2 *************************************************************************
4 * 5F., No.36, Taiyuan St., Jhubei City,
8 * (c) Copyright 2002-2007, Ralink Technology, Inc.
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
15 * This program is distributed in the hope that it will be useful, *
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
18 * GNU General Public License for more details. *
20 * You should have received a copy of the GNU General Public License *
21 * along with this program; if not, write to the *
22 * Free Software Foundation, Inc., *
23 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 *************************************************************************
34 -------- ---------- ----------------------------------------------
35 Name Date Modification logs
36 Paul Lin 06-25-2004 created
39 #include "../rt_config.h"
43 ========================================================================
45 Routine Description: NIC initialization complete
55 ========================================================================
58 NTSTATUS RTUSBFirmwareRun(
63 Status = RTUSB_VendorRequest(
65 USBD_TRANSFER_DIRECTION_OUT,
66 DEVICE_VENDOR_REQUEST_OUT,
79 ========================================================================
81 Routine Description: Write Firmware to NIC.
91 ========================================================================
93 NTSTATUS RTUSBFirmwareWrite(
103 Status = RTUSBReadMACRegister(pAd, MAC_CSR0, &MacReg);
107 RTUSBMultiWrite(pAd, FIRMWARE_IMAGE_BASE, pFwImage, writeLen);
109 Status = RTUSBWriteMACRegister(pAd, 0x7014, 0xffffffff);
110 Status = RTUSBWriteMACRegister(pAd, 0x701c, 0xffffffff);
111 Status = RTUSBFirmwareRun(pAd);
118 ========================================================================
120 Routine Description: Get current firmware operation mode (Return Value)
125 0 or 1 = Downloaded by host driver
126 others = Driver doesn't download firmware
132 ========================================================================
134 NTSTATUS RTUSBFirmwareOpmode(
135 IN PRTMP_ADAPTER pAd,
140 Status = RTUSB_VendorRequest(
142 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
143 DEVICE_VENDOR_REQUEST_IN,
151 NTSTATUS RTUSBVenderReset(
152 IN PRTMP_ADAPTER pAd)
155 DBGPRINT_RAW(RT_DEBUG_ERROR, ("-->RTUSBVenderReset\n"));
156 Status = RTUSB_VendorRequest(
158 USBD_TRANSFER_DIRECTION_OUT,
159 DEVICE_VENDOR_REQUEST_OUT,
166 DBGPRINT_RAW(RT_DEBUG_ERROR, ("<--RTUSBVenderReset\n"));
170 ========================================================================
172 Routine Description: Read various length data from RT2573
182 ========================================================================
184 NTSTATUS RTUSBMultiRead(
185 IN PRTMP_ADAPTER pAd,
192 Status = RTUSB_VendorRequest(
194 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
195 DEVICE_VENDOR_REQUEST_IN,
206 ========================================================================
208 Routine Description: Write various length data to RT2573
218 ========================================================================
220 NTSTATUS RTUSBMultiWrite_OneByte(
221 IN PRTMP_ADAPTER pAd,
227 // TODO: In 2870, use this funciton carefully cause it's not stable.
228 Status = RTUSB_VendorRequest(
230 USBD_TRANSFER_DIRECTION_OUT,
231 DEVICE_VENDOR_REQUEST_OUT,
241 NTSTATUS RTUSBMultiWrite(
242 IN PRTMP_ADAPTER pAd,
250 USHORT index = 0,Value;
258 Value =(USHORT)( *pSrc | (*(pSrc + 1) << 8));
259 Status = RTUSBSingleWrite(pAd,Offset + index,Value);
269 NTSTATUS RTUSBSingleWrite(
270 IN RTMP_ADAPTER *pAd,
276 Status = RTUSB_VendorRequest(
278 USBD_TRANSFER_DIRECTION_OUT,
279 DEVICE_VENDOR_REQUEST_OUT,
292 ========================================================================
294 Routine Description: Read 32-bit MAC register
304 ========================================================================
306 NTSTATUS RTUSBReadMACRegister(
307 IN PRTMP_ADAPTER pAd,
314 Status = RTUSB_VendorRequest(
316 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
317 DEVICE_VENDOR_REQUEST_IN,
324 *pValue = le2cpu32(localVal);
328 *pValue = 0xffffffff;
335 ========================================================================
337 Routine Description: Write 32-bit MAC register
347 ========================================================================
349 NTSTATUS RTUSBWriteMACRegister(
350 IN PRTMP_ADAPTER pAd,
359 Status = RTUSBSingleWrite(pAd, Offset, (USHORT)(localVal & 0xffff));
360 Status = RTUSBSingleWrite(pAd, Offset + 2, (USHORT)((localVal & 0xffff0000) >> 16));
369 ========================================================================
371 Routine Description: Read 8-bit BBP register
381 ========================================================================
383 NTSTATUS RTUSBReadBBPRegister(
384 IN PRTMP_ADAPTER pAd,
388 BBP_CSR_CFG_STRUC BbpCsr;
392 // Verify the busy condition
395 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
398 if (!(BbpCsr.field.Busy == BUSY))
401 printk("RTUSBReadBBPRegister(BBP_CSR_CFG_1):retry count=%d!\n", i);
404 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
406 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
409 // Read failed then Return Default value.
411 *pValue = pAd->BbpWriteLatch[Id];
413 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
414 return STATUS_UNSUCCESSFUL;
417 // Prepare for write material
419 BbpCsr.field.fRead = 1;
420 BbpCsr.field.Busy = 1;
421 BbpCsr.field.RegNum = Id;
422 RTUSBWriteMACRegister(pAd, BBP_CSR_CFG, BbpCsr.word);
425 // Verify the busy condition
428 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
431 if (!(BbpCsr.field.Busy == BUSY))
433 *pValue = (UCHAR)BbpCsr.field.Value;
437 printk("RTUSBReadBBPRegister(BBP_CSR_CFG_2):retry count=%d!\n", i);
440 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
442 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
445 // Read failed then Return Default value.
