aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/net/wireless/orinoco/orinoco.c
diff options
context:
space:
mode:
authorDavid Kilroy <kilroyd@googlemail.com>2009-02-04 18:05:48 -0500
committerJohn W. Linville <linville@tuxdriver.com>2009-02-11 11:44:27 -0500
commit47445cb95015bef0d54ca799f31e454797378a71 (patch)
treee77ff21e2ff91edd8931b07379360e4c09341654 /drivers/net/wireless/orinoco/orinoco.c
parent2131266d6e53e8f84f8111323036343d72bcb856 (diff)
orinoco: Rename orinoco.c
So that we can split up the file and still produce a module named orinoco.o. Signed-off-by: David Kilroy <kilroyd@googlemail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'drivers/net/wireless/orinoco/orinoco.c')
-rw-r--r--drivers/net/wireless/orinoco/orinoco.c6164
1 files changed, 0 insertions, 6164 deletions
diff --git a/drivers/net/wireless/orinoco/orinoco.c b/drivers/net/wireless/orinoco/orinoco.c
deleted file mode 100644
index 1544effd95e..00000000000
--- a/drivers/net/wireless/orinoco/orinoco.c
+++ /dev/null
@@ -1,6164 +0,0 @@
1/* orinoco.c - (formerly known as dldwd_cs.c and orinoco_cs.c)
2 *
3 * A driver for Hermes or Prism 2 chipset based PCMCIA wireless
4 * adaptors, with Lucent/Agere, Intersil or Symbol firmware.
5 *
6 * Current maintainers (as of 29 September 2003) are:
7 * Pavel Roskin <proski AT gnu.org>
8 * and David Gibson <hermes AT gibson.dropbear.id.au>
9 *
10 * (C) Copyright David Gibson, IBM Corporation 2001-2003.
11 * Copyright (C) 2000 David Gibson, Linuxcare Australia.
12 * With some help from :
13 * Copyright (C) 2001 Jean Tourrilhes, HP Labs
14 * Copyright (C) 2001 Benjamin Herrenschmidt
15 *
16 * Based on dummy_cs.c 1.27 2000/06/12 21:27:25
17 *
18 * Portions based on wvlan_cs.c 1.0.6, Copyright Andreas Neuhaus <andy
19 * AT fasta.fh-dortmund.de>
20 * http://www.stud.fh-dortmund.de/~andy/wvlan/
21 *
22 * The contents of this file are subject to the Mozilla Public License
23 * Version 1.1 (the "License"); you may not use this file except in
24 * compliance with the License. You may obtain a copy of the License
25 * at http://www.mozilla.org/MPL/
26 *
27 * Software distributed under the License is distributed on an "AS IS"
28 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
29 * the License for the specific language governing rights and
30 * limitations under the License.
31 *
32 * The initial developer of the original code is David A. Hinds
33 * <dahinds AT users.sourceforge.net>. Portions created by David
34 * A. Hinds are Copyright (C) 1999 David A. Hinds. All Rights
35 * Reserved.
36 *
37 * Alternatively, the contents of this file may be used under the
38 * terms of the GNU General Public License version 2 (the "GPL"), in
39 * which case the provisions of the GPL are applicable instead of the
40 * above. If you wish to allow the use of your version of this file
41 * only under the terms of the GPL and not to allow others to use your
42 * version of this file under the MPL, indicate your decision by
43 * deleting the provisions above and replace them with the notice and
44 * other provisions required by the GPL. If you do not delete the
45 * provisions above, a recipient may use your version of this file
46 * under either the MPL or the GPL. */
47
48/*
49 * TODO
50 * o Handle de-encapsulation within network layer, provide 802.11
51 * headers (patch from Thomas 'Dent' Mirlacher)
52 * o Fix possible races in SPY handling.
53 * o Disconnect wireless extensions from fundamental configuration.
54 * o (maybe) Software WEP support (patch from Stano Meduna).
55 * o (maybe) Use multiple Tx buffers - driver handling queue
56 * rather than firmware.
57 */
58
59/* Locking and synchronization:
60 *
61 * The basic principle is that everything is serialized through a
62 * single spinlock, priv->lock. The lock is used in user, bh and irq
63 * context, so when taken outside hardirq context it should always be
64 * taken with interrupts disabled. The lock protects both the
65 * hardware and the struct orinoco_private.
66 *
67 * Another flag, priv->hw_unavailable indicates that the hardware is
68 * unavailable for an extended period of time (e.g. suspended, or in
69 * the middle of a hard reset). This flag is protected by the
70 * spinlock. All code which touches the hardware should check the
71 * flag after taking the lock, and if it is set, give up on whatever
72 * they are doing and drop the lock again. The orinoco_lock()
73 * function handles this (it unlocks and returns -EBUSY if
74 * hw_unavailable is non-zero).
75 */
76
77#define DRIVER_NAME "orinoco"
78
79#include <linux/module.h>
80#include <linux/kernel.h>
81#include <linux/init.h>
82#include <linux/delay.h>
83#include <linux/netdevice.h>
84#include <linux/etherdevice.h>
85#include <linux/ethtool.h>
86#include <linux/firmware.h>
87#include <linux/suspend.h>
88#include <linux/if_arp.h>
89#include <linux/wireless.h>
90#include <linux/ieee80211.h>
91#include <net/iw_handler.h>
92
93#include <linux/scatterlist.h>
94#include <linux/crypto.h>
95
96#include "hermes_rid.h"
97#include "hermes_dld.h"
98#include "orinoco.h"
99
100/********************************************************************/
101/* Module information */
102/********************************************************************/
103
104MODULE_AUTHOR("Pavel Roskin <proski@gnu.org> & "
105 "David Gibson <hermes@gibson.dropbear.id.au>");
106MODULE_DESCRIPTION("Driver for Lucent Orinoco, Prism II based "
107 "and similar wireless cards");
108MODULE_LICENSE("Dual MPL/GPL");
109
110/* Level of debugging. Used in the macros in orinoco.h */
111#ifdef ORINOCO_DEBUG
112int orinoco_debug = ORINOCO_DEBUG;
113EXPORT_SYMBOL(orinoco_debug);
114module_param(orinoco_debug, int, 0644);
115MODULE_PARM_DESC(orinoco_debug, "Debug level");
116#endif
117
118static int suppress_linkstatus; /* = 0 */
119module_param(suppress_linkstatus, bool, 0644);
120MODULE_PARM_DESC(suppress_linkstatus, "Don't log link status changes");
121
122static int ignore_disconnect; /* = 0 */
123module_param(ignore_disconnect, int, 0644);
124MODULE_PARM_DESC(ignore_disconnect,
125 "Don't report lost link to the network layer");
126
127static int force_monitor; /* = 0 */
128module_param(force_monitor, int, 0644);
129MODULE_PARM_DESC(force_monitor, "Allow monitor mode for all firmware versions");
130
131/********************************************************************/
132/* Compile time configuration and compatibility stuff */
133/********************************************************************/
134
135/* We do this this way to avoid ifdefs in the actual code */
136#ifdef WIRELESS_SPY
137#define SPY_NUMBER(priv) (priv->spy_data.spy_number)
138#else
139#define SPY_NUMBER(priv) 0
140#endif /* WIRELESS_SPY */
141
142/********************************************************************/
143/* Internal constants */
144/********************************************************************/
145
146/* 802.2 LLC/SNAP header used for Ethernet encapsulation over 802.11 */
147static const u8 encaps_hdr[] = {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00};
148#define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2)
149
150#define ORINOCO_MIN_MTU 256
151#define ORINOCO_MAX_MTU (IEEE80211_MAX_DATA_LEN - ENCAPS_OVERHEAD)
152
153#define SYMBOL_MAX_VER_LEN (14)
154#define USER_BAP 0
155#define IRQ_BAP 1
156#define MAX_IRQLOOPS_PER_IRQ 10
157#define MAX_IRQLOOPS_PER_JIFFY (20000/HZ) /* Based on a guestimate of
158 * how many events the
159 * device could
160 * legitimately generate */
161#define SMALL_KEY_SIZE 5
162#define LARGE_KEY_SIZE 13
163#define TX_NICBUF_SIZE_BUG 1585 /* Bug in Symbol firmware */
164
165#define DUMMY_FID 0xFFFF
166
167/*#define MAX_MULTICAST(priv) (priv->firmware_type == FIRMWARE_TYPE_AGERE ? \
168 HERMES_MAX_MULTICAST : 0)*/
169#define MAX_MULTICAST(priv) (HERMES_MAX_MULTICAST)
170
171#define ORINOCO_INTEN (HERMES_EV_RX | HERMES_EV_ALLOC \
172 | HERMES_EV_TX | HERMES_EV_TXEXC \
173 | HERMES_EV_WTERR | HERMES_EV_INFO \
174 | HERMES_EV_INFDROP)
175
176#define MAX_RID_LEN 1024
177
178static const struct iw_handler_def orinoco_handler_def;
179static const struct ethtool_ops orinoco_ethtool_ops;
180
181/********************************************************************/
182/* Data tables */
183/********************************************************************/
184
185#define NUM_CHANNELS 14
186
187/* This tables gives the actual meanings of the bitrate IDs returned
188 * by the firmware. */
189static struct {
190 int bitrate; /* in 100s of kilobits */
191 int automatic;
192 u16 agere_txratectrl;
193 u16 intersil_txratectrl;
194} bitrate_table[] = {
195 {110, 1, 3, 15}, /* Entry 0 is the default */
196 {10, 0, 1, 1},
197 {10, 1, 1, 1},
198 {20, 0, 2, 2},
199 {20, 1, 6, 3},
200 {55, 0, 4, 4},
201 {55, 1, 7, 7},
202 {110, 0, 5, 8},
203};
204#define BITRATE_TABLE_SIZE ARRAY_SIZE(bitrate_table)
205
206/********************************************************************/
207/* Data types */
208/********************************************************************/
209
210/* Beginning of the Tx descriptor, used in TxExc handling */
211struct hermes_txexc_data {
212 struct hermes_tx_descriptor desc;
213 __le16 frame_ctl;
214 __le16 duration_id;
215 u8 addr1[ETH_ALEN];
216} __attribute__ ((packed));
217
218/* Rx frame header except compatibility 802.3 header */
219struct hermes_rx_descriptor {
220 /* Control */
221 __le16 status;
222 __le32 time;
223 u8 silence;
224 u8 signal;
225 u8 rate;
226 u8 rxflow;
227 __le32 reserved;
228
229 /* 802.11 header */
230 __le16 frame_ctl;
231 __le16 duration_id;
232 u8 addr1[ETH_ALEN];
233 u8 addr2[ETH_ALEN];
234 u8 addr3[ETH_ALEN];
235 __le16 seq_ctl;
236 u8 addr4[ETH_ALEN];
237
238 /* Data length */
239 __le16 data_len;
240} __attribute__ ((packed));
241
242struct orinoco_rx_data {
243 struct hermes_rx_descriptor *desc;
244 struct sk_buff *skb;
245 struct list_head list;
246};
247
248/********************************************************************/
249/* Function prototypes */
250/********************************************************************/
251
252static int __orinoco_program_rids(struct net_device *dev);
253static void __orinoco_set_multicast_list(struct net_device *dev);
254
255/********************************************************************/
256/* Michael MIC crypto setup */
257/********************************************************************/
258#define MICHAEL_MIC_LEN 8
259static int orinoco_mic_init(struct orinoco_private *priv)
260{
261 priv->tx_tfm_mic = crypto_alloc_hash("michael_mic", 0, 0);
262 if (IS_ERR(priv->tx_tfm_mic)) {
263 printk(KERN_DEBUG "orinoco_mic_init: could not allocate "
264 "crypto API michael_mic\n");
265 priv->tx_tfm_mic = NULL;
266 return -ENOMEM;
267 }
268
269 priv->rx_tfm_mic = crypto_alloc_hash("michael_mic", 0, 0);
270 if (IS_ERR(priv->rx_tfm_mic)) {
271 printk(KERN_DEBUG "orinoco_mic_init: could not allocate "
272 "crypto API michael_mic\n");
273 priv->rx_tfm_mic = NULL;
274 return -ENOMEM;
275 }
276
277 return 0;
278}
279
280static void orinoco_mic_free(struct orinoco_private *priv)
281{
282 if (priv->tx_tfm_mic)
283 crypto_free_hash(priv->tx_tfm_mic);
284 if (priv->rx_tfm_mic)
285 crypto_free_hash(priv->rx_tfm_mic);
286}
287
288static int michael_mic(struct crypto_hash *tfm_michael, u8 *key,
289 u8 *da, u8 *sa, u8 priority,
290 u8 *data, size_t data_len, u8 *mic)
291{
292 struct hash_desc desc;
293 struct scatterlist sg[2];
294 u8 hdr[ETH_HLEN + 2]; /* size of header + padding */
295
296 if (tfm_michael == NULL) {
297 printk(KERN_WARNING "michael_mic: tfm_michael == NULL\n");
298 return -1;
299 }
300
301 /* Copy header into buffer. We need the padding on the end zeroed */
302 memcpy(&hdr[0], da, ETH_ALEN);
303 memcpy(&hdr[ETH_ALEN], sa, ETH_ALEN);
304 hdr[ETH_ALEN*2] = priority;
305 hdr[ETH_ALEN*2+1] = 0;
306 hdr[ETH_ALEN*2+2] = 0;
307 hdr[ETH_ALEN*2+3] = 0;
308
309 /* Use scatter gather to MIC header and data in one go */
310 sg_init_table(sg, 2);
311 sg_set_buf(&sg[0], hdr, sizeof(hdr));
312 sg_set_buf(&sg[1], data, data_len);
313
314 if (crypto_hash_setkey(tfm_michael, key, MIC_KEYLEN))
315 return -1;
316
317 desc.tfm = tfm_michael;
318 desc.flags = 0;
319 return crypto_hash_digest(&desc, sg, data_len + sizeof(hdr),
320 mic);
321}
322
323/********************************************************************/
324/* Internal helper functions */
325/********************************************************************/
326
327static inline void set_port_type(struct orinoco_private *priv)
328{
329 switch (priv->iw_mode) {
330 case IW_MODE_INFRA:
331 priv->port_type = 1;
332 priv->createibss = 0;
333 break;
334 case IW_MODE_ADHOC:
335 if (priv->prefer_port3) {
336 priv->port_type = 3;
337 priv->createibss = 0;
338 } else {
339 priv->port_type = priv->ibss_port;
340 priv->createibss = 1;
341 }
342 break;
343 case IW_MODE_MONITOR:
344 priv->port_type = 3;
345 priv->createibss = 0;
346 break;
347 default:
348 printk(KERN_ERR "%s: Invalid priv->iw_mode in set_port_type()\n",
349 priv->ndev->name);
350 }
351}
352
353#define ORINOCO_MAX_BSS_COUNT 64
354static int orinoco_bss_data_allocate(struct orinoco_private *priv)
355{
356 if (priv->bss_xbss_data)
357 return 0;
358
359 if (priv->has_ext_scan)
360 priv->bss_xbss_data = kzalloc(ORINOCO_MAX_BSS_COUNT *
361 sizeof(struct xbss_element),
362 GFP_KERNEL);
363 else
364 priv->bss_xbss_data = kzalloc(ORINOCO_MAX_BSS_COUNT *
365 sizeof(struct bss_element),
366 GFP_KERNEL);
367
368 if (!priv->bss_xbss_data) {
369 printk(KERN_WARNING "Out of memory allocating beacons");
370 return -ENOMEM;
371 }
372 return 0;
373}
374
375static void orinoco_bss_data_free(struct orinoco_private *priv)
376{
377 kfree(priv->bss_xbss_data);
378 priv->bss_xbss_data = NULL;
379}
380
381#define PRIV_BSS ((struct bss_element *)priv->bss_xbss_data)
382#define PRIV_XBSS ((struct xbss_element *)priv->bss_xbss_data)
383static void orinoco_bss_data_init(struct orinoco_private *priv)
384{
385 int i;
386
387 INIT_LIST_HEAD(&priv->bss_free_list);
388 INIT_LIST_HEAD(&priv->bss_list);
389 if (priv->has_ext_scan)
390 for (i = 0; i < ORINOCO_MAX_BSS_COUNT; i++)
391 list_add_tail(&(PRIV_XBSS[i].list),
392 &priv->bss_free_list);
393 else
394 for (i = 0; i < ORINOCO_MAX_BSS_COUNT; i++)
395 list_add_tail(&(PRIV_BSS[i].list),
396 &priv->bss_free_list);
397
398}
399
400static inline u8 *orinoco_get_ie(u8 *data, size_t len,
401 enum ieee80211_eid eid)
402{
403 u8 *p = data;
404 while ((p + 2) < (data + len)) {
405 if (p[0] == eid)
406 return p;
407 p += p[1] + 2;
408 }
409 return NULL;
410}
411
412#define WPA_OUI_TYPE "\x00\x50\xF2\x01"
413#define WPA_SELECTOR_LEN 4
414static inline u8 *orinoco_get_wpa_ie(u8 *data, size_t len)
415{
416 u8 *p = data;
417 while ((p + 2 + WPA_SELECTOR_LEN) < (data + len)) {
418 if ((p[0] == WLAN_EID_GENERIC) &&
419 (memcmp(&p[2], WPA_OUI_TYPE, WPA_SELECTOR_LEN) == 0))
420 return p;
421 p += p[1] + 2;
422 }
423 return NULL;
424}
425
426
427/********************************************************************/
428/* Download functionality */
429/********************************************************************/
430
431struct fw_info {
432 char *pri_fw;
433 char *sta_fw;
434 char *ap_fw;
435 u32 pda_addr;
436 u16 pda_size;
437};
438
439const static struct fw_info orinoco_fw[] = {
440 { NULL, "agere_sta_fw.bin", "agere_ap_fw.bin", 0x00390000, 1000 },
441 { NULL, "prism_sta_fw.bin", "prism_ap_fw.bin", 0, 1024 },
442 { "symbol_sp24t_prim_fw", "symbol_sp24t_sec_fw", NULL, 0x00003100, 512 }
443};
444
445/* Structure used to access fields in FW
446 * Make sure LE decoding macros are used
447 */
448struct orinoco_fw_header {
449 char hdr_vers[6]; /* ASCII string for header version */
450 __le16 headersize; /* Total length of header */
451 __le32 entry_point; /* NIC entry point */
452 __le32 blocks; /* Number of blocks to program */
453 __le32 block_offset; /* Offset of block data from eof header */
454 __le32 pdr_offset; /* Offset to PDR data from eof header */
455 __le32 pri_offset; /* Offset to primary plug data */
456 __le32 compat_offset; /* Offset to compatibility data*/
457 char signature[0]; /* FW signature length headersize-20 */
458} __attribute__ ((packed));
459
460/* Download either STA or AP firmware into the card. */
461static int
462orinoco_dl_firmware(struct orinoco_private *priv,
463 const struct fw_info *fw,
464 int ap)
465{
466 /* Plug Data Area (PDA) */
467 __le16 *pda;
468
469 hermes_t *hw = &priv->hw;
470 const struct firmware *fw_entry;
471 const struct orinoco_fw_header *hdr;
472 const unsigned char *first_block;
473 const unsigned char *end;
474 const char *firmware;
475 struct net_device *dev = priv->ndev;
476 int err = 0;
477
478 pda = kzalloc(fw->pda_size, GFP_KERNEL);
479 if (!pda)
480 return -ENOMEM;
481
482 if (ap)
483 firmware = fw->ap_fw;
484 else
485 firmware = fw->sta_fw;
486
487 printk(KERN_DEBUG "%s: Attempting to download firmware %s\n",
488 dev->name, firmware);
489
490 /* Read current plug data */
491 err = hermes_read_pda(hw, pda, fw->pda_addr, fw->pda_size, 0);
492 printk(KERN_DEBUG "%s: Read PDA returned %d\n", dev->name, err);
493 if (err)
494 goto free;
495
496 if (!priv->cached_fw) {
497 err = request_firmware(&fw_entry, firmware, priv->dev);
498
499 if (err) {
500 printk(KERN_ERR "%s: Cannot find firmware %s\n",
501 dev->name, firmware);
502 err = -ENOENT;
503 goto free;
504 }
505 } else
506 fw_entry = priv->cached_fw;
507
508 hdr = (const struct orinoco_fw_header *) fw_entry->data;
509
510 /* Enable aux port to allow programming */
511 err = hermesi_program_init(hw, le32_to_cpu(hdr->entry_point));
512 printk(KERN_DEBUG "%s: Program init returned %d\n", dev->name, err);
513 if (err != 0)
514 goto abort;
515
516 /* Program data */
517 first_block = (fw_entry->data +
518 le16_to_cpu(hdr->headersize) +
519 le32_to_cpu(hdr->block_offset));
520 end = fw_entry->data + fw_entry->size;
521
522 err = hermes_program(hw, first_block, end);
523 printk(KERN_DEBUG "%s: Program returned %d\n", dev->name, err);
524 if (err != 0)
525 goto abort;
526
527 /* Update production data */
528 first_block = (fw_entry->data +
529 le16_to_cpu(hdr->headersize) +
530 le32_to_cpu(hdr->pdr_offset));
531
532 err = hermes_apply_pda_with_defaults(hw, first_block, pda);
533 printk(KERN_DEBUG "%s: Apply PDA returned %d\n", dev->name, err);
534 if (err)
535 goto abort;
536
537 /* Tell card we've finished */
538 err = hermesi_program_end(hw);
539 printk(KERN_DEBUG "%s: Program end returned %d\n", dev->name, err);
540 if (err != 0)
541 goto abort;
542
543 /* Check if we're running */
544 printk(KERN_DEBUG "%s: hermes_present returned %d\n",
545 dev->name, hermes_present(hw));
546
547abort:
548 /* If we requested the firmware, release it. */
549 if (!priv->cached_fw)
550 release_firmware(fw_entry);
551
552free:
553 kfree(pda);
554 return err;
555}
556
557/* End markers */
558#define TEXT_END 0x1A /* End of text header */
559
560/*
561 * Process a firmware image - stop the card, load the firmware, reset
562 * the card and make sure it responds. For the secondary firmware take
563 * care of the PDA - read it and then write it on top of the firmware.
564 */
565static int
566symbol_dl_image(struct orinoco_private *priv, const struct fw_info *fw,
567 const unsigned char *image, const unsigned char *end,
568 int secondary)
569{
570 hermes_t *hw = &priv->hw;
571 int ret = 0;
572 const unsigned char *ptr;
573 const unsigned char *first_block;
574
575 /* Plug Data Area (PDA) */
576 __le16 *pda = NULL;
577
578 /* Binary block begins after the 0x1A marker */
579 ptr = image;
580 while (*ptr++ != TEXT_END);
581 first_block = ptr;
582
583 /* Read the PDA from EEPROM */
584 if (secondary) {
585 pda = kzalloc(fw->pda_size, GFP_KERNEL);
586 if (!pda)
587 return -ENOMEM;
588
589 ret = hermes_read_pda(hw, pda, fw->pda_addr, fw->pda_size, 1);
590 if (ret)
591 goto free;
592 }
593
594 /* Stop the firmware, so that it can be safely rewritten */
595 if (priv->stop_fw) {
596 ret = priv->stop_fw(priv, 1);
597 if (ret)
598 goto free;
599 }
600
601 /* Program the adapter with new firmware */
602 ret = hermes_program(hw, first_block, end);
603 if (ret)
604 goto free;
605
606 /* Write the PDA to the adapter */
607 if (secondary) {
608 size_t len = hermes_blocks_length(first_block);
609 ptr = first_block + len;
610 ret = hermes_apply_pda(hw, ptr, pda);
611 kfree(pda);
612 if (ret)
613 return ret;
614 }
615
616 /* Run the firmware */
617 if (priv->stop_fw) {
618 ret = priv->stop_fw(priv, 0);
619 if (ret)
620 return ret;
621 }
622
623 /* Reset hermes chip and make sure it responds */
624 ret = hermes_init(hw);
625
626 /* hermes_reset() should return 0 with the secondary firmware */
627 if (secondary && ret != 0)
628 return -ENODEV;
629
630 /* And this should work with any firmware */
631 if (!hermes_present(hw))
632 return -ENODEV;
633
634 return 0;
635
636free:
637 kfree(pda);
638 return ret;
639}
640
641
642/*
643 * Download the firmware into the card, this also does a PCMCIA soft
644 * reset on the card, to make sure it's in a sane state.
645 */
646static int
647symbol_dl_firmware(struct orinoco_private *priv,
648 const struct fw_info *fw)
649{
650 struct net_device *dev = priv->ndev;
651 int ret;
652 const struct firmware *fw_entry;
653
654 if (!priv->cached_pri_fw) {
655 if (request_firmware(&fw_entry, fw->pri_fw, priv->dev) != 0) {
656 printk(KERN_ERR "%s: Cannot find firmware: %s\n",
657 dev->name, fw->pri_fw);
658 return -ENOENT;
659 }
660 } else
661 fw_entry = priv->cached_pri_fw;
662
663 /* Load primary firmware */
664 ret = symbol_dl_image(priv, fw, fw_entry->data,
665 fw_entry->data + fw_entry->size, 0);
666
667 if (!priv->cached_pri_fw)
668 release_firmware(fw_entry);
669 if (ret) {
670 printk(KERN_ERR "%s: Primary firmware download failed\n",
671 dev->name);
672 return ret;
673 }
674
675 if (!priv->cached_fw) {
676 if (request_firmware(&fw_entry, fw->sta_fw, priv->dev) != 0) {
677 printk(KERN_ERR "%s: Cannot find firmware: %s\n",
678 dev->name, fw->sta_fw);
679 return -ENOENT;
680 }
681 } else
682 fw_entry = priv->cached_fw;
683
684 /* Load secondary firmware */
685 ret = symbol_dl_image(priv, fw, fw_entry->data,
686 fw_entry->data + fw_entry->size, 1);
687 if (!priv->cached_fw)
688 release_firmware(fw_entry);
689 if (ret) {
690 printk(KERN_ERR "%s: Secondary firmware download failed\n",
691 dev->name);
692 }
693
694 return ret;
695}
696
697static int orinoco_download(struct orinoco_private *priv)
698{
699 int err = 0;
700 /* Reload firmware */
701 switch (priv->firmware_type) {
702 case FIRMWARE_TYPE_AGERE:
703 /* case FIRMWARE_TYPE_INTERSIL: */
704 err = orinoco_dl_firmware(priv,
705 &orinoco_fw[priv->firmware_type], 0);
706 break;
707
708 case FIRMWARE_TYPE_SYMBOL:
709 err = symbol_dl_firmware(priv,
710 &orinoco_fw[priv->firmware_type]);
711 break;
712 case FIRMWARE_TYPE_INTERSIL:
713 break;
714 }
715 /* TODO: if we fail we probably need to reinitialise
716 * the driver */
717
718 return err;
719}
720
721#if defined(CONFIG_HERMES_CACHE_FW_ON_INIT) || defined(CONFIG_PM_SLEEP)
722static void orinoco_cache_fw(struct orinoco_private *priv, int ap)
723{
724 const struct firmware *fw_entry = NULL;
725 const char *pri_fw;
726 const char *fw;
727
728 pri_fw = orinoco_fw[priv->firmware_type].pri_fw;
729 if (ap)
730 fw = orinoco_fw[priv->firmware_type].ap_fw;
731 else
732 fw = orinoco_fw[priv->firmware_type].sta_fw;
733
734 if (pri_fw) {
735 if (request_firmware(&fw_entry, pri_fw, priv->dev) == 0)
736 priv->cached_pri_fw = fw_entry;
737 }
738
739 if (fw) {
740 if (request_firmware(&fw_entry, fw, priv->dev) == 0)
741 priv->cached_fw = fw_entry;
742 }
743}
744
745static void orinoco_uncache_fw(struct orinoco_private *priv)
746{
747 if (priv->cached_pri_fw)
748 release_firmware(priv->cached_pri_fw);
749 if (priv->cached_fw)
750 release_firmware(priv->cached_fw);
751
752 priv->cached_pri_fw = NULL;
753 priv->cached_fw = NULL;
754}
755#else
756#define orinoco_cache_fw(priv, ap)
757#define orinoco_uncache_fw(priv)
758#endif
759
760/********************************************************************/
761/* Device methods */
762/********************************************************************/
763
764static int orinoco_open(struct net_device *dev)
765{
766 struct orinoco_private *priv = netdev_priv(dev);
767 unsigned long flags;
768 int err;
769
770 if (orinoco_lock(priv, &flags) != 0)
771 return -EBUSY;
772
773 err = __orinoco_up(dev);
774
775 if (!err)
776 priv->open = 1;
777
778 orinoco_unlock(priv, &flags);
779
780 return err;
781}
782
783static int orinoco_stop(struct net_device *dev)
784{
785 struct orinoco_private *priv = netdev_priv(dev);
786 int err = 0;
787
788 /* We mustn't use orinoco_lock() here, because we need to be
789 able to close the interface even if hw_unavailable is set
790 (e.g. as we're released after a PC Card removal) */
791 spin_lock_irq(&priv->lock);
792
793 priv->open = 0;
794
795 err = __orinoco_down(dev);
796
797 spin_unlock_irq(&priv->lock);
798
799 return err;
800}
801
802static struct net_device_stats *orinoco_get_stats(struct net_device *dev)
803{
804 struct orinoco_private *priv = netdev_priv(dev);
805
806 return &priv->stats;
807}
808
809static struct iw_statistics *orinoco_get_wireless_stats(struct net_device *dev)
810{
811 struct orinoco_private *priv = netdev_priv(dev);
812 hermes_t *hw = &priv->hw;
813 struct iw_statistics *wstats = &priv->wstats;
814 int err;
815 unsigned long flags;
816
817 if (!netif_device_present(dev)) {
818 printk(KERN_WARNING "%s: get_wireless_stats() called while device not present\n",
819 dev->name);
820 return NULL; /* FIXME: Can we do better than this? */
821 }
822
823 /* If busy, return the old stats. Returning NULL may cause
824 * the interface to disappear from /proc/net/wireless */
825 if (orinoco_lock(priv, &flags) != 0)
826 return wstats;
827
828 /* We can't really wait for the tallies inquiry command to
829 * complete, so we just use the previous results and trigger
830 * a new tallies inquiry command for next time - Jean II */
831 /* FIXME: Really we should wait for the inquiry to come back -
832 * as it is the stats we give don't make a whole lot of sense.
