projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
iwlwifi: moves security functions to iwl-sta.c
[deliverable/linux.git] / drivers / net / wireless / iwlwifi / iwl4965-base.c
1 /******************************************************************************
2 *
3 * Copyright(c) 2003 - 2008 Intel Corporation. All rights reserved.
4 *
5 * Portions of this file are derived from the ipw3945 project, as well
6 * as portions of the ieee80211 subsystem header files.
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of version 2 of the GNU General Public License as
10 * published by the Free Software Foundation.
11 *
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * more details.
16 *
17 * You should have received a copy of the GNU General Public License along with
18 * this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
20 *
21 * The full GNU General Public License is included in this distribution in the
22 * file called LICENSE.
23 *
24 * Contact Information:
25 * James P. Ketrenos <ipw2100-admin@linux.intel.com>
26 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
27 *
28 *****************************************************************************/
29
30 #include <linux/kernel.h>
31 #include <linux/module.h>
32 #include <linux/version.h>
33 #include <linux/init.h>
34 #include <linux/pci.h>
35 #include <linux/dma-mapping.h>
36 #include <linux/delay.h>
37 #include <linux/skbuff.h>
38 #include <linux/netdevice.h>
39 #include <linux/wireless.h>
40 #include <linux/firmware.h>
41 #include <linux/etherdevice.h>
42 #include <linux/if_arp.h>
43
44 #include <net/mac80211.h>
45
46 #include <asm/div64.h>
47
48 #include "iwl-eeprom.h"
49 #include "iwl-4965.h"
50 #include "iwl-core.h"
51 #include "iwl-io.h"
52 #include "iwl-helpers.h"
53 #include "iwl-sta.h"
54
55 static int iwl4965_tx_queue_update_write_ptr(struct iwl_priv *priv,
56 struct iwl4965_tx_queue *txq);
57
58 /******************************************************************************
59 *
60 * module boiler plate
61 *
62 ******************************************************************************/
63
64 /*
65 * module name, copyright, version, etc.
66 * NOTE: DRV_NAME is defined in iwlwifi.h for use by iwl-debug.h and printk
67 */
68
69 #define DRV_DESCRIPTION "Intel(R) Wireless WiFi Link 4965AGN driver for Linux"
70
71 #ifdef CONFIG_IWLWIFI_DEBUG
72 #define VD "d"
73 #else
74 #define VD
75 #endif
76
77 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
78 #define VS "s"
79 #else
80 #define VS
81 #endif
82
83 #define DRV_VERSION IWLWIFI_VERSION VD VS
84
85
86 MODULE_DESCRIPTION(DRV_DESCRIPTION);
87 MODULE_VERSION(DRV_VERSION);
88 MODULE_AUTHOR(DRV_COPYRIGHT);
89 MODULE_LICENSE("GPL");
90
91 __le16 *ieee80211_get_qos_ctrl(struct ieee80211_hdr *hdr)
92 {
93 u16 fc = le16_to_cpu(hdr->frame_control);
94 int hdr_len = ieee80211_get_hdrlen(fc);
95
96 if ((fc & 0x00cc) == (IEEE80211_STYPE_QOS_DATA | IEEE80211_FTYPE_DATA))
97 return (__le16 *) ((u8 *) hdr + hdr_len - QOS_CONTROL_LEN);
98 return NULL;
99 }
100
101 static const struct ieee80211_supported_band *iwl4965_get_hw_mode(
102 struct iwl_priv *priv, enum ieee80211_band band)
103 {
104 return priv->hw->wiphy->bands[band];
105 }
106
107 static int iwl4965_is_empty_essid(const char *essid, int essid_len)
108 {
109 /* Single white space is for Linksys APs */
110 if (essid_len == 1 && essid[0] == ' ')
111 return 1;
112
113 /* Otherwise, if the entire essid is 0, we assume it is hidden */
114 while (essid_len) {
115 essid_len--;
116 if (essid[essid_len] != '\0')
117 return 0;
118 }
119
120 return 1;
121 }
122
123 static const char *iwl4965_escape_essid(const char *essid, u8 essid_len)
124 {
125 static char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
126 const char *s = essid;
127 char *d = escaped;
128
129 if (iwl4965_is_empty_essid(essid, essid_len)) {
130 memcpy(escaped, "<hidden>", sizeof("<hidden>"));
131 return escaped;
132 }
133
134 essid_len = min(essid_len, (u8) IW_ESSID_MAX_SIZE);
135 while (essid_len--) {
136 if (*s == '\0') {
137 *d++ = '\\';
138 *d++ = '0';
139 s++;
140 } else
141 *d++ = *s++;
142 }
143 *d = '\0';
144 return escaped;
145 }
146
147 /*************** DMA-QUEUE-GENERAL-FUNCTIONS *****
148 * DMA services
149 *
150 * Theory of operation
151 *
152 * A Tx or Rx queue resides in host DRAM, and is comprised of a circular buffer
153 * of buffer descriptors, each of which points to one or more data buffers for
154 * the device to read from or fill. Driver and device exchange status of each
155 * queue via "read" and "write" pointers. Driver keeps minimum of 2 empty
156 * entries in each circular buffer, to protect against confusing empty and full
157 * queue states.
158 *
159 * The device reads or writes the data in the queues via the device's several
160 * DMA/FIFO channels. Each queue is mapped to a single DMA channel.
161 *
162 * For Tx queue, there are low mark and high mark limits. If, after queuing
163 * the packet for Tx, free space become < low mark, Tx queue stopped. When
164 * reclaiming packets (on 'tx done IRQ), if free space become > high mark,
165 * Tx queue resumed.
166 *
167 * The 4965 operates with up to 17 queues: One receive queue, one transmit
168 * queue (#4) for sending commands to the device firmware, and 15 other
169 * Tx queues that may be mapped to prioritized Tx DMA/FIFO channels.
170 *
171 * See more detailed info in iwl-4965-hw.h.
172 ***************************************************/
173
174 int iwl4965_queue_space(const struct iwl4965_queue *q)
175 {
176 int s = q->read_ptr - q->write_ptr;
177
178 if (q->read_ptr > q->write_ptr)
179 s -= q->n_bd;
180
181 if (s <= 0)
182 s += q->n_window;
183 /* keep some reserve to not confuse empty and full situations */
184 s -= 2;
185 if (s < 0)
186 s = 0;
187 return s;
188 }
189
190
191 static inline int x2_queue_used(const struct iwl4965_queue *q, int i)
192 {
193 return q->write_ptr > q->read_ptr ?
194 (i >= q->read_ptr && i < q->write_ptr) :
195 !(i < q->read_ptr && i >= q->write_ptr);
196 }
197
198 static inline u8 get_cmd_index(struct iwl4965_queue *q, u32 index, int is_huge)
199 {
200 /* This is for scan command, the big buffer at end of command array */
201 if (is_huge)
202 return q->n_window; /* must be power of 2 */
203
204 /* Otherwise, use normal size buffers */
205 return index & (q->n_window - 1);
206 }
207
208 /**
209 * iwl4965_queue_init - Initialize queue's high/low-water and read/write indexes
210 */
211 static int iwl4965_queue_init(struct iwl_priv *priv, struct iwl4965_queue *q,
212 int count, int slots_num, u32 id)
213 {
214 q->n_bd = count;
215 q->n_window = slots_num;
216 q->id = id;
217
218 /* count must be power-of-two size, otherwise iwl_queue_inc_wrap
219 * and iwl_queue_dec_wrap are broken. */
220 BUG_ON(!is_power_of_2(count));
221
222 /* slots_num must be power-of-two size, otherwise
223 * get_cmd_index is broken. */
224 BUG_ON(!is_power_of_2(slots_num));
225
226 q->low_mark = q->n_window / 4;
227 if (q->low_mark < 4)
228 q->low_mark = 4;
229
230 q->high_mark = q->n_window / 8;
231 if (q->high_mark < 2)
232 q->high_mark = 2;
233
234 q->write_ptr = q->read_ptr = 0;
235
236 return 0;
237 }
238
239 /**
240 * iwl4965_tx_queue_alloc - Alloc driver data and TFD CB for one Tx/cmd queue
241 */
242 static int iwl4965_tx_queue_alloc(struct iwl_priv *priv,
243 struct iwl4965_tx_queue *txq, u32 id)
244 {
245 struct pci_dev *dev = priv->pci_dev;
246
247 /* Driver private data, only for Tx (not command) queues,
248 * not shared with device. */
249 if (id != IWL_CMD_QUEUE_NUM) {
250 txq->txb = kmalloc(sizeof(txq->txb[0]) *
251 TFD_QUEUE_SIZE_MAX, GFP_KERNEL);
252 if (!txq->txb) {
253 IWL_ERROR("kmalloc for auxiliary BD "
254 "structures failed\n");
255 goto error;
256 }
257 } else
258 txq->txb = NULL;
259
260 /* Circular buffer of transmit frame descriptors (TFDs),
261 * shared with device */
262 txq->bd = pci_alloc_consistent(dev,
263 sizeof(txq->bd[0]) * TFD_QUEUE_SIZE_MAX,
264 &txq->q.dma_addr);
265
266 if (!txq->bd) {
267 IWL_ERROR("pci_alloc_consistent(%zd) failed\n",
268 sizeof(txq->bd[0]) * TFD_QUEUE_SIZE_MAX);
269 goto error;
270 }
271 txq->q.id = id;
272
273 return 0;
274
275 error:
276 if (txq->txb) {
277 kfree(txq->txb);
278 txq->txb = NULL;
279 }
280
281 return -ENOMEM;
282 }
283
284 /**
285 * iwl4965_tx_queue_init - Allocate and initialize one tx/cmd queue
286 */
287 int iwl4965_tx_queue_init(struct iwl_priv *priv,
288 struct iwl4965_tx_queue *txq, int slots_num, u32 txq_id)
289 {
290 struct pci_dev *dev = priv->pci_dev;
291 int len;
292 int rc = 0;
293
294 /*
295 * Alloc buffer array for commands (Tx or other types of commands).
296 * For the command queue (#4), allocate command space + one big
297 * command for scan, since scan command is very huge; the system will
298 * not have two scans at the same time, so only one is needed.
299 * For normal Tx queues (all other queues), no super-size command
300 * space is needed.
301 */
302 len = sizeof(struct iwl_cmd) * slots_num;
303 if (txq_id == IWL_CMD_QUEUE_NUM)
304 len += IWL_MAX_SCAN_SIZE;
305 txq->cmd = pci_alloc_consistent(dev, len, &txq->dma_addr_cmd);
306 if (!txq->cmd)
307 return -ENOMEM;
308
309 /* Alloc driver data array and TFD circular buffer */
310 rc = iwl4965_tx_queue_alloc(priv, txq, txq_id);
311 if (rc) {
312 pci_free_consistent(dev, len, txq->cmd, txq->dma_addr_cmd);
313
314 return -ENOMEM;
315 }
316 txq->need_update = 0;
317
318 /* TFD_QUEUE_SIZE_MAX must be power-of-two size, otherwise
319 * iwl_queue_inc_wrap and iwl_queue_dec_wrap are broken. */
320 BUILD_BUG_ON(TFD_QUEUE_SIZE_MAX & (TFD_QUEUE_SIZE_MAX - 1));
321
322 /* Initialize queue's high/low-water marks, and head/tail indexes */
323 iwl4965_queue_init(priv, &txq->q, TFD_QUEUE_SIZE_MAX, slots_num, txq_id);
324
325 /* Tell device where to find queue */
326 iwl4965_hw_tx_queue_init(priv, txq);
327
328 return 0;
329 }
330
331 /**
332 * iwl4965_tx_queue_free - Deallocate DMA queue.
333 * @txq: Transmit queue to deallocate.
334 *
335 * Empty queue by removing and destroying all BD's.
336 * Free all buffers.
337 * 0-fill, but do not free "txq" descriptor structure.
338 */
339 void iwl4965_tx_queue_free(struct iwl_priv *priv, struct iwl4965_tx_queue *txq)
340 {
341 struct iwl4965_queue *q = &txq->q;
342 struct pci_dev *dev = priv->pci_dev;
343 int len;
344
345 if (q->n_bd == 0)
346 return;
347
348 /* first, empty all BD's */
349 for (; q->write_ptr != q->read_ptr;
350 q->read_ptr = iwl_queue_inc_wrap(q->read_ptr, q->n_bd))
351 iwl4965_hw_txq_free_tfd(priv, txq);
352
353 len = sizeof(struct iwl_cmd) * q->n_window;
354 if (q->id == IWL_CMD_QUEUE_NUM)
355 len += IWL_MAX_SCAN_SIZE;
356
357 /* De-alloc array of command/tx buffers */
358 pci_free_consistent(dev, len, txq->cmd, txq->dma_addr_cmd);
359
360 /* De-alloc circular buffer of TFDs */
361 if (txq->q.n_bd)
362 pci_free_consistent(dev, sizeof(struct iwl4965_tfd_frame) *
363 txq->q.n_bd, txq->bd, txq->q.dma_addr);
364
365 /* De-alloc array of per-TFD driver data */
366 if (txq->txb) {
367 kfree(txq->txb);
368 txq->txb = NULL;
369 }
370
371 /* 0-fill queue descriptor structure */
372 memset(txq, 0, sizeof(*txq));
373 }
374
375 const u8 iwl4965_broadcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
376
377 /*************** STATION TABLE MANAGEMENT ****
378 * mac80211 should be examined to determine if sta_info is duplicating
379 * the functionality provided here
380 */
381
382 /**************************************************************/
383
384 #if 0 /* temporary disable till we add real remove station */
385 /**
386 * iwl4965_remove_station - Remove driver's knowledge of station.
387 *
388 * NOTE: This does not remove station from device's station table.
389 */
390 static u8 iwl4965_remove_station(struct iwl_priv *priv, const u8 *addr, int is_ap)
391 {
392 int index = IWL_INVALID_STATION;
393 int i;
394 unsigned long flags;
395
396 spin_lock_irqsave(&priv->sta_lock, flags);
397
398 if (is_ap)
399 index = IWL_AP_ID;
400 else if (is_broadcast_ether_addr(addr))
401 index = priv->hw_setting.bcast_sta_id;
402 else
403 for (i = IWL_STA_ID; i < priv->hw_setting.max_stations; i++)
404 if (priv->stations[i].used &&
405 !compare_ether_addr(priv->stations[i].sta.sta.addr,
406 addr)) {
407 index = i;
408 break;
409 }
410
411 if (unlikely(index == IWL_INVALID_STATION))
412 goto out;
413
414 if (priv->stations[index].used) {
415 priv->stations[index].used = 0;
416 priv->num_stations--;
417 }
418
419 BUG_ON(priv->num_stations < 0);
420
421 out:
422 spin_unlock_irqrestore(&priv->sta_lock, flags);
423 return 0;
424 }
425 #endif
426
427 /**
428 * iwl4965_add_station_flags - Add station to tables in driver and device
429 */
430 u8 iwl4965_add_station_flags(struct iwl_priv *priv, const u8 *addr,
431 int is_ap, u8 flags, void *ht_data)
432 {
433 int i;
434 int index = IWL_INVALID_STATION;
435 struct iwl4965_station_entry *station;
436 unsigned long flags_spin;
437 DECLARE_MAC_BUF(mac);
438
439 spin_lock_irqsave(&priv->sta_lock, flags_spin);
440 if (is_ap)
441 index = IWL_AP_ID;
442 else if (is_broadcast_ether_addr(addr))
443 index = priv->hw_setting.bcast_sta_id;
444 else
445 for (i = IWL_STA_ID; i < priv->hw_setting.max_stations; i++) {
446 if (!compare_ether_addr(priv->stations[i].sta.sta.addr,
447 addr)) {
448 index = i;
449 break;
450 }
451
452 if (!priv->stations[i].used &&
453 index == IWL_INVALID_STATION)
454 index = i;
455 }
456
457
458 /* These two conditions have the same outcome, but keep them separate
459 since they have different meanings */
460 if (unlikely(index == IWL_INVALID_STATION)) {
461 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
462 return index;
463 }
464
465 if (priv->stations[index].used &&
466 !compare_ether_addr(priv->stations[index].sta.sta.addr, addr)) {
467 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
468 return index;
469 }
470
471
472 IWL_DEBUG_ASSOC("Add STA ID %d: %s\n", index, print_mac(mac, addr));
473 station = &priv->stations[index];
474 station->used = 1;
475 priv->num_stations++;
476
477 /* Set up the REPLY_ADD_STA command to send to device */
478 memset(&station->sta, 0, sizeof(struct iwl4965_addsta_cmd));
479 memcpy(station->sta.sta.addr, addr, ETH_ALEN);
480 station->sta.mode = 0;
481 station->sta.sta.sta_id = index;
482 station->sta.station_flags = 0;
483
484 #ifdef CONFIG_IWL4965_HT
485 /* BCAST station and IBSS stations do not work in HT mode */
486 if (index != priv->hw_setting.bcast_sta_id &&
487 priv->iw_mode != IEEE80211_IF_TYPE_IBSS)
488 iwl4965_set_ht_add_station(priv, index,
489 (struct ieee80211_ht_info *) ht_data);
490 #endif /*CONFIG_IWL4965_HT*/
491
492 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
493
494 /* Add station to device's station table */
495 iwl4965_send_add_station(priv, &station->sta, flags);
496 return index;
497
498 }
499
500
501
502 /*************** HOST COMMAND QUEUE FUNCTIONS *****/
503
504 /**
505 * iwl4965_enqueue_hcmd - enqueue a uCode command
506 * @priv: device private data point
507 * @cmd: a point to the ucode command structure
508 *
509 * The function returns < 0 values to indicate the operation is
510 * failed. On success, it turns the index (> 0) of command in the
511 * command queue.
512 */
513 int iwl4965_enqueue_hcmd(struct iwl_priv *priv, struct iwl_host_cmd *cmd)
514 {
515 struct iwl4965_tx_queue *txq = &priv->txq[IWL_CMD_QUEUE_NUM];
516 struct iwl4965_queue *q = &txq->q;
517 struct iwl4965_tfd_frame *tfd;
518 u32 *control_flags;
519 struct iwl_cmd *out_cmd;
520 u32 idx;
521 u16 fix_size = (u16)(cmd->len + sizeof(out_cmd->hdr));
522 dma_addr_t phys_addr;
523 int ret;
524 unsigned long flags;
525
526 /* If any of the command structures end up being larger than
527 * the TFD_MAX_PAYLOAD_SIZE, and it sent as a 'small' command then
528 * we will need to increase the size of the TFD entries */
529 BUG_ON((fix_size > TFD_MAX_PAYLOAD_SIZE) &&
530 !(cmd->meta.flags & CMD_SIZE_HUGE));
531
532 if (iwl_is_rfkill(priv)) {
533 IWL_DEBUG_INFO("Not sending command - RF KILL");
534 return -EIO;
535 }
536
537 if (iwl4965_queue_space(q) < ((cmd->meta.flags & CMD_ASYNC) ? 2 : 1)) {
538 IWL_ERROR("No space for Tx\n");
539 return -ENOSPC;
540 }
541
542 spin_lock_irqsave(&priv->hcmd_lock, flags);
543
544 tfd = &txq->bd[q->write_ptr];
545 memset(tfd, 0, sizeof(*tfd));
546
547 control_flags = (u32 *) tfd;
548
549 idx = get_cmd_index(q, q->write_ptr, cmd->meta.flags & CMD_SIZE_HUGE);
550 out_cmd = &txq->cmd[idx];
551
552 out_cmd->hdr.cmd = cmd->id;
553 memcpy(&out_cmd->meta, &cmd->meta, sizeof(cmd->meta));
554 memcpy(&out_cmd->cmd.payload, cmd->data, cmd->len);
555
556 /* At this point, the out_cmd now has all of the incoming cmd
557 * information */
558
559 out_cmd->hdr.flags = 0;
560 out_cmd->hdr.sequence = cpu_to_le16(QUEUE_TO_SEQ(IWL_CMD_QUEUE_NUM) |
561 INDEX_TO_SEQ(q->write_ptr));
562 if (out_cmd->meta.flags & CMD_SIZE_HUGE)
563 out_cmd->hdr.sequence |= cpu_to_le16(SEQ_HUGE_FRAME);
564
565 phys_addr = txq->dma_addr_cmd + sizeof(txq->cmd[0]) * idx +
566 offsetof(struct iwl_cmd, hdr);
567 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, phys_addr, fix_size);
568
569 IWL_DEBUG_HC("Sending command %s (#%x), seq: 0x%04X, "
570 "%d bytes at %d[%d]:%d\n",
571 get_cmd_string(out_cmd->hdr.cmd),
572 out_cmd->hdr.cmd, le16_to_cpu(out_cmd->hdr.sequence),
573 fix_size, q->write_ptr, idx, IWL_CMD_QUEUE_NUM);
574
575 txq->need_update = 1;
576
577 /* Set up entry in queue's byte count circular buffer */
578 ret = iwl4965_tx_queue_update_wr_ptr(priv, txq, 0);
579
580 /* Increment and update queue's write index */
581 q->write_ptr = iwl_queue_inc_wrap(q->write_ptr, q->n_bd);
582 iwl4965_tx_queue_update_write_ptr(priv, txq);
583
584 spin_unlock_irqrestore(&priv->hcmd_lock, flags);
585 return ret ? ret : idx;
586 }
587
588 static void iwl4965_set_rxon_hwcrypto(struct iwl_priv *priv, int hw_decrypt)
589 {
590 struct iwl4965_rxon_cmd *rxon = &priv->staging_rxon;
591
592 if (hw_decrypt)
593 rxon->filter_flags &= ~RXON_FILTER_DIS_DECRYPT_MSK;
594 else
595 rxon->filter_flags |= RXON_FILTER_DIS_DECRYPT_MSK;
596
597 }
598
599 int iwl4965_send_statistics_request(struct iwl_priv *priv)
600 {
601 u32 flags = 0;
602 return iwl_send_cmd_pdu(priv, REPLY_STATISTICS_CMD,
603 sizeof(flags), &flags);
604 }
605
606 /**
607 * iwl4965_rxon_add_station - add station into station table.
608 *
609 * there is only one AP station with id= IWL_AP_ID
610 * NOTE: mutex must be held before calling this fnction
611 */
612 static int iwl4965_rxon_add_station(struct iwl_priv *priv,
613 const u8 *addr, int is_ap)
614 {
615 u8 sta_id;
616
617 /* Add station to device's station table */
618 #ifdef CONFIG_IWL4965_HT
619 struct ieee80211_conf *conf = &priv->hw->conf;
620 struct ieee80211_ht_info *cur_ht_config = &conf->ht_conf;
621
622 if ((is_ap) &&
623 (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) &&
624 (priv->iw_mode == IEEE80211_IF_TYPE_STA))
625 sta_id = iwl4965_add_station_flags(priv, addr, is_ap,
626 0, cur_ht_config);
627 else
628 #endif /* CONFIG_IWL4965_HT */
629 sta_id = iwl4965_add_station_flags(priv, addr, is_ap,
630 0, NULL);
631
632 /* Set up default rate scaling table in device's station table */
633 iwl4965_add_station(priv, addr, is_ap);
634
635 return sta_id;
636 }
637
638 /**
639 * iwl4965_check_rxon_cmd - validate RXON structure is valid
640 *
641 * NOTE: This is really only useful during development and can eventually
642 * be #ifdef'd out once the driver is stable and folks aren't actively
643 * making changes
644 */
645 static int iwl4965_check_rxon_cmd(struct iwl4965_rxon_cmd *rxon)
646 {
647 int error = 0;
648 int counter = 1;
649
650 if (rxon->flags & RXON_FLG_BAND_24G_MSK) {
651 error |= le32_to_cpu(rxon->flags &
652 (RXON_FLG_TGJ_NARROW_BAND_MSK |
653 RXON_FLG_RADAR_DETECT_MSK));
654 if (error)
655 IWL_WARNING("check 24G fields %d | %d\n",
656 counter++, error);
657 } else {
658 error |= (rxon->flags & RXON_FLG_SHORT_SLOT_MSK) ?
659 0 : le32_to_cpu(RXON_FLG_SHORT_SLOT_MSK);
660 if (error)
661 IWL_WARNING("check 52 fields %d | %d\n",
662 counter++, error);
663 error |= le32_to_cpu(rxon->flags & RXON_FLG_CCK_MSK);
664 if (error)
665 IWL_WARNING("check 52 CCK %d | %d\n",
666 counter++, error);
667 }
668 error |= (rxon->node_addr[0] | rxon->bssid_addr[0]) & 0x1;
669 if (error)
670 IWL_WARNING("check mac addr %d | %d\n", counter++, error);
671
672 /* make sure basic rates 6Mbps and 1Mbps are supported */
673 error |= (((rxon->ofdm_basic_rates & IWL_RATE_6M_MASK) == 0) &&
674 ((rxon->cck_basic_rates & IWL_RATE_1M_MASK) == 0));
675 if (error)
676 IWL_WARNING("check basic rate %d | %d\n", counter++, error);
677
678 error |= (le16_to_cpu(rxon->assoc_id) > 2007);
679 if (error)
680 IWL_WARNING("check assoc id %d | %d\n", counter++, error);
681
682 error |= ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK))
683 == (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK));
684 if (error)
685 IWL_WARNING("check CCK and short slot %d | %d\n",
686 counter++, error);
687
688 error |= ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_AUTO_DETECT_MSK))
689 == (RXON_FLG_CCK_MSK | RXON_FLG_AUTO_DETECT_MSK));
690 if (error)
691 IWL_WARNING("check CCK & auto detect %d | %d\n",
692 counter++, error);
693
694 error |= ((rxon->flags & (RXON_FLG_AUTO_DETECT_MSK |
695 RXON_FLG_TGG_PROTECT_MSK)) == RXON_FLG_TGG_PROTECT_MSK);
696 if (error)
697 IWL_WARNING("check TGG and auto detect %d | %d\n",
698 counter++, error);
699
700 if (error)
701 IWL_WARNING("Tuning to channel %d\n",
702 le16_to_cpu(rxon->channel));
703
704 if (error) {
705 IWL_ERROR("Not a valid iwl4965_rxon_assoc_cmd field values\n");
706 return -1;
707 }
708 return 0;
709 }
710
711 /**
712 * iwl4965_full_rxon_required - check if full RXON (vs RXON_ASSOC) cmd is needed
713 * @priv: staging_rxon is compared to active_rxon
714 *
715 * If the RXON structure is changing enough to require a new tune,
716 * or is clearing the RXON_FILTER_ASSOC_MSK, then return 1 to indicate that
717 * a new tune (full RXON command, rather than RXON_ASSOC cmd) is required.
718 */
719 static int iwl4965_full_rxon_required(struct iwl_priv *priv)
720 {
721
722 /* These items are only settable from the full RXON command */
723 if (!(priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) ||
724 compare_ether_addr(priv->staging_rxon.bssid_addr,
725 priv->active_rxon.bssid_addr) ||
726 compare_ether_addr(priv->staging_rxon.node_addr,
727 priv->active_rxon.node_addr) ||
728 compare_ether_addr(priv->staging_rxon.wlap_bssid_addr,
729 priv->active_rxon.wlap_bssid_addr) ||
730 (priv->staging_rxon.dev_type != priv->active_rxon.dev_type) ||
731 (priv->staging_rxon.channel != priv->active_rxon.channel) ||
732 (priv->staging_rxon.air_propagation !=
733 priv->active_rxon.air_propagation) ||
734 (priv->staging_rxon.ofdm_ht_single_stream_basic_rates !=
735 priv->active_rxon.ofdm_ht_single_stream_basic_rates) ||
736 (priv->staging_rxon.ofdm_ht_dual_stream_basic_rates !=
737 priv->active_rxon.ofdm_ht_dual_stream_basic_rates) ||
738 (priv->staging_rxon.rx_chain != priv->active_rxon.rx_chain) ||
739 (priv->staging_rxon.assoc_id != priv->active_rxon.assoc_id))
740 return 1;
741
742 /* flags, filter_flags, ofdm_basic_rates, and cck_basic_rates can
743 * be updated with the RXON_ASSOC command -- however only some
744 * flag transitions are allowed using RXON_ASSOC */
745
746 /* Check if we are not switching bands */
747 if ((priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) !=
748 (priv->active_rxon.flags & RXON_FLG_BAND_24G_MSK))
749 return 1;
750
751 /* Check if we are switching association toggle */
752 if ((priv->staging_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) !=
753 (priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK))
754 return 1;
755
756 return 0;
757 }
758
759 static int iwl4965_send_rxon_assoc(struct iwl_priv *priv)
760 {
761 int rc = 0;
762 struct iwl4965_rx_packet *res = NULL;
763 struct iwl4965_rxon_assoc_cmd rxon_assoc;
764 struct iwl_host_cmd cmd = {
765 .id = REPLY_RXON_ASSOC,
766 .len = sizeof(rxon_assoc),
767 .meta.flags = CMD_WANT_SKB,
768 .data = &rxon_assoc,
769 };
770 const struct iwl4965_rxon_cmd *rxon1 = &priv->staging_rxon;
771 const struct iwl4965_rxon_cmd *rxon2 = &priv->active_rxon;
772
773 if ((rxon1->flags == rxon2->flags) &&
774 (rxon1->filter_flags == rxon2->filter_flags) &&
775 (rxon1->cck_basic_rates == rxon2->cck_basic_rates) &&
776 (rxon1->ofdm_ht_single_stream_basic_rates ==
777 rxon2->ofdm_ht_single_stream_basic_rates) &&
778 (rxon1->ofdm_ht_dual_stream_basic_rates ==
779 rxon2->ofdm_ht_dual_stream_basic_rates) &&
780 (rxon1->rx_chain == rxon2->rx_chain) &&
781 (rxon1->ofdm_basic_rates == rxon2->ofdm_basic_rates)) {
782 IWL_DEBUG_INFO("Using current RXON_ASSOC. Not resending.\n");
783 return 0;
784 }
785
786 rxon_assoc.flags = priv->staging_rxon.flags;
787 rxon_assoc.filter_flags = priv->staging_rxon.filter_flags;
788 rxon_assoc.ofdm_basic_rates = priv->staging_rxon.ofdm_basic_rates;
789 rxon_assoc.cck_basic_rates = priv->staging_rxon.cck_basic_rates;
790 rxon_assoc.reserved = 0;
791 rxon_assoc.ofdm_ht_single_stream_basic_rates =
792 priv->staging_rxon.ofdm_ht_single_stream_basic_rates;
793 rxon_assoc.ofdm_ht_dual_stream_basic_rates =
794 priv->staging_rxon.ofdm_ht_dual_stream_basic_rates;
795 rxon_assoc.rx_chain_select_flags = priv->staging_rxon.rx_chain;
796
797 rc = iwl_send_cmd_sync(priv, &cmd);
798 if (rc)
799 return rc;
800
801 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
802 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
803 IWL_ERROR("Bad return from REPLY_RXON_ASSOC command\n");
804 rc = -EIO;
805 }
806
807 priv->alloc_rxb_skb--;
808 dev_kfree_skb_any(cmd.meta.u.skb);
809
810 return rc;
811 }
812
813 /**
814 * iwl4965_commit_rxon - commit staging_rxon to hardware
815 *
816 * The RXON command in staging_rxon is committed to the hardware and
817 * the active_rxon structure is updated with the new data. This
818 * function correctly transitions out of the RXON_ASSOC_MSK state if
819 * a HW tune is required based on the RXON structure changes.
820 */
821 static int iwl4965_commit_rxon(struct iwl_priv *priv)
822 {
823 /* cast away the const for active_rxon in this function */
824 struct iwl4965_rxon_cmd *active_rxon = (void *)&priv->active_rxon;
825 DECLARE_MAC_BUF(mac);
826 int rc = 0;
827
828 if (!iwl_is_alive(priv))
829 return -1;
830
831 /* always get timestamp with Rx frame */
832 priv->staging_rxon.flags |= RXON_FLG_TSF2HOST_MSK;
833
834 rc = iwl4965_check_rxon_cmd(&priv->staging_rxon);
835 if (rc) {
836 IWL_ERROR("Invalid RXON configuration. Not committing.\n");
837 return -EINVAL;
838 }
839
840 /* If we don't need to send a full RXON, we can use
841 * iwl4965_rxon_assoc_cmd which is used to reconfigure filter
842 * and other flags for the current radio configuration. */
843 if (!iwl4965_full_rxon_required(priv)) {
844 rc = iwl4965_send_rxon_assoc(priv);
845 if (rc) {
846 IWL_ERROR("Error setting RXON_ASSOC "
847 "configuration (%d).\n", rc);
848 return rc;
849 }
850
851 memcpy(active_rxon, &priv->staging_rxon, sizeof(*active_rxon));
852
853 return 0;
854 }
855
856 /* station table will be cleared */
857 priv->assoc_station_added = 0;
858
859 #ifdef CONFIG_IWL4965_SENSITIVITY
860 priv->sensitivity_data.state = IWL_SENS_CALIB_NEED_REINIT;
861 if (!priv->error_recovering)
862 priv->start_calib = 0;
863
864 iwl4965_init_sensitivity(priv, CMD_ASYNC, 1);
865 #endif /* CONFIG_IWL4965_SENSITIVITY */
866
867 /* If we are currently associated and the new config requires
868 * an RXON_ASSOC and the new config wants the associated mask enabled,
869 * we must clear the associated from the active configuration
870 * before we apply the new config */
871 if (iwl_is_associated(priv) &&
872 (priv->staging_rxon.filter_flags & RXON_FILTER_ASSOC_MSK)) {
873 IWL_DEBUG_INFO("Toggling associated bit on current RXON\n");
874 active_rxon->filter_flags &= ~RXON_FILTER_ASSOC_MSK;
875
876 rc = iwl_send_cmd_pdu(priv, REPLY_RXON,
877 sizeof(struct iwl4965_rxon_cmd),
878 &priv->active_rxon);
879
880 /* If the mask clearing failed then we set
881 * active_rxon back to what it was previously */
882 if (rc) {
883 active_rxon->filter_flags |= RXON_FILTER_ASSOC_MSK;
884 IWL_ERROR("Error clearing ASSOC_MSK on current "
885 "configuration (%d).\n", rc);
886 return rc;
887 }
888 }
889
890 IWL_DEBUG_INFO("Sending RXON\n"
891 "* with%s RXON_FILTER_ASSOC_MSK\n"
892 "* channel = %d\n"
893 "* bssid = %s\n",
894 ((priv->staging_rxon.filter_flags &
895 RXON_FILTER_ASSOC_MSK) ? "" : "out"),
896 le16_to_cpu(priv->staging_rxon.channel),
897 print_mac(mac, priv->staging_rxon.bssid_addr));
898
899 iwl4965_set_rxon_hwcrypto(priv, priv->cfg->mod_params->hw_crypto);
900 /* Apply the new configuration */
901 rc = iwl_send_cmd_pdu(priv, REPLY_RXON,
902 sizeof(struct iwl4965_rxon_cmd), &priv->staging_rxon);
903 if (rc) {
904 IWL_ERROR("Error setting new configuration (%d).\n", rc);
905 return rc;
906 }
907
908 iwlcore_clear_stations_table(priv);
909
910 #ifdef CONFIG_IWL4965_SENSITIVITY
911 if (!priv->error_recovering)
912 priv->start_calib = 0;
913
914 priv->sensitivity_data.state = IWL_SENS_CALIB_NEED_REINIT;
915 iwl4965_init_sensitivity(priv, CMD_ASYNC, 1);
916 #endif /* CONFIG_IWL4965_SENSITIVITY */
917
918 memcpy(active_rxon, &priv->staging_rxon, sizeof(*active_rxon));
919
920 /* If we issue a new RXON command which required a tune then we must
921 * send a new TXPOWER command or we won't be able to Tx any frames */
922 rc = iwl4965_hw_reg_send_txpower(priv);
923 if (rc) {
924 IWL_ERROR("Error setting Tx power (%d).\n", rc);
925 return rc;
926 }
927
928 /* Add the broadcast address so we can send broadcast frames */
929 if (iwl4965_rxon_add_station(priv, iwl4965_broadcast_addr, 0) ==
930 IWL_INVALID_STATION) {
931 IWL_ERROR("Error adding BROADCAST address for transmit.\n");
932 return -EIO;
933 }
934
935 /* If we have set the ASSOC_MSK and we are in BSS mode then
936 * add the IWL_AP_ID to the station rate table */
937 if (iwl_is_associated(priv) &&
938 (priv->iw_mode == IEEE80211_IF_TYPE_STA)) {
939 if (iwl4965_rxon_add_station(priv, priv->active_rxon.bssid_addr, 1)
940 == IWL_INVALID_STATION) {
941 IWL_ERROR("Error adding AP address for transmit.\n");
942 return -EIO;
943 }
944 priv->assoc_station_added = 1;
945 if (priv->default_wep_key &&
946 iwl_send_static_wepkey_cmd(priv, 0))
947 IWL_ERROR("Could not send WEP static key.\n");
948 }
949
950 return 0;
951 }
952
953 static int iwl4965_send_bt_config(struct iwl_priv *priv)
954 {
955 struct iwl4965_bt_cmd bt_cmd = {
956 .flags = 3,
957 .lead_time = 0xAA,
958 .max_kill = 1,
959 .kill_ack_mask = 0,
960 .kill_cts_mask = 0,
961 };
962
963 return iwl_send_cmd_pdu(priv, REPLY_BT_CONFIG,
964 sizeof(struct iwl4965_bt_cmd), &bt_cmd);
965 }
966
967 static int iwl4965_send_scan_abort(struct iwl_priv *priv)
968 {
969 int rc = 0;
970 struct iwl4965_rx_packet *res;
971 struct iwl_host_cmd cmd = {
972 .id = REPLY_SCAN_ABORT_CMD,
973 .meta.flags = CMD_WANT_SKB,
974 };
975
976 /* If there isn't a scan actively going on in the hardware
977 * then we are in between scan bands and not actually
978 * actively scanning, so don't send the abort command */
979 if (!test_bit(STATUS_SCAN_HW, &priv->status)) {
980 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
981 return 0;
982 }
983
984 rc = iwl_send_cmd_sync(priv, &cmd);
985 if (rc) {
986 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
987 return rc;
988 }
989
990 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
991 if (res->u.status != CAN_ABORT_STATUS) {
992 /* The scan abort will return 1 for success or
993 * 2 for "failure". A failure condition can be
994 * due to simply not being in an active scan which
995 * can occur if we send the scan abort before we
996 * the microcode has notified us that a scan is
997 * completed. */
998 IWL_DEBUG_INFO("SCAN_ABORT returned %d.\n", res->u.status);
999 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1000 clear_bit(STATUS_SCAN_HW, &priv->status);
1001 }
1002
1003 dev_kfree_skb_any(cmd.meta.u.skb);
1004
1005 return rc;
1006 }
1007
1008 static int iwl4965_card_state_sync_callback(struct iwl_priv *priv,
1009 struct iwl_cmd *cmd,
1010 struct sk_buff *skb)
1011 {
1012 return 1;
1013 }
1014
1015 /*
1016 * CARD_STATE_CMD
1017 *
1018 * Use: Sets the device's internal card state to enable, disable, or halt
1019 *
1020 * When in the 'enable' state the card operates as normal.
1021 * When in the 'disable' state, the card enters into a low power mode.
1022 * When in the 'halt' state, the card is shut down and must be fully
1023 * restarted to come back on.
