drivers/net/wireless/at76c50x-usb.c at 17431928194b36a0f88082df875e2e036da7fddf

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / net / wireless / at76c50x-usb.c
at 17431928194b36a0f88082df875e2e036da7fddf 2512 lines 70 kB view raw
wrap content
   1/*
   2 * at76c503/at76c505 USB driver
   3 *
   4 * Copyright (c) 2002 - 2003 Oliver Kurth
   5 * Copyright (c) 2004 Joerg Albert <joerg.albert@gmx.de>
   6 * Copyright (c) 2004 Nick Jones
   7 * Copyright (c) 2004 Balint Seeber <n0_5p4m_p13453@hotmail.com>
   8 * Copyright (c) 2007 Guido Guenther <agx@sigxcpu.org>
   9 * Copyright (c) 2007 Kalle Valo <kalle.valo@iki.fi>
  10 *
  11 * This program is free software; you can redistribute it and/or
  12 * modify it under the terms of the GNU General Public License as
  13 * published by the Free Software Foundation; either version 2 of
  14 * the License, or (at your option) any later version.
  15 *
  16 * This file is part of the Berlios driver for WLAN USB devices based on the
  17 * Atmel AT76C503A/505/505A.
  18 *
  19 * Some iw_handler code was taken from airo.c, (C) 1999 Benjamin Reed
  20 *
  21 * TODO list is at the wiki:
  22 *
  23 * http://wireless.kernel.org/en/users/Drivers/at76c50x-usb#TODO
  24 *
  25 */
  26
  27#include <linux/init.h>
  28#include <linux/kernel.h>
  29#include <linux/sched.h>
  30#include <linux/errno.h>
  31#include <linux/slab.h>
  32#include <linux/module.h>
  33#include <linux/spinlock.h>
  34#include <linux/list.h>
  35#include <linux/usb.h>
  36#include <linux/netdevice.h>
  37#include <linux/if_arp.h>
  38#include <linux/etherdevice.h>
  39#include <linux/ethtool.h>
  40#include <linux/wireless.h>
  41#include <net/iw_handler.h>
  42#include <net/ieee80211_radiotap.h>
  43#include <linux/firmware.h>
  44#include <linux/leds.h>
  45#include <net/mac80211.h>
  46
  47#include "at76c50x-usb.h"
  48
  49/* Version information */
  50#define DRIVER_NAME "at76c50x-usb"
  51#define DRIVER_VERSION	"0.17"
  52#define DRIVER_DESC "Atmel at76x USB Wireless LAN Driver"
  53
  54/* at76_debug bits */
  55#define DBG_PROGRESS		0x00000001	/* authentication/accociation */
  56#define DBG_BSS_TABLE		0x00000002	/* show BSS table after scans */
  57#define DBG_IOCTL		0x00000004	/* ioctl calls / settings */
  58#define DBG_MAC_STATE		0x00000008	/* MAC state transitions */
  59#define DBG_TX_DATA		0x00000010	/* tx header */
  60#define DBG_TX_DATA_CONTENT	0x00000020	/* tx content */
  61#define DBG_TX_MGMT		0x00000040	/* tx management */
  62#define DBG_RX_DATA		0x00000080	/* rx data header */
  63#define DBG_RX_DATA_CONTENT	0x00000100	/* rx data content */
  64#define DBG_RX_MGMT		0x00000200	/* rx mgmt frame headers */
  65#define DBG_RX_BEACON		0x00000400	/* rx beacon */
  66#define DBG_RX_CTRL		0x00000800	/* rx control */
  67#define DBG_RX_MGMT_CONTENT	0x00001000	/* rx mgmt content */
  68#define DBG_RX_FRAGS		0x00002000	/* rx data fragment handling */
  69#define DBG_DEVSTART		0x00004000	/* fw download, device start */
  70#define DBG_URB			0x00008000	/* rx urb status, ... */
  71#define DBG_RX_ATMEL_HDR	0x00010000	/* Atmel-specific Rx headers */
  72#define DBG_PROC_ENTRY		0x00020000	/* procedure entries/exits */
  73#define DBG_PM			0x00040000	/* power management settings */
  74#define DBG_BSS_MATCH		0x00080000	/* BSS match failures */
  75#define DBG_PARAMS		0x00100000	/* show configured parameters */
  76#define DBG_WAIT_COMPLETE	0x00200000	/* command completion */
  77#define DBG_RX_FRAGS_SKB	0x00400000	/* skb header of Rx fragments */
  78#define DBG_BSS_TABLE_RM	0x00800000	/* purging bss table entries */
  79#define DBG_MONITOR_MODE	0x01000000	/* monitor mode */
  80#define DBG_MIB			0x02000000	/* dump all MIBs on startup */
  81#define DBG_MGMT_TIMER		0x04000000	/* dump mgmt_timer ops */
  82#define DBG_WE_EVENTS		0x08000000	/* dump wireless events */
  83#define DBG_FW			0x10000000	/* firmware download */
  84#define DBG_DFU			0x20000000	/* device firmware upgrade */
  85#define DBG_CMD			0x40000000
  86#define DBG_MAC80211		0x80000000
  87
  88#define DBG_DEFAULTS		0
  89
  90/* Use our own dbg macro */
  91#define at76_dbg(bits, format, arg...) \
  92	do { \
  93		if (at76_debug & (bits))				 \
  94			printk(KERN_DEBUG DRIVER_NAME ": " format "\n" , \
  95			       ## arg);					 \
  96	} while (0)
  97
  98#define at76_dbg_dump(bits, buf, len, format, arg...)	\
  99	do { \
 100		if (at76_debug & (bits)) { \
 101			printk(KERN_DEBUG DRIVER_NAME ": " format "\n" , \
 102			       ## arg);					 \
 103			print_hex_dump_bytes("", DUMP_PREFIX_OFFSET,     \
 104					     buf, len);			 \
 105		}							 \
 106	} while (0)
 107
 108static uint at76_debug = DBG_DEFAULTS;
 109
 110/* Protect against concurrent firmware loading and parsing */
 111static struct mutex fw_mutex;
 112
 113static struct fwentry firmwares[] = {
 114	[0] = { "" },
 115	[BOARD_503_ISL3861] = { "atmel_at76c503-i3861.bin" },
 116	[BOARD_503_ISL3863] = { "atmel_at76c503-i3863.bin" },
 117	[BOARD_503] = { "atmel_at76c503-rfmd.bin" },
 118	[BOARD_503_ACC] = { "atmel_at76c503-rfmd-acc.bin" },
 119	[BOARD_505] = { "atmel_at76c505-rfmd.bin" },
 120	[BOARD_505_2958] = { "atmel_at76c505-rfmd2958.bin" },
 121	[BOARD_505A] = { "atmel_at76c505a-rfmd2958.bin" },
 122	[BOARD_505AMX] = { "atmel_at76c505amx-rfmd.bin" },
 123};
 124MODULE_FIRMWARE("atmel_at76c503-i3861.bin");
 125MODULE_FIRMWARE("atmel_at76c503-i3863.bin");
 126MODULE_FIRMWARE("atmel_at76c503-rfmd.bin");
 127MODULE_FIRMWARE("atmel_at76c503-rfmd-acc.bin");
 128MODULE_FIRMWARE("atmel_at76c505-rfmd.bin");
 129MODULE_FIRMWARE("atmel_at76c505-rfmd2958.bin");
 130MODULE_FIRMWARE("atmel_at76c505a-rfmd2958.bin");
 131MODULE_FIRMWARE("atmel_at76c505amx-rfmd.bin");
 132
 133#define USB_DEVICE_DATA(__ops)	.driver_info = (kernel_ulong_t)(__ops)
 134
 135static struct usb_device_id dev_table[] = {
 136	/*
 137	 * at76c503-i3861
 138	 */
 139	/* Generic AT76C503/3861 device */
 140	{ USB_DEVICE(0x03eb, 0x7603), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 141	/* Linksys WUSB11 v2.1/v2.6 */
 142	{ USB_DEVICE(0x066b, 0x2211), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 143	/* Netgear MA101 rev. A */
 144	{ USB_DEVICE(0x0864, 0x4100), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 145	/* Tekram U300C / Allnet ALL0193 */
 146	{ USB_DEVICE(0x0b3b, 0x1612), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 147	/* HP HN210W J7801A */
 148	{ USB_DEVICE(0x03f0, 0x011c), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 149	/* Sitecom/Z-Com/Zyxel M4Y-750 */
 150	{ USB_DEVICE(0x0cde, 0x0001), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 151	/* Dynalink/Askey WLL013 (intersil) */
 152	{ USB_DEVICE(0x069a, 0x0320), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 153	/* EZ connect 11Mpbs Wireless USB Adapter SMC2662W v1 */
 154	{ USB_DEVICE(0x0d5c, 0xa001), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 155	/* BenQ AWL300 */
 156	{ USB_DEVICE(0x04a5, 0x9000), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 157	/* Addtron AWU-120, Compex WLU11 */
 158	{ USB_DEVICE(0x05dd, 0xff31), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 159	/* Intel AP310 AnyPoint II USB */
 160	{ USB_DEVICE(0x8086, 0x0200), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 161	/* Dynalink L11U */
 162	{ USB_DEVICE(0x0d8e, 0x7100), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 163	/* Arescom WL-210, FCC id 07J-GL2411USB */
 164	{ USB_DEVICE(0x0d8e, 0x7110), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 165	/* I-O DATA WN-B11/USB */
 166	{ USB_DEVICE(0x04bb, 0x0919), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 167	/* BT Voyager 1010 */
 168	{ USB_DEVICE(0x069a, 0x0821), USB_DEVICE_DATA(BOARD_503_ISL3861) },
 169	/*
 170	 * at76c503-i3863
 171	 */
 172	/* Generic AT76C503/3863 device */
 173	{ USB_DEVICE(0x03eb, 0x7604), USB_DEVICE_DATA(BOARD_503_ISL3863) },
 174	/* Samsung SWL-2100U */
 175	{ USB_DEVICE(0x055d, 0xa000), USB_DEVICE_DATA(BOARD_503_ISL3863) },
 176	/*
 177	 * at76c503-rfmd
 178	 */
 179	/* Generic AT76C503/RFMD device */
 180	{ USB_DEVICE(0x03eb, 0x7605), USB_DEVICE_DATA(BOARD_503) },
 181	/* Dynalink/Askey WLL013 (rfmd) */
 182	{ USB_DEVICE(0x069a, 0x0321), USB_DEVICE_DATA(BOARD_503) },
 183	/* Linksys WUSB11 v2.6 */
 184	{ USB_DEVICE(0x077b, 0x2219), USB_DEVICE_DATA(BOARD_503) },
 185	/* Network Everywhere NWU11B */
 186	{ USB_DEVICE(0x077b, 0x2227), USB_DEVICE_DATA(BOARD_503) },
 187	/* Netgear MA101 rev. B */
 188	{ USB_DEVICE(0x0864, 0x4102), USB_DEVICE_DATA(BOARD_503) },
 189	/* D-Link DWL-120 rev. E */
 190	{ USB_DEVICE(0x2001, 0x3200), USB_DEVICE_DATA(BOARD_503) },
 191	/* Actiontec 802UAT1, HWU01150-01UK */
 192	{ USB_DEVICE(0x1668, 0x7605), USB_DEVICE_DATA(BOARD_503) },
 193	/* AirVast W-Buddie WN210 */
 194	{ USB_DEVICE(0x03eb, 0x4102), USB_DEVICE_DATA(BOARD_503) },
 195	/* Dick Smith Electronics XH1153 802.11b USB adapter */
 196	{ USB_DEVICE(0x1371, 0x5743), USB_DEVICE_DATA(BOARD_503) },
 197	/* CNet CNUSB611 */
 198	{ USB_DEVICE(0x1371, 0x0001), USB_DEVICE_DATA(BOARD_503) },
 199	/* FiberLine FL-WL200U */
 200	{ USB_DEVICE(0x1371, 0x0002), USB_DEVICE_DATA(BOARD_503) },
 201	/* BenQ AWL400 USB stick */
 202	{ USB_DEVICE(0x04a5, 0x9001), USB_DEVICE_DATA(BOARD_503) },
 203	/* 3Com 3CRSHEW696 */
 204	{ USB_DEVICE(0x0506, 0x0a01), USB_DEVICE_DATA(BOARD_503) },
 205	/* Siemens Santis ADSL WLAN USB adapter WLL 013 */
 206	{ USB_DEVICE(0x0681, 0x001b), USB_DEVICE_DATA(BOARD_503) },
 207	/* Belkin F5D6050, version 2 */
 208	{ USB_DEVICE(0x050d, 0x0050), USB_DEVICE_DATA(BOARD_503) },
 209	/* iBlitzz, BWU613 (not *B or *SB) */
 210	{ USB_DEVICE(0x07b8, 0xb000), USB_DEVICE_DATA(BOARD_503) },
 211	/* Gigabyte GN-WLBM101 */
 212	{ USB_DEVICE(0x1044, 0x8003), USB_DEVICE_DATA(BOARD_503) },
 213	/* Planex GW-US11S */
 214	{ USB_DEVICE(0x2019, 0x3220), USB_DEVICE_DATA(BOARD_503) },
