1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  Copyright (C) 2003,2004 Aurelien Alleaume <slts@free.fr>
4  */
5 
6 #include <linux/kernel.h>
7 #include <linux/slab.h>
8 
9 #include "prismcompat.h"
10 #include "islpci_dev.h"
11 #include "islpci_mgt.h"
12 #include "isl_oid.h"
13 #include "oid_mgt.h"
14 #include "isl_ioctl.h"
15 
16 /* to convert between channel and freq */
17 static const int frequency_list_bg[] = { 2412, 2417, 2422, 2427, 2432,
18 	2437, 2442, 2447, 2452, 2457, 2462, 2467, 2472, 2484
19 };
20 
21 int
channel_of_freq(int f)22 channel_of_freq(int f)
23 {
24 	int c = 0;
25 
26 	if ((f >= 2412) && (f <= 2484)) {
27 		while ((c < 14) && (f != frequency_list_bg[c]))
28 			c++;
29 		return (c >= 14) ? 0 : ++c;
30 	} else if ((f >= (int) 5000) && (f <= (int) 6000)) {
31 		return ( (f - 5000) / 5 );
32 	} else
33 		return 0;
34 }
35 
36 #define OID_STRUCT(name,oid,s,t) [name] = {oid, 0, sizeof(s), t}
37 #define OID_STRUCT_C(name,oid,s,t) OID_STRUCT(name,oid,s,t | OID_FLAG_CACHED)
38 #define OID_U32(name,oid) OID_STRUCT(name,oid,u32,OID_TYPE_U32)
39 #define OID_U32_C(name,oid) OID_STRUCT_C(name,oid,u32,OID_TYPE_U32)
40 #define OID_STRUCT_MLME(name,oid) OID_STRUCT(name,oid,struct obj_mlme,OID_TYPE_MLME)
41 #define OID_STRUCT_MLMEEX(name,oid) OID_STRUCT(name,oid,struct obj_mlmeex,OID_TYPE_MLMEEX)
42 
43 #define OID_UNKNOWN(name,oid) OID_STRUCT(name,oid,0,0)
44 
45 struct oid_t isl_oid[] = {
46 	OID_STRUCT(GEN_OID_MACADDRESS, 0x00000000, u8[6], OID_TYPE_ADDR),
47 	OID_U32(GEN_OID_LINKSTATE, 0x00000001),
48 	OID_UNKNOWN(GEN_OID_WATCHDOG, 0x00000002),
49 	OID_UNKNOWN(GEN_OID_MIBOP, 0x00000003),
50 	OID_UNKNOWN(GEN_OID_OPTIONS, 0x00000004),
51 	OID_UNKNOWN(GEN_OID_LEDCONFIG, 0x00000005),
52 
53 	/* 802.11 */
54 	OID_U32_C(DOT11_OID_BSSTYPE, 0x10000000),
55 	OID_STRUCT_C(DOT11_OID_BSSID, 0x10000001, u8[6], OID_TYPE_RAW),
56 	OID_STRUCT_C(DOT11_OID_SSID, 0x10000002, struct obj_ssid,
57 		     OID_TYPE_SSID),
58 	OID_U32(DOT11_OID_STATE, 0x10000003),
59 	OID_U32(DOT11_OID_AID, 0x10000004),
60 	OID_STRUCT(DOT11_OID_COUNTRYSTRING, 0x10000005, u8[4], OID_TYPE_RAW),
61 	OID_STRUCT_C(DOT11_OID_SSIDOVERRIDE, 0x10000006, struct obj_ssid,
62 		     OID_TYPE_SSID),
63 
64 	OID_U32(DOT11_OID_MEDIUMLIMIT, 0x11000000),
65 	OID_U32_C(DOT11_OID_BEACONPERIOD, 0x11000001),
66 	OID_U32(DOT11_OID_DTIMPERIOD, 0x11000002),
67 	OID_U32(DOT11_OID_ATIMWINDOW, 0x11000003),
68 	OID_U32(DOT11_OID_LISTENINTERVAL, 0x11000004),
69 	OID_U32(DOT11_OID_CFPPERIOD, 0x11000005),
70 	OID_U32(DOT11_OID_CFPDURATION, 0x11000006),
71 
72 	OID_U32_C(DOT11_OID_AUTHENABLE, 0x12000000),
73 	OID_U32_C(DOT11_OID_PRIVACYINVOKED, 0x12000001),
74 	OID_U32_C(DOT11_OID_EXUNENCRYPTED, 0x12000002),
75 	OID_U32_C(DOT11_OID_DEFKEYID, 0x12000003),
76 	[DOT11_OID_DEFKEYX] = {0x12000004, 3, sizeof (struct obj_key),
77 			       OID_FLAG_CACHED | OID_TYPE_KEY},	/* DOT11_OID_DEFKEY1,...DOT11_OID_DEFKEY4 */
78 	OID_UNKNOWN(DOT11_OID_STAKEY, 0x12000008),
79 	OID_U32(DOT11_OID_REKEYTHRESHOLD, 0x12000009),
80 	OID_UNKNOWN(DOT11_OID_STASC, 0x1200000a),
81 
82 	OID_U32(DOT11_OID_PRIVTXREJECTED, 0x1a000000),
83 	OID_U32(DOT11_OID_PRIVRXPLAIN, 0x1a000001),
84 	OID_U32(DOT11_OID_PRIVRXFAILED, 0x1a000002),
85 	OID_U32(DOT11_OID_PRIVRXNOKEY, 0x1a000003),
86 
87 	OID_U32_C(DOT11_OID_RTSTHRESH, 0x13000000),
88 	OID_U32_C(DOT11_OID_FRAGTHRESH, 0x13000001),
89 	OID_U32_C(DOT11_OID_SHORTRETRIES, 0x13000002),
90 	OID_U32_C(DOT11_OID_LONGRETRIES, 0x13000003),
91 	OID_U32_C(DOT11_OID_MAXTXLIFETIME, 0x13000004),
92 	OID_U32(DOT11_OID_MAXRXLIFETIME, 0x13000005),
