1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77#define DRIVER_NAME "orinoco"
78
79#include <linux/module.h>
80#include <linux/kernel.h>
81#include <linux/slab.h>
82#include <linux/init.h>
83#include <linux/delay.h>
84#include <linux/device.h>
85#include <linux/netdevice.h>
86#include <linux/etherdevice.h>
87#include <linux/suspend.h>
88#include <linux/if_arp.h>
89#include <linux/wireless.h>
90#include <linux/ieee80211.h>
91#include <net/iw_handler.h>
92#include <net/cfg80211.h>
93
94#include "hermes_rid.h"
95#include "hermes_dld.h"
96#include "hw.h"
97#include "scan.h"
98#include "mic.h"
99#include "fw.h"
100#include "wext.h"
101#include "cfg.h"
102#include "main.h"
103
104#include "orinoco.h"
105
106
107
108
109
110MODULE_AUTHOR("Pavel Roskin <proski@gnu.org> & "
111 "David Gibson <hermes@gibson.dropbear.id.au>");
112MODULE_DESCRIPTION("Driver for Lucent Orinoco, Prism II based "
113 "and similar wireless cards");
114MODULE_LICENSE("Dual MPL/GPL");
115
116
117#ifdef ORINOCO_DEBUG
118int orinoco_debug = ORINOCO_DEBUG;
119EXPORT_SYMBOL(orinoco_debug);
120module_param(orinoco_debug, int, 0644);
121MODULE_PARM_DESC(orinoco_debug, "Debug level");
122#endif
123
124static bool suppress_linkstatus;
125module_param(suppress_linkstatus, bool, 0644);
126MODULE_PARM_DESC(suppress_linkstatus, "Don't log link status changes");
127
128static int ignore_disconnect;
129module_param(ignore_disconnect, int, 0644);
130MODULE_PARM_DESC(ignore_disconnect,
131 "Don't report lost link to the network layer");
132
133int force_monitor;
134module_param(force_monitor, int, 0644);
135MODULE_PARM_DESC(force_monitor, "Allow monitor mode for all firmware versions");
136
137
138
139
140
141
142static const u8 encaps_hdr[] = {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00};
143#define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2)
144
145#define ORINOCO_MIN_MTU 256
146#define ORINOCO_MAX_MTU (IEEE80211_MAX_DATA_LEN - ENCAPS_OVERHEAD)
147
148#define MAX_IRQLOOPS_PER_IRQ 10
149#define MAX_IRQLOOPS_PER_JIFFY (20000 / HZ)
150
151
152
153
154#define DUMMY_FID 0xFFFF
155
156
157
158#define MAX_MULTICAST(priv) (HERMES_MAX_MULTICAST)
159
160#define ORINOCO_INTEN (HERMES_EV_RX | HERMES_EV_ALLOC \
161 | HERMES_EV_TX | HERMES_EV_TXEXC \
162 | HERMES_EV_WTERR | HERMES_EV_INFO \
163 | HERMES_EV_INFDROP)
164
165
166
167
168
169
170struct hermes_txexc_data {
171 struct hermes_tx_descriptor desc;
172 __le16 frame_ctl;
173 __le16 duration_id;
174 u8 addr1[ETH_ALEN];
175} __packed;
176
177
178struct hermes_rx_descriptor {
179
180 __le16 status;
181 __le32 time;
182 u8 silence;
183 u8 signal;
184 u8 rate;
185 u8 rxflow;
186 __le32 reserved;
187
188
189 __le16 frame_ctl;
190 __le16 duration_id;
191 u8 addr1[ETH_ALEN];
192 u8 addr2[ETH_ALEN];
193 u8 addr3[ETH_ALEN];
194 __le16 seq_ctl;
195 u8 addr4[ETH_ALEN];
196
197
198 __le16 data_len;
199} __packed;
200
201struct orinoco_rx_data {
202 struct hermes_rx_descriptor *desc;
203 struct sk_buff *skb;
204 struct list_head list;
205};
206
207struct orinoco_scan_data {
208 void *buf;
209 size_t len;
210 int type;
211 struct list_head list;
212};
213
214
215
216
217
218static int __orinoco_set_multicast_list(struct net_device *dev);
219static int __orinoco_up(struct orinoco_private *priv);
220static int __orinoco_down(struct orinoco_private *priv);
221static int __orinoco_commit(struct orinoco_private *priv);
222
223
224
225
226
227void set_port_type(struct orinoco_private *priv)
228{
229 switch (priv->iw_mode) {
230 case NL80211_IFTYPE_STATION:
231 priv->port_type = 1;
232 priv->createibss = 0;
233 break;
234 case NL80211_IFTYPE_ADHOC:
235 if (priv->prefer_port3) {
236 priv->port_type = 3;
237 priv->createibss = 0;
238 } else {
239 priv->port_type = priv->ibss_port;
240 priv->createibss = 1;
241 }
242 break;
243 case NL80211_IFTYPE_MONITOR:
244 priv->port_type = 3;
245 priv->createibss = 0;
246 break;
247 default:
248 printk(KERN_ERR "%s: Invalid priv->iw_mode in set_port_type()\n",
249 priv->ndev->name);
250 }
251}
252
253
254
255
256
257int orinoco_open(struct net_device *dev)
258{
259 struct orinoco_private *priv = ndev_priv(dev);
260 unsigned long flags;
261 int err;
262
263 if (orinoco_lock(priv, &flags) != 0)
264 return -EBUSY;
265
266 err = __orinoco_up(priv);
267
268 if (!err)
269 priv->open = 1;
270
271 orinoco_unlock(priv, &flags);
272
273 return err;
274}
275EXPORT_SYMBOL(orinoco_open);
276
277int orinoco_stop(struct net_device *dev)
278{
279 struct orinoco_private *priv = ndev_priv(dev);
280 int err = 0;
281
282
283
284
285 orinoco_lock_irq(priv);
286
287 priv->open = 0;
288
289 err = __orinoco_down(priv);
290
291 orinoco_unlock_irq(priv);
292
293 return err;
294}
295EXPORT_SYMBOL(orinoco_stop);
296
297struct net_device_stats *orinoco_get_stats(struct net_device *dev)
298{
299 struct orinoco_private *priv = ndev_priv(dev);
300
301 return &priv->stats;
302}
303EXPORT_SYMBOL(orinoco_get_stats);
304
305void orinoco_set_multicast_list(struct net_device *dev)
306{
307 struct orinoco_private *priv = ndev_priv(dev);
308 unsigned long flags;
309
310 if (orinoco_lock(priv, &flags) != 0) {
311 printk(KERN_DEBUG "%s: orinoco_set_multicast_list() "
312 "called when hw_unavailable\n", dev->name);
313 return;
314 }
315
316 __orinoco_set_multicast_list(dev);
317 orinoco_unlock(priv, &flags);
318}
319EXPORT_SYMBOL(orinoco_set_multicast_list);
320
321int orinoco_change_mtu(struct net_device *dev, int new_mtu)
322{
323 struct orinoco_private *priv = ndev_priv(dev);
324
325 if ((new_mtu < ORINOCO_MIN_MTU) || (new_mtu > ORINOCO_MAX_MTU))
326 return -EINVAL;
327
328
329 if ((new_mtu + ENCAPS_OVERHEAD + sizeof(struct ieee80211_hdr)) >
330 (priv->nicbuf_size - ETH_HLEN))
331 return -EINVAL;
332
333 dev->mtu = new_mtu;
334
335 return 0;
336}
337EXPORT_SYMBOL(orinoco_change_mtu);
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367int orinoco_process_xmit_skb(struct sk_buff *skb,
368 struct net_device *dev,
369 struct orinoco_private *priv,
370 int *tx_control,
371 u8 *mic_buf)
372{
373 struct orinoco_tkip_key *key;
374 struct ethhdr *eh;
375 int do_mic;
376
377 key = (struct orinoco_tkip_key *) priv->keys[priv->tx_key].key;
378
379 do_mic = ((priv->encode_alg == ORINOCO_ALG_TKIP) &&
380 (key != NULL));
381
382 if (do_mic)
383 *tx_control |= (priv->tx_key << HERMES_MIC_KEY_ID_SHIFT) |
384 HERMES_TXCTRL_MIC;
385
386 eh = (struct ethhdr *)skb->data;
387
388
389 if (ntohs(eh->h_proto) > ETH_DATA_LEN) {
390 struct header_struct {
391 struct ethhdr eth;
392 u8 encap[6];
393 } __packed hdr;
394 int len = skb->len + sizeof(encaps_hdr) - (2 * ETH_ALEN);