 215	/* Internal WLAN adapter in h5[4,5]xx series iPAQs */
 216	{ USB_DEVICE(0x049f, 0x0032), USB_DEVICE_DATA(BOARD_503) },
 217	/* Corega Wireless LAN USB-11 mini */
 218	{ USB_DEVICE(0x07aa, 0x0011), USB_DEVICE_DATA(BOARD_503) },
 219	/* Corega Wireless LAN USB-11 mini2 */
 220	{ USB_DEVICE(0x07aa, 0x0018), USB_DEVICE_DATA(BOARD_503) },
 221	/* Uniden PCW100 */
 222	{ USB_DEVICE(0x05dd, 0xff35), USB_DEVICE_DATA(BOARD_503) },
 223	/*
 224	 * at76c503-rfmd-acc
 225	 */
 226	/* SMC2664W */
 227	{ USB_DEVICE(0x083a, 0x3501), USB_DEVICE_DATA(BOARD_503_ACC) },
 228	/* Belkin F5D6050, SMC2662W v2, SMC2662W-AR */
 229	{ USB_DEVICE(0x0d5c, 0xa002), USB_DEVICE_DATA(BOARD_503_ACC) },
 230	/*
 231	 * at76c505-rfmd
 232	 */
 233	/* Generic AT76C505/RFMD */
 234	{ USB_DEVICE(0x03eb, 0x7606), USB_DEVICE_DATA(BOARD_505) },
 235	/*
 236	 * at76c505-rfmd2958
 237	 */
 238	/* Generic AT76C505/RFMD, OvisLink WL-1130USB */
 239	{ USB_DEVICE(0x03eb, 0x7613), USB_DEVICE_DATA(BOARD_505_2958) },
 240	/* Fiberline FL-WL240U */
 241	{ USB_DEVICE(0x1371, 0x0014), USB_DEVICE_DATA(BOARD_505_2958) },
 242	/* CNet CNUSB-611G */
 243	{ USB_DEVICE(0x1371, 0x0013), USB_DEVICE_DATA(BOARD_505_2958) },
 244	/* Linksys WUSB11 v2.8 */
 245	{ USB_DEVICE(0x1915, 0x2233), USB_DEVICE_DATA(BOARD_505_2958) },
 246	/* Xterasys XN-2122B, IBlitzz BWU613B/BWU613SB */
 247	{ USB_DEVICE(0x12fd, 0x1001), USB_DEVICE_DATA(BOARD_505_2958) },
 248	/* Corega WLAN USB Stick 11 */
 249	{ USB_DEVICE(0x07aa, 0x7613), USB_DEVICE_DATA(BOARD_505_2958) },
 250	/* Microstar MSI Box MS6978 */
 251	{ USB_DEVICE(0x0db0, 0x1020), USB_DEVICE_DATA(BOARD_505_2958) },
 252	/*
 253	 * at76c505a-rfmd2958
 254	 */
 255	/* Generic AT76C505A device */
 256	{ USB_DEVICE(0x03eb, 0x7614), USB_DEVICE_DATA(BOARD_505A) },
 257	/* Generic AT76C505AS device */
 258	{ USB_DEVICE(0x03eb, 0x7617), USB_DEVICE_DATA(BOARD_505A) },
 259	/* Siemens Gigaset USB WLAN Adapter 11 */
 260	{ USB_DEVICE(0x1690, 0x0701), USB_DEVICE_DATA(BOARD_505A) },
 261	/* OQO Model 01+ Internal Wi-Fi */
 262	{ USB_DEVICE(0x1557, 0x0002), USB_DEVICE_DATA(BOARD_505A) },
 263	/*
 264	 * at76c505amx-rfmd
 265	 */
 266	/* Generic AT76C505AMX device */
 267	{ USB_DEVICE(0x03eb, 0x7615), USB_DEVICE_DATA(BOARD_505AMX) },
 268	{ }
 269};
 270
 271MODULE_DEVICE_TABLE(usb, dev_table);
 272
 273/* Supported rates of this hardware, bit 7 marks basic rates */
 274static const u8 hw_rates[] = { 0x82, 0x84, 0x0b, 0x16 };
 275
 276static const char *const preambles[] = { "long", "short", "auto" };
 277
 278/* Firmware download */
 279/* DFU states */
 280#define STATE_IDLE			0x00
 281#define STATE_DETACH			0x01
 282#define STATE_DFU_IDLE			0x02
 283#define STATE_DFU_DOWNLOAD_SYNC		0x03
 284#define STATE_DFU_DOWNLOAD_BUSY		0x04
 285#define STATE_DFU_DOWNLOAD_IDLE		0x05
 286#define STATE_DFU_MANIFEST_SYNC		0x06
 287#define STATE_DFU_MANIFEST		0x07
 288#define STATE_DFU_MANIFEST_WAIT_RESET	0x08
 289#define STATE_DFU_UPLOAD_IDLE		0x09
 290#define STATE_DFU_ERROR			0x0a
 291
 292/* DFU commands */
 293#define DFU_DETACH			0
 294#define DFU_DNLOAD			1
 295#define DFU_UPLOAD			2
 296#define DFU_GETSTATUS			3
 297#define DFU_CLRSTATUS			4
 298#define DFU_GETSTATE			5
 299#define DFU_ABORT			6
 300
 301#define FW_BLOCK_SIZE 1024
 302
 303struct dfu_status {
 304	unsigned char status;
 305	unsigned char poll_timeout[3];
 306	unsigned char state;
 307	unsigned char string;
 308} __attribute__((packed));
 309
 310static inline int at76_is_intersil(enum board_type board)
 311{
 312	return (board == BOARD_503_ISL3861 || board == BOARD_503_ISL3863);
 313}
 314
 315static inline int at76_is_503rfmd(enum board_type board)
 316{
 317	return (board == BOARD_503 || board == BOARD_503_ACC);
 318}
 319
 320static inline int at76_is_505a(enum board_type board)
 321{
 322	return (board == BOARD_505A || board == BOARD_505AMX);
 323}
 324
 325/* Load a block of the first (internal) part of the firmware */
 326static int at76_load_int_fw_block(struct usb_device *udev, int blockno,
 327				  void *block, int size)
 328{
 329	return usb_control_msg(udev, usb_sndctrlpipe(udev, 0), DFU_DNLOAD,
 330			       USB_TYPE_CLASS | USB_DIR_OUT |
 331			       USB_RECIP_INTERFACE, blockno, 0, block, size,
 332			       USB_CTRL_GET_TIMEOUT);
 333}
 334
 335static int at76_dfu_get_status(struct usb_device *udev,
 336			       struct dfu_status *status)
 337{
 338	int ret;
 339
 340	ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), DFU_GETSTATUS,
 341			      USB_TYPE_CLASS | USB_DIR_IN | USB_RECIP_INTERFACE,
 342			      0, 0, status, sizeof(struct dfu_status),
 343			      USB_CTRL_GET_TIMEOUT);
 344	return ret;
 345}
 346
 347static u8 at76_dfu_get_state(struct usb_device *udev, u8 *state)
 348{
 349	int ret;
 350
 351	ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), DFU_GETSTATE,
 352			      USB_TYPE_CLASS | USB_DIR_IN | USB_RECIP_INTERFACE,
 353			      0, 0, state, 1, USB_CTRL_GET_TIMEOUT);
 354	return ret;
 355}
 356
 357/* Convert timeout from the DFU status to jiffies */
 358static inline unsigned long at76_get_timeout(struct dfu_status *s)
 359{
 360	return msecs_to_jiffies((s->poll_timeout[2] << 16)
 361				| (s->poll_timeout[1] << 8)
 362				| (s->poll_timeout[0]));
 363}
 364
 365/* Load internal firmware from the buffer.  If manifest_sync_timeout > 0, use
 366 * its value in jiffies in the MANIFEST_SYNC state.  */
 367static int at76_usbdfu_download(struct usb_device *udev, u8 *buf, u32 size,
 368				int manifest_sync_timeout)
 369{
 370	u8 *block;
 371	struct dfu_status dfu_stat_buf;
 372	int ret = 0;
 373	int need_dfu_state = 1;
 374	int is_done = 0;
 375	u8 dfu_state = 0;
 376	u32 dfu_timeout = 0;
 377	int bsize = 0;
 378	int blockno = 0;
 379
 380	at76_dbg(DBG_DFU, "%s( %p, %u, %d)", __func__, buf, size,
 381		 manifest_sync_timeout);
 382
 383	if (!size) {
 384		dev_printk(KERN_ERR, &udev->dev, "FW buffer length invalid!\n");
 385		return -EINVAL;
 386	}
 387
 388	block = kmalloc(FW_BLOCK_SIZE, GFP_KERNEL);
 389	if (!block)
 390		return -ENOMEM;
 391
 392	do {
 393		if (need_dfu_state) {
 394			ret = at76_dfu_get_state(udev, &dfu_state);
 395			if (ret < 0) {
 396				dev_printk(KERN_ERR, &udev->dev,
 397					   "cannot get DFU state: %d\n", ret);
 398				goto exit;
 399			}
 400			need_dfu_state = 0;
 401		}
 402
 403		switch (dfu_state) {
 404		case STATE_DFU_DOWNLOAD_SYNC:
 405			at76_dbg(DBG_DFU, "STATE_DFU_DOWNLOAD_SYNC");
 406			ret = at76_dfu_get_status(udev, &dfu_stat_buf);
 407			if (ret >= 0) {
 408				dfu_state = dfu_stat_buf.state;
 409				dfu_timeout = at76_get_timeout(&dfu_stat_buf);
 410				need_dfu_state = 0;
 411			} else
 412				dev_printk(KERN_ERR, &udev->dev,
 413					   "at76_dfu_get_status returned %d\n",
 414					   ret);
 415			break;
 416
 417		case STATE_DFU_DOWNLOAD_BUSY:
 418			at76_dbg(DBG_DFU, "STATE_DFU_DOWNLOAD_BUSY");
 419			need_dfu_state = 1;
 420
 421			at76_dbg(DBG_DFU, "DFU: Resetting device");
 422			schedule_timeout_interruptible(dfu_timeout);
 423			break;
 424
 425		case STATE_DFU_DOWNLOAD_IDLE:
 426			at76_dbg(DBG_DFU, "DOWNLOAD...");
 427			/* fall through */
 428		case STATE_DFU_IDLE:
 429			at76_dbg(DBG_DFU, "DFU IDLE");
 430
 431			bsize = min_t(int, size, FW_BLOCK_SIZE);
 432			memcpy(block, buf, bsize);
 433			at76_dbg(DBG_DFU, "int fw, size left = %5d, "
 434				 "bsize = %4d, blockno = %2d", size, bsize,
 435				 blockno);
 436			ret =
 437			    at76_load_int_fw_block(udev, blockno, block, bsize);
 438			buf += bsize;
 439			size -= bsize;
 440			blockno++;
 441
 442			if (ret != bsize)
 443				dev_printk(KERN_ERR, &udev->dev,
 444					   "at76_load_int_fw_block "
 445					   "returned %d\n", ret);
 446			need_dfu_state = 1;
 447			break;
 448
 449		case STATE_DFU_MANIFEST_SYNC:
 450			at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST_SYNC");
 451
 452			ret = at76_dfu_get_status(udev, &dfu_stat_buf);
 453			if (ret < 0)
 454				break;
 455
 456			dfu_state = dfu_stat_buf.state;
 457			dfu_timeout = at76_get_timeout(&dfu_stat_buf);
 458			need_dfu_state = 0;
 459
 460			/* override the timeout from the status response,
 461			   needed for AT76C505A */
 462			if (manifest_sync_timeout > 0)
 463				dfu_timeout = manifest_sync_timeout;
 464
 465			at76_dbg(DBG_DFU, "DFU: Waiting for manifest phase");
 466			schedule_timeout_interruptible(dfu_timeout);
 467			break;
 468
 469		case STATE_DFU_MANIFEST:
 470			at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST");
 471			is_done = 1;
 472			break;
 473
 474		case STATE_DFU_MANIFEST_WAIT_RESET:
 475			at76_dbg(DBG_DFU, "STATE_DFU_MANIFEST_WAIT_RESET");
 476			is_done = 1;
 477			break;
 478
 479		case STATE_DFU_UPLOAD_IDLE:
 480			at76_dbg(DBG_DFU, "STATE_DFU_UPLOAD_IDLE");
 481			break;
 482
 483		case STATE_DFU_ERROR:
 484			at76_dbg(DBG_DFU, "STATE_DFU_ERROR");
 485			ret = -EPIPE;
 486			break;
 487
 488		default:
 489			at76_dbg(DBG_DFU, "DFU UNKNOWN STATE (%d)", dfu_state);
 490			ret = -EINVAL;
 491			break;
 492		}
 493	} while (!is_done && (ret >= 0));
 494
 495exit:
 496	kfree(block);
 497	if (ret >= 0)
 498		ret = 0;
 499
 500	return ret;
 501}
 502
 503#define HEX2STR_BUFFERS 4
 504#define HEX2STR_MAX_LEN 64
 505#define BIN2HEX(x) ((x) < 10 ? '0' + (x) : (x) + 'A' - 10)
 506
 507/* Convert binary data into hex string */
 508static char *hex2str(void *buf, int len)
 509{
 510	static atomic_t a = ATOMIC_INIT(0);
 511	static char bufs[HEX2STR_BUFFERS][3 * HEX2STR_MAX_LEN + 1];
 512	char *ret = bufs[atomic_inc_return(&a) & (HEX2STR_BUFFERS - 1)];
 513	char *obuf = ret;
 514	u8 *ibuf = buf;
 515
 516	if (len > HEX2STR_MAX_LEN)
 517		len = HEX2STR_MAX_LEN;
 518
 519	if (len <= 0) {
 520		ret[0] = '\0';
 521		return ret;
 522	}
 523
 524	while (len--) {
 525		*obuf++ = BIN2HEX(*ibuf >> 4);
 526		*obuf++ = BIN2HEX(*ibuf & 0xf);
 527		*obuf++ = '-';
 528		ibuf++;
 529	}
 530	*(--obuf) = '\0';
