4 /**** (legal) claimer in README
5 ** Copyright (C) 2003 ACX100 Open Source Project
7 #include <linux/version.h>
9 #include "acx_mac80211.h"
10 #include "acx_debug.h"
12 /***********************************************************************
13 ** Forward declarations of types
15 typedef struct tx tx_t
;
16 typedef struct acx_device acx_device_t
;
17 typedef struct client client_t
;
18 typedef struct rxdesc rxdesc_t
;
19 typedef struct txdesc txdesc_t
;
20 typedef struct rxhostdesc rxhostdesc_t
;
21 typedef struct txhostdesc txhostdesc_t
;
24 /***********************************************************************
30 /* The supported chip models */
31 #define CHIPTYPE_ACX100 1
32 #define CHIPTYPE_ACX111 2
34 #define IS_ACX100(adev) ((adev)->chip_type == CHIPTYPE_ACX100)
35 #define IS_ACX111(adev) ((adev)->chip_type == CHIPTYPE_ACX111)
37 /* Supported interfaces */
41 #if !(defined(CONFIG_ACX_MAC80211_PCI) || defined(CONFIG_ACX_MAC80211_USB))
42 #error Driver must include PCI and/or USB support. You selected neither.
45 #if defined(CONFIG_ACX_MAC80211_PCI)
46 #if !defined(CONFIG_ACX_MAC80211_USB)
47 #define IS_PCI(adev) 1
49 #define IS_PCI(adev) ((adev)->dev_type == DEVTYPE_PCI)
52 #define IS_PCI(adev) 0
55 #if defined(CONFIG_ACX_MAC80211_USB)
56 #if !defined(CONFIG_ACX_MAC80211_PCI)
57 #define IS_USB(adev) 1
59 #define IS_USB(adev) ((adev)->dev_type == DEVTYPE_USB)
62 #define IS_USB(adev) 0
66 #define DEFAULT_DTIM_INTERVAL 10
67 /* used to be 2048, but FreeBSD driver changed it to 4096 to work properly
69 #define DEFAULT_MSDU_LIFETIME 4096
70 #define DEFAULT_RTS_THRESHOLD 2312 /* max. size: disable RTS mechanism */
71 #define DEFAULT_BEACON_INTERVAL 100
73 #define ACX100_BAP_DATALEN_MAX 4096
74 #define ACX100_RID_GUESSING_MAXLEN 2048 /* I'm not really sure */
75 #define ACX100_RIDDATA_MAXLEN ACX100_RID_GUESSING_MAXLEN
77 /* Support Constants */
78 /* Radio type names, found in Win98 driver's TIACXLN.INF */
79 #define RADIO_MAXIM_0D 0x0d
80 #define RADIO_RFMD_11 0x11
81 #define RADIO_RALINK_15 0x15
82 /* used in ACX111 cards (WG311v2, WL-121, ...): */
83 #define RADIO_RADIA_16 0x16
84 /* most likely *sometimes* used in ACX111 cards: */
85 #define RADIO_UNKNOWN_17 0x17
86 /* FwRad19.bin was found in a Safecom driver; must be an ACX111 radio: */
87 #define RADIO_UNKNOWN_19 0x19
88 #define RADIO_UNKNOWN_1B 0x1b /* radio in SafeCom SWLUT-54125 USB adapter; entirely unknown!! */
90 /* Controller Commands */
91 /* can be found in table cmdTable in firmware "Rev. 1.5.0" (FW150) */
92 #define ACX1xx_CMD_RESET 0x00
93 #define ACX1xx_CMD_INTERROGATE 0x01
94 #define ACX1xx_CMD_CONFIGURE 0x02
95 #define ACX1xx_CMD_ENABLE_RX 0x03
96 #define ACX1xx_CMD_ENABLE_TX 0x04
97 #define ACX1xx_CMD_DISABLE_RX 0x05
98 #define ACX1xx_CMD_DISABLE_TX 0x06
99 #define ACX1xx_CMD_FLUSH_QUEUE 0x07
100 #define ACX1xx_CMD_SCAN 0x08
101 #define ACX1xx_CMD_STOP_SCAN 0x09
102 #define ACX1xx_CMD_CONFIG_TIM 0x0a
103 #define ACX1xx_CMD_JOIN 0x0b
104 #define ACX1xx_CMD_WEP_MGMT 0x0c
105 #ifdef OLD_FIRMWARE_VERSIONS
106 #define ACX100_CMD_HALT 0x0e /* mapped to unknownCMD in FW150 */
108 #define ACX1xx_CMD_MEM_READ 0x0d
109 #define ACX1xx_CMD_MEM_WRITE 0x0e
111 #define ACX1xx_CMD_SLEEP 0x0f
112 #define ACX1xx_CMD_WAKE 0x10
113 #define ACX1xx_CMD_UNKNOWN_11 0x11 /* mapped to unknownCMD in FW150 */
114 #define ACX100_CMD_INIT_MEMORY 0x12
115 #define ACX1FF_CMD_DISABLE_RADIO 0x12 /* new firmware? TNETW1450? */
116 #define ACX1xx_CMD_CONFIG_BEACON 0x13
117 #define ACX1xx_CMD_CONFIG_PROBE_RESPONSE 0x14
118 #define ACX1xx_CMD_CONFIG_NULL_DATA 0x15
119 #define ACX1xx_CMD_CONFIG_PROBE_REQUEST 0x16
120 #define ACX1xx_CMD_FCC_TEST 0x17
121 #define ACX1xx_CMD_RADIOINIT 0x18
122 #define ACX111_CMD_RADIOCALIB 0x19
123 #define ACX1FF_CMD_NOISE_HISTOGRAM 0x1c /* new firmware? TNETW1450? */
124 #define ACX1FF_CMD_RX_RESET 0x1d /* new firmware? TNETW1450? */
125 #define ACX1FF_CMD_LNA_CONTROL 0x20 /* new firmware? TNETW1450? */
126 #define ACX1FF_CMD_CONTROL_DBG_TRACE 0x21 /* new firmware? TNETW1450? */
128 /***********************************************************************
129 ** Tx/Rx buffer sizes and watermarks
131 ** This will alloc and use DMAable buffers of
132 ** WLAN_A4FR_MAXLEN_WEP_FCS * (RX_CNT + TX_CNT) bytes
133 ** RX/TX_CNT=32 -> ~150k DMA buffers
134 ** RX/TX_CNT=16 -> ~75k DMA buffers
136 ** 2005-10-10: reduced memory usage by lowering both to 16
141 /* we clean up txdescs when we have N free txdesc: */
142 #define TX_CLEAN_BACKLOG (TX_CNT/4)
143 #define TX_START_CLEAN (TX_CNT - TX_CLEAN_BACKLOG)
144 #define TX_EMERG_CLEAN 2
145 /* we stop queue if we have < N free txbufs: */
146 #define TX_STOP_QUEUE 3
147 /* we start queue if we have >= N free txbufs: */
148 #define TX_START_QUEUE 5
150 /***********************************************************************
151 ** Interrogate/Configure cmd constants
153 ** NB: length includes JUST the data part of the IE
154 ** (does not include size of the (type,len) pair)
156 ** TODO: seems that acx100, acx100usb, acx111 have some differences,
157 ** fix code with regard to this!
160 #define DEF_IE(name, val, len) enum { ACX##name=val, ACX##name##_LEN=len }
162 /* Information Elements: Network Parameters, Static Configuration Entities */
163 /* these are handled by real_cfgtable in firmware "Rev 1.5.0" (FW150) */
164 DEF_IE(1xx_IE_UNKNOWN_00
,0x0000, -1); /* mapped to cfgInvalid in FW150 */
165 DEF_IE(100_IE_ACX_TIMER
,0x0001, 0x10);
166 DEF_IE(1xx_IE_POWER_MGMT
,0x0002, 0x06); /* TNETW1450: length 0x18!! */
167 DEF_IE(1xx_IE_QUEUE_CONFIG
,0x0003, 0x1c);
168 DEF_IE(100_IE_BLOCK_SIZE
,0x0004, 0x02);
169 DEF_IE(1FF_IE_SLOT_TIME
,0x0004, 0x08); /* later firmware versions only? */
170 DEF_IE(1xx_IE_MEMORY_CONFIG_OPTIONS
,0x0005, 0x14);
171 DEF_IE(1FF_IE_QUEUE_HEAD
,0x0005, 0x14 /* FIXME: length? */);
172 DEF_IE(1xx_IE_RATE_FALLBACK
,0x0006, 0x01); /* TNETW1450: length 2 */
173 DEF_IE(100_IE_WEP_OPTIONS
,0x0007, 0x03);
174 DEF_IE(111_IE_RADIO_BAND
,0x0007, -1);
175 DEF_IE(1FF_IE_TIMING_CFG
,0x0007, -1); /* later firmware versions; TNETW1450 only? */
176 DEF_IE(100_IE_SSID
,0x0008, 0x20); /* huh? */
177 DEF_IE(1xx_IE_MEMORY_MAP
,0x0008, 0x28); /* huh? TNETW1450 has length 0x40!! */
178 DEF_IE(1xx_IE_SCAN_STATUS
,0x0009, 0x04); /* mapped to cfgInvalid in FW150 */
179 DEF_IE(1xx_IE_ASSOC_ID
,0x000a, 0x02);
180 DEF_IE(1xx_IE_UNKNOWN_0B
,0x000b, -1); /* mapped to cfgInvalid in FW150 */
181 DEF_IE(1FF_IE_TX_POWER_LEVEL_TABLE
,0x000b, 0x18); /* later firmware versions; TNETW1450 only? */
182 DEF_IE(100_IE_UNKNOWN_0C
,0x000c, -1); /* very small implementation in FW150! */
183 /* ACX100 has an equivalent struct in the cmd mailbox directly after reset.
184 * 0x14c seems extremely large, will trash stack on failure (memset!)