395
396 if (skb_headroom(skb) < ENCAPS_OVERHEAD) {
397 if (net_ratelimit())
398 printk(KERN_ERR
399 "%s: Not enough headroom for 802.2 headers %d\n",
400 dev->name, skb_headroom(skb));
401 return -ENOMEM;
402 }
403
404
405 memcpy(&hdr.eth, eh, 2 * ETH_ALEN);
406 hdr.eth.h_proto = htons(len);
407 memcpy(hdr.encap, encaps_hdr, sizeof(encaps_hdr));
408
409
410 eh = (struct ethhdr *) skb_push(skb, ENCAPS_OVERHEAD);
411 memcpy(eh, &hdr, sizeof(hdr));
412 }
413
414
415 if (do_mic) {
416 size_t len = skb->len - ETH_HLEN;
417 u8 *mic = &mic_buf[0];
418
419
420
421 if (skb->len % 2) {
422 *mic = skb->data[skb->len - 1];
423 mic++;
424 }
425
426 orinoco_mic(priv->tx_tfm_mic, key->tx_mic,
427 eh->h_dest, eh->h_source, 0 ,
428 skb->data + ETH_HLEN,
429 len, mic);
430 }
431
432 return 0;
433}
434EXPORT_SYMBOL(orinoco_process_xmit_skb);
435
436static netdev_tx_t orinoco_xmit(struct sk_buff *skb, struct net_device *dev)
437{
438 struct orinoco_private *priv = ndev_priv(dev);
439 struct net_device_stats *stats = &priv->stats;
440 struct hermes *hw = &priv->hw;
441 int err = 0;
442 u16 txfid = priv->txfid;
443 int tx_control;
444 unsigned long flags;
445 u8 mic_buf[MICHAEL_MIC_LEN + 1];
446
447 if (!netif_running(dev)) {
448 printk(KERN_ERR "%s: Tx on stopped device!\n",
449 dev->name);
450 return NETDEV_TX_BUSY;
451 }
452
453 if (netif_queue_stopped(dev)) {
454 printk(KERN_DEBUG "%s: Tx while transmitter busy!\n",
455 dev->name);
456 return NETDEV_TX_BUSY;
457 }
458
459 if (orinoco_lock(priv, &flags) != 0) {
460 printk(KERN_ERR "%s: orinoco_xmit() called while hw_unavailable\n",
461 dev->name);
462 return NETDEV_TX_BUSY;
463 }
464
465 if (!netif_carrier_ok(dev) ||
466 (priv->iw_mode == NL80211_IFTYPE_MONITOR)) {
467
468
469
470 goto drop;
471 }
472
473
474 if (skb->len < ETH_HLEN)
475 goto drop;
476
477 tx_control = HERMES_TXCTRL_TX_OK | HERMES_TXCTRL_TX_EX;
478
479 err = orinoco_process_xmit_skb(skb, dev, priv, &tx_control,
480 &mic_buf[0]);
481 if (err)
482 goto drop;
483
484 if (priv->has_alt_txcntl) {
485
486
487
488
489 char desc[HERMES_802_3_OFFSET];
490 __le16 *txcntl = (__le16 *) &desc[HERMES_TXCNTL2_OFFSET];
491
492 memset(&desc, 0, sizeof(desc));
493
494 *txcntl = cpu_to_le16(tx_control);
495 err = hw->ops->bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
496 txfid, 0);
497 if (err) {
498 if (net_ratelimit())
499 printk(KERN_ERR "%s: Error %d writing Tx "
500 "descriptor to BAP\n", dev->name, err);
501 goto busy;
502 }
503 } else {
504 struct hermes_tx_descriptor desc;
505
506 memset(&desc, 0, sizeof(desc));
507
508 desc.tx_control = cpu_to_le16(tx_control);
509 err = hw->ops->bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
510 txfid, 0);
511 if (err) {
512 if (net_ratelimit())
513 printk(KERN_ERR "%s: Error %d writing Tx "
514 "descriptor to BAP\n", dev->name, err);
515 goto busy;
516 }
517
518
519
520
521 hermes_clear_words(hw, HERMES_DATA0,
522 HERMES_802_3_OFFSET - HERMES_802_11_OFFSET);
523 }
524
525 err = hw->ops->bap_pwrite(hw, USER_BAP, skb->data, skb->len,
526 txfid, HERMES_802_3_OFFSET);
527 if (err) {
528 printk(KERN_ERR "%s: Error %d writing packet to BAP\n",
529 dev->name, err);
530 goto busy;
531 }
532
533 if (tx_control & HERMES_TXCTRL_MIC) {
534 size_t offset = HERMES_802_3_OFFSET + skb->len;
535 size_t len = MICHAEL_MIC_LEN;
536
537 if (offset % 2) {
538 offset--;
539 len++;
540 }
541 err = hw->ops->bap_pwrite(hw, USER_BAP, &mic_buf[0], len,
542 txfid, offset);
543 if (err) {
544 printk(KERN_ERR "%s: Error %d writing MIC to BAP\n",
545 dev->name, err);
546 goto busy;
547 }
548 }
549
550
551 netif_stop_queue(dev);
552
553 err = hw->ops->cmd_wait(hw, HERMES_CMD_TX | HERMES_CMD_RECL,
554 txfid, NULL);
555 if (err) {
556 netif_start_queue(dev);
557 if (net_ratelimit())
558 printk(KERN_ERR "%s: Error %d transmitting packet\n",
559 dev->name, err);
560 goto busy;
561 }
562
563 stats->tx_bytes += HERMES_802_3_OFFSET + skb->len;
564 goto ok;
565
566 drop:
567 stats->tx_errors++;
568 stats->tx_dropped++;
569
570 ok:
571 orinoco_unlock(priv, &flags);
572 dev_kfree_skb(skb);
573 return NETDEV_TX_OK;
574
575 busy:
576 if (err == -EIO)
577 schedule_work(&priv->reset_work);
578 orinoco_unlock(priv, &flags);
579 return NETDEV_TX_BUSY;
580}
581
582static void __orinoco_ev_alloc(struct net_device *dev, struct hermes *hw)
583{
584 struct orinoco_private *priv = ndev_priv(dev);
585 u16 fid = hermes_read_regn(hw, ALLOCFID);
586
587 if (fid != priv->txfid) {
588 if (fid != DUMMY_FID)
589 printk(KERN_WARNING "%s: Allocate event on unexpected fid (%04X)\n",
590 dev->name, fid);
591 return;
592 }
593
594 hermes_write_regn(hw, ALLOCFID, DUMMY_FID);
595}
596
597static void __orinoco_ev_tx(struct net_device *dev, struct hermes *hw)
598{
599 struct orinoco_private *priv = ndev_priv(dev);
600 struct net_device_stats *stats = &priv->stats;
601
602 stats->tx_packets++;
603
604 netif_wake_queue(dev);
605
606 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
607}
608
609static void __orinoco_ev_txexc(struct net_device *dev, struct hermes *hw)
610{
611 struct orinoco_private *priv = ndev_priv(dev);
612 struct net_device_stats *stats = &priv->stats;
613 u16 fid = hermes_read_regn(hw, TXCOMPLFID);
614 u16 status;
615 struct hermes_txexc_data hdr;
616 int err = 0;
617
618 if (fid == DUMMY_FID)
619 return;
620
621
622 err = hw->ops->bap_pread(hw, IRQ_BAP, &hdr,
623 sizeof(struct hermes_txexc_data),
624 fid, 0);
625
626 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
627 stats->tx_errors++;
628
629 if (err) {
630 printk(KERN_WARNING "%s: Unable to read descriptor on Tx error "
631 "(FID=%04X error %d)\n",
632 dev->name, fid, err);
633 return;
634 }
635
636 DEBUG(1, "%s: Tx error, err %d (FID=%04X)\n", dev->name,
637 err, fid);
638
639
640
641
642
643 status = le16_to_cpu(hdr.desc.status);
644 if (status & (HERMES_TXSTAT_RETRYERR | HERMES_TXSTAT_AGEDERR)) {
645 union iwreq_data wrqu;
646
647
648
649
650
651
652
653
654
655 memcpy(wrqu.addr.sa_data, hdr.addr1, ETH_ALEN);
656 wrqu.addr.sa_family = ARPHRD_ETHER;
657
658
659 wireless_send_event(dev, IWEVTXDROP, &wrqu, NULL);
660 }
661
662 netif_wake_queue(dev);
663}
664
665void orinoco_tx_timeout(struct net_device *dev)
666{
667 struct orinoco_private *priv = ndev_priv(dev);
668 struct net_device_stats *stats = &priv->stats;
669 struct hermes *hw = &priv->hw;
670
671 printk(KERN_WARNING "%s: Tx timeout! "
672 "ALLOCFID=%04x, TXCOMPLFID=%04x, EVSTAT=%04x\n",
673 dev->name, hermes_read_regn(hw, ALLOCFID),
674 hermes_read_regn(hw, TXCOMPLFID), hermes_read_regn(hw, EVSTAT));
675
676 stats->tx_errors++;
677
