1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77#define DRIVER_NAME "orinoco"
78
79#include <linux/module.h>
80#include <linux/kernel.h>
81#include <linux/slab.h>
82#include <linux/init.h>
83#include <linux/delay.h>
84#include <linux/device.h>
85#include <linux/netdevice.h>
86#include <linux/etherdevice.h>
87#include <linux/suspend.h>
88#include <linux/if_arp.h>
89#include <linux/wireless.h>
90#include <linux/ieee80211.h>
91#include <net/iw_handler.h>
92#include <net/cfg80211.h>
93
94#include "hermes_rid.h"
95#include "hermes_dld.h"
96#include "hw.h"
97#include "scan.h"
98#include "mic.h"
99#include "fw.h"
100#include "wext.h"
101#include "cfg.h"
102#include "main.h"
103
104#include "orinoco.h"
105
106
107
108
109
110MODULE_AUTHOR("Pavel Roskin <proski@gnu.org> & "
111 "David Gibson <hermes@gibson.dropbear.id.au>");
112MODULE_DESCRIPTION("Driver for Lucent Orinoco, Prism II based "
113 "and similar wireless cards");
114MODULE_LICENSE("Dual MPL/GPL");
115
116
117#ifdef ORINOCO_DEBUG
118int orinoco_debug = ORINOCO_DEBUG;
119EXPORT_SYMBOL(orinoco_debug);
120module_param(orinoco_debug, int, 0644);
121MODULE_PARM_DESC(orinoco_debug, "Debug level");
122#endif
123
124static bool suppress_linkstatus;
125module_param(suppress_linkstatus, bool, 0644);
126MODULE_PARM_DESC(suppress_linkstatus, "Don't log link status changes");
127
128static int ignore_disconnect;
129module_param(ignore_disconnect, int, 0644);
130MODULE_PARM_DESC(ignore_disconnect,
131 "Don't report lost link to the network layer");
132
133int force_monitor;
134module_param(force_monitor, int, 0644);
135MODULE_PARM_DESC(force_monitor, "Allow monitor mode for all firmware versions");
136
137
138
139
140
141
142static const u8 encaps_hdr[] = {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00};
143#define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2)
144
145#define ORINOCO_MIN_MTU 256
146#define ORINOCO_MAX_MTU (IEEE80211_MAX_DATA_LEN - ENCAPS_OVERHEAD)
147
148#define MAX_IRQLOOPS_PER_IRQ 10
149#define MAX_IRQLOOPS_PER_JIFFY (20000 / HZ)
150
151
152
153
154#define DUMMY_FID 0xFFFF
155
156
157
158#define MAX_MULTICAST(priv) (HERMES_MAX_MULTICAST)
159
160#define ORINOCO_INTEN (HERMES_EV_RX | HERMES_EV_ALLOC \
161 | HERMES_EV_TX | HERMES_EV_TXEXC \
162 | HERMES_EV_WTERR | HERMES_EV_INFO \
163 | HERMES_EV_INFDROP)
164
165
166
167
168
169
170struct hermes_txexc_data {
171 struct hermes_tx_descriptor desc;
172 __le16 frame_ctl;
173 __le16 duration_id;
174 u8 addr1[ETH_ALEN];
175} __packed;
176
177
178struct hermes_rx_descriptor {
179
180 __le16 status;
181 __le32 time;
182 u8 silence;
183 u8 signal;
184 u8 rate;
185 u8 rxflow;
186 __le32 reserved;
187
188
189 __le16 frame_ctl;
190 __le16 duration_id;
191 u8 addr1[ETH_ALEN];
192 u8 addr2[ETH_ALEN];
193 u8 addr3[ETH_ALEN];
194 __le16 seq_ctl;
195 u8 addr4[ETH_ALEN];
196
197
198 __le16 data_len;
199} __packed;
200
201struct orinoco_rx_data {
202 struct hermes_rx_descriptor *desc;
203 struct sk_buff *skb;
204 struct list_head list;
205};
206
207struct orinoco_scan_data {
208 void *buf;
209 size_t len;
210 int type;
211 struct list_head list;
212};
213
214
215
216
217
218static int __orinoco_set_multicast_list(struct net_device *dev);
219static int __orinoco_up(struct orinoco_private *priv);
220static int __orinoco_down(struct orinoco_private *priv);
221static int __orinoco_commit(struct orinoco_private *priv);
222
223
224
225
226
227void set_port_type(struct orinoco_private *priv)
228{
229 switch (priv->iw_mode) {
230 case NL80211_IFTYPE_STATION:
231 priv->port_type = 1;
232 priv->createibss = 0;
233 break;
234 case NL80211_IFTYPE_ADHOC:
235 if (priv->prefer_port3) {
236 priv->port_type = 3;
237 priv->createibss = 0;
238 } else {
239 priv->port_type = priv->ibss_port;
240 priv->createibss = 1;
241 }
242 break;
243 case NL80211_IFTYPE_MONITOR:
244 priv->port_type = 3;
245 priv->createibss = 0;
246 break;
247 default:
248 printk(KERN_ERR "%s: Invalid priv->iw_mode in set_port_type()\n",
249 priv->ndev->name);
250 }
251}
252
253
254
255
256
257int orinoco_open(struct net_device *dev)
258{
259 struct orinoco_private *priv = ndev_priv(dev);
260 unsigned long flags;
261 int err;
262
263 if (orinoco_lock(priv, &flags) != 0)
264 return -EBUSY;
265
266 err = __orinoco_up(priv);
267
268 if (!err)
269 priv->open = 1;
270
271 orinoco_unlock(priv, &flags);
272
273 return err;
274}
275EXPORT_SYMBOL(orinoco_open);
276
277int orinoco_stop(struct net_device *dev)
278{
279 struct orinoco_private *priv = ndev_priv(dev);
280 int err = 0;
281
282
283
284
285 orinoco_lock_irq(priv);
286
287 priv->open = 0;
288
289 err = __orinoco_down(priv);
290
291 orinoco_unlock_irq(priv);
292
293 return err;
294}
295EXPORT_SYMBOL(orinoco_stop);
296
297void orinoco_set_multicast_list(struct net_device *dev)
298{
299 struct orinoco_private *priv = ndev_priv(dev);
300 unsigned long flags;
301
302 if (orinoco_lock(priv, &flags) != 0) {
303 printk(KERN_DEBUG "%s: orinoco_set_multicast_list() "
304 "called when hw_unavailable\n", dev->name);
305 return;
306 }
307
308 __orinoco_set_multicast_list(dev);
309 orinoco_unlock(priv, &flags);
310}
311EXPORT_SYMBOL(orinoco_set_multicast_list);
312
313int orinoco_change_mtu(struct net_device *dev, int new_mtu)
314{
315 struct orinoco_private *priv = ndev_priv(dev);
316
317
318 if ((new_mtu + ENCAPS_OVERHEAD + sizeof(struct ieee80211_hdr)) >
319 (priv->nicbuf_size - ETH_HLEN))
320 return -EINVAL;
321
322 dev->mtu = new_mtu;
323
324 return 0;
325}
326EXPORT_SYMBOL(orinoco_change_mtu);
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356int orinoco_process_xmit_skb(struct sk_buff *skb,
357 struct net_device *dev,
358 struct orinoco_private *priv,
359 int *tx_control,
360 u8 *mic_buf)
361{
362 struct orinoco_tkip_key *key;
363 struct ethhdr *eh;
364 int do_mic;
365
366 key = (struct orinoco_tkip_key *) priv->keys[priv->tx_key].key;
367
368 do_mic = ((priv->encode_alg == ORINOCO_ALG_TKIP) &&
369 (key != NULL));
370
371 if (do_mic)
372 *tx_control |= (priv->tx_key << HERMES_MIC_KEY_ID_SHIFT) |
373 HERMES_TXCTRL_MIC;
374
375 eh = (struct ethhdr *)skb->data;
376
377
378 if (ntohs(eh->h_proto) > ETH_DATA_LEN) {
379 struct header_struct {
380 struct ethhdr eth;
381 u8 encap[6];
382 } __packed hdr;
383 int len = skb->len + sizeof(encaps_hdr) - (2 * ETH_ALEN);
384
385 if (skb_headroom(skb) < ENCAPS_OVERHEAD) {
386 if (net_ratelimit())
387 printk(KERN_ERR
388 "%s: Not enough headroom for 802.2 headers %d\n",
389 dev->name, skb_headroom(skb));
390 return -ENOMEM;
391 }
392
393
394 memcpy(&hdr.eth, eh, 2 * ETH_ALEN);
395 hdr.eth.h_proto = htons(len);
396 memcpy(hdr.encap, encaps_hdr, sizeof(encaps_hdr));
397
398
399 eh = skb_push(skb, ENCAPS_OVERHEAD);
400 memcpy(eh, &hdr, sizeof(hdr));
401 }
402
403
