libertas: first stab at cfg80211 support
[linux-2.6.git] / drivers / net / wireless / libertas / main.c
1 /**
2   * This file contains the major functions in WLAN
3   * driver. It includes init, exit, open, close and main
4   * thread etc..
5   */
6
7 #include <linux/moduleparam.h>
8 #include <linux/delay.h>
9 #include <linux/etherdevice.h>
10 #include <linux/netdevice.h>
11 #include <linux/if_arp.h>
12 #include <linux/kthread.h>
13 #include <linux/kfifo.h>
14 #include <linux/stddef.h>
15 #include <linux/ieee80211.h>
16 #include <net/iw_handler.h>
17 #include <net/cfg80211.h>
18
19 #include "host.h"
20 #include "decl.h"
21 #include "dev.h"
22 #include "wext.h"
23 #include "cfg.h"
24 #include "debugfs.h"
25 #include "scan.h"
26 #include "assoc.h"
27 #include "cmd.h"
28
29 #define DRIVER_RELEASE_VERSION "323.p0"
30 const char lbs_driver_version[] = "COMM-USB8388-" DRIVER_RELEASE_VERSION
31 #ifdef  DEBUG
32     "-dbg"
33 #endif
34     "";
35
36
37 /* Module parameters */
38 unsigned int lbs_debug;
39 EXPORT_SYMBOL_GPL(lbs_debug);
40 module_param_named(libertas_debug, lbs_debug, int, 0644);
41
42
43 /* This global structure is used to send the confirm_sleep command as
44  * fast as possible down to the firmware. */
45 struct cmd_confirm_sleep confirm_sleep;
46
47
48 #define LBS_TX_PWR_DEFAULT              20      /*100mW */
49 #define LBS_TX_PWR_US_DEFAULT           20      /*100mW */
50 #define LBS_TX_PWR_JP_DEFAULT           16      /*50mW */
51 #define LBS_TX_PWR_FR_DEFAULT           20      /*100mW */
52 #define LBS_TX_PWR_EMEA_DEFAULT 20      /*100mW */
53
54 /* Format { channel, frequency (MHz), maxtxpower } */
55 /* band: 'B/G', region: USA FCC/Canada IC */
56 static struct chan_freq_power channel_freq_power_US_BG[] = {
57         {1, 2412, LBS_TX_PWR_US_DEFAULT},
58         {2, 2417, LBS_TX_PWR_US_DEFAULT},
59         {3, 2422, LBS_TX_PWR_US_DEFAULT},
60         {4, 2427, LBS_TX_PWR_US_DEFAULT},
61         {5, 2432, LBS_TX_PWR_US_DEFAULT},
62         {6, 2437, LBS_TX_PWR_US_DEFAULT},
63         {7, 2442, LBS_TX_PWR_US_DEFAULT},
64         {8, 2447, LBS_TX_PWR_US_DEFAULT},
65         {9, 2452, LBS_TX_PWR_US_DEFAULT},
66         {10, 2457, LBS_TX_PWR_US_DEFAULT},
67         {11, 2462, LBS_TX_PWR_US_DEFAULT}
68 };
69
70 /* band: 'B/G', region: Europe ETSI */
71 static struct chan_freq_power channel_freq_power_EU_BG[] = {
72         {1, 2412, LBS_TX_PWR_EMEA_DEFAULT},
73         {2, 2417, LBS_TX_PWR_EMEA_DEFAULT},
74         {3, 2422, LBS_TX_PWR_EMEA_DEFAULT},
75         {4, 2427, LBS_TX_PWR_EMEA_DEFAULT},
76         {5, 2432, LBS_TX_PWR_EMEA_DEFAULT},
77         {6, 2437, LBS_TX_PWR_EMEA_DEFAULT},
78         {7, 2442, LBS_TX_PWR_EMEA_DEFAULT},
79         {8, 2447, LBS_TX_PWR_EMEA_DEFAULT},
80         {9, 2452, LBS_TX_PWR_EMEA_DEFAULT},
81         {10, 2457, LBS_TX_PWR_EMEA_DEFAULT},
82         {11, 2462, LBS_TX_PWR_EMEA_DEFAULT},
83         {12, 2467, LBS_TX_PWR_EMEA_DEFAULT},
84         {13, 2472, LBS_TX_PWR_EMEA_DEFAULT}
85 };
86
87 /* band: 'B/G', region: Spain */
88 static struct chan_freq_power channel_freq_power_SPN_BG[] = {
89         {10, 2457, LBS_TX_PWR_DEFAULT},
90         {11, 2462, LBS_TX_PWR_DEFAULT}
91 };
92
93 /* band: 'B/G', region: France */
94 static struct chan_freq_power channel_freq_power_FR_BG[] = {
95         {10, 2457, LBS_TX_PWR_FR_DEFAULT},
96         {11, 2462, LBS_TX_PWR_FR_DEFAULT},
97         {12, 2467, LBS_TX_PWR_FR_DEFAULT},
98         {13, 2472, LBS_TX_PWR_FR_DEFAULT}
99 };
100
101 /* band: 'B/G', region: Japan */
102 static struct chan_freq_power channel_freq_power_JPN_BG[] = {
103         {1, 2412, LBS_TX_PWR_JP_DEFAULT},
104         {2, 2417, LBS_TX_PWR_JP_DEFAULT},
105         {3, 2422, LBS_TX_PWR_JP_DEFAULT},
106         {4, 2427, LBS_TX_PWR_JP_DEFAULT},
107         {5, 2432, LBS_TX_PWR_JP_DEFAULT},
108         {6, 2437, LBS_TX_PWR_JP_DEFAULT},
109         {7, 2442, LBS_TX_PWR_JP_DEFAULT},
110         {8, 2447, LBS_TX_PWR_JP_DEFAULT},
111         {9, 2452, LBS_TX_PWR_JP_DEFAULT},
112         {10, 2457, LBS_TX_PWR_JP_DEFAULT},
113         {11, 2462, LBS_TX_PWR_JP_DEFAULT},
114         {12, 2467, LBS_TX_PWR_JP_DEFAULT},
115         {13, 2472, LBS_TX_PWR_JP_DEFAULT},
116         {14, 2484, LBS_TX_PWR_JP_DEFAULT}
117 };
118
119 /**
120  * the structure for channel, frequency and power
121  */
122 struct region_cfp_table {
123         u8 region;
124         struct chan_freq_power *cfp_BG;
125         int cfp_no_BG;
126 };
127
128 /**
129  * the structure for the mapping between region and CFP
130  */
131 static struct region_cfp_table region_cfp_table[] = {
132         {0x10,                  /*US FCC */
133          channel_freq_power_US_BG,
134          ARRAY_SIZE(channel_freq_power_US_BG),
135          }
136         ,
137         {0x20,                  /*CANADA IC */
138          channel_freq_power_US_BG,
139          ARRAY_SIZE(channel_freq_power_US_BG),
140          }
141         ,
142         {0x30, /*EU*/ channel_freq_power_EU_BG,
143          ARRAY_SIZE(channel_freq_power_EU_BG),
144          }
145         ,
146         {0x31, /*SPAIN*/ channel_freq_power_SPN_BG,
147          ARRAY_SIZE(channel_freq_power_SPN_BG),
148          }
149         ,
150         {0x32, /*FRANCE*/ channel_freq_power_FR_BG,
151          ARRAY_SIZE(channel_freq_power_FR_BG),
152          }
153         ,
154         {0x40, /*JAPAN*/ channel_freq_power_JPN_BG,
155          ARRAY_SIZE(channel_freq_power_JPN_BG),
156          }
157         ,
158 /*Add new region here */
159 };
160
161 /**
162  * the table to keep region code
163  */
164 u16 lbs_region_code_to_index[MRVDRV_MAX_REGION_CODE] =
165     { 0x10, 0x20, 0x30, 0x31, 0x32, 0x40 };
166
167 /**
168  * 802.11b/g supported bitrates (in 500Kb/s units)
169  */
170 u8 lbs_bg_rates[MAX_RATES] =
171     { 0x02, 0x04, 0x0b, 0x16, 0x0c, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6c,
172 0x00, 0x00 };
173
174 /**
175  * FW rate table.  FW refers to rates by their index in this table, not by the
176  * rate value itself.  Values of 0x00 are
177  * reserved positions.
