1 /******************************************************************************
 
   3   Copyright(c) 2003 - 2006 Intel Corporation. All rights reserved.
 
   5   802.11 status code portion of this file from ethereal-0.10.6:
 
   6     Copyright 2000, Axis Communications AB
 
   7     Ethereal - Network traffic analyzer
 
   8     By Gerald Combs <gerald@ethereal.com>
 
   9     Copyright 1998 Gerald Combs
 
  11   This program is free software; you can redistribute it and/or modify it
 
  12   under the terms of version 2 of the GNU General Public License as
 
  13   published by the Free Software Foundation.
 
  15   This program is distributed in the hope that it will be useful, but WITHOUT
 
  16   ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 
  17   FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
 
  20   You should have received a copy of the GNU General Public License along with
 
  21   this program; if not, write to the Free Software Foundation, Inc., 59
 
  22   Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 
  24   The full GNU General Public License is included in this distribution in the
 
  28   James P. Ketrenos <ipw2100-admin@linux.intel.com>
 
  29   Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
 
  31 ******************************************************************************/
 
  34 #include <linux/version.h>
 
  43 #ifdef CONFIG_IPW2200_DEBUG
 
  49 #ifdef CONFIG_IPW2200_MONITOR
 
  55 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
  61 #ifdef CONFIG_IPW2200_RADIOTAP
 
  67 #ifdef CONFIG_IPW2200_QOS
 
  73 #define IPW2200_VERSION "1.2.2" VK VD VM VP VR VQ
 
  74 #define DRV_DESCRIPTION "Intel(R) PRO/Wireless 2200/2915 Network Driver"
 
  75 #define DRV_COPYRIGHT   "Copyright(c) 2003-2006 Intel Corporation"
 
  76 #define DRV_VERSION     IPW2200_VERSION
 
  78 #define ETH_P_80211_STATS (ETH_P_80211_RAW + 1)
 
  80 MODULE_DESCRIPTION(DRV_DESCRIPTION);
 
  81 MODULE_VERSION(DRV_VERSION);
 
  82 MODULE_AUTHOR(DRV_COPYRIGHT);
 
  83 MODULE_LICENSE("GPL");
 
  85 static int cmdlog = 0;
 
  87 static int channel = 0;
 
  90 static u32 ipw_debug_level;
 
  91 static int associate = 1;
 
  92 static int auto_create = 1;
 
  94 static int disable = 0;
 
  95 static int bt_coexist = 0;
 
  96 static int hwcrypto = 0;
 
  97 static int roaming = 1;
 
  98 static const char ipw_modes[] = {
 
 101 static int antenna = CFG_SYS_ANTENNA_BOTH;
 
 103 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
 104 static int rtap_iface = 0;     /* def: 0 -- do not create rtap interface */
 
 108 #ifdef CONFIG_IPW2200_QOS
 
 109 static int qos_enable = 0;
 
 110 static int qos_burst_enable = 0;
 
 111 static int qos_no_ack_mask = 0;
 
 112 static int burst_duration_CCK = 0;
 
 113 static int burst_duration_OFDM = 0;
 
 115 static struct ieee80211_qos_parameters def_qos_parameters_OFDM = {
 
 116         {QOS_TX0_CW_MIN_OFDM, QOS_TX1_CW_MIN_OFDM, QOS_TX2_CW_MIN_OFDM,
 
 117          QOS_TX3_CW_MIN_OFDM},
 
 118         {QOS_TX0_CW_MAX_OFDM, QOS_TX1_CW_MAX_OFDM, QOS_TX2_CW_MAX_OFDM,
 
 119          QOS_TX3_CW_MAX_OFDM},
 
 120         {QOS_TX0_AIFS, QOS_TX1_AIFS, QOS_TX2_AIFS, QOS_TX3_AIFS},
 
 121         {QOS_TX0_ACM, QOS_TX1_ACM, QOS_TX2_ACM, QOS_TX3_ACM},
 
 122         {QOS_TX0_TXOP_LIMIT_OFDM, QOS_TX1_TXOP_LIMIT_OFDM,
 
 123          QOS_TX2_TXOP_LIMIT_OFDM, QOS_TX3_TXOP_LIMIT_OFDM}
 
 126 static struct ieee80211_qos_parameters def_qos_parameters_CCK = {
 
 127         {QOS_TX0_CW_MIN_CCK, QOS_TX1_CW_MIN_CCK, QOS_TX2_CW_MIN_CCK,
 
 129         {QOS_TX0_CW_MAX_CCK, QOS_TX1_CW_MAX_CCK, QOS_TX2_CW_MAX_CCK,
 
 131         {QOS_TX0_AIFS, QOS_TX1_AIFS, QOS_TX2_AIFS, QOS_TX3_AIFS},
 
 132         {QOS_TX0_ACM, QOS_TX1_ACM, QOS_TX2_ACM, QOS_TX3_ACM},
 
 133         {QOS_TX0_TXOP_LIMIT_CCK, QOS_TX1_TXOP_LIMIT_CCK, QOS_TX2_TXOP_LIMIT_CCK,
 
 134          QOS_TX3_TXOP_LIMIT_CCK}
 
 137 static struct ieee80211_qos_parameters def_parameters_OFDM = {
 
 138         {DEF_TX0_CW_MIN_OFDM, DEF_TX1_CW_MIN_OFDM, DEF_TX2_CW_MIN_OFDM,
 
 139          DEF_TX3_CW_MIN_OFDM},
 
 140         {DEF_TX0_CW_MAX_OFDM, DEF_TX1_CW_MAX_OFDM, DEF_TX2_CW_MAX_OFDM,
 
 141          DEF_TX3_CW_MAX_OFDM},
 
 142         {DEF_TX0_AIFS, DEF_TX1_AIFS, DEF_TX2_AIFS, DEF_TX3_AIFS},
 
 143         {DEF_TX0_ACM, DEF_TX1_ACM, DEF_TX2_ACM, DEF_TX3_ACM},
 
 144         {DEF_TX0_TXOP_LIMIT_OFDM, DEF_TX1_TXOP_LIMIT_OFDM,
 
 145          DEF_TX2_TXOP_LIMIT_OFDM, DEF_TX3_TXOP_LIMIT_OFDM}
 
 148 static struct ieee80211_qos_parameters def_parameters_CCK = {
 
 149         {DEF_TX0_CW_MIN_CCK, DEF_TX1_CW_MIN_CCK, DEF_TX2_CW_MIN_CCK,
 
 151         {DEF_TX0_CW_MAX_CCK, DEF_TX1_CW_MAX_CCK, DEF_TX2_CW_MAX_CCK,
 
 153         {DEF_TX0_AIFS, DEF_TX1_AIFS, DEF_TX2_AIFS, DEF_TX3_AIFS},
 
 154         {DEF_TX0_ACM, DEF_TX1_ACM, DEF_TX2_ACM, DEF_TX3_ACM},
 
 155         {DEF_TX0_TXOP_LIMIT_CCK, DEF_TX1_TXOP_LIMIT_CCK, DEF_TX2_TXOP_LIMIT_CCK,
 
 156          DEF_TX3_TXOP_LIMIT_CCK}
 
 159 static u8 qos_oui[QOS_OUI_LEN] = { 0x00, 0x50, 0xF2 };
 
 161 static int from_priority_to_tx_queue[] = {
 
 162         IPW_TX_QUEUE_1, IPW_TX_QUEUE_2, IPW_TX_QUEUE_2, IPW_TX_QUEUE_1,
 
 163         IPW_TX_QUEUE_3, IPW_TX_QUEUE_3, IPW_TX_QUEUE_4, IPW_TX_QUEUE_4
 
 166 static u32 ipw_qos_get_burst_duration(struct ipw_priv *priv);
 
 168 static int ipw_send_qos_params_command(struct ipw_priv *priv, struct ieee80211_qos_parameters
 
 170 static int ipw_send_qos_info_command(struct ipw_priv *priv, struct ieee80211_qos_information_element
 
 172 #endif                          /* CONFIG_IPW2200_QOS */
 
 174 static struct iw_statistics *ipw_get_wireless_stats(struct net_device *dev);
 
 175 static void ipw_remove_current_network(struct ipw_priv *priv);
 
 176 static void ipw_rx(struct ipw_priv *priv);
 
 177 static int ipw_queue_tx_reclaim(struct ipw_priv *priv,
 
 178                                 struct clx2_tx_queue *txq, int qindex);
 
 179 static int ipw_queue_reset(struct ipw_priv *priv);
 
 181 static int ipw_queue_tx_hcmd(struct ipw_priv *priv, int hcmd, void *buf,
 
 184 static void ipw_tx_queue_free(struct ipw_priv *);
 
 186 static struct ipw_rx_queue *ipw_rx_queue_alloc(struct ipw_priv *);
 
 187 static void ipw_rx_queue_free(struct ipw_priv *, struct ipw_rx_queue *);
 
 188 static void ipw_rx_queue_replenish(void *);
 
 189 static int ipw_up(struct ipw_priv *);
 
 190 static void ipw_bg_up(struct work_struct *work);
 
 191 static void ipw_down(struct ipw_priv *);
 
 192 static void ipw_bg_down(struct work_struct *work);
 
 193 static int ipw_config(struct ipw_priv *);
 
 194 static int init_supported_rates(struct ipw_priv *priv,
 
 195                                 struct ipw_supported_rates *prates);
 
 196 static void ipw_set_hwcrypto_keys(struct ipw_priv *);
 
 197 static void ipw_send_wep_keys(struct ipw_priv *, int);
 
 199 static int snprint_line(char *buf, size_t count,
 
 200                         const u8 * data, u32 len, u32 ofs)
 
 205         out = snprintf(buf, count, "%08X", ofs);
 
 207         for (l = 0, i = 0; i < 2; i++) {
 
 208                 out += snprintf(buf + out, count - out, " ");
 
 209                 for (j = 0; j < 8 && l < len; j++, l++)
 
 210                         out += snprintf(buf + out, count - out, "%02X ",
 
 213                         out += snprintf(buf + out, count - out, "   ");
 
 216         out += snprintf(buf + out, count - out, " ");
 
 217         for (l = 0, i = 0; i < 2; i++) {
 
 218                 out += snprintf(buf + out, count - out, " ");
 
 219                 for (j = 0; j < 8 && l < len; j++, l++) {
 
 220                         c = data[(i * 8 + j)];
 
 221                         if (!isascii(c) || !isprint(c))
 
 224                         out += snprintf(buf + out, count - out, "%c", c);
 
 228                         out += snprintf(buf + out, count - out, " ");
 
 234 static void printk_buf(int level, const u8 * data, u32 len)
 
 238         if (!(ipw_debug_level & level))
 
 242                 snprint_line(line, sizeof(line), &data[ofs],
 
 244                 printk(KERN_DEBUG "%s\n", line);
 
 246                 len -= min(len, 16U);
 
 250 static int snprintk_buf(u8 * output, size_t size, const u8 * data, size_t len)
 
 256         while (size && len) {
 
 257                 out = snprint_line(output, size, &data[ofs],
 
 258                                    min_t(size_t, len, 16U), ofs);
 
 263                 len -= min_t(size_t, len, 16U);
 
 269 /* alias for 32-bit indirect read (for SRAM/reg above 4K), with debug wrapper */
 
 270 static u32 _ipw_read_reg32(struct ipw_priv *priv, u32 reg);
 
 271 #define ipw_read_reg32(a, b) _ipw_read_reg32(a, b)
 
 273 /* alias for 8-bit indirect read (for SRAM/reg above 4K), with debug wrapper */
 
 274 static u8 _ipw_read_reg8(struct ipw_priv *ipw, u32 reg);
 
 275 #define ipw_read_reg8(a, b) _ipw_read_reg8(a, b)
 
 277 /* 8-bit indirect write (for SRAM/reg above 4K), with debug wrapper */
 
 278 static void _ipw_write_reg8(struct ipw_priv *priv, u32 reg, u8 value);
 
 279 static inline void ipw_write_reg8(struct ipw_priv *a, u32 b, u8 c)
 
 281         IPW_DEBUG_IO("%s %d: write_indirect8(0x%08X, 0x%08X)\n", __FILE__,
 
 282                      __LINE__, (u32) (b), (u32) (c));
 
 283         _ipw_write_reg8(a, b, c);
 
 286 /* 16-bit indirect write (for SRAM/reg above 4K), with debug wrapper */
 
 287 static void _ipw_write_reg16(struct ipw_priv *priv, u32 reg, u16 value);
 
 288 static inline void ipw_write_reg16(struct ipw_priv *a, u32 b, u16 c)
 
 290         IPW_DEBUG_IO("%s %d: write_indirect16(0x%08X, 0x%08X)\n", __FILE__,
 
 291                      __LINE__, (u32) (b), (u32) (c));
 
 292         _ipw_write_reg16(a, b, c);
 
 295 /* 32-bit indirect write (for SRAM/reg above 4K), with debug wrapper */
 
 296 static void _ipw_write_reg32(struct ipw_priv *priv, u32 reg, u32 value);
 
 297 static inline void ipw_write_reg32(struct ipw_priv *a, u32 b, u32 c)
 
 299         IPW_DEBUG_IO("%s %d: write_indirect32(0x%08X, 0x%08X)\n", __FILE__,
 
 300                      __LINE__, (u32) (b), (u32) (c));
 
 301         _ipw_write_reg32(a, b, c);
 
 304 /* 8-bit direct write (low 4K) */
 
 305 #define _ipw_write8(ipw, ofs, val) writeb((val), (ipw)->hw_base + (ofs))
 
 307 /* 8-bit direct write (for low 4K of SRAM/regs), with debug wrapper */
 
 308 #define ipw_write8(ipw, ofs, val) \
 
 309  IPW_DEBUG_IO("%s %d: write_direct8(0x%08X, 0x%08X)\n", __FILE__, __LINE__, (u32)(ofs), (u32)(val)); \
 
 310  _ipw_write8(ipw, ofs, val)
 
 312 /* 16-bit direct write (low 4K) */
 
 313 #define _ipw_write16(ipw, ofs, val) writew((val), (ipw)->hw_base + (ofs))
 
 315 /* 16-bit direct write (for low 4K of SRAM/regs), with debug wrapper */
 
 316 #define ipw_write16(ipw, ofs, val) \
 
 317  IPW_DEBUG_IO("%s %d: write_direct16(0x%08X, 0x%08X)\n", __FILE__, __LINE__, (u32)(ofs), (u32)(val)); \
 
 318  _ipw_write16(ipw, ofs, val)
 
 320 /* 32-bit direct write (low 4K) */
 
 321 #define _ipw_write32(ipw, ofs, val) writel((val), (ipw)->hw_base + (ofs))
 
 323 /* 32-bit direct write (for low 4K of SRAM/regs), with debug wrapper */
 
 324 #define ipw_write32(ipw, ofs, val) \
 
 325  IPW_DEBUG_IO("%s %d: write_direct32(0x%08X, 0x%08X)\n", __FILE__, __LINE__, (u32)(ofs), (u32)(val)); \
 
 326  _ipw_write32(ipw, ofs, val)
 
 328 /* 8-bit direct read (low 4K) */
 
 329 #define _ipw_read8(ipw, ofs) readb((ipw)->hw_base + (ofs))
 
 331 /* 8-bit direct read (low 4K), with debug wrapper */
 
 332 static inline u8 __ipw_read8(char *f, u32 l, struct ipw_priv *ipw, u32 ofs)
 
 334         IPW_DEBUG_IO("%s %d: read_direct8(0x%08X)\n", f, l, (u32) (ofs));
 
 335         return _ipw_read8(ipw, ofs);
 
 338 /* alias to 8-bit direct read (low 4K of SRAM/regs), with debug wrapper */
 
 339 #define ipw_read8(ipw, ofs) __ipw_read8(__FILE__, __LINE__, ipw, ofs)
 
 341 /* 16-bit direct read (low 4K) */
 
 342 #define _ipw_read16(ipw, ofs) readw((ipw)->hw_base + (ofs))
 
 344 /* 16-bit direct read (low 4K), with debug wrapper */
 
 345 static inline u16 __ipw_read16(char *f, u32 l, struct ipw_priv *ipw, u32 ofs)
 
 347         IPW_DEBUG_IO("%s %d: read_direct16(0x%08X)\n", f, l, (u32) (ofs));
 
 348         return _ipw_read16(ipw, ofs);
 
 351 /* alias to 16-bit direct read (low 4K of SRAM/regs), with debug wrapper */
 
 352 #define ipw_read16(ipw, ofs) __ipw_read16(__FILE__, __LINE__, ipw, ofs)
 
 354 /* 32-bit direct read (low 4K) */
 
 355 #define _ipw_read32(ipw, ofs) readl((ipw)->hw_base + (ofs))
 
 357 /* 32-bit direct read (low 4K), with debug wrapper */
 
 358 static inline u32 __ipw_read32(char *f, u32 l, struct ipw_priv *ipw, u32 ofs)
 
 360         IPW_DEBUG_IO("%s %d: read_direct32(0x%08X)\n", f, l, (u32) (ofs));
 
 361         return _ipw_read32(ipw, ofs);
 
 364 /* alias to 32-bit direct read (low 4K of SRAM/regs), with debug wrapper */
 
 365 #define ipw_read32(ipw, ofs) __ipw_read32(__FILE__, __LINE__, ipw, ofs)
 
 367 /* multi-byte read (above 4K), with debug wrapper */
 
 368 static void _ipw_read_indirect(struct ipw_priv *, u32, u8 *, int);
 
 369 static inline void __ipw_read_indirect(const char *f, int l,
 
 370                                        struct ipw_priv *a, u32 b, u8 * c, int d)
 
 372         IPW_DEBUG_IO("%s %d: read_indirect(0x%08X) %d bytes\n", f, l, (u32) (b),
 
 374         _ipw_read_indirect(a, b, c, d);
 
 377 /* alias to multi-byte read (SRAM/regs above 4K), with debug wrapper */
 
 378 #define ipw_read_indirect(a, b, c, d) __ipw_read_indirect(__FILE__, __LINE__, a, b, c, d)
 
 380 /* alias to multi-byte read (SRAM/regs above 4K), with debug wrapper */
 
 381 static void _ipw_write_indirect(struct ipw_priv *priv, u32 addr, u8 * data,
 
 383 #define ipw_write_indirect(a, b, c, d) \
 
 384         IPW_DEBUG_IO("%s %d: write_indirect(0x%08X) %d bytes\n", __FILE__, __LINE__, (u32)(b), d); \
 
 385         _ipw_write_indirect(a, b, c, d)
 
 387 /* 32-bit indirect write (above 4K) */
 
 388 static void _ipw_write_reg32(struct ipw_priv *priv, u32 reg, u32 value)
 
 390         IPW_DEBUG_IO(" %p : reg = 0x%8X : value = 0x%8X\n", priv, reg, value);
 
 391         _ipw_write32(priv, IPW_INDIRECT_ADDR, reg);
 
 392         _ipw_write32(priv, IPW_INDIRECT_DATA, value);
 
 395 /* 8-bit indirect write (above 4K) */
 
 396 static void _ipw_write_reg8(struct ipw_priv *priv, u32 reg, u8 value)
 
 398         u32 aligned_addr = reg & IPW_INDIRECT_ADDR_MASK;        /* dword align */
 
 399         u32 dif_len = reg - aligned_addr;
 
 401         IPW_DEBUG_IO(" reg = 0x%8X : value = 0x%8X\n", reg, value);
 
 402         _ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
 
 403         _ipw_write8(priv, IPW_INDIRECT_DATA + dif_len, value);
 
 406 /* 16-bit indirect write (above 4K) */
 
 407 static void _ipw_write_reg16(struct ipw_priv *priv, u32 reg, u16 value)
 
 409         u32 aligned_addr = reg & IPW_INDIRECT_ADDR_MASK;        /* dword align */
 
 410         u32 dif_len = (reg - aligned_addr) & (~0x1ul);
 
 412         IPW_DEBUG_IO(" reg = 0x%8X : value = 0x%8X\n", reg, value);
 
 413         _ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
 
 414         _ipw_write16(priv, IPW_INDIRECT_DATA + dif_len, value);
 
 417 /* 8-bit indirect read (above 4K) */
 
 418 static u8 _ipw_read_reg8(struct ipw_priv *priv, u32 reg)
 
 421         _ipw_write32(priv, IPW_INDIRECT_ADDR, reg & IPW_INDIRECT_ADDR_MASK);
 
 422         IPW_DEBUG_IO(" reg = 0x%8X : \n", reg);
 
 423         word = _ipw_read32(priv, IPW_INDIRECT_DATA);
 
 424         return (word >> ((reg & 0x3) * 8)) & 0xff;
 
 427 /* 32-bit indirect read (above 4K) */
 
 428 static u32 _ipw_read_reg32(struct ipw_priv *priv, u32 reg)
 
 432         IPW_DEBUG_IO("%p : reg = 0x%08x\n", priv, reg);
 
 434         _ipw_write32(priv, IPW_INDIRECT_ADDR, reg);
 
 435         value = _ipw_read32(priv, IPW_INDIRECT_DATA);
 
 436         IPW_DEBUG_IO(" reg = 0x%4X : value = 0x%4x \n", reg, value);
 
 440 /* General purpose, no alignment requirement, iterative (multi-byte) read, */
 
 441 /*    for area above 1st 4K of SRAM/reg space */
 
 442 static void _ipw_read_indirect(struct ipw_priv *priv, u32 addr, u8 * buf,
 
 445         u32 aligned_addr = addr & IPW_INDIRECT_ADDR_MASK;       /* dword align */
 
 446         u32 dif_len = addr - aligned_addr;
 
 449         IPW_DEBUG_IO("addr = %i, buf = %p, num = %i\n", addr, buf, num);
 
 455         /* Read the first dword (or portion) byte by byte */
 
 456         if (unlikely(dif_len)) {
 
 457                 _ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
 
 458                 /* Start reading at aligned_addr + dif_len */
 
 459                 for (i = dif_len; ((i < 4) && (num > 0)); i++, num--)
 
 460                         *buf++ = _ipw_read8(priv, IPW_INDIRECT_DATA + i);
 
 464         /* Read all of the middle dwords as dwords, with auto-increment */
 
 465         _ipw_write32(priv, IPW_AUTOINC_ADDR, aligned_addr);
 
 466         for (; num >= 4; buf += 4, aligned_addr += 4, num -= 4)
 
 467                 *(u32 *) buf = _ipw_read32(priv, IPW_AUTOINC_DATA);
 
 469         /* Read the last dword (or portion) byte by byte */
 
 471                 _ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
 
 472                 for (i = 0; num > 0; i++, num--)
 
 473                         *buf++ = ipw_read8(priv, IPW_INDIRECT_DATA + i);
 
 477 /* General purpose, no alignment requirement, iterative (multi-byte) write, */
 
 478 /*    for area above 1st 4K of SRAM/reg space */
 
 479 static void _ipw_write_indirect(struct ipw_priv *priv, u32 addr, u8 * buf,
 
 482         u32 aligned_addr = addr & IPW_INDIRECT_ADDR_MASK;       /* dword align */
 
 483         u32 dif_len = addr - aligned_addr;
 
 486         IPW_DEBUG_IO("addr = %i, buf = %p, num = %i\n", addr, buf, num);
 
 492         /* Write the first dword (or portion) byte by byte */
 
 493         if (unlikely(dif_len)) {
 
 494                 _ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
 
 495                 /* Start writing at aligned_addr + dif_len */
 
 496                 for (i = dif_len; ((i < 4) && (num > 0)); i++, num--, buf++)
 
 497                         _ipw_write8(priv, IPW_INDIRECT_DATA + i, *buf);
 
 501         /* Write all of the middle dwords as dwords, with auto-increment */
 
 502         _ipw_write32(priv, IPW_AUTOINC_ADDR, aligned_addr);
 
 503         for (; num >= 4; buf += 4, aligned_addr += 4, num -= 4)
 
 504                 _ipw_write32(priv, IPW_AUTOINC_DATA, *(u32 *) buf);
 
 506         /* Write the last dword (or portion) byte by byte */
 
 508                 _ipw_write32(priv, IPW_INDIRECT_ADDR, aligned_addr);
 
 509                 for (i = 0; num > 0; i++, num--, buf++)
 
 510                         _ipw_write8(priv, IPW_INDIRECT_DATA + i, *buf);
 
 514 /* General purpose, no alignment requirement, iterative (multi-byte) write, */
 
 515 /*    for 1st 4K of SRAM/regs space */
 
 516 static void ipw_write_direct(struct ipw_priv *priv, u32 addr, void *buf,
 
 519         memcpy_toio((priv->hw_base + addr), buf, num);
 
 522 /* Set bit(s) in low 4K of SRAM/regs */
 
 523 static inline void ipw_set_bit(struct ipw_priv *priv, u32 reg, u32 mask)
 
 525         ipw_write32(priv, reg, ipw_read32(priv, reg) | mask);
 
 528 /* Clear bit(s) in low 4K of SRAM/regs */
 
 529 static inline void ipw_clear_bit(struct ipw_priv *priv, u32 reg, u32 mask)
 
 531         ipw_write32(priv, reg, ipw_read32(priv, reg) & ~mask);
 
 534 static inline void __ipw_enable_interrupts(struct ipw_priv *priv)
 
 536         if (priv->status & STATUS_INT_ENABLED)
 
 538         priv->status |= STATUS_INT_ENABLED;
 
 539         ipw_write32(priv, IPW_INTA_MASK_R, IPW_INTA_MASK_ALL);
 
 542 static inline void __ipw_disable_interrupts(struct ipw_priv *priv)
 
 544         if (!(priv->status & STATUS_INT_ENABLED))
 
 546         priv->status &= ~STATUS_INT_ENABLED;
 
 547         ipw_write32(priv, IPW_INTA_MASK_R, ~IPW_INTA_MASK_ALL);
 
 550 static inline void ipw_enable_interrupts(struct ipw_priv *priv)
 
 554         spin_lock_irqsave(&priv->irq_lock, flags);
 
 555         __ipw_enable_interrupts(priv);
 
 556         spin_unlock_irqrestore(&priv->irq_lock, flags);
 
 559 static inline void ipw_disable_interrupts(struct ipw_priv *priv)
 
 563         spin_lock_irqsave(&priv->irq_lock, flags);
 
 564         __ipw_disable_interrupts(priv);
 
 565         spin_unlock_irqrestore(&priv->irq_lock, flags);
 
 568 static char *ipw_error_desc(u32 val)
 
 571         case IPW_FW_ERROR_OK:
 
 573         case IPW_FW_ERROR_FAIL:
 
 575         case IPW_FW_ERROR_MEMORY_UNDERFLOW:
 
 576                 return "MEMORY_UNDERFLOW";
 
 577         case IPW_FW_ERROR_MEMORY_OVERFLOW:
 
 578                 return "MEMORY_OVERFLOW";
 
 579         case IPW_FW_ERROR_BAD_PARAM:
 
 581         case IPW_FW_ERROR_BAD_CHECKSUM:
 
 582                 return "BAD_CHECKSUM";
 
 583         case IPW_FW_ERROR_NMI_INTERRUPT:
 
 584                 return "NMI_INTERRUPT";
 
 585         case IPW_FW_ERROR_BAD_DATABASE:
 
 586                 return "BAD_DATABASE";
 
 587         case IPW_FW_ERROR_ALLOC_FAIL:
 
 589         case IPW_FW_ERROR_DMA_UNDERRUN:
 
 590                 return "DMA_UNDERRUN";
 
 591         case IPW_FW_ERROR_DMA_STATUS:
 
 593         case IPW_FW_ERROR_DINO_ERROR:
 
 595         case IPW_FW_ERROR_EEPROM_ERROR:
 
 596                 return "EEPROM_ERROR";
 
 597         case IPW_FW_ERROR_SYSASSERT:
 
 599         case IPW_FW_ERROR_FATAL_ERROR:
 
 600                 return "FATAL_ERROR";
 
 602                 return "UNKNOWN_ERROR";
 
 606 static void ipw_dump_error_log(struct ipw_priv *priv,
 
 607                                struct ipw_fw_error *error)
 
 612                 IPW_ERROR("Error allocating and capturing error log.  "
 
 613                           "Nothing to dump.\n");
 
 617         IPW_ERROR("Start IPW Error Log Dump:\n");
 
 618         IPW_ERROR("Status: 0x%08X, Config: %08X\n",
 
 619                   error->status, error->config);
 
 621         for (i = 0; i < error->elem_len; i++)
 
 622                 IPW_ERROR("%s %i 0x%08x  0x%08x  0x%08x  0x%08x  0x%08x\n",
 
 623                           ipw_error_desc(error->elem[i].desc),
 
 625                           error->elem[i].blink1,
 
 626                           error->elem[i].blink2,
 
 627                           error->elem[i].link1,
 
 628                           error->elem[i].link2, error->elem[i].data);
 
 629         for (i = 0; i < error->log_len; i++)
 
 630                 IPW_ERROR("%i\t0x%08x\t%i\n",
 
 632                           error->log[i].data, error->log[i].event);
 
 635 static inline int ipw_is_init(struct ipw_priv *priv)
 
 637         return (priv->status & STATUS_INIT) ? 1 : 0;
 
 640 static int ipw_get_ordinal(struct ipw_priv *priv, u32 ord, void *val, u32 * len)
 
 642         u32 addr, field_info, field_len, field_count, total_len;
 
 644         IPW_DEBUG_ORD("ordinal = %i\n", ord);
 
 646         if (!priv || !val || !len) {
 
 647                 IPW_DEBUG_ORD("Invalid argument\n");
 
 651         /* verify device ordinal tables have been initialized */
 
 652         if (!priv->table0_addr || !priv->table1_addr || !priv->table2_addr) {
 
 653                 IPW_DEBUG_ORD("Access ordinals before initialization\n");
 
 657         switch (IPW_ORD_TABLE_ID_MASK & ord) {
 
 658         case IPW_ORD_TABLE_0_MASK:
 
 660                  * TABLE 0: Direct access to a table of 32 bit values
 
 662                  * This is a very simple table with the data directly
 
 663                  * read from the table
 
 666                 /* remove the table id from the ordinal */
 
 667                 ord &= IPW_ORD_TABLE_VALUE_MASK;
 
 670                 if (ord > priv->table0_len) {
 
 671                         IPW_DEBUG_ORD("ordinal value (%i) longer then "
 
 672                                       "max (%i)\n", ord, priv->table0_len);
 
 676                 /* verify we have enough room to store the value */
 
 677                 if (*len < sizeof(u32)) {
 
 678                         IPW_DEBUG_ORD("ordinal buffer length too small, "
 
 679                                       "need %zd\n", sizeof(u32));
 
 683                 IPW_DEBUG_ORD("Reading TABLE0[%i] from offset 0x%08x\n",
 
 684                               ord, priv->table0_addr + (ord << 2));
 
 688                 *((u32 *) val) = ipw_read32(priv, priv->table0_addr + ord);
 
 691         case IPW_ORD_TABLE_1_MASK:
 
 693                  * TABLE 1: Indirect access to a table of 32 bit values
 
 695                  * This is a fairly large table of u32 values each
 
 696                  * representing starting addr for the data (which is
 
 700                 /* remove the table id from the ordinal */
 
 701                 ord &= IPW_ORD_TABLE_VALUE_MASK;
 
 704                 if (ord > priv->table1_len) {
 
 705                         IPW_DEBUG_ORD("ordinal value too long\n");
 
 709                 /* verify we have enough room to store the value */
 
 710                 if (*len < sizeof(u32)) {
 
 711                         IPW_DEBUG_ORD("ordinal buffer length too small, "
 
 712                                       "need %zd\n", sizeof(u32));
 
 717                     ipw_read_reg32(priv, (priv->table1_addr + (ord << 2)));
 
 721         case IPW_ORD_TABLE_2_MASK:
 
 723                  * TABLE 2: Indirect access to a table of variable sized values
 
 725                  * This table consist of six values, each containing
 
 726                  *     - dword containing the starting offset of the data
 
 727                  *     - dword containing the lengh in the first 16bits
 
 728                  *       and the count in the second 16bits
 
 731                 /* remove the table id from the ordinal */
 
 732                 ord &= IPW_ORD_TABLE_VALUE_MASK;
 
 735                 if (ord > priv->table2_len) {
 
 736                         IPW_DEBUG_ORD("ordinal value too long\n");
 
 740                 /* get the address of statistic */
 
 741                 addr = ipw_read_reg32(priv, priv->table2_addr + (ord << 3));
 
 743                 /* get the second DW of statistics ;
 
 744                  * two 16-bit words - first is length, second is count */
 
 747                                    priv->table2_addr + (ord << 3) +
 
 750                 /* get each entry length */
 
 751                 field_len = *((u16 *) & field_info);
 
 753                 /* get number of entries */
 
 754                 field_count = *(((u16 *) & field_info) + 1);
 
 756                 /* abort if not enought memory */
 
 757                 total_len = field_len * field_count;
 
 758                 if (total_len > *len) {
 
 767                 IPW_DEBUG_ORD("addr = 0x%08x, total_len = %i, "
 
 768                               "field_info = 0x%08x\n",
 
 769                               addr, total_len, field_info);
 
 770                 ipw_read_indirect(priv, addr, val, total_len);
 
 774                 IPW_DEBUG_ORD("Invalid ordinal!\n");
 
 782 static void ipw_init_ordinals(struct ipw_priv *priv)
 
 784         priv->table0_addr = IPW_ORDINALS_TABLE_LOWER;
 
 785         priv->table0_len = ipw_read32(priv, priv->table0_addr);
 
 787         IPW_DEBUG_ORD("table 0 offset at 0x%08x, len = %i\n",
 
 788                       priv->table0_addr, priv->table0_len);
 
 790         priv->table1_addr = ipw_read32(priv, IPW_ORDINALS_TABLE_1);
 
 791         priv->table1_len = ipw_read_reg32(priv, priv->table1_addr);
 
 793         IPW_DEBUG_ORD("table 1 offset at 0x%08x, len = %i\n",
 
 794                       priv->table1_addr, priv->table1_len);
 
 796         priv->table2_addr = ipw_read32(priv, IPW_ORDINALS_TABLE_2);
 
 797         priv->table2_len = ipw_read_reg32(priv, priv->table2_addr);
 
 798         priv->table2_len &= 0x0000ffff; /* use first two bytes */
 
 800         IPW_DEBUG_ORD("table 2 offset at 0x%08x, len = %i\n",
 
 801                       priv->table2_addr, priv->table2_len);
 
 805 static u32 ipw_register_toggle(u32 reg)
 
 807         reg &= ~IPW_START_STANDBY;
 
 808         if (reg & IPW_GATE_ODMA)
 
 809                 reg &= ~IPW_GATE_ODMA;
 
 810         if (reg & IPW_GATE_IDMA)
 
 811                 reg &= ~IPW_GATE_IDMA;
 
 812         if (reg & IPW_GATE_ADMA)
 
 813                 reg &= ~IPW_GATE_ADMA;
 
 819  * - On radio ON, turn on any LEDs that require to be on during start
 
 820  * - On initialization, start unassociated blink
 
 821  * - On association, disable unassociated blink
 
 822  * - On disassociation, start unassociated blink
 
 823  * - On radio OFF, turn off any LEDs started during radio on
 
 826 #define LD_TIME_LINK_ON msecs_to_jiffies(300)
 
 827 #define LD_TIME_LINK_OFF msecs_to_jiffies(2700)
 
 828 #define LD_TIME_ACT_ON msecs_to_jiffies(250)
 
 830 static void ipw_led_link_on(struct ipw_priv *priv)
 
 835         /* If configured to not use LEDs, or nic_type is 1,
 
 836          * then we don't toggle a LINK led */
 
 837         if (priv->config & CFG_NO_LED || priv->nic_type == EEPROM_NIC_TYPE_1)
 
 840         spin_lock_irqsave(&priv->lock, flags);
 
 842         if (!(priv->status & STATUS_RF_KILL_MASK) &&
 
 843             !(priv->status & STATUS_LED_LINK_ON)) {
 
 844                 IPW_DEBUG_LED("Link LED On\n");
 
 845                 led = ipw_read_reg32(priv, IPW_EVENT_REG);
 
 846                 led |= priv->led_association_on;
 
 848                 led = ipw_register_toggle(led);
 
 850                 IPW_DEBUG_LED("Reg: 0x%08X\n", led);
 
 851                 ipw_write_reg32(priv, IPW_EVENT_REG, led);
 
 853                 priv->status |= STATUS_LED_LINK_ON;
 
 855                 /* If we aren't associated, schedule turning the LED off */
 
 856                 if (!(priv->status & STATUS_ASSOCIATED))
 
 857                         queue_delayed_work(priv->workqueue,
 
 862         spin_unlock_irqrestore(&priv->lock, flags);
 
 865 static void ipw_bg_led_link_on(struct work_struct *work)
 
 867         struct ipw_priv *priv =
 
 868                 container_of(work, struct ipw_priv, led_link_on.work);
 
 869         mutex_lock(&priv->mutex);
 
 870         ipw_led_link_on(priv);
 
 871         mutex_unlock(&priv->mutex);
 
 874 static void ipw_led_link_off(struct ipw_priv *priv)
 
 879         /* If configured not to use LEDs, or nic type is 1,
 
 880          * then we don't goggle the LINK led. */
 
 881         if (priv->config & CFG_NO_LED || priv->nic_type == EEPROM_NIC_TYPE_1)
 
 884         spin_lock_irqsave(&priv->lock, flags);
 
 886         if (priv->status & STATUS_LED_LINK_ON) {
 
 887                 led = ipw_read_reg32(priv, IPW_EVENT_REG);
 
 888                 led &= priv->led_association_off;
 
 889                 led = ipw_register_toggle(led);
 
 891                 IPW_DEBUG_LED("Reg: 0x%08X\n", led);
 
 892                 ipw_write_reg32(priv, IPW_EVENT_REG, led);
 
 894                 IPW_DEBUG_LED("Link LED Off\n");
 
 896                 priv->status &= ~STATUS_LED_LINK_ON;
 
 898                 /* If we aren't associated and the radio is on, schedule
 
 899                  * turning the LED on (blink while unassociated) */
 
 900                 if (!(priv->status & STATUS_RF_KILL_MASK) &&
 
 901                     !(priv->status & STATUS_ASSOCIATED))
 
 902                         queue_delayed_work(priv->workqueue, &priv->led_link_on,
 
 907         spin_unlock_irqrestore(&priv->lock, flags);
 
 910 static void ipw_bg_led_link_off(struct work_struct *work)
 
 912         struct ipw_priv *priv =
 
 913                 container_of(work, struct ipw_priv, led_link_off.work);
 
 914         mutex_lock(&priv->mutex);
 
 915         ipw_led_link_off(priv);
 
 916         mutex_unlock(&priv->mutex);
 
 919 static void __ipw_led_activity_on(struct ipw_priv *priv)
 
 923         if (priv->config & CFG_NO_LED)
 
 926         if (priv->status & STATUS_RF_KILL_MASK)
 
 929         if (!(priv->status & STATUS_LED_ACT_ON)) {
 
 930                 led = ipw_read_reg32(priv, IPW_EVENT_REG);
 
 931                 led |= priv->led_activity_on;
 
 933                 led = ipw_register_toggle(led);
 
 935                 IPW_DEBUG_LED("Reg: 0x%08X\n", led);
 
 936                 ipw_write_reg32(priv, IPW_EVENT_REG, led);
 
 938                 IPW_DEBUG_LED("Activity LED On\n");
 
 940                 priv->status |= STATUS_LED_ACT_ON;
 
 942                 cancel_delayed_work(&priv->led_act_off);
 
 943                 queue_delayed_work(priv->workqueue, &priv->led_act_off,
 
 946                 /* Reschedule LED off for full time period */
 
 947                 cancel_delayed_work(&priv->led_act_off);
 
 948                 queue_delayed_work(priv->workqueue, &priv->led_act_off,
 
 954 void ipw_led_activity_on(struct ipw_priv *priv)
 
 957         spin_lock_irqsave(&priv->lock, flags);
 
 958         __ipw_led_activity_on(priv);
 
 959         spin_unlock_irqrestore(&priv->lock, flags);
 
 963 static void ipw_led_activity_off(struct ipw_priv *priv)
 
 968         if (priv->config & CFG_NO_LED)
 
 971         spin_lock_irqsave(&priv->lock, flags);
 
 973         if (priv->status & STATUS_LED_ACT_ON) {
 
 974                 led = ipw_read_reg32(priv, IPW_EVENT_REG);
 
 975                 led &= priv->led_activity_off;
 
 977                 led = ipw_register_toggle(led);
 
 979                 IPW_DEBUG_LED("Reg: 0x%08X\n", led);
 
 980                 ipw_write_reg32(priv, IPW_EVENT_REG, led);
 
 982                 IPW_DEBUG_LED("Activity LED Off\n");
 
 984                 priv->status &= ~STATUS_LED_ACT_ON;
 
 987         spin_unlock_irqrestore(&priv->lock, flags);
 
 990 static void ipw_bg_led_activity_off(struct work_struct *work)
 
 992         struct ipw_priv *priv =
 
 993                 container_of(work, struct ipw_priv, led_act_off.work);
 
 994         mutex_lock(&priv->mutex);
 
 995         ipw_led_activity_off(priv);
 
 996         mutex_unlock(&priv->mutex);
 
 999 static void ipw_led_band_on(struct ipw_priv *priv)
 
1001         unsigned long flags;
 
1004         /* Only nic type 1 supports mode LEDs */
 
1005         if (priv->config & CFG_NO_LED ||
 
1006             priv->nic_type != EEPROM_NIC_TYPE_1 || !priv->assoc_network)
 
1009         spin_lock_irqsave(&priv->lock, flags);
 
1011         led = ipw_read_reg32(priv, IPW_EVENT_REG);
 
1012         if (priv->assoc_network->mode == IEEE_A) {
 
1013                 led |= priv->led_ofdm_on;
 
1014                 led &= priv->led_association_off;
 
1015                 IPW_DEBUG_LED("Mode LED On: 802.11a\n");
 
1016         } else if (priv->assoc_network->mode == IEEE_G) {
 
1017                 led |= priv->led_ofdm_on;
 
1018                 led |= priv->led_association_on;
 
1019                 IPW_DEBUG_LED("Mode LED On: 802.11g\n");
 
1021                 led &= priv->led_ofdm_off;
 
1022                 led |= priv->led_association_on;
 
1023                 IPW_DEBUG_LED("Mode LED On: 802.11b\n");
 
1026         led = ipw_register_toggle(led);
 
1028         IPW_DEBUG_LED("Reg: 0x%08X\n", led);
 
1029         ipw_write_reg32(priv, IPW_EVENT_REG, led);
 
1031         spin_unlock_irqrestore(&priv->lock, flags);
 
1034 static void ipw_led_band_off(struct ipw_priv *priv)
 
1036         unsigned long flags;
 
1039         /* Only nic type 1 supports mode LEDs */
 
1040         if (priv->config & CFG_NO_LED || priv->nic_type != EEPROM_NIC_TYPE_1)
 
1043         spin_lock_irqsave(&priv->lock, flags);
 
1045         led = ipw_read_reg32(priv, IPW_EVENT_REG);
 
1046         led &= priv->led_ofdm_off;
 
1047         led &= priv->led_association_off;
 
1049         led = ipw_register_toggle(led);
 
1051         IPW_DEBUG_LED("Reg: 0x%08X\n", led);
 
1052         ipw_write_reg32(priv, IPW_EVENT_REG, led);
 
1054         spin_unlock_irqrestore(&priv->lock, flags);
 
1057 static void ipw_led_radio_on(struct ipw_priv *priv)
 
1059         ipw_led_link_on(priv);
 
1062 static void ipw_led_radio_off(struct ipw_priv *priv)
 
1064         ipw_led_activity_off(priv);
 
1065         ipw_led_link_off(priv);
 
1068 static void ipw_led_link_up(struct ipw_priv *priv)
 
1070         /* Set the Link Led on for all nic types */
 
1071         ipw_led_link_on(priv);
 
1074 static void ipw_led_link_down(struct ipw_priv *priv)
 
1076         ipw_led_activity_off(priv);
 
1077         ipw_led_link_off(priv);
 
1079         if (priv->status & STATUS_RF_KILL_MASK)
 
1080                 ipw_led_radio_off(priv);
 
1083 static void ipw_led_init(struct ipw_priv *priv)
 
1085         priv->nic_type = priv->eeprom[EEPROM_NIC_TYPE];
 
1087         /* Set the default PINs for the link and activity leds */
 
1088         priv->led_activity_on = IPW_ACTIVITY_LED;
 
1089         priv->led_activity_off = ~(IPW_ACTIVITY_LED);
 
1091         priv->led_association_on = IPW_ASSOCIATED_LED;
 
1092         priv->led_association_off = ~(IPW_ASSOCIATED_LED);
 
1094         /* Set the default PINs for the OFDM leds */
 
1095         priv->led_ofdm_on = IPW_OFDM_LED;
 
1096         priv->led_ofdm_off = ~(IPW_OFDM_LED);
 
1098         switch (priv->nic_type) {
 
1099         case EEPROM_NIC_TYPE_1:
 
1100                 /* In this NIC type, the LEDs are reversed.... */
 
1101                 priv->led_activity_on = IPW_ASSOCIATED_LED;
 
1102                 priv->led_activity_off = ~(IPW_ASSOCIATED_LED);
 
1103                 priv->led_association_on = IPW_ACTIVITY_LED;
 
1104                 priv->led_association_off = ~(IPW_ACTIVITY_LED);
 
1106                 if (!(priv->config & CFG_NO_LED))
 
1107                         ipw_led_band_on(priv);
 
1109                 /* And we don't blink link LEDs for this nic, so
 
1110                  * just return here */
 
1113         case EEPROM_NIC_TYPE_3:
 
1114         case EEPROM_NIC_TYPE_2:
 
1115         case EEPROM_NIC_TYPE_4:
 
1116         case EEPROM_NIC_TYPE_0:
 
1120                 IPW_DEBUG_INFO("Unknown NIC type from EEPROM: %d\n",
 
1122                 priv->nic_type = EEPROM_NIC_TYPE_0;
 
1126         if (!(priv->config & CFG_NO_LED)) {
 
1127                 if (priv->status & STATUS_ASSOCIATED)
 
1128                         ipw_led_link_on(priv);
 
1130                         ipw_led_link_off(priv);
 
1134 static void ipw_led_shutdown(struct ipw_priv *priv)
 
1136         ipw_led_activity_off(priv);
 
1137         ipw_led_link_off(priv);
 
1138         ipw_led_band_off(priv);
 
1139         cancel_delayed_work(&priv->led_link_on);
 
1140         cancel_delayed_work(&priv->led_link_off);
 
1141         cancel_delayed_work(&priv->led_act_off);
 
1145  * The following adds a new attribute to the sysfs representation
 
1146  * of this device driver (i.e. a new file in /sys/bus/pci/drivers/ipw/)
 
1147  * used for controling the debug level.
 
1149  * See the level definitions in ipw for details.
 
1151 static ssize_t show_debug_level(struct device_driver *d, char *buf)
 
1153         return sprintf(buf, "0x%08X\n", ipw_debug_level);
 
1156 static ssize_t store_debug_level(struct device_driver *d, const char *buf,
 
1159         char *p = (char *)buf;
 
1162         if (p[1] == 'x' || p[1] == 'X' || p[0] == 'x' || p[0] == 'X') {
 
1164                 if (p[0] == 'x' || p[0] == 'X')
 
1166                 val = simple_strtoul(p, &p, 16);
 
1168                 val = simple_strtoul(p, &p, 10);
 
1170                 printk(KERN_INFO DRV_NAME
 
1171                        ": %s is not in hex or decimal form.\n", buf);
 
1173                 ipw_debug_level = val;
 
1175         return strnlen(buf, count);
 
1178 static DRIVER_ATTR(debug_level, S_IWUSR | S_IRUGO,
 
1179                    show_debug_level, store_debug_level);
 
1181 static inline u32 ipw_get_event_log_len(struct ipw_priv *priv)
 
1183         /* length = 1st dword in log */
 
1184         return ipw_read_reg32(priv, ipw_read32(priv, IPW_EVENT_LOG));
 
1187 static void ipw_capture_event_log(struct ipw_priv *priv,
 
1188                                   u32 log_len, struct ipw_event *log)
 
1193                 base = ipw_read32(priv, IPW_EVENT_LOG);
 
1194                 ipw_read_indirect(priv, base + sizeof(base) + sizeof(u32),
 
1195                                   (u8 *) log, sizeof(*log) * log_len);
 
1199 static struct ipw_fw_error *ipw_alloc_error_log(struct ipw_priv *priv)
 
1201         struct ipw_fw_error *error;
 
1202         u32 log_len = ipw_get_event_log_len(priv);
 
1203         u32 base = ipw_read32(priv, IPW_ERROR_LOG);
 
1204         u32 elem_len = ipw_read_reg32(priv, base);
 
1206         error = kmalloc(sizeof(*error) +
 
1207                         sizeof(*error->elem) * elem_len +
 
1208                         sizeof(*error->log) * log_len, GFP_ATOMIC);
 
1210                 IPW_ERROR("Memory allocation for firmware error log "
 
1214         error->jiffies = jiffies;
 
1215         error->status = priv->status;
 
1216         error->config = priv->config;
 
1217         error->elem_len = elem_len;
 
1218         error->log_len = log_len;
 
1219         error->elem = (struct ipw_error_elem *)error->payload;
 
1220         error->log = (struct ipw_event *)(error->elem + elem_len);
 
1222         ipw_capture_event_log(priv, log_len, error->log);
 
1225                 ipw_read_indirect(priv, base + sizeof(base), (u8 *) error->elem,
 
1226                                   sizeof(*error->elem) * elem_len);
 
1231 static ssize_t show_event_log(struct device *d,
 
1232                               struct device_attribute *attr, char *buf)
 
1234         struct ipw_priv *priv = dev_get_drvdata(d);
 
1235         u32 log_len = ipw_get_event_log_len(priv);
 
1237         struct ipw_event *log;
 
1240         /* not using min() because of its strict type checking */
 
1241         log_size = PAGE_SIZE / sizeof(*log) > log_len ?
 
