBG_RX_BEACON, "%s: bssid %s", priv->netdev->name,
4370 mac2str(match->bssid));
4372 ie = bdata->info_element;
4374 /* length of var length beacon parameters */
4375 varpar_len = min_t(int, le16_to_cpu(buf->wlength) -
4376 sizeof(struct ieee80211_beacon),
4377 BEACON_MAX_DATA_LENGTH);
4379 /* This routine steps through the bdata->data array to get
4380 * some useful information about the access point.
4381 * Currently, this implementation supports receipt of: SSID,
4382 * supported transfer rates and channel, in any order, with some
4383 * tolerance for intermittent unknown codes (although this
4384 * functionality may not be necessary as the useful information will
4385 * usually arrive in consecutively, but there have been some
4386 * reports of some of the useful information fields arriving in a
4388 * It does not support any more IE types although MFIE_TYPE_TIM may
4389 * be supported (on my AP at least).
4390 * The bdata->data array is about 1500 bytes long but only ~36 of those
4391 * bytes are useful, hence the have_ssid etc optimizations. */
4393 while (keep_going &&
4394 ((&ie->data[ie->len] - (u8 *)bdata->info_element) <=
4403 len = min_t(int, IW_ESSID_MAX_SIZE, ie->len);
4405 /* we copy only if this is a new entry,
4406 or the incoming SSID is not a hidden SSID. This
4407 will protect us from overwriting a real SSID read
4408 in a ProbeResponse with a hidden one from a
4409 following beacon. */
4410 if (!new_entry && at76_is_hidden_ssid(ie->data, len)) {
4415 match->ssid_len = len;
4416 memcpy(match->ssid, ie->data, len);
4417 at76_dbg(DBG_RX_BEACON, "%s: SSID - %.*s",
4418 priv->netdev->name, len, match->ssid);
4422 case WLAN_EID_SUPP_RATES:
4427 min_t(int, sizeof(match->rates), ie->len);
4428 memcpy(match->rates, ie->data, match->rates_len);
4430 at76_dbg(DBG_RX_BEACON, "%s: SUPPORTED RATES %s",
4432 hex2str(ie->data, ie->len));
4435 case WLAN_EID_DS_PARAMS:
4439 match->channel = ie->data[0];
4441 at76_dbg(DBG_RX_BEACON, "%s: CHANNEL - %d",
4442 priv->netdev->name, match->channel);
4445 case WLAN_EID_CF_PARAMS:
4447 case WLAN_EID_IBSS_PARAMS:
4449 at76_dbg(DBG_RX_BEACON, "%s: beacon IE id %d len %d %s",
4450 priv->netdev->name, ie->id, ie->len,
4451 hex2str(ie->data, ie->len));
4455 /* advance to the next informational element */
4458 /* Optimization: after all, the bdata->data array is
4459 * varpar_len bytes long, whereas we get all of the useful
4460 * information after only ~36 bytes, this saves us a lot of
4461 * time (and trouble as the remaining portion of the array
4462 * could be full of junk)
4463 * Comment this out if you want to see what other information
4464 * comes from the AP - although little of it may be useful */
4467 at76_dbg(DBG_RX_BEACON, "%s: Finished processing beacon data",
4468 priv->netdev->name);
4470 match->last_rx = jiffies; /* record last rx of beacon */
4473 spin_unlock_irqrestore(&priv->bss_list_spinlock, flags);
4476 /* Calculate the link level from a given rx_buffer */
4477 static void at76_calc_level(struct at76_priv *priv, struct at76_rx_buffer *buf,
4478 struct iw_quality *qual)
4480 /* just a guess for now, might be different for other chips */
4483 qual->level = (buf->rssi * 100 / max_rssi);
4484 if (qual->level > 100)
4486 qual->updated |= IW_QUAL_LEVEL_UPDATED;
4489 /* Calculate the link quality from a given rx_buffer */
4490 static void at76_calc_qual(struct at76_priv *priv, struct at76_rx_buffer *buf,
4491 struct iw_quality *qual)
4493 if (at76_is_intersil(priv->board_type))
4494 qual->qual = buf->link_quality;
4496 unsigned long elapsed;
4498 /* Update qual at most once a second */
4499 elapsed = jiffies - priv->beacons_last_qual;
4500 if (elapsed < 1 * HZ)
4503 qual->qual = qual->level * priv->beacons_received *
4504 msecs_to_jiffies(priv->beacon_period) / elapsed;
4506 priv->beacons_last_qual = jiffies;
4507 priv->beacons_received = 0;
4509 qual->qual = (qual->qual > 100) ? 100 : qual->qual;
4510 qual->updated |= IW_QUAL_QUAL_UPDATED;
4513 /* Calculate the noise quality from a given rx_buffer */
4514 static void at76_calc_noise(struct at76_priv *priv, struct at76_rx_buffer *buf,
4515 struct iw_quality *qual)
4518 qual->updated |= IW_QUAL_NOISE_INVALID;
4521 static void at76_update_wstats(struct at76_priv *priv,
4522 struct at76_rx_buffer *buf)
4524 struct iw_quality *qual = &priv->wstats.qual;
4526 if (buf->rssi && priv->mac_state == MAC_CONNECTED) {
4528 at76_calc_level(priv, buf, qual);
4529 at76_calc_qual(priv, buf, qual);
4530 at76_calc_noise(priv, buf, qual);
4535 qual->updated = IW_QUAL_ALL_INVALID;
4539 static void at76_rx_mgmt(struct at76_priv *priv, struct at76_rx_buffer *buf)
4541 struct ieee80211_hdr_3addr *mgmt =
4542 (struct ieee80211_hdr_3addr *)buf->packet;
4543 u16 framectl = le16_to_cpu(mgmt->frame_ctl);
4546 if (priv->mac_state != MAC_INIT && priv->mac_state != MAC_SCANNING) {
4547 /* jal: this is a dirty hack needed by Tim in ad-hoc mode */
4548 /* Data packets always seem to have a 0 link level, so we
4549 only read link quality info from management packets.