678 schedule_work(&priv->reset_work);
679}
680EXPORT_SYMBOL(orinoco_tx_timeout);
681
682
683
684
685
686
687
688static inline int is_ethersnap(void *_hdr)
689{
690 u8 *hdr = _hdr;
691
692
693
694
695
696
697 return (memcmp(hdr, &encaps_hdr, 5) == 0)
698 && ((hdr[5] == 0x00) || (hdr[5] == 0xf8));
699}
700
701static inline void orinoco_spy_gather(struct net_device *dev, u_char *mac,
702 int level, int noise)
703{
704 struct iw_quality wstats;
705 wstats.level = level - 0x95;
706 wstats.noise = noise - 0x95;
707 wstats.qual = (level > noise) ? (level - noise) : 0;
708 wstats.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
709
710 wireless_spy_update(dev, mac, &wstats);
711}
712
713static void orinoco_stat_gather(struct net_device *dev,
714 struct sk_buff *skb,
715 struct hermes_rx_descriptor *desc)
716{
717 struct orinoco_private *priv = ndev_priv(dev);
718
719
720
721
722
723
724
725
726
727
728
729 if (SPY_NUMBER(priv)) {
730 orinoco_spy_gather(dev, skb_mac_header(skb) + ETH_ALEN,
731 desc->signal, desc->silence);
732 }
733}
734
735
736
737
738
739
740
741
742
743
744
745static void orinoco_rx_monitor(struct net_device *dev, u16 rxfid,
746 struct hermes_rx_descriptor *desc)
747{
748 u32 hdrlen = 30;
749 u32 datalen = 0;
750 u16 fc;
751 int err;
752 int len;
753 struct sk_buff *skb;
754 struct orinoco_private *priv = ndev_priv(dev);
755 struct net_device_stats *stats = &priv->stats;
756 struct hermes *hw = &priv->hw;
757
758 len = le16_to_cpu(desc->data_len);
759
760
761 fc = le16_to_cpu(desc->frame_ctl);
762 switch (fc & IEEE80211_FCTL_FTYPE) {
763 case IEEE80211_FTYPE_DATA:
764 if ((fc & IEEE80211_FCTL_TODS)
765 && (fc & IEEE80211_FCTL_FROMDS))
766 hdrlen = 30;
767 else
768 hdrlen = 24;
769 datalen = len;
770 break;
771 case IEEE80211_FTYPE_MGMT:
772 hdrlen = 24;
773 datalen = len;
774 break;
775 case IEEE80211_FTYPE_CTL:
776 switch (fc & IEEE80211_FCTL_STYPE) {
777 case IEEE80211_STYPE_PSPOLL:
778 case IEEE80211_STYPE_RTS:
779 case IEEE80211_STYPE_CFEND:
780 case IEEE80211_STYPE_CFENDACK:
781 hdrlen = 16;
782 break;
783 case IEEE80211_STYPE_CTS:
784 case IEEE80211_STYPE_ACK:
785 hdrlen = 10;
786 break;
787 }
788 break;
789 default:
790
791 break;
792 }
793
794
795 if (datalen > IEEE80211_MAX_DATA_LEN + 12) {
796 printk(KERN_DEBUG "%s: oversized monitor frame, "
797 "data length = %d\n", dev->name, datalen);
798 stats->rx_length_errors++;
799 goto update_stats;
800 }
801
802 skb = dev_alloc_skb(hdrlen + datalen);
803 if (!skb) {
804 printk(KERN_WARNING "%s: Cannot allocate skb for monitor frame\n",
805 dev->name);
806 goto update_stats;
807 }
808
809
810 memcpy(skb_put(skb, hdrlen), &(desc->frame_ctl), hdrlen);
811 skb_reset_mac_header(skb);
812
813
814 if (datalen > 0) {
815 err = hw->ops->bap_pread(hw, IRQ_BAP, skb_put(skb, datalen),
816 ALIGN(datalen, 2), rxfid,
817 HERMES_802_2_OFFSET);
818 if (err) {
819 printk(KERN_ERR "%s: error %d reading monitor frame\n",
820 dev->name, err);
821 goto drop;
822 }
823 }
824
825 skb->dev = dev;
826 skb->ip_summed = CHECKSUM_NONE;
827 skb->pkt_type = PACKET_OTHERHOST;
828 skb->protocol = cpu_to_be16(ETH_P_802_2);
829
830 stats->rx_packets++;
831 stats->rx_bytes += skb->len;
832
833 netif_rx(skb);
834 return;
835
836 drop:
837 dev_kfree_skb_irq(skb);
838 update_stats:
839 stats->rx_errors++;
840 stats->rx_dropped++;
841}
842
843void __orinoco_ev_rx(struct net_device *dev, struct hermes *hw)
844{
845 struct orinoco_private *priv = ndev_priv(dev);
846 struct net_device_stats *stats = &priv->stats;
847 struct iw_statistics *wstats = &priv->wstats;
848 struct sk_buff *skb = NULL;
849 u16 rxfid, status;
850 int length;
851 struct hermes_rx_descriptor *desc;
852 struct orinoco_rx_data *rx_data;
853 int err;
854
855 desc = kmalloc(sizeof(*desc), GFP_ATOMIC);
856 if (!desc)
857 goto update_stats;
858
859 rxfid = hermes_read_regn(hw, RXFID);
860
861 err = hw->ops->bap_pread(hw, IRQ_BAP, desc, sizeof(*desc),
862 rxfid, 0);
863 if (err) {
864 printk(KERN_ERR "%s: error %d reading Rx descriptor. "
865 "Frame dropped.\n", dev->name, err);
866 goto update_stats;
867 }
868
869 status = le16_to_cpu(desc->status);
870
871 if (status & HERMES_RXSTAT_BADCRC) {
872 DEBUG(1, "%s: Bad CRC on Rx. Frame dropped.\n",
873 dev->name);
874 stats->rx_crc_errors++;
875 goto update_stats;
876 }
877
878
879 if (priv->iw_mode == NL80211_IFTYPE_MONITOR) {
880 orinoco_rx_monitor(dev, rxfid, desc);
881 goto out;
882 }
883
884 if (status & HERMES_RXSTAT_UNDECRYPTABLE) {
885 DEBUG(1, "%s: Undecryptable frame on Rx. Frame dropped.\n",
886 dev->name);
887 wstats->discard.code++;
888 goto update_stats;
889 }
890
891 length = le16_to_cpu(desc->data_len);
892
893
894 if (length < 3) {
895
896
897
898 goto out;
899 }
900 if (length > IEEE80211_MAX_DATA_LEN) {
901 printk(KERN_WARNING "%s: Oversized frame received (%d bytes)\n",
902 dev->name, length);
903 stats->rx_length_errors++;
904 goto update_stats;
905 }
906
907
908
909 if (status & HERMES_RXSTAT_MIC)
910 length += MICHAEL_MIC_LEN;
911
912
913
914
915
916
917 skb = dev_alloc_skb(length + ETH_HLEN + 2 + 1);
918 if (!skb) {
919 printk(KERN_WARNING "%s: Can't allocate skb for Rx\n",
920 dev->name);
921 goto update_stats;
922 }
923
924
925
926
927 skb_reserve(skb, ETH_HLEN + 2);
928
929 err = hw->ops->bap_pread(hw, IRQ_BAP, skb_put(skb, length),
930 ALIGN(length, 2), rxfid,
931 HERMES_802_2_OFFSET);
932 if (err) {
933 printk(KERN_ERR "%s: error %d reading frame. "
934 "Frame dropped.\n", dev->name, err);
935 goto drop;
936 }
937
938
939 rx_data = kzalloc(sizeof(*rx_data), GFP_ATOMIC);
940 if (!rx_data)
941 goto drop;
942
943 rx_data->desc = desc;
944 rx_data->skb = skb;
945 list_add_tail(&rx_data->list, &priv->rx_list);
946 tasklet_schedule(&priv->rx_tasklet);
947
948 return;
949
950drop:
951 dev_kfree_skb_irq(skb);
952update_stats:
953 stats->rx_errors++;
954 stats->rx_dropped++;
955out:
956 kfree(desc);
957}
958EXPORT_SYMBOL(__orinoco_ev_rx);
959
960static void orinoco_rx(struct net_device *dev,
961 struct hermes_rx_descriptor *desc,
962 struct sk_buff *skb)
963{
964 struct orinoco_private *priv = ndev_priv(dev);
965 struct net_device_stats *stats = &priv->stats;
966 u16 status, fc;
967 int length;
968 struct ethhdr *hdr;
969
970 status = le16_to_cpu(desc->status);
971 length = le16_to_cpu(desc->data_len);
972 fc = le16_to_cpu(desc->frame_ctl);
973
974
975 if (status & HERMES_RXSTAT_MIC) {
976 struct orinoco_tkip_key *key;
977 int key_id = ((status & HERMES_RXSTAT_MIC_KEY_ID) >>
978 HERMES_MIC_KEY_ID_SHIFT);
979 u8 mic[MICHAEL_MIC_LEN];
980 u8 *rxmic;
981 u8 *src = (fc & IEEE80211_FCTL_FROMDS) ?