1242                         sizeof(*log) * log_len : PAGE_SIZE;
 
1243         log = kzalloc(log_size, GFP_KERNEL);
 
1245                 IPW_ERROR("Unable to allocate memory for log\n");
 
1248         log_len = log_size / sizeof(*log);
 
1249         ipw_capture_event_log(priv, log_len, log);
 
1251         len += snprintf(buf + len, PAGE_SIZE - len, "%08X", log_len);
 
1252         for (i = 0; i < log_len; i++)
 
1253                 len += snprintf(buf + len, PAGE_SIZE - len,
 
1255                                 log[i].time, log[i].event, log[i].data);
 
1256         len += snprintf(buf + len, PAGE_SIZE - len, "\n");
 
1261 static DEVICE_ATTR(event_log, S_IRUGO, show_event_log, NULL);
 
1263 static ssize_t show_error(struct device *d,
 
1264                           struct device_attribute *attr, char *buf)
 
1266         struct ipw_priv *priv = dev_get_drvdata(d);
 
1270         len += snprintf(buf + len, PAGE_SIZE - len,
 
1271                         "%08lX%08X%08X%08X",
 
1272                         priv->error->jiffies,
 
1273                         priv->error->status,
 
1274                         priv->error->config, priv->error->elem_len);
 
1275         for (i = 0; i < priv->error->elem_len; i++)
 
1276                 len += snprintf(buf + len, PAGE_SIZE - len,
 
1277                                 "\n%08X%08X%08X%08X%08X%08X%08X",
 
1278                                 priv->error->elem[i].time,
 
1279                                 priv->error->elem[i].desc,
 
1280                                 priv->error->elem[i].blink1,
 
1281                                 priv->error->elem[i].blink2,
 
1282                                 priv->error->elem[i].link1,
 
1283                                 priv->error->elem[i].link2,
 
1284                                 priv->error->elem[i].data);
 
1286         len += snprintf(buf + len, PAGE_SIZE - len,
 
1287                         "\n%08X", priv->error->log_len);
 
1288         for (i = 0; i < priv->error->log_len; i++)
 
1289                 len += snprintf(buf + len, PAGE_SIZE - len,
 
1291                                 priv->error->log[i].time,
 
1292                                 priv->error->log[i].event,
 
1293                                 priv->error->log[i].data);
 
1294         len += snprintf(buf + len, PAGE_SIZE - len, "\n");
 
1298 static ssize_t clear_error(struct device *d,
 
1299                            struct device_attribute *attr,
 
1300                            const char *buf, size_t count)
 
1302         struct ipw_priv *priv = dev_get_drvdata(d);
 
1309 static DEVICE_ATTR(error, S_IRUGO | S_IWUSR, show_error, clear_error);
 
1311 static ssize_t show_cmd_log(struct device *d,
 
1312                             struct device_attribute *attr, char *buf)
 
1314         struct ipw_priv *priv = dev_get_drvdata(d);
 
1318         for (i = (priv->cmdlog_pos + 1) % priv->cmdlog_len;
 
1319              (i != priv->cmdlog_pos) && (PAGE_SIZE - len);
 
1320              i = (i + 1) % priv->cmdlog_len) {
 
1322                     snprintf(buf + len, PAGE_SIZE - len,
 
1323                              "\n%08lX%08X%08X%08X\n", priv->cmdlog[i].jiffies,
 
1324                              priv->cmdlog[i].retcode, priv->cmdlog[i].cmd.cmd,
 
1325                              priv->cmdlog[i].cmd.len);
 
1327                     snprintk_buf(buf + len, PAGE_SIZE - len,
 
1328                                  (u8 *) priv->cmdlog[i].cmd.param,
 
1329                                  priv->cmdlog[i].cmd.len);
 
1330                 len += snprintf(buf + len, PAGE_SIZE - len, "\n");
 
1332         len += snprintf(buf + len, PAGE_SIZE - len, "\n");
 
1336 static DEVICE_ATTR(cmd_log, S_IRUGO, show_cmd_log, NULL);
 
1338 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
1339 static void ipw_prom_free(struct ipw_priv *priv);
 
1340 static int ipw_prom_alloc(struct ipw_priv *priv);
 
1341 static ssize_t store_rtap_iface(struct device *d,
 
1342                          struct device_attribute *attr,
 
1343                          const char *buf, size_t count)
 
1345         struct ipw_priv *priv = dev_get_drvdata(d);
 
1356                 if (netif_running(priv->prom_net_dev)) {
 
1357                         IPW_WARNING("Interface is up.  Cannot unregister.\n");
 
1361                 ipw_prom_free(priv);
 
1369                 rc = ipw_prom_alloc(priv);
 
1379                 IPW_ERROR("Failed to register promiscuous network "
 
1380                           "device (error %d).\n", rc);
 
1386 static ssize_t show_rtap_iface(struct device *d,
 
1387                         struct device_attribute *attr,
 
1390         struct ipw_priv *priv = dev_get_drvdata(d);
 
1392                 return sprintf(buf, "%s", priv->prom_net_dev->name);
 
1401 static DEVICE_ATTR(rtap_iface, S_IWUSR | S_IRUSR, show_rtap_iface,
 
1404 static ssize_t store_rtap_filter(struct device *d,
 
1405                          struct device_attribute *attr,
 
1406                          const char *buf, size_t count)
 
1408         struct ipw_priv *priv = dev_get_drvdata(d);
 
1410         if (!priv->prom_priv) {
 
1411                 IPW_ERROR("Attempting to set filter without "
 
1412                           "rtap_iface enabled.\n");
 
1416         priv->prom_priv->filter = simple_strtol(buf, NULL, 0);
 
1418         IPW_DEBUG_INFO("Setting rtap filter to " BIT_FMT16 "\n",
 
1419                        BIT_ARG16(priv->prom_priv->filter));
 
1424 static ssize_t show_rtap_filter(struct device *d,
 
1425                         struct device_attribute *attr,
 
1428         struct ipw_priv *priv = dev_get_drvdata(d);
 
1429         return sprintf(buf, "0x%04X",
 
1430                        priv->prom_priv ? priv->prom_priv->filter : 0);
 
1433 static DEVICE_ATTR(rtap_filter, S_IWUSR | S_IRUSR, show_rtap_filter,
 
1437 static ssize_t show_scan_age(struct device *d, struct device_attribute *attr,
 
1440         struct ipw_priv *priv = dev_get_drvdata(d);
 
1441         return sprintf(buf, "%d\n", priv->ieee->scan_age);
 
1444 static ssize_t store_scan_age(struct device *d, struct device_attribute *attr,
 
1445                               const char *buf, size_t count)
 
1447         struct ipw_priv *priv = dev_get_drvdata(d);
 
1448         struct net_device *dev = priv->net_dev;
 
1449         char buffer[] = "00000000";
 
1451             (sizeof(buffer) - 1) > count ? count : sizeof(buffer) - 1;
 
1455         IPW_DEBUG_INFO("enter\n");
 
1457         strncpy(buffer, buf, len);
 
1460         if (p[1] == 'x' || p[1] == 'X' || p[0] == 'x' || p[0] == 'X') {
 
1462                 if (p[0] == 'x' || p[0] == 'X')
 
1464                 val = simple_strtoul(p, &p, 16);
 
1466                 val = simple_strtoul(p, &p, 10);
 
1468                 IPW_DEBUG_INFO("%s: user supplied invalid value.\n", dev->name);
 
1470                 priv->ieee->scan_age = val;
 
1471                 IPW_DEBUG_INFO("set scan_age = %u\n", priv->ieee->scan_age);
 
1474         IPW_DEBUG_INFO("exit\n");
 
1478 static DEVICE_ATTR(scan_age, S_IWUSR | S_IRUGO, show_scan_age, store_scan_age);
 
1480 static ssize_t show_led(struct device *d, struct device_attribute *attr,
 
1483         struct ipw_priv *priv = dev_get_drvdata(d);
 
1484         return sprintf(buf, "%d\n", (priv->config & CFG_NO_LED) ? 0 : 1);
 
1487 static ssize_t store_led(struct device *d, struct device_attribute *attr,
 
1488                          const char *buf, size_t count)
 
1490         struct ipw_priv *priv = dev_get_drvdata(d);
 
1492         IPW_DEBUG_INFO("enter\n");
 
1498                 IPW_DEBUG_LED("Disabling LED control.\n");
 
1499                 priv->config |= CFG_NO_LED;
 
1500                 ipw_led_shutdown(priv);
 
1502                 IPW_DEBUG_LED("Enabling LED control.\n");
 
1503                 priv->config &= ~CFG_NO_LED;
 
1507         IPW_DEBUG_INFO("exit\n");
 
1511 static DEVICE_ATTR(led, S_IWUSR | S_IRUGO, show_led, store_led);
 
1513 static ssize_t show_status(struct device *d,
 
1514                            struct device_attribute *attr, char *buf)
 
1516         struct ipw_priv *p = d->driver_data;
 
1517         return sprintf(buf, "0x%08x\n", (int)p->status);
 
1520 static DEVICE_ATTR(status, S_IRUGO, show_status, NULL);
 
1522 static ssize_t show_cfg(struct device *d, struct device_attribute *attr,
 
1525         struct ipw_priv *p = d->driver_data;
 
1526         return sprintf(buf, "0x%08x\n", (int)p->config);
 
1529 static DEVICE_ATTR(cfg, S_IRUGO, show_cfg, NULL);
 
1531 static ssize_t show_nic_type(struct device *d,
 
1532                              struct device_attribute *attr, char *buf)
 
1534         struct ipw_priv *priv = d->driver_data;
 
1535         return sprintf(buf, "TYPE: %d\n", priv->nic_type);
 
1538 static DEVICE_ATTR(nic_type, S_IRUGO, show_nic_type, NULL);
 
1540 static ssize_t show_ucode_version(struct device *d,
 
1541                                   struct device_attribute *attr, char *buf)
 
1543         u32 len = sizeof(u32), tmp = 0;
 
1544         struct ipw_priv *p = d->driver_data;
 
1546         if (ipw_get_ordinal(p, IPW_ORD_STAT_UCODE_VERSION, &tmp, &len))
 
1549         return sprintf(buf, "0x%08x\n", tmp);
 
1552 static DEVICE_ATTR(ucode_version, S_IWUSR | S_IRUGO, show_ucode_version, NULL);
 
1554 static ssize_t show_rtc(struct device *d, struct device_attribute *attr,
 
1557         u32 len = sizeof(u32), tmp = 0;
 
1558         struct ipw_priv *p = d->driver_data;
 
1560         if (ipw_get_ordinal(p, IPW_ORD_STAT_RTC, &tmp, &len))
 
1563         return sprintf(buf, "0x%08x\n", tmp);
 
1566 static DEVICE_ATTR(rtc, S_IWUSR | S_IRUGO, show_rtc, NULL);
 
1569  * Add a device attribute to view/control the delay between eeprom
 
1572 static ssize_t show_eeprom_delay(struct device *d,
 
1573                                  struct device_attribute *attr, char *buf)
 
1575         int n = ((struct ipw_priv *)d->driver_data)->eeprom_delay;
 
1576         return sprintf(buf, "%i\n", n);
 
1578 static ssize_t store_eeprom_delay(struct device *d,
 
1579                                   struct device_attribute *attr,
 
1580                                   const char *buf, size_t count)
 
1582         struct ipw_priv *p = d->driver_data;
 
1583         sscanf(buf, "%i", &p->eeprom_delay);
 
1584         return strnlen(buf, count);
 
1587 static DEVICE_ATTR(eeprom_delay, S_IWUSR | S_IRUGO,
 
1588                    show_eeprom_delay, store_eeprom_delay);
 
1590 static ssize_t show_command_event_reg(struct device *d,
 
1591                                       struct device_attribute *attr, char *buf)
 
1594         struct ipw_priv *p = d->driver_data;
 
1596         reg = ipw_read_reg32(p, IPW_INTERNAL_CMD_EVENT);
 
1597         return sprintf(buf, "0x%08x\n", reg);
 
1599 static ssize_t store_command_event_reg(struct device *d,
 
1600                                        struct device_attribute *attr,
 
1601                                        const char *buf, size_t count)
 
1604         struct ipw_priv *p = d->driver_data;
 
1606         sscanf(buf, "%x", ®);
 
1607         ipw_write_reg32(p, IPW_INTERNAL_CMD_EVENT, reg);
 
1608         return strnlen(buf, count);
 
1611 static DEVICE_ATTR(command_event_reg, S_IWUSR | S_IRUGO,
 
1612                    show_command_event_reg, store_command_event_reg);
 
1614 static ssize_t show_mem_gpio_reg(struct device *d,
 
1615                                  struct device_attribute *attr, char *buf)
 
1618         struct ipw_priv *p = d->driver_data;
 
1620         reg = ipw_read_reg32(p, 0x301100);
 
1621         return sprintf(buf, "0x%08x\n", reg);
 
1623 static ssize_t store_mem_gpio_reg(struct device *d,
 
1624                                   struct device_attribute *attr,
 
1625                                   const char *buf, size_t count)
 
1628         struct ipw_priv *p = d->driver_data;
 
1630         sscanf(buf, "%x", ®);
 
1631         ipw_write_reg32(p, 0x301100, reg);
 
1632         return strnlen(buf, count);
 
1635 static DEVICE_ATTR(mem_gpio_reg, S_IWUSR | S_IRUGO,
 
1636                    show_mem_gpio_reg, store_mem_gpio_reg);
 
1638 static ssize_t show_indirect_dword(struct device *d,
 
1639                                    struct device_attribute *attr, char *buf)
 
1642         struct ipw_priv *priv = d->driver_data;
 
1644         if (priv->status & STATUS_INDIRECT_DWORD)
 
1645                 reg = ipw_read_reg32(priv, priv->indirect_dword);
 
1649         return sprintf(buf, "0x%08x\n", reg);
 
1651 static ssize_t store_indirect_dword(struct device *d,
 
1652                                     struct device_attribute *attr,
 
1653                                     const char *buf, size_t count)
 
1655         struct ipw_priv *priv = d->driver_data;
 
1657         sscanf(buf, "%x", &priv->indirect_dword);
 
1658         priv->status |= STATUS_INDIRECT_DWORD;
 
1659         return strnlen(buf, count);
 
1662 static DEVICE_ATTR(indirect_dword, S_IWUSR | S_IRUGO,
 
1663                    show_indirect_dword, store_indirect_dword);
 
1665 static ssize_t show_indirect_byte(struct device *d,
 
1666                                   struct device_attribute *attr, char *buf)
 
1669         struct ipw_priv *priv = d->driver_data;
 
1671         if (priv->status & STATUS_INDIRECT_BYTE)
 
1672                 reg = ipw_read_reg8(priv, priv->indirect_byte);
 
1676         return sprintf(buf, "0x%02x\n", reg);
 
1678 static ssize_t store_indirect_byte(struct device *d,
 
1679                                    struct device_attribute *attr,
 
1680                                    const char *buf, size_t count)
 
1682         struct ipw_priv *priv = d->driver_data;
 
1684         sscanf(buf, "%x", &priv->indirect_byte);
 
1685         priv->status |= STATUS_INDIRECT_BYTE;
 
1686         return strnlen(buf, count);
 
1689 static DEVICE_ATTR(indirect_byte, S_IWUSR | S_IRUGO,
 
1690                    show_indirect_byte, store_indirect_byte);
 
1692 static ssize_t show_direct_dword(struct device *d,
 
1693                                  struct device_attribute *attr, char *buf)
 
1696         struct ipw_priv *priv = d->driver_data;
 
1698         if (priv->status & STATUS_DIRECT_DWORD)
 
1699                 reg = ipw_read32(priv, priv->direct_dword);
 
1703         return sprintf(buf, "0x%08x\n", reg);
 
1705 static ssize_t store_direct_dword(struct device *d,
 
1706                                   struct device_attribute *attr,
 
1707                                   const char *buf, size_t count)
 
1709         struct ipw_priv *priv = d->driver_data;
 
1711         sscanf(buf, "%x", &priv->direct_dword);
 
1712         priv->status |= STATUS_DIRECT_DWORD;
 
1713         return strnlen(buf, count);
 
1716 static DEVICE_ATTR(direct_dword, S_IWUSR | S_IRUGO,
 
1717                    show_direct_dword, store_direct_dword);
 
1719 static int rf_kill_active(struct ipw_priv *priv)
 
1721         if (0 == (ipw_read32(priv, 0x30) & 0x10000))
 
1722                 priv->status |= STATUS_RF_KILL_HW;
 
1724                 priv->status &= ~STATUS_RF_KILL_HW;
 
1726         return (priv->status & STATUS_RF_KILL_HW) ? 1 : 0;
 
1729 static ssize_t show_rf_kill(struct device *d, struct device_attribute *attr,
 
1732         /* 0 - RF kill not enabled
 
1733            1 - SW based RF kill active (sysfs)
 
1734            2 - HW based RF kill active
 
1735            3 - Both HW and SW baed RF kill active */
 
1736         struct ipw_priv *priv = d->driver_data;
 
1737         int val = ((priv->status & STATUS_RF_KILL_SW) ? 0x1 : 0x0) |
 
1738             (rf_kill_active(priv) ? 0x2 : 0x0);
 
1739         return sprintf(buf, "%i\n", val);
 
1742 static int ipw_radio_kill_sw(struct ipw_priv *priv, int disable_radio)
 
1744         if ((disable_radio ? 1 : 0) ==
 
1745             ((priv->status & STATUS_RF_KILL_SW) ? 1 : 0))
 
1748         IPW_DEBUG_RF_KILL("Manual SW RF Kill set to: RADIO  %s\n",
 
1749                           disable_radio ? "OFF" : "ON");
 
1751         if (disable_radio) {
 
1752                 priv->status |= STATUS_RF_KILL_SW;
 
1754                 if (priv->workqueue) {
 
1755                         cancel_delayed_work(&priv->request_scan);
 
1756                         cancel_delayed_work(&priv->scan_event);
 
1758                 queue_work(priv->workqueue, &priv->down);
 
1760                 priv->status &= ~STATUS_RF_KILL_SW;
 
1761                 if (rf_kill_active(priv)) {
 
1762                         IPW_DEBUG_RF_KILL("Can not turn radio back on - "
 
1763                                           "disabled by HW switch\n");
 
1764                         /* Make sure the RF_KILL check timer is running */
 
1765                         cancel_delayed_work(&priv->rf_kill);
 
1766                         queue_delayed_work(priv->workqueue, &priv->rf_kill,
 
1767                                            round_jiffies_relative(2 * HZ));
 
1769                         queue_work(priv->workqueue, &priv->up);
 
1775 static ssize_t store_rf_kill(struct device *d, struct device_attribute *attr,
 
1776                              const char *buf, size_t count)
 
1778         struct ipw_priv *priv = d->driver_data;
 
1780         ipw_radio_kill_sw(priv, buf[0] == '1');
 
1785 static DEVICE_ATTR(rf_kill, S_IWUSR | S_IRUGO, show_rf_kill, store_rf_kill);
 
1787 static ssize_t show_speed_scan(struct device *d, struct device_attribute *attr,
 
1790         struct ipw_priv *priv = (struct ipw_priv *)d->driver_data;
 
1791         int pos = 0, len = 0;
 
1792         if (priv->config & CFG_SPEED_SCAN) {
 
1793                 while (priv->speed_scan[pos] != 0)
 
1794                         len += sprintf(&buf[len], "%d ",
 
1795                                        priv->speed_scan[pos++]);
 
1796                 return len + sprintf(&buf[len], "\n");
 
1799         return sprintf(buf, "0\n");
 
1802 static ssize_t store_speed_scan(struct device *d, struct device_attribute *attr,
 
1803                                 const char *buf, size_t count)
 
1805         struct ipw_priv *priv = (struct ipw_priv *)d->driver_data;
 
1806         int channel, pos = 0;
 
1807         const char *p = buf;
 
1809         /* list of space separated channels to scan, optionally ending with 0 */
 
1810         while ((channel = simple_strtol(p, NULL, 0))) {
 
1811                 if (pos == MAX_SPEED_SCAN - 1) {
 
1812                         priv->speed_scan[pos] = 0;
 
1816                 if (ieee80211_is_valid_channel(priv->ieee, channel))
 
1817                         priv->speed_scan[pos++] = channel;
 
1819                         IPW_WARNING("Skipping invalid channel request: %d\n",
 
1824                 while (*p == ' ' || *p == '\t')
 
1829                 priv->config &= ~CFG_SPEED_SCAN;
 
1831                 priv->speed_scan_pos = 0;
 
1832                 priv->config |= CFG_SPEED_SCAN;
 
1838 static DEVICE_ATTR(speed_scan, S_IWUSR | S_IRUGO, show_speed_scan,
 
1841 static ssize_t show_net_stats(struct device *d, struct device_attribute *attr,
 
1844         struct ipw_priv *priv = (struct ipw_priv *)d->driver_data;
 
1845         return sprintf(buf, "%c\n", (priv->config & CFG_NET_STATS) ? '1' : '0');
 
1848 static ssize_t store_net_stats(struct device *d, struct device_attribute *attr,
 
1849                                const char *buf, size_t count)
 
1851         struct ipw_priv *priv = (struct ipw_priv *)d->driver_data;
 
1853                 priv->config |= CFG_NET_STATS;
 
1855                 priv->config &= ~CFG_NET_STATS;
 
1860 static DEVICE_ATTR(net_stats, S_IWUSR | S_IRUGO,
 
1861                    show_net_stats, store_net_stats);
 
1863 static ssize_t show_channels(struct device *d,
 
1864                              struct device_attribute *attr,
 
1867         struct ipw_priv *priv = dev_get_drvdata(d);
 
1868         const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
 
1871         len = sprintf(&buf[len],
 
1872                       "Displaying %d channels in 2.4Ghz band "
 
1873                       "(802.11bg):\n", geo->bg_channels);
 
1875         for (i = 0; i < geo->bg_channels; i++) {
 
1876                 len += sprintf(&buf[len], "%d: BSS%s%s, %s, Band %s.\n",
 
1878                                geo->bg[i].flags & IEEE80211_CH_RADAR_DETECT ?
 
1879                                " (radar spectrum)" : "",
 
1880                                ((geo->bg[i].flags & IEEE80211_CH_NO_IBSS) ||
 
1881                                 (geo->bg[i].flags & IEEE80211_CH_RADAR_DETECT))
 
1883                                geo->bg[i].flags & IEEE80211_CH_PASSIVE_ONLY ?
 
1884                                "passive only" : "active/passive",
 
1885                                geo->bg[i].flags & IEEE80211_CH_B_ONLY ?
 
1889         len += sprintf(&buf[len],
 
1890                        "Displaying %d channels in 5.2Ghz band "
 
1891                        "(802.11a):\n", geo->a_channels);
 
1892         for (i = 0; i < geo->a_channels; i++) {
 
1893                 len += sprintf(&buf[len], "%d: BSS%s%s, %s.\n",
 
1895                                geo->a[i].flags & IEEE80211_CH_RADAR_DETECT ?
 
1896                                " (radar spectrum)" : "",
 
1897                                ((geo->a[i].flags & IEEE80211_CH_NO_IBSS) ||
 
1898                                 (geo->a[i].flags & IEEE80211_CH_RADAR_DETECT))
 
1900                                geo->a[i].flags & IEEE80211_CH_PASSIVE_ONLY ?
 
1901                                "passive only" : "active/passive");
 
1907 static DEVICE_ATTR(channels, S_IRUSR, show_channels, NULL);
 
1909 static void notify_wx_assoc_event(struct ipw_priv *priv)
 
1911         union iwreq_data wrqu;
 
1912         wrqu.ap_addr.sa_family = ARPHRD_ETHER;
 
1913         if (priv->status & STATUS_ASSOCIATED)
 
1914                 memcpy(wrqu.ap_addr.sa_data, priv->bssid, ETH_ALEN);
 
1916                 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
 
1917         wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL);
 
1920 static void ipw_irq_tasklet(struct ipw_priv *priv)
 
1922         u32 inta, inta_mask, handled = 0;
 
1923         unsigned long flags;
 
1926         spin_lock_irqsave(&priv->irq_lock, flags);
 
1928         inta = ipw_read32(priv, IPW_INTA_RW);
 
1929         inta_mask = ipw_read32(priv, IPW_INTA_MASK_R);
 
1930         inta &= (IPW_INTA_MASK_ALL & inta_mask);
 
1932         /* Add any cached INTA values that need to be handled */
 
1933         inta |= priv->isr_inta;
 
1935         spin_unlock_irqrestore(&priv->irq_lock, flags);
 
1937         spin_lock_irqsave(&priv->lock, flags);
 
1939         /* handle all the justifications for the interrupt */
 
1940         if (inta & IPW_INTA_BIT_RX_TRANSFER) {
 
1942                 handled |= IPW_INTA_BIT_RX_TRANSFER;
 
1945         if (inta & IPW_INTA_BIT_TX_CMD_QUEUE) {
 
1946                 IPW_DEBUG_HC("Command completed.\n");
 
1947                 rc = ipw_queue_tx_reclaim(priv, &priv->txq_cmd, -1);
 
1948                 priv->status &= ~STATUS_HCMD_ACTIVE;
 
1949                 wake_up_interruptible(&priv->wait_command_queue);
 
1950                 handled |= IPW_INTA_BIT_TX_CMD_QUEUE;
 
1953         if (inta & IPW_INTA_BIT_TX_QUEUE_1) {
 
1954                 IPW_DEBUG_TX("TX_QUEUE_1\n");
 
1955                 rc = ipw_queue_tx_reclaim(priv, &priv->txq[0], 0);
 
1956                 handled |= IPW_INTA_BIT_TX_QUEUE_1;
 
1959         if (inta & IPW_INTA_BIT_TX_QUEUE_2) {
 
1960                 IPW_DEBUG_TX("TX_QUEUE_2\n");
 
1961                 rc = ipw_queue_tx_reclaim(priv, &priv->txq[1], 1);
 
1962                 handled |= IPW_INTA_BIT_TX_QUEUE_2;
 
1965         if (inta & IPW_INTA_BIT_TX_QUEUE_3) {
 
1966                 IPW_DEBUG_TX("TX_QUEUE_3\n");
 
1967                 rc = ipw_queue_tx_reclaim(priv, &priv->txq[2], 2);
 
1968                 handled |= IPW_INTA_BIT_TX_QUEUE_3;
 
1971         if (inta & IPW_INTA_BIT_TX_QUEUE_4) {
 
1972                 IPW_DEBUG_TX("TX_QUEUE_4\n");
 
1973                 rc = ipw_queue_tx_reclaim(priv, &priv->txq[3], 3);
 
1974                 handled |= IPW_INTA_BIT_TX_QUEUE_4;
 
1977         if (inta & IPW_INTA_BIT_STATUS_CHANGE) {
 
1978                 IPW_WARNING("STATUS_CHANGE\n");
 
1979                 handled |= IPW_INTA_BIT_STATUS_CHANGE;
 
1982         if (inta & IPW_INTA_BIT_BEACON_PERIOD_EXPIRED) {
 
1983                 IPW_WARNING("TX_PERIOD_EXPIRED\n");
 
1984                 handled |= IPW_INTA_BIT_BEACON_PERIOD_EXPIRED;
 
1987         if (inta & IPW_INTA_BIT_SLAVE_MODE_HOST_CMD_DONE) {
 
1988                 IPW_WARNING("HOST_CMD_DONE\n");
 
1989                 handled |= IPW_INTA_BIT_SLAVE_MODE_HOST_CMD_DONE;
 
1992         if (inta & IPW_INTA_BIT_FW_INITIALIZATION_DONE) {
 
1993                 IPW_WARNING("FW_INITIALIZATION_DONE\n");
 
1994                 handled |= IPW_INTA_BIT_FW_INITIALIZATION_DONE;
 
1997         if (inta & IPW_INTA_BIT_FW_CARD_DISABLE_PHY_OFF_DONE) {
 
1998                 IPW_WARNING("PHY_OFF_DONE\n");
 
1999                 handled |= IPW_INTA_BIT_FW_CARD_DISABLE_PHY_OFF_DONE;
 
2002         if (inta & IPW_INTA_BIT_RF_KILL_DONE) {
 
2003                 IPW_DEBUG_RF_KILL("RF_KILL_DONE\n");
 
2004                 priv->status |= STATUS_RF_KILL_HW;
 
2005                 wake_up_interruptible(&priv->wait_command_queue);
 
2006                 priv->status &= ~(STATUS_ASSOCIATED | STATUS_ASSOCIATING);
 
2007                 cancel_delayed_work(&priv->request_scan);
 
2008                 cancel_delayed_work(&priv->scan_event);
 
2009                 schedule_work(&priv->link_down);
 
2010                 queue_delayed_work(priv->workqueue, &priv->rf_kill, 2 * HZ);
 
2011                 handled |= IPW_INTA_BIT_RF_KILL_DONE;
 
2014         if (inta & IPW_INTA_BIT_FATAL_ERROR) {
 
2015                 IPW_WARNING("Firmware error detected.  Restarting.\n");
 
2017                         IPW_DEBUG_FW("Sysfs 'error' log already exists.\n");
 
2018                         if (ipw_debug_level & IPW_DL_FW_ERRORS) {
 
2019                                 struct ipw_fw_error *error =
 
2020                                     ipw_alloc_error_log(priv);
 
2021                                 ipw_dump_error_log(priv, error);
 
2025                         priv->error = ipw_alloc_error_log(priv);
 
2027                                 IPW_DEBUG_FW("Sysfs 'error' log captured.\n");
 
2029                                 IPW_DEBUG_FW("Error allocating sysfs 'error' "
 
2031                         if (ipw_debug_level & IPW_DL_FW_ERRORS)
 
2032                                 ipw_dump_error_log(priv, priv->error);
 
2035                 /* XXX: If hardware encryption is for WPA/WPA2,
 
2036                  * we have to notify the supplicant. */
 
2037                 if (priv->ieee->sec.encrypt) {
 
2038                         priv->status &= ~STATUS_ASSOCIATED;
 
2039                         notify_wx_assoc_event(priv);
 
2042                 /* Keep the restart process from trying to send host
 
2043                  * commands by clearing the INIT status bit */
 
2044                 priv->status &= ~STATUS_INIT;
 
2046                 /* Cancel currently queued command. */
 
2047                 priv->status &= ~STATUS_HCMD_ACTIVE;
 
2048                 wake_up_interruptible(&priv->wait_command_queue);
 
2050                 queue_work(priv->workqueue, &priv->adapter_restart);
 
2051                 handled |= IPW_INTA_BIT_FATAL_ERROR;
 
2054         if (inta & IPW_INTA_BIT_PARITY_ERROR) {
 
2055                 IPW_ERROR("Parity error\n");
 
2056                 handled |= IPW_INTA_BIT_PARITY_ERROR;
 
2059         if (handled != inta) {
 
2060                 IPW_ERROR("Unhandled INTA bits 0x%08x\n", inta & ~handled);
 
2063         spin_unlock_irqrestore(&priv->lock, flags);
 
2065         /* enable all interrupts */
 
2066         ipw_enable_interrupts(priv);
 
2069 #define IPW_CMD(x) case IPW_CMD_ ## x : return #x
 
2070 static char *get_cmd_string(u8 cmd)
 
2073                 IPW_CMD(HOST_COMPLETE);
 
2074                 IPW_CMD(POWER_DOWN);
 
2075                 IPW_CMD(SYSTEM_CONFIG);
 
2076                 IPW_CMD(MULTICAST_ADDRESS);
 
2078                 IPW_CMD(ADAPTER_ADDRESS);
 
2080                 IPW_CMD(RTS_THRESHOLD);
 
2081                 IPW_CMD(FRAG_THRESHOLD);
 
2082                 IPW_CMD(POWER_MODE);
 
2084                 IPW_CMD(TGI_TX_KEY);
 
2085                 IPW_CMD(SCAN_REQUEST);
 
2086                 IPW_CMD(SCAN_REQUEST_EXT);
 
2088                 IPW_CMD(SUPPORTED_RATES);
 
2089                 IPW_CMD(SCAN_ABORT);
 
2091                 IPW_CMD(QOS_PARAMETERS);
 
2092                 IPW_CMD(DINO_CONFIG);
 
2093                 IPW_CMD(RSN_CAPABILITIES);
 
2095                 IPW_CMD(CARD_DISABLE);
 
2096                 IPW_CMD(SEED_NUMBER);
 
2098                 IPW_CMD(COUNTRY_INFO);
 
2099                 IPW_CMD(AIRONET_INFO);
 
2100                 IPW_CMD(AP_TX_POWER);
 
2102                 IPW_CMD(CCX_VER_INFO);
 
2103                 IPW_CMD(SET_CALIBRATION);
 
2104                 IPW_CMD(SENSITIVITY_CALIB);
 
2105                 IPW_CMD(RETRY_LIMIT);
 
2106                 IPW_CMD(IPW_PRE_POWER_DOWN);
 
2107                 IPW_CMD(VAP_BEACON_TEMPLATE);
 
2108                 IPW_CMD(VAP_DTIM_PERIOD);
 
2109                 IPW_CMD(EXT_SUPPORTED_RATES);
 
2110                 IPW_CMD(VAP_LOCAL_TX_PWR_CONSTRAINT);
 
2111                 IPW_CMD(VAP_QUIET_INTERVALS);
 
2112                 IPW_CMD(VAP_CHANNEL_SWITCH);
 
2113                 IPW_CMD(VAP_MANDATORY_CHANNELS);
 
2114                 IPW_CMD(VAP_CELL_PWR_LIMIT);
 
2115                 IPW_CMD(VAP_CF_PARAM_SET);
 
2116                 IPW_CMD(VAP_SET_BEACONING_STATE);
 
2117                 IPW_CMD(MEASUREMENT);
 
2118                 IPW_CMD(POWER_CAPABILITY);
 
2119                 IPW_CMD(SUPPORTED_CHANNELS);
 
2120                 IPW_CMD(TPC_REPORT);
 
2122                 IPW_CMD(PRODUCTION_COMMAND);
 
2128 #define HOST_COMPLETE_TIMEOUT HZ
 
2130 static int __ipw_send_cmd(struct ipw_priv *priv, struct host_cmd *cmd)
 
2133         unsigned long flags;
 
2135         spin_lock_irqsave(&priv->lock, flags);
 
2136         if (priv->status & STATUS_HCMD_ACTIVE) {
 
2137                 IPW_ERROR("Failed to send %s: Already sending a command.\n",
 
2138                           get_cmd_string(cmd->cmd));
 
2139                 spin_unlock_irqrestore(&priv->lock, flags);
 
2143         priv->status |= STATUS_HCMD_ACTIVE;
 
2146                 priv->cmdlog[priv->cmdlog_pos].jiffies = jiffies;
 
2147                 priv->cmdlog[priv->cmdlog_pos].cmd.cmd = cmd->cmd;
 
2148                 priv->cmdlog[priv->cmdlog_pos].cmd.len = cmd->len;
 
2149                 memcpy(priv->cmdlog[priv->cmdlog_pos].cmd.param, cmd->param,
 
2151                 priv->cmdlog[priv->cmdlog_pos].retcode = -1;
 
2154         IPW_DEBUG_HC("%s command (#%d) %d bytes: 0x%08X\n",
 
2155                      get_cmd_string(cmd->cmd), cmd->cmd, cmd->len,
 
2158 #ifndef DEBUG_CMD_WEP_KEY
 
2159         if (cmd->cmd == IPW_CMD_WEP_KEY)
 
2160                 IPW_DEBUG_HC("WEP_KEY command masked out for secure.\n");
 
2163                 printk_buf(IPW_DL_HOST_COMMAND, (u8 *) cmd->param, cmd->len);
 
2165         rc = ipw_queue_tx_hcmd(priv, cmd->cmd, cmd->param, cmd->len, 0);
 
2167                 priv->status &= ~STATUS_HCMD_ACTIVE;
 
2168                 IPW_ERROR("Failed to send %s: Reason %d\n",
 
2169                           get_cmd_string(cmd->cmd), rc);
 
2170                 spin_unlock_irqrestore(&priv->lock, flags);
 
2173         spin_unlock_irqrestore(&priv->lock, flags);
 
2175         rc = wait_event_interruptible_timeout(priv->wait_command_queue,
 
2177                                                 status & STATUS_HCMD_ACTIVE),
 
2178                                               HOST_COMPLETE_TIMEOUT);
 
2180                 spin_lock_irqsave(&priv->lock, flags);
 
2181                 if (priv->status & STATUS_HCMD_ACTIVE) {
 
2182                         IPW_ERROR("Failed to send %s: Command timed out.\n",
 
2183                                   get_cmd_string(cmd->cmd));
 
2184                         priv->status &= ~STATUS_HCMD_ACTIVE;
 
2185                         spin_unlock_irqrestore(&priv->lock, flags);
 
2189                 spin_unlock_irqrestore(&priv->lock, flags);
 
2193         if (priv->status & STATUS_RF_KILL_HW) {
 
2194                 IPW_ERROR("Failed to send %s: Aborted due to RF kill switch.\n",
 
2195                           get_cmd_string(cmd->cmd));
 
2202                 priv->cmdlog[priv->cmdlog_pos++].retcode = rc;
 
2203                 priv->cmdlog_pos %= priv->cmdlog_len;
 
2208 static int ipw_send_cmd_simple(struct ipw_priv *priv, u8 command)
 
2210         struct host_cmd cmd = {
 
2214         return __ipw_send_cmd(priv, &cmd);
 
2217 static int ipw_send_cmd_pdu(struct ipw_priv *priv, u8 command, u8 len,
 
2220         struct host_cmd cmd = {
 
2226         return __ipw_send_cmd(priv, &cmd);
 
2229 static int ipw_send_host_complete(struct ipw_priv *priv)
 
2232                 IPW_ERROR("Invalid args\n");
 
2236         return ipw_send_cmd_simple(priv, IPW_CMD_HOST_COMPLETE);
 
2239 static int ipw_send_system_config(struct ipw_priv *priv)
 
2241         return ipw_send_cmd_pdu(priv, IPW_CMD_SYSTEM_CONFIG,
 
2242                                 sizeof(priv->sys_config),
 
2246 static int ipw_send_ssid(struct ipw_priv *priv, u8 * ssid, int len)
 
2248         if (!priv || !ssid) {
 
2249                 IPW_ERROR("Invalid args\n");
 
2253         return ipw_send_cmd_pdu(priv, IPW_CMD_SSID, min(len, IW_ESSID_MAX_SIZE),
 
2257 static int ipw_send_adapter_address(struct ipw_priv *priv, u8 * mac)
 
2259         if (!priv || !mac) {
 
2260                 IPW_ERROR("Invalid args\n");
 
2264         IPW_DEBUG_INFO("%s: Setting MAC to %s\n",
 
2265                        priv->net_dev->name, print_mac(mac, mac));
 
2267         return ipw_send_cmd_pdu(priv, IPW_CMD_ADAPTER_ADDRESS, ETH_ALEN, mac);
 
2271  * NOTE: This must be executed from our workqueue as it results in udelay
 
2272  * being called which may corrupt the keyboard if executed on default
 
2275 static void ipw_adapter_restart(void *adapter)
 
2277         struct ipw_priv *priv = adapter;
 
2279         if (priv->status & STATUS_RF_KILL_MASK)
 
2284         if (priv->assoc_network &&
 
2285             (priv->assoc_network->capability & WLAN_CAPABILITY_IBSS))
 
2286                 ipw_remove_current_network(priv);
 
2289                 IPW_ERROR("Failed to up device\n");
 
2294 static void ipw_bg_adapter_restart(struct work_struct *work)
 
2296         struct ipw_priv *priv =
 
2297                 container_of(work, struct ipw_priv, adapter_restart);
 
2298         mutex_lock(&priv->mutex);
 
2299         ipw_adapter_restart(priv);
 
2300         mutex_unlock(&priv->mutex);
 
2303 #define IPW_SCAN_CHECK_WATCHDOG (5 * HZ)
 
2305 static void ipw_scan_check(void *data)
 
2307         struct ipw_priv *priv = data;
 
2308         if (priv->status & (STATUS_SCANNING | STATUS_SCAN_ABORTING)) {
 
2309                 IPW_DEBUG_SCAN("Scan completion watchdog resetting "
 
2310                                "adapter after (%dms).\n",
 
2311                                jiffies_to_msecs(IPW_SCAN_CHECK_WATCHDOG));
 
2312                 queue_work(priv->workqueue, &priv->adapter_restart);
 
2316 static void ipw_bg_scan_check(struct work_struct *work)
 
2318         struct ipw_priv *priv =
 
2319                 container_of(work, struct ipw_priv, scan_check.work);
 
2320         mutex_lock(&priv->mutex);
 
2321         ipw_scan_check(priv);
 
2322         mutex_unlock(&priv->mutex);
 
2325 static int ipw_send_scan_request_ext(struct ipw_priv *priv,
 
2326                                      struct ipw_scan_request_ext *request)
 
2328         return ipw_send_cmd_pdu(priv, IPW_CMD_SCAN_REQUEST_EXT,
 
2329                                 sizeof(*request), request);
 
2332 static int ipw_send_scan_abort(struct ipw_priv *priv)
 
2335                 IPW_ERROR("Invalid args\n");
 
2339         return ipw_send_cmd_simple(priv, IPW_CMD_SCAN_ABORT);
 
2342 static int ipw_set_sensitivity(struct ipw_priv *priv, u16 sens)
 
2344         struct ipw_sensitivity_calib calib = {
 
2345                 .beacon_rssi_raw = cpu_to_le16(sens),
 
2348         return ipw_send_cmd_pdu(priv, IPW_CMD_SENSITIVITY_CALIB, sizeof(calib),
 
2352 static int ipw_send_associate(struct ipw_priv *priv,
 
2353                               struct ipw_associate *associate)
 
2355         struct ipw_associate tmp_associate;
 
2357         if (!priv || !associate) {
 
2358                 IPW_ERROR("Invalid args\n");
 
2362         memcpy(&tmp_associate, associate, sizeof(*associate));
 
2363         tmp_associate.policy_support =
 
2364             cpu_to_le16(tmp_associate.policy_support);
 
2365         tmp_associate.assoc_tsf_msw = cpu_to_le32(tmp_associate.assoc_tsf_msw);
 
2366         tmp_associate.assoc_tsf_lsw = cpu_to_le32(tmp_associate.assoc_tsf_lsw);
 
2367         tmp_associate.capability = cpu_to_le16(tmp_associate.capability);
 
2368         tmp_associate.listen_interval =
 
2369             cpu_to_le16(tmp_associate.listen_interval);
 
2370         tmp_associate.beacon_interval =
 
2371             cpu_to_le16(tmp_associate.beacon_interval);
 
2372         tmp_associate.atim_window = cpu_to_le16(tmp_associate.atim_window);
 
2374         return ipw_send_cmd_pdu(priv, IPW_CMD_ASSOCIATE, sizeof(tmp_associate),
 
2378 static int ipw_send_supported_rates(struct ipw_priv *priv,
 
2379                                     struct ipw_supported_rates *rates)
 
2381         if (!priv || !rates) {
 
2382                 IPW_ERROR("Invalid args\n");
 
2386         return ipw_send_cmd_pdu(priv, IPW_CMD_SUPPORTED_RATES, sizeof(*rates),
 
2390 static int ipw_set_random_seed(struct ipw_priv *priv)
 
2395                 IPW_ERROR("Invalid args\n");
 
2399         get_random_bytes(&val, sizeof(val));
 
2401         return ipw_send_cmd_pdu(priv, IPW_CMD_SEED_NUMBER, sizeof(val), &val);
 
2404 static int ipw_send_card_disable(struct ipw_priv *priv, u32 phy_off)
 
2407                 IPW_ERROR("Invalid args\n");
 
2411         phy_off = cpu_to_le32(phy_off);
 
2412         return ipw_send_cmd_pdu(priv, IPW_CMD_CARD_DISABLE, sizeof(phy_off),
 
2416 static int ipw_send_tx_power(struct ipw_priv *priv, struct ipw_tx_power *power)
 
2418         if (!priv || !power) {
 
2419                 IPW_ERROR("Invalid args\n");
 
2423         return ipw_send_cmd_pdu(priv, IPW_CMD_TX_POWER, sizeof(*power), power);
 
2426 static int ipw_set_tx_power(struct ipw_priv *priv)
 
2428         const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
 
2429         struct ipw_tx_power tx_power;
 
2433         memset(&tx_power, 0, sizeof(tx_power));
 
2435         /* configure device for 'G' band */
 
2436         tx_power.ieee_mode = IPW_G_MODE;
 
2437         tx_power.num_channels = geo->bg_channels;
 
2438         for (i = 0; i < geo->bg_channels; i++) {
 
2439                 max_power = geo->bg[i].max_power;
 
2440                 tx_power.channels_tx_power[i].channel_number =
 
2442                 tx_power.channels_tx_power[i].tx_power = max_power ?
 
2443                     min(max_power, priv->tx_power) : priv->tx_power;
 
2445         if (ipw_send_tx_power(priv, &tx_power))
 
2448         /* configure device to also handle 'B' band */
 
2449         tx_power.ieee_mode = IPW_B_MODE;
 
2450         if (ipw_send_tx_power(priv, &tx_power))
 
2453         /* configure device to also handle 'A' band */
 
2454         if (priv->ieee->abg_true) {
 
2455                 tx_power.ieee_mode = IPW_A_MODE;
 
2456                 tx_power.num_channels = geo->a_channels;
 
2457                 for (i = 0; i < tx_power.num_channels; i++) {
 
2458                         max_power = geo->a[i].max_power;
 
2459                         tx_power.channels_tx_power[i].channel_number =
 
2461                         tx_power.channels_tx_power[i].tx_power = max_power ?
 
2462                             min(max_power, priv->tx_power) : priv->tx_power;
 
2464                 if (ipw_send_tx_power(priv, &tx_power))
 
2470 static int ipw_send_rts_threshold(struct ipw_priv *priv, u16 rts)
 
2472         struct ipw_rts_threshold rts_threshold = {
 
2473                 .rts_threshold = cpu_to_le16(rts),
 
2477                 IPW_ERROR("Invalid args\n");
 
2481         return ipw_send_cmd_pdu(priv, IPW_CMD_RTS_THRESHOLD,
 
2482                                 sizeof(rts_threshold), &rts_threshold);
 
2485 static int ipw_send_frag_threshold(struct ipw_priv *priv, u16 frag)
 
2487         struct ipw_frag_threshold frag_threshold = {
 
2488                 .frag_threshold = cpu_to_le16(frag),
 
2492                 IPW_ERROR("Invalid args\n");
 
2496         return ipw_send_cmd_pdu(priv, IPW_CMD_FRAG_THRESHOLD,
 
2497                                 sizeof(frag_threshold), &frag_threshold);
 
2500 static int ipw_send_power_mode(struct ipw_priv *priv, u32 mode)
 
2505                 IPW_ERROR("Invalid args\n");
 
2509         /* If on battery, set to 3, if AC set to CAM, else user
 
2512         case IPW_POWER_BATTERY:
 
2513                 param = IPW_POWER_INDEX_3;
 
2516                 param = IPW_POWER_MODE_CAM;
 
2523         param = cpu_to_le32(param);
 
2524         return ipw_send_cmd_pdu(priv, IPW_CMD_POWER_MODE, sizeof(param),
 
2528 static int ipw_send_retry_limit(struct ipw_priv *priv, u8 slimit, u8 llimit)
 
2530         struct ipw_retry_limit retry_limit = {
 
2531                 .short_retry_limit = slimit,
 
2532                 .long_retry_limit = llimit
 
2536                 IPW_ERROR("Invalid args\n");
 
2540         return ipw_send_cmd_pdu(priv, IPW_CMD_RETRY_LIMIT, sizeof(retry_limit),
 
2545  * The IPW device contains a Microwire compatible EEPROM that stores
 
2546  * various data like the MAC address.  Usually the firmware has exclusive
 
2547  * access to the eeprom, but during device initialization (before the
 
2548  * device driver has sent the HostComplete command to the firmware) the
 
2549  * device driver has read access to the EEPROM by way of indirect addressing
 
2550  * through a couple of memory mapped registers.
 
2552  * The following is a simplified implementation for pulling data out of the
 
2553  * the eeprom, along with some helper functions to find information in
 
2554  * the per device private data's copy of the eeprom.
 
2556  * NOTE: To better understand how these functions work (i.e what is a chip
 
2557  *       select and why do have to keep driving the eeprom clock?), read
 
2558  *       just about any data sheet for a Microwire compatible EEPROM.
 
2561 /* write a 32 bit value into the indirect accessor register */
 
2562 static inline void eeprom_write_reg(struct ipw_priv *p, u32 data)
 
2564         ipw_write_reg32(p, FW_MEM_REG_EEPROM_ACCESS, data);
 
2566         /* the eeprom requires some time to complete the operation */
 
2567         udelay(p->eeprom_delay);
 
2572 /* perform a chip select operation */
 
2573 static void eeprom_cs(struct ipw_priv *priv)
 
2575         eeprom_write_reg(priv, 0);
 
2576         eeprom_write_reg(priv, EEPROM_BIT_CS);
 
2577         eeprom_write_reg(priv, EEPROM_BIT_CS | EEPROM_BIT_SK);
 
2578         eeprom_write_reg(priv, EEPROM_BIT_CS);
 
2581 /* perform a chip select operation */
 
2582 static void eeprom_disable_cs(struct ipw_priv *priv)
 
2584         eeprom_write_reg(priv, EEPROM_BIT_CS);
 
2585         eeprom_write_reg(priv, 0);
 
2586         eeprom_write_reg(priv, EEPROM_BIT_SK);
 
2589 /* push a single bit down to the eeprom */
 
2590 static inline void eeprom_write_bit(struct ipw_priv *p, u8 bit)
 
2592         int d = (bit ? EEPROM_BIT_DI : 0);
 
2593         eeprom_write_reg(p, EEPROM_BIT_CS | d);
 
2594         eeprom_write_reg(p, EEPROM_BIT_CS | d | EEPROM_BIT_SK);
 
2597 /* push an opcode followed by an address down to the eeprom */
 
2598 static void eeprom_op(struct ipw_priv *priv, u8 op, u8 addr)
 
2603         eeprom_write_bit(priv, 1);
 
2604         eeprom_write_bit(priv, op & 2);
 
2605         eeprom_write_bit(priv, op & 1);
 
2606         for (i = 7; i >= 0; i--) {
 
2607                 eeprom_write_bit(priv, addr & (1 << i));
 
2611 /* pull 16 bits off the eeprom, one bit at a time */
 
2612 static u16 eeprom_read_u16(struct ipw_priv *priv, u8 addr)
 
2617         /* Send READ Opcode */
 
2618         eeprom_op(priv, EEPROM_CMD_READ, addr);
 
2620         /* Send dummy bit */
 
2621         eeprom_write_reg(priv, EEPROM_BIT_CS);
 
2623         /* Read the byte off the eeprom one bit at a time */
 
2624         for (i = 0; i < 16; i++) {
 
2626                 eeprom_write_reg(priv, EEPROM_BIT_CS | EEPROM_BIT_SK);
 
2627                 eeprom_write_reg(priv, EEPROM_BIT_CS);
 
2628                 data = ipw_read_reg32(priv, FW_MEM_REG_EEPROM_ACCESS);
 
2629                 r = (r << 1) | ((data & EEPROM_BIT_DO) ? 1 : 0);
 
2632         /* Send another dummy bit */
 
2633         eeprom_write_reg(priv, 0);
 
2634         eeprom_disable_cs(priv);
 
2639 /* helper function for pulling the mac address out of the private */
 
2640 /* data's copy of the eeprom data                                 */
 
2641 static void eeprom_parse_mac(struct ipw_priv *priv, u8 * mac)
 
2643         memcpy(mac, &priv->eeprom[EEPROM_MAC_ADDRESS], 6);
 
2647  * Either the device driver (i.e. the host) or the firmware can
 
2648  * load eeprom data into the designated region in SRAM.  If neither
 
2649  * happens then the FW will shutdown with a fatal error.
 
2651  * In order to signal the FW to load the EEPROM, the EEPROM_LOAD_DISABLE
 
2652  * bit needs region of shared SRAM needs to be non-zero.
 
2654 static void ipw_eeprom_init_sram(struct ipw_priv *priv)
 
2657         u16 *eeprom = (u16 *) priv->eeprom;
 
2659         IPW_DEBUG_TRACE(">>\n");
 
2661         /* read entire contents of eeprom into private buffer */
 
2662         for (i = 0; i < 128; i++)
 
2663                 eeprom[i] = le16_to_cpu(eeprom_read_u16(priv, (u8) i));
 
2666            If the data looks correct, then copy it to our private
 
2667            copy.  Otherwise let the firmware know to perform the operation
 
2670         if (priv->eeprom[EEPROM_VERSION] != 0) {
 
2671                 IPW_DEBUG_INFO("Writing EEPROM data into SRAM\n");
 
2673                 /* write the eeprom data to sram */
 
2674                 for (i = 0; i < IPW_EEPROM_IMAGE_SIZE; i++)
 
2675                         ipw_write8(priv, IPW_EEPROM_DATA + i, priv->eeprom[i]);
 
2677                 /* Do not load eeprom data on fatal error or suspend */
 
2678                 ipw_write32(priv, IPW_EEPROM_LOAD_DISABLE, 0);
 
2680                 IPW_DEBUG_INFO("Enabling FW initializationg of SRAM\n");
 
2682                 /* Load eeprom data on fatal error or suspend */
 
2683                 ipw_write32(priv, IPW_EEPROM_LOAD_DISABLE, 1);
 
2686         IPW_DEBUG_TRACE("<<\n");
 
2689 static void ipw_zero_memory(struct ipw_priv *priv, u32 start, u32 count)
 
2694         _ipw_write32(priv, IPW_AUTOINC_ADDR, start);
 
2696                 _ipw_write32(priv, IPW_AUTOINC_DATA, 0);
 
2699 static inline void ipw_fw_dma_reset_command_blocks(struct ipw_priv *priv)
 
2701         ipw_zero_memory(priv, IPW_SHARED_SRAM_DMA_CONTROL,
 
2702                         CB_NUMBER_OF_ELEMENTS_SMALL *
 
2703                         sizeof(struct command_block));
 
2706 static int ipw_fw_dma_enable(struct ipw_priv *priv)
 
2707 {                               /* start dma engine but no transfers yet */
 
2709         IPW_DEBUG_FW(">> : \n");
 
2712         ipw_fw_dma_reset_command_blocks(priv);
 
2714         /* Write CB base address */
 
2715         ipw_write_reg32(priv, IPW_DMA_I_CB_BASE, IPW_SHARED_SRAM_DMA_CONTROL);
 
2717         IPW_DEBUG_FW("<< : \n");
 
2721 static void ipw_fw_dma_abort(struct ipw_priv *priv)
 
2725         IPW_DEBUG_FW(">> :\n");
 
2727         /* set the Stop and Abort bit */
 
2728         control = DMA_CONTROL_SMALL_CB_CONST_VALUE | DMA_CB_STOP_AND_ABORT;
 
2729         ipw_write_reg32(priv, IPW_DMA_I_DMA_CONTROL, control);
 
2730         priv->sram_desc.last_cb_index = 0;
 
2732         IPW_DEBUG_FW("<< \n");
 
2735 static int ipw_fw_dma_write_command_block(struct ipw_priv *priv, int index,
 
2736                                           struct command_block *cb)
 
2739             IPW_SHARED_SRAM_DMA_CONTROL +
 
2740             (sizeof(struct command_block) * index);
 
2741         IPW_DEBUG_FW(">> :\n");
 
2743         ipw_write_indirect(priv, address, (u8 *) cb,
 
2744                            (int)sizeof(struct command_block));
 
2746         IPW_DEBUG_FW("<< :\n");
 
2751 static int ipw_fw_dma_kick(struct ipw_priv *priv)
 
2756         IPW_DEBUG_FW(">> :\n");
 
2758         for (index = 0; index < priv->sram_desc.last_cb_index; index++)
 
2759                 ipw_fw_dma_write_command_block(priv, index,
 
2760                                                &priv->sram_desc.cb_list[index]);
 
2762         /* Enable the DMA in the CSR register */
 
2763         ipw_clear_bit(priv, IPW_RESET_REG,
 
2764                       IPW_RESET_REG_MASTER_DISABLED |
 
2765                       IPW_RESET_REG_STOP_MASTER);
 
2767         /* Set the Start bit. */
 
2768         control = DMA_CONTROL_SMALL_CB_CONST_VALUE | DMA_CB_START;
 
2769         ipw_write_reg32(priv, IPW_DMA_I_DMA_CONTROL, control);
 
2771         IPW_DEBUG_FW("<< :\n");
 
2775 static void ipw_fw_dma_dump_command_block(struct ipw_priv *priv)
 
2778         u32 register_value = 0;
 
2779         u32 cb_fields_address = 0;
 
2781         IPW_DEBUG_FW(">> :\n");
 
2782         address = ipw_read_reg32(priv, IPW_DMA_I_CURRENT_CB);
 
2783         IPW_DEBUG_FW_INFO("Current CB is 0x%x \n", address);
 
2785         /* Read the DMA Controlor register */
 
2786         register_value = ipw_read_reg32(priv, IPW_DMA_I_DMA_CONTROL);
 
2787         IPW_DEBUG_FW_INFO("IPW_DMA_I_DMA_CONTROL is 0x%x \n", register_value);
 
2789         /* Print the CB values */
 
2790         cb_fields_address = address;
 
2791         register_value = ipw_read_reg32(priv, cb_fields_address);
 
2792         IPW_DEBUG_FW_INFO("Current CB ControlField is 0x%x \n", register_value);
 
2794         cb_fields_address += sizeof(u32);
 
2795         register_value = ipw_read_reg32(priv, cb_fields_address);
 
2796         IPW_DEBUG_FW_INFO("Current CB Source Field is 0x%x \n", register_value);
 
2798         cb_fields_address += sizeof(u32);
 
2799         register_value = ipw_read_reg32(priv, cb_fields_address);
 
2800         IPW_DEBUG_FW_INFO("Current CB Destination Field is 0x%x \n",
 
2803         cb_fields_address += sizeof(u32);
 
2804         register_value = ipw_read_reg32(priv, cb_fields_address);
 
2805         IPW_DEBUG_FW_INFO("Current CB Status Field is 0x%x \n", register_value);
 
2807         IPW_DEBUG_FW(">> :\n");
 
2810 static int ipw_fw_dma_command_block_index(struct ipw_priv *priv)
 
2812         u32 current_cb_address = 0;
 
2813         u32 current_cb_index = 0;
 
2815         IPW_DEBUG_FW("<< :\n");
 
2816         current_cb_address = ipw_read_reg32(priv, IPW_DMA_I_CURRENT_CB);
 
2818         current_cb_index = (current_cb_address - IPW_SHARED_SRAM_DMA_CONTROL) /
 
2819             sizeof(struct command_block);
 
2821         IPW_DEBUG_FW_INFO("Current CB index 0x%x address = 0x%X \n",
 
2822                           current_cb_index, current_cb_address);
 
2824         IPW_DEBUG_FW(">> :\n");
 
2825         return current_cb_index;
 
2829 static int ipw_fw_dma_add_command_block(struct ipw_priv *priv,
 
2833                                         int interrupt_enabled, int is_last)
 
2836         u32 control = CB_VALID | CB_SRC_LE | CB_DEST_LE | CB_SRC_AUTOINC |
 
2837             CB_SRC_IO_GATED | CB_DEST_AUTOINC | CB_SRC_SIZE_LONG |
 
2839         struct command_block *cb;
 
2840         u32 last_cb_element = 0;
 
2842         IPW_DEBUG_FW_INFO("src_address=0x%x dest_address=0x%x length=0x%x\n",
 
2843                           src_address, dest_address, length);
 
2845         if (priv->sram_desc.last_cb_index >= CB_NUMBER_OF_ELEMENTS_SMALL)
 
2848         last_cb_element = priv->sram_desc.last_cb_index;
 
2849         cb = &priv->sram_desc.cb_list[last_cb_element];
 
2850         priv->sram_desc.last_cb_index++;
 
2852         /* Calculate the new CB control word */
 
2853         if (interrupt_enabled)
 
2854                 control |= CB_INT_ENABLED;
 
2857                 control |= CB_LAST_VALID;
 
2861         /* Calculate the CB Element's checksum value */
 
2862         cb->status = control ^ src_address ^ dest_address;
 
2864         /* Copy the Source and Destination addresses */
 
2865         cb->dest_addr = dest_address;
 
2866         cb->source_addr = src_address;
 
2868         /* Copy the Control Word last */
 
2869         cb->control = control;
 
2874 static int ipw_fw_dma_add_buffer(struct ipw_priv *priv,
 
2875                                  u32 src_phys, u32 dest_address, u32 length)
 
2877         u32 bytes_left = length;
 
2879         u32 dest_offset = 0;
 
2881         IPW_DEBUG_FW(">> \n");
 
2882         IPW_DEBUG_FW_INFO("src_phys=0x%x dest_address=0x%x length=0x%x\n",
 
2883                           src_phys, dest_address, length);
 
2884         while (bytes_left > CB_MAX_LENGTH) {
 
2885                 status = ipw_fw_dma_add_command_block(priv,
 
2886                                                       src_phys + src_offset,
 
2889                                                       CB_MAX_LENGTH, 0, 0);
 
2891                         IPW_DEBUG_FW_INFO(": Failed\n");
 
2894                         IPW_DEBUG_FW_INFO(": Added new cb\n");
 
2896                 src_offset += CB_MAX_LENGTH;
 
2897                 dest_offset += CB_MAX_LENGTH;
 
2898                 bytes_left -= CB_MAX_LENGTH;
 
2901         /* add the buffer tail */
 
2902         if (bytes_left > 0) {
 
2904                     ipw_fw_dma_add_command_block(priv, src_phys + src_offset,
 
2905                                                  dest_address + dest_offset,
 
2908                         IPW_DEBUG_FW_INFO(": Failed on the buffer tail\n");
 
2912                             (": Adding new cb - the buffer tail\n");
 
2915         IPW_DEBUG_FW("<< \n");
 
2919 static int ipw_fw_dma_wait(struct ipw_priv *priv)
 
2921         u32 current_index = 0, previous_index;
 
2924         IPW_DEBUG_FW(">> : \n");
 
2926         current_index = ipw_fw_dma_command_block_index(priv);
 
2927         IPW_DEBUG_FW_INFO("sram_desc.last_cb_index:0x%08X\n",
 
2928                           (int)priv->sram_desc.last_cb_index);
 
2930         while (current_index < priv->sram_desc.last_cb_index) {
 
2932                 previous_index = current_index;
 
2933                 current_index = ipw_fw_dma_command_block_index(priv);
 
2935                 if (previous_index < current_index) {
 
2939                 if (++watchdog > 400) {
 
2940                         IPW_DEBUG_FW_INFO("Timeout\n");
 
2941                         ipw_fw_dma_dump_command_block(priv);
 
2942                         ipw_fw_dma_abort(priv);
 
2947         ipw_fw_dma_abort(priv);
 
2949         /*Disable the DMA in the CSR register */
 
2950         ipw_set_bit(priv, IPW_RESET_REG,
 
2951                     IPW_RESET_REG_MASTER_DISABLED | IPW_RESET_REG_STOP_MASTER);
 
2953         IPW_DEBUG_FW("<< dmaWaitSync \n");
 
2957 static void ipw_remove_current_network(struct ipw_priv *priv)
 
2959         struct list_head *element, *safe;
 
2960         struct ieee80211_network *network = NULL;
 
2961         unsigned long flags;
 
2963         spin_lock_irqsave(&priv->ieee->lock, flags);
 
2964         list_for_each_safe(element, safe, &priv->ieee->network_list) {
 
2965                 network = list_entry(element, struct ieee80211_network, list);
 
2966                 if (!memcmp(network->bssid, priv->bssid, ETH_ALEN)) {
 
2968                         list_add_tail(&network->list,
 
2969                                       &priv->ieee->network_free_list);
 
2972         spin_unlock_irqrestore(&priv->ieee->lock, flags);
 
2976  * Check that card is still alive.
 