447 *pValue = pAd->BbpWriteLatch[Id];
449 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
450 return STATUS_UNSUCCESSFUL;
453 return STATUS_SUCCESS;
457 ========================================================================
459 Routine Description: Read 8-bit BBP register via firmware
469 ========================================================================
471 NTSTATUS RTUSBReadBBPRegister(
472 IN PRTMP_ADAPTER pAd,
476 BBP_CSR_CFG_STRUC BbpCsr;
478 for (i=0; i<MAX_BUSY_COUNT; i++)
480 RTUSBReadMACRegister(pAd, H2M_BBP_AGENT, &BbpCsr.word);
481 if (BbpCsr.field.Busy == BUSY)
486 BbpCsr.field.fRead = 1;
487 BbpCsr.field.BBP_RW_MODE = 1;
488 BbpCsr.field.Busy = 1;
489 BbpCsr.field.RegNum = Id;
490 RTUSBWriteMACRegister(pAd, H2M_BBP_AGENT, BbpCsr.word);
491 AsicSendCommandToMcu(pAd, 0x80, 0xff, 0x0, 0x0);
492 for (k=0; k<MAX_BUSY_COUNT; k++)
494 RTUSBReadMACRegister(pAd, H2M_BBP_AGENT, &BbpCsr.word);
495 if (BbpCsr.field.Busy == IDLE)
498 if ((BbpCsr.field.Busy == IDLE) &&
499 (BbpCsr.field.RegNum == Id))
501 *pValue = (UCHAR)BbpCsr.field.Value;
505 if (BbpCsr.field.Busy == BUSY)
507 DBGPRINT_ERR(("BBP read R%d=0x%x fail\n", Id, BbpCsr.word));
508 *pValue = pAd->BbpWriteLatch[Id];
509 return STATUS_UNSUCCESSFUL;
511 return STATUS_SUCCESS;
517 ========================================================================
519 Routine Description: Write 8-bit BBP register
529 ========================================================================
531 NTSTATUS RTUSBWriteBBPRegister(
532 IN PRTMP_ADAPTER pAd,
536 BBP_CSR_CFG_STRUC BbpCsr;
539 // Verify the busy condition
542 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
545 if (!(BbpCsr.field.Busy == BUSY))
548 printk("RTUSBWriteBBPRegister(BBP_CSR_CFG):retry count=%d!\n", i);
551 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
553 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
555 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
556 return STATUS_UNSUCCESSFUL;
559 // Prepare for write material
561 BbpCsr.field.fRead = 0;
562 BbpCsr.field.Value = Value;
563 BbpCsr.field.Busy = 1;
564 BbpCsr.field.RegNum = Id;
565 RTUSBWriteMACRegister(pAd, BBP_CSR_CFG, BbpCsr.word);
567 pAd->BbpWriteLatch[Id] = Value;
569 return STATUS_SUCCESS;
573 ========================================================================
575 Routine Description: Write 8-bit BBP register via firmware
585 ========================================================================
588 NTSTATUS RTUSBWriteBBPRegister(
589 IN PRTMP_ADAPTER pAd,
594 BBP_CSR_CFG_STRUC BbpCsr;
596 for (BusyCnt=0; BusyCnt<MAX_BUSY_COUNT; BusyCnt++)
598 RTMP_IO_READ32(pAd, H2M_BBP_AGENT, &BbpCsr.word);
599 if (BbpCsr.field.Busy == BUSY)
602 BbpCsr.field.fRead = 0;
603 BbpCsr.field.BBP_RW_MODE = 1;
604 BbpCsr.field.Busy = 1;
605 BbpCsr.field.Value = Value;
606 BbpCsr.field.RegNum = Id;
607 RTMP_IO_WRITE32(pAd, H2M_BBP_AGENT, BbpCsr.word);
608 AsicSendCommandToMcu(pAd, 0x80, 0xff, 0x0, 0x0);
609 pAd->BbpWriteLatch[Id] = Value;
612 if (BusyCnt == MAX_BUSY_COUNT)
614 DBGPRINT_ERR(("BBP write R%d=0x%x fail\n", Id, BbpCsr.word));
615 return STATUS_UNSUCCESSFUL;
617 return STATUS_SUCCESS;
621 ========================================================================
623 Routine Description: Write RF register through MAC
633 ========================================================================
635 NTSTATUS RTUSBWriteRFRegister(
636 IN PRTMP_ADAPTER pAd,
639 PHY_CSR4_STRUC PhyCsr4;
643 NdisZeroMemory(&PhyCsr4, sizeof(PHY_CSR4_STRUC));
646 status = RTUSBReadMACRegister(pAd, RF_CSR_CFG0, &PhyCsr4.word);
649 if (!(PhyCsr4.field.Busy))
652 printk("RTUSBWriteRFRegister(RF_CSR_CFG0):retry count=%d!\n", i);
655 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
657 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
659 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
660 return STATUS_UNSUCCESSFUL;
663 RTUSBWriteMACRegister(pAd, RF_CSR_CFG0, Value);
665 return STATUS_SUCCESS;
669 ========================================================================
671 Routine Description: Write RT3070 RF register through MAC
681 ========================================================================
683 NTSTATUS RT30xxWriteRFRegister(
684 IN PRTMP_ADAPTER pAd,
688 RF_CSR_CFG_STRUC rfcsr;
693 RTUSBReadMACRegister(pAd, RF_CSR_CFG, &rfcsr.word);
695 if (!rfcsr.field.RF_CSR_KICK)
699 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
701 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
703 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
704 return STATUS_UNSUCCESSFUL;
707 rfcsr.field.RF_CSR_WR = 1;
708 rfcsr.field.RF_CSR_KICK = 1;
709 rfcsr.field.TESTCSR_RFACC_REGNUM = RegID;
710 rfcsr.field.RF_CSR_DATA = Value;
712 RTUSBWriteMACRegister(pAd, RF_CSR_CFG, rfcsr.word);
714 return STATUS_SUCCESS;
718 ========================================================================
720 Routine Description: Read RT3070 RF register through MAC
730 ========================================================================
732 NTSTATUS RT30xxReadRFRegister(
733 IN PRTMP_ADAPTER pAd,
737 RF_CSR_CFG_STRUC rfcsr;
740 for (i=0; i<MAX_BUSY_COUNT; i++)
742 RTUSBReadMACRegister(pAd, RF_CSR_CFG, &rfcsr.word);
744 if (rfcsr.field.RF_CSR_KICK == BUSY)
749 rfcsr.field.RF_CSR_WR = 0;
750 rfcsr.field.RF_CSR_KICK = 1;
751 rfcsr.field.TESTCSR_RFACC_REGNUM = RegID;
752 RTUSBWriteMACRegister(pAd, RF_CSR_CFG, rfcsr.word);
753 for (k=0; k<MAX_BUSY_COUNT; k++)
755 RTUSBReadMACRegister(pAd, RF_CSR_CFG, &rfcsr.word);
757 if (rfcsr.field.RF_CSR_KICK == IDLE)
760 if ((rfcsr.field.RF_CSR_KICK == IDLE) &&
761 (rfcsr.field.TESTCSR_RFACC_REGNUM == RegID))
763 *pValue = (UCHAR)rfcsr.field.RF_CSR_DATA;
767 if (rfcsr.field.RF_CSR_KICK == BUSY)
769 DBGPRINT_ERR(("RF read R%d=0x%x fail\n", RegID, rfcsr.word));
770 return STATUS_UNSUCCESSFUL;
773 return STATUS_SUCCESS;
777 ========================================================================
789 ========================================================================
791 NTSTATUS RTUSBReadEEPROM(
792 IN PRTMP_ADAPTER pAd,
797 NTSTATUS Status = STATUS_SUCCESS;
799 Status = RTUSB_VendorRequest(