833 * Unfortunately, it's not clear how to do that within the
834 * wireless extensions framework: I think we're in user
835 * context, but a lock seems to be held by the time we get in
836 * here so we're not safe to sleep here. */
837 hermes_inquire(hw, HERMES_INQ_TALLIES);
838
839 if (priv->iw_mode == IW_MODE_ADHOC) {
840 memset(&wstats->qual, 0, sizeof(wstats->qual));
841 /* If a spy address is defined, we report stats of the
842 * first spy address - Jean II */
843 if (SPY_NUMBER(priv)) {
844 wstats->qual.qual = priv->spy_data.spy_stat[0].qual;
845 wstats->qual.level = priv->spy_data.spy_stat[0].level;
846 wstats->qual.noise = priv->spy_data.spy_stat[0].noise;
847 wstats->qual.updated =
848 priv->spy_data.spy_stat[0].updated;
849 }
850 } else {
851 struct {
852 __le16 qual, signal, noise, unused;
853 } __attribute__ ((packed)) cq;
854
855 err = HERMES_READ_RECORD(hw, USER_BAP,
856 HERMES_RID_COMMSQUALITY, &cq);
857
858 if (!err) {
859 wstats->qual.qual = (int)le16_to_cpu(cq.qual);
860 wstats->qual.level = (int)le16_to_cpu(cq.signal) - 0x95;
861 wstats->qual.noise = (int)le16_to_cpu(cq.noise) - 0x95;
862 wstats->qual.updated =
863 IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
864 }
865 }
866
867 orinoco_unlock(priv, &flags);
868 return wstats;
869}
870
871static void orinoco_set_multicast_list(struct net_device *dev)
872{
873 struct orinoco_private *priv = netdev_priv(dev);
874 unsigned long flags;
875
876 if (orinoco_lock(priv, &flags) != 0) {
877 printk(KERN_DEBUG "%s: orinoco_set_multicast_list() "
878 "called when hw_unavailable\n", dev->name);
879 return;
880 }
881
882 __orinoco_set_multicast_list(dev);
883 orinoco_unlock(priv, &flags);
884}
885
886static int orinoco_change_mtu(struct net_device *dev, int new_mtu)
887{
888 struct orinoco_private *priv = netdev_priv(dev);
889
890 if ((new_mtu < ORINOCO_MIN_MTU) || (new_mtu > ORINOCO_MAX_MTU))
891 return -EINVAL;
892
893 /* MTU + encapsulation + header length */
894 if ((new_mtu + ENCAPS_OVERHEAD + sizeof(struct ieee80211_hdr)) >
895 (priv->nicbuf_size - ETH_HLEN))
896 return -EINVAL;
897
898 dev->mtu = new_mtu;
899
900 return 0;
901}
902
903/********************************************************************/
904/* Tx path */
905/********************************************************************/
906
907static int orinoco_xmit(struct sk_buff *skb, struct net_device *dev)
908{
909 struct orinoco_private *priv = netdev_priv(dev);
910 struct net_device_stats *stats = &priv->stats;
911 hermes_t *hw = &priv->hw;
912 int err = 0;
913 u16 txfid = priv->txfid;
914 struct ethhdr *eh;
915 int tx_control;
916 unsigned long flags;
917
918 if (!netif_running(dev)) {
919 printk(KERN_ERR "%s: Tx on stopped device!\n",
920 dev->name);
921 return NETDEV_TX_BUSY;
922 }
923
924 if (netif_queue_stopped(dev)) {
925 printk(KERN_DEBUG "%s: Tx while transmitter busy!\n",
926 dev->name);
927 return NETDEV_TX_BUSY;
928 }
929
930 if (orinoco_lock(priv, &flags) != 0) {
931 printk(KERN_ERR "%s: orinoco_xmit() called while hw_unavailable\n",
932 dev->name);
933 return NETDEV_TX_BUSY;
934 }
935
936 if (!netif_carrier_ok(dev) || (priv->iw_mode == IW_MODE_MONITOR)) {
937 /* Oops, the firmware hasn't established a connection,
938 silently drop the packet (this seems to be the
939 safest approach). */
940 goto drop;
941 }
942
943 /* Check packet length */
944 if (skb->len < ETH_HLEN)
945 goto drop;
946
947 tx_control = HERMES_TXCTRL_TX_OK | HERMES_TXCTRL_TX_EX;
948
949 if (priv->encode_alg == IW_ENCODE_ALG_TKIP)
950 tx_control |= (priv->tx_key << HERMES_MIC_KEY_ID_SHIFT) |
951 HERMES_TXCTRL_MIC;
952
953 if (priv->has_alt_txcntl) {
954 /* WPA enabled firmwares have tx_cntl at the end of
955 * the 802.11 header. So write zeroed descriptor and
956 * 802.11 header at the same time
957 */
958 char desc[HERMES_802_3_OFFSET];
959 __le16 *txcntl = (__le16 *) &desc[HERMES_TXCNTL2_OFFSET];
960
961 memset(&desc, 0, sizeof(desc));
962
963 *txcntl = cpu_to_le16(tx_control);
964 err = hermes_bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
965 txfid, 0);
966 if (err) {
967 if (net_ratelimit())
968 printk(KERN_ERR "%s: Error %d writing Tx "
969 "descriptor to BAP\n", dev->name, err);
970 goto busy;
971 }
972 } else {
973 struct hermes_tx_descriptor desc;
974
975 memset(&desc, 0, sizeof(desc));
976
977 desc.tx_control = cpu_to_le16(tx_control);
978 err = hermes_bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
979 txfid, 0);
980 if (err) {
981 if (net_ratelimit())
982 printk(KERN_ERR "%s: Error %d writing Tx "
983 "descriptor to BAP\n", dev->name, err);
984 goto busy;
985 }
986
987 /* Clear the 802.11 header and data length fields - some
988 * firmwares (e.g. Lucent/Agere 8.xx) appear to get confused
989 * if this isn't done. */
990 hermes_clear_words(hw, HERMES_DATA0,
991 HERMES_802_3_OFFSET - HERMES_802_11_OFFSET);
992 }
993
994 eh = (struct ethhdr *)skb->data;
995
996 /* Encapsulate Ethernet-II frames */
997 if (ntohs(eh->h_proto) > ETH_DATA_LEN) { /* Ethernet-II frame */
998 struct header_struct {
999 struct ethhdr eth; /* 802.3 header */
1000 u8 encap[6]; /* 802.2 header */
1001 } __attribute__ ((packed)) hdr;
1002
1003 /* Strip destination and source from the data */
1004 skb_pull(skb, 2 * ETH_ALEN);
1005
1006 /* And move them to a separate header */
1007 memcpy(&hdr.eth, eh, 2 * ETH_ALEN);
1008 hdr.eth.h_proto = htons(sizeof(encaps_hdr) + skb->len);
1009 memcpy(hdr.encap, encaps_hdr, sizeof(encaps_hdr));
1010
1011 /* Insert the SNAP header */
1012 if (skb_headroom(skb) < sizeof(hdr)) {
1013 printk(KERN_ERR
1014 "%s: Not enough headroom for 802.2 headers %d\n",
1015 dev->name, skb_headroom(skb));
1016 goto drop;
1017 }
1018 eh = (struct ethhdr *) skb_push(skb, sizeof(hdr));
1019 memcpy(eh, &hdr, sizeof(hdr));
1020 }
1021
1022 err = hermes_bap_pwrite(hw, USER_BAP, skb->data, skb->len,
1023 txfid, HERMES_802_3_OFFSET);
1024 if (err) {
1025 printk(KERN_ERR "%s: Error %d writing packet to BAP\n",
1026 dev->name, err);
1027 goto busy;
1028 }
1029
1030 /* Calculate Michael MIC */
1031 if (priv->encode_alg == IW_ENCODE_ALG_TKIP) {
1032 u8 mic_buf[MICHAEL_MIC_LEN + 1];
1033 u8 *mic;
1034 size_t offset;
1035 size_t len;
1036
1037 if (skb->len % 2) {
1038 /* MIC start is on an odd boundary */
1039 mic_buf[0] = skb->data[skb->len - 1];
1040 mic = &mic_buf[1];
1041 offset = skb->len - 1;
1042 len = MICHAEL_MIC_LEN + 1;
1043 } else {
1044 mic = &mic_buf[0];
1045 offset = skb->len;
1046 len = MICHAEL_MIC_LEN;
1047 }
1048
1049 michael_mic(priv->tx_tfm_mic,
1050 priv->tkip_key[priv->tx_key].tx_mic,
1051 eh->h_dest, eh->h_source, 0 /* priority */,
1052 skb->data + ETH_HLEN, skb->len - ETH_HLEN, mic);
1053
1054 /* Write the MIC */
1055 err = hermes_bap_pwrite(hw, USER_BAP, &mic_buf[0], len,
1056 txfid, HERMES_802_3_OFFSET + offset);
1057 if (err) {
1058 printk(KERN_ERR "%s: Error %d writing MIC to BAP\n",
1059 dev->name, err);
1060 goto busy;
1061 }
1062 }
1063
1064 /* Finally, we actually initiate the send */
1065 netif_stop_queue(dev);
1066
1067 err = hermes_docmd_wait(hw, HERMES_CMD_TX | HERMES_CMD_RECL,
1068 txfid, NULL);
1069 if (err) {
1070 netif_start_queue(dev);
1071 if (net_ratelimit())
1072 printk(KERN_ERR "%s: Error %d transmitting packet\n",
1073 dev->name, err);
1074 goto busy;
1075 }
1076
1077 dev->trans_start = jiffies;
1078 stats->tx_bytes += HERMES_802_3_OFFSET + skb->len;
1079 goto ok;
1080
1081 drop:
1082 stats->tx_errors++;
1083 stats->tx_dropped++;
1084
1085 ok:
1086 orinoco_unlock(priv, &flags);
1087 dev_kfree_skb(skb);
1088 return NETDEV_TX_OK;
1089
1090 busy:
1091 if (err == -EIO)
1092 schedule_work(&priv->reset_work);
1093 orinoco_unlock(priv, &flags);
1094 return NETDEV_TX_BUSY;
1095}
1096
1097static void __orinoco_ev_alloc(struct net_device *dev, hermes_t *hw)
1098{
1099 struct orinoco_private *priv = netdev_priv(dev);
1100 u16 fid = hermes_read_regn(hw, ALLOCFID);
1101
1102 if (fid != priv->txfid) {
1103 if (fid != DUMMY_FID)
1104 printk(KERN_WARNING "%s: Allocate event on unexpected fid (%04X)\n",
1105 dev->name, fid);
1106 return;
1107 }
1108
1109 hermes_write_regn(hw, ALLOCFID, DUMMY_FID);
1110}
1111
1112static void __orinoco_ev_tx(struct net_device *dev, hermes_t *hw)
1113{
1114 struct orinoco_private *priv = netdev_priv(dev);
1115 struct net_device_stats *stats = &priv->stats;
1116
1117 stats->tx_packets++;
1118
1119 netif_wake_queue(dev);
1120
1121 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
1122}
1123
1124static void __orinoco_ev_txexc(struct net_device *dev, hermes_t *hw)
1125{
1126 struct orinoco_private *priv = netdev_priv(dev);
1127 struct net_device_stats *stats = &priv->stats;
1128 u16 fid = hermes_read_regn(hw, TXCOMPLFID);
1129 u16 status;
1130 struct hermes_txexc_data hdr;
1131 int err = 0;
1132
1133 if (fid == DUMMY_FID)
1134 return; /* Nothing's really happened */
1135
1136 /* Read part of the frame header - we need status and addr1 */
1137 err = hermes_bap_pread(hw, IRQ_BAP, &hdr,
1138 sizeof(struct hermes_txexc_data),
1139 fid, 0);
1140
1141 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
1142 stats->tx_errors++;
1143
1144 if (err) {
1145 printk(KERN_WARNING "%s: Unable to read descriptor on Tx error "
1146 "(FID=%04X error %d)\n",
1147 dev->name, fid, err);
1148 return;
1149 }
1150
1151 DEBUG(1, "%s: Tx error, err %d (FID=%04X)\n", dev->name,
1152 err, fid);
1153
1154 /* We produce a TXDROP event only for retry or lifetime
1155 * exceeded, because that's the only status that really mean
1156 * that this particular node went away.
1157 * Other errors means that *we* screwed up. - Jean II */
1158 status = le16_to_cpu(hdr.desc.status);
1159 if (status & (HERMES_TXSTAT_RETRYERR | HERMES_TXSTAT_AGEDERR)) {
1160 union iwreq_data wrqu;
1161
1162 /* Copy 802.11 dest address.
1163 * We use the 802.11 header because the frame may
1164 * not be 802.3 or may be mangled...
1165 * In Ad-Hoc mode, it will be the node address.
1166 * In managed mode, it will be most likely the AP addr
1167 * User space will figure out how to convert it to
1168 * whatever it needs (IP address or else).
1169 * - Jean II */
1170 memcpy(wrqu.addr.sa_data, hdr.addr1, ETH_ALEN);
1171 wrqu.addr.sa_family = ARPHRD_ETHER;
1172
1173 /* Send event to user space */
1174 wireless_send_event(dev, IWEVTXDROP, &wrqu, NULL);
1175 }
1176
1177 netif_wake_queue(dev);
1178}
1179
1180static void orinoco_tx_timeout(struct net_device *dev)
1181{
1182 struct orinoco_private *priv = netdev_priv(dev);
1183 struct net_device_stats *stats = &priv->stats;
1184 struct hermes *hw = &priv->hw;
1185
1186 printk(KERN_WARNING "%s: Tx timeout! "
1187 "ALLOCFID=%04x, TXCOMPLFID=%04x, EVSTAT=%04x\n",
1188 dev->name, hermes_read_regn(hw, ALLOCFID),
1189 hermes_read_regn(hw, TXCOMPLFID), hermes_read_regn(hw, EVSTAT));
1190
1191 stats->tx_errors++;
1192
1193 schedule_work(&priv->reset_work);
1194}
1195
1196/********************************************************************/
1197/* Rx path (data frames) */
1198/********************************************************************/
1199
1200/* Does the frame have a SNAP header indicating it should be
1201 * de-encapsulated to Ethernet-II? */
1202static inline int is_ethersnap(void *_hdr)
1203{
1204 u8 *hdr = _hdr;
1205
1206 /* We de-encapsulate all packets which, a) have SNAP headers
1207 * (i.e. SSAP=DSAP=0xaa and CTRL=0x3 in the 802.2 LLC header
1208 * and where b) the OUI of the SNAP header is 00:00:00 or
1209 * 00:00:f8 - we need both because different APs appear to use
1210 * different OUIs for some reason */
1211 return (memcmp(hdr, &encaps_hdr, 5) == 0)
1212 && ((hdr[5] == 0x00) || (hdr[5] == 0xf8));
1213}
1214
1215static inline void orinoco_spy_gather(struct net_device *dev, u_char *mac,
1216 int level, int noise)
1217{
1218 struct iw_quality wstats;
1219 wstats.level = level - 0x95;
1220 wstats.noise = noise - 0x95;
1221 wstats.qual = (level > noise) ? (level - noise) : 0;
1222 wstats.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
1223 /* Update spy records */
1224 wireless_spy_update(dev, mac, &wstats);
1225}
1226
1227static void orinoco_stat_gather(struct net_device *dev,
1228 struct sk_buff *skb,
1229 struct hermes_rx_descriptor *desc)
1230{
1231 struct orinoco_private *priv = netdev_priv(dev);
1232
1233 /* Using spy support with lots of Rx packets, like in an
1234 * infrastructure (AP), will really slow down everything, because
1235 * the MAC address must be compared to each entry of the spy list.
1236 * If the user really asks for it (set some address in the
1237 * spy list), we do it, but he will pay the price.
1238 * Note that to get here, you need both WIRELESS_SPY
1239 * compiled in AND some addresses in the list !!!
1240 */
1241 /* Note : gcc will optimise the whole section away if
1242 * WIRELESS_SPY is not defined... - Jean II */
1243 if (SPY_NUMBER(priv)) {
1244 orinoco_spy_gather(dev, skb_mac_header(skb) + ETH_ALEN,
1245 desc->signal, desc->silence);
1246 }
1247}
1248
1249/*
1250 * orinoco_rx_monitor - handle received monitor frames.
1251 *
1252 * Arguments:
1253 * dev network device
1254 * rxfid received FID
1255 * desc rx descriptor of the frame
1256 *
1257 * Call context: interrupt
1258 */
1259static void orinoco_rx_monitor(struct net_device *dev, u16 rxfid,
1260 struct hermes_rx_descriptor *desc)
1261{
1262 u32 hdrlen = 30; /* return full header by default */
1263 u32 datalen = 0;
1264 u16 fc;
1265 int err;
1266 int len;
1267 struct sk_buff *skb;
1268 struct orinoco_private *priv = netdev_priv(dev);
1269 struct net_device_stats *stats = &priv->stats;
1270 hermes_t *hw = &priv->hw;
1271
1272 len = le16_to_cpu(desc->data_len);
1273
1274 /* Determine the size of the header and the data */
1275 fc = le16_to_cpu(desc->frame_ctl);
1276 switch (fc & IEEE80211_FCTL_FTYPE) {
1277 case IEEE80211_FTYPE_DATA:
1278 if ((fc & IEEE80211_FCTL_TODS)
1279 && (fc & IEEE80211_FCTL_FROMDS))
1280 hdrlen = 30;
1281 else
1282 hdrlen = 24;
1283 datalen = len;
1284 break;
1285 case IEEE80211_FTYPE_MGMT:
1286 hdrlen = 24;
1287 datalen = len;
1288 break;
1289 case IEEE80211_FTYPE_CTL:
1290 switch (fc & IEEE80211_FCTL_STYPE) {
1291 case IEEE80211_STYPE_PSPOLL:
1292 case IEEE80211_STYPE_RTS:
1293 case IEEE80211_STYPE_CFEND:
1294 case IEEE80211_STYPE_CFENDACK:
1295 hdrlen = 16;
1296 break;
1297 case IEEE80211_STYPE_CTS:
1298 case IEEE80211_STYPE_ACK:
1299 hdrlen = 10;
1300 break;
1301 }
1302 break;
1303 default:
1304 /* Unknown frame type */
1305 break;
1306 }
1307
1308 /* sanity check the length */
1309 if (datalen > IEEE80211_MAX_DATA_LEN + 12) {
1310 printk(KERN_DEBUG "%s: oversized monitor frame, "
1311 "data length = %d\n", dev->name, datalen);
1312 stats->rx_length_errors++;
1313 goto update_stats;
1314 }
1315
1316 skb = dev_alloc_skb(hdrlen + datalen);
1317 if (!skb) {
1318 printk(KERN_WARNING "%s: Cannot allocate skb for monitor frame\n",
1319 dev->name);
1320 goto update_stats;
1321 }
1322
1323 /* Copy the 802.11 header to the skb */
1324 memcpy(skb_put(skb, hdrlen), &(desc->frame_ctl), hdrlen);
1325 skb_reset_mac_header(skb);
1326
1327 /* If any, copy the data from the card to the skb */
1328 if (datalen > 0) {
1329 err = hermes_bap_pread(hw, IRQ_BAP, skb_put(skb, datalen),
1330 ALIGN(datalen, 2), rxfid,
1331 HERMES_802_2_OFFSET);
1332 if (err) {
1333 printk(KERN_ERR "%s: error %d reading monitor frame\n",
1334 dev->name, err);
1335 goto drop;
1336 }
1337 }
1338
1339 skb->dev = dev;
1340 skb->ip_summed = CHECKSUM_NONE;
1341 skb->pkt_type = PACKET_OTHERHOST;
1342 skb->protocol = cpu_to_be16(ETH_P_802_2);
1343
1344 stats->rx_packets++;
1345 stats->rx_bytes += skb->len;
1346
1347 netif_rx(skb);
1348 return;
1349
1350 drop:
1351 dev_kfree_skb_irq(skb);
1352 update_stats:
1353 stats->rx_errors++;
1354 stats->rx_dropped++;
1355}
1356
1357/* Get tsc from the firmware */
1358static int orinoco_hw_get_tkip_iv(struct orinoco_private *priv, int key,
1359 u8 *tsc)
1360{
1361 hermes_t *hw = &priv->hw;
1362 int err = 0;
1363 u8 tsc_arr[4][IW_ENCODE_SEQ_MAX_SIZE];
1364
1365 if ((key < 0) || (key > 4))
1366 return -EINVAL;
1367
1368 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_TKIP_IV,
1369 sizeof(tsc_arr), NULL, &tsc_arr);
1370 if (!err)
1371 memcpy(tsc, &tsc_arr[key][0], sizeof(tsc_arr[0]));
1372
1373 return err;
1374}
1375
1376static void __orinoco_ev_rx(struct net_device *dev, hermes_t *hw)
1377{
1378 struct orinoco_private *priv = netdev_priv(dev);
1379 struct net_device_stats *stats = &priv->stats;
1380 struct iw_statistics *wstats = &priv->wstats;
1381 struct sk_buff *skb = NULL;
1382 u16 rxfid, status;
1383 int length;
1384 struct hermes_rx_descriptor *desc;
1385 struct orinoco_rx_data *rx_data;
1386 int err;
1387
1388 desc = kmalloc(sizeof(*desc), GFP_ATOMIC);
1389 if (!desc) {
1390 printk(KERN_WARNING
1391 "%s: Can't allocate space for RX descriptor\n",
1392 dev->name);
1393 goto update_stats;
1394 }
1395
1396 rxfid = hermes_read_regn(hw, RXFID);
1397
1398 err = hermes_bap_pread(hw, IRQ_BAP, desc, sizeof(*desc),
1399 rxfid, 0);
1400 if (err) {
1401 printk(KERN_ERR "%s: error %d reading Rx descriptor. "
1402 "Frame dropped.\n", dev->name, err);
1403 goto update_stats;
1404 }
1405
1406 status = le16_to_cpu(desc->status);
1407
1408 if (status & HERMES_RXSTAT_BADCRC) {
1409 DEBUG(1, "%s: Bad CRC on Rx. Frame dropped.\n",
1410 dev->name);
1411 stats->rx_crc_errors++;
1412 goto update_stats;
1413 }
1414
1415 /* Handle frames in monitor mode */
1416 if (priv->iw_mode == IW_MODE_MONITOR) {
1417 orinoco_rx_monitor(dev, rxfid, desc);
1418 goto out;
1419 }
1420
1421 if (status & HERMES_RXSTAT_UNDECRYPTABLE) {
1422 DEBUG(1, "%s: Undecryptable frame on Rx. Frame dropped.\n",
1423 dev->name);
1424 wstats->discard.code++;
1425 goto update_stats;
1426 }
1427
1428 length = le16_to_cpu(desc->data_len);
1429
1430 /* Sanity checks */
1431 if (length < 3) { /* No for even an 802.2 LLC header */
1432 /* At least on Symbol firmware with PCF we get quite a
1433 lot of these legitimately - Poll frames with no
1434 data. */
1435 goto out;
1436 }
1437 if (length > IEEE80211_MAX_DATA_LEN) {
1438 printk(KERN_WARNING "%s: Oversized frame received (%d bytes)\n",
1439 dev->name, length);
1440 stats->rx_length_errors++;
1441 goto update_stats;
1442 }
1443
1444 /* Payload size does not include Michael MIC. Increase payload
1445 * size to read it together with the data. */
1446 if (status & HERMES_RXSTAT_MIC)
1447 length += MICHAEL_MIC_LEN;
1448
1449 /* We need space for the packet data itself, plus an ethernet
1450 header, plus 2 bytes so we can align the IP header on a
1451 32bit boundary, plus 1 byte so we can read in odd length
1452 packets from the card, which has an IO granularity of 16
1453 bits */
1454 skb = dev_alloc_skb(length+ETH_HLEN+2+1);
1455 if (!skb) {
1456 printk(KERN_WARNING "%s: Can't allocate skb for Rx\n",
1457 dev->name);
1458 goto update_stats;
1459 }
1460
1461 /* We'll prepend the header, so reserve space for it. The worst
1462 case is no decapsulation, when 802.3 header is prepended and
1463 nothing is removed. 2 is for aligning the IP header. */
1464 skb_reserve(skb, ETH_HLEN + 2);
1465
1466 err = hermes_bap_pread(hw, IRQ_BAP, skb_put(skb, length),
1467 ALIGN(length, 2), rxfid,
1468 HERMES_802_2_OFFSET);
1469 if (err) {
1470 printk(KERN_ERR "%s: error %d reading frame. "
1471 "Frame dropped.\n", dev->name, err);
1472 goto drop;
1473 }
1474
1475 /* Add desc and skb to rx queue */
1476 rx_data = kzalloc(sizeof(*rx_data), GFP_ATOMIC);
1477 if (!rx_data) {
1478 printk(KERN_WARNING "%s: Can't allocate RX packet\n",
1479 dev->name);
1480 goto drop;
1481 }
1482 rx_data->desc = desc;
1483 rx_data->skb = skb;
1484 list_add_tail(&rx_data->list, &priv->rx_list);
1485 tasklet_schedule(&priv->rx_tasklet);
1486
1487 return;
1488
1489drop:
1490 dev_kfree_skb_irq(skb);
1491update_stats:
1492 stats->rx_errors++;
1493 stats->rx_dropped++;
1494out:
1495 kfree(desc);
1496}
1497
1498static void orinoco_rx(struct net_device *dev,
1499 struct hermes_rx_descriptor *desc,
1500 struct sk_buff *skb)
1501{
1502 struct orinoco_private *priv = netdev_priv(dev);
1503 struct net_device_stats *stats = &priv->stats;
1504 u16 status, fc;
1505 int length;
1506 struct ethhdr *hdr;
1507
1508 status = le16_to_cpu(desc->status);
1509 length = le16_to_cpu(desc->data_len);
1510 fc = le16_to_cpu(desc->frame_ctl);
1511
1512 /* Calculate and check MIC */
1513 if (status & HERMES_RXSTAT_MIC) {
1514 int key_id = ((status & HERMES_RXSTAT_MIC_KEY_ID) >>
1515 HERMES_MIC_KEY_ID_SHIFT);
1516 u8 mic[MICHAEL_MIC_LEN];
1517 u8 *rxmic;
1518 u8 *src = (fc & IEEE80211_FCTL_FROMDS) ?