4550 Atmel driver actually averages the present, and previous
4551 values, we just present the raw value at the moment - TJS */
4552 if (priv->iw_mode == IW_MODE_ADHOC
4554 && !compare_ether_addr(mgmt->addr3,
4555 priv->curr_bss->bssid)))
4556 at76_update_wstats(priv, buf);
4559 at76_dbg(DBG_RX_MGMT_CONTENT, "%s rx mgmt framectl 0x%x %s",
4560 priv->netdev->name, framectl,
4561 hex2str(mgmt, le16_to_cpu(buf->wlength)));
4563 switch (framectl & IEEE80211_FCTL_STYPE) {
4564 case IEEE80211_STYPE_BEACON:
4565 case IEEE80211_STYPE_PROBE_RESP:
4566 at76_rx_mgmt_beacon(priv, buf);
4569 case IEEE80211_STYPE_ASSOC_RESP:
4570 at76_rx_mgmt_assoc(priv, buf);
4573 case IEEE80211_STYPE_DISASSOC:
4574 at76_rx_mgmt_disassoc(priv, buf);
4577 case IEEE80211_STYPE_AUTH:
4578 at76_rx_mgmt_auth(priv, buf);
4581 case IEEE80211_STYPE_DEAUTH:
4582 at76_rx_mgmt_deauth(priv, buf);
4586 printk(KERN_DEBUG "%s: ignoring frame with framectl 0x%04x\n",
4587 priv->netdev->name, framectl);
4593 /* Convert the 802.11 header into an ethernet-style header, make skb
4594 * ready for consumption by netif_rx() */
4595 static void at76_ieee80211_to_eth(struct sk_buff *skb, int iw_mode)
4597 struct ieee80211_hdr_3addr *i802_11_hdr;
4598 struct ethhdr *eth_hdr_p;
4602 i802_11_hdr = (struct ieee80211_hdr_3addr *)skb->data;
4604 /* That would be the ethernet header if the hardware converted
4605 * the frame for us. Make sure the source and the destination
4606 * match the 802.11 header. Which hardware does it? */
4607 eth_hdr_p = (struct ethhdr *)skb_pull(skb, IEEE80211_3ADDR_LEN);
4609 dest_addr = i802_11_hdr->addr1;
4610 if (iw_mode == IW_MODE_ADHOC)
4611 src_addr = i802_11_hdr->addr2;
4613 src_addr = i802_11_hdr->addr3;
4615 if (!compare_ether_addr(eth_hdr_p->h_source, src_addr) &&
4616 !compare_ether_addr(eth_hdr_p->h_dest, dest_addr))
4617 /* Yes, we already have an ethernet header */
4618 skb_reset_mac_header(skb);
4622 /* Need to build an ethernet header */
4623 if (!memcmp(skb->data, snapsig, sizeof(snapsig))) {
4624 /* SNAP frame - decapsulate, keep proto */
4625 skb_push(skb, offsetof(struct ethhdr, h_proto) -
4626 sizeof(rfc1042sig));
4629 /* 802.3 frame, proto is length */
4631 skb_push(skb, ETH_HLEN);
4634 skb_reset_mac_header(skb);
4635 eth_hdr_p = eth_hdr(skb);
4636 /* This needs to be done in this order (eth_hdr_p->h_dest may
4637 * overlap src_addr) */
4638 memcpy(eth_hdr_p->h_source, src_addr, ETH_ALEN);
4639 memcpy(eth_hdr_p->h_dest, dest_addr, ETH_ALEN);
4641 eth_hdr_p->h_proto = htons(len);
4644 skb->protocol = eth_type_trans(skb, skb->dev);
4647 /* Check for fragmented data in priv->rx_skb. If the packet was no fragment
4648 or it was the last of a fragment set a skb containing the whole packet
4649 is returned for further processing. Otherwise we get NULL and are
4650 done and the packet is either stored inside the fragment buffer
4651 or thrown away. Every returned skb starts with the ieee802_11 header
4652 and contains _no_ FCS at the end */
4653 static struct sk_buff *at76_check_for_rx_frags(struct at76_priv *priv)
4655 struct sk_buff *skb = priv->rx_skb;
4656 struct at76_rx_buffer *buf = (struct at76_rx_buffer *)skb->data;
4657 struct ieee80211_hdr_3addr *i802_11_hdr =
4658 (struct ieee80211_hdr_3addr *)buf->packet;
4659 /* seq_ctrl, fragment_number, sequence number of new packet */
4660 u16 sctl = le16_to_cpu(i802_11_hdr->seq_ctl);
4661 u16 fragnr = sctl & 0xf;
4662 u16 seqnr = sctl >> 4;
4663 u16 frame_ctl = le16_to_cpu(i802_11_hdr->frame_ctl);
4665 /* Length including the IEEE802.11 header, but without the trailing
4666 * FCS and without the Atmel Rx header */
4667 int length = le16_to_cpu(buf->wlength) - IEEE80211_FCS_LEN;
4669 /* where does the data payload start in skb->data ? */
4670 u8 *data = i802_11_hdr->payload;
4672 /* length of payload, excl. the trailing FCS */
4673 int data_len = length - IEEE80211_3ADDR_LEN;
4676 struct rx_data_buf *bptr, *optr;
4677 unsigned long oldest = ~0UL;
4679 at76_dbg(DBG_RX_FRAGS,
4680 "%s: rx data frame_ctl %04x addr2 %s seq/frag %d/%d "
