orinoco: use cfg80211 ethtool ops
[linux-2.6.git] / drivers / net / wireless / orinoco / hw.c
1 /* Encapsulate basic setting changes and retrieval on Hermes hardware
2  *
3  * See copyright notice in main.c
4  */
5 #include <linux/kernel.h>
6 #include <linux/device.h>
7 #include <linux/if_arp.h>
8 #include <linux/ieee80211.h>
9 #include <linux/wireless.h>
10 #include <net/cfg80211.h>
11 #include "hermes.h"
12 #include "hermes_rid.h"
13 #include "orinoco.h"
14
15 #include "hw.h"
16
17 #define SYMBOL_MAX_VER_LEN      (14)
18
19 /* Symbol firmware has a bug allocating buffers larger than this */
20 #define TX_NICBUF_SIZE_BUG      1585
21
22 /********************************************************************/
23 /* Data tables                                                      */
24 /********************************************************************/
25
26 /* This tables gives the actual meanings of the bitrate IDs returned
27  * by the firmware. */
28 static const struct {
29         int bitrate; /* in 100s of kilobits */
30         int automatic;
31         u16 agere_txratectrl;
32         u16 intersil_txratectrl;
33 } bitrate_table[] = {
34         {110, 1,  3, 15}, /* Entry 0 is the default */
35         {10,  0,  1,  1},
36         {10,  1,  1,  1},
37         {20,  0,  2,  2},
38         {20,  1,  6,  3},
39         {55,  0,  4,  4},
40         {55,  1,  7,  7},
41         {110, 0,  5,  8},
42 };
43 #define BITRATE_TABLE_SIZE ARRAY_SIZE(bitrate_table)
44
45 /* Firmware version encoding */
46 struct comp_id {
47         u16 id, variant, major, minor;
48 } __attribute__ ((packed));
49
50 static inline fwtype_t determine_firmware_type(struct comp_id *nic_id)
51 {
52         if (nic_id->id < 0x8000)
53                 return FIRMWARE_TYPE_AGERE;
54         else if (nic_id->id == 0x8000 && nic_id->major == 0)
55                 return FIRMWARE_TYPE_SYMBOL;
56         else
57                 return FIRMWARE_TYPE_INTERSIL;
58 }
59
60 /* Set priv->firmware type, determine firmware properties
61  * This function can be called before we have registerred with netdev,
62  * so all errors go out with dev_* rather than printk
63  *
64  * If non-NULL stores a firmware description in fw_name.
65  * If non-NULL stores a HW version in hw_ver
66  *
67  * These are output via generic cfg80211 ethtool support.
68  */
69 int determine_fw_capabilities(struct orinoco_private *priv,
70                               char *fw_name, size_t fw_name_len,
71                               u32 *hw_ver)
72 {
73         struct device *dev = priv->dev;
74         hermes_t *hw = &priv->hw;
75         int err;
76         struct comp_id nic_id, sta_id;
77         unsigned int firmver;
78         char tmp[SYMBOL_MAX_VER_LEN+1] __attribute__((aligned(2)));
79
80         /* Get the hardware version */
81         err = HERMES_READ_RECORD(hw, USER_BAP, HERMES_RID_NICID, &nic_id);
82         if (err) {
83                 dev_err(dev, "Cannot read hardware identity: error %d\n",
84                         err);
85                 return err;
86         }
87
88         le16_to_cpus(&nic_id.id);
89         le16_to_cpus(&nic_id.variant);
90         le16_to_cpus(&nic_id.major);
91         le16_to_cpus(&nic_id.minor);
92         dev_info(dev, "Hardware identity %04x:%04x:%04x:%04x\n",
93                  nic_id.id, nic_id.variant, nic_id.major, nic_id.minor);
94
95         if (hw_ver)
96                 *hw_ver = (((nic_id.id & 0xff) << 24) |
97                            ((nic_id.variant & 0xff) << 16) |
98                            ((nic_id.major & 0xff) << 8) |
99                            (nic_id.minor & 0xff));
100
101         priv->firmware_type = determine_firmware_type(&nic_id);
102
103         /* Get the firmware version */
104         err = HERMES_READ_RECORD(hw, USER_BAP, HERMES_RID_STAID, &sta_id);
105         if (err) {
106                 dev_err(dev, "Cannot read station identity: error %d\n",
107                         err);
108                 return err;
109         }
110
111         le16_to_cpus(&sta_id.id);
112         le16_to_cpus(&sta_id.variant);
113         le16_to_cpus(&sta_id.major);
114         le16_to_cpus(&sta_id.minor);
115         dev_info(dev, "Station identity  %04x:%04x:%04x:%04x\n",
116                  sta_id.id, sta_id.variant, sta_id.major, sta_id.minor);
117
118         switch (sta_id.id) {
119         case 0x15:
120                 dev_err(dev, "Primary firmware is active\n");
121                 return -ENODEV;
122         case 0x14b:
123                 dev_err(dev, "Tertiary firmware is active\n");
124                 return -ENODEV;
125         case 0x1f:      /* Intersil, Agere, Symbol Spectrum24 */
126         case 0x21:      /* Symbol Spectrum24 Trilogy */
127                 break;
128         default:
129                 dev_notice(dev, "Unknown station ID, please report\n");
130                 break;
131         }
132
133         /* Default capabilities */
134         priv->has_sensitivity = 1;
135         priv->has_mwo = 0;
136         priv->has_preamble = 0;
137         priv->has_port3 = 1;
138         priv->has_ibss = 1;
139         priv->has_wep = 0;
140         priv->has_big_wep = 0;
141         priv->has_alt_txcntl = 0;
142         priv->has_ext_scan = 0;
143         priv->has_wpa = 0;
144         priv->do_fw_download = 0;
145
146         /* Determine capabilities from the firmware version */
147         switch (priv->firmware_type) {
148         case FIRMWARE_TYPE_AGERE:
149                 /* Lucent Wavelan IEEE, Lucent Orinoco, Cabletron RoamAbout,
150                    ELSA, Melco, HP, IBM, Dell 1150, Compaq 110/210 */
151                 if (fw_name)
152                         snprintf(fw_name, fw_name_len, "Lucent/Agere %d.%02d",
153                                  sta_id.major, sta_id.minor);
154
155                 firmver = ((unsigned long)sta_id.major << 16) | sta_id.minor;
156
157                 priv->has_ibss = (firmver >= 0x60006);
158                 priv->has_wep = (firmver >= 0x40020);
159                 priv->has_big_wep = 1; /* FIXME: this is wrong - how do we tell
160                                           Gold cards from the others? */
161                 priv->has_mwo = (firmver >= 0x60000);
162                 priv->has_pm = (firmver >= 0x40020); /* Don't work in 7.52 ? */
163                 priv->ibss_port = 1;
164                 priv->has_hostscan = (firmver >= 0x8000a);
165                 priv->do_fw_download = 1;
166                 priv->broken_monitor = (firmver >= 0x80000);
167                 priv->has_alt_txcntl = (firmver >= 0x90000); /* All 9.x ? */
168                 priv->has_ext_scan = (firmver >= 0x90000); /* All 9.x ? */
169                 priv->has_wpa = (firmver >= 0x9002a);
170                 /* Tested with Agere firmware :
171                  *      1.16 ; 4.08 ; 4.52 ; 6.04 ; 6.16 ; 7.28 => Jean II
172                  * Tested CableTron firmware : 4.32 => Anton */
173                 break;
174         case FIRMWARE_TYPE_SYMBOL:
175                 /* Symbol , 3Com AirConnect, Intel, Ericsson WLAN */
176                 /* Intel MAC : 00:02:B3:* */
177                 /* 3Com MAC : 00:50:DA:* */
178                 memset(tmp, 0, sizeof(tmp));
179                 /* Get the Symbol firmware version */
180                 err = hermes_read_ltv(hw, USER_BAP,
181                                       HERMES_RID_SECONDARYVERSION_SYMBOL,
182                                       SYMBOL_MAX_VER_LEN, NULL, &tmp);
183                 if (err) {
184                         dev_warn(dev, "Error %d reading Symbol firmware info. "
185                                  "Wildly guessing capabilities...\n", err);
186                         firmver = 0;
187                         tmp[0] = '\0';
188                 } else {
189                         /* The firmware revision is a string, the format is
190                          * something like : "V2.20-01".
