Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
airo.c
Go to the documentation of this file.
1 /*======================================================================
2 
3  Aironet driver for 4500 and 4800 series cards
4 
5  This code is released under both the GPL version 2 and BSD licenses.
6  Either license may be used. The respective licenses are found at
7  the end of this file.
8 
9  This code was developed by Benjamin Reed <[email protected]>
10  including portions of which come from the Aironet PC4500
11  Developer's Reference Manual and used with permission. Copyright
12  (C) 1999 Benjamin Reed. All Rights Reserved. Permission to use
13  code in the Developer's manual was granted for this driver by
14  Aironet. Major code contributions were received from Javier Achirica
15  <[email protected]> and Jean Tourrilhes <[email protected]>.
16  Code was also integrated from the Cisco Aironet driver for Linux.
17  Support for MPI350 cards was added by Fabrice Bellet
19 
20 ======================================================================*/
21 
22 #include <linux/err.h>
23 #include <linux/init.h>
24 
25 #include <linux/kernel.h>
26 #include <linux/module.h>
27 #include <linux/proc_fs.h>
28 
29 #include <linux/sched.h>
30 #include <linux/ptrace.h>
31 #include <linux/slab.h>
32 #include <linux/string.h>
33 #include <linux/timer.h>
34 #include <linux/interrupt.h>
35 #include <linux/in.h>
36 #include <linux/bitops.h>
37 #include <linux/scatterlist.h>
38 #include <linux/crypto.h>
39 #include <asm/io.h>
40 #include <asm/unaligned.h>
41 
42 #include <linux/netdevice.h>
43 #include <linux/etherdevice.h>
44 #include <linux/skbuff.h>
45 #include <linux/if_arp.h>
46 #include <linux/ioport.h>
47 #include <linux/pci.h>
48 #include <asm/uaccess.h>
49 #include <linux/kthread.h>
50 #include <linux/freezer.h>
51 
52 #include <linux/ieee80211.h>
53 #include <net/iw_handler.h>
54 
55 #include "airo.h"
56 
57 #define DRV_NAME "airo"
58 
59 #ifdef CONFIG_PCI
60 static DEFINE_PCI_DEVICE_TABLE(card_ids) = {
61  { 0x14b9, 1, PCI_ANY_ID, PCI_ANY_ID, },
62  { 0x14b9, 0x4500, PCI_ANY_ID, PCI_ANY_ID },
63  { 0x14b9, 0x4800, PCI_ANY_ID, PCI_ANY_ID, },
64  { 0x14b9, 0x0340, PCI_ANY_ID, PCI_ANY_ID, },
65  { 0x14b9, 0x0350, PCI_ANY_ID, PCI_ANY_ID, },
66  { 0x14b9, 0x5000, PCI_ANY_ID, PCI_ANY_ID, },
67  { 0x14b9, 0xa504, PCI_ANY_ID, PCI_ANY_ID, },
68  { 0, }
69 };
70 MODULE_DEVICE_TABLE(pci, card_ids);
71 
72 static int airo_pci_probe(struct pci_dev *, const struct pci_device_id *);
73 static void airo_pci_remove(struct pci_dev *);
74 static int airo_pci_suspend(struct pci_dev *pdev, pm_message_t state);
75 static int airo_pci_resume(struct pci_dev *pdev);
76 
77 static struct pci_driver airo_driver = {
78  .name = DRV_NAME,
79  .id_table = card_ids,
80  .probe = airo_pci_probe,
81  .remove = __devexit_p(airo_pci_remove),
82  .suspend = airo_pci_suspend,
83  .resume = airo_pci_resume,
84 };
85 #endif /* CONFIG_PCI */
86 
87 /* Include Wireless Extension definition and check version - Jean II */
88 #include <linux/wireless.h>
89 #define WIRELESS_SPY /* enable iwspy support */
90 
91 #define CISCO_EXT /* enable Cisco extensions */
92 #ifdef CISCO_EXT
93 #include <linux/delay.h>
94 #endif
95 
96 /* Hack to do some power saving */
97 #define POWER_ON_DOWN
98 
99 /* As you can see this list is HUGH!
100  I really don't know what a lot of these counts are about, but they
101  are all here for completeness. If the IGNLABEL macro is put in
102  infront of the label, that statistic will not be included in the list
103  of statistics in the /proc filesystem */
104 
105 #define IGNLABEL(comment) NULL
106 static const char *statsLabels[] = {
107  "RxOverrun",
108  IGNLABEL("RxPlcpCrcErr"),
109  IGNLABEL("RxPlcpFormatErr"),
110  IGNLABEL("RxPlcpLengthErr"),
111  "RxMacCrcErr",
112  "RxMacCrcOk",
113  "RxWepErr",
114  "RxWepOk",
115  "RetryLong",
116  "RetryShort",
117  "MaxRetries",
118  "NoAck",
119  "NoCts",
120  "RxAck",
121  "RxCts",
122  "TxAck",
123  "TxRts",
124  "TxCts",
125  "TxMc",
126  "TxBc",
127  "TxUcFrags",
128  "TxUcPackets",
129  "TxBeacon",
130  "RxBeacon",
131  "TxSinColl",
132  "TxMulColl",
133  "DefersNo",
134  "DefersProt",
135  "DefersEngy",
136  "DupFram",
137  "RxFragDisc",
138  "TxAged",
139  "RxAged",
140  "LostSync-MaxRetry",
141  "LostSync-MissedBeacons",
142  "LostSync-ArlExceeded",
143  "LostSync-Deauth",
144  "LostSync-Disassoced",
145  "LostSync-TsfTiming",
146  "HostTxMc",
147  "HostTxBc",
148  "HostTxUc",
149  "HostTxFail",
150  "HostRxMc",
151  "HostRxBc",
152  "HostRxUc",
153  "HostRxDiscard",
154  IGNLABEL("HmacTxMc"),
155  IGNLABEL("HmacTxBc"),
156  IGNLABEL("HmacTxUc"),
157  IGNLABEL("HmacTxFail"),
158  IGNLABEL("HmacRxMc"),
159  IGNLABEL("HmacRxBc"),
160  IGNLABEL("HmacRxUc"),
161  IGNLABEL("HmacRxDiscard"),
162  IGNLABEL("HmacRxAccepted"),
163  "SsidMismatch",
164  "ApMismatch",
165  "RatesMismatch",
166  "AuthReject",
167  "AuthTimeout",
168  "AssocReject",
169  "AssocTimeout",
170  IGNLABEL("ReasonOutsideTable"),
171  IGNLABEL("ReasonStatus1"),
172  IGNLABEL("ReasonStatus2"),
173  IGNLABEL("ReasonStatus3"),
174  IGNLABEL("ReasonStatus4"),
175  IGNLABEL("ReasonStatus5"),
176  IGNLABEL("ReasonStatus6"),
177  IGNLABEL("ReasonStatus7"),
178  IGNLABEL("ReasonStatus8"),
179  IGNLABEL("ReasonStatus9"),
180  IGNLABEL("ReasonStatus10"),
181  IGNLABEL("ReasonStatus11"),
182  IGNLABEL("ReasonStatus12"),
183  IGNLABEL("ReasonStatus13"),
184  IGNLABEL("ReasonStatus14"),
185  IGNLABEL("ReasonStatus15"),
186  IGNLABEL("ReasonStatus16"),
187  IGNLABEL("ReasonStatus17"),
188  IGNLABEL("ReasonStatus18"),
189  IGNLABEL("ReasonStatus19"),
190  "RxMan",
191  "TxMan",
192  "RxRefresh",
193  "TxRefresh",
194  "RxPoll",
195  "TxPoll",
196  "HostRetries",
197  "LostSync-HostReq",
198  "HostTxBytes",
199  "HostRxBytes",
200  "ElapsedUsec",
201  "ElapsedSec",
202  "LostSyncBetterAP",
203  "PrivacyMismatch",
204  "Jammed",
205  "DiscRxNotWepped",
206  "PhyEleMismatch",
207  (char*)-1 };
208 #ifndef RUN_AT
209 #define RUN_AT(x) (jiffies+(x))
210 #endif
211 
212 
213 /* These variables are for insmod, since it seems that the rates
214  can only be set in setup_card. Rates should be a comma separated
215  (no spaces) list of rates (up to 8). */
216 
217 static int rates[8];
218 static char *ssids[3];
219 
220 static int io[4];
221 static int irq[4];
222 
223 static
224 int maxencrypt /* = 0 */; /* The highest rate that the card can encrypt at.
225  0 means no limit. For old cards this was 4 */
226 
227 static int auto_wep /* = 0 */; /* If set, it tries to figure out the wep mode */
228 static int aux_bap /* = 0 */; /* Checks to see if the aux ports are needed to read
229  the bap, needed on some older cards and buses. */
230 static int adhoc;
231 
232 static int probe = 1;
233 
234 static kuid_t proc_kuid;
235 static int proc_uid /* = 0 */;
236 
237 static kgid_t proc_kgid;
238 static int proc_gid /* = 0 */;
239 
240 static int airo_perm = 0555;
241 
242 static int proc_perm = 0644;
243 
244 MODULE_AUTHOR("Benjamin Reed");
245 MODULE_DESCRIPTION("Support for Cisco/Aironet 802.11 wireless ethernet cards. "
246  "Direct support for ISA/PCI/MPI cards and support for PCMCIA when used with airo_cs.");
247 MODULE_LICENSE("Dual BSD/GPL");
248 MODULE_SUPPORTED_DEVICE("Aironet 4500, 4800 and Cisco 340/350");
249 module_param_array(io, int, NULL, 0);
250 module_param_array(irq, int, NULL, 0);
251 module_param_array(rates, int, NULL, 0);
252 module_param_array(ssids, charp, NULL, 0);
253 module_param(auto_wep, int, 0);
254 MODULE_PARM_DESC(auto_wep,
255  "If non-zero, the driver will keep looping through the authentication options until an association is made. "
256  "The value of auto_wep is number of the wep keys to check. "
257  "A value of 2 will try using the key at index 0 and index 1.");
258 module_param(aux_bap, int, 0);
259 MODULE_PARM_DESC(aux_bap,
260  "If non-zero, the driver will switch into a mode that seems to work better for older cards with some older buses. "
261  "Before switching it checks that the switch is needed.");
262 module_param(maxencrypt, int, 0);
263 MODULE_PARM_DESC(maxencrypt,
264  "The maximum speed that the card can do encryption. "
265  "Units are in 512kbs. "
266  "Zero (default) means there is no limit. "
267  "Older cards used to be limited to 2mbs (4).");
268 module_param(adhoc, int, 0);
269 MODULE_PARM_DESC(adhoc, "If non-zero, the card will start in adhoc mode.");
270 module_param(probe, int, 0);
271 MODULE_PARM_DESC(probe, "If zero, the driver won't start the card.");
272 
273 module_param(proc_uid, int, 0);
274 MODULE_PARM_DESC(proc_uid, "The uid that the /proc files will belong to.");
275 module_param(proc_gid, int, 0);
276 MODULE_PARM_DESC(proc_gid, "The gid that the /proc files will belong to.");
277 module_param(airo_perm, int, 0);
278 MODULE_PARM_DESC(airo_perm, "The permission bits of /proc/[driver/]aironet.");
279 module_param(proc_perm, int, 0);
280 MODULE_PARM_DESC(proc_perm, "The permission bits of the files in /proc");
281 
282 /* This is a kind of sloppy hack to get this information to OUT4500 and
283  IN4500. I would be extremely interested in the situation where this
284  doesn't work though!!! */
285 static int do8bitIO /* = 0 */;
286 
287 /* Return codes */
288 #define SUCCESS 0
289 #define ERROR -1
290 #define NO_PACKET -2
291 
292 /* Commands */
293 #define NOP2 0x0000
294 #define MAC_ENABLE 0x0001
295 #define MAC_DISABLE 0x0002
296 #define CMD_LOSE_SYNC 0x0003 /* Not sure what this does... */
297 #define CMD_SOFTRESET 0x0004
298 #define HOSTSLEEP 0x0005
299 #define CMD_MAGIC_PKT 0x0006
300 #define CMD_SETWAKEMASK 0x0007
301 #define CMD_READCFG 0x0008
302 #define CMD_SETMODE 0x0009
303 #define CMD_ALLOCATETX 0x000a
304 #define CMD_TRANSMIT 0x000b
305 #define CMD_DEALLOCATETX 0x000c
306 #define NOP 0x0010
307 #define CMD_WORKAROUND 0x0011
308 #define CMD_ALLOCATEAUX 0x0020
309 #define CMD_ACCESS 0x0021
310 #define CMD_PCIBAP 0x0022
311 #define CMD_PCIAUX 0x0023
312 #define CMD_ALLOCBUF 0x0028
313 #define CMD_GETTLV 0x0029
314 #define CMD_PUTTLV 0x002a
315 #define CMD_DELTLV 0x002b
316 #define CMD_FINDNEXTTLV 0x002c
317 #define CMD_PSPNODES 0x0030
318 #define CMD_SETCW 0x0031
319 #define CMD_SETPCF 0x0032
320 #define CMD_SETPHYREG 0x003e
321 #define CMD_TXTEST 0x003f
322 #define MAC_ENABLETX 0x0101
323 #define CMD_LISTBSS 0x0103
324 #define CMD_SAVECFG 0x0108
325 #define CMD_ENABLEAUX 0x0111
326 #define CMD_WRITERID 0x0121
327 #define CMD_USEPSPNODES 0x0130
328 #define MAC_ENABLERX 0x0201
329 
330 /* Command errors */
331 #define ERROR_QUALIF 0x00
332 #define ERROR_ILLCMD 0x01
333 #define ERROR_ILLFMT 0x02
334 #define ERROR_INVFID 0x03
335 #define ERROR_INVRID 0x04
336 #define ERROR_LARGE 0x05
337 #define ERROR_NDISABL 0x06
338 #define ERROR_ALLOCBSY 0x07
339 #define ERROR_NORD 0x0B
340 #define ERROR_NOWR 0x0C
341 #define ERROR_INVFIDTX 0x0D
342 #define ERROR_TESTACT 0x0E
343 #define ERROR_TAGNFND 0x12
344 #define ERROR_DECODE 0x20
345 #define ERROR_DESCUNAV 0x21
346 #define ERROR_BADLEN 0x22
347 #define ERROR_MODE 0x80
348 #define ERROR_HOP 0x81
349 #define ERROR_BINTER 0x82
350 #define ERROR_RXMODE 0x83
351 #define ERROR_MACADDR 0x84
352 #define ERROR_RATES 0x85
353 #define ERROR_ORDER 0x86
354 #define ERROR_SCAN 0x87
355 #define ERROR_AUTH 0x88
356 #define ERROR_PSMODE 0x89
357 #define ERROR_RTYPE 0x8A
358 #define ERROR_DIVER 0x8B
359 #define ERROR_SSID 0x8C
360 #define ERROR_APLIST 0x8D
361 #define ERROR_AUTOWAKE 0x8E
362 #define ERROR_LEAP 0x8F
363 
364 /* Registers */
365 #define COMMAND 0x00
366 #define PARAM0 0x02
367 #define PARAM1 0x04
368 #define PARAM2 0x06
369 #define STATUS 0x08
370 #define RESP0 0x0a
371 #define RESP1 0x0c
372 #define RESP2 0x0e
373 #define LINKSTAT 0x10
374 #define SELECT0 0x18
375 #define OFFSET0 0x1c
376 #define RXFID 0x20
377 #define TXALLOCFID 0x22
378 #define TXCOMPLFID 0x24
379 #define DATA0 0x36
380 #define EVSTAT 0x30
381 #define EVINTEN 0x32
382 #define EVACK 0x34
383 #define SWS0 0x28
384 #define SWS1 0x2a
385 #define SWS2 0x2c
386 #define SWS3 0x2e
387 #define AUXPAGE 0x3A
388 #define AUXOFF 0x3C
389 #define AUXDATA 0x3E
390 
391 #define FID_TX 1
392 #define FID_RX 2
393 /* Offset into aux memory for descriptors */
394 #define AUX_OFFSET 0x800
395 /* Size of allocated packets */
396 #define PKTSIZE 1840
397 #define RIDSIZE 2048
398 /* Size of the transmit queue */
399 #define MAXTXQ 64
400 
401 /* BAP selectors */
402 #define BAP0 0 /* Used for receiving packets */
403 #define BAP1 2 /* Used for xmiting packets and working with RIDS */
404 
405 /* Flags */
406 #define COMMAND_BUSY 0x8000
407 
408 #define BAP_BUSY 0x8000
409 #define BAP_ERR 0x4000
410 #define BAP_DONE 0x2000
411 
412 #define PROMISC 0xffff
413 #define NOPROMISC 0x0000
414 
415 #define EV_CMD 0x10
416 #define EV_CLEARCOMMANDBUSY 0x4000
417 #define EV_RX 0x01
418 #define EV_TX 0x02
419 #define EV_TXEXC 0x04
420 #define EV_ALLOC 0x08
421 #define EV_LINK 0x80
422 #define EV_AWAKE 0x100
423 #define EV_TXCPY 0x400
424 #define EV_UNKNOWN 0x800
425 #define EV_MIC 0x1000 /* Message Integrity Check Interrupt */
426 #define EV_AWAKEN 0x2000
427 #define STATUS_INTS (EV_AWAKE|EV_LINK|EV_TXEXC|EV_TX|EV_TXCPY|EV_RX|EV_MIC)
428 
429 #ifdef CHECK_UNKNOWN_INTS
430 #define IGNORE_INTS ( EV_CMD | EV_UNKNOWN)
431 #else
432 #define IGNORE_INTS (~STATUS_INTS)
433 #endif
434 
435 /* RID TYPES */
436 #define RID_RW 0x20
437 
438 /* The RIDs */
439 #define RID_CAPABILITIES 0xFF00
440 #define RID_APINFO 0xFF01
441 #define RID_RADIOINFO 0xFF02
442 #define RID_UNKNOWN3 0xFF03
443 #define RID_RSSI 0xFF04
444 #define RID_CONFIG 0xFF10
445 #define RID_SSID 0xFF11
446 #define RID_APLIST 0xFF12
447 #define RID_DRVNAME 0xFF13
448 #define RID_ETHERENCAP 0xFF14
449 #define RID_WEP_TEMP 0xFF15
450 #define RID_WEP_PERM 0xFF16
451 #define RID_MODULATION 0xFF17
452 #define RID_OPTIONS 0xFF18
453 #define RID_ACTUALCONFIG 0xFF20 /*readonly*/
454 #define RID_FACTORYCONFIG 0xFF21
455 #define RID_UNKNOWN22 0xFF22
456 #define RID_LEAPUSERNAME 0xFF23
457 #define RID_LEAPPASSWORD 0xFF24
458 #define RID_STATUS 0xFF50
459 #define RID_BEACON_HST 0xFF51
460 #define RID_BUSY_HST 0xFF52
461 #define RID_RETRIES_HST 0xFF53
462 #define RID_UNKNOWN54 0xFF54
463 #define RID_UNKNOWN55 0xFF55
464 #define RID_UNKNOWN56 0xFF56
465 #define RID_MIC 0xFF57
466 #define RID_STATS16 0xFF60
467 #define RID_STATS16DELTA 0xFF61
468 #define RID_STATS16DELTACLEAR 0xFF62
469 #define RID_STATS 0xFF68
470 #define RID_STATSDELTA 0xFF69
471 #define RID_STATSDELTACLEAR 0xFF6A
472 #define RID_ECHOTEST_RID 0xFF70
473 #define RID_ECHOTEST_RESULTS 0xFF71
474 #define RID_BSSLISTFIRST 0xFF72
475 #define RID_BSSLISTNEXT 0xFF73
476 #define RID_WPA_BSSLISTFIRST 0xFF74
477 #define RID_WPA_BSSLISTNEXT 0xFF75
478 
479 typedef struct {
484 } Cmd;
485 
486 typedef struct {
491 } Resp;
492 
493 /*
494  * Rids and endian-ness: The Rids will always be in cpu endian, since
495  * this all the patches from the big-endian guys end up doing that.
496  * so all rid access should use the read/writeXXXRid routines.
497  */
498 
499 /* This structure came from an email sent to me from an engineer at
500  aironet for inclusion into this driver */
501 typedef struct WepKeyRid WepKeyRid;
502 struct WepKeyRid {
507  u8 key[16];
508 } __packed;
509 
510 /* These structures are from the Aironet's PC4500 Developers Manual */
511 typedef struct Ssid Ssid;
512 struct Ssid {
514  u8 ssid[32];
515 } __packed;
516 
517 typedef struct SsidRid SsidRid;
518 struct SsidRid {
520  Ssid ssids[3];
521 } __packed;
522 
527 #define MOD_DEFAULT cpu_to_le16(0)
528 #define MOD_CCK cpu_to_le16(1)
529 #define MOD_MOK cpu_to_le16(2)
530 } __packed;
531 
532 typedef struct ConfigRid ConfigRid;
533 struct ConfigRid {
534  __le16 len; /* sizeof(ConfigRid) */
535  __le16 opmode; /* operating mode */
536 #define MODE_STA_IBSS cpu_to_le16(0)
537 #define MODE_STA_ESS cpu_to_le16(1)
538 #define MODE_AP cpu_to_le16(2)
539 #define MODE_AP_RPTR cpu_to_le16(3)
540 #define MODE_CFG_MASK cpu_to_le16(0xff)
541 #define MODE_ETHERNET_HOST cpu_to_le16(0<<8) /* rx payloads converted */
542 #define MODE_LLC_HOST cpu_to_le16(1<<8) /* rx payloads left as is */
543 #define MODE_AIRONET_EXTEND cpu_to_le16(1<<9) /* enable Aironet extenstions */
544 #define MODE_AP_INTERFACE cpu_to_le16(1<<10) /* enable ap interface extensions */
545 #define MODE_ANTENNA_ALIGN cpu_to_le16(1<<11) /* enable antenna alignment */
546 #define MODE_ETHER_LLC cpu_to_le16(1<<12) /* enable ethernet LLC */
547 #define MODE_LEAF_NODE cpu_to_le16(1<<13) /* enable leaf node bridge */
548 #define MODE_CF_POLLABLE cpu_to_le16(1<<14) /* enable CF pollable */
549 #define MODE_MIC cpu_to_le16(1<<15) /* enable MIC */
550  __le16 rmode; /* receive mode */
551 #define RXMODE_BC_MC_ADDR cpu_to_le16(0)
552 #define RXMODE_BC_ADDR cpu_to_le16(1) /* ignore multicasts */
553 #define RXMODE_ADDR cpu_to_le16(2) /* ignore multicast and broadcast */
554 #define RXMODE_RFMON cpu_to_le16(3) /* wireless monitor mode */
555 #define RXMODE_RFMON_ANYBSS cpu_to_le16(4)
556 #define RXMODE_LANMON cpu_to_le16(5) /* lan style monitor -- data packets only */
557 #define RXMODE_MASK cpu_to_le16(255)
558 #define RXMODE_DISABLE_802_3_HEADER cpu_to_le16(1<<8) /* disables 802.3 header on rx */
559 #define RXMODE_FULL_MASK (RXMODE_MASK | RXMODE_DISABLE_802_3_HEADER)
560 #define RXMODE_NORMALIZED_RSSI cpu_to_le16(1<<9) /* return normalized RSSI */
564  u8 rates[8];
567  __le16 txLifetime; /* in kusec */
568  __le16 rxLifetime; /* in kusec */
571  __le16 u16deviceType; /* for overriding device type */
575  /*---------- Scanning/Associating ----------*/
577 #define SCANMODE_ACTIVE cpu_to_le16(0)
578 #define SCANMODE_PASSIVE cpu_to_le16(1)
579 #define SCANMODE_AIROSCAN cpu_to_le16(2)
580  __le16 probeDelay; /* in kusec */
581  __le16 probeEnergyTimeout; /* in kusec */
587 #define AUTH_OPEN cpu_to_le16(0x1)
588 #define AUTH_ENCRYPT cpu_to_le16(0x101)
589 #define AUTH_SHAREDKEY cpu_to_le16(0x102)
590 #define AUTH_ALLOW_UNENCRYPTED cpu_to_le16(0x200)
598 #define DISABLE_REFRESH cpu_to_le16(0xFFFF)
600  /*---------- Power save operation ----------*/
602 #define POWERSAVE_CAM cpu_to_le16(0)
603 #define POWERSAVE_PSP cpu_to_le16(1)
604 #define POWERSAVE_PSPCAM cpu_to_le16(2)
611  /*---------- Ap/Ibss config items ----------*/
620  /*---------- Radio configuration ----------*/
622 #define RADIOTYPE_DEFAULT cpu_to_le16(0)
623 #define RADIOTYPE_802_11 cpu_to_le16(1)
624 #define RADIOTYPE_LEGACY cpu_to_le16(2)
628 #define TXPOWER_DEFAULT 0
630 #define RSSI_DEFAULT 0
632 #define PREAMBLE_AUTO cpu_to_le16(0)
633 #define PREAMBLE_LONG cpu_to_le16(1)
634 #define PREAMBLE_SHORT cpu_to_le16(2)
638  /*---------- Aironet Extensions ----------*/
644  /*---------- Aironet Extensions ----------*/
646 #define MAGIC_ACTION_STSCHG 1
647 #define MAGIC_ACTION_RESUME 2
648 #define MAGIC_IGNORE_MCAST (1<<8)
649 #define MAGIC_IGNORE_BCAST (1<<9)
650 #define MAGIC_SWITCH_TO_PSP (0<<10)
651 #define MAGIC_STAY_IN_CAM (1<<10)
654 } __packed;
655 
656 typedef struct StatusRid StatusRid;
657 struct StatusRid {
664  char SSID[32];
665  char apName[16];
682  u8 apIP[4];
683  u8 noisePercent; /* Noise percent in last second */
684  u8 noisedBm; /* Noise dBm in last second */
685  u8 noiseAvePercent; /* Noise percent in last minute */
686  u8 noiseAvedBm; /* Noise dBm in last minute */
687  u8 noiseMaxPercent; /* Highest noise percent in last minute */
688  u8 noiseMaxdBm; /* Highest noise dbm in last minute */
692 #define STAT_NOPACKETS 0
693 #define STAT_NOCARRIERSET 10
694 #define STAT_GOTCARRIERSET 11
695 #define STAT_WRONGSSID 20
696 #define STAT_BADCHANNEL 25
697 #define STAT_BADBITRATES 30
698 #define STAT_BADPRIVACY 35
699 #define STAT_APFOUND 40
700 #define STAT_APREJECTED 50
701 #define STAT_AUTHENTICATING 60
702 #define STAT_DEAUTHENTICATED 61
703 #define STAT_AUTHTIMEOUT 62
704 #define STAT_ASSOCIATING 70
705 #define STAT_DEASSOCIATED 71
706 #define STAT_ASSOCTIMEOUT 72
707 #define STAT_NOTAIROAP 73
708 #define STAT_ASSOCIATED 80
709 #define STAT_LEAPING 90
710 #define STAT_LEAPFAILED 91
711 #define STAT_LEAPTIMEDOUT 92
712 #define STAT_LEAPCOMPLETE 93
713 } __packed;
714 
715 typedef struct StatsRid StatsRid;
716 struct StatsRid {
719  __le32 vals[100];
720 } __packed;
721 
722 typedef struct APListRid APListRid;
723 struct APListRid {
726 } __packed;
727 
731  char oui[3];
732  char zero;
734  char manName[32];
735  char prodName[16];
736  char prodVer[8];
742  char supportedRates[8];
756 } __packed;
757 
758 /* Only present on firmware >= 5.30.17 */
762  u8 fixed[12]; /* WLAN management frame */
763  u8 iep[624];
764 } __packed;
765 
766 typedef struct BSSListRid BSSListRid;
767 struct BSSListRid {
769  __le16 index; /* First is 0 and 0xffff means end of list */
770 #define RADIO_FH 1 /* Frequency hopping radio type */
771 #define RADIO_DS 2 /* Direct sequence radio type */
772 #define RADIO_TMA 4 /* Proprietary radio used in old cards (2500) */
774  u8 bssid[ETH_ALEN]; /* Mac address of the BSS */
777  u8 ssid[32];
779 #define CAP_ESS cpu_to_le16(1<<0)
780 #define CAP_IBSS cpu_to_le16(1<<1)
781 #define CAP_PRIVACY cpu_to_le16(1<<4)
782 #define CAP_SHORTHDR cpu_to_le16(1<<5)
785  u8 rates[8]; /* Same as rates for config rid */
786  struct { /* For frequency hopping only */
792  } fh;
795 
796  /* Only present on firmware >= 5.30.17 */
798 } __packed;
799 
800 typedef struct {
802  struct list_head list;
804 
805 typedef struct tdsRssiEntry tdsRssiEntry;
806 struct tdsRssiEntry {
809 } __packed;
810 
811 typedef struct tdsRssiRid tdsRssiRid;
812 struct tdsRssiRid {
815 } __packed;
816 
817 typedef struct MICRid MICRid;
818 struct MICRid {
824  u8 unicast[16];
825 } __packed;
826 
827 typedef struct MICBuffer MICBuffer;
828 struct MICBuffer {
830 
831  union {
832  u8 snap[8];
833  struct {
839  } llc;
840  } u;
843 } __packed;
844 
845 typedef struct {
848 } etherHead;
849 
850 #define TXCTL_TXOK (1<<1) /* report if tx is ok */
851 #define TXCTL_TXEX (1<<2) /* report if tx fails */
852 #define TXCTL_802_3 (0<<3) /* 802.3 packet */
853 #define TXCTL_802_11 (1<<3) /* 802.11 mac packet */
854 #define TXCTL_ETHERNET (0<<4) /* payload has ethertype */
855 #define TXCTL_LLC (1<<4) /* payload is llc */
856 #define TXCTL_RELEASE (0<<5) /* release after completion */
857 #define TXCTL_NORELEASE (1<<5) /* on completion returns to host */
858 
859 #define BUSY_FID 0x10000
860 
861 #ifdef CISCO_EXT
862 #define AIROMAGIC 0xa55a
863 /* Warning : SIOCDEVPRIVATE may disapear during 2.5.X - Jean II */
864 #ifdef SIOCIWFIRSTPRIV
865 #ifdef SIOCDEVPRIVATE
866 #define AIROOLDIOCTL SIOCDEVPRIVATE
867 #define AIROOLDIDIFC AIROOLDIOCTL + 1
868 #endif /* SIOCDEVPRIVATE */
869 #else /* SIOCIWFIRSTPRIV */
870 #define SIOCIWFIRSTPRIV SIOCDEVPRIVATE
871 #endif /* SIOCIWFIRSTPRIV */
872 /* This may be wrong. When using the new SIOCIWFIRSTPRIV range, we probably
873  * should use only "GET" ioctls (last bit set to 1). "SET" ioctls are root
874  * only and don't return the modified struct ifreq to the application which
875  * is usually a problem. - Jean II */
876 #define AIROIOCTL SIOCIWFIRSTPRIV
877 #define AIROIDIFC AIROIOCTL + 1
878 
879 /* Ioctl constants to be used in airo_ioctl.command */
880 
881 #define AIROGCAP 0 // Capability rid
882 #define AIROGCFG 1 // USED A LOT
883 #define AIROGSLIST 2 // System ID list
884 #define AIROGVLIST 3 // List of specified AP's
885 #define AIROGDRVNAM 4 // NOTUSED
886 #define AIROGEHTENC 5 // NOTUSED
887 #define AIROGWEPKTMP 6
888 #define AIROGWEPKNV 7
889 #define AIROGSTAT 8
890 #define AIROGSTATSC32 9
891 #define AIROGSTATSD32 10
892 #define AIROGMICRID 11
893 #define AIROGMICSTATS 12
894 #define AIROGFLAGS 13
895 #define AIROGID 14
896 #define AIRORRID 15
897 #define AIRORSWVERSION 17
898 
899 /* Leave gap of 40 commands after AIROGSTATSD32 for future */
900 
901 #define AIROPCAP AIROGSTATSD32 + 40
902 #define AIROPVLIST AIROPCAP + 1
903 #define AIROPSLIST AIROPVLIST + 1
904 #define AIROPCFG AIROPSLIST + 1
905 #define AIROPSIDS AIROPCFG + 1
906 #define AIROPAPLIST AIROPSIDS + 1
907 #define AIROPMACON AIROPAPLIST + 1 /* Enable mac */
908 #define AIROPMACOFF AIROPMACON + 1 /* Disable mac */
909 #define AIROPSTCLR AIROPMACOFF + 1
910 #define AIROPWEPKEY AIROPSTCLR + 1
911 #define AIROPWEPKEYNV AIROPWEPKEY + 1
912 #define AIROPLEAPPWD AIROPWEPKEYNV + 1
913 #define AIROPLEAPUSR AIROPLEAPPWD + 1
914 
915 /* Flash codes */
916 
917 #define AIROFLSHRST AIROPWEPKEYNV + 40
918 #define AIROFLSHGCHR AIROFLSHRST + 1
919 #define AIROFLSHSTFL AIROFLSHGCHR + 1
920 #define AIROFLSHPCHR AIROFLSHSTFL + 1
921 #define AIROFLPUTBUF AIROFLSHPCHR + 1
922 #define AIRORESTART AIROFLPUTBUF + 1
923 
924 #define FLASHSIZE 32768
925 #define AUXMEMSIZE (256 * 1024)
926 
927 typedef struct aironet_ioctl {
928  unsigned short command; // What to do
929  unsigned short len; // Len of data
930  unsigned short ridnum; // rid number
931  unsigned char __user *data; // d-data
932 } aironet_ioctl;
933 
934 static const char swversion[] = "2.1";
935 #endif /* CISCO_EXT */
936 
937 #define NUM_MODULES 2
938 #define MIC_MSGLEN_MAX 2400
939 #define EMMH32_MSGLEN_MAX MIC_MSGLEN_MAX
940 #define AIRO_DEF_MTU 2312
941 
942 typedef struct {
943  u32 size; // size
944  u8 enabled; // MIC enabled or not
945  u32 rxSuccess; // successful packets received
946  u32 rxIncorrectMIC; // pkts dropped due to incorrect MIC comparison
947  u32 rxNotMICed; // pkts dropped due to not being MIC'd
948  u32 rxMICPlummed; // pkts dropped due to not having a MIC plummed
949  u32 rxWrongSequence; // pkts dropped due to sequence number violation
952 
953 typedef struct {
955  u64 accum; // accumulated mic, reduced to u32 in final()
956  int position; // current position (byte offset) in message
957  union {
958  u8 d8[4];
960  } part; // saves partial message word across update() calls
962 
963 typedef struct {
964  emmh32_context seed; // Context - the seed
965  u32 rx; // Received sequence number
966  u32 tx; // Tx sequence number
967  u32 window; // Start of window
968  u8 valid; // Flag to say if context is valid or not
969  u8 key[16];
970 } miccntx;
971 
972 typedef struct {
973  miccntx mCtx; // Multicast context
974  miccntx uCtx; // Unicast context
975 } mic_module;
976 
977 typedef struct {
978  unsigned int rid: 16;
979  unsigned int len: 15;
980  unsigned int valid: 1;
982 } Rid;
983 
984 typedef struct {
985  unsigned int offset: 15;
986  unsigned int eoc: 1;
987  unsigned int len: 15;
988  unsigned int valid: 1;
990 } TxFid;
991 
992 struct rx_hdr {
994  u8 rssi[2];
998 } __packed;
999 
1000 typedef struct {
1001  unsigned int ctl: 15;
1002  unsigned int rdy: 1;
1003  unsigned int len: 15;
1004  unsigned int valid: 1;
1006 } RxFid;
1007 
1008 /*
1009  * Host receive descriptor
1010  */
1011 typedef struct {
1012  unsigned char __iomem *card_ram_off; /* offset into card memory of the
1013  desc */
1014  RxFid rx_desc; /* card receive descriptor */
1015  char *virtual_host_addr; /* virtual address of host receive
1016  buffer */
1017  int pending;
1018 } HostRxDesc;
1019 
1020 /*
1021  * Host transmit descriptor
1022  */
1023 typedef struct {
1024  unsigned char __iomem *card_ram_off; /* offset into card memory of the
1025  desc */
1026  TxFid tx_desc; /* card transmit descriptor */
1027  char *virtual_host_addr; /* virtual address of host receive
1028  buffer */
1029  int pending;
1030 } HostTxDesc;
1031 
1032 /*
1033  * Host RID descriptor
1034  */
1035 typedef struct {
1036  unsigned char __iomem *card_ram_off; /* offset into card memory of the
1037  descriptor */
1038  Rid rid_desc; /* card RID descriptor */
1039  char *virtual_host_addr; /* virtual address of host receive
1040  buffer */
1041 } HostRidDesc;
1042 
1043 typedef struct {
1048 #define HOST_SET (1 << 0)
1049 #define HOST_INT_TX (1 << 1) /* Interrupt on successful TX */
1050 #define HOST_INT_TXERR (1 << 2) /* Interrupt on unseccessful TX */
1051 #define HOST_LCC_PAYLOAD (1 << 4) /* LLC payload, 0 = Ethertype */
1052 #define HOST_DONT_RLSE (1 << 5) /* Don't release buffer when done */
1053 #define HOST_DONT_RETRY (1 << 6) /* Don't retry trasmit */
1054 #define HOST_CLR_AID (1 << 7) /* clear AID failure */
1055 #define HOST_RTS (1 << 9) /* Force RTS use */
1056 #define HOST_SHORT (1 << 10) /* Do short preamble */
1061 } TxCtlHdr;
1062 
1063 typedef struct {
1066  char addr1[6];
1067  char addr2[6];
1068  char addr3[6];
1070  char addr4[6];
1071 } WifiHdr;
1072 
1073 
1074 typedef struct {
1081 } WifiCtlHdr;
1082 
1083 static WifiCtlHdr wifictlhdr8023 = {
1084  .ctlhdr = {
1085  .ctl = HOST_DONT_RLSE,
1086  }
1087 };
1088 
1089 // A few details needed for WEP (Wireless Equivalent Privacy)
1090 #define MAX_KEY_SIZE 13 // 128 (?) bits
1091 #define MIN_KEY_SIZE 5 // 40 bits RC4 - WEP
1092 typedef struct wep_key_t {
1094  u8 key[16]; /* 40-bit and 104-bit keys */
1095 } wep_key_t;
1096 
1097 /* List of Wireless Handlers (new API) */
1098 static const struct iw_handler_def airo_handler_def;
1099 
1100 static const char version[] = "airo.c 0.6 (Ben Reed & Javier Achirica)";
1101 
1102 struct airo_info;
1103 
1104 static int get_dec_u16( char *buffer, int *start, int limit );
1105 static void OUT4500( struct airo_info *, u16 register, u16 value );
1106 static unsigned short IN4500( struct airo_info *, u16 register );
1107 static u16 setup_card(struct airo_info*, u8 *mac, int lock);
1108 static int enable_MAC(struct airo_info *ai, int lock);
1109 static void disable_MAC(struct airo_info *ai, int lock);
1110 static void enable_interrupts(struct airo_info*);
1111 static void disable_interrupts(struct airo_info*);
1112 static u16 issuecommand(struct airo_info*, Cmd *pCmd, Resp *pRsp);
1113 static int bap_setup(struct airo_info*, u16 rid, u16 offset, int whichbap);
1114 static int aux_bap_read(struct airo_info*, __le16 *pu16Dst, int bytelen,
1115  int whichbap);
1116 static int fast_bap_read(struct airo_info*, __le16 *pu16Dst, int bytelen,
1117  int whichbap);
1118 static int bap_write(struct airo_info*, const __le16 *pu16Src, int bytelen,
1119  int whichbap);
1120 static int PC4500_accessrid(struct airo_info*, u16 rid, u16 accmd);
1121 static int PC4500_readrid(struct airo_info*, u16 rid, void *pBuf, int len, int lock);
1122 static int PC4500_writerid(struct airo_info*, u16 rid, const void
1123  *pBuf, int len, int lock);
1124 static int do_writerid( struct airo_info*, u16 rid, const void *rid_data,
1125  int len, int dummy );
1126 static u16 transmit_allocate(struct airo_info*, int lenPayload, int raw);
1127 static int transmit_802_3_packet(struct airo_info*, int len, char *pPacket);
1128 static int transmit_802_11_packet(struct airo_info*, int len, char *pPacket);
1129 
1130 static int mpi_send_packet (struct net_device *dev);
1131 static void mpi_unmap_card(struct pci_dev *pci);
1132 static void mpi_receive_802_3(struct airo_info *ai);
1133 static void mpi_receive_802_11(struct airo_info *ai);
1134 static int waitbusy (struct airo_info *ai);
1135 
1136 static irqreturn_t airo_interrupt( int irq, void* dev_id);
1137 static int airo_thread(void *data);
1138 static void timer_func( struct net_device *dev );
1139 static int airo_ioctl(struct net_device *dev, struct ifreq *rq, int cmd);
1140 static struct iw_statistics *airo_get_wireless_stats (struct net_device *dev);
1141 static void airo_read_wireless_stats (struct airo_info *local);
1142 #ifdef CISCO_EXT
1143 static int readrids(struct net_device *dev, aironet_ioctl *comp);
1144 static int writerids(struct net_device *dev, aironet_ioctl *comp);
1145 static int flashcard(struct net_device *dev, aironet_ioctl *comp);
1146 #endif /* CISCO_EXT */
1147 static void micinit(struct airo_info *ai);
1148 static int micsetup(struct airo_info *ai);
1149 static int encapsulate(struct airo_info *ai, etherHead *pPacket, MICBuffer *buffer, int len);
1150 static int decapsulate(struct airo_info *ai, MICBuffer *mic, etherHead *pPacket, u16 payLen);
1151 
1152 static u8 airo_rssi_to_dbm (tdsRssiEntry *rssi_rid, u8 rssi);
1153 static u8 airo_dbm_to_pct (tdsRssiEntry *rssi_rid, u8 dbm);
1154 
1155 static void airo_networks_free(struct airo_info *ai);
1156 
1157 struct airo_info {
1158  struct net_device *dev;
1160  /* Note, we can have MAX_FIDS outstanding. FIDs are 16-bits, so we
1161  use the high bit to mark whether it is in use. */
1162 #define MAX_FIDS 6
1163 #define MPI_MAX_FIDS 1
1166  char keyindex; // Used with auto wep
1167  char defindex; // Used with auto wep
1170 #define FLAG_RADIO_OFF 0 /* User disabling of MAC */
1171 #define FLAG_RADIO_DOWN 1 /* ifup/ifdown disabling of MAC */
1172 #define FLAG_RADIO_MASK 0x03
1173 #define FLAG_ENABLED 2
1174 #define FLAG_ADHOC 3 /* Needed by MIC */
1175 #define FLAG_MIC_CAPABLE 4
1176 #define FLAG_UPDATE_MULTI 5
1177 #define FLAG_UPDATE_UNI 6
1178 #define FLAG_802_11 7
1179 #define FLAG_PROMISC 8 /* IFF_PROMISC 0x100 - include/linux/if.h */
1180 #define FLAG_PENDING_XMIT 9
1181 #define FLAG_PENDING_XMIT11 10
1182 #define FLAG_MPI 11
1183 #define FLAG_REGISTERED 12
1184 #define FLAG_COMMIT 13
1185 #define FLAG_RESET 14
1186 #define FLAG_FLASHING 15
1187 #define FLAG_WPA_CAPABLE 16
1188  unsigned long flags;
1189 #define JOB_DIE 0
1190 #define JOB_XMIT 1
1191 #define JOB_XMIT11 2
1192 #define JOB_STATS 3
1193 #define JOB_PROMISC 4
1194 #define JOB_MIC 5
1195 #define JOB_EVENT 6
1196 #define JOB_AUTOWEP 7
1197 #define JOB_WSTATS 8
1198 #define JOB_SCAN_RESULTS 9
1199  unsigned long jobs;
1200  int (*bap_read)(struct airo_info*, __le16 *pu16Dst, int bytelen,
1201  int whichbap);
1202  unsigned short *flash;
1206  struct semaphore sem;
1208  unsigned long expires;
1209  struct {
1210  struct sk_buff *skb;
1211  int fid;
1212  } xmit, xmit11;
1214  struct iw_statistics wstats; // wireless stats
1215  unsigned long scan_timeout; /* Time scan should be read */
1218  /* MIC stuff */
1222  HostRxDesc rxfids[MPI_MAX_FIDS]; // rx/tx/config MPI350 descriptors
1225  unsigned long ridbus; // phys addr of config_desc
1226  struct sk_buff_head txq;// tx queue used by mpi350 code
1227  struct pci_dev *pci;
1228  unsigned char __iomem *pcimem;
1229  unsigned char __iomem *pciaux;
1230  unsigned char *shared;
1235 #define PCI_SHARED_LEN 2*MPI_MAX_FIDS*PKTSIZE+RIDSIZE
1237 
1240 
1241  /* WPA-related stuff */
1242  unsigned int bssListFirst;
1243  unsigned int bssListNext;
1244  unsigned int bssListRidLen;
1245 
1249 };
1250 
1251 static inline int bap_read(struct airo_info *ai, __le16 *pu16Dst, int bytelen,
1252  int whichbap)
1253 {
1254  return ai->bap_read(ai, pu16Dst, bytelen, whichbap);
1255 }
1256 
1257 static int setup_proc_entry( struct net_device *dev,
1258  struct airo_info *apriv );
1259 static int takedown_proc_entry( struct net_device *dev,
1260  struct airo_info *apriv );
1261 
1262 static int cmdreset(struct airo_info *ai);
1263 static int setflashmode (struct airo_info *ai);
1264 static int flashgchar(struct airo_info *ai,int matchbyte,int dwelltime);
1265 static int flashputbuf(struct airo_info *ai);
1266 static int flashrestart(struct airo_info *ai,struct net_device *dev);
1267 
1268 #define airo_print(type, name, fmt, args...) \
1269  printk(type DRV_NAME "(%s): " fmt "\n", name, ##args)
1270 
1271 #define airo_print_info(name, fmt, args...) \
1272  airo_print(KERN_INFO, name, fmt, ##args)
1273 
1274 #define airo_print_dbg(name, fmt, args...) \
1275  airo_print(KERN_DEBUG, name, fmt, ##args)
1276 
1277 #define airo_print_warn(name, fmt, args...) \
1278  airo_print(KERN_WARNING, name, fmt, ##args)
1279 
1280 #define airo_print_err(name, fmt, args...) \
1281  airo_print(KERN_ERR, name, fmt, ##args)
1282 
1283 #define AIRO_FLASH(dev) (((struct airo_info *)dev->ml_priv)->flash)
1284 
1285 /***********************************************************************
1286  * MIC ROUTINES *
1287  ***********************************************************************
1288  */
1289 
1290 static int RxSeqValid (struct airo_info *ai,miccntx *context,int mcast,u32 micSeq);
1291 static void MoveWindow(miccntx *context, u32 micSeq);
1292 static void emmh32_setseed(emmh32_context *context, u8 *pkey, int keylen,
1293  struct crypto_cipher *tfm);
1294 static void emmh32_init(emmh32_context *context);
1295 static void emmh32_update(emmh32_context *context, u8 *pOctets, int len);
1296 static void emmh32_final(emmh32_context *context, u8 digest[4]);
1297 static int flashpchar(struct airo_info *ai,int byte,int dwelltime);
1298 
1299 static void age_mic_context(miccntx *cur, miccntx *old, u8 *key, int key_len,
1300  struct crypto_cipher *tfm)
1301 {
1302  /* If the current MIC context is valid and its key is the same as
1303  * the MIC register, there's nothing to do.