4681 "length %d data %d: %s ...", priv->netdev->name, frame_ctl,
4682 mac2str(i802_11_hdr->addr2), seqnr, fragnr, length, data_len,
4685 at76_dbg(DBG_RX_FRAGS_SKB, "%s: incoming skb: head %p data %p "
4686 "tail %p end %p len %d", priv->netdev->name, skb->head,
4687 skb->data, skb_tail_pointer(skb), skb_end_pointer(skb),
4691 /* make sure data starts in the buffer */
4692 printk(KERN_INFO "%s: data frame too short\n",
4693 priv->netdev->name);
4697 WARN_ON(length <= AT76_RX_HDRLEN);
4698 if (length <= AT76_RX_HDRLEN)
4701 /* remove the at76_rx_buffer header - we don't need it anymore */
4702 /* we need the IEEE802.11 header (for the addresses) if this packet
4703 is the first of a chain */
4704 skb_pull(skb, AT76_RX_HDRLEN);
4706 /* remove FCS at end */
4707 skb_trim(skb, length);
4709 at76_dbg(DBG_RX_FRAGS_SKB, "%s: trimmed skb: head %p data %p tail %p "
4710 "end %p len %d data %p data_len %d", priv->netdev->name,
4711 skb->head, skb->data, skb_tail_pointer(skb),
4712 skb_end_pointer(skb), skb->len, data, data_len);
4714 if (fragnr == 0 && !(frame_ctl & IEEE80211_FCTL_MOREFRAGS)) {
4715 /* unfragmented packet received */
4716 /* Use a new skb for the next receive */
4717 priv->rx_skb = NULL;
4718 at76_dbg(DBG_RX_FRAGS, "%s: unfragmented", priv->netdev->name);
4722 /* look if we've got a chain for the sender address.
4723 afterwards optr points to first free or the oldest entry,
4724 or, if i < NR_RX_DATA_BUF, bptr points to the entry for the
4726 /* determining the oldest entry doesn't cope with jiffies wrapping
4727 but I don't care to delete a young entry at these rare moments ... */
4729 bptr = priv->rx_data;
4731 for (i = 0; i < NR_RX_DATA_BUF; i++, bptr++) {
4738 if (!compare_ether_addr(i802_11_hdr->addr2, bptr->sender))
4743 oldest = bptr->last_rx;
4744 } else if (bptr->last_rx < oldest)
4748 if (i < NR_RX_DATA_BUF) {
4750 at76_dbg(DBG_RX_FRAGS, "%s: %d. cacheentry (seq/frag = %d/%d) "
4751 "matched sender addr",
4752 priv->netdev->name, i, bptr->seqnr, bptr->fragnr);
4754 /* bptr points to an entry for the sender address */
4755 if (bptr->seqnr == seqnr) {
4757 /* the fragment has the current sequence number */
4758 if (((bptr->fragnr + 1) & 0xf) != fragnr) {
4759 /* wrong fragment number -> ignore it */
4760 /* is & 0xf necessary above ??? */
4761 at76_dbg(DBG_RX_FRAGS,
4762 "%s: frag nr mismatch: %d + 1 != %d",
4763 priv->netdev->name, bptr->fragnr,
4767 bptr->last_rx = jiffies;
4768 /* the next following fragment number ->
4769 add the data at the end */
4771 /* for test only ??? */
4772 left = skb_tailroom(bptr->skb);
4773 if (left < data_len)
4775 "%s: only %d byte free (need %d)\n",
4776 priv->netdev->name, left, data_len);
4778 memcpy(skb_put(bptr->skb, data_len), data,
4781 bptr->fragnr = fragnr;
4782 if (frame_ctl & IEEE80211_FCTL_MOREFRAGS)
4785 /* this was the last fragment - send it */
4787 bptr->skb = NULL; /* free the entry */
4788 at76_dbg(DBG_RX_FRAGS, "%s: last frag of seq %d",
4789 priv->netdev->name, seqnr);
4793 /* got another sequence number */
4795 /* it's the start of a new chain - replace the
4797 /* bptr->sender has the correct value already */
4798 at76_dbg(DBG_RX_FRAGS,
4799 "%s: start of new seq %d, removing old seq %d",
4800 priv->netdev->name, seqnr, bptr->seqnr);
4801 bptr->seqnr = seqnr;
4803 bptr->last_rx = jiffies;
4804 /* swap bptr->skb and priv->rx_skb */
4806 bptr->skb = priv->rx_skb;
4809 /* it from the middle of a new chain ->
4810 delete the old entry and skip the new one */
4811 at76_dbg(DBG_RX_FRAGS,
4812 "%s: middle of new seq %d (%d) "
4813 "removing old seq %d",
4814 priv->netdev->name, seqnr, fragnr,
4816 dev_kfree_skb(bptr->skb);
4822 /* if we didn't find a chain for the sender address, optr
4823 points either to the first free or the oldest entry */
4826 /* this is not the begin of a fragment chain ... */
4827 at76_dbg(DBG_RX_FRAGS,
4828 "%s: no chain for non-first fragment (%d)",
4829 priv->netdev->name, fragnr);
4835 /* swap the skb's */
4837 optr->skb = priv->rx_skb;
4840 at76_dbg(DBG_RX_FRAGS,
4841 "%s: free old contents: sender %s seq/frag %d/%d",