191                          * Quick and dirty parsing... - Jean II
192                          */
193                         firmver = ((tmp[1] - '0') << 16)
194                                 | ((tmp[3] - '0') << 12)
195                                 | ((tmp[4] - '0') << 8)
196                                 | ((tmp[6] - '0') << 4)
197                                 | (tmp[7] - '0');
198
199                         tmp[SYMBOL_MAX_VER_LEN] = '\0';
200                 }
201
202                 if (fw_name)
203                         snprintf(fw_name, fw_name_len, "Symbol %s", tmp);
204
205                 priv->has_ibss = (firmver >= 0x20000);
206                 priv->has_wep = (firmver >= 0x15012);
207                 priv->has_big_wep = (firmver >= 0x20000);
208                 priv->has_pm = (firmver >= 0x20000 && firmver < 0x22000) ||
209                                (firmver >= 0x29000 && firmver < 0x30000) ||
210                                firmver >= 0x31000;
211                 priv->has_preamble = (firmver >= 0x20000);
212                 priv->ibss_port = 4;
213
214                 /* Symbol firmware is found on various cards, but
215                  * there has been no attempt to check firmware
216                  * download on non-spectrum_cs based cards.
217                  *
218                  * Given that the Agere firmware download works
219                  * differently, we should avoid doing a firmware
220                  * download with the Symbol algorithm on non-spectrum
221                  * cards.
222                  *
223                  * For now we can identify a spectrum_cs based card
224                  * because it has a firmware reset function.
225                  */
226                 priv->do_fw_download = (priv->stop_fw != NULL);
227
228                 priv->broken_disableport = (firmver == 0x25013) ||
229                                 (firmver >= 0x30000 && firmver <= 0x31000);
230                 priv->has_hostscan = (firmver >= 0x31001) ||
231                                      (firmver >= 0x29057 && firmver < 0x30000);
232                 /* Tested with Intel firmware : 0x20015 => Jean II */
233                 /* Tested with 3Com firmware : 0x15012 & 0x22001 => Jean II */
234                 break;
235         case FIRMWARE_TYPE_INTERSIL:
236                 /* D-Link, Linksys, Adtron, ZoomAir, and many others...
237                  * Samsung, Compaq 100/200 and Proxim are slightly
238                  * different and less well tested */
239                 /* D-Link MAC : 00:40:05:* */
240                 /* Addtron MAC : 00:90:D1:* */
241                 if (fw_name)
242                         snprintf(fw_name, fw_name_len, "Intersil %d.%d.%d",
243                                  sta_id.major, sta_id.minor, sta_id.variant);
244
245                 firmver = ((unsigned long)sta_id.major << 16) |
246                         ((unsigned long)sta_id.minor << 8) | sta_id.variant;
247
248                 priv->has_ibss = (firmver >= 0x000700); /* FIXME */
249                 priv->has_big_wep = priv->has_wep = (firmver >= 0x000800);
250                 priv->has_pm = (firmver >= 0x000700);
251                 priv->has_hostscan = (firmver >= 0x010301);
252
253                 if (firmver >= 0x000800)
254                         priv->ibss_port = 0;
255                 else {
256                         dev_notice(dev, "Intersil firmware earlier than v0.8.x"
257                                    " - several features not supported\n");
258                         priv->ibss_port = 1;
259                 }
260                 break;
261         }
262         if (fw_name)
263                 dev_info(dev, "Firmware determined as %s\n", fw_name);
264
265         return 0;
266 }
267
268 /* Read settings from EEPROM into our private structure.
269  * MAC address gets dropped into callers buffer
270  * Can be called before netdev registration.