801 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
802 DEVICE_VENDOR_REQUEST_IN,
813 ========================================================================
825 ========================================================================
827 NTSTATUS RTUSBWriteEEPROM(
828 IN PRTMP_ADAPTER pAd,
833 NTSTATUS Status = STATUS_SUCCESS;
835 Status = RTUSB_VendorRequest(
837 USBD_TRANSFER_DIRECTION_OUT,
838 DEVICE_VENDOR_REQUEST_OUT,
849 ========================================================================
861 ========================================================================
863 VOID RTUSBPutToSleep(
864 IN PRTMP_ADAPTER pAd)
868 // Timeout 0x40 x 50us
869 value = (SLEEPCID<<16)+(OWNERMCU<<24)+ (0x40<<8)+1;
870 RTUSBWriteMACRegister(pAd, 0x7010, value);
871 RTUSBWriteMACRegister(pAd, 0x404, 0x30);
872 //RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS);
873 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Sleep Mailbox testvalue %x\n", value));
878 ========================================================================
890 ========================================================================
892 NTSTATUS RTUSBWakeUp(
893 IN PRTMP_ADAPTER pAd)
897 Status = RTUSB_VendorRequest(
899 USBD_TRANSFER_DIRECTION_OUT,
900 DEVICE_VENDOR_REQUEST_OUT,
911 ========================================================================
923 ========================================================================
925 VOID RTUSBInitializeCmdQ(
931 cmdq->CmdQState = RT2870_THREAD_INITED;
935 ========================================================================
947 ========================================================================
949 NDIS_STATUS RTUSBEnqueueCmdFromNdis(
950 IN PRTMP_ADAPTER pAd,
952 IN BOOLEAN SetInformation,
953 IN PVOID pInformationBuffer,
954 IN UINT32 InformationBufferLength)
957 PCmdQElmt cmdqelmt = NULL;
958 POS_COOKIE pObj = (POS_COOKIE) pAd->OS_Cookie;
961 BUG_ON(pObj->RTUSBCmdThr_task == NULL);
962 CHECK_PID_LEGALITY(task_pid(pObj->RTUSBCmdThr_task))
963 return (NDIS_STATUS_RESOURCES);
965 status = RTMPAllocateMemory((PVOID *)&cmdqelmt, sizeof(CmdQElmt));
966 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt == NULL))
967 return (NDIS_STATUS_RESOURCES);
969 cmdqelmt->buffer = NULL;
970 if (pInformationBuffer != NULL)
972 status = RTMPAllocateMemory((PVOID *)&cmdqelmt->buffer, InformationBufferLength);
973 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt->buffer == NULL))
976 return (NDIS_STATUS_RESOURCES);
980 NdisMoveMemory(cmdqelmt->buffer, pInformationBuffer, InformationBufferLength);
981 cmdqelmt->bufferlength = InformationBufferLength;
985 cmdqelmt->bufferlength = 0;
987 cmdqelmt->command = Oid;
988 cmdqelmt->CmdFromNdis = TRUE;
989 if (SetInformation == TRUE)
990 cmdqelmt->SetOperation = TRUE;
992 cmdqelmt->SetOperation = FALSE;
994 NdisAcquireSpinLock(&pAd->CmdQLock);
995 if (pAd->CmdQ.CmdQState & RT2870_THREAD_CAN_DO_INSERT)
997 EnqueueCmd((&pAd->CmdQ), cmdqelmt);
998 status = NDIS_STATUS_SUCCESS;
1002 status = NDIS_STATUS_FAILURE;
1004 NdisReleaseSpinLock(&pAd->CmdQLock);
1006 if (status == NDIS_STATUS_FAILURE)
1008 if (cmdqelmt->buffer)
1009 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1010 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1016 return(NDIS_STATUS_SUCCESS);
1020 ========================================================================
1022 Routine Description:
1032 ========================================================================
1034 NDIS_STATUS RTUSBEnqueueInternalCmd(
1035 IN PRTMP_ADAPTER pAd,
1037 IN PVOID pInformationBuffer,
1038 IN UINT32 InformationBufferLength)
1041 PCmdQElmt cmdqelmt = NULL;
1044 status = RTMPAllocateMemory((PVOID *)&cmdqelmt, sizeof(CmdQElmt));
1045 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt == NULL))
1046 return (NDIS_STATUS_RESOURCES);
1047 NdisZeroMemory(cmdqelmt, sizeof(CmdQElmt));
1049 if(InformationBufferLength > 0)
1051 status = RTMPAllocateMemory((PVOID *)&cmdqelmt->buffer, InformationBufferLength);
1052 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt->buffer == NULL))
1054 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1055 return (NDIS_STATUS_RESOURCES);
1059 NdisMoveMemory(cmdqelmt->buffer, pInformationBuffer, InformationBufferLength);
1060 cmdqelmt->bufferlength = InformationBufferLength;
1065 cmdqelmt->buffer = NULL;
1066 cmdqelmt->bufferlength = 0;
1069 cmdqelmt->command = Oid;
1070 cmdqelmt->CmdFromNdis = FALSE;
1072 if (cmdqelmt != NULL)
1074 NdisAcquireSpinLock(&pAd->CmdQLock);
1075 if (pAd->CmdQ.CmdQState & RT2870_THREAD_CAN_DO_INSERT)
1077 EnqueueCmd((&pAd->CmdQ), cmdqelmt);
1078 status = NDIS_STATUS_SUCCESS;
1082 status = NDIS_STATUS_FAILURE;
1084 NdisReleaseSpinLock(&pAd->CmdQLock);
1086 if (status == NDIS_STATUS_FAILURE)
1088 if (cmdqelmt->buffer)
1089 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1090 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1095 return(NDIS_STATUS_SUCCESS);
1099 ========================================================================
1101 Routine Description:
1111 ========================================================================
1113 VOID RTUSBDequeueCmd(
1115 OUT PCmdQElmt *pcmdqelmt)
1117 *pcmdqelmt = cmdq->head;
1119 if (*pcmdqelmt != NULL)
1121 cmdq->head = cmdq->head->next;
1123 if (cmdq->size == 0)
1129 ========================================================================
1130 usb_control_msg - Builds a control urb, sends it off and waits for completion
1131 @dev: pointer to the usb device to send the message to
1132 @pipe: endpoint "pipe" to send the message to
1133 @request: USB message request value
1134 @requesttype: USB message request type value
1135 @value: USB message value
1136 @index: USB message index value
1137 @data: pointer to the data to send
1138 @size: length in bytes of the data to send
1139 @timeout: time in jiffies to wait for the message to complete before
1140 timing out (if 0 the wait is forever)
1141 Context: !in_interrupt ()
1143 This function sends a simple control message to a specified endpoint
1144 and waits for the message to complete, or timeout.