404 if (do_mic) {
405 size_t len = skb->len - ETH_HLEN;
406 u8 *mic = &mic_buf[0];
407
408
409
410 if (skb->len % 2) {
411 *mic = skb->data[skb->len - 1];
412 mic++;
413 }
414
415 orinoco_mic(priv->tx_tfm_mic, key->tx_mic,
416 eh->h_dest, eh->h_source, 0 ,
417 skb->data + ETH_HLEN,
418 len, mic);
419 }
420
421 return 0;
422}
423EXPORT_SYMBOL(orinoco_process_xmit_skb);
424
425static netdev_tx_t orinoco_xmit(struct sk_buff *skb, struct net_device *dev)
426{
427 struct orinoco_private *priv = ndev_priv(dev);
428 struct net_device_stats *stats = &dev->stats;
429 struct hermes *hw = &priv->hw;
430 int err = 0;
431 u16 txfid = priv->txfid;
432 int tx_control;
433 unsigned long flags;
434 u8 mic_buf[MICHAEL_MIC_LEN + 1];
435
436 if (!netif_running(dev)) {
437 printk(KERN_ERR "%s: Tx on stopped device!\n",
438 dev->name);
439 return NETDEV_TX_BUSY;
440 }
441
442 if (netif_queue_stopped(dev)) {
443 printk(KERN_DEBUG "%s: Tx while transmitter busy!\n",
444 dev->name);
445 return NETDEV_TX_BUSY;
446 }
447
448 if (orinoco_lock(priv, &flags) != 0) {
449 printk(KERN_ERR "%s: orinoco_xmit() called while hw_unavailable\n",
450 dev->name);
451 return NETDEV_TX_BUSY;
452 }
453
454 if (!netif_carrier_ok(dev) ||
455 (priv->iw_mode == NL80211_IFTYPE_MONITOR)) {
456
457
458
459 goto drop;
460 }
461
462
463 if (skb->len < ETH_HLEN)
464 goto drop;
465
466 tx_control = HERMES_TXCTRL_TX_OK | HERMES_TXCTRL_TX_EX;
467
468 err = orinoco_process_xmit_skb(skb, dev, priv, &tx_control,
469 &mic_buf[0]);
470 if (err)
471 goto drop;
472
473 if (priv->has_alt_txcntl) {
474
475
476
477
478 char desc[HERMES_802_3_OFFSET];
479 __le16 *txcntl = (__le16 *) &desc[HERMES_TXCNTL2_OFFSET];
480
481 memset(&desc, 0, sizeof(desc));
482
483 *txcntl = cpu_to_le16(tx_control);
484 err = hw->ops->bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
485 txfid, 0);
486 if (err) {
487 if (net_ratelimit())
488 printk(KERN_ERR "%s: Error %d writing Tx "
489 "descriptor to BAP\n", dev->name, err);
490 goto busy;
491 }
492 } else {
493 struct hermes_tx_descriptor desc;
494
495 memset(&desc, 0, sizeof(desc));
496
497 desc.tx_control = cpu_to_le16(tx_control);
498 err = hw->ops->bap_pwrite(hw, USER_BAP, &desc, sizeof(desc),
499 txfid, 0);
500 if (err) {
501 if (net_ratelimit())
502 printk(KERN_ERR "%s: Error %d writing Tx "
503 "descriptor to BAP\n", dev->name, err);
504 goto busy;
505 }
506
507
508
509
510 hermes_clear_words(hw, HERMES_DATA0,
511 HERMES_802_3_OFFSET - HERMES_802_11_OFFSET);
512 }
513
514 err = hw->ops->bap_pwrite(hw, USER_BAP, skb->data, skb->len,
515 txfid, HERMES_802_3_OFFSET);
516 if (err) {
517 printk(KERN_ERR "%s: Error %d writing packet to BAP\n",
518 dev->name, err);
519 goto busy;
520 }
521
522 if (tx_control & HERMES_TXCTRL_MIC) {
523 size_t offset = HERMES_802_3_OFFSET + skb->len;
524 size_t len = MICHAEL_MIC_LEN;
525
526 if (offset % 2) {
527 offset--;
528 len++;
529 }
530 err = hw->ops->bap_pwrite(hw, USER_BAP, &mic_buf[0], len,
531 txfid, offset);
532 if (err) {
533 printk(KERN_ERR "%s: Error %d writing MIC to BAP\n",
534 dev->name, err);
535 goto busy;
536 }
537 }
538
539
540 netif_stop_queue(dev);
541
542 err = hw->ops->cmd_wait(hw, HERMES_CMD_TX | HERMES_CMD_RECL,
543 txfid, NULL);
544 if (err) {
545 netif_start_queue(dev);
546 if (net_ratelimit())
547 printk(KERN_ERR "%s: Error %d transmitting packet\n",
548 dev->name, err);
549 goto busy;
550 }
551
552 stats->tx_bytes += HERMES_802_3_OFFSET + skb->len;
553 goto ok;
554
555 drop:
556 stats->tx_errors++;
557 stats->tx_dropped++;
558
559 ok:
560 orinoco_unlock(priv, &flags);
561 dev_kfree_skb(skb);
562 return NETDEV_TX_OK;
563
564 busy:
565 if (err == -EIO)
566 schedule_work(&priv->reset_work);
567 orinoco_unlock(priv, &flags);
568 return NETDEV_TX_BUSY;
569}
570
571static void __orinoco_ev_alloc(struct net_device *dev, struct hermes *hw)
572{
573 struct orinoco_private *priv = ndev_priv(dev);
574 u16 fid = hermes_read_regn(hw, ALLOCFID);
575
576 if (fid != priv->txfid) {
577 if (fid != DUMMY_FID)
578 printk(KERN_WARNING "%s: Allocate event on unexpected fid (%04X)\n",
579 dev->name, fid);
580 return;
581 }
582
583 hermes_write_regn(hw, ALLOCFID, DUMMY_FID);
584}
585
586static void __orinoco_ev_tx(struct net_device *dev, struct hermes *hw)
587{
588 dev->stats.tx_packets++;
589
590 netif_wake_queue(dev);
591
592 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
593}
594
595static void __orinoco_ev_txexc(struct net_device *dev, struct hermes *hw)
596{
597 struct net_device_stats *stats = &dev->stats;
598 u16 fid = hermes_read_regn(hw, TXCOMPLFID);
599 u16 status;
600 struct hermes_txexc_data hdr;
601 int err = 0;
602
603 if (fid == DUMMY_FID)
604 return;
605
606
607 err = hw->ops->bap_pread(hw, IRQ_BAP, &hdr,
608 sizeof(struct hermes_txexc_data),
609 fid, 0);
610
611 hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
612 stats->tx_errors++;
613
614 if (err) {
615 printk(KERN_WARNING "%s: Unable to read descriptor on Tx error "
616 "(FID=%04X error %d)\n",
617 dev->name, fid, err);
618 return;
619 }
620
621 DEBUG(1, "%s: Tx error, err %d (FID=%04X)\n", dev->name,
622 err, fid);
623
624
625
626
627
628 status = le16_to_cpu(hdr.desc.status);
629 if (status & (HERMES_TXSTAT_RETRYERR | HERMES_TXSTAT_AGEDERR)) {
630 union iwreq_data wrqu;
631
632
633
634
635
636
637
638
639
640 memcpy(wrqu.addr.sa_data, hdr.addr1, ETH_ALEN);
641 wrqu.addr.sa_family = ARPHRD_ETHER;
642
643
644 wireless_send_event(dev, IWEVTXDROP, &wrqu, NULL);
645 }
646
647 netif_wake_queue(dev);
648}
649
650void orinoco_tx_timeout(struct net_device *dev, unsigned int txqueue)
651{
652 struct orinoco_private *priv = ndev_priv(dev);
653 struct net_device_stats *stats = &dev->stats;
654 struct hermes *hw = &priv->hw;
655
656 printk(KERN_WARNING "%s: Tx timeout! "
657 "ALLOCFID=%04x, TXCOMPLFID=%04x, EVSTAT=%04x\n",
658 dev->name, hermes_read_regn(hw, ALLOCFID),
659 hermes_read_regn(hw, TXCOMPLFID), hermes_read_regn(hw, EVSTAT));
660
661 stats->tx_errors++;
662
663 schedule_work(&priv->reset_work);
664}
665EXPORT_SYMBOL(orinoco_tx_timeout);
666
667
668
669
670
671
672
673static inline int is_ethersnap(void *_hdr)
674{
675 u8 *hdr = _hdr;
676
677
678
679
680
681
682 return (memcmp(hdr, &encaps_hdr, 5) == 0)
683 && ((hdr[5] == 0x00) || (hdr[5] == 0xf8));
684}
685
686static inline void orinoco_spy_gather(struct net_device *dev, u_char *mac,
687 int level, int noise)
688{
689 struct iw_quality wstats;
690 wstats.level = level - 0x95;
691 wstats.noise = noise - 0x95;
692 wstats.qual = (level > noise) ? (level - noise) : 0;
693 wstats.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
694
695 wireless_spy_update(dev, mac, &wstats);
696}
697
698static void orinoco_stat_gather(struct net_device *dev,
699 struct sk_buff *skb,