93 	OID_U32(DOT11_OID_AUTHRESPTIMEOUT, 0x13000006),
94 	OID_U32(DOT11_OID_ASSOCRESPTIMEOUT, 0x13000007),
95 
96 	OID_UNKNOWN(DOT11_OID_ALOFT_TABLE, 0x1d000000),
97 	OID_UNKNOWN(DOT11_OID_ALOFT_CTRL_TABLE, 0x1d000001),
98 	OID_UNKNOWN(DOT11_OID_ALOFT_RETREAT, 0x1d000002),
99 	OID_UNKNOWN(DOT11_OID_ALOFT_PROGRESS, 0x1d000003),
100 	OID_U32(DOT11_OID_ALOFT_FIXEDRATE, 0x1d000004),
101 	OID_UNKNOWN(DOT11_OID_ALOFT_RSSIGRAPH, 0x1d000005),
102 	OID_UNKNOWN(DOT11_OID_ALOFT_CONFIG, 0x1d000006),
103 
104 	[DOT11_OID_VDCFX] = {0x1b000000, 7, 0, 0},
105 	OID_U32(DOT11_OID_MAXFRAMEBURST, 0x1b000008),
106 
107 	OID_U32(DOT11_OID_PSM, 0x14000000),
108 	OID_U32(DOT11_OID_CAMTIMEOUT, 0x14000001),
109 	OID_U32(DOT11_OID_RECEIVEDTIMS, 0x14000002),
110 	OID_U32(DOT11_OID_ROAMPREFERENCE, 0x14000003),
111 
112 	OID_U32(DOT11_OID_BRIDGELOCAL, 0x15000000),
113 	OID_U32(DOT11_OID_CLIENTS, 0x15000001),
114 	OID_U32(DOT11_OID_CLIENTSASSOCIATED, 0x15000002),
115 	[DOT11_OID_CLIENTX] = {0x15000003, 2006, 0, 0},	/* DOT11_OID_CLIENTX,...DOT11_OID_CLIENT2007 */
116 
117 	OID_STRUCT(DOT11_OID_CLIENTFIND, 0x150007DB, u8[6], OID_TYPE_ADDR),
118 	OID_STRUCT(DOT11_OID_WDSLINKADD, 0x150007DC, u8[6], OID_TYPE_ADDR),
119 	OID_STRUCT(DOT11_OID_WDSLINKREMOVE, 0x150007DD, u8[6], OID_TYPE_ADDR),
120 	OID_STRUCT(DOT11_OID_EAPAUTHSTA, 0x150007DE, u8[6], OID_TYPE_ADDR),
121 	OID_STRUCT(DOT11_OID_EAPUNAUTHSTA, 0x150007DF, u8[6], OID_TYPE_ADDR),
122 	OID_U32_C(DOT11_OID_DOT1XENABLE, 0x150007E0),
123 	OID_UNKNOWN(DOT11_OID_MICFAILURE, 0x150007E1),
124 	OID_UNKNOWN(DOT11_OID_REKEYINDICATE, 0x150007E2),
125 
126 	OID_U32(DOT11_OID_MPDUTXSUCCESSFUL, 0x16000000),
127 	OID_U32(DOT11_OID_MPDUTXONERETRY, 0x16000001),
128 	OID_U32(DOT11_OID_MPDUTXMULTIPLERETRIES, 0x16000002),
129 	OID_U32(DOT11_OID_MPDUTXFAILED, 0x16000003),
130 	OID_U32(DOT11_OID_MPDURXSUCCESSFUL, 0x16000004),
131 	OID_U32(DOT11_OID_MPDURXDUPS, 0x16000005),
132 	OID_U32(DOT11_OID_RTSSUCCESSFUL, 0x16000006),
133 	OID_U32(DOT11_OID_RTSFAILED, 0x16000007),
134 	OID_U32(DOT11_OID_ACKFAILED, 0x16000008),
135 	OID_U32(DOT11_OID_FRAMERECEIVES, 0x16000009),
136 	OID_U32(DOT11_OID_FRAMEERRORS, 0x1600000A),
137 	OID_U32(DOT11_OID_FRAMEABORTS, 0x1600000B),
138 	OID_U32(DOT11_OID_FRAMEABORTSPHY, 0x1600000C),
139 
140 	OID_U32(DOT11_OID_SLOTTIME, 0x17000000),
141 	OID_U32(DOT11_OID_CWMIN, 0x17000001),
142 	OID_U32(DOT11_OID_CWMAX, 0x17000002),
143 	OID_U32(DOT11_OID_ACKWINDOW, 0x17000003),
144 	OID_U32(DOT11_OID_ANTENNARX, 0x17000004),
145 	OID_U32(DOT11_OID_ANTENNATX, 0x17000005),
146 	OID_U32(DOT11_OID_ANTENNADIVERSITY, 0x17000006),
147 	OID_U32_C(DOT11_OID_CHANNEL, 0x17000007),
148 	OID_U32_C(DOT11_OID_EDTHRESHOLD, 0x17000008),
149 	OID_U32(DOT11_OID_PREAMBLESETTINGS, 0x17000009),
150 	OID_STRUCT(DOT11_OID_RATES, 0x1700000A, u8[IWMAX_BITRATES + 1],
151 		   OID_TYPE_RAW),
152 	OID_U32(DOT11_OID_CCAMODESUPPORTED, 0x1700000B),
153 	OID_U32(DOT11_OID_CCAMODE, 0x1700000C),
154 	OID_UNKNOWN(DOT11_OID_RSSIVECTOR, 0x1700000D),
155 	OID_UNKNOWN(DOT11_OID_OUTPUTPOWERTABLE, 0x1700000E),
156 	OID_U32(DOT11_OID_OUTPUTPOWER, 0x1700000F),
157 	OID_STRUCT(DOT11_OID_SUPPORTEDRATES, 0x17000010,
158 		   u8[IWMAX_BITRATES + 1], OID_TYPE_RAW),
159 	OID_U32_C(DOT11_OID_FREQUENCY, 0x17000011),
160 	[DOT11_OID_SUPPORTEDFREQUENCIES] =
161 	    {0x17000012, 0, sizeof (struct obj_frequencies)
162 	     + sizeof (u16) * IWMAX_FREQ, OID_TYPE_FREQUENCIES},
163 
164 	OID_U32(DOT11_OID_NOISEFLOOR, 0x17000013),
165 	OID_STRUCT(DOT11_OID_FREQUENCYACTIVITY, 0x17000014, u8[IWMAX_FREQ + 1],
