ipw2200.c 325 KB
Newer Older
1
/******************************************************************************
2

3
  Copyright(c) 2003 - 2006 Intel Corporation. All rights reserved.
4 5 6 7 8 9 10

  802.11 status code portion of this file from ethereal-0.10.6:
    Copyright 2000, Axis Communications AB
    Ethereal - Network traffic analyzer
    By Gerald Combs <gerald@ethereal.com>
    Copyright 1998 Gerald Combs

11 12
  This program is free software; you can redistribute it and/or modify it
  under the terms of version 2 of the GNU General Public License as
13
  published by the Free Software Foundation.
14 15 16 17

  This program is distributed in the hope that it will be useful, but WITHOUT
  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
18
  more details.
19

20
  You should have received a copy of the GNU General Public License along with
21
  this program; if not, write to the Free Software Foundation, Inc., 59
22
  Temple Place - Suite 330, Boston, MA  02111-1307, USA.
23

24 25
  The full GNU General Public License is included in this distribution in the
  file called LICENSE.
26

27 28 29 30 31 32 33
  Contact Information:
  James P. Ketrenos <ipw2100-admin@linux.intel.com>
  Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497

******************************************************************************/

#include "ipw2200.h"
34
#include <linux/version.h>
35

36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60

#ifndef KBUILD_EXTMOD
#define VK "k"
#else
#define VK
#endif

#ifdef CONFIG_IPW2200_DEBUG
#define VD "d"
#else
#define VD
#endif

#ifdef CONFIG_IPW2200_MONITOR
#define VM "m"
#else
#define VM
#endif

#ifdef CONFIG_IPW2200_PROMISCUOUS
#define VP "p"
#else
#define VP
#endif

61
#ifdef CONFIG_IPW2200_RADIOTAP
62 63 64 65 66 67 68 69 70 71 72
#define VR "r"
#else
#define VR
#endif

#ifdef CONFIG_IPW2200_QOS
#define VQ "q"
#else
#define VQ
#endif

73
#define IPW2200_VERSION "1.2.2" VK VD VM VP VR VQ
74
#define DRV_DESCRIPTION	"Intel(R) PRO/Wireless 2200/2915 Network Driver"
75
#define DRV_COPYRIGHT	"Copyright(c) 2003-2006 Intel Corporation"
76 77
#define DRV_VERSION     IPW2200_VERSION

78 79
#define ETH_P_80211_STATS (ETH_P_80211_RAW + 1)

80 81 82 83 84
MODULE_DESCRIPTION(DRV_DESCRIPTION);
MODULE_VERSION(DRV_VERSION);
MODULE_AUTHOR(DRV_COPYRIGHT);
MODULE_LICENSE("GPL");

85
static int cmdlog = 0;
86 87 88 89 90 91 92
static int debug = 0;
static int channel = 0;
static int mode = 0;

static u32 ipw_debug_level;
static int associate = 1;
static int auto_create = 1;
93
static int led = 0;
94
static int disable = 0;
95
static int bt_coexist = 0;
96
static int hwcrypto = 0;
97
static int roaming = 1;
98 99 100
static const char ipw_modes[] = {
	'a', 'b', 'g', '?'
};
101
static int antenna = CFG_SYS_ANTENNA_BOTH;
102

103 104 105 106 107
#ifdef CONFIG_IPW2200_PROMISCUOUS
static int rtap_iface = 0;     /* def: 0 -- do not create rtap interface */
#endif


108
#ifdef CONFIG_IPW2200_QOS
109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171
static int qos_enable = 0;
static int qos_burst_enable = 0;
static int qos_no_ack_mask = 0;
static int burst_duration_CCK = 0;
static int burst_duration_OFDM = 0;

static struct ieee80211_qos_parameters def_qos_parameters_OFDM = {
	{QOS_TX0_CW_MIN_OFDM, QOS_TX1_CW_MIN_OFDM, QOS_TX2_CW_MIN_OFDM,
	 QOS_TX3_CW_MIN_OFDM},
	{QOS_TX0_CW_MAX_OFDM, QOS_TX1_CW_MAX_OFDM, QOS_TX2_CW_MAX_OFDM,
	 QOS_TX3_CW_MAX_OFDM},
	{QOS_TX0_AIFS, QOS_TX1_AIFS, QOS_TX2_AIFS, QOS_TX3_AIFS},
	{QOS_TX0_ACM, QOS_TX1_ACM, QOS_TX2_ACM, QOS_TX3_ACM},
	{QOS_TX0_TXOP_LIMIT_OFDM, QOS_TX1_TXOP_LIMIT_OFDM,
	 QOS_TX2_TXOP_LIMIT_OFDM, QOS_TX3_TXOP_LIMIT_OFDM}
};

static struct ieee80211_qos_parameters def_qos_parameters_CCK = {
	{QOS_TX0_CW_MIN_CCK, QOS_TX1_CW_MIN_CCK, QOS_TX2_CW_MIN_CCK,
	 QOS_TX3_CW_MIN_CCK},
	{QOS_TX0_CW_MAX_CCK, QOS_TX1_CW_MAX_CCK, QOS_TX2_CW_MAX_CCK,
	 QOS_TX3_CW_MAX_CCK},
	{QOS_TX0_AIFS, QOS_TX1_AIFS, QOS_TX2_AIFS, QOS_TX3_AIFS},
	{QOS_TX0_ACM, QOS_TX1_ACM, QOS_TX2_ACM, QOS_TX3_ACM},
	{QOS_TX0_TXOP_LIMIT_CCK, QOS_TX1_TXOP_LIMIT_CCK, QOS_TX2_TXOP_LIMIT_CCK,
	 QOS_TX3_TXOP_LIMIT_CCK}
};

static struct ieee80211_qos_parameters def_parameters_OFDM = {
	{DEF_TX0_CW_MIN_OFDM, DEF_TX1_CW_MIN_OFDM, DEF_TX2_CW_MIN_OFDM,
	 DEF_TX3_CW_MIN_OFDM},
	{DEF_TX0_CW_MAX_OFDM, DEF_TX1_CW_MAX_OFDM, DEF_TX2_CW_MAX_OFDM,
	 DEF_TX3_CW_MAX_OFDM},
	{DEF_TX0_AIFS, DEF_TX1_AIFS, DEF_TX2_AIFS, DEF_TX3_AIFS},
	{DEF_TX0_ACM, DEF_TX1_ACM, DEF_TX2_ACM, DEF_TX3_ACM},
	{DEF_TX0_TXOP_LIMIT_OFDM, DEF_TX1_TXOP_LIMIT_OFDM,
	 DEF_TX2_TXOP_LIMIT_OFDM, DEF_TX3_TXOP_LIMIT_OFDM}
};

static struct ieee80211_qos_parameters def_parameters_CCK = {
	{DEF_TX0_CW_MIN_CCK, DEF_TX1_CW_MIN_CCK, DEF_TX2_CW_MIN_CCK,
	 DEF_TX3_CW_MIN_CCK},
	{DEF_TX0_CW_MAX_CCK, DEF_TX1_CW_MAX_CCK, DEF_TX2_CW_MAX_CCK,
	 DEF_TX3_CW_MAX_CCK},
	{DEF_TX0_AIFS, DEF_TX1_AIFS, DEF_TX2_AIFS, DEF_TX3_AIFS},
	{DEF_TX0_ACM, DEF_TX1_ACM, DEF_TX2_ACM, DEF_TX3_ACM},
	{DEF_TX0_TXOP_LIMIT_CCK, DEF_TX1_TXOP_LIMIT_CCK, DEF_TX2_TXOP_LIMIT_CCK,
	 DEF_TX3_TXOP_LIMIT_CCK}
};

static u8 qos_oui[QOS_OUI_LEN] = { 0x00, 0x50, 0xF2 };

static int from_priority_to_tx_queue[] = {
	IPW_TX_QUEUE_1, IPW_TX_QUEUE_2, IPW_TX_QUEUE_2, IPW_TX_QUEUE_1,
	IPW_TX_QUEUE_3, IPW_TX_QUEUE_3, IPW_TX_QUEUE_4, IPW_TX_QUEUE_4
};

static u32 ipw_qos_get_burst_duration(struct ipw_priv *priv);

static int ipw_send_qos_params_command(struct ipw_priv *priv, struct ieee80211_qos_parameters
				       *qos_param);
static int ipw_send_qos_info_command(struct ipw_priv *priv, struct ieee80211_qos_information_element
				     *qos_param);
172
#endif				/* CONFIG_IPW2200_QOS */
173

174
static struct iw_statistics *ipw_get_wireless_stats(struct net_device *dev);
175
static void ipw_remove_current_network(struct ipw_priv *priv);
176
static void ipw_rx(struct ipw_priv *priv);
177
static int ipw_queue_tx_reclaim(struct ipw_priv *priv,
178 179 180 181 182 183 184 185 186 187 188 189
				struct clx2_tx_queue *txq, int qindex);
static int ipw_queue_reset(struct ipw_priv *priv);

static int ipw_queue_tx_hcmd(struct ipw_priv *priv, int hcmd, void *buf,
			     int len, int sync);

static void ipw_tx_queue_free(struct ipw_priv *);

static struct ipw_rx_queue *ipw_rx_queue_alloc(struct ipw_priv *);
static void ipw_rx_queue_free(struct ipw_priv *, struct ipw_rx_queue *);
static void ipw_rx_queue_replenish(void *);
static int ipw_up(struct ipw_priv *);
190
static void ipw_bg_up(struct work_struct *work);
191
static void ipw_down(struct ipw_priv *);
192
static void ipw_bg_down(struct work_struct *work);
193
static int ipw_config(struct ipw_priv *);
194 195
static int init_supported_rates(struct ipw_priv *priv,
				struct ipw_supported_rates *prates);
196 197
static void ipw_set_hwcrypto_keys(struct ipw_priv *);
static void ipw_send_wep_keys(struct ipw_priv *, int);
198

199 200
static int snprint_line(char *buf, size_t count,
			const u8 * data, u32 len, u32 ofs)
201 202 203
{
	int out, i, j, l;
	char c;
204

205 206 207 208
	out = snprintf(buf, count, "%08X", ofs);

	for (l = 0, i = 0; i < 2; i++) {
		out += snprintf(buf + out, count - out, " ");
209 210
		for (j = 0; j < 8 && l < len; j++, l++)
			out += snprintf(buf + out, count - out, "%02X ",
211 212 213 214
					data[(i * 8 + j)]);
		for (; j < 8; j++)
			out += snprintf(buf + out, count - out, "   ");
	}
215

216 217 218 219 220 221 222
	out += snprintf(buf + out, count - out, " ");
	for (l = 0, i = 0; i < 2; i++) {
		out += snprintf(buf + out, count - out, " ");
		for (j = 0; j < 8 && l < len; j++, l++) {
			c = data[(i * 8 + j)];
			if (!isascii(c) || !isprint(c))
				c = '.';
223

224 225 226 227 228 229
			out += snprintf(buf + out, count - out, "%c", c);
		}

		for (; j < 8; j++)
			out += snprintf(buf + out, count - out, " ");
	}
230

231
	return out;
232 233
}

234
static void printk_buf(int level, const u8 * data, u32 len)
235 236 237 238 239 240 241
{
	char line[81];
	u32 ofs = 0;
	if (!(ipw_debug_level & level))
		return;

	while (len) {
242 243 244
		snprint_line(line, sizeof(line), &data[ofs],
			     min(len, 16U), ofs);
		printk(KERN_DEBUG "%s\n", line);
245 246 247 248 249
		ofs += 16;
		len -= min(len, 16U);
	}
}

250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268
static int snprintk_buf(u8 * output, size_t size, const u8 * data, size_t len)
{
	size_t out = size;
	u32 ofs = 0;
	int total = 0;

	while (size && len) {
		out = snprint_line(output, size, &data[ofs],
				   min_t(size_t, len, 16U), ofs);

		ofs += 16;
		output += out;
		size -= out;
		len -= min_t(size_t, len, 16U);
		total += out;
	}
	return total;
}

269
/* alias for 32-bit indirect read (for SRAM/reg above 4K), with debug wrapper */
270 271 272
static u32 _ipw_read_reg32(struct ipw_priv *priv, u32 reg);
#define ipw_read_reg32(a, b) _ipw_read_reg32(a, b)

273
/* alias for 8-bit indirect read (for SRAM/reg above 4K), with debug wrapper */
274 275 276
static u8 _ipw_read_reg8(struct ipw_priv *ipw, u32 reg);
#define ipw_read_reg8(a, b) _ipw_read_reg8(a, b)

277
/* 8-bit indirect write (for SRAM/reg above 4K), with debug wrapper */
278 279 280
static void _ipw_write_reg8(struct ipw_priv *priv, u32 reg, u8 value);
static inline void ipw_write_reg8(struct ipw_priv *a, u32 b, u8 c)
{
281 282
	IPW_DEBUG_IO("%s %d: write_indirect8(0x%08X, 0x%08X)\n", __FILE__,
		     __LINE__, (u32) (b), (u32) (c));
283 284 285
	_ipw_write_reg8(a, b, c);
}

286
/* 16-bit indirect write (for SRAM/reg above 4K), with debug wrapper */
287 288 289
static void _ipw_write_reg16(struct ipw_priv *priv, u32 reg, u16 value);
static inline void ipw_write_reg16(struct ipw_priv *a, u32 b, u16 c)
{
290 291
	IPW_DEBUG_IO("%s %d: write_indirect16(0x%08X, 0x%08X)\n", __FILE__,
		     __LINE__, (u32) (b), (u32) (c));
292 293 294
	_ipw_write_reg16(a, b, c);
}

295
/* 32-bit indirect write (for SRAM/reg above 4K), with debug wrapper */
296 297 298
static void _ipw_write_reg32(struct ipw_priv *priv, u32 reg, u32 value);
static inline void ipw_write_reg32(struct ipw_priv *a, u32 b, u32 c)
{
299 300
	IPW_DEBUG_IO("%s %d: write_indirect32(0x%08X, 0x%08X)\n", __FILE__,
		     __LINE__, (u32) (b), (u32) (c));
301 302 303
	_ipw_write_reg32(a, b, c);
}

304
/* 8-bit direct write (low 4K) */
305
#define _ipw_write8(ipw, ofs, val) writeb((val), (ipw)->hw_base + (ofs))
306 307

/* 8-bit direct write (for low 4K of SRAM/regs), with debug wrapper */
308 309 310 311
#define ipw_write8(ipw, ofs, val) \
 IPW_DEBUG_IO("%s %d: write_direct8(0x%08X, 0x%08X)\n", __FILE__, __LINE__, (u32)(ofs), (u32)(val)); \
 _ipw_write8(ipw, ofs, val)

312
/* 16-bit direct write (low 4K) */
313
#define _ipw_write16(ipw, ofs, val) writew((val), (ipw)->hw_base + (ofs))
314 315

/* 16-bit direct write (for low 4K of SRAM/regs), with debug wrapper */
316 317 318 319
#define ipw_write16(ipw, ofs, val) \
 IPW_DEBUG_IO("%s %d: write_direct16(0x%08X, 0x%08X)\n", __FILE__, __LINE__, (u32)(ofs), (u32)(val)); \
 _ipw_write16(ipw, ofs, val)

320
/* 32-bit direct write (low 4K) */
321
#define _ipw_write32(ipw, ofs, val) writel((val), (ipw)->hw_base + (ofs))
322 323

/* 32-bit direct write (for low 4K of SRAM/regs), with debug wrapper */
324 325 326 327
#define ipw_write32(ipw, ofs, val) \
 IPW_DEBUG_IO("%s %d: write_direct32(0x%08X, 0x%08X)\n", __FILE__, __LINE__, (u32)(ofs), (u32)(val)); \
 _ipw_write32(ipw, ofs, val)

328
/* 8-bit direct read (low 4K) */
329
#define _ipw_read8(ipw, ofs) readb((ipw)->hw_base + (ofs))
330 331

/* 8-bit direct read (low 4K), with debug wrapper */
332 333 334
static inline u8 __ipw_read8(char *f, u32 l, struct ipw_priv *ipw, u32 ofs)
{
	IPW_DEBUG_IO("%s %d: read_direct8(0x%08X)\n", f, l, (u32) (ofs));
335 336
	return _ipw_read8(ipw, ofs);
}
337

338
/* alias to 8-bit direct read (low 4K of SRAM/regs), with debug wrapper */
339 340
#define ipw_read8(ipw, ofs) __ipw_read8(__FILE__, __LINE__, ipw, ofs)

341
/* 16-bit direct read (low 4K) */
342
#define _ipw_read16(ipw, ofs) readw((ipw)->hw_base + (ofs))
343 344

/* 16-bit direct read (low 4K), with debug wrapper */
345 346 347
static inline u16 __ipw_read16(char *f, u32 l, struct ipw_priv *ipw, u32 ofs)
{
	IPW_DEBUG_IO("%s %d: read_direct16(0x%08X)\n", f, l, (u32) (ofs));
348 349
	return _ipw_read16(ipw, ofs);
}
350

351
/* alias to 16-bit direct read (low 4K of SRAM/regs), with debug wrapper */
352 353
#define ipw_read16(ipw, ofs) __ipw_read16(__FILE__, __LINE__, ipw, ofs)

354
/* 32-bit direct read (low 4K) */
355
#define _ipw_read32(ipw, ofs) readl((ipw)->hw_base + (ofs))
356 357

/* 32-bit direct read (low 4K), with debug wrapper */
358 359 360
static inline u32 __ipw_read32(char *f, u32 l, struct ipw_priv *ipw, u32 ofs)
{
	IPW_DEBUG_IO("%s %d: read_direct32(0x%08X)\n", f, l, (u32) (ofs));
361 362
	return _ipw_read32(ipw, ofs);
}
363

364
/* alias to 32-bit direct read (low 4K of SRAM/regs), with debug wrapper */
365 366
#define ipw_read32(ipw, ofs) __ipw_read32(__FILE__, __LINE__, ipw, ofs)

367
/* multi-byte read (above 4K), with debug wrapper */
368
static void _ipw_read_indirect(struct ipw_priv *, u32, u8 *, int);
369 370 371 372 373 374 375 376
static inline void __ipw_read_indirect(const char *f, int l,
				       struct ipw_priv *a, u32 b, u8 * c, int d)
{
	IPW_DEBUG_IO("%s %d: read_indirect(0x%08X) %d bytes\n", f, l, (u32) (b),
		     d);
	_ipw_read_indirect(a, b, c, d);
}

377
/* alias to multi-byte read (SRAM/regs above 4K), with debug wrapper */
378
#define ipw_read_indirect(a, b, c, d) __ipw_read_indirect(__FILE__, __LINE__, a, b, c, d)
379

380
/* alias to multi-byte read (SRAM/regs above 4K), with debug wrapper */
381 382
static void _ipw_write_indirect(struct ipw_priv *priv, u32 addr, u8 * data,
				int num);
383 384
#define ipw_write_indirect(a, b, c, d) \
	IPW_DEBUG_IO("%s %d: write_indirect(0x%08X) %d bytes\n", __FILE__, __LINE__, (u32)(b), d); \
385
	_ipw_write_indirect(a, b, c, d)
386

387
/* 32-bit indirect write (above 4K) */
388
static void _ipw_write_reg32(struct ipw_priv *priv, u32 reg, u32 value)
389
{
390
	IPW_DEBUG_IO(" %p : reg = 0x%8X : value = 0x%8X\n", priv, reg, value);
391 392
	_ipw_write32(priv, IPW_INDIRECT_ADDR, reg);
	_ipw_write32(priv, IPW_INDIRECT_DATA, value);
393 394
}

395
/* 8-bit indirect write (above 4K) */
396 397
static void _ipw_write_reg8(struct ipw_priv *priv, u32 reg, u8 value)
{
398
	u32 aligned_addr = reg & IPW_INDIRECT_ADDR_MASK;	/* dword align */
399 400
	u32 dif_len = reg - aligned_addr;

401
	IPW_DEBUG_IO(" reg = 0x%8X : value = 0x%8X\n", reg, value);
402 403
	_ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
	_ipw_write8(priv, IPW_INDIRECT_DATA + dif_len, value);
404 405
}

406
/* 16-bit indirect write (above 4K) */
407
static void _ipw_write_reg16(struct ipw_priv *priv, u32 reg, u16 value)
408
{
409
	u32 aligned_addr = reg & IPW_INDIRECT_ADDR_MASK;	/* dword align */
410 411
	u32 dif_len = (reg - aligned_addr) & (~0x1ul);

412
	IPW_DEBUG_IO(" reg = 0x%8X : value = 0x%8X\n", reg, value);
413 414
	_ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
	_ipw_write16(priv, IPW_INDIRECT_DATA + dif_len, value);
415 416
}

417
/* 8-bit indirect read (above 4K) */
418 419 420
static u8 _ipw_read_reg8(struct ipw_priv *priv, u32 reg)
{
	u32 word;
421
	_ipw_write32(priv, IPW_INDIRECT_ADDR, reg & IPW_INDIRECT_ADDR_MASK);
422
	IPW_DEBUG_IO(" reg = 0x%8X : \n", reg);
423
	word = _ipw_read32(priv, IPW_INDIRECT_DATA);
424
	return (word >> ((reg & 0x3) * 8)) & 0xff;
425 426
}

427
/* 32-bit indirect read (above 4K) */
428 429 430 431 432 433
static u32 _ipw_read_reg32(struct ipw_priv *priv, u32 reg)
{
	u32 value;

	IPW_DEBUG_IO("%p : reg = 0x%08x\n", priv, reg);

434 435
	_ipw_write32(priv, IPW_INDIRECT_ADDR, reg);
	value = _ipw_read32(priv, IPW_INDIRECT_DATA);
436 437 438 439
	IPW_DEBUG_IO(" reg = 0x%4X : value = 0x%4x \n", reg, value);
	return value;
}

440 441
/* General purpose, no alignment requirement, iterative (multi-byte) read, */
/*    for area above 1st 4K of SRAM/reg space */
442 443 444
static void _ipw_read_indirect(struct ipw_priv *priv, u32 addr, u8 * buf,
			       int num)
{
445
	u32 aligned_addr = addr & IPW_INDIRECT_ADDR_MASK;	/* dword align */
446 447
	u32 dif_len = addr - aligned_addr;
	u32 i;
448

449 450
	IPW_DEBUG_IO("addr = %i, buf = %p, num = %i\n", addr, buf, num);

451 452 453 454
	if (num <= 0) {
		return;
	}

455
	/* Read the first dword (or portion) byte by byte */
456
	if (unlikely(dif_len)) {
457
		_ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
458
		/* Start reading at aligned_addr + dif_len */
459
		for (i = dif_len; ((i < 4) && (num > 0)); i++, num--)
460
			*buf++ = _ipw_read8(priv, IPW_INDIRECT_DATA + i);
461 462 463
		aligned_addr += 4;
	}

464
	/* Read all of the middle dwords as dwords, with auto-increment */
465
	_ipw_write32(priv, IPW_AUTOINC_ADDR, aligned_addr);
466
	for (; num >= 4; buf += 4, aligned_addr += 4, num -= 4)
467
		*(u32 *) buf = _ipw_read32(priv, IPW_AUTOINC_DATA);
468

469
	/* Read the last dword (or portion) byte by byte */
470
	if (unlikely(num)) {
471
		_ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
472
		for (i = 0; num > 0; i++, num--)
473
			*buf++ = ipw_read8(priv, IPW_INDIRECT_DATA + i);
474
	}
475 476
}

477 478
/* General purpose, no alignment requirement, iterative (multi-byte) write, */
/*    for area above 1st 4K of SRAM/reg space */
479
static void _ipw_write_indirect(struct ipw_priv *priv, u32 addr, u8 * buf,
480 481
				int num)
{
482
	u32 aligned_addr = addr & IPW_INDIRECT_ADDR_MASK;	/* dword align */
483 484
	u32 dif_len = addr - aligned_addr;
	u32 i;
485

486
	IPW_DEBUG_IO("addr = %i, buf = %p, num = %i\n", addr, buf, num);
487

488 489 490 491
	if (num <= 0) {
		return;
	}

492
	/* Write the first dword (or portion) byte by byte */
493
	if (unlikely(dif_len)) {
494
		_ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
495
		/* Start writing at aligned_addr + dif_len */
496
		for (i = dif_len; ((i < 4) && (num > 0)); i++, num--, buf++)
497
			_ipw_write8(priv, IPW_INDIRECT_DATA + i, *buf);
498 499
		aligned_addr += 4;
	}
500

501
	/* Write all of the middle dwords as dwords, with auto-increment */
502
	_ipw_write32(priv, IPW_AUTOINC_ADDR, aligned_addr);
503
	for (; num >= 4; buf += 4, aligned_addr += 4, num -= 4)
504
		_ipw_write32(priv, IPW_AUTOINC_DATA, *(u32 *) buf);
505

506
	/* Write the last dword (or portion) byte by byte */
507
	if (unlikely(num)) {
508
		_ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
509
		for (i = 0; num > 0; i++, num--, buf++)
510
			_ipw_write8(priv, IPW_INDIRECT_DATA + i, *buf);
511
	}
512 513
}

514 515
/* General purpose, no alignment requirement, iterative (multi-byte) write, */
/*    for 1st 4K of SRAM/regs space */
516
static void ipw_write_direct(struct ipw_priv *priv, u32 addr, void *buf,
517 518 519 520 521
			     int num)
{
	memcpy_toio((priv->hw_base + addr), buf, num);
}

522
/* Set bit(s) in low 4K of SRAM/regs */
523 524 525 526 527
static inline void ipw_set_bit(struct ipw_priv *priv, u32 reg, u32 mask)
{
	ipw_write32(priv, reg, ipw_read32(priv, reg) | mask);
}

528
/* Clear bit(s) in low 4K of SRAM/regs */
529 530 531 532 533
static inline void ipw_clear_bit(struct ipw_priv *priv, u32 reg, u32 mask)
{
	ipw_write32(priv, reg, ipw_read32(priv, reg) & ~mask);
}

Zhu Yi's avatar
Zhu Yi committed
534
static inline void __ipw_enable_interrupts(struct ipw_priv *priv)
535 536 537 538
{
	if (priv->status & STATUS_INT_ENABLED)
		return;
	priv->status |= STATUS_INT_ENABLED;
539
	ipw_write32(priv, IPW_INTA_MASK_R, IPW_INTA_MASK_ALL);
540 541
}

Zhu Yi's avatar
Zhu Yi committed
542
static inline void __ipw_disable_interrupts(struct ipw_priv *priv)
543 544 545 546
{
	if (!(priv->status & STATUS_INT_ENABLED))
		return;
	priv->status &= ~STATUS_INT_ENABLED;
547
	ipw_write32(priv, IPW_INTA_MASK_R, ~IPW_INTA_MASK_ALL);
548 549
}

Zhu Yi's avatar
Zhu Yi committed
550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567
static inline void ipw_enable_interrupts(struct ipw_priv *priv)
{
	unsigned long flags;

	spin_lock_irqsave(&priv->irq_lock, flags);
	__ipw_enable_interrupts(priv);
	spin_unlock_irqrestore(&priv->irq_lock, flags);
}

static inline void ipw_disable_interrupts(struct ipw_priv *priv)
{
	unsigned long flags;

	spin_lock_irqsave(&priv->irq_lock, flags);
	__ipw_disable_interrupts(priv);
	spin_unlock_irqrestore(&priv->irq_lock, flags);
}

568 569 570
static char *ipw_error_desc(u32 val)
{
	switch (val) {
571
	case IPW_FW_ERROR_OK:
572
		return "ERROR_OK";
573
	case IPW_FW_ERROR_FAIL:
574
		return "ERROR_FAIL";
575
	case IPW_FW_ERROR_MEMORY_UNDERFLOW:
576
		return "MEMORY_UNDERFLOW";
577
	case IPW_FW_ERROR_MEMORY_OVERFLOW:
578
		return "MEMORY_OVERFLOW";
579
	case IPW_FW_ERROR_BAD_PARAM:
580
		return "BAD_PARAM";
581
	case IPW_FW_ERROR_BAD_CHECKSUM:
582
		return "BAD_CHECKSUM";
583
	case IPW_FW_ERROR_NMI_INTERRUPT:
584
		return "NMI_INTERRUPT";
585
	case IPW_FW_ERROR_BAD_DATABASE:
586
		return "BAD_DATABASE";
587
	case IPW_FW_ERROR_ALLOC_FAIL:
588
		return "ALLOC_FAIL";
589
	case IPW_FW_ERROR_DMA_UNDERRUN:
590
		return "DMA_UNDERRUN";
591
	case IPW_FW_ERROR_DMA_STATUS:
592 593 594 595 596
		return "DMA_STATUS";
	case IPW_FW_ERROR_DINO_ERROR:
		return "DINO_ERROR";
	case IPW_FW_ERROR_EEPROM_ERROR:
		return "EEPROM_ERROR";
597
	case IPW_FW_ERROR_SYSASSERT:
598
		return "SYSASSERT";
599
	case IPW_FW_ERROR_FATAL_ERROR:
600
		return "FATAL_ERROR";
601
	default:
602
		return "UNKNOWN_ERROR";
603 604 605
	}
}

606 607
static void ipw_dump_error_log(struct ipw_priv *priv,
			       struct ipw_fw_error *error)
608
{
609
	u32 i;
610

611 612 613 614
	if (!error) {
		IPW_ERROR("Error allocating and capturing error log.  "
			  "Nothing to dump.\n");
		return;
615 616
	}

617 618 619
	IPW_ERROR("Start IPW Error Log Dump:\n");
	IPW_ERROR("Status: 0x%08X, Config: %08X\n",
		  error->status, error->config);
620

621
	for (i = 0; i < error->elem_len; i++)
622
		IPW_ERROR("%s %i 0x%08x  0x%08x  0x%08x  0x%08x  0x%08x\n",
623 624 625 626 627 628 629 630 631
			  ipw_error_desc(error->elem[i].desc),
			  error->elem[i].time,
			  error->elem[i].blink1,
			  error->elem[i].blink2,
			  error->elem[i].link1,
			  error->elem[i].link2, error->elem[i].data);
	for (i = 0; i < error->log_len; i++)
		IPW_ERROR("%i\t0x%08x\t%i\n",
			  error->log[i].time,
632
			  error->log[i].data, error->log[i].event);
633 634
}

635
static inline int ipw_is_init(struct ipw_priv *priv)
636
{
637
	return (priv->status & STATUS_INIT) ? 1 : 0;
638 639
}

640
static int ipw_get_ordinal(struct ipw_priv *priv, u32 ord, void *val, u32 * len)
641 642 643 644 645 646 647 648 649
{
	u32 addr, field_info, field_len, field_count, total_len;

	IPW_DEBUG_ORD("ordinal = %i\n", ord);

	if (!priv || !val || !len) {
		IPW_DEBUG_ORD("Invalid argument\n");
		return -EINVAL;
	}
650

651 652 653 654 655 656 657 658 659 660 661
	/* verify device ordinal tables have been initialized */
	if (!priv->table0_addr || !priv->table1_addr || !priv->table2_addr) {
		IPW_DEBUG_ORD("Access ordinals before initialization\n");
		return -EINVAL;
	}

	switch (IPW_ORD_TABLE_ID_MASK & ord) {
	case IPW_ORD_TABLE_0_MASK:
		/*
		 * TABLE 0: Direct access to a table of 32 bit values
		 *
662
		 * This is a very simple table with the data directly
663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678
		 * read from the table
		 */

		/* remove the table id from the ordinal */
		ord &= IPW_ORD_TABLE_VALUE_MASK;

		/* boundary check */
		if (ord > priv->table0_len) {
			IPW_DEBUG_ORD("ordinal value (%i) longer then "
				      "max (%i)\n", ord, priv->table0_len);
			return -EINVAL;
		}

		/* verify we have enough room to store the value */
		if (*len < sizeof(u32)) {
			IPW_DEBUG_ORD("ordinal buffer length too small, "
679
				      "need %zd\n", sizeof(u32));
680 681 682 683
			return -EINVAL;
		}

		IPW_DEBUG_ORD("Reading TABLE0[%i] from offset 0x%08x\n",
684
			      ord, priv->table0_addr + (ord << 2));
685 686 687

		*len = sizeof(u32);
		ord <<= 2;
688
		*((u32 *) val) = ipw_read32(priv, priv->table0_addr + ord);
689 690 691 692 693
		break;

	case IPW_ORD_TABLE_1_MASK:
		/*
		 * TABLE 1: Indirect access to a table of 32 bit values
694 695
		 *
		 * This is a fairly large table of u32 values each
696 697 698 699 700 701
		 * representing starting addr for the data (which is
		 * also a u32)
		 */

		/* remove the table id from the ordinal */
		ord &= IPW_ORD_TABLE_VALUE_MASK;
702

703 704 705 706 707 708 709 710 711
		/* boundary check */
		if (ord > priv->table1_len) {
			IPW_DEBUG_ORD("ordinal value too long\n");
			return -EINVAL;
		}

		/* verify we have enough room to store the value */
		if (*len < sizeof(u32)) {
			IPW_DEBUG_ORD("ordinal buffer length too small, "
712
				      "need %zd\n", sizeof(u32));
713 714 715
			return -EINVAL;
		}

716 717
		*((u32 *) val) =
		    ipw_read_reg32(priv, (priv->table1_addr + (ord << 2)));
718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741
		*len = sizeof(u32);
		break;

	case IPW_ORD_TABLE_2_MASK:
		/*
		 * TABLE 2: Indirect access to a table of variable sized values
		 *
		 * This table consist of six values, each containing
		 *     - dword containing the starting offset of the data
		 *     - dword containing the lengh in the first 16bits
		 *       and the count in the second 16bits
		 */

		/* remove the table id from the ordinal */
		ord &= IPW_ORD_TABLE_VALUE_MASK;

		/* boundary check */
		if (ord > priv->table2_len) {
			IPW_DEBUG_ORD("ordinal value too long\n");
			return -EINVAL;
		}

		/* get the address of statistic */
		addr = ipw_read_reg32(priv, priv->table2_addr + (ord << 3));
742 743

		/* get the second DW of statistics ;
744
		 * two 16-bit words - first is length, second is count */
745 746 747 748
		field_info =
		    ipw_read_reg32(priv,
				   priv->table2_addr + (ord << 3) +
				   sizeof(u32));
749

750
		/* get each entry length */
751
		field_len = *((u16 *) & field_info);
752

753
		/* get number of entries */
754
		field_count = *(((u16 *) & field_info) + 1);
755

756 757 758 759 760 761
		/* abort if not enought memory */
		total_len = field_len * field_count;
		if (total_len > *len) {
			*len = total_len;
			return -EINVAL;
		}
762

763 764 765 766 767
		*len = total_len;
		if (!total_len)
			return 0;

		IPW_DEBUG_ORD("addr = 0x%08x, total_len = %i, "
768
			      "field_info = 0x%08x\n",
769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784
			      addr, total_len, field_info);
		ipw_read_indirect(priv, addr, val, total_len);
		break;

	default:
		IPW_DEBUG_ORD("Invalid ordinal!\n");
		return -EINVAL;

	}

	return 0;
}

static void ipw_init_ordinals(struct ipw_priv *priv)
{
	priv->table0_addr = IPW_ORDINALS_TABLE_LOWER;
785
	priv->table0_len = ipw_read32(priv, priv->table0_addr);
786 787 788 789 790 791 792 793 794 795 796 797

	IPW_DEBUG_ORD("table 0 offset at 0x%08x, len = %i\n",
		      priv->table0_addr, priv->table0_len);

	priv->table1_addr = ipw_read32(priv, IPW_ORDINALS_TABLE_1);
	priv->table1_len = ipw_read_reg32(priv, priv->table1_addr);

	IPW_DEBUG_ORD("table 1 offset at 0x%08x, len = %i\n",
		      priv->table1_addr, priv->table1_len);

	priv->table2_addr = ipw_read32(priv, IPW_ORDINALS_TABLE_2);
	priv->table2_len = ipw_read_reg32(priv, priv->table2_addr);
798
	priv->table2_len &= 0x0000ffff;	/* use first two bytes */
799 800 801 802 803 804

	IPW_DEBUG_ORD("table 2 offset at 0x%08x, len = %i\n",
		      priv->table2_addr, priv->table2_len);

}

805
static u32 ipw_register_toggle(u32 reg)
806
{
807 808 809 810 811 812 813
	reg &= ~IPW_START_STANDBY;
	if (reg & IPW_GATE_ODMA)
		reg &= ~IPW_GATE_ODMA;
	if (reg & IPW_GATE_IDMA)
		reg &= ~IPW_GATE_IDMA;
	if (reg & IPW_GATE_ADMA)
		reg &= ~IPW_GATE_ADMA;
814 815 816 817 818 819 820 821 822 823 824 825
	return reg;
}

/*
 * LED behavior:
 * - On radio ON, turn on any LEDs that require to be on during start
 * - On initialization, start unassociated blink
 * - On association, disable unassociated blink
 * - On disassociation, start unassociated blink
 * - On radio OFF, turn off any LEDs started during radio on
 *
 */
826 827 828
#define LD_TIME_LINK_ON msecs_to_jiffies(300)
#define LD_TIME_LINK_OFF msecs_to_jiffies(2700)
#define LD_TIME_ACT_ON msecs_to_jiffies(250)
829

830
static void ipw_led_link_on(struct ipw_priv *priv)
831 832 833 834 835 836 837 838 839 840 841 842 843 844
{
	unsigned long flags;
	u32 led;

	/* If configured to not use LEDs, or nic_type is 1,
	 * then we don't toggle a LINK led */
	if (priv->config & CFG_NO_LED || priv->nic_type == EEPROM_NIC_TYPE_1)
		return;

	spin_lock_irqsave(&priv->lock, flags);

	if (!(priv->status & STATUS_RF_KILL_MASK) &&
	    !(priv->status & STATUS_LED_LINK_ON)) {
		IPW_DEBUG_LED("Link LED On\n");
845
		led = ipw_read_reg32(priv, IPW_EVENT_REG);
846 847 848 849 850
		led |= priv->led_association_on;

		led = ipw_register_toggle(led);

		IPW_DEBUG_LED("Reg: 0x%08X\n", led);
851
		ipw_write_reg32(priv, IPW_EVENT_REG, led);
852 853 854 855 856 857 858 859 860 861 862 863 864

		priv->status |= STATUS_LED_LINK_ON;

		/* If we aren't associated, schedule turning the LED off */
		if (!(priv->status & STATUS_ASSOCIATED))
			queue_delayed_work(priv->workqueue,
					   &priv->led_link_off,
					   LD_TIME_LINK_ON);
	}

	spin_unlock_irqrestore(&priv->lock, flags);
}

865
static void ipw_bg_led_link_on(struct work_struct *work)
866
{
867 868
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, led_link_on.work);
869
	mutex_lock(&priv->mutex);
870
	ipw_led_link_on(priv);
871
	mutex_unlock(&priv->mutex);
872 873
}

874
static void ipw_led_link_off(struct ipw_priv *priv)
875 876 877 878 879 880 881 882 883 884 885 886
{
	unsigned long flags;
	u32 led;

	/* If configured not to use LEDs, or nic type is 1,
	 * then we don't goggle the LINK led. */
	if (priv->config & CFG_NO_LED || priv->nic_type == EEPROM_NIC_TYPE_1)
		return;

	spin_lock_irqsave(&priv->lock, flags);

	if (priv->status & STATUS_LED_LINK_ON) {
887
		led = ipw_read_reg32(priv, IPW_EVENT_REG);
888 889 890 891
		led &= priv->led_association_off;
		led = ipw_register_toggle(led);

		IPW_DEBUG_LED("Reg: 0x%08X\n", led);
892
		ipw_write_reg32(priv, IPW_EVENT_REG, led);
893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909

		IPW_DEBUG_LED("Link LED Off\n");

		priv->status &= ~STATUS_LED_LINK_ON;

		/* If we aren't associated and the radio is on, schedule
		 * turning the LED on (blink while unassociated) */
		if (!(priv->status & STATUS_RF_KILL_MASK) &&
		    !(priv->status & STATUS_ASSOCIATED))
			queue_delayed_work(priv->workqueue, &priv->led_link_on,
					   LD_TIME_LINK_OFF);

	}

	spin_unlock_irqrestore(&priv->lock, flags);
}

910
static void ipw_bg_led_link_off(struct work_struct *work)
911
{
912 913
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, led_link_off.work);
914
	mutex_lock(&priv->mutex);
915
	ipw_led_link_off(priv);
916
	mutex_unlock(&priv->mutex);
917 918
}

919
static void __ipw_led_activity_on(struct ipw_priv *priv)
920 921 922 923 924 925
{
	u32 led;

	if (priv->config & CFG_NO_LED)
		return;

926
	if (priv->status & STATUS_RF_KILL_MASK)
927 928 929
		return;

	if (!(priv->status & STATUS_LED_ACT_ON)) {
930
		led = ipw_read_reg32(priv, IPW_EVENT_REG);
931 932 933 934 935
		led |= priv->led_activity_on;

		led = ipw_register_toggle(led);

		IPW_DEBUG_LED("Reg: 0x%08X\n", led);
936
		ipw_write_reg32(priv, IPW_EVENT_REG, led);
937 938 939 940 941

		IPW_DEBUG_LED("Activity LED On\n");

		priv->status |= STATUS_LED_ACT_ON;

942
		cancel_delayed_work(&priv->led_act_off);
943 944 945 946 947 948 949 950
		queue_delayed_work(priv->workqueue, &priv->led_act_off,
				   LD_TIME_ACT_ON);
	} else {
		/* Reschedule LED off for full time period */
		cancel_delayed_work(&priv->led_act_off);
		queue_delayed_work(priv->workqueue, &priv->led_act_off,
				   LD_TIME_ACT_ON);
	}
951
}
952

953
#if 0
954 955 956 957 958
void ipw_led_activity_on(struct ipw_priv *priv)
{
	unsigned long flags;
	spin_lock_irqsave(&priv->lock, flags);
	__ipw_led_activity_on(priv);
959 960
	spin_unlock_irqrestore(&priv->lock, flags);
}
961
#endif  /*  0  */
962

963
static void ipw_led_activity_off(struct ipw_priv *priv)
964 965 966 967 968 969 970 971 972 973
{
	unsigned long flags;
	u32 led;

	if (priv->config & CFG_NO_LED)
		return;

	spin_lock_irqsave(&priv->lock, flags);

	if (priv->status & STATUS_LED_ACT_ON) {
974
		led = ipw_read_reg32(priv, IPW_EVENT_REG);
975 976 977 978 979
		led &= priv->led_activity_off;

		led = ipw_register_toggle(led);

		IPW_DEBUG_LED("Reg: 0x%08X\n", led);
980
		ipw_write_reg32(priv, IPW_EVENT_REG, led);
981 982 983 984 985 986 987 988 989

		IPW_DEBUG_LED("Activity LED Off\n");

		priv->status &= ~STATUS_LED_ACT_ON;
	}

	spin_unlock_irqrestore(&priv->lock, flags);
}

990
static void ipw_bg_led_activity_off(struct work_struct *work)
991
{
992 993
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, led_act_off.work);
994
	mutex_lock(&priv->mutex);
995
	ipw_led_activity_off(priv);
996
	mutex_unlock(&priv->mutex);
997 998
}

999
static void ipw_led_band_on(struct ipw_priv *priv)
1000 1001 1002 1003 1004
{
	unsigned long flags;
	u32 led;

	/* Only nic type 1 supports mode LEDs */
1005 1006
	if (priv->config & CFG_NO_LED ||
	    priv->nic_type != EEPROM_NIC_TYPE_1 || !priv->assoc_network)
1007 1008 1009 1010
		return;

	spin_lock_irqsave(&priv->lock, flags);

1011
	led = ipw_read_reg32(priv, IPW_EVENT_REG);
1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028
	if (priv->assoc_network->mode == IEEE_A) {
		led |= priv->led_ofdm_on;
		led &= priv->led_association_off;
		IPW_DEBUG_LED("Mode LED On: 802.11a\n");
	} else if (priv->assoc_network->mode == IEEE_G) {
		led |= priv->led_ofdm_on;
		led |= priv->led_association_on;
		IPW_DEBUG_LED("Mode LED On: 802.11g\n");
	} else {
		led &= priv->led_ofdm_off;
		led |= priv->led_association_on;
		IPW_DEBUG_LED("Mode LED On: 802.11b\n");
	}

	led = ipw_register_toggle(led);

	IPW_DEBUG_LED("Reg: 0x%08X\n", led);
1029
	ipw_write_reg32(priv, IPW_EVENT_REG, led);
1030 1031 1032 1033

	spin_unlock_irqrestore(&priv->lock, flags);
}

1034
static void ipw_led_band_off(struct ipw_priv *priv)
1035 1036 1037 1038 1039 1040 1041 1042 1043 1044
{
	unsigned long flags;
	u32 led;

	/* Only nic type 1 supports mode LEDs */
	if (priv->config & CFG_NO_LED || priv->nic_type != EEPROM_NIC_TYPE_1)
		return;

	spin_lock_irqsave(&priv->lock, flags);

1045
	led = ipw_read_reg32(priv, IPW_EVENT_REG);
1046 1047 1048 1049 1050 1051
	led &= priv->led_ofdm_off;
	led &= priv->led_association_off;

	led = ipw_register_toggle(led);

	IPW_DEBUG_LED("Reg: 0x%08X\n", led);
1052
	ipw_write_reg32(priv, IPW_EVENT_REG, led);
1053 1054 1055 1056

	spin_unlock_irqrestore(&priv->lock, flags);
}

1057
static void ipw_led_radio_on(struct ipw_priv *priv)
1058 1059 1060 1061
{
	ipw_led_link_on(priv);
}

1062
static void ipw_led_radio_off(struct ipw_priv *priv)
1063 1064 1065 1066 1067
{
	ipw_led_activity_off(priv);
	ipw_led_link_off(priv);
}

1068
static void ipw_led_link_up(struct ipw_priv *priv)
1069 1070 1071 1072 1073
{
	/* Set the Link Led on for all nic types */
	ipw_led_link_on(priv);
}

1074
static void ipw_led_link_down(struct ipw_priv *priv)
1075 1076 1077 1078 1079 1080 1081 1082
{
	ipw_led_activity_off(priv);
	ipw_led_link_off(priv);

	if (priv->status & STATUS_RF_KILL_MASK)
		ipw_led_radio_off(priv);
}

1083
static void ipw_led_init(struct ipw_priv *priv)
1084 1085 1086 1087
{
	priv->nic_type = priv->eeprom[EEPROM_NIC_TYPE];

	/* Set the default PINs for the link and activity leds */
1088 1089
	priv->led_activity_on = IPW_ACTIVITY_LED;
	priv->led_activity_off = ~(IPW_ACTIVITY_LED);
1090

1091 1092
	priv->led_association_on = IPW_ASSOCIATED_LED;
	priv->led_association_off = ~(IPW_ASSOCIATED_LED);
1093 1094

	/* Set the default PINs for the OFDM leds */
1095 1096
	priv->led_ofdm_on = IPW_OFDM_LED;
	priv->led_ofdm_off = ~(IPW_OFDM_LED);
1097 1098 1099 1100

	switch (priv->nic_type) {
	case EEPROM_NIC_TYPE_1:
		/* In this NIC type, the LEDs are reversed.... */
1101 1102 1103 1104
		priv->led_activity_on = IPW_ASSOCIATED_LED;
		priv->led_activity_off = ~(IPW_ASSOCIATED_LED);
		priv->led_association_on = IPW_ACTIVITY_LED;
		priv->led_association_off = ~(IPW_ACTIVITY_LED);
1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133

		if (!(priv->config & CFG_NO_LED))
			ipw_led_band_on(priv);

		/* And we don't blink link LEDs for this nic, so
		 * just return here */
		return;

	case EEPROM_NIC_TYPE_3:
	case EEPROM_NIC_TYPE_2:
	case EEPROM_NIC_TYPE_4:
	case EEPROM_NIC_TYPE_0:
		break;

	default:
		IPW_DEBUG_INFO("Unknown NIC type from EEPROM: %d\n",
			       priv->nic_type);
		priv->nic_type = EEPROM_NIC_TYPE_0;
		break;
	}

	if (!(priv->config & CFG_NO_LED)) {
		if (priv->status & STATUS_ASSOCIATED)
			ipw_led_link_on(priv);
		else
			ipw_led_link_off(priv);
	}
}

1134
static void ipw_led_shutdown(struct ipw_priv *priv)
1135 1136 1137 1138
{
	ipw_led_activity_off(priv);
	ipw_led_link_off(priv);
	ipw_led_band_off(priv);
1139 1140 1141
	cancel_delayed_work(&priv->led_link_on);
	cancel_delayed_work(&priv->led_link_off);
	cancel_delayed_work(&priv->led_act_off);
1142 1143
}

1144 1145 1146 1147
/*
 * The following adds a new attribute to the sysfs representation
 * of this device driver (i.e. a new file in /sys/bus/pci/drivers/ipw/)
 * used for controling the debug level.
1148
 *
1149 1150 1151 1152 1153 1154
 * See the level definitions in ipw for details.
 */
static ssize_t show_debug_level(struct device_driver *d, char *buf)
{
	return sprintf(buf, "0x%08X\n", ipw_debug_level);
}
1155 1156 1157

static ssize_t store_debug_level(struct device_driver *d, const char *buf,
				 size_t count)
1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168
{
	char *p = (char *)buf;
	u32 val;

	if (p[1] == 'x' || p[1] == 'X' || p[0] == 'x' || p[0] == 'X') {
		p++;
		if (p[0] == 'x' || p[0] == 'X')
			p++;
		val = simple_strtoul(p, &p, 16);
	} else
		val = simple_strtoul(p, &p, 10);
1169 1170
	if (p == buf)
		printk(KERN_INFO DRV_NAME
1171 1172 1173 1174 1175 1176 1177
		       ": %s is not in hex or decimal form.\n", buf);
	else
		ipw_debug_level = val;

	return strnlen(buf, count);
}

1178
static DRIVER_ATTR(debug_level, S_IWUSR | S_IRUGO,
1179 1180
		   show_debug_level, store_debug_level);

1181
static inline u32 ipw_get_event_log_len(struct ipw_priv *priv)
1182
{
1183
	/* length = 1st dword in log */
1184
	return ipw_read_reg32(priv, ipw_read32(priv, IPW_EVENT_LOG));
1185
}
1186

1187 1188
static void ipw_capture_event_log(struct ipw_priv *priv,
				  u32 log_len, struct ipw_event *log)
1189
{
1190
	u32 base;
1191

1192 1193 1194 1195 1196 1197
	if (log_len) {
		base = ipw_read32(priv, IPW_EVENT_LOG);
		ipw_read_indirect(priv, base + sizeof(base) + sizeof(u32),
				  (u8 *) log, sizeof(*log) * log_len);
	}
}
1198

1199
static struct ipw_fw_error *ipw_alloc_error_log(struct ipw_priv *priv)
1200
{
1201 1202 1203 1204
	struct ipw_fw_error *error;
	u32 log_len = ipw_get_event_log_len(priv);
	u32 base = ipw_read32(priv, IPW_ERROR_LOG);
	u32 elem_len = ipw_read_reg32(priv, base);
1205

1206 1207 1208 1209 1210 1211 1212
	error = kmalloc(sizeof(*error) +
			sizeof(*error->elem) * elem_len +
			sizeof(*error->log) * log_len, GFP_ATOMIC);
	if (!error) {
		IPW_ERROR("Memory allocation for firmware error log "
			  "failed.\n");
		return NULL;
1213
	}
1214
	error->jiffies = jiffies;
1215 1216 1217 1218 1219
	error->status = priv->status;
	error->config = priv->config;
	error->elem_len = elem_len;
	error->log_len = log_len;
	error->elem = (struct ipw_error_elem *)error->payload;
1220
	error->log = (struct ipw_event *)(error->elem + elem_len);
1221 1222

	ipw_capture_event_log(priv, log_len, error->log);
1223

1224 1225 1226 1227 1228
	if (elem_len)
		ipw_read_indirect(priv, base + sizeof(base), (u8 *) error->elem,
				  sizeof(*error->elem) * elem_len);

	return error;
1229
}
1230

1231 1232
static ssize_t show_event_log(struct device *d,
			      struct device_attribute *attr, char *buf)
1233
{
1234 1235 1236 1237
	struct ipw_priv *priv = dev_get_drvdata(d);
	u32 log_len = ipw_get_event_log_len(priv);
	struct ipw_event log[log_len];
	u32 len = 0, i;
1238

1239
	ipw_capture_event_log(priv, log_len, log);
1240

1241 1242 1243 1244 1245 1246 1247
	len += snprintf(buf + len, PAGE_SIZE - len, "%08X", log_len);
	for (i = 0; i < log_len; i++)
		len += snprintf(buf + len, PAGE_SIZE - len,
				"\n%08X%08X%08X",
				log[i].time, log[i].event, log[i].data);
	len += snprintf(buf + len, PAGE_SIZE - len, "\n");
	return len;
1248
}
1249

1250
static DEVICE_ATTR(event_log, S_IRUGO, show_event_log, NULL);
1251

1252 1253
static ssize_t show_error(struct device *d,
			  struct device_attribute *attr, char *buf)
1254
{
1255 1256 1257 1258 1259
	struct ipw_priv *priv = dev_get_drvdata(d);
	u32 len = 0, i;
	if (!priv->error)
		return 0;
	len += snprintf(buf + len, PAGE_SIZE - len,
1260 1261
			"%08lX%08X%08X%08X",
			priv->error->jiffies,
1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291
			priv->error->status,
			priv->error->config, priv->error->elem_len);
	for (i = 0; i < priv->error->elem_len; i++)
		len += snprintf(buf + len, PAGE_SIZE - len,
				"\n%08X%08X%08X%08X%08X%08X%08X",
				priv->error->elem[i].time,
				priv->error->elem[i].desc,
				priv->error->elem[i].blink1,
				priv->error->elem[i].blink2,
				priv->error->elem[i].link1,
				priv->error->elem[i].link2,
				priv->error->elem[i].data);

	len += snprintf(buf + len, PAGE_SIZE - len,
			"\n%08X", priv->error->log_len);
	for (i = 0; i < priv->error->log_len; i++)
		len += snprintf(buf + len, PAGE_SIZE - len,
				"\n%08X%08X%08X",
				priv->error->log[i].time,
				priv->error->log[i].event,
				priv->error->log[i].data);
	len += snprintf(buf + len, PAGE_SIZE - len, "\n");
	return len;
}

static ssize_t clear_error(struct device *d,
			   struct device_attribute *attr,
			   const char *buf, size_t count)
{
	struct ipw_priv *priv = dev_get_drvdata(d);
1292 1293 1294

	kfree(priv->error);
	priv->error = NULL;
1295 1296
	return count;
}
1297

1298
static DEVICE_ATTR(error, S_IRUGO | S_IWUSR, show_error, clear_error);
1299

1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322
static ssize_t show_cmd_log(struct device *d,
			    struct device_attribute *attr, char *buf)
{
	struct ipw_priv *priv = dev_get_drvdata(d);
	u32 len = 0, i;
	if (!priv->cmdlog)
		return 0;
	for (i = (priv->cmdlog_pos + 1) % priv->cmdlog_len;
	     (i != priv->cmdlog_pos) && (PAGE_SIZE - len);
	     i = (i + 1) % priv->cmdlog_len) {
		len +=
		    snprintf(buf + len, PAGE_SIZE - len,
			     "\n%08lX%08X%08X%08X\n", priv->cmdlog[i].jiffies,
			     priv->cmdlog[i].retcode, priv->cmdlog[i].cmd.cmd,
			     priv->cmdlog[i].cmd.len);
		len +=
		    snprintk_buf(buf + len, PAGE_SIZE - len,
				 (u8 *) priv->cmdlog[i].cmd.param,
				 priv->cmdlog[i].cmd.len);
		len += snprintf(buf + len, PAGE_SIZE - len, "\n");
	}
	len += snprintf(buf + len, PAGE_SIZE - len, "\n");
	return len;
1323
}
1324

1325
static DEVICE_ATTR(cmd_log, S_IRUGO, show_cmd_log, NULL);
1326

1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425
#ifdef CONFIG_IPW2200_PROMISCUOUS
static void ipw_prom_free(struct ipw_priv *priv);
static int ipw_prom_alloc(struct ipw_priv *priv);
static ssize_t store_rtap_iface(struct device *d,
			 struct device_attribute *attr,
			 const char *buf, size_t count)
{
	struct ipw_priv *priv = dev_get_drvdata(d);
	int rc = 0;

	if (count < 1)
		return -EINVAL;

	switch (buf[0]) {
	case '0':
		if (!rtap_iface)
			return count;

		if (netif_running(priv->prom_net_dev)) {
			IPW_WARNING("Interface is up.  Cannot unregister.\n");
			return count;
		}

		ipw_prom_free(priv);
		rtap_iface = 0;
		break;

	case '1':
		if (rtap_iface)
			return count;

		rc = ipw_prom_alloc(priv);
		if (!rc)
			rtap_iface = 1;
		break;

	default:
		return -EINVAL;
	}

	if (rc) {
		IPW_ERROR("Failed to register promiscuous network "
			  "device (error %d).\n", rc);
	}

	return count;
}

static ssize_t show_rtap_iface(struct device *d,
			struct device_attribute *attr,
			char *buf)
{
	struct ipw_priv *priv = dev_get_drvdata(d);
	if (rtap_iface)
		return sprintf(buf, "%s", priv->prom_net_dev->name);
	else {
		buf[0] = '-';
		buf[1] = '1';
		buf[2] = '\0';
		return 3;
	}
}

static DEVICE_ATTR(rtap_iface, S_IWUSR | S_IRUSR, show_rtap_iface,
		   store_rtap_iface);

static ssize_t store_rtap_filter(struct device *d,
			 struct device_attribute *attr,
			 const char *buf, size_t count)
{
	struct ipw_priv *priv = dev_get_drvdata(d);

	if (!priv->prom_priv) {
		IPW_ERROR("Attempting to set filter without "
			  "rtap_iface enabled.\n");
		return -EPERM;
	}

	priv->prom_priv->filter = simple_strtol(buf, NULL, 0);

	IPW_DEBUG_INFO("Setting rtap filter to " BIT_FMT16 "\n",
		       BIT_ARG16(priv->prom_priv->filter));

	return count;
}

static ssize_t show_rtap_filter(struct device *d,
			struct device_attribute *attr,
			char *buf)
{
	struct ipw_priv *priv = dev_get_drvdata(d);
	return sprintf(buf, "0x%04X",
		       priv->prom_priv ? priv->prom_priv->filter : 0);
}

static DEVICE_ATTR(rtap_filter, S_IWUSR | S_IRUSR, show_rtap_filter,
		   store_rtap_filter);
#endif

1426 1427
static ssize_t show_scan_age(struct device *d, struct device_attribute *attr,
			     char *buf)
1428
{
1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501
	struct ipw_priv *priv = dev_get_drvdata(d);
	return sprintf(buf, "%d\n", priv->ieee->scan_age);
}

static ssize_t store_scan_age(struct device *d, struct device_attribute *attr,
			      const char *buf, size_t count)
{
	struct ipw_priv *priv = dev_get_drvdata(d);
	struct net_device *dev = priv->net_dev;
	char buffer[] = "00000000";
	unsigned long len =
	    (sizeof(buffer) - 1) > count ? count : sizeof(buffer) - 1;
	unsigned long val;
	char *p = buffer;

	IPW_DEBUG_INFO("enter\n");

	strncpy(buffer, buf, len);
	buffer[len] = 0;

	if (p[1] == 'x' || p[1] == 'X' || p[0] == 'x' || p[0] == 'X') {
		p++;
		if (p[0] == 'x' || p[0] == 'X')
			p++;
		val = simple_strtoul(p, &p, 16);
	} else
		val = simple_strtoul(p, &p, 10);
	if (p == buffer) {
		IPW_DEBUG_INFO("%s: user supplied invalid value.\n", dev->name);
	} else {
		priv->ieee->scan_age = val;
		IPW_DEBUG_INFO("set scan_age = %u\n", priv->ieee->scan_age);
	}

	IPW_DEBUG_INFO("exit\n");
	return len;
}

static DEVICE_ATTR(scan_age, S_IWUSR | S_IRUGO, show_scan_age, store_scan_age);

static ssize_t show_led(struct device *d, struct device_attribute *attr,
			char *buf)
{
	struct ipw_priv *priv = dev_get_drvdata(d);
	return sprintf(buf, "%d\n", (priv->config & CFG_NO_LED) ? 0 : 1);
}

static ssize_t store_led(struct device *d, struct device_attribute *attr,
			 const char *buf, size_t count)
{
	struct ipw_priv *priv = dev_get_drvdata(d);

	IPW_DEBUG_INFO("enter\n");

	if (count == 0)
		return 0;

	if (*buf == 0) {
		IPW_DEBUG_LED("Disabling LED control.\n");
		priv->config |= CFG_NO_LED;
		ipw_led_shutdown(priv);
	} else {
		IPW_DEBUG_LED("Enabling LED control.\n");
		priv->config &= ~CFG_NO_LED;
		ipw_led_init(priv);
	}

	IPW_DEBUG_INFO("exit\n");
	return count;
}

static DEVICE_ATTR(led, S_IWUSR | S_IRUGO, show_led, store_led);

1502
static ssize_t show_status(struct device *d,
1503
			   struct device_attribute *attr, char *buf)
1504
{
1505
	struct ipw_priv *p = d->driver_data;
1506 1507
	return sprintf(buf, "0x%08x\n", (int)p->status);
}
1508

1509 1510
static DEVICE_ATTR(status, S_IRUGO, show_status, NULL);

1511 1512
static ssize_t show_cfg(struct device *d, struct device_attribute *attr,
			char *buf)
1513
{
1514
	struct ipw_priv *p = d->driver_data;
1515 1516
	return sprintf(buf, "0x%08x\n", (int)p->config);
}
1517

1518 1519
static DEVICE_ATTR(cfg, S_IRUGO, show_cfg, NULL);

1520
static ssize_t show_nic_type(struct device *d,
1521
			     struct device_attribute *attr, char *buf)
1522
{
1523 1524
	struct ipw_priv *priv = d->driver_data;
	return sprintf(buf, "TYPE: %d\n", priv->nic_type);
1525
}
1526

1527 1528
static DEVICE_ATTR(nic_type, S_IRUGO, show_nic_type, NULL);

1529
static ssize_t show_ucode_version(struct device *d,
1530
				  struct device_attribute *attr, char *buf)
1531 1532
{
	u32 len = sizeof(u32), tmp = 0;
1533
	struct ipw_priv *p = d->driver_data;
1534

1535
	if (ipw_get_ordinal(p, IPW_ORD_STAT_UCODE_VERSION, &tmp, &len))
1536 1537 1538 1539
		return 0;

	return sprintf(buf, "0x%08x\n", tmp);
}
1540 1541

static DEVICE_ATTR(ucode_version, S_IWUSR | S_IRUGO, show_ucode_version, NULL);
1542

1543 1544
static ssize_t show_rtc(struct device *d, struct device_attribute *attr,
			char *buf)
1545 1546
{
	u32 len = sizeof(u32), tmp = 0;
1547
	struct ipw_priv *p = d->driver_data;
1548