1145 If successful, it returns the number of bytes transferred, otherwise a negative error number.
1147 Don't use this function from within an interrupt context, like a
1148 bottom half handler. If you need an asynchronous message, or need to send
1149 a message from within interrupt context, use usb_submit_urb()
1150 If a thread in your driver uses this call, make sure your disconnect()
1151 method can wait for it to complete. Since you don't have a handle on
1152 the URB used, you can't cancel the request.
1155 Routine Description:
1163 ========================================================================
1165 NTSTATUS RTUSB_VendorRequest(
1166 IN PRTMP_ADAPTER pAd,
1167 IN UINT32 TransferFlags,
1168 IN UCHAR RequestType,
1172 IN PVOID TransferBuffer,
1173 IN UINT32 TransferBufferLength)
1176 POS_COOKIE pObj = (POS_COOKIE) pAd->OS_Cookie;
1178 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST))
1180 DBGPRINT(RT_DEBUG_ERROR, ("device disconnected\n"));
1183 else if (in_interrupt())
1185 DBGPRINT(RT_DEBUG_ERROR, ("in_interrupt, RTUSB_VendorRequest Request%02x Value%04x Offset%04x\n",Request,Value,Index));
1191 #define MAX_RETRY_COUNT 10
1194 void *tmpBuf = TransferBuffer;
1196 // Acquire Control token
1197 #ifdef INF_AMAZON_SE
1198 //Semaphore fix INF_AMAZON_SE hang
1199 //pAd->UsbVendorReqBuf is the swap for DEVICE_VENDOR_REQUEST_IN to fix dma bug.
1200 ret = down_interruptible(&(pAd->UsbVendorReq_semaphore));
1201 if (pAd->UsbVendorReqBuf)
1203 ASSERT(TransferBufferLength <MAX_PARAM_BUFFER_SIZE);
1205 tmpBuf = (void *)pAd->UsbVendorReqBuf;
1206 NdisZeroMemory(pAd->UsbVendorReqBuf, TransferBufferLength);
1208 if (RequestType == DEVICE_VENDOR_REQUEST_OUT)
1209 NdisMoveMemory(tmpBuf, TransferBuffer, TransferBufferLength);
1211 #endif // INF_AMAZON_SE //
1213 if( RequestType == DEVICE_VENDOR_REQUEST_OUT)
1214 ret=usb_control_msg(pObj->pUsb_Dev, usb_sndctrlpipe( pObj->pUsb_Dev, 0 ), Request, RequestType, Value,Index, tmpBuf, TransferBufferLength, CONTROL_TIMEOUT_JIFFIES);
1215 else if(RequestType == DEVICE_VENDOR_REQUEST_IN)
1216 ret=usb_control_msg(pObj->pUsb_Dev, usb_rcvctrlpipe( pObj->pUsb_Dev, 0 ), Request, RequestType, Value,Index, tmpBuf, TransferBufferLength, CONTROL_TIMEOUT_JIFFIES);
1219 DBGPRINT(RT_DEBUG_ERROR, ("vendor request direction is failed\n"));
1226 RTMPusecDelay(5000);
1228 } while((ret < 0) && (retryCount < MAX_RETRY_COUNT));
1230 #ifdef INF_AMAZON_SE
1231 if ((pAd->UsbVendorReqBuf) && (RequestType == DEVICE_VENDOR_REQUEST_IN))
1232 NdisMoveMemory(TransferBuffer, tmpBuf, TransferBufferLength);
1233 up(&(pAd->UsbVendorReq_semaphore));
1234 #endif // INF_AMAZON_SE //
1237 // DBGPRINT(RT_DEBUG_ERROR, ("USBVendorRequest failed ret=%d \n",ret));
1238 DBGPRINT(RT_DEBUG_ERROR, ("RTUSB_VendorRequest failed(%d),TxFlags=0x%x, ReqType=%s, Req=0x%x, Index=0x%x\n",
1239 ret, TransferFlags, (RequestType == DEVICE_VENDOR_REQUEST_OUT ? "OUT" : "IN"), Request, Index));
1241 DBGPRINT(RT_DEBUG_ERROR, ("\tRequest Value=0x%04x!\n", Value));
1243 if ((TransferBuffer!= NULL) && (TransferBufferLength > 0))
1244 hex_dump("Failed TransferBuffer value", TransferBuffer, TransferBufferLength);
1251 DBGPRINT(RT_DEBUG_ERROR, ("USBVendorRequest failed ret=%d, \n",ret));
1255 if( RequestType == DEVICE_VENDOR_REQUEST_OUT)
1256 ret=usb_control_msg(pObj->pUsb_Dev, usb_sndctrlpipe( pObj->pUsb_Dev, 0 ), Request, RequestType, Value,Index, TransferBuffer, TransferBufferLength, CONTROL_TIMEOUT_JIFFIES);
1257 else if(RequestType == DEVICE_VENDOR_REQUEST_IN)
1258 ret=usb_control_msg(pObj->pUsb_Dev, usb_rcvctrlpipe( pObj->pUsb_Dev, 0 ), Request, RequestType, Value,Index, TransferBuffer, TransferBufferLength, CONTROL_TIMEOUT_JIFFIES);
1260 } while( (ret < 0) && (temp_i <= 1) );
1273 ========================================================================
1275 Routine Description:
1276 Creates an IRP to submite an IOCTL_INTERNAL_USB_RESET_PORT
1277 synchronously. Callers of this function must be running at
1286 ========================================================================
1288 NTSTATUS RTUSB_ResetDevice(
1289 IN PRTMP_ADAPTER pAd)
1291 NTSTATUS Status = TRUE;
1293 DBGPRINT_RAW(RT_DEBUG_TRACE, ("--->USB_ResetDevice\n"));
1294 //RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_RESET_IN_PROGRESS);
1299 IN PRTMP_ADAPTER pAd)
1303 NDIS_STATUS NdisStatus = NDIS_STATUS_SUCCESS;
1306 // unsigned long IrqFlags;