178  */
179 static u8 fw_data_rates[MAX_RATES] =
180     { 0x02, 0x04, 0x0B, 0x16, 0x00, 0x0C, 0x12,
181       0x18, 0x24, 0x30, 0x48, 0x60, 0x6C, 0x00
182 };
183
184 /**
185  *  @brief use index to get the data rate
186  *
187  *  @param idx                The index of data rate
188  *  @return                     data rate or 0
189  */
190 u32 lbs_fw_index_to_data_rate(u8 idx)
191 {
192         if (idx >= sizeof(fw_data_rates))
193                 idx = 0;
194         return fw_data_rates[idx];
195 }
196
197 /**
198  *  @brief use rate to get the index
199  *
200  *  @param rate                 data rate
201  *  @return                     index or 0
202  */
203 u8 lbs_data_rate_to_fw_index(u32 rate)
204 {
205         u8 i;
206
207         if (!rate)
208                 return 0;
209
210         for (i = 0; i < sizeof(fw_data_rates); i++) {
211                 if (rate == fw_data_rates[i])
212                         return i;
213         }
214         return 0;
215 }
216
217 /**
218  * Attributes exported through sysfs
219  */
220
221 /**
222  * @brief Get function for sysfs attribute anycast_mask
223  */
224 static ssize_t lbs_anycast_get(struct device *dev,
225                 struct device_attribute *attr, char * buf)
226 {
227         struct lbs_private *priv = to_net_dev(dev)->ml_priv;
228         struct cmd_ds_mesh_access mesh_access;
229         int ret;
230
231         memset(&mesh_access, 0, sizeof(mesh_access));
232
233         ret = lbs_mesh_access(priv, CMD_ACT_MESH_GET_ANYCAST, &mesh_access);
234         if (ret)
235                 return ret;
236
237         return snprintf(buf, 12, "0x%X\n", le32_to_cpu(mesh_access.data[0]));
238 }
239
240 /**
241  * @brief Set function for sysfs attribute anycast_mask
242  */
243 static ssize_t lbs_anycast_set(struct device *dev,
244                 struct device_attribute *attr, const char * buf, size_t count)
245 {
246         struct lbs_private *priv = to_net_dev(dev)->ml_priv;
247         struct cmd_ds_mesh_access mesh_access;
248         uint32_t datum;
249         int ret;
250
251         memset(&mesh_access, 0, sizeof(mesh_access));
252         sscanf(buf, "%x", &datum);
253         mesh_access.data[0] = cpu_to_le32(datum);
254
255         ret = lbs_mesh_access(priv, CMD_ACT_MESH_SET_ANYCAST, &mesh_access);
256         if (ret)
257                 return ret;
258
259         return strlen(buf);
260 }
261
262 /**
263  * @brief Get function for sysfs attribute prb_rsp_limit
264  */
265 static ssize_t lbs_prb_rsp_limit_get(struct device *dev,
266                 struct device_attribute *attr, char *buf)
267 {
268         struct lbs_private *priv = to_net_dev(dev)->ml_priv;
269         struct cmd_ds_mesh_access mesh_access;
270         int ret;
271         u32 retry_limit;
272
273         memset(&mesh_access, 0, sizeof(mesh_access));
274         mesh_access.data[0] = cpu_to_le32(CMD_ACT_GET);
275
276         ret = lbs_mesh_access(priv, CMD_ACT_MESH_SET_GET_PRB_RSP_LIMIT,
277                         &mesh_access);
278         if (ret)
279                 return ret;
280
281         retry_limit = le32_to_cpu(mesh_access.data[1]);
282         return snprintf(buf, 10, "%d\n", retry_limit);
283 }
284
285 /**
286  * @brief Set function for sysfs attribute prb_rsp_limit
287  */
288 static ssize_t lbs_prb_rsp_limit_set(struct device *dev,
289                 struct device_attribute *attr, const char *buf, size_t count)
290 {
291         struct lbs_private *priv = to_net_dev(dev)->ml_priv;
292         struct cmd_ds_mesh_access mesh_access;
293         int ret;
294         unsigned long retry_limit;
295
296         memset(&mesh_access, 0, sizeof(mesh_access));
297         mesh_access.data[0] = cpu_to_le32(CMD_ACT_SET);
298
299         if (!strict_strtoul(buf, 10, &retry_limit))
300                 return -ENOTSUPP;
301         if (retry_limit > 15)
302                 return -ENOTSUPP;
303
304         mesh_access.data[1] = cpu_to_le32(retry_limit);
305
306         ret = lbs_mesh_access(priv, CMD_ACT_MESH_SET_GET_PRB_RSP_LIMIT,
307                         &mesh_access);
308         if (ret)
309                 return ret;
310
311         return strlen(buf);
312 }
313
314 static int lbs_add_rtap(struct lbs_private *priv);
315 static void lbs_remove_rtap(struct lbs_private *priv);
316 static int lbs_add_mesh(struct lbs_private *priv);
317 static void lbs_remove_mesh(struct lbs_private *priv);
318
319
320 /**
321  * Get function for sysfs attribute rtap
322  */
323 static ssize_t lbs_rtap_get(struct device *dev,
324                 struct device_attribute *attr, char * buf)
325 {
326         struct lbs_private *priv = to_net_dev(dev)->ml_priv;
327         return snprintf(buf, 5, "0x%X\n", priv->monitormode);
328 }
329
330 /**
331  *  Set function for sysfs attribute rtap
332  */
333 static ssize_t lbs_rtap_set(struct device *dev,
334                 struct device_attribute *attr, const char * buf, size_t count)
335 {
336         int monitor_mode;
337         struct lbs_private *priv = to_net_dev(dev)->ml_priv;
338
339         sscanf(buf, "%x", &monitor_mode);
340         if (monitor_mode) {
341                 if (priv->monitormode == monitor_mode)
342                         return strlen(buf);
343                 if (!priv->monitormode) {
344                         if (priv->infra_open || priv->mesh_open)
345                                 return -EBUSY;
346                         if (priv->mode == IW_MODE_INFRA)
347                                 lbs_cmd_80211_deauthenticate(priv,
348                                                              priv->curbssparams.bssid,
349                                                              WLAN_REASON_DEAUTH_LEAVING);
350                         else if (priv->mode == IW_MODE_ADHOC)
351                                 lbs_adhoc_stop(priv);
352                         lbs_add_rtap(priv);
353                 }
354                 priv->monitormode = monitor_mode;
355         } else {
356                 if (!priv->monitormode)
357                         return strlen(buf);
358                 priv->monitormode = 0;
359                 lbs_remove_rtap(priv);
360
361                 if (priv->currenttxskb) {
362                         dev_kfree_skb_any(priv->currenttxskb);
363                         priv->currenttxskb = NULL;
364                 }
365
366                 /* Wake queues, command thread, etc. */
367                 lbs_host_to_card_done(priv);
368         }
369
370         lbs_prepare_and_send_command(priv,
371                         CMD_802_11_MONITOR_MODE, CMD_ACT_SET,
372                         CMD_OPTION_WAITFORRSP, 0, &priv->monitormode);
373         return strlen(buf);
374 }
375
376 /**
377  * lbs_rtap attribute to be exported per ethX interface
378  * through sysfs (/sys/class/net/ethX/lbs_rtap)
379  */
380 static DEVICE_ATTR(lbs_rtap, 0644, lbs_rtap_get, lbs_rtap_set );
381
382 /**
383  * Get function for sysfs attribute mesh
384  */
385 static ssize_t lbs_mesh_get(struct device *dev,
386                 struct device_attribute *attr, char * buf)
387 {
388         struct lbs_private *priv = to_net_dev(dev)->ml_priv;
389         return snprintf(buf, 5, "0x%X\n", !!priv->mesh_dev);
390 }
391
392 /**
393  *  Set function for sysfs attribute mesh
394  */
395 static ssize_t lbs_mesh_set(struct device *dev,
396                 struct device_attribute *attr, const char * buf, size_t count)
397 {
398         struct lbs_private *priv = to_net_dev(dev)->ml_priv;
399         int enable;
400         int ret, action = CMD_ACT_MESH_CONFIG_STOP;
401
402         sscanf(buf, "%x", &enable);
403         enable = !!enable;
404         if (enable == !!priv->mesh_dev)
405                 return count;
406         if (enable)
407                 action = CMD_ACT_MESH_CONFIG_START;
408         ret = lbs_mesh_config(priv, action, priv->curbssparams.channel);
409         if (ret)
410                 return ret;
411
412         if (enable)
413                 lbs_add_mesh(priv);
414         else
415                 lbs_remove_mesh(priv);
416
417         return count;
418 }
419
420 /**
421  * lbs_mesh attribute to be exported per ethX interface
422  * through sysfs (/sys/class/net/ethX/lbs_mesh)
423  */
424 static DEVICE_ATTR(lbs_mesh, 0644, lbs_mesh_get, lbs_mesh_set);
425
426 /**
427  * anycast_mask attribute to be exported per mshX interface
428  * through sysfs (/sys/class/net/mshX/anycast_mask)
429  */
430 static DEVICE_ATTR(anycast_mask, 0644, lbs_anycast_get, lbs_anycast_set);
431
432 /**
433  * prb_rsp_limit attribute to be exported per mshX interface
434  * through sysfs (/sys/class/net/mshX/prb_rsp_limit)
435  */
436 static DEVICE_ATTR(prb_rsp_limit, 0644, lbs_prb_rsp_limit_get,
437                 lbs_prb_rsp_limit_set);
438
439 static struct attribute *lbs_mesh_sysfs_entries[] = {
440         &dev_attr_anycast_mask.attr,
441         &dev_attr_prb_rsp_limit.attr,
442         NULL,
443 };
444
445 static struct attribute_group lbs_mesh_attr_group = {
446         .attrs = lbs_mesh_sysfs_entries,
447 };
448
449 /**
450  *  @brief This function opens the ethX or mshX interface
451  *
452  *  @param dev     A pointer to net_device structure
453  *  @return        0 or -EBUSY if monitor mode active
454  */
455 static int lbs_dev_open(struct net_device *dev)
456 {
457         struct lbs_private *priv = dev->ml_priv;