4842 priv->netdev->name, mac2str(optr->sender),
4843 optr->seqnr, optr->fragnr);
4846 /* take the skb from priv->rx_skb */
4847 optr->skb = priv->rx_skb;
4848 /* let at76_submit_rx_urb() allocate a new skb */
4849 priv->rx_skb = NULL;
4851 at76_dbg(DBG_RX_FRAGS, "%s: use a free entry",
4852 priv->netdev->name);
4854 memcpy(optr->sender, i802_11_hdr->addr2, ETH_ALEN);
4855 optr->seqnr = seqnr;
4857 optr->last_rx = jiffies;
4862 /* Rx interrupt: we expect the complete data buffer in priv->rx_skb */
4863 static void at76_rx_data(struct at76_priv *priv)
4865 struct net_device *netdev = priv->netdev;
4866 struct net_device_stats *stats = &priv->stats;
4867 struct sk_buff *skb = priv->rx_skb;
4868 struct at76_rx_buffer *buf = (struct at76_rx_buffer *)skb->data;
4869 struct ieee80211_hdr_3addr *i802_11_hdr;
4870 int length = le16_to_cpu(buf->wlength);
4872 at76_dbg(DBG_RX_DATA, "%s received data packet: %s", netdev->name,
4873 hex2str(skb->data, AT76_RX_HDRLEN));
4875 at76_dbg(DBG_RX_DATA_CONTENT, "rx packet: %s",
4876 hex2str(skb->data + AT76_RX_HDRLEN, length));
4878 skb = at76_check_for_rx_frags(priv);
4882 /* Atmel header and the FCS are already removed */
4883 i802_11_hdr = (struct ieee80211_hdr_3addr *)skb->data;
4886 skb->ip_summed = CHECKSUM_NONE; /* TODO: should check CRC */
4888 if (is_broadcast_ether_addr(i802_11_hdr->addr1)) {
4889 if (!compare_ether_addr(i802_11_hdr->addr1, netdev->broadcast))
4890 skb->pkt_type = PACKET_BROADCAST;
4892 skb->pkt_type = PACKET_MULTICAST;
4893 } else if (compare_ether_addr(i802_11_hdr->addr1, netdev->dev_addr))
4894 skb->pkt_type = PACKET_OTHERHOST;
4896 at76_ieee80211_to_eth(skb, priv->iw_mode);
4898 netdev->last_rx = jiffies;
4900 stats->rx_packets++;
4901 stats->rx_bytes += length;
4906 static void at76_rx_monitor_mode(struct at76_priv *priv)
4908 struct at76_rx_radiotap *rt;
4911 struct net_device *netdev = priv->netdev;
4912 struct at76_rx_buffer *buf =
4913 (struct at76_rx_buffer *)priv->rx_skb->data;
4914 /* length including the IEEE802.11 header and the trailing FCS,
4915 but not at76_rx_buffer */
4916 int length = le16_to_cpu(buf->wlength);
4917 struct sk_buff *skb = priv->rx_skb;
4918 struct net_device_stats *stats = &priv->stats;
4920 if (length < IEEE80211_FCS_LEN) {
4921 /* buffer contains no data */
4922 at76_dbg(DBG_MONITOR_MODE,
4923 "%s: MONITOR MODE: rx skb without data",
4924 priv->netdev->name);
4928 skblen = sizeof(struct at76_rx_radiotap) + length;
4930 skb = dev_alloc_skb(skblen);
4932 printk(KERN_ERR "%s: MONITOR MODE: dev_alloc_skb for radiotap "
4933 "header returned NULL\n", priv->netdev->name);
4937 skb_put(skb, skblen);
4939 rt = (struct at76_rx_radiotap *)skb->data;
4940 payload = skb->data + sizeof(struct at76_rx_radiotap);
4942 rt->rt_hdr.it_version = 0;
4943 rt->rt_hdr.it_pad = 0;
4944 rt->rt_hdr.it_len = cpu_to_le16(sizeof(struct at76_rx_radiotap));
4945 rt->rt_hdr.it_present = cpu_to_le32(AT76_RX_RADIOTAP_PRESENT);
4947 rt->rt_tsft = cpu_to_le64(le32_to_cpu(buf->rx_time));
4948 rt->rt_rate = hw_rates[buf->rx_rate] & (~0x80);
4949 rt->rt_signal = buf->rssi;
4950 rt->rt_noise = buf->noise_level;
4951 rt->rt_flags = IEEE80211_RADIOTAP_F_FCS;
4952 if (buf->fragmentation)
4953 rt->rt_flags |= IEEE80211_RADIOTAP_F_FRAG;
4955 memcpy(payload, buf->packet, length);
4957 skb->ip_summed = CHECKSUM_NONE;
4958 skb_reset_mac_header(skb);
4959 skb->pkt_type = PACKET_OTHERHOST;
4960 skb->protocol = htons(ETH_P_802_2);
4962 netdev->last_rx = jiffies;
4964 stats->rx_packets++;
4965 stats->rx_bytes += length;
4968 /* Check if we spy on the sender address in buf and update stats */
4969 static void at76_iwspy_update(struct at76_priv *priv,
4970 struct at76_rx_buffer *buf)
4972 struct ieee80211_hdr_3addr *hdr =
4973 (struct ieee80211_hdr_3addr *)buf->packet;
4974 struct iw_quality qual;
4976 /* We can only set the level here */
4977 qual.updated = IW_QUAL_QUAL_INVALID | IW_QUAL_NOISE_INVALID;
4980 at76_calc_level(priv, buf, &qual);
4982 spin_lock_bh(&priv->spy_spinlock);
4984 if (priv->spy_data.spy_number > 0)