166 		   OID_TYPE_RAW),
167 	OID_UNKNOWN(DOT11_OID_IQCALIBRATIONTABLE, 0x17000015),
168 	OID_U32(DOT11_OID_NONERPPROTECTION, 0x17000016),
169 	OID_U32(DOT11_OID_SLOTSETTINGS, 0x17000017),
170 	OID_U32(DOT11_OID_NONERPTIMEOUT, 0x17000018),
171 	OID_U32(DOT11_OID_PROFILES, 0x17000019),
172 	OID_STRUCT(DOT11_OID_EXTENDEDRATES, 0x17000020,
173 		   u8[IWMAX_BITRATES + 1], OID_TYPE_RAW),
174 
175 	OID_STRUCT_MLME(DOT11_OID_DEAUTHENTICATE, 0x18000000),
176 	OID_STRUCT_MLME(DOT11_OID_AUTHENTICATE, 0x18000001),
177 	OID_STRUCT_MLME(DOT11_OID_DISASSOCIATE, 0x18000002),
178 	OID_STRUCT_MLME(DOT11_OID_ASSOCIATE, 0x18000003),
179 	OID_UNKNOWN(DOT11_OID_SCAN, 0x18000004),
180 	OID_STRUCT_MLMEEX(DOT11_OID_BEACON, 0x18000005),
181 	OID_STRUCT_MLMEEX(DOT11_OID_PROBE, 0x18000006),
182 	OID_STRUCT_MLMEEX(DOT11_OID_DEAUTHENTICATEEX, 0x18000007),
183 	OID_STRUCT_MLMEEX(DOT11_OID_AUTHENTICATEEX, 0x18000008),
184 	OID_STRUCT_MLMEEX(DOT11_OID_DISASSOCIATEEX, 0x18000009),
185 	OID_STRUCT_MLMEEX(DOT11_OID_ASSOCIATEEX, 0x1800000A),
186 	OID_STRUCT_MLMEEX(DOT11_OID_REASSOCIATE, 0x1800000B),
187 	OID_STRUCT_MLMEEX(DOT11_OID_REASSOCIATEEX, 0x1800000C),
188 
189 	OID_U32(DOT11_OID_NONERPSTATUS, 0x1E000000),
190 
191 	OID_U32(DOT11_OID_STATIMEOUT, 0x19000000),
192 	OID_U32_C(DOT11_OID_MLMEAUTOLEVEL, 0x19000001),
193 	OID_U32(DOT11_OID_BSSTIMEOUT, 0x19000002),
194 	[DOT11_OID_ATTACHMENT] = {0x19000003, 0,
195 		sizeof(struct obj_attachment), OID_TYPE_ATTACH},
196 	OID_STRUCT_C(DOT11_OID_PSMBUFFER, 0x19000004, struct obj_buffer,
197 		     OID_TYPE_BUFFER),
198 
199 	OID_U32(DOT11_OID_BSSS, 0x1C000000),
200 	[DOT11_OID_BSSX] = {0x1C000001, 63, sizeof (struct obj_bss),
201 			    OID_TYPE_BSS},	/*DOT11_OID_BSS1,...,DOT11_OID_BSS64 */
202 	OID_STRUCT(DOT11_OID_BSSFIND, 0x1C000042, struct obj_bss, OID_TYPE_BSS),
203 	[DOT11_OID_BSSLIST] = {0x1C000043, 0, sizeof (struct
204 						      obj_bsslist) +
205 			       sizeof (struct obj_bss[IWMAX_BSS]),
206 			       OID_TYPE_BSSLIST},
207 
208 	OID_UNKNOWN(OID_INL_TUNNEL, 0xFF020000),
209 	OID_UNKNOWN(OID_INL_MEMADDR, 0xFF020001),
210 	OID_UNKNOWN(OID_INL_MEMORY, 0xFF020002),
211 	OID_U32_C(OID_INL_MODE, 0xFF020003),
212 	OID_UNKNOWN(OID_INL_COMPONENT_NR, 0xFF020004),
213 	OID_STRUCT(OID_INL_VERSION, 0xFF020005, u8[8], OID_TYPE_RAW),
214 	OID_UNKNOWN(OID_INL_INTERFACE_ID, 0xFF020006),
215 	OID_UNKNOWN(OID_INL_COMPONENT_ID, 0xFF020007),
216 	OID_U32_C(OID_INL_CONFIG, 0xFF020008),
217 	OID_U32_C(OID_INL_DOT11D_CONFORMANCE, 0xFF02000C),
218 	OID_U32(OID_INL_PHYCAPABILITIES, 0xFF02000D),
219 	OID_U32_C(OID_INL_OUTPUTPOWER, 0xFF02000F),
220 
221 };
222 
223 int
mgt_init(islpci_private * priv)224 mgt_init(islpci_private *priv)
225 {
226 	int i;
227 
228 	priv->mib = kcalloc(OID_NUM_LAST, sizeof (void *), GFP_KERNEL);
229 	if (!priv->mib)
230 		return -ENOMEM;
231 
232 	/* Alloc the cache */
233 	for (i = 0; i < OID_NUM_LAST; i++) {
234 		if (isl_oid[i].flags & OID_FLAG_CACHED) {
235 			priv->mib[i] = kcalloc(isl_oid[i].size,
236 					       (isl_oid[i].range + 1),
237 					       GFP_KERNEL);
238 			if (!priv->mib[i])
239 				return -ENOMEM;
240 		} else
241 			priv->mib[i] = NULL;
242 	}
243 
244 	init_rwsem(&priv->mib_sem);
245 	prism54_mib_init(priv);
246 
247 	return 0;
248 }
249 
250 void
mgt_clean(islpci_private * priv)251 mgt_clean(islpci_private *priv)
252 {
253 	int i;
254 
255 	if (!priv->mib)
256 		return;
257 	for (i = 0; i < OID_NUM_LAST; i++) {
258 		kfree(priv->mib[i]);
259 		priv->mib[i] = NULL;
260 	}
261 	kfree(priv->mib);
262 	priv->mib = NULL;
263 }