982 desc->addr3 : desc->addr2;
983
984
985 rxmic = skb->data + skb->len - MICHAEL_MIC_LEN;
986
987 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
988 length -= MICHAEL_MIC_LEN;
989
990 key = (struct orinoco_tkip_key *) priv->keys[key_id].key;
991
992 if (!key) {
993 printk(KERN_WARNING "%s: Received encrypted frame from "
994 "%pM using key %i, but key is not installed\n",
995 dev->name, src, key_id);
996 goto drop;
997 }
998
999 orinoco_mic(priv->rx_tfm_mic, key->rx_mic, desc->addr1, src,
1000 0,
1001 skb->data, skb->len, &mic[0]);
1002
1003 if (memcmp(mic, rxmic,
1004 MICHAEL_MIC_LEN)) {
1005 union iwreq_data wrqu;
1006 struct iw_michaelmicfailure wxmic;
1007
1008 printk(KERN_WARNING "%s: "
1009 "Invalid Michael MIC in data frame from %pM, "
1010 "using key %i\n",
1011 dev->name, src, key_id);
1012
1013
1014
1015
1016 memset(&wxmic, 0, sizeof(wxmic));
1017 wxmic.flags = key_id & IW_MICFAILURE_KEY_ID;
1018 wxmic.flags |= (desc->addr1[0] & 1) ?
1019 IW_MICFAILURE_GROUP : IW_MICFAILURE_PAIRWISE;
1020 wxmic.src_addr.sa_family = ARPHRD_ETHER;
1021 memcpy(wxmic.src_addr.sa_data, src, ETH_ALEN);
1022
1023 (void) orinoco_hw_get_tkip_iv(priv, key_id,
1024 &wxmic.tsc[0]);
1025
1026 memset(&wrqu, 0, sizeof(wrqu));
1027 wrqu.data.length = sizeof(wxmic);
1028 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu,
1029 (char *) &wxmic);
1030
1031 goto drop;
1032 }
1033 }
1034
1035
1036
1037
1038
1039
1040 if (length >= ENCAPS_OVERHEAD &&
1041 (((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_1042) ||
1042 ((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_TUNNEL) ||
1043 is_ethersnap(skb->data))) {
1044
1045
1046
1047 hdr = (struct ethhdr *)skb_push(skb,
1048 ETH_HLEN - ENCAPS_OVERHEAD);
1049 } else {
1050
1051 hdr = (struct ethhdr *)skb_push(skb, ETH_HLEN);
1052 hdr->h_proto = htons(length);
1053 }
1054 memcpy(hdr->h_dest, desc->addr1, ETH_ALEN);
1055 if (fc & IEEE80211_FCTL_FROMDS)
1056 memcpy(hdr->h_source, desc->addr3, ETH_ALEN);
1057 else
1058 memcpy(hdr->h_source, desc->addr2, ETH_ALEN);
1059
1060 skb->protocol = eth_type_trans(skb, dev);
1061 skb->ip_summed = CHECKSUM_NONE;
1062 if (fc & IEEE80211_FCTL_TODS)
1063 skb->pkt_type = PACKET_OTHERHOST;
1064
1065
1066 orinoco_stat_gather(dev, skb, desc);
1067
1068
1069 netif_rx(skb);
1070 stats->rx_packets++;
1071 stats->rx_bytes += length;
1072
1073 return;
1074
1075 drop:
1076 dev_kfree_skb(skb);
1077 stats->rx_errors++;
1078 stats->rx_dropped++;
1079}
1080
1081static void orinoco_rx_isr_tasklet(unsigned long data)
1082{
1083 struct orinoco_private *priv = (struct orinoco_private *) data;
1084 struct net_device *dev = priv->ndev;
1085 struct orinoco_rx_data *rx_data, *temp;
1086 struct hermes_rx_descriptor *desc;
1087 struct sk_buff *skb;
1088 unsigned long flags;
1089
1090
1091
1092
1093
1094
1095
1096 if (orinoco_lock(priv, &flags) != 0)
1097 return;
1098
1099
1100 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
1101 desc = rx_data->desc;
1102 skb = rx_data->skb;
1103 list_del(&rx_data->list);
1104 kfree(rx_data);
1105
1106 orinoco_rx(dev, desc, skb);
1107
1108 kfree(desc);
1109 }
1110
1111 orinoco_unlock(priv, &flags);
1112}
1113
1114
1115
1116
1117
1118static void print_linkstatus(struct net_device *dev, u16 status)
1119{
1120 char *s;
1121
1122 if (suppress_linkstatus)
1123 return;
1124
1125 switch (status) {
1126 case HERMES_LINKSTATUS_NOT_CONNECTED:
1127 s = "Not Connected";
1128 break;
1129 case HERMES_LINKSTATUS_CONNECTED:
1130 s = "Connected";
1131 break;
1132 case HERMES_LINKSTATUS_DISCONNECTED:
1133 s = "Disconnected";
1134 break;
1135 case HERMES_LINKSTATUS_AP_CHANGE:
1136 s = "AP Changed";
1137 break;
1138 case HERMES_LINKSTATUS_AP_OUT_OF_RANGE:
1139 s = "AP Out of Range";
1140 break;
1141 case HERMES_LINKSTATUS_AP_IN_RANGE:
1142 s = "AP In Range";
1143 break;
1144 case HERMES_LINKSTATUS_ASSOC_FAILED:
1145 s = "Association Failed";
1146 break;
1147 default:
1148 s = "UNKNOWN";
1149 }
1150
1151 printk(KERN_DEBUG "%s: New link status: %s (%04x)\n",
1152 dev->name, s, status);
1153}
1154
1155
1156static void orinoco_join_ap(struct work_struct *work)
1157{
1158 struct orinoco_private *priv =
1159 container_of(work, struct orinoco_private, join_work);
1160 struct net_device *dev = priv->ndev;
1161 struct hermes *hw = &priv->hw;
1162 int err;
1163 unsigned long flags;
1164 struct join_req {
1165 u8 bssid[ETH_ALEN];
1166 __le16 channel;
1167 } __packed req;
1168 const int atom_len = offsetof(struct prism2_scan_apinfo, atim);
1169 struct prism2_scan_apinfo *atom = NULL;
1170 int offset = 4;
1171 int found = 0;
1172 u8 *buf;
1173 u16 len;
1174
1175
1176 buf = kmalloc(MAX_SCAN_LEN, GFP_KERNEL);
1177 if (!buf)
1178 return;
1179
1180 if (orinoco_lock(priv, &flags) != 0)
1181 goto fail_lock;
1182
1183
1184 if (!priv->bssid_fixed)
1185 goto out;
1186
1187 if (strlen(priv->desired_essid) == 0)
1188 goto out;
1189
1190
1191 err = hw->ops->read_ltv(hw, USER_BAP,
1192 HERMES_RID_SCANRESULTSTABLE,
1193 MAX_SCAN_LEN, &len, buf);
1194 if (err) {
1195 printk(KERN_ERR "%s: Cannot read scan results\n",
1196 dev->name);
1197 goto out;
1198 }
1199
1200 len = HERMES_RECLEN_TO_BYTES(len);
1201
1202
1203
1204 for (; offset + atom_len <= len; offset += atom_len) {
1205 atom = (struct prism2_scan_apinfo *) (buf + offset);
1206 if (memcmp(&atom->bssid, priv->desired_bssid, ETH_ALEN) == 0) {
1207 found = 1;
1208 break;
1209 }
1210 }
1211
1212 if (!found) {
1213 DEBUG(1, "%s: Requested AP not found in scan results\n",
1214 dev->name);
1215 goto out;
1216 }
1217
1218 memcpy(req.bssid, priv->desired_bssid, ETH_ALEN);
1219 req.channel = atom->channel;
1220 err = HERMES_WRITE_RECORD(hw, USER_BAP, HERMES_RID_CNFJOINREQUEST,
1221 &req);
1222 if (err)
1223 printk(KERN_ERR "%s: Error issuing join request\n", dev->name);
1224
1225 out:
1226 orinoco_unlock(priv, &flags);
1227
1228 fail_lock:
1229 kfree(buf);
1230}
1231
1232
1233static void orinoco_send_bssid_wevent(struct orinoco_private *priv)
1234{
1235 struct net_device *dev = priv->ndev;
1236 struct hermes *hw = &priv->hw;
1237 union iwreq_data wrqu;
1238 int err;
1239
1240 err = hw->ops->read_ltv(hw, USER_BAP, HERMES_RID_CURRENTBSSID,
1241 ETH_ALEN, NULL, wrqu.ap_addr.sa_data);
1242 if (err != 0)
1243 return;
1244
1245 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1246
1247
1248 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
1249}
1250
1251static void orinoco_send_assocreqie_wevent(struct orinoco_private *priv)
1252{
1253 struct net_device *dev = priv->ndev;
1254 struct hermes *hw = &priv->hw;
1255 union iwreq_data wrqu;
1256 int err;
1257 u8 buf[88];
1258 u8 *ie;
1259
1260 if (!priv->has_wpa)
1261 return;
1262