4985 wireless_spy_update(priv->netdev, hdr->addr2, &qual);
4987 spin_unlock_bh(&priv->spy_spinlock);
4990 static void at76_rx_tasklet(unsigned long param)
4992 struct urb *urb = (struct urb *)param;
4993 struct at76_priv *priv = urb->context;
4994 struct net_device *netdev = priv->netdev;
4995 struct at76_rx_buffer *buf;
4996 struct ieee80211_hdr_3addr *i802_11_hdr;
4999 if (priv->device_unplugged) {
5000 at76_dbg(DBG_DEVSTART, "device unplugged");
5002 at76_dbg(DBG_DEVSTART, "urb status %d", urb->status);
5006 if (!priv->rx_skb || !netdev || !priv->rx_skb->data)
5009 buf = (struct at76_rx_buffer *)priv->rx_skb->data;
5011 i802_11_hdr = (struct ieee80211_hdr_3addr *)buf->packet;
5013 frame_ctl = le16_to_cpu(i802_11_hdr->frame_ctl);
5015 if (urb->status != 0) {
5016 if (urb->status != -ENOENT && urb->status != -ECONNRESET)
5018 "%s %s: - nonzero Rx bulk status received: %d",
5019 __func__, netdev->name, urb->status);
5023 at76_dbg(DBG_RX_ATMEL_HDR,
5024 "%s: rx frame: rate %d rssi %d noise %d link %d %s",
5025 priv->netdev->name, buf->rx_rate, buf->rssi, buf->noise_level,
5026 buf->link_quality, hex2str(i802_11_hdr, 48));
5027 if (priv->iw_mode == IW_MODE_MONITOR) {
5028 at76_rx_monitor_mode(priv);
5032 /* there is a new bssid around, accept it: */
5033 if (buf->newbss && priv->iw_mode == IW_MODE_ADHOC) {
5034 at76_dbg(DBG_PROGRESS, "%s: rx newbss", netdev->name);
5035 schedule_work(&priv->work_new_bss);
5038 switch (frame_ctl & IEEE80211_FCTL_FTYPE) {
5039 case IEEE80211_FTYPE_DATA:
5043 case IEEE80211_FTYPE_MGMT:
5044 /* jal: TODO: find out if we can update iwspy also on
5045 other frames than management (might depend on the
5046 radio chip / firmware version !) */
5048 at76_iwspy_update(priv, buf);
5050 at76_rx_mgmt(priv, buf);
5053 case IEEE80211_FTYPE_CTL:
5054 at76_dbg(DBG_RX_CTRL, "%s: ignored ctrl frame: %04x",
5055 priv->netdev->name, frame_ctl);
5059 printk(KERN_DEBUG "%s: ignoring frame with framectl 0x%04x\n",
5060 priv->netdev->name, frame_ctl);
5063 at76_submit_rx_urb(priv);
5066 /* Load firmware into kernel memory and parse it */
5067 static struct fwentry *at76_load_firmware(struct usb_device *udev,
5068 enum board_type board_type)
5072 struct at76_fw_header *fwh;
5073 struct fwentry *fwe = &firmwares[board_type];
5075 mutex_lock(&fw_mutex);
5078 at76_dbg(DBG_FW, "re-using previously loaded fw");
5082 at76_dbg(DBG_FW, "downloading firmware %s", fwe->fwname);
5083 ret = request_firmware(&fwe->fw, fwe->fwname, &udev->dev);
5085 dev_printk(KERN_ERR, &udev->dev, "firmware %s not found!\n",
5087 dev_printk(KERN_ERR, &udev->dev,
5088 "you may need to download the firmware from "
5089 "http://developer.berlios.de/projects/at76c503a/");
5093 at76_dbg(DBG_FW, "got it.");
5094 fwh = (struct at76_fw_header *)(fwe->fw->data);
5096 if (fwe->fw->size <= sizeof(*fwh)) {
5097 dev_printk(KERN_ERR, &udev->dev,
5098 "firmware is too short (0x%zx)\n", fwe->fw->size);
5102 /* CRC currently not checked */
5103 fwe->board_type = le32_to_cpu(fwh->board_type);
5104 if (fwe->board_type != board_type) {
5105 dev_printk(KERN_ERR, &udev->dev,
5106 "board type mismatch, requested %u, got %u\n",
5107 board_type, fwe->board_type);
5111 fwe->fw_version.major = fwh->major;
5112 fwe->fw_version.minor = fwh->minor;
5113 fwe->fw_version.patch = fwh->patch;
5114 fwe->fw_version.build = fwh->build;
5116 str = (char *)fwh + le32_to_cpu(fwh->str_offset);
5117 fwe->intfw = (u8 *)fwh + le32_to_cpu(fwh->int_fw_offset);
5118 fwe->intfw_size = le32_to_cpu(fwh->int_fw_len);
5119 fwe->extfw = (u8 *)fwh + le32_to_cpu(fwh->ext_fw_offset);
5120 fwe->extfw_size = le32_to_cpu(fwh->ext_fw_len);
5124 dev_printk(KERN_DEBUG, &udev->dev,
5125 "using firmware %s (version %d.%d.%d-%d)\n",
5126 fwe->fwname, fwh->major, fwh->minor, fwh->patch, fwh->build);
5128 at76_dbg(DBG_DEVSTART, "board %u, int %d:%d, ext %d:%d", board_type,
5129 le32_to_cpu(fwh->int_fw_offset), le32_to_cpu(fwh->int_fw_len),
5130 le32_to_cpu(fwh->ext_fw_offset), le32_to_cpu(fwh->ext_fw_len));
5131 at76_dbg(DBG_DEVSTART, "firmware id %s", str);
5134 mutex_unlock(&fw_mutex);