1304  */
1305  if (cur->valid && (memcmp(cur->key, key, key_len) == 0))
1306  return;
1307 
1308  /* Age current mic Context */
1309  memcpy(old, cur, sizeof(*cur));
1310 
1311  /* Initialize new context */
1312  memcpy(cur->key, key, key_len);
1313  cur->window = 33; /* Window always points to the middle */
1314  cur->rx = 0; /* Rx Sequence numbers */
1315  cur->tx = 0; /* Tx sequence numbers */
1316  cur->valid = 1; /* Key is now valid */
1317 
1318  /* Give key to mic seed */
1319  emmh32_setseed(&cur->seed, key, key_len, tfm);
1320 }
1321 
1322 /* micinit - Initialize mic seed */
1323 
1324 static void micinit(struct airo_info *ai)
1325 {
1326  MICRid mic_rid;
1327 
1328  clear_bit(JOB_MIC, &ai->jobs);
1329  PC4500_readrid(ai, RID_MIC, &mic_rid, sizeof(mic_rid), 0);
1330  up(&ai->sem);
1331 
1332  ai->micstats.enabled = (le16_to_cpu(mic_rid.state) & 0x00FF) ? 1 : 0;
1333  if (!ai->micstats.enabled) {
1334  /* So next time we have a valid key and mic is enabled, we will
1335  * update the sequence number if the key is the same as before.
1336  */
1337  ai->mod[0].uCtx.valid = 0;
1338  ai->mod[0].mCtx.valid = 0;
1339  return;
1340  }
1341 
1342  if (mic_rid.multicastValid) {
1343  age_mic_context(&ai->mod[0].mCtx, &ai->mod[1].mCtx,
1344  mic_rid.multicast, sizeof(mic_rid.multicast),
1345  ai->tfm);
1346  }
1347 
1348  if (mic_rid.unicastValid) {
1349  age_mic_context(&ai->mod[0].uCtx, &ai->mod[1].uCtx,
1350  mic_rid.unicast, sizeof(mic_rid.unicast),
1351  ai->tfm);
1352  }
1353 }
1354 
1355 /* micsetup - Get ready for business */
1356 
1357 static int micsetup(struct airo_info *ai) {
1358  int i;
1359 
1360  if (ai->tfm == NULL)
1361  ai->tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
1362 
1363  if (IS_ERR(ai->tfm)) {
1364  airo_print_err(ai->dev->name, "failed to load transform for AES");
1365  ai->tfm = NULL;
1366  return ERROR;
1367  }
1368 
1369  for (i=0; i < NUM_MODULES; i++) {
1370  memset(&ai->mod[i].mCtx,0,sizeof(miccntx));
1371  memset(&ai->mod[i].uCtx,0,sizeof(miccntx));
1372  }
1373  return SUCCESS;
1374 }
1375 
1376 static const u8 micsnap[] = {0xAA,0xAA,0x03,0x00,0x40,0x96,0x00,0x02};
1377 
1378 /*===========================================================================
1379  * Description: Mic a packet
1380  *
1381  * Inputs: etherHead * pointer to an 802.3 frame
1382  *
1383  * Returns: BOOLEAN if successful, otherwise false.
1384  * PacketTxLen will be updated with the mic'd packets size.
1385  *
1386  * Caveats: It is assumed that the frame buffer will already
1387  * be big enough to hold the largets mic message possible.
1388  * (No memory allocation is done here).
1389  *
1390  * Author: sbraneky (10/15/01)
1391  * Merciless hacks by rwilcher (1/14/02)
1392  */
1393 
1394 static int encapsulate(struct airo_info *ai ,etherHead *frame, MICBuffer *mic, int payLen)
1395 {
1396  miccntx *context;
1397 
1398  // Determine correct context
1399  // If not adhoc, always use unicast key
1400 
1401  if (test_bit(FLAG_ADHOC, &ai->flags) && (frame->da[0] & 0x1))
1402  context = &ai->mod[0].mCtx;
1403  else
1404  context = &ai->mod[0].uCtx;
1405 
1406  if (!context->valid)
1407  return ERROR;
1408 
1409  mic->typelen = htons(payLen + 16); //Length of Mic'd packet
1410 
1411  memcpy(&mic->u.snap, micsnap, sizeof(micsnap)); // Add Snap
1412 
1413  // Add Tx sequence
1414  mic->seq = htonl(context->tx);
1415  context->tx += 2;
1416 
1417  emmh32_init(&context->seed); // Mic the packet
1418  emmh32_update(&context->seed,frame->da,ETH_ALEN * 2); // DA,SA
1419  emmh32_update(&context->seed,(u8*)&mic->typelen,10); // Type/Length and Snap
1420  emmh32_update(&context->seed,(u8*)&mic->seq,sizeof(mic->seq)); //SEQ
1421  emmh32_update(&context->seed,(u8*)(frame + 1),payLen); //payload
1422  emmh32_final(&context->seed, (u8*)&mic->mic);
1423 
1424  /* New Type/length ?????????? */
1425  mic->typelen = 0; //Let NIC know it could be an oversized packet
1426  return SUCCESS;
1427 }
1428 
1429 typedef enum {
1435 } mic_error;
1436 
1437 /*===========================================================================
1438  * Description: Decapsulates a MIC'd packet and returns the 802.3 packet
1439  * (removes the MIC stuff) if packet is a valid packet.
1440  *
1441  * Inputs: etherHead pointer to the 802.3 packet
1442  *
1443  * Returns: BOOLEAN - TRUE if packet should be dropped otherwise FALSE
1444  *
1445  * Author: sbraneky (10/15/01)
1446  * Merciless hacks by rwilcher (1/14/02)
1447  *---------------------------------------------------------------------------
1448  */
1449 
1450 static int decapsulate(struct airo_info *ai, MICBuffer *mic, etherHead *eth, u16 payLen)
1451 {
1452  int i;
1453  u32 micSEQ;
1454  miccntx *context;
1455  u8 digest[4];
1456  mic_error micError = NONE;
1457 
1458  // Check if the packet is a Mic'd packet
1459 
1460  if (!ai->micstats.enabled) {
1461  //No Mic set or Mic OFF but we received a MIC'd packet.
1462  if (memcmp ((u8*)eth + 14, micsnap, sizeof(micsnap)) == 0) {
1463  ai->micstats.rxMICPlummed++;
1464  return ERROR;
1465  }
1466  return SUCCESS;
1467  }
1468 
1469  if (ntohs(mic->typelen) == 0x888E)
1470  return SUCCESS;
1471 
1472  if (memcmp (mic->u.snap, micsnap, sizeof(micsnap)) != 0) {
1473  // Mic enabled but packet isn't Mic'd
1474  ai->micstats.rxMICPlummed++;
1475  return ERROR;
1476  }
1477 
1478  micSEQ = ntohl(mic->seq); //store SEQ as CPU order
1479 
1480  //At this point we a have a mic'd packet and mic is enabled
1481  //Now do the mic error checking.
1482 
1483  //Receive seq must be odd
1484  if ( (micSEQ & 1) == 0 ) {
1485  ai->micstats.rxWrongSequence++;
1486  return ERROR;
1487  }
1488 
1489  for (i = 0; i < NUM_MODULES; i++) {
1490  int mcast = eth->da[0] & 1;
1491  //Determine proper context
1492  context = mcast ? &ai->mod[i].mCtx : &ai->mod[i].uCtx;
1493 
1494  //Make sure context is valid
1495  if (!context->valid) {
1496  if (i == 0)
1497  micError = NOMICPLUMMED;
1498  continue;
1499  }
1500  //DeMic it
1501 
1502  if (!mic->typelen)
1503  mic->typelen = htons(payLen + sizeof(MICBuffer) - 2);
1504 
1505  emmh32_init(&context->seed);
1506  emmh32_update(&context->seed, eth->da, ETH_ALEN*2);
1507  emmh32_update(&context->seed, (u8 *)&mic->typelen, sizeof(mic->typelen)+sizeof(mic->u.snap));
1508  emmh32_update(&context->seed, (u8 *)&mic->seq,sizeof(mic->seq));
1509  emmh32_update(&context->seed, (u8 *)(eth + 1),payLen);
1510  //Calculate MIC
1511  emmh32_final(&context->seed, digest);
1512 
1513  if (memcmp(digest, &mic->mic, 4)) { //Make sure the mics match
1514  //Invalid Mic
1515  if (i == 0)
1516  micError = INCORRECTMIC;
1517  continue;
1518  }
1519 
1520  //Check Sequence number if mics pass
1521  if (RxSeqValid(ai, context, mcast, micSEQ) == SUCCESS) {
1522  ai->micstats.rxSuccess++;
1523  return SUCCESS;
1524  }
1525  if (i == 0)
1526  micError = SEQUENCE;
1527  }
1528 
1529  // Update statistics
1530  switch (micError) {
1531  case NOMICPLUMMED: ai->micstats.rxMICPlummed++; break;
1532  case SEQUENCE: ai->micstats.rxWrongSequence++; break;
1533  case INCORRECTMIC: ai->micstats.rxIncorrectMIC++; break;
1534  case NONE: break;
1535  case NOMIC: break;
1536  }
1537  return ERROR;
1538 }
1539 
1540 /*===========================================================================
1541  * Description: Checks the Rx Seq number to make sure it is valid
1542  * and hasn't already been received
1543  *
1544  * Inputs: miccntx - mic context to check seq against
1545  * micSeq - the Mic seq number
1546  *
1547  * Returns: TRUE if valid otherwise FALSE.
1548  *
1549  * Author: sbraneky (10/15/01)
1550  * Merciless hacks by rwilcher (1/14/02)
1551  *---------------------------------------------------------------------------
1552  */
1553 
1554 static int RxSeqValid (struct airo_info *ai,miccntx *context,int mcast,u32 micSeq)
1555 {
1556  u32 seq,index;
1557 
1558  //Allow for the ap being rebooted - if it is then use the next
1559  //sequence number of the current sequence number - might go backwards
1560 
1561  if (mcast) {
1562  if (test_bit(FLAG_UPDATE_MULTI, &ai->flags)) {
1564  context->window = (micSeq > 33) ? micSeq : 33;
1565  context->rx = 0; // Reset rx
1566  }
1567  } else if (test_bit(FLAG_UPDATE_UNI, &ai->flags)) {
1569  context->window = (micSeq > 33) ? micSeq : 33; // Move window
1570  context->rx = 0; // Reset rx
1571  }
1572 
1573  //Make sequence number relative to START of window
1574  seq = micSeq - (context->window - 33);
1575 
1576  //Too old of a SEQ number to check.
1577  if ((s32)seq < 0)
1578  return ERROR;
1579 
1580  if ( seq > 64 ) {
1581  //Window is infinite forward
1582  MoveWindow(context,micSeq);
1583  return SUCCESS;
1584  }
1585 
1586  // We are in the window. Now check the context rx bit to see if it was already sent
1587  seq >>= 1; //divide by 2 because we only have odd numbers
1588  index = 1 << seq; //Get an index number
1589 
1590  if (!(context->rx & index)) {
1591  //micSEQ falls inside the window.
1592  //Add seqence number to the list of received numbers.
1593  context->rx |= index;
1594 
1595  MoveWindow(context,micSeq);
1596 
1597  return SUCCESS;
1598  }
1599  return ERROR;
1600 }
1601 
1602 static void MoveWindow(miccntx *context, u32 micSeq)
1603 {
1604  u32 shift;
1605 
1606  //Move window if seq greater than the middle of the window
1607  if (micSeq > context->window) {
1608  shift = (micSeq - context->window) >> 1;
1609 
1610  //Shift out old
1611  if (shift < 32)
1612  context->rx >>= shift;
1613  else
1614  context->rx = 0;
1615 
1616  context->window = micSeq; //Move window
1617  }
1618 }
1619 
1620 /*==============================================*/
1621 /*========== EMMH ROUTINES ====================*/
1622 /*==============================================*/
1623 
1624 /* mic accumulate */
1625 #define MIC_ACCUM(val) \
1626  context->accum += (u64)(val) * context->coeff[coeff_position++];
1627 
1628 static unsigned char aes_counter[16];
1629 
1630 /* expand the key to fill the MMH coefficient array */
1631 static void emmh32_setseed(emmh32_context *context, u8 *pkey, int keylen,
1632  struct crypto_cipher *tfm)
1633 {
1634  /* take the keying material, expand if necessary, truncate at 16-bytes */
1635  /* run through AES counter mode to generate context->coeff[] */
1636 
1637  int i,j;
1638  u32 counter;
1639  u8 *cipher, plain[16];
1640 
1641  crypto_cipher_setkey(tfm, pkey, 16);
1642  counter = 0;
1643  for (i = 0; i < ARRAY_SIZE(context->coeff); ) {
1644  aes_counter[15] = (u8)(counter >> 0);
1645  aes_counter[14] = (u8)(counter >> 8);
1646  aes_counter[13] = (u8)(counter >> 16);
1647  aes_counter[12] = (u8)(counter >> 24);
1648  counter++;
1649  memcpy (plain, aes_counter, 16);
1650  crypto_cipher_encrypt_one(tfm, plain, plain);
1651  cipher = plain;
1652  for (j = 0; (j < 16) && (i < ARRAY_SIZE(context->coeff)); ) {
1653  context->coeff[i++] = ntohl(*(__be32 *)&cipher[j]);
1654  j += 4;
1655  }
1656  }
1657 }
1658 
1659 /* prepare for calculation of a new mic */
1660 static void emmh32_init(emmh32_context *context)
1661 {
1662  /* prepare for new mic calculation */
1663  context->accum = 0;
1664  context->position = 0;
1665 }
1666 
1667 /* add some bytes to the mic calculation */
1668 static void emmh32_update(emmh32_context *context, u8 *pOctets, int len)
1669 {
1670  int coeff_position, byte_position;
1671 
1672  if (len == 0) return;
1673 
1674  coeff_position = context->position >> 2;
1675 
1676  /* deal with partial 32-bit word left over from last update */
1677  byte_position = context->position & 3;
1678  if (byte_position) {
1679  /* have a partial word in part to deal with */
1680  do {
1681  if (len == 0) return;
1682  context->part.d8[byte_position++] = *pOctets++;
1683  context->position++;
1684  len--;
1685  } while (byte_position < 4);
1686  MIC_ACCUM(ntohl(context->part.d32));
1687  }
1688 
1689  /* deal with full 32-bit words */
1690  while (len >= 4) {
1691  MIC_ACCUM(ntohl(*(__be32 *)pOctets));
1692  context->position += 4;
1693  pOctets += 4;
1694  len -= 4;
1695  }
1696 
1697  /* deal with partial 32-bit word that will be left over from this update */
1698  byte_position = 0;
1699  while (len > 0) {
1700  context->part.d8[byte_position++] = *pOctets++;
1701  context->position++;
1702  len--;
1703  }
1704 }
1705 
1706 /* mask used to zero empty bytes for final partial word */
1707 static u32 mask32[4] = { 0x00000000L, 0xFF000000L, 0xFFFF0000L, 0xFFFFFF00L };
1708 
1709 /* calculate the mic */
1710 static void emmh32_final(emmh32_context *context, u8 digest[4])
1711 {
1712  int coeff_position, byte_position;
1713  u32 val;
1714 
1715  u64 sum, utmp;
1716  s64 stmp;
1717 
1718  coeff_position = context->position >> 2;
1719 
1720  /* deal with partial 32-bit word left over from last update */
1721  byte_position = context->position & 3;
1722  if (byte_position) {
1723  /* have a partial word in part to deal with */
1724  val = ntohl(context->part.d32);
1725  MIC_ACCUM(val & mask32[byte_position]); /* zero empty bytes */
1726  }
1727 
1728  /* reduce the accumulated u64 to a 32-bit MIC */
1729  sum = context->accum;
1730  stmp = (sum & 0xffffffffLL) - ((sum >> 32) * 15);
1731  utmp = (stmp & 0xffffffffLL) - ((stmp >> 32) * 15);
1732  sum = utmp & 0xffffffffLL;
1733  if (utmp > 0x10000000fLL)
1734  sum -= 15;
1735 
1736  val = (u32)sum;
1737  digest[0] = (val>>24) & 0xFF;
1738  digest[1] = (val>>16) & 0xFF;
1739  digest[2] = (val>>8) & 0xFF;
1740  digest[3] = val & 0xFF;
1741 }
1742 
1743 static int readBSSListRid(struct airo_info *ai, int first,
1744  BSSListRid *list)
1745 {
1746  Cmd cmd;
1747  Resp rsp;
1748 
1749  if (first == 1) {
1750  if (ai->flags & FLAG_RADIO_MASK) return -ENETDOWN;
1751  memset(&cmd, 0, sizeof(cmd));
1752  cmd.cmd=CMD_LISTBSS;
1753  if (down_interruptible(&ai->sem))
1754  return -ERESTARTSYS;
1755  ai->list_bss_task = current;
1756  issuecommand(ai, &cmd, &rsp);
1757  up(&ai->sem);
1758  /* Let the command take effect */
1760  ai->list_bss_task = NULL;
1761  }
1762  return PC4500_readrid(ai, first ? ai->bssListFirst : ai->bssListNext,
1763  list, ai->bssListRidLen, 1);
1764 }
1765 
1766 static int readWepKeyRid(struct airo_info *ai, WepKeyRid *wkr, int temp, int lock)
1767 {
1768  return PC4500_readrid(ai, temp ? RID_WEP_TEMP : RID_WEP_PERM,
1769  wkr, sizeof(*wkr), lock);
1770 }
1771 
1772 static int writeWepKeyRid(struct airo_info *ai, WepKeyRid *wkr, int perm, int lock)
1773 {
1774  int rc;
1775  rc = PC4500_writerid(ai, RID_WEP_TEMP, wkr, sizeof(*wkr), lock);
1776  if (rc!=SUCCESS)
1777  airo_print_err(ai->dev->name, "WEP_TEMP set %x", rc);
1778  if (perm) {
1779  rc = PC4500_writerid(ai, RID_WEP_PERM, wkr, sizeof(*wkr), lock);
1780  if (rc!=SUCCESS)
1781  airo_print_err(ai->dev->name, "WEP_PERM set %x", rc);
1782  }
1783  return rc;
1784 }
1785 
1786 static int readSsidRid(struct airo_info*ai, SsidRid *ssidr)
1787 {
1788  return PC4500_readrid(ai, RID_SSID, ssidr, sizeof(*ssidr), 1);
1789 }
1790 
1791 static int writeSsidRid(struct airo_info*ai, SsidRid *pssidr, int lock)
1792 {
1793  return PC4500_writerid(ai, RID_SSID, pssidr, sizeof(*pssidr), lock);
1794 }
1795 
1796 static int readConfigRid(struct airo_info *ai, int lock)
1797 {
1798  int rc;
1799  ConfigRid cfg;
1800 
1801  if (ai->config.len)
1802  return SUCCESS;
1803 
1804  rc = PC4500_readrid(ai, RID_ACTUALCONFIG, &cfg, sizeof(cfg), lock);
1805  if (rc != SUCCESS)
1806  return rc;
1807 
1808  ai->config = cfg;
1809  return SUCCESS;
1810 }
1811 
1812 static inline void checkThrottle(struct airo_info *ai)
1813 {
1814  int i;
1815 /* Old hardware had a limit on encryption speed */
1816  if (ai->config.authType != AUTH_OPEN && maxencrypt) {
1817  for(i=0; i<8; i++) {
1818  if (ai->config.rates[i] > maxencrypt) {
1819  ai->config.rates[i] = 0;
1820  }
1821  }
1822  }
1823 }
1824 
1825 static int writeConfigRid(struct airo_info *ai, int lock)
1826 {
1827  ConfigRid cfgr;
1828 
1829  if (!test_bit (FLAG_COMMIT, &ai->flags))
1830  return SUCCESS;
1831 
1832  clear_bit (FLAG_COMMIT, &ai->flags);
1833  clear_bit (FLAG_RESET, &ai->flags);
1834  checkThrottle(ai);
1835  cfgr = ai->config;
1836 
1837  if ((cfgr.opmode & MODE_CFG_MASK) == MODE_STA_IBSS)
1838  set_bit(FLAG_ADHOC, &ai->flags);
1839  else
1840  clear_bit(FLAG_ADHOC, &ai->flags);
1841 
1842  return PC4500_writerid( ai, RID_CONFIG, &cfgr, sizeof(cfgr), lock);
1843 }
1844 
1845 static int readStatusRid(struct airo_info *ai, StatusRid *statr, int lock)
1846 {
1847  return PC4500_readrid(ai, RID_STATUS, statr, sizeof(*statr), lock);
1848 }
1849 
1850 static int readAPListRid(struct airo_info *ai, APListRid *aplr)
1851 {
1852  return PC4500_readrid(ai, RID_APLIST, aplr, sizeof(*aplr), 1);
1853 }
1854 
1855 static int writeAPListRid(struct airo_info *ai, APListRid *aplr, int lock)
1856 {
1857  return PC4500_writerid(ai, RID_APLIST, aplr, sizeof(*aplr), lock);
1858 }
1859 
1860 static int readCapabilityRid(struct airo_info *ai, CapabilityRid *capr, int lock)
1861 {
1862  return PC4500_readrid(ai, RID_CAPABILITIES, capr, sizeof(*capr), lock);
1863 }
1864 
1865 static int readStatsRid(struct airo_info*ai, StatsRid *sr, int rid, int lock)
1866 {
1867  return PC4500_readrid(ai, rid, sr, sizeof(*sr), lock);
1868 }
1869 
1870 static void try_auto_wep(struct airo_info *ai)
1871 {
1872  if (auto_wep && !test_bit(FLAG_RADIO_DOWN, &ai->flags)) {
1873  ai->expires = RUN_AT(3*HZ);
1875  }
1876 }
1877 
1878 static int airo_open(struct net_device *dev) {
1879  struct airo_info *ai = dev->ml_priv;
1880  int rc = 0;
1881 
1882  if (test_bit(FLAG_FLASHING, &ai->flags))
1883  return -EIO;
1884 
1885  /* Make sure the card is configured.
1886  * Wireless Extensions may postpone config changes until the card
1887  * is open (to pipeline changes and speed-up card setup). If
1888  * those changes are not yet committed, do it now - Jean II */
1889  if (test_bit(FLAG_COMMIT, &ai->flags)) {
1890  disable_MAC(ai, 1);
1891  writeConfigRid(ai, 1);
1892  }
1893 
1894  if (ai->wifidev != dev) {
1895  clear_bit(JOB_DIE, &ai->jobs);
1896  ai->airo_thread_task = kthread_run(airo_thread, dev, dev->name);
1897  if (IS_ERR(ai->airo_thread_task))
1898  return (int)PTR_ERR(ai->airo_thread_task);
1899 
1900  rc = request_irq(dev->irq, airo_interrupt, IRQF_SHARED,
1901  dev->name, dev);
1902  if (rc) {
1903  airo_print_err(dev->name,
1904  "register interrupt %d failed, rc %d",
1905  dev->irq, rc);
1906  set_bit(JOB_DIE, &ai->jobs);
1908  return rc;
1909  }
1910 
1911  /* Power on the MAC controller (which may have been disabled) */
1913  enable_interrupts(ai);
1914 
1915  try_auto_wep(ai);
1916  }
1917  enable_MAC(ai, 1);
1918 
1919  netif_start_queue(dev);
1920  return 0;
1921 }
1922 
1923 static netdev_tx_t mpi_start_xmit(struct sk_buff *skb,
1924  struct net_device *dev)
1925 {
1926  int npacks, pending;
1927  unsigned long flags;
1928  struct airo_info *ai = dev->ml_priv;
1929 
1930  if (!skb) {
1931  airo_print_err(dev->name, "%s: skb == NULL!",__func__);
1932  return NETDEV_TX_OK;
1933  }
1934  npacks = skb_queue_len (&ai->txq);
1935 
1936  if (npacks >= MAXTXQ - 1) {
1937  netif_stop_queue (dev);
1938  if (npacks > MAXTXQ) {
1939  dev->stats.tx_fifo_errors++;
1940  return NETDEV_TX_BUSY;
1941  }
1942  skb_queue_tail (&ai->txq, skb);
1943  return NETDEV_TX_OK;
1944  }
1945 
1946  spin_lock_irqsave(&ai->aux_lock, flags);
1947  skb_queue_tail (&ai->txq, skb);
1948  pending = test_bit(FLAG_PENDING_XMIT, &ai->flags);
1949  spin_unlock_irqrestore(&ai->aux_lock,flags);
1950  netif_wake_queue (dev);
1951 
1952  if (pending == 0) {
1954  mpi_send_packet (dev);
1955  }
1956  return NETDEV_TX_OK;
1957 }
1958 
1959 /*
1960  * @mpi_send_packet
1961  *
1962  * Attempt to transmit a packet. Can be called from interrupt
1963  * or transmit . return number of packets we tried to send
1964  */
1965 
1966 static int mpi_send_packet (struct net_device *dev)
1967 {
1968  struct sk_buff *skb;
1969  unsigned char *buffer;
1970  s16 len;
1971  __le16 *payloadLen;
1972  struct airo_info *ai = dev->ml_priv;
1973  u8 *sendbuf;
1974 
1975  /* get a packet to send */
1976 
1977  if ((skb = skb_dequeue(&ai->txq)) == NULL) {
1978  airo_print_err(dev->name,
1979  "%s: Dequeue'd zero in send_packet()",
1980  __func__);
1981  return 0;
1982  }
1983 
1984  /* check min length*/
1985  len = ETH_ZLEN < skb->len ? skb->len : ETH_ZLEN;
1986  buffer = skb->data;
1987 
1988  ai->txfids[0].tx_desc.offset = 0;
1989  ai->txfids[0].tx_desc.valid = 1;
1990  ai->txfids[0].tx_desc.eoc = 1;
1991  ai->txfids[0].tx_desc.len =len+sizeof(WifiHdr);
1992 
1993 /*
1994  * Magic, the cards firmware needs a length count (2 bytes) in the host buffer
1995  * right after TXFID_HDR.The TXFID_HDR contains the status short so payloadlen
1996  * is immediately after it. ------------------------------------------------
1997  * |TXFIDHDR+STATUS|PAYLOADLEN|802.3HDR|PACKETDATA|
1998  * ------------------------------------------------
1999  */
2000 
2002  (char *)&wifictlhdr8023, sizeof(wifictlhdr8023));
2003 
2004  payloadLen = (__le16 *)(ai->txfids[0].virtual_host_addr +
2005  sizeof(wifictlhdr8023));
2006  sendbuf = ai->txfids[0].virtual_host_addr +
2007  sizeof(wifictlhdr8023) + 2 ;
2008 
2009  /*
2010  * Firmware automatically puts 802 header on so
2011  * we don't need to account for it in the length
2012  */
2013  if (test_bit(FLAG_MIC_CAPABLE, &ai->flags) && ai->micstats.enabled &&
2014  (ntohs(((__be16 *)buffer)[6]) != 0x888E)) {
2015  MICBuffer pMic;
2016 
2017  if (encapsulate(ai, (etherHead *)buffer, &pMic, len - sizeof(etherHead)) != SUCCESS)
2018  return ERROR;
2019 
2020  *payloadLen = cpu_to_le16(len-sizeof(etherHead)+sizeof(pMic));
2021  ai->txfids[0].tx_desc.len += sizeof(pMic);
2022  /* copy data into airo dma buffer */
2023  memcpy (sendbuf, buffer, sizeof(etherHead));
2024  buffer += sizeof(etherHead);
2025  sendbuf += sizeof(etherHead);
2026  memcpy (sendbuf, &pMic, sizeof(pMic));
2027  sendbuf += sizeof(pMic);
2028  memcpy (sendbuf, buffer, len - sizeof(etherHead));
2029  } else {
2030  *payloadLen = cpu_to_le16(len - sizeof(etherHead));
2031 
2032  dev->trans_start = jiffies;
2033 
2034  /* copy data into airo dma buffer */
2035  memcpy(sendbuf, buffer, len);
2036  }
2037 
2039  &ai->txfids[0].tx_desc, sizeof(TxFid));
2040 
2041  OUT4500(ai, EVACK, 8);
2042 
2043  dev_kfree_skb_any(skb);
2044  return 1;
2045 }
2046 
2047 static void get_tx_error(struct airo_info *ai, s32 fid)
2048 {
2049  __le16 status;
2050 
2051  if (fid < 0)
2052  status = ((WifiCtlHdr *)ai->txfids[0].virtual_host_addr)->ctlhdr.status;
2053  else {
2054  if (bap_setup(ai, ai->fids[fid] & 0xffff, 4, BAP0) != SUCCESS)
2055  return;
2056  bap_read(ai, &status, 2, BAP0);
2057  }
2058  if (le16_to_cpu(status) & 2) /* Too many retries */
2059  ai->dev->stats.tx_aborted_errors++;
2060  if (le16_to_cpu(status) & 4) /* Transmit lifetime exceeded */
2061  ai->dev->stats.tx_heartbeat_errors++;
2062  if (le16_to_cpu(status) & 8) /* Aid fail */
2063  { }
2064  if (le16_to_cpu(status) & 0x10) /* MAC disabled */
2065  ai->dev->stats.tx_carrier_errors++;
2066  if (le16_to_cpu(status) & 0x20) /* Association lost */
2067  { }
2068  /* We produce a TXDROP event only for retry or lifetime
2069  * exceeded, because that's the only status that really mean
2070  * that this particular node went away.
2071  * Other errors means that *we* screwed up. - Jean II */
2072  if ((le16_to_cpu(status) & 2) ||
2073  (le16_to_cpu(status) & 4)) {
2074  union iwreq_data wrqu;
2075  char junk[0x18];
2076 
2077  /* Faster to skip over useless data than to do
2078  * another bap_setup(). We are at offset 0x6 and
2079  * need to go to 0x18 and read 6 bytes - Jean II */
2080  bap_read(ai, (__le16 *) junk, 0x18, BAP0);
2081 
2082  /* Copy 802.11 dest address.
2083  * We use the 802.11 header because the frame may
2084  * not be 802.3 or may be mangled...
2085  * In Ad-Hoc mode, it will be the node address.
2086  * In managed mode, it will be most likely the AP addr
2087  * User space will figure out how to convert it to
2088  * whatever it needs (IP address or else).