1519 desc->addr3 : desc->addr2;
1520
1521 /* Extract Michael MIC from payload */
1522 rxmic = skb->data + skb->len - MICHAEL_MIC_LEN;
1523
1524 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
1525 length -= MICHAEL_MIC_LEN;
1526
1527 michael_mic(priv->rx_tfm_mic,
1528 priv->tkip_key[key_id].rx_mic,
1529 desc->addr1,
1530 src,
1531 0, /* priority or QoS? */
1532 skb->data,
1533 skb->len,
1534 &mic[0]);
1535
1536 if (memcmp(mic, rxmic,
1537 MICHAEL_MIC_LEN)) {
1538 union iwreq_data wrqu;
1539 struct iw_michaelmicfailure wxmic;
1540
1541 printk(KERN_WARNING "%s: "
1542 "Invalid Michael MIC in data frame from %pM, "
1543 "using key %i\n",
1544 dev->name, src, key_id);
1545
1546 /* TODO: update stats */
1547
1548 /* Notify userspace */
1549 memset(&wxmic, 0, sizeof(wxmic));
1550 wxmic.flags = key_id & IW_MICFAILURE_KEY_ID;
1551 wxmic.flags |= (desc->addr1[0] & 1) ?
1552 IW_MICFAILURE_GROUP : IW_MICFAILURE_PAIRWISE;
1553 wxmic.src_addr.sa_family = ARPHRD_ETHER;
1554 memcpy(wxmic.src_addr.sa_data, src, ETH_ALEN);
1555
1556 (void) orinoco_hw_get_tkip_iv(priv, key_id,
1557 &wxmic.tsc[0]);
1558
1559 memset(&wrqu, 0, sizeof(wrqu));
1560 wrqu.data.length = sizeof(wxmic);
1561 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu,
1562 (char *) &wxmic);
1563
1564 goto drop;
1565 }
1566 }
1567
1568 /* Handle decapsulation
1569 * In most cases, the firmware tell us about SNAP frames.
1570 * For some reason, the SNAP frames sent by LinkSys APs
1571 * are not properly recognised by most firmwares.
1572 * So, check ourselves */
1573 if (length >= ENCAPS_OVERHEAD &&
1574 (((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_1042) ||
1575 ((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_TUNNEL) ||
1576 is_ethersnap(skb->data))) {
1577 /* These indicate a SNAP within 802.2 LLC within
1578 802.11 frame which we'll need to de-encapsulate to
1579 the original EthernetII frame. */
1580 hdr = (struct ethhdr *)skb_push(skb,
1581 ETH_HLEN - ENCAPS_OVERHEAD);
1582 } else {
1583 /* 802.3 frame - prepend 802.3 header as is */
1584 hdr = (struct ethhdr *)skb_push(skb, ETH_HLEN);
1585 hdr->h_proto = htons(length);
1586 }
1587 memcpy(hdr->h_dest, desc->addr1, ETH_ALEN);
1588 if (fc & IEEE80211_FCTL_FROMDS)
1589 memcpy(hdr->h_source, desc->addr3, ETH_ALEN);
1590 else
1591 memcpy(hdr->h_source, desc->addr2, ETH_ALEN);
1592
1593 skb->protocol = eth_type_trans(skb, dev);
1594 skb->ip_summed = CHECKSUM_NONE;
1595 if (fc & IEEE80211_FCTL_TODS)
1596 skb->pkt_type = PACKET_OTHERHOST;
1597
1598 /* Process the wireless stats if needed */
1599 orinoco_stat_gather(dev, skb, desc);
1600
1601 /* Pass the packet to the networking stack */
1602 netif_rx(skb);
1603 stats->rx_packets++;
1604 stats->rx_bytes += length;
1605
1606 return;
1607
1608 drop:
1609 dev_kfree_skb(skb);
1610 stats->rx_errors++;
1611 stats->rx_dropped++;
1612}
1613
1614static void orinoco_rx_isr_tasklet(unsigned long data)
1615{
1616 struct net_device *dev = (struct net_device *) data;
1617 struct orinoco_private *priv = netdev_priv(dev);
1618 struct orinoco_rx_data *rx_data, *temp;
1619 struct hermes_rx_descriptor *desc;
1620 struct sk_buff *skb;
1621 unsigned long flags;
1622
1623 /* orinoco_rx requires the driver lock, and we also need to
1624 * protect priv->rx_list, so just hold the lock over the
1625 * lot.
1626 *
1627 * If orinoco_lock fails, we've unplugged the card. In this
1628 * case just abort. */
1629 if (orinoco_lock(priv, &flags) != 0)
1630 return;
1631
1632 /* extract desc and skb from queue */
1633 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
1634 desc = rx_data->desc;
1635 skb = rx_data->skb;
1636 list_del(&rx_data->list);
1637 kfree(rx_data);
1638
1639 orinoco_rx(dev, desc, skb);
1640
1641 kfree(desc);
1642 }
1643
1644 orinoco_unlock(priv, &flags);
1645}
1646
1647/********************************************************************/
1648/* Rx path (info frames) */
1649/********************************************************************/
1650
1651static void print_linkstatus(struct net_device *dev, u16 status)
1652{
1653 char *s;
1654
1655 if (suppress_linkstatus)
1656 return;
1657
1658 switch (status) {
1659 case HERMES_LINKSTATUS_NOT_CONNECTED:
1660 s = "Not Connected";
1661 break;
1662 case HERMES_LINKSTATUS_CONNECTED:
1663 s = "Connected";
1664 break;
1665 case HERMES_LINKSTATUS_DISCONNECTED:
1666 s = "Disconnected";
1667 break;
1668 case HERMES_LINKSTATUS_AP_CHANGE:
1669 s = "AP Changed";
1670 break;
1671 case HERMES_LINKSTATUS_AP_OUT_OF_RANGE:
1672 s = "AP Out of Range";
1673 break;
1674 case HERMES_LINKSTATUS_AP_IN_RANGE:
1675 s = "AP In Range";
1676 break;
1677 case HERMES_LINKSTATUS_ASSOC_FAILED:
1678 s = "Association Failed";
1679 break;
1680 default:
1681 s = "UNKNOWN";
1682 }
1683
1684 printk(KERN_DEBUG "%s: New link status: %s (%04x)\n",
1685 dev->name, s, status);
1686}
1687
1688/* Search scan results for requested BSSID, join it if found */
1689static void orinoco_join_ap(struct work_struct *work)
1690{
1691 struct orinoco_private *priv =
1692 container_of(work, struct orinoco_private, join_work);
1693 struct net_device *dev = priv->ndev;
1694 struct hermes *hw = &priv->hw;
1695 int err;
1696 unsigned long flags;
1697 struct join_req {
1698 u8 bssid[ETH_ALEN];
1699 __le16 channel;
1700 } __attribute__ ((packed)) req;
1701 const int atom_len = offsetof(struct prism2_scan_apinfo, atim);
1702 struct prism2_scan_apinfo *atom = NULL;
1703 int offset = 4;
1704 int found = 0;
1705 u8 *buf;
1706 u16 len;
1707
1708 /* Allocate buffer for scan results */
1709 buf = kmalloc(MAX_SCAN_LEN, GFP_KERNEL);
1710 if (!buf)
1711 return;
1712
1713 if (orinoco_lock(priv, &flags) != 0)
1714 goto fail_lock;
1715
1716 /* Sanity checks in case user changed something in the meantime */
1717 if (!priv->bssid_fixed)
1718 goto out;
1719
1720 if (strlen(priv->desired_essid) == 0)
1721 goto out;
1722
1723 /* Read scan results from the firmware */
1724 err = hermes_read_ltv(hw, USER_BAP,
1725 HERMES_RID_SCANRESULTSTABLE,
1726 MAX_SCAN_LEN, &len, buf);
1727 if (err) {
1728 printk(KERN_ERR "%s: Cannot read scan results\n",
1729 dev->name);
1730 goto out;
1731 }
1732
1733 len = HERMES_RECLEN_TO_BYTES(len);
1734
1735 /* Go through the scan results looking for the channel of the AP
1736 * we were requested to join */
1737 for (; offset + atom_len <= len; offset += atom_len) {
1738 atom = (struct prism2_scan_apinfo *) (buf + offset);
1739 if (memcmp(&atom->bssid, priv->desired_bssid, ETH_ALEN) == 0) {
1740 found = 1;
1741 break;
1742 }
1743 }
1744
1745 if (!found) {
1746 DEBUG(1, "%s: Requested AP not found in scan results\n",
1747 dev->name);
1748 goto out;
1749 }
1750
1751 memcpy(req.bssid, priv->desired_bssid, ETH_ALEN);
1752 req.channel = atom->channel; /* both are little-endian */
1753 err = HERMES_WRITE_RECORD(hw, USER_BAP, HERMES_RID_CNFJOINREQUEST,
1754 &req);
1755 if (err)
1756 printk(KERN_ERR "%s: Error issuing join request\n", dev->name);
1757
1758 out:
1759 orinoco_unlock(priv, &flags);
1760
1761 fail_lock:
1762 kfree(buf);
1763}
1764
1765/* Send new BSSID to userspace */
1766static void orinoco_send_bssid_wevent(struct orinoco_private *priv)
1767{
1768 struct net_device *dev = priv->ndev;
1769 struct hermes *hw = &priv->hw;
1770 union iwreq_data wrqu;
1771 int err;
1772
1773 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTBSSID,
1774 ETH_ALEN, NULL, wrqu.ap_addr.sa_data);
1775 if (err != 0)
1776 return;
1777
1778 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1779
1780 /* Send event to user space */
1781 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
1782}
1783
1784static void orinoco_send_assocreqie_wevent(struct orinoco_private *priv)
1785{
1786 struct net_device *dev = priv->ndev;
1787 struct hermes *hw = &priv->hw;
1788 union iwreq_data wrqu;
1789 int err;
1790 u8 buf[88];
1791 u8 *ie;
1792
1793 if (!priv->has_wpa)
1794 return;
1795
1796 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_ASSOC_REQ_INFO,
1797 sizeof(buf), NULL, &buf);
1798 if (err != 0)
1799 return;
1800
1801 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1802 if (ie) {
1803 int rem = sizeof(buf) - (ie - &buf[0]);
1804 wrqu.data.length = ie[1] + 2;
1805 if (wrqu.data.length > rem)
1806 wrqu.data.length = rem;
1807
1808 if (wrqu.data.length)
1809 /* Send event to user space */
1810 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, ie);
1811 }
1812}
1813
1814static void orinoco_send_assocrespie_wevent(struct orinoco_private *priv)
1815{
1816 struct net_device *dev = priv->ndev;
1817 struct hermes *hw = &priv->hw;
1818 union iwreq_data wrqu;
1819 int err;
1820 u8 buf[88]; /* TODO: verify max size or IW_GENERIC_IE_MAX */
1821 u8 *ie;
1822
1823 if (!priv->has_wpa)
1824 return;
1825
1826 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_ASSOC_RESP_INFO,
1827 sizeof(buf), NULL, &buf);
1828 if (err != 0)
1829 return;
1830
1831 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1832 if (ie) {
1833 int rem = sizeof(buf) - (ie - &buf[0]);
1834 wrqu.data.length = ie[1] + 2;
1835 if (wrqu.data.length > rem)
1836 wrqu.data.length = rem;
1837
1838 if (wrqu.data.length)
1839 /* Send event to user space */
1840 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, ie);
1841 }
1842}
1843
1844static void orinoco_send_wevents(struct work_struct *work)
1845{
1846 struct orinoco_private *priv =
1847 container_of(work, struct orinoco_private, wevent_work);
1848 unsigned long flags;
1849
1850 if (orinoco_lock(priv, &flags) != 0)
1851 return;
1852
1853 orinoco_send_assocreqie_wevent(priv);
1854 orinoco_send_assocrespie_wevent(priv);
1855 orinoco_send_bssid_wevent(priv);
1856
1857 orinoco_unlock(priv, &flags);
1858}
1859
1860static inline void orinoco_clear_scan_results(struct orinoco_private *priv,
1861 unsigned long scan_age)
1862{
1863 if (priv->has_ext_scan) {
1864 struct xbss_element *bss;
1865 struct xbss_element *tmp_bss;
1866
1867 /* Blow away current list of scan results */
1868 list_for_each_entry_safe(bss, tmp_bss, &priv->bss_list, list) {
1869 if (!scan_age ||
1870 time_after(jiffies, bss->last_scanned + scan_age)) {
1871 list_move_tail(&bss->list,
1872 &priv->bss_free_list);
1873 /* Don't blow away ->list, just BSS data */
1874 memset(&bss->bss, 0, sizeof(bss->bss));
1875 bss->last_scanned = 0;
1876 }
1877 }
1878 } else {
1879 struct bss_element *bss;
1880 struct bss_element *tmp_bss;
1881
1882 /* Blow away current list of scan results */
1883 list_for_each_entry_safe(bss, tmp_bss, &priv->bss_list, list) {
1884 if (!scan_age ||
1885 time_after(jiffies, bss->last_scanned + scan_age)) {
1886 list_move_tail(&bss->list,
1887 &priv->bss_free_list);
1888 /* Don't blow away ->list, just BSS data */
1889 memset(&bss->bss, 0, sizeof(bss->bss));
1890 bss->last_scanned = 0;
1891 }
1892 }
1893 }
1894}
1895
1896static void orinoco_add_ext_scan_result(struct orinoco_private *priv,
1897 struct agere_ext_scan_info *atom)
1898{
1899 struct xbss_element *bss = NULL;
1900 int found = 0;
1901
1902 /* Try to update an existing bss first */
1903 list_for_each_entry(bss, &priv->bss_list, list) {
1904 if (compare_ether_addr(bss->bss.bssid, atom->bssid))
1905 continue;
1906 /* ESSID lengths */
1907 if (bss->bss.data[1] != atom->data[1])
1908 continue;
1909 if (memcmp(&bss->bss.data[2], &atom->data[2],
1910 atom->data[1]))
1911 continue;
1912 found = 1;
1913 break;
1914 }
1915
1916 /* Grab a bss off the free list */
1917 if (!found && !list_empty(&priv->bss_free_list)) {
1918 bss = list_entry(priv->bss_free_list.next,
1919 struct xbss_element, list);
1920 list_del(priv->bss_free_list.next);
1921
1922 list_add_tail(&bss->list, &priv->bss_list);
1923 }
1924
1925 if (bss) {
1926 /* Always update the BSS to get latest beacon info */
1927 memcpy(&bss->bss, atom, sizeof(bss->bss));
1928 bss->last_scanned = jiffies;
1929 }
1930}
1931
1932static int orinoco_process_scan_results(struct net_device *dev,
1933 unsigned char *buf,
1934 int len)
1935{
1936 struct orinoco_private *priv = netdev_priv(dev);
1937 int offset; /* In the scan data */
1938 union hermes_scan_info *atom;
1939 int atom_len;
1940
1941 switch (priv->firmware_type) {
1942 case FIRMWARE_TYPE_AGERE:
1943 atom_len = sizeof(struct agere_scan_apinfo);
1944 offset = 0;
1945 break;
1946 case FIRMWARE_TYPE_SYMBOL:
1947 /* Lack of documentation necessitates this hack.
1948 * Different firmwares have 68 or 76 byte long atoms.
1949 * We try modulo first. If the length divides by both,
1950 * we check what would be the channel in the second
1951 * frame for a 68-byte atom. 76-byte atoms have 0 there.
1952 * Valid channel cannot be 0. */
1953 if (len % 76)
1954 atom_len = 68;
1955 else if (len % 68)
1956 atom_len = 76;
1957 else if (len >= 1292 && buf[68] == 0)
1958 atom_len = 76;
1959 else
1960 atom_len = 68;
1961 offset = 0;
1962 break;
1963 case FIRMWARE_TYPE_INTERSIL:
1964 offset = 4;
1965 if (priv->has_hostscan) {
1966 atom_len = le16_to_cpup((__le16 *)buf);
1967 /* Sanity check for atom_len */
1968 if (atom_len < sizeof(struct prism2_scan_apinfo)) {
1969 printk(KERN_ERR "%s: Invalid atom_len in scan "
1970 "data: %d\n", dev->name, atom_len);
1971 return -EIO;
1972 }
1973 } else
1974 atom_len = offsetof(struct prism2_scan_apinfo, atim);
1975 break;
1976 default:
1977 return -EOPNOTSUPP;
1978 }
1979
1980 /* Check that we got an whole number of atoms */
1981 if ((len - offset) % atom_len) {
1982 printk(KERN_ERR "%s: Unexpected scan data length %d, "
1983 "atom_len %d, offset %d\n", dev->name, len,
1984 atom_len, offset);
1985 return -EIO;
1986 }
1987
1988 orinoco_clear_scan_results(priv, msecs_to_jiffies(15000));
1989
1990 /* Read the entries one by one */
1991 for (; offset + atom_len <= len; offset += atom_len) {
1992 int found = 0;
1993 struct bss_element *bss = NULL;
1994
1995 /* Get next atom */
1996 atom = (union hermes_scan_info *) (buf + offset);
1997
1998 /* Try to update an existing bss first */
1999 list_for_each_entry(bss, &priv->bss_list, list) {
2000 if (compare_ether_addr(bss->bss.a.bssid, atom->a.bssid))
2001 continue;
2002 if (le16_to_cpu(bss->bss.a.essid_len) !=
2003 le16_to_cpu(atom->a.essid_len))
2004 continue;
2005 if (memcmp(bss->bss.a.essid, atom->a.essid,
2006 le16_to_cpu(atom->a.essid_len)))
2007 continue;
2008 found = 1;
2009 break;
2010 }
2011
2012 /* Grab a bss off the free list */
2013 if (!found && !list_empty(&priv->bss_free_list)) {
2014 bss = list_entry(priv->bss_free_list.next,
2015 struct bss_element, list);
2016 list_del(priv->bss_free_list.next);
2017
2018 list_add_tail(&bss->list, &priv->bss_list);
2019 }
2020
2021 if (bss) {
2022 /* Always update the BSS to get latest beacon info */
2023 memcpy(&bss->bss, atom, sizeof(bss->bss));
2024 bss->last_scanned = jiffies;
2025 }
2026 }
2027
2028 return 0;
2029}
2030
2031static void __orinoco_ev_info(struct net_device *dev, hermes_t *hw)
2032{
2033 struct orinoco_private *priv = netdev_priv(dev);
2034 u16 infofid;
2035 struct {
2036 __le16 len;
2037 __le16 type;
2038 } __attribute__ ((packed)) info;
2039 int len, type;
2040 int err;
2041
2042 /* This is an answer to an INQUIRE command that we did earlier,
2043 * or an information "event" generated by the card
2044 * The controller return to us a pseudo frame containing
2045 * the information in question - Jean II */
2046 infofid = hermes_read_regn(hw, INFOFID);
2047
2048 /* Read the info frame header - don't try too hard */
2049 err = hermes_bap_pread(hw, IRQ_BAP, &info, sizeof(info),
2050 infofid, 0);
2051 if (err) {
2052 printk(KERN_ERR "%s: error %d reading info frame. "
2053 "Frame dropped.\n", dev->name, err);
2054 return;
2055 }
2056
2057 len = HERMES_RECLEN_TO_BYTES(le16_to_cpu(info.len));
2058 type = le16_to_cpu(info.type);
2059
2060 switch (type) {
2061 case HERMES_INQ_TALLIES: {
2062 struct hermes_tallies_frame tallies;
2063 struct iw_statistics *wstats = &priv->wstats;
2064
2065 if (len > sizeof(tallies)) {
2066 printk(KERN_WARNING "%s: Tallies frame too long (%d bytes)\n",
2067 dev->name, len);
2068 len = sizeof(tallies);
2069 }
2070
2071 err = hermes_bap_pread(hw, IRQ_BAP, &tallies, len,
2072 infofid, sizeof(info));
2073 if (err)
2074 break;
2075
2076 /* Increment our various counters */
2077 /* wstats->discard.nwid - no wrong BSSID stuff */
2078 wstats->discard.code +=
2079 le16_to_cpu(tallies.RxWEPUndecryptable);
2080 if (len == sizeof(tallies))
2081 wstats->discard.code +=
2082 le16_to_cpu(tallies.RxDiscards_WEPICVError) +
2083 le16_to_cpu(tallies.RxDiscards_WEPExcluded);
2084 wstats->discard.misc +=
2085 le16_to_cpu(tallies.TxDiscardsWrongSA);
2086 wstats->discard.fragment +=
2087 le16_to_cpu(tallies.RxMsgInBadMsgFragments);
2088 wstats->discard.retries +=
2089 le16_to_cpu(tallies.TxRetryLimitExceeded);
2090 /* wstats->miss.beacon - no match */
2091 }
2092 break;
2093 case HERMES_INQ_LINKSTATUS: {
2094 struct hermes_linkstatus linkstatus;
2095 u16 newstatus;
2096 int connected;
2097
2098 if (priv->iw_mode == IW_MODE_MONITOR)
2099 break;
2100
2101 if (len != sizeof(linkstatus)) {
2102 printk(KERN_WARNING "%s: Unexpected size for linkstatus frame (%d bytes)\n",
2103 dev->name, len);
2104 break;
2105 }
2106
2107 err = hermes_bap_pread(hw, IRQ_BAP, &linkstatus, len,
2108 infofid, sizeof(info));
2109 if (err)
2110 break;
2111 newstatus = le16_to_cpu(linkstatus.linkstatus);
2112
2113 /* Symbol firmware uses "out of range" to signal that
2114 * the hostscan frame can be requested. */
2115 if (newstatus == HERMES_LINKSTATUS_AP_OUT_OF_RANGE &&
2116 priv->firmware_type == FIRMWARE_TYPE_SYMBOL &&
2117 priv->has_hostscan && priv->scan_inprogress) {
2118 hermes_inquire(hw, HERMES_INQ_HOSTSCAN_SYMBOL);
2119 break;
2120 }
2121
2122 connected = (newstatus == HERMES_LINKSTATUS_CONNECTED)
2123 || (newstatus == HERMES_LINKSTATUS_AP_CHANGE)
2124 || (newstatus == HERMES_LINKSTATUS_AP_IN_RANGE);
2125
2126 if (connected)
2127 netif_carrier_on(dev);
2128 else if (!ignore_disconnect)
2129 netif_carrier_off(dev);
2130
2131 if (newstatus != priv->last_linkstatus) {
2132 priv->last_linkstatus = newstatus;
2133 print_linkstatus(dev, newstatus);
2134 /* The info frame contains only one word which is the
2135 * status (see hermes.h). The status is pretty boring
2136 * in itself, that's why we export the new BSSID...
2137 * Jean II */
2138 schedule_work(&priv->wevent_work);
2139 }
2140 }
2141 break;
2142 case HERMES_INQ_SCAN:
2143 if (!priv->scan_inprogress && priv->bssid_fixed &&
2144 priv->firmware_type == FIRMWARE_TYPE_INTERSIL) {
2145 schedule_work(&priv->join_work);
2146 break;
2147 }
2148 /* fall through */
2149 case HERMES_INQ_HOSTSCAN:
2150 case HERMES_INQ_HOSTSCAN_SYMBOL: {
2151 /* Result of a scanning. Contains information about
2152 * cells in the vicinity - Jean II */
2153 union iwreq_data wrqu;
2154 unsigned char *buf;
2155
2156 /* Scan is no longer in progress */
2157 priv->scan_inprogress = 0;
2158
2159 /* Sanity check */
2160 if (len > 4096) {
2161 printk(KERN_WARNING "%s: Scan results too large (%d bytes)\n",
2162 dev->name, len);
2163 break;
2164 }
2165
2166 /* Allocate buffer for results */
2167 buf = kmalloc(len, GFP_ATOMIC);
2168 if (buf == NULL)
2169 /* No memory, so can't printk()... */
2170 break;
2171
2172 /* Read scan data */
2173 err = hermes_bap_pread(hw, IRQ_BAP, (void *) buf, len,
2174 infofid, sizeof(info));
2175 if (err) {
2176 kfree(buf);
2177 break;
2178 }
2179
2180#ifdef ORINOCO_DEBUG
2181 {
2182 int i;
2183 printk(KERN_DEBUG "Scan result [%02X", buf[0]);
2184 for (i = 1; i < (len * 2); i++)
2185 printk(":%02X", buf[i]);
2186 printk("]\n");
2187 }
2188#endif /* ORINOCO_DEBUG */
2189
2190 if (orinoco_process_scan_results(dev, buf, len) == 0) {
2191 /* Send an empty event to user space.