700 struct hermes_rx_descriptor *desc)
701{
702 struct orinoco_private *priv = ndev_priv(dev);
703
704
705
706
707
708
709
710
711
712
713
714 if (SPY_NUMBER(priv)) {
715 orinoco_spy_gather(dev, skb_mac_header(skb) + ETH_ALEN,
716 desc->signal, desc->silence);
717 }
718}
719
720
721
722
723
724
725
726
727
728
729
730static void orinoco_rx_monitor(struct net_device *dev, u16 rxfid,
731 struct hermes_rx_descriptor *desc)
732{
733 u32 hdrlen = 30;
734 u32 datalen = 0;
735 u16 fc;
736 int err;
737 int len;
738 struct sk_buff *skb;
739 struct orinoco_private *priv = ndev_priv(dev);
740 struct net_device_stats *stats = &dev->stats;
741 struct hermes *hw = &priv->hw;
742
743 len = le16_to_cpu(desc->data_len);
744
745
746 fc = le16_to_cpu(desc->frame_ctl);
747 switch (fc & IEEE80211_FCTL_FTYPE) {
748 case IEEE80211_FTYPE_DATA:
749 if ((fc & IEEE80211_FCTL_TODS)
750 && (fc & IEEE80211_FCTL_FROMDS))
751 hdrlen = 30;
752 else
753 hdrlen = 24;
754 datalen = len;
755 break;
756 case IEEE80211_FTYPE_MGMT:
757 hdrlen = 24;
758 datalen = len;
759 break;
760 case IEEE80211_FTYPE_CTL:
761 switch (fc & IEEE80211_FCTL_STYPE) {
762 case IEEE80211_STYPE_PSPOLL:
763 case IEEE80211_STYPE_RTS:
764 case IEEE80211_STYPE_CFEND:
765 case IEEE80211_STYPE_CFENDACK:
766 hdrlen = 16;
767 break;
768 case IEEE80211_STYPE_CTS:
769 case IEEE80211_STYPE_ACK:
770 hdrlen = 10;
771 break;
772 }
773 break;
774 default:
775
776 break;
777 }
778
779
780 if (datalen > IEEE80211_MAX_DATA_LEN + 12) {
781 printk(KERN_DEBUG "%s: oversized monitor frame, "
782 "data length = %d\n", dev->name, datalen);
783 stats->rx_length_errors++;
784 goto update_stats;
785 }
786
787 skb = dev_alloc_skb(hdrlen + datalen);
788 if (!skb) {
789 printk(KERN_WARNING "%s: Cannot allocate skb for monitor frame\n",
790 dev->name);
791 goto update_stats;
792 }
793
794
795 skb_put_data(skb, &(desc->frame_ctl), hdrlen);
796 skb_reset_mac_header(skb);
797
798
799 if (datalen > 0) {
800 err = hw->ops->bap_pread(hw, IRQ_BAP, skb_put(skb, datalen),
801 ALIGN(datalen, 2), rxfid,
802 HERMES_802_2_OFFSET);
803 if (err) {
804 printk(KERN_ERR "%s: error %d reading monitor frame\n",
805 dev->name, err);
806 goto drop;
807 }
808 }
809
810 skb->dev = dev;
811 skb->ip_summed = CHECKSUM_NONE;
812 skb->pkt_type = PACKET_OTHERHOST;
813 skb->protocol = cpu_to_be16(ETH_P_802_2);
814
815 stats->rx_packets++;
816 stats->rx_bytes += skb->len;
817
818 netif_rx(skb);
819 return;
820
821 drop:
822 dev_kfree_skb_irq(skb);
823 update_stats:
824 stats->rx_errors++;
825 stats->rx_dropped++;
826}
827
828void __orinoco_ev_rx(struct net_device *dev, struct hermes *hw)
829{
830 struct orinoco_private *priv = ndev_priv(dev);
831 struct net_device_stats *stats = &dev->stats;
832 struct iw_statistics *wstats = &priv->wstats;
833 struct sk_buff *skb = NULL;
834 u16 rxfid, status;
835 int length;
836 struct hermes_rx_descriptor *desc;
837 struct orinoco_rx_data *rx_data;
838 int err;
839
840 desc = kmalloc(sizeof(*desc), GFP_ATOMIC);
841 if (!desc)
842 goto update_stats;
843
844 rxfid = hermes_read_regn(hw, RXFID);
845
846 err = hw->ops->bap_pread(hw, IRQ_BAP, desc, sizeof(*desc),
847 rxfid, 0);
848 if (err) {
849 printk(KERN_ERR "%s: error %d reading Rx descriptor. "
850 "Frame dropped.\n", dev->name, err);
851 goto update_stats;
852 }
853
854 status = le16_to_cpu(desc->status);
855
856 if (status & HERMES_RXSTAT_BADCRC) {
857 DEBUG(1, "%s: Bad CRC on Rx. Frame dropped.\n",
858 dev->name);
859 stats->rx_crc_errors++;
860 goto update_stats;
861 }
862
863
864 if (priv->iw_mode == NL80211_IFTYPE_MONITOR) {
865 orinoco_rx_monitor(dev, rxfid, desc);
866 goto out;
867 }
868
869 if (status & HERMES_RXSTAT_UNDECRYPTABLE) {
870 DEBUG(1, "%s: Undecryptable frame on Rx. Frame dropped.\n",
871 dev->name);
872 wstats->discard.code++;
873 goto update_stats;
874 }
875
876 length = le16_to_cpu(desc->data_len);
877
878
879 if (length < 3) {
880
881
882
883 goto out;
884 }
885 if (length > IEEE80211_MAX_DATA_LEN) {
886 printk(KERN_WARNING "%s: Oversized frame received (%d bytes)\n",
887 dev->name, length);
888 stats->rx_length_errors++;
889 goto update_stats;
890 }
891
892
893
894 if (status & HERMES_RXSTAT_MIC)
895 length += MICHAEL_MIC_LEN;
896
897
898
899
900
901
902 skb = dev_alloc_skb(length + ETH_HLEN + 2 + 1);
903 if (!skb) {
904 printk(KERN_WARNING "%s: Can't allocate skb for Rx\n",
905 dev->name);
906 goto update_stats;
907 }
908
909
910
911
912 skb_reserve(skb, ETH_HLEN + 2);
913
914 err = hw->ops->bap_pread(hw, IRQ_BAP, skb_put(skb, length),
915 ALIGN(length, 2), rxfid,
916 HERMES_802_2_OFFSET);
917 if (err) {
918 printk(KERN_ERR "%s: error %d reading frame. "
919 "Frame dropped.\n", dev->name, err);
920 goto drop;
921 }
922
923
924 rx_data = kzalloc(sizeof(*rx_data), GFP_ATOMIC);
925 if (!rx_data)
926 goto drop;
927
928 rx_data->desc = desc;
929 rx_data->skb = skb;
930 list_add_tail(&rx_data->list, &priv->rx_list);
931 tasklet_schedule(&priv->rx_tasklet);
932
933 return;
934
935drop:
936 dev_kfree_skb_irq(skb);
937update_stats:
938 stats->rx_errors++;
939 stats->rx_dropped++;
940out:
941 kfree(desc);
942}
943EXPORT_SYMBOL(__orinoco_ev_rx);
944
945static void orinoco_rx(struct net_device *dev,
946 struct hermes_rx_descriptor *desc,
947 struct sk_buff *skb)
948{
949 struct orinoco_private *priv = ndev_priv(dev);
950 struct net_device_stats *stats = &dev->stats;
951 u16 status, fc;
952 int length;
953 struct ethhdr *hdr;
954
955 status = le16_to_cpu(desc->status);
956 length = le16_to_cpu(desc->data_len);
957 fc = le16_to_cpu(desc->frame_ctl);
958
959
960 if (status & HERMES_RXSTAT_MIC) {
961 struct orinoco_tkip_key *key;
962 int key_id = ((status & HERMES_RXSTAT_MIC_KEY_ID) >>
963 HERMES_MIC_KEY_ID_SHIFT);
964 u8 mic[MICHAEL_MIC_LEN];
965 u8 *rxmic;
966 u8 *src = (fc & IEEE80211_FCTL_FROMDS) ?
967 desc->addr3 : desc->addr2;
968
969
970 rxmic = skb->data + skb->len - MICHAEL_MIC_LEN;
971
972 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
973 length -= MICHAEL_MIC_LEN;
974
975 key = (struct orinoco_tkip_key *) priv->keys[key_id].key;
976
977 if (!key) {
978 printk(KERN_WARNING "%s: Received encrypted frame from "
979 "%pM using key %i, but key is not installed\n",
980 dev->name, src, key_id);
981 goto drop;
982 }
983
984 orinoco_mic(priv->rx_tfm_mic, key->rx_mic, desc->addr1, src,
985 0,
986 skb->data, skb->len, &mic[0]);
987
988 if (memcmp(mic, rxmic,
989 MICHAEL_MIC_LEN)) {
990 union iwreq_data wrqu;
991 struct iw_michaelmicfailure wxmic;
992
993 printk(KERN_WARNING "%s: "
994 "Invalid Michael MIC in data frame from %pM, "
995 "using key %i\n",
996 dev->name, src, key_id);
997
998
999
1000
1001 memset(&wxmic, 0, sizeof(wxmic));
1002 wxmic.flags = key_id & IW_MICFAILURE_KEY_ID;
1003 wxmic.flags |= (desc->addr1[0] & 1) ?