 531
 532	return ret;
 533}
 534
 535/* LED trigger */
 536static int tx_activity;
 537static void at76_ledtrig_tx_timerfunc(unsigned long data);
 538static DEFINE_TIMER(ledtrig_tx_timer, at76_ledtrig_tx_timerfunc, 0, 0);
 539DEFINE_LED_TRIGGER(ledtrig_tx);
 540
 541static void at76_ledtrig_tx_timerfunc(unsigned long data)
 542{
 543	static int tx_lastactivity;
 544
 545	if (tx_lastactivity != tx_activity) {
 546		tx_lastactivity = tx_activity;
 547		led_trigger_event(ledtrig_tx, LED_FULL);
 548		mod_timer(&ledtrig_tx_timer, jiffies + HZ / 4);
 549	} else
 550		led_trigger_event(ledtrig_tx, LED_OFF);
 551}
 552
 553static void at76_ledtrig_tx_activity(void)
 554{
 555	tx_activity++;
 556	if (!timer_pending(&ledtrig_tx_timer))
 557		mod_timer(&ledtrig_tx_timer, jiffies + HZ / 4);
 558}
 559
 560static int at76_remap(struct usb_device *udev)
 561{
 562	int ret;
 563	ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0a,
 564			      USB_TYPE_VENDOR | USB_DIR_OUT |
 565			      USB_RECIP_INTERFACE, 0, 0, NULL, 0,
 566			      USB_CTRL_GET_TIMEOUT);
 567	if (ret < 0)
 568		return ret;
 569	return 0;
 570}
 571
 572static int at76_get_op_mode(struct usb_device *udev)
 573{
 574	int ret;
 575	u8 saved;
 576	u8 *op_mode;
 577
 578	op_mode = kmalloc(1, GFP_NOIO);
 579	if (!op_mode)
 580		return -ENOMEM;
 581	ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
 582			      USB_TYPE_VENDOR | USB_DIR_IN |
 583			      USB_RECIP_INTERFACE, 0x01, 0, op_mode, 1,
 584			      USB_CTRL_GET_TIMEOUT);
 585	saved = *op_mode;
 586	kfree(op_mode);
 587
 588	if (ret < 0)
 589		return ret;
 590	else if (ret < 1)
 591		return -EIO;
 592	else
 593		return saved;
 594}
 595
 596/* Load a block of the second ("external") part of the firmware */
 597static inline int at76_load_ext_fw_block(struct usb_device *udev, int blockno,
 598					 void *block, int size)
 599{
 600	return usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0e,
 601			       USB_TYPE_VENDOR | USB_DIR_OUT | USB_RECIP_DEVICE,
 602			       0x0802, blockno, block, size,
 603			       USB_CTRL_GET_TIMEOUT);
 604}
 605
 606static inline int at76_get_hw_cfg(struct usb_device *udev,
 607				  union at76_hwcfg *buf, int buf_size)
 608{
 609	return usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
 610			       USB_TYPE_VENDOR | USB_DIR_IN |
 611			       USB_RECIP_INTERFACE, 0x0a02, 0,
 612			       buf, buf_size, USB_CTRL_GET_TIMEOUT);
 613}
 614
 615/* Intersil boards use a different "value" for GetHWConfig requests */
 616static inline int at76_get_hw_cfg_intersil(struct usb_device *udev,
 617					   union at76_hwcfg *buf, int buf_size)
 618{
 619	return usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
 620			       USB_TYPE_VENDOR | USB_DIR_IN |
 621			       USB_RECIP_INTERFACE, 0x0902, 0,
 622			       buf, buf_size, USB_CTRL_GET_TIMEOUT);
 623}
 624
 625/* Get the hardware configuration for the adapter and put it to the appropriate
 626 * fields of 'priv' (the GetHWConfig request and interpretation of the result
 627 * depends on the board type) */
 628static int at76_get_hw_config(struct at76_priv *priv)
 629{
 630	int ret;
 631	union at76_hwcfg *hwcfg = kmalloc(sizeof(*hwcfg), GFP_KERNEL);
 632
 633	if (!hwcfg)
 634		return -ENOMEM;
 635
 636	if (at76_is_intersil(priv->board_type)) {
 637		ret = at76_get_hw_cfg_intersil(priv->udev, hwcfg,
 638					       sizeof(hwcfg->i));
 639		if (ret < 0)
 640			goto exit;
 641		memcpy(priv->mac_addr, hwcfg->i.mac_addr, ETH_ALEN);
 642		priv->regulatory_domain = hwcfg->i.regulatory_domain;
 643	} else if (at76_is_503rfmd(priv->board_type)) {
 644		ret = at76_get_hw_cfg(priv->udev, hwcfg, sizeof(hwcfg->r3));
 645		if (ret < 0)
 646			goto exit;
 647		memcpy(priv->mac_addr, hwcfg->r3.mac_addr, ETH_ALEN);
 648		priv->regulatory_domain = hwcfg->r3.regulatory_domain;
 649	} else {
 650		ret = at76_get_hw_cfg(priv->udev, hwcfg, sizeof(hwcfg->r5));
 651		if (ret < 0)
 652			goto exit;
 653		memcpy(priv->mac_addr, hwcfg->r5.mac_addr, ETH_ALEN);
 654		priv->regulatory_domain = hwcfg->r5.regulatory_domain;
 655	}
 656
 657exit:
 658	kfree(hwcfg);
 659	if (ret < 0)
 660		printk(KERN_ERR "%s: cannot get HW Config (error %d)\n",
 661		       wiphy_name(priv->hw->wiphy), ret);
 662
 663	return ret;
 664}
 665
 666static struct reg_domain const *at76_get_reg_domain(u16 code)
 667{
 668	int i;
 669	static struct reg_domain const fd_tab[] = {
 670		{ 0x10, "FCC (USA)", 0x7ff },	/* ch 1-11 */
 671		{ 0x20, "IC (Canada)", 0x7ff },	/* ch 1-11 */
 672		{ 0x30, "ETSI (most of Europe)", 0x1fff },	/* ch 1-13 */
 673		{ 0x31, "Spain", 0x600 },	/* ch 10-11 */
 674		{ 0x32, "France", 0x1e00 },	/* ch 10-13 */
 675		{ 0x40, "MKK (Japan)", 0x2000 },	/* ch 14 */
 676		{ 0x41, "MKK1 (Japan)", 0x3fff },	/* ch 1-14 */
 677		{ 0x50, "Israel", 0x3fc },	/* ch 3-9 */
 678		{ 0x00, "<unknown>", 0xffffffff }	/* ch 1-32 */
 679	};
 680
 681	/* Last entry is fallback for unknown domain code */
 682	for (i = 0; i < ARRAY_SIZE(fd_tab) - 1; i++)
 683		if (code == fd_tab[i].code)
 684			break;
 685
 686	return &fd_tab[i];
 687}
 688
 689static inline int at76_get_mib(struct usb_device *udev, u16 mib, void *buf,
 690			       int buf_size)
 691{
 692	int ret;
 693
 694	ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x33,
 695			      USB_TYPE_VENDOR | USB_DIR_IN |
 696			      USB_RECIP_INTERFACE, mib << 8, 0, buf, buf_size,
 697			      USB_CTRL_GET_TIMEOUT);
 698	if (ret >= 0 && ret != buf_size)
 699		return -EIO;
 700	return ret;
 701}
 702
 703/* Return positive number for status, negative for an error */
 704static inline int at76_get_cmd_status(struct usb_device *udev, u8 cmd)
 705{
 706	u8 *stat_buf;
 707	int ret;
 708
 709	stat_buf = kmalloc(40, GFP_NOIO);
 710	if (!stat_buf)
 711		return -ENOMEM;
 712
 713	ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 0x22,
 714			USB_TYPE_VENDOR | USB_DIR_IN |
 715			USB_RECIP_INTERFACE, cmd, 0, stat_buf,
 716			40, USB_CTRL_GET_TIMEOUT);
 717	if (ret >= 0)
 718		ret = stat_buf[5];
 719	kfree(stat_buf);
 720
 721	return ret;
 722}
 723
 724#define MAKE_CMD_CASE(c) case (c): return #c
 725static const char *at76_get_cmd_string(u8 cmd_status)
 726{
 727	switch (cmd_status) {
 728		MAKE_CMD_CASE(CMD_SET_MIB);
 729		MAKE_CMD_CASE(CMD_GET_MIB);
 730		MAKE_CMD_CASE(CMD_SCAN);
 731		MAKE_CMD_CASE(CMD_JOIN);
 732		MAKE_CMD_CASE(CMD_START_IBSS);
 733		MAKE_CMD_CASE(CMD_RADIO_ON);
 734		MAKE_CMD_CASE(CMD_RADIO_OFF);
 735		MAKE_CMD_CASE(CMD_STARTUP);
 736	}
 737
 738	return "UNKNOWN";
 739}
 740
 741static int at76_set_card_command(struct usb_device *udev, u8 cmd, void *buf,
 742				 int buf_size)
 743{
 744	int ret;
 745	struct at76_command *cmd_buf = kmalloc(sizeof(struct at76_command) +
 746					       buf_size, GFP_KERNEL);
 747
 748	if (!cmd_buf)
 749		return -ENOMEM;
 750
 751	cmd_buf->cmd = cmd;
 752	cmd_buf->reserved = 0;
 753	cmd_buf->size = cpu_to_le16(buf_size);
 754	memcpy(cmd_buf->data, buf, buf_size);
 755
 756	at76_dbg_dump(DBG_CMD, cmd_buf, sizeof(struct at76_command) + buf_size,
 757		      "issuing command %s (0x%02x)",
 758		      at76_get_cmd_string(cmd), cmd);
 759
 760	ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x0e,
 761			      USB_TYPE_VENDOR | USB_DIR_OUT | USB_RECIP_DEVICE,
 762			      0, 0, cmd_buf,
 763			      sizeof(struct at76_command) + buf_size,
 764			      USB_CTRL_GET_TIMEOUT);
 765	kfree(cmd_buf);
 766	return ret;
 767}
 768
 769#define MAKE_CMD_STATUS_CASE(c)	case (c): return #c
 770static const char *at76_get_cmd_status_string(u8 cmd_status)
 771{
 772	switch (cmd_status) {
 773		MAKE_CMD_STATUS_CASE(CMD_STATUS_IDLE);
 774		MAKE_CMD_STATUS_CASE(CMD_STATUS_COMPLETE);
 775		MAKE_CMD_STATUS_CASE(CMD_STATUS_UNKNOWN);
 776		MAKE_CMD_STATUS_CASE(CMD_STATUS_INVALID_PARAMETER);
 777		MAKE_CMD_STATUS_CASE(CMD_STATUS_FUNCTION_NOT_SUPPORTED);
 778		MAKE_CMD_STATUS_CASE(CMD_STATUS_TIME_OUT);
 779		MAKE_CMD_STATUS_CASE(CMD_STATUS_IN_PROGRESS);
 780		MAKE_CMD_STATUS_CASE(CMD_STATUS_HOST_FAILURE);
 781		MAKE_CMD_STATUS_CASE(CMD_STATUS_SCAN_FAILED);
 782	}
 783
 784	return "UNKNOWN";
 785}
 786
 787/* Wait until the command is completed */
 788static int at76_wait_completion(struct at76_priv *priv, int cmd)
 789{
 790	int status = 0;
 791	unsigned long timeout = jiffies + CMD_COMPLETION_TIMEOUT;
 792
 793	do {
 794		status = at76_get_cmd_status(priv->udev, cmd);
 795		if (status < 0) {
 796			printk(KERN_ERR "%s: at76_get_cmd_status failed: %d\n",
 797			       wiphy_name(priv->hw->wiphy), status);
 798			break;
 799		}
 800
 801		at76_dbg(DBG_WAIT_COMPLETE,
 802			 "%s: Waiting on cmd %d, status = %d (%s)",
 803			 wiphy_name(priv->hw->wiphy), cmd, status,
 804			 at76_get_cmd_status_string(status));
 805
 806		if (status != CMD_STATUS_IN_PROGRESS
 807		    && status != CMD_STATUS_IDLE)
 808			break;
 809
 810		schedule_timeout_interruptible(HZ / 10);	/* 100 ms */
 811		if (time_after(jiffies, timeout)) {
 812			printk(KERN_ERR
 813			       "%s: completion timeout for command %d\n",
 814			       wiphy_name(priv->hw->wiphy), cmd);
 815			status = -ETIMEDOUT;
 816			break;
 817		}
 818	} while (1);
 819
 820	return status;
 821}
 822
 823static int at76_set_mib(struct at76_priv *priv, struct set_mib_buffer *buf)
 824{
 825	int ret;
 826
 827	ret = at76_set_card_command(priv->udev, CMD_SET_MIB, buf,
 828				    offsetof(struct set_mib_buffer,
 829					     data) + buf->size);
 830	if (ret < 0)
 831		return ret;
 832
 833	ret = at76_wait_completion(priv, CMD_SET_MIB);
 834	if (ret != CMD_STATUS_COMPLETE) {
 835		printk(KERN_INFO
 836		       "%s: set_mib: at76_wait_completion failed "
 837		       "with %d\n", wiphy_name(priv->hw->wiphy), ret);
 838		ret = -EIO;
 839	}
 840
 841	return ret;
 842}
 843
 844/* Return < 0 on error, == 0 if no command sent, == 1 if cmd sent */
 845static int at76_set_radio(struct at76_priv *priv, int enable)