2192 * We don't send the received data on the event because
2193 * it would require us to do complex transcoding, and
2194 * we want to minimise the work done in the irq handler
2195 * Use a request to extract the data - Jean II */
2196 wrqu.data.length = 0;
2197 wrqu.data.flags = 0;
2198 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2199 }
2200 kfree(buf);
2201 }
2202 break;
2203 case HERMES_INQ_CHANNELINFO:
2204 {
2205 struct agere_ext_scan_info *bss;
2206
2207 if (!priv->scan_inprogress) {
2208 printk(KERN_DEBUG "%s: Got chaninfo without scan, "
2209 "len=%d\n", dev->name, len);
2210 break;
2211 }
2212
2213 /* An empty result indicates that the scan is complete */
2214 if (len == 0) {
2215 union iwreq_data wrqu;
2216
2217 /* Scan is no longer in progress */
2218 priv->scan_inprogress = 0;
2219
2220 wrqu.data.length = 0;
2221 wrqu.data.flags = 0;
2222 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2223 break;
2224 }
2225
2226 /* Sanity check */
2227 else if (len > sizeof(*bss)) {
2228 printk(KERN_WARNING
2229 "%s: Ext scan results too large (%d bytes). "
2230 "Truncating results to %zd bytes.\n",
2231 dev->name, len, sizeof(*bss));
2232 len = sizeof(*bss);
2233 } else if (len < (offsetof(struct agere_ext_scan_info,
2234 data) + 2)) {
2235 /* Drop this result now so we don't have to
2236 * keep checking later */
2237 printk(KERN_WARNING
2238 "%s: Ext scan results too short (%d bytes)\n",
2239 dev->name, len);
2240 break;
2241 }
2242
2243 bss = kmalloc(sizeof(*bss), GFP_ATOMIC);
2244 if (bss == NULL)
2245 break;
2246
2247 /* Read scan data */
2248 err = hermes_bap_pread(hw, IRQ_BAP, (void *) bss, len,
2249 infofid, sizeof(info));
2250 if (err) {
2251 kfree(bss);
2252 break;
2253 }
2254
2255 orinoco_add_ext_scan_result(priv, bss);
2256
2257 kfree(bss);
2258 break;
2259 }
2260 case HERMES_INQ_SEC_STAT_AGERE:
2261 /* Security status (Agere specific) */
2262 /* Ignore this frame for now */
2263 if (priv->firmware_type == FIRMWARE_TYPE_AGERE)
2264 break;
2265 /* fall through */
2266 default:
2267 printk(KERN_DEBUG "%s: Unknown information frame received: "
2268 "type 0x%04x, length %d\n", dev->name, type, len);
2269 /* We don't actually do anything about it */
2270 break;
2271 }
2272}
2273
2274static void __orinoco_ev_infdrop(struct net_device *dev, hermes_t *hw)
2275{
2276 if (net_ratelimit())
2277 printk(KERN_DEBUG "%s: Information frame lost.\n", dev->name);
2278}
2279
2280/********************************************************************/
2281/* Internal hardware control routines */
2282/********************************************************************/
2283
2284int __orinoco_up(struct net_device *dev)
2285{
2286 struct orinoco_private *priv = netdev_priv(dev);
2287 struct hermes *hw = &priv->hw;
2288 int err;
2289
2290 netif_carrier_off(dev); /* just to make sure */
2291
2292 err = __orinoco_program_rids(dev);
2293 if (err) {
2294 printk(KERN_ERR "%s: Error %d configuring card\n",
2295 dev->name, err);
2296 return err;
2297 }
2298
2299 /* Fire things up again */
2300 hermes_set_irqmask(hw, ORINOCO_INTEN);
2301 err = hermes_enable_port(hw, 0);
2302 if (err) {
2303 printk(KERN_ERR "%s: Error %d enabling MAC port\n",
2304 dev->name, err);
2305 return err;
2306 }
2307
2308 netif_start_queue(dev);
2309
2310 return 0;
2311}
2312EXPORT_SYMBOL(__orinoco_up);
2313
2314int __orinoco_down(struct net_device *dev)
2315{
2316 struct orinoco_private *priv = netdev_priv(dev);
2317 struct hermes *hw = &priv->hw;
2318 int err;
2319
2320 netif_stop_queue(dev);
2321
2322 if (!priv->hw_unavailable) {
2323 if (!priv->broken_disableport) {
2324 err = hermes_disable_port(hw, 0);
2325 if (err) {
2326 /* Some firmwares (e.g. Intersil 1.3.x) seem
2327 * to have problems disabling the port, oh
2328 * well, too bad. */
2329 printk(KERN_WARNING "%s: Error %d disabling MAC port\n",
2330 dev->name, err);
2331 priv->broken_disableport = 1;
2332 }
2333 }
2334 hermes_set_irqmask(hw, 0);
2335 hermes_write_regn(hw, EVACK, 0xffff);
2336 }
2337
2338 /* firmware will have to reassociate */
2339 netif_carrier_off(dev);
2340 priv->last_linkstatus = 0xffff;
2341
2342 return 0;
2343}
2344EXPORT_SYMBOL(__orinoco_down);
2345
2346static int orinoco_allocate_fid(struct net_device *dev)
2347{
2348 struct orinoco_private *priv = netdev_priv(dev);
2349 struct hermes *hw = &priv->hw;
2350 int err;
2351
2352 err = hermes_allocate(hw, priv->nicbuf_size, &priv->txfid);
2353 if (err == -EIO && priv->nicbuf_size > TX_NICBUF_SIZE_BUG) {
2354 /* Try workaround for old Symbol firmware bug */
2355 priv->nicbuf_size = TX_NICBUF_SIZE_BUG;
2356 err = hermes_allocate(hw, priv->nicbuf_size, &priv->txfid);
2357
2358 printk(KERN_WARNING "%s: firmware ALLOC bug detected "
2359 "(old Symbol firmware?). Work around %s\n",
2360 dev->name, err ? "failed!" : "ok.");
2361 }
2362
2363 return err;
2364}
2365
2366int orinoco_reinit_firmware(struct net_device *dev)
2367{
2368 struct orinoco_private *priv = netdev_priv(dev);
2369 struct hermes *hw = &priv->hw;
2370 int err;
2371
2372 err = hermes_init(hw);
2373 if (priv->do_fw_download && !err) {
2374 err = orinoco_download(priv);
2375 if (err)
2376 priv->do_fw_download = 0;
2377 }
2378 if (!err)
2379 err = orinoco_allocate_fid(dev);
2380
2381 return err;
2382}
2383EXPORT_SYMBOL(orinoco_reinit_firmware);
2384
2385static int __orinoco_hw_set_bitrate(struct orinoco_private *priv)
2386{
2387 hermes_t *hw = &priv->hw;
2388 int ratemode = priv->bitratemode;
2389 int err = 0;
2390
2391 if (ratemode >= BITRATE_TABLE_SIZE) {
2392 printk(KERN_ERR "%s: BUG: Invalid bitrate mode %d\n",
2393 priv->ndev->name, ratemode);
2394 return -EINVAL;
2395 }
2396
2397 switch (priv->firmware_type) {
2398 case FIRMWARE_TYPE_AGERE:
2399 err = hermes_write_wordrec(hw, USER_BAP,
2400 HERMES_RID_CNFTXRATECONTROL,
2401 bitrate_table[ratemode].agere_txratectrl);
2402 break;
2403 case FIRMWARE_TYPE_INTERSIL:
2404 case FIRMWARE_TYPE_SYMBOL:
2405 err = hermes_write_wordrec(hw, USER_BAP,
2406 HERMES_RID_CNFTXRATECONTROL,
2407 bitrate_table[ratemode].intersil_txratectrl);
2408 break;
2409 default:
2410 BUG();
2411 }
2412
2413 return err;
2414}
2415
2416/* Set fixed AP address */
2417static int __orinoco_hw_set_wap(struct orinoco_private *priv)
2418{
2419 int roaming_flag;
2420 int err = 0;
2421 hermes_t *hw = &priv->hw;
2422
2423 switch (priv->firmware_type) {
2424 case FIRMWARE_TYPE_AGERE:
2425 /* not supported */
2426 break;
2427 case FIRMWARE_TYPE_INTERSIL:
2428 if (priv->bssid_fixed)
2429 roaming_flag = 2;
2430 else
2431 roaming_flag = 1;
2432
2433 err = hermes_write_wordrec(hw, USER_BAP,
2434 HERMES_RID_CNFROAMINGMODE,
2435 roaming_flag);
2436 break;
2437 case FIRMWARE_TYPE_SYMBOL:
2438 err = HERMES_WRITE_RECORD(hw, USER_BAP,
2439 HERMES_RID_CNFMANDATORYBSSID_SYMBOL,
2440 &priv->desired_bssid);
2441 break;
2442 }
2443 return err;
2444}
2445
2446/* Change the WEP keys and/or the current keys. Can be called
2447 * either from __orinoco_hw_setup_enc() or directly from
2448 * orinoco_ioctl_setiwencode(). In the later case the association
2449 * with the AP is not broken (if the firmware can handle it),
2450 * which is needed for 802.1x implementations. */
2451static int __orinoco_hw_setup_wepkeys(struct orinoco_private *priv)
2452{
2453 hermes_t *hw = &priv->hw;
2454 int err = 0;
2455
2456 switch (priv->firmware_type) {
2457 case FIRMWARE_TYPE_AGERE:
2458 err = HERMES_WRITE_RECORD(hw, USER_BAP,
2459 HERMES_RID_CNFWEPKEYS_AGERE,
2460 &priv->keys);
2461 if (err)
2462 return err;
2463 err = hermes_write_wordrec(hw, USER_BAP,
2464 HERMES_RID_CNFTXKEY_AGERE,
2465 priv->tx_key);
2466 if (err)
2467 return err;
2468 break;
2469 case FIRMWARE_TYPE_INTERSIL:
2470 case FIRMWARE_TYPE_SYMBOL:
2471 {
2472 int keylen;
2473 int i;
2474
2475 /* Force uniform key length to work around
2476 * firmware bugs */
2477 keylen = le16_to_cpu(priv->keys[priv->tx_key].len);
2478
2479 if (keylen > LARGE_KEY_SIZE) {
2480 printk(KERN_ERR "%s: BUG: Key %d has oversize length %d.\n",
2481 priv->ndev->name, priv->tx_key, keylen);
2482 return -E2BIG;
2483 }
2484
2485 /* Write all 4 keys */
2486 for (i = 0; i < ORINOCO_MAX_KEYS; i++) {
2487 err = hermes_write_ltv(hw, USER_BAP,
2488 HERMES_RID_CNFDEFAULTKEY0 + i,
2489 HERMES_BYTES_TO_RECLEN(keylen),
2490 priv->keys[i].data);
2491 if (err)
2492 return err;
2493 }
2494
2495 /* Write the index of the key used in transmission */
2496 err = hermes_write_wordrec(hw, USER_BAP,
2497 HERMES_RID_CNFWEPDEFAULTKEYID,
2498 priv->tx_key);
2499 if (err)
2500 return err;
2501 }
2502 break;
2503 }
2504
2505 return 0;
2506}
2507
2508static int __orinoco_hw_setup_enc(struct orinoco_private *priv)
2509{
2510 hermes_t *hw = &priv->hw;
2511 int err = 0;
2512 int master_wep_flag;
2513 int auth_flag;
2514 int enc_flag;
2515
2516 /* Setup WEP keys for WEP and WPA */
2517 if (priv->encode_alg)
2518 __orinoco_hw_setup_wepkeys(priv);
2519
2520 if (priv->wep_restrict)
2521 auth_flag = HERMES_AUTH_SHARED_KEY;
2522 else
2523 auth_flag = HERMES_AUTH_OPEN;
2524
2525 if (priv->wpa_enabled)
2526 enc_flag = 2;
2527 else if (priv->encode_alg == IW_ENCODE_ALG_WEP)
2528 enc_flag = 1;
2529 else
2530 enc_flag = 0;
2531
2532 switch (priv->firmware_type) {
2533 case FIRMWARE_TYPE_AGERE: /* Agere style WEP */
2534 if (priv->encode_alg == IW_ENCODE_ALG_WEP) {
2535 /* Enable the shared-key authentication. */
2536 err = hermes_write_wordrec(hw, USER_BAP,
2537 HERMES_RID_CNFAUTHENTICATION_AGERE,
2538 auth_flag);
2539 }
2540 err = hermes_write_wordrec(hw, USER_BAP,
2541 HERMES_RID_CNFWEPENABLED_AGERE,
2542 enc_flag);
2543 if (err)
2544 return err;
2545
2546 if (priv->has_wpa) {
2547 /* Set WPA key management */
2548 err = hermes_write_wordrec(hw, USER_BAP,
2549 HERMES_RID_CNFSETWPAAUTHMGMTSUITE_AGERE,
2550 priv->key_mgmt);
2551 if (err)
2552 return err;
2553 }
2554
2555 break;
2556
2557 case FIRMWARE_TYPE_INTERSIL: /* Intersil style WEP */
2558 case FIRMWARE_TYPE_SYMBOL: /* Symbol style WEP */
2559 if (priv->encode_alg == IW_ENCODE_ALG_WEP) {
2560 if (priv->wep_restrict ||
2561 (priv->firmware_type == FIRMWARE_TYPE_SYMBOL))
2562 master_wep_flag = HERMES_WEP_PRIVACY_INVOKED |
2563 HERMES_WEP_EXCL_UNENCRYPTED;
2564 else
2565 master_wep_flag = HERMES_WEP_PRIVACY_INVOKED;
2566
2567 err = hermes_write_wordrec(hw, USER_BAP,
2568 HERMES_RID_CNFAUTHENTICATION,
2569 auth_flag);
2570 if (err)
2571 return err;
2572 } else
2573 master_wep_flag = 0;
2574
2575 if (priv->iw_mode == IW_MODE_MONITOR)
2576 master_wep_flag |= HERMES_WEP_HOST_DECRYPT;
2577
2578 /* Master WEP setting : on/off */
2579 err = hermes_write_wordrec(hw, USER_BAP,
2580 HERMES_RID_CNFWEPFLAGS_INTERSIL,
2581 master_wep_flag);
2582 if (err)
2583 return err;
2584
2585 break;
2586 }
2587
2588 return 0;
2589}
2590
2591/* key must be 32 bytes, including the tx and rx MIC keys.
2592 * rsc must be 8 bytes
2593 * tsc must be 8 bytes or NULL
2594 */
2595static int __orinoco_hw_set_tkip_key(hermes_t *hw, int key_idx, int set_tx,
2596 u8 *key, u8 *rsc, u8 *tsc)
2597{
2598 struct {
2599 __le16 idx;
2600 u8 rsc[IW_ENCODE_SEQ_MAX_SIZE];
2601 u8 key[TKIP_KEYLEN];
2602 u8 tx_mic[MIC_KEYLEN];
2603 u8 rx_mic[MIC_KEYLEN];
2604 u8 tsc[IW_ENCODE_SEQ_MAX_SIZE];
2605 } __attribute__ ((packed)) buf;
2606 int ret;
2607 int err;
2608 int k;
2609 u16 xmitting;
2610
2611 key_idx &= 0x3;
2612
2613 if (set_tx)
2614 key_idx |= 0x8000;
2615
2616 buf.idx = cpu_to_le16(key_idx);
2617 memcpy(buf.key, key,
2618 sizeof(buf.key) + sizeof(buf.tx_mic) + sizeof(buf.rx_mic));
2619
2620 if (rsc == NULL)
2621 memset(buf.rsc, 0, sizeof(buf.rsc));
2622 else
2623 memcpy(buf.rsc, rsc, sizeof(buf.rsc));
2624
2625 if (tsc == NULL) {
2626 memset(buf.tsc, 0, sizeof(buf.tsc));
2627 buf.tsc[4] = 0x10;
2628 } else {
2629 memcpy(buf.tsc, tsc, sizeof(buf.tsc));
2630 }
2631
2632 /* Wait upto 100ms for tx queue to empty */
2633 k = 100;
2634 do {
2635 k--;
2636 udelay(1000);
2637 ret = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_TXQUEUEEMPTY,
2638 &xmitting);
2639 if (ret)
2640 break;
2641 } while ((k > 0) && xmitting);
2642
2643 if (k == 0)
2644 ret = -ETIMEDOUT;
2645
2646 err = HERMES_WRITE_RECORD(hw, USER_BAP,
2647 HERMES_RID_CNFADDDEFAULTTKIPKEY_AGERE,
2648 &buf);
2649
2650 return ret ? ret : err;
2651}
2652
2653static int orinoco_clear_tkip_key(struct orinoco_private *priv,
2654 int key_idx)
2655{
2656 hermes_t *hw = &priv->hw;
2657 int err;
2658
2659 memset(&priv->tkip_key[key_idx], 0, sizeof(priv->tkip_key[key_idx]));
2660 err = hermes_write_wordrec(hw, USER_BAP,
2661 HERMES_RID_CNFREMDEFAULTTKIPKEY_AGERE,
2662 key_idx);
2663 if (err)
2664 printk(KERN_WARNING "%s: Error %d clearing TKIP key %d\n",
2665 priv->ndev->name, err, key_idx);
2666 return err;
2667}
2668
2669static int __orinoco_program_rids(struct net_device *dev)
2670{
2671 struct orinoco_private *priv = netdev_priv(dev);
2672 hermes_t *hw = &priv->hw;
2673 int err;
2674 struct hermes_idstring idbuf;
2675
2676 /* Set the MAC address */
2677 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
2678 HERMES_BYTES_TO_RECLEN(ETH_ALEN), dev->dev_addr);
2679 if (err) {
2680 printk(KERN_ERR "%s: Error %d setting MAC address\n",
2681 dev->name, err);
2682 return err;
2683 }
2684
2685 /* Set up the link mode */
2686 err = hermes_write_wordrec(hw, USER_BAP, HERMES_RID_CNFPORTTYPE,
2687 priv->port_type);
2688 if (err) {
2689 printk(KERN_ERR "%s: Error %d setting port type\n",
2690 dev->name, err);
2691 return err;
2692 }
2693 /* Set the channel/frequency */
2694 if (priv->channel != 0 && priv->iw_mode != IW_MODE_INFRA) {
2695 err = hermes_write_wordrec(hw, USER_BAP,
2696 HERMES_RID_CNFOWNCHANNEL,
2697 priv->channel);
2698 if (err) {
2699 printk(KERN_ERR "%s: Error %d setting channel %d\n",
2700 dev->name, err, priv->channel);
2701 return err;
2702 }
2703 }
2704
2705 if (priv->has_ibss) {
2706 u16 createibss;
2707
2708 if ((strlen(priv->desired_essid) == 0) && (priv->createibss)) {
2709 printk(KERN_WARNING "%s: This firmware requires an "
2710 "ESSID in IBSS-Ad-Hoc mode.\n", dev->name);
2711 /* With wvlan_cs, in this case, we would crash.
2712 * hopefully, this driver will behave better...
2713 * Jean II */
2714 createibss = 0;
2715 } else {
2716 createibss = priv->createibss;
2717 }
2718
2719 err = hermes_write_wordrec(hw, USER_BAP,
2720 HERMES_RID_CNFCREATEIBSS,
2721 createibss);
2722 if (err) {
2723 printk(KERN_ERR "%s: Error %d setting CREATEIBSS\n",
2724 dev->name, err);
2725 return err;
2726 }
2727 }
2728
2729 /* Set the desired BSSID */
2730 err = __orinoco_hw_set_wap(priv);
2731 if (err) {
2732 printk(KERN_ERR "%s: Error %d setting AP address\n",
2733 dev->name, err);
2734 return err;
2735 }
2736 /* Set the desired ESSID */
2737 idbuf.len = cpu_to_le16(strlen(priv->desired_essid));
2738 memcpy(&idbuf.val, priv->desired_essid, sizeof(idbuf.val));
2739 /* WinXP wants partner to configure OWNSSID even in IBSS mode. (jimc) */
2740 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNSSID,
2741 HERMES_BYTES_TO_RECLEN(strlen(priv->desired_essid)+2),
2742 &idbuf);
2743 if (err) {
2744 printk(KERN_ERR "%s: Error %d setting OWNSSID\n",
2745 dev->name, err);
2746 return err;
2747 }
2748 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFDESIREDSSID,
2749 HERMES_BYTES_TO_RECLEN(strlen(priv->desired_essid)+2),
2750 &idbuf);
2751 if (err) {
2752 printk(KERN_ERR "%s: Error %d setting DESIREDSSID\n",
2753 dev->name, err);
2754 return err;
2755 }
2756
2757 /* Set the station name */
2758 idbuf.len = cpu_to_le16(strlen(priv->nick));
2759 memcpy(&idbuf.val, priv->nick, sizeof(idbuf.val));
2760 err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNNAME,
2761 HERMES_BYTES_TO_RECLEN(strlen(priv->nick)+2),
2762 &idbuf);
2763 if (err) {
2764 printk(KERN_ERR "%s: Error %d setting nickname\n",
2765 dev->name, err);
2766 return err;
2767 }
2768
2769 /* Set AP density */
2770 if (priv->has_sensitivity) {
2771 err = hermes_write_wordrec(hw, USER_BAP,
2772 HERMES_RID_CNFSYSTEMSCALE,
2773 priv->ap_density);
2774 if (err) {
2775 printk(KERN_WARNING "%s: Error %d setting SYSTEMSCALE. "
2776 "Disabling sensitivity control\n",
2777 dev->name, err);
2778
2779 priv->has_sensitivity = 0;
2780 }
2781 }
2782
2783 /* Set RTS threshold */
2784 err = hermes_write_wordrec(hw, USER_BAP, HERMES_RID_CNFRTSTHRESHOLD,
2785 priv->rts_thresh);
2786 if (err) {
2787 printk(KERN_ERR "%s: Error %d setting RTS threshold\n",
2788 dev->name, err);
2789 return err;
2790 }
2791
2792 /* Set fragmentation threshold or MWO robustness */
2793 if (priv->has_mwo)
2794 err = hermes_write_wordrec(hw, USER_BAP,
2795 HERMES_RID_CNFMWOROBUST_AGERE,
2796 priv->mwo_robust);
2797 else
2798 err = hermes_write_wordrec(hw, USER_BAP,
2799 HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
2800 priv->frag_thresh);
2801 if (err) {
2802 printk(KERN_ERR "%s: Error %d setting fragmentation\n",
2803 dev->name, err);
2804 return err;
2805 }
2806
2807 /* Set bitrate */
2808 err = __orinoco_hw_set_bitrate(priv);
2809 if (err) {
2810 printk(KERN_ERR "%s: Error %d setting bitrate\n",
2811 dev->name, err);
2812 return err;
2813 }
2814
2815 /* Set power management */
2816 if (priv->has_pm) {
2817 err = hermes_write_wordrec(hw, USER_BAP,
2818 HERMES_RID_CNFPMENABLED,
2819 priv->pm_on);
2820 if (err) {
2821 printk(KERN_ERR "%s: Error %d setting up PM\n",
2822 dev->name, err);
2823 return err;
2824 }
2825
2826 err = hermes_write_wordrec(hw, USER_BAP,
2827 HERMES_RID_CNFMULTICASTRECEIVE,
2828 priv->pm_mcast);
2829 if (err) {
2830 printk(KERN_ERR "%s: Error %d setting up PM\n",
2831 dev->name, err);
2832 return err;
2833 }
2834 err = hermes_write_wordrec(hw, USER_BAP,
2835 HERMES_RID_CNFMAXSLEEPDURATION,
2836 priv->pm_period);
2837 if (err) {
2838 printk(KERN_ERR "%s: Error %d setting up PM\n",
2839 dev->name, err);
2840 return err;
2841 }
2842 err = hermes_write_wordrec(hw, USER_BAP,
2843 HERMES_RID_CNFPMHOLDOVERDURATION,
2844 priv->pm_timeout);
2845 if (err) {
2846 printk(KERN_ERR "%s: Error %d setting up PM\n",
2847 dev->name, err);
2848 return err;
2849 }
2850 }
2851
2852 /* Set preamble - only for Symbol so far... */
2853 if (priv->has_preamble) {
2854 err = hermes_write_wordrec(hw, USER_BAP,
2855 HERMES_RID_CNFPREAMBLE_SYMBOL,
2856 priv->preamble);
2857 if (err) {
2858 printk(KERN_ERR "%s: Error %d setting preamble\n",
2859 dev->name, err);
2860 return err;
2861 }
2862 }
2863
2864 /* Set up encryption */
2865 if (priv->has_wep || priv->has_wpa) {
2866 err = __orinoco_hw_setup_enc(priv);
2867 if (err) {
2868 printk(KERN_ERR "%s: Error %d activating encryption\n",
2869 dev->name, err);
2870 return err;
2871 }
2872 }
2873
2874 if (priv->iw_mode == IW_MODE_MONITOR) {
2875 /* Enable monitor mode */
2876 dev->type = ARPHRD_IEEE80211;
2877 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
2878 HERMES_TEST_MONITOR, 0, NULL);
2879 } else {
2880 /* Disable monitor mode */
2881 dev->type = ARPHRD_ETHER;
2882 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
2883 HERMES_TEST_STOP, 0, NULL);
2884 }
2885 if (err)
2886 return err;
2887
2888 /* Set promiscuity / multicast*/
2889 priv->promiscuous = 0;
2890 priv->mc_count = 0;
2891
2892 /* FIXME: what about netif_tx_lock */
2893 __orinoco_set_multicast_list(dev);
2894
2895 return 0;
2896}
2897
2898/* FIXME: return int? */
2899static void
2900__orinoco_set_multicast_list(struct net_device *dev)
2901{
2902 struct orinoco_private *priv = netdev_priv(dev);
2903 hermes_t *hw = &priv->hw;
2904 int err = 0;
2905 int promisc, mc_count;
2906
2907 /* The Hermes doesn't seem to have an allmulti mode, so we go
2908 * into promiscuous mode and let the upper levels deal. */
2909 if ((dev->flags & IFF_PROMISC) || (dev->flags & IFF_ALLMULTI) ||
2910 (dev->mc_count > MAX_MULTICAST(priv))) {
2911 promisc = 1;
2912 mc_count = 0;
2913 } else {
2914 promisc = 0;
2915 mc_count = dev->mc_count;
2916 }
2917
2918 if (promisc != priv->promiscuous) {
2919 err = hermes_write_wordrec(hw, USER_BAP,
2920 HERMES_RID_CNFPROMISCUOUSMODE,
2921 promisc);
2922 if (err) {
2923 printk(KERN_ERR "%s: Error %d setting PROMISCUOUSMODE to 1.\n",
2924 dev->name, err);
2925 } else
2926 priv->promiscuous = promisc;
2927 }
2928
2929 /* If we're not in promiscuous mode, then we need to set the
2930 * group address if either we want to multicast, or if we were
2931 * multicasting and want to stop */
2932 if (!promisc && (mc_count || priv->mc_count)) {
2933 struct dev_mc_list *p = dev->mc_list;
2934 struct hermes_multicast mclist;
2935 int i;
2936
2937 for (i = 0; i < mc_count; i++) {
2938 /* paranoia: is list shorter than mc_count? */
2939 BUG_ON(!p);
2940 /* paranoia: bad address size in list? */
2941 BUG_ON(p->dmi_addrlen != ETH_ALEN);
2942
2943 memcpy(mclist.addr[i], p->dmi_addr, ETH_ALEN);
2944 p = p->next;
2945 }
2946
2947 if (p)
2948 printk(KERN_WARNING "%s: Multicast list is "
2949 "longer than mc_count\n", dev->name);
2950
2951 err = hermes_write_ltv(hw, USER_BAP,
2952 HERMES_RID_CNFGROUPADDRESSES,
2953 HERMES_BYTES_TO_RECLEN(mc_count * ETH_ALEN),
2954 &mclist);
2955 if (err)
2956 printk(KERN_ERR "%s: Error %d setting multicast list.\n",
2957 dev->name, err);
2958 else
2959 priv->mc_count = mc_count;
2960 }
2961}
2962
2963/* This must be called from user context, without locks held - use
2964 * schedule_work() */
2965static void orinoco_reset(struct work_struct *work)
2966{
2967 struct orinoco_private *priv =
2968 container_of(work, struct orinoco_private, reset_work);
2969 struct net_device *dev = priv->ndev;
2970 struct hermes *hw = &priv->hw;
2971 int err;
2972 unsigned long flags;
2973
2974 if (orinoco_lock(priv, &flags) != 0)
2975 /* When the hardware becomes available again, whatever
2976 * detects that is responsible for re-initializing
2977 * it. So no need for anything further */
2978 return;
2979
2980 netif_stop_queue(dev);
2981
2982 /* Shut off interrupts. Depending on what state the hardware
2983 * is in, this might not work, but we'll try anyway */
2984 hermes_set_irqmask(hw, 0);
2985 hermes_write_regn(hw, EVACK, 0xffff);
2986
2987 priv->hw_unavailable++;
2988 priv->last_linkstatus = 0xffff; /* firmware will have to reassociate */
2989 netif_carrier_off(dev);
2990
2991 orinoco_unlock(priv, &flags);
2992
2993 /* Scanning support: Cleanup of driver struct */
2994 orinoco_clear_scan_results(priv, 0);
2995 priv->scan_inprogress = 0;
2996
2997 if (priv->hard_reset) {
2998 err = (*priv->hard_reset)(priv);
2999 if (err) {
3000 printk(KERN_ERR "%s: orinoco_reset: Error %d "
3001 "performing hard reset\n", dev->name, err);
3002 goto disable;
3003 }
3004 }
3005
3006 err = orinoco_reinit_firmware(dev);
3007 if (err) {
3008 printk(KERN_ERR "%s: orinoco_reset: Error %d re-initializing firmware\n",
3009 dev->name, err);
3010 goto disable;
3011 }
3012
3013 /* This has to be called from user context */
3014 spin_lock_irq(&priv->lock);
3015
3016 priv->hw_unavailable--;
3017
3018 /* priv->open or priv->hw_unavailable might have changed while
3019 * we dropped the lock */
3020 if (priv->open && (!priv->hw_unavailable)) {
3021 err = __orinoco_up(dev);
3022 if (err) {
3023 printk(KERN_ERR "%s: orinoco_reset: Error %d reenabling card\n",
3024 dev->name, err);
3025 } else
3026 dev->trans_start = jiffies;
3027 }
3028
3029 spin_unlock_irq(&priv->lock);
3030
3031 return;
3032 disable:
3033 hermes_set_irqmask(hw, 0);
3034 netif_device_detach(dev);
3035 printk(KERN_ERR "%s: Device has been disabled!\n", dev->name);
3036}
3037
3038/********************************************************************/
3039/* Interrupt handler */
3040/********************************************************************/
3041
3042static void __orinoco_ev_tick(struct net_device *dev, hermes_t *hw)
3043{
3044 printk(KERN_DEBUG "%s: TICK\n", dev->name);
3045}
3046
3047static void __orinoco_ev_wterr(struct net_device *dev, hermes_t *hw)
3048{
3049 /* This seems to happen a fair bit under load, but ignoring it
3050 seems to work fine...*/
3051 printk(KERN_DEBUG "%s: MAC controller error (WTERR). Ignoring.\n",
3052 dev->name);
3053}
3054
3055irqreturn_t orinoco_interrupt(int irq, void *dev_id)
3056{
3057 struct net_device *dev = dev_id;
3058 struct orinoco_private *priv = netdev_priv(dev);
3059 hermes_t *hw = &priv->hw;
3060 int count = MAX_IRQLOOPS_PER_IRQ;
3061 u16 evstat, events;
3062 /* These are used to detect a runaway interrupt situation.