1004 IW_MICFAILURE_GROUP : IW_MICFAILURE_PAIRWISE;
1005 wxmic.src_addr.sa_family = ARPHRD_ETHER;
1006 memcpy(wxmic.src_addr.sa_data, src, ETH_ALEN);
1007
1008 (void) orinoco_hw_get_tkip_iv(priv, key_id,
1009 &wxmic.tsc[0]);
1010
1011 memset(&wrqu, 0, sizeof(wrqu));
1012 wrqu.data.length = sizeof(wxmic);
1013 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu,
1014 (char *) &wxmic);
1015
1016 goto drop;
1017 }
1018 }
1019
1020
1021
1022
1023
1024
1025 if (length >= ENCAPS_OVERHEAD &&
1026 (((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_1042) ||
1027 ((status & HERMES_RXSTAT_MSGTYPE) == HERMES_RXSTAT_TUNNEL) ||
1028 is_ethersnap(skb->data))) {
1029
1030
1031
1032 hdr = skb_push(skb, ETH_HLEN - ENCAPS_OVERHEAD);
1033 } else {
1034
1035 hdr = skb_push(skb, ETH_HLEN);
1036 hdr->h_proto = htons(length);
1037 }
1038 memcpy(hdr->h_dest, desc->addr1, ETH_ALEN);
1039 if (fc & IEEE80211_FCTL_FROMDS)
1040 memcpy(hdr->h_source, desc->addr3, ETH_ALEN);
1041 else
1042 memcpy(hdr->h_source, desc->addr2, ETH_ALEN);
1043
1044 skb->protocol = eth_type_trans(skb, dev);
1045 skb->ip_summed = CHECKSUM_NONE;
1046 if (fc & IEEE80211_FCTL_TODS)
1047 skb->pkt_type = PACKET_OTHERHOST;
1048
1049
1050 orinoco_stat_gather(dev, skb, desc);
1051
1052
1053 netif_rx(skb);
1054 stats->rx_packets++;
1055 stats->rx_bytes += length;
1056
1057 return;
1058
1059 drop:
1060 dev_kfree_skb(skb);
1061 stats->rx_errors++;
1062 stats->rx_dropped++;
1063}
1064
1065static void orinoco_rx_isr_tasklet(struct tasklet_struct *t)
1066{
1067 struct orinoco_private *priv = from_tasklet(priv, t, rx_tasklet);
1068 struct net_device *dev = priv->ndev;
1069 struct orinoco_rx_data *rx_data, *temp;
1070 struct hermes_rx_descriptor *desc;
1071 struct sk_buff *skb;
1072 unsigned long flags;
1073
1074
1075
1076
1077
1078
1079
1080 if (orinoco_lock(priv, &flags) != 0)
1081 return;
1082
1083
1084 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
1085 desc = rx_data->desc;
1086 skb = rx_data->skb;
1087 list_del(&rx_data->list);
1088 kfree(rx_data);
1089
1090 orinoco_rx(dev, desc, skb);
1091
1092 kfree(desc);
1093 }
1094
1095 orinoco_unlock(priv, &flags);
1096}
1097
1098
1099
1100
1101
1102static void print_linkstatus(struct net_device *dev, u16 status)
1103{
1104 char *s;
1105
1106 if (suppress_linkstatus)
1107 return;
1108
1109 switch (status) {
1110 case HERMES_LINKSTATUS_NOT_CONNECTED:
1111 s = "Not Connected";
1112 break;
1113 case HERMES_LINKSTATUS_CONNECTED:
1114 s = "Connected";
1115 break;
1116 case HERMES_LINKSTATUS_DISCONNECTED:
1117 s = "Disconnected";
1118 break;
1119 case HERMES_LINKSTATUS_AP_CHANGE:
1120 s = "AP Changed";
1121 break;
1122 case HERMES_LINKSTATUS_AP_OUT_OF_RANGE:
1123 s = "AP Out of Range";
1124 break;
1125 case HERMES_LINKSTATUS_AP_IN_RANGE:
1126 s = "AP In Range";
1127 break;
1128 case HERMES_LINKSTATUS_ASSOC_FAILED:
1129 s = "Association Failed";
1130 break;
1131 default:
1132 s = "UNKNOWN";
1133 }
1134
1135 printk(KERN_DEBUG "%s: New link status: %s (%04x)\n",
1136 dev->name, s, status);
1137}
1138
1139
1140static void orinoco_join_ap(struct work_struct *work)
1141{
1142 struct orinoco_private *priv =
1143 container_of(work, struct orinoco_private, join_work);
1144 struct net_device *dev = priv->ndev;
1145 struct hermes *hw = &priv->hw;
1146 int err;
1147 unsigned long flags;
1148 struct join_req {
1149 u8 bssid[ETH_ALEN];
1150 __le16 channel;
1151 } __packed req;
1152 const int atom_len = offsetof(struct prism2_scan_apinfo, atim);
1153 struct prism2_scan_apinfo *atom = NULL;
1154 int offset = 4;
1155 int found = 0;
1156 u8 *buf;
1157 u16 len;
1158
1159
1160 buf = kmalloc(MAX_SCAN_LEN, GFP_KERNEL);
1161 if (!buf)
1162 return;
1163
1164 if (orinoco_lock(priv, &flags) != 0)
1165 goto fail_lock;
1166
1167
1168 if (!priv->bssid_fixed)
1169 goto out;
1170
1171 if (strlen(priv->desired_essid) == 0)
1172 goto out;
1173
1174
1175 err = hw->ops->read_ltv(hw, USER_BAP,
1176 HERMES_RID_SCANRESULTSTABLE,
1177 MAX_SCAN_LEN, &len, buf);
1178 if (err) {
1179 printk(KERN_ERR "%s: Cannot read scan results\n",
1180 dev->name);
1181 goto out;
1182 }
1183
1184 len = HERMES_RECLEN_TO_BYTES(len);
1185
1186
1187
1188 for (; offset + atom_len <= len; offset += atom_len) {
1189 atom = (struct prism2_scan_apinfo *) (buf + offset);
1190 if (memcmp(&atom->bssid, priv->desired_bssid, ETH_ALEN) == 0) {
1191 found = 1;
1192 break;
1193 }
1194 }
1195
1196 if (!found) {
1197 DEBUG(1, "%s: Requested AP not found in scan results\n",
1198 dev->name);
1199 goto out;
1200 }
1201
1202 memcpy(req.bssid, priv->desired_bssid, ETH_ALEN);
1203 req.channel = atom->channel;
1204 err = HERMES_WRITE_RECORD(hw, USER_BAP, HERMES_RID_CNFJOINREQUEST,
1205 &req);
1206 if (err)
1207 printk(KERN_ERR "%s: Error issuing join request\n", dev->name);
1208
1209 out:
1210 orinoco_unlock(priv, &flags);
1211
1212 fail_lock:
1213 kfree(buf);
1214}
1215
1216
1217static void orinoco_send_bssid_wevent(struct orinoco_private *priv)
1218{
1219 struct net_device *dev = priv->ndev;
1220 struct hermes *hw = &priv->hw;
1221 union iwreq_data wrqu;
1222 int err;
1223
1224 err = hw->ops->read_ltv(hw, USER_BAP, HERMES_RID_CURRENTBSSID,
1225 ETH_ALEN, NULL, wrqu.ap_addr.sa_data);
1226 if (err != 0)
1227 return;
1228
1229 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1230
1231
1232 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
1233}
1234
1235static void orinoco_send_assocreqie_wevent(struct orinoco_private *priv)
1236{
1237 struct net_device *dev = priv->ndev;
1238 struct hermes *hw = &priv->hw;
1239 union iwreq_data wrqu;
1240 int err;
1241 u8 buf[88];
1242 u8 *ie;
1243
1244 if (!priv->has_wpa)
1245 return;
1246
1247 err = hw->ops->read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_ASSOC_REQ_INFO,
1248 sizeof(buf), NULL, &buf);
1249 if (err != 0)
1250 return;
1251
1252 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1253 if (ie) {
1254 int rem = sizeof(buf) - (ie - &buf[0]);
1255 wrqu.data.length = ie[1] + 2;
1256 if (wrqu.data.length > rem)
1257 wrqu.data.length = rem;
1258
1259 if (wrqu.data.length)
1260
1261 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, ie);
1262 }
1263}
1264
1265static void orinoco_send_assocrespie_wevent(struct orinoco_private *priv)
1266{
1267 struct net_device *dev = priv->ndev;
1268 struct hermes *hw = &priv->hw;
1269 union iwreq_data wrqu;
1270 int err;
1271 u8 buf[88];
1272 u8 *ie;
1273
1274 if (!priv->has_wpa)
1275 return;
1276
1277 err = hw->ops->read_ltv(hw, USER_BAP,