1024 */
1025 static int iwl4965_send_card_state(struct iwl_priv *priv, u32 flags, u8 meta_flag)
1026 {
1027 struct iwl_host_cmd cmd = {
1028 .id = REPLY_CARD_STATE_CMD,
1029 .len = sizeof(u32),
1030 .data = &flags,
1031 .meta.flags = meta_flag,
1032 };
1033
1034 if (meta_flag & CMD_ASYNC)
1035 cmd.meta.u.callback = iwl4965_card_state_sync_callback;
1036
1037 return iwl_send_cmd(priv, &cmd);
1038 }
1039
1040 static int iwl4965_add_sta_sync_callback(struct iwl_priv *priv,
1041 struct iwl_cmd *cmd, struct sk_buff *skb)
1042 {
1043 struct iwl4965_rx_packet *res = NULL;
1044
1045 if (!skb) {
1046 IWL_ERROR("Error: Response NULL in REPLY_ADD_STA.\n");
1047 return 1;
1048 }
1049
1050 res = (struct iwl4965_rx_packet *)skb->data;
1051 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1052 IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
1053 res->hdr.flags);
1054 return 1;
1055 }
1056
1057 switch (res->u.add_sta.status) {
1058 case ADD_STA_SUCCESS_MSK:
1059 break;
1060 default:
1061 break;
1062 }
1063
1064 /* We didn't cache the SKB; let the caller free it */
1065 return 1;
1066 }
1067
1068 int iwl4965_send_add_station(struct iwl_priv *priv,
1069 struct iwl4965_addsta_cmd *sta, u8 flags)
1070 {
1071 struct iwl4965_rx_packet *res = NULL;
1072 int rc = 0;
1073 struct iwl_host_cmd cmd = {
1074 .id = REPLY_ADD_STA,
1075 .len = sizeof(struct iwl4965_addsta_cmd),
1076 .meta.flags = flags,
1077 .data = sta,
1078 };
1079
1080 if (flags & CMD_ASYNC)
1081 cmd.meta.u.callback = iwl4965_add_sta_sync_callback;
1082 else
1083 cmd.meta.flags |= CMD_WANT_SKB;
1084
1085 rc = iwl_send_cmd(priv, &cmd);
1086
1087 if (rc || (flags & CMD_ASYNC))
1088 return rc;
1089
1090 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
1091 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1092 IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
1093 res->hdr.flags);
1094 rc = -EIO;
1095 }
1096
1097 if (rc == 0) {
1098 switch (res->u.add_sta.status) {
1099 case ADD_STA_SUCCESS_MSK:
1100 IWL_DEBUG_INFO("REPLY_ADD_STA PASSED\n");
1101 break;
1102 default:
1103 rc = -EIO;
1104 IWL_WARNING("REPLY_ADD_STA failed\n");
1105 break;
1106 }
1107 }
1108
1109 priv->alloc_rxb_skb--;
1110 dev_kfree_skb_any(cmd.meta.u.skb);
1111
1112 return rc;
1113 }
1114
1115 static void iwl4965_clear_free_frames(struct iwl_priv *priv)
1116 {
1117 struct list_head *element;
1118
1119 IWL_DEBUG_INFO("%d frames on pre-allocated heap on clear.\n",
1120 priv->frames_count);
1121
1122 while (!list_empty(&priv->free_frames)) {
1123 element = priv->free_frames.next;
1124 list_del(element);
1125 kfree(list_entry(element, struct iwl4965_frame, list));
1126 priv->frames_count--;
1127 }
1128
1129 if (priv->frames_count) {
1130 IWL_WARNING("%d frames still in use. Did we lose one?\n",
1131 priv->frames_count);
1132 priv->frames_count = 0;
1133 }
1134 }
1135
1136 static struct iwl4965_frame *iwl4965_get_free_frame(struct iwl_priv *priv)
1137 {
1138 struct iwl4965_frame *frame;
1139 struct list_head *element;
1140 if (list_empty(&priv->free_frames)) {
1141 frame = kzalloc(sizeof(*frame), GFP_KERNEL);
1142 if (!frame) {
1143 IWL_ERROR("Could not allocate frame!\n");
1144 return NULL;
1145 }
1146
1147 priv->frames_count++;
1148 return frame;
1149 }
1150
1151 element = priv->free_frames.next;
1152 list_del(element);
1153 return list_entry(element, struct iwl4965_frame, list);
1154 }
1155
1156 static void iwl4965_free_frame(struct iwl_priv *priv, struct iwl4965_frame *frame)
1157 {
1158 memset(frame, 0, sizeof(*frame));
1159 list_add(&frame->list, &priv->free_frames);
1160 }
1161
1162 unsigned int iwl4965_fill_beacon_frame(struct iwl_priv *priv,
1163 struct ieee80211_hdr *hdr,
1164 const u8 *dest, int left)
1165 {
1166
1167 if (!iwl_is_associated(priv) || !priv->ibss_beacon ||
1168 ((priv->iw_mode != IEEE80211_IF_TYPE_IBSS) &&
1169 (priv->iw_mode != IEEE80211_IF_TYPE_AP)))
1170 return 0;
1171
1172 if (priv->ibss_beacon->len > left)
1173 return 0;
1174
1175 memcpy(hdr, priv->ibss_beacon->data, priv->ibss_beacon->len);
1176
1177 return priv->ibss_beacon->len;
1178 }
1179
1180 static u8 iwl4965_rate_get_lowest_plcp(int rate_mask)
1181 {
1182 u8 i;
1183
1184 for (i = IWL_RATE_1M_INDEX; i != IWL_RATE_INVALID;
1185 i = iwl4965_rates[i].next_ieee) {
1186 if (rate_mask & (1 << i))
1187 return iwl4965_rates[i].plcp;
1188 }
1189
1190 return IWL_RATE_INVALID;
1191 }
1192
1193 static int iwl4965_send_beacon_cmd(struct iwl_priv *priv)
1194 {
1195 struct iwl4965_frame *frame;
1196 unsigned int frame_size;
1197 int rc;
1198 u8 rate;
1199
1200 frame = iwl4965_get_free_frame(priv);
1201
1202 if (!frame) {
1203 IWL_ERROR("Could not obtain free frame buffer for beacon "
1204 "command.\n");
1205 return -ENOMEM;
1206 }
1207
1208 if (!(priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK)) {
1209 rate = iwl4965_rate_get_lowest_plcp(priv->active_rate_basic &
1210 0xFF0);
1211 if (rate == IWL_INVALID_RATE)
1212 rate = IWL_RATE_6M_PLCP;
1213 } else {
1214 rate = iwl4965_rate_get_lowest_plcp(priv->active_rate_basic & 0xF);
1215 if (rate == IWL_INVALID_RATE)
1216 rate = IWL_RATE_1M_PLCP;
1217 }
1218
1219 frame_size = iwl4965_hw_get_beacon_cmd(priv, frame, rate);
1220
1221 rc = iwl_send_cmd_pdu(priv, REPLY_TX_BEACON, frame_size,
1222 &frame->u.cmd[0]);
1223
1224 iwl4965_free_frame(priv, frame);
1225
1226 return rc;
1227 }
1228
1229 /******************************************************************************
1230 *
1231 * Misc. internal state and helper functions
1232 *
1233 ******************************************************************************/
1234
1235 static void iwl4965_unset_hw_setting(struct iwl_priv *priv)
1236 {
1237 if (priv->hw_setting.shared_virt)
1238 pci_free_consistent(priv->pci_dev,
1239 sizeof(struct iwl4965_shared),
1240 priv->hw_setting.shared_virt,
1241 priv->hw_setting.shared_phys);
1242 }
1243
1244 /**
1245 * iwl4965_supported_rate_to_ie - fill in the supported rate in IE field
1246 *
1247 * return : set the bit for each supported rate insert in ie
1248 */
1249 static u16 iwl4965_supported_rate_to_ie(u8 *ie, u16 supported_rate,
1250 u16 basic_rate, int *left)
1251 {
1252 u16 ret_rates = 0, bit;
1253 int i;
1254 u8 *cnt = ie;
1255 u8 *rates = ie + 1;
1256
1257 for (bit = 1, i = 0; i < IWL_RATE_COUNT; i++, bit <<= 1) {
1258 if (bit & supported_rate) {
1259 ret_rates |= bit;
1260 rates[*cnt] = iwl4965_rates[i].ieee |
1261 ((bit & basic_rate) ? 0x80 : 0x00);
1262 (*cnt)++;
1263 (*left)--;
1264 if ((*left <= 0) ||
1265 (*cnt >= IWL_SUPPORTED_RATES_IE_LEN))
1266 break;
1267 }
1268 }
1269
1270 return ret_rates;
1271 }
1272
1273 /**
1274 * iwl4965_fill_probe_req - fill in all required fields and IE for probe request
1275 */
1276 static u16 iwl4965_fill_probe_req(struct iwl_priv *priv,
1277 enum ieee80211_band band,
1278 struct ieee80211_mgmt *frame,
1279 int left, int is_direct)
1280 {
1281 int len = 0;
1282 u8 *pos = NULL;
1283 u16 active_rates, ret_rates, cck_rates, active_rate_basic;
1284 #ifdef CONFIG_IWL4965_HT
1285 const struct ieee80211_supported_band *sband =
1286 iwl4965_get_hw_mode(priv, band);
1287 #endif /* CONFIG_IWL4965_HT */
1288
1289 /* Make sure there is enough space for the probe request,
1290 * two mandatory IEs and the data */
1291 left -= 24;
1292 if (left < 0)
1293 return 0;
1294 len += 24;
1295
1296 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
1297 memcpy(frame->da, iwl4965_broadcast_addr, ETH_ALEN);
1298 memcpy(frame->sa, priv->mac_addr, ETH_ALEN);
1299 memcpy(frame->bssid, iwl4965_broadcast_addr, ETH_ALEN);
1300 frame->seq_ctrl = 0;
1301
1302 /* fill in our indirect SSID IE */
1303 /* ...next IE... */
1304
1305 left -= 2;
1306 if (left < 0)
1307 return 0;
1308 len += 2;
1309 pos = &(frame->u.probe_req.variable[0]);
1310 *pos++ = WLAN_EID_SSID;
1311 *pos++ = 0;
1312
1313 /* fill in our direct SSID IE... */
1314 if (is_direct) {
1315 /* ...next IE... */
1316 left -= 2 + priv->essid_len;
1317 if (left < 0)
1318 return 0;
1319 /* ... fill it in... */
1320 *pos++ = WLAN_EID_SSID;
1321 *pos++ = priv->essid_len;
1322 memcpy(pos, priv->essid, priv->essid_len);
1323 pos += priv->essid_len;
1324 len += 2 + priv->essid_len;
1325 }
1326
1327 /* fill in supported rate */
1328 /* ...next IE... */
1329 left -= 2;
1330 if (left < 0)
1331 return 0;
1332
1333 /* ... fill it in... */
1334 *pos++ = WLAN_EID_SUPP_RATES;
1335 *pos = 0;
1336
1337 /* exclude 60M rate */
1338 active_rates = priv->rates_mask;
1339 active_rates &= ~IWL_RATE_60M_MASK;
1340
1341 active_rate_basic = active_rates & IWL_BASIC_RATES_MASK;
1342
1343 cck_rates = IWL_CCK_RATES_MASK & active_rates;
1344 ret_rates = iwl4965_supported_rate_to_ie(pos, cck_rates,
1345 active_rate_basic, &left);
1346 active_rates &= ~ret_rates;
1347
1348 ret_rates = iwl4965_supported_rate_to_ie(pos, active_rates,
1349 active_rate_basic, &left);
1350 active_rates &= ~ret_rates;
1351
1352 len += 2 + *pos;
1353 pos += (*pos) + 1;
1354 if (active_rates == 0)
1355 goto fill_end;
1356
1357 /* fill in supported extended rate */
1358 /* ...next IE... */
1359 left -= 2;
1360 if (left < 0)
1361 return 0;
1362 /* ... fill it in... */
1363 *pos++ = WLAN_EID_EXT_SUPP_RATES;
1364 *pos = 0;
1365 iwl4965_supported_rate_to_ie(pos, active_rates,
1366 active_rate_basic, &left);
1367 if (*pos > 0)
1368 len += 2 + *pos;
1369
1370 #ifdef CONFIG_IWL4965_HT
1371 if (sband && sband->ht_info.ht_supported) {
1372 struct ieee80211_ht_cap *ht_cap;
1373 pos += (*pos) + 1;
1374 *pos++ = WLAN_EID_HT_CAPABILITY;
1375 *pos++ = sizeof(struct ieee80211_ht_cap);
1376 ht_cap = (struct ieee80211_ht_cap *)pos;
1377 ht_cap->cap_info = cpu_to_le16(sband->ht_info.cap);
1378 memcpy(ht_cap->supp_mcs_set, sband->ht_info.supp_mcs_set, 16);
1379 ht_cap->ampdu_params_info =(sband->ht_info.ampdu_factor &
1380 IEEE80211_HT_CAP_AMPDU_FACTOR) |
1381 ((sband->ht_info.ampdu_density << 2) &
1382 IEEE80211_HT_CAP_AMPDU_DENSITY);
1383 len += 2 + sizeof(struct ieee80211_ht_cap);
1384 }
1385 #endif /*CONFIG_IWL4965_HT */
1386
1387 fill_end:
1388 return (u16)len;
1389 }
1390
1391 /*
1392 * QoS support
1393 */
1394 static int iwl4965_send_qos_params_command(struct iwl_priv *priv,
1395 struct iwl4965_qosparam_cmd *qos)
1396 {
1397
1398 return iwl_send_cmd_pdu(priv, REPLY_QOS_PARAM,
1399 sizeof(struct iwl4965_qosparam_cmd), qos);
1400 }
1401
1402 static void iwl4965_activate_qos(struct iwl_priv *priv, u8 force)
1403 {
1404 unsigned long flags;
1405
1406 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
1407 return;
1408
1409 if (!priv->qos_data.qos_enable)
1410 return;
1411
1412 spin_lock_irqsave(&priv->lock, flags);
1413 priv->qos_data.def_qos_parm.qos_flags = 0;
1414
1415 if (priv->qos_data.qos_cap.q_AP.queue_request &&
1416 !priv->qos_data.qos_cap.q_AP.txop_request)
1417 priv->qos_data.def_qos_parm.qos_flags |=
1418 QOS_PARAM_FLG_TXOP_TYPE_MSK;
1419 if (priv->qos_data.qos_active)
1420 priv->qos_data.def_qos_parm.qos_flags |=
1421 QOS_PARAM_FLG_UPDATE_EDCA_MSK;
1422
1423 #ifdef CONFIG_IWL4965_HT
1424 if (priv->current_ht_config.is_ht)
1425 priv->qos_data.def_qos_parm.qos_flags |= QOS_PARAM_FLG_TGN_MSK;
1426 #endif /* CONFIG_IWL4965_HT */
1427
1428 spin_unlock_irqrestore(&priv->lock, flags);
1429
1430 if (force || iwl_is_associated(priv)) {
1431 IWL_DEBUG_QOS("send QoS cmd with Qos active=%d FLAGS=0x%X\n",
1432 priv->qos_data.qos_active,
1433 priv->qos_data.def_qos_parm.qos_flags);
1434
1435 iwl4965_send_qos_params_command(priv,
1436 &(priv->qos_data.def_qos_parm));
1437 }
1438 }
1439
1440 /*
1441 * Power management (not Tx power!) functions
1442 */
1443 #define MSEC_TO_USEC 1024
1444
1445 #define NOSLP __constant_cpu_to_le16(0), 0, 0
1446 #define SLP IWL_POWER_DRIVER_ALLOW_SLEEP_MSK, 0, 0
1447 #define SLP_TIMEOUT(T) __constant_cpu_to_le32((T) * MSEC_TO_USEC)
1448 #define SLP_VEC(X0, X1, X2, X3, X4) {__constant_cpu_to_le32(X0), \
1449 __constant_cpu_to_le32(X1), \
1450 __constant_cpu_to_le32(X2), \
1451 __constant_cpu_to_le32(X3), \
1452 __constant_cpu_to_le32(X4)}
1453
1454
1455 /* default power management (not Tx power) table values */
1456 /* for tim 0-10 */
1457 static struct iwl4965_power_vec_entry range_0[IWL_POWER_AC] = {
1458 {{NOSLP, SLP_TIMEOUT(0), SLP_TIMEOUT(0), SLP_VEC(0, 0, 0, 0, 0)}, 0},
1459 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(500), SLP_VEC(1, 2, 3, 4, 4)}, 0},
1460 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(300), SLP_VEC(2, 4, 6, 7, 7)}, 0},
1461 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(100), SLP_VEC(2, 6, 9, 9, 10)}, 0},
1462 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(25), SLP_VEC(2, 7, 9, 9, 10)}, 1},
1463 {{SLP, SLP_TIMEOUT(25), SLP_TIMEOUT(25), SLP_VEC(4, 7, 10, 10, 10)}, 1}
1464 };
1465
1466 /* for tim > 10 */
1467 static struct iwl4965_power_vec_entry range_1[IWL_POWER_AC] = {
1468 {{NOSLP, SLP_TIMEOUT(0), SLP_TIMEOUT(0), SLP_VEC(0, 0, 0, 0, 0)}, 0},
1469 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(500),
1470 SLP_VEC(1, 2, 3, 4, 0xFF)}, 0},
1471 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(300),
1472 SLP_VEC(2, 4, 6, 7, 0xFF)}, 0},
1473 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(100),
1474 SLP_VEC(2, 6, 9, 9, 0xFF)}, 0},
1475 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(25), SLP_VEC(2, 7, 9, 9, 0xFF)}, 0},
1476 {{SLP, SLP_TIMEOUT(25), SLP_TIMEOUT(25),
1477 SLP_VEC(4, 7, 10, 10, 0xFF)}, 0}
1478 };
1479
1480 int iwl4965_power_init_handle(struct iwl_priv *priv)
1481 {
1482 int rc = 0, i;
1483 struct iwl4965_power_mgr *pow_data;
1484 int size = sizeof(struct iwl4965_power_vec_entry) * IWL_POWER_AC;
1485 u16 pci_pm;
1486
1487 IWL_DEBUG_POWER("Initialize power \n");
1488
1489 pow_data = &(priv->power_data);
1490
1491 memset(pow_data, 0, sizeof(*pow_data));
1492
1493 pow_data->active_index = IWL_POWER_RANGE_0;
1494 pow_data->dtim_val = 0xffff;
1495
1496 memcpy(&pow_data->pwr_range_0[0], &range_0[0], size);
1497 memcpy(&pow_data->pwr_range_1[0], &range_1[0], size);
1498
1499 rc = pci_read_config_word(priv->pci_dev, PCI_LINK_CTRL, &pci_pm);
1500 if (rc != 0)
1501 return 0;
1502 else {
1503 struct iwl4965_powertable_cmd *cmd;
1504
1505 IWL_DEBUG_POWER("adjust power command flags\n");
1506
1507 for (i = 0; i < IWL_POWER_AC; i++) {
1508 cmd = &pow_data->pwr_range_0[i].cmd;
1509
1510 if (pci_pm & 0x1)
1511 cmd->flags &= ~IWL_POWER_PCI_PM_MSK;
1512 else
1513 cmd->flags |= IWL_POWER_PCI_PM_MSK;
1514 }
1515 }
1516 return rc;
1517 }
1518
1519 static int iwl4965_update_power_cmd(struct iwl_priv *priv,
1520 struct iwl4965_powertable_cmd *cmd, u32 mode)
1521 {
1522 int rc = 0, i;
1523 u8 skip;
1524 u32 max_sleep = 0;
1525 struct iwl4965_power_vec_entry *range;
1526 u8 period = 0;
1527 struct iwl4965_power_mgr *pow_data;
1528
1529 if (mode > IWL_POWER_INDEX_5) {
1530 IWL_DEBUG_POWER("Error invalid power mode \n");
1531 return -1;
1532 }
1533 pow_data = &(priv->power_data);
1534
1535 if (pow_data->active_index == IWL_POWER_RANGE_0)
1536 range = &pow_data->pwr_range_0[0];
1537 else
1538 range = &pow_data->pwr_range_1[1];
1539
1540 memcpy(cmd, &range[mode].cmd, sizeof(struct iwl4965_powertable_cmd));
1541
1542 #ifdef IWL_MAC80211_DISABLE
1543 if (priv->assoc_network != NULL) {
1544 unsigned long flags;
1545
1546 period = priv->assoc_network->tim.tim_period;
1547 }
1548 #endif /*IWL_MAC80211_DISABLE */
1549 skip = range[mode].no_dtim;
1550
1551 if (period == 0) {
1552 period = 1;
1553 skip = 0;
1554 }
1555
1556 if (skip == 0) {
1557 max_sleep = period;
1558 cmd->flags &= ~IWL_POWER_SLEEP_OVER_DTIM_MSK;
1559 } else {
1560 __le32 slp_itrvl = cmd->sleep_interval[IWL_POWER_VEC_SIZE - 1];
1561 max_sleep = (le32_to_cpu(slp_itrvl) / period) * period;
1562 cmd->flags |= IWL_POWER_SLEEP_OVER_DTIM_MSK;
1563 }
1564
1565 for (i = 0; i < IWL_POWER_VEC_SIZE; i++) {
1566 if (le32_to_cpu(cmd->sleep_interval[i]) > max_sleep)
1567 cmd->sleep_interval[i] = cpu_to_le32(max_sleep);
1568 }
1569
1570 IWL_DEBUG_POWER("Flags value = 0x%08X\n", cmd->flags);
1571 IWL_DEBUG_POWER("Tx timeout = %u\n", le32_to_cpu(cmd->tx_data_timeout));
1572 IWL_DEBUG_POWER("Rx timeout = %u\n", le32_to_cpu(cmd->rx_data_timeout));
1573 IWL_DEBUG_POWER("Sleep interval vector = { %d , %d , %d , %d , %d }\n",
1574 le32_to_cpu(cmd->sleep_interval[0]),
1575 le32_to_cpu(cmd->sleep_interval[1]),
1576 le32_to_cpu(cmd->sleep_interval[2]),
1577 le32_to_cpu(cmd->sleep_interval[3]),
1578 le32_to_cpu(cmd->sleep_interval[4]));
1579
1580 return rc;
1581 }
1582
1583 static int iwl4965_send_power_mode(struct iwl_priv *priv, u32 mode)
1584 {
1585 u32 uninitialized_var(final_mode);
1586 int rc;
1587 struct iwl4965_powertable_cmd cmd;
1588
1589 /* If on battery, set to 3,
1590 * if plugged into AC power, set to CAM ("continuously aware mode"),
1591 * else user level */
1592 switch (mode) {
1593 case IWL_POWER_BATTERY:
1594 final_mode = IWL_POWER_INDEX_3;
1595 break;
1596 case IWL_POWER_AC:
1597 final_mode = IWL_POWER_MODE_CAM;
1598 break;
1599 default:
1600 final_mode = mode;
1601 break;
1602 }
1603
1604 cmd.keep_alive_beacons = 0;
1605
1606 iwl4965_update_power_cmd(priv, &cmd, final_mode);
1607
1608 rc = iwl_send_cmd_pdu(priv, POWER_TABLE_CMD, sizeof(cmd), &cmd);
1609
1610 if (final_mode == IWL_POWER_MODE_CAM)
1611 clear_bit(STATUS_POWER_PMI, &priv->status);
1612 else
1613 set_bit(STATUS_POWER_PMI, &priv->status);
1614
1615 return rc;
1616 }
1617
1618 int iwl4965_is_network_packet(struct iwl_priv *priv, struct ieee80211_hdr *header)
1619 {
1620 /* Filter incoming packets to determine if they are targeted toward
1621 * this network, discarding packets coming from ourselves */
1622 switch (priv->iw_mode) {
1623 case IEEE80211_IF_TYPE_IBSS: /* Header: Dest. | Source | BSSID */
1624 /* packets from our adapter are dropped (echo) */
1625 if (!compare_ether_addr(header->addr2, priv->mac_addr))
1626 return 0;
1627 /* {broad,multi}cast packets to our IBSS go through */
1628 if (is_multicast_ether_addr(header->addr1))
1629 return !compare_ether_addr(header->addr3, priv->bssid);
1630 /* packets to our adapter go through */
1631 return !compare_ether_addr(header->addr1, priv->mac_addr);
1632 case IEEE80211_IF_TYPE_STA: /* Header: Dest. | AP{BSSID} | Source */
1633 /* packets from our adapter are dropped (echo) */
1634 if (!compare_ether_addr(header->addr3, priv->mac_addr))
1635 return 0;
1636 /* {broad,multi}cast packets to our BSS go through */
1637 if (is_multicast_ether_addr(header->addr1))
1638 return !compare_ether_addr(header->addr2, priv->bssid);
1639 /* packets to our adapter go through */
1640 return !compare_ether_addr(header->addr1, priv->mac_addr);
1641 default:
1642 break;
1643 }
1644
1645 return 1;
1646 }
1647
1648 #define TX_STATUS_ENTRY(x) case TX_STATUS_FAIL_ ## x: return #x
1649
1650 static const char *iwl4965_get_tx_fail_reason(u32 status)
1651 {
1652 switch (status & TX_STATUS_MSK) {
1653 case TX_STATUS_SUCCESS:
1654 return "SUCCESS";
1655 TX_STATUS_ENTRY(SHORT_LIMIT);
1656 TX_STATUS_ENTRY(LONG_LIMIT);
1657 TX_STATUS_ENTRY(FIFO_UNDERRUN);
1658 TX_STATUS_ENTRY(MGMNT_ABORT);
1659 TX_STATUS_ENTRY(NEXT_FRAG);
1660 TX_STATUS_ENTRY(LIFE_EXPIRE);
1661 TX_STATUS_ENTRY(DEST_PS);
1662 TX_STATUS_ENTRY(ABORTED);
1663 TX_STATUS_ENTRY(BT_RETRY);
1664 TX_STATUS_ENTRY(STA_INVALID);
1665 TX_STATUS_ENTRY(FRAG_DROPPED);
1666 TX_STATUS_ENTRY(TID_DISABLE);
1667 TX_STATUS_ENTRY(FRAME_FLUSHED);
1668 TX_STATUS_ENTRY(INSUFFICIENT_CF_POLL);
1669 TX_STATUS_ENTRY(TX_LOCKED);
1670 TX_STATUS_ENTRY(NO_BEACON_ON_RADAR);
1671 }
1672
1673 return "UNKNOWN";
1674 }
1675
1676 /**
1677 * iwl4965_scan_cancel - Cancel any currently executing HW scan
1678 *
1679 * NOTE: priv->mutex is not required before calling this function
1680 */
1681 static int iwl4965_scan_cancel(struct iwl_priv *priv)
1682 {
1683 if (!test_bit(STATUS_SCAN_HW, &priv->status)) {
1684 clear_bit(STATUS_SCANNING, &priv->status);
1685 return 0;
1686 }
1687
1688 if (test_bit(STATUS_SCANNING, &priv->status)) {
1689 if (!test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
1690 IWL_DEBUG_SCAN("Queuing scan abort.\n");
1691 set_bit(STATUS_SCAN_ABORTING, &priv->status);
1692 queue_work(priv->workqueue, &priv->abort_scan);
1693
1694 } else
1695 IWL_DEBUG_SCAN("Scan abort already in progress.\n");
1696
1697 return test_bit(STATUS_SCANNING, &priv->status);
1698 }
1699
1700 return 0;
1701 }
1702
1703 /**
1704 * iwl4965_scan_cancel_timeout - Cancel any currently executing HW scan
1705 * @ms: amount of time to wait (in milliseconds) for scan to abort
1706 *
1707 * NOTE: priv->mutex must be held before calling this function
1708 */
1709 static int iwl4965_scan_cancel_timeout(struct iwl_priv *priv, unsigned long ms)
1710 {
1711 unsigned long now = jiffies;
1712 int ret;
1713
1714 ret = iwl4965_scan_cancel(priv);
1715 if (ret && ms) {
1716 mutex_unlock(&priv->mutex);
1717 while (!time_after(jiffies, now + msecs_to_jiffies(ms)) &&
1718 test_bit(STATUS_SCANNING, &priv->status))
1719 msleep(1);
1720 mutex_lock(&priv->mutex);
1721
1722 return test_bit(STATUS_SCANNING, &priv->status);
1723 }
1724
1725 return ret;
1726 }
1727
1728 static void iwl4965_sequence_reset(struct iwl_priv *priv)
1729 {
1730 /* Reset ieee stats */
1731
1732 /* We don't reset the net_device_stats (ieee->stats) on
1733 * re-association */
1734
1735 priv->last_seq_num = -1;
1736 priv->last_frag_num = -1;
1737 priv->last_packet_time = 0;
1738
1739 iwl4965_scan_cancel(priv);
1740 }
1741
1742 #define MAX_UCODE_BEACON_INTERVAL 4096
1743 #define INTEL_CONN_LISTEN_INTERVAL __constant_cpu_to_le16(0xA)
1744
1745 static __le16 iwl4965_adjust_beacon_interval(u16 beacon_val)
1746 {
1747 u16 new_val = 0;
1748 u16 beacon_factor = 0;
1749
1750 beacon_factor =
1751 (beacon_val + MAX_UCODE_BEACON_INTERVAL)
1752 / MAX_UCODE_BEACON_INTERVAL;
1753 new_val = beacon_val / beacon_factor;
1754
1755 return cpu_to_le16(new_val);
1756 }
1757
1758 static void iwl4965_setup_rxon_timing(struct iwl_priv *priv)
1759 {
1760 u64 interval_tm_unit;
1761 u64 tsf, result;
1762 unsigned long flags;
1763 struct ieee80211_conf *conf = NULL;
1764 u16 beacon_int = 0;
1765
1766 conf = ieee80211_get_hw_conf(priv->hw);
1767
1768 spin_lock_irqsave(&priv->lock, flags);
1769 priv->rxon_timing.timestamp.dw[1] = cpu_to_le32(priv->timestamp >> 32);
1770 priv->rxon_timing.timestamp.dw[0] =
1771 cpu_to_le32(priv->timestamp & 0xFFFFFFFF);
1772
1773 priv->rxon_timing.listen_interval = INTEL_CONN_LISTEN_INTERVAL;
1774
1775 tsf = priv->timestamp;
1776
1777 beacon_int = priv->beacon_int;
1778 spin_unlock_irqrestore(&priv->lock, flags);
1779
1780 if (priv->iw_mode == IEEE80211_IF_TYPE_STA) {
1781 if (beacon_int == 0) {
1782 priv->rxon_timing.beacon_interval = cpu_to_le16(100);
1783 priv->rxon_timing.beacon_init_val = cpu_to_le32(102400);
1784 } else {
1785 priv->rxon_timing.beacon_interval =
1786 cpu_to_le16(beacon_int);
1787 priv->rxon_timing.beacon_interval =
1788 iwl4965_adjust_beacon_interval(
1789 le16_to_cpu(priv->rxon_timing.beacon_interval));
1790 }
1791
1792 priv->rxon_timing.atim_window = 0;
1793 } else {
1794 priv->rxon_timing.beacon_interval =
1795 iwl4965_adjust_beacon_interval(conf->beacon_int);
1796 /* TODO: we need to get atim_window from upper stack
1797 * for now we set to 0 */
1798 priv->rxon_timing.atim_window = 0;
1799 }
1800
1801 interval_tm_unit =
1802 (le16_to_cpu(priv->rxon_timing.beacon_interval) * 1024);
1803 result = do_div(tsf, interval_tm_unit);
1804 priv->rxon_timing.beacon_init_val =
1805 cpu_to_le32((u32) ((u64) interval_tm_unit - result));
1806
1807 IWL_DEBUG_ASSOC
1808 ("beacon interval %d beacon timer %d beacon tim %d\n",
1809 le16_to_cpu(priv->rxon_timing.beacon_interval),
1810 le32_to_cpu(priv->rxon_timing.beacon_init_val),
1811 le16_to_cpu(priv->rxon_timing.atim_window));
1812 }
1813
1814 static int iwl4965_scan_initiate(struct iwl_priv *priv)
1815 {
1816 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
1817 IWL_ERROR("APs don't scan.\n");
1818 return 0;
1819 }
1820
1821 if (!iwl_is_ready_rf(priv)) {
1822 IWL_DEBUG_SCAN("Aborting scan due to not ready.\n");
1823 return -EIO;
1824 }
1825
1826 if (test_bit(STATUS_SCANNING, &priv->status)) {
1827 IWL_DEBUG_SCAN("Scan already in progress.\n");
1828 return -EAGAIN;
1829 }
1830
1831 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
1832 IWL_DEBUG_SCAN("Scan request while abort pending. "
1833 "Queuing.\n");
1834 return -EAGAIN;
1835 }
1836
1837 IWL_DEBUG_INFO("Starting scan...\n");
1838 priv->scan_bands = 2;
1839 set_bit(STATUS_SCANNING, &priv->status);
1840 priv->scan_start = jiffies;
1841 priv->scan_pass_start = priv->scan_start;
1842
1843 queue_work(priv->workqueue, &priv->request_scan);
1844
1845 return 0;
1846 }
1847
1848
1849 static void iwl4965_set_flags_for_phymode(struct iwl_priv *priv,
1850 enum ieee80211_band band)
1851 {
1852 if (band == IEEE80211_BAND_5GHZ) {
1853 priv->staging_rxon.flags &=
1854 ~(RXON_FLG_BAND_24G_MSK | RXON_FLG_AUTO_DETECT_MSK
1855 | RXON_FLG_CCK_MSK);
1856 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
1857 } else {
1858 /* Copied from iwl4965_bg_post_associate() */
1859 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
1860 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
1861 else
1862 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
1863
1864 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
1865 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
1866
1867 priv->staging_rxon.flags |= RXON_FLG_BAND_24G_MSK;
1868 priv->staging_rxon.flags |= RXON_FLG_AUTO_DETECT_MSK;
1869 priv->staging_rxon.flags &= ~RXON_FLG_CCK_MSK;
1870 }
1871 }
1872
1873 /*
1874 * initialize rxon structure with default values from eeprom
1875 */
1876 static void iwl4965_connection_init_rx_config(struct iwl_priv *priv)
1877 {
1878 const struct iwl_channel_info *ch_info;
1879
1880 memset(&priv->staging_rxon, 0, sizeof(priv->staging_rxon));
1881
1882 switch (priv->iw_mode) {
1883 case IEEE80211_IF_TYPE_AP:
1884 priv->staging_rxon.dev_type = RXON_DEV_TYPE_AP;
1885 break;
1886
1887 case IEEE80211_IF_TYPE_STA:
1888 priv->staging_rxon.dev_type = RXON_DEV_TYPE_ESS;
1889 priv->staging_rxon.filter_flags = RXON_FILTER_ACCEPT_GRP_MSK;
1890 break;
1891
1892 case IEEE80211_IF_TYPE_IBSS:
1893 priv->staging_rxon.dev_type = RXON_DEV_TYPE_IBSS;
1894 priv->staging_rxon.flags = RXON_FLG_SHORT_PREAMBLE_MSK;
1895 priv->staging_rxon.filter_flags = RXON_FILTER_BCON_AWARE_MSK |
1896 RXON_FILTER_ACCEPT_GRP_MSK;
1897 break;
1898
1899 case IEEE80211_IF_TYPE_MNTR:
1900 priv->staging_rxon.dev_type = RXON_DEV_TYPE_SNIFFER;
1901 priv->staging_rxon.filter_flags = RXON_FILTER_PROMISC_MSK |
1902 RXON_FILTER_CTL2HOST_MSK | RXON_FILTER_ACCEPT_GRP_MSK;
1903 break;
1904 default:
1905 IWL_ERROR("Unsupported interface type %d\n", priv->iw_mode);
1906 break;
1907 }
1908
1909 #if 0
1910 /* TODO: Figure out when short_preamble would be set and cache from
1911 * that */
1912 if (!hw_to_local(priv->hw)->short_preamble)
1913 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
1914 else
1915 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
1916 #endif
1917
1918 ch_info = iwl_get_channel_info(priv, priv->band,
1919 le16_to_cpu(priv->staging_rxon.channel));
1920
1921 if (!ch_info)
1922 ch_info = &priv->channel_info[0];
1923
1924 /*
1925 * in some case A channels are all non IBSS
1926 * in this case force B/G channel
1927 */
1928 if ((priv->iw_mode == IEEE80211_IF_TYPE_IBSS) &&
1929 !(is_channel_ibss(ch_info)))
1930 ch_info = &priv->channel_info[0];
1931
1932 priv->staging_rxon.channel = cpu_to_le16(ch_info->channel);
1933 priv->band = ch_info->band;
1934
1935 iwl4965_set_flags_for_phymode(priv, priv->band);
1936
1937 priv->staging_rxon.ofdm_basic_rates =
1938 (IWL_OFDM_RATES_MASK >> IWL_FIRST_OFDM_RATE) & 0xFF;
1939 priv->staging_rxon.cck_basic_rates =
1940 (IWL_CCK_RATES_MASK >> IWL_FIRST_CCK_RATE) & 0xF;
1941
1942 priv->staging_rxon.flags &= ~(RXON_FLG_CHANNEL_MODE_MIXED_MSK |
1943 RXON_FLG_CHANNEL_MODE_PURE_40_MSK);
1944 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
1945 memcpy(priv->staging_rxon.wlap_bssid_addr, priv->mac_addr, ETH_ALEN);
1946 priv->staging_rxon.ofdm_ht_single_stream_basic_rates = 0xff;
1947 priv->staging_rxon.ofdm_ht_dual_stream_basic_rates = 0xff;
1948 iwl4965_set_rxon_chain(priv);
1949 }
1950
1951 static int iwl4965_set_mode(struct iwl_priv *priv, int mode)
1952 {
1953 if (mode == IEEE80211_IF_TYPE_IBSS) {
1954 const struct iwl_channel_info *ch_info;
1955
1956 ch_info = iwl_get_channel_info(priv,
1957 priv->band,
1958 le16_to_cpu(priv->staging_rxon.channel));
1959
1960 if (!ch_info || !is_channel_ibss(ch_info)) {
1961 IWL_ERROR("channel %d not IBSS channel\n",
1962 le16_to_cpu(priv->staging_rxon.channel));
1963 return -EINVAL;
1964 }
1965 }
1966
1967 priv->iw_mode = mode;
1968
1969 iwl4965_connection_init_rx_config(priv);
1970 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
1971
1972 iwlcore_clear_stations_table(priv);
1973
1974 /* dont commit rxon if rf-kill is on*/
1975 if (!iwl_is_ready_rf(priv))
1976 return -EAGAIN;
1977
1978 cancel_delayed_work(&priv->scan_check);
1979 if (iwl4965_scan_cancel_timeout(priv, 100)) {
1980 IWL_WARNING("Aborted scan still in progress after 100ms\n");
1981 IWL_DEBUG_MAC80211("leaving - scan abort failed.\n");
1982 return -EAGAIN;
1983 }
1984
1985 iwl4965_commit_rxon(priv);
1986
1987 return 0;
1988 }
1989
1990 static void iwl4965_build_tx_cmd_hwcrypto(struct iwl_priv *priv,
1991 struct ieee80211_tx_control *ctl,
1992 struct iwl_cmd *cmd,
1993 struct sk_buff *skb_frag,
1994 int sta_id)
1995 {
1996 struct iwl4965_hw_key *keyinfo = &priv->stations[sta_id].keyinfo;
1997 struct iwl_wep_key *wepkey;
1998 int keyidx = 0;
1999
2000 BUG_ON(ctl->key_idx > 3);
2001
2002 switch (keyinfo->alg) {
2003 case ALG_CCMP:
2004 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_CCM;
2005 memcpy(cmd->cmd.tx.key, keyinfo->key, keyinfo->keylen);
2006 if (ctl->flags & IEEE80211_TXCTL_AMPDU)
2007 cmd->cmd.tx.tx_flags |= TX_CMD_FLG_AGG_CCMP_MSK;
2008 IWL_DEBUG_TX("tx_cmd with aes hwcrypto\n");
2009 break;
2010
2011 case ALG_TKIP:
2012 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_TKIP;
2013 ieee80211_get_tkip_key(keyinfo->conf, skb_frag,
2014 IEEE80211_TKIP_P2_KEY, cmd->cmd.tx.key);
2015 IWL_DEBUG_TX("tx_cmd with tkip hwcrypto\n");
2016 break;
2017
2018 case ALG_WEP:
2019 wepkey = &priv->wep_keys[ctl->key_idx];
2020 cmd->cmd.tx.sec_ctl = 0;
2021 if (priv->default_wep_key) {
2022 /* the WEP key was sent as static */
2023 keyidx = ctl->key_idx;
2024 memcpy(&cmd->cmd.tx.key[3], wepkey->key,
2025 wepkey->key_size);
2026 if (wepkey->key_size == WEP_KEY_LEN_128)
2027 cmd->cmd.tx.sec_ctl |= TX_CMD_SEC_KEY128;
2028 } else {
2029 /* the WEP key was sent as dynamic */
2030 keyidx = keyinfo->keyidx;
2031 memcpy(&cmd->cmd.tx.key[3], keyinfo->key,
2032 keyinfo->keylen);
2033 if (keyinfo->keylen == WEP_KEY_LEN_128)
2034 cmd->cmd.tx.sec_ctl |= TX_CMD_SEC_KEY128;
2035 }
2036
2037 cmd->cmd.tx.sec_ctl |= (TX_CMD_SEC_WEP |
2038 (keyidx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT);
2039
2040 IWL_DEBUG_TX("Configuring packet for WEP encryption "
2041 "with key %d\n", keyidx);
2042 break;
2043
2044 default:
2045 printk(KERN_ERR "Unknown encode alg %d\n", keyinfo->alg);
2046 break;
2047 }
2048 }
2049
2050 /*
2051 * handle build REPLY_TX command notification.