2089  * - Jean II */
2090  memcpy(wrqu.addr.sa_data, junk + 0x12, ETH_ALEN);
2091  wrqu.addr.sa_family = ARPHRD_ETHER;
2092 
2093  /* Send event to user space */
2094  wireless_send_event(ai->dev, IWEVTXDROP, &wrqu, NULL);
2095  }
2096 }
2097 
2098 static void airo_end_xmit(struct net_device *dev) {
2099  u16 status;
2100  int i;
2101  struct airo_info *priv = dev->ml_priv;
2102  struct sk_buff *skb = priv->xmit.skb;
2103  int fid = priv->xmit.fid;
2104  u32 *fids = priv->fids;
2105 
2106  clear_bit(JOB_XMIT, &priv->jobs);
2108  status = transmit_802_3_packet (priv, fids[fid], skb->data);
2109  up(&priv->sem);
2110 
2111  i = 0;
2112  if ( status == SUCCESS ) {
2113  dev->trans_start = jiffies;
2114  for (; i < MAX_FIDS / 2 && (priv->fids[i] & 0xffff0000); i++);
2115  } else {
2116  priv->fids[fid] &= 0xffff;
2117  dev->stats.tx_window_errors++;
2118  }
2119  if (i < MAX_FIDS / 2)
2120  netif_wake_queue(dev);
2121  dev_kfree_skb(skb);
2122 }
2123 
2124 static netdev_tx_t airo_start_xmit(struct sk_buff *skb,
2125  struct net_device *dev)
2126 {
2127  s16 len;
2128  int i, j;
2129  struct airo_info *priv = dev->ml_priv;
2130  u32 *fids = priv->fids;
2131 
2132  if ( skb == NULL ) {
2133  airo_print_err(dev->name, "%s: skb == NULL!", __func__);
2134  return NETDEV_TX_OK;
2135  }
2136 
2137  /* Find a vacant FID */
2138  for( i = 0; i < MAX_FIDS / 2 && (fids[i] & 0xffff0000); i++ );
2139  for( j = i + 1; j < MAX_FIDS / 2 && (fids[j] & 0xffff0000); j++ );
2140 
2141  if ( j >= MAX_FIDS / 2 ) {
2142  netif_stop_queue(dev);
2143 
2144  if (i == MAX_FIDS / 2) {
2145  dev->stats.tx_fifo_errors++;
2146  return NETDEV_TX_BUSY;
2147  }
2148  }
2149  /* check min length*/
2150  len = ETH_ZLEN < skb->len ? skb->len : ETH_ZLEN;
2151  /* Mark fid as used & save length for later */
2152  fids[i] |= (len << 16);
2153  priv->xmit.skb = skb;
2154  priv->xmit.fid = i;
2155  if (down_trylock(&priv->sem) != 0) {
2156  set_bit(FLAG_PENDING_XMIT, &priv->flags);
2157  netif_stop_queue(dev);
2158  set_bit(JOB_XMIT, &priv->jobs);
2160  } else
2161  airo_end_xmit(dev);
2162  return NETDEV_TX_OK;
2163 }
2164 
2165 static void airo_end_xmit11(struct net_device *dev) {
2166  u16 status;
2167  int i;
2168  struct airo_info *priv = dev->ml_priv;
2169  struct sk_buff *skb = priv->xmit11.skb;
2170  int fid = priv->xmit11.fid;
2171  u32 *fids = priv->fids;
2172 
2173  clear_bit(JOB_XMIT11, &priv->jobs);
2175  status = transmit_802_11_packet (priv, fids[fid], skb->data);
2176  up(&priv->sem);
2177 
2178  i = MAX_FIDS / 2;
2179  if ( status == SUCCESS ) {
2180  dev->trans_start = jiffies;
2181  for (; i < MAX_FIDS && (priv->fids[i] & 0xffff0000); i++);
2182  } else {
2183  priv->fids[fid] &= 0xffff;
2184  dev->stats.tx_window_errors++;
2185  }
2186  if (i < MAX_FIDS)
2187  netif_wake_queue(dev);
2188  dev_kfree_skb(skb);
2189 }
2190 
2191 static netdev_tx_t airo_start_xmit11(struct sk_buff *skb,
2192  struct net_device *dev)
2193 {
2194  s16 len;
2195  int i, j;
2196  struct airo_info *priv = dev->ml_priv;
2197  u32 *fids = priv->fids;
2198 
2199  if (test_bit(FLAG_MPI, &priv->flags)) {
2200  /* Not implemented yet for MPI350 */
2201  netif_stop_queue(dev);
2202  dev_kfree_skb_any(skb);
2203  return NETDEV_TX_OK;
2204  }
2205 
2206  if ( skb == NULL ) {
2207  airo_print_err(dev->name, "%s: skb == NULL!", __func__);
2208  return NETDEV_TX_OK;
2209  }
2210 
2211  /* Find a vacant FID */
2212  for( i = MAX_FIDS / 2; i < MAX_FIDS && (fids[i] & 0xffff0000); i++ );
2213  for( j = i + 1; j < MAX_FIDS && (fids[j] & 0xffff0000); j++ );
2214 
2215  if ( j >= MAX_FIDS ) {
2216  netif_stop_queue(dev);
2217 
2218  if (i == MAX_FIDS) {
2219  dev->stats.tx_fifo_errors++;
2220  return NETDEV_TX_BUSY;
2221  }
2222  }
2223  /* check min length*/
2224  len = ETH_ZLEN < skb->len ? skb->len : ETH_ZLEN;
2225  /* Mark fid as used & save length for later */
2226  fids[i] |= (len << 16);
2227  priv->xmit11.skb = skb;
2228  priv->xmit11.fid = i;
2229  if (down_trylock(&priv->sem) != 0) {
2231  netif_stop_queue(dev);
2232  set_bit(JOB_XMIT11, &priv->jobs);
2234  } else
2235  airo_end_xmit11(dev);
2236  return NETDEV_TX_OK;
2237 }
2238 
2239 static void airo_read_stats(struct net_device *dev)
2240 {
2241  struct airo_info *ai = dev->ml_priv;
2242  StatsRid stats_rid;
2243  __le32 *vals = stats_rid.vals;
2244 
2245  clear_bit(JOB_STATS, &ai->jobs);
2246  if (ai->power.event) {
2247  up(&ai->sem);
2248  return;
2249  }
2250  readStatsRid(ai, &stats_rid, RID_STATS, 0);
2251  up(&ai->sem);
2252 
2253  dev->stats.rx_packets = le32_to_cpu(vals[43]) + le32_to_cpu(vals[44]) +
2254  le32_to_cpu(vals[45]);
2255  dev->stats.tx_packets = le32_to_cpu(vals[39]) + le32_to_cpu(vals[40]) +
2256  le32_to_cpu(vals[41]);
2257  dev->stats.rx_bytes = le32_to_cpu(vals[92]);
2258  dev->stats.tx_bytes = le32_to_cpu(vals[91]);
2259  dev->stats.rx_errors = le32_to_cpu(vals[0]) + le32_to_cpu(vals[2]) +
2260  le32_to_cpu(vals[3]) + le32_to_cpu(vals[4]);
2261  dev->stats.tx_errors = le32_to_cpu(vals[42]) +
2262  dev->stats.tx_fifo_errors;
2263  dev->stats.multicast = le32_to_cpu(vals[43]);
2264  dev->stats.collisions = le32_to_cpu(vals[89]);
2265 
2266  /* detailed rx_errors: */
2267  dev->stats.rx_length_errors = le32_to_cpu(vals[3]);
2268  dev->stats.rx_crc_errors = le32_to_cpu(vals[4]);
2269  dev->stats.rx_frame_errors = le32_to_cpu(vals[2]);
2270  dev->stats.rx_fifo_errors = le32_to_cpu(vals[0]);
2271 }
2272 
2273 static struct net_device_stats *airo_get_stats(struct net_device *dev)
2274 {
2275  struct airo_info *local = dev->ml_priv;
2276 
2277  if (!test_bit(JOB_STATS, &local->jobs)) {
2278  /* Get stats out of the card if available */
2279  if (down_trylock(&local->sem) != 0) {
2280  set_bit(JOB_STATS, &local->jobs);
2282  } else
2283  airo_read_stats(dev);
2284  }
2285 
2286  return &dev->stats;
2287 }
2288 
2289 static void airo_set_promisc(struct airo_info *ai) {
2290  Cmd cmd;
2291  Resp rsp;
2292 
2293  memset(&cmd, 0, sizeof(cmd));
2294  cmd.cmd=CMD_SETMODE;
2295  clear_bit(JOB_PROMISC, &ai->jobs);
2296  cmd.parm0=(ai->flags&IFF_PROMISC) ? PROMISC : NOPROMISC;
2297  issuecommand(ai, &cmd, &rsp);
2298  up(&ai->sem);
2299 }
2300 
2301 static void airo_set_multicast_list(struct net_device *dev) {
2302  struct airo_info *ai = dev->ml_priv;
2303 
2304  if ((dev->flags ^ ai->flags) & IFF_PROMISC) {
2305  change_bit(FLAG_PROMISC, &ai->flags);
2306  if (down_trylock(&ai->sem) != 0) {
2307  set_bit(JOB_PROMISC, &ai->jobs);
2309  } else
2310  airo_set_promisc(ai);
2311  }
2312 
2313  if ((dev->flags&IFF_ALLMULTI) || !netdev_mc_empty(dev)) {
2314  /* Turn on multicast. (Should be already setup...) */
2315  }
2316 }
2317 
2318 static int airo_set_mac_address(struct net_device *dev, void *p)
2319 {
2320  struct airo_info *ai = dev->ml_priv;
2321  struct sockaddr *addr = p;
2322 
2323  readConfigRid(ai, 1);
2324  memcpy (ai->config.macAddr, addr->sa_data, dev->addr_len);
2325  set_bit (FLAG_COMMIT, &ai->flags);
2326  disable_MAC(ai, 1);
2327  writeConfigRid (ai, 1);
2328  enable_MAC(ai, 1);
2329  memcpy (ai->dev->dev_addr, addr->sa_data, dev->addr_len);
2330  if (ai->wifidev)
2331  memcpy (ai->wifidev->dev_addr, addr->sa_data, dev->addr_len);
2332  return 0;
2333 }
2334 
2335 static int airo_change_mtu(struct net_device *dev, int new_mtu)
2336 {
2337  if ((new_mtu < 68) || (new_mtu > 2400))
2338  return -EINVAL;
2339  dev->mtu = new_mtu;
2340  return 0;
2341 }
2342 
2343 static LIST_HEAD(airo_devices);
2344 
2345 static void add_airo_dev(struct airo_info *ai)
2346 {
2347  /* Upper layers already keep track of PCI devices,
2348  * so we only need to remember our non-PCI cards. */
2349  if (!ai->pci)
2350  list_add_tail(&ai->dev_list, &airo_devices);
2351 }
2352 
2353 static void del_airo_dev(struct airo_info *ai)
2354 {
2355  if (!ai->pci)
2356  list_del(&ai->dev_list);
2357 }
2358 
2359 static int airo_close(struct net_device *dev) {
2360  struct airo_info *ai = dev->ml_priv;
2361 
2362  netif_stop_queue(dev);
2363 
2364  if (ai->wifidev != dev) {
2365 #ifdef POWER_ON_DOWN
2366  /* Shut power to the card. The idea is that the user can save
2367  * power when he doesn't need the card with "ifconfig down".
2368  * That's the method that is most friendly towards the network
2369  * stack (i.e. the network stack won't try to broadcast
2370  * anything on the interface and routes are gone. Jean II */
2371  set_bit(FLAG_RADIO_DOWN, &ai->flags);
2372  disable_MAC(ai, 1);
2373 #endif
2374  disable_interrupts( ai );
2375 
2376  free_irq(dev->irq, dev);
2377 
2378  set_bit(JOB_DIE, &ai->jobs);
2380  }
2381  return 0;
2382 }
2383 
2384 void stop_airo_card( struct net_device *dev, int freeres )
2385 {
2386  struct airo_info *ai = dev->ml_priv;
2387 
2388  set_bit(FLAG_RADIO_DOWN, &ai->flags);
2389  disable_MAC(ai, 1);
2390  disable_interrupts(ai);
2391  takedown_proc_entry( dev, ai );
2392  if (test_bit(FLAG_REGISTERED, &ai->flags)) {
2393  unregister_netdev( dev );
2394  if (ai->wifidev) {
2396  free_netdev(ai->wifidev);
2397  ai->wifidev = NULL;
2398  }
2400  }
2401  /*
2402  * Clean out tx queue
2403  */
2404  if (test_bit(FLAG_MPI, &ai->flags) && !skb_queue_empty(&ai->txq)) {
2405  struct sk_buff *skb = NULL;
2406  for (;(skb = skb_dequeue(&ai->txq));)
2407  dev_kfree_skb(skb);
2408  }
2409 
2410  airo_networks_free (ai);
2411 
2412  kfree(ai->flash);
2413  kfree(ai->rssi);
2414  kfree(ai->APList);
2415  kfree(ai->SSID);
2416  if (freeres) {
2417  /* PCMCIA frees this stuff, so only for PCI and ISA */
2418  release_region( dev->base_addr, 64 );
2419  if (test_bit(FLAG_MPI, &ai->flags)) {
2420  if (ai->pci)
2421  mpi_unmap_card(ai->pci);
2422  if (ai->pcimem)
2423  iounmap(ai->pcimem);
2424  if (ai->pciaux)
2425  iounmap(ai->pciaux);
2427  ai->shared, ai->shared_dma);
2428  }
2429  }
2430  crypto_free_cipher(ai->tfm);
2431  del_airo_dev(ai);
2432  free_netdev( dev );
2433 }
2434 
2436 
2437 static int wll_header_parse(const struct sk_buff *skb, unsigned char *haddr)
2438 {
2439  memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN);
2440  return ETH_ALEN;
2441 }
2442 
2443 static void mpi_unmap_card(struct pci_dev *pci)
2444 {
2445  unsigned long mem_start = pci_resource_start(pci, 1);
2446  unsigned long mem_len = pci_resource_len(pci, 1);
2447  unsigned long aux_start = pci_resource_start(pci, 2);
2448  unsigned long aux_len = AUXMEMSIZE;
2449 
2450  release_mem_region(aux_start, aux_len);
2451  release_mem_region(mem_start, mem_len);
2452 }
2453 
2454 /*************************************************************
2455  * This routine assumes that descriptors have been setup .
2456  * Run at insmod time or after reset when the decriptors
2457  * have been initialized . Returns 0 if all is well nz
2458  * otherwise . Does not allocate memory but sets up card
2459  * using previously allocated descriptors.
2460  */
2461 static int mpi_init_descriptors (struct airo_info *ai)
2462 {
2463  Cmd cmd;
2464  Resp rsp;
2465  int i;
2466  int rc = SUCCESS;
2467 
2468  /* Alloc card RX descriptors */
2469  netif_stop_queue(ai->dev);
2470 
2471  memset(&rsp,0,sizeof(rsp));
2472  memset(&cmd,0,sizeof(cmd));
2473 
2474  cmd.cmd = CMD_ALLOCATEAUX;
2475  cmd.parm0 = FID_RX;
2476  cmd.parm1 = (ai->rxfids[0].card_ram_off - ai->pciaux);
2477  cmd.parm2 = MPI_MAX_FIDS;
2478  rc=issuecommand(ai, &cmd, &rsp);
2479  if (rc != SUCCESS) {
2480  airo_print_err(ai->dev->name, "Couldn't allocate RX FID");
2481  return rc;
2482  }
2483 
2484  for (i=0; i<MPI_MAX_FIDS; i++) {
2486  &ai->rxfids[i].rx_desc, sizeof(RxFid));
2487  }
2488 
2489  /* Alloc card TX descriptors */
2490 
2491  memset(&rsp,0,sizeof(rsp));
2492  memset(&cmd,0,sizeof(cmd));
2493 
2494  cmd.cmd = CMD_ALLOCATEAUX;
2495  cmd.parm0 = FID_TX;
2496  cmd.parm1 = (ai->txfids[0].card_ram_off - ai->pciaux);
2497  cmd.parm2 = MPI_MAX_FIDS;
2498 
2499  for (i=0; i<MPI_MAX_FIDS; i++) {
2500  ai->txfids[i].tx_desc.valid = 1;
2502  &ai->txfids[i].tx_desc, sizeof(TxFid));
2503  }
2504  ai->txfids[i-1].tx_desc.eoc = 1; /* Last descriptor has EOC set */
2505 
2506  rc=issuecommand(ai, &cmd, &rsp);
2507  if (rc != SUCCESS) {
2508  airo_print_err(ai->dev->name, "Couldn't allocate TX FID");
2509  return rc;
2510  }
2511 
2512  /* Alloc card Rid descriptor */
2513  memset(&rsp,0,sizeof(rsp));
2514  memset(&cmd,0,sizeof(cmd));
2515 
2516  cmd.cmd = CMD_ALLOCATEAUX;
2517  cmd.parm0 = RID_RW;
2518  cmd.parm1 = (ai->config_desc.card_ram_off - ai->pciaux);
2519  cmd.parm2 = 1; /* Magic number... */
2520  rc=issuecommand(ai, &cmd, &rsp);
2521  if (rc != SUCCESS) {
2522  airo_print_err(ai->dev->name, "Couldn't allocate RID");
2523  return rc;
2524  }
2525 
2527  &ai->config_desc.rid_desc, sizeof(Rid));
2528 
2529  return rc;
2530 }
2531 
2532 /*
2533  * We are setting up three things here:
2534  * 1) Map AUX memory for descriptors: Rid, TxFid, or RxFid.
2535  * 2) Map PCI memory for issuing commands.
2536  * 3) Allocate memory (shared) to send and receive ethernet frames.
2537  */
2538 static int mpi_map_card(struct airo_info *ai, struct pci_dev *pci)
2539 {
2540  unsigned long mem_start, mem_len, aux_start, aux_len;
2541  int rc = -1;
2542  int i;
2543  dma_addr_t busaddroff;
2544  unsigned char *vpackoff;
2545  unsigned char __iomem *pciaddroff;
2546 
2547  mem_start = pci_resource_start(pci, 1);
2548  mem_len = pci_resource_len(pci, 1);
2549  aux_start = pci_resource_start(pci, 2);
2550  aux_len = AUXMEMSIZE;
2551 
2552  if (!request_mem_region(mem_start, mem_len, DRV_NAME)) {
2553  airo_print_err("", "Couldn't get region %x[%x]",
2554  (int)mem_start, (int)mem_len);
2555  goto out;
2556  }
2557  if (!request_mem_region(aux_start, aux_len, DRV_NAME)) {
2558  airo_print_err("", "Couldn't get region %x[%x]",
2559  (int)aux_start, (int)aux_len);
2560  goto free_region1;
2561  }
2562 
2563  ai->pcimem = ioremap(mem_start, mem_len);
2564  if (!ai->pcimem) {
2565  airo_print_err("", "Couldn't map region %x[%x]",
2566  (int)mem_start, (int)mem_len);
2567  goto free_region2;
2568  }
2569  ai->pciaux = ioremap(aux_start, aux_len);
2570  if (!ai->pciaux) {
2571  airo_print_err("", "Couldn't map region %x[%x]",
2572  (int)aux_start, (int)aux_len);
2573  goto free_memmap;
2574  }
2575 
2576  /* Reserve PKTSIZE for each fid and 2K for the Rids */
2578  if (!ai->shared) {
2579  airo_print_err("", "Couldn't alloc_consistent %d",
2580  PCI_SHARED_LEN);
2581  goto free_auxmap;
2582  }
2583 
2584  /*
2585  * Setup descriptor RX, TX, CONFIG
2586  */
2587  busaddroff = ai->shared_dma;
2588  pciaddroff = ai->pciaux + AUX_OFFSET;
2589  vpackoff = ai->shared;
2590 
2591  /* RX descriptor setup */
2592  for(i = 0; i < MPI_MAX_FIDS; i++) {
2593  ai->rxfids[i].pending = 0;
2594  ai->rxfids[i].card_ram_off = pciaddroff;
2595  ai->rxfids[i].virtual_host_addr = vpackoff;
2596  ai->rxfids[i].rx_desc.host_addr = busaddroff;
2597  ai->rxfids[i].rx_desc.valid = 1;
2598  ai->rxfids[i].rx_desc.len = PKTSIZE;
2599  ai->rxfids[i].rx_desc.rdy = 0;
2600 
2601  pciaddroff += sizeof(RxFid);
2602  busaddroff += PKTSIZE;
2603  vpackoff += PKTSIZE;
2604  }
2605 
2606  /* TX descriptor setup */
2607  for(i = 0; i < MPI_MAX_FIDS; i++) {
2608  ai->txfids[i].card_ram_off = pciaddroff;
2609  ai->txfids[i].virtual_host_addr = vpackoff;
2610  ai->txfids[i].tx_desc.valid = 1;
2611  ai->txfids[i].tx_desc.host_addr = busaddroff;
2613  &wifictlhdr8023, sizeof(wifictlhdr8023));
2614 
2615  pciaddroff += sizeof(TxFid);
2616  busaddroff += PKTSIZE;
2617  vpackoff += PKTSIZE;
2618  }
2619  ai->txfids[i-1].tx_desc.eoc = 1; /* Last descriptor has EOC set */
2620 
2621  /* Rid descriptor setup */
2622  ai->config_desc.card_ram_off = pciaddroff;
2623  ai->config_desc.virtual_host_addr = vpackoff;
2624  ai->config_desc.rid_desc.host_addr = busaddroff;
2625  ai->ridbus = busaddroff;
2626  ai->config_desc.rid_desc.rid = 0;
2628  ai->config_desc.rid_desc.valid = 1;
2629  pciaddroff += sizeof(Rid);
2630  busaddroff += RIDSIZE;
2631  vpackoff += RIDSIZE;
2632 
2633  /* Tell card about descriptors */
2634  if (mpi_init_descriptors (ai) != SUCCESS)
2635  goto free_shared;
2636 
2637  return 0;
2638  free_shared:
2640  free_auxmap:
2641  iounmap(ai->pciaux);
2642  free_memmap:
2643  iounmap(ai->pcimem);
2644  free_region2:
2645  release_mem_region(aux_start, aux_len);
2646  free_region1:
2647  release_mem_region(mem_start, mem_len);
2648  out:
2649  return rc;
2650 }
2651 
2652 static const struct header_ops airo_header_ops = {
2653  .parse = wll_header_parse,
2654 };
2655 
2656 static const struct net_device_ops airo11_netdev_ops = {
2657  .ndo_open = airo_open,
2658  .ndo_stop = airo_close,
2659  .ndo_start_xmit = airo_start_xmit11,
2660  .ndo_get_stats = airo_get_stats,
2661  .ndo_set_mac_address = airo_set_mac_address,
2662  .ndo_do_ioctl = airo_ioctl,
2663  .ndo_change_mtu = airo_change_mtu,
2664 };
2665 
2666 static void wifi_setup(struct net_device *dev)
2667 {
2668  dev->netdev_ops = &airo11_netdev_ops;
2669  dev->header_ops = &airo_header_ops;
2670  dev->wireless_handlers = &airo_handler_def;
2671 
2672  dev->type = ARPHRD_IEEE80211;
2673  dev->hard_header_len = ETH_HLEN;
2674  dev->mtu = AIRO_DEF_MTU;
2675  dev->addr_len = ETH_ALEN;
2676  dev->tx_queue_len = 100;
2677 
2678  memset(dev->broadcast,0xFF, ETH_ALEN);
2679 
2681 }
2682 
2683 static struct net_device *init_wifidev(struct airo_info *ai,
2684  struct net_device *ethdev)
2685 {
2686  int err;
2687  struct net_device *dev = alloc_netdev(0, "wifi%d", wifi_setup);
2688  if (!dev)
2689  return NULL;
2690  dev->ml_priv = ethdev->ml_priv;
2691  dev->irq = ethdev->irq;
2692  dev->base_addr = ethdev->base_addr;
2693  dev->wireless_data = ethdev->wireless_data;
2694  SET_NETDEV_DEV(dev, ethdev->dev.parent);
2695  memcpy(dev->dev_addr, ethdev->dev_addr, dev->addr_len);
2696  err = register_netdev(dev);
2697  if (err<0) {
2698  free_netdev(dev);
2699  return NULL;
2700  }
2701  return dev;
2702 }
2703 
2704 static int reset_card( struct net_device *dev , int lock) {
2705  struct airo_info *ai = dev->ml_priv;
2706 
2707  if (lock && down_interruptible(&ai->sem))
2708  return -1;
2709  waitbusy (ai);
2710  OUT4500(ai,COMMAND,CMD_SOFTRESET);
2711  msleep(200);
2712  waitbusy (ai);
2713  msleep(200);
2714  if (lock)
2715  up(&ai->sem);
2716  return 0;
2717 }
2718 
2719 #define AIRO_MAX_NETWORK_COUNT 64
2720 static int airo_networks_allocate(struct airo_info *ai)
2721 {
2722  if (ai->networks)
2723  return 0;
2724 
2725  ai->networks = kcalloc(AIRO_MAX_NETWORK_COUNT, sizeof(BSSListElement),
2726  GFP_KERNEL);
2727  if (!ai->networks) {
2728  airo_print_warn("", "Out of memory allocating beacons");
2729  return -ENOMEM;
2730  }
2731 
2732  return 0;
2733 }
2734 
2735 static void airo_networks_free(struct airo_info *ai)
2736 {
2737  kfree(ai->networks);
2738  ai->networks = NULL;
2739 }
2740 
2741 static void airo_networks_initialize(struct airo_info *ai)
2742 {
2743  int i;
2744 
2745  INIT_LIST_HEAD(&ai->network_free_list);
2746  INIT_LIST_HEAD(&ai->network_list);
2747  for (i = 0; i < AIRO_MAX_NETWORK_COUNT; i++)
2748  list_add_tail(&ai->networks[i].list,
2749  &ai->network_free_list);
2750 }
2751 
2752 static const struct net_device_ops airo_netdev_ops = {
2753  .ndo_open = airo_open,
2754  .ndo_stop = airo_close,
2755  .ndo_start_xmit = airo_start_xmit,
2756  .ndo_get_stats = airo_get_stats,
2757  .ndo_set_rx_mode = airo_set_multicast_list,
2758  .ndo_set_mac_address = airo_set_mac_address,
2759  .ndo_do_ioctl = airo_ioctl,
2760  .ndo_change_mtu = airo_change_mtu,
2761  .ndo_validate_addr = eth_validate_addr,
2762 };
2763 
2764 static const struct net_device_ops mpi_netdev_ops = {
2765  .ndo_open = airo_open,
2766  .ndo_stop = airo_close,
2767  .ndo_start_xmit = mpi_start_xmit,
2768  .ndo_get_stats = airo_get_stats,
2769  .ndo_set_rx_mode = airo_set_multicast_list,
2770  .ndo_set_mac_address = airo_set_mac_address,
2771  .ndo_do_ioctl = airo_ioctl,
2772  .ndo_change_mtu = airo_change_mtu,
2773  .ndo_validate_addr = eth_validate_addr,
2774 };
2775 
2776 
2777 static struct net_device *_init_airo_card( unsigned short irq, int port,
2778  int is_pcmcia, struct pci_dev *pci,
2779  struct device *dmdev )
2780 {
2781  struct net_device *dev;
2782  struct airo_info *ai;
2783  int i, rc;
2784  CapabilityRid cap_rid;
2785 
2786  /* Create the network device object. */
2787  dev = alloc_netdev(sizeof(*ai), "", ether_setup);
2788  if (!dev) {
2789  airo_print_err("", "Couldn't alloc_etherdev");
2790  return NULL;
2791  }
2792 
2793  ai = dev->ml_priv = netdev_priv(dev);
2794  ai->wifidev = NULL;
2795  ai->flags = 1 << FLAG_RADIO_DOWN;
2796  ai->jobs = 0;
2797  ai->dev = dev;
2798  if (pci && (pci->device == 0x5000 || pci->device == 0xa504)) {
2799  airo_print_dbg("", "Found an MPI350 card");
2800  set_bit(FLAG_MPI, &ai->flags);
2801  }
2802  spin_lock_init(&ai->aux_lock);
2803  sema_init(&ai->sem, 1);
2804  ai->config.len = 0;
2805  ai->pci = pci;
2807  ai->tfm = NULL;
2808  add_airo_dev(ai);
2809 
2810  if (airo_networks_allocate (ai))
2811  goto err_out_free;
2812  airo_networks_initialize (ai);
2813 
2814  skb_queue_head_init (&ai->txq);
2815 
2816  /* The Airo-specific entries in the device structure. */
2817  if (test_bit(FLAG_MPI,&ai->flags))
2818  dev->netdev_ops = &mpi_netdev_ops;
2819  else
2820  dev->netdev_ops = &airo_netdev_ops;
2821  dev->wireless_handlers = &airo_handler_def;
2822  ai->wireless_data.spy_data = &ai->spy_data;
2823  dev->wireless_data = &ai->wireless_data;
2824  dev->irq = irq;
2825  dev->base_addr = port;
2826  dev->priv_flags &= ~IFF_TX_SKB_SHARING;
2827 
2828  SET_NETDEV_DEV(dev, dmdev);
2829 
2830  reset_card (dev, 1);
2831  msleep(400);
2832 
2833  if (!is_pcmcia) {
2834  if (!request_region(dev->base_addr, 64, DRV_NAME)) {
2835  rc = -EBUSY;
2836  airo_print_err(dev->name, "Couldn't request region");
2837  goto err_out_nets;
2838  }
2839  }
2840 
2841  if (test_bit(FLAG_MPI,&ai->flags)) {
2842  if (mpi_map_card(ai, pci)) {
2843  airo_print_err("", "Could not map memory");
2844  goto err_out_res;
2845  }
2846  }
2847 
2848  if (probe) {
2849  if (setup_card(ai, dev->dev_addr, 1) != SUCCESS) {
2850  airo_print_err(dev->name, "MAC could not be enabled" );
2851  rc = -EIO;
2852  goto err_out_map;
2853  }
2854  } else if (!test_bit(FLAG_MPI,&ai->flags)) {
2855  ai->bap_read = fast_bap_read;
2856  set_bit(FLAG_FLASHING, &ai->flags);
2857  }
2858 
2859  strcpy(dev->name, "eth%d");
2860  rc = register_netdev(dev);
2861  if (rc) {
2862  airo_print_err(dev->name, "Couldn't register_netdev");
2863  goto err_out_map;
2864  }
2865  ai->wifidev = init_wifidev(ai, dev);
2866  if (!ai->wifidev)
2867  goto err_out_reg;
2868 
2869  rc = readCapabilityRid(ai, &cap_rid, 1);
2870  if (rc != SUCCESS) {
2871  rc = -EIO;
2872  goto err_out_wifi;
2873  }
2874  /* WEP capability discovery */
2875  ai->wep_capable = (cap_rid.softCap & cpu_to_le16(0x02)) ? 1 : 0;
2876  ai->max_wep_idx = (cap_rid.softCap & cpu_to_le16(0x80)) ? 3 : 0;
2877 
2878  airo_print_info(dev->name, "Firmware version %x.%x.%02d",
2879  ((le16_to_cpu(cap_rid.softVer) >> 8) & 0xF),
2880  (le16_to_cpu(cap_rid.softVer) & 0xFF),
2881  le16_to_cpu(cap_rid.softSubVer));
2882 
2883  /* Test for WPA support */
2884  /* Only firmware versions 5.30.17 or better can do WPA */
2885  if (le16_to_cpu(cap_rid.softVer) > 0x530
2886  || (le16_to_cpu(cap_rid.softVer) == 0x530
2887  && le16_to_cpu(cap_rid.softSubVer) >= 17)) {
2888  airo_print_info(ai->dev->name, "WPA supported.");
2889 
2893  ai->bssListRidLen = sizeof(BSSListRid);
2894  } else {
2895  airo_print_info(ai->dev->name, "WPA unsupported with firmware "
2896  "versions older than 5.30.17.");
2897 
2900  ai->bssListRidLen = sizeof(BSSListRid) - sizeof(BSSListRidExtra);
2901  }
2902 
2904  airo_print_info(dev->name, "MAC enabled %pM", dev->dev_addr);
2905 
2906  /* Allocate the transmit buffers */
2907  if (probe && !test_bit(FLAG_MPI,&ai->flags))
2908  for( i = 0; i < MAX_FIDS; i++ )
2909  ai->fids[i] = transmit_allocate(ai,AIRO_DEF_MTU,i>=MAX_FIDS/2);
2910 
2911  if (setup_proc_entry(dev, dev->ml_priv) < 0)
2912  goto err_out_wifi;
2913 
2914  return dev;
2915 
2916 err_out_wifi:
2918  free_netdev(ai->wifidev);
2919 err_out_reg:
2920  unregister_netdev(dev);
2921 err_out_map:
2922  if (test_bit(FLAG_MPI,&ai->flags) && pci) {
2924  iounmap(ai->pciaux);
2925  iounmap(ai->pcimem);
2926  mpi_unmap_card(ai->pci);
2927  }
2928 err_out_res:
2929  if (!is_pcmcia)
2930  release_region( dev->base_addr, 64 );
2931 err_out_nets:
2932  airo_networks_free(ai);
2933 err_out_free:
2934  del_airo_dev(ai);
2935  free_netdev(dev);
2936  return NULL;
2937 }
2938 
2939 struct net_device *init_airo_card( unsigned short irq, int port, int is_pcmcia,
2940  struct device *dmdev)
2941 {
2942  return _init_airo_card ( irq, port, is_pcmcia, NULL, dmdev);
2943 }
2944 
2946 
2947 static int waitbusy (struct airo_info *ai) {
2948  int delay = 0;
2949  while ((IN4500(ai, COMMAND) & COMMAND_BUSY) && (delay < 10000)) {
2950  udelay (10);
2951  if ((++delay % 20) == 0)
2952  OUT4500(ai, EVACK, EV_CLEARCOMMANDBUSY);
2953  }
2954  return delay < 10000;
2955 }
2956 
2957 int reset_airo_card( struct net_device *dev )
2958 {
2959  int i;
2960  struct airo_info *ai = dev->ml_priv;
2961 
2962  if (reset_card (dev, 1))
2963  return -1;
2964 
2965  if ( setup_card(ai, dev->dev_addr, 1 ) != SUCCESS ) {
2966  airo_print_err(dev->name, "MAC could not be enabled");
2967  return -1;
2968  }
2969  airo_print_info(dev->name, "MAC enabled %pM", dev->dev_addr);
2970  /* Allocate the transmit buffers if needed */
2971  if (!test_bit(FLAG_MPI,&ai->flags))
2972  for( i = 0; i < MAX_FIDS; i++ )
2973  ai->fids[i] = transmit_allocate (ai,AIRO_DEF_MTU,i>=MAX_FIDS/2);
2974 
2975  enable_interrupts( ai );
2976  netif_wake_queue(dev);
2977  return 0;
2978 }
2979 
2981 
2982 static void airo_send_event(struct net_device *dev) {
2983  struct airo_info *ai = dev->ml_priv;
2984  union iwreq_data wrqu;
2985  StatusRid status_rid;
2986 
2987  clear_bit(JOB_EVENT, &ai->jobs);
2988  PC4500_readrid(ai, RID_STATUS, &status_rid, sizeof(status_rid), 0);
2989  up(&ai->sem);
2990  wrqu.data.length = 0;
2991  wrqu.data.flags = 0;
2992  memcpy(wrqu.ap_addr.sa_data, status_rid.bssid[0], ETH_ALEN);
2993  wrqu.ap_addr.sa_family = ARPHRD_ETHER;
2994 
2995  /* Send event to user space */
2996  wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
2997 }
2998 
2999 static void airo_process_scan_results (struct airo_info *ai) {
3000  union iwreq_data wrqu;
3001  BSSListRid bss;
3002  int rc;
3003  BSSListElement * loop_net;
3004  BSSListElement * tmp_net;
3005 
3006  /* Blow away current list of scan results */
3007  list_for_each_entry_safe (loop_net, tmp_net, &ai->network_list, list) {
3008  list_move_tail (&loop_net->list, &ai->network_free_list);
3009  /* Don't blow away ->list, just BSS data */
3010  memset (loop_net, 0, sizeof (loop_net->bss));
3011  }
3012 
3013  /* Try to read the first entry of the scan result */
3014  rc = PC4500_readrid(ai, ai->bssListFirst, &bss, ai->bssListRidLen, 0);
3015  if((rc) || (bss.index == cpu_to_le16(0xffff))) {
3016  /* No scan results */
3017  goto out;
3018  }
3019 
3020  /* Read and parse all entries */
3021  tmp_net = NULL;
3022  while((!rc) && (bss.index != cpu_to_le16(0xffff))) {
3023  /* Grab a network off the free list */
3024  if (!list_empty(&ai->network_free_list)) {
3025  tmp_net = list_entry(ai->network_free_list.next,
3026  BSSListElement, list);
3027  list_del(ai->network_free_list.next);
3028  }
3029 
3030  if (tmp_net != NULL) {
3031  memcpy(tmp_net, &bss, sizeof(tmp_net->bss));
3032  list_add_tail(&tmp_net->list, &ai->network_list);
3033  tmp_net = NULL;
3034  }
3035 
3036  /* Read next entry */
3037  rc = PC4500_readrid(ai, ai->bssListNext,
3038  &bss, ai->bssListRidLen, 0);
3039  }
3040 
3041 out:
3042  ai->scan_timeout = 0;
3044  up(&ai->sem);
3045 
3046  /* Send an empty event to user space.