185 * in case of small input struct --> OOPS! */
186 DEF_IE(111_IE_CONFIG_OPTIONS
,0x000c, 0x14c);
187 DEF_IE(1xx_IE_FWREV
,0x000d, 0x18);
188 DEF_IE(1xx_IE_FCS_ERROR_COUNT
,0x000e, 0x04);
189 DEF_IE(1xx_IE_MEDIUM_USAGE
,0x000f, 0x08);
190 DEF_IE(1xx_IE_RXCONFIG
,0x0010, 0x04);
191 DEF_IE(100_IE_UNKNOWN_11
,0x0011, -1); /* NONBINARY: large implementation in FW150! link quality readings or so? */
192 DEF_IE(111_IE_QUEUE_THRESH
,0x0011, -1);
193 DEF_IE(100_IE_UNKNOWN_12
,0x0012, -1); /* NONBINARY: VERY large implementation in FW150!! */
194 DEF_IE(111_IE_BSS_POWER_SAVE
,0x0012, /* -1 */ 2);
195 DEF_IE(1xx_IE_FIRMWARE_STATISTICS
,0x0013, 0x9c); /* TNETW1450: length 0x134!! */
196 DEF_IE(1FF_IE_RX_INTR_CONFIG
,0x0014, 0x14); /* later firmware versions, TNETW1450 only? */
197 DEF_IE(1xx_IE_FEATURE_CONFIG
,0x0015, 0x08);
198 DEF_IE(111_IE_KEY_CHOOSE
,0x0016, 0x04); /* for rekeying. really len=4?? */
199 DEF_IE(1FF_IE_MISC_CONFIG_TABLE
,0x0017, 0x04); /* later firmware versions, TNETW1450 only? */
200 DEF_IE(1FF_IE_WONE_CONFIG
,0x0018, -1); /* later firmware versions, TNETW1450 only? */
201 DEF_IE(1FF_IE_TID_CONFIG
,0x001a, 0x2c); /* later firmware versions, TNETW1450 only? */
202 DEF_IE(1FF_IE_CALIB_ASSESSMENT
,0x001e, 0x04); /* later firmware versions, TNETW1450 only? */
203 DEF_IE(1FF_IE_BEACON_FILTER_OPTIONS
,0x001f, 0x02); /* later firmware versions, TNETW1450 only? */
204 DEF_IE(1FF_IE_LOW_RSSI_THRESH_OPT
,0x0020, 0x04); /* later firmware versions, TNETW1450 only? */
205 DEF_IE(1FF_IE_NOISE_HISTOGRAM_RESULTS
,0x0021, 0x30); /* later firmware versions, TNETW1450 only? */
206 DEF_IE(1FF_IE_PACKET_DETECT_THRESH
,0x0023, 0x04); /* later firmware versions, TNETW1450 only? */
207 DEF_IE(1FF_IE_TX_CONFIG_OPTIONS
,0x0024, 0x04); /* later firmware versions, TNETW1450 only? */
208 DEF_IE(1FF_IE_CCA_THRESHOLD
,0x0025, 0x02); /* later firmware versions, TNETW1450 only? */
209 DEF_IE(1FF_IE_EVENT_MASK
,0x0026, 0x08); /* later firmware versions, TNETW1450 only? */
210 DEF_IE(1FF_IE_DTIM_PERIOD
,0x0027, 0x02); /* later firmware versions, TNETW1450 only? */
211 DEF_IE(1FF_IE_ACI_CONFIG_SET
,0x0029, 0x06); /* later firmware versions; maybe TNETW1450 only? */
212 DEF_IE(1FF_IE_EEPROM_VER
,0x0030, 0x04); /* later firmware versions; maybe TNETW1450 only? */
213 DEF_IE(1xx_IE_DOT11_STATION_ID
,0x1001, 0x06);
214 DEF_IE(100_IE_DOT11_UNKNOWN_1002
,0x1002, -1); /* mapped to cfgInvalid in FW150 */
215 DEF_IE(111_IE_DOT11_FRAG_THRESH
,0x1002, -1); /* mapped to cfgInvalid in FW150; TNETW1450 has length 2!! */
216 DEF_IE(100_IE_DOT11_BEACON_PERIOD
,0x1003, 0x02); /* mapped to cfgInvalid in FW150 */
217 DEF_IE(1xx_IE_DOT11_DTIM_PERIOD
,0x1004, -1); /* mapped to cfgInvalid in FW150 */
218 DEF_IE(1FF_IE_DOT11_MAX_RX_LIFETIME
,0x1004, -1); /* later firmware versions; maybe TNETW1450 only? */
219 DEF_IE(1xx_IE_DOT11_SHORT_RETRY_LIMIT
,0x1005, 0x01); /* TNETW1450: length 2 */
220 DEF_IE(1xx_IE_DOT11_LONG_RETRY_LIMIT
,0x1006, 0x01); /* TNETW1450: length 2 */
221 DEF_IE(100_IE_DOT11_WEP_DEFAULT_KEY_WRITE
,0x1007, 0x20); /* configure default keys; TNETW1450 has length 0x24!! */
222 DEF_IE(1xx_IE_DOT11_MAX_XMIT_MSDU_LIFETIME
,0x1008, 0x04);
223 DEF_IE(1xx_IE_DOT11_GROUP_ADDR
,0x1009, -1);
224 DEF_IE(1xx_IE_DOT11_CURRENT_REG_DOMAIN
,0x100a, 0x02);
225 /* It's harmless to have larger struct. Use USB case always. */
226 DEF_IE(1xx_IE_DOT11_CURRENT_ANTENNA
,0x100b, 0x02); /* in fact len=1 for PCI */
227 DEF_IE(1xx_IE_DOT11_UNKNOWN_100C
,0x100c, -1); /* mapped to cfgInvalid in FW150 */
228 DEF_IE(1xx_IE_DOT11_TX_POWER_LEVEL
,0x100d, 0x01); /* TNETW1450 has length 2!! */
229 DEF_IE(1xx_IE_DOT11_CURRENT_CCA_MODE
,0x100e, 0x02); /* in fact len=1 for PCI */
230 /* USB doesn't return anything - len==0?! */
231 DEF_IE(100_IE_DOT11_ED_THRESHOLD
,0x100f, 0x04);
232 DEF_IE(1xx_IE_DOT11_WEP_DEFAULT_KEY_SET
,0x1010, 0x01); /* set default key ID; TNETW1450: length 2 */
233 DEF_IE(100_IE_DOT11_UNKNOWN_1011
,0x1011, -1); /* mapped to cfgInvalid in FW150 */
234 DEF_IE(1FF_IE_DOT11_CURR_5GHZ_REGDOM
,0x1011, -1); /* later firmware versions; maybe TNETW1450 only? */
235 DEF_IE(100_IE_DOT11_UNKNOWN_1012
,0x1012, -1); /* mapped to cfgInvalid in FW150 */
236 DEF_IE(100_IE_DOT11_UNKNOWN_1013
,0x1013, -1); /* mapped to cfgInvalid in FW150 */
239 /* Experimentally obtained on acx100, fw 1.9.8.b
240 ** -1 means that fw returned 'invalid IE'
241 ** 0200 FC00 nnnn... are test read contents: u16 type, u16 len, data
242 ** (AA are poison bytes marking bytes not written by fw)
244 ** Looks like acx100 fw does not update len field (thus len=256-4=FC here)
245 ** A number of IEs seem to trash type,len fields
246 ** IEs marked 'huge' return gobs of data (no poison bytes remain)
248 DEF_IE(100_IE_INVAL_00
, 0x0000, -1);
249 DEF_IE(100_IE_INVAL_01
, 0x0001, -1); /* IE_ACX_TIMER, len=16 on older fw */
250 DEF_IE(100_IE_POWER_MGMT
, 0x0002, 4); /* 0200FC00 00040000 AAAAAAAA */
251 DEF_IE(100_IE_QUEUE_CONFIG
, 0x0003, 28); /* 0300FC00 48060000 9CAD0000 0101AAAA DCB00000 E4B00000 9CAA0000 00AAAAAA */
252 DEF_IE(100_IE_BLOCK_SIZE
, 0x0004, 2); /* 0400FC00 0001AAAA AAAAAAAA AAAAAAAA */
254 DEF_IE(100_IE_MEMORY_CONFIG_OPTIONS
, 0x0005, 20);
255 DEF_IE(100_IE_RATE_FALLBACK
, 0x0006, 1); /* 0600FC00 00AAAAAA AAAAAAAA AAAAAAAA */
257 DEF_IE(100_IE_WEP_OPTIONS
, 0x0007, 3);
258 DEF_IE(100_IE_MEMORY_MAP
, 0x0008, 40); /* huge: 0800FC00 30000000 6CA20000 70A20000... */
259 /* gives INVAL on read: */
260 DEF_IE(100_IE_SCAN_STATUS
, 0x0009, -1);
261 DEF_IE(100_IE_ASSOC_ID
, 0x000a, 2); /* huge: 0A00FC00 00000000 01040800 00000000... */
262 DEF_IE(100_IE_INVAL_0B
, 0x000b, -1);
263 /* 'command rejected': */
264 DEF_IE(100_IE_CONFIG_OPTIONS
, 0x000c, -3);
265 DEF_IE(100_IE_FWREV
, 0x000d, 24); /* 0D00FC00 52657620 312E392E 382E6200 AAAAAAAA AAAAAAAA 05050201 AAAAAAAA */
266 DEF_IE(100_IE_FCS_ERROR_COUNT
, 0x000e, 4);
267 DEF_IE(100_IE_MEDIUM_USAGE
, 0x000f, 8); /* E41F0000 2D780300 FCC91300 AAAAAAAA */
268 DEF_IE(100_IE_RXCONFIG
, 0x0010, 4); /* 1000FC00 00280000 AAAAAAAA AAAAAAAA */
269 DEF_IE(100_IE_QUEUE_THRESH
, 0x0011, 12); /* 1100FC00 AAAAAAAA 00000000 00000000 */
270 DEF_IE(100_IE_BSS_POWER_SAVE
, 0x0012, 1); /* 1200FC00 00AAAAAA AAAAAAAA AAAAAAAA */
271 /* read only, variable len */
272 DEF_IE(100_IE_FIRMWARE_STATISTICS
, 0x0013, 256); /* 0000AC00 00000000 ... */
273 DEF_IE(100_IE_INT_CONFIG
, 0x0014, 20); /* 00000000 00000000 00000000 00000000 5D74D105 00000000 AAAAAAAA AAAAAAAA */
274 DEF_IE(100_IE_FEATURE_CONFIG
, 0x0015, 8); /* 1500FC00 16000000 AAAAAAAA AAAAAAAA */
275 /* returns 'invalid MAC': */
276 DEF_IE(100_IE_KEY_CHOOSE
, 0x0016, -4);
277 DEF_IE(100_IE_INVAL_17
, 0x0017, -1);
278 DEF_IE(100_IE_UNKNOWN_18
, 0x0018, 0); /* null len?! 1800FC00 AAAAAAAA AAAAAAAA AAAAAAAA */
279 DEF_IE(100_IE_UNKNOWN_19
, 0x0019, 256); /* huge: 1900FC00 9C1F00EA FEFFFFEA FEFFFFEA... */
280 DEF_IE(100_IE_INVAL_1A
, 0x001A, -1);
282 DEF_IE(100_IE_DOT11_INVAL_1000
, 0x1000, -1);
283 DEF_IE(100_IE_DOT11_STATION_ID
, 0x1001, 6); /* huge: 0110FC00 58B10E2F 03000000 00000000... */
284 DEF_IE(100_IE_DOT11_INVAL_1002
, 0x1002, -1);
285 DEF_IE(100_IE_DOT11_INVAL_1003
, 0x1003, -1);
286 DEF_IE(100_IE_DOT11_INVAL_1004
, 0x1004, -1);
287 DEF_IE(100_IE_DOT11_SHORT_RETRY_LIMIT
, 0x1005, 1);
288 DEF_IE(100_IE_DOT11_LONG_RETRY_LIMIT
, 0x1006, 1);
290 DEF_IE(100_IE_DOT11_WEP_DEFAULT_KEY_WRITE
, 0x1007, 32);
291 DEF_IE(100_IE_DOT11_MAX_XMIT_MSDU_LIFETIME
, 0x1008, 4); /* huge: 0810FC00 00020000 F4010000 00000000... */
292 /* undoc but returns something */
293 DEF_IE(100_IE_DOT11_GROUP_ADDR
, 0x1009, 12); /* huge: 0910FC00 00000000 00000000 00000000... */
294 DEF_IE(100_IE_DOT11_CURRENT_REG_DOMAIN
, 0x100a, 1); /* 0A10FC00 30AAAAAA AAAAAAAA AAAAAAAA */
295 DEF_IE(100_IE_DOT11_CURRENT_ANTENNA
, 0x100b, 1); /* 0B10FC00 8FAAAAAA AAAAAAAA AAAAAAAA */
296 DEF_IE(100_IE_DOT11_INVAL_100C
, 0x100c, -1);
297 DEF_IE(100_IE_DOT11_TX_POWER_LEVEL
, 0x100d, 2); /* 00000000 0100AAAA AAAAAAAA AAAAAAAA */
298 DEF_IE(100_IE_DOT11_CURRENT_CCA_MODE
, 0x100e, 1); /* 0E10FC00 0DAAAAAA AAAAAAAA AAAAAAAA */
299 DEF_IE(100_IE_DOT11_ED_THRESHOLD
, 0x100f, 4); /* 0F10FC00 70000000 AAAAAAAA AAAAAAAA */
300 /* set default key ID */
301 DEF_IE(100_IE_DOT11_WEP_DEFAULT_KEY_SET
, 0x1010, 1); /* 1010FC00 00AAAAAA AAAAAAAA AAAAAAAA */
302 DEF_IE(100_IE_DOT11_INVAL_1011
, 0x1011, -1);
303 DEF_IE(100_IE_DOT11_INVAL_1012
, 0x1012, -1);
304 DEF_IE(100_IE_DOT11_INVAL_1013
, 0x1013, -1);
305 DEF_IE(100_IE_DOT11_UNKNOWN_1014
, 0x1014, 256); /* huge */
306 DEF_IE(100_IE_DOT11_UNKNOWN_1015
, 0x1015, 256); /* huge */
307 DEF_IE(100_IE_DOT11_UNKNOWN_1016
, 0x1016, 256); /* huge */
308 DEF_IE(100_IE_DOT11_UNKNOWN_1017
, 0x1017, 256); /* huge */
309 DEF_IE(100_IE_DOT11_UNKNOWN_1018
, 0x1018, 256); /* huge */
310 DEF_IE(100_IE_DOT11_UNKNOWN_1019
, 0x1019, 256); /* huge */
314 /* Experimentally obtained on PCI acx111 Xterasys XN-2522g, fw 1.2.1.34
315 ** -1 means that fw returned 'invalid IE'
316 ** 0400 0800 nnnn... are test read contents: u16 type, u16 len, data
317 ** (AA are poison bytes marking bytes not written by fw)
319 ** Looks like acx111 fw reports real len!
