1 /******************************************************************************
3 * Copyright(c) 2003 - 2007 Intel Corporation. All rights reserved.
5 * Portions of this file are derived from the ipw3945 project, as well
6 * as portions of the ieee80211 subsystem header files.
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of version 2 of the GNU General Public License as
10 * published by the Free Software Foundation.
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
17 * You should have received a copy of the GNU General Public License along with
18 * this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
21 * The full GNU General Public License is included in this distribution in the
22 * file called LICENSE.
24 * Contact Information:
25 * James P. Ketrenos <ipw2100-admin@linux.intel.com>
26 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
28 *****************************************************************************/
30 #include <linux/kernel.h>
31 #include <linux/module.h>
32 #include <linux/version.h>
33 #include <linux/init.h>
34 #include <linux/pci.h>
35 #include <linux/dma-mapping.h>
36 #include <linux/delay.h>
37 #include <linux/skbuff.h>
38 #include <linux/netdevice.h>
39 #include <linux/wireless.h>
40 #include <linux/firmware.h>
41 #include <linux/etherdevice.h>
42 #include <linux/if_arp.h>
44 #include <net/ieee80211_radiotap.h>
45 #include <net/mac80211.h>
47 #include <asm/div64.h>
50 #include "iwl-helpers.h"
52 #ifdef CONFIG_IWL4965_DEBUG
53 u32 iwl4965_debug_level;
56 static int iwl4965_tx_queue_update_write_ptr(struct iwl4965_priv *priv,
57 struct iwl4965_tx_queue *txq);
59 /******************************************************************************
63 ******************************************************************************/
65 /* module parameters */
66 static int iwl4965_param_disable_hw_scan;
67 static int iwl4965_param_debug;
68 static int iwl4965_param_disable; /* def: enable radio */
69 static int iwl4965_param_antenna; /* def: 0 = both antennas (use diversity) */
70 int iwl4965_param_hwcrypto; /* def: using software encryption */
71 static int iwl4965_param_qos_enable = 1;
72 int iwl4965_param_queues_num = IWL_MAX_NUM_QUEUES;
75 * module name, copyright, version, etc.
76 * NOTE: DRV_NAME is defined in iwlwifi.h for use by iwl-debug.h and printk
79 #define DRV_DESCRIPTION "Intel(R) Wireless WiFi Link 4965AGN driver for Linux"
81 #ifdef CONFIG_IWL4965_DEBUG
87 #ifdef CONFIG_IWL4965_SPECTRUM_MEASUREMENT
93 #define IWLWIFI_VERSION "1.1.19k" VD VS
94 #define DRV_COPYRIGHT "Copyright(c) 2003-2007 Intel Corporation"
95 #define DRV_VERSION IWLWIFI_VERSION
97 /* Change firmware file name, using "-" and incrementing number,
98 * *only* when uCode interface or architecture changes so that it
99 * is not compatible with earlier drivers.
100 * This number will also appear in << 8 position of 1st dword of uCode file */
101 #define IWL4965_UCODE_API "-1"
103 MODULE_DESCRIPTION(DRV_DESCRIPTION);
104 MODULE_VERSION(DRV_VERSION);
105 MODULE_AUTHOR(DRV_COPYRIGHT);
106 MODULE_LICENSE("GPL");
108 __le16 *ieee80211_get_qos_ctrl(struct ieee80211_hdr *hdr)
110 u16 fc = le16_to_cpu(hdr->frame_control);
111 int hdr_len = ieee80211_get_hdrlen(fc);
113 if ((fc & 0x00cc) == (IEEE80211_STYPE_QOS_DATA | IEEE80211_FTYPE_DATA))
114 return (__le16 *) ((u8 *) hdr + hdr_len - QOS_CONTROL_LEN);
118 static const struct ieee80211_hw_mode *iwl4965_get_hw_mode(
119 struct iwl4965_priv *priv, int mode)
123 for (i = 0; i < 3; i++)
124 if (priv->modes[i].mode == mode)
125 return &priv->modes[i];
130 static int iwl4965_is_empty_essid(const char *essid, int essid_len)
132 /* Single white space is for Linksys APs */
133 if (essid_len == 1 && essid[0] == ' ')
136 /* Otherwise, if the entire essid is 0, we assume it is hidden */
139 if (essid[essid_len] != '\0')
146 static const char *iwl4965_escape_essid(const char *essid, u8 essid_len)
148 static char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
149 const char *s = essid;
152 if (iwl4965_is_empty_essid(essid, essid_len)) {
153 memcpy(escaped, "<hidden>", sizeof("<hidden>"));
157 essid_len = min(essid_len, (u8) IW_ESSID_MAX_SIZE);
158 while (essid_len--) {
170 static void iwl4965_print_hex_dump(int level, void *p, u32 len)
172 #ifdef CONFIG_IWL4965_DEBUG
173 if (!(iwl4965_debug_level & level))
176 print_hex_dump(KERN_DEBUG, "iwl data: ", DUMP_PREFIX_OFFSET, 16, 1,
181 /*************** DMA-QUEUE-GENERAL-FUNCTIONS *****
184 * Theory of operation
186 * A queue is a circular buffers with 'Read' and 'Write' pointers.
187 * 2 empty entries always kept in the buffer to protect from overflow.
189 * For Tx queue, there are low mark and high mark limits. If, after queuing
190 * the packet for Tx, free space become < low mark, Tx queue stopped. When
191 * reclaiming packets (on 'tx done IRQ), if free space become > high mark,
194 * The IWL operates with six queues, one receive queue in the device's
195 * sram, one transmit queue for sending commands to the device firmware,
196 * and four transmit queues for data.
197 ***************************************************/
199 static int iwl4965_queue_space(const struct iwl4965_queue *q)
201 int s = q->read_ptr - q->write_ptr;
203 if (q->read_ptr > q->write_ptr)
208 /* keep some reserve to not confuse empty and full situations */
215 /* XXX: n_bd must be power-of-two size */
216 static inline int iwl4965_queue_inc_wrap(int index, int n_bd)
218 return ++index & (n_bd - 1);
221 /* XXX: n_bd must be power-of-two size */
222 static inline int iwl4965_queue_dec_wrap(int index, int n_bd)
224 return --index & (n_bd - 1);
227 static inline int x2_queue_used(const struct iwl4965_queue *q, int i)
229 return q->write_ptr > q->read_ptr ?
230 (i >= q->read_ptr && i < q->write_ptr) :
231 !(i < q->read_ptr && i >= q->write_ptr);
234 static inline u8 get_cmd_index(struct iwl4965_queue *q, u32 index, int is_huge)
239 return index & (q->n_window - 1);
242 static int iwl4965_queue_init(struct iwl4965_priv *priv, struct iwl4965_queue *q,
243 int count, int slots_num, u32 id)
246 q->n_window = slots_num;
249 /* count must be power-of-two size, otherwise iwl4965_queue_inc_wrap
250 * and iwl4965_queue_dec_wrap are broken. */
251 BUG_ON(!is_power_of_2(count));
253 /* slots_num must be power-of-two size, otherwise
254 * get_cmd_index is broken. */
255 BUG_ON(!is_power_of_2(slots_num));
257 q->low_mark = q->n_window / 4;
261 q->high_mark = q->n_window / 8;
262 if (q->high_mark < 2)
265 q->write_ptr = q->read_ptr = 0;
270 static int iwl4965_tx_queue_alloc(struct iwl4965_priv *priv,
271 struct iwl4965_tx_queue *txq, u32 id)
273 struct pci_dev *dev = priv->pci_dev;
275 if (id != IWL_CMD_QUEUE_NUM) {
276 txq->txb = kmalloc(sizeof(txq->txb[0]) *
277 TFD_QUEUE_SIZE_MAX, GFP_KERNEL);
279 IWL_ERROR("kmalloc for auxiliary BD "
280 "structures failed\n");
286 txq->bd = pci_alloc_consistent(dev,
287 sizeof(txq->bd[0]) * TFD_QUEUE_SIZE_MAX,
291 IWL_ERROR("pci_alloc_consistent(%zd) failed\n",
292 sizeof(txq->bd[0]) * TFD_QUEUE_SIZE_MAX);
308 int iwl4965_tx_queue_init(struct iwl4965_priv *priv,
309 struct iwl4965_tx_queue *txq, int slots_num, u32 txq_id)
311 struct pci_dev *dev = priv->pci_dev;
315 /* allocate command space + one big command for scan since scan
316 * command is very huge the system will not have two scan at the
318 len = sizeof(struct iwl4965_cmd) * slots_num;
319 if (txq_id == IWL_CMD_QUEUE_NUM)
320 len += IWL_MAX_SCAN_SIZE;
321 txq->cmd = pci_alloc_consistent(dev, len, &txq->dma_addr_cmd);
325 rc = iwl4965_tx_queue_alloc(priv, txq, txq_id);
327 pci_free_consistent(dev, len, txq->cmd, txq->dma_addr_cmd);
331 txq->need_update = 0;
333 /* TFD_QUEUE_SIZE_MAX must be power-of-two size, otherwise
334 * iwl4965_queue_inc_wrap and iwl4965_queue_dec_wrap are broken. */
335 BUILD_BUG_ON(TFD_QUEUE_SIZE_MAX & (TFD_QUEUE_SIZE_MAX - 1));
336 iwl4965_queue_init(priv, &txq->q, TFD_QUEUE_SIZE_MAX, slots_num, txq_id);
338 iwl4965_hw_tx_queue_init(priv, txq);
344 * iwl4965_tx_queue_free - Deallocate DMA queue.
345 * @txq: Transmit queue to deallocate.
347 * Empty queue by removing and destroying all BD's.
348 * Free all buffers. txq itself is not freed.
351 void iwl4965_tx_queue_free(struct iwl4965_priv *priv, struct iwl4965_tx_queue *txq)
353 struct iwl4965_queue *q = &txq->q;
354 struct pci_dev *dev = priv->pci_dev;
360 /* first, empty all BD's */
361 for (; q->write_ptr != q->read_ptr;
362 q->read_ptr = iwl4965_queue_inc_wrap(q->read_ptr, q->n_bd))
363 iwl4965_hw_txq_free_tfd(priv, txq);
365 len = sizeof(struct iwl4965_cmd) * q->n_window;
366 if (q->id == IWL_CMD_QUEUE_NUM)
367 len += IWL_MAX_SCAN_SIZE;
369 pci_free_consistent(dev, len, txq->cmd, txq->dma_addr_cmd);
371 /* free buffers belonging to queue itself */
373 pci_free_consistent(dev, sizeof(struct iwl4965_tfd_frame) *
374 txq->q.n_bd, txq->bd, txq->q.dma_addr);
381 /* 0 fill whole structure */
382 memset(txq, 0, sizeof(*txq));
385 const u8 iwl4965_broadcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
387 /*************** STATION TABLE MANAGEMENT ****
388 * mac80211 should be examined to determine if sta_info is duplicating
389 * the functionality provided here
392 /**************************************************************/
394 #if 0 /* temporary disable till we add real remove station */
395 static u8 iwl4965_remove_station(struct iwl4965_priv *priv, const u8 *addr, int is_ap)
397 int index = IWL_INVALID_STATION;
401 spin_lock_irqsave(&priv->sta_lock, flags);
405 else if (is_broadcast_ether_addr(addr))
406 index = priv->hw_setting.bcast_sta_id;
408 for (i = IWL_STA_ID; i < priv->hw_setting.max_stations; i++)
409 if (priv->stations[i].used &&
410 !compare_ether_addr(priv->stations[i].sta.sta.addr,
416 if (unlikely(index == IWL_INVALID_STATION))
419 if (priv->stations[index].used) {
420 priv->stations[index].used = 0;
421 priv->num_stations--;
424 BUG_ON(priv->num_stations < 0);
427 spin_unlock_irqrestore(&priv->sta_lock, flags);
432 static void iwl4965_clear_stations_table(struct iwl4965_priv *priv)
436 spin_lock_irqsave(&priv->sta_lock, flags);
438 priv->num_stations = 0;
439 memset(priv->stations, 0, sizeof(priv->stations));
441 spin_unlock_irqrestore(&priv->sta_lock, flags);
444 u8 iwl4965_add_station_flags(struct iwl4965_priv *priv, const u8 *addr, int is_ap, u8 flags)
447 int index = IWL_INVALID_STATION;
448 struct iwl4965_station_entry *station;
449 unsigned long flags_spin;
450 DECLARE_MAC_BUF(mac);