1263 err = hw->ops->read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_ASSOC_REQ_INFO,
1264 sizeof(buf), NULL, &buf);
1265 if (err != 0)
1266 return;
1267
1268 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1269 if (ie) {
1270 int rem = sizeof(buf) - (ie - &buf[0]);
1271 wrqu.data.length = ie[1] + 2;
1272 if (wrqu.data.length > rem)
1273 wrqu.data.length = rem;
1274
1275 if (wrqu.data.length)
1276
1277 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, ie);
1278 }
1279}
1280
1281static void orinoco_send_assocrespie_wevent(struct orinoco_private *priv)
1282{
1283 struct net_device *dev = priv->ndev;
1284 struct hermes *hw = &priv->hw;
1285 union iwreq_data wrqu;
1286 int err;
1287 u8 buf[88];
1288 u8 *ie;
1289
1290 if (!priv->has_wpa)
1291 return;
1292
1293 err = hw->ops->read_ltv(hw, USER_BAP,
1294 HERMES_RID_CURRENT_ASSOC_RESP_INFO,
1295 sizeof(buf), NULL, &buf);
1296 if (err != 0)
1297 return;
1298
1299 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1300 if (ie) {
1301 int rem = sizeof(buf) - (ie - &buf[0]);
1302 wrqu.data.length = ie[1] + 2;
1303 if (wrqu.data.length > rem)
1304 wrqu.data.length = rem;
1305
1306 if (wrqu.data.length)
1307
1308 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, ie);
1309 }
1310}
1311
1312static void orinoco_send_wevents(struct work_struct *work)
1313{
1314 struct orinoco_private *priv =
1315 container_of(work, struct orinoco_private, wevent_work);
1316 unsigned long flags;
1317
1318 if (orinoco_lock(priv, &flags) != 0)
1319 return;
1320
1321 orinoco_send_assocreqie_wevent(priv);
1322 orinoco_send_assocrespie_wevent(priv);
1323 orinoco_send_bssid_wevent(priv);
1324
1325 orinoco_unlock(priv, &flags);
1326}
1327
1328static void qbuf_scan(struct orinoco_private *priv, void *buf,
1329 int len, int type)
1330{
1331 struct orinoco_scan_data *sd;
1332 unsigned long flags;
1333
1334 sd = kmalloc(sizeof(*sd), GFP_ATOMIC);
1335 if (!sd)
1336 return;
1337
1338 sd->buf = buf;
1339 sd->len = len;
1340 sd->type = type;
1341
1342 spin_lock_irqsave(&priv->scan_lock, flags);
1343 list_add_tail(&sd->list, &priv->scan_list);
1344 spin_unlock_irqrestore(&priv->scan_lock, flags);
1345
1346 schedule_work(&priv->process_scan);
1347}
1348
1349static void qabort_scan(struct orinoco_private *priv)
1350{
1351 struct orinoco_scan_data *sd;
1352 unsigned long flags;
1353
1354 sd = kmalloc(sizeof(*sd), GFP_ATOMIC);
1355 if (!sd)
1356 return;
1357
1358 sd->len = -1;
1359
1360 spin_lock_irqsave(&priv->scan_lock, flags);
1361 list_add_tail(&sd->list, &priv->scan_list);
1362 spin_unlock_irqrestore(&priv->scan_lock, flags);
1363
1364 schedule_work(&priv->process_scan);
1365}
1366
1367static void orinoco_process_scan_results(struct work_struct *work)
1368{
1369 struct orinoco_private *priv =
1370 container_of(work, struct orinoco_private, process_scan);
1371 struct orinoco_scan_data *sd, *temp;
1372 unsigned long flags;
1373 void *buf;
1374 int len;
1375 int type;
1376
1377 spin_lock_irqsave(&priv->scan_lock, flags);
1378 list_for_each_entry_safe(sd, temp, &priv->scan_list, list) {
1379
1380 buf = sd->buf;
1381 len = sd->len;
1382 type = sd->type;
1383
1384 list_del(&sd->list);
1385 spin_unlock_irqrestore(&priv->scan_lock, flags);
1386 kfree(sd);
1387
1388 if (len > 0) {
1389 if (type == HERMES_INQ_CHANNELINFO)
1390 orinoco_add_extscan_result(priv, buf, len);
1391 else
1392 orinoco_add_hostscan_results(priv, buf, len);
1393
1394 kfree(buf);
1395 } else {
1396
1397 orinoco_scan_done(priv, (len < 0));
1398 }
1399
1400 spin_lock_irqsave(&priv->scan_lock, flags);
1401 }
1402 spin_unlock_irqrestore(&priv->scan_lock, flags);
1403}
1404
1405void __orinoco_ev_info(struct net_device *dev, struct hermes *hw)
1406{
1407 struct orinoco_private *priv = ndev_priv(dev);
1408 u16 infofid;
1409 struct {
1410 __le16 len;
1411 __le16 type;
1412 } __packed info;
1413 int len, type;
1414 int err;
1415
1416
1417
1418
1419
1420 infofid = hermes_read_regn(hw, INFOFID);
1421
1422
1423 err = hw->ops->bap_pread(hw, IRQ_BAP, &info, sizeof(info),
1424 infofid, 0);
1425 if (err) {
1426 printk(KERN_ERR "%s: error %d reading info frame. "
1427 "Frame dropped.\n", dev->name, err);
1428 return;
1429 }
1430
1431 len = HERMES_RECLEN_TO_BYTES(le16_to_cpu(info.len));
1432 type = le16_to_cpu(info.type);
1433
1434 switch (type) {
1435 case HERMES_INQ_TALLIES: {
1436 struct hermes_tallies_frame tallies;
1437 struct iw_statistics *wstats = &priv->wstats;
1438
1439 if (len > sizeof(tallies)) {
1440 printk(KERN_WARNING "%s: Tallies frame too long (%d bytes)\n",
1441 dev->name, len);
1442 len = sizeof(tallies);
1443 }
1444
1445 err = hw->ops->bap_pread(hw, IRQ_BAP, &tallies, len,
1446 infofid, sizeof(info));
1447 if (err)
1448 break;
1449
1450
1451
1452 wstats->discard.code +=
1453 le16_to_cpu(tallies.RxWEPUndecryptable);
1454 if (len == sizeof(tallies))
1455 wstats->discard.code +=
1456 le16_to_cpu(tallies.RxDiscards_WEPICVError) +
1457 le16_to_cpu(tallies.RxDiscards_WEPExcluded);
1458 wstats->discard.misc +=
1459 le16_to_cpu(tallies.TxDiscardsWrongSA);
1460 wstats->discard.fragment +=
1461 le16_to_cpu(tallies.RxMsgInBadMsgFragments);
1462 wstats->discard.retries +=
1463 le16_to_cpu(tallies.TxRetryLimitExceeded);
1464
1465 }
1466 break;
1467 case HERMES_INQ_LINKSTATUS: {
1468 struct hermes_linkstatus linkstatus;
1469 u16 newstatus;
1470 int connected;
1471
1472 if (priv->iw_mode == NL80211_IFTYPE_MONITOR)
1473 break;
1474
1475 if (len != sizeof(linkstatus)) {
1476 printk(KERN_WARNING "%s: Unexpected size for linkstatus frame (%d bytes)\n",
1477 dev->name, len);
1478 break;
1479 }
1480
1481 err = hw->ops->bap_pread(hw, IRQ_BAP, &linkstatus, len,
1482 infofid, sizeof(info));
1483 if (err)
1484 break;
1485 newstatus = le16_to_cpu(linkstatus.linkstatus);
1486
1487
1488
1489 if (newstatus == HERMES_LINKSTATUS_AP_OUT_OF_RANGE &&
1490 priv->firmware_type == FIRMWARE_TYPE_SYMBOL &&
1491 priv->has_hostscan && priv->scan_request) {
1492 hermes_inquire(hw, HERMES_INQ_HOSTSCAN_SYMBOL);
1493 break;
1494 }
1495
1496 connected = (newstatus == HERMES_LINKSTATUS_CONNECTED)
1497 || (newstatus == HERMES_LINKSTATUS_AP_CHANGE)
1498 || (newstatus == HERMES_LINKSTATUS_AP_IN_RANGE);
1499
1500 if (connected)
1501 netif_carrier_on(dev);
1502 else if (!ignore_disconnect)
1503 netif_carrier_off(dev);
1504
1505 if (newstatus != priv->last_linkstatus) {
1506 priv->last_linkstatus = newstatus;
1507 print_linkstatus(dev, newstatus);
1508
1509
1510
1511
1512 schedule_work(&priv->wevent_work);
1513 }
1514 }
1515 break;
1516 case HERMES_INQ_SCAN:
1517 if (!priv->scan_request && priv->bssid_fixed &&
1518 priv->firmware_type == FIRMWARE_TYPE_INTERSIL) {
1519 schedule_work(&priv->join_work);