321 DEF_IE(111_IE_INVAL_00
, 0x0000, -1);
322 DEF_IE(111_IE_INVAL_01
, 0x0001, -1);
323 DEF_IE(111_IE_POWER_MGMT
, 0x0002, 12);
324 /* write only, variable len: 12 + rxqueue_cnt*8 + txqueue_cnt*4: */
325 DEF_IE(111_IE_MEMORY_CONFIG
, 0x0003, 24);
326 DEF_IE(111_IE_BLOCK_SIZE
, 0x0004, 8); /* 04000800 AA00AAAA AAAAAAAA */
327 /* variable len: 8 + rxqueue_cnt*8 + txqueue_cnt*8: */
328 DEF_IE(111_IE_QUEUE_HEAD
, 0x0005, 24);
329 DEF_IE(111_IE_RATE_FALLBACK
, 0x0006, 1);
330 /* acx100 name:WEP_OPTIONS */
331 /* said to have len:1 (not true, actually returns 12 bytes): */
332 DEF_IE(111_IE_RADIO_BAND
, 0x0007, 12); /* 07000C00 AAAA1F00 FF03AAAA AAAAAAAA */
333 DEF_IE(111_IE_MEMORY_MAP
, 0x0008, 48);
334 /* said to have len:4, but gives INVAL on read: */
335 DEF_IE(111_IE_SCAN_STATUS
, 0x0009, -1);
336 DEF_IE(111_IE_ASSOC_ID
, 0x000a, 2);
337 /* write only, len is not known: */
338 DEF_IE(111_IE_UNKNOWN_0B
, 0x000b, 0);
339 /* read only, variable len. I see 67 byte reads: */
340 DEF_IE(111_IE_CONFIG_OPTIONS
, 0x000c, 67); /* 0C004300 01160500 ... */
341 DEF_IE(111_IE_FWREV
, 0x000d, 24);
342 DEF_IE(111_IE_FCS_ERROR_COUNT
, 0x000e, 4);
343 DEF_IE(111_IE_MEDIUM_USAGE
, 0x000f, 8);
344 DEF_IE(111_IE_RXCONFIG
, 0x0010, 4);
345 DEF_IE(111_IE_QUEUE_THRESH
, 0x0011, 12);
346 DEF_IE(111_IE_BSS_POWER_SAVE
, 0x0012, 1);
347 /* read only, variable len. I see 240 byte reads: */
348 DEF_IE(111_IE_FIRMWARE_STATISTICS
, 0x0013, 240); /* 1300F000 00000000 ... */
349 /* said to have len=17. looks like fw pads it to 20: */
350 DEF_IE(111_IE_INT_CONFIG
, 0x0014, 20); /* 14001400 00000000 00000000 00000000 00000000 00000000 */
351 DEF_IE(111_IE_FEATURE_CONFIG
, 0x0015, 8);
352 /* said to be name:KEY_INDICATOR, len:4, but gives INVAL on read: */
353 DEF_IE(111_IE_KEY_CHOOSE
, 0x0016, -1);
354 /* said to have len:4, but in fact returns 8: */
355 DEF_IE(111_IE_MAX_USB_XFR
, 0x0017, 8); /* 17000800 00014000 00000000 */
356 DEF_IE(111_IE_INVAL_18
, 0x0018, -1);
357 DEF_IE(111_IE_INVAL_19
, 0x0019, -1);
358 /* undoc but returns something: */
359 /* huh, fw indicates len=20 but uses 4 more bytes in buffer??? */
360 DEF_IE(111_IE_UNKNOWN_1A
, 0x001A, 20); /* 1A001400 AA00AAAA 0000020F FF030000 00020000 00000007 04000000 */
362 DEF_IE(111_IE_DOT11_INVAL_1000
, 0x1000, -1);
363 DEF_IE(111_IE_DOT11_STATION_ID
, 0x1001, 6);
364 DEF_IE(111_IE_DOT11_FRAG_THRESH
, 0x1002, 2);
365 /* acx100 only? gives INVAL on read: */
366 DEF_IE(111_IE_DOT11_BEACON_PERIOD
, 0x1003, -1);
367 /* said to be MAX_RECV_MSDU_LIFETIME: */
368 DEF_IE(111_IE_DOT11_DTIM_PERIOD
, 0x1004, 4);
369 DEF_IE(111_IE_DOT11_SHORT_RETRY_LIMIT
, 0x1005, 1);
370 DEF_IE(111_IE_DOT11_LONG_RETRY_LIMIT
, 0x1006, 1);
371 /* acx100 only? gives INVAL on read: */
372 DEF_IE(111_IE_DOT11_WEP_DEFAULT_KEY_WRITE
, 0x1007, -1);
373 DEF_IE(111_IE_DOT11_MAX_XMIT_MSDU_LIFETIME
, 0x1008, 4);
374 /* undoc but returns something. maybe it's 2 multicast MACs to listen to? */
375 DEF_IE(111_IE_DOT11_GROUP_ADDR
, 0x1009, 12); /* 09100C00 00000000 00000000 00000000 */
376 DEF_IE(111_IE_DOT11_CURRENT_REG_DOMAIN
, 0x100a, 1);
377 DEF_IE(111_IE_DOT11_CURRENT_ANTENNA
, 0x100b, 2);
378 DEF_IE(111_IE_DOT11_INVAL_100C
, 0x100c, -1);
379 DEF_IE(111_IE_DOT11_TX_POWER_LEVEL
, 0x100d, 1);
380 /* said to have len=1 but gives INVAL on read: */
381 DEF_IE(111_IE_DOT11_CURRENT_CCA_MODE
, 0x100e, -1);
382 /* said to have len=4 but gives INVAL on read: */
383 DEF_IE(111_IE_DOT11_ED_THRESHOLD
, 0x100f, -1);
384 /* set default key ID. write only: */
385 DEF_IE(111_IE_DOT11_WEP_DEFAULT_KEY_SET
, 0x1010, 1);
386 /* undoc but returns something: */
387 DEF_IE(111_IE_DOT11_UNKNOWN_1011
, 0x1011, 1); /* 11100100 20 */
388 DEF_IE(111_IE_DOT11_INVAL_1012
, 0x1012, -1);
389 DEF_IE(111_IE_DOT11_INVAL_1013
, 0x1013, -1);
393 /***********************************************************************
394 **Information Frames Structures
397 /* Used in beacon frames and the like */
398 #define DOT11RATEBYTE_1 (1*2)
399 #define DOT11RATEBYTE_2 (2*2)
400 #define DOT11RATEBYTE_5_5 (5*2+1)
401 #define DOT11RATEBYTE_11 (11*2)
402 #define DOT11RATEBYTE_22 (22*2)
403 #define DOT11RATEBYTE_6_G (6*2)
404 #define DOT11RATEBYTE_9_G (9*2)
405 #define DOT11RATEBYTE_12_G (12*2)
406 #define DOT11RATEBYTE_18_G (18*2)
407 #define DOT11RATEBYTE_24_G (24*2)
408 #define DOT11RATEBYTE_36_G (36*2)
409 #define DOT11RATEBYTE_48_G (48*2)
410 #define DOT11RATEBYTE_54_G (54*2)
411 #define DOT11RATEBYTE_BASIC 0x80 /* flags rates included in basic rate set */
414 /***********************************************************************
417 ** This is the format of rx data returned by acx
420 /* I've hoped it's a 802.11 PHY header, but no...
421 * so far, I've seen on acx111:
422 * 0000 3a00 0000 0000 IBSS Beacons
423 * 0000 3c00 0000 0000 ESS Beacons
424 * 0000 2700 0000 0000 Probe requests
427 typedef struct phy_hdr
{
429 u8 acx111_unknown
[4];
430 } __attribute__ ((packed
)) phy_hdr_t
;
432 /* seems to be a bit similar to hfa384x_rx_frame.
433 * These fields are still not quite obvious, though.