264 
265 void
mgt_le_to_cpu(int type,void * data)266 mgt_le_to_cpu(int type, void *data)
267 {
268 	switch (type) {
269 	case OID_TYPE_U32:
270 		*(u32 *) data = le32_to_cpu(*(u32 *) data);
271 		break;
272 	case OID_TYPE_BUFFER:{
273 			struct obj_buffer *buff = data;
274 			buff->size = le32_to_cpu(buff->size);
275 			buff->addr = le32_to_cpu(buff->addr);
276 			break;
277 		}
278 	case OID_TYPE_BSS:{
279 			struct obj_bss *bss = data;
280 			bss->age = le16_to_cpu(bss->age);
281 			bss->channel = le16_to_cpu(bss->channel);
282 			bss->capinfo = le16_to_cpu(bss->capinfo);
283 			bss->rates = le16_to_cpu(bss->rates);
284 			bss->basic_rates = le16_to_cpu(bss->basic_rates);
285 			break;
286 		}
287 	case OID_TYPE_BSSLIST:{
288 			struct obj_bsslist *list = data;
289 			int i;
290 			list->nr = le32_to_cpu(list->nr);
291 			for (i = 0; i < list->nr; i++)
292 				mgt_le_to_cpu(OID_TYPE_BSS, &list->bsslist[i]);
293 			break;
294 		}
295 	case OID_TYPE_FREQUENCIES:{
296 			struct obj_frequencies *freq = data;
297 			int i;
298 			freq->nr = le16_to_cpu(freq->nr);
299 			for (i = 0; i < freq->nr; i++)
300 				freq->mhz[i] = le16_to_cpu(freq->mhz[i]);
301 			break;
302 		}
303 	case OID_TYPE_MLME:{
304 			struct obj_mlme *mlme = data;
305 			mlme->id = le16_to_cpu(mlme->id);
306 			mlme->state = le16_to_cpu(mlme->state);
307 			mlme->code = le16_to_cpu(mlme->code);
308 			break;
309 		}
310 	case OID_TYPE_MLMEEX:{
311 			struct obj_mlmeex *mlme = data;
312 			mlme->id = le16_to_cpu(mlme->id);
313 			mlme->state = le16_to_cpu(mlme->state);
314 			mlme->code = le16_to_cpu(mlme->code);
315 			mlme->size = le16_to_cpu(mlme->size);
316 			break;
317 		}
318 	case OID_TYPE_ATTACH:{
319 			struct obj_attachment *attach = data;
320 			attach->id = le16_to_cpu(attach->id);
321 			attach->size = le16_to_cpu(attach->size);
322 			break;
323 	}
324 	case OID_TYPE_SSID:
325 	case OID_TYPE_KEY:
326 	case OID_TYPE_ADDR:
327 	case OID_TYPE_RAW:
328 		break;
329 	default:
330 		BUG();
331 	}
332 }
333 
334 static void
mgt_cpu_to_le(int type,void * data)335 mgt_cpu_to_le(int type, void *data)
336 {
337 	switch (type) {
338 	case OID_TYPE_U32:
339 		*(u32 *) data = cpu_to_le32(*(u32 *) data);
340 		break;
341 	case OID_TYPE_BUFFER:{
342 			struct obj_buffer *buff = data;
343 			buff->size = cpu_to_le32(buff->size);
344 			buff->addr = cpu_to_le32(buff->addr);
345 			break;
346 		}
347 	case OID_TYPE_BSS:{
348 			struct obj_bss *bss = data;
349 			bss->age = cpu_to_le16(bss->age);
350 			bss->channel = cpu_to_le16(bss->channel);
351 			bss->capinfo = cpu_to_le16(bss->capinfo);
352 			bss->rates = cpu_to_le16(bss->rates);
353 			bss->basic_rates = cpu_to_le16(bss->basic_rates);
354 			break;
355 		}
356 	case OID_TYPE_BSSLIST:{
357 			struct obj_bsslist *list = data;
358 			int i;
359 			list->nr = cpu_to_le32(list->nr);
360 			for (i = 0; i < list->nr; i++)
361 				mgt_cpu_to_le(OID_TYPE_BSS, &list->bsslist[i]);
362 			break;
363 		}
364 	case OID_TYPE_FREQUENCIES:{
365 			struct obj_frequencies *freq = data;
366 			int i;
367 			freq->nr = cpu_to_le16(freq->nr);
368 			for (i = 0; i < freq->nr; i++)
369 				freq->mhz[i] = cpu_to_le16(freq->mhz[i]);
370 			break;
371 		}
372 	case OID_TYPE_MLME:{
373 			struct obj_mlme *mlme = data;
374 			mlme->id = cpu_to_le16(mlme->id);
375 			mlme->state = cpu_to_le16(mlme->state);
376 			mlme->code = cpu_to_le16(mlme->code);
377 			break;
378 		}
379 	case OID_TYPE_MLMEEX:{
380 			struct obj_mlmeex *mlme = data;
381 			mlme->id = cpu_to_le16(mlme->id);