271  */
272 int orinoco_hw_read_card_settings(struct orinoco_private *priv, u8 *dev_addr)
273 {
274         struct device *dev = priv->dev;
275         struct hermes_idstring nickbuf;
276         hermes_t *hw = &priv->hw;
277         int len;
278         int err;
279         u16 reclen;
280
281         /* Get the MAC address */
282         err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
283                               ETH_ALEN, NULL, dev_addr);
284         if (err) {
285                 dev_warn(dev, "Failed to read MAC address!\n");
286                 goto out;
287         }
288
289         dev_dbg(dev, "MAC address %pM\n", dev_addr);
290
291         /* Get the station name */
292         err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CNFOWNNAME,
293                               sizeof(nickbuf), &reclen, &nickbuf);
294         if (err) {
295                 dev_err(dev, "failed to read station name\n");
296                 goto out;
297         }
298         if (nickbuf.len)
299                 len = min(IW_ESSID_MAX_SIZE, (int)le16_to_cpu(nickbuf.len));
300         else
301                 len = min(IW_ESSID_MAX_SIZE, 2 * reclen);
302         memcpy(priv->nick, &nickbuf.val, len);
303         priv->nick[len] = '\0';
304
305         dev_dbg(dev, "Station name \"%s\"\n", priv->nick);
306
307         /* Get allowed channels */
308         err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CHANNELLIST,
309                                   &priv->channel_mask);
310         if (err) {
311                 dev_err(dev, "Failed to read channel list!\n");
312                 goto out;
313         }
314
315         /* Get initial AP density */
316         err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFSYSTEMSCALE,
317                                   &priv->ap_density);
318         if (err || priv->ap_density < 1 || priv->ap_density > 3)
319                 priv->has_sensitivity = 0;
320
321         /* Get initial RTS threshold */
322         err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CNFRTSTHRESHOLD,
323                                   &priv->rts_thresh);
324         if (err) {
325                 dev_err(dev, "Failed to read RTS threshold!\n");
326                 goto out;
327         }
328
329         /* Get initial fragmentation settings */
330         if (priv->has_mwo)
331                 err = hermes_read_wordrec(hw, USER_BAP,
332                                           HERMES_RID_CNFMWOROBUST_AGERE,
333                                           &priv->mwo_robust);
334         else
335                 err = hermes_read_wordrec(hw, USER_BAP,
336                                           HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
337                                           &priv->frag_thresh);
338         if (err) {
339                 dev_err(dev, "Failed to read fragmentation settings!\n");
340                 goto out;
341         }
342
343         /* Power management setup */
344         if (priv->has_pm) {
345                 priv->pm_on = 0;
346                 priv->pm_mcast = 1;
347                 err = hermes_read_wordrec(hw, USER_BAP,
348                                           HERMES_RID_CNFMAXSLEEPDURATION,
349                                           &priv->pm_period);
350                 if (err) {
351                         dev_err(dev, "Failed to read power management "
352                                 "period!\n");
353                         goto out;
354                 }
355                 err = hermes_read_wordrec(hw, USER_BAP,
356                                           HERMES_RID_CNFPMHOLDOVERDURATION,
357                                           &priv->pm_timeout);
358                 if (err) {
359                         dev_err(dev, "Failed to read power management "
360                                 "timeout!\n");
361                         goto out;
362                 }
363         }
364
365         /* Preamble setup */
366         if (priv->has_preamble) {
367                 err = hermes_read_wordrec(hw, USER_BAP,
368                                           HERMES_RID_CNFPREAMBLE_SYMBOL,
369                                           &priv->preamble);
370         }
371
372 out:
373         return err;
374 }
375
376 /* Can be called before netdev registration */
377 int orinoco_hw_allocate_fid(struct orinoco_private *priv)
378 {
379         struct device *dev = priv->dev;
380         struct hermes *hw = &priv->hw;
381         int err;
382
383         err = hermes_allocate(hw, priv->nicbuf_size, &priv->txfid);
384         if (err == -EIO && priv->nicbuf_size > TX_NICBUF_SIZE_BUG) {
385                 /* Try workaround for old Symbol firmware bug */
386                 priv->nicbuf_size = TX_NICBUF_SIZE_BUG;
387                 err = hermes_allocate(hw, priv->nicbuf_size, &priv->txfid);
388
389                 dev_warn(dev, "Firmware ALLOC bug detected "
390                          "(old Symbol firmware?). Work around %s\n",
391                          err ? "failed!" : "ok.");
392         }
393
394         return err;
395 }
396
397 int orinoco_get_bitratemode(int bitrate, int automatic)
398 {
399         int ratemode = -1;
400         int i;
401
402         if ((bitrate != 10) && (bitrate != 20) &&
403             (bitrate != 55) && (bitrate != 110))
404                 return ratemode;
405
406         for (i = 0; i < BITRATE_TABLE_SIZE; i++) {
407                 if ((bitrate_table[i].bitrate == bitrate) &&
408                     (bitrate_table[i].automatic == automatic)) {
409                         ratemode = i;
410                         break;
411                 }
412         }
413         return ratemode;
414 }
415
416 void orinoco_get_ratemode_cfg(int ratemode, int *bitrate, int *automatic)
417 {
418         BUG_ON((ratemode < 0) || (ratemode >= BITRATE_TABLE_SIZE));
419
420         *bitrate = bitrate_table[ratemode].bitrate * 100000;
421         *automatic = bitrate_table[ratemode].automatic;
422 }
423
424 int orinoco_hw_program_rids(struct orinoco_private *priv)
425 {
426         struct net_device *dev = priv->ndev;
427         struct wireless_dev *wdev = netdev_priv(dev);
428         hermes_t *hw = &priv->hw;
429         int err;
430         struct hermes_idstring idbuf;
431
432         /* Set the MAC address */
433         err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
434                                HERMES_BYTES_TO_RECLEN(ETH_ALEN), dev->dev_addr);
435         if (err) {
436                 printk(KERN_ERR "%s: Error %d setting MAC address\n",
437                        dev->name, err);
438                 return err;
439         }
440
441         /* Set up the link mode */
442         err = hermes_write_wordrec(hw, USER_BAP, HERMES_RID_CNFPORTTYPE,
443                                    priv->port_type);
444         if (err) {
445                 printk(KERN_ERR "%s: Error %d setting port type\n",
446                        dev->name, err);
447                 return err;
448         }
449         /* Set the channel/frequency */
450         if (priv->channel != 0 && priv->iw_mode != NL80211_IFTYPE_STATION) {
451                 err = hermes_write_wordrec(hw, USER_BAP,
452                                            HERMES_RID_CNFOWNCHANNEL,
453                                            priv->channel);
454                 if (err) {
455                         printk(KERN_ERR "%s: Error %d setting channel %d\n",
456                                dev->name, err, priv->channel);
457                         return err;
458                 }
459         }
460
461         if (priv->has_ibss) {
462                 u16 createibss;
463
464                 if ((strlen(priv->desired_essid) == 0) && (priv->createibss)) {
465                         printk(KERN_WARNING "%s: This firmware requires an "
466                                "ESSID in IBSS-Ad-Hoc mode.\n", dev->name);
467                         /* With wvlan_cs, in this case, we would crash.
468                          * hopefully, this driver will behave better...