434 * Some seem to have different meanings... */
436 #define RXBUF_HDRSIZE 12
437 #define RXBUF_BYTES_RCVD(adev, rxbuf) \
438 ((le16_to_cpu((rxbuf)->mac_cnt_rcvd) & 0xfff) - (adev)->phy_header_len)
439 #define RXBUF_BYTES_USED(rxbuf) \
440 ((le16_to_cpu((rxbuf)->mac_cnt_rcvd) & 0xfff) + RXBUF_HDRSIZE)
442 #define RXBUF_IS_TXSTAT(rxbuf) (le16_to_cpu((rxbuf)->mac_cnt_rcvd) & 0x8000)
445 12 bits: length of frame from control field to first byte of FCS
447 1 bit: 1 = it's a tx status info, not a rx packet (USB only)
450 6 bits: number of memory block used to store frame in adapter memory
451 1 bit: Traffic Indicator bit in TIM of received Beacon was set
453 mac_status: 1 byte (bitmap):
456 5 BDCST Address 1 field is a broadcast
457 4 VBM received beacon frame has more than one set bit (?!)
458 3 TIM Set bit representing this station is set in TIM of received beacon
459 2 GROUP Address 1 is a multicast
460 1 ADDR1 Address 1 matches our MAC
463 phy_stat_baseband: 1 byte (bitmap):
464 7 Preamble frame had a long preamble
465 6 PLCP Error CRC16 error in PLCP header
466 5 Unsup_Mod unsupported modulation
467 4 Selected Antenna antenna 1 was used to receive this frame
468 3 PBCC/CCK frame used: 1=PBCC, 0=CCK modulation
469 2 OFDM frame used OFDM modulation
470 1 TI Protection protection frame was detected
473 phy_plcp_signal: 1 byte:
474 Receive PLCP Signal field from the Baseband Processor
477 receive AGC gain level (can be used to measure receive signal strength)
480 estimated noise power of equalized receive signal
481 at input of FEC decoder (can be used to measure receive signal quality)
484 timestamp sampled from either the Access Manager TSF counter
485 or free-running microsecond counter when the MAC receives
486 first byte of PLCP header.
489 typedef struct rxbuffer
{
490 u16 mac_cnt_rcvd
; /* only 12 bits are len! (0xfff) */
493 u8 phy_stat_baseband
; /* bit 0x80: used LNA (Low-Noise Amplifier) */
495 u8 phy_level
; /* PHY stat */
496 u8 phy_snr
; /* PHY stat */
497 u32 time
; /* timestamp upon MAC rcv first byte */
498 /* 4-byte (acx100) or 8-byte (acx111) phy header will be here
499 ** if RX_CFG1_INCLUDE_PHY_HDR is in effect:
501 struct ieee80211_hdr hdr_a3
;
502 /* maximally sized data part of wlan packet */
503 u8 data_a3
[30 + 2312 + 4 - 24]; /*WLAN_A4FR_MAXLEN_WEP_FCS - WLAN_HDR_A3_LEN]*/
504 /* can add hdr/data_a4 if needed */
505 } __attribute__ ((packed
)) rxbuffer_t
;
508 /*--- Firmware statistics ----------------------------------------------------*/
510 /* define a random 100 bytes more to catch firmware versions which
511 * provide a bigger struct */
512 #define FW_STATS_FUTURE_EXTENSION 100
514 typedef struct fw_stats_tx
{
516 } __attribute__ ((packed
)) fw_stats_tx_t
;
518 typedef struct fw_stats_rx
{
521 u32 rx_hw_stuck
; /* old: u32 rx_hdr_use_next */
522 u32 rx_dropped_frame
;
523 u32 rx_frame_ptr_err
;
524 u32 rx_xfr_hint_trig
;
525 u32 rx_aci_events
; /* later versions only */
526 u32 rx_aci_resets
; /* later versions only */
527 } __attribute__ ((packed
)) fw_stats_rx_t
;
529 typedef struct fw_stats_dma
{
534 } __attribute__ ((packed
)) fw_stats_dma_t
;
536 typedef struct fw_stats_irq
{
551 u32 hw_pm_mode_changes
;
555 } __attribute__ ((packed
)) fw_stats_irq_t
;
557 typedef struct fw_stats_wep
{
559 u32 wep_default_key_count
;
560 u32 dot11_def_key_mib
;
561 u32 wep_key_not_found
;
562 u32 wep_decrypt_fail
;
564 u32 wep_decrypt_irqs
;
565 } __attribute__ ((packed
)) fw_stats_wep_t
;
567 typedef struct fw_stats_pwr
{
569 u32 no_ps_tx_too_short
;
571 u32 no_ps_rx_too_short
;
573 u32 no_lppd_too_noisy
;
574 u32 no_lppd_too_short
;
575 u32 no_lppd_matching_frame
;
576 } __attribute__ ((packed
)) fw_stats_pwr_t
;
578 typedef struct fw_stats_mic
{
581 } __attribute__ ((packed
)) fw_stats_mic_t
;
583 typedef struct fw_stats_aes
{
590 } __attribute__ ((packed
)) fw_stats_aes_t
;
592 typedef struct fw_stats_event
{
601 } __attribute__ ((packed
)) fw_stats_event_t
;
603 /* mainly for size calculation only */
604 typedef struct fw_stats
{
615 fw_stats_event_t evt
;
616 u8 _padding
[FW_STATS_FUTURE_EXTENSION
];
619 /* Firmware version struct */
621 typedef struct fw_ver
{
626 } __attribute__ ((packed
)) fw_ver_t
;
628 #define FW_ID_SIZE 20
631 /*--- WEP stuff --------------------------------------------------------------*/
632 #define DOT11_MAX_DEFAULT_WEP_KEYS 4
634 /* non-firmware struct, no packing necessary */
635 typedef struct wep_key
{
636 size_t size
; /* most often used member first */
640 } wep_key_t
; /* size = 264 bytes (33*8) */
641 /* FIXME: We don't have size 264! Or is there 2 bytes beyond the key
642 * (strange_filler)? */
644 /* non-firmware struct, no packing necessary */
645 typedef struct key_struct
{
646 u8 addr
[ETH_ALEN
]; /* 0x00 */
647 u16 filler1
; /* 0x06 */
648 u32 filler2
; /* 0x08 */
649 u32 index
; /* 0x0c */
651 u8 key
[29]; /* 0x12; is this long enough??? */
652 } key_struct_t
; /* size = 276. FIXME: where is the remaining space?? */
655 /*--- Client (peer) info -----------------------------------------------------*/
656 /* adev->sta_list[] is used for:
657 ** accumulating and processing of scan results
658 ** keeping client info in AP mode
659 ** keeping AP info in STA mode (AP is the only one 'client')
660 ** keeping peer info in ad-hoc mode
661 ** non-firmware struct --> no packing necessary */
663 CLIENT_EMPTY_SLOT_0
= 0,
665 CLIENT_AUTHENTICATED_2
= 2,
666 CLIENT_ASSOCIATED_3
= 3,
667 CLIENT_JOIN_CANDIDATE
= 4
670 /* most frequent access first */
671 u8 used
; /* misnamed, more like 'status' */
673 unsigned long mtime
; /* last time we heard it, in jiffies */
674 size_t essid_len
; /* length of ESSID (without '\0') */
675 u32 sir
; /* Standard IR */
676 u32 snr
; /* Signal to Noise Ratio */
677 u16 aid
; /* association ID */
678 u16 seq
; /* from client's auth req */
679 u16 auth_alg
; /* from client's auth req */
680 u16 cap_info
; /* from client's assoc req */
681 u16 rate_cap
; /* what client supports (all rates) */
682 u16 rate_bas
; /* what client supports (basic rates) */
683 u16 rate_cfg
; /* what is allowed (by iwconfig etc) */
684 u16 rate_cur
; /* currently used rate mask */
685 u8 rate_100
; /* currently used rate byte (acx100 only) */
686 u8 address
[ETH_ALEN
];
687 u8 bssid
[ETH_ALEN
]; /* ad-hoc hosts can have bssid != mac */
693 char essid
[IW_ESSID_MAX_SIZE
+ 1]; /* ESSID and trailing '\0' */
694 /* FIXME: this one is too damn big */
695 char challenge_text
[128]; /*WLAN_CHALLENGE_LEN*/
699 /***********************************************************************
700 ** Hardware structures
703 /* An opaque typesafe helper type
705 * Some hardware fields are actually pointers,
706 * but they have to remain u32, since using ptr instead
707 * (8 bytes on 64bit systems!) would disrupt the fixed descriptor
708 * format the acx firmware expects in the non-user area.
709 * Since we cannot cram an 8 byte ptr into 4 bytes, we need to
710 * enforce that pointed to data remains in low memory
711 * (address value needs to fit in 4 bytes) on 64bit systems.
713 * This is easy to get wrong, thus we are using a small struct
714 * and special macros to access it. Macros will check for
715 * attempts to overflow an acx_ptr with value > 0xffffffff.