1308 while (pAd->CmdQ.size > 0)
1310 NdisStatus = NDIS_STATUS_SUCCESS;
1312 NdisAcquireSpinLock(&pAd->CmdQLock);
1313 RTUSBDequeueCmd(&pAd->CmdQ, &cmdqelmt);
1314 NdisReleaseSpinLock(&pAd->CmdQLock);
1316 if (cmdqelmt == NULL)
1319 pData = cmdqelmt->buffer;
1321 if(!(RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST) || RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)))
1323 switch (cmdqelmt->command)
1325 case CMDTHREAD_CHECK_GPIO:
1327 #ifdef CONFIG_STA_SUPPORT
1329 #endif // CONFIG_STA_SUPPORT //
1333 DBGPRINT(RT_DEBUG_TRACE, ("The driver is in ATE mode now\n"));
1336 #endif // RALINK_ATE //
1338 #ifdef CONFIG_STA_SUPPORT
1341 IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
1343 // Read GPIO pin2 as Hardware controlled radio state
1345 RTUSBReadMACRegister( pAd, GPIO_CTRL_CFG, &data);
1349 pAd->StaCfg.bHwRadio = TRUE;
1353 pAd->StaCfg.bHwRadio = FALSE;
1356 if(pAd->StaCfg.bRadio != (pAd->StaCfg.bHwRadio && pAd->StaCfg.bSwRadio))
1358 pAd->StaCfg.bRadio = (pAd->StaCfg.bHwRadio && pAd->StaCfg.bSwRadio);
1359 if(pAd->StaCfg.bRadio == TRUE)
1361 DBGPRINT_RAW(RT_DEBUG_ERROR, ("!!! Radio On !!!\n"));
1364 // Update extra information
1365 pAd->ExtraInfo = EXTRA_INFO_CLEAR;
1369 DBGPRINT_RAW(RT_DEBUG_ERROR, ("!!! Radio Off !!!\n"));
1372 // Update extra information
1373 pAd->ExtraInfo = HW_RADIO_OFF;
1377 #endif // CONFIG_STA_SUPPORT //
1381 #ifdef CONFIG_STA_SUPPORT
1382 case CMDTHREAD_QKERIODIC_EXECUT:
1384 StaQuickResponeForRateUpExec(NULL, pAd, NULL, NULL);
1387 #endif // CONFIG_STA_SUPPORT //
1389 case CMDTHREAD_RESET_BULK_OUT:
1394 PHT_TX_CONTEXT pHTTXContext;
1395 // RTMP_TX_RING *pTxRing;
1396 unsigned long IrqFlags;
1398 PTX_CONTEXT pNullContext = &(pAd->NullContext);
1399 #endif // RALINK_ATE //
1400 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_OUT(ResetPipeid=0x%0x)===>\n", pAd->bulkResetPipeid));
1401 // All transfers must be aborted or cancelled before attempting to reset the pipe.
1402 //RTUSBCancelPendingBulkOutIRP(pAd);
1403 // Wait 10ms to let previous packet that are already in HW FIFO to clear. by MAXLEE 12-25-2007
1407 RTUSBReadMACRegister(pAd, TXRXQ_PCNT, &MACValue);
1408 if ((MACValue & 0xf00000/*0x800000*/) == 0)
1411 RTMPusecDelay(10000);
1412 }while(Index < 100);
1414 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1415 // To prevent Read Register error, we 2nd check the validity.
1416 if ((MACValue & 0xc00000) == 0)
1417 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1418 // To prevent Read Register error, we 3rd check the validity.
1419 if ((MACValue & 0xc00000) == 0)
1420 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1421 MACValue |= 0x80000;
1422 RTUSBWriteMACRegister(pAd, USB_DMA_CFG, MACValue);
1424 // Wait 1ms to prevent next URB to bulkout before HW reset. by MAXLEE 12-25-2007
1425 RTMPusecDelay(1000);
1427 MACValue &= (~0x80000);
1428 RTUSBWriteMACRegister(pAd, USB_DMA_CFG, MACValue);
1429 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tSet 0x2a0 bit19. Clear USB DMA TX path\n"));
1431 // Wait 5ms to prevent next URB to bulkout before HW reset. by MAXLEE 12-25-2007
1432 //RTMPusecDelay(5000);
1434 if ((pAd->bulkResetPipeid & BULKOUT_MGMT_RESET_FLAG) == BULKOUT_MGMT_RESET_FLAG)
1436 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1437 if (pAd->MgmtRing.TxSwFreeIdx < MGMT_RING_SIZE /* pMLMEContext->bWaitingBulkOut == TRUE */)
1439 RTUSB_SET_BULK_FLAG(pAd, fRTUSB_BULK_OUT_MLME);
1441 RTUSBKickBulkOut(pAd);
1443 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tTX MGMT RECOVER Done!\n"));
1447 pHTTXContext = &(pAd->TxContext[pAd->bulkResetPipeid]);
1448 //NdisAcquireSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1449 RTMP_INT_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1450 if ( pAd->BulkOutPending[pAd->bulkResetPipeid] == FALSE)
1452 pAd->BulkOutPending[pAd->bulkResetPipeid] = TRUE;
1453 pHTTXContext->IRPPending = TRUE;
1454 pAd->watchDogTxPendingCnt[pAd->bulkResetPipeid] = 1;
1456 // no matter what, clean the flag
1457 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1459 //NdisReleaseSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1460 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1461 /*-----------------------------------------------------------------------------------------------*/
1465 pNullContext->IRPPending = TRUE;
1467 // If driver is still in ATE TXFRAME mode,
1468 // keep on transmitting ATE frames.