2977  * Reads debug register from domain0.
 
2978  * If card is present, pre-defined value should
 
2982  * @return 1 if card is present, 0 otherwise
 
2984 static inline int ipw_alive(struct ipw_priv *priv)
 
2986         return ipw_read32(priv, 0x90) == 0xd55555d5;
 
2989 /* timeout in msec, attempted in 10-msec quanta */
 
2990 static int ipw_poll_bit(struct ipw_priv *priv, u32 addr, u32 mask,
 
2996                 if ((ipw_read32(priv, addr) & mask) == mask)
 
3000         } while (i < timeout);
 
3005 /* These functions load the firmware and micro code for the operation of
 
3006  * the ipw hardware.  It assumes the buffer has all the bits for the
 
3007  * image and the caller is handling the memory allocation and clean up.
 
3010 static int ipw_stop_master(struct ipw_priv *priv)
 
3014         IPW_DEBUG_TRACE(">> \n");
 
3015         /* stop master. typical delay - 0 */
 
3016         ipw_set_bit(priv, IPW_RESET_REG, IPW_RESET_REG_STOP_MASTER);
 
3018         /* timeout is in msec, polled in 10-msec quanta */
 
3019         rc = ipw_poll_bit(priv, IPW_RESET_REG,
 
3020                           IPW_RESET_REG_MASTER_DISABLED, 100);
 
3022                 IPW_ERROR("wait for stop master failed after 100ms\n");
 
3026         IPW_DEBUG_INFO("stop master %dms\n", rc);
 
3031 static void ipw_arc_release(struct ipw_priv *priv)
 
3033         IPW_DEBUG_TRACE(">> \n");
 
3036         ipw_clear_bit(priv, IPW_RESET_REG, CBD_RESET_REG_PRINCETON_RESET);
 
3038         /* no one knows timing, for safety add some delay */
 
3047 static int ipw_load_ucode(struct ipw_priv *priv, u8 * data, size_t len)
 
3049         int rc = 0, i, addr;
 
3053         image = (u16 *) data;
 
3055         IPW_DEBUG_TRACE(">> \n");
 
3057         rc = ipw_stop_master(priv);
 
3062         for (addr = IPW_SHARED_LOWER_BOUND;
 
3063              addr < IPW_REGISTER_DOMAIN1_END; addr += 4) {
 
3064                 ipw_write32(priv, addr, 0);
 
3067         /* no ucode (yet) */
 
3068         memset(&priv->dino_alive, 0, sizeof(priv->dino_alive));
 
3069         /* destroy DMA queues */
 
3070         /* reset sequence */
 
3072         ipw_write_reg32(priv, IPW_MEM_HALT_AND_RESET, IPW_BIT_HALT_RESET_ON);
 
3073         ipw_arc_release(priv);
 
3074         ipw_write_reg32(priv, IPW_MEM_HALT_AND_RESET, IPW_BIT_HALT_RESET_OFF);
 
3078         ipw_write_reg32(priv, IPW_INTERNAL_CMD_EVENT, IPW_BASEBAND_POWER_DOWN);
 
3081         ipw_write_reg32(priv, IPW_INTERNAL_CMD_EVENT, 0);
 
3084         /* enable ucode store */
 
3085         ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, 0x0);
 
3086         ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, DINO_ENABLE_CS);
 
3092          * Do NOT set indirect address register once and then
 
3093          * store data to indirect data register in the loop.
 
3094          * It seems very reasonable, but in this case DINO do not
 
3095          * accept ucode. It is essential to set address each time.
 
3097         /* load new ipw uCode */
 
3098         for (i = 0; i < len / 2; i++)
 
3099                 ipw_write_reg16(priv, IPW_BASEBAND_CONTROL_STORE,
 
3100                                 cpu_to_le16(image[i]));
 
3103         ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, 0);
 
3104         ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, DINO_ENABLE_SYSTEM);
 
3106         /* this is where the igx / win driver deveates from the VAP driver. */
 
3108         /* wait for alive response */
 
3109         for (i = 0; i < 100; i++) {
 
3110                 /* poll for incoming data */
 
3111                 cr = ipw_read_reg8(priv, IPW_BASEBAND_CONTROL_STATUS);
 
3112                 if (cr & DINO_RXFIFO_DATA)
 
3117         if (cr & DINO_RXFIFO_DATA) {
 
3118                 /* alive_command_responce size is NOT multiple of 4 */
 
3119                 u32 response_buffer[(sizeof(priv->dino_alive) + 3) / 4];
 
3121                 for (i = 0; i < ARRAY_SIZE(response_buffer); i++)
 
3122                         response_buffer[i] =
 
3123                             le32_to_cpu(ipw_read_reg32(priv,
 
3124                                                        IPW_BASEBAND_RX_FIFO_READ));
 
3125                 memcpy(&priv->dino_alive, response_buffer,
 
3126                        sizeof(priv->dino_alive));
 
3127                 if (priv->dino_alive.alive_command == 1
 
3128                     && priv->dino_alive.ucode_valid == 1) {
 
3131                             ("Microcode OK, rev. %d (0x%x) dev. %d (0x%x) "
 
3132                              "of %02d/%02d/%02d %02d:%02d\n",
 
3133                              priv->dino_alive.software_revision,
 
3134                              priv->dino_alive.software_revision,
 
3135                              priv->dino_alive.device_identifier,
 
3136                              priv->dino_alive.device_identifier,
 
3137                              priv->dino_alive.time_stamp[0],
 
3138                              priv->dino_alive.time_stamp[1],
 
3139                              priv->dino_alive.time_stamp[2],
 
3140                              priv->dino_alive.time_stamp[3],
 
3141                              priv->dino_alive.time_stamp[4]);
 
3143                         IPW_DEBUG_INFO("Microcode is not alive\n");
 
3147                 IPW_DEBUG_INFO("No alive response from DINO\n");
 
3151         /* disable DINO, otherwise for some reason
 
3152            firmware have problem getting alive resp. */
 
3153         ipw_write_reg8(priv, IPW_BASEBAND_CONTROL_STATUS, 0);
 
3158 static int ipw_load_firmware(struct ipw_priv *priv, u8 * data, size_t len)
 
3162         struct fw_chunk *chunk;
 
3163         dma_addr_t shared_phys;
 
3166         IPW_DEBUG_TRACE("<< : \n");
 
3167         shared_virt = pci_alloc_consistent(priv->pci_dev, len, &shared_phys);
 
3172         memmove(shared_virt, data, len);
 
3175         rc = ipw_fw_dma_enable(priv);
 
3177         if (priv->sram_desc.last_cb_index > 0) {
 
3178                 /* the DMA is already ready this would be a bug. */
 
3184                 chunk = (struct fw_chunk *)(data + offset);
 
3185                 offset += sizeof(struct fw_chunk);
 
3186                 /* build DMA packet and queue up for sending */
 
3187                 /* dma to chunk->address, the chunk->length bytes from data +
 
3190                 rc = ipw_fw_dma_add_buffer(priv, shared_phys + offset,
 
3191                                            le32_to_cpu(chunk->address),
 
3192                                            le32_to_cpu(chunk->length));
 
3194                         IPW_DEBUG_INFO("dmaAddBuffer Failed\n");
 
3198                 offset += le32_to_cpu(chunk->length);
 
3199         } while (offset < len);
 
3201         /* Run the DMA and wait for the answer */
 
3202         rc = ipw_fw_dma_kick(priv);
 
3204                 IPW_ERROR("dmaKick Failed\n");
 
3208         rc = ipw_fw_dma_wait(priv);
 
3210                 IPW_ERROR("dmaWaitSync Failed\n");
 
3214         pci_free_consistent(priv->pci_dev, len, shared_virt, shared_phys);
 
3219 static int ipw_stop_nic(struct ipw_priv *priv)
 
3224         ipw_write32(priv, IPW_RESET_REG, IPW_RESET_REG_STOP_MASTER);
 
3226         rc = ipw_poll_bit(priv, IPW_RESET_REG,
 
3227                           IPW_RESET_REG_MASTER_DISABLED, 500);
 
3229                 IPW_ERROR("wait for reg master disabled failed after 500ms\n");
 
3233         ipw_set_bit(priv, IPW_RESET_REG, CBD_RESET_REG_PRINCETON_RESET);
 
3238 static void ipw_start_nic(struct ipw_priv *priv)
 
3240         IPW_DEBUG_TRACE(">>\n");
 
3242         /* prvHwStartNic  release ARC */
 
3243         ipw_clear_bit(priv, IPW_RESET_REG,
 
3244                       IPW_RESET_REG_MASTER_DISABLED |
 
3245                       IPW_RESET_REG_STOP_MASTER |
 
3246                       CBD_RESET_REG_PRINCETON_RESET);
 
3248         /* enable power management */
 
3249         ipw_set_bit(priv, IPW_GP_CNTRL_RW,
 
3250                     IPW_GP_CNTRL_BIT_HOST_ALLOWS_STANDBY);
 
3252         IPW_DEBUG_TRACE("<<\n");
 
3255 static int ipw_init_nic(struct ipw_priv *priv)
 
3259         IPW_DEBUG_TRACE(">>\n");
 
3262         /* set "initialization complete" bit to move adapter to D0 state */
 
3263         ipw_set_bit(priv, IPW_GP_CNTRL_RW, IPW_GP_CNTRL_BIT_INIT_DONE);
 
3265         /* low-level PLL activation */
 
3266         ipw_write32(priv, IPW_READ_INT_REGISTER,
 
3267                     IPW_BIT_INT_HOST_SRAM_READ_INT_REGISTER);
 
3269         /* wait for clock stabilization */
 
3270         rc = ipw_poll_bit(priv, IPW_GP_CNTRL_RW,
 
3271                           IPW_GP_CNTRL_BIT_CLOCK_READY, 250);
 
3273                 IPW_DEBUG_INFO("FAILED wait for clock stablization\n");
 
3275         /* assert SW reset */
 
3276         ipw_set_bit(priv, IPW_RESET_REG, IPW_RESET_REG_SW_RESET);
 
3280         /* set "initialization complete" bit to move adapter to D0 state */
 
3281         ipw_set_bit(priv, IPW_GP_CNTRL_RW, IPW_GP_CNTRL_BIT_INIT_DONE);
 
3283         IPW_DEBUG_TRACE(">>\n");
 
3287 /* Call this function from process context, it will sleep in request_firmware.
 
3288  * Probe is an ok place to call this from.
 
3290 static int ipw_reset_nic(struct ipw_priv *priv)
 
3293         unsigned long flags;
 
3295         IPW_DEBUG_TRACE(">>\n");
 
3297         rc = ipw_init_nic(priv);
 
3299         spin_lock_irqsave(&priv->lock, flags);
 
3300         /* Clear the 'host command active' bit... */
 
3301         priv->status &= ~STATUS_HCMD_ACTIVE;
 
3302         wake_up_interruptible(&priv->wait_command_queue);
 
3303         priv->status &= ~(STATUS_SCANNING | STATUS_SCAN_ABORTING);
 
3304         wake_up_interruptible(&priv->wait_state);
 
3305         spin_unlock_irqrestore(&priv->lock, flags);
 
3307         IPW_DEBUG_TRACE("<<\n");
 
3320 static int ipw_get_fw(struct ipw_priv *priv,
 
3321                       const struct firmware **raw, const char *name)
 
3326         /* ask firmware_class module to get the boot firmware off disk */
 
3327         rc = request_firmware(raw, name, &priv->pci_dev->dev);
 
3329                 IPW_ERROR("%s request_firmware failed: Reason %d\n", name, rc);
 
3333         if ((*raw)->size < sizeof(*fw)) {
 
3334                 IPW_ERROR("%s is too small (%zd)\n", name, (*raw)->size);
 
3338         fw = (void *)(*raw)->data;
 
3340         if ((*raw)->size < sizeof(*fw) + le32_to_cpu(fw->boot_size) +
 
3341             le32_to_cpu(fw->ucode_size) + le32_to_cpu(fw->fw_size)) {
 
3342                 IPW_ERROR("%s is too small or corrupt (%zd)\n",
 
3343                           name, (*raw)->size);
 
3347         IPW_DEBUG_INFO("Read firmware '%s' image v%d.%d (%zd bytes)\n",
 
3349                        le32_to_cpu(fw->ver) >> 16,
 
3350                        le32_to_cpu(fw->ver) & 0xff,
 
3351                        (*raw)->size - sizeof(*fw));
 
3355 #define IPW_RX_BUF_SIZE (3000)
 
3357 static void ipw_rx_queue_reset(struct ipw_priv *priv,
 
3358                                       struct ipw_rx_queue *rxq)
 
3360         unsigned long flags;
 
3363         spin_lock_irqsave(&rxq->lock, flags);
 
3365         INIT_LIST_HEAD(&rxq->rx_free);
 
3366         INIT_LIST_HEAD(&rxq->rx_used);
 
3368         /* Fill the rx_used queue with _all_ of the Rx buffers */
 
3369         for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++) {
 
3370                 /* In the reset function, these buffers may have been allocated
 
3371                  * to an SKB, so we need to unmap and free potential storage */
 
3372                 if (rxq->pool[i].skb != NULL) {
 
3373                         pci_unmap_single(priv->pci_dev, rxq->pool[i].dma_addr,
 
3374                                          IPW_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
 
3375                         dev_kfree_skb(rxq->pool[i].skb);
 
3376                         rxq->pool[i].skb = NULL;
 
3378                 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
 
3381         /* Set us so that we have processed and used all buffers, but have
 
3382          * not restocked the Rx queue with fresh buffers */
 
3383         rxq->read = rxq->write = 0;
 
3384         rxq->processed = RX_QUEUE_SIZE - 1;
 
3385         rxq->free_count = 0;
 
3386         spin_unlock_irqrestore(&rxq->lock, flags);
 
3390 static int fw_loaded = 0;
 
3391 static const struct firmware *raw = NULL;
 
3393 static void free_firmware(void)
 
3396                 release_firmware(raw);
 
3402 #define free_firmware() do {} while (0)
 
3405 static int ipw_load(struct ipw_priv *priv)
 
3408         const struct firmware *raw = NULL;
 
3411         u8 *boot_img, *ucode_img, *fw_img;
 
3413         int rc = 0, retries = 3;
 
3415         switch (priv->ieee->iw_mode) {
 
3417                 name = "ipw2200-ibss.fw";
 
3419 #ifdef CONFIG_IPW2200_MONITOR
 
3420         case IW_MODE_MONITOR:
 
3421                 name = "ipw2200-sniffer.fw";
 
3425                 name = "ipw2200-bss.fw";
 
3437                 rc = ipw_get_fw(priv, &raw, name);
 
3444         fw = (void *)raw->data;
 
3445         boot_img = &fw->data[0];
 
3446         ucode_img = &fw->data[le32_to_cpu(fw->boot_size)];
 
3447         fw_img = &fw->data[le32_to_cpu(fw->boot_size) +
 
3448                            le32_to_cpu(fw->ucode_size)];
 
3454                 priv->rxq = ipw_rx_queue_alloc(priv);
 
3456                 ipw_rx_queue_reset(priv, priv->rxq);
 
3458                 IPW_ERROR("Unable to initialize Rx queue\n");
 
3463         /* Ensure interrupts are disabled */
 
3464         ipw_write32(priv, IPW_INTA_MASK_R, ~IPW_INTA_MASK_ALL);
 
3465         priv->status &= ~STATUS_INT_ENABLED;
 
3467         /* ack pending interrupts */
 
3468         ipw_write32(priv, IPW_INTA_RW, IPW_INTA_MASK_ALL);
 
3472         rc = ipw_reset_nic(priv);
 
3474                 IPW_ERROR("Unable to reset NIC\n");
 
3478         ipw_zero_memory(priv, IPW_NIC_SRAM_LOWER_BOUND,
 
3479                         IPW_NIC_SRAM_UPPER_BOUND - IPW_NIC_SRAM_LOWER_BOUND);
 
3481         /* DMA the initial boot firmware into the device */
 
3482         rc = ipw_load_firmware(priv, boot_img, le32_to_cpu(fw->boot_size));
 
3484                 IPW_ERROR("Unable to load boot firmware: %d\n", rc);
 
3488         /* kick start the device */
 
3489         ipw_start_nic(priv);
 
3491         /* wait for the device to finish its initial startup sequence */
 
3492         rc = ipw_poll_bit(priv, IPW_INTA_RW,
 
3493                           IPW_INTA_BIT_FW_INITIALIZATION_DONE, 500);
 
3495                 IPW_ERROR("device failed to boot initial fw image\n");
 
3498         IPW_DEBUG_INFO("initial device response after %dms\n", rc);
 
3500         /* ack fw init done interrupt */
 
3501         ipw_write32(priv, IPW_INTA_RW, IPW_INTA_BIT_FW_INITIALIZATION_DONE);
 
3503         /* DMA the ucode into the device */
 
3504         rc = ipw_load_ucode(priv, ucode_img, le32_to_cpu(fw->ucode_size));
 
3506                 IPW_ERROR("Unable to load ucode: %d\n", rc);
 
3513         /* DMA bss firmware into the device */
 
3514         rc = ipw_load_firmware(priv, fw_img, le32_to_cpu(fw->fw_size));
 
3516                 IPW_ERROR("Unable to load firmware: %d\n", rc);
 
3523         ipw_write32(priv, IPW_EEPROM_LOAD_DISABLE, 0);
 
3525         rc = ipw_queue_reset(priv);
 
3527                 IPW_ERROR("Unable to initialize queues\n");
 
3531         /* Ensure interrupts are disabled */
 
3532         ipw_write32(priv, IPW_INTA_MASK_R, ~IPW_INTA_MASK_ALL);
 
3533         /* ack pending interrupts */
 
3534         ipw_write32(priv, IPW_INTA_RW, IPW_INTA_MASK_ALL);
 
3536         /* kick start the device */
 
3537         ipw_start_nic(priv);
 
3539         if (ipw_read32(priv, IPW_INTA_RW) & IPW_INTA_BIT_PARITY_ERROR) {
 
3541                         IPW_WARNING("Parity error.  Retrying init.\n");
 
3546                 IPW_ERROR("TODO: Handle parity error -- schedule restart?\n");
 
3551         /* wait for the device */
 
3552         rc = ipw_poll_bit(priv, IPW_INTA_RW,
 
3553                           IPW_INTA_BIT_FW_INITIALIZATION_DONE, 500);
 
3555                 IPW_ERROR("device failed to start within 500ms\n");
 
3558         IPW_DEBUG_INFO("device response after %dms\n", rc);
 
3560         /* ack fw init done interrupt */
 
3561         ipw_write32(priv, IPW_INTA_RW, IPW_INTA_BIT_FW_INITIALIZATION_DONE);
 
3563         /* read eeprom data and initialize the eeprom region of sram */
 
3564         priv->eeprom_delay = 1;
 
3565         ipw_eeprom_init_sram(priv);
 
3567         /* enable interrupts */
 
3568         ipw_enable_interrupts(priv);
 
3570         /* Ensure our queue has valid packets */
 
3571         ipw_rx_queue_replenish(priv);
 
3573         ipw_write32(priv, IPW_RX_READ_INDEX, priv->rxq->read);
 
3575         /* ack pending interrupts */
 
3576         ipw_write32(priv, IPW_INTA_RW, IPW_INTA_MASK_ALL);
 
3579         release_firmware(raw);
 
3585                 ipw_rx_queue_free(priv, priv->rxq);
 
3588         ipw_tx_queue_free(priv);
 
3590                 release_firmware(raw);
 
3602  * Theory of operation
 
3604  * A queue is a circular buffers with 'Read' and 'Write' pointers.
 
3605  * 2 empty entries always kept in the buffer to protect from overflow.
 
3607  * For Tx queue, there are low mark and high mark limits. If, after queuing
 
3608  * the packet for Tx, free space become < low mark, Tx queue stopped. When
 
3609  * reclaiming packets (on 'tx done IRQ), if free space become > high mark,
 
3612  * The IPW operates with six queues, one receive queue in the device's
 
3613  * sram, one transmit queue for sending commands to the device firmware,
 
3614  * and four transmit queues for data.
 
3616  * The four transmit queues allow for performing quality of service (qos)
 
3617  * transmissions as per the 802.11 protocol.  Currently Linux does not
 
3618  * provide a mechanism to the user for utilizing prioritized queues, so
 
3619  * we only utilize the first data transmit queue (queue1).
 
3623  * Driver allocates buffers of this size for Rx
 
3626 static inline int ipw_queue_space(const struct clx2_queue *q)
 
3628         int s = q->last_used - q->first_empty;
 
3631         s -= 2;                 /* keep some reserve to not confuse empty and full situations */
 
3637 static inline int ipw_queue_inc_wrap(int index, int n_bd)
 
3639         return (++index == n_bd) ? 0 : index;
 
3643  * Initialize common DMA queue structure
 
3645  * @param q                queue to init
 
3646  * @param count            Number of BD's to allocate. Should be power of 2
 
3647  * @param read_register    Address for 'read' register
 
3648  *                         (not offset within BAR, full address)
 
3649  * @param write_register   Address for 'write' register
 
3650  *                         (not offset within BAR, full address)
 
3651  * @param base_register    Address for 'base' register
 
3652  *                         (not offset within BAR, full address)
 
3653  * @param size             Address for 'size' register
 
3654  *                         (not offset within BAR, full address)
 
3656 static void ipw_queue_init(struct ipw_priv *priv, struct clx2_queue *q,
 
3657                            int count, u32 read, u32 write, u32 base, u32 size)
 
3661         q->low_mark = q->n_bd / 4;
 
3662         if (q->low_mark < 4)
 
3665         q->high_mark = q->n_bd / 8;
 
3666         if (q->high_mark < 2)
 
3669         q->first_empty = q->last_used = 0;
 
3673         ipw_write32(priv, base, q->dma_addr);
 
3674         ipw_write32(priv, size, count);
 
3675         ipw_write32(priv, read, 0);
 
3676         ipw_write32(priv, write, 0);
 
3678         _ipw_read32(priv, 0x90);
 
3681 static int ipw_queue_tx_init(struct ipw_priv *priv,
 
3682                              struct clx2_tx_queue *q,
 
3683                              int count, u32 read, u32 write, u32 base, u32 size)
 
3685         struct pci_dev *dev = priv->pci_dev;
 
3687         q->txb = kmalloc(sizeof(q->txb[0]) * count, GFP_KERNEL);
 
3689                 IPW_ERROR("vmalloc for auxilary BD structures failed\n");
 
3694             pci_alloc_consistent(dev, sizeof(q->bd[0]) * count, &q->q.dma_addr);
 
3696                 IPW_ERROR("pci_alloc_consistent(%zd) failed\n",
 
3697                           sizeof(q->bd[0]) * count);
 
3703         ipw_queue_init(priv, &q->q, count, read, write, base, size);
 
3708  * Free one TFD, those at index [txq->q.last_used].
 
3709  * Do NOT advance any indexes
 
3714 static void ipw_queue_tx_free_tfd(struct ipw_priv *priv,
 
3715                                   struct clx2_tx_queue *txq)
 
3717         struct tfd_frame *bd = &txq->bd[txq->q.last_used];
 
3718         struct pci_dev *dev = priv->pci_dev;
 
3722         if (bd->control_flags.message_type == TX_HOST_COMMAND_TYPE)
 
3723                 /* nothing to cleanup after for host commands */
 
3727         if (le32_to_cpu(bd->u.data.num_chunks) > NUM_TFD_CHUNKS) {
 
3728                 IPW_ERROR("Too many chunks: %i\n",
 
3729                           le32_to_cpu(bd->u.data.num_chunks));
 
3730                 /** @todo issue fatal error, it is quite serious situation */
 
3734         /* unmap chunks if any */
 
3735         for (i = 0; i < le32_to_cpu(bd->u.data.num_chunks); i++) {
 
3736                 pci_unmap_single(dev, le32_to_cpu(bd->u.data.chunk_ptr[i]),
 
3737                                  le16_to_cpu(bd->u.data.chunk_len[i]),
 
3739                 if (txq->txb[txq->q.last_used]) {
 
3740                         ieee80211_txb_free(txq->txb[txq->q.last_used]);
 
3741                         txq->txb[txq->q.last_used] = NULL;
 
3747  * Deallocate DMA queue.
 
3749  * Empty queue by removing and destroying all BD's.
 
3755 static void ipw_queue_tx_free(struct ipw_priv *priv, struct clx2_tx_queue *txq)
 
3757         struct clx2_queue *q = &txq->q;
 
3758         struct pci_dev *dev = priv->pci_dev;
 
3763         /* first, empty all BD's */
 
3764         for (; q->first_empty != q->last_used;
 
3765              q->last_used = ipw_queue_inc_wrap(q->last_used, q->n_bd)) {
 
3766                 ipw_queue_tx_free_tfd(priv, txq);
 
3769         /* free buffers belonging to queue itself */
 
3770         pci_free_consistent(dev, sizeof(txq->bd[0]) * q->n_bd, txq->bd,
 
3774         /* 0 fill whole structure */
 
3775         memset(txq, 0, sizeof(*txq));
 
3779  * Destroy all DMA queues and structures
 
3783 static void ipw_tx_queue_free(struct ipw_priv *priv)
 
3786         ipw_queue_tx_free(priv, &priv->txq_cmd);
 
3789         ipw_queue_tx_free(priv, &priv->txq[0]);
 
3790         ipw_queue_tx_free(priv, &priv->txq[1]);
 
3791         ipw_queue_tx_free(priv, &priv->txq[2]);
 
3792         ipw_queue_tx_free(priv, &priv->txq[3]);
 
3795 static void ipw_create_bssid(struct ipw_priv *priv, u8 * bssid)
 
3797         /* First 3 bytes are manufacturer */
 
3798         bssid[0] = priv->mac_addr[0];
 
3799         bssid[1] = priv->mac_addr[1];
 
3800         bssid[2] = priv->mac_addr[2];
 
3802         /* Last bytes are random */
 
3803         get_random_bytes(&bssid[3], ETH_ALEN - 3);
 
3805         bssid[0] &= 0xfe;       /* clear multicast bit */
 
3806         bssid[0] |= 0x02;       /* set local assignment bit (IEEE802) */
 
3809 static u8 ipw_add_station(struct ipw_priv *priv, u8 * bssid)
 
3811         struct ipw_station_entry entry;
 
3813         DECLARE_MAC_BUF(mac);
 
3815         for (i = 0; i < priv->num_stations; i++) {
 
3816                 if (!memcmp(priv->stations[i], bssid, ETH_ALEN)) {
 
3817                         /* Another node is active in network */
 
3818                         priv->missed_adhoc_beacons = 0;
 
3819                         if (!(priv->config & CFG_STATIC_CHANNEL))
 
3820                                 /* when other nodes drop out, we drop out */
 
3821                                 priv->config &= ~CFG_ADHOC_PERSIST;
 
3827         if (i == MAX_STATIONS)
 
3828                 return IPW_INVALID_STATION;
 
3830         IPW_DEBUG_SCAN("Adding AdHoc station: %s\n", print_mac(mac, bssid));
 
3833         entry.support_mode = 0;
 
3834         memcpy(entry.mac_addr, bssid, ETH_ALEN);
 
3835         memcpy(priv->stations[i], bssid, ETH_ALEN);
 
3836         ipw_write_direct(priv, IPW_STATION_TABLE_LOWER + i * sizeof(entry),
 
3837                          &entry, sizeof(entry));
 
3838         priv->num_stations++;
 
3843 static u8 ipw_find_station(struct ipw_priv *priv, u8 * bssid)
 
3847         for (i = 0; i < priv->num_stations; i++)
 
3848                 if (!memcmp(priv->stations[i], bssid, ETH_ALEN))
 
3851         return IPW_INVALID_STATION;
 
3854 static void ipw_send_disassociate(struct ipw_priv *priv, int quiet)
 
3857         DECLARE_MAC_BUF(mac);
 
3859         if (priv->status & STATUS_ASSOCIATING) {
 
3860                 IPW_DEBUG_ASSOC("Disassociating while associating.\n");
 
3861                 queue_work(priv->workqueue, &priv->disassociate);
 
3865         if (!(priv->status & STATUS_ASSOCIATED)) {
 
3866                 IPW_DEBUG_ASSOC("Disassociating while not associated.\n");
 
3870         IPW_DEBUG_ASSOC("Disassocation attempt from %s "
 
3872                         print_mac(mac, priv->assoc_request.bssid),
 
3873                         priv->assoc_request.channel);
 
3875         priv->status &= ~(STATUS_ASSOCIATING | STATUS_ASSOCIATED);
 
3876         priv->status |= STATUS_DISASSOCIATING;
 
3879                 priv->assoc_request.assoc_type = HC_DISASSOC_QUIET;
 
3881                 priv->assoc_request.assoc_type = HC_DISASSOCIATE;
 
3883         err = ipw_send_associate(priv, &priv->assoc_request);
 
3885                 IPW_DEBUG_HC("Attempt to send [dis]associate command "
 
3892 static int ipw_disassociate(void *data)
 
3894         struct ipw_priv *priv = data;
 
3895         if (!(priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)))
 
3897         ipw_send_disassociate(data, 0);
 
3901 static void ipw_bg_disassociate(struct work_struct *work)
 
3903         struct ipw_priv *priv =
 
3904                 container_of(work, struct ipw_priv, disassociate);
 
3905         mutex_lock(&priv->mutex);
 
3906         ipw_disassociate(priv);
 
3907         mutex_unlock(&priv->mutex);
 
3910 static void ipw_system_config(struct work_struct *work)
 
3912         struct ipw_priv *priv =
 
3913                 container_of(work, struct ipw_priv, system_config);
 
3915 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
3916         if (priv->prom_net_dev && netif_running(priv->prom_net_dev)) {
 
3917                 priv->sys_config.accept_all_data_frames = 1;
 
3918                 priv->sys_config.accept_non_directed_frames = 1;
 
3919                 priv->sys_config.accept_all_mgmt_bcpr = 1;
 
3920                 priv->sys_config.accept_all_mgmt_frames = 1;
 
3924         ipw_send_system_config(priv);
 
3927 struct ipw_status_code {
 
3932 static const struct ipw_status_code ipw_status_codes[] = {
 
3933         {0x00, "Successful"},
 
3934         {0x01, "Unspecified failure"},
 
3935         {0x0A, "Cannot support all requested capabilities in the "
 
3936          "Capability information field"},
 
3937         {0x0B, "Reassociation denied due to inability to confirm that "
 
3938          "association exists"},
 
3939         {0x0C, "Association denied due to reason outside the scope of this "
 
3942          "Responding station does not support the specified authentication "
 
3945          "Received an Authentication frame with authentication sequence "
 
3946          "transaction sequence number out of expected sequence"},
 
3947         {0x0F, "Authentication rejected because of challenge failure"},
 
3948         {0x10, "Authentication rejected due to timeout waiting for next "
 
3949          "frame in sequence"},
 
3950         {0x11, "Association denied because AP is unable to handle additional "
 
3951          "associated stations"},
 
3953          "Association denied due to requesting station not supporting all "
 
3954          "of the datarates in the BSSBasicServiceSet Parameter"},
 
3956          "Association denied due to requesting station not supporting "
 
3957          "short preamble operation"},
 
3959          "Association denied due to requesting station not supporting "
 
3962          "Association denied due to requesting station not supporting "
 
3965          "Association denied due to requesting station not supporting "
 
3966          "short slot operation"},
 
3968          "Association denied due to requesting station not supporting "
 
3969          "DSSS-OFDM operation"},
 
3970         {0x28, "Invalid Information Element"},
 
3971         {0x29, "Group Cipher is not valid"},
 
3972         {0x2A, "Pairwise Cipher is not valid"},
 
3973         {0x2B, "AKMP is not valid"},
 
3974         {0x2C, "Unsupported RSN IE version"},
 
3975         {0x2D, "Invalid RSN IE Capabilities"},
 
3976         {0x2E, "Cipher suite is rejected per security policy"},
 
3979 static const char *ipw_get_status_code(u16 status)
 
3982         for (i = 0; i < ARRAY_SIZE(ipw_status_codes); i++)
 
3983                 if (ipw_status_codes[i].status == (status & 0xff))
 
3984                         return ipw_status_codes[i].reason;
 
3985         return "Unknown status value.";
 
3988 static void inline average_init(struct average *avg)
 
3990         memset(avg, 0, sizeof(*avg));
 
3993 #define DEPTH_RSSI 8
 
3994 #define DEPTH_NOISE 16
 
3995 static s16 exponential_average(s16 prev_avg, s16 val, u8 depth)
 
3997         return ((depth-1)*prev_avg +  val)/depth;
 
4000 static void average_add(struct average *avg, s16 val)
 
4002         avg->sum -= avg->entries[avg->pos];
 
4004         avg->entries[avg->pos++] = val;
 
4005         if (unlikely(avg->pos == AVG_ENTRIES)) {
 
4011 static s16 average_value(struct average *avg)
 
4013         if (!unlikely(avg->init)) {
 
4015                         return avg->sum / avg->pos;
 
4019         return avg->sum / AVG_ENTRIES;
 
4022 static void ipw_reset_stats(struct ipw_priv *priv)
 
4024         u32 len = sizeof(u32);
 
4028         average_init(&priv->average_missed_beacons);
 
4029         priv->exp_avg_rssi = -60;
 
4030         priv->exp_avg_noise = -85 + 0x100;
 
4032         priv->last_rate = 0;
 
4033         priv->last_missed_beacons = 0;
 
4034         priv->last_rx_packets = 0;
 
4035         priv->last_tx_packets = 0;
 
4036         priv->last_tx_failures = 0;
 
4038         /* Firmware managed, reset only when NIC is restarted, so we have to
 
4039          * normalize on the current value */
 
4040         ipw_get_ordinal(priv, IPW_ORD_STAT_RX_ERR_CRC,
 
4041                         &priv->last_rx_err, &len);
 
4042         ipw_get_ordinal(priv, IPW_ORD_STAT_TX_FAILURE,
 
4043                         &priv->last_tx_failures, &len);
 
4045         /* Driver managed, reset with each association */
 
4046         priv->missed_adhoc_beacons = 0;
 
4047         priv->missed_beacons = 0;
 
4048         priv->tx_packets = 0;
 
4049         priv->rx_packets = 0;
 
4053 static u32 ipw_get_max_rate(struct ipw_priv *priv)
 
4056         u32 mask = priv->rates_mask;
 
4057         /* If currently associated in B mode, restrict the maximum
 
4058          * rate match to B rates */
 
4059         if (priv->assoc_request.ieee_mode == IPW_B_MODE)
 
4060                 mask &= IEEE80211_CCK_RATES_MASK;
 
4062         /* TODO: Verify that the rate is supported by the current rates
 
4065         while (i && !(mask & i))
 
4068         case IEEE80211_CCK_RATE_1MB_MASK:
 
4070         case IEEE80211_CCK_RATE_2MB_MASK:
 
4072         case IEEE80211_CCK_RATE_5MB_MASK:
 
4074         case IEEE80211_OFDM_RATE_6MB_MASK:
 
4076         case IEEE80211_OFDM_RATE_9MB_MASK:
 
4078         case IEEE80211_CCK_RATE_11MB_MASK:
 
4080         case IEEE80211_OFDM_RATE_12MB_MASK:
 
4082         case IEEE80211_OFDM_RATE_18MB_MASK:
 
4084         case IEEE80211_OFDM_RATE_24MB_MASK:
 
4086         case IEEE80211_OFDM_RATE_36MB_MASK:
 
4088         case IEEE80211_OFDM_RATE_48MB_MASK:
 
4090         case IEEE80211_OFDM_RATE_54MB_MASK:
 
4094         if (priv->ieee->mode == IEEE_B)
 
4100 static u32 ipw_get_current_rate(struct ipw_priv *priv)
 
4102         u32 rate, len = sizeof(rate);
 
4105         if (!(priv->status & STATUS_ASSOCIATED))
 
4108         if (priv->tx_packets > IPW_REAL_RATE_RX_PACKET_THRESHOLD) {
 
4109                 err = ipw_get_ordinal(priv, IPW_ORD_STAT_TX_CURR_RATE, &rate,
 
4112                         IPW_DEBUG_INFO("failed querying ordinals.\n");
 
4116                 return ipw_get_max_rate(priv);
 
4119         case IPW_TX_RATE_1MB:
 
4121         case IPW_TX_RATE_2MB:
 
4123         case IPW_TX_RATE_5MB:
 
4125         case IPW_TX_RATE_6MB:
 
4127         case IPW_TX_RATE_9MB:
 
4129         case IPW_TX_RATE_11MB:
 
4131         case IPW_TX_RATE_12MB:
 
4133         case IPW_TX_RATE_18MB:
 
4135         case IPW_TX_RATE_24MB:
 
4137         case IPW_TX_RATE_36MB:
 
4139         case IPW_TX_RATE_48MB:
 
4141         case IPW_TX_RATE_54MB:
 
4148 #define IPW_STATS_INTERVAL (2 * HZ)
 
4149 static void ipw_gather_stats(struct ipw_priv *priv)
 
4151         u32 rx_err, rx_err_delta, rx_packets_delta;
 
4152         u32 tx_failures, tx_failures_delta, tx_packets_delta;
 
4153         u32 missed_beacons_percent, missed_beacons_delta;
 
4155         u32 len = sizeof(u32);
 
4157         u32 beacon_quality, signal_quality, tx_quality, rx_quality,
 
4161         if (!(priv->status & STATUS_ASSOCIATED)) {
 
4166         /* Update the statistics */
 
4167         ipw_get_ordinal(priv, IPW_ORD_STAT_MISSED_BEACONS,
 
4168                         &priv->missed_beacons, &len);
 
4169         missed_beacons_delta = priv->missed_beacons - priv->last_missed_beacons;
 
4170         priv->last_missed_beacons = priv->missed_beacons;
 
4171         if (priv->assoc_request.beacon_interval) {
 
4172                 missed_beacons_percent = missed_beacons_delta *
 
4173                     (HZ * priv->assoc_request.beacon_interval) /
 
4174                     (IPW_STATS_INTERVAL * 10);
 
4176                 missed_beacons_percent = 0;
 
4178         average_add(&priv->average_missed_beacons, missed_beacons_percent);
 
4180         ipw_get_ordinal(priv, IPW_ORD_STAT_RX_ERR_CRC, &rx_err, &len);
 
4181         rx_err_delta = rx_err - priv->last_rx_err;
 
4182         priv->last_rx_err = rx_err;
 
4184         ipw_get_ordinal(priv, IPW_ORD_STAT_TX_FAILURE, &tx_failures, &len);
 
4185         tx_failures_delta = tx_failures - priv->last_tx_failures;
 
4186         priv->last_tx_failures = tx_failures;
 
4188         rx_packets_delta = priv->rx_packets - priv->last_rx_packets;
 
4189         priv->last_rx_packets = priv->rx_packets;
 
4191         tx_packets_delta = priv->tx_packets - priv->last_tx_packets;
 
4192         priv->last_tx_packets = priv->tx_packets;
 
4194         /* Calculate quality based on the following:
 
4196          * Missed beacon: 100% = 0, 0% = 70% missed
 
4197          * Rate: 60% = 1Mbs, 100% = Max
 
4198          * Rx and Tx errors represent a straight % of total Rx/Tx
 
4199          * RSSI: 100% = > -50,  0% = < -80
 
4200          * Rx errors: 100% = 0, 0% = 50% missed
 
4202          * The lowest computed quality is used.
 
4205 #define BEACON_THRESHOLD 5
 
4206         beacon_quality = 100 - missed_beacons_percent;
 
4207         if (beacon_quality < BEACON_THRESHOLD)
 
4210                 beacon_quality = (beacon_quality - BEACON_THRESHOLD) * 100 /
 
4211                     (100 - BEACON_THRESHOLD);
 
4212         IPW_DEBUG_STATS("Missed beacon: %3d%% (%d%%)\n",
 
4213                         beacon_quality, missed_beacons_percent);
 
4215         priv->last_rate = ipw_get_current_rate(priv);
 
4216         max_rate = ipw_get_max_rate(priv);
 
4217         rate_quality = priv->last_rate * 40 / max_rate + 60;
 
4218         IPW_DEBUG_STATS("Rate quality : %3d%% (%dMbs)\n",
 
4219                         rate_quality, priv->last_rate / 1000000);
 
4221         if (rx_packets_delta > 100 && rx_packets_delta + rx_err_delta)
 
4222                 rx_quality = 100 - (rx_err_delta * 100) /
 
4223                     (rx_packets_delta + rx_err_delta);
 
4226         IPW_DEBUG_STATS("Rx quality   : %3d%% (%u errors, %u packets)\n",
 
4227                         rx_quality, rx_err_delta, rx_packets_delta);
 
4229         if (tx_packets_delta > 100 && tx_packets_delta + tx_failures_delta)
 
4230                 tx_quality = 100 - (tx_failures_delta * 100) /
 
4231                     (tx_packets_delta + tx_failures_delta);
 
4234         IPW_DEBUG_STATS("Tx quality   : %3d%% (%u errors, %u packets)\n",
 
4235                         tx_quality, tx_failures_delta, tx_packets_delta);
 
4237         rssi = priv->exp_avg_rssi;
 
4240              (priv->ieee->perfect_rssi - priv->ieee->worst_rssi) *
 
4241              (priv->ieee->perfect_rssi - priv->ieee->worst_rssi) -
 
4242              (priv->ieee->perfect_rssi - rssi) *
 
4243              (15 * (priv->ieee->perfect_rssi - priv->ieee->worst_rssi) +
 
4244               62 * (priv->ieee->perfect_rssi - rssi))) /
 
4245             ((priv->ieee->perfect_rssi - priv->ieee->worst_rssi) *
 
4246              (priv->ieee->perfect_rssi - priv->ieee->worst_rssi));
 
4247         if (signal_quality > 100)
 
4248                 signal_quality = 100;
 
4249         else if (signal_quality < 1)
 
4252         IPW_DEBUG_STATS("Signal level : %3d%% (%d dBm)\n",
 
4253                         signal_quality, rssi);
 
4255         quality = min(beacon_quality,
 
4257                           min(tx_quality, min(rx_quality, signal_quality))));
 
4258         if (quality == beacon_quality)
 
4259                 IPW_DEBUG_STATS("Quality (%d%%): Clamped to missed beacons.\n",
 
4261         if (quality == rate_quality)
 
4262                 IPW_DEBUG_STATS("Quality (%d%%): Clamped to rate quality.\n",
 
4264         if (quality == tx_quality)
 
4265                 IPW_DEBUG_STATS("Quality (%d%%): Clamped to Tx quality.\n",
 
4267         if (quality == rx_quality)
 
4268                 IPW_DEBUG_STATS("Quality (%d%%): Clamped to Rx quality.\n",
 
4270         if (quality == signal_quality)
 
4271                 IPW_DEBUG_STATS("Quality (%d%%): Clamped to signal quality.\n",
 
4274         priv->quality = quality;
 
4276         queue_delayed_work(priv->workqueue, &priv->gather_stats,
 
4277                            IPW_STATS_INTERVAL);
 
4280 static void ipw_bg_gather_stats(struct work_struct *work)
 
4282         struct ipw_priv *priv =
 
4283                 container_of(work, struct ipw_priv, gather_stats.work);
 
4284         mutex_lock(&priv->mutex);
 
4285         ipw_gather_stats(priv);
 
4286         mutex_unlock(&priv->mutex);
 
4289 /* Missed beacon behavior:
 
4290  * 1st missed -> roaming_threshold, just wait, don't do any scan/roam.
 
4291  * roaming_threshold -> disassociate_threshold, scan and roam for better signal.
 
4292  * Above disassociate threshold, give up and stop scanning.
 
4293  * Roaming is disabled if disassociate_threshold <= roaming_threshold  */
 
4294 static void ipw_handle_missed_beacon(struct ipw_priv *priv,
 
4297         priv->notif_missed_beacons = missed_count;
 
4299         if (missed_count > priv->disassociate_threshold &&
 
4300             priv->status & STATUS_ASSOCIATED) {
 
4301                 /* If associated and we've hit the missed
 
4302                  * beacon threshold, disassociate, turn
 
4303                  * off roaming, and abort any active scans */
 
4304                 IPW_DEBUG(IPW_DL_INFO | IPW_DL_NOTIF |
 
4305                           IPW_DL_STATE | IPW_DL_ASSOC,
 
4306                           "Missed beacon: %d - disassociate\n", missed_count);
 
4307                 priv->status &= ~STATUS_ROAMING;
 
4308                 if (priv->status & STATUS_SCANNING) {
 
4309                         IPW_DEBUG(IPW_DL_INFO | IPW_DL_NOTIF |
 
4311                                   "Aborting scan with missed beacon.\n");
 
4312                         queue_work(priv->workqueue, &priv->abort_scan);
 
4315                 queue_work(priv->workqueue, &priv->disassociate);
 
4319         if (priv->status & STATUS_ROAMING) {
 
4320                 /* If we are currently roaming, then just
 
4321                  * print a debug statement... */
 
4322                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE,
 
4323                           "Missed beacon: %d - roam in progress\n",
 
4329             (missed_count > priv->roaming_threshold &&
 
4330              missed_count <= priv->disassociate_threshold)) {
 
4331                 /* If we are not already roaming, set the ROAM
 
4332                  * bit in the status and kick off a scan.
 
4333                  * This can happen several times before we reach
 
4334                  * disassociate_threshold. */
 
4335                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE,
 
4336                           "Missed beacon: %d - initiate "
 
4337                           "roaming\n", missed_count);
 
4338                 if (!(priv->status & STATUS_ROAMING)) {
 
4339                         priv->status |= STATUS_ROAMING;
 
4340                         if (!(priv->status & STATUS_SCANNING))
 
4341                                 queue_delayed_work(priv->workqueue,
 
4342                                                    &priv->request_scan, 0);
 
4347         if (priv->status & STATUS_SCANNING) {
 
4348                 /* Stop scan to keep fw from getting
 
4349                  * stuck (only if we aren't roaming --
 
4350                  * otherwise we'll never scan more than 2 or 3
 
4352                 IPW_DEBUG(IPW_DL_INFO | IPW_DL_NOTIF | IPW_DL_STATE,
 
4353                           "Aborting scan with missed beacon.\n");
 
4354                 queue_work(priv->workqueue, &priv->abort_scan);
 
4357         IPW_DEBUG_NOTIF("Missed beacon: %d\n", missed_count);
 
4360 static void ipw_scan_event(struct work_struct *work)
 
4362         union iwreq_data wrqu;
 
4364         struct ipw_priv *priv =
 
4365                 container_of(work, struct ipw_priv, scan_event.work);
 
4367         wrqu.data.length = 0;
 
4368         wrqu.data.flags = 0;
 
4369         wireless_send_event(priv->net_dev, SIOCGIWSCAN, &wrqu, NULL);
 
4372 static void handle_scan_event(struct ipw_priv *priv)
 
4374         /* Only userspace-requested scan completion events go out immediately */
 
4375         if (!priv->user_requested_scan) {
 
4376                 if (!delayed_work_pending(&priv->scan_event))
 
4377                         queue_delayed_work(priv->workqueue, &priv->scan_event,
 
4378                                          round_jiffies_relative(msecs_to_jiffies(4000)));
 
4380                 union iwreq_data wrqu;
 
4382                 priv->user_requested_scan = 0;
 
4383                 cancel_delayed_work(&priv->scan_event);
 
4385                 wrqu.data.length = 0;
 
4386                 wrqu.data.flags = 0;
 
4387                 wireless_send_event(priv->net_dev, SIOCGIWSCAN, &wrqu, NULL);
 
4392  * Handle host notification packet.
 
4393  * Called from interrupt routine
 
4395 static void ipw_rx_notification(struct ipw_priv *priv,
 
4396                                        struct ipw_rx_notification *notif)
 
4398         DECLARE_MAC_BUF(mac);
 
4399         notif->size = le16_to_cpu(notif->size);
 
4401         IPW_DEBUG_NOTIF("type = %i (%d bytes)\n", notif->subtype, notif->size);
 
4403         switch (notif->subtype) {
 
4404         case HOST_NOTIFICATION_STATUS_ASSOCIATED:{
 
4405                         struct notif_association *assoc = ¬if->u.assoc;
 
4407                         switch (assoc->state) {
 
4408                         case CMAS_ASSOCIATED:{
 
4409                                         IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4411                                                   "associated: '%s' %s"
 
4413                                                   escape_essid(priv->essid,
 
4415                                                   print_mac(mac, priv->bssid));
 
4417                                         switch (priv->ieee->iw_mode) {
 
4419                                                 memcpy(priv->ieee->bssid,
 
4420                                                        priv->bssid, ETH_ALEN);
 
4424                                                 memcpy(priv->ieee->bssid,
 
4425                                                        priv->bssid, ETH_ALEN);
 
4427                                                 /* clear out the station table */
 
4428                                                 priv->num_stations = 0;
 
4431                                                     ("queueing adhoc check\n");
 
4432                                                 queue_delayed_work(priv->
 
4442                                         priv->status &= ~STATUS_ASSOCIATING;
 
4443                                         priv->status |= STATUS_ASSOCIATED;
 
4444                                         queue_work(priv->workqueue,
 
4445                                                    &priv->system_config);
 
4447 #ifdef CONFIG_IPW2200_QOS
 
4448 #define IPW_GET_PACKET_STYPE(x) WLAN_FC_GET_STYPE( \
 
4449                          le16_to_cpu(((struct ieee80211_hdr *)(x))->frame_ctl))
 
4450                                         if ((priv->status & STATUS_AUTH) &&
 
4451                                             (IPW_GET_PACKET_STYPE(¬if->u.raw)
 
4452                                              == IEEE80211_STYPE_ASSOC_RESP)) {
 
4455                                                       ieee80211_assoc_response)
 
4457                                                     && (notif->size <= 2314)) {
 
4470                                                         ieee80211_rx_mgt(priv->
 
4475                                                                          ¬if->u.raw, &stats);
 
4480                                         schedule_work(&priv->link_up);
 
4485                         case CMAS_AUTHENTICATED:{
 
4487                                             status & (STATUS_ASSOCIATED |
 
4489                                                 struct notif_authenticate *auth
 
4491                                                 IPW_DEBUG(IPW_DL_NOTIF |
 
4494                                                           "deauthenticated: '%s' "
 
4496                                                           ": (0x%04X) - %s \n",
 
4501                                                           print_mac(mac, priv->bssid),
 
4502                                                           ntohs(auth->status),
 
4508                                                     ~(STATUS_ASSOCIATING |
 
4512                                                 schedule_work(&priv->link_down);
 
4516                                         IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4518                                                   "authenticated: '%s' %s"
 
4520                                                   escape_essid(priv->essid,
 
4522                                                   print_mac(mac, priv->bssid));
 
4527                                         if (priv->status & STATUS_AUTH) {
 
4529                                                     ieee80211_assoc_response
 
4533                                                      ieee80211_assoc_response
 
4535                                                 IPW_DEBUG(IPW_DL_NOTIF |
 
4538                                                           "association failed (0x%04X): %s\n",
 
4539                                                           ntohs(resp->status),
 
4545                                         IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4547                                                   "disassociated: '%s' %s"
 
4549                                                   escape_essid(priv->essid,
 
4551                                                   print_mac(mac, priv->bssid));
 
4554                                             ~(STATUS_DISASSOCIATING |
 
4555                                               STATUS_ASSOCIATING |
 
4556                                               STATUS_ASSOCIATED | STATUS_AUTH);
 
4557                                         if (priv->assoc_network
 
4558                                             && (priv->assoc_network->
 
4560                                                 WLAN_CAPABILITY_IBSS))
 
4561                                                 ipw_remove_current_network
 
4564                                         schedule_work(&priv->link_down);
 
4569                         case CMAS_RX_ASSOC_RESP:
 
4573                                 IPW_ERROR("assoc: unknown (%d)\n",
 
4581         case HOST_NOTIFICATION_STATUS_AUTHENTICATE:{
 
4582                         struct notif_authenticate *auth = ¬if->u.auth;
 
4583                         switch (auth->state) {
 
4584                         case CMAS_AUTHENTICATED:
 
4585                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE,
 
4586                                           "authenticated: '%s' %s \n",
 
4587                                           escape_essid(priv->essid,
 
4589                                           print_mac(mac, priv->bssid));
 
4590                                 priv->status |= STATUS_AUTH;
 
4594                                 if (priv->status & STATUS_AUTH) {
 
4595                                         IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4597                                                   "authentication failed (0x%04X): %s\n",
 
4598                                                   ntohs(auth->status),
 
4599                                                   ipw_get_status_code(ntohs
 
4603                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4605                                           "deauthenticated: '%s' %s\n",
 
4606                                           escape_essid(priv->essid,
 
4608                                           print_mac(mac, priv->bssid));
 
4610                                 priv->status &= ~(STATUS_ASSOCIATING |
 
4614                                 schedule_work(&priv->link_down);
 
4617                         case CMAS_TX_AUTH_SEQ_1:
 
4618                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4619                                           IPW_DL_ASSOC, "AUTH_SEQ_1\n");
 
4621                         case CMAS_RX_AUTH_SEQ_2:
 
4622                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4623                                           IPW_DL_ASSOC, "AUTH_SEQ_2\n");
 
4625                         case CMAS_AUTH_SEQ_1_PASS:
 
4626                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4627                                           IPW_DL_ASSOC, "AUTH_SEQ_1_PASS\n");
 
4629                         case CMAS_AUTH_SEQ_1_FAIL:
 
4630                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4631                                           IPW_DL_ASSOC, "AUTH_SEQ_1_FAIL\n");
 
4633                         case CMAS_TX_AUTH_SEQ_3:
 
4634                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4635                                           IPW_DL_ASSOC, "AUTH_SEQ_3\n");
 
4637                         case CMAS_RX_AUTH_SEQ_4:
 
4638                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4639                                           IPW_DL_ASSOC, "RX_AUTH_SEQ_4\n");
 
4641                         case CMAS_AUTH_SEQ_2_PASS:
 
4642                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4643                                           IPW_DL_ASSOC, "AUTH_SEQ_2_PASS\n");
 
4645                         case CMAS_AUTH_SEQ_2_FAIL:
 
4646                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4647                                           IPW_DL_ASSOC, "AUT_SEQ_2_FAIL\n");
 
4650                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4651                                           IPW_DL_ASSOC, "TX_ASSOC\n");
 
4653                         case CMAS_RX_ASSOC_RESP:
 
4654                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4655                                           IPW_DL_ASSOC, "RX_ASSOC_RESP\n");
 
4658                         case CMAS_ASSOCIATED:
 
4659                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE |
 
4660                                           IPW_DL_ASSOC, "ASSOCIATED\n");
 
4663                                 IPW_DEBUG_NOTIF("auth: failure - %d\n",
 
4670         case HOST_NOTIFICATION_STATUS_SCAN_CHANNEL_RESULT:{
 
4671                         struct notif_channel_result *x =
 
4672                             ¬if->u.channel_result;
 
4674                         if (notif->size == sizeof(*x)) {
 
4675                                 IPW_DEBUG_SCAN("Scan result for channel %d\n",
 
4678                                 IPW_DEBUG_SCAN("Scan result of wrong size %d "
 
4679                                                "(should be %zd)\n",
 
4680                                                notif->size, sizeof(*x));
 
4685         case HOST_NOTIFICATION_STATUS_SCAN_COMPLETED:{
 
4686                         struct notif_scan_complete *x = ¬if->u.scan_complete;
 
4687                         if (notif->size == sizeof(*x)) {
 
4689                                     ("Scan completed: type %d, %d channels, "
 
4690                                      "%d status\n", x->scan_type,
 
4691                                      x->num_channels, x->status);
 
4693                                 IPW_ERROR("Scan completed of wrong size %d "
 
4694                                           "(should be %zd)\n",
 
4695                                           notif->size, sizeof(*x));
 
4699                             ~(STATUS_SCANNING | STATUS_SCAN_ABORTING);
 
4701                         wake_up_interruptible(&priv->wait_state);
 
4702                         cancel_delayed_work(&priv->scan_check);
 
4704                         if (priv->status & STATUS_EXIT_PENDING)
 
4707                         priv->ieee->scans++;
 
4709 #ifdef CONFIG_IPW2200_MONITOR
 
4710                         if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
 
4711                                 priv->status |= STATUS_SCAN_FORCED;
 
4712                                 queue_delayed_work(priv->workqueue,
 
4713                                                    &priv->request_scan, 0);
 
4716                         priv->status &= ~STATUS_SCAN_FORCED;
 
4717 #endif                          /* CONFIG_IPW2200_MONITOR */
 
4719                         if (!(priv->status & (STATUS_ASSOCIATED |
 
4720                                               STATUS_ASSOCIATING |
 
4722                                               STATUS_DISASSOCIATING)))
 
4723                                 queue_work(priv->workqueue, &priv->associate);
 
4724                         else if (priv->status & STATUS_ROAMING) {
 
4725                                 if (x->status == SCAN_COMPLETED_STATUS_COMPLETE)
 
4726                                         /* If a scan completed and we are in roam mode, then
 
4727                                          * the scan that completed was the one requested as a
 
4728                                          * result of entering roam... so, schedule the
 
4730                                         queue_work(priv->workqueue,
 
4733                                         /* Don't schedule if we aborted the scan */
 
4734                                         priv->status &= ~STATUS_ROAMING;
 
4735                         } else if (priv->status & STATUS_SCAN_PENDING)
 
4736                                 queue_delayed_work(priv->workqueue,
 
4737                                                    &priv->request_scan, 0);
 
4738                         else if (priv->config & CFG_BACKGROUND_SCAN
 
4739                                  && priv->status & STATUS_ASSOCIATED)
 
4740                                 queue_delayed_work(priv->workqueue,
 
4741                                                    &priv->request_scan,
 
4742                                                    round_jiffies_relative(HZ));
 
4744                         /* Send an empty event to user space.
 