717 * Attempts to use acx_ptr without macros result in compile-time errors */
721 } __attribute__ ((packed
)) acx_ptr
;
724 #define CHECK32(n) BUG_ON(sizeof(n)>4 && (long)(n)>0xffffff00)
726 #define CHECK32(n) ((void)0)
729 /* acx_ptr <-> integer conversion */
730 #define cpu2acx(n) ({ CHECK32(n); ((acx_ptr){ .v = cpu_to_le32(n) }); })
731 #define acx2cpu(a) (le32_to_cpu(a.v))
733 /* acx_ptr <-> pointer conversion */
734 #define ptr2acx(p) ({ CHECK32(p); ((acx_ptr){ .v = cpu_to_le32((u32)(long)(p)) }); })
735 #define acx2ptr(a) ((void*)le32_to_cpu(a.v))
737 /* Values for rate field (acx100 only) */
741 #define RATE100_11 110
742 #define RATE100_22 220
743 /* This bit denotes use of PBCC:
744 ** (PBCC encoding is usable with 11 and 22 Mbps speeds only) */
745 #define RATE100_PBCC511 0x80
747 /* Bit values for rate111 field */
748 #define RATE111_1 0x0001 /* DBPSK */
749 #define RATE111_2 0x0002 /* DQPSK */
750 #define RATE111_5 0x0004 /* CCK or PBCC */
751 #define RATE111_6 0x0008 /* CCK-OFDM or OFDM */
752 #define RATE111_9 0x0010 /* CCK-OFDM or OFDM */
753 #define RATE111_11 0x0020 /* CCK or PBCC */
754 #define RATE111_12 0x0040 /* CCK-OFDM or OFDM */
755 #define RATE111_18 0x0080 /* CCK-OFDM or OFDM */
756 #define RATE111_22 0x0100 /* PBCC */
757 #define RATE111_24 0x0200 /* CCK-OFDM or OFDM */
758 #define RATE111_36 0x0400 /* CCK-OFDM or OFDM */
759 #define RATE111_48 0x0800 /* CCK-OFDM or OFDM */
760 #define RATE111_54 0x1000 /* CCK-OFDM or OFDM */
761 #define RATE111_RESERVED 0x2000
762 #define RATE111_PBCC511 0x4000 /* PBCC mod at 5.5 or 11Mbit (else CCK) */
763 #define RATE111_SHORTPRE 0x8000 /* short preamble */
764 /* Special 'try everything' value */
765 #define RATE111_ALL 0x1fff
766 /* These bits denote acx100 compatible settings */
767 #define RATE111_ACX100_COMPAT 0x0127
768 /* These bits denote 802.11b compatible settings */
769 #define RATE111_80211B_COMPAT 0x0027
771 /* Descriptor Ctl field bits
772 * init value is 0x8e, "idle" value is 0x82 (in idle tx descs)
774 #define DESC_CTL_SHORT_PREAMBLE 0x01 /* preamble type: 0 = long; 1 = short */
775 #define DESC_CTL_FIRSTFRAG 0x02 /* this is the 1st frag of the frame */
776 #define DESC_CTL_AUTODMA 0x04
777 #define DESC_CTL_RECLAIM 0x08 /* ready to reuse */
778 #define DESC_CTL_HOSTDONE 0x20 /* host has finished processing */
779 #define DESC_CTL_ACXDONE 0x40 /* acx has finished processing */
780 /* host owns the desc [has to be released last, AFTER modifying all other desc fields!] */
781 #define DESC_CTL_HOSTOWN 0x80
782 #define DESC_CTL_ACXDONE_HOSTOWN (DESC_CTL_ACXDONE | DESC_CTL_HOSTOWN)
784 /* Descriptor Status field
786 #define DESC_STATUS_FULL (1 << 31)
788 /* NB: some bits may be interesting for Monitor mode tx (aka Raw tx): */
789 #define DESC_CTL2_SEQ 0x01 /* don't increase sequence field */
790 #define DESC_CTL2_FCS 0x02 /* don't add the FCS */
791 #define DESC_CTL2_MORE_FRAG 0x04
792 #define DESC_CTL2_RETRY 0x08 /* don't increase retry field */
793 #define DESC_CTL2_POWER 0x10 /* don't increase power mgmt. field */
794 #define DESC_CTL2_RTS 0x20 /* do RTS/CTS magic before sending */
795 #define DESC_CTL2_WEP 0x40 /* encrypt this frame */
796 #define DESC_CTL2_DUR 0x80 /* don't increase duration field */
798 /***********************************************************************
802 /* Outside of "#ifdef PCI" because USB needs to know sizeof()
803 ** of txdesc and rxdesc: */
805 acx_ptr pNextDesc
; /* pointer to next txdesc */
806 acx_ptr HostMemPtr
; /* 0x04 */
807 acx_ptr AcxMemPtr
; /* 0x08 */
808 u32 tx_time
; /* 0x0c */
809 u16 total_length
; /* 0x10 */
810 u16 Reserved
; /* 0x12 */
812 /* The following 16 bytes do not change when acx100 owns the descriptor */
813 /* BUG: fw clears last byte of this area which is supposedly reserved
814 ** for driver use. amd64 blew up. We dare not use it now */
817 u8 Ctl_8
; /* 0x24, 8bit value */
818 u8 Ctl2_8
; /* 0x25, 8bit value */
820 u8 ack_failures
; /* 0x27 */
821 u8 rts_failures
; /* 0x28 */
822 u8 rts_ok
; /* 0x29 */
826 u8 queue_ctrl
; /* 0x2b */
827 } __attribute__ ((packed
)) r1
;
829 u16 rate111
; /* 0x2a */
830 } __attribute__ ((packed
)) r2
;
831 } __attribute__ ((packed
)) u
;
832 u32 queue_info
; /* 0x2c (acx100, reserved on acx111) */
833 } __attribute__ ((packed
)); /* size : 48 = 0x30 */
834 /* NB: acx111 txdesc structure is 4 byte larger */
835 /* All these 4 extra bytes are reserved. tx alloc code takes them into account */
838 acx_ptr pNextDesc
; /* 0x00 */
839 acx_ptr HostMemPtr
; /* 0x04 */
840 acx_ptr ACXMemPtr
; /* 0x08 */
841 u32 rx_time
; /* 0x0c */
842 u16 total_length
; /* 0x10 */
843 u16 WEP_length
; /* 0x12 */
844 u32 WEP_ofs
; /* 0x14 */
846 /* the following 16 bytes do not change when acx100 owns the descriptor */
847 u8 driverWorkspace
[16]; /* 0x18 */
852 u8 SNR
; /* Signal-to-Noise Ratio */
857 } __attribute__ ((packed
)); /* size 52 = 0x34 */
859 /***********************************************************************
860 ** USB structures and constants
862 #ifdef ACX_MAC80211_USB
864 /* Used for usb_txbuffer.desc field */
865 #define USB_TXBUF_TXDESC 0xA
866 /* Size of header (everything up to data[]) */
867 #define USB_TXBUF_HDRSIZE 14
868 typedef struct usb_txbuffer
{
877 /* wlan packet content is placed here: */
878 u8 data
[30 + 2312 + 4]; /*WLAN_A4FR_MAXLEN_WEP_FCS]*/
879 } __attribute__ ((packed
)) usb_txbuffer_t
;
881 /* USB returns either rx packets (see rxbuffer) or
882 ** these "tx status" structs: */
883 typedef struct usb_txstatus
{
884 u16 mac_cnt_rcvd
; /* only 12 bits are len! (0xfff) */
886 u8 mac_status
; /* seen 0x20 on tx failure */
892 // struct ieee80211_tx_status txstatus;
893 // struct sk_buff *skb;
894 } __attribute__ ((packed
)) usb_txstatus_t
;
896 typedef struct usb_tx
{
900 /* actual USB bulk output data block is here: */
901 usb_txbuffer_t bulkout
;
904 struct usb_rx_plain
{
911 typedef struct usb_rx
{
916 /* Make entire structure 4k */
917 u8 padding
[4*1024 - sizeof(struct usb_rx_plain
)];
922 /* Config Option structs */
924 typedef struct co_antennas
{
928 } __attribute__ ((packed
)) co_antennas_t
;
930 typedef struct co_powerlevels
{
934 } __attribute__ ((packed
)) co_powerlevels_t
;
936 typedef struct co_datarates
{
940 } __attribute__ ((packed
)) co_datarates_t
;
942 typedef struct co_domains
{
946 } __attribute__ ((packed
)) co_domains_t
;
948 typedef struct co_product_id
{
952 } __attribute__ ((packed
)) co_product_id_t
;
954 typedef struct co_manuf_id
{
958 } __attribute__ ((packed
)) co_manuf_t
;
960 typedef struct co_fixed
{
962 /* u16 NVS_vendor_offs; ACX111-only */
963 /* u16 unknown; ACX111-only */
964 u8 MAC
[6]; /* ACX100-only */
965 u16 probe_delay
; /* ACX100-only */
969 u8 dot11ShortPreambleOption
;
971 u8 dot11ChannelAgility
;
972 u8 dot11PhyType
; /* FIXME: does 802.11 call it "dot11PHYType"? */
975 } __attribute__ ((packed
)) co_fixed_t
;
977 typedef struct acx111_ie_configoption
{
980 /* Do not access below members directly, they are in fact variable length */
982 co_antennas_t antennas
;
983 co_powerlevels_t power_levels
;
984 co_datarates_t data_rates
;
985 co_domains_t domains
;
986 co_product_id_t product_id
;
987 co_manuf_t manufacturer
;
989 } __attribute__ ((packed
)) acx111_ie_configoption_t
;
991 /***********************************************************************
992 ** Main acx per-device data structure
994 #define ACX_STATE_FW_LOADED 0x01
995 #define ACX_STATE_IFACE_UP 0x02
997 /* MAC mode (BSS type) defines
998 * Note that they shouldn't be redefined, since they are also used
999 * during communication with firmware */
1000 #define ACX_MODE_0_ADHOC 0
1001 #define ACX_MODE_1_UNUSED 1
1002 #define ACX_MODE_2_STA 2
1003 #define ACX_MODE_3_AP 3
1004 /* These are our own inventions. Sending these to firmware
1005 ** makes it stop emitting beacons, which is exactly what we want
1006 ** for these modes */
1007 #define ACX_MODE_MONITOR 0xfe
1008 #define ACX_MODE_OFF 0xff
1009 /* 'Submode': identifies exact status of ADHOC/STA host */
1010 #define ACX_STATUS_0_STOPPED 0
1011 #define ACX_STATUS_1_SCANNING 1
1012 #define ACX_STATUS_2_WAIT_AUTH 2
1013 #define ACX_STATUS_3_AUTHENTICATED 3
1014 #define ACX_STATUS_4_ASSOCIATED 4
1016 /* FIXME: this should be named something like struct acx_priv (typedef'd to
1019 /* non-firmware struct, no packing necessary */
1021 /* most frequent accesses first (dereferencing and cache line!) */
1027 spinlock_t spinlock
;
1032 /* The IRQ we have inherited */
1034 /* Are IRQs currently activated? FIXME: should get rid of this */
1036 /* The interrupts we can acknowledge (see acx_irq.h) */
1038 /* The mask of IRQs saved by the IRQ top half routine */
1041 * FIXME: these ones should disappear
1043 unsigned int irq_loops_this_jiffy
;
1044 unsigned long irq_last_jiffies
;
1045 /* Barely used in USB case (FIXME?) */
1047 int irq_reason
; /* FIXME: should be u16 */
1048 /* Mask of jobs we have to schedule post interrupt */
1049 u8 after_interrupt_jobs
;
1051 * Work queue for the bottom half. FIXME: only one, consider a
1052 * delayed_work struct some day?