3063 *
3064 * If we get more than MAX_IRQLOOPS_PER_JIFFY iterations in a jiffy,
3065 * we panic and shut down the hardware
3066 */
3067 /* jiffies value the last time we were called */
3068 static int last_irq_jiffy; /* = 0 */
3069 static int loops_this_jiffy; /* = 0 */
3070 unsigned long flags;
3071
3072 if (orinoco_lock(priv, &flags) != 0) {
3073 /* If hw is unavailable - we don't know if the irq was
3074 * for us or not */
3075 return IRQ_HANDLED;
3076 }
3077
3078 evstat = hermes_read_regn(hw, EVSTAT);
3079 events = evstat & hw->inten;
3080 if (!events) {
3081 orinoco_unlock(priv, &flags);
3082 return IRQ_NONE;
3083 }
3084
3085 if (jiffies != last_irq_jiffy)
3086 loops_this_jiffy = 0;
3087 last_irq_jiffy = jiffies;
3088
3089 while (events && count--) {
3090 if (++loops_this_jiffy > MAX_IRQLOOPS_PER_JIFFY) {
3091 printk(KERN_WARNING "%s: IRQ handler is looping too "
3092 "much! Resetting.\n", dev->name);
3093 /* Disable interrupts for now */
3094 hermes_set_irqmask(hw, 0);
3095 schedule_work(&priv->reset_work);
3096 break;
3097 }
3098
3099 /* Check the card hasn't been removed */
3100 if (!hermes_present(hw)) {
3101 DEBUG(0, "orinoco_interrupt(): card removed\n");
3102 break;
3103 }
3104
3105 if (events & HERMES_EV_TICK)
3106 __orinoco_ev_tick(dev, hw);
3107 if (events & HERMES_EV_WTERR)
3108 __orinoco_ev_wterr(dev, hw);
3109 if (events & HERMES_EV_INFDROP)
3110 __orinoco_ev_infdrop(dev, hw);
3111 if (events & HERMES_EV_INFO)
3112 __orinoco_ev_info(dev, hw);
3113 if (events & HERMES_EV_RX)
3114 __orinoco_ev_rx(dev, hw);
3115 if (events & HERMES_EV_TXEXC)
3116 __orinoco_ev_txexc(dev, hw);
3117 if (events & HERMES_EV_TX)
3118 __orinoco_ev_tx(dev, hw);
3119 if (events & HERMES_EV_ALLOC)
3120 __orinoco_ev_alloc(dev, hw);
3121
3122 hermes_write_regn(hw, EVACK, evstat);
3123
3124 evstat = hermes_read_regn(hw, EVSTAT);
3125 events = evstat & hw->inten;
3126 };
3127
3128 orinoco_unlock(priv, &flags);
3129 return IRQ_HANDLED;
3130}
3131EXPORT_SYMBOL(orinoco_interrupt);
3132
3133/********************************************************************/
3134/* Power management */
3135/********************************************************************/
3136#if defined(CONFIG_PM_SLEEP) && !defined(CONFIG_HERMES_CACHE_FW_ON_INIT)
3137static int orinoco_pm_notifier(struct notifier_block *notifier,
3138 unsigned long pm_event,
3139 void *unused)
3140{
3141 struct orinoco_private *priv = container_of(notifier,
3142 struct orinoco_private,
3143 pm_notifier);
3144
3145 /* All we need to do is cache the firmware before suspend, and
3146 * release it when we come out.
3147 *
3148 * Only need to do this if we're downloading firmware. */
3149 if (!priv->do_fw_download)
3150 return NOTIFY_DONE;
3151
3152 switch (pm_event) {
3153 case PM_HIBERNATION_PREPARE:
3154 case PM_SUSPEND_PREPARE:
3155 orinoco_cache_fw(priv, 0);
3156 break;
3157
3158 case PM_POST_RESTORE:
3159 /* Restore from hibernation failed. We need to clean
3160 * up in exactly the same way, so fall through. */
3161 case PM_POST_HIBERNATION:
3162 case PM_POST_SUSPEND:
3163 orinoco_uncache_fw(priv);
3164 break;
3165
3166 case PM_RESTORE_PREPARE:
3167 default:
3168 break;
3169 }
3170
3171 return NOTIFY_DONE;
3172}
3173#else /* !PM_SLEEP || HERMES_CACHE_FW_ON_INIT */
3174#define orinoco_pm_notifier NULL
3175#endif
3176
3177/********************************************************************/
3178/* Initialization */
3179/********************************************************************/
3180
3181struct comp_id {
3182 u16 id, variant, major, minor;
3183} __attribute__ ((packed));
3184
3185static inline fwtype_t determine_firmware_type(struct comp_id *nic_id)
3186{
3187 if (nic_id->id < 0x8000)
3188 return FIRMWARE_TYPE_AGERE;
3189 else if (nic_id->id == 0x8000 && nic_id->major == 0)
3190 return FIRMWARE_TYPE_SYMBOL;
3191 else
3192 return FIRMWARE_TYPE_INTERSIL;
3193}
3194
3195/* Set priv->firmware type, determine firmware properties */
3196static int determine_firmware(struct net_device *dev)
3197{
3198 struct orinoco_private *priv = netdev_priv(dev);
3199 hermes_t *hw = &priv->hw;
3200 int err;
3201 struct comp_id nic_id, sta_id;
3202 unsigned int firmver;
3203 char tmp[SYMBOL_MAX_VER_LEN+1] __attribute__((aligned(2)));
3204
3205 /* Get the hardware version */
3206 err = HERMES_READ_RECORD(hw, USER_BAP, HERMES_RID_NICID, &nic_id);
3207 if (err) {
3208 printk(KERN_ERR "%s: Cannot read hardware identity: error %d\n",
3209 dev->name, err);
3210 return err;
3211 }
3212
3213 le16_to_cpus(&nic_id.id);
3214 le16_to_cpus(&nic_id.variant);
3215 le16_to_cpus(&nic_id.major);
3216 le16_to_cpus(&nic_id.minor);
3217 printk(KERN_DEBUG "%s: Hardware identity %04x:%04x:%04x:%04x\n",
3218 dev->name, nic_id.id, nic_id.variant,
3219 nic_id.major, nic_id.minor);
3220
3221 priv->firmware_type = determine_firmware_type(&nic_id);
3222
3223 /* Get the firmware version */
3224 err = HERMES_READ_RECORD(hw, USER_BAP, HERMES_RID_STAID, &sta_id);
3225 if (err) {
3226 printk(KERN_ERR "%s: Cannot read station identity: error %d\n",
3227 dev->name, err);
3228 return err;
3229 }
3230
3231 le16_to_cpus(&sta_id.id);
3232 le16_to_cpus(&sta_id.variant);
3233 le16_to_cpus(&sta_id.major);
3234 le16_to_cpus(&sta_id.minor);
3235 printk(KERN_DEBUG "%s: Station identity %04x:%04x:%04x:%04x\n",
3236 dev->name, sta_id.id, sta_id.variant,
3237 sta_id.major, sta_id.minor);
3238
3239 switch (sta_id.id) {
3240 case 0x15:
3241 printk(KERN_ERR "%s: Primary firmware is active\n",
3242 dev->name);
3243 return -ENODEV;
3244 case 0x14b:
3245 printk(KERN_ERR "%s: Tertiary firmware is active\n",
3246 dev->name);
3247 return -ENODEV;
3248 case 0x1f: /* Intersil, Agere, Symbol Spectrum24 */
3249 case 0x21: /* Symbol Spectrum24 Trilogy */
3250 break;
3251 default:
3252 printk(KERN_NOTICE "%s: Unknown station ID, please report\n",
3253 dev->name);
3254 break;
3255 }
3256
3257 /* Default capabilities */
3258 priv->has_sensitivity = 1;
3259 priv->has_mwo = 0;
3260 priv->has_preamble = 0;
3261 priv->has_port3 = 1;
3262 priv->has_ibss = 1;
3263 priv->has_wep = 0;
3264 priv->has_big_wep = 0;
3265 priv->has_alt_txcntl = 0;
3266 priv->has_ext_scan = 0;
3267 priv->has_wpa = 0;
3268 priv->do_fw_download = 0;
3269
3270 /* Determine capabilities from the firmware version */
3271 switch (priv->firmware_type) {
3272 case FIRMWARE_TYPE_AGERE:
3273 /* Lucent Wavelan IEEE, Lucent Orinoco, Cabletron RoamAbout,
3274 ELSA, Melco, HP, IBM, Dell 1150, Compaq 110/210 */
3275 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
3276 "Lucent/Agere %d.%02d", sta_id.major, sta_id.minor);
3277
3278 firmver = ((unsigned long)sta_id.major << 16) | sta_id.minor;
3279
3280 priv->has_ibss = (firmver >= 0x60006);
3281 priv->has_wep = (firmver >= 0x40020);
3282 priv->has_big_wep = 1; /* FIXME: this is wrong - how do we tell
3283 Gold cards from the others? */
3284 priv->has_mwo = (firmver >= 0x60000);
3285 priv->has_pm = (firmver >= 0x40020); /* Don't work in 7.52 ? */
3286 priv->ibss_port = 1;
3287 priv->has_hostscan = (firmver >= 0x8000a);
3288 priv->do_fw_download = 1;
3289 priv->broken_monitor = (firmver >= 0x80000);
3290 priv->has_alt_txcntl = (firmver >= 0x90000); /* All 9.x ? */
3291 priv->has_ext_scan = (firmver >= 0x90000); /* All 9.x ? */
3292 priv->has_wpa = (firmver >= 0x9002a);
3293 /* Tested with Agere firmware :
3294 * 1.16 ; 4.08 ; 4.52 ; 6.04 ; 6.16 ; 7.28 => Jean II
3295 * Tested CableTron firmware : 4.32 => Anton */
3296 break;
3297 case FIRMWARE_TYPE_SYMBOL:
3298 /* Symbol , 3Com AirConnect, Intel, Ericsson WLAN */
3299 /* Intel MAC : 00:02:B3:* */
3300 /* 3Com MAC : 00:50:DA:* */
3301 memset(tmp, 0, sizeof(tmp));
3302 /* Get the Symbol firmware version */
3303 err = hermes_read_ltv(hw, USER_BAP,
3304 HERMES_RID_SECONDARYVERSION_SYMBOL,
3305 SYMBOL_MAX_VER_LEN, NULL, &tmp);
3306 if (err) {
3307 printk(KERN_WARNING
3308 "%s: Error %d reading Symbol firmware info. "
3309 "Wildly guessing capabilities...\n",
3310 dev->name, err);
3311 firmver = 0;
3312 tmp[0] = '\0';
3313 } else {
3314 /* The firmware revision is a string, the format is
3315 * something like : "V2.20-01".
3316 * Quick and dirty parsing... - Jean II
3317 */
3318 firmver = ((tmp[1] - '0') << 16)
3319 | ((tmp[3] - '0') << 12)
3320 | ((tmp[4] - '0') << 8)
3321 | ((tmp[6] - '0') << 4)
3322 | (tmp[7] - '0');
3323
3324 tmp[SYMBOL_MAX_VER_LEN] = '\0';
3325 }
3326
3327 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
3328 "Symbol %s", tmp);
3329
3330 priv->has_ibss = (firmver >= 0x20000);
3331 priv->has_wep = (firmver >= 0x15012);
3332 priv->has_big_wep = (firmver >= 0x20000);
3333 priv->has_pm = (firmver >= 0x20000 && firmver < 0x22000) ||
3334 (firmver >= 0x29000 && firmver < 0x30000) ||
3335 firmver >= 0x31000;
3336 priv->has_preamble = (firmver >= 0x20000);
3337 priv->ibss_port = 4;
3338
3339 /* Symbol firmware is found on various cards, but
3340 * there has been no attempt to check firmware
3341 * download on non-spectrum_cs based cards.
3342 *
3343 * Given that the Agere firmware download works
3344 * differently, we should avoid doing a firmware
3345 * download with the Symbol algorithm on non-spectrum
3346 * cards.
3347 *
3348 * For now we can identify a spectrum_cs based card
3349 * because it has a firmware reset function.
3350 */
3351 priv->do_fw_download = (priv->stop_fw != NULL);
3352
3353 priv->broken_disableport = (firmver == 0x25013) ||
3354 (firmver >= 0x30000 && firmver <= 0x31000);
3355 priv->has_hostscan = (firmver >= 0x31001) ||
3356 (firmver >= 0x29057 && firmver < 0x30000);
3357 /* Tested with Intel firmware : 0x20015 => Jean II */
3358 /* Tested with 3Com firmware : 0x15012 & 0x22001 => Jean II */
3359 break;
3360 case FIRMWARE_TYPE_INTERSIL:
3361 /* D-Link, Linksys, Adtron, ZoomAir, and many others...
3362 * Samsung, Compaq 100/200 and Proxim are slightly
3363 * different and less well tested */
3364 /* D-Link MAC : 00:40:05:* */
3365 /* Addtron MAC : 00:90:D1:* */
3366 snprintf(priv->fw_name, sizeof(priv->fw_name) - 1,
3367 "Intersil %d.%d.%d", sta_id.major, sta_id.minor,
3368 sta_id.variant);
3369
3370 firmver = ((unsigned long)sta_id.major << 16) |
3371 ((unsigned long)sta_id.minor << 8) | sta_id.variant;
3372
3373 priv->has_ibss = (firmver >= 0x000700); /* FIXME */
3374 priv->has_big_wep = priv->has_wep = (firmver >= 0x000800);
3375 priv->has_pm = (firmver >= 0x000700);
3376 priv->has_hostscan = (firmver >= 0x010301);
3377
3378 if (firmver >= 0x000800)
3379 priv->ibss_port = 0;
3380 else {
3381 printk(KERN_NOTICE "%s: Intersil firmware earlier "
3382 "than v0.8.x - several features not supported\n",
3383 dev->name);
3384 priv->ibss_port = 1;
3385 }
3386 break;
3387 }
3388 printk(KERN_DEBUG "%s: Firmware determined as %s\n", dev->name,
3389 priv->fw_name);
3390
3391 return 0;
3392}
3393
3394static int orinoco_init(struct net_device *dev)
3395{
3396 struct orinoco_private *priv = netdev_priv(dev);
3397 hermes_t *hw = &priv->hw;
3398 int err = 0;
3399 struct hermes_idstring nickbuf;
3400 u16 reclen;
3401 int len;
3402
3403 /* No need to lock, the hw_unavailable flag is already set in
3404 * alloc_orinocodev() */
3405 priv->nicbuf_size = IEEE80211_MAX_FRAME_LEN + ETH_HLEN;
3406
3407 /* Initialize the firmware */
3408 err = hermes_init(hw);
3409 if (err != 0) {
3410 printk(KERN_ERR "%s: failed to initialize firmware (err = %d)\n",
3411 dev->name, err);
3412 goto out;
3413 }
3414
3415 err = determine_firmware(dev);
3416 if (err != 0) {
3417 printk(KERN_ERR "%s: Incompatible firmware, aborting\n",
3418 dev->name);
3419 goto out;
3420 }
3421
3422 if (priv->do_fw_download) {
3423#ifdef CONFIG_HERMES_CACHE_FW_ON_INIT
3424 orinoco_cache_fw(priv, 0);
3425#endif
3426
3427 err = orinoco_download(priv);
3428 if (err)
3429 priv->do_fw_download = 0;
3430
3431 /* Check firmware version again */
3432 err = determine_firmware(dev);
3433 if (err != 0) {
3434 printk(KERN_ERR "%s: Incompatible firmware, aborting\n",
3435 dev->name);
3436 goto out;
3437 }
3438 }
3439
3440 if (priv->has_port3)
3441 printk(KERN_DEBUG "%s: Ad-hoc demo mode supported\n",
3442 dev->name);
3443 if (priv->has_ibss)
3444 printk(KERN_DEBUG "%s: IEEE standard IBSS ad-hoc mode supported\n",
3445 dev->name);
3446 if (priv->has_wep) {
3447 printk(KERN_DEBUG "%s: WEP supported, %s-bit key\n", dev->name,
3448 priv->has_big_wep ? "104" : "40");
3449 }
3450 if (priv->has_wpa) {
3451 printk(KERN_DEBUG "%s: WPA-PSK supported\n", dev->name);
3452 if (orinoco_mic_init(priv)) {
3453 printk(KERN_ERR "%s: Failed to setup MIC crypto "
3454 "algorithm. Disabling WPA support\n", dev->name);
3455 priv->has_wpa = 0;
3456 }
3457 }
3458
3459 /* Now we have the firmware capabilities, allocate appropiate
3460 * sized scan buffers */
3461 if (orinoco_bss_data_allocate(priv))
3462 goto out;
3463 orinoco_bss_data_init(priv);
3464
3465 /* Get the MAC address */
3466 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
3467 ETH_ALEN, NULL, dev->dev_addr);
3468 if (err) {
3469 printk(KERN_WARNING "%s: failed to read MAC address!\n",
3470 dev->name);
3471 goto out;
3472 }
3473
3474 printk(KERN_DEBUG "%s: MAC address %pM\n",
3475 dev->name, dev->dev_addr);
3476
3477 /* Get the station name */
3478 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CNFOWNNAME,
3479 sizeof(nickbuf), &reclen, &nickbuf);
3480 if (err) {
3481 printk(KERN_ERR "%s: failed to read station name\n",
3482 dev->name);
3483 goto out;
3484 }
3485 if (nickbuf.len)
3486 len = min(IW_ESSID_MAX_SIZE, (int)le16_to_cpu(nickbuf.len));
3487 else
3488 len = min(IW_ESSID_MAX_SIZE, 2 * reclen);
3489 memcpy(priv->nick, &nickbuf.val, len);
3490 priv->nick[len] = '\0';
3491
3492 printk(KERN_DEBUG "%s: Station name \"%s\"\n", dev->name, priv->nick);
3493
3494 err = orinoco_allocate_fid(dev);
3495 if (err) {
3496 printk(KERN_ERR "%s: failed to allocate NIC buffer!\n",
3497 dev->name);
3498 goto out;
3499 }
3500
3501 /* Get allowed channels */
3502 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CHANNELLIST,
3503 &priv->channel_mask);
3504 if (err) {
3505 printk(KERN_ERR "%s: failed to read channel list!\n",
3506 dev->name);
3507 goto out;
3508 }
3509
3510 /* Get initial AP density */
3511 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFSYSTEMSCALE,
3512 &priv->ap_density);
3513 if (err || priv->ap_density < 1 || priv->ap_density > 3)
3514 priv->has_sensitivity = 0;
3515
3516 /* Get initial RTS threshold */
3517 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFRTSTHRESHOLD,
3518 &priv->rts_thresh);
3519 if (err) {
3520 printk(KERN_ERR "%s: failed to read RTS threshold!\n",
3521 dev->name);
3522 goto out;
3523 }
3524
3525 /* Get initial fragmentation settings */
3526 if (priv->has_mwo)
3527 err = hermes_read_wordrec(hw, USER_BAP,
3528 HERMES_RID_CNFMWOROBUST_AGERE,
3529 &priv->mwo_robust);
3530 else
3531 err = hermes_read_wordrec(hw, USER_BAP,
3532 HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
3533 &priv->frag_thresh);
3534 if (err) {
3535 printk(KERN_ERR "%s: failed to read fragmentation settings!\n",
3536 dev->name);
3537 goto out;
3538 }
3539
3540 /* Power management setup */
3541 if (priv->has_pm) {
3542 priv->pm_on = 0;
3543 priv->pm_mcast = 1;
3544 err = hermes_read_wordrec(hw, USER_BAP,
3545 HERMES_RID_CNFMAXSLEEPDURATION,
3546 &priv->pm_period);
3547 if (err) {
3548 printk(KERN_ERR "%s: failed to read power management period!\n",
3549 dev->name);
3550 goto out;
3551 }
3552 err = hermes_read_wordrec(hw, USER_BAP,
3553 HERMES_RID_CNFPMHOLDOVERDURATION,
3554 &priv->pm_timeout);
3555 if (err) {
3556 printk(KERN_ERR "%s: failed to read power management timeout!\n",
3557 dev->name);
3558 goto out;
3559 }
3560 }
3561
3562 /* Preamble setup */
3563 if (priv->has_preamble) {
3564 err = hermes_read_wordrec(hw, USER_BAP,
3565 HERMES_RID_CNFPREAMBLE_SYMBOL,
3566 &priv->preamble);
3567 if (err)
3568 goto out;
3569 }
3570
3571 /* Set up the default configuration */
3572 priv->iw_mode = IW_MODE_INFRA;
3573 /* By default use IEEE/IBSS ad-hoc mode if we have it */
3574 priv->prefer_port3 = priv->has_port3 && (!priv->has_ibss);
3575 set_port_type(priv);
3576 priv->channel = 0; /* use firmware default */
3577
3578 priv->promiscuous = 0;
3579 priv->encode_alg = IW_ENCODE_ALG_NONE;
3580 priv->tx_key = 0;
3581 priv->wpa_enabled = 0;
3582 priv->tkip_cm_active = 0;
3583 priv->key_mgmt = 0;
3584 priv->wpa_ie_len = 0;
3585 priv->wpa_ie = NULL;
3586
3587 /* Make the hardware available, as long as it hasn't been
3588 * removed elsewhere (e.g. by PCMCIA hot unplug) */
3589 spin_lock_irq(&priv->lock);
3590 priv->hw_unavailable--;
3591 spin_unlock_irq(&priv->lock);
3592
3593 printk(KERN_DEBUG "%s: ready\n", dev->name);
3594
3595 out:
3596 return err;
3597}
3598
3599static const struct net_device_ops orinoco_netdev_ops = {
3600 .ndo_init = orinoco_init,
3601 .ndo_open = orinoco_open,
3602 .ndo_stop = orinoco_stop,
3603 .ndo_start_xmit = orinoco_xmit,
3604 .ndo_set_multicast_list = orinoco_set_multicast_list,
3605 .ndo_change_mtu = orinoco_change_mtu,
3606 .ndo_tx_timeout = orinoco_tx_timeout,
3607 .ndo_get_stats = orinoco_get_stats,
3608};
3609
3610struct net_device
3611*alloc_orinocodev(int sizeof_card,
3612 struct device *device,
3613 int (*hard_reset)(struct orinoco_private *),
3614 int (*stop_fw)(struct orinoco_private *, int))
3615{
3616 struct net_device *dev;
3617 struct orinoco_private *priv;
3618
3619 dev = alloc_etherdev(sizeof(struct orinoco_private) + sizeof_card);
3620 if (!dev)
3621 return NULL;
3622 priv = netdev_priv(dev);
3623 priv->ndev = dev;
3624 if (sizeof_card)
3625 priv->card = (void *)((unsigned long)priv
3626 + sizeof(struct orinoco_private));
3627 else
3628 priv->card = NULL;
3629 priv->dev = device;
3630
3631 /* Setup / override net_device fields */
3632 dev->netdev_ops = &orinoco_netdev_ops;
3633 dev->watchdog_timeo = HZ; /* 1 second timeout */
3634 dev->ethtool_ops = &orinoco_ethtool_ops;
3635 dev->wireless_handlers = &orinoco_handler_def;
3636#ifdef WIRELESS_SPY
3637 priv->wireless_data.spy_data = &priv->spy_data;
3638 dev->wireless_data = &priv->wireless_data;
3639#endif
3640 /* we use the default eth_mac_addr for setting the MAC addr */
3641
3642 /* Reserve space in skb for the SNAP header */
3643 dev->hard_header_len += ENCAPS_OVERHEAD;
3644
3645 /* Set up default callbacks */
3646 priv->hard_reset = hard_reset;
3647 priv->stop_fw = stop_fw;
3648
3649 spin_lock_init(&priv->lock);
3650 priv->open = 0;
3651 priv->hw_unavailable = 1; /* orinoco_init() must clear this
3652 * before anything else touches the
3653 * hardware */
3654 INIT_WORK(&priv->reset_work, orinoco_reset);
3655 INIT_WORK(&priv->join_work, orinoco_join_ap);
3656 INIT_WORK(&priv->wevent_work, orinoco_send_wevents);
3657
3658 INIT_LIST_HEAD(&priv->rx_list);
3659 tasklet_init(&priv->rx_tasklet, orinoco_rx_isr_tasklet,
3660 (unsigned long) dev);
3661
3662 netif_carrier_off(dev);
3663 priv->last_linkstatus = 0xffff;
3664
3665 priv->cached_pri_fw = NULL;
3666 priv->cached_fw = NULL;
3667
3668 /* Register PM notifiers */
3669 priv->pm_notifier.notifier_call = orinoco_pm_notifier;
3670 register_pm_notifier(&priv->pm_notifier);
3671
3672 return dev;
3673}
3674EXPORT_SYMBOL(alloc_orinocodev);
3675
3676void free_orinocodev(struct net_device *dev)
3677{
3678 struct orinoco_private *priv = netdev_priv(dev);
3679 struct orinoco_rx_data *rx_data, *temp;
3680
3681 /* If the tasklet is scheduled when we call tasklet_kill it
3682 * will run one final time. However the tasklet will only
3683 * drain priv->rx_list if the hw is still available. */
3684 tasklet_kill(&priv->rx_tasklet);
3685
3686 /* Explicitly drain priv->rx_list */
3687 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
3688 list_del(&rx_data->list);
3689
3690 dev_kfree_skb(rx_data->skb);
3691 kfree(rx_data->desc);
3692 kfree(rx_data);
3693 }
3694
3695 unregister_pm_notifier(&priv->pm_notifier);
3696 orinoco_uncache_fw(priv);
3697
3698 priv->wpa_ie_len = 0;
3699 kfree(priv->wpa_ie);
3700 orinoco_mic_free(priv);
3701 orinoco_bss_data_free(priv);
3702 free_netdev(dev);
3703}
3704EXPORT_SYMBOL(free_orinocodev);
3705
3706/********************************************************************/
3707/* Wireless extensions */
3708/********************************************************************/
3709
3710/* Return : < 0 -> error code ; >= 0 -> length */
3711static int orinoco_hw_get_essid(struct orinoco_private *priv, int *active,
3712 char buf[IW_ESSID_MAX_SIZE+1])
3713{
3714 hermes_t *hw = &priv->hw;
3715 int err = 0;
3716 struct hermes_idstring essidbuf;
3717 char *p = (char *)(&essidbuf.val);
3718 int len;
3719 unsigned long flags;
3720
3721 if (orinoco_lock(priv, &flags) != 0)
3722 return -EBUSY;
3723
3724 if (strlen(priv->desired_essid) > 0) {
3725 /* We read the desired SSID from the hardware rather
3726 than from priv->desired_essid, just in case the
3727 firmware is allowed to change it on us. I'm not
3728 sure about this */
3729 /* My guess is that the OWNSSID should always be whatever
3730 * we set to the card, whereas CURRENT_SSID is the one that
3731 * may change... - Jean II */
3732 u16 rid;
3733
3734 *active = 1;
3735
3736 rid = (priv->port_type == 3) ? HERMES_RID_CNFOWNSSID :
3737 HERMES_RID_CNFDESIREDSSID;
3738
3739 err = hermes_read_ltv(hw, USER_BAP, rid, sizeof(essidbuf),
3740 NULL, &essidbuf);
3741 if (err)
3742 goto fail_unlock;
3743 } else {
3744 *active = 0;
3745
3746 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTSSID,
3747 sizeof(essidbuf), NULL, &essidbuf);
3748 if (err)
3749 goto fail_unlock;
3750 }
3751
3752 len = le16_to_cpu(essidbuf.len);
3753 BUG_ON(len > IW_ESSID_MAX_SIZE);
3754
3755 memset(buf, 0, IW_ESSID_MAX_SIZE);
3756 memcpy(buf, p, len);
3757 err = len;
3758
3759 fail_unlock:
3760 orinoco_unlock(priv, &flags);
3761
3762 return err;
3763}
3764
3765static int orinoco_hw_get_freq(struct orinoco_private *priv)
3766{
3767
3768 hermes_t *hw = &priv->hw;
3769 int err = 0;
3770 u16 channel;
3771 int freq = 0;
3772 unsigned long flags;
3773
3774 if (orinoco_lock(priv, &flags) != 0)
3775 return -EBUSY;
3776
3777 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CURRENTCHANNEL,
3778 &channel);
3779 if (err)
3780 goto out;
3781
3782 /* Intersil firmware 1.3.5 returns 0 when the interface is down */
3783 if (channel == 0) {
3784 err = -EBUSY;
3785 goto out;
3786 }
3787
3788 if ((channel < 1) || (channel > NUM_CHANNELS)) {
3789 printk(KERN_WARNING "%s: Channel out of range (%d)!\n",
3790 priv->ndev->name, channel);
3791 err = -EBUSY;
3792 goto out;
3793
3794 }
3795 freq = ieee80211_dsss_chan_to_freq(channel);
3796
3797 out:
3798 orinoco_unlock(priv, &flags);
3799
3800 if (err > 0)
3801 err = -EBUSY;
3802 return err ? err : freq;
3803}
3804
3805static int orinoco_hw_get_bitratelist(struct orinoco_private *priv,
3806 int *numrates, s32 *rates, int max)
3807{
3808 hermes_t *hw = &priv->hw;
3809 struct hermes_idstring list;
3810 unsigned char *p = (unsigned char *)&list.val;
3811 int err = 0;
3812 int num;
3813 int i;
3814 unsigned long flags;
3815