1278 HERMES_RID_CURRENT_ASSOC_RESP_INFO,
1279 sizeof(buf), NULL, &buf);
1280 if (err != 0)
1281 return;
1282
1283 ie = orinoco_get_wpa_ie(buf, sizeof(buf));
1284 if (ie) {
1285 int rem = sizeof(buf) - (ie - &buf[0]);
1286 wrqu.data.length = ie[1] + 2;
1287 if (wrqu.data.length > rem)
1288 wrqu.data.length = rem;
1289
1290 if (wrqu.data.length)
1291
1292 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, ie);
1293 }
1294}
1295
1296static void orinoco_send_wevents(struct work_struct *work)
1297{
1298 struct orinoco_private *priv =
1299 container_of(work, struct orinoco_private, wevent_work);
1300 unsigned long flags;
1301
1302 if (orinoco_lock(priv, &flags) != 0)
1303 return;
1304
1305 orinoco_send_assocreqie_wevent(priv);
1306 orinoco_send_assocrespie_wevent(priv);
1307 orinoco_send_bssid_wevent(priv);
1308
1309 orinoco_unlock(priv, &flags);
1310}
1311
1312static void qbuf_scan(struct orinoco_private *priv, void *buf,
1313 int len, int type)
1314{
1315 struct orinoco_scan_data *sd;
1316 unsigned long flags;
1317
1318 sd = kmalloc(sizeof(*sd), GFP_ATOMIC);
1319 if (!sd)
1320 return;
1321
1322 sd->buf = buf;
1323 sd->len = len;
1324 sd->type = type;
1325
1326 spin_lock_irqsave(&priv->scan_lock, flags);
1327 list_add_tail(&sd->list, &priv->scan_list);
1328 spin_unlock_irqrestore(&priv->scan_lock, flags);
1329
1330 schedule_work(&priv->process_scan);
1331}
1332
1333static void qabort_scan(struct orinoco_private *priv)
1334{
1335 struct orinoco_scan_data *sd;
1336 unsigned long flags;
1337
1338 sd = kmalloc(sizeof(*sd), GFP_ATOMIC);
1339 if (!sd)
1340 return;
1341
1342 sd->len = -1;
1343
1344 spin_lock_irqsave(&priv->scan_lock, flags);
1345 list_add_tail(&sd->list, &priv->scan_list);
1346 spin_unlock_irqrestore(&priv->scan_lock, flags);
1347
1348 schedule_work(&priv->process_scan);
1349}
1350
1351static void orinoco_process_scan_results(struct work_struct *work)
1352{
1353 struct orinoco_private *priv =
1354 container_of(work, struct orinoco_private, process_scan);
1355 struct orinoco_scan_data *sd, *temp;
1356 unsigned long flags;
1357 void *buf;
1358 int len;
1359 int type;
1360
1361 spin_lock_irqsave(&priv->scan_lock, flags);
1362 list_for_each_entry_safe(sd, temp, &priv->scan_list, list) {
1363
1364 buf = sd->buf;
1365 len = sd->len;
1366 type = sd->type;
1367
1368 list_del(&sd->list);
1369 spin_unlock_irqrestore(&priv->scan_lock, flags);
1370 kfree(sd);
1371
1372 if (len > 0) {
1373 if (type == HERMES_INQ_CHANNELINFO)
1374 orinoco_add_extscan_result(priv, buf, len);
1375 else
1376 orinoco_add_hostscan_results(priv, buf, len);
1377
1378 kfree(buf);
1379 } else {
1380
1381 orinoco_scan_done(priv, (len < 0));
1382 }
1383
1384 spin_lock_irqsave(&priv->scan_lock, flags);
1385 }
1386 spin_unlock_irqrestore(&priv->scan_lock, flags);
1387}
1388
1389void __orinoco_ev_info(struct net_device *dev, struct hermes *hw)
1390{
1391 struct orinoco_private *priv = ndev_priv(dev);
1392 u16 infofid;
1393 struct {
1394 __le16 len;
1395 __le16 type;
1396 } __packed info;
1397 int len, type;
1398 int err;
1399
1400
1401
1402
1403
1404 infofid = hermes_read_regn(hw, INFOFID);
1405
1406
1407 err = hw->ops->bap_pread(hw, IRQ_BAP, &info, sizeof(info),
1408 infofid, 0);
1409 if (err) {
1410 printk(KERN_ERR "%s: error %d reading info frame. "
1411 "Frame dropped.\n", dev->name, err);
1412 return;
1413 }
1414
1415 len = HERMES_RECLEN_TO_BYTES(le16_to_cpu(info.len));
1416 type = le16_to_cpu(info.type);
1417
1418 switch (type) {
1419 case HERMES_INQ_TALLIES: {
1420 struct hermes_tallies_frame tallies;
1421 struct iw_statistics *wstats = &priv->wstats;
1422
1423 if (len > sizeof(tallies)) {
1424 printk(KERN_WARNING "%s: Tallies frame too long (%d bytes)\n",
1425 dev->name, len);
1426 len = sizeof(tallies);
1427 }
1428
1429 err = hw->ops->bap_pread(hw, IRQ_BAP, &tallies, len,
1430 infofid, sizeof(info));
1431 if (err)
1432 break;
1433
1434
1435
1436 wstats->discard.code +=
1437 le16_to_cpu(tallies.RxWEPUndecryptable);
1438 if (len == sizeof(tallies))
1439 wstats->discard.code +=
1440 le16_to_cpu(tallies.RxDiscards_WEPICVError) +
1441 le16_to_cpu(tallies.RxDiscards_WEPExcluded);
1442 wstats->discard.misc +=
1443 le16_to_cpu(tallies.TxDiscardsWrongSA);
1444 wstats->discard.fragment +=
1445 le16_to_cpu(tallies.RxMsgInBadMsgFragments);
1446 wstats->discard.retries +=
1447 le16_to_cpu(tallies.TxRetryLimitExceeded);
1448
1449 }
1450 break;
1451 case HERMES_INQ_LINKSTATUS: {
1452 struct hermes_linkstatus linkstatus;
1453 u16 newstatus;
1454 int connected;
1455
1456 if (priv->iw_mode == NL80211_IFTYPE_MONITOR)
1457 break;
1458
1459 if (len != sizeof(linkstatus)) {
1460 printk(KERN_WARNING "%s: Unexpected size for linkstatus frame (%d bytes)\n",
1461 dev->name, len);
1462 break;
1463 }
1464
1465 err = hw->ops->bap_pread(hw, IRQ_BAP, &linkstatus, len,
1466 infofid, sizeof(info));
1467 if (err)
1468 break;
1469 newstatus = le16_to_cpu(linkstatus.linkstatus);
1470
1471
1472
1473 if (newstatus == HERMES_LINKSTATUS_AP_OUT_OF_RANGE &&
1474 priv->firmware_type == FIRMWARE_TYPE_SYMBOL &&
1475 priv->has_hostscan && priv->scan_request) {
1476 hermes_inquire(hw, HERMES_INQ_HOSTSCAN_SYMBOL);
1477 break;
1478 }
1479
1480 connected = (newstatus == HERMES_LINKSTATUS_CONNECTED)
1481 || (newstatus == HERMES_LINKSTATUS_AP_CHANGE)
1482 || (newstatus == HERMES_LINKSTATUS_AP_IN_RANGE);
1483
1484 if (connected)
1485 netif_carrier_on(dev);
1486 else if (!ignore_disconnect)
1487 netif_carrier_off(dev);
1488
1489 if (newstatus != priv->last_linkstatus) {
1490 priv->last_linkstatus = newstatus;
1491 print_linkstatus(dev, newstatus);
1492
1493
1494
1495
1496 schedule_work(&priv->wevent_work);
1497 }
1498 }
1499 break;
1500 case HERMES_INQ_SCAN:
1501 if (!priv->scan_request && priv->bssid_fixed &&
1502 priv->firmware_type == FIRMWARE_TYPE_INTERSIL) {
1503 schedule_work(&priv->join_work);
1504 break;
1505 }
1506 fallthrough;
1507 case HERMES_INQ_HOSTSCAN:
1508 case HERMES_INQ_HOSTSCAN_SYMBOL: {
1509
1510
1511 unsigned char *buf;
1512
1513
1514 if (len > 4096) {
1515 printk(KERN_WARNING "%s: Scan results too large (%d bytes)\n",
1516 dev->name, len);
1517 qabort_scan(priv);
1518 break;
1519 }
1520
1521
1522 buf = kmalloc(len, GFP_ATOMIC);
1523 if (buf == NULL) {
1524
1525 qabort_scan(priv);
1526 break;
1527 }
1528
1529
1530 err = hw->ops->bap_pread(hw, IRQ_BAP, (void *) buf, len,
1531 infofid, sizeof(info));
1532 if (err) {
1533 kfree(buf);
1534 qabort_scan(priv);
1535 break;
1536 }
1537