1054 struct work_struct after_interrupt_task
;
1055 #if defined(PARANOID_LOCKING) /* Lock debugging */
1056 const char *last_sem
;
1057 const char *last_lock
;
1058 unsigned long sem_time
;
1059 unsigned long lock_time
;
1062 /*** Linux network device ***/
1063 //struct device *dev; /* pointer to linux netdevice */
1065 /*** Device statistics ***/
1066 struct ieee80211_low_level_stats ieee_stats
; /* wireless device statistics */
1068 /*** Device statistics ***/
1069 struct net_device_stats stats
; /* net device statistics */
1072 // struct iw_statistics wstats; /* wireless statistics */
1074 struct ieee80211_hw
*ieee
;
1075 struct ieee80211_hw_mode modes
[2];
1076 struct ieee80211_rx_status rx_status
;
1078 struct ieee80211_vif
*vif
;
1080 /*** Power managment ***/
1081 struct pm_dev
*pm
; /* PM crap */
1083 /*** Management timer ***/
1084 struct timer_list mgmt_timer
;
1086 /*** Hardware identification ***/
1087 const char *chip_name
;
1094 /*** Config retrieved from EEPROM ***/
1095 char cfgopt_NVSv
[8];
1096 u16 cfgopt_NVS_vendor_offs
;
1098 u16 cfgopt_probe_delay
;
1099 u32 cfgopt_eof_memory
;
1100 u8 cfgopt_dot11CCAModes
;
1101 u8 cfgopt_dot11Diversity
;
1102 u8 cfgopt_dot11ShortPreambleOption
;
1103 u8 cfgopt_dot11PBCCOption
;
1104 u8 cfgopt_dot11ChannelAgility
;
1105 u8 cfgopt_dot11PhyType
;
1106 u8 cfgopt_dot11TempType
;
1107 co_antennas_t cfgopt_antennas
;
1108 co_powerlevels_t cfgopt_power_levels
;
1109 co_datarates_t cfgopt_data_rates
;
1110 co_domains_t cfgopt_domains
;
1111 co_product_id_t cfgopt_product_id
;
1112 co_manuf_t cfgopt_manufacturer
;
1114 /*** Firmware identification ***/
1115 char firmware_version
[FW_ID_SIZE
+1];
1116 u32 firmware_numver
;
1119 const u16
*ie_len_dot11
;
1121 /*** Device state ***/
1123 u8 led_power
; /* power LED status */
1124 u32 get_mask
; /* mask of settings to fetch from the card */
1125 u32 set_mask
; /* mask of settings to write to the card */
1130 u16 scan_count
; /* number of times to do channel scan */
1131 u8 scan_mode
; /* 0 == active, 1 == passive, 2 == background */
1134 u16 scan_probe_delay
;
1135 #if WIRELESS_EXT > 15
1136 // struct iw_spy_data spy_data; /* FIXME: needs to be implemented! */
1139 /*** Virtual interface struct ***/
1140 struct acx_interface interface
;
1142 /*** Wireless network settings ***/
1143 /* copy of the device address (ifconfig hw ether) that we actually use
1144 ** for 802.11; copied over from the network device's MAC address
1145 ** (ifconfig) when it makes sense only */
1146 u8 dev_addr
[MAX_ADDR_LEN
];
1147 u8 bssid
[ETH_ALEN
]; /* the BSSID after having joined */
1148 u8 ap
[ETH_ALEN
]; /* The AP we want, FF:FF:FF:FF:FF:FF is any */
1149 u16 aid
; /* The Association ID sent from the AP / last used AID if we're an AP */
1150 u16 mode
; /* mode from iwconfig */
1151 int monitor_type
; /* ARPHRD_IEEE80211 or ARPHRD_IEEE80211_PRISM */
1152 u16 status
; /* 802.11 association status */
1153 u8 essid_active
; /* specific ESSID active, or select any? */
1154 u8 essid_len
; /* to avoid dozens of strlen() */
1155 /* INCLUDES \0 termination for easy printf - but many places
1156 ** simply want the string data memcpy'd plus a length indicator!
1157 ** Keep that in mind... */
1158 char essid
[IW_ESSID_MAX_SIZE
+1];
1159 /* essid we are going to use for association, in case of "essid 'any'"
1160 ** and in case of hidden ESSID (use configured ESSID then) */
1161 char essid_for_assoc
[IW_ESSID_MAX_SIZE
+1];
1162 char nick
[IW_ESSID_MAX_SIZE
+1]; /* see essid! */
1164 u8 reg_dom_id
; /* reg domain setting */
1165 u16 reg_dom_chanmask
;
1166 u16 auth_or_assoc_retries
;
1168 unsigned long scan_start
; /* YES, jiffies is defined as "unsigned long" */
1171 /* MAC80211 Template Reference */
1172 struct sk_buff
*beacon_cache
;
1173 /* stations known to us (if we're an ap) */
1174 // client_t sta_list[32]; /* tab is larger than list, so that */
1175 // client_t *sta_hash_tab[64]; /* hash collisions are not likely */
1176 // client_t *ap_client; /* this one is our AP (STA mode only) */
1180 unsigned long dup_msg_expiry
;
1181 u16 last_seq_ctrl
; /* duplicate packet detection */
1183 /* 802.11 power save mode */
1185 u8 ps_listen_interval
;
1187 u8 ps_hangover_period
;
1188 u32 ps_enhanced_transition_time
;
1189 u32 ps_beacon_rx_time
;
1191 /*** PHY settings ***/
1192 u8 fallback_threshold
;
1193 u8 stepup_threshold
;
1198 u8 rate_auto
; /* false if "iwconfig rate N" (WITHOUT 'auto'!) */
1199 u8 preamble_mode
; /* 0 == Long Preamble, 1 == Short, 2 == Auto */
1204 /* u8 tx_level_val; */
1205 /* u8 tx_level_auto; whether to do automatic power adjustment */
1207 unsigned long recalib_time_last_success
;
1208 unsigned long recalib_time_last_attempt
;
1209 int recalib_failure_count
;
1210 int recalib_msg_ratelimit
;
1211 int retry_errors_msg_ratelimit
;
1213 unsigned long brange_time_last_state_change
; /* time the power LED was last changed */
1214 u8 brange_last_state
; /* last state of the LED */
1215 u8 brange_max_quality
; /* maximum quality that equates to full speed */
1218 u8 antenna
; /* antenna settings */
1219 u8 ed_threshold
; /* energy detect threshold */
1220 u8 cca
; /* clear channel assessment */
1227 u16 listen_interval
; /* given in units of beacon interval */
1228 u32 beacon_interval
;
1231 u8 rate_supported_len
;
1232 u8 rate_supported
[13];
1234 /*** Encryption settings (WEP) ***/
1235 u32 auth_alg
; /* used in transmit_authen1 */
1238 u8 wep_current_index
;
1239 wep_key_t wep_keys
[DOT11_MAX_DEFAULT_WEP_KEYS
]; /* the default WEP keys */
1241 key_struct_t wep_key_struct
[10];
1243 /*** Encryption Replacement for mac80211 ***/
1244 struct acx_key key
[54];
1245 u16 security_offset
;
1252 /*** Card Rx/Tx management ***/
1256 unsigned int tx_free
;
1257 unsigned int tx_head
; /* keep as close as possible to Tx stuff below (cache line) */
1260 /*************************************************************************
1261 *** PCI/USB/... must be last or else hw agnostic code breaks horribly ***
1262 *************************************************************************/
1264 /* hack to let common code compile. FIXME */
1265 dma_addr_t rxhostdesc_startphy
;
1268 #ifdef ACX_MAC80211_PCI
1269 /* pointers to tx buffers, tx host descriptors (in host memory)
1270 ** and tx descs in device memory */
1271 unsigned int tx_tail
;
1273 txhostdesc_t
*txhostdesc_start
;
1274 txdesc_t
*txdesc_start
; /* points to PCI-mapped memory */
1275 dma_addr_t txbuf_startphy
;
1276 dma_addr_t txhostdesc_startphy
;
1277 /* sizes of above host memory areas */
1278 unsigned int txbuf_area_size
;
1279 unsigned int txhostdesc_area_size
;
1281 unsigned int txdesc_size
; /* size of txdesc; ACX111 = ACX100 + 4 */
1282 client_t
*txc
[TX_CNT
];
1286 unsigned int rx_tail
;
1287 rxbuffer_t
*rxbuf_start
;
1288 rxhostdesc_t
*rxhostdesc_start
;
1289 rxdesc_t
*rxdesc_start
;
1290 /* physical addresses of above host memory areas */
1291 dma_addr_t rxbuf_startphy
;
1292 /* dma_addr_t rxhostdesc_startphy; */
1293 unsigned int rxbuf_area_size
;
1294 unsigned int rxhostdesc_area_size
;
1298 const u16
*io
; /* points to ACX100 or ACX111 PCI I/O register address set */
1301 struct pci_dev
*pdev
;
1304 struct vlynq_device
*vdev
;
1306 struct device
*bus_dev
;
1307 unsigned long membase
;
1308 unsigned long membase2
;
1309 void __iomem
*iobase
;
1310 void __iomem
*iobase2
;
1311 /* command interface */
1312 u8 __iomem
*cmd_area
;
1313 u8 __iomem
*info_area
;
1318 #ifdef ACX_MAC80211_USB
1319 struct usb_device
*usbdev
;
1321 rxbuffer_t rxtruncbuf
;
1326 int bulkinep
; /* bulk-in endpoint */
1327 int bulkoutep
; /* bulk-out endpoint */
1334 #define ieee2adev(ieee80211_hw) ((ieee80211_hw)->priv)
1336 /* For use with ACX1xx_IE_RXCONFIG */
1338 * 13 include additional header (length etc.) *required*
1339 * struct is defined in 'struct rxbuffer'
1340 * is this bit acx100 only? does acx111 always put the header,
1341 * and bit setting is irrelevant? --vda
1342 * 10 receive frames only with SSID used in last join cmd
1343 * 9 discard broadcast
1344 * 8 receive packets for multicast address 1
1345 * 7 receive packets for multicast address 0
1346 * 6 discard all multicast packets
1347 * 5 discard frames from foreign BSSID
1348 * 4 discard frames with foreign destination MAC address
1349 * 3 promiscuous mode (receive ALL frames, disable filter)
1351 * 1 include phy header
1354 #define RX_CFG1_INCLUDE_RXBUF_HDR 0x2000 /* ACX100 only */
1355 #define RX_CFG1_FILTER_SSID 0x0400
1356 #define RX_CFG1_FILTER_BCAST 0x0200
1357 #define RX_CFG1_RCV_MC_ADDR1 0x0100
1358 #define RX_CFG1_RCV_MC_ADDR0 0x0080
1359 #define RX_CFG1_FILTER_ALL_MULTI 0x0040
1360 #define RX_CFG1_FILTER_BSSID 0x0020
1361 #define RX_CFG1_FILTER_MAC 0x0010
1362 #define RX_CFG1_RCV_PROMISCUOUS 0x0008
1363 #define RX_CFG1_INCLUDE_FCS 0x0004
1364 #define RX_CFG1_INCLUDE_PHY_HDR (WANT_PHY_HDR ? 0x0002 : 0)
1366 * 11 receive association requests etc.