3816 if (orinoco_lock(priv, &flags) != 0)
3817 return -EBUSY;
3818
3819 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_SUPPORTEDDATARATES,
3820 sizeof(list), NULL, &list);
3821 orinoco_unlock(priv, &flags);
3822
3823 if (err)
3824 return err;
3825
3826 num = le16_to_cpu(list.len);
3827 *numrates = num;
3828 num = min(num, max);
3829
3830 for (i = 0; i < num; i++)
3831 rates[i] = (p[i] & 0x7f) * 500000; /* convert to bps */
3832
3833 return 0;
3834}
3835
3836static int orinoco_ioctl_getname(struct net_device *dev,
3837 struct iw_request_info *info,
3838 char *name,
3839 char *extra)
3840{
3841 struct orinoco_private *priv = netdev_priv(dev);
3842 int numrates;
3843 int err;
3844
3845 err = orinoco_hw_get_bitratelist(priv, &numrates, NULL, 0);
3846
3847 if (!err && (numrates > 2))
3848 strcpy(name, "IEEE 802.11b");
3849 else
3850 strcpy(name, "IEEE 802.11-DS");
3851
3852 return 0;
3853}
3854
3855static int orinoco_ioctl_setwap(struct net_device *dev,
3856 struct iw_request_info *info,
3857 struct sockaddr *ap_addr,
3858 char *extra)
3859{
3860 struct orinoco_private *priv = netdev_priv(dev);
3861 int err = -EINPROGRESS; /* Call commit handler */
3862 unsigned long flags;
3863 static const u8 off_addr[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
3864 static const u8 any_addr[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
3865
3866 if (orinoco_lock(priv, &flags) != 0)
3867 return -EBUSY;
3868
3869 /* Enable automatic roaming - no sanity checks are needed */
3870 if (memcmp(&ap_addr->sa_data, off_addr, ETH_ALEN) == 0 ||
3871 memcmp(&ap_addr->sa_data, any_addr, ETH_ALEN) == 0) {
3872 priv->bssid_fixed = 0;
3873 memset(priv->desired_bssid, 0, ETH_ALEN);
3874
3875 /* "off" means keep existing connection */
3876 if (ap_addr->sa_data[0] == 0) {
3877 __orinoco_hw_set_wap(priv);
3878 err = 0;
3879 }
3880 goto out;
3881 }
3882
3883 if (priv->firmware_type == FIRMWARE_TYPE_AGERE) {
3884 printk(KERN_WARNING "%s: Lucent/Agere firmware doesn't "
3885 "support manual roaming\n",
3886 dev->name);
3887 err = -EOPNOTSUPP;
3888 goto out;
3889 }
3890
3891 if (priv->iw_mode != IW_MODE_INFRA) {
3892 printk(KERN_WARNING "%s: Manual roaming supported only in "
3893 "managed mode\n", dev->name);
3894 err = -EOPNOTSUPP;
3895 goto out;
3896 }
3897
3898 /* Intersil firmware hangs without Desired ESSID */
3899 if (priv->firmware_type == FIRMWARE_TYPE_INTERSIL &&
3900 strlen(priv->desired_essid) == 0) {
3901 printk(KERN_WARNING "%s: Desired ESSID must be set for "
3902 "manual roaming\n", dev->name);
3903 err = -EOPNOTSUPP;
3904 goto out;
3905 }
3906
3907 /* Finally, enable manual roaming */
3908 priv->bssid_fixed = 1;
3909 memcpy(priv->desired_bssid, &ap_addr->sa_data, ETH_ALEN);
3910
3911 out:
3912 orinoco_unlock(priv, &flags);
3913 return err;
3914}
3915
3916static int orinoco_ioctl_getwap(struct net_device *dev,
3917 struct iw_request_info *info,
3918 struct sockaddr *ap_addr,
3919 char *extra)
3920{
3921 struct orinoco_private *priv = netdev_priv(dev);
3922
3923 hermes_t *hw = &priv->hw;
3924 int err = 0;
3925 unsigned long flags;
3926
3927 if (orinoco_lock(priv, &flags) != 0)
3928 return -EBUSY;
3929
3930 ap_addr->sa_family = ARPHRD_ETHER;
3931 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTBSSID,
3932 ETH_ALEN, NULL, ap_addr->sa_data);
3933
3934 orinoco_unlock(priv, &flags);
3935
3936 return err;
3937}
3938
3939static int orinoco_ioctl_setmode(struct net_device *dev,
3940 struct iw_request_info *info,
3941 u32 *mode,
3942 char *extra)
3943{
3944 struct orinoco_private *priv = netdev_priv(dev);
3945 int err = -EINPROGRESS; /* Call commit handler */
3946 unsigned long flags;
3947
3948 if (priv->iw_mode == *mode)
3949 return 0;
3950
3951 if (orinoco_lock(priv, &flags) != 0)
3952 return -EBUSY;
3953
3954 switch (*mode) {
3955 case IW_MODE_ADHOC:
3956 if (!priv->has_ibss && !priv->has_port3)
3957 err = -EOPNOTSUPP;
3958 break;
3959
3960 case IW_MODE_INFRA:
3961 break;
3962
3963 case IW_MODE_MONITOR:
3964 if (priv->broken_monitor && !force_monitor) {
3965 printk(KERN_WARNING "%s: Monitor mode support is "
3966 "buggy in this firmware, not enabling\n",
3967 dev->name);
3968 err = -EOPNOTSUPP;
3969 }
3970 break;
3971
3972 default:
3973 err = -EOPNOTSUPP;
3974 break;
3975 }
3976
3977 if (err == -EINPROGRESS) {
3978 priv->iw_mode = *mode;
3979 set_port_type(priv);
3980 }
3981
3982 orinoco_unlock(priv, &flags);
3983
3984 return err;
3985}
3986
3987static int orinoco_ioctl_getmode(struct net_device *dev,
3988 struct iw_request_info *info,
3989 u32 *mode,
3990 char *extra)
3991{
3992 struct orinoco_private *priv = netdev_priv(dev);
3993
3994 *mode = priv->iw_mode;
3995 return 0;
3996}
3997
3998static int orinoco_ioctl_getiwrange(struct net_device *dev,
3999 struct iw_request_info *info,
4000 struct iw_point *rrq,
4001 char *extra)
4002{
4003 struct orinoco_private *priv = netdev_priv(dev);
4004 int err = 0;
4005 struct iw_range *range = (struct iw_range *) extra;
4006 int numrates;
4007 int i, k;
4008
4009 rrq->length = sizeof(struct iw_range);
4010 memset(range, 0, sizeof(struct iw_range));
4011
4012 range->we_version_compiled = WIRELESS_EXT;
4013 range->we_version_source = 22;
4014
4015 /* Set available channels/frequencies */
4016 range->num_channels = NUM_CHANNELS;
4017 k = 0;
4018 for (i = 0; i < NUM_CHANNELS; i++) {
4019 if (priv->channel_mask & (1 << i)) {
4020 range->freq[k].i = i + 1;
4021 range->freq[k].m = (ieee80211_dsss_chan_to_freq(i + 1) *
4022 100000);
4023 range->freq[k].e = 1;
4024 k++;
4025 }
4026
4027 if (k >= IW_MAX_FREQUENCIES)
4028 break;
4029 }
4030 range->num_frequency = k;
4031 range->sensitivity = 3;
4032
4033 if (priv->has_wep) {
4034 range->max_encoding_tokens = ORINOCO_MAX_KEYS;
4035 range->encoding_size[0] = SMALL_KEY_SIZE;
4036 range->num_encoding_sizes = 1;
4037
4038 if (priv->has_big_wep) {
4039 range->encoding_size[1] = LARGE_KEY_SIZE;
4040 range->num_encoding_sizes = 2;
4041 }
4042 }
4043
4044 if (priv->has_wpa)
4045 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_CIPHER_TKIP;
4046
4047 if ((priv->iw_mode == IW_MODE_ADHOC) && (!SPY_NUMBER(priv))) {
4048 /* Quality stats meaningless in ad-hoc mode */
4049 } else {
4050 range->max_qual.qual = 0x8b - 0x2f;
4051 range->max_qual.level = 0x2f - 0x95 - 1;
4052 range->max_qual.noise = 0x2f - 0x95 - 1;
4053 /* Need to get better values */
4054 range->avg_qual.qual = 0x24;
4055 range->avg_qual.level = 0xC2;
4056 range->avg_qual.noise = 0x9E;
4057 }
4058
4059 err = orinoco_hw_get_bitratelist(priv, &numrates,
4060 range->bitrate, IW_MAX_BITRATES);
4061 if (err)
4062 return err;
4063 range->num_bitrates = numrates;
4064
4065 /* Set an indication of the max TCP throughput in bit/s that we can
4066 * expect using this interface. May be use for QoS stuff...
4067 * Jean II */
4068 if (numrates > 2)
4069 range->throughput = 5 * 1000 * 1000; /* ~5 Mb/s */
4070 else
4071 range->throughput = 1.5 * 1000 * 1000; /* ~1.5 Mb/s */
4072
4073 range->min_rts = 0;
4074 range->max_rts = 2347;
4075 range->min_frag = 256;
4076 range->max_frag = 2346;
4077
4078 range->min_pmp = 0;
4079 range->max_pmp = 65535000;
4080 range->min_pmt = 0;
4081 range->max_pmt = 65535 * 1000; /* ??? */
4082 range->pmp_flags = IW_POWER_PERIOD;
4083 range->pmt_flags = IW_POWER_TIMEOUT;
4084 range->pm_capa = (IW_POWER_PERIOD | IW_POWER_TIMEOUT |
4085 IW_POWER_UNICAST_R);
4086
4087 range->retry_capa = IW_RETRY_LIMIT | IW_RETRY_LIFETIME;
4088 range->retry_flags = IW_RETRY_LIMIT;
4089 range->r_time_flags = IW_RETRY_LIFETIME;
4090 range->min_retry = 0;
4091 range->max_retry = 65535; /* ??? */
4092 range->min_r_time = 0;
4093 range->max_r_time = 65535 * 1000; /* ??? */
4094
4095 if (priv->firmware_type == FIRMWARE_TYPE_AGERE)
4096 range->scan_capa = IW_SCAN_CAPA_ESSID;
4097 else
4098 range->scan_capa = IW_SCAN_CAPA_NONE;
4099
4100 /* Event capability (kernel) */
4101 IW_EVENT_CAPA_SET_KERNEL(range->event_capa);
4102 /* Event capability (driver) */
4103 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWTHRSPY);
4104 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
4105 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
4106 IW_EVENT_CAPA_SET(range->event_capa, IWEVTXDROP);
4107
4108 return 0;
4109}
4110
4111static int orinoco_ioctl_setiwencode(struct net_device *dev,
4112 struct iw_request_info *info,
4113 struct iw_point *erq,
4114 char *keybuf)
4115{
4116 struct orinoco_private *priv = netdev_priv(dev);
4117 int index = (erq->flags & IW_ENCODE_INDEX) - 1;
4118 int setindex = priv->tx_key;
4119 int encode_alg = priv->encode_alg;
4120 int restricted = priv->wep_restrict;
4121 u16 xlen = 0;
4122 int err = -EINPROGRESS; /* Call commit handler */
4123 unsigned long flags;
4124
4125 if (!priv->has_wep)
4126 return -EOPNOTSUPP;
4127
4128 if (erq->pointer) {
4129 /* We actually have a key to set - check its length */
4130 if (erq->length > LARGE_KEY_SIZE)
4131 return -E2BIG;
4132
4133 if ((erq->length > SMALL_KEY_SIZE) && !priv->has_big_wep)
4134 return -E2BIG;
4135 }
4136
4137 if (orinoco_lock(priv, &flags) != 0)
4138 return -EBUSY;
4139
4140 /* Clear any TKIP key we have */
4141 if ((priv->has_wpa) && (priv->encode_alg == IW_ENCODE_ALG_TKIP))
4142 (void) orinoco_clear_tkip_key(priv, setindex);
4143
4144 if (erq->length > 0) {
4145 if ((index < 0) || (index >= ORINOCO_MAX_KEYS))
4146 index = priv->tx_key;
4147
4148 /* Adjust key length to a supported value */
4149 if (erq->length > SMALL_KEY_SIZE)
4150 xlen = LARGE_KEY_SIZE;
4151 else if (erq->length > 0)
4152 xlen = SMALL_KEY_SIZE;
4153 else
4154 xlen = 0;
4155
4156 /* Switch on WEP if off */
4157 if ((encode_alg != IW_ENCODE_ALG_WEP) && (xlen > 0)) {
4158 setindex = index;
4159 encode_alg = IW_ENCODE_ALG_WEP;
4160 }
4161 } else {
4162 /* Important note : if the user do "iwconfig eth0 enc off",
4163 * we will arrive there with an index of -1. This is valid
4164 * but need to be taken care off... Jean II */
4165 if ((index < 0) || (index >= ORINOCO_MAX_KEYS)) {
4166 if ((index != -1) || (erq->flags == 0)) {
4167 err = -EINVAL;
4168 goto out;
4169 }
4170 } else {
4171 /* Set the index : Check that the key is valid */
4172 if (priv->keys[index].len == 0) {
4173 err = -EINVAL;
4174 goto out;
4175 }
4176 setindex = index;
4177 }
4178 }
4179
4180 if (erq->flags & IW_ENCODE_DISABLED)
4181 encode_alg = IW_ENCODE_ALG_NONE;
4182 if (erq->flags & IW_ENCODE_OPEN)
4183 restricted = 0;
4184 if (erq->flags & IW_ENCODE_RESTRICTED)
4185 restricted = 1;
4186
4187 if (erq->pointer && erq->length > 0) {
4188 priv->keys[index].len = cpu_to_le16(xlen);
4189 memset(priv->keys[index].data, 0,
4190 sizeof(priv->keys[index].data));
4191 memcpy(priv->keys[index].data, keybuf, erq->length);
4192 }
4193 priv->tx_key = setindex;
4194
4195 /* Try fast key change if connected and only keys are changed */
4196 if ((priv->encode_alg == encode_alg) &&
4197 (priv->wep_restrict == restricted) &&
4198 netif_carrier_ok(dev)) {
4199 err = __orinoco_hw_setup_wepkeys(priv);
4200 /* No need to commit if successful */
4201 goto out;
4202 }
4203
4204 priv->encode_alg = encode_alg;
4205 priv->wep_restrict = restricted;
4206
4207 out:
4208 orinoco_unlock(priv, &flags);
4209
4210 return err;
4211}
4212
4213static int orinoco_ioctl_getiwencode(struct net_device *dev,
4214 struct iw_request_info *info,
4215 struct iw_point *erq,
4216 char *keybuf)
4217{
4218 struct orinoco_private *priv = netdev_priv(dev);
4219 int index = (erq->flags & IW_ENCODE_INDEX) - 1;
4220 u16 xlen = 0;
4221 unsigned long flags;
4222
4223 if (!priv->has_wep)
4224 return -EOPNOTSUPP;
4225
4226 if (orinoco_lock(priv, &flags) != 0)
4227 return -EBUSY;
4228
4229 if ((index < 0) || (index >= ORINOCO_MAX_KEYS))
4230 index = priv->tx_key;
4231
4232 erq->flags = 0;
4233 if (!priv->encode_alg)
4234 erq->flags |= IW_ENCODE_DISABLED;
4235 erq->flags |= index + 1;
4236
4237 if (priv->wep_restrict)
4238 erq->flags |= IW_ENCODE_RESTRICTED;
4239 else
4240 erq->flags |= IW_ENCODE_OPEN;
4241
4242 xlen = le16_to_cpu(priv->keys[index].len);
4243
4244 erq->length = xlen;
4245
4246 memcpy(keybuf, priv->keys[index].data, ORINOCO_MAX_KEY_SIZE);
4247
4248 orinoco_unlock(priv, &flags);
4249 return 0;
4250}
4251
4252static int orinoco_ioctl_setessid(struct net_device *dev,
4253 struct iw_request_info *info,
4254 struct iw_point *erq,
4255 char *essidbuf)
4256{
4257 struct orinoco_private *priv = netdev_priv(dev);
4258 unsigned long flags;
4259
4260 /* Note : ESSID is ignored in Ad-Hoc demo mode, but we can set it
4261 * anyway... - Jean II */
4262
4263 /* Hum... Should not use Wireless Extension constant (may change),
4264 * should use our own... - Jean II */
4265 if (erq->length > IW_ESSID_MAX_SIZE)
4266 return -E2BIG;
4267
4268 if (orinoco_lock(priv, &flags) != 0)
4269 return -EBUSY;
4270
4271 /* NULL the string (for NULL termination & ESSID = ANY) - Jean II */
4272 memset(priv->desired_essid, 0, sizeof(priv->desired_essid));
4273
4274 /* If not ANY, get the new ESSID */
4275 if (erq->flags)
4276 memcpy(priv->desired_essid, essidbuf, erq->length);
4277
4278 orinoco_unlock(priv, &flags);
4279
4280 return -EINPROGRESS; /* Call commit handler */
4281}
4282
4283static int orinoco_ioctl_getessid(struct net_device *dev,
4284 struct iw_request_info *info,
4285 struct iw_point *erq,
4286 char *essidbuf)
4287{
4288 struct orinoco_private *priv = netdev_priv(dev);
4289 int active;
4290 int err = 0;
4291 unsigned long flags;
4292
4293 if (netif_running(dev)) {
4294 err = orinoco_hw_get_essid(priv, &active, essidbuf);
4295 if (err < 0)
4296 return err;
4297 erq->length = err;
4298 } else {
4299 if (orinoco_lock(priv, &flags) != 0)
4300 return -EBUSY;
4301 memcpy(essidbuf, priv->desired_essid, IW_ESSID_MAX_SIZE);
4302 erq->length = strlen(priv->desired_essid);
4303 orinoco_unlock(priv, &flags);
4304 }
4305
4306 erq->flags = 1;
4307
4308 return 0;
4309}
4310
4311static int orinoco_ioctl_setnick(struct net_device *dev,
4312 struct iw_request_info *info,
4313 struct iw_point *nrq,
4314 char *nickbuf)
4315{
4316 struct orinoco_private *priv = netdev_priv(dev);
4317 unsigned long flags;
4318
4319 if (nrq->length > IW_ESSID_MAX_SIZE)
4320 return -E2BIG;
4321
4322 if (orinoco_lock(priv, &flags) != 0)
4323 return -EBUSY;
4324
4325 memset(priv->nick, 0, sizeof(priv->nick));
4326 memcpy(priv->nick, nickbuf, nrq->length);
4327
4328 orinoco_unlock(priv, &flags);
4329
4330 return -EINPROGRESS; /* Call commit handler */
4331}
4332
4333static int orinoco_ioctl_getnick(struct net_device *dev,
4334 struct iw_request_info *info,
4335 struct iw_point *nrq,
4336 char *nickbuf)
4337{
4338 struct orinoco_private *priv = netdev_priv(dev);
4339 unsigned long flags;
4340
4341 if (orinoco_lock(priv, &flags) != 0)
4342 return -EBUSY;
4343
4344 memcpy(nickbuf, priv->nick, IW_ESSID_MAX_SIZE);
4345 orinoco_unlock(priv, &flags);
4346
4347 nrq->length = strlen(priv->nick);
4348
4349 return 0;
4350}
4351
4352static int orinoco_ioctl_setfreq(struct net_device *dev,
4353 struct iw_request_info *info,
4354 struct iw_freq *frq,
4355 char *extra)
4356{
4357 struct orinoco_private *priv = netdev_priv(dev);
4358 int chan = -1;
4359 unsigned long flags;
4360 int err = -EINPROGRESS; /* Call commit handler */
4361
4362 /* In infrastructure mode the AP sets the channel */
4363 if (priv->iw_mode == IW_MODE_INFRA)
4364 return -EBUSY;
4365
4366 if ((frq->e == 0) && (frq->m <= 1000)) {
4367 /* Setting by channel number */
4368 chan = frq->m;
4369 } else {
4370 /* Setting by frequency */
4371 int denom = 1;
4372 int i;
4373
4374 /* Calculate denominator to rescale to MHz */
4375 for (i = 0; i < (6 - frq->e); i++)
4376 denom *= 10;
4377
4378 chan = ieee80211_freq_to_dsss_chan(frq->m / denom);
4379 }
4380
4381 if ((chan < 1) || (chan > NUM_CHANNELS) ||
4382 !(priv->channel_mask & (1 << (chan-1))))
4383 return -EINVAL;
4384
4385 if (orinoco_lock(priv, &flags) != 0)
4386 return -EBUSY;
4387
4388 priv->channel = chan;
4389 if (priv->iw_mode == IW_MODE_MONITOR) {
4390 /* Fast channel change - no commit if successful */
4391 hermes_t *hw = &priv->hw;
4392 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
4393 HERMES_TEST_SET_CHANNEL,
4394 chan, NULL);
4395 }
4396 orinoco_unlock(priv, &flags);
4397
4398 return err;
4399}
4400
4401static int orinoco_ioctl_getfreq(struct net_device *dev,
4402 struct iw_request_info *info,
4403 struct iw_freq *frq,
4404 char *extra)
4405{
4406 struct orinoco_private *priv = netdev_priv(dev);
4407 int tmp;
4408
4409 /* Locking done in there */
4410 tmp = orinoco_hw_get_freq(priv);
4411 if (tmp < 0)
4412 return tmp;
4413
4414 frq->m = tmp * 100000;
4415 frq->e = 1;
4416
4417 return 0;
4418}
4419
4420static int orinoco_ioctl_getsens(struct net_device *dev,
4421 struct iw_request_info *info,
4422 struct iw_param *srq,
4423 char *extra)
4424{
4425 struct orinoco_private *priv = netdev_priv(dev);
4426 hermes_t *hw = &priv->hw;
4427 u16 val;
4428 int err;
4429 unsigned long flags;
4430
4431 if (!priv->has_sensitivity)
4432 return -EOPNOTSUPP;
4433
4434 if (orinoco_lock(priv, &flags) != 0)
4435 return -EBUSY;
4436 err = hermes_read_wordrec(hw, USER_BAP,
4437 HERMES_RID_CNFSYSTEMSCALE, &val);
4438 orinoco_unlock(priv, &flags);
4439
4440 if (err)
4441 return err;
4442
4443 srq->value = val;
4444 srq->fixed = 0; /* auto */
4445
4446 return 0;
4447}
4448
4449static int orinoco_ioctl_setsens(struct net_device *dev,
4450 struct iw_request_info *info,
4451 struct iw_param *srq,
4452 char *extra)
4453{
4454 struct orinoco_private *priv = netdev_priv(dev);
4455 int val = srq->value;
4456 unsigned long flags;
4457
4458 if (!priv->has_sensitivity)
4459 return -EOPNOTSUPP;
4460
4461 if ((val < 1) || (val > 3))
4462 return -EINVAL;
4463
4464 if (orinoco_lock(priv, &flags) != 0)
4465 return -EBUSY;
4466 priv->ap_density = val;
4467 orinoco_unlock(priv, &flags);
4468
4469 return -EINPROGRESS; /* Call commit handler */
4470}
4471
4472static int orinoco_ioctl_setrts(struct net_device *dev,
4473 struct iw_request_info *info,
4474 struct iw_param *rrq,
4475 char *extra)
4476{
4477 struct orinoco_private *priv = netdev_priv(dev);
4478 int val = rrq->value;
4479 unsigned long flags;
4480
4481 if (rrq->disabled)
4482 val = 2347;
4483
4484 if ((val < 0) || (val > 2347))
4485 return -EINVAL;
4486
4487 if (orinoco_lock(priv, &flags) != 0)
4488 return -EBUSY;
4489
4490 priv->rts_thresh = val;
4491 orinoco_unlock(priv, &flags);
4492
4493 return -EINPROGRESS; /* Call commit handler */
4494}
4495
4496static int orinoco_ioctl_getrts(struct net_device *dev,
4497 struct iw_request_info *info,
4498 struct iw_param *rrq,
4499 char *extra)
4500{
4501 struct orinoco_private *priv = netdev_priv(dev);
4502
4503 rrq->value = priv->rts_thresh;
4504 rrq->disabled = (rrq->value == 2347);
4505 rrq->fixed = 1;
4506
4507 return 0;
4508}
4509
4510static int orinoco_ioctl_setfrag(struct net_device *dev,
4511 struct iw_request_info *info,
4512 struct iw_param *frq,
4513 char *extra)
4514{
4515 struct orinoco_private *priv = netdev_priv(dev);
4516 int err = -EINPROGRESS; /* Call commit handler */
4517 unsigned long flags;
4518
4519 if (orinoco_lock(priv, &flags) != 0)
4520 return -EBUSY;
4521
4522 if (priv->has_mwo) {
4523 if (frq->disabled)
4524 priv->mwo_robust = 0;
4525 else {
4526 if (frq->fixed)
4527 printk(KERN_WARNING "%s: Fixed fragmentation "
4528 "is not supported on this firmware. "
4529 "Using MWO robust instead.\n",
4530 dev->name);
4531 priv->mwo_robust = 1;
4532 }
4533 } else {
4534 if (frq->disabled)
4535 priv->frag_thresh = 2346;
4536 else {
4537 if ((frq->value < 256) || (frq->value > 2346))
4538 err = -EINVAL;
4539 else
4540 /* must be even */
4541 priv->frag_thresh = frq->value & ~0x1;
4542 }
4543 }
4544
4545 orinoco_unlock(priv, &flags);
4546
4547 return err;
4548}
4549
4550static int orinoco_ioctl_getfrag(struct net_device *dev,
4551 struct iw_request_info *info,
4552 struct iw_param *frq,
4553 char *extra)
4554{
4555 struct orinoco_private *priv = netdev_priv(dev);
4556 hermes_t *hw = &priv->hw;
4557 int err;
4558 u16 val;
4559 unsigned long flags;
4560
4561 if (orinoco_lock(priv, &flags) != 0)
4562 return -EBUSY;
4563
4564 if (priv->has_mwo) {
4565 err = hermes_read_wordrec(hw, USER_BAP,
4566 HERMES_RID_CNFMWOROBUST_AGERE,
4567 &val);
4568 if (err)
4569 val = 0;
4570
4571 frq->value = val ? 2347 : 0;
4572 frq->disabled = !val;
4573 frq->fixed = 0;
4574 } else {
4575 err = hermes_read_wordrec(hw, USER_BAP,
4576 HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
4577 &val);
4578 if (err)
4579 val = 0;
4580
4581 frq->value = val;
4582 frq->disabled = (val >= 2346);
4583 frq->fixed = 1;
4584 }
4585
4586 orinoco_unlock(priv, &flags);
4587
4588 return err;
4589}
4590
4591static int orinoco_ioctl_setrate(struct net_device *dev,
4592 struct iw_request_info *info,
4593 struct iw_param *rrq,
4594 char *extra)
4595{
4596 struct orinoco_private *priv = netdev_priv(dev);
4597 int ratemode = -1;
4598 int bitrate; /* 100s of kilobits */
4599 int i;
4600 unsigned long flags;
4601
4602 /* As the user space doesn't know our highest rate, it uses -1
4603 * to ask us to set the highest rate. Test it using "iwconfig
4604 * ethX rate auto" - Jean II */
4605 if (rrq->value == -1)
4606 bitrate = 110;
4607 else {
4608 if (rrq->value % 100000)
4609 return -EINVAL;
4610 bitrate = rrq->value / 100000;
4611 }
4612
4613 if ((bitrate != 10) && (bitrate != 20) &&
4614 (bitrate != 55) && (bitrate != 110))
4615 return -EINVAL;
4616
4617 for (i = 0; i < BITRATE_TABLE_SIZE; i++)
4618 if ((bitrate_table[i].bitrate == bitrate) &&
4619 (bitrate_table[i].automatic == !rrq->fixed)) {
4620 ratemode = i;
4621 break;
4622 }
4623
4624 if (ratemode == -1)
4625 return -EINVAL;
4626
4627 if (orinoco_lock(priv, &flags) != 0)
4628 return -EBUSY;
4629 priv->bitratemode = ratemode;
4630 orinoco_unlock(priv, &flags);
4631
4632 return -EINPROGRESS;
4633}
4634
4635static int orinoco_ioctl_getrate(struct net_device *dev,
4636 struct iw_request_info *info,
4637 struct iw_param *rrq,
4638 char *extra)
4639{
4640 struct orinoco_private *priv = netdev_priv(dev);
4641 hermes_t *hw = &priv->hw;
4642 int err = 0;
4643 int ratemode;
4644 int i;
4645 u16 val;
4646 unsigned long flags;
4647
4648 if (orinoco_lock(priv, &flags) != 0)
4649 return -EBUSY;
4650
4651 ratemode = priv->bitratemode;
4652
4653 BUG_ON((ratemode < 0) || (ratemode >= BITRATE_TABLE_SIZE));
4654
4655 rrq->value = bitrate_table[ratemode].bitrate * 100000;
4656 rrq->fixed = !bitrate_table[ratemode].automatic;
4657 rrq->disabled = 0;
4658
4659 /* If the interface is running we try to find more about the
4660 current mode */
4661 if (netif_running(dev)) {
4662 err = hermes_read_wordrec(hw, USER_BAP,
4663 HERMES_RID_CURRENTTXRATE, &val);
4664 if (err)
4665 goto out;
4666
4667 switch (priv->firmware_type) {
4668 case FIRMWARE_TYPE_AGERE: /* Lucent style rate */
4669 /* Note : in Lucent firmware, the return value of
4670 * HERMES_RID_CURRENTTXRATE is the bitrate in Mb/s,
4671 * and therefore is totally different from the
4672 * encoding of HERMES_RID_CNFTXRATECONTROL.