1538#ifdef ORINOCO_DEBUG
1539 {
1540 int i;
1541 printk(KERN_DEBUG "Scan result [%02X", buf[0]);
1542 for (i = 1; i < (len * 2); i++)
1543 printk(":%02X", buf[i]);
1544 printk("]\n");
1545 }
1546#endif
1547
1548 qbuf_scan(priv, buf, len, type);
1549 }
1550 break;
1551 case HERMES_INQ_CHANNELINFO:
1552 {
1553 struct agere_ext_scan_info *bss;
1554
1555 if (!priv->scan_request) {
1556 printk(KERN_DEBUG "%s: Got chaninfo without scan, "
1557 "len=%d\n", dev->name, len);
1558 break;
1559 }
1560
1561
1562 if (len == 0) {
1563 qbuf_scan(priv, NULL, len, type);
1564 break;
1565 }
1566
1567
1568 else if (len < (offsetof(struct agere_ext_scan_info,
1569 data) + 2)) {
1570
1571
1572 printk(KERN_WARNING
1573 "%s: Ext scan results too short (%d bytes)\n",
1574 dev->name, len);
1575 break;
1576 }
1577
1578 bss = kmalloc(len, GFP_ATOMIC);
1579 if (bss == NULL)
1580 break;
1581
1582
1583 err = hw->ops->bap_pread(hw, IRQ_BAP, (void *) bss, len,
1584 infofid, sizeof(info));
1585 if (err)
1586 kfree(bss);
1587 else
1588 qbuf_scan(priv, bss, len, type);
1589
1590 break;
1591 }
1592 case HERMES_INQ_SEC_STAT_AGERE:
1593
1594
1595 if (priv->firmware_type == FIRMWARE_TYPE_AGERE)
1596 break;
1597 fallthrough;
1598 default:
1599 printk(KERN_DEBUG "%s: Unknown information frame received: "
1600 "type 0x%04x, length %d\n", dev->name, type, len);
1601
1602 break;
1603 }
1604}
1605EXPORT_SYMBOL(__orinoco_ev_info);
1606
1607static void __orinoco_ev_infdrop(struct net_device *dev, struct hermes *hw)
1608{
1609 if (net_ratelimit())
1610 printk(KERN_DEBUG "%s: Information frame lost.\n", dev->name);
1611}
1612
1613
1614
1615
1616
1617static int __orinoco_up(struct orinoco_private *priv)
1618{
1619 struct net_device *dev = priv->ndev;
1620 struct hermes *hw = &priv->hw;
1621 int err;
1622
1623 netif_carrier_off(dev);
1624
1625 err = __orinoco_commit(priv);
1626 if (err) {
1627 printk(KERN_ERR "%s: Error %d configuring card\n",
1628 dev->name, err);
1629 return err;
1630 }
1631
1632
1633 hermes_set_irqmask(hw, ORINOCO_INTEN);
1634 err = hermes_enable_port(hw, 0);
1635 if (err) {
1636 printk(KERN_ERR "%s: Error %d enabling MAC port\n",
1637 dev->name, err);
1638 return err;
1639 }
1640
1641 netif_start_queue(dev);
1642
1643 return 0;
1644}
1645
1646static int __orinoco_down(struct orinoco_private *priv)
1647{
1648 struct net_device *dev = priv->ndev;
1649 struct hermes *hw = &priv->hw;
1650 int err;
1651
1652 netif_stop_queue(dev);
1653
1654 if (!priv->hw_unavailable) {
1655 if (!priv->broken_disableport) {
1656 err = hermes_disable_port(hw, 0);
1657 if (err) {
1658
1659
1660
1661 printk(KERN_WARNING "%s: Error %d disabling MAC port\n",
1662 dev->name, err);
1663 priv->broken_disableport = 1;
1664 }
1665 }
1666 hermes_set_irqmask(hw, 0);
1667 hermes_write_regn(hw, EVACK, 0xffff);
1668 }
1669
1670 orinoco_scan_done(priv, true);
1671
1672
1673 netif_carrier_off(dev);
1674 priv->last_linkstatus = 0xffff;
1675
1676 return 0;
1677}
1678
1679static int orinoco_reinit_firmware(struct orinoco_private *priv)
1680{
1681 struct hermes *hw = &priv->hw;
1682 int err;
1683
1684 err = hw->ops->init(hw);
1685 if (priv->do_fw_download && !err) {
1686 err = orinoco_download(priv);
1687 if (err)
1688 priv->do_fw_download = 0;
1689 }
1690 if (!err)
1691 err = orinoco_hw_allocate_fid(priv);
1692
1693 return err;
1694}
1695
1696static int
1697__orinoco_set_multicast_list(struct net_device *dev)
1698{
1699 struct orinoco_private *priv = ndev_priv(dev);
1700 int err = 0;
1701 int promisc, mc_count;
1702
1703
1704
1705 if ((dev->flags & IFF_PROMISC) || (dev->flags & IFF_ALLMULTI) ||
1706 (netdev_mc_count(dev) > MAX_MULTICAST(priv))) {
1707 promisc = 1;
1708 mc_count = 0;
1709 } else {
1710 promisc = 0;
1711 mc_count = netdev_mc_count(dev);
1712 }
1713
1714 err = __orinoco_hw_set_multicast_list(priv, dev, mc_count, promisc);
1715
1716 return err;
1717}
1718
1719
1720
1721void orinoco_reset(struct work_struct *work)
1722{
1723 struct orinoco_private *priv =
1724 container_of(work, struct orinoco_private, reset_work);
1725 struct net_device *dev = priv->ndev;
1726 struct hermes *hw = &priv->hw;
1727 int err;
1728 unsigned long flags;
1729
1730 if (orinoco_lock(priv, &flags) != 0)
1731
1732
1733
1734 return;
1735
1736 netif_stop_queue(dev);
1737
1738
1739
1740 hermes_set_irqmask(hw, 0);
1741 hermes_write_regn(hw, EVACK, 0xffff);
1742
1743 priv->hw_unavailable++;
1744 priv->last_linkstatus = 0xffff;
1745 netif_carrier_off(dev);
1746
1747 orinoco_unlock(priv, &flags);
1748
1749
1750 orinoco_scan_done(priv, true);
1751
1752 if (priv->hard_reset) {
1753 err = (*priv->hard_reset)(priv);
1754 if (err) {
1755 printk(KERN_ERR "%s: orinoco_reset: Error %d "
1756 "performing hard reset\n", dev->name, err);
1757 goto disable;
1758 }
1759 }
1760
1761 err = orinoco_reinit_firmware(priv);
1762 if (err) {
1763 printk(KERN_ERR "%s: orinoco_reset: Error %d re-initializing firmware\n",
1764 dev->name, err);
1765 goto disable;
1766 }
1767
1768
1769 orinoco_lock_irq(priv);
1770
1771 priv->hw_unavailable--;
1772
1773
1774
1775 if (priv->open && (!priv->hw_unavailable)) {
1776 err = __orinoco_up(priv);
1777 if (err) {
1778 printk(KERN_ERR "%s: orinoco_reset: Error %d reenabling card\n",
1779 dev->name, err);
1780 } else
1781 netif_trans_update(dev);
1782 }
1783
1784 orinoco_unlock_irq(priv);
1785
1786 return;
1787 disable:
1788 hermes_set_irqmask(hw, 0);
1789 netif_device_detach(dev);
1790 printk(KERN_ERR "%s: Device has been disabled!\n", dev->name);
1791}
1792
1793static int __orinoco_commit(struct orinoco_private *priv)
1794{
1795 struct net_device *dev = priv->ndev;
1796 int err = 0;
1797
1798
1799
1800
1801
1802 priv->tkip_cm_active = 0;
1803
1804 err = orinoco_hw_program_rids(priv);
1805
1806
1807 (void) __orinoco_set_multicast_list(dev);
1808
1809 return err;
1810}
1811
1812
1813
1814
1815int orinoco_commit(struct orinoco_private *priv)
1816{
1817 struct net_device *dev = priv->ndev;
1818 struct hermes *hw = &priv->hw;
1819 int err;
1820
1821 if (priv->broken_disableport) {
1822 schedule_work(&priv->reset_work);
1823 return 0;
1824 }
1825
1826 err = hermes_disable_port(hw, 0);
1827 if (err) {
1828 printk(KERN_WARNING "%s: Unable to disable port "
1829 "while reconfiguring card\n", dev->name);
1830 priv->broken_disableport = 1;
1831 goto out;
1832 }
1833
1834 err = __orinoco_commit(priv);
1835 if (err) {
1836 printk(KERN_WARNING "%s: Unable to reconfigure card\n",
1837 dev->name);
1838 goto out;
1839 }
1840