5142 /* Allocate network device and initialize private data */
5143 static struct at76_priv *at76_alloc_new_device(struct usb_device *udev)
5145 struct net_device *netdev;
5146 struct at76_priv *priv;
5149 /* allocate memory for our device state and initialize it */
5150 netdev = alloc_etherdev(sizeof(struct at76_priv));
5152 dev_printk(KERN_ERR, &udev->dev, "out of memory\n");
5156 priv = netdev_priv(netdev);
5159 priv->netdev = netdev;
5161 mutex_init(&priv->mtx);
5162 INIT_WORK(&priv->work_assoc_done, at76_work_assoc_done);
5163 INIT_WORK(&priv->work_join, at76_work_join);
5164 INIT_WORK(&priv->work_new_bss, at76_work_new_bss);
5165 INIT_WORK(&priv->work_start_scan, at76_work_start_scan);
5166 INIT_WORK(&priv->work_set_promisc, at76_work_set_promisc);
5167 INIT_WORK(&priv->work_submit_rx, at76_work_submit_rx);
5168 INIT_DELAYED_WORK(&priv->dwork_restart, at76_dwork_restart);
5169 INIT_DELAYED_WORK(&priv->dwork_get_scan, at76_dwork_get_scan);
5170 INIT_DELAYED_WORK(&priv->dwork_beacon, at76_dwork_beacon);
5171 INIT_DELAYED_WORK(&priv->dwork_auth, at76_dwork_auth);
5172 INIT_DELAYED_WORK(&priv->dwork_assoc, at76_dwork_assoc);
5174 spin_lock_init(&priv->mgmt_spinlock);
5175 priv->next_mgmt_bulk = NULL;
5176 priv->mac_state = MAC_INIT;
5178 /* initialize empty BSS list */
5179 priv->curr_bss = NULL;
5180 INIT_LIST_HEAD(&priv->bss_list);
5181 spin_lock_init(&priv->bss_list_spinlock);
5183 init_timer(&priv->bss_list_timer);
5184 priv->bss_list_timer.data = (unsigned long)priv;
5185 priv->bss_list_timer.function = at76_bss_list_timeout;
5187 spin_lock_init(&priv->spy_spinlock);
5189 /* mark all rx data entries as unused */
5190 for (i = 0; i < NR_RX_DATA_BUF; i++)
5191 priv->rx_data[i].skb = NULL;
5193 priv->rx_tasklet.func = at76_rx_tasklet;
5194 priv->rx_tasklet.data = 0;
5196 priv->pm_mode = AT76_PM_OFF;
5197 priv->pm_period = 0;
5202 static int at76_alloc_urbs(struct at76_priv *priv,
5203 struct usb_interface *interface)
5205 struct usb_endpoint_descriptor *endpoint, *ep_in, *ep_out;
5208 struct usb_host_interface *iface_desc;
5210 at76_dbg(DBG_PROC_ENTRY, "%s: ENTER", __func__);
5212 at76_dbg(DBG_URB, "%s: NumEndpoints %d ", __func__,
5213 interface->altsetting[0].desc.bNumEndpoints);
5217 iface_desc = interface->cur_altsetting;
5218 for (i = 0; i < iface_desc->desc.bNumEndpoints; i++) {
5219 endpoint = &iface_desc->endpoint[i].desc;
5221 at76_dbg(DBG_URB, "%s: %d. endpoint: addr 0x%x attr 0x%x",
5222 __func__, i, endpoint->bEndpointAddress,
5223 endpoint->bmAttributes);
5225 if (!ep_in && usb_endpoint_is_bulk_in(endpoint))
5228 if (!ep_out && usb_endpoint_is_bulk_out(endpoint))
5232 if (!ep_in || !ep_out) {
5233 dev_printk(KERN_ERR, &interface->dev,
5234 "bulk endpoints missing\n");
5238 priv->rx_pipe = usb_rcvbulkpipe(priv->udev, ep_in->bEndpointAddress);
5239 priv->tx_pipe = usb_sndbulkpipe(priv->udev, ep_out->bEndpointAddress);
5241 priv->rx_urb = usb_alloc_urb(0, GFP_KERNEL);
5242 priv->tx_urb = usb_alloc_urb(0, GFP_KERNEL);
5243 if (!priv->rx_urb || !priv->tx_urb) {
5244 dev_printk(KERN_ERR, &interface->dev, "cannot allocate URB\n");
5248 buffer_size = sizeof(struct at76_tx_buffer) + MAX_PADDING_SIZE;
5249 priv->bulk_out_buffer = kmalloc(buffer_size, GFP_KERNEL);
5250 if (!priv->bulk_out_buffer) {
5251 dev_printk(KERN_ERR, &interface->dev,
5252 "cannot allocate output buffer\n");
5256 at76_dbg(DBG_PROC_ENTRY, "%s: EXIT", __func__);
5261 static const struct net_device_ops at76_netdev_ops = {
5262 .ndo_open = at76_open,
5263 .ndo_stop = at76_stop,
5264 .ndo_get_stats = at76_get_stats,
5265 .ndo_start_xmit = at76_tx,
5266 .ndo_tx_timeout = at76_tx_timeout,
5267 .ndo_set_multicast_list = at76_set_multicast,
5268 .ndo_set_mac_address = at76_set_mac_address,
5269 .ndo_validate_addr = eth_validate_addr,
5270 .ndo_change_mtu = eth_change_mtu,
5273 /* Register network device and initialize the hardware */
5274 static int at76_init_new_device(struct at76_priv *priv,
5275 struct usb_interface *interface)
5277 struct net_device *netdev = priv->netdev;
5280 /* set up the endpoint information */