382 			mlme->state = cpu_to_le16(mlme->state);
383 			mlme->code = cpu_to_le16(mlme->code);
384 			mlme->size = cpu_to_le16(mlme->size);
385 			break;
386 		}
387 	case OID_TYPE_ATTACH:{
388 			struct obj_attachment *attach = data;
389 			attach->id = cpu_to_le16(attach->id);
390 			attach->size = cpu_to_le16(attach->size);
391 			break;
392 	}
393 	case OID_TYPE_SSID:
394 	case OID_TYPE_KEY:
395 	case OID_TYPE_ADDR:
396 	case OID_TYPE_RAW:
397 		break;
398 	default:
399 		BUG();
400 	}
401 }
402 
403 /* Note : data is modified during this function */
404 
405 int
mgt_set_request(islpci_private * priv,enum oid_num_t n,int extra,void * data)406 mgt_set_request(islpci_private *priv, enum oid_num_t n, int extra, void *data)
407 {
408 	int ret = 0;
409 	struct islpci_mgmtframe *response = NULL;
410 	int response_op = PIMFOR_OP_ERROR;
411 	int dlen;
412 	void *cache, *_data = data;
413 	u32 oid;
414 
415 	BUG_ON(n >= OID_NUM_LAST);
416 	BUG_ON(extra > isl_oid[n].range);
417 
418 	if (!priv->mib)
419 		/* memory has been freed */
420 		return -1;
421 
422 	dlen = isl_oid[n].size;
423 	cache = priv->mib[n];
424 	cache += (cache ? extra * dlen : 0);
425 	oid = isl_oid[n].oid + extra;
426 
427 	if (_data == NULL)
428 		/* we are requested to re-set a cached value */
429 		_data = cache;
430 	else
431 		mgt_cpu_to_le(isl_oid[n].flags & OID_FLAG_TYPE, _data);
432 	/* If we are going to write to the cache, we don't want anyone to read
433 	 * it -> acquire write lock.
434 	 * Else we could acquire a read lock to be sure we don't bother the
435 	 * commit process (which takes a write lock). But I'm not sure if it's
436 	 * needed.
437 	 */
438 	if (cache)
439 		down_write(&priv->mib_sem);
440 
441 	if (islpci_get_state(priv) >= PRV_STATE_READY) {
442 		ret = islpci_mgt_transaction(priv->ndev, PIMFOR_OP_SET, oid,
443 					     _data, dlen, &response);
444 		if (!ret) {
445 			response_op = response->header->operation;
446 			islpci_mgt_release(response);
447 		}
448 		if (ret || response_op == PIMFOR_OP_ERROR)
449 			ret = -EIO;
450 	} else if (!cache)
451 		ret = -EIO;
452 
453 	if (cache) {
454 		if (!ret && data)
455 			memcpy(cache, _data, dlen);
456 		up_write(&priv->mib_sem);
457 	}
458 
459 	/* re-set given data to what it was */
460 	if (data)
461 		mgt_le_to_cpu(isl_oid[n].flags & OID_FLAG_TYPE, data);
462 
463 	return ret;
464 }
465 
466 /* None of these are cached */
467 int
mgt_set_varlen(islpci_private * priv,enum oid_num_t n,void * data,int extra_len)468 mgt_set_varlen(islpci_private *priv, enum oid_num_t n, void *data, int extra_len)
469 {
470 	int ret = 0;
471 	struct islpci_mgmtframe *response;
472 	int response_op = PIMFOR_OP_ERROR;
473 	int dlen;
474 	u32 oid;
475 
476 	BUG_ON(n >= OID_NUM_LAST);
477 
478 	dlen = isl_oid[n].size;
479 	oid = isl_oid[n].oid;
480 
481 	mgt_cpu_to_le(isl_oid[n].flags & OID_FLAG_TYPE, data);
482 
483 	if (islpci_get_state(priv) >= PRV_STATE_READY) {
484 		ret = islpci_mgt_transaction(priv->ndev, PIMFOR_OP_SET, oid,
485 					     data, dlen + extra_len, &response);
486 		if (!ret) {
487 			response_op = response->header->operation;
488 			islpci_mgt_release(response);
489 		}
490 		if (ret || response_op == PIMFOR_OP_ERROR)
491 			ret = -EIO;
492 	} else
493 		ret = -EIO;
494 
495 	/* re-set given data to what it was */
496 	if (data)
497 		mgt_le_to_cpu(isl_oid[n].flags & OID_FLAG_TYPE, data);
498 
499 	return ret;
500 }
501 
502 int
mgt_get_request(islpci_private * priv,enum oid_num_t n,int extra,void * data,union oid_res_t * res)503 mgt_get_request(islpci_private *priv, enum oid_num_t n, int extra, void *data,