 846{
 847	int ret;
 848	int cmd;
 849
 850	if (priv->radio_on == enable)
 851		return 0;
 852
 853	cmd = enable ? CMD_RADIO_ON : CMD_RADIO_OFF;
 854
 855	ret = at76_set_card_command(priv->udev, cmd, NULL, 0);
 856	if (ret < 0)
 857		printk(KERN_ERR "%s: at76_set_card_command(%d) failed: %d\n",
 858		       wiphy_name(priv->hw->wiphy), cmd, ret);
 859	else
 860		ret = 1;
 861
 862	priv->radio_on = enable;
 863	return ret;
 864}
 865
 866/* Set current power save mode (AT76_PM_OFF/AT76_PM_ON/AT76_PM_SMART) */
 867static int at76_set_pm_mode(struct at76_priv *priv)
 868{
 869	int ret = 0;
 870
 871	priv->mib_buf.type = MIB_MAC_MGMT;
 872	priv->mib_buf.size = 1;
 873	priv->mib_buf.index = offsetof(struct mib_mac_mgmt, power_mgmt_mode);
 874	priv->mib_buf.data.byte = priv->pm_mode;
 875
 876	ret = at76_set_mib(priv, &priv->mib_buf);
 877	if (ret < 0)
 878		printk(KERN_ERR "%s: set_mib (pm_mode) failed: %d\n",
 879		       wiphy_name(priv->hw->wiphy), ret);
 880
 881	return ret;
 882}
 883
 884static int at76_set_preamble(struct at76_priv *priv, u8 type)
 885{
 886	int ret = 0;
 887
 888	priv->mib_buf.type = MIB_LOCAL;
 889	priv->mib_buf.size = 1;
 890	priv->mib_buf.index = offsetof(struct mib_local, preamble_type);
 891	priv->mib_buf.data.byte = type;
 892
 893	ret = at76_set_mib(priv, &priv->mib_buf);
 894	if (ret < 0)
 895		printk(KERN_ERR "%s: set_mib (preamble) failed: %d\n",
 896		       wiphy_name(priv->hw->wiphy), ret);
 897
 898	return ret;
 899}
 900
 901static int at76_set_frag(struct at76_priv *priv, u16 size)
 902{
 903	int ret = 0;
 904
 905	priv->mib_buf.type = MIB_MAC;
 906	priv->mib_buf.size = 2;
 907	priv->mib_buf.index = offsetof(struct mib_mac, frag_threshold);
 908	priv->mib_buf.data.word = cpu_to_le16(size);
 909
 910	ret = at76_set_mib(priv, &priv->mib_buf);
 911	if (ret < 0)
 912		printk(KERN_ERR "%s: set_mib (frag threshold) failed: %d\n",
 913		       wiphy_name(priv->hw->wiphy), ret);
 914
 915	return ret;
 916}
 917
 918static int at76_set_rts(struct at76_priv *priv, u16 size)
 919{
 920	int ret = 0;
 921
 922	priv->mib_buf.type = MIB_MAC;
 923	priv->mib_buf.size = 2;
 924	priv->mib_buf.index = offsetof(struct mib_mac, rts_threshold);
 925	priv->mib_buf.data.word = cpu_to_le16(size);
 926
 927	ret = at76_set_mib(priv, &priv->mib_buf);
 928	if (ret < 0)
 929		printk(KERN_ERR "%s: set_mib (rts) failed: %d\n",
 930		       wiphy_name(priv->hw->wiphy), ret);
 931
 932	return ret;
 933}
 934
 935static int at76_set_autorate_fallback(struct at76_priv *priv, int onoff)
 936{
 937	int ret = 0;
 938
 939	priv->mib_buf.type = MIB_LOCAL;
 940	priv->mib_buf.size = 1;
 941	priv->mib_buf.index = offsetof(struct mib_local, txautorate_fallback);
 942	priv->mib_buf.data.byte = onoff;
 943
 944	ret = at76_set_mib(priv, &priv->mib_buf);
 945	if (ret < 0)
 946		printk(KERN_ERR "%s: set_mib (autorate fallback) failed: %d\n",
 947		       wiphy_name(priv->hw->wiphy), ret);
 948
 949	return ret;
 950}
 951
 952static void at76_dump_mib_mac_addr(struct at76_priv *priv)
 953{
 954	int i;
 955	int ret;
 956	struct mib_mac_addr *m = kmalloc(sizeof(struct mib_mac_addr),
 957					 GFP_KERNEL);
 958
 959	if (!m)
 960		return;
 961
 962	ret = at76_get_mib(priv->udev, MIB_MAC_ADDR, m,
 963			   sizeof(struct mib_mac_addr));
 964	if (ret < 0) {
 965		printk(KERN_ERR "%s: at76_get_mib (MAC_ADDR) failed: %d\n",
 966		       wiphy_name(priv->hw->wiphy), ret);
 967		goto exit;
 968	}
 969
 970	at76_dbg(DBG_MIB, "%s: MIB MAC_ADDR: mac_addr %pM res 0x%x 0x%x",
 971		 wiphy_name(priv->hw->wiphy),
 972		 m->mac_addr, m->res[0], m->res[1]);
 973	for (i = 0; i < ARRAY_SIZE(m->group_addr); i++)
 974		at76_dbg(DBG_MIB, "%s: MIB MAC_ADDR: group addr %d: %pM, "
 975			 "status %d", wiphy_name(priv->hw->wiphy), i,
 976			 m->group_addr[i], m->group_addr_status[i]);
 977exit:
 978	kfree(m);
 979}
 980
 981static void at76_dump_mib_mac_wep(struct at76_priv *priv)
 982{
 983	int i;
 984	int ret;
 985	int key_len;
 986	struct mib_mac_wep *m = kmalloc(sizeof(struct mib_mac_wep), GFP_KERNEL);
 987
 988	if (!m)
 989		return;
 990
 991	ret = at76_get_mib(priv->udev, MIB_MAC_WEP, m,
 992			   sizeof(struct mib_mac_wep));
 993	if (ret < 0) {
 994		printk(KERN_ERR "%s: at76_get_mib (MAC_WEP) failed: %d\n",
 995		       wiphy_name(priv->hw->wiphy), ret);
 996		goto exit;
 997	}
 998
 999	at76_dbg(DBG_MIB, "%s: MIB MAC_WEP: priv_invoked %u def_key_id %u "
1000		 "key_len %u excl_unencr %u wep_icv_err %u wep_excluded %u "
1001		 "encr_level %u key %d", wiphy_name(priv->hw->wiphy),
1002		 m->privacy_invoked, m->wep_default_key_id,
1003		 m->wep_key_mapping_len, m->exclude_unencrypted,
1004		 le32_to_cpu(m->wep_icv_error_count),
1005		 le32_to_cpu(m->wep_excluded_count), m->encryption_level,
1006		 m->wep_default_key_id);
1007
1008	key_len = (m->encryption_level == 1) ?
1009	    WEP_SMALL_KEY_LEN : WEP_LARGE_KEY_LEN;
1010
1011	for (i = 0; i < WEP_KEYS; i++)
1012		at76_dbg(DBG_MIB, "%s: MIB MAC_WEP: key %d: %s",
1013			 wiphy_name(priv->hw->wiphy), i,
1014			 hex2str(m->wep_default_keyvalue[i], key_len));
1015exit:
1016	kfree(m);
1017}
1018
1019static void at76_dump_mib_mac_mgmt(struct at76_priv *priv)
1020{
1021	int ret;
1022	struct mib_mac_mgmt *m = kmalloc(sizeof(struct mib_mac_mgmt),
1023					 GFP_KERNEL);
1024
1025	if (!m)
1026		return;
1027
1028	ret = at76_get_mib(priv->udev, MIB_MAC_MGMT, m,
1029			   sizeof(struct mib_mac_mgmt));
1030	if (ret < 0) {
1031		printk(KERN_ERR "%s: at76_get_mib (MAC_MGMT) failed: %d\n",
1032		       wiphy_name(priv->hw->wiphy), ret);
1033		goto exit;
1034	}
1035
1036	at76_dbg(DBG_MIB, "%s: MIB MAC_MGMT: beacon_period %d CFP_max_duration "
1037		 "%d medium_occupancy_limit %d station_id 0x%x ATIM_window %d "
1038		 "CFP_mode %d privacy_opt_impl %d DTIM_period %d CFP_period %d "
1039		 "current_bssid %pM current_essid %s current_bss_type %d "
1040		 "pm_mode %d ibss_change %d res %d "
1041		 "multi_domain_capability_implemented %d "
1042		 "international_roaming %d country_string %.3s",
1043		 wiphy_name(priv->hw->wiphy), le16_to_cpu(m->beacon_period),
1044		 le16_to_cpu(m->CFP_max_duration),
1045		 le16_to_cpu(m->medium_occupancy_limit),
1046		 le16_to_cpu(m->station_id), le16_to_cpu(m->ATIM_window),
1047		 m->CFP_mode, m->privacy_option_implemented, m->DTIM_period,
1048		 m->CFP_period, m->current_bssid,
1049		 hex2str(m->current_essid, IW_ESSID_MAX_SIZE),
1050		 m->current_bss_type, m->power_mgmt_mode, m->ibss_change,
1051		 m->res, m->multi_domain_capability_implemented,
1052		 m->multi_domain_capability_enabled, m->country_string);
1053exit:
1054	kfree(m);
1055}
1056
1057static void at76_dump_mib_mac(struct at76_priv *priv)
1058{
1059	int ret;
1060	struct mib_mac *m = kmalloc(sizeof(struct mib_mac), GFP_KERNEL);
1061
1062	if (!m)
1063		return;
1064
1065	ret = at76_get_mib(priv->udev, MIB_MAC, m, sizeof(struct mib_mac));
1066	if (ret < 0) {
1067		printk(KERN_ERR "%s: at76_get_mib (MAC) failed: %d\n",
1068		       wiphy_name(priv->hw->wiphy), ret);
1069		goto exit;
1070	}
1071
1072	at76_dbg(DBG_MIB, "%s: MIB MAC: max_tx_msdu_lifetime %d "
1073		 "max_rx_lifetime %d frag_threshold %d rts_threshold %d "
1074		 "cwmin %d cwmax %d short_retry_time %d long_retry_time %d "
1075		 "scan_type %d scan_channel %d probe_delay %u "
1076		 "min_channel_time %d max_channel_time %d listen_int %d "
1077		 "desired_ssid %s desired_bssid %pM desired_bsstype %d",
1078		 wiphy_name(priv->hw->wiphy),
1079		 le32_to_cpu(m->max_tx_msdu_lifetime),
1080		 le32_to_cpu(m->max_rx_lifetime),
1081		 le16_to_cpu(m->frag_threshold), le16_to_cpu(m->rts_threshold),
1082		 le16_to_cpu(m->cwmin), le16_to_cpu(m->cwmax),
1083		 m->short_retry_time, m->long_retry_time, m->scan_type,
1084		 m->scan_channel, le16_to_cpu(m->probe_delay),
1085		 le16_to_cpu(m->min_channel_time),
1086		 le16_to_cpu(m->max_channel_time),
1087		 le16_to_cpu(m->listen_interval),
1088		 hex2str(m->desired_ssid, IW_ESSID_MAX_SIZE),
1089		 m->desired_bssid, m->desired_bsstype);
1090exit:
1091	kfree(m);
1092}
1093
1094static void at76_dump_mib_phy(struct at76_priv *priv)
1095{
1096	int ret;
1097	struct mib_phy *m = kmalloc(sizeof(struct mib_phy), GFP_KERNEL);
1098
1099	if (!m)
1100		return;
1101
1102	ret = at76_get_mib(priv->udev, MIB_PHY, m, sizeof(struct mib_phy));
1103	if (ret < 0) {
1104		printk(KERN_ERR "%s: at76_get_mib (PHY) failed: %d\n",
1105		       wiphy_name(priv->hw->wiphy), ret);
1106		goto exit;
1107	}
1108
1109	at76_dbg(DBG_MIB, "%s: MIB PHY: ed_threshold %d slot_time %d "
1110		 "sifs_time %d preamble_length %d plcp_header_length %d "
1111		 "mpdu_max_length %d cca_mode_supported %d operation_rate_set "
1112		 "0x%x 0x%x 0x%x 0x%x channel_id %d current_cca_mode %d "
1113		 "phy_type %d current_reg_domain %d",
1114		 wiphy_name(priv->hw->wiphy), le32_to_cpu(m->ed_threshold),
1115		 le16_to_cpu(m->slot_time), le16_to_cpu(m->sifs_time),
1116		 le16_to_cpu(m->preamble_length),
1117		 le16_to_cpu(m->plcp_header_length),
1118		 le16_to_cpu(m->mpdu_max_length),
1119		 le16_to_cpu(m->cca_mode_supported), m->operation_rate_set[0],
1120		 m->operation_rate_set[1], m->operation_rate_set[2],
1121		 m->operation_rate_set[3], m->channel_id, m->current_cca_mode,
1122		 m->phy_type, m->current_reg_domain);
1123exit:
1124	kfree(m);
1125}
1126
1127static void at76_dump_mib_local(struct at76_priv *priv)
1128{
1129	int ret;
1130	struct mib_local *m = kmalloc(sizeof(struct mib_phy), GFP_KERNEL);
1131
1132	if (!m)
1133		return;
1134
1135	ret = at76_get_mib(priv->udev, MIB_LOCAL, m, sizeof(struct mib_local));
1136	if (ret < 0) {
1137		printk(KERN_ERR "%s: at76_get_mib (LOCAL) failed: %d\n",
1138		       wiphy_name(priv->hw->wiphy), ret);
1139		goto exit;
1140	}
1141
1142	at76_dbg(DBG_MIB, "%s: MIB LOCAL: beacon_enable %d "
1143		 "txautorate_fallback %d ssid_size %d promiscuous_mode %d "
1144		 "preamble_type %d", wiphy_name(priv->hw->wiphy),