452 spin_lock_irqsave(&priv->sta_lock, flags_spin);
455 else if (is_broadcast_ether_addr(addr))
456 index = priv->hw_setting.bcast_sta_id;
458 for (i = IWL_STA_ID; i < priv->hw_setting.max_stations; i++) {
459 if (!compare_ether_addr(priv->stations[i].sta.sta.addr,
465 if (!priv->stations[i].used &&
466 index == IWL_INVALID_STATION)
471 /* These two conditions have the same outcome, but keep them separate
472 since they have different meanings */
473 if (unlikely(index == IWL_INVALID_STATION)) {
474 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
478 if (priv->stations[index].used &&
479 !compare_ether_addr(priv->stations[index].sta.sta.addr, addr)) {
480 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
485 IWL_DEBUG_ASSOC("Add STA ID %d: %s\n", index, print_mac(mac, addr));
486 station = &priv->stations[index];
488 priv->num_stations++;
490 memset(&station->sta, 0, sizeof(struct iwl4965_addsta_cmd));
491 memcpy(station->sta.sta.addr, addr, ETH_ALEN);
492 station->sta.mode = 0;
493 station->sta.sta.sta_id = index;
494 station->sta.station_flags = 0;
496 #ifdef CONFIG_IWL4965_HT
497 /* BCAST station and IBSS stations do not work in HT mode */
498 if (index != priv->hw_setting.bcast_sta_id &&
499 priv->iw_mode != IEEE80211_IF_TYPE_IBSS)
500 iwl4965_set_ht_add_station(priv, index);
501 #endif /*CONFIG_IWL4965_HT*/
503 spin_unlock_irqrestore(&priv->sta_lock, flags_spin);
504 iwl4965_send_add_station(priv, &station->sta, flags);
509 /*************** DRIVER STATUS FUNCTIONS *****/
511 static inline int iwl4965_is_ready(struct iwl4965_priv *priv)
513 /* The adapter is 'ready' if READY and GEO_CONFIGURED bits are
514 * set but EXIT_PENDING is not */
515 return test_bit(STATUS_READY, &priv->status) &&
516 test_bit(STATUS_GEO_CONFIGURED, &priv->status) &&
517 !test_bit(STATUS_EXIT_PENDING, &priv->status);
520 static inline int iwl4965_is_alive(struct iwl4965_priv *priv)
522 return test_bit(STATUS_ALIVE, &priv->status);
525 static inline int iwl4965_is_init(struct iwl4965_priv *priv)
527 return test_bit(STATUS_INIT, &priv->status);
530 static inline int iwl4965_is_rfkill(struct iwl4965_priv *priv)
532 return test_bit(STATUS_RF_KILL_HW, &priv->status) ||
533 test_bit(STATUS_RF_KILL_SW, &priv->status);
536 static inline int iwl4965_is_ready_rf(struct iwl4965_priv *priv)
539 if (iwl4965_is_rfkill(priv))
542 return iwl4965_is_ready(priv);
545 /*************** HOST COMMAND QUEUE FUNCTIONS *****/
547 #define IWL_CMD(x) case x : return #x
549 static const char *get_cmd_string(u8 cmd)
552 IWL_CMD(REPLY_ALIVE);
553 IWL_CMD(REPLY_ERROR);
555 IWL_CMD(REPLY_RXON_ASSOC);
556 IWL_CMD(REPLY_QOS_PARAM);
557 IWL_CMD(REPLY_RXON_TIMING);
558 IWL_CMD(REPLY_ADD_STA);
559 IWL_CMD(REPLY_REMOVE_STA);
560 IWL_CMD(REPLY_REMOVE_ALL_STA);
562 IWL_CMD(REPLY_RATE_SCALE);
563 IWL_CMD(REPLY_LEDS_CMD);
564 IWL_CMD(REPLY_TX_LINK_QUALITY_CMD);
565 IWL_CMD(RADAR_NOTIFICATION);
566 IWL_CMD(REPLY_QUIET_CMD);
567 IWL_CMD(REPLY_CHANNEL_SWITCH);
568 IWL_CMD(CHANNEL_SWITCH_NOTIFICATION);
569 IWL_CMD(REPLY_SPECTRUM_MEASUREMENT_CMD);
570 IWL_CMD(SPECTRUM_MEASURE_NOTIFICATION);
571 IWL_CMD(POWER_TABLE_CMD);
572 IWL_CMD(PM_SLEEP_NOTIFICATION);
573 IWL_CMD(PM_DEBUG_STATISTIC_NOTIFIC);
574 IWL_CMD(REPLY_SCAN_CMD);
575 IWL_CMD(REPLY_SCAN_ABORT_CMD);
576 IWL_CMD(SCAN_START_NOTIFICATION);
577 IWL_CMD(SCAN_RESULTS_NOTIFICATION);
578 IWL_CMD(SCAN_COMPLETE_NOTIFICATION);
579 IWL_CMD(BEACON_NOTIFICATION);
580 IWL_CMD(REPLY_TX_BEACON);
581 IWL_CMD(WHO_IS_AWAKE_NOTIFICATION);
582 IWL_CMD(QUIET_NOTIFICATION);
583 IWL_CMD(REPLY_TX_PWR_TABLE_CMD);
584 IWL_CMD(MEASURE_ABORT_NOTIFICATION);
585 IWL_CMD(REPLY_BT_CONFIG);
586 IWL_CMD(REPLY_STATISTICS_CMD);
587 IWL_CMD(STATISTICS_NOTIFICATION);
588 IWL_CMD(REPLY_CARD_STATE_CMD);
589 IWL_CMD(CARD_STATE_NOTIFICATION);
590 IWL_CMD(MISSED_BEACONS_NOTIFICATION);
591 IWL_CMD(REPLY_CT_KILL_CONFIG_CMD);
592 IWL_CMD(SENSITIVITY_CMD);
593 IWL_CMD(REPLY_PHY_CALIBRATION_CMD);
594 IWL_CMD(REPLY_RX_PHY_CMD);
595 IWL_CMD(REPLY_RX_MPDU_CMD);
596 IWL_CMD(REPLY_4965_RX);
597 IWL_CMD(REPLY_COMPRESSED_BA);
604 #define HOST_COMPLETE_TIMEOUT (HZ / 2)
607 * iwl4965_enqueue_hcmd - enqueue a uCode command
608 * @priv: device private data point
609 * @cmd: a point to the ucode command structure
611 * The function returns < 0 values to indicate the operation is
612 * failed. On success, it turns the index (> 0) of command in the
615 static int iwl4965_enqueue_hcmd(struct iwl4965_priv *priv, struct iwl4965_host_cmd *cmd)
617 struct iwl4965_tx_queue *txq = &priv->txq[IWL_CMD_QUEUE_NUM];
618 struct iwl4965_queue *q = &txq->q;
619 struct iwl4965_tfd_frame *tfd;
621 struct iwl4965_cmd *out_cmd;
623 u16 fix_size = (u16)(cmd->len + sizeof(out_cmd->hdr));
624 dma_addr_t phys_addr;
628 /* If any of the command structures end up being larger than
629 * the TFD_MAX_PAYLOAD_SIZE, and it sent as a 'small' command then
630 * we will need to increase the size of the TFD entries */
631 BUG_ON((fix_size > TFD_MAX_PAYLOAD_SIZE) &&
632 !(cmd->meta.flags & CMD_SIZE_HUGE));
634 if (iwl4965_queue_space(q) < ((cmd->meta.flags & CMD_ASYNC) ? 2 : 1)) {
635 IWL_ERROR("No space for Tx\n");
639 spin_lock_irqsave(&priv->hcmd_lock, flags);
641 tfd = &txq->bd[q->write_ptr];
642 memset(tfd, 0, sizeof(*tfd));
644 control_flags = (u32 *) tfd;
646 idx = get_cmd_index(q, q->write_ptr, cmd->meta.flags & CMD_SIZE_HUGE);
647 out_cmd = &txq->cmd[idx];
649 out_cmd->hdr.cmd = cmd->id;
650 memcpy(&out_cmd->meta, &cmd->meta, sizeof(cmd->meta));
651 memcpy(&out_cmd->cmd.payload, cmd->data, cmd->len);
653 /* At this point, the out_cmd now has all of the incoming cmd
656 out_cmd->hdr.flags = 0;
657 out_cmd->hdr.sequence = cpu_to_le16(QUEUE_TO_SEQ(IWL_CMD_QUEUE_NUM) |
658 INDEX_TO_SEQ(q->write_ptr));
659 if (out_cmd->meta.flags & CMD_SIZE_HUGE)
660 out_cmd->hdr.sequence |= cpu_to_le16(SEQ_HUGE_FRAME);
662 phys_addr = txq->dma_addr_cmd + sizeof(txq->cmd[0]) * idx +
663 offsetof(struct iwl4965_cmd, hdr);
664 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, phys_addr, fix_size);
666 IWL_DEBUG_HC("Sending command %s (#%x), seq: 0x%04X, "
667 "%d bytes at %d[%d]:%d\n",
668 get_cmd_string(out_cmd->hdr.cmd),
669 out_cmd->hdr.cmd, le16_to_cpu(out_cmd->hdr.sequence),
670 fix_size, q->write_ptr, idx, IWL_CMD_QUEUE_NUM);
672 txq->need_update = 1;
673 ret = iwl4965_tx_queue_update_wr_ptr(priv, txq, 0);
674 q->write_ptr = iwl4965_queue_inc_wrap(q->write_ptr, q->n_bd);
675 iwl4965_tx_queue_update_write_ptr(priv, txq);
677 spin_unlock_irqrestore(&priv->hcmd_lock, flags);
678 return ret ? ret : idx;
681 static int iwl4965_send_cmd_async(struct iwl4965_priv *priv, struct iwl4965_host_cmd *cmd)
685 BUG_ON(!(cmd->meta.flags & CMD_ASYNC));
687 /* An asynchronous command can not expect an SKB to be set. */
688 BUG_ON(cmd->meta.flags & CMD_WANT_SKB);
690 /* An asynchronous command MUST have a callback. */
691 BUG_ON(!cmd->meta.u.callback);
693 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
696 ret = iwl4965_enqueue_hcmd(priv, cmd);
698 IWL_ERROR("Error sending %s: iwl4965_enqueue_hcmd failed: %d\n",
699 get_cmd_string(cmd->id), ret);
705 static int iwl4965_send_cmd_sync(struct iwl4965_priv *priv, struct iwl4965_host_cmd *cmd)
709 static atomic_t entry = ATOMIC_INIT(0); /* reentrance protection */
711 BUG_ON(cmd->meta.flags & CMD_ASYNC);
713 /* A synchronous command can not have a callback set. */
714 BUG_ON(cmd->meta.u.callback != NULL);
716 if (atomic_xchg(&entry, 1)) {
717 IWL_ERROR("Error sending %s: Already sending a host command\n",
718 get_cmd_string(cmd->id));
722 set_bit(STATUS_HCMD_ACTIVE, &priv->status);
724 if (cmd->meta.flags & CMD_WANT_SKB)
725 cmd->meta.source = &cmd->meta;
727 cmd_idx = iwl4965_enqueue_hcmd(priv, cmd);
730 IWL_ERROR("Error sending %s: iwl4965_enqueue_hcmd failed: %d\n",
731 get_cmd_string(cmd->id), ret);
735 ret = wait_event_interruptible_timeout(priv->wait_command_queue,
736 !test_bit(STATUS_HCMD_ACTIVE, &priv->status),
737 HOST_COMPLETE_TIMEOUT);
739 if (test_bit(STATUS_HCMD_ACTIVE, &priv->status)) {
740 IWL_ERROR("Error sending %s: time out after %dms.\n",
741 get_cmd_string(cmd->id),
742 jiffies_to_msecs(HOST_COMPLETE_TIMEOUT));
744 clear_bit(STATUS_HCMD_ACTIVE, &priv->status);
750 if (test_bit(STATUS_RF_KILL_HW, &priv->status)) {
751 IWL_DEBUG_INFO("Command %s aborted: RF KILL Switch\n",
752 get_cmd_string(cmd->id));
756 if (test_bit(STATUS_FW_ERROR, &priv->status)) {
757 IWL_DEBUG_INFO("Command %s failed: FW Error\n",
758 get_cmd_string(cmd->id));
762 if ((cmd->meta.flags & CMD_WANT_SKB) && !cmd->meta.u.skb) {
763 IWL_ERROR("Error: Response NULL in '%s'\n",
764 get_cmd_string(cmd->id));
773 if (cmd->meta.flags & CMD_WANT_SKB) {
774 struct iwl4965_cmd *qcmd;
776 /* Cancel the CMD_WANT_SKB flag for the cmd in the
777 * TX cmd queue. Otherwise in case the cmd comes
778 * in later, it will possibly set an invalid
779 * address (cmd->meta.source). */
780 qcmd = &priv->txq[IWL_CMD_QUEUE_NUM].cmd[cmd_idx];
781 qcmd->meta.flags &= ~CMD_WANT_SKB;
784 if (cmd->meta.u.skb) {
785 dev_kfree_skb_any(cmd->meta.u.skb);
786 cmd->meta.u.skb = NULL;
789 atomic_set(&entry, 0);
793 int iwl4965_send_cmd(struct iwl4965_priv *priv, struct iwl4965_host_cmd *cmd)
795 if (cmd->meta.flags & CMD_ASYNC)
796 return iwl4965_send_cmd_async(priv, cmd);
798 return iwl4965_send_cmd_sync(priv, cmd);
801 int iwl4965_send_cmd_pdu(struct iwl4965_priv *priv, u8 id, u16 len, const void *data)
803 struct iwl4965_host_cmd cmd = {
809 return iwl4965_send_cmd_sync(priv, &cmd);
812 static int __must_check iwl4965_send_cmd_u32(struct iwl4965_priv *priv, u8 id, u32 val)
814 struct iwl4965_host_cmd cmd = {
820 return iwl4965_send_cmd_sync(priv, &cmd);
823 int iwl4965_send_statistics_request(struct iwl4965_priv *priv)
825 return iwl4965_send_cmd_u32(priv, REPLY_STATISTICS_CMD, 0);
829 * iwl4965_rxon_add_station - add station into station table.
831 * there is only one AP station with id= IWL_AP_ID
832 * NOTE: mutex must be held before calling this fnction
834 static int iwl4965_rxon_add_station(struct iwl4965_priv *priv,
835 const u8 *addr, int is_ap)
839 sta_id = iwl4965_add_station_flags(priv, addr, is_ap, 0);
840 iwl4965_add_station(priv, addr, is_ap);
846 * iwl4965_set_rxon_channel - Set the phymode and channel values in staging RXON
847 * @phymode: MODE_IEEE80211A sets to 5.2GHz; all else set to 2.4GHz
848 * @channel: Any channel valid for the requested phymode
850 * In addition to setting the staging RXON, priv->phymode is also set.