504 		union oid_res_t *res)
505 {
506 
507 	int ret = -EIO;
508 	int reslen = 0;
509 	struct islpci_mgmtframe *response = NULL;
510 
511 	int dlen;
512 	void *cache, *_res = NULL;
513 	u32 oid;
514 
515 	BUG_ON(n >= OID_NUM_LAST);
516 	BUG_ON(extra > isl_oid[n].range);
517 
518 	res->ptr = NULL;
519 
520 	if (!priv->mib)
521 		/* memory has been freed */
522 		return -1;
523 
524 	dlen = isl_oid[n].size;
525 	cache = priv->mib[n];
526 	cache += cache ? extra * dlen : 0;
527 	oid = isl_oid[n].oid + extra;
528 	reslen = dlen;
529 
530 	if (cache)
531 		down_read(&priv->mib_sem);
532 
533 	if (islpci_get_state(priv) >= PRV_STATE_READY) {
534 		ret = islpci_mgt_transaction(priv->ndev, PIMFOR_OP_GET,
535 					     oid, data, dlen, &response);
536 		if (ret || !response ||
537 		    response->header->operation == PIMFOR_OP_ERROR) {
538 			if (response)
539 				islpci_mgt_release(response);
540 			ret = -EIO;
541 		}
542 		if (!ret) {
543 			_res = response->data;
544 			reslen = response->header->length;
545 		}
546 	} else if (cache) {
547 		_res = cache;
548 		ret = 0;
549 	}
550 	if ((isl_oid[n].flags & OID_FLAG_TYPE) == OID_TYPE_U32)
551 		res->u = ret ? 0 : le32_to_cpu(*(u32 *) _res);
552 	else {
553 		res->ptr = kmalloc(reslen, GFP_KERNEL);
554 		BUG_ON(res->ptr == NULL);
555 		if (ret)
556 			memset(res->ptr, 0, reslen);
557 		else {
558 			memcpy(res->ptr, _res, reslen);
559 			mgt_le_to_cpu(isl_oid[n].flags & OID_FLAG_TYPE,
560 				      res->ptr);
561 		}
562 	}
563 	if (cache)
564 		up_read(&priv->mib_sem);
565 
566 	if (response && !ret)
567 		islpci_mgt_release(response);
568 
569 	if (reslen > isl_oid[n].size)
570 		printk(KERN_DEBUG
571 		       "mgt_get_request(0x%x): received data length was bigger "
572 		       "than expected (%d > %d). Memory is probably corrupted...",
573 		       oid, reslen, isl_oid[n].size);
574 
575 	return ret;
576 }
577 
578 /* lock outside */
579 int
mgt_commit_list(islpci_private * priv,enum oid_num_t * l,int n)580 mgt_commit_list(islpci_private *priv, enum oid_num_t *l, int n)
581 {
582 	int i, ret = 0;
583 	struct islpci_mgmtframe *response;
584 
585 	for (i = 0; i < n; i++) {
586 		struct oid_t *t = &(isl_oid[l[i]]);
587 		void *data = priv->mib[l[i]];
588 		int j = 0;
589 		u32 oid = t->oid;
590 		BUG_ON(data == NULL);
591 		while (j <= t->range) {
592 			int r = islpci_mgt_transaction(priv->ndev, PIMFOR_OP_SET,
593 						      oid, data, t->size,
594 						      &response);
595 			if (response) {
596 				r |= (response->header->operation == PIMFOR_OP_ERROR);
597 				islpci_mgt_release(response);
598 			}
599 			if (r)
600 				printk(KERN_ERR "%s: mgt_commit_list: failure. "
601 					"oid=%08x err=%d\n",
602 					priv->ndev->name, oid, r);
603 			ret |= r;
604 			j++;
605 			oid++;
606 			data += t->size;
607 		}
608 	}
609 	return ret;
610 }
611 
612 /* Lock outside */
613 
614 void
mgt_set(islpci_private * priv,enum oid_num_t n,void * data)615 mgt_set(islpci_private *priv, enum oid_num_t n, void *data)
616 {
617 	BUG_ON(n >= OID_NUM_LAST);
618 	BUG_ON(priv->mib[n] == NULL);
619 
620 	memcpy(priv->mib[n], data, isl_oid[n].size);
621 	mgt_cpu_to_le(isl_oid[n].flags & OID_FLAG_TYPE, priv->mib[n]);
622 }
623 
624 void
mgt_get(islpci_private * priv,enum oid_num_t n,void * res)625 mgt_get(islpci_private *priv, enum oid_num_t n, void *res)
626 {
627 	BUG_ON(n >= OID_NUM_LAST);
628 	BUG_ON(priv->mib[n] == NULL);
629 	BUG_ON(res == NULL);
630 