2052 */
2053 static void iwl4965_build_tx_cmd_basic(struct iwl_priv *priv,
2054 struct iwl_cmd *cmd,
2055 struct ieee80211_tx_control *ctrl,
2056 struct ieee80211_hdr *hdr,
2057 int is_unicast, u8 std_id)
2058 {
2059 __le16 *qc;
2060 u16 fc = le16_to_cpu(hdr->frame_control);
2061 __le32 tx_flags = cmd->cmd.tx.tx_flags;
2062
2063 cmd->cmd.tx.stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
2064 if (!(ctrl->flags & IEEE80211_TXCTL_NO_ACK)) {
2065 tx_flags |= TX_CMD_FLG_ACK_MSK;
2066 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)
2067 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2068 if (ieee80211_is_probe_response(fc) &&
2069 !(le16_to_cpu(hdr->seq_ctrl) & 0xf))
2070 tx_flags |= TX_CMD_FLG_TSF_MSK;
2071 } else {
2072 tx_flags &= (~TX_CMD_FLG_ACK_MSK);
2073 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2074 }
2075
2076 if (ieee80211_is_back_request(fc))
2077 tx_flags |= TX_CMD_FLG_ACK_MSK | TX_CMD_FLG_IMM_BA_RSP_MASK;
2078
2079
2080 cmd->cmd.tx.sta_id = std_id;
2081 if (ieee80211_get_morefrag(hdr))
2082 tx_flags |= TX_CMD_FLG_MORE_FRAG_MSK;
2083
2084 qc = ieee80211_get_qos_ctrl(hdr);
2085 if (qc) {
2086 cmd->cmd.tx.tid_tspec = (u8) (le16_to_cpu(*qc) & 0xf);
2087 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK;
2088 } else
2089 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2090
2091 if (ctrl->flags & IEEE80211_TXCTL_USE_RTS_CTS) {
2092 tx_flags |= TX_CMD_FLG_RTS_MSK;
2093 tx_flags &= ~TX_CMD_FLG_CTS_MSK;
2094 } else if (ctrl->flags & IEEE80211_TXCTL_USE_CTS_PROTECT) {
2095 tx_flags &= ~TX_CMD_FLG_RTS_MSK;
2096 tx_flags |= TX_CMD_FLG_CTS_MSK;
2097 }
2098
2099 if ((tx_flags & TX_CMD_FLG_RTS_MSK) || (tx_flags & TX_CMD_FLG_CTS_MSK))
2100 tx_flags |= TX_CMD_FLG_FULL_TXOP_PROT_MSK;
2101
2102 tx_flags &= ~(TX_CMD_FLG_ANT_SEL_MSK);
2103 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
2104 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_ASSOC_REQ ||
2105 (fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_REASSOC_REQ)
2106 cmd->cmd.tx.timeout.pm_frame_timeout = cpu_to_le16(3);
2107 else
2108 cmd->cmd.tx.timeout.pm_frame_timeout = cpu_to_le16(2);
2109 } else {
2110 cmd->cmd.tx.timeout.pm_frame_timeout = 0;
2111 }
2112
2113 cmd->cmd.tx.driver_txop = 0;
2114 cmd->cmd.tx.tx_flags = tx_flags;
2115 cmd->cmd.tx.next_frame_len = 0;
2116 }
2117 static void iwl_update_tx_stats(struct iwl_priv *priv, u16 fc, u16 len)
2118 {
2119 /* 0 - mgmt, 1 - cnt, 2 - data */
2120 int idx = (fc & IEEE80211_FCTL_FTYPE) >> 2;
2121 priv->tx_stats[idx].cnt++;
2122 priv->tx_stats[idx].bytes += len;
2123 }
2124 /**
2125 * iwl4965_get_sta_id - Find station's index within station table
2126 *
2127 * If new IBSS station, create new entry in station table
2128 */
2129 static int iwl4965_get_sta_id(struct iwl_priv *priv,
2130 struct ieee80211_hdr *hdr)
2131 {
2132 int sta_id;
2133 u16 fc = le16_to_cpu(hdr->frame_control);
2134 DECLARE_MAC_BUF(mac);
2135
2136 /* If this frame is broadcast or management, use broadcast station id */
2137 if (((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) ||
2138 is_multicast_ether_addr(hdr->addr1))
2139 return priv->hw_setting.bcast_sta_id;
2140
2141 switch (priv->iw_mode) {
2142
2143 /* If we are a client station in a BSS network, use the special
2144 * AP station entry (that's the only station we communicate with) */
2145 case IEEE80211_IF_TYPE_STA:
2146 return IWL_AP_ID;
2147
2148 /* If we are an AP, then find the station, or use BCAST */
2149 case IEEE80211_IF_TYPE_AP:
2150 sta_id = iwl4965_hw_find_station(priv, hdr->addr1);
2151 if (sta_id != IWL_INVALID_STATION)
2152 return sta_id;
2153 return priv->hw_setting.bcast_sta_id;
2154
2155 /* If this frame is going out to an IBSS network, find the station,
2156 * or create a new station table entry */
2157 case IEEE80211_IF_TYPE_IBSS:
2158 sta_id = iwl4965_hw_find_station(priv, hdr->addr1);
2159 if (sta_id != IWL_INVALID_STATION)
2160 return sta_id;
2161
2162 /* Create new station table entry */
2163 sta_id = iwl4965_add_station_flags(priv, hdr->addr1,
2164 0, CMD_ASYNC, NULL);
2165
2166 if (sta_id != IWL_INVALID_STATION)
2167 return sta_id;
2168
2169 IWL_DEBUG_DROP("Station %s not in station map. "
2170 "Defaulting to broadcast...\n",
2171 print_mac(mac, hdr->addr1));
2172 iwl_print_hex_dump(IWL_DL_DROP, (u8 *) hdr, sizeof(*hdr));
2173 return priv->hw_setting.bcast_sta_id;
2174
2175 default:
2176 IWL_WARNING("Unknown mode of operation: %d", priv->iw_mode);
2177 return priv->hw_setting.bcast_sta_id;
2178 }
2179 }
2180
2181 /*
2182 * start REPLY_TX command process
2183 */
2184 static int iwl4965_tx_skb(struct iwl_priv *priv,
2185 struct sk_buff *skb, struct ieee80211_tx_control *ctl)
2186 {
2187 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
2188 struct iwl4965_tfd_frame *tfd;
2189 u32 *control_flags;
2190 int txq_id = ctl->queue;
2191 struct iwl4965_tx_queue *txq = NULL;
2192 struct iwl4965_queue *q = NULL;
2193 dma_addr_t phys_addr;
2194 dma_addr_t txcmd_phys;
2195 dma_addr_t scratch_phys;
2196 struct iwl_cmd *out_cmd = NULL;
2197 u16 len, idx, len_org;
2198 u8 id, hdr_len, unicast;
2199 u8 sta_id;
2200 u16 seq_number = 0;
2201 u16 fc;
2202 __le16 *qc;
2203 u8 wait_write_ptr = 0;
2204 unsigned long flags;
2205 int rc;
2206
2207 spin_lock_irqsave(&priv->lock, flags);
2208 if (iwl_is_rfkill(priv)) {
2209 IWL_DEBUG_DROP("Dropping - RF KILL\n");
2210 goto drop_unlock;
2211 }
2212
2213 if (!priv->vif) {
2214 IWL_DEBUG_DROP("Dropping - !priv->vif\n");
2215 goto drop_unlock;
2216 }
2217
2218 if ((ctl->tx_rate->hw_value & 0xFF) == IWL_INVALID_RATE) {
2219 IWL_ERROR("ERROR: No TX rate available.\n");
2220 goto drop_unlock;
2221 }
2222
2223 unicast = !is_multicast_ether_addr(hdr->addr1);
2224 id = 0;
2225
2226 fc = le16_to_cpu(hdr->frame_control);
2227
2228 #ifdef CONFIG_IWLWIFI_DEBUG
2229 if (ieee80211_is_auth(fc))
2230 IWL_DEBUG_TX("Sending AUTH frame\n");
2231 else if (ieee80211_is_assoc_request(fc))
2232 IWL_DEBUG_TX("Sending ASSOC frame\n");
2233 else if (ieee80211_is_reassoc_request(fc))
2234 IWL_DEBUG_TX("Sending REASSOC frame\n");
2235 #endif
2236
2237 /* drop all data frame if we are not associated */
2238 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
2239 (!iwl_is_associated(priv) ||
2240 ((priv->iw_mode == IEEE80211_IF_TYPE_STA) && !priv->assoc_id) ||
2241 !priv->assoc_station_added)) {
2242 IWL_DEBUG_DROP("Dropping - !iwl_is_associated\n");
2243 goto drop_unlock;
2244 }
2245
2246 spin_unlock_irqrestore(&priv->lock, flags);
2247
2248 hdr_len = ieee80211_get_hdrlen(fc);
2249
2250 /* Find (or create) index into station table for destination station */
2251 sta_id = iwl4965_get_sta_id(priv, hdr);
2252 if (sta_id == IWL_INVALID_STATION) {
2253 DECLARE_MAC_BUF(mac);
2254
2255 IWL_DEBUG_DROP("Dropping - INVALID STATION: %s\n",
2256 print_mac(mac, hdr->addr1));
2257 goto drop;
2258 }
2259
2260 IWL_DEBUG_RATE("station Id %d\n", sta_id);
2261
2262 qc = ieee80211_get_qos_ctrl(hdr);
2263 if (qc) {
2264 u8 tid = (u8)(le16_to_cpu(*qc) & 0xf);
2265 seq_number = priv->stations[sta_id].tid[tid].seq_number &
2266 IEEE80211_SCTL_SEQ;
2267 hdr->seq_ctrl = cpu_to_le16(seq_number) |
2268 (hdr->seq_ctrl &
2269 __constant_cpu_to_le16(IEEE80211_SCTL_FRAG));
2270 seq_number += 0x10;
2271 #ifdef CONFIG_IWL4965_HT
2272 /* aggregation is on for this <sta,tid> */
2273 if (ctl->flags & IEEE80211_TXCTL_AMPDU)
2274 txq_id = priv->stations[sta_id].tid[tid].agg.txq_id;
2275 priv->stations[sta_id].tid[tid].tfds_in_queue++;
2276 #endif /* CONFIG_IWL4965_HT */
2277 }
2278
2279 /* Descriptor for chosen Tx queue */
2280 txq = &priv->txq[txq_id];
2281 q = &txq->q;
2282
2283 spin_lock_irqsave(&priv->lock, flags);
2284
2285 /* Set up first empty TFD within this queue's circular TFD buffer */
2286 tfd = &txq->bd[q->write_ptr];
2287 memset(tfd, 0, sizeof(*tfd));
2288 control_flags = (u32 *) tfd;
2289 idx = get_cmd_index(q, q->write_ptr, 0);
2290
2291 /* Set up driver data for this TFD */
2292 memset(&(txq->txb[q->write_ptr]), 0, sizeof(struct iwl4965_tx_info));
2293 txq->txb[q->write_ptr].skb[0] = skb;
2294 memcpy(&(txq->txb[q->write_ptr].status.control),
2295 ctl, sizeof(struct ieee80211_tx_control));
2296
2297 /* Set up first empty entry in queue's array of Tx/cmd buffers */
2298 out_cmd = &txq->cmd[idx];
2299 memset(&out_cmd->hdr, 0, sizeof(out_cmd->hdr));
2300 memset(&out_cmd->cmd.tx, 0, sizeof(out_cmd->cmd.tx));
2301
2302 /*
2303 * Set up the Tx-command (not MAC!) header.
2304 * Store the chosen Tx queue and TFD index within the sequence field;
2305 * after Tx, uCode's Tx response will return this value so driver can
2306 * locate the frame within the tx queue and do post-tx processing.
2307 */
2308 out_cmd->hdr.cmd = REPLY_TX;
2309 out_cmd->hdr.sequence = cpu_to_le16((u16)(QUEUE_TO_SEQ(txq_id) |
2310 INDEX_TO_SEQ(q->write_ptr)));
2311
2312 /* Copy MAC header from skb into command buffer */
2313 memcpy(out_cmd->cmd.tx.hdr, hdr, hdr_len);
2314
2315 /*
2316 * Use the first empty entry in this queue's command buffer array
2317 * to contain the Tx command and MAC header concatenated together
2318 * (payload data will be in another buffer).
2319 * Size of this varies, due to varying MAC header length.
2320 * If end is not dword aligned, we'll have 2 extra bytes at the end
2321 * of the MAC header (device reads on dword boundaries).
2322 * We'll tell device about this padding later.
2323 */
2324 len = priv->hw_setting.tx_cmd_len +
2325 sizeof(struct iwl_cmd_header) + hdr_len;
2326
2327 len_org = len;
2328 len = (len + 3) & ~3;
2329
2330 if (len_org != len)
2331 len_org = 1;
2332 else
2333 len_org = 0;
2334
2335 /* Physical address of this Tx command's header (not MAC header!),
2336 * within command buffer array. */
2337 txcmd_phys = txq->dma_addr_cmd + sizeof(struct iwl_cmd) * idx +
2338 offsetof(struct iwl_cmd, hdr);
2339
2340 /* Add buffer containing Tx command and MAC(!) header to TFD's
2341 * first entry */
2342 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, txcmd_phys, len);
2343
2344 if (!(ctl->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
2345 iwl4965_build_tx_cmd_hwcrypto(priv, ctl, out_cmd, skb, sta_id);
2346
2347 /* Set up TFD's 2nd entry to point directly to remainder of skb,
2348 * if any (802.11 null frames have no payload). */
2349 len = skb->len - hdr_len;
2350 if (len) {
2351 phys_addr = pci_map_single(priv->pci_dev, skb->data + hdr_len,
2352 len, PCI_DMA_TODEVICE);
2353 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, phys_addr, len);
2354 }
2355
2356 /* Tell 4965 about any 2-byte padding after MAC header */
2357 if (len_org)
2358 out_cmd->cmd.tx.tx_flags |= TX_CMD_FLG_MH_PAD_MSK;
2359
2360 /* Total # bytes to be transmitted */
2361 len = (u16)skb->len;
2362 out_cmd->cmd.tx.len = cpu_to_le16(len);
2363
2364 /* TODO need this for burst mode later on */
2365 iwl4965_build_tx_cmd_basic(priv, out_cmd, ctl, hdr, unicast, sta_id);
2366
2367 /* set is_hcca to 0; it probably will never be implemented */
2368 iwl4965_hw_build_tx_cmd_rate(priv, out_cmd, ctl, hdr, sta_id, 0);
2369
2370 iwl_update_tx_stats(priv, fc, len);
2371
2372 scratch_phys = txcmd_phys + sizeof(struct iwl_cmd_header) +
2373 offsetof(struct iwl4965_tx_cmd, scratch);
2374 out_cmd->cmd.tx.dram_lsb_ptr = cpu_to_le32(scratch_phys);
2375 out_cmd->cmd.tx.dram_msb_ptr = iwl_get_dma_hi_address(scratch_phys);
2376
2377 if (!ieee80211_get_morefrag(hdr)) {
2378 txq->need_update = 1;
2379 if (qc) {
2380 u8 tid = (u8)(le16_to_cpu(*qc) & 0xf);
2381 priv->stations[sta_id].tid[tid].seq_number = seq_number;
2382 }
2383 } else {
2384 wait_write_ptr = 1;
2385 txq->need_update = 0;
2386 }
2387
2388 iwl_print_hex_dump(IWL_DL_TX, out_cmd->cmd.payload,
2389 sizeof(out_cmd->cmd.tx));
2390
2391 iwl_print_hex_dump(IWL_DL_TX, (u8 *)out_cmd->cmd.tx.hdr,
2392 ieee80211_get_hdrlen(fc));
2393
2394 /* Set up entry for this TFD in Tx byte-count array */
2395 iwl4965_tx_queue_update_wr_ptr(priv, txq, len);
2396
2397 /* Tell device the write index *just past* this latest filled TFD */
2398 q->write_ptr = iwl_queue_inc_wrap(q->write_ptr, q->n_bd);
2399 rc = iwl4965_tx_queue_update_write_ptr(priv, txq);
2400 spin_unlock_irqrestore(&priv->lock, flags);
2401
2402 if (rc)
2403 return rc;
2404
2405 if ((iwl4965_queue_space(q) < q->high_mark)
2406 && priv->mac80211_registered) {
2407 if (wait_write_ptr) {
2408 spin_lock_irqsave(&priv->lock, flags);
2409 txq->need_update = 1;
2410 iwl4965_tx_queue_update_write_ptr(priv, txq);
2411 spin_unlock_irqrestore(&priv->lock, flags);
2412 }
2413
2414 ieee80211_stop_queue(priv->hw, ctl->queue);
2415 }
2416
2417 return 0;
2418
2419 drop_unlock:
2420 spin_unlock_irqrestore(&priv->lock, flags);
2421 drop:
2422 return -1;
2423 }
2424
2425 static void iwl4965_set_rate(struct iwl_priv *priv)
2426 {
2427 const struct ieee80211_supported_band *hw = NULL;
2428 struct ieee80211_rate *rate;
2429 int i;
2430
2431 hw = iwl4965_get_hw_mode(priv, priv->band);
2432 if (!hw) {
2433 IWL_ERROR("Failed to set rate: unable to get hw mode\n");
2434 return;
2435 }
2436
2437 priv->active_rate = 0;
2438 priv->active_rate_basic = 0;
2439
2440 for (i = 0; i < hw->n_bitrates; i++) {
2441 rate = &(hw->bitrates[i]);
2442 if (rate->hw_value < IWL_RATE_COUNT)
2443 priv->active_rate |= (1 << rate->hw_value);
2444 }
2445
2446 IWL_DEBUG_RATE("Set active_rate = %0x, active_rate_basic = %0x\n",
2447 priv->active_rate, priv->active_rate_basic);
2448
2449 /*
2450 * If a basic rate is configured, then use it (adding IWL_RATE_1M_MASK)
2451 * otherwise set it to the default of all CCK rates and 6, 12, 24 for
2452 * OFDM
2453 */
2454 if (priv->active_rate_basic & IWL_CCK_BASIC_RATES_MASK)
2455 priv->staging_rxon.cck_basic_rates =
2456 ((priv->active_rate_basic &
2457 IWL_CCK_RATES_MASK) >> IWL_FIRST_CCK_RATE) & 0xF;
2458 else
2459 priv->staging_rxon.cck_basic_rates =
2460 (IWL_CCK_BASIC_RATES_MASK >> IWL_FIRST_CCK_RATE) & 0xF;
2461
2462 if (priv->active_rate_basic & IWL_OFDM_BASIC_RATES_MASK)
2463 priv->staging_rxon.ofdm_basic_rates =
2464 ((priv->active_rate_basic &
2465 (IWL_OFDM_BASIC_RATES_MASK | IWL_RATE_6M_MASK)) >>
2466 IWL_FIRST_OFDM_RATE) & 0xFF;
2467 else
2468 priv->staging_rxon.ofdm_basic_rates =
2469 (IWL_OFDM_BASIC_RATES_MASK >> IWL_FIRST_OFDM_RATE) & 0xFF;
2470 }
2471
2472 void iwl4965_radio_kill_sw(struct iwl_priv *priv, int disable_radio)
2473 {
2474 unsigned long flags;
2475
2476 if (!!disable_radio == test_bit(STATUS_RF_KILL_SW, &priv->status))
2477 return;
2478
2479 IWL_DEBUG_RF_KILL("Manual SW RF KILL set to: RADIO %s\n",
2480 disable_radio ? "OFF" : "ON");
2481
2482 if (disable_radio) {
2483 iwl4965_scan_cancel(priv);
2484 /* FIXME: This is a workaround for AP */
2485 if (priv->iw_mode != IEEE80211_IF_TYPE_AP) {
2486 spin_lock_irqsave(&priv->lock, flags);
2487 iwl_write32(priv, CSR_UCODE_DRV_GP1_SET,
2488 CSR_UCODE_SW_BIT_RFKILL);
2489 spin_unlock_irqrestore(&priv->lock, flags);
2490 /* call the host command only if no hw rf-kill set */
2491 if (!test_bit(STATUS_RF_KILL_HW, &priv->status))
2492 iwl4965_send_card_state(priv,
2493 CARD_STATE_CMD_DISABLE,
2494 0);
2495 set_bit(STATUS_RF_KILL_SW, &priv->status);
2496
2497 /* make sure mac80211 stop sending Tx frame */
2498 if (priv->mac80211_registered)
2499 ieee80211_stop_queues(priv->hw);
2500 }
2501 return;
2502 }
2503
2504 spin_lock_irqsave(&priv->lock, flags);
2505 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
2506
2507 clear_bit(STATUS_RF_KILL_SW, &priv->status);
2508 spin_unlock_irqrestore(&priv->lock, flags);
2509
2510 /* wake up ucode */
2511 msleep(10);
2512
2513 spin_lock_irqsave(&priv->lock, flags);
2514 iwl_read32(priv, CSR_UCODE_DRV_GP1);
2515 if (!iwl_grab_nic_access(priv))
2516 iwl_release_nic_access(priv);
2517 spin_unlock_irqrestore(&priv->lock, flags);
2518
2519 if (test_bit(STATUS_RF_KILL_HW, &priv->status)) {
2520 IWL_DEBUG_RF_KILL("Can not turn radio back on - "
2521 "disabled by HW switch\n");
2522 return;
2523 }
2524
2525 queue_work(priv->workqueue, &priv->restart);
2526 return;
2527 }
2528
2529 void iwl4965_set_decrypted_flag(struct iwl_priv *priv, struct sk_buff *skb,
2530 u32 decrypt_res, struct ieee80211_rx_status *stats)
2531 {
2532 u16 fc =
2533 le16_to_cpu(((struct ieee80211_hdr *)skb->data)->frame_control);
2534
2535 if (priv->active_rxon.filter_flags & RXON_FILTER_DIS_DECRYPT_MSK)
2536 return;
2537
2538 if (!(fc & IEEE80211_FCTL_PROTECTED))
2539 return;
2540
2541 IWL_DEBUG_RX("decrypt_res:0x%x\n", decrypt_res);
2542 switch (decrypt_res & RX_RES_STATUS_SEC_TYPE_MSK) {
2543 case RX_RES_STATUS_SEC_TYPE_TKIP:
2544 /* The uCode has got a bad phase 1 Key, pushes the packet.
2545 * Decryption will be done in SW. */
2546 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
2547 RX_RES_STATUS_BAD_KEY_TTAK)
2548 break;
2549
2550 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
2551 RX_RES_STATUS_BAD_ICV_MIC)
2552 stats->flag |= RX_FLAG_MMIC_ERROR;
2553 case RX_RES_STATUS_SEC_TYPE_WEP:
2554 case RX_RES_STATUS_SEC_TYPE_CCMP:
2555 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
2556 RX_RES_STATUS_DECRYPT_OK) {
2557 IWL_DEBUG_RX("hw decrypt successfully!!!\n");
2558 stats->flag |= RX_FLAG_DECRYPTED;
2559 }
2560 break;
2561
2562 default:
2563 break;
2564 }
2565 }
2566
2567
2568 #define IWL_PACKET_RETRY_TIME HZ
2569
2570 int iwl4965_is_duplicate_packet(struct iwl_priv *priv, struct ieee80211_hdr *header)
2571 {
2572 u16 sc = le16_to_cpu(header->seq_ctrl);
2573 u16 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
2574 u16 frag = sc & IEEE80211_SCTL_FRAG;
2575 u16 *last_seq, *last_frag;
2576 unsigned long *last_time;
2577
2578 switch (priv->iw_mode) {
2579 case IEEE80211_IF_TYPE_IBSS:{
2580 struct list_head *p;
2581 struct iwl4965_ibss_seq *entry = NULL;
2582 u8 *mac = header->addr2;
2583 int index = mac[5] & (IWL_IBSS_MAC_HASH_SIZE - 1);
2584
2585 __list_for_each(p, &priv->ibss_mac_hash[index]) {
2586 entry = list_entry(p, struct iwl4965_ibss_seq, list);
2587 if (!compare_ether_addr(entry->mac, mac))
2588 break;
2589 }
2590 if (p == &priv->ibss_mac_hash[index]) {
2591 entry = kzalloc(sizeof(*entry), GFP_ATOMIC);
2592 if (!entry) {
2593 IWL_ERROR("Cannot malloc new mac entry\n");
2594 return 0;
2595 }
2596 memcpy(entry->mac, mac, ETH_ALEN);
2597 entry->seq_num = seq;
2598 entry->frag_num = frag;
2599 entry->packet_time = jiffies;
2600 list_add(&entry->list, &priv->ibss_mac_hash[index]);
2601 return 0;
2602 }
2603 last_seq = &entry->seq_num;
2604 last_frag = &entry->frag_num;
2605 last_time = &entry->packet_time;
2606 break;
2607 }
2608 case IEEE80211_IF_TYPE_STA:
2609 last_seq = &priv->last_seq_num;
2610 last_frag = &priv->last_frag_num;
2611 last_time = &priv->last_packet_time;
2612 break;
2613 default:
2614 return 0;
2615 }
2616 if ((*last_seq == seq) &&
2617 time_after(*last_time + IWL_PACKET_RETRY_TIME, jiffies)) {
2618 if (*last_frag == frag)
2619 goto drop;
2620 if (*last_frag + 1 != frag)
2621 /* out-of-order fragment */
2622 goto drop;
2623 } else
2624 *last_seq = seq;
2625
2626 *last_frag = frag;
2627 *last_time = jiffies;
2628 return 0;
2629
2630 drop:
2631 return 1;
2632 }
2633
2634 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
2635
2636 #include "iwl-spectrum.h"
2637
2638 #define BEACON_TIME_MASK_LOW 0x00FFFFFF
2639 #define BEACON_TIME_MASK_HIGH 0xFF000000
2640 #define TIME_UNIT 1024
2641
2642 /*
2643 * extended beacon time format
2644 * time in usec will be changed into a 32-bit value in 8:24 format
2645 * the high 1 byte is the beacon counts
2646 * the lower 3 bytes is the time in usec within one beacon interval
2647 */
2648
2649 static u32 iwl4965_usecs_to_beacons(u32 usec, u32 beacon_interval)
2650 {
2651 u32 quot;
2652 u32 rem;
2653 u32 interval = beacon_interval * 1024;
2654
2655 if (!interval || !usec)
2656 return 0;
2657
2658 quot = (usec / interval) & (BEACON_TIME_MASK_HIGH >> 24);
2659 rem = (usec % interval) & BEACON_TIME_MASK_LOW;
2660
2661 return (quot << 24) + rem;
2662 }
2663
2664 /* base is usually what we get from ucode with each received frame,
2665 * the same as HW timer counter counting down
2666 */
2667
2668 static __le32 iwl4965_add_beacon_time(u32 base, u32 addon, u32 beacon_interval)
2669 {
2670 u32 base_low = base & BEACON_TIME_MASK_LOW;
2671 u32 addon_low = addon & BEACON_TIME_MASK_LOW;
2672 u32 interval = beacon_interval * TIME_UNIT;
2673 u32 res = (base & BEACON_TIME_MASK_HIGH) +
2674 (addon & BEACON_TIME_MASK_HIGH);
2675
2676 if (base_low > addon_low)
2677 res += base_low - addon_low;
2678 else if (base_low < addon_low) {
2679 res += interval + base_low - addon_low;
2680 res += (1 << 24);
2681 } else
2682 res += (1 << 24);
2683
2684 return cpu_to_le32(res);
2685 }
2686
2687 static int iwl4965_get_measurement(struct iwl_priv *priv,
2688 struct ieee80211_measurement_params *params,
2689 u8 type)
2690 {
2691 struct iwl4965_spectrum_cmd spectrum;
2692 struct iwl4965_rx_packet *res;
2693 struct iwl_host_cmd cmd = {
2694 .id = REPLY_SPECTRUM_MEASUREMENT_CMD,
2695 .data = (void *)&spectrum,
2696 .meta.flags = CMD_WANT_SKB,
2697 };
2698 u32 add_time = le64_to_cpu(params->start_time);
2699 int rc;
2700 int spectrum_resp_status;
2701 int duration = le16_to_cpu(params->duration);
2702
2703 if (iwl_is_associated(priv))
2704 add_time =
2705 iwl4965_usecs_to_beacons(
2706 le64_to_cpu(params->start_time) - priv->last_tsf,
2707 le16_to_cpu(priv->rxon_timing.beacon_interval));
2708
2709 memset(&spectrum, 0, sizeof(spectrum));
2710
2711 spectrum.channel_count = cpu_to_le16(1);
2712 spectrum.flags =
2713 RXON_FLG_TSF2HOST_MSK | RXON_FLG_ANT_A_MSK | RXON_FLG_DIS_DIV_MSK;
2714 spectrum.filter_flags = MEASUREMENT_FILTER_FLAG;
2715 cmd.len = sizeof(spectrum);
2716 spectrum.len = cpu_to_le16(cmd.len - sizeof(spectrum.len));
2717
2718 if (iwl_is_associated(priv))
2719 spectrum.start_time =
2720 iwl4965_add_beacon_time(priv->last_beacon_time,
2721 add_time,
2722 le16_to_cpu(priv->rxon_timing.beacon_interval));
2723 else
2724 spectrum.start_time = 0;
2725
2726 spectrum.channels[0].duration = cpu_to_le32(duration * TIME_UNIT);
2727 spectrum.channels[0].channel = params->channel;
2728 spectrum.channels[0].type = type;
2729 if (priv->active_rxon.flags & RXON_FLG_BAND_24G_MSK)
2730 spectrum.flags |= RXON_FLG_BAND_24G_MSK |
2731 RXON_FLG_AUTO_DETECT_MSK | RXON_FLG_TGG_PROTECT_MSK;
2732
2733 rc = iwl_send_cmd_sync(priv, &cmd);
2734 if (rc)
2735 return rc;
2736
2737 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
2738 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
2739 IWL_ERROR("Bad return from REPLY_RX_ON_ASSOC command\n");
2740 rc = -EIO;
2741 }
2742
2743 spectrum_resp_status = le16_to_cpu(res->u.spectrum.status);
2744 switch (spectrum_resp_status) {
2745 case 0: /* Command will be handled */
2746 if (res->u.spectrum.id != 0xff) {
2747 IWL_DEBUG_INFO
2748 ("Replaced existing measurement: %d\n",
2749 res->u.spectrum.id);
2750 priv->measurement_status &= ~MEASUREMENT_READY;
2751 }
2752 priv->measurement_status |= MEASUREMENT_ACTIVE;
2753 rc = 0;
2754 break;
2755
2756 case 1: /* Command will not be handled */
2757 rc = -EAGAIN;
2758 break;
2759 }
2760
2761 dev_kfree_skb_any(cmd.meta.u.skb);
2762
2763 return rc;
2764 }
2765 #endif
2766
2767 static void iwl4965_txstatus_to_ieee(struct iwl_priv *priv,
2768 struct iwl4965_tx_info *tx_sta)
2769 {
2770
2771 tx_sta->status.ack_signal = 0;
2772 tx_sta->status.excessive_retries = 0;
2773 tx_sta->status.queue_length = 0;
2774 tx_sta->status.queue_number = 0;
2775
2776 if (in_interrupt())
2777 ieee80211_tx_status_irqsafe(priv->hw,
2778 tx_sta->skb[0], &(tx_sta->status));
2779 else
2780 ieee80211_tx_status(priv->hw,
2781 tx_sta->skb[0], &(tx_sta->status));
2782
2783 tx_sta->skb[0] = NULL;
2784 }
2785
2786 /**
2787 * iwl4965_tx_queue_reclaim - Reclaim Tx queue entries already Tx'd
2788 *
2789 * When FW advances 'R' index, all entries between old and new 'R' index
2790 * need to be reclaimed. As result, some free space forms. If there is
2791 * enough free space (> low mark), wake the stack that feeds us.
2792 */
2793 int iwl4965_tx_queue_reclaim(struct iwl_priv *priv, int txq_id, int index)
2794 {
2795 struct iwl4965_tx_queue *txq = &priv->txq[txq_id];
2796 struct iwl4965_queue *q = &txq->q;
2797 int nfreed = 0;
2798
2799 if ((index >= q->n_bd) || (x2_queue_used(q, index) == 0)) {
2800 IWL_ERROR("Read index for DMA queue txq id (%d), index %d, "
2801 "is out of range [0-%d] %d %d.\n", txq_id,
2802 index, q->n_bd, q->write_ptr, q->read_ptr);
2803 return 0;
2804 }
2805
2806 for (index = iwl_queue_inc_wrap(index, q->n_bd);
2807 q->read_ptr != index;
2808 q->read_ptr = iwl_queue_inc_wrap(q->read_ptr, q->n_bd)) {
2809 if (txq_id != IWL_CMD_QUEUE_NUM) {
2810 iwl4965_txstatus_to_ieee(priv,
2811 &(txq->txb[txq->q.read_ptr]));
2812 iwl4965_hw_txq_free_tfd(priv, txq);
2813 } else if (nfreed > 1) {
2814 IWL_ERROR("HCMD skipped: index (%d) %d %d\n", index,
2815 q->write_ptr, q->read_ptr);
2816 queue_work(priv->workqueue, &priv->restart);
2817 }
2818 nfreed++;
2819 }
2820
2821 /* if (iwl4965_queue_space(q) > q->low_mark && (txq_id >= 0) &&
2822 (txq_id != IWL_CMD_QUEUE_NUM) &&
2823 priv->mac80211_registered)
2824 ieee80211_wake_queue(priv->hw, txq_id); */
2825
2826
2827 return nfreed;
2828 }
2829
2830 static int iwl4965_is_tx_success(u32 status)
2831 {
2832 status &= TX_STATUS_MSK;
2833 return (status == TX_STATUS_SUCCESS)
2834 || (status == TX_STATUS_DIRECT_DONE);
2835 }
2836
2837 /******************************************************************************
2838 *
2839 * Generic RX handler implementations
2840 *
2841 ******************************************************************************/
2842 #ifdef CONFIG_IWL4965_HT
2843
2844 static inline int iwl4965_get_ra_sta_id(struct iwl_priv *priv,
2845 struct ieee80211_hdr *hdr)
2846 {
2847 if (priv->iw_mode == IEEE80211_IF_TYPE_STA)
2848 return IWL_AP_ID;
2849 else {
2850 u8 *da = ieee80211_get_DA(hdr);
2851 return iwl4965_hw_find_station(priv, da);
2852 }
2853 }
2854
2855 static struct ieee80211_hdr *iwl4965_tx_queue_get_hdr(
2856 struct iwl_priv *priv, int txq_id, int idx)
2857 {
2858 if (priv->txq[txq_id].txb[idx].skb[0])
2859 return (struct ieee80211_hdr *)priv->txq[txq_id].
2860 txb[idx].skb[0]->data;
2861 return NULL;
2862 }
2863
2864 static inline u32 iwl4965_get_scd_ssn(struct iwl4965_tx_resp *tx_resp)
2865 {
2866 __le32 *scd_ssn = (__le32 *)((u32 *)&tx_resp->status +
2867 tx_resp->frame_count);
2868 return le32_to_cpu(*scd_ssn) & MAX_SN;
2869
2870 }
2871
2872 /**
2873 * iwl4965_tx_status_reply_tx - Handle Tx rspnse for frames in aggregation queue
2874 */
2875 static int iwl4965_tx_status_reply_tx(struct iwl_priv *priv,
2876 struct iwl4965_ht_agg *agg,
2877 struct iwl4965_tx_resp_agg *tx_resp,
2878 u16 start_idx)
2879 {
2880 u16 status;
2881 struct agg_tx_status *frame_status = &tx_resp->status;
2882 struct ieee80211_tx_status *tx_status = NULL;
2883 struct ieee80211_hdr *hdr = NULL;
2884 int i, sh;
2885 int txq_id, idx;
2886 u16 seq;
2887
2888 if (agg->wait_for_ba)
2889 IWL_DEBUG_TX_REPLY("got tx response w/o block-ack\n");
2890
2891 agg->frame_count = tx_resp->frame_count;
2892 agg->start_idx = start_idx;
2893 agg->rate_n_flags = le32_to_cpu(tx_resp->rate_n_flags);
2894 agg->bitmap = 0;
2895
2896 /* # frames attempted by Tx command */
2897 if (agg->frame_count == 1) {
2898 /* Only one frame was attempted; no block-ack will arrive */
2899 status = le16_to_cpu(frame_status[0].status);
2900 seq = le16_to_cpu(frame_status[0].sequence);
2901 idx = SEQ_TO_INDEX(seq);
2902 txq_id = SEQ_TO_QUEUE(seq);
2903
2904 /* FIXME: code repetition */
2905 IWL_DEBUG_TX_REPLY("FrameCnt = %d, StartIdx=%d idx=%d\n",
2906 agg->frame_count, agg->start_idx, idx);
2907
2908 tx_status = &(priv->txq[txq_id].txb[idx].status);
2909 tx_status->retry_count = tx_resp->failure_frame;
2910 tx_status->queue_number = status & 0xff;
2911 tx_status->queue_length = tx_resp->failure_rts;
2912 tx_status->control.flags &= ~IEEE80211_TXCTL_AMPDU;
2913 tx_status->flags = iwl4965_is_tx_success(status)?