852 * NOTE: Does not commit to the hardware; it sets appropriate bit fields
853 * in the staging RXON flag structure based on the phymode
855 static int iwl4965_set_rxon_channel(struct iwl4965_priv *priv, u8 phymode,
858 if (!iwl4965_get_channel_info(priv, phymode, channel)) {
859 IWL_DEBUG_INFO("Could not set channel to %d [%d]\n",
864 if ((le16_to_cpu(priv->staging_rxon.channel) == channel) &&
865 (priv->phymode == phymode))
868 priv->staging_rxon.channel = cpu_to_le16(channel);
869 if (phymode == MODE_IEEE80211A)
870 priv->staging_rxon.flags &= ~RXON_FLG_BAND_24G_MSK;
872 priv->staging_rxon.flags |= RXON_FLG_BAND_24G_MSK;
874 priv->phymode = phymode;
876 IWL_DEBUG_INFO("Staging channel set to %d [%d]\n", channel, phymode);
882 * iwl4965_check_rxon_cmd - validate RXON structure is valid
884 * NOTE: This is really only useful during development and can eventually
885 * be #ifdef'd out once the driver is stable and folks aren't actively
888 static int iwl4965_check_rxon_cmd(struct iwl4965_rxon_cmd *rxon)
893 if (rxon->flags & RXON_FLG_BAND_24G_MSK) {
894 error |= le32_to_cpu(rxon->flags &
895 (RXON_FLG_TGJ_NARROW_BAND_MSK |
896 RXON_FLG_RADAR_DETECT_MSK));
898 IWL_WARNING("check 24G fields %d | %d\n",
901 error |= (rxon->flags & RXON_FLG_SHORT_SLOT_MSK) ?
902 0 : le32_to_cpu(RXON_FLG_SHORT_SLOT_MSK);
904 IWL_WARNING("check 52 fields %d | %d\n",
906 error |= le32_to_cpu(rxon->flags & RXON_FLG_CCK_MSK);
908 IWL_WARNING("check 52 CCK %d | %d\n",
911 error |= (rxon->node_addr[0] | rxon->bssid_addr[0]) & 0x1;
913 IWL_WARNING("check mac addr %d | %d\n", counter++, error);
915 /* make sure basic rates 6Mbps and 1Mbps are supported */
916 error |= (((rxon->ofdm_basic_rates & IWL_RATE_6M_MASK) == 0) &&
917 ((rxon->cck_basic_rates & IWL_RATE_1M_MASK) == 0));
919 IWL_WARNING("check basic rate %d | %d\n", counter++, error);
921 error |= (le16_to_cpu(rxon->assoc_id) > 2007);
923 IWL_WARNING("check assoc id %d | %d\n", counter++, error);
925 error |= ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK))
926 == (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK));
928 IWL_WARNING("check CCK and short slot %d | %d\n",
931 error |= ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_AUTO_DETECT_MSK))
932 == (RXON_FLG_CCK_MSK | RXON_FLG_AUTO_DETECT_MSK));
934 IWL_WARNING("check CCK & auto detect %d | %d\n",
937 error |= ((rxon->flags & (RXON_FLG_AUTO_DETECT_MSK |
938 RXON_FLG_TGG_PROTECT_MSK)) == RXON_FLG_TGG_PROTECT_MSK);
940 IWL_WARNING("check TGG and auto detect %d | %d\n",
944 IWL_WARNING("Tuning to channel %d\n",
945 le16_to_cpu(rxon->channel));
948 IWL_ERROR("Not a valid iwl4965_rxon_assoc_cmd field values\n");
955 * iwl4965_full_rxon_required - check if full RXON (vs RXON_ASSOC) cmd is needed
956 * @priv: staging_rxon is compared to active_rxon
958 * If the RXON structure is changing enough to require a new tune,
959 * or is clearing the RXON_FILTER_ASSOC_MSK, then return 1 to indicate that
960 * a new tune (full RXON command, rather than RXON_ASSOC cmd) is required.
962 static int iwl4965_full_rxon_required(struct iwl4965_priv *priv)
965 /* These items are only settable from the full RXON command */
966 if (!(priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) ||
967 compare_ether_addr(priv->staging_rxon.bssid_addr,
968 priv->active_rxon.bssid_addr) ||
969 compare_ether_addr(priv->staging_rxon.node_addr,
970 priv->active_rxon.node_addr) ||
971 compare_ether_addr(priv->staging_rxon.wlap_bssid_addr,
972 priv->active_rxon.wlap_bssid_addr) ||
973 (priv->staging_rxon.dev_type != priv->active_rxon.dev_type) ||
974 (priv->staging_rxon.channel != priv->active_rxon.channel) ||
975 (priv->staging_rxon.air_propagation !=
976 priv->active_rxon.air_propagation) ||
977 (priv->staging_rxon.ofdm_ht_single_stream_basic_rates !=
978 priv->active_rxon.ofdm_ht_single_stream_basic_rates) ||
979 (priv->staging_rxon.ofdm_ht_dual_stream_basic_rates !=
980 priv->active_rxon.ofdm_ht_dual_stream_basic_rates) ||
981 (priv->staging_rxon.rx_chain != priv->active_rxon.rx_chain) ||
982 (priv->staging_rxon.assoc_id != priv->active_rxon.assoc_id))
985 /* flags, filter_flags, ofdm_basic_rates, and cck_basic_rates can
986 * be updated with the RXON_ASSOC command -- however only some
987 * flag transitions are allowed using RXON_ASSOC */
989 /* Check if we are not switching bands */
990 if ((priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK) !=
991 (priv->active_rxon.flags & RXON_FLG_BAND_24G_MSK))
994 /* Check if we are switching association toggle */
995 if ((priv->staging_rxon.filter_flags & RXON_FILTER_ASSOC_MSK) !=
996 (priv->active_rxon.filter_flags & RXON_FILTER_ASSOC_MSK))
1002 static int iwl4965_send_rxon_assoc(struct iwl4965_priv *priv)
1005 struct iwl4965_rx_packet *res = NULL;
1006 struct iwl4965_rxon_assoc_cmd rxon_assoc;
1007 struct iwl4965_host_cmd cmd = {
1008 .id = REPLY_RXON_ASSOC,
1009 .len = sizeof(rxon_assoc),
1010 .meta.flags = CMD_WANT_SKB,
1011 .data = &rxon_assoc,
1013 const struct iwl4965_rxon_cmd *rxon1 = &priv->staging_rxon;
1014 const struct iwl4965_rxon_cmd *rxon2 = &priv->active_rxon;
1016 if ((rxon1->flags == rxon2->flags) &&
1017 (rxon1->filter_flags == rxon2->filter_flags) &&
1018 (rxon1->cck_basic_rates == rxon2->cck_basic_rates) &&
1019 (rxon1->ofdm_ht_single_stream_basic_rates ==
1020 rxon2->ofdm_ht_single_stream_basic_rates) &&
1021 (rxon1->ofdm_ht_dual_stream_basic_rates ==
1022 rxon2->ofdm_ht_dual_stream_basic_rates) &&
1023 (rxon1->rx_chain == rxon2->rx_chain) &&
1024 (rxon1->ofdm_basic_rates == rxon2->ofdm_basic_rates)) {
1025 IWL_DEBUG_INFO("Using current RXON_ASSOC. Not resending.\n");
1029 rxon_assoc.flags = priv->staging_rxon.flags;
1030 rxon_assoc.filter_flags = priv->staging_rxon.filter_flags;
1031 rxon_assoc.ofdm_basic_rates = priv->staging_rxon.ofdm_basic_rates;
1032 rxon_assoc.cck_basic_rates = priv->staging_rxon.cck_basic_rates;
1033 rxon_assoc.reserved = 0;
1034 rxon_assoc.ofdm_ht_single_stream_basic_rates =
1035 priv->staging_rxon.ofdm_ht_single_stream_basic_rates;
1036 rxon_assoc.ofdm_ht_dual_stream_basic_rates =
1037 priv->staging_rxon.ofdm_ht_dual_stream_basic_rates;
1038 rxon_assoc.rx_chain_select_flags = priv->staging_rxon.rx_chain;
1040 rc = iwl4965_send_cmd_sync(priv, &cmd);
1044 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
1045 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1046 IWL_ERROR("Bad return from REPLY_RXON_ASSOC command\n");
1050 priv->alloc_rxb_skb--;
1051 dev_kfree_skb_any(cmd.meta.u.skb);
1057 * iwl4965_commit_rxon - commit staging_rxon to hardware
1059 * The RXON command in staging_rxon is committed to the hardware and
1060 * the active_rxon structure is updated with the new data. This
1061 * function correctly transitions out of the RXON_ASSOC_MSK state if
1062 * a HW tune is required based on the RXON structure changes.
1064 static int iwl4965_commit_rxon(struct iwl4965_priv *priv)
1066 /* cast away the const for active_rxon in this function */
1067 struct iwl4965_rxon_cmd *active_rxon = (void *)&priv->active_rxon;
1068 DECLARE_MAC_BUF(mac);
1071 if (!iwl4965_is_alive(priv))
1074 /* always get timestamp with Rx frame */
1075 priv->staging_rxon.flags |= RXON_FLG_TSF2HOST_MSK;
1077 rc = iwl4965_check_rxon_cmd(&priv->staging_rxon);
1079 IWL_ERROR("Invalid RXON configuration. Not committing.\n");
1083 /* If we don't need to send a full RXON, we can use
1084 * iwl4965_rxon_assoc_cmd which is used to reconfigure filter
1085 * and other flags for the current radio configuration. */
1086 if (!iwl4965_full_rxon_required(priv)) {
1087 rc = iwl4965_send_rxon_assoc(priv);
1089 IWL_ERROR("Error setting RXON_ASSOC "
1090 "configuration (%d).\n", rc);
1094 memcpy(active_rxon, &priv->staging_rxon, sizeof(*active_rxon));
1099 /* station table will be cleared */
1100 priv->assoc_station_added = 0;
1102 #ifdef CONFIG_IWL4965_SENSITIVITY
1103 priv->sensitivity_data.state = IWL_SENS_CALIB_NEED_REINIT;
1104 if (!priv->error_recovering)
1105 priv->start_calib = 0;
1107 iwl4965_init_sensitivity(priv, CMD_ASYNC, 1);
1108 #endif /* CONFIG_IWL4965_SENSITIVITY */
1110 /* If we are currently associated and the new config requires
1111 * an RXON_ASSOC and the new config wants the associated mask enabled,
1112 * we must clear the associated from the active configuration
1113 * before we apply the new config */
1114 if (iwl4965_is_associated(priv) &&
1115 (priv->staging_rxon.filter_flags & RXON_FILTER_ASSOC_MSK)) {
1116 IWL_DEBUG_INFO("Toggling associated bit on current RXON\n");
1117 active_rxon->filter_flags &= ~RXON_FILTER_ASSOC_MSK;
1119 rc = iwl4965_send_cmd_pdu(priv, REPLY_RXON,
1120 sizeof(struct iwl4965_rxon_cmd),
1121 &priv->active_rxon);
1123 /* If the mask clearing failed then we set
1124 * active_rxon back to what it was previously */
1126 active_rxon->filter_flags |= RXON_FILTER_ASSOC_MSK;
1127 IWL_ERROR("Error clearing ASSOC_MSK on current "
1128 "configuration (%d).\n", rc);
1133 IWL_DEBUG_INFO("Sending RXON\n"
1134 "* with%s RXON_FILTER_ASSOC_MSK\n"
1137 ((priv->staging_rxon.filter_flags &
1138 RXON_FILTER_ASSOC_MSK) ? "" : "out"),
1139 le16_to_cpu(priv->staging_rxon.channel),
1140 print_mac(mac, priv->staging_rxon.bssid_addr));
1142 /* Apply the new configuration */
1143 rc = iwl4965_send_cmd_pdu(priv, REPLY_RXON,
1144 sizeof(struct iwl4965_rxon_cmd), &priv->staging_rxon);
1146 IWL_ERROR("Error setting new configuration (%d).\n", rc);
1150 iwl4965_clear_stations_table(priv);
1152 #ifdef CONFIG_IWL4965_SENSITIVITY
1153 if (!priv->error_recovering)
1154 priv->start_calib = 0;
1156 priv->sensitivity_data.state = IWL_SENS_CALIB_NEED_REINIT;
1157 iwl4965_init_sensitivity(priv, CMD_ASYNC, 1);
1158 #endif /* CONFIG_IWL4965_SENSITIVITY */
1160 memcpy(active_rxon, &priv->staging_rxon, sizeof(*active_rxon));
1162 /* If we issue a new RXON command which required a tune then we must
1163 * send a new TXPOWER command or we won't be able to Tx any frames */
1164 rc = iwl4965_hw_reg_send_txpower(priv);
1166 IWL_ERROR("Error setting Tx power (%d).\n", rc);
1170 /* Add the broadcast address so we can send broadcast frames */
1171 if (iwl4965_rxon_add_station(priv, iwl4965_broadcast_addr, 0) ==
1172 IWL_INVALID_STATION) {
1173 IWL_ERROR("Error adding BROADCAST address for transmit.\n");
1177 /* If we have set the ASSOC_MSK and we are in BSS mode then
1178 * add the IWL_AP_ID to the station rate table */
1179 if (iwl4965_is_associated(priv) &&
1180 (priv->iw_mode == IEEE80211_IF_TYPE_STA)) {
1181 if (iwl4965_rxon_add_station(priv, priv->active_rxon.bssid_addr, 1)
1182 == IWL_INVALID_STATION) {
1183 IWL_ERROR("Error adding AP address for transmit.\n");
1186 priv->assoc_station_added = 1;
1192 static int iwl4965_send_bt_config(struct iwl4965_priv *priv)
1194 struct iwl4965_bt_cmd bt_cmd = {
1202 return iwl4965_send_cmd_pdu(priv, REPLY_BT_CONFIG,
1203 sizeof(struct iwl4965_bt_cmd), &bt_cmd);
1206 static int iwl4965_send_scan_abort(struct iwl4965_priv *priv)
1209 struct iwl4965_rx_packet *res;
1210 struct iwl4965_host_cmd cmd = {
1211 .id = REPLY_SCAN_ABORT_CMD,
1212 .meta.flags = CMD_WANT_SKB,
1215 /* If there isn't a scan actively going on in the hardware
1216 * then we are in between scan bands and not actually
1217 * actively scanning, so don't send the abort command */
1218 if (!test_bit(STATUS_SCAN_HW, &priv->status)) {
1219 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1223 rc = iwl4965_send_cmd_sync(priv, &cmd);
1225 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1229 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
1230 if (res->u.status != CAN_ABORT_STATUS) {
1231 /* The scan abort will return 1 for success or
1232 * 2 for "failure". A failure condition can be
1233 * due to simply not being in an active scan which
1234 * can occur if we send the scan abort before we
1235 * the microcode has notified us that a scan is
1237 IWL_DEBUG_INFO("SCAN_ABORT returned %d.\n", res->u.status);
1238 clear_bit(STATUS_SCAN_ABORTING, &priv->status);
1239 clear_bit(STATUS_SCAN_HW, &priv->status);
1242 dev_kfree_skb_any(cmd.meta.u.skb);
1247 static int iwl4965_card_state_sync_callback(struct iwl4965_priv *priv,
1248 struct iwl4965_cmd *cmd,
1249 struct sk_buff *skb)
1257 * Use: Sets the device's internal card state to enable, disable, or halt
1259 * When in the 'enable' state the card operates as normal.