1145		 m->beacon_enable,
1146		 m->txautorate_fallback, m->ssid_size, m->promiscuous_mode,
1147		 m->preamble_type);
1148exit:
1149	kfree(m);
1150}
1151
1152static void at76_dump_mib_mdomain(struct at76_priv *priv)
1153{
1154	int ret;
1155	struct mib_mdomain *m = kmalloc(sizeof(struct mib_mdomain), GFP_KERNEL);
1156
1157	if (!m)
1158		return;
1159
1160	ret = at76_get_mib(priv->udev, MIB_MDOMAIN, m,
1161			   sizeof(struct mib_mdomain));
1162	if (ret < 0) {
1163		printk(KERN_ERR "%s: at76_get_mib (MDOMAIN) failed: %d\n",
1164		       wiphy_name(priv->hw->wiphy), ret);
1165		goto exit;
1166	}
1167
1168	at76_dbg(DBG_MIB, "%s: MIB MDOMAIN: channel_list %s",
1169		 wiphy_name(priv->hw->wiphy),
1170		 hex2str(m->channel_list, sizeof(m->channel_list)));
1171
1172	at76_dbg(DBG_MIB, "%s: MIB MDOMAIN: tx_powerlevel %s",
1173		 wiphy_name(priv->hw->wiphy),
1174		 hex2str(m->tx_powerlevel, sizeof(m->tx_powerlevel)));
1175exit:
1176	kfree(m);
1177}
1178
1179/* Enable monitor mode */
1180static int at76_start_monitor(struct at76_priv *priv)
1181{
1182	struct at76_req_scan scan;
1183	int ret;
1184
1185	memset(&scan, 0, sizeof(struct at76_req_scan));
1186	memset(scan.bssid, 0xff, ETH_ALEN);
1187
1188	scan.channel = priv->channel;
1189	scan.scan_type = SCAN_TYPE_PASSIVE;
1190	scan.international_scan = 0;
1191	scan.min_channel_time = cpu_to_le16(priv->scan_min_time);
1192	scan.max_channel_time = cpu_to_le16(priv->scan_max_time);
1193	scan.probe_delay = cpu_to_le16(0);
1194
1195	ret = at76_set_card_command(priv->udev, CMD_SCAN, &scan, sizeof(scan));
1196	if (ret >= 0)
1197		ret = at76_get_cmd_status(priv->udev, CMD_SCAN);
1198
1199	return ret;
1200}
1201
1202/* Calculate padding from txbuf->wlength (which excludes the USB TX header),
1203   likely to compensate a flaw in the AT76C503A USB part ... */
1204static inline int at76_calc_padding(int wlen)
1205{
1206	/* add the USB TX header */
1207	wlen += AT76_TX_HDRLEN;
1208
1209	wlen = wlen % 64;
1210
1211	if (wlen < 50)
1212		return 50 - wlen;
1213
1214	if (wlen >= 61)
1215		return 64 + 50 - wlen;
1216
1217	return 0;
1218}
1219
1220static void at76_rx_callback(struct urb *urb)
1221{
1222	struct at76_priv *priv = urb->context;
1223
1224	priv->rx_tasklet.data = (unsigned long)urb;
1225	tasklet_schedule(&priv->rx_tasklet);
1226}
1227
1228static int at76_submit_rx_urb(struct at76_priv *priv)
1229{
1230	int ret;
1231	int size;
1232	struct sk_buff *skb = priv->rx_skb;
1233
1234	if (!priv->rx_urb) {
1235		printk(KERN_ERR "%s: %s: priv->rx_urb is NULL\n",
1236		       wiphy_name(priv->hw->wiphy), __func__);
1237		return -EFAULT;
1238	}
1239
1240	if (!skb) {
1241		skb = dev_alloc_skb(sizeof(struct at76_rx_buffer));
1242		if (!skb) {
1243			printk(KERN_ERR "%s: cannot allocate rx skbuff\n",
1244			       wiphy_name(priv->hw->wiphy));
1245			ret = -ENOMEM;
1246			goto exit;
1247		}
1248		priv->rx_skb = skb;
1249	} else {
1250		skb_push(skb, skb_headroom(skb));
1251		skb_trim(skb, 0);
1252	}
1253
1254	size = skb_tailroom(skb);
1255	usb_fill_bulk_urb(priv->rx_urb, priv->udev, priv->rx_pipe,
1256			  skb_put(skb, size), size, at76_rx_callback, priv);
1257	ret = usb_submit_urb(priv->rx_urb, GFP_ATOMIC);
1258	if (ret < 0) {
1259		if (ret == -ENODEV)
1260			at76_dbg(DBG_DEVSTART,
1261				 "usb_submit_urb returned -ENODEV");
1262		else
1263			printk(KERN_ERR "%s: rx, usb_submit_urb failed: %d\n",
1264			       wiphy_name(priv->hw->wiphy), ret);
1265	}
1266
1267exit:
1268	if (ret < 0 && ret != -ENODEV)
1269		printk(KERN_ERR "%s: cannot submit rx urb - please unload the "
1270		       "driver and/or power cycle the device\n",
1271		       wiphy_name(priv->hw->wiphy));
1272
1273	return ret;
1274}
1275
1276/* Download external firmware */
1277static int at76_load_external_fw(struct usb_device *udev, struct fwentry *fwe)
1278{
1279	int ret;
1280	int op_mode;
1281	int blockno = 0;
1282	int bsize;
1283	u8 *block;
1284	u8 *buf = fwe->extfw;
1285	int size = fwe->extfw_size;
1286
1287	if (!buf || !size)
1288		return -ENOENT;
1289
1290	op_mode = at76_get_op_mode(udev);
1291	at76_dbg(DBG_DEVSTART, "opmode %d", op_mode);
1292
1293	if (op_mode != OPMODE_NORMAL_NIC_WITHOUT_FLASH) {
1294		dev_printk(KERN_ERR, &udev->dev, "unexpected opmode %d\n",
1295			   op_mode);
1296		return -EINVAL;
1297	}
1298
1299	block = kmalloc(FW_BLOCK_SIZE, GFP_KERNEL);
1300	if (!block)
1301		return -ENOMEM;
1302
1303	at76_dbg(DBG_DEVSTART, "downloading external firmware");
1304
1305	/* for fw >= 0.100, the device needs an extra empty block */
1306	do {
1307		bsize = min_t(int, size, FW_BLOCK_SIZE);
1308		memcpy(block, buf, bsize);
1309		at76_dbg(DBG_DEVSTART,
1310			 "ext fw, size left = %5d, bsize = %4d, blockno = %2d",
1311			 size, bsize, blockno);
1312		ret = at76_load_ext_fw_block(udev, blockno, block, bsize);
1313		if (ret != bsize) {
1314			dev_printk(KERN_ERR, &udev->dev,
1315				   "loading %dth firmware block failed: %d\n",
1316				   blockno, ret);
1317			goto exit;
1318		}
1319		buf += bsize;
1320		size -= bsize;
1321		blockno++;
1322	} while (bsize > 0);
1323
1324	if (at76_is_505a(fwe->board_type)) {
1325		at76_dbg(DBG_DEVSTART, "200 ms delay for 505a");
1326		schedule_timeout_interruptible(HZ / 5 + 1);
1327	}
1328
1329exit:
1330	kfree(block);
1331	if (ret < 0)
1332		dev_printk(KERN_ERR, &udev->dev,
1333			   "downloading external firmware failed: %d\n", ret);
1334	return ret;
1335}
1336
1337/* Download internal firmware */
1338static int at76_load_internal_fw(struct usb_device *udev, struct fwentry *fwe)
1339{
1340	int ret;
1341	int need_remap = !at76_is_505a(fwe->board_type);
1342
1343	ret = at76_usbdfu_download(udev, fwe->intfw, fwe->intfw_size,
1344				   need_remap ? 0 : 2 * HZ);
1345
1346	if (ret < 0) {
1347		dev_printk(KERN_ERR, &udev->dev,
1348			   "downloading internal fw failed with %d\n", ret);
1349		goto exit;
1350	}
1351
1352	at76_dbg(DBG_DEVSTART, "sending REMAP");
1353
1354	/* no REMAP for 505A (see SF driver) */
1355	if (need_remap) {
1356		ret = at76_remap(udev);
1357		if (ret < 0) {
1358			dev_printk(KERN_ERR, &udev->dev,
1359				   "sending REMAP failed with %d\n", ret);
1360			goto exit;
1361		}
1362	}
1363
1364	at76_dbg(DBG_DEVSTART, "sleeping for 2 seconds");
1365	schedule_timeout_interruptible(2 * HZ + 1);
1366	usb_reset_device(udev);
1367
1368exit:
1369	return ret;
1370}
1371
1372static int at76_startup_device(struct at76_priv *priv)
1373{
1374	struct at76_card_config *ccfg = &priv->card_config;
1375	int ret;
1376
1377	at76_dbg(DBG_PARAMS,
1378		 "%s param: ssid %.*s (%s) mode %s ch %d wep %s key %d "
1379		 "keylen %d", wiphy_name(priv->hw->wiphy), priv->essid_size,
1380		 priv->essid, hex2str(priv->essid, IW_ESSID_MAX_SIZE),
1381		 priv->iw_mode == IW_MODE_ADHOC ? "adhoc" : "infra",
1382		 priv->channel, priv->wep_enabled ? "enabled" : "disabled",
1383		 priv->wep_key_id, priv->wep_keys_len[priv->wep_key_id]);
1384	at76_dbg(DBG_PARAMS,
1385		 "%s param: preamble %s rts %d retry %d frag %d "
1386		 "txrate %s auth_mode %d", wiphy_name(priv->hw->wiphy),
1387		 preambles[priv->preamble_type], priv->rts_threshold,
1388		 priv->short_retry_limit, priv->frag_threshold,
1389		 priv->txrate == TX_RATE_1MBIT ? "1MBit" : priv->txrate ==
1390		 TX_RATE_2MBIT ? "2MBit" : priv->txrate ==
1391		 TX_RATE_5_5MBIT ? "5.5MBit" : priv->txrate ==
1392		 TX_RATE_11MBIT ? "11MBit" : priv->txrate ==
1393		 TX_RATE_AUTO ? "auto" : "<invalid>", priv->auth_mode);
1394	at76_dbg(DBG_PARAMS,
1395		 "%s param: pm_mode %d pm_period %d auth_mode %s "
1396		 "scan_times %d %d scan_mode %s",
1397		 wiphy_name(priv->hw->wiphy), priv->pm_mode, priv->pm_period,
1398		 priv->auth_mode == WLAN_AUTH_OPEN ? "open" : "shared_secret",
1399		 priv->scan_min_time, priv->scan_max_time,
1400		 priv->scan_mode == SCAN_TYPE_ACTIVE ? "active" : "passive");
1401
1402	memset(ccfg, 0, sizeof(struct at76_card_config));
1403	ccfg->promiscuous_mode = 0;
1404	ccfg->short_retry_limit = priv->short_retry_limit;
1405
1406	if (priv->wep_enabled) {
1407		if (priv->wep_keys_len[priv->wep_key_id] > WEP_SMALL_KEY_LEN)
1408			ccfg->encryption_type = 2;
1409		else
1410			ccfg->encryption_type = 1;
1411
1412		/* jal: always exclude unencrypted if WEP is active */
1413		ccfg->exclude_unencrypted = 1;
1414	} else {
1415		ccfg->exclude_unencrypted = 0;
1416		ccfg->encryption_type = 0;
1417	}
1418
1419	ccfg->rts_threshold = cpu_to_le16(priv->rts_threshold);
1420	ccfg->fragmentation_threshold = cpu_to_le16(priv->frag_threshold);
1421
1422	memcpy(ccfg->basic_rate_set, hw_rates, 4);
1423	/* jal: really needed, we do a set_mib for autorate later ??? */
1424	ccfg->auto_rate_fallback = (priv->txrate == TX_RATE_AUTO ? 1 : 0);
1425	ccfg->channel = priv->channel;
1426	ccfg->privacy_invoked = priv->wep_enabled;
1427	memcpy(ccfg->current_ssid, priv->essid, IW_ESSID_MAX_SIZE);
1428	ccfg->ssid_len = priv->essid_size;
1429
1430	ccfg->wep_default_key_id = priv->wep_key_id;
1431	memcpy(ccfg->wep_default_key_value, priv->wep_keys,
1432	       sizeof(priv->wep_keys));
1433
1434	ccfg->short_preamble = priv->preamble_type;
1435	ccfg->beacon_period = cpu_to_le16(priv->beacon_period);
1436
1437	ret = at76_set_card_command(priv->udev, CMD_STARTUP, &priv->card_config,
1438				    sizeof(struct at76_card_config));
1439	if (ret < 0) {
1440		printk(KERN_ERR "%s: at76_set_card_command failed: %d\n",
1441		       wiphy_name(priv->hw->wiphy), ret);
1442		return ret;
1443	}
1444
1445	at76_wait_completion(priv, CMD_STARTUP);
1446
1447	/* remove BSSID from previous run */
1448	memset(priv->bssid, 0, ETH_ALEN);
1449
1450	if (at76_set_radio(priv, 1) == 1)
1451		at76_wait_completion(priv, CMD_RADIO_ON);
1452
1453	ret = at76_set_preamble(priv, priv->preamble_type);
1454	if (ret < 0)
1455		return ret;
1456
1457	ret = at76_set_frag(priv, priv->frag_threshold);
1458	if (ret < 0)
1459		return ret;
1460
1461	ret = at76_set_rts(priv, priv->rts_threshold);