469                          * Jean II */
470                         createibss = 0;
471                 } else {
472                         createibss = priv->createibss;
473                 }
474
475                 err = hermes_write_wordrec(hw, USER_BAP,
476                                            HERMES_RID_CNFCREATEIBSS,
477                                            createibss);
478                 if (err) {
479                         printk(KERN_ERR "%s: Error %d setting CREATEIBSS\n",
480                                dev->name, err);
481                         return err;
482                 }
483         }
484
485         /* Set the desired BSSID */
486         err = __orinoco_hw_set_wap(priv);
487         if (err) {
488                 printk(KERN_ERR "%s: Error %d setting AP address\n",
489                        dev->name, err);
490                 return err;
491         }
492
493         /* Set the desired ESSID */
494         idbuf.len = cpu_to_le16(strlen(priv->desired_essid));
495         memcpy(&idbuf.val, priv->desired_essid, sizeof(idbuf.val));
496         /* WinXP wants partner to configure OWNSSID even in IBSS mode. (jimc) */
497         err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNSSID,
498                         HERMES_BYTES_TO_RECLEN(strlen(priv->desired_essid)+2),
499                         &idbuf);
500         if (err) {
501                 printk(KERN_ERR "%s: Error %d setting OWNSSID\n",
502                        dev->name, err);
503                 return err;
504         }
505         err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFDESIREDSSID,
506                         HERMES_BYTES_TO_RECLEN(strlen(priv->desired_essid)+2),
507                         &idbuf);
508         if (err) {
509                 printk(KERN_ERR "%s: Error %d setting DESIREDSSID\n",
510                        dev->name, err);
511                 return err;
512         }
513
514         /* Set the station name */
515         idbuf.len = cpu_to_le16(strlen(priv->nick));
516         memcpy(&idbuf.val, priv->nick, sizeof(idbuf.val));
517         err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNNAME,
518                                HERMES_BYTES_TO_RECLEN(strlen(priv->nick)+2),
519                                &idbuf);
520         if (err) {
521                 printk(KERN_ERR "%s: Error %d setting nickname\n",
522                        dev->name, err);
523                 return err;
524         }
525
526         /* Set AP density */
527         if (priv->has_sensitivity) {
528                 err = hermes_write_wordrec(hw, USER_BAP,
529                                            HERMES_RID_CNFSYSTEMSCALE,
530                                            priv->ap_density);
531                 if (err) {
532                         printk(KERN_WARNING "%s: Error %d setting SYSTEMSCALE. "
533                                "Disabling sensitivity control\n",
534                                dev->name, err);
535
536                         priv->has_sensitivity = 0;
537                 }
538         }
539
540         /* Set RTS threshold */
541         err = hermes_write_wordrec(hw, USER_BAP, HERMES_RID_CNFRTSTHRESHOLD,
542                                    priv->rts_thresh);
543         if (err) {
544                 printk(KERN_ERR "%s: Error %d setting RTS threshold\n",
545                        dev->name, err);
546                 return err;
547         }
548
549         /* Set fragmentation threshold or MWO robustness */
550         if (priv->has_mwo)
551                 err = hermes_write_wordrec(hw, USER_BAP,
552                                            HERMES_RID_CNFMWOROBUST_AGERE,
553                                            priv->mwo_robust);
554         else
555                 err = hermes_write_wordrec(hw, USER_BAP,
556                                            HERMES_RID_CNFFRAGMENTATIONTHRESHOLD,
557                                            priv->frag_thresh);
558         if (err) {
559                 printk(KERN_ERR "%s: Error %d setting fragmentation\n",
560                        dev->name, err);
561                 return err;
562         }
563
564         /* Set bitrate */
565         err = __orinoco_hw_set_bitrate(priv);
566         if (err) {
567                 printk(KERN_ERR "%s: Error %d setting bitrate\n",
568                        dev->name, err);
569                 return err;
570         }
571
572         /* Set power management */
573         if (priv->has_pm) {
574                 err = hermes_write_wordrec(hw, USER_BAP,
575                                            HERMES_RID_CNFPMENABLED,
576                                            priv->pm_on);
577                 if (err) {
578                         printk(KERN_ERR "%s: Error %d setting up PM\n",
579                                dev->name, err);
580                         return err;
581                 }
582
583                 err = hermes_write_wordrec(hw, USER_BAP,
584                                            HERMES_RID_CNFMULTICASTRECEIVE,
585                                            priv->pm_mcast);
586                 if (err) {
587                         printk(KERN_ERR "%s: Error %d setting up PM\n",
588                                dev->name, err);
589                         return err;
590                 }
591                 err = hermes_write_wordrec(hw, USER_BAP,
592                                            HERMES_RID_CNFMAXSLEEPDURATION,
593                                            priv->pm_period);
594                 if (err) {
595                         printk(KERN_ERR "%s: Error %d setting up PM\n",
596                                dev->name, err);
597                         return err;
598                 }
599                 err = hermes_write_wordrec(hw, USER_BAP,
600                                            HERMES_RID_CNFPMHOLDOVERDURATION,
601                                            priv->pm_timeout);
602                 if (err) {
603                         printk(KERN_ERR "%s: Error %d setting up PM\n",
604                                dev->name, err);
605                         return err;
606                 }
607         }
608
609         /* Set preamble - only for Symbol so far... */
610         if (priv->has_preamble) {
611                 err = hermes_write_wordrec(hw, USER_BAP,
612                                            HERMES_RID_CNFPREAMBLE_SYMBOL,
613                                            priv->preamble);
614                 if (err) {
615                         printk(KERN_ERR "%s: Error %d setting preamble\n",
616                                dev->name, err);
617                         return err;