1549
	if (ipw_get_ordinal(p, IPW_ORD_STAT_RTC, &tmp, &len))
1550 1551 1552 1553
		return 0;

	return sprintf(buf, "0x%08x\n", tmp);
}
1554 1555

static DEVICE_ATTR(rtc, S_IWUSR | S_IRUGO, show_rtc, NULL);
1556 1557 1558 1559 1560

/*
 * Add a device attribute to view/control the delay between eeprom
 * operations.
 */
1561
static ssize_t show_eeprom_delay(struct device *d,
1562
				 struct device_attribute *attr, char *buf)
1563
{
1564
	int n = ((struct ipw_priv *)d->driver_data)->eeprom_delay;
1565 1566
	return sprintf(buf, "%i\n", n);
}
1567
static ssize_t store_eeprom_delay(struct device *d,
1568 1569
				  struct device_attribute *attr,
				  const char *buf, size_t count)
1570
{
1571
	struct ipw_priv *p = d->driver_data;
1572 1573 1574
	sscanf(buf, "%i", &p->eeprom_delay);
	return strnlen(buf, count);
}
1575 1576 1577

static DEVICE_ATTR(eeprom_delay, S_IWUSR | S_IRUGO,
		   show_eeprom_delay, store_eeprom_delay);
1578

1579
static ssize_t show_command_event_reg(struct device *d,
1580
				      struct device_attribute *attr, char *buf)
1581 1582
{
	u32 reg = 0;
1583
	struct ipw_priv *p = d->driver_data;
1584

1585
	reg = ipw_read_reg32(p, IPW_INTERNAL_CMD_EVENT);
1586 1587
	return sprintf(buf, "0x%08x\n", reg);
}
1588
static ssize_t store_command_event_reg(struct device *d,
1589 1590
				       struct device_attribute *attr,
				       const char *buf, size_t count)
1591 1592
{
	u32 reg;
1593
	struct ipw_priv *p = d->driver_data;
1594 1595

	sscanf(buf, "%x", &reg);
1596
	ipw_write_reg32(p, IPW_INTERNAL_CMD_EVENT, reg);
1597 1598
	return strnlen(buf, count);
}
1599 1600 1601

static DEVICE_ATTR(command_event_reg, S_IWUSR | S_IRUGO,
		   show_command_event_reg, store_command_event_reg);
1602

1603
static ssize_t show_mem_gpio_reg(struct device *d,
1604
				 struct device_attribute *attr, char *buf)
1605 1606
{
	u32 reg = 0;
1607
	struct ipw_priv *p = d->driver_data;
1608 1609 1610 1611

	reg = ipw_read_reg32(p, 0x301100);
	return sprintf(buf, "0x%08x\n", reg);
}
1612
static ssize_t store_mem_gpio_reg(struct device *d,
1613 1614
				  struct device_attribute *attr,
				  const char *buf, size_t count)
1615 1616
{
	u32 reg;
1617
	struct ipw_priv *p = d->driver_data;
1618 1619 1620 1621 1622

	sscanf(buf, "%x", &reg);
	ipw_write_reg32(p, 0x301100, reg);
	return strnlen(buf, count);
}
1623 1624 1625

static DEVICE_ATTR(mem_gpio_reg, S_IWUSR | S_IRUGO,
		   show_mem_gpio_reg, store_mem_gpio_reg);
1626

1627
static ssize_t show_indirect_dword(struct device *d,
1628
				   struct device_attribute *attr, char *buf)
1629 1630
{
	u32 reg = 0;
1631
	struct ipw_priv *priv = d->driver_data;
1632

1633
	if (priv->status & STATUS_INDIRECT_DWORD)
1634
		reg = ipw_read_reg32(priv, priv->indirect_dword);
1635
	else
1636
		reg = 0;
1637

1638 1639
	return sprintf(buf, "0x%08x\n", reg);
}
1640
static ssize_t store_indirect_dword(struct device *d,
1641 1642
				    struct device_attribute *attr,
				    const char *buf, size_t count)
1643
{
1644
	struct ipw_priv *priv = d->driver_data;
1645 1646 1647 1648 1649

	sscanf(buf, "%x", &priv->indirect_dword);
	priv->status |= STATUS_INDIRECT_DWORD;
	return strnlen(buf, count);
}
1650 1651 1652

static DEVICE_ATTR(indirect_dword, S_IWUSR | S_IRUGO,
		   show_indirect_dword, store_indirect_dword);
1653

1654
static ssize_t show_indirect_byte(struct device *d,
1655
				  struct device_attribute *attr, char *buf)
1656 1657
{
	u8 reg = 0;
1658
	struct ipw_priv *priv = d->driver_data;
1659

1660
	if (priv->status & STATUS_INDIRECT_BYTE)
1661
		reg = ipw_read_reg8(priv, priv->indirect_byte);
1662
	else
1663 1664 1665 1666
		reg = 0;

	return sprintf(buf, "0x%02x\n", reg);
}
1667
static ssize_t store_indirect_byte(struct device *d,
1668 1669
				   struct device_attribute *attr,
				   const char *buf, size_t count)
1670
{
1671
	struct ipw_priv *priv = d->driver_data;
1672 1673 1674 1675 1676

	sscanf(buf, "%x", &priv->indirect_byte);
	priv->status |= STATUS_INDIRECT_BYTE;
	return strnlen(buf, count);
}
1677 1678

static DEVICE_ATTR(indirect_byte, S_IWUSR | S_IRUGO,
1679 1680
		   show_indirect_byte, store_indirect_byte);

1681
static ssize_t show_direct_dword(struct device *d,
1682
				 struct device_attribute *attr, char *buf)
1683 1684
{
	u32 reg = 0;
1685
	struct ipw_priv *priv = d->driver_data;
1686

1687
	if (priv->status & STATUS_DIRECT_DWORD)
1688
		reg = ipw_read32(priv, priv->direct_dword);
1689
	else
1690 1691 1692 1693
		reg = 0;

	return sprintf(buf, "0x%08x\n", reg);
}
1694
static ssize_t store_direct_dword(struct device *d,
1695 1696
				  struct device_attribute *attr,
				  const char *buf, size_t count)
1697
{
1698
	struct ipw_priv *priv = d->driver_data;
1699 1700 1701 1702 1703 1704

	sscanf(buf, "%x", &priv->direct_dword);
	priv->status |= STATUS_DIRECT_DWORD;
	return strnlen(buf, count);
}

1705 1706
static DEVICE_ATTR(direct_dword, S_IWUSR | S_IRUGO,
		   show_direct_dword, store_direct_dword);
1707

1708
static int rf_kill_active(struct ipw_priv *priv)
1709 1710 1711 1712 1713 1714 1715 1716 1717
{
	if (0 == (ipw_read32(priv, 0x30) & 0x10000))
		priv->status |= STATUS_RF_KILL_HW;
	else
		priv->status &= ~STATUS_RF_KILL_HW;

	return (priv->status & STATUS_RF_KILL_HW) ? 1 : 0;
}

1718
static ssize_t show_rf_kill(struct device *d, struct device_attribute *attr,
1719
			    char *buf)
1720 1721
{
	/* 0 - RF kill not enabled
1722
	   1 - SW based RF kill active (sysfs)
1723 1724
	   2 - HW based RF kill active
	   3 - Both HW and SW baed RF kill active */
1725
	struct ipw_priv *priv = d->driver_data;
1726
	int val = ((priv->status & STATUS_RF_KILL_SW) ? 0x1 : 0x0) |
1727
	    (rf_kill_active(priv) ? 0x2 : 0x0);
1728 1729 1730 1731 1732
	return sprintf(buf, "%i\n", val);
}

static int ipw_radio_kill_sw(struct ipw_priv *priv, int disable_radio)
{
1733
	if ((disable_radio ? 1 : 0) ==
1734
	    ((priv->status & STATUS_RF_KILL_SW) ? 1 : 0))
1735
		return 0;
1736 1737 1738 1739 1740 1741 1742

	IPW_DEBUG_RF_KILL("Manual SW RF Kill set to: RADIO  %s\n",
			  disable_radio ? "OFF" : "ON");

	if (disable_radio) {
		priv->status |= STATUS_RF_KILL_SW;

1743
		if (priv->workqueue) {
1744
			cancel_delayed_work(&priv->request_scan);
1745 1746
			cancel_delayed_work(&priv->scan_event);
		}
1747 1748 1749 1750 1751 1752 1753 1754
		queue_work(priv->workqueue, &priv->down);
	} else {
		priv->status &= ~STATUS_RF_KILL_SW;
		if (rf_kill_active(priv)) {
			IPW_DEBUG_RF_KILL("Can not turn radio back on - "
					  "disabled by HW switch\n");
			/* Make sure the RF_KILL check timer is running */
			cancel_delayed_work(&priv->rf_kill);
1755
			queue_delayed_work(priv->workqueue, &priv->rf_kill,
1756
					   round_jiffies(2 * HZ));
1757
		} else
1758 1759 1760 1761 1762 1763
			queue_work(priv->workqueue, &priv->up);
	}

	return 1;
}

1764 1765
static ssize_t store_rf_kill(struct device *d, struct device_attribute *attr,
			     const char *buf, size_t count)
1766
{
1767
	struct ipw_priv *priv = d->driver_data;
1768

1769 1770 1771 1772
	ipw_radio_kill_sw(priv, buf[0] == '1');

	return count;
}
1773 1774

static DEVICE_ATTR(rf_kill, S_IWUSR | S_IRUGO, show_rf_kill, store_rf_kill);
1775

1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804
static ssize_t show_speed_scan(struct device *d, struct device_attribute *attr,
			       char *buf)
{
	struct ipw_priv *priv = (struct ipw_priv *)d->driver_data;
	int pos = 0, len = 0;
	if (priv->config & CFG_SPEED_SCAN) {
		while (priv->speed_scan[pos] != 0)
			len += sprintf(&buf[len], "%d ",
				       priv->speed_scan[pos++]);
		return len + sprintf(&buf[len], "\n");
	}

	return sprintf(buf, "0\n");
}

static ssize_t store_speed_scan(struct device *d, struct device_attribute *attr,
				const char *buf, size_t count)
{
	struct ipw_priv *priv = (struct ipw_priv *)d->driver_data;
	int channel, pos = 0;
	const char *p = buf;

	/* list of space separated channels to scan, optionally ending with 0 */
	while ((channel = simple_strtol(p, NULL, 0))) {
		if (pos == MAX_SPEED_SCAN - 1) {
			priv->speed_scan[pos] = 0;
			break;
		}

1805
		if (ieee80211_is_valid_channel(priv->ieee, channel))
1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848
			priv->speed_scan[pos++] = channel;
		else
			IPW_WARNING("Skipping invalid channel request: %d\n",
				    channel);
		p = strchr(p, ' ');
		if (!p)
			break;
		while (*p == ' ' || *p == '\t')
			p++;
	}

	if (pos == 0)
		priv->config &= ~CFG_SPEED_SCAN;
	else {
		priv->speed_scan_pos = 0;
		priv->config |= CFG_SPEED_SCAN;
	}

	return count;
}

static DEVICE_ATTR(speed_scan, S_IWUSR | S_IRUGO, show_speed_scan,
		   store_speed_scan);

static ssize_t show_net_stats(struct device *d, struct device_attribute *attr,
			      char *buf)
{
	struct ipw_priv *priv = (struct ipw_priv *)d->driver_data;
	return sprintf(buf, "%c\n", (priv->config & CFG_NET_STATS) ? '1' : '0');
}

static ssize_t store_net_stats(struct device *d, struct device_attribute *attr,
			       const char *buf, size_t count)
{
	struct ipw_priv *priv = (struct ipw_priv *)d->driver_data;
	if (buf[0] == '1')
		priv->config |= CFG_NET_STATS;
	else
		priv->config &= ~CFG_NET_STATS;

	return count;
}

1849 1850
static DEVICE_ATTR(net_stats, S_IWUSR | S_IRUGO,
		   show_net_stats, store_net_stats);
1851

1852 1853 1854 1855 1856
static ssize_t show_channels(struct device *d,
			     struct device_attribute *attr,
			     char *buf)
{
	struct ipw_priv *priv = dev_get_drvdata(d);
1857
	const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897
	int len = 0, i;

	len = sprintf(&buf[len],
		      "Displaying %d channels in 2.4Ghz band "
		      "(802.11bg):\n", geo->bg_channels);

	for (i = 0; i < geo->bg_channels; i++) {
		len += sprintf(&buf[len], "%d: BSS%s%s, %s, Band %s.\n",
			       geo->bg[i].channel,
			       geo->bg[i].flags & IEEE80211_CH_RADAR_DETECT ?
			       " (radar spectrum)" : "",
			       ((geo->bg[i].flags & IEEE80211_CH_NO_IBSS) ||
				(geo->bg[i].flags & IEEE80211_CH_RADAR_DETECT))
			       ? "" : ", IBSS",
			       geo->bg[i].flags & IEEE80211_CH_PASSIVE_ONLY ?
			       "passive only" : "active/passive",
			       geo->bg[i].flags & IEEE80211_CH_B_ONLY ?
			       "B" : "B/G");
	}

	len += sprintf(&buf[len],
		       "Displaying %d channels in 5.2Ghz band "
		       "(802.11a):\n", geo->a_channels);
	for (i = 0; i < geo->a_channels; i++) {
		len += sprintf(&buf[len], "%d: BSS%s%s, %s.\n",
			       geo->a[i].channel,
			       geo->a[i].flags & IEEE80211_CH_RADAR_DETECT ?
			       " (radar spectrum)" : "",
			       ((geo->a[i].flags & IEEE80211_CH_NO_IBSS) ||
				(geo->a[i].flags & IEEE80211_CH_RADAR_DETECT))
			       ? "" : ", IBSS",
			       geo->a[i].flags & IEEE80211_CH_PASSIVE_ONLY ?
			       "passive only" : "active/passive");
	}

	return len;
}

static DEVICE_ATTR(channels, S_IRUSR, show_channels, NULL);

1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908
static void notify_wx_assoc_event(struct ipw_priv *priv)
{
	union iwreq_data wrqu;
	wrqu.ap_addr.sa_family = ARPHRD_ETHER;
	if (priv->status & STATUS_ASSOCIATED)
		memcpy(wrqu.ap_addr.sa_data, priv->bssid, ETH_ALEN);
	else
		memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
	wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL);
}

1909 1910 1911 1912 1913 1914
static void ipw_irq_tasklet(struct ipw_priv *priv)
{
	u32 inta, inta_mask, handled = 0;
	unsigned long flags;
	int rc = 0;

Zhu Yi's avatar
Zhu Yi committed
1915
	spin_lock_irqsave(&priv->irq_lock, flags);
1916

1917 1918 1919
	inta = ipw_read32(priv, IPW_INTA_RW);
	inta_mask = ipw_read32(priv, IPW_INTA_MASK_R);
	inta &= (IPW_INTA_MASK_ALL & inta_mask);
1920 1921 1922 1923

	/* Add any cached INTA values that need to be handled */
	inta |= priv->isr_inta;

Zhu Yi's avatar
Zhu Yi committed
1924 1925 1926 1927
	spin_unlock_irqrestore(&priv->irq_lock, flags);

	spin_lock_irqsave(&priv->lock, flags);

1928
	/* handle all the justifications for the interrupt */
1929
	if (inta & IPW_INTA_BIT_RX_TRANSFER) {
1930
		ipw_rx(priv);
1931
		handled |= IPW_INTA_BIT_RX_TRANSFER;
1932 1933
	}

1934
	if (inta & IPW_INTA_BIT_TX_CMD_QUEUE) {
1935
		IPW_DEBUG_HC("Command completed.\n");
1936
		rc = ipw_queue_tx_reclaim(priv, &priv->txq_cmd, -1);
1937 1938
		priv->status &= ~STATUS_HCMD_ACTIVE;
		wake_up_interruptible(&priv->wait_command_queue);
1939
		handled |= IPW_INTA_BIT_TX_CMD_QUEUE;
1940 1941
	}

1942
	if (inta & IPW_INTA_BIT_TX_QUEUE_1) {
1943
		IPW_DEBUG_TX("TX_QUEUE_1\n");
1944
		rc = ipw_queue_tx_reclaim(priv, &priv->txq[0], 0);
1945
		handled |= IPW_INTA_BIT_TX_QUEUE_1;
1946 1947
	}

1948
	if (inta & IPW_INTA_BIT_TX_QUEUE_2) {
1949
		IPW_DEBUG_TX("TX_QUEUE_2\n");
1950
		rc = ipw_queue_tx_reclaim(priv, &priv->txq[1], 1);
1951
		handled |= IPW_INTA_BIT_TX_QUEUE_2;
1952 1953
	}

1954
	if (inta & IPW_INTA_BIT_TX_QUEUE_3) {
1955
		IPW_DEBUG_TX("TX_QUEUE_3\n");
1956
		rc = ipw_queue_tx_reclaim(priv, &priv->txq[2], 2);
1957
		handled |= IPW_INTA_BIT_TX_QUEUE_3;
1958 1959
	}

1960
	if (inta & IPW_INTA_BIT_TX_QUEUE_4) {
1961
		IPW_DEBUG_TX("TX_QUEUE_4\n");
1962
		rc = ipw_queue_tx_reclaim(priv, &priv->txq[3], 3);
1963
		handled |= IPW_INTA_BIT_TX_QUEUE_4;
1964 1965
	}

1966
	if (inta & IPW_INTA_BIT_STATUS_CHANGE) {
1967
		IPW_WARNING("STATUS_CHANGE\n");
1968
		handled |= IPW_INTA_BIT_STATUS_CHANGE;
1969 1970
	}

1971
	if (inta & IPW_INTA_BIT_BEACON_PERIOD_EXPIRED) {
1972
		IPW_WARNING("TX_PERIOD_EXPIRED\n");
1973
		handled |= IPW_INTA_BIT_BEACON_PERIOD_EXPIRED;
1974 1975
	}

1976
	if (inta & IPW_INTA_BIT_SLAVE_MODE_HOST_CMD_DONE) {
1977
		IPW_WARNING("HOST_CMD_DONE\n");
1978
		handled |= IPW_INTA_BIT_SLAVE_MODE_HOST_CMD_DONE;
1979 1980
	}

1981
	if (inta & IPW_INTA_BIT_FW_INITIALIZATION_DONE) {
1982
		IPW_WARNING("FW_INITIALIZATION_DONE\n");
1983
		handled |= IPW_INTA_BIT_FW_INITIALIZATION_DONE;
1984 1985
	}

1986
	if (inta & IPW_INTA_BIT_FW_CARD_DISABLE_PHY_OFF_DONE) {
1987
		IPW_WARNING("PHY_OFF_DONE\n");
1988
		handled |= IPW_INTA_BIT_FW_CARD_DISABLE_PHY_OFF_DONE;
1989 1990
	}

1991
	if (inta & IPW_INTA_BIT_RF_KILL_DONE) {
1992 1993 1994
		IPW_DEBUG_RF_KILL("RF_KILL_DONE\n");
		priv->status |= STATUS_RF_KILL_HW;
		wake_up_interruptible(&priv->wait_command_queue);
1995
		priv->status &= ~(STATUS_ASSOCIATED | STATUS_ASSOCIATING);
1996
		cancel_delayed_work(&priv->request_scan);
1997
		cancel_delayed_work(&priv->scan_event);
1998
		schedule_work(&priv->link_down);
1999
		queue_delayed_work(priv->workqueue, &priv->rf_kill, 2 * HZ);
2000
		handled |= IPW_INTA_BIT_RF_KILL_DONE;
2001
	}
2002

2003
	if (inta & IPW_INTA_BIT_FATAL_ERROR) {
2004
		IPW_WARNING("Firmware error detected.  Restarting.\n");
2005
		if (priv->error) {
2006
			IPW_DEBUG_FW("Sysfs 'error' log already exists.\n");
2007 2008 2009 2010
			if (ipw_debug_level & IPW_DL_FW_ERRORS) {
				struct ipw_fw_error *error =
				    ipw_alloc_error_log(priv);
				ipw_dump_error_log(priv, error);
2011
				kfree(error);
2012 2013 2014 2015
			}
		} else {
			priv->error = ipw_alloc_error_log(priv);
			if (priv->error)
2016
				IPW_DEBUG_FW("Sysfs 'error' log captured.\n");
2017
			else
2018 2019
				IPW_DEBUG_FW("Error allocating sysfs 'error' "
					     "log.\n");
2020 2021 2022 2023
			if (ipw_debug_level & IPW_DL_FW_ERRORS)
				ipw_dump_error_log(priv, priv->error);
		}

2024 2025 2026 2027 2028 2029 2030 2031 2032 2033
		/* XXX: If hardware encryption is for WPA/WPA2,
		 * we have to notify the supplicant. */
		if (priv->ieee->sec.encrypt) {
			priv->status &= ~STATUS_ASSOCIATED;
			notify_wx_assoc_event(priv);
		}

		/* Keep the restart process from trying to send host
		 * commands by clearing the INIT status bit */
		priv->status &= ~STATUS_INIT;
2034 2035 2036 2037 2038

		/* Cancel currently queued command. */
		priv->status &= ~STATUS_HCMD_ACTIVE;
		wake_up_interruptible(&priv->wait_command_queue);

2039
		queue_work(priv->workqueue, &priv->adapter_restart);
2040
		handled |= IPW_INTA_BIT_FATAL_ERROR;
2041 2042
	}

2043
	if (inta & IPW_INTA_BIT_PARITY_ERROR) {
2044
		IPW_ERROR("Parity error\n");
2045
		handled |= IPW_INTA_BIT_PARITY_ERROR;
2046 2047 2048
	}

	if (handled != inta) {
2049
		IPW_ERROR("Unhandled INTA bits 0x%08x\n", inta & ~handled);
2050 2051
	}

Zhu Yi's avatar
Zhu Yi committed
2052 2053
	spin_unlock_irqrestore(&priv->lock, flags);

2054 2055 2056
	/* enable all interrupts */
	ipw_enable_interrupts(priv);
}
2057

2058 2059 2060 2061 2062
#define IPW_CMD(x) case IPW_CMD_ ## x : return #x
static char *get_cmd_string(u8 cmd)
{
	switch (cmd) {
		IPW_CMD(HOST_COMPLETE);
2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112
		IPW_CMD(POWER_DOWN);
		IPW_CMD(SYSTEM_CONFIG);
		IPW_CMD(MULTICAST_ADDRESS);
		IPW_CMD(SSID);
		IPW_CMD(ADAPTER_ADDRESS);
		IPW_CMD(PORT_TYPE);
		IPW_CMD(RTS_THRESHOLD);
		IPW_CMD(FRAG_THRESHOLD);
		IPW_CMD(POWER_MODE);
		IPW_CMD(WEP_KEY);
		IPW_CMD(TGI_TX_KEY);
		IPW_CMD(SCAN_REQUEST);
		IPW_CMD(SCAN_REQUEST_EXT);
		IPW_CMD(ASSOCIATE);
		IPW_CMD(SUPPORTED_RATES);
		IPW_CMD(SCAN_ABORT);
		IPW_CMD(TX_FLUSH);
		IPW_CMD(QOS_PARAMETERS);
		IPW_CMD(DINO_CONFIG);
		IPW_CMD(RSN_CAPABILITIES);
		IPW_CMD(RX_KEY);
		IPW_CMD(CARD_DISABLE);
		IPW_CMD(SEED_NUMBER);
		IPW_CMD(TX_POWER);
		IPW_CMD(COUNTRY_INFO);
		IPW_CMD(AIRONET_INFO);
		IPW_CMD(AP_TX_POWER);
		IPW_CMD(CCKM_INFO);
		IPW_CMD(CCX_VER_INFO);
		IPW_CMD(SET_CALIBRATION);
		IPW_CMD(SENSITIVITY_CALIB);
		IPW_CMD(RETRY_LIMIT);
		IPW_CMD(IPW_PRE_POWER_DOWN);
		IPW_CMD(VAP_BEACON_TEMPLATE);
		IPW_CMD(VAP_DTIM_PERIOD);
		IPW_CMD(EXT_SUPPORTED_RATES);
		IPW_CMD(VAP_LOCAL_TX_PWR_CONSTRAINT);
		IPW_CMD(VAP_QUIET_INTERVALS);
		IPW_CMD(VAP_CHANNEL_SWITCH);
		IPW_CMD(VAP_MANDATORY_CHANNELS);
		IPW_CMD(VAP_CELL_PWR_LIMIT);
		IPW_CMD(VAP_CF_PARAM_SET);
		IPW_CMD(VAP_SET_BEACONING_STATE);
		IPW_CMD(MEASUREMENT);
		IPW_CMD(POWER_CAPABILITY);
		IPW_CMD(SUPPORTED_CHANNELS);
		IPW_CMD(TPC_REPORT);
		IPW_CMD(WME_INFO);
		IPW_CMD(PRODUCTION_COMMAND);
	default:
2113 2114 2115 2116 2117
		return "UNKNOWN";
	}
}

#define HOST_COMPLETE_TIMEOUT HZ
Zhu Yi's avatar
Zhu Yi committed
2118 2119

static int __ipw_send_cmd(struct ipw_priv *priv, struct host_cmd *cmd)
2120 2121
{
	int rc = 0;
2122
	unsigned long flags;
2123

2124
	spin_lock_irqsave(&priv->lock, flags);
2125
	if (priv->status & STATUS_HCMD_ACTIVE) {
2126 2127
		IPW_ERROR("Failed to send %s: Already sending a command.\n",
			  get_cmd_string(cmd->cmd));
2128
		spin_unlock_irqrestore(&priv->lock, flags);
2129
		return -EAGAIN;
2130 2131 2132
	}

	priv->status |= STATUS_HCMD_ACTIVE;
2133

2134 2135 2136 2137 2138 2139 2140 2141 2142
	if (priv->cmdlog) {
		priv->cmdlog[priv->cmdlog_pos].jiffies = jiffies;
		priv->cmdlog[priv->cmdlog_pos].cmd.cmd = cmd->cmd;
		priv->cmdlog[priv->cmdlog_pos].cmd.len = cmd->len;
		memcpy(priv->cmdlog[priv->cmdlog_pos].cmd.param, cmd->param,
		       cmd->len);
		priv->cmdlog[priv->cmdlog_pos].retcode = -1;
	}

2143 2144 2145
	IPW_DEBUG_HC("%s command (#%d) %d bytes: 0x%08X\n",
		     get_cmd_string(cmd->cmd), cmd->cmd, cmd->len,
		     priv->status);
2146 2147 2148 2149 2150 2151 2152 2153

#ifndef DEBUG_CMD_WEP_KEY
	if (cmd->cmd == IPW_CMD_WEP_KEY)
		IPW_DEBUG_HC("WEP_KEY command masked out for secure.\n");
	else
#endif
		printk_buf(IPW_DL_HOST_COMMAND, (u8 *) cmd->param, cmd->len);

Zhu Yi's avatar
Zhu Yi committed
2154
	rc = ipw_queue_tx_hcmd(priv, cmd->cmd, cmd->param, cmd->len, 0);
2155 2156
	if (rc) {
		priv->status &= ~STATUS_HCMD_ACTIVE;
2157 2158
		IPW_ERROR("Failed to send %s: Reason %d\n",
			  get_cmd_string(cmd->cmd), rc);
2159
		spin_unlock_irqrestore(&priv->lock, flags);
2160
		goto exit;
2161 2162
	}
	spin_unlock_irqrestore(&priv->lock, flags);
2163

2164 2165 2166 2167
	rc = wait_event_interruptible_timeout(priv->wait_command_queue,
					      !(priv->
						status & STATUS_HCMD_ACTIVE),
					      HOST_COMPLETE_TIMEOUT);
2168
	if (rc == 0) {
2169 2170
		spin_lock_irqsave(&priv->lock, flags);
		if (priv->status & STATUS_HCMD_ACTIVE) {
2171 2172
			IPW_ERROR("Failed to send %s: Command timed out.\n",
				  get_cmd_string(cmd->cmd));
2173 2174
			priv->status &= ~STATUS_HCMD_ACTIVE;
			spin_unlock_irqrestore(&priv->lock, flags);
2175 2176
			rc = -EIO;
			goto exit;
2177 2178
		}
		spin_unlock_irqrestore(&priv->lock, flags);
2179 2180
	} else
		rc = 0;
2181

2182
	if (priv->status & STATUS_RF_KILL_HW) {
2183 2184
		IPW_ERROR("Failed to send %s: Aborted due to RF kill switch.\n",
			  get_cmd_string(cmd->cmd));
2185 2186
		rc = -EIO;
		goto exit;
2187 2188
	}

2189
      exit:
2190 2191 2192 2193 2194
	if (priv->cmdlog) {
		priv->cmdlog[priv->cmdlog_pos++].retcode = rc;
		priv->cmdlog_pos %= priv->cmdlog_len;
	}
	return rc;
2195 2196
}

Zhu Yi's avatar
Zhu Yi committed
2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207
static int ipw_send_cmd_simple(struct ipw_priv *priv, u8 command)
{
	struct host_cmd cmd = {
		.cmd = command,
	};

	return __ipw_send_cmd(priv, &cmd);
}

static int ipw_send_cmd_pdu(struct ipw_priv *priv, u8 command, u8 len,
			    void *data)
2208 2209
{
	struct host_cmd cmd = {
Zhu Yi's avatar
Zhu Yi committed
2210 2211 2212
		.cmd = command,
		.len = len,
		.param = data,
2213 2214
	};

Zhu Yi's avatar
Zhu Yi committed
2215 2216 2217 2218 2219
	return __ipw_send_cmd(priv, &cmd);
}

static int ipw_send_host_complete(struct ipw_priv *priv)
{
2220 2221 2222 2223 2224
	if (!priv) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

Zhu Yi's avatar
Zhu Yi committed
2225
	return ipw_send_cmd_simple(priv, IPW_CMD_HOST_COMPLETE);
2226 2227
}

2228
static int ipw_send_system_config(struct ipw_priv *priv)
2229
{
2230 2231 2232
	return ipw_send_cmd_pdu(priv, IPW_CMD_SYSTEM_CONFIG,
				sizeof(priv->sys_config),
				&priv->sys_config);
2233 2234
}

2235
static int ipw_send_ssid(struct ipw_priv *priv, u8 * ssid, int len)
2236 2237 2238 2239 2240 2241
{
	if (!priv || !ssid) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

Zhu Yi's avatar
Zhu Yi committed
2242
	return ipw_send_cmd_pdu(priv, IPW_CMD_SSID, min(len, IW_ESSID_MAX_SIZE),
2243
				ssid);
2244 2245
}

2246
static int ipw_send_adapter_address(struct ipw_priv *priv, u8 * mac)
2247 2248 2249 2250 2251 2252
{
	if (!priv || !mac) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

2253 2254
	IPW_DEBUG_INFO("%s: Setting MAC to %s\n",
		       priv->net_dev->name, print_mac(mac, mac));
2255

2256
	return ipw_send_cmd_pdu(priv, IPW_CMD_ADAPTER_ADDRESS, ETH_ALEN, mac);
2257 2258
}

2259 2260 2261 2262 2263
/*
 * NOTE: This must be executed from our workqueue as it results in udelay
 * being called which may corrupt the keyboard if executed on default
 * workqueue
 */
2264 2265 2266 2267 2268 2269 2270 2271
static void ipw_adapter_restart(void *adapter)
{
	struct ipw_priv *priv = adapter;

	if (priv->status & STATUS_RF_KILL_MASK)
		return;

	ipw_down(priv);
2272 2273 2274 2275 2276

	if (priv->assoc_network &&
	    (priv->assoc_network->capability & WLAN_CAPABILITY_IBSS))
		ipw_remove_current_network(priv);

2277 2278 2279 2280 2281 2282
	if (ipw_up(priv)) {
		IPW_ERROR("Failed to up device\n");
		return;
	}
}

2283
static void ipw_bg_adapter_restart(struct work_struct *work)
2284
{
2285 2286
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, adapter_restart);
2287
	mutex_lock(&priv->mutex);
2288
	ipw_adapter_restart(priv);
2289
	mutex_unlock(&priv->mutex);
2290 2291
}

2292 2293 2294 2295 2296 2297 2298
#define IPW_SCAN_CHECK_WATCHDOG (5 * HZ)

static void ipw_scan_check(void *data)
{
	struct ipw_priv *priv = data;
	if (priv->status & (STATUS_SCANNING | STATUS_SCAN_ABORTING)) {
		IPW_DEBUG_SCAN("Scan completion watchdog resetting "
2299 2300
			       "adapter after (%dms).\n",
			       jiffies_to_msecs(IPW_SCAN_CHECK_WATCHDOG));
2301
		queue_work(priv->workqueue, &priv->adapter_restart);
2302 2303 2304
	}
}

2305
static void ipw_bg_scan_check(struct work_struct *work)
2306
{
2307 2308
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, scan_check.work);
2309
	mutex_lock(&priv->mutex);
2310
	ipw_scan_check(priv);
2311
	mutex_unlock(&priv->mutex);
2312 2313
}

2314 2315 2316
static int ipw_send_scan_request_ext(struct ipw_priv *priv,
				     struct ipw_scan_request_ext *request)
{
Zhu Yi's avatar
Zhu Yi committed
2317
	return ipw_send_cmd_pdu(priv, IPW_CMD_SCAN_REQUEST_EXT,
2318
				sizeof(*request), request);
2319 2320 2321 2322 2323 2324 2325 2326 2327
}

static int ipw_send_scan_abort(struct ipw_priv *priv)
{
	if (!priv) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

Zhu Yi's avatar
Zhu Yi committed
2328
	return ipw_send_cmd_simple(priv, IPW_CMD_SCAN_ABORT);
2329 2330 2331 2332
}

static int ipw_set_sensitivity(struct ipw_priv *priv, u16 sens)
{
Zhu Yi's avatar
Zhu Yi committed
2333
	struct ipw_sensitivity_calib calib = {
2334
		.beacon_rssi_raw = cpu_to_le16(sens),
2335
	};
Zhu Yi's avatar
Zhu Yi committed
2336 2337

	return ipw_send_cmd_pdu(priv, IPW_CMD_SENSITIVITY_CALIB, sizeof(calib),
2338
				&calib);
2339 2340 2341 2342 2343
}

static int ipw_send_associate(struct ipw_priv *priv,
			      struct ipw_associate *associate)
{
2344
	struct ipw_associate tmp_associate;
Zhu Yi's avatar
Zhu Yi committed
2345 2346 2347 2348 2349 2350

	if (!priv || !associate) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362
	memcpy(&tmp_associate, associate, sizeof(*associate));
	tmp_associate.policy_support =
	    cpu_to_le16(tmp_associate.policy_support);
	tmp_associate.assoc_tsf_msw = cpu_to_le32(tmp_associate.assoc_tsf_msw);
	tmp_associate.assoc_tsf_lsw = cpu_to_le32(tmp_associate.assoc_tsf_lsw);
	tmp_associate.capability = cpu_to_le16(tmp_associate.capability);
	tmp_associate.listen_interval =
	    cpu_to_le16(tmp_associate.listen_interval);
	tmp_associate.beacon_interval =
	    cpu_to_le16(tmp_associate.beacon_interval);
	tmp_associate.atim_window = cpu_to_le16(tmp_associate.atim_window);

Zhu Yi's avatar
Zhu Yi committed
2363
	return ipw_send_cmd_pdu(priv, IPW_CMD_ASSOCIATE, sizeof(tmp_associate),
2364
				&tmp_associate);
2365 2366 2367 2368 2369 2370 2371 2372 2373 2374
}

static int ipw_send_supported_rates(struct ipw_priv *priv,
				    struct ipw_supported_rates *rates)
{
	if (!priv || !rates) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

Zhu Yi's avatar
Zhu Yi committed
2375
	return ipw_send_cmd_pdu(priv, IPW_CMD_SUPPORTED_RATES, sizeof(*rates),
2376
				rates);
2377 2378 2379 2380
}

static int ipw_set_random_seed(struct ipw_priv *priv)
{
Zhu Yi's avatar
Zhu Yi committed
2381
	u32 val;
2382 2383 2384 2385 2386 2387

	if (!priv) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

Zhu Yi's avatar
Zhu Yi committed
2388
	get_random_bytes(&val, sizeof(val));
2389

Zhu Yi's avatar
Zhu Yi committed
2390
	return ipw_send_cmd_pdu(priv, IPW_CMD_SEED_NUMBER, sizeof(val), &val);
2391 2392 2393 2394 2395 2396 2397 2398 2399
}

static int ipw_send_card_disable(struct ipw_priv *priv, u32 phy_off)
{
	if (!priv) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

2400
	phy_off = cpu_to_le32(phy_off);
Zhu Yi's avatar
Zhu Yi committed
2401
	return ipw_send_cmd_pdu(priv, IPW_CMD_CARD_DISABLE, sizeof(phy_off),
2402
				&phy_off);
2403 2404
}

2405
static int ipw_send_tx_power(struct ipw_priv *priv, struct ipw_tx_power *power)
2406 2407 2408 2409 2410 2411
{
	if (!priv || !power) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

2412
	return ipw_send_cmd_pdu(priv, IPW_CMD_TX_POWER, sizeof(*power), power);
2413 2414
}

2415 2416
static int ipw_set_tx_power(struct ipw_priv *priv)
{
2417
	const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
2418 2419 2420 2421 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432
	struct ipw_tx_power tx_power;
	s8 max_power;
	int i;

	memset(&tx_power, 0, sizeof(tx_power));

	/* configure device for 'G' band */
	tx_power.ieee_mode = IPW_G_MODE;
	tx_power.num_channels = geo->bg_channels;
	for (i = 0; i < geo->bg_channels; i++) {
		max_power = geo->bg[i].max_power;
		tx_power.channels_tx_power[i].channel_number =
		    geo->bg[i].channel;
		tx_power.channels_tx_power[i].tx_power = max_power ?
		    min(max_power, priv->tx_power) : priv->tx_power;
2433
	}
2434 2435 2436 2437 2438 2439 2440
	if (ipw_send_tx_power(priv, &tx_power))
		return -EIO;

	/* configure device to also handle 'B' band */
	tx_power.ieee_mode = IPW_B_MODE;
	if (ipw_send_tx_power(priv, &tx_power))
		return -EIO;
2441

2442 2443 2444 2445 2446 2447 2448 2449 2450 2451 2452 2453 2454 2455
	/* configure device to also handle 'A' band */
	if (priv->ieee->abg_true) {
		tx_power.ieee_mode = IPW_A_MODE;
		tx_power.num_channels = geo->a_channels;
		for (i = 0; i < tx_power.num_channels; i++) {
			max_power = geo->a[i].max_power;
			tx_power.channels_tx_power[i].channel_number =
			    geo->a[i].channel;
			tx_power.channels_tx_power[i].tx_power = max_power ?
			    min(max_power, priv->tx_power) : priv->tx_power;
		}
		if (ipw_send_tx_power(priv, &tx_power))
			return -EIO;
	}
2456 2457 2458 2459 2460 2461
	return 0;
}

static int ipw_send_rts_threshold(struct ipw_priv *priv, u16 rts)
{
	struct ipw_rts_threshold rts_threshold = {
2462
		.rts_threshold = cpu_to_le16(rts),
2463 2464 2465 2466 2467 2468 2469
	};

	if (!priv) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

Zhu Yi's avatar
Zhu Yi committed
2470 2471
	return ipw_send_cmd_pdu(priv, IPW_CMD_RTS_THRESHOLD,
				sizeof(rts_threshold), &rts_threshold);
2472 2473 2474 2475 2476
}

static int ipw_send_frag_threshold(struct ipw_priv *priv, u16 frag)
{
	struct ipw_frag_threshold frag_threshold = {
2477
		.frag_threshold = cpu_to_le16(frag),
2478 2479 2480 2481 2482 2483 2484
	};

	if (!priv) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

Zhu Yi's avatar
Zhu Yi committed
2485 2486
	return ipw_send_cmd_pdu(priv, IPW_CMD_FRAG_THRESHOLD,
				sizeof(frag_threshold), &frag_threshold);
2487 2488 2489 2490
}

static int ipw_send_power_mode(struct ipw_priv *priv, u32 mode)
{
Zhu Yi's avatar
Zhu Yi committed
2491
	u32 param;
2492 2493 2494 2495 2496

	if (!priv) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}
2497

2498 2499 2500 2501
	/* If on battery, set to 3, if AC set to CAM, else user
	 * level */
	switch (mode) {
	case IPW_POWER_BATTERY:
Zhu Yi's avatar
Zhu Yi committed
2502
		param = IPW_POWER_INDEX_3;
2503 2504
		break;
	case IPW_POWER_AC:
Zhu Yi's avatar
Zhu Yi committed
2505
		param = IPW_POWER_MODE_CAM;
2506 2507
		break;
	default:
Zhu Yi's avatar
Zhu Yi committed
2508
		param = mode;
2509 2510 2511
		break;
	}

2512
	param = cpu_to_le32(param);
Zhu Yi's avatar
Zhu Yi committed
2513
	return ipw_send_cmd_pdu(priv, IPW_CMD_POWER_MODE, sizeof(param),
2514
				&param);
2515 2516
}

2517 2518 2519 2520 2521 2522 2523 2524 2525 2526 2527 2528
static int ipw_send_retry_limit(struct ipw_priv *priv, u8 slimit, u8 llimit)
{
	struct ipw_retry_limit retry_limit = {
		.short_retry_limit = slimit,
		.long_retry_limit = llimit
	};

	if (!priv) {
		IPW_ERROR("Invalid args\n");
		return -1;
	}

Zhu Yi's avatar
Zhu Yi committed
2529
	return ipw_send_cmd_pdu(priv, IPW_CMD_RETRY_LIMIT, sizeof(retry_limit),
2530
				&retry_limit);
2531 2532
}

2533 2534 2535 2536 2537 2538 2539 2540 2541 2542 2543 2544 2545 2546 2547 2548 2549 2550 2551 2552 2553
/*
 * The IPW device contains a Microwire compatible EEPROM that stores
 * various data like the MAC address.  Usually the firmware has exclusive
 * access to the eeprom, but during device initialization (before the
 * device driver has sent the HostComplete command to the firmware) the
 * device driver has read access to the EEPROM by way of indirect addressing
 * through a couple of memory mapped registers.
 *
 * The following is a simplified implementation for pulling data out of the
 * the eeprom, along with some helper functions to find information in
 * the per device private data's copy of the eeprom.
 *
 * NOTE: To better understand how these functions work (i.e what is a chip
 *       select and why do have to keep driving the eeprom clock?), read
 *       just about any data sheet for a Microwire compatible EEPROM.
 */

/* write a 32 bit value into the indirect accessor register */
static inline void eeprom_write_reg(struct ipw_priv *p, u32 data)
{
	ipw_write_reg32(p, FW_MEM_REG_EEPROM_ACCESS, data);
2554

2555 2556 2557 2558 2559 2560 2561
	/* the eeprom requires some time to complete the operation */
	udelay(p->eeprom_delay);

	return;
}

/* perform a chip select operation */
2562
static void eeprom_cs(struct ipw_priv *priv)
2563
{
2564 2565 2566 2567
	eeprom_write_reg(priv, 0);
	eeprom_write_reg(priv, EEPROM_BIT_CS);
	eeprom_write_reg(priv, EEPROM_BIT_CS | EEPROM_BIT_SK);
	eeprom_write_reg(priv, EEPROM_BIT_CS);
2568 2569 2570
}

/* perform a chip select operation */
2571
static void eeprom_disable_cs(struct ipw_priv *priv)
2572
{
2573 2574 2575
	eeprom_write_reg(priv, EEPROM_BIT_CS);
	eeprom_write_reg(priv, 0);
	eeprom_write_reg(priv, EEPROM_BIT_SK);
2576 2577 2578
}

/* push a single bit down to the eeprom */
2579
static inline void eeprom_write_bit(struct ipw_priv *p, u8 bit)
2580
{
2581 2582 2583
	int d = (bit ? EEPROM_BIT_DI : 0);
	eeprom_write_reg(p, EEPROM_BIT_CS | d);
	eeprom_write_reg(p, EEPROM_BIT_CS | d | EEPROM_BIT_SK);
2584 2585 2586
}

/* push an opcode followed by an address down to the eeprom */
2587
static void eeprom_op(struct ipw_priv *priv, u8 op, u8 addr)
2588 2589 2590 2591
{
	int i;

	eeprom_cs(priv);
2592 2593 2594 2595 2596
	eeprom_write_bit(priv, 1);
	eeprom_write_bit(priv, op & 2);
	eeprom_write_bit(priv, op & 1);
	for (i = 7; i >= 0; i--) {
		eeprom_write_bit(priv, addr & (1 << i));
2597 2598 2599 2600
	}
}

/* pull 16 bits off the eeprom, one bit at a time */
2601
static u16 eeprom_read_u16(struct ipw_priv *priv, u8 addr)
2602 2603
{
	int i;
2604
	u16 r = 0;
2605

2606
	/* Send READ Opcode */
2607
	eeprom_op(priv, EEPROM_CMD_READ, addr);
2608 2609

	/* Send dummy bit */
2610
	eeprom_write_reg(priv, EEPROM_BIT_CS);
2611 2612

	/* Read the byte off the eeprom one bit at a time */
2613
	for (i = 0; i < 16; i++) {
2614
		u32 data = 0;
2615 2616 2617 2618
		eeprom_write_reg(priv, EEPROM_BIT_CS | EEPROM_BIT_SK);
		eeprom_write_reg(priv, EEPROM_BIT_CS);
		data = ipw_read_reg32(priv, FW_MEM_REG_EEPROM_ACCESS);
		r = (r << 1) | ((data & EEPROM_BIT_DO) ? 1 : 0);
2619
	}
2620

2621
	/* Send another dummy bit */
2622
	eeprom_write_reg(priv, 0);
2623
	eeprom_disable_cs(priv);
2624

2625 2626 2627 2628 2629
	return r;
}

/* helper function for pulling the mac address out of the private */
/* data's copy of the eeprom data                                 */
2630
static void eeprom_parse_mac(struct ipw_priv *priv, u8 * mac)
2631
{
2632
	memcpy(mac, &priv->eeprom[EEPROM_MAC_ADDRESS], 6);
2633 2634 2635 2636 2637 2638 2639 2640 2641 2642 2643 2644 2645
}

/*
 * Either the device driver (i.e. the host) or the firmware can
 * load eeprom data into the designated region in SRAM.  If neither
 * happens then the FW will shutdown with a fatal error.
 *
 * In order to signal the FW to load the EEPROM, the EEPROM_LOAD_DISABLE
 * bit needs region of shared SRAM needs to be non-zero.
 */
static void ipw_eeprom_init_sram(struct ipw_priv *priv)
{
	int i;
2646
	u16 *eeprom = (u16 *) priv->eeprom;
2647

2648 2649 2650
	IPW_DEBUG_TRACE(">>\n");

	/* read entire contents of eeprom into private buffer */
2651
	for (i = 0; i < 128; i++)
2652
		eeprom[i] = le16_to_cpu(eeprom_read_u16(priv, (u8) i));
2653

2654 2655
	/*
	   If the data looks correct, then copy it to our private
2656
	   copy.  Otherwise let the firmware know to perform the operation
2657
	   on its own.
2658
	 */
2659
	if (priv->eeprom[EEPROM_VERSION] != 0) {
2660 2661 2662
		IPW_DEBUG_INFO("Writing EEPROM data into SRAM\n");

		/* write the eeprom data to sram */
2663
		for (i = 0; i < IPW_EEPROM_IMAGE_SIZE; i++)
2664
			ipw_write8(priv, IPW_EEPROM_DATA + i, priv->eeprom[i]);
2665 2666 2667 2668 2669 2670 2671 2672 2673 2674 2675 2676 2677

		/* Do not load eeprom data on fatal error or suspend */
		ipw_write32(priv, IPW_EEPROM_LOAD_DISABLE, 0);
	} else {
		IPW_DEBUG_INFO("Enabling FW initializationg of SRAM\n");

		/* Load eeprom data on fatal error or suspend */
		ipw_write32(priv, IPW_EEPROM_LOAD_DISABLE, 1);
	}

	IPW_DEBUG_TRACE("<<\n");
}

2678
static void ipw_zero_memory(struct ipw_priv *priv, u32 start, u32 count)
2679 2680
{
	count >>= 2;
2681 2682
	if (!count)
		return;
2683
	_ipw_write32(priv, IPW_AUTOINC_ADDR, start);
2684
	while (count--)
2685
		_ipw_write32(priv, IPW_AUTOINC_DATA, 0);
2686 2687 2688 2689
}

static inline void ipw_fw_dma_reset_command_blocks(struct ipw_priv *priv)
{
2690
	ipw_zero_memory(priv, IPW_SHARED_SRAM_DMA_CONTROL,
2691
			CB_NUMBER_OF_ELEMENTS_SMALL *
2692 2693 2694 2695
			sizeof(struct command_block));
}

static int ipw_fw_dma_enable(struct ipw_priv *priv)
2696
{				/* start dma engine but no transfers yet */
2697 2698

	IPW_DEBUG_FW(">> : \n");
2699

2700 2701
	/* Start the dma */
	ipw_fw_dma_reset_command_blocks(priv);
2702

2703
	/* Write CB base address */
2704
	ipw_write_reg32(priv, IPW_DMA_I_CB_BASE, IPW_SHARED_SRAM_DMA_CONTROL);
2705 2706 2707 2708 2709 2710 2711 2712 2713 2714

	IPW_DEBUG_FW("<< : \n");
	return 0;
}

static void ipw_fw_dma_abort(struct ipw_priv *priv)
{
	u32 control = 0;

	IPW_DEBUG_FW(">> :\n");
2715

2716
	/* set the Stop and Abort bit */
2717
	control = DMA_CONTROL_SMALL_CB_CONST_VALUE | DMA_CB_STOP_AND_ABORT;
2718
	ipw_write_reg32(priv, IPW_DMA_I_DMA_CONTROL, control);
2719
	priv->sram_desc.last_cb_index = 0;
2720

2721 2722 2723
	IPW_DEBUG_FW("<< \n");
}

2724 2725
static int ipw_fw_dma_write_command_block(struct ipw_priv *priv, int index,
					  struct command_block *cb)
2726
{
2727
	u32 address =
2728
	    IPW_SHARED_SRAM_DMA_CONTROL +
2729
	    (sizeof(struct command_block) * index);
2730 2731
	IPW_DEBUG_FW(">> :\n");

2732 2733
	ipw_write_indirect(priv, address, (u8 *) cb,
			   (int)sizeof(struct command_block));
2734 2735 2736 2737 2738 2739 2740 2741 2742

	IPW_DEBUG_FW("<< :\n");
	return 0;

}

static int ipw_fw_dma_kick(struct ipw_priv *priv)
{
	u32 control = 0;
2743
	u32 index = 0;
2744 2745

	IPW_DEBUG_FW(">> :\n");
2746

2747
	for (index = 0; index < priv->sram_desc.last_cb_index; index++)
2748 2749
		ipw_fw_dma_write_command_block(priv, index,
					       &priv->sram_desc.cb_list[index]);
2750 2751

	/* Enable the DMA in the CSR register */
2752 2753 2754
	ipw_clear_bit(priv, IPW_RESET_REG,
		      IPW_RESET_REG_MASTER_DISABLED |
		      IPW_RESET_REG_STOP_MASTER);
2755

2756
	/* Set the Start bit. */
2757
	control = DMA_CONTROL_SMALL_CB_CONST_VALUE | DMA_CB_START;
2758
	ipw_write_reg32(priv, IPW_DMA_I_DMA_CONTROL, control);
2759 2760 2761 2762 2763 2764 2765 2766

	IPW_DEBUG_FW("<< :\n");
	return 0;
}

static void ipw_fw_dma_dump_command_block(struct ipw_priv *priv)
{
	u32 address;
2767 2768
	u32 register_value = 0;
	u32 cb_fields_address = 0;
2769 2770

	IPW_DEBUG_FW(">> :\n");
2771
	address = ipw_read_reg32(priv, IPW_DMA_I_CURRENT_CB);
2772
	IPW_DEBUG_FW_INFO("Current CB is 0x%x \n", address);
2773 2774

	/* Read the DMA Controlor register */
2775 2776
	register_value = ipw_read_reg32(priv, IPW_DMA_I_DMA_CONTROL);
	IPW_DEBUG_FW_INFO("IPW_DMA_I_DMA_CONTROL is 0x%x \n", register_value);
2777

2778
	/* Print the CB values */
2779 2780
	cb_fields_address = address;
	register_value = ipw_read_reg32(priv, cb_fields_address);
2781
	IPW_DEBUG_FW_INFO("Current CB ControlField is 0x%x \n", register_value);
2782 2783 2784

	cb_fields_address += sizeof(u32);
	register_value = ipw_read_reg32(priv, cb_fields_address);
2785
	IPW_DEBUG_FW_INFO("Current CB Source Field is 0x%x \n", register_value);
2786 2787 2788 2789 2790 2791 2792 2793

	cb_fields_address += sizeof(u32);
	register_value = ipw_read_reg32(priv, cb_fields_address);
	IPW_DEBUG_FW_INFO("Current CB Destination Field is 0x%x \n",
			  register_value);

	cb_fields_address += sizeof(u32);
	register_value = ipw_read_reg32(priv, cb_fields_address);
2794
	IPW_DEBUG_FW_INFO("Current CB Status Field is 0x%x \n", register_value);
2795 2796 2797 2798 2799 2800 2801 2802 2803 2804

	IPW_DEBUG_FW(">> :\n");
}

static int ipw_fw_dma_command_block_index(struct ipw_priv *priv)
{
	u32 current_cb_address = 0;
	u32 current_cb_index = 0;

	IPW_DEBUG_FW("<< :\n");
2805
	current_cb_address = ipw_read_reg32(priv, IPW_DMA_I_CURRENT_CB);
2806

2807
	current_cb_index = (current_cb_address - IPW_SHARED_SRAM_DMA_CONTROL) /
2808
	    sizeof(struct command_block);
2809

2810
	IPW_DEBUG_FW_INFO("Current CB index 0x%x address = 0x%X \n",
2811
			  current_cb_index, current_cb_address);
2812 2813 2814 2815 2816 2817 2818 2819 2820 2821

	IPW_DEBUG_FW(">> :\n");
	return current_cb_index;

}

static int ipw_fw_dma_add_command_block(struct ipw_priv *priv,
					u32 src_address,
					u32 dest_address,
					u32 length,
2822
					int interrupt_enabled, int is_last)
2823 2824
{

2825
	u32 control = CB_VALID | CB_SRC_LE | CB_DEST_LE | CB_SRC_AUTOINC |
2826 2827
	    CB_SRC_IO_GATED | CB_DEST_AUTOINC | CB_SRC_SIZE_LONG |
	    CB_DEST_SIZE_LONG;
2828
	struct command_block *cb;
2829
	u32 last_cb_element = 0;
2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2840 2841

	IPW_DEBUG_FW_INFO("src_address=0x%x dest_address=0x%x length=0x%x\n",
			  src_address, dest_address, length);

	if (priv->sram_desc.last_cb_index >= CB_NUMBER_OF_ELEMENTS_SMALL)
		return -1;

	last_cb_element = priv->sram_desc.last_cb_index;
	cb = &priv->sram_desc.cb_list[last_cb_element];
	priv->sram_desc.last_cb_index++;

	/* Calculate the new CB control word */
2842
	if (interrupt_enabled)
2843 2844 2845 2846
		control |= CB_INT_ENABLED;

	if (is_last)
		control |= CB_LAST_VALID;
2847

2848 2849 2850
	control |= length;

	/* Calculate the CB Element's checksum value */
2851
	cb->status = control ^ src_address ^ dest_address;
2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 2862 2863

	/* Copy the Source and Destination addresses */
	cb->dest_addr = dest_address;
	cb->source_addr = src_address;

	/* Copy the Control Word last */
	cb->control = control;

	return 0;
}

static int ipw_fw_dma_add_buffer(struct ipw_priv *priv,
2864
				 u32 src_phys, u32 dest_address, u32 length)
2865 2866
{
	u32 bytes_left = length;
2867 2868
	u32 src_offset = 0;
	u32 dest_offset = 0;
2869 2870 2871 2872 2873
	int status = 0;
	IPW_DEBUG_FW(">> \n");
	IPW_DEBUG_FW_INFO("src_phys=0x%x dest_address=0x%x length=0x%x\n",
			  src_phys, dest_address, length);
	while (bytes_left > CB_MAX_LENGTH) {
2874 2875 2876 2877 2878
		status = ipw_fw_dma_add_command_block(priv,
						      src_phys + src_offset,
						      dest_address +
						      dest_offset,
						      CB_MAX_LENGTH, 0, 0);
2879 2880 2881
		if (status) {
			IPW_DEBUG_FW_INFO(": Failed\n");
			return -1;
2882
		} else
2883 2884 2885 2886 2887 2888 2889 2890 2891
			IPW_DEBUG_FW_INFO(": Added new cb\n");

		src_offset += CB_MAX_LENGTH;
		dest_offset += CB_MAX_LENGTH;
		bytes_left -= CB_MAX_LENGTH;
	}

	/* add the buffer tail */
	if (bytes_left > 0) {
2892 2893 2894 2895
		status =
		    ipw_fw_dma_add_command_block(priv, src_phys + src_offset,
						 dest_address + dest_offset,
						 bytes_left, 0, 0);
2896 2897 2898
		if (status) {
			IPW_DEBUG_FW_INFO(": Failed on the buffer tail\n");
			return -1;
2899
		} else
2900 2901
			IPW_DEBUG_FW_INFO
			    (": Adding new cb - the buffer tail\n");
2902
	}
2903

2904 2905 2906 2907 2908 2909
	IPW_DEBUG_FW("<< \n");
	return 0;
}

static int ipw_fw_dma_wait(struct ipw_priv *priv)
{
2910
	u32 current_index = 0, previous_index;
2911 2912 2913 2914 2915
	u32 watchdog = 0;

	IPW_DEBUG_FW(">> : \n");

	current_index = ipw_fw_dma_command_block_index(priv);
2916
	IPW_DEBUG_FW_INFO("sram_desc.last_cb_index:0x%08X\n",
2917
			  (int)priv->sram_desc.last_cb_index);
2918 2919 2920

	while (current_index < priv->sram_desc.last_cb_index) {
		udelay(50);
2921
		previous_index = current_index;
2922 2923
		current_index = ipw_fw_dma_command_block_index(priv);

2924 2925 2926 2927 2928
		if (previous_index < current_index) {
			watchdog = 0;
			continue;
		}
		if (++watchdog > 400) {
2929 2930 2931 2932 2933 2934 2935 2936 2937
			IPW_DEBUG_FW_INFO("Timeout\n");
			ipw_fw_dma_dump_command_block(priv);
			ipw_fw_dma_abort(priv);
			return -1;
		}
	}

	ipw_fw_dma_abort(priv);

2938
	/*Disable the DMA in the CSR register */
2939 2940
	ipw_set_bit(priv, IPW_RESET_REG,
		    IPW_RESET_REG_MASTER_DISABLED | IPW_RESET_REG_STOP_MASTER);
2941 2942 2943 2944 2945

	IPW_DEBUG_FW("<< dmaWaitSync \n");
	return 0;
}

2946
static void ipw_remove_current_network(struct ipw_priv *priv)
2947 2948
{
	struct list_head *element, *safe;
2949
	struct ieee80211_network *network = NULL;
2950 2951 2952
	unsigned long flags;

	spin_lock_irqsave(&priv->ieee->lock, flags);
2953 2954 2955 2956
	list_for_each_safe(element, safe, &priv->ieee->network_list) {
		network = list_entry(element, struct ieee80211_network, list);
		if (!memcmp(network->bssid, priv->bssid, ETH_ALEN)) {
			list_del(element);
2957
			list_add_tail(&network->list,
2958 2959 2960
				      &priv->ieee->network_free_list);
		}
	}
2961
	spin_unlock_irqrestore(&priv->ieee->lock, flags);
2962 2963 2964
}

/**
2965
 * Check that card is still alive.
2966 2967 2968
 * Reads debug register from domain0.
 * If card is present, pre-defined value should
 * be found there.
2969
 *
2970 2971 2972 2973 2974 2975 2976 2977
 * @param priv
 * @return 1 if card is present, 0 otherwise
 */
static inline int ipw_alive(struct ipw_priv *priv)
{
	return ipw_read32(priv, 0x90) == 0xd55555d5;
}

2978
/* timeout in msec, attempted in 10-msec quanta */
2979
static int ipw_poll_bit(struct ipw_priv *priv, u32 addr, u32 mask,
2980 2981 2982 2983 2984
			       int timeout)
{
	int i = 0;

	do {
2985
		if ((ipw_read32(priv, addr) & mask) == mask)
2986 2987 2988 2989
			return i;
		mdelay(10);
		i += 10;
	} while (i < timeout);
2990

2991 2992 2993
	return -ETIME;
}

2994
/* These functions load the firmware and micro code for the operation of
2995 2996 2997 2998
 * the ipw hardware.  It assumes the buffer has all the bits for the
 * image and the caller is handling the memory allocation and clean up.
 */

2999
static int ipw_stop_master(struct ipw_priv *priv)
3000 3001
{
	int rc;
3002

3003 3004
	IPW_DEBUG_TRACE(">> \n");
	/* stop master. typical delay - 0 */
3005
	ipw_set_bit(priv, IPW_RESET_REG, IPW_RESET_REG_STOP_MASTER);
3006

3007
	/* timeout is in msec, polled in 10-msec quanta */
3008 3009
	rc = ipw_poll_bit(priv, IPW_RESET_REG,
			  IPW_RESET_REG_MASTER_DISABLED, 100);
3010
	if (rc < 0) {
3011
		IPW_ERROR("wait for stop master failed after 100ms\n");
3012 3013 3014 3015 3016 3017 3018 3019 3020 3021 3022 3023 3024
		return -1;
	}

	IPW_DEBUG_INFO("stop master %dms\n", rc);

	return rc;
}

static void ipw_arc_release(struct ipw_priv *priv)
{
	IPW_DEBUG_TRACE(">> \n");
	mdelay(5);

3025
	ipw_clear_bit(priv, IPW_RESET_REG, CBD_RESET_REG_PRINCETON_RESET);
3026 3027 3028 3029 3030 3031 3032 3033 3034 3035

	/* no one knows timing, for safety add some delay */
	mdelay(5);
}

struct fw_chunk {
	u32 address;
	u32 length;
};

3036
static int ipw_load_ucode(struct ipw_priv *priv, u8 * data, size_t len)
3037 3038 3039 3040 3041
{
	int rc = 0, i, addr;
	u8 cr = 0;
	u16 *image;

3042
	image = (u16 *) data;
3043

3044 3045 3046 3047 3048 3049
	IPW_DEBUG_TRACE(">> \n");

	rc = ipw_stop_master(priv);

	if (rc < 0)
		return rc;
3050

3051 3052
	for (addr = IPW_SHARED_LOWER_BOUND;
	     addr < IPW_REGISTER_DOMAIN1_END; addr += 4) {
3053 3054 3055 3056 3057 3058 3059 3060
		ipw_write32(priv, addr, 0);
	}