1462	if (ret < 0)
1463		return ret;
1464
1465	ret = at76_set_autorate_fallback(priv,
1466					 priv->txrate == TX_RATE_AUTO ? 1 : 0);
1467	if (ret < 0)
1468		return ret;
1469
1470	ret = at76_set_pm_mode(priv);
1471	if (ret < 0)
1472		return ret;
1473
1474	if (at76_debug & DBG_MIB) {
1475		at76_dump_mib_mac(priv);
1476		at76_dump_mib_mac_addr(priv);
1477		at76_dump_mib_mac_mgmt(priv);
1478		at76_dump_mib_mac_wep(priv);
1479		at76_dump_mib_mdomain(priv);
1480		at76_dump_mib_phy(priv);
1481		at76_dump_mib_local(priv);
1482	}
1483
1484	return 0;
1485}
1486
1487/* Enable or disable promiscuous mode */
1488static void at76_work_set_promisc(struct work_struct *work)
1489{
1490	struct at76_priv *priv = container_of(work, struct at76_priv,
1491					      work_set_promisc);
1492	int ret = 0;
1493
1494	if (priv->device_unplugged)
1495		return;
1496
1497	mutex_lock(&priv->mtx);
1498
1499	priv->mib_buf.type = MIB_LOCAL;
1500	priv->mib_buf.size = 1;
1501	priv->mib_buf.index = offsetof(struct mib_local, promiscuous_mode);
1502	priv->mib_buf.data.byte = priv->promisc ? 1 : 0;
1503
1504	ret = at76_set_mib(priv, &priv->mib_buf);
1505	if (ret < 0)
1506		printk(KERN_ERR "%s: set_mib (promiscuous_mode) failed: %d\n",
1507		       wiphy_name(priv->hw->wiphy), ret);
1508
1509	mutex_unlock(&priv->mtx);
1510}
1511
1512/* Submit Rx urb back to the device */
1513static void at76_work_submit_rx(struct work_struct *work)
1514{
1515	struct at76_priv *priv = container_of(work, struct at76_priv,
1516					      work_submit_rx);
1517
1518	mutex_lock(&priv->mtx);
1519	at76_submit_rx_urb(priv);
1520	mutex_unlock(&priv->mtx);
1521}
1522
1523static void at76_rx_tasklet(unsigned long param)
1524{
1525	struct urb *urb = (struct urb *)param;
1526	struct at76_priv *priv = urb->context;
1527	struct at76_rx_buffer *buf;
1528	struct ieee80211_rx_status rx_status = { 0 };
1529
1530	if (priv->device_unplugged) {
1531		at76_dbg(DBG_DEVSTART, "device unplugged");
1532		if (urb)
1533			at76_dbg(DBG_DEVSTART, "urb status %d", urb->status);
1534		return;
1535	}
1536
1537	if (!priv->rx_skb || !priv->rx_skb->data)
1538		return;
1539
1540	buf = (struct at76_rx_buffer *)priv->rx_skb->data;
1541
1542	if (urb->status != 0) {
1543		if (urb->status != -ENOENT && urb->status != -ECONNRESET)
1544			at76_dbg(DBG_URB,
1545				 "%s %s: - nonzero Rx bulk status received: %d",
1546				 __func__, wiphy_name(priv->hw->wiphy),
1547				 urb->status);
1548		return;
1549	}
1550
1551	at76_dbg(DBG_RX_ATMEL_HDR,
1552		 "%s: rx frame: rate %d rssi %d noise %d link %d",
1553		 wiphy_name(priv->hw->wiphy), buf->rx_rate, buf->rssi,
1554		 buf->noise_level, buf->link_quality);
1555
1556	skb_pull(priv->rx_skb, AT76_RX_HDRLEN);
1557	skb_trim(priv->rx_skb, le16_to_cpu(buf->wlength));
1558	at76_dbg_dump(DBG_RX_DATA, priv->rx_skb->data,
1559		      priv->rx_skb->len, "RX: len=%d", priv->rx_skb->len);
1560
1561	rx_status.signal = buf->rssi;
1562	rx_status.flag |= RX_FLAG_DECRYPTED;
1563	rx_status.flag |= RX_FLAG_IV_STRIPPED;
1564
1565	at76_dbg(DBG_MAC80211, "calling ieee80211_rx_irqsafe(): %d/%d",
1566		 priv->rx_skb->len, priv->rx_skb->data_len);
1567	memcpy(IEEE80211_SKB_RXCB(priv->rx_skb), &rx_status, sizeof(rx_status));
1568	ieee80211_rx_irqsafe(priv->hw, priv->rx_skb);
1569
1570	/* Use a new skb for the next receive */
1571	priv->rx_skb = NULL;
1572
1573	at76_submit_rx_urb(priv);
1574}
1575
1576/* Load firmware into kernel memory and parse it */
1577static struct fwentry *at76_load_firmware(struct usb_device *udev,
1578					  enum board_type board_type)
1579{
1580	int ret;
1581	char *str;
1582	struct at76_fw_header *fwh;
1583	struct fwentry *fwe = &firmwares[board_type];
1584
1585	mutex_lock(&fw_mutex);
1586
1587	if (fwe->loaded) {
1588		at76_dbg(DBG_FW, "re-using previously loaded fw");
1589		goto exit;
1590	}
1591
1592	at76_dbg(DBG_FW, "downloading firmware %s", fwe->fwname);
1593	ret = request_firmware(&fwe->fw, fwe->fwname, &udev->dev);
1594	if (ret < 0) {
1595		dev_printk(KERN_ERR, &udev->dev, "firmware %s not found!\n",
1596			   fwe->fwname);
1597		dev_printk(KERN_ERR, &udev->dev,
1598			   "you may need to download the firmware from "
1599			   "http://developer.berlios.de/projects/at76c503a/\n");
1600		goto exit;
1601	}
1602
1603	at76_dbg(DBG_FW, "got it.");
1604	fwh = (struct at76_fw_header *)(fwe->fw->data);
1605
1606	if (fwe->fw->size <= sizeof(*fwh)) {
1607		dev_printk(KERN_ERR, &udev->dev,
1608			   "firmware is too short (0x%zx)\n", fwe->fw->size);
1609		goto exit;
1610	}
1611
1612	/* CRC currently not checked */
1613	fwe->board_type = le32_to_cpu(fwh->board_type);
1614	if (fwe->board_type != board_type) {
1615		dev_printk(KERN_ERR, &udev->dev,
1616			   "board type mismatch, requested %u, got %u\n",
1617			   board_type, fwe->board_type);
1618		goto exit;
1619	}
1620
1621	fwe->fw_version.major = fwh->major;
1622	fwe->fw_version.minor = fwh->minor;
1623	fwe->fw_version.patch = fwh->patch;
1624	fwe->fw_version.build = fwh->build;
1625
1626	str = (char *)fwh + le32_to_cpu(fwh->str_offset);
1627	fwe->intfw = (u8 *)fwh + le32_to_cpu(fwh->int_fw_offset);
1628	fwe->intfw_size = le32_to_cpu(fwh->int_fw_len);
1629	fwe->extfw = (u8 *)fwh + le32_to_cpu(fwh->ext_fw_offset);
1630	fwe->extfw_size = le32_to_cpu(fwh->ext_fw_len);
1631
1632	fwe->loaded = 1;
1633
1634	dev_printk(KERN_DEBUG, &udev->dev,
1635		   "using firmware %s (version %d.%d.%d-%d)\n",
1636		   fwe->fwname, fwh->major, fwh->minor, fwh->patch, fwh->build);
1637
1638	at76_dbg(DBG_DEVSTART, "board %u, int %d:%d, ext %d:%d", board_type,
1639		 le32_to_cpu(fwh->int_fw_offset), le32_to_cpu(fwh->int_fw_len),
1640		 le32_to_cpu(fwh->ext_fw_offset), le32_to_cpu(fwh->ext_fw_len));
1641	at76_dbg(DBG_DEVSTART, "firmware id %s", str);
1642
1643exit:
1644	mutex_unlock(&fw_mutex);
1645
1646	if (fwe->loaded)
1647		return fwe;
1648	else
1649		return NULL;
1650}
1651
1652static void at76_mac80211_tx_callback(struct urb *urb)
1653{
1654	struct at76_priv *priv = urb->context;
1655	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(priv->tx_skb);
1656
1657	at76_dbg(DBG_MAC80211, "%s()", __func__);
1658
1659	switch (urb->status) {
1660	case 0:
1661		/* success */
1662		info->flags |= IEEE80211_TX_STAT_ACK;
1663		break;
1664	case -ENOENT:
1665	case -ECONNRESET:
1666		/* fail, urb has been unlinked */
1667		/* FIXME: add error message */
1668		break;
1669	default:
1670		at76_dbg(DBG_URB, "%s - nonzero tx status received: %d",
1671			 __func__, urb->status);
1672		break;
1673	}
1674
1675	memset(&info->status, 0, sizeof(info->status));
1676
1677	ieee80211_tx_status_irqsafe(priv->hw, priv->tx_skb);
1678
1679	priv->tx_skb = NULL;
1680
1681	ieee80211_wake_queues(priv->hw);
1682}
1683
1684static int at76_mac80211_tx(struct ieee80211_hw *hw, struct sk_buff *skb)
1685{
1686	struct at76_priv *priv = hw->priv;
1687	struct at76_tx_buffer *tx_buffer = priv->bulk_out_buffer;
1688	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1689	int padding, submit_len, ret;
1690
1691	at76_dbg(DBG_MAC80211, "%s()", __func__);
1692
1693	if (priv->tx_urb->status == -EINPROGRESS) {
1694		printk(KERN_ERR "%s: %s called while tx urb is pending\n",
1695		       wiphy_name(priv->hw->wiphy), __func__);
1696		return NETDEV_TX_BUSY;
1697	}
1698
1699	ieee80211_stop_queues(hw);
1700
1701	at76_ledtrig_tx_activity();	/* tell ledtrigger we send a packet */
1702
1703	WARN_ON(priv->tx_skb != NULL);
1704
1705	priv->tx_skb = skb;
1706	padding = at76_calc_padding(skb->len);
1707	submit_len = AT76_TX_HDRLEN + skb->len + padding;
1708
1709	/* setup 'Atmel' header */
1710	memset(tx_buffer, 0, sizeof(*tx_buffer));
1711	tx_buffer->padding = padding;
1712	tx_buffer->wlength = cpu_to_le16(skb->len);
1713	tx_buffer->tx_rate = ieee80211_get_tx_rate(hw, info)->hw_value;
1714	memset(tx_buffer->reserved, 0, sizeof(tx_buffer->reserved));
1715	memcpy(tx_buffer->packet, skb->data, skb->len);
1716
1717	at76_dbg(DBG_TX_DATA, "%s tx: wlen 0x%x pad 0x%x rate %d hdr",
1718		 wiphy_name(priv->hw->wiphy), le16_to_cpu(tx_buffer->wlength),
1719		 tx_buffer->padding, tx_buffer->tx_rate);
1720
1721	/* send stuff */
1722	at76_dbg_dump(DBG_TX_DATA_CONTENT, tx_buffer, submit_len,
1723		      "%s(): tx_buffer %d bytes:", __func__, submit_len);
1724	usb_fill_bulk_urb(priv->tx_urb, priv->udev, priv->tx_pipe, tx_buffer,
1725			  submit_len, at76_mac80211_tx_callback, priv);
1726	ret = usb_submit_urb(priv->tx_urb, GFP_ATOMIC);
1727	if (ret) {
1728		printk(KERN_ERR "%s: error in tx submit urb: %d\n",
1729		       wiphy_name(priv->hw->wiphy), ret);
1730		if (ret == -EINVAL)
1731			printk(KERN_ERR
1732			       "%s: -EINVAL: tx urb %p hcpriv %p complete %p\n",
1733			       wiphy_name(priv->hw->wiphy), priv->tx_urb,
1734			       priv->tx_urb->hcpriv, priv->tx_urb->complete);
1735	}
1736
1737	return 0;
1738}
1739
1740static int at76_mac80211_start(struct ieee80211_hw *hw)
1741{
1742	struct at76_priv *priv = hw->priv;
1743	int ret;
1744
1745	at76_dbg(DBG_MAC80211, "%s()", __func__);
1746
1747	mutex_lock(&priv->mtx);
1748
1749	ret = at76_submit_rx_urb(priv);
1750	if (ret < 0) {
1751		printk(KERN_ERR "%s: open: submit_rx_urb failed: %d\n",
1752		       wiphy_name(priv->hw->wiphy), ret);
1753		goto error;
1754	}
1755
1756	at76_startup_device(priv);
1757
1758	at76_start_monitor(priv);
1759
1760error:
1761	mutex_unlock(&priv->mtx);
1762
1763	return 0;
1764}
1765
1766static void at76_mac80211_stop(struct ieee80211_hw *hw)
1767{
1768	struct at76_priv *priv = hw->priv;
1769
1770	at76_dbg(DBG_MAC80211, "%s()", __func__);
1771
1772	cancel_delayed_work(&priv->dwork_hw_scan);
1773	cancel_work_sync(&priv->work_set_promisc);
1774
1775	mutex_lock(&priv->mtx);
1776
1777	if (!priv->device_unplugged) {
1778		/* We are called by "ifconfig ethX down", not because the
1779		 * device is not available anymore. */
1780		at76_set_radio(priv, 0);
1781
1782		/* We unlink rx_urb because at76_open() re-submits it.