618                 }
619         }
620
621         /* Set up encryption */
622         if (priv->has_wep || priv->has_wpa) {
623                 err = __orinoco_hw_setup_enc(priv);
624                 if (err) {
625                         printk(KERN_ERR "%s: Error %d activating encryption\n",
626                                dev->name, err);
627                         return err;
628                 }
629         }
630
631         if (priv->iw_mode == NL80211_IFTYPE_MONITOR) {
632                 /* Enable monitor mode */
633                 dev->type = ARPHRD_IEEE80211;
634                 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
635                                             HERMES_TEST_MONITOR, 0, NULL);
636         } else {
637                 /* Disable monitor mode */
638                 dev->type = ARPHRD_ETHER;
639                 err = hermes_docmd_wait(hw, HERMES_CMD_TEST |
640                                             HERMES_TEST_STOP, 0, NULL);
641         }
642         if (err)
643                 return err;
644
645         /* Reset promiscuity / multicast*/
646         priv->promiscuous = 0;
647         priv->mc_count = 0;
648
649         /* Record mode change */
650         wdev->iftype = priv->iw_mode;
651
652         return 0;
653 }
654
655 /* Get tsc from the firmware */
656 int orinoco_hw_get_tkip_iv(struct orinoco_private *priv, int key, u8 *tsc)
657 {
658         hermes_t *hw = &priv->hw;
659         int err = 0;
660         u8 tsc_arr[4][ORINOCO_SEQ_LEN];
661
662         if ((key < 0) || (key >= 4))
663                 return -EINVAL;
664
665         err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENT_TKIP_IV,
666                               sizeof(tsc_arr), NULL, &tsc_arr);
667         if (!err)
668                 memcpy(tsc, &tsc_arr[key][0], sizeof(tsc_arr[0]));
669
670         return err;
671 }
672
673 int __orinoco_hw_set_bitrate(struct orinoco_private *priv)
674 {
675         hermes_t *hw = &priv->hw;
676         int ratemode = priv->bitratemode;
677         int err = 0;
678
679         if (ratemode >= BITRATE_TABLE_SIZE) {
680                 printk(KERN_ERR "%s: BUG: Invalid bitrate mode %d\n",
681                        priv->ndev->name, ratemode);
682                 return -EINVAL;
683         }
684
685         switch (priv->firmware_type) {
686         case FIRMWARE_TYPE_AGERE:
687                 err = hermes_write_wordrec(hw, USER_BAP,
688                                 HERMES_RID_CNFTXRATECONTROL,
689                                 bitrate_table[ratemode].agere_txratectrl);
690                 break;
691         case FIRMWARE_TYPE_INTERSIL:
692         case FIRMWARE_TYPE_SYMBOL:
693                 err = hermes_write_wordrec(hw, USER_BAP,
694                                 HERMES_RID_CNFTXRATECONTROL,
695                                 bitrate_table[ratemode].intersil_txratectrl);
696                 break;
697         default:
698                 BUG();
699         }
700
701         return err;
702 }
703
704 int orinoco_hw_get_act_bitrate(struct orinoco_private *priv, int *bitrate)
705 {
706         hermes_t *hw = &priv->hw;
707         int i;
708         int err = 0;
709         u16 val;
710
711         err = hermes_read_wordrec(hw, USER_BAP,
712                                   HERMES_RID_CURRENTTXRATE, &val);
713         if (err)
714                 return err;
715
716         switch (priv->firmware_type) {
717         case FIRMWARE_TYPE_AGERE: /* Lucent style rate */
718                 /* Note : in Lucent firmware, the return value of
719                  * HERMES_RID_CURRENTTXRATE is the bitrate in Mb/s,
720                  * and therefore is totally different from the
721                  * encoding of HERMES_RID_CNFTXRATECONTROL.
722                  * Don't forget that 6Mb/s is really 5.5Mb/s */
723                 if (val == 6)
724                         *bitrate = 5500000;
725                 else
726                         *bitrate = val * 1000000;
727                 break;
728         case FIRMWARE_TYPE_INTERSIL: /* Intersil style rate */
729         case FIRMWARE_TYPE_SYMBOL: /* Symbol style rate */
730                 for (i = 0; i < BITRATE_TABLE_SIZE; i++)
731                         if (bitrate_table[i].intersil_txratectrl == val)
732                                 break;
733
734                 if (i >= BITRATE_TABLE_SIZE)
735                         printk(KERN_INFO "%s: Unable to determine current bitrate (0x%04hx)\n",
736                                priv->ndev->name, val);
737
738                 *bitrate = bitrate_table[i].bitrate * 100000;
739                 break;
740         default:
741                 BUG();
742         }
743
744         return err;
745 }
746
747 /* Set fixed AP address */
748 int __orinoco_hw_set_wap(struct orinoco_private *priv)
749 {
750         int roaming_flag;
751         int err = 0;
752         hermes_t *hw = &priv->hw;
753
754         switch (priv->firmware_type) {
755         case FIRMWARE_TYPE_AGERE:
756                 /* not supported */
757                 break;
758         case FIRMWARE_TYPE_INTERSIL:
759                 if (priv->bssid_fixed)
760                         roaming_flag = 2;
761                 else
762                         roaming_flag = 1;
763
764                 err = hermes_write_wordrec(hw, USER_BAP,
765                                            HERMES_RID_CNFROAMINGMODE,
766                                            roaming_flag);
767                 break;
768         case FIRMWARE_TYPE_SYMBOL:
769                 err = HERMES_WRITE_RECORD(hw, USER_BAP,
770                                           HERMES_RID_CNFMANDATORYBSSID_SYMBOL,
771                                           &priv->desired_bssid);
772                 break;
773         }
774         return err;
775 }
776
777 /* Change the WEP keys and/or the current keys.  Can be called
778  * either from __orinoco_hw_setup_enc() or directly from
779  * orinoco_ioctl_setiwencode().  In the later case the association
780  * with the AP is not broken (if the firmware can handle it),
781  * which is needed for 802.1x implementations. */
782 int __orinoco_hw_setup_wepkeys(struct orinoco_private *priv)
783 {
784         hermes_t *hw = &priv->hw;
785         int err = 0;
786         int i;
787
788         switch (priv->firmware_type) {
789         case FIRMWARE_TYPE_AGERE:
790         {
791                 struct orinoco_key keys[ORINOCO_MAX_KEYS];
792
793                 memset(&keys, 0, sizeof(keys));
794                 for (i = 0; i < ORINOCO_MAX_KEYS; i++) {
795                         int len = min(priv->keys[i].key_len,
796                                       ORINOCO_MAX_KEY_SIZE);