	/* no ucode (yet) */
	memset(&priv->dino_alive, 0, sizeof(priv->dino_alive));
	/* destroy DMA queues */
	/* reset sequence */

3061
	ipw_write_reg32(priv, IPW_MEM_HALT_AND_RESET, IPW_BIT_HALT_RESET_ON);
3062
	ipw_arc_release(priv);
3063
	ipw_write_reg32(priv, IPW_MEM_HALT_AND_RESET, IPW_BIT_HALT_RESET_OFF);
3064 3065 3066
	mdelay(1);

	/* reset PHY */
3067
	ipw_write_reg32(priv, IPW_INTERNAL_CMD_EVENT, IPW_BASEBAND_POWER_DOWN);
3068
	mdelay(1);
3069

3070
	ipw_write_reg32(priv, IPW_INTERNAL_CMD_EVENT, 0);
3071
	mdelay(1);
3072

3073
	/* enable ucode store */
3074 3075
	ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, 0x0);
	ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, DINO_ENABLE_CS);
3076 3077 3078 3079 3080 3081 3082 3083 3084 3085 3086 3087
	mdelay(1);

	/* write ucode */
	/**
	 * @bug
	 * Do NOT set indirect address register once and then
	 * store data to indirect data register in the loop.
	 * It seems very reasonable, but in this case DINO do not
	 * accept ucode. It is essential to set address each time.
	 */
	/* load new ipw uCode */
	for (i = 0; i < len / 2; i++)
3088
		ipw_write_reg16(priv, IPW_BASEBAND_CONTROL_STORE,
3089
				cpu_to_le16(image[i]));
3090 3091

	/* enable DINO */
3092 3093
	ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, 0);
	ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, DINO_ENABLE_SYSTEM);
3094

3095
	/* this is where the igx / win driver deveates from the VAP driver. */
3096 3097 3098 3099

	/* wait for alive response */
	for (i = 0; i < 100; i++) {
		/* poll for incoming data */
3100
		cr = ipw_read_reg8(priv, IPW_BASEBAND_CONTROL_STATUS);
3101 3102 3103 3104 3105 3106 3107 3108
		if (cr & DINO_RXFIFO_DATA)
			break;
		mdelay(1);
	}

	if (cr & DINO_RXFIFO_DATA) {
		/* alive_command_responce size is NOT multiple of 4 */
		u32 response_buffer[(sizeof(priv->dino_alive) + 3) / 4];
3109 3110

		for (i = 0; i < ARRAY_SIZE(response_buffer); i++)
3111
			response_buffer[i] =
3112
			    le32_to_cpu(ipw_read_reg32(priv,
3113
						       IPW_BASEBAND_RX_FIFO_READ));
3114 3115 3116 3117 3118
		memcpy(&priv->dino_alive, response_buffer,
		       sizeof(priv->dino_alive));
		if (priv->dino_alive.alive_command == 1
		    && priv->dino_alive.ucode_valid == 1) {
			rc = 0;
3119 3120 3121 3122 3123 3124 3125 3126 3127 3128 3129 3130
			IPW_DEBUG_INFO
			    ("Microcode OK, rev. %d (0x%x) dev. %d (0x%x) "
			     "of %02d/%02d/%02d %02d:%02d\n",
			     priv->dino_alive.software_revision,
			     priv->dino_alive.software_revision,
			     priv->dino_alive.device_identifier,
			     priv->dino_alive.device_identifier,
			     priv->dino_alive.time_stamp[0],
			     priv->dino_alive.time_stamp[1],
			     priv->dino_alive.time_stamp[2],
			     priv->dino_alive.time_stamp[3],
			     priv->dino_alive.time_stamp[4]);
3131 3132 3133 3134 3135 3136 3137 3138 3139 3140 3141
		} else {
			IPW_DEBUG_INFO("Microcode is not alive\n");
			rc = -EINVAL;
		}
	} else {
		IPW_DEBUG_INFO("No alive response from DINO\n");
		rc = -ETIME;
	}

	/* disable DINO, otherwise for some reason
	   firmware have problem getting alive resp. */
3142
	ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, 0);
3143 3144 3145 3146

	return rc;
}

3147
static int ipw_load_firmware(struct ipw_priv *priv, u8 * data, size_t len)
3148 3149 3150 3151 3152 3153 3154 3155 3156 3157 3158 3159 3160 3161 3162 3163 3164 3165 3166 3167 3168 3169 3170 3171 3172 3173 3174 3175
{
	int rc = -1;
	int offset = 0;
	struct fw_chunk *chunk;
	dma_addr_t shared_phys;
	u8 *shared_virt;

	IPW_DEBUG_TRACE("<< : \n");
	shared_virt = pci_alloc_consistent(priv->pci_dev, len, &shared_phys);

	if (!shared_virt)
		return -ENOMEM;

	memmove(shared_virt, data, len);

	/* Start the Dma */
	rc = ipw_fw_dma_enable(priv);

	if (priv->sram_desc.last_cb_index > 0) {
		/* the DMA is already ready this would be a bug. */
		BUG();
		goto out;
	}

	do {
		chunk = (struct fw_chunk *)(data + offset);
		offset += sizeof(struct fw_chunk);
		/* build DMA packet and queue up for sending */
3176
		/* dma to chunk->address, the chunk->length bytes from data +
3177 3178 3179
		 * offeset*/
		/* Dma loading */
		rc = ipw_fw_dma_add_buffer(priv, shared_phys + offset,
3180 3181
					   le32_to_cpu(chunk->address),
					   le32_to_cpu(chunk->length));
3182 3183 3184 3185
		if (rc) {
			IPW_DEBUG_INFO("dmaAddBuffer Failed\n");
			goto out;
		}
3186

3187
		offset += le32_to_cpu(chunk->length);
3188 3189
	} while (offset < len);

3190
	/* Run the DMA and wait for the answer */
3191 3192 3193 3194 3195 3196 3197 3198 3199 3200 3201
	rc = ipw_fw_dma_kick(priv);
	if (rc) {
		IPW_ERROR("dmaKick Failed\n");
		goto out;
	}

	rc = ipw_fw_dma_wait(priv);
	if (rc) {
		IPW_ERROR("dmaWaitSync Failed\n");
		goto out;
	}
3202 3203
      out:
	pci_free_consistent(priv->pci_dev, len, shared_virt, shared_phys);
3204 3205 3206 3207 3208 3209 3210 3211
	return rc;
}

/* stop nic */
static int ipw_stop_nic(struct ipw_priv *priv)
{
	int rc = 0;

3212
	/* stop */
3213
	ipw_write32(priv, IPW_RESET_REG, IPW_RESET_REG_STOP_MASTER);
3214

3215 3216
	rc = ipw_poll_bit(priv, IPW_RESET_REG,
			  IPW_RESET_REG_MASTER_DISABLED, 500);
3217
	if (rc < 0) {
3218
		IPW_ERROR("wait for reg master disabled failed after 500ms\n");
3219
		return rc;
3220
	}
3221

3222
	ipw_set_bit(priv, IPW_RESET_REG, CBD_RESET_REG_PRINCETON_RESET);
3223

3224 3225 3226 3227 3228 3229 3230
	return rc;
}

static void ipw_start_nic(struct ipw_priv *priv)
{
	IPW_DEBUG_TRACE(">>\n");

3231
	/* prvHwStartNic  release ARC */
3232 3233 3234
	ipw_clear_bit(priv, IPW_RESET_REG,
		      IPW_RESET_REG_MASTER_DISABLED |
		      IPW_RESET_REG_STOP_MASTER |
3235
		      CBD_RESET_REG_PRINCETON_RESET);
3236

3237
	/* enable power management */
3238 3239
	ipw_set_bit(priv, IPW_GP_CNTRL_RW,
		    IPW_GP_CNTRL_BIT_HOST_ALLOWS_STANDBY);
3240 3241 3242

	IPW_DEBUG_TRACE("<<\n");
}
3243

3244 3245 3246 3247 3248
static int ipw_init_nic(struct ipw_priv *priv)
{
	int rc;

	IPW_DEBUG_TRACE(">>\n");
3249
	/* reset */
3250 3251
	/*prvHwInitNic */
	/* set "initialization complete" bit to move adapter to D0 state */
3252
	ipw_set_bit(priv, IPW_GP_CNTRL_RW, IPW_GP_CNTRL_BIT_INIT_DONE);
3253 3254

	/* low-level PLL activation */
3255 3256
	ipw_write32(priv, IPW_READ_INT_REGISTER,
		    IPW_BIT_INT_HOST_SRAM_READ_INT_REGISTER);
3257 3258

	/* wait for clock stabilization */
3259 3260
	rc = ipw_poll_bit(priv, IPW_GP_CNTRL_RW,
			  IPW_GP_CNTRL_BIT_CLOCK_READY, 250);
3261
	if (rc < 0)
3262 3263 3264
		IPW_DEBUG_INFO("FAILED wait for clock stablization\n");

	/* assert SW reset */
3265
	ipw_set_bit(priv, IPW_RESET_REG, IPW_RESET_REG_SW_RESET);
3266 3267 3268 3269

	udelay(10);

	/* set "initialization complete" bit to move adapter to D0 state */
3270
	ipw_set_bit(priv, IPW_GP_CNTRL_RW, IPW_GP_CNTRL_BIT_INIT_DONE);
3271 3272 3273 3274 3275

	IPW_DEBUG_TRACE(">>\n");
	return 0;
}

3276
/* Call this function from process context, it will sleep in request_firmware.
3277 3278 3279 3280 3281
 * Probe is an ok place to call this from.
 */
static int ipw_reset_nic(struct ipw_priv *priv)
{
	int rc = 0;
3282
	unsigned long flags;
3283 3284

	IPW_DEBUG_TRACE(">>\n");
3285

3286
	rc = ipw_init_nic(priv);
3287

3288
	spin_lock_irqsave(&priv->lock, flags);
3289 3290 3291
	/* Clear the 'host command active' bit... */
	priv->status &= ~STATUS_HCMD_ACTIVE;
	wake_up_interruptible(&priv->wait_command_queue);
3292 3293
	priv->status &= ~(STATUS_SCANNING | STATUS_SCAN_ABORTING);
	wake_up_interruptible(&priv->wait_state);
3294
	spin_unlock_irqrestore(&priv->lock, flags);
3295 3296 3297

	IPW_DEBUG_TRACE("<<\n");
	return rc;
3298
}
3299

3300 3301

struct ipw_fw {
3302 3303 3304 3305
	__le32 ver;
	__le32 boot_size;
	__le32 ucode_size;
	__le32 fw_size;
3306 3307 3308
	u8 data[0];
};

3309
static int ipw_get_fw(struct ipw_priv *priv,
3310
		      const struct firmware **raw, const char *name)
3311
{
3312
	struct ipw_fw *fw;
3313 3314 3315
	int rc;

	/* ask firmware_class module to get the boot firmware off disk */
3316
	rc = request_firmware(raw, name, &priv->pci_dev->dev);
3317
	if (rc < 0) {
3318
		IPW_ERROR("%s request_firmware failed: Reason %d\n", name, rc);
3319
		return rc;
3320
	}
3321

3322 3323 3324 3325 3326 3327 3328
	if ((*raw)->size < sizeof(*fw)) {
		IPW_ERROR("%s is too small (%zd)\n", name, (*raw)->size);
		return -EINVAL;
	}

	fw = (void *)(*raw)->data;

3329 3330
	if ((*raw)->size < sizeof(*fw) + le32_to_cpu(fw->boot_size) +
	    le32_to_cpu(fw->ucode_size) + le32_to_cpu(fw->fw_size)) {
3331 3332
		IPW_ERROR("%s is too small or corrupt (%zd)\n",
			  name, (*raw)->size);
3333 3334 3335
		return -EINVAL;
	}

3336
	IPW_DEBUG_INFO("Read firmware '%s' image v%d.%d (%zd bytes)\n",
3337
		       name,
3338 3339 3340
		       le32_to_cpu(fw->ver) >> 16,
		       le32_to_cpu(fw->ver) & 0xff,
		       (*raw)->size - sizeof(*fw));
3341 3342 3343
	return 0;
}

3344
#define IPW_RX_BUF_SIZE (3000)
3345

3346
static void ipw_rx_queue_reset(struct ipw_priv *priv,
3347 3348 3349 3350 3351 3352 3353 3354 3355 3356 3357 3358 3359 3360 3361 3362
				      struct ipw_rx_queue *rxq)
{
	unsigned long flags;
	int i;

	spin_lock_irqsave(&rxq->lock, flags);

	INIT_LIST_HEAD(&rxq->rx_free);
	INIT_LIST_HEAD(&rxq->rx_used);

	/* Fill the rx_used queue with _all_ of the Rx buffers */
	for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++) {
		/* In the reset function, these buffers may have been allocated
		 * to an SKB, so we need to unmap and free potential storage */
		if (rxq->pool[i].skb != NULL) {
			pci_unmap_single(priv->pci_dev, rxq->pool[i].dma_addr,
3363
					 IPW_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
3364
			dev_kfree_skb(rxq->pool[i].skb);
3365
			rxq->pool[i].skb = NULL;
3366 3367 3368
		}
		list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
	}
3369

3370 3371 3372 3373 3374 3375 3376 3377 3378 3379
	/* Set us so that we have processed and used all buffers, but have
	 * not restocked the Rx queue with fresh buffers */
	rxq->read = rxq->write = 0;
	rxq->processed = RX_QUEUE_SIZE - 1;
	rxq->free_count = 0;
	spin_unlock_irqrestore(&rxq->lock, flags);
}

#ifdef CONFIG_PM
static int fw_loaded = 0;
3380
static const struct firmware *raw = NULL;
3381 3382 3383 3384

static void free_firmware(void)
{
	if (fw_loaded) {
3385 3386
		release_firmware(raw);
		raw = NULL;
3387 3388 3389 3390 3391
		fw_loaded = 0;
	}
}
#else
#define free_firmware() do {} while (0)
3392 3393 3394 3395 3396
#endif

static int ipw_load(struct ipw_priv *priv)
{
#ifndef CONFIG_PM
3397
	const struct firmware *raw = NULL;
3398
#endif
3399 3400 3401
	struct ipw_fw *fw;
	u8 *boot_img, *ucode_img, *fw_img;
	u8 *name = NULL;
3402 3403
	int rc = 0, retries = 3;

3404 3405
	switch (priv->ieee->iw_mode) {
	case IW_MODE_ADHOC:
3406
		name = "ipw2200-ibss.fw";
3407
		break;
3408
#ifdef CONFIG_IPW2200_MONITOR
3409
	case IW_MODE_MONITOR:
3410
		name = "ipw2200-sniffer.fw";
3411
		break;
3412
#endif
3413
	case IW_MODE_INFRA:
3414
		name = "ipw2200-bss.fw";
3415
		break;
3416 3417 3418
	}

	if (!name) {
3419
		rc = -EINVAL;
3420 3421 3422 3423 3424 3425 3426 3427 3428 3429
		goto error;
	}

#ifdef CONFIG_PM
	if (!fw_loaded) {
#endif
		rc = ipw_get_fw(priv, &raw, name);
		if (rc < 0)
			goto error;
#ifdef CONFIG_PM
3430
	}
3431 3432 3433 3434
#endif

	fw = (void *)raw->data;
	boot_img = &fw->data[0];
3435 3436 3437
	ucode_img = &fw->data[le32_to_cpu(fw->boot_size)];
	fw_img = &fw->data[le32_to_cpu(fw->boot_size) +
			   le32_to_cpu(fw->ucode_size)];
3438 3439 3440

	if (rc < 0)
		goto error;
3441 3442 3443 3444 3445 3446 3447 3448 3449 3450

	if (!priv->rxq)
		priv->rxq = ipw_rx_queue_alloc(priv);
	else
		ipw_rx_queue_reset(priv, priv->rxq);
	if (!priv->rxq) {
		IPW_ERROR("Unable to initialize Rx queue\n");
		goto error;
	}

3451
      retry:
3452
	/* Ensure interrupts are disabled */
3453
	ipw_write32(priv, IPW_INTA_MASK_R, ~IPW_INTA_MASK_ALL);
3454 3455 3456
	priv->status &= ~STATUS_INT_ENABLED;

	/* ack pending interrupts */
3457
	ipw_write32(priv, IPW_INTA_RW, IPW_INTA_MASK_ALL);
3458

3459 3460 3461
	ipw_stop_nic(priv);

	rc = ipw_reset_nic(priv);
3462
	if (rc < 0) {
3463 3464 3465 3466
		IPW_ERROR("Unable to reset NIC\n");
		goto error;
	}

3467 3468
	ipw_zero_memory(priv, IPW_NIC_SRAM_LOWER_BOUND,
			IPW_NIC_SRAM_UPPER_BOUND - IPW_NIC_SRAM_LOWER_BOUND);
3469 3470

	/* DMA the initial boot firmware into the device */
3471
	rc = ipw_load_firmware(priv, boot_img, le32_to_cpu(fw->boot_size));
3472
	if (rc < 0) {
3473
		IPW_ERROR("Unable to load boot firmware: %d\n", rc);
3474 3475 3476 3477 3478 3479
		goto error;
	}

	/* kick start the device */
	ipw_start_nic(priv);

3480
	/* wait for the device to finish its initial startup sequence */
3481 3482
	rc = ipw_poll_bit(priv, IPW_INTA_RW,
			  IPW_INTA_BIT_FW_INITIALIZATION_DONE, 500);
3483 3484 3485 3486 3487 3488
	if (rc < 0) {
		IPW_ERROR("device failed to boot initial fw image\n");
		goto error;
	}
	IPW_DEBUG_INFO("initial device response after %dms\n", rc);

3489
	/* ack fw init done interrupt */
3490
	ipw_write32(priv, IPW_INTA_RW, IPW_INTA_BIT_FW_INITIALIZATION_DONE);
3491 3492

	/* DMA the ucode into the device */
3493
	rc = ipw_load_ucode(priv, ucode_img, le32_to_cpu(fw->ucode_size));
3494
	if (rc < 0) {
3495
		IPW_ERROR("Unable to load ucode: %d\n", rc);
3496 3497
		goto error;
	}
3498

3499 3500 3501 3502
	/* stop nic */
	ipw_stop_nic(priv);

	/* DMA bss firmware into the device */
3503
	rc = ipw_load_firmware(priv, fw_img, le32_to_cpu(fw->fw_size));
3504
	if (rc < 0) {
3505
		IPW_ERROR("Unable to load firmware: %d\n", rc);
3506 3507
		goto error;
	}
3508 3509 3510 3511
#ifdef CONFIG_PM
	fw_loaded = 1;
#endif

3512 3513 3514
	ipw_write32(priv, IPW_EEPROM_LOAD_DISABLE, 0);

	rc = ipw_queue_reset(priv);
3515
	if (rc < 0) {
3516 3517 3518 3519 3520
		IPW_ERROR("Unable to initialize queues\n");
		goto error;
	}

	/* Ensure interrupts are disabled */
3521
	ipw_write32(priv, IPW_INTA_MASK_R, ~IPW_INTA_MASK_ALL);
3522
	/* ack pending interrupts */
3523
	ipw_write32(priv, IPW_INTA_RW, IPW_INTA_MASK_ALL);
3524

3525 3526 3527
	/* kick start the device */
	ipw_start_nic(priv);

3528
	if (ipw_read32(priv, IPW_INTA_RW) & IPW_INTA_BIT_PARITY_ERROR) {
3529 3530 3531 3532 3533 3534 3535 3536 3537 3538 3539 3540
		if (retries > 0) {
			IPW_WARNING("Parity error.  Retrying init.\n");
			retries--;
			goto retry;
		}

		IPW_ERROR("TODO: Handle parity error -- schedule restart?\n");
		rc = -EIO;
		goto error;
	}

	/* wait for the device */
3541 3542
	rc = ipw_poll_bit(priv, IPW_INTA_RW,
			  IPW_INTA_BIT_FW_INITIALIZATION_DONE, 500);
3543
	if (rc < 0) {
3544
		IPW_ERROR("device failed to start within 500ms\n");
3545 3546 3547 3548 3549
		goto error;
	}
	IPW_DEBUG_INFO("device response after %dms\n", rc);

	/* ack fw init done interrupt */
3550
	ipw_write32(priv, IPW_INTA_RW, IPW_INTA_BIT_FW_INITIALIZATION_DONE);
3551 3552 3553

	/* read eeprom data and initialize the eeprom region of sram */
	priv->eeprom_delay = 1;
3554
	ipw_eeprom_init_sram(priv);
3555 3556 3557 3558 3559 3560 3561

	/* enable interrupts */
	ipw_enable_interrupts(priv);

	/* Ensure our queue has valid packets */
	ipw_rx_queue_replenish(priv);

3562
	ipw_write32(priv, IPW_RX_READ_INDEX, priv->rxq->read);
3563 3564

	/* ack pending interrupts */
3565
	ipw_write32(priv, IPW_INTA_RW, IPW_INTA_MASK_ALL);
3566 3567

#ifndef CONFIG_PM
3568
	release_firmware(raw);
3569 3570 3571
#endif
	return 0;

3572
      error:
3573 3574 3575 3576 3577
	if (priv->rxq) {
		ipw_rx_queue_free(priv, priv->rxq);
		priv->rxq = NULL;
	}
	ipw_tx_queue_free(priv);
3578 3579
	if (raw)
		release_firmware(raw);
3580 3581
#ifdef CONFIG_PM
	fw_loaded = 0;
3582
	raw = NULL;
3583 3584 3585 3586 3587
#endif

	return rc;
}

3588
/**
3589 3590 3591 3592 3593 3594 3595 3596
 * DMA services
 *
 * Theory of operation
 *
 * A queue is a circular buffers with 'Read' and 'Write' pointers.
 * 2 empty entries always kept in the buffer to protect from overflow.
 *
 * For Tx queue, there are low mark and high mark limits. If, after queuing
3597 3598
 * the packet for Tx, free space become < low mark, Tx queue stopped. When
 * reclaiming packets (on 'tx done IRQ), if free space become > high mark,
3599 3600 3601 3602
 * Tx queue resumed.
 *
 * The IPW operates with six queues, one receive queue in the device's
 * sram, one transmit queue for sending commands to the device firmware,
3603
 * and four transmit queues for data.
3604
 *
3605
 * The four transmit queues allow for performing quality of service (qos)
3606
 * transmissions as per the 802.11 protocol.  Currently Linux does not
3607
 * provide a mechanism to the user for utilizing prioritized queues, so
3608 3609 3610 3611 3612 3613 3614 3615 3616 3617 3618 3619 3620 3621 3622 3623 3624 3625 3626 3627 3628 3629 3630 3631 3632
 * we only utilize the first data transmit queue (queue1).
 */

/**
 * Driver allocates buffers of this size for Rx
 */

static inline int ipw_queue_space(const struct clx2_queue *q)
{
	int s = q->last_used - q->first_empty;
	if (s <= 0)
		s += q->n_bd;
	s -= 2;			/* keep some reserve to not confuse empty and full situations */
	if (s < 0)
		s = 0;
	return s;
}

static inline int ipw_queue_inc_wrap(int index, int n_bd)
{
	return (++index == n_bd) ? 0 : index;
}

/**
 * Initialize common DMA queue structure
3633
 *
3634 3635 3636 3637 3638 3639 3640 3641 3642 3643 3644
 * @param q                queue to init
 * @param count            Number of BD's to allocate. Should be power of 2
 * @param read_register    Address for 'read' register
 *                         (not offset within BAR, full address)
 * @param write_register   Address for 'write' register
 *                         (not offset within BAR, full address)
 * @param base_register    Address for 'base' register
 *                         (not offset within BAR, full address)
 * @param size             Address for 'size' register
 *                         (not offset within BAR, full address)
 */
3645
static void ipw_queue_init(struct ipw_priv *priv, struct clx2_queue *q,
3646
			   int count, u32 read, u32 write, u32 base, u32 size)
3647 3648 3649 3650 3651 3652 3653 3654 3655 3656 3657 3658 3659 3660 3661 3662 3663 3664 3665 3666 3667 3668 3669
{
	q->n_bd = count;

	q->low_mark = q->n_bd / 4;
	if (q->low_mark < 4)
		q->low_mark = 4;

	q->high_mark = q->n_bd / 8;
	if (q->high_mark < 2)
		q->high_mark = 2;

	q->first_empty = q->last_used = 0;
	q->reg_r = read;
	q->reg_w = write;

	ipw_write32(priv, base, q->dma_addr);
	ipw_write32(priv, size, count);
	ipw_write32(priv, read, 0);
	ipw_write32(priv, write, 0);

	_ipw_read32(priv, 0x90);
}

3670
static int ipw_queue_tx_init(struct ipw_priv *priv,
3671
			     struct clx2_tx_queue *q,
3672
			     int count, u32 read, u32 write, u32 base, u32 size)
3673 3674 3675 3676 3677 3678 3679 3680 3681
{
	struct pci_dev *dev = priv->pci_dev;

	q->txb = kmalloc(sizeof(q->txb[0]) * count, GFP_KERNEL);
	if (!q->txb) {
		IPW_ERROR("vmalloc for auxilary BD structures failed\n");
		return -ENOMEM;
	}

3682 3683
	q->bd =
	    pci_alloc_consistent(dev, sizeof(q->bd[0]) * count, &q->q.dma_addr);
3684
	if (!q->bd) {
3685
		IPW_ERROR("pci_alloc_consistent(%zd) failed\n",
3686
			  sizeof(q->bd[0]) * count);
3687 3688 3689 3690 3691 3692 3693 3694 3695 3696 3697 3698
		kfree(q->txb);
		q->txb = NULL;
		return -ENOMEM;
	}

	ipw_queue_init(priv, &q->q, count, read, write, base, size);
	return 0;
}

/**
 * Free one TFD, those at index [txq->q.last_used].
 * Do NOT advance any indexes
3699
 *
3700 3701 3702 3703 3704 3705 3706 3707 3708
 * @param dev
 * @param txq
 */
static void ipw_queue_tx_free_tfd(struct ipw_priv *priv,
				  struct clx2_tx_queue *txq)
{
	struct tfd_frame *bd = &txq->bd[txq->q.last_used];
	struct pci_dev *dev = priv->pci_dev;
	int i;
3709

3710 3711 3712 3713 3714 3715
	/* classify bd */
	if (bd->control_flags.message_type == TX_HOST_COMMAND_TYPE)
		/* nothing to cleanup after for host commands */
		return;

	/* sanity check */
3716 3717 3718
	if (le32_to_cpu(bd->u.data.num_chunks) > NUM_TFD_CHUNKS) {
		IPW_ERROR("Too many chunks: %i\n",
			  le32_to_cpu(bd->u.data.num_chunks));
3719 3720 3721 3722 3723
		/** @todo issue fatal error, it is quite serious situation */
		return;
	}

	/* unmap chunks if any */
3724 3725 3726 3727
	for (i = 0; i < le32_to_cpu(bd->u.data.num_chunks); i++) {
		pci_unmap_single(dev, le32_to_cpu(bd->u.data.chunk_ptr[i]),
				 le16_to_cpu(bd->u.data.chunk_len[i]),
				 PCI_DMA_TODEVICE);
3728 3729 3730 3731 3732 3733 3734 3735 3736
		if (txq->txb[txq->q.last_used]) {
			ieee80211_txb_free(txq->txb[txq->q.last_used]);
			txq->txb[txq->q.last_used] = NULL;
		}
	}
}

/**
 * Deallocate DMA queue.
3737
 *
3738 3739
 * Empty queue by removing and destroying all BD's.
 * Free all buffers.
3740
 *
3741 3742 3743
 * @param dev
 * @param q
 */
3744
static void ipw_queue_tx_free(struct ipw_priv *priv, struct clx2_tx_queue *txq)
3745 3746 3747 3748
{
	struct clx2_queue *q = &txq->q;
	struct pci_dev *dev = priv->pci_dev;

3749 3750
	if (q->n_bd == 0)
		return;
3751 3752 3753 3754 3755 3756

	/* first, empty all BD's */
	for (; q->first_empty != q->last_used;
	     q->last_used = ipw_queue_inc_wrap(q->last_used, q->n_bd)) {
		ipw_queue_tx_free_tfd(priv, txq);
	}
3757

3758
	/* free buffers belonging to queue itself */
3759
	pci_free_consistent(dev, sizeof(txq->bd[0]) * q->n_bd, txq->bd,
3760 3761 3762 3763 3764 3765 3766 3767 3768
			    q->dma_addr);
	kfree(txq->txb);

	/* 0 fill whole structure */
	memset(txq, 0, sizeof(*txq));
}

/**
 * Destroy all DMA queues and structures
3769
 *
3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783
 * @param priv
 */
static void ipw_tx_queue_free(struct ipw_priv *priv)
{
	/* Tx CMD queue */
	ipw_queue_tx_free(priv, &priv->txq_cmd);

	/* Tx queues */
	ipw_queue_tx_free(priv, &priv->txq[0]);
	ipw_queue_tx_free(priv, &priv->txq[1]);
	ipw_queue_tx_free(priv, &priv->txq[2]);
	ipw_queue_tx_free(priv, &priv->txq[3]);
}

3784
static void ipw_create_bssid(struct ipw_priv *priv, u8 * bssid)
3785 3786 3787 3788 3789 3790 3791
{
	/* First 3 bytes are manufacturer */
	bssid[0] = priv->mac_addr[0];
	bssid[1] = priv->mac_addr[1];
	bssid[2] = priv->mac_addr[2];

	/* Last bytes are random */
3792
	get_random_bytes(&bssid[3], ETH_ALEN - 3);
3793

3794 3795
	bssid[0] &= 0xfe;	/* clear multicast bit */
	bssid[0] |= 0x02;	/* set local assignment bit (IEEE802) */
3796 3797
}

3798
static u8 ipw_add_station(struct ipw_priv *priv, u8 * bssid)
3799 3800 3801
{
	struct ipw_station_entry entry;
	int i;
3802
	DECLARE_MAC_BUF(mac);
3803 3804 3805 3806 3807 3808 3809 3810 3811 3812 3813 3814 3815 3816 3817 3818

	for (i = 0; i < priv->num_stations; i++) {
		if (!memcmp(priv->stations[i], bssid, ETH_ALEN)) {
			/* Another node is active in network */
			priv->missed_adhoc_beacons = 0;
			if (!(priv->config & CFG_STATIC_CHANNEL))
				/* when other nodes drop out, we drop out */
				priv->config &= ~CFG_ADHOC_PERSIST;

			return i;
		}
	}

	if (i == MAX_STATIONS)
		return IPW_INVALID_STATION;

3819
	IPW_DEBUG_SCAN("Adding AdHoc station: %s\n", print_mac(mac, bssid));
3820 3821 3822 3823 3824 3825

	entry.reserved = 0;
	entry.support_mode = 0;
	memcpy(entry.mac_addr, bssid, ETH_ALEN);
	memcpy(priv->stations[i], bssid, ETH_ALEN);
	ipw_write_direct(priv, IPW_STATION_TABLE_LOWER + i * sizeof(entry),
3826
			 &entry, sizeof(entry));
3827 3828 3829 3830 3831
	priv->num_stations++;

	return i;
}

3832
static u8 ipw_find_station(struct ipw_priv *priv, u8 * bssid)
3833 3834 3835
{
	int i;

3836 3837
	for (i = 0; i < priv->num_stations; i++)
		if (!memcmp(priv->stations[i], bssid, ETH_ALEN))
3838 3839 3840 3841 3842 3843 3844 3845
			return i;

	return IPW_INVALID_STATION;
}

static void ipw_send_disassociate(struct ipw_priv *priv, int quiet)
{
	int err;
3846
	DECLARE_MAC_BUF(mac);
3847

3848 3849 3850 3851 3852 3853 3854
	if (priv->status & STATUS_ASSOCIATING) {
		IPW_DEBUG_ASSOC("Disassociating while associating.\n");
		queue_work(priv->workqueue, &priv->disassociate);
		return;
	}

	if (!(priv->status & STATUS_ASSOCIATED)) {
3855 3856 3857 3858
		IPW_DEBUG_ASSOC("Disassociating while not associated.\n");
		return;
	}

3859
	IPW_DEBUG_ASSOC("Disassocation attempt from %s "
3860
			"on channel %d.\n",
3861
			print_mac(mac, priv->assoc_request.bssid),
3862 3863 3864 3865 3866 3867 3868 3869 3870
			priv->assoc_request.channel);

	priv->status &= ~(STATUS_ASSOCIATING | STATUS_ASSOCIATED);
	priv->status |= STATUS_DISASSOCIATING;

	if (quiet)
		priv->assoc_request.assoc_type = HC_DISASSOC_QUIET;
	else
		priv->assoc_request.assoc_type = HC_DISASSOCIATE;
3871

3872 3873 3874 3875 3876 3877 3878 3879 3880
	err = ipw_send_associate(priv, &priv->assoc_request);
	if (err) {
		IPW_DEBUG_HC("Attempt to send [dis]associate command "
			     "failed.\n");
		return;
	}

}

3881
static int ipw_disassociate(void *data)
3882
{
3883 3884 3885
	struct ipw_priv *priv = data;
	if (!(priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)))
		return 0;
3886
	ipw_send_disassociate(data, 0);
3887
	return 1;
3888 3889
}

3890
static void ipw_bg_disassociate(struct work_struct *work)
3891
{
3892 3893
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, disassociate);
3894
	mutex_lock(&priv->mutex);
3895
	ipw_disassociate(priv);
3896
	mutex_unlock(&priv->mutex);
3897 3898
}

3899
static void ipw_system_config(struct work_struct *work)
3900
{
3901 3902
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, system_config);
3903 3904 3905 3906 3907 3908 3909 3910 3911 3912 3913

#ifdef CONFIG_IPW2200_PROMISCUOUS
	if (priv->prom_net_dev && netif_running(priv->prom_net_dev)) {
		priv->sys_config.accept_all_data_frames = 1;
		priv->sys_config.accept_non_directed_frames = 1;
		priv->sys_config.accept_all_mgmt_bcpr = 1;
		priv->sys_config.accept_all_mgmt_frames = 1;
	}
#endif

	ipw_send_system_config(priv);
3914 3915 3916 3917 3918 3919 3920 3921 3922 3923 3924 3925 3926 3927 3928 3929
}

struct ipw_status_code {
	u16 status;
	const char *reason;
};

static const struct ipw_status_code ipw_status_codes[] = {
	{0x00, "Successful"},
	{0x01, "Unspecified failure"},
	{0x0A, "Cannot support all requested capabilities in the "
	 "Capability information field"},
	{0x0B, "Reassociation denied due to inability to confirm that "
	 "association exists"},
	{0x0C, "Association denied due to reason outside the scope of this "
	 "standard"},
3930 3931
	{0x0D,
	 "Responding station does not support the specified authentication "
3932
	 "algorithm"},
3933 3934
	{0x0E,
	 "Received an Authentication frame with authentication sequence "
3935 3936 3937 3938 3939 3940
	 "transaction sequence number out of expected sequence"},
	{0x0F, "Authentication rejected because of challenge failure"},
	{0x10, "Authentication rejected due to timeout waiting for next "
	 "frame in sequence"},
	{0x11, "Association denied because AP is unable to handle additional "
	 "associated stations"},
3941 3942
	{0x12,
	 "Association denied due to requesting station not supporting all "
3943
	 "of the datarates in the BSSBasicServiceSet Parameter"},
3944 3945
	{0x13,
	 "Association denied due to requesting station not supporting "
3946
	 "short preamble operation"},
3947 3948
	{0x14,
	 "Association denied due to requesting station not supporting "
3949
	 "PBCC encoding"},
3950 3951
	{0x15,
	 "Association denied due to requesting station not supporting "
3952
	 "channel agility"},
3953 3954
	{0x19,
	 "Association denied due to requesting station not supporting "
3955
	 "short slot operation"},
3956 3957
	{0x1A,
	 "Association denied due to requesting station not supporting "
3958 3959 3960 3961 3962 3963 3964 3965 3966 3967
	 "DSSS-OFDM operation"},
	{0x28, "Invalid Information Element"},
	{0x29, "Group Cipher is not valid"},
	{0x2A, "Pairwise Cipher is not valid"},
	{0x2B, "AKMP is not valid"},
	{0x2C, "Unsupported RSN IE version"},
	{0x2D, "Invalid RSN IE Capabilities"},
	{0x2E, "Cipher suite is rejected per security policy"},
};

3968
static const char *ipw_get_status_code(u16 status)
3969 3970
{
	int i;
3971
	for (i = 0; i < ARRAY_SIZE(ipw_status_codes); i++)
3972
		if (ipw_status_codes[i].status == (status & 0xff))
3973 3974 3975 3976 3977 3978 3979 3980 3981
			return ipw_status_codes[i].reason;
	return "Unknown status value.";
}

static void inline average_init(struct average *avg)
{
	memset(avg, 0, sizeof(*avg));
}

3982 3983 3984 3985 3986 3987 3988
#define DEPTH_RSSI 8
#define DEPTH_NOISE 16
static s16 exponential_average(s16 prev_avg, s16 val, u8 depth)
{
	return ((depth-1)*prev_avg +  val)/depth;
}

3989
static void average_add(struct average *avg, s16 val)
3990 3991 3992 3993 3994 3995 3996 3997 3998 3999
{
	avg->sum -= avg->entries[avg->pos];
	avg->sum += val;
	avg->entries[avg->pos++] = val;
	if (unlikely(avg->pos == AVG_ENTRIES)) {
		avg->init = 1;
		avg->pos = 0;
	}
}

4000
static s16 average_value(struct average *avg)
4001 4002 4003 4004 4005 4006 4007 4008 4009 4010 4011 4012 4013 4014 4015 4016 4017
{
	if (!unlikely(avg->init)) {
		if (avg->pos)
			return avg->sum / avg->pos;
		return 0;
	}

	return avg->sum / AVG_ENTRIES;
}

static void ipw_reset_stats(struct ipw_priv *priv)
{
	u32 len = sizeof(u32);

	priv->quality = 0;

	average_init(&priv->average_missed_beacons);
4018 4019
	priv->exp_avg_rssi = -60;
	priv->exp_avg_noise = -85 + 0x100;
4020 4021 4022 4023 4024 4025

	priv->last_rate = 0;
	priv->last_missed_beacons = 0;
	priv->last_rx_packets = 0;
	priv->last_tx_packets = 0;
	priv->last_tx_failures = 0;
4026

4027 4028
	/* Firmware managed, reset only when NIC is restarted, so we have to
	 * normalize on the current value */
4029
	ipw_get_ordinal(priv, IPW_ORD_STAT_RX_ERR_CRC,
4030
			&priv->last_rx_err, &len);
4031
	ipw_get_ordinal(priv, IPW_ORD_STAT_TX_FAILURE,
4032 4033 4034 4035 4036 4037 4038 4039 4040 4041
			&priv->last_tx_failures, &len);

	/* Driver managed, reset with each association */
	priv->missed_adhoc_beacons = 0;
	priv->missed_beacons = 0;
	priv->tx_packets = 0;
	priv->rx_packets = 0;

}

4042
static u32 ipw_get_max_rate(struct ipw_priv *priv)
4043 4044 4045 4046 4047 4048 4049 4050 4051 4052 4053
{
	u32 i = 0x80000000;
	u32 mask = priv->rates_mask;
	/* If currently associated in B mode, restrict the maximum
	 * rate match to B rates */
	if (priv->assoc_request.ieee_mode == IPW_B_MODE)
		mask &= IEEE80211_CCK_RATES_MASK;

	/* TODO: Verify that the rate is supported by the current rates
	 * list. */

4054 4055
	while (i && !(mask & i))
		i >>= 1;
4056
	switch (i) {
4057 4058 4059 4060 4061 4062 4063 4064 4065 4066 4067 4068 4069 4070 4071 4072 4073 4074 4075 4076 4077 4078 4079 4080
	case IEEE80211_CCK_RATE_1MB_MASK:
		return 1000000;
	case IEEE80211_CCK_RATE_2MB_MASK:
		return 2000000;
	case IEEE80211_CCK_RATE_5MB_MASK:
		return 5500000;
	case IEEE80211_OFDM_RATE_6MB_MASK:
		return 6000000;
	case IEEE80211_OFDM_RATE_9MB_MASK:
		return 9000000;
	case IEEE80211_CCK_RATE_11MB_MASK:
		return 11000000;
	case IEEE80211_OFDM_RATE_12MB_MASK:
		return 12000000;
	case IEEE80211_OFDM_RATE_18MB_MASK:
		return 18000000;
	case IEEE80211_OFDM_RATE_24MB_MASK:
		return 24000000;
	case IEEE80211_OFDM_RATE_36MB_MASK:
		return 36000000;
	case IEEE80211_OFDM_RATE_48MB_MASK:
		return 48000000;
	case IEEE80211_OFDM_RATE_54MB_MASK:
		return 54000000;
4081 4082
	}

4083
	if (priv->ieee->mode == IEEE_B)
4084 4085 4086 4087 4088 4089 4090 4091 4092 4093
		return 11000000;
	else
		return 54000000;
}

static u32 ipw_get_current_rate(struct ipw_priv *priv)
{
	u32 rate, len = sizeof(rate);
	int err;

4094
	if (!(priv->status & STATUS_ASSOCIATED))
4095 4096 4097
		return 0;

	if (priv->tx_packets > IPW_REAL_RATE_RX_PACKET_THRESHOLD) {
4098
		err = ipw_get_ordinal(priv, IPW_ORD_STAT_TX_CURR_RATE, &rate,
4099 4100 4101 4102 4103
				      &len);
		if (err) {
			IPW_DEBUG_INFO("failed querying ordinals.\n");
			return 0;
		}
4104
	} else
4105 4106 4107
		return ipw_get_max_rate(priv);

	switch (rate) {
4108 4109 4110 4111 4112 4113 4114 4115 4116 4117 4118 4119 4120 4121 4122 4123 4124 4125 4126 4127 4128 4129 4130 4131
	case IPW_TX_RATE_1MB:
		return 1000000;
	case IPW_TX_RATE_2MB:
		return 2000000;
	case IPW_TX_RATE_5MB:
		return 5500000;
	case IPW_TX_RATE_6MB:
		return 6000000;
	case IPW_TX_RATE_9MB:
		return 9000000;
	case IPW_TX_RATE_11MB:
		return 11000000;
	case IPW_TX_RATE_12MB:
		return 12000000;
	case IPW_TX_RATE_18MB:
		return 18000000;
	case IPW_TX_RATE_24MB:
		return 24000000;
	case IPW_TX_RATE_36MB:
		return 36000000;
	case IPW_TX_RATE_48MB:
		return 48000000;
	case IPW_TX_RATE_54MB:
		return 54000000;
4132 4133 4134 4135 4136 4137 4138 4139 4140 4141 4142 4143 4144 4145
	}

	return 0;
}

#define IPW_STATS_INTERVAL (2 * HZ)
static void ipw_gather_stats(struct ipw_priv *priv)
{
	u32 rx_err, rx_err_delta, rx_packets_delta;
	u32 tx_failures, tx_failures_delta, tx_packets_delta;
	u32 missed_beacons_percent, missed_beacons_delta;
	u32 quality = 0;
	u32 len = sizeof(u32);
	s16 rssi;
4146
	u32 beacon_quality, signal_quality, tx_quality, rx_quality,
4147
	    rate_quality;
4148
	u32 max_rate;
4149 4150 4151 4152 4153 4154 4155

	if (!(priv->status & STATUS_ASSOCIATED)) {
		priv->quality = 0;
		return;
	}

	/* Update the statistics */
4156
	ipw_get_ordinal(priv, IPW_ORD_STAT_MISSED_BEACONS,
4157
			&priv->missed_beacons, &len);
4158
	missed_beacons_delta = priv->missed_beacons - priv->last_missed_beacons;
4159 4160 4161
	priv->last_missed_beacons = priv->missed_beacons;
	if (priv->assoc_request.beacon_interval) {
		missed_beacons_percent = missed_beacons_delta *
4162 4163
		    (HZ * priv->assoc_request.beacon_interval) /
		    (IPW_STATS_INTERVAL * 10);
4164 4165 4166 4167 4168 4169 4170 4171 4172 4173 4174 4175 4176 4177 4178 4179 4180 4181 4182 4183
	} else {
		missed_beacons_percent = 0;
	}
	average_add(&priv->average_missed_beacons, missed_beacons_percent);

	ipw_get_ordinal(priv, IPW_ORD_STAT_RX_ERR_CRC, &rx_err, &len);
	rx_err_delta = rx_err - priv->last_rx_err;
	priv->last_rx_err = rx_err;

	ipw_get_ordinal(priv, IPW_ORD_STAT_TX_FAILURE, &tx_failures, &len);
	tx_failures_delta = tx_failures - priv->last_tx_failures;
	priv->last_tx_failures = tx_failures;

	rx_packets_delta = priv->rx_packets - priv->last_rx_packets;
	priv->last_rx_packets = priv->rx_packets;

	tx_packets_delta = priv->tx_packets - priv->last_tx_packets;
	priv->last_tx_packets = priv->tx_packets;

	/* Calculate quality based on the following:
4184
	 *
4185 4186 4187 4188 4189
	 * Missed beacon: 100% = 0, 0% = 70% missed
	 * Rate: 60% = 1Mbs, 100% = Max
	 * Rx and Tx errors represent a straight % of total Rx/Tx
	 * RSSI: 100% = > -50,  0% = < -80
	 * Rx errors: 100% = 0, 0% = 50% missed
4190
	 *
4191 4192 4193 4194 4195 4196 4197 4198
	 * The lowest computed quality is used.
	 *
	 */
#define BEACON_THRESHOLD 5
	beacon_quality = 100 - missed_beacons_percent;
	if (beacon_quality < BEACON_THRESHOLD)
		beacon_quality = 0;
	else
4199
		beacon_quality = (beacon_quality - BEACON_THRESHOLD) * 100 /
4200
		    (100 - BEACON_THRESHOLD);
4201
	IPW_DEBUG_STATS("Missed beacon: %3d%% (%d%%)\n",
4202
			beacon_quality, missed_beacons_percent);
4203

4204
	priv->last_rate = ipw_get_current_rate(priv);
4205 4206
	max_rate = ipw_get_max_rate(priv);
	rate_quality = priv->last_rate * 40 / max_rate + 60;
4207 4208
	IPW_DEBUG_STATS("Rate quality : %3d%% (%dMbs)\n",
			rate_quality, priv->last_rate / 1000000);
4209

4210
	if (rx_packets_delta > 100 && rx_packets_delta + rx_err_delta)
4211
		rx_quality = 100 - (rx_err_delta * 100) /
4212
		    (rx_packets_delta + rx_err_delta);
4213 4214 4215 4216
	else
		rx_quality = 100;
	IPW_DEBUG_STATS("Rx quality   : %3d%% (%u errors, %u packets)\n",
			rx_quality, rx_err_delta, rx_packets_delta);
4217

4218
	if (tx_packets_delta > 100 && tx_packets_delta + tx_failures_delta)
4219
		tx_quality = 100 - (tx_failures_delta * 100) /
4220
		    (tx_packets_delta + tx_failures_delta);
4221 4222 4223 4224
	else
		tx_quality = 100;
	IPW_DEBUG_STATS("Tx quality   : %3d%% (%u errors, %u packets)\n",
			tx_quality, tx_failures_delta, tx_packets_delta);
4225

4226
	rssi = priv->exp_avg_rssi;
4227 4228 4229 4230 4231 4232 4233 4234 4235 4236
	signal_quality =
	    (100 *
	     (priv->ieee->perfect_rssi - priv->ieee->worst_rssi) *
	     (priv->ieee->perfect_rssi - priv->ieee->worst_rssi) -
	     (priv->ieee->perfect_rssi - rssi) *
	     (15 * (priv->ieee->perfect_rssi - priv->ieee->worst_rssi) +
	      62 * (priv->ieee->perfect_rssi - rssi))) /
	    ((priv->ieee->perfect_rssi - priv->ieee->worst_rssi) *
	     (priv->ieee->perfect_rssi - priv->ieee->worst_rssi));
	if (signal_quality > 100)
4237
		signal_quality = 100;
4238
	else if (signal_quality < 1)
4239
		signal_quality = 0;
4240

4241
	IPW_DEBUG_STATS("Signal level : %3d%% (%d dBm)\n",
4242
			signal_quality, rssi);
4243 4244

	quality = min(beacon_quality,
4245 4246 4247
		      min(rate_quality,
			  min(tx_quality, min(rx_quality, signal_quality))));
	if (quality == beacon_quality)
4248 4249
		IPW_DEBUG_STATS("Quality (%d%%): Clamped to missed beacons.\n",
				quality);
4250
	if (quality == rate_quality)
4251 4252
		IPW_DEBUG_STATS("Quality (%d%%): Clamped to rate quality.\n",
				quality);
4253
	if (quality == tx_quality)
4254 4255
		IPW_DEBUG_STATS("Quality (%d%%): Clamped to Tx quality.\n",
				quality);
4256
	if (quality == rx_quality)
4257 4258
		IPW_DEBUG_STATS("Quality (%d%%): Clamped to Rx quality.\n",
				quality);
4259
	if (quality == signal_quality)
4260 4261
		IPW_DEBUG_STATS("Quality (%d%%): Clamped to signal quality.\n",
				quality);
4262 4263

	priv->quality = quality;
4264 4265

	queue_delayed_work(priv->workqueue, &priv->gather_stats,
4266 4267 4268
			   IPW_STATS_INTERVAL);
}

4269
static void ipw_bg_gather_stats(struct work_struct *work)
4270
{
4271 4272
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, gather_stats.work);
4273
	mutex_lock(&priv->mutex);
4274
	ipw_gather_stats(priv);
4275
	mutex_unlock(&priv->mutex);
4276 4277
}

4278 4279 4280 4281 4282
/* Missed beacon behavior:
 * 1st missed -> roaming_threshold, just wait, don't do any scan/roam.
 * roaming_threshold -> disassociate_threshold, scan and roam for better signal.
 * Above disassociate threshold, give up and stop scanning.
 * Roaming is disabled if disassociate_threshold <= roaming_threshold  */
4283
static void ipw_handle_missed_beacon(struct ipw_priv *priv,
4284 4285 4286 4287
					    int missed_count)
{
	priv->notif_missed_beacons = missed_count;

4288
	if (missed_count > priv->disassociate_threshold &&
4289 4290 4291 4292 4293
	    priv->status & STATUS_ASSOCIATED) {
		/* If associated and we've hit the missed
		 * beacon threshold, disassociate, turn
		 * off roaming, and abort any active scans */
		IPW_DEBUG(IPW_DL_INFO | IPW_DL_NOTIF |
4294
			  IPW_DL_STATE | IPW_DL_ASSOC,
4295 4296
			  "Missed beacon: %d - disassociate\n", missed_count);
		priv->status &= ~STATUS_ROAMING;
4297 4298 4299 4300
		if (priv->status & STATUS_SCANNING) {
			IPW_DEBUG(IPW_DL_INFO | IPW_DL_NOTIF |
				  IPW_DL_STATE,
				  "Aborting scan with missed beacon.\n");
4301
			queue_work(priv->workqueue, &priv->abort_scan);
4302 4303
		}

4304 4305 4306 4307 4308 4309 4310 4311 4312 4313 4314 4315 4316
		queue_work(priv->workqueue, &priv->disassociate);
		return;
	}

	if (priv->status & STATUS_ROAMING) {
		/* If we are currently roaming, then just
		 * print a debug statement... */
		IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE,
			  "Missed beacon: %d - roam in progress\n",
			  missed_count);
		return;
	}

4317 4318 4319
	if (roaming &&
	    (missed_count > priv->roaming_threshold &&
	     missed_count <= priv->disassociate_threshold)) {
4320
		/* If we are not already roaming, set the ROAM
4321 4322 4323
		 * bit in the status and kick off a scan.
		 * This can happen several times before we reach
		 * disassociate_threshold. */
4324 4325 4326 4327 4328 4329
		IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE,
			  "Missed beacon: %d - initiate "
			  "roaming\n", missed_count);
		if (!(priv->status & STATUS_ROAMING)) {
			priv->status |= STATUS_ROAMING;
			if (!(priv->status & STATUS_SCANNING))
4330 4331
				queue_delayed_work(priv->workqueue,
						   &priv->request_scan, 0);
4332 4333 4334 4335 4336 4337 4338 4339 4340
		}
		return;
	}

	if (priv->status & STATUS_SCANNING) {
		/* Stop scan to keep fw from getting
		 * stuck (only if we aren't roaming --
		 * otherwise we'll never scan more than 2 or 3
		 * channels..) */
4341 4342
		IPW_DEBUG(IPW_DL_INFO | IPW_DL_NOTIF | IPW_DL_STATE,
			  "Aborting scan with missed beacon.\n");
4343 4344 4345 4346 4347 4348
		queue_work(priv->workqueue, &priv->abort_scan);
	}

	IPW_DEBUG_NOTIF("Missed beacon: %d\n", missed_count);
}

4349 4350 4351 4352 4353 4354 4355 4356 4357 4358 4359 4360 4361 4362 4363 4364 4365 4366 4367 4368 4369 4370 4371 4372 4373 4374 4375 4376 4377 4378 4379
static void ipw_scan_event(struct work_struct *work)
{
	union iwreq_data wrqu;

	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, scan_event.work);

	wrqu.data.length = 0;
	wrqu.data.flags = 0;
	wireless_send_event(priv->net_dev, SIOCGIWSCAN, &wrqu, NULL);
}

static void handle_scan_event(struct ipw_priv *priv)
{
	/* Only userspace-requested scan completion events go out immediately */
	if (!priv->user_requested_scan) {
		if (!delayed_work_pending(&priv->scan_event))
			queue_delayed_work(priv->workqueue, &priv->scan_event,
					 round_jiffies(msecs_to_jiffies(4000)));
	} else {
		union iwreq_data wrqu;

		priv->user_requested_scan = 0;
		cancel_delayed_work(&priv->scan_event);

		wrqu.data.length = 0;
		wrqu.data.flags = 0;
		wireless_send_event(priv->net_dev, SIOCGIWSCAN, &wrqu, NULL);
	}
}

4380 4381 4382 4383
/**
 * Handle host notification packet.
 * Called from interrupt routine
 */
4384
static void ipw_rx_notification(struct ipw_priv *priv,
4385 4386
				       struct ipw_rx_notification *notif)
{
4387
	DECLARE_MAC_BUF(mac);
4388 4389
	notif->size = le16_to_cpu(notif->size);

4390
	IPW_DEBUG_NOTIF("type = %i (%d bytes)\n", notif->subtype, notif->size);
4391

4392
	switch (notif->subtype) {
4393 4394 4395 4396 4397 4398 4399
	case HOST_NOTIFICATION_STATUS_ASSOCIATED:{
			struct notif_association *assoc = &notif->u.assoc;

			switch (assoc->state) {
			case CMAS_ASSOCIATED:{
					IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
						  IPW_DL_ASSOC,
4400
						  "associated: '%s' %s"
4401 4402 4403
						  " \n",
						  escape_essid(priv->essid,
							       priv->essid_len),
4404
						  print_mac(mac, priv->bssid));
4405 4406 4407 4408 4409 4410 4411 4412 4413 4414 4415 4416 4417 4418 4419 4420 4421 4422 4423 4424 4425 4426 4427 4428 4429 4430 4431 4432

					switch (priv->ieee->iw_mode) {
					case IW_MODE_INFRA:
						memcpy(priv->ieee->bssid,
						       priv->bssid, ETH_ALEN);
						break;

					case IW_MODE_ADHOC:
						memcpy(priv->ieee->bssid,
						       priv->bssid, ETH_ALEN);

						/* clear out the station table */
						priv->num_stations = 0;

						IPW_DEBUG_ASSOC
						    ("queueing adhoc check\n");
						queue_delayed_work(priv->
								   workqueue,
								   &priv->
								   adhoc_check,
								   priv->
								   assoc_request.
								   beacon_interval);
						break;
					}

					priv->status &= ~STATUS_ASSOCIATING;
					priv->status |= STATUS_ASSOCIATED;
4433 4434
					queue_work(priv->workqueue,
						   &priv->system_config);
4435

4436
#ifdef CONFIG_IPW2200_QOS
4437 4438 4439 4440 4441
#define IPW_GET_PACKET_STYPE(x) WLAN_FC_GET_STYPE( \
			 le16_to_cpu(((struct ieee80211_hdr *)(x))->frame_ctl))
					if ((priv->status & STATUS_AUTH) &&
					    (IPW_GET_PACKET_STYPE(&notif->u.raw)
					     == IEEE80211_STYPE_ASSOC_RESP)) {
4442 4443
						if ((sizeof
						     (struct
4444
						      ieee80211_assoc_response)
4445 4446 4447 4448 4449 4450 4451 4452 4453 4454 4455 4456 4457 4458 4459 4460 4461
						     <= notif->size)
						    && (notif->size <= 2314)) {
							struct
							ieee80211_rx_stats
							    stats = {
								.len =
								    notif->
								    size - 1,
							};

							IPW_DEBUG_QOS
							    ("QoS Associate "
							     "size %d\n",
							     notif->size);
							ieee80211_rx_mgt(priv->
									 ieee,
									 (struct
4462
									  ieee80211_hdr_4addr
4463 4464 4465
									  *)
									 &notif->u.raw, &stats);
						}
4466
					}
4467
#endif
4468

4469
					schedule_work(&priv->link_up);
4470

4471 4472
					break;
				}
4473

4474 4475 4476 4477 4478 4479 4480 4481 4482 4483
			case CMAS_AUTHENTICATED:{
					if (priv->
					    status & (STATUS_ASSOCIATED |
						      STATUS_AUTH)) {
						struct notif_authenticate *auth
						    = &notif->u.auth;
						IPW_DEBUG(IPW_DL_NOTIF |
							  IPW_DL_STATE |
							  IPW_DL_ASSOC,
							  "deauthenticated: '%s' "
4484
							  "%s"
4485 4486 4487 4488 4489
							  ": (0x%04X) - %s \n",
							  escape_essid(priv->
								       essid,
								       priv->
								       essid_len),
4490
							  print_mac(mac, priv->bssid),
4491 4492 4493 4494
							  ntohs(auth->status),
							  ipw_get_status_code
							  (ntohs
							   (auth->status)));
4495

4496 4497 4498 4499 4500
						priv->status &=
						    ~(STATUS_ASSOCIATING |
						      STATUS_AUTH |
						      STATUS_ASSOCIATED);

4501
						schedule_work(&priv->link_down);
4502 4503 4504 4505 4506
						break;
					}

					IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
						  IPW_DL_ASSOC,
4507
						  "authenticated: '%s' %s"
4508 4509 4510
						  "\n",
						  escape_essid(priv->essid,
							       priv->essid_len),
4511
						  print_mac(mac, priv->bssid));
4512 4513 4514 4515
					break;
				}

			case CMAS_INIT:{
4516 4517 4518 4519 4520 4521 4522 4523 4524 4525 4526 4527 4528 4529 4530 4531 4532 4533
					if (priv->status & STATUS_AUTH) {
						struct
						    ieee80211_assoc_response
						*resp;
						resp =
						    (struct
						     ieee80211_assoc_response
						     *)&notif->u.raw;
						IPW_DEBUG(IPW_DL_NOTIF |
							  IPW_DL_STATE |
							  IPW_DL_ASSOC,
							  "association failed (0x%04X): %s\n",
							  ntohs(resp->status),
							  ipw_get_status_code
							  (ntohs
							   (resp->status)));
					}

4534 4535
					IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
						  IPW_DL_ASSOC,
4536
						  "disassociated: '%s' %s"
4537 4538 4539
						  " \n",
						  escape_essid(priv->essid,
							       priv->essid_len),
4540
						  print_mac(mac, priv->bssid));
4541 4542 4543 4544 4545

					priv->status &=
					    ~(STATUS_DISASSOCIATING |
					      STATUS_ASSOCIATING |
					      STATUS_ASSOCIATED | STATUS_AUTH);
4546 4547 4548 4549 4550 4551
					if (priv->assoc_network
					    && (priv->assoc_network->
						capability &
						WLAN_CAPABILITY_IBSS))
						ipw_remove_current_network
						    (priv);
4552

4553
					schedule_work(&priv->link_down);
4554 4555 4556

					break;
				}
4557

4558 4559 4560
			case CMAS_RX_ASSOC_RESP:
				break;

4561 4562 4563
			default:
				IPW_ERROR("assoc: unknown (%d)\n",
					  assoc->state);
4564
				break;
4565
			}
4566 4567 4568

			break;
		}
4569

4570 4571 4572 4573 4574
	case HOST_NOTIFICATION_STATUS_AUTHENTICATE:{
			struct notif_authenticate *auth = &notif->u.auth;
			switch (auth->state) {
			case CMAS_AUTHENTICATED:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE,
4575
					  "authenticated: '%s' %s \n",
4576 4577
					  escape_essid(priv->essid,
						       priv->essid_len),
4578
					  print_mac(mac, priv->bssid));
4579 4580
				priv->status |= STATUS_AUTH;
				break;
4581

4582 4583 4584 4585 4586 4587 4588 4589 4590 4591 4592 4593
			case CMAS_INIT:
				if (priv->status & STATUS_AUTH) {
					IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
						  IPW_DL_ASSOC,
						  "authentication failed (0x%04X): %s\n",
						  ntohs(auth->status),
						  ipw_get_status_code(ntohs
								      (auth->
								       status)));
				}
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC,
4594
					  "deauthenticated: '%s' %s\n",
4595 4596
					  escape_essid(priv->essid,
						       priv->essid_len),
4597
					  print_mac(mac, priv->bssid));
4598

4599 4600 4601
				priv->status &= ~(STATUS_ASSOCIATING |
						  STATUS_AUTH |
						  STATUS_ASSOCIATED);
4602

4603
				schedule_work(&priv->link_down);
4604
				break;
4605

4606 4607 4608 4609 4610 4611 4612 4613 4614 4615 4616 4617 4618 4619 4620 4621 4622 4623 4624 4625 4626 4627 4628 4629 4630 4631 4632 4633 4634 4635 4636 4637 4638 4639 4640 4641 4642 4643 4644
			case CMAS_TX_AUTH_SEQ_1:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "AUTH_SEQ_1\n");
				break;
			case CMAS_RX_AUTH_SEQ_2:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "AUTH_SEQ_2\n");
				break;
			case CMAS_AUTH_SEQ_1_PASS:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "AUTH_SEQ_1_PASS\n");
				break;
			case CMAS_AUTH_SEQ_1_FAIL:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "AUTH_SEQ_1_FAIL\n");
				break;
			case CMAS_TX_AUTH_SEQ_3:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "AUTH_SEQ_3\n");
				break;
			case CMAS_RX_AUTH_SEQ_4:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "RX_AUTH_SEQ_4\n");
				break;
			case CMAS_AUTH_SEQ_2_PASS:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "AUTH_SEQ_2_PASS\n");
				break;
			case CMAS_AUTH_SEQ_2_FAIL:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "AUT_SEQ_2_FAIL\n");
				break;
			case CMAS_TX_ASSOC:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "TX_ASSOC\n");
				break;
			case CMAS_RX_ASSOC_RESP:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "RX_ASSOC_RESP\n");
4645