5281 /* check out the endpoints */
5283 at76_dbg(DBG_DEVSTART, "USB interface: %d endpoints",
5284 interface->cur_altsetting->desc.bNumEndpoints);
5286 ret = at76_alloc_urbs(priv, interface);
5291 ret = at76_get_hw_config(priv);
5293 dev_printk(KERN_ERR, &interface->dev,
5294 "cannot get MAC address\n");
5298 priv->domain = at76_get_reg_domain(priv->regulatory_domain);
5299 /* init. netdev->dev_addr */
5300 memcpy(netdev->dev_addr, priv->mac_addr, ETH_ALEN);
5302 priv->channel = DEF_CHANNEL;
5303 priv->iw_mode = IW_MODE_INFRA;
5304 priv->rts_threshold = DEF_RTS_THRESHOLD;
5305 priv->frag_threshold = DEF_FRAG_THRESHOLD;
5306 priv->short_retry_limit = DEF_SHORT_RETRY_LIMIT;
5307 priv->txrate = TX_RATE_AUTO;
5308 priv->preamble_type = PREAMBLE_TYPE_LONG;
5309 priv->beacon_period = 100;
5310 priv->beacons_last_qual = jiffies;
5311 priv->auth_mode = WLAN_AUTH_OPEN;
5312 priv->scan_min_time = DEF_SCAN_MIN_TIME;
5313 priv->scan_max_time = DEF_SCAN_MAX_TIME;
5314 priv->scan_mode = SCAN_TYPE_ACTIVE;
5316 netdev->flags &= ~IFF_MULTICAST; /* not yet or never */
5317 netdev->netdev_ops = &at76_netdev_ops;
5318 netdev->ethtool_ops = &at76_ethtool_ops;
5320 /* Add pointers to enable iwspy support. */
5321 priv->wireless_data.spy_data = &priv->spy_data;
5322 #ifdef CONFIG_WIRELESS_EXT
5323 netdev->wireless_data = &priv->wireless_data;
5324 netdev->wireless_handlers = &at76_handler_def;
5327 netdev->watchdog_timeo = 2 * HZ;
5328 dev_alloc_name(netdev, "wlan%d");
5330 ret = register_netdev(priv->netdev);
5332 dev_printk(KERN_ERR, &interface->dev,
5333 "cannot register netdevice (status %d)!\n", ret);
5336 priv->netdev_registered = 1;
5338 printk(KERN_INFO "%s: USB %s, MAC %s, firmware %d.%d.%d-%d\n",
5339 netdev->name, dev_name(&interface->dev), mac2str(priv->mac_addr),
5340 priv->fw_version.major, priv->fw_version.minor,
5341 priv->fw_version.patch, priv->fw_version.build);
5342 printk(KERN_INFO "%s: regulatory domain 0x%02x: %s\n", netdev->name,
5343 priv->regulatory_domain, priv->domain->name);
5345 /* we let this timer run the whole time this driver instance lives */
5346 mod_timer(&priv->bss_list_timer, jiffies + BSS_LIST_TIMEOUT);
5352 static void at76_delete_device(struct at76_priv *priv)
5356 at76_dbg(DBG_PROC_ENTRY, "%s: ENTER", __func__);
5358 /* The device is gone, don't bother turning it off */
5359 priv->device_unplugged = 1;
5361 if (priv->netdev_registered)
5362 unregister_netdev(priv->netdev);
5364 /* assuming we used keventd, it must quiesce too */
5365 flush_scheduled_work();
5367 kfree(priv->bulk_out_buffer);
5370 usb_kill_urb(priv->tx_urb);
5371 usb_free_urb(priv->tx_urb);
5374 usb_kill_urb(priv->rx_urb);
5375 usb_free_urb(priv->rx_urb);
5378 at76_dbg(DBG_PROC_ENTRY, "%s: unlinked urbs", __func__);
5380 kfree_skb(priv->rx_skb);
5382 at76_free_bss_list(priv);
5383 del_timer_sync(&priv->bss_list_timer);
5384 cancel_delayed_work(&priv->dwork_get_scan);
5385 cancel_delayed_work(&priv->dwork_beacon);
5386 cancel_delayed_work(&priv->dwork_auth);
5387 cancel_delayed_work(&priv->dwork_assoc);
5389 if (priv->mac_state == MAC_CONNECTED)
5390 at76_iwevent_bss_disconnect(priv->netdev);
5392 for (i = 0; i < NR_RX_DATA_BUF; i++)
5393 if (priv->rx_data[i].skb) {
5394 dev_kfree_skb(priv->rx_data[i].skb);
5395 priv->rx_data[i].skb = NULL;
5397 usb_put_dev(priv->udev);
5399 at76_dbg(DBG_PROC_ENTRY, "%s: before freeing priv/netdev", __func__);
5400 free_netdev(priv->netdev); /* priv is in netdev */
5402 at76_dbg(DBG_PROC_ENTRY, "%s: EXIT", __func__);
5405 static int at76_probe(struct usb_interface *interface,
5406 const struct usb_device_id *id)
5409 struct at76_priv *priv;
5410 struct fwentry *fwe;
5411 struct usb_device *udev;
5413 int need_ext_fw = 0;
5414 struct mib_fw_version fwv;
5415 int board_type = (int)id->driver_info;
5417 udev = usb_get_dev(interface_to_usbdev(interface));
5419 /* Load firmware into kernel memory */
5420 fwe = at76_load_firmware(udev, board_type);
5426 op_mode = at76_get_op_mode(udev);
5428 at76_dbg(DBG_DEVSTART, "opmode %d", op_mode);
5430 /* we get OPMODE_NONE with 2.4.23, SMC2662W-AR ???