797                         memcpy(&keys[i].data, priv->keys[i].key, len);
798                         if (len > SMALL_KEY_SIZE)
799                                 keys[i].len = cpu_to_le16(LARGE_KEY_SIZE);
800                         else if (len > 0)
801                                 keys[i].len = cpu_to_le16(SMALL_KEY_SIZE);
802                         else
803                                 keys[i].len = cpu_to_le16(0);
804                 }
805
806                 err = HERMES_WRITE_RECORD(hw, USER_BAP,
807                                           HERMES_RID_CNFWEPKEYS_AGERE,
808                                           &keys);
809                 if (err)
810                         return err;
811                 err = hermes_write_wordrec(hw, USER_BAP,
812                                            HERMES_RID_CNFTXKEY_AGERE,
813                                            priv->tx_key);
814                 if (err)
815                         return err;
816                 break;
817         }
818         case FIRMWARE_TYPE_INTERSIL:
819         case FIRMWARE_TYPE_SYMBOL:
820                 {
821                         int keylen;
822
823                         /* Force uniform key length to work around
824                          * firmware bugs */
825                         keylen = priv->keys[priv->tx_key].key_len;
826
827                         if (keylen > LARGE_KEY_SIZE) {
828                                 printk(KERN_ERR "%s: BUG: Key %d has oversize length %d.\n",
829                                        priv->ndev->name, priv->tx_key, keylen);
830                                 return -E2BIG;
831                         } else if (keylen > SMALL_KEY_SIZE)
832                                 keylen = LARGE_KEY_SIZE;
833                         else if (keylen > 0)
834                                 keylen = SMALL_KEY_SIZE;
835                         else
836                                 keylen = 0;
837
838                         /* Write all 4 keys */
839                         for (i = 0; i < ORINOCO_MAX_KEYS; i++) {
840                                 u8 key[LARGE_KEY_SIZE] = { 0 };
841
842                                 memcpy(key, priv->keys[i].key,
843                                        priv->keys[i].key_len);
844
845                                 err = hermes_write_ltv(hw, USER_BAP,
846                                                 HERMES_RID_CNFDEFAULTKEY0 + i,
847                                                 HERMES_BYTES_TO_RECLEN(keylen),
848                                                 key);
849                                 if (err)
850                                         return err;
851                         }
852
853                         /* Write the index of the key used in transmission */
854                         err = hermes_write_wordrec(hw, USER_BAP,
855                                                 HERMES_RID_CNFWEPDEFAULTKEYID,
856                                                 priv->tx_key);
857                         if (err)
858                                 return err;
859                 }
860                 break;
861         }
862
863         return 0;
864 }
865
866 int __orinoco_hw_setup_enc(struct orinoco_private *priv)
867 {
868         hermes_t *hw = &priv->hw;
869         int err = 0;
870         int master_wep_flag;
871         int auth_flag;
872         int enc_flag;
873
874         /* Setup WEP keys */
875         if (priv->encode_alg == ORINOCO_ALG_WEP)
876                 __orinoco_hw_setup_wepkeys(priv);
877
878         if (priv->wep_restrict)
879                 auth_flag = HERMES_AUTH_SHARED_KEY;
880         else
881                 auth_flag = HERMES_AUTH_OPEN;
882
883         if (priv->wpa_enabled)
884                 enc_flag = 2;
885         else if (priv->encode_alg == ORINOCO_ALG_WEP)
886                 enc_flag = 1;
887         else
888                 enc_flag = 0;
889
890         switch (priv->firmware_type) {
891         case FIRMWARE_TYPE_AGERE: /* Agere style WEP */
892                 if (priv->encode_alg == ORINOCO_ALG_WEP) {
893                         /* Enable the shared-key authentication. */
894                         err = hermes_write_wordrec(hw, USER_BAP,
895                                         HERMES_RID_CNFAUTHENTICATION_AGERE,
896                                         auth_flag);
897                 }
898                 err = hermes_write_wordrec(hw, USER_BAP,
899                                            HERMES_RID_CNFWEPENABLED_AGERE,
900                                            enc_flag);
901                 if (err)
902                         return err;
903
904                 if (priv->has_wpa) {
905                         /* Set WPA key management */
906                         err = hermes_write_wordrec(hw, USER_BAP,
907                                   HERMES_RID_CNFSETWPAAUTHMGMTSUITE_AGERE,
908                                   priv->key_mgmt);
909                         if (err)
910                                 return err;
911                 }
912
913                 break;
914
915         case FIRMWARE_TYPE_INTERSIL: /* Intersil style WEP */
916         case FIRMWARE_TYPE_SYMBOL: /* Symbol style WEP */
917                 if (priv->encode_alg == ORINOCO_ALG_WEP) {
918                         if (priv->wep_restrict ||
919                             (priv->firmware_type == FIRMWARE_TYPE_SYMBOL))
920                                 master_wep_flag = HERMES_WEP_PRIVACY_INVOKED |
921                                                   HERMES_WEP_EXCL_UNENCRYPTED;
922                         else
923                                 master_wep_flag = HERMES_WEP_PRIVACY_INVOKED;
924
925                         err = hermes_write_wordrec(hw, USER_BAP,
926                                                    HERMES_RID_CNFAUTHENTICATION,
927                                                    auth_flag);
928                         if (err)
929                                 return err;
930                 } else
931                         master_wep_flag = 0;
932
933                 if (priv->iw_mode == NL80211_IFTYPE_MONITOR)
934                         master_wep_flag |= HERMES_WEP_HOST_DECRYPT;
935
936                 /* Master WEP setting : on/off */
937                 err = hermes_write_wordrec(hw, USER_BAP,
938                                            HERMES_RID_CNFWEPFLAGS_INTERSIL,
939                                            master_wep_flag);
940                 if (err)
941                         return err;
942
943                 break;
944         }
945
946         return 0;
947 }
948
949 /* key must be 32 bytes, including the tx and rx MIC keys.