1260 * When in the 'disable' state, the card enters into a low power mode.
1261 * When in the 'halt' state, the card is shut down and must be fully
1262 * restarted to come back on.
1264 static int iwl4965_send_card_state(struct iwl4965_priv *priv, u32 flags, u8 meta_flag)
1266 struct iwl4965_host_cmd cmd = {
1267 .id = REPLY_CARD_STATE_CMD,
1270 .meta.flags = meta_flag,
1273 if (meta_flag & CMD_ASYNC)
1274 cmd.meta.u.callback = iwl4965_card_state_sync_callback;
1276 return iwl4965_send_cmd(priv, &cmd);
1279 static int iwl4965_add_sta_sync_callback(struct iwl4965_priv *priv,
1280 struct iwl4965_cmd *cmd, struct sk_buff *skb)
1282 struct iwl4965_rx_packet *res = NULL;
1285 IWL_ERROR("Error: Response NULL in REPLY_ADD_STA.\n");
1289 res = (struct iwl4965_rx_packet *)skb->data;
1290 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1291 IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
1296 switch (res->u.add_sta.status) {
1297 case ADD_STA_SUCCESS_MSK:
1303 /* We didn't cache the SKB; let the caller free it */
1307 int iwl4965_send_add_station(struct iwl4965_priv *priv,
1308 struct iwl4965_addsta_cmd *sta, u8 flags)
1310 struct iwl4965_rx_packet *res = NULL;
1312 struct iwl4965_host_cmd cmd = {
1313 .id = REPLY_ADD_STA,
1314 .len = sizeof(struct iwl4965_addsta_cmd),
1315 .meta.flags = flags,
1319 if (flags & CMD_ASYNC)
1320 cmd.meta.u.callback = iwl4965_add_sta_sync_callback;
1322 cmd.meta.flags |= CMD_WANT_SKB;
1324 rc = iwl4965_send_cmd(priv, &cmd);
1326 if (rc || (flags & CMD_ASYNC))
1329 res = (struct iwl4965_rx_packet *)cmd.meta.u.skb->data;
1330 if (res->hdr.flags & IWL_CMD_FAILED_MSK) {
1331 IWL_ERROR("Bad return from REPLY_ADD_STA (0x%08X)\n",
1337 switch (res->u.add_sta.status) {
1338 case ADD_STA_SUCCESS_MSK:
1339 IWL_DEBUG_INFO("REPLY_ADD_STA PASSED\n");
1343 IWL_WARNING("REPLY_ADD_STA failed\n");
1348 priv->alloc_rxb_skb--;
1349 dev_kfree_skb_any(cmd.meta.u.skb);
1354 static int iwl4965_update_sta_key_info(struct iwl4965_priv *priv,
1355 struct ieee80211_key_conf *keyconf,
1358 unsigned long flags;
1359 __le16 key_flags = 0;
1361 switch (keyconf->alg) {
1363 key_flags |= STA_KEY_FLG_CCMP;
1364 key_flags |= cpu_to_le16(
1365 keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
1366 key_flags &= ~STA_KEY_FLG_INVALID;
1373 spin_lock_irqsave(&priv->sta_lock, flags);
1374 priv->stations[sta_id].keyinfo.alg = keyconf->alg;
1375 priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
1376 memcpy(priv->stations[sta_id].keyinfo.key, keyconf->key,
1379 memcpy(priv->stations[sta_id].sta.key.key, keyconf->key,
1381 priv->stations[sta_id].sta.key.key_flags = key_flags;
1382 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
1383 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
1385 spin_unlock_irqrestore(&priv->sta_lock, flags);
1387 IWL_DEBUG_INFO("hwcrypto: modify ucode station key info\n");
1388 iwl4965_send_add_station(priv, &priv->stations[sta_id].sta, 0);
1392 static int iwl4965_clear_sta_key_info(struct iwl4965_priv *priv, u8 sta_id)
1394 unsigned long flags;
1396 spin_lock_irqsave(&priv->sta_lock, flags);
1397 memset(&priv->stations[sta_id].keyinfo, 0, sizeof(struct iwl4965_hw_key));
1398 memset(&priv->stations[sta_id].sta.key, 0, sizeof(struct iwl4965_keyinfo));
1399 priv->stations[sta_id].sta.key.key_flags = STA_KEY_FLG_NO_ENC;
1400 priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK;
1401 priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK;
1402 spin_unlock_irqrestore(&priv->sta_lock, flags);
1404 IWL_DEBUG_INFO("hwcrypto: clear ucode station key info\n");
1405 iwl4965_send_add_station(priv, &priv->stations[sta_id].sta, 0);
1409 static void iwl4965_clear_free_frames(struct iwl4965_priv *priv)
1411 struct list_head *element;
1413 IWL_DEBUG_INFO("%d frames on pre-allocated heap on clear.\n",
1414 priv->frames_count);
1416 while (!list_empty(&priv->free_frames)) {
1417 element = priv->free_frames.next;
1419 kfree(list_entry(element, struct iwl4965_frame, list));
1420 priv->frames_count--;
1423 if (priv->frames_count) {
1424 IWL_WARNING("%d frames still in use. Did we lose one?\n",
1425 priv->frames_count);
1426 priv->frames_count = 0;
1430 static struct iwl4965_frame *iwl4965_get_free_frame(struct iwl4965_priv *priv)
1432 struct iwl4965_frame *frame;
1433 struct list_head *element;
1434 if (list_empty(&priv->free_frames)) {
1435 frame = kzalloc(sizeof(*frame), GFP_KERNEL);
1437 IWL_ERROR("Could not allocate frame!\n");
1441 priv->frames_count++;
1445 element = priv->free_frames.next;
1447 return list_entry(element, struct iwl4965_frame, list);
1450 static void iwl4965_free_frame(struct iwl4965_priv *priv, struct iwl4965_frame *frame)
1452 memset(frame, 0, sizeof(*frame));
1453 list_add(&frame->list, &priv->free_frames);
1456 unsigned int iwl4965_fill_beacon_frame(struct iwl4965_priv *priv,
1457 struct ieee80211_hdr *hdr,
1458 const u8 *dest, int left)
1461 if (!iwl4965_is_associated(priv) || !priv->ibss_beacon ||
1462 ((priv->iw_mode != IEEE80211_IF_TYPE_IBSS) &&
1463 (priv->iw_mode != IEEE80211_IF_TYPE_AP)))
1466 if (priv->ibss_beacon->len > left)
1469 memcpy(hdr, priv->ibss_beacon->data, priv->ibss_beacon->len);
1471 return priv->ibss_beacon->len;
1474 int iwl4965_rate_index_from_plcp(int plcp)
1478 /* 4965 HT rate format */
1479 if (plcp & RATE_MCS_HT_MSK) {
1482 if (i >= IWL_RATE_MIMO_6M_PLCP)
1483 i = i - IWL_RATE_MIMO_6M_PLCP;
1485 i += IWL_FIRST_OFDM_RATE;
1486 /* skip 9M not supported in ht*/
1487 if (i >= IWL_RATE_9M_INDEX)
1489 if ((i >= IWL_FIRST_OFDM_RATE) &&
1490 (i <= IWL_LAST_OFDM_RATE))
1493 /* 4965 legacy rate format, search for match in table */
1495 for (i = 0; i < ARRAY_SIZE(iwl4965_rates); i++)
1496 if (iwl4965_rates[i].plcp == (plcp &0xFF))
1502 static u8 iwl4965_rate_get_lowest_plcp(int rate_mask)
1506 for (i = IWL_RATE_1M_INDEX; i != IWL_RATE_INVALID;
1507 i = iwl4965_rates[i].next_ieee) {
1508 if (rate_mask & (1 << i))
1509 return iwl4965_rates[i].plcp;
1512 return IWL_RATE_INVALID;
1515 static int iwl4965_send_beacon_cmd(struct iwl4965_priv *priv)
1517 struct iwl4965_frame *frame;
1518 unsigned int frame_size;
1522 frame = iwl4965_get_free_frame(priv);
1525 IWL_ERROR("Could not obtain free frame buffer for beacon "
1530 if (!(priv->staging_rxon.flags & RXON_FLG_BAND_24G_MSK)) {
1531 rate = iwl4965_rate_get_lowest_plcp(priv->active_rate_basic &
1533 if (rate == IWL_INVALID_RATE)
1534 rate = IWL_RATE_6M_PLCP;
1536 rate = iwl4965_rate_get_lowest_plcp(priv->active_rate_basic & 0xF);
1537 if (rate == IWL_INVALID_RATE)
1538 rate = IWL_RATE_1M_PLCP;
1541 frame_size = iwl4965_hw_get_beacon_cmd(priv, frame, rate);
1543 rc = iwl4965_send_cmd_pdu(priv, REPLY_TX_BEACON, frame_size,
1546 iwl4965_free_frame(priv, frame);
1551 /******************************************************************************
1553 * EEPROM related functions
1555 ******************************************************************************/
1557 static void get_eeprom_mac(struct iwl4965_priv *priv, u8 *mac)
1559 memcpy(mac, priv->eeprom.mac_address, 6);
1563 * iwl4965_eeprom_init - read EEPROM contents
1565 * Load the EEPROM from adapter into priv->eeprom
1567 * NOTE: This routine uses the non-debug IO access functions.
1569 int iwl4965_eeprom_init(struct iwl4965_priv *priv)
1571 u16 *e = (u16 *)&priv->eeprom;
1572 u32 gp = iwl4965_read32(priv, CSR_EEPROM_GP);
1574 int sz = sizeof(priv->eeprom);
1579 /* The EEPROM structure has several padding buffers within it
1580 * and when adding new EEPROM maps is subject to programmer errors
1581 * which may be very difficult to identify without explicitly
1582 * checking the resulting size of the eeprom map. */
1583 BUILD_BUG_ON(sizeof(priv->eeprom) != IWL_EEPROM_IMAGE_SIZE);
1585 if ((gp & CSR_EEPROM_GP_VALID_MSK) == CSR_EEPROM_GP_BAD_SIGNATURE) {
1586 IWL_ERROR("EEPROM not found, EEPROM_GP=0x%08x", gp);
1590 rc = iwl4965_eeprom_acquire_semaphore(priv);
1592 IWL_ERROR("Failed to acquire EEPROM semaphore.\n");
1596 /* eeprom is an array of 16bit values */
1597 for (addr = 0; addr < sz; addr += sizeof(u16)) {
1598 _iwl4965_write32(priv, CSR_EEPROM_REG, addr << 1);
1599 _iwl4965_clear_bit(priv, CSR_EEPROM_REG, CSR_EEPROM_REG_BIT_CMD);
1601 for (i = 0; i < IWL_EEPROM_ACCESS_TIMEOUT;
1602 i += IWL_EEPROM_ACCESS_DELAY) {
1603 r = _iwl4965_read_direct32(priv, CSR_EEPROM_REG);
1604 if (r & CSR_EEPROM_REG_READ_VALID_MSK)
1606 udelay(IWL_EEPROM_ACCESS_DELAY);
1609 if (!(r & CSR_EEPROM_REG_READ_VALID_MSK)) {
1610 IWL_ERROR("Time out reading EEPROM[%d]", addr);
1614 e[addr / 2] = le16_to_cpu(r >> 16);
1619 iwl4965_eeprom_release_semaphore(priv);
1623 /******************************************************************************
1625 * Misc. internal state and helper functions
1627 ******************************************************************************/
1628 #ifdef CONFIG_IWL4965_DEBUG
1631 * iwl4965_report_frame - dump frame to syslog during debug sessions
1633 * You may hack this function to show different aspects of received frames,
1634 * including selective frame dumps.
1635 * group100 parameter selects whether to show 1 out of 100 good frames.
1637 * TODO: This was originally written for 3945, need to audit for
1638 * proper operation with 4965.