631 	memcpy(res, priv->mib[n], isl_oid[n].size);
632 	mgt_le_to_cpu(isl_oid[n].flags & OID_FLAG_TYPE, res);
633 }
634 
635 /* Commits the cache. Lock outside. */
636 
637 static enum oid_num_t commit_part1[] = {
638 	OID_INL_CONFIG,
639 	OID_INL_MODE,
640 	DOT11_OID_BSSTYPE,
641 	DOT11_OID_CHANNEL,
642 	DOT11_OID_MLMEAUTOLEVEL
643 };
644 
645 static enum oid_num_t commit_part2[] = {
646 	DOT11_OID_SSID,
647 	DOT11_OID_PSMBUFFER,
648 	DOT11_OID_AUTHENABLE,
649 	DOT11_OID_PRIVACYINVOKED,
650 	DOT11_OID_EXUNENCRYPTED,
651 	DOT11_OID_DEFKEYX,	/* MULTIPLE */
652 	DOT11_OID_DEFKEYID,
653 	DOT11_OID_DOT1XENABLE,
654 	OID_INL_DOT11D_CONFORMANCE,
655 	/* Do not initialize this - fw < 1.0.4.3 rejects it
656 	OID_INL_OUTPUTPOWER,
657 	*/
658 };
659 
660 /* update the MAC addr. */
661 static int
mgt_update_addr(islpci_private * priv)662 mgt_update_addr(islpci_private *priv)
663 {
664 	struct islpci_mgmtframe *res;
665 	int ret;
666 
667 	ret = islpci_mgt_transaction(priv->ndev, PIMFOR_OP_GET,
668 				     isl_oid[GEN_OID_MACADDRESS].oid, NULL,
669 				     isl_oid[GEN_OID_MACADDRESS].size, &res);
670 
671 	if ((ret == 0) && res && (res->header->operation != PIMFOR_OP_ERROR))
672 		memcpy(priv->ndev->dev_addr, res->data, ETH_ALEN);
673 	else
674 		ret = -EIO;
675 	if (res)
676 		islpci_mgt_release(res);
677 
678 	if (ret)
679 		printk(KERN_ERR "%s: mgt_update_addr: failure\n", priv->ndev->name);
680 	return ret;
681 }
682 
683 int
mgt_commit(islpci_private * priv)684 mgt_commit(islpci_private *priv)
685 {
686 	int rvalue;
687 	enum oid_num_t u;
688 
689 	if (islpci_get_state(priv) < PRV_STATE_INIT)
690 		return 0;
691 
692 	rvalue = mgt_commit_list(priv, commit_part1, ARRAY_SIZE(commit_part1));
693 
694 	if (priv->iw_mode != IW_MODE_MONITOR)
695 		rvalue |= mgt_commit_list(priv, commit_part2, ARRAY_SIZE(commit_part2));
696 
697 	u = OID_INL_MODE;
698 	rvalue |= mgt_commit_list(priv, &u, 1);
699 	rvalue |= mgt_update_addr(priv);
700 
701 	if (rvalue) {
702 		/* some request have failed. The device might be in an
703 		   incoherent state. We should reset it ! */
704 		printk(KERN_DEBUG "%s: mgt_commit: failure\n", priv->ndev->name);
705 	}
706 	return rvalue;
707 }
708 
709 /* The following OIDs need to be "unlatched":
710  *
711  * MEDIUMLIMIT,BEACONPERIOD,DTIMPERIOD,ATIMWINDOW,LISTENINTERVAL
712  * FREQUENCY,EXTENDEDRATES.
713  *
714  * The way to do this is to set ESSID. Note though that they may get
715  * unlatch before though by setting another OID. */
716 #if 0
717 void
718 mgt_unlatch_all(islpci_private *priv)
719 {
720 	u32 u;
721 	int rvalue = 0;
722 
723 	if (islpci_get_state(priv) < PRV_STATE_INIT)
724 		return;
725 
726 	u = DOT11_OID_SSID;
727 	rvalue = mgt_commit_list(priv, &u, 1);
728 	/* Necessary if in MANUAL RUN mode? */
729 #if 0
730 	u = OID_INL_MODE;
731 	rvalue |= mgt_commit_list(priv, &u, 1);
732 
733 	u = DOT11_OID_MLMEAUTOLEVEL;
734 	rvalue |= mgt_commit_list(priv, &u, 1);
735 
736 	u = OID_INL_MODE;
737 	rvalue |= mgt_commit_list(priv, &u, 1);
738 #endif
739 
740 	if (rvalue)
741 		printk(KERN_DEBUG "%s: Unlatching OIDs failed\n", priv->ndev->name);
742 }
743 #endif
744 
745 /* This will tell you if you are allowed to answer a mlme(ex) request .*/
746 
747 int
mgt_mlme_answer(islpci_private * priv)748 mgt_mlme_answer(islpci_private *priv)
749 {
750 	u32 mlmeautolevel;
751 	/* Acquire a read lock because if we are in a mode change, it's
752 	 * possible to answer true, while the card is leaving master to managed
753 	 * mode. Answering to a mlme in this situation could hang the card.