950  * rsc must be NULL or up to 8 bytes
951  * tsc must be NULL or up to 8 bytes
952  */
953 int __orinoco_hw_set_tkip_key(struct orinoco_private *priv, int key_idx,
954                               int set_tx, u8 *key, u8 *rsc, size_t rsc_len,
955                               u8 *tsc, size_t tsc_len)
956 {
957         struct {
958                 __le16 idx;
959                 u8 rsc[ORINOCO_SEQ_LEN];
960                 u8 key[TKIP_KEYLEN];
961                 u8 tx_mic[MIC_KEYLEN];
962                 u8 rx_mic[MIC_KEYLEN];
963                 u8 tsc[ORINOCO_SEQ_LEN];
964         } __attribute__ ((packed)) buf;
965         hermes_t *hw = &priv->hw;
966         int ret;
967         int err;
968         int k;
969         u16 xmitting;
970
971         key_idx &= 0x3;
972
973         if (set_tx)
974                 key_idx |= 0x8000;
975
976         buf.idx = cpu_to_le16(key_idx);
977         memcpy(buf.key, key,
978                sizeof(buf.key) + sizeof(buf.tx_mic) + sizeof(buf.rx_mic));
979
980         if (rsc_len > sizeof(buf.rsc))
981                 rsc_len = sizeof(buf.rsc);
982
983         if (tsc_len > sizeof(buf.tsc))
984                 tsc_len = sizeof(buf.tsc);
985
986         memset(buf.rsc, 0, sizeof(buf.rsc));
987         memset(buf.tsc, 0, sizeof(buf.tsc));
988
989         if (rsc != NULL)
990                 memcpy(buf.rsc, rsc, rsc_len);
991
992         if (tsc != NULL)
993                 memcpy(buf.tsc, tsc, tsc_len);
994         else
995                 buf.tsc[4] = 0x10;
996
997         /* Wait upto 100ms for tx queue to empty */
998         for (k = 100; k > 0; k--) {
999                 udelay(1000);
1000                 ret = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_TXQUEUEEMPTY,
1001                                           &xmitting);
1002                 if (ret || !xmitting)
1003                         break;
1004         }
1005
1006         if (k == 0)
1007                 ret = -ETIMEDOUT;
1008
1009         err = HERMES_WRITE_RECORD(hw, USER_BAP,
1010                                   HERMES_RID_CNFADDDEFAULTTKIPKEY_AGERE,
1011                                   &buf);
1012
1013         return ret ? ret : err;
1014 }
1015
1016 int orinoco_clear_tkip_key(struct orinoco_private *priv, int key_idx)
1017 {
1018         hermes_t *hw = &priv->hw;
1019         int err;
1020
1021         err = hermes_write_wordrec(hw, USER_BAP,
1022                                    HERMES_RID_CNFREMDEFAULTTKIPKEY_AGERE,
1023                                    key_idx);
1024         if (err)
1025                 printk(KERN_WARNING "%s: Error %d clearing TKIP key %d\n",
1026                        priv->ndev->name, err, key_idx);
1027         return err;
1028 }
1029
1030 int __orinoco_hw_set_multicast_list(struct orinoco_private *priv,
1031                                     struct dev_addr_list *mc_list,
1032                                     int mc_count, int promisc)
1033 {
1034         hermes_t *hw = &priv->hw;
1035         int err = 0;
1036
1037         if (promisc != priv->promiscuous) {
1038                 err = hermes_write_wordrec(hw, USER_BAP,
1039                                            HERMES_RID_CNFPROMISCUOUSMODE,
1040                                            promisc);
1041                 if (err) {
1042                         printk(KERN_ERR "%s: Error %d setting PROMISCUOUSMODE to 1.\n",
1043                                priv->ndev->name, err);
1044                 } else
1045                         priv->promiscuous = promisc;
1046         }
1047
1048         /* If we're not in promiscuous mode, then we need to set the
1049          * group address if either we want to multicast, or if we were
1050          * multicasting and want to stop */
1051         if (!promisc && (mc_count || priv->mc_count)) {
1052                 struct dev_mc_list *p = mc_list;
1053                 struct hermes_multicast mclist;
1054                 int i;
1055
1056                 for (i = 0; i < mc_count; i++) {
1057                         /* paranoia: is list shorter than mc_count? */
1058                         BUG_ON(!p);
1059                         /* paranoia: bad address size in list? */
1060                         BUG_ON(p->dmi_addrlen != ETH_ALEN);
1061
1062                         memcpy(mclist.addr[i], p->dmi_addr, ETH_ALEN);
1063                         p = p->next;
1064                 }
1065
1066                 if (p)
1067                         printk(KERN_WARNING "%s: Multicast list is "
1068                                "longer than mc_count\n", priv->ndev->name);
1069
1070                 err = hermes_write_ltv(hw, USER_BAP,
1071                                    HERMES_RID_CNFGROUPADDRESSES,
1072                                    HERMES_BYTES_TO_RECLEN(mc_count * ETH_ALEN),
1073                                    &mclist);
1074                 if (err)
1075                         printk(KERN_ERR "%s: Error %d setting multicast list.\n",
1076                                priv->ndev->name, err);
1077                 else
1078                         priv->mc_count = mc_count;
1079         }
1080         return err;
1081 }
1082
1083 /* Return : < 0 -> error code ; >= 0 -> length */
1084 int orinoco_hw_get_essid(struct orinoco_private *priv, int *active,
1085                          char buf[IW_ESSID_MAX_SIZE+1])
1086 {
1087         hermes_t *hw = &priv->hw;
1088         int err = 0;
1089         struct hermes_idstring essidbuf;
1090         char *p = (char *)(&essidbuf.val);
1091         int len;
1092         unsigned long flags;
1093
1094         if (orinoco_lock(priv, &flags) != 0)
1095                 return -EBUSY;
1096
1097         if (strlen(priv->desired_essid) > 0) {
1098                 /* We read the desired SSID from the hardware rather
1099                    than from priv->desired_essid, just in case the
1100                    firmware is allowed to change it on us. I'm not
1101                    sure about this */
1102                 /* My guess is that the OWNSSID should always be whatever
1103                  * we set to the card, whereas CURRENT_SSID is the one that
1104                  * may change... - Jean II */
1105                 u16 rid;
1106
1107                 *active = 1;
1108
1109                 rid = (priv->port_type == 3) ? HERMES_RID_CNFOWNSSID :
1110                         HERMES_RID_CNFDESIREDSSID;
1111
1112                 err = hermes_read_ltv(hw, USER_BAP, rid, sizeof(essidbuf),
1113                                       NULL, &essidbuf);
1114                 if (err)
1115                         goto fail_unlock;
1116         } else {
1117                 *active = 0;
1118
1119                 err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTSSID,
1120                                       sizeof(essidbuf), NULL, &essidbuf);
1121                 if (err)
1122                         goto fail_unlock;
1123         }
1124
1125         len = le16_to_cpu(essidbuf.len);
1126         BUG_ON(len > IW_ESSID_MAX_SIZE);
1127
1128         memset(buf, 0, IW_ESSID_MAX_SIZE);
1129         memcpy(buf, p, len);
1130         err = len;
1131
1132  fail_unlock:
1133         orinoco_unlock(priv, &flags);
1134
1135         return err;
1136 }
1137
1138 int orinoco_hw_get_freq(struct orinoco_private *priv)