4646 4647 4648 4649 4650 4651 4652 4653 4654
				break;
			case CMAS_ASSOCIATED:
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
					  IPW_DL_ASSOC, "ASSOCIATED\n");
				break;
			default:
				IPW_DEBUG_NOTIF("auth: failure - %d\n",
						auth->state);
				break;
4655 4656 4657 4658
			}
			break;
		}

4659 4660 4661
	case HOST_NOTIFICATION_STATUS_SCAN_CHANNEL_RESULT:{
			struct notif_channel_result *x =
			    &notif->u.channel_result;
4662

4663 4664 4665 4666 4667 4668 4669
			if (notif->size == sizeof(*x)) {
				IPW_DEBUG_SCAN("Scan result for channel %d\n",
					       x->channel_num);
			} else {
				IPW_DEBUG_SCAN("Scan result of wrong size %d "
					       "(should be %zd)\n",
					       notif->size, sizeof(*x));
4670
			}
4671 4672 4673
			break;
		}

4674 4675 4676 4677 4678 4679 4680 4681 4682 4683 4684 4685
	case HOST_NOTIFICATION_STATUS_SCAN_COMPLETED:{
			struct notif_scan_complete *x = &notif->u.scan_complete;
			if (notif->size == sizeof(*x)) {
				IPW_DEBUG_SCAN
				    ("Scan completed: type %d, %d channels, "
				     "%d status\n", x->scan_type,
				     x->num_channels, x->status);
			} else {
				IPW_ERROR("Scan completed of wrong size %d "
					  "(should be %zd)\n",
					  notif->size, sizeof(*x));
			}
4686

4687 4688 4689
			priv->status &=
			    ~(STATUS_SCANNING | STATUS_SCAN_ABORTING);

4690
			wake_up_interruptible(&priv->wait_state);
4691 4692
			cancel_delayed_work(&priv->scan_check);

4693 4694 4695 4696 4697 4698 4699
			if (priv->status & STATUS_EXIT_PENDING)
				break;

			priv->ieee->scans++;

#ifdef CONFIG_IPW2200_MONITOR
			if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
4700
				priv->status |= STATUS_SCAN_FORCED;
4701 4702
				queue_delayed_work(priv->workqueue,
						   &priv->request_scan, 0);
4703 4704
				break;
			}
4705
			priv->status &= ~STATUS_SCAN_FORCED;
4706 4707
#endif				/* CONFIG_IPW2200_MONITOR */

4708 4709 4710 4711 4712 4713
			if (!(priv->status & (STATUS_ASSOCIATED |
					      STATUS_ASSOCIATING |
					      STATUS_ROAMING |
					      STATUS_DISASSOCIATING)))
				queue_work(priv->workqueue, &priv->associate);
			else if (priv->status & STATUS_ROAMING) {
4714 4715 4716 4717 4718 4719 4720 4721 4722 4723
				if (x->status == SCAN_COMPLETED_STATUS_COMPLETE)
					/* If a scan completed and we are in roam mode, then
					 * the scan that completed was the one requested as a
					 * result of entering roam... so, schedule the
					 * roam work */
					queue_work(priv->workqueue,
						   &priv->roam);
				else
					/* Don't schedule if we aborted the scan */
					priv->status &= ~STATUS_ROAMING;
4724
			} else if (priv->status & STATUS_SCAN_PENDING)
4725 4726
				queue_delayed_work(priv->workqueue,
						   &priv->request_scan, 0);
4727 4728 4729
			else if (priv->config & CFG_BACKGROUND_SCAN
				 && priv->status & STATUS_ASSOCIATED)
				queue_delayed_work(priv->workqueue,
4730 4731
						   &priv->request_scan,
						   round_jiffies(HZ));
4732 4733 4734 4735 4736 4737 4738 4739 4740 4741

			/* Send an empty event to user space.
			 * We don't send the received data on the event because
			 * it would require us to do complex transcoding, and
			 * we want to minimise the work done in the irq handler
			 * Use a request to extract the data.
			 * Also, we generate this even for any scan, regardless
			 * on how the scan was initiated. User space can just
			 * sync on periodic scan to get fresh data...
			 * Jean II */
4742 4743
			if (x->status == SCAN_COMPLETED_STATUS_COMPLETE)
				handle_scan_event(priv);
4744
			break;
4745 4746
		}

4747 4748
	case HOST_NOTIFICATION_STATUS_FRAG_LENGTH:{
			struct notif_frag_length *x = &notif->u.frag_len;
4749

4750 4751 4752 4753
			if (notif->size == sizeof(*x))
				IPW_ERROR("Frag length: %d\n",
					  le16_to_cpu(x->frag_length));
			else
4754 4755 4756 4757
				IPW_ERROR("Frag length of wrong size %d "
					  "(should be %zd)\n",
					  notif->size, sizeof(*x));
			break;
4758 4759
		}

4760 4761 4762
	case HOST_NOTIFICATION_STATUS_LINK_DETERIORATION:{
			struct notif_link_deterioration *x =
			    &notif->u.link_deterioration;
4763

4764 4765
			if (notif->size == sizeof(*x)) {
				IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE,
4766 4767 4768
					"link deterioration: type %d, cnt %d\n",
					x->silence_notification_type,
					x->silence_count);
4769 4770 4771 4772 4773 4774 4775
				memcpy(&priv->last_link_deterioration, x,
				       sizeof(*x));
			} else {
				IPW_ERROR("Link Deterioration of wrong size %d "
					  "(should be %zd)\n",
					  notif->size, sizeof(*x));
			}
4776 4777 4778
			break;
		}

4779 4780 4781
	case HOST_NOTIFICATION_DINO_CONFIG_RESPONSE:{
			IPW_ERROR("Dino config\n");
			if (priv->hcmd
4782
			    && priv->hcmd->cmd != HOST_CMD_DINO_CONFIG)
4783
				IPW_ERROR("Unexpected DINO_CONFIG_RESPONSE\n");
4784

4785 4786
			break;
		}
4787

4788 4789 4790 4791 4792 4793 4794
	case HOST_NOTIFICATION_STATUS_BEACON_STATE:{
			struct notif_beacon_state *x = &notif->u.beacon_state;
			if (notif->size != sizeof(*x)) {
				IPW_ERROR
				    ("Beacon state of wrong size %d (should "
				     "be %zd)\n", notif->size, sizeof(*x));
				break;
4795 4796
			}

4797 4798 4799 4800 4801
			if (le32_to_cpu(x->state) ==
			    HOST_NOTIFICATION_STATUS_BEACON_MISSING)
				ipw_handle_missed_beacon(priv,
							 le32_to_cpu(x->
								     number));
4802

4803 4804
			break;
		}
4805

4806 4807 4808 4809 4810 4811 4812 4813 4814
	case HOST_NOTIFICATION_STATUS_TGI_TX_KEY:{
			struct notif_tgi_tx_key *x = &notif->u.tgi_tx_key;
			if (notif->size == sizeof(*x)) {
				IPW_ERROR("TGi Tx Key: state 0x%02x sec type "
					  "0x%02x station %d\n",
					  x->key_state, x->security_type,
					  x->station_index);
				break;
			}
4815

4816 4817 4818
			IPW_ERROR
			    ("TGi Tx Key of wrong size %d (should be %zd)\n",
			     notif->size, sizeof(*x));
4819
			break;
4820
		}
4821

4822 4823
	case HOST_NOTIFICATION_CALIB_KEEP_RESULTS:{
			struct notif_calibration *x = &notif->u.calibration;
4824

4825 4826 4827 4828 4829
			if (notif->size == sizeof(*x)) {
				memcpy(&priv->calib, x, sizeof(*x));
				IPW_DEBUG_INFO("TODO: Calibration\n");
				break;
			}
4830

4831 4832 4833
			IPW_ERROR
			    ("Calibration of wrong size %d (should be %zd)\n",
			     notif->size, sizeof(*x));
4834
			break;
4835 4836
		}

4837 4838
	case HOST_NOTIFICATION_NOISE_STATS:{
			if (notif->size == sizeof(u32)) {
4839 4840 4841 4842
				priv->exp_avg_noise =
				    exponential_average(priv->exp_avg_noise,
				    (u8) (le32_to_cpu(notif->u.noise.value) & 0xff),
				    DEPTH_NOISE);
4843 4844
				break;
			}
4845

4846 4847 4848
			IPW_ERROR
			    ("Noise stat is wrong size %d (should be %zd)\n",
			     notif->size, sizeof(u32));
4849 4850 4851 4852
			break;
		}

	default:
4853 4854 4855
		IPW_DEBUG_NOTIF("Unknown notification: "
				"subtype=%d,flags=0x%2x,size=%d\n",
				notif->subtype, notif->flags, notif->size);
4856 4857 4858 4859 4860
	}
}

/**
 * Destroys all DMA structures and initialise them again
4861
 *
4862 4863 4864 4865 4866 4867 4868 4869 4870 4871 4872
 * @param priv
 * @return error code
 */
static int ipw_queue_reset(struct ipw_priv *priv)
{
	int rc = 0;
	/** @todo customize queue sizes */
	int nTx = 64, nTxCmd = 8;
	ipw_tx_queue_free(priv);
	/* Tx CMD queue */
	rc = ipw_queue_tx_init(priv, &priv->txq_cmd, nTxCmd,
4873 4874 4875 4876
			       IPW_TX_CMD_QUEUE_READ_INDEX,
			       IPW_TX_CMD_QUEUE_WRITE_INDEX,
			       IPW_TX_CMD_QUEUE_BD_BASE,
			       IPW_TX_CMD_QUEUE_BD_SIZE);
4877 4878 4879 4880 4881 4882
	if (rc) {
		IPW_ERROR("Tx Cmd queue init failed\n");
		goto error;
	}
	/* Tx queue(s) */
	rc = ipw_queue_tx_init(priv, &priv->txq[0], nTx,
4883 4884 4885
			       IPW_TX_QUEUE_0_READ_INDEX,
			       IPW_TX_QUEUE_0_WRITE_INDEX,
			       IPW_TX_QUEUE_0_BD_BASE, IPW_TX_QUEUE_0_BD_SIZE);
4886 4887 4888 4889 4890
	if (rc) {
		IPW_ERROR("Tx 0 queue init failed\n");
		goto error;
	}
	rc = ipw_queue_tx_init(priv, &priv->txq[1], nTx,
4891 4892 4893
			       IPW_TX_QUEUE_1_READ_INDEX,
			       IPW_TX_QUEUE_1_WRITE_INDEX,
			       IPW_TX_QUEUE_1_BD_BASE, IPW_TX_QUEUE_1_BD_SIZE);
4894 4895 4896 4897 4898
	if (rc) {
		IPW_ERROR("Tx 1 queue init failed\n");
		goto error;
	}
	rc = ipw_queue_tx_init(priv, &priv->txq[2], nTx,
4899 4900 4901
			       IPW_TX_QUEUE_2_READ_INDEX,
			       IPW_TX_QUEUE_2_WRITE_INDEX,
			       IPW_TX_QUEUE_2_BD_BASE, IPW_TX_QUEUE_2_BD_SIZE);
4902 4903 4904 4905 4906
	if (rc) {
		IPW_ERROR("Tx 2 queue init failed\n");
		goto error;
	}
	rc = ipw_queue_tx_init(priv, &priv->txq[3], nTx,
4907 4908 4909
			       IPW_TX_QUEUE_3_READ_INDEX,
			       IPW_TX_QUEUE_3_WRITE_INDEX,
			       IPW_TX_QUEUE_3_BD_BASE, IPW_TX_QUEUE_3_BD_SIZE);
4910 4911 4912 4913 4914 4915 4916 4917 4918
	if (rc) {
		IPW_ERROR("Tx 3 queue init failed\n");
		goto error;
	}
	/* statistics */
	priv->rx_bufs_min = 0;
	priv->rx_pend_max = 0;
	return rc;

4919
      error:
4920 4921 4922 4923 4924 4925
	ipw_tx_queue_free(priv);
	return rc;
}

/**
 * Reclaim Tx queue entries no more used by NIC.
4926
 *
4927 4928 4929
 * When FW adwances 'R' index, all entries between old and
 * new 'R' index need to be reclaimed. As result, some free space
 * forms. If there is enough free space (> low mark), wake Tx queue.
4930
 *
4931 4932 4933 4934 4935 4936
 * @note Need to protect against garbage in 'R' index
 * @param priv
 * @param txq
 * @param qindex
 * @return Number of used entries remains in the queue
 */
4937
static int ipw_queue_tx_reclaim(struct ipw_priv *priv,
4938 4939 4940 4941 4942 4943 4944 4945 4946
				struct clx2_tx_queue *txq, int qindex)
{
	u32 hw_tail;
	int used;
	struct clx2_queue *q = &txq->q;

	hw_tail = ipw_read32(priv, q->reg_r);
	if (hw_tail >= q->n_bd) {
		IPW_ERROR
4947 4948
		    ("Read index for DMA queue (%d) is out of range [0-%d)\n",
		     hw_tail, q->n_bd);
4949 4950 4951 4952 4953 4954 4955
		goto done;
	}
	for (; q->last_used != hw_tail;
	     q->last_used = ipw_queue_inc_wrap(q->last_used, q->n_bd)) {
		ipw_queue_tx_free_tfd(priv, txq);
		priv->tx_packets++;
	}
4956
      done:
4957 4958 4959 4960
	if ((ipw_queue_space(q) > q->low_mark) &&
	    (qindex >= 0) &&
	    (priv->status & STATUS_ASSOCIATED) && netif_running(priv->net_dev))
		netif_wake_queue(priv->net_dev);
4961 4962 4963 4964 4965 4966 4967 4968 4969 4970 4971 4972 4973 4974 4975 4976 4977 4978 4979 4980 4981 4982 4983 4984 4985 4986 4987 4988 4989 4990 4991 4992 4993 4994 4995 4996
	used = q->first_empty - q->last_used;
	if (used < 0)
		used += q->n_bd;

	return used;
}

static int ipw_queue_tx_hcmd(struct ipw_priv *priv, int hcmd, void *buf,
			     int len, int sync)
{
	struct clx2_tx_queue *txq = &priv->txq_cmd;
	struct clx2_queue *q = &txq->q;
	struct tfd_frame *tfd;

	if (ipw_queue_space(q) < (sync ? 1 : 2)) {
		IPW_ERROR("No space for Tx\n");
		return -EBUSY;
	}

	tfd = &txq->bd[q->first_empty];
	txq->txb[q->first_empty] = NULL;

	memset(tfd, 0, sizeof(*tfd));
	tfd->control_flags.message_type = TX_HOST_COMMAND_TYPE;
	tfd->control_flags.control_bits = TFD_NEED_IRQ_MASK;
	priv->hcmd_seq++;
	tfd->u.cmd.index = hcmd;
	tfd->u.cmd.length = len;
	memcpy(tfd->u.cmd.payload, buf, len);
	q->first_empty = ipw_queue_inc_wrap(q->first_empty, q->n_bd);
	ipw_write32(priv, q->reg_w, q->first_empty);
	_ipw_read32(priv, 0x90);

	return 0;
}

4997
/*
4998 4999 5000
 * Rx theory of operation
 *
 * The host allocates 32 DMA target addresses and passes the host address
5001
 * to the firmware at register IPW_RFDS_TABLE_LOWER + N * RFD_SIZE where N is
5002 5003 5004 5005 5006
 * 0 to 31
 *
 * Rx Queue Indexes
 * The host/firmware share two index registers for managing the Rx buffers.
 *
5007 5008 5009
 * The READ index maps to the first position that the firmware may be writing
 * to -- the driver can read up to (but not including) this position and get
 * good data.
5010 5011 5012 5013 5014 5015
 * The READ index is managed by the firmware once the card is enabled.
 *
 * The WRITE index maps to the last position the driver has read from -- the
 * position preceding WRITE is the last slot the firmware can place a packet.
 *
 * The queue is empty (no good data) if WRITE = READ - 1, and is full if
5016
 * WRITE = READ.
5017
 *
5018
 * During initialization the host sets up the READ queue position to the first
5019 5020 5021 5022 5023 5024
 * INDEX position, and WRITE to the last (READ - 1 wrapped)
 *
 * When the firmware places a packet in a buffer it will advance the READ index
 * and fire the RX interrupt.  The driver can then query the READ index and
 * process as many packets as possible, moving the WRITE index forward as it
 * resets the Rx queue buffers with new memory.
5025
 *
5026
 * The management in the driver is as follows:
5027
 * + A list of pre-allocated SKBs is stored in ipw->rxq->rx_free.  When
5028
 *   ipw->rxq->free_count drops to or below RX_LOW_WATERMARK, work is scheduled
5029
 *   to replensish the ipw->rxq->rx_free.
5030 5031 5032 5033 5034 5035
 * + In ipw_rx_queue_replenish (scheduled) if 'processed' != 'read' then the
 *   ipw->rxq is replenished and the READ INDEX is updated (updating the
 *   'processed' and 'read' driver indexes as well)
 * + A received packet is processed and handed to the kernel network stack,
 *   detached from the ipw->rxq.  The driver 'processed' index is updated.
 * + The Host/Firmware ipw->rxq is replenished at tasklet time from the rx_free
5036 5037
 *   list. If there are no allocated buffers in ipw->rxq->rx_free, the READ
 *   INDEX is not incremented and ipw->status(RX_STALLED) is set.  If there
5038 5039 5040 5041 5042
 *   were enough free buffers and RX_STALLED is set it is cleared.
 *
 *
 * Driver sequence:
 *
5043
 * ipw_rx_queue_alloc()       Allocates rx_free
5044 5045 5046 5047 5048 5049 5050 5051 5052
 * ipw_rx_queue_replenish()   Replenishes rx_free list from rx_used, and calls
 *                            ipw_rx_queue_restock
 * ipw_rx_queue_restock()     Moves available buffers from rx_free into Rx
 *                            queue, updates firmware pointers, and updates
 *                            the WRITE index.  If insufficient rx_free buffers
 *                            are available, schedules ipw_rx_queue_replenish
 *
 * -- enable interrupts --
 * ISR - ipw_rx()             Detach ipw_rx_mem_buffers from pool up to the
5053
 *                            READ INDEX, detaching the SKB from the pool.
5054 5055 5056 5057 5058 5059 5060
 *                            Moves the packet buffer from queue to rx_used.
 *                            Calls ipw_rx_queue_restock to refill any empty
 *                            slots.
 * ...
 *
 */

5061
/*
5062 5063 5064 5065 5066 5067 5068 5069 5070 5071 5072 5073 5074 5075 5076 5077 5078 5079 5080 5081 5082 5083 5084
 * If there are slots in the RX queue that  need to be restocked,
 * and we have free pre-allocated buffers, fill the ranks as much
 * as we can pulling from rx_free.
 *
 * This moves the 'write' index forward to catch up with 'processed', and
 * also updates the memory address in the firmware to reference the new
 * target buffer.
 */
static void ipw_rx_queue_restock(struct ipw_priv *priv)
{
	struct ipw_rx_queue *rxq = priv->rxq;
	struct list_head *element;
	struct ipw_rx_mem_buffer *rxb;
	unsigned long flags;
	int write;

	spin_lock_irqsave(&rxq->lock, flags);
	write = rxq->write;
	while ((rxq->write != rxq->processed) && (rxq->free_count)) {
		element = rxq->rx_free.next;
		rxb = list_entry(element, struct ipw_rx_mem_buffer, list);
		list_del(element);

5085
		ipw_write32(priv, IPW_RFDS_TABLE_LOWER + rxq->write * RFD_SIZE,
5086 5087 5088 5089 5090 5091 5092
			    rxb->dma_addr);
		rxq->queue[rxq->write] = rxb;
		rxq->write = (rxq->write + 1) % RX_QUEUE_SIZE;
		rxq->free_count--;
	}
	spin_unlock_irqrestore(&rxq->lock, flags);

5093
	/* If the pre-allocated buffer pool is dropping low, schedule to
5094 5095 5096 5097 5098
	 * refill it */
	if (rxq->free_count <= RX_LOW_WATERMARK)
		queue_work(priv->workqueue, &priv->rx_replenish);

	/* If we've added more space for the firmware to place data, tell it */
5099
	if (write != rxq->write)
5100
		ipw_write32(priv, IPW_RX_WRITE_INDEX, rxq->write);
5101 5102 5103 5104
}

/*
 * Move all used packet from rx_used to rx_free, allocating a new SKB for each.
5105 5106
 * Also restock the Rx queue via ipw_rx_queue_restock.
 *
5107 5108 5109 5110 5111 5112 5113 5114 5115 5116 5117 5118 5119 5120
 * This is called as a scheduled work item (except for during intialization)
 */
static void ipw_rx_queue_replenish(void *data)
{
	struct ipw_priv *priv = data;
	struct ipw_rx_queue *rxq = priv->rxq;
	struct list_head *element;
	struct ipw_rx_mem_buffer *rxb;
	unsigned long flags;

	spin_lock_irqsave(&rxq->lock, flags);
	while (!list_empty(&rxq->rx_used)) {
		element = rxq->rx_used.next;
		rxb = list_entry(element, struct ipw_rx_mem_buffer, list);
5121
		rxb->skb = alloc_skb(IPW_RX_BUF_SIZE, GFP_ATOMIC);
5122 5123 5124 5125 5126 5127 5128 5129 5130
		if (!rxb->skb) {
			printk(KERN_CRIT "%s: Can not allocate SKB buffers.\n",
			       priv->net_dev->name);
			/* We don't reschedule replenish work here -- we will
			 * call the restock method and if it still needs
			 * more buffers it will schedule replenish */
			break;
		}
		list_del(element);
5131

5132 5133
		rxb->dma_addr =
		    pci_map_single(priv->pci_dev, rxb->skb->data,
5134
				   IPW_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
5135

5136 5137 5138 5139 5140 5141 5142 5143
		list_add_tail(&rxb->list, &rxq->rx_free);
		rxq->free_count++;
	}
	spin_unlock_irqrestore(&rxq->lock, flags);

	ipw_rx_queue_restock(priv);
}

5144
static void ipw_bg_rx_queue_replenish(struct work_struct *work)
5145
{
5146 5147
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, rx_replenish);
5148
	mutex_lock(&priv->mutex);
5149
	ipw_rx_queue_replenish(priv);
5150
	mutex_unlock(&priv->mutex);
5151 5152
}

5153
/* Assumes that the skb field of the buffers in 'pool' is kept accurate.
5154
 * If an SKB has been detached, the POOL needs to have its SKB set to NULL
5155
 * This free routine walks the list of POOL entries and if SKB is set to
5156 5157
 * non NULL it is unmapped and freed
 */
5158
static void ipw_rx_queue_free(struct ipw_priv *priv, struct ipw_rx_queue *rxq)
5159 5160 5161 5162 5163
{
	int i;

	if (!rxq)
		return;
5164

5165 5166 5167
	for (i = 0; i < RX_QUEUE_SIZE + RX_FREE_BUFFERS; i++) {
		if (rxq->pool[i].skb != NULL) {
			pci_unmap_single(priv->pci_dev, rxq->pool[i].dma_addr,
5168
					 IPW_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
5169 5170 5171 5172 5173 5174 5175 5176 5177 5178 5179 5180
			dev_kfree_skb(rxq->pool[i].skb);
		}
	}

	kfree(rxq);
}

static struct ipw_rx_queue *ipw_rx_queue_alloc(struct ipw_priv *priv)
{
	struct ipw_rx_queue *rxq;
	int i;

5181
	rxq = kzalloc(sizeof(*rxq), GFP_KERNEL);
5182 5183 5184 5185
	if (unlikely(!rxq)) {
		IPW_ERROR("memory allocation failed\n");
		return NULL;
	}
5186 5187 5188 5189 5190
	spin_lock_init(&rxq->lock);
	INIT_LIST_HEAD(&rxq->rx_free);
	INIT_LIST_HEAD(&rxq->rx_used);

	/* Fill the rx_used queue with _all_ of the Rx buffers */
5191
	for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++)
5192 5193 5194 5195 5196 5197 5198 5199 5200 5201 5202 5203 5204 5205 5206 5207
		list_add_tail(&rxq->pool[i].list, &rxq->rx_used);

	/* Set us so that we have processed and used all buffers, but have
	 * not restocked the Rx queue with fresh buffers */
	rxq->read = rxq->write = 0;
	rxq->processed = RX_QUEUE_SIZE - 1;
	rxq->free_count = 0;

	return rxq;
}

static int ipw_is_rate_in_mask(struct ipw_priv *priv, int ieee_mode, u8 rate)
{
	rate &= ~IEEE80211_BASIC_RATE_MASK;
	if (ieee_mode == IEEE_A) {
		switch (rate) {
5208 5209
		case IEEE80211_OFDM_RATE_6MB:
			return priv->rates_mask & IEEE80211_OFDM_RATE_6MB_MASK ?
5210
			    1 : 0;
5211 5212
		case IEEE80211_OFDM_RATE_9MB:
			return priv->rates_mask & IEEE80211_OFDM_RATE_9MB_MASK ?
5213
			    1 : 0;
5214
		case IEEE80211_OFDM_RATE_12MB:
5215 5216
			return priv->
			    rates_mask & IEEE80211_OFDM_RATE_12MB_MASK ? 1 : 0;
5217
		case IEEE80211_OFDM_RATE_18MB:
5218 5219
			return priv->
			    rates_mask & IEEE80211_OFDM_RATE_18MB_MASK ? 1 : 0;
5220
		case IEEE80211_OFDM_RATE_24MB:
5221 5222
			return priv->
			    rates_mask & IEEE80211_OFDM_RATE_24MB_MASK ? 1 : 0;
5223
		case IEEE80211_OFDM_RATE_36MB:
5224 5225
			return priv->
			    rates_mask & IEEE80211_OFDM_RATE_36MB_MASK ? 1 : 0;
5226
		case IEEE80211_OFDM_RATE_48MB:
5227 5228
			return priv->
			    rates_mask & IEEE80211_OFDM_RATE_48MB_MASK ? 1 : 0;
5229
		case IEEE80211_OFDM_RATE_54MB:
5230 5231
			return priv->
			    rates_mask & IEEE80211_OFDM_RATE_54MB_MASK ? 1 : 0;
5232 5233 5234 5235
		default:
			return 0;
		}
	}
5236

5237 5238
	/* B and G mixed */
	switch (rate) {
5239
	case IEEE80211_CCK_RATE_1MB:
5240
		return priv->rates_mask & IEEE80211_CCK_RATE_1MB_MASK ? 1 : 0;
5241
	case IEEE80211_CCK_RATE_2MB:
5242
		return priv->rates_mask & IEEE80211_CCK_RATE_2MB_MASK ? 1 : 0;
5243
	case IEEE80211_CCK_RATE_5MB:
5244
		return priv->rates_mask & IEEE80211_CCK_RATE_5MB_MASK ? 1 : 0;
5245
	case IEEE80211_CCK_RATE_11MB:
5246 5247 5248 5249 5250 5251 5252 5253 5254
		return priv->rates_mask & IEEE80211_CCK_RATE_11MB_MASK ? 1 : 0;
	}

	/* If we are limited to B modulations, bail at this point */
	if (ieee_mode == IEEE_B)
		return 0;

	/* G */
	switch (rate) {
5255
	case IEEE80211_OFDM_RATE_6MB:
5256
		return priv->rates_mask & IEEE80211_OFDM_RATE_6MB_MASK ? 1 : 0;
5257
	case IEEE80211_OFDM_RATE_9MB:
5258
		return priv->rates_mask & IEEE80211_OFDM_RATE_9MB_MASK ? 1 : 0;
5259
	case IEEE80211_OFDM_RATE_12MB:
5260
		return priv->rates_mask & IEEE80211_OFDM_RATE_12MB_MASK ? 1 : 0;
5261
	case IEEE80211_OFDM_RATE_18MB:
5262
		return priv->rates_mask & IEEE80211_OFDM_RATE_18MB_MASK ? 1 : 0;
5263
	case IEEE80211_OFDM_RATE_24MB:
5264
		return priv->rates_mask & IEEE80211_OFDM_RATE_24MB_MASK ? 1 : 0;
5265
	case IEEE80211_OFDM_RATE_36MB:
5266
		return priv->rates_mask & IEEE80211_OFDM_RATE_36MB_MASK ? 1 : 0;
5267
	case IEEE80211_OFDM_RATE_48MB:
5268
		return priv->rates_mask & IEEE80211_OFDM_RATE_48MB_MASK ? 1 : 0;
5269
	case IEEE80211_OFDM_RATE_54MB:
5270 5271 5272 5273 5274 5275
		return priv->rates_mask & IEEE80211_OFDM_RATE_54MB_MASK ? 1 : 0;
	}

	return 0;
}

5276
static int ipw_compatible_rates(struct ipw_priv *priv,
5277 5278 5279 5280 5281 5282
				const struct ieee80211_network *network,
				struct ipw_supported_rates *rates)
{
	int num_rates, i;

	memset(rates, 0, sizeof(*rates));
5283
	num_rates = min(network->rates_len, (u8) IPW_MAX_RATES);
5284 5285
	rates->num_rates = 0;
	for (i = 0; i < num_rates; i++) {
5286 5287 5288
		if (!ipw_is_rate_in_mask(priv, network->mode,
					 network->rates[i])) {

5289
			if (network->rates[i] & IEEE80211_BASIC_RATE_MASK) {
5290 5291 5292 5293 5294 5295
				IPW_DEBUG_SCAN("Adding masked mandatory "
					       "rate %02X\n",
					       network->rates[i]);
				rates->supported_rates[rates->num_rates++] =
				    network->rates[i];
				continue;
5296 5297
			}

5298 5299 5300 5301
			IPW_DEBUG_SCAN("Rate %02X masked : 0x%08X\n",
				       network->rates[i], priv->rates_mask);
			continue;
		}
5302

5303 5304 5305
		rates->supported_rates[rates->num_rates++] = network->rates[i];
	}

5306 5307
	num_rates = min(network->rates_ex_len,
			(u8) (IPW_MAX_RATES - num_rates));
5308
	for (i = 0; i < num_rates; i++) {
5309 5310
		if (!ipw_is_rate_in_mask(priv, network->mode,
					 network->rates_ex[i])) {
5311
			if (network->rates_ex[i] & IEEE80211_BASIC_RATE_MASK) {
5312 5313 5314 5315 5316 5317
				IPW_DEBUG_SCAN("Adding masked mandatory "
					       "rate %02X\n",
					       network->rates_ex[i]);
				rates->supported_rates[rates->num_rates++] =
				    network->rates[i];
				continue;
5318 5319
			}

5320 5321 5322 5323
			IPW_DEBUG_SCAN("Rate %02X masked : 0x%08X\n",
				       network->rates_ex[i], priv->rates_mask);
			continue;
		}
5324

5325 5326
		rates->supported_rates[rates->num_rates++] =
		    network->rates_ex[i];
5327 5328
	}

5329
	return 1;
5330 5331
}

5332
static void ipw_copy_rates(struct ipw_supported_rates *dest,
5333 5334 5335 5336 5337 5338 5339 5340 5341 5342 5343 5344
				  const struct ipw_supported_rates *src)
{
	u8 i;
	for (i = 0; i < src->num_rates; i++)
		dest->supported_rates[i] = src->supported_rates[i];
	dest->num_rates = src->num_rates;
}

/* TODO: Look at sniffed packets in the air to determine if the basic rate
 * mask should ever be used -- right now all callers to add the scan rates are
 * set with the modulation = CCK, so BASIC_RATE_MASK is never set... */
static void ipw_add_cck_scan_rates(struct ipw_supported_rates *rates,
5345
				   u8 modulation, u32 rate_mask)
5346
{
5347
	u8 basic_mask = (IEEE80211_OFDM_MODULATION == modulation) ?
5348
	    IEEE80211_BASIC_RATE_MASK : 0;
5349

5350
	if (rate_mask & IEEE80211_CCK_RATE_1MB_MASK)
5351
		rates->supported_rates[rates->num_rates++] =
5352
		    IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_1MB;
5353 5354

	if (rate_mask & IEEE80211_CCK_RATE_2MB_MASK)
5355
		rates->supported_rates[rates->num_rates++] =
5356
		    IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_2MB;
5357 5358

	if (rate_mask & IEEE80211_CCK_RATE_5MB_MASK)
5359
		rates->supported_rates[rates->num_rates++] = basic_mask |
5360
		    IEEE80211_CCK_RATE_5MB;
5361 5362

	if (rate_mask & IEEE80211_CCK_RATE_11MB_MASK)
5363
		rates->supported_rates[rates->num_rates++] = basic_mask |
5364
		    IEEE80211_CCK_RATE_11MB;
5365 5366 5367
}

static void ipw_add_ofdm_scan_rates(struct ipw_supported_rates *rates,
5368
				    u8 modulation, u32 rate_mask)
5369
{
5370
	u8 basic_mask = (IEEE80211_OFDM_MODULATION == modulation) ?
5371
	    IEEE80211_BASIC_RATE_MASK : 0;
5372 5373

	if (rate_mask & IEEE80211_OFDM_RATE_6MB_MASK)
5374
		rates->supported_rates[rates->num_rates++] = basic_mask |
5375
		    IEEE80211_OFDM_RATE_6MB;
5376 5377

	if (rate_mask & IEEE80211_OFDM_RATE_9MB_MASK)
5378
		rates->supported_rates[rates->num_rates++] =
5379
		    IEEE80211_OFDM_RATE_9MB;
5380 5381

	if (rate_mask & IEEE80211_OFDM_RATE_12MB_MASK)
5382
		rates->supported_rates[rates->num_rates++] = basic_mask |
5383
		    IEEE80211_OFDM_RATE_12MB;
5384 5385

	if (rate_mask & IEEE80211_OFDM_RATE_18MB_MASK)
5386
		rates->supported_rates[rates->num_rates++] =
5387
		    IEEE80211_OFDM_RATE_18MB;
5388 5389

	if (rate_mask & IEEE80211_OFDM_RATE_24MB_MASK)
5390
		rates->supported_rates[rates->num_rates++] = basic_mask |
5391
		    IEEE80211_OFDM_RATE_24MB;
5392 5393

	if (rate_mask & IEEE80211_OFDM_RATE_36MB_MASK)
5394
		rates->supported_rates[rates->num_rates++] =
5395
		    IEEE80211_OFDM_RATE_36MB;
5396 5397

	if (rate_mask & IEEE80211_OFDM_RATE_48MB_MASK)
5398
		rates->supported_rates[rates->num_rates++] =
5399
		    IEEE80211_OFDM_RATE_48MB;
5400 5401

	if (rate_mask & IEEE80211_OFDM_RATE_54MB_MASK)
5402
		rates->supported_rates[rates->num_rates++] =
5403
		    IEEE80211_OFDM_RATE_54MB;
5404 5405 5406 5407 5408 5409 5410
}

struct ipw_network_match {
	struct ieee80211_network *network;
	struct ipw_supported_rates rates;
};

5411 5412 5413 5414
static int ipw_find_adhoc_network(struct ipw_priv *priv,
				  struct ipw_network_match *match,
				  struct ieee80211_network *network,
				  int roaming)
5415 5416
{
	struct ipw_supported_rates rates;
5417 5418
	DECLARE_MAC_BUF(mac);
	DECLARE_MAC_BUF(mac2);
5419 5420 5421

	/* Verify that this network's capability is compatible with the
	 * current mode (AdHoc or Infrastructure) */
5422
	if ((priv->ieee->iw_mode == IW_MODE_ADHOC &&
5423
	     !(network->capability & WLAN_CAPABILITY_IBSS))) {
5424
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded due to "
5425
				"capability mismatch.\n",
5426
				escape_essid(network->ssid, network->ssid_len),
5427
				print_mac(mac, network->bssid));
5428 5429 5430 5431 5432 5433
		return 0;
	}

	/* If we do not have an ESSID for this AP, we can not associate with
	 * it */
	if (network->flags & NETWORK_EMPTY_ESSID) {
5434
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5435 5436
				"because of hidden ESSID.\n",
				escape_essid(network->ssid, network->ssid_len),
5437
				print_mac(mac, network->bssid));
5438 5439
		return 0;
	}
5440

5441 5442 5443 5444
	if (unlikely(roaming)) {
		/* If we are roaming, then ensure check if this is a valid
		 * network to try and roam to */
		if ((network->ssid_len != match->network->ssid_len) ||
5445
		    memcmp(network->ssid, match->network->ssid,
5446
			   network->ssid_len)) {
5447
			IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5448
					"because of non-network ESSID.\n",
5449
					escape_essid(network->ssid,
5450
						     network->ssid_len),
5451
					print_mac(mac, network->bssid));
5452 5453 5454
			return 0;
		}
	} else {
5455 5456 5457
		/* If an ESSID has been configured then compare the broadcast
		 * ESSID to ours */
		if ((priv->config & CFG_STATIC_ESSID) &&
5458
		    ((network->ssid_len != priv->essid_len) ||
5459
		     memcmp(network->ssid, priv->essid,
5460 5461
			    min(network->ssid_len, priv->essid_len)))) {
			char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
5462

5463 5464
			strncpy(escaped,
				escape_essid(network->ssid, network->ssid_len),
5465
				sizeof(escaped));
5466
			IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5467
					"because of ESSID mismatch: '%s'.\n",
5468
					escaped, print_mac(mac, network->bssid),
5469 5470
					escape_essid(priv->essid,
						     priv->essid_len));
5471 5472 5473 5474 5475 5476
			return 0;
		}
	}

	/* If the old network rate is better than this one, don't bother
	 * testing everything else. */
5477 5478

	if (network->time_stamp[0] < match->network->time_stamp[0]) {
5479 5480
		IPW_DEBUG_MERGE("Network '%s excluded because newer than "
				"current network.\n",
5481
				escape_essid(match->network->ssid,
5482
					     match->network->ssid_len));
5483
		return 0;
5484
	} else if (network->time_stamp[1] < match->network->time_stamp[1]) {
5485 5486 5487 5488
		IPW_DEBUG_MERGE("Network '%s excluded because newer than "
				"current network.\n",
				escape_essid(match->network->ssid,
					     match->network->ssid_len));
5489 5490 5491 5492
		return 0;
	}

	/* Now go through and see if the requested network is valid... */
5493
	if (priv->ieee->scan_age != 0 &&
5494
	    time_after(jiffies, network->last_scanned + priv->ieee->scan_age)) {
5495
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5496
				"because of age: %ums.\n",
5497
				escape_essid(network->ssid, network->ssid_len),
5498
				print_mac(mac, network->bssid),
5499 5500
				jiffies_to_msecs(jiffies -
						 network->last_scanned));
5501
		return 0;
5502
	}
5503

5504
	if ((priv->config & CFG_STATIC_CHANNEL) &&
5505
	    (network->channel != priv->channel)) {
5506
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5507 5508
				"because of channel mismatch: %d != %d.\n",
				escape_essid(network->ssid, network->ssid_len),
5509
				print_mac(mac, network->bssid),
5510 5511 5512
				network->channel, priv->channel);
		return 0;
	}
5513

5514
	/* Verify privacy compatability */
5515
	if (((priv->capability & CAP_PRIVACY_ON) ? 1 : 0) !=
5516
	    ((network->capability & WLAN_CAPABILITY_PRIVACY) ? 1 : 0)) {
5517
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5518 5519
				"because of privacy mismatch: %s != %s.\n",
				escape_essid(network->ssid, network->ssid_len),
5520
				print_mac(mac, network->bssid),
5521 5522 5523 5524 5525
				priv->
				capability & CAP_PRIVACY_ON ? "on" : "off",
				network->
				capability & WLAN_CAPABILITY_PRIVACY ? "on" :
				"off");
5526 5527
		return 0;
	}
5528

5529
	if (!memcmp(network->bssid, priv->bssid, ETH_ALEN)) {
5530 5531
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
				"because of the same BSSID match: %s"
5532 5533
				".\n", escape_essid(network->ssid,
						    network->ssid_len),
5534 5535
				print_mac(mac, network->bssid),
				print_mac(mac2, priv->bssid));
5536 5537
		return 0;
	}
5538

5539 5540
	/* Filter out any incompatible freq / mode combinations */
	if (!ieee80211_is_valid_mode(priv->ieee, network->mode)) {
5541
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5542 5543 5544
				"because of invalid frequency/mode "
				"combination.\n",
				escape_essid(network->ssid, network->ssid_len),
5545
				print_mac(mac, network->bssid));
5546 5547
		return 0;
	}
5548

5549 5550 5551
	/* Ensure that the rates supported by the driver are compatible with
	 * this AP, including verification of basic rates (mandatory) */
	if (!ipw_compatible_rates(priv, network, &rates)) {
5552
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5553 5554 5555
				"because configured rate mask excludes "
				"AP mandatory rate.\n",
				escape_essid(network->ssid, network->ssid_len),
5556
				print_mac(mac, network->bssid));
5557 5558 5559
		return 0;
	}

5560
	if (rates.num_rates == 0) {
5561
		IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
5562 5563
				"because of no compatible rates.\n",
				escape_essid(network->ssid, network->ssid_len),
5564
				print_mac(mac, network->bssid));
5565 5566
		return 0;
	}
5567

5568 5569 5570 5571 5572 5573 5574
	/* TODO: Perform any further minimal comparititive tests.  We do not
	 * want to put too much policy logic here; intelligent scan selection
	 * should occur within a generic IEEE 802.11 user space tool.  */

	/* Set up 'new' AP to this network */
	ipw_copy_rates(&match->rates, &rates);
	match->network = network;
5575
	IPW_DEBUG_MERGE("Network '%s (%s)' is a viable match.\n",
5576
			escape_essid(network->ssid, network->ssid_len),
5577
			print_mac(mac, network->bssid));
5578 5579 5580 5581

	return 1;
}

5582
static void ipw_merge_adhoc_network(struct work_struct *work)
5583
{
5584 5585
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, merge_networks);
5586 5587 5588 5589 5590
	struct ieee80211_network *network = NULL;
	struct ipw_network_match match = {
		.network = priv->assoc_network
	};

5591 5592
	if ((priv->status & STATUS_ASSOCIATED) &&
	    (priv->ieee->iw_mode == IW_MODE_ADHOC)) {
5593 5594 5595 5596 5597 5598 5599 5600 5601 5602 5603 5604 5605 5606 5607 5608 5609 5610
		/* First pass through ROAM process -- look for a better
		 * network */
		unsigned long flags;

		spin_lock_irqsave(&priv->ieee->lock, flags);
		list_for_each_entry(network, &priv->ieee->network_list, list) {
			if (network != priv->assoc_network)
				ipw_find_adhoc_network(priv, &match, network,
						       1);
		}
		spin_unlock_irqrestore(&priv->ieee->lock, flags);

		if (match.network == priv->assoc_network) {
			IPW_DEBUG_MERGE("No better ADHOC in this network to "
					"merge to.\n");
			return;
		}

5611
		mutex_lock(&priv->mutex);
5612 5613 5614 5615 5616
		if ((priv->ieee->iw_mode == IW_MODE_ADHOC)) {
			IPW_DEBUG_MERGE("remove network %s\n",
					escape_essid(priv->essid,
						     priv->essid_len));
			ipw_remove_current_network(priv);
5617
		}
5618 5619 5620

		ipw_disassociate(priv);
		priv->assoc_network = match.network;
5621
		mutex_unlock(&priv->mutex);
5622
		return;
5623
	}
5624
}
5625

5626 5627 5628
static int ipw_best_network(struct ipw_priv *priv,
			    struct ipw_network_match *match,
			    struct ieee80211_network *network, int roaming)
5629 5630
{
	struct ipw_supported_rates rates;
5631
	DECLARE_MAC_BUF(mac);
5632 5633 5634 5635

	/* Verify that this network's capability is compatible with the
	 * current mode (AdHoc or Infrastructure) */
	if ((priv->ieee->iw_mode == IW_MODE_INFRA &&
5636
	     !(network->capability & WLAN_CAPABILITY_ESS)) ||
5637 5638
	    (priv->ieee->iw_mode == IW_MODE_ADHOC &&
	     !(network->capability & WLAN_CAPABILITY_IBSS))) {
5639
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded due to "
5640
				"capability mismatch.\n",
5641
				escape_essid(network->ssid, network->ssid_len),
5642
				print_mac(mac, network->bssid));
5643 5644 5645 5646 5647 5648
		return 0;
	}

	/* If we do not have an ESSID for this AP, we can not associate with
	 * it */
	if (network->flags & NETWORK_EMPTY_ESSID) {
5649
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5650 5651
				"because of hidden ESSID.\n",
				escape_essid(network->ssid, network->ssid_len),
5652
				print_mac(mac, network->bssid));
5653 5654
		return 0;
	}
5655

5656 5657 5658 5659
	if (unlikely(roaming)) {
		/* If we are roaming, then ensure check if this is a valid
		 * network to try and roam to */
		if ((network->ssid_len != match->network->ssid_len) ||
5660
		    memcmp(network->ssid, match->network->ssid,
5661
			   network->ssid_len)) {
5662
			IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5663
					"because of non-network ESSID.\n",
5664
					escape_essid(network->ssid,
5665
						     network->ssid_len),
5666
					print_mac(mac, network->bssid));
5667 5668 5669
			return 0;
		}
	} else {
5670 5671 5672
		/* If an ESSID has been configured then compare the broadcast
		 * ESSID to ours */
		if ((priv->config & CFG_STATIC_ESSID) &&
5673
		    ((network->ssid_len != priv->essid_len) ||
5674
		     memcmp(network->ssid, priv->essid,
5675 5676
			    min(network->ssid_len, priv->essid_len)))) {
			char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
5677 5678
			strncpy(escaped,
				escape_essid(network->ssid, network->ssid_len),
5679
				sizeof(escaped));
5680
			IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5681
					"because of ESSID mismatch: '%s'.\n",
5682
					escaped, print_mac(mac, network->bssid),
5683 5684
					escape_essid(priv->essid,
						     priv->essid_len));
5685 5686 5687 5688 5689 5690
			return 0;
		}
	}

	/* If the old network rate is better than this one, don't bother
	 * testing everything else. */
5691
	if (match->network && match->network->stats.rssi > network->stats.rssi) {
5692
		char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
5693 5694
		strncpy(escaped,
			escape_essid(network->ssid, network->ssid_len),
5695
			sizeof(escaped));
5696 5697 5698
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded because "
				"'%s (%s)' has a stronger signal.\n",
				escaped, print_mac(mac, network->bssid),
5699 5700
				escape_essid(match->network->ssid,
					     match->network->ssid_len),
5701
				print_mac(mac, match->network->bssid));
5702 5703
		return 0;
	}
5704

5705 5706 5707
	/* If this network has already had an association attempt within the
	 * last 3 seconds, do not try and associate again... */
	if (network->last_associate &&
5708
	    time_after(network->last_associate + (HZ * 3UL), jiffies)) {
5709
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5710
				"because of storming (%ums since last "
5711 5712
				"assoc attempt).\n",
				escape_essid(network->ssid, network->ssid_len),
5713
				print_mac(mac, network->bssid),
5714 5715
				jiffies_to_msecs(jiffies -
						 network->last_associate));
5716 5717 5718 5719
		return 0;
	}

	/* Now go through and see if the requested network is valid... */
5720
	if (priv->ieee->scan_age != 0 &&
5721
	    time_after(jiffies, network->last_scanned + priv->ieee->scan_age)) {
5722
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5723
				"because of age: %ums.\n",
5724
				escape_essid(network->ssid, network->ssid_len),
5725
				print_mac(mac, network->bssid),
5726 5727
				jiffies_to_msecs(jiffies -
						 network->last_scanned));
5728
		return 0;
5729
	}
5730

5731
	if ((priv->config & CFG_STATIC_CHANNEL) &&
5732
	    (network->channel != priv->channel)) {
5733
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5734 5735
				"because of channel mismatch: %d != %d.\n",
				escape_essid(network->ssid, network->ssid_len),
5736
				print_mac(mac, network->bssid),
5737 5738 5739
				network->channel, priv->channel);
		return 0;
	}
5740

5741
	/* Verify privacy compatability */
5742
	if (((priv->capability & CAP_PRIVACY_ON) ? 1 : 0) !=
5743
	    ((network->capability & WLAN_CAPABILITY_PRIVACY) ? 1 : 0)) {
5744
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5745 5746
				"because of privacy mismatch: %s != %s.\n",
				escape_essid(network->ssid, network->ssid_len),
5747
				print_mac(mac, network->bssid),
5748
				priv->capability & CAP_PRIVACY_ON ? "on" :
5749
				"off",
5750
				network->capability &
5751
				WLAN_CAPABILITY_PRIVACY ? "on" : "off");
5752 5753
		return 0;
	}
5754 5755

	if ((priv->config & CFG_STATIC_BSSID) &&
5756
	    memcmp(network->bssid, priv->bssid, ETH_ALEN)) {
5757 5758
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
				"because of BSSID mismatch: %s.\n",
5759
				escape_essid(network->ssid, network->ssid_len),
5760
				print_mac(mac, network->bssid), print_mac(mac, priv->bssid));
5761 5762
		return 0;
	}
5763

5764 5765
	/* Filter out any incompatible freq / mode combinations */
	if (!ieee80211_is_valid_mode(priv->ieee, network->mode)) {
5766
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5767 5768 5769
				"because of invalid frequency/mode "
				"combination.\n",
				escape_essid(network->ssid, network->ssid_len),
5770
				print_mac(mac, network->bssid));
5771 5772
		return 0;
	}
5773

5774
	/* Filter out invalid channel in current GEO */
5775
	if (!ieee80211_is_valid_channel(priv->ieee, network->channel)) {
5776
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5777 5778
				"because of invalid channel in current GEO\n",
				escape_essid(network->ssid, network->ssid_len),
5779
				print_mac(mac, network->bssid));
5780 5781 5782
		return 0;
	}

5783 5784 5785
	/* Ensure that the rates supported by the driver are compatible with
	 * this AP, including verification of basic rates (mandatory) */
	if (!ipw_compatible_rates(priv, network, &rates)) {
5786
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5787 5788 5789
				"because configured rate mask excludes "
				"AP mandatory rate.\n",
				escape_essid(network->ssid, network->ssid_len),
5790
				print_mac(mac, network->bssid));
5791 5792 5793
		return 0;
	}

5794
	if (rates.num_rates == 0) {
5795
		IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
5796 5797
				"because of no compatible rates.\n",
				escape_essid(network->ssid, network->ssid_len),
5798
				print_mac(mac, network->bssid));
5799 5800
		return 0;
	}
5801

5802 5803 5804 5805 5806 5807 5808 5809
	/* TODO: Perform any further minimal comparititive tests.  We do not
	 * want to put too much policy logic here; intelligent scan selection
	 * should occur within a generic IEEE 802.11 user space tool.  */

	/* Set up 'new' AP to this network */
	ipw_copy_rates(&match->rates, &rates);
	match->network = network;

5810
	IPW_DEBUG_ASSOC("Network '%s (%s)' is a viable match.\n",
5811
			escape_essid(network->ssid, network->ssid_len),
5812
			print_mac(mac, network->bssid));
5813 5814 5815 5816

	return 1;
}

5817
static void ipw_adhoc_create(struct ipw_priv *priv,
5818
			     struct ieee80211_network *network)
5819
{
5820
	const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
5821 5822
	int i;

5823 5824 5825 5826 5827 5828
	/*
	 * For the purposes of scanning, we can set our wireless mode
	 * to trigger scans across combinations of bands, but when it
	 * comes to creating a new ad-hoc network, we have tell the FW
	 * exactly which band to use.
	 *
5829
	 * We also have the possibility of an invalid channel for the
5830 5831 5832
	 * chossen band.  Attempting to create a new ad-hoc network
	 * with an invalid channel for wireless mode will trigger a
	 * FW fatal error.
5833
	 *
5834
	 */
5835
	switch (ieee80211_is_valid_channel(priv->ieee, priv->channel)) {
5836 5837
	case IEEE80211_52GHZ_BAND:
		network->mode = IEEE_A;
5838
		i = ieee80211_channel_to_index(priv->ieee, priv->channel);
5839
		BUG_ON(i == -1);
5840 5841 5842 5843 5844 5845 5846 5847 5848 5849 5850
		if (geo->a[i].flags & IEEE80211_CH_PASSIVE_ONLY) {
			IPW_WARNING("Overriding invalid channel\n");
			priv->channel = geo->a[0].channel;
		}
		break;

	case IEEE80211_24GHZ_BAND:
		if (priv->ieee->mode & IEEE_G)
			network->mode = IEEE_G;
		else
			network->mode = IEEE_B;
5851
		i = ieee80211_channel_to_index(priv->ieee, priv->channel);
5852
		BUG_ON(i == -1);
5853 5854 5855 5856
		if (geo->bg[i].flags & IEEE80211_CH_PASSIVE_ONLY) {
			IPW_WARNING("Overriding invalid channel\n");
			priv->channel = geo->bg[0].channel;
		}
5857 5858 5859
		break;

	default:
5860 5861 5862
		IPW_WARNING("Overriding invalid channel\n");
		if (priv->ieee->mode & IEEE_A) {
			network->mode = IEEE_A;
5863
			priv->channel = geo->a[0].channel;
5864 5865
		} else if (priv->ieee->mode & IEEE_G) {
			network->mode = IEEE_G;
5866
			priv->channel = geo->bg[0].channel;
5867 5868
		} else {
			network->mode = IEEE_B;
5869
			priv->channel = geo->bg[0].channel;
5870
		}
5871 5872
		break;
	}
5873 5874 5875 5876 5877 5878 5879 5880

	network->channel = priv->channel;
	priv->config |= CFG_ADHOC_PERSIST;
	ipw_create_bssid(priv, network->bssid);
	network->ssid_len = priv->essid_len;
	memcpy(network->ssid, priv->essid, priv->essid_len);
	memset(&network->stats, 0, sizeof(network->stats));
	network->capability = WLAN_CAPABILITY_IBSS;
5881 5882
	if (!(priv->config & CFG_PREAMBLE_LONG))
		network->capability |= WLAN_CAPABILITY_SHORT_PREAMBLE;
5883 5884 5885
	if (priv->capability & CAP_PRIVACY_ON)
		network->capability |= WLAN_CAPABILITY_PRIVACY;
	network->rates_len = min(priv->rates.num_rates, MAX_RATES_LENGTH);
5886
	memcpy(network->rates, priv->rates.supported_rates, network->rates_len);
5887
	network->rates_ex_len = priv->rates.num_rates - network->rates_len;
5888
	memcpy(network->rates_ex,
5889 5890 5891 5892 5893 5894 5895
	       &priv->rates.supported_rates[network->rates_len],
	       network->rates_ex_len);
	network->last_scanned = 0;
	network->flags = 0;
	network->last_associate = 0;
	network->time_stamp[0] = 0;
	network->time_stamp[1] = 0;
5896 5897 5898
	network->beacon_interval = 100;	/* Default */
	network->listen_interval = 10;	/* Default */
	network->atim_window = 0;	/* Default */
5899 5900 5901 5902
	network->wpa_ie_len = 0;
	network->rsn_ie_len = 0;
}

5903 5904
static void ipw_send_tgi_tx_key(struct ipw_priv *priv, int type, int index)
{
Zhu Yi's avatar
Zhu Yi committed
5905
	struct ipw_tgi_tx_key key;
5906 5907 5908 5909

	if (!(priv->ieee->sec.flags & (1 << index)))
		return;

Zhu Yi's avatar
Zhu Yi committed
5910 5911 5912 5913 5914
	key.key_id = index;
	memcpy(key.key, priv->ieee->sec.keys[index], SCM_TEMPORAL_KEY_LENGTH);
	key.security_type = type;
	key.station_index = 0;	/* always 0 for BSS */
	key.flags = 0;
5915
	/* 0 for new key; previous value of counter (after fatal error) */
5916 5917
	key.tx_counter[0] = cpu_to_le32(0);
	key.tx_counter[1] = cpu_to_le32(0);
5918

Zhu Yi's avatar
Zhu Yi committed
5919
	ipw_send_cmd_pdu(priv, IPW_CMD_TGI_TX_KEY, sizeof(key), &key);
5920 5921 5922
}

static void ipw_send_wep_keys(struct ipw_priv *priv, int type)
5923
{
Zhu Yi's avatar
Zhu Yi committed
5924
	struct ipw_wep_key key;
5925 5926
	int i;

Zhu Yi's avatar
Zhu Yi committed
5927 5928
	key.cmd_id = DINO_CMD_WEP_KEY;
	key.seq_num = 0;
5929

5930 5931
	/* Note: AES keys cannot be set for multiple times.
	 * Only set it at the first time. */
5932
	for (i = 0; i < 4; i++) {
Zhu Yi's avatar
Zhu Yi committed
5933
		key.key_index = i | type;
5934
		if (!(priv->ieee->sec.flags & (1 << i))) {
Zhu Yi's avatar
Zhu Yi committed
5935
			key.key_size = 0;
5936
			continue;
5937 5938
		}

Zhu Yi's avatar
Zhu Yi committed
5939 5940
		key.key_size = priv->ieee->sec.key_sizes[i];
		memcpy(key.key, priv->ieee->sec.keys[i], key.key_size);
5941

Zhu Yi's avatar
Zhu Yi committed
5942
		ipw_send_cmd_pdu(priv, IPW_CMD_WEP_KEY, sizeof(key), &key);
5943
	}
5944 5945
}

5946
static void ipw_set_hw_decrypt_unicast(struct ipw_priv *priv, int level)
5947
{
5948
	if (priv->ieee->host_encrypt)
5949 5950
		return;

5951 5952 5953 5954 5955 5956 5957 5958 5959 5960 5961 5962 5963 5964 5965 5966 5967 5968 5969 5970 5971 5972 5973 5974 5975 5976 5977 5978 5979 5980 5981 5982 5983 5984 5985 5986 5987 5988 5989 5990 5991 5992 5993 5994
	switch (level) {
	case SEC_LEVEL_3:
		priv->sys_config.disable_unicast_decryption = 0;
		priv->ieee->host_decrypt = 0;
		break;
	case SEC_LEVEL_2:
		priv->sys_config.disable_unicast_decryption = 1;
		priv->ieee->host_decrypt = 1;
		break;
	case SEC_LEVEL_1:
		priv->sys_config.disable_unicast_decryption = 0;
		priv->ieee->host_decrypt = 0;
		break;
	case SEC_LEVEL_0:
		priv->sys_config.disable_unicast_decryption = 1;
		break;
	default:
		break;
	}
}

static void ipw_set_hw_decrypt_multicast(struct ipw_priv *priv, int level)
{
	if (priv->ieee->host_encrypt)
		return;

	switch (level) {
	case SEC_LEVEL_3:
		priv->sys_config.disable_multicast_decryption = 0;
		break;
	case SEC_LEVEL_2:
		priv->sys_config.disable_multicast_decryption = 1;
		break;
	case SEC_LEVEL_1:
		priv->sys_config.disable_multicast_decryption = 0;
		break;
	case SEC_LEVEL_0:
		priv->sys_config.disable_multicast_decryption = 1;
		break;
	default:
		break;
	}
}

5995 5996 5997 5998
static void ipw_set_hwcrypto_keys(struct ipw_priv *priv)
{
	switch (priv->ieee->sec.level) {
	case SEC_LEVEL_3:
5999 6000 6001 6002
		if (priv->ieee->sec.flags & SEC_ACTIVE_KEY)
			ipw_send_tgi_tx_key(priv,
					    DCT_FLAG_EXT_SECURITY_CCM,
					    priv->ieee->sec.active_key);
6003

Hong Liu's avatar
Hong Liu committed
6004 6005
		if (!priv->ieee->host_mc_decrypt)
			ipw_send_wep_keys(priv, DCW_WEP_KEY_SEC_TYPE_CCM);
6006 6007
		break;
	case SEC_LEVEL_2:
6008 6009 6010 6011
		if (priv->ieee->sec.flags & SEC_ACTIVE_KEY)
			ipw_send_tgi_tx_key(priv,
					    DCT_FLAG_EXT_SECURITY_TKIP,
					    priv->ieee->sec.active_key);
6012 6013 6014
		break;
	case SEC_LEVEL_1:
		ipw_send_wep_keys(priv, DCW_WEP_KEY_SEC_TYPE_WEP);
6015 6016
		ipw_set_hw_decrypt_unicast(priv, priv->ieee->sec.level);
		ipw_set_hw_decrypt_multicast(priv, priv->ieee->sec.level);
6017 6018 6019 6020 6021 6022 6023
		break;
	case SEC_LEVEL_0:
	default:
		break;
	}
}

6024 6025 6026
static void ipw_adhoc_check(void *data)
{
	struct ipw_priv *priv = data;
6027

6028
	if (priv->missed_adhoc_beacons++ > priv->disassociate_threshold &&
6029
	    !(priv->config & CFG_ADHOC_PERSIST)) {
6030 6031 6032 6033
		IPW_DEBUG(IPW_DL_INFO | IPW_DL_NOTIF |
			  IPW_DL_STATE | IPW_DL_ASSOC,
			  "Missed beacon: %d - disassociate\n",
			  priv->missed_adhoc_beacons);
6034 6035 6036 6037 6038
		ipw_remove_current_network(priv);
		ipw_disassociate(priv);
		return;
	}

6039
	queue_delayed_work(priv->workqueue, &priv->adhoc_check,
6040 6041 6042
			   priv->assoc_request.beacon_interval);
}

6043
static void ipw_bg_adhoc_check(struct work_struct *work)
6044
{
6045 6046
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, adhoc_check.work);
6047
	mutex_lock(&priv->mutex);
6048
	ipw_adhoc_check(priv);
6049
	mutex_unlock(&priv->mutex);
6050 6051
}

6052 6053
static void ipw_debug_config(struct ipw_priv *priv)
{
6054
	DECLARE_MAC_BUF(mac);
6055 6056 6057
	IPW_DEBUG_INFO("Scan completed, no valid APs matched "
		       "[CFG 0x%08X]\n", priv->config);
	if (priv->config & CFG_STATIC_CHANNEL)
6058
		IPW_DEBUG_INFO("Channel locked to %d\n", priv->channel);
6059 6060 6061
	else
		IPW_DEBUG_INFO("Channel unlocked.\n");
	if (priv->config & CFG_STATIC_ESSID)
6062
		IPW_DEBUG_INFO("ESSID locked to '%s'\n",
6063
			       escape_essid(priv->essid, priv->essid_len));
6064 6065 6066
	else
		IPW_DEBUG_INFO("ESSID unlocked.\n");
	if (priv->config & CFG_STATIC_BSSID)
6067 6068
		IPW_DEBUG_INFO("BSSID locked to %s\n",
			       print_mac(mac, priv->bssid));
6069 6070 6071 6072 6073 6074 6075 6076 6077
	else
		IPW_DEBUG_INFO("BSSID unlocked.\n");
	if (priv->capability & CAP_PRIVACY_ON)
		IPW_DEBUG_INFO("PRIVACY on\n");
	else
		IPW_DEBUG_INFO("PRIVACY off\n");
	IPW_DEBUG_INFO("RATE MASK: 0x%08X\n", priv->rates_mask);
}