458         int ret = 0;
459
460         lbs_deb_enter(LBS_DEB_NET);
461
462         spin_lock_irq(&priv->driver_lock);
463
464         if (priv->monitormode) {
465                 ret = -EBUSY;
466                 goto out;
467         }
468
469         if (dev == priv->mesh_dev) {
470                 priv->mesh_open = 1;
471                 priv->mesh_connect_status = LBS_CONNECTED;
472                 netif_carrier_on(dev);
473         } else {
474                 priv->infra_open = 1;
475
476                 if (priv->connect_status == LBS_CONNECTED)
477                         netif_carrier_on(dev);
478                 else
479                         netif_carrier_off(dev);
480         }
481
482         if (!priv->tx_pending_len)
483                 netif_wake_queue(dev);
484  out:
485
486         spin_unlock_irq(&priv->driver_lock);
487         lbs_deb_leave_args(LBS_DEB_NET, "ret %d", ret);
488         return ret;
489 }
490
491 /**
492  *  @brief This function closes the mshX interface
493  *
494  *  @param dev     A pointer to net_device structure
495  *  @return        0
496  */
497 static int lbs_mesh_stop(struct net_device *dev)
498 {
499         struct lbs_private *priv = dev->ml_priv;
500
501         lbs_deb_enter(LBS_DEB_MESH);
502         spin_lock_irq(&priv->driver_lock);
503
504         priv->mesh_open = 0;
505         priv->mesh_connect_status = LBS_DISCONNECTED;
506
507         netif_stop_queue(dev);
508         netif_carrier_off(dev);
509
510         spin_unlock_irq(&priv->driver_lock);
511
512         schedule_work(&priv->mcast_work);
513
514         lbs_deb_leave(LBS_DEB_MESH);
515         return 0;
516 }
517
518 /**
519  *  @brief This function closes the ethX interface
520  *
521  *  @param dev     A pointer to net_device structure
522  *  @return        0
523  */
524 static int lbs_eth_stop(struct net_device *dev)
525 {
526         struct lbs_private *priv = dev->ml_priv;
527
528         lbs_deb_enter(LBS_DEB_NET);
529
530         spin_lock_irq(&priv->driver_lock);
531         priv->infra_open = 0;
532         netif_stop_queue(dev);
533         spin_unlock_irq(&priv->driver_lock);
534
535         schedule_work(&priv->mcast_work);
536
537         lbs_deb_leave(LBS_DEB_NET);
538         return 0;
539 }
540
541 static void lbs_tx_timeout(struct net_device *dev)
542 {
543         struct lbs_private *priv = dev->ml_priv;
544
545         lbs_deb_enter(LBS_DEB_TX);
546
547         lbs_pr_err("tx watch dog timeout\n");
548
549         dev->trans_start = jiffies;
550
551         if (priv->currenttxskb)
552                 lbs_send_tx_feedback(priv, 0);
553
554         /* XX: Shouldn't we also call into the hw-specific driver
555            to kick it somehow? */
556         lbs_host_to_card_done(priv);
557
558         /* More often than not, this actually happens because the
559            firmware has crapped itself -- rather than just a very
560            busy medium. So send a harmless command, and if/when
561            _that_ times out, we'll kick it in the head. */
562         lbs_prepare_and_send_command(priv, CMD_802_11_RSSI, 0,
563                                      0, 0, NULL);
564
565         lbs_deb_leave(LBS_DEB_TX);
566 }
567
568 void lbs_host_to_card_done(struct lbs_private *priv)
569 {
570         unsigned long flags;
571
572         lbs_deb_enter(LBS_DEB_THREAD);
573
574         spin_lock_irqsave(&priv->driver_lock, flags);
575
576         priv->dnld_sent = DNLD_RES_RECEIVED;
577
578         /* Wake main thread if commands are pending */
579         if (!priv->cur_cmd || priv->tx_pending_len > 0) {
580                 if (!priv->wakeup_dev_required)
581                         wake_up_interruptible(&priv->waitq);
582         }
583
584         spin_unlock_irqrestore(&priv->driver_lock, flags);
585         lbs_deb_leave(LBS_DEB_THREAD);
586 }
587 EXPORT_SYMBOL_GPL(lbs_host_to_card_done);
588
589 static int lbs_set_mac_address(struct net_device *dev, void *addr)
590 {
591         int ret = 0;
592         struct lbs_private *priv = dev->ml_priv;
593         struct sockaddr *phwaddr = addr;
594         struct cmd_ds_802_11_mac_address cmd;
595
596         lbs_deb_enter(LBS_DEB_NET);
597
598         /* In case it was called from the mesh device */
599         dev = priv->dev;
600
601         cmd.hdr.size = cpu_to_le16(sizeof(cmd));
602         cmd.action = cpu_to_le16(CMD_ACT_SET);
603         memcpy(cmd.macadd, phwaddr->sa_data, ETH_ALEN);
604
605         ret = lbs_cmd_with_response(priv, CMD_802_11_MAC_ADDRESS, &cmd);
606         if (ret) {
607                 lbs_deb_net("set MAC address failed\n");
608                 goto done;
609         }
610
611         memcpy(priv->current_addr, phwaddr->sa_data, ETH_ALEN);
612         memcpy(dev->dev_addr, phwaddr->sa_data, ETH_ALEN);
613         if (priv->mesh_dev)
614                 memcpy(priv->mesh_dev->dev_addr, phwaddr->sa_data, ETH_ALEN);
615
616 done:
617         lbs_deb_leave_args(LBS_DEB_NET, "ret %d", ret);
618         return ret;
619 }
620
621
622 static inline int mac_in_list(unsigned char *list, int list_len,
623                               unsigned char *mac)
624 {
625         while (list_len) {
626                 if (!memcmp(list, mac, ETH_ALEN))
627                         return 1;
628                 list += ETH_ALEN;
629                 list_len--;
630         }
631         return 0;
632 }
633
634
635 static int lbs_add_mcast_addrs(struct cmd_ds_mac_multicast_adr *cmd,
636                                struct net_device *dev, int nr_addrs)
637 {
638         int i = nr_addrs;
639         struct dev_mc_list *mc_list;
640
641         if ((dev->flags & (IFF_UP|IFF_MULTICAST)) != (IFF_UP|IFF_MULTICAST))
642                 return nr_addrs;
643
644         netif_addr_lock_bh(dev);
645         for (mc_list = dev->mc_list; mc_list; mc_list = mc_list->next) {
646                 if (mac_in_list(cmd->maclist, nr_addrs, mc_list->dmi_addr)) {
647                         lbs_deb_net("mcast address %s:%pM skipped\n", dev->name,
648                                     mc_list->dmi_addr);
649                         continue;
650                 }
651
652                 if (i == MRVDRV_MAX_MULTICAST_LIST_SIZE)
653                         break;
654                 memcpy(&cmd->maclist[6*i], mc_list->dmi_addr, ETH_ALEN);
655                 lbs_deb_net("mcast address %s:%pM added to filter\n", dev->name,
656                             mc_list->dmi_addr);
657                 i++;
658         }
659         netif_addr_unlock_bh(dev);
660         if (mc_list)
661                 return -EOVERFLOW;
662
663         return i;
664 }
665
666 static void lbs_set_mcast_worker(struct work_struct *work)
667 {
668         struct lbs_private *priv = container_of(work, struct lbs_private, mcast_work);
669         struct cmd_ds_mac_multicast_adr mcast_cmd;
670         int dev_flags;
671         int nr_addrs;
672         int old_mac_control = priv->mac_control;
673
674         lbs_deb_enter(LBS_DEB_NET);
675
676         dev_flags = priv->dev->flags;
677         if (priv->mesh_dev)
678                 dev_flags |= priv->mesh_dev->flags;
679
680         if (dev_flags & IFF_PROMISC) {
681                 priv->mac_control |= CMD_ACT_MAC_PROMISCUOUS_ENABLE;
682                 priv->mac_control &= ~(CMD_ACT_MAC_ALL_MULTICAST_ENABLE |
683                                        CMD_ACT_MAC_MULTICAST_ENABLE);
684                 goto out_set_mac_control;
685         } else if (dev_flags & IFF_ALLMULTI) {
686         do_allmulti:
687                 priv->mac_control |= CMD_ACT_MAC_ALL_MULTICAST_ENABLE;
688                 priv->mac_control &= ~(CMD_ACT_MAC_PROMISCUOUS_ENABLE |
689                                        CMD_ACT_MAC_MULTICAST_ENABLE);
690                 goto out_set_mac_control;
691         }
692
693         /* Once for priv->dev, again for priv->mesh_dev if it exists */
694         nr_addrs = lbs_add_mcast_addrs(&mcast_cmd, priv->dev, 0);
695         if (nr_addrs >= 0 && priv->mesh_dev)
696                 nr_addrs = lbs_add_mcast_addrs(&mcast_cmd, priv->mesh_dev, nr_addrs);
697         if (nr_addrs < 0)
698                 goto do_allmulti;
699
700         if (nr_addrs) {
701                 int size = offsetof(struct cmd_ds_mac_multicast_adr,
702                                     maclist[6*nr_addrs]);
703
704                 mcast_cmd.action = cpu_to_le16(CMD_ACT_SET);
705                 mcast_cmd.hdr.size = cpu_to_le16(size);
706                 mcast_cmd.nr_of_adrs = cpu_to_le16(nr_addrs);
707
708                 lbs_cmd_async(priv, CMD_MAC_MULTICAST_ADR, &mcast_cmd.hdr, size);
709
710                 priv->mac_control |= CMD_ACT_MAC_MULTICAST_ENABLE;
711         } else
712                 priv->mac_control &= ~CMD_ACT_MAC_MULTICAST_ENABLE;
713
714         priv->mac_control &= ~(CMD_ACT_MAC_PROMISCUOUS_ENABLE |
715                                CMD_ACT_MAC_ALL_MULTICAST_ENABLE);
716  out_set_mac_control:
717         if (priv->mac_control != old_mac_control)
718                 lbs_set_mac_control(priv);
719
720         lbs_deb_leave(LBS_DEB_NET);
721 }
722
723 static void lbs_set_multicast_list(struct net_device *dev)
724 {
725         struct lbs_private *priv = dev->ml_priv;
726
727         schedule_work(&priv->mcast_work);
728 }
729
730 /**
731  *  @brief This function handles the major jobs in the LBS driver.