2914 IEEE80211_TX_STATUS_ACK : 0;
2915 iwl4965_hwrate_to_tx_control(priv,
2916 le32_to_cpu(tx_resp->rate_n_flags),
2917 &tx_status->control);
2918 /* FIXME: code repetition end */
2919
2920 IWL_DEBUG_TX_REPLY("1 Frame 0x%x failure :%d\n",
2921 status & 0xff, tx_resp->failure_frame);
2922 IWL_DEBUG_TX_REPLY("Rate Info rate_n_flags=%x\n",
2923 iwl4965_hw_get_rate_n_flags(tx_resp->rate_n_flags));
2924
2925 agg->wait_for_ba = 0;
2926 } else {
2927 /* Two or more frames were attempted; expect block-ack */
2928 u64 bitmap = 0;
2929 int start = agg->start_idx;
2930
2931 /* Construct bit-map of pending frames within Tx window */
2932 for (i = 0; i < agg->frame_count; i++) {
2933 u16 sc;
2934 status = le16_to_cpu(frame_status[i].status);
2935 seq = le16_to_cpu(frame_status[i].sequence);
2936 idx = SEQ_TO_INDEX(seq);
2937 txq_id = SEQ_TO_QUEUE(seq);
2938
2939 if (status & (AGG_TX_STATE_FEW_BYTES_MSK |
2940 AGG_TX_STATE_ABORT_MSK))
2941 continue;
2942
2943 IWL_DEBUG_TX_REPLY("FrameCnt = %d, txq_id=%d idx=%d\n",
2944 agg->frame_count, txq_id, idx);
2945
2946 hdr = iwl4965_tx_queue_get_hdr(priv, txq_id, idx);
2947
2948 sc = le16_to_cpu(hdr->seq_ctrl);
2949 if (idx != (SEQ_TO_SN(sc) & 0xff)) {
2950 IWL_ERROR("BUG_ON idx doesn't match seq control"
2951 " idx=%d, seq_idx=%d, seq=%d\n",
2952 idx, SEQ_TO_SN(sc),
2953 hdr->seq_ctrl);
2954 return -1;
2955 }
2956
2957 IWL_DEBUG_TX_REPLY("AGG Frame i=%d idx %d seq=%d\n",
2958 i, idx, SEQ_TO_SN(sc));
2959
2960 sh = idx - start;
2961 if (sh > 64) {
2962 sh = (start - idx) + 0xff;
2963 bitmap = bitmap << sh;
2964 sh = 0;
2965 start = idx;
2966 } else if (sh < -64)
2967 sh = 0xff - (start - idx);
2968 else if (sh < 0) {
2969 sh = start - idx;
2970 start = idx;
2971 bitmap = bitmap << sh;
2972 sh = 0;
2973 }
2974 bitmap |= (1 << sh);
2975 IWL_DEBUG_TX_REPLY("start=%d bitmap=0x%x\n",
2976 start, (u32)(bitmap & 0xFFFFFFFF));
2977 }
2978
2979 agg->bitmap = bitmap;
2980 agg->start_idx = start;
2981 agg->rate_n_flags = le32_to_cpu(tx_resp->rate_n_flags);
2982 IWL_DEBUG_TX_REPLY("Frames %d start_idx=%d bitmap=0x%llx\n",
2983 agg->frame_count, agg->start_idx,
2984 (unsigned long long)agg->bitmap);
2985
2986 if (bitmap)
2987 agg->wait_for_ba = 1;
2988 }
2989 return 0;
2990 }
2991 #endif
2992
2993 /**
2994 * iwl4965_rx_reply_tx - Handle standard (non-aggregation) Tx response
2995 */
2996 static void iwl4965_rx_reply_tx(struct iwl_priv *priv,
2997 struct iwl4965_rx_mem_buffer *rxb)
2998 {
2999 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3000 u16 sequence = le16_to_cpu(pkt->hdr.sequence);
3001 int txq_id = SEQ_TO_QUEUE(sequence);
3002 int index = SEQ_TO_INDEX(sequence);
3003 struct iwl4965_tx_queue *txq = &priv->txq[txq_id];
3004 struct ieee80211_tx_status *tx_status;
3005 struct iwl4965_tx_resp *tx_resp = (void *)&pkt->u.raw[0];
3006 u32 status = le32_to_cpu(tx_resp->status);
3007 #ifdef CONFIG_IWL4965_HT
3008 int tid = MAX_TID_COUNT, sta_id = IWL_INVALID_STATION;
3009 struct ieee80211_hdr *hdr;
3010 __le16 *qc;
3011 #endif
3012
3013 if ((index >= txq->q.n_bd) || (x2_queue_used(&txq->q, index) == 0)) {
3014 IWL_ERROR("Read index for DMA queue txq_id (%d) index %d "
3015 "is out of range [0-%d] %d %d\n", txq_id,
3016 index, txq->q.n_bd, txq->q.write_ptr,
3017 txq->q.read_ptr);
3018 return;
3019 }
3020
3021 #ifdef CONFIG_IWL4965_HT
3022 hdr = iwl4965_tx_queue_get_hdr(priv, txq_id, index);
3023 qc = ieee80211_get_qos_ctrl(hdr);
3024
3025 if (qc)
3026 tid = le16_to_cpu(*qc) & 0xf;
3027
3028 sta_id = iwl4965_get_ra_sta_id(priv, hdr);
3029 if (txq->sched_retry && unlikely(sta_id == IWL_INVALID_STATION)) {
3030 IWL_ERROR("Station not known\n");
3031 return;
3032 }
3033
3034 if (txq->sched_retry) {
3035 const u32 scd_ssn = iwl4965_get_scd_ssn(tx_resp);
3036 struct iwl4965_ht_agg *agg = NULL;
3037
3038 if (!qc)
3039 return;
3040
3041 agg = &priv->stations[sta_id].tid[tid].agg;
3042
3043 iwl4965_tx_status_reply_tx(priv, agg,
3044 (struct iwl4965_tx_resp_agg *)tx_resp, index);
3045
3046 if ((tx_resp->frame_count == 1) &&
3047 !iwl4965_is_tx_success(status)) {
3048 /* TODO: send BAR */
3049 }
3050
3051 if (txq->q.read_ptr != (scd_ssn & 0xff)) {
3052 int freed;
3053 index = iwl_queue_dec_wrap(scd_ssn & 0xff, txq->q.n_bd);
3054 IWL_DEBUG_TX_REPLY("Retry scheduler reclaim scd_ssn "
3055 "%d index %d\n", scd_ssn , index);
3056 freed = iwl4965_tx_queue_reclaim(priv, txq_id, index);
3057 priv->stations[sta_id].tid[tid].tfds_in_queue -= freed;
3058
3059 if (iwl4965_queue_space(&txq->q) > txq->q.low_mark &&
3060 txq_id >= 0 && priv->mac80211_registered &&
3061 agg->state != IWL_EMPTYING_HW_QUEUE_DELBA)
3062 ieee80211_wake_queue(priv->hw, txq_id);
3063
3064 iwl4965_check_empty_hw_queue(priv, sta_id, tid, txq_id);
3065 }
3066 } else {
3067 #endif /* CONFIG_IWL4965_HT */
3068 tx_status = &(txq->txb[txq->q.read_ptr].status);
3069
3070 tx_status->retry_count = tx_resp->failure_frame;
3071 tx_status->queue_number = status;
3072 tx_status->queue_length = tx_resp->bt_kill_count;
3073 tx_status->queue_length |= tx_resp->failure_rts;
3074 tx_status->flags =
3075 iwl4965_is_tx_success(status) ? IEEE80211_TX_STATUS_ACK : 0;
3076 iwl4965_hwrate_to_tx_control(priv, le32_to_cpu(tx_resp->rate_n_flags),
3077 &tx_status->control);
3078
3079 IWL_DEBUG_TX("Tx queue %d Status %s (0x%08x) rate_n_flags 0x%x "
3080 "retries %d\n", txq_id, iwl4965_get_tx_fail_reason(status),
3081 status, le32_to_cpu(tx_resp->rate_n_flags),
3082 tx_resp->failure_frame);
3083
3084 IWL_DEBUG_TX_REPLY("Tx queue reclaim %d\n", index);
3085 if (index != -1) {
3086 int freed = iwl4965_tx_queue_reclaim(priv, txq_id, index);
3087 #ifdef CONFIG_IWL4965_HT
3088 if (tid != MAX_TID_COUNT)
3089 priv->stations[sta_id].tid[tid].tfds_in_queue -= freed;
3090 if (iwl4965_queue_space(&txq->q) > txq->q.low_mark &&
3091 (txq_id >= 0) &&
3092 priv->mac80211_registered)
3093 ieee80211_wake_queue(priv->hw, txq_id);
3094 if (tid != MAX_TID_COUNT)
3095 iwl4965_check_empty_hw_queue(priv, sta_id, tid, txq_id);
3096 #endif
3097 }
3098 #ifdef CONFIG_IWL4965_HT
3099 }
3100 #endif /* CONFIG_IWL4965_HT */
3101
3102 if (iwl_check_bits(status, TX_ABORT_REQUIRED_MSK))
3103 IWL_ERROR("TODO: Implement Tx ABORT REQUIRED!!!\n");
3104 }
3105
3106
3107 static void iwl4965_rx_reply_alive(struct iwl_priv *priv,
3108 struct iwl4965_rx_mem_buffer *rxb)
3109 {
3110 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3111 struct iwl4965_alive_resp *palive;
3112 struct delayed_work *pwork;
3113
3114 palive = &pkt->u.alive_frame;
3115
3116 IWL_DEBUG_INFO("Alive ucode status 0x%08X revision "
3117 "0x%01X 0x%01X\n",
3118 palive->is_valid, palive->ver_type,
3119 palive->ver_subtype);
3120
3121 if (palive->ver_subtype == INITIALIZE_SUBTYPE) {
3122 IWL_DEBUG_INFO("Initialization Alive received.\n");
3123 memcpy(&priv->card_alive_init,
3124 &pkt->u.alive_frame,
3125 sizeof(struct iwl4965_init_alive_resp));
3126 pwork = &priv->init_alive_start;
3127 } else {
3128 IWL_DEBUG_INFO("Runtime Alive received.\n");
3129 memcpy(&priv->card_alive, &pkt->u.alive_frame,
3130 sizeof(struct iwl4965_alive_resp));
3131 pwork = &priv->alive_start;
3132 }
3133
3134 /* We delay the ALIVE response by 5ms to
3135 * give the HW RF Kill time to activate... */
3136 if (palive->is_valid == UCODE_VALID_OK)
3137 queue_delayed_work(priv->workqueue, pwork,
3138 msecs_to_jiffies(5));
3139 else
3140 IWL_WARNING("uCode did not respond OK.\n");
3141 }
3142
3143 static void iwl4965_rx_reply_add_sta(struct iwl_priv *priv,
3144 struct iwl4965_rx_mem_buffer *rxb)
3145 {
3146 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3147
3148 IWL_DEBUG_RX("Received REPLY_ADD_STA: 0x%02X\n", pkt->u.status);
3149 return;
3150 }
3151
3152 static void iwl4965_rx_reply_error(struct iwl_priv *priv,
3153 struct iwl4965_rx_mem_buffer *rxb)
3154 {
3155 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3156
3157 IWL_ERROR("Error Reply type 0x%08X cmd %s (0x%02X) "
3158 "seq 0x%04X ser 0x%08X\n",
3159 le32_to_cpu(pkt->u.err_resp.error_type),
3160 get_cmd_string(pkt->u.err_resp.cmd_id),
3161 pkt->u.err_resp.cmd_id,
3162 le16_to_cpu(pkt->u.err_resp.bad_cmd_seq_num),
3163 le32_to_cpu(pkt->u.err_resp.error_info));
3164 }
3165
3166 #define TX_STATUS_ENTRY(x) case TX_STATUS_FAIL_ ## x: return #x
3167
3168 static void iwl4965_rx_csa(struct iwl_priv *priv, struct iwl4965_rx_mem_buffer *rxb)
3169 {
3170 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3171 struct iwl4965_rxon_cmd *rxon = (void *)&priv->active_rxon;
3172 struct iwl4965_csa_notification *csa = &(pkt->u.csa_notif);
3173 IWL_DEBUG_11H("CSA notif: channel %d, status %d\n",
3174 le16_to_cpu(csa->channel), le32_to_cpu(csa->status));
3175 rxon->channel = csa->channel;
3176 priv->staging_rxon.channel = csa->channel;
3177 }
3178
3179 static void iwl4965_rx_spectrum_measure_notif(struct iwl_priv *priv,
3180 struct iwl4965_rx_mem_buffer *rxb)
3181 {
3182 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
3183 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3184 struct iwl4965_spectrum_notification *report = &(pkt->u.spectrum_notif);
3185
3186 if (!report->state) {
3187 IWL_DEBUG(IWL_DL_11H | IWL_DL_INFO,
3188 "Spectrum Measure Notification: Start\n");
3189 return;
3190 }
3191
3192 memcpy(&priv->measure_report, report, sizeof(*report));
3193 priv->measurement_status |= MEASUREMENT_READY;
3194 #endif
3195 }
3196
3197 static void iwl4965_rx_pm_sleep_notif(struct iwl_priv *priv,
3198 struct iwl4965_rx_mem_buffer *rxb)
3199 {
3200 #ifdef CONFIG_IWLWIFI_DEBUG
3201 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3202 struct iwl4965_sleep_notification *sleep = &(pkt->u.sleep_notif);
3203 IWL_DEBUG_RX("sleep mode: %d, src: %d\n",
3204 sleep->pm_sleep_mode, sleep->pm_wakeup_src);
3205 #endif
3206 }
3207
3208 static void iwl4965_rx_pm_debug_statistics_notif(struct iwl_priv *priv,
3209 struct iwl4965_rx_mem_buffer *rxb)
3210 {
3211 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3212 IWL_DEBUG_RADIO("Dumping %d bytes of unhandled "
3213 "notification for %s:\n",
3214 le32_to_cpu(pkt->len), get_cmd_string(pkt->hdr.cmd));
3215 iwl_print_hex_dump(IWL_DL_RADIO, pkt->u.raw, le32_to_cpu(pkt->len));
3216 }
3217
3218 static void iwl4965_bg_beacon_update(struct work_struct *work)
3219 {
3220 struct iwl_priv *priv =
3221 container_of(work, struct iwl_priv, beacon_update);
3222 struct sk_buff *beacon;
3223
3224 /* Pull updated AP beacon from mac80211. will fail if not in AP mode */
3225 beacon = ieee80211_beacon_get(priv->hw, priv->vif, NULL);
3226
3227 if (!beacon) {
3228 IWL_ERROR("update beacon failed\n");
3229 return;
3230 }
3231
3232 mutex_lock(&priv->mutex);
3233 /* new beacon skb is allocated every time; dispose previous.*/
3234 if (priv->ibss_beacon)
3235 dev_kfree_skb(priv->ibss_beacon);
3236
3237 priv->ibss_beacon = beacon;
3238 mutex_unlock(&priv->mutex);
3239
3240 iwl4965_send_beacon_cmd(priv);
3241 }
3242
3243 static void iwl4965_rx_beacon_notif(struct iwl_priv *priv,
3244 struct iwl4965_rx_mem_buffer *rxb)
3245 {
3246 #ifdef CONFIG_IWLWIFI_DEBUG
3247 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3248 struct iwl4965_beacon_notif *beacon = &(pkt->u.beacon_status);
3249 u8 rate = iwl4965_hw_get_rate(beacon->beacon_notify_hdr.rate_n_flags);
3250
3251 IWL_DEBUG_RX("beacon status %x retries %d iss %d "
3252 "tsf %d %d rate %d\n",
3253 le32_to_cpu(beacon->beacon_notify_hdr.status) & TX_STATUS_MSK,
3254 beacon->beacon_notify_hdr.failure_frame,
3255 le32_to_cpu(beacon->ibss_mgr_status),
3256 le32_to_cpu(beacon->high_tsf),
3257 le32_to_cpu(beacon->low_tsf), rate);
3258 #endif
3259
3260 if ((priv->iw_mode == IEEE80211_IF_TYPE_AP) &&
3261 (!test_bit(STATUS_EXIT_PENDING, &priv->status)))
3262 queue_work(priv->workqueue, &priv->beacon_update);
3263 }
3264
3265 /* Service response to REPLY_SCAN_CMD (0x80) */
3266 static void iwl4965_rx_reply_scan(struct iwl_priv *priv,
3267 struct iwl4965_rx_mem_buffer *rxb)
3268 {
3269 #ifdef CONFIG_IWLWIFI_DEBUG
3270 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3271 struct iwl4965_scanreq_notification *notif =
3272 (struct iwl4965_scanreq_notification *)pkt->u.raw;
3273
3274 IWL_DEBUG_RX("Scan request status = 0x%x\n", notif->status);
3275 #endif
3276 }
3277
3278 /* Service SCAN_START_NOTIFICATION (0x82) */
3279 static void iwl4965_rx_scan_start_notif(struct iwl_priv *priv,
3280 struct iwl4965_rx_mem_buffer *rxb)
3281 {
3282 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3283 struct iwl4965_scanstart_notification *notif =
3284 (struct iwl4965_scanstart_notification *)pkt->u.raw;
3285 priv->scan_start_tsf = le32_to_cpu(notif->tsf_low);
3286 IWL_DEBUG_SCAN("Scan start: "
3287 "%d [802.11%s] "
3288 "(TSF: 0x%08X:%08X) - %d (beacon timer %u)\n",
3289 notif->channel,
3290 notif->band ? "bg" : "a",
3291 notif->tsf_high,
3292 notif->tsf_low, notif->status, notif->beacon_timer);
3293 }
3294
3295 /* Service SCAN_RESULTS_NOTIFICATION (0x83) */
3296 static void iwl4965_rx_scan_results_notif(struct iwl_priv *priv,
3297 struct iwl4965_rx_mem_buffer *rxb)
3298 {
3299 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3300 struct iwl4965_scanresults_notification *notif =
3301 (struct iwl4965_scanresults_notification *)pkt->u.raw;
3302
3303 IWL_DEBUG_SCAN("Scan ch.res: "
3304 "%d [802.11%s] "
3305 "(TSF: 0x%08X:%08X) - %d "
3306 "elapsed=%lu usec (%dms since last)\n",
3307 notif->channel,
3308 notif->band ? "bg" : "a",
3309 le32_to_cpu(notif->tsf_high),
3310 le32_to_cpu(notif->tsf_low),
3311 le32_to_cpu(notif->statistics[0]),
3312 le32_to_cpu(notif->tsf_low) - priv->scan_start_tsf,
3313 jiffies_to_msecs(elapsed_jiffies
3314 (priv->last_scan_jiffies, jiffies)));
3315
3316 priv->last_scan_jiffies = jiffies;
3317 priv->next_scan_jiffies = 0;
3318 }
3319
3320 /* Service SCAN_COMPLETE_NOTIFICATION (0x84) */
3321 static void iwl4965_rx_scan_complete_notif(struct iwl_priv *priv,
3322 struct iwl4965_rx_mem_buffer *rxb)
3323 {
3324 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3325 struct iwl4965_scancomplete_notification *scan_notif = (void *)pkt->u.raw;
3326
3327 IWL_DEBUG_SCAN("Scan complete: %d channels (TSF 0x%08X:%08X) - %d\n",
3328 scan_notif->scanned_channels,
3329 scan_notif->tsf_low,
3330 scan_notif->tsf_high, scan_notif->status);
3331
3332 /* The HW is no longer scanning */
3333 clear_bit(STATUS_SCAN_HW, &priv->status);
3334
3335 /* The scan completion notification came in, so kill that timer... */
3336 cancel_delayed_work(&priv->scan_check);
3337
3338 IWL_DEBUG_INFO("Scan pass on %sGHz took %dms\n",
3339 (priv->scan_bands == 2) ? "2.4" : "5.2",
3340 jiffies_to_msecs(elapsed_jiffies
3341 (priv->scan_pass_start, jiffies)));
3342
3343 /* Remove this scanned band from the list
3344 * of pending bands to scan */
3345 priv->scan_bands--;
3346
3347 /* If a request to abort was given, or the scan did not succeed
3348 * then we reset the scan state machine and terminate,
3349 * re-queuing another scan if one has been requested */
3350 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
3351 IWL_DEBUG_INFO("Aborted scan completed.\n");
3352 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
3353 } else {
3354 /* If there are more bands on this scan pass reschedule */
3355 if (priv->scan_bands > 0)
3356 goto reschedule;
3357 }
3358
3359 priv->last_scan_jiffies = jiffies;
3360 priv->next_scan_jiffies = 0;
3361 IWL_DEBUG_INFO("Setting scan to off\n");
3362
3363 clear_bit(STATUS_SCANNING, &priv->status);
3364
3365 IWL_DEBUG_INFO("Scan took %dms\n",
3366 jiffies_to_msecs(elapsed_jiffies(priv->scan_start, jiffies)));
3367
3368 queue_work(priv->workqueue, &priv->scan_completed);
3369
3370 return;
3371
3372 reschedule:
3373 priv->scan_pass_start = jiffies;
3374 queue_work(priv->workqueue, &priv->request_scan);
3375 }
3376
3377 /* Handle notification from uCode that card's power state is changing
3378 * due to software, hardware, or critical temperature RFKILL */
3379 static void iwl4965_rx_card_state_notif(struct iwl_priv *priv,
3380 struct iwl4965_rx_mem_buffer *rxb)
3381 {
3382 struct iwl4965_rx_packet *pkt = (void *)rxb->skb->data;
3383 u32 flags = le32_to_cpu(pkt->u.card_state_notif.flags);
3384 unsigned long status = priv->status;
3385
3386 IWL_DEBUG_RF_KILL("Card state received: HW:%s SW:%s\n",
3387 (flags & HW_CARD_DISABLED) ? "Kill" : "On",
3388 (flags & SW_CARD_DISABLED) ? "Kill" : "On");
3389
3390 if (flags & (SW_CARD_DISABLED | HW_CARD_DISABLED |
3391 RF_CARD_DISABLED)) {
3392
3393 iwl_write32(priv, CSR_UCODE_DRV_GP1_SET,
3394 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
3395
3396 if (!iwl_grab_nic_access(priv)) {
3397 iwl_write_direct32(
3398 priv, HBUS_TARG_MBX_C,
3399 HBUS_TARG_MBX_C_REG_BIT_CMD_BLOCKED);
3400
3401 iwl_release_nic_access(priv);
3402 }
3403
3404 if (!(flags & RXON_CARD_DISABLED)) {
3405 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR,
3406 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
3407 if (!iwl_grab_nic_access(priv)) {
3408 iwl_write_direct32(
3409 priv, HBUS_TARG_MBX_C,
3410 HBUS_TARG_MBX_C_REG_BIT_CMD_BLOCKED);
3411
3412 iwl_release_nic_access(priv);
3413 }
3414 }
3415
3416 if (flags & RF_CARD_DISABLED) {
3417 iwl_write32(priv, CSR_UCODE_DRV_GP1_SET,
3418 CSR_UCODE_DRV_GP1_REG_BIT_CT_KILL_EXIT);
3419 iwl_read32(priv, CSR_UCODE_DRV_GP1);
3420 if (!iwl_grab_nic_access(priv))
3421 iwl_release_nic_access(priv);
3422 }
3423 }
3424
3425 if (flags & HW_CARD_DISABLED)
3426 set_bit(STATUS_RF_KILL_HW, &priv->status);
3427 else
3428 clear_bit(STATUS_RF_KILL_HW, &priv->status);
3429
3430
3431 if (flags & SW_CARD_DISABLED)
3432 set_bit(STATUS_RF_KILL_SW, &priv->status);
3433 else
3434 clear_bit(STATUS_RF_KILL_SW, &priv->status);
3435
3436 if (!(flags & RXON_CARD_DISABLED))
3437 iwl4965_scan_cancel(priv);
3438
3439 if ((test_bit(STATUS_RF_KILL_HW, &status) !=
3440 test_bit(STATUS_RF_KILL_HW, &priv->status)) ||
3441 (test_bit(STATUS_RF_KILL_SW, &status) !=
3442 test_bit(STATUS_RF_KILL_SW, &priv->status)))
3443 queue_work(priv->workqueue, &priv->rf_kill);
3444 else
3445 wake_up_interruptible(&priv->wait_command_queue);
3446 }
3447
3448 /**
3449 * iwl4965_setup_rx_handlers - Initialize Rx handler callbacks
3450 *
3451 * Setup the RX handlers for each of the reply types sent from the uCode
3452 * to the host.
3453 *
3454 * This function chains into the hardware specific files for them to setup
3455 * any hardware specific handlers as well.
3456 */
3457 static void iwl4965_setup_rx_handlers(struct iwl_priv *priv)
3458 {
3459 priv->rx_handlers[REPLY_ALIVE] = iwl4965_rx_reply_alive;
3460 priv->rx_handlers[REPLY_ADD_STA] = iwl4965_rx_reply_add_sta;
3461 priv->rx_handlers[REPLY_ERROR] = iwl4965_rx_reply_error;
3462 priv->rx_handlers[CHANNEL_SWITCH_NOTIFICATION] = iwl4965_rx_csa;
3463 priv->rx_handlers[SPECTRUM_MEASURE_NOTIFICATION] =
3464 iwl4965_rx_spectrum_measure_notif;
3465 priv->rx_handlers[PM_SLEEP_NOTIFICATION] = iwl4965_rx_pm_sleep_notif;
3466 priv->rx_handlers[PM_DEBUG_STATISTIC_NOTIFIC] =
3467 iwl4965_rx_pm_debug_statistics_notif;
3468 priv->rx_handlers[BEACON_NOTIFICATION] = iwl4965_rx_beacon_notif;
3469
3470 /*
3471 * The same handler is used for both the REPLY to a discrete
3472 * statistics request from the host as well as for the periodic
3473 * statistics notifications (after received beacons) from the uCode.
3474 */
3475 priv->rx_handlers[REPLY_STATISTICS_CMD] = iwl4965_hw_rx_statistics;
3476 priv->rx_handlers[STATISTICS_NOTIFICATION] = iwl4965_hw_rx_statistics;
3477
3478 priv->rx_handlers[REPLY_SCAN_CMD] = iwl4965_rx_reply_scan;
3479 priv->rx_handlers[SCAN_START_NOTIFICATION] = iwl4965_rx_scan_start_notif;
3480 priv->rx_handlers[SCAN_RESULTS_NOTIFICATION] =
3481 iwl4965_rx_scan_results_notif;
3482 priv->rx_handlers[SCAN_COMPLETE_NOTIFICATION] =
3483 iwl4965_rx_scan_complete_notif;
3484 priv->rx_handlers[CARD_STATE_NOTIFICATION] = iwl4965_rx_card_state_notif;
3485 priv->rx_handlers[REPLY_TX] = iwl4965_rx_reply_tx;
3486
3487 /* Set up hardware specific Rx handlers */
3488 iwl4965_hw_rx_handler_setup(priv);
3489 }
3490
3491 /**
3492 * iwl4965_tx_cmd_complete - Pull unused buffers off the queue and reclaim them
3493 * @rxb: Rx buffer to reclaim
3494 *
3495 * If an Rx buffer has an async callback associated with it the callback
3496 * will be executed. The attached skb (if present) will only be freed
3497 * if the callback returns 1
3498 */
3499 static void iwl4965_tx_cmd_complete(struct iwl_priv *priv,
3500 struct iwl4965_rx_mem_buffer *rxb)
3501 {
3502 struct iwl4965_rx_packet *pkt = (struct iwl4965_rx_packet *)rxb->skb->data;
3503 u16 sequence = le16_to_cpu(pkt->hdr.sequence);
3504 int txq_id = SEQ_TO_QUEUE(sequence);
3505 int index = SEQ_TO_INDEX(sequence);
3506 int huge = sequence & SEQ_HUGE_FRAME;
3507 int cmd_index;
3508 struct iwl_cmd *cmd;
3509
3510 /* If a Tx command is being handled and it isn't in the actual
3511 * command queue then there a command routing bug has been introduced
3512 * in the queue management code. */
3513 if (txq_id != IWL_CMD_QUEUE_NUM)
3514 IWL_ERROR("Error wrong command queue %d command id 0x%X\n",
3515 txq_id, pkt->hdr.cmd);
3516 BUG_ON(txq_id != IWL_CMD_QUEUE_NUM);
3517
3518 cmd_index = get_cmd_index(&priv->txq[IWL_CMD_QUEUE_NUM].q, index, huge);
3519 cmd = &priv->txq[IWL_CMD_QUEUE_NUM].cmd[cmd_index];
3520
3521 /* Input error checking is done when commands are added to queue. */
3522 if (cmd->meta.flags & CMD_WANT_SKB) {
3523 cmd->meta.source->u.skb = rxb->skb;
3524 rxb->skb = NULL;
3525 } else if (cmd->meta.u.callback &&
3526 !cmd->meta.u.callback(priv, cmd, rxb->skb))
3527 rxb->skb = NULL;
3528
3529 iwl4965_tx_queue_reclaim(priv, txq_id, index);
3530
3531 if (!(cmd->meta.flags & CMD_ASYNC)) {
3532 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
3533 wake_up_interruptible(&priv->wait_command_queue);
3534 }
3535 }
3536
3537 /************************** RX-FUNCTIONS ****************************/
3538 /*
3539 * Rx theory of operation
3540 *
3541 * Driver allocates a circular buffer of Receive Buffer Descriptors (RBDs),
3542 * each of which point to Receive Buffers to be filled by 4965. These get
3543 * used not only for Rx frames, but for any command response or notification
3544 * from the 4965. The driver and 4965 manage the Rx buffers by means
3545 * of indexes into the circular buffer.
3546 *
3547 * Rx Queue Indexes
3548 * The host/firmware share two index registers for managing the Rx buffers.
3549 *
3550 * The READ index maps to the first position that the firmware may be writing
3551 * to -- the driver can read up to (but not including) this position and get
3552 * good data.
3553 * The READ index is managed by the firmware once the card is enabled.
3554 *
3555 * The WRITE index maps to the last position the driver has read from -- the
3556 * position preceding WRITE is the last slot the firmware can place a packet.
3557 *
3558 * The queue is empty (no good data) if WRITE = READ - 1, and is full if
3559 * WRITE = READ.
3560 *
3561 * During initialization, the host sets up the READ queue position to the first
3562 * INDEX position, and WRITE to the last (READ - 1 wrapped)
3563 *
3564 * When the firmware places a packet in a buffer, it will advance the READ index
3565 * and fire the RX interrupt. The driver can then query the READ index and
3566 * process as many packets as possible, moving the WRITE index forward as it
3567 * resets the Rx queue buffers with new memory.
3568 *
3569 * The management in the driver is as follows:
3570 * + A list of pre-allocated SKBs is stored in iwl->rxq->rx_free. When
3571 * iwl->rxq->free_count drops to or below RX_LOW_WATERMARK, work is scheduled
3572 * to replenish the iwl->rxq->rx_free.
3573 * + In iwl4965_rx_replenish (scheduled) if 'processed' != 'read' then the
3574 * iwl->rxq is replenished and the READ INDEX is updated (updating the
3575 * 'processed' and 'read' driver indexes as well)
3576 * + A received packet is processed and handed to the kernel network stack,
3577 * detached from the iwl->rxq. The driver 'processed' index is updated.
3578 * + The Host/Firmware iwl->rxq is replenished at tasklet time from the rx_free
3579 * list. If there are no allocated buffers in iwl->rxq->rx_free, the READ
3580 * INDEX is not incremented and iwl->status(RX_STALLED) is set. If there
3581 * were enough free buffers and RX_STALLED is set it is cleared.
3582 *
3583 *
3584 * Driver sequence:
3585 *
3586 * iwl4965_rx_queue_alloc() Allocates rx_free
3587 * iwl4965_rx_replenish() Replenishes rx_free list from rx_used, and calls
3588 * iwl4965_rx_queue_restock
3589 * iwl4965_rx_queue_restock() Moves available buffers from rx_free into Rx
3590 * queue, updates firmware pointers, and updates
3591 * the WRITE index. If insufficient rx_free buffers
3592 * are available, schedules iwl4965_rx_replenish
3593 *
3594 * -- enable interrupts --
3595 * ISR - iwl4965_rx() Detach iwl4965_rx_mem_buffers from pool up to the
3596 * READ INDEX, detaching the SKB from the pool.
3597 * Moves the packet buffer from queue to rx_used.
3598 * Calls iwl4965_rx_queue_restock to refill any empty
3599 * slots.
3600 * ...
3601 *
3602 */
3603
3604 /**
3605 * iwl4965_rx_queue_space - Return number of free slots available in queue.
3606 */
3607 static int iwl4965_rx_queue_space(const struct iwl4965_rx_queue *q)
3608 {
3609 int s = q->read - q->write;
3610 if (s <= 0)
3611 s += RX_QUEUE_SIZE;
3612 /* keep some buffer to not confuse full and empty queue */
3613 s -= 2;
3614 if (s < 0)
3615 s = 0;
3616 return s;
3617 }
3618
3619 /**
3620 * iwl4965_rx_queue_update_write_ptr - Update the write pointer for the RX queue
3621 */
3622 int iwl4965_rx_queue_update_write_ptr(struct iwl_priv *priv, struct iwl4965_rx_queue *q)
3623 {
3624 u32 reg = 0;
3625 int rc = 0;
3626 unsigned long flags;
3627
3628 spin_lock_irqsave(&q->lock, flags);
3629
3630 if (q->need_update == 0)
3631 goto exit_unlock;
3632
3633 /* If power-saving is in use, make sure device is awake */
3634 if (test_bit(STATUS_POWER_PMI, &priv->status)) {
3635 reg = iwl_read32(priv, CSR_UCODE_DRV_GP1);
3636
3637 if (reg & CSR_UCODE_DRV_GP1_BIT_MAC_SLEEP) {
3638 iwl_set_bit(priv, CSR_GP_CNTRL,
3639 CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
3640 goto exit_unlock;
3641 }
3642
3643 rc = iwl_grab_nic_access(priv);
3644 if (rc)
3645 goto exit_unlock;
3646
3647 /* Device expects a multiple of 8 */
3648 iwl_write_direct32(priv, FH_RSCSR_CHNL0_WPTR,
3649 q->write & ~0x7);
3650 iwl_release_nic_access(priv);
3651
3652 /* Else device is assumed to be awake */
3653 } else
3654 /* Device expects a multiple of 8 */
3655 iwl_write32(priv, FH_RSCSR_CHNL0_WPTR, q->write & ~0x7);
3656
3657
3658 q->need_update = 0;
3659
3660 exit_unlock:
3661 spin_unlock_irqrestore(&q->lock, flags);
3662 return rc;
3663 }
3664
3665 /**
3666 * iwl4965_dma_addr2rbd_ptr - convert a DMA address to a uCode read buffer ptr
3667 */
3668 static inline __le32 iwl4965_dma_addr2rbd_ptr(struct iwl_priv *priv,
3669 dma_addr_t dma_addr)
3670 {
3671 return cpu_to_le32((u32)(dma_addr >> 8));
3672 }
3673
3674
3675 /**
3676 * iwl4965_rx_queue_restock - refill RX queue from pre-allocated pool
3677 *
3678 * If there are slots in the RX queue that need to be restocked,
3679 * and we have free pre-allocated buffers, fill the ranks as much
3680 * as we can, pulling from rx_free.
3681 *
3682 * This moves the 'write' index forward to catch up with 'processed', and
3683 * also updates the memory address in the firmware to reference the new
3684 * target buffer.
3685 */
3686 static int iwl4965_rx_queue_restock(struct iwl_priv *priv)
3687 {
3688 struct iwl4965_rx_queue *rxq = &priv->rxq;
3689 struct list_head *element;
3690 struct iwl4965_rx_mem_buffer *rxb;
3691 unsigned long flags;
3692 int write, rc;
3693
3694 spin_lock_irqsave(&rxq->lock, flags);
3695 write = rxq->write & ~0x7;
3696 while ((iwl4965_rx_queue_space(rxq) > 0) && (rxq->free_count)) {
3697 /* Get next free Rx buffer, remove from free list */
3698 element = rxq->rx_free.next;
3699 rxb = list_entry(element, struct iwl4965_rx_mem_buffer, list);
3700 list_del(element);
3701
3702 /* Point to Rx buffer via next RBD in circular buffer */
3703 rxq->bd[rxq->write] = iwl4965_dma_addr2rbd_ptr(priv, rxb->dma_addr);
3704 rxq->queue[rxq->write] = rxb;
3705 rxq->write = (rxq->write + 1) & RX_QUEUE_MASK;
3706 rxq->free_count--;
3707 }
3708 spin_unlock_irqrestore(&rxq->lock, flags);
3709 /* If the pre-allocated buffer pool is dropping low, schedule to
3710 * refill it */
3711 if (rxq->free_count <= RX_LOW_WATERMARK)
3712 queue_work(priv->workqueue, &priv->rx_replenish);
3713
3714
3715 /* If we've added more space for the firmware to place data, tell it.
3716 * Increment device's write pointer in multiples of 8. */
3717 if ((write != (rxq->write & ~0x7))
3718 || (abs(rxq->write - rxq->read) > 7)) {
3719 spin_lock_irqsave(&rxq->lock, flags);
3720 rxq->need_update = 1;
3721 spin_unlock_irqrestore(&rxq->lock, flags);
3722 rc = iwl4965_rx_queue_update_write_ptr(priv, rxq);
3723 if (rc)
3724 return rc;
3725 }
3726
3727 return 0;
3728 }
3729
3730 /**
3731 * iwl4965_rx_replenish - Move all used packet from rx_used to rx_free
3732 *
3733 * When moving to rx_free an SKB is allocated for the slot.
3734 *
3735 * Also restock the Rx queue via iwl4965_rx_queue_restock.
3736 * This is called as a scheduled work item (except for during initialization)
3737 */
3738 static void iwl4965_rx_allocate(struct iwl_priv *priv)
3739 {
3740 struct iwl4965_rx_queue *rxq = &priv->rxq;
3741 struct list_head *element;
3742 struct iwl4965_rx_mem_buffer *rxb;
3743 unsigned long flags;
3744 spin_lock_irqsave(&rxq->lock, flags);
3745 while (!list_empty(&rxq->rx_used)) {
3746 element = rxq->rx_used.next;
3747 rxb = list_entry(element, struct iwl4965_rx_mem_buffer, list);
3748
3749 /* Alloc a new receive buffer */
3750 rxb->skb =
3751 alloc_skb(priv->hw_setting.rx_buf_size,
3752 __GFP_NOWARN | GFP_ATOMIC);
3753 if (!rxb->skb) {
3754 if (net_ratelimit())
3755 printk(KERN_CRIT DRV_NAME
3756 ": Can not allocate SKB buffers\n");
3757 /* We don't reschedule replenish work here -- we will
3758 * call the restock method and if it still needs
3759 * more buffers it will schedule replenish */
3760 break;
3761 }
3762 priv->alloc_rxb_skb++;
3763 list_del(element);
3764
3765 /* Get physical address of RB/SKB */
3766 rxb->dma_addr =
3767 pci_map_single(priv->pci_dev, rxb->skb->data,
3768 priv->hw_setting.rx_buf_size, PCI_DMA_FROMDEVICE);
3769 list_add_tail(&rxb->list, &rxq->rx_free);
3770 rxq->free_count++;
3771 }
3772 spin_unlock_irqrestore(&rxq->lock, flags);
3773 }
3774
3775 /*
3776 * this should be called while priv->lock is locked
3777 */
3778 static void __iwl4965_rx_replenish(void *data)
3779 {
3780 struct iwl_priv *priv = data;
3781
3782 iwl4965_rx_allocate(priv);
3783 iwl4965_rx_queue_restock(priv);
3784 }
3785
3786
3787 void iwl4965_rx_replenish(void *data)
3788 {
3789 struct iwl_priv *priv = data;
3790 unsigned long flags;
3791
3792 iwl4965_rx_allocate(priv);
3793
3794 spin_lock_irqsave(&priv->lock, flags);
3795 iwl4965_rx_queue_restock(priv);
3796 spin_unlock_irqrestore(&priv->lock, flags);
3797 }
3798
3799 /* Assumes that the skb field of the buffers in 'pool' is kept accurate.
3800 * If an SKB has been detached, the POOL needs to have its SKB set to NULL
3801 * This free routine walks the list of POOL entries and if SKB is set to
3802 * non NULL it is unmapped and freed
3803 */
3804 static void iwl4965_rx_queue_free(struct iwl_priv *priv, struct iwl4965_rx_queue *rxq)
3805 {
3806 int i;
3807 for (i = 0; i < RX_QUEUE_SIZE + RX_FREE_BUFFERS; i++) {
3808 if (rxq->pool[i].skb != NULL) {
3809 pci_unmap_single(priv->pci_dev,
3810 rxq->pool[i].dma_addr,
3811 priv->hw_setting.rx_buf_size,
3812 PCI_DMA_FROMDEVICE);
3813 dev_kfree_skb(rxq->pool[i].skb);
3814 }
3815 }
3816
3817 pci_free_consistent(priv->pci_dev, 4 * RX_QUEUE_SIZE, rxq->bd,
3818 rxq->dma_addr);
3819 rxq->bd = NULL;
3820 }
3821
3822 int iwl4965_rx_queue_alloc(struct iwl_priv *priv)
3823 {
3824 struct iwl4965_rx_queue *rxq = &priv->rxq;
3825 struct pci_dev *dev = priv->pci_dev;
3826 int i;
3827
3828 spin_lock_init(&rxq->lock);
3829 INIT_LIST_HEAD(&rxq->rx_free);
3830 INIT_LIST_HEAD(&rxq->rx_used);
3831
3832 /* Alloc the circular buffer of Read Buffer Descriptors (RBDs) */
3833 rxq->bd = pci_alloc_consistent(dev, 4 * RX_QUEUE_SIZE, &rxq->dma_addr);
3834 if (!rxq->bd)
3835 return -ENOMEM;
3836
3837 /* Fill the rx_used queue with _all_ of the Rx buffers */
3838 for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++)
3839 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
3840
3841 /* Set us so that we have processed and used all buffers, but have
3842 * not restocked the Rx queue with fresh buffers */
3843 rxq->read = rxq->write = 0;
3844 rxq->free_count = 0;
3845 rxq->need_update = 0;
3846 return 0;
3847 }
3848
3849 void iwl4965_rx_queue_reset(struct iwl_priv *priv, struct iwl4965_rx_queue *rxq)
3850 {
3851 unsigned long flags;
3852 int i;
3853 spin_lock_irqsave(&rxq->lock, flags);
3854 INIT_LIST_HEAD(&rxq->rx_free);
3855 INIT_LIST_HEAD(&rxq->rx_used);
3856 /* Fill the rx_used queue with _all_ of the Rx buffers */
3857 for (i = 0; i < RX_FREE_BUFFERS + RX_QUEUE_SIZE; i++) {
3858 /* In the reset function, these buffers may have been allocated
3859 * to an SKB, so we need to unmap and free potential storage */
3860 if (rxq->pool[i].skb != NULL) {
3861 pci_unmap_single(priv->pci_dev,
3862 rxq->pool[i].dma_addr,
3863 priv->hw_setting.rx_buf_size,
3864 PCI_DMA_FROMDEVICE);
3865 priv->alloc_rxb_skb--;
3866 dev_kfree_skb(rxq->pool[i].skb);
3867 rxq->pool[i].skb = NULL;
3868 }
3869 list_add_tail(&rxq->pool[i].list, &rxq->rx_used);
3870 }
3871
3872 /* Set us so that we have processed and used all buffers, but have
3873 * not restocked the Rx queue with fresh buffers */
3874 rxq->read = rxq->write = 0;
3875 rxq->free_count = 0;
3876 spin_unlock_irqrestore(&rxq->lock, flags);
3877 }
3878
3879 /* Convert linear signal-to-noise ratio into dB */
3880 static u8 ratio2dB[100] = {
3881 /* 0 1 2 3 4 5 6 7 8 9 */
3882 0, 0, 6, 10, 12, 14, 16, 17, 18, 19, /* 00 - 09 */
3883 20, 21, 22, 22, 23, 23, 24, 25, 26, 26, /* 10 - 19 */
3884 26, 26, 26, 27, 27, 28, 28, 28, 29, 29, /* 20 - 29 */
3885 29, 30, 30, 30, 31, 31, 31, 31, 32, 32, /* 30 - 39 */
3886 32, 32, 32, 33, 33, 33, 33, 33, 34, 34, /* 40 - 49 */
3887 34, 34, 34, 34, 35, 35, 35, 35, 35, 35, /* 50 - 59 */
3888 36, 36, 36, 36, 36, 36, 36, 37, 37, 37, /* 60 - 69 */
3889 37, 37, 37, 37, 37, 38, 38, 38, 38, 38, /* 70 - 79 */
3890 38, 38, 38, 38, 38, 39, 39, 39, 39, 39, /* 80 - 89 */
3891 39, 39, 39, 39, 39, 40, 40, 40, 40, 40 /* 90 - 99 */
3892 };
3893
3894 /* Calculates a relative dB value from a ratio of linear
3895 * (i.e. not dB) signal levels.
3896 * Conversion assumes that levels are voltages (20*log), not powers (10*log). */
3897 int iwl4965_calc_db_from_ratio(int sig_ratio)
3898 {
3899 /* 1000:1 or higher just report as 60 dB */
3900 if (sig_ratio >= 1000)
3901 return 60;
3902
3903 /* 100:1 or higher, divide by 10 and use table,
3904 * add 20 dB to make up for divide by 10 */
3905 if (sig_ratio >= 100)
3906 return (20 + (int)ratio2dB[sig_ratio/10]);
3907
3908 /* We shouldn't see this */
3909 if (sig_ratio < 1)
3910 return 0;
3911
3912 /* Use table for ratios 1:1 - 99:1 */
3913 return (int)ratio2dB[sig_ratio];
3914 }
3915
3916 #define PERFECT_RSSI (-20) /* dBm */
3917 #define WORST_RSSI (-95) /* dBm */
3918 #define RSSI_RANGE (PERFECT_RSSI - WORST_RSSI)
3919
3920 /* Calculate an indication of rx signal quality (a percentage, not dBm!).
3921 * See http://www.ces.clemson.edu/linux/signal_quality.shtml for info
3922 * about formulas used below. */
3923 int iwl4965_calc_sig_qual(int rssi_dbm, int noise_dbm)
3924 {
3925 int sig_qual;
3926 int degradation = PERFECT_RSSI - rssi_dbm;
3927
3928 /* If we get a noise measurement, use signal-to-noise ratio (SNR)
3929 * as indicator; formula is (signal dbm - noise dbm).
3930 * SNR at or above 40 is a great signal (100%).
3931 * Below that, scale to fit SNR of 0 - 40 dB within 0 - 100% indicator.
3932 * Weakest usable signal is usually 10 - 15 dB SNR. */
3933 if (noise_dbm) {
3934 if (rssi_dbm - noise_dbm >= 40)
3935 return 100;
3936 else if (rssi_dbm < noise_dbm)
3937 return 0;
3938 sig_qual = ((rssi_dbm - noise_dbm) * 5) / 2;
3939
3940 /* Else use just the signal level.
3941 * This formula is a least squares fit of data points collected and
3942 * compared with a reference system that had a percentage (%) display
3943 * for signal quality. */
3944 } else
3945 sig_qual = (100 * (RSSI_RANGE * RSSI_RANGE) - degradation *
3946 (15 * RSSI_RANGE + 62 * degradation)) /
3947 (RSSI_RANGE * RSSI_RANGE);
3948
3949 if (sig_qual > 100)
3950 sig_qual = 100;
3951 else if (sig_qual < 1)
3952 sig_qual = 0;
3953
3954 return sig_qual;
3955 }
3956
3957 /**
3958 * iwl4965_rx_handle - Main entry function for receiving responses from uCode
3959 *
3960 * Uses the priv->rx_handlers callback function array to invoke
3961 * the appropriate handlers, including command responses,
3962 * frame-received notifications, and other notifications.