4745                          * We don't send the received data on the event because
 
4746                          * it would require us to do complex transcoding, and
 
4747                          * we want to minimise the work done in the irq handler
 
4748                          * Use a request to extract the data.
 
4749                          * Also, we generate this even for any scan, regardless
 
4750                          * on how the scan was initiated. User space can just
 
4751                          * sync on periodic scan to get fresh data...
 
4753                         if (x->status == SCAN_COMPLETED_STATUS_COMPLETE)
 
4754                                 handle_scan_event(priv);
 
4758         case HOST_NOTIFICATION_STATUS_FRAG_LENGTH:{
 
4759                         struct notif_frag_length *x = ¬if->u.frag_len;
 
4761                         if (notif->size == sizeof(*x))
 
4762                                 IPW_ERROR("Frag length: %d\n",
 
4763                                           le16_to_cpu(x->frag_length));
 
4765                                 IPW_ERROR("Frag length of wrong size %d "
 
4766                                           "(should be %zd)\n",
 
4767                                           notif->size, sizeof(*x));
 
4771         case HOST_NOTIFICATION_STATUS_LINK_DETERIORATION:{
 
4772                         struct notif_link_deterioration *x =
 
4773                             ¬if->u.link_deterioration;
 
4775                         if (notif->size == sizeof(*x)) {
 
4776                                 IPW_DEBUG(IPW_DL_NOTIF | IPW_DL_STATE,
 
4777                                         "link deterioration: type %d, cnt %d\n",
 
4778                                         x->silence_notification_type,
 
4780                                 memcpy(&priv->last_link_deterioration, x,
 
4783                                 IPW_ERROR("Link Deterioration of wrong size %d "
 
4784                                           "(should be %zd)\n",
 
4785                                           notif->size, sizeof(*x));
 
4790         case HOST_NOTIFICATION_DINO_CONFIG_RESPONSE:{
 
4791                         IPW_ERROR("Dino config\n");
 
4793                             && priv->hcmd->cmd != HOST_CMD_DINO_CONFIG)
 
4794                                 IPW_ERROR("Unexpected DINO_CONFIG_RESPONSE\n");
 
4799         case HOST_NOTIFICATION_STATUS_BEACON_STATE:{
 
4800                         struct notif_beacon_state *x = ¬if->u.beacon_state;
 
4801                         if (notif->size != sizeof(*x)) {
 
4803                                     ("Beacon state of wrong size %d (should "
 
4804                                      "be %zd)\n", notif->size, sizeof(*x));
 
4808                         if (le32_to_cpu(x->state) ==
 
4809                             HOST_NOTIFICATION_STATUS_BEACON_MISSING)
 
4810                                 ipw_handle_missed_beacon(priv,
 
4817         case HOST_NOTIFICATION_STATUS_TGI_TX_KEY:{
 
4818                         struct notif_tgi_tx_key *x = ¬if->u.tgi_tx_key;
 
4819                         if (notif->size == sizeof(*x)) {
 
4820                                 IPW_ERROR("TGi Tx Key: state 0x%02x sec type "
 
4821                                           "0x%02x station %d\n",
 
4822                                           x->key_state, x->security_type,
 
4828                             ("TGi Tx Key of wrong size %d (should be %zd)\n",
 
4829                              notif->size, sizeof(*x));
 
4833         case HOST_NOTIFICATION_CALIB_KEEP_RESULTS:{
 
4834                         struct notif_calibration *x = ¬if->u.calibration;
 
4836                         if (notif->size == sizeof(*x)) {
 
4837                                 memcpy(&priv->calib, x, sizeof(*x));
 
4838                                 IPW_DEBUG_INFO("TODO: Calibration\n");
 
4843                             ("Calibration of wrong size %d (should be %zd)\n",
 
4844                              notif->size, sizeof(*x));
 
4848         case HOST_NOTIFICATION_NOISE_STATS:{
 
4849                         if (notif->size == sizeof(u32)) {
 
4850                                 priv->exp_avg_noise =
 
4851                                     exponential_average(priv->exp_avg_noise,
 
4852                                     (u8) (le32_to_cpu(notif->u.noise.value) & 0xff),
 
4858                             ("Noise stat is wrong size %d (should be %zd)\n",
 
4859                              notif->size, sizeof(u32));
 
4864                 IPW_DEBUG_NOTIF("Unknown notification: "
 
4865                                 "subtype=%d,flags=0x%2x,size=%d\n",
 
4866                                 notif->subtype, notif->flags, notif->size);
 
4871  * Destroys all DMA structures and initialise them again
 
4874  * @return error code
 
4876 static int ipw_queue_reset(struct ipw_priv *priv)
 
4879         /** @todo customize queue sizes */
 
4880         int nTx = 64, nTxCmd = 8;
 
4881         ipw_tx_queue_free(priv);
 
4883         rc = ipw_queue_tx_init(priv, &priv->txq_cmd, nTxCmd,
 
4884                                IPW_TX_CMD_QUEUE_READ_INDEX,
 
4885                                IPW_TX_CMD_QUEUE_WRITE_INDEX,
 
4886                                IPW_TX_CMD_QUEUE_BD_BASE,
 
4887                                IPW_TX_CMD_QUEUE_BD_SIZE);
 
4889                 IPW_ERROR("Tx Cmd queue init failed\n");
 
4893         rc = ipw_queue_tx_init(priv, &priv->txq[0], nTx,
 
4894                                IPW_TX_QUEUE_0_READ_INDEX,
 
4895                                IPW_TX_QUEUE_0_WRITE_INDEX,
 
4896                                IPW_TX_QUEUE_0_BD_BASE, IPW_TX_QUEUE_0_BD_SIZE);
 
4898                 IPW_ERROR("Tx 0 queue init failed\n");
 
4901         rc = ipw_queue_tx_init(priv, &priv->txq[1], nTx,
 
4902                                IPW_TX_QUEUE_1_READ_INDEX,
 
4903                                IPW_TX_QUEUE_1_WRITE_INDEX,
 
4904                                IPW_TX_QUEUE_1_BD_BASE, IPW_TX_QUEUE_1_BD_SIZE);
 
4906                 IPW_ERROR("Tx 1 queue init failed\n");
 
4909         rc = ipw_queue_tx_init(priv, &priv->txq[2], nTx,
 
4910                                IPW_TX_QUEUE_2_READ_INDEX,
 
4911                                IPW_TX_QUEUE_2_WRITE_INDEX,
 
4912                                IPW_TX_QUEUE_2_BD_BASE, IPW_TX_QUEUE_2_BD_SIZE);
 
4914                 IPW_ERROR("Tx 2 queue init failed\n");
 
4917         rc = ipw_queue_tx_init(priv, &priv->txq[3], nTx,
 
4918                                IPW_TX_QUEUE_3_READ_INDEX,
 
4919                                IPW_TX_QUEUE_3_WRITE_INDEX,
 
4920                                IPW_TX_QUEUE_3_BD_BASE, IPW_TX_QUEUE_3_BD_SIZE);
 
4922                 IPW_ERROR("Tx 3 queue init failed\n");
 
4926         priv->rx_bufs_min = 0;
 
4927         priv->rx_pend_max = 0;
 
4931         ipw_tx_queue_free(priv);
 
4936  * Reclaim Tx queue entries no more used by NIC.
 
4938  * When FW adwances 'R' index, all entries between old and
 
4939  * new 'R' index need to be reclaimed. As result, some free space
 
4940  * forms. If there is enough free space (> low mark), wake Tx queue.
 
4942  * @note Need to protect against garbage in 'R' index
 
4946  * @return Number of used entries remains in the queue
 
4948 static int ipw_queue_tx_reclaim(struct ipw_priv *priv,
 
4949                                 struct clx2_tx_queue *txq, int qindex)
 
4953         struct clx2_queue *q = &txq->q;
 
4955         hw_tail = ipw_read32(priv, q->reg_r);
 
4956         if (hw_tail >= q->n_bd) {
 
4958                     ("Read index for DMA queue (%d) is out of range [0-%d)\n",
 
4962         for (; q->last_used != hw_tail;
 
4963              q->last_used = ipw_queue_inc_wrap(q->last_used, q->n_bd)) {
 
4964                 ipw_queue_tx_free_tfd(priv, txq);
 
4968         if ((ipw_queue_space(q) > q->low_mark) &&
 
4970             (priv->status & STATUS_ASSOCIATED) && netif_running(priv->net_dev))
 
4971                 netif_wake_queue(priv->net_dev);
 
4972         used = q->first_empty - q->last_used;
 
4979 static int ipw_queue_tx_hcmd(struct ipw_priv *priv, int hcmd, void *buf,
 
4982         struct clx2_tx_queue *txq = &priv->txq_cmd;
 
4983         struct clx2_queue *q = &txq->q;
 
4984         struct tfd_frame *tfd;
 
4986         if (ipw_queue_space(q) < (sync ? 1 : 2)) {
 
4987                 IPW_ERROR("No space for Tx\n");
 
4991         tfd = &txq->bd[q->first_empty];
 
4992         txq->txb[q->first_empty] = NULL;
 
4994         memset(tfd, 0, sizeof(*tfd));
 
4995         tfd->control_flags.message_type = TX_HOST_COMMAND_TYPE;
 
4996         tfd->control_flags.control_bits = TFD_NEED_IRQ_MASK;
 
4998         tfd->u.cmd.index = hcmd;
 
4999         tfd->u.cmd.length = len;
 
5000         memcpy(tfd->u.cmd.payload, buf, len);
 
5001         q->first_empty = ipw_queue_inc_wrap(q->first_empty, q->n_bd);
 
5002         ipw_write32(priv, q->reg_w, q->first_empty);
 
5003         _ipw_read32(priv, 0x90);
 
5009  * Rx theory of operation
 
5011  * The host allocates 32 DMA target addresses and passes the host address
 
5012  * to the firmware at register IPW_RFDS_TABLE_LOWER + N * RFD_SIZE where N is
 
5016  * The host/firmware share two index registers for managing the Rx buffers.
 
5018  * The READ index maps to the first position that the firmware may be writing
 
5019  * to -- the driver can read up to (but not including) this position and get
 
5021  * The READ index is managed by the firmware once the card is enabled.
 
5023  * The WRITE index maps to the last position the driver has read from -- the
 
5024  * position preceding WRITE is the last slot the firmware can place a packet.
 
5026  * The queue is empty (no good data) if WRITE = READ - 1, and is full if
 
5029  * During initialization the host sets up the READ queue position to the first
 
5030  * INDEX position, and WRITE to the last (READ - 1 wrapped)
 
5032  * When the firmware places a packet in a buffer it will advance the READ index
 
5033  * and fire the RX interrupt.  The driver can then query the READ index and
 
5034  * process as many packets as possible, moving the WRITE index forward as it
 
5035  * resets the Rx queue buffers with new memory.
 
5037  * The management in the driver is as follows:
 
5038  * + A list of pre-allocated SKBs is stored in ipw->rxq->rx_free.  When
 
5039  *   ipw->rxq->free_count drops to or below RX_LOW_WATERMARK, work is scheduled
 
5040  *   to replensish the ipw->rxq->rx_free.
 
5041  * + In ipw_rx_queue_replenish (scheduled) if 'processed' != 'read' then the
 
5042  *   ipw->rxq is replenished and the READ INDEX is updated (updating the
 
5043  *   'processed' and 'read' driver indexes as well)
 
5044  * + A received packet is processed and handed to the kernel network stack,
 
5045  *   detached from the ipw->rxq.  The driver 'processed' index is updated.
 
5046  * + The Host/Firmware ipw->rxq is replenished at tasklet time from the rx_free
 
5047  *   list. If there are no allocated buffers in ipw->rxq->rx_free, the READ
 
5048  *   INDEX is not incremented and ipw->status(RX_STALLED) is set.  If there
 
5049  *   were enough free buffers and RX_STALLED is set it is cleared.
 
5054  * ipw_rx_queue_alloc()       Allocates rx_free
 
5055  * ipw_rx_queue_replenish()   Replenishes rx_free list from rx_used, and calls
 
5056  *                            ipw_rx_queue_restock
 
5057  * ipw_rx_queue_restock()     Moves available buffers from rx_free into Rx
 
5058  *                            queue, updates firmware pointers, and updates
 
5059  *                            the WRITE index.  If insufficient rx_free buffers
 
5060  *                            are available, schedules ipw_rx_queue_replenish
 
5062  * -- enable interrupts --
 
5063  * ISR - ipw_rx()             Detach ipw_rx_mem_buffers from pool up to the
 
5064  *                            READ INDEX, detaching the SKB from the pool.
 
5065  *                            Moves the packet buffer from queue to rx_used.
 
5066  *                            Calls ipw_rx_queue_restock to refill any empty
 
5073  * If there are slots in the RX queue that  need to be restocked,
 
5074  * and we have free pre-allocated buffers, fill the ranks as much
 
5075  * as we can pulling from rx_free.
 
5077  * This moves the 'write' index forward to catch up with 'processed', and
 
5078  * also updates the memory address in the firmware to reference the new
 
5081 static void ipw_rx_queue_restock(struct ipw_priv *priv)
 
5083         struct ipw_rx_queue *rxq = priv->rxq;
 
5084         struct list_head *element;
 
5085         struct ipw_rx_mem_buffer *rxb;
 
5086         unsigned long flags;
 
5089         spin_lock_irqsave(&rxq->lock, flags);
 
5091         while ((rxq->write != rxq->processed) && (rxq->free_count)) {
 
5092                 element = rxq->rx_free.next;
 
5093                 rxb = list_entry(element, struct ipw_rx_mem_buffer, list);
 
5096                 ipw_write32(priv, IPW_RFDS_TABLE_LOWER + rxq->write * RFD_SIZE,
 
5098                 rxq->queue[rxq->write] = rxb;
 
5099                 rxq->write = (rxq->write + 1) % RX_QUEUE_SIZE;
 
5102         spin_unlock_irqrestore(&rxq->lock, flags);
 
5104         /* If the pre-allocated buffer pool is dropping low, schedule to
 
5106         if (rxq->free_count <= RX_LOW_WATERMARK)
 
5107                 queue_work(priv->workqueue, &priv->rx_replenish);
 
5109         /* If we've added more space for the firmware to place data, tell it */
 
5110         if (write != rxq->write)
 
5111                 ipw_write32(priv, IPW_RX_WRITE_INDEX, rxq->write);
 
5115  * Move all used packet from rx_used to rx_free, allocating a new SKB for each.
 
5116  * Also restock the Rx queue via ipw_rx_queue_restock.
 
5118  * This is called as a scheduled work item (except for during intialization)
 
5120 static void ipw_rx_queue_replenish(void *data)
 
5122         struct ipw_priv *priv = data;
 
5123         struct ipw_rx_queue *rxq = priv->rxq;
 
5124         struct list_head *element;
 
5125         struct ipw_rx_mem_buffer *rxb;
 
5126         unsigned long flags;
 
5128         spin_lock_irqsave(&rxq->lock, flags);
 
5129         while (!list_empty(&rxq->rx_used)) {
 
5130                 element = rxq->rx_used.next;
 
5131                 rxb = list_entry(element, struct ipw_rx_mem_buffer, list);
 
5132                 rxb->skb = alloc_skb(IPW_RX_BUF_SIZE, GFP_ATOMIC);
 
5134                         printk(KERN_CRIT "%s: Can not allocate SKB buffers.\n",
 
5135                                priv->net_dev->name);
 
5136                         /* We don't reschedule replenish work here -- we will
 
5137                          * call the restock method and if it still needs
 
5138                          * more buffers it will schedule replenish */
 
5144                     pci_map_single(priv->pci_dev, rxb->skb->data,
 
5145                                    IPW_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
 
5147                 list_add_tail(&rxb->list, &rxq->rx_free);
 
5150         spin_unlock_irqrestore(&rxq->lock, flags);
 
5152         ipw_rx_queue_restock(priv);
 
5155 static void ipw_bg_rx_queue_replenish(struct work_struct *work)
 
5157         struct ipw_priv *priv =
 
5158                 container_of(work, struct ipw_priv, rx_replenish);
 
5159         mutex_lock(&priv->mutex);
 
5160         ipw_rx_queue_replenish(priv);
 
5161         mutex_unlock(&priv->mutex);
 
5164 /* Assumes that the skb field of the buffers in 'pool' is kept accurate.
 
5165  * If an SKB has been detached, the POOL needs to have its SKB set to NULL
 
5166  * This free routine walks the list of POOL entries and if SKB is set to
 
5167  * non NULL it is unmapped and freed
 
5169 static void ipw_rx_queue_free(struct ipw_priv *priv, struct ipw_rx_queue *rxq)
 
5176         for (i = 0; i < RX_QUEUE_SIZE + RX_FREE_BUFFERS; i++) {
 
5177                 if (rxq->pool[i].skb != NULL) {
 
5178                         pci_unmap_single(priv->pci_dev, rxq->pool[i].dma_addr,
 
5179                                          IPW_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
 
5180                         dev_kfree_skb(rxq->pool[i].skb);
 
5187 static struct ipw_rx_queue *ipw_rx_queue_alloc(struct ipw_priv *priv)
 
5189         struct ipw_rx_queue *rxq;
 
5192         rxq = kzalloc(sizeof(*rxq), GFP_KERNEL);
 
5193         if (unlikely(!rxq)) {
 
5194                 IPW_ERROR("memory allocation failed\n");
 
5197         spin_lock_init(&rxq->lock);
 
5198         INIT_LIST_HEAD(&rxq->rx_free);
 
5199         INIT_LIST_HEAD(&rxq->rx_used);
 
5201         /* Fill the rx_used queue with _all_ of the Rx buffers */
 
5202         for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++)
 
5203                 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
 
5205         /* Set us so that we have processed and used all buffers, but have
 
5206          * not restocked the Rx queue with fresh buffers */
 
5207         rxq->read = rxq->write = 0;
 
5208         rxq->processed = RX_QUEUE_SIZE - 1;
 
5209         rxq->free_count = 0;
 
5214 static int ipw_is_rate_in_mask(struct ipw_priv *priv, int ieee_mode, u8 rate)
 
5216         rate &= ~IEEE80211_BASIC_RATE_MASK;
 
5217         if (ieee_mode == IEEE_A) {
 
5219                 case IEEE80211_OFDM_RATE_6MB:
 
5220                         return priv->rates_mask & IEEE80211_OFDM_RATE_6MB_MASK ?
 
5222                 case IEEE80211_OFDM_RATE_9MB:
 
5223                         return priv->rates_mask & IEEE80211_OFDM_RATE_9MB_MASK ?
 
5225                 case IEEE80211_OFDM_RATE_12MB:
 
5227                             rates_mask & IEEE80211_OFDM_RATE_12MB_MASK ? 1 : 0;
 
5228                 case IEEE80211_OFDM_RATE_18MB:
 
5230                             rates_mask & IEEE80211_OFDM_RATE_18MB_MASK ? 1 : 0;
 
5231                 case IEEE80211_OFDM_RATE_24MB:
 
5233                             rates_mask & IEEE80211_OFDM_RATE_24MB_MASK ? 1 : 0;
 
5234                 case IEEE80211_OFDM_RATE_36MB:
 
5236                             rates_mask & IEEE80211_OFDM_RATE_36MB_MASK ? 1 : 0;
 
5237                 case IEEE80211_OFDM_RATE_48MB:
 
5239                             rates_mask & IEEE80211_OFDM_RATE_48MB_MASK ? 1 : 0;
 
5240                 case IEEE80211_OFDM_RATE_54MB:
 
5242                             rates_mask & IEEE80211_OFDM_RATE_54MB_MASK ? 1 : 0;
 
5250         case IEEE80211_CCK_RATE_1MB:
 
5251                 return priv->rates_mask & IEEE80211_CCK_RATE_1MB_MASK ? 1 : 0;
 
5252         case IEEE80211_CCK_RATE_2MB:
 
5253                 return priv->rates_mask & IEEE80211_CCK_RATE_2MB_MASK ? 1 : 0;
 
5254         case IEEE80211_CCK_RATE_5MB:
 
5255                 return priv->rates_mask & IEEE80211_CCK_RATE_5MB_MASK ? 1 : 0;
 
5256         case IEEE80211_CCK_RATE_11MB:
 
5257                 return priv->rates_mask & IEEE80211_CCK_RATE_11MB_MASK ? 1 : 0;
 
5260         /* If we are limited to B modulations, bail at this point */
 
5261         if (ieee_mode == IEEE_B)
 
5266         case IEEE80211_OFDM_RATE_6MB:
 
5267                 return priv->rates_mask & IEEE80211_OFDM_RATE_6MB_MASK ? 1 : 0;
 
5268         case IEEE80211_OFDM_RATE_9MB:
 
5269                 return priv->rates_mask & IEEE80211_OFDM_RATE_9MB_MASK ? 1 : 0;
 
5270         case IEEE80211_OFDM_RATE_12MB:
 
5271                 return priv->rates_mask & IEEE80211_OFDM_RATE_12MB_MASK ? 1 : 0;
 
5272         case IEEE80211_OFDM_RATE_18MB:
 
5273                 return priv->rates_mask & IEEE80211_OFDM_RATE_18MB_MASK ? 1 : 0;
 
5274         case IEEE80211_OFDM_RATE_24MB:
 
5275                 return priv->rates_mask & IEEE80211_OFDM_RATE_24MB_MASK ? 1 : 0;
 
5276         case IEEE80211_OFDM_RATE_36MB:
 
5277                 return priv->rates_mask & IEEE80211_OFDM_RATE_36MB_MASK ? 1 : 0;
 
5278         case IEEE80211_OFDM_RATE_48MB:
 
5279                 return priv->rates_mask & IEEE80211_OFDM_RATE_48MB_MASK ? 1 : 0;
 
5280         case IEEE80211_OFDM_RATE_54MB:
 
5281                 return priv->rates_mask & IEEE80211_OFDM_RATE_54MB_MASK ? 1 : 0;
 
5287 static int ipw_compatible_rates(struct ipw_priv *priv,
 
5288                                 const struct ieee80211_network *network,
 
5289                                 struct ipw_supported_rates *rates)
 
5293         memset(rates, 0, sizeof(*rates));
 
5294         num_rates = min(network->rates_len, (u8) IPW_MAX_RATES);
 
5295         rates->num_rates = 0;
 
5296         for (i = 0; i < num_rates; i++) {
 
5297                 if (!ipw_is_rate_in_mask(priv, network->mode,
 
5298                                          network->rates[i])) {
 
5300                         if (network->rates[i] & IEEE80211_BASIC_RATE_MASK) {
 
5301                                 IPW_DEBUG_SCAN("Adding masked mandatory "
 
5304                                 rates->supported_rates[rates->num_rates++] =
 
5309                         IPW_DEBUG_SCAN("Rate %02X masked : 0x%08X\n",
 
5310                                        network->rates[i], priv->rates_mask);
 
5314                 rates->supported_rates[rates->num_rates++] = network->rates[i];
 
5317         num_rates = min(network->rates_ex_len,
 
5318                         (u8) (IPW_MAX_RATES - num_rates));
 
5319         for (i = 0; i < num_rates; i++) {
 
5320                 if (!ipw_is_rate_in_mask(priv, network->mode,
 
5321                                          network->rates_ex[i])) {
 
5322                         if (network->rates_ex[i] & IEEE80211_BASIC_RATE_MASK) {
 
5323                                 IPW_DEBUG_SCAN("Adding masked mandatory "
 
5325                                                network->rates_ex[i]);
 
5326                                 rates->supported_rates[rates->num_rates++] =
 
5331                         IPW_DEBUG_SCAN("Rate %02X masked : 0x%08X\n",
 
5332                                        network->rates_ex[i], priv->rates_mask);
 
5336                 rates->supported_rates[rates->num_rates++] =
 
5337                     network->rates_ex[i];
 
5343 static void ipw_copy_rates(struct ipw_supported_rates *dest,
 
5344                                   const struct ipw_supported_rates *src)
 
5347         for (i = 0; i < src->num_rates; i++)
 
5348                 dest->supported_rates[i] = src->supported_rates[i];
 
5349         dest->num_rates = src->num_rates;
 
5352 /* TODO: Look at sniffed packets in the air to determine if the basic rate
 
5353  * mask should ever be used -- right now all callers to add the scan rates are
 
5354  * set with the modulation = CCK, so BASIC_RATE_MASK is never set... */
 
5355 static void ipw_add_cck_scan_rates(struct ipw_supported_rates *rates,
 
5356                                    u8 modulation, u32 rate_mask)
 
5358         u8 basic_mask = (IEEE80211_OFDM_MODULATION == modulation) ?
 
5359             IEEE80211_BASIC_RATE_MASK : 0;
 
5361         if (rate_mask & IEEE80211_CCK_RATE_1MB_MASK)
 
5362                 rates->supported_rates[rates->num_rates++] =
 
5363                     IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_1MB;
 
5365         if (rate_mask & IEEE80211_CCK_RATE_2MB_MASK)
 
5366                 rates->supported_rates[rates->num_rates++] =
 
5367                     IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_2MB;
 
5369         if (rate_mask & IEEE80211_CCK_RATE_5MB_MASK)
 
5370                 rates->supported_rates[rates->num_rates++] = basic_mask |
 
5371                     IEEE80211_CCK_RATE_5MB;
 
5373         if (rate_mask & IEEE80211_CCK_RATE_11MB_MASK)
 
5374                 rates->supported_rates[rates->num_rates++] = basic_mask |
 
5375                     IEEE80211_CCK_RATE_11MB;
 
5378 static void ipw_add_ofdm_scan_rates(struct ipw_supported_rates *rates,
 
5379                                     u8 modulation, u32 rate_mask)
 
5381         u8 basic_mask = (IEEE80211_OFDM_MODULATION == modulation) ?
 
5382             IEEE80211_BASIC_RATE_MASK : 0;
 
5384         if (rate_mask & IEEE80211_OFDM_RATE_6MB_MASK)
 
5385                 rates->supported_rates[rates->num_rates++] = basic_mask |
 
5386                     IEEE80211_OFDM_RATE_6MB;
 
5388         if (rate_mask & IEEE80211_OFDM_RATE_9MB_MASK)
 
5389                 rates->supported_rates[rates->num_rates++] =
 
5390                     IEEE80211_OFDM_RATE_9MB;
 
5392         if (rate_mask & IEEE80211_OFDM_RATE_12MB_MASK)
 
5393                 rates->supported_rates[rates->num_rates++] = basic_mask |
 
5394                     IEEE80211_OFDM_RATE_12MB;
 
5396         if (rate_mask & IEEE80211_OFDM_RATE_18MB_MASK)
 
5397                 rates->supported_rates[rates->num_rates++] =
 
5398                     IEEE80211_OFDM_RATE_18MB;
 
5400         if (rate_mask & IEEE80211_OFDM_RATE_24MB_MASK)
 
5401                 rates->supported_rates[rates->num_rates++] = basic_mask |
 
5402                     IEEE80211_OFDM_RATE_24MB;
 
5404         if (rate_mask & IEEE80211_OFDM_RATE_36MB_MASK)
 
5405                 rates->supported_rates[rates->num_rates++] =
 
5406                     IEEE80211_OFDM_RATE_36MB;
 
5408         if (rate_mask & IEEE80211_OFDM_RATE_48MB_MASK)
 
5409                 rates->supported_rates[rates->num_rates++] =
 
5410                     IEEE80211_OFDM_RATE_48MB;
 
5412         if (rate_mask & IEEE80211_OFDM_RATE_54MB_MASK)
 
5413                 rates->supported_rates[rates->num_rates++] =
 
5414                     IEEE80211_OFDM_RATE_54MB;
 
5417 struct ipw_network_match {
 
5418         struct ieee80211_network *network;
 
5419         struct ipw_supported_rates rates;
 
5422 static int ipw_find_adhoc_network(struct ipw_priv *priv,
 
5423                                   struct ipw_network_match *match,
 
5424                                   struct ieee80211_network *network,
 
5427         struct ipw_supported_rates rates;
 
5428         DECLARE_MAC_BUF(mac);
 
5429         DECLARE_MAC_BUF(mac2);
 
5431         /* Verify that this network's capability is compatible with the
 
5432          * current mode (AdHoc or Infrastructure) */
 
5433         if ((priv->ieee->iw_mode == IW_MODE_ADHOC &&
 
5434              !(network->capability & WLAN_CAPABILITY_IBSS))) {
 
5435                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded due to "
 
5436                                 "capability mismatch.\n",
 
5437                                 escape_essid(network->ssid, network->ssid_len),
 
5438                                 print_mac(mac, network->bssid));
 
5442         /* If we do not have an ESSID for this AP, we can not associate with
 
5444         if (network->flags & NETWORK_EMPTY_ESSID) {
 
5445                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5446                                 "because of hidden ESSID.\n",
 
5447                                 escape_essid(network->ssid, network->ssid_len),
 
5448                                 print_mac(mac, network->bssid));
 
5452         if (unlikely(roaming)) {
 
5453                 /* If we are roaming, then ensure check if this is a valid
 
5454                  * network to try and roam to */
 
5455                 if ((network->ssid_len != match->network->ssid_len) ||
 
5456                     memcmp(network->ssid, match->network->ssid,
 
5457                            network->ssid_len)) {
 
5458                         IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5459                                         "because of non-network ESSID.\n",
 
5460                                         escape_essid(network->ssid,
 
5462                                         print_mac(mac, network->bssid));
 
5466                 /* If an ESSID has been configured then compare the broadcast
 
5468                 if ((priv->config & CFG_STATIC_ESSID) &&
 
5469                     ((network->ssid_len != priv->essid_len) ||
 
5470                      memcmp(network->ssid, priv->essid,
 
5471                             min(network->ssid_len, priv->essid_len)))) {
 
5472                         char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
 
5475                                 escape_essid(network->ssid, network->ssid_len),
 
5477                         IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5478                                         "because of ESSID mismatch: '%s'.\n",
 
5479                                         escaped, print_mac(mac, network->bssid),
 
5480                                         escape_essid(priv->essid,
 
5486         /* If the old network rate is better than this one, don't bother
 
5487          * testing everything else. */
 
5489         if (network->time_stamp[0] < match->network->time_stamp[0]) {
 
5490                 IPW_DEBUG_MERGE("Network '%s excluded because newer than "
 
5491                                 "current network.\n",
 
5492                                 escape_essid(match->network->ssid,
 
5493                                              match->network->ssid_len));
 
5495         } else if (network->time_stamp[1] < match->network->time_stamp[1]) {
 
5496                 IPW_DEBUG_MERGE("Network '%s excluded because newer than "
 
5497                                 "current network.\n",
 
5498                                 escape_essid(match->network->ssid,
 
5499                                              match->network->ssid_len));
 
5503         /* Now go through and see if the requested network is valid... */
 
5504         if (priv->ieee->scan_age != 0 &&
 
5505             time_after(jiffies, network->last_scanned + priv->ieee->scan_age)) {
 
5506                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5507                                 "because of age: %ums.\n",
 
5508                                 escape_essid(network->ssid, network->ssid_len),
 
5509                                 print_mac(mac, network->bssid),
 
5510                                 jiffies_to_msecs(jiffies -
 
5511                                                  network->last_scanned));
 
5515         if ((priv->config & CFG_STATIC_CHANNEL) &&
 
5516             (network->channel != priv->channel)) {
 
5517                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5518                                 "because of channel mismatch: %d != %d.\n",
 
5519                                 escape_essid(network->ssid, network->ssid_len),
 
5520                                 print_mac(mac, network->bssid),
 
5521                                 network->channel, priv->channel);
 
5525         /* Verify privacy compatability */
 
5526         if (((priv->capability & CAP_PRIVACY_ON) ? 1 : 0) !=
 
5527             ((network->capability & WLAN_CAPABILITY_PRIVACY) ? 1 : 0)) {
 
5528                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5529                                 "because of privacy mismatch: %s != %s.\n",
 
5530                                 escape_essid(network->ssid, network->ssid_len),
 
5531                                 print_mac(mac, network->bssid),
 
5533                                 capability & CAP_PRIVACY_ON ? "on" : "off",
 
5535                                 capability & WLAN_CAPABILITY_PRIVACY ? "on" :
 
5540         if (!memcmp(network->bssid, priv->bssid, ETH_ALEN)) {
 
5541                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5542                                 "because of the same BSSID match: %s"
 
5543                                 ".\n", escape_essid(network->ssid,
 
5545                                 print_mac(mac, network->bssid),
 
5546                                 print_mac(mac2, priv->bssid));
 
5550         /* Filter out any incompatible freq / mode combinations */
 
5551         if (!ieee80211_is_valid_mode(priv->ieee, network->mode)) {
 
5552                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5553                                 "because of invalid frequency/mode "
 
5555                                 escape_essid(network->ssid, network->ssid_len),
 
5556                                 print_mac(mac, network->bssid));
 
5560         /* Ensure that the rates supported by the driver are compatible with
 
5561          * this AP, including verification of basic rates (mandatory) */
 
5562         if (!ipw_compatible_rates(priv, network, &rates)) {
 
5563                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5564                                 "because configured rate mask excludes "
 
5565                                 "AP mandatory rate.\n",
 
5566                                 escape_essid(network->ssid, network->ssid_len),
 
5567                                 print_mac(mac, network->bssid));
 
5571         if (rates.num_rates == 0) {
 
5572                 IPW_DEBUG_MERGE("Network '%s (%s)' excluded "
 
5573                                 "because of no compatible rates.\n",
 
5574                                 escape_essid(network->ssid, network->ssid_len),
 
5575                                 print_mac(mac, network->bssid));
 
5579         /* TODO: Perform any further minimal comparititive tests.  We do not
 
5580          * want to put too much policy logic here; intelligent scan selection
 
5581          * should occur within a generic IEEE 802.11 user space tool.  */
 
5583         /* Set up 'new' AP to this network */
 
5584         ipw_copy_rates(&match->rates, &rates);
 
5585         match->network = network;
 
5586         IPW_DEBUG_MERGE("Network '%s (%s)' is a viable match.\n",
 
5587                         escape_essid(network->ssid, network->ssid_len),
 
5588                         print_mac(mac, network->bssid));
 
5593 static void ipw_merge_adhoc_network(struct work_struct *work)
 
5595         struct ipw_priv *priv =
 
5596                 container_of(work, struct ipw_priv, merge_networks);
 
5597         struct ieee80211_network *network = NULL;
 
5598         struct ipw_network_match match = {
 
5599                 .network = priv->assoc_network
 
5602         if ((priv->status & STATUS_ASSOCIATED) &&
 
5603             (priv->ieee->iw_mode == IW_MODE_ADHOC)) {
 
5604                 /* First pass through ROAM process -- look for a better
 
5606                 unsigned long flags;
 
5608                 spin_lock_irqsave(&priv->ieee->lock, flags);
 
5609                 list_for_each_entry(network, &priv->ieee->network_list, list) {
 
5610                         if (network != priv->assoc_network)
 
5611                                 ipw_find_adhoc_network(priv, &match, network,
 
5614                 spin_unlock_irqrestore(&priv->ieee->lock, flags);
 
5616                 if (match.network == priv->assoc_network) {
 
5617                         IPW_DEBUG_MERGE("No better ADHOC in this network to "
 
5622                 mutex_lock(&priv->mutex);
 
5623                 if ((priv->ieee->iw_mode == IW_MODE_ADHOC)) {
 
5624                         IPW_DEBUG_MERGE("remove network %s\n",
 
5625                                         escape_essid(priv->essid,
 
5627                         ipw_remove_current_network(priv);
 
5630                 ipw_disassociate(priv);
 
5631                 priv->assoc_network = match.network;
 
5632                 mutex_unlock(&priv->mutex);
 
5637 static int ipw_best_network(struct ipw_priv *priv,
 
5638                             struct ipw_network_match *match,
 
5639                             struct ieee80211_network *network, int roaming)
 
5641         struct ipw_supported_rates rates;
 
5642         DECLARE_MAC_BUF(mac);
 
5644         /* Verify that this network's capability is compatible with the
 
5645          * current mode (AdHoc or Infrastructure) */
 
5646         if ((priv->ieee->iw_mode == IW_MODE_INFRA &&
 
5647              !(network->capability & WLAN_CAPABILITY_ESS)) ||
 
5648             (priv->ieee->iw_mode == IW_MODE_ADHOC &&
 
5649              !(network->capability & WLAN_CAPABILITY_IBSS))) {
 
5650                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded due to "
 
5651                                 "capability mismatch.\n",
 
5652                                 escape_essid(network->ssid, network->ssid_len),
 
5653                                 print_mac(mac, network->bssid));
 
5657         /* If we do not have an ESSID for this AP, we can not associate with
 
5659         if (network->flags & NETWORK_EMPTY_ESSID) {
 
5660                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5661                                 "because of hidden ESSID.\n",
 
5662                                 escape_essid(network->ssid, network->ssid_len),
 
5663                                 print_mac(mac, network->bssid));
 
5667         if (unlikely(roaming)) {
 
5668                 /* If we are roaming, then ensure check if this is a valid
 
5669                  * network to try and roam to */
 
5670                 if ((network->ssid_len != match->network->ssid_len) ||
 
5671                     memcmp(network->ssid, match->network->ssid,
 
5672                            network->ssid_len)) {
 
5673                         IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5674                                         "because of non-network ESSID.\n",
 
5675                                         escape_essid(network->ssid,
 
5677                                         print_mac(mac, network->bssid));
 
5681                 /* If an ESSID has been configured then compare the broadcast
 
5683                 if ((priv->config & CFG_STATIC_ESSID) &&
 
5684                     ((network->ssid_len != priv->essid_len) ||
 
5685                      memcmp(network->ssid, priv->essid,
 
5686                             min(network->ssid_len, priv->essid_len)))) {
 
5687                         char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
 
5689                                 escape_essid(network->ssid, network->ssid_len),
 
5691                         IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5692                                         "because of ESSID mismatch: '%s'.\n",
 
5693                                         escaped, print_mac(mac, network->bssid),
 
5694                                         escape_essid(priv->essid,
 
5700         /* If the old network rate is better than this one, don't bother
 
5701          * testing everything else. */
 
5702         if (match->network && match->network->stats.rssi > network->stats.rssi) {
 
5703                 char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
 
5705                         escape_essid(network->ssid, network->ssid_len),
 
5707                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded because "
 
5708                                 "'%s (%s)' has a stronger signal.\n",
 
5709                                 escaped, print_mac(mac, network->bssid),
 
5710                                 escape_essid(match->network->ssid,
 
5711                                              match->network->ssid_len),
 
5712                                 print_mac(mac, match->network->bssid));
 
5716         /* If this network has already had an association attempt within the
 
5717          * last 3 seconds, do not try and associate again... */
 
5718         if (network->last_associate &&
 
5719             time_after(network->last_associate + (HZ * 3UL), jiffies)) {
 
5720                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5721                                 "because of storming (%ums since last "
 
5722                                 "assoc attempt).\n",
 
5723                                 escape_essid(network->ssid, network->ssid_len),
 
5724                                 print_mac(mac, network->bssid),
 
5725                                 jiffies_to_msecs(jiffies -
 
5726                                                  network->last_associate));
 
5730         /* Now go through and see if the requested network is valid... */
 
5731         if (priv->ieee->scan_age != 0 &&
 
5732             time_after(jiffies, network->last_scanned + priv->ieee->scan_age)) {
 
5733                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5734                                 "because of age: %ums.\n",
 
5735                                 escape_essid(network->ssid, network->ssid_len),
 
5736                                 print_mac(mac, network->bssid),
 
5737                                 jiffies_to_msecs(jiffies -
 
5738                                                  network->last_scanned));
 
5742         if ((priv->config & CFG_STATIC_CHANNEL) &&
 
5743             (network->channel != priv->channel)) {
 
5744                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5745                                 "because of channel mismatch: %d != %d.\n",
 
5746                                 escape_essid(network->ssid, network->ssid_len),
 
5747                                 print_mac(mac, network->bssid),
 
5748                                 network->channel, priv->channel);
 
5752         /* Verify privacy compatability */
 
5753         if (((priv->capability & CAP_PRIVACY_ON) ? 1 : 0) !=
 
5754             ((network->capability & WLAN_CAPABILITY_PRIVACY) ? 1 : 0)) {
 
5755                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5756                                 "because of privacy mismatch: %s != %s.\n",
 
5757                                 escape_essid(network->ssid, network->ssid_len),
 
5758                                 print_mac(mac, network->bssid),
 
5759                                 priv->capability & CAP_PRIVACY_ON ? "on" :
 
5761                                 network->capability &
 
5762                                 WLAN_CAPABILITY_PRIVACY ? "on" : "off");
 
5766         if ((priv->config & CFG_STATIC_BSSID) &&
 
5767             memcmp(network->bssid, priv->bssid, ETH_ALEN)) {
 
5768                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5769                                 "because of BSSID mismatch: %s.\n",
 
5770                                 escape_essid(network->ssid, network->ssid_len),
 
5771                                 print_mac(mac, network->bssid), print_mac(mac, priv->bssid));
 
5775         /* Filter out any incompatible freq / mode combinations */
 
5776         if (!ieee80211_is_valid_mode(priv->ieee, network->mode)) {
 
5777                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5778                                 "because of invalid frequency/mode "
 
5780                                 escape_essid(network->ssid, network->ssid_len),
 
5781                                 print_mac(mac, network->bssid));
 
5785         /* Filter out invalid channel in current GEO */
 
5786         if (!ieee80211_is_valid_channel(priv->ieee, network->channel)) {
 
5787                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5788                                 "because of invalid channel in current GEO\n",
 
5789                                 escape_essid(network->ssid, network->ssid_len),
 
5790                                 print_mac(mac, network->bssid));
 
5794         /* Ensure that the rates supported by the driver are compatible with
 
5795          * this AP, including verification of basic rates (mandatory) */
 
5796         if (!ipw_compatible_rates(priv, network, &rates)) {
 
5797                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5798                                 "because configured rate mask excludes "
 
5799                                 "AP mandatory rate.\n",
 
5800                                 escape_essid(network->ssid, network->ssid_len),
 
5801                                 print_mac(mac, network->bssid));
 
5805         if (rates.num_rates == 0) {
 
5806                 IPW_DEBUG_ASSOC("Network '%s (%s)' excluded "
 
5807                                 "because of no compatible rates.\n",
 
5808                                 escape_essid(network->ssid, network->ssid_len),
 
5809                                 print_mac(mac, network->bssid));
 
5813         /* TODO: Perform any further minimal comparititive tests.  We do not
 
5814          * want to put too much policy logic here; intelligent scan selection
 
5815          * should occur within a generic IEEE 802.11 user space tool.  */
 
5817         /* Set up 'new' AP to this network */
 
5818         ipw_copy_rates(&match->rates, &rates);
 
5819         match->network = network;
 
5821         IPW_DEBUG_ASSOC("Network '%s (%s)' is a viable match.\n",
 
5822                         escape_essid(network->ssid, network->ssid_len),
 
5823                         print_mac(mac, network->bssid));
 
5828 static void ipw_adhoc_create(struct ipw_priv *priv,
 
5829                              struct ieee80211_network *network)
 
5831         const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
 
5835          * For the purposes of scanning, we can set our wireless mode
 
5836          * to trigger scans across combinations of bands, but when it
 
5837          * comes to creating a new ad-hoc network, we have tell the FW
 
5838          * exactly which band to use.
 
5840          * We also have the possibility of an invalid channel for the
 
5841          * chossen band.  Attempting to create a new ad-hoc network
 
5842          * with an invalid channel for wireless mode will trigger a
 
5846         switch (ieee80211_is_valid_channel(priv->ieee, priv->channel)) {
 
5847         case IEEE80211_52GHZ_BAND:
 
5848                 network->mode = IEEE_A;
 
5849                 i = ieee80211_channel_to_index(priv->ieee, priv->channel);
 
5851                 if (geo->a[i].flags & IEEE80211_CH_PASSIVE_ONLY) {
 
5852                         IPW_WARNING("Overriding invalid channel\n");
 
5853                         priv->channel = geo->a[0].channel;
 
5857         case IEEE80211_24GHZ_BAND:
 
5858                 if (priv->ieee->mode & IEEE_G)
 
5859                         network->mode = IEEE_G;
 
5861                         network->mode = IEEE_B;
 
5862                 i = ieee80211_channel_to_index(priv->ieee, priv->channel);
 
5864                 if (geo->bg[i].flags & IEEE80211_CH_PASSIVE_ONLY) {
 
5865                         IPW_WARNING("Overriding invalid channel\n");
 
5866                         priv->channel = geo->bg[0].channel;
 
5871                 IPW_WARNING("Overriding invalid channel\n");
 
5872                 if (priv->ieee->mode & IEEE_A) {
 
5873                         network->mode = IEEE_A;
 
5874                         priv->channel = geo->a[0].channel;
 
5875                 } else if (priv->ieee->mode & IEEE_G) {
 
5876                         network->mode = IEEE_G;
 
5877                         priv->channel = geo->bg[0].channel;
 
5879                         network->mode = IEEE_B;
 
5880                         priv->channel = geo->bg[0].channel;
 
5885         network->channel = priv->channel;
 
5886         priv->config |= CFG_ADHOC_PERSIST;
 
5887         ipw_create_bssid(priv, network->bssid);
 
5888         network->ssid_len = priv->essid_len;
 
5889         memcpy(network->ssid, priv->essid, priv->essid_len);
 
5890         memset(&network->stats, 0, sizeof(network->stats));
 
5891         network->capability = WLAN_CAPABILITY_IBSS;
 
5892         if (!(priv->config & CFG_PREAMBLE_LONG))
 
5893                 network->capability |= WLAN_CAPABILITY_SHORT_PREAMBLE;
 
5894         if (priv->capability & CAP_PRIVACY_ON)
 
5895                 network->capability |= WLAN_CAPABILITY_PRIVACY;
 
5896         network->rates_len = min(priv->rates.num_rates, MAX_RATES_LENGTH);
 
5897         memcpy(network->rates, priv->rates.supported_rates, network->rates_len);
 
5898         network->rates_ex_len = priv->rates.num_rates - network->rates_len;
 
5899         memcpy(network->rates_ex,
 
5900                &priv->rates.supported_rates[network->rates_len],
 
5901                network->rates_ex_len);
 
5902         network->last_scanned = 0;
 
5904         network->last_associate = 0;
 
5905         network->time_stamp[0] = 0;
 
5906         network->time_stamp[1] = 0;
 
5907         network->beacon_interval = 100; /* Default */
 
5908         network->listen_interval = 10;  /* Default */
 
5909         network->atim_window = 0;       /* Default */
 
5910         network->wpa_ie_len = 0;
 
5911         network->rsn_ie_len = 0;
 
5914 static void ipw_send_tgi_tx_key(struct ipw_priv *priv, int type, int index)
 
5916         struct ipw_tgi_tx_key key;
 
5918         if (!(priv->ieee->sec.flags & (1 << index)))
 
5922         memcpy(key.key, priv->ieee->sec.keys[index], SCM_TEMPORAL_KEY_LENGTH);
 
5923         key.security_type = type;
 
5924         key.station_index = 0;  /* always 0 for BSS */
 
5926         /* 0 for new key; previous value of counter (after fatal error) */
 
5927         key.tx_counter[0] = cpu_to_le32(0);
 
5928         key.tx_counter[1] = cpu_to_le32(0);
 
5930         ipw_send_cmd_pdu(priv, IPW_CMD_TGI_TX_KEY, sizeof(key), &key);
 
5933 static void ipw_send_wep_keys(struct ipw_priv *priv, int type)
 
5935         struct ipw_wep_key key;
 
5938         key.cmd_id = DINO_CMD_WEP_KEY;
 
5941         /* Note: AES keys cannot be set for multiple times.
 
5942          * Only set it at the first time. */
 
5943         for (i = 0; i < 4; i++) {
 
5944                 key.key_index = i | type;
 
5945                 if (!(priv->ieee->sec.flags & (1 << i))) {
 
5950                 key.key_size = priv->ieee->sec.key_sizes[i];
 
5951                 memcpy(key.key, priv->ieee->sec.keys[i], key.key_size);
 
5953                 ipw_send_cmd_pdu(priv, IPW_CMD_WEP_KEY, sizeof(key), &key);
 
5957 static void ipw_set_hw_decrypt_unicast(struct ipw_priv *priv, int level)
 
5959         if (priv->ieee->host_encrypt)
 
5964                 priv->sys_config.disable_unicast_decryption = 0;
 
5965                 priv->ieee->host_decrypt = 0;
 
5968                 priv->sys_config.disable_unicast_decryption = 1;
 
5969                 priv->ieee->host_decrypt = 1;
 
5972                 priv->sys_config.disable_unicast_decryption = 0;
 
5973                 priv->ieee->host_decrypt = 0;
 
5976                 priv->sys_config.disable_unicast_decryption = 1;
 
5983 static void ipw_set_hw_decrypt_multicast(struct ipw_priv *priv, int level)
 
5985         if (priv->ieee->host_encrypt)
 
5990                 priv->sys_config.disable_multicast_decryption = 0;
 
5993                 priv->sys_config.disable_multicast_decryption = 1;
 
5996                 priv->sys_config.disable_multicast_decryption = 0;
 
5999                 priv->sys_config.disable_multicast_decryption = 1;
 
6006 static void ipw_set_hwcrypto_keys(struct ipw_priv *priv)
 
6008         switch (priv->ieee->sec.level) {
 
6010                 if (priv->ieee->sec.flags & SEC_ACTIVE_KEY)
 
6011                         ipw_send_tgi_tx_key(priv,
 
6012                                             DCT_FLAG_EXT_SECURITY_CCM,
 
6013                                             priv->ieee->sec.active_key);
 
6015                 if (!priv->ieee->host_mc_decrypt)
 
6016                         ipw_send_wep_keys(priv, DCW_WEP_KEY_SEC_TYPE_CCM);
 
6019                 if (priv->ieee->sec.flags & SEC_ACTIVE_KEY)
 
6020                         ipw_send_tgi_tx_key(priv,
 
6021                                             DCT_FLAG_EXT_SECURITY_TKIP,
 
6022                                             priv->ieee->sec.active_key);
 
6025                 ipw_send_wep_keys(priv, DCW_WEP_KEY_SEC_TYPE_WEP);
 
6026                 ipw_set_hw_decrypt_unicast(priv, priv->ieee->sec.level);
 
6027                 ipw_set_hw_decrypt_multicast(priv, priv->ieee->sec.level);
 
6035 static void ipw_adhoc_check(void *data)
 
6037         struct ipw_priv *priv = data;
 
6039         if (priv->missed_adhoc_beacons++ > priv->disassociate_threshold &&
 
6040             !(priv->config & CFG_ADHOC_PERSIST)) {
 
6041                 IPW_DEBUG(IPW_DL_INFO | IPW_DL_NOTIF |
 
6042                           IPW_DL_STATE | IPW_DL_ASSOC,
 
6043                           "Missed beacon: %d - disassociate\n",
 
6044                           priv->missed_adhoc_beacons);
 
6045                 ipw_remove_current_network(priv);
 
6046                 ipw_disassociate(priv);
 
6050         queue_delayed_work(priv->workqueue, &priv->adhoc_check,
 
6051                            priv->assoc_request.beacon_interval);
 
6054 static void ipw_bg_adhoc_check(struct work_struct *work)
 
6056         struct ipw_priv *priv =
 
6057                 container_of(work, struct ipw_priv, adhoc_check.work);
 
6058         mutex_lock(&priv->mutex);
 
6059         ipw_adhoc_check(priv);
 
6060         mutex_unlock(&priv->mutex);
 
6063 static void ipw_debug_config(struct ipw_priv *priv)
 
6065         DECLARE_MAC_BUF(mac);
 
6066         IPW_DEBUG_INFO("Scan completed, no valid APs matched "
 
6067                        "[CFG 0x%08X]\n", priv->config);
 
6068         if (priv->config & CFG_STATIC_CHANNEL)
 
6069                 IPW_DEBUG_INFO("Channel locked to %d\n", priv->channel);
 
6071                 IPW_DEBUG_INFO("Channel unlocked.\n");
 
6072         if (priv->config & CFG_STATIC_ESSID)
 
6073                 IPW_DEBUG_INFO("ESSID locked to '%s'\n",
 
6074                                escape_essid(priv->essid, priv->essid_len));
 
6076                 IPW_DEBUG_INFO("ESSID unlocked.\n");
 
6077         if (priv->config & CFG_STATIC_BSSID)
 
6078                 IPW_DEBUG_INFO("BSSID locked to %s\n",
 
6079                                print_mac(mac, priv->bssid));
 
6081                 IPW_DEBUG_INFO("BSSID unlocked.\n");
 
6082         if (priv->capability & CAP_PRIVACY_ON)
 
6083                 IPW_DEBUG_INFO("PRIVACY on\n");
 
6085                 IPW_DEBUG_INFO("PRIVACY off\n");
 
6086         IPW_DEBUG_INFO("RATE MASK: 0x%08X\n", priv->rates_mask);
 
6089 static void ipw_set_fixed_rate(struct ipw_priv *priv, int mode)
 
6091         /* TODO: Verify that this works... */
 
6092         struct ipw_fixed_rate fr = {
 
6093                 .tx_rates = priv->rates_mask
 
6098         /* Identify 'current FW band' and match it with the fixed
 
6101         switch (priv->ieee->freq_band) {
 
6102         case IEEE80211_52GHZ_BAND:      /* A only */
 
6104                 if (priv->rates_mask & ~IEEE80211_OFDM_RATES_MASK) {
 
6105                         /* Invalid fixed rate mask */
 
6107                             ("invalid fixed rate mask in ipw_set_fixed_rate\n");
 
6112                 fr.tx_rates >>= IEEE80211_OFDM_SHIFT_MASK_A;
 
6115         default:                /* 2.4Ghz or Mixed */
 
6117                 if (mode == IEEE_B) {
 
6118                         if (fr.tx_rates & ~IEEE80211_CCK_RATES_MASK) {
 
6119                                 /* Invalid fixed rate mask */
 
6121                                     ("invalid fixed rate mask in ipw_set_fixed_rate\n");
 
6128                 if (fr.tx_rates & ~(IEEE80211_CCK_RATES_MASK |
 
6129                                     IEEE80211_OFDM_RATES_MASK)) {
 
6130                         /* Invalid fixed rate mask */
 
6132                             ("invalid fixed rate mask in ipw_set_fixed_rate\n");
 
6137                 if (IEEE80211_OFDM_RATE_6MB_MASK & fr.tx_rates) {
 
6138                         mask |= (IEEE80211_OFDM_RATE_6MB_MASK >> 1);
 
6139                         fr.tx_rates &= ~IEEE80211_OFDM_RATE_6MB_MASK;
 
6142                 if (IEEE80211_OFDM_RATE_9MB_MASK & fr.tx_rates) {
 
6143                         mask |= (IEEE80211_OFDM_RATE_9MB_MASK >> 1);
 
6144                         fr.tx_rates &= ~IEEE80211_OFDM_RATE_9MB_MASK;
 
6147                 if (IEEE80211_OFDM_RATE_12MB_MASK & fr.tx_rates) {
 
6148                         mask |= (IEEE80211_OFDM_RATE_12MB_MASK >> 1);
 
6149                         fr.tx_rates &= ~IEEE80211_OFDM_RATE_12MB_MASK;
 
6152                 fr.tx_rates |= mask;
 
6156         reg = ipw_read32(priv, IPW_MEM_FIXED_OVERRIDE);
 
6157         ipw_write_reg32(priv, reg, *(u32 *) & fr);
 
6160 static void ipw_abort_scan(struct ipw_priv *priv)
 
6164         if (priv->status & STATUS_SCAN_ABORTING) {
 
6165                 IPW_DEBUG_HC("Ignoring concurrent scan abort request.\n");
 
6168         priv->status |= STATUS_SCAN_ABORTING;
 
6170         err = ipw_send_scan_abort(priv);
 
6172                 IPW_DEBUG_HC("Request to abort scan failed.\n");
 
6175 static void ipw_add_scan_channels(struct ipw_priv *priv,
 
6176                                   struct ipw_scan_request_ext *scan,
 
6179         int channel_index = 0;
 
6180         const struct ieee80211_geo *geo;
 
6183         geo = ieee80211_get_geo(priv->ieee);
 
6185         if (priv->ieee->freq_band & IEEE80211_52GHZ_BAND) {
 
6186                 int start = channel_index;
 
6187                 for (i = 0; i < geo->a_channels; i++) {
 
6188                         if ((priv->status & STATUS_ASSOCIATED) &&
 
6189                             geo->a[i].channel == priv->channel)
 
6192                         scan->channels_list[channel_index] = geo->a[i].channel;
 
6193                         ipw_set_scan_type(scan, channel_index,
 
6195                                           flags & IEEE80211_CH_PASSIVE_ONLY ?
 