1470 DBGPRINT_RAW(RT_DEBUG_TRACE, ("pAd->ate.Mode == %d\npAd->ContinBulkOut == %d\npAd->BulkOutRemained == %d\n", pAd->ate.Mode, pAd->ContinBulkOut, atomic_read(&pAd->BulkOutRemained)));
1471 if((pAd->ate.Mode == ATE_TXFRAME) && ((pAd->ContinBulkOut == TRUE) || (atomic_read(&pAd->BulkOutRemained) > 0)))
1473 DBGPRINT_RAW(RT_DEBUG_TRACE, ("After CMDTHREAD_RESET_BULK_OUT, continue to bulk out frames !\n"));
1475 // Init Tx context descriptor
1476 RTUSBInitTxDesc(pAd, pNullContext, 0/* pAd->bulkResetPipeid */, (usb_complete_t)ATE_RTUSBBulkOutDataPacketComplete);
1478 if((ret = RTUSB_SUBMIT_URB(pNullContext->pUrb))!=0)
1480 DBGPRINT(RT_DEBUG_ERROR, ("ATE_RTUSBBulkOutDataPacket: Submit Tx URB failed %d\n", ret));
1487 #endif // RALINK_ATE //
1488 /*-----------------------------------------------------------------------------------------------*/
1490 RTUSBInitHTTxDesc(pAd, pHTTXContext, pAd->bulkResetPipeid, pHTTXContext->BulkOutSize, (usb_complete_t)RTUSBBulkOutDataPacketComplete);
1492 if((ret = RTUSB_SUBMIT_URB(pHTTXContext->pUrb))!=0)
1494 RTMP_INT_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1495 pAd->BulkOutPending[pAd->bulkResetPipeid] = FALSE;
1496 pHTTXContext->IRPPending = FALSE;
1497 pAd->watchDogTxPendingCnt[pAd->bulkResetPipeid] = 0;
1498 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1500 DBGPRINT(RT_DEBUG_ERROR, ("CmdThread : CMDTHREAD_RESET_BULK_OUT: Submit Tx URB failed %d\n", ret));
1504 RTMP_IRQ_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1505 DBGPRINT_RAW(RT_DEBUG_TRACE,("\tCMDTHREAD_RESET_BULK_OUT: TxContext[%d]:CWPos=%ld, NBPos=%ld, ENBPos=%ld, bCopy=%d, pending=%d!\n",
1506 pAd->bulkResetPipeid, pHTTXContext->CurWritePosition, pHTTXContext->NextBulkOutPosition,
1507 pHTTXContext->ENextBulkOutPosition, pHTTXContext->bCopySavePad, pAd->BulkOutPending[pAd->bulkResetPipeid]));
1508 DBGPRINT_RAW(RT_DEBUG_TRACE,("\t\tBulkOut Req=0x%lx, Complete=0x%lx, Other=0x%lx\n",
1509 pAd->BulkOutReq, pAd->BulkOutComplete, pAd->BulkOutCompleteOther));
1510 RTMP_IRQ_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1511 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tCMDTHREAD_RESET_BULK_OUT: Submit Tx DATA URB for failed BulkReq(0x%lx) Done, status=%d!\n", pAd->bulkResetReq[pAd->bulkResetPipeid], pHTTXContext->pUrb->status));
1518 //NdisReleaseSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1519 //RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1521 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CmdThread : TX DATA RECOVER FAIL for BulkReq(0x%lx) because BulkOutPending[%d] is TRUE!\n", pAd->bulkResetReq[pAd->bulkResetPipeid], pAd->bulkResetPipeid));
1522 if (pAd->bulkResetPipeid == 0)
1524 UCHAR pendingContext = 0;
1525 PHT_TX_CONTEXT pHTTXContext = (PHT_TX_CONTEXT)(&pAd->TxContext[pAd->bulkResetPipeid ]);
1526 PTX_CONTEXT pMLMEContext = (PTX_CONTEXT)(pAd->MgmtRing.Cell[pAd->MgmtRing.TxDmaIdx].AllocVa);
1527 PTX_CONTEXT pNULLContext = (PTX_CONTEXT)(&pAd->PsPollContext);
1528 PTX_CONTEXT pPsPollContext = (PTX_CONTEXT)(&pAd->NullContext);
1530 if (pHTTXContext->IRPPending)
1531 pendingContext |= 1;
1532 else if (pMLMEContext->IRPPending)
1533 pendingContext |= 2;
1534 else if (pNULLContext->IRPPending)
1535 pendingContext |= 4;
1536 else if (pPsPollContext->IRPPending)
1537 pendingContext |= 8;
1541 DBGPRINT_RAW(RT_DEBUG_ERROR, ("\tTX Occupied by %d!\n", pendingContext));
1544 // no matter what, clean the flag
1545 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1547 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1549 RTUSB_SET_BULK_FLAG(pAd, (fRTUSB_BULK_OUT_DATA_NORMAL << pAd->bulkResetPipeid));
1552 RTMPDeQueuePacket(pAd, FALSE, NUM_OF_TX_RING, MAX_TX_PROCESS);
1553 //RTUSBKickBulkOut(pAd);
1558 // Don't cancel BULKIN.
1559 while ((atomic_read(&pAd->PendingRx) > 0) &&
1560 (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1562 if (atomic_read(&pAd->PendingRx) > 0)
1564 DBGPRINT_RAW(RT_DEBUG_ERROR, ("BulkIn IRP Pending!!cancel it!\n"));
1565 RTUSBCancelPendingBulkInIRP(pAd);
1567 RTMPusecDelay(100000);
1570 if ((atomic_read(&pAd->PendingRx) == 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)))
1574 pAd->NextRxBulkInReadIndex = 0; // Next Rx Read index
1575 pAd->NextRxBulkInIndex = 0; // Rx Bulk pointer
1576 for (i = 0; i < (RX_RING_SIZE); i++)
1578 PRX_CONTEXT pRxContext = &(pAd->RxContext[i]);
1580 pRxContext->pAd = pAd;
1581 pRxContext->InUse = FALSE;
1582 pRxContext->IRPPending = FALSE;
1583 pRxContext->Readable = FALSE;
1584 pRxContext->ReorderInUse = FALSE;
1587 RTUSBBulkReceive(pAd);
1588 DBGPRINT_RAW(RT_DEBUG_ERROR, ("RTUSBBulkReceive\n"));
1590 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_OUT<===\n"));
1593 case CMDTHREAD_RESET_BULK_IN:
1594 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_IN === >\n"));
1596 // All transfers must be aborted or cancelled before attempting to reset the pipe.