732  *  It handles all events generated by firmware, RX data received
733  *  from firmware and TX data sent from kernel.
734  *
735  *  @param data    A pointer to lbs_thread structure
736  *  @return        0
737  */
738 static int lbs_thread(void *data)
739 {
740         struct net_device *dev = data;
741         struct lbs_private *priv = dev->ml_priv;
742         wait_queue_t wait;
743
744         lbs_deb_enter(LBS_DEB_THREAD);
745
746         init_waitqueue_entry(&wait, current);
747
748         for (;;) {
749                 int shouldsleep;
750                 u8 resp_idx;
751
752                 lbs_deb_thread("1: currenttxskb %p, dnld_sent %d\n",
753                                 priv->currenttxskb, priv->dnld_sent);
754
755                 add_wait_queue(&priv->waitq, &wait);
756                 set_current_state(TASK_INTERRUPTIBLE);
757                 spin_lock_irq(&priv->driver_lock);
758
759                 if (kthread_should_stop())
760                         shouldsleep = 0;        /* Bye */
761                 else if (priv->surpriseremoved)
762                         shouldsleep = 1;        /* We need to wait until we're _told_ to die */
763                 else if (priv->psstate == PS_STATE_SLEEP)
764                         shouldsleep = 1;        /* Sleep mode. Nothing we can do till it wakes */
765                 else if (priv->cmd_timed_out)
766                         shouldsleep = 0;        /* Command timed out. Recover */
767                 else if (!priv->fw_ready)
768                         shouldsleep = 1;        /* Firmware not ready. We're waiting for it */
769                 else if (priv->dnld_sent)
770                         shouldsleep = 1;        /* Something is en route to the device already */
771                 else if (priv->tx_pending_len > 0)
772                         shouldsleep = 0;        /* We've a packet to send */
773                 else if (priv->resp_len[priv->resp_idx])
774                         shouldsleep = 0;        /* We have a command response */
775                 else if (priv->cur_cmd)
776                         shouldsleep = 1;        /* Can't send a command; one already running */
777                 else if (!list_empty(&priv->cmdpendingq) &&
778                                         !(priv->wakeup_dev_required))
779                         shouldsleep = 0;        /* We have a command to send */
780                 else if (__kfifo_len(priv->event_fifo))
781                         shouldsleep = 0;        /* We have an event to process */
782                 else
783                         shouldsleep = 1;        /* No command */
784
785                 if (shouldsleep) {
786                         lbs_deb_thread("sleeping, connect_status %d, "
787                                 "psmode %d, psstate %d\n",
788                                 priv->connect_status,
789                                 priv->psmode, priv->psstate);
790                         spin_unlock_irq(&priv->driver_lock);
791                         schedule();
792                 } else
793                         spin_unlock_irq(&priv->driver_lock);
794
795                 lbs_deb_thread("2: currenttxskb %p, dnld_send %d\n",
796                                priv->currenttxskb, priv->dnld_sent);
797
798                 set_current_state(TASK_RUNNING);
799                 remove_wait_queue(&priv->waitq, &wait);
800
801                 lbs_deb_thread("3: currenttxskb %p, dnld_sent %d\n",
802                                priv->currenttxskb, priv->dnld_sent);
803
804                 if (kthread_should_stop()) {
805                         lbs_deb_thread("break from main thread\n");
806                         break;
807                 }
808
809                 if (priv->surpriseremoved) {
810                         lbs_deb_thread("adapter removed; waiting to die...\n");
811                         continue;
812                 }
813
814                 lbs_deb_thread("4: currenttxskb %p, dnld_sent %d\n",
815                        priv->currenttxskb, priv->dnld_sent);
816
817                 /* Process any pending command response */
818                 spin_lock_irq(&priv->driver_lock);
819                 resp_idx = priv->resp_idx;
820                 if (priv->resp_len[resp_idx]) {
821                         spin_unlock_irq(&priv->driver_lock);
822                         lbs_process_command_response(priv,
823                                 priv->resp_buf[resp_idx],
824                                 priv->resp_len[resp_idx]);
825                         spin_lock_irq(&priv->driver_lock);
826                         priv->resp_len[resp_idx] = 0;
827                 }
828                 spin_unlock_irq(&priv->driver_lock);
829
830                 /* Process hardware events, e.g. card removed, link lost */
831                 spin_lock_irq(&priv->driver_lock);
832                 while (__kfifo_len(priv->event_fifo)) {
833                         u32 event;
834                         __kfifo_get(priv->event_fifo, (unsigned char *) &event,
835                                 sizeof(event));
836                         spin_unlock_irq(&priv->driver_lock);
837                         lbs_process_event(priv, event);
838                         spin_lock_irq(&priv->driver_lock);
839                 }
840                 spin_unlock_irq(&priv->driver_lock);
841
842                 if (priv->wakeup_dev_required) {
843                         lbs_deb_thread("Waking up device...\n");
844                         /* Wake up device */
845                         if (priv->exit_deep_sleep(priv))
846                                 lbs_deb_thread("Wakeup device failed\n");
847                         continue;
848                 }
849
850                 /* command timeout stuff */
851                 if (priv->cmd_timed_out && priv->cur_cmd) {
852                         struct cmd_ctrl_node *cmdnode = priv->cur_cmd;
853
854                         if (++priv->nr_retries > 3) {
855                                 lbs_pr_info("Excessive timeouts submitting "
856                                         "command 0x%04x\n",
857                                         le16_to_cpu(cmdnode->cmdbuf->command));
858                                 lbs_complete_command(priv, cmdnode, -ETIMEDOUT);
859                                 priv->nr_retries = 0;
860                                 if (priv->reset_card)
861                                         priv->reset_card(priv);
862                         } else {
863                                 priv->cur_cmd = NULL;
864                                 priv->dnld_sent = DNLD_RES_RECEIVED;
865                                 lbs_pr_info("requeueing command 0x%04x due "
866                                         "to timeout (#%d)\n",
867                                         le16_to_cpu(cmdnode->cmdbuf->command),
868                                         priv->nr_retries);
869
870                                 /* Stick it back at the _top_ of the pending queue
871                                    for immediate resubmission */
872                                 list_add(&cmdnode->list, &priv->cmdpendingq);
873                         }
874                 }
875                 priv->cmd_timed_out = 0;
876
877
878
879                 if (!priv->fw_ready)
880                         continue;
881
882                 /* Check if we need to confirm Sleep Request received previously */
883                 if (priv->psstate == PS_STATE_PRE_SLEEP &&
884                     !priv->dnld_sent && !priv->cur_cmd) {
885                         if (priv->connect_status == LBS_CONNECTED) {
886                                 lbs_deb_thread("pre-sleep, currenttxskb %p, "
887                                         "dnld_sent %d, cur_cmd %p\n",
888                                         priv->currenttxskb, priv->dnld_sent,
889                                         priv->cur_cmd);
890
891                                 lbs_ps_confirm_sleep(priv);
892                         } else {
893                                 /* workaround for firmware sending
894                                  * deauth/linkloss event immediately
895                                  * after sleep request; remove this
896                                  * after firmware fixes it
897                                  */
898                                 priv->psstate = PS_STATE_AWAKE;