6196                                           IPW_SCAN_PASSIVE_FULL_DWELL_SCAN :
 
6200                 if (start != channel_index) {
 
6201                         scan->channels_list[start] = (u8) (IPW_A_MODE << 6) |
 
6202                             (channel_index - start);
 
6207         if (priv->ieee->freq_band & IEEE80211_24GHZ_BAND) {
 
6208                 int start = channel_index;
 
6209                 if (priv->config & CFG_SPEED_SCAN) {
 
6211                         u8 channels[IEEE80211_24GHZ_CHANNELS] = {
 
6212                                 /* nop out the list */
 
6217                         while (channel_index < IPW_SCAN_CHANNELS) {
 
6219                                     priv->speed_scan[priv->speed_scan_pos];
 
6221                                         priv->speed_scan_pos = 0;
 
6222                                         channel = priv->speed_scan[0];
 
6224                                 if ((priv->status & STATUS_ASSOCIATED) &&
 
6225                                     channel == priv->channel) {
 
6226                                         priv->speed_scan_pos++;
 
6230                                 /* If this channel has already been
 
6231                                  * added in scan, break from loop
 
6232                                  * and this will be the first channel
 
6235                                 if (channels[channel - 1] != 0)
 
6238                                 channels[channel - 1] = 1;
 
6239                                 priv->speed_scan_pos++;
 
6241                                 scan->channels_list[channel_index] = channel;
 
6243                                     ieee80211_channel_to_index(priv->ieee, channel);
 
6244                                 ipw_set_scan_type(scan, channel_index,
 
6247                                                   IEEE80211_CH_PASSIVE_ONLY ?
 
6248                                                   IPW_SCAN_PASSIVE_FULL_DWELL_SCAN
 
6252                         for (i = 0; i < geo->bg_channels; i++) {
 
6253                                 if ((priv->status & STATUS_ASSOCIATED) &&
 
6254                                     geo->bg[i].channel == priv->channel)
 
6257                                 scan->channels_list[channel_index] =
 
6259                                 ipw_set_scan_type(scan, channel_index,
 
6262                                                   IEEE80211_CH_PASSIVE_ONLY ?
 
6263                                                   IPW_SCAN_PASSIVE_FULL_DWELL_SCAN
 
6268                 if (start != channel_index) {
 
6269                         scan->channels_list[start] = (u8) (IPW_B_MODE << 6) |
 
6270                             (channel_index - start);
 
6275 static int ipw_request_scan_helper(struct ipw_priv *priv, int type)
 
6277         struct ipw_scan_request_ext scan;
 
6278         int err = 0, scan_type;
 
6280         if (!(priv->status & STATUS_INIT) ||
 
6281             (priv->status & STATUS_EXIT_PENDING))
 
6284         mutex_lock(&priv->mutex);
 
6286         if (priv->status & STATUS_SCANNING) {
 
6287                 IPW_DEBUG_HC("Concurrent scan requested.  Ignoring.\n");
 
6288                 priv->status |= STATUS_SCAN_PENDING;
 
6292         if (!(priv->status & STATUS_SCAN_FORCED) &&
 
6293             priv->status & STATUS_SCAN_ABORTING) {
 
6294                 IPW_DEBUG_HC("Scan request while abort pending.  Queuing.\n");
 
6295                 priv->status |= STATUS_SCAN_PENDING;
 
6299         if (priv->status & STATUS_RF_KILL_MASK) {
 
6300                 IPW_DEBUG_HC("Aborting scan due to RF Kill activation\n");
 
6301                 priv->status |= STATUS_SCAN_PENDING;
 
6305         memset(&scan, 0, sizeof(scan));
 
6306         scan.full_scan_index = cpu_to_le32(ieee80211_get_scans(priv->ieee));
 
6308         if (type == IW_SCAN_TYPE_PASSIVE) {
 
6309                 IPW_DEBUG_WX("use passive scanning\n");
 
6310                 scan_type = IPW_SCAN_PASSIVE_FULL_DWELL_SCAN;
 
6311                 scan.dwell_time[IPW_SCAN_PASSIVE_FULL_DWELL_SCAN] =
 
6313                 ipw_add_scan_channels(priv, &scan, scan_type);
 
6317         /* Use active scan by default. */
 
6318         if (priv->config & CFG_SPEED_SCAN)
 
6319                 scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_SCAN] =
 
6322                 scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_SCAN] =
 
6325         scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_AND_DIRECT_SCAN] =
 
6328         scan.dwell_time[IPW_SCAN_PASSIVE_FULL_DWELL_SCAN] = cpu_to_le16(120);
 
6330 #ifdef CONFIG_IPW2200_MONITOR
 
6331         if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
 
6335                 switch (ieee80211_is_valid_channel(priv->ieee, priv->channel)) {
 
6336                 case IEEE80211_52GHZ_BAND:
 
6337                         band = (u8) (IPW_A_MODE << 6) | 1;
 
6338                         channel = priv->channel;
 
6341                 case IEEE80211_24GHZ_BAND:
 
6342                         band = (u8) (IPW_B_MODE << 6) | 1;
 
6343                         channel = priv->channel;
 
6347                         band = (u8) (IPW_B_MODE << 6) | 1;
 
6352                 scan.channels_list[0] = band;
 
6353                 scan.channels_list[1] = channel;
 
6354                 ipw_set_scan_type(&scan, 1, IPW_SCAN_PASSIVE_FULL_DWELL_SCAN);
 
6356                 /* NOTE:  The card will sit on this channel for this time
 
6357                  * period.  Scan aborts are timing sensitive and frequently
 
6358                  * result in firmware restarts.  As such, it is best to
 
6359                  * set a small dwell_time here and just keep re-issuing
 
6360                  * scans.  Otherwise fast channel hopping will not actually
 
6363                  * TODO: Move SPEED SCAN support to all modes and bands */
 
6364                 scan.dwell_time[IPW_SCAN_PASSIVE_FULL_DWELL_SCAN] =
 
6367 #endif                          /* CONFIG_IPW2200_MONITOR */
 
6368                 /* If we are roaming, then make this a directed scan for the
 
6369                  * current network.  Otherwise, ensure that every other scan
 
6370                  * is a fast channel hop scan */
 
6371                 if ((priv->status & STATUS_ROAMING)
 
6372                     || (!(priv->status & STATUS_ASSOCIATED)
 
6373                         && (priv->config & CFG_STATIC_ESSID)
 
6374                         && (le32_to_cpu(scan.full_scan_index) % 2))) {
 
6375                         err = ipw_send_ssid(priv, priv->essid, priv->essid_len);
 
6377                                 IPW_DEBUG_HC("Attempt to send SSID command "
 
6382                         scan_type = IPW_SCAN_ACTIVE_BROADCAST_AND_DIRECT_SCAN;
 
6384                         scan_type = IPW_SCAN_ACTIVE_BROADCAST_SCAN;
 
6386                 ipw_add_scan_channels(priv, &scan, scan_type);
 
6387 #ifdef CONFIG_IPW2200_MONITOR
 
6392         err = ipw_send_scan_request_ext(priv, &scan);
 
6394                 IPW_DEBUG_HC("Sending scan command failed: %08X\n", err);
 
6398         priv->status |= STATUS_SCANNING;
 
6399         priv->status &= ~STATUS_SCAN_PENDING;
 
6400         queue_delayed_work(priv->workqueue, &priv->scan_check,
 
6401                            IPW_SCAN_CHECK_WATCHDOG);
 
6403         mutex_unlock(&priv->mutex);
 
6407 static void ipw_request_passive_scan(struct work_struct *work)
 
6409         struct ipw_priv *priv =
 
6410                 container_of(work, struct ipw_priv, request_passive_scan);
 
6411         ipw_request_scan_helper(priv, IW_SCAN_TYPE_PASSIVE);
 
6414 static void ipw_request_scan(struct work_struct *work)
 
6416         struct ipw_priv *priv =
 
6417                 container_of(work, struct ipw_priv, request_scan.work);
 
6418         ipw_request_scan_helper(priv, IW_SCAN_TYPE_ACTIVE);
 
6421 static void ipw_bg_abort_scan(struct work_struct *work)
 
6423         struct ipw_priv *priv =
 
6424                 container_of(work, struct ipw_priv, abort_scan);
 
6425         mutex_lock(&priv->mutex);
 
6426         ipw_abort_scan(priv);
 
6427         mutex_unlock(&priv->mutex);
 
6430 static int ipw_wpa_enable(struct ipw_priv *priv, int value)
 
6432         /* This is called when wpa_supplicant loads and closes the driver
 
6434         priv->ieee->wpa_enabled = value;
 
6438 static int ipw_wpa_set_auth_algs(struct ipw_priv *priv, int value)
 
6440         struct ieee80211_device *ieee = priv->ieee;
 
6441         struct ieee80211_security sec = {
 
6442                 .flags = SEC_AUTH_MODE,
 
6446         if (value & IW_AUTH_ALG_SHARED_KEY) {
 
6447                 sec.auth_mode = WLAN_AUTH_SHARED_KEY;
 
6449         } else if (value & IW_AUTH_ALG_OPEN_SYSTEM) {
 
6450                 sec.auth_mode = WLAN_AUTH_OPEN;
 
6452         } else if (value & IW_AUTH_ALG_LEAP) {
 
6453                 sec.auth_mode = WLAN_AUTH_LEAP;
 
6458         if (ieee->set_security)
 
6459                 ieee->set_security(ieee->dev, &sec);
 
6466 static void ipw_wpa_assoc_frame(struct ipw_priv *priv, char *wpa_ie,
 
6469         /* make sure WPA is enabled */
 
6470         ipw_wpa_enable(priv, 1);
 
6473 static int ipw_set_rsn_capa(struct ipw_priv *priv,
 
6474                             char *capabilities, int length)
 
6476         IPW_DEBUG_HC("HOST_CMD_RSN_CAPABILITIES\n");
 
6478         return ipw_send_cmd_pdu(priv, IPW_CMD_RSN_CAPABILITIES, length,
 
6487 static int ipw_wx_set_genie(struct net_device *dev,
 
6488                             struct iw_request_info *info,
 
6489                             union iwreq_data *wrqu, char *extra)
 
6491         struct ipw_priv *priv = ieee80211_priv(dev);
 
6492         struct ieee80211_device *ieee = priv->ieee;
 
6496         if (wrqu->data.length > MAX_WPA_IE_LEN ||
 
6497             (wrqu->data.length && extra == NULL))
 
6500         if (wrqu->data.length) {
 
6501                 buf = kmalloc(wrqu->data.length, GFP_KERNEL);
 
6507                 memcpy(buf, extra, wrqu->data.length);
 
6508                 kfree(ieee->wpa_ie);
 
6510                 ieee->wpa_ie_len = wrqu->data.length;
 
6512                 kfree(ieee->wpa_ie);
 
6513                 ieee->wpa_ie = NULL;
 
6514                 ieee->wpa_ie_len = 0;
 
6517         ipw_wpa_assoc_frame(priv, ieee->wpa_ie, ieee->wpa_ie_len);
 
6523 static int ipw_wx_get_genie(struct net_device *dev,
 
6524                             struct iw_request_info *info,
 
6525                             union iwreq_data *wrqu, char *extra)
 
6527         struct ipw_priv *priv = ieee80211_priv(dev);
 
6528         struct ieee80211_device *ieee = priv->ieee;
 
6531         if (ieee->wpa_ie_len == 0 || ieee->wpa_ie == NULL) {
 
6532                 wrqu->data.length = 0;
 
6536         if (wrqu->data.length < ieee->wpa_ie_len) {
 
6541         wrqu->data.length = ieee->wpa_ie_len;
 
6542         memcpy(extra, ieee->wpa_ie, ieee->wpa_ie_len);
 
6548 static int wext_cipher2level(int cipher)
 
6551         case IW_AUTH_CIPHER_NONE:
 
6553         case IW_AUTH_CIPHER_WEP40:
 
6554         case IW_AUTH_CIPHER_WEP104:
 
6556         case IW_AUTH_CIPHER_TKIP:
 
6558         case IW_AUTH_CIPHER_CCMP:
 
6566 static int ipw_wx_set_auth(struct net_device *dev,
 
6567                            struct iw_request_info *info,
 
6568                            union iwreq_data *wrqu, char *extra)
 
6570         struct ipw_priv *priv = ieee80211_priv(dev);
 
6571         struct ieee80211_device *ieee = priv->ieee;
 
6572         struct iw_param *param = &wrqu->param;
 
6573         struct ieee80211_crypt_data *crypt;
 
6574         unsigned long flags;
 
6577         switch (param->flags & IW_AUTH_INDEX) {
 
6578         case IW_AUTH_WPA_VERSION:
 
6580         case IW_AUTH_CIPHER_PAIRWISE:
 
6581                 ipw_set_hw_decrypt_unicast(priv,
 
6582                                            wext_cipher2level(param->value));
 
6584         case IW_AUTH_CIPHER_GROUP:
 
6585                 ipw_set_hw_decrypt_multicast(priv,
 
6586                                              wext_cipher2level(param->value));
 
6588         case IW_AUTH_KEY_MGMT:
 
6590                  * ipw2200 does not use these parameters
 
6594         case IW_AUTH_TKIP_COUNTERMEASURES:
 
6595                 crypt = priv->ieee->crypt[priv->ieee->tx_keyidx];
 
6596                 if (!crypt || !crypt->ops->set_flags || !crypt->ops->get_flags)
 
6599                 flags = crypt->ops->get_flags(crypt->priv);
 
6602                         flags |= IEEE80211_CRYPTO_TKIP_COUNTERMEASURES;
 
6604                         flags &= ~IEEE80211_CRYPTO_TKIP_COUNTERMEASURES;
 
6606                 crypt->ops->set_flags(flags, crypt->priv);
 
6610         case IW_AUTH_DROP_UNENCRYPTED:{
 
6613                          * wpa_supplicant calls set_wpa_enabled when the driver
 
6614                          * is loaded and unloaded, regardless of if WPA is being
 
6615                          * used.  No other calls are made which can be used to
 
6616                          * determine if encryption will be used or not prior to
 
6617                          * association being expected.  If encryption is not being
 
6618                          * used, drop_unencrypted is set to false, else true -- we
 
6619                          * can use this to determine if the CAP_PRIVACY_ON bit should
 
6622                         struct ieee80211_security sec = {
 
6623                                 .flags = SEC_ENABLED,
 
6624                                 .enabled = param->value,
 
6626                         priv->ieee->drop_unencrypted = param->value;
 
6627                         /* We only change SEC_LEVEL for open mode. Others
 
6628                          * are set by ipw_wpa_set_encryption.
 
6630                         if (!param->value) {
 
6631                                 sec.flags |= SEC_LEVEL;
 
6632                                 sec.level = SEC_LEVEL_0;
 
6634                                 sec.flags |= SEC_LEVEL;
 
6635                                 sec.level = SEC_LEVEL_1;
 
6637                         if (priv->ieee->set_security)
 
6638                                 priv->ieee->set_security(priv->ieee->dev, &sec);
 
6642         case IW_AUTH_80211_AUTH_ALG:
 
6643                 ret = ipw_wpa_set_auth_algs(priv, param->value);
 
6646         case IW_AUTH_WPA_ENABLED:
 
6647                 ret = ipw_wpa_enable(priv, param->value);
 
6648                 ipw_disassociate(priv);
 
6651         case IW_AUTH_RX_UNENCRYPTED_EAPOL:
 
6652                 ieee->ieee802_1x = param->value;
 
6655         case IW_AUTH_PRIVACY_INVOKED:
 
6656                 ieee->privacy_invoked = param->value;
 
6666 static int ipw_wx_get_auth(struct net_device *dev,
 
6667                            struct iw_request_info *info,
 
6668                            union iwreq_data *wrqu, char *extra)
 
6670         struct ipw_priv *priv = ieee80211_priv(dev);
 
6671         struct ieee80211_device *ieee = priv->ieee;
 
6672         struct ieee80211_crypt_data *crypt;
 
6673         struct iw_param *param = &wrqu->param;
 
6676         switch (param->flags & IW_AUTH_INDEX) {
 
6677         case IW_AUTH_WPA_VERSION:
 
6678         case IW_AUTH_CIPHER_PAIRWISE:
 
6679         case IW_AUTH_CIPHER_GROUP:
 
6680         case IW_AUTH_KEY_MGMT:
 
6682                  * wpa_supplicant will control these internally
 
6687         case IW_AUTH_TKIP_COUNTERMEASURES:
 
6688                 crypt = priv->ieee->crypt[priv->ieee->tx_keyidx];
 
6689                 if (!crypt || !crypt->ops->get_flags)
 
6692                 param->value = (crypt->ops->get_flags(crypt->priv) &
 
6693                                 IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) ? 1 : 0;
 
6697         case IW_AUTH_DROP_UNENCRYPTED:
 
6698                 param->value = ieee->drop_unencrypted;
 
6701         case IW_AUTH_80211_AUTH_ALG:
 
6702                 param->value = ieee->sec.auth_mode;
 
6705         case IW_AUTH_WPA_ENABLED:
 
6706                 param->value = ieee->wpa_enabled;
 
6709         case IW_AUTH_RX_UNENCRYPTED_EAPOL:
 
6710                 param->value = ieee->ieee802_1x;
 
6713         case IW_AUTH_ROAMING_CONTROL:
 
6714         case IW_AUTH_PRIVACY_INVOKED:
 
6715                 param->value = ieee->privacy_invoked;
 
6724 /* SIOCSIWENCODEEXT */
 
6725 static int ipw_wx_set_encodeext(struct net_device *dev,
 
6726                                 struct iw_request_info *info,
 
6727                                 union iwreq_data *wrqu, char *extra)
 
6729         struct ipw_priv *priv = ieee80211_priv(dev);
 
6730         struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
 
6733                 if (ext->alg == IW_ENCODE_ALG_TKIP) {
 
6734                         /* IPW HW can't build TKIP MIC,
 
6735                            host decryption still needed */
 
6736                         if (ext->ext_flags & IW_ENCODE_EXT_GROUP_KEY)
 
6737                                 priv->ieee->host_mc_decrypt = 1;
 
6739                                 priv->ieee->host_encrypt = 0;
 
6740                                 priv->ieee->host_encrypt_msdu = 1;
 
6741                                 priv->ieee->host_decrypt = 1;
 
6744                         priv->ieee->host_encrypt = 0;
 
6745                         priv->ieee->host_encrypt_msdu = 0;
 
6746                         priv->ieee->host_decrypt = 0;
 
6747                         priv->ieee->host_mc_decrypt = 0;
 
6751         return ieee80211_wx_set_encodeext(priv->ieee, info, wrqu, extra);
 
6754 /* SIOCGIWENCODEEXT */
 
6755 static int ipw_wx_get_encodeext(struct net_device *dev,
 
6756                                 struct iw_request_info *info,
 
6757                                 union iwreq_data *wrqu, char *extra)
 
6759         struct ipw_priv *priv = ieee80211_priv(dev);
 
6760         return ieee80211_wx_get_encodeext(priv->ieee, info, wrqu, extra);
 
6764 static int ipw_wx_set_mlme(struct net_device *dev,
 
6765                            struct iw_request_info *info,
 
6766                            union iwreq_data *wrqu, char *extra)
 
6768         struct ipw_priv *priv = ieee80211_priv(dev);
 
6769         struct iw_mlme *mlme = (struct iw_mlme *)extra;
 
6772         reason = cpu_to_le16(mlme->reason_code);
 
6774         switch (mlme->cmd) {
 
6775         case IW_MLME_DEAUTH:
 
6776                 /* silently ignore */
 
6779         case IW_MLME_DISASSOC:
 
6780                 ipw_disassociate(priv);
 
6789 #ifdef CONFIG_IPW2200_QOS
 
6793 * get the modulation type of the current network or
 
6794 * the card current mode
 
6796 static u8 ipw_qos_current_mode(struct ipw_priv * priv)
 
6800         if (priv->status & STATUS_ASSOCIATED) {
 
6801                 unsigned long flags;
 
6803                 spin_lock_irqsave(&priv->ieee->lock, flags);
 
6804                 mode = priv->assoc_network->mode;
 
6805                 spin_unlock_irqrestore(&priv->ieee->lock, flags);
 
6807                 mode = priv->ieee->mode;
 
6809         IPW_DEBUG_QOS("QoS network/card mode %d \n", mode);
 
6814 * Handle management frame beacon and probe response
 
6816 static int ipw_qos_handle_probe_response(struct ipw_priv *priv,
 
6818                                          struct ieee80211_network *network)
 
6820         u32 size = sizeof(struct ieee80211_qos_parameters);
 
6822         if (network->capability & WLAN_CAPABILITY_IBSS)
 
6823                 network->qos_data.active = network->qos_data.supported;
 
6825         if (network->flags & NETWORK_HAS_QOS_MASK) {
 
6826                 if (active_network &&
 
6827                     (network->flags & NETWORK_HAS_QOS_PARAMETERS))
 
6828                         network->qos_data.active = network->qos_data.supported;
 
6830                 if ((network->qos_data.active == 1) && (active_network == 1) &&
 
6831                     (network->flags & NETWORK_HAS_QOS_PARAMETERS) &&
 
6832                     (network->qos_data.old_param_count !=
 
6833                      network->qos_data.param_count)) {
 
6834                         network->qos_data.old_param_count =
 
6835                             network->qos_data.param_count;
 
6836                         schedule_work(&priv->qos_activate);
 
6837                         IPW_DEBUG_QOS("QoS parameters change call "
 
6841                 if ((priv->ieee->mode == IEEE_B) || (network->mode == IEEE_B))
 
6842                         memcpy(&network->qos_data.parameters,
 
6843                                &def_parameters_CCK, size);
 
6845                         memcpy(&network->qos_data.parameters,
 
6846                                &def_parameters_OFDM, size);
 
6848                 if ((network->qos_data.active == 1) && (active_network == 1)) {
 
6849                         IPW_DEBUG_QOS("QoS was disabled call qos_activate \n");
 
6850                         schedule_work(&priv->qos_activate);
 
6853                 network->qos_data.active = 0;
 
6854                 network->qos_data.supported = 0;
 
6856         if ((priv->status & STATUS_ASSOCIATED) &&
 
6857             (priv->ieee->iw_mode == IW_MODE_ADHOC) && (active_network == 0)) {
 
6858                 if (memcmp(network->bssid, priv->bssid, ETH_ALEN))
 
6859                         if ((network->capability & WLAN_CAPABILITY_IBSS) &&
 
6860                             !(network->flags & NETWORK_EMPTY_ESSID))
 
6861                                 if ((network->ssid_len ==
 
6862                                      priv->assoc_network->ssid_len) &&
 
6863                                     !memcmp(network->ssid,
 
6864                                             priv->assoc_network->ssid,
 
6865                                             network->ssid_len)) {
 
6866                                         queue_work(priv->workqueue,
 
6867                                                    &priv->merge_networks);
 
6875 * This function set up the firmware to support QoS. It sends
 
6876 * IPW_CMD_QOS_PARAMETERS and IPW_CMD_WME_INFO
 
6878 static int ipw_qos_activate(struct ipw_priv *priv,
 
6879                             struct ieee80211_qos_data *qos_network_data)
 
6882         struct ieee80211_qos_parameters qos_parameters[QOS_QOS_SETS];
 
6883         struct ieee80211_qos_parameters *active_one = NULL;
 
6884         u32 size = sizeof(struct ieee80211_qos_parameters);
 
6889         type = ipw_qos_current_mode(priv);
 
6891         active_one = &(qos_parameters[QOS_PARAM_SET_DEF_CCK]);
 
6892         memcpy(active_one, priv->qos_data.def_qos_parm_CCK, size);
 
6893         active_one = &(qos_parameters[QOS_PARAM_SET_DEF_OFDM]);
 
6894         memcpy(active_one, priv->qos_data.def_qos_parm_OFDM, size);
 
6896         if (qos_network_data == NULL) {
 
6897                 if (type == IEEE_B) {
 
6898                         IPW_DEBUG_QOS("QoS activate network mode %d\n", type);
 
6899                         active_one = &def_parameters_CCK;
 
6901                         active_one = &def_parameters_OFDM;
 
6903                 memcpy(&qos_parameters[QOS_PARAM_SET_ACTIVE], active_one, size);
 
6904                 burst_duration = ipw_qos_get_burst_duration(priv);
 
6905                 for (i = 0; i < QOS_QUEUE_NUM; i++)
 
6906                         qos_parameters[QOS_PARAM_SET_ACTIVE].tx_op_limit[i] =
 
6907                             (u16)burst_duration;
 
6908         } else if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
 
6909                 if (type == IEEE_B) {
 
6910                         IPW_DEBUG_QOS("QoS activate IBSS nework mode %d\n",
 
6912                         if (priv->qos_data.qos_enable == 0)
 
6913                                 active_one = &def_parameters_CCK;
 
6915                                 active_one = priv->qos_data.def_qos_parm_CCK;
 
6917                         if (priv->qos_data.qos_enable == 0)
 
6918                                 active_one = &def_parameters_OFDM;
 
6920                                 active_one = priv->qos_data.def_qos_parm_OFDM;
 
6922                 memcpy(&qos_parameters[QOS_PARAM_SET_ACTIVE], active_one, size);
 
6924                 unsigned long flags;
 
6927                 spin_lock_irqsave(&priv->ieee->lock, flags);
 
6928                 active_one = &(qos_network_data->parameters);
 
6929                 qos_network_data->old_param_count =
 
6930                     qos_network_data->param_count;
 
6931                 memcpy(&qos_parameters[QOS_PARAM_SET_ACTIVE], active_one, size);
 
6932                 active = qos_network_data->supported;
 
6933                 spin_unlock_irqrestore(&priv->ieee->lock, flags);
 
6936                         burst_duration = ipw_qos_get_burst_duration(priv);
 
6937                         for (i = 0; i < QOS_QUEUE_NUM; i++)
 
6938                                 qos_parameters[QOS_PARAM_SET_ACTIVE].
 
6939                                     tx_op_limit[i] = (u16)burst_duration;
 
6943         IPW_DEBUG_QOS("QoS sending IPW_CMD_QOS_PARAMETERS\n");
 
6944         for (i = 0; i < 3; i++) {
 
6946                 for (j = 0; j < QOS_QUEUE_NUM; j++) {
 
6947                         qos_parameters[i].cw_min[j] = cpu_to_le16(qos_parameters[i].cw_min[j]);
 
6948                         qos_parameters[i].cw_max[j] = cpu_to_le16(qos_parameters[i].cw_max[j]);
 
6949                         qos_parameters[i].tx_op_limit[j] = cpu_to_le16(qos_parameters[i].tx_op_limit[j]);
 
6953         err = ipw_send_qos_params_command(priv,
 
6954                                           (struct ieee80211_qos_parameters *)
 
6955                                           &(qos_parameters[0]));
 
6957                 IPW_DEBUG_QOS("QoS IPW_CMD_QOS_PARAMETERS failed\n");
 
6963 * send IPW_CMD_WME_INFO to the firmware
 
6965 static int ipw_qos_set_info_element(struct ipw_priv *priv)
 
6968         struct ieee80211_qos_information_element qos_info;
 
6973         qos_info.elementID = QOS_ELEMENT_ID;
 
6974         qos_info.length = sizeof(struct ieee80211_qos_information_element) - 2;
 
6976         qos_info.version = QOS_VERSION_1;
 
6977         qos_info.ac_info = 0;
 
6979         memcpy(qos_info.qui, qos_oui, QOS_OUI_LEN);
 
6980         qos_info.qui_type = QOS_OUI_TYPE;
 
6981         qos_info.qui_subtype = QOS_OUI_INFO_SUB_TYPE;
 
6983         ret = ipw_send_qos_info_command(priv, &qos_info);
 
6985                 IPW_DEBUG_QOS("QoS error calling ipw_send_qos_info_command\n");
 
6991 * Set the QoS parameter with the association request structure
 
6993 static int ipw_qos_association(struct ipw_priv *priv,
 
6994                                struct ieee80211_network *network)
 
6997         struct ieee80211_qos_data *qos_data = NULL;
 
6998         struct ieee80211_qos_data ibss_data = {
 
7003         switch (priv->ieee->iw_mode) {
 
7005                 BUG_ON(!(network->capability & WLAN_CAPABILITY_IBSS));
 
7007                 qos_data = &ibss_data;
 
7011                 qos_data = &network->qos_data;
 
7019         err = ipw_qos_activate(priv, qos_data);
 
7021                 priv->assoc_request.policy_support &= ~HC_QOS_SUPPORT_ASSOC;
 
7025         if (priv->qos_data.qos_enable && qos_data->supported) {
 
7026                 IPW_DEBUG_QOS("QoS will be enabled for this association\n");
 
7027                 priv->assoc_request.policy_support |= HC_QOS_SUPPORT_ASSOC;
 
7028                 return ipw_qos_set_info_element(priv);
 
7035 * handling the beaconing responses. if we get different QoS setting
 
7036 * off the network from the associated setting, adjust the QoS
 
7039 static int ipw_qos_association_resp(struct ipw_priv *priv,
 
7040                                     struct ieee80211_network *network)
 
7043         unsigned long flags;
 
7044         u32 size = sizeof(struct ieee80211_qos_parameters);
 
7045         int set_qos_param = 0;
 
7047         if ((priv == NULL) || (network == NULL) ||
 
7048             (priv->assoc_network == NULL))
 
7051         if (!(priv->status & STATUS_ASSOCIATED))
 
7054         if ((priv->ieee->iw_mode != IW_MODE_INFRA))
 
7057         spin_lock_irqsave(&priv->ieee->lock, flags);
 
7058         if (network->flags & NETWORK_HAS_QOS_PARAMETERS) {
 
7059                 memcpy(&priv->assoc_network->qos_data, &network->qos_data,
 
7060                        sizeof(struct ieee80211_qos_data));
 
7061                 priv->assoc_network->qos_data.active = 1;
 
7062                 if ((network->qos_data.old_param_count !=
 
7063                      network->qos_data.param_count)) {
 
7065                         network->qos_data.old_param_count =
 
7066                             network->qos_data.param_count;
 
7070                 if ((network->mode == IEEE_B) || (priv->ieee->mode == IEEE_B))
 
7071                         memcpy(&priv->assoc_network->qos_data.parameters,
 
7072                                &def_parameters_CCK, size);
 
7074                         memcpy(&priv->assoc_network->qos_data.parameters,
 
7075                                &def_parameters_OFDM, size);
 
7076                 priv->assoc_network->qos_data.active = 0;
 
7077                 priv->assoc_network->qos_data.supported = 0;
 
7081         spin_unlock_irqrestore(&priv->ieee->lock, flags);
 
7083         if (set_qos_param == 1)
 
7084                 schedule_work(&priv->qos_activate);
 
7089 static u32 ipw_qos_get_burst_duration(struct ipw_priv *priv)
 
7096         if (!(priv->ieee->modulation & IEEE80211_OFDM_MODULATION))
 
7097                 ret = priv->qos_data.burst_duration_CCK;
 
7099                 ret = priv->qos_data.burst_duration_OFDM;
 
7105 * Initialize the setting of QoS global
 
7107 static void ipw_qos_init(struct ipw_priv *priv, int enable,
 
7108                          int burst_enable, u32 burst_duration_CCK,
 
7109                          u32 burst_duration_OFDM)
 
7111         priv->qos_data.qos_enable = enable;
 
7113         if (priv->qos_data.qos_enable) {
 
7114                 priv->qos_data.def_qos_parm_CCK = &def_qos_parameters_CCK;
 
7115                 priv->qos_data.def_qos_parm_OFDM = &def_qos_parameters_OFDM;
 
7116                 IPW_DEBUG_QOS("QoS is enabled\n");
 
7118                 priv->qos_data.def_qos_parm_CCK = &def_parameters_CCK;
 
7119                 priv->qos_data.def_qos_parm_OFDM = &def_parameters_OFDM;
 
7120                 IPW_DEBUG_QOS("QoS is not enabled\n");
 
7123         priv->qos_data.burst_enable = burst_enable;
 
7126                 priv->qos_data.burst_duration_CCK = burst_duration_CCK;
 
7127                 priv->qos_data.burst_duration_OFDM = burst_duration_OFDM;
 
7129                 priv->qos_data.burst_duration_CCK = 0;
 
7130                 priv->qos_data.burst_duration_OFDM = 0;
 
7135 * map the packet priority to the right TX Queue
 
7137 static int ipw_get_tx_queue_number(struct ipw_priv *priv, u16 priority)
 
7139         if (priority > 7 || !priv->qos_data.qos_enable)
 
7142         return from_priority_to_tx_queue[priority] - 1;
 
7145 static int ipw_is_qos_active(struct net_device *dev,
 
7146                              struct sk_buff *skb)
 
7148         struct ipw_priv *priv = ieee80211_priv(dev);
 
7149         struct ieee80211_qos_data *qos_data = NULL;
 
7150         int active, supported;
 
7151         u8 *daddr = skb->data + ETH_ALEN;
 
7152         int unicast = !is_multicast_ether_addr(daddr);
 
7154         if (!(priv->status & STATUS_ASSOCIATED))
 
7157         qos_data = &priv->assoc_network->qos_data;
 
7159         if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
 
7161                         qos_data->active = 0;
 
7163                         qos_data->active = qos_data->supported;
 
7165         active = qos_data->active;
 
7166         supported = qos_data->supported;
 
7167         IPW_DEBUG_QOS("QoS  %d network is QoS active %d  supported %d  "
 
7169                       priv->qos_data.qos_enable, active, supported, unicast);
 
7170         if (active && priv->qos_data.qos_enable)
 
7177 * add QoS parameter to the TX command
 
7179 static int ipw_qos_set_tx_queue_command(struct ipw_priv *priv,
 
7181                                         struct tfd_data *tfd)
 
7183         int tx_queue_id = 0;
 
7186         tx_queue_id = from_priority_to_tx_queue[priority] - 1;
 
7187         tfd->tx_flags_ext |= DCT_FLAG_EXT_QOS_ENABLED;
 
7189         if (priv->qos_data.qos_no_ack_mask & (1UL << tx_queue_id)) {
 
7190                 tfd->tx_flags &= ~DCT_FLAG_ACK_REQD;
 
7191                 tfd->tfd.tfd_26.mchdr.qos_ctrl |= cpu_to_le16(CTRL_QOS_NO_ACK);
 
7197 * background support to run QoS activate functionality
 
7199 static void ipw_bg_qos_activate(struct work_struct *work)
 
7201         struct ipw_priv *priv =
 
7202                 container_of(work, struct ipw_priv, qos_activate);
 
7207         mutex_lock(&priv->mutex);
 
7209         if (priv->status & STATUS_ASSOCIATED)
 
7210                 ipw_qos_activate(priv, &(priv->assoc_network->qos_data));
 
7212         mutex_unlock(&priv->mutex);
 
7215 static int ipw_handle_probe_response(struct net_device *dev,
 
7216                                      struct ieee80211_probe_response *resp,
 
7217                                      struct ieee80211_network *network)
 
7219         struct ipw_priv *priv = ieee80211_priv(dev);
 
7220         int active_network = ((priv->status & STATUS_ASSOCIATED) &&
 
7221                               (network == priv->assoc_network));
 
7223         ipw_qos_handle_probe_response(priv, active_network, network);
 
7228 static int ipw_handle_beacon(struct net_device *dev,
 
7229                              struct ieee80211_beacon *resp,
 
7230                              struct ieee80211_network *network)
 
7232         struct ipw_priv *priv = ieee80211_priv(dev);
 
7233         int active_network = ((priv->status & STATUS_ASSOCIATED) &&
 
7234                               (network == priv->assoc_network));
 
7236         ipw_qos_handle_probe_response(priv, active_network, network);
 
7241 static int ipw_handle_assoc_response(struct net_device *dev,
 
7242                                      struct ieee80211_assoc_response *resp,
 
7243                                      struct ieee80211_network *network)
 
7245         struct ipw_priv *priv = ieee80211_priv(dev);
 
7246         ipw_qos_association_resp(priv, network);
 
7250 static int ipw_send_qos_params_command(struct ipw_priv *priv, struct ieee80211_qos_parameters
 
7253         return ipw_send_cmd_pdu(priv, IPW_CMD_QOS_PARAMETERS,
 
7254                                 sizeof(*qos_param) * 3, qos_param);
 
7257 static int ipw_send_qos_info_command(struct ipw_priv *priv, struct ieee80211_qos_information_element
 
7260         return ipw_send_cmd_pdu(priv, IPW_CMD_WME_INFO, sizeof(*qos_param),
 
7264 #endif                          /* CONFIG_IPW2200_QOS */
 
7266 static int ipw_associate_network(struct ipw_priv *priv,
 
7267                                  struct ieee80211_network *network,
 
7268                                  struct ipw_supported_rates *rates, int roaming)
 
7271         DECLARE_MAC_BUF(mac);
 
7273         if (priv->config & CFG_FIXED_RATE)
 
7274                 ipw_set_fixed_rate(priv, network->mode);
 
7276         if (!(priv->config & CFG_STATIC_ESSID)) {
 
7277                 priv->essid_len = min(network->ssid_len,
 
7278                                       (u8) IW_ESSID_MAX_SIZE);
 
7279                 memcpy(priv->essid, network->ssid, priv->essid_len);
 
7282         network->last_associate = jiffies;
 
7284         memset(&priv->assoc_request, 0, sizeof(priv->assoc_request));
 
7285         priv->assoc_request.channel = network->channel;
 
7286         priv->assoc_request.auth_key = 0;
 
7288         if ((priv->capability & CAP_PRIVACY_ON) &&
 
7289             (priv->ieee->sec.auth_mode == WLAN_AUTH_SHARED_KEY)) {
 
7290                 priv->assoc_request.auth_type = AUTH_SHARED_KEY;
 
7291                 priv->assoc_request.auth_key = priv->ieee->sec.active_key;
 
7293                 if (priv->ieee->sec.level == SEC_LEVEL_1)
 
7294                         ipw_send_wep_keys(priv, DCW_WEP_KEY_SEC_TYPE_WEP);
 
7296         } else if ((priv->capability & CAP_PRIVACY_ON) &&
 
7297                    (priv->ieee->sec.auth_mode == WLAN_AUTH_LEAP))
 
7298                 priv->assoc_request.auth_type = AUTH_LEAP;
 
7300                 priv->assoc_request.auth_type = AUTH_OPEN;
 
7302         if (priv->ieee->wpa_ie_len) {
 
7303                 priv->assoc_request.policy_support = 0x02;      /* RSN active */
 
7304                 ipw_set_rsn_capa(priv, priv->ieee->wpa_ie,
 
7305                                  priv->ieee->wpa_ie_len);
 
7309          * It is valid for our ieee device to support multiple modes, but
 
7310          * when it comes to associating to a given network we have to choose
 
7313         if (network->mode & priv->ieee->mode & IEEE_A)
 
7314                 priv->assoc_request.ieee_mode = IPW_A_MODE;
 
7315         else if (network->mode & priv->ieee->mode & IEEE_G)
 
7316                 priv->assoc_request.ieee_mode = IPW_G_MODE;
 
7317         else if (network->mode & priv->ieee->mode & IEEE_B)
 
7318                 priv->assoc_request.ieee_mode = IPW_B_MODE;
 
7320         priv->assoc_request.capability = network->capability;
 
7321         if ((network->capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
 
7322             && !(priv->config & CFG_PREAMBLE_LONG)) {
 
7323                 priv->assoc_request.preamble_length = DCT_FLAG_SHORT_PREAMBLE;
 
7325                 priv->assoc_request.preamble_length = DCT_FLAG_LONG_PREAMBLE;
 
7327                 /* Clear the short preamble if we won't be supporting it */
 
7328                 priv->assoc_request.capability &=
 
7329                     ~WLAN_CAPABILITY_SHORT_PREAMBLE;
 
7332         /* Clear capability bits that aren't used in Ad Hoc */
 
7333         if (priv->ieee->iw_mode == IW_MODE_ADHOC)
 
7334                 priv->assoc_request.capability &=
 
7335                     ~WLAN_CAPABILITY_SHORT_SLOT_TIME;
 
7337         IPW_DEBUG_ASSOC("%sssocation attempt: '%s', channel %d, "
 
7338                         "802.11%c [%d], %s[:%s], enc=%s%s%s%c%c\n",
 
7339                         roaming ? "Rea" : "A",
 
7340                         escape_essid(priv->essid, priv->essid_len),
 
7342                         ipw_modes[priv->assoc_request.ieee_mode],
 
7344                         (priv->assoc_request.preamble_length ==
 
7345                          DCT_FLAG_LONG_PREAMBLE) ? "long" : "short",
 
7346                         network->capability &
 
7347                         WLAN_CAPABILITY_SHORT_PREAMBLE ? "short" : "long",
 
7348                         priv->capability & CAP_PRIVACY_ON ? "on " : "off",
 
7349                         priv->capability & CAP_PRIVACY_ON ?
 
7350                         (priv->capability & CAP_SHARED_KEY ? "(shared)" :
 
7352                         priv->capability & CAP_PRIVACY_ON ? " key=" : "",
 
7353                         priv->capability & CAP_PRIVACY_ON ?
 
7354                         '1' + priv->ieee->sec.active_key : '.',
 
7355                         priv->capability & CAP_PRIVACY_ON ? '.' : ' ');
 
7357         priv->assoc_request.beacon_interval = network->beacon_interval;
 
7358         if ((priv->ieee->iw_mode == IW_MODE_ADHOC) &&
 
7359             (network->time_stamp[0] == 0) && (network->time_stamp[1] == 0)) {
 
7360                 priv->assoc_request.assoc_type = HC_IBSS_START;
 
7361                 priv->assoc_request.assoc_tsf_msw = 0;
 
7362                 priv->assoc_request.assoc_tsf_lsw = 0;
 
7364                 if (unlikely(roaming))
 
7365                         priv->assoc_request.assoc_type = HC_REASSOCIATE;
 
7367                         priv->assoc_request.assoc_type = HC_ASSOCIATE;
 
7368                 priv->assoc_request.assoc_tsf_msw = network->time_stamp[1];
 
7369                 priv->assoc_request.assoc_tsf_lsw = network->time_stamp[0];
 
7372         memcpy(priv->assoc_request.bssid, network->bssid, ETH_ALEN);
 
7374         if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
 
7375                 memset(&priv->assoc_request.dest, 0xFF, ETH_ALEN);
 
7376                 priv->assoc_request.atim_window = network->atim_window;
 
7378                 memcpy(priv->assoc_request.dest, network->bssid, ETH_ALEN);
 
7379                 priv->assoc_request.atim_window = 0;
 
7382         priv->assoc_request.listen_interval = network->listen_interval;
 
7384         err = ipw_send_ssid(priv, priv->essid, priv->essid_len);
 
7386                 IPW_DEBUG_HC("Attempt to send SSID command failed.\n");
 
7390         rates->ieee_mode = priv->assoc_request.ieee_mode;
 
7391         rates->purpose = IPW_RATE_CONNECT;
 
7392         ipw_send_supported_rates(priv, rates);
 
7394         if (priv->assoc_request.ieee_mode == IPW_G_MODE)
 
7395                 priv->sys_config.dot11g_auto_detection = 1;
 
7397                 priv->sys_config.dot11g_auto_detection = 0;
 
7399         if (priv->ieee->iw_mode == IW_MODE_ADHOC)
 
7400                 priv->sys_config.answer_broadcast_ssid_probe = 1;
 
7402                 priv->sys_config.answer_broadcast_ssid_probe = 0;
 
7404         err = ipw_send_system_config(priv);
 
7406                 IPW_DEBUG_HC("Attempt to send sys config command failed.\n");
 
7410         IPW_DEBUG_ASSOC("Association sensitivity: %d\n", network->stats.rssi);
 
7411         err = ipw_set_sensitivity(priv, network->stats.rssi + IPW_RSSI_TO_DBM);
 
7413                 IPW_DEBUG_HC("Attempt to send associate command failed.\n");
 
7418          * If preemption is enabled, it is possible for the association
 
7419          * to complete before we return from ipw_send_associate.  Therefore
 
7420          * we have to be sure and update our priviate data first.
 
7422         priv->channel = network->channel;
 
7423         memcpy(priv->bssid, network->bssid, ETH_ALEN);
 
7424         priv->status |= STATUS_ASSOCIATING;
 
7425         priv->status &= ~STATUS_SECURITY_UPDATED;
 
7427         priv->assoc_network = network;
 
7429 #ifdef CONFIG_IPW2200_QOS
 
7430         ipw_qos_association(priv, network);
 
7433         err = ipw_send_associate(priv, &priv->assoc_request);
 
7435                 IPW_DEBUG_HC("Attempt to send associate command failed.\n");
 
7439         IPW_DEBUG(IPW_DL_STATE, "associating: '%s' %s \n",
 
7440                   escape_essid(priv->essid, priv->essid_len),
 
7441                   print_mac(mac, priv->bssid));
 
7446 static void ipw_roam(void *data)
 
7448         struct ipw_priv *priv = data;
 
7449         struct ieee80211_network *network = NULL;
 
7450         struct ipw_network_match match = {
 
7451                 .network = priv->assoc_network
 
7454         /* The roaming process is as follows:
 
7456          * 1.  Missed beacon threshold triggers the roaming process by
 
7457          *     setting the status ROAM bit and requesting a scan.
 
7458          * 2.  When the scan completes, it schedules the ROAM work
 
7459          * 3.  The ROAM work looks at all of the known networks for one that
 
7460          *     is a better network than the currently associated.  If none
 
7461          *     found, the ROAM process is over (ROAM bit cleared)
 
7462          * 4.  If a better network is found, a disassociation request is
 
7464          * 5.  When the disassociation completes, the roam work is again
 
7465          *     scheduled.  The second time through, the driver is no longer
 
7466          *     associated, and the newly selected network is sent an
 
7467          *     association request.
 
7468          * 6.  At this point ,the roaming process is complete and the ROAM
 
7469          *     status bit is cleared.
 
7472         /* If we are no longer associated, and the roaming bit is no longer
 
7473          * set, then we are not actively roaming, so just return */
 
7474         if (!(priv->status & (STATUS_ASSOCIATED | STATUS_ROAMING)))
 
7477         if (priv->status & STATUS_ASSOCIATED) {
 
7478                 /* First pass through ROAM process -- look for a better
 
7480                 unsigned long flags;
 
7481                 u8 rssi = priv->assoc_network->stats.rssi;
 
7482                 priv->assoc_network->stats.rssi = -128;
 
7483                 spin_lock_irqsave(&priv->ieee->lock, flags);
 
7484                 list_for_each_entry(network, &priv->ieee->network_list, list) {
 
7485                         if (network != priv->assoc_network)
 
7486                                 ipw_best_network(priv, &match, network, 1);
 
7488                 spin_unlock_irqrestore(&priv->ieee->lock, flags);
 
7489                 priv->assoc_network->stats.rssi = rssi;
 
7491                 if (match.network == priv->assoc_network) {
 
7492                         IPW_DEBUG_ASSOC("No better APs in this network to "
 
7494                         priv->status &= ~STATUS_ROAMING;
 
7495                         ipw_debug_config(priv);
 
7499                 ipw_send_disassociate(priv, 1);
 
7500                 priv->assoc_network = match.network;
 
7505         /* Second pass through ROAM process -- request association */
 
7506         ipw_compatible_rates(priv, priv->assoc_network, &match.rates);
 
7507         ipw_associate_network(priv, priv->assoc_network, &match.rates, 1);
 
7508         priv->status &= ~STATUS_ROAMING;
 
7511 static void ipw_bg_roam(struct work_struct *work)
 
7513         struct ipw_priv *priv =
 
7514                 container_of(work, struct ipw_priv, roam);
 
7515         mutex_lock(&priv->mutex);
 
7517         mutex_unlock(&priv->mutex);
 
7520 static int ipw_associate(void *data)
 
7522         struct ipw_priv *priv = data;
 
7524         struct ieee80211_network *network = NULL;
 
7525         struct ipw_network_match match = {
 
7528         struct ipw_supported_rates *rates;
 
7529         struct list_head *element;
 
7530         unsigned long flags;
 
7532         if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
 
7533                 IPW_DEBUG_ASSOC("Not attempting association (monitor mode)\n");
 
7537         if (priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)) {
 
7538                 IPW_DEBUG_ASSOC("Not attempting association (already in "
 
7543         if (priv->status & STATUS_DISASSOCIATING) {
 
7544                 IPW_DEBUG_ASSOC("Not attempting association (in "
 
7545                                 "disassociating)\n ");
 
7546                 queue_work(priv->workqueue, &priv->associate);
 
7550         if (!ipw_is_init(priv) || (priv->status & STATUS_SCANNING)) {
 
7551                 IPW_DEBUG_ASSOC("Not attempting association (scanning or not "
 
7556         if (!(priv->config & CFG_ASSOCIATE) &&
 
7557             !(priv->config & (CFG_STATIC_ESSID |
 
7558                               CFG_STATIC_CHANNEL | CFG_STATIC_BSSID))) {
 
7559                 IPW_DEBUG_ASSOC("Not attempting association (associate=0)\n");
 
7563         /* Protect our use of the network_list */
 
7564         spin_lock_irqsave(&priv->ieee->lock, flags);
 
7565         list_for_each_entry(network, &priv->ieee->network_list, list)
 
7566             ipw_best_network(priv, &match, network, 0);
 
7568         network = match.network;
 
7569         rates = &match.rates;
 
7571         if (network == NULL &&
 
7572             priv->ieee->iw_mode == IW_MODE_ADHOC &&
 
7573             priv->config & CFG_ADHOC_CREATE &&
 
7574             priv->config & CFG_STATIC_ESSID &&
 
7575             priv->config & CFG_STATIC_CHANNEL &&
 
7576             !list_empty(&priv->ieee->network_free_list)) {
 
7577                 element = priv->ieee->network_free_list.next;
 
7578                 network = list_entry(element, struct ieee80211_network, list);
 
7579                 ipw_adhoc_create(priv, network);
 
7580                 rates = &priv->rates;
 
7582                 list_add_tail(&network->list, &priv->ieee->network_list);
 
7584         spin_unlock_irqrestore(&priv->ieee->lock, flags);
 
7586         /* If we reached the end of the list, then we don't have any valid
 
7589                 ipw_debug_config(priv);
 
7591                 if (!(priv->status & STATUS_SCANNING)) {
 
7592                         if (!(priv->config & CFG_SPEED_SCAN))
 
7593                                 queue_delayed_work(priv->workqueue,
 
7594                                                    &priv->request_scan,
 
7597                                 queue_delayed_work(priv->workqueue,
 
7598                                                    &priv->request_scan, 0);
 
7604         ipw_associate_network(priv, network, rates, 0);
 
7609 static void ipw_bg_associate(struct work_struct *work)
 
7611         struct ipw_priv *priv =
 
7612                 container_of(work, struct ipw_priv, associate);
 
7613         mutex_lock(&priv->mutex);
 
7614         ipw_associate(priv);
 
7615         mutex_unlock(&priv->mutex);
 
7618 static void ipw_rebuild_decrypted_skb(struct ipw_priv *priv,
 
7619                                       struct sk_buff *skb)
 
7621         struct ieee80211_hdr *hdr;
 
7624         hdr = (struct ieee80211_hdr *)skb->data;
 
7625         fc = le16_to_cpu(hdr->frame_ctl);
 
7626         if (!(fc & IEEE80211_FCTL_PROTECTED))
 
7629         fc &= ~IEEE80211_FCTL_PROTECTED;
 
7630         hdr->frame_ctl = cpu_to_le16(fc);
 
7631         switch (priv->ieee->sec.level) {
 
7633                 /* Remove CCMP HDR */
 
7634                 memmove(skb->data + IEEE80211_3ADDR_LEN,
 
7635                         skb->data + IEEE80211_3ADDR_LEN + 8,
 
7636                         skb->len - IEEE80211_3ADDR_LEN - 8);
 
7637                 skb_trim(skb, skb->len - 16);   /* CCMP_HDR_LEN + CCMP_MIC_LEN */
 
7643                 memmove(skb->data + IEEE80211_3ADDR_LEN,
 
7644                         skb->data + IEEE80211_3ADDR_LEN + 4,
 
7645                         skb->len - IEEE80211_3ADDR_LEN - 4);
 
7646                 skb_trim(skb, skb->len - 8);    /* IV + ICV */
 
7651                 printk(KERN_ERR "Unknow security level %d\n",
 
7652                        priv->ieee->sec.level);
 
7657 static void ipw_handle_data_packet(struct ipw_priv *priv,
 
7658                                    struct ipw_rx_mem_buffer *rxb,
 
7659                                    struct ieee80211_rx_stats *stats)
 
7661         struct ieee80211_hdr_4addr *hdr;
 
7662         struct ipw_rx_packet *pkt = (struct ipw_rx_packet *)rxb->skb->data;
 
7664         /* We received data from the HW, so stop the watchdog */
 
7665         priv->net_dev->trans_start = jiffies;
 
7667         /* We only process data packets if the
 
7668          * interface is open */
 
7669         if (unlikely((le16_to_cpu(pkt->u.frame.length) + IPW_RX_FRAME_SIZE) >
 
7670                      skb_tailroom(rxb->skb))) {
 
7671                 priv->ieee->stats.rx_errors++;
 
7672                 priv->wstats.discard.misc++;
 
7673                 IPW_DEBUG_DROP("Corruption detected! Oh no!\n");
 
7675         } else if (unlikely(!netif_running(priv->net_dev))) {
 
7676                 priv->ieee->stats.rx_dropped++;
 
7677                 priv->wstats.discard.misc++;
 
7678                 IPW_DEBUG_DROP("Dropping packet while interface is not up.\n");
 
7682         /* Advance skb->data to the start of the actual payload */
 
7683         skb_reserve(rxb->skb, offsetof(struct ipw_rx_packet, u.frame.data));
 
7685         /* Set the size of the skb to the size of the frame */
 
7686         skb_put(rxb->skb, le16_to_cpu(pkt->u.frame.length));
 
7688         IPW_DEBUG_RX("Rx packet of %d bytes.\n", rxb->skb->len);
 
7690         /* HW decrypt will not clear the WEP bit, MIC, PN, etc. */
 
7691         hdr = (struct ieee80211_hdr_4addr *)rxb->skb->data;
 
7692         if (priv->ieee->iw_mode != IW_MODE_MONITOR &&
 
7693             (is_multicast_ether_addr(hdr->addr1) ?
 