1367 * 10 receive authentication frames
1368 * 9 receive beacon frames
1369 * 8 receive contention free packets
1370 * 7 receive control frames
1371 * 6 receive data frames
1372 * 5 receive broken frames
1373 * 4 receive management frames
1374 * 3 receive probe requests
1375 * 2 receive probe responses
1376 * 1 receive RTS/CTS/ACK frames
1379 #define RX_CFG2_RCV_ASSOC_REQ 0x0800
1380 #define RX_CFG2_RCV_AUTH_FRAMES 0x0400
1381 #define RX_CFG2_RCV_BEACON_FRAMES 0x0200
1382 #define RX_CFG2_RCV_CONTENTION_FREE 0x0100
1383 #define RX_CFG2_RCV_CTRL_FRAMES 0x0080
1384 #define RX_CFG2_RCV_DATA_FRAMES 0x0040
1385 #define RX_CFG2_RCV_BROKEN_FRAMES 0x0020
1386 #define RX_CFG2_RCV_MGMT_FRAMES 0x0010
1387 #define RX_CFG2_RCV_PROBE_REQ 0x0008
1388 #define RX_CFG2_RCV_PROBE_RESP 0x0004
1389 #define RX_CFG2_RCV_ACK_FRAMES 0x0002
1390 #define RX_CFG2_RCV_OTHER 0x0001
1392 /* For use with ACX1xx_IE_FEATURE_CONFIG */
1393 #define FEATURE1_80MHZ_CLOCK 0x00000040L
1394 #define FEATURE1_4X 0x00000020L
1395 #define FEATURE1_LOW_RX 0x00000008L
1396 #define FEATURE1_EXTRA_LOW_RX 0x00000001L
1398 #define FEATURE2_SNIFFER 0x00000080L
1399 #define FEATURE2_NO_TXCRYPT 0x00000001L
1401 /*-- get and set mask values --*/
1402 #define GETSET_LED_POWER 0x00000001L
1403 #define GETSET_STATION_ID 0x00000002L
1404 #define SET_TEMPLATES 0x00000004L
1405 #define SET_STA_LIST 0x00000008L
1406 #define GETSET_TX 0x00000010L
1407 #define GETSET_RX 0x00000020L
1408 #define SET_RXCONFIG 0x00000040L
1409 #define GETSET_ANTENNA 0x00000080L
1410 #define GETSET_SENSITIVITY 0x00000100L
1411 #define GETSET_TXPOWER 0x00000200L
1412 #define GETSET_ED_THRESH 0x00000400L
1413 #define GETSET_CCA 0x00000800L
1414 #define GETSET_POWER_80211 0x00001000L
1415 #define GETSET_RETRY 0x00002000L
1416 #define GETSET_REG_DOMAIN 0x00004000L
1417 #define GETSET_CHANNEL 0x00008000L
1418 /* Used when ESSID changes etc and we need to scan for AP anew */
1419 #define GETSET_RESCAN 0x00010000L
1420 #define GETSET_MODE 0x00020000L
1421 #define GETSET_WEP 0x00040000L
1422 #define SET_WEP_OPTIONS 0x00080000L
1423 #define SET_MSDU_LIFETIME 0x00100000L
1424 #define SET_RATE_FALLBACK 0x00200000L
1426 /* keep in sync with the above */
1427 #define GETSET_ALL (0 \
1428 /* GETSET_LED_POWER */ | 0x00000001L \
1429 /* GETSET_STATION_ID */ | 0x00000002L \
1430 /* SET_TEMPLATES */ | 0x00000004L \
1431 /* SET_STA_LIST */ | 0x00000008L \
1432 /* GETSET_TX */ | 0x00000010L \
1433 /* GETSET_RX */ | 0x00000020L \
1434 /* SET_RXCONFIG */ | 0x00000040L \
1435 /* GETSET_ANTENNA */ | 0x00000080L \
1436 /* GETSET_SENSITIVITY */| 0x00000100L \
1437 /* GETSET_TXPOWER */ | 0x00000200L \
1438 /* GETSET_ED_THRESH */ | 0x00000400L \
1439 /* GETSET_CCA */ | 0x00000800L \
1440 /* GETSET_POWER_80211 */| 0x00001000L \
1441 /* GETSET_RETRY */ | 0x00002000L \
1442 /* GETSET_REG_DOMAIN */ | 0x00004000L \
1443 /* GETSET_CHANNEL */ | 0x00008000L \
1444 /* GETSET_RESCAN */ | 0x00010000L \
1445 /* GETSET_MODE */ | 0x00020000L \
1446 /* GETSET_WEP */ | 0x00040000L \
1447 /* SET_WEP_OPTIONS */ | 0x00080000L \
1448 /* SET_MSDU_LIFETIME */ | 0x00100000L \
1449 /* SET_RATE_FALLBACK */ | 0x00200000L \
1452 /***********************************************************************
1454 typedef struct acx100_ie_memblocksize
{
1458 } __attribute__ ((packed
)) acx100_ie_memblocksize_t
;
1460 typedef struct acx100_ie_queueconfig
{
1467 u8 NumRxDesc
; /* for USB only */
1470 u32 HostQueueEnd
; /* QueueEnd2 */
1475 } __attribute__ ((packed
)) acx100_ie_queueconfig_t
;
1477 typedef struct acx111_ie_queueconfig
{
1480 u32 tx_memory_block_address
;
1481 u32 rx_memory_block_address
;
1482 u32 rx1_queue_address
;
1484 u32 tx1_queue_address
;
1488 } __attribute__ ((packed
)) acx111_ie_queueconfig_t
;
1490 typedef struct acx100_ie_memconfigoption
{
1494 acx_ptr pRxHostDesc
;
1499 } __attribute__ ((packed
)) acx100_ie_memconfigoption_t
;
1501 typedef struct acx111_ie_memoryconfig
{
1505 u16 memory_block_size
;
1506 u8 tx_rx_memory_block_allocation
;
1514 /* start of rx1 block */
1515 u8 rx_queue1_count_descs
;
1516 u8 rx_queue1_reserved1
;
1517 u8 rx_queue1_type
; /* must be set to 7 */
1518 u8 rx_queue1_prio
; /* must be set to 0 */
1519 acx_ptr rx_queue1_host_rx_start
;
1520 /* end of rx1 block */
1522 /* start of tx1 block */
1523 u8 tx_queue1_count_descs
;
1524 u8 tx_queue1_reserved1
;
1525 u8 tx_queue1_reserved2
;
1526 u8 tx_queue1_attributes
;
1527 /* end of tx1 block */
1528 } __attribute__ ((packed
)) acx111_ie_memoryconfig_t
;
1530 typedef struct acx_ie_memmap
{
1537 u32 PacketTemplateStart
;
1538 u32 PacketTemplateEnd
;
1543 } __attribute__ ((packed
)) acx_ie_memmap_t
;
1545 typedef struct acx111_ie_feature_config
{
1548 u32 feature_options
;
1549 u32 data_flow_options
;
1550 } __attribute__ ((packed
)) acx111_ie_feature_config_t
;
1552 typedef struct acx111_ie_tx_level
{
1556 } __attribute__ ((packed
)) acx111_ie_tx_level_t
;
1558 #define PS_CFG_ENABLE 0x80
1559 #define PS_CFG_PENDING 0x40 /* status flag when entering PS */
1560 #define PS_CFG_WAKEUP_MODE_MASK 0x07
1561 #define PS_CFG_WAKEUP_BY_HOST 0x03
1562 #define PS_CFG_WAKEUP_EACH_ITVL 0x02
1563 #define PS_CFG_WAKEUP_ON_DTIM 0x01
1564 #define PS_CFG_WAKEUP_ALL_BEAC 0x00
1566 /* Enhanced PS mode: sleep until Rx Beacon w/ the STA's AID bit set
1567 ** in the TIM; newer firmwares only(?) */
1568 #define PS_OPT_ENA_ENHANCED_PS 0x04
1569 #define PS_OPT_TX_PSPOLL 0x02 /* send PSPoll frame to fetch waiting frames from AP (on frame with matching AID) */
1570 #define PS_OPT_STILL_RCV_BCASTS 0x01
1572 typedef struct acx100_ie_powersave
{
1576 u8 listen_interval
; /* for EACH_ITVL: wake up every "beacon units" interval */
1578 u8 hangover_period
; /* remaining wake time after Tx MPDU w/ PS bit, in values of 1/1024 seconds */
1579 u16 enhanced_ps_transition_time
; /* rem. wake time for Enh. PS */
1580 } __attribute__ ((packed
)) acx100_ie_powersave_t
;
1582 typedef struct acx111_ie_powersave
{
1586 u8 listen_interval
; /* for EACH_ITVL: wake up every "beacon units" interval */
1588 u8 hangover_period
; /* remaining wake time after Tx MPDU w/ PS bit, in values of 1/1024 seconds */
1590 u32 enhanced_ps_transition_time
; /* rem. wake time for Enh. PS */
1591 } __attribute__ ((packed
)) acx111_ie_powersave_t
;
1594 /***********************************************************************
1595 ** Commands and template structures
1599 ** SCAN command structure
1601 ** even though acx100 scan rates match RATE100 constants,
1602 ** acx111 ones do not match! Therefore we do not use RATE100 #defines */
1603 #define ACX_SCAN_RATE_1 10
1604 #define ACX_SCAN_RATE_2 20
1605 #define ACX_SCAN_RATE_5 55
1606 #define ACX_SCAN_RATE_11 110
1607 #define ACX_SCAN_RATE_22 220
1608 #define ACX_SCAN_RATE_PBCC 0x80 /* OR with this if needed */
1609 #define ACX_SCAN_OPT_ACTIVE 0x00 /* a bit mask */
1610 #define ACX_SCAN_OPT_PASSIVE 0x01
1611 /* Background scan: we go into Power Save mode (by transmitting
1612 ** NULL data frame to AP with the power mgmt bit set), do the scan,
1613 ** and then exit Power Save mode. A plus is that AP buffers frames
1614 ** for us while we do background scan. Thus we avoid frame losses.
1615 ** Background scan can be active or passive, just like normal one */
1616 #define ACX_SCAN_OPT_BACKGROUND 0x02
1617 typedef struct acx100_scan
{
1618 u16 count
; /* number of scans to do, 0xffff == continuous */
1620 u16 flags
; /* channel list mask; 0x8000 == all channels? */
1621 u8 max_rate
; /* max. probe rate */
1622 u8 options
; /* bit mask, see defines above */
1624 u16 max_probe_delay
;
1625 } __attribute__ ((packed
)) acx100_scan_t
; /* length 0xc */
1627 #define ACX111_SCAN_RATE_6 0x0B
1628 #define ACX111_SCAN_RATE_9 0x0F
1629 #define ACX111_SCAN_RATE_12 0x0A
1630 #define ACX111_SCAN_RATE_18 0x0E
1631 #define ACX111_SCAN_RATE_24 0x09
1632 #define ACX111_SCAN_RATE_36 0x0D
1633 #define ACX111_SCAN_RATE_48 0x08
1634 #define ACX111_SCAN_RATE_54 0x0C
1635 #define ACX111_SCAN_OPT_5GHZ 0x04 /* else 2.4GHZ */
1636 #define ACX111_SCAN_MOD_SHORTPRE 0x01 /* you can combine SHORTPRE and PBCC */
1637 #define ACX111_SCAN_MOD_PBCC 0x80
1638 #define ACX111_SCAN_MOD_OFDM 0x40
1639 typedef struct acx111_scan
{
1640 u16 count
; /* number of scans to do */
1641 u8 channel_list_select
; /* 0: scan all channels, 1: from chan_list only */
1644 u8 rate
; /* rate for probe requests (if active scan) */
1645 u8 options
; /* bit mask, see defines above */
1646 u16 chan_duration
; /* min time to wait for reply on one channel (in TU) */
1647 /* (active scan only) (802.11 section 11.1.3.2.2) */
1648 u16 max_probe_delay
; /* max time to wait for reply on one channel (active scan) */
1649 /* time to listen on a channel (passive scan) */
1651 u8 channel_list
[26]; /* bits 7:0 first byte: channels 8:1 */
1652 /* bits 7:0 second byte: channels 16:9 */
1653 /* 26 bytes is enough to cover 802.11a */
1654 } __attribute__ ((packed
)) acx111_scan_t
;
1657 ** Radio calibration command structure
1659 typedef struct acx111_cmd_radiocalib
{
1660 /* 0x80000000 == automatic calibration by firmware, according to interval;
1661 * bits 0..3: select calibration methods to go through:
1662 * calib based on DC, AfeDC, Tx mismatch, Tx equilization */
1665 } __attribute__ ((packed
)) acx111_cmd_radiocalib_t
;
1668 ** Packet template structures
1670 ** Packet templates store contents of Beacon, Probe response, Probe request,
1671 ** Null data frame, and TIM data frame. Firmware automatically transmits
1672 ** contents of template at appropriate time:
1673 ** - Beacon: when configured as AP or Ad-hoc
1674 ** - Probe response: when configured as AP or Ad-hoc, whenever
1675 ** a Probe request frame is received
1676 ** - Probe request: when host issues SCAN command (active)
1677 ** - Null data frame: when entering 802.11 power save mode
1678 ** - TIM data: at the end of Beacon frames (if no TIM template
1679 ** is configured, then transmits default TIM)
1681 ** - size field must be set to size of actual template
1682 ** (NOT sizeof(struct) - templates are variable in length),
1683 ** size field is not itself counted.