6078
static void ipw_set_fixed_rate(struct ipw_priv *priv, int mode)
6079 6080 6081 6082 6083 6084 6085 6086
{
	/* TODO: Verify that this works... */
	struct ipw_fixed_rate fr = {
		.tx_rates = priv->rates_mask
	};
	u32 reg;
	u16 mask = 0;

6087
	/* Identify 'current FW band' and match it with the fixed
6088
	 * Tx rates */
6089

6090
	switch (priv->ieee->freq_band) {
6091
	case IEEE80211_52GHZ_BAND:	/* A only */
6092 6093 6094
		/* IEEE_A */
		if (priv->rates_mask & ~IEEE80211_OFDM_RATES_MASK) {
			/* Invalid fixed rate mask */
6095 6096
			IPW_DEBUG_WX
			    ("invalid fixed rate mask in ipw_set_fixed_rate\n");
6097 6098 6099
			fr.tx_rates = 0;
			break;
		}
6100

6101 6102 6103
		fr.tx_rates >>= IEEE80211_OFDM_SHIFT_MASK_A;
		break;

6104
	default:		/* 2.4Ghz or Mixed */
6105
		/* IEEE_B */
6106
		if (mode == IEEE_B) {
6107 6108
			if (fr.tx_rates & ~IEEE80211_CCK_RATES_MASK) {
				/* Invalid fixed rate mask */
6109 6110
				IPW_DEBUG_WX
				    ("invalid fixed rate mask in ipw_set_fixed_rate\n");
6111 6112 6113
				fr.tx_rates = 0;
			}
			break;
6114
		}
6115 6116 6117 6118 6119

		/* IEEE_G */
		if (fr.tx_rates & ~(IEEE80211_CCK_RATES_MASK |
				    IEEE80211_OFDM_RATES_MASK)) {
			/* Invalid fixed rate mask */
6120 6121
			IPW_DEBUG_WX
			    ("invalid fixed rate mask in ipw_set_fixed_rate\n");
6122 6123 6124
			fr.tx_rates = 0;
			break;
		}
6125

6126 6127 6128 6129
		if (IEEE80211_OFDM_RATE_6MB_MASK & fr.tx_rates) {
			mask |= (IEEE80211_OFDM_RATE_6MB_MASK >> 1);
			fr.tx_rates &= ~IEEE80211_OFDM_RATE_6MB_MASK;
		}
6130

6131 6132 6133 6134
		if (IEEE80211_OFDM_RATE_9MB_MASK & fr.tx_rates) {
			mask |= (IEEE80211_OFDM_RATE_9MB_MASK >> 1);
			fr.tx_rates &= ~IEEE80211_OFDM_RATE_9MB_MASK;
		}
6135

6136 6137 6138 6139
		if (IEEE80211_OFDM_RATE_12MB_MASK & fr.tx_rates) {
			mask |= (IEEE80211_OFDM_RATE_12MB_MASK >> 1);
			fr.tx_rates &= ~IEEE80211_OFDM_RATE_12MB_MASK;
		}
6140

6141 6142 6143 6144 6145
		fr.tx_rates |= mask;
		break;
	}

	reg = ipw_read32(priv, IPW_MEM_FIXED_OVERRIDE);
6146
	ipw_write_reg32(priv, reg, *(u32 *) & fr);
6147 6148
}

6149
static void ipw_abort_scan(struct ipw_priv *priv)
6150 6151 6152
{
	int err;

6153 6154 6155 6156 6157
	if (priv->status & STATUS_SCAN_ABORTING) {
		IPW_DEBUG_HC("Ignoring concurrent scan abort request.\n");
		return;
	}
	priv->status |= STATUS_SCAN_ABORTING;
6158

6159 6160 6161 6162 6163
	err = ipw_send_scan_abort(priv);
	if (err)
		IPW_DEBUG_HC("Request to abort scan failed.\n");
}

6164 6165 6166
static void ipw_add_scan_channels(struct ipw_priv *priv,
				  struct ipw_scan_request_ext *scan,
				  int scan_type)
6167 6168
{
	int channel_index = 0;
6169
	const struct ieee80211_geo *geo;
6170
	int i;
6171

6172
	geo = ieee80211_get_geo(priv->ieee);
6173

6174 6175 6176 6177 6178 6179 6180 6181
	if (priv->ieee->freq_band & IEEE80211_52GHZ_BAND) {
		int start = channel_index;
		for (i = 0; i < geo->a_channels; i++) {
			if ((priv->status & STATUS_ASSOCIATED) &&
			    geo->a[i].channel == priv->channel)
				continue;
			channel_index++;
			scan->channels_list[channel_index] = geo->a[i].channel;
6182 6183 6184 6185 6186
			ipw_set_scan_type(scan, channel_index,
					  geo->a[i].
					  flags & IEEE80211_CH_PASSIVE_ONLY ?
					  IPW_SCAN_PASSIVE_FULL_DWELL_SCAN :
					  scan_type);
6187 6188 6189 6190 6191 6192 6193 6194 6195 6196 6197 6198
		}

		if (start != channel_index) {
			scan->channels_list[start] = (u8) (IPW_A_MODE << 6) |
			    (channel_index - start);
			channel_index++;
		}
	}

	if (priv->ieee->freq_band & IEEE80211_24GHZ_BAND) {
		int start = channel_index;
		if (priv->config & CFG_SPEED_SCAN) {
6199
			int index;
6200 6201 6202 6203 6204 6205 6206 6207 6208 6209 6210 6211 6212 6213 6214 6215 6216 6217 6218 6219 6220 6221 6222 6223 6224 6225 6226 6227 6228 6229 6230
			u8 channels[IEEE80211_24GHZ_CHANNELS] = {
				/* nop out the list */
				[0] = 0
			};

			u8 channel;
			while (channel_index < IPW_SCAN_CHANNELS) {
				channel =
				    priv->speed_scan[priv->speed_scan_pos];
				if (channel == 0) {
					priv->speed_scan_pos = 0;
					channel = priv->speed_scan[0];
				}
				if ((priv->status & STATUS_ASSOCIATED) &&
				    channel == priv->channel) {
					priv->speed_scan_pos++;
					continue;
				}

				/* If this channel has already been
				 * added in scan, break from loop
				 * and this will be the first channel
				 * in the next scan.
				 */
				if (channels[channel - 1] != 0)
					break;

				channels[channel - 1] = 1;
				priv->speed_scan_pos++;
				channel_index++;
				scan->channels_list[channel_index] = channel;
6231
				index =
6232
				    ieee80211_channel_to_index(priv->ieee, channel);
6233
				ipw_set_scan_type(scan, channel_index,
6234 6235 6236 6237 6238
						  geo->bg[index].
						  flags &
						  IEEE80211_CH_PASSIVE_ONLY ?
						  IPW_SCAN_PASSIVE_FULL_DWELL_SCAN
						  : scan_type);
6239 6240 6241 6242 6243 6244 6245 6246 6247 6248
			}
		} else {
			for (i = 0; i < geo->bg_channels; i++) {
				if ((priv->status & STATUS_ASSOCIATED) &&
				    geo->bg[i].channel == priv->channel)
					continue;
				channel_index++;
				scan->channels_list[channel_index] =
				    geo->bg[i].channel;
				ipw_set_scan_type(scan, channel_index,
6249 6250 6251 6252 6253
						  geo->bg[i].
						  flags &
						  IEEE80211_CH_PASSIVE_ONLY ?
						  IPW_SCAN_PASSIVE_FULL_DWELL_SCAN
						  : scan_type);
6254 6255 6256 6257 6258 6259 6260 6261 6262 6263
			}
		}

		if (start != channel_index) {
			scan->channels_list[start] = (u8) (IPW_B_MODE << 6) |
			    (channel_index - start);
		}
	}
}

6264
static int ipw_request_scan_helper(struct ipw_priv *priv, int type)
6265 6266 6267 6268 6269 6270 6271 6272
{
	struct ipw_scan_request_ext scan;
	int err = 0, scan_type;

	if (!(priv->status & STATUS_INIT) ||
	    (priv->status & STATUS_EXIT_PENDING))
		return 0;

6273
	mutex_lock(&priv->mutex);
6274

6275
	if (priv->status & STATUS_SCANNING) {
6276
		IPW_DEBUG_HC("Concurrent scan requested.  Ignoring.\n");
6277
		priv->status |= STATUS_SCAN_PENDING;
6278
		goto done;
6279
	}
6280

6281 6282
	if (!(priv->status & STATUS_SCAN_FORCED) &&
	    priv->status & STATUS_SCAN_ABORTING) {
6283 6284
		IPW_DEBUG_HC("Scan request while abort pending.  Queuing.\n");
		priv->status |= STATUS_SCAN_PENDING;
6285
		goto done;
6286 6287
	}

6288 6289 6290
	if (priv->status & STATUS_RF_KILL_MASK) {
		IPW_DEBUG_HC("Aborting scan due to RF Kill activation\n");
		priv->status |= STATUS_SCAN_PENDING;
6291
		goto done;
6292
	}
6293

6294
	memset(&scan, 0, sizeof(scan));
6295
	scan.full_scan_index = cpu_to_le32(ieee80211_get_scans(priv->ieee));
6296

6297 6298 6299 6300 6301 6302 6303 6304 6305 6306 6307
	if (type == IW_SCAN_TYPE_PASSIVE) {
	  	IPW_DEBUG_WX("use passive scanning\n");
	  	scan_type = IPW_SCAN_PASSIVE_FULL_DWELL_SCAN;
		scan.dwell_time[IPW_SCAN_PASSIVE_FULL_DWELL_SCAN] =
			cpu_to_le16(120);
		ipw_add_scan_channels(priv, &scan, scan_type);
		goto send_request;
	}

	/* Use active scan by default. */
  	if (priv->config & CFG_SPEED_SCAN)
6308
		scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_SCAN] =
6309
			cpu_to_le16(30);
6310 6311
	else
		scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_SCAN] =
6312
			cpu_to_le16(20);
6313

6314
	scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_AND_DIRECT_SCAN] =
6315
		cpu_to_le16(20);
6316

6317
  	scan.dwell_time[IPW_SCAN_PASSIVE_FULL_DWELL_SCAN] = cpu_to_le16(120);
6318

6319
#ifdef CONFIG_IPW2200_MONITOR
6320
	if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
6321
		u8 channel;
6322
		u8 band = 0;
6323

6324
		switch (ieee80211_is_valid_channel(priv->ieee, priv->channel)) {
6325
		case IEEE80211_52GHZ_BAND:
6326
			band = (u8) (IPW_A_MODE << 6) | 1;
6327 6328
			channel = priv->channel;
			break;
6329

6330
		case IEEE80211_24GHZ_BAND:
6331
			band = (u8) (IPW_B_MODE << 6) | 1;
6332 6333
			channel = priv->channel;
			break;
6334

6335
		default:
6336 6337
			band = (u8) (IPW_B_MODE << 6) | 1;
			channel = 9;
6338
			break;
6339 6340
		}

6341 6342 6343
		scan.channels_list[0] = band;
		scan.channels_list[1] = channel;
		ipw_set_scan_type(&scan, 1, IPW_SCAN_PASSIVE_FULL_DWELL_SCAN);
6344

6345 6346 6347 6348 6349 6350 6351 6352
		/* NOTE:  The card will sit on this channel for this time
		 * period.  Scan aborts are timing sensitive and frequently
		 * result in firmware restarts.  As such, it is best to
		 * set a small dwell_time here and just keep re-issuing
		 * scans.  Otherwise fast channel hopping will not actually
		 * hop channels.
		 *
		 * TODO: Move SPEED SCAN support to all modes and bands */
6353
		scan.dwell_time[IPW_SCAN_PASSIVE_FULL_DWELL_SCAN] =
6354
			cpu_to_le16(2000);
6355
	} else {
6356 6357 6358 6359 6360 6361 6362 6363
#endif				/* CONFIG_IPW2200_MONITOR */
		/* If we are roaming, then make this a directed scan for the
		 * current network.  Otherwise, ensure that every other scan
		 * is a fast channel hop scan */
		if ((priv->status & STATUS_ROAMING)
		    || (!(priv->status & STATUS_ASSOCIATED)
			&& (priv->config & CFG_STATIC_ESSID)
			&& (le32_to_cpu(scan.full_scan_index) % 2))) {
6364 6365
			err = ipw_send_ssid(priv, priv->essid, priv->essid_len);
			if (err) {
6366 6367 6368
				IPW_DEBUG_HC("Attempt to send SSID command "
					     "failed.\n");
				goto done;
6369
			}
6370

6371
			scan_type = IPW_SCAN_ACTIVE_BROADCAST_AND_DIRECT_SCAN;
6372
		} else
6373 6374
			scan_type = IPW_SCAN_ACTIVE_BROADCAST_SCAN;

6375
		ipw_add_scan_channels(priv, &scan, scan_type);
6376
#ifdef CONFIG_IPW2200_MONITOR
6377
	}
6378
#endif
6379

6380
send_request:
6381
	err = ipw_send_scan_request_ext(priv, &scan);
6382
	if (err) {
6383
		IPW_DEBUG_HC("Sending scan command failed: %08X\n", err);
6384
		goto done;
6385 6386
	}

6387 6388
	priv->status |= STATUS_SCANNING;
	priv->status &= ~STATUS_SCAN_PENDING;
6389 6390
	queue_delayed_work(priv->workqueue, &priv->scan_check,
			   IPW_SCAN_CHECK_WATCHDOG);
6391
done:
6392
	mutex_unlock(&priv->mutex);
6393
	return err;
6394 6395
}

6396 6397 6398 6399 6400
static void ipw_request_passive_scan(struct work_struct *work)
{
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, request_passive_scan);
  	ipw_request_scan_helper(priv, IW_SCAN_TYPE_PASSIVE);
6401 6402
}

6403 6404 6405 6406 6407
static void ipw_request_scan(struct work_struct *work)
{
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, request_scan.work);
	ipw_request_scan_helper(priv, IW_SCAN_TYPE_ACTIVE);
6408 6409
}

6410
static void ipw_bg_abort_scan(struct work_struct *work)
6411
{
6412 6413
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, abort_scan);
6414
	mutex_lock(&priv->mutex);
6415
	ipw_abort_scan(priv);
6416
	mutex_unlock(&priv->mutex);
6417 6418
}

6419 6420
static int ipw_wpa_enable(struct ipw_priv *priv, int value)
{
6421 6422
	/* This is called when wpa_supplicant loads and closes the driver
	 * interface. */
6423
	priv->ieee->wpa_enabled = value;
6424
	return 0;
6425 6426 6427 6428 6429 6430 6431 6432 6433 6434
}

static int ipw_wpa_set_auth_algs(struct ipw_priv *priv, int value)
{
	struct ieee80211_device *ieee = priv->ieee;
	struct ieee80211_security sec = {
		.flags = SEC_AUTH_MODE,
	};
	int ret = 0;

6435
	if (value & IW_AUTH_ALG_SHARED_KEY) {
6436 6437
		sec.auth_mode = WLAN_AUTH_SHARED_KEY;
		ieee->open_wep = 0;
6438
	} else if (value & IW_AUTH_ALG_OPEN_SYSTEM) {
6439 6440
		sec.auth_mode = WLAN_AUTH_OPEN;
		ieee->open_wep = 1;
6441 6442 6443
	} else if (value & IW_AUTH_ALG_LEAP) {
		sec.auth_mode = WLAN_AUTH_LEAP;
		ieee->open_wep = 1;
6444 6445
	} else
		return -EINVAL;
6446 6447 6448 6449 6450 6451 6452 6453 6454

	if (ieee->set_security)
		ieee->set_security(ieee->dev, &sec);
	else
		ret = -EOPNOTSUPP;

	return ret;
}

6455 6456
static void ipw_wpa_assoc_frame(struct ipw_priv *priv, char *wpa_ie,
				int wpa_ie_len)
6457 6458 6459 6460 6461 6462 6463 6464 6465 6466
{
	/* make sure WPA is enabled */
	ipw_wpa_enable(priv, 1);
}

static int ipw_set_rsn_capa(struct ipw_priv *priv,
			    char *capabilities, int length)
{
	IPW_DEBUG_HC("HOST_CMD_RSN_CAPABILITIES\n");

Zhu Yi's avatar
Zhu Yi committed
6467
	return ipw_send_cmd_pdu(priv, IPW_CMD_RSN_CAPABILITIES, length,
6468
				capabilities);
6469 6470
}

6471
/*
6472 6473 6474 6475 6476 6477 6478
 * WE-18 support
 */

/* SIOCSIWGENIE */
static int ipw_wx_set_genie(struct net_device *dev,
			    struct iw_request_info *info,
			    union iwreq_data *wrqu, char *extra)
6479
{
6480 6481 6482 6483
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct ieee80211_device *ieee = priv->ieee;
	u8 *buf;
	int err = 0;
6484

6485 6486 6487
	if (wrqu->data.length > MAX_WPA_IE_LEN ||
	    (wrqu->data.length && extra == NULL))
		return -EINVAL;
6488

6489 6490 6491 6492 6493 6494 6495 6496 6497 6498 6499
	if (wrqu->data.length) {
		buf = kmalloc(wrqu->data.length, GFP_KERNEL);
		if (buf == NULL) {
			err = -ENOMEM;
			goto out;
		}

		memcpy(buf, extra, wrqu->data.length);
		kfree(ieee->wpa_ie);
		ieee->wpa_ie = buf;
		ieee->wpa_ie_len = wrqu->data.length;
6500
	} else {
6501 6502 6503
		kfree(ieee->wpa_ie);
		ieee->wpa_ie = NULL;
		ieee->wpa_ie_len = 0;
6504
	}
6505 6506 6507 6508 6509 6510 6511 6512 6513 6514 6515 6516 6517 6518 6519 6520 6521 6522 6523 6524 6525 6526 6527 6528 6529 6530 6531 6532 6533 6534 6535 6536

	ipw_wpa_assoc_frame(priv, ieee->wpa_ie, ieee->wpa_ie_len);
      out:
	return err;
}

/* SIOCGIWGENIE */
static int ipw_wx_get_genie(struct net_device *dev,
			    struct iw_request_info *info,
			    union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct ieee80211_device *ieee = priv->ieee;
	int err = 0;

	if (ieee->wpa_ie_len == 0 || ieee->wpa_ie == NULL) {
		wrqu->data.length = 0;
		goto out;
	}

	if (wrqu->data.length < ieee->wpa_ie_len) {
		err = -E2BIG;
		goto out;
	}

	wrqu->data.length = ieee->wpa_ie_len;
	memcpy(extra, ieee->wpa_ie, ieee->wpa_ie_len);

      out:
	return err;
}

6537 6538 6539 6540 6541 6542 6543 6544 6545 6546 6547 6548 6549 6550 6551 6552 6553
static int wext_cipher2level(int cipher)
{
	switch (cipher) {
	case IW_AUTH_CIPHER_NONE:
		return SEC_LEVEL_0;
	case IW_AUTH_CIPHER_WEP40:
	case IW_AUTH_CIPHER_WEP104:
		return SEC_LEVEL_1;
	case IW_AUTH_CIPHER_TKIP:
		return SEC_LEVEL_2;
	case IW_AUTH_CIPHER_CCMP:
		return SEC_LEVEL_3;
	default:
		return -1;
	}
}

6554 6555 6556 6557 6558 6559 6560 6561 6562 6563 6564 6565 6566 6567
/* SIOCSIWAUTH */
static int ipw_wx_set_auth(struct net_device *dev,
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct ieee80211_device *ieee = priv->ieee;
	struct iw_param *param = &wrqu->param;
	struct ieee80211_crypt_data *crypt;
	unsigned long flags;
	int ret = 0;

	switch (param->flags & IW_AUTH_INDEX) {
	case IW_AUTH_WPA_VERSION:
6568
		break;
6569
	case IW_AUTH_CIPHER_PAIRWISE:
6570 6571 6572
		ipw_set_hw_decrypt_unicast(priv,
					   wext_cipher2level(param->value));
		break;
6573
	case IW_AUTH_CIPHER_GROUP:
6574 6575 6576
		ipw_set_hw_decrypt_multicast(priv,
					     wext_cipher2level(param->value));
		break;
6577 6578 6579 6580 6581 6582 6583 6584
	case IW_AUTH_KEY_MGMT:
		/*
		 * ipw2200 does not use these parameters
		 */
		break;

	case IW_AUTH_TKIP_COUNTERMEASURES:
		crypt = priv->ieee->crypt[priv->ieee->tx_keyidx];
6585
		if (!crypt || !crypt->ops->set_flags || !crypt->ops->get_flags)
6586 6587 6588 6589 6590 6591 6592 6593 6594 6595 6596 6597 6598 6599 6600 6601 6602 6603 6604 6605 6606 6607 6608 6609 6610 6611 6612 6613 6614 6615 6616 6617 6618 6619 6620 6621 6622 6623 6624 6625 6626 6627 6628 6629 6630 6631 6632 6633 6634 6635 6636
			break;

		flags = crypt->ops->get_flags(crypt->priv);

		if (param->value)
			flags |= IEEE80211_CRYPTO_TKIP_COUNTERMEASURES;
		else
			flags &= ~IEEE80211_CRYPTO_TKIP_COUNTERMEASURES;

		crypt->ops->set_flags(flags, crypt->priv);

		break;

	case IW_AUTH_DROP_UNENCRYPTED:{
			/* HACK:
			 *
			 * wpa_supplicant calls set_wpa_enabled when the driver
			 * is loaded and unloaded, regardless of if WPA is being
			 * used.  No other calls are made which can be used to
			 * determine if encryption will be used or not prior to
			 * association being expected.  If encryption is not being
			 * used, drop_unencrypted is set to false, else true -- we
			 * can use this to determine if the CAP_PRIVACY_ON bit should
			 * be set.
			 */
			struct ieee80211_security sec = {
				.flags = SEC_ENABLED,
				.enabled = param->value,
			};
			priv->ieee->drop_unencrypted = param->value;
			/* We only change SEC_LEVEL for open mode. Others
			 * are set by ipw_wpa_set_encryption.
			 */
			if (!param->value) {
				sec.flags |= SEC_LEVEL;
				sec.level = SEC_LEVEL_0;
			} else {
				sec.flags |= SEC_LEVEL;
				sec.level = SEC_LEVEL_1;
			}
			if (priv->ieee->set_security)
				priv->ieee->set_security(priv->ieee->dev, &sec);
			break;
		}

	case IW_AUTH_80211_AUTH_ALG:
		ret = ipw_wpa_set_auth_algs(priv, param->value);
		break;

	case IW_AUTH_WPA_ENABLED:
		ret = ipw_wpa_enable(priv, param->value);
6637
		ipw_disassociate(priv);
6638 6639 6640 6641 6642 6643 6644 6645 6646 6647 6648 6649 6650 6651 6652 6653 6654 6655 6656 6657 6658 6659 6660 6661 6662 6663 6664 6665 6666 6667 6668 6669 6670 6671 6672 6673 6674 6675 6676 6677
		break;

	case IW_AUTH_RX_UNENCRYPTED_EAPOL:
		ieee->ieee802_1x = param->value;
		break;

	case IW_AUTH_PRIVACY_INVOKED:
		ieee->privacy_invoked = param->value;
		break;

	default:
		return -EOPNOTSUPP;
	}
	return ret;
}

/* SIOCGIWAUTH */
static int ipw_wx_get_auth(struct net_device *dev,
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct ieee80211_device *ieee = priv->ieee;
	struct ieee80211_crypt_data *crypt;
	struct iw_param *param = &wrqu->param;
	int ret = 0;

	switch (param->flags & IW_AUTH_INDEX) {
	case IW_AUTH_WPA_VERSION:
	case IW_AUTH_CIPHER_PAIRWISE:
	case IW_AUTH_CIPHER_GROUP:
	case IW_AUTH_KEY_MGMT:
		/*
		 * wpa_supplicant will control these internally
		 */
		ret = -EOPNOTSUPP;
		break;

	case IW_AUTH_TKIP_COUNTERMEASURES:
		crypt = priv->ieee->crypt[priv->ieee->tx_keyidx];
6678
		if (!crypt || !crypt->ops->get_flags)
6679 6680 6681 6682 6683 6684 6685 6686 6687 6688 6689 6690 6691 6692 6693 6694 6695 6696 6697 6698 6699 6700 6701 6702 6703 6704 6705 6706 6707 6708 6709 6710 6711 6712 6713 6714 6715 6716 6717 6718 6719 6720 6721 6722
			break;

		param->value = (crypt->ops->get_flags(crypt->priv) &
				IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) ? 1 : 0;

		break;

	case IW_AUTH_DROP_UNENCRYPTED:
		param->value = ieee->drop_unencrypted;
		break;

	case IW_AUTH_80211_AUTH_ALG:
		param->value = ieee->sec.auth_mode;
		break;

	case IW_AUTH_WPA_ENABLED:
		param->value = ieee->wpa_enabled;
		break;

	case IW_AUTH_RX_UNENCRYPTED_EAPOL:
		param->value = ieee->ieee802_1x;
		break;

	case IW_AUTH_ROAMING_CONTROL:
	case IW_AUTH_PRIVACY_INVOKED:
		param->value = ieee->privacy_invoked;
		break;

	default:
		return -EOPNOTSUPP;
	}
	return 0;
}

/* SIOCSIWENCODEEXT */
static int ipw_wx_set_encodeext(struct net_device *dev,
				struct iw_request_info *info,
				union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;

	if (hwcrypto) {
		if (ext->alg == IW_ENCODE_ALG_TKIP) {
Hong Liu's avatar
Hong Liu committed
6723 6724 6725 6726 6727 6728 6729 6730 6731
			/* IPW HW can't build TKIP MIC,
			   host decryption still needed */
			if (ext->ext_flags & IW_ENCODE_EXT_GROUP_KEY)
				priv->ieee->host_mc_decrypt = 1;
			else {
				priv->ieee->host_encrypt = 0;
				priv->ieee->host_encrypt_msdu = 1;
				priv->ieee->host_decrypt = 1;
			}
6732 6733 6734 6735
		} else {
			priv->ieee->host_encrypt = 0;
			priv->ieee->host_encrypt_msdu = 0;
			priv->ieee->host_decrypt = 0;
Hong Liu's avatar
Hong Liu committed
6736
			priv->ieee->host_mc_decrypt = 0;
6737 6738 6739 6740 6741 6742 6743 6744 6745 6746 6747 6748 6749 6750 6751 6752 6753 6754 6755 6756 6757 6758 6759 6760 6761 6762 6763 6764
		}
	}

	return ieee80211_wx_set_encodeext(priv->ieee, info, wrqu, extra);
}

/* SIOCGIWENCODEEXT */
static int ipw_wx_get_encodeext(struct net_device *dev,
				struct iw_request_info *info,
				union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	return ieee80211_wx_get_encodeext(priv->ieee, info, wrqu, extra);
}

/* SIOCSIWMLME */
static int ipw_wx_set_mlme(struct net_device *dev,
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct iw_mlme *mlme = (struct iw_mlme *)extra;
	u16 reason;

	reason = cpu_to_le16(mlme->reason_code);

	switch (mlme->cmd) {
	case IW_MLME_DEAUTH:
6765
		/* silently ignore */
6766 6767 6768 6769 6770 6771 6772 6773 6774 6775 6776 6777
		break;

	case IW_MLME_DISASSOC:
		ipw_disassociate(priv);
		break;

	default:
		return -EOPNOTSUPP;
	}
	return 0;
}

6778
#ifdef CONFIG_IPW2200_QOS
6779 6780 6781 6782 6783 6784

/* QoS */
/*
* get the modulation type of the current network or
* the card current mode
*/
6785
static u8 ipw_qos_current_mode(struct ipw_priv * priv)
6786 6787 6788 6789 6790 6791 6792 6793 6794 6795 6796 6797 6798 6799
{
	u8 mode = 0;

	if (priv->status & STATUS_ASSOCIATED) {
		unsigned long flags;

		spin_lock_irqsave(&priv->ieee->lock, flags);
		mode = priv->assoc_network->mode;
		spin_unlock_irqrestore(&priv->ieee->lock, flags);
	} else {
		mode = priv->ieee->mode;
	}
	IPW_DEBUG_QOS("QoS network/card mode %d \n", mode);
	return mode;
6800
}
6801

6802 6803 6804
/*
* Handle management frame beacon and probe response
*/
6805 6806 6807
static int ipw_qos_handle_probe_response(struct ipw_priv *priv,
					 int active_network,
					 struct ieee80211_network *network)
6808 6809 6810
{
	u32 size = sizeof(struct ieee80211_qos_parameters);

6811
	if (network->capability & WLAN_CAPABILITY_IBSS)
6812 6813 6814
		network->qos_data.active = network->qos_data.supported;

	if (network->flags & NETWORK_HAS_QOS_MASK) {
6815 6816
		if (active_network &&
		    (network->flags & NETWORK_HAS_QOS_PARAMETERS))
6817 6818 6819 6820 6821 6822 6823 6824 6825
			network->qos_data.active = network->qos_data.supported;

		if ((network->qos_data.active == 1) && (active_network == 1) &&
		    (network->flags & NETWORK_HAS_QOS_PARAMETERS) &&
		    (network->qos_data.old_param_count !=
		     network->qos_data.param_count)) {
			network->qos_data.old_param_count =
			    network->qos_data.param_count;
			schedule_work(&priv->qos_activate);
6826 6827
			IPW_DEBUG_QOS("QoS parameters change call "
				      "qos_activate\n");
6828
		}
6829
	} else {
6830 6831
		if ((priv->ieee->mode == IEEE_B) || (network->mode == IEEE_B))
			memcpy(&network->qos_data.parameters,
6832
			       &def_parameters_CCK, size);
6833 6834
		else
			memcpy(&network->qos_data.parameters,
6835
			       &def_parameters_OFDM, size);
6836

6837 6838 6839 6840 6841 6842 6843
		if ((network->qos_data.active == 1) && (active_network == 1)) {
			IPW_DEBUG_QOS("QoS was disabled call qos_activate \n");
			schedule_work(&priv->qos_activate);
		}

		network->qos_data.active = 0;
		network->qos_data.supported = 0;
6844
	}
6845 6846 6847 6848 6849
	if ((priv->status & STATUS_ASSOCIATED) &&
	    (priv->ieee->iw_mode == IW_MODE_ADHOC) && (active_network == 0)) {
		if (memcmp(network->bssid, priv->bssid, ETH_ALEN))
			if ((network->capability & WLAN_CAPABILITY_IBSS) &&
			    !(network->flags & NETWORK_EMPTY_ESSID))
6850
				if ((network->ssid_len ==
6851 6852 6853 6854
				     priv->assoc_network->ssid_len) &&
				    !memcmp(network->ssid,
					    priv->assoc_network->ssid,
					    network->ssid_len)) {
6855 6856 6857 6858
					queue_work(priv->workqueue,
						   &priv->merge_networks);
				}
	}
6859

6860 6861 6862 6863 6864 6865 6866 6867 6868 6869 6870 6871 6872 6873 6874 6875 6876 6877 6878 6879 6880 6881 6882 6883 6884 6885 6886 6887 6888 6889 6890 6891
	return 0;
}

/*
* This function set up the firmware to support QoS. It sends
* IPW_CMD_QOS_PARAMETERS and IPW_CMD_WME_INFO
*/
static int ipw_qos_activate(struct ipw_priv *priv,
			    struct ieee80211_qos_data *qos_network_data)
{
	int err;
	struct ieee80211_qos_parameters qos_parameters[QOS_QOS_SETS];
	struct ieee80211_qos_parameters *active_one = NULL;
	u32 size = sizeof(struct ieee80211_qos_parameters);
	u32 burst_duration;
	int i;
	u8 type;

	type = ipw_qos_current_mode(priv);

	active_one = &(qos_parameters[QOS_PARAM_SET_DEF_CCK]);
	memcpy(active_one, priv->qos_data.def_qos_parm_CCK, size);
	active_one = &(qos_parameters[QOS_PARAM_SET_DEF_OFDM]);
	memcpy(active_one, priv->qos_data.def_qos_parm_OFDM, size);

	if (qos_network_data == NULL) {
		if (type == IEEE_B) {
			IPW_DEBUG_QOS("QoS activate network mode %d\n", type);
			active_one = &def_parameters_CCK;
		} else
			active_one = &def_parameters_OFDM;

6892
		memcpy(&qos_parameters[QOS_PARAM_SET_ACTIVE], active_one, size);
6893 6894
		burst_duration = ipw_qos_get_burst_duration(priv);
		for (i = 0; i < QOS_QUEUE_NUM; i++)
6895
			qos_parameters[QOS_PARAM_SET_ACTIVE].tx_op_limit[i] =
6896
			    (u16)burst_duration;
6897
	} else if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
6898 6899 6900 6901 6902 6903 6904 6905 6906 6907 6908 6909 6910
		if (type == IEEE_B) {
			IPW_DEBUG_QOS("QoS activate IBSS nework mode %d\n",
				      type);
			if (priv->qos_data.qos_enable == 0)
				active_one = &def_parameters_CCK;
			else
				active_one = priv->qos_data.def_qos_parm_CCK;
		} else {
			if (priv->qos_data.qos_enable == 0)
				active_one = &def_parameters_OFDM;
			else
				active_one = priv->qos_data.def_qos_parm_OFDM;
		}
6911
		memcpy(&qos_parameters[QOS_PARAM_SET_ACTIVE], active_one, size);
6912 6913 6914 6915 6916 6917 6918 6919
	} else {
		unsigned long flags;
		int active;

		spin_lock_irqsave(&priv->ieee->lock, flags);
		active_one = &(qos_network_data->parameters);
		qos_network_data->old_param_count =
		    qos_network_data->param_count;
6920
		memcpy(&qos_parameters[QOS_PARAM_SET_ACTIVE], active_one, size);
6921 6922 6923 6924 6925 6926 6927
		active = qos_network_data->supported;
		spin_unlock_irqrestore(&priv->ieee->lock, flags);

		if (active == 0) {
			burst_duration = ipw_qos_get_burst_duration(priv);
			for (i = 0; i < QOS_QUEUE_NUM; i++)
				qos_parameters[QOS_PARAM_SET_ACTIVE].
6928
				    tx_op_limit[i] = (u16)burst_duration;
6929 6930 6931 6932
		}
	}

	IPW_DEBUG_QOS("QoS sending IPW_CMD_QOS_PARAMETERS\n");
6933 6934 6935 6936 6937 6938 6939 6940 6941
	for (i = 0; i < 3; i++) {
		int j;
		for (j = 0; j < QOS_QUEUE_NUM; j++) {
			qos_parameters[i].cw_min[j] = cpu_to_le16(qos_parameters[i].cw_min[j]);
			qos_parameters[i].cw_max[j] = cpu_to_le16(qos_parameters[i].cw_max[j]);
			qos_parameters[i].tx_op_limit[j] = cpu_to_le16(qos_parameters[i].tx_op_limit[j]);
		}
	}

6942 6943 6944
	err = ipw_send_qos_params_command(priv,
					  (struct ieee80211_qos_parameters *)
					  &(qos_parameters[0]));
6945 6946 6947 6948 6949 6950 6951 6952 6953 6954 6955 6956 6957 6958 6959 6960 6961 6962 6963 6964 6965 6966 6967 6968 6969 6970 6971 6972 6973 6974 6975 6976 6977 6978 6979 6980 6981 6982 6983 6984 6985 6986 6987 6988 6989 6990 6991 6992 6993
	if (err)
		IPW_DEBUG_QOS("QoS IPW_CMD_QOS_PARAMETERS failed\n");

	return err;
}

/*
* send IPW_CMD_WME_INFO to the firmware
*/
static int ipw_qos_set_info_element(struct ipw_priv *priv)
{
	int ret = 0;
	struct ieee80211_qos_information_element qos_info;

	if (priv == NULL)
		return -1;

	qos_info.elementID = QOS_ELEMENT_ID;
	qos_info.length = sizeof(struct ieee80211_qos_information_element) - 2;

	qos_info.version = QOS_VERSION_1;
	qos_info.ac_info = 0;

	memcpy(qos_info.qui, qos_oui, QOS_OUI_LEN);
	qos_info.qui_type = QOS_OUI_TYPE;
	qos_info.qui_subtype = QOS_OUI_INFO_SUB_TYPE;

	ret = ipw_send_qos_info_command(priv, &qos_info);
	if (ret != 0) {
		IPW_DEBUG_QOS("QoS error calling ipw_send_qos_info_command\n");
	}
	return ret;
}

/*
* Set the QoS parameter with the association request structure
*/
static int ipw_qos_association(struct ipw_priv *priv,
			       struct ieee80211_network *network)
{
	int err = 0;
	struct ieee80211_qos_data *qos_data = NULL;
	struct ieee80211_qos_data ibss_data = {
		.supported = 1,
		.active = 1,
	};

	switch (priv->ieee->iw_mode) {
	case IW_MODE_ADHOC:
6994
		BUG_ON(!(network->capability & WLAN_CAPABILITY_IBSS));
6995 6996 6997 6998 6999 7000 7001 7002 7003 7004 7005 7006 7007 7008 7009 7010 7011 7012 7013 7014 7015 7016 7017 7018 7019 7020 7021 7022 7023

		qos_data = &ibss_data;
		break;

	case IW_MODE_INFRA:
		qos_data = &network->qos_data;
		break;

	default:
		BUG();
		break;
	}

	err = ipw_qos_activate(priv, qos_data);
	if (err) {
		priv->assoc_request.policy_support &= ~HC_QOS_SUPPORT_ASSOC;
		return err;
	}

	if (priv->qos_data.qos_enable && qos_data->supported) {
		IPW_DEBUG_QOS("QoS will be enabled for this association\n");
		priv->assoc_request.policy_support |= HC_QOS_SUPPORT_ASSOC;
		return ipw_qos_set_info_element(priv);
	}

	return 0;
}

/*
Matt LaPlante's avatar
Matt LaPlante committed
7024 7025
* handling the beaconing responses. if we get different QoS setting
* off the network from the associated setting, adjust the QoS
7026 7027 7028 7029 7030 7031 7032 7033 7034 7035
* setting
*/
static int ipw_qos_association_resp(struct ipw_priv *priv,
				    struct ieee80211_network *network)
{
	int ret = 0;
	unsigned long flags;
	u32 size = sizeof(struct ieee80211_qos_parameters);
	int set_qos_param = 0;

7036 7037
	if ((priv == NULL) || (network == NULL) ||
	    (priv->assoc_network == NULL))
7038 7039 7040 7041 7042
		return ret;

	if (!(priv->status & STATUS_ASSOCIATED))
		return ret;

7043
	if ((priv->ieee->iw_mode != IW_MODE_INFRA))
7044 7045 7046 7047
		return ret;

	spin_lock_irqsave(&priv->ieee->lock, flags);
	if (network->flags & NETWORK_HAS_QOS_PARAMETERS) {
7048
		memcpy(&priv->assoc_network->qos_data, &network->qos_data,
7049 7050 7051 7052 7053 7054 7055 7056 7057 7058
		       sizeof(struct ieee80211_qos_data));
		priv->assoc_network->qos_data.active = 1;
		if ((network->qos_data.old_param_count !=
		     network->qos_data.param_count)) {
			set_qos_param = 1;
			network->qos_data.old_param_count =
			    network->qos_data.param_count;
		}

	} else {
7059 7060
		if ((network->mode == IEEE_B) || (priv->ieee->mode == IEEE_B))
			memcpy(&priv->assoc_network->qos_data.parameters,
7061
			       &def_parameters_CCK, size);
7062 7063
		else
			memcpy(&priv->assoc_network->qos_data.parameters,
7064 7065 7066 7067 7068 7069 7070 7071 7072 7073 7074 7075 7076 7077 7078 7079 7080 7081 7082 7083 7084
			       &def_parameters_OFDM, size);
		priv->assoc_network->qos_data.active = 0;
		priv->assoc_network->qos_data.supported = 0;
		set_qos_param = 1;
	}

	spin_unlock_irqrestore(&priv->ieee->lock, flags);

	if (set_qos_param == 1)
		schedule_work(&priv->qos_activate);

	return ret;
}

static u32 ipw_qos_get_burst_duration(struct ipw_priv *priv)
{
	u32 ret = 0;

	if ((priv == NULL))
		return 0;

7085
	if (!(priv->ieee->modulation & IEEE80211_OFDM_MODULATION))
7086
		ret = priv->qos_data.burst_duration_CCK;
7087
	else
7088
		ret = priv->qos_data.burst_duration_OFDM;
7089

7090 7091 7092 7093 7094 7095 7096 7097 7098 7099 7100 7101 7102 7103 7104 7105 7106 7107 7108 7109 7110 7111 7112 7113 7114 7115 7116 7117 7118 7119 7120 7121 7122 7123 7124 7125 7126 7127 7128 7129 7130 7131 7132 7133
	return ret;
}

/*
* Initialize the setting of QoS global
*/
static void ipw_qos_init(struct ipw_priv *priv, int enable,
			 int burst_enable, u32 burst_duration_CCK,
			 u32 burst_duration_OFDM)
{
	priv->qos_data.qos_enable = enable;

	if (priv->qos_data.qos_enable) {
		priv->qos_data.def_qos_parm_CCK = &def_qos_parameters_CCK;
		priv->qos_data.def_qos_parm_OFDM = &def_qos_parameters_OFDM;
		IPW_DEBUG_QOS("QoS is enabled\n");
	} else {
		priv->qos_data.def_qos_parm_CCK = &def_parameters_CCK;
		priv->qos_data.def_qos_parm_OFDM = &def_parameters_OFDM;
		IPW_DEBUG_QOS("QoS is not enabled\n");
	}

	priv->qos_data.burst_enable = burst_enable;

	if (burst_enable) {
		priv->qos_data.burst_duration_CCK = burst_duration_CCK;
		priv->qos_data.burst_duration_OFDM = burst_duration_OFDM;
	} else {
		priv->qos_data.burst_duration_CCK = 0;
		priv->qos_data.burst_duration_OFDM = 0;
	}
}

/*
* map the packet priority to the right TX Queue
*/
static int ipw_get_tx_queue_number(struct ipw_priv *priv, u16 priority)
{
	if (priority > 7 || !priv->qos_data.qos_enable)
		priority = 0;

	return from_priority_to_tx_queue[priority] - 1;
}

7134 7135
static int ipw_is_qos_active(struct net_device *dev,
			     struct sk_buff *skb)
7136
{
7137
	struct ipw_priv *priv = ieee80211_priv(dev);
7138 7139
	struct ieee80211_qos_data *qos_data = NULL;
	int active, supported;
7140 7141
	u8 *daddr = skb->data + ETH_ALEN;
	int unicast = !is_multicast_ether_addr(daddr);
7142 7143 7144 7145 7146 7147 7148 7149 7150 7151 7152 7153 7154 7155

	if (!(priv->status & STATUS_ASSOCIATED))
		return 0;

	qos_data = &priv->assoc_network->qos_data;

	if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
		if (unicast == 0)
			qos_data->active = 0;
		else
			qos_data->active = qos_data->supported;
	}
	active = qos_data->active;
	supported = qos_data->supported;
7156 7157 7158
	IPW_DEBUG_QOS("QoS  %d network is QoS active %d  supported %d  "
		      "unicast %d\n",
		      priv->qos_data.qos_enable, active, supported, unicast);
7159 7160
	if (active && priv->qos_data.qos_enable)
		return 1;
7161

7162 7163 7164 7165 7166 7167 7168 7169 7170 7171 7172 7173 7174 7175 7176 7177 7178 7179
	return 0;

}
/*
* add QoS parameter to the TX command
*/
static int ipw_qos_set_tx_queue_command(struct ipw_priv *priv,
					u16 priority,
					struct tfd_data *tfd)
{
	int tx_queue_id = 0;


	tx_queue_id = from_priority_to_tx_queue[priority] - 1;
	tfd->tx_flags_ext |= DCT_FLAG_EXT_QOS_ENABLED;

	if (priv->qos_data.qos_no_ack_mask & (1UL << tx_queue_id)) {
		tfd->tx_flags &= ~DCT_FLAG_ACK_REQD;
7180
		tfd->tfd.tfd_26.mchdr.qos_ctrl |= cpu_to_le16(CTRL_QOS_NO_ACK);
7181 7182
	}
	return 0;
7183 7184 7185 7186 7187
}

/*
* background support to run QoS activate functionality
*/
7188
static void ipw_bg_qos_activate(struct work_struct *work)
7189
{
7190 7191
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, qos_activate);
7192 7193 7194 7195

	if (priv == NULL)
		return;

7196
	mutex_lock(&priv->mutex);
7197 7198 7199 7200

	if (priv->status & STATUS_ASSOCIATED)
		ipw_qos_activate(priv, &(priv->assoc_network->qos_data));

7201
	mutex_unlock(&priv->mutex);
7202 7203
}

7204 7205 7206
static int ipw_handle_probe_response(struct net_device *dev,
				     struct ieee80211_probe_response *resp,
				     struct ieee80211_network *network)
7207 7208
{
	struct ipw_priv *priv = ieee80211_priv(dev);
7209 7210
	int active_network = ((priv->status & STATUS_ASSOCIATED) &&
			      (network == priv->assoc_network));
7211

7212
	ipw_qos_handle_probe_response(priv, active_network, network);
7213

7214 7215
	return 0;
}
7216

7217 7218 7219 7220 7221 7222 7223
static int ipw_handle_beacon(struct net_device *dev,
			     struct ieee80211_beacon *resp,
			     struct ieee80211_network *network)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	int active_network = ((priv->status & STATUS_ASSOCIATED) &&
			      (network == priv->assoc_network));
7224

7225
	ipw_qos_handle_probe_response(priv, active_network, network);
7226

7227 7228
	return 0;
}
7229

7230 7231 7232 7233 7234 7235 7236 7237
static int ipw_handle_assoc_response(struct net_device *dev,
				     struct ieee80211_assoc_response *resp,
				     struct ieee80211_network *network)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	ipw_qos_association_resp(priv, network);
	return 0;
}
7238

7239 7240 7241
static int ipw_send_qos_params_command(struct ipw_priv *priv, struct ieee80211_qos_parameters
				       *qos_param)
{
7242 7243
	return ipw_send_cmd_pdu(priv, IPW_CMD_QOS_PARAMETERS,
				sizeof(*qos_param) * 3, qos_param);
7244 7245 7246 7247 7248
}

static int ipw_send_qos_info_command(struct ipw_priv *priv, struct ieee80211_qos_information_element
				     *qos_param)
{
7249 7250
	return ipw_send_cmd_pdu(priv, IPW_CMD_WME_INFO, sizeof(*qos_param),
				qos_param);
7251 7252
}

7253
#endif				/* CONFIG_IPW2200_QOS */
7254

7255 7256
static int ipw_associate_network(struct ipw_priv *priv,
				 struct ieee80211_network *network,
7257
				 struct ipw_supported_rates *rates, int roaming)
7258 7259
{
	int err;
7260
	DECLARE_MAC_BUF(mac);
7261 7262

	if (priv->config & CFG_FIXED_RATE)
7263
		ipw_set_fixed_rate(priv, network->mode);
7264 7265

	if (!(priv->config & CFG_STATIC_ESSID)) {
7266
		priv->essid_len = min(network->ssid_len,
7267
				      (u8) IW_ESSID_MAX_SIZE);
7268 7269 7270 7271 7272 7273 7274
		memcpy(priv->essid, network->ssid, priv->essid_len);
	}

	network->last_associate = jiffies;

	memset(&priv->assoc_request, 0, sizeof(priv->assoc_request));
	priv->assoc_request.channel = network->channel;
7275 7276
	priv->assoc_request.auth_key = 0;

7277
	if ((priv->capability & CAP_PRIVACY_ON) &&
7278
	    (priv->ieee->sec.auth_mode == WLAN_AUTH_SHARED_KEY)) {
7279
		priv->assoc_request.auth_type = AUTH_SHARED_KEY;
7280 7281
		priv->assoc_request.auth_key = priv->ieee->sec.active_key;

7282
		if (priv->ieee->sec.level == SEC_LEVEL_1)
7283
			ipw_send_wep_keys(priv, DCW_WEP_KEY_SEC_TYPE_WEP);
7284 7285 7286 7287 7288

	} else if ((priv->capability & CAP_PRIVACY_ON) &&
		   (priv->ieee->sec.auth_mode == WLAN_AUTH_LEAP))
		priv->assoc_request.auth_type = AUTH_LEAP;
	else
7289 7290
		priv->assoc_request.auth_type = AUTH_OPEN;

7291
	if (priv->ieee->wpa_ie_len) {
7292 7293 7294 7295
		priv->assoc_request.policy_support = 0x02;	/* RSN active */
		ipw_set_rsn_capa(priv, priv->ieee->wpa_ie,
				 priv->ieee->wpa_ie_len);
	}
7296

7297 7298 7299
	/*
	 * It is valid for our ieee device to support multiple modes, but
	 * when it comes to associating to a given network we have to choose
7300 7301 7302 7303 7304 7305 7306 7307 7308
	 * just one mode.
	 */
	if (network->mode & priv->ieee->mode & IEEE_A)
		priv->assoc_request.ieee_mode = IPW_A_MODE;
	else if (network->mode & priv->ieee->mode & IEEE_G)
		priv->assoc_request.ieee_mode = IPW_G_MODE;
	else if (network->mode & priv->ieee->mode & IEEE_B)
		priv->assoc_request.ieee_mode = IPW_B_MODE;

7309 7310 7311 7312 7313 7314 7315 7316 7317 7318 7319 7320
	priv->assoc_request.capability = network->capability;
	if ((network->capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
	    && !(priv->config & CFG_PREAMBLE_LONG)) {
		priv->assoc_request.preamble_length = DCT_FLAG_SHORT_PREAMBLE;
	} else {
		priv->assoc_request.preamble_length = DCT_FLAG_LONG_PREAMBLE;

		/* Clear the short preamble if we won't be supporting it */
		priv->assoc_request.capability &=
		    ~WLAN_CAPABILITY_SHORT_PREAMBLE;
	}

7321 7322 7323 7324 7325
	/* Clear capability bits that aren't used in Ad Hoc */
	if (priv->ieee->iw_mode == IW_MODE_ADHOC)
		priv->assoc_request.capability &=
		    ~WLAN_CAPABILITY_SHORT_SLOT_TIME;

7326
	IPW_DEBUG_ASSOC("%sssocation attempt: '%s', channel %d, "
7327
			"802.11%c [%d], %s[:%s], enc=%s%s%s%c%c\n",
7328
			roaming ? "Rea" : "A",
7329 7330 7331 7332
			escape_essid(priv->essid, priv->essid_len),
			network->channel,
			ipw_modes[priv->assoc_request.ieee_mode],
			rates->num_rates,
7333 7334 7335 7336
			(priv->assoc_request.preamble_length ==
			 DCT_FLAG_LONG_PREAMBLE) ? "long" : "short",
			network->capability &
			WLAN_CAPABILITY_SHORT_PREAMBLE ? "short" : "long",
7337
			priv->capability & CAP_PRIVACY_ON ? "on " : "off",
7338 7339
			priv->capability & CAP_PRIVACY_ON ?
			(priv->capability & CAP_SHARED_KEY ? "(shared)" :
7340 7341
			 "(open)") : "",
			priv->capability & CAP_PRIVACY_ON ? " key=" : "",
7342
			priv->capability & CAP_PRIVACY_ON ?
7343
			'1' + priv->ieee->sec.active_key : '.',
7344
			priv->capability & CAP_PRIVACY_ON ? '.' : ' ');
7345 7346 7347

	priv->assoc_request.beacon_interval = network->beacon_interval;
	if ((priv->ieee->iw_mode == IW_MODE_ADHOC) &&
7348
	    (network->time_stamp[0] == 0) && (network->time_stamp[1] == 0)) {
7349 7350 7351 7352 7353 7354 7355 7356 7357 7358 7359 7360
		priv->assoc_request.assoc_type = HC_IBSS_START;
		priv->assoc_request.assoc_tsf_msw = 0;
		priv->assoc_request.assoc_tsf_lsw = 0;
	} else {
		if (unlikely(roaming))
			priv->assoc_request.assoc_type = HC_REASSOCIATE;
		else
			priv->assoc_request.assoc_type = HC_ASSOCIATE;
		priv->assoc_request.assoc_tsf_msw = network->time_stamp[1];
		priv->assoc_request.assoc_tsf_lsw = network->time_stamp[0];
	}

7361
	memcpy(priv->assoc_request.bssid, network->bssid, ETH_ALEN);
7362 7363 7364 7365 7366

	if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
		memset(&priv->assoc_request.dest, 0xFF, ETH_ALEN);
		priv->assoc_request.atim_window = network->atim_window;
	} else {
7367
		memcpy(priv->assoc_request.dest, network->bssid, ETH_ALEN);
7368 7369 7370 7371
		priv->assoc_request.atim_window = 0;
	}

	priv->assoc_request.listen_interval = network->listen_interval;
7372

7373 7374 7375 7376 7377 7378 7379 7380 7381
	err = ipw_send_ssid(priv, priv->essid, priv->essid_len);
	if (err) {
		IPW_DEBUG_HC("Attempt to send SSID command failed.\n");
		return err;
	}

	rates->ieee_mode = priv->assoc_request.ieee_mode;
	rates->purpose = IPW_RATE_CONNECT;
	ipw_send_supported_rates(priv, rates);
7382

7383 7384 7385 7386
	if (priv->assoc_request.ieee_mode == IPW_G_MODE)
		priv->sys_config.dot11g_auto_detection = 1;
	else
		priv->sys_config.dot11g_auto_detection = 0;
7387 7388 7389 7390 7391 7392

	if (priv->ieee->iw_mode == IW_MODE_ADHOC)
		priv->sys_config.answer_broadcast_ssid_probe = 1;
	else
		priv->sys_config.answer_broadcast_ssid_probe = 0;

7393
	err = ipw_send_system_config(priv);
7394 7395 7396 7397
	if (err) {
		IPW_DEBUG_HC("Attempt to send sys config command failed.\n");
		return err;
	}
7398

7399
	IPW_DEBUG_ASSOC("Association sensitivity: %d\n", network->stats.rssi);
7400
	err = ipw_set_sensitivity(priv, network->stats.rssi + IPW_RSSI_TO_DBM);
7401 7402 7403 7404 7405 7406 7407 7408 7409 7410 7411 7412
	if (err) {
		IPW_DEBUG_HC("Attempt to send associate command failed.\n");
		return err;
	}

	/*
	 * If preemption is enabled, it is possible for the association
	 * to complete before we return from ipw_send_associate.  Therefore
	 * we have to be sure and update our priviate data first.
	 */
	priv->channel = network->channel;
	memcpy(priv->bssid, network->bssid, ETH_ALEN);
7413
	priv->status |= STATUS_ASSOCIATING;
7414 7415 7416 7417
	priv->status &= ~STATUS_SECURITY_UPDATED;

	priv->assoc_network = network;

7418
#ifdef CONFIG_IPW2200_QOS
7419 7420 7421
	ipw_qos_association(priv, network);
#endif

7422 7423 7424 7425 7426
	err = ipw_send_associate(priv, &priv->assoc_request);
	if (err) {
		IPW_DEBUG_HC("Attempt to send associate command failed.\n");
		return err;
	}
7427

7428
	IPW_DEBUG(IPW_DL_STATE, "associating: '%s' %s \n",
7429
		  escape_essid(priv->essid, priv->essid_len),
7430
		  print_mac(mac, priv->bssid));
7431 7432 7433 7434 7435 7436 7437 7438 7439 7440 7441 7442 7443

	return 0;
}

static void ipw_roam(void *data)
{
	struct ipw_priv *priv = data;
	struct ieee80211_network *network = NULL;
	struct ipw_network_match match = {
		.network = priv->assoc_network
	};

	/* The roaming process is as follows:
7444 7445
	 *
	 * 1.  Missed beacon threshold triggers the roaming process by
7446 7447 7448 7449 7450 7451 7452 7453 7454 7455
	 *     setting the status ROAM bit and requesting a scan.
	 * 2.  When the scan completes, it schedules the ROAM work
	 * 3.  The ROAM work looks at all of the known networks for one that
	 *     is a better network than the currently associated.  If none
	 *     found, the ROAM process is over (ROAM bit cleared)
	 * 4.  If a better network is found, a disassociation request is
	 *     sent.
	 * 5.  When the disassociation completes, the roam work is again
	 *     scheduled.  The second time through, the driver is no longer
	 *     associated, and the newly selected network is sent an
7456
	 *     association request.
7457 7458 7459 7460 7461 7462 7463 7464
	 * 6.  At this point ,the roaming process is complete and the ROAM
	 *     status bit is cleared.
	 */

	/* If we are no longer associated, and the roaming bit is no longer
	 * set, then we are not actively roaming, so just return */
	if (!(priv->status & (STATUS_ASSOCIATED | STATUS_ROAMING)))
		return;
7465

7466
	if (priv->status & STATUS_ASSOCIATED) {
7467
		/* First pass through ROAM process -- look for a better
7468
		 * network */
7469
		unsigned long flags;
7470 7471
		u8 rssi = priv->assoc_network->stats.rssi;
		priv->assoc_network->stats.rssi = -128;
7472
		spin_lock_irqsave(&priv->ieee->lock, flags);
7473 7474 7475 7476
		list_for_each_entry(network, &priv->ieee->network_list, list) {
			if (network != priv->assoc_network)
				ipw_best_network(priv, &match, network, 1);
		}
7477
		spin_unlock_irqrestore(&priv->ieee->lock, flags);
7478
		priv->assoc_network->stats.rssi = rssi;
7479

7480 7481 7482 7483 7484 7485 7486
		if (match.network == priv->assoc_network) {
			IPW_DEBUG_ASSOC("No better APs in this network to "
					"roam to.\n");
			priv->status &= ~STATUS_ROAMING;
			ipw_debug_config(priv);
			return;
		}
7487

7488 7489 7490 7491
		ipw_send_disassociate(priv, 1);
		priv->assoc_network = match.network;

		return;
7492
	}
7493 7494 7495 7496 7497 7498 7499

	/* Second pass through ROAM process -- request association */
	ipw_compatible_rates(priv, priv->assoc_network, &match.rates);
	ipw_associate_network(priv, priv->assoc_network, &match.rates, 1);
	priv->status &= ~STATUS_ROAMING;
}

7500
static void ipw_bg_roam(struct work_struct *work)
7501
{
7502 7503
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, roam);
7504
	mutex_lock(&priv->mutex);
7505
	ipw_roam(priv);
7506
	mutex_unlock(&priv->mutex);
7507 7508 7509
}

static int ipw_associate(void *data)
7510 7511 7512 7513 7514 7515 7516 7517 7518
{
	struct ipw_priv *priv = data;

	struct ieee80211_network *network = NULL;
	struct ipw_network_match match = {
		.network = NULL
	};
	struct ipw_supported_rates *rates;
	struct list_head *element;
7519
	unsigned long flags;
7520

7521 7522 7523 7524 7525
	if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
		IPW_DEBUG_ASSOC("Not attempting association (monitor mode)\n");
		return 0;
	}

7526
	if (priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)) {
7527 7528
		IPW_DEBUG_ASSOC("Not attempting association (already in "
				"progress)\n");
7529 7530 7531
		return 0;
	}

7532 7533 7534 7535 7536 7537 7538
	if (priv->status & STATUS_DISASSOCIATING) {
		IPW_DEBUG_ASSOC("Not attempting association (in "
				"disassociating)\n ");
		queue_work(priv->workqueue, &priv->associate);
		return 0;
	}

7539
	if (!ipw_is_init(priv) || (priv->status & STATUS_SCANNING)) {
7540 7541
		IPW_DEBUG_ASSOC("Not attempting association (scanning or not "
				"initialized)\n");
7542 7543
		return 0;
	}
7544 7545 7546

	if (!(priv->config & CFG_ASSOCIATE) &&
	    !(priv->config & (CFG_STATIC_ESSID |
7547
			      CFG_STATIC_CHANNEL | CFG_STATIC_BSSID))) {
7548
		IPW_DEBUG_ASSOC("Not attempting association (associate=0)\n");
7549
		return 0;
7550 7551
	}

7552 7553
	/* Protect our use of the network_list */
	spin_lock_irqsave(&priv->ieee->lock, flags);
7554
	list_for_each_entry(network, &priv->ieee->network_list, list)
7555
	    ipw_best_network(priv, &match, network, 0);
7556 7557 7558 7559 7560 7561 7562 7563

	network = match.network;
	rates = &match.rates;

	if (network == NULL &&
	    priv->ieee->iw_mode == IW_MODE_ADHOC &&
	    priv->config & CFG_ADHOC_CREATE &&
	    priv->config & CFG_STATIC_ESSID &&
7564
	    priv->config & CFG_STATIC_CHANNEL &&
7565 7566
	    !list_empty(&priv->ieee->network_free_list)) {
		element = priv->ieee->network_free_list.next;
7567
		network = list_entry(element, struct ieee80211_network, list);
7568 7569 7570 7571 7572
		ipw_adhoc_create(priv, network);
		rates = &priv->rates;
		list_del(element);
		list_add_tail(&network->list, &priv->ieee->network_list);
	}
7573
	spin_unlock_irqrestore(&priv->ieee->lock, flags);
7574

7575 7576 7577 7578 7579
	/* If we reached the end of the list, then we don't have any valid
	 * matching APs */
	if (!network) {
		ipw_debug_config(priv);

7580 7581 7582 7583 7584 7585
		if (!(priv->status & STATUS_SCANNING)) {
			if (!(priv->config & CFG_SPEED_SCAN))
				queue_delayed_work(priv->workqueue,
						   &priv->request_scan,
						   SCAN_INTERVAL);
			else
7586 7587
				queue_delayed_work(priv->workqueue,
						   &priv->request_scan, 0);
7588
		}
7589

7590
		return 0;
7591 7592 7593
	}

	ipw_associate_network(priv, network, rates, 0);
7594 7595 7596 7597

	return 1;
}

7598
static void ipw_bg_associate(struct work_struct *work)
7599
{
7600 7601
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, associate);
7602
	mutex_lock(&priv->mutex);
7603
	ipw_associate(priv);
7604
	mutex_unlock(&priv->mutex);
7605
}
7606

7607 7608 7609 7610 7611 7612 7613 7614 7615 7616 7617 7618 7619 7620 7621 7622 7623 7624 7625
static void ipw_rebuild_decrypted_skb(struct ipw_priv *priv,
				      struct sk_buff *skb)
{
	struct ieee80211_hdr *hdr;
	u16 fc;

	hdr = (struct ieee80211_hdr *)skb->data;
	fc = le16_to_cpu(hdr->frame_ctl);
	if (!(fc & IEEE80211_FCTL_PROTECTED))
		return;

	fc &= ~IEEE80211_FCTL_PROTECTED;
	hdr->frame_ctl = cpu_to_le16(fc);
	switch (priv->ieee->sec.level) {
	case SEC_LEVEL_3:
		/* Remove CCMP HDR */
		memmove(skb->data + IEEE80211_3ADDR_LEN,
			skb->data + IEEE80211_3ADDR_LEN + 8,
			skb->len - IEEE80211_3ADDR_LEN - 8);
7626
		skb_trim(skb, skb->len - 16);	/* CCMP_HDR_LEN + CCMP_MIC_LEN */
7627 7628 7629 7630 7631 7632 7633 7634
		break;
	case SEC_LEVEL_2:
		break;
	case SEC_LEVEL_1:
		/* Remove IV */
		memmove(skb->data + IEEE80211_3ADDR_LEN,
			skb->data + IEEE80211_3ADDR_LEN + 4,
			skb->len - IEEE80211_3ADDR_LEN - 4);
7635
		skb_trim(skb, skb->len - 8);	/* IV + ICV */
7636 7637 7638 7639 7640 7641 7642 7643
		break;
	case SEC_LEVEL_0:
		break;
	default:
		printk(KERN_ERR "Unknow security level %d\n",
		       priv->ieee->sec.level);
		break;
	}
7644
}
7645