7694              !priv->ieee->host_mc_decrypt : !priv->ieee->host_decrypt))
 
7695                 ipw_rebuild_decrypted_skb(priv, rxb->skb);
 
7697         if (!ieee80211_rx(priv->ieee, rxb->skb, stats))
 
7698                 priv->ieee->stats.rx_errors++;
 
7699         else {                  /* ieee80211_rx succeeded, so it now owns the SKB */
 
7701                 __ipw_led_activity_on(priv);
 
7705 #ifdef CONFIG_IPW2200_RADIOTAP
 
7706 static void ipw_handle_data_packet_monitor(struct ipw_priv *priv,
 
7707                                            struct ipw_rx_mem_buffer *rxb,
 
7708                                            struct ieee80211_rx_stats *stats)
 
7710         struct ipw_rx_packet *pkt = (struct ipw_rx_packet *)rxb->skb->data;
 
7711         struct ipw_rx_frame *frame = &pkt->u.frame;
 
7713         /* initial pull of some data */
 
7714         u16 received_channel = frame->received_channel;
 
7715         u8 antennaAndPhy = frame->antennaAndPhy;
 
7716         s8 antsignal = frame->rssi_dbm - IPW_RSSI_TO_DBM;       /* call it signed anyhow */
 
7717         u16 pktrate = frame->rate;
 
7719         /* Magic struct that slots into the radiotap header -- no reason
 
7720          * to build this manually element by element, we can write it much
 
7721          * more efficiently than we can parse it. ORDER MATTERS HERE */
 
7722         struct ipw_rt_hdr *ipw_rt;
 
7724         short len = le16_to_cpu(pkt->u.frame.length);
 
7726         /* We received data from the HW, so stop the watchdog */
 
7727         priv->net_dev->trans_start = jiffies;
 
7729         /* We only process data packets if the
 
7730          * interface is open */
 
7731         if (unlikely((le16_to_cpu(pkt->u.frame.length) + IPW_RX_FRAME_SIZE) >
 
7732                      skb_tailroom(rxb->skb))) {
 
7733                 priv->ieee->stats.rx_errors++;
 
7734                 priv->wstats.discard.misc++;
 
7735                 IPW_DEBUG_DROP("Corruption detected! Oh no!\n");
 
7737         } else if (unlikely(!netif_running(priv->net_dev))) {
 
7738                 priv->ieee->stats.rx_dropped++;
 
7739                 priv->wstats.discard.misc++;
 
7740                 IPW_DEBUG_DROP("Dropping packet while interface is not up.\n");
 
7744         /* Libpcap 0.9.3+ can handle variable length radiotap, so we'll use
 
7746         if (len > IPW_RX_BUF_SIZE - sizeof(struct ipw_rt_hdr)) {
 
7747                 /* FIXME: Should alloc bigger skb instead */
 
7748                 priv->ieee->stats.rx_dropped++;
 
7749                 priv->wstats.discard.misc++;
 
7750                 IPW_DEBUG_DROP("Dropping too large packet in monitor\n");
 
7754         /* copy the frame itself */
 
7755         memmove(rxb->skb->data + sizeof(struct ipw_rt_hdr),
 
7756                 rxb->skb->data + IPW_RX_FRAME_SIZE, len);
 
7758         /* Zero the radiotap static buffer  ...  We only need to zero the bytes NOT
 
7759          * part of our real header, saves a little time.
 
7761          * No longer necessary since we fill in all our data.  Purge before merging
 
7763          * memset(rxb->skb->data + sizeof(struct ipw_rt_hdr), 0,
 
7764          *        IEEE80211_RADIOTAP_HDRLEN - sizeof(struct ipw_rt_hdr));
 
7767         ipw_rt = (struct ipw_rt_hdr *)rxb->skb->data;
 
7769         ipw_rt->rt_hdr.it_version = PKTHDR_RADIOTAP_VERSION;
 
7770         ipw_rt->rt_hdr.it_pad = 0;      /* always good to zero */
 
7771         ipw_rt->rt_hdr.it_len = sizeof(struct ipw_rt_hdr);      /* total header+data */
 
7773         /* Big bitfield of all the fields we provide in radiotap */
 
7774         ipw_rt->rt_hdr.it_present =
 
7775             ((1 << IEEE80211_RADIOTAP_TSFT) |
 
7776              (1 << IEEE80211_RADIOTAP_FLAGS) |
 
7777              (1 << IEEE80211_RADIOTAP_RATE) |
 
7778              (1 << IEEE80211_RADIOTAP_CHANNEL) |
 
7779              (1 << IEEE80211_RADIOTAP_DBM_ANTSIGNAL) |
 
7780              (1 << IEEE80211_RADIOTAP_DBM_ANTNOISE) |
 
7781              (1 << IEEE80211_RADIOTAP_ANTENNA));
 
7783         /* Zero the flags, we'll add to them as we go */
 
7784         ipw_rt->rt_flags = 0;
 
7785         ipw_rt->rt_tsf = (u64)(frame->parent_tsf[3] << 24 |
 
7786                                frame->parent_tsf[2] << 16 |
 
7787                                frame->parent_tsf[1] << 8  |
 
7788                                frame->parent_tsf[0]);
 
7790         /* Convert signal to DBM */
 
7791         ipw_rt->rt_dbmsignal = antsignal;
 
7792         ipw_rt->rt_dbmnoise = frame->noise;
 
7794         /* Convert the channel data and set the flags */
 
7795         ipw_rt->rt_channel = cpu_to_le16(ieee80211chan2mhz(received_channel));
 
7796         if (received_channel > 14) {    /* 802.11a */
 
7797                 ipw_rt->rt_chbitmask =
 
7798                     cpu_to_le16((IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ));
 
7799         } else if (antennaAndPhy & 32) {        /* 802.11b */
 
7800                 ipw_rt->rt_chbitmask =
 
7801                     cpu_to_le16((IEEE80211_CHAN_CCK | IEEE80211_CHAN_2GHZ));
 
7802         } else {                /* 802.11g */
 
7803                 ipw_rt->rt_chbitmask =
 
7804                     (IEEE80211_CHAN_OFDM | IEEE80211_CHAN_2GHZ);
 
7807         /* set the rate in multiples of 500k/s */
 
7809         case IPW_TX_RATE_1MB:
 
7810                 ipw_rt->rt_rate = 2;
 
7812         case IPW_TX_RATE_2MB:
 
7813                 ipw_rt->rt_rate = 4;
 
7815         case IPW_TX_RATE_5MB:
 
7816                 ipw_rt->rt_rate = 10;
 
7818         case IPW_TX_RATE_6MB:
 
7819                 ipw_rt->rt_rate = 12;
 
7821         case IPW_TX_RATE_9MB:
 
7822                 ipw_rt->rt_rate = 18;
 
7824         case IPW_TX_RATE_11MB:
 
7825                 ipw_rt->rt_rate = 22;
 
7827         case IPW_TX_RATE_12MB:
 
7828                 ipw_rt->rt_rate = 24;
 
7830         case IPW_TX_RATE_18MB:
 
7831                 ipw_rt->rt_rate = 36;
 
7833         case IPW_TX_RATE_24MB:
 
7834                 ipw_rt->rt_rate = 48;
 
7836         case IPW_TX_RATE_36MB:
 
7837                 ipw_rt->rt_rate = 72;
 
7839         case IPW_TX_RATE_48MB:
 
7840                 ipw_rt->rt_rate = 96;
 
7842         case IPW_TX_RATE_54MB:
 
7843                 ipw_rt->rt_rate = 108;
 
7846                 ipw_rt->rt_rate = 0;
 
7850         /* antenna number */
 
7851         ipw_rt->rt_antenna = (antennaAndPhy & 3);       /* Is this right? */
 
7853         /* set the preamble flag if we have it */
 
7854         if ((antennaAndPhy & 64))
 
7855                 ipw_rt->rt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
 
7857         /* Set the size of the skb to the size of the frame */
 
7858         skb_put(rxb->skb, len + sizeof(struct ipw_rt_hdr));
 
7860         IPW_DEBUG_RX("Rx packet of %d bytes.\n", rxb->skb->len);
 
7862         if (!ieee80211_rx(priv->ieee, rxb->skb, stats))
 
7863                 priv->ieee->stats.rx_errors++;
 
7864         else {                  /* ieee80211_rx succeeded, so it now owns the SKB */
 
7866                 /* no LED during capture */
 
7871 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
7872 #define ieee80211_is_probe_response(fc) \
 
7873    ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT && \
 
7874     (fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP )
 
7876 #define ieee80211_is_management(fc) \
 
7877    ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)
 
7879 #define ieee80211_is_control(fc) \
 
7880    ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL)
 
7882 #define ieee80211_is_data(fc) \
 
7883    ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
 
7885 #define ieee80211_is_assoc_request(fc) \
 
7886    ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_ASSOC_REQ)
 
7888 #define ieee80211_is_reassoc_request(fc) \
 
7889    ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_REASSOC_REQ)
 
7891 static void ipw_handle_promiscuous_rx(struct ipw_priv *priv,
 
7892                                       struct ipw_rx_mem_buffer *rxb,
 
7893                                       struct ieee80211_rx_stats *stats)
 
7895         struct ipw_rx_packet *pkt = (struct ipw_rx_packet *)rxb->skb->data;
 
7896         struct ipw_rx_frame *frame = &pkt->u.frame;
 
7897         struct ipw_rt_hdr *ipw_rt;
 
7899         /* First cache any information we need before we overwrite
 
7900          * the information provided in the skb from the hardware */
 
7901         struct ieee80211_hdr *hdr;
 
7902         u16 channel = frame->received_channel;
 
7903         u8 phy_flags = frame->antennaAndPhy;
 
7904         s8 signal = frame->rssi_dbm - IPW_RSSI_TO_DBM;
 
7905         s8 noise = frame->noise;
 
7906         u8 rate = frame->rate;
 
7907         short len = le16_to_cpu(pkt->u.frame.length);
 
7908         struct sk_buff *skb;
 
7910         u16 filter = priv->prom_priv->filter;
 
7912         /* If the filter is set to not include Rx frames then return */
 
7913         if (filter & IPW_PROM_NO_RX)
 
7916         /* We received data from the HW, so stop the watchdog */
 
7917         priv->prom_net_dev->trans_start = jiffies;
 
7919         if (unlikely((len + IPW_RX_FRAME_SIZE) > skb_tailroom(rxb->skb))) {
 
7920                 priv->prom_priv->ieee->stats.rx_errors++;
 
7921                 IPW_DEBUG_DROP("Corruption detected! Oh no!\n");
 
7925         /* We only process data packets if the interface is open */
 
7926         if (unlikely(!netif_running(priv->prom_net_dev))) {
 
7927                 priv->prom_priv->ieee->stats.rx_dropped++;
 
7928                 IPW_DEBUG_DROP("Dropping packet while interface is not up.\n");
 
7932         /* Libpcap 0.9.3+ can handle variable length radiotap, so we'll use
 
7934         if (len > IPW_RX_BUF_SIZE - sizeof(struct ipw_rt_hdr)) {
 
7935                 /* FIXME: Should alloc bigger skb instead */
 
7936                 priv->prom_priv->ieee->stats.rx_dropped++;
 
7937                 IPW_DEBUG_DROP("Dropping too large packet in monitor\n");
 
7941         hdr = (void *)rxb->skb->data + IPW_RX_FRAME_SIZE;
 
7942         if (ieee80211_is_management(le16_to_cpu(hdr->frame_ctl))) {
 
7943                 if (filter & IPW_PROM_NO_MGMT)
 
7945                 if (filter & IPW_PROM_MGMT_HEADER_ONLY)
 
7947         } else if (ieee80211_is_control(le16_to_cpu(hdr->frame_ctl))) {
 
7948                 if (filter & IPW_PROM_NO_CTL)
 
7950                 if (filter & IPW_PROM_CTL_HEADER_ONLY)
 
7952         } else if (ieee80211_is_data(le16_to_cpu(hdr->frame_ctl))) {
 
7953                 if (filter & IPW_PROM_NO_DATA)
 
7955                 if (filter & IPW_PROM_DATA_HEADER_ONLY)
 
7959         /* Copy the SKB since this is for the promiscuous side */
 
7960         skb = skb_copy(rxb->skb, GFP_ATOMIC);
 
7962                 IPW_ERROR("skb_clone failed for promiscuous copy.\n");
 
7966         /* copy the frame data to write after where the radiotap header goes */
 
7967         ipw_rt = (void *)skb->data;
 
7970                 len = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
 
7972         memcpy(ipw_rt->payload, hdr, len);
 
7974         /* Zero the radiotap static buffer  ...  We only need to zero the bytes
 
7975          * NOT part of our real header, saves a little time.
 
7977          * No longer necessary since we fill in all our data.  Purge before
 
7978          * merging patch officially.
 
7979          * memset(rxb->skb->data + sizeof(struct ipw_rt_hdr), 0,
 
7980          *        IEEE80211_RADIOTAP_HDRLEN - sizeof(struct ipw_rt_hdr));
 
7983         ipw_rt->rt_hdr.it_version = PKTHDR_RADIOTAP_VERSION;
 
7984         ipw_rt->rt_hdr.it_pad = 0;      /* always good to zero */
 
7985         ipw_rt->rt_hdr.it_len = sizeof(*ipw_rt);        /* total header+data */
 
7987         /* Set the size of the skb to the size of the frame */
 
7988         skb_put(skb, ipw_rt->rt_hdr.it_len + len);
 
7990         /* Big bitfield of all the fields we provide in radiotap */
 
7991         ipw_rt->rt_hdr.it_present =
 
7992             ((1 << IEEE80211_RADIOTAP_TSFT) |
 
7993              (1 << IEEE80211_RADIOTAP_FLAGS) |
 
7994              (1 << IEEE80211_RADIOTAP_RATE) |
 
7995              (1 << IEEE80211_RADIOTAP_CHANNEL) |
 
7996              (1 << IEEE80211_RADIOTAP_DBM_ANTSIGNAL) |
 
7997              (1 << IEEE80211_RADIOTAP_DBM_ANTNOISE) |
 
7998              (1 << IEEE80211_RADIOTAP_ANTENNA));
 
8000         /* Zero the flags, we'll add to them as we go */
 
8001         ipw_rt->rt_flags = 0;
 
8002         ipw_rt->rt_tsf = (u64)(frame->parent_tsf[3] << 24 |
 
8003                                frame->parent_tsf[2] << 16 |
 
8004                                frame->parent_tsf[1] << 8  |
 
8005                                frame->parent_tsf[0]);
 
8007         /* Convert to DBM */
 
8008         ipw_rt->rt_dbmsignal = signal;
 
8009         ipw_rt->rt_dbmnoise = noise;
 
8011         /* Convert the channel data and set the flags */
 
8012         ipw_rt->rt_channel = cpu_to_le16(ieee80211chan2mhz(channel));
 
8013         if (channel > 14) {     /* 802.11a */
 
8014                 ipw_rt->rt_chbitmask =
 
8015                     cpu_to_le16((IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ));
 
8016         } else if (phy_flags & (1 << 5)) {      /* 802.11b */
 
8017                 ipw_rt->rt_chbitmask =
 
8018                     cpu_to_le16((IEEE80211_CHAN_CCK | IEEE80211_CHAN_2GHZ));
 
8019         } else {                /* 802.11g */
 
8020                 ipw_rt->rt_chbitmask =
 
8021                     (IEEE80211_CHAN_OFDM | IEEE80211_CHAN_2GHZ);
 
8024         /* set the rate in multiples of 500k/s */
 
8026         case IPW_TX_RATE_1MB:
 
8027                 ipw_rt->rt_rate = 2;
 
8029         case IPW_TX_RATE_2MB:
 
8030                 ipw_rt->rt_rate = 4;
 
8032         case IPW_TX_RATE_5MB:
 
8033                 ipw_rt->rt_rate = 10;
 
8035         case IPW_TX_RATE_6MB:
 
8036                 ipw_rt->rt_rate = 12;
 
8038         case IPW_TX_RATE_9MB:
 
8039                 ipw_rt->rt_rate = 18;
 
8041         case IPW_TX_RATE_11MB:
 
8042                 ipw_rt->rt_rate = 22;
 
8044         case IPW_TX_RATE_12MB:
 
8045                 ipw_rt->rt_rate = 24;
 
8047         case IPW_TX_RATE_18MB:
 
8048                 ipw_rt->rt_rate = 36;
 
8050         case IPW_TX_RATE_24MB:
 
8051                 ipw_rt->rt_rate = 48;
 
8053         case IPW_TX_RATE_36MB:
 
8054                 ipw_rt->rt_rate = 72;
 
8056         case IPW_TX_RATE_48MB:
 
8057                 ipw_rt->rt_rate = 96;
 
8059         case IPW_TX_RATE_54MB:
 
8060                 ipw_rt->rt_rate = 108;
 
8063                 ipw_rt->rt_rate = 0;
 
8067         /* antenna number */
 
8068         ipw_rt->rt_antenna = (phy_flags & 3);
 
8070         /* set the preamble flag if we have it */
 
8071         if (phy_flags & (1 << 6))
 
8072                 ipw_rt->rt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
 
8074         IPW_DEBUG_RX("Rx packet of %d bytes.\n", skb->len);
 
8076         if (!ieee80211_rx(priv->prom_priv->ieee, skb, stats)) {
 
8077                 priv->prom_priv->ieee->stats.rx_errors++;
 
8078                 dev_kfree_skb_any(skb);
 
8083 static int is_network_packet(struct ipw_priv *priv,
 
8084                                     struct ieee80211_hdr_4addr *header)
 
8086         /* Filter incoming packets to determine if they are targetted toward
 
8087          * this network, discarding packets coming from ourselves */
 
8088         switch (priv->ieee->iw_mode) {
 
8089         case IW_MODE_ADHOC:     /* Header: Dest. | Source    | BSSID */
 
8090                 /* packets from our adapter are dropped (echo) */
 
8091                 if (!memcmp(header->addr2, priv->net_dev->dev_addr, ETH_ALEN))
 
8094                 /* {broad,multi}cast packets to our BSSID go through */
 
8095                 if (is_multicast_ether_addr(header->addr1))
 
8096                         return !memcmp(header->addr3, priv->bssid, ETH_ALEN);
 
8098                 /* packets to our adapter go through */
 
8099                 return !memcmp(header->addr1, priv->net_dev->dev_addr,
 
8102         case IW_MODE_INFRA:     /* Header: Dest. | BSSID | Source */
 
8103                 /* packets from our adapter are dropped (echo) */
 
8104                 if (!memcmp(header->addr3, priv->net_dev->dev_addr, ETH_ALEN))
 
8107                 /* {broad,multi}cast packets to our BSS go through */
 
8108                 if (is_multicast_ether_addr(header->addr1))
 
8109                         return !memcmp(header->addr2, priv->bssid, ETH_ALEN);
 
8111                 /* packets to our adapter go through */
 
8112                 return !memcmp(header->addr1, priv->net_dev->dev_addr,
 
8119 #define IPW_PACKET_RETRY_TIME HZ
 
8121 static  int is_duplicate_packet(struct ipw_priv *priv,
 
8122                                       struct ieee80211_hdr_4addr *header)
 
8124         u16 sc = le16_to_cpu(header->seq_ctl);
 
8125         u16 seq = WLAN_GET_SEQ_SEQ(sc);
 
8126         u16 frag = WLAN_GET_SEQ_FRAG(sc);
 
8127         u16 *last_seq, *last_frag;
 
8128         unsigned long *last_time;
 
8130         switch (priv->ieee->iw_mode) {
 
8133                         struct list_head *p;
 
8134                         struct ipw_ibss_seq *entry = NULL;
 
8135                         u8 *mac = header->addr2;
 
8136                         int index = mac[5] % IPW_IBSS_MAC_HASH_SIZE;
 
8138                         __list_for_each(p, &priv->ibss_mac_hash[index]) {
 
8140                                     list_entry(p, struct ipw_ibss_seq, list);
 
8141                                 if (!memcmp(entry->mac, mac, ETH_ALEN))
 
8144                         if (p == &priv->ibss_mac_hash[index]) {
 
8145                                 entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
 
8148                                             ("Cannot malloc new mac entry\n");
 
8151                                 memcpy(entry->mac, mac, ETH_ALEN);
 
8152                                 entry->seq_num = seq;
 
8153                                 entry->frag_num = frag;
 
8154                                 entry->packet_time = jiffies;
 
8155                                 list_add(&entry->list,
 
8156                                          &priv->ibss_mac_hash[index]);
 
8159                         last_seq = &entry->seq_num;
 
8160                         last_frag = &entry->frag_num;
 
8161                         last_time = &entry->packet_time;
 
8165                 last_seq = &priv->last_seq_num;
 
8166                 last_frag = &priv->last_frag_num;
 
8167                 last_time = &priv->last_packet_time;
 
8172         if ((*last_seq == seq) &&
 
8173             time_after(*last_time + IPW_PACKET_RETRY_TIME, jiffies)) {
 
8174                 if (*last_frag == frag)
 
8176                 if (*last_frag + 1 != frag)
 
8177                         /* out-of-order fragment */
 
8183         *last_time = jiffies;
 
8187         /* Comment this line now since we observed the card receives
 
8188          * duplicate packets but the FCTL_RETRY bit is not set in the
 
8189          * IBSS mode with fragmentation enabled.
 
8190          BUG_ON(!(le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_RETRY)); */
 
8194 static void ipw_handle_mgmt_packet(struct ipw_priv *priv,
 
8195                                    struct ipw_rx_mem_buffer *rxb,
 
8196                                    struct ieee80211_rx_stats *stats)
 
8198         struct sk_buff *skb = rxb->skb;
 
8199         struct ipw_rx_packet *pkt = (struct ipw_rx_packet *)skb->data;
 
8200         struct ieee80211_hdr_4addr *header = (struct ieee80211_hdr_4addr *)
 
8201             (skb->data + IPW_RX_FRAME_SIZE);
 
8203         ieee80211_rx_mgt(priv->ieee, header, stats);
 
8205         if (priv->ieee->iw_mode == IW_MODE_ADHOC &&
 
8206             ((WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)) ==
 
8207               IEEE80211_STYPE_PROBE_RESP) ||
 
8208              (WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)) ==
 
8209               IEEE80211_STYPE_BEACON))) {
 
8210                 if (!memcmp(header->addr3, priv->bssid, ETH_ALEN))
 
8211                         ipw_add_station(priv, header->addr2);
 
8214         if (priv->config & CFG_NET_STATS) {
 
8215                 IPW_DEBUG_HC("sending stat packet\n");
 
8217                 /* Set the size of the skb to the size of the full
 
8218                  * ipw header and 802.11 frame */
 
8219                 skb_put(skb, le16_to_cpu(pkt->u.frame.length) +
 
8222                 /* Advance past the ipw packet header to the 802.11 frame */
 
8223                 skb_pull(skb, IPW_RX_FRAME_SIZE);
 
8225                 /* Push the ieee80211_rx_stats before the 802.11 frame */
 
8226                 memcpy(skb_push(skb, sizeof(*stats)), stats, sizeof(*stats));
 
8228                 skb->dev = priv->ieee->dev;
 
8230                 /* Point raw at the ieee80211_stats */
 
8231                 skb_reset_mac_header(skb);
 
8233                 skb->pkt_type = PACKET_OTHERHOST;
 
8234                 skb->protocol = __constant_htons(ETH_P_80211_STATS);
 
8235                 memset(skb->cb, 0, sizeof(rxb->skb->cb));
 
8242  * Main entry function for recieving a packet with 80211 headers.  This
 
8243  * should be called when ever the FW has notified us that there is a new
 
8244  * skb in the recieve queue.
 
8246 static void ipw_rx(struct ipw_priv *priv)
 
8248         struct ipw_rx_mem_buffer *rxb;
 
8249         struct ipw_rx_packet *pkt;
 
8250         struct ieee80211_hdr_4addr *header;
 
8253         DECLARE_MAC_BUF(mac);
 
8254         DECLARE_MAC_BUF(mac2);
 
8255         DECLARE_MAC_BUF(mac3);
 
8257         r = ipw_read32(priv, IPW_RX_READ_INDEX);
 
8258         w = ipw_read32(priv, IPW_RX_WRITE_INDEX);
 
8259         i = (priv->rxq->processed + 1) % RX_QUEUE_SIZE;
 
8262                 rxb = priv->rxq->queue[i];
 
8263                 if (unlikely(rxb == NULL)) {
 
8264                         printk(KERN_CRIT "Queue not allocated!\n");
 
8267                 priv->rxq->queue[i] = NULL;
 
8269                 pci_dma_sync_single_for_cpu(priv->pci_dev, rxb->dma_addr,
 
8271                                             PCI_DMA_FROMDEVICE);
 
8273                 pkt = (struct ipw_rx_packet *)rxb->skb->data;
 
8274                 IPW_DEBUG_RX("Packet: type=%02X seq=%02X bits=%02X\n",
 
8275                              pkt->header.message_type,
 
8276                              pkt->header.rx_seq_num, pkt->header.control_bits);
 
8278                 switch (pkt->header.message_type) {
 
8279                 case RX_FRAME_TYPE:     /* 802.11 frame */  {
 
8280                                 struct ieee80211_rx_stats stats = {
 
8281                                         .rssi = pkt->u.frame.rssi_dbm -
 
8284                                             le16_to_cpu(pkt->u.frame.rssi_dbm) -
 
8285                                             IPW_RSSI_TO_DBM + 0x100,
 
8287                                             le16_to_cpu(pkt->u.frame.noise),
 
8288                                         .rate = pkt->u.frame.rate,
 
8289                                         .mac_time = jiffies,
 
8291                                             pkt->u.frame.received_channel,
 
8294                                              control & (1 << 0)) ?
 
8295                                             IEEE80211_24GHZ_BAND :
 
8296                                             IEEE80211_52GHZ_BAND,
 
8297                                         .len = le16_to_cpu(pkt->u.frame.length),
 
8300                                 if (stats.rssi != 0)
 
8301                                         stats.mask |= IEEE80211_STATMASK_RSSI;
 
8302                                 if (stats.signal != 0)
 
8303                                         stats.mask |= IEEE80211_STATMASK_SIGNAL;
 
8304                                 if (stats.noise != 0)
 
8305                                         stats.mask |= IEEE80211_STATMASK_NOISE;
 
8306                                 if (stats.rate != 0)
 
8307                                         stats.mask |= IEEE80211_STATMASK_RATE;
 
8311 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
8312         if (priv->prom_net_dev && netif_running(priv->prom_net_dev))
 
8313                 ipw_handle_promiscuous_rx(priv, rxb, &stats);
 
8316 #ifdef CONFIG_IPW2200_MONITOR
 
8317                                 if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
 
8318 #ifdef CONFIG_IPW2200_RADIOTAP
 
8320                 ipw_handle_data_packet_monitor(priv,
 
8324                 ipw_handle_data_packet(priv, rxb,
 
8332                                     (struct ieee80211_hdr_4addr *)(rxb->skb->
 
8335                                 /* TODO: Check Ad-Hoc dest/source and make sure
 
8336                                  * that we are actually parsing these packets
 
8337                                  * correctly -- we should probably use the
 
8338                                  * frame control of the packet and disregard
 
8339                                  * the current iw_mode */
 
8342                                     is_network_packet(priv, header);
 
8343                                 if (network_packet && priv->assoc_network) {
 
8344                                         priv->assoc_network->stats.rssi =
 
8346                                         priv->exp_avg_rssi =
 
8347                                             exponential_average(priv->exp_avg_rssi,
 
8348                                             stats.rssi, DEPTH_RSSI);
 
8351                                 IPW_DEBUG_RX("Frame: len=%u\n",
 
8352                                              le16_to_cpu(pkt->u.frame.length));
 
8354                                 if (le16_to_cpu(pkt->u.frame.length) <
 
8355                                     ieee80211_get_hdrlen(le16_to_cpu(
 
8356                                                     header->frame_ctl))) {
 
8358                                             ("Received packet is too small. "
 
8360                                         priv->ieee->stats.rx_errors++;
 
8361                                         priv->wstats.discard.misc++;
 
8365                                 switch (WLAN_FC_GET_TYPE
 
8366                                         (le16_to_cpu(header->frame_ctl))) {
 
8368                                 case IEEE80211_FTYPE_MGMT:
 
8369                                         ipw_handle_mgmt_packet(priv, rxb,
 
8373                                 case IEEE80211_FTYPE_CTL:
 
8376                                 case IEEE80211_FTYPE_DATA:
 
8377                                         if (unlikely(!network_packet ||
 
8378                                                      is_duplicate_packet(priv,
 
8381                                                 IPW_DEBUG_DROP("Dropping: "
 
8397                                         ipw_handle_data_packet(priv, rxb,
 
8405                 case RX_HOST_NOTIFICATION_TYPE:{
 
8407                                     ("Notification: subtype=%02X flags=%02X size=%d\n",
 
8408                                      pkt->u.notification.subtype,
 
8409                                      pkt->u.notification.flags,
 
8410                                      le16_to_cpu(pkt->u.notification.size));
 
8411                                 ipw_rx_notification(priv, &pkt->u.notification);
 
8416                         IPW_DEBUG_RX("Bad Rx packet of type %d\n",
 
8417                                      pkt->header.message_type);
 
8421                 /* For now we just don't re-use anything.  We can tweak this
 
8422                  * later to try and re-use notification packets and SKBs that
 
8423                  * fail to Rx correctly */
 
8424                 if (rxb->skb != NULL) {
 
8425                         dev_kfree_skb_any(rxb->skb);
 
8429                 pci_unmap_single(priv->pci_dev, rxb->dma_addr,
 
8430                                  IPW_RX_BUF_SIZE, PCI_DMA_FROMDEVICE);
 
8431                 list_add_tail(&rxb->list, &priv->rxq->rx_used);
 
8433                 i = (i + 1) % RX_QUEUE_SIZE;
 
8436         /* Backtrack one entry */
 
8437         priv->rxq->processed = (i ? i : RX_QUEUE_SIZE) - 1;
 
8439         ipw_rx_queue_restock(priv);
 
8442 #define DEFAULT_RTS_THRESHOLD     2304U
 
8443 #define MIN_RTS_THRESHOLD         1U
 
8444 #define MAX_RTS_THRESHOLD         2304U
 
8445 #define DEFAULT_BEACON_INTERVAL   100U
 
8446 #define DEFAULT_SHORT_RETRY_LIMIT 7U
 
8447 #define DEFAULT_LONG_RETRY_LIMIT  4U
 
8451  * @option: options to control different reset behaviour
 
8452  *          0 = reset everything except the 'disable' module_param
 
8453  *          1 = reset everything and print out driver info (for probe only)
 
8454  *          2 = reset everything
 
8456 static int ipw_sw_reset(struct ipw_priv *priv, int option)
 
8458         int band, modulation;
 
8459         int old_mode = priv->ieee->iw_mode;
 
8461         /* Initialize module parameter values here */
 
8464         /* We default to disabling the LED code as right now it causes
 
8465          * too many systems to lock up... */
 
8467                 priv->config |= CFG_NO_LED;
 
8470                 priv->config |= CFG_ASSOCIATE;
 
8472                 IPW_DEBUG_INFO("Auto associate disabled.\n");
 
8475                 priv->config |= CFG_ADHOC_CREATE;
 
8477                 IPW_DEBUG_INFO("Auto adhoc creation disabled.\n");
 
8479         priv->config &= ~CFG_STATIC_ESSID;
 
8480         priv->essid_len = 0;
 
8481         memset(priv->essid, 0, IW_ESSID_MAX_SIZE);
 
8483         if (disable && option) {
 
8484                 priv->status |= STATUS_RF_KILL_SW;
 
8485                 IPW_DEBUG_INFO("Radio disabled.\n");
 
8489                 priv->config |= CFG_STATIC_CHANNEL;
 
8490                 priv->channel = channel;
 
8491                 IPW_DEBUG_INFO("Bind to static channel %d\n", channel);
 
8492                 /* TODO: Validate that provided channel is in range */
 
8494 #ifdef CONFIG_IPW2200_QOS
 
8495         ipw_qos_init(priv, qos_enable, qos_burst_enable,
 
8496                      burst_duration_CCK, burst_duration_OFDM);
 
8497 #endif                          /* CONFIG_IPW2200_QOS */
 
8501                 priv->ieee->iw_mode = IW_MODE_ADHOC;
 
8502                 priv->net_dev->type = ARPHRD_ETHER;
 
8505 #ifdef CONFIG_IPW2200_MONITOR
 
8507                 priv->ieee->iw_mode = IW_MODE_MONITOR;
 
8508 #ifdef CONFIG_IPW2200_RADIOTAP
 
8509                 priv->net_dev->type = ARPHRD_IEEE80211_RADIOTAP;
 
8511                 priv->net_dev->type = ARPHRD_IEEE80211;
 
8517                 priv->net_dev->type = ARPHRD_ETHER;
 
8518                 priv->ieee->iw_mode = IW_MODE_INFRA;
 
8523                 priv->ieee->host_encrypt = 0;
 
8524                 priv->ieee->host_encrypt_msdu = 0;
 
8525                 priv->ieee->host_decrypt = 0;
 
8526                 priv->ieee->host_mc_decrypt = 0;
 
8528         IPW_DEBUG_INFO("Hardware crypto [%s]\n", hwcrypto ? "on" : "off");
 
8530         /* IPW2200/2915 is abled to do hardware fragmentation. */
 
8531         priv->ieee->host_open_frag = 0;
 
8533         if ((priv->pci_dev->device == 0x4223) ||
 
8534             (priv->pci_dev->device == 0x4224)) {
 
8536                         printk(KERN_INFO DRV_NAME
 
8537                                ": Detected Intel PRO/Wireless 2915ABG Network "
 
8539                 priv->ieee->abg_true = 1;
 
8540                 band = IEEE80211_52GHZ_BAND | IEEE80211_24GHZ_BAND;
 
8541                 modulation = IEEE80211_OFDM_MODULATION |
 
8542                     IEEE80211_CCK_MODULATION;
 
8543                 priv->adapter = IPW_2915ABG;
 
8544                 priv->ieee->mode = IEEE_A | IEEE_G | IEEE_B;
 
8547                         printk(KERN_INFO DRV_NAME
 
8548                                ": Detected Intel PRO/Wireless 2200BG Network "
 
8551                 priv->ieee->abg_true = 0;
 
8552                 band = IEEE80211_24GHZ_BAND;
 
8553                 modulation = IEEE80211_OFDM_MODULATION |
 
8554                     IEEE80211_CCK_MODULATION;
 
8555                 priv->adapter = IPW_2200BG;
 
8556                 priv->ieee->mode = IEEE_G | IEEE_B;
 
8559         priv->ieee->freq_band = band;
 
8560         priv->ieee->modulation = modulation;
 
8562         priv->rates_mask = IEEE80211_DEFAULT_RATES_MASK;
 
8564         priv->disassociate_threshold = IPW_MB_DISASSOCIATE_THRESHOLD_DEFAULT;
 
8565         priv->roaming_threshold = IPW_MB_ROAMING_THRESHOLD_DEFAULT;
 
8567         priv->rts_threshold = DEFAULT_RTS_THRESHOLD;
 
8568         priv->short_retry_limit = DEFAULT_SHORT_RETRY_LIMIT;
 
8569         priv->long_retry_limit = DEFAULT_LONG_RETRY_LIMIT;
 
8571         /* If power management is turned on, default to AC mode */
 
8572         priv->power_mode = IPW_POWER_AC;
 
8573         priv->tx_power = IPW_TX_POWER_DEFAULT;
 
8575         return old_mode == priv->ieee->iw_mode;
 
8579  * This file defines the Wireless Extension handlers.  It does not
 
8580  * define any methods of hardware manipulation and relies on the
 
8581  * functions defined in ipw_main to provide the HW interaction.
 
8583  * The exception to this is the use of the ipw_get_ordinal()
 
8584  * function used to poll the hardware vs. making unecessary calls.
 
8588 static int ipw_wx_get_name(struct net_device *dev,
 
8589                            struct iw_request_info *info,
 
8590                            union iwreq_data *wrqu, char *extra)
 
8592         struct ipw_priv *priv = ieee80211_priv(dev);
 
8593         mutex_lock(&priv->mutex);
 
8594         if (priv->status & STATUS_RF_KILL_MASK)
 
8595                 strcpy(wrqu->name, "radio off");
 
8596         else if (!(priv->status & STATUS_ASSOCIATED))
 
8597                 strcpy(wrqu->name, "unassociated");
 
8599                 snprintf(wrqu->name, IFNAMSIZ, "IEEE 802.11%c",
 
8600                          ipw_modes[priv->assoc_request.ieee_mode]);
 
8601         IPW_DEBUG_WX("Name: %s\n", wrqu->name);
 
8602         mutex_unlock(&priv->mutex);
 
8606 static int ipw_set_channel(struct ipw_priv *priv, u8 channel)
 
8609                 IPW_DEBUG_INFO("Setting channel to ANY (0)\n");
 
8610                 priv->config &= ~CFG_STATIC_CHANNEL;
 
8611                 IPW_DEBUG_ASSOC("Attempting to associate with new "
 
8613                 ipw_associate(priv);
 
8617         priv->config |= CFG_STATIC_CHANNEL;
 
8619         if (priv->channel == channel) {
 
8620                 IPW_DEBUG_INFO("Request to set channel to current value (%d)\n",
 
8625         IPW_DEBUG_INFO("Setting channel to %i\n", (int)channel);
 
8626         priv->channel = channel;
 
8628 #ifdef CONFIG_IPW2200_MONITOR
 
8629         if (priv->ieee->iw_mode == IW_MODE_MONITOR) {
 
8631                 if (priv->status & STATUS_SCANNING) {
 
8632                         IPW_DEBUG_SCAN("Scan abort triggered due to "
 
8633                                        "channel change.\n");
 
8634                         ipw_abort_scan(priv);
 
8637                 for (i = 1000; i && (priv->status & STATUS_SCANNING); i--)
 
8640                 if (priv->status & STATUS_SCANNING)
 
8641                         IPW_DEBUG_SCAN("Still scanning...\n");
 
8643                         IPW_DEBUG_SCAN("Took %dms to abort current scan\n",
 
8648 #endif                          /* CONFIG_IPW2200_MONITOR */
 
8650         /* Network configuration changed -- force [re]association */
 
8651         IPW_DEBUG_ASSOC("[re]association triggered due to channel change.\n");
 
8652         if (!ipw_disassociate(priv))
 
8653                 ipw_associate(priv);
 
8658 static int ipw_wx_set_freq(struct net_device *dev,
 
8659                            struct iw_request_info *info,
 
8660                            union iwreq_data *wrqu, char *extra)
 
8662         struct ipw_priv *priv = ieee80211_priv(dev);
 
8663         const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
 
8664         struct iw_freq *fwrq = &wrqu->freq;
 
8670                 IPW_DEBUG_WX("SET Freq/Channel -> any\n");
 
8671                 mutex_lock(&priv->mutex);
 
8672                 ret = ipw_set_channel(priv, 0);
 
8673                 mutex_unlock(&priv->mutex);
 
8676         /* if setting by freq convert to channel */
 
8678                 channel = ieee80211_freq_to_channel(priv->ieee, fwrq->m);
 
8684         if (!(band = ieee80211_is_valid_channel(priv->ieee, channel)))
 
8687         if (priv->ieee->iw_mode == IW_MODE_ADHOC) {
 
8688                 i = ieee80211_channel_to_index(priv->ieee, channel);
 
8692                 flags = (band == IEEE80211_24GHZ_BAND) ?
 
8693                     geo->bg[i].flags : geo->a[i].flags;
 
8694                 if (flags & IEEE80211_CH_PASSIVE_ONLY) {
 
8695                         IPW_DEBUG_WX("Invalid Ad-Hoc channel for 802.11a\n");
 
8700         IPW_DEBUG_WX("SET Freq/Channel -> %d \n", fwrq->m);
 
8701         mutex_lock(&priv->mutex);
 
8702         ret = ipw_set_channel(priv, channel);
 
8703         mutex_unlock(&priv->mutex);
 
8707 static int ipw_wx_get_freq(struct net_device *dev,
 
8708                            struct iw_request_info *info,
 
8709                            union iwreq_data *wrqu, char *extra)
 
8711         struct ipw_priv *priv = ieee80211_priv(dev);
 
8715         /* If we are associated, trying to associate, or have a statically
 
8716          * configured CHANNEL then return that; otherwise return ANY */
 
8717         mutex_lock(&priv->mutex);
 
8718         if (priv->config & CFG_STATIC_CHANNEL ||
 
8719             priv->status & (STATUS_ASSOCIATING | STATUS_ASSOCIATED)) {
 
8722                 i = ieee80211_channel_to_index(priv->ieee, priv->channel);
 
8726                 switch (ieee80211_is_valid_channel(priv->ieee, priv->channel)) {
 
8727                 case IEEE80211_52GHZ_BAND:
 
8728                         wrqu->freq.m = priv->ieee->geo.a[i].freq * 100000;
 
8731                 case IEEE80211_24GHZ_BAND:
 
8732                         wrqu->freq.m = priv->ieee->geo.bg[i].freq * 100000;
 
8741         mutex_unlock(&priv->mutex);
 
8742         IPW_DEBUG_WX("GET Freq/Channel -> %d \n", priv->channel);
 
8746 static int ipw_wx_set_mode(struct net_device *dev,
 
8747                            struct iw_request_info *info,
 
8748                            union iwreq_data *wrqu, char *extra)
 
8750         struct ipw_priv *priv = ieee80211_priv(dev);
 
8753         IPW_DEBUG_WX("Set MODE: %d\n", wrqu->mode);
 
8755         switch (wrqu->mode) {
 
8756 #ifdef CONFIG_IPW2200_MONITOR
 
8757         case IW_MODE_MONITOR:
 
8763                 wrqu->mode = IW_MODE_INFRA;
 
8768         if (wrqu->mode == priv->ieee->iw_mode)
 
8771         mutex_lock(&priv->mutex);
 
8773         ipw_sw_reset(priv, 0);
 
8775 #ifdef CONFIG_IPW2200_MONITOR
 
8776         if (priv->ieee->iw_mode == IW_MODE_MONITOR)
 
8777                 priv->net_dev->type = ARPHRD_ETHER;
 
8779         if (wrqu->mode == IW_MODE_MONITOR)
 
8780 #ifdef CONFIG_IPW2200_RADIOTAP
 
8781                 priv->net_dev->type = ARPHRD_IEEE80211_RADIOTAP;
 
8783                 priv->net_dev->type = ARPHRD_IEEE80211;
 
8785 #endif                          /* CONFIG_IPW2200_MONITOR */
 
8787         /* Free the existing firmware and reset the fw_loaded
 
8788          * flag so ipw_load() will bring in the new firmawre */
 
8791         priv->ieee->iw_mode = wrqu->mode;
 
8793         queue_work(priv->workqueue, &priv->adapter_restart);
 
8794         mutex_unlock(&priv->mutex);
 
8798 static int ipw_wx_get_mode(struct net_device *dev,
 
8799                            struct iw_request_info *info,
 
8800                            union iwreq_data *wrqu, char *extra)
 
8802         struct ipw_priv *priv = ieee80211_priv(dev);
 
8803         mutex_lock(&priv->mutex);
 
8804         wrqu->mode = priv->ieee->iw_mode;
 
8805         IPW_DEBUG_WX("Get MODE -> %d\n", wrqu->mode);
 
8806         mutex_unlock(&priv->mutex);
 
8810 /* Values are in microsecond */
 
8811 static const s32 timeout_duration[] = {
 
8819 static const s32 period_duration[] = {
 
8827 static int ipw_wx_get_range(struct net_device *dev,
 
8828                             struct iw_request_info *info,
 
8829                             union iwreq_data *wrqu, char *extra)
 
8831         struct ipw_priv *priv = ieee80211_priv(dev);
 
8832         struct iw_range *range = (struct iw_range *)extra;
 
8833         const struct ieee80211_geo *geo = ieee80211_get_geo(priv->ieee);
 
8836         wrqu->data.length = sizeof(*range);
 
8837         memset(range, 0, sizeof(*range));
 
8839         /* 54Mbs == ~27 Mb/s real (802.11g) */
 
8840         range->throughput = 27 * 1000 * 1000;
 
8842         range->max_qual.qual = 100;
 
8843         /* TODO: Find real max RSSI and stick here */
 
8844         range->max_qual.level = 0;
 
8845         range->max_qual.noise = 0;
 
8846         range->max_qual.updated = 7;    /* Updated all three */
 
8848         range->avg_qual.qual = 70;
 
8849         /* TODO: Find real 'good' to 'bad' threshol value for RSSI */
 
8850         range->avg_qual.level = 0;      /* FIXME to real average level */
 
8851         range->avg_qual.noise = 0;
 
8852         range->avg_qual.updated = 7;    /* Updated all three */
 
8853         mutex_lock(&priv->mutex);
 
8854         range->num_bitrates = min(priv->rates.num_rates, (u8) IW_MAX_BITRATES);
 
8856         for (i = 0; i < range->num_bitrates; i++)
 
8857                 range->bitrate[i] = (priv->rates.supported_rates[i] & 0x7F) *
 
8860         range->max_rts = DEFAULT_RTS_THRESHOLD;
 
8861         range->min_frag = MIN_FRAG_THRESHOLD;
 
8862         range->max_frag = MAX_FRAG_THRESHOLD;
 
8864         range->encoding_size[0] = 5;
 
8865         range->encoding_size[1] = 13;
 
8866         range->num_encoding_sizes = 2;
 
8867         range->max_encoding_tokens = WEP_KEYS;
 
8869         /* Set the Wireless Extension versions */
 
8870         range->we_version_compiled = WIRELESS_EXT;
 
8871         range->we_version_source = 18;
 
8874         if (priv->ieee->mode & (IEEE_B | IEEE_G)) {
 
8875                 for (j = 0; j < geo->bg_channels && i < IW_MAX_FREQUENCIES; j++) {
 
8876                         if ((priv->ieee->iw_mode == IW_MODE_ADHOC) &&
 
8877                             (geo->bg[j].flags & IEEE80211_CH_PASSIVE_ONLY))
 
8880                         range->freq[i].i = geo->bg[j].channel;
 
8881                         range->freq[i].m = geo->bg[j].freq * 100000;
 
8882                         range->freq[i].e = 1;
 
8887         if (priv->ieee->mode & IEEE_A) {
 
8888                 for (j = 0; j < geo->a_channels && i < IW_MAX_FREQUENCIES; j++) {
 
8889                         if ((priv->ieee->iw_mode == IW_MODE_ADHOC) &&
 
8890                             (geo->a[j].flags & IEEE80211_CH_PASSIVE_ONLY))
 
8893                         range->freq[i].i = geo->a[j].channel;
 
8894                         range->freq[i].m = geo->a[j].freq * 100000;
 
8895                         range->freq[i].e = 1;
 
8900         range->num_channels = i;
 
8901         range->num_frequency = i;
 
8903         mutex_unlock(&priv->mutex);
 
8905         /* Event capability (kernel + driver) */
 
8906         range->event_capa[0] = (IW_EVENT_CAPA_K_0 |
 
8907                                 IW_EVENT_CAPA_MASK(SIOCGIWTHRSPY) |
 
8908                                 IW_EVENT_CAPA_MASK(SIOCGIWAP) |
 
8909                                 IW_EVENT_CAPA_MASK(SIOCGIWSCAN));
 
8910         range->event_capa[1] = IW_EVENT_CAPA_K_1;
 
8912         range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
 
8913                 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP;
 
8915         IPW_DEBUG_WX("GET Range\n");
 
8919 static int ipw_wx_set_wap(struct net_device *dev,
 
8920                           struct iw_request_info *info,
 
8921                           union iwreq_data *wrqu, char *extra)
 
8923         struct ipw_priv *priv = ieee80211_priv(dev);
 
8924         DECLARE_MAC_BUF(mac);
 
8926         static const unsigned char any[] = {
 
8927                 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
 
8929         static const unsigned char off[] = {
 
8930                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
 
8933         if (wrqu->ap_addr.sa_family != ARPHRD_ETHER)
 
8935         mutex_lock(&priv->mutex);
 
8936         if (!memcmp(any, wrqu->ap_addr.sa_data, ETH_ALEN) ||
 
8937             !memcmp(off, wrqu->ap_addr.sa_data, ETH_ALEN)) {
 
8938                 /* we disable mandatory BSSID association */
 
8939                 IPW_DEBUG_WX("Setting AP BSSID to ANY\n");
 
8940                 priv->config &= ~CFG_STATIC_BSSID;
 
8941                 IPW_DEBUG_ASSOC("Attempting to associate with new "
 
8943                 ipw_associate(priv);
 
8944                 mutex_unlock(&priv->mutex);
 
8948         priv->config |= CFG_STATIC_BSSID;
 
8949         if (!memcmp(priv->bssid, wrqu->ap_addr.sa_data, ETH_ALEN)) {
 
8950                 IPW_DEBUG_WX("BSSID set to current BSSID.\n");
 
8951                 mutex_unlock(&priv->mutex);
 
8955         IPW_DEBUG_WX("Setting mandatory BSSID to %s\n",
 
8956                      print_mac(mac, wrqu->ap_addr.sa_data));
 
8958         memcpy(priv->bssid, wrqu->ap_addr.sa_data, ETH_ALEN);
 
8960         /* Network configuration changed -- force [re]association */
 
8961         IPW_DEBUG_ASSOC("[re]association triggered due to BSSID change.\n");
 
8962         if (!ipw_disassociate(priv))
 
8963                 ipw_associate(priv);
 
8965         mutex_unlock(&priv->mutex);
 
8969 static int ipw_wx_get_wap(struct net_device *dev,
 
8970                           struct iw_request_info *info,
 
8971                           union iwreq_data *wrqu, char *extra)
 
8973         struct ipw_priv *priv = ieee80211_priv(dev);
 
8974         DECLARE_MAC_BUF(mac);
 
8976         /* If we are associated, trying to associate, or have a statically
 
8977          * configured BSSID then return that; otherwise return ANY */
 
8978         mutex_lock(&priv->mutex);
 
8979         if (priv->config & CFG_STATIC_BSSID ||
 
8980             priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)) {
 
8981                 wrqu->ap_addr.sa_family = ARPHRD_ETHER;
 
8982                 memcpy(wrqu->ap_addr.sa_data, priv->bssid, ETH_ALEN);
 
8984                 memset(wrqu->ap_addr.sa_data, 0, ETH_ALEN);
 
8986         IPW_DEBUG_WX("Getting WAP BSSID: %s\n",
 
8987                      print_mac(mac, wrqu->ap_addr.sa_data));
 
8988         mutex_unlock(&priv->mutex);
 
8992 static int ipw_wx_set_essid(struct net_device *dev,
 
8993                             struct iw_request_info *info,
 
8994                             union iwreq_data *wrqu, char *extra)
 
8996         struct ipw_priv *priv = ieee80211_priv(dev);
 
8999         mutex_lock(&priv->mutex);
 
9001         if (!wrqu->essid.flags)
 
9003                 IPW_DEBUG_WX("Setting ESSID to ANY\n");
 
9004                 ipw_disassociate(priv);
 
9005                 priv->config &= ~CFG_STATIC_ESSID;
 
9006                 ipw_associate(priv);
 
9007                 mutex_unlock(&priv->mutex);
 
9011         length = min((int)wrqu->essid.length, IW_ESSID_MAX_SIZE);
 
9013         priv->config |= CFG_STATIC_ESSID;
 
9015         if (priv->essid_len == length && !memcmp(priv->essid, extra, length)
 
9016             && (priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING))) {
 
9017                 IPW_DEBUG_WX("ESSID set to current ESSID.\n");
 
9018                 mutex_unlock(&priv->mutex);
 
9022         IPW_DEBUG_WX("Setting ESSID: '%s' (%d)\n", escape_essid(extra, length),
 
9025         priv->essid_len = length;
 
9026         memcpy(priv->essid, extra, priv->essid_len);
 
9028         /* Network configuration changed -- force [re]association */
 
9029         IPW_DEBUG_ASSOC("[re]association triggered due to ESSID change.\n");
 
9030         if (!ipw_disassociate(priv))
 
9031                 ipw_associate(priv);
 
9033         mutex_unlock(&priv->mutex);
 
9037 static int ipw_wx_get_essid(struct net_device *dev,
 
9038                             struct iw_request_info *info,
 
9039                             union iwreq_data *wrqu, char *extra)
 
9041         struct ipw_priv *priv = ieee80211_priv(dev);
 
9043         /* If we are associated, trying to associate, or have a statically
 
9044          * configured ESSID then return that; otherwise return ANY */
 
9045         mutex_lock(&priv->mutex);
 
9046         if (priv->config & CFG_STATIC_ESSID ||
 
9047             priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)) {
 
9048                 IPW_DEBUG_WX("Getting essid: '%s'\n",
 
9049                              escape_essid(priv->essid, priv->essid_len));
 
9050                 memcpy(extra, priv->essid, priv->essid_len);
 
9051                 wrqu->essid.length = priv->essid_len;
 
9052                 wrqu->essid.flags = 1;  /* active */
 
9054                 IPW_DEBUG_WX("Getting essid: ANY\n");
 
9055                 wrqu->essid.length = 0;
 
9056                 wrqu->essid.flags = 0;  /* active */
 
9058         mutex_unlock(&priv->mutex);
 
9062 static int ipw_wx_set_nick(struct net_device *dev,
 
9063                            struct iw_request_info *info,
 
9064                            union iwreq_data *wrqu, char *extra)
 
9066         struct ipw_priv *priv = ieee80211_priv(dev);
 
9068         IPW_DEBUG_WX("Setting nick to '%s'\n", extra);
 
9069         if (wrqu->data.length > IW_ESSID_MAX_SIZE)
 
9071         mutex_lock(&priv->mutex);
 
9072         wrqu->data.length = min((size_t) wrqu->data.length, sizeof(priv->nick));
 
9073         memset(priv->nick, 0, sizeof(priv->nick));
 
9074         memcpy(priv->nick, extra, wrqu->data.length);
 
9075         IPW_DEBUG_TRACE("<<\n");
 
9076         mutex_unlock(&priv->mutex);
 
9081 static int ipw_wx_get_nick(struct net_device *dev,
 
9082                            struct iw_request_info *info,
 
9083                            union iwreq_data *wrqu, char *extra)
 
9085         struct ipw_priv *priv = ieee80211_priv(dev);
 
9086         IPW_DEBUG_WX("Getting nick\n");
 
9087         mutex_lock(&priv->mutex);
 
9088         wrqu->data.length = strlen(priv->nick);
 
9089         memcpy(extra, priv->nick, wrqu->data.length);
 
9090         wrqu->data.flags = 1;   /* active */
 
9091         mutex_unlock(&priv->mutex);
 
9095 static int ipw_wx_set_sens(struct net_device *dev,
 
9096                             struct iw_request_info *info,
 
9097                             union iwreq_data *wrqu, char *extra)
 
9099         struct ipw_priv *priv = ieee80211_priv(dev);
 
9102         IPW_DEBUG_WX("Setting roaming threshold to %d\n", wrqu->sens.value);
 
9103         IPW_DEBUG_WX("Setting disassociate threshold to %d\n", 3*wrqu->sens.value);
 
9104         mutex_lock(&priv->mutex);
 
9106         if (wrqu->sens.fixed == 0)
 
9108                 priv->roaming_threshold = IPW_MB_ROAMING_THRESHOLD_DEFAULT;
 
9109                 priv->disassociate_threshold = IPW_MB_DISASSOCIATE_THRESHOLD_DEFAULT;
 
9112         if ((wrqu->sens.value > IPW_MB_ROAMING_THRESHOLD_MAX) ||
 
9113             (wrqu->sens.value < IPW_MB_ROAMING_THRESHOLD_MIN)) {
 
9118         priv->roaming_threshold = wrqu->sens.value;
 
9119         priv->disassociate_threshold = 3*wrqu->sens.value;
 
9121         mutex_unlock(&priv->mutex);
 
9125 static int ipw_wx_get_sens(struct net_device *dev,
 
9126                             struct iw_request_info *info,
 
9127                             union iwreq_data *wrqu, char *extra)
 
9129         struct ipw_priv *priv = ieee80211_priv(dev);
 
9130         mutex_lock(&priv->mutex);
 
9131         wrqu->sens.fixed = 1;
 
9132         wrqu->sens.value = priv->roaming_threshold;
 
9133         mutex_unlock(&priv->mutex);
 
9135         IPW_DEBUG_WX("GET roaming threshold -> %s %d \n",
 
9136                      wrqu->power.disabled ? "OFF" : "ON", wrqu->power.value);
 
9141 static int ipw_wx_set_rate(struct net_device *dev,
 
9142                            struct iw_request_info *info,
 
9143                            union iwreq_data *wrqu, char *extra)
 
9145         /* TODO: We should use semaphores or locks for access to priv */
 
9146         struct ipw_priv *priv = ieee80211_priv(dev);
 
9147         u32 target_rate = wrqu->bitrate.value;
 
9150         /* value = -1, fixed = 0 means auto only, so we should use all rates offered by AP */
 
9151         /* value = X, fixed = 1 means only rate X */
 
9152         /* value = X, fixed = 0 means all rates lower equal X */
 
9154         if (target_rate == -1) {
 
9156                 mask = IEEE80211_DEFAULT_RATES_MASK;
 
9157                 /* Now we should reassociate */
 
9162         fixed = wrqu->bitrate.fixed;
 
9164         if (target_rate == 1000000 || !fixed)
 
9165                 mask |= IEEE80211_CCK_RATE_1MB_MASK;
 
9166         if (target_rate == 1000000)
 
9169         if (target_rate == 2000000 || !fixed)
 
9170                 mask |= IEEE80211_CCK_RATE_2MB_MASK;
 
9171         if (target_rate == 2000000)
 
9174         if (target_rate == 5500000 || !fixed)
 
9175                 mask |= IEEE80211_CCK_RATE_5MB_MASK;
 
9176         if (target_rate == 5500000)
 
9179         if (target_rate == 6000000 || !fixed)
 
9180                 mask |= IEEE80211_OFDM_RATE_6MB_MASK;
 
9181         if (target_rate == 6000000)
 
9184         if (target_rate == 9000000 || !fixed)
 