1783		 * If unplugged, at76_delete_device() takes care of it. */
1784		usb_kill_urb(priv->rx_urb);
1785	}
1786
1787	mutex_unlock(&priv->mtx);
1788}
1789
1790static int at76_add_interface(struct ieee80211_hw *hw,
1791			      struct ieee80211_vif *vif)
1792{
1793	struct at76_priv *priv = hw->priv;
1794	int ret = 0;
1795
1796	at76_dbg(DBG_MAC80211, "%s()", __func__);
1797
1798	mutex_lock(&priv->mtx);
1799
1800	switch (vif->type) {
1801	case NL80211_IFTYPE_STATION:
1802		priv->iw_mode = IW_MODE_INFRA;
1803		break;
1804	default:
1805		ret = -EOPNOTSUPP;
1806		goto exit;
1807	}
1808
1809exit:
1810	mutex_unlock(&priv->mtx);
1811
1812	return ret;
1813}
1814
1815static void at76_remove_interface(struct ieee80211_hw *hw,
1816				  struct ieee80211_vif *vif)
1817{
1818	at76_dbg(DBG_MAC80211, "%s()", __func__);
1819}
1820
1821static int at76_join(struct at76_priv *priv)
1822{
1823	struct at76_req_join join;
1824	int ret;
1825
1826	memset(&join, 0, sizeof(struct at76_req_join));
1827	memcpy(join.essid, priv->essid, priv->essid_size);
1828	join.essid_size = priv->essid_size;
1829	memcpy(join.bssid, priv->bssid, ETH_ALEN);
1830	join.bss_type = INFRASTRUCTURE_MODE;
1831	join.channel = priv->channel;
1832	join.timeout = cpu_to_le16(2000);
1833
1834	at76_dbg(DBG_MAC80211, "%s: sending CMD_JOIN", __func__);
1835	ret = at76_set_card_command(priv->udev, CMD_JOIN, &join,
1836				    sizeof(struct at76_req_join));
1837
1838	if (ret < 0) {
1839		printk(KERN_ERR "%s: at76_set_card_command failed: %d\n",
1840		       wiphy_name(priv->hw->wiphy), ret);
1841		return 0;
1842	}
1843
1844	ret = at76_wait_completion(priv, CMD_JOIN);
1845	at76_dbg(DBG_MAC80211, "%s: CMD_JOIN returned: 0x%02x", __func__, ret);
1846	if (ret != CMD_STATUS_COMPLETE) {
1847		printk(KERN_ERR "%s: at76_wait_completion failed: %d\n",
1848		       wiphy_name(priv->hw->wiphy), ret);
1849		return 0;
1850	}
1851
1852	at76_set_pm_mode(priv);
1853
1854	return 0;
1855}
1856
1857static void at76_dwork_hw_scan(struct work_struct *work)
1858{
1859	struct at76_priv *priv = container_of(work, struct at76_priv,
1860					      dwork_hw_scan.work);
1861	int ret;
1862
1863	if (priv->device_unplugged)
1864		return;
1865
1866	mutex_lock(&priv->mtx);
1867
1868	ret = at76_get_cmd_status(priv->udev, CMD_SCAN);
1869	at76_dbg(DBG_MAC80211, "%s: CMD_SCAN status 0x%02x", __func__, ret);
1870
1871	/* FIXME: add maximum time for scan to complete */
1872
1873	if (ret != CMD_STATUS_COMPLETE) {
1874		ieee80211_queue_delayed_work(priv->hw, &priv->dwork_hw_scan,
1875					     SCAN_POLL_INTERVAL);
1876		mutex_unlock(&priv->mtx);
1877		return;
1878	}
1879
1880	if (is_valid_ether_addr(priv->bssid))
1881		at76_join(priv);
1882
1883	mutex_unlock(&priv->mtx);
1884
1885	ieee80211_scan_completed(priv->hw, false);
1886
1887	ieee80211_wake_queues(priv->hw);
1888}
1889
1890static int at76_hw_scan(struct ieee80211_hw *hw,
1891			struct ieee80211_vif *vif,
1892			struct cfg80211_scan_request *req)
1893{
1894	struct at76_priv *priv = hw->priv;
1895	struct at76_req_scan scan;
1896	u8 *ssid = NULL;
1897	int ret, len = 0;
1898
1899	at76_dbg(DBG_MAC80211, "%s():", __func__);
1900
1901	if (priv->device_unplugged)
1902		return 0;
1903
1904	mutex_lock(&priv->mtx);
1905
1906	ieee80211_stop_queues(hw);
1907
1908	memset(&scan, 0, sizeof(struct at76_req_scan));
1909	memset(scan.bssid, 0xFF, ETH_ALEN);
1910
1911	if (req->n_ssids) {
1912		scan.scan_type = SCAN_TYPE_ACTIVE;
1913		ssid = req->ssids[0].ssid;
1914		len = req->ssids[0].ssid_len;
1915	} else {
1916		scan.scan_type = SCAN_TYPE_PASSIVE;
1917	}
1918
1919	if (len) {
1920		memcpy(scan.essid, ssid, len);
1921		scan.essid_size = len;
1922	}
1923
1924	scan.min_channel_time = cpu_to_le16(priv->scan_min_time);
1925	scan.max_channel_time = cpu_to_le16(priv->scan_max_time);
1926	scan.probe_delay = cpu_to_le16(priv->scan_min_time * 1000);
1927	scan.international_scan = 0;
1928
1929	at76_dbg(DBG_MAC80211, "%s: sending CMD_SCAN", __func__);
1930	ret = at76_set_card_command(priv->udev, CMD_SCAN, &scan, sizeof(scan));
1931
1932	if (ret < 0) {
1933		err("CMD_SCAN failed: %d", ret);
1934		goto exit;
1935	}
1936
1937	ieee80211_queue_delayed_work(priv->hw, &priv->dwork_hw_scan,
1938				     SCAN_POLL_INTERVAL);
1939
1940exit:
1941	mutex_unlock(&priv->mtx);
1942
1943	return 0;
1944}
1945
1946static int at76_config(struct ieee80211_hw *hw, u32 changed)
1947{
1948	struct at76_priv *priv = hw->priv;
1949
1950	at76_dbg(DBG_MAC80211, "%s(): channel %d",
1951		 __func__, hw->conf.channel->hw_value);
1952	at76_dbg_dump(DBG_MAC80211, priv->bssid, ETH_ALEN, "bssid:");
1953
1954	mutex_lock(&priv->mtx);
1955
1956	priv->channel = hw->conf.channel->hw_value;
1957
1958	if (is_valid_ether_addr(priv->bssid))
1959		at76_join(priv);
1960	else
1961		at76_start_monitor(priv);
1962
1963	mutex_unlock(&priv->mtx);
1964
1965	return 0;
1966}
1967
1968static void at76_bss_info_changed(struct ieee80211_hw *hw,
1969				  struct ieee80211_vif *vif,
1970				  struct ieee80211_bss_conf *conf,
1971				  u32 changed)
1972{
1973	struct at76_priv *priv = hw->priv;
1974
1975	at76_dbg(DBG_MAC80211, "%s():", __func__);
1976
1977	if (!(changed & BSS_CHANGED_BSSID))
1978		return;
1979
1980	at76_dbg_dump(DBG_MAC80211, conf->bssid, ETH_ALEN, "bssid:");
1981
1982	mutex_lock(&priv->mtx);
1983
1984	memcpy(priv->bssid, conf->bssid, ETH_ALEN);
1985
1986	if (is_valid_ether_addr(priv->bssid))
1987		/* mac80211 is joining a bss */
1988		at76_join(priv);
1989
1990	mutex_unlock(&priv->mtx);
1991}
1992
1993/* must be atomic */
1994static void at76_configure_filter(struct ieee80211_hw *hw,
1995				  unsigned int changed_flags,
1996				  unsigned int *total_flags, u64 multicast)
1997{
1998	struct at76_priv *priv = hw->priv;
1999	int flags;
2000
2001	at76_dbg(DBG_MAC80211, "%s(): changed_flags=0x%08x "
2002		 "total_flags=0x%08x",
2003		 __func__, changed_flags, *total_flags);
2004
2005	flags = changed_flags & AT76_SUPPORTED_FILTERS;
2006	*total_flags = AT76_SUPPORTED_FILTERS;
2007
2008	/* Bail out after updating flags to prevent a WARN_ON in mac80211. */
2009	if (priv->device_unplugged)
2010		return;
2011
2012	/* FIXME: access to priv->promisc should be protected with
2013	 * priv->mtx, but it's impossible because this function needs to be
2014	 * atomic */
2015
2016	if (flags && !priv->promisc) {
2017		/* mac80211 wants us to enable promiscuous mode */
2018		priv->promisc = 1;
2019	} else if (!flags && priv->promisc) {
2020		/* we need to disable promiscuous mode */
2021		priv->promisc = 0;
2022	} else
2023		return;
2024
2025	ieee80211_queue_work(hw, &priv->work_set_promisc);
2026}
2027
2028static int at76_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
2029			struct ieee80211_vif *vif, struct ieee80211_sta *sta,
2030			struct ieee80211_key_conf *key)
2031{
2032	struct at76_priv *priv = hw->priv;
2033
2034	int i;
2035
2036	at76_dbg(DBG_MAC80211, "%s(): cmd %d key->alg %d key->keyidx %d "
2037		 "key->keylen %d",
2038		 __func__, cmd, key->alg, key->keyidx, key->keylen);
2039
2040	if (key->alg != ALG_WEP)
2041		return -EOPNOTSUPP;
2042
2043	key->hw_key_idx = key->keyidx;
2044
2045	mutex_lock(&priv->mtx);
2046
2047	switch (cmd) {
2048	case SET_KEY:
2049		memcpy(priv->wep_keys[key->keyidx], key->key, key->keylen);
2050		priv->wep_keys_len[key->keyidx] = key->keylen;
2051
2052		/* FIXME: find out how to do this properly */
2053		priv->wep_key_id = key->keyidx;
2054
2055		break;
2056	case DISABLE_KEY:
2057	default:
2058		priv->wep_keys_len[key->keyidx] = 0;
2059		break;
2060	}
2061
2062	priv->wep_enabled = 0;
2063
2064	for (i = 0; i < WEP_KEYS; i++) {
2065		if (priv->wep_keys_len[i] != 0)
2066			priv->wep_enabled = 1;
2067	}
2068
2069	at76_startup_device(priv);
2070
2071	mutex_unlock(&priv->mtx);
2072
2073	return 0;
2074}
2075
2076static const struct ieee80211_ops at76_ops = {
2077	.tx = at76_mac80211_tx,
2078	.add_interface = at76_add_interface,
2079	.remove_interface = at76_remove_interface,
2080	.config = at76_config,
2081	.bss_info_changed = at76_bss_info_changed,
2082	.configure_filter = at76_configure_filter,
2083	.start = at76_mac80211_start,
2084	.stop = at76_mac80211_stop,
2085	.hw_scan = at76_hw_scan,
2086	.set_key = at76_set_key,
2087};
2088
2089/* Allocate network device and initialize private data */
2090static struct at76_priv *at76_alloc_new_device(struct usb_device *udev)
2091{
2092	struct ieee80211_hw *hw;
2093	struct at76_priv *priv;
2094
2095	hw = ieee80211_alloc_hw(sizeof(struct at76_priv), &at76_ops);
2096	if (!hw) {
2097		printk(KERN_ERR DRIVER_NAME ": could not register"
2098		       " ieee80211_hw\n");
2099		return NULL;
2100	}
2101
2102	priv = hw->priv;
2103	priv->hw = hw;
2104
2105	priv->udev = udev;
2106
2107	mutex_init(&priv->mtx);
2108	INIT_WORK(&priv->work_set_promisc, at76_work_set_promisc);
2109	INIT_WORK(&priv->work_submit_rx, at76_work_submit_rx);
2110	INIT_DELAYED_WORK(&priv->dwork_hw_scan, at76_dwork_hw_scan);
2111
2112	tasklet_init(&priv->rx_tasklet, at76_rx_tasklet, 0);
2113
2114	priv->pm_mode = AT76_PM_OFF;
2115	priv->pm_period = 0;
2116
2117	/* unit us */
2118	priv->hw->channel_change_time = 100000;
2119
2120	return priv;
2121}
2122
2123static int at76_alloc_urbs(struct at76_priv *priv,
2124			   struct usb_interface *interface)
2125{
2126	struct usb_endpoint_descriptor *endpoint, *ep_in, *ep_out;
2127	int i;
2128	int buffer_size;
2129	struct usb_host_interface *iface_desc;
2130
2131	at76_dbg(DBG_PROC_ENTRY, "%s: ENTER", __func__);
2132
2133	at76_dbg(DBG_URB, "%s: NumEndpoints %d ", __func__,
2134		 interface->altsetting[0].desc.bNumEndpoints);
2135
2136	ep_in = NULL;
2137	ep_out = NULL;
2138	iface_desc = interface->cur_altsetting;
2139	for (i = 0; i < iface_desc->desc.bNumEndpoints; i++) {
2140		endpoint = &iface_desc->endpoint[i].desc;
2141
2142		at76_dbg(DBG_URB, "%s: %d. endpoint: addr 0x%x attr 0x%x",
2143			 __func__, i, endpoint->bEndpointAddress,
2144			 endpoint->bmAttributes);
2145
2146		if (!ep_in && usb_endpoint_is_bulk_in(endpoint))
2147			ep_in = endpoint;
2148
2149		if (!ep_out && usb_endpoint_is_bulk_out(endpoint))
2150			ep_out = endpoint;
2151	}
2152
2153	if (!ep_in || !ep_out) {
2154		dev_printk(KERN_ERR, &interface->dev,
2155			   "bulk endpoints missing\n");
2156		return -ENXIO;
2157	}
2158
2159	priv->rx_pipe = usb_rcvbulkpipe(priv->udev, ep_in->bEndpointAddress);
2160	priv->tx_pipe = usb_sndbulkpipe(priv->udev, ep_out->bEndpointAddress);
2161
2162	priv->rx_urb = usb_alloc_urb(0, GFP_KERNEL);
2163	priv->tx_urb = usb_alloc_urb(0, GFP_KERNEL);
2164	if (!priv->rx_urb || !priv->tx_urb) {
2165		dev_printk(KERN_ERR, &interface->dev, "cannot allocate URB\n");
2166		return -ENOMEM;
2167	}
2168
2169	buffer_size = sizeof(struct at76_tx_buffer) + MAX_PADDING_SIZE;
2170	priv->bulk_out_buffer = kmalloc(buffer_size, GFP_KERNEL);