1520 break;
1521 }
1522
1523 case HERMES_INQ_HOSTSCAN:
1524 case HERMES_INQ_HOSTSCAN_SYMBOL: {
1525
1526
1527 unsigned char *buf;
1528
1529
1530 if (len > 4096) {
1531 printk(KERN_WARNING "%s: Scan results too large (%d bytes)\n",
1532 dev->name, len);
1533 qabort_scan(priv);
1534 break;
1535 }
1536
1537
1538 buf = kmalloc(len, GFP_ATOMIC);
1539 if (buf == NULL) {
1540
1541 qabort_scan(priv);
1542 break;
1543 }
1544
1545
1546 err = hw->ops->bap_pread(hw, IRQ_BAP, (void *) buf, len,
1547 infofid, sizeof(info));
1548 if (err) {
1549 kfree(buf);
1550 qabort_scan(priv);
1551 break;
1552 }
1553
1554#ifdef ORINOCO_DEBUG
1555 {
1556 int i;
1557 printk(KERN_DEBUG "Scan result [%02X", buf[0]);
1558 for (i = 1; i < (len * 2); i++)
1559 printk(":%02X", buf[i]);
1560 printk("]\n");
1561 }
1562#endif
1563
1564 qbuf_scan(priv, buf, len, type);
1565 }
1566 break;
1567 case HERMES_INQ_CHANNELINFO:
1568 {
1569 struct agere_ext_scan_info *bss;
1570
1571 if (!priv->scan_request) {
1572 printk(KERN_DEBUG "%s: Got chaninfo without scan, "
1573 "len=%d\n", dev->name, len);
1574 break;
1575 }
1576
1577
1578 if (len == 0) {
1579 qbuf_scan(priv, NULL, len, type);
1580 break;
1581 }
1582
1583
1584 else if (len < (offsetof(struct agere_ext_scan_info,
1585 data) + 2)) {
1586
1587
1588 printk(KERN_WARNING
1589 "%s: Ext scan results too short (%d bytes)\n",
1590 dev->name, len);
1591 break;
1592 }
1593
1594 bss = kmalloc(len, GFP_ATOMIC);
1595 if (bss == NULL)
1596 break;
1597
1598
1599 err = hw->ops->bap_pread(hw, IRQ_BAP, (void *) bss, len,
1600 infofid, sizeof(info));
1601 if (err)
1602 kfree(bss);
1603 else
1604 qbuf_scan(priv, bss, len, type);
1605
1606 break;
1607 }
1608 case HERMES_INQ_SEC_STAT_AGERE:
1609
1610
1611 if (priv->firmware_type == FIRMWARE_TYPE_AGERE)
1612 break;
1613
1614 default:
1615 printk(KERN_DEBUG "%s: Unknown information frame received: "
1616 "type 0x%04x, length %d\n", dev->name, type, len);
1617
1618 break;
1619 }
1620}
1621EXPORT_SYMBOL(__orinoco_ev_info);
1622
1623static void __orinoco_ev_infdrop(struct net_device *dev, struct hermes *hw)
1624{
1625 if (net_ratelimit())
1626 printk(KERN_DEBUG "%s: Information frame lost.\n", dev->name);
1627}
1628
1629
1630
1631
1632
1633static int __orinoco_up(struct orinoco_private *priv)
1634{
1635 struct net_device *dev = priv->ndev;
1636 struct hermes *hw = &priv->hw;
1637 int err;
1638
1639 netif_carrier_off(dev);
1640
1641 err = __orinoco_commit(priv);
1642 if (err) {
1643 printk(KERN_ERR "%s: Error %d configuring card\n",
1644 dev->name, err);
1645 return err;
1646 }
1647
1648
1649 hermes_set_irqmask(hw, ORINOCO_INTEN);
1650 err = hermes_enable_port(hw, 0);
1651 if (err) {
1652 printk(KERN_ERR "%s: Error %d enabling MAC port\n",
1653 dev->name, err);
1654 return err;
1655 }
1656
1657 netif_start_queue(dev);
1658
1659 return 0;
1660}
1661
1662static int __orinoco_down(struct orinoco_private *priv)
1663{
1664 struct net_device *dev = priv->ndev;
1665 struct hermes *hw = &priv->hw;
1666 int err;
1667
1668 netif_stop_queue(dev);
1669
1670 if (!priv->hw_unavailable) {
1671 if (!priv->broken_disableport) {
1672 err = hermes_disable_port(hw, 0);
1673 if (err) {
1674
1675
1676
1677 printk(KERN_WARNING "%s: Error %d disabling MAC port\n",
1678 dev->name, err);
1679 priv->broken_disableport = 1;
1680 }
1681 }
1682 hermes_set_irqmask(hw, 0);
1683 hermes_write_regn(hw, EVACK, 0xffff);
1684 }
1685
1686 orinoco_scan_done(priv, true);
1687
1688
1689 netif_carrier_off(dev);
1690 priv->last_linkstatus = 0xffff;
1691
1692 return 0;
1693}
1694
1695static int orinoco_reinit_firmware(struct orinoco_private *priv)
1696{
1697 struct hermes *hw = &priv->hw;
1698 int err;
1699
1700 err = hw->ops->init(hw);
1701 if (priv->do_fw_download && !err) {
1702 err = orinoco_download(priv);
1703 if (err)
1704 priv->do_fw_download = 0;
1705 }
1706 if (!err)
1707 err = orinoco_hw_allocate_fid(priv);
1708
1709 return err;
1710}
1711
1712static int
1713__orinoco_set_multicast_list(struct net_device *dev)
1714{
1715 struct orinoco_private *priv = ndev_priv(dev);
1716 int err = 0;
1717 int promisc, mc_count;
1718
1719
1720
1721 if ((dev->flags & IFF_PROMISC) || (dev->flags & IFF_ALLMULTI) ||
1722 (netdev_mc_count(dev) > MAX_MULTICAST(priv))) {
1723 promisc = 1;
1724 mc_count = 0;
1725 } else {
1726 promisc = 0;
1727 mc_count = netdev_mc_count(dev);
1728 }
1729
1730 err = __orinoco_hw_set_multicast_list(priv, dev, mc_count, promisc);
1731
1732 return err;
1733}
1734
1735
1736
1737void orinoco_reset(struct work_struct *work)
1738{
1739 struct orinoco_private *priv =
1740 container_of(work, struct orinoco_private, reset_work);
1741 struct net_device *dev = priv->ndev;
1742 struct hermes *hw = &priv->hw;
1743 int err;
1744 unsigned long flags;
1745
1746 if (orinoco_lock(priv, &flags) != 0)
1747
1748
1749
1750 return;
1751
1752 netif_stop_queue(dev);
1753
1754
1755
1756 hermes_set_irqmask(hw, 0);
1757 hermes_write_regn(hw, EVACK, 0xffff);
1758
1759 priv->hw_unavailable++;
1760 priv->last_linkstatus = 0xffff;
1761 netif_carrier_off(dev);
1762
1763 orinoco_unlock(priv, &flags);
1764
1765
1766 orinoco_scan_done(priv, true);
1767
1768 if (priv->hard_reset) {
1769 err = (*priv->hard_reset)(priv);
1770 if (err) {
1771 printk(KERN_ERR "%s: orinoco_reset: Error %d "
1772 "performing hard reset\n", dev->name, err);
1773 goto disable;
1774 }
1775 }
1776
1777 err = orinoco_reinit_firmware(priv);
1778 if (err) {
1779 printk(KERN_ERR "%s: orinoco_reset: Error %d re-initializing firmware\n",
1780 dev->name, err);
1781 goto disable;
1782 }
1783
1784
1785 orinoco_lock_irq(priv);
1786
1787 priv->hw_unavailable--;
1788
1789
1790
1791 if (priv->open && (!priv->hw_unavailable)) {
1792 err = __orinoco_up(priv);
1793 if (err) {
1794 printk(KERN_ERR "%s: orinoco_reset: Error %d reenabling card\n",
1795 dev->name, err);
1796 } else
1797 dev->trans_start = jiffies;
1798 }
1799
1800 orinoco_unlock_irq(priv);
1801
1802 return;
1803 disable:
1804 hermes_set_irqmask(hw, 0);
1805 netif_device_detach(dev);
1806 printk(KERN_ERR "%s: Device has been disabled!\n", dev->name);
1807}
1808
1809static int __orinoco_commit(struct orinoco_private *priv)
1810{
1811 struct net_device *dev = priv->ndev;
1812 int err = 0;
1813
1814
1815
1816
1817
1818 priv->tkip_cm_active = 0;
1819
1820 err = orinoco_hw_program_rids(priv);
1821
1822
1823 (void) __orinoco_set_multicast_list(dev);
1824
1825 return err;
1826}
1827
1828
1829
1830
1831int orinoco_commit(struct orinoco_private *priv)
1832{
1833 struct net_device *dev = priv->ndev;
1834 struct hermes *hw = &priv->hw;
1835 int err;
1836
1837 if (priv->broken_disableport) {
1838 schedule_work(&priv->reset_work);
1839 return 0;
1840 }
1841