9185                 mask |= IEEE80211_OFDM_RATE_9MB_MASK;
 
9186         if (target_rate == 9000000)
 
9189         if (target_rate == 11000000 || !fixed)
 
9190                 mask |= IEEE80211_CCK_RATE_11MB_MASK;
 
9191         if (target_rate == 11000000)
 
9194         if (target_rate == 12000000 || !fixed)
 
9195                 mask |= IEEE80211_OFDM_RATE_12MB_MASK;
 
9196         if (target_rate == 12000000)
 
9199         if (target_rate == 18000000 || !fixed)
 
9200                 mask |= IEEE80211_OFDM_RATE_18MB_MASK;
 
9201         if (target_rate == 18000000)
 
9204         if (target_rate == 24000000 || !fixed)
 
9205                 mask |= IEEE80211_OFDM_RATE_24MB_MASK;
 
9206         if (target_rate == 24000000)
 
9209         if (target_rate == 36000000 || !fixed)
 
9210                 mask |= IEEE80211_OFDM_RATE_36MB_MASK;
 
9211         if (target_rate == 36000000)
 
9214         if (target_rate == 48000000 || !fixed)
 
9215                 mask |= IEEE80211_OFDM_RATE_48MB_MASK;
 
9216         if (target_rate == 48000000)
 
9219         if (target_rate == 54000000 || !fixed)
 
9220                 mask |= IEEE80211_OFDM_RATE_54MB_MASK;
 
9221         if (target_rate == 54000000)
 
9224         IPW_DEBUG_WX("invalid rate specified, returning error\n");
 
9228         IPW_DEBUG_WX("Setting rate mask to 0x%08X [%s]\n",
 
9229                      mask, fixed ? "fixed" : "sub-rates");
 
9230         mutex_lock(&priv->mutex);
 
9231         if (mask == IEEE80211_DEFAULT_RATES_MASK) {
 
9232                 priv->config &= ~CFG_FIXED_RATE;
 
9233                 ipw_set_fixed_rate(priv, priv->ieee->mode);
 
9235                 priv->config |= CFG_FIXED_RATE;
 
9237         if (priv->rates_mask == mask) {
 
9238                 IPW_DEBUG_WX("Mask set to current mask.\n");
 
9239                 mutex_unlock(&priv->mutex);
 
9243         priv->rates_mask = mask;
 
9245         /* Network configuration changed -- force [re]association */
 
9246         IPW_DEBUG_ASSOC("[re]association triggered due to rates change.\n");
 
9247         if (!ipw_disassociate(priv))
 
9248                 ipw_associate(priv);
 
9250         mutex_unlock(&priv->mutex);
 
9254 static int ipw_wx_get_rate(struct net_device *dev,
 
9255                            struct iw_request_info *info,
 
9256                            union iwreq_data *wrqu, char *extra)
 
9258         struct ipw_priv *priv = ieee80211_priv(dev);
 
9259         mutex_lock(&priv->mutex);
 
9260         wrqu->bitrate.value = priv->last_rate;
 
9261         wrqu->bitrate.fixed = (priv->config & CFG_FIXED_RATE) ? 1 : 0;
 
9262         mutex_unlock(&priv->mutex);
 
9263         IPW_DEBUG_WX("GET Rate -> %d \n", wrqu->bitrate.value);
 
9267 static int ipw_wx_set_rts(struct net_device *dev,
 
9268                           struct iw_request_info *info,
 
9269                           union iwreq_data *wrqu, char *extra)
 
9271         struct ipw_priv *priv = ieee80211_priv(dev);
 
9272         mutex_lock(&priv->mutex);
 
9273         if (wrqu->rts.disabled || !wrqu->rts.fixed)
 
9274                 priv->rts_threshold = DEFAULT_RTS_THRESHOLD;
 
9276                 if (wrqu->rts.value < MIN_RTS_THRESHOLD ||
 
9277                     wrqu->rts.value > MAX_RTS_THRESHOLD) {
 
9278                         mutex_unlock(&priv->mutex);
 
9281                 priv->rts_threshold = wrqu->rts.value;
 
9284         ipw_send_rts_threshold(priv, priv->rts_threshold);
 
9285         mutex_unlock(&priv->mutex);
 
9286         IPW_DEBUG_WX("SET RTS Threshold -> %d \n", priv->rts_threshold);
 
9290 static int ipw_wx_get_rts(struct net_device *dev,
 
9291                           struct iw_request_info *info,
 
9292                           union iwreq_data *wrqu, char *extra)
 
9294         struct ipw_priv *priv = ieee80211_priv(dev);
 
9295         mutex_lock(&priv->mutex);
 
9296         wrqu->rts.value = priv->rts_threshold;
 
9297         wrqu->rts.fixed = 0;    /* no auto select */
 
9298         wrqu->rts.disabled = (wrqu->rts.value == DEFAULT_RTS_THRESHOLD);
 
9299         mutex_unlock(&priv->mutex);
 
9300         IPW_DEBUG_WX("GET RTS Threshold -> %d \n", wrqu->rts.value);
 
9304 static int ipw_wx_set_txpow(struct net_device *dev,
 
9305                             struct iw_request_info *info,
 
9306                             union iwreq_data *wrqu, char *extra)
 
9308         struct ipw_priv *priv = ieee80211_priv(dev);
 
9311         mutex_lock(&priv->mutex);
 
9312         if (ipw_radio_kill_sw(priv, wrqu->power.disabled)) {
 
9317         if (!wrqu->power.fixed)
 
9318                 wrqu->power.value = IPW_TX_POWER_DEFAULT;
 
9320         if (wrqu->power.flags != IW_TXPOW_DBM) {
 
9325         if ((wrqu->power.value > IPW_TX_POWER_MAX) ||
 
9326             (wrqu->power.value < IPW_TX_POWER_MIN)) {
 
9331         priv->tx_power = wrqu->power.value;
 
9332         err = ipw_set_tx_power(priv);
 
9334         mutex_unlock(&priv->mutex);
 
9338 static int ipw_wx_get_txpow(struct net_device *dev,
 
9339                             struct iw_request_info *info,
 
9340                             union iwreq_data *wrqu, char *extra)
 
9342         struct ipw_priv *priv = ieee80211_priv(dev);
 
9343         mutex_lock(&priv->mutex);
 
9344         wrqu->power.value = priv->tx_power;
 
9345         wrqu->power.fixed = 1;
 
9346         wrqu->power.flags = IW_TXPOW_DBM;
 
9347         wrqu->power.disabled = (priv->status & STATUS_RF_KILL_MASK) ? 1 : 0;
 
9348         mutex_unlock(&priv->mutex);
 
9350         IPW_DEBUG_WX("GET TX Power -> %s %d \n",
 
9351                      wrqu->power.disabled ? "OFF" : "ON", wrqu->power.value);
 
9356 static int ipw_wx_set_frag(struct net_device *dev,
 
9357                            struct iw_request_info *info,
 
9358                            union iwreq_data *wrqu, char *extra)
 
9360         struct ipw_priv *priv = ieee80211_priv(dev);
 
9361         mutex_lock(&priv->mutex);
 
9362         if (wrqu->frag.disabled || !wrqu->frag.fixed)
 
9363                 priv->ieee->fts = DEFAULT_FTS;
 
9365                 if (wrqu->frag.value < MIN_FRAG_THRESHOLD ||
 
9366                     wrqu->frag.value > MAX_FRAG_THRESHOLD) {
 
9367                         mutex_unlock(&priv->mutex);
 
9371                 priv->ieee->fts = wrqu->frag.value & ~0x1;
 
9374         ipw_send_frag_threshold(priv, wrqu->frag.value);
 
9375         mutex_unlock(&priv->mutex);
 
9376         IPW_DEBUG_WX("SET Frag Threshold -> %d \n", wrqu->frag.value);
 
9380 static int ipw_wx_get_frag(struct net_device *dev,
 
9381                            struct iw_request_info *info,
 
9382                            union iwreq_data *wrqu, char *extra)
 
9384         struct ipw_priv *priv = ieee80211_priv(dev);
 
9385         mutex_lock(&priv->mutex);
 
9386         wrqu->frag.value = priv->ieee->fts;
 
9387         wrqu->frag.fixed = 0;   /* no auto select */
 
9388         wrqu->frag.disabled = (wrqu->frag.value == DEFAULT_FTS);
 
9389         mutex_unlock(&priv->mutex);
 
9390         IPW_DEBUG_WX("GET Frag Threshold -> %d \n", wrqu->frag.value);
 
9395 static int ipw_wx_set_retry(struct net_device *dev,
 
9396                             struct iw_request_info *info,
 
9397                             union iwreq_data *wrqu, char *extra)
 
9399         struct ipw_priv *priv = ieee80211_priv(dev);
 
9401         if (wrqu->retry.flags & IW_RETRY_LIFETIME || wrqu->retry.disabled)
 
9404         if (!(wrqu->retry.flags & IW_RETRY_LIMIT))
 
9407         if (wrqu->retry.value < 0 || wrqu->retry.value >= 255)
 
9410         mutex_lock(&priv->mutex);
 
9411         if (wrqu->retry.flags & IW_RETRY_SHORT)
 
9412                 priv->short_retry_limit = (u8) wrqu->retry.value;
 
9413         else if (wrqu->retry.flags & IW_RETRY_LONG)
 
9414                 priv->long_retry_limit = (u8) wrqu->retry.value;
 
9416                 priv->short_retry_limit = (u8) wrqu->retry.value;
 
9417                 priv->long_retry_limit = (u8) wrqu->retry.value;
 
9420         ipw_send_retry_limit(priv, priv->short_retry_limit,
 
9421                              priv->long_retry_limit);
 
9422         mutex_unlock(&priv->mutex);
 
9423         IPW_DEBUG_WX("SET retry limit -> short:%d long:%d\n",
 
9424                      priv->short_retry_limit, priv->long_retry_limit);
 
9428 static int ipw_wx_get_retry(struct net_device *dev,
 
9429                             struct iw_request_info *info,
 
9430                             union iwreq_data *wrqu, char *extra)
 
9432         struct ipw_priv *priv = ieee80211_priv(dev);
 
9434         mutex_lock(&priv->mutex);
 
9435         wrqu->retry.disabled = 0;
 
9437         if ((wrqu->retry.flags & IW_RETRY_TYPE) == IW_RETRY_LIFETIME) {
 
9438                 mutex_unlock(&priv->mutex);
 
9442         if (wrqu->retry.flags & IW_RETRY_LONG) {
 
9443                 wrqu->retry.flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
 
9444                 wrqu->retry.value = priv->long_retry_limit;
 
9445         } else if (wrqu->retry.flags & IW_RETRY_SHORT) {
 
9446                 wrqu->retry.flags = IW_RETRY_LIMIT | IW_RETRY_SHORT;
 
9447                 wrqu->retry.value = priv->short_retry_limit;
 
9449                 wrqu->retry.flags = IW_RETRY_LIMIT;
 
9450                 wrqu->retry.value = priv->short_retry_limit;
 
9452         mutex_unlock(&priv->mutex);
 
9454         IPW_DEBUG_WX("GET retry -> %d \n", wrqu->retry.value);
 
9459 static int ipw_request_direct_scan(struct ipw_priv *priv, char *essid,
 
9462         struct ipw_scan_request_ext scan;
 
9463         int err = 0, scan_type;
 
9465         if (!(priv->status & STATUS_INIT) ||
 
9466             (priv->status & STATUS_EXIT_PENDING))
 
9469         mutex_lock(&priv->mutex);
 
9471         if (priv->status & STATUS_RF_KILL_MASK) {
 
9472                 IPW_DEBUG_HC("Aborting scan due to RF kill activation\n");
 
9473                 priv->status |= STATUS_SCAN_PENDING;
 
9477         IPW_DEBUG_HC("starting request direct scan!\n");
 
9479         if (priv->status & (STATUS_SCANNING | STATUS_SCAN_ABORTING)) {
 
9480                 /* We should not sleep here; otherwise we will block most
 
9481                  * of the system (for instance, we hold rtnl_lock when we
 
9487         memset(&scan, 0, sizeof(scan));
 
9489         if (priv->config & CFG_SPEED_SCAN)
 
9490                 scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_SCAN] =
 
9493                 scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_SCAN] =
 
9496         scan.dwell_time[IPW_SCAN_ACTIVE_BROADCAST_AND_DIRECT_SCAN] =
 
9498         scan.dwell_time[IPW_SCAN_PASSIVE_FULL_DWELL_SCAN] = cpu_to_le16(120);
 
9499         scan.dwell_time[IPW_SCAN_ACTIVE_DIRECT_SCAN] = cpu_to_le16(20);
 
9501         scan.full_scan_index = cpu_to_le32(ieee80211_get_scans(priv->ieee));
 
9503         err = ipw_send_ssid(priv, essid, essid_len);
 
9505                 IPW_DEBUG_HC("Attempt to send SSID command failed\n");
 
9508         scan_type = IPW_SCAN_ACTIVE_BROADCAST_AND_DIRECT_SCAN;
 
9510         ipw_add_scan_channels(priv, &scan, scan_type);
 
9512         err = ipw_send_scan_request_ext(priv, &scan);
 
9514                 IPW_DEBUG_HC("Sending scan command failed: %08X\n", err);
 
9518         priv->status |= STATUS_SCANNING;
 
9521         mutex_unlock(&priv->mutex);
 
9525 static int ipw_wx_set_scan(struct net_device *dev,
 
9526                            struct iw_request_info *info,
 
9527                            union iwreq_data *wrqu, char *extra)
 
9529         struct ipw_priv *priv = ieee80211_priv(dev);
 
9530         struct iw_scan_req *req = (struct iw_scan_req *)extra;
 
9532         mutex_lock(&priv->mutex);
 
9533         priv->user_requested_scan = 1;
 
9534         mutex_unlock(&priv->mutex);
 
9536         if (wrqu->data.length == sizeof(struct iw_scan_req)) {
 
9537                 if (wrqu->data.flags & IW_SCAN_THIS_ESSID) {
 
9538                         ipw_request_direct_scan(priv, req->essid,
 
9542                 if (req->scan_type == IW_SCAN_TYPE_PASSIVE) {
 
9543                         queue_work(priv->workqueue,
 
9544                                    &priv->request_passive_scan);
 
9549         IPW_DEBUG_WX("Start scan\n");
 
9551         queue_delayed_work(priv->workqueue, &priv->request_scan, 0);
 
9556 static int ipw_wx_get_scan(struct net_device *dev,
 
9557                            struct iw_request_info *info,
 
9558                            union iwreq_data *wrqu, char *extra)
 
9560         struct ipw_priv *priv = ieee80211_priv(dev);
 
9561         return ieee80211_wx_get_scan(priv->ieee, info, wrqu, extra);
 
9564 static int ipw_wx_set_encode(struct net_device *dev,
 
9565                              struct iw_request_info *info,
 
9566                              union iwreq_data *wrqu, char *key)
 
9568         struct ipw_priv *priv = ieee80211_priv(dev);
 
9570         u32 cap = priv->capability;
 
9572         mutex_lock(&priv->mutex);
 
9573         ret = ieee80211_wx_set_encode(priv->ieee, info, wrqu, key);
 
9575         /* In IBSS mode, we need to notify the firmware to update
 
9576          * the beacon info after we changed the capability. */
 
9577         if (cap != priv->capability &&
 
9578             priv->ieee->iw_mode == IW_MODE_ADHOC &&
 
9579             priv->status & STATUS_ASSOCIATED)
 
9580                 ipw_disassociate(priv);
 
9582         mutex_unlock(&priv->mutex);
 
9586 static int ipw_wx_get_encode(struct net_device *dev,
 
9587                              struct iw_request_info *info,
 
9588                              union iwreq_data *wrqu, char *key)
 
9590         struct ipw_priv *priv = ieee80211_priv(dev);
 
9591         return ieee80211_wx_get_encode(priv->ieee, info, wrqu, key);
 
9594 static int ipw_wx_set_power(struct net_device *dev,
 
9595                             struct iw_request_info *info,
 
9596                             union iwreq_data *wrqu, char *extra)
 
9598         struct ipw_priv *priv = ieee80211_priv(dev);
 
9600         mutex_lock(&priv->mutex);
 
9601         if (wrqu->power.disabled) {
 
9602                 priv->power_mode = IPW_POWER_LEVEL(priv->power_mode);
 
9603                 err = ipw_send_power_mode(priv, IPW_POWER_MODE_CAM);
 
9605                         IPW_DEBUG_WX("failed setting power mode.\n");
 
9606                         mutex_unlock(&priv->mutex);
 
9609                 IPW_DEBUG_WX("SET Power Management Mode -> off\n");
 
9610                 mutex_unlock(&priv->mutex);
 
9614         switch (wrqu->power.flags & IW_POWER_MODE) {
 
9615         case IW_POWER_ON:       /* If not specified */
 
9616         case IW_POWER_MODE:     /* If set all mask */
 
9617         case IW_POWER_ALL_R:    /* If explicitly state all */
 
9619         default:                /* Otherwise we don't support it */
 
9620                 IPW_DEBUG_WX("SET PM Mode: %X not supported.\n",
 
9622                 mutex_unlock(&priv->mutex);
 
9626         /* If the user hasn't specified a power management mode yet, default
 
9628         if (IPW_POWER_LEVEL(priv->power_mode) == IPW_POWER_AC)
 
9629                 priv->power_mode = IPW_POWER_ENABLED | IPW_POWER_BATTERY;
 
9631                 priv->power_mode = IPW_POWER_ENABLED | priv->power_mode;
 
9633         err = ipw_send_power_mode(priv, IPW_POWER_LEVEL(priv->power_mode));
 
9635                 IPW_DEBUG_WX("failed setting power mode.\n");
 
9636                 mutex_unlock(&priv->mutex);
 
9640         IPW_DEBUG_WX("SET Power Management Mode -> 0x%02X\n", priv->power_mode);
 
9641         mutex_unlock(&priv->mutex);
 
9645 static int ipw_wx_get_power(struct net_device *dev,
 
9646                             struct iw_request_info *info,
 
9647                             union iwreq_data *wrqu, char *extra)
 
9649         struct ipw_priv *priv = ieee80211_priv(dev);
 
9650         mutex_lock(&priv->mutex);
 
9651         if (!(priv->power_mode & IPW_POWER_ENABLED))
 
9652                 wrqu->power.disabled = 1;
 
9654                 wrqu->power.disabled = 0;
 
9656         mutex_unlock(&priv->mutex);
 
9657         IPW_DEBUG_WX("GET Power Management Mode -> %02X\n", priv->power_mode);
 
9662 static int ipw_wx_set_powermode(struct net_device *dev,
 
9663                                 struct iw_request_info *info,
 
9664                                 union iwreq_data *wrqu, char *extra)
 
9666         struct ipw_priv *priv = ieee80211_priv(dev);
 
9667         int mode = *(int *)extra;
 
9670         mutex_lock(&priv->mutex);
 
9671         if ((mode < 1) || (mode > IPW_POWER_LIMIT))
 
9672                 mode = IPW_POWER_AC;
 
9674         if (IPW_POWER_LEVEL(priv->power_mode) != mode) {
 
9675                 err = ipw_send_power_mode(priv, mode);
 
9677                         IPW_DEBUG_WX("failed setting power mode.\n");
 
9678                         mutex_unlock(&priv->mutex);
 
9681                 priv->power_mode = IPW_POWER_ENABLED | mode;
 
9683         mutex_unlock(&priv->mutex);
 
9687 #define MAX_WX_STRING 80
 
9688 static int ipw_wx_get_powermode(struct net_device *dev,
 
9689                                 struct iw_request_info *info,
 
9690                                 union iwreq_data *wrqu, char *extra)
 
9692         struct ipw_priv *priv = ieee80211_priv(dev);
 
9693         int level = IPW_POWER_LEVEL(priv->power_mode);
 
9696         p += snprintf(p, MAX_WX_STRING, "Power save level: %d ", level);
 
9700                 p += snprintf(p, MAX_WX_STRING - (p - extra), "(AC)");
 
9702         case IPW_POWER_BATTERY:
 
9703                 p += snprintf(p, MAX_WX_STRING - (p - extra), "(BATTERY)");
 
9706                 p += snprintf(p, MAX_WX_STRING - (p - extra),
 
9707                               "(Timeout %dms, Period %dms)",
 
9708                               timeout_duration[level - 1] / 1000,
 
9709                               period_duration[level - 1] / 1000);
 
9712         if (!(priv->power_mode & IPW_POWER_ENABLED))
 
9713                 p += snprintf(p, MAX_WX_STRING - (p - extra), " OFF");
 
9715         wrqu->data.length = p - extra + 1;
 
9720 static int ipw_wx_set_wireless_mode(struct net_device *dev,
 
9721                                     struct iw_request_info *info,
 
9722                                     union iwreq_data *wrqu, char *extra)
 
9724         struct ipw_priv *priv = ieee80211_priv(dev);
 
9725         int mode = *(int *)extra;
 
9726         u8 band = 0, modulation = 0;
 
9728         if (mode == 0 || mode & ~IEEE_MODE_MASK) {
 
9729                 IPW_WARNING("Attempt to set invalid wireless mode: %d\n", mode);
 
9732         mutex_lock(&priv->mutex);
 
9733         if (priv->adapter == IPW_2915ABG) {
 
9734                 priv->ieee->abg_true = 1;
 
9735                 if (mode & IEEE_A) {
 
9736                         band |= IEEE80211_52GHZ_BAND;
 
9737                         modulation |= IEEE80211_OFDM_MODULATION;
 
9739                         priv->ieee->abg_true = 0;
 
9741                 if (mode & IEEE_A) {
 
9742                         IPW_WARNING("Attempt to set 2200BG into "
 
9744                         mutex_unlock(&priv->mutex);
 
9748                 priv->ieee->abg_true = 0;
 
9751         if (mode & IEEE_B) {
 
9752                 band |= IEEE80211_24GHZ_BAND;
 
9753                 modulation |= IEEE80211_CCK_MODULATION;
 
9755                 priv->ieee->abg_true = 0;
 
9757         if (mode & IEEE_G) {
 
9758                 band |= IEEE80211_24GHZ_BAND;
 
9759                 modulation |= IEEE80211_OFDM_MODULATION;
 
9761                 priv->ieee->abg_true = 0;
 
9763         priv->ieee->mode = mode;
 
9764         priv->ieee->freq_band = band;
 
9765         priv->ieee->modulation = modulation;
 
9766         init_supported_rates(priv, &priv->rates);
 
9768         /* Network configuration changed -- force [re]association */
 
9769         IPW_DEBUG_ASSOC("[re]association triggered due to mode change.\n");
 
9770         if (!ipw_disassociate(priv)) {
 
9771                 ipw_send_supported_rates(priv, &priv->rates);
 
9772                 ipw_associate(priv);
 
9775         /* Update the band LEDs */
 
9776         ipw_led_band_on(priv);
 
9778         IPW_DEBUG_WX("PRIV SET MODE: %c%c%c\n",
 
9779                      mode & IEEE_A ? 'a' : '.',
 
9780                      mode & IEEE_B ? 'b' : '.', mode & IEEE_G ? 'g' : '.');
 
9781         mutex_unlock(&priv->mutex);
 
9785 static int ipw_wx_get_wireless_mode(struct net_device *dev,
 
9786                                     struct iw_request_info *info,
 
9787                                     union iwreq_data *wrqu, char *extra)
 
9789         struct ipw_priv *priv = ieee80211_priv(dev);
 
9790         mutex_lock(&priv->mutex);
 
9791         switch (priv->ieee->mode) {
 
9793                 strncpy(extra, "802.11a (1)", MAX_WX_STRING);
 
9796                 strncpy(extra, "802.11b (2)", MAX_WX_STRING);
 
9798         case IEEE_A | IEEE_B:
 
9799                 strncpy(extra, "802.11ab (3)", MAX_WX_STRING);
 
9802                 strncpy(extra, "802.11g (4)", MAX_WX_STRING);
 
9804         case IEEE_A | IEEE_G:
 
9805                 strncpy(extra, "802.11ag (5)", MAX_WX_STRING);
 
9807         case IEEE_B | IEEE_G:
 
9808                 strncpy(extra, "802.11bg (6)", MAX_WX_STRING);
 
9810         case IEEE_A | IEEE_B | IEEE_G:
 
9811                 strncpy(extra, "802.11abg (7)", MAX_WX_STRING);
 
9814                 strncpy(extra, "unknown", MAX_WX_STRING);
 
9818         IPW_DEBUG_WX("PRIV GET MODE: %s\n", extra);
 
9820         wrqu->data.length = strlen(extra) + 1;
 
9821         mutex_unlock(&priv->mutex);
 
9826 static int ipw_wx_set_preamble(struct net_device *dev,
 
9827                                struct iw_request_info *info,
 
9828                                union iwreq_data *wrqu, char *extra)
 
9830         struct ipw_priv *priv = ieee80211_priv(dev);
 
9831         int mode = *(int *)extra;
 
9832         mutex_lock(&priv->mutex);
 
9833         /* Switching from SHORT -> LONG requires a disassociation */
 
9835                 if (!(priv->config & CFG_PREAMBLE_LONG)) {
 
9836                         priv->config |= CFG_PREAMBLE_LONG;
 
9838                         /* Network configuration changed -- force [re]association */
 
9840                             ("[re]association triggered due to preamble change.\n");
 
9841                         if (!ipw_disassociate(priv))
 
9842                                 ipw_associate(priv);
 
9848                 priv->config &= ~CFG_PREAMBLE_LONG;
 
9851         mutex_unlock(&priv->mutex);
 
9855         mutex_unlock(&priv->mutex);
 
9859 static int ipw_wx_get_preamble(struct net_device *dev,
 
9860                                struct iw_request_info *info,
 
9861                                union iwreq_data *wrqu, char *extra)
 
9863         struct ipw_priv *priv = ieee80211_priv(dev);
 
9864         mutex_lock(&priv->mutex);
 
9865         if (priv->config & CFG_PREAMBLE_LONG)
 
9866                 snprintf(wrqu->name, IFNAMSIZ, "long (1)");
 
9868                 snprintf(wrqu->name, IFNAMSIZ, "auto (0)");
 
9869         mutex_unlock(&priv->mutex);
 
9873 #ifdef CONFIG_IPW2200_MONITOR
 
9874 static int ipw_wx_set_monitor(struct net_device *dev,
 
9875                               struct iw_request_info *info,
 
9876                               union iwreq_data *wrqu, char *extra)
 
9878         struct ipw_priv *priv = ieee80211_priv(dev);
 
9879         int *parms = (int *)extra;
 
9880         int enable = (parms[0] > 0);
 
9881         mutex_lock(&priv->mutex);
 
9882         IPW_DEBUG_WX("SET MONITOR: %d %d\n", enable, parms[1]);
 
9884                 if (priv->ieee->iw_mode != IW_MODE_MONITOR) {
 
9885 #ifdef CONFIG_IPW2200_RADIOTAP
 
9886                         priv->net_dev->type = ARPHRD_IEEE80211_RADIOTAP;
 
9888                         priv->net_dev->type = ARPHRD_IEEE80211;
 
9890                         queue_work(priv->workqueue, &priv->adapter_restart);
 
9893                 ipw_set_channel(priv, parms[1]);
 
9895                 if (priv->ieee->iw_mode != IW_MODE_MONITOR) {
 
9896                         mutex_unlock(&priv->mutex);
 
9899                 priv->net_dev->type = ARPHRD_ETHER;
 
9900                 queue_work(priv->workqueue, &priv->adapter_restart);
 
9902         mutex_unlock(&priv->mutex);
 
9906 #endif                          /* CONFIG_IPW2200_MONITOR */
 
9908 static int ipw_wx_reset(struct net_device *dev,
 
9909                         struct iw_request_info *info,
 
9910                         union iwreq_data *wrqu, char *extra)
 
9912         struct ipw_priv *priv = ieee80211_priv(dev);
 
9913         IPW_DEBUG_WX("RESET\n");
 
9914         queue_work(priv->workqueue, &priv->adapter_restart);
 
9918 static int ipw_wx_sw_reset(struct net_device *dev,
 
9919                            struct iw_request_info *info,
 
9920                            union iwreq_data *wrqu, char *extra)
 
9922         struct ipw_priv *priv = ieee80211_priv(dev);
 
9923         union iwreq_data wrqu_sec = {
 
9925                              .flags = IW_ENCODE_DISABLED,
 
9930         IPW_DEBUG_WX("SW_RESET\n");
 
9932         mutex_lock(&priv->mutex);
 
9934         ret = ipw_sw_reset(priv, 2);
 
9937                 ipw_adapter_restart(priv);
 
9940         /* The SW reset bit might have been toggled on by the 'disable'
 
9941          * module parameter, so take appropriate action */
 
9942         ipw_radio_kill_sw(priv, priv->status & STATUS_RF_KILL_SW);
 
9944         mutex_unlock(&priv->mutex);
 
9945         ieee80211_wx_set_encode(priv->ieee, info, &wrqu_sec, NULL);
 
9946         mutex_lock(&priv->mutex);
 
9948         if (!(priv->status & STATUS_RF_KILL_MASK)) {
 
9949                 /* Configuration likely changed -- force [re]association */
 
9950                 IPW_DEBUG_ASSOC("[re]association triggered due to sw "
 
9952                 if (!ipw_disassociate(priv))
 
9953                         ipw_associate(priv);
 
9956         mutex_unlock(&priv->mutex);
 
9961 /* Rebase the WE IOCTLs to zero for the handler array */
 
9962 #define IW_IOCTL(x) [(x)-SIOCSIWCOMMIT]
 
9963 static iw_handler ipw_wx_handlers[] = {
 
9964         IW_IOCTL(SIOCGIWNAME) = ipw_wx_get_name,
 
9965         IW_IOCTL(SIOCSIWFREQ) = ipw_wx_set_freq,
 
9966         IW_IOCTL(SIOCGIWFREQ) = ipw_wx_get_freq,
 
9967         IW_IOCTL(SIOCSIWMODE) = ipw_wx_set_mode,
 
9968         IW_IOCTL(SIOCGIWMODE) = ipw_wx_get_mode,
 
9969         IW_IOCTL(SIOCSIWSENS) = ipw_wx_set_sens,
 
9970         IW_IOCTL(SIOCGIWSENS) = ipw_wx_get_sens,
 
9971         IW_IOCTL(SIOCGIWRANGE) = ipw_wx_get_range,
 
9972         IW_IOCTL(SIOCSIWAP) = ipw_wx_set_wap,
 
9973         IW_IOCTL(SIOCGIWAP) = ipw_wx_get_wap,
 
9974         IW_IOCTL(SIOCSIWSCAN) = ipw_wx_set_scan,
 
9975         IW_IOCTL(SIOCGIWSCAN) = ipw_wx_get_scan,
 
9976         IW_IOCTL(SIOCSIWESSID) = ipw_wx_set_essid,
 
9977         IW_IOCTL(SIOCGIWESSID) = ipw_wx_get_essid,
 
9978         IW_IOCTL(SIOCSIWNICKN) = ipw_wx_set_nick,
 
9979         IW_IOCTL(SIOCGIWNICKN) = ipw_wx_get_nick,
 
9980         IW_IOCTL(SIOCSIWRATE) = ipw_wx_set_rate,
 
9981         IW_IOCTL(SIOCGIWRATE) = ipw_wx_get_rate,
 
9982         IW_IOCTL(SIOCSIWRTS) = ipw_wx_set_rts,
 
9983         IW_IOCTL(SIOCGIWRTS) = ipw_wx_get_rts,
 
9984         IW_IOCTL(SIOCSIWFRAG) = ipw_wx_set_frag,
 
9985         IW_IOCTL(SIOCGIWFRAG) = ipw_wx_get_frag,
 
9986         IW_IOCTL(SIOCSIWTXPOW) = ipw_wx_set_txpow,
 
9987         IW_IOCTL(SIOCGIWTXPOW) = ipw_wx_get_txpow,
 
9988         IW_IOCTL(SIOCSIWRETRY) = ipw_wx_set_retry,
 
9989         IW_IOCTL(SIOCGIWRETRY) = ipw_wx_get_retry,
 
9990         IW_IOCTL(SIOCSIWENCODE) = ipw_wx_set_encode,
 
9991         IW_IOCTL(SIOCGIWENCODE) = ipw_wx_get_encode,
 
9992         IW_IOCTL(SIOCSIWPOWER) = ipw_wx_set_power,
 
9993         IW_IOCTL(SIOCGIWPOWER) = ipw_wx_get_power,
 
9994         IW_IOCTL(SIOCSIWSPY) = iw_handler_set_spy,
 
9995         IW_IOCTL(SIOCGIWSPY) = iw_handler_get_spy,
 
9996         IW_IOCTL(SIOCSIWTHRSPY) = iw_handler_set_thrspy,
 
9997         IW_IOCTL(SIOCGIWTHRSPY) = iw_handler_get_thrspy,
 
9998         IW_IOCTL(SIOCSIWGENIE) = ipw_wx_set_genie,
 
9999         IW_IOCTL(SIOCGIWGENIE) = ipw_wx_get_genie,
 
10000         IW_IOCTL(SIOCSIWMLME) = ipw_wx_set_mlme,
 
10001         IW_IOCTL(SIOCSIWAUTH) = ipw_wx_set_auth,
 
10002         IW_IOCTL(SIOCGIWAUTH) = ipw_wx_get_auth,
 
10003         IW_IOCTL(SIOCSIWENCODEEXT) = ipw_wx_set_encodeext,
 
10004         IW_IOCTL(SIOCGIWENCODEEXT) = ipw_wx_get_encodeext,
 
10008         IPW_PRIV_SET_POWER = SIOCIWFIRSTPRIV,
 
10009         IPW_PRIV_GET_POWER,
 
10012         IPW_PRIV_SET_PREAMBLE,
 
10013         IPW_PRIV_GET_PREAMBLE,
 
10016 #ifdef CONFIG_IPW2200_MONITOR
 
10017         IPW_PRIV_SET_MONITOR,
 
10021 static struct iw_priv_args ipw_priv_args[] = {
 
10023          .cmd = IPW_PRIV_SET_POWER,
 
10024          .set_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
 
10025          .name = "set_power"},
 
10027          .cmd = IPW_PRIV_GET_POWER,
 
10028          .get_args = IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | MAX_WX_STRING,
 
10029          .name = "get_power"},
 
10031          .cmd = IPW_PRIV_SET_MODE,
 
10032          .set_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
 
10033          .name = "set_mode"},
 
10035          .cmd = IPW_PRIV_GET_MODE,
 
10036          .get_args = IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | MAX_WX_STRING,
 
10037          .name = "get_mode"},
 
10039          .cmd = IPW_PRIV_SET_PREAMBLE,
 
10040          .set_args = IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
 
10041          .name = "set_preamble"},
 
10043          .cmd = IPW_PRIV_GET_PREAMBLE,
 
10044          .get_args = IW_PRIV_TYPE_CHAR | IW_PRIV_SIZE_FIXED | IFNAMSIZ,
 
10045          .name = "get_preamble"},
 
10048          IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 0, 0, "reset"},
 
10051          IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 0, 0, "sw_reset"},
 
10052 #ifdef CONFIG_IPW2200_MONITOR
 
10054          IPW_PRIV_SET_MONITOR,
 
10055          IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2, 0, "monitor"},
 
10056 #endif                          /* CONFIG_IPW2200_MONITOR */
 
10059 static iw_handler ipw_priv_handler[] = {
 
10060         ipw_wx_set_powermode,
 
10061         ipw_wx_get_powermode,
 
10062         ipw_wx_set_wireless_mode,
 
10063         ipw_wx_get_wireless_mode,
 
10064         ipw_wx_set_preamble,
 
10065         ipw_wx_get_preamble,
 
10068 #ifdef CONFIG_IPW2200_MONITOR
 
10069         ipw_wx_set_monitor,
 
10073 static struct iw_handler_def ipw_wx_handler_def = {
 
10074         .standard = ipw_wx_handlers,
 
10075         .num_standard = ARRAY_SIZE(ipw_wx_handlers),
 
10076         .num_private = ARRAY_SIZE(ipw_priv_handler),
 
10077         .num_private_args = ARRAY_SIZE(ipw_priv_args),
 
10078         .private = ipw_priv_handler,
 
10079         .private_args = ipw_priv_args,
 
10080         .get_wireless_stats = ipw_get_wireless_stats,
 
10084  * Get wireless statistics.
 
10085  * Called by /proc/net/wireless
 
10086  * Also called by SIOCGIWSTATS
 
10088 static struct iw_statistics *ipw_get_wireless_stats(struct net_device *dev)
 
10090         struct ipw_priv *priv = ieee80211_priv(dev);
 
10091         struct iw_statistics *wstats;
 
10093         wstats = &priv->wstats;
 
10095         /* if hw is disabled, then ipw_get_ordinal() can't be called.
 
10096          * netdev->get_wireless_stats seems to be called before fw is
 
10097          * initialized.  STATUS_ASSOCIATED will only be set if the hw is up
 
10098          * and associated; if not associcated, the values are all meaningless
 
10099          * anyway, so set them all to NULL and INVALID */
 
10100         if (!(priv->status & STATUS_ASSOCIATED)) {
 
10101                 wstats->miss.beacon = 0;
 
10102                 wstats->discard.retries = 0;
 
10103                 wstats->qual.qual = 0;
 
10104                 wstats->qual.level = 0;
 
10105                 wstats->qual.noise = 0;
 
10106                 wstats->qual.updated = 7;
 
10107                 wstats->qual.updated |= IW_QUAL_NOISE_INVALID |
 
10108                     IW_QUAL_QUAL_INVALID | IW_QUAL_LEVEL_INVALID;
 
10112         wstats->qual.qual = priv->quality;
 
10113         wstats->qual.level = priv->exp_avg_rssi;
 
10114         wstats->qual.noise = priv->exp_avg_noise;
 
10115         wstats->qual.updated = IW_QUAL_QUAL_UPDATED | IW_QUAL_LEVEL_UPDATED |
 
10116             IW_QUAL_NOISE_UPDATED | IW_QUAL_DBM;
 
10118         wstats->miss.beacon = average_value(&priv->average_missed_beacons);
 
10119         wstats->discard.retries = priv->last_tx_failures;
 
10120         wstats->discard.code = priv->ieee->ieee_stats.rx_discards_undecryptable;
 
10122 /*      if (ipw_get_ordinal(priv, IPW_ORD_STAT_TX_RETRY, &tx_retry, &len))
 
10123         goto fail_get_ordinal;
 
10124         wstats->discard.retries += tx_retry; */
 
10129 /* net device stuff */
 
10131 static  void init_sys_config(struct ipw_sys_config *sys_config)
 
10133         memset(sys_config, 0, sizeof(struct ipw_sys_config));
 
10134         sys_config->bt_coexistence = 0;
 
10135         sys_config->answer_broadcast_ssid_probe = 0;
 
10136         sys_config->accept_all_data_frames = 0;
 
10137         sys_config->accept_non_directed_frames = 1;
 
10138         sys_config->exclude_unicast_unencrypted = 0;
 
10139         sys_config->disable_unicast_decryption = 1;
 
10140         sys_config->exclude_multicast_unencrypted = 0;
 
10141         sys_config->disable_multicast_decryption = 1;
 
10142         if (antenna < CFG_SYS_ANTENNA_BOTH || antenna > CFG_SYS_ANTENNA_B)
 
10143                 antenna = CFG_SYS_ANTENNA_BOTH;
 
10144         sys_config->antenna_diversity = antenna;
 
10145         sys_config->pass_crc_to_host = 0;       /* TODO: See if 1 gives us FCS */
 
10146         sys_config->dot11g_auto_detection = 0;
 
10147         sys_config->enable_cts_to_self = 0;
 
10148         sys_config->bt_coexist_collision_thr = 0;
 
10149         sys_config->pass_noise_stats_to_host = 1;       /* 1 -- fix for 256 */
 
10150         sys_config->silence_threshold = 0x1e;
 
10153 static int ipw_net_open(struct net_device *dev)
 
10155         struct ipw_priv *priv = ieee80211_priv(dev);
 
10156         IPW_DEBUG_INFO("dev->open\n");
 
10157         /* we should be verifying the device is ready to be opened */
 
10158         mutex_lock(&priv->mutex);
 
10159         if (!(priv->status & STATUS_RF_KILL_MASK) &&
 
10160             (priv->status & STATUS_ASSOCIATED))
 
10161                 netif_start_queue(dev);
 
10162         mutex_unlock(&priv->mutex);
 
10166 static int ipw_net_stop(struct net_device *dev)
 
10168         IPW_DEBUG_INFO("dev->close\n");
 
10169         netif_stop_queue(dev);
 
10176 modify to send one tfd per fragment instead of using chunking.  otherwise
 
10177 we need to heavily modify the ieee80211_skb_to_txb.
 
10180 static int ipw_tx_skb(struct ipw_priv *priv, struct ieee80211_txb *txb,
 
10183         struct ieee80211_hdr_3addrqos *hdr = (struct ieee80211_hdr_3addrqos *)
 
10184             txb->fragments[0]->data;
 
10186         struct tfd_frame *tfd;
 
10187 #ifdef CONFIG_IPW2200_QOS
 
10188         int tx_id = ipw_get_tx_queue_number(priv, pri);
 
10189         struct clx2_tx_queue *txq = &priv->txq[tx_id];
 
10191         struct clx2_tx_queue *txq = &priv->txq[0];
 
10193         struct clx2_queue *q = &txq->q;
 
10194         u8 id, hdr_len, unicast;
 
10195         u16 remaining_bytes;
 
10197         DECLARE_MAC_BUF(mac);
 
10199         hdr_len = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
 
10200         switch (priv->ieee->iw_mode) {
 
10201         case IW_MODE_ADHOC:
 
10202                 unicast = !is_multicast_ether_addr(hdr->addr1);
 
10203                 id = ipw_find_station(priv, hdr->addr1);
 
10204                 if (id == IPW_INVALID_STATION) {
 
10205                         id = ipw_add_station(priv, hdr->addr1);
 
10206                         if (id == IPW_INVALID_STATION) {
 
10207                                 IPW_WARNING("Attempt to send data to "
 
10208                                             "invalid cell: %s\n",
 
10209                                             print_mac(mac, hdr->addr1));
 
10215         case IW_MODE_INFRA:
 
10217                 unicast = !is_multicast_ether_addr(hdr->addr3);
 
10222         tfd = &txq->bd[q->first_empty];
 
10223         txq->txb[q->first_empty] = txb;
 
10224         memset(tfd, 0, sizeof(*tfd));
 
10225         tfd->u.data.station_number = id;
 
10227         tfd->control_flags.message_type = TX_FRAME_TYPE;
 
10228         tfd->control_flags.control_bits = TFD_NEED_IRQ_MASK;
 
10230         tfd->u.data.cmd_id = DINO_CMD_TX;
 
10231         tfd->u.data.len = cpu_to_le16(txb->payload_size);
 
10232         remaining_bytes = txb->payload_size;
 
10234         if (priv->assoc_request.ieee_mode == IPW_B_MODE)
 
10235                 tfd->u.data.tx_flags_ext |= DCT_FLAG_EXT_MODE_CCK;
 
10237                 tfd->u.data.tx_flags_ext |= DCT_FLAG_EXT_MODE_OFDM;
 
10239         if (priv->assoc_request.preamble_length == DCT_FLAG_SHORT_PREAMBLE)
 
10240                 tfd->u.data.tx_flags |= DCT_FLAG_SHORT_PREAMBLE;
 
10242         fc = le16_to_cpu(hdr->frame_ctl);
 
10243         hdr->frame_ctl = cpu_to_le16(fc & ~IEEE80211_FCTL_MOREFRAGS);
 
10245         memcpy(&tfd->u.data.tfd.tfd_24.mchdr, hdr, hdr_len);
 
10247         if (likely(unicast))
 
10248                 tfd->u.data.tx_flags |= DCT_FLAG_ACK_REQD;
 
10250         if (txb->encrypted && !priv->ieee->host_encrypt) {
 
10251                 switch (priv->ieee->sec.level) {
 
10253                         tfd->u.data.tfd.tfd_24.mchdr.frame_ctl |=
 
10254                             cpu_to_le16(IEEE80211_FCTL_PROTECTED);
 
10255                         /* XXX: ACK flag must be set for CCMP even if it
 
10256                          * is a multicast/broadcast packet, because CCMP
 
10257                          * group communication encrypted by GTK is
 
10258                          * actually done by the AP. */
 
10260                                 tfd->u.data.tx_flags |= DCT_FLAG_ACK_REQD;
 
10262                         tfd->u.data.tx_flags &= ~DCT_FLAG_NO_WEP;
 
10263                         tfd->u.data.tx_flags_ext |= DCT_FLAG_EXT_SECURITY_CCM;
 
10264                         tfd->u.data.key_index = 0;
 
10265                         tfd->u.data.key_index |= DCT_WEP_INDEX_USE_IMMEDIATE;
 
10268                         tfd->u.data.tfd.tfd_24.mchdr.frame_ctl |=
 
10269                             cpu_to_le16(IEEE80211_FCTL_PROTECTED);
 
10270                         tfd->u.data.tx_flags &= ~DCT_FLAG_NO_WEP;
 
10271                         tfd->u.data.tx_flags_ext |= DCT_FLAG_EXT_SECURITY_TKIP;
 
10272                         tfd->u.data.key_index = DCT_WEP_INDEX_USE_IMMEDIATE;
 
10275                         tfd->u.data.tfd.tfd_24.mchdr.frame_ctl |=
 
10276                             cpu_to_le16(IEEE80211_FCTL_PROTECTED);
 
10277                         tfd->u.data.key_index = priv->ieee->tx_keyidx;
 
10278                         if (priv->ieee->sec.key_sizes[priv->ieee->tx_keyidx] <=
 
10280                                 tfd->u.data.key_index |= DCT_WEP_KEY_64Bit;
 
10282                                 tfd->u.data.key_index |= DCT_WEP_KEY_128Bit;
 
10287                         printk(KERN_ERR "Unknow security level %d\n",
 
10288                                priv->ieee->sec.level);
 
10292                 /* No hardware encryption */
 
10293                 tfd->u.data.tx_flags |= DCT_FLAG_NO_WEP;
 
10295 #ifdef CONFIG_IPW2200_QOS
 
10296         if (fc & IEEE80211_STYPE_QOS_DATA)
 
10297                 ipw_qos_set_tx_queue_command(priv, pri, &(tfd->u.data));
 
10298 #endif                          /* CONFIG_IPW2200_QOS */
 
10301         tfd->u.data.num_chunks = cpu_to_le32(min((u8) (NUM_TFD_CHUNKS - 2),
 
10303         IPW_DEBUG_FRAG("%i fragments being sent as %i chunks.\n",
 
10304                        txb->nr_frags, le32_to_cpu(tfd->u.data.num_chunks));
 
10305         for (i = 0; i < le32_to_cpu(tfd->u.data.num_chunks); i++) {
 
10306                 IPW_DEBUG_FRAG("Adding fragment %i of %i (%d bytes).\n",
 
10307                                i, le32_to_cpu(tfd->u.data.num_chunks),
 
10308                                txb->fragments[i]->len - hdr_len);
 
10309                 IPW_DEBUG_TX("Dumping TX packet frag %i of %i (%d bytes):\n",
 
10310                              i, tfd->u.data.num_chunks,
 
10311                              txb->fragments[i]->len - hdr_len);
 
10312                 printk_buf(IPW_DL_TX, txb->fragments[i]->data + hdr_len,
 
10313                            txb->fragments[i]->len - hdr_len);
 
10315                 tfd->u.data.chunk_ptr[i] =
 
10316                     cpu_to_le32(pci_map_single
 
10318                                  txb->fragments[i]->data + hdr_len,
 
10319                                  txb->fragments[i]->len - hdr_len,
 
10320                                  PCI_DMA_TODEVICE));
 
10321                 tfd->u.data.chunk_len[i] =
 
10322                     cpu_to_le16(txb->fragments[i]->len - hdr_len);
 
10325         if (i != txb->nr_frags) {
 
10326                 struct sk_buff *skb;
 
10327                 u16 remaining_bytes = 0;
 
10330                 for (j = i; j < txb->nr_frags; j++)
 
10331                         remaining_bytes += txb->fragments[j]->len - hdr_len;
 
10333                 printk(KERN_INFO "Trying to reallocate for %d bytes\n",
 
10335                 skb = alloc_skb(remaining_bytes, GFP_ATOMIC);
 
10337                         tfd->u.data.chunk_len[i] = cpu_to_le16(remaining_bytes);
 
10338                         for (j = i; j < txb->nr_frags; j++) {
 
10339                                 int size = txb->fragments[j]->len - hdr_len;
 
10341                                 printk(KERN_INFO "Adding frag %d %d...\n",
 
10343                                 memcpy(skb_put(skb, size),
 
10344                                        txb->fragments[j]->data + hdr_len, size);
 
10346                         dev_kfree_skb_any(txb->fragments[i]);
 
10347                         txb->fragments[i] = skb;
 
10348                         tfd->u.data.chunk_ptr[i] =
 
10349                             cpu_to_le32(pci_map_single
 
10350                                         (priv->pci_dev, skb->data,
 
10351                                          tfd->u.data.chunk_len[i],
 
10352                                          PCI_DMA_TODEVICE));
 
10354                         tfd->u.data.num_chunks =
 
10355                             cpu_to_le32(le32_to_cpu(tfd->u.data.num_chunks) +
 
10361         q->first_empty = ipw_queue_inc_wrap(q->first_empty, q->n_bd);
 
10362         ipw_write32(priv, q->reg_w, q->first_empty);
 
10364         if (ipw_queue_space(q) < q->high_mark)
 
10365                 netif_stop_queue(priv->net_dev);
 
10367         return NETDEV_TX_OK;
 
10370         IPW_DEBUG_DROP("Silently dropping Tx packet.\n");
 
10371         ieee80211_txb_free(txb);
 
10372         return NETDEV_TX_OK;
 
10375 static int ipw_net_is_queue_full(struct net_device *dev, int pri)
 
10377         struct ipw_priv *priv = ieee80211_priv(dev);
 
10378 #ifdef CONFIG_IPW2200_QOS
 
10379         int tx_id = ipw_get_tx_queue_number(priv, pri);
 
10380         struct clx2_tx_queue *txq = &priv->txq[tx_id];
 
10382         struct clx2_tx_queue *txq = &priv->txq[0];
 
10383 #endif                          /* CONFIG_IPW2200_QOS */
 
10385         if (ipw_queue_space(&txq->q) < txq->q.high_mark)
 
10391 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
10392 static void ipw_handle_promiscuous_tx(struct ipw_priv *priv,
 
10393                                       struct ieee80211_txb *txb)
 
10395         struct ieee80211_rx_stats dummystats;
 
10396         struct ieee80211_hdr *hdr;
 
10398         u16 filter = priv->prom_priv->filter;
 
10401         if (filter & IPW_PROM_NO_TX)
 
10404         memset(&dummystats, 0, sizeof(dummystats));
 
10406         /* Filtering of fragment chains is done agains the first fragment */
 
10407         hdr = (void *)txb->fragments[0]->data;
 
10408         if (ieee80211_is_management(le16_to_cpu(hdr->frame_ctl))) {
 
10409                 if (filter & IPW_PROM_NO_MGMT)
 
10411                 if (filter & IPW_PROM_MGMT_HEADER_ONLY)
 
10413         } else if (ieee80211_is_control(le16_to_cpu(hdr->frame_ctl))) {
 
10414                 if (filter & IPW_PROM_NO_CTL)
 
10416                 if (filter & IPW_PROM_CTL_HEADER_ONLY)
 
10418         } else if (ieee80211_is_data(le16_to_cpu(hdr->frame_ctl))) {
 
10419                 if (filter & IPW_PROM_NO_DATA)
 
10421                 if (filter & IPW_PROM_DATA_HEADER_ONLY)
 
10425         for(n=0; n<txb->nr_frags; ++n) {
 
10426                 struct sk_buff *src = txb->fragments[n];
 
10427                 struct sk_buff *dst;
 
10428                 struct ieee80211_radiotap_header *rt_hdr;
 
10432                         hdr = (void *)src->data;
 
10433                         len = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
 
10438                         len + IEEE80211_RADIOTAP_HDRLEN, GFP_ATOMIC);
 
10439                 if (!dst) continue;
 
10441                 rt_hdr = (void *)skb_put(dst, sizeof(*rt_hdr));
 
10443                 rt_hdr->it_version = PKTHDR_RADIOTAP_VERSION;
 
10444                 rt_hdr->it_pad = 0;
 
10445                 rt_hdr->it_present = 0; /* after all, it's just an idea */
 
10446                 rt_hdr->it_present |=  (1 << IEEE80211_RADIOTAP_CHANNEL);
 
10448                 *(u16*)skb_put(dst, sizeof(u16)) = cpu_to_le16(
 
10449                         ieee80211chan2mhz(priv->channel));
 
10450                 if (priv->channel > 14)         /* 802.11a */
 
10451                         *(u16*)skb_put(dst, sizeof(u16)) =
 
10452                                 cpu_to_le16(IEEE80211_CHAN_OFDM |
 
10453                                              IEEE80211_CHAN_5GHZ);
 
10454                 else if (priv->ieee->mode == IEEE_B) /* 802.11b */
 
10455                         *(u16*)skb_put(dst, sizeof(u16)) =
 
10456                                 cpu_to_le16(IEEE80211_CHAN_CCK |
 
10457                                              IEEE80211_CHAN_2GHZ);
 
10459                         *(u16*)skb_put(dst, sizeof(u16)) =
 
10460                                 cpu_to_le16(IEEE80211_CHAN_OFDM |
 
10461                                  IEEE80211_CHAN_2GHZ);
 
10463                 rt_hdr->it_len = dst->len;
 
10465                 skb_copy_from_linear_data(src, skb_put(dst, len), len);
 
10467                 if (!ieee80211_rx(priv->prom_priv->ieee, dst, &dummystats))
 
10468                         dev_kfree_skb_any(dst);
 
10473 static int ipw_net_hard_start_xmit(struct ieee80211_txb *txb,
 
10474                                    struct net_device *dev, int pri)
 
10476         struct ipw_priv *priv = ieee80211_priv(dev);
 
10477         unsigned long flags;
 
10480         IPW_DEBUG_TX("dev->xmit(%d bytes)\n", txb->payload_size);
 
10481         spin_lock_irqsave(&priv->lock, flags);
 
10483         if (!(priv->status & STATUS_ASSOCIATED)) {
 
10484                 IPW_DEBUG_INFO("Tx attempt while not associated.\n");
 
10485                 priv->ieee->stats.tx_carrier_errors++;
 
10486                 netif_stop_queue(dev);
 
10490 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
10491         if (rtap_iface && netif_running(priv->prom_net_dev))
 
10492                 ipw_handle_promiscuous_tx(priv, txb);
 
10495         ret = ipw_tx_skb(priv, txb, pri);
 
10496         if (ret == NETDEV_TX_OK)
 
10497                 __ipw_led_activity_on(priv);
 
10498         spin_unlock_irqrestore(&priv->lock, flags);
 
10503         spin_unlock_irqrestore(&priv->lock, flags);
 
10507 static struct net_device_stats *ipw_net_get_stats(struct net_device *dev)
 
10509         struct ipw_priv *priv = ieee80211_priv(dev);
 
10511         priv->ieee->stats.tx_packets = priv->tx_packets;
 
10512         priv->ieee->stats.rx_packets = priv->rx_packets;
 
10513         return &priv->ieee->stats;
 
10516 static void ipw_net_set_multicast_list(struct net_device *dev)
 
10521 static int ipw_net_set_mac_address(struct net_device *dev, void *p)
 
10523         struct ipw_priv *priv = ieee80211_priv(dev);
 
10524         struct sockaddr *addr = p;
 
10525         DECLARE_MAC_BUF(mac);
 
10527         if (!is_valid_ether_addr(addr->sa_data))
 
10528                 return -EADDRNOTAVAIL;
 
10529         mutex_lock(&priv->mutex);
 
10530         priv->config |= CFG_CUSTOM_MAC;
 
10531         memcpy(priv->mac_addr, addr->sa_data, ETH_ALEN);
 
10532         printk(KERN_INFO "%s: Setting MAC to %s\n",
 
10533                priv->net_dev->name, print_mac(mac, priv->mac_addr));
 
10534         queue_work(priv->workqueue, &priv->adapter_restart);
 
10535         mutex_unlock(&priv->mutex);
 
10539 static void ipw_ethtool_get_drvinfo(struct net_device *dev,
 
10540                                     struct ethtool_drvinfo *info)
 
10542         struct ipw_priv *p = ieee80211_priv(dev);
 
10547         strcpy(info->driver, DRV_NAME);
 
10548         strcpy(info->version, DRV_VERSION);
 
10550         len = sizeof(vers);
 
10551         ipw_get_ordinal(p, IPW_ORD_STAT_FW_VERSION, vers, &len);
 