3963 */
3964 static void iwl4965_rx_handle(struct iwl_priv *priv)
3965 {
3966 struct iwl4965_rx_mem_buffer *rxb;
3967 struct iwl4965_rx_packet *pkt;
3968 struct iwl4965_rx_queue *rxq = &priv->rxq;
3969 u32 r, i;
3970 int reclaim;
3971 unsigned long flags;
3972 u8 fill_rx = 0;
3973 u32 count = 8;
3974
3975 /* uCode's read index (stored in shared DRAM) indicates the last Rx
3976 * buffer that the driver may process (last buffer filled by ucode). */
3977 r = iwl4965_hw_get_rx_read(priv);
3978 i = rxq->read;
3979
3980 /* Rx interrupt, but nothing sent from uCode */
3981 if (i == r)
3982 IWL_DEBUG(IWL_DL_RX | IWL_DL_ISR, "r = %d, i = %d\n", r, i);
3983
3984 if (iwl4965_rx_queue_space(rxq) > (RX_QUEUE_SIZE / 2))
3985 fill_rx = 1;
3986
3987 while (i != r) {
3988 rxb = rxq->queue[i];
3989
3990 /* If an RXB doesn't have a Rx queue slot associated with it,
3991 * then a bug has been introduced in the queue refilling
3992 * routines -- catch it here */
3993 BUG_ON(rxb == NULL);
3994
3995 rxq->queue[i] = NULL;
3996
3997 pci_dma_sync_single_for_cpu(priv->pci_dev, rxb->dma_addr,
3998 priv->hw_setting.rx_buf_size,
3999 PCI_DMA_FROMDEVICE);
4000 pkt = (struct iwl4965_rx_packet *)rxb->skb->data;
4001
4002 /* Reclaim a command buffer only if this packet is a response
4003 * to a (driver-originated) command.
4004 * If the packet (e.g. Rx frame) originated from uCode,
4005 * there is no command buffer to reclaim.
4006 * Ucode should set SEQ_RX_FRAME bit if ucode-originated,
4007 * but apparently a few don't get set; catch them here. */
4008 reclaim = !(pkt->hdr.sequence & SEQ_RX_FRAME) &&
4009 (pkt->hdr.cmd != REPLY_RX_PHY_CMD) &&
4010 (pkt->hdr.cmd != REPLY_RX) &&
4011 (pkt->hdr.cmd != REPLY_COMPRESSED_BA) &&
4012 (pkt->hdr.cmd != STATISTICS_NOTIFICATION) &&
4013 (pkt->hdr.cmd != REPLY_TX);
4014
4015 /* Based on type of command response or notification,
4016 * handle those that need handling via function in
4017 * rx_handlers table. See iwl4965_setup_rx_handlers() */
4018 if (priv->rx_handlers[pkt->hdr.cmd]) {
4019 IWL_DEBUG(IWL_DL_HOST_COMMAND | IWL_DL_RX | IWL_DL_ISR,
4020 "r = %d, i = %d, %s, 0x%02x\n", r, i,
4021 get_cmd_string(pkt->hdr.cmd), pkt->hdr.cmd);
4022 priv->rx_handlers[pkt->hdr.cmd] (priv, rxb);
4023 } else {
4024 /* No handling needed */
4025 IWL_DEBUG(IWL_DL_HOST_COMMAND | IWL_DL_RX | IWL_DL_ISR,
4026 "r %d i %d No handler needed for %s, 0x%02x\n",
4027 r, i, get_cmd_string(pkt->hdr.cmd),
4028 pkt->hdr.cmd);
4029 }
4030
4031 if (reclaim) {
4032 /* Invoke any callbacks, transfer the skb to caller, and
4033 * fire off the (possibly) blocking iwl_send_cmd()
4034 * as we reclaim the driver command queue */
4035 if (rxb && rxb->skb)
4036 iwl4965_tx_cmd_complete(priv, rxb);
4037 else
4038 IWL_WARNING("Claim null rxb?\n");
4039 }
4040
4041 /* For now we just don't re-use anything. We can tweak this
4042 * later to try and re-use notification packets and SKBs that
4043 * fail to Rx correctly */
4044 if (rxb->skb != NULL) {
4045 priv->alloc_rxb_skb--;
4046 dev_kfree_skb_any(rxb->skb);
4047 rxb->skb = NULL;
4048 }
4049
4050 pci_unmap_single(priv->pci_dev, rxb->dma_addr,
4051 priv->hw_setting.rx_buf_size,
4052 PCI_DMA_FROMDEVICE);
4053 spin_lock_irqsave(&rxq->lock, flags);
4054 list_add_tail(&rxb->list, &priv->rxq.rx_used);
4055 spin_unlock_irqrestore(&rxq->lock, flags);
4056 i = (i + 1) & RX_QUEUE_MASK;
4057 /* If there are a lot of unused frames,
4058 * restock the Rx queue so ucode wont assert. */
4059 if (fill_rx) {
4060 count++;
4061 if (count >= 8) {
4062 priv->rxq.read = i;
4063 __iwl4965_rx_replenish(priv);
4064 count = 0;
4065 }
4066 }
4067 }
4068
4069 /* Backtrack one entry */
4070 priv->rxq.read = i;
4071 iwl4965_rx_queue_restock(priv);
4072 }
4073
4074 /**
4075 * iwl4965_tx_queue_update_write_ptr - Send new write index to hardware
4076 */
4077 static int iwl4965_tx_queue_update_write_ptr(struct iwl_priv *priv,
4078 struct iwl4965_tx_queue *txq)
4079 {
4080 u32 reg = 0;
4081 int rc = 0;
4082 int txq_id = txq->q.id;
4083
4084 if (txq->need_update == 0)
4085 return rc;
4086
4087 /* if we're trying to save power */
4088 if (test_bit(STATUS_POWER_PMI, &priv->status)) {
4089 /* wake up nic if it's powered down ...
4090 * uCode will wake up, and interrupt us again, so next
4091 * time we'll skip this part. */
4092 reg = iwl_read32(priv, CSR_UCODE_DRV_GP1);
4093
4094 if (reg & CSR_UCODE_DRV_GP1_BIT_MAC_SLEEP) {
4095 IWL_DEBUG_INFO("Requesting wakeup, GP1 = 0x%x\n", reg);
4096 iwl_set_bit(priv, CSR_GP_CNTRL,
4097 CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
4098 return rc;
4099 }
4100
4101 /* restore this queue's parameters in nic hardware. */
4102 rc = iwl_grab_nic_access(priv);
4103 if (rc)
4104 return rc;
4105 iwl_write_direct32(priv, HBUS_TARG_WRPTR,
4106 txq->q.write_ptr | (txq_id << 8));
4107 iwl_release_nic_access(priv);
4108
4109 /* else not in power-save mode, uCode will never sleep when we're
4110 * trying to tx (during RFKILL, we're not trying to tx). */
4111 } else
4112 iwl_write32(priv, HBUS_TARG_WRPTR,
4113 txq->q.write_ptr | (txq_id << 8));
4114
4115 txq->need_update = 0;
4116
4117 return rc;
4118 }
4119
4120 #ifdef CONFIG_IWLWIFI_DEBUG
4121 static void iwl4965_print_rx_config_cmd(struct iwl4965_rxon_cmd *rxon)
4122 {
4123 DECLARE_MAC_BUF(mac);
4124
4125 IWL_DEBUG_RADIO("RX CONFIG:\n");
4126 iwl_print_hex_dump(IWL_DL_RADIO, (u8 *) rxon, sizeof(*rxon));
4127 IWL_DEBUG_RADIO("u16 channel: 0x%x\n", le16_to_cpu(rxon->channel));
4128 IWL_DEBUG_RADIO("u32 flags: 0x%08X\n", le32_to_cpu(rxon->flags));
4129 IWL_DEBUG_RADIO("u32 filter_flags: 0x%08x\n",
4130 le32_to_cpu(rxon->filter_flags));
4131 IWL_DEBUG_RADIO("u8 dev_type: 0x%x\n", rxon->dev_type);
4132 IWL_DEBUG_RADIO("u8 ofdm_basic_rates: 0x%02x\n",
4133 rxon->ofdm_basic_rates);
4134 IWL_DEBUG_RADIO("u8 cck_basic_rates: 0x%02x\n", rxon->cck_basic_rates);
4135 IWL_DEBUG_RADIO("u8[6] node_addr: %s\n",
4136 print_mac(mac, rxon->node_addr));
4137 IWL_DEBUG_RADIO("u8[6] bssid_addr: %s\n",
4138 print_mac(mac, rxon->bssid_addr));
4139 IWL_DEBUG_RADIO("u16 assoc_id: 0x%x\n", le16_to_cpu(rxon->assoc_id));
4140 }
4141 #endif
4142
4143 static void iwl4965_enable_interrupts(struct iwl_priv *priv)
4144 {
4145 IWL_DEBUG_ISR("Enabling interrupts\n");
4146 set_bit(STATUS_INT_ENABLED, &priv->status);
4147 iwl_write32(priv, CSR_INT_MASK, CSR_INI_SET_MASK);
4148 }
4149
4150 /* call this function to flush any scheduled tasklet */
4151 static inline void iwl_synchronize_irq(struct iwl_priv *priv)
4152 {
4153 /* wait to make sure we flush pedding tasklet*/
4154 synchronize_irq(priv->pci_dev->irq);
4155 tasklet_kill(&priv->irq_tasklet);
4156 }
4157
4158 static inline void iwl4965_disable_interrupts(struct iwl_priv *priv)
4159 {
4160 clear_bit(STATUS_INT_ENABLED, &priv->status);
4161
4162 /* disable interrupts from uCode/NIC to host */
4163 iwl_write32(priv, CSR_INT_MASK, 0x00000000);
4164
4165 /* acknowledge/clear/reset any interrupts still pending
4166 * from uCode or flow handler (Rx/Tx DMA) */
4167 iwl_write32(priv, CSR_INT, 0xffffffff);
4168 iwl_write32(priv, CSR_FH_INT_STATUS, 0xffffffff);
4169 IWL_DEBUG_ISR("Disabled interrupts\n");
4170 }
4171
4172 static const char *desc_lookup(int i)
4173 {
4174 switch (i) {
4175 case 1:
4176 return "FAIL";
4177 case 2:
4178 return "BAD_PARAM";
4179 case 3:
4180 return "BAD_CHECKSUM";
4181 case 4:
4182 return "NMI_INTERRUPT";
4183 case 5:
4184 return "SYSASSERT";
4185 case 6:
4186 return "FATAL_ERROR";
4187 }
4188
4189 return "UNKNOWN";
4190 }
4191
4192 #define ERROR_START_OFFSET (1 * sizeof(u32))
4193 #define ERROR_ELEM_SIZE (7 * sizeof(u32))
4194
4195 static void iwl4965_dump_nic_error_log(struct iwl_priv *priv)
4196 {
4197 u32 data2, line;
4198 u32 desc, time, count, base, data1;
4199 u32 blink1, blink2, ilink1, ilink2;
4200 int rc;
4201
4202 base = le32_to_cpu(priv->card_alive.error_event_table_ptr);
4203
4204 if (!priv->cfg->ops->lib->is_valid_rtc_data_addr(base)) {
4205 IWL_ERROR("Not valid error log pointer 0x%08X\n", base);
4206 return;
4207 }
4208
4209 rc = iwl_grab_nic_access(priv);
4210 if (rc) {
4211 IWL_WARNING("Can not read from adapter at this time.\n");
4212 return;
4213 }
4214
4215 count = iwl_read_targ_mem(priv, base);
4216
4217 if (ERROR_START_OFFSET <= count * ERROR_ELEM_SIZE) {
4218 IWL_ERROR("Start IWL Error Log Dump:\n");
4219 IWL_ERROR("Status: 0x%08lX, count: %d\n", priv->status, count);
4220 }
4221
4222 desc = iwl_read_targ_mem(priv, base + 1 * sizeof(u32));
4223 blink1 = iwl_read_targ_mem(priv, base + 3 * sizeof(u32));
4224 blink2 = iwl_read_targ_mem(priv, base + 4 * sizeof(u32));
4225 ilink1 = iwl_read_targ_mem(priv, base + 5 * sizeof(u32));
4226 ilink2 = iwl_read_targ_mem(priv, base + 6 * sizeof(u32));
4227 data1 = iwl_read_targ_mem(priv, base + 7 * sizeof(u32));
4228 data2 = iwl_read_targ_mem(priv, base + 8 * sizeof(u32));
4229 line = iwl_read_targ_mem(priv, base + 9 * sizeof(u32));
4230 time = iwl_read_targ_mem(priv, base + 11 * sizeof(u32));
4231
4232 IWL_ERROR("Desc Time "
4233 "data1 data2 line\n");
4234 IWL_ERROR("%-13s (#%d) %010u 0x%08X 0x%08X %u\n",
4235 desc_lookup(desc), desc, time, data1, data2, line);
4236 IWL_ERROR("blink1 blink2 ilink1 ilink2\n");
4237 IWL_ERROR("0x%05X 0x%05X 0x%05X 0x%05X\n", blink1, blink2,
4238 ilink1, ilink2);
4239
4240 iwl_release_nic_access(priv);
4241 }
4242
4243 #define EVENT_START_OFFSET (4 * sizeof(u32))
4244
4245 /**
4246 * iwl4965_print_event_log - Dump error event log to syslog
4247 *
4248 * NOTE: Must be called with iwl_grab_nic_access() already obtained!
4249 */
4250 static void iwl4965_print_event_log(struct iwl_priv *priv, u32 start_idx,
4251 u32 num_events, u32 mode)
4252 {
4253 u32 i;
4254 u32 base; /* SRAM byte address of event log header */
4255 u32 event_size; /* 2 u32s, or 3 u32s if timestamp recorded */
4256 u32 ptr; /* SRAM byte address of log data */
4257 u32 ev, time, data; /* event log data */
4258
4259 if (num_events == 0)
4260 return;
4261
4262 base = le32_to_cpu(priv->card_alive.log_event_table_ptr);
4263
4264 if (mode == 0)
4265 event_size = 2 * sizeof(u32);
4266 else
4267 event_size = 3 * sizeof(u32);
4268
4269 ptr = base + EVENT_START_OFFSET + (start_idx * event_size);
4270
4271 /* "time" is actually "data" for mode 0 (no timestamp).
4272 * place event id # at far right for easier visual parsing. */
4273 for (i = 0; i < num_events; i++) {
4274 ev = iwl_read_targ_mem(priv, ptr);
4275 ptr += sizeof(u32);
4276 time = iwl_read_targ_mem(priv, ptr);
4277 ptr += sizeof(u32);
4278 if (mode == 0)
4279 IWL_ERROR("0x%08x\t%04u\n", time, ev); /* data, ev */
4280 else {
4281 data = iwl_read_targ_mem(priv, ptr);
4282 ptr += sizeof(u32);
4283 IWL_ERROR("%010u\t0x%08x\t%04u\n", time, data, ev);
4284 }
4285 }
4286 }
4287
4288 static void iwl4965_dump_nic_event_log(struct iwl_priv *priv)
4289 {
4290 int rc;
4291 u32 base; /* SRAM byte address of event log header */
4292 u32 capacity; /* event log capacity in # entries */
4293 u32 mode; /* 0 - no timestamp, 1 - timestamp recorded */
4294 u32 num_wraps; /* # times uCode wrapped to top of log */
4295 u32 next_entry; /* index of next entry to be written by uCode */
4296 u32 size; /* # entries that we'll print */
4297
4298 base = le32_to_cpu(priv->card_alive.log_event_table_ptr);
4299 if (!priv->cfg->ops->lib->is_valid_rtc_data_addr(base)) {
4300 IWL_ERROR("Invalid event log pointer 0x%08X\n", base);
4301 return;
4302 }
4303
4304 rc = iwl_grab_nic_access(priv);
4305 if (rc) {
4306 IWL_WARNING("Can not read from adapter at this time.\n");
4307 return;
4308 }
4309
4310 /* event log header */
4311 capacity = iwl_read_targ_mem(priv, base);
4312 mode = iwl_read_targ_mem(priv, base + (1 * sizeof(u32)));
4313 num_wraps = iwl_read_targ_mem(priv, base + (2 * sizeof(u32)));
4314 next_entry = iwl_read_targ_mem(priv, base + (3 * sizeof(u32)));
4315
4316 size = num_wraps ? capacity : next_entry;
4317
4318 /* bail out if nothing in log */
4319 if (size == 0) {
4320 IWL_ERROR("Start IWL Event Log Dump: nothing in log\n");
4321 iwl_release_nic_access(priv);
4322 return;
4323 }
4324
4325 IWL_ERROR("Start IWL Event Log Dump: display count %d, wraps %d\n",
4326 size, num_wraps);
4327
4328 /* if uCode has wrapped back to top of log, start at the oldest entry,
4329 * i.e the next one that uCode would fill. */
4330 if (num_wraps)
4331 iwl4965_print_event_log(priv, next_entry,
4332 capacity - next_entry, mode);
4333
4334 /* (then/else) start at top of log */
4335 iwl4965_print_event_log(priv, 0, next_entry, mode);
4336
4337 iwl_release_nic_access(priv);
4338 }
4339
4340 /**
4341 * iwl4965_irq_handle_error - called for HW or SW error interrupt from card
4342 */
4343 static void iwl4965_irq_handle_error(struct iwl_priv *priv)
4344 {
4345 /* Set the FW error flag -- cleared on iwl4965_down */
4346 set_bit(STATUS_FW_ERROR, &priv->status);
4347
4348 /* Cancel currently queued command. */
4349 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
4350
4351 #ifdef CONFIG_IWLWIFI_DEBUG
4352 if (iwl_debug_level & IWL_DL_FW_ERRORS) {
4353 iwl4965_dump_nic_error_log(priv);
4354 iwl4965_dump_nic_event_log(priv);
4355 iwl4965_print_rx_config_cmd(&priv->staging_rxon);
4356 }
4357 #endif
4358
4359 wake_up_interruptible(&priv->wait_command_queue);
4360
4361 /* Keep the restart process from trying to send host
4362 * commands by clearing the INIT status bit */
4363 clear_bit(STATUS_READY, &priv->status);
4364
4365 if (!test_bit(STATUS_EXIT_PENDING, &priv->status)) {
4366 IWL_DEBUG(IWL_DL_INFO | IWL_DL_FW_ERRORS,
4367 "Restarting adapter due to uCode error.\n");
4368
4369 if (iwl_is_associated(priv)) {
4370 memcpy(&priv->recovery_rxon, &priv->active_rxon,
4371 sizeof(priv->recovery_rxon));
4372 priv->error_recovering = 1;
4373 }
4374 queue_work(priv->workqueue, &priv->restart);
4375 }
4376 }
4377
4378 static void iwl4965_error_recovery(struct iwl_priv *priv)
4379 {
4380 unsigned long flags;
4381
4382 memcpy(&priv->staging_rxon, &priv->recovery_rxon,
4383 sizeof(priv->staging_rxon));
4384 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
4385 iwl4965_commit_rxon(priv);
4386
4387 iwl4965_rxon_add_station(priv, priv->bssid, 1);
4388
4389 spin_lock_irqsave(&priv->lock, flags);
4390 priv->assoc_id = le16_to_cpu(priv->staging_rxon.assoc_id);
4391 priv->error_recovering = 0;
4392 spin_unlock_irqrestore(&priv->lock, flags);
4393 }
4394
4395 static void iwl4965_irq_tasklet(struct iwl_priv *priv)
4396 {
4397 u32 inta, handled = 0;
4398 u32 inta_fh;
4399 unsigned long flags;
4400 #ifdef CONFIG_IWLWIFI_DEBUG
4401 u32 inta_mask;
4402 #endif
4403
4404 spin_lock_irqsave(&priv->lock, flags);
4405
4406 /* Ack/clear/reset pending uCode interrupts.
4407 * Note: Some bits in CSR_INT are "OR" of bits in CSR_FH_INT_STATUS,
4408 * and will clear only when CSR_FH_INT_STATUS gets cleared. */
4409 inta = iwl_read32(priv, CSR_INT);
4410 iwl_write32(priv, CSR_INT, inta);
4411
4412 /* Ack/clear/reset pending flow-handler (DMA) interrupts.
4413 * Any new interrupts that happen after this, either while we're
4414 * in this tasklet, or later, will show up in next ISR/tasklet. */
4415 inta_fh = iwl_read32(priv, CSR_FH_INT_STATUS);
4416 iwl_write32(priv, CSR_FH_INT_STATUS, inta_fh);
4417
4418 #ifdef CONFIG_IWLWIFI_DEBUG
4419 if (iwl_debug_level & IWL_DL_ISR) {
4420 /* just for debug */
4421 inta_mask = iwl_read32(priv, CSR_INT_MASK);
4422 IWL_DEBUG_ISR("inta 0x%08x, enabled 0x%08x, fh 0x%08x\n",
4423 inta, inta_mask, inta_fh);
4424 }
4425 #endif
4426
4427 /* Since CSR_INT and CSR_FH_INT_STATUS reads and clears are not
4428 * atomic, make sure that inta covers all the interrupts that
4429 * we've discovered, even if FH interrupt came in just after
4430 * reading CSR_INT. */
4431 if (inta_fh & CSR49_FH_INT_RX_MASK)
4432 inta |= CSR_INT_BIT_FH_RX;
4433 if (inta_fh & CSR49_FH_INT_TX_MASK)
4434 inta |= CSR_INT_BIT_FH_TX;
4435
4436 /* Now service all interrupt bits discovered above. */
4437 if (inta & CSR_INT_BIT_HW_ERR) {
4438 IWL_ERROR("Microcode HW error detected. Restarting.\n");
4439
4440 /* Tell the device to stop sending interrupts */
4441 iwl4965_disable_interrupts(priv);
4442
4443 iwl4965_irq_handle_error(priv);
4444
4445 handled |= CSR_INT_BIT_HW_ERR;
4446
4447 spin_unlock_irqrestore(&priv->lock, flags);
4448
4449 return;
4450 }
4451
4452 #ifdef CONFIG_IWLWIFI_DEBUG
4453 if (iwl_debug_level & (IWL_DL_ISR)) {
4454 /* NIC fires this, but we don't use it, redundant with WAKEUP */
4455 if (inta & CSR_INT_BIT_SCD)
4456 IWL_DEBUG_ISR("Scheduler finished to transmit "
4457 "the frame/frames.\n");
4458
4459 /* Alive notification via Rx interrupt will do the real work */
4460 if (inta & CSR_INT_BIT_ALIVE)
4461 IWL_DEBUG_ISR("Alive interrupt\n");
4462 }
4463 #endif
4464 /* Safely ignore these bits for debug checks below */
4465 inta &= ~(CSR_INT_BIT_SCD | CSR_INT_BIT_ALIVE);
4466
4467 /* HW RF KILL switch toggled */
4468 if (inta & CSR_INT_BIT_RF_KILL) {
4469 int hw_rf_kill = 0;
4470 if (!(iwl_read32(priv, CSR_GP_CNTRL) &
4471 CSR_GP_CNTRL_REG_FLAG_HW_RF_KILL_SW))
4472 hw_rf_kill = 1;
4473
4474 IWL_DEBUG(IWL_DL_INFO | IWL_DL_RF_KILL | IWL_DL_ISR,
4475 "RF_KILL bit toggled to %s.\n",
4476 hw_rf_kill ? "disable radio":"enable radio");
4477
4478 /* Queue restart only if RF_KILL switch was set to "kill"
4479 * when we loaded driver, and is now set to "enable".
4480 * After we're Alive, RF_KILL gets handled by
4481 * iwl4965_rx_card_state_notif() */
4482 if (!hw_rf_kill && !test_bit(STATUS_ALIVE, &priv->status)) {
4483 clear_bit(STATUS_RF_KILL_HW, &priv->status);
4484 queue_work(priv->workqueue, &priv->restart);
4485 }
4486
4487 handled |= CSR_INT_BIT_RF_KILL;
4488 }
4489
4490 /* Chip got too hot and stopped itself */
4491 if (inta & CSR_INT_BIT_CT_KILL) {
4492 IWL_ERROR("Microcode CT kill error detected.\n");
4493 handled |= CSR_INT_BIT_CT_KILL;
4494 }
4495
4496 /* Error detected by uCode */
4497 if (inta & CSR_INT_BIT_SW_ERR) {
4498 IWL_ERROR("Microcode SW error detected. Restarting 0x%X.\n",
4499 inta);
4500 iwl4965_irq_handle_error(priv);
4501 handled |= CSR_INT_BIT_SW_ERR;
4502 }
4503
4504 /* uCode wakes up after power-down sleep */
4505 if (inta & CSR_INT_BIT_WAKEUP) {
4506 IWL_DEBUG_ISR("Wakeup interrupt\n");
4507 iwl4965_rx_queue_update_write_ptr(priv, &priv->rxq);
4508 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[0]);
4509 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[1]);
4510 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[2]);
4511 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[3]);
4512 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[4]);
4513 iwl4965_tx_queue_update_write_ptr(priv, &priv->txq[5]);
4514
4515 handled |= CSR_INT_BIT_WAKEUP;
4516 }
4517
4518 /* All uCode command responses, including Tx command responses,
4519 * Rx "responses" (frame-received notification), and other
4520 * notifications from uCode come through here*/
4521 if (inta & (CSR_INT_BIT_FH_RX | CSR_INT_BIT_SW_RX)) {
4522 iwl4965_rx_handle(priv);
4523 handled |= (CSR_INT_BIT_FH_RX | CSR_INT_BIT_SW_RX);
4524 }
4525
4526 if (inta & CSR_INT_BIT_FH_TX) {
4527 IWL_DEBUG_ISR("Tx interrupt\n");
4528 handled |= CSR_INT_BIT_FH_TX;
4529 }
4530
4531 if (inta & ~handled)
4532 IWL_ERROR("Unhandled INTA bits 0x%08x\n", inta & ~handled);
4533
4534 if (inta & ~CSR_INI_SET_MASK) {
4535 IWL_WARNING("Disabled INTA bits 0x%08x were pending\n",
4536 inta & ~CSR_INI_SET_MASK);
4537 IWL_WARNING(" with FH_INT = 0x%08x\n", inta_fh);
4538 }
4539
4540 /* Re-enable all interrupts */
4541 /* only Re-enable if diabled by irq */
4542 if (test_bit(STATUS_INT_ENABLED, &priv->status))
4543 iwl4965_enable_interrupts(priv);
4544
4545 #ifdef CONFIG_IWLWIFI_DEBUG
4546 if (iwl_debug_level & (IWL_DL_ISR)) {
4547 inta = iwl_read32(priv, CSR_INT);
4548 inta_mask = iwl_read32(priv, CSR_INT_MASK);
4549 inta_fh = iwl_read32(priv, CSR_FH_INT_STATUS);
4550 IWL_DEBUG_ISR("End inta 0x%08x, enabled 0x%08x, fh 0x%08x, "
4551 "flags 0x%08lx\n", inta, inta_mask, inta_fh, flags);
4552 }
4553 #endif
4554 spin_unlock_irqrestore(&priv->lock, flags);
4555 }
4556
4557 static irqreturn_t iwl4965_isr(int irq, void *data)
4558 {
4559 struct iwl_priv *priv = data;
4560 u32 inta, inta_mask;
4561 u32 inta_fh;
4562 if (!priv)
4563 return IRQ_NONE;
4564
4565 spin_lock(&priv->lock);
4566
4567 /* Disable (but don't clear!) interrupts here to avoid
4568 * back-to-back ISRs and sporadic interrupts from our NIC.
4569 * If we have something to service, the tasklet will re-enable ints.
4570 * If we *don't* have something, we'll re-enable before leaving here. */
4571 inta_mask = iwl_read32(priv, CSR_INT_MASK); /* just for debug */
4572 iwl_write32(priv, CSR_INT_MASK, 0x00000000);
4573
4574 /* Discover which interrupts are active/pending */
4575 inta = iwl_read32(priv, CSR_INT);
4576 inta_fh = iwl_read32(priv, CSR_FH_INT_STATUS);
4577
4578 /* Ignore interrupt if there's nothing in NIC to service.
4579 * This may be due to IRQ shared with another device,
4580 * or due to sporadic interrupts thrown from our NIC. */
4581 if (!inta && !inta_fh) {
4582 IWL_DEBUG_ISR("Ignore interrupt, inta == 0, inta_fh == 0\n");
4583 goto none;
4584 }
4585
4586 if ((inta == 0xFFFFFFFF) || ((inta & 0xFFFFFFF0) == 0xa5a5a5a0)) {
4587 /* Hardware disappeared. It might have already raised
4588 * an interrupt */
4589 IWL_WARNING("HARDWARE GONE?? INTA == 0x%080x\n", inta);
4590 goto unplugged;
4591 }
4592
4593 IWL_DEBUG_ISR("ISR inta 0x%08x, enabled 0x%08x, fh 0x%08x\n",
4594 inta, inta_mask, inta_fh);
4595
4596 inta &= ~CSR_INT_BIT_SCD;
4597
4598 /* iwl4965_irq_tasklet() will service interrupts and re-enable them */
4599 if (likely(inta || inta_fh))
4600 tasklet_schedule(&priv->irq_tasklet);
4601
4602 unplugged:
4603 spin_unlock(&priv->lock);
4604 return IRQ_HANDLED;
4605
4606 none:
4607 /* re-enable interrupts here since we don't have anything to service. */
4608 /* only Re-enable if diabled by irq */
4609 if (test_bit(STATUS_INT_ENABLED, &priv->status))
4610 iwl4965_enable_interrupts(priv);
4611 spin_unlock(&priv->lock);
4612 return IRQ_NONE;
4613 }
4614
4615 /* For active scan, listen ACTIVE_DWELL_TIME (msec) on each channel after
4616 * sending probe req. This should be set long enough to hear probe responses
4617 * from more than one AP. */
4618 #define IWL_ACTIVE_DWELL_TIME_24 (20) /* all times in msec */
4619 #define IWL_ACTIVE_DWELL_TIME_52 (10)
4620
4621 /* For faster active scanning, scan will move to the next channel if fewer than
4622 * PLCP_QUIET_THRESH packets are heard on this channel within
4623 * ACTIVE_QUIET_TIME after sending probe request. This shortens the dwell
4624 * time if it's a quiet channel (nothing responded to our probe, and there's
4625 * no other traffic).
4626 * Disable "quiet" feature by setting PLCP_QUIET_THRESH to 0. */
4627 #define IWL_PLCP_QUIET_THRESH __constant_cpu_to_le16(1) /* packets */
4628 #define IWL_ACTIVE_QUIET_TIME __constant_cpu_to_le16(5) /* msec */
4629
4630 /* For passive scan, listen PASSIVE_DWELL_TIME (msec) on each channel.
4631 * Must be set longer than active dwell time.
4632 * For the most reliable scan, set > AP beacon interval (typically 100msec). */
4633 #define IWL_PASSIVE_DWELL_TIME_24 (20) /* all times in msec */
4634 #define IWL_PASSIVE_DWELL_TIME_52 (10)
4635 #define IWL_PASSIVE_DWELL_BASE (100)
4636 #define IWL_CHANNEL_TUNE_TIME 5
4637
4638 static inline u16 iwl4965_get_active_dwell_time(struct iwl_priv *priv,
4639 enum ieee80211_band band)
4640 {
4641 if (band == IEEE80211_BAND_5GHZ)
4642 return IWL_ACTIVE_DWELL_TIME_52;
4643 else
4644 return IWL_ACTIVE_DWELL_TIME_24;
4645 }
4646
4647 static u16 iwl4965_get_passive_dwell_time(struct iwl_priv *priv,
4648 enum ieee80211_band band)
4649 {
4650 u16 active = iwl4965_get_active_dwell_time(priv, band);
4651 u16 passive = (band != IEEE80211_BAND_5GHZ) ?
4652 IWL_PASSIVE_DWELL_BASE + IWL_PASSIVE_DWELL_TIME_24 :
4653 IWL_PASSIVE_DWELL_BASE + IWL_PASSIVE_DWELL_TIME_52;
4654
4655 if (iwl_is_associated(priv)) {
4656 /* If we're associated, we clamp the maximum passive
4657 * dwell time to be 98% of the beacon interval (minus
4658 * 2 * channel tune time) */
4659 passive = priv->beacon_int;
4660 if ((passive > IWL_PASSIVE_DWELL_BASE) || !passive)
4661 passive = IWL_PASSIVE_DWELL_BASE;
4662 passive = (passive * 98) / 100 - IWL_CHANNEL_TUNE_TIME * 2;
4663 }
4664
4665 if (passive <= active)
4666 passive = active + 1;
4667
4668 return passive;
4669 }
4670
4671 static int iwl4965_get_channels_for_scan(struct iwl_priv *priv,
4672 enum ieee80211_band band,
4673 u8 is_active, u8 direct_mask,
4674 struct iwl4965_scan_channel *scan_ch)
4675 {
4676 const struct ieee80211_channel *channels = NULL;
4677 const struct ieee80211_supported_band *sband;
4678 const struct iwl_channel_info *ch_info;
4679 u16 passive_dwell = 0;
4680 u16 active_dwell = 0;
4681 int added, i;
4682
4683 sband = iwl4965_get_hw_mode(priv, band);
4684 if (!sband)
4685 return 0;
4686
4687 channels = sband->channels;
4688
4689 active_dwell = iwl4965_get_active_dwell_time(priv, band);
4690 passive_dwell = iwl4965_get_passive_dwell_time(priv, band);
4691
4692 for (i = 0, added = 0; i < sband->n_channels; i++) {
4693 if (channels[i].flags & IEEE80211_CHAN_DISABLED)
4694 continue;
4695
4696 if (ieee80211_frequency_to_channel(channels[i].center_freq) ==
4697 le16_to_cpu(priv->active_rxon.channel)) {
4698 if (iwl_is_associated(priv)) {
4699 IWL_DEBUG_SCAN
4700 ("Skipping current channel %d\n",
4701 le16_to_cpu(priv->active_rxon.channel));
4702 continue;
4703 }
4704 } else if (priv->only_active_channel)
4705 continue;
4706
4707 scan_ch->channel = ieee80211_frequency_to_channel(channels[i].center_freq);
4708
4709 ch_info = iwl_get_channel_info(priv, band,
4710 scan_ch->channel);
4711 if (!is_channel_valid(ch_info)) {
4712 IWL_DEBUG_SCAN("Channel %d is INVALID for this SKU.\n",
4713 scan_ch->channel);
4714 continue;
4715 }
4716
4717 if (!is_active || is_channel_passive(ch_info) ||
4718 (channels[i].flags & IEEE80211_CHAN_PASSIVE_SCAN))
4719 scan_ch->type = 0; /* passive */
4720 else
4721 scan_ch->type = 1; /* active */
4722
4723 if (scan_ch->type & 1)
4724 scan_ch->type |= (direct_mask << 1);
4725
4726 if (is_channel_narrow(ch_info))
4727 scan_ch->type |= (1 << 7);
4728
4729 scan_ch->active_dwell = cpu_to_le16(active_dwell);
4730 scan_ch->passive_dwell = cpu_to_le16(passive_dwell);
4731
4732 /* Set txpower levels to defaults */
4733 scan_ch->tpc.dsp_atten = 110;
4734 /* scan_pwr_info->tpc.dsp_atten; */
4735
4736 /*scan_pwr_info->tpc.tx_gain; */
4737 if (band == IEEE80211_BAND_5GHZ)
4738 scan_ch->tpc.tx_gain = ((1 << 5) | (3 << 3)) | 3;
4739 else {
4740 scan_ch->tpc.tx_gain = ((1 << 5) | (5 << 3));
4741 /* NOTE: if we were doing 6Mb OFDM for scans we'd use
4742 * power level:
4743 * scan_ch->tpc.tx_gain = ((1 << 5) | (2 << 3)) | 3;
4744 */
4745 }
4746
4747 IWL_DEBUG_SCAN("Scanning %d [%s %d]\n",
4748 scan_ch->channel,
4749 (scan_ch->type & 1) ? "ACTIVE" : "PASSIVE",
4750 (scan_ch->type & 1) ?
4751 active_dwell : passive_dwell);
4752
4753 scan_ch++;
4754 added++;
4755 }
4756
4757 IWL_DEBUG_SCAN("total channels to scan %d \n", added);
4758 return added;
4759 }
4760
4761 static void iwl4965_init_hw_rates(struct iwl_priv *priv,
4762 struct ieee80211_rate *rates)
4763 {
4764 int i;
4765
4766 for (i = 0; i < IWL_RATE_COUNT; i++) {
4767 rates[i].bitrate = iwl4965_rates[i].ieee * 5;
4768 rates[i].hw_value = i; /* Rate scaling will work on indexes */
4769 rates[i].hw_value_short = i;
4770 rates[i].flags = 0;
4771 if ((i > IWL_LAST_OFDM_RATE) || (i < IWL_FIRST_OFDM_RATE)) {
4772 /*
4773 * If CCK != 1M then set short preamble rate flag.
4774 */
4775 rates[i].flags |=
4776 (iwl4965_rates[i].plcp == IWL_RATE_1M_PLCP) ?
4777 0 : IEEE80211_RATE_SHORT_PREAMBLE;
4778 }
4779 }
4780 }
4781
4782 /**
4783 * iwl4965_init_geos - Initialize mac80211's geo/channel info based from eeprom
4784 */
4785 int iwl4965_init_geos(struct iwl_priv *priv)
4786 {
4787 struct iwl_channel_info *ch;
4788 struct ieee80211_supported_band *sband;
4789 struct ieee80211_channel *channels;
4790 struct ieee80211_channel *geo_ch;
4791 struct ieee80211_rate *rates;
4792 int i = 0;
4793
4794 if (priv->bands[IEEE80211_BAND_2GHZ].n_bitrates ||
4795 priv->bands[IEEE80211_BAND_5GHZ].n_bitrates) {
4796 IWL_DEBUG_INFO("Geography modes already initialized.\n");
4797 set_bit(STATUS_GEO_CONFIGURED, &priv->status);
4798 return 0;
4799 }
4800
4801 channels = kzalloc(sizeof(struct ieee80211_channel) *
4802 priv->channel_count, GFP_KERNEL);
4803 if (!channels)
4804 return -ENOMEM;
4805
4806 rates = kzalloc((sizeof(struct ieee80211_rate) * (IWL_RATE_COUNT + 1)),
4807 GFP_KERNEL);
4808 if (!rates) {
4809 kfree(channels);
4810 return -ENOMEM;
4811 }
4812
4813 /* 5.2GHz channels start after the 2.4GHz channels */
4814 sband = &priv->bands[IEEE80211_BAND_5GHZ];
4815 sband->channels = &channels[ARRAY_SIZE(iwl_eeprom_band_1)];
4816 /* just OFDM */
4817 sband->bitrates = &rates[IWL_FIRST_OFDM_RATE];
4818 sband->n_bitrates = IWL_RATE_COUNT - IWL_FIRST_OFDM_RATE;
4819
4820 iwl4965_init_ht_hw_capab(priv, &sband->ht_info, IEEE80211_BAND_5GHZ);
4821
4822 sband = &priv->bands[IEEE80211_BAND_2GHZ];
4823 sband->channels = channels;
4824 /* OFDM & CCK */
4825 sband->bitrates = rates;
4826 sband->n_bitrates = IWL_RATE_COUNT;
4827
4828 iwl4965_init_ht_hw_capab(priv, &sband->ht_info, IEEE80211_BAND_2GHZ);
4829
4830 priv->ieee_channels = channels;
4831 priv->ieee_rates = rates;
4832
4833 iwl4965_init_hw_rates(priv, rates);
4834
4835 for (i = 0; i < priv->channel_count; i++) {
4836 ch = &priv->channel_info[i];
4837
4838 /* FIXME: might be removed if scan is OK */
4839 if (!is_channel_valid(ch))
4840 continue;
4841
4842 if (is_channel_a_band(ch))
4843 sband = &priv->bands[IEEE80211_BAND_5GHZ];
4844 else
4845 sband = &priv->bands[IEEE80211_BAND_2GHZ];
4846
4847 geo_ch = &sband->channels[sband->n_channels++];
4848
4849 geo_ch->center_freq = ieee80211_channel_to_frequency(ch->channel);
4850 geo_ch->max_power = ch->max_power_avg;
4851 geo_ch->max_antenna_gain = 0xff;
4852 geo_ch->hw_value = ch->channel;
4853
4854 if (is_channel_valid(ch)) {
4855 if (!(ch->flags & EEPROM_CHANNEL_IBSS))
4856 geo_ch->flags |= IEEE80211_CHAN_NO_IBSS;
4857
4858 if (!(ch->flags & EEPROM_CHANNEL_ACTIVE))
4859 geo_ch->flags |= IEEE80211_CHAN_PASSIVE_SCAN;
4860
4861 if (ch->flags & EEPROM_CHANNEL_RADAR)
4862 geo_ch->flags |= IEEE80211_CHAN_RADAR;
4863
4864 if (ch->max_power_avg > priv->max_channel_txpower_limit)
4865 priv->max_channel_txpower_limit =
4866 ch->max_power_avg;
4867 } else {
4868 geo_ch->flags |= IEEE80211_CHAN_DISABLED;
4869 }
4870
4871 /* Save flags for reg domain usage */
4872 geo_ch->orig_flags = geo_ch->flags;
4873
4874 IWL_DEBUG_INFO("Channel %d Freq=%d[%sGHz] %s flag=0%X\n",
4875 ch->channel, geo_ch->center_freq,
4876 is_channel_a_band(ch) ? "5.2" : "2.4",
4877 geo_ch->flags & IEEE80211_CHAN_DISABLED ?