899                                 lbs_pr_alert("ignore PS_SleepConfirm in "
900                                         "non-connected state\n");
901                         }
902                 }
903
904                 /* The PS state is changed during processing of Sleep Request
905                  * event above
906                  */
907                 if ((priv->psstate == PS_STATE_SLEEP) ||
908                     (priv->psstate == PS_STATE_PRE_SLEEP))
909                         continue;
910
911                 if (priv->is_deep_sleep)
912                         continue;
913
914                 /* Execute the next command */
915                 if (!priv->dnld_sent && !priv->cur_cmd)
916                         lbs_execute_next_command(priv);
917
918                 /* Wake-up command waiters which can't sleep in
919                  * lbs_prepare_and_send_command
920                  */
921                 if (!list_empty(&priv->cmdpendingq))
922                         wake_up_all(&priv->cmd_pending);
923
924                 spin_lock_irq(&priv->driver_lock);
925                 if (!priv->dnld_sent && priv->tx_pending_len > 0) {
926                         int ret = priv->hw_host_to_card(priv, MVMS_DAT,
927                                                         priv->tx_pending_buf,
928                                                         priv->tx_pending_len);
929                         if (ret) {
930                                 lbs_deb_tx("host_to_card failed %d\n", ret);
931                                 priv->dnld_sent = DNLD_RES_RECEIVED;
932                         }
933                         priv->tx_pending_len = 0;
934                         if (!priv->currenttxskb) {
935                                 /* We can wake the queues immediately if we aren't
936                                    waiting for TX feedback */
937                                 if (priv->connect_status == LBS_CONNECTED)
938                                         netif_wake_queue(priv->dev);
939                                 if (priv->mesh_dev &&
940                                     priv->mesh_connect_status == LBS_CONNECTED)
941                                         netif_wake_queue(priv->mesh_dev);
942                         }
943                 }
944                 spin_unlock_irq(&priv->driver_lock);
945         }
946
947         del_timer(&priv->command_timer);
948         del_timer(&priv->auto_deepsleep_timer);
949         wake_up_all(&priv->cmd_pending);
950
951         lbs_deb_leave(LBS_DEB_THREAD);
952         return 0;
953 }
954
955 static int lbs_suspend_callback(struct lbs_private *priv, unsigned long dummy,
956                                 struct cmd_header *cmd)
957 {
958         lbs_deb_enter(LBS_DEB_FW);
959
960         netif_device_detach(priv->dev);
961         if (priv->mesh_dev)
962                 netif_device_detach(priv->mesh_dev);
963
964         priv->fw_ready = 0;
965         lbs_deb_leave(LBS_DEB_FW);
966         return 0;
967 }
968
969 int lbs_suspend(struct lbs_private *priv)
970 {
971         struct cmd_header cmd;
972         int ret;
973
974         lbs_deb_enter(LBS_DEB_FW);
975
976         if (priv->wol_criteria == 0xffffffff) {
977                 lbs_pr_info("Suspend attempt without configuring wake params!\n");
978                 return -EINVAL;
979         }
980
981         memset(&cmd, 0, sizeof(cmd));
982
983         ret = __lbs_cmd(priv, CMD_802_11_HOST_SLEEP_ACTIVATE, &cmd,
984                         sizeof(cmd), lbs_suspend_callback, 0);
985         if (ret)
986                 lbs_pr_info("HOST_SLEEP_ACTIVATE failed: %d\n", ret);
987
988         lbs_deb_leave_args(LBS_DEB_FW, "ret %d", ret);
989         return ret;
990 }
991 EXPORT_SYMBOL_GPL(lbs_suspend);
992
993 void lbs_resume(struct lbs_private *priv)
994 {
995         lbs_deb_enter(LBS_DEB_FW);
996
997         priv->fw_ready = 1;
998
999         /* Firmware doesn't seem to give us RX packets any more
1000            until we send it some command. Might as well update */
1001         lbs_prepare_and_send_command(priv, CMD_802_11_RSSI, 0,
1002                                      0, 0, NULL);
1003
1004         netif_device_attach(priv->dev);
1005         if (priv->mesh_dev)
1006                 netif_device_attach(priv->mesh_dev);
1007
1008         lbs_deb_leave(LBS_DEB_FW);
1009 }
1010 EXPORT_SYMBOL_GPL(lbs_resume);
1011
1012 /**
1013  * @brief This function gets the HW spec from the firmware and sets
1014  *        some basic parameters.
1015  *
1016  *  @param priv    A pointer to struct lbs_private structure
1017  *  @return        0 or -1
1018  */
1019 static int lbs_setup_firmware(struct lbs_private *priv)
1020 {
1021         int ret = -1;
1022         s16 curlevel = 0, minlevel = 0, maxlevel = 0;
1023
1024         lbs_deb_enter(LBS_DEB_FW);
1025
1026         /* Read MAC address from firmware */
1027         memset(priv->current_addr, 0xff, ETH_ALEN);
1028         ret = lbs_update_hw_spec(priv);
1029         if (ret)
1030                 goto done;
1031
1032         /* Read power levels if available */
1033         ret = lbs_get_tx_power(priv, &curlevel, &minlevel, &maxlevel);
1034         if (ret == 0) {
1035                 priv->txpower_cur = curlevel;
1036                 priv->txpower_min = minlevel;
1037                 priv->txpower_max = maxlevel;
1038         }
1039
1040         lbs_set_mac_control(priv);
1041 done:
1042         lbs_deb_leave_args(LBS_DEB_FW, "ret %d", ret);
1043         return ret;
1044 }
1045
1046 /**
1047  *  This function handles the timeout of command sending.
1048  *  It will re-send the same command again.
1049  */
1050 static void command_timer_fn(unsigned long data)
1051 {
1052         struct lbs_private *priv = (struct lbs_private *)data;
1053         unsigned long flags;
1054
1055         lbs_deb_enter(LBS_DEB_CMD);
1056         spin_lock_irqsave(&priv->driver_lock, flags);
1057
1058         if (!priv->cur_cmd)
1059                 goto out;
1060
1061         lbs_pr_info("command 0x%04x timed out\n",
1062                 le16_to_cpu(priv->cur_cmd->cmdbuf->command));
1063
1064         priv->cmd_timed_out = 1;
1065         wake_up_interruptible(&priv->waitq);
1066 out:
1067         spin_unlock_irqrestore(&priv->driver_lock, flags);
1068         lbs_deb_leave(LBS_DEB_CMD);
1069 }
1070
1071 /**
1072  *  This function put the device back to deep sleep mode when timer expires
1073  *  and no activity (command, event, data etc.) is detected.
1074  */
1075 static void auto_deepsleep_timer_fn(unsigned long data)
1076 {
1077         struct lbs_private *priv = (struct lbs_private *)data;
1078         int ret;
1079
1080         lbs_deb_enter(LBS_DEB_CMD);
1081
1082         if (priv->is_activity_detected) {
1083                 priv->is_activity_detected = 0;
1084         } else {
1085                 if (priv->is_auto_deep_sleep_enabled &&
1086                                 (!priv->wakeup_dev_required) &&
1087                                 (priv->connect_status != LBS_CONNECTED)) {
1088                         lbs_deb_main("Entering auto deep sleep mode...\n");
1089                         ret = lbs_prepare_and_send_command(priv,
1090                                         CMD_802_11_DEEP_SLEEP, 0,
1091                                         0, 0, NULL);
1092                 }
1093         }
1094         mod_timer(&priv->auto_deepsleep_timer , jiffies +
1095                                 (priv->auto_deep_sleep_timeout * HZ)/1000);
1096         lbs_deb_leave(LBS_DEB_CMD);
1097 }
1098
1099 int lbs_enter_auto_deep_sleep(struct lbs_private *priv)
1100 {
1101         lbs_deb_enter(LBS_DEB_SDIO);
1102
1103         priv->is_auto_deep_sleep_enabled = 1;
1104         if (priv->is_deep_sleep)
1105                 priv->wakeup_dev_required = 1;
1106         mod_timer(&priv->auto_deepsleep_timer ,
1107                         jiffies + (priv->auto_deep_sleep_timeout * HZ)/1000);
1108
1109         lbs_deb_leave(LBS_DEB_SDIO);
1110         return 0;
1111 }
1112
1113 int lbs_exit_auto_deep_sleep(struct lbs_private *priv)
1114 {
1115         lbs_deb_enter(LBS_DEB_SDIO);
1116
1117         priv->is_auto_deep_sleep_enabled = 0;
1118         priv->auto_deep_sleep_timeout = 0;
1119         del_timer(&priv->auto_deepsleep_timer);
1120
1121         lbs_deb_leave(LBS_DEB_SDIO);
1122         return 0;
1123 }
1124
1125 static void lbs_sync_channel_worker(struct work_struct *work)
1126 {