7646 7647 7648
static void ipw_handle_data_packet(struct ipw_priv *priv,
				   struct ipw_rx_mem_buffer *rxb,
				   struct ieee80211_rx_stats *stats)
7649
{
Hong Liu's avatar
Hong Liu committed
7650
	struct ieee80211_hdr_4addr *hdr;
7651 7652 7653 7654 7655
	struct ipw_rx_packet *pkt = (struct ipw_rx_packet *)rxb->skb->data;

	/* We received data from the HW, so stop the watchdog */
	priv->net_dev->trans_start = jiffies;

7656
	/* We only process data packets if the
7657
	 * interface is open */
7658
	if (unlikely((le16_to_cpu(pkt->u.frame.length) + IPW_RX_FRAME_SIZE) >
7659 7660 7661 7662 7663 7664 7665 7666 7667 7668 7669 7670 7671
		     skb_tailroom(rxb->skb))) {
		priv->ieee->stats.rx_errors++;
		priv->wstats.discard.misc++;
		IPW_DEBUG_DROP("Corruption detected! Oh no!\n");
		return;
	} else if (unlikely(!netif_running(priv->net_dev))) {
		priv->ieee->stats.rx_dropped++;
		priv->wstats.discard.misc++;
		IPW_DEBUG_DROP("Dropping packet while interface is not up.\n");
		return;
	}

	/* Advance skb->data to the start of the actual payload */
7672
	skb_reserve(rxb->skb, offsetof(struct ipw_rx_packet, u.frame.data));
7673 7674

	/* Set the size of the skb to the size of the frame */
7675
	skb_put(rxb->skb, le16_to_cpu(pkt->u.frame.length));
7676 7677 7678

	IPW_DEBUG_RX("Rx packet of %d bytes.\n", rxb->skb->len);

7679
	/* HW decrypt will not clear the WEP bit, MIC, PN, etc. */
Hong Liu's avatar
Hong Liu committed
7680 7681
	hdr = (struct ieee80211_hdr_4addr *)rxb->skb->data;
	if (priv->ieee->iw_mode != IW_MODE_MONITOR &&
7682
	    (is_multicast_ether_addr(hdr->addr1) ?
Hong Liu's avatar
Hong Liu committed
7683
	     !priv->ieee->host_mc_decrypt : !priv->ieee->host_decrypt))
7684 7685
		ipw_rebuild_decrypted_skb(priv, rxb->skb);

7686
	if (!ieee80211_rx(priv->ieee, rxb->skb, stats))
7687
		priv->ieee->stats.rx_errors++;
7688
	else {			/* ieee80211_rx succeeded, so it now owns the SKB */
7689
		rxb->skb = NULL;
7690
		__ipw_led_activity_on(priv);
7691
	}
7692 7693
}

7694
#ifdef CONFIG_IPW2200_RADIOTAP
7695 7696 7697 7698 7699 7700 7701 7702 7703 7704 7705 7706 7707 7708 7709 7710
static void ipw_handle_data_packet_monitor(struct ipw_priv *priv,
					   struct ipw_rx_mem_buffer *rxb,
					   struct ieee80211_rx_stats *stats)
{
	struct ipw_rx_packet *pkt = (struct ipw_rx_packet *)rxb->skb->data;
	struct ipw_rx_frame *frame = &pkt->u.frame;

	/* initial pull of some data */
	u16 received_channel = frame->received_channel;
	u8 antennaAndPhy = frame->antennaAndPhy;
	s8 antsignal = frame->rssi_dbm - IPW_RSSI_TO_DBM;	/* call it signed anyhow */
	u16 pktrate = frame->rate;

	/* Magic struct that slots into the radiotap header -- no reason
	 * to build this manually element by element, we can write it much
	 * more efficiently than we can parse it. ORDER MATTERS HERE */
7711
	struct ipw_rt_hdr *ipw_rt;
7712 7713 7714 7715 7716 7717 7718 7719 7720 7721 7722 7723 7724 7725 7726 7727 7728 7729 7730 7731 7732 7733 7734 7735 7736 7737 7738 7739 7740 7741 7742 7743 7744 7745 7746 7747 7748 7749 7750 7751 7752 7753 7754 7755 7756 7757 7758 7759 7760 7761 7762 7763

	short len = le16_to_cpu(pkt->u.frame.length);

	/* We received data from the HW, so stop the watchdog */
	priv->net_dev->trans_start = jiffies;

	/* We only process data packets if the
	 * interface is open */
	if (unlikely((le16_to_cpu(pkt->u.frame.length) + IPW_RX_FRAME_SIZE) >
		     skb_tailroom(rxb->skb))) {
		priv->ieee->stats.rx_errors++;
		priv->wstats.discard.misc++;
		IPW_DEBUG_DROP("Corruption detected! Oh no!\n");
		return;
	} else if (unlikely(!netif_running(priv->net_dev))) {
		priv->ieee->stats.rx_dropped++;
		priv->wstats.discard.misc++;
		IPW_DEBUG_DROP("Dropping packet while interface is not up.\n");
		return;
	}

	/* Libpcap 0.9.3+ can handle variable length radiotap, so we'll use
	 * that now */
	if (len > IPW_RX_BUF_SIZE - sizeof(struct ipw_rt_hdr)) {
		/* FIXME: Should alloc bigger skb instead */
		priv->ieee->stats.rx_dropped++;
		priv->wstats.discard.misc++;
		IPW_DEBUG_DROP("Dropping too large packet in monitor\n");
		return;
	}

	/* copy the frame itself */
	memmove(rxb->skb->data + sizeof(struct ipw_rt_hdr),
		rxb->skb->data + IPW_RX_FRAME_SIZE, len);

	/* Zero the radiotap static buffer  ...  We only need to zero the bytes NOT
	 * part of our real header, saves a little time.
	 *
	 * No longer necessary since we fill in all our data.  Purge before merging
	 * patch officially.
	 * memset(rxb->skb->data + sizeof(struct ipw_rt_hdr), 0,
	 *        IEEE80211_RADIOTAP_HDRLEN - sizeof(struct ipw_rt_hdr));
	 */

	ipw_rt = (struct ipw_rt_hdr *)rxb->skb->data;

	ipw_rt->rt_hdr.it_version = PKTHDR_RADIOTAP_VERSION;
	ipw_rt->rt_hdr.it_pad = 0;	/* always good to zero */
	ipw_rt->rt_hdr.it_len = sizeof(struct ipw_rt_hdr);	/* total header+data */

	/* Big bitfield of all the fields we provide in radiotap */
	ipw_rt->rt_hdr.it_present =
7764 7765
	    ((1 << IEEE80211_RADIOTAP_TSFT) |
	     (1 << IEEE80211_RADIOTAP_FLAGS) |
7766 7767 7768
	     (1 << IEEE80211_RADIOTAP_RATE) |
	     (1 << IEEE80211_RADIOTAP_CHANNEL) |
	     (1 << IEEE80211_RADIOTAP_DBM_ANTSIGNAL) |
7769
	     (1 << IEEE80211_RADIOTAP_DBM_ANTNOISE) |
7770 7771 7772 7773
	     (1 << IEEE80211_RADIOTAP_ANTENNA));

	/* Zero the flags, we'll add to them as we go */
	ipw_rt->rt_flags = 0;
7774 7775 7776 7777
	ipw_rt->rt_tsf = (u64)(frame->parent_tsf[3] << 24 |
			       frame->parent_tsf[2] << 16 |
			       frame->parent_tsf[1] << 8  |
			       frame->parent_tsf[0]);
7778 7779 7780

	/* Convert signal to DBM */
	ipw_rt->rt_dbmsignal = antsignal;
7781
	ipw_rt->rt_dbmnoise = frame->noise;
7782 7783 7784 7785 7786 7787 7788 7789 7790 7791 7792 7793 7794 7795 7796 7797 7798 7799 7800 7801 7802 7803 7804 7805 7806 7807 7808 7809 7810 7811 7812 7813 7814 7815 7816 7817 7818 7819 7820 7821 7822 7823 7824 7825 7826 7827 7828 7829 7830 7831 7832 7833 7834 7835 7836 7837 7838 7839 7840 7841 7842 7843 7844 7845 7846 7847

	/* Convert the channel data and set the flags */
	ipw_rt->rt_channel = cpu_to_le16(ieee80211chan2mhz(received_channel));
	if (received_channel > 14) {	/* 802.11a */
		ipw_rt->rt_chbitmask =
		    cpu_to_le16((IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ));
	} else if (antennaAndPhy & 32) {	/* 802.11b */
		ipw_rt->rt_chbitmask =
		    cpu_to_le16((IEEE80211_CHAN_CCK | IEEE80211_CHAN_2GHZ));
	} else {		/* 802.11g */
		ipw_rt->rt_chbitmask =
		    (IEEE80211_CHAN_OFDM | IEEE80211_CHAN_2GHZ);
	}

	/* set the rate in multiples of 500k/s */
	switch (pktrate) {
	case IPW_TX_RATE_1MB:
		ipw_rt->rt_rate = 2;
		break;
	case IPW_TX_RATE_2MB:
		ipw_rt->rt_rate = 4;
		break;
	case IPW_TX_RATE_5MB:
		ipw_rt->rt_rate = 10;
		break;
	case IPW_TX_RATE_6MB:
		ipw_rt->rt_rate = 12;
		break;
	case IPW_TX_RATE_9MB:
		ipw_rt->rt_rate = 18;
		break;
	case IPW_TX_RATE_11MB:
		ipw_rt->rt_rate = 22;
		break;
	case IPW_TX_RATE_12MB:
		ipw_rt->rt_rate = 24;
		break;
	case IPW_TX_RATE_18MB:
		ipw_rt->rt_rate = 36;
		break;
	case IPW_TX_RATE_24MB:
		ipw_rt->rt_rate = 48;
		break;
	case IPW_TX_RATE_36MB:
		ipw_rt->rt_rate = 72;
		break;
	case IPW_TX_RATE_48MB:
		ipw_rt->rt_rate = 96;
		break;
	case IPW_TX_RATE_54MB:
		ipw_rt->rt_rate = 108;
		break;
	default:
		ipw_rt->rt_rate = 0;
		break;
	}

	/* antenna number */
	ipw_rt->rt_antenna = (antennaAndPhy & 3);	/* Is this right? */

	/* set the preamble flag if we have it */
	if ((antennaAndPhy & 64))
		ipw_rt->rt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;

	/* Set the size of the skb to the size of the frame */
	skb_put(rxb->skb, len + sizeof(struct ipw_rt_hdr));
7848 7849 7850

	IPW_DEBUG_RX("Rx packet of %d bytes.\n", rxb->skb->len);

7851
	if (!ieee80211_rx(priv->ieee, rxb->skb, stats))
7852
		priv->ieee->stats.rx_errors++;
7853 7854 7855 7856 7857 7858 7859
	else {			/* ieee80211_rx succeeded, so it now owns the SKB */
		rxb->skb = NULL;
		/* no LED during capture */
	}
}
#endif

7860 7861 7862 7863 7864 7865 7866 7867 7868 7869 7870 7871 7872 7873 7874 7875 7876 7877 7878 7879 7880 7881 7882 7883 7884 7885 7886 7887 7888 7889 7890 7891 7892 7893 7894 7895 7896 7897 7898 7899 7900 7901 7902 7903 7904 7905 7906 7907 7908 7909 7910 7911 7912 7913 7914 7915 7916 7917 7918 7919 7920 7921 7922 7923 7924 7925 7926 7927 7928 7929 7930
#ifdef CONFIG_IPW2200_PROMISCUOUS
#define ieee80211_is_probe_response(fc) \
   ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT && \
    (fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP )

#define ieee80211_is_management(fc) \
   ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)

#define ieee80211_is_control(fc) \
   ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL)

#define ieee80211_is_data(fc) \
   ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)

#define ieee80211_is_assoc_request(fc) \
   ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_ASSOC_REQ)

#define ieee80211_is_reassoc_request(fc) \
   ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_REASSOC_REQ)

static void ipw_handle_promiscuous_rx(struct ipw_priv *priv,
				      struct ipw_rx_mem_buffer *rxb,
				      struct ieee80211_rx_stats *stats)
{
	struct ipw_rx_packet *pkt = (struct ipw_rx_packet *)rxb->skb->data;
	struct ipw_rx_frame *frame = &pkt->u.frame;
	struct ipw_rt_hdr *ipw_rt;

	/* First cache any information we need before we overwrite
	 * the information provided in the skb from the hardware */
	struct ieee80211_hdr *hdr;
	u16 channel = frame->received_channel;
	u8 phy_flags = frame->antennaAndPhy;
	s8 signal = frame->rssi_dbm - IPW_RSSI_TO_DBM;
	s8 noise = frame->noise;
	u8 rate = frame->rate;
	short len = le16_to_cpu(pkt->u.frame.length);
	struct sk_buff *skb;
	int hdr_only = 0;
	u16 filter = priv->prom_priv->filter;

	/* If the filter is set to not include Rx frames then return */
	if (filter & IPW_PROM_NO_RX)
		return;

	/* We received data from the HW, so stop the watchdog */
	priv->prom_net_dev->trans_start = jiffies;

	if (unlikely((len + IPW_RX_FRAME_SIZE) > skb_tailroom(rxb->skb))) {
		priv->prom_priv->ieee->stats.rx_errors++;
		IPW_DEBUG_DROP("Corruption detected! Oh no!\n");
		return;
	}

	/* We only process data packets if the interface is open */
	if (unlikely(!netif_running(priv->prom_net_dev))) {
		priv->prom_priv->ieee->stats.rx_dropped++;
		IPW_DEBUG_DROP("Dropping packet while interface is not up.\n");
		return;
	}

	/* Libpcap 0.9.3+ can handle variable length radiotap, so we'll use
	 * that now */
	if (len > IPW_RX_BUF_SIZE - sizeof(struct ipw_rt_hdr)) {
		/* FIXME: Should alloc bigger skb instead */
		priv->prom_priv->ieee->stats.rx_dropped++;
		IPW_DEBUG_DROP("Dropping too large packet in monitor\n");
		return;
	}

	hdr = (void *)rxb->skb->data + IPW_RX_FRAME_SIZE;
7931
	if (ieee80211_is_management(le16_to_cpu(hdr->frame_ctl))) {
7932 7933 7934 7935
		if (filter & IPW_PROM_NO_MGMT)
			return;
		if (filter & IPW_PROM_MGMT_HEADER_ONLY)
			hdr_only = 1;
7936
	} else if (ieee80211_is_control(le16_to_cpu(hdr->frame_ctl))) {
7937 7938 7939 7940
		if (filter & IPW_PROM_NO_CTL)
			return;
		if (filter & IPW_PROM_CTL_HEADER_ONLY)
			hdr_only = 1;
7941
	} else if (ieee80211_is_data(le16_to_cpu(hdr->frame_ctl))) {
7942 7943 7944 7945 7946 7947 7948 7949 7950 7951 7952 7953 7954 7955 7956 7957 7958
		if (filter & IPW_PROM_NO_DATA)
			return;
		if (filter & IPW_PROM_DATA_HEADER_ONLY)
			hdr_only = 1;
	}

	/* Copy the SKB since this is for the promiscuous side */
	skb = skb_copy(rxb->skb, GFP_ATOMIC);
	if (skb == NULL) {
		IPW_ERROR("skb_clone failed for promiscuous copy.\n");
		return;
	}

	/* copy the frame data to write after where the radiotap header goes */
	ipw_rt = (void *)skb->data;

	if (hdr_only)
7959
		len = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
7960 7961 7962 7963 7964 7965 7966 7967 7968 7969 7970 7971 7972 7973 7974 7975 7976 7977 7978 7979 7980

	memcpy(ipw_rt->payload, hdr, len);

	/* Zero the radiotap static buffer  ...  We only need to zero the bytes
	 * NOT part of our real header, saves a little time.
	 *
	 * No longer necessary since we fill in all our data.  Purge before
	 * merging patch officially.
	 * memset(rxb->skb->data + sizeof(struct ipw_rt_hdr), 0,
	 *        IEEE80211_RADIOTAP_HDRLEN - sizeof(struct ipw_rt_hdr));
	 */

	ipw_rt->rt_hdr.it_version = PKTHDR_RADIOTAP_VERSION;
	ipw_rt->rt_hdr.it_pad = 0;	/* always good to zero */
	ipw_rt->rt_hdr.it_len = sizeof(*ipw_rt);	/* total header+data */

	/* Set the size of the skb to the size of the frame */
	skb_put(skb, ipw_rt->rt_hdr.it_len + len);

	/* Big bitfield of all the fields we provide in radiotap */
	ipw_rt->rt_hdr.it_present =
7981 7982
	    ((1 << IEEE80211_RADIOTAP_TSFT) |
	     (1 << IEEE80211_RADIOTAP_FLAGS) |
7983 7984 7985 7986 7987 7988 7989 7990
	     (1 << IEEE80211_RADIOTAP_RATE) |
	     (1 << IEEE80211_RADIOTAP_CHANNEL) |
	     (1 << IEEE80211_RADIOTAP_DBM_ANTSIGNAL) |
	     (1 << IEEE80211_RADIOTAP_DBM_ANTNOISE) |
	     (1 << IEEE80211_RADIOTAP_ANTENNA));

	/* Zero the flags, we'll add to them as we go */
	ipw_rt->rt_flags = 0;
7991 7992 7993 7994
	ipw_rt->rt_tsf = (u64)(frame->parent_tsf[3] << 24 |
			       frame->parent_tsf[2] << 16 |
			       frame->parent_tsf[1] << 8  |
			       frame->parent_tsf[0]);
7995 7996 7997 7998 7999 8000 8001 8002 8003 8004 8005 8006 8007 8008 8009 8010 8011 8012 8013 8014 8015 8016 8017 8018 8019 8020 8021 8022 8023 8024 8025 8026 8027 8028 8029 8030 8031 8032 8033 8034 8035 8036 8037 8038 8039 8040 8041 8042 8043 8044 8045 8046 8047 8048 8049 8050 8051 8052 8053 8054 8055 8056 8057 8058 8059 8060 8061 8062 8063 8064 8065 8066 8067 8068 8069 8070 8071

	/* Convert to DBM */
	ipw_rt->rt_dbmsignal = signal;
	ipw_rt->rt_dbmnoise = noise;

	/* Convert the channel data and set the flags */
	ipw_rt->rt_channel = cpu_to_le16(ieee80211chan2mhz(channel));
	if (channel > 14) {	/* 802.11a */
		ipw_rt->rt_chbitmask =
		    cpu_to_le16((IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ));
	} else if (phy_flags & (1 << 5)) {	/* 802.11b */
		ipw_rt->rt_chbitmask =
		    cpu_to_le16((IEEE80211_CHAN_CCK | IEEE80211_CHAN_2GHZ));
	} else {		/* 802.11g */
		ipw_rt->rt_chbitmask =
		    (IEEE80211_CHAN_OFDM | IEEE80211_CHAN_2GHZ);
	}

	/* set the rate in multiples of 500k/s */
	switch (rate) {
	case IPW_TX_RATE_1MB:
		ipw_rt->rt_rate = 2;
		break;
	case IPW_TX_RATE_2MB:
		ipw_rt->rt_rate = 4;
		break;
	case IPW_TX_RATE_5MB:
		ipw_rt->rt_rate = 10;
		break;
	case IPW_TX_RATE_6MB:
		ipw_rt->rt_rate = 12;
		break;
	case IPW_TX_RATE_9MB:
		ipw_rt->rt_rate = 18;
		break;
	case IPW_TX_RATE_11MB:
		ipw_rt->rt_rate = 22;
		break;
	case IPW_TX_RATE_12MB:
		ipw_rt->rt_rate = 24;
		break;
	case IPW_TX_RATE_18MB:
		ipw_rt->rt_rate = 36;
		break;
	case IPW_TX_RATE_24MB:
		ipw_rt->rt_rate = 48;
		break;
	case IPW_TX_RATE_36MB:
		ipw_rt->rt_rate = 72;
		break;
	case IPW_TX_RATE_48MB:
		ipw_rt->rt_rate = 96;
		break;
	case IPW_TX_RATE_54MB:
		ipw_rt->rt_rate = 108;
		break;
	default:
		ipw_rt->rt_rate = 0;
		break;
	}

	/* antenna number */
	ipw_rt->rt_antenna = (phy_flags & 3);

	/* set the preamble flag if we have it */
	if (phy_flags & (1 << 6))
		ipw_rt->rt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;

	IPW_DEBUG_RX("Rx packet of %d bytes.\n", skb->len);

	if (!ieee80211_rx(priv->prom_priv->ieee, skb, stats)) {
		priv->prom_priv->ieee->stats.rx_errors++;
		dev_kfree_skb_any(skb);
	}
}
#endif

8072
static int is_network_packet(struct ipw_priv *priv,
8073 8074 8075 8076 8077
				    struct ieee80211_hdr_4addr *header)
{
	/* Filter incoming packets to determine if they are targetted toward
	 * this network, discarding packets coming from ourselves */
	switch (priv->ieee->iw_mode) {
8078
	case IW_MODE_ADHOC:	/* Header: Dest. | Source    | BSSID */
8079 8080 8081 8082
		/* packets from our adapter are dropped (echo) */
		if (!memcmp(header->addr2, priv->net_dev->dev_addr, ETH_ALEN))
			return 0;

8083
		/* {broad,multi}cast packets to our BSSID go through */
8084
		if (is_multicast_ether_addr(header->addr1))
8085
			return !memcmp(header->addr3, priv->bssid, ETH_ALEN);
8086 8087 8088 8089 8090

		/* packets to our adapter go through */
		return !memcmp(header->addr1, priv->net_dev->dev_addr,
			       ETH_ALEN);

8091
	case IW_MODE_INFRA:	/* Header: Dest. | BSSID | Source */
8092 8093 8094 8095
		/* packets from our adapter are dropped (echo) */
		if (!memcmp(header->addr3, priv->net_dev->dev_addr, ETH_ALEN))
			return 0;

8096
		/* {broad,multi}cast packets to our BSS go through */
8097
		if (is_multicast_ether_addr(header->addr1))
8098 8099 8100 8101 8102
			return !memcmp(header->addr2, priv->bssid, ETH_ALEN);

		/* packets to our adapter go through */
		return !memcmp(header->addr1, priv->net_dev->dev_addr,
			       ETH_ALEN);
8103
	}
8104

8105 8106 8107
	return 1;
}

8108 8109
#define IPW_PACKET_RETRY_TIME HZ

8110
static  int is_duplicate_packet(struct ipw_priv *priv,
8111 8112 8113 8114 8115 8116 8117 8118 8119 8120 8121 8122 8123 8124 8125 8126 8127 8128 8129 8130 8131 8132 8133 8134 8135 8136 8137 8138 8139 8140 8141 8142 8143 8144 8145 8146 8147 8148 8149 8150 8151 8152 8153 8154 8155 8156 8157 8158 8159 8160 8161 8162 8163 8164 8165 8166 8167 8168 8169 8170
				      struct ieee80211_hdr_4addr *header)
{
	u16 sc = le16_to_cpu(header->seq_ctl);
	u16 seq = WLAN_GET_SEQ_SEQ(sc);
	u16 frag = WLAN_GET_SEQ_FRAG(sc);
	u16 *last_seq, *last_frag;
	unsigned long *last_time;

	switch (priv->ieee->iw_mode) {
	case IW_MODE_ADHOC:
		{
			struct list_head *p;
			struct ipw_ibss_seq *entry = NULL;
			u8 *mac = header->addr2;
			int index = mac[5] % IPW_IBSS_MAC_HASH_SIZE;

			__list_for_each(p, &priv->ibss_mac_hash[index]) {
				entry =
				    list_entry(p, struct ipw_ibss_seq, list);
				if (!memcmp(entry->mac, mac, ETH_ALEN))
					break;
			}
			if (p == &priv->ibss_mac_hash[index]) {
				entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
				if (!entry) {
					IPW_ERROR
					    ("Cannot malloc new mac entry\n");
					return 0;
				}
				memcpy(entry->mac, mac, ETH_ALEN);
				entry->seq_num = seq;
				entry->frag_num = frag;
				entry->packet_time = jiffies;
				list_add(&entry->list,
					 &priv->ibss_mac_hash[index]);
				return 0;
			}
			last_seq = &entry->seq_num;
			last_frag = &entry->frag_num;
			last_time = &entry->packet_time;
			break;
		}
	case IW_MODE_INFRA:
		last_seq = &priv->last_seq_num;
		last_frag = &priv->last_frag_num;
		last_time = &priv->last_packet_time;
		break;
	default:
		return 0;
	}
	if ((*last_seq == seq) &&
	    time_after(*last_time + IPW_PACKET_RETRY_TIME, jiffies)) {
		if (*last_frag == frag)
			goto drop;
		if (*last_frag + 1 != frag)
			/* out-of-order fragment */
			goto drop;
	} else
		*last_seq = seq;

8171
	*last_frag = frag;
8172 8173 8174 8175
	*last_time = jiffies;
	return 0;

      drop:
8176 8177 8178 8179
	/* Comment this line now since we observed the card receives
	 * duplicate packets but the FCTL_RETRY bit is not set in the
	 * IBSS mode with fragmentation enabled.
	 BUG_ON(!(le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_RETRY)); */
8180 8181 8182
	return 1;
}

8183 8184 8185 8186 8187 8188 8189 8190 8191 8192 8193 8194 8195 8196 8197 8198 8199 8200 8201 8202 8203 8204 8205 8206 8207 8208 8209 8210 8211 8212 8213 8214 8215 8216 8217 8218 8219
static void ipw_handle_mgmt_packet(struct ipw_priv *priv,
				   struct ipw_rx_mem_buffer *rxb,
				   struct ieee80211_rx_stats *stats)
{
	struct sk_buff *skb = rxb->skb;
	struct ipw_rx_packet *pkt = (struct ipw_rx_packet *)skb->data;
	struct ieee80211_hdr_4addr *header = (struct ieee80211_hdr_4addr *)
	    (skb->data + IPW_RX_FRAME_SIZE);

	ieee80211_rx_mgt(priv->ieee, header, stats);

	if (priv->ieee->iw_mode == IW_MODE_ADHOC &&
	    ((WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)) ==
	      IEEE80211_STYPE_PROBE_RESP) ||
	     (WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)) ==
	      IEEE80211_STYPE_BEACON))) {
		if (!memcmp(header->addr3, priv->bssid, ETH_ALEN))
			ipw_add_station(priv, header->addr2);
	}

	if (priv->config & CFG_NET_STATS) {
		IPW_DEBUG_HC("sending stat packet\n");

		/* Set the size of the skb to the size of the full
		 * ipw header and 802.11 frame */
		skb_put(skb, le16_to_cpu(pkt->u.frame.length) +
			IPW_RX_FRAME_SIZE);

		/* Advance past the ipw packet header to the 802.11 frame */
		skb_pull(skb, IPW_RX_FRAME_SIZE);

		/* Push the ieee80211_rx_stats before the 802.11 frame */
		memcpy(skb_push(skb, sizeof(*stats)), stats, sizeof(*stats));

		skb->dev = priv->ieee->dev;

		/* Point raw at the ieee80211_stats */
8220
		skb_reset_mac_header(skb);
8221 8222 8223 8224 8225

		skb->pkt_type = PACKET_OTHERHOST;
		skb->protocol = __constant_htons(ETH_P_80211_STATS);
		memset(skb->cb, 0, sizeof(rxb->skb->cb));
		netif_rx(skb);
8226
		rxb->skb = NULL;
8227
	}
8228 8229 8230 8231 8232 8233 8234 8235 8236 8237 8238
}

/*
 * Main entry function for recieving a packet with 80211 headers.  This
 * should be called when ever the FW has notified us that there is a new
 * skb in the recieve queue.
 */
static void ipw_rx(struct ipw_priv *priv)
{
	struct ipw_rx_mem_buffer *rxb;
	struct ipw_rx_packet *pkt;
8239
	struct ieee80211_hdr_4addr *header;
8240 8241
	u32 r, w, i;
	u8 network_packet;
8242 8243 8244
	DECLARE_MAC_BUF(mac);
	DECLARE_MAC_BUF(mac2);
	DECLARE_MAC_BUF(mac3);
8245

8246 8247
	r = ipw_read32(priv, IPW_RX_READ_INDEX);
	w = ipw_read32(priv, IPW_RX_WRITE_INDEX);
8248 8249 8250 8251 8252 8253 8254 8255 8256 8257 8258
	i = (priv->rxq->processed + 1) % RX_QUEUE_SIZE;

	while (i != r) {
		rxb = priv->rxq->queue[i];
		if (unlikely(rxb == NULL)) {
			printk(KERN_CRIT "Queue not allocated!\n");
			break;
		}
		priv->rxq->queue[i] = NULL;

		pci_dma_sync_single_for_cpu(priv->pci_dev, rxb->dma_addr,
8259
					    IPW_RX_BUF_SIZE,
8260 8261 8262 8263 8264
					    PCI_DMA_FROMDEVICE);

		pkt = (struct ipw_rx_packet *)rxb->skb->data;
		IPW_DEBUG_RX("Packet: type=%02X seq=%02X bits=%02X\n",
			     pkt->header.message_type,
8265
			     pkt->header.rx_seq_num, pkt->header.control_bits);
8266 8267

		switch (pkt->header.message_type) {
8268 8269
		case RX_FRAME_TYPE:	/* 802.11 frame */  {
				struct ieee80211_rx_stats stats = {
8270
					.rssi = pkt->u.frame.rssi_dbm -
8271
					    IPW_RSSI_TO_DBM,
8272
					.signal =
8273 8274
					    le16_to_cpu(pkt->u.frame.rssi_dbm) -
					    IPW_RSSI_TO_DBM + 0x100,
8275 8276
					.noise =
					    le16_to_cpu(pkt->u.frame.noise),
8277 8278 8279 8280 8281 8282 8283 8284 8285
					.rate = pkt->u.frame.rate,
					.mac_time = jiffies,
					.received_channel =
					    pkt->u.frame.received_channel,
					.freq =
					    (pkt->u.frame.
					     control & (1 << 0)) ?
					    IEEE80211_24GHZ_BAND :
					    IEEE80211_52GHZ_BAND,
8286
					.len = le16_to_cpu(pkt->u.frame.length),
8287 8288 8289 8290 8291 8292
				};

				if (stats.rssi != 0)
					stats.mask |= IEEE80211_STATMASK_RSSI;
				if (stats.signal != 0)
					stats.mask |= IEEE80211_STATMASK_SIGNAL;
8293 8294
				if (stats.noise != 0)
					stats.mask |= IEEE80211_STATMASK_NOISE;
8295 8296 8297 8298
				if (stats.rate != 0)
					stats.mask |= IEEE80211_STATMASK_RATE;

				priv->rx_packets++;
8299

8300 8301 8302 8303 8304
#ifdef CONFIG_IPW2200_PROMISCUOUS
	if (priv->prom_net_dev && netif_running(priv->prom_net_dev))
		ipw_handle_promiscuous_rx(priv, rxb, &stats);
#endif

8305
#ifdef CONFIG_IPW2200_MONITOR
8306
				if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
8307
#ifdef CONFIG_IPW2200_RADIOTAP
8308 8309 8310 8311

                ipw_handle_data_packet_monitor(priv,
					       rxb,
					       &stats);
8312
#else
8313 8314
		ipw_handle_data_packet(priv, rxb,
				       &stats);
8315
#endif
8316 8317
					break;
				}
8318
#endif
8319

8320
				header =
8321 8322 8323
				    (struct ieee80211_hdr_4addr *)(rxb->skb->
								   data +
								   IPW_RX_FRAME_SIZE);
8324 8325
				/* TODO: Check Ad-Hoc dest/source and make sure
				 * that we are actually parsing these packets
8326
				 * correctly -- we should probably use the
8327 8328
				 * frame control of the packet and disregard
				 * the current iw_mode */
8329

8330 8331
				network_packet =
				    is_network_packet(priv, header);
8332 8333 8334
				if (network_packet && priv->assoc_network) {
					priv->assoc_network->stats.rssi =
					    stats.rssi;
8335 8336 8337
					priv->exp_avg_rssi =
					    exponential_average(priv->exp_avg_rssi,
					    stats.rssi, DEPTH_RSSI);
8338 8339 8340
				}

				IPW_DEBUG_RX("Frame: len=%u\n",
8341
					     le16_to_cpu(pkt->u.frame.length));
8342

8343
				if (le16_to_cpu(pkt->u.frame.length) <
8344 8345
				    ieee80211_get_hdrlen(le16_to_cpu(
						    header->frame_ctl))) {
8346 8347 8348 8349 8350 8351 8352 8353
					IPW_DEBUG_DROP
					    ("Received packet is too small. "
					     "Dropping.\n");
					priv->ieee->stats.rx_errors++;
					priv->wstats.discard.misc++;
					break;
				}

8354 8355
				switch (WLAN_FC_GET_TYPE
					(le16_to_cpu(header->frame_ctl))) {
8356

8357
				case IEEE80211_FTYPE_MGMT:
8358 8359
					ipw_handle_mgmt_packet(priv, rxb,
							       &stats);
8360 8361 8362 8363 8364 8365
					break;

				case IEEE80211_FTYPE_CTL:
					break;

				case IEEE80211_FTYPE_DATA:
8366 8367 8368 8369
					if (unlikely(!network_packet ||
						     is_duplicate_packet(priv,
									 header)))
					{
8370
						IPW_DEBUG_DROP("Dropping: "
8371 8372 8373 8374 8375
							       "%s, "
							       "%s, "
							       "%s\n",
							       print_mac(mac,
									 header->
8376
								       addr1),
8377 8378
							       print_mac(mac2,
									 header->
8379
								       addr2),
8380 8381
							       print_mac(mac3,
									 header->
8382
								       addr3));
8383 8384 8385 8386 8387 8388
						break;
					}

					ipw_handle_data_packet(priv, rxb,
							       &stats);

8389 8390
					break;
				}
8391 8392
				break;
			}
8393

8394 8395 8396
		case RX_HOST_NOTIFICATION_TYPE:{
				IPW_DEBUG_RX
				    ("Notification: subtype=%02X flags=%02X size=%d\n",
8397 8398
				     pkt->u.notification.subtype,
				     pkt->u.notification.flags,
8399
				     le16_to_cpu(pkt->u.notification.size));
8400 8401 8402
				ipw_rx_notification(priv, &pkt->u.notification);
				break;
			}
8403 8404 8405 8406 8407 8408

		default:
			IPW_DEBUG_RX("Bad Rx packet of type %d\n",
				     pkt->header.message_type);
			break;
		}
8409 8410 8411

		/* For now we just don't re-use anything.  We can tweak this
		 * later to try and re-use notification packets and SKBs that
8412 8413 8414 8415 8416
		 * fail to Rx correctly */
		if (rxb->skb != NULL) {
			dev_kfree_skb_any(rxb->skb);
			rxb->skb = NULL;
		}
8417

8418
		pci_unmap_single(priv->pci_dev, rxb->dma_addr,
8419
				 IPW_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
8420
		list_add_tail(&rxb->list, &priv->rxq->rx_used);
8421

8422 8423 8424 8425 8426 8427 8428 8429 8430
		i = (i + 1) % RX_QUEUE_SIZE;
	}

	/* Backtrack one entry */
	priv->rxq->processed = (i ? i : RX_QUEUE_SIZE) - 1;

	ipw_rx_queue_restock(priv);
}

8431 8432 8433 8434 8435 8436 8437
#define DEFAULT_RTS_THRESHOLD     2304U
#define MIN_RTS_THRESHOLD         1U
#define MAX_RTS_THRESHOLD         2304U
#define DEFAULT_BEACON_INTERVAL   100U
#define	DEFAULT_SHORT_RETRY_LIMIT 7U
#define	DEFAULT_LONG_RETRY_LIMIT  4U

8438 8439 8440 8441 8442 8443 8444 8445
/**
 * ipw_sw_reset
 * @option: options to control different reset behaviour
 * 	    0 = reset everything except the 'disable' module_param
 * 	    1 = reset everything and print out driver info (for probe only)
 * 	    2 = reset everything
 */
static int ipw_sw_reset(struct ipw_priv *priv, int option)
8446
{
8447 8448
	int band, modulation;
	int old_mode = priv->ieee->iw_mode;
8449

8450 8451
	/* Initialize module parameter values here */
	priv->config = 0;
8452

8453 8454 8455 8456
	/* We default to disabling the LED code as right now it causes
	 * too many systems to lock up... */
	if (!led)
		priv->config |= CFG_NO_LED;
8457

8458 8459 8460 8461
	if (associate)
		priv->config |= CFG_ASSOCIATE;
	else
		IPW_DEBUG_INFO("Auto associate disabled.\n");
8462

8463 8464 8465 8466
	if (auto_create)
		priv->config |= CFG_ADHOC_CREATE;
	else
		IPW_DEBUG_INFO("Auto adhoc creation disabled.\n");
8467

8468 8469 8470 8471
	priv->config &= ~CFG_STATIC_ESSID;
	priv->essid_len = 0;
	memset(priv->essid, 0, IW_ESSID_MAX_SIZE);

8472
	if (disable && option) {
8473 8474
		priv->status |= STATUS_RF_KILL_SW;
		IPW_DEBUG_INFO("Radio disabled.\n");
8475
	}
8476

8477 8478 8479 8480 8481
	if (channel != 0) {
		priv->config |= CFG_STATIC_CHANNEL;
		priv->channel = channel;
		IPW_DEBUG_INFO("Bind to static channel %d\n", channel);
		/* TODO: Validate that provided channel is in range */
8482
	}
8483
#ifdef CONFIG_IPW2200_QOS
8484 8485
	ipw_qos_init(priv, qos_enable, qos_burst_enable,
		     burst_duration_CCK, burst_duration_OFDM);
8486
#endif				/* CONFIG_IPW2200_QOS */
8487

8488 8489 8490 8491 8492 8493 8494 8495 8496
	switch (mode) {
	case 1:
		priv->ieee->iw_mode = IW_MODE_ADHOC;
		priv->net_dev->type = ARPHRD_ETHER;

		break;
#ifdef CONFIG_IPW2200_MONITOR
	case 2:
		priv->ieee->iw_mode = IW_MODE_MONITOR;
8497
#ifdef CONFIG_IPW2200_RADIOTAP
8498 8499
		priv->net_dev->type = ARPHRD_IEEE80211_RADIOTAP;
#else
8500
		priv->net_dev->type = ARPHRD_IEEE80211;
8501
#endif
8502 8503 8504 8505 8506 8507 8508
		break;
#endif
	default:
	case 0:
		priv->net_dev->type = ARPHRD_ETHER;
		priv->ieee->iw_mode = IW_MODE_INFRA;
		break;
8509 8510
	}

8511 8512 8513 8514
	if (hwcrypto) {
		priv->ieee->host_encrypt = 0;
		priv->ieee->host_encrypt_msdu = 0;
		priv->ieee->host_decrypt = 0;
Hong Liu's avatar
Hong Liu committed
8515
		priv->ieee->host_mc_decrypt = 0;
8516 8517
	}
	IPW_DEBUG_INFO("Hardware crypto [%s]\n", hwcrypto ? "on" : "off");
8518

8519 8520
	/* IPW2200/2915 is abled to do hardware fragmentation. */
	priv->ieee->host_open_frag = 0;
8521

8522 8523
	if ((priv->pci_dev->device == 0x4223) ||
	    (priv->pci_dev->device == 0x4224)) {
8524
		if (option == 1)
8525 8526 8527 8528 8529 8530 8531 8532 8533
			printk(KERN_INFO DRV_NAME
			       ": Detected Intel PRO/Wireless 2915ABG Network "
			       "Connection\n");
		priv->ieee->abg_true = 1;
		band = IEEE80211_52GHZ_BAND | IEEE80211_24GHZ_BAND;
		modulation = IEEE80211_OFDM_MODULATION |
		    IEEE80211_CCK_MODULATION;
		priv->adapter = IPW_2915ABG;
		priv->ieee->mode = IEEE_A | IEEE_G | IEEE_B;
8534
	} else {
8535
		if (option == 1)
8536 8537 8538
			printk(KERN_INFO DRV_NAME
			       ": Detected Intel PRO/Wireless 2200BG Network "
			       "Connection\n");
8539

8540 8541 8542 8543 8544 8545
		priv->ieee->abg_true = 0;
		band = IEEE80211_24GHZ_BAND;
		modulation = IEEE80211_OFDM_MODULATION |
		    IEEE80211_CCK_MODULATION;
		priv->adapter = IPW_2200BG;
		priv->ieee->mode = IEEE_G | IEEE_B;
8546 8547
	}

8548 8549
	priv->ieee->freq_band = band;
	priv->ieee->modulation = modulation;
8550

8551
	priv->rates_mask = IEEE80211_DEFAULT_RATES_MASK;
8552

8553 8554
	priv->disassociate_threshold = IPW_MB_DISASSOCIATE_THRESHOLD_DEFAULT;
	priv->roaming_threshold = IPW_MB_ROAMING_THRESHOLD_DEFAULT;
8555

8556 8557 8558
	priv->rts_threshold = DEFAULT_RTS_THRESHOLD;
	priv->short_retry_limit = DEFAULT_SHORT_RETRY_LIMIT;
	priv->long_retry_limit = DEFAULT_LONG_RETRY_LIMIT;
8559

8560 8561 8562 8563
	/* If power management is turned on, default to AC mode */
	priv->power_mode = IPW_POWER_AC;
	priv->tx_power = IPW_TX_POWER_DEFAULT;

8564
	return old_mode == priv->ieee->iw_mode;
8565 8566 8567 8568 8569 8570
}

/*
 * This file defines the Wireless Extension handlers.  It does not
 * define any methods of hardware manipulation and relies on the
 * functions defined in ipw_main to provide the HW interaction.
8571 8572
 *
 * The exception to this is the use of the ipw_get_ordinal()
8573 8574 8575 8576
 * function used to poll the hardware vs. making unecessary calls.
 *
 */

8577 8578
static int ipw_wx_get_name(struct net_device *dev,
			   struct iw_request_info *info,
8579 8580 8581
			   union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
8582
	mutex_lock(&priv->mutex);
8583
	if (priv->status & STATUS_RF_KILL_MASK)
8584
		strcpy(wrqu->name, "radio off");
8585
	else if (!(priv->status & STATUS_ASSOCIATED))
8586
		strcpy(wrqu->name, "unassociated");
8587
	else
8588 8589 8590
		snprintf(wrqu->name, IFNAMSIZ, "IEEE 802.11%c",
			 ipw_modes[priv->assoc_request.ieee_mode]);
	IPW_DEBUG_WX("Name: %s\n", wrqu->name);
8591
	mutex_unlock(&priv->mutex);
8592 8593 8594 8595 8596 8597 8598 8599
	return 0;
}

static int ipw_set_channel(struct ipw_priv *priv, u8 channel)
{
	if (channel == 0) {
		IPW_DEBUG_INFO("Setting channel to ANY (0)\n");
		priv->config &= ~CFG_STATIC_CHANNEL;
8600 8601 8602
		IPW_DEBUG_ASSOC("Attempting to associate with new "
				"parameters.\n");
		ipw_associate(priv);
8603 8604 8605 8606 8607 8608
		return 0;
	}

	priv->config |= CFG_STATIC_CHANNEL;

	if (priv->channel == channel) {
8609 8610
		IPW_DEBUG_INFO("Request to set channel to current value (%d)\n",
			       channel);
8611 8612 8613 8614 8615 8616
		return 0;
	}

	IPW_DEBUG_INFO("Setting channel to %i\n", (int)channel);
	priv->channel = channel;

8617 8618
#ifdef CONFIG_IPW2200_MONITOR
	if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
8619
		int i;
8620
		if (priv->status & STATUS_SCANNING) {
8621
			IPW_DEBUG_SCAN("Scan abort triggered due to "
8622
				       "channel change.\n");
8623
			ipw_abort_scan(priv);
8624 8625 8626 8627 8628 8629 8630 8631 8632 8633 8634 8635
		}

		for (i = 1000; i && (priv->status & STATUS_SCANNING); i--)
			udelay(10);

		if (priv->status & STATUS_SCANNING)
			IPW_DEBUG_SCAN("Still scanning...\n");
		else
			IPW_DEBUG_SCAN("Took %dms to abort current scan\n",
				       1000 - i);

		return 0;
8636
	}
8637 8638
#endif				/* CONFIG_IPW2200_MONITOR */

8639 8640 8641
	/* Network configuration changed -- force [re]association */
	IPW_DEBUG_ASSOC("[re]association triggered due to channel change.\n");
	if (!ipw_disassociate(priv))
8642 8643 8644 8645 8646
		ipw_associate(priv);

	return 0;
}

8647 8648 8649
static int ipw_wx_set_freq(struct net_device *dev,
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
8650 8651
{
	struct ipw_priv *priv = ieee80211_priv(dev);
8652
	const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
8653
	struct iw_freq *fwrq = &wrqu->freq;
8654
	int ret = 0, i;
8655 8656
	u8 channel, flags;
	int band;
8657 8658 8659

	if (fwrq->m == 0) {
		IPW_DEBUG_WX("SET Freq/Channel -> any\n");
8660
		mutex_lock(&priv->mutex);
8661
		ret = ipw_set_channel(priv, 0);
8662
		mutex_unlock(&priv->mutex);
8663 8664
		return ret;
	}
8665 8666
	/* if setting by freq convert to channel */
	if (fwrq->e == 1) {
8667
		channel = ieee80211_freq_to_channel(priv->ieee, fwrq->m);
8668 8669 8670 8671
		if (channel == 0)
			return -EINVAL;
	} else
		channel = fwrq->m;
8672

8673
	if (!(band = ieee80211_is_valid_channel(priv->ieee, channel)))
8674
		return -EINVAL;
8675

8676
	if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
8677
		i = ieee80211_channel_to_index(priv->ieee, channel);
8678 8679
		if (i == -1)
			return -EINVAL;
8680

8681 8682 8683
		flags = (band == IEEE80211_24GHZ_BAND) ?
		    geo->bg[i].flags : geo->a[i].flags;
		if (flags & IEEE80211_CH_PASSIVE_ONLY) {
8684 8685
			IPW_DEBUG_WX("Invalid Ad-Hoc channel for 802.11a\n");
			return -EINVAL;
8686 8687
		}
	}
8688

8689
	IPW_DEBUG_WX("SET Freq/Channel -> %d \n", fwrq->m);
8690
	mutex_lock(&priv->mutex);
8691
	ret = ipw_set_channel(priv, channel);
8692
	mutex_unlock(&priv->mutex);
8693
	return ret;
8694 8695
}

8696 8697
static int ipw_wx_get_freq(struct net_device *dev,
			   struct iw_request_info *info,
8698 8699 8700 8701 8702 8703 8704 8705
			   union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);

	wrqu->freq.e = 0;

	/* If we are associated, trying to associate, or have a statically
	 * configured CHANNEL then return that; otherwise return ANY */
8706
	mutex_lock(&priv->mutex);
8707
	if (priv->config & CFG_STATIC_CHANNEL ||
8708 8709 8710 8711 8712 8713 8714 8715 8716 8717 8718 8719 8720 8721 8722 8723 8724 8725 8726 8727
	    priv->status & (STATUS_ASSOCIATING | STATUS_ASSOCIATED)) {
		int i;

		i = ieee80211_channel_to_index(priv->ieee, priv->channel);
		BUG_ON(i == -1);
		wrqu->freq.e = 1;

		switch (ieee80211_is_valid_channel(priv->ieee, priv->channel)) {
		case IEEE80211_52GHZ_BAND:
			wrqu->freq.m = priv->ieee->geo.a[i].freq * 100000;
			break;

		case IEEE80211_24GHZ_BAND:
			wrqu->freq.m = priv->ieee->geo.bg[i].freq * 100000;
			break;

		default:
			BUG();
		}
	} else
8728 8729
		wrqu->freq.m = 0;

8730
	mutex_unlock(&priv->mutex);
8731 8732 8733 8734
	IPW_DEBUG_WX("GET Freq/Channel -> %d \n", priv->channel);
	return 0;
}

8735 8736
static int ipw_wx_set_mode(struct net_device *dev,
			   struct iw_request_info *info,
8737 8738 8739 8740 8741 8742 8743 8744
			   union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	int err = 0;

	IPW_DEBUG_WX("Set MODE: %d\n", wrqu->mode);

	switch (wrqu->mode) {
8745
#ifdef CONFIG_IPW2200_MONITOR
8746 8747 8748 8749 8750 8751 8752 8753 8754 8755 8756
	case IW_MODE_MONITOR:
#endif
	case IW_MODE_ADHOC:
	case IW_MODE_INFRA:
		break;
	case IW_MODE_AUTO:
		wrqu->mode = IW_MODE_INFRA;
		break;
	default:
		return -EINVAL;
	}
8757 8758
	if (wrqu->mode == priv->ieee->iw_mode)
		return 0;
8759

8760
	mutex_lock(&priv->mutex);
8761

8762 8763
	ipw_sw_reset(priv, 0);

8764
#ifdef CONFIG_IPW2200_MONITOR
8765
	if (priv->ieee->iw_mode == IW_MODE_MONITOR)
8766
		priv->net_dev->type = ARPHRD_ETHER;
8767 8768

	if (wrqu->mode == IW_MODE_MONITOR)
8769
#ifdef CONFIG_IPW2200_RADIOTAP
8770 8771
		priv->net_dev->type = ARPHRD_IEEE80211_RADIOTAP;
#else
8772
		priv->net_dev->type = ARPHRD_IEEE80211;
8773
#endif
8774
#endif				/* CONFIG_IPW2200_MONITOR */
8775 8776

	/* Free the existing firmware and reset the fw_loaded
8777
	 * flag so ipw_load() will bring in the new firmawre */
8778
	free_firmware();
8779 8780

	priv->ieee->iw_mode = wrqu->mode;
8781

8782
	queue_work(priv->workqueue, &priv->adapter_restart);
8783
	mutex_unlock(&priv->mutex);
8784
	return err;
8785 8786
}

8787
static int ipw_wx_get_mode(struct net_device *dev,
8788 8789
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
8790 8791
{
	struct ipw_priv *priv = ieee80211_priv(dev);
8792
	mutex_lock(&priv->mutex);
8793 8794
	wrqu->mode = priv->ieee->iw_mode;
	IPW_DEBUG_WX("Get MODE -> %d\n", wrqu->mode);
8795
	mutex_unlock(&priv->mutex);
8796 8797 8798 8799 8800 8801 8802 8803 8804 8805 8806 8807 8808 8809 8810 8811 8812 8813 8814 8815
	return 0;
}

/* Values are in microsecond */
static const s32 timeout_duration[] = {
	350000,
	250000,
	75000,
	37000,
	25000,
};

static const s32 period_duration[] = {
	400000,
	700000,
	1000000,
	1000000,
	1000000
};

8816 8817
static int ipw_wx_get_range(struct net_device *dev,
			    struct iw_request_info *info,
8818 8819 8820 8821
			    union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct iw_range *range = (struct iw_range *)extra;
8822
	const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
8823
	int i = 0, j;
8824 8825 8826 8827 8828

	wrqu->data.length = sizeof(*range);
	memset(range, 0, sizeof(*range));

	/* 54Mbs == ~27 Mb/s real (802.11g) */
8829
	range->throughput = 27 * 1000 * 1000;
8830 8831 8832 8833

	range->max_qual.qual = 100;
	/* TODO: Find real max RSSI and stick here */
	range->max_qual.level = 0;
8834
	range->max_qual.noise = 0;
8835
	range->max_qual.updated = 7;	/* Updated all three */
8836 8837 8838

	range->avg_qual.qual = 70;
	/* TODO: Find real 'good' to 'bad' threshol value for RSSI */
8839
	range->avg_qual.level = 0;	/* FIXME to real average level */
8840
	range->avg_qual.noise = 0;
8841
	range->avg_qual.updated = 7;	/* Updated all three */
8842
	mutex_lock(&priv->mutex);
8843
	range->num_bitrates = min(priv->rates.num_rates, (u8) IW_MAX_BITRATES);
8844

8845 8846
	for (i = 0; i < range->num_bitrates; i++)
		range->bitrate[i] = (priv->rates.supported_rates[i] & 0x7F) *
8847
		    500000;
8848

8849 8850 8851 8852 8853
	range->max_rts = DEFAULT_RTS_THRESHOLD;
	range->min_frag = MIN_FRAG_THRESHOLD;
	range->max_frag = MAX_FRAG_THRESHOLD;

	range->encoding_size[0] = 5;
8854
	range->encoding_size[1] = 13;
8855 8856 8857 8858 8859
	range->num_encoding_sizes = 2;
	range->max_encoding_tokens = WEP_KEYS;

	/* Set the Wireless Extension versions */
	range->we_version_compiled = WIRELESS_EXT;
8860
	range->we_version_source = 18;
8861

8862 8863
	i = 0;
	if (priv->ieee->mode & (IEEE_B | IEEE_G)) {
8864 8865 8866 8867 8868
		for (j = 0; j < geo->bg_channels && i < IW_MAX_FREQUENCIES; j++) {
			if ((priv->ieee->iw_mode == IW_MODE_ADHOC) &&
			    (geo->bg[j].flags & IEEE80211_CH_PASSIVE_ONLY))
				continue;

8869 8870 8871
			range->freq[i].i = geo->bg[j].channel;
			range->freq[i].m = geo->bg[j].freq * 100000;
			range->freq[i].e = 1;
8872
			i++;
8873 8874
		}
	}
8875

8876
	if (priv->ieee->mode & IEEE_A) {
8877 8878 8879 8880 8881
		for (j = 0; j < geo->a_channels && i < IW_MAX_FREQUENCIES; j++) {
			if ((priv->ieee->iw_mode == IW_MODE_ADHOC) &&
			    (geo->a[j].flags & IEEE80211_CH_PASSIVE_ONLY))
				continue;

8882 8883 8884
			range->freq[i].i = geo->a[j].channel;
			range->freq[i].m = geo->a[j].freq * 100000;
			range->freq[i].e = 1;
8885
			i++;
8886
		}
8887
	}
8888 8889 8890 8891

	range->num_channels = i;
	range->num_frequency = i;

8892
	mutex_unlock(&priv->mutex);
8893 8894 8895 8896

	/* Event capability (kernel + driver) */
	range->event_capa[0] = (IW_EVENT_CAPA_K_0 |
				IW_EVENT_CAPA_MASK(SIOCGIWTHRSPY) |
8897 8898
				IW_EVENT_CAPA_MASK(SIOCGIWAP) |
				IW_EVENT_CAPA_MASK(SIOCGIWSCAN));
8899
	range->event_capa[1] = IW_EVENT_CAPA_K_1;
8900

8901 8902 8903
	range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
		IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP;

8904 8905 8906 8907
	IPW_DEBUG_WX("GET Range\n");
	return 0;
}

8908 8909
static int ipw_wx_set_wap(struct net_device *dev,
			  struct iw_request_info *info,
8910 8911 8912
			  union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
8913
	DECLARE_MAC_BUF(mac);
8914 8915 8916 8917 8918 8919 8920 8921

	static const unsigned char any[] = {
		0xff, 0xff, 0xff, 0xff, 0xff, 0xff
	};
	static const unsigned char off[] = {
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00
	};

8922
	if (wrqu->ap_addr.sa_family != ARPHRD_ETHER)
8923
		return -EINVAL;
8924
	mutex_lock(&priv->mutex);
8925 8926 8927 8928 8929
	if (!memcmp(any, wrqu->ap_addr.sa_data, ETH_ALEN) ||
	    !memcmp(off, wrqu->ap_addr.sa_data, ETH_ALEN)) {
		/* we disable mandatory BSSID association */
		IPW_DEBUG_WX("Setting AP BSSID to ANY\n");
		priv->config &= ~CFG_STATIC_BSSID;
8930 8931 8932
		IPW_DEBUG_ASSOC("Attempting to associate with new "
				"parameters.\n");
		ipw_associate(priv);
8933
		mutex_unlock(&priv->mutex);
8934 8935 8936 8937 8938 8939
		return 0;
	}

	priv->config |= CFG_STATIC_BSSID;
	if (!memcmp(priv->bssid, wrqu->ap_addr.sa_data, ETH_ALEN)) {
		IPW_DEBUG_WX("BSSID set to current BSSID.\n");
8940
		mutex_unlock(&priv->mutex);
8941 8942 8943
		return 0;
	}

8944 8945
	IPW_DEBUG_WX("Setting mandatory BSSID to %s\n",
		     print_mac(mac, wrqu->ap_addr.sa_data));
8946 8947 8948

	memcpy(priv->bssid, wrqu->ap_addr.sa_data, ETH_ALEN);

8949 8950 8951
	/* Network configuration changed -- force [re]association */
	IPW_DEBUG_ASSOC("[re]association triggered due to BSSID change.\n");
	if (!ipw_disassociate(priv))
8952 8953
		ipw_associate(priv);

8954
	mutex_unlock(&priv->mutex);
8955 8956 8957
	return 0;
}

8958 8959
static int ipw_wx_get_wap(struct net_device *dev,
			  struct iw_request_info *info,
8960 8961 8962
			  union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
8963 8964
	DECLARE_MAC_BUF(mac);

8965 8966
	/* If we are associated, trying to associate, or have a statically
	 * configured BSSID then return that; otherwise return ANY */
8967
	mutex_lock(&priv->mutex);
8968
	if (priv->config & CFG_STATIC_BSSID ||
8969 8970
	    priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)) {
		wrqu->ap_addr.sa_family = ARPHRD_ETHER;
8971
		memcpy(wrqu->ap_addr.sa_data, priv->bssid, ETH_ALEN);
8972 8973 8974
	} else
		memset(wrqu->ap_addr.sa_data, 0, ETH_ALEN);

8975 8976
	IPW_DEBUG_WX("Getting WAP BSSID: %s\n",
		     print_mac(mac, wrqu->ap_addr.sa_data));
8977
	mutex_unlock(&priv->mutex);
8978 8979 8980
	return 0;
}

8981 8982
static int ipw_wx_set_essid(struct net_device *dev,
			    struct iw_request_info *info,
8983 8984 8985
			    union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
8986 8987 8988
        int length;

        mutex_lock(&priv->mutex);
8989

8990 8991 8992 8993 8994 8995 8996 8997 8998
        if (!wrqu->essid.flags)
        {
                IPW_DEBUG_WX("Setting ESSID to ANY\n");
                ipw_disassociate(priv);
                priv->config &= ~CFG_STATIC_ESSID;
                ipw_associate(priv);
                mutex_unlock(&priv->mutex);
                return 0;
        }
8999

9000
	length = min((int)wrqu->essid.length, IW_ESSID_MAX_SIZE);
9001 9002 9003

	priv->config |= CFG_STATIC_ESSID;

9004 9005
	if (priv->essid_len == length && !memcmp(priv->essid, extra, length)
	    && (priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING))) {
9006
		IPW_DEBUG_WX("ESSID set to current ESSID.\n");
9007
		mutex_unlock(&priv->mutex);
9008 9009 9010
		return 0;
	}

9011
	IPW_DEBUG_WX("Setting ESSID: '%s' (%d)\n", escape_essid(extra, length),
9012 9013 9014
		     length);

	priv->essid_len = length;
9015
	memcpy(priv->essid, extra, priv->essid_len);
9016

9017 9018 9019
	/* Network configuration changed -- force [re]association */
	IPW_DEBUG_ASSOC("[re]association triggered due to ESSID change.\n");
	if (!ipw_disassociate(priv))
9020 9021
		ipw_associate(priv);

9022
	mutex_unlock(&priv->mutex);
9023 9024 9025
	return 0;
}

9026 9027
static int ipw_wx_get_essid(struct net_device *dev,
			    struct iw_request_info *info,
9028 9029 9030 9031 9032 9033
			    union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);

	/* If we are associated, trying to associate, or have a statically
	 * configured ESSID then return that; otherwise return ANY */
9034
	mutex_lock(&priv->mutex);
9035
	if (priv->config & CFG_STATIC_ESSID ||
9036 9037
	    priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)) {
		IPW_DEBUG_WX("Getting essid: '%s'\n",
9038
			     escape_essid(priv->essid, priv->essid_len));
9039
		memcpy(extra, priv->essid, priv->essid_len);
9040
		wrqu->essid.length = priv->essid_len;
9041
		wrqu->essid.flags = 1;	/* active */
9042 9043 9044
	} else {
		IPW_DEBUG_WX("Getting essid: ANY\n");
		wrqu->essid.length = 0;
9045
		wrqu->essid.flags = 0;	/* active */
9046
	}
9047
	mutex_unlock(&priv->mutex);
9048 9049 9050
	return 0;
}

9051 9052
static int ipw_wx_set_nick(struct net_device *dev,
			   struct iw_request_info *info,
9053
			   union iwreq_data *wrqu, char *extra)
9054
{
9055 9056 9057 9058 9059
	struct ipw_priv *priv = ieee80211_priv(dev);

	IPW_DEBUG_WX("Setting nick to '%s'\n", extra);
	if (wrqu->data.length > IW_ESSID_MAX_SIZE)
		return -E2BIG;
9060
	mutex_lock(&priv->mutex);
9061
	wrqu->data.length = min((size_t) wrqu->data.length, sizeof(priv->nick));
9062
	memset(priv->nick, 0, sizeof(priv->nick));
9063
	memcpy(priv->nick, extra, wrqu->data.length);
9064
	IPW_DEBUG_TRACE("<<\n");
9065
	mutex_unlock(&priv->mutex);
9066 9067 9068 9069
	return 0;

}

9070 9071
static int ipw_wx_get_nick(struct net_device *dev,
			   struct iw_request_info *info,
9072
			   union iwreq_data *wrqu, char *extra)
9073
{
9074 9075
	struct ipw_priv *priv = ieee80211_priv(dev);
	IPW_DEBUG_WX("Getting nick\n");
9076
	mutex_lock(&priv->mutex);
Jean Tourrilhes's avatar
Jean Tourrilhes committed
9077
	wrqu->data.length = strlen(priv->nick);
9078
	memcpy(extra, priv->nick, wrqu->data.length);
9079
	wrqu->data.flags = 1;	/* active */
9080
	mutex_unlock(&priv->mutex);
9081 9082 9083
	return 0;
}

9084 9085 9086 9087 9088 9089 9090 9091 9092 9093 9094 9095 9096 9097 9098 9099 9100 9101 9102 9103 9104 9105 9106 9107 9108 9109 9110 9111 9112 9113 9114 9115 9116 9117 9118 9119 9120 9121 9122 9123 9124 9125 9126 9127 9128 9129
static int ipw_wx_set_sens(struct net_device *dev,
			    struct iw_request_info *info,
			    union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	int err = 0;