4878 "restricted" : "valid",
4879 geo_ch->flags);
4880 }
4881
4882 if ((priv->bands[IEEE80211_BAND_5GHZ].n_channels == 0) &&
4883 priv->cfg->sku & IWL_SKU_A) {
4884 printk(KERN_INFO DRV_NAME
4885 ": Incorrectly detected BG card as ABG. Please send "
4886 "your PCI ID 0x%04X:0x%04X to maintainer.\n",
4887 priv->pci_dev->device, priv->pci_dev->subsystem_device);
4888 priv->cfg->sku &= ~IWL_SKU_A;
4889 }
4890
4891 printk(KERN_INFO DRV_NAME
4892 ": Tunable channels: %d 802.11bg, %d 802.11a channels\n",
4893 priv->bands[IEEE80211_BAND_2GHZ].n_channels,
4894 priv->bands[IEEE80211_BAND_5GHZ].n_channels);
4895
4896 if (priv->bands[IEEE80211_BAND_2GHZ].n_channels)
4897 priv->hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
4898 &priv->bands[IEEE80211_BAND_2GHZ];
4899 if (priv->bands[IEEE80211_BAND_5GHZ].n_channels)
4900 priv->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
4901 &priv->bands[IEEE80211_BAND_5GHZ];
4902
4903 set_bit(STATUS_GEO_CONFIGURED, &priv->status);
4904
4905 return 0;
4906 }
4907
4908 /*
4909 * iwl4965_free_geos - undo allocations in iwl4965_init_geos
4910 */
4911 void iwl4965_free_geos(struct iwl_priv *priv)
4912 {
4913 kfree(priv->ieee_channels);
4914 kfree(priv->ieee_rates);
4915 clear_bit(STATUS_GEO_CONFIGURED, &priv->status);
4916 }
4917
4918 /******************************************************************************
4919 *
4920 * uCode download functions
4921 *
4922 ******************************************************************************/
4923
4924 static void iwl4965_dealloc_ucode_pci(struct iwl_priv *priv)
4925 {
4926 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_code);
4927 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_data);
4928 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_data_backup);
4929 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_init);
4930 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_init_data);
4931 iwl_free_fw_desc(priv->pci_dev, &priv->ucode_boot);
4932 }
4933
4934 /**
4935 * iwl4965_verify_inst_full - verify runtime uCode image in card vs. host,
4936 * looking at all data.
4937 */
4938 static int iwl4965_verify_inst_full(struct iwl_priv *priv, __le32 *image,
4939 u32 len)
4940 {
4941 u32 val;
4942 u32 save_len = len;
4943 int rc = 0;
4944 u32 errcnt;
4945
4946 IWL_DEBUG_INFO("ucode inst image size is %u\n", len);
4947
4948 rc = iwl_grab_nic_access(priv);
4949 if (rc)
4950 return rc;
4951
4952 iwl_write_direct32(priv, HBUS_TARG_MEM_RADDR, RTC_INST_LOWER_BOUND);
4953
4954 errcnt = 0;
4955 for (; len > 0; len -= sizeof(u32), image++) {
4956 /* read data comes through single port, auto-incr addr */
4957 /* NOTE: Use the debugless read so we don't flood kernel log
4958 * if IWL_DL_IO is set */
4959 val = _iwl_read_direct32(priv, HBUS_TARG_MEM_RDAT);
4960 if (val != le32_to_cpu(*image)) {
4961 IWL_ERROR("uCode INST section is invalid at "
4962 "offset 0x%x, is 0x%x, s/b 0x%x\n",
4963 save_len - len, val, le32_to_cpu(*image));
4964 rc = -EIO;
4965 errcnt++;
4966 if (errcnt >= 20)
4967 break;
4968 }
4969 }
4970
4971 iwl_release_nic_access(priv);
4972
4973 if (!errcnt)
4974 IWL_DEBUG_INFO
4975 ("ucode image in INSTRUCTION memory is good\n");
4976
4977 return rc;
4978 }
4979
4980
4981 /**
4982 * iwl4965_verify_inst_sparse - verify runtime uCode image in card vs. host,
4983 * using sample data 100 bytes apart. If these sample points are good,
4984 * it's a pretty good bet that everything between them is good, too.
4985 */
4986 static int iwl4965_verify_inst_sparse(struct iwl_priv *priv, __le32 *image, u32 len)
4987 {
4988 u32 val;
4989 int rc = 0;
4990 u32 errcnt = 0;
4991 u32 i;
4992
4993 IWL_DEBUG_INFO("ucode inst image size is %u\n", len);
4994
4995 rc = iwl_grab_nic_access(priv);
4996 if (rc)
4997 return rc;
4998
4999 for (i = 0; i < len; i += 100, image += 100/sizeof(u32)) {
5000 /* read data comes through single port, auto-incr addr */
5001 /* NOTE: Use the debugless read so we don't flood kernel log
5002 * if IWL_DL_IO is set */
5003 iwl_write_direct32(priv, HBUS_TARG_MEM_RADDR,
5004 i + RTC_INST_LOWER_BOUND);
5005 val = _iwl_read_direct32(priv, HBUS_TARG_MEM_RDAT);
5006 if (val != le32_to_cpu(*image)) {
5007 #if 0 /* Enable this if you want to see details */
5008 IWL_ERROR("uCode INST section is invalid at "
5009 "offset 0x%x, is 0x%x, s/b 0x%x\n",
5010 i, val, *image);
5011 #endif
5012 rc = -EIO;
5013 errcnt++;
5014 if (errcnt >= 3)
5015 break;
5016 }
5017 }
5018
5019 iwl_release_nic_access(priv);
5020
5021 return rc;
5022 }
5023
5024
5025 /**
5026 * iwl4965_verify_ucode - determine which instruction image is in SRAM,
5027 * and verify its contents
5028 */
5029 static int iwl4965_verify_ucode(struct iwl_priv *priv)
5030 {
5031 __le32 *image;
5032 u32 len;
5033 int rc = 0;
5034
5035 /* Try bootstrap */
5036 image = (__le32 *)priv->ucode_boot.v_addr;
5037 len = priv->ucode_boot.len;
5038 rc = iwl4965_verify_inst_sparse(priv, image, len);
5039 if (rc == 0) {
5040 IWL_DEBUG_INFO("Bootstrap uCode is good in inst SRAM\n");
5041 return 0;
5042 }
5043
5044 /* Try initialize */
5045 image = (__le32 *)priv->ucode_init.v_addr;
5046 len = priv->ucode_init.len;
5047 rc = iwl4965_verify_inst_sparse(priv, image, len);
5048 if (rc == 0) {
5049 IWL_DEBUG_INFO("Initialize uCode is good in inst SRAM\n");
5050 return 0;
5051 }
5052
5053 /* Try runtime/protocol */
5054 image = (__le32 *)priv->ucode_code.v_addr;
5055 len = priv->ucode_code.len;
5056 rc = iwl4965_verify_inst_sparse(priv, image, len);
5057 if (rc == 0) {
5058 IWL_DEBUG_INFO("Runtime uCode is good in inst SRAM\n");
5059 return 0;
5060 }
5061
5062 IWL_ERROR("NO VALID UCODE IMAGE IN INSTRUCTION SRAM!!\n");
5063
5064 /* Since nothing seems to match, show first several data entries in
5065 * instruction SRAM, so maybe visual inspection will give a clue.
5066 * Selection of bootstrap image (vs. other images) is arbitrary. */
5067 image = (__le32 *)priv->ucode_boot.v_addr;
5068 len = priv->ucode_boot.len;
5069 rc = iwl4965_verify_inst_full(priv, image, len);
5070
5071 return rc;
5072 }
5073
5074 static void iwl4965_nic_start(struct iwl_priv *priv)
5075 {
5076 /* Remove all resets to allow NIC to operate */
5077 iwl_write32(priv, CSR_RESET, 0);
5078 }
5079
5080
5081 /**
5082 * iwl4965_read_ucode - Read uCode images from disk file.
5083 *
5084 * Copy into buffers for card to fetch via bus-mastering
5085 */
5086 static int iwl4965_read_ucode(struct iwl_priv *priv)
5087 {
5088 struct iwl4965_ucode *ucode;
5089 int ret;
5090 const struct firmware *ucode_raw;
5091 const char *name = priv->cfg->fw_name;
5092 u8 *src;
5093 size_t len;
5094 u32 ver, inst_size, data_size, init_size, init_data_size, boot_size;
5095
5096 /* Ask kernel firmware_class module to get the boot firmware off disk.
5097 * request_firmware() is synchronous, file is in memory on return. */
5098 ret = request_firmware(&ucode_raw, name, &priv->pci_dev->dev);
5099 if (ret < 0) {
5100 IWL_ERROR("%s firmware file req failed: Reason %d\n",
5101 name, ret);
5102 goto error;
5103 }
5104
5105 IWL_DEBUG_INFO("Got firmware '%s' file (%zd bytes) from disk\n",
5106 name, ucode_raw->size);
5107
5108 /* Make sure that we got at least our header! */
5109 if (ucode_raw->size < sizeof(*ucode)) {
5110 IWL_ERROR("File size way too small!\n");
5111 ret = -EINVAL;
5112 goto err_release;
5113 }
5114
5115 /* Data from ucode file: header followed by uCode images */
5116 ucode = (void *)ucode_raw->data;
5117
5118 ver = le32_to_cpu(ucode->ver);
5119 inst_size = le32_to_cpu(ucode->inst_size);
5120 data_size = le32_to_cpu(ucode->data_size);
5121 init_size = le32_to_cpu(ucode->init_size);
5122 init_data_size = le32_to_cpu(ucode->init_data_size);
5123 boot_size = le32_to_cpu(ucode->boot_size);
5124
5125 IWL_DEBUG_INFO("f/w package hdr ucode version = 0x%x\n", ver);
5126 IWL_DEBUG_INFO("f/w package hdr runtime inst size = %u\n",
5127 inst_size);
5128 IWL_DEBUG_INFO("f/w package hdr runtime data size = %u\n",
5129 data_size);
5130 IWL_DEBUG_INFO("f/w package hdr init inst size = %u\n",
5131 init_size);
5132 IWL_DEBUG_INFO("f/w package hdr init data size = %u\n",
5133 init_data_size);
5134 IWL_DEBUG_INFO("f/w package hdr boot inst size = %u\n",
5135 boot_size);
5136
5137 /* Verify size of file vs. image size info in file's header */
5138 if (ucode_raw->size < sizeof(*ucode) +
5139 inst_size + data_size + init_size +
5140 init_data_size + boot_size) {
5141
5142 IWL_DEBUG_INFO("uCode file size %d too small\n",
5143 (int)ucode_raw->size);
5144 ret = -EINVAL;
5145 goto err_release;
5146 }
5147
5148 /* Verify that uCode images will fit in card's SRAM */
5149 if (inst_size > IWL_MAX_INST_SIZE) {
5150 IWL_DEBUG_INFO("uCode instr len %d too large to fit in\n",
5151 inst_size);
5152 ret = -EINVAL;
5153 goto err_release;
5154 }
5155
5156 if (data_size > IWL_MAX_DATA_SIZE) {
5157 IWL_DEBUG_INFO("uCode data len %d too large to fit in\n",
5158 data_size);
5159 ret = -EINVAL;
5160 goto err_release;
5161 }
5162 if (init_size > IWL_MAX_INST_SIZE) {
5163 IWL_DEBUG_INFO
5164 ("uCode init instr len %d too large to fit in\n",
5165 init_size);
5166 ret = -EINVAL;
5167 goto err_release;
5168 }
5169 if (init_data_size > IWL_MAX_DATA_SIZE) {
5170 IWL_DEBUG_INFO
5171 ("uCode init data len %d too large to fit in\n",
5172 init_data_size);
5173 ret = -EINVAL;
5174 goto err_release;
5175 }
5176 if (boot_size > IWL_MAX_BSM_SIZE) {
5177 IWL_DEBUG_INFO
5178 ("uCode boot instr len %d too large to fit in\n",
5179 boot_size);
5180 ret = -EINVAL;
5181 goto err_release;
5182 }
5183
5184 /* Allocate ucode buffers for card's bus-master loading ... */
5185
5186 /* Runtime instructions and 2 copies of data:
5187 * 1) unmodified from disk
5188 * 2) backup cache for save/restore during power-downs */
5189 priv->ucode_code.len = inst_size;
5190 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_code);
5191
5192 priv->ucode_data.len = data_size;
5193 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_data);
5194
5195 priv->ucode_data_backup.len = data_size;
5196 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_data_backup);
5197
5198 /* Initialization instructions and data */
5199 if (init_size && init_data_size) {
5200 priv->ucode_init.len = init_size;
5201 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_init);
5202
5203 priv->ucode_init_data.len = init_data_size;
5204 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_init_data);
5205
5206 if (!priv->ucode_init.v_addr || !priv->ucode_init_data.v_addr)
5207 goto err_pci_alloc;
5208 }
5209
5210 /* Bootstrap (instructions only, no data) */
5211 if (boot_size) {
5212 priv->ucode_boot.len = boot_size;
5213 iwl_alloc_fw_desc(priv->pci_dev, &priv->ucode_boot);
5214
5215 if (!priv->ucode_boot.v_addr)
5216 goto err_pci_alloc;
5217 }
5218
5219 /* Copy images into buffers for card's bus-master reads ... */
5220
5221 /* Runtime instructions (first block of data in file) */
5222 src = &ucode->data[0];
5223 len = priv->ucode_code.len;
5224 IWL_DEBUG_INFO("Copying (but not loading) uCode instr len %Zd\n", len);
5225 memcpy(priv->ucode_code.v_addr, src, len);
5226 IWL_DEBUG_INFO("uCode instr buf vaddr = 0x%p, paddr = 0x%08x\n",
5227 priv->ucode_code.v_addr, (u32)priv->ucode_code.p_addr);
5228
5229 /* Runtime data (2nd block)
5230 * NOTE: Copy into backup buffer will be done in iwl4965_up() */
5231 src = &ucode->data[inst_size];
5232 len = priv->ucode_data.len;
5233 IWL_DEBUG_INFO("Copying (but not loading) uCode data len %Zd\n", len);
5234 memcpy(priv->ucode_data.v_addr, src, len);
5235 memcpy(priv->ucode_data_backup.v_addr, src, len);
5236
5237 /* Initialization instructions (3rd block) */
5238 if (init_size) {
5239 src = &ucode->data[inst_size + data_size];
5240 len = priv->ucode_init.len;
5241 IWL_DEBUG_INFO("Copying (but not loading) init instr len %Zd\n",
5242 len);
5243 memcpy(priv->ucode_init.v_addr, src, len);
5244 }
5245
5246 /* Initialization data (4th block) */
5247 if (init_data_size) {
5248 src = &ucode->data[inst_size + data_size + init_size];
5249 len = priv->ucode_init_data.len;
5250 IWL_DEBUG_INFO("Copying (but not loading) init data len %Zd\n",
5251 len);
5252 memcpy(priv->ucode_init_data.v_addr, src, len);
5253 }
5254
5255 /* Bootstrap instructions (5th block) */
5256 src = &ucode->data[inst_size + data_size + init_size + init_data_size];
5257 len = priv->ucode_boot.len;
5258 IWL_DEBUG_INFO("Copying (but not loading) boot instr len %Zd\n", len);
5259 memcpy(priv->ucode_boot.v_addr, src, len);
5260
5261 /* We have our copies now, allow OS release its copies */
5262 release_firmware(ucode_raw);
5263 return 0;
5264
5265 err_pci_alloc:
5266 IWL_ERROR("failed to allocate pci memory\n");
5267 ret = -ENOMEM;
5268 iwl4965_dealloc_ucode_pci(priv);
5269
5270 err_release:
5271 release_firmware(ucode_raw);
5272
5273 error:
5274 return ret;
5275 }
5276
5277
5278 /**
5279 * iwl4965_set_ucode_ptrs - Set uCode address location
5280 *
5281 * Tell initialization uCode where to find runtime uCode.
5282 *
5283 * BSM registers initially contain pointers to initialization uCode.
5284 * We need to replace them to load runtime uCode inst and data,
5285 * and to save runtime data when powering down.
5286 */
5287 static int iwl4965_set_ucode_ptrs(struct iwl_priv *priv)
5288 {
5289 dma_addr_t pinst;
5290 dma_addr_t pdata;
5291 int rc = 0;
5292 unsigned long flags;
5293
5294 /* bits 35:4 for 4965 */
5295 pinst = priv->ucode_code.p_addr >> 4;
5296 pdata = priv->ucode_data_backup.p_addr >> 4;
5297
5298 spin_lock_irqsave(&priv->lock, flags);
5299 rc = iwl_grab_nic_access(priv);
5300 if (rc) {
5301 spin_unlock_irqrestore(&priv->lock, flags);
5302 return rc;
5303 }
5304
5305 /* Tell bootstrap uCode where to find image to load */
5306 iwl_write_prph(priv, BSM_DRAM_INST_PTR_REG, pinst);
5307 iwl_write_prph(priv, BSM_DRAM_DATA_PTR_REG, pdata);
5308 iwl_write_prph(priv, BSM_DRAM_DATA_BYTECOUNT_REG,
5309 priv->ucode_data.len);
5310
5311 /* Inst bytecount must be last to set up, bit 31 signals uCode
5312 * that all new ptr/size info is in place */
5313 iwl_write_prph(priv, BSM_DRAM_INST_BYTECOUNT_REG,
5314 priv->ucode_code.len | BSM_DRAM_INST_LOAD);
5315
5316 iwl_release_nic_access(priv);
5317
5318 spin_unlock_irqrestore(&priv->lock, flags);
5319
5320 IWL_DEBUG_INFO("Runtime uCode pointers are set.\n");
5321
5322 return rc;
5323 }
5324
5325 /**
5326 * iwl4965_init_alive_start - Called after REPLY_ALIVE notification received
5327 *
5328 * Called after REPLY_ALIVE notification received from "initialize" uCode.
5329 *
5330 * The 4965 "initialize" ALIVE reply contains calibration data for:
5331 * Voltage, temperature, and MIMO tx gain correction, now stored in priv
5332 * (3945 does not contain this data).
5333 *
5334 * Tell "initialize" uCode to go ahead and load the runtime uCode.
5335 */
5336 static void iwl4965_init_alive_start(struct iwl_priv *priv)
5337 {
5338 /* Check alive response for "valid" sign from uCode */
5339 if (priv->card_alive_init.is_valid != UCODE_VALID_OK) {
5340 /* We had an error bringing up the hardware, so take it
5341 * all the way back down so we can try again */
5342 IWL_DEBUG_INFO("Initialize Alive failed.\n");
5343 goto restart;
5344 }
5345
5346 /* Bootstrap uCode has loaded initialize uCode ... verify inst image.
5347 * This is a paranoid check, because we would not have gotten the
5348 * "initialize" alive if code weren't properly loaded. */
5349 if (iwl4965_verify_ucode(priv)) {
5350 /* Runtime instruction load was bad;
5351 * take it all the way back down so we can try again */
5352 IWL_DEBUG_INFO("Bad \"initialize\" uCode load.\n");
5353 goto restart;
5354 }
5355
5356 /* Calculate temperature */
5357 priv->temperature = iwl4965_get_temperature(priv);
5358
5359 /* Send pointers to protocol/runtime uCode image ... init code will
5360 * load and launch runtime uCode, which will send us another "Alive"
5361 * notification. */
5362 IWL_DEBUG_INFO("Initialization Alive received.\n");
5363 if (iwl4965_set_ucode_ptrs(priv)) {
5364 /* Runtime instruction load won't happen;
5365 * take it all the way back down so we can try again */
5366 IWL_DEBUG_INFO("Couldn't set up uCode pointers.\n");
5367 goto restart;
5368 }
5369 return;
5370
5371 restart:
5372 queue_work(priv->workqueue, &priv->restart);
5373 }
5374
5375
5376 /**
5377 * iwl4965_alive_start - called after REPLY_ALIVE notification received
5378 * from protocol/runtime uCode (initialization uCode's
5379 * Alive gets handled by iwl4965_init_alive_start()).
5380 */
5381 static void iwl4965_alive_start(struct iwl_priv *priv)
5382 {
5383 int ret = 0;
5384
5385 IWL_DEBUG_INFO("Runtime Alive received.\n");
5386
5387 if (priv->card_alive.is_valid != UCODE_VALID_OK) {
5388 /* We had an error bringing up the hardware, so take it
5389 * all the way back down so we can try again */
5390 IWL_DEBUG_INFO("Alive failed.\n");
5391 goto restart;
5392 }
5393
5394 /* Initialize uCode has loaded Runtime uCode ... verify inst image.
5395 * This is a paranoid check, because we would not have gotten the
5396 * "runtime" alive if code weren't properly loaded. */
5397 if (iwl4965_verify_ucode(priv)) {
5398 /* Runtime instruction load was bad;
5399 * take it all the way back down so we can try again */
5400 IWL_DEBUG_INFO("Bad runtime uCode load.\n");
5401 goto restart;
5402 }
5403
5404 iwlcore_clear_stations_table(priv);
5405
5406 ret = priv->cfg->ops->lib->alive_notify(priv);
5407 if (ret) {
5408 IWL_WARNING("Could not complete ALIVE transition [ntf]: %d\n",
5409 ret);
5410 goto restart;
5411 }
5412
5413 /* After the ALIVE response, we can send host commands to 4965 uCode */
5414 set_bit(STATUS_ALIVE, &priv->status);
5415
5416 /* Clear out the uCode error bit if it is set */
5417 clear_bit(STATUS_FW_ERROR, &priv->status);
5418
5419 if (iwl_is_rfkill(priv))
5420 return;
5421
5422 ieee80211_start_queues(priv->hw);
5423
5424 priv->active_rate = priv->rates_mask;
5425 priv->active_rate_basic = priv->rates_mask & IWL_BASIC_RATES_MASK;
5426
5427 iwl4965_send_power_mode(priv, IWL_POWER_LEVEL(priv->power_mode));
5428
5429 if (iwl_is_associated(priv)) {
5430 struct iwl4965_rxon_cmd *active_rxon =
5431 (struct iwl4965_rxon_cmd *)(&priv->active_rxon);
5432
5433 memcpy(&priv->staging_rxon, &priv->active_rxon,
5434 sizeof(priv->staging_rxon));
5435 active_rxon->filter_flags &= ~RXON_FILTER_ASSOC_MSK;
5436 } else {
5437 /* Initialize our rx_config data */
5438 iwl4965_connection_init_rx_config(priv);
5439 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
5440 }
5441
5442 /* Configure Bluetooth device coexistence support */
5443 iwl4965_send_bt_config(priv);
5444
5445 /* Configure the adapter for unassociated operation */
5446 iwl4965_commit_rxon(priv);
5447
5448 /* At this point, the NIC is initialized and operational */
5449 priv->notif_missed_beacons = 0;
5450
5451 iwl4965_rf_kill_ct_config(priv);
5452
5453 iwl_leds_register(priv);
5454
5455 IWL_DEBUG_INFO("ALIVE processing complete.\n");
5456 set_bit(STATUS_READY, &priv->status);
5457 wake_up_interruptible(&priv->wait_command_queue);
5458
5459 if (priv->error_recovering)
5460 iwl4965_error_recovery(priv);
5461
5462 iwlcore_low_level_notify(priv, IWLCORE_START_EVT);
5463 ieee80211_notify_mac(priv->hw, IEEE80211_NOTIFY_RE_ASSOC);
5464 return;
5465
5466 restart:
5467 queue_work(priv->workqueue, &priv->restart);
5468 }
5469
5470 static void iwl4965_cancel_deferred_work(struct iwl_priv *priv);
5471
5472 static void __iwl4965_down(struct iwl_priv *priv)
5473 {
5474 unsigned long flags;
5475 int exit_pending = test_bit(STATUS_EXIT_PENDING, &priv->status);
5476 struct ieee80211_conf *conf = NULL;
5477
5478 IWL_DEBUG_INFO(DRV_NAME " is going down\n");
5479
5480 conf = ieee80211_get_hw_conf(priv->hw);
5481
5482 if (!exit_pending)
5483 set_bit(STATUS_EXIT_PENDING, &priv->status);
5484
5485 iwl_leds_unregister(priv);
5486
5487 iwlcore_low_level_notify(priv, IWLCORE_STOP_EVT);
5488
5489 iwlcore_clear_stations_table(priv);
5490
5491 /* Unblock any waiting calls */
5492 wake_up_interruptible_all(&priv->wait_command_queue);
5493
5494 /* Wipe out the EXIT_PENDING status bit if we are not actually
5495 * exiting the module */
5496 if (!exit_pending)
5497 clear_bit(STATUS_EXIT_PENDING, &priv->status);
5498
5499 /* stop and reset the on-board processor */
5500 iwl_write32(priv, CSR_RESET, CSR_RESET_REG_FLAG_NEVO_RESET);
5501
5502 /* tell the device to stop sending interrupts */
5503 spin_lock_irqsave(&priv->lock, flags);
5504 iwl4965_disable_interrupts(priv);
5505 spin_unlock_irqrestore(&priv->lock, flags);
5506 iwl_synchronize_irq(priv);
5507
5508 if (priv->mac80211_registered)
5509 ieee80211_stop_queues(priv->hw);
5510
5511 /* If we have not previously called iwl4965_init() then
5512 * clear all bits but the RF Kill and SUSPEND bits and return */
5513 if (!iwl_is_init(priv)) {
5514 priv->status = test_bit(STATUS_RF_KILL_HW, &priv->status) <<
5515 STATUS_RF_KILL_HW |
5516 test_bit(STATUS_RF_KILL_SW, &priv->status) <<
5517 STATUS_RF_KILL_SW |
5518 test_bit(STATUS_GEO_CONFIGURED, &priv->status) <<
5519 STATUS_GEO_CONFIGURED |
5520 test_bit(STATUS_IN_SUSPEND, &priv->status) <<
5521 STATUS_IN_SUSPEND;
5522 goto exit;
5523 }
5524
5525 /* ...otherwise clear out all the status bits but the RF Kill and
5526 * SUSPEND bits and continue taking the NIC down. */
5527 priv->status &= test_bit(STATUS_RF_KILL_HW, &priv->status) <<
5528 STATUS_RF_KILL_HW |
5529 test_bit(STATUS_RF_KILL_SW, &priv->status) <<
5530 STATUS_RF_KILL_SW |
5531 test_bit(STATUS_GEO_CONFIGURED, &priv->status) <<
5532 STATUS_GEO_CONFIGURED |
5533 test_bit(STATUS_IN_SUSPEND, &priv->status) <<
5534 STATUS_IN_SUSPEND |
5535 test_bit(STATUS_FW_ERROR, &priv->status) <<
5536 STATUS_FW_ERROR;
5537
5538 spin_lock_irqsave(&priv->lock, flags);
5539 iwl_clear_bit(priv, CSR_GP_CNTRL,
5540 CSR_GP_CNTRL_REG_FLAG_MAC_ACCESS_REQ);
5541 spin_unlock_irqrestore(&priv->lock, flags);
5542
5543 iwl4965_hw_txq_ctx_stop(priv);
5544 iwl4965_hw_rxq_stop(priv);
5545
5546 spin_lock_irqsave(&priv->lock, flags);
5547 if (!iwl_grab_nic_access(priv)) {
5548 iwl_write_prph(priv, APMG_CLK_DIS_REG,
5549 APMG_CLK_VAL_DMA_CLK_RQT);
5550 iwl_release_nic_access(priv);
5551 }
5552 spin_unlock_irqrestore(&priv->lock, flags);
5553
5554 udelay(5);
5555
5556 iwl4965_hw_nic_stop_master(priv);
5557 iwl_set_bit(priv, CSR_RESET, CSR_RESET_REG_FLAG_SW_RESET);
5558 iwl4965_hw_nic_reset(priv);
5559
5560 exit:
5561 memset(&priv->card_alive, 0, sizeof(struct iwl4965_alive_resp));
5562
5563 if (priv->ibss_beacon)
5564 dev_kfree_skb(priv->ibss_beacon);
5565 priv->ibss_beacon = NULL;
5566
5567 /* clear out any free frames */
5568 iwl4965_clear_free_frames(priv);
5569 }
5570
5571 static void iwl4965_down(struct iwl_priv *priv)
5572 {
5573 mutex_lock(&priv->mutex);
5574 __iwl4965_down(priv);
5575 mutex_unlock(&priv->mutex);
5576
5577 iwl4965_cancel_deferred_work(priv);
5578 }
5579
5580 #define MAX_HW_RESTARTS 5
5581
5582 static int __iwl4965_up(struct iwl_priv *priv)
5583 {
5584 int i;
5585 int ret;
5586
5587 if (test_bit(STATUS_EXIT_PENDING, &priv->status)) {
5588 IWL_WARNING("Exit pending; will not bring the NIC up\n");
5589 return -EIO;
5590 }
5591
5592 if (test_bit(STATUS_RF_KILL_SW, &priv->status)) {
5593 IWL_WARNING("Radio disabled by SW RF kill (module "
5594 "parameter)\n");
5595 iwl_rfkill_set_hw_state(priv);
5596 return -ENODEV;
5597 }
5598
5599 if (!priv->ucode_data_backup.v_addr || !priv->ucode_data.v_addr) {
5600 IWL_ERROR("ucode not available for device bringup\n");
5601 return -EIO;
5602 }
5603
5604 /* If platform's RF_KILL switch is NOT set to KILL */
5605 if (iwl_read32(priv, CSR_GP_CNTRL) &
5606 CSR_GP_CNTRL_REG_FLAG_HW_RF_KILL_SW)
5607 clear_bit(STATUS_RF_KILL_HW, &priv->status);
5608 else {
5609 set_bit(STATUS_RF_KILL_HW, &priv->status);
5610 if (!test_bit(STATUS_IN_SUSPEND, &priv->status)) {
5611 iwl_rfkill_set_hw_state(priv);
5612 IWL_WARNING("Radio disabled by HW RF Kill switch\n");
5613 return -ENODEV;
5614 }
5615 }
5616
5617 iwl_rfkill_set_hw_state(priv);
5618 iwl_write32(priv, CSR_INT, 0xFFFFFFFF);
5619
5620 ret = priv->cfg->ops->lib->hw_nic_init(priv);
5621 if (ret) {
5622 IWL_ERROR("Unable to init nic\n");
5623 return ret;
5624 }
5625
5626 /* make sure rfkill handshake bits are cleared */
5627 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
5628 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR,
5629 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
5630
5631 /* clear (again), then enable host interrupts */
5632 iwl_write32(priv, CSR_INT, 0xFFFFFFFF);
5633 iwl4965_enable_interrupts(priv);
5634
5635 /* really make sure rfkill handshake bits are cleared */
5636 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
5637 iwl_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
5638
5639 /* Copy original ucode data image from disk into backup cache.
5640 * This will be used to initialize the on-board processor's
5641 * data SRAM for a clean start when the runtime program first loads. */
5642 memcpy(priv->ucode_data_backup.v_addr, priv->ucode_data.v_addr,
5643 priv->ucode_data.len);
5644
5645 /* We return success when we resume from suspend and rf_kill is on. */
5646 if (test_bit(STATUS_RF_KILL_HW, &priv->status))
5647 return 0;
5648
5649 for (i = 0; i < MAX_HW_RESTARTS; i++) {
5650
5651 iwlcore_clear_stations_table(priv);
5652
5653 /* load bootstrap state machine,
5654 * load bootstrap program into processor's memory,
5655 * prepare to load the "initialize" uCode */
5656 ret = priv->cfg->ops->lib->load_ucode(priv);
5657
5658 if (ret) {
5659 IWL_ERROR("Unable to set up bootstrap uCode: %d\n", ret);
5660 continue;
5661 }
5662
5663 /* start card; "initialize" will load runtime ucode */
5664 iwl4965_nic_start(priv);
5665
5666 IWL_DEBUG_INFO(DRV_NAME " is coming up\n");
5667
5668 return 0;
5669 }
5670
5671 set_bit(STATUS_EXIT_PENDING, &priv->status);
5672 __iwl4965_down(priv);
5673
5674 /* tried to restart and config the device for as long as our
5675 * patience could withstand */
5676 IWL_ERROR("Unable to initialize device after %d attempts.\n", i);
5677 return -EIO;
5678 }
5679
5680
5681 /*****************************************************************************
5682 *
5683 * Workqueue callbacks
5684 *
5685 *****************************************************************************/
5686
5687 static void iwl4965_bg_init_alive_start(struct work_struct *data)
5688 {
5689 struct iwl_priv *priv =
5690 container_of(data, struct iwl_priv, init_alive_start.work);
5691
5692 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
5693 return;
5694
5695 mutex_lock(&priv->mutex);
5696 iwl4965_init_alive_start(priv);
5697 mutex_unlock(&priv->mutex);
5698 }
5699
5700 static void iwl4965_bg_alive_start(struct work_struct *data)
5701 {
5702 struct iwl_priv *priv =
5703 container_of(data, struct iwl_priv, alive_start.work);
5704
5705 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
5706 return;
5707
5708 mutex_lock(&priv->mutex);
5709 iwl4965_alive_start(priv);
5710 mutex_unlock(&priv->mutex);
5711 }
5712
5713 static void iwl4965_bg_rf_kill(struct work_struct *work)
5714 {
5715 struct iwl_priv *priv = container_of(work, struct iwl_priv, rf_kill);
5716
5717 wake_up_interruptible(&priv->wait_command_queue);
5718
5719 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
5720 return;
5721
5722 mutex_lock(&priv->mutex);
5723
5724 if (!iwl_is_rfkill(priv)) {
5725 IWL_DEBUG(IWL_DL_INFO | IWL_DL_RF_KILL,
5726 "HW and/or SW RF Kill no longer active, restarting "
5727 "device\n");
5728 if (!test_bit(STATUS_EXIT_PENDING, &priv->status))
5729 queue_work(priv->workqueue, &priv->restart);
5730 } else {
5731 /* make sure mac80211 stop sending Tx frame */
5732 if (priv->mac80211_registered)
5733 ieee80211_stop_queues(priv->hw);
5734
5735 if (!test_bit(STATUS_RF_KILL_HW, &priv->status))
5736 IWL_DEBUG_RF_KILL("Can not turn radio back on - "
5737 "disabled by SW switch\n");
5738 else
5739 IWL_WARNING("Radio Frequency Kill Switch is On:\n"
5740 "Kill switch must be turned off for "
5741 "wireless networking to work.\n");
5742 }
5743 iwl_rfkill_set_hw_state(priv);
5744
5745 mutex_unlock(&priv->mutex);
5746 }
5747
5748 #define IWL_SCAN_CHECK_WATCHDOG (7 * HZ)
5749
5750 static void iwl4965_bg_scan_check(struct work_struct *data)
5751 {
5752 struct iwl_priv *priv =
5753 container_of(data, struct iwl_priv, scan_check.work);
5754
5755 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
5756 return;
5757
5758 mutex_lock(&priv->mutex);
5759 if (test_bit(STATUS_SCANNING, &priv->status) ||
5760 test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
5761 IWL_DEBUG(IWL_DL_INFO | IWL_DL_SCAN,
5762 "Scan completion watchdog resetting adapter (%dms)\n",
5763 jiffies_to_msecs(IWL_SCAN_CHECK_WATCHDOG));
5764
5765 if (!test_bit(STATUS_EXIT_PENDING, &priv->status))
5766 iwl4965_send_scan_abort(priv);
5767 }
5768 mutex_unlock(&priv->mutex);
5769 }
5770
5771 static void iwl4965_bg_request_scan(struct work_struct *data)
5772 {
5773 struct iwl_priv *priv =
5774 container_of(data, struct iwl_priv, request_scan);
5775 struct iwl_host_cmd cmd = {
5776 .id = REPLY_SCAN_CMD,
5777 .len = sizeof(struct iwl4965_scan_cmd),
5778 .meta.flags = CMD_SIZE_HUGE,
5779 };
5780 struct iwl4965_scan_cmd *scan;
5781 struct ieee80211_conf *conf = NULL;
5782 u16 cmd_len;
5783 enum ieee80211_band band;
5784 u8 direct_mask;
5785 int ret = 0;
5786
5787 conf = ieee80211_get_hw_conf(priv->hw);
5788
5789 mutex_lock(&priv->mutex);
5790
5791 if (!iwl_is_ready(priv)) {
5792 IWL_WARNING("request scan called when driver not ready.\n");
5793 goto done;
5794 }
5795
5796 /* Make sure the scan wasn't cancelled before this queued work
5797 * was given the chance to run... */
5798 if (!test_bit(STATUS_SCANNING, &priv->status))
5799 goto done;
5800
5801 /* This should never be called or scheduled if there is currently
5802 * a scan active in the hardware. */
5803 if (test_bit(STATUS_SCAN_HW, &priv->status)) {
5804 IWL_DEBUG_INFO("Multiple concurrent scan requests in parallel. "
5805 "Ignoring second request.\n");
5806 ret = -EIO;
5807 goto done;
5808 }
5809
5810 if (test_bit(STATUS_EXIT_PENDING, &priv->status)) {
5811 IWL_DEBUG_SCAN("Aborting scan due to device shutdown\n");
5812 goto done;
5813 }
5814
5815 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
5816 IWL_DEBUG_HC("Scan request while abort pending. Queuing.\n");
5817 goto done;
5818 }
5819
5820 if (iwl_is_rfkill(priv)) {
5821 IWL_DEBUG_HC("Aborting scan due to RF Kill activation\n");
5822 goto done;
5823 }
5824
5825 if (!test_bit(STATUS_READY, &priv->status)) {
5826 IWL_DEBUG_HC("Scan request while uninitialized. Queuing.\n");
5827 goto done;
5828 }
5829
5830 if (!priv->scan_bands) {
5831 IWL_DEBUG_HC("Aborting scan due to no requested bands\n");
5832 goto done;
5833 }
5834
5835 if (!priv->scan) {
5836 priv->scan = kmalloc(sizeof(struct iwl4965_scan_cmd) +
5837 IWL_MAX_SCAN_SIZE, GFP_KERNEL);
5838 if (!priv->scan) {
5839 ret = -ENOMEM;
5840 goto done;
5841 }
5842 }
5843 scan = priv->scan;
5844 memset(scan, 0, sizeof(struct iwl4965_scan_cmd) + IWL_MAX_SCAN_SIZE);
5845
5846 scan->quiet_plcp_th = IWL_PLCP_QUIET_THRESH;
5847 scan->quiet_time = IWL_ACTIVE_QUIET_TIME;
5848
5849 if (iwl_is_associated(priv)) {
5850 u16 interval = 0;
5851 u32 extra;
5852 u32 suspend_time = 100;
5853 u32 scan_suspend_time = 100;
5854 unsigned long flags;
5855
5856 IWL_DEBUG_INFO("Scanning while associated...\n");
5857
5858 spin_lock_irqsave(&priv->lock, flags);
5859 interval = priv->beacon_int;
5860 spin_unlock_irqrestore(&priv->lock, flags);
5861
5862 scan->suspend_time = 0;
5863 scan->max_out_time = cpu_to_le32(200 * 1024);
5864 if (!interval)
5865 interval = suspend_time;
5866
5867 extra = (suspend_time / interval) << 22;
5868 scan_suspend_time = (extra |
5869 ((suspend_time % interval) * 1024));
5870 scan->suspend_time = cpu_to_le32(scan_suspend_time);
5871 IWL_DEBUG_SCAN("suspend_time 0x%X beacon interval %d\n",
5872 scan_suspend_time, interval);
5873 }
5874
5875 /* We should add the ability for user to lock to PASSIVE ONLY */
5876 if (priv->one_direct_scan) {
5877 IWL_DEBUG_SCAN
5878 ("Kicking off one direct scan for '%s'\n",
5879 iwl4965_escape_essid(priv->direct_ssid,
5880 priv->direct_ssid_len));
5881 scan->direct_scan[0].id = WLAN_EID_SSID;
5882 scan->direct_scan[0].len = priv->direct_ssid_len;
5883 memcpy(scan->direct_scan[0].ssid,
5884 priv->direct_ssid, priv->direct_ssid_len);
5885 direct_mask = 1;
5886 } else if (!iwl_is_associated(priv) && priv->essid_len) {
5887 scan->direct_scan[0].id = WLAN_EID_SSID;
5888 scan->direct_scan[0].len = priv->essid_len;
5889 memcpy(scan->direct_scan[0].ssid, priv->essid, priv->essid_len);
5890 direct_mask = 1;
5891 } else {
5892 direct_mask = 0;
5893 }
5894
5895 scan->tx_cmd.tx_flags = TX_CMD_FLG_SEQ_CTL_MSK;
5896 scan->tx_cmd.sta_id = priv->hw_setting.bcast_sta_id;
5897 scan->tx_cmd.stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
5898
5899
5900 switch (priv->scan_bands) {
5901 case 2:
5902 scan->flags = RXON_FLG_BAND_24G_MSK | RXON_FLG_AUTO_DETECT_MSK;
5903 scan->tx_cmd.rate_n_flags =
5904 iwl4965_hw_set_rate_n_flags(IWL_RATE_1M_PLCP,
5905 RATE_MCS_ANT_B_MSK|RATE_MCS_CCK_MSK);
5906
5907 scan->good_CRC_th = 0;
5908 band = IEEE80211_BAND_2GHZ;
5909 break;
5910
5911 case 1:
5912 scan->tx_cmd.rate_n_flags =
5913 iwl4965_hw_set_rate_n_flags(IWL_RATE_6M_PLCP,
5914 RATE_MCS_ANT_B_MSK);
5915 scan->good_CRC_th = IWL_GOOD_CRC_TH;
5916 band = IEEE80211_BAND_5GHZ;
5917 break;
5918
5919 default:
5920 IWL_WARNING("Invalid scan band count\n");
5921 goto done;
5922 }
5923
5924 /* We don't build a direct scan probe request; the uCode will do
5925 * that based on the direct_mask added to each channel entry */
5926 cmd_len = iwl4965_fill_probe_req(priv, band,
5927 (struct ieee80211_mgmt *)scan->data,
5928 IWL_MAX_SCAN_SIZE - sizeof(*scan), 0);
5929
5930 scan->tx_cmd.len = cpu_to_le16(cmd_len);
5931 /* select Rx chains */
5932
5933 /* Force use of chains B and C (0x6) for scan Rx.
5934 * Avoid A (0x1) because of its off-channel reception on A-band.