1842 err = hermes_disable_port(hw, 0);
1843 if (err) {
1844 printk(KERN_WARNING "%s: Unable to disable port "
1845 "while reconfiguring card\n", dev->name);
1846 priv->broken_disableport = 1;
1847 goto out;
1848 }
1849
1850 err = __orinoco_commit(priv);
1851 if (err) {
1852 printk(KERN_WARNING "%s: Unable to reconfigure card\n",
1853 dev->name);
1854 goto out;
1855 }
1856
1857 err = hermes_enable_port(hw, 0);
1858 if (err) {
1859 printk(KERN_WARNING "%s: Unable to enable port while reconfiguring card\n",
1860 dev->name);
1861 goto out;
1862 }
1863
1864 out:
1865 if (err) {
1866 printk(KERN_WARNING "%s: Resetting instead...\n", dev->name);
1867 schedule_work(&priv->reset_work);
1868 err = 0;
1869 }
1870 return err;
1871}
1872
1873
1874
1875
1876
1877static void __orinoco_ev_tick(struct net_device *dev, struct hermes *hw)
1878{
1879 printk(KERN_DEBUG "%s: TICK\n", dev->name);
1880}
1881
1882static void __orinoco_ev_wterr(struct net_device *dev, struct hermes *hw)
1883{
1884
1885
1886 printk(KERN_DEBUG "%s: MAC controller error (WTERR). Ignoring.\n",
1887 dev->name);
1888}
1889
1890irqreturn_t orinoco_interrupt(int irq, void *dev_id)
1891{
1892 struct orinoco_private *priv = dev_id;
1893 struct net_device *dev = priv->ndev;
1894 struct hermes *hw = &priv->hw;
1895 int count = MAX_IRQLOOPS_PER_IRQ;
1896 u16 evstat, events;
1897
1898
1899
1900
1901
1902
1903 static int last_irq_jiffy;
1904 static int loops_this_jiffy;
1905 unsigned long flags;
1906
1907 if (orinoco_lock(priv, &flags) != 0) {
1908
1909
1910 return IRQ_HANDLED;
1911 }
1912
1913 evstat = hermes_read_regn(hw, EVSTAT);
1914 events = evstat & hw->inten;
1915 if (!events) {
1916 orinoco_unlock(priv, &flags);
1917 return IRQ_NONE;
1918 }
1919
1920 if (jiffies != last_irq_jiffy)
1921 loops_this_jiffy = 0;
1922 last_irq_jiffy = jiffies;
1923
1924 while (events && count--) {
1925 if (++loops_this_jiffy > MAX_IRQLOOPS_PER_JIFFY) {
1926 printk(KERN_WARNING "%s: IRQ handler is looping too "
1927 "much! Resetting.\n", dev->name);
1928
1929 hermes_set_irqmask(hw, 0);
1930 schedule_work(&priv->reset_work);
1931 break;
1932 }
1933
1934
1935 if (!hermes_present(hw)) {
1936 DEBUG(0, "orinoco_interrupt(): card removed\n");
1937 break;
1938 }
1939
1940 if (events & HERMES_EV_TICK)
1941 __orinoco_ev_tick(dev, hw);
1942 if (events & HERMES_EV_WTERR)
1943 __orinoco_ev_wterr(dev, hw);
1944 if (events & HERMES_EV_INFDROP)
1945 __orinoco_ev_infdrop(dev, hw);
1946 if (events & HERMES_EV_INFO)
1947 __orinoco_ev_info(dev, hw);
1948 if (events & HERMES_EV_RX)
1949 __orinoco_ev_rx(dev, hw);
1950 if (events & HERMES_EV_TXEXC)
1951 __orinoco_ev_txexc(dev, hw);
1952 if (events & HERMES_EV_TX)
1953 __orinoco_ev_tx(dev, hw);
1954 if (events & HERMES_EV_ALLOC)
1955 __orinoco_ev_alloc(dev, hw);
1956
1957 hermes_write_regn(hw, EVACK, evstat);
1958
1959 evstat = hermes_read_regn(hw, EVSTAT);
1960 events = evstat & hw->inten;
1961 }
1962
1963 orinoco_unlock(priv, &flags);
1964 return IRQ_HANDLED;
1965}
1966EXPORT_SYMBOL(orinoco_interrupt);
1967
1968
1969
1970
1971#if defined(CONFIG_PM_SLEEP) && !defined(CONFIG_HERMES_CACHE_FW_ON_INIT)
1972static int orinoco_pm_notifier(struct notifier_block *notifier,
1973 unsigned long pm_event,
1974 void *unused)
1975{
1976 struct orinoco_private *priv = container_of(notifier,
1977 struct orinoco_private,
1978 pm_notifier);
1979
1980
1981
1982
1983
1984 if (!priv->do_fw_download)
1985 return NOTIFY_DONE;
1986
1987 switch (pm_event) {
1988 case PM_HIBERNATION_PREPARE:
1989 case PM_SUSPEND_PREPARE:
1990 orinoco_cache_fw(priv, 0);
1991 break;
1992
1993 case PM_POST_RESTORE:
1994
1995
1996 case PM_POST_HIBERNATION:
1997 case PM_POST_SUSPEND:
1998 orinoco_uncache_fw(priv);
1999 break;
2000
2001 case PM_RESTORE_PREPARE:
2002 default:
2003 break;
2004 }
2005
2006 return NOTIFY_DONE;
2007}
2008
2009static void orinoco_register_pm_notifier(struct orinoco_private *priv)
2010{
2011 priv->pm_notifier.notifier_call = orinoco_pm_notifier;
2012 register_pm_notifier(&priv->pm_notifier);
2013}
2014
2015static void orinoco_unregister_pm_notifier(struct orinoco_private *priv)
2016{
2017 unregister_pm_notifier(&priv->pm_notifier);
2018}
2019#else
2020#define orinoco_register_pm_notifier(priv) do { } while (0)
2021#define orinoco_unregister_pm_notifier(priv) do { } while (0)
2022#endif
2023
2024
2025
2026
2027
2028int orinoco_init(struct orinoco_private *priv)
2029{
2030 struct device *dev = priv->dev;
2031 struct wiphy *wiphy = priv_to_wiphy(priv);
2032 struct hermes *hw = &priv->hw;
2033 int err = 0;
2034
2035
2036
2037 priv->nicbuf_size = IEEE80211_MAX_FRAME_LEN + ETH_HLEN;
2038
2039
2040 err = hw->ops->init(hw);
2041 if (err != 0) {
2042 dev_err(dev, "Failed to initialize firmware (err = %d)\n",
2043 err);
2044 goto out;
2045 }
2046
2047 err = determine_fw_capabilities(priv, wiphy->fw_version,
2048 sizeof(wiphy->fw_version),
2049 &wiphy->hw_version);
2050 if (err != 0) {
2051 dev_err(dev, "Incompatible firmware, aborting\n");
2052 goto out;
2053 }
2054
2055 if (priv->do_fw_download) {
2056#ifdef CONFIG_HERMES_CACHE_FW_ON_INIT
2057 orinoco_cache_fw(priv, 0);
2058#endif
2059
2060 err = orinoco_download(priv);
2061 if (err)
2062 priv->do_fw_download = 0;
2063
2064
2065 err = determine_fw_capabilities(priv, wiphy->fw_version,
2066 sizeof(wiphy->fw_version),
2067 &wiphy->hw_version);
2068 if (err != 0) {
2069 dev_err(dev, "Incompatible firmware, aborting\n");
2070 goto out;
2071 }
2072 }
2073
2074 if (priv->has_port3)
2075 dev_info(dev, "Ad-hoc demo mode supported\n");
2076 if (priv->has_ibss)
2077 dev_info(dev, "IEEE standard IBSS ad-hoc mode supported\n");
2078 if (priv->has_wep)
2079 dev_info(dev, "WEP supported, %s-bit key\n",
2080 priv->has_big_wep ? "104" : "40");
2081 if (priv->has_wpa) {
2082 dev_info(dev, "WPA-PSK supported\n");
2083 if (orinoco_mic_init(priv)) {
2084 dev_err(dev, "Failed to setup MIC crypto algorithm. "
2085 "Disabling WPA support\n");
2086 priv->has_wpa = 0;
2087 }
2088 }
2089
2090 err = orinoco_hw_read_card_settings(priv, wiphy->perm_addr);
2091 if (err)
2092 goto out;
2093
2094 err = orinoco_hw_allocate_fid(priv);
2095 if (err) {
2096 dev_err(dev, "Failed to allocate NIC buffer!\n");
2097 goto out;
2098 }
2099
2100
2101 priv->iw_mode = NL80211_IFTYPE_STATION;
2102
2103 priv->prefer_port3 = priv->has_port3 && (!priv->has_ibss);
2104 set_port_type(priv);
2105 priv->channel = 0;
2106
2107 priv->promiscuous = 0;
2108 priv->encode_alg = ORINOCO_ALG_NONE;
2109 priv->tx_key = 0;
2110 priv->wpa_enabled = 0;
2111 priv->tkip_cm_active = 0;
2112 priv->key_mgmt = 0;
2113 priv->wpa_ie_len = 0;
2114 priv->wpa_ie = NULL;
2115
2116 if (orinoco_wiphy_register(wiphy)) {
2117 err = -ENODEV;