1640 void iwl4965_report_frame(struct iwl4965_priv *priv,
1641 struct iwl4965_rx_packet *pkt,
1642 struct ieee80211_hdr *header, int group100)
1645 u32 print_summary = 0;
1646 u32 print_dump = 0; /* set to 1 to dump all frames' contents */
1663 struct iwl4965_rx_frame_stats *rx_stats = IWL_RX_STATS(pkt);
1664 struct iwl4965_rx_frame_hdr *rx_hdr = IWL_RX_HDR(pkt);
1665 struct iwl4965_rx_frame_end *rx_end = IWL_RX_END(pkt);
1666 u8 *data = IWL_RX_DATA(pkt);
1669 fc = le16_to_cpu(header->frame_control);
1670 seq_ctl = le16_to_cpu(header->seq_ctrl);
1673 channel = le16_to_cpu(rx_hdr->channel);
1674 phy_flags = le16_to_cpu(rx_hdr->phy_flags);
1675 rate_sym = rx_hdr->rate;
1676 length = le16_to_cpu(rx_hdr->len);
1678 /* end-of-frame status and timestamp */
1679 status = le32_to_cpu(rx_end->status);
1680 bcn_tmr = le32_to_cpu(rx_end->beacon_timestamp);
1681 tsf_low = le64_to_cpu(rx_end->timestamp) & 0x0ffffffff;
1682 tsf = le64_to_cpu(rx_end->timestamp);
1684 /* signal statistics */
1685 rssi = rx_stats->rssi;
1686 agc = rx_stats->agc;
1687 sig_avg = le16_to_cpu(rx_stats->sig_avg);
1688 noise_diff = le16_to_cpu(rx_stats->noise_diff);
1690 to_us = !compare_ether_addr(header->addr1, priv->mac_addr);
1692 /* if data frame is to us and all is good,
1693 * (optionally) print summary for only 1 out of every 100 */
1694 if (to_us && (fc & ~IEEE80211_FCTL_PROTECTED) ==
1695 (IEEE80211_FCTL_FROMDS | IEEE80211_FTYPE_DATA)) {
1698 print_summary = 1; /* print each frame */
1699 else if (priv->framecnt_to_us < 100) {
1700 priv->framecnt_to_us++;
1703 priv->framecnt_to_us = 0;
1708 /* print summary for all other frames */
1712 if (print_summary) {
1717 title = "100Frames";
1718 else if (fc & IEEE80211_FCTL_RETRY)
1720 else if (ieee80211_is_assoc_response(fc))
1722 else if (ieee80211_is_reassoc_response(fc))
1724 else if (ieee80211_is_probe_response(fc)) {
1726 print_dump = 1; /* dump frame contents */
1727 } else if (ieee80211_is_beacon(fc)) {
1729 print_dump = 1; /* dump frame contents */
1730 } else if (ieee80211_is_atim(fc))
1732 else if (ieee80211_is_auth(fc))
1734 else if (ieee80211_is_deauth(fc))
1736 else if (ieee80211_is_disassoc(fc))
1741 rate = iwl4965_rate_index_from_plcp(rate_sym);
1745 rate = iwl4965_rates[rate].ieee / 2;
1747 /* print frame summary.
1748 * MAC addresses show just the last byte (for brevity),
1749 * but you can hack it to show more, if you'd like to. */
1751 IWL_DEBUG_RX("%s: mhd=0x%04x, dst=0x%02x, "
1752 "len=%u, rssi=%d, chnl=%d, rate=%u, \n",
1753 title, fc, header->addr1[5],
1754 length, rssi, channel, rate);
1756 /* src/dst addresses assume managed mode */
1757 IWL_DEBUG_RX("%s: 0x%04x, dst=0x%02x, "
1758 "src=0x%02x, rssi=%u, tim=%lu usec, "
1759 "phy=0x%02x, chnl=%d\n",
1760 title, fc, header->addr1[5],
1761 header->addr3[5], rssi,
1762 tsf_low - priv->scan_start_tsf,
1763 phy_flags, channel);
1767 iwl4965_print_hex_dump(IWL_DL_RX, data, length);
1771 static void iwl4965_unset_hw_setting(struct iwl4965_priv *priv)
1773 if (priv->hw_setting.shared_virt)
1774 pci_free_consistent(priv->pci_dev,
1775 sizeof(struct iwl4965_shared),
1776 priv->hw_setting.shared_virt,
1777 priv->hw_setting.shared_phys);
1781 * iwl4965_supported_rate_to_ie - fill in the supported rate in IE field
1783 * return : set the bit for each supported rate insert in ie
1785 static u16 iwl4965_supported_rate_to_ie(u8 *ie, u16 supported_rate,
1786 u16 basic_rate, int *left)
1788 u16 ret_rates = 0, bit;
1793 for (bit = 1, i = 0; i < IWL_RATE_COUNT; i++, bit <<= 1) {
1794 if (bit & supported_rate) {
1796 rates[*cnt] = iwl4965_rates[i].ieee |
1797 ((bit & basic_rate) ? 0x80 : 0x00);
1801 (*cnt >= IWL_SUPPORTED_RATES_IE_LEN))
1809 #ifdef CONFIG_IWL4965_HT
1810 void static iwl4965_set_ht_capab(struct ieee80211_hw *hw,
1811 struct ieee80211_ht_capability *ht_cap,
1816 * iwl4965_fill_probe_req - fill in all required fields and IE for probe request
1818 static u16 iwl4965_fill_probe_req(struct iwl4965_priv *priv,
1819 struct ieee80211_mgmt *frame,
1820 int left, int is_direct)
1824 u16 active_rates, ret_rates, cck_rates, active_rate_basic;
1826 /* Make sure there is enough space for the probe request,
1827 * two mandatory IEs and the data */
1833 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
1834 memcpy(frame->da, iwl4965_broadcast_addr, ETH_ALEN);
1835 memcpy(frame->sa, priv->mac_addr, ETH_ALEN);
1836 memcpy(frame->bssid, iwl4965_broadcast_addr, ETH_ALEN);
1837 frame->seq_ctrl = 0;
1839 /* fill in our indirect SSID IE */
1846 pos = &(frame->u.probe_req.variable[0]);
1847 *pos++ = WLAN_EID_SSID;
1850 /* fill in our direct SSID IE... */
1853 left -= 2 + priv->essid_len;
1856 /* ... fill it in... */
1857 *pos++ = WLAN_EID_SSID;
1858 *pos++ = priv->essid_len;
1859 memcpy(pos, priv->essid, priv->essid_len);
1860 pos += priv->essid_len;
1861 len += 2 + priv->essid_len;
1864 /* fill in supported rate */
1870 /* ... fill it in... */
1871 *pos++ = WLAN_EID_SUPP_RATES;
1874 /* exclude 60M rate */
1875 active_rates = priv->rates_mask;
1876 active_rates &= ~IWL_RATE_60M_MASK;
1878 active_rate_basic = active_rates & IWL_BASIC_RATES_MASK;
1880 cck_rates = IWL_CCK_RATES_MASK & active_rates;
1881 ret_rates = iwl4965_supported_rate_to_ie(pos, cck_rates,
1882 active_rate_basic, &left);
1883 active_rates &= ~ret_rates;
1885 ret_rates = iwl4965_supported_rate_to_ie(pos, active_rates,
1886 active_rate_basic, &left);
1887 active_rates &= ~ret_rates;
1891 if (active_rates == 0)
1894 /* fill in supported extended rate */
1899 /* ... fill it in... */
1900 *pos++ = WLAN_EID_EXT_SUPP_RATES;
1902 iwl4965_supported_rate_to_ie(pos, active_rates,
1903 active_rate_basic, &left);
1907 #ifdef CONFIG_IWL4965_HT
1908 if (is_direct && priv->is_ht_enabled) {
1909 u8 use_wide_chan = 1;
1911 if (priv->channel_width != IWL_CHANNEL_WIDTH_40MHZ)
1914 *pos++ = WLAN_EID_HT_CAPABILITY;
1915 *pos++ = sizeof(struct ieee80211_ht_capability);
1916 iwl4965_set_ht_capab(NULL, (struct ieee80211_ht_capability *)pos,
1918 len += 2 + sizeof(struct ieee80211_ht_capability);
1920 #endif /*CONFIG_IWL4965_HT */
1929 #ifdef CONFIG_IWL4965_QOS
1930 static int iwl4965_send_qos_params_command(struct iwl4965_priv *priv,
1931 struct iwl4965_qosparam_cmd *qos)
1934 return iwl4965_send_cmd_pdu(priv, REPLY_QOS_PARAM,
1935 sizeof(struct iwl4965_qosparam_cmd), qos);
1938 static void iwl4965_reset_qos(struct iwl4965_priv *priv)
1944 unsigned long flags;
1947 spin_lock_irqsave(&priv->lock, flags);
1948 priv->qos_data.qos_active = 0;
1950 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS) {
1951 if (priv->qos_data.qos_enable)
1952 priv->qos_data.qos_active = 1;
1953 if (!(priv->active_rate & 0xfff0)) {
1957 } else if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
1958 if (priv->qos_data.qos_enable)
1959 priv->qos_data.qos_active = 1;
1960 } else if (!(priv->staging_rxon.flags & RXON_FLG_SHORT_SLOT_MSK)) {
1965 if (priv->qos_data.qos_active)
1968 priv->qos_data.def_qos_parm.ac[0].cw_min = cpu_to_le16(cw_min);
1969 priv->qos_data.def_qos_parm.ac[0].cw_max = cpu_to_le16(cw_max);
1970 priv->qos_data.def_qos_parm.ac[0].aifsn = aifs;
1971 priv->qos_data.def_qos_parm.ac[0].edca_txop = 0;
1972 priv->qos_data.def_qos_parm.ac[0].reserved1 = 0;
1974 if (priv->qos_data.qos_active) {
1976 priv->qos_data.def_qos_parm.ac[i].cw_min = cpu_to_le16(cw_min);
1977 priv->qos_data.def_qos_parm.ac[i].cw_max = cpu_to_le16(cw_max);
1978 priv->qos_data.def_qos_parm.ac[i].aifsn = 7;
1979 priv->qos_data.def_qos_parm.ac[i].edca_txop = 0;
1980 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1983 priv->qos_data.def_qos_parm.ac[i].cw_min =
1984 cpu_to_le16((cw_min + 1) / 2 - 1);
1985 priv->qos_data.def_qos_parm.ac[i].cw_max =
1986 cpu_to_le16(cw_max);
1987 priv->qos_data.def_qos_parm.ac[i].aifsn = 2;
1989 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1992 priv->qos_data.def_qos_parm.ac[i].edca_txop =
1994 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
1997 priv->qos_data.def_qos_parm.ac[i].cw_min =
1998 cpu_to_le16((cw_min + 1) / 4 - 1);
1999 priv->qos_data.def_qos_parm.ac[i].cw_max =
2000 cpu_to_le16((cw_max + 1) / 2 - 1);
2001 priv->qos_data.def_qos_parm.ac[i].aifsn = 2;
2002 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
2004 priv->qos_data.def_qos_parm.ac[i].edca_txop =
2007 priv->qos_data.def_qos_parm.ac[i].edca_txop =
2010 for (i = 1; i < 4; i++) {
2011 priv->qos_data.def_qos_parm.ac[i].cw_min =
2012 cpu_to_le16(cw_min);
2013 priv->qos_data.def_qos_parm.ac[i].cw_max =
2014 cpu_to_le16(cw_max);
2015 priv->qos_data.def_qos_parm.ac[i].aifsn = aifs;
2016 priv->qos_data.def_qos_parm.ac[i].edca_txop = 0;
2017 priv->qos_data.def_qos_parm.ac[i].reserved1 = 0;
2020 IWL_DEBUG_QOS("set QoS to default \n");
2022 spin_unlock_irqrestore(&priv->lock, flags);
2025 static void iwl4965_activate_qos(struct iwl4965_priv *priv, u8 force)
2027 unsigned long flags;
2029 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
2032 if (!priv->qos_data.qos_enable)
2035 spin_lock_irqsave(&priv->lock, flags);
2036 priv->qos_data.def_qos_parm.qos_flags = 0;
2038 if (priv->qos_data.qos_cap.q_AP.queue_request &&
2039 !priv->qos_data.qos_cap.q_AP.txop_request)
2040 priv->qos_data.def_qos_parm.qos_flags |=
2041 QOS_PARAM_FLG_TXOP_TYPE_MSK;
2042 if (priv->qos_data.qos_active)
2043 priv->qos_data.def_qos_parm.qos_flags |=
2044 QOS_PARAM_FLG_UPDATE_EDCA_MSK;
2046 #ifdef CONFIG_IWL4965_HT
2047 if (priv->is_ht_enabled && priv->current_assoc_ht.is_ht)
2048 priv->qos_data.def_qos_parm.qos_flags |= QOS_PARAM_FLG_TGN_MSK;
2049 #endif /* CONFIG_IWL4965_HT */
2051 spin_unlock_irqrestore(&priv->lock, flags);
2053 if (force || iwl4965_is_associated(priv)) {
2054 IWL_DEBUG_QOS("send QoS cmd with Qos active=%d FLAGS=0x%X\n",
2055 priv->qos_data.qos_active,
2056 priv->qos_data.def_qos_parm.qos_flags);
2058 iwl4965_send_qos_params_command(priv,
2059 &(priv->qos_data.def_qos_parm));
2063 #endif /* CONFIG_IWL4965_QOS */
2065 * Power management (not Tx power!) functions
2067 #define MSEC_TO_USEC 1024