3047  * We don't send the received data on
3048  * the event because it would require
3049  * us to do complex transcoding, and
3050  * we want to minimise the work done in
3051  * the irq handler. Use a request to
3052  * extract the data - Jean II */
3053  wrqu.data.length = 0;
3054  wrqu.data.flags = 0;
3055  wireless_send_event(ai->dev, SIOCGIWSCAN, &wrqu, NULL);
3056 }
3057 
3058 static int airo_thread(void *data) {
3059  struct net_device *dev = data;
3060  struct airo_info *ai = dev->ml_priv;
3061  int locked;
3062 
3063  set_freezable();
3064  while(1) {
3065  /* make swsusp happy with our thread */
3066  try_to_freeze();
3067 
3068  if (test_bit(JOB_DIE, &ai->jobs))
3069  break;
3070 
3071  if (ai->jobs) {
3072  locked = down_interruptible(&ai->sem);
3073  } else {
3075 
3076  init_waitqueue_entry(&wait, current);
3077  add_wait_queue(&ai->thr_wait, &wait);
3078  for (;;) {
3080  if (ai->jobs)
3081  break;
3082  if (ai->expires || ai->scan_timeout) {
3083  if (ai->scan_timeout &&
3084  time_after_eq(jiffies,ai->scan_timeout)){
3085  set_bit(JOB_SCAN_RESULTS, &ai->jobs);
3086  break;
3087  } else if (ai->expires &&
3088  time_after_eq(jiffies,ai->expires)){
3089  set_bit(JOB_AUTOWEP, &ai->jobs);
3090  break;
3091  }
3092  if (!kthread_should_stop() &&
3093  !freezing(current)) {
3094  unsigned long wake_at;
3095  if (!ai->expires || !ai->scan_timeout) {
3096  wake_at = max(ai->expires,
3097  ai->scan_timeout);
3098  } else {
3099  wake_at = min(ai->expires,
3100  ai->scan_timeout);
3101  }
3102  schedule_timeout(wake_at - jiffies);
3103  continue;
3104  }
3105  } else if (!kthread_should_stop() &&
3106  !freezing(current)) {
3107  schedule();
3108  continue;
3109  }
3110  break;
3111  }
3112  current->state = TASK_RUNNING;
3113  remove_wait_queue(&ai->thr_wait, &wait);
3114  locked = 1;
3115  }
3116 
3117  if (locked)
3118  continue;
3119 
3120  if (test_bit(JOB_DIE, &ai->jobs)) {
3121  up(&ai->sem);
3122  break;
3123  }
3124 
3125  if (ai->power.event || test_bit(FLAG_FLASHING, &ai->flags)) {
3126  up(&ai->sem);
3127  continue;
3128  }
3129 
3130  if (test_bit(JOB_XMIT, &ai->jobs))
3131  airo_end_xmit(dev);
3132  else if (test_bit(JOB_XMIT11, &ai->jobs))
3133  airo_end_xmit11(dev);
3134  else if (test_bit(JOB_STATS, &ai->jobs))
3135  airo_read_stats(dev);
3136  else if (test_bit(JOB_WSTATS, &ai->jobs))
3137  airo_read_wireless_stats(ai);
3138  else if (test_bit(JOB_PROMISC, &ai->jobs))
3139  airo_set_promisc(ai);
3140  else if (test_bit(JOB_MIC, &ai->jobs))
3141  micinit(ai);
3142  else if (test_bit(JOB_EVENT, &ai->jobs))
3143  airo_send_event(dev);
3144  else if (test_bit(JOB_AUTOWEP, &ai->jobs))
3145  timer_func(dev);
3146  else if (test_bit(JOB_SCAN_RESULTS, &ai->jobs))
3147  airo_process_scan_results(ai);
3148  else /* Shouldn't get here, but we make sure to unlock */
3149  up(&ai->sem);
3150  }
3151 
3152  return 0;
3153 }
3154 
3155 static int header_len(__le16 ctl)
3156 {
3157  u16 fc = le16_to_cpu(ctl);
3158  switch (fc & 0xc) {
3159  case 4:
3160  if ((fc & 0xe0) == 0xc0)
3161  return 10; /* one-address control packet */
3162  return 16; /* two-address control packet */
3163  case 8:
3164  if ((fc & 0x300) == 0x300)
3165  return 30; /* WDS packet */
3166  }
3167  return 24;
3168 }
3169 
3170 static void airo_handle_cisco_mic(struct airo_info *ai)
3171 {
3172  if (test_bit(FLAG_MIC_CAPABLE, &ai->flags)) {
3173  set_bit(JOB_MIC, &ai->jobs);
3175  }
3176 }
3177 
3178 /* Airo Status codes */
3179 #define STAT_NOBEACON 0x8000 /* Loss of sync - missed beacons */
3180 #define STAT_MAXRETRIES 0x8001 /* Loss of sync - max retries */
3181 #define STAT_MAXARL 0x8002 /* Loss of sync - average retry level exceeded*/
3182 #define STAT_FORCELOSS 0x8003 /* Loss of sync - host request */
3183 #define STAT_TSFSYNC 0x8004 /* Loss of sync - TSF synchronization */
3184 #define STAT_DEAUTH 0x8100 /* low byte is 802.11 reason code */
3185 #define STAT_DISASSOC 0x8200 /* low byte is 802.11 reason code */
3186 #define STAT_ASSOC_FAIL 0x8400 /* low byte is 802.11 reason code */
3187 #define STAT_AUTH_FAIL 0x0300 /* low byte is 802.11 reason code */
3188 #define STAT_ASSOC 0x0400 /* Associated */
3189 #define STAT_REASSOC 0x0600 /* Reassociated? Only on firmware >= 5.30.17 */
3190 
3191 static void airo_print_status(const char *devname, u16 status)
3192 {
3193  u8 reason = status & 0xFF;
3194 
3195  switch (status & 0xFF00) {
3196  case STAT_NOBEACON:
3197  switch (status) {
3198  case STAT_NOBEACON:
3199  airo_print_dbg(devname, "link lost (missed beacons)");
3200  break;
3201  case STAT_MAXRETRIES:
3202  case STAT_MAXARL:
3203  airo_print_dbg(devname, "link lost (max retries)");
3204  break;
3205  case STAT_FORCELOSS:
3206  airo_print_dbg(devname, "link lost (local choice)");
3207  break;
3208  case STAT_TSFSYNC:
3209  airo_print_dbg(devname, "link lost (TSF sync lost)");
3210  break;
3211  default:
3212  airo_print_dbg(devname, "unknow status %x\n", status);
3213  break;
3214  }
3215  break;
3216  case STAT_DEAUTH:
3217  airo_print_dbg(devname, "deauthenticated (reason: %d)", reason);
3218  break;
3219  case STAT_DISASSOC:
3220  airo_print_dbg(devname, "disassociated (reason: %d)", reason);
3221  break;
3222  case STAT_ASSOC_FAIL:
3223  airo_print_dbg(devname, "association failed (reason: %d)",
3224  reason);
3225  break;
3226  case STAT_AUTH_FAIL:
3227  airo_print_dbg(devname, "authentication failed (reason: %d)",
3228  reason);
3229  break;
3230  case STAT_ASSOC:
3231  case STAT_REASSOC:
3232  break;
3233  default:
3234  airo_print_dbg(devname, "unknow status %x\n", status);
3235  break;
3236  }
3237 }
3238 
3239 static void airo_handle_link(struct airo_info *ai)
3240 {
3241  union iwreq_data wrqu;
3242  int scan_forceloss = 0;
3243  u16 status;
3244 
3245  /* Get new status and acknowledge the link change */
3246  status = le16_to_cpu(IN4500(ai, LINKSTAT));
3247  OUT4500(ai, EVACK, EV_LINK);
3248 
3249  if ((status == STAT_FORCELOSS) && (ai->scan_timeout > 0))
3250  scan_forceloss = 1;
3251 
3252  airo_print_status(ai->dev->name, status);
3253 
3254  if ((status == STAT_ASSOC) || (status == STAT_REASSOC)) {
3255  if (auto_wep)
3256  ai->expires = 0;
3257  if (ai->list_bss_task)
3259  set_bit(FLAG_UPDATE_UNI, &ai->flags);
3261 
3262  if (down_trylock(&ai->sem) != 0) {
3263  set_bit(JOB_EVENT, &ai->jobs);
3265  } else
3266  airo_send_event(ai->dev);
3267  } else if (!scan_forceloss) {
3268  if (auto_wep && !ai->expires) {
3269  ai->expires = RUN_AT(3*HZ);
3271  }
3272 
3273  /* Send event to user space */
3274  memset(wrqu.ap_addr.sa_data, '\0', ETH_ALEN);
3275  wrqu.ap_addr.sa_family = ARPHRD_ETHER;
3276  wireless_send_event(ai->dev, SIOCGIWAP, &wrqu, NULL);
3277  }
3278 }
3279 
3280 static void airo_handle_rx(struct airo_info *ai)
3281 {
3282  struct sk_buff *skb = NULL;
3283  __le16 fc, v, *buffer, tmpbuf[4];
3284  u16 len, hdrlen = 0, gap, fid;
3285  struct rx_hdr hdr;
3286  int success = 0;
3287 
3288  if (test_bit(FLAG_MPI, &ai->flags)) {
3289  if (test_bit(FLAG_802_11, &ai->flags))
3290  mpi_receive_802_11(ai);
3291  else
3292  mpi_receive_802_3(ai);
3293  OUT4500(ai, EVACK, EV_RX);
3294  return;
3295  }
3296 
3297  fid = IN4500(ai, RXFID);
3298 
3299  /* Get the packet length */
3300  if (test_bit(FLAG_802_11, &ai->flags)) {
3301  bap_setup (ai, fid, 4, BAP0);
3302  bap_read (ai, (__le16*)&hdr, sizeof(hdr), BAP0);
3303  /* Bad CRC. Ignore packet */
3304  if (le16_to_cpu(hdr.status) & 2)
3305  hdr.len = 0;
3306  if (ai->wifidev == NULL)
3307  hdr.len = 0;
3308  } else {
3309  bap_setup(ai, fid, 0x36, BAP0);
3310  bap_read(ai, &hdr.len, 2, BAP0);
3311  }
3312  len = le16_to_cpu(hdr.len);
3313 
3314  if (len > AIRO_DEF_MTU) {
3315  airo_print_err(ai->dev->name, "Bad size %d", len);
3316  goto done;
3317  }
3318  if (len == 0)
3319  goto done;
3320 
3321  if (test_bit(FLAG_802_11, &ai->flags)) {
3322  bap_read(ai, &fc, sizeof (fc), BAP0);
3323  hdrlen = header_len(fc);
3324  } else
3325  hdrlen = ETH_ALEN * 2;
3326 
3327  skb = dev_alloc_skb(len + hdrlen + 2 + 2);
3328  if (!skb) {
3329  ai->dev->stats.rx_dropped++;
3330  goto done;
3331  }
3332 
3333  skb_reserve(skb, 2); /* This way the IP header is aligned */
3334  buffer = (__le16 *) skb_put(skb, len + hdrlen);
3335  if (test_bit(FLAG_802_11, &ai->flags)) {
3336  buffer[0] = fc;
3337  bap_read(ai, buffer + 1, hdrlen - 2, BAP0);
3338  if (hdrlen == 24)
3339  bap_read(ai, tmpbuf, 6, BAP0);
3340 
3341  bap_read(ai, &v, sizeof(v), BAP0);
3342  gap = le16_to_cpu(v);
3343  if (gap) {
3344  if (gap <= 8) {
3345  bap_read(ai, tmpbuf, gap, BAP0);
3346  } else {
3347  airo_print_err(ai->dev->name, "gaplen too "
3348  "big. Problems will follow...");
3349  }
3350  }
3351  bap_read(ai, buffer + hdrlen/2, len, BAP0);
3352  } else {
3353  MICBuffer micbuf;
3354 
3355  bap_read(ai, buffer, ETH_ALEN * 2, BAP0);
3356  if (ai->micstats.enabled) {
3357  bap_read(ai, (__le16 *) &micbuf, sizeof (micbuf), BAP0);
3358  if (ntohs(micbuf.typelen) > 0x05DC)
3359  bap_setup(ai, fid, 0x44, BAP0);
3360  else {
3361  if (len <= sizeof (micbuf)) {
3362  dev_kfree_skb_irq(skb);
3363  goto done;
3364  }
3365 
3366  len -= sizeof(micbuf);
3367  skb_trim(skb, len + hdrlen);
3368  }
3369  }
3370 
3371  bap_read(ai, buffer + ETH_ALEN, len, BAP0);
3372  if (decapsulate(ai, &micbuf, (etherHead*) buffer, len))
3373  dev_kfree_skb_irq (skb);
3374  else
3375  success = 1;
3376  }
3377 
3378 #ifdef WIRELESS_SPY
3379  if (success && (ai->spy_data.spy_number > 0)) {
3380  char *sa;
3381  struct iw_quality wstats;
3382 
3383  /* Prepare spy data : addr + qual */
3384  if (!test_bit(FLAG_802_11, &ai->flags)) {
3385  sa = (char *) buffer + 6;
3386  bap_setup(ai, fid, 8, BAP0);
3387  bap_read(ai, (__le16 *) hdr.rssi, 2, BAP0);
3388  } else
3389  sa = (char *) buffer + 10;
3390  wstats.qual = hdr.rssi[0];
3391  if (ai->rssi)
3392  wstats.level = 0x100 - ai->rssi[hdr.rssi[1]].rssidBm;
3393  else
3394  wstats.level = (hdr.rssi[1] + 321) / 2;
3395  wstats.noise = ai->wstats.qual.noise;
3396  wstats.updated = IW_QUAL_LEVEL_UPDATED
3398  | IW_QUAL_DBM;
3399  /* Update spy records */
3400  wireless_spy_update(ai->dev, sa, &wstats);
3401  }
3402 #endif /* WIRELESS_SPY */
3403 
3404 done:
3405  OUT4500(ai, EVACK, EV_RX);
3406 
3407  if (success) {
3408  if (test_bit(FLAG_802_11, &ai->flags)) {
3409  skb_reset_mac_header(skb);
3410  skb->pkt_type = PACKET_OTHERHOST;
3411  skb->dev = ai->wifidev;
3412  skb->protocol = htons(ETH_P_802_2);
3413  } else
3414  skb->protocol = eth_type_trans(skb, ai->dev);
3415  skb->ip_summed = CHECKSUM_NONE;
3416 
3417  netif_rx(skb);
3418  }
3419 }
3420 
3421 static void airo_handle_tx(struct airo_info *ai, u16 status)
3422 {
3423  int i, len = 0, index = -1;
3424  u16 fid;
3425 
3426  if (test_bit(FLAG_MPI, &ai->flags)) {
3427  unsigned long flags;
3428 
3429  if (status & EV_TXEXC)
3430  get_tx_error(ai, -1);
3431 
3432  spin_lock_irqsave(&ai->aux_lock, flags);
3433  if (!skb_queue_empty(&ai->txq)) {
3434  spin_unlock_irqrestore(&ai->aux_lock,flags);
3435  mpi_send_packet(ai->dev);
3436  } else {
3438  spin_unlock_irqrestore(&ai->aux_lock,flags);
3439  netif_wake_queue(ai->dev);
3440  }
3441  OUT4500(ai, EVACK, status & (EV_TX | EV_TXCPY | EV_TXEXC));
3442  return;
3443  }
3444 
3445  fid = IN4500(ai, TXCOMPLFID);
3446 
3447  for(i = 0; i < MAX_FIDS; i++) {
3448  if ((ai->fids[i] & 0xffff) == fid) {
3449  len = ai->fids[i] >> 16;
3450  index = i;
3451  }
3452  }
3453 
3454  if (index != -1) {
3455  if (status & EV_TXEXC)
3456  get_tx_error(ai, index);
3457 
3458  OUT4500(ai, EVACK, status & (EV_TX | EV_TXEXC));
3459 
3460  /* Set up to be used again */
3461  ai->fids[index] &= 0xffff;
3462  if (index < MAX_FIDS / 2) {
3463  if (!test_bit(FLAG_PENDING_XMIT, &ai->flags))
3464  netif_wake_queue(ai->dev);
3465  } else {
3466  if (!test_bit(FLAG_PENDING_XMIT11, &ai->flags))
3467  netif_wake_queue(ai->wifidev);
3468  }
3469  } else {
3470  OUT4500(ai, EVACK, status & (EV_TX | EV_TXCPY | EV_TXEXC));
3471  airo_print_err(ai->dev->name, "Unallocated FID was used to xmit");
3472  }
3473 }
3474 
3475 static irqreturn_t airo_interrupt(int irq, void *dev_id)
3476 {
3477  struct net_device *dev = dev_id;
3478  u16 status, savedInterrupts = 0;
3479  struct airo_info *ai = dev->ml_priv;
3480  int handled = 0;
3481 
3482  if (!netif_device_present(dev))
3483  return IRQ_NONE;
3484 
3485  for (;;) {
3486  status = IN4500(ai, EVSTAT);
3487  if (!(status & STATUS_INTS) || (status == 0xffff))
3488  break;
3489 
3490  handled = 1;
3491 
3492  if (status & EV_AWAKE) {
3493  OUT4500(ai, EVACK, EV_AWAKE);
3494  OUT4500(ai, EVACK, EV_AWAKE);
3495  }
3496 
3497  if (!savedInterrupts) {
3498  savedInterrupts = IN4500(ai, EVINTEN);
3499  OUT4500(ai, EVINTEN, 0);
3500  }
3501 
3502  if (status & EV_MIC) {
3503  OUT4500(ai, EVACK, EV_MIC);
3504  airo_handle_cisco_mic(ai);
3505  }
3506 
3507  if (status & EV_LINK) {
3508  /* Link status changed */
3509  airo_handle_link(ai);
3510  }
3511 
3512  /* Check to see if there is something to receive */
3513  if (status & EV_RX)
3514  airo_handle_rx(ai);
3515 
3516  /* Check to see if a packet has been transmitted */
3517  if (status & (EV_TX | EV_TXCPY | EV_TXEXC))
3518  airo_handle_tx(ai, status);
3519 
3520  if ( status & ~STATUS_INTS & ~IGNORE_INTS ) {
3521  airo_print_warn(ai->dev->name, "Got weird status %x",
3522  status & ~STATUS_INTS & ~IGNORE_INTS );
3523  }
3524  }
3525 
3526  if (savedInterrupts)
3527  OUT4500(ai, EVINTEN, savedInterrupts);
3528 
3529  return IRQ_RETVAL(handled);
3530 }
3531 
3532 /*
3533  * Routines to talk to the card
3534  */
3535 
3536 /*
3537  * This was originally written for the 4500, hence the name
3538  * NOTE: If use with 8bit mode and SMP bad things will happen!
3539  * Why would some one do 8 bit IO in an SMP machine?!?
3540  */
3541 static void OUT4500( struct airo_info *ai, u16 reg, u16 val ) {
3542  if (test_bit(FLAG_MPI,&ai->flags))
3543  reg <<= 1;
3544  if ( !do8bitIO )
3545  outw( val, ai->dev->base_addr + reg );
3546  else {
3547  outb( val & 0xff, ai->dev->base_addr + reg );
3548  outb( val >> 8, ai->dev->base_addr + reg + 1 );
3549  }
3550 }
3551 
3552 static u16 IN4500( struct airo_info *ai, u16 reg ) {
3553  unsigned short rc;
3554 
3555  if (test_bit(FLAG_MPI,&ai->flags))
3556  reg <<= 1;
3557  if ( !do8bitIO )
3558  rc = inw( ai->dev->base_addr + reg );
3559  else {
3560  rc = inb( ai->dev->base_addr + reg );
3561  rc += ((int)inb( ai->dev->base_addr + reg + 1 )) << 8;
3562  }
3563  return rc;
3564 }
3565 
3566 static int enable_MAC(struct airo_info *ai, int lock)
3567 {
3568  int rc;
3569  Cmd cmd;
3570  Resp rsp;
3571 
3572  /* FLAG_RADIO_OFF : Radio disabled via /proc or Wireless Extensions
3573  * FLAG_RADIO_DOWN : Radio disabled via "ifconfig ethX down"
3574  * Note : we could try to use !netif_running(dev) in enable_MAC()
3575  * instead of this flag, but I don't trust it *within* the
3576  * open/close functions, and testing both flags together is
3577  * "cheaper" - Jean II */
3578  if (ai->flags & FLAG_RADIO_MASK) return SUCCESS;
3579 
3580  if (lock && down_interruptible(&ai->sem))
3581  return -ERESTARTSYS;
3582 
3583  if (!test_bit(FLAG_ENABLED, &ai->flags)) {
3584  memset(&cmd, 0, sizeof(cmd));
3585  cmd.cmd = MAC_ENABLE;
3586  rc = issuecommand(ai, &cmd, &rsp);
3587  if (rc == SUCCESS)
3588  set_bit(FLAG_ENABLED, &ai->flags);
3589  } else
3590  rc = SUCCESS;
3591 
3592  if (lock)
3593  up(&ai->sem);
3594 
3595  if (rc)
3596  airo_print_err(ai->dev->name, "Cannot enable MAC");
3597  else if ((rsp.status & 0xFF00) != 0) {
3598  airo_print_err(ai->dev->name, "Bad MAC enable reason=%x, "
3599  "rid=%x, offset=%d", rsp.rsp0, rsp.rsp1, rsp.rsp2);
3600  rc = ERROR;
3601  }
3602  return rc;
3603 }
3604 
3605 static void disable_MAC( struct airo_info *ai, int lock ) {
3606  Cmd cmd;
3607  Resp rsp;
3608 
3609  if (lock && down_interruptible(&ai->sem))
3610  return;
3611 
3612  if (test_bit(FLAG_ENABLED, &ai->flags)) {
3613  memset(&cmd, 0, sizeof(cmd));
3614  cmd.cmd = MAC_DISABLE; // disable in case already enabled
3615  issuecommand(ai, &cmd, &rsp);
3616  clear_bit(FLAG_ENABLED, &ai->flags);
3617  }
3618  if (lock)
3619  up(&ai->sem);
3620 }
3621 
3622 static void enable_interrupts( struct airo_info *ai ) {
3623  /* Enable the interrupts */
3624  OUT4500( ai, EVINTEN, STATUS_INTS );
3625 }
3626 
3627 static void disable_interrupts( struct airo_info *ai ) {
3628  OUT4500( ai, EVINTEN, 0 );
3629 }
3630 
3631 static void mpi_receive_802_3(struct airo_info *ai)
3632 {
3633  RxFid rxd;
3634  int len = 0;
3635  struct sk_buff *skb;
3636  char *buffer;
3637  int off = 0;
3638  MICBuffer micbuf;
3639 
3640  memcpy_fromio(&rxd, ai->rxfids[0].card_ram_off, sizeof(rxd));
3641  /* Make sure we got something */
3642  if (rxd.rdy && rxd.valid == 0) {
3643  len = rxd.len + 12;
3644  if (len < 12 || len > 2048)
3645  goto badrx;
3646 
3647  skb = dev_alloc_skb(len);
3648  if (!skb) {
3649  ai->dev->stats.rx_dropped++;
3650  goto badrx;
3651  }
3652  buffer = skb_put(skb,len);
3653  memcpy(buffer, ai->rxfids[0].virtual_host_addr, ETH_ALEN * 2);
3654  if (ai->micstats.enabled) {
3655  memcpy(&micbuf,
3656  ai->rxfids[0].virtual_host_addr + ETH_ALEN * 2,
3657  sizeof(micbuf));
3658  if (ntohs(micbuf.typelen) <= 0x05DC) {
3659  if (len <= sizeof(micbuf) + ETH_ALEN * 2)
3660  goto badmic;
3661 
3662  off = sizeof(micbuf);
3663  skb_trim (skb, len - off);
3664  }
3665  }
3666  memcpy(buffer + ETH_ALEN * 2,
3667  ai->rxfids[0].virtual_host_addr + ETH_ALEN * 2 + off,
3668  len - ETH_ALEN * 2 - off);
3669  if (decapsulate (ai, &micbuf, (etherHead*)buffer, len - off - ETH_ALEN * 2)) {
3670 badmic:
3671  dev_kfree_skb_irq (skb);
3672  goto badrx;
3673  }
3674 #ifdef WIRELESS_SPY
3675  if (ai->spy_data.spy_number > 0) {
3676  char *sa;
3677  struct iw_quality wstats;
3678  /* Prepare spy data : addr + qual */
3679  sa = buffer + ETH_ALEN;
3680  wstats.qual = 0; /* XXX Where do I get that info from ??? */
3681  wstats.level = 0;
3682  wstats.updated = 0;
3683  /* Update spy records */
3684  wireless_spy_update(ai->dev, sa, &wstats);
3685  }
3686 #endif /* WIRELESS_SPY */
3687 
3688  skb->ip_summed = CHECKSUM_NONE;
3689  skb->protocol = eth_type_trans(skb, ai->dev);
3690  netif_rx(skb);
3691  }
3692 badrx:
3693  if (rxd.valid == 0) {
3694  rxd.valid = 1;
3695  rxd.rdy = 0;
3696  rxd.len = PKTSIZE;
3697  memcpy_toio(ai->rxfids[0].card_ram_off, &rxd, sizeof(rxd));
3698  }
3699 }
3700 
3701 static void mpi_receive_802_11(struct airo_info *ai)
3702 {
3703  RxFid rxd;
3704  struct sk_buff *skb = NULL;
3705  u16 len, hdrlen = 0;
3706  __le16 fc;
3707  struct rx_hdr hdr;
3708  u16 gap;
3709  u16 *buffer;
3710  char *ptr = ai->rxfids[0].virtual_host_addr + 4;
3711 
3712  memcpy_fromio(&rxd, ai->rxfids[0].card_ram_off, sizeof(rxd));
3713  memcpy ((char *)&hdr, ptr, sizeof(hdr));
3714  ptr += sizeof(hdr);
3715  /* Bad CRC. Ignore packet */
3716  if (le16_to_cpu(hdr.status) & 2)
3717  hdr.len = 0;
3718  if (ai->wifidev == NULL)
3719  hdr.len = 0;
3720  len = le16_to_cpu(hdr.len);
3721  if (len > AIRO_DEF_MTU) {
3722  airo_print_err(ai->dev->name, "Bad size %d", len);
3723  goto badrx;
3724  }
3725  if (len == 0)
3726  goto badrx;
3727 
3728  fc = get_unaligned((__le16 *)ptr);
3729  hdrlen = header_len(fc);
3730 
3731  skb = dev_alloc_skb( len + hdrlen + 2 );
3732  if ( !skb ) {
3733  ai->dev->stats.rx_dropped++;
3734  goto badrx;
3735  }
3736  buffer = (u16*)skb_put (skb, len + hdrlen);
3737  memcpy ((char *)buffer, ptr, hdrlen);
3738  ptr += hdrlen;
3739  if (hdrlen == 24)
3740  ptr += 6;
3741  gap = get_unaligned_le16(ptr);
3742  ptr += sizeof(__le16);
3743  if (gap) {
3744  if (gap <= 8)
3745  ptr += gap;
3746  else
3747  airo_print_err(ai->dev->name,
3748  "gaplen too big. Problems will follow...");
3749  }
3750  memcpy ((char *)buffer + hdrlen, ptr, len);
3751  ptr += len;
3752 #ifdef IW_WIRELESS_SPY /* defined in iw_handler.h */
3753  if (ai->spy_data.spy_number > 0) {
3754  char *sa;
3755  struct iw_quality wstats;
3756  /* Prepare spy data : addr + qual */
3757  sa = (char*)buffer + 10;
3758  wstats.qual = hdr.rssi[0];
3759  if (ai->rssi)
3760  wstats.level = 0x100 - ai->rssi[hdr.rssi[1]].rssidBm;
3761  else
3762  wstats.level = (hdr.rssi[1] + 321) / 2;
3763  wstats.noise = ai->wstats.qual.noise;
3764  wstats.updated = IW_QUAL_QUAL_UPDATED
3766  | IW_QUAL_DBM;
3767  /* Update spy records */
3768  wireless_spy_update(ai->dev, sa, &wstats);
3769  }
3770 #endif /* IW_WIRELESS_SPY */
3771  skb_reset_mac_header(skb);
3772  skb->pkt_type = PACKET_OTHERHOST;
3773  skb->dev = ai->wifidev;
3774  skb->protocol = htons(ETH_P_802_2);
3775  skb->ip_summed = CHECKSUM_NONE;
3776  netif_rx( skb );
3777 
3778 badrx:
3779  if (rxd.valid == 0) {
3780  rxd.valid = 1;
3781  rxd.rdy = 0;
3782  rxd.len = PKTSIZE;
3783  memcpy_toio(ai->rxfids[0].card_ram_off, &rxd, sizeof(rxd));
3784  }
3785 }
3786 
3787 static u16 setup_card(struct airo_info *ai, u8 *mac, int lock)
3788 {
3789  Cmd cmd;
3790  Resp rsp;
3791  int status;
3792  SsidRid mySsid;
3793  __le16 lastindex;
3794  WepKeyRid wkr;
3795  int rc;
3796 
3797  memset( &mySsid, 0, sizeof( mySsid ) );
3798  kfree (ai->flash);
3799  ai->flash = NULL;
3800 
3801  /* The NOP is the first step in getting the card going */
3802  cmd.cmd = NOP;
3803  cmd.parm0 = cmd.parm1 = cmd.parm2 = 0;
3804  if (lock && down_interruptible(&ai->sem))
3805  return ERROR;
3806  if ( issuecommand( ai, &cmd, &rsp ) != SUCCESS ) {
3807  if (lock)
3808  up(&ai->sem);
3809  return ERROR;
3810  }
3811  disable_MAC( ai, 0);
3812 
3813  // Let's figure out if we need to use the AUX port
3814  if (!test_bit(FLAG_MPI,&ai->flags)) {
3815  cmd.cmd = CMD_ENABLEAUX;
3816  if (issuecommand(ai, &cmd, &rsp) != SUCCESS) {
3817  if (lock)
3818  up(&ai->sem);
3819  airo_print_err(ai->dev->name, "Error checking for AUX port");
3820  return ERROR;
3821  }
3822  if (!aux_bap || rsp.status & 0xff00) {
3823  ai->bap_read = fast_bap_read;
3824  airo_print_dbg(ai->dev->name, "Doing fast bap_reads");
3825  } else {
3826  ai->bap_read = aux_bap_read;
3827  airo_print_dbg(ai->dev->name, "Doing AUX bap_reads");
3828  }
3829  }
3830  if (lock)
3831  up(&ai->sem);
3832  if (ai->config.len == 0) {
3833  int i;
3834  tdsRssiRid rssi_rid;
3835  CapabilityRid cap_rid;
3836 
3837  kfree(ai->APList);
3838  ai->APList = NULL;
3839  kfree(ai->SSID);
3840  ai->SSID = NULL;
3841  // general configuration (read/modify/write)
3842  status = readConfigRid(ai, lock);
3843  if ( status != SUCCESS ) return ERROR;
3844 
3845  status = readCapabilityRid(ai, &cap_rid, lock);
3846  if ( status != SUCCESS ) return ERROR;
3847 
3848  status = PC4500_readrid(ai,RID_RSSI,&rssi_rid,sizeof(rssi_rid),lock);
3849  if ( status == SUCCESS ) {
3850  if (ai->rssi || (ai->rssi = kmalloc(512, GFP_KERNEL)) != NULL)
3851  memcpy(ai->rssi, (u8*)&rssi_rid + 2, 512); /* Skip RID length member */
3852  }
3853  else {
3854  kfree(ai->rssi);
3855  ai->rssi = NULL;
3856  if (cap_rid.softCap & cpu_to_le16(8))
3858  else
3859  airo_print_warn(ai->dev->name, "unknown received signal "
3860  "level scale");
3861  }
3862  ai->config.opmode = adhoc ? MODE_STA_IBSS : MODE_STA_ESS;
3863  ai->config.authType = AUTH_OPEN;
3864  ai->config.modulation = MOD_CCK;
3865 
3866  if (le16_to_cpu(cap_rid.len) >= sizeof(cap_rid) &&
3867  (cap_rid.extSoftCap & cpu_to_le16(1)) &&
3868  micsetup(ai) == SUCCESS) {
3869  ai->config.opmode |= MODE_MIC;
3871  }
3872 
3873  /* Save off the MAC */
3874  for( i = 0; i < ETH_ALEN; i++ ) {
3875  mac[i] = ai->config.macAddr[i];
3876  }
3877 
3878  /* Check to see if there are any insmod configured
3879  rates to add */
3880  if ( rates[0] ) {
3881  memset(ai->config.rates,0,sizeof(ai->config.rates));
3882  for( i = 0; i < 8 && rates[i]; i++ ) {
3883  ai->config.rates[i] = rates[i];
3884  }
3885  }
3886  set_bit (FLAG_COMMIT, &ai->flags);
3887  }
3888 
3889  /* Setup the SSIDs if present */
3890  if ( ssids[0] ) {
3891  int i;
3892  for( i = 0; i < 3 && ssids[i]; i++ ) {
3893  size_t len = strlen(ssids[i]);
3894  if (len > 32)
3895  len = 32;
3896  mySsid.ssids[i].len = cpu_to_le16(len);
3897  memcpy(mySsid.ssids[i].ssid, ssids[i], len);
3898  }
3899  mySsid.len = cpu_to_le16(sizeof(mySsid));
3900  }
3901 
3902  status = writeConfigRid(ai, lock);
3903  if ( status != SUCCESS ) return ERROR;
3904 
3905  /* Set up the SSID list */
3906  if ( ssids[0] ) {
3907  status = writeSsidRid(ai, &mySsid, lock);
3908  if ( status != SUCCESS ) return ERROR;
3909  }
3910 
3911  status = enable_MAC(ai, lock);
3912  if (status != SUCCESS)
3913  return ERROR;
3914 
3915  /* Grab the initial wep key, we gotta save it for auto_wep */
3916  rc = readWepKeyRid(ai, &wkr, 1, lock);
3917  if (rc == SUCCESS) do {
3918  lastindex = wkr.kindex;
3919  if (wkr.kindex == cpu_to_le16(0xffff)) {
3920  ai->defindex = wkr.mac[0];
3921  }
3922  rc = readWepKeyRid(ai, &wkr, 0, lock);
3923  } while(lastindex != wkr.kindex);
3924 
3925  try_auto_wep(ai);
3926 
3927  return SUCCESS;
3928 }
3929 
3930 static u16 issuecommand(struct airo_info *ai, Cmd *pCmd, Resp *pRsp) {
3931  // Im really paranoid about letting it run forever!
3932  int max_tries = 600000;
3933 
3934  if (IN4500(ai, EVSTAT) & EV_CMD)
3935  OUT4500(ai, EVACK, EV_CMD);
3936 
3937  OUT4500(ai, PARAM0, pCmd->parm0);
3938  OUT4500(ai, PARAM1, pCmd->parm1);
3939  OUT4500(ai, PARAM2, pCmd->parm2);
3940  OUT4500(ai, COMMAND, pCmd->cmd);
3941 
3942  while (max_tries-- && (IN4500(ai, EVSTAT) & EV_CMD) == 0) {
3943  if ((IN4500(ai, COMMAND)) == pCmd->cmd)
3944  // PC4500 didn't notice command, try again
3945  OUT4500(ai, COMMAND, pCmd->cmd);
3946  if (!in_atomic() && (max_tries & 255) == 0)
3947  schedule();
3948  }
3949 
3950  if ( max_tries == -1 ) {
3951  airo_print_err(ai->dev->name,
3952  "Max tries exceeded when issuing command");
3953  if (IN4500(ai, COMMAND) & COMMAND_BUSY)
3954  OUT4500(ai, EVACK, EV_CLEARCOMMANDBUSY);
3955  return ERROR;
3956  }
3957 
3958  // command completed
3959  pRsp->status = IN4500(ai, STATUS);
3960  pRsp->rsp0 = IN4500(ai, RESP0);
3961  pRsp->rsp1 = IN4500(ai, RESP1);
3962  pRsp->rsp2 = IN4500(ai, RESP2);
3963  if ((pRsp->status & 0xff00)!=0 && pCmd->cmd != CMD_SOFTRESET)
3964  airo_print_err(ai->dev->name,
3965  "cmd:%x status:%x rsp0:%x rsp1:%x rsp2:%x",
3966  pCmd->cmd, pRsp->status, pRsp->rsp0, pRsp->rsp1,
3967  pRsp->rsp2);
3968 
3969  // clear stuck command busy if necessary
3970  if (IN4500(ai, COMMAND) & COMMAND_BUSY) {
3971  OUT4500(ai, EVACK, EV_CLEARCOMMANDBUSY);
3972  }
3973  // acknowledge processing the status/response
3974  OUT4500(ai, EVACK, EV_CMD);
3975 
3976  return SUCCESS;
3977 }
3978 
3979 /* Sets up the bap to start exchange data. whichbap should
3980  * be one of the BAP0 or BAP1 defines. Locks should be held before
3981  * calling! */
3982 static int bap_setup(struct airo_info *ai, u16 rid, u16 offset, int whichbap )
3983 {
3984  int timeout = 50;
3985  int max_tries = 3;
3986 
3987  OUT4500(ai, SELECT0+whichbap, rid);
3988  OUT4500(ai, OFFSET0+whichbap, offset);
3989  while (1) {
3990  int status = IN4500(ai, OFFSET0+whichbap);
3991  if (status & BAP_BUSY) {
3992  /* This isn't really a timeout, but its kinda
3993  close */
3994  if (timeout--) {
3995  continue;
3996  }
3997  } else if ( status & BAP_ERR ) {
3998  /* invalid rid or offset */
3999  airo_print_err(ai->dev->name, "BAP error %x %d",
4000  status, whichbap );
4001  return ERROR;
4002  } else if (status & BAP_DONE) { // success
4003  return SUCCESS;
4004  }
4005  if ( !(max_tries--) ) {
4006  airo_print_err(ai->dev->name,
4007  "BAP setup error too many retries\n");
4008  return ERROR;
4009  }
4010  // -- PC4500 missed it, try again
4011  OUT4500(ai, SELECT0+whichbap, rid);
4012  OUT4500(ai, OFFSET0+whichbap, offset);
4013  timeout = 50;
4014  }
4015 }
4016 
4017 /* should only be called by aux_bap_read. This aux function and the
4018  following use concepts not documented in the developers guide. I
4019  got them from a patch given to my by Aironet */
4020 static u16 aux_setup(struct airo_info *ai, u16 page,
4021  u16 offset, u16 *len)
4022 {
4023  u16 next;
4024 
4025  OUT4500(ai, AUXPAGE, page);
4026  OUT4500(ai, AUXOFF, 0);
4027  next = IN4500(ai, AUXDATA);
4028  *len = IN4500(ai, AUXDATA)&0xff;
4029  if (offset != 4) OUT4500(ai, AUXOFF, offset);
4030  return next;
4031 }
4032 
4033 /* requires call to bap_setup() first */
4034 static int aux_bap_read(struct airo_info *ai, __le16 *pu16Dst,
4035  int bytelen, int whichbap)
4036 {
4037  u16 len;
4038  u16 page;
4039  u16 offset;
4040  u16 next;
4041  int words;
4042  int i;
4043  unsigned long flags;
4044 
4045  spin_lock_irqsave(&ai->aux_lock, flags);
4046  page = IN4500(ai, SWS0+whichbap);
4047  offset = IN4500(ai, SWS2+whichbap);
4048  next = aux_setup(ai, page, offset, &len);
4049  words = (bytelen+1)>>1;
4050 
4051  for (i=0; i<words;) {
4052  int count;
4053  count = (len>>1) < (words-i) ? (len>>1) : (words-i);
4054  if ( !do8bitIO )
4055  insw( ai->dev->base_addr+DATA0+whichbap,
4056  pu16Dst+i,count );
4057  else
4058  insb( ai->dev->base_addr+DATA0+whichbap,
4059  pu16Dst+i, count << 1 );
4060  i += count;
4061  if (i<words) {
4062  next = aux_setup(ai, next, 4, &len);
4063  }
4064  }
4065  spin_unlock_irqrestore(&ai->aux_lock, flags);
4066  return SUCCESS;
4067 }
4068 
4069 
4070 /* requires call to bap_setup() first */
4071 static int fast_bap_read(struct airo_info *ai, __le16 *pu16Dst,
4072  int bytelen, int whichbap)
4073 {
4074  bytelen = (bytelen + 1) & (~1); // round up to even value
4075  if ( !do8bitIO )
4076  insw( ai->dev->base_addr+DATA0+whichbap, pu16Dst, bytelen>>1 );
4077  else
4078  insb( ai->dev->base_addr+DATA0+whichbap, pu16Dst, bytelen );
4079  return SUCCESS;
4080 }
4081 
4082 /* requires call to bap_setup() first */
4083 static int bap_write(struct airo_info *ai, const __le16 *pu16Src,
4084  int bytelen, int whichbap)
4085 {
4086  bytelen = (bytelen + 1) & (~1); // round up to even value
4087  if ( !do8bitIO )
4088  outsw( ai->dev->base_addr+DATA0+whichbap,
4089  pu16Src, bytelen>>1 );
4090  else
4091  outsb( ai->dev->base_addr+DATA0+whichbap, pu16Src, bytelen );
4092  return SUCCESS;
4093 }
4094 
4095 static int PC4500_accessrid(struct airo_info *ai, u16 rid, u16 accmd)
4096 {
4097  Cmd cmd; /* for issuing commands */
4098  Resp rsp; /* response from commands */
4099  u16 status;
4100 
4101  memset(&cmd, 0, sizeof(cmd));
4102  cmd.cmd = accmd;
4103  cmd.parm0 = rid;
4104  status = issuecommand(ai, &cmd, &rsp);
4105  if (status != 0) return status;
4106  if ( (rsp.status & 0x7F00) != 0) {
4107  return (accmd << 8) + (rsp.rsp0 & 0xFF);
4108  }
4109  return 0;
4110 }
4111 
4112 /* Note, that we are using BAP1 which is also used by transmit, so
4113  * we must get a lock. */
4114 static int PC4500_readrid(struct airo_info *ai, u16 rid, void *pBuf, int len, int lock)
4115 {
4116  u16 status;
4117  int rc = SUCCESS;
4118 
4119  if (lock) {
4120  if (down_interruptible(&ai->sem))
4121  return ERROR;
4122  }
4123  if (test_bit(FLAG_MPI,&ai->flags)) {
4124  Cmd cmd;
4125  Resp rsp;
4126 
4127  memset(&cmd, 0, sizeof(cmd));
4128  memset(&rsp, 0, sizeof(rsp));
4129  ai->config_desc.rid_desc.valid = 1;
4131  ai->config_desc.rid_desc.rid = 0;
4133 
4134  cmd.cmd = CMD_ACCESS;
4135  cmd.parm0 = rid;
4136 
4138  &ai->config_desc.rid_desc, sizeof(Rid));
4139 
4140  rc = issuecommand(ai, &cmd, &rsp);
4141 
4142  if (rsp.status & 0x7f00)
4143  rc = rsp.rsp0;
4144  if (!rc)
4145  memcpy(pBuf, ai->config_desc.virtual_host_addr, len);
4146  goto done;
4147  } else {
4148  if ((status = PC4500_accessrid(ai, rid, CMD_ACCESS))!=SUCCESS) {
4149  rc = status;
4150  goto done;
4151  }
4152  if (bap_setup(ai, rid, 0, BAP1) != SUCCESS) {
4153  rc = ERROR;
4154  goto done;
4155  }
4156  // read the rid length field
4157  bap_read(ai, pBuf, 2, BAP1);
4158  // length for remaining part of rid
4159  len = min(len, (int)le16_to_cpu(*(__le16*)pBuf)) - 2;
4160 
4161  if ( len <= 2 ) {
4162  airo_print_err(ai->dev->name,
4163  "Rid %x has a length of %d which is too short",
4164  (int)rid, (int)len );
4165  rc = ERROR;
4166  goto done;
4167  }
4168  // read remainder of the rid
4169  rc = bap_read(ai, ((__le16*)pBuf)+1, len, BAP1);
4170  }
4171 done:
4172  if (lock)
4173  up(&ai->sem);
4174  return rc;
4175 }
4176 
4177 /* Note, that we are using BAP1 which is also used by transmit, so
4178  * make sure this isn't called when a transmit is happening */
4179 static int PC4500_writerid(struct airo_info *ai, u16 rid,
4180  const void *pBuf, int len, int lock)
4181 {
4182  u16 status;
4183  int rc = SUCCESS;
4184 
4185  *(__le16*)pBuf = cpu_to_le16((u16)len);
4186 
4187  if (lock) {
4188  if (down_interruptible(&ai->sem))
4189  return ERROR;
4190  }
4191  if (test_bit(FLAG_MPI,&ai->flags)) {
4192  Cmd cmd;
4193  Resp rsp;
4194 
4195  if (test_bit(FLAG_ENABLED, &ai->flags) && (RID_WEP_TEMP != rid))
4196  airo_print_err(ai->dev->name,
4197  "%s: MAC should be disabled (rid=%04x)",
4198  __func__, rid);
4199  memset(&cmd, 0, sizeof(cmd));
4200  memset(&rsp, 0, sizeof(rsp));
4201 
4202  ai->config_desc.rid_desc.valid = 1;
4203  ai->config_desc.rid_desc.len = *((u16 *)pBuf);
4204  ai->config_desc.rid_desc.rid = 0;
4205 
4206  cmd.cmd = CMD_WRITERID;
4207  cmd.parm0 = rid;
4208 
4210  &ai->config_desc.rid_desc, sizeof(Rid));
4211 
4212  if (len < 4 || len > 2047) {
4213  airo_print_err(ai->dev->name, "%s: len=%d", __func__, len);
4214  rc = -1;
4215  } else {
4217  pBuf, len);
4218 
4219  rc = issuecommand(ai, &cmd, &rsp);
4220  if ((rc & 0xff00) != 0) {
4221  airo_print_err(ai->dev->name, "%s: Write rid Error %d",
4222  __func__, rc);
4223  airo_print_err(ai->dev->name, "%s: Cmd=%04x",
4224  __func__, cmd.cmd);
4225  }
4226 
4227  if ((rsp.status & 0x7f00))
4228  rc = rsp.rsp0;
4229  }
4230  } else {
4231  // --- first access so that we can write the rid data
4232  if ( (status = PC4500_accessrid(ai, rid, CMD_ACCESS)) != 0) {
4233  rc = status;
4234  goto done;
4235  }
4236  // --- now write the rid data
4237  if (bap_setup(ai, rid, 0, BAP1) != SUCCESS) {
4238  rc = ERROR;
4239  goto done;
4240  }
4241  bap_write(ai, pBuf, len, BAP1);
4242  // ---now commit the rid data
4243  rc = PC4500_accessrid(ai, rid, 0x100|CMD_ACCESS);
4244  }
4245 done:
4246  if (lock)
4247  up(&ai->sem);
4248  return rc;
4249 }
4250 
4251 /* Allocates a FID to be used for transmitting packets. We only use
4252  one for now. */
4253 static u16 transmit_allocate(struct airo_info *ai, int lenPayload, int raw)
4254 {
4255  unsigned int loop = 3000;
4256  Cmd cmd;
4257  Resp rsp;
4258  u16 txFid;
4259  __le16 txControl;
4260 
4261  cmd.cmd = CMD_ALLOCATETX;
4262  cmd.parm0 = lenPayload;
4263  if (down_interruptible(&ai->sem))
4264  return ERROR;
4265  if (issuecommand(ai, &cmd, &rsp) != SUCCESS) {
4266  txFid = ERROR;
4267  goto done;
4268  }
4269  if ( (rsp.status & 0xFF00) != 0) {
4270  txFid = ERROR;
4271  goto done;
4272  }
4273  /* wait for the allocate event/indication
4274  * It makes me kind of nervous that this can just sit here and spin,
4275  * but in practice it only loops like four times. */
4276  while (((IN4500(ai, EVSTAT) & EV_ALLOC) == 0) && --loop);
4277  if (!loop) {
4278  txFid = ERROR;
4279  goto done;
4280  }
4281 
4282  // get the allocated fid and acknowledge
4283  txFid = IN4500(ai, TXALLOCFID);
4284  OUT4500(ai, EVACK, EV_ALLOC);
4285 
4286  /* The CARD is pretty cool since it converts the ethernet packet
4287  * into 802.11. Also note that we don't release the FID since we
4288  * will be using the same one over and over again. */
4289  /* We only have to setup the control once since we are not
4290  * releasing the fid. */
4291  if (raw)
4294  else
4297  if (bap_setup(ai, txFid, 0x0008, BAP1) != SUCCESS)
4298  txFid = ERROR;
4299  else
4300  bap_write(ai, &txControl, sizeof(txControl), BAP1);
4301 
4302 done:
4303  up(&ai->sem);
4304 
4305  return txFid;
4306 }
4307 
4308 /* In general BAP1 is dedicated to transmiting packets. However,
4309  since we need a BAP when accessing RIDs, we also use BAP1 for that.