4673 * Don't forget that 6Mb/s is really 5.5Mb/s */
4674 if (val == 6)
4675 rrq->value = 5500000;
4676 else
4677 rrq->value = val * 1000000;
4678 break;
4679 case FIRMWARE_TYPE_INTERSIL: /* Intersil style rate */
4680 case FIRMWARE_TYPE_SYMBOL: /* Symbol style rate */
4681 for (i = 0; i < BITRATE_TABLE_SIZE; i++)
4682 if (bitrate_table[i].intersil_txratectrl == val) {
4683 ratemode = i;
4684 break;
4685 }
4686 if (i >= BITRATE_TABLE_SIZE)
4687 printk(KERN_INFO "%s: Unable to determine current bitrate (0x%04hx)\n",
4688 dev->name, val);
4689
4690 rrq->value = bitrate_table[ratemode].bitrate * 100000;
4691 break;
4692 default:
4693 BUG();
4694 }
4695 }
4696
4697 out:
4698 orinoco_unlock(priv, &flags);
4699
4700 return err;
4701}
4702
4703static int orinoco_ioctl_setpower(struct net_device *dev,
4704 struct iw_request_info *info,
4705 struct iw_param *prq,
4706 char *extra)
4707{
4708 struct orinoco_private *priv = netdev_priv(dev);
4709 int err = -EINPROGRESS; /* Call commit handler */
4710 unsigned long flags;
4711
4712 if (orinoco_lock(priv, &flags) != 0)
4713 return -EBUSY;
4714
4715 if (prq->disabled) {
4716 priv->pm_on = 0;
4717 } else {
4718 switch (prq->flags & IW_POWER_MODE) {
4719 case IW_POWER_UNICAST_R:
4720 priv->pm_mcast = 0;
4721 priv->pm_on = 1;
4722 break;
4723 case IW_POWER_ALL_R:
4724 priv->pm_mcast = 1;
4725 priv->pm_on = 1;
4726 break;
4727 case IW_POWER_ON:
4728 /* No flags : but we may have a value - Jean II */
4729 break;
4730 default:
4731 err = -EINVAL;
4732 goto out;
4733 }
4734
4735 if (prq->flags & IW_POWER_TIMEOUT) {
4736 priv->pm_on = 1;
4737 priv->pm_timeout = prq->value / 1000;
4738 }
4739 if (prq->flags & IW_POWER_PERIOD) {
4740 priv->pm_on = 1;
4741 priv->pm_period = prq->value / 1000;
4742 }
4743 /* It's valid to not have a value if we are just toggling
4744 * the flags... Jean II */
4745 if (!priv->pm_on) {
4746 err = -EINVAL;
4747 goto out;
4748 }
4749 }
4750
4751 out:
4752 orinoco_unlock(priv, &flags);
4753
4754 return err;
4755}
4756
4757static int orinoco_ioctl_getpower(struct net_device *dev,
4758 struct iw_request_info *info,
4759 struct iw_param *prq,
4760 char *extra)
4761{
4762 struct orinoco_private *priv = netdev_priv(dev);
4763 hermes_t *hw = &priv->hw;
4764 int err = 0;
4765 u16 enable, period, timeout, mcast;
4766 unsigned long flags;
4767
4768 if (orinoco_lock(priv, &flags) != 0)
4769 return -EBUSY;
4770
4771 err = hermes_read_wordrec(hw, USER_BAP,
4772 HERMES_RID_CNFPMENABLED, &enable);
4773 if (err)
4774 goto out;
4775
4776 err = hermes_read_wordrec(hw, USER_BAP,
4777 HERMES_RID_CNFMAXSLEEPDURATION, &period);
4778 if (err)
4779 goto out;
4780
4781 err = hermes_read_wordrec(hw, USER_BAP,
4782 HERMES_RID_CNFPMHOLDOVERDURATION, &timeout);
4783 if (err)
4784 goto out;
4785
4786 err = hermes_read_wordrec(hw, USER_BAP,
4787 HERMES_RID_CNFMULTICASTRECEIVE, &mcast);
4788 if (err)
4789 goto out;
4790
4791 prq->disabled = !enable;
4792 /* Note : by default, display the period */
4793 if ((prq->flags & IW_POWER_TYPE) == IW_POWER_TIMEOUT) {
4794 prq->flags = IW_POWER_TIMEOUT;
4795 prq->value = timeout * 1000;
4796 } else {
4797 prq->flags = IW_POWER_PERIOD;
4798 prq->value = period * 1000;
4799 }
4800 if (mcast)
4801 prq->flags |= IW_POWER_ALL_R;
4802 else
4803 prq->flags |= IW_POWER_UNICAST_R;
4804
4805 out:
4806 orinoco_unlock(priv, &flags);
4807
4808 return err;
4809}
4810
4811static int orinoco_ioctl_set_encodeext(struct net_device *dev,
4812 struct iw_request_info *info,
4813 union iwreq_data *wrqu,
4814 char *extra)
4815{
4816 struct orinoco_private *priv = netdev_priv(dev);
4817 struct iw_point *encoding = &wrqu->encoding;
4818 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
4819 int idx, alg = ext->alg, set_key = 1;
4820 unsigned long flags;
4821 int err = -EINVAL;
4822 u16 key_len;
4823
4824 if (orinoco_lock(priv, &flags) != 0)
4825 return -EBUSY;
4826
4827 /* Determine and validate the key index */
4828 idx = encoding->flags & IW_ENCODE_INDEX;
4829 if (idx) {
4830 if ((idx < 1) || (idx > 4))
4831 goto out;
4832 idx--;
4833 } else
4834 idx = priv->tx_key;
4835
4836 if (encoding->flags & IW_ENCODE_DISABLED)
4837 alg = IW_ENCODE_ALG_NONE;
4838
4839 if (priv->has_wpa && (alg != IW_ENCODE_ALG_TKIP)) {
4840 /* Clear any TKIP TX key we had */
4841 (void) orinoco_clear_tkip_key(priv, priv->tx_key);
4842 }
4843
4844 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
4845 priv->tx_key = idx;
4846 set_key = ((alg == IW_ENCODE_ALG_TKIP) ||
4847 (ext->key_len > 0)) ? 1 : 0;
4848 }
4849
4850 if (set_key) {
4851 /* Set the requested key first */
4852 switch (alg) {
4853 case IW_ENCODE_ALG_NONE:
4854 priv->encode_alg = alg;
4855 priv->keys[idx].len = 0;
4856 break;
4857
4858 case IW_ENCODE_ALG_WEP:
4859 if (ext->key_len > SMALL_KEY_SIZE)
4860 key_len = LARGE_KEY_SIZE;
4861 else if (ext->key_len > 0)
4862 key_len = SMALL_KEY_SIZE;
4863 else
4864 goto out;
4865
4866 priv->encode_alg = alg;
4867 priv->keys[idx].len = cpu_to_le16(key_len);
4868
4869 key_len = min(ext->key_len, key_len);
4870
4871 memset(priv->keys[idx].data, 0, ORINOCO_MAX_KEY_SIZE);
4872 memcpy(priv->keys[idx].data, ext->key, key_len);
4873 break;
4874
4875 case IW_ENCODE_ALG_TKIP:
4876 {
4877 hermes_t *hw = &priv->hw;
4878 u8 *tkip_iv = NULL;
4879
4880 if (!priv->has_wpa ||
4881 (ext->key_len > sizeof(priv->tkip_key[0])))
4882 goto out;
4883
4884 priv->encode_alg = alg;
4885 memset(&priv->tkip_key[idx], 0,
4886 sizeof(priv->tkip_key[idx]));
4887 memcpy(&priv->tkip_key[idx], ext->key, ext->key_len);
4888
4889 if (ext->ext_flags & IW_ENCODE_EXT_RX_SEQ_VALID)
4890 tkip_iv = &ext->rx_seq[0];
4891
4892 err = __orinoco_hw_set_tkip_key(hw, idx,
4893 ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY,
4894 (u8 *) &priv->tkip_key[idx],
4895 tkip_iv, NULL);
4896 if (err)
4897 printk(KERN_ERR "%s: Error %d setting TKIP key"
4898 "\n", dev->name, err);
4899
4900 goto out;
4901 }
4902 default:
4903 goto out;
4904 }
4905 }
4906 err = -EINPROGRESS;
4907 out:
4908 orinoco_unlock(priv, &flags);
4909
4910 return err;
4911}
4912
4913static int orinoco_ioctl_get_encodeext(struct net_device *dev,
4914 struct iw_request_info *info,
4915 union iwreq_data *wrqu,
4916 char *extra)
4917{
4918 struct orinoco_private *priv = netdev_priv(dev);
4919 struct iw_point *encoding = &wrqu->encoding;
4920 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
4921 int idx, max_key_len;
4922 unsigned long flags;
4923 int err;
4924
4925 if (orinoco_lock(priv, &flags) != 0)
4926 return -EBUSY;
4927
4928 err = -EINVAL;
4929 max_key_len = encoding->length - sizeof(*ext);
4930 if (max_key_len < 0)
4931 goto out;
4932
4933 idx = encoding->flags & IW_ENCODE_INDEX;
4934 if (idx) {
4935 if ((idx < 1) || (idx > 4))
4936 goto out;
4937 idx--;
4938 } else
4939 idx = priv->tx_key;
4940
4941 encoding->flags = idx + 1;
4942 memset(ext, 0, sizeof(*ext));
4943
4944 ext->alg = priv->encode_alg;
4945 switch (priv->encode_alg) {
4946 case IW_ENCODE_ALG_NONE:
4947 ext->key_len = 0;
4948 encoding->flags |= IW_ENCODE_DISABLED;
4949 break;
4950 case IW_ENCODE_ALG_WEP:
4951 ext->key_len = min_t(u16, le16_to_cpu(priv->keys[idx].len),
4952 max_key_len);
4953 memcpy(ext->key, priv->keys[idx].data, ext->key_len);
4954 encoding->flags |= IW_ENCODE_ENABLED;
4955 break;
4956 case IW_ENCODE_ALG_TKIP:
4957 ext->key_len = min_t(u16, sizeof(struct orinoco_tkip_key),
4958 max_key_len);
4959 memcpy(ext->key, &priv->tkip_key[idx], ext->key_len);
4960 encoding->flags |= IW_ENCODE_ENABLED;
4961 break;
4962 }
4963
4964 err = 0;
4965 out:
4966 orinoco_unlock(priv, &flags);
4967
4968 return err;
4969}
4970
4971static int orinoco_ioctl_set_auth(struct net_device *dev,
4972 struct iw_request_info *info,
4973 union iwreq_data *wrqu, char *extra)
4974{
4975 struct orinoco_private *priv = netdev_priv(dev);
4976 hermes_t *hw = &priv->hw;
4977 struct iw_param *param = &wrqu->param;
4978 unsigned long flags;
4979 int ret = -EINPROGRESS;
4980
4981 if (orinoco_lock(priv, &flags) != 0)
4982 return -EBUSY;
4983
4984 switch (param->flags & IW_AUTH_INDEX) {
4985 case IW_AUTH_WPA_VERSION:
4986 case IW_AUTH_CIPHER_PAIRWISE:
4987 case IW_AUTH_CIPHER_GROUP:
4988 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
4989 case IW_AUTH_PRIVACY_INVOKED:
4990 case IW_AUTH_DROP_UNENCRYPTED:
4991 /*
4992 * orinoco does not use these parameters
4993 */
4994 break;
4995
4996 case IW_AUTH_KEY_MGMT:
4997 /* wl_lkm implies value 2 == PSK for Hermes I
4998 * which ties in with WEXT
4999 * no other hints tho :(
5000 */
5001 priv->key_mgmt = param->value;
5002 break;
5003
5004 case IW_AUTH_TKIP_COUNTERMEASURES:
5005 /* When countermeasures are enabled, shut down the
5006 * card; when disabled, re-enable the card. This must
5007 * take effect immediately.
5008 *
5009 * TODO: Make sure that the EAPOL message is getting
5010 * out before card disabled
5011 */
5012 if (param->value) {
5013 priv->tkip_cm_active = 1;
5014 ret = hermes_enable_port(hw, 0);
5015 } else {
5016 priv->tkip_cm_active = 0;
5017 ret = hermes_disable_port(hw, 0);
5018 }
5019 break;
5020
5021 case IW_AUTH_80211_AUTH_ALG:
5022 if (param->value & IW_AUTH_ALG_SHARED_KEY)
5023 priv->wep_restrict = 1;
5024 else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM)
5025 priv->wep_restrict = 0;
5026 else
5027 ret = -EINVAL;
5028 break;
5029
5030 case IW_AUTH_WPA_ENABLED:
5031 if (priv->has_wpa) {
5032 priv->wpa_enabled = param->value ? 1 : 0;
5033 } else {
5034 if (param->value)
5035 ret = -EOPNOTSUPP;
5036 /* else silently accept disable of WPA */
5037 priv->wpa_enabled = 0;
5038 }
5039 break;
5040
5041 default:
5042 ret = -EOPNOTSUPP;
5043 }
5044
5045 orinoco_unlock(priv, &flags);
5046 return ret;
5047}
5048
5049static int orinoco_ioctl_get_auth(struct net_device *dev,
5050 struct iw_request_info *info,
5051 union iwreq_data *wrqu, char *extra)
5052{
5053 struct orinoco_private *priv = netdev_priv(dev);
5054 struct iw_param *param = &wrqu->param;
5055 unsigned long flags;
5056 int ret = 0;
5057
5058 if (orinoco_lock(priv, &flags) != 0)
5059 return -EBUSY;
5060
5061 switch (param->flags & IW_AUTH_INDEX) {
5062 case IW_AUTH_KEY_MGMT:
5063 param->value = priv->key_mgmt;
5064 break;
5065
5066 case IW_AUTH_TKIP_COUNTERMEASURES:
5067 param->value = priv->tkip_cm_active;
5068 break;
5069
5070 case IW_AUTH_80211_AUTH_ALG:
5071 if (priv->wep_restrict)
5072 param->value = IW_AUTH_ALG_SHARED_KEY;
5073 else
5074 param->value = IW_AUTH_ALG_OPEN_SYSTEM;
5075 break;
5076
5077 case IW_AUTH_WPA_ENABLED:
5078 param->value = priv->wpa_enabled;
5079 break;
5080
5081 default:
5082 ret = -EOPNOTSUPP;
5083 }
5084
5085 orinoco_unlock(priv, &flags);
5086 return ret;
5087}
5088
5089static int orinoco_ioctl_set_genie(struct net_device *dev,
5090 struct iw_request_info *info,
5091 union iwreq_data *wrqu, char *extra)
5092{
5093 struct orinoco_private *priv = netdev_priv(dev);
5094 u8 *buf;
5095 unsigned long flags;
5096
5097 /* cut off at IEEE80211_MAX_DATA_LEN */
5098 if ((wrqu->data.length > IEEE80211_MAX_DATA_LEN) ||
5099 (wrqu->data.length && (extra == NULL)))
5100 return -EINVAL;
5101
5102 if (wrqu->data.length) {
5103 buf = kmalloc(wrqu->data.length, GFP_KERNEL);
5104 if (buf == NULL)
5105 return -ENOMEM;
5106
5107 memcpy(buf, extra, wrqu->data.length);
5108 } else
5109 buf = NULL;
5110
5111 if (orinoco_lock(priv, &flags) != 0) {
5112 kfree(buf);
5113 return -EBUSY;
5114 }
5115
5116 kfree(priv->wpa_ie);
5117 priv->wpa_ie = buf;
5118 priv->wpa_ie_len = wrqu->data.length;
5119
5120 if (priv->wpa_ie) {
5121 /* Looks like wl_lkm wants to check the auth alg, and
5122 * somehow pass it to the firmware.
5123 * Instead it just calls the key mgmt rid
5124 * - we do this in set auth.
5125 */
5126 }
5127
5128 orinoco_unlock(priv, &flags);
5129 return 0;
5130}
5131
5132static int orinoco_ioctl_get_genie(struct net_device *dev,
5133 struct iw_request_info *info,
5134 union iwreq_data *wrqu, char *extra)
5135{
5136 struct orinoco_private *priv = netdev_priv(dev);
5137 unsigned long flags;
5138 int err = 0;
5139
5140 if (orinoco_lock(priv, &flags) != 0)
5141 return -EBUSY;
5142
5143 if ((priv->wpa_ie_len == 0) || (priv->wpa_ie == NULL)) {
5144 wrqu->data.length = 0;
5145 goto out;
5146 }
5147
5148 if (wrqu->data.length < priv->wpa_ie_len) {
5149 err = -E2BIG;
5150 goto out;
5151 }
5152
5153 wrqu->data.length = priv->wpa_ie_len;
5154 memcpy(extra, priv->wpa_ie, priv->wpa_ie_len);
5155
5156out:
5157 orinoco_unlock(priv, &flags);
5158 return err;
5159}
5160
5161static int orinoco_ioctl_set_mlme(struct net_device *dev,
5162 struct iw_request_info *info,
5163 union iwreq_data *wrqu, char *extra)
5164{
5165 struct orinoco_private *priv = netdev_priv(dev);
5166 hermes_t *hw = &priv->hw;
5167 struct iw_mlme *mlme = (struct iw_mlme *)extra;
5168 unsigned long flags;
5169 int ret = 0;
5170
5171 if (orinoco_lock(priv, &flags) != 0)
5172 return -EBUSY;
5173
5174 switch (mlme->cmd) {
5175 case IW_MLME_DEAUTH:
5176 /* silently ignore */
5177 break;
5178
5179 case IW_MLME_DISASSOC:
5180 {
5181 struct {
5182 u8 addr[ETH_ALEN];
5183 __le16 reason_code;
5184 } __attribute__ ((packed)) buf;
5185
5186 memcpy(buf.addr, mlme->addr.sa_data, ETH_ALEN);
5187 buf.reason_code = cpu_to_le16(mlme->reason_code);
5188 ret = HERMES_WRITE_RECORD(hw, USER_BAP,
5189 HERMES_RID_CNFDISASSOCIATE,
5190 &buf);
5191 break;
5192 }
5193 default:
5194 ret = -EOPNOTSUPP;
5195 }
5196
5197 orinoco_unlock(priv, &flags);
5198 return ret;
5199}
5200
5201static int orinoco_ioctl_getretry(struct net_device *dev,
5202 struct iw_request_info *info,
5203 struct iw_param *rrq,
5204 char *extra)
5205{
5206 struct orinoco_private *priv = netdev_priv(dev);
5207 hermes_t *hw = &priv->hw;
5208 int err = 0;
5209 u16 short_limit, long_limit, lifetime;
5210 unsigned long flags;
5211
5212 if (orinoco_lock(priv, &flags) != 0)
5213 return -EBUSY;
5214
5215 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_SHORTRETRYLIMIT,
5216 &short_limit);
5217 if (err)
5218 goto out;
5219
5220 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_LONGRETRYLIMIT,
5221 &long_limit);
5222 if (err)
5223 goto out;
5224
5225 err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_MAXTRANSMITLIFETIME,
5226 &lifetime);
5227 if (err)
5228 goto out;
5229
5230 rrq->disabled = 0; /* Can't be disabled */
5231
5232 /* Note : by default, display the retry number */
5233 if ((rrq->flags & IW_RETRY_TYPE) == IW_RETRY_LIFETIME) {
5234 rrq->flags = IW_RETRY_LIFETIME;
5235 rrq->value = lifetime * 1000; /* ??? */
5236 } else {
5237 /* By default, display the min number */
5238 if ((rrq->flags & IW_RETRY_LONG)) {
5239 rrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
5240 rrq->value = long_limit;
5241 } else {
5242 rrq->flags = IW_RETRY_LIMIT;
5243 rrq->value = short_limit;
5244 if (short_limit != long_limit)
5245 rrq->flags |= IW_RETRY_SHORT;
5246 }
5247 }
5248
5249 out:
5250 orinoco_unlock(priv, &flags);
5251
5252 return err;
5253}
5254
5255static int orinoco_ioctl_reset(struct net_device *dev,
5256 struct iw_request_info *info,
5257 void *wrqu,
5258 char *extra)
5259{
5260 struct orinoco_private *priv = netdev_priv(dev);
5261
5262 if (!capable(CAP_NET_ADMIN))
5263 return -EPERM;
5264
5265 if (info->cmd == (SIOCIWFIRSTPRIV + 0x1)) {
5266 printk(KERN_DEBUG "%s: Forcing reset!\n", dev->name);
5267
5268 /* Firmware reset */
5269 orinoco_reset(&priv->reset_work);
5270 } else {
5271 printk(KERN_DEBUG "%s: Force scheduling reset!\n", dev->name);
5272
5273 schedule_work(&priv->reset_work);
5274 }
5275
5276 return 0;
5277}
5278
5279static int orinoco_ioctl_setibssport(struct net_device *dev,
5280 struct iw_request_info *info,
5281 void *wrqu,
5282 char *extra)
5283
5284{
5285 struct orinoco_private *priv = netdev_priv(dev);
5286 int val = *((int *) extra);
5287 unsigned long flags;
5288
5289 if (orinoco_lock(priv, &flags) != 0)
5290 return -EBUSY;
5291
5292 priv->ibss_port = val ;
5293
5294 /* Actually update the mode we are using */
5295 set_port_type(priv);
5296
5297 orinoco_unlock(priv, &flags);
5298 return -EINPROGRESS; /* Call commit handler */
5299}
5300
5301static int orinoco_ioctl_getibssport(struct net_device *dev,
5302 struct iw_request_info *info,
5303 void *wrqu,
5304 char *extra)
5305{
5306 struct orinoco_private *priv = netdev_priv(dev);
5307 int *val = (int *) extra;
5308
5309 *val = priv->ibss_port;
5310 return 0;
5311}
5312
5313static int orinoco_ioctl_setport3(struct net_device *dev,
5314 struct iw_request_info *info,
5315 void *wrqu,
5316 char *extra)
5317{
5318 struct orinoco_private *priv = netdev_priv(dev);
5319 int val = *((int *) extra);
5320 int err = 0;
5321 unsigned long flags;
5322
5323 if (orinoco_lock(priv, &flags) != 0)
5324 return -EBUSY;
5325
5326 switch (val) {
5327 case 0: /* Try to do IEEE ad-hoc mode */
5328 if (!priv->has_ibss) {
5329 err = -EINVAL;
5330 break;
5331 }
5332 priv->prefer_port3 = 0;
5333
5334 break;
5335
5336 case 1: /* Try to do Lucent proprietary ad-hoc mode */
5337 if (!priv->has_port3) {
5338 err = -EINVAL;
5339 break;
5340 }
5341 priv->prefer_port3 = 1;
5342 break;
5343
5344 default:
5345 err = -EINVAL;
5346 }
5347
5348 if (!err) {
5349 /* Actually update the mode we are using */
5350 set_port_type(priv);
5351 err = -EINPROGRESS;
5352 }
5353
5354 orinoco_unlock(priv, &flags);
5355
5356 return err;
5357}
5358
5359static int orinoco_ioctl_getport3(struct net_device *dev,
5360 struct iw_request_info *info,
5361 void *wrqu,
5362 char *extra)
5363{
5364 struct orinoco_private *priv = netdev_priv(dev);
5365 int *val = (int *) extra;
5366
5367 *val = priv->prefer_port3;
5368 return 0;
5369}
5370
5371static int orinoco_ioctl_setpreamble(struct net_device *dev,
5372 struct iw_request_info *info,
5373 void *wrqu,
5374 char *extra)
5375{
5376 struct orinoco_private *priv = netdev_priv(dev);
5377 unsigned long flags;
5378 int val;
5379
5380 if (!priv->has_preamble)
5381 return -EOPNOTSUPP;
5382
5383 /* 802.11b has recently defined some short preamble.
5384 * Basically, the Phy header has been reduced in size.
5385 * This increase performance, especially at high rates
5386 * (the preamble is transmitted at 1Mb/s), unfortunately
5387 * this give compatibility troubles... - Jean II */
5388 val = *((int *) extra);
5389
5390 if (orinoco_lock(priv, &flags) != 0)
5391 return -EBUSY;
5392
5393 if (val)
5394 priv->preamble = 1;
5395 else
5396 priv->preamble = 0;
5397
5398 orinoco_unlock(priv, &flags);
5399
5400 return -EINPROGRESS; /* Call commit handler */
5401}
5402
5403static int orinoco_ioctl_getpreamble(struct net_device *dev,
5404 struct iw_request_info *info,
5405 void *wrqu,
5406 char *extra)
5407{
5408 struct orinoco_private *priv = netdev_priv(dev);
5409 int *val = (int *) extra;
5410
5411 if (!priv->has_preamble)
5412 return -EOPNOTSUPP;
5413
5414 *val = priv->preamble;
5415 return 0;
5416}
5417
5418/* ioctl interface to hermes_read_ltv()
5419 * To use with iwpriv, pass the RID as the token argument, e.g.
5420 * iwpriv get_rid [0xfc00]
5421 * At least Wireless Tools 25 is required to use iwpriv.
5422 * For Wireless Tools 25 and 26 append "dummy" are the end. */
5423static int orinoco_ioctl_getrid(struct net_device *dev,
5424 struct iw_request_info *info,
5425 struct iw_point *data,
5426 char *extra)
5427{
5428 struct orinoco_private *priv = netdev_priv(dev);
5429 hermes_t *hw = &priv->hw;
5430 int rid = data->flags;
5431 u16 length;
5432 int err;
5433 unsigned long flags;
5434
5435 /* It's a "get" function, but we don't want users to access the
5436 * WEP key and other raw firmware data */
5437 if (!capable(CAP_NET_ADMIN))
5438 return -EPERM;
5439
5440 if (rid < 0xfc00 || rid > 0xffff)
5441 return -EINVAL;
5442
5443 if (orinoco_lock(priv, &flags) != 0)
5444 return -EBUSY;
5445
5446 err = hermes_read_ltv(hw, USER_BAP, rid, MAX_RID_LEN, &length,
5447 extra);
5448 if (err)
5449 goto out;
5450
5451 data->length = min_t(u16, HERMES_RECLEN_TO_BYTES(length),
5452 MAX_RID_LEN);
5453
5454 out:
5455 orinoco_unlock(priv, &flags);
5456 return err;
5457}
5458
5459/* Trigger a scan (look for other cells in the vicinity) */
5460static int orinoco_ioctl_setscan(struct net_device *dev,
5461 struct iw_request_info *info,
5462 struct iw_point *srq,
5463 char *extra)
5464{
5465 struct orinoco_private *priv = netdev_priv(dev);
5466 hermes_t *hw = &priv->hw;
5467 struct iw_scan_req *si = (struct iw_scan_req *) extra;
5468 int err = 0;
5469 unsigned long flags;
5470
5471 /* Note : you may have realised that, as this is a SET operation,
5472 * this is privileged and therefore a normal user can't
5473 * perform scanning.