1127         struct lbs_private *priv = container_of(work, struct lbs_private,
1128                 sync_channel);
1129
1130         lbs_deb_enter(LBS_DEB_MAIN);
1131         if (lbs_update_channel(priv))
1132                 lbs_pr_info("Channel synchronization failed.");
1133         lbs_deb_leave(LBS_DEB_MAIN);
1134 }
1135
1136
1137 static int lbs_init_adapter(struct lbs_private *priv)
1138 {
1139         size_t bufsize;
1140         int i, ret = 0;
1141
1142         lbs_deb_enter(LBS_DEB_MAIN);
1143
1144         /* Allocate buffer to store the BSSID list */
1145         bufsize = MAX_NETWORK_COUNT * sizeof(struct bss_descriptor);
1146         priv->networks = kzalloc(bufsize, GFP_KERNEL);
1147         if (!priv->networks) {
1148                 lbs_pr_err("Out of memory allocating beacons\n");
1149                 ret = -1;
1150                 goto out;
1151         }
1152
1153         /* Initialize scan result lists */
1154         INIT_LIST_HEAD(&priv->network_free_list);
1155         INIT_LIST_HEAD(&priv->network_list);
1156         for (i = 0; i < MAX_NETWORK_COUNT; i++) {
1157                 list_add_tail(&priv->networks[i].list,
1158                               &priv->network_free_list);
1159         }
1160
1161         memset(priv->current_addr, 0xff, ETH_ALEN);
1162
1163         priv->connect_status = LBS_DISCONNECTED;
1164         priv->mesh_connect_status = LBS_DISCONNECTED;
1165         priv->secinfo.auth_mode = IW_AUTH_ALG_OPEN_SYSTEM;
1166         priv->mode = IW_MODE_INFRA;
1167         priv->curbssparams.channel = DEFAULT_AD_HOC_CHANNEL;
1168         priv->mac_control = CMD_ACT_MAC_RX_ON | CMD_ACT_MAC_TX_ON;
1169         priv->radio_on = 1;
1170         priv->enablehwauto = 1;
1171         priv->capability = WLAN_CAPABILITY_SHORT_PREAMBLE;
1172         priv->psmode = LBS802_11POWERMODECAM;
1173         priv->psstate = PS_STATE_FULL_POWER;
1174         priv->is_deep_sleep = 0;
1175         priv->is_auto_deep_sleep_enabled = 0;
1176         priv->wakeup_dev_required = 0;
1177         init_waitqueue_head(&priv->ds_awake_q);
1178
1179         mutex_init(&priv->lock);
1180
1181         setup_timer(&priv->command_timer, command_timer_fn,
1182                 (unsigned long)priv);
1183         setup_timer(&priv->auto_deepsleep_timer, auto_deepsleep_timer_fn,
1184                         (unsigned long)priv);
1185
1186         INIT_LIST_HEAD(&priv->cmdfreeq);
1187         INIT_LIST_HEAD(&priv->cmdpendingq);
1188
1189         spin_lock_init(&priv->driver_lock);
1190         init_waitqueue_head(&priv->cmd_pending);
1191
1192         /* Allocate the command buffers */
1193         if (lbs_allocate_cmd_buffer(priv)) {
1194                 lbs_pr_err("Out of memory allocating command buffers\n");
1195                 ret = -ENOMEM;
1196                 goto out;
1197         }
1198         priv->resp_idx = 0;
1199         priv->resp_len[0] = priv->resp_len[1] = 0;
1200
1201         /* Create the event FIFO */
1202         priv->event_fifo = kfifo_alloc(sizeof(u32) * 16, GFP_KERNEL, NULL);
1203         if (IS_ERR(priv->event_fifo)) {
1204                 lbs_pr_err("Out of memory allocating event FIFO buffer\n");
1205                 ret = -ENOMEM;
1206                 goto out;
1207         }
1208
1209 out:
1210         lbs_deb_leave_args(LBS_DEB_MAIN, "ret %d", ret);
1211
1212         return ret;
1213 }
1214
1215 static void lbs_free_adapter(struct lbs_private *priv)
1216 {
1217         lbs_deb_enter(LBS_DEB_MAIN);
1218
1219         lbs_free_cmd_buffer(priv);
1220         if (priv->event_fifo)
1221                 kfifo_free(priv->event_fifo);
1222         del_timer(&priv->command_timer);
1223         del_timer(&priv->auto_deepsleep_timer);
1224         kfree(priv->networks);
1225         priv->networks = NULL;
1226
1227         lbs_deb_leave(LBS_DEB_MAIN);
1228 }
1229
1230 static const struct net_device_ops lbs_netdev_ops = {
1231         .ndo_open               = lbs_dev_open,
1232         .ndo_stop               = lbs_eth_stop,
1233         .ndo_start_xmit         = lbs_hard_start_xmit,
1234         .ndo_set_mac_address    = lbs_set_mac_address,
1235         .ndo_tx_timeout         = lbs_tx_timeout,
1236         .ndo_set_multicast_list = lbs_set_multicast_list,
1237         .ndo_change_mtu         = eth_change_mtu,
1238         .ndo_validate_addr      = eth_validate_addr,
1239 };
1240
1241 /**
1242  * @brief This function adds the card. it will probe the
1243  * card, allocate the lbs_priv and initialize the device.
1244  *
1245  *  @param card    A pointer to card
1246  *  @return        A pointer to struct lbs_private structure
1247  */
1248 struct lbs_private *lbs_add_card(void *card, struct device *dmdev)
1249 {
1250         struct net_device *dev;
1251         struct wireless_dev *wdev;
1252         struct lbs_private *priv = NULL;
1253
1254         lbs_deb_enter(LBS_DEB_MAIN);
1255
1256         /* Allocate an Ethernet device and register it */
1257         wdev = lbs_cfg_alloc(dmdev);
1258         if (IS_ERR(wdev)) {
1259                 lbs_pr_err("cfg80211 init failed\n");
1260                 goto done;
1261         }
1262         /* TODO? */
1263         wdev->iftype = NL80211_IFTYPE_STATION;
1264         priv = wdev_priv(wdev);
1265         priv->wdev = wdev;
1266
1267         if (lbs_init_adapter(priv)) {
1268                 lbs_pr_err("failed to initialize adapter structure.\n");
1269                 goto err_wdev;
1270         }
1271
1272         //TODO? dev = alloc_netdev_mq(0, "wlan%d", ether_setup, IWM_TX_QUEUES);
1273         dev = alloc_netdev(0, "wlan%d", ether_setup);
1274         if (!dev) {
1275                 dev_err(dmdev, "no memory for network device instance\n");
1276                 goto err_adapter;
1277         }
1278
1279         dev->netdev_ops = &lbs_netdev_ops;
1280         dev->ieee80211_ptr = wdev;
1281         dev->ml_priv = priv;
1282         SET_NETDEV_DEV(dev, dmdev);
1283         wdev->netdev = dev;
1284         priv->dev = dev;
1285
1286         dev->netdev_ops = &lbs_netdev_ops;
1287         dev->watchdog_timeo = 5 * HZ;
1288         dev->ethtool_ops = &lbs_ethtool_ops;
1289 #ifdef  WIRELESS_EXT
1290         dev->wireless_handlers = &lbs_handler_def;
1291 #endif
1292         dev->flags |= IFF_BROADCAST | IFF_MULTICAST;
1293
1294
1295         // TODO: kzalloc + iwm_init_default_profile(iwm, iwm->umac_profile); ??
1296
1297
1298         priv->card = card;
1299         priv->mesh_open = 0;
1300         priv->infra_open = 0;
1301
1302
1303         priv->rtap_net_dev = NULL;
1304         strcpy(dev->name, "wlan%d");
1305
1306         lbs_deb_thread("Starting main thread...\n");
1307         init_waitqueue_head(&priv->waitq);
1308         priv->main_thread = kthread_run(lbs_thread, dev, "lbs_main");
1309         if (IS_ERR(priv->main_thread)) {
1310                 lbs_deb_thread("Error creating main thread.\n");
1311                 goto err_ndev;
1312         }
1313
1314         priv->work_thread = create_singlethread_workqueue("lbs_worker");
1315         INIT_DELAYED_WORK(&priv->assoc_work, lbs_association_worker);
1316         INIT_DELAYED_WORK(&priv->scan_work, lbs_scan_worker);
1317         INIT_WORK(&priv->mcast_work, lbs_set_mcast_worker);
1318         INIT_WORK(&priv->sync_channel, lbs_sync_channel_worker);
1319
1320         sprintf(priv->mesh_ssid, "mesh");
1321         priv->mesh_ssid_len = 4;
1322
1323         priv->wol_criteria = 0xffffffff;
1324         priv->wol_gpio = 0xff;
1325
1326         goto done;
1327
1328  err_ndev:
1329         free_netdev(dev);
1330
1331  err_adapter:
1332         lbs_free_adapter(priv);
1333
1334  err_wdev:
1335         lbs_cfg_free(priv);
1336
1337         priv = NULL;
1338
1339 done:
1340         lbs_deb_leave_args(LBS_DEB_MAIN, "priv %p", priv);
1341         return priv;
1342 }
1343 EXPORT_SYMBOL_GPL(lbs_add_card);
1344
1345
1346 void lbs_remove_card(struct lbs_private *priv)
1347 {
1348         struct net_device *dev = priv->dev;
1349         union iwreq_data wrqu;
1350
1351         lbs_deb_enter(LBS_DEB_MAIN);
1352
1353         lbs_remove_mesh(priv);
1354         lbs_remove_rtap(priv);
1355
1356         dev = priv->dev;
1357
1358         cancel_delayed_work_sync(&priv->scan_work);
1359         cancel_delayed_work_sync(&priv->assoc_work);
1360         cancel_work_sync(&priv->mcast_work);
1361
1362         /* worker thread destruction blocks on the in-flight command which
1363          * should have been cleared already in lbs_stop_card().