	IPW_DEBUG_WX("Setting roaming threshold to %d\n", wrqu->sens.value);
	IPW_DEBUG_WX("Setting disassociate threshold to %d\n", 3*wrqu->sens.value);
	mutex_lock(&priv->mutex);

	if (wrqu->sens.fixed == 0)
	{
		priv->roaming_threshold = IPW_MB_ROAMING_THRESHOLD_DEFAULT;
		priv->disassociate_threshold = IPW_MB_DISASSOCIATE_THRESHOLD_DEFAULT;
		goto out;
	}
	if ((wrqu->sens.value > IPW_MB_ROAMING_THRESHOLD_MAX) ||
	    (wrqu->sens.value < IPW_MB_ROAMING_THRESHOLD_MIN)) {
		err = -EINVAL;
		goto out;
	}

	priv->roaming_threshold = wrqu->sens.value;
	priv->disassociate_threshold = 3*wrqu->sens.value;
      out:
	mutex_unlock(&priv->mutex);
	return err;
}

static int ipw_wx_get_sens(struct net_device *dev,
			    struct iw_request_info *info,
			    union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	mutex_lock(&priv->mutex);
	wrqu->sens.fixed = 1;
	wrqu->sens.value = priv->roaming_threshold;
	mutex_unlock(&priv->mutex);

	IPW_DEBUG_WX("GET roaming threshold -> %s %d \n",
		     wrqu->power.disabled ? "OFF" : "ON", wrqu->power.value);

	return 0;
}

9130 9131 9132
static int ipw_wx_set_rate(struct net_device *dev,
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
9133
{
9134 9135 9136 9137 9138 9139 9140 9141 9142 9143 9144 9145 9146 9147 9148 9149 9150 9151 9152 9153 9154 9155 9156 9157 9158 9159 9160 9161 9162 9163 9164 9165 9166 9167 9168 9169 9170 9171 9172 9173 9174 9175 9176 9177 9178 9179 9180 9181 9182 9183 9184 9185 9186 9187 9188 9189 9190 9191 9192 9193 9194 9195 9196 9197 9198 9199 9200 9201 9202 9203 9204 9205 9206 9207 9208 9209 9210 9211 9212 9213 9214 9215 9216 9217 9218
	/* TODO: We should use semaphores or locks for access to priv */
	struct ipw_priv *priv = ieee80211_priv(dev);
	u32 target_rate = wrqu->bitrate.value;
	u32 fixed, mask;

	/* value = -1, fixed = 0 means auto only, so we should use all rates offered by AP */
	/* value = X, fixed = 1 means only rate X */
	/* value = X, fixed = 0 means all rates lower equal X */

	if (target_rate == -1) {
		fixed = 0;
		mask = IEEE80211_DEFAULT_RATES_MASK;
		/* Now we should reassociate */
		goto apply;
	}

	mask = 0;
	fixed = wrqu->bitrate.fixed;

	if (target_rate == 1000000 || !fixed)
		mask |= IEEE80211_CCK_RATE_1MB_MASK;
	if (target_rate == 1000000)
		goto apply;

	if (target_rate == 2000000 || !fixed)
		mask |= IEEE80211_CCK_RATE_2MB_MASK;
	if (target_rate == 2000000)
		goto apply;

	if (target_rate == 5500000 || !fixed)
		mask |= IEEE80211_CCK_RATE_5MB_MASK;
	if (target_rate == 5500000)
		goto apply;

	if (target_rate == 6000000 || !fixed)
		mask |= IEEE80211_OFDM_RATE_6MB_MASK;
	if (target_rate == 6000000)
		goto apply;

	if (target_rate == 9000000 || !fixed)
		mask |= IEEE80211_OFDM_RATE_9MB_MASK;
	if (target_rate == 9000000)
		goto apply;

	if (target_rate == 11000000 || !fixed)
		mask |= IEEE80211_CCK_RATE_11MB_MASK;
	if (target_rate == 11000000)
		goto apply;

	if (target_rate == 12000000 || !fixed)
		mask |= IEEE80211_OFDM_RATE_12MB_MASK;
	if (target_rate == 12000000)
		goto apply;

	if (target_rate == 18000000 || !fixed)
		mask |= IEEE80211_OFDM_RATE_18MB_MASK;
	if (target_rate == 18000000)
		goto apply;

	if (target_rate == 24000000 || !fixed)
		mask |= IEEE80211_OFDM_RATE_24MB_MASK;
	if (target_rate == 24000000)
		goto apply;

	if (target_rate == 36000000 || !fixed)
		mask |= IEEE80211_OFDM_RATE_36MB_MASK;
	if (target_rate == 36000000)
		goto apply;

	if (target_rate == 48000000 || !fixed)
		mask |= IEEE80211_OFDM_RATE_48MB_MASK;
	if (target_rate == 48000000)
		goto apply;

	if (target_rate == 54000000 || !fixed)
		mask |= IEEE80211_OFDM_RATE_54MB_MASK;
	if (target_rate == 54000000)
		goto apply;

	IPW_DEBUG_WX("invalid rate specified, returning error\n");
	return -EINVAL;

      apply:
	IPW_DEBUG_WX("Setting rate mask to 0x%08X [%s]\n",
		     mask, fixed ? "fixed" : "sub-rates");
9219
	mutex_lock(&priv->mutex);
9220
	if (mask == IEEE80211_DEFAULT_RATES_MASK) {
9221
		priv->config &= ~CFG_FIXED_RATE;
9222 9223
		ipw_set_fixed_rate(priv, priv->ieee->mode);
	} else
9224 9225
		priv->config |= CFG_FIXED_RATE;

9226 9227
	if (priv->rates_mask == mask) {
		IPW_DEBUG_WX("Mask set to current mask.\n");
9228
		mutex_unlock(&priv->mutex);
9229
		return 0;
9230 9231
	}

9232 9233 9234 9235 9236 9237 9238
	priv->rates_mask = mask;

	/* Network configuration changed -- force [re]association */
	IPW_DEBUG_ASSOC("[re]association triggered due to rates change.\n");
	if (!ipw_disassociate(priv))
		ipw_associate(priv);

9239
	mutex_unlock(&priv->mutex);
9240
	return 0;
9241 9242
}

9243 9244
static int ipw_wx_get_rate(struct net_device *dev,
			   struct iw_request_info *info,
9245
			   union iwreq_data *wrqu, char *extra)
9246
{
9247
	struct ipw_priv *priv = ieee80211_priv(dev);
9248
	mutex_lock(&priv->mutex);
9249
	wrqu->bitrate.value = priv->last_rate;
9250
	wrqu->bitrate.fixed = (priv->config & CFG_FIXED_RATE) ? 1 : 0;
9251
	mutex_unlock(&priv->mutex);
9252 9253 9254 9255
	IPW_DEBUG_WX("GET Rate -> %d \n", wrqu->bitrate.value);
	return 0;
}

9256 9257
static int ipw_wx_set_rts(struct net_device *dev,
			  struct iw_request_info *info,
9258
			  union iwreq_data *wrqu, char *extra)
9259
{
9260
	struct ipw_priv *priv = ieee80211_priv(dev);
9261
	mutex_lock(&priv->mutex);
9262
	if (wrqu->rts.disabled || !wrqu->rts.fixed)
9263 9264 9265
		priv->rts_threshold = DEFAULT_RTS_THRESHOLD;
	else {
		if (wrqu->rts.value < MIN_RTS_THRESHOLD ||
9266
		    wrqu->rts.value > MAX_RTS_THRESHOLD) {
9267
			mutex_unlock(&priv->mutex);
9268
			return -EINVAL;
9269
		}
9270 9271 9272 9273
		priv->rts_threshold = wrqu->rts.value;
	}

	ipw_send_rts_threshold(priv, priv->rts_threshold);
9274
	mutex_unlock(&priv->mutex);
9275 9276 9277 9278
	IPW_DEBUG_WX("SET RTS Threshold -> %d \n", priv->rts_threshold);
	return 0;
}

9279 9280
static int ipw_wx_get_rts(struct net_device *dev,
			  struct iw_request_info *info,
9281
			  union iwreq_data *wrqu, char *extra)
9282
{
9283
	struct ipw_priv *priv = ieee80211_priv(dev);
9284
	mutex_lock(&priv->mutex);
9285 9286
	wrqu->rts.value = priv->rts_threshold;
	wrqu->rts.fixed = 0;	/* no auto select */
9287
	wrqu->rts.disabled = (wrqu->rts.value == DEFAULT_RTS_THRESHOLD);
9288
	mutex_unlock(&priv->mutex);
9289 9290 9291 9292
	IPW_DEBUG_WX("GET RTS Threshold -> %d \n", wrqu->rts.value);
	return 0;
}

9293 9294
static int ipw_wx_set_txpow(struct net_device *dev,
			    struct iw_request_info *info,
9295
			    union iwreq_data *wrqu, char *extra)
9296
{
9297
	struct ipw_priv *priv = ieee80211_priv(dev);
9298
	int err = 0;
9299

9300
	mutex_lock(&priv->mutex);
9301
	if (ipw_radio_kill_sw(priv, wrqu->power.disabled)) {
9302 9303
		err = -EINPROGRESS;
		goto out;
9304 9305
	}

9306 9307 9308
	if (!wrqu->power.fixed)
		wrqu->power.value = IPW_TX_POWER_DEFAULT;

9309
	if (wrqu->power.flags != IW_TXPOW_DBM) {
9310 9311
		err = -EINVAL;
		goto out;
9312
	}
9313

9314
	if ((wrqu->power.value > IPW_TX_POWER_MAX) ||
9315
	    (wrqu->power.value < IPW_TX_POWER_MIN)) {
9316 9317
		err = -EINVAL;
		goto out;
9318
	}
9319 9320

	priv->tx_power = wrqu->power.value;
9321 9322
	err = ipw_set_tx_power(priv);
      out:
9323
	mutex_unlock(&priv->mutex);
9324
	return err;
9325 9326
}

9327 9328
static int ipw_wx_get_txpow(struct net_device *dev,
			    struct iw_request_info *info,
9329
			    union iwreq_data *wrqu, char *extra)
9330
{
9331
	struct ipw_priv *priv = ieee80211_priv(dev);
9332
	mutex_lock(&priv->mutex);
9333 9334 9335 9336
	wrqu->power.value = priv->tx_power;
	wrqu->power.fixed = 1;
	wrqu->power.flags = IW_TXPOW_DBM;
	wrqu->power.disabled = (priv->status & STATUS_RF_KILL_MASK) ? 1 : 0;
9337
	mutex_unlock(&priv->mutex);
9338

9339
	IPW_DEBUG_WX("GET TX Power -> %s %d \n",
9340
		     wrqu->power.disabled ? "OFF" : "ON", wrqu->power.value);
9341 9342 9343 9344

	return 0;
}

9345
static int ipw_wx_set_frag(struct net_device *dev,
9346 9347
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
9348 9349
{
	struct ipw_priv *priv = ieee80211_priv(dev);
9350
	mutex_lock(&priv->mutex);
9351
	if (wrqu->frag.disabled || !wrqu->frag.fixed)
9352 9353 9354
		priv->ieee->fts = DEFAULT_FTS;
	else {
		if (wrqu->frag.value < MIN_FRAG_THRESHOLD ||
9355
		    wrqu->frag.value > MAX_FRAG_THRESHOLD) {
9356
			mutex_unlock(&priv->mutex);
9357
			return -EINVAL;
9358
		}
9359

9360 9361 9362 9363
		priv->ieee->fts = wrqu->frag.value & ~0x1;
	}

	ipw_send_frag_threshold(priv, wrqu->frag.value);
9364
	mutex_unlock(&priv->mutex);
9365 9366 9367 9368
	IPW_DEBUG_WX("SET Frag Threshold -> %d \n", wrqu->frag.value);
	return 0;
}

9369
static int ipw_wx_get_frag(struct net_device *dev,
9370 9371
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
9372 9373
{
	struct ipw_priv *priv = ieee80211_priv(dev);
9374
	mutex_lock(&priv->mutex);
9375 9376
	wrqu->frag.value = priv->ieee->fts;
	wrqu->frag.fixed = 0;	/* no auto select */
9377
	wrqu->frag.disabled = (wrqu->frag.value == DEFAULT_FTS);
9378
	mutex_unlock(&priv->mutex);
9379 9380 9381 9382 9383
	IPW_DEBUG_WX("GET Frag Threshold -> %d \n", wrqu->frag.value);

	return 0;
}

9384 9385
static int ipw_wx_set_retry(struct net_device *dev,
			    struct iw_request_info *info,
9386
			    union iwreq_data *wrqu, char *extra)
9387
{
9388 9389 9390 9391 9392 9393 9394 9395
	struct ipw_priv *priv = ieee80211_priv(dev);

	if (wrqu->retry.flags & IW_RETRY_LIFETIME || wrqu->retry.disabled)
		return -EINVAL;

	if (!(wrqu->retry.flags & IW_RETRY_LIMIT))
		return 0;

9396
	if (wrqu->retry.value < 0 || wrqu->retry.value >= 255)
9397 9398
		return -EINVAL;

9399
	mutex_lock(&priv->mutex);
Jean Tourrilhes's avatar
Jean Tourrilhes committed
9400
	if (wrqu->retry.flags & IW_RETRY_SHORT)
9401
		priv->short_retry_limit = (u8) wrqu->retry.value;
Jean Tourrilhes's avatar
Jean Tourrilhes committed
9402
	else if (wrqu->retry.flags & IW_RETRY_LONG)
9403 9404 9405 9406 9407 9408 9409 9410
		priv->long_retry_limit = (u8) wrqu->retry.value;
	else {
		priv->short_retry_limit = (u8) wrqu->retry.value;
		priv->long_retry_limit = (u8) wrqu->retry.value;
	}

	ipw_send_retry_limit(priv, priv->short_retry_limit,
			     priv->long_retry_limit);
9411
	mutex_unlock(&priv->mutex);
9412 9413 9414
	IPW_DEBUG_WX("SET retry limit -> short:%d long:%d\n",
		     priv->short_retry_limit, priv->long_retry_limit);
	return 0;
9415 9416
}

9417 9418
static int ipw_wx_get_retry(struct net_device *dev,
			    struct iw_request_info *info,
9419
			    union iwreq_data *wrqu, char *extra)
9420
{
9421 9422
	struct ipw_priv *priv = ieee80211_priv(dev);

9423
	mutex_lock(&priv->mutex);
9424 9425 9426
	wrqu->retry.disabled = 0;

	if ((wrqu->retry.flags & IW_RETRY_TYPE) == IW_RETRY_LIFETIME) {
9427
		mutex_unlock(&priv->mutex);
9428 9429 9430
		return -EINVAL;
	}

Jean Tourrilhes's avatar
Jean Tourrilhes committed
9431 9432
	if (wrqu->retry.flags & IW_RETRY_LONG) {
		wrqu->retry.flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
9433
		wrqu->retry.value = priv->long_retry_limit;
Jean Tourrilhes's avatar
Jean Tourrilhes committed
9434 9435
	} else if (wrqu->retry.flags & IW_RETRY_SHORT) {
		wrqu->retry.flags = IW_RETRY_LIMIT | IW_RETRY_SHORT;
9436 9437 9438 9439 9440
		wrqu->retry.value = priv->short_retry_limit;
	} else {
		wrqu->retry.flags = IW_RETRY_LIMIT;
		wrqu->retry.value = priv->short_retry_limit;
	}
9441
	mutex_unlock(&priv->mutex);
9442 9443 9444 9445 9446 9447 9448 9449 9450 9451 9452 9453

	IPW_DEBUG_WX("GET retry -> %d \n", wrqu->retry.value);

	return 0;
}

static int ipw_request_direct_scan(struct ipw_priv *priv, char *essid,
				   int essid_len)
{
	struct ipw_scan_request_ext scan;
	int err = 0, scan_type;

9454 9455 9456 9457
	if (!(priv->status & STATUS_INIT) ||
	    (priv->status & STATUS_EXIT_PENDING))
		return 0;

9458
	mutex_lock(&priv->mutex);
9459 9460 9461 9462 9463 9464 9465 9466 9467 9468

	if (priv->status & STATUS_RF_KILL_MASK) {
		IPW_DEBUG_HC("Aborting scan due to RF kill activation\n");
		priv->status |= STATUS_SCAN_PENDING;
		goto done;
	}

	IPW_DEBUG_HC("starting request direct scan!\n");

	if (priv->status & (STATUS_SCANNING | STATUS_SCAN_ABORTING)) {
9469 9470 9471 9472 9473 9474
		/* We should not sleep here; otherwise we will block most
		 * of the system (for instance, we hold rtnl_lock when we
		 * get here).
		 */
		err = -EAGAIN;
		goto done;
9475 9476 9477 9478 9479 9480 9481 9482 9483 9484 9485 9486
	}
	memset(&scan, 0, sizeof(scan));

	if (priv->config & CFG_SPEED_SCAN)
		scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_SCAN] =
		    cpu_to_le16(30);
	else
		scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_SCAN] =
		    cpu_to_le16(20);

	scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_AND_DIRECT_SCAN] =
	    cpu_to_le16(20);
9487
	scan.dwell_time[IPW_SCAN_PASSIVE_FULL_DWELL_SCAN] = cpu_to_le16(120);
9488 9489 9490 9491 9492 9493 9494 9495 9496 9497 9498 9499 9500 9501 9502 9503 9504 9505 9506 9507 9508 9509
	scan.dwell_time[IPW_SCAN_ACTIVE_DIRECT_SCAN] = cpu_to_le16(20);

	scan.full_scan_index = cpu_to_le32(ieee80211_get_scans(priv->ieee));

	err = ipw_send_ssid(priv, essid, essid_len);
	if (err) {
		IPW_DEBUG_HC("Attempt to send SSID command failed\n");
		goto done;
	}
	scan_type = IPW_SCAN_ACTIVE_BROADCAST_AND_DIRECT_SCAN;

	ipw_add_scan_channels(priv, &scan, scan_type);

	err = ipw_send_scan_request_ext(priv, &scan);
	if (err) {
		IPW_DEBUG_HC("Sending scan command failed: %08X\n", err);
		goto done;
	}

	priv->status |= STATUS_SCANNING;

      done:
9510
	mutex_unlock(&priv->mutex);
9511
	return err;
9512 9513
}

9514 9515
static int ipw_wx_set_scan(struct net_device *dev,
			   struct iw_request_info *info,
9516 9517 9518
			   union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
9519 9520
	struct iw_scan_req *req = (struct iw_scan_req *)extra;

9521 9522 9523 9524
	mutex_lock(&priv->mutex);
	priv->user_requested_scan = 1;
	mutex_unlock(&priv->mutex);

9525
	if (wrqu->data.length == sizeof(struct iw_scan_req)) {
9526 9527 9528 9529 9530
		if (wrqu->data.flags & IW_SCAN_THIS_ESSID) {
			ipw_request_direct_scan(priv, req->essid,
						req->essid_len);
			return 0;
		}
9531 9532 9533 9534 9535
		if (req->scan_type == IW_SCAN_TYPE_PASSIVE) {
			queue_work(priv->workqueue,
				   &priv->request_passive_scan);
			return 0;
		}
9536
	}
9537

9538
	IPW_DEBUG_WX("Start scan\n");
9539

9540
	queue_delayed_work(priv->workqueue, &priv->request_scan, 0);
9541

9542 9543 9544
	return 0;
}

9545 9546
static int ipw_wx_get_scan(struct net_device *dev,
			   struct iw_request_info *info,
9547
			   union iwreq_data *wrqu, char *extra)
9548
{
9549 9550 9551 9552
	struct ipw_priv *priv = ieee80211_priv(dev);
	return ieee80211_wx_get_scan(priv->ieee, info, wrqu, extra);
}

9553
static int ipw_wx_set_encode(struct net_device *dev,
9554 9555
			     struct iw_request_info *info,
			     union iwreq_data *wrqu, char *key)
9556 9557
{
	struct ipw_priv *priv = ieee80211_priv(dev);
9558
	int ret;
9559
	u32 cap = priv->capability;
9560

9561
	mutex_lock(&priv->mutex);
9562 9563
	ret = ieee80211_wx_set_encode(priv->ieee, info, wrqu, key);

9564 9565 9566 9567 9568 9569 9570
	/* In IBSS mode, we need to notify the firmware to update
	 * the beacon info after we changed the capability. */
	if (cap != priv->capability &&
	    priv->ieee->iw_mode == IW_MODE_ADHOC &&
	    priv->status & STATUS_ASSOCIATED)
		ipw_disassociate(priv);

9571
	mutex_unlock(&priv->mutex);
9572
	return ret;
9573 9574
}

9575
static int ipw_wx_get_encode(struct net_device *dev,
9576 9577
			     struct iw_request_info *info,
			     union iwreq_data *wrqu, char *key)
9578 9579 9580 9581 9582
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	return ieee80211_wx_get_encode(priv->ieee, info, wrqu, key);
}

9583
static int ipw_wx_set_power(struct net_device *dev,
9584 9585
			    struct iw_request_info *info,
			    union iwreq_data *wrqu, char *extra)
9586 9587 9588
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	int err;
9589
	mutex_lock(&priv->mutex);
9590 9591 9592 9593 9594
	if (wrqu->power.disabled) {
		priv->power_mode = IPW_POWER_LEVEL(priv->power_mode);
		err = ipw_send_power_mode(priv, IPW_POWER_MODE_CAM);
		if (err) {
			IPW_DEBUG_WX("failed setting power mode.\n");
9595
			mutex_unlock(&priv->mutex);
9596 9597 9598
			return err;
		}
		IPW_DEBUG_WX("SET Power Management Mode -> off\n");
9599
		mutex_unlock(&priv->mutex);
9600
		return 0;
9601
	}
9602 9603

	switch (wrqu->power.flags & IW_POWER_MODE) {
9604 9605
	case IW_POWER_ON:	/* If not specified */
	case IW_POWER_MODE:	/* If set all mask */
Jean Delvare's avatar
Jean Delvare committed
9606
	case IW_POWER_ALL_R:	/* If explicitly state all */
9607
		break;
9608
	default:		/* Otherwise we don't support it */
9609 9610
		IPW_DEBUG_WX("SET PM Mode: %X not supported.\n",
			     wrqu->power.flags);
9611
		mutex_unlock(&priv->mutex);
9612
		return -EOPNOTSUPP;
9613
	}
9614

9615 9616
	/* If the user hasn't specified a power management mode yet, default
	 * to BATTERY */
9617
	if (IPW_POWER_LEVEL(priv->power_mode) == IPW_POWER_AC)
9618
		priv->power_mode = IPW_POWER_ENABLED | IPW_POWER_BATTERY;
9619
	else
9620
		priv->power_mode = IPW_POWER_ENABLED | priv->power_mode;
9621

9622 9623 9624
	err = ipw_send_power_mode(priv, IPW_POWER_LEVEL(priv->power_mode));
	if (err) {
		IPW_DEBUG_WX("failed setting power mode.\n");
9625
		mutex_unlock(&priv->mutex);
9626 9627 9628
		return err;
	}

9629
	IPW_DEBUG_WX("SET Power Management Mode -> 0x%02X\n", priv->power_mode);
9630
	mutex_unlock(&priv->mutex);
9631 9632 9633
	return 0;
}

9634
static int ipw_wx_get_power(struct net_device *dev,
9635 9636
			    struct iw_request_info *info,
			    union iwreq_data *wrqu, char *extra)
9637 9638
{
	struct ipw_priv *priv = ieee80211_priv(dev);
9639
	mutex_lock(&priv->mutex);
9640
	if (!(priv->power_mode & IPW_POWER_ENABLED))
9641
		wrqu->power.disabled = 1;
9642
	else
9643 9644
		wrqu->power.disabled = 0;

9645
	mutex_unlock(&priv->mutex);
9646
	IPW_DEBUG_WX("GET Power Management Mode -> %02X\n", priv->power_mode);
9647

9648 9649 9650
	return 0;
}

9651
static int ipw_wx_set_powermode(struct net_device *dev,
9652 9653
				struct iw_request_info *info,
				union iwreq_data *wrqu, char *extra)
9654 9655 9656 9657
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	int mode = *(int *)extra;
	int err;
9658

9659
	mutex_lock(&priv->mutex);
9660
	if ((mode < 1) || (mode > IPW_POWER_LIMIT))
9661
		mode = IPW_POWER_AC;
9662

9663
	if (IPW_POWER_LEVEL(priv->power_mode) != mode) {
9664 9665 9666
		err = ipw_send_power_mode(priv, mode);
		if (err) {
			IPW_DEBUG_WX("failed setting power mode.\n");
9667
			mutex_unlock(&priv->mutex);
9668 9669
			return err;
		}
9670
		priv->power_mode = IPW_POWER_ENABLED | mode;
9671
	}
9672
	mutex_unlock(&priv->mutex);
9673 9674 9675 9676
	return 0;
}

#define MAX_WX_STRING 80
9677
static int ipw_wx_get_powermode(struct net_device *dev,
9678 9679
				struct iw_request_info *info,
				union iwreq_data *wrqu, char *extra)
9680 9681 9682 9683 9684 9685 9686 9687 9688 9689 9690 9691 9692 9693 9694 9695
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	int level = IPW_POWER_LEVEL(priv->power_mode);
	char *p = extra;

	p += snprintf(p, MAX_WX_STRING, "Power save level: %d ", level);

	switch (level) {
	case IPW_POWER_AC:
		p += snprintf(p, MAX_WX_STRING - (p - extra), "(AC)");
		break;
	case IPW_POWER_BATTERY:
		p += snprintf(p, MAX_WX_STRING - (p - extra), "(BATTERY)");
		break;
	default:
		p += snprintf(p, MAX_WX_STRING - (p - extra),
9696
			      "(Timeout %dms, Period %dms)",
9697 9698 9699 9700 9701
			      timeout_duration[level - 1] / 1000,
			      period_duration[level - 1] / 1000);
	}

	if (!(priv->power_mode & IPW_POWER_ENABLED))
9702
		p += snprintf(p, MAX_WX_STRING - (p - extra), " OFF");
9703 9704 9705 9706 9707 9708 9709

	wrqu->data.length = p - extra + 1;

	return 0;
}

static int ipw_wx_set_wireless_mode(struct net_device *dev,
9710 9711
				    struct iw_request_info *info,
				    union iwreq_data *wrqu, char *extra)
9712
{
9713
	struct ipw_priv *priv = ieee80211_priv(dev);
9714 9715 9716 9717
	int mode = *(int *)extra;
	u8 band = 0, modulation = 0;

	if (mode == 0 || mode & ~IEEE_MODE_MASK) {
9718
		IPW_WARNING("Attempt to set invalid wireless mode: %d\n", mode);
9719 9720
		return -EINVAL;
	}
9721
	mutex_lock(&priv->mutex);
9722
	if (priv->adapter == IPW_2915ABG) {
9723
		priv->ieee->abg_true = 1;
9724 9725 9726 9727
		if (mode & IEEE_A) {
			band |= IEEE80211_52GHZ_BAND;
			modulation |= IEEE80211_OFDM_MODULATION;
		} else
9728
			priv->ieee->abg_true = 0;
9729 9730 9731 9732
	} else {
		if (mode & IEEE_A) {
			IPW_WARNING("Attempt to set 2200BG into "
				    "802.11a mode\n");
9733
			mutex_unlock(&priv->mutex);
9734 9735 9736
			return -EINVAL;
		}

9737
		priv->ieee->abg_true = 0;
9738 9739 9740 9741 9742 9743
	}

	if (mode & IEEE_B) {
		band |= IEEE80211_24GHZ_BAND;
		modulation |= IEEE80211_CCK_MODULATION;
	} else
9744
		priv->ieee->abg_true = 0;
9745

9746 9747 9748 9749
	if (mode & IEEE_G) {
		band |= IEEE80211_24GHZ_BAND;
		modulation |= IEEE80211_OFDM_MODULATION;
	} else
9750
		priv->ieee->abg_true = 0;
9751 9752 9753 9754

	priv->ieee->mode = mode;
	priv->ieee->freq_band = band;
	priv->ieee->modulation = modulation;
9755
	init_supported_rates(priv, &priv->rates);
9756

9757 9758 9759
	/* Network configuration changed -- force [re]association */
	IPW_DEBUG_ASSOC("[re]association triggered due to mode change.\n");
	if (!ipw_disassociate(priv)) {
9760
		ipw_send_supported_rates(priv, &priv->rates);
9761 9762
		ipw_associate(priv);
	}
9763

9764 9765
	/* Update the band LEDs */
	ipw_led_band_on(priv);
9766

9767
	IPW_DEBUG_WX("PRIV SET MODE: %c%c%c\n",
9768
		     mode & IEEE_A ? 'a' : '.',
9769
		     mode & IEEE_B ? 'b' : '.', mode & IEEE_G ? 'g' : '.');
9770
	mutex_unlock(&priv->mutex);
9771 9772 9773 9774
	return 0;
}

static int ipw_wx_get_wireless_mode(struct net_device *dev,
9775 9776
				    struct iw_request_info *info,
				    union iwreq_data *wrqu, char *extra)
9777
{
9778
	struct ipw_priv *priv = ieee80211_priv(dev);
9779
	mutex_lock(&priv->mutex);
9780 9781
	switch (priv->ieee->mode) {
	case IEEE_A:
9782 9783
		strncpy(extra, "802.11a (1)", MAX_WX_STRING);
		break;
9784 9785 9786 9787 9788 9789 9790 9791 9792 9793 9794 9795 9796 9797 9798 9799 9800 9801 9802 9803
	case IEEE_B:
		strncpy(extra, "802.11b (2)", MAX_WX_STRING);
		break;
	case IEEE_A | IEEE_B:
		strncpy(extra, "802.11ab (3)", MAX_WX_STRING);
		break;
	case IEEE_G:
		strncpy(extra, "802.11g (4)", MAX_WX_STRING);
		break;
	case IEEE_A | IEEE_G:
		strncpy(extra, "802.11ag (5)", MAX_WX_STRING);
		break;
	case IEEE_B | IEEE_G:
		strncpy(extra, "802.11bg (6)", MAX_WX_STRING);
		break;
	case IEEE_A | IEEE_B | IEEE_G:
		strncpy(extra, "802.11abg (7)", MAX_WX_STRING);
		break;
	default:
		strncpy(extra, "unknown", MAX_WX_STRING);
9804
		break;
9805 9806
	}

9807 9808
	IPW_DEBUG_WX("PRIV GET MODE: %s\n", extra);

9809
	wrqu->data.length = strlen(extra) + 1;
9810
	mutex_unlock(&priv->mutex);
9811 9812 9813 9814 9815 9816 9817 9818 9819 9820

	return 0;
}

static int ipw_wx_set_preamble(struct net_device *dev,
			       struct iw_request_info *info,
			       union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	int mode = *(int *)extra;
9821
	mutex_lock(&priv->mutex);
9822 9823 9824 9825 9826 9827 9828 9829 9830 9831 9832 9833 9834
	/* Switching from SHORT -> LONG requires a disassociation */
	if (mode == 1) {
		if (!(priv->config & CFG_PREAMBLE_LONG)) {
			priv->config |= CFG_PREAMBLE_LONG;

			/* Network configuration changed -- force [re]association */
			IPW_DEBUG_ASSOC
			    ("[re]association triggered due to preamble change.\n");
			if (!ipw_disassociate(priv))
				ipw_associate(priv);
		}
		goto done;
	}
9835

9836 9837 9838 9839
	if (mode == 0) {
		priv->config &= ~CFG_PREAMBLE_LONG;
		goto done;
	}
9840
	mutex_unlock(&priv->mutex);
9841 9842 9843
	return -EINVAL;

      done:
9844
	mutex_unlock(&priv->mutex);
9845 9846 9847 9848 9849 9850 9851 9852
	return 0;
}

static int ipw_wx_get_preamble(struct net_device *dev,
			       struct iw_request_info *info,
			       union iwreq_data *wrqu, char *extra)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
9853
	mutex_lock(&priv->mutex);
9854 9855 9856 9857
	if (priv->config & CFG_PREAMBLE_LONG)
		snprintf(wrqu->name, IFNAMSIZ, "long (1)");
	else
		snprintf(wrqu->name, IFNAMSIZ, "auto (0)");
9858
	mutex_unlock(&priv->mutex);
9859
	return 0;
9860 9861
}

9862 9863
#ifdef CONFIG_IPW2200_MONITOR
static int ipw_wx_set_monitor(struct net_device *dev,
9864
			      struct iw_request_info *info,
9865
			      union iwreq_data *wrqu, char *extra)
9866
{
9867 9868 9869
	struct ipw_priv *priv = ieee80211_priv(dev);
	int *parms = (int *)extra;
	int enable = (parms[0] > 0);
9870
	mutex_lock(&priv->mutex);
9871
	IPW_DEBUG_WX("SET MONITOR: %d %d\n", enable, parms[1]);
9872 9873
	if (enable) {
		if (priv->ieee->iw_mode != IW_MODE_MONITOR) {
9874
#ifdef CONFIG_IPW2200_RADIOTAP
9875 9876
			priv->net_dev->type = ARPHRD_IEEE80211_RADIOTAP;
#else
9877
			priv->net_dev->type = ARPHRD_IEEE80211;
9878
#endif
9879
			queue_work(priv->workqueue, &priv->adapter_restart);
9880
		}
9881

9882 9883
		ipw_set_channel(priv, parms[1]);
	} else {
9884
		if (priv->ieee->iw_mode != IW_MODE_MONITOR) {
9885
			mutex_unlock(&priv->mutex);
9886
			return 0;
9887
		}
9888
		priv->net_dev->type = ARPHRD_ETHER;
9889
		queue_work(priv->workqueue, &priv->adapter_restart);
9890
	}
9891
	mutex_unlock(&priv->mutex);
9892 9893 9894
	return 0;
}

9895
#endif				/* CONFIG_IPW2200_MONITOR */
9896

9897 9898
static int ipw_wx_reset(struct net_device *dev,
			struct iw_request_info *info,
9899
			union iwreq_data *wrqu, char *extra)
9900
{
9901 9902
	struct ipw_priv *priv = ieee80211_priv(dev);
	IPW_DEBUG_WX("RESET\n");
9903 9904 9905 9906 9907 9908 9909
	queue_work(priv->workqueue, &priv->adapter_restart);
	return 0;
}

static int ipw_wx_sw_reset(struct net_device *dev,
			   struct iw_request_info *info,
			   union iwreq_data *wrqu, char *extra)
9910 9911
{
	struct ipw_priv *priv = ieee80211_priv(dev);
9912 9913 9914 9915 9916
	union iwreq_data wrqu_sec = {
		.encoding = {
			     .flags = IW_ENCODE_DISABLED,
			     },
	};
9917
	int ret;
9918

9919
	IPW_DEBUG_WX("SW_RESET\n");
9920

9921
	mutex_lock(&priv->mutex);
9922

9923
	ret = ipw_sw_reset(priv, 2);
9924 9925 9926 9927
	if (!ret) {
		free_firmware();
		ipw_adapter_restart(priv);
	}
9928

9929 9930 9931
	/* The SW reset bit might have been toggled on by the 'disable'
	 * module parameter, so take appropriate action */
	ipw_radio_kill_sw(priv, priv->status & STATUS_RF_KILL_SW);
9932

9933
	mutex_unlock(&priv->mutex);
9934
	ieee80211_wx_set_encode(priv->ieee, info, &wrqu_sec, NULL);
9935
	mutex_lock(&priv->mutex);
9936

9937 9938 9939 9940 9941 9942
	if (!(priv->status & STATUS_RF_KILL_MASK)) {
		/* Configuration likely changed -- force [re]association */
		IPW_DEBUG_ASSOC("[re]association triggered due to sw "
				"reset.\n");
		if (!ipw_disassociate(priv))
			ipw_associate(priv);
9943
	}
9944

9945
	mutex_unlock(&priv->mutex);
9946 9947 9948 9949 9950 9951

	return 0;
}

/* Rebase the WE IOCTLs to zero for the handler array */
#define IW_IOCTL(x) [(x)-SIOCSIWCOMMIT]
9952
static iw_handler ipw_wx_handlers[] = {
9953 9954 9955 9956 9957
	IW_IOCTL(SIOCGIWNAME) = ipw_wx_get_name,
	IW_IOCTL(SIOCSIWFREQ) = ipw_wx_set_freq,
	IW_IOCTL(SIOCGIWFREQ) = ipw_wx_get_freq,
	IW_IOCTL(SIOCSIWMODE) = ipw_wx_set_mode,
	IW_IOCTL(SIOCGIWMODE) = ipw_wx_get_mode,
9958 9959
	IW_IOCTL(SIOCSIWSENS) = ipw_wx_set_sens,
	IW_IOCTL(SIOCGIWSENS) = ipw_wx_get_sens,
9960 9961 9962 9963 9964 9965 9966 9967 9968 9969 9970 9971 9972 9973 9974 9975 9976 9977 9978 9979 9980 9981 9982
	IW_IOCTL(SIOCGIWRANGE) = ipw_wx_get_range,
	IW_IOCTL(SIOCSIWAP) = ipw_wx_set_wap,
	IW_IOCTL(SIOCGIWAP) = ipw_wx_get_wap,
	IW_IOCTL(SIOCSIWSCAN) = ipw_wx_set_scan,
	IW_IOCTL(SIOCGIWSCAN) = ipw_wx_get_scan,
	IW_IOCTL(SIOCSIWESSID) = ipw_wx_set_essid,
	IW_IOCTL(SIOCGIWESSID) = ipw_wx_get_essid,
	IW_IOCTL(SIOCSIWNICKN) = ipw_wx_set_nick,
	IW_IOCTL(SIOCGIWNICKN) = ipw_wx_get_nick,
	IW_IOCTL(SIOCSIWRATE) = ipw_wx_set_rate,
	IW_IOCTL(SIOCGIWRATE) = ipw_wx_get_rate,
	IW_IOCTL(SIOCSIWRTS) = ipw_wx_set_rts,
	IW_IOCTL(SIOCGIWRTS) = ipw_wx_get_rts,
	IW_IOCTL(SIOCSIWFRAG) = ipw_wx_set_frag,
	IW_IOCTL(SIOCGIWFRAG) = ipw_wx_get_frag,
	IW_IOCTL(SIOCSIWTXPOW) = ipw_wx_set_txpow,
	IW_IOCTL(SIOCGIWTXPOW) = ipw_wx_get_txpow,
	IW_IOCTL(SIOCSIWRETRY) = ipw_wx_set_retry,
	IW_IOCTL(SIOCGIWRETRY) = ipw_wx_get_retry,
	IW_IOCTL(SIOCSIWENCODE) = ipw_wx_set_encode,
	IW_IOCTL(SIOCGIWENCODE) = ipw_wx_get_encode,
	IW_IOCTL(SIOCSIWPOWER) = ipw_wx_set_power,
	IW_IOCTL(SIOCGIWPOWER) = ipw_wx_get_power,
9983 9984 9985 9986
	IW_IOCTL(SIOCSIWSPY) = iw_handler_set_spy,
	IW_IOCTL(SIOCGIWSPY) = iw_handler_get_spy,
	IW_IOCTL(SIOCSIWTHRSPY) = iw_handler_set_thrspy,
	IW_IOCTL(SIOCGIWTHRSPY) = iw_handler_get_thrspy,
9987 9988 9989 9990 9991 9992 9993
	IW_IOCTL(SIOCSIWGENIE) = ipw_wx_set_genie,
	IW_IOCTL(SIOCGIWGENIE) = ipw_wx_get_genie,
	IW_IOCTL(SIOCSIWMLME) = ipw_wx_set_mlme,
	IW_IOCTL(SIOCSIWAUTH) = ipw_wx_set_auth,
	IW_IOCTL(SIOCGIWAUTH) = ipw_wx_get_auth,
	IW_IOCTL(SIOCSIWENCODEEXT) = ipw_wx_set_encodeext,
	IW_IOCTL(SIOCGIWENCODEEXT) = ipw_wx_get_encodeext,
9994 9995
};

9996 9997 9998 9999 10000 10001 10002 10003 10004 10005 10006 10007 10008
enum {
	IPW_PRIV_SET_POWER = SIOCIWFIRSTPRIV,
	IPW_PRIV_GET_POWER,
	IPW_PRIV_SET_MODE,
	IPW_PRIV_GET_MODE,
	IPW_PRIV_SET_PREAMBLE,
	IPW_PRIV_GET_PREAMBLE,
	IPW_PRIV_RESET,
	IPW_PRIV_SW_RESET,
#ifdef CONFIG_IPW2200_MONITOR
	IPW_PRIV_SET_MONITOR,
#endif
};
10009

10010
static struct iw_priv_args ipw_priv_args[] = {
10011
	{
10012 10013 10014
	 .cmd = IPW_PRIV_SET_POWER,
	 .set_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
	 .name = "set_power"},
10015
	{
10016 10017 10018
	 .cmd = IPW_PRIV_GET_POWER,
	 .get_args = IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | MAX_WX_STRING,
	 .name = "get_power"},
10019
	{
10020 10021 10022
	 .cmd = IPW_PRIV_SET_MODE,
	 .set_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
	 .name = "set_mode"},
10023
	{
10024 10025 10026
	 .cmd = IPW_PRIV_GET_MODE,
	 .get_args = IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | MAX_WX_STRING,
	 .name = "get_mode"},
10027
	{
10028 10029 10030 10031 10032 10033 10034
	 .cmd = IPW_PRIV_SET_PREAMBLE,
	 .set_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
	 .name = "set_preamble"},
	{
	 .cmd = IPW_PRIV_GET_PREAMBLE,
	 .get_args = IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | IFNAMSIZ,
	 .name = "get_preamble"},
10035
	{
10036 10037
	 IPW_PRIV_RESET,
	 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 0, 0, "reset"},
10038 10039 10040 10041 10042 10043 10044 10045
	{
	 IPW_PRIV_SW_RESET,
	 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 0, 0, "sw_reset"},
#ifdef CONFIG_IPW2200_MONITOR
	{
	 IPW_PRIV_SET_MONITOR,
	 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2, 0, "monitor"},
#endif				/* CONFIG_IPW2200_MONITOR */
10046 10047 10048 10049 10050 10051 10052
};

static iw_handler ipw_priv_handler[] = {
	ipw_wx_set_powermode,
	ipw_wx_get_powermode,
	ipw_wx_set_wireless_mode,
	ipw_wx_get_wireless_mode,
10053 10054
	ipw_wx_set_preamble,
	ipw_wx_get_preamble,
10055
	ipw_wx_reset,
10056 10057 10058
	ipw_wx_sw_reset,
#ifdef CONFIG_IPW2200_MONITOR
	ipw_wx_set_monitor,
10059 10060 10061
#endif
};

10062
static struct iw_handler_def ipw_wx_handler_def = {
10063 10064 10065 10066 10067 10068
	.standard = ipw_wx_handlers,
	.num_standard = ARRAY_SIZE(ipw_wx_handlers),
	.num_private = ARRAY_SIZE(ipw_priv_handler),
	.num_private_args = ARRAY_SIZE(ipw_priv_args),
	.private = ipw_priv_handler,
	.private_args = ipw_priv_args,
10069
	.get_wireless_stats = ipw_get_wireless_stats,
10070 10071 10072 10073 10074 10075 10076
};

/*
 * Get wireless statistics.
 * Called by /proc/net/wireless
 * Also called by SIOCGIWSTATS
 */
10077
static struct iw_statistics *ipw_get_wireless_stats(struct net_device *dev)
10078 10079 10080
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct iw_statistics *wstats;
10081

10082 10083
	wstats = &priv->wstats;

10084
	/* if hw is disabled, then ipw_get_ordinal() can't be called.
10085
	 * netdev->get_wireless_stats seems to be called before fw is
10086 10087 10088 10089 10090 10091 10092 10093 10094 10095 10096
	 * initialized.  STATUS_ASSOCIATED will only be set if the hw is up
	 * and associated; if not associcated, the values are all meaningless
	 * anyway, so set them all to NULL and INVALID */
	if (!(priv->status & STATUS_ASSOCIATED)) {
		wstats->miss.beacon = 0;
		wstats->discard.retries = 0;
		wstats->qual.qual = 0;
		wstats->qual.level = 0;
		wstats->qual.noise = 0;
		wstats->qual.updated = 7;
		wstats->qual.updated |= IW_QUAL_NOISE_INVALID |
10097
		    IW_QUAL_QUAL_INVALID | IW_QUAL_LEVEL_INVALID;
10098
		return wstats;
10099
	}
10100 10101

	wstats->qual.qual = priv->quality;
10102 10103
	wstats->qual.level = priv->exp_avg_rssi;
	wstats->qual.noise = priv->exp_avg_noise;
10104
	wstats->qual.updated = IW_QUAL_QUAL_UPDATED | IW_QUAL_LEVEL_UPDATED |
10105
	    IW_QUAL_NOISE_UPDATED | IW_QUAL_DBM;
10106 10107 10108 10109

	wstats->miss.beacon = average_value(&priv->average_missed_beacons);
	wstats->discard.retries = priv->last_tx_failures;
	wstats->discard.code = priv->ieee->ieee_stats.rx_discards_undecryptable;
10110

10111 10112 10113
/*	if (ipw_get_ordinal(priv, IPW_ORD_STAT_TX_RETRY, &tx_retry, &len))
	goto fail_get_ordinal;
	wstats->discard.retries += tx_retry; */
10114

10115 10116 10117 10118 10119
	return wstats;
}

/* net device stuff */

10120
static  void init_sys_config(struct ipw_sys_config *sys_config)
10121
{
10122
	memset(sys_config, 0, sizeof(struct ipw_sys_config));
10123
	sys_config->bt_coexistence = 0;
10124 10125 10126 10127 10128 10129 10130
	sys_config->answer_broadcast_ssid_probe = 0;
	sys_config->accept_all_data_frames = 0;
	sys_config->accept_non_directed_frames = 1;
	sys_config->exclude_unicast_unencrypted = 0;
	sys_config->disable_unicast_decryption = 1;
	sys_config->exclude_multicast_unencrypted = 0;
	sys_config->disable_multicast_decryption = 1;
10131 10132 10133
	if (antenna < CFG_SYS_ANTENNA_BOTH || antenna > CFG_SYS_ANTENNA_B)
		antenna = CFG_SYS_ANTENNA_BOTH;
	sys_config->antenna_diversity = antenna;
10134
	sys_config->pass_crc_to_host = 0;	/* TODO: See if 1 gives us FCS */
10135
	sys_config->dot11g_auto_detection = 0;
10136
	sys_config->enable_cts_to_self = 0;
10137
	sys_config->bt_coexist_collision_thr = 0;
10138
	sys_config->pass_noise_stats_to_host = 1;	/* 1 -- fix for 256 */
10139
	sys_config->silence_threshold = 0x1e;
10140 10141 10142 10143 10144 10145 10146
}

static int ipw_net_open(struct net_device *dev)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	IPW_DEBUG_INFO("dev->open\n");
	/* we should be verifying the device is ready to be opened */
10147
	mutex_lock(&priv->mutex);
10148 10149
	if (!(priv->status & STATUS_RF_KILL_MASK) &&
	    (priv->status & STATUS_ASSOCIATED))
10150
		netif_start_queue(dev);
10151
	mutex_unlock(&priv->mutex);
10152 10153 10154 10155 10156 10157 10158 10159 10160 10161 10162 10163 10164 10165 10166 10167 10168
	return 0;
}

static int ipw_net_stop(struct net_device *dev)
{
	IPW_DEBUG_INFO("dev->close\n");
	netif_stop_queue(dev);
	return 0;
}

/*
todo:

modify to send one tfd per fragment instead of using chunking.  otherwise
we need to heavily modify the ieee80211_skb_to_txb.
*/

10169
static int ipw_tx_skb(struct ipw_priv *priv, struct ieee80211_txb *txb,
10170
			     int pri)
10171
{
10172
	struct ieee80211_hdr_3addrqos *hdr = (struct ieee80211_hdr_3addrqos *)
10173
	    txb->fragments[0]->data;
10174 10175
	int i = 0;
	struct tfd_frame *tfd;
10176
#ifdef CONFIG_IPW2200_QOS
10177 10178 10179
	int tx_id = ipw_get_tx_queue_number(priv, pri);
	struct clx2_tx_queue *txq = &priv->txq[tx_id];
#else
10180
	struct clx2_tx_queue *txq = &priv->txq[0];
10181
#endif
10182 10183 10184
	struct clx2_queue *q = &txq->q;
	u8 id, hdr_len, unicast;
	u16 remaining_bytes;
10185
	int fc;
10186
	DECLARE_MAC_BUF(mac);
10187

10188
	hdr_len = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
10189 10190
	switch (priv->ieee->iw_mode) {
	case IW_MODE_ADHOC:
10191
		unicast = !is_multicast_ether_addr(hdr->addr1);
10192 10193 10194 10195 10196
		id = ipw_find_station(priv, hdr->addr1);
		if (id == IPW_INVALID_STATION) {
			id = ipw_add_station(priv, hdr->addr1);
			if (id == IPW_INVALID_STATION) {
				IPW_WARNING("Attempt to send data to "
10197 10198
					    "invalid cell: %s\n",
					    print_mac(mac, hdr->addr1));
10199 10200 10201 10202 10203 10204 10205
				goto drop;
			}
		}
		break;

	case IW_MODE_INFRA:
	default:
10206
		unicast = !is_multicast_ether_addr(hdr->addr3);
10207 10208 10209 10210 10211 10212 10213 10214 10215 10216 10217 10218 10219
		id = 0;
		break;
	}

	tfd = &txq->bd[q->first_empty];
	txq->txb[q->first_empty] = txb;
	memset(tfd, 0, sizeof(*tfd));
	tfd->u.data.station_number = id;

	tfd->control_flags.message_type = TX_FRAME_TYPE;
	tfd->control_flags.control_bits = TFD_NEED_IRQ_MASK;

	tfd->u.data.cmd_id = DINO_CMD_TX;
10220
	tfd->u.data.len = cpu_to_le16(txb->payload_size);
10221
	remaining_bytes = txb->payload_size;
10222

10223
	if (priv->assoc_request.ieee_mode == IPW_B_MODE)
10224
		tfd->u.data.tx_flags_ext |= DCT_FLAG_EXT_MODE_CCK;
10225
	else
10226
		tfd->u.data.tx_flags_ext |= DCT_FLAG_EXT_MODE_OFDM;
10227

10228 10229
	if (priv->assoc_request.preamble_length == DCT_FLAG_SHORT_PREAMBLE)
		tfd->u.data.tx_flags |= DCT_FLAG_SHORT_PREAMBLE;
10230

10231 10232
	fc = le16_to_cpu(hdr->frame_ctl);
	hdr->frame_ctl = cpu_to_le16(fc & ~IEEE80211_FCTL_MOREFRAGS);
10233 10234 10235

	memcpy(&tfd->u.data.tfd.tfd_24.mchdr, hdr, hdr_len);

10236 10237 10238 10239 10240 10241 10242
	if (likely(unicast))
		tfd->u.data.tx_flags |= DCT_FLAG_ACK_REQD;

	if (txb->encrypted && !priv->ieee->host_encrypt) {
		switch (priv->ieee->sec.level) {
		case SEC_LEVEL_3:
			tfd->u.data.tfd.tfd_24.mchdr.frame_ctl |=
10243
			    cpu_to_le16(IEEE80211_FCTL_PROTECTED);
10244 10245 10246 10247 10248 10249 10250 10251 10252 10253 10254 10255 10256 10257
			/* XXX: ACK flag must be set for CCMP even if it
			 * is a multicast/broadcast packet, because CCMP
			 * group communication encrypted by GTK is
			 * actually done by the AP. */
			if (!unicast)
				tfd->u.data.tx_flags |= DCT_FLAG_ACK_REQD;

			tfd->u.data.tx_flags &= ~DCT_FLAG_NO_WEP;
			tfd->u.data.tx_flags_ext |= DCT_FLAG_EXT_SECURITY_CCM;
			tfd->u.data.key_index = 0;
			tfd->u.data.key_index |= DCT_WEP_INDEX_USE_IMMEDIATE;
			break;
		case SEC_LEVEL_2:
			tfd->u.data.tfd.tfd_24.mchdr.frame_ctl |=
10258
			    cpu_to_le16(IEEE80211_FCTL_PROTECTED);
10259 10260 10261 10262 10263 10264
			tfd->u.data.tx_flags &= ~DCT_FLAG_NO_WEP;
			tfd->u.data.tx_flags_ext |= DCT_FLAG_EXT_SECURITY_TKIP;
			tfd->u.data.key_index = DCT_WEP_INDEX_USE_IMMEDIATE;
			break;
		case SEC_LEVEL_1:
			tfd->u.data.tfd.tfd_24.mchdr.frame_ctl |=
10265
			    cpu_to_le16(IEEE80211_FCTL_PROTECTED);
10266 10267 10268 10269 10270 10271 10272 10273 10274 10275 10276 10277 10278 10279 10280 10281 10282 10283
			tfd->u.data.key_index = priv->ieee->tx_keyidx;
			if (priv->ieee->sec.key_sizes[priv->ieee->tx_keyidx] <=
			    40)
				tfd->u.data.key_index |= DCT_WEP_KEY_64Bit;
			else
				tfd->u.data.key_index |= DCT_WEP_KEY_128Bit;
			break;
		case SEC_LEVEL_0:
			break;
		default:
			printk(KERN_ERR "Unknow security level %d\n",
			       priv->ieee->sec.level);
			break;
		}
	} else
		/* No hardware encryption */
		tfd->u.data.tx_flags |= DCT_FLAG_NO_WEP;

10284
#ifdef CONFIG_IPW2200_QOS
10285 10286
	if (fc & IEEE80211_STYPE_QOS_DATA)
		ipw_qos_set_tx_queue_command(priv, pri, &(tfd->u.data));
10287
#endif				/* CONFIG_IPW2200_QOS */
10288

10289
	/* payload */
10290 10291 10292 10293 10294 10295 10296 10297
	tfd->u.data.num_chunks = cpu_to_le32(min((u8) (NUM_TFD_CHUNKS - 2),
						 txb->nr_frags));
	IPW_DEBUG_FRAG("%i fragments being sent as %i chunks.\n",
		       txb->nr_frags, le32_to_cpu(tfd->u.data.num_chunks));
	for (i = 0; i < le32_to_cpu(tfd->u.data.num_chunks); i++) {
		IPW_DEBUG_FRAG("Adding fragment %i of %i (%d bytes).\n",
			       i, le32_to_cpu(tfd->u.data.num_chunks),
			       txb->fragments[i]->len - hdr_len);
10298
		IPW_DEBUG_TX("Dumping TX packet frag %i of %i (%d bytes):\n",
10299 10300
			     i, tfd->u.data.num_chunks,
			     txb->fragments[i]->len - hdr_len);
10301
		printk_buf(IPW_DL_TX, txb->fragments[i]->data + hdr_len,
10302 10303
			   txb->fragments[i]->len - hdr_len);

10304
		tfd->u.data.chunk_ptr[i] =
10305 10306 10307 10308 10309 10310 10311
		    cpu_to_le32(pci_map_single
				(priv->pci_dev,
				 txb->fragments[i]->data + hdr_len,
				 txb->fragments[i]->len - hdr_len,
				 PCI_DMA_TODEVICE));
		tfd->u.data.chunk_len[i] =
		    cpu_to_le16(txb->fragments[i]->len - hdr_len);
10312 10313 10314 10315 10316 10317 10318 10319 10320 10321 10322 10323 10324 10325
	}

	if (i != txb->nr_frags) {
		struct sk_buff *skb;
		u16 remaining_bytes = 0;
		int j;

		for (j = i; j < txb->nr_frags; j++)
			remaining_bytes += txb->fragments[j]->len - hdr_len;

		printk(KERN_INFO "Trying to reallocate for %d bytes\n",
		       remaining_bytes);
		skb = alloc_skb(remaining_bytes, GFP_ATOMIC);
		if (skb != NULL) {
10326
			tfd->u.data.chunk_len[i] = cpu_to_le16(remaining_bytes);
10327 10328
			for (j = i; j < txb->nr_frags; j++) {
				int size = txb->fragments[j]->len - hdr_len;
10329

10330
				printk(KERN_INFO "Adding frag %d %d...\n",
10331
				       j, size);
10332
				memcpy(skb_put(skb, size),
10333
				       txb->fragments[j]->data + hdr_len, size);
10334 10335 10336
			}
			dev_kfree_skb_any(txb->fragments[i]);
			txb->fragments[i] = skb;
10337
			tfd->u.data.chunk_ptr[i] =
10338 10339 10340 10341 10342 10343 10344 10345
			    cpu_to_le32(pci_map_single
					(priv->pci_dev, skb->data,
					 tfd->u.data.chunk_len[i],
					 PCI_DMA_TODEVICE));

			tfd->u.data.num_chunks =
			    cpu_to_le32(le32_to_cpu(tfd->u.data.num_chunks) +
					1);
10346
		}
10347 10348 10349 10350 10351 10352
	}

	/* kick DMA */
	q->first_empty = ipw_queue_inc_wrap(q->first_empty, q->n_bd);
	ipw_write32(priv, q->reg_w, q->first_empty);

10353 10354 10355
	if (ipw_queue_space(q) < q->high_mark)
		netif_stop_queue(priv->net_dev);

10356
	return NETDEV_TX_OK;
10357

10358
      drop:
10359 10360
	IPW_DEBUG_DROP("Silently dropping Tx packet.\n");
	ieee80211_txb_free(txb);
10361 10362 10363 10364 10365 10366
	return NETDEV_TX_OK;
}

static int ipw_net_is_queue_full(struct net_device *dev, int pri)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
10367
#ifdef CONFIG_IPW2200_QOS
10368 10369 10370 10371
	int tx_id = ipw_get_tx_queue_number(priv, pri);
	struct clx2_tx_queue *txq = &priv->txq[tx_id];
#else
	struct clx2_tx_queue *txq = &priv->txq[0];
10372
#endif				/* CONFIG_IPW2200_QOS */
10373 10374 10375 10376 10377

	if (ipw_queue_space(&txq->q) < txq->q.high_mark)
		return 1;

	return 0;
10378 10379
}

10380 10381 10382 10383 10384 10385 10386 10387 10388 10389 10390 10391 10392 10393 10394 10395 10396
#ifdef CONFIG_IPW2200_PROMISCUOUS
static void ipw_handle_promiscuous_tx(struct ipw_priv *priv,
				      struct ieee80211_txb *txb)
{
	struct ieee80211_rx_stats dummystats;
	struct ieee80211_hdr *hdr;
	u8 n;
	u16 filter = priv->prom_priv->filter;
	int hdr_only = 0;

	if (filter & IPW_PROM_NO_TX)
		return;

	memset(&dummystats, 0, sizeof(dummystats));

	/* Filtering of fragment chains is done agains the first fragment */
	hdr = (void *)txb->fragments[0]->data;
10397
	if (ieee80211_is_management(le16_to_cpu(hdr->frame_ctl))) {
10398 10399 10400 10401
		if (filter & IPW_PROM_NO_MGMT)
			return;
		if (filter & IPW_PROM_MGMT_HEADER_ONLY)
			hdr_only = 1;
10402
	} else if (ieee80211_is_control(le16_to_cpu(hdr->frame_ctl))) {
10403 10404 10405 10406
		if (filter & IPW_PROM_NO_CTL)
			return;
		if (filter & IPW_PROM_CTL_HEADER_ONLY)
			hdr_only = 1;
10407
	} else if (ieee80211_is_data(le16_to_cpu(hdr->frame_ctl))) {
10408 10409 10410 10411 10412 10413 10414 10415 10416 10417 10418 10419 10420 10421
		if (filter & IPW_PROM_NO_DATA)
			return;
		if (filter & IPW_PROM_DATA_HEADER_ONLY)
			hdr_only = 1;
	}

	for(n=0; n<txb->nr_frags; ++n) {
		struct sk_buff *src = txb->fragments[n];
		struct sk_buff *dst;
		struct ieee80211_radiotap_header *rt_hdr;
		int len;

		if (hdr_only) {
			hdr = (void *)src->data;
10422
			len = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
10423 10424 10425 10426 10427 10428 10429 10430 10431 10432 10433 10434 10435 10436 10437 10438 10439 10440 10441 10442 10443 10444 10445 10446 10447 10448 10449 10450 10451 10452 10453
		} else
			len = src->len;

		dst = alloc_skb(
			len + IEEE80211_RADIOTAP_HDRLEN, GFP_ATOMIC);
		if (!dst) continue;

		rt_hdr = (void *)skb_put(dst, sizeof(*rt_hdr));

		rt_hdr->it_version = PKTHDR_RADIOTAP_VERSION;
		rt_hdr->it_pad = 0;
		rt_hdr->it_present = 0; /* after all, it's just an idea */
		rt_hdr->it_present |=  (1 << IEEE80211_RADIOTAP_CHANNEL);

		*(u16*)skb_put(dst, sizeof(u16)) = cpu_to_le16(
			ieee80211chan2mhz(priv->channel));
		if (priv->channel > 14) 	/* 802.11a */
			*(u16*)skb_put(dst, sizeof(u16)) =
				cpu_to_le16(IEEE80211_CHAN_OFDM |
					     IEEE80211_CHAN_5GHZ);
		else if (priv->ieee->mode == IEEE_B) /* 802.11b */
			*(u16*)skb_put(dst, sizeof(u16)) =
				cpu_to_le16(IEEE80211_CHAN_CCK |
					     IEEE80211_CHAN_2GHZ);
		else 		/* 802.11g */
			*(u16*)skb_put(dst, sizeof(u16)) =
				cpu_to_le16(IEEE80211_CHAN_OFDM |
				 IEEE80211_CHAN_2GHZ);

		rt_hdr->it_len = dst->len;

10454
		skb_copy_from_linear_data(src, skb_put(dst, len), len);
10455 10456 10457 10458 10459 10460 10461

		if (!ieee80211_rx(priv->prom_priv->ieee, dst, &dummystats))
			dev_kfree_skb_any(dst);
	}
}
#endif

10462
static int ipw_net_hard_start_xmit(struct ieee80211_txb *txb,
10463
				   struct net_device *dev, int pri)
10464 10465 10466
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	unsigned long flags;
10467
	int ret;
10468 10469 10470 10471 10472 10473 10474 10475 10476 10477 10478

	IPW_DEBUG_TX("dev->xmit(%d bytes)\n", txb->payload_size);
	spin_lock_irqsave(&priv->lock, flags);

	if (!(priv->status & STATUS_ASSOCIATED)) {
		IPW_DEBUG_INFO("Tx attempt while not associated.\n");
		priv->ieee->stats.tx_carrier_errors++;
		netif_stop_queue(dev);
		goto fail_unlock;
	}

10479 10480 10481 10482 10483
#ifdef CONFIG_IPW2200_PROMISCUOUS
	if (rtap_iface && netif_running(priv->prom_net_dev))
		ipw_handle_promiscuous_tx(priv, txb);
#endif