5474 * This is not an error, while the device perform scanning,
5475 * traffic doesn't flow, so it's a perfect DoS...
5476 * Jean II */
5477
5478 if (orinoco_lock(priv, &flags) != 0)
5479 return -EBUSY;
5480
5481 /* Scanning with port 0 disabled would fail */
5482 if (!netif_running(dev)) {
5483 err = -ENETDOWN;
5484 goto out;
5485 }
5486
5487 /* In monitor mode, the scan results are always empty.
5488 * Probe responses are passed to the driver as received
5489 * frames and could be processed in software. */
5490 if (priv->iw_mode == IW_MODE_MONITOR) {
5491 err = -EOPNOTSUPP;
5492 goto out;
5493 }
5494
5495 /* Note : because we don't lock out the irq handler, the way
5496 * we access scan variables in priv is critical.
5497 * o scan_inprogress : not touched by irq handler
5498 * o scan_mode : not touched by irq handler
5499 * Before modifying anything on those variables, please think hard !
5500 * Jean II */
5501
5502 /* Save flags */
5503 priv->scan_mode = srq->flags;
5504
5505 /* Always trigger scanning, even if it's in progress.
5506 * This way, if the info frame get lost, we will recover somewhat
5507 * gracefully - Jean II */
5508
5509 if (priv->has_hostscan) {
5510 switch (priv->firmware_type) {
5511 case FIRMWARE_TYPE_SYMBOL:
5512 err = hermes_write_wordrec(hw, USER_BAP,
5513 HERMES_RID_CNFHOSTSCAN_SYMBOL,
5514 HERMES_HOSTSCAN_SYMBOL_ONCE |
5515 HERMES_HOSTSCAN_SYMBOL_BCAST);
5516 break;
5517 case FIRMWARE_TYPE_INTERSIL: {
5518 __le16 req[3];
5519
5520 req[0] = cpu_to_le16(0x3fff); /* All channels */
5521 req[1] = cpu_to_le16(0x0001); /* rate 1 Mbps */
5522 req[2] = 0; /* Any ESSID */
5523 err = HERMES_WRITE_RECORD(hw, USER_BAP,
5524 HERMES_RID_CNFHOSTSCAN, &req);
5525 }
5526 break;
5527 case FIRMWARE_TYPE_AGERE:
5528 if (priv->scan_mode & IW_SCAN_THIS_ESSID) {
5529 struct hermes_idstring idbuf;
5530 size_t len = min(sizeof(idbuf.val),
5531 (size_t) si->essid_len);
5532 idbuf.len = cpu_to_le16(len);
5533 memcpy(idbuf.val, si->essid, len);
5534
5535 err = hermes_write_ltv(hw, USER_BAP,
5536 HERMES_RID_CNFSCANSSID_AGERE,
5537 HERMES_BYTES_TO_RECLEN(len + 2),
5538 &idbuf);
5539 } else
5540 err = hermes_write_wordrec(hw, USER_BAP,
5541 HERMES_RID_CNFSCANSSID_AGERE,
5542 0); /* Any ESSID */
5543 if (err)
5544 break;
5545
5546 if (priv->has_ext_scan) {
5547 /* Clear scan results at the start of
5548 * an extended scan */
5549 orinoco_clear_scan_results(priv,
5550 msecs_to_jiffies(15000));
5551
5552 /* TODO: Is this available on older firmware?
5553 * Can we use it to scan specific channels
5554 * for IW_SCAN_THIS_FREQ? */
5555 err = hermes_write_wordrec(hw, USER_BAP,
5556 HERMES_RID_CNFSCANCHANNELS2GHZ,
5557 0x7FFF);
5558 if (err)
5559 goto out;
5560
5561 err = hermes_inquire(hw,
5562 HERMES_INQ_CHANNELINFO);
5563 } else
5564 err = hermes_inquire(hw, HERMES_INQ_SCAN);
5565 break;
5566 }
5567 } else
5568 err = hermes_inquire(hw, HERMES_INQ_SCAN);
5569
5570 /* One more client */
5571 if (!err)
5572 priv->scan_inprogress = 1;
5573
5574 out:
5575 orinoco_unlock(priv, &flags);
5576 return err;
5577}
5578
5579#define MAX_CUSTOM_LEN 64
5580
5581/* Translate scan data returned from the card to a card independant
5582 * format that the Wireless Tools will understand - Jean II */
5583static inline char *orinoco_translate_scan(struct net_device *dev,
5584 struct iw_request_info *info,
5585 char *current_ev,
5586 char *end_buf,
5587 union hermes_scan_info *bss,
5588 unsigned long last_scanned)
5589{
5590 struct orinoco_private *priv = netdev_priv(dev);
5591 u16 capabilities;
5592 u16 channel;
5593 struct iw_event iwe; /* Temporary buffer */
5594 char custom[MAX_CUSTOM_LEN];
5595
5596 memset(&iwe, 0, sizeof(iwe));
5597
5598 /* First entry *MUST* be the AP MAC address */
5599 iwe.cmd = SIOCGIWAP;
5600 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
5601 memcpy(iwe.u.ap_addr.sa_data, bss->a.bssid, ETH_ALEN);
5602 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5603 &iwe, IW_EV_ADDR_LEN);
5604
5605 /* Other entries will be displayed in the order we give them */
5606
5607 /* Add the ESSID */
5608 iwe.u.data.length = le16_to_cpu(bss->a.essid_len);
5609 if (iwe.u.data.length > 32)
5610 iwe.u.data.length = 32;
5611 iwe.cmd = SIOCGIWESSID;
5612 iwe.u.data.flags = 1;
5613 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5614 &iwe, bss->a.essid);
5615
5616 /* Add mode */
5617 iwe.cmd = SIOCGIWMODE;
5618 capabilities = le16_to_cpu(bss->a.capabilities);
5619 if (capabilities & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
5620 if (capabilities & WLAN_CAPABILITY_ESS)
5621 iwe.u.mode = IW_MODE_MASTER;
5622 else
5623 iwe.u.mode = IW_MODE_ADHOC;
5624 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5625 &iwe, IW_EV_UINT_LEN);
5626 }
5627
5628 channel = bss->s.channel;
5629 if ((channel >= 1) && (channel <= NUM_CHANNELS)) {
5630 /* Add channel and frequency */
5631 iwe.cmd = SIOCGIWFREQ;
5632 iwe.u.freq.m = channel;
5633 iwe.u.freq.e = 0;
5634 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5635 &iwe, IW_EV_FREQ_LEN);
5636
5637 iwe.u.freq.m = ieee80211_dsss_chan_to_freq(channel) * 100000;
5638 iwe.u.freq.e = 1;
5639 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5640 &iwe, IW_EV_FREQ_LEN);
5641 }
5642
5643 /* Add quality statistics. level and noise in dB. No link quality */
5644 iwe.cmd = IWEVQUAL;
5645 iwe.u.qual.updated = IW_QUAL_DBM | IW_QUAL_QUAL_INVALID;
5646 iwe.u.qual.level = (__u8) le16_to_cpu(bss->a.level) - 0x95;
5647 iwe.u.qual.noise = (__u8) le16_to_cpu(bss->a.noise) - 0x95;
5648 /* Wireless tools prior to 27.pre22 will show link quality
5649 * anyway, so we provide a reasonable value. */
5650 if (iwe.u.qual.level > iwe.u.qual.noise)
5651 iwe.u.qual.qual = iwe.u.qual.level - iwe.u.qual.noise;
5652 else
5653 iwe.u.qual.qual = 0;
5654 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5655 &iwe, IW_EV_QUAL_LEN);
5656
5657 /* Add encryption capability */
5658 iwe.cmd = SIOCGIWENCODE;
5659 if (capabilities & WLAN_CAPABILITY_PRIVACY)
5660 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
5661 else
5662 iwe.u.data.flags = IW_ENCODE_DISABLED;
5663 iwe.u.data.length = 0;
5664 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5665 &iwe, NULL);
5666
5667 /* Bit rate is not available in Lucent/Agere firmwares */
5668 if (priv->firmware_type != FIRMWARE_TYPE_AGERE) {
5669 char *current_val = current_ev + iwe_stream_lcp_len(info);
5670 int i;
5671 int step;
5672
5673 if (priv->firmware_type == FIRMWARE_TYPE_SYMBOL)
5674 step = 2;
5675 else
5676 step = 1;
5677
5678 iwe.cmd = SIOCGIWRATE;
5679 /* Those two flags are ignored... */
5680 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
5681 /* Max 10 values */
5682 for (i = 0; i < 10; i += step) {
5683 /* NULL terminated */
5684 if (bss->p.rates[i] == 0x0)
5685 break;
5686 /* Bit rate given in 500 kb/s units (+ 0x80) */
5687 iwe.u.bitrate.value =
5688 ((bss->p.rates[i] & 0x7f) * 500000);
5689 current_val = iwe_stream_add_value(info, current_ev,
5690 current_val,
5691 end_buf, &iwe,
5692 IW_EV_PARAM_LEN);
5693 }
5694 /* Check if we added any event */
5695 if ((current_val - current_ev) > iwe_stream_lcp_len(info))
5696 current_ev = current_val;
5697 }
5698
5699 /* Beacon interval */
5700 iwe.cmd = IWEVCUSTOM;
5701 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5702 "bcn_int=%d",
5703 le16_to_cpu(bss->a.beacon_interv));
5704 if (iwe.u.data.length)
5705 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5706 &iwe, custom);
5707
5708 /* Capabilites */
5709 iwe.cmd = IWEVCUSTOM;
5710 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5711 "capab=0x%04x",
5712 capabilities);
5713 if (iwe.u.data.length)
5714 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5715 &iwe, custom);
5716
5717 /* Add EXTRA: Age to display seconds since last beacon/probe response
5718 * for given network. */
5719 iwe.cmd = IWEVCUSTOM;
5720 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5721 " Last beacon: %dms ago",
5722 jiffies_to_msecs(jiffies - last_scanned));
5723 if (iwe.u.data.length)
5724 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5725 &iwe, custom);
5726
5727 return current_ev;
5728}
5729
5730static inline char *orinoco_translate_ext_scan(struct net_device *dev,
5731 struct iw_request_info *info,
5732 char *current_ev,
5733 char *end_buf,
5734 struct agere_ext_scan_info *bss,
5735 unsigned long last_scanned)
5736{
5737 u16 capabilities;
5738 u16 channel;
5739 struct iw_event iwe; /* Temporary buffer */
5740 char custom[MAX_CUSTOM_LEN];
5741 u8 *ie;
5742
5743 memset(&iwe, 0, sizeof(iwe));
5744
5745 /* First entry *MUST* be the AP MAC address */
5746 iwe.cmd = SIOCGIWAP;
5747 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
5748 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
5749 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5750 &iwe, IW_EV_ADDR_LEN);
5751
5752 /* Other entries will be displayed in the order we give them */
5753
5754 /* Add the ESSID */
5755 ie = bss->data;
5756 iwe.u.data.length = ie[1];
5757 if (iwe.u.data.length) {
5758 if (iwe.u.data.length > 32)
5759 iwe.u.data.length = 32;
5760 iwe.cmd = SIOCGIWESSID;
5761 iwe.u.data.flags = 1;
5762 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5763 &iwe, &ie[2]);
5764 }
5765
5766 /* Add mode */
5767 capabilities = le16_to_cpu(bss->capabilities);
5768 if (capabilities & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
5769 iwe.cmd = SIOCGIWMODE;
5770 if (capabilities & WLAN_CAPABILITY_ESS)
5771 iwe.u.mode = IW_MODE_MASTER;
5772 else
5773 iwe.u.mode = IW_MODE_ADHOC;
5774 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5775 &iwe, IW_EV_UINT_LEN);
5776 }
5777
5778 ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_DS_PARAMS);
5779 channel = ie ? ie[2] : 0;
5780 if ((channel >= 1) && (channel <= NUM_CHANNELS)) {
5781 /* Add channel and frequency */
5782 iwe.cmd = SIOCGIWFREQ;
5783 iwe.u.freq.m = channel;
5784 iwe.u.freq.e = 0;
5785 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5786 &iwe, IW_EV_FREQ_LEN);
5787
5788 iwe.u.freq.m = ieee80211_dsss_chan_to_freq(channel) * 100000;
5789 iwe.u.freq.e = 1;
5790 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5791 &iwe, IW_EV_FREQ_LEN);
5792 }
5793
5794 /* Add quality statistics. level and noise in dB. No link quality */
5795 iwe.cmd = IWEVQUAL;
5796 iwe.u.qual.updated = IW_QUAL_DBM | IW_QUAL_QUAL_INVALID;
5797 iwe.u.qual.level = bss->level - 0x95;
5798 iwe.u.qual.noise = bss->noise - 0x95;
5799 /* Wireless tools prior to 27.pre22 will show link quality
5800 * anyway, so we provide a reasonable value. */
5801 if (iwe.u.qual.level > iwe.u.qual.noise)
5802 iwe.u.qual.qual = iwe.u.qual.level - iwe.u.qual.noise;
5803 else
5804 iwe.u.qual.qual = 0;
5805 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
5806 &iwe, IW_EV_QUAL_LEN);
5807
5808 /* Add encryption capability */
5809 iwe.cmd = SIOCGIWENCODE;
5810 if (capabilities & WLAN_CAPABILITY_PRIVACY)
5811 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
5812 else
5813 iwe.u.data.flags = IW_ENCODE_DISABLED;
5814 iwe.u.data.length = 0;
5815 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5816 &iwe, NULL);
5817
5818 /* WPA IE */
5819 ie = orinoco_get_wpa_ie(bss->data, sizeof(bss->data));
5820 if (ie) {
5821 iwe.cmd = IWEVGENIE;
5822 iwe.u.data.length = ie[1] + 2;
5823 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5824 &iwe, ie);
5825 }
5826
5827 /* RSN IE */
5828 ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_RSN);
5829 if (ie) {
5830 iwe.cmd = IWEVGENIE;
5831 iwe.u.data.length = ie[1] + 2;
5832 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5833 &iwe, ie);
5834 }
5835
5836 ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_SUPP_RATES);
5837 if (ie) {
5838 char *p = current_ev + iwe_stream_lcp_len(info);
5839 int i;
5840
5841 iwe.cmd = SIOCGIWRATE;
5842 /* Those two flags are ignored... */
5843 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
5844
5845 for (i = 2; i < (ie[1] + 2); i++) {
5846 iwe.u.bitrate.value = ((ie[i] & 0x7F) * 500000);
5847 p = iwe_stream_add_value(info, current_ev, p, end_buf,
5848 &iwe, IW_EV_PARAM_LEN);
5849 }
5850 /* Check if we added any event */
5851 if (p > (current_ev + iwe_stream_lcp_len(info)))
5852 current_ev = p;
5853 }
5854
5855 /* Timestamp */
5856 iwe.cmd = IWEVCUSTOM;
5857 iwe.u.data.length =
5858 snprintf(custom, MAX_CUSTOM_LEN, "tsf=%016llx",
5859 (unsigned long long) le64_to_cpu(bss->timestamp));
5860 if (iwe.u.data.length)
5861 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5862 &iwe, custom);
5863
5864 /* Beacon interval */
5865 iwe.cmd = IWEVCUSTOM;
5866 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5867 "bcn_int=%d",
5868 le16_to_cpu(bss->beacon_interval));
5869 if (iwe.u.data.length)
5870 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5871 &iwe, custom);
5872
5873 /* Capabilites */
5874 iwe.cmd = IWEVCUSTOM;
5875 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5876 "capab=0x%04x",
5877 capabilities);
5878 if (iwe.u.data.length)
5879 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5880 &iwe, custom);
5881
5882 /* Add EXTRA: Age to display seconds since last beacon/probe response
5883 * for given network. */
5884 iwe.cmd = IWEVCUSTOM;
5885 iwe.u.data.length = snprintf(custom, MAX_CUSTOM_LEN,
5886 " Last beacon: %dms ago",
5887 jiffies_to_msecs(jiffies - last_scanned));
5888 if (iwe.u.data.length)
5889 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
5890 &iwe, custom);
5891
5892 return current_ev;
5893}
5894
5895/* Return results of a scan */
5896static int orinoco_ioctl_getscan(struct net_device *dev,
5897 struct iw_request_info *info,
5898 struct iw_point *srq,
5899 char *extra)
5900{
5901 struct orinoco_private *priv = netdev_priv(dev);
5902 int err = 0;
5903 unsigned long flags;
5904 char *current_ev = extra;
5905
5906 if (orinoco_lock(priv, &flags) != 0)
5907 return -EBUSY;
5908
5909 if (priv->scan_inprogress) {
5910 /* Important note : we don't want to block the caller
5911 * until results are ready for various reasons.
5912 * First, managing wait queues is complex and racy.
5913 * Second, we grab some rtnetlink lock before comming
5914 * here (in dev_ioctl()).
5915 * Third, we generate an Wireless Event, so the
5916 * caller can wait itself on that - Jean II */
5917 err = -EAGAIN;
5918 goto out;
5919 }
5920
5921 if (priv->has_ext_scan) {
5922 struct xbss_element *bss;
5923
5924 list_for_each_entry(bss, &priv->bss_list, list) {
5925 /* Translate this entry to WE format */
5926 current_ev =
5927 orinoco_translate_ext_scan(dev, info,
5928 current_ev,
5929 extra + srq->length,
5930 &bss->bss,
5931 bss->last_scanned);
5932
5933 /* Check if there is space for one more entry */
5934 if ((extra + srq->length - current_ev)
5935 <= IW_EV_ADDR_LEN) {
5936 /* Ask user space to try again with a
5937 * bigger buffer */
5938 err = -E2BIG;
5939 goto out;
5940 }
5941 }
5942
5943 } else {
5944 struct bss_element *bss;
5945
5946 list_for_each_entry(bss, &priv->bss_list, list) {
5947 /* Translate this entry to WE format */
5948 current_ev = orinoco_translate_scan(dev, info,
5949 current_ev,
5950 extra + srq->length,
5951 &bss->bss,
5952 bss->last_scanned);
5953
5954 /* Check if there is space for one more entry */
5955 if ((extra + srq->length - current_ev)
5956 <= IW_EV_ADDR_LEN) {
5957 /* Ask user space to try again with a
5958 * bigger buffer */
5959 err = -E2BIG;
5960 goto out;
5961 }
5962 }
5963 }
5964
5965 srq->length = (current_ev - extra);
5966 srq->flags = (__u16) priv->scan_mode;
5967
5968out:
5969 orinoco_unlock(priv, &flags);
5970 return err;
5971}
5972
5973/* Commit handler, called after set operations */
5974static int orinoco_ioctl_commit(struct net_device *dev,
5975 struct iw_request_info *info,
5976 void *wrqu,
5977 char *extra)
5978{
5979 struct orinoco_private *priv = netdev_priv(dev);
5980 struct hermes *hw = &priv->hw;
5981 unsigned long flags;
5982 int err = 0;
5983
5984 if (!priv->open)
5985 return 0;
5986
5987 if (priv->broken_disableport) {
5988 orinoco_reset(&priv->reset_work);
5989 return 0;
5990 }
5991
5992 if (orinoco_lock(priv, &flags) != 0)
5993 return err;
5994
5995 err = hermes_disable_port(hw, 0);
5996 if (err) {
5997 printk(KERN_WARNING "%s: Unable to disable port "
5998 "while reconfiguring card\n", dev->name);
5999 priv->broken_disableport = 1;
6000 goto out;
6001 }
6002
6003 err = __orinoco_program_rids(dev);
6004 if (err) {
6005 printk(KERN_WARNING "%s: Unable to reconfigure card\n",
6006 dev->name);
6007 goto out;
6008 }
6009
6010 err = hermes_enable_port(hw, 0);
6011 if (err) {
6012 printk(KERN_WARNING "%s: Unable to enable port while reconfiguring card\n",
6013 dev->name);
6014 goto out;
6015 }
6016
6017 out:
6018 if (err) {
6019 printk(KERN_WARNING "%s: Resetting instead...\n", dev->name);
6020 schedule_work(&priv->reset_work);
6021 err = 0;
6022 }
6023
6024 orinoco_unlock(priv, &flags);
6025 return err;
6026}
6027
6028static const struct iw_priv_args orinoco_privtab[] = {
6029 { SIOCIWFIRSTPRIV + 0x0, 0, 0, "force_reset" },
6030 { SIOCIWFIRSTPRIV + 0x1, 0, 0, "card_reset" },
6031 { SIOCIWFIRSTPRIV + 0x2, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6032 0, "set_port3" },
6033 { SIOCIWFIRSTPRIV + 0x3, 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6034 "get_port3" },
6035 { SIOCIWFIRSTPRIV + 0x4, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6036 0, "set_preamble" },
6037 { SIOCIWFIRSTPRIV + 0x5, 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6038 "get_preamble" },
6039 { SIOCIWFIRSTPRIV + 0x6, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6040 0, "set_ibssport" },
6041 { SIOCIWFIRSTPRIV + 0x7, 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
6042 "get_ibssport" },
6043 { SIOCIWFIRSTPRIV + 0x9, 0, IW_PRIV_TYPE_BYTE | MAX_RID_LEN,
6044 "get_rid" },
6045};
6046
6047
6048/*
6049 * Structures to export the Wireless Handlers
6050 */
6051
6052#define STD_IW_HANDLER(id, func) \
6053 [IW_IOCTL_IDX(id)] = (iw_handler) func
6054static const iw_handler orinoco_handler[] = {
6055 STD_IW_HANDLER(SIOCSIWCOMMIT, orinoco_ioctl_commit),
6056 STD_IW_HANDLER(SIOCGIWNAME, orinoco_ioctl_getname),
6057 STD_IW_HANDLER(SIOCSIWFREQ, orinoco_ioctl_setfreq),
6058 STD_IW_HANDLER(SIOCGIWFREQ, orinoco_ioctl_getfreq),
6059 STD_IW_HANDLER(SIOCSIWMODE, orinoco_ioctl_setmode),
6060 STD_IW_HANDLER(SIOCGIWMODE, orinoco_ioctl_getmode),
6061 STD_IW_HANDLER(SIOCSIWSENS, orinoco_ioctl_setsens),
6062 STD_IW_HANDLER(SIOCGIWSENS, orinoco_ioctl_getsens),
6063 STD_IW_HANDLER(SIOCGIWRANGE, orinoco_ioctl_getiwrange),
6064 STD_IW_HANDLER(SIOCSIWSPY, iw_handler_set_spy),
6065 STD_IW_HANDLER(SIOCGIWSPY, iw_handler_get_spy),
6066 STD_IW_HANDLER(SIOCSIWTHRSPY, iw_handler_set_thrspy),
6067 STD_IW_HANDLER(SIOCGIWTHRSPY, iw_handler_get_thrspy),
6068 STD_IW_HANDLER(SIOCSIWAP, orinoco_ioctl_setwap),
6069 STD_IW_HANDLER(SIOCGIWAP, orinoco_ioctl_getwap),
6070 STD_IW_HANDLER(SIOCSIWSCAN, orinoco_ioctl_setscan),
6071 STD_IW_HANDLER(SIOCGIWSCAN, orinoco_ioctl_getscan),
6072 STD_IW_HANDLER(SIOCSIWESSID, orinoco_ioctl_setessid),
6073 STD_IW_HANDLER(SIOCGIWESSID, orinoco_ioctl_getessid),
6074 STD_IW_HANDLER(SIOCSIWNICKN, orinoco_ioctl_setnick),
6075 STD_IW_HANDLER(SIOCGIWNICKN, orinoco_ioctl_getnick),
6076 STD_IW_HANDLER(SIOCSIWRATE, orinoco_ioctl_setrate),
6077 STD_IW_HANDLER(SIOCGIWRATE, orinoco_ioctl_getrate),
6078 STD_IW_HANDLER(SIOCSIWRTS, orinoco_ioctl_setrts),
6079 STD_IW_HANDLER(SIOCGIWRTS, orinoco_ioctl_getrts),
6080 STD_IW_HANDLER(SIOCSIWFRAG, orinoco_ioctl_setfrag),
6081 STD_IW_HANDLER(SIOCGIWFRAG, orinoco_ioctl_getfrag),
6082 STD_IW_HANDLER(SIOCGIWRETRY, orinoco_ioctl_getretry),
6083 STD_IW_HANDLER(SIOCSIWENCODE, orinoco_ioctl_setiwencode),
6084 STD_IW_HANDLER(SIOCGIWENCODE, orinoco_ioctl_getiwencode),
6085 STD_IW_HANDLER(SIOCSIWPOWER, orinoco_ioctl_setpower),
6086 STD_IW_HANDLER(SIOCGIWPOWER, orinoco_ioctl_getpower),
6087 STD_IW_HANDLER(SIOCSIWGENIE, orinoco_ioctl_set_genie),
6088 STD_IW_HANDLER(SIOCGIWGENIE, orinoco_ioctl_get_genie),
6089 STD_IW_HANDLER(SIOCSIWMLME, orinoco_ioctl_set_mlme),
6090 STD_IW_HANDLER(SIOCSIWAUTH, orinoco_ioctl_set_auth),
6091 STD_IW_HANDLER(SIOCGIWAUTH, orinoco_ioctl_get_auth),
6092 STD_IW_HANDLER(SIOCSIWENCODEEXT, orinoco_ioctl_set_encodeext),
6093 STD_IW_HANDLER(SIOCGIWENCODEEXT, orinoco_ioctl_get_encodeext),
6094};
6095
6096
6097/*
6098 Added typecasting since we no longer use iwreq_data -- Moustafa
6099 */
6100static const iw_handler orinoco_private_handler[] = {
6101 [0] = (iw_handler) orinoco_ioctl_reset,
6102 [1] = (iw_handler) orinoco_ioctl_reset,
6103 [2] = (iw_handler) orinoco_ioctl_setport3,
6104 [3] = (iw_handler) orinoco_ioctl_getport3,
6105 [4] = (iw_handler) orinoco_ioctl_setpreamble,
6106 [5] = (iw_handler) orinoco_ioctl_getpreamble,
6107 [6] = (iw_handler) orinoco_ioctl_setibssport,
6108 [7] = (iw_handler) orinoco_ioctl_getibssport,
6109 [9] = (iw_handler) orinoco_ioctl_getrid,
6110};
6111
6112static const struct iw_handler_def orinoco_handler_def = {
6113 .num_standard = ARRAY_SIZE(orinoco_handler),
6114 .num_private = ARRAY_SIZE(orinoco_private_handler),
6115 .num_private_args = ARRAY_SIZE(orinoco_privtab),
6116 .standard = orinoco_handler,
6117 .private = orinoco_private_handler,
6118 .private_args = orinoco_privtab,
6119 .get_wireless_stats = orinoco_get_wireless_stats,
6120};
6121
6122static void orinoco_get_drvinfo(struct net_device *dev,
6123 struct ethtool_drvinfo *info)
6124{
6125 struct orinoco_private *priv = netdev_priv(dev);
6126
6127 strncpy(info->driver, DRIVER_NAME, sizeof(info->driver) - 1);
6128 strncpy(info->version, DRIVER_VERSION, sizeof(info->version) - 1);
6129 strncpy(info->fw_version, priv->fw_name, sizeof(info->fw_version) - 1);
6130 if (dev->dev.parent)
6131 strncpy(info->bus_info, dev_name(dev->dev.parent),
6132 sizeof(info->bus_info) - 1);
6133 else
6134 snprintf(info->bus_info, sizeof(info->bus_info) - 1,
6135 "PCMCIA %p", priv->hw.iobase);
6136}
6137
6138static const struct ethtool_ops orinoco_ethtool_ops = {
6139 .get_drvinfo = orinoco_get_drvinfo,
6140 .get_link = ethtool_op_get_link,
6141};
6142
6143/********************************************************************/
6144/* Module initialization */
6145/********************************************************************/
6146
6147/* Can't be declared "const" or the whole __initdata section will
6148 * become const */
6149static char version[] __initdata = DRIVER_NAME " " DRIVER_VERSION
6150 " (David Gibson <hermes@gibson.dropbear.id.au>, "
6151 "Pavel Roskin <proski@gnu.org>, et al)";
6152
6153static int __init init_orinoco(void)
6154{
6155 printk(KERN_DEBUG "%s\n", version);
6156 return 0;
6157}
6158
6159static void __exit exit_orinoco(void)
6160{
6161}
6162
6163module_init(init_orinoco);
6164module_exit(exit_orinoco);
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-19 09:49:15 -0500