2171	if (!priv->bulk_out_buffer) {
2172		dev_printk(KERN_ERR, &interface->dev,
2173			   "cannot allocate output buffer\n");
2174		return -ENOMEM;
2175	}
2176
2177	at76_dbg(DBG_PROC_ENTRY, "%s: EXIT", __func__);
2178
2179	return 0;
2180}
2181
2182static struct ieee80211_rate at76_rates[] = {
2183	{ .bitrate = 10, .hw_value = TX_RATE_1MBIT, },
2184	{ .bitrate = 20, .hw_value = TX_RATE_2MBIT, },
2185	{ .bitrate = 55, .hw_value = TX_RATE_5_5MBIT, },
2186	{ .bitrate = 110, .hw_value = TX_RATE_11MBIT, },
2187};
2188
2189static struct ieee80211_channel at76_channels[] = {
2190	{ .center_freq = 2412, .hw_value = 1 },
2191	{ .center_freq = 2417, .hw_value = 2 },
2192	{ .center_freq = 2422, .hw_value = 3 },
2193	{ .center_freq = 2427, .hw_value = 4 },
2194	{ .center_freq = 2432, .hw_value = 5 },
2195	{ .center_freq = 2437, .hw_value = 6 },
2196	{ .center_freq = 2442, .hw_value = 7 },
2197	{ .center_freq = 2447, .hw_value = 8 },
2198	{ .center_freq = 2452, .hw_value = 9 },
2199	{ .center_freq = 2457, .hw_value = 10 },
2200	{ .center_freq = 2462, .hw_value = 11 },
2201	{ .center_freq = 2467, .hw_value = 12 },
2202	{ .center_freq = 2472, .hw_value = 13 },
2203	{ .center_freq = 2484, .hw_value = 14 }
2204};
2205
2206static struct ieee80211_supported_band at76_supported_band = {
2207	.channels = at76_channels,
2208	.n_channels = ARRAY_SIZE(at76_channels),
2209	.bitrates = at76_rates,
2210	.n_bitrates = ARRAY_SIZE(at76_rates),
2211};
2212
2213/* Register network device and initialize the hardware */
2214static int at76_init_new_device(struct at76_priv *priv,
2215				struct usb_interface *interface)
2216{
2217	struct wiphy *wiphy;
2218	size_t len;
2219	int ret;
2220
2221	/* set up the endpoint information */
2222	/* check out the endpoints */
2223
2224	at76_dbg(DBG_DEVSTART, "USB interface: %d endpoints",
2225		 interface->cur_altsetting->desc.bNumEndpoints);
2226
2227	ret = at76_alloc_urbs(priv, interface);
2228	if (ret < 0)
2229		goto exit;
2230
2231	/* MAC address */
2232	ret = at76_get_hw_config(priv);
2233	if (ret < 0) {
2234		dev_printk(KERN_ERR, &interface->dev,
2235			   "cannot get MAC address\n");
2236		goto exit;
2237	}
2238
2239	priv->domain = at76_get_reg_domain(priv->regulatory_domain);
2240
2241	priv->channel = DEF_CHANNEL;
2242	priv->iw_mode = IW_MODE_INFRA;
2243	priv->rts_threshold = DEF_RTS_THRESHOLD;
2244	priv->frag_threshold = DEF_FRAG_THRESHOLD;
2245	priv->short_retry_limit = DEF_SHORT_RETRY_LIMIT;
2246	priv->txrate = TX_RATE_AUTO;
2247	priv->preamble_type = PREAMBLE_TYPE_LONG;
2248	priv->beacon_period = 100;
2249	priv->auth_mode = WLAN_AUTH_OPEN;
2250	priv->scan_min_time = DEF_SCAN_MIN_TIME;
2251	priv->scan_max_time = DEF_SCAN_MAX_TIME;
2252	priv->scan_mode = SCAN_TYPE_ACTIVE;
2253	priv->device_unplugged = 0;
2254
2255	/* mac80211 initialisation */
2256	wiphy = priv->hw->wiphy;
2257	priv->hw->wiphy->max_scan_ssids = 1;
2258	priv->hw->wiphy->max_scan_ie_len = 0;
2259	priv->hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION);
2260	priv->hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &at76_supported_band;
2261	priv->hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
2262			  IEEE80211_HW_SIGNAL_UNSPEC;
2263	priv->hw->max_signal = 100;
2264
2265	SET_IEEE80211_DEV(priv->hw, &interface->dev);
2266	SET_IEEE80211_PERM_ADDR(priv->hw, priv->mac_addr);
2267
2268	len = sizeof(wiphy->fw_version);
2269	snprintf(wiphy->fw_version, len, "%d.%d.%d-%d",
2270		 priv->fw_version.major, priv->fw_version.minor,
2271		 priv->fw_version.patch, priv->fw_version.build);
2272
2273	wiphy->hw_version = priv->board_type;
2274
2275	ret = ieee80211_register_hw(priv->hw);
2276	if (ret) {
2277		printk(KERN_ERR "cannot register mac80211 hw (status %d)!\n",
2278		       ret);
2279		goto exit;
2280	}
2281
2282	priv->mac80211_registered = 1;
2283
2284	printk(KERN_INFO "%s: USB %s, MAC %pM, firmware %d.%d.%d-%d\n",
2285	       wiphy_name(priv->hw->wiphy),
2286	       dev_name(&interface->dev), priv->mac_addr,
2287	       priv->fw_version.major, priv->fw_version.minor,
2288	       priv->fw_version.patch, priv->fw_version.build);
2289	printk(KERN_INFO "%s: regulatory domain 0x%02x: %s\n",
2290	       wiphy_name(priv->hw->wiphy),
2291	       priv->regulatory_domain, priv->domain->name);
2292
2293exit:
2294	return ret;
2295}
2296
2297static void at76_delete_device(struct at76_priv *priv)
2298{
2299	at76_dbg(DBG_PROC_ENTRY, "%s: ENTER", __func__);
2300
2301	/* The device is gone, don't bother turning it off */
2302	priv->device_unplugged = 1;
2303
2304	tasklet_kill(&priv->rx_tasklet);
2305
2306	if (priv->mac80211_registered)
2307		ieee80211_unregister_hw(priv->hw);
2308
2309	if (priv->tx_urb) {
2310		usb_kill_urb(priv->tx_urb);
2311		usb_free_urb(priv->tx_urb);
2312	}
2313	if (priv->rx_urb) {
2314		usb_kill_urb(priv->rx_urb);
2315		usb_free_urb(priv->rx_urb);
2316	}
2317
2318	at76_dbg(DBG_PROC_ENTRY, "%s: unlinked urbs", __func__);
2319
2320	kfree(priv->bulk_out_buffer);
2321
2322	del_timer_sync(&ledtrig_tx_timer);
2323
2324	kfree_skb(priv->rx_skb);
2325
2326	usb_put_dev(priv->udev);
2327
2328	at76_dbg(DBG_PROC_ENTRY, "%s: before freeing priv/ieee80211_hw",
2329		 __func__);
2330	ieee80211_free_hw(priv->hw);
2331
2332	at76_dbg(DBG_PROC_ENTRY, "%s: EXIT", __func__);
2333}
2334
2335static int at76_probe(struct usb_interface *interface,
2336		      const struct usb_device_id *id)
2337{
2338	int ret;
2339	struct at76_priv *priv;
2340	struct fwentry *fwe;
2341	struct usb_device *udev;
2342	int op_mode;
2343	int need_ext_fw = 0;
2344	struct mib_fw_version fwv;
2345	int board_type = (int)id->driver_info;
2346
2347	udev = usb_get_dev(interface_to_usbdev(interface));
2348
2349	/* Load firmware into kernel memory */
2350	fwe = at76_load_firmware(udev, board_type);
2351	if (!fwe) {
2352		ret = -ENOENT;
2353		goto error;
2354	}
2355
2356	op_mode = at76_get_op_mode(udev);
2357
2358	at76_dbg(DBG_DEVSTART, "opmode %d", op_mode);
2359
2360	/* we get OPMODE_NONE with 2.4.23, SMC2662W-AR ???
2361	   we get 204 with 2.4.23, Fiberline FL-WL240u (505A+RFMD2958) ??? */
2362
2363	if (op_mode == OPMODE_HW_CONFIG_MODE) {
2364		dev_printk(KERN_ERR, &interface->dev,
2365			   "cannot handle a device in HW_CONFIG_MODE\n");
2366		ret = -EBUSY;
2367		goto error;
2368	}
2369
2370	if (op_mode != OPMODE_NORMAL_NIC_WITH_FLASH
2371	    && op_mode != OPMODE_NORMAL_NIC_WITHOUT_FLASH) {
2372		/* download internal firmware part */
2373		dev_printk(KERN_DEBUG, &interface->dev,
2374			   "downloading internal firmware\n");
2375		ret = at76_load_internal_fw(udev, fwe);
2376		if (ret < 0) {
2377			dev_printk(KERN_ERR, &interface->dev,
2378				   "error %d downloading internal firmware\n",
2379				   ret);
2380			goto error;
2381		}
2382		usb_put_dev(udev);
2383		return ret;
2384	}
2385
2386	/* Internal firmware already inside the device.  Get firmware
2387	 * version to test if external firmware is loaded.
2388	 * This works only for newer firmware, e.g. the Intersil 0.90.x
2389	 * says "control timeout on ep0in" and subsequent
2390	 * at76_get_op_mode() fail too :-( */
2391
2392	/* if version >= 0.100.x.y or device with built-in flash we can
2393	 * query the device for the fw version */
2394	if ((fwe->fw_version.major > 0 || fwe->fw_version.minor >= 100)
2395	    || (op_mode == OPMODE_NORMAL_NIC_WITH_FLASH)) {
2396		ret = at76_get_mib(udev, MIB_FW_VERSION, &fwv, sizeof(fwv));
2397		if (ret < 0 || (fwv.major | fwv.minor) == 0)
2398			need_ext_fw = 1;
2399	} else
2400		/* No way to check firmware version, reload to be sure */
2401		need_ext_fw = 1;
2402
2403	if (need_ext_fw) {
2404		dev_printk(KERN_DEBUG, &interface->dev,
2405			   "downloading external firmware\n");
2406
2407		ret = at76_load_external_fw(udev, fwe);
2408		if (ret)
2409			goto error;
2410
2411		/* Re-check firmware version */
2412		ret = at76_get_mib(udev, MIB_FW_VERSION, &fwv, sizeof(fwv));
2413		if (ret < 0) {
2414			dev_printk(KERN_ERR, &interface->dev,
2415				   "error %d getting firmware version\n", ret);
2416			goto error;
2417		}
2418	}
2419
2420	priv = at76_alloc_new_device(udev);
2421	if (!priv) {
2422		ret = -ENOMEM;
2423		goto error;
2424	}
2425
2426	usb_set_intfdata(interface, priv);
2427
2428	memcpy(&priv->fw_version, &fwv, sizeof(struct mib_fw_version));
2429	priv->board_type = board_type;
2430
2431	ret = at76_init_new_device(priv, interface);
2432	if (ret < 0)
2433		at76_delete_device(priv);
2434
2435	return ret;
2436
2437error:
2438	usb_put_dev(udev);
2439	return ret;
2440}
2441
2442static void at76_disconnect(struct usb_interface *interface)
2443{
2444	struct at76_priv *priv;
2445
2446	priv = usb_get_intfdata(interface);
2447	usb_set_intfdata(interface, NULL);
2448
2449	/* Disconnect after loading internal firmware */
2450	if (!priv)
2451		return;
2452
2453	printk(KERN_INFO "%s: disconnecting\n", wiphy_name(priv->hw->wiphy));
2454	at76_delete_device(priv);
2455	dev_printk(KERN_INFO, &interface->dev, "disconnected\n");
2456}
2457
2458/* Structure for registering this driver with the USB subsystem */
2459static struct usb_driver at76_driver = {
2460	.name = DRIVER_NAME,
2461	.probe = at76_probe,
2462	.disconnect = at76_disconnect,
2463	.id_table = dev_table,
2464};
2465
2466static int __init at76_mod_init(void)
2467{
2468	int result;
2469
2470	printk(KERN_INFO DRIVER_DESC " " DRIVER_VERSION " loading\n");
2471
2472	mutex_init(&fw_mutex);
2473
2474	/* register this driver with the USB subsystem */
2475	result = usb_register(&at76_driver);
2476	if (result < 0)
2477		printk(KERN_ERR DRIVER_NAME
2478		       ": usb_register failed (status %d)\n", result);
2479
2480	led_trigger_register_simple("at76_usb-tx", &ledtrig_tx);
2481	return result;
2482}
2483
2484static void __exit at76_mod_exit(void)
2485{
2486	int i;
2487
2488	printk(KERN_INFO DRIVER_DESC " " DRIVER_VERSION " unloading\n");
2489	usb_deregister(&at76_driver);
2490	for (i = 0; i < ARRAY_SIZE(firmwares); i++) {
2491		if (firmwares[i].fw)
2492			release_firmware(firmwares[i].fw);
2493	}
2494	led_trigger_unregister_simple(ledtrig_tx);
2495}
2496
2497module_param_named(debug, at76_debug, uint, 0600);
2498MODULE_PARM_DESC(debug, "Debugging level");
2499
2500module_init(at76_mod_init);
2501module_exit(at76_mod_exit);
2502
2503MODULE_AUTHOR("Oliver Kurth <oku@masqmail.cx>");
2504MODULE_AUTHOR("Joerg Albert <joerg.albert@gmx.de>");
2505MODULE_AUTHOR("Alex <alex@foogod.com>");
2506MODULE_AUTHOR("Nick Jones");
2507MODULE_AUTHOR("Balint Seeber <n0_5p4m_p13453@hotmail.com>");
2508MODULE_AUTHOR("Pavel Roskin <proski@gnu.org>");
2509MODULE_AUTHOR("Guido Guenther <agx@sigxcpu.org>");
2510MODULE_AUTHOR("Kalle Valo <kalle.valo@iki.fi>");
2511MODULE_DESCRIPTION(DRIVER_DESC);
2512MODULE_LICENSE("GPL");
Configure Feed

Configure Feed