10484 10485 10486
	ret = ipw_tx_skb(priv, txb, pri);
	if (ret == NETDEV_TX_OK)
		__ipw_led_activity_on(priv);
10487 10488
	spin_unlock_irqrestore(&priv->lock, flags);

10489
	return ret;
10490

10491
      fail_unlock:
10492 10493 10494 10495 10496 10497 10498
	spin_unlock_irqrestore(&priv->lock, flags);
	return 1;
}

static struct net_device_stats *ipw_net_get_stats(struct net_device *dev)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
10499

10500 10501 10502 10503 10504 10505 10506 10507 10508 10509 10510 10511 10512 10513
	priv->ieee->stats.tx_packets = priv->tx_packets;
	priv->ieee->stats.rx_packets = priv->rx_packets;
	return &priv->ieee->stats;
}

static void ipw_net_set_multicast_list(struct net_device *dev)
{

}

static int ipw_net_set_mac_address(struct net_device *dev, void *p)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	struct sockaddr *addr = p;
10514 10515
	DECLARE_MAC_BUF(mac);

10516 10517
	if (!is_valid_ether_addr(addr->sa_data))
		return -EADDRNOTAVAIL;
10518
	mutex_lock(&priv->mutex);
10519 10520
	priv->config |= CFG_CUSTOM_MAC;
	memcpy(priv->mac_addr, addr->sa_data, ETH_ALEN);
10521 10522
	printk(KERN_INFO "%s: Setting MAC to %s\n",
	       priv->net_dev->name, print_mac(mac, priv->mac_addr));
10523
	queue_work(priv->workqueue, &priv->adapter_restart);
10524
	mutex_unlock(&priv->mutex);
10525 10526 10527
	return 0;
}

10528
static void ipw_ethtool_get_drvinfo(struct net_device *dev,
10529 10530 10531 10532 10533 10534 10535 10536 10537 10538 10539 10540 10541 10542 10543
				    struct ethtool_drvinfo *info)
{
	struct ipw_priv *p = ieee80211_priv(dev);
	char vers[64];
	char date[32];
	u32 len;

	strcpy(info->driver, DRV_NAME);
	strcpy(info->version, DRV_VERSION);

	len = sizeof(vers);
	ipw_get_ordinal(p, IPW_ORD_STAT_FW_VERSION, vers, &len);
	len = sizeof(date);
	ipw_get_ordinal(p, IPW_ORD_STAT_FW_DATE, date, &len);

10544
	snprintf(info->fw_version, sizeof(info->fw_version), "%s (%s)",
10545 10546
		 vers, date);
	strcpy(info->bus_info, pci_name(p->pci_dev));
10547
	info->eedump_len = IPW_EEPROM_IMAGE_SIZE;
10548 10549 10550 10551 10552 10553 10554 10555 10556 10557
}

static u32 ipw_ethtool_get_link(struct net_device *dev)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	return (priv->status & STATUS_ASSOCIATED) != 0;
}

static int ipw_ethtool_get_eeprom_len(struct net_device *dev)
{
10558
	return IPW_EEPROM_IMAGE_SIZE;
10559 10560 10561
}

static int ipw_ethtool_get_eeprom(struct net_device *dev,
10562
				  struct ethtool_eeprom *eeprom, u8 * bytes)
10563 10564 10565
{
	struct ipw_priv *p = ieee80211_priv(dev);

10566
	if (eeprom->offset + eeprom->len > IPW_EEPROM_IMAGE_SIZE)
10567
		return -EINVAL;
10568
	mutex_lock(&p->mutex);
10569
	memcpy(bytes, &p->eeprom[eeprom->offset], eeprom->len);
10570
	mutex_unlock(&p->mutex);
10571 10572 10573 10574
	return 0;
}

static int ipw_ethtool_set_eeprom(struct net_device *dev,
10575
				  struct ethtool_eeprom *eeprom, u8 * bytes)
10576 10577 10578 10579
{
	struct ipw_priv *p = ieee80211_priv(dev);
	int i;

10580
	if (eeprom->offset + eeprom->len > IPW_EEPROM_IMAGE_SIZE)
10581
		return -EINVAL;
10582
	mutex_lock(&p->mutex);
10583
	memcpy(&p->eeprom[eeprom->offset], bytes, eeprom->len);
10584 10585
	for (i = 0; i < IPW_EEPROM_IMAGE_SIZE; i++)
		ipw_write8(p, i + IPW_EEPROM_DATA, p->eeprom[i]);
10586
	mutex_unlock(&p->mutex);
10587 10588 10589
	return 0;
}

10590
static const struct ethtool_ops ipw_ethtool_ops = {
10591 10592 10593 10594 10595
	.get_link = ipw_ethtool_get_link,
	.get_drvinfo = ipw_ethtool_get_drvinfo,
	.get_eeprom_len = ipw_ethtool_get_eeprom_len,
	.get_eeprom = ipw_ethtool_get_eeprom,
	.set_eeprom = ipw_ethtool_set_eeprom,
10596 10597
};

10598
static irqreturn_t ipw_isr(int irq, void *data)
10599 10600 10601
{
	struct ipw_priv *priv = data;
	u32 inta, inta_mask;
10602

10603 10604 10605
	if (!priv)
		return IRQ_NONE;

Zhu Yi's avatar
Zhu Yi committed
10606
	spin_lock(&priv->irq_lock);
10607 10608

	if (!(priv->status & STATUS_INT_ENABLED)) {
10609
		/* IRQ is disabled */
10610 10611 10612
		goto none;
	}

10613 10614
	inta = ipw_read32(priv, IPW_INTA_RW);
	inta_mask = ipw_read32(priv, IPW_INTA_MASK_R);
10615

10616 10617 10618 10619 10620 10621
	if (inta == 0xFFFFFFFF) {
		/* Hardware disappeared */
		IPW_WARNING("IRQ INTA == 0xFFFFFFFF\n");
		goto none;
	}

10622
	if (!(inta & (IPW_INTA_MASK_ALL & inta_mask))) {
10623 10624 10625 10626 10627
		/* Shared interrupt */
		goto none;
	}

	/* tell the device to stop sending interrupts */
Zhu Yi's avatar
Zhu Yi committed
10628
	__ipw_disable_interrupts(priv);
10629

10630
	/* ack current interrupts */
10631 10632
	inta &= (IPW_INTA_MASK_ALL & inta_mask);
	ipw_write32(priv, IPW_INTA_RW, inta);
10633

10634 10635 10636 10637 10638
	/* Cache INTA value for our tasklet */
	priv->isr_inta = inta;

	tasklet_schedule(&priv->irq_tasklet);

Zhu Yi's avatar
Zhu Yi committed
10639
	spin_unlock(&priv->irq_lock);
10640 10641

	return IRQ_HANDLED;
10642
      none:
Zhu Yi's avatar
Zhu Yi committed
10643
	spin_unlock(&priv->irq_lock);
10644 10645 10646 10647 10648 10649 10650
	return IRQ_NONE;
}

static void ipw_rf_kill(void *adapter)
{
	struct ipw_priv *priv = adapter;
	unsigned long flags;
10651

10652 10653 10654 10655 10656 10657 10658 10659 10660 10661 10662 10663 10664 10665 10666 10667 10668 10669
	spin_lock_irqsave(&priv->lock, flags);

	if (rf_kill_active(priv)) {
		IPW_DEBUG_RF_KILL("RF Kill active, rescheduling GPIO check\n");
		if (priv->workqueue)
			queue_delayed_work(priv->workqueue,
					   &priv->rf_kill, 2 * HZ);
		goto exit_unlock;
	}

	/* RF Kill is now disabled, so bring the device back up */

	if (!(priv->status & STATUS_RF_KILL_MASK)) {
		IPW_DEBUG_RF_KILL("HW RF Kill no longer active, restarting "
				  "device\n");

		/* we can not do an adapter restart while inside an irq lock */
		queue_work(priv->workqueue, &priv->adapter_restart);
10670
	} else
10671 10672 10673
		IPW_DEBUG_RF_KILL("HW RF Kill deactivated.  SW RF Kill still "
				  "enabled\n");

10674
      exit_unlock:
10675 10676 10677
	spin_unlock_irqrestore(&priv->lock, flags);
}

10678
static void ipw_bg_rf_kill(struct work_struct *work)
10679
{
10680 10681
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, rf_kill.work);
10682
	mutex_lock(&priv->mutex);
10683
	ipw_rf_kill(priv);
10684
	mutex_unlock(&priv->mutex);
10685 10686
}

10687
static void ipw_link_up(struct ipw_priv *priv)
10688
{
10689 10690 10691 10692
	priv->last_seq_num = -1;
	priv->last_frag_num = -1;
	priv->last_packet_time = 0;

10693 10694 10695 10696 10697 10698 10699 10700 10701
	netif_carrier_on(priv->net_dev);
	if (netif_queue_stopped(priv->net_dev)) {
		IPW_DEBUG_NOTIF("waking queue\n");
		netif_wake_queue(priv->net_dev);
	} else {
		IPW_DEBUG_NOTIF("starting queue\n");
		netif_start_queue(priv->net_dev);
	}

10702
	cancel_delayed_work(&priv->request_scan);
10703
	cancel_delayed_work(&priv->scan_event);
10704 10705 10706 10707 10708 10709 10710 10711 10712 10713 10714
	ipw_reset_stats(priv);
	/* Ensure the rate is updated immediately */
	priv->last_rate = ipw_get_current_rate(priv);
	ipw_gather_stats(priv);
	ipw_led_link_up(priv);
	notify_wx_assoc_event(priv);

	if (priv->config & CFG_BACKGROUND_SCAN)
		queue_delayed_work(priv->workqueue, &priv->request_scan, HZ);
}

10715
static void ipw_bg_link_up(struct work_struct *work)
10716
{
10717 10718
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, link_up);
10719
	mutex_lock(&priv->mutex);
10720
	ipw_link_up(priv);
10721
	mutex_unlock(&priv->mutex);
10722 10723
}

10724
static void ipw_link_down(struct ipw_priv *priv)
10725 10726 10727 10728 10729 10730 10731 10732 10733 10734 10735 10736 10737
{
	ipw_led_link_down(priv);
	netif_carrier_off(priv->net_dev);
	netif_stop_queue(priv->net_dev);
	notify_wx_assoc_event(priv);

	/* Cancel any queued work ... */
	cancel_delayed_work(&priv->request_scan);
	cancel_delayed_work(&priv->adhoc_check);
	cancel_delayed_work(&priv->gather_stats);

	ipw_reset_stats(priv);

10738 10739
	if (!(priv->status & STATUS_EXIT_PENDING)) {
		/* Queue up another scan... */
10740
		queue_delayed_work(priv->workqueue, &priv->request_scan, 0);
10741 10742
	} else
		cancel_delayed_work(&priv->scan_event);
10743 10744
}

10745
static void ipw_bg_link_down(struct work_struct *work)
10746
{
10747 10748
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, link_down);
10749
	mutex_lock(&priv->mutex);
10750
	ipw_link_down(priv);
10751
	mutex_unlock(&priv->mutex);
10752 10753 10754 10755 10756 10757 10758 10759
}

static int ipw_setup_deferred_work(struct ipw_priv *priv)
{
	int ret = 0;

	priv->workqueue = create_workqueue(DRV_NAME);
	init_waitqueue_head(&priv->wait_command_queue);
10760
	init_waitqueue_head(&priv->wait_state);
10761

10762 10763 10764 10765 10766 10767 10768 10769 10770 10771
	INIT_DELAYED_WORK(&priv->adhoc_check, ipw_bg_adhoc_check);
	INIT_WORK(&priv->associate, ipw_bg_associate);
	INIT_WORK(&priv->disassociate, ipw_bg_disassociate);
	INIT_WORK(&priv->system_config, ipw_system_config);
	INIT_WORK(&priv->rx_replenish, ipw_bg_rx_queue_replenish);
	INIT_WORK(&priv->adapter_restart, ipw_bg_adapter_restart);
	INIT_DELAYED_WORK(&priv->rf_kill, ipw_bg_rf_kill);
	INIT_WORK(&priv->up, ipw_bg_up);
	INIT_WORK(&priv->down, ipw_bg_down);
	INIT_DELAYED_WORK(&priv->request_scan, ipw_request_scan);
10772
	INIT_DELAYED_WORK(&priv->scan_event, ipw_scan_event);
10773 10774 10775 10776 10777 10778 10779 10780 10781 10782 10783
	INIT_WORK(&priv->request_passive_scan, ipw_request_passive_scan);
	INIT_DELAYED_WORK(&priv->gather_stats, ipw_bg_gather_stats);
	INIT_WORK(&priv->abort_scan, ipw_bg_abort_scan);
	INIT_WORK(&priv->roam, ipw_bg_roam);
	INIT_DELAYED_WORK(&priv->scan_check, ipw_bg_scan_check);
	INIT_WORK(&priv->link_up, ipw_bg_link_up);
	INIT_WORK(&priv->link_down, ipw_bg_link_down);
	INIT_DELAYED_WORK(&priv->led_link_on, ipw_bg_led_link_on);
	INIT_DELAYED_WORK(&priv->led_link_off, ipw_bg_led_link_off);
	INIT_DELAYED_WORK(&priv->led_act_off, ipw_bg_led_activity_off);
	INIT_WORK(&priv->merge_networks, ipw_merge_adhoc_network);
10784

10785
#ifdef CONFIG_IPW2200_QOS
10786
	INIT_WORK(&priv->qos_activate, ipw_bg_qos_activate);
10787
#endif				/* CONFIG_IPW2200_QOS */
10788 10789 10790 10791 10792 10793 10794 10795 10796 10797 10798 10799

	tasklet_init(&priv->irq_tasklet, (void (*)(unsigned long))
		     ipw_irq_tasklet, (unsigned long)priv);

	return ret;
}

static void shim__set_security(struct net_device *dev,
			       struct ieee80211_security *sec)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
	int i;
10800
	for (i = 0; i < 4; i++) {
10801
		if (sec->flags & (1 << i)) {
10802
			priv->ieee->sec.encode_alg[i] = sec->encode_alg[i];
10803
			priv->ieee->sec.key_sizes[i] = sec->key_sizes[i];
10804
			if (sec->key_sizes[i] == 0)
10805 10806 10807
				priv->ieee->sec.flags &= ~(1 << i);
			else {
				memcpy(priv->ieee->sec.keys[i], sec->keys[i],
10808
				       sec->key_sizes[i]);
10809 10810
				priv->ieee->sec.flags |= (1 << i);
			}
10811
			priv->status |= STATUS_SECURITY_UPDATED;
10812 10813
		} else if (sec->level != SEC_LEVEL_1)
			priv->ieee->sec.flags &= ~(1 << i);
10814 10815
	}

10816
	if (sec->flags & SEC_ACTIVE_KEY) {
10817
		if (sec->active_key <= 3) {
10818 10819
			priv->ieee->sec.active_key = sec->active_key;
			priv->ieee->sec.flags |= SEC_ACTIVE_KEY;
10820
		} else
10821
			priv->ieee->sec.flags &= ~SEC_ACTIVE_KEY;
10822
		priv->status |= STATUS_SECURITY_UPDATED;
10823 10824
	} else
		priv->ieee->sec.flags &= ~SEC_ACTIVE_KEY;
10825 10826

	if ((sec->flags & SEC_AUTH_MODE) &&
10827 10828 10829
	    (priv->ieee->sec.auth_mode != sec->auth_mode)) {
		priv->ieee->sec.auth_mode = sec->auth_mode;
		priv->ieee->sec.flags |= SEC_AUTH_MODE;
10830 10831 10832 10833 10834 10835
		if (sec->auth_mode == WLAN_AUTH_SHARED_KEY)
			priv->capability |= CAP_SHARED_KEY;
		else
			priv->capability &= ~CAP_SHARED_KEY;
		priv->status |= STATUS_SECURITY_UPDATED;
	}
10836

10837 10838 10839
	if (sec->flags & SEC_ENABLED && priv->ieee->sec.enabled != sec->enabled) {
		priv->ieee->sec.flags |= SEC_ENABLED;
		priv->ieee->sec.enabled = sec->enabled;
10840
		priv->status |= STATUS_SECURITY_UPDATED;
10841
		if (sec->enabled)
10842 10843 10844 10845
			priv->capability |= CAP_PRIVACY_ON;
		else
			priv->capability &= ~CAP_PRIVACY_ON;
	}
10846

10847 10848
	if (sec->flags & SEC_ENCRYPT)
		priv->ieee->sec.encrypt = sec->encrypt;
10849

10850 10851 10852
	if (sec->flags & SEC_LEVEL && priv->ieee->sec.level != sec->level) {
		priv->ieee->sec.level = sec->level;
		priv->ieee->sec.flags |= SEC_LEVEL;
10853 10854 10855
		priv->status |= STATUS_SECURITY_UPDATED;
	}

10856 10857 10858
	if (!priv->ieee->host_encrypt && (sec->flags & SEC_ENCRYPT))
		ipw_set_hwcrypto_keys(priv);

10859 10860
	/* To match current functionality of ipw2100 (which works well w/
	 * various supplicants, we don't force a disassociate if the
10861 10862 10863
	 * privacy capability changes ... */
#if 0
	if ((priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)) &&
10864
	    (((priv->assoc_request.capability &
10865
	       WLAN_CAPABILITY_PRIVACY) && !sec->enabled) ||
10866
	     (!(priv->assoc_request.capability &
10867
		WLAN_CAPABILITY_PRIVACY) && sec->enabled))) {
10868 10869 10870 10871 10872 10873 10874
		IPW_DEBUG_ASSOC("Disassociating due to capability "
				"change.\n");
		ipw_disassociate(priv);
	}
#endif
}

10875
static int init_supported_rates(struct ipw_priv *priv,
10876 10877 10878 10879 10880
				struct ipw_supported_rates *rates)
{
	/* TODO: Mask out rates based on priv->rates_mask */

	memset(rates, 0, sizeof(*rates));
10881
	/* configure supported rates */
10882 10883 10884 10885 10886 10887 10888 10889
	switch (priv->ieee->freq_band) {
	case IEEE80211_52GHZ_BAND:
		rates->ieee_mode = IPW_A_MODE;
		rates->purpose = IPW_RATE_CAPABILITIES;
		ipw_add_ofdm_scan_rates(rates, IEEE80211_CCK_MODULATION,
					IEEE80211_OFDM_DEFAULT_RATES_MASK);
		break;

10890
	default:		/* Mixed or 2.4Ghz */
10891 10892 10893 10894 10895 10896 10897 10898 10899 10900 10901 10902 10903 10904
		rates->ieee_mode = IPW_G_MODE;
		rates->purpose = IPW_RATE_CAPABILITIES;
		ipw_add_cck_scan_rates(rates, IEEE80211_CCK_MODULATION,
				       IEEE80211_CCK_DEFAULT_RATES_MASK);
		if (priv->ieee->modulation & IEEE80211_OFDM_MODULATION) {
			ipw_add_ofdm_scan_rates(rates, IEEE80211_CCK_MODULATION,
						IEEE80211_OFDM_DEFAULT_RATES_MASK);
		}
		break;
	}

	return 0;
}

10905
static int ipw_config(struct ipw_priv *priv)
10906 10907 10908 10909
{
	/* This is only called from ipw_up, which resets/reloads the firmware
	   so, we don't need to first disable the card before we configure
	   it */
10910
	if (ipw_set_tx_power(priv))
10911 10912 10913 10914 10915 10916 10917 10918
		goto error;

	/* initialize adapter address */
	if (ipw_send_adapter_address(priv, priv->net_dev->dev_addr))
		goto error;

	/* set basic system config settings */
	init_sys_config(&priv->sys_config);
10919 10920 10921 10922

	/* Support Bluetooth if we have BT h/w on board, and user wants to.
	 * Does not support BT priority yet (don't abort or defer our Tx) */
	if (bt_coexist) {
10923
		unsigned char bt_caps = priv->eeprom[EEPROM_SKU_CAPABILITY];
10924 10925 10926

		if (bt_caps & EEPROM_SKU_CAP_BT_CHANNEL_SIG)
			priv->sys_config.bt_coexistence
10927
			    |= CFG_BT_COEXISTENCE_SIGNAL_CHNL;
10928 10929
		if (bt_caps & EEPROM_SKU_CAP_BT_OOB)
			priv->sys_config.bt_coexistence
10930
			    |= CFG_BT_COEXISTENCE_OOB;
10931 10932
	}

10933 10934 10935 10936 10937 10938 10939 10940 10941
#ifdef CONFIG_IPW2200_PROMISCUOUS
	if (priv->prom_net_dev && netif_running(priv->prom_net_dev)) {
		priv->sys_config.accept_all_data_frames = 1;
		priv->sys_config.accept_non_directed_frames = 1;
		priv->sys_config.accept_all_mgmt_bcpr = 1;
		priv->sys_config.accept_all_mgmt_frames = 1;
	}
#endif

10942 10943 10944 10945 10946
	if (priv->ieee->iw_mode == IW_MODE_ADHOC)
		priv->sys_config.answer_broadcast_ssid_probe = 1;
	else
		priv->sys_config.answer_broadcast_ssid_probe = 0;

10947
	if (ipw_send_system_config(priv))
10948 10949
		goto error;

10950 10951
	init_supported_rates(priv, &priv->rates);
	if (ipw_send_supported_rates(priv, &priv->rates))
10952 10953 10954 10955 10956 10957 10958
		goto error;

	/* Set request-to-send threshold */
	if (priv->rts_threshold) {
		if (ipw_send_rts_threshold(priv, priv->rts_threshold))
			goto error;
	}
10959
#ifdef CONFIG_IPW2200_QOS
10960 10961
	IPW_DEBUG_QOS("QoS: call ipw_qos_activate\n");
	ipw_qos_activate(priv, NULL);
10962
#endif				/* CONFIG_IPW2200_QOS */
10963 10964 10965

	if (ipw_set_random_seed(priv))
		goto error;
10966

10967 10968 10969 10970
	/* final state transition to the RUN state */
	if (ipw_send_host_complete(priv))
		goto error;

10971 10972 10973 10974 10975 10976 10977 10978 10979 10980 10981
	priv->status |= STATUS_INIT;

	ipw_led_init(priv);
	ipw_led_radio_on(priv);
	priv->notif_missed_beacons = 0;

	/* Set hardware WEP key if it is configured. */
	if ((priv->capability & CAP_PRIVACY_ON) &&
	    (priv->ieee->sec.level == SEC_LEVEL_1) &&
	    !(priv->ieee->host_encrypt || priv->ieee->host_decrypt))
		ipw_set_hwcrypto_keys(priv);
10982 10983

	return 0;
10984

10985
      error:
10986 10987 10988
	return -EIO;
}

10989 10990 10991 10992 10993 10994 10995 10996 10997 10998
/*
 * NOTE:
 *
 * These tables have been tested in conjunction with the
 * Intel PRO/Wireless 2200BG and 2915ABG Network Connection Adapters.
 *
 * Altering this values, using it on other hardware, or in geographies
 * not intended for resale of the above mentioned Intel adapters has
 * not been tested.
 *
10999 11000 11001
 * Remember to update the table in README.ipw2200 when changing this
 * table.
 *
11002 11003 11004 11005 11006 11007 11008 11009 11010 11011 11012 11013 11014 11015 11016 11017 11018 11019 11020 11021 11022 11023 11024 11025 11026 11027 11028 11029 11030 11031 11032 11033 11034 11035 11036 11037 11038 11039 11040 11041 11042 11043 11044 11045 11046 11047 11048 11049 11050 11051 11052 11053 11054 11055 11056 11057 11058 11059 11060 11061 11062 11063 11064 11065 11066 11067 11068 11069 11070 11071 11072 11073 11074 11075 11076 11077 11078 11079 11080 11081 11082 11083 11084 11085 11086 11087 11088 11089 11090 11091 11092 11093 11094 11095 11096 11097 11098 11099 11100 11101 11102 11103 11104 11105 11106 11107 11108 11109 11110 11111 11112 11113 11114 11115 11116 11117 11118 11119 11120 11121 11122 11123 11124 11125 11126 11127 11128 11129 11130 11131 11132 11133 11134 11135 11136 11137 11138 11139 11140 11141 11142 11143 11144 11145 11146 11147 11148 11149 11150
 */
static const struct ieee80211_geo ipw_geos[] = {
	{			/* Restricted */
	 "---",
	 .bg_channels = 11,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}},
	 },

	{			/* Custom US/Canada */
	 "ZZF",
	 .bg_channels = 11,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}},
	 .a_channels = 8,
	 .a = {{5180, 36},
	       {5200, 40},
	       {5220, 44},
	       {5240, 48},
	       {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
	       {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
	       {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
	       {5320, 64, IEEE80211_CH_PASSIVE_ONLY}},
	 },

	{			/* Rest of World */
	 "ZZD",
	 .bg_channels = 13,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}, {2467, 12},
		{2472, 13}},
	 },

	{			/* Custom USA & Europe & High */
	 "ZZA",
	 .bg_channels = 11,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}},
	 .a_channels = 13,
	 .a = {{5180, 36},
	       {5200, 40},
	       {5220, 44},
	       {5240, 48},
	       {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
	       {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
	       {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
	       {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
	       {5745, 149},
	       {5765, 153},
	       {5785, 157},
	       {5805, 161},
	       {5825, 165}},
	 },

	{			/* Custom NA & Europe */
	 "ZZB",
	 .bg_channels = 11,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}},
	 .a_channels = 13,
	 .a = {{5180, 36},
	       {5200, 40},
	       {5220, 44},
	       {5240, 48},
	       {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
	       {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
	       {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
	       {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
	       {5745, 149, IEEE80211_CH_PASSIVE_ONLY},
	       {5765, 153, IEEE80211_CH_PASSIVE_ONLY},
	       {5785, 157, IEEE80211_CH_PASSIVE_ONLY},
	       {5805, 161, IEEE80211_CH_PASSIVE_ONLY},
	       {5825, 165, IEEE80211_CH_PASSIVE_ONLY}},
	 },

	{			/* Custom Japan */
	 "ZZC",
	 .bg_channels = 11,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}},
	 .a_channels = 4,
	 .a = {{5170, 34}, {5190, 38},
	       {5210, 42}, {5230, 46}},
	 },

	{			/* Custom */
	 "ZZM",
	 .bg_channels = 11,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}},
	 },

	{			/* Europe */
	 "ZZE",
	 .bg_channels = 13,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}, {2467, 12},
		{2472, 13}},
	 .a_channels = 19,
	 .a = {{5180, 36},
	       {5200, 40},
	       {5220, 44},
	       {5240, 48},
	       {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
	       {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
	       {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
	       {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
	       {5500, 100, IEEE80211_CH_PASSIVE_ONLY},
	       {5520, 104, IEEE80211_CH_PASSIVE_ONLY},
	       {5540, 108, IEEE80211_CH_PASSIVE_ONLY},
	       {5560, 112, IEEE80211_CH_PASSIVE_ONLY},
	       {5580, 116, IEEE80211_CH_PASSIVE_ONLY},
	       {5600, 120, IEEE80211_CH_PASSIVE_ONLY},
	       {5620, 124, IEEE80211_CH_PASSIVE_ONLY},
	       {5640, 128, IEEE80211_CH_PASSIVE_ONLY},
	       {5660, 132, IEEE80211_CH_PASSIVE_ONLY},
	       {5680, 136, IEEE80211_CH_PASSIVE_ONLY},
	       {5700, 140, IEEE80211_CH_PASSIVE_ONLY}},
	 },

	{			/* Custom Japan */
	 "ZZJ",
	 .bg_channels = 14,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}, {2467, 12},
		{2472, 13}, {2484, 14, IEEE80211_CH_B_ONLY}},
	 .a_channels = 4,
	 .a = {{5170, 34}, {5190, 38},
	       {5210, 42}, {5230, 46}},
	 },

11151 11152 11153 11154 11155 11156 11157 11158 11159 11160 11161
	{			/* Rest of World */
	 "ZZR",
	 .bg_channels = 14,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}, {2467, 12},
		{2472, 13}, {2484, 14, IEEE80211_CH_B_ONLY |
			     IEEE80211_CH_PASSIVE_ONLY}},
	 },

11162 11163 11164 11165 11166 11167 11168 11169 11170 11171 11172 11173 11174 11175 11176 11177 11178 11179 11180 11181 11182 11183 11184 11185 11186 11187 11188 11189 11190 11191 11192 11193 11194 11195 11196 11197 11198 11199 11200 11201 11202 11203 11204 11205 11206 11207 11208 11209 11210 11211 11212 11213 11214 11215 11216 11217 11218 11219 11220 11221 11222 11223 11224 11225 11226 11227 11228 11229 11230 11231 11232 11233 11234 11235 11236 11237 11238 11239 11240 11241 11242 11243 11244 11245 11246
	{			/* High Band */
	 "ZZH",
	 .bg_channels = 13,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11},
		{2467, 12, IEEE80211_CH_PASSIVE_ONLY},
		{2472, 13, IEEE80211_CH_PASSIVE_ONLY}},
	 .a_channels = 4,
	 .a = {{5745, 149}, {5765, 153},
	       {5785, 157}, {5805, 161}},
	 },

	{			/* Custom Europe */
	 "ZZG",
	 .bg_channels = 13,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11},
		{2467, 12}, {2472, 13}},
	 .a_channels = 4,
	 .a = {{5180, 36}, {5200, 40},
	       {5220, 44}, {5240, 48}},
	 },

	{			/* Europe */
	 "ZZK",
	 .bg_channels = 13,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11},
		{2467, 12, IEEE80211_CH_PASSIVE_ONLY},
		{2472, 13, IEEE80211_CH_PASSIVE_ONLY}},
	 .a_channels = 24,
	 .a = {{5180, 36, IEEE80211_CH_PASSIVE_ONLY},
	       {5200, 40, IEEE80211_CH_PASSIVE_ONLY},
	       {5220, 44, IEEE80211_CH_PASSIVE_ONLY},
	       {5240, 48, IEEE80211_CH_PASSIVE_ONLY},
	       {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
	       {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
	       {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
	       {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
	       {5500, 100, IEEE80211_CH_PASSIVE_ONLY},
	       {5520, 104, IEEE80211_CH_PASSIVE_ONLY},
	       {5540, 108, IEEE80211_CH_PASSIVE_ONLY},
	       {5560, 112, IEEE80211_CH_PASSIVE_ONLY},
	       {5580, 116, IEEE80211_CH_PASSIVE_ONLY},
	       {5600, 120, IEEE80211_CH_PASSIVE_ONLY},
	       {5620, 124, IEEE80211_CH_PASSIVE_ONLY},
	       {5640, 128, IEEE80211_CH_PASSIVE_ONLY},
	       {5660, 132, IEEE80211_CH_PASSIVE_ONLY},
	       {5680, 136, IEEE80211_CH_PASSIVE_ONLY},
	       {5700, 140, IEEE80211_CH_PASSIVE_ONLY},
	       {5745, 149, IEEE80211_CH_PASSIVE_ONLY},
	       {5765, 153, IEEE80211_CH_PASSIVE_ONLY},
	       {5785, 157, IEEE80211_CH_PASSIVE_ONLY},
	       {5805, 161, IEEE80211_CH_PASSIVE_ONLY},
	       {5825, 165, IEEE80211_CH_PASSIVE_ONLY}},
	 },

	{			/* Europe */
	 "ZZL",
	 .bg_channels = 11,
	 .bg = {{2412, 1}, {2417, 2}, {2422, 3},
		{2427, 4}, {2432, 5}, {2437, 6},
		{2442, 7}, {2447, 8}, {2452, 9},
		{2457, 10}, {2462, 11}},
	 .a_channels = 13,
	 .a = {{5180, 36, IEEE80211_CH_PASSIVE_ONLY},
	       {5200, 40, IEEE80211_CH_PASSIVE_ONLY},
	       {5220, 44, IEEE80211_CH_PASSIVE_ONLY},
	       {5240, 48, IEEE80211_CH_PASSIVE_ONLY},
	       {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
	       {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
	       {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
	       {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
	       {5745, 149, IEEE80211_CH_PASSIVE_ONLY},
	       {5765, 153, IEEE80211_CH_PASSIVE_ONLY},
	       {5785, 157, IEEE80211_CH_PASSIVE_ONLY},
	       {5805, 161, IEEE80211_CH_PASSIVE_ONLY},
	       {5825, 165, IEEE80211_CH_PASSIVE_ONLY}},
	 }
11247 11248
};

11249 11250 11251
#define MAX_HW_RESTARTS 5
static int ipw_up(struct ipw_priv *priv)
{
11252
	int rc, i, j;
11253 11254 11255 11256

	if (priv->status & STATUS_EXIT_PENDING)
		return -EIO;

11257
	if (cmdlog && !priv->cmdlog) {
11258
		priv->cmdlog = kcalloc(cmdlog, sizeof(*priv->cmdlog),
11259 11260 11261 11262
				       GFP_KERNEL);
		if (priv->cmdlog == NULL) {
			IPW_ERROR("Error allocating %d command log entries.\n",
				  cmdlog);
11263
			return -ENOMEM;
11264 11265 11266 11267 11268
		} else {
			priv->cmdlog_len = cmdlog;
		}
	}

11269
	for (i = 0; i < MAX_HW_RESTARTS; i++) {
11270
		/* Load the microcode, firmware, and eeprom.
11271 11272 11273
		 * Also start the clocks. */
		rc = ipw_load(priv);
		if (rc) {
11274
			IPW_ERROR("Unable to load firmware: %d\n", rc);
11275 11276 11277 11278 11279 11280 11281 11282
			return rc;
		}

		ipw_init_ordinals(priv);
		if (!(priv->config & CFG_CUSTOM_MAC))
			eeprom_parse_mac(priv, priv->mac_addr);
		memcpy(priv->net_dev->dev_addr, priv->mac_addr, ETH_ALEN);

11283 11284 11285 11286 11287
		for (j = 0; j < ARRAY_SIZE(ipw_geos); j++) {
			if (!memcmp(&priv->eeprom[EEPROM_COUNTRY_CODE],
				    ipw_geos[j].name, 3))
				break;
		}
11288 11289 11290 11291 11292
		if (j == ARRAY_SIZE(ipw_geos)) {
			IPW_WARNING("SKU [%c%c%c] not recognized.\n",
				    priv->eeprom[EEPROM_COUNTRY_CODE + 0],
				    priv->eeprom[EEPROM_COUNTRY_CODE + 1],
				    priv->eeprom[EEPROM_COUNTRY_CODE + 2]);
11293
			j = 0;
11294
		}
11295
		if (ieee80211_set_geo(priv->ieee, &ipw_geos[j])) {
11296 11297 11298 11299
			IPW_WARNING("Could not set geography.");
			return 0;
		}

11300 11301 11302 11303 11304 11305 11306 11307 11308
		if (priv->status & STATUS_RF_KILL_SW) {
			IPW_WARNING("Radio disabled by module parameter.\n");
			return 0;
		} else if (rf_kill_active(priv)) {
			IPW_WARNING("Radio Frequency Kill Switch is On:\n"
				    "Kill switch must be turned off for "
				    "wireless networking to work.\n");
			queue_delayed_work(priv->workqueue, &priv->rf_kill,
					   2 * HZ);
11309
			return 0;
11310
		}
11311 11312 11313 11314

		rc = ipw_config(priv);
		if (!rc) {
			IPW_DEBUG_INFO("Configured device on count %i\n", i);
11315 11316 11317

			/* If configure to try and auto-associate, kick
			 * off a scan. */
11318 11319
			queue_delayed_work(priv->workqueue,
					   &priv->request_scan, 0);
11320

11321 11322
			return 0;
		}
11323

11324
		IPW_DEBUG_INFO("Device configuration failed: 0x%08X\n", rc);
11325 11326 11327 11328 11329 11330 11331 11332
		IPW_DEBUG_INFO("Failed to config device on retry %d of %d\n",
			       i, MAX_HW_RESTARTS);

		/* We had an error bringing up the hardware, so take it
		 * all the way back down so we can try again */
		ipw_down(priv);
	}

11333
	/* tried to restart and config the device for as long as our
11334
	 * patience could withstand */
11335
	IPW_ERROR("Unable to initialize device after %d attempts.\n", i);
11336

11337 11338 11339
	return -EIO;
}

11340
static void ipw_bg_up(struct work_struct *work)
11341
{
11342 11343
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, up);
11344
	mutex_lock(&priv->mutex);
11345
	ipw_up(priv);
11346
	mutex_unlock(&priv->mutex);
11347 11348
}

11349
static void ipw_deinit(struct ipw_priv *priv)
11350
{
11351 11352 11353 11354 11355 11356 11357 11358 11359 11360 11361 11362 11363 11364 11365 11366 11367 11368 11369 11370 11371 11372 11373 11374 11375 11376 11377 11378
	int i;

	if (priv->status & STATUS_SCANNING) {
		IPW_DEBUG_INFO("Aborting scan during shutdown.\n");
		ipw_abort_scan(priv);
	}

	if (priv->status & STATUS_ASSOCIATED) {
		IPW_DEBUG_INFO("Disassociating during shutdown.\n");
		ipw_disassociate(priv);
	}

	ipw_led_shutdown(priv);

	/* Wait up to 1s for status to change to not scanning and not
	 * associated (disassociation can take a while for a ful 802.11
	 * exchange */
	for (i = 1000; i && (priv->status &
			     (STATUS_DISASSOCIATING |
			      STATUS_ASSOCIATED | STATUS_SCANNING)); i--)
		udelay(10);

	if (priv->status & (STATUS_DISASSOCIATING |
			    STATUS_ASSOCIATED | STATUS_SCANNING))
		IPW_DEBUG_INFO("Still associated or scanning...\n");
	else
		IPW_DEBUG_INFO("Took %dms to de-init\n", 1000 - i);

11379 11380
	/* Attempt to disable the card */
	ipw_send_card_disable(priv, 0);
11381 11382 11383 11384 11385 11386 11387 11388 11389 11390 11391 11392 11393 11394 11395 11396 11397

	priv->status &= ~STATUS_INIT;
}

static void ipw_down(struct ipw_priv *priv)
{
	int exit_pending = priv->status & STATUS_EXIT_PENDING;

	priv->status |= STATUS_EXIT_PENDING;

	if (ipw_is_init(priv))
		ipw_deinit(priv);

	/* Wipe out the EXIT_PENDING status bit if we are not actually
	 * exiting the module */
	if (!exit_pending)
		priv->status &= ~STATUS_EXIT_PENDING;
11398 11399 11400 11401 11402

	/* tell the device to stop sending interrupts */
	ipw_disable_interrupts(priv);

	/* Clear all bits but the RF Kill */
11403
	priv->status &= STATUS_RF_KILL_MASK | STATUS_EXIT_PENDING;
11404 11405 11406 11407
	netif_carrier_off(priv->net_dev);
	netif_stop_queue(priv->net_dev);

	ipw_stop_nic(priv);
11408 11409

	ipw_led_radio_off(priv);
11410 11411
}

11412
static void ipw_bg_down(struct work_struct *work)
11413
{
11414 11415
	struct ipw_priv *priv =
		container_of(work, struct ipw_priv, down);
11416
	mutex_lock(&priv->mutex);
11417
	ipw_down(priv);
11418
	mutex_unlock(&priv->mutex);
11419 11420 11421 11422 11423 11424
}

/* Called by register_netdev() */
static int ipw_net_init(struct net_device *dev)
{
	struct ipw_priv *priv = ieee80211_priv(dev);
11425
	mutex_lock(&priv->mutex);
11426

11427
	if (ipw_up(priv)) {
11428
		mutex_unlock(&priv->mutex);
11429
		return -EIO;
11430
	}
11431

11432
	mutex_unlock(&priv->mutex);
11433 11434 11435 11436 11437 11438 11439 11440 11441 11442 11443 11444 11445 11446 11447 11448 11449 11450 11451 11452 11453 11454 11455
	return 0;
}

/* PCI driver stuff */
static struct pci_device_id card_ids[] = {
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2701, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2702, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2711, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2712, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2721, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2722, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2731, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2732, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2741, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x103c, 0x2741, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2742, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2751, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2752, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2753, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2754, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2761, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2762, 0, 0, 0},
	{PCI_VENDOR_ID_INTEL, 0x104f, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0},
11456
	{PCI_VENDOR_ID_INTEL, 0x4220, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0},	/* BG */
11457
	{PCI_VENDOR_ID_INTEL, 0x4221, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0},	/* BG */
11458 11459
	{PCI_VENDOR_ID_INTEL, 0x4223, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0},	/* ABG */
	{PCI_VENDOR_ID_INTEL, 0x4224, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0},	/* ABG */
11460

11461 11462 11463 11464 11465 11466 11467 11468 11469 11470 11471 11472 11473 11474 11475 11476
	/* required last entry */
	{0,}
};

MODULE_DEVICE_TABLE(pci, card_ids);

static struct attribute *ipw_sysfs_entries[] = {
	&dev_attr_rf_kill.attr,
	&dev_attr_direct_dword.attr,
	&dev_attr_indirect_byte.attr,
	&dev_attr_indirect_dword.attr,
	&dev_attr_mem_gpio_reg.attr,
	&dev_attr_command_event_reg.attr,
	&dev_attr_nic_type.attr,
	&dev_attr_status.attr,
	&dev_attr_cfg.attr,
11477 11478
	&dev_attr_error.attr,
	&dev_attr_event_log.attr,
11479
	&dev_attr_cmd_log.attr,
11480 11481 11482
	&dev_attr_eeprom_delay.attr,
	&dev_attr_ucode_version.attr,
	&dev_attr_rtc.attr,
11483 11484
	&dev_attr_scan_age.attr,
	&dev_attr_led.attr,
11485 11486
	&dev_attr_speed_scan.attr,
	&dev_attr_net_stats.attr,
11487
	&dev_attr_channels.attr,
11488 11489 11490 11491
#ifdef CONFIG_IPW2200_PROMISCUOUS
	&dev_attr_rtap_iface.attr,
	&dev_attr_rtap_filter.attr,
#endif
11492 11493 11494 11495 11496
	NULL
};

static struct attribute_group ipw_attribute_group = {
	.name = NULL,		/* put in device directory */
11497
	.attrs = ipw_sysfs_entries,
11498 11499
};

11500 11501 11502 11503 11504 11505 11506 11507 11508 11509 11510 11511 11512 11513 11514 11515 11516 11517 11518 11519 11520 11521 11522 11523 11524 11525 11526 11527 11528 11529 11530 11531 11532 11533 11534 11535 11536 11537 11538 11539 11540 11541 11542 11543 11544 11545 11546 11547 11548 11549 11550 11551 11552 11553 11554 11555 11556 11557 11558 11559 11560 11561 11562 11563 11564 11565 11566 11567 11568 11569 11570 11571 11572 11573 11574 11575 11576 11577 11578 11579 11580 11581 11582 11583 11584 11585 11586 11587 11588 11589 11590 11591 11592 11593 11594 11595 11596 11597 11598 11599 11600 11601 11602
#ifdef CONFIG_IPW2200_PROMISCUOUS
static int ipw_prom_open(struct net_device *dev)
{
	struct ipw_prom_priv *prom_priv = ieee80211_priv(dev);
	struct ipw_priv *priv = prom_priv->priv;

	IPW_DEBUG_INFO("prom dev->open\n");
	netif_carrier_off(dev);
	netif_stop_queue(dev);

	if (priv->ieee->iw_mode != IW_MODE_MONITOR) {
		priv->sys_config.accept_all_data_frames = 1;
		priv->sys_config.accept_non_directed_frames = 1;
		priv->sys_config.accept_all_mgmt_bcpr = 1;
		priv->sys_config.accept_all_mgmt_frames = 1;

		ipw_send_system_config(priv);
	}

	return 0;
}

static int ipw_prom_stop(struct net_device *dev)
{
	struct ipw_prom_priv *prom_priv = ieee80211_priv(dev);
	struct ipw_priv *priv = prom_priv->priv;

	IPW_DEBUG_INFO("prom dev->stop\n");

	if (priv->ieee->iw_mode != IW_MODE_MONITOR) {
		priv->sys_config.accept_all_data_frames = 0;
		priv->sys_config.accept_non_directed_frames = 0;
		priv->sys_config.accept_all_mgmt_bcpr = 0;
		priv->sys_config.accept_all_mgmt_frames = 0;

		ipw_send_system_config(priv);
	}

	return 0;
}

static int ipw_prom_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
{
	IPW_DEBUG_INFO("prom dev->xmit\n");
	netif_stop_queue(dev);
	return -EOPNOTSUPP;
}

static struct net_device_stats *ipw_prom_get_stats(struct net_device *dev)
{
	struct ipw_prom_priv *prom_priv = ieee80211_priv(dev);
	return &prom_priv->ieee->stats;
}

static int ipw_prom_alloc(struct ipw_priv *priv)
{
	int rc = 0;

	if (priv->prom_net_dev)
		return -EPERM;

	priv->prom_net_dev = alloc_ieee80211(sizeof(struct ipw_prom_priv));
	if (priv->prom_net_dev == NULL)
		return -ENOMEM;

	priv->prom_priv = ieee80211_priv(priv->prom_net_dev);
	priv->prom_priv->ieee = netdev_priv(priv->prom_net_dev);
	priv->prom_priv->priv = priv;

	strcpy(priv->prom_net_dev->name, "rtap%d");

	priv->prom_net_dev->type = ARPHRD_IEEE80211_RADIOTAP;
	priv->prom_net_dev->open = ipw_prom_open;
	priv->prom_net_dev->stop = ipw_prom_stop;
	priv->prom_net_dev->get_stats = ipw_prom_get_stats;
	priv->prom_net_dev->hard_start_xmit = ipw_prom_hard_start_xmit;

	priv->prom_priv->ieee->iw_mode = IW_MODE_MONITOR;

	rc = register_netdev(priv->prom_net_dev);
	if (rc) {
		free_ieee80211(priv->prom_net_dev);
		priv->prom_net_dev = NULL;
		return rc;
	}

	return 0;
}

static void ipw_prom_free(struct ipw_priv *priv)
{
	if (!priv->prom_net_dev)
		return;

	unregister_netdev(priv->prom_net_dev);
	free_ieee80211(priv->prom_net_dev);

	priv->prom_net_dev = NULL;
}

#endif


11603
static int ipw_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
11604 11605 11606 11607 11608 11609
{
	int err = 0;
	struct net_device *net_dev;
	void __iomem *base;
	u32 length, val;
	struct ipw_priv *priv;
11610
	int i;
11611 11612 11613 11614 11615 11616 11617 11618 11619

	net_dev = alloc_ieee80211(sizeof(struct ipw_priv));
	if (net_dev == NULL) {
		err = -ENOMEM;
		goto out;
	}

	priv = ieee80211_priv(net_dev);
	priv->ieee = netdev_priv(net_dev);
11620

11621 11622 11623
	priv->net_dev = net_dev;
	priv->pci_dev = pdev;
	ipw_debug_level = debug;
Zhu Yi's avatar
Zhu Yi committed
11624
	spin_lock_init(&priv->irq_lock);
11625
	spin_lock_init(&priv->lock);
11626 11627
	for (i = 0; i < IPW_IBSS_MAC_HASH_SIZE; i++)
		INIT_LIST_HEAD(&priv->ibss_mac_hash[i]);
11628

11629
	mutex_init(&priv->mutex);
11630 11631 11632 11633 11634 11635 11636
	if (pci_enable_device(pdev)) {
		err = -ENODEV;
		goto out_free_ieee80211;
	}

	pci_set_master(pdev);

11637
	err = pci_set_dma_mask(pdev, DMA_32BIT_MASK);
11638
	if (!err)
11639
		err = pci_set_consistent_dma_mask(pdev, DMA_32BIT_MASK);
11640 11641 11642 11643 11644 11645 11646 11647
	if (err) {
		printk(KERN_WARNING DRV_NAME ": No suitable DMA available.\n");
		goto out_pci_disable_device;
	}

	pci_set_drvdata(pdev, priv);

	err = pci_request_regions(pdev, DRV_NAME);
11648
	if (err)
11649 11650
		goto out_pci_disable_device;

11651
	/* We disable the RETRY_TIMEOUT register (0x41) to keep
11652
	 * PCI Tx retries from interfering with C3 CPU state */
11653 11654
	pci_read_config_dword(pdev, 0x40, &val);
	if ((val & 0x0000ff00) != 0)
11655
		pci_write_config_dword(pdev, 0x40, val & 0xffff00ff);
11656

11657 11658
	length = pci_resource_len(pdev, 0);
	priv->hw_len = length;
11659

11660 11661 11662 11663 11664 11665 11666 11667 11668 11669 11670 11671 11672 11673 11674 11675
	base = ioremap_nocache(pci_resource_start(pdev, 0), length);
	if (!base) {
		err = -ENODEV;
		goto out_pci_release_regions;
	}

	priv->hw_base = base;
	IPW_DEBUG_INFO("pci_resource_len = 0x%08x\n", length);
	IPW_DEBUG_INFO("pci_resource_base = %p\n", base);

	err = ipw_setup_deferred_work(priv);
	if (err) {
		IPW_ERROR("Unable to setup deferred work\n");
		goto out_iounmap;
	}

11676
	ipw_sw_reset(priv, 1);
11677

11678
	err = request_irq(pdev->irq, ipw_isr, IRQF_SHARED, DRV_NAME, priv);
11679 11680 11681 11682 11683 11684 11685
	if (err) {
		IPW_ERROR("Error allocating IRQ %d\n", pdev->irq);
		goto out_destroy_workqueue;
	}

	SET_NETDEV_DEV(net_dev, &pdev->dev);

11686
	mutex_lock(&priv->mutex);
11687

11688 11689
	priv->ieee->hard_start_xmit = ipw_net_hard_start_xmit;
	priv->ieee->set_security = shim__set_security;
11690
	priv->ieee->is_queue_full = ipw_net_is_queue_full;
11691

11692
#ifdef CONFIG_IPW2200_QOS
11693
	priv->ieee->is_qos_active = ipw_is_qos_active;
11694 11695 11696
	priv->ieee->handle_probe_response = ipw_handle_beacon;
	priv->ieee->handle_beacon = ipw_handle_probe_response;
	priv->ieee->handle_assoc_response = ipw_handle_assoc_response;
11697
#endif				/* CONFIG_IPW2200_QOS */
11698

11699 11700
	priv->ieee->perfect_rssi = -20;
	priv->ieee->worst_rssi = -85;
11701 11702 11703 11704 11705 11706 11707

	net_dev->open = ipw_net_open;
	net_dev->stop = ipw_net_stop;
	net_dev->init = ipw_net_init;
	net_dev->get_stats = ipw_net_get_stats;
	net_dev->set_multicast_list = ipw_net_set_multicast_list;
	net_dev->set_mac_address = ipw_net_set_mac_address;
11708 11709
	priv->wireless_data.spy_data = &priv->ieee->spy_data;
	net_dev->wireless_data = &priv->wireless_data;
11710 11711 11712
	net_dev->wireless_handlers = &ipw_wx_handler_def;
	net_dev->ethtool_ops = &ipw_ethtool_ops;
	net_dev->irq = pdev->irq;
11713
	net_dev->base_addr = (unsigned long)priv->hw_base;
11714 11715 11716 11717 11718 11719
	net_dev->mem_start = pci_resource_start(pdev, 0);
	net_dev->mem_end = net_dev->mem_start + pci_resource_len(pdev, 0) - 1;

	err = sysfs_create_group(&pdev->dev.kobj, &ipw_attribute_group);
	if (err) {
		IPW_ERROR("failed to create sysfs device attributes\n");
11720
		mutex_unlock(&priv->mutex);
11721 11722 11723
		goto out_release_irq;
	}

11724
	mutex_unlock(&priv->mutex);
11725 11726 11727
	err = register_netdev(net_dev);
	if (err) {
		IPW_ERROR("failed to register network device\n");
11728
		goto out_remove_sysfs;
11729
	}
11730

11731 11732 11733 11734 11735 11736 11737 11738 11739 11740 11741 11742
#ifdef CONFIG_IPW2200_PROMISCUOUS
	if (rtap_iface) {
	        err = ipw_prom_alloc(priv);
		if (err) {
			IPW_ERROR("Failed to register promiscuous network "
				  "device (error %d).\n", err);
			unregister_netdev(priv->net_dev);
			goto out_remove_sysfs;
		}
	}
#endif

11743 11744 11745 11746 11747
	printk(KERN_INFO DRV_NAME ": Detected geography %s (%d 802.11bg "
	       "channels, %d 802.11a channels)\n",
	       priv->ieee->geo.name, priv->ieee->geo.bg_channels,
	       priv->ieee->geo.a_channels);

11748 11749
	return 0;

11750
      out_remove_sysfs:
11751
	sysfs_remove_group(&pdev->dev.kobj, &ipw_attribute_group);
11752
      out_release_irq:
11753
	free_irq(pdev->irq, priv);
11754
      out_destroy_workqueue:
11755 11756
	destroy_workqueue(priv->workqueue);
	priv->workqueue = NULL;
11757
      out_iounmap:
11758
	iounmap(priv->hw_base);
11759
      out_pci_release_regions:
11760
	pci_release_regions(pdev);
11761
      out_pci_disable_device:
11762 11763
	pci_disable_device(pdev);
	pci_set_drvdata(pdev, NULL);
11764
      out_free_ieee80211:
11765
	free_ieee80211(priv->net_dev);
11766
      out:
11767 11768 11769 11770 11771 11772
	return err;
}

static void ipw_pci_remove(struct pci_dev *pdev)
{
	struct ipw_priv *priv = pci_get_drvdata(pdev);
11773 11774
	struct list_head *p, *q;
	int i;
11775

11776 11777 11778
	if (!priv)
		return;

11779
	mutex_lock(&priv->mutex);
11780

11781
	priv->status |= STATUS_EXIT_PENDING;
11782 11783 11784
	ipw_down(priv);
	sysfs_remove_group(&pdev->dev.kobj, &ipw_attribute_group);

11785
	mutex_unlock(&priv->mutex);
11786 11787 11788 11789 11790 11791 11792 11793 11794

	unregister_netdev(priv->net_dev);

	if (priv->rxq) {
		ipw_rx_queue_free(priv, priv->rxq);
		priv->rxq = NULL;
	}
	ipw_tx_queue_free(priv);

11795 11796 11797 11798
	if (priv->cmdlog) {
		kfree(priv->cmdlog);
		priv->cmdlog = NULL;
	}
11799 11800
	/* ipw_down will ensure that there is no more pending work
	 * in the workqueue's, so we can safely remove them now. */
11801 11802 11803
	cancel_delayed_work(&priv->adhoc_check);
	cancel_delayed_work(&priv->gather_stats);
	cancel_delayed_work(&priv->request_scan);
11804
	cancel_delayed_work(&priv->scan_event);
11805 11806 11807 11808
	cancel_delayed_work(&priv->rf_kill);
	cancel_delayed_work(&priv->scan_check);
	destroy_workqueue(priv->workqueue);
	priv->workqueue = NULL;
11809

11810 11811 11812 11813
	/* Free MAC hash list for ADHOC */
	for (i = 0; i < IPW_IBSS_MAC_HASH_SIZE; i++) {
		list_for_each_safe(p, q, &priv->ibss_mac_hash[i]) {
			list_del(p);
11814
			kfree(list_entry(p, struct ipw_ibss_seq, list));
11815 11816 11817
		}
	}

11818 11819
	kfree(priv->error);
	priv->error = NULL;
11820

11821 11822 11823 11824
#ifdef CONFIG_IPW2200_PROMISCUOUS
	ipw_prom_free(priv);
#endif

11825 11826 11827 11828 11829 11830
	free_irq(pdev->irq, priv);
	iounmap(priv->hw_base);
	pci_release_regions(pdev);
	pci_disable_device(pdev);
	pci_set_drvdata(pdev, NULL);
	free_ieee80211(priv->net_dev);
11831
	free_firmware();
11832 11833 11834
}

#ifdef CONFIG_PM
11835
static int ipw_pci_suspend(struct pci_dev *pdev, pm_message_t state)
11836 11837 11838 11839 11840 11841
{
	struct ipw_priv *priv = pci_get_drvdata(pdev);
	struct net_device *dev = priv->net_dev;

	printk(KERN_INFO "%s: Going into suspend...\n", dev->name);

11842
	/* Take down the device; powers it off, etc. */
11843 11844 11845 11846 11847 11848 11849
	ipw_down(priv);

	/* Remove the PRESENT state of the device */
	netif_device_detach(dev);

	pci_save_state(pdev);
	pci_disable_device(pdev);
11850
	pci_set_power_state(pdev, pci_choose_state(pdev, state));
11851

11852 11853 11854 11855 11856 11857 11858
	return 0;
}

static int ipw_pci_resume(struct pci_dev *pdev)
{
	struct ipw_priv *priv = pci_get_drvdata(pdev);
	struct net_device *dev = priv->net_dev;
11859
	int err;
11860
	u32 val;
11861

11862 11863
	printk(KERN_INFO "%s: Coming out of suspend...\n", dev->name);

11864
	pci_set_power_state(pdev, PCI_D0);
11865 11866 11867 11868 11869 11870
	err = pci_enable_device(pdev);
	if (err) {
		printk(KERN_ERR "%s: pci_enable_device failed on resume\n",
		       dev->name);
		return err;
	}
11871
	pci_restore_state(pdev);
11872

11873 11874 11875 11876 11877 11878
	/*
	 * Suspend/Resume resets the PCI configuration space, so we have to
	 * re-disable the RETRY_TIMEOUT register (0x41) to keep PCI Tx retries
	 * from interfering with C3 CPU state. pci_restore_state won't help
	 * here since it only restores the first 64 bytes pci config header.
	 */
11879 11880
	pci_read_config_dword(pdev, 0x40, &val);
	if ((val & 0x0000ff00) != 0)
11881 11882 11883 11884 11885 11886 11887 11888
		pci_write_config_dword(pdev, 0x40, val & 0xffff00ff);

	/* Set the device back into the PRESENT state; this will also wake
	 * the queue of needed */
	netif_device_attach(dev);

	/* Bring the device back up */
	queue_work(priv->workqueue, &priv->up);
11889

11890 11891 11892 11893
	return 0;
}
#endif

11894 11895 11896 11897 11898 11899 11900 11901 11902 11903
static void ipw_pci_shutdown(struct pci_dev *pdev)
{
	struct ipw_priv *priv = pci_get_drvdata(pdev);

	/* Take down the device; powers it off, etc. */
	ipw_down(priv);

	pci_disable_device(pdev);
}

11904 11905 11906 11907 11908 11909 11910 11911 11912 11913
/* driver initialization stuff */
static struct pci_driver ipw_driver = {
	.name = DRV_NAME,
	.id_table = card_ids,
	.probe = ipw_pci_probe,
	.remove = __devexit_p(ipw_pci_remove),
#ifdef CONFIG_PM
	.suspend = ipw_pci_suspend,
	.resume = ipw_pci_resume,
#endif
11914
	.shutdown = ipw_pci_shutdown,
11915 11916 11917 11918 11919 11920 11921 11922 11923
};

static int __init ipw_init(void)
{
	int ret;

	printk(KERN_INFO DRV_NAME ": " DRV_DESCRIPTION ", " DRV_VERSION "\n");
	printk(KERN_INFO DRV_NAME ": " DRV_COPYRIGHT "\n");

11924
	ret = pci_register_driver(&ipw_driver);
11925 11926 11927 11928 11929
	if (ret) {
		IPW_ERROR("Unable to initialize PCI module\n");
		return ret;
	}

11930
	ret = driver_create_file(&ipw_driver.driver, &driver_attr_debug_level);
11931 11932 11933 11934 11935 11936 11937 11938 11939 11940 11941 11942 11943 11944 11945 11946 11947 11948 11949 11950 11951 11952 11953 11954
	if (ret) {
		IPW_ERROR("Unable to create driver sysfs file\n");
		pci_unregister_driver(&ipw_driver);
		return ret;
	}

	return ret;
}

static void __exit ipw_exit(void)
{
	driver_remove_file(&ipw_driver.driver, &driver_attr_debug_level);
	pci_unregister_driver(&ipw_driver);
}

module_param(disable, int, 0444);
MODULE_PARM_DESC(disable, "manually disable the radio (default 0 [radio on])");

module_param(associate, int, 0444);
MODULE_PARM_DESC(associate, "auto associate when scanning (default on)");

module_param(auto_create, int, 0444);
MODULE_PARM_DESC(auto_create, "auto create adhoc network (default on)");

11955
module_param(led, int, 0444);
11956
MODULE_PARM_DESC(led, "enable led control on some systems (default 0 off)\n");
11957

11958 11959 11960 11961
module_param(debug, int, 0444);
MODULE_PARM_DESC(debug, "debug output mask");

module_param(channel, int, 0444);
11962
MODULE_PARM_DESC(channel, "channel to limit associate to (default 0 [ANY])");
11963

11964 11965 11966 11967 11968
#ifdef CONFIG_IPW2200_PROMISCUOUS
module_param(rtap_iface, int, 0444);
MODULE_PARM_DESC(rtap_iface, "create the rtap interface (1 - create, default 0)");
#endif

11969
#ifdef CONFIG_IPW2200_QOS
11970 11971 11972 11973 11974 11975 11976 11977
module_param(qos_enable, int, 0444);
MODULE_PARM_DESC(qos_enable, "enable all QoS functionalitis");

module_param(qos_burst_enable, int, 0444);
MODULE_PARM_DESC(qos_burst_enable, "enable QoS burst mode");

module_param(qos_no_ack_mask, int, 0444);
MODULE_PARM_DESC(qos_no_ack_mask, "mask Tx_Queue to no ack");
11978

11979 11980 11981 11982 11983
module_param(burst_duration_CCK, int, 0444);
MODULE_PARM_DESC(burst_duration_CCK, "set CCK burst value");

module_param(burst_duration_OFDM, int, 0444);
MODULE_PARM_DESC(burst_duration_OFDM, "set OFDM burst value");
11984
#endif				/* CONFIG_IPW2200_QOS */
11985 11986

#ifdef CONFIG_IPW2200_MONITOR
11987 11988 11989 11990 11991 11992 11993
module_param(mode, int, 0444);
MODULE_PARM_DESC(mode, "network mode (0=BSS,1=IBSS,2=Monitor)");
#else
module_param(mode, int, 0444);
MODULE_PARM_DESC(mode, "network mode (0=BSS,1=IBSS)");
#endif

11994 11995 11996
module_param(bt_coexist, int, 0444);
MODULE_PARM_DESC(bt_coexist, "enable bluetooth coexistence (default off)");

11997
module_param(hwcrypto, int, 0444);
11998
MODULE_PARM_DESC(hwcrypto, "enable hardware crypto (default off)");
11999

12000 12001 12002 12003
module_param(cmdlog, int, 0444);
MODULE_PARM_DESC(cmdlog,
		 "allocate a ring buffer for logging firmware commands");

12004 12005 12006
module_param(roaming, int, 0444);
MODULE_PARM_DESC(roaming, "enable roaming support (default on)");

12007 12008 12009
module_param(antenna, int, 0444);
MODULE_PARM_DESC(antenna, "select antenna 1=Main, 3=Aux, default 0 [both], 2=slow_diversity (choose the one with lower background noise)");

12010 12011
module_exit(ipw_exit);
module_init(ipw_init);