2069 #define NOSLP __constant_cpu_to_le16(0), 0, 0
2070 #define SLP IWL_POWER_DRIVER_ALLOW_SLEEP_MSK, 0, 0
2071 #define SLP_TIMEOUT(T) __constant_cpu_to_le32((T) * MSEC_TO_USEC)
2072 #define SLP_VEC(X0, X1, X2, X3, X4) {__constant_cpu_to_le32(X0), \
2073 __constant_cpu_to_le32(X1), \
2074 __constant_cpu_to_le32(X2), \
2075 __constant_cpu_to_le32(X3), \
2076 __constant_cpu_to_le32(X4)}
2079 /* default power management (not Tx power) table values */
2081 static struct iwl4965_power_vec_entry range_0[IWL_POWER_AC] = {
2082 {{NOSLP, SLP_TIMEOUT(0), SLP_TIMEOUT(0), SLP_VEC(0, 0, 0, 0, 0)}, 0},
2083 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(500), SLP_VEC(1, 2, 3, 4, 4)}, 0},
2084 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(300), SLP_VEC(2, 4, 6, 7, 7)}, 0},
2085 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(100), SLP_VEC(2, 6, 9, 9, 10)}, 0},
2086 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(25), SLP_VEC(2, 7, 9, 9, 10)}, 1},
2087 {{SLP, SLP_TIMEOUT(25), SLP_TIMEOUT(25), SLP_VEC(4, 7, 10, 10, 10)}, 1}
2091 static struct iwl4965_power_vec_entry range_1[IWL_POWER_AC] = {
2092 {{NOSLP, SLP_TIMEOUT(0), SLP_TIMEOUT(0), SLP_VEC(0, 0, 0, 0, 0)}, 0},
2093 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(500),
2094 SLP_VEC(1, 2, 3, 4, 0xFF)}, 0},
2095 {{SLP, SLP_TIMEOUT(200), SLP_TIMEOUT(300),
2096 SLP_VEC(2, 4, 6, 7, 0xFF)}, 0},
2097 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(100),
2098 SLP_VEC(2, 6, 9, 9, 0xFF)}, 0},
2099 {{SLP, SLP_TIMEOUT(50), SLP_TIMEOUT(25), SLP_VEC(2, 7, 9, 9, 0xFF)}, 0},
2100 {{SLP, SLP_TIMEOUT(25), SLP_TIMEOUT(25),
2101 SLP_VEC(4, 7, 10, 10, 0xFF)}, 0}
2104 int iwl4965_power_init_handle(struct iwl4965_priv *priv)
2107 struct iwl4965_power_mgr *pow_data;
2108 int size = sizeof(struct iwl4965_power_vec_entry) * IWL_POWER_AC;
2111 IWL_DEBUG_POWER("Initialize power \n");
2113 pow_data = &(priv->power_data);
2115 memset(pow_data, 0, sizeof(*pow_data));
2117 pow_data->active_index = IWL_POWER_RANGE_0;
2118 pow_data->dtim_val = 0xffff;
2120 memcpy(&pow_data->pwr_range_0[0], &range_0[0], size);
2121 memcpy(&pow_data->pwr_range_1[0], &range_1[0], size);
2123 rc = pci_read_config_word(priv->pci_dev, PCI_LINK_CTRL, &pci_pm);
2127 struct iwl4965_powertable_cmd *cmd;
2129 IWL_DEBUG_POWER("adjust power command flags\n");
2131 for (i = 0; i < IWL_POWER_AC; i++) {
2132 cmd = &pow_data->pwr_range_0[i].cmd;
2135 cmd->flags &= ~IWL_POWER_PCI_PM_MSK;
2137 cmd->flags |= IWL_POWER_PCI_PM_MSK;
2143 static int iwl4965_update_power_cmd(struct iwl4965_priv *priv,
2144 struct iwl4965_powertable_cmd *cmd, u32 mode)
2149 struct iwl4965_power_vec_entry *range;
2151 struct iwl4965_power_mgr *pow_data;
2153 if (mode > IWL_POWER_INDEX_5) {
2154 IWL_DEBUG_POWER("Error invalid power mode \n");
2157 pow_data = &(priv->power_data);
2159 if (pow_data->active_index == IWL_POWER_RANGE_0)
2160 range = &pow_data->pwr_range_0[0];
2162 range = &pow_data->pwr_range_1[1];
2164 memcpy(cmd, &range[mode].cmd, sizeof(struct iwl4965_powertable_cmd));
2166 #ifdef IWL_MAC80211_DISABLE
2167 if (priv->assoc_network != NULL) {
2168 unsigned long flags;
2170 period = priv->assoc_network->tim.tim_period;
2172 #endif /*IWL_MAC80211_DISABLE */
2173 skip = range[mode].no_dtim;
2182 cmd->flags &= ~IWL_POWER_SLEEP_OVER_DTIM_MSK;
2184 __le32 slp_itrvl = cmd->sleep_interval[IWL_POWER_VEC_SIZE - 1];
2185 max_sleep = (le32_to_cpu(slp_itrvl) / period) * period;
2186 cmd->flags |= IWL_POWER_SLEEP_OVER_DTIM_MSK;
2189 for (i = 0; i < IWL_POWER_VEC_SIZE; i++) {
2190 if (le32_to_cpu(cmd->sleep_interval[i]) > max_sleep)
2191 cmd->sleep_interval[i] = cpu_to_le32(max_sleep);
2194 IWL_DEBUG_POWER("Flags value = 0x%08X\n", cmd->flags);
2195 IWL_DEBUG_POWER("Tx timeout = %u\n", le32_to_cpu(cmd->tx_data_timeout));
2196 IWL_DEBUG_POWER("Rx timeout = %u\n", le32_to_cpu(cmd->rx_data_timeout));
2197 IWL_DEBUG_POWER("Sleep interval vector = { %d , %d , %d , %d , %d }\n",
2198 le32_to_cpu(cmd->sleep_interval[0]),
2199 le32_to_cpu(cmd->sleep_interval[1]),
2200 le32_to_cpu(cmd->sleep_interval[2]),
2201 le32_to_cpu(cmd->sleep_interval[3]),
2202 le32_to_cpu(cmd->sleep_interval[4]));
2207 static int iwl4965_send_power_mode(struct iwl4965_priv *priv, u32 mode)
2209 u32 uninitialized_var(final_mode);
2211 struct iwl4965_powertable_cmd cmd;
2213 /* If on battery, set to 3,
2214 * if plugged into AC power, set to CAM ("continuously aware mode"),
2215 * else user level */
2217 case IWL_POWER_BATTERY:
2218 final_mode = IWL_POWER_INDEX_3;
2221 final_mode = IWL_POWER_MODE_CAM;
2228 cmd.keep_alive_beacons = 0;
2230 iwl4965_update_power_cmd(priv, &cmd, final_mode);
2232 rc = iwl4965_send_cmd_pdu(priv, POWER_TABLE_CMD, sizeof(cmd), &cmd);
2234 if (final_mode == IWL_POWER_MODE_CAM)
2235 clear_bit(STATUS_POWER_PMI, &priv->status);
2237 set_bit(STATUS_POWER_PMI, &priv->status);
2242 int iwl4965_is_network_packet(struct iwl4965_priv *priv, struct ieee80211_hdr *header)
2244 /* Filter incoming packets to determine if they are targeted toward
2245 * this network, discarding packets coming from ourselves */
2246 switch (priv->iw_mode) {
2247 case IEEE80211_IF_TYPE_IBSS: /* Header: Dest. | Source | BSSID */
2248 /* packets from our adapter are dropped (echo) */
2249 if (!compare_ether_addr(header->addr2, priv->mac_addr))
2251 /* {broad,multi}cast packets to our IBSS go through */
2252 if (is_multicast_ether_addr(header->addr1))
2253 return !compare_ether_addr(header->addr3, priv->bssid);
2254 /* packets to our adapter go through */
2255 return !compare_ether_addr(header->addr1, priv->mac_addr);
2256 case IEEE80211_IF_TYPE_STA: /* Header: Dest. | AP{BSSID} | Source */
2257 /* packets from our adapter are dropped (echo) */
2258 if (!compare_ether_addr(header->addr3, priv->mac_addr))
2260 /* {broad,multi}cast packets to our BSS go through */
2261 if (is_multicast_ether_addr(header->addr1))
2262 return !compare_ether_addr(header->addr2, priv->bssid);
2263 /* packets to our adapter go through */
2264 return !compare_ether_addr(header->addr1, priv->mac_addr);
2270 #define TX_STATUS_ENTRY(x) case TX_STATUS_FAIL_ ## x: return #x
2272 static const char *iwl4965_get_tx_fail_reason(u32 status)
2274 switch (status & TX_STATUS_MSK) {
2275 case TX_STATUS_SUCCESS:
2277 TX_STATUS_ENTRY(SHORT_LIMIT);
2278 TX_STATUS_ENTRY(LONG_LIMIT);
2279 TX_STATUS_ENTRY(FIFO_UNDERRUN);
2280 TX_STATUS_ENTRY(MGMNT_ABORT);
2281 TX_STATUS_ENTRY(NEXT_FRAG);
2282 TX_STATUS_ENTRY(LIFE_EXPIRE);
2283 TX_STATUS_ENTRY(DEST_PS);
2284 TX_STATUS_ENTRY(ABORTED);
2285 TX_STATUS_ENTRY(BT_RETRY);
2286 TX_STATUS_ENTRY(STA_INVALID);
2287 TX_STATUS_ENTRY(FRAG_DROPPED);
2288 TX_STATUS_ENTRY(TID_DISABLE);
2289 TX_STATUS_ENTRY(FRAME_FLUSHED);
2290 TX_STATUS_ENTRY(INSUFFICIENT_CF_POLL);
2291 TX_STATUS_ENTRY(TX_LOCKED);
2292 TX_STATUS_ENTRY(NO_BEACON_ON_RADAR);
2299 * iwl4965_scan_cancel - Cancel any currently executing HW scan
2301 * NOTE: priv->mutex is not required before calling this function
2303 static int iwl4965_scan_cancel(struct iwl4965_priv *priv)
2305 if (!test_bit(STATUS_SCAN_HW, &priv->status)) {
2306 clear_bit(STATUS_SCANNING, &priv->status);
2310 if (test_bit(STATUS_SCANNING, &priv->status)) {
2311 if (!test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
2312 IWL_DEBUG_SCAN("Queuing scan abort.\n");
2313 set_bit(STATUS_SCAN_ABORTING, &priv->status);
2314 queue_work(priv->workqueue, &priv->abort_scan);
2317 IWL_DEBUG_SCAN("Scan abort already in progress.\n");
2319 return test_bit(STATUS_SCANNING, &priv->status);
2326 * iwl4965_scan_cancel_timeout - Cancel any currently executing HW scan
2327 * @ms: amount of time to wait (in milliseconds) for scan to abort
2329 * NOTE: priv->mutex must be held before calling this function
2331 static int iwl4965_scan_cancel_timeout(struct iwl4965_priv *priv, unsigned long ms)
2333 unsigned long now = jiffies;
2336 ret = iwl4965_scan_cancel(priv);
2338 mutex_unlock(&priv->mutex);
2339 while (!time_after(jiffies, now + msecs_to_jiffies(ms)) &&
2340 test_bit(STATUS_SCANNING, &priv->status))
2342 mutex_lock(&priv->mutex);
2344 return test_bit(STATUS_SCANNING, &priv->status);
2350 static void iwl4965_sequence_reset(struct iwl4965_priv *priv)
2352 /* Reset ieee stats */
2354 /* We don't reset the net_device_stats (ieee->stats) on
2357 priv->last_seq_num = -1;
2358 priv->last_frag_num = -1;
2359 priv->last_packet_time = 0;
2361 iwl4965_scan_cancel(priv);
2364 #define MAX_UCODE_BEACON_INTERVAL 4096
2365 #define INTEL_CONN_LISTEN_INTERVAL __constant_cpu_to_le16(0xA)
2367 static __le16 iwl4965_adjust_beacon_interval(u16 beacon_val)
2370 u16 beacon_factor = 0;
2373 (beacon_val + MAX_UCODE_BEACON_INTERVAL)
2374 / MAX_UCODE_BEACON_INTERVAL;
2375 new_val = beacon_val / beacon_factor;
2377 return cpu_to_le16(new_val);
2380 static void iwl4965_setup_rxon_timing(struct iwl4965_priv *priv)
2382 u64 interval_tm_unit;
2384 unsigned long flags;
2385 struct ieee80211_conf *conf = NULL;
2388 conf = ieee80211_get_hw_conf(priv->hw);
2390 spin_lock_irqsave(&priv->lock, flags);
2391 priv->rxon_timing.timestamp.dw[1] = cpu_to_le32(priv->timestamp1);
2392 priv->rxon_timing.timestamp.dw[0] = cpu_to_le32(priv->timestamp0);
2394 priv->rxon_timing.listen_interval = INTEL_CONN_LISTEN_INTERVAL;
2396 tsf = priv->timestamp1;
2397 tsf = ((tsf << 32) | priv->timestamp0);
2399 beacon_int = priv->beacon_int;
2400 spin_unlock_irqrestore(&priv->lock, flags);
2402 if (priv->iw_mode == IEEE80211_IF_TYPE_STA) {
2403 if (beacon_int == 0) {
2404 priv->rxon_timing.beacon_interval = cpu_to_le16(100);
2405 priv->rxon_timing.beacon_init_val = cpu_to_le32(102400);
2407 priv->rxon_timing.beacon_interval =
2408 cpu_to_le16(beacon_int);
2409 priv->rxon_timing.beacon_interval =
2410 iwl4965_adjust_beacon_interval(
2411 le16_to_cpu(priv->rxon_timing.beacon_interval));
2414 priv->rxon_timing.atim_window = 0;
2416 priv->rxon_timing.beacon_interval =
2417 iwl4965_adjust_beacon_interval(conf->beacon_int);
2418 /* TODO: we need to get atim_window from upper stack
2419 * for now we set to 0 */