4310  Make sure the BAP1 spinlock is held when this is called. */
4311 static int transmit_802_3_packet(struct airo_info *ai, int len, char *pPacket)
4312 {
4313  __le16 payloadLen;
4314  Cmd cmd;
4315  Resp rsp;
4316  int miclen = 0;
4317  u16 txFid = len;
4318  MICBuffer pMic;
4319 
4320  len >>= 16;
4321 
4322  if (len <= ETH_ALEN * 2) {
4323  airo_print_warn(ai->dev->name, "Short packet %d", len);
4324  return ERROR;
4325  }
4326  len -= ETH_ALEN * 2;
4327 
4328  if (test_bit(FLAG_MIC_CAPABLE, &ai->flags) && ai->micstats.enabled &&
4329  (ntohs(((__be16 *)pPacket)[6]) != 0x888E)) {
4330  if (encapsulate(ai,(etherHead *)pPacket,&pMic,len) != SUCCESS)
4331  return ERROR;
4332  miclen = sizeof(pMic);
4333  }
4334  // packet is destination[6], source[6], payload[len-12]
4335  // write the payload length and dst/src/payload
4336  if (bap_setup(ai, txFid, 0x0036, BAP1) != SUCCESS) return ERROR;
4337  /* The hardware addresses aren't counted as part of the payload, so
4338  * we have to subtract the 12 bytes for the addresses off */
4339  payloadLen = cpu_to_le16(len + miclen);
4340  bap_write(ai, &payloadLen, sizeof(payloadLen),BAP1);
4341  bap_write(ai, (__le16*)pPacket, sizeof(etherHead), BAP1);
4342  if (miclen)
4343  bap_write(ai, (__le16*)&pMic, miclen, BAP1);
4344  bap_write(ai, (__le16*)(pPacket + sizeof(etherHead)), len, BAP1);
4345  // issue the transmit command
4346  memset( &cmd, 0, sizeof( cmd ) );
4347  cmd.cmd = CMD_TRANSMIT;
4348  cmd.parm0 = txFid;
4349  if (issuecommand(ai, &cmd, &rsp) != SUCCESS) return ERROR;
4350  if ( (rsp.status & 0xFF00) != 0) return ERROR;
4351  return SUCCESS;
4352 }
4353 
4354 static int transmit_802_11_packet(struct airo_info *ai, int len, char *pPacket)
4355 {
4356  __le16 fc, payloadLen;
4357  Cmd cmd;
4358  Resp rsp;
4359  int hdrlen;
4360  static u8 tail[(30-10) + 2 + 6] = {[30-10] = 6};
4361  /* padding of header to full size + le16 gaplen (6) + gaplen bytes */
4362  u16 txFid = len;
4363  len >>= 16;
4364 
4365  fc = *(__le16*)pPacket;
4366  hdrlen = header_len(fc);
4367 
4368  if (len < hdrlen) {
4369  airo_print_warn(ai->dev->name, "Short packet %d", len);
4370  return ERROR;
4371  }
4372 
4373  /* packet is 802.11 header + payload
4374  * write the payload length and dst/src/payload */
4375  if (bap_setup(ai, txFid, 6, BAP1) != SUCCESS) return ERROR;
4376  /* The 802.11 header aren't counted as part of the payload, so
4377  * we have to subtract the header bytes off */
4378  payloadLen = cpu_to_le16(len-hdrlen);
4379  bap_write(ai, &payloadLen, sizeof(payloadLen),BAP1);
4380  if (bap_setup(ai, txFid, 0x0014, BAP1) != SUCCESS) return ERROR;
4381  bap_write(ai, (__le16 *)pPacket, hdrlen, BAP1);
4382  bap_write(ai, (__le16 *)(tail + (hdrlen - 10)), 38 - hdrlen, BAP1);
4383 
4384  bap_write(ai, (__le16 *)(pPacket + hdrlen), len - hdrlen, BAP1);
4385  // issue the transmit command
4386  memset( &cmd, 0, sizeof( cmd ) );
4387  cmd.cmd = CMD_TRANSMIT;
4388  cmd.parm0 = txFid;
4389  if (issuecommand(ai, &cmd, &rsp) != SUCCESS) return ERROR;
4390  if ( (rsp.status & 0xFF00) != 0) return ERROR;
4391  return SUCCESS;
4392 }
4393 
4394 /*
4395  * This is the proc_fs routines. It is a bit messier than I would
4396  * like! Feel free to clean it up!
4397  */
4398 
4399 static ssize_t proc_read( struct file *file,
4400  char __user *buffer,
4401  size_t len,
4402  loff_t *offset);
4403 
4404 static ssize_t proc_write( struct file *file,
4405  const char __user *buffer,
4406  size_t len,
4407  loff_t *offset );
4408 static int proc_close( struct inode *inode, struct file *file );
4409 
4410 static int proc_stats_open( struct inode *inode, struct file *file );
4411 static int proc_statsdelta_open( struct inode *inode, struct file *file );
4412 static int proc_status_open( struct inode *inode, struct file *file );
4413 static int proc_SSID_open( struct inode *inode, struct file *file );
4414 static int proc_APList_open( struct inode *inode, struct file *file );
4415 static int proc_BSSList_open( struct inode *inode, struct file *file );
4416 static int proc_config_open( struct inode *inode, struct file *file );
4417 static int proc_wepkey_open( struct inode *inode, struct file *file );
4418 
4419 static const struct file_operations proc_statsdelta_ops = {
4420  .owner = THIS_MODULE,
4421  .read = proc_read,
4422  .open = proc_statsdelta_open,
4423  .release = proc_close,
4424  .llseek = default_llseek,
4425 };
4426 
4427 static const struct file_operations proc_stats_ops = {
4428  .owner = THIS_MODULE,
4429  .read = proc_read,
4430  .open = proc_stats_open,
4431  .release = proc_close,
4432  .llseek = default_llseek,
4433 };
4434 
4435 static const struct file_operations proc_status_ops = {
4436  .owner = THIS_MODULE,
4437  .read = proc_read,
4438  .open = proc_status_open,
4439  .release = proc_close,
4440  .llseek = default_llseek,
4441 };
4442 
4443 static const struct file_operations proc_SSID_ops = {
4444  .owner = THIS_MODULE,
4445  .read = proc_read,
4446  .write = proc_write,
4447  .open = proc_SSID_open,
4448  .release = proc_close,
4449  .llseek = default_llseek,
4450 };
4451 
4452 static const struct file_operations proc_BSSList_ops = {
4453  .owner = THIS_MODULE,
4454  .read = proc_read,
4455  .write = proc_write,
4456  .open = proc_BSSList_open,
4457  .release = proc_close,
4458  .llseek = default_llseek,
4459 };
4460 
4461 static const struct file_operations proc_APList_ops = {
4462  .owner = THIS_MODULE,
4463  .read = proc_read,
4464  .write = proc_write,
4465  .open = proc_APList_open,
4466  .release = proc_close,
4467  .llseek = default_llseek,
4468 };
4469 
4470 static const struct file_operations proc_config_ops = {
4471  .owner = THIS_MODULE,
4472  .read = proc_read,
4473  .write = proc_write,
4474  .open = proc_config_open,
4475  .release = proc_close,
4476  .llseek = default_llseek,
4477 };
4478 
4479 static const struct file_operations proc_wepkey_ops = {
4480  .owner = THIS_MODULE,
4481  .read = proc_read,
4482  .write = proc_write,
4483  .open = proc_wepkey_open,
4484  .release = proc_close,
4485  .llseek = default_llseek,
4486 };
4487 
4488 static struct proc_dir_entry *airo_entry;
4489 
4490 struct proc_data {
4492  int readlen;
4493  char *rbuffer;
4496  char *wbuffer;
4497  void (*on_close) (struct inode *, struct file *);
4498 };
4499 
4500 static int setup_proc_entry( struct net_device *dev,
4501  struct airo_info *apriv ) {
4502  struct proc_dir_entry *entry;
4503 
4504  /* First setup the device directory */
4505  strcpy(apriv->proc_name,dev->name);
4506  apriv->proc_entry = proc_mkdir_mode(apriv->proc_name, airo_perm,
4507  airo_entry);
4508  if (!apriv->proc_entry)
4509  goto fail;
4510  apriv->proc_entry->uid = proc_kuid;
4511  apriv->proc_entry->gid = proc_kgid;
4512 
4513  /* Setup the StatsDelta */
4514  entry = proc_create_data("StatsDelta", S_IRUGO & proc_perm,
4515  apriv->proc_entry, &proc_statsdelta_ops, dev);
4516  if (!entry)
4517  goto fail_stats_delta;
4518  entry->uid = proc_kuid;
4519  entry->gid = proc_kgid;
4520 
4521  /* Setup the Stats */
4522  entry = proc_create_data("Stats", S_IRUGO & proc_perm,
4523  apriv->proc_entry, &proc_stats_ops, dev);
4524  if (!entry)
4525  goto fail_stats;
4526  entry->uid = proc_kuid;
4527  entry->gid = proc_kgid;
4528 
4529  /* Setup the Status */
4530  entry = proc_create_data("Status", S_IRUGO & proc_perm,
4531  apriv->proc_entry, &proc_status_ops, dev);
4532  if (!entry)
4533  goto fail_status;
4534  entry->uid = proc_kuid;
4535  entry->gid = proc_kgid;
4536 
4537  /* Setup the Config */
4538  entry = proc_create_data("Config", proc_perm,
4539  apriv->proc_entry, &proc_config_ops, dev);
4540  if (!entry)
4541  goto fail_config;
4542  entry->uid = proc_kuid;
4543  entry->gid = proc_kgid;
4544 
4545  /* Setup the SSID */
4546  entry = proc_create_data("SSID", proc_perm,
4547  apriv->proc_entry, &proc_SSID_ops, dev);
4548  if (!entry)
4549  goto fail_ssid;
4550  entry->uid = proc_kuid;
4551  entry->gid = proc_kgid;
4552 
4553  /* Setup the APList */
4554  entry = proc_create_data("APList", proc_perm,
4555  apriv->proc_entry, &proc_APList_ops, dev);
4556  if (!entry)
4557  goto fail_aplist;
4558  entry->uid = proc_kuid;
4559  entry->gid = proc_kgid;
4560 
4561  /* Setup the BSSList */
4562  entry = proc_create_data("BSSList", proc_perm,
4563  apriv->proc_entry, &proc_BSSList_ops, dev);
4564  if (!entry)
4565  goto fail_bsslist;
4566  entry->uid = proc_kuid;
4567  entry->gid = proc_kgid;
4568 
4569  /* Setup the WepKey */
4570  entry = proc_create_data("WepKey", proc_perm,
4571  apriv->proc_entry, &proc_wepkey_ops, dev);
4572  if (!entry)
4573  goto fail_wepkey;
4574  entry->uid = proc_kuid;
4575  entry->gid = proc_kgid;
4576 
4577  return 0;
4578 
4579 fail_wepkey:
4580  remove_proc_entry("BSSList", apriv->proc_entry);
4581 fail_bsslist:
4582  remove_proc_entry("APList", apriv->proc_entry);
4583 fail_aplist:
4584  remove_proc_entry("SSID", apriv->proc_entry);
4585 fail_ssid:
4586  remove_proc_entry("Config", apriv->proc_entry);
4587 fail_config:
4588  remove_proc_entry("Status", apriv->proc_entry);
4589 fail_status:
4590  remove_proc_entry("Stats", apriv->proc_entry);
4591 fail_stats:
4592  remove_proc_entry("StatsDelta", apriv->proc_entry);
4593 fail_stats_delta:
4594  remove_proc_entry(apriv->proc_name, airo_entry);
4595 fail:
4596  return -ENOMEM;
4597 }
4598 
4599 static int takedown_proc_entry( struct net_device *dev,
4600  struct airo_info *apriv ) {
4601  if ( !apriv->proc_entry->namelen ) return 0;
4602  remove_proc_entry("Stats",apriv->proc_entry);
4603  remove_proc_entry("StatsDelta",apriv->proc_entry);
4604  remove_proc_entry("Status",apriv->proc_entry);
4605  remove_proc_entry("Config",apriv->proc_entry);
4606  remove_proc_entry("SSID",apriv->proc_entry);
4607  remove_proc_entry("APList",apriv->proc_entry);
4608  remove_proc_entry("BSSList",apriv->proc_entry);
4609  remove_proc_entry("WepKey",apriv->proc_entry);
4610  remove_proc_entry(apriv->proc_name,airo_entry);
4611  return 0;
4612 }
4613 
4614 /*
4615  * What we want from the proc_fs is to be able to efficiently read
4616  * and write the configuration. To do this, we want to read the
4617  * configuration when the file is opened and write it when the file is
4618  * closed. So basically we allocate a read buffer at open and fill it
4619  * with data, and allocate a write buffer and read it at close.
4620  */
4621 
4622 /*
4623  * The read routine is generic, it relies on the preallocated rbuffer
4624  * to supply the data.
4625  */
4626 static ssize_t proc_read( struct file *file,
4627  char __user *buffer,
4628  size_t len,
4629  loff_t *offset )
4630 {
4631  struct proc_data *priv = file->private_data;
4632 
4633  if (!priv->rbuffer)
4634  return -EINVAL;
4635 
4636  return simple_read_from_buffer(buffer, len, offset, priv->rbuffer,
4637  priv->readlen);
4638 }
4639 
4640 /*
4641  * The write routine is generic, it fills in a preallocated rbuffer
4642  * to supply the data.
4643  */
4644 static ssize_t proc_write( struct file *file,
4645  const char __user *buffer,
4646  size_t len,
4647  loff_t *offset )
4648 {
4649  ssize_t ret;
4650  struct proc_data *priv = file->private_data;
4651 
4652  if (!priv->wbuffer)
4653  return -EINVAL;
4654 
4655  ret = simple_write_to_buffer(priv->wbuffer, priv->maxwritelen, offset,
4656  buffer, len);
4657  if (ret > 0)
4658  priv->writelen = max_t(int, priv->writelen, *offset);
4659 
4660  return ret;
4661 }
4662 
4663 static int proc_status_open(struct inode *inode, struct file *file)
4664 {
4665  struct proc_data *data;
4666  struct proc_dir_entry *dp = PDE(inode);
4667  struct net_device *dev = dp->data;
4668  struct airo_info *apriv = dev->ml_priv;
4669  CapabilityRid cap_rid;
4670  StatusRid status_rid;
4671  u16 mode;
4672  int i;
4673 
4674  if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
4675  return -ENOMEM;
4676  data = file->private_data;
4677  if ((data->rbuffer = kmalloc( 2048, GFP_KERNEL )) == NULL) {
4678  kfree (file->private_data);
4679  return -ENOMEM;
4680  }
4681 
4682  readStatusRid(apriv, &status_rid, 1);
4683  readCapabilityRid(apriv, &cap_rid, 1);
4684 
4685  mode = le16_to_cpu(status_rid.mode);
4686 
4687  i = sprintf(data->rbuffer, "Status: %s%s%s%s%s%s%s%s%s\n",
4688  mode & 1 ? "CFG ": "",
4689  mode & 2 ? "ACT ": "",
4690  mode & 0x10 ? "SYN ": "",
4691  mode & 0x20 ? "LNK ": "",
4692  mode & 0x40 ? "LEAP ": "",
4693  mode & 0x80 ? "PRIV ": "",
4694  mode & 0x100 ? "KEY ": "",
4695  mode & 0x200 ? "WEP ": "",
4696  mode & 0x8000 ? "ERR ": "");
4697  sprintf( data->rbuffer+i, "Mode: %x\n"
4698  "Signal Strength: %d\n"
4699  "Signal Quality: %d\n"
4700  "SSID: %-.*s\n"
4701  "AP: %-.16s\n"
4702  "Freq: %d\n"
4703  "BitRate: %dmbs\n"
4704  "Driver Version: %s\n"
4705  "Device: %s\nManufacturer: %s\nFirmware Version: %s\n"
4706  "Radio type: %x\nCountry: %x\nHardware Version: %x\n"
4707  "Software Version: %x\nSoftware Subversion: %x\n"
4708  "Boot block version: %x\n",
4709  le16_to_cpu(status_rid.mode),
4711  le16_to_cpu(status_rid.signalQuality),
4712  le16_to_cpu(status_rid.SSIDlen),
4713  status_rid.SSID,
4714  status_rid.apName,
4715  le16_to_cpu(status_rid.channel),
4716  le16_to_cpu(status_rid.currentXmitRate) / 2,
4717  version,
4718  cap_rid.prodName,
4719  cap_rid.manName,
4720  cap_rid.prodVer,
4721  le16_to_cpu(cap_rid.radioType),
4722  le16_to_cpu(cap_rid.country),
4723  le16_to_cpu(cap_rid.hardVer),
4724  le16_to_cpu(cap_rid.softVer),
4725  le16_to_cpu(cap_rid.softSubVer),
4726  le16_to_cpu(cap_rid.bootBlockVer));
4727  data->readlen = strlen( data->rbuffer );
4728  return 0;
4729 }
4730 
4731 static int proc_stats_rid_open(struct inode*, struct file*, u16);
4732 static int proc_statsdelta_open( struct inode *inode,
4733  struct file *file ) {
4734  if (file->f_mode&FMODE_WRITE) {
4735  return proc_stats_rid_open(inode, file, RID_STATSDELTACLEAR);
4736  }
4737  return proc_stats_rid_open(inode, file, RID_STATSDELTA);
4738 }
4739 
4740 static int proc_stats_open( struct inode *inode, struct file *file ) {
4741  return proc_stats_rid_open(inode, file, RID_STATS);
4742 }
4743 
4744 static int proc_stats_rid_open( struct inode *inode,
4745  struct file *file,
4746  u16 rid )
4747 {
4748  struct proc_data *data;
4749  struct proc_dir_entry *dp = PDE(inode);
4750  struct net_device *dev = dp->data;
4751  struct airo_info *apriv = dev->ml_priv;
4752  StatsRid stats;
4753  int i, j;
4754  __le32 *vals = stats.vals;
4755  int len;
4756 
4757  if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
4758  return -ENOMEM;
4759  data = file->private_data;
4760  if ((data->rbuffer = kmalloc( 4096, GFP_KERNEL )) == NULL) {
4761  kfree (file->private_data);
4762  return -ENOMEM;
4763  }
4764 
4765  readStatsRid(apriv, &stats, rid, 1);
4766  len = le16_to_cpu(stats.len);
4767 
4768  j = 0;
4769  for(i=0; statsLabels[i]!=(char *)-1 && i*4<len; i++) {
4770  if (!statsLabels[i]) continue;
4771  if (j+strlen(statsLabels[i])+16>4096) {
4772  airo_print_warn(apriv->dev->name,
4773  "Potentially disastrous buffer overflow averted!");
4774  break;
4775  }
4776  j+=sprintf(data->rbuffer+j, "%s: %u\n", statsLabels[i],
4777  le32_to_cpu(vals[i]));
4778  }
4779  if (i*4 >= len) {
4780  airo_print_warn(apriv->dev->name, "Got a short rid");
4781  }
4782  data->readlen = j;
4783  return 0;
4784 }
4785 
4786 static int get_dec_u16( char *buffer, int *start, int limit ) {
4787  u16 value;
4788  int valid = 0;
4789  for (value = 0; *start < limit && buffer[*start] >= '0' &&
4790  buffer[*start] <= '9'; (*start)++) {
4791  valid = 1;
4792  value *= 10;
4793  value += buffer[*start] - '0';
4794  }
4795  if ( !valid ) return -1;
4796  return value;
4797 }
4798 
4799 static int airo_config_commit(struct net_device *dev,
4800  struct iw_request_info *info, void *zwrq,
4801  char *extra);
4802 
4803 static inline int sniffing_mode(struct airo_info *ai)
4804 {
4805  return (le16_to_cpu(ai->config.rmode) & le16_to_cpu(RXMODE_MASK)) >=
4807 }
4808 
4809 static void proc_config_on_close(struct inode *inode, struct file *file)
4810 {
4811  struct proc_data *data = file->private_data;
4812  struct proc_dir_entry *dp = PDE(inode);
4813  struct net_device *dev = dp->data;
4814  struct airo_info *ai = dev->ml_priv;
4815  char *line;
4816 
4817  if ( !data->writelen ) return;
4818 
4819  readConfigRid(ai, 1);
4820  set_bit (FLAG_COMMIT, &ai->flags);
4821 
4822  line = data->wbuffer;
4823  while( line[0] ) {
4824 /*** Mode processing */
4825  if ( !strncmp( line, "Mode: ", 6 ) ) {
4826  line += 6;
4827  if (sniffing_mode(ai))
4828  set_bit (FLAG_RESET, &ai->flags);
4829  ai->config.rmode &= ~RXMODE_FULL_MASK;
4830  clear_bit (FLAG_802_11, &ai->flags);
4831  ai->config.opmode &= ~MODE_CFG_MASK;
4833  if ( line[0] == 'a' ) {
4834  ai->config.opmode |= MODE_STA_IBSS;
4835  } else {
4836  ai->config.opmode |= MODE_STA_ESS;
4837  if ( line[0] == 'r' ) {
4840  set_bit (FLAG_802_11, &ai->flags);
4841  } else if ( line[0] == 'y' ) {
4844  set_bit (FLAG_802_11, &ai->flags);
4845  } else if ( line[0] == 'l' )
4846  ai->config.rmode |= RXMODE_LANMON;
4847  }
4848  set_bit (FLAG_COMMIT, &ai->flags);
4849  }
4850 
4851 /*** Radio status */
4852  else if (!strncmp(line,"Radio: ", 7)) {
4853  line += 7;
4854  if (!strncmp(line,"off",3)) {
4855  set_bit (FLAG_RADIO_OFF, &ai->flags);
4856  } else {
4857  clear_bit (FLAG_RADIO_OFF, &ai->flags);
4858  }
4859  }
4860 /*** NodeName processing */
4861  else if ( !strncmp( line, "NodeName: ", 10 ) ) {
4862  int j;
4863 
4864  line += 10;
4865  memset( ai->config.nodeName, 0, 16 );
4866 /* Do the name, assume a space between the mode and node name */
4867  for( j = 0; j < 16 && line[j] != '\n'; j++ ) {
4868  ai->config.nodeName[j] = line[j];
4869  }
4870  set_bit (FLAG_COMMIT, &ai->flags);
4871  }
4872 
4873 /*** PowerMode processing */
4874  else if ( !strncmp( line, "PowerMode: ", 11 ) ) {
4875  line += 11;
4876  if ( !strncmp( line, "PSPCAM", 6 ) ) {
4878  set_bit (FLAG_COMMIT, &ai->flags);
4879  } else if ( !strncmp( line, "PSP", 3 ) ) {
4881  set_bit (FLAG_COMMIT, &ai->flags);
4882  } else {
4884  set_bit (FLAG_COMMIT, &ai->flags);
4885  }
4886  } else if ( !strncmp( line, "DataRates: ", 11 ) ) {
4887  int v, i = 0, k = 0; /* i is index into line,
4888  k is index to rates */
4889 
4890  line += 11;
4891  while((v = get_dec_u16(line, &i, 3))!=-1) {
4892  ai->config.rates[k++] = (u8)v;
4893  line += i + 1;
4894  i = 0;
4895  }
4896  set_bit (FLAG_COMMIT, &ai->flags);
4897  } else if ( !strncmp( line, "Channel: ", 9 ) ) {
4898  int v, i = 0;
4899  line += 9;
4900  v = get_dec_u16(line, &i, i+3);
4901  if ( v != -1 ) {
4902  ai->config.channelSet = cpu_to_le16(v);
4903  set_bit (FLAG_COMMIT, &ai->flags);
4904  }
4905  } else if ( !strncmp( line, "XmitPower: ", 11 ) ) {
4906  int v, i = 0;
4907  line += 11;
4908  v = get_dec_u16(line, &i, i+3);
4909  if ( v != -1 ) {
4910  ai->config.txPower = cpu_to_le16(v);
4911  set_bit (FLAG_COMMIT, &ai->flags);
4912  }
4913  } else if ( !strncmp( line, "WEP: ", 5 ) ) {
4914  line += 5;
4915  switch( line[0] ) {
4916  case 's':
4918  break;
4919  case 'e':
4921  break;
4922  default:
4923  ai->config.authType = AUTH_OPEN;
4924  break;
4925  }
4926  set_bit (FLAG_COMMIT, &ai->flags);
4927  } else if ( !strncmp( line, "LongRetryLimit: ", 16 ) ) {
4928  int v, i = 0;
4929 
4930  line += 16;
4931  v = get_dec_u16(line, &i, 3);
4932  v = (v<0) ? 0 : ((v>255) ? 255 : v);
4934  set_bit (FLAG_COMMIT, &ai->flags);
4935  } else if ( !strncmp( line, "ShortRetryLimit: ", 17 ) ) {
4936  int v, i = 0;
4937 
4938  line += 17;
4939  v = get_dec_u16(line, &i, 3);
4940  v = (v<0) ? 0 : ((v>255) ? 255 : v);
4942  set_bit (FLAG_COMMIT, &ai->flags);
4943  } else if ( !strncmp( line, "RTSThreshold: ", 14 ) ) {
4944  int v, i = 0;
4945 
4946  line += 14;
4947  v = get_dec_u16(line, &i, 4);
4948  v = (v<0) ? 0 : ((v>AIRO_DEF_MTU) ? AIRO_DEF_MTU : v);
4949  ai->config.rtsThres = cpu_to_le16(v);
4950  set_bit (FLAG_COMMIT, &ai->flags);
4951  } else if ( !strncmp( line, "TXMSDULifetime: ", 16 ) ) {
4952  int v, i = 0;
4953 
4954  line += 16;
4955  v = get_dec_u16(line, &i, 5);
4956  v = (v<0) ? 0 : v;
4957  ai->config.txLifetime = cpu_to_le16(v);
4958  set_bit (FLAG_COMMIT, &ai->flags);
4959  } else if ( !strncmp( line, "RXMSDULifetime: ", 16 ) ) {
4960  int v, i = 0;
4961 
4962  line += 16;
4963  v = get_dec_u16(line, &i, 5);
4964  v = (v<0) ? 0 : v;
4965  ai->config.rxLifetime = cpu_to_le16(v);
4966  set_bit (FLAG_COMMIT, &ai->flags);
4967  } else if ( !strncmp( line, "TXDiversity: ", 13 ) ) {
4968  ai->config.txDiversity =
4969  (line[13]=='l') ? 1 :
4970  ((line[13]=='r')? 2: 3);
4971  set_bit (FLAG_COMMIT, &ai->flags);
4972  } else if ( !strncmp( line, "RXDiversity: ", 13 ) ) {
4973  ai->config.rxDiversity =
4974  (line[13]=='l') ? 1 :
4975  ((line[13]=='r')? 2: 3);
4976  set_bit (FLAG_COMMIT, &ai->flags);
4977  } else if ( !strncmp( line, "FragThreshold: ", 15 ) ) {
4978  int v, i = 0;
4979 
4980  line += 15;
4981  v = get_dec_u16(line, &i, 4);
4982  v = (v<256) ? 256 : ((v>AIRO_DEF_MTU) ? AIRO_DEF_MTU : v);
4983  v = v & 0xfffe; /* Make sure its even */
4984  ai->config.fragThresh = cpu_to_le16(v);
4985  set_bit (FLAG_COMMIT, &ai->flags);
4986  } else if (!strncmp(line, "Modulation: ", 12)) {
4987  line += 12;
4988  switch(*line) {
4989  case 'd': ai->config.modulation=MOD_DEFAULT; set_bit(FLAG_COMMIT, &ai->flags); break;
4990  case 'c': ai->config.modulation=MOD_CCK; set_bit(FLAG_COMMIT, &ai->flags); break;
4991  case 'm': ai->config.modulation=MOD_MOK; set_bit(FLAG_COMMIT, &ai->flags); break;
4992  default: airo_print_warn(ai->dev->name, "Unknown modulation");
4993  }
4994  } else if (!strncmp(line, "Preamble: ", 10)) {
4995  line += 10;
4996  switch(*line) {
4997  case 'a': ai->config.preamble=PREAMBLE_AUTO; set_bit(FLAG_COMMIT, &ai->flags); break;
4998  case 'l': ai->config.preamble=PREAMBLE_LONG; set_bit(FLAG_COMMIT, &ai->flags); break;
4999  case 's': ai->config.preamble=PREAMBLE_SHORT; set_bit(FLAG_COMMIT, &ai->flags); break;
5000  default: airo_print_warn(ai->dev->name, "Unknown preamble");
5001  }
5002  } else {
5003  airo_print_warn(ai->dev->name, "Couldn't figure out %s", line);
5004  }
5005  while( line[0] && line[0] != '\n' ) line++;
5006  if ( line[0] ) line++;
5007  }
5008  airo_config_commit(dev, NULL, NULL, NULL);
5009 }
5010 
5011 static const char *get_rmode(__le16 mode)
5012 {
5013  switch(mode & RXMODE_MASK) {
5014  case RXMODE_RFMON: return "rfmon";
5015  case RXMODE_RFMON_ANYBSS: return "yna (any) bss rfmon";
5016  case RXMODE_LANMON: return "lanmon";
5017  }
5018  return "ESS";
5019 }
5020 
5021 static int proc_config_open(struct inode *inode, struct file *file)
5022 {
5023  struct proc_data *data;
5024  struct proc_dir_entry *dp = PDE(inode);
5025  struct net_device *dev = dp->data;
5026  struct airo_info *ai = dev->ml_priv;
5027  int i;
5028  __le16 mode;
5029 
5030  if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
5031  return -ENOMEM;
5032  data = file->private_data;
5033  if ((data->rbuffer = kmalloc( 2048, GFP_KERNEL )) == NULL) {
5034  kfree (file->private_data);
5035  return -ENOMEM;
5036  }
5037  if ((data->wbuffer = kzalloc( 2048, GFP_KERNEL )) == NULL) {
5038  kfree (data->rbuffer);
5039  kfree (file->private_data);
5040  return -ENOMEM;
5041  }
5042  data->maxwritelen = 2048;
5043  data->on_close = proc_config_on_close;
5044 
5045  readConfigRid(ai, 1);
5046 
5047  mode = ai->config.opmode & MODE_CFG_MASK;
5048  i = sprintf( data->rbuffer,
5049  "Mode: %s\n"
5050  "Radio: %s\n"
5051  "NodeName: %-16s\n"
5052  "PowerMode: %s\n"
5053  "DataRates: %d %d %d %d %d %d %d %d\n"
5054  "Channel: %d\n"
5055  "XmitPower: %d\n",
5056  mode == MODE_STA_IBSS ? "adhoc" :
5057  mode == MODE_STA_ESS ? get_rmode(ai->config.rmode):
5058  mode == MODE_AP ? "AP" :
5059  mode == MODE_AP_RPTR ? "AP RPTR" : "Error",
5060  test_bit(FLAG_RADIO_OFF, &ai->flags) ? "off" : "on",
5061  ai->config.nodeName,
5062  ai->config.powerSaveMode == POWERSAVE_CAM ? "CAM" :
5063  ai->config.powerSaveMode == POWERSAVE_PSP ? "PSP" :
5064  ai->config.powerSaveMode == POWERSAVE_PSPCAM ? "PSPCAM" :
5065  "Error",
5066  (int)ai->config.rates[0],
5067  (int)ai->config.rates[1],
5068  (int)ai->config.rates[2],
5069  (int)ai->config.rates[3],
5070  (int)ai->config.rates[4],
5071  (int)ai->config.rates[5],
5072  (int)ai->config.rates[6],
5073  (int)ai->config.rates[7],
5076  );
5077  sprintf( data->rbuffer + i,
5078  "LongRetryLimit: %d\n"
5079  "ShortRetryLimit: %d\n"
5080  "RTSThreshold: %d\n"
5081  "TXMSDULifetime: %d\n"
5082  "RXMSDULifetime: %d\n"
5083  "TXDiversity: %s\n"
5084  "RXDiversity: %s\n"
5085  "FragThreshold: %d\n"
5086  "WEP: %s\n"
5087  "Modulation: %s\n"
5088  "Preamble: %s\n",
5094  ai->config.txDiversity == 1 ? "left" :
5095  ai->config.txDiversity == 2 ? "right" : "both",
5096  ai->config.rxDiversity == 1 ? "left" :
5097  ai->config.rxDiversity == 2 ? "right" : "both",
5099  ai->config.authType == AUTH_ENCRYPT ? "encrypt" :
5100  ai->config.authType == AUTH_SHAREDKEY ? "shared" : "open",
5101  ai->config.modulation == MOD_DEFAULT ? "default" :
5102  ai->config.modulation == MOD_CCK ? "cck" :
5103  ai->config.modulation == MOD_MOK ? "mok" : "error",
5104  ai->config.preamble == PREAMBLE_AUTO ? "auto" :
5105  ai->config.preamble == PREAMBLE_LONG ? "long" :
5106  ai->config.preamble == PREAMBLE_SHORT ? "short" : "error"
5107  );
5108  data->readlen = strlen( data->rbuffer );
5109  return 0;
5110 }
5111 
5112 static void proc_SSID_on_close(struct inode *inode, struct file *file)
5113 {
5114  struct proc_data *data = file->private_data;
5115  struct proc_dir_entry *dp = PDE(inode);
5116  struct net_device *dev = dp->data;
5117  struct airo_info *ai = dev->ml_priv;
5118  SsidRid SSID_rid;
5119  int i;
5120  char *p = data->wbuffer;
5121  char *end = p + data->writelen;
5122 
5123  if (!data->writelen)
5124  return;
5125 
5126  *end = '\n'; /* sentinel; we have space for it */
5127 
5128  memset(&SSID_rid, 0, sizeof(SSID_rid));
5129 
5130  for (i = 0; i < 3 && p < end; i++) {
5131  int j = 0;
5132  /* copy up to 32 characters from this line */
5133  while (*p != '\n' && j < 32)
5134  SSID_rid.ssids[i].ssid[j++] = *p++;
5135  if (j == 0)
5136  break;
5137  SSID_rid.ssids[i].len = cpu_to_le16(j);
5138  /* skip to the beginning of the next line */
5139  while (*p++ != '\n')
5140  ;
5141  }
5142  if (i)
5143  SSID_rid.len = cpu_to_le16(sizeof(SSID_rid));
5144  disable_MAC(ai, 1);
5145  writeSsidRid(ai, &SSID_rid, 1);
5146  enable_MAC(ai, 1);
5147 }
5148 
5149 static void proc_APList_on_close( struct inode *inode, struct file *file ) {
5150  struct proc_data *data = file->private_data;
5151  struct proc_dir_entry *dp = PDE(inode);
5152  struct net_device *dev = dp->data;
5153  struct airo_info *ai = dev->ml_priv;
5154  APListRid APList_rid;
5155  int i;
5156 
5157  if ( !data->writelen ) return;
5158 
5159  memset( &APList_rid, 0, sizeof(APList_rid) );
5160  APList_rid.len = cpu_to_le16(sizeof(APList_rid));
5161 
5162  for( i = 0; i < 4 && data->writelen >= (i+1)*6*3; i++ ) {
5163  int j;
5164  for( j = 0; j < 6*3 && data->wbuffer[j+i*6*3]; j++ ) {
5165  switch(j%3) {
5166  case 0:
5167  APList_rid.ap[i][j/3]=
5168  hex_to_bin(data->wbuffer[j+i*6*3])<<4;
5169  break;
5170  case 1:
5171  APList_rid.ap[i][j/3]|=
5172  hex_to_bin(data->wbuffer[j+i*6*3]);
5173  break;
5174  }
5175  }
5176  }
5177  disable_MAC(ai, 1);
5178  writeAPListRid(ai, &APList_rid, 1);
5179  enable_MAC(ai, 1);
5180 }
5181 
5182 /* This function wraps PC4500_writerid with a MAC disable */
5183 static int do_writerid( struct airo_info *ai, u16 rid, const void *rid_data,
5184  int len, int dummy ) {
5185  int rc;
5186 
5187  disable_MAC(ai, 1);
5188  rc = PC4500_writerid(ai, rid, rid_data, len, 1);
5189  enable_MAC(ai, 1);
5190  return rc;
5191 }
5192 
5193 /* Returns the WEP key at the specified index, or -1 if that key does
5194  * not exist. The buffer is assumed to be at least 16 bytes in length.