1364          */
1365         lbs_deb_main("destroying worker thread\n");
1366         destroy_workqueue(priv->work_thread);
1367         lbs_deb_main("done destroying worker thread\n");
1368
1369         if (priv->psmode == LBS802_11POWERMODEMAX_PSP) {
1370                 priv->psmode = LBS802_11POWERMODECAM;
1371                 lbs_ps_wakeup(priv, CMD_OPTION_WAITFORRSP);
1372         }
1373
1374         memset(wrqu.ap_addr.sa_data, 0xaa, ETH_ALEN);
1375         wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1376         wireless_send_event(priv->dev, SIOCGIWAP, &wrqu, NULL);
1377
1378         if (priv->is_deep_sleep) {
1379                 priv->is_deep_sleep = 0;
1380                 wake_up_interruptible(&priv->ds_awake_q);
1381         }
1382
1383         /* Stop the thread servicing the interrupts */
1384         priv->surpriseremoved = 1;
1385         kthread_stop(priv->main_thread);
1386
1387         lbs_free_adapter(priv);
1388         lbs_cfg_free(priv);
1389
1390         priv->dev = NULL;
1391         free_netdev(dev);
1392
1393         lbs_deb_leave(LBS_DEB_MAIN);
1394 }
1395 EXPORT_SYMBOL_GPL(lbs_remove_card);
1396
1397
1398 int lbs_start_card(struct lbs_private *priv)
1399 {
1400         struct net_device *dev = priv->dev;
1401         int ret = -1;
1402
1403         lbs_deb_enter(LBS_DEB_MAIN);
1404
1405         /* poke the firmware */
1406         ret = lbs_setup_firmware(priv);
1407         if (ret)
1408                 goto done;
1409
1410         /* init 802.11d */
1411         lbs_init_11d(priv);
1412
1413         if (lbs_cfg_register(priv)) {
1414                 lbs_pr_err("cannot register device\n");
1415                 goto done;
1416         }
1417
1418         lbs_update_channel(priv);
1419
1420         /* Check mesh FW version and appropriately send the mesh start
1421          * command
1422          */
1423         if (priv->mesh_fw_ver == MESH_FW_OLD) {
1424                 /* Enable mesh, if supported, and work out which TLV it uses.
1425                    0x100 + 291 is an unofficial value used in 5.110.20.pXX
1426                    0x100 + 37 is the official value used in 5.110.21.pXX
1427                    but we check them in that order because 20.pXX doesn't
1428                    give an error -- it just silently fails. */
1429
1430                 /* 5.110.20.pXX firmware will fail the command if the channel
1431                    doesn't match the existing channel. But only if the TLV
1432                    is correct. If the channel is wrong, _BOTH_ versions will
1433                    give an error to 0x100+291, and allow 0x100+37 to succeed.
1434                    It's just that 5.110.20.pXX will not have done anything
1435                    useful */
1436
1437                 priv->mesh_tlv = TLV_TYPE_OLD_MESH_ID;
1438                 if (lbs_mesh_config(priv, CMD_ACT_MESH_CONFIG_START,
1439                                     priv->curbssparams.channel)) {
1440                         priv->mesh_tlv = TLV_TYPE_MESH_ID;
1441                         if (lbs_mesh_config(priv, CMD_ACT_MESH_CONFIG_START,
1442                                             priv->curbssparams.channel))
1443                                 priv->mesh_tlv = 0;
1444                 }
1445         } else if (priv->mesh_fw_ver == MESH_FW_NEW) {
1446                 /* 10.0.0.pXX new firmwares should succeed with TLV
1447                  * 0x100+37; Do not invoke command with old TLV.
1448                  */
1449                 priv->mesh_tlv = TLV_TYPE_MESH_ID;
1450                 if (lbs_mesh_config(priv, CMD_ACT_MESH_CONFIG_START,
1451                                     priv->curbssparams.channel))
1452                         priv->mesh_tlv = 0;
1453         }
1454         if (priv->mesh_tlv) {
1455                 lbs_add_mesh(priv);
1456
1457                 if (device_create_file(&dev->dev, &dev_attr_lbs_mesh))
1458                         lbs_pr_err("cannot register lbs_mesh attribute\n");
1459
1460                 /* While rtap isn't related to mesh, only mesh-enabled
1461                  * firmware implements the rtap functionality via
1462                  * CMD_802_11_MONITOR_MODE.
1463                  */
1464                 if (device_create_file(&dev->dev, &dev_attr_lbs_rtap))
1465                         lbs_pr_err("cannot register lbs_rtap attribute\n");
1466         }
1467
1468         lbs_debugfs_init_one(priv, dev);
1469
1470         lbs_pr_info("%s: Marvell WLAN 802.11 adapter\n", dev->name);
1471
1472         ret = 0;
1473
1474 done:
1475         lbs_deb_leave_args(LBS_DEB_MAIN, "ret %d", ret);
1476         return ret;
1477 }
1478 EXPORT_SYMBOL_GPL(lbs_start_card);
1479
1480
1481 void lbs_stop_card(struct lbs_private *priv)
1482 {
1483         struct net_device *dev;
1484         struct cmd_ctrl_node *cmdnode;
1485         unsigned long flags;
1486
1487         lbs_deb_enter(LBS_DEB_MAIN);
1488
1489         if (!priv)
1490                 goto out;
1491         dev = priv->dev;
1492
1493         netif_stop_queue(dev);
1494         netif_carrier_off(dev);
1495
1496         lbs_debugfs_remove_one(priv);
1497         if (priv->mesh_tlv) {
1498                 device_remove_file(&dev->dev, &dev_attr_lbs_mesh);
1499                 device_remove_file(&dev->dev, &dev_attr_lbs_rtap);
1500         }
1501
1502         /* Delete the timeout of the currently processing command */
1503         del_timer_sync(&priv->command_timer);
1504         del_timer_sync(&priv->auto_deepsleep_timer);
1505
1506         /* Flush pending command nodes */
1507         spin_lock_irqsave(&priv->driver_lock, flags);
1508         lbs_deb_main("clearing pending commands\n");
1509         list_for_each_entry(cmdnode, &priv->cmdpendingq, list) {
1510                 cmdnode->result = -ENOENT;
1511                 cmdnode->cmdwaitqwoken = 1;
1512                 wake_up_interruptible(&cmdnode->cmdwait_q);
1513         }
1514
1515         /* Flush the command the card is currently processing */
1516         if (priv->cur_cmd) {
1517                 lbs_deb_main("clearing current command\n");
1518                 priv->cur_cmd->result = -ENOENT;
1519                 priv->cur_cmd->cmdwaitqwoken = 1;
1520                 wake_up_interruptible(&priv->cur_cmd->cmdwait_q);
1521         }
1522         lbs_deb_main("done clearing commands\n");
1523         spin_unlock_irqrestore(&priv->driver_lock, flags);
1524
1525         unregister_netdev(dev);
1526
1527 out:
1528         lbs_deb_leave(LBS_DEB_MAIN);
1529 }
1530 EXPORT_SYMBOL_GPL(lbs_stop_card);
1531
1532
1533 static const struct net_device_ops mesh_netdev_ops = {
1534         .ndo_open               = lbs_dev_open,
1535         .ndo_stop               = lbs_mesh_stop,
1536         .ndo_start_xmit         = lbs_hard_start_xmit,
1537         .ndo_set_mac_address    = lbs_set_mac_address,
1538         .ndo_set_multicast_list = lbs_set_multicast_list,
1539 };
1540
1541 /**
1542  * @brief This function adds mshX interface
1543  *
1544  *  @param priv    A pointer to the struct lbs_private structure
1545  *  @return        0 if successful, -X otherwise
1546  */
1547 static int lbs_add_mesh(struct lbs_private *priv)
1548 {
1549         struct net_device *mesh_dev = NULL;
1550         int ret = 0;
1551
1552         lbs_deb_enter(LBS_DEB_MESH);
1553
1554         /* Allocate a virtual mesh device */
1555         if (!(mesh_dev = alloc_netdev(0, "msh%d", ether_setup))) {
1556                 lbs_deb_mesh("init mshX device failed\n");
1557                 ret = -ENOMEM;
1558                 goto done;
1559         }
1560         mesh_dev->ml_priv = priv;
1561         priv->mesh_dev = mesh_dev;
1562
1563         mesh_dev->netdev_ops = &mesh_netdev_ops;
1564         mesh_dev->ethtool_ops = &lbs_ethtool_ops;
1565         memcpy(mesh_dev->dev_addr, priv->dev->dev_addr,
1566                         sizeof(priv->dev->dev_addr));
1567
1568         SET_NETDEV_DEV(priv->mesh_dev, priv->dev->dev.parent);
1569
1570 #ifdef  WIRELESS_EXT
1571         mesh_dev->wireless_handlers = (struct iw_handler_def *)&mesh_handler_def;
1572 #endif
1573         mesh_dev->flags |= IFF_BROADCAST | IFF_MULTICAST;
1574         /* Register virtual mesh interface */
1575         ret = register_netdev(mesh_dev);
1576         if (ret) {
1577                 lbs_pr_err("cannot register mshX virtual interface\n");
1578                 goto err_free;
1579         }
1580
1581         ret = sysfs_create_group(&(mesh_dev->dev.kobj), &lbs_mesh_attr_group);
1582         if (ret)
1583                 goto err_unregister;
1584
1585         lbs_persist_config_init(mesh_dev);
1586
1587         /* Everything successful */
1588         ret = 0;
1589         goto done;
1590
1591 err_unregister:
1592         unregister_netdev(mesh_dev);
1593
1594 err_free:
1595         free_netdev(mesh_dev);
1596
1597 done:
1598         lbs_deb_leave_args(LBS_DEB_MESH, "ret %d", ret);
1599         return ret;
1600 }
1601
1602 static void lbs_remove_mesh(struct lbs_private *priv)
1603 {
1604         struct net_device *mesh_dev;
1605
1606
1607         mesh_dev = priv->mesh_dev;
1608         if (!mesh_dev)
1609                 return;
1610
1611         lbs_deb_enter(LBS_DEB_MESH);
1612         netif_stop_queue(mesh_dev);
1613         netif_carrier_off(mesh_dev);
1614         sysfs_remove_group(&(mesh_dev->dev.kobj), &lbs_mesh_attr_group);
1615         lbs_persist_config_remove(mesh_dev);
1616         unregister_netdev(mesh_dev);
1617         priv->mesh_dev = NULL;
1618         free_netdev(mesh_dev);
1619         lbs_deb_leave(LBS_DEB_MESH);
1620 }
1621
1622 /**
1623  *  @brief This function finds the CFP in
1624  *  region_cfp_table based on region and band parameter.