1599 /*-----------------------------------------------------------------------------------------------*/
1603 if((pAd->PendingRx > 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1605 DBGPRINT_RAW(RT_DEBUG_ERROR, ("ATE : BulkIn IRP Pending!!!\n"));
1606 ATE_RTUSBCancelPendingBulkInIRP(pAd);
1607 RTMPusecDelay(100000);
1612 #endif // RALINK_ATE //
1613 /*-----------------------------------------------------------------------------------------------*/
1615 //while ((atomic_read(&pAd->PendingRx) > 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1616 if((pAd->PendingRx > 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1618 DBGPRINT_RAW(RT_DEBUG_ERROR, ("BulkIn IRP Pending!!!\n"));
1619 RTUSBCancelPendingBulkInIRP(pAd);
1620 RTMPusecDelay(100000);
1625 // Wait 10ms before reading register.
1626 RTMPusecDelay(10000);
1627 ntStatus = RTUSBReadMACRegister(pAd, MAC_CSR0, &MACValue);
1629 if ((NT_SUCCESS(ntStatus) == TRUE) &&
1630 (!(RTMP_TEST_FLAG(pAd, (fRTMP_ADAPTER_RESET_IN_PROGRESS | fRTMP_ADAPTER_RADIO_OFF |
1631 fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)))))
1635 if (RTMP_TEST_FLAG(pAd, (fRTMP_ADAPTER_RESET_IN_PROGRESS | fRTMP_ADAPTER_RADIO_OFF |
1636 fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)))
1638 pAd->NextRxBulkInPosition = pAd->RxContext[pAd->NextRxBulkInIndex].BulkInOffset;
1639 DBGPRINT(RT_DEBUG_TRACE, ("BULK_IN_RESET: NBIIdx=0x%x,NBIRIdx=0x%x, BIRPos=0x%lx. BIReq=x%lx, BIComplete=0x%lx, BICFail0x%lx\n",
1640 pAd->NextRxBulkInIndex, pAd->NextRxBulkInReadIndex, pAd->NextRxBulkInPosition, pAd->BulkInReq, pAd->BulkInComplete, pAd->BulkInCompleteFail));
1641 for (i = 0; i < RX_RING_SIZE; i++)
1643 DBGPRINT(RT_DEBUG_TRACE, ("\tRxContext[%d]: IRPPending=%d, InUse=%d, Readable=%d!\n"
1644 , i, pAd->RxContext[i].IRPPending, pAd->RxContext[i].InUse, pAd->RxContext[i].Readable));
1648 DBGPRINT_RAW(RT_DEBUG_ERROR, ("==========================================\n"));
1650 pAd->NextRxBulkInReadIndex = 0; // Next Rx Read index
1651 pAd->NextRxBulkInIndex = 0; // Rx Bulk pointer
1652 for (i = 0; i < (RX_RING_SIZE); i++)
1654 PRX_CONTEXT pRxContext = &(pAd->RxContext[i]);
1656 pRxContext->pAd = pAd;
1657 pRxContext->InUse = FALSE;
1658 pRxContext->IRPPending = FALSE;
1659 pRxContext->Readable = FALSE;
1660 pRxContext->ReorderInUse = FALSE;
1663 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKIN_RESET);
1664 for (i = 0; i < pAd->CommonCfg.NumOfBulkInIRP; i++)
1666 //RTUSBBulkReceive(pAd);
1667 PRX_CONTEXT pRxContext;
1670 unsigned long IrqFlags;
1673 RTMP_IRQ_LOCK(&pAd->BulkInLock, IrqFlags);
1674 pRxContext = &(pAd->RxContext[pAd->NextRxBulkInIndex]);
1675 if ((pAd->PendingRx > 0) || (pRxContext->Readable == TRUE) || (pRxContext->InUse == TRUE))
1677 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1680 pRxContext->InUse = TRUE;
1681 pRxContext->IRPPending = TRUE;
1684 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1686 // Init Rx context descriptor
1687 RTUSBInitRxDesc(pAd, pRxContext);
1688 pUrb = pRxContext->pUrb;
1689 if ((ret = RTUSB_SUBMIT_URB(pUrb))!=0)
1692 RTMP_IRQ_LOCK(&pAd->BulkInLock, IrqFlags);
1693 pRxContext->InUse = FALSE;
1694 pRxContext->IRPPending = FALSE;
1697 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1698 DBGPRINT(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Submit Rx URB failed(%d), status=%d\n", ret, pUrb->status));
1703 RTMP_IRQ_LOCK(&pAd->BulkInLock, IrqFlags);
1704 pRxContext->IRPPending = TRUE;
1705 //NdisInterlockedIncrement(&pAd->PendingRx);
1707 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1710 //printk("BIDone, Pend=%d,BIIdx=%d,BIRIdx=%d!\n", pAd->PendingRx, pAd->NextRxBulkInIndex, pAd->NextRxBulkInReadIndex);
1711 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CMDTHREAD_RESET_BULK_IN: Submit Rx URB Done, status=%d!\n", pUrb->status));
1712 ASSERT((pRxContext->InUse == pRxContext->IRPPending));
1719 // Card must be removed
1720 if (NT_SUCCESS(ntStatus) != TRUE)
1722 RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST);
1723 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Read Register Failed!Card must be removed!!\n\n"));
1727 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Cannot do bulk in because flags(0x%lx) on !\n", pAd->Flags));
1731 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_IN <===\n"));
1734 case CMDTHREAD_SET_ASIC_WCID:
1736 RT_SET_ASIC_WCID SetAsicWcid;
1738 UINT32 MACValue, MACRValue = 0;
1739 SetAsicWcid = *((PRT_SET_ASIC_WCID)(pData));
1741 if (SetAsicWcid.WCID >= MAX_LEN_OF_MAC_TABLE)
1744 offset = MAC_WCID_BASE + ((UCHAR)SetAsicWcid.WCID)*HW_WCID_ENTRY_SIZE;
1746 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_SET_ASIC_WCID : WCID = %ld, SetTid = %lx, DeleteTid = %lx.\n", SetAsicWcid.WCID, SetAsicWcid.SetTid, SetAsicWcid.DeleteTid));