5195  */
5196 static int get_wep_key(struct airo_info *ai, u16 index, char *buf, u16 buflen)
5197 {
5198  WepKeyRid wkr;
5199  int rc;
5200  __le16 lastindex;
5201 
5202  rc = readWepKeyRid(ai, &wkr, 1, 1);
5203  if (rc != SUCCESS)
5204  return -1;
5205  do {
5206  lastindex = wkr.kindex;
5207  if (le16_to_cpu(wkr.kindex) == index) {
5208  int klen = min_t(int, buflen, le16_to_cpu(wkr.klen));
5209  memcpy(buf, wkr.key, klen);
5210  return klen;
5211  }
5212  rc = readWepKeyRid(ai, &wkr, 0, 1);
5213  if (rc != SUCCESS)
5214  return -1;
5215  } while (lastindex != wkr.kindex);
5216  return -1;
5217 }
5218 
5219 static int get_wep_tx_idx(struct airo_info *ai)
5220 {
5221  WepKeyRid wkr;
5222  int rc;
5223  __le16 lastindex;
5224 
5225  rc = readWepKeyRid(ai, &wkr, 1, 1);
5226  if (rc != SUCCESS)
5227  return -1;
5228  do {
5229  lastindex = wkr.kindex;
5230  if (wkr.kindex == cpu_to_le16(0xffff))
5231  return wkr.mac[0];
5232  rc = readWepKeyRid(ai, &wkr, 0, 1);
5233  if (rc != SUCCESS)
5234  return -1;
5235  } while (lastindex != wkr.kindex);
5236  return -1;
5237 }
5238 
5239 static int set_wep_key(struct airo_info *ai, u16 index, const char *key,
5240  u16 keylen, int perm, int lock)
5241 {
5242  static const unsigned char macaddr[ETH_ALEN] = { 0x01, 0, 0, 0, 0, 0 };
5243  WepKeyRid wkr;
5244  int rc;
5245 
5246  if (WARN_ON(keylen == 0))
5247  return -1;
5248 
5249  memset(&wkr, 0, sizeof(wkr));
5250  wkr.len = cpu_to_le16(sizeof(wkr));
5251  wkr.kindex = cpu_to_le16(index);
5252  wkr.klen = cpu_to_le16(keylen);
5253  memcpy(wkr.key, key, keylen);
5254  memcpy(wkr.mac, macaddr, ETH_ALEN);
5255 
5256  if (perm) disable_MAC(ai, lock);
5257  rc = writeWepKeyRid(ai, &wkr, perm, lock);
5258  if (perm) enable_MAC(ai, lock);
5259  return rc;
5260 }
5261 
5262 static int set_wep_tx_idx(struct airo_info *ai, u16 index, int perm, int lock)
5263 {
5264  WepKeyRid wkr;
5265  int rc;
5266 
5267  memset(&wkr, 0, sizeof(wkr));
5268  wkr.len = cpu_to_le16(sizeof(wkr));
5269  wkr.kindex = cpu_to_le16(0xffff);
5270  wkr.mac[0] = (char)index;
5271 
5272  if (perm) {
5273  ai->defindex = (char)index;
5274  disable_MAC(ai, lock);
5275  }
5276 
5277  rc = writeWepKeyRid(ai, &wkr, perm, lock);
5278 
5279  if (perm)
5280  enable_MAC(ai, lock);
5281  return rc;
5282 }
5283 
5284 static void proc_wepkey_on_close( struct inode *inode, struct file *file ) {
5285  struct proc_data *data;
5286  struct proc_dir_entry *dp = PDE(inode);
5287  struct net_device *dev = dp->data;
5288  struct airo_info *ai = dev->ml_priv;
5289  int i, rc;
5290  char key[16];
5291  u16 index = 0;
5292  int j = 0;
5293 
5294  memset(key, 0, sizeof(key));
5295 
5296  data = file->private_data;
5297  if ( !data->writelen ) return;
5298 
5299  if (data->wbuffer[0] >= '0' && data->wbuffer[0] <= '3' &&
5300  (data->wbuffer[1] == ' ' || data->wbuffer[1] == '\n')) {
5301  index = data->wbuffer[0] - '0';
5302  if (data->wbuffer[1] == '\n') {
5303  rc = set_wep_tx_idx(ai, index, 1, 1);
5304  if (rc < 0) {
5305  airo_print_err(ai->dev->name, "failed to set "
5306  "WEP transmit index to %d: %d.",
5307  index, rc);
5308  }
5309  return;
5310  }
5311  j = 2;
5312  } else {
5313  airo_print_err(ai->dev->name, "WepKey passed invalid key index");
5314  return;
5315  }
5316 
5317  for( i = 0; i < 16*3 && data->wbuffer[i+j]; i++ ) {
5318  switch(i%3) {
5319  case 0:
5320  key[i/3] = hex_to_bin(data->wbuffer[i+j])<<4;
5321  break;
5322  case 1:
5323  key[i/3] |= hex_to_bin(data->wbuffer[i+j]);
5324  break;
5325  }
5326  }
5327 
5328  rc = set_wep_key(ai, index, key, i/3, 1, 1);
5329  if (rc < 0) {
5330  airo_print_err(ai->dev->name, "failed to set WEP key at index "
5331  "%d: %d.", index, rc);
5332  }
5333 }
5334 
5335 static int proc_wepkey_open( struct inode *inode, struct file *file )
5336 {
5337  struct proc_data *data;
5338  struct proc_dir_entry *dp = PDE(inode);
5339  struct net_device *dev = dp->data;
5340  struct airo_info *ai = dev->ml_priv;
5341  char *ptr;
5342  WepKeyRid wkr;
5343  __le16 lastindex;
5344  int j=0;
5345  int rc;
5346 
5347  if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
5348  return -ENOMEM;
5349  memset(&wkr, 0, sizeof(wkr));
5350  data = file->private_data;
5351  if ((data->rbuffer = kzalloc( 180, GFP_KERNEL )) == NULL) {
5352  kfree (file->private_data);
5353  return -ENOMEM;
5354  }
5355  data->writelen = 0;
5356  data->maxwritelen = 80;
5357  if ((data->wbuffer = kzalloc( 80, GFP_KERNEL )) == NULL) {
5358  kfree (data->rbuffer);
5359  kfree (file->private_data);
5360  return -ENOMEM;
5361  }
5362  data->on_close = proc_wepkey_on_close;
5363 
5364  ptr = data->rbuffer;
5365  strcpy(ptr, "No wep keys\n");
5366  rc = readWepKeyRid(ai, &wkr, 1, 1);
5367  if (rc == SUCCESS) do {
5368  lastindex = wkr.kindex;
5369  if (wkr.kindex == cpu_to_le16(0xffff)) {
5370  j += sprintf(ptr+j, "Tx key = %d\n",
5371  (int)wkr.mac[0]);
5372  } else {
5373  j += sprintf(ptr+j, "Key %d set with length = %d\n",
5374  le16_to_cpu(wkr.kindex),
5375  le16_to_cpu(wkr.klen));
5376  }
5377  readWepKeyRid(ai, &wkr, 0, 1);
5378  } while((lastindex != wkr.kindex) && (j < 180-30));
5379 
5380  data->readlen = strlen( data->rbuffer );
5381  return 0;
5382 }
5383 
5384 static int proc_SSID_open(struct inode *inode, struct file *file)
5385 {
5386  struct proc_data *data;
5387  struct proc_dir_entry *dp = PDE(inode);
5388  struct net_device *dev = dp->data;
5389  struct airo_info *ai = dev->ml_priv;
5390  int i;
5391  char *ptr;
5392  SsidRid SSID_rid;
5393 
5394  if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
5395  return -ENOMEM;
5396  data = file->private_data;
5397  if ((data->rbuffer = kmalloc( 104, GFP_KERNEL )) == NULL) {
5398  kfree (file->private_data);
5399  return -ENOMEM;
5400  }
5401  data->writelen = 0;
5402  data->maxwritelen = 33*3;
5403  /* allocate maxwritelen + 1; we'll want a sentinel */
5404  if ((data->wbuffer = kzalloc(33*3 + 1, GFP_KERNEL)) == NULL) {
5405  kfree (data->rbuffer);
5406  kfree (file->private_data);
5407  return -ENOMEM;
5408  }
5409  data->on_close = proc_SSID_on_close;
5410 
5411  readSsidRid(ai, &SSID_rid);
5412  ptr = data->rbuffer;
5413  for (i = 0; i < 3; i++) {
5414  int j;
5415  size_t len = le16_to_cpu(SSID_rid.ssids[i].len);
5416  if (!len)
5417  break;
5418  if (len > 32)
5419  len = 32;
5420  for (j = 0; j < len && SSID_rid.ssids[i].ssid[j]; j++)
5421  *ptr++ = SSID_rid.ssids[i].ssid[j];
5422  *ptr++ = '\n';
5423  }
5424  *ptr = '\0';
5425  data->readlen = strlen( data->rbuffer );
5426  return 0;
5427 }
5428 
5429 static int proc_APList_open( struct inode *inode, struct file *file ) {
5430  struct proc_data *data;
5431  struct proc_dir_entry *dp = PDE(inode);
5432  struct net_device *dev = dp->data;
5433  struct airo_info *ai = dev->ml_priv;
5434  int i;
5435  char *ptr;
5436  APListRid APList_rid;
5437 
5438  if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
5439  return -ENOMEM;
5440  data = file->private_data;
5441  if ((data->rbuffer = kmalloc( 104, GFP_KERNEL )) == NULL) {
5442  kfree (file->private_data);
5443  return -ENOMEM;
5444  }
5445  data->writelen = 0;
5446  data->maxwritelen = 4*6*3;
5447  if ((data->wbuffer = kzalloc( data->maxwritelen, GFP_KERNEL )) == NULL) {
5448  kfree (data->rbuffer);
5449  kfree (file->private_data);
5450  return -ENOMEM;
5451  }
5452  data->on_close = proc_APList_on_close;
5453 
5454  readAPListRid(ai, &APList_rid);
5455  ptr = data->rbuffer;
5456  for( i = 0; i < 4; i++ ) {
5457 // We end when we find a zero MAC
5458  if ( !*(int*)APList_rid.ap[i] &&
5459  !*(int*)&APList_rid.ap[i][2]) break;
5460  ptr += sprintf(ptr, "%pM\n", APList_rid.ap[i]);
5461  }
5462  if (i==0) ptr += sprintf(ptr, "Not using specific APs\n");
5463 
5464  *ptr = '\0';
5465  data->readlen = strlen( data->rbuffer );
5466  return 0;
5467 }
5468 
5469 static int proc_BSSList_open( struct inode *inode, struct file *file ) {
5470  struct proc_data *data;
5471  struct proc_dir_entry *dp = PDE(inode);
5472  struct net_device *dev = dp->data;
5473  struct airo_info *ai = dev->ml_priv;
5474  char *ptr;
5475  BSSListRid BSSList_rid;
5476  int rc;
5477  /* If doLoseSync is not 1, we won't do a Lose Sync */
5478  int doLoseSync = -1;
5479 
5480  if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
5481  return -ENOMEM;
5482  data = file->private_data;
5483  if ((data->rbuffer = kmalloc( 1024, GFP_KERNEL )) == NULL) {
5484  kfree (file->private_data);
5485  return -ENOMEM;
5486  }
5487  data->writelen = 0;
5488  data->maxwritelen = 0;
5489  data->wbuffer = NULL;
5490  data->on_close = NULL;
5491 
5492  if (file->f_mode & FMODE_WRITE) {
5493  if (!(file->f_mode & FMODE_READ)) {
5494  Cmd cmd;
5495  Resp rsp;
5496 
5497  if (ai->flags & FLAG_RADIO_MASK) return -ENETDOWN;
5498  memset(&cmd, 0, sizeof(cmd));
5499  cmd.cmd=CMD_LISTBSS;
5500  if (down_interruptible(&ai->sem))
5501  return -ERESTARTSYS;
5502  issuecommand(ai, &cmd, &rsp);
5503  up(&ai->sem);
5504  data->readlen = 0;
5505  return 0;
5506  }
5507  doLoseSync = 1;
5508  }
5509  ptr = data->rbuffer;
5510  /* There is a race condition here if there are concurrent opens.
5511  Since it is a rare condition, we'll just live with it, otherwise
5512  we have to add a spin lock... */
5513  rc = readBSSListRid(ai, doLoseSync, &BSSList_rid);
5514  while(rc == 0 && BSSList_rid.index != cpu_to_le16(0xffff)) {
5515  ptr += sprintf(ptr, "%pM %*s rssi = %d",
5516  BSSList_rid.bssid,
5517  (int)BSSList_rid.ssidLen,
5518  BSSList_rid.ssid,
5519  le16_to_cpu(BSSList_rid.dBm));
5520  ptr += sprintf(ptr, " channel = %d %s %s %s %s\n",
5521  le16_to_cpu(BSSList_rid.dsChannel),
5522  BSSList_rid.cap & CAP_ESS ? "ESS" : "",
5523  BSSList_rid.cap & CAP_IBSS ? "adhoc" : "",
5524  BSSList_rid.cap & CAP_PRIVACY ? "wep" : "",
5525  BSSList_rid.cap & CAP_SHORTHDR ? "shorthdr" : "");
5526  rc = readBSSListRid(ai, 0, &BSSList_rid);
5527  }
5528  *ptr = '\0';
5529  data->readlen = strlen( data->rbuffer );
5530  return 0;
5531 }
5532 
5533 static int proc_close( struct inode *inode, struct file *file )
5534 {
5535  struct proc_data *data = file->private_data;
5536 
5537  if (data->on_close != NULL)
5538  data->on_close(inode, file);
5539  kfree(data->rbuffer);
5540  kfree(data->wbuffer);
5541  kfree(data);
5542  return 0;
5543 }
5544 
5545 /* Since the card doesn't automatically switch to the right WEP mode,
5546  we will make it do it. If the card isn't associated, every secs we
5547  will switch WEP modes to see if that will help. If the card is
5548  associated we will check every minute to see if anything has
5549  changed. */
5550 static void timer_func( struct net_device *dev ) {
5551  struct airo_info *apriv = dev->ml_priv;
5552 
5553 /* We don't have a link so try changing the authtype */
5554  readConfigRid(apriv, 0);
5555  disable_MAC(apriv, 0);
5556  switch(apriv->config.authType) {
5557  case AUTH_ENCRYPT:
5558 /* So drop to OPEN */
5559  apriv->config.authType = AUTH_OPEN;
5560  break;
5561  case AUTH_SHAREDKEY:
5562  if (apriv->keyindex < auto_wep) {
5563  set_wep_tx_idx(apriv, apriv->keyindex, 0, 0);
5564  apriv->config.authType = AUTH_SHAREDKEY;
5565  apriv->keyindex++;
5566  } else {
5567  /* Drop to ENCRYPT */
5568  apriv->keyindex = 0;
5569  set_wep_tx_idx(apriv, apriv->defindex, 0, 0);
5570  apriv->config.authType = AUTH_ENCRYPT;
5571  }
5572  break;
5573  default: /* We'll escalate to SHAREDKEY */
5574  apriv->config.authType = AUTH_SHAREDKEY;
5575  }
5576  set_bit (FLAG_COMMIT, &apriv->flags);
5577  writeConfigRid(apriv, 0);
5578  enable_MAC(apriv, 0);
5579  up(&apriv->sem);
5580 
5581 /* Schedule check to see if the change worked */
5582  clear_bit(JOB_AUTOWEP, &apriv->jobs);
5583  apriv->expires = RUN_AT(HZ*3);
5584 }
5585 
5586 #ifdef CONFIG_PCI
5587 static int __devinit airo_pci_probe(struct pci_dev *pdev,
5588  const struct pci_device_id *pent)
5589 {
5590  struct net_device *dev;
5591 
5592  if (pci_enable_device(pdev))
5593  return -ENODEV;
5594  pci_set_master(pdev);
5595 
5596  if (pdev->device == 0x5000 || pdev->device == 0xa504)
5597  dev = _init_airo_card(pdev->irq, pdev->resource[0].start, 0, pdev, &pdev->dev);
5598  else
5599  dev = _init_airo_card(pdev->irq, pdev->resource[2].start, 0, pdev, &pdev->dev);
5600  if (!dev) {
5601  pci_disable_device(pdev);
5602  return -ENODEV;
5603  }
5604 
5605  pci_set_drvdata(pdev, dev);
5606  return 0;
5607 }
5608 
5609 static void __devexit airo_pci_remove(struct pci_dev *pdev)
5610 {
5611  struct net_device *dev = pci_get_drvdata(pdev);
5612 
5613  airo_print_info(dev->name, "Unregistering...");
5614  stop_airo_card(dev, 1);
5615  pci_disable_device(pdev);
5616  pci_set_drvdata(pdev, NULL);
5617 }
5618 
5619 static int airo_pci_suspend(struct pci_dev *pdev, pm_message_t state)
5620 {
5621  struct net_device *dev = pci_get_drvdata(pdev);
5622  struct airo_info *ai = dev->ml_priv;
5623  Cmd cmd;
5624  Resp rsp;
5625 
5626  if (!ai->APList)
5627  ai->APList = kmalloc(sizeof(APListRid), GFP_KERNEL);
5628  if (!ai->APList)
5629  return -ENOMEM;
5630  if (!ai->SSID)
5631  ai->SSID = kmalloc(sizeof(SsidRid), GFP_KERNEL);
5632  if (!ai->SSID)
5633  return -ENOMEM;
5634  readAPListRid(ai, ai->APList);
5635  readSsidRid(ai, ai->SSID);
5636  memset(&cmd, 0, sizeof(cmd));
5637  /* the lock will be released at the end of the resume callback */
5638  if (down_interruptible(&ai->sem))
5639  return -EAGAIN;
5640  disable_MAC(ai, 0);
5641  netif_device_detach(dev);
5642  ai->power = state;
5643  cmd.cmd = HOSTSLEEP;
5644  issuecommand(ai, &cmd, &rsp);
5645 
5646  pci_enable_wake(pdev, pci_choose_state(pdev, state), 1);
5647  pci_save_state(pdev);
5648  pci_set_power_state(pdev, pci_choose_state(pdev, state));
5649  return 0;
5650 }
5651 
5652 static int airo_pci_resume(struct pci_dev *pdev)
5653 {
5654  struct net_device *dev = pci_get_drvdata(pdev);
5655  struct airo_info *ai = dev->ml_priv;
5657 
5658  pci_set_power_state(pdev, PCI_D0);
5659  pci_restore_state(pdev);
5660  pci_enable_wake(pdev, PCI_D0, 0);
5661 
5662  if (prev_state != PCI_D1) {
5663  reset_card(dev, 0);
5664  mpi_init_descriptors(ai);
5665  setup_card(ai, dev->dev_addr, 0);
5668  } else {
5669  OUT4500(ai, EVACK, EV_AWAKEN);
5670  OUT4500(ai, EVACK, EV_AWAKEN);
5671  msleep(100);
5672  }
5673 
5674  set_bit(FLAG_COMMIT, &ai->flags);
5675  disable_MAC(ai, 0);
5676  msleep(200);
5677  if (ai->SSID) {
5678  writeSsidRid(ai, ai->SSID, 0);
5679  kfree(ai->SSID);
5680  ai->SSID = NULL;
5681  }
5682  if (ai->APList) {
5683  writeAPListRid(ai, ai->APList, 0);
5684  kfree(ai->APList);
5685  ai->APList = NULL;
5686  }
5687  writeConfigRid(ai, 0);
5688  enable_MAC(ai, 0);
5689  ai->power = PMSG_ON;
5690  netif_device_attach(dev);
5691  netif_wake_queue(dev);
5692  enable_interrupts(ai);
5693  up(&ai->sem);
5694  return 0;
5695 }
5696 #endif
5697 
5698 static int __init airo_init_module( void )
5699 {
5700  int i;
5701 
5702  proc_kuid = make_kuid(&init_user_ns, proc_uid);
5703  proc_kgid = make_kgid(&init_user_ns, proc_gid);
5704  if (!uid_valid(proc_kuid) || !gid_valid(proc_kgid))
5705  return -EINVAL;
5706 
5707  airo_entry = proc_mkdir_mode("driver/aironet", airo_perm, NULL);
5708 
5709  if (airo_entry) {
5710  airo_entry->uid = proc_kuid;
5711  airo_entry->gid = proc_kgid;
5712  }
5713 
5714  for (i = 0; i < 4 && io[i] && irq[i]; i++) {
5715  airo_print_info("", "Trying to configure ISA adapter at irq=%d "
5716  "io=0x%x", irq[i], io[i] );
5717  if (init_airo_card( irq[i], io[i], 0, NULL ))
5718  /* do nothing */ ;
5719  }
5720 
5721 #ifdef CONFIG_PCI
5722  airo_print_info("", "Probing for PCI adapters");
5723  i = pci_register_driver(&airo_driver);
5724  airo_print_info("", "Finished probing for PCI adapters");
5725 
5726  if (i) {
5727  remove_proc_entry("driver/aironet", NULL);
5728  return i;
5729  }
5730 #endif
5731 
5732  /* Always exit with success, as we are a library module
5733  * as well as a driver module
5734  */
5735  return 0;
5736 }
5737 
5738 static void __exit airo_cleanup_module( void )
5739 {
5740  struct airo_info *ai;
5741  while(!list_empty(&airo_devices)) {
5742  ai = list_entry(airo_devices.next, struct airo_info, dev_list);
5743  airo_print_info(ai->dev->name, "Unregistering...");
5744  stop_airo_card(ai->dev, 1);
5745  }
5746 #ifdef CONFIG_PCI
5747  pci_unregister_driver(&airo_driver);
5748 #endif
5749  remove_proc_entry("driver/aironet", NULL);
5750 }
5751 
5752 /*
5753  * Initial Wireless Extension code for Aironet driver by :
5754  * Jean Tourrilhes <[email protected]> - HPL - 17 November 00
5755  * Conversion to new driver API by :
5756  * Jean Tourrilhes <[email protected]> - HPL - 26 March 02
5757  * Javier also did a good amount of work here, adding some new extensions
5758  * and fixing my code. Let's just say that without him this code just
5759  * would not work at all... - Jean II
5760  */
5761 
5762 static u8 airo_rssi_to_dbm (tdsRssiEntry *rssi_rid, u8 rssi)
5763 {
5764  if (!rssi_rid)
5765  return 0;
5766 
5767  return (0x100 - rssi_rid[rssi].rssidBm);
5768 }
5769 
5770 static u8 airo_dbm_to_pct (tdsRssiEntry *rssi_rid, u8 dbm)
5771 {
5772  int i;
5773 
5774  if (!rssi_rid)
5775  return 0;
5776 
5777  for (i = 0; i < 256; i++)
5778  if (rssi_rid[i].rssidBm == dbm)
5779  return rssi_rid[i].rssipct;
5780 
5781  return 0;
5782 }
5783 
5784 
5785 static int airo_get_quality (StatusRid *status_rid, CapabilityRid *cap_rid)
5786 {
5787  int quality = 0;
5788  u16 sq;
5789 
5790  if ((status_rid->mode & cpu_to_le16(0x3f)) != cpu_to_le16(0x3f))
5791  return 0;
5792 
5793  if (!(cap_rid->hardCap & cpu_to_le16(8)))
5794  return 0;
5795 
5796  sq = le16_to_cpu(status_rid->signalQuality);
5797  if (memcmp(cap_rid->prodName, "350", 3))
5798  if (sq > 0x20)
5799  quality = 0;
5800  else
5801  quality = 0x20 - sq;
5802  else
5803  if (sq > 0xb0)
5804  quality = 0;
5805  else if (sq < 0x10)
5806  quality = 0xa0;
5807  else
5808  quality = 0xb0 - sq;
5809  return quality;
5810 }
5811 
5812 #define airo_get_max_quality(cap_rid) (memcmp((cap_rid)->prodName, "350", 3) ? 0x20 : 0xa0)
5813 #define airo_get_avg_quality(cap_rid) (memcmp((cap_rid)->prodName, "350", 3) ? 0x10 : 0x50);
5814 
5815 /*------------------------------------------------------------------*/
5816 /*
5817  * Wireless Handler : get protocol name
5818  */
5819 static int airo_get_name(struct net_device *dev,
5820  struct iw_request_info *info,
5821  char *cwrq,
5822  char *extra)
5823 {
5824  strcpy(cwrq, "IEEE 802.11-DS");
5825  return 0;
5826 }
5827 
5828 /*------------------------------------------------------------------*/
5829 /*
5830  * Wireless Handler : set frequency
5831  */
5832 static int airo_set_freq(struct net_device *dev,
5833  struct iw_request_info *info,
5834  struct iw_freq *fwrq,
5835  char *extra)
5836 {
5837  struct airo_info *local = dev->ml_priv;
5838  int rc = -EINPROGRESS; /* Call commit handler */
5839 
5840  /* If setting by frequency, convert to a channel */
5841  if(fwrq->e == 1) {
5842  int f = fwrq->m / 100000;
5843 
5844  /* Hack to fall through... */
5845  fwrq->e = 0;
5846  fwrq->m = ieee80211_freq_to_dsss_chan(f);
5847  }
5848  /* Setting by channel number */
5849  if((fwrq->m > 1000) || (fwrq->e > 0))
5850  rc = -EOPNOTSUPP;
5851  else {
5852  int channel = fwrq->m;
5853  /* We should do a better check than that,
5854  * based on the card capability !!! */
5855  if((channel < 1) || (channel > 14)) {
5856  airo_print_dbg(dev->name, "New channel value of %d is invalid!",
5857  fwrq->m);
5858  rc = -EINVAL;
5859  } else {
5860  readConfigRid(local, 1);
5861  /* Yes ! We can set it !!! */
5862  local->config.channelSet = cpu_to_le16(channel);
5863  set_bit (FLAG_COMMIT, &local->flags);
5864  }
5865  }
5866  return rc;
5867 }
5868 
5869 /*------------------------------------------------------------------*/
5870 /*
5871  * Wireless Handler : get frequency
5872  */
5873 static int airo_get_freq(struct net_device *dev,
5874  struct iw_request_info *info,
5875  struct iw_freq *fwrq,
5876  char *extra)
5877 {
5878  struct airo_info *local = dev->ml_priv;
5879  StatusRid status_rid; /* Card status info */
5880  int ch;
5881 
5882  readConfigRid(local, 1);
5883  if ((local->config.opmode & MODE_CFG_MASK) == MODE_STA_ESS)
5884  status_rid.channel = local->config.channelSet;
5885  else
5886  readStatusRid(local, &status_rid, 1);
5887 
5888  ch = le16_to_cpu(status_rid.channel);
5889  if((ch > 0) && (ch < 15)) {
5890  fwrq->m = ieee80211_dsss_chan_to_freq(ch) * 100000;
5891  fwrq->e = 1;
5892  } else {
5893  fwrq->m = ch;
5894  fwrq->e = 0;
5895  }
5896 
5897  return 0;
5898 }
5899 
5900 /*------------------------------------------------------------------*/
5901 /*
5902  * Wireless Handler : set ESSID
5903  */
5904 static int airo_set_essid(struct net_device *dev,
5905  struct iw_request_info *info,
5906  struct iw_point *dwrq,
5907  char *extra)
5908 {
5909  struct airo_info *local = dev->ml_priv;
5910  SsidRid SSID_rid; /* SSIDs */
5911 
5912  /* Reload the list of current SSID */
5913  readSsidRid(local, &SSID_rid);
5914 
5915  /* Check if we asked for `any' */
5916  if (dwrq->flags == 0) {
5917  /* Just send an empty SSID list */
5918  memset(&SSID_rid, 0, sizeof(SSID_rid));
5919  } else {
5920  unsigned index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
5921 
5922  /* Check the size of the string */
5923  if (dwrq->length > IW_ESSID_MAX_SIZE)
5924  return -E2BIG ;
5925 
5926  /* Check if index is valid */
5927  if (index >= ARRAY_SIZE(SSID_rid.ssids))
5928  return -EINVAL;
5929 
5930  /* Set the SSID */
5931  memset(SSID_rid.ssids[index].ssid, 0,
5932  sizeof(SSID_rid.ssids[index].ssid));
5933  memcpy(SSID_rid.ssids[index].ssid, extra, dwrq->length);
5934  SSID_rid.ssids[index].len = cpu_to_le16(dwrq->length);
5935  }
5936  SSID_rid.len = cpu_to_le16(sizeof(SSID_rid));
5937  /* Write it to the card */
5938  disable_MAC(local, 1);
5939  writeSsidRid(local, &SSID_rid, 1);
5940  enable_MAC(local, 1);
5941 
5942  return 0;
5943 }
5944 
5945 /*------------------------------------------------------------------*/
5946 /*
5947  * Wireless Handler : get ESSID
5948  */
5949 static int airo_get_essid(struct net_device *dev,
5950  struct iw_request_info *info,
5951  struct iw_point *dwrq,
5952  char *extra)
5953 {
5954  struct airo_info *local = dev->ml_priv;
5955  StatusRid status_rid; /* Card status info */
5956 
5957  readStatusRid(local, &status_rid, 1);
5958 
5959  /* Note : if dwrq->flags != 0, we should
5960  * get the relevant SSID from the SSID list... */
5961 
5962  /* Get the current SSID */
5963  memcpy(extra, status_rid.SSID, le16_to_cpu(status_rid.SSIDlen));
5964  /* If none, we may want to get the one that was set */
5965 
5966  /* Push it out ! */
5967  dwrq->length = le16_to_cpu(status_rid.SSIDlen);
5968  dwrq->flags = 1; /* active */
5969 
5970  return 0;
5971 }
5972 
5973 /*------------------------------------------------------------------*/
5974 /*
5975  * Wireless Handler : set AP address
5976  */
5977 static int airo_set_wap(struct net_device *dev,
5978  struct iw_request_info *info,
5979  struct sockaddr *awrq,
5980  char *extra)
5981 {
5982  struct airo_info *local = dev->ml_priv;
5983  Cmd cmd;
5984  Resp rsp;
5985  APListRid APList_rid;
5986 
5987  if (awrq->sa_family != ARPHRD_ETHER)
5988  return -EINVAL;
5989  else if (is_broadcast_ether_addr(awrq->sa_data) ||
5990  is_zero_ether_addr(awrq->sa_data)) {
5991  memset(&cmd, 0, sizeof(cmd));
5992  cmd.cmd=CMD_LOSE_SYNC;
5993  if (down_interruptible(&local->sem))
5994  return -ERESTARTSYS;
5995  issuecommand(local, &cmd, &rsp);
5996  up(&local->sem);
5997  } else {
5998  memset(&APList_rid, 0, sizeof(APList_rid));
5999  APList_rid.len = cpu_to_le16(sizeof(APList_rid));
6000  memcpy(APList_rid.ap[0], awrq->sa_data, ETH_ALEN);
6001  disable_MAC(local, 1);
6002  writeAPListRid(local, &APList_rid, 1);
6003  enable_MAC(local, 1);
6004  }
6005  return 0;
6006 }
6007 
6008 /*------------------------------------------------------------------*/
6009 /*
6010  * Wireless Handler : get AP address
6011  */
6012 static int airo_get_wap(struct net_device *dev,
6013  struct iw_request_info *info,
6014  struct sockaddr *awrq,
6015  char *extra)
6016 {
6017  struct airo_info *local = dev->ml_priv;
6018  StatusRid status_rid; /* Card status info */
6019 
6020  readStatusRid(local, &status_rid, 1);
6021 
6022  /* Tentative. This seems to work, wow, I'm lucky !!! */
6023  memcpy(awrq->sa_data, status_rid.bssid[0], ETH_ALEN);
6024  awrq->sa_family = ARPHRD_ETHER;
6025 
6026  return 0;
6027 }
6028 
6029 /*------------------------------------------------------------------*/
6030 /*
6031  * Wireless Handler : set Nickname
6032  */
6033 static int airo_set_nick(struct net_device *dev,
6034  struct iw_request_info *info,
6035  struct iw_point *dwrq,
6036  char *extra)
6037 {
6038  struct airo_info *local = dev->ml_priv;
6039 
6040  /* Check the size of the string */
6041  if(dwrq->length > 16) {
6042  return -E2BIG;
6043  }
6044  readConfigRid(local, 1);
6045  memset(local->config.nodeName, 0, sizeof(local->config.nodeName));
6046  memcpy(local->config.nodeName, extra, dwrq->length);
6047  set_bit (FLAG_COMMIT, &local->flags);
6048 
6049  return -EINPROGRESS; /* Call commit handler */
6050 }
6051 
6052 /*------------------------------------------------------------------*/
6053 /*
6054  * Wireless Handler : get Nickname
6055  */
6056 static int airo_get_nick(struct net_device *dev,
6057  struct iw_request_info *info,
6058  struct iw_point *dwrq,
6059  char *extra)
6060 {
6061  struct airo_info *local = dev->ml_priv;
6062 
6063  readConfigRid(local, 1);
6064  strncpy(extra, local->config.nodeName, 16);
6065  extra[16] = '\0';
6066  dwrq->length = strlen(extra);
6067 
6068  return 0;
6069 }
6070 
6071 /*------------------------------------------------------------------*/
6072 /*
6073  * Wireless Handler : set Bit-Rate
6074  */
6075 static int airo_set_rate(struct net_device *dev,
6076  struct iw_request_info *info,
6077  struct iw_param *vwrq,
6078  char *extra)
6079 {
6080  struct airo_info *local = dev->ml_priv;
6081  CapabilityRid cap_rid; /* Card capability info */
6082  u8 brate = 0;
6083  int i;
6084 
6085  /* First : get a valid bit rate value */
6086  readCapabilityRid(local, &cap_rid, 1);
6087 
6088  /* Which type of value ? */
6089  if((vwrq->value < 8) && (vwrq->value >= 0)) {
6090  /* Setting by rate index */
6091  /* Find value in the magic rate table */
6092  brate = cap_rid.supportedRates[vwrq->value];
6093  } else {
6094  /* Setting by frequency value */
6095  u8 normvalue = (u8) (vwrq->value/500000);
6096 
6097  /* Check if rate is valid */
6098  for(i = 0 ; i < 8 ; i++) {
6099  if(normvalue == cap_rid.supportedRates[i]) {
6100  brate = normvalue;
6101  break;
6102  }
6103  }
6104  }
6105  /* -1 designed the max rate (mostly auto mode) */
6106  if(vwrq->value == -1) {
6107  /* Get the highest available rate */
6108  for(i = 0 ; i < 8 ; i++) {
6109  if(cap_rid.supportedRates[i] == 0)
6110  break;
6111  }
6112  if(i != 0)
6113  brate = cap_rid.supportedRates[i - 1];
6114  }
6115  /* Check that it is valid */
6116  if(brate == 0) {
6117  return -EINVAL;
6118  }
6119 
6120  readConfigRid(local, 1);
6121  /* Now, check if we want a fixed or auto value */
6122  if(vwrq->fixed == 0) {
6123  /* Fill all the rates up to this max rate */
6124  memset(local->config.rates, 0, 8);
6125  for(i = 0 ; i < 8 ; i++) {
6126  local->config.rates[i] = cap_rid.supportedRates[i];
6127  if(local->config.rates[i] == brate)
6128  break;
6129  }
6130  } else {
6131  /* Fixed mode */
6132  /* One rate, fixed */
6133  memset(local->config.rates, 0, 8);
6134  local->config.rates[0] = brate;
6135  }
6136  set_bit (FLAG_COMMIT, &local->flags);
6137 
6138  return -EINPROGRESS; /* Call commit handler */
6139 }
6140 
6141 /*------------------------------------------------------------------*/
6142 /*
6143  * Wireless Handler : get Bit-Rate
6144  */
6145 static int airo_get_rate(struct net_device *dev,
6146  struct iw_request_info *info,
6147  struct iw_param *vwrq,
6148  char *extra)
6149 {
6150  struct airo_info *local = dev->ml_priv;
6151  StatusRid status_rid; /* Card status info */
6152 
6153  readStatusRid(local, &status_rid, 1);
6154 
6155  vwrq->value = le16_to_cpu(status_rid.currentXmitRate) * 500000;
6156  /* If more than one rate, set auto */
6157  readConfigRid(local, 1);
6158  vwrq->fixed = (local->config.rates[1] == 0);
6159 
6160  return 0;
6161 }
6162 
6163 /*------------------------------------------------------------------*/
6164 /*
6165  * Wireless Handler : set RTS threshold
6166  */
6167 static int airo_set_rts(struct net_device *dev,
6168  struct iw_request_info *info,
6169  struct iw_param *vwrq,
6170  char *extra)
6171 {
6172  struct airo_info *local = dev->ml_priv;
6173  int rthr = vwrq->value;
6174 
6175  if(vwrq->disabled)
6176  rthr = AIRO_DEF_MTU;
6177  if((rthr < 0) || (rthr > AIRO_DEF_MTU)) {
6178  return -EINVAL;
6179  }
6180  readConfigRid(local, 1);
6181  local->config.rtsThres = cpu_to_le16(rthr);
6182  set_bit (FLAG_COMMIT, &local->flags);
6183 
6184  return -EINPROGRESS; /* Call commit handler */
6185 }
6186 
6187 /*------------------------------------------------------------------*/
6188 /*
6189  * Wireless Handler : get RTS threshold
6190  */
6191 static int airo_get_rts(struct net_device *dev,
6192  struct iw_request_info *info,
6193  struct iw_param *vwrq,
6194  char *extra)
6195 {
6196  struct airo_info *local = dev->ml_priv;
6197 
6198  readConfigRid(local, 1);
6199  vwrq->value = le16_to_cpu(local->config.rtsThres);
6200  vwrq->disabled = (vwrq->value >= AIRO_DEF_MTU);
6201  vwrq->fixed = 1;
6202 
6203  return 0;
6204 }
6205 
6206 /*------------------------------------------------------------------*/
6207 /*
6208  * Wireless Handler : set Fragmentation threshold
6209  */
6210 static int airo_set_frag(struct net_device *dev,
6211  struct iw_request_info *info,
6212  struct iw_param *vwrq,
6213  char *extra)
6214 {
6215  struct airo_info *local = dev->ml_priv;
6216  int fthr = vwrq->value;
6217 
6218  if(vwrq->disabled)
6219  fthr = AIRO_DEF_MTU;
6220  if((fthr < 256) || (fthr > AIRO_DEF_MTU)) {
6221  return -EINVAL;
6222  }
6223  fthr &= ~0x1; /* Get an even value - is it really needed ??? */
6224  readConfigRid(local, 1);
6225  local->config.fragThresh = cpu_to_le16(fthr);
6226  set_bit (FLAG_COMMIT, &local->flags);
6227 
6228  return -EINPROGRESS; /* Call commit handler */
6229 }
6230 
6231 /*------------------------------------------------------------------*/
6232 /*
6233  * Wireless Handler : get Fragmentation threshold
6234  */
6235 static int airo_get_frag(struct net_device *dev,
6236  struct iw_request_info *info,
6237  struct iw_param *vwrq,
6238  char *extra)
6239 {
6240  struct airo_info *local = dev->ml_priv;
6241 
6242  readConfigRid(local, 1);
6243  vwrq->value = le16_to_cpu(local->config.fragThresh);
6244  vwrq->disabled = (vwrq->value >= AIRO_DEF_MTU);
6245  vwrq->fixed = 1;
6246 
6247  return 0;
6248 }
6249 
6250 /*------------------------------------------------------------------*/
6251 /*
6252  * Wireless Handler : set Mode of Operation
6253  */
6254 static int airo_set_mode(struct net_device *dev,
6255  struct iw_request_info *info,
6256  __u32 *uwrq,
6257  char *extra)
6258 {
6259  struct airo_info *local = dev->ml_priv;
6260  int reset = 0;
6261 
6262  readConfigRid(local, 1);
6263  if (sniffing_mode(local))
6264  reset = 1;
6265 
6266  switch(*uwrq) {
6267  case IW_MODE_ADHOC:
6268  local->config.opmode &= ~MODE_CFG_MASK;
6269  local->config.opmode |= MODE_STA_IBSS;
6270  local->config.rmode &= ~RXMODE_FULL_MASK;
6271  local->config.scanMode = SCANMODE_ACTIVE;
6272  clear_bit (FLAG_802_11, &local->flags);
6273  break;
6274  case IW_MODE_INFRA:
6275  local->config.opmode &= ~MODE_CFG_MASK;
6276  local->config.opmode |= MODE_STA_ESS;
6277  local->config.rmode &= ~RXMODE_FULL_MASK;
6278  local->config.scanMode = SCANMODE_ACTIVE;
6279  clear_bit (FLAG_802_11, &local->flags);
6280  break;
6281  case IW_MODE_MASTER:
6282  local->config.opmode &= ~MODE_CFG_MASK;
6283  local->config.opmode |= MODE_AP;
6284  local->config.rmode &= ~RXMODE_FULL_MASK;
6285  local->config.scanMode = SCANMODE_ACTIVE;
6286  clear_bit (FLAG_802_11, &local->flags);
6287  break;
6288  case IW_MODE_REPEAT:
6289  local->config.opmode &= ~MODE_CFG_MASK;
6290  local->config.opmode |= MODE_AP_RPTR;
6291  local->config.rmode &= ~RXMODE_FULL_MASK;
6292  local->config.scanMode = SCANMODE_ACTIVE;
6293  clear_bit (FLAG_802_11, &local->flags);
6294  break;
6295  case IW_MODE_MONITOR:
6296  local->config.opmode &= ~MODE_CFG_MASK;
6297  local->config.opmode |= MODE_STA_ESS;
6298  local->config.rmode &= ~RXMODE_FULL_MASK;
6300  local->config.scanMode = SCANMODE_PASSIVE;
6301  set_bit (FLAG_802_11, &local->flags);
6302  break;
6303  default:
6304  return -EINVAL;
6305  }
6306  if (reset)
6307  set_bit (FLAG_RESET, &local->flags);
6308  set_bit (FLAG_COMMIT, &local->flags);
6309 
6310  return -EINPROGRESS; /* Call commit handler */
6311 }
6312 
6313 /*------------------------------------------------------------------*/
6314 /*
6315  * Wireless Handler : get Mode of Operation
6316  */
6317 static int airo_get_mode(struct net_device *dev,
6318  struct iw_request_info *info,
6319  __u32 *uwrq,
6320  char *extra)
6321 {
6322  struct airo_info *local = dev->ml_priv;
6323 
6324  readConfigRid(local, 1);
6325  /* If not managed, assume it's ad-hoc */
6326  switch (local->config.opmode & MODE_CFG_MASK) {
6327  case MODE_STA_ESS:
6328  *uwrq = IW_MODE_INFRA;
6329  break;
6330  case MODE_AP:
6331  *uwrq = IW_MODE_MASTER;
6332  break;
6333  case MODE_AP_RPTR:
6334  *uwrq = IW_MODE_REPEAT;
6335  break;
6336  default:
6337  *uwrq = IW_MODE_ADHOC;
6338  }
6339 
6340  return 0;
6341 }
6342 
6343 static inline int valid_index(struct airo_info *ai, int index)
6344 {
6345  return (index >= 0) && (index <= ai->max_wep_idx);
6346 }
6347 
6348 /*------------------------------------------------------------------*/
6349 /*
6350  * Wireless Handler : set Encryption Key
6351  */
6352 static int airo_set_encode(struct net_device *dev,
6353  struct iw_request_info *info,
6354  struct iw_point *dwrq,
6355  char *extra)
6356 {
6357  struct airo_info *local = dev->ml_priv;
6358  int perm = (dwrq->flags & IW_ENCODE_TEMP ? 0 : 1);
6359  __le16 currentAuthType = local->config.authType;
6360  int rc = 0;
6361 
6362  if (!local->wep_capable)
6363  return -EOPNOTSUPP;
6364 
6365  readConfigRid(local, 1);
6366 
6367  /* Basic checking: do we have a key to set ?