1139 {
1140         hermes_t *hw = &priv->hw;
1141         int err = 0;
1142         u16 channel;
1143         int freq = 0;
1144         unsigned long flags;
1145
1146         if (orinoco_lock(priv, &flags) != 0)
1147                 return -EBUSY;
1148
1149         err = hermes_read_wordrec(hw, USER_BAP, HERMES_RID_CURRENTCHANNEL,
1150                                   &channel);
1151         if (err)
1152                 goto out;
1153
1154         /* Intersil firmware 1.3.5 returns 0 when the interface is down */
1155         if (channel == 0) {
1156                 err = -EBUSY;
1157                 goto out;
1158         }
1159
1160         if ((channel < 1) || (channel > NUM_CHANNELS)) {
1161                 printk(KERN_WARNING "%s: Channel out of range (%d)!\n",
1162                        priv->ndev->name, channel);
1163                 err = -EBUSY;
1164                 goto out;
1165
1166         }
1167         freq = ieee80211_dsss_chan_to_freq(channel);
1168
1169  out:
1170         orinoco_unlock(priv, &flags);
1171
1172         if (err > 0)
1173                 err = -EBUSY;
1174         return err ? err : freq;
1175 }
1176
1177 int orinoco_hw_get_bitratelist(struct orinoco_private *priv,
1178                                int *numrates, s32 *rates, int max)
1179 {
1180         hermes_t *hw = &priv->hw;
1181         struct hermes_idstring list;
1182         unsigned char *p = (unsigned char *)&list.val;
1183         int err = 0;
1184         int num;
1185         int i;
1186         unsigned long flags;
1187
1188         if (orinoco_lock(priv, &flags) != 0)
1189                 return -EBUSY;
1190
1191         err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_SUPPORTEDDATARATES,
1192                               sizeof(list), NULL, &list);
1193         orinoco_unlock(priv, &flags);
1194
1195         if (err)
1196                 return err;
1197
1198         num = le16_to_cpu(list.len);
1199         *numrates = num;
1200         num = min(num, max);
1201
1202         for (i = 0; i < num; i++)
1203                 rates[i] = (p[i] & 0x7f) * 500000; /* convert to bps */
1204
1205         return 0;
1206 }
1207
1208 int orinoco_hw_trigger_scan(struct orinoco_private *priv,
1209                             const struct cfg80211_ssid *ssid)
1210 {
1211         struct net_device *dev = priv->ndev;
1212         hermes_t *hw = &priv->hw;
1213         unsigned long flags;
1214         int err = 0;
1215
1216         if (orinoco_lock(priv, &flags) != 0)
1217                 return -EBUSY;
1218
1219         /* Scanning with port 0 disabled would fail */
1220         if (!netif_running(dev)) {
1221                 err = -ENETDOWN;
1222                 goto out;
1223         }
1224
1225         /* In monitor mode, the scan results are always empty.
1226          * Probe responses are passed to the driver as received
1227          * frames and could be processed in software. */
1228         if (priv->iw_mode == NL80211_IFTYPE_MONITOR) {
1229                 err = -EOPNOTSUPP;
1230                 goto out;
1231         }
1232
1233         if (priv->has_hostscan) {
1234                 switch (priv->firmware_type) {
1235                 case FIRMWARE_TYPE_SYMBOL:
1236                         err = hermes_write_wordrec(hw, USER_BAP,
1237                                                 HERMES_RID_CNFHOSTSCAN_SYMBOL,
1238                                                 HERMES_HOSTSCAN_SYMBOL_ONCE |
1239                                                 HERMES_HOSTSCAN_SYMBOL_BCAST);
1240                         break;
1241                 case FIRMWARE_TYPE_INTERSIL: {
1242                         __le16 req[3];
1243
1244                         req[0] = cpu_to_le16(0x3fff);   /* All channels */
1245                         req[1] = cpu_to_le16(0x0001);   /* rate 1 Mbps */
1246                         req[2] = 0;                     /* Any ESSID */
1247                         err = HERMES_WRITE_RECORD(hw, USER_BAP,
1248                                                   HERMES_RID_CNFHOSTSCAN, &req);
1249                         break;
1250                 }
1251                 case FIRMWARE_TYPE_AGERE:
1252                         if (ssid->ssid_len > 0) {
1253                                 struct hermes_idstring idbuf;
1254                                 size_t len = ssid->ssid_len;
1255
1256                                 idbuf.len = cpu_to_le16(len);
1257                                 memcpy(idbuf.val, ssid->ssid, len);
1258
1259                                 err = hermes_write_ltv(hw, USER_BAP,
1260                                                HERMES_RID_CNFSCANSSID_AGERE,
1261                                                HERMES_BYTES_TO_RECLEN(len + 2),
1262                                                &idbuf);
1263                         } else
1264                                 err = hermes_write_wordrec(hw, USER_BAP,
1265                                                    HERMES_RID_CNFSCANSSID_AGERE,
1266                                                    0);  /* Any ESSID */
1267                         if (err)
1268                                 break;
1269
1270                         if (priv->has_ext_scan) {
1271                                 err = hermes_write_wordrec(hw, USER_BAP,
1272                                                 HERMES_RID_CNFSCANCHANNELS2GHZ,
1273                                                 0x7FFF);
1274                                 if (err)
1275                                         goto out;
1276
1277                                 err = hermes_inquire(hw,
1278                                                      HERMES_INQ_CHANNELINFO);
1279                         } else
1280                                 err = hermes_inquire(hw, HERMES_INQ_SCAN);
1281
1282                         break;
1283                 }
1284         } else
1285                 err = hermes_inquire(hw, HERMES_INQ_SCAN);
1286
1287  out:
1288         orinoco_unlock(priv, &flags);
1289
1290         return err;
1291 }
1292
1293 /* Disassociate from node with BSSID addr */
1294 int orinoco_hw_disassociate(struct orinoco_private *priv,
1295                             u8 *addr, u16 reason_code)
1296 {
1297         hermes_t *hw = &priv->hw;
1298         int err;
1299
1300         struct {
1301                 u8 addr[ETH_ALEN];
1302                 __le16 reason_code;
1303         } __attribute__ ((packed)) buf;
1304
1305         /* Currently only supported by WPA enabled Agere fw */
1306         if (!priv->has_wpa)
1307                 return -EOPNOTSUPP;
1308
1309         memcpy(buf.addr, addr, ETH_ALEN);
1310         buf.reason_code = cpu_to_le16(reason_code);
1311         err = HERMES_WRITE_RECORD(hw, USER_BAP,
1312                                   HERMES_RID_CNFDISASSOCIATE,
1313                                   &buf);
1314         return err;
1315 }
1316
1317 int orinoco_hw_get_current_bssid(struct orinoco_private *priv,
1318                                  u8 *addr)
1319 {
1320         hermes_t *hw = &priv->hw;
1321         int err;
1322
1323         err = hermes_read_ltv(hw, USER_BAP, HERMES_RID_CURRENTBSSID,
1324                               ETH_ALEN, NULL, addr);
1325
1326         return err;
1327 }