2420 priv->rxon_timing.atim_window = 0;
2424 (le16_to_cpu(priv->rxon_timing.beacon_interval) * 1024);
2425 result = do_div(tsf, interval_tm_unit);
2426 priv->rxon_timing.beacon_init_val =
2427 cpu_to_le32((u32) ((u64) interval_tm_unit - result));
2430 ("beacon interval %d beacon timer %d beacon tim %d\n",
2431 le16_to_cpu(priv->rxon_timing.beacon_interval),
2432 le32_to_cpu(priv->rxon_timing.beacon_init_val),
2433 le16_to_cpu(priv->rxon_timing.atim_window));
2436 static int iwl4965_scan_initiate(struct iwl4965_priv *priv)
2438 if (priv->iw_mode == IEEE80211_IF_TYPE_AP) {
2439 IWL_ERROR("APs don't scan.\n");
2443 if (!iwl4965_is_ready_rf(priv)) {
2444 IWL_DEBUG_SCAN("Aborting scan due to not ready.\n");
2448 if (test_bit(STATUS_SCANNING, &priv->status)) {
2449 IWL_DEBUG_SCAN("Scan already in progress.\n");
2453 if (test_bit(STATUS_SCAN_ABORTING, &priv->status)) {
2454 IWL_DEBUG_SCAN("Scan request while abort pending. "
2459 IWL_DEBUG_INFO("Starting scan...\n");
2460 priv->scan_bands = 2;
2461 set_bit(STATUS_SCANNING, &priv->status);
2462 priv->scan_start = jiffies;
2463 priv->scan_pass_start = priv->scan_start;
2465 queue_work(priv->workqueue, &priv->request_scan);
2470 static int iwl4965_set_rxon_hwcrypto(struct iwl4965_priv *priv, int hw_decrypt)
2472 struct iwl4965_rxon_cmd *rxon = &priv->staging_rxon;
2475 rxon->filter_flags &= ~RXON_FILTER_DIS_DECRYPT_MSK;
2477 rxon->filter_flags |= RXON_FILTER_DIS_DECRYPT_MSK;
2482 static void iwl4965_set_flags_for_phymode(struct iwl4965_priv *priv, u8 phymode)
2484 if (phymode == MODE_IEEE80211A) {
2485 priv->staging_rxon.flags &=
2486 ~(RXON_FLG_BAND_24G_MSK | RXON_FLG_AUTO_DETECT_MSK
2487 | RXON_FLG_CCK_MSK);
2488 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
2490 /* Copied from iwl4965_bg_post_associate() */
2491 if (priv->assoc_capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2492 priv->staging_rxon.flags |= RXON_FLG_SHORT_SLOT_MSK;
2494 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
2496 if (priv->iw_mode == IEEE80211_IF_TYPE_IBSS)
2497 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_SLOT_MSK;
2499 priv->staging_rxon.flags |= RXON_FLG_BAND_24G_MSK;
2500 priv->staging_rxon.flags |= RXON_FLG_AUTO_DETECT_MSK;
2501 priv->staging_rxon.flags &= ~RXON_FLG_CCK_MSK;
2506 * initialize rxon structure with default values from eeprom
2508 static void iwl4965_connection_init_rx_config(struct iwl4965_priv *priv)
2510 const struct iwl4965_channel_info *ch_info;
2512 memset(&priv->staging_rxon, 0, sizeof(priv->staging_rxon));
2514 switch (priv->iw_mode) {
2515 case IEEE80211_IF_TYPE_AP:
2516 priv->staging_rxon.dev_type = RXON_DEV_TYPE_AP;
2519 case IEEE80211_IF_TYPE_STA:
2520 priv->staging_rxon.dev_type = RXON_DEV_TYPE_ESS;
2521 priv->staging_rxon.filter_flags = RXON_FILTER_ACCEPT_GRP_MSK;
2524 case IEEE80211_IF_TYPE_IBSS:
2525 priv->staging_rxon.dev_type = RXON_DEV_TYPE_IBSS;
2526 priv->staging_rxon.flags = RXON_FLG_SHORT_PREAMBLE_MSK;
2527 priv->staging_rxon.filter_flags = RXON_FILTER_BCON_AWARE_MSK |
2528 RXON_FILTER_ACCEPT_GRP_MSK;
2531 case IEEE80211_IF_TYPE_MNTR:
2532 priv->staging_rxon.dev_type = RXON_DEV_TYPE_SNIFFER;
2533 priv->staging_rxon.filter_flags = RXON_FILTER_PROMISC_MSK |
2534 RXON_FILTER_CTL2HOST_MSK | RXON_FILTER_ACCEPT_GRP_MSK;
2539 /* TODO: Figure out when short_preamble would be set and cache from
2541 if (!hw_to_local(priv->hw)->short_preamble)
2542 priv->staging_rxon.flags &= ~RXON_FLG_SHORT_PREAMBLE_MSK;
2544 priv->staging_rxon.flags |= RXON_FLG_SHORT_PREAMBLE_MSK;
2547 ch_info = iwl4965_get_channel_info(priv, priv->phymode,
2548 le16_to_cpu(priv->staging_rxon.channel));
2551 ch_info = &priv->channel_info[0];
2554 * in some case A channels are all non IBSS
2555 * in this case force B/G channel
2557 if ((priv->iw_mode == IEEE80211_IF_TYPE_IBSS) &&
2558 !(is_channel_ibss(ch_info)))
2559 ch_info = &priv->channel_info[0];
2561 priv->staging_rxon.channel = cpu_to_le16(ch_info->channel);
2562 if (is_channel_a_band(ch_info))
2563 priv->phymode = MODE_IEEE80211A;
2565 priv->phymode = MODE_IEEE80211G;
2567 iwl4965_set_flags_for_phymode(priv, priv->phymode);
2569 priv->staging_rxon.ofdm_basic_rates =
2570 (IWL_OFDM_RATES_MASK >> IWL_FIRST_OFDM_RATE) & 0xFF;
2571 priv->staging_rxon.cck_basic_rates =
2572 (IWL_CCK_RATES_MASK >> IWL_FIRST_CCK_RATE) & 0xF;
2574 priv->staging_rxon.flags &= ~(RXON_FLG_CHANNEL_MODE_MIXED_MSK |
2575 RXON_FLG_CHANNEL_MODE_PURE_40_MSK);
2576 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
2577 memcpy(priv->staging_rxon.wlap_bssid_addr, priv->mac_addr, ETH_ALEN);
2578 priv->staging_rxon.ofdm_ht_single_stream_basic_rates = 0xff;
2579 priv->staging_rxon.ofdm_ht_dual_stream_basic_rates = 0xff;
2580 iwl4965_set_rxon_chain(priv);
2583 static int iwl4965_set_mode(struct iwl4965_priv *priv, int mode)
2585 if (!iwl4965_is_ready_rf(priv))
2588 if (mode == IEEE80211_IF_TYPE_IBSS) {
2589 const struct iwl4965_channel_info *ch_info;
2591 ch_info = iwl4965_get_channel_info(priv,
2593 le16_to_cpu(priv->staging_rxon.channel));
2595 if (!ch_info || !is_channel_ibss(ch_info)) {
2596 IWL_ERROR("channel %d not IBSS channel\n",
2597 le16_to_cpu(priv->staging_rxon.channel));
2602 cancel_delayed_work(&priv->scan_check);
2603 if (iwl4965_scan_cancel_timeout(priv, 100)) {
2604 IWL_WARNING("Aborted scan still in progress after 100ms\n");
2605 IWL_DEBUG_MAC80211("leaving - scan abort failed.\n");
2609 priv->iw_mode = mode;
2611 iwl4965_connection_init_rx_config(priv);
2612 memcpy(priv->staging_rxon.node_addr, priv->mac_addr, ETH_ALEN);
2614 iwl4965_clear_stations_table(priv);
2616 iwl4965_commit_rxon(priv);
2621 static void iwl4965_build_tx_cmd_hwcrypto(struct iwl4965_priv *priv,
2622 struct ieee80211_tx_control *ctl,
2623 struct iwl4965_cmd *cmd,
2624 struct sk_buff *skb_frag,
2627 struct iwl4965_hw_key *keyinfo = &priv->stations[ctl->key_idx].keyinfo;
2629 switch (keyinfo->alg) {
2631 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_CCM;
2632 memcpy(cmd->cmd.tx.key, keyinfo->key, keyinfo->keylen);
2633 IWL_DEBUG_TX("tx_cmd with aes hwcrypto\n");
2638 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_TKIP;
2641 memcpy(cmd->cmd.tx.tkip_mic.byte, skb_frag->tail - 8,
2644 memset(cmd->cmd.tx.tkip_mic.byte, 0, 8);
2649 cmd->cmd.tx.sec_ctl = TX_CMD_SEC_WEP |
2650 (ctl->key_idx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT;
2652 if (keyinfo->keylen == 13)
2653 cmd->cmd.tx.sec_ctl |= TX_CMD_SEC_KEY128;
2655 memcpy(&cmd->cmd.tx.key[3], keyinfo->key, keyinfo->keylen);
2657 IWL_DEBUG_TX("Configuring packet for WEP encryption "
2658 "with key %d\n", ctl->key_idx);
2662 printk(KERN_ERR "Unknown encode alg %d\n", keyinfo->alg);
2668 * handle build REPLY_TX command notification.
2670 static void iwl4965_build_tx_cmd_basic(struct iwl4965_priv *priv,
2671 struct iwl4965_cmd *cmd,
2672 struct ieee80211_tx_control *ctrl,
2673 struct ieee80211_hdr *hdr,
2674 int is_unicast, u8 std_id)
2677 u16 fc = le16_to_cpu(hdr->frame_control);
2678 __le32 tx_flags = cmd->cmd.tx.tx_flags;
2680 cmd->cmd.tx.stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
2681 if (!(ctrl->flags & IEEE80211_TXCTL_NO_ACK)) {
2682 tx_flags |= TX_CMD_FLG_ACK_MSK;
2683 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)
2684 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2685 if (ieee80211_is_probe_response(fc) &&
2686 !(le16_to_cpu(hdr->seq_ctrl) & 0xf))
2687 tx_flags |= TX_CMD_FLG_TSF_MSK;
2689 tx_flags &= (~TX_CMD_FLG_ACK_MSK);
2690 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2693 cmd->cmd.tx.sta_id = std_id;
2694 if (ieee80211_get_morefrag(hdr))
2695 tx_flags |= TX_CMD_FLG_MORE_FRAG_MSK;
2697 qc = ieee80211_get_qos_ctrl(hdr);
2699 cmd->cmd.tx.tid_tspec = (u8) (le16_to_cpu(*qc) & 0xf);
2700 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK;
2702 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
2704 if (ctrl->flags & IEEE80211_TXCTL_USE_RTS_CTS) {
2705 tx_flags |= TX_CMD_FLG_RTS_MSK;
2706 tx_flags &= ~TX_CMD_FLG_CTS_MSK;
2707 } else if (ctrl->flags & IEEE80211_TXCTL_USE_CTS_PROTECT) {
2708 tx_flags &= ~TX_CMD_FLG_RTS_MSK;
2709 tx_flags |= TX_CMD_FLG_CTS_MSK;
2712 if ((tx_flags & TX_CMD_FLG_RTS_MSK) || (tx_flags & TX_CMD_FLG_CTS_MSK))
2713 tx_flags |= TX_CMD_FLG_FULL_TXOP_PROT_MSK;
2715 tx_flags &= ~(TX_CMD_FLG_ANT_SEL_MSK);
2716 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
2717 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_ASSOC_REQ ||
2718 (fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_REASSOC_REQ)
2719 cmd->cmd.tx.timeout.pm_frame_timeout = cpu_to_le16(3);
2721 cmd->cmd.tx.timeout.pm_frame_timeout = cpu_to_le16(2);
2723 cmd->cmd.tx.timeout.pm_frame_timeout = 0;
2725 cmd->cmd.tx.driver_txop = 0;
2726 cmd->cmd.tx.tx_flags = tx_flags;
2727 cmd->cmd.tx.next_frame_len = 0;
2730 static int iwl4965_get_sta_id(struct iwl4965_priv *priv,
2731 struct ieee80211_hdr *hdr)
2734 u16 fc = le16_to_cpu(hdr->frame_control);
2735 DECLARE_MAC_BUF(mac);
2737 /* If this frame is broadcast or not data then use the broadcast
2739 if (((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) ||
2740 is_multicast_ether_addr(hdr->addr1))
2741 return priv->hw_setting.bcast_sta_id;
2743 switch (priv->iw_mode) {
2745 /* If this frame is part of a BSS network (we're a station), then
2746 * we use the AP's station id */
2747 case IEEE80211_IF_TYPE_STA:
2750 /* If we are an AP, then find the station, or use BCAST */
2751 case IEEE80211_IF_TYPE_AP:
2752 sta_id = iwl4965_hw_find_station(priv, hdr->addr1);
2753 if (sta_id != IWL_INVALID_STATION)
2755 return priv->hw_setting.bcast_sta_id;
2757 /* If this frame is part of a IBSS network, then we use the
2758 * target specific station id */
2759 case IEEE80211_IF_TYPE_IBSS:
2760 sta_id = iwl4965_hw_find_station(priv, hdr->addr1);
2761 if (sta_id != IWL_INVALID_STATION)
2764 sta_id = iwl4965_add_station_flags(priv, hdr->addr1, 0, CMD_ASYNC);
2766 if (sta_id != IWL_INVALID_STATION)
2769 IWL_DEBUG_DROP("Station %s not in station map. "
2770 "Defaulting to broadcast...\n",