6368  * Note : with the new API, it's impossible to get a NULL pointer.
6369  * Therefore, we need to check a key size == 0 instead.
6370  * New version of iwconfig properly set the IW_ENCODE_NOKEY flag
6371  * when no key is present (only change flags), but older versions
6372  * don't do it. - Jean II */
6373  if (dwrq->length > 0) {
6374  wep_key_t key;
6375  int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
6376  int current_index;
6377 
6378  /* Check the size of the key */
6379  if (dwrq->length > MAX_KEY_SIZE) {
6380  return -EINVAL;
6381  }
6382 
6383  current_index = get_wep_tx_idx(local);
6384  if (current_index < 0)
6385  current_index = 0;
6386 
6387  /* Check the index (none -> use current) */
6388  if (!valid_index(local, index))
6389  index = current_index;
6390 
6391  /* Set the length */
6392  if (dwrq->length > MIN_KEY_SIZE)
6393  key.len = MAX_KEY_SIZE;
6394  else
6395  key.len = MIN_KEY_SIZE;
6396  /* Check if the key is not marked as invalid */
6397  if(!(dwrq->flags & IW_ENCODE_NOKEY)) {
6398  /* Cleanup */
6399  memset(key.key, 0, MAX_KEY_SIZE);
6400  /* Copy the key in the driver */
6401  memcpy(key.key, extra, dwrq->length);
6402  /* Send the key to the card */
6403  rc = set_wep_key(local, index, key.key, key.len, perm, 1);
6404  if (rc < 0) {
6405  airo_print_err(local->dev->name, "failed to set"
6406  " WEP key at index %d: %d.",
6407  index, rc);
6408  return rc;
6409  }
6410  }
6411  /* WE specify that if a valid key is set, encryption
6412  * should be enabled (user may turn it off later)
6413  * This is also how "iwconfig ethX key on" works */
6414  if((index == current_index) && (key.len > 0) &&
6415  (local->config.authType == AUTH_OPEN)) {
6416  local->config.authType = AUTH_ENCRYPT;
6417  }
6418  } else {
6419  /* Do we want to just set the transmit key index ? */
6420  int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
6421  if (valid_index(local, index)) {
6422  rc = set_wep_tx_idx(local, index, perm, 1);
6423  if (rc < 0) {
6424  airo_print_err(local->dev->name, "failed to set"
6425  " WEP transmit index to %d: %d.",
6426  index, rc);
6427  return rc;
6428  }
6429  } else {
6430  /* Don't complain if only change the mode */
6431  if (!(dwrq->flags & IW_ENCODE_MODE))
6432  return -EINVAL;
6433  }
6434  }
6435  /* Read the flags */
6436  if(dwrq->flags & IW_ENCODE_DISABLED)
6437  local->config.authType = AUTH_OPEN; // disable encryption
6438  if(dwrq->flags & IW_ENCODE_RESTRICTED)
6439  local->config.authType = AUTH_SHAREDKEY; // Only Both
6440  if(dwrq->flags & IW_ENCODE_OPEN)
6441  local->config.authType = AUTH_ENCRYPT; // Only Wep
6442  /* Commit the changes to flags if needed */
6443  if (local->config.authType != currentAuthType)
6444  set_bit (FLAG_COMMIT, &local->flags);
6445  return -EINPROGRESS; /* Call commit handler */
6446 }
6447 
6448 /*------------------------------------------------------------------*/
6449 /*
6450  * Wireless Handler : get Encryption Key
6451  */
6452 static int airo_get_encode(struct net_device *dev,
6453  struct iw_request_info *info,
6454  struct iw_point *dwrq,
6455  char *extra)
6456 {
6457  struct airo_info *local = dev->ml_priv;
6458  int index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
6459  int wep_key_len;
6460  u8 buf[16];
6461 
6462  if (!local->wep_capable)
6463  return -EOPNOTSUPP;
6464 
6465  readConfigRid(local, 1);
6466 
6467  /* Check encryption mode */
6468  switch(local->config.authType) {
6469  case AUTH_ENCRYPT:
6470  dwrq->flags = IW_ENCODE_OPEN;
6471  break;
6472  case AUTH_SHAREDKEY:
6473  dwrq->flags = IW_ENCODE_RESTRICTED;
6474  break;
6475  default:
6476  case AUTH_OPEN:
6477  dwrq->flags = IW_ENCODE_DISABLED;
6478  break;
6479  }
6480  /* We can't return the key, so set the proper flag and return zero */
6481  dwrq->flags |= IW_ENCODE_NOKEY;
6482  memset(extra, 0, 16);
6483 
6484  /* Which key do we want ? -1 -> tx index */
6485  if (!valid_index(local, index)) {
6486  index = get_wep_tx_idx(local);
6487  if (index < 0)
6488  index = 0;
6489  }
6490  dwrq->flags |= index + 1;
6491 
6492  /* Copy the key to the user buffer */
6493  wep_key_len = get_wep_key(local, index, &buf[0], sizeof(buf));
6494  if (wep_key_len < 0) {
6495  dwrq->length = 0;
6496  } else {
6497  dwrq->length = wep_key_len;
6498  memcpy(extra, buf, dwrq->length);
6499  }
6500 
6501  return 0;
6502 }
6503 
6504 /*------------------------------------------------------------------*/
6505 /*
6506  * Wireless Handler : set extended Encryption parameters
6507  */
6508 static int airo_set_encodeext(struct net_device *dev,
6509  struct iw_request_info *info,
6510  union iwreq_data *wrqu,
6511  char *extra)
6512 {
6513  struct airo_info *local = dev->ml_priv;
6514  struct iw_point *encoding = &wrqu->encoding;
6515  struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
6516  int perm = ( encoding->flags & IW_ENCODE_TEMP ? 0 : 1 );
6517  __le16 currentAuthType = local->config.authType;
6518  int idx, key_len, alg = ext->alg, set_key = 1, rc;
6519  wep_key_t key;
6520 
6521  if (!local->wep_capable)
6522  return -EOPNOTSUPP;
6523 
6524  readConfigRid(local, 1);
6525 
6526  /* Determine and validate the key index */
6527  idx = encoding->flags & IW_ENCODE_INDEX;
6528  if (idx) {
6529  if (!valid_index(local, idx - 1))
6530  return -EINVAL;
6531  idx--;
6532  } else {
6533  idx = get_wep_tx_idx(local);
6534  if (idx < 0)
6535  idx = 0;
6536  }
6537 
6538  if (encoding->flags & IW_ENCODE_DISABLED)
6539  alg = IW_ENCODE_ALG_NONE;
6540 
6541  if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
6542  /* Only set transmit key index here, actual
6543  * key is set below if needed.
6544  */
6545  rc = set_wep_tx_idx(local, idx, perm, 1);
6546  if (rc < 0) {
6547  airo_print_err(local->dev->name, "failed to set "
6548  "WEP transmit index to %d: %d.",
6549  idx, rc);
6550  return rc;
6551  }
6552  set_key = ext->key_len > 0 ? 1 : 0;
6553  }
6554 
6555  if (set_key) {
6556  /* Set the requested key first */
6557  memset(key.key, 0, MAX_KEY_SIZE);
6558  switch (alg) {
6559  case IW_ENCODE_ALG_NONE:
6560  key.len = 0;
6561  break;
6562  case IW_ENCODE_ALG_WEP:
6563  if (ext->key_len > MIN_KEY_SIZE) {
6564  key.len = MAX_KEY_SIZE;
6565  } else if (ext->key_len > 0) {
6566  key.len = MIN_KEY_SIZE;
6567  } else {
6568  return -EINVAL;
6569  }
6570  key_len = min (ext->key_len, key.len);
6571  memcpy(key.key, ext->key, key_len);
6572  break;
6573  default:
6574  return -EINVAL;
6575  }
6576  if (key.len == 0) {
6577  rc = set_wep_tx_idx(local, idx, perm, 1);
6578  if (rc < 0) {
6579  airo_print_err(local->dev->name,
6580  "failed to set WEP transmit index to %d: %d.",
6581  idx, rc);
6582  return rc;
6583  }
6584  } else {
6585  rc = set_wep_key(local, idx, key.key, key.len, perm, 1);
6586  if (rc < 0) {
6587  airo_print_err(local->dev->name,
6588  "failed to set WEP key at index %d: %d.",
6589  idx, rc);
6590  return rc;
6591  }
6592  }
6593  }
6594 
6595  /* Read the flags */
6596  if(encoding->flags & IW_ENCODE_DISABLED)
6597  local->config.authType = AUTH_OPEN; // disable encryption
6598  if(encoding->flags & IW_ENCODE_RESTRICTED)
6599  local->config.authType = AUTH_SHAREDKEY; // Only Both
6600  if(encoding->flags & IW_ENCODE_OPEN)
6601  local->config.authType = AUTH_ENCRYPT; // Only Wep
6602  /* Commit the changes to flags if needed */
6603  if (local->config.authType != currentAuthType)
6604  set_bit (FLAG_COMMIT, &local->flags);
6605 
6606  return -EINPROGRESS;
6607 }
6608 
6609 
6610 /*------------------------------------------------------------------*/
6611 /*
6612  * Wireless Handler : get extended Encryption parameters
6613  */
6614 static int airo_get_encodeext(struct net_device *dev,
6615  struct iw_request_info *info,
6616  union iwreq_data *wrqu,
6617  char *extra)
6618 {
6619  struct airo_info *local = dev->ml_priv;
6620  struct iw_point *encoding = &wrqu->encoding;
6621  struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
6622  int idx, max_key_len, wep_key_len;
6623  u8 buf[16];
6624 
6625  if (!local->wep_capable)
6626  return -EOPNOTSUPP;
6627 
6628  readConfigRid(local, 1);
6629 
6630  max_key_len = encoding->length - sizeof(*ext);
6631  if (max_key_len < 0)
6632  return -EINVAL;
6633 
6634  idx = encoding->flags & IW_ENCODE_INDEX;
6635  if (idx) {
6636  if (!valid_index(local, idx - 1))
6637  return -EINVAL;
6638  idx--;
6639  } else {
6640  idx = get_wep_tx_idx(local);
6641  if (idx < 0)
6642  idx = 0;
6643  }
6644 
6645  encoding->flags = idx + 1;
6646  memset(ext, 0, sizeof(*ext));
6647 
6648  /* Check encryption mode */
6649  switch(local->config.authType) {
6650  case AUTH_ENCRYPT:
6652  break;
6653  case AUTH_SHAREDKEY:
6655  break;
6656  default:
6657  case AUTH_OPEN:
6659  break;
6660  }
6661  /* We can't return the key, so set the proper flag and return zero */
6662  encoding->flags |= IW_ENCODE_NOKEY;
6663  memset(extra, 0, 16);
6664 
6665  /* Copy the key to the user buffer */
6666  wep_key_len = get_wep_key(local, idx, &buf[0], sizeof(buf));
6667  if (wep_key_len < 0) {
6668  ext->key_len = 0;
6669  } else {
6670  ext->key_len = wep_key_len;
6671  memcpy(extra, buf, ext->key_len);
6672  }
6673 
6674  return 0;
6675 }
6676 
6677 
6678 /*------------------------------------------------------------------*/
6679 /*
6680  * Wireless Handler : set extended authentication parameters
6681  */
6682 static int airo_set_auth(struct net_device *dev,
6683  struct iw_request_info *info,
6684  union iwreq_data *wrqu, char *extra)
6685 {
6686  struct airo_info *local = dev->ml_priv;
6687  struct iw_param *param = &wrqu->param;
6688  __le16 currentAuthType = local->config.authType;
6689 
6690  switch (param->flags & IW_AUTH_INDEX) {
6691  case IW_AUTH_WPA_VERSION:
6693  case IW_AUTH_CIPHER_GROUP:
6694  case IW_AUTH_KEY_MGMT:
6697  /*
6698  * airo does not use these parameters
6699  */
6700  break;
6701 
6703  if (param->value) {
6704  /* Only change auth type if unencrypted */
6705  if (currentAuthType == AUTH_OPEN)
6706  local->config.authType = AUTH_ENCRYPT;
6707  } else {
6708  local->config.authType = AUTH_OPEN;
6709  }
6710 
6711  /* Commit the changes to flags if needed */
6712  if (local->config.authType != currentAuthType)
6713  set_bit (FLAG_COMMIT, &local->flags);
6714  break;
6715 
6716  case IW_AUTH_80211_AUTH_ALG: {
6717  /* FIXME: What about AUTH_OPEN? This API seems to
6718  * disallow setting our auth to AUTH_OPEN.
6719  */
6720  if (param->value & IW_AUTH_ALG_SHARED_KEY) {
6721  local->config.authType = AUTH_SHAREDKEY;
6722  } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) {
6723  local->config.authType = AUTH_ENCRYPT;
6724  } else
6725  return -EINVAL;
6726 
6727  /* Commit the changes to flags if needed */
6728  if (local->config.authType != currentAuthType)
6729  set_bit (FLAG_COMMIT, &local->flags);
6730  break;
6731  }
6732 
6733  case IW_AUTH_WPA_ENABLED:
6734  /* Silently accept disable of WPA */
6735  if (param->value > 0)
6736  return -EOPNOTSUPP;
6737  break;
6738 
6739  default:
6740  return -EOPNOTSUPP;
6741  }
6742  return -EINPROGRESS;
6743 }
6744 
6745 
6746 /*------------------------------------------------------------------*/
6747 /*
6748  * Wireless Handler : get extended authentication parameters
6749  */
6750 static int airo_get_auth(struct net_device *dev,
6751  struct iw_request_info *info,
6752  union iwreq_data *wrqu, char *extra)
6753 {
6754  struct airo_info *local = dev->ml_priv;
6755  struct iw_param *param = &wrqu->param;
6756  __le16 currentAuthType = local->config.authType;
6757 
6758  switch (param->flags & IW_AUTH_INDEX) {
6760  switch (currentAuthType) {
6761  case AUTH_SHAREDKEY:
6762  case AUTH_ENCRYPT:
6763  param->value = 1;
6764  break;
6765  default:
6766  param->value = 0;
6767  break;
6768  }
6769  break;
6770 
6772  switch (currentAuthType) {
6773  case AUTH_SHAREDKEY:
6774  param->value = IW_AUTH_ALG_SHARED_KEY;
6775  break;
6776  case AUTH_ENCRYPT:
6777  default:
6778  param->value = IW_AUTH_ALG_OPEN_SYSTEM;
6779  break;
6780  }
6781  break;
6782 
6783  case IW_AUTH_WPA_ENABLED:
6784  param->value = 0;
6785  break;
6786 
6787  default:
6788  return -EOPNOTSUPP;
6789  }
6790  return 0;
6791 }
6792 
6793 
6794 /*------------------------------------------------------------------*/
6795 /*
6796  * Wireless Handler : set Tx-Power
6797  */
6798 static int airo_set_txpow(struct net_device *dev,
6799  struct iw_request_info *info,
6800  struct iw_param *vwrq,
6801  char *extra)
6802 {
6803  struct airo_info *local = dev->ml_priv;
6804  CapabilityRid cap_rid; /* Card capability info */
6805  int i;
6806  int rc = -EINVAL;
6807  __le16 v = cpu_to_le16(vwrq->value);
6808 
6809  readCapabilityRid(local, &cap_rid, 1);
6810 
6811  if (vwrq->disabled) {
6812  set_bit (FLAG_RADIO_OFF, &local->flags);
6813  set_bit (FLAG_COMMIT, &local->flags);
6814  return -EINPROGRESS; /* Call commit handler */
6815  }
6816  if (vwrq->flags != IW_TXPOW_MWATT) {
6817  return -EINVAL;
6818  }
6819  clear_bit (FLAG_RADIO_OFF, &local->flags);
6820  for (i = 0; i < 8 && cap_rid.txPowerLevels[i]; i++)
6821  if (v == cap_rid.txPowerLevels[i]) {
6822  readConfigRid(local, 1);
6823  local->config.txPower = v;
6824  set_bit (FLAG_COMMIT, &local->flags);
6825  rc = -EINPROGRESS; /* Call commit handler */
6826  break;
6827  }
6828  return rc;
6829 }
6830 
6831 /*------------------------------------------------------------------*/
6832 /*
6833  * Wireless Handler : get Tx-Power
6834  */
6835 static int airo_get_txpow(struct net_device *dev,
6836  struct iw_request_info *info,
6837  struct iw_param *vwrq,
6838  char *extra)
6839 {
6840  struct airo_info *local = dev->ml_priv;
6841 
6842  readConfigRid(local, 1);
6843  vwrq->value = le16_to_cpu(local->config.txPower);
6844  vwrq->fixed = 1; /* No power control */
6845  vwrq->disabled = test_bit(FLAG_RADIO_OFF, &local->flags);
6846  vwrq->flags = IW_TXPOW_MWATT;
6847 
6848  return 0;
6849 }
6850 
6851 /*------------------------------------------------------------------*/
6852 /*
6853  * Wireless Handler : set Retry limits
6854  */
6855 static int airo_set_retry(struct net_device *dev,
6856  struct iw_request_info *info,
6857  struct iw_param *vwrq,
6858  char *extra)
6859 {
6860  struct airo_info *local = dev->ml_priv;
6861  int rc = -EINVAL;
6862 
6863  if(vwrq->disabled) {
6864  return -EINVAL;
6865  }
6866  readConfigRid(local, 1);
6867  if(vwrq->flags & IW_RETRY_LIMIT) {
6868  __le16 v = cpu_to_le16(vwrq->value);
6869  if(vwrq->flags & IW_RETRY_LONG)
6870  local->config.longRetryLimit = v;
6871  else if (vwrq->flags & IW_RETRY_SHORT)
6872  local->config.shortRetryLimit = v;
6873  else {
6874  /* No modifier : set both */
6875  local->config.longRetryLimit = v;
6876  local->config.shortRetryLimit = v;
6877  }
6878  set_bit (FLAG_COMMIT, &local->flags);
6879  rc = -EINPROGRESS; /* Call commit handler */
6880  }
6881  if(vwrq->flags & IW_RETRY_LIFETIME) {
6882  local->config.txLifetime = cpu_to_le16(vwrq->value / 1024);
6883  set_bit (FLAG_COMMIT, &local->flags);
6884  rc = -EINPROGRESS; /* Call commit handler */
6885  }
6886  return rc;
6887 }
6888 
6889 /*------------------------------------------------------------------*/
6890 /*
6891  * Wireless Handler : get Retry limits
6892  */
6893 static int airo_get_retry(struct net_device *dev,
6894  struct iw_request_info *info,
6895  struct iw_param *vwrq,
6896  char *extra)
6897 {
6898  struct airo_info *local = dev->ml_priv;
6899 
6900  vwrq->disabled = 0; /* Can't be disabled */
6901 
6902  readConfigRid(local, 1);
6903  /* Note : by default, display the min retry number */
6904  if((vwrq->flags & IW_RETRY_TYPE) == IW_RETRY_LIFETIME) {
6905  vwrq->flags = IW_RETRY_LIFETIME;
6906  vwrq->value = le16_to_cpu(local->config.txLifetime) * 1024;
6907  } else if((vwrq->flags & IW_RETRY_LONG)) {
6909  vwrq->value = le16_to_cpu(local->config.longRetryLimit);
6910  } else {
6911  vwrq->flags = IW_RETRY_LIMIT;
6912  vwrq->value = le16_to_cpu(local->config.shortRetryLimit);
6913  if(local->config.shortRetryLimit != local->config.longRetryLimit)
6914  vwrq->flags |= IW_RETRY_SHORT;
6915  }
6916 
6917  return 0;
6918 }
6919 
6920 /*------------------------------------------------------------------*/
6921 /*
6922  * Wireless Handler : get range info
6923  */
6924 static int airo_get_range(struct net_device *dev,
6925  struct iw_request_info *info,
6926  struct iw_point *dwrq,
6927  char *extra)
6928 {
6929  struct airo_info *local = dev->ml_priv;
6930  struct iw_range *range = (struct iw_range *) extra;
6931  CapabilityRid cap_rid; /* Card capability info */
6932  int i;
6933  int k;
6934 
6935  readCapabilityRid(local, &cap_rid, 1);
6936 
6937  dwrq->length = sizeof(struct iw_range);
6938  memset(range, 0, sizeof(*range));
6939  range->min_nwid = 0x0000;
6940  range->max_nwid = 0x0000;
6941  range->num_channels = 14;
6942  /* Should be based on cap_rid.country to give only
6943  * what the current card support */
6944  k = 0;
6945  for(i = 0; i < 14; i++) {
6946  range->freq[k].i = i + 1; /* List index */
6947  range->freq[k].m = ieee80211_dsss_chan_to_freq(i + 1) * 100000;
6948  range->freq[k++].e = 1; /* Values in MHz -> * 10^5 * 10 */
6949  }
6950  range->num_frequency = k;
6951 
6952  range->sensitivity = 65535;
6953 
6954  /* Hum... Should put the right values there */
6955  if (local->rssi)
6956  range->max_qual.qual = 100; /* % */
6957  else
6958  range->max_qual.qual = airo_get_max_quality(&cap_rid);
6959  range->max_qual.level = 0x100 - 120; /* -120 dBm */
6960  range->max_qual.noise = 0x100 - 120; /* -120 dBm */
6961 
6962  /* Experimental measurements - boundary 11/5.5 Mb/s */
6963  /* Note : with or without the (local->rssi), results
6964  * are somewhat different. - Jean II */
6965  if (local->rssi) {
6966  range->avg_qual.qual = 50; /* % */
6967  range->avg_qual.level = 0x100 - 70; /* -70 dBm */
6968  } else {
6969  range->avg_qual.qual = airo_get_avg_quality(&cap_rid);
6970  range->avg_qual.level = 0x100 - 80; /* -80 dBm */
6971  }
6972  range->avg_qual.noise = 0x100 - 85; /* -85 dBm */
6973 
6974  for(i = 0 ; i < 8 ; i++) {
6975  range->bitrate[i] = cap_rid.supportedRates[i] * 500000;
6976  if(range->bitrate[i] == 0)
6977  break;
6978  }
6979  range->num_bitrates = i;
6980 
6981  /* Set an indication of the max TCP throughput
6982  * in bit/s that we can expect using this interface.
6983  * May be use for QoS stuff... Jean II */
6984  if(i > 2)
6985  range->throughput = 5000 * 1000;
6986  else
6987  range->throughput = 1500 * 1000;
6988 
6989  range->min_rts = 0;
6990  range->max_rts = AIRO_DEF_MTU;
6991  range->min_frag = 256;
6992  range->max_frag = AIRO_DEF_MTU;
6993 
6994  if(cap_rid.softCap & cpu_to_le16(2)) {
6995  // WEP: RC4 40 bits
6996  range->encoding_size[0] = 5;
6997  // RC4 ~128 bits
6998  if (cap_rid.softCap & cpu_to_le16(0x100)) {
6999  range->encoding_size[1] = 13;
7000  range->num_encoding_sizes = 2;
7001  } else
7002  range->num_encoding_sizes = 1;
7003  range->max_encoding_tokens =
7004  cap_rid.softCap & cpu_to_le16(0x80) ? 4 : 1;
7005  } else {
7006  range->num_encoding_sizes = 0;
7007  range->max_encoding_tokens = 0;
7008  }
7009  range->min_pmp = 0;
7010  range->max_pmp = 5000000; /* 5 secs */
7011  range->min_pmt = 0;
7012  range->max_pmt = 65535 * 1024; /* ??? */
7013  range->pmp_flags = IW_POWER_PERIOD;
7014  range->pmt_flags = IW_POWER_TIMEOUT;
7016 
7017  /* Transmit Power - values are in mW */
7018  for(i = 0 ; i < 8 ; i++) {
7019  range->txpower[i] = le16_to_cpu(cap_rid.txPowerLevels[i]);
7020  if(range->txpower[i] == 0)
7021  break;
7022  }
7023  range->num_txpower = i;
7024  range->txpower_capa = IW_TXPOW_MWATT;
7025  range->we_version_source = 19;
7028  range->retry_flags = IW_RETRY_LIMIT;
7030  range->min_retry = 1;
7031  range->max_retry = 65535;
7032  range->min_r_time = 1024;
7033  range->max_r_time = 65535 * 1024;
7034 
7035  /* Event capability (kernel + driver) */
7036  range->event_capa[0] = (IW_EVENT_CAPA_K_0 |
7040  range->event_capa[1] = IW_EVENT_CAPA_K_1;
7042  return 0;
7043 }
7044 
7045 /*------------------------------------------------------------------*/
7046 /*
7047  * Wireless Handler : set Power Management
7048  */
7049 static int airo_set_power(struct net_device *dev,
7050  struct iw_request_info *info,
7051  struct iw_param *vwrq,
7052  char *extra)
7053 {
7054  struct airo_info *local = dev->ml_priv;
7055 
7056  readConfigRid(local, 1);
7057  if (vwrq->disabled) {
7058  if (sniffing_mode(local))
7059  return -EINVAL;
7061  local->config.rmode &= ~RXMODE_MASK;
7062  local->config.rmode |= RXMODE_BC_MC_ADDR;
7063  set_bit (FLAG_COMMIT, &local->flags);
7064  return -EINPROGRESS; /* Call commit handler */
7065  }
7066  if ((vwrq->flags & IW_POWER_TYPE) == IW_POWER_TIMEOUT) {
7067  local->config.fastListenDelay = cpu_to_le16((vwrq->value + 500) / 1024);
7069  set_bit (FLAG_COMMIT, &local->flags);
7070  } else if ((vwrq->flags & IW_POWER_TYPE) == IW_POWER_PERIOD) {
7071  local->config.fastListenInterval =
7072  local->config.listenInterval =
7073  cpu_to_le16((vwrq->value + 500) / 1024);
7075  set_bit (FLAG_COMMIT, &local->flags);
7076  }
7077  switch (vwrq->flags & IW_POWER_MODE) {
7078  case IW_POWER_UNICAST_R:
7079  if (sniffing_mode(local))
7080  return -EINVAL;
7081  local->config.rmode &= ~RXMODE_MASK;
7082  local->config.rmode |= RXMODE_ADDR;
7083  set_bit (FLAG_COMMIT, &local->flags);
7084  break;
7085  case IW_POWER_ALL_R:
7086  if (sniffing_mode(local))
7087  return -EINVAL;
7088  local->config.rmode &= ~RXMODE_MASK;
7089  local->config.rmode |= RXMODE_BC_MC_ADDR;
7090  set_bit (FLAG_COMMIT, &local->flags);
7091  case IW_POWER_ON:
7092  /* This is broken, fixme ;-) */
7093  break;
7094  default:
7095  return -EINVAL;
7096  }
7097  // Note : we may want to factor local->need_commit here
7098  // Note2 : may also want to factor RXMODE_RFMON test
7099  return -EINPROGRESS; /* Call commit handler */
7100 }
7101 
7102 /*------------------------------------------------------------------*/
7103 /*
7104  * Wireless Handler : get Power Management
7105  */
7106 static int airo_get_power(struct net_device *dev,
7107  struct iw_request_info *info,
7108  struct iw_param *vwrq,
7109  char *extra)
7110 {
7111  struct airo_info *local = dev->ml_priv;
7112  __le16 mode;
7113 
7114  readConfigRid(local, 1);
7115  mode = local->config.powerSaveMode;
7116  if ((vwrq->disabled = (mode == POWERSAVE_CAM)))
7117  return 0;
7118  if ((vwrq->flags & IW_POWER_TYPE) == IW_POWER_TIMEOUT) {
7119  vwrq->value = le16_to_cpu(local->config.fastListenDelay) * 1024;
7120  vwrq->flags = IW_POWER_TIMEOUT;
7121  } else {
7122  vwrq->value = le16_to_cpu(local->config.fastListenInterval) * 1024;
7123  vwrq->flags = IW_POWER_PERIOD;
7124  }
7125  if ((local->config.rmode & RXMODE_MASK) == RXMODE_ADDR)
7126  vwrq->flags |= IW_POWER_UNICAST_R;
7127  else
7128  vwrq->flags |= IW_POWER_ALL_R;
7129 
7130  return 0;
7131 }
7132 
7133 /*------------------------------------------------------------------*/
7134 /*
7135  * Wireless Handler : set Sensitivity
7136  */
7137 static int airo_set_sens(struct net_device *dev,
7138  struct iw_request_info *info,
7139  struct iw_param *vwrq,
7140  char *extra)
7141 {
7142  struct airo_info *local = dev->ml_priv;
7143 
7144  readConfigRid(local, 1);
7145  local->config.rssiThreshold =
7146  cpu_to_le16(vwrq->disabled ? RSSI_DEFAULT : vwrq->value);
7147  set_bit (FLAG_COMMIT, &local->flags);
7148 
7149  return -EINPROGRESS; /* Call commit handler */
7150 }
7151 
7152 /*------------------------------------------------------------------*/
7153 /*
7154  * Wireless Handler : get Sensitivity
7155  */
7156 static int airo_get_sens(struct net_device *dev,
7157  struct iw_request_info *info,
7158  struct iw_param *vwrq,
7159  char *extra)
7160 {
7161  struct airo_info *local = dev->ml_priv;
7162 
7163  readConfigRid(local, 1);
7164  vwrq->value = le16_to_cpu(local->config.rssiThreshold);
7165  vwrq->disabled = (vwrq->value == 0);
7166  vwrq->fixed = 1;
7167 
7168  return 0;
7169 }
7170 
7171 /*------------------------------------------------------------------*/
7172 /*
7173  * Wireless Handler : get AP List
7174  * Note : this is deprecated in favor of IWSCAN
7175  */
7176 static int airo_get_aplist(struct net_device *dev,
7177  struct iw_request_info *info,
7178  struct iw_point *dwrq,
7179  char *extra)
7180 {
7181  struct airo_info *local = dev->ml_priv;
7182  struct sockaddr *address = (struct sockaddr *) extra;
7183  struct iw_quality *qual;
7184  BSSListRid BSSList;
7185  int i;
7186  int loseSync = capable(CAP_NET_ADMIN) ? 1: -1;
7187 
7188  qual = kmalloc(IW_MAX_AP * sizeof(*qual), GFP_KERNEL);
7189  if (!qual)
7190  return -ENOMEM;
7191 
7192  for (i = 0; i < IW_MAX_AP; i++) {
7193  u16 dBm;
7194  if (readBSSListRid(local, loseSync, &BSSList))
7195  break;
7196  loseSync = 0;
7197  memcpy(address[i].sa_data, BSSList.bssid, ETH_ALEN);
7198  address[i].sa_family = ARPHRD_ETHER;
7199  dBm = le16_to_cpu(BSSList.dBm);
7200  if (local->rssi) {
7201  qual[i].level = 0x100 - dBm;
7202  qual[i].qual = airo_dbm_to_pct(local->rssi, dBm);
7205  | IW_QUAL_DBM;
7206  } else {
7207  qual[i].level = (dBm + 321) / 2;
7208  qual[i].qual = 0;
7211  | IW_QUAL_DBM;
7212  }
7213  qual[i].noise = local->wstats.qual.noise;
7214  if (BSSList.index == cpu_to_le16(0xffff))
7215  break;
7216  }
7217  if (!i) {
7218  StatusRid status_rid; /* Card status info */
7219  readStatusRid(local, &status_rid, 1);
7220  for (i = 0;
7221  i < min(IW_MAX_AP, 4) &&
7222  (status_rid.bssid[i][0]
7223  & status_rid.bssid[i][1]
7224  & status_rid.bssid[i][2]
7225  & status_rid.bssid[i][3]
7226  & status_rid.bssid[i][4]
7227  & status_rid.bssid[i][5])!=0xff &&
7228  (status_rid.bssid[i][0]
7229  | status_rid.bssid[i][1]
7230  | status_rid.bssid[i][2]
7231  | status_rid.bssid[i][3]
7232  | status_rid.bssid[i][4]
7233  | status_rid.bssid[i][5]);
7234  i++) {
7235  memcpy(address[i].sa_data,
7236  status_rid.bssid[i], ETH_ALEN);
7237  address[i].sa_family = ARPHRD_ETHER;
7238  }
7239  } else {
7240  dwrq->flags = 1; /* Should be define'd */
7241  memcpy(extra + sizeof(struct sockaddr) * i, qual,
7242  sizeof(struct iw_quality) * i);
7243  }
7244  dwrq->length = i;
7245 
7246  kfree(qual);
7247  return 0;
7248 }
7249 
7250 /*------------------------------------------------------------------*/
7251 /*
7252  * Wireless Handler : Initiate Scan
7253  */
7254 static int airo_set_scan(struct net_device *dev,
7255  struct iw_request_info *info,
7256  struct iw_point *dwrq,
7257  char *extra)
7258 {
7259  struct airo_info *ai = dev->ml_priv;
7260  Cmd cmd;
7261  Resp rsp;
7262  int wake = 0;
7263 
7264  /* Note : you may have realised that, as this is a SET operation,
7265  * this is privileged and therefore a normal user can't
7266  * perform scanning.