1684 ** - members flagged with an asterisk must be initialized with host,
1685 ** rest must be zero filled.
1686 ** - variable length fields shown only in comments */
1687 typedef struct acx_template_tim
{
1689 u8 tim_eid
; /* 00 1 TIM IE ID * */
1690 u8 len
; /* 01 1 Length * */
1691 u8 dtim_cnt
; /* 02 1 DTIM Count */
1692 u8 dtim_period
; /* 03 1 DTIM Period */
1693 u8 bitmap_ctrl
; /* 04 1 Bitmap Control * (except bit0) */
1694 /* 05 n Partial Virtual Bitmap * */
1695 u8 variable
[0x100 - 1-1-1-1-1];
1696 } __attribute__ ((packed
)) acx_template_tim_t
;
1698 typedef struct acx_template_probereq
{
1700 u16 fc
; /* 00 2 fc * */
1701 u16 dur
; /* 02 2 Duration */
1702 u8 da
[6]; /* 04 6 Destination Address * */
1703 u8 sa
[6]; /* 0A 6 Source Address * */
1704 u8 bssid
[6]; /* 10 6 BSSID * */
1705 u16 seq
; /* 16 2 Sequence Control */
1707 /* nn n Supported Rates * */
1708 u8 variable
[0x44 - 2-2-6-6-6-2];
1709 } __attribute__ ((packed
)) acx_template_probereq_t
;
1711 typedef struct acx_template_proberesp
{
1713 u16 fc
; /* 00 2 fc * (bits [15:12] and [10:8] per 802.11 section 7.1.3.1) */
1714 u16 dur
; /* 02 2 Duration */
1715 u8 da
[6]; /* 04 6 Destination Address */
1716 u8 sa
[6]; /* 0A 6 Source Address */
1717 u8 bssid
[6]; /* 10 6 BSSID */
1718 u16 seq
; /* 16 2 Sequence Control */
1719 u8 timestamp
[8];/* 18 8 Timestamp */
1720 u16 beacon_interval
; /* 20 2 Beacon Interval * */
1721 u16 cap
; /* 22 2 Capability Information * */
1723 /* nn n Supported Rates * */
1724 /* nn 1 DS Parameter Set * */
1725 u8 variable
[0x54 - 2-2-6-6-6-2-8-2-2];
1726 } __attribute__ ((packed
)) acx_template_proberesp_t
;
1727 #define acx_template_beacon_t acx_template_proberesp_t
1728 #define acx_template_beacon acx_template_proberesp
1730 typedef struct acx_template_nullframe
{
1732 struct ieee80211_hdr hdr
;
1733 } __attribute__ ((packed
)) acx_template_nullframe_t
;
1737 ** JOIN command structure
1739 ** as opposed to acx100, acx111 dtim interval is AFTER rates_basic111.
1740 ** NOTE: took me about an hour to get !@#$%^& packing right --> struct packing is eeeeevil... */
1741 typedef struct acx_joinbss
{
1743 u16 beacon_interval
;
1749 } __attribute__ ((packed
)) acx100
;
1753 } __attribute__ ((packed
)) acx111
;
1754 } __attribute__ ((packed
)) u
;
1755 u8 genfrm_txrate
; /* generated frame (bcn, proberesp, RTS, PSpoll) tx rate */
1756 u8 genfrm_mod_pre
; /* generated frame modulation/preamble:
1757 ** bit7: PBCC, bit6: OFDM (else CCK/DQPSK/DBPSK)
1758 ** bit5: short pre */
1759 u8 macmode
; /* BSS Type, must be one of ACX_MODE_xxx */
1762 char essid
[IW_ESSID_MAX_SIZE
];
1763 } __attribute__ ((packed
)) acx_joinbss_t
;
1765 #define JOINBSS_RATES_1 0x01
1766 #define JOINBSS_RATES_2 0x02
1767 #define JOINBSS_RATES_5 0x04
1768 #define JOINBSS_RATES_11 0x08
1769 #define JOINBSS_RATES_22 0x10
1771 /* Looks like missing bits are used to indicate 11g rates!
1772 ** (it follows from the fact that constants below match 1:1 to RATE111_nn)
1773 ** This was actually seen! Look at that Assoc Request sent by acx111,
1774 ** it _does_ contain 11g rates in basic set:
1775 01:30:20.070772 Beacon (xxx) [1.0* 2.0* 5.5* 11.0* 6.0* 9.0* 12.0* 18.0* 24.0* 36.0* 48.0* 54.0* Mbit] ESS CH: 1
1776 01:30:20.074425 Authentication (Open System)-1: Succesful
1777 01:30:20.076539 Authentication (Open System)-2:
1778 01:30:20.076620 Acknowledgment
1779 01:30:20.088546 Assoc Request (xxx) [1.0* 2.0* 5.5* 6.0* 9.0* 11.0* 12.0* 18.0* 24.0* 36.0* 48.0* 54.0* Mbit]
1780 01:30:20.122413 Assoc Response AID(1) :: Succesful
1781 01:30:20.122679 Acknowledgment
1782 01:30:20.173204 Beacon (xxx) [1.0* 2.0* 5.5* 11.0* 6.0* 9.0* 12.0* 18.0* 24.0* 36.0* 48.0* 54.0* Mbit] ESS CH: 1
1784 #define JOINBSS_RATES_BASIC111_1 0x0001
1785 #define JOINBSS_RATES_BASIC111_2 0x0002
1786 #define JOINBSS_RATES_BASIC111_5 0x0004
1787 #define JOINBSS_RATES_BASIC111_11 0x0020
1788 #define JOINBSS_RATES_BASIC111_22 0x0100
1791 /***********************************************************************
1793 typedef struct mem_read_write
{
1795 u16 type
; /* 0x0 int. RAM / 0xffff MAC reg. / 0x81 PHY RAM / 0x82 PHY reg.; or maybe it's actually 0x30 for MAC? Better verify it by writing and reading back and checking whether the value holds! */
1798 } __attribute__ ((packed
)) mem_read_write_t
;
1800 typedef struct firmware_image
{
1803 u8 data
[1]; /* the byte array of the actual firmware... */
1804 } __attribute__ ((packed
)) firmware_image_t
;
1806 typedef struct acx_cmd_radioinit
{
1809 } __attribute__ ((packed
)) acx_cmd_radioinit_t
;
1811 typedef struct acx100_ie_wep_options
{
1814 u16 NumKeys
; /* max # of keys */
1815 u8 WEPOption
; /* 0 == decrypt default key only, 1 == override decrypt */
1816 u8 Pad
; /* used only for acx111 */
1817 } __attribute__ ((packed
)) acx100_ie_wep_options_t
;
1819 typedef struct ie_dot11WEPDefaultKey
{
1825 u8 key
[29]; /* check this! was Key[19] */
1826 } __attribute__ ((packed
)) ie_dot11WEPDefaultKey_t
;
1828 typedef struct acx111WEPDefaultKey
{
1829 u8 MacAddr
[ETH_ALEN
];
1830 u16 action
; /* NOTE: this is a u16, NOT a u8!! */
1837 u8 key
[32]; /* up to 32 bytes (for TKIP!) */
1838 } __attribute__ ((packed
)) acx111WEPDefaultKey_t
;
1840 typedef struct ie_dot11WEPDefaultKeyID
{
1844 } __attribute__ ((packed
)) ie_dot11WEPDefaultKeyID_t
;
1846 typedef struct acx100_cmd_wep_mgmt
{
1847 u8 MacAddr
[ETH_ALEN
];
1850 u8 Key
[29]; /* 29*8 == 232bits == WEP256 */
1851 } __attribute__ ((packed
)) acx100_cmd_wep_mgmt_t
;
1853 typedef struct acx_ie_generic
{
1857 /* Association ID IE: just a 16bit value: */
1859 /* generic member for quick implementation of commands */
1861 } __attribute__ ((packed
)) m
;
1862 } __attribute__ ((packed
)) acx_ie_generic_t
;
1864 #define ACX_SEC_KEYSIZE 16
1865 /* Security algorithms. */
1868 ACX_SEC_ALGO_NONE
= 0, /* unencrypted, as of TX header. */
1870 ACX_SEC_ALGO_UNKNOWN
,
1872 ACX_SEC_ALGO_WEP104
,
1875 /***********************************************************************
1877 #define CHECK_SIZEOF(type,size) { \
1878 extern void BUG_bad_size_for_##type(void); \
1879 if (sizeof(type)!=(size)) BUG_bad_size_for_##type(); \
1883 acx_struct_size_check(void)
1885 CHECK_SIZEOF(txdesc_t
, 0x30);
1886 CHECK_SIZEOF(acx100_ie_memconfigoption_t
, 24);
1887 CHECK_SIZEOF(acx100_ie_queueconfig_t
, 0x20);
1888 CHECK_SIZEOF(acx_joinbss_t
, 0x30);
1889 /* IEs need 4 bytes for (type,len) tuple */
1890 CHECK_SIZEOF(acx111_ie_configoption_t
, ACX111_IE_CONFIG_OPTIONS_LEN
+ 4);
1894 /***********************************************************************
1897 extern const u8 acx_bitpos2ratebyte
[];
1898 extern const u8 acx_bitpos2rate100
[];
1900 extern const u8 acx_reg_domain_ids
[];
1901 extern const char * const acx_reg_domain_strings
[];
1903 acx_reg_domain_ids_len
= 8
1906 //extern const struct iw_handler_def acx_ioctl_handler_def;
1908 #endif /* _ACX_STRUCT_H_ */