1841 err = hermes_enable_port(hw, 0);
1842 if (err) {
1843 printk(KERN_WARNING "%s: Unable to enable port while reconfiguring card\n",
1844 dev->name);
1845 goto out;
1846 }
1847
1848 out:
1849 if (err) {
1850 printk(KERN_WARNING "%s: Resetting instead...\n", dev->name);
1851 schedule_work(&priv->reset_work);
1852 err = 0;
1853 }
1854 return err;
1855}
1856
1857
1858
1859
1860
1861static void __orinoco_ev_tick(struct net_device *dev, struct hermes *hw)
1862{
1863 printk(KERN_DEBUG "%s: TICK\n", dev->name);
1864}
1865
1866static void __orinoco_ev_wterr(struct net_device *dev, struct hermes *hw)
1867{
1868
1869
1870 printk(KERN_DEBUG "%s: MAC controller error (WTERR). Ignoring.\n",
1871 dev->name);
1872}
1873
1874irqreturn_t orinoco_interrupt(int irq, void *dev_id)
1875{
1876 struct orinoco_private *priv = dev_id;
1877 struct net_device *dev = priv->ndev;
1878 struct hermes *hw = &priv->hw;
1879 int count = MAX_IRQLOOPS_PER_IRQ;
1880 u16 evstat, events;
1881
1882
1883
1884
1885
1886
1887 static int last_irq_jiffy;
1888 static int loops_this_jiffy;
1889 unsigned long flags;
1890
1891 if (orinoco_lock(priv, &flags) != 0) {
1892
1893
1894 return IRQ_HANDLED;
1895 }
1896
1897 evstat = hermes_read_regn(hw, EVSTAT);
1898 events = evstat & hw->inten;
1899 if (!events) {
1900 orinoco_unlock(priv, &flags);
1901 return IRQ_NONE;
1902 }
1903
1904 if (jiffies != last_irq_jiffy)
1905 loops_this_jiffy = 0;
1906 last_irq_jiffy = jiffies;
1907
1908 while (events && count--) {
1909 if (++loops_this_jiffy > MAX_IRQLOOPS_PER_JIFFY) {
1910 printk(KERN_WARNING "%s: IRQ handler is looping too "
1911 "much! Resetting.\n", dev->name);
1912
1913 hermes_set_irqmask(hw, 0);
1914 schedule_work(&priv->reset_work);
1915 break;
1916 }
1917
1918
1919 if (!hermes_present(hw)) {
1920 DEBUG(0, "orinoco_interrupt(): card removed\n");
1921 break;
1922 }
1923
1924 if (events & HERMES_EV_TICK)
1925 __orinoco_ev_tick(dev, hw);
1926 if (events & HERMES_EV_WTERR)
1927 __orinoco_ev_wterr(dev, hw);
1928 if (events & HERMES_EV_INFDROP)
1929 __orinoco_ev_infdrop(dev, hw);
1930 if (events & HERMES_EV_INFO)
1931 __orinoco_ev_info(dev, hw);
1932 if (events & HERMES_EV_RX)
1933 __orinoco_ev_rx(dev, hw);
1934 if (events & HERMES_EV_TXEXC)
1935 __orinoco_ev_txexc(dev, hw);
1936 if (events & HERMES_EV_TX)
1937 __orinoco_ev_tx(dev, hw);
1938 if (events & HERMES_EV_ALLOC)
1939 __orinoco_ev_alloc(dev, hw);
1940
1941 hermes_write_regn(hw, EVACK, evstat);
1942
1943 evstat = hermes_read_regn(hw, EVSTAT);
1944 events = evstat & hw->inten;
1945 }
1946
1947 orinoco_unlock(priv, &flags);
1948 return IRQ_HANDLED;
1949}
1950EXPORT_SYMBOL(orinoco_interrupt);
1951
1952
1953
1954
1955#if defined(CONFIG_PM_SLEEP) && !defined(CONFIG_HERMES_CACHE_FW_ON_INIT)
1956static int orinoco_pm_notifier(struct notifier_block *notifier,
1957 unsigned long pm_event,
1958 void *unused)
1959{
1960 struct orinoco_private *priv = container_of(notifier,
1961 struct orinoco_private,
1962 pm_notifier);
1963
1964
1965
1966
1967
1968 if (!priv->do_fw_download)
1969 return NOTIFY_DONE;
1970
1971 switch (pm_event) {
1972 case PM_HIBERNATION_PREPARE:
1973 case PM_SUSPEND_PREPARE:
1974 orinoco_cache_fw(priv, 0);
1975 break;
1976
1977 case PM_POST_RESTORE:
1978
1979
1980 case PM_POST_HIBERNATION:
1981 case PM_POST_SUSPEND:
1982 orinoco_uncache_fw(priv);
1983 break;
1984
1985 case PM_RESTORE_PREPARE:
1986 default:
1987 break;
1988 }
1989
1990 return NOTIFY_DONE;
1991}
1992
1993static void orinoco_register_pm_notifier(struct orinoco_private *priv)
1994{
1995 priv->pm_notifier.notifier_call = orinoco_pm_notifier;
1996 register_pm_notifier(&priv->pm_notifier);
1997}
1998
1999static void orinoco_unregister_pm_notifier(struct orinoco_private *priv)
2000{
2001 unregister_pm_notifier(&priv->pm_notifier);
2002}
2003#else
2004#define orinoco_register_pm_notifier(priv) do { } while (0)
2005#define orinoco_unregister_pm_notifier(priv) do { } while (0)
2006#endif
2007
2008
2009
2010
2011
2012int orinoco_init(struct orinoco_private *priv)
2013{
2014 struct device *dev = priv->dev;
2015 struct wiphy *wiphy = priv_to_wiphy(priv);
2016 struct hermes *hw = &priv->hw;
2017 int err = 0;
2018
2019
2020
2021 priv->nicbuf_size = IEEE80211_MAX_FRAME_LEN + ETH_HLEN;
2022
2023
2024 err = hw->ops->init(hw);
2025 if (err != 0) {
2026 dev_err(dev, "Failed to initialize firmware (err = %d)\n",
2027 err);
2028 goto out;
2029 }
2030
2031 err = determine_fw_capabilities(priv, wiphy->fw_version,
2032 sizeof(wiphy->fw_version),
2033 &wiphy->hw_version);
2034 if (err != 0) {
2035 dev_err(dev, "Incompatible firmware, aborting\n");
2036 goto out;
2037 }
2038
2039 if (priv->do_fw_download) {
2040#ifdef CONFIG_HERMES_CACHE_FW_ON_INIT
2041 orinoco_cache_fw(priv, 0);
2042#endif
2043
2044 err = orinoco_download(priv);
2045 if (err)
2046 priv->do_fw_download = 0;
2047
2048
2049 err = determine_fw_capabilities(priv, wiphy->fw_version,
2050 sizeof(wiphy->fw_version),
2051 &wiphy->hw_version);
2052 if (err != 0) {
2053 dev_err(dev, "Incompatible firmware, aborting\n");
2054 goto out;
2055 }
2056 }
2057
2058 if (priv->has_port3)
2059 dev_info(dev, "Ad-hoc demo mode supported\n");
2060 if (priv->has_ibss)
2061 dev_info(dev, "IEEE standard IBSS ad-hoc mode supported\n");
2062 if (priv->has_wep)
2063 dev_info(dev, "WEP supported, %s-bit key\n",
2064 priv->has_big_wep ? "104" : "40");
2065 if (priv->has_wpa) {
2066 dev_info(dev, "WPA-PSK supported\n");
2067 if (orinoco_mic_init(priv)) {
2068 dev_err(dev, "Failed to setup MIC crypto algorithm. "
2069 "Disabling WPA support\n");
2070 priv->has_wpa = 0;
2071 }
2072 }
2073
2074 err = orinoco_hw_read_card_settings(priv, wiphy->perm_addr);
2075 if (err)
2076 goto out;
2077
2078 err = orinoco_hw_allocate_fid(priv);
2079 if (err) {
2080 dev_err(dev, "Failed to allocate NIC buffer!\n");
2081 goto out;
2082 }
2083
2084
2085 priv->iw_mode = NL80211_IFTYPE_STATION;
2086
2087 priv->prefer_port3 = priv->has_port3 && (!priv->has_ibss);
2088 set_port_type(priv);
2089 priv->channel = 0;
2090
2091 priv->promiscuous = 0;
2092 priv->encode_alg = ORINOCO_ALG_NONE;
2093 priv->tx_key = 0;
2094 priv->wpa_enabled = 0;
2095 priv->tkip_cm_active = 0;
2096 priv->key_mgmt = 0;
2097 priv->wpa_ie_len = 0;
2098 priv->wpa_ie = NULL;
2099
2100 if (orinoco_wiphy_register(wiphy)) {
2101 err = -ENODEV;
2102 goto out;
2103 }
2104
2105
2106
2107 orinoco_lock_irq(priv);
2108 priv->hw_unavailable--;
2109 orinoco_unlock_irq(priv);
2110
2111 dev_dbg(dev, "Ready\n");
2112