1625  *
1626  *  @param region  The region code
1627  *  @param band    The band
1628  *  @param cfp_no  A pointer to CFP number
1629  *  @return        A pointer to CFP
1630  */
1631 struct chan_freq_power *lbs_get_region_cfp_table(u8 region, int *cfp_no)
1632 {
1633         int i, end;
1634
1635         lbs_deb_enter(LBS_DEB_MAIN);
1636
1637         end = ARRAY_SIZE(region_cfp_table);
1638
1639         for (i = 0; i < end ; i++) {
1640                 lbs_deb_main("region_cfp_table[i].region=%d\n",
1641                         region_cfp_table[i].region);
1642                 if (region_cfp_table[i].region == region) {
1643                         *cfp_no = region_cfp_table[i].cfp_no_BG;
1644                         lbs_deb_leave(LBS_DEB_MAIN);
1645                         return region_cfp_table[i].cfp_BG;
1646                 }
1647         }
1648
1649         lbs_deb_leave_args(LBS_DEB_MAIN, "ret NULL");
1650         return NULL;
1651 }
1652
1653 int lbs_set_regiontable(struct lbs_private *priv, u8 region, u8 band)
1654 {
1655         int ret = 0;
1656         int i = 0;
1657
1658         struct chan_freq_power *cfp;
1659         int cfp_no;
1660
1661         lbs_deb_enter(LBS_DEB_MAIN);
1662
1663         memset(priv->region_channel, 0, sizeof(priv->region_channel));
1664
1665         cfp = lbs_get_region_cfp_table(region, &cfp_no);
1666         if (cfp != NULL) {
1667                 priv->region_channel[i].nrcfp = cfp_no;
1668                 priv->region_channel[i].CFP = cfp;
1669         } else {
1670                 lbs_deb_main("wrong region code %#x in band B/G\n",
1671                        region);
1672                 ret = -1;
1673                 goto out;
1674         }
1675         priv->region_channel[i].valid = 1;
1676         priv->region_channel[i].region = region;
1677         priv->region_channel[i].band = band;
1678         i++;
1679 out:
1680         lbs_deb_leave_args(LBS_DEB_MAIN, "ret %d", ret);
1681         return ret;
1682 }
1683
1684 void lbs_queue_event(struct lbs_private *priv, u32 event)
1685 {
1686         unsigned long flags;
1687
1688         lbs_deb_enter(LBS_DEB_THREAD);
1689         spin_lock_irqsave(&priv->driver_lock, flags);
1690
1691         if (priv->psstate == PS_STATE_SLEEP)
1692                 priv->psstate = PS_STATE_AWAKE;
1693
1694         __kfifo_put(priv->event_fifo, (unsigned char *) &event, sizeof(u32));
1695
1696         wake_up_interruptible(&priv->waitq);
1697
1698         spin_unlock_irqrestore(&priv->driver_lock, flags);
1699         lbs_deb_leave(LBS_DEB_THREAD);
1700 }
1701 EXPORT_SYMBOL_GPL(lbs_queue_event);
1702
1703 void lbs_notify_command_response(struct lbs_private *priv, u8 resp_idx)
1704 {
1705         lbs_deb_enter(LBS_DEB_THREAD);
1706
1707         if (priv->psstate == PS_STATE_SLEEP)
1708                 priv->psstate = PS_STATE_AWAKE;
1709
1710         /* Swap buffers by flipping the response index */
1711         BUG_ON(resp_idx > 1);
1712         priv->resp_idx = resp_idx;
1713
1714         wake_up_interruptible(&priv->waitq);
1715
1716         lbs_deb_leave(LBS_DEB_THREAD);
1717 }
1718 EXPORT_SYMBOL_GPL(lbs_notify_command_response);
1719
1720 static int __init lbs_init_module(void)
1721 {
1722         lbs_deb_enter(LBS_DEB_MAIN);
1723         memset(&confirm_sleep, 0, sizeof(confirm_sleep));
1724         confirm_sleep.hdr.command = cpu_to_le16(CMD_802_11_PS_MODE);
1725         confirm_sleep.hdr.size = cpu_to_le16(sizeof(confirm_sleep));
1726         confirm_sleep.action = cpu_to_le16(CMD_SUBCMD_SLEEP_CONFIRMED);
1727         lbs_debugfs_init();
1728         lbs_deb_leave(LBS_DEB_MAIN);
1729         return 0;
1730 }
1731
1732 static void __exit lbs_exit_module(void)
1733 {
1734         lbs_deb_enter(LBS_DEB_MAIN);
1735         lbs_debugfs_remove();
1736         lbs_deb_leave(LBS_DEB_MAIN);
1737 }
1738
1739 /*
1740  * rtap interface support fuctions
1741  */
1742
1743 static int lbs_rtap_open(struct net_device *dev)
1744 {
1745         /* Yes, _stop_ the queue. Because we don't support injection */
1746         lbs_deb_enter(LBS_DEB_MAIN);
1747         netif_carrier_off(dev);
1748         netif_stop_queue(dev);
1749         lbs_deb_leave(LBS_DEB_LEAVE);
1750         return 0;
1751 }
1752
1753 static int lbs_rtap_stop(struct net_device *dev)
1754 {
1755         lbs_deb_enter(LBS_DEB_MAIN);
1756         lbs_deb_leave(LBS_DEB_MAIN);
1757         return 0;
1758 }
1759
1760 static netdev_tx_t lbs_rtap_hard_start_xmit(struct sk_buff *skb,
1761                                             struct net_device *dev)
1762 {
1763         netif_stop_queue(dev);
1764         return NETDEV_TX_BUSY;
1765 }
1766
1767 static void lbs_remove_rtap(struct lbs_private *priv)
1768 {
1769         lbs_deb_enter(LBS_DEB_MAIN);
1770         if (priv->rtap_net_dev == NULL)
1771                 goto out;
1772         unregister_netdev(priv->rtap_net_dev);
1773         free_netdev(priv->rtap_net_dev);
1774         priv->rtap_net_dev = NULL;
1775 out:
1776         lbs_deb_leave(LBS_DEB_MAIN);
1777 }
1778
1779 static const struct net_device_ops rtap_netdev_ops = {
1780         .ndo_open = lbs_rtap_open,
1781         .ndo_stop = lbs_rtap_stop,
1782         .ndo_start_xmit = lbs_rtap_hard_start_xmit,
1783 };
1784
1785 static int lbs_add_rtap(struct lbs_private *priv)
1786 {
1787         int ret = 0;
1788         struct net_device *rtap_dev;
1789
1790         lbs_deb_enter(LBS_DEB_MAIN);
1791         if (priv->rtap_net_dev) {
1792                 ret = -EPERM;
1793                 goto out;
1794         }
1795
1796         rtap_dev = alloc_netdev(0, "rtap%d", ether_setup);
1797         if (rtap_dev == NULL) {
1798                 ret = -ENOMEM;
1799                 goto out;
1800         }
1801
1802         memcpy(rtap_dev->dev_addr, priv->current_addr, ETH_ALEN);
1803         rtap_dev->type = ARPHRD_IEEE80211_RADIOTAP;
1804         rtap_dev->netdev_ops = &rtap_netdev_ops;
1805         rtap_dev->ml_priv = priv;
1806         SET_NETDEV_DEV(rtap_dev, priv->dev->dev.parent);
1807
1808         ret = register_netdev(rtap_dev);
1809         if (ret) {
1810                 free_netdev(rtap_dev);
1811                 goto out;
1812         }
1813         priv->rtap_net_dev = rtap_dev;
1814
1815 out:
1816         lbs_deb_leave_args(LBS_DEB_MAIN, "ret %d", ret);
1817         return ret;
1818 }
1819
1820 module_init(lbs_init_module);
1821 module_exit(lbs_exit_module);
1822
1823 MODULE_DESCRIPTION("Libertas WLAN Driver Library");
1824 MODULE_AUTHOR("Marvell International Ltd.");
1825 MODULE_LICENSE("GPL");