5431 we get 204 with 2.4.23, Fiberline FL-WL240u (505A+RFMD2958) ??? */
5433 if (op_mode == OPMODE_HW_CONFIG_MODE) {
5434 dev_printk(KERN_ERR, &interface->dev,
5435 "cannot handle a device in HW_CONFIG_MODE\n");
5440 if (op_mode != OPMODE_NORMAL_NIC_WITH_FLASH
5441 && op_mode != OPMODE_NORMAL_NIC_WITHOUT_FLASH) {
5442 /* download internal firmware part */
5443 dev_printk(KERN_DEBUG, &interface->dev,
5444 "downloading internal firmware\n");
5445 ret = at76_load_internal_fw(udev, fwe);
5447 dev_printk(KERN_ERR, &interface->dev,
5448 "error %d downloading internal firmware\n",
5456 /* Internal firmware already inside the device. Get firmware
5457 * version to test if external firmware is loaded.
5458 * This works only for newer firmware, e.g. the Intersil 0.90.x
5459 * says "control timeout on ep0in" and subsequent
5460 * at76_get_op_mode() fail too :-( */
5462 /* if version >= 0.100.x.y or device with built-in flash we can
5463 * query the device for the fw version */
5464 if ((fwe->fw_version.major > 0 || fwe->fw_version.minor >= 100)
5465 || (op_mode == OPMODE_NORMAL_NIC_WITH_FLASH)) {
5466 ret = at76_get_mib(udev, MIB_FW_VERSION, &fwv, sizeof(fwv));
5467 if (ret < 0 || (fwv.major | fwv.minor) == 0)
5470 /* No way to check firmware version, reload to be sure */
5474 dev_printk(KERN_DEBUG, &interface->dev,
5475 "downloading external firmware\n");
5477 ret = at76_load_external_fw(udev, fwe);
5481 /* Re-check firmware version */
5482 ret = at76_get_mib(udev, MIB_FW_VERSION, &fwv, sizeof(fwv));
5484 dev_printk(KERN_ERR, &interface->dev,
5485 "error %d getting firmware version\n", ret);
5490 priv = at76_alloc_new_device(udev);
5496 SET_NETDEV_DEV(priv->netdev, &interface->dev);
5497 usb_set_intfdata(interface, priv);
5499 memcpy(&priv->fw_version, &fwv, sizeof(struct mib_fw_version));
5500 priv->board_type = board_type;
5502 ret = at76_init_new_device(priv, interface);
5504 at76_delete_device(priv);
5513 static void at76_disconnect(struct usb_interface *interface)
5515 struct at76_priv *priv;
5517 priv = usb_get_intfdata(interface);
5518 usb_set_intfdata(interface, NULL);
5520 /* Disconnect after loading internal firmware */
5524 printk(KERN_INFO "%s: disconnecting\n", priv->netdev->name);
5525 at76_delete_device(priv);
5526 dev_printk(KERN_INFO, &interface->dev, "disconnected\n");
5529 /* Structure for registering this driver with the USB subsystem */
5530 static struct usb_driver at76_driver = {
5531 .name = DRIVER_NAME,
5532 .probe = at76_probe,
5533 .disconnect = at76_disconnect,
5534 .id_table = dev_table,
5537 static int __init at76_mod_init(void)
5541 printk(KERN_INFO DRIVER_DESC " " DRIVER_VERSION " loading\n");
5543 mutex_init(&fw_mutex);
5545 /* register this driver with the USB subsystem */
5546 result = usb_register(&at76_driver);
5548 printk(KERN_ERR DRIVER_NAME
5549 ": usb_register failed (status %d)\n", result);
5551 led_trigger_register_simple("at76_usb-tx", &ledtrig_tx);
5555 static void __exit at76_mod_exit(void)
5559 printk(KERN_INFO DRIVER_DESC " " DRIVER_VERSION " unloading\n");
5560 usb_deregister(&at76_driver);
5561 for (i = 0; i < ARRAY_SIZE(firmwares); i++) {
5562 if (firmwares[i].fw)
5563 release_firmware(firmwares[i].fw);
5565 led_trigger_unregister_simple(ledtrig_tx);
5568 module_param_named(debug, at76_debug, int, 0600);
5569 MODULE_PARM_DESC(debug, "Debugging level");
5571 module_init(at76_mod_init);
5572 module_exit(at76_mod_exit);
5574 MODULE_AUTHOR("Oliver Kurth <oku@masqmail.cx>");
5575 MODULE_AUTHOR("Joerg Albert <joerg.albert@gmx.de>");
5576 MODULE_AUTHOR("Alex <alex@foogod.com>");
5577 MODULE_AUTHOR("Nick Jones");
5578 MODULE_AUTHOR("Balint Seeber <n0_5p4m_p13453@hotmail.com>");
5579 MODULE_AUTHOR("Pavel Roskin <proski@gnu.org>");
5580 MODULE_DESCRIPTION(DRIVER_DESC);
5581 MODULE_LICENSE("GPL");