5935 * MIMO is not used here, but value is required to make uCode happy. */
5936 scan->rx_chain = RXON_RX_CHAIN_DRIVER_FORCE_MSK |
5937 cpu_to_le16((0x7 << RXON_RX_CHAIN_VALID_POS) |
5938 (0x6 << RXON_RX_CHAIN_FORCE_SEL_POS) |
5939 (0x7 << RXON_RX_CHAIN_FORCE_MIMO_SEL_POS));
5940
5941 if (priv->iw_mode == IEEE80211_IF_TYPE_MNTR)
5942 scan->filter_flags = RXON_FILTER_PROMISC_MSK;
5943
5944 if (direct_mask) {
5945 IWL_DEBUG_SCAN
5946 ("Initiating direct scan for %s.\n",
5947 iwl4965_escape_essid(priv->essid, priv->essid_len));
5948 scan->channel_count =
5949 iwl4965_get_channels_for_scan(
5950 priv, band, 1, /* active */
5951 direct_mask,
5952 (void *)&scan->data[le16_to_cpu(scan->tx_cmd.len)]);
5953 } else {
5954 IWL_DEBUG_SCAN("Initiating indirect scan.\n");
5955 scan->channel_count =
5956 iwl4965_get_channels_for_scan(
5957 priv, band, 0, /* passive */
5958 direct_mask,
5959 (void *)&scan->data[le16_to_cpu(scan->tx_cmd.len)]);
5960 }
5961
5962 cmd.len += le16_to_cpu(scan->tx_cmd.len) +
5963 scan->channel_count * sizeof(struct iwl4965_scan_channel);
5964 cmd.data = scan;
5965 scan->len = cpu_to_le16(cmd.len);
5966
5967 set_bit(STATUS_SCAN_HW, &priv->status);
5968 ret = iwl_send_cmd_sync(priv, &cmd);
5969 if (ret)
5970 goto done;
5971
5972 queue_delayed_work(priv->workqueue, &priv->scan_check,
5973 IWL_SCAN_CHECK_WATCHDOG);
5974
5975 mutex_unlock(&priv->mutex);
5976 return;
5977
5978 done:
5979 /* inform mac80211 scan aborted */
5980 queue_work(priv->workqueue, &priv->scan_completed);
5981 mutex_unlock(&priv->mutex);
5982 }
5983
5984 static void iwl4965_bg_up(struct work_struct *data)
5985 {
5986 struct iwl_priv *priv = container_of(data, struct iwl_priv, up);
5987
5988 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
5989 return;
5990
5991 mutex_lock(&priv->mutex);
5992 __iwl4965_up(priv);
5993 mutex_unlock(&priv->mutex);
5994 }
5995
5996 static void iwl4965_bg_restart(struct work_struct *data)
5997 {
5998 struct iwl_priv *priv = container_of(data, struct iwl_priv, restart);
5999
6000 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6001 return;
6002
6003 iwl4965_down(priv);
6004 queue_work(priv->workqueue, &priv->up);
6005 }
6006
6007 static void iwl4965_bg_rx_replenish(struct work_struct *data)
6008 {
6009 struct iwl_priv *priv =
6010 container_of(data, struct iwl_priv, rx_replenish);
6011
6012 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6013 return;
6014
6015 mutex_lock(&priv->mutex);
6016 iwl4965_rx_replenish(priv);
6017 mutex_unlock(&priv->mutex);
6018 }
6019
6020 #define IWL_DELAY_NEXT_SCAN (HZ*2)
6021
6022 static void iwl4965_bg_post_associate(struct work_struct *data)
6023 {
6024 struct iwl_priv *priv = container_of(data, struct iwl_priv,
6025 post_associate.work);
6026 struct ieee80211_conf *conf = NULL;
6027 int ret = 0;
6028 DECLARE_MAC_BUF(mac);
6029
6030 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
6031 IWL_ERROR("%s Should not be called in AP mode\n", __FUNCTION__);
6032 return;
6033 }
6034
6035 IWL_DEBUG_ASSOC("Associated as %d to: %s\n",
6036 priv->assoc_id,
6037 print_mac(mac, priv->active_rxon.bssid_addr));
6038
6039
6040 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6041 return;
6042
6043 mutex_lock(&priv->mutex);
6044
6045 if (!priv->vif || !priv->is_open) {
6046 mutex_unlock(&priv->mutex);
6047 return;
6048 }
6049 iwl4965_scan_cancel_timeout(priv, 200);
6050
6051 conf = ieee80211_get_hw_conf(priv->hw);
6052
6053 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6054 iwl4965_commit_rxon(priv);
6055
6056 memset(&priv->rxon_timing, 0, sizeof(struct iwl4965_rxon_time_cmd));
6057 iwl4965_setup_rxon_timing(priv);
6058 ret = iwl_send_cmd_pdu(priv, REPLY_RXON_TIMING,
6059 sizeof(priv->rxon_timing), &priv->rxon_timing);
6060 if (ret)
6061 IWL_WARNING("REPLY_RXON_TIMING failed - "
6062 "Attempting to continue.\n");
6063
6064 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
6065
6066 #ifdef CONFIG_IWL4965_HT
6067 if (priv->current_ht_config.is_ht)
6068 iwl4965_set_rxon_ht(priv, &priv->current_ht_config);
6069 #endif /* CONFIG_IWL4965_HT*/
6070 iwl4965_set_rxon_chain(priv);
6071 priv->staging_rxon.assoc_id = cpu_to_le16(priv->assoc_id);
6072
6073 IWL_DEBUG_ASSOC("assoc id %d beacon interval %d\n",
6074 priv->assoc_id, priv->beacon_int);
6075
6076 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
6077 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
6078 else
6079 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
6080
6081 if (priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) {
6082 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
6083 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
6084 else
6085 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
6086
6087 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
6088 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
6089
6090 }
6091
6092 iwl4965_commit_rxon(priv);
6093
6094 switch (priv->iw_mode) {
6095 case IEEE80211_IF_TYPE_STA:
6096 iwl4965_rate_scale_init(priv->hw, IWL_AP_ID);
6097 break;
6098
6099 case IEEE80211_IF_TYPE_IBSS:
6100
6101 /* clear out the station table */
6102 iwlcore_clear_stations_table(priv);
6103
6104 iwl4965_rxon_add_station(priv, iwl4965_broadcast_addr, 0);
6105 iwl4965_rxon_add_station(priv, priv->bssid, 0);
6106 iwl4965_rate_scale_init(priv->hw, IWL_STA_ID);
6107 iwl4965_send_beacon_cmd(priv);
6108
6109 break;
6110
6111 default:
6112 IWL_ERROR("%s Should not be called in %d mode\n",
6113 __FUNCTION__, priv->iw_mode);
6114 break;
6115 }
6116
6117 iwl4965_sequence_reset(priv);
6118
6119 #ifdef CONFIG_IWL4965_SENSITIVITY
6120 /* Enable Rx differential gain and sensitivity calibrations */
6121 iwl4965_chain_noise_reset(priv);
6122 priv->start_calib = 1;
6123 #endif /* CONFIG_IWL4965_SENSITIVITY */
6124
6125 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
6126 priv->assoc_station_added = 1;
6127
6128 iwl4965_activate_qos(priv, 0);
6129
6130 /* we have just associated, don't start scan too early */
6131 priv->next_scan_jiffies = jiffies + IWL_DELAY_NEXT_SCAN;
6132 mutex_unlock(&priv->mutex);
6133 }
6134
6135 static void iwl4965_bg_abort_scan(struct work_struct *work)
6136 {
6137 struct iwl_priv *priv = container_of(work, struct iwl_priv, abort_scan);
6138
6139 if (!iwl_is_ready(priv))
6140 return;
6141
6142 mutex_lock(&priv->mutex);
6143
6144 set_bit(STATUS_SCAN_ABORTING, &priv->status);
6145 iwl4965_send_scan_abort(priv);
6146
6147 mutex_unlock(&priv->mutex);
6148 }
6149
6150 static int iwl4965_mac_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf);
6151
6152 static void iwl4965_bg_scan_completed(struct work_struct *work)
6153 {
6154 struct iwl_priv *priv =
6155 container_of(work, struct iwl_priv, scan_completed);
6156
6157 IWL_DEBUG(IWL_DL_INFO | IWL_DL_SCAN, "SCAN complete scan\n");
6158
6159 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6160 return;
6161
6162 if (test_bit(STATUS_CONF_PENDING, &priv->status))
6163 iwl4965_mac_config(priv->hw, ieee80211_get_hw_conf(priv->hw));
6164
6165 ieee80211_scan_completed(priv->hw);
6166
6167 /* Since setting the TXPOWER may have been deferred while
6168 * performing the scan, fire one off */
6169 mutex_lock(&priv->mutex);
6170 iwl4965_hw_reg_send_txpower(priv);
6171 mutex_unlock(&priv->mutex);
6172 }
6173
6174 /*****************************************************************************
6175 *
6176 * mac80211 entry point functions
6177 *
6178 *****************************************************************************/
6179
6180 #define UCODE_READY_TIMEOUT (2 * HZ)
6181
6182 static int iwl4965_mac_start(struct ieee80211_hw *hw)
6183 {
6184 struct iwl_priv *priv = hw->priv;
6185 int ret;
6186
6187 IWL_DEBUG_MAC80211("enter\n");
6188
6189 if (pci_enable_device(priv->pci_dev)) {
6190 IWL_ERROR("Fail to pci_enable_device\n");
6191 return -ENODEV;
6192 }
6193 pci_restore_state(priv->pci_dev);
6194 pci_enable_msi(priv->pci_dev);
6195
6196 ret = request_irq(priv->pci_dev->irq, iwl4965_isr, IRQF_SHARED,
6197 DRV_NAME, priv);
6198 if (ret) {
6199 IWL_ERROR("Error allocating IRQ %d\n", priv->pci_dev->irq);
6200 goto out_disable_msi;
6201 }
6202
6203 /* we should be verifying the device is ready to be opened */
6204 mutex_lock(&priv->mutex);
6205
6206 memset(&priv->staging_rxon, 0, sizeof(struct iwl4965_rxon_cmd));
6207 /* fetch ucode file from disk, alloc and copy to bus-master buffers ...
6208 * ucode filename and max sizes are card-specific. */
6209
6210 if (!priv->ucode_code.len) {
6211 ret = iwl4965_read_ucode(priv);
6212 if (ret) {
6213 IWL_ERROR("Could not read microcode: %d\n", ret);
6214 mutex_unlock(&priv->mutex);
6215 goto out_release_irq;
6216 }
6217 }
6218
6219 ret = __iwl4965_up(priv);
6220
6221 mutex_unlock(&priv->mutex);
6222
6223 if (ret)
6224 goto out_release_irq;
6225
6226 IWL_DEBUG_INFO("Start UP work done.\n");
6227
6228 if (test_bit(STATUS_IN_SUSPEND, &priv->status))
6229 return 0;
6230
6231 /* Wait for START_ALIVE from ucode. Otherwise callbacks from
6232 * mac80211 will not be run successfully. */
6233 ret = wait_event_interruptible_timeout(priv->wait_command_queue,
6234 test_bit(STATUS_READY, &priv->status),
6235 UCODE_READY_TIMEOUT);
6236 if (!ret) {
6237 if (!test_bit(STATUS_READY, &priv->status)) {
6238 IWL_ERROR("Wait for START_ALIVE timeout after %dms.\n",
6239 jiffies_to_msecs(UCODE_READY_TIMEOUT));
6240 ret = -ETIMEDOUT;
6241 goto out_release_irq;
6242 }
6243 }
6244
6245 priv->is_open = 1;
6246 IWL_DEBUG_MAC80211("leave\n");
6247 return 0;
6248
6249 out_release_irq:
6250 free_irq(priv->pci_dev->irq, priv);
6251 out_disable_msi:
6252 pci_disable_msi(priv->pci_dev);
6253 pci_disable_device(priv->pci_dev);
6254 priv->is_open = 0;
6255 IWL_DEBUG_MAC80211("leave - failed\n");
6256 return ret;
6257 }
6258
6259 static void iwl4965_mac_stop(struct ieee80211_hw *hw)
6260 {
6261 struct iwl_priv *priv = hw->priv;
6262
6263 IWL_DEBUG_MAC80211("enter\n");
6264
6265 if (!priv->is_open) {
6266 IWL_DEBUG_MAC80211("leave - skip\n");
6267 return;
6268 }
6269
6270 priv->is_open = 0;
6271
6272 if (iwl_is_ready_rf(priv)) {
6273 /* stop mac, cancel any scan request and clear
6274 * RXON_FILTER_ASSOC_MSK BIT
6275 */
6276 mutex_lock(&priv->mutex);
6277 iwl4965_scan_cancel_timeout(priv, 100);
6278 cancel_delayed_work(&priv->post_associate);
6279 mutex_unlock(&priv->mutex);
6280 }
6281
6282 iwl4965_down(priv);
6283
6284 flush_workqueue(priv->workqueue);
6285 free_irq(priv->pci_dev->irq, priv);
6286 pci_disable_msi(priv->pci_dev);
6287 pci_save_state(priv->pci_dev);
6288 pci_disable_device(priv->pci_dev);
6289
6290 IWL_DEBUG_MAC80211("leave\n");
6291 }
6292
6293 static int iwl4965_mac_tx(struct ieee80211_hw *hw, struct sk_buff *skb,
6294 struct ieee80211_tx_control *ctl)
6295 {
6296 struct iwl_priv *priv = hw->priv;
6297
6298 IWL_DEBUG_MAC80211("enter\n");
6299
6300 if (priv->iw_mode == IEEE80211_IF_TYPE_MNTR) {
6301 IWL_DEBUG_MAC80211("leave - monitor\n");
6302 return -1;
6303 }
6304
6305 IWL_DEBUG_TX("dev->xmit(%d bytes) at rate 0x%02x\n", skb->len,
6306 ctl->tx_rate->bitrate);
6307
6308 if (iwl4965_tx_skb(priv, skb, ctl))
6309 dev_kfree_skb_any(skb);
6310
6311 IWL_DEBUG_MAC80211("leave\n");
6312 return 0;
6313 }
6314
6315 static int iwl4965_mac_add_interface(struct ieee80211_hw *hw,
6316 struct ieee80211_if_init_conf *conf)
6317 {
6318 struct iwl_priv *priv = hw->priv;
6319 unsigned long flags;
6320 DECLARE_MAC_BUF(mac);
6321
6322 IWL_DEBUG_MAC80211("enter: type %d\n", conf->type);
6323
6324 if (priv->vif) {
6325 IWL_DEBUG_MAC80211("leave - vif != NULL\n");
6326 return -EOPNOTSUPP;
6327 }
6328
6329 spin_lock_irqsave(&priv->lock, flags);
6330 priv->vif = conf->vif;
6331
6332 spin_unlock_irqrestore(&priv->lock, flags);
6333
6334 mutex_lock(&priv->mutex);
6335
6336 if (conf->mac_addr) {
6337 IWL_DEBUG_MAC80211("Set %s\n", print_mac(mac, conf->mac_addr));
6338 memcpy(priv->mac_addr, conf->mac_addr, ETH_ALEN);
6339 }
6340
6341 if (iwl_is_ready(priv))
6342 iwl4965_set_mode(priv, conf->type);
6343
6344 mutex_unlock(&priv->mutex);
6345
6346 IWL_DEBUG_MAC80211("leave\n");
6347 return 0;
6348 }
6349
6350 /**
6351 * iwl4965_mac_config - mac80211 config callback
6352 *
6353 * We ignore conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME since it seems to
6354 * be set inappropriately and the driver currently sets the hardware up to
6355 * use it whenever needed.
6356 */
6357 static int iwl4965_mac_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf)
6358 {
6359 struct iwl_priv *priv = hw->priv;
6360 const struct iwl_channel_info *ch_info;
6361 unsigned long flags;
6362 int ret = 0;
6363
6364 mutex_lock(&priv->mutex);
6365 IWL_DEBUG_MAC80211("enter to channel %d\n", conf->channel->hw_value);
6366
6367 priv->add_radiotap = !!(conf->flags & IEEE80211_CONF_RADIOTAP);
6368
6369 if (!iwl_is_ready(priv)) {
6370 IWL_DEBUG_MAC80211("leave - not ready\n");
6371 ret = -EIO;
6372 goto out;
6373 }
6374
6375 if (unlikely(!priv->cfg->mod_params->disable_hw_scan &&
6376 test_bit(STATUS_SCANNING, &priv->status))) {
6377 IWL_DEBUG_MAC80211("leave - scanning\n");
6378 set_bit(STATUS_CONF_PENDING, &priv->status);
6379 mutex_unlock(&priv->mutex);
6380 return 0;
6381 }
6382
6383 spin_lock_irqsave(&priv->lock, flags);
6384
6385 ch_info = iwl_get_channel_info(priv, conf->channel->band,
6386 ieee80211_frequency_to_channel(conf->channel->center_freq));
6387 if (!is_channel_valid(ch_info)) {
6388 IWL_DEBUG_MAC80211("leave - invalid channel\n");
6389 spin_unlock_irqrestore(&priv->lock, flags);
6390 ret = -EINVAL;
6391 goto out;
6392 }
6393
6394 #ifdef CONFIG_IWL4965_HT
6395 /* if we are switching from ht to 2.4 clear flags
6396 * from any ht related info since 2.4 does not
6397 * support ht */
6398 if ((le16_to_cpu(priv->staging_rxon.channel) != conf->channel->hw_value)
6399 #ifdef IEEE80211_CONF_CHANNEL_SWITCH
6400 && !(conf->flags & IEEE80211_CONF_CHANNEL_SWITCH)
6401 #endif
6402 )
6403 priv->staging_rxon.flags = 0;
6404 #endif /* CONFIG_IWL4965_HT */
6405
6406 iwlcore_set_rxon_channel(priv, conf->channel->band,
6407 ieee80211_frequency_to_channel(conf->channel->center_freq));
6408
6409 iwl4965_set_flags_for_phymode(priv, conf->channel->band);
6410
6411 /* The list of supported rates and rate mask can be different
6412 * for each band; since the band may have changed, reset
6413 * the rate mask to what mac80211 lists */
6414 iwl4965_set_rate(priv);
6415
6416 spin_unlock_irqrestore(&priv->lock, flags);
6417
6418 #ifdef IEEE80211_CONF_CHANNEL_SWITCH
6419 if (conf->flags & IEEE80211_CONF_CHANNEL_SWITCH) {
6420 iwl4965_hw_channel_switch(priv, conf->channel);
6421 goto out;
6422 }
6423 #endif
6424
6425 if (priv->cfg->ops->lib->radio_kill_sw)
6426 priv->cfg->ops->lib->radio_kill_sw(priv, !conf->radio_enabled);
6427
6428 if (!conf->radio_enabled) {
6429 IWL_DEBUG_MAC80211("leave - radio disabled\n");
6430 goto out;
6431 }
6432
6433 if (iwl_is_rfkill(priv)) {
6434 IWL_DEBUG_MAC80211("leave - RF kill\n");
6435 ret = -EIO;
6436 goto out;
6437 }
6438
6439 iwl4965_set_rate(priv);
6440
6441 if (memcmp(&priv->active_rxon,
6442 &priv->staging_rxon, sizeof(priv->staging_rxon)))
6443 iwl4965_commit_rxon(priv);
6444 else
6445 IWL_DEBUG_INFO("No re-sending same RXON configuration.\n");
6446
6447 IWL_DEBUG_MAC80211("leave\n");
6448
6449 out:
6450 clear_bit(STATUS_CONF_PENDING, &priv->status);
6451 mutex_unlock(&priv->mutex);
6452 return ret;
6453 }
6454
6455 static void iwl4965_config_ap(struct iwl_priv *priv)
6456 {
6457 int ret = 0;
6458
6459 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
6460 return;
6461
6462 /* The following should be done only at AP bring up */
6463 if ((priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) == 0) {
6464
6465 /* RXON - unassoc (to set timing command) */
6466 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6467 iwl4965_commit_rxon(priv);
6468
6469 /* RXON Timing */
6470 memset(&priv->rxon_timing, 0, sizeof(struct iwl4965_rxon_time_cmd));
6471 iwl4965_setup_rxon_timing(priv);
6472 ret = iwl_send_cmd_pdu(priv, REPLY_RXON_TIMING,
6473 sizeof(priv->rxon_timing), &priv->rxon_timing);
6474 if (ret)
6475 IWL_WARNING("REPLY_RXON_TIMING failed - "
6476 "Attempting to continue.\n");
6477
6478 iwl4965_set_rxon_chain(priv);
6479
6480 /* FIXME: what should be the assoc_id for AP? */
6481 priv->staging_rxon.assoc_id = cpu_to_le16(priv->assoc_id);
6482 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
6483 priv->staging_rxon.flags |=
6484 RXON_FLG_SHORT_PREAMBLE_MSK;
6485 else
6486 priv->staging_rxon.flags &=
6487 ~RXON_FLG_SHORT_PREAMBLE_MSK;
6488
6489 if (priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) {
6490 if (priv->assoc_capability &
6491 WLAN_CAPABILITY_SHORT_SLOT_TIME)
6492 priv->staging_rxon.flags |=
6493 RXON_FLG_SHORT_SLOT_MSK;
6494 else
6495 priv->staging_rxon.flags &=
6496 ~RXON_FLG_SHORT_SLOT_MSK;
6497
6498 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
6499 priv->staging_rxon.flags &=
6500 ~RXON_FLG_SHORT_SLOT_MSK;
6501 }
6502 /* restore RXON assoc */
6503 priv->staging_rxon.filter_flags |= RXON_FILTER_ASSOC_MSK;
6504 iwl4965_commit_rxon(priv);
6505 iwl4965_activate_qos(priv, 1);
6506 iwl4965_rxon_add_station(priv, iwl4965_broadcast_addr, 0);
6507 }
6508 iwl4965_send_beacon_cmd(priv);
6509
6510 /* FIXME - we need to add code here to detect a totally new
6511 * configuration, reset the AP, unassoc, rxon timing, assoc,
6512 * clear sta table, add BCAST sta... */
6513 }
6514
6515 static int iwl4965_mac_config_interface(struct ieee80211_hw *hw,
6516 struct ieee80211_vif *vif,
6517 struct ieee80211_if_conf *conf)
6518 {
6519 struct iwl_priv *priv = hw->priv;
6520 DECLARE_MAC_BUF(mac);
6521 unsigned long flags;
6522 int rc;
6523
6524 if (conf == NULL)
6525 return -EIO;
6526
6527 if (priv->vif != vif) {
6528 IWL_DEBUG_MAC80211("leave - priv->vif != vif\n");
6529 mutex_unlock(&priv->mutex);
6530 return 0;
6531 }
6532
6533 if ((priv->iw_mode == IEEE80211_IF_TYPE_AP) &&
6534 (!conf->beacon || !conf->ssid_len)) {
6535 IWL_DEBUG_MAC80211
6536 ("Leaving in AP mode because HostAPD is not ready.\n");
6537 return 0;
6538 }
6539
6540 if (!iwl_is_alive(priv))
6541 return -EAGAIN;
6542
6543 mutex_lock(&priv->mutex);
6544
6545 if (conf->bssid)
6546 IWL_DEBUG_MAC80211("bssid: %s\n",
6547 print_mac(mac, conf->bssid));
6548
6549 /*
6550 * very dubious code was here; the probe filtering flag is never set:
6551 *
6552 if (unlikely(test_bit(STATUS_SCANNING, &priv->status)) &&
6553 !(priv->hw->flags & IEEE80211_HW_NO_PROBE_FILTERING)) {
6554 */
6555
6556 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
6557 if (!conf->bssid) {
6558 conf->bssid = priv->mac_addr;
6559 memcpy(priv->bssid, priv->mac_addr, ETH_ALEN);
6560 IWL_DEBUG_MAC80211("bssid was set to: %s\n",
6561 print_mac(mac, conf->bssid));
6562 }
6563 if (priv->ibss_beacon)
6564 dev_kfree_skb(priv->ibss_beacon);
6565
6566 priv->ibss_beacon = conf->beacon;
6567 }
6568
6569 if (iwl_is_rfkill(priv))
6570 goto done;
6571
6572 if (conf->bssid && !is_zero_ether_addr(conf->bssid) &&
6573 !is_multicast_ether_addr(conf->bssid)) {
6574 /* If there is currently a HW scan going on in the background
6575 * then we need to cancel it else the RXON below will fail. */
6576 if (iwl4965_scan_cancel_timeout(priv, 100)) {
6577 IWL_WARNING("Aborted scan still in progress "
6578 "after 100ms\n");
6579 IWL_DEBUG_MAC80211("leaving - scan abort failed.\n");
6580 mutex_unlock(&priv->mutex);
6581 return -EAGAIN;
6582 }
6583 memcpy(priv->staging_rxon.bssid_addr, conf->bssid, ETH_ALEN);
6584
6585 /* TODO: Audit driver for usage of these members and see
6586 * if mac80211 deprecates them (priv->bssid looks like it
6587 * shouldn't be there, but I haven't scanned the IBSS code
6588 * to verify) - jpk */
6589 memcpy(priv->bssid, conf->bssid, ETH_ALEN);
6590
6591 if (priv->iw_mode == IEEE80211_IF_TYPE_AP)
6592 iwl4965_config_ap(priv);
6593 else {
6594 rc = iwl4965_commit_rxon(priv);
6595 if ((priv->iw_mode == IEEE80211_IF_TYPE_STA) && rc)
6596 iwl4965_rxon_add_station(
6597 priv, priv->active_rxon.bssid_addr, 1);
6598 }
6599
6600 } else {
6601 iwl4965_scan_cancel_timeout(priv, 100);
6602 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6603 iwl4965_commit_rxon(priv);
6604 }
6605
6606 done:
6607 spin_lock_irqsave(&priv->lock, flags);
6608 if (!conf->ssid_len)
6609 memset(priv->essid, 0, IW_ESSID_MAX_SIZE);
6610 else
6611 memcpy(priv->essid, conf->ssid, conf->ssid_len);
6612
6613 priv->essid_len = conf->ssid_len;
6614 spin_unlock_irqrestore(&priv->lock, flags);
6615
6616 IWL_DEBUG_MAC80211("leave\n");
6617 mutex_unlock(&priv->mutex);
6618
6619 return 0;
6620 }
6621
6622 static void iwl4965_configure_filter(struct ieee80211_hw *hw,
6623 unsigned int changed_flags,
6624 unsigned int *total_flags,
6625 int mc_count, struct dev_addr_list *mc_list)
6626 {
6627 /*
6628 * XXX: dummy
6629 * see also iwl4965_connection_init_rx_config
6630 */
6631 *total_flags = 0;
6632 }
6633
6634 static void iwl4965_mac_remove_interface(struct ieee80211_hw *hw,
6635 struct ieee80211_if_init_conf *conf)
6636 {
6637 struct iwl_priv *priv = hw->priv;
6638
6639 IWL_DEBUG_MAC80211("enter\n");
6640
6641 mutex_lock(&priv->mutex);
6642
6643 if (iwl_is_ready_rf(priv)) {
6644 iwl4965_scan_cancel_timeout(priv, 100);
6645 cancel_delayed_work(&priv->post_associate);
6646 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
6647 iwl4965_commit_rxon(priv);
6648 }
6649 if (priv->vif == conf->vif) {
6650 priv->vif = NULL;
6651 memset(priv->bssid, 0, ETH_ALEN);
6652 memset(priv->essid, 0, IW_ESSID_MAX_SIZE);
6653 priv->essid_len = 0;
6654 }
6655 mutex_unlock(&priv->mutex);
6656
6657 IWL_DEBUG_MAC80211("leave\n");
6658
6659 }
6660
6661
6662 #ifdef CONFIG_IWL4965_HT
6663 static void iwl4965_ht_conf(struct iwl_priv *priv,
6664 struct ieee80211_bss_conf *bss_conf)
6665 {
6666 struct ieee80211_ht_info *ht_conf = bss_conf->ht_conf;
6667 struct ieee80211_ht_bss_info *ht_bss_conf = bss_conf->ht_bss_conf;
6668 struct iwl_ht_info *iwl_conf = &priv->current_ht_config;
6669
6670 IWL_DEBUG_MAC80211("enter: \n");
6671
6672 iwl_conf->is_ht = bss_conf->assoc_ht;
6673
6674 if (!iwl_conf->is_ht)
6675 return;
6676
6677 priv->ps_mode = (u8)((ht_conf->cap & IEEE80211_HT_CAP_MIMO_PS) >> 2);
6678
6679 if (ht_conf->cap & IEEE80211_HT_CAP_SGI_20)
6680 iwl_conf->sgf |= 0x1;
6681 if (ht_conf->cap & IEEE80211_HT_CAP_SGI_40)
6682 iwl_conf->sgf |= 0x2;
6683
6684 iwl_conf->is_green_field = !!(ht_conf->cap & IEEE80211_HT_CAP_GRN_FLD);
6685 iwl_conf->max_amsdu_size =
6686 !!(ht_conf->cap & IEEE80211_HT_CAP_MAX_AMSDU);
6687
6688 iwl_conf->supported_chan_width =
6689 !!(ht_conf->cap & IEEE80211_HT_CAP_SUP_WIDTH);
6690 iwl_conf->extension_chan_offset =
6691 ht_bss_conf->bss_cap & IEEE80211_HT_IE_CHA_SEC_OFFSET;
6692 /* If no above or below channel supplied disable FAT channel */
6693 if (iwl_conf->extension_chan_offset != IWL_EXT_CHANNEL_OFFSET_ABOVE &&
6694 iwl_conf->extension_chan_offset != IWL_EXT_CHANNEL_OFFSET_BELOW)
6695 iwl_conf->supported_chan_width = 0;
6696
6697 iwl_conf->tx_mimo_ps_mode =
6698 (u8)((ht_conf->cap & IEEE80211_HT_CAP_MIMO_PS) >> 2);
6699 memcpy(iwl_conf->supp_mcs_set, ht_conf->supp_mcs_set, 16);
6700
6701 iwl_conf->control_channel = ht_bss_conf->primary_channel;
6702 iwl_conf->tx_chan_width =
6703 !!(ht_bss_conf->bss_cap & IEEE80211_HT_IE_CHA_WIDTH);
6704 iwl_conf->ht_protection =
6705 ht_bss_conf->bss_op_mode & IEEE80211_HT_IE_HT_PROTECTION;
6706 iwl_conf->non_GF_STA_present =
6707 !!(ht_bss_conf->bss_op_mode & IEEE80211_HT_IE_NON_GF_STA_PRSNT);
6708
6709 IWL_DEBUG_MAC80211("control channel %d\n", iwl_conf->control_channel);
6710 IWL_DEBUG_MAC80211("leave\n");
6711 }
6712 #else
6713 static inline void iwl4965_ht_conf(struct iwl_priv *priv,
6714 struct ieee80211_bss_conf *bss_conf)
6715 {
6716 }
6717 #endif
6718
6719 #define IWL_DELAY_NEXT_SCAN_AFTER_ASSOC (HZ*6)
6720 static void iwl4965_bss_info_changed(struct ieee80211_hw *hw,
6721 struct ieee80211_vif *vif,
6722 struct ieee80211_bss_conf *bss_conf,
6723 u32 changes)
6724 {
6725 struct iwl_priv *priv = hw->priv;
6726
6727 IWL_DEBUG_MAC80211("changes = 0x%X\n", changes);
6728
6729 if (changes & BSS_CHANGED_ERP_PREAMBLE) {
6730 IWL_DEBUG_MAC80211("ERP_PREAMBLE %d\n",
6731 bss_conf->use_short_preamble);
6732 if (bss_conf->use_short_preamble)
6733 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
6734 else
6735 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
6736 }
6737
6738 if (changes & BSS_CHANGED_ERP_CTS_PROT) {
6739 IWL_DEBUG_MAC80211("ERP_CTS %d\n", bss_conf->use_cts_prot);
6740 if (bss_conf->use_cts_prot && (priv->band != IEEE80211_BAND_5GHZ))
6741 priv->staging_rxon.flags |= RXON_FLG_TGG_PROTECT_MSK;
6742 else
6743 priv->staging_rxon.flags &= ~RXON_FLG_TGG_PROTECT_MSK;
6744 }
6745
6746 if (changes & BSS_CHANGED_HT) {
6747 IWL_DEBUG_MAC80211("HT %d\n", bss_conf->assoc_ht);
6748 iwl4965_ht_conf(priv, bss_conf);
6749 iwl4965_set_rxon_chain(priv);
6750 }
6751
6752 if (changes & BSS_CHANGED_ASSOC) {
6753 IWL_DEBUG_MAC80211("ASSOC %d\n", bss_conf->assoc);
6754 if (bss_conf->assoc) {
6755 priv->assoc_id = bss_conf->aid;
6756 priv->beacon_int = bss_conf->beacon_int;
6757 priv->timestamp = bss_conf->timestamp;
6758 priv->assoc_capability = bss_conf->assoc_capability;
6759 priv->next_scan_jiffies = jiffies +
6760 IWL_DELAY_NEXT_SCAN_AFTER_ASSOC;
6761 queue_work(priv->workqueue, &priv->post_associate.work);
6762 } else {
6763 priv->assoc_id = 0;
6764 IWL_DEBUG_MAC80211("DISASSOC %d\n", bss_conf->assoc);
6765 }
6766 } else if (changes && iwl_is_associated(priv) && priv->assoc_id) {
6767 IWL_DEBUG_MAC80211("Associated Changes %d\n", changes);
6768 iwl4965_send_rxon_assoc(priv);
6769 }
6770
6771 }
6772
6773 static int iwl4965_mac_hw_scan(struct ieee80211_hw *hw, u8 *ssid, size_t len)
6774 {
6775 int rc = 0;
6776 unsigned long flags;
6777 struct iwl_priv *priv = hw->priv;
6778
6779 IWL_DEBUG_MAC80211("enter\n");
6780
6781 mutex_lock(&priv->mutex);
6782 spin_lock_irqsave(&priv->lock, flags);
6783
6784 if (!iwl_is_ready_rf(priv)) {
6785 rc = -EIO;
6786 IWL_DEBUG_MAC80211("leave - not ready or exit pending\n");
6787 goto out_unlock;
6788 }
6789
6790 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) { /* APs don't scan */
6791 rc = -EIO;
6792 IWL_ERROR("ERROR: APs don't scan\n");
6793 goto out_unlock;
6794 }
6795
6796 /* we don't schedule scan within next_scan_jiffies period */
6797 if (priv->next_scan_jiffies &&
6798 time_after(priv->next_scan_jiffies, jiffies)) {
6799 rc = -EAGAIN;
6800 goto out_unlock;
6801 }
6802 /* if we just finished scan ask for delay */
6803 if (priv->last_scan_jiffies && time_after(priv->last_scan_jiffies +
6804 IWL_DELAY_NEXT_SCAN, jiffies)) {
6805 rc = -EAGAIN;
6806 goto out_unlock;
6807 }
6808 if (len) {
6809 IWL_DEBUG_SCAN("direct scan for %s [%d]\n ",
6810 iwl4965_escape_essid(ssid, len), (int)len);
6811
6812 priv->one_direct_scan = 1;
6813 priv->direct_ssid_len = (u8)
6814 min((u8) len, (u8) IW_ESSID_MAX_SIZE);
6815 memcpy(priv->direct_ssid, ssid, priv->direct_ssid_len);
6816 } else
6817 priv->one_direct_scan = 0;
6818
6819 rc = iwl4965_scan_initiate(priv);
6820
6821 IWL_DEBUG_MAC80211("leave\n");
6822
6823 out_unlock:
6824 spin_unlock_irqrestore(&priv->lock, flags);
6825 mutex_unlock(&priv->mutex);
6826
6827 return rc;
6828 }
6829
6830 static void iwl4965_mac_update_tkip_key(struct ieee80211_hw *hw,
6831 struct ieee80211_key_conf *keyconf, const u8 *addr,
6832 u32 iv32, u16 *phase1key)
6833 {
6834 struct iwl_priv *priv = hw->priv;
6835 u8 sta_id = IWL_INVALID_STATION;
6836 unsigned long flags;
6837 __le16 key_flags = 0;
6838 int i;
6839 DECLARE_MAC_BUF(mac);
6840
6841 IWL_DEBUG_MAC80211("enter\n");
6842
6843 sta_id = iwl4965_hw_find_station(priv, addr);
6844 if (sta_id == IWL_INVALID_STATION) {
6845 IWL_DEBUG_MAC80211("leave - %s not in station map.\n",
6846 print_mac(mac, addr));
6847 return;
6848 }
6849
6850 iwl4965_scan_cancel_timeout(priv, 100);
6851
6852 key_flags |= (STA_KEY_FLG_TKIP | STA_KEY_FLG_MAP_KEY_MSK);
6853 key_flags |= cpu_to_le16(keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
6854 key_flags &= ~STA_KEY_FLG_INVALID;
6855
6856 if (sta_id == priv->hw_setting.bcast_sta_id)
6857 key_flags |= STA_KEY_MULTICAST_MSK;
6858
6859 spin_lock_irqsave(&priv->sta_lock, flags);
6860
6861 priv->stations[sta_id].sta.key.key_offset =
6862 iwl_get_free_ucode_key_index(priv);
6863 priv->stations[sta_id].sta.key.key_flags = key_flags;
6864 priv->stations[sta_id].sta.key.tkip_rx_tsc_byte2 = (u8) iv32;
6865
6866 for (i = 0; i < 5; i++)
6867 priv->stations[sta_id].sta.key.tkip_rx_ttak[i] =
6868 cpu_to_le16(phase1key[i]);
6869
6870 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
6871 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
6872
6873 iwl4965_send_add_station(priv, &priv->stations[sta_id].sta, CMD_ASYNC);
6874
6875 spin_unlock_irqrestore(&priv->sta_lock, flags);
6876
6877 IWL_DEBUG_MAC80211("leave\n");
6878 }
6879
6880 static int iwl4965_mac_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
6881 const u8 *local_addr, const u8 *addr,
6882 struct ieee80211_key_conf *key)
6883 {
6884 struct iwl_priv *priv = hw->priv;
6885 DECLARE_MAC_BUF(mac);
6886 int ret = 0;
6887 u8 sta_id = IWL_INVALID_STATION;
6888 u8 is_default_wep_key = 0;
6889
6890 IWL_DEBUG_MAC80211("enter\n");
6891
6892 if (!priv->cfg->mod_params->hw_crypto) {
6893 IWL_DEBUG_MAC80211("leave - hwcrypto disabled\n");
6894 return -EOPNOTSUPP;
6895 }
6896
6897 if (is_zero_ether_addr(addr))
6898 /* only support pairwise keys */
6899 return -EOPNOTSUPP;
6900
6901 sta_id = iwl4965_hw_find_station(priv, addr);
6902 if (sta_id == IWL_INVALID_STATION) {
6903 IWL_DEBUG_MAC80211("leave - %s not in station map.\n",
6904 print_mac(mac, addr));
6905 return -EINVAL;
6906
6907 }
6908
6909 mutex_lock(&priv->mutex);
6910 iwl4965_scan_cancel_timeout(priv, 100);
6911 mutex_unlock(&priv->mutex);
6912
6913 /* If we are getting WEP group key and we didn't receive any key mapping
6914 * so far, we are in legacy wep mode (group key only), otherwise we are
6915 * in 1X mode.