2113 out:
2114 return err;
2115}
2116EXPORT_SYMBOL(orinoco_init);
2117
2118static const struct net_device_ops orinoco_netdev_ops = {
2119 .ndo_open = orinoco_open,
2120 .ndo_stop = orinoco_stop,
2121 .ndo_start_xmit = orinoco_xmit,
2122 .ndo_set_rx_mode = orinoco_set_multicast_list,
2123 .ndo_change_mtu = orinoco_change_mtu,
2124 .ndo_set_mac_address = eth_mac_addr,
2125 .ndo_validate_addr = eth_validate_addr,
2126 .ndo_tx_timeout = orinoco_tx_timeout,
2127};
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154struct orinoco_private
2155*alloc_orinocodev(int sizeof_card,
2156 struct device *device,
2157 int (*hard_reset)(struct orinoco_private *),
2158 int (*stop_fw)(struct orinoco_private *, int))
2159{
2160 struct orinoco_private *priv;
2161 struct wiphy *wiphy;
2162
2163
2164
2165
2166
2167 wiphy = wiphy_new(&orinoco_cfg_ops,
2168 sizeof(struct orinoco_private) + sizeof_card);
2169 if (!wiphy)
2170 return NULL;
2171
2172 priv = wiphy_priv(wiphy);
2173 priv->dev = device;
2174
2175 if (sizeof_card)
2176 priv->card = (void *)((unsigned long)priv
2177 + sizeof(struct orinoco_private));
2178 else
2179 priv->card = NULL;
2180
2181 orinoco_wiphy_init(wiphy);
2182
2183#ifdef WIRELESS_SPY
2184 priv->wireless_data.spy_data = &priv->spy_data;
2185#endif
2186
2187
2188 priv->hard_reset = hard_reset;
2189 priv->stop_fw = stop_fw;
2190
2191 spin_lock_init(&priv->lock);
2192 priv->open = 0;
2193 priv->hw_unavailable = 1;
2194
2195
2196 INIT_WORK(&priv->reset_work, orinoco_reset);
2197 INIT_WORK(&priv->join_work, orinoco_join_ap);
2198 INIT_WORK(&priv->wevent_work, orinoco_send_wevents);
2199
2200 INIT_LIST_HEAD(&priv->rx_list);
2201 tasklet_setup(&priv->rx_tasklet, orinoco_rx_isr_tasklet);
2202
2203 spin_lock_init(&priv->scan_lock);
2204 INIT_LIST_HEAD(&priv->scan_list);
2205 INIT_WORK(&priv->process_scan, orinoco_process_scan_results);
2206
2207 priv->last_linkstatus = 0xffff;
2208
2209#if defined(CONFIG_HERMES_CACHE_FW_ON_INIT) || defined(CONFIG_PM_SLEEP)
2210 priv->cached_pri_fw = NULL;
2211 priv->cached_fw = NULL;
2212#endif
2213
2214
2215 orinoco_register_pm_notifier(priv);
2216
2217 return priv;
2218}
2219EXPORT_SYMBOL(alloc_orinocodev);
2220
2221
2222
2223
2224
2225
2226
2227
2228int orinoco_if_add(struct orinoco_private *priv,
2229 unsigned long base_addr,
2230 unsigned int irq,
2231 const struct net_device_ops *ops)
2232{
2233 struct wiphy *wiphy = priv_to_wiphy(priv);
2234 struct wireless_dev *wdev;
2235 struct net_device *dev;
2236 int ret;
2237
2238 dev = alloc_etherdev(sizeof(struct wireless_dev));
2239
2240 if (!dev)
2241 return -ENOMEM;
2242
2243
2244 wdev = netdev_priv(dev);
2245 wdev->wiphy = wiphy;
2246 wdev->iftype = NL80211_IFTYPE_STATION;
2247
2248
2249 dev->ieee80211_ptr = wdev;
2250 dev->watchdog_timeo = HZ;
2251 dev->wireless_handlers = &orinoco_handler_def;
2252#ifdef WIRELESS_SPY
2253 dev->wireless_data = &priv->wireless_data;
2254#endif
2255
2256 if (ops)
2257 dev->netdev_ops = ops;
2258 else
2259 dev->netdev_ops = &orinoco_netdev_ops;
2260
2261
2262
2263
2264 dev->needed_headroom = ENCAPS_OVERHEAD;
2265
2266 netif_carrier_off(dev);
2267
2268 memcpy(dev->dev_addr, wiphy->perm_addr, ETH_ALEN);
2269
2270 dev->base_addr = base_addr;
2271 dev->irq = irq;
2272
2273 dev->min_mtu = ORINOCO_MIN_MTU;
2274 dev->max_mtu = ORINOCO_MAX_MTU;
2275
2276 SET_NETDEV_DEV(dev, priv->dev);
2277 ret = register_netdev(dev);
2278 if (ret)
2279 goto fail;
2280
2281 priv->ndev = dev;
2282
2283
2284 dev_dbg(priv->dev, "Registered interface %s.\n", dev->name);
2285
2286 return 0;
2287
2288 fail:
2289 free_netdev(dev);
2290 return ret;
2291}
2292EXPORT_SYMBOL(orinoco_if_add);
2293
2294void orinoco_if_del(struct orinoco_private *priv)
2295{
2296 struct net_device *dev = priv->ndev;
2297
2298 unregister_netdev(dev);
2299 free_netdev(dev);
2300}
2301EXPORT_SYMBOL(orinoco_if_del);
2302
2303void free_orinocodev(struct orinoco_private *priv)
2304{
2305 struct wiphy *wiphy = priv_to_wiphy(priv);
2306 struct orinoco_rx_data *rx_data, *temp;
2307 struct orinoco_scan_data *sd, *sdtemp;
2308
2309
2310
2311
2312 tasklet_kill(&priv->rx_tasklet);
2313
2314
2315 list_for_each_entry_safe(rx_data, temp, &priv->rx_list, list) {
2316 list_del(&rx_data->list);
2317
2318 dev_kfree_skb(rx_data->skb);
2319 kfree(rx_data->desc);
2320 kfree(rx_data);
2321 }
2322
2323 cancel_work_sync(&priv->process_scan);
2324
2325 list_for_each_entry_safe(sd, sdtemp, &priv->scan_list, list) {
2326 list_del(&sd->list);
2327
2328 if (sd->len > 0)
2329 kfree(sd->buf);
2330 kfree(sd);
2331 }
2332
2333 orinoco_unregister_pm_notifier(priv);
2334 orinoco_uncache_fw(priv);
2335
2336 priv->wpa_ie_len = 0;
2337 kfree(priv->wpa_ie);
2338 orinoco_mic_free(priv);
2339 wiphy_free(wiphy);
2340}
2341EXPORT_SYMBOL(free_orinocodev);
2342
2343int orinoco_up(struct orinoco_private *priv)
2344{
2345 struct net_device *dev = priv->ndev;
2346 unsigned long flags;
2347 int err;
2348
2349 priv->hw.ops->lock_irqsave(&priv->lock, &flags);
2350
2351 err = orinoco_reinit_firmware(priv);
2352 if (err) {
2353 printk(KERN_ERR "%s: Error %d re-initializing firmware\n",
2354 dev->name, err);
2355 goto exit;
2356 }
2357
2358 netif_device_attach(dev);
2359 priv->hw_unavailable--;
2360
2361 if (priv->open && !priv->hw_unavailable) {
2362 err = __orinoco_up(priv);
2363 if (err)
2364 printk(KERN_ERR "%s: Error %d restarting card\n",
2365 dev->name, err);
2366 }
2367
2368exit:
2369 priv->hw.ops->unlock_irqrestore(&priv->lock, &flags);
2370
2371 return 0;
2372}
2373EXPORT_SYMBOL(orinoco_up);
2374
2375void orinoco_down(struct orinoco_private *priv)
2376{
2377 struct net_device *dev = priv->ndev;
2378 unsigned long flags;
2379 int err;
2380
2381 priv->hw.ops->lock_irqsave(&priv->lock, &flags);
2382 err = __orinoco_down(priv);
2383 if (err)
2384 printk(KERN_WARNING "%s: Error %d downing interface\n",
2385 dev->name, err);
2386
2387 netif_device_detach(dev);
2388 priv->hw_unavailable++;
2389 priv->hw.ops->unlock_irqrestore(&priv->lock, &flags);
2390}
2391EXPORT_SYMBOL(orinoco_down);
2392
2393
2394
2395
2396
2397
2398
2399static char version[] __initdata = DRIVER_NAME " " DRIVER_VERSION
2400 " (David Gibson <hermes@gibson.dropbear.id.au>, "
2401 "Pavel Roskin <proski@gnu.org>, et al)";
2402
2403static int __init init_orinoco(void)
2404{
2405 printk(KERN_DEBUG "%s\n", version);
2406 return 0;
2407}
2408
2409static void __exit exit_orinoco(void)
2410{
2411}
2412
2413module_init(init_orinoco);
2414module_exit(exit_orinoco);
2415