7267  * This is not an error, while the device perform scanning,
7268  * traffic doesn't flow, so it's a perfect DoS...
7269  * Jean II */
7270  if (ai->flags & FLAG_RADIO_MASK) return -ENETDOWN;
7271 
7272  if (down_interruptible(&ai->sem))
7273  return -ERESTARTSYS;
7274 
7275  /* If there's already a scan in progress, don't
7276  * trigger another one. */
7277  if (ai->scan_timeout > 0)
7278  goto out;
7279 
7280  /* Initiate a scan command */
7281  ai->scan_timeout = RUN_AT(3*HZ);
7282  memset(&cmd, 0, sizeof(cmd));
7283  cmd.cmd=CMD_LISTBSS;
7284  issuecommand(ai, &cmd, &rsp);
7285  wake = 1;
7286 
7287 out:
7288  up(&ai->sem);
7289  if (wake)
7291  return 0;
7292 }
7293 
7294 /*------------------------------------------------------------------*/
7295 /*
7296  * Translate scan data returned from the card to a card independent
7297  * format that the Wireless Tools will understand - Jean II
7298  */
7299 static inline char *airo_translate_scan(struct net_device *dev,
7300  struct iw_request_info *info,
7301  char *current_ev,
7302  char *end_buf,
7303  BSSListRid *bss)
7304 {
7305  struct airo_info *ai = dev->ml_priv;
7306  struct iw_event iwe; /* Temporary buffer */
7308  char * current_val; /* For rates */
7309  int i;
7310  char * buf;
7311  u16 dBm;
7312 
7313  /* First entry *MUST* be the AP MAC address */
7314  iwe.cmd = SIOCGIWAP;
7315  iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
7316  memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
7317  current_ev = iwe_stream_add_event(info, current_ev, end_buf,
7318  &iwe, IW_EV_ADDR_LEN);
7319 
7320  /* Other entries will be displayed in the order we give them */
7321 
7322  /* Add the ESSID */
7323  iwe.u.data.length = bss->ssidLen;
7324  if(iwe.u.data.length > 32)
7325  iwe.u.data.length = 32;
7326  iwe.cmd = SIOCGIWESSID;
7327  iwe.u.data.flags = 1;
7328  current_ev = iwe_stream_add_point(info, current_ev, end_buf,
7329  &iwe, bss->ssid);
7330 
7331  /* Add mode */
7332  iwe.cmd = SIOCGIWMODE;
7333  capabilities = bss->cap;
7334  if(capabilities & (CAP_ESS | CAP_IBSS)) {
7335  if(capabilities & CAP_ESS)
7336  iwe.u.mode = IW_MODE_MASTER;
7337  else
7338  iwe.u.mode = IW_MODE_ADHOC;
7339  current_ev = iwe_stream_add_event(info, current_ev, end_buf,
7340  &iwe, IW_EV_UINT_LEN);
7341  }
7342 
7343  /* Add frequency */
7344  iwe.cmd = SIOCGIWFREQ;
7345  iwe.u.freq.m = le16_to_cpu(bss->dsChannel);
7346  iwe.u.freq.m = ieee80211_dsss_chan_to_freq(iwe.u.freq.m) * 100000;
7347  iwe.u.freq.e = 1;
7348  current_ev = iwe_stream_add_event(info, current_ev, end_buf,
7349  &iwe, IW_EV_FREQ_LEN);
7350 
7351  dBm = le16_to_cpu(bss->dBm);
7352 
7353  /* Add quality statistics */
7354  iwe.cmd = IWEVQUAL;
7355  if (ai->rssi) {
7356  iwe.u.qual.level = 0x100 - dBm;
7357  iwe.u.qual.qual = airo_dbm_to_pct(ai->rssi, dBm);
7358  iwe.u.qual.updated = IW_QUAL_QUAL_UPDATED
7360  | IW_QUAL_DBM;
7361  } else {
7362  iwe.u.qual.level = (dBm + 321) / 2;
7363  iwe.u.qual.qual = 0;
7364  iwe.u.qual.updated = IW_QUAL_QUAL_INVALID
7366  | IW_QUAL_DBM;
7367  }
7368  iwe.u.qual.noise = ai->wstats.qual.noise;
7369  current_ev = iwe_stream_add_event(info, current_ev, end_buf,
7370  &iwe, IW_EV_QUAL_LEN);
7371 
7372  /* Add encryption capability */
7373  iwe.cmd = SIOCGIWENCODE;
7374  if(capabilities & CAP_PRIVACY)
7375  iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
7376  else
7377  iwe.u.data.flags = IW_ENCODE_DISABLED;
7378  iwe.u.data.length = 0;
7379  current_ev = iwe_stream_add_point(info, current_ev, end_buf,
7380  &iwe, bss->ssid);
7381 
7382  /* Rate : stuffing multiple values in a single event require a bit
7383  * more of magic - Jean II */
7384  current_val = current_ev + iwe_stream_lcp_len(info);
7385 
7386  iwe.cmd = SIOCGIWRATE;
7387  /* Those two flags are ignored... */
7388  iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
7389  /* Max 8 values */
7390  for(i = 0 ; i < 8 ; i++) {
7391  /* NULL terminated */
7392  if(bss->rates[i] == 0)
7393  break;
7394  /* Bit rate given in 500 kb/s units (+ 0x80) */
7395  iwe.u.bitrate.value = ((bss->rates[i] & 0x7f) * 500000);
7396  /* Add new value to event */
7397  current_val = iwe_stream_add_value(info, current_ev,
7398  current_val, end_buf,
7399  &iwe, IW_EV_PARAM_LEN);
7400  }
7401  /* Check if we added any event */
7402  if ((current_val - current_ev) > iwe_stream_lcp_len(info))
7403  current_ev = current_val;
7404 
7405  /* Beacon interval */
7406  buf = kmalloc(30, GFP_KERNEL);
7407  if (buf) {
7408  iwe.cmd = IWEVCUSTOM;
7409  sprintf(buf, "bcn_int=%d", bss->beaconInterval);
7410  iwe.u.data.length = strlen(buf);
7411  current_ev = iwe_stream_add_point(info, current_ev, end_buf,
7412  &iwe, buf);
7413  kfree(buf);
7414  }
7415 
7416  /* Put WPA/RSN Information Elements into the event stream */
7417  if (test_bit(FLAG_WPA_CAPABLE, &ai->flags)) {
7418  unsigned int num_null_ies = 0;
7419  u16 length = sizeof (bss->extra.iep);
7420  u8 *ie = (void *)&bss->extra.iep;
7421 
7422  while ((length >= 2) && (num_null_ies < 2)) {
7423  if (2 + ie[1] > length) {
7424  /* Invalid element, don't continue parsing IE */
7425  break;
7426  }
7427 
7428  switch (ie[0]) {
7429  case WLAN_EID_SSID:
7430  /* Two zero-length SSID elements
7431  * mean we're done parsing elements */
7432  if (!ie[1])
7433  num_null_ies++;
7434  break;
7435 
7436  case WLAN_EID_GENERIC:
7437  if (ie[1] >= 4 &&
7438  ie[2] == 0x00 &&
7439  ie[3] == 0x50 &&
7440  ie[4] == 0xf2 &&
7441  ie[5] == 0x01) {
7442  iwe.cmd = IWEVGENIE;
7443  /* 64 is an arbitrary cut-off */
7444  iwe.u.data.length = min(ie[1] + 2,
7445  64);
7446  current_ev = iwe_stream_add_point(
7447  info, current_ev,
7448  end_buf, &iwe, ie);
7449  }
7450  break;
7451 
7452  case WLAN_EID_RSN:
7453  iwe.cmd = IWEVGENIE;
7454  /* 64 is an arbitrary cut-off */
7455  iwe.u.data.length = min(ie[1] + 2, 64);
7456  current_ev = iwe_stream_add_point(
7457  info, current_ev, end_buf,
7458  &iwe, ie);
7459  break;
7460 
7461  default:
7462  break;
7463  }
7464 
7465  length -= 2 + ie[1];
7466  ie += 2 + ie[1];
7467  }
7468  }
7469  return current_ev;
7470 }
7471 
7472 /*------------------------------------------------------------------*/
7473 /*
7474  * Wireless Handler : Read Scan Results
7475  */
7476 static int airo_get_scan(struct net_device *dev,
7477  struct iw_request_info *info,
7478  struct iw_point *dwrq,
7479  char *extra)
7480 {
7481  struct airo_info *ai = dev->ml_priv;
7483  int err = 0;
7484  char *current_ev = extra;
7485 
7486  /* If a scan is in-progress, return -EAGAIN */
7487  if (ai->scan_timeout > 0)
7488  return -EAGAIN;
7489 
7490  if (down_interruptible(&ai->sem))
7491  return -EAGAIN;
7492 
7493  list_for_each_entry (net, &ai->network_list, list) {
7494  /* Translate to WE format this entry */
7495  current_ev = airo_translate_scan(dev, info, current_ev,
7496  extra + dwrq->length,
7497  &net->bss);
7498 
7499  /* Check if there is space for one more entry */
7500  if((extra + dwrq->length - current_ev) <= IW_EV_ADDR_LEN) {
7501  /* Ask user space to try again with a bigger buffer */
7502  err = -E2BIG;
7503  goto out;
7504  }
7505  }
7506 
7507  /* Length of data */
7508  dwrq->length = (current_ev - extra);
7509  dwrq->flags = 0; /* todo */
7510 
7511 out:
7512  up(&ai->sem);
7513  return err;
7514 }
7515 
7516 /*------------------------------------------------------------------*/
7517 /*
7518  * Commit handler : called after a bunch of SET operations
7519  */
7520 static int airo_config_commit(struct net_device *dev,
7521  struct iw_request_info *info, /* NULL */
7522  void *zwrq, /* NULL */
7523  char *extra) /* NULL */
7524 {
7525  struct airo_info *local = dev->ml_priv;
7526 
7527  if (!test_bit (FLAG_COMMIT, &local->flags))
7528  return 0;
7529 
7530  /* Some of the "SET" function may have modified some of the
7531  * parameters. It's now time to commit them in the card */
7532  disable_MAC(local, 1);
7533  if (test_bit (FLAG_RESET, &local->flags)) {
7534  APListRid APList_rid;
7535  SsidRid SSID_rid;
7536 
7537  readAPListRid(local, &APList_rid);
7538  readSsidRid(local, &SSID_rid);
7539  if (test_bit(FLAG_MPI,&local->flags))
7540  setup_card(local, dev->dev_addr, 1 );
7541  else
7542  reset_airo_card(dev);
7543  disable_MAC(local, 1);
7544  writeSsidRid(local, &SSID_rid, 1);
7545  writeAPListRid(local, &APList_rid, 1);
7546  }
7547  if (down_interruptible(&local->sem))
7548  return -ERESTARTSYS;
7549  writeConfigRid(local, 0);
7550  enable_MAC(local, 0);
7551  if (test_bit (FLAG_RESET, &local->flags))
7552  airo_set_promisc(local);
7553  else
7554  up(&local->sem);
7555 
7556  return 0;
7557 }
7558 
7559 /*------------------------------------------------------------------*/
7560 /*
7561  * Structures to export the Wireless Handlers
7562  */
7563 
7564 static const struct iw_priv_args airo_private_args[] = {
7565 /*{ cmd, set_args, get_args, name } */
7567  IW_PRIV_TYPE_BYTE | 2047, "airoioctl" },
7569  IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "airoidifc" },
7570 };
7571 
7572 static const iw_handler airo_handler[] =
7573 {
7574  (iw_handler) airo_config_commit, /* SIOCSIWCOMMIT */
7575  (iw_handler) airo_get_name, /* SIOCGIWNAME */
7576  (iw_handler) NULL, /* SIOCSIWNWID */
7577  (iw_handler) NULL, /* SIOCGIWNWID */
7578  (iw_handler) airo_set_freq, /* SIOCSIWFREQ */
7579  (iw_handler) airo_get_freq, /* SIOCGIWFREQ */
7580  (iw_handler) airo_set_mode, /* SIOCSIWMODE */
7581  (iw_handler) airo_get_mode, /* SIOCGIWMODE */
7582  (iw_handler) airo_set_sens, /* SIOCSIWSENS */
7583  (iw_handler) airo_get_sens, /* SIOCGIWSENS */
7584  (iw_handler) NULL, /* SIOCSIWRANGE */
7585  (iw_handler) airo_get_range, /* SIOCGIWRANGE */
7586  (iw_handler) NULL, /* SIOCSIWPRIV */
7587  (iw_handler) NULL, /* SIOCGIWPRIV */
7588  (iw_handler) NULL, /* SIOCSIWSTATS */
7589  (iw_handler) NULL, /* SIOCGIWSTATS */
7590  iw_handler_set_spy, /* SIOCSIWSPY */
7591  iw_handler_get_spy, /* SIOCGIWSPY */
7592  iw_handler_set_thrspy, /* SIOCSIWTHRSPY */
7593  iw_handler_get_thrspy, /* SIOCGIWTHRSPY */
7594  (iw_handler) airo_set_wap, /* SIOCSIWAP */
7595  (iw_handler) airo_get_wap, /* SIOCGIWAP */
7596  (iw_handler) NULL, /* -- hole -- */
7597  (iw_handler) airo_get_aplist, /* SIOCGIWAPLIST */
7598  (iw_handler) airo_set_scan, /* SIOCSIWSCAN */
7599  (iw_handler) airo_get_scan, /* SIOCGIWSCAN */
7600  (iw_handler) airo_set_essid, /* SIOCSIWESSID */
7601  (iw_handler) airo_get_essid, /* SIOCGIWESSID */
7602  (iw_handler) airo_set_nick, /* SIOCSIWNICKN */
7603  (iw_handler) airo_get_nick, /* SIOCGIWNICKN */
7604  (iw_handler) NULL, /* -- hole -- */
7605  (iw_handler) NULL, /* -- hole -- */
7606  (iw_handler) airo_set_rate, /* SIOCSIWRATE */
7607  (iw_handler) airo_get_rate, /* SIOCGIWRATE */
7608  (iw_handler) airo_set_rts, /* SIOCSIWRTS */
7609  (iw_handler) airo_get_rts, /* SIOCGIWRTS */
7610  (iw_handler) airo_set_frag, /* SIOCSIWFRAG */
7611  (iw_handler) airo_get_frag, /* SIOCGIWFRAG */
7612  (iw_handler) airo_set_txpow, /* SIOCSIWTXPOW */
7613  (iw_handler) airo_get_txpow, /* SIOCGIWTXPOW */
7614  (iw_handler) airo_set_retry, /* SIOCSIWRETRY */
7615  (iw_handler) airo_get_retry, /* SIOCGIWRETRY */
7616  (iw_handler) airo_set_encode, /* SIOCSIWENCODE */
7617  (iw_handler) airo_get_encode, /* SIOCGIWENCODE */
7618  (iw_handler) airo_set_power, /* SIOCSIWPOWER */
7619  (iw_handler) airo_get_power, /* SIOCGIWPOWER */
7620  (iw_handler) NULL, /* -- hole -- */
7621  (iw_handler) NULL, /* -- hole -- */
7622  (iw_handler) NULL, /* SIOCSIWGENIE */
7623  (iw_handler) NULL, /* SIOCGIWGENIE */
7624  (iw_handler) airo_set_auth, /* SIOCSIWAUTH */
7625  (iw_handler) airo_get_auth, /* SIOCGIWAUTH */
7626  (iw_handler) airo_set_encodeext, /* SIOCSIWENCODEEXT */
7627  (iw_handler) airo_get_encodeext, /* SIOCGIWENCODEEXT */
7628  (iw_handler) NULL, /* SIOCSIWPMKSA */
7629 };
7630 
7631 /* Note : don't describe AIROIDIFC and AIROOLDIDIFC in here.
7632  * We want to force the use of the ioctl code, because those can't be
7633  * won't work the iw_handler code (because they simultaneously read
7634  * and write data and iw_handler can't do that).
7635  * Note that it's perfectly legal to read/write on a single ioctl command,
7636  * you just can't use iwpriv and need to force it via the ioctl handler.
7637  * Jean II */
7638 static const iw_handler airo_private_handler[] =
7639 {
7640  NULL, /* SIOCIWFIRSTPRIV */
7641 };
7642 
7643 static const struct iw_handler_def airo_handler_def =
7644 {
7645  .num_standard = ARRAY_SIZE(airo_handler),
7646  .num_private = ARRAY_SIZE(airo_private_handler),
7647  .num_private_args = ARRAY_SIZE(airo_private_args),
7648  .standard = airo_handler,
7649  .private = airo_private_handler,
7650  .private_args = airo_private_args,
7651  .get_wireless_stats = airo_get_wireless_stats,
7652 };
7653 
7654 /*
7655  * This defines the configuration part of the Wireless Extensions
7656  * Note : irq and spinlock protection will occur in the subroutines
7657  *
7658  * TODO :
7659  * o Check input value more carefully and fill correct values in range
7660  * o Test and shakeout the bugs (if any)
7661  *
7662  * Jean II
7663  *
7664  * Javier Achirica did a great job of merging code from the unnamed CISCO
7665  * developer that added support for flashing the card.
7666  */
7667 static int airo_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
7668 {
7669  int rc = 0;
7670  struct airo_info *ai = dev->ml_priv;
7671 
7672  if (ai->power.event)
7673  return 0;
7674 
7675  switch (cmd) {
7676 #ifdef CISCO_EXT
7677  case AIROIDIFC:
7678 #ifdef AIROOLDIDIFC
7679  case AIROOLDIDIFC:
7680 #endif
7681  {
7682  int val = AIROMAGIC;
7683  aironet_ioctl com;
7684  if (copy_from_user(&com,rq->ifr_data,sizeof(com)))
7685  rc = -EFAULT;
7686  else if (copy_to_user(com.data,(char *)&val,sizeof(val)))
7687  rc = -EFAULT;
7688  }
7689  break;
7690 
7691  case AIROIOCTL:
7692 #ifdef AIROOLDIOCTL
7693  case AIROOLDIOCTL:
7694 #endif
7695  /* Get the command struct and hand it off for evaluation by
7696  * the proper subfunction
7697  */
7698  {
7699  aironet_ioctl com;
7700  if (copy_from_user(&com,rq->ifr_data,sizeof(com))) {
7701  rc = -EFAULT;
7702  break;
7703  }
7704 
7705  /* Separate R/W functions bracket legality here
7706  */
7707  if ( com.command == AIRORSWVERSION ) {
7708  if (copy_to_user(com.data, swversion, sizeof(swversion)))
7709  rc = -EFAULT;
7710  else
7711  rc = 0;
7712  }
7713  else if ( com.command <= AIRORRID)
7714  rc = readrids(dev,&com);
7715  else if ( com.command >= AIROPCAP && com.command <= (AIROPLEAPUSR+2) )
7716  rc = writerids(dev,&com);
7717  else if ( com.command >= AIROFLSHRST && com.command <= AIRORESTART )
7718  rc = flashcard(dev,&com);
7719  else
7720  rc = -EINVAL; /* Bad command in ioctl */
7721  }
7722  break;
7723 #endif /* CISCO_EXT */
7724 
7725  // All other calls are currently unsupported
7726  default:
7727  rc = -EOPNOTSUPP;
7728  }
7729  return rc;
7730 }
7731 
7732 /*
7733  * Get the Wireless stats out of the driver
7734  * Note : irq and spinlock protection will occur in the subroutines
7735  *
7736  * TODO :
7737  * o Check if work in Ad-Hoc mode (otherwise, use SPY, as in wvlan_cs)
7738  *
7739  * Jean
7740  */
7741 static void airo_read_wireless_stats(struct airo_info *local)
7742 {
7743  StatusRid status_rid;
7744  StatsRid stats_rid;
7745  CapabilityRid cap_rid;
7746  __le32 *vals = stats_rid.vals;
7747 
7748  /* Get stats out of the card */
7749  clear_bit(JOB_WSTATS, &local->jobs);
7750  if (local->power.event) {
7751  up(&local->sem);
7752  return;
7753  }
7754  readCapabilityRid(local, &cap_rid, 0);
7755  readStatusRid(local, &status_rid, 0);
7756  readStatsRid(local, &stats_rid, RID_STATS, 0);
7757  up(&local->sem);
7758 
7759  /* The status */
7760  local->wstats.status = le16_to_cpu(status_rid.mode);
7761 
7762  /* Signal quality and co */
7763  if (local->rssi) {
7764  local->wstats.qual.level =
7765  airo_rssi_to_dbm(local->rssi,
7766  le16_to_cpu(status_rid.sigQuality));
7767  /* normalizedSignalStrength appears to be a percentage */
7768  local->wstats.qual.qual =
7770  } else {
7771  local->wstats.qual.level =
7772  (le16_to_cpu(status_rid.normalizedSignalStrength) + 321) / 2;
7773  local->wstats.qual.qual = airo_get_quality(&status_rid, &cap_rid);
7774  }
7775  if (le16_to_cpu(status_rid.len) >= 124) {
7776  local->wstats.qual.noise = 0x100 - status_rid.noisedBm;
7777  local->wstats.qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
7778  } else {
7779  local->wstats.qual.noise = 0;
7781  }
7782 
7783  /* Packets discarded in the wireless adapter due to wireless
7784  * specific problems */
7785  local->wstats.discard.nwid = le32_to_cpu(vals[56]) +
7786  le32_to_cpu(vals[57]) +
7787  le32_to_cpu(vals[58]); /* SSID Mismatch */
7788  local->wstats.discard.code = le32_to_cpu(vals[6]);/* RxWepErr */
7789  local->wstats.discard.fragment = le32_to_cpu(vals[30]);
7790  local->wstats.discard.retries = le32_to_cpu(vals[10]);
7791  local->wstats.discard.misc = le32_to_cpu(vals[1]) +
7792  le32_to_cpu(vals[32]);
7793  local->wstats.miss.beacon = le32_to_cpu(vals[34]);
7794 }
7795 
7796 static struct iw_statistics *airo_get_wireless_stats(struct net_device *dev)
7797 {
7798  struct airo_info *local = dev->ml_priv;
7799 
7800  if (!test_bit(JOB_WSTATS, &local->jobs)) {
7801  /* Get stats out of the card if available */
7802  if (down_trylock(&local->sem) != 0) {
7803  set_bit(JOB_WSTATS, &local->jobs);
7805  } else
7806  airo_read_wireless_stats(local);
7807  }
7808 
7809  return &local->wstats;
7810 }
7811 
7812 #ifdef CISCO_EXT
7813 /*
7814  * This just translates from driver IOCTL codes to the command codes to
7815  * feed to the radio's host interface. Things can be added/deleted
7816  * as needed. This represents the READ side of control I/O to
7817  * the card
7818  */
7819 static int readrids(struct net_device *dev, aironet_ioctl *comp) {
7820  unsigned short ridcode;
7821  unsigned char *iobuf;
7822  int len;
7823  struct airo_info *ai = dev->ml_priv;
7824 
7825  if (test_bit(FLAG_FLASHING, &ai->flags))
7826  return -EIO;
7827 
7828  switch(comp->command)
7829  {
7830  case AIROGCAP: ridcode = RID_CAPABILITIES; break;
7831  case AIROGCFG: ridcode = RID_CONFIG;
7832  if (test_bit(FLAG_COMMIT, &ai->flags)) {
7833  disable_MAC (ai, 1);
7834  writeConfigRid (ai, 1);
7835  enable_MAC(ai, 1);
7836  }
7837  break;
7838  case AIROGSLIST: ridcode = RID_SSID; break;
7839  case AIROGVLIST: ridcode = RID_APLIST; break;
7840  case AIROGDRVNAM: ridcode = RID_DRVNAME; break;
7841  case AIROGEHTENC: ridcode = RID_ETHERENCAP; break;
7842  case AIROGWEPKTMP: ridcode = RID_WEP_TEMP;
7843  /* Only super-user can read WEP keys */
7844  if (!capable(CAP_NET_ADMIN))
7845  return -EPERM;
7846  break;
7847  case AIROGWEPKNV: ridcode = RID_WEP_PERM;
7848  /* Only super-user can read WEP keys */
7849  if (!capable(CAP_NET_ADMIN))
7850  return -EPERM;
7851  break;
7852  case AIROGSTAT: ridcode = RID_STATUS; break;
7853  case AIROGSTATSD32: ridcode = RID_STATSDELTA; break;
7854  case AIROGSTATSC32: ridcode = RID_STATS; break;
7855  case AIROGMICSTATS:
7856  if (copy_to_user(comp->data, &ai->micstats,
7857  min((int)comp->len,(int)sizeof(ai->micstats))))
7858  return -EFAULT;
7859  return 0;
7860  case AIRORRID: ridcode = comp->ridnum; break;
7861  default:
7862  return -EINVAL;
7863  break;
7864  }
7865 
7866  if ((iobuf = kmalloc(RIDSIZE, GFP_KERNEL)) == NULL)
7867  return -ENOMEM;
7868 
7869  PC4500_readrid(ai,ridcode,iobuf,RIDSIZE, 1);
7870  /* get the count of bytes in the rid docs say 1st 2 bytes is it.
7871  * then return it to the user
7872  * 9/22/2000 Honor user given length
7873  */
7874  len = comp->len;
7875 
7876  if (copy_to_user(comp->data, iobuf, min(len, (int)RIDSIZE))) {
7877  kfree (iobuf);
7878  return -EFAULT;
7879  }
7880  kfree (iobuf);
7881  return 0;
7882 }
7883 
7884 /*
7885  * Danger Will Robinson write the rids here
7886  */
7887 
7888 static int writerids(struct net_device *dev, aironet_ioctl *comp) {
7889  struct airo_info *ai = dev->ml_priv;
7890  int ridcode;
7891  int enabled;
7892  static int (* writer)(struct airo_info *, u16 rid, const void *, int, int);
7893  unsigned char *iobuf;
7894 
7895  /* Only super-user can write RIDs */
7896  if (!capable(CAP_NET_ADMIN))
7897  return -EPERM;
7898 
7899  if (test_bit(FLAG_FLASHING, &ai->flags))
7900  return -EIO;
7901 
7902  ridcode = 0;
7903  writer = do_writerid;
7904 
7905  switch(comp->command)
7906  {
7907  case AIROPSIDS: ridcode = RID_SSID; break;
7908  case AIROPCAP: ridcode = RID_CAPABILITIES; break;
7909  case AIROPAPLIST: ridcode = RID_APLIST; break;
7910  case AIROPCFG: ai->config.len = 0;
7911  clear_bit(FLAG_COMMIT, &ai->flags);
7912  ridcode = RID_CONFIG; break;
7913  case AIROPWEPKEYNV: ridcode = RID_WEP_PERM; break;
7914  case AIROPLEAPUSR: ridcode = RID_LEAPUSERNAME; break;
7915  case AIROPLEAPPWD: ridcode = RID_LEAPPASSWORD; break;
7916  case AIROPWEPKEY: ridcode = RID_WEP_TEMP; writer = PC4500_writerid;
7917  break;
7918  case AIROPLEAPUSR+1: ridcode = 0xFF2A; break;
7919  case AIROPLEAPUSR+2: ridcode = 0xFF2B; break;
7920 
7921  /* this is not really a rid but a command given to the card
7922  * same with MAC off
7923  */
7924  case AIROPMACON:
7925  if (enable_MAC(ai, 1) != 0)
7926  return -EIO;
7927  return 0;
7928 
7929  /*
7930  * Evidently this code in the airo driver does not get a symbol
7931  * as disable_MAC. it's probably so short the compiler does not gen one.
7932  */
7933  case AIROPMACOFF:
7934  disable_MAC(ai, 1);
7935  return 0;
7936 
7937  /* This command merely clears the counts does not actually store any data
7938  * only reads rid. But as it changes the cards state, I put it in the
7939  * writerid routines.
7940  */
7941  case AIROPSTCLR:
7942  if ((iobuf = kmalloc(RIDSIZE, GFP_KERNEL)) == NULL)
7943  return -ENOMEM;
7944 
7945  PC4500_readrid(ai,RID_STATSDELTACLEAR,iobuf,RIDSIZE, 1);
7946 
7947  enabled = ai->micstats.enabled;
7948  memset(&ai->micstats,0,sizeof(ai->micstats));
7949  ai->micstats.enabled = enabled;
7950 
7951  if (copy_to_user(comp->data, iobuf,
7952  min((int)comp->len, (int)RIDSIZE))) {
7953  kfree (iobuf);
7954  return -EFAULT;
7955  }
7956  kfree (iobuf);
7957  return 0;
7958 
7959  default:
7960  return -EOPNOTSUPP; /* Blarg! */
7961  }
7962  if(comp->len > RIDSIZE)
7963  return -EINVAL;
7964 
7965  if ((iobuf = kmalloc(RIDSIZE, GFP_KERNEL)) == NULL)
7966  return -ENOMEM;
7967 
7968  if (copy_from_user(iobuf,comp->data,comp->len)) {
7969  kfree (iobuf);
7970  return -EFAULT;
7971  }
7972 
7973  if (comp->command == AIROPCFG) {
7974  ConfigRid *cfg = (ConfigRid *)iobuf;
7975 
7976  if (test_bit(FLAG_MIC_CAPABLE, &ai->flags))
7977  cfg->opmode |= MODE_MIC;
7978 
7979  if ((cfg->opmode & MODE_CFG_MASK) == MODE_STA_IBSS)
7980  set_bit (FLAG_ADHOC, &ai->flags);
7981  else
7982  clear_bit (FLAG_ADHOC, &ai->flags);
7983  }
7984 
7985  if((*writer)(ai, ridcode, iobuf,comp->len,1)) {
7986  kfree (iobuf);
7987  return -EIO;
7988  }
7989  kfree (iobuf);
7990  return 0;
7991 }
7992 
7993 /*****************************************************************************
7994  * Ancillary flash / mod functions much black magic lurkes here *
7995  *****************************************************************************
7996  */
7997 
7998 /*
7999  * Flash command switch table
8000  */
8001 
8002 static int flashcard(struct net_device *dev, aironet_ioctl *comp) {
8003  int z;
8004 
8005  /* Only super-user can modify flash */
8006  if (!capable(CAP_NET_ADMIN))
8007  return -EPERM;
8008 
8009  switch(comp->command)
8010  {
8011  case AIROFLSHRST:
8012  return cmdreset((struct airo_info *)dev->ml_priv);
8013 
8014  case AIROFLSHSTFL:
8015  if (!AIRO_FLASH(dev) &&
8016  (AIRO_FLASH(dev) = kmalloc(FLASHSIZE, GFP_KERNEL)) == NULL)
8017  return -ENOMEM;
8018  return setflashmode((struct airo_info *)dev->ml_priv);
8019 
8020  case AIROFLSHGCHR: /* Get char from aux */
8021  if(comp->len != sizeof(int))
8022  return -EINVAL;
8023  if (copy_from_user(&z,comp->data,comp->len))
8024  return -EFAULT;
8025  return flashgchar((struct airo_info *)dev->ml_priv, z, 8000);
8026 
8027  case AIROFLSHPCHR: /* Send char to card. */
8028  if(comp->len != sizeof(int))
8029  return -EINVAL;
8030  if (copy_from_user(&z,comp->data,comp->len))
8031  return -EFAULT;
8032  return flashpchar((struct airo_info *)dev->ml_priv, z, 8000);
8033 
8034  case AIROFLPUTBUF: /* Send 32k to card */
8035  if (!AIRO_FLASH(dev))
8036  return -ENOMEM;
8037  if(comp->len > FLASHSIZE)
8038  return -EINVAL;
8039  if (copy_from_user(AIRO_FLASH(dev), comp->data, comp->len))
8040  return -EFAULT;
8041 
8042  flashputbuf((struct airo_info *)dev->ml_priv);
8043  return 0;
8044 
8045  case AIRORESTART:
8046  if (flashrestart((struct airo_info *)dev->ml_priv, dev))
8047  return -EIO;
8048  return 0;
8049  }
8050  return -EINVAL;
8051 }
8052 
8053 #define FLASH_COMMAND 0x7e7e
8054 
8055 /*
8056  * STEP 1)
8057  * Disable MAC and do soft reset on
8058  * card.
8059  */
8060 
8061 static int cmdreset(struct airo_info *ai) {
8062  disable_MAC(ai, 1);
8063 
8064  if(!waitbusy (ai)){
8065  airo_print_info(ai->dev->name, "Waitbusy hang before RESET");
8066  return -EBUSY;
8067  }
8068 
8069  OUT4500(ai,COMMAND,CMD_SOFTRESET);
8070 
8071  ssleep(1); /* WAS 600 12/7/00 */
8072 
8073  if(!waitbusy (ai)){
8074  airo_print_info(ai->dev->name, "Waitbusy hang AFTER RESET");
8075  return -EBUSY;
8076  }
8077  return 0;
8078 }
8079 
8080 /* STEP 2)
8081  * Put the card in legendary flash
8082  * mode
8083  */
8084 
8085 static int setflashmode (struct airo_info *ai) {
8086  set_bit (FLAG_FLASHING, &ai->flags);
8087 
8088  OUT4500(ai, SWS0, FLASH_COMMAND);
8089  OUT4500(ai, SWS1, FLASH_COMMAND);
8090  if (probe) {
8091  OUT4500(ai, SWS0, FLASH_COMMAND);
8092  OUT4500(ai, COMMAND,0x10);
8093  } else {
8094  OUT4500(ai, SWS2, FLASH_COMMAND);
8095  OUT4500(ai, SWS3, FLASH_COMMAND);
8096  OUT4500(ai, COMMAND,0);
8097  }
8098  msleep(500); /* 500ms delay */
8099 
8100  if(!waitbusy(ai)) {
8101  clear_bit (FLAG_FLASHING, &ai->flags);
8102  airo_print_info(ai->dev->name, "Waitbusy hang after setflash mode");
8103  return -EIO;
8104  }
8105  return 0;
8106 }
8107 
8108 /* Put character to SWS0 wait for dwelltime
8109  * x 50us for echo .
8110  */
8111 
8112 static int flashpchar(struct airo_info *ai,int byte,int dwelltime) {
8113  int echo;
8114  int waittime;
8115 
8116  byte |= 0x8000;
8117 
8118  if(dwelltime == 0 )
8119  dwelltime = 200;
8120 
8121  waittime=dwelltime;
8122 
8123  /* Wait for busy bit d15 to go false indicating buffer empty */
8124  while ((IN4500 (ai, SWS0) & 0x8000) && waittime > 0) {
8125  udelay (50);
8126  waittime -= 50;
8127  }
8128 
8129  /* timeout for busy clear wait */
8130  if(waittime <= 0 ){
8131  airo_print_info(ai->dev->name, "flash putchar busywait timeout!");
8132  return -EBUSY;
8133  }
8134 
8135  /* Port is clear now write byte and wait for it to echo back */
8136  do {
8137  OUT4500(ai,SWS0,byte);
8138  udelay(50);
8139  dwelltime -= 50;
8140  echo = IN4500(ai,SWS1);
8141  } while (dwelltime >= 0 && echo != byte);
8142 
8143  OUT4500(ai,SWS1,0);
8144 
8145  return (echo == byte) ? 0 : -EIO;
8146 }
8147 
8148 /*
8149  * Get a character from the card matching matchbyte
8150  * Step 3)
8151  */
8152 static int flashgchar(struct airo_info *ai,int matchbyte,int dwelltime){
8153  int rchar;
8154  unsigned char rbyte=0;
8155 
8156  do {
8157  rchar = IN4500(ai,SWS1);
8158 
8159  if(dwelltime && !(0x8000 & rchar)){
8160  dwelltime -= 10;
8161  mdelay(10);
8162  continue;
8163  }
8164  rbyte = 0xff & rchar;
8165 
8166  if( (rbyte == matchbyte) && (0x8000 & rchar) ){
8167  OUT4500(ai,SWS1,0);
8168  return 0;
8169  }
8170  if( rbyte == 0x81 || rbyte == 0x82 || rbyte == 0x83 || rbyte == 0x1a || 0xffff == rchar)
8171  break;
8172  OUT4500(ai,SWS1,0);
8173 
8174  }while(dwelltime > 0);
8175  return -EIO;
8176 }
8177 
8178 /*
8179  * Transfer 32k of firmware data from user buffer to our buffer and
8180  * send to the card
8181  */
8182 
8183 static int flashputbuf(struct airo_info *ai){
8184  int nwords;
8185 
8186  /* Write stuff */
8187  if (test_bit(FLAG_MPI,&ai->flags))
8188  memcpy_toio(ai->pciaux + 0x8000, ai->flash, FLASHSIZE);
8189  else {
8190  OUT4500(ai,AUXPAGE,0x100);
8191  OUT4500(ai,AUXOFF,0);
8192 
8193  for(nwords=0;nwords != FLASHSIZE / 2;nwords++){
8194  OUT4500(ai,AUXDATA,ai->flash[nwords] & 0xffff);
8195  }
8196  }
8197  OUT4500(ai,SWS0,0x8000);
8198 
8199  return 0;
8200 }
8201 
8202 /*
8203  *
8204  */
8205 static int flashrestart(struct airo_info *ai,struct net_device *dev){
8206  int i,status;
8207 
8208  ssleep(1); /* Added 12/7/00 */
8209  clear_bit (FLAG_FLASHING, &ai->flags);
8210  if (test_bit(FLAG_MPI, &ai->flags)) {
8211  status = mpi_init_descriptors(ai);
8212  if (status != SUCCESS)
8213  return status;
8214  }
8215  status = setup_card(ai, dev->dev_addr, 1);
8216 
8217  if (!test_bit(FLAG_MPI,&ai->flags))
8218  for( i = 0; i < MAX_FIDS; i++ ) {
8219  ai->fids[i] = transmit_allocate
8220  ( ai, AIRO_DEF_MTU, i >= MAX_FIDS / 2 );
8221  }
8222 
8223  ssleep(1); /* Added 12/7/00 */
8224  return status;
8225 }
8226 #endif /* CISCO_EXT */
8227 
8228 /*
8229  This program is free software; you can redistribute it and/or
8230  modify it under the terms of the GNU General Public License
8231  as published by the Free Software Foundation; either version 2
8232  of the License, or (at your option) any later version.
8233 
8234  This program is distributed in the hope that it will be useful,
8235  but WITHOUT ANY WARRANTY; without even the implied warranty of
8236  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
8237  GNU General Public License for more details.
8238 
8239  In addition:
8240 
8241  Redistribution and use in source and binary forms, with or without
8242  modification, are permitted provided that the following conditions
8243  are met:
8244 
8245  1. Redistributions of source code must retain the above copyright
8246  notice, this list of conditions and the following disclaimer.
8247  2. Redistributions in binary form must reproduce the above copyright
8248  notice, this list of conditions and the following disclaimer in the
8249  documentation and/or other materials provided with the distribution.
8250  3. The name of the author may not be used to endorse or promote
8251  products derived from this software without specific prior written
8252  permission.
8253 
8254  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
8255  IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
8256  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
8257  ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
8258  INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
8259  (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
8260  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
8261  HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
8262  STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
8263  IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
8264  POSSIBILITY OF SUCH DAMAGE.
8265 */
8266 
8267 module_init(airo_init_module);
8268 module_exit(airo_cleanup_module);