10552         len = sizeof(date);
 
10553         ipw_get_ordinal(p, IPW_ORD_STAT_FW_DATE, date, &len);
 
10555         snprintf(info->fw_version, sizeof(info->fw_version), "%s (%s)",
 
10557         strcpy(info->bus_info, pci_name(p->pci_dev));
 
10558         info->eedump_len = IPW_EEPROM_IMAGE_SIZE;
 
10561 static u32 ipw_ethtool_get_link(struct net_device *dev)
 
10563         struct ipw_priv *priv = ieee80211_priv(dev);
 
10564         return (priv->status & STATUS_ASSOCIATED) != 0;
 
10567 static int ipw_ethtool_get_eeprom_len(struct net_device *dev)
 
10569         return IPW_EEPROM_IMAGE_SIZE;
 
10572 static int ipw_ethtool_get_eeprom(struct net_device *dev,
 
10573                                   struct ethtool_eeprom *eeprom, u8 * bytes)
 
10575         struct ipw_priv *p = ieee80211_priv(dev);
 
10577         if (eeprom->offset + eeprom->len > IPW_EEPROM_IMAGE_SIZE)
 
10579         mutex_lock(&p->mutex);
 
10580         memcpy(bytes, &p->eeprom[eeprom->offset], eeprom->len);
 
10581         mutex_unlock(&p->mutex);
 
10585 static int ipw_ethtool_set_eeprom(struct net_device *dev,
 
10586                                   struct ethtool_eeprom *eeprom, u8 * bytes)
 
10588         struct ipw_priv *p = ieee80211_priv(dev);
 
10591         if (eeprom->offset + eeprom->len > IPW_EEPROM_IMAGE_SIZE)
 
10593         mutex_lock(&p->mutex);
 
10594         memcpy(&p->eeprom[eeprom->offset], bytes, eeprom->len);
 
10595         for (i = 0; i < IPW_EEPROM_IMAGE_SIZE; i++)
 
10596                 ipw_write8(p, i + IPW_EEPROM_DATA, p->eeprom[i]);
 
10597         mutex_unlock(&p->mutex);
 
10601 static const struct ethtool_ops ipw_ethtool_ops = {
 
10602         .get_link = ipw_ethtool_get_link,
 
10603         .get_drvinfo = ipw_ethtool_get_drvinfo,
 
10604         .get_eeprom_len = ipw_ethtool_get_eeprom_len,
 
10605         .get_eeprom = ipw_ethtool_get_eeprom,
 
10606         .set_eeprom = ipw_ethtool_set_eeprom,
 
10609 static irqreturn_t ipw_isr(int irq, void *data)
 
10611         struct ipw_priv *priv = data;
 
10612         u32 inta, inta_mask;
 
10617         spin_lock(&priv->irq_lock);
 
10619         if (!(priv->status & STATUS_INT_ENABLED)) {
 
10620                 /* IRQ is disabled */
 
10624         inta = ipw_read32(priv, IPW_INTA_RW);
 
10625         inta_mask = ipw_read32(priv, IPW_INTA_MASK_R);
 
10627         if (inta == 0xFFFFFFFF) {
 
10628                 /* Hardware disappeared */
 
10629                 IPW_WARNING("IRQ INTA == 0xFFFFFFFF\n");
 
10633         if (!(inta & (IPW_INTA_MASK_ALL & inta_mask))) {
 
10634                 /* Shared interrupt */
 
10638         /* tell the device to stop sending interrupts */
 
10639         __ipw_disable_interrupts(priv);
 
10641         /* ack current interrupts */
 
10642         inta &= (IPW_INTA_MASK_ALL & inta_mask);
 
10643         ipw_write32(priv, IPW_INTA_RW, inta);
 
10645         /* Cache INTA value for our tasklet */
 
10646         priv->isr_inta = inta;
 
10648         tasklet_schedule(&priv->irq_tasklet);
 
10650         spin_unlock(&priv->irq_lock);
 
10652         return IRQ_HANDLED;
 
10654         spin_unlock(&priv->irq_lock);
 
10658 static void ipw_rf_kill(void *adapter)
 
10660         struct ipw_priv *priv = adapter;
 
10661         unsigned long flags;
 
10663         spin_lock_irqsave(&priv->lock, flags);
 
10665         if (rf_kill_active(priv)) {
 
10666                 IPW_DEBUG_RF_KILL("RF Kill active, rescheduling GPIO check\n");
 
10667                 if (priv->workqueue)
 
10668                         queue_delayed_work(priv->workqueue,
 
10669                                            &priv->rf_kill, 2 * HZ);
 
10673         /* RF Kill is now disabled, so bring the device back up */
 
10675         if (!(priv->status & STATUS_RF_KILL_MASK)) {
 
10676                 IPW_DEBUG_RF_KILL("HW RF Kill no longer active, restarting "
 
10679                 /* we can not do an adapter restart while inside an irq lock */
 
10680                 queue_work(priv->workqueue, &priv->adapter_restart);
 
10682                 IPW_DEBUG_RF_KILL("HW RF Kill deactivated.  SW RF Kill still "
 
10686         spin_unlock_irqrestore(&priv->lock, flags);
 
10689 static void ipw_bg_rf_kill(struct work_struct *work)
 
10691         struct ipw_priv *priv =
 
10692                 container_of(work, struct ipw_priv, rf_kill.work);
 
10693         mutex_lock(&priv->mutex);
 
10695         mutex_unlock(&priv->mutex);
 
10698 static void ipw_link_up(struct ipw_priv *priv)
 
10700         priv->last_seq_num = -1;
 
10701         priv->last_frag_num = -1;
 
10702         priv->last_packet_time = 0;
 
10704         netif_carrier_on(priv->net_dev);
 
10705         if (netif_queue_stopped(priv->net_dev)) {
 
10706                 IPW_DEBUG_NOTIF("waking queue\n");
 
10707                 netif_wake_queue(priv->net_dev);
 
10709                 IPW_DEBUG_NOTIF("starting queue\n");
 
10710                 netif_start_queue(priv->net_dev);
 
10713         cancel_delayed_work(&priv->request_scan);
 
10714         cancel_delayed_work(&priv->scan_event);
 
10715         ipw_reset_stats(priv);
 
10716         /* Ensure the rate is updated immediately */
 
10717         priv->last_rate = ipw_get_current_rate(priv);
 
10718         ipw_gather_stats(priv);
 
10719         ipw_led_link_up(priv);
 
10720         notify_wx_assoc_event(priv);
 
10722         if (priv->config & CFG_BACKGROUND_SCAN)
 
10723                 queue_delayed_work(priv->workqueue, &priv->request_scan, HZ);
 
10726 static void ipw_bg_link_up(struct work_struct *work)
 
10728         struct ipw_priv *priv =
 
10729                 container_of(work, struct ipw_priv, link_up);
 
10730         mutex_lock(&priv->mutex);
 
10732         mutex_unlock(&priv->mutex);
 
10735 static void ipw_link_down(struct ipw_priv *priv)
 
10737         ipw_led_link_down(priv);
 
10738         netif_carrier_off(priv->net_dev);
 
10739         netif_stop_queue(priv->net_dev);
 
10740         notify_wx_assoc_event(priv);
 
10742         /* Cancel any queued work ... */
 
10743         cancel_delayed_work(&priv->request_scan);
 
10744         cancel_delayed_work(&priv->adhoc_check);
 
10745         cancel_delayed_work(&priv->gather_stats);
 
10747         ipw_reset_stats(priv);
 
10749         if (!(priv->status & STATUS_EXIT_PENDING)) {
 
10750                 /* Queue up another scan... */
 
10751                 queue_delayed_work(priv->workqueue, &priv->request_scan, 0);
 
10753                 cancel_delayed_work(&priv->scan_event);
 
10756 static void ipw_bg_link_down(struct work_struct *work)
 
10758         struct ipw_priv *priv =
 
10759                 container_of(work, struct ipw_priv, link_down);
 
10760         mutex_lock(&priv->mutex);
 
10761         ipw_link_down(priv);
 
10762         mutex_unlock(&priv->mutex);
 
10765 static int __devinit ipw_setup_deferred_work(struct ipw_priv *priv)
 
10769         priv->workqueue = create_workqueue(DRV_NAME);
 
10770         init_waitqueue_head(&priv->wait_command_queue);
 
10771         init_waitqueue_head(&priv->wait_state);
 
10773         INIT_DELAYED_WORK(&priv->adhoc_check, ipw_bg_adhoc_check);
 
10774         INIT_WORK(&priv->associate, ipw_bg_associate);
 
10775         INIT_WORK(&priv->disassociate, ipw_bg_disassociate);
 
10776         INIT_WORK(&priv->system_config, ipw_system_config);
 
10777         INIT_WORK(&priv->rx_replenish, ipw_bg_rx_queue_replenish);
 
10778         INIT_WORK(&priv->adapter_restart, ipw_bg_adapter_restart);
 
10779         INIT_DELAYED_WORK(&priv->rf_kill, ipw_bg_rf_kill);
 
10780         INIT_WORK(&priv->up, ipw_bg_up);
 
10781         INIT_WORK(&priv->down, ipw_bg_down);
 
10782         INIT_DELAYED_WORK(&priv->request_scan, ipw_request_scan);
 
10783         INIT_DELAYED_WORK(&priv->scan_event, ipw_scan_event);
 
10784         INIT_WORK(&priv->request_passive_scan, ipw_request_passive_scan);
 
10785         INIT_DELAYED_WORK(&priv->gather_stats, ipw_bg_gather_stats);
 
10786         INIT_WORK(&priv->abort_scan, ipw_bg_abort_scan);
 
10787         INIT_WORK(&priv->roam, ipw_bg_roam);
 
10788         INIT_DELAYED_WORK(&priv->scan_check, ipw_bg_scan_check);
 
10789         INIT_WORK(&priv->link_up, ipw_bg_link_up);
 
10790         INIT_WORK(&priv->link_down, ipw_bg_link_down);
 
10791         INIT_DELAYED_WORK(&priv->led_link_on, ipw_bg_led_link_on);
 
10792         INIT_DELAYED_WORK(&priv->led_link_off, ipw_bg_led_link_off);
 
10793         INIT_DELAYED_WORK(&priv->led_act_off, ipw_bg_led_activity_off);
 
10794         INIT_WORK(&priv->merge_networks, ipw_merge_adhoc_network);
 
10796 #ifdef CONFIG_IPW2200_QOS
 
10797         INIT_WORK(&priv->qos_activate, ipw_bg_qos_activate);
 
10798 #endif                          /* CONFIG_IPW2200_QOS */
 
10800         tasklet_init(&priv->irq_tasklet, (void (*)(unsigned long))
 
10801                      ipw_irq_tasklet, (unsigned long)priv);
 
10806 static void shim__set_security(struct net_device *dev,
 
10807                                struct ieee80211_security *sec)
 
10809         struct ipw_priv *priv = ieee80211_priv(dev);
 
10811         for (i = 0; i < 4; i++) {
 
10812                 if (sec->flags & (1 << i)) {
 
10813                         priv->ieee->sec.encode_alg[i] = sec->encode_alg[i];
 
10814                         priv->ieee->sec.key_sizes[i] = sec->key_sizes[i];
 
10815                         if (sec->key_sizes[i] == 0)
 
10816                                 priv->ieee->sec.flags &= ~(1 << i);
 
10818                                 memcpy(priv->ieee->sec.keys[i], sec->keys[i],
 
10819                                        sec->key_sizes[i]);
 
10820                                 priv->ieee->sec.flags |= (1 << i);
 
10822                         priv->status |= STATUS_SECURITY_UPDATED;
 
10823                 } else if (sec->level != SEC_LEVEL_1)
 
10824                         priv->ieee->sec.flags &= ~(1 << i);
 
10827         if (sec->flags & SEC_ACTIVE_KEY) {
 
10828                 if (sec->active_key <= 3) {
 
10829                         priv->ieee->sec.active_key = sec->active_key;
 
10830                         priv->ieee->sec.flags |= SEC_ACTIVE_KEY;
 
10832                         priv->ieee->sec.flags &= ~SEC_ACTIVE_KEY;
 
10833                 priv->status |= STATUS_SECURITY_UPDATED;
 
10835                 priv->ieee->sec.flags &= ~SEC_ACTIVE_KEY;
 
10837         if ((sec->flags & SEC_AUTH_MODE) &&
 
10838             (priv->ieee->sec.auth_mode != sec->auth_mode)) {
 
10839                 priv->ieee->sec.auth_mode = sec->auth_mode;
 
10840                 priv->ieee->sec.flags |= SEC_AUTH_MODE;
 
10841                 if (sec->auth_mode == WLAN_AUTH_SHARED_KEY)
 
10842                         priv->capability |= CAP_SHARED_KEY;
 
10844                         priv->capability &= ~CAP_SHARED_KEY;
 
10845                 priv->status |= STATUS_SECURITY_UPDATED;
 
10848         if (sec->flags & SEC_ENABLED && priv->ieee->sec.enabled != sec->enabled) {
 
10849                 priv->ieee->sec.flags |= SEC_ENABLED;
 
10850                 priv->ieee->sec.enabled = sec->enabled;
 
10851                 priv->status |= STATUS_SECURITY_UPDATED;
 
10853                         priv->capability |= CAP_PRIVACY_ON;
 
10855                         priv->capability &= ~CAP_PRIVACY_ON;
 
10858         if (sec->flags & SEC_ENCRYPT)
 
10859                 priv->ieee->sec.encrypt = sec->encrypt;
 
10861         if (sec->flags & SEC_LEVEL && priv->ieee->sec.level != sec->level) {
 
10862                 priv->ieee->sec.level = sec->level;
 
10863                 priv->ieee->sec.flags |= SEC_LEVEL;
 
10864                 priv->status |= STATUS_SECURITY_UPDATED;
 
10867         if (!priv->ieee->host_encrypt && (sec->flags & SEC_ENCRYPT))
 
10868                 ipw_set_hwcrypto_keys(priv);
 
10870         /* To match current functionality of ipw2100 (which works well w/
 
10871          * various supplicants, we don't force a disassociate if the
 
10872          * privacy capability changes ... */
 
10874         if ((priv->status & (STATUS_ASSOCIATED | STATUS_ASSOCIATING)) &&
 
10875             (((priv->assoc_request.capability &
 
10876                WLAN_CAPABILITY_PRIVACY) && !sec->enabled) ||
 
10877              (!(priv->assoc_request.capability &
 
10878                 WLAN_CAPABILITY_PRIVACY) && sec->enabled))) {
 
10879                 IPW_DEBUG_ASSOC("Disassociating due to capability "
 
10881                 ipw_disassociate(priv);
 
10886 static int init_supported_rates(struct ipw_priv *priv,
 
10887                                 struct ipw_supported_rates *rates)
 
10889         /* TODO: Mask out rates based on priv->rates_mask */
 
10891         memset(rates, 0, sizeof(*rates));
 
10892         /* configure supported rates */
 
10893         switch (priv->ieee->freq_band) {
 
10894         case IEEE80211_52GHZ_BAND:
 
10895                 rates->ieee_mode = IPW_A_MODE;
 
10896                 rates->purpose = IPW_RATE_CAPABILITIES;
 
10897                 ipw_add_ofdm_scan_rates(rates, IEEE80211_CCK_MODULATION,
 
10898                                         IEEE80211_OFDM_DEFAULT_RATES_MASK);
 
10901         default:                /* Mixed or 2.4Ghz */
 
10902                 rates->ieee_mode = IPW_G_MODE;
 
10903                 rates->purpose = IPW_RATE_CAPABILITIES;
 
10904                 ipw_add_cck_scan_rates(rates, IEEE80211_CCK_MODULATION,
 
10905                                        IEEE80211_CCK_DEFAULT_RATES_MASK);
 
10906                 if (priv->ieee->modulation & IEEE80211_OFDM_MODULATION) {
 
10907                         ipw_add_ofdm_scan_rates(rates, IEEE80211_CCK_MODULATION,
 
10908                                                 IEEE80211_OFDM_DEFAULT_RATES_MASK);
 
10916 static int ipw_config(struct ipw_priv *priv)
 
10918         /* This is only called from ipw_up, which resets/reloads the firmware
 
10919            so, we don't need to first disable the card before we configure
 
10921         if (ipw_set_tx_power(priv))
 
10924         /* initialize adapter address */
 
10925         if (ipw_send_adapter_address(priv, priv->net_dev->dev_addr))
 
10928         /* set basic system config settings */
 
10929         init_sys_config(&priv->sys_config);
 
10931         /* Support Bluetooth if we have BT h/w on board, and user wants to.
 
10932          * Does not support BT priority yet (don't abort or defer our Tx) */
 
10934                 unsigned char bt_caps = priv->eeprom[EEPROM_SKU_CAPABILITY];
 
10936                 if (bt_caps & EEPROM_SKU_CAP_BT_CHANNEL_SIG)
 
10937                         priv->sys_config.bt_coexistence
 
10938                             |= CFG_BT_COEXISTENCE_SIGNAL_CHNL;
 
10939                 if (bt_caps & EEPROM_SKU_CAP_BT_OOB)
 
10940                         priv->sys_config.bt_coexistence
 
10941                             |= CFG_BT_COEXISTENCE_OOB;
 
10944 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
10945         if (priv->prom_net_dev && netif_running(priv->prom_net_dev)) {
 
10946                 priv->sys_config.accept_all_data_frames = 1;
 
10947                 priv->sys_config.accept_non_directed_frames = 1;
 
10948                 priv->sys_config.accept_all_mgmt_bcpr = 1;
 
10949                 priv->sys_config.accept_all_mgmt_frames = 1;
 
10953         if (priv->ieee->iw_mode == IW_MODE_ADHOC)
 
10954                 priv->sys_config.answer_broadcast_ssid_probe = 1;
 
10956                 priv->sys_config.answer_broadcast_ssid_probe = 0;
 
10958         if (ipw_send_system_config(priv))
 
10961         init_supported_rates(priv, &priv->rates);
 
10962         if (ipw_send_supported_rates(priv, &priv->rates))
 
10965         /* Set request-to-send threshold */
 
10966         if (priv->rts_threshold) {
 
10967                 if (ipw_send_rts_threshold(priv, priv->rts_threshold))
 
10970 #ifdef CONFIG_IPW2200_QOS
 
10971         IPW_DEBUG_QOS("QoS: call ipw_qos_activate\n");
 
10972         ipw_qos_activate(priv, NULL);
 
10973 #endif                          /* CONFIG_IPW2200_QOS */
 
10975         if (ipw_set_random_seed(priv))
 
10978         /* final state transition to the RUN state */
 
10979         if (ipw_send_host_complete(priv))
 
10982         priv->status |= STATUS_INIT;
 
10984         ipw_led_init(priv);
 
10985         ipw_led_radio_on(priv);
 
10986         priv->notif_missed_beacons = 0;
 
10988         /* Set hardware WEP key if it is configured. */
 
10989         if ((priv->capability & CAP_PRIVACY_ON) &&
 
10990             (priv->ieee->sec.level == SEC_LEVEL_1) &&
 
10991             !(priv->ieee->host_encrypt || priv->ieee->host_decrypt))
 
10992                 ipw_set_hwcrypto_keys(priv);
 
11003  * These tables have been tested in conjunction with the
 
11004  * Intel PRO/Wireless 2200BG and 2915ABG Network Connection Adapters.
 
11006  * Altering this values, using it on other hardware, or in geographies
 
11007  * not intended for resale of the above mentioned Intel adapters has
 
11010  * Remember to update the table in README.ipw2200 when changing this
 
11014 static const struct ieee80211_geo ipw_geos[] = {
 
11018          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11019                 {2427, 4}, {2432, 5}, {2437, 6},
 
11020                 {2442, 7}, {2447, 8}, {2452, 9},
 
11021                 {2457, 10}, {2462, 11}},
 
11024         {                       /* Custom US/Canada */
 
11027          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11028                 {2427, 4}, {2432, 5}, {2437, 6},
 
11029                 {2442, 7}, {2447, 8}, {2452, 9},
 
11030                 {2457, 10}, {2462, 11}},
 
11036                {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
 
11037                {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
 
11038                {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
 
11039                {5320, 64, IEEE80211_CH_PASSIVE_ONLY}},
 
11042         {                       /* Rest of World */
 
11045          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11046                 {2427, 4}, {2432, 5}, {2437, 6},
 
11047                 {2442, 7}, {2447, 8}, {2452, 9},
 
11048                 {2457, 10}, {2462, 11}, {2467, 12},
 
11052         {                       /* Custom USA & Europe & High */
 
11055          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11056                 {2427, 4}, {2432, 5}, {2437, 6},
 
11057                 {2442, 7}, {2447, 8}, {2452, 9},
 
11058                 {2457, 10}, {2462, 11}},
 
11064                {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
 
11065                {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
 
11066                {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
 
11067                {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
 
11075         {                       /* Custom NA & Europe */
 
11078          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11079                 {2427, 4}, {2432, 5}, {2437, 6},
 
11080                 {2442, 7}, {2447, 8}, {2452, 9},
 
11081                 {2457, 10}, {2462, 11}},
 
11087                {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
 
11088                {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
 
11089                {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
 
11090                {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
 
11091                {5745, 149, IEEE80211_CH_PASSIVE_ONLY},
 
11092                {5765, 153, IEEE80211_CH_PASSIVE_ONLY},
 
11093                {5785, 157, IEEE80211_CH_PASSIVE_ONLY},
 
11094                {5805, 161, IEEE80211_CH_PASSIVE_ONLY},
 
11095                {5825, 165, IEEE80211_CH_PASSIVE_ONLY}},
 
11098         {                       /* Custom Japan */
 
11101          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11102                 {2427, 4}, {2432, 5}, {2437, 6},
 
11103                 {2442, 7}, {2447, 8}, {2452, 9},
 
11104                 {2457, 10}, {2462, 11}},
 
11106          .a = {{5170, 34}, {5190, 38},
 
11107                {5210, 42}, {5230, 46}},
 
11113          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11114                 {2427, 4}, {2432, 5}, {2437, 6},
 
11115                 {2442, 7}, {2447, 8}, {2452, 9},
 
11116                 {2457, 10}, {2462, 11}},
 
11122          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11123                 {2427, 4}, {2432, 5}, {2437, 6},
 
11124                 {2442, 7}, {2447, 8}, {2452, 9},
 
11125                 {2457, 10}, {2462, 11}, {2467, 12},
 
11132                {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
 
11133                {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
 
11134                {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
 
11135                {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
 
11136                {5500, 100, IEEE80211_CH_PASSIVE_ONLY},
 
11137                {5520, 104, IEEE80211_CH_PASSIVE_ONLY},
 
11138                {5540, 108, IEEE80211_CH_PASSIVE_ONLY},
 
11139                {5560, 112, IEEE80211_CH_PASSIVE_ONLY},
 
11140                {5580, 116, IEEE80211_CH_PASSIVE_ONLY},
 
11141                {5600, 120, IEEE80211_CH_PASSIVE_ONLY},
 
11142                {5620, 124, IEEE80211_CH_PASSIVE_ONLY},
 
11143                {5640, 128, IEEE80211_CH_PASSIVE_ONLY},
 
11144                {5660, 132, IEEE80211_CH_PASSIVE_ONLY},
 
11145                {5680, 136, IEEE80211_CH_PASSIVE_ONLY},
 
11146                {5700, 140, IEEE80211_CH_PASSIVE_ONLY}},
 
11149         {                       /* Custom Japan */
 
11152          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11153                 {2427, 4}, {2432, 5}, {2437, 6},
 
11154                 {2442, 7}, {2447, 8}, {2452, 9},
 
11155                 {2457, 10}, {2462, 11}, {2467, 12},
 
11156                 {2472, 13}, {2484, 14, IEEE80211_CH_B_ONLY}},
 
11158          .a = {{5170, 34}, {5190, 38},
 
11159                {5210, 42}, {5230, 46}},
 
11162         {                       /* Rest of World */
 
11165          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11166                 {2427, 4}, {2432, 5}, {2437, 6},
 
11167                 {2442, 7}, {2447, 8}, {2452, 9},
 
11168                 {2457, 10}, {2462, 11}, {2467, 12},
 
11169                 {2472, 13}, {2484, 14, IEEE80211_CH_B_ONLY |
 
11170                              IEEE80211_CH_PASSIVE_ONLY}},
 
11176          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11177                 {2427, 4}, {2432, 5}, {2437, 6},
 
11178                 {2442, 7}, {2447, 8}, {2452, 9},
 
11179                 {2457, 10}, {2462, 11},
 
11180                 {2467, 12, IEEE80211_CH_PASSIVE_ONLY},
 
11181                 {2472, 13, IEEE80211_CH_PASSIVE_ONLY}},
 
11183          .a = {{5745, 149}, {5765, 153},
 
11184                {5785, 157}, {5805, 161}},
 
11187         {                       /* Custom Europe */
 
11190          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11191                 {2427, 4}, {2432, 5}, {2437, 6},
 
11192                 {2442, 7}, {2447, 8}, {2452, 9},
 
11193                 {2457, 10}, {2462, 11},
 
11194                 {2467, 12}, {2472, 13}},
 
11196          .a = {{5180, 36}, {5200, 40},
 
11197                {5220, 44}, {5240, 48}},
 
11203          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11204                 {2427, 4}, {2432, 5}, {2437, 6},
 
11205                 {2442, 7}, {2447, 8}, {2452, 9},
 
11206                 {2457, 10}, {2462, 11},
 
11207                 {2467, 12, IEEE80211_CH_PASSIVE_ONLY},
 
11208                 {2472, 13, IEEE80211_CH_PASSIVE_ONLY}},
 
11210          .a = {{5180, 36, IEEE80211_CH_PASSIVE_ONLY},
 
11211                {5200, 40, IEEE80211_CH_PASSIVE_ONLY},
 
11212                {5220, 44, IEEE80211_CH_PASSIVE_ONLY},
 
11213                {5240, 48, IEEE80211_CH_PASSIVE_ONLY},
 
11214                {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
 
11215                {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
 
11216                {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
 
11217                {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
 
11218                {5500, 100, IEEE80211_CH_PASSIVE_ONLY},
 
11219                {5520, 104, IEEE80211_CH_PASSIVE_ONLY},
 
11220                {5540, 108, IEEE80211_CH_PASSIVE_ONLY},
 
11221                {5560, 112, IEEE80211_CH_PASSIVE_ONLY},
 
11222                {5580, 116, IEEE80211_CH_PASSIVE_ONLY},
 
11223                {5600, 120, IEEE80211_CH_PASSIVE_ONLY},
 
11224                {5620, 124, IEEE80211_CH_PASSIVE_ONLY},
 
11225                {5640, 128, IEEE80211_CH_PASSIVE_ONLY},
 
11226                {5660, 132, IEEE80211_CH_PASSIVE_ONLY},
 
11227                {5680, 136, IEEE80211_CH_PASSIVE_ONLY},
 
11228                {5700, 140, IEEE80211_CH_PASSIVE_ONLY},
 
11229                {5745, 149, IEEE80211_CH_PASSIVE_ONLY},
 
11230                {5765, 153, IEEE80211_CH_PASSIVE_ONLY},
 
11231                {5785, 157, IEEE80211_CH_PASSIVE_ONLY},
 
11232                {5805, 161, IEEE80211_CH_PASSIVE_ONLY},
 
11233                {5825, 165, IEEE80211_CH_PASSIVE_ONLY}},
 
11239          .bg = {{2412, 1}, {2417, 2}, {2422, 3},
 
11240                 {2427, 4}, {2432, 5}, {2437, 6},
 
11241                 {2442, 7}, {2447, 8}, {2452, 9},
 
11242                 {2457, 10}, {2462, 11}},
 
11244          .a = {{5180, 36, IEEE80211_CH_PASSIVE_ONLY},
 
11245                {5200, 40, IEEE80211_CH_PASSIVE_ONLY},
 
11246                {5220, 44, IEEE80211_CH_PASSIVE_ONLY},
 
11247                {5240, 48, IEEE80211_CH_PASSIVE_ONLY},
 
11248                {5260, 52, IEEE80211_CH_PASSIVE_ONLY},
 
11249                {5280, 56, IEEE80211_CH_PASSIVE_ONLY},
 
11250                {5300, 60, IEEE80211_CH_PASSIVE_ONLY},
 
11251                {5320, 64, IEEE80211_CH_PASSIVE_ONLY},
 
11252                {5745, 149, IEEE80211_CH_PASSIVE_ONLY},
 
11253                {5765, 153, IEEE80211_CH_PASSIVE_ONLY},
 
11254                {5785, 157, IEEE80211_CH_PASSIVE_ONLY},
 
11255                {5805, 161, IEEE80211_CH_PASSIVE_ONLY},
 
11256                {5825, 165, IEEE80211_CH_PASSIVE_ONLY}},
 
11260 #define MAX_HW_RESTARTS 5
 
11261 static int ipw_up(struct ipw_priv *priv)
 
11265         if (priv->status & STATUS_EXIT_PENDING)
 
11268         if (cmdlog && !priv->cmdlog) {
 
11269                 priv->cmdlog = kcalloc(cmdlog, sizeof(*priv->cmdlog),
 
11271                 if (priv->cmdlog == NULL) {
 
11272                         IPW_ERROR("Error allocating %d command log entries.\n",
 
11276                         priv->cmdlog_len = cmdlog;
 
11280         for (i = 0; i < MAX_HW_RESTARTS; i++) {
 
11281                 /* Load the microcode, firmware, and eeprom.
 
11282                  * Also start the clocks. */
 
11283                 rc = ipw_load(priv);
 
11285                         IPW_ERROR("Unable to load firmware: %d\n", rc);
 
11289                 ipw_init_ordinals(priv);
 
11290                 if (!(priv->config & CFG_CUSTOM_MAC))
 
11291                         eeprom_parse_mac(priv, priv->mac_addr);
 
11292                 memcpy(priv->net_dev->dev_addr, priv->mac_addr, ETH_ALEN);
 
11294                 for (j = 0; j < ARRAY_SIZE(ipw_geos); j++) {
 
11295                         if (!memcmp(&priv->eeprom[EEPROM_COUNTRY_CODE],
 
11296                                     ipw_geos[j].name, 3))
 
11299                 if (j == ARRAY_SIZE(ipw_geos)) {
 
11300                         IPW_WARNING("SKU [%c%c%c] not recognized.\n",
 
11301                                     priv->eeprom[EEPROM_COUNTRY_CODE + 0],
 
11302                                     priv->eeprom[EEPROM_COUNTRY_CODE + 1],
 
11303                                     priv->eeprom[EEPROM_COUNTRY_CODE + 2]);
 
11306                 if (ieee80211_set_geo(priv->ieee, &ipw_geos[j])) {
 
11307                         IPW_WARNING("Could not set geography.");
 
11311                 if (priv->status & STATUS_RF_KILL_SW) {
 
11312                         IPW_WARNING("Radio disabled by module parameter.\n");
 
11314                 } else if (rf_kill_active(priv)) {
 
11315                         IPW_WARNING("Radio Frequency Kill Switch is On:\n"
 
11316                                     "Kill switch must be turned off for "
 
11317                                     "wireless networking to work.\n");
 
11318                         queue_delayed_work(priv->workqueue, &priv->rf_kill,
 
11323                 rc = ipw_config(priv);
 
11325                         IPW_DEBUG_INFO("Configured device on count %i\n", i);
 
11327                         /* If configure to try and auto-associate, kick
 
11329                         queue_delayed_work(priv->workqueue,
 
11330                                            &priv->request_scan, 0);
 
11335                 IPW_DEBUG_INFO("Device configuration failed: 0x%08X\n", rc);
 
11336                 IPW_DEBUG_INFO("Failed to config device on retry %d of %d\n",
 
11337                                i, MAX_HW_RESTARTS);
 
11339                 /* We had an error bringing up the hardware, so take it
 
11340                  * all the way back down so we can try again */
 
11344         /* tried to restart and config the device for as long as our
 
11345          * patience could withstand */
 
11346         IPW_ERROR("Unable to initialize device after %d attempts.\n", i);
 
11351 static void ipw_bg_up(struct work_struct *work)
 
11353         struct ipw_priv *priv =
 
11354                 container_of(work, struct ipw_priv, up);
 
11355         mutex_lock(&priv->mutex);
 
11357         mutex_unlock(&priv->mutex);
 
11360 static void ipw_deinit(struct ipw_priv *priv)
 
11364         if (priv->status & STATUS_SCANNING) {
 
11365                 IPW_DEBUG_INFO("Aborting scan during shutdown.\n");
 
11366                 ipw_abort_scan(priv);
 
11369         if (priv->status & STATUS_ASSOCIATED) {
 
11370                 IPW_DEBUG_INFO("Disassociating during shutdown.\n");
 
11371                 ipw_disassociate(priv);
 
11374         ipw_led_shutdown(priv);
 
11376         /* Wait up to 1s for status to change to not scanning and not
 
11377          * associated (disassociation can take a while for a ful 802.11
 
11379         for (i = 1000; i && (priv->status &
 
11380                              (STATUS_DISASSOCIATING |
 
11381                               STATUS_ASSOCIATED | STATUS_SCANNING)); i--)
 
11384         if (priv->status & (STATUS_DISASSOCIATING |
 
11385                             STATUS_ASSOCIATED | STATUS_SCANNING))
 
11386                 IPW_DEBUG_INFO("Still associated or scanning...\n");
 
11388                 IPW_DEBUG_INFO("Took %dms to de-init\n", 1000 - i);
 
11390         /* Attempt to disable the card */
 
11391         ipw_send_card_disable(priv, 0);
 
11393         priv->status &= ~STATUS_INIT;
 
11396 static void ipw_down(struct ipw_priv *priv)
 
11398         int exit_pending = priv->status & STATUS_EXIT_PENDING;
 
11400         priv->status |= STATUS_EXIT_PENDING;
 
11402         if (ipw_is_init(priv))
 
11405         /* Wipe out the EXIT_PENDING status bit if we are not actually
 
11406          * exiting the module */
 
11408                 priv->status &= ~STATUS_EXIT_PENDING;
 
11410         /* tell the device to stop sending interrupts */
 
11411         ipw_disable_interrupts(priv);
 
11413         /* Clear all bits but the RF Kill */
 
11414         priv->status &= STATUS_RF_KILL_MASK | STATUS_EXIT_PENDING;
 
11415         netif_carrier_off(priv->net_dev);
 
11416         netif_stop_queue(priv->net_dev);
 
11418         ipw_stop_nic(priv);
 
11420         ipw_led_radio_off(priv);
 
11423 static void ipw_bg_down(struct work_struct *work)
 
11425         struct ipw_priv *priv =
 
11426                 container_of(work, struct ipw_priv, down);
 
11427         mutex_lock(&priv->mutex);
 
11429         mutex_unlock(&priv->mutex);
 
11432 /* Called by register_netdev() */
 
11433 static int ipw_net_init(struct net_device *dev)
 
11435         struct ipw_priv *priv = ieee80211_priv(dev);
 
11436         mutex_lock(&priv->mutex);
 
11438         if (ipw_up(priv)) {
 
11439                 mutex_unlock(&priv->mutex);
 
11443         mutex_unlock(&priv->mutex);
 
11447 /* PCI driver stuff */
 
11448 static struct pci_device_id card_ids[] = {
 
11449         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2701, 0, 0, 0},
 
11450         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2702, 0, 0, 0},
 
11451         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2711, 0, 0, 0},
 
11452         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2712, 0, 0, 0},
 
11453         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2721, 0, 0, 0},
 
11454         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2722, 0, 0, 0},
 
11455         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2731, 0, 0, 0},
 
11456         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2732, 0, 0, 0},
 
11457         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2741, 0, 0, 0},
 
11458         {PCI_VENDOR_ID_INTEL, 0x1043, 0x103c, 0x2741, 0, 0, 0},
 
11459         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2742, 0, 0, 0},
 
11460         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2751, 0, 0, 0},
 
11461         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2752, 0, 0, 0},
 
11462         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2753, 0, 0, 0},
 
11463         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2754, 0, 0, 0},
 
11464         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2761, 0, 0, 0},
 
11465         {PCI_VENDOR_ID_INTEL, 0x1043, 0x8086, 0x2762, 0, 0, 0},
 
11466         {PCI_VENDOR_ID_INTEL, 0x104f, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0},
 
11467         {PCI_VENDOR_ID_INTEL, 0x4220, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0}, /* BG */
 
11468         {PCI_VENDOR_ID_INTEL, 0x4221, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0}, /* BG */
 
11469         {PCI_VENDOR_ID_INTEL, 0x4223, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0}, /* ABG */
 
11470         {PCI_VENDOR_ID_INTEL, 0x4224, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0}, /* ABG */
 
11472         /* required last entry */
 
11476 MODULE_DEVICE_TABLE(pci, card_ids);
 
11478 static struct attribute *ipw_sysfs_entries[] = {
 
11479         &dev_attr_rf_kill.attr,
 
11480         &dev_attr_direct_dword.attr,
 
11481         &dev_attr_indirect_byte.attr,
 
11482         &dev_attr_indirect_dword.attr,
 
11483         &dev_attr_mem_gpio_reg.attr,
 
11484         &dev_attr_command_event_reg.attr,
 
11485         &dev_attr_nic_type.attr,
 
11486         &dev_attr_status.attr,
 
11487         &dev_attr_cfg.attr,
 
11488         &dev_attr_error.attr,
 
11489         &dev_attr_event_log.attr,
 
11490         &dev_attr_cmd_log.attr,
 
11491         &dev_attr_eeprom_delay.attr,
 
11492         &dev_attr_ucode_version.attr,
 
11493         &dev_attr_rtc.attr,
 
11494         &dev_attr_scan_age.attr,
 
11495         &dev_attr_led.attr,
 
11496         &dev_attr_speed_scan.attr,
 
11497         &dev_attr_net_stats.attr,
 
11498         &dev_attr_channels.attr,
 
11499 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
11500         &dev_attr_rtap_iface.attr,
 
11501         &dev_attr_rtap_filter.attr,
 
11506 static struct attribute_group ipw_attribute_group = {
 
11507         .name = NULL,           /* put in device directory */
 
11508         .attrs = ipw_sysfs_entries,
 
11511 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
11512 static int ipw_prom_open(struct net_device *dev)
 
11514         struct ipw_prom_priv *prom_priv = ieee80211_priv(dev);
 
11515         struct ipw_priv *priv = prom_priv->priv;
 
11517         IPW_DEBUG_INFO("prom dev->open\n");
 
11518         netif_carrier_off(dev);
 
11519         netif_stop_queue(dev);
 
11521         if (priv->ieee->iw_mode != IW_MODE_MONITOR) {
 
11522                 priv->sys_config.accept_all_data_frames = 1;
 
11523                 priv->sys_config.accept_non_directed_frames = 1;
 
11524                 priv->sys_config.accept_all_mgmt_bcpr = 1;
 
11525                 priv->sys_config.accept_all_mgmt_frames = 1;
 
11527                 ipw_send_system_config(priv);
 
11533 static int ipw_prom_stop(struct net_device *dev)
 
11535         struct ipw_prom_priv *prom_priv = ieee80211_priv(dev);
 
11536         struct ipw_priv *priv = prom_priv->priv;
 
11538         IPW_DEBUG_INFO("prom dev->stop\n");
 
11540         if (priv->ieee->iw_mode != IW_MODE_MONITOR) {
 
11541                 priv->sys_config.accept_all_data_frames = 0;
 
11542                 priv->sys_config.accept_non_directed_frames = 0;
 
11543                 priv->sys_config.accept_all_mgmt_bcpr = 0;
 
11544                 priv->sys_config.accept_all_mgmt_frames = 0;
 
11546                 ipw_send_system_config(priv);
 
11552 static int ipw_prom_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
 
11554         IPW_DEBUG_INFO("prom dev->xmit\n");
 
11555         netif_stop_queue(dev);
 
11556         return -EOPNOTSUPP;
 
11559 static struct net_device_stats *ipw_prom_get_stats(struct net_device *dev)
 
11561         struct ipw_prom_priv *prom_priv = ieee80211_priv(dev);
 
11562         return &prom_priv->ieee->stats;
 
11565 static int ipw_prom_alloc(struct ipw_priv *priv)
 
11569         if (priv->prom_net_dev)
 
11572         priv->prom_net_dev = alloc_ieee80211(sizeof(struct ipw_prom_priv));
 
11573         if (priv->prom_net_dev == NULL)
 
11576         priv->prom_priv = ieee80211_priv(priv->prom_net_dev);
 
11577         priv->prom_priv->ieee = netdev_priv(priv->prom_net_dev);
 
11578         priv->prom_priv->priv = priv;
 
11580         strcpy(priv->prom_net_dev->name, "rtap%d");
 
11582         priv->prom_net_dev->type = ARPHRD_IEEE80211_RADIOTAP;
 
11583         priv->prom_net_dev->open = ipw_prom_open;
 
11584         priv->prom_net_dev->stop = ipw_prom_stop;
 
11585         priv->prom_net_dev->get_stats = ipw_prom_get_stats;
 
11586         priv->prom_net_dev->hard_start_xmit = ipw_prom_hard_start_xmit;
 
11588         priv->prom_priv->ieee->iw_mode = IW_MODE_MONITOR;
 
11590         rc = register_netdev(priv->prom_net_dev);
 
11592                 free_ieee80211(priv->prom_net_dev);
 
11593                 priv->prom_net_dev = NULL;
 
11600 static void ipw_prom_free(struct ipw_priv *priv)
 
11602         if (!priv->prom_net_dev)
 
11605         unregister_netdev(priv->prom_net_dev);
 
11606         free_ieee80211(priv->prom_net_dev);
 
11608         priv->prom_net_dev = NULL;
 
11614 static int __devinit ipw_pci_probe(struct pci_dev *pdev,
 
11615                                    const struct pci_device_id *ent)
 
11618         struct net_device *net_dev;
 
11619         void __iomem *base;
 
11621         struct ipw_priv *priv;
 
11624         net_dev = alloc_ieee80211(sizeof(struct ipw_priv));
 
11625         if (net_dev == NULL) {
 
11630         priv = ieee80211_priv(net_dev);
 
11631         priv->ieee = netdev_priv(net_dev);
 
11633         priv->net_dev = net_dev;
 
11634         priv->pci_dev = pdev;
 
11635         ipw_debug_level = debug;
 
11636         spin_lock_init(&priv->irq_lock);
 
11637         spin_lock_init(&priv->lock);
 
11638         for (i = 0; i < IPW_IBSS_MAC_HASH_SIZE; i++)
 
11639                 INIT_LIST_HEAD(&priv->ibss_mac_hash[i]);
 
11641         mutex_init(&priv->mutex);
 
11642         if (pci_enable_device(pdev)) {
 
11644                 goto out_free_ieee80211;
 
11647         pci_set_master(pdev);
 
11649         err = pci_set_dma_mask(pdev, DMA_32BIT_MASK);
 
11651                 err = pci_set_consistent_dma_mask(pdev, DMA_32BIT_MASK);
 
11653                 printk(KERN_WARNING DRV_NAME ": No suitable DMA available.\n");
 
11654                 goto out_pci_disable_device;
 
11657         pci_set_drvdata(pdev, priv);
 
11659         err = pci_request_regions(pdev, DRV_NAME);
 
11661                 goto out_pci_disable_device;
 
11663         /* We disable the RETRY_TIMEOUT register (0x41) to keep
 
11664          * PCI Tx retries from interfering with C3 CPU state */
 
11665         pci_read_config_dword(pdev, 0x40, &val);
 
11666         if ((val & 0x0000ff00) != 0)
 
11667                 pci_write_config_dword(pdev, 0x40, val & 0xffff00ff);
 
11669         length = pci_resource_len(pdev, 0);
 
11670         priv->hw_len = length;
 
11672         base = ioremap_nocache(pci_resource_start(pdev, 0), length);
 
11675                 goto out_pci_release_regions;
 
11678         priv->hw_base = base;
 
11679         IPW_DEBUG_INFO("pci_resource_len = 0x%08x\n", length);
 
11680         IPW_DEBUG_INFO("pci_resource_base = %p\n", base);
 
11682         err = ipw_setup_deferred_work(priv);
 
11684                 IPW_ERROR("Unable to setup deferred work\n");
 
11688         ipw_sw_reset(priv, 1);
 
11690         err = request_irq(pdev->irq, ipw_isr, IRQF_SHARED, DRV_NAME, priv);
 
11692                 IPW_ERROR("Error allocating IRQ %d\n", pdev->irq);
 
11693                 goto out_destroy_workqueue;
 
11696         SET_NETDEV_DEV(net_dev, &pdev->dev);
 
11698         mutex_lock(&priv->mutex);
 
11700         priv->ieee->hard_start_xmit = ipw_net_hard_start_xmit;
 
11701         priv->ieee->set_security = shim__set_security;
 
11702         priv->ieee->is_queue_full = ipw_net_is_queue_full;
 
11704 #ifdef CONFIG_IPW2200_QOS
 
11705         priv->ieee->is_qos_active = ipw_is_qos_active;
 
11706         priv->ieee->handle_probe_response = ipw_handle_beacon;
 
11707         priv->ieee->handle_beacon = ipw_handle_probe_response;
 
11708         priv->ieee->handle_assoc_response = ipw_handle_assoc_response;
 
11709 #endif                          /* CONFIG_IPW2200_QOS */
 
11711         priv->ieee->perfect_rssi = -20;
 
11712         priv->ieee->worst_rssi = -85;
 
11714         net_dev->open = ipw_net_open;
 
11715         net_dev->stop = ipw_net_stop;
 
11716         net_dev->init = ipw_net_init;
 
11717         net_dev->get_stats = ipw_net_get_stats;
 
11718         net_dev->set_multicast_list = ipw_net_set_multicast_list;
 
11719         net_dev->set_mac_address = ipw_net_set_mac_address;
 
11720         priv->wireless_data.spy_data = &priv->ieee->spy_data;
 
11721         net_dev->wireless_data = &priv->wireless_data;
 
11722         net_dev->wireless_handlers = &ipw_wx_handler_def;
 
11723         net_dev->ethtool_ops = &ipw_ethtool_ops;
 
11724         net_dev->irq = pdev->irq;
 
11725         net_dev->base_addr = (unsigned long)priv->hw_base;
 
11726         net_dev->mem_start = pci_resource_start(pdev, 0);
 
11727         net_dev->mem_end = net_dev->mem_start + pci_resource_len(pdev, 0) - 1;
 
11729         err = sysfs_create_group(&pdev->dev.kobj, &ipw_attribute_group);
 
11731                 IPW_ERROR("failed to create sysfs device attributes\n");
 
11732                 mutex_unlock(&priv->mutex);
 
11733                 goto out_release_irq;
 
11736         mutex_unlock(&priv->mutex);
 
11737         err = register_netdev(net_dev);
 
11739                 IPW_ERROR("failed to register network device\n");
 
11740                 goto out_remove_sysfs;
 
11743 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
11745                 err = ipw_prom_alloc(priv);
 
11747                         IPW_ERROR("Failed to register promiscuous network "
 
11748                                   "device (error %d).\n", err);
 
11749                         unregister_netdev(priv->net_dev);
 
11750                         goto out_remove_sysfs;
 
11755         printk(KERN_INFO DRV_NAME ": Detected geography %s (%d 802.11bg "
 
11756                "channels, %d 802.11a channels)\n",
 
11757                priv->ieee->geo.name, priv->ieee->geo.bg_channels,
 
11758                priv->ieee->geo.a_channels);
 
11763         sysfs_remove_group(&pdev->dev.kobj, &ipw_attribute_group);
 
11765         free_irq(pdev->irq, priv);
 
11766       out_destroy_workqueue:
 
11767         destroy_workqueue(priv->workqueue);
 
11768         priv->workqueue = NULL;
 
11770         iounmap(priv->hw_base);
 
11771       out_pci_release_regions:
 
11772         pci_release_regions(pdev);
 
11773       out_pci_disable_device:
 
11774         pci_disable_device(pdev);
 
11775         pci_set_drvdata(pdev, NULL);
 
11776       out_free_ieee80211:
 
11777         free_ieee80211(priv->net_dev);
 
11782 static void __devexit ipw_pci_remove(struct pci_dev *pdev)
 
11784         struct ipw_priv *priv = pci_get_drvdata(pdev);
 
11785         struct list_head *p, *q;
 
11791         mutex_lock(&priv->mutex);
 
11793         priv->status |= STATUS_EXIT_PENDING;
 
11795         sysfs_remove_group(&pdev->dev.kobj, &ipw_attribute_group);
 
11797         mutex_unlock(&priv->mutex);
 
11799         unregister_netdev(priv->net_dev);
 
11802                 ipw_rx_queue_free(priv, priv->rxq);
 
11805         ipw_tx_queue_free(priv);
 
11807         if (priv->cmdlog) {
 
11808                 kfree(priv->cmdlog);
 
11809                 priv->cmdlog = NULL;
 
11811         /* ipw_down will ensure that there is no more pending work
 
11812          * in the workqueue's, so we can safely remove them now. */
 
11813         cancel_delayed_work(&priv->adhoc_check);
 
11814         cancel_delayed_work(&priv->gather_stats);
 
11815         cancel_delayed_work(&priv->request_scan);
 
11816         cancel_delayed_work(&priv->scan_event);
 
11817         cancel_delayed_work(&priv->rf_kill);
 
11818         cancel_delayed_work(&priv->scan_check);
 
11819         destroy_workqueue(priv->workqueue);
 
11820         priv->workqueue = NULL;
 
11822         /* Free MAC hash list for ADHOC */
 
11823         for (i = 0; i < IPW_IBSS_MAC_HASH_SIZE; i++) {
 
11824                 list_for_each_safe(p, q, &priv->ibss_mac_hash[i]) {
 
11826                         kfree(list_entry(p, struct ipw_ibss_seq, list));
 
11830         kfree(priv->error);
 
11831         priv->error = NULL;
 
11833 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
11834         ipw_prom_free(priv);
 
11837         free_irq(pdev->irq, priv);
 
11838         iounmap(priv->hw_base);
 
11839         pci_release_regions(pdev);
 
11840         pci_disable_device(pdev);
 
11841         pci_set_drvdata(pdev, NULL);
 
11842         free_ieee80211(priv->net_dev);
 
11847 static int ipw_pci_suspend(struct pci_dev *pdev, pm_message_t state)
 
11849         struct ipw_priv *priv = pci_get_drvdata(pdev);
 
11850         struct net_device *dev = priv->net_dev;
 
11852         printk(KERN_INFO "%s: Going into suspend...\n", dev->name);
 
11854         /* Take down the device; powers it off, etc. */
 
11857         /* Remove the PRESENT state of the device */
 
11858         netif_device_detach(dev);
 
11860         pci_save_state(pdev);
 
11861         pci_disable_device(pdev);
 
11862         pci_set_power_state(pdev, pci_choose_state(pdev, state));
 
11867 static int ipw_pci_resume(struct pci_dev *pdev)
 
11869         struct ipw_priv *priv = pci_get_drvdata(pdev);
 
11870         struct net_device *dev = priv->net_dev;
 
11874         printk(KERN_INFO "%s: Coming out of suspend...\n", dev->name);
 
11876         pci_set_power_state(pdev, PCI_D0);
 
11877         err = pci_enable_device(pdev);
 
11879                 printk(KERN_ERR "%s: pci_enable_device failed on resume\n",
 
11883         pci_restore_state(pdev);
 
11886          * Suspend/Resume resets the PCI configuration space, so we have to
 
11887          * re-disable the RETRY_TIMEOUT register (0x41) to keep PCI Tx retries
 
11888          * from interfering with C3 CPU state. pci_restore_state won't help
 
11889          * here since it only restores the first 64 bytes pci config header.
 
11891         pci_read_config_dword(pdev, 0x40, &val);
 
11892         if ((val & 0x0000ff00) != 0)
 
11893                 pci_write_config_dword(pdev, 0x40, val & 0xffff00ff);
 
11895         /* Set the device back into the PRESENT state; this will also wake
 
11896          * the queue of needed */
 
11897         netif_device_attach(dev);
 
11899         /* Bring the device back up */
 
11900         queue_work(priv->workqueue, &priv->up);
 
11906 static void ipw_pci_shutdown(struct pci_dev *pdev)
 
11908         struct ipw_priv *priv = pci_get_drvdata(pdev);
 
11910         /* Take down the device; powers it off, etc. */
 
11913         pci_disable_device(pdev);
 
11916 /* driver initialization stuff */
 
11917 static struct pci_driver ipw_driver = {
 
11919         .id_table = card_ids,
 
11920         .probe = ipw_pci_probe,
 
11921         .remove = __devexit_p(ipw_pci_remove),
 
11923         .suspend = ipw_pci_suspend,
 
11924         .resume = ipw_pci_resume,
 
11926         .shutdown = ipw_pci_shutdown,
 
11929 static int __init ipw_init(void)
 
11933         printk(KERN_INFO DRV_NAME ": " DRV_DESCRIPTION ", " DRV_VERSION "\n");
 
11934         printk(KERN_INFO DRV_NAME ": " DRV_COPYRIGHT "\n");
 
11936         ret = pci_register_driver(&ipw_driver);
 
11938                 IPW_ERROR("Unable to initialize PCI module\n");
 
11942         ret = driver_create_file(&ipw_driver.driver, &driver_attr_debug_level);
 
11944                 IPW_ERROR("Unable to create driver sysfs file\n");
 
11945                 pci_unregister_driver(&ipw_driver);
 
11952 static void __exit ipw_exit(void)
 
11954         driver_remove_file(&ipw_driver.driver, &driver_attr_debug_level);
 
11955         pci_unregister_driver(&ipw_driver);
 
11958 module_param(disable, int, 0444);
 
11959 MODULE_PARM_DESC(disable, "manually disable the radio (default 0 [radio on])");
 
11961 module_param(associate, int, 0444);
 
11962 MODULE_PARM_DESC(associate, "auto associate when scanning (default on)");
 
11964 module_param(auto_create, int, 0444);
 
11965 MODULE_PARM_DESC(auto_create, "auto create adhoc network (default on)");
 
11967 module_param(led, int, 0444);
 
11968 MODULE_PARM_DESC(led, "enable led control on some systems (default 0 off)\n");
 
11970 module_param(debug, int, 0444);
 
11971 MODULE_PARM_DESC(debug, "debug output mask");
 
11973 module_param(channel, int, 0444);
 
11974 MODULE_PARM_DESC(channel, "channel to limit associate to (default 0 [ANY])");
 
11976 #ifdef CONFIG_IPW2200_PROMISCUOUS
 
11977 module_param(rtap_iface, int, 0444);
 
11978 MODULE_PARM_DESC(rtap_iface, "create the rtap interface (1 - create, default 0)");
 
11981 #ifdef CONFIG_IPW2200_QOS
 
11982 module_param(qos_enable, int, 0444);
 
11983 MODULE_PARM_DESC(qos_enable, "enable all QoS functionalitis");
 
11985 module_param(qos_burst_enable, int, 0444);
 
11986 MODULE_PARM_DESC(qos_burst_enable, "enable QoS burst mode");
 
11988 module_param(qos_no_ack_mask, int, 0444);
 
11989 MODULE_PARM_DESC(qos_no_ack_mask, "mask Tx_Queue to no ack");
 
11991 module_param(burst_duration_CCK, int, 0444);
 
11992 MODULE_PARM_DESC(burst_duration_CCK, "set CCK burst value");
 
11994 module_param(burst_duration_OFDM, int, 0444);
 
11995 MODULE_PARM_DESC(burst_duration_OFDM, "set OFDM burst value");
 
11996 #endif                          /* CONFIG_IPW2200_QOS */
 
11998 #ifdef CONFIG_IPW2200_MONITOR
 
11999 module_param(mode, int, 0444);
 
12000 MODULE_PARM_DESC(mode, "network mode (0=BSS,1=IBSS,2=Monitor)");
 
12002 module_param(mode, int, 0444);
 
12003 MODULE_PARM_DESC(mode, "network mode (0=BSS,1=IBSS)");
 
12006 module_param(bt_coexist, int, 0444);
 
12007 MODULE_PARM_DESC(bt_coexist, "enable bluetooth coexistence (default off)");
 
12009 module_param(hwcrypto, int, 0444);
 
12010 MODULE_PARM_DESC(hwcrypto, "enable hardware crypto (default off)");
 
12012 module_param(cmdlog, int, 0444);
 
12013 MODULE_PARM_DESC(cmdlog,
 
12014                  "allocate a ring buffer for logging firmware commands");
 
12016 module_param(roaming, int, 0444);
 
12017 MODULE_PARM_DESC(roaming, "enable roaming support (default on)");
 
12019 module_param(antenna, int, 0444);
 
12020 MODULE_PARM_DESC(antenna, "select antenna 1=Main, 3=Aux, default 0 [both], 2=slow_diversity (choose the one with lower background noise)");
 
12022 module_exit(ipw_exit);
 
12023 module_init(ipw_init);