2771 print_mac(mac, hdr->addr1));
2772 iwl4965_print_hex_dump(IWL_DL_DROP, (u8 *) hdr, sizeof(*hdr));
2773 return priv->hw_setting.bcast_sta_id;
2776 IWL_WARNING("Unknown mode of operation: %d", priv->iw_mode);
2777 return priv->hw_setting.bcast_sta_id;
2782 * start REPLY_TX command process
2784 static int iwl4965_tx_skb(struct iwl4965_priv *priv,
2785 struct sk_buff *skb, struct ieee80211_tx_control *ctl)
2787 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
2788 struct iwl4965_tfd_frame *tfd;
2790 int txq_id = ctl->queue;
2791 struct iwl4965_tx_queue *txq = NULL;
2792 struct iwl4965_queue *q = NULL;
2793 dma_addr_t phys_addr;
2794 dma_addr_t txcmd_phys;
2795 struct iwl4965_cmd *out_cmd = NULL;
2796 u16 len, idx, len_org;
2797 u8 id, hdr_len, unicast;
2802 u8 wait_write_ptr = 0;
2803 unsigned long flags;
2806 spin_lock_irqsave(&priv->lock, flags);
2807 if (iwl4965_is_rfkill(priv)) {
2808 IWL_DEBUG_DROP("Dropping - RF KILL\n");
2812 if (!priv->interface_id) {
2813 IWL_DEBUG_DROP("Dropping - !priv->interface_id\n");
2817 if ((ctl->tx_rate & 0xFF) == IWL_INVALID_RATE) {
2818 IWL_ERROR("ERROR: No TX rate available.\n");
2822 unicast = !is_multicast_ether_addr(hdr->addr1);
2825 fc = le16_to_cpu(hdr->frame_control);
2827 #ifdef CONFIG_IWL4965_DEBUG
2828 if (ieee80211_is_auth(fc))
2829 IWL_DEBUG_TX("Sending AUTH frame\n");
2830 else if (ieee80211_is_assoc_request(fc))
2831 IWL_DEBUG_TX("Sending ASSOC frame\n");
2832 else if (ieee80211_is_reassoc_request(fc))
2833 IWL_DEBUG_TX("Sending REASSOC frame\n");
2836 if (!iwl4965_is_associated(priv) &&
2837 ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
2838 IWL_DEBUG_DROP("Dropping - !iwl4965_is_associated\n");
2842 spin_unlock_irqrestore(&priv->lock, flags);
2844 hdr_len = ieee80211_get_hdrlen(fc);
2845 sta_id = iwl4965_get_sta_id(priv, hdr);
2846 if (sta_id == IWL_INVALID_STATION) {
2847 DECLARE_MAC_BUF(mac);
2849 IWL_DEBUG_DROP("Dropping - INVALID STATION: %s\n",
2850 print_mac(mac, hdr->addr1));
2854 IWL_DEBUG_RATE("station Id %d\n", sta_id);
2856 qc = ieee80211_get_qos_ctrl(hdr);
2858 u8 tid = (u8)(le16_to_cpu(*qc) & 0xf);
2859 seq_number = priv->stations[sta_id].tid[tid].seq_number &
2861 hdr->seq_ctrl = cpu_to_le16(seq_number) |
2863 __constant_cpu_to_le16(IEEE80211_SCTL_FRAG));
2865 #ifdef CONFIG_IWL4965_HT
2866 #ifdef CONFIG_IWL4965_HT_AGG
2867 /* aggregation is on for this <sta,tid> */
2868 if (ctl->flags & IEEE80211_TXCTL_HT_MPDU_AGG)
2869 txq_id = priv->stations[sta_id].tid[tid].agg.txq_id;
2870 #endif /* CONFIG_IWL4965_HT_AGG */
2871 #endif /* CONFIG_IWL4965_HT */
2873 txq = &priv->txq[txq_id];
2876 spin_lock_irqsave(&priv->lock, flags);
2878 tfd = &txq->bd[q->write_ptr];
2879 memset(tfd, 0, sizeof(*tfd));
2880 control_flags = (u32 *) tfd;
2881 idx = get_cmd_index(q, q->write_ptr, 0);
2883 memset(&(txq->txb[q->write_ptr]), 0, sizeof(struct iwl4965_tx_info));
2884 txq->txb[q->write_ptr].skb[0] = skb;
2885 memcpy(&(txq->txb[q->write_ptr].status.control),
2886 ctl, sizeof(struct ieee80211_tx_control));
2887 out_cmd = &txq->cmd[idx];
2888 memset(&out_cmd->hdr, 0, sizeof(out_cmd->hdr));
2889 memset(&out_cmd->cmd.tx, 0, sizeof(out_cmd->cmd.tx));
2890 out_cmd->hdr.cmd = REPLY_TX;
2891 out_cmd->hdr.sequence = cpu_to_le16((u16)(QUEUE_TO_SEQ(txq_id) |
2892 INDEX_TO_SEQ(q->write_ptr)));
2893 /* copy frags header */
2894 memcpy(out_cmd->cmd.tx.hdr, hdr, hdr_len);
2896 /* hdr = (struct ieee80211_hdr *)out_cmd->cmd.tx.hdr; */
2897 len = priv->hw_setting.tx_cmd_len +
2898 sizeof(struct iwl4965_cmd_header) + hdr_len;
2901 len = (len + 3) & ~3;
2908 txcmd_phys = txq->dma_addr_cmd + sizeof(struct iwl4965_cmd) * idx +
2909 offsetof(struct iwl4965_cmd, hdr);
2911 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, txcmd_phys, len);
2913 if (!(ctl->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
2914 iwl4965_build_tx_cmd_hwcrypto(priv, ctl, out_cmd, skb, 0);
2916 /* 802.11 null functions have no payload... */
2917 len = skb->len - hdr_len;
2919 phys_addr = pci_map_single(priv->pci_dev, skb->data + hdr_len,
2920 len, PCI_DMA_TODEVICE);
2921 iwl4965_hw_txq_attach_buf_to_tfd(priv, tfd, phys_addr, len);
2925 out_cmd->cmd.tx.tx_flags |= TX_CMD_FLG_MH_PAD_MSK;
2927 len = (u16)skb->len;
2928 out_cmd->cmd.tx.len = cpu_to_le16(len);
2930 /* TODO need this for burst mode later on */
2931 iwl4965_build_tx_cmd_basic(priv, out_cmd, ctl, hdr, unicast, sta_id);
2933 /* set is_hcca to 0; it probably will never be implemented */
2934 iwl4965_hw_build_tx_cmd_rate(priv, out_cmd, ctl, hdr, sta_id, 0);
2936 iwl4965_tx_cmd(priv, out_cmd, sta_id, txcmd_phys,
2937 hdr, hdr_len, ctl, NULL);
2939 if (!ieee80211_get_morefrag(hdr)) {
2940 txq->need_update = 1;
2942 u8 tid = (u8)(le16_to_cpu(*qc) & 0xf);
2943 priv->stations[sta_id].tid[tid].seq_number = seq_number;
2947 txq->need_update = 0;
2950 iwl4965_print_hex_dump(IWL_DL_TX, out_cmd->cmd.payload,
2951 sizeof(out_cmd->cmd.tx));
2953 iwl4965_print_hex_dump(IWL_DL_TX, (u8 *)out_cmd->cmd.tx.hdr,
2954 ieee80211_get_hdrlen(fc));
2956 iwl4965_tx_queue_update_wr_ptr(priv, txq, len);
2958 q->write_ptr = iwl4965_queue_inc_wrap(q->write_ptr, q->n_bd);
2959 rc = iwl4965_tx_queue_update_write_ptr(priv, txq);
2960 spin_unlock_irqrestore(&priv->lock, flags);
2965 if ((iwl4965_queue_space(q) < q->high_mark)
2966 && priv->mac80211_registered) {
2967 if (wait_write_ptr) {
2968 spin_lock_irqsave(&priv->lock, flags);
2969 txq->need_update = 1;
2970 iwl4965_tx_queue_update_write_ptr(priv, txq);
2971 spin_unlock_irqrestore(&priv->lock, flags);
2974 ieee80211_stop_queue(priv->hw, ctl->queue);
2980 spin_unlock_irqrestore(&priv->lock, flags);
2985 static void iwl4965_set_rate(struct iwl4965_priv *priv)
2987 const struct ieee80211_hw_mode *hw = NULL;
2988 struct ieee80211_rate *rate;
2991 hw = iwl4965_get_hw_mode(priv, priv->phymode);
2993 IWL_ERROR("Failed to set rate: unable to get hw mode\n");
2997 priv->active_rate = 0;
2998 priv->active_rate_basic = 0;
3000 IWL_DEBUG_RATE("Setting rates for 802.11%c\n",
3001 hw->mode == MODE_IEEE80211A ?
3002 'a' : ((hw->mode == MODE_IEEE80211B) ? 'b' : 'g'));
3004 for (i = 0; i < hw->num_rates; i++) {
3005 rate = &(hw->rates[i]);
3006 if ((rate->val < IWL_RATE_COUNT) &&
3007 (rate->flags & IEEE80211_RATE_SUPPORTED)) {
3008 IWL_DEBUG_RATE("Adding rate index %d (plcp %d)%s\n",
3009 rate->val, iwl4965_rates[rate->val].plcp,
3010 (rate->flags & IEEE80211_RATE_BASIC) ?
3012 priv->active_rate |= (1 << rate->val);
3013 if (rate->flags & IEEE80211_RATE_BASIC)
3014 priv->active_rate_basic |= (1 << rate->val);
3016 IWL_DEBUG_RATE("Not adding rate %d (plcp %d)\n",
3017 rate->val, iwl4965_rates[rate->val].plcp);
3020 IWL_DEBUG_RATE("Set active_rate = %0x, active_rate_basic = %0x\n",
3021 priv->active_rate, priv->active_rate_basic);
3024 * If a basic rate is configured, then use it (adding IWL_RATE_1M_MASK)
3025 * otherwise set it to the default of all CCK rates and 6, 12, 24 for
3028 if (priv->active_rate_basic & IWL_CCK_BASIC_RATES_MASK)
3029 priv->staging_rxon.cck_basic_rates =
3030 ((priv->active_rate_basic &
3031 IWL_CCK_RATES_MASK) >> IWL_FIRST_CCK_RATE) & 0xF;
3033 priv->staging_rxon.cck_basic_rates =
3034 (IWL_CCK_BASIC_RATES_MASK >> IWL_FIRST_CCK_RATE) & 0xF;
3036 if (priv->active_rate_basic & IWL_OFDM_BASIC_RATES_MASK)
3037 priv->staging_rxon.ofdm_basic_rates =
3038 ((priv->active_rate_basic &
3039 (IWL_OFDM_BASIC_RATES_MASK | IWL_RATE_6M_MASK)) >>
3040 IWL_FIRST_OFDM_RATE) & 0xFF;
3042 priv->staging_rxon.ofdm_basic_rates =
3043 (IWL_OFDM_BASIC_RATES_MASK >> IWL_FIRST_OFDM_RATE) & 0xFF;
3046 static void iwl4965_radio_kill_sw(struct iwl4965_priv *priv, int disable_radio)
3048 unsigned long flags;
3050 if (!!disable_radio == test_bit(STATUS_RF_KILL_SW, &priv->status))
3053 IWL_DEBUG_RF_KILL("Manual SW RF KILL set to: RADIO %s\n",
3054 disable_radio ? "OFF" : "ON");
3056 if (disable_radio) {
3057 iwl4965_scan_cancel(priv);
3058 /* FIXME: This is a workaround for AP */
3059 if (priv->iw_mode != IEEE80211_IF_TYPE_AP) {
3060 spin_lock_irqsave(&priv->lock, flags);
3061 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_SET,
3062 CSR_UCODE_SW_BIT_RFKILL);
3063 spin_unlock_irqrestore(&priv->lock, flags);
3064 iwl4965_send_card_state(priv, CARD_STATE_CMD_DISABLE, 0);
3065 set_bit(STATUS_RF_KILL_SW, &priv->status);
3070 spin_lock_irqsave(&priv->lock, flags);
3071 iwl4965_write32(priv, CSR_UCODE_DRV_GP1_CLR, CSR_UCODE_SW_BIT_RFKILL);
3073 clear_bit(STATUS_RF_KILL_SW, &priv->status);
3074 spin_unlock_irqrestore(&priv->lock, flags);
3079 spin_lock_irqsave(&priv->lock, flags);
3080 iwl4965_read32(priv, CSR_UCODE_DRV_GP1);
3081 if (!iwl4965_grab_nic_access(priv))
3082 iwl4965_release_nic_access(priv);
3083 spin_unlock_irqrestore(&priv->lock, flags);
3085 if (test_bit(STATUS_RF_KILL_HW, &priv->status)) {
3086 IWL_DEBUG_RF_KILL("Can not turn radio back on - "
3087 "disabled by HW switch\n");
3091 queue_work(priv->workqueue, &priv->restart);
3095 void iwl4965_set_decrypted_flag(struct iwl4965_priv *priv, struct sk_buff *skb,
3096 u32 decrypt_res, struct ieee80211_rx_status *stats)
3099 le16_to_cpu(((struct ieee80211_hdr *)skb->data)->frame_control);
3101 if (priv->active_rxon.filter_flags & RXON_FILTER_DIS_DECRYPT_MSK)
3104 if (!(fc & IEEE80211_FCTL_PROTECTED))
3107 IWL_DEBUG_RX("decrypt_res:0x%x\n", decrypt_res);
3108 switch (decrypt_res & RX_RES_STATUS_SEC_TYPE_MSK) {
3109 case RX_RES_STATUS_SEC_TYPE_TKIP:
3110 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
3111 RX_RES_STATUS_BAD_ICV_MIC)
3112 stats->flag |= RX_FLAG_MMIC_ERROR;
3113 case RX_RES_STATUS_SEC_TYPE_WEP:
3114 case RX_RES_STATUS_SEC_TYPE_CCMP:
3115 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
3116 RX_RES_STATUS_DECRYPT_OK) {
3117 IWL_DEBUG_RX("hw decrypt successfully!!!\n");
3118 stats->flag |= RX_FLAG_DECRYPTED;
3127 void iwl4965_handle_data_packet_monitor(struct iwl4965_priv *priv,
3128 struct iwl4965_rx_mem_buffer *rxb,
3129 void *data, short len,
3130 struct ieee80211_rx_status *stats,
Code Review / linux-2.6.git / blob