754 	 */
755 	down_read(&priv->mib_sem);
756 	mlmeautolevel =
757 	    le32_to_cpu(*(u32 *) priv->mib[DOT11_OID_MLMEAUTOLEVEL]);
758 	up_read(&priv->mib_sem);
759 
760 	return ((priv->iw_mode == IW_MODE_MASTER) &&
761 		(mlmeautolevel >= DOT11_MLME_INTERMEDIATE));
762 }
763 
764 enum oid_num_t
mgt_oidtonum(u32 oid)765 mgt_oidtonum(u32 oid)
766 {
767 	int i;
768 
769 	for (i = 0; i < OID_NUM_LAST; i++)
770 		if (isl_oid[i].oid == oid)
771 			return i;
772 
773 	printk(KERN_DEBUG "looking for an unknown oid 0x%x", oid);
774 
775 	return OID_NUM_LAST;
776 }
777 
778 int
mgt_response_to_str(enum oid_num_t n,union oid_res_t * r,char * str)779 mgt_response_to_str(enum oid_num_t n, union oid_res_t *r, char *str)
780 {
781 	switch (isl_oid[n].flags & OID_FLAG_TYPE) {
782 	case OID_TYPE_U32:
783 		return snprintf(str, PRIV_STR_SIZE, "%u\n", r->u);
784 	case OID_TYPE_BUFFER:{
785 			struct obj_buffer *buff = r->ptr;
786 			return snprintf(str, PRIV_STR_SIZE,
787 					"size=%u\naddr=0x%X\n", buff->size,
788 					buff->addr);
789 		}
790 		break;
791 	case OID_TYPE_BSS:{
792 			struct obj_bss *bss = r->ptr;
793 			return snprintf(str, PRIV_STR_SIZE,
794 					"age=%u\nchannel=%u\n"
795 					"capinfo=0x%X\nrates=0x%X\n"
796 					"basic_rates=0x%X\n", bss->age,
797 					bss->channel, bss->capinfo,
798 					bss->rates, bss->basic_rates);
799 		}
800 		break;
801 	case OID_TYPE_BSSLIST:{
802 			struct obj_bsslist *list = r->ptr;
803 			int i, k;
804 			k = snprintf(str, PRIV_STR_SIZE, "nr=%u\n", list->nr);
805 			for (i = 0; i < list->nr; i++)
806 				k += snprintf(str + k, PRIV_STR_SIZE - k,
807 					      "bss[%u] :\nage=%u\nchannel=%u\n"
808 					      "capinfo=0x%X\nrates=0x%X\n"
809 					      "basic_rates=0x%X\n",
810 					      i, list->bsslist[i].age,
811 					      list->bsslist[i].channel,
812 					      list->bsslist[i].capinfo,
813 					      list->bsslist[i].rates,
814 					      list->bsslist[i].basic_rates);
815 			return k;
816 		}
817 		break;
818 	case OID_TYPE_FREQUENCIES:{
819 			struct obj_frequencies *freq = r->ptr;
820 			int i, t;
821 			printk("nr : %u\n", freq->nr);
822 			t = snprintf(str, PRIV_STR_SIZE, "nr=%u\n", freq->nr);
823 			for (i = 0; i < freq->nr; i++)
824 				t += snprintf(str + t, PRIV_STR_SIZE - t,
825 					      "mhz[%u]=%u\n", i, freq->mhz[i]);
826 			return t;
827 		}
828 		break;
829 	case OID_TYPE_MLME:{
830 			struct obj_mlme *mlme = r->ptr;
831 			return snprintf(str, PRIV_STR_SIZE,
832 					"id=0x%X\nstate=0x%X\ncode=0x%X\n",
833 					mlme->id, mlme->state, mlme->code);
834 		}
835 		break;
836 	case OID_TYPE_MLMEEX:{
837 			struct obj_mlmeex *mlme = r->ptr;
838 			return snprintf(str, PRIV_STR_SIZE,
839 					"id=0x%X\nstate=0x%X\n"
840 					"code=0x%X\nsize=0x%X\n", mlme->id,
841 					mlme->state, mlme->code, mlme->size);
842 		}
843 		break;
844 	case OID_TYPE_ATTACH:{
845 			struct obj_attachment *attach = r->ptr;
846 			return snprintf(str, PRIV_STR_SIZE,
847 					"id=%d\nsize=%d\n",
848 					attach->id,
849 					attach->size);
850 		}
851 		break;
852 	case OID_TYPE_SSID:{
853 			struct obj_ssid *ssid = r->ptr;
854 			return snprintf(str, PRIV_STR_SIZE,
855 					"length=%u\noctets=%.*s\n",
856 					ssid->length, ssid->length,
857 					ssid->octets);
858 		}
859 		break;
860 	case OID_TYPE_KEY:{
861 			struct obj_key *key = r->ptr;
862 			int t, i;
863 			t = snprintf(str, PRIV_STR_SIZE,
864 				     "type=0x%X\nlength=0x%X\nkey=0x",
865 				     key->type, key->length);
866 			for (i = 0; i < key->length; i++)
867 				t += snprintf(str + t, PRIV_STR_SIZE - t,
868 					      "%02X:", key->key[i]);
869 			t += snprintf(str + t, PRIV_STR_SIZE - t, "\n");
870 			return t;
871 		}
872 		break;
873 	case OID_TYPE_RAW:
874 	case OID_TYPE_ADDR:{
875 			unsigned char *buff = r->ptr;
876 			int t, i;
877 			t = snprintf(str, PRIV_STR_SIZE, "hex data=");
878 			for (i = 0; i < isl_oid[n].size; i++)
879 				t += snprintf(str + t, PRIV_STR_SIZE - t,
880 					      "%02X:", buff[i]);
881 			t += snprintf(str + t, PRIV_STR_SIZE - t, "\n");
882 			return t;
883 		}
884 		break;
885 	default:
886 		BUG();
887 	}
888 	return 0;
889 }
890