2118 goto out;
2119 }
2120
2121
2122
2123 orinoco_lock_irq(priv);
2124 priv->hw_unavailable--;
2125 orinoco_unlock_irq(priv);
2126
2127 dev_dbg(dev, "Ready\n");
2128
2129 out:
2130 return err;
2131}
2132EXPORT_SYMBOL(orinoco_init);
2133
2134static const struct net_device_ops orinoco_netdev_ops = {
2135 .ndo_open = orinoco_open,
2136 .ndo_stop = orinoco_stop,
2137 .ndo_start_xmit = orinoco_xmit,
2138 .ndo_set_rx_mode = orinoco_set_multicast_list,
2139 .ndo_change_mtu = orinoco_change_mtu,
2140 .ndo_set_mac_address = eth_mac_addr,
2141 .ndo_validate_addr = eth_validate_addr,
2142 .ndo_tx_timeout = orinoco_tx_timeout,
2143 .ndo_get_stats = orinoco_get_stats,
2144};
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171struct orinoco_private
2172*alloc_orinocodev(int sizeof_card,
2173 struct device *device,
2174 int (*hard_reset)(struct orinoco_private *),
2175 int (*stop_fw)(struct orinoco_private *, int))
2176{
2177 struct orinoco_private *priv;
2178 struct wiphy *wiphy;
2179
2180
2181
2182
2183
2184 wiphy = wiphy_new(&orinoco_cfg_ops,
2185 sizeof(struct orinoco_private) + sizeof_card);
2186 if (!wiphy)
2187 return NULL;
2188
2189 priv = wiphy_priv(wiphy);
2190 priv->dev = device;
2191
2192 if (sizeof_card)
2193 priv->card = (void *)((unsigned long)priv
2194 + sizeof(struct orinoco_private));
2195 else
2196 priv->card = NULL;
2197
2198 orinoco_wiphy_init(wiphy);
2199
2200#ifdef WIRELESS_SPY
2201 priv->wireless_data.spy_data = &priv->spy_data;
2202#endif
2203
2204
2205 priv->hard_reset = hard_reset;
2206 priv->stop_fw = stop_fw;
2207
2208 spin_lock_init(&priv->lock);
2209 priv->open = 0;
2210 priv->hw_unavailable = 1;
2211
2212
2213 INIT_WORK(&priv->reset_work, orinoco_reset);
2214 INIT_WORK(&priv->join_work, orinoco_join_ap);
2215 INIT_WORK(&priv->wevent_work, orinoco_send_wevents);
2216
2217 INIT_LIST_HEAD(&priv->rx_list);
2218 tasklet_init(&priv->rx_tasklet, orinoco_rx_isr_tasklet,
2219 (unsigned long) priv);
2220
2221 spin_lock_init(&priv->scan_lock);
2222 INIT_LIST_HEAD(&priv->scan_list);
2223 INIT_WORK(&priv->process_scan, orinoco_process_scan_results);
2224
2225 priv->last_linkstatus = 0xffff;
2226
2227#if defined(CONFIG_HERMES_CACHE_FW_ON_INIT) || defined(CONFIG_PM_SLEEP)
2228 priv->cached_pri_fw = NULL;
2229 priv->cached_fw = NULL;
2230#endif
2231
2232
2233 orinoco_register_pm_notifier(priv);
2234
2235 return priv;
2236}
2237EXPORT_SYMBOL(alloc_orinocodev);
2238
2239
2240
2241
2242
2243
2244
2245
2246int orinoco_if_add(struct orinoco_private *priv,
2247 unsigned long base_addr,
2248 unsigned int irq,
2249 const struct net_device_ops *ops)
2250{
2251 struct wiphy *wiphy = priv_to_wiphy(priv);
2252 struct wireless_dev *wdev;
2253 struct net_device *dev;
2254 int ret;
2255
2256 dev = alloc_etherdev(sizeof(struct wireless_dev));
2257
2258 if (!dev)
2259 return -ENOMEM;
2260
2261
2262 wdev = netdev_priv(dev);
2263 wdev->wiphy = wiphy;
2264 wdev->iftype = NL80211_IFTYPE_STATION;
2265
2266
2267 dev->ieee80211_ptr = wdev;
2268 dev->watchdog_timeo = HZ;
2269 dev->wireless_handlers = &orinoco_handler_def;
2270#ifdef WIRELESS_SPY
2271 dev->wireless_data = &priv->wireless_data;
2272#endif
2273
2274 if (ops)
2275 dev->netdev_ops = ops;
2276 else
2277 dev->netdev_ops = &orinoco_netdev_ops;
2278
2279
2280
2281
2282 dev->needed_headroom = ENCAPS_OVERHEAD;
2283
2284 netif_carrier_off(dev);
2285
2286 memcpy(dev->dev_addr, wiphy->perm_addr, ETH_ALEN);
2287
2288 dev->base_addr = base_addr;
2289 dev->irq = irq;
2290
2291 SET_NETDEV_DEV(dev, priv->dev);
2292 ret = register_netdev(dev);
2293 if (ret)
2294 goto fail;
2295
2296 priv->ndev = dev;
2297
2298
2299 dev_dbg(priv->dev, "Registerred interface %s.\n", dev->name);
2300
2301 return 0;
2302
2303 fail:
2304 free_netdev(dev);
2305 return ret;
2306}
2307EXPORT_SYMBOL(orinoco_if_add);
2308
2309void orinoco_if_del(struct orinoco_private *priv)
2310{
2311 struct net_device *dev = priv->ndev;
2312
2313 unregister_netdev(dev);
2314 free_netdev(dev);
2315}
2316EXPORT_SYMBOL(orinoco_if_del);
2317
2318void free_orinocodev(struct orinoco_private *priv)
2319{
2320 struct wiphy *wiphy = priv_to_wiphy(priv);
2321 struct orinoco_rx_data *rx_data, *temp;
2322 struct orinoco_scan_data *sd, *sdtemp;
2323
2324 wiphy_unregister(wiphy);
2325
2326
2327
2328
2329 tasklet_kill(&priv->rx_tasklet);
2330
2331
2332 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
2333 list_del(&rx_data->list);
2334
2335 dev_kfree_skb(rx_data->skb);
2336 kfree(rx_data->desc);
2337 kfree(rx_data);
2338 }
2339
2340 cancel_work_sync(&priv->process_scan);
2341
2342 list_for_each_entry_safe(sd, sdtemp, &priv->scan_list, list) {
2343 list_del(&sd->list);
2344
2345 if ((sd->len > 0) && sd->buf)
2346 kfree(sd->buf);
2347 kfree(sd);
2348 }
2349
2350 orinoco_unregister_pm_notifier(priv);
2351 orinoco_uncache_fw(priv);
2352
2353 priv->wpa_ie_len = 0;
2354 kfree(priv->wpa_ie);
2355 orinoco_mic_free(priv);
2356 wiphy_free(wiphy);
2357}
2358EXPORT_SYMBOL(free_orinocodev);
2359
2360int orinoco_up(struct orinoco_private *priv)
2361{
2362 struct net_device *dev = priv->ndev;
2363 unsigned long flags;
2364 int err;
2365
2366 priv->hw.ops->lock_irqsave(&priv->lock, &flags);
2367
2368 err = orinoco_reinit_firmware(priv);
2369 if (err) {
2370 printk(KERN_ERR "%s: Error %d re-initializing firmware\n",
2371 dev->name, err);
2372 goto exit;
2373 }
2374
2375 netif_device_attach(dev);
2376 priv->hw_unavailable--;
2377
2378 if (priv->open && !priv->hw_unavailable) {
2379 err = __orinoco_up(priv);
2380 if (err)
2381 printk(KERN_ERR "%s: Error %d restarting card\n",
2382 dev->name, err);
2383 }
2384
2385exit:
2386 priv->hw.ops->unlock_irqrestore(&priv->lock, &flags);
2387
2388 return 0;
2389}
2390EXPORT_SYMBOL(orinoco_up);
2391
2392void orinoco_down(struct orinoco_private *priv)
2393{
2394 struct net_device *dev = priv->ndev;
2395 unsigned long flags;
2396 int err;
2397
2398 priv->hw.ops->lock_irqsave(&priv->lock, &flags);
2399 err = __orinoco_down(priv);
2400 if (err)
2401 printk(KERN_WARNING "%s: Error %d downing interface\n",
2402 dev->name, err);
2403
2404 netif_device_detach(dev);
2405 priv->hw_unavailable++;
2406 priv->hw.ops->unlock_irqrestore(&priv->lock, &flags);
2407}
2408EXPORT_SYMBOL(orinoco_down);
2409
2410
2411
2412
2413
2414
2415
2416static char version[] __initdata = DRIVER_NAME " " DRIVER_VERSION
2417 " (David Gibson <hermes@gibson.dropbear.id.au>, "
2418 "Pavel Roskin <proski@gnu.org>, et al)";
2419
2420static int __init init_orinoco(void)
2421{
2422 printk(KERN_DEBUG "%s\n", version);
2423 return 0;
2424}
2425
2426static void __exit exit_orinoco(void)
2427{
2428}
2429
2430module_init(init_orinoco);
2431module_exit(exit_orinoco);
2432