6916 * In legacy wep mode, we use another host command to the uCode */
6917 if (key->alg == ALG_WEP && sta_id == priv->hw_setting.bcast_sta_id &&
6918 priv->iw_mode != IEEE80211_IF_TYPE_AP) {
6919 if (cmd == SET_KEY)
6920 is_default_wep_key = !priv->key_mapping_key;
6921 else
6922 is_default_wep_key = priv->default_wep_key;
6923 }
6924
6925 switch (cmd) {
6926 case SET_KEY:
6927 if (is_default_wep_key)
6928 ret = iwl_set_default_wep_key(priv, key);
6929 else
6930 ret = iwl_set_dynamic_key(priv, key, sta_id);
6931
6932 IWL_DEBUG_MAC80211("enable hwcrypto key\n");
6933 break;
6934 case DISABLE_KEY:
6935 if (is_default_wep_key)
6936 ret = iwl_remove_default_wep_key(priv, key);
6937 else
6938 ret = iwl_remove_dynamic_key(priv, sta_id);
6939
6940 IWL_DEBUG_MAC80211("disable hwcrypto key\n");
6941 break;
6942 default:
6943 ret = -EINVAL;
6944 }
6945
6946 IWL_DEBUG_MAC80211("leave\n");
6947
6948 return ret;
6949 }
6950
6951 static int iwl4965_mac_conf_tx(struct ieee80211_hw *hw, int queue,
6952 const struct ieee80211_tx_queue_params *params)
6953 {
6954 struct iwl_priv *priv = hw->priv;
6955 unsigned long flags;
6956 int q;
6957
6958 IWL_DEBUG_MAC80211("enter\n");
6959
6960 if (!iwl_is_ready_rf(priv)) {
6961 IWL_DEBUG_MAC80211("leave - RF not ready\n");
6962 return -EIO;
6963 }
6964
6965 if (queue >= AC_NUM) {
6966 IWL_DEBUG_MAC80211("leave - queue >= AC_NUM %d\n", queue);
6967 return 0;
6968 }
6969
6970 if (!priv->qos_data.qos_enable) {
6971 priv->qos_data.qos_active = 0;
6972 IWL_DEBUG_MAC80211("leave - qos not enabled\n");
6973 return 0;
6974 }
6975 q = AC_NUM - 1 - queue;
6976
6977 spin_lock_irqsave(&priv->lock, flags);
6978
6979 priv->qos_data.def_qos_parm.ac[q].cw_min = cpu_to_le16(params->cw_min);
6980 priv->qos_data.def_qos_parm.ac[q].cw_max = cpu_to_le16(params->cw_max);
6981 priv->qos_data.def_qos_parm.ac[q].aifsn = params->aifs;
6982 priv->qos_data.def_qos_parm.ac[q].edca_txop =
6983 cpu_to_le16((params->txop * 32));
6984
6985 priv->qos_data.def_qos_parm.ac[q].reserved1 = 0;
6986 priv->qos_data.qos_active = 1;
6987
6988 spin_unlock_irqrestore(&priv->lock, flags);
6989
6990 mutex_lock(&priv->mutex);
6991 if (priv->iw_mode == IEEE80211_IF_TYPE_AP)
6992 iwl4965_activate_qos(priv, 1);
6993 else if (priv->assoc_id && iwl_is_associated(priv))
6994 iwl4965_activate_qos(priv, 0);
6995
6996 mutex_unlock(&priv->mutex);
6997
6998 IWL_DEBUG_MAC80211("leave\n");
6999 return 0;
7000 }
7001
7002 static int iwl4965_mac_get_tx_stats(struct ieee80211_hw *hw,
7003 struct ieee80211_tx_queue_stats *stats)
7004 {
7005 struct iwl_priv *priv = hw->priv;
7006 int i, avail;
7007 struct iwl4965_tx_queue *txq;
7008 struct iwl4965_queue *q;
7009 unsigned long flags;
7010
7011 IWL_DEBUG_MAC80211("enter\n");
7012
7013 if (!iwl_is_ready_rf(priv)) {
7014 IWL_DEBUG_MAC80211("leave - RF not ready\n");
7015 return -EIO;
7016 }
7017
7018 spin_lock_irqsave(&priv->lock, flags);
7019
7020 for (i = 0; i < AC_NUM; i++) {
7021 txq = &priv->txq[i];
7022 q = &txq->q;
7023 avail = iwl4965_queue_space(q);
7024
7025 stats->data[i].len = q->n_window - avail;
7026 stats->data[i].limit = q->n_window - q->high_mark;
7027 stats->data[i].count = q->n_window;
7028
7029 }
7030 spin_unlock_irqrestore(&priv->lock, flags);
7031
7032 IWL_DEBUG_MAC80211("leave\n");
7033
7034 return 0;
7035 }
7036
7037 static int iwl4965_mac_get_stats(struct ieee80211_hw *hw,
7038 struct ieee80211_low_level_stats *stats)
7039 {
7040 IWL_DEBUG_MAC80211("enter\n");
7041 IWL_DEBUG_MAC80211("leave\n");
7042
7043 return 0;
7044 }
7045
7046 static u64 iwl4965_mac_get_tsf(struct ieee80211_hw *hw)
7047 {
7048 IWL_DEBUG_MAC80211("enter\n");
7049 IWL_DEBUG_MAC80211("leave\n");
7050
7051 return 0;
7052 }
7053
7054 static void iwl4965_mac_reset_tsf(struct ieee80211_hw *hw)
7055 {
7056 struct iwl_priv *priv = hw->priv;
7057 unsigned long flags;
7058
7059 mutex_lock(&priv->mutex);
7060 IWL_DEBUG_MAC80211("enter\n");
7061
7062 priv->lq_mngr.lq_ready = 0;
7063 #ifdef CONFIG_IWL4965_HT
7064 spin_lock_irqsave(&priv->lock, flags);
7065 memset(&priv->current_ht_config, 0, sizeof(struct iwl_ht_info));
7066 spin_unlock_irqrestore(&priv->lock, flags);
7067 #endif /* CONFIG_IWL4965_HT */
7068
7069 iwlcore_reset_qos(priv);
7070
7071 cancel_delayed_work(&priv->post_associate);
7072
7073 spin_lock_irqsave(&priv->lock, flags);
7074 priv->assoc_id = 0;
7075 priv->assoc_capability = 0;
7076 priv->assoc_station_added = 0;
7077
7078 /* new association get rid of ibss beacon skb */
7079 if (priv->ibss_beacon)
7080 dev_kfree_skb(priv->ibss_beacon);
7081
7082 priv->ibss_beacon = NULL;
7083
7084 priv->beacon_int = priv->hw->conf.beacon_int;
7085 priv->timestamp = 0;
7086 if ((priv->iw_mode == IEEE80211_IF_TYPE_STA))
7087 priv->beacon_int = 0;
7088
7089 spin_unlock_irqrestore(&priv->lock, flags);
7090
7091 if (!iwl_is_ready_rf(priv)) {
7092 IWL_DEBUG_MAC80211("leave - not ready\n");
7093 mutex_unlock(&priv->mutex);
7094 return;
7095 }
7096
7097 /* we are restarting association process
7098 * clear RXON_FILTER_ASSOC_MSK bit
7099 */
7100 if (priv->iw_mode != IEEE80211_IF_TYPE_AP) {
7101 iwl4965_scan_cancel_timeout(priv, 100);
7102 priv->staging_rxon.filter_flags &= ~RXON_FILTER_ASSOC_MSK;
7103 iwl4965_commit_rxon(priv);
7104 }
7105
7106 /* Per mac80211.h: This is only used in IBSS mode... */
7107 if (priv->iw_mode != IEEE80211_IF_TYPE_IBSS) {
7108
7109 IWL_DEBUG_MAC80211("leave - not in IBSS\n");
7110 mutex_unlock(&priv->mutex);
7111 return;
7112 }
7113
7114 priv->only_active_channel = 0;
7115
7116 iwl4965_set_rate(priv);
7117
7118 mutex_unlock(&priv->mutex);
7119
7120 IWL_DEBUG_MAC80211("leave\n");
7121 }
7122
7123 static int iwl4965_mac_beacon_update(struct ieee80211_hw *hw, struct sk_buff *skb,
7124 struct ieee80211_tx_control *control)
7125 {
7126 struct iwl_priv *priv = hw->priv;
7127 unsigned long flags;
7128
7129 mutex_lock(&priv->mutex);
7130 IWL_DEBUG_MAC80211("enter\n");
7131
7132 if (!iwl_is_ready_rf(priv)) {
7133 IWL_DEBUG_MAC80211("leave - RF not ready\n");
7134 mutex_unlock(&priv->mutex);
7135 return -EIO;
7136 }
7137
7138 if (priv->iw_mode != IEEE80211_IF_TYPE_IBSS) {
7139 IWL_DEBUG_MAC80211("leave - not IBSS\n");
7140 mutex_unlock(&priv->mutex);
7141 return -EIO;
7142 }
7143
7144 spin_lock_irqsave(&priv->lock, flags);
7145
7146 if (priv->ibss_beacon)
7147 dev_kfree_skb(priv->ibss_beacon);
7148
7149 priv->ibss_beacon = skb;
7150
7151 priv->assoc_id = 0;
7152
7153 IWL_DEBUG_MAC80211("leave\n");
7154 spin_unlock_irqrestore(&priv->lock, flags);
7155
7156 iwlcore_reset_qos(priv);
7157
7158 queue_work(priv->workqueue, &priv->post_associate.work);
7159
7160 mutex_unlock(&priv->mutex);
7161
7162 return 0;
7163 }
7164
7165 /*****************************************************************************
7166 *
7167 * sysfs attributes
7168 *
7169 *****************************************************************************/
7170
7171 #ifdef CONFIG_IWLWIFI_DEBUG
7172
7173 /*
7174 * The following adds a new attribute to the sysfs representation
7175 * of this device driver (i.e. a new file in /sys/bus/pci/drivers/iwl/)
7176 * used for controlling the debug level.
7177 *
7178 * See the level definitions in iwl for details.
7179 */
7180
7181 static ssize_t show_debug_level(struct device_driver *d, char *buf)
7182 {
7183 return sprintf(buf, "0x%08X\n", iwl_debug_level);
7184 }
7185 static ssize_t store_debug_level(struct device_driver *d,
7186 const char *buf, size_t count)
7187 {
7188 char *p = (char *)buf;
7189 u32 val;
7190
7191 val = simple_strtoul(p, &p, 0);
7192 if (p == buf)
7193 printk(KERN_INFO DRV_NAME
7194 ": %s is not in hex or decimal form.\n", buf);
7195 else
7196 iwl_debug_level = val;
7197
7198 return strnlen(buf, count);
7199 }
7200
7201 static DRIVER_ATTR(debug_level, S_IWUSR | S_IRUGO,
7202 show_debug_level, store_debug_level);
7203
7204 #endif /* CONFIG_IWLWIFI_DEBUG */
7205
7206
7207 static ssize_t show_temperature(struct device *d,
7208 struct device_attribute *attr, char *buf)
7209 {
7210 struct iwl_priv *priv = (struct iwl_priv *)d->driver_data;
7211
7212 if (!iwl_is_alive(priv))
7213 return -EAGAIN;
7214
7215 return sprintf(buf, "%d\n", iwl4965_hw_get_temperature(priv));
7216 }
7217
7218 static DEVICE_ATTR(temperature, S_IRUGO, show_temperature, NULL);
7219
7220 static ssize_t show_rs_window(struct device *d,
7221 struct device_attribute *attr,
7222 char *buf)
7223 {
7224 struct iwl_priv *priv = d->driver_data;
7225 return iwl4965_fill_rs_info(priv->hw, buf, IWL_AP_ID);
7226 }
7227 static DEVICE_ATTR(rs_window, S_IRUGO, show_rs_window, NULL);
7228
7229 static ssize_t show_tx_power(struct device *d,
7230 struct device_attribute *attr, char *buf)
7231 {
7232 struct iwl_priv *priv = (struct iwl_priv *)d->driver_data;
7233 return sprintf(buf, "%d\n", priv->user_txpower_limit);
7234 }
7235
7236 static ssize_t store_tx_power(struct device *d,
7237 struct device_attribute *attr,
7238 const char *buf, size_t count)
7239 {
7240 struct iwl_priv *priv = (struct iwl_priv *)d->driver_data;
7241 char *p = (char *)buf;
7242 u32 val;
7243
7244 val = simple_strtoul(p, &p, 10);
7245 if (p == buf)
7246 printk(KERN_INFO DRV_NAME
7247 ": %s is not in decimal form.\n", buf);
7248 else
7249 iwl4965_hw_reg_set_txpower(priv, val);
7250
7251 return count;
7252 }
7253
7254 static DEVICE_ATTR(tx_power, S_IWUSR | S_IRUGO, show_tx_power, store_tx_power);
7255
7256 static ssize_t show_flags(struct device *d,
7257 struct device_attribute *attr, char *buf)
7258 {
7259 struct iwl_priv *priv = (struct iwl_priv *)d->driver_data;
7260
7261 return sprintf(buf, "0x%04X\n", priv->active_rxon.flags);
7262 }
7263
7264 static ssize_t store_flags(struct device *d,
7265 struct device_attribute *attr,
7266 const char *buf, size_t count)
7267 {
7268 struct iwl_priv *priv = (struct iwl_priv *)d->driver_data;
7269 u32 flags = simple_strtoul(buf, NULL, 0);
7270
7271 mutex_lock(&priv->mutex);
7272 if (le32_to_cpu(priv->staging_rxon.flags) != flags) {
7273 /* Cancel any currently running scans... */
7274 if (iwl4965_scan_cancel_timeout(priv, 100))
7275 IWL_WARNING("Could not cancel scan.\n");
7276 else {
7277 IWL_DEBUG_INFO("Committing rxon.flags = 0x%04X\n",
7278 flags);
7279 priv->staging_rxon.flags = cpu_to_le32(flags);
7280 iwl4965_commit_rxon(priv);
7281 }
7282 }
7283 mutex_unlock(&priv->mutex);
7284
7285 return count;
7286 }
7287
7288 static DEVICE_ATTR(flags, S_IWUSR | S_IRUGO, show_flags, store_flags);
7289
7290 static ssize_t show_filter_flags(struct device *d,
7291 struct device_attribute *attr, char *buf)
7292 {
7293 struct iwl_priv *priv = (struct iwl_priv *)d->driver_data;
7294
7295 return sprintf(buf, "0x%04X\n",
7296 le32_to_cpu(priv->active_rxon.filter_flags));
7297 }
7298
7299 static ssize_t store_filter_flags(struct device *d,
7300 struct device_attribute *attr,
7301 const char *buf, size_t count)
7302 {
7303 struct iwl_priv *priv = (struct iwl_priv *)d->driver_data;
7304 u32 filter_flags = simple_strtoul(buf, NULL, 0);
7305
7306 mutex_lock(&priv->mutex);
7307 if (le32_to_cpu(priv->staging_rxon.filter_flags) != filter_flags) {
7308 /* Cancel any currently running scans... */
7309 if (iwl4965_scan_cancel_timeout(priv, 100))
7310 IWL_WARNING("Could not cancel scan.\n");
7311 else {
7312 IWL_DEBUG_INFO("Committing rxon.filter_flags = "
7313 "0x%04X\n", filter_flags);
7314 priv->staging_rxon.filter_flags =
7315 cpu_to_le32(filter_flags);
7316 iwl4965_commit_rxon(priv);
7317 }
7318 }
7319 mutex_unlock(&priv->mutex);
7320
7321 return count;
7322 }
7323
7324 static DEVICE_ATTR(filter_flags, S_IWUSR | S_IRUGO, show_filter_flags,
7325 store_filter_flags);
7326
7327 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
7328
7329 static ssize_t show_measurement(struct device *d,
7330 struct device_attribute *attr, char *buf)
7331 {
7332 struct iwl_priv *priv = dev_get_drvdata(d);
7333 struct iwl4965_spectrum_notification measure_report;
7334 u32 size = sizeof(measure_report), len = 0, ofs = 0;
7335 u8 *data = (u8 *) & measure_report;
7336 unsigned long flags;
7337
7338 spin_lock_irqsave(&priv->lock, flags);
7339 if (!(priv->measurement_status & MEASUREMENT_READY)) {
7340 spin_unlock_irqrestore(&priv->lock, flags);
7341 return 0;
7342 }
7343 memcpy(&measure_report, &priv->measure_report, size);
7344 priv->measurement_status = 0;
7345 spin_unlock_irqrestore(&priv->lock, flags);
7346
7347 while (size && (PAGE_SIZE - len)) {
7348 hex_dump_to_buffer(data + ofs, size, 16, 1, buf + len,
7349 PAGE_SIZE - len, 1);
7350 len = strlen(buf);
7351 if (PAGE_SIZE - len)
7352 buf[len++] = '\n';
7353
7354 ofs += 16;
7355 size -= min(size, 16U);
7356 }
7357
7358 return len;
7359 }
7360
7361 static ssize_t store_measurement(struct device *d,
7362 struct device_attribute *attr,
7363 const char *buf, size_t count)
7364 {
7365 struct iwl_priv *priv = dev_get_drvdata(d);
7366 struct ieee80211_measurement_params params = {
7367 .channel = le16_to_cpu(priv->active_rxon.channel),
7368 .start_time = cpu_to_le64(priv->last_tsf),
7369 .duration = cpu_to_le16(1),
7370 };
7371 u8 type = IWL_MEASURE_BASIC;
7372 u8 buffer[32];
7373 u8 channel;
7374
7375 if (count) {
7376 char *p = buffer;
7377 strncpy(buffer, buf, min(sizeof(buffer), count));
7378 channel = simple_strtoul(p, NULL, 0);
7379 if (channel)
7380 params.channel = channel;
7381
7382 p = buffer;
7383 while (*p && *p != ' ')
7384 p++;
7385 if (*p)
7386 type = simple_strtoul(p + 1, NULL, 0);
7387 }
7388
7389 IWL_DEBUG_INFO("Invoking measurement of type %d on "
7390 "channel %d (for '%s')\n", type, params.channel, buf);
7391 iwl4965_get_measurement(priv, &params, type);
7392
7393 return count;
7394 }
7395
7396 static DEVICE_ATTR(measurement, S_IRUSR | S_IWUSR,
7397 show_measurement, store_measurement);
7398 #endif /* CONFIG_IWL4965_SPECTRUM_MEASUREMENT */
7399
7400 static ssize_t store_retry_rate(struct device *d,
7401 struct device_attribute *attr,
7402 const char *buf, size_t count)
7403 {
7404 struct iwl_priv *priv = dev_get_drvdata(d);
7405
7406 priv->retry_rate = simple_strtoul(buf, NULL, 0);
7407 if (priv->retry_rate <= 0)
7408 priv->retry_rate = 1;
7409
7410 return count;
7411 }
7412
7413 static ssize_t show_retry_rate(struct device *d,
7414 struct device_attribute *attr, char *buf)
7415 {
7416 struct iwl_priv *priv = dev_get_drvdata(d);
7417 return sprintf(buf, "%d", priv->retry_rate);
7418 }
7419
7420 static DEVICE_ATTR(retry_rate, S_IWUSR | S_IRUSR, show_retry_rate,
7421 store_retry_rate);
7422
7423 static ssize_t store_power_level(struct device *d,
7424 struct device_attribute *attr,
7425 const char *buf, size_t count)
7426 {
7427 struct iwl_priv *priv = dev_get_drvdata(d);
7428 int rc;
7429 int mode;
7430
7431 mode = simple_strtoul(buf, NULL, 0);
7432 mutex_lock(&priv->mutex);
7433
7434 if (!iwl_is_ready(priv)) {
7435 rc = -EAGAIN;
7436 goto out;
7437 }
7438
7439 if ((mode < 1) || (mode > IWL_POWER_LIMIT) || (mode == IWL_POWER_AC))
7440 mode = IWL_POWER_AC;
7441 else
7442 mode |= IWL_POWER_ENABLED;
7443
7444 if (mode != priv->power_mode) {
7445 rc = iwl4965_send_power_mode(priv, IWL_POWER_LEVEL(mode));
7446 if (rc) {
7447 IWL_DEBUG_MAC80211("failed setting power mode.\n");
7448 goto out;
7449 }
7450 priv->power_mode = mode;
7451 }
7452
7453 rc = count;
7454
7455 out:
7456 mutex_unlock(&priv->mutex);
7457 return rc;
7458 }
7459
7460 #define MAX_WX_STRING 80
7461
7462 /* Values are in microsecond */
7463 static const s32 timeout_duration[] = {
7464 350000,
7465 250000,
7466 75000,
7467 37000,
7468 25000,
7469 };
7470 static const s32 period_duration[] = {
7471 400000,
7472 700000,
7473 1000000,
7474 1000000,
7475 1000000
7476 };
7477
7478 static ssize_t show_power_level(struct device *d,
7479 struct device_attribute *attr, char *buf)
7480 {
7481 struct iwl_priv *priv = dev_get_drvdata(d);
7482 int level = IWL_POWER_LEVEL(priv->power_mode);
7483 char *p = buf;
7484
7485 p += sprintf(p, "%d ", level);
7486 switch (level) {
7487 case IWL_POWER_MODE_CAM:
7488 case IWL_POWER_AC:
7489 p += sprintf(p, "(AC)");
7490 break;
7491 case IWL_POWER_BATTERY:
7492 p += sprintf(p, "(BATTERY)");
7493 break;
7494 default:
7495 p += sprintf(p,
7496 "(Timeout %dms, Period %dms)",
7497 timeout_duration[level - 1] / 1000,
7498 period_duration[level - 1] / 1000);
7499 }
7500
7501 if (!(priv->power_mode & IWL_POWER_ENABLED))
7502 p += sprintf(p, " OFF\n");
7503 else
7504 p += sprintf(p, " \n");
7505
7506 return (p - buf + 1);
7507
7508 }
7509
7510 static DEVICE_ATTR(power_level, S_IWUSR | S_IRUSR, show_power_level,
7511 store_power_level);
7512
7513 static ssize_t show_channels(struct device *d,
7514 struct device_attribute *attr, char *buf)
7515 {
7516 /* all this shit doesn't belong into sysfs anyway */
7517 return 0;
7518 }
7519
7520 static DEVICE_ATTR(channels, S_IRUSR, show_channels, NULL);
7521
7522 static ssize_t show_statistics(struct device *d,
7523 struct device_attribute *attr, char *buf)
7524 {
7525 struct iwl_priv *priv = dev_get_drvdata(d);
7526 u32 size = sizeof(struct iwl4965_notif_statistics);
7527 u32 len = 0, ofs = 0;
7528 u8 *data = (u8 *) & priv->statistics;
7529 int rc = 0;
7530
7531 if (!iwl_is_alive(priv))
7532 return -EAGAIN;
7533
7534 mutex_lock(&priv->mutex);
7535 rc = iwl4965_send_statistics_request(priv);
7536 mutex_unlock(&priv->mutex);
7537
7538 if (rc) {
7539 len = sprintf(buf,
7540 "Error sending statistics request: 0x%08X\n", rc);
7541 return len;
7542 }
7543
7544 while (size && (PAGE_SIZE - len)) {
7545 hex_dump_to_buffer(data + ofs, size, 16, 1, buf + len,
7546 PAGE_SIZE - len, 1);
7547 len = strlen(buf);
7548 if (PAGE_SIZE - len)
7549 buf[len++] = '\n';
7550
7551 ofs += 16;
7552 size -= min(size, 16U);
7553 }
7554
7555 return len;
7556 }
7557
7558 static DEVICE_ATTR(statistics, S_IRUGO, show_statistics, NULL);
7559
7560 static ssize_t show_antenna(struct device *d,
7561 struct device_attribute *attr, char *buf)
7562 {
7563 struct iwl_priv *priv = dev_get_drvdata(d);
7564
7565 if (!iwl_is_alive(priv))
7566 return -EAGAIN;
7567
7568 return sprintf(buf, "%d\n", priv->antenna);
7569 }
7570
7571 static ssize_t store_antenna(struct device *d,
7572 struct device_attribute *attr,
7573 const char *buf, size_t count)
7574 {
7575 int ant;
7576 struct iwl_priv *priv = dev_get_drvdata(d);
7577
7578 if (count == 0)
7579 return 0;
7580
7581 if (sscanf(buf, "%1i", &ant) != 1) {
7582 IWL_DEBUG_INFO("not in hex or decimal form.\n");
7583 return count;
7584 }
7585
7586 if ((ant >= 0) && (ant <= 2)) {
7587 IWL_DEBUG_INFO("Setting antenna select to %d.\n", ant);
7588 priv->antenna = (enum iwl4965_antenna)ant;
7589 } else
7590 IWL_DEBUG_INFO("Bad antenna select value %d.\n", ant);
7591
7592
7593 return count;
7594 }
7595
7596 static DEVICE_ATTR(antenna, S_IWUSR | S_IRUGO, show_antenna, store_antenna);
7597
7598 static ssize_t show_status(struct device *d,
7599 struct device_attribute *attr, char *buf)
7600 {
7601 struct iwl_priv *priv = (struct iwl_priv *)d->driver_data;
7602 if (!iwl_is_alive(priv))
7603 return -EAGAIN;
7604 return sprintf(buf, "0x%08x\n", (int)priv->status);
7605 }
7606
7607 static DEVICE_ATTR(status, S_IRUGO, show_status, NULL);
7608
7609 static ssize_t dump_error_log(struct device *d,
7610 struct device_attribute *attr,
7611 const char *buf, size_t count)
7612 {
7613 char *p = (char *)buf;
7614
7615 if (p[0] == '1')
7616 iwl4965_dump_nic_error_log((struct iwl_priv *)d->driver_data);
7617
7618 return strnlen(buf, count);
7619 }
7620
7621 static DEVICE_ATTR(dump_errors, S_IWUSR, NULL, dump_error_log);
7622
7623 static ssize_t dump_event_log(struct device *d,
7624 struct device_attribute *attr,
7625 const char *buf, size_t count)
7626 {
7627 char *p = (char *)buf;
7628
7629 if (p[0] == '1')
7630 iwl4965_dump_nic_event_log((struct iwl_priv *)d->driver_data);
7631
7632 return strnlen(buf, count);
7633 }
7634
7635 static DEVICE_ATTR(dump_events, S_IWUSR, NULL, dump_event_log);
7636
7637 /*****************************************************************************
7638 *
7639 * driver setup and teardown
7640 *
7641 *****************************************************************************/
7642
7643 static void iwl4965_setup_deferred_work(struct iwl_priv *priv)
7644 {
7645 priv->workqueue = create_workqueue(DRV_NAME);
7646
7647 init_waitqueue_head(&priv->wait_command_queue);
7648
7649 INIT_WORK(&priv->up, iwl4965_bg_up);
7650 INIT_WORK(&priv->restart, iwl4965_bg_restart);
7651 INIT_WORK(&priv->rx_replenish, iwl4965_bg_rx_replenish);
7652 INIT_WORK(&priv->scan_completed, iwl4965_bg_scan_completed);
7653 INIT_WORK(&priv->request_scan, iwl4965_bg_request_scan);
7654 INIT_WORK(&priv->abort_scan, iwl4965_bg_abort_scan);
7655 INIT_WORK(&priv->rf_kill, iwl4965_bg_rf_kill);
7656 INIT_WORK(&priv->beacon_update, iwl4965_bg_beacon_update);
7657 INIT_DELAYED_WORK(&priv->post_associate, iwl4965_bg_post_associate);
7658 INIT_DELAYED_WORK(&priv->init_alive_start, iwl4965_bg_init_alive_start);
7659 INIT_DELAYED_WORK(&priv->alive_start, iwl4965_bg_alive_start);
7660 INIT_DELAYED_WORK(&priv->scan_check, iwl4965_bg_scan_check);
7661
7662 iwl4965_hw_setup_deferred_work(priv);
7663
7664 tasklet_init(&priv->irq_tasklet, (void (*)(unsigned long))
7665 iwl4965_irq_tasklet, (unsigned long)priv);
7666 }
7667
7668 static void iwl4965_cancel_deferred_work(struct iwl_priv *priv)
7669 {
7670 iwl4965_hw_cancel_deferred_work(priv);
7671
7672 cancel_delayed_work_sync(&priv->init_alive_start);
7673 cancel_delayed_work(&priv->scan_check);
7674 cancel_delayed_work(&priv->alive_start);
7675 cancel_delayed_work(&priv->post_associate);
7676 cancel_work_sync(&priv->beacon_update);
7677 }
7678
7679 static struct attribute *iwl4965_sysfs_entries[] = {
7680 &dev_attr_antenna.attr,
7681 &dev_attr_channels.attr,
7682 &dev_attr_dump_errors.attr,
7683 &dev_attr_dump_events.attr,
7684 &dev_attr_flags.attr,
7685 &dev_attr_filter_flags.attr,
7686 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
7687 &dev_attr_measurement.attr,
7688 #endif
7689 &dev_attr_power_level.attr,
7690 &dev_attr_retry_rate.attr,
7691 &dev_attr_rs_window.attr,
7692 &dev_attr_statistics.attr,
7693 &dev_attr_status.attr,
7694 &dev_attr_temperature.attr,
7695 &dev_attr_tx_power.attr,
7696
7697 NULL
7698 };
7699
7700 static struct attribute_group iwl4965_attribute_group = {
7701 .name = NULL, /* put in device directory */
7702 .attrs = iwl4965_sysfs_entries,
7703 };
7704
7705 static struct ieee80211_ops iwl4965_hw_ops = {
7706 .tx = iwl4965_mac_tx,
7707 .start = iwl4965_mac_start,
7708 .stop = iwl4965_mac_stop,
7709 .add_interface = iwl4965_mac_add_interface,
7710 .remove_interface = iwl4965_mac_remove_interface,
7711 .config = iwl4965_mac_config,
7712 .config_interface = iwl4965_mac_config_interface,
7713 .configure_filter = iwl4965_configure_filter,
7714 .set_key = iwl4965_mac_set_key,
7715 .update_tkip_key = iwl4965_mac_update_tkip_key,
7716 .get_stats = iwl4965_mac_get_stats,
7717 .get_tx_stats = iwl4965_mac_get_tx_stats,
7718 .conf_tx = iwl4965_mac_conf_tx,
7719 .get_tsf = iwl4965_mac_get_tsf,
7720 .reset_tsf = iwl4965_mac_reset_tsf,
7721 .beacon_update = iwl4965_mac_beacon_update,
7722 .bss_info_changed = iwl4965_bss_info_changed,
7723 #ifdef CONFIG_IWL4965_HT
7724 .ampdu_action = iwl4965_mac_ampdu_action,
7725 #endif /* CONFIG_IWL4965_HT */
7726 .hw_scan = iwl4965_mac_hw_scan
7727 };
7728
7729 static int iwl4965_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
7730 {
7731 int err = 0;
7732 struct iwl_priv *priv;
7733 struct ieee80211_hw *hw;
7734 struct iwl_cfg *cfg = (struct iwl_cfg *)(ent->driver_data);
7735 unsigned long flags;
7736 DECLARE_MAC_BUF(mac);
7737
7738 /************************
7739 * 1. Allocating HW data
7740 ************************/
7741
7742 /* Disabling hardware scan means that mac80211 will perform scans
7743 * "the hard way", rather than using device's scan. */
7744 if (cfg->mod_params->disable_hw_scan) {
7745 IWL_DEBUG_INFO("Disabling hw_scan\n");
7746 iwl4965_hw_ops.hw_scan = NULL;
7747 }
7748
7749 hw = iwl_alloc_all(cfg, &iwl4965_hw_ops);
7750 if (!hw) {
7751 err = -ENOMEM;
7752 goto out;
7753 }
7754 priv = hw->priv;
7755 /* At this point both hw and priv are allocated. */
7756
7757 SET_IEEE80211_DEV(hw, &pdev->dev);
7758
7759 IWL_DEBUG_INFO("*** LOAD DRIVER ***\n");
7760 priv->cfg = cfg;
7761 priv->pci_dev = pdev;
7762
7763 #ifdef CONFIG_IWLWIFI_DEBUG
7764 iwl_debug_level = priv->cfg->mod_params->debug;
7765 atomic_set(&priv->restrict_refcnt, 0);
7766 #endif
7767
7768 /**************************
7769 * 2. Initializing PCI bus
7770 **************************/
7771 if (pci_enable_device(pdev)) {
7772 err = -ENODEV;
7773 goto out_ieee80211_free_hw;
7774 }
7775
7776 pci_set_master(pdev);
7777
7778 err = pci_set_dma_mask(pdev, DMA_32BIT_MASK);
7779 if (!err)
7780 err = pci_set_consistent_dma_mask(pdev, DMA_32BIT_MASK);
7781 if (err) {
7782 printk(KERN_WARNING DRV_NAME
7783 ": No suitable DMA available.\n");
7784 goto out_pci_disable_device;
7785 }
7786
7787 err = pci_request_regions(pdev, DRV_NAME);
7788 if (err)
7789 goto out_pci_disable_device;
7790
7791 pci_set_drvdata(pdev, priv);
7792
7793 /* We disable the RETRY_TIMEOUT register (0x41) to keep
7794 * PCI Tx retries from interfering with C3 CPU state */
7795 pci_write_config_byte(pdev, 0x41, 0x00);
7796
7797 /***********************
7798 * 3. Read REV register
7799 ***********************/
7800 priv->hw_base = pci_iomap(pdev, 0, 0);
7801 if (!priv->hw_base) {
7802 err = -ENODEV;
7803 goto out_pci_release_regions;
7804 }
7805
7806 IWL_DEBUG_INFO("pci_resource_len = 0x%08llx\n",
7807 (unsigned long long) pci_resource_len(pdev, 0));
7808 IWL_DEBUG_INFO("pci_resource_base = %p\n", priv->hw_base);
7809
7810 printk(KERN_INFO DRV_NAME
7811 ": Detected Intel Wireless WiFi Link %s\n", priv->cfg->name);
7812
7813 /*****************
7814 * 4. Read EEPROM
7815 *****************/
7816 /* nic init */
7817 iwl_set_bit(priv, CSR_GIO_CHICKEN_BITS,
7818 CSR_GIO_CHICKEN_BITS_REG_BIT_DIS_L0S_EXIT_TIMER);
7819
7820 iwl_set_bit(priv, CSR_GP_CNTRL, CSR_GP_CNTRL_REG_FLAG_INIT_DONE);
7821 err = iwl_poll_bit(priv, CSR_GP_CNTRL,
7822 CSR_GP_CNTRL_REG_FLAG_MAC_CLOCK_READY,
7823 CSR_GP_CNTRL_REG_FLAG_MAC_CLOCK_READY, 25000);
7824 if (err < 0) {
7825 IWL_DEBUG_INFO("Failed to init the card\n");
7826 goto out_iounmap;
7827 }
7828 /* Read the EEPROM */
7829 err = iwl_eeprom_init(priv);
7830 if (err) {
7831 IWL_ERROR("Unable to init EEPROM\n");
7832 goto out_iounmap;
7833 }
7834 /* MAC Address location in EEPROM same for 3945/4965 */
7835 iwl_eeprom_get_mac(priv, priv->mac_addr);
7836 IWL_DEBUG_INFO("MAC address: %s\n", print_mac(mac, priv->mac_addr));
7837 SET_IEEE80211_PERM_ADDR(priv->hw, priv->mac_addr);
7838
7839 /************************
7840 * 5. Setup HW constants
7841 ************************/
7842 /* Device-specific setup */
7843 if (iwl4965_hw_set_hw_setting(priv)) {
7844 IWL_ERROR("failed to set hw settings\n");
7845 goto out_iounmap;
7846 }
7847
7848 /*******************
7849 * 6. Setup hw/priv
7850 *******************/
7851
7852 err = iwl_setup(priv);
7853 if (err)
7854 goto out_unset_hw_settings;
7855 /* At this point both hw and priv are initialized. */
7856
7857 /**********************************
7858 * 7. Initialize module parameters
7859 **********************************/
7860
7861 /* Disable radio (SW RF KILL) via parameter when loading driver */
7862 if (priv->cfg->mod_params->disable) {
7863 set_bit(STATUS_RF_KILL_SW, &priv->status);
7864 IWL_DEBUG_INFO("Radio disabled.\n");
7865 }
7866
7867 if (priv->cfg->mod_params->enable_qos)
7868 priv->qos_data.qos_enable = 1;
7869
7870 /********************
7871 * 8. Setup services
7872 ********************/
7873 spin_lock_irqsave(&priv->lock, flags);
7874 iwl4965_disable_interrupts(priv);
7875 spin_unlock_irqrestore(&priv->lock, flags);
7876
7877 err = sysfs_create_group(&pdev->dev.kobj, &iwl4965_attribute_group);
7878 if (err) {
7879 IWL_ERROR("failed to create sysfs device attributes\n");
7880 goto out_unset_hw_settings;
7881 }
7882
7883 err = iwl_dbgfs_register(priv, DRV_NAME);
7884 if (err) {
7885 IWL_ERROR("failed to create debugfs files\n");
7886 goto out_remove_sysfs;
7887 }
7888
7889 iwl4965_setup_deferred_work(priv);
7890 iwl4965_setup_rx_handlers(priv);
7891
7892 /********************
7893 * 9. Conclude
7894 ********************/
7895 pci_save_state(pdev);
7896 pci_disable_device(pdev);
7897
7898 /* notify iwlcore to init */
7899 iwlcore_low_level_notify(priv, IWLCORE_INIT_EVT);
7900 return 0;
7901
7902 out_remove_sysfs:
7903 sysfs_remove_group(&pdev->dev.kobj, &iwl4965_attribute_group);
7904 out_unset_hw_settings:
7905 iwl4965_unset_hw_setting(priv);
7906 out_iounmap:
7907 pci_iounmap(pdev, priv->hw_base);
7908 out_pci_release_regions:
7909 pci_release_regions(pdev);
7910 pci_set_drvdata(pdev, NULL);
7911 out_pci_disable_device:
7912 pci_disable_device(pdev);
7913 out_ieee80211_free_hw:
7914 ieee80211_free_hw(priv->hw);
7915 out:
7916 return err;
7917 }
7918
7919 static void __devexit iwl4965_pci_remove(struct pci_dev *pdev)
7920 {
7921 struct iwl_priv *priv = pci_get_drvdata(pdev);
7922 struct list_head *p, *q;
7923 int i;
7924 unsigned long flags;
7925
7926 if (!priv)
7927 return;
7928
7929 IWL_DEBUG_INFO("*** UNLOAD DRIVER ***\n");
7930
7931 if (priv->mac80211_registered) {
7932 ieee80211_unregister_hw(priv->hw);
7933 priv->mac80211_registered = 0;
7934 }
7935
7936 set_bit(STATUS_EXIT_PENDING, &priv->status);
7937
7938 iwl4965_down(priv);
7939
7940 /* make sure we flush any pending irq or
7941 * tasklet for the driver
7942 */
7943 spin_lock_irqsave(&priv->lock, flags);
7944 iwl4965_disable_interrupts(priv);
7945 spin_unlock_irqrestore(&priv->lock, flags);
7946
7947 iwl_synchronize_irq(priv);
7948
7949 /* Free MAC hash list for ADHOC */
7950 for (i = 0; i < IWL_IBSS_MAC_HASH_SIZE; i++) {
7951 list_for_each_safe(p, q, &priv->ibss_mac_hash[i]) {
7952 list_del(p);
7953 kfree(list_entry(p, struct iwl4965_ibss_seq, list));
7954 }
7955 }
7956
7957 iwlcore_low_level_notify(priv, IWLCORE_REMOVE_EVT);
7958 iwl_dbgfs_unregister(priv);
7959 sysfs_remove_group(&pdev->dev.kobj, &iwl4965_attribute_group);
7960
7961 iwl4965_dealloc_ucode_pci(priv);
7962
7963 if (priv->rxq.bd)
7964 iwl4965_rx_queue_free(priv, &priv->rxq);
7965 iwl4965_hw_txq_ctx_free(priv);
7966
7967 iwl4965_unset_hw_setting(priv);
7968 iwlcore_clear_stations_table(priv);
7969
7970
7971 /*netif_stop_queue(dev); */
7972 flush_workqueue(priv->workqueue);
7973
7974 /* ieee80211_unregister_hw calls iwl4965_mac_stop, which flushes
7975 * priv->workqueue... so we can't take down the workqueue
7976 * until now... */
7977 destroy_workqueue(priv->workqueue);
7978 priv->workqueue = NULL;
7979
7980 pci_iounmap(pdev, priv->hw_base);
7981 pci_release_regions(pdev);
7982 pci_disable_device(pdev);
7983 pci_set_drvdata(pdev, NULL);
7984
7985 iwl_free_channel_map(priv);
7986 iwl4965_free_geos(priv);
7987
7988 if (priv->ibss_beacon)
7989 dev_kfree_skb(priv->ibss_beacon);
7990
7991 ieee80211_free_hw(priv->hw);
7992 }
7993
7994 #ifdef CONFIG_PM
7995
7996 static int iwl4965_pci_suspend(struct pci_dev *pdev, pm_message_t state)
7997 {
7998 struct iwl_priv *priv = pci_get_drvdata(pdev);
7999
8000 if (priv->is_open) {
8001 set_bit(STATUS_IN_SUSPEND, &priv->status);
8002 iwl4965_mac_stop(priv->hw);
8003 priv->is_open = 1;
8004 }
8005
8006 pci_set_power_state(pdev, PCI_D3hot);
8007
8008 return 0;
8009 }
8010
8011 static int iwl4965_pci_resume(struct pci_dev *pdev)
8012 {
8013 struct iwl_priv *priv = pci_get_drvdata(pdev);
8014
8015 pci_set_power_state(pdev, PCI_D0);
8016
8017 if (priv->is_open)
8018 iwl4965_mac_start(priv->hw);
8019
8020 clear_bit(STATUS_IN_SUSPEND, &priv->status);
8021 return 0;
8022 }
8023
8024 #endif /* CONFIG_PM */
8025
8026 /*****************************************************************************
8027 *
8028 * driver and module entry point
8029 *
8030 *****************************************************************************/
8031
8032 static struct pci_driver iwl4965_driver = {
8033 .name = DRV_NAME,
8034 .id_table = iwl4965_hw_card_ids,
8035 .probe = iwl4965_pci_probe,
8036 .remove = __devexit_p(iwl4965_pci_remove),
8037 #ifdef CONFIG_PM
8038 .suspend = iwl4965_pci_suspend,
8039 .resume = iwl4965_pci_resume,
8040 #endif
8041 };
8042
8043 static int __init iwl4965_init(void)
8044 {
8045
8046 int ret;
8047 printk(KERN_INFO DRV_NAME ": " DRV_DESCRIPTION ", " DRV_VERSION "\n");
8048 printk(KERN_INFO DRV_NAME ": " DRV_COPYRIGHT "\n");
8049
8050 ret = iwl4965_rate_control_register();
8051 if (ret) {
8052 IWL_ERROR("Unable to register rate control algorithm: %d\n", ret);
8053 return ret;
8054 }
8055
8056 ret = pci_register_driver(&iwl4965_driver);
8057 if (ret) {
8058 IWL_ERROR("Unable to initialize PCI module\n");
8059 goto error_register;
8060 }
8061 #ifdef CONFIG_IWLWIFI_DEBUG
8062 ret = driver_create_file(&iwl4965_driver.driver, &driver_attr_debug_level);
8063 if (ret) {
8064 IWL_ERROR("Unable to create driver sysfs file\n");
8065 goto error_debug;
8066 }
8067 #endif
8068
8069 return ret;
8070
8071 #ifdef CONFIG_IWLWIFI_DEBUG
8072 error_debug:
8073 pci_unregister_driver(&iwl4965_driver);
8074 #endif
8075 error_register:
8076 iwl4965_rate_control_unregister();
8077 return ret;
8078 }
8079
8080 static void __exit iwl4965_exit(void)
8081 {
8082 #ifdef CONFIG_IWLWIFI_DEBUG
8083 driver_remove_file(&iwl4965_driver.driver, &driver_attr_debug_level);
8084 #endif
8085 pci_unregister_driver(&iwl4965_driver);
8086 iwl4965_rate_control_unregister();
8087 }
8088
8089 module_exit(iwl4965_exit);
8090 module_init(iwl4965_init);
Linux kernel - Deliverables
This page took 0.202686 seconds and 6 git commands to generate.