1747 MACValue = (pAd->MacTab.Content[SetAsicWcid.WCID].Addr[3]<<24)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[2]<<16)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[1]<<8)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[0]);
1748 DBGPRINT_RAW(RT_DEBUG_TRACE, ("1-MACValue= %x,\n", MACValue));
1749 RTUSBWriteMACRegister(pAd, offset, MACValue);
1751 RTUSBReadMACRegister(pAd, offset+4, &MACRValue);
1752 if ( SetAsicWcid.DeleteTid != 0xffffffff)
1753 MACRValue &= (~SetAsicWcid.DeleteTid);
1754 if (SetAsicWcid.SetTid != 0xffffffff)
1755 MACRValue |= (SetAsicWcid.SetTid);
1756 MACRValue &= 0xffff0000;
1758 MACValue = (pAd->MacTab.Content[SetAsicWcid.WCID].Addr[5]<<8)+pAd->MacTab.Content[SetAsicWcid.WCID].Addr[4];
1759 MACValue |= MACRValue;
1760 RTUSBWriteMACRegister(pAd, offset+4, MACValue);
1762 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-MACValue= %x,\n", MACValue));
1766 case CMDTHREAD_SET_ASIC_WCID_CIPHER:
1768 #ifdef CONFIG_STA_SUPPORT
1769 RT_SET_ASIC_WCID_ATTRI SetAsicWcidAttri;
1771 UINT32 MACRValue = 0;
1772 SHAREDKEY_MODE_STRUC csr1;
1773 SetAsicWcidAttri = *((PRT_SET_ASIC_WCID_ATTRI)(pData));
1775 if (SetAsicWcidAttri.WCID >= MAX_LEN_OF_MAC_TABLE)
1778 offset = MAC_WCID_ATTRIBUTE_BASE + ((UCHAR)SetAsicWcidAttri.WCID)*HW_WCID_ATTRI_SIZE;
1780 DBGPRINT_RAW(RT_DEBUG_TRACE, ("Cmd : CMDTHREAD_SET_ASIC_WCID_CIPHER : WCID = %ld, Cipher = %lx.\n", SetAsicWcidAttri.WCID, SetAsicWcidAttri.Cipher));
1782 RTUSBReadMACRegister(pAd, offset, &MACRValue);
1784 MACRValue |= (((UCHAR)SetAsicWcidAttri.Cipher) << 1);
1786 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1787 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-offset = %x , MACValue= %x,\n", offset, MACRValue));
1789 offset = PAIRWISE_IVEIV_TABLE_BASE + ((UCHAR)SetAsicWcidAttri.WCID)*HW_IVEIV_ENTRY_SIZE;
1791 if ( (SetAsicWcidAttri.Cipher <= CIPHER_WEP128))
1792 MACRValue |= ( pAd->StaCfg.DefaultKeyId << 30);
1794 MACRValue |= (0x20000000);
1795 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1796 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-offset = %x , MACValue= %x,\n", offset, MACRValue));
1799 // Update cipher algorithm. WSTA always use BSS0
1801 // for adhoc mode only ,because wep status slow than add key, when use zero config
1802 if (pAd->StaCfg.BssType == BSS_ADHOC )
1804 offset = MAC_WCID_ATTRIBUTE_BASE;
1806 RTUSBReadMACRegister(pAd, offset, &MACRValue);
1807 MACRValue &= (~0xe);
1808 MACRValue |= (((UCHAR)SetAsicWcidAttri.Cipher) << 1);
1810 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1812 //Update group key cipher,,because wep status slow than add key, when use zero config
1813 RTUSBReadMACRegister(pAd, SHARED_KEY_MODE_BASE+4*(0/2), &csr1.word);
1815 csr1.field.Bss0Key0CipherAlg = SetAsicWcidAttri.Cipher;
1816 csr1.field.Bss0Key1CipherAlg = SetAsicWcidAttri.Cipher;
1818 RTUSBWriteMACRegister(pAd, SHARED_KEY_MODE_BASE+4*(0/2), csr1.word);
1820 #endif // CONFIG_STA_SUPPORT //
1824 #ifdef CONFIG_STA_SUPPORT
1825 #ifdef QOS_DLS_SUPPORT
1826 // avoid in interrupt when write key
1827 case RT_CMD_SET_KEY_TABLE: //General call for AsicAddPairwiseKeyEntry()
1829 RT_ADD_PAIRWISE_KEY_ENTRY KeyInfo;
1830 KeyInfo = *((PRT_ADD_PAIRWISE_KEY_ENTRY)(pData));
1831 AsicAddPairwiseKeyEntry(pAd,
1833 (UCHAR)KeyInfo.MacTabMatchWCID,
1834 &KeyInfo.CipherKey);
1838 case RT_CMD_SET_RX_WCID_TABLE: //General call for RTMPAddWcidAttributeEntry()
1840 PMAC_TABLE_ENTRY pEntry ;
1841 pEntry = (PMAC_TABLE_ENTRY)(pData);
1842 RTMPAddWcidAttributeEntry(pAd,
1845 pEntry->PairwiseKey.CipherAlg,
1849 #endif // QOS_DLS_SUPPORT //
1850 #endif // CONFIG_STA_SUPPORT //
1852 case CMDTHREAD_SET_CLIENT_MAC_ENTRY:
1854 MAC_TABLE_ENTRY *pEntry;
1855 pEntry = (MAC_TABLE_ENTRY *)pData;
1858 #ifdef CONFIG_STA_SUPPORT
1859 IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
1861 AsicRemovePairwiseKeyEntry(pAd, pEntry->apidx, (UCHAR)pEntry->Aid);
1862 if ((pEntry->AuthMode <= Ndis802_11AuthModeAutoSwitch) && (pEntry->WepStatus == Ndis802_11Encryption1Enabled))
1867 ptr = (PUCHAR) &uIV;
1868 *(ptr + 3) = (pAd->StaCfg.DefaultKeyId << 6);
1869 AsicUpdateWCIDIVEIV(pAd, pEntry->Aid, uIV, 0);
1870 AsicUpdateWCIDAttribute(pAd, pEntry->Aid, BSS0, pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, FALSE);
1872 else if (pEntry->AuthMode == Ndis802_11AuthModeWPANone)
1877 ptr = (PUCHAR) &uIV;
1878 *(ptr + 3) = (pAd->StaCfg.DefaultKeyId << 6);
1879 AsicUpdateWCIDIVEIV(pAd, pEntry->Aid, uIV, 0);
1880 AsicUpdateWCIDAttribute(pAd, pEntry->Aid, BSS0, pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, FALSE);
1885 // Other case, disable engine.
1886 // Don't worry WPA key, we will add WPA Key after 4-Way handshaking.
1889 offset = MAC_WCID_ATTRIBUTE_BASE + (pEntry->Aid * HW_WCID_ATTRI_SIZE);
1890 // RX_PKEY_MODE:0 for no security; RX_KEY_TAB:0 for shared key table; BSS_IDX:0
1891 RTUSBWriteMACRegister(pAd, offset, 0);
1894 #endif // CONFIG_STA_SUPPORT //
1896 AsicUpdateRxWCIDTable(pAd, pEntry->Aid, pEntry->Addr);
1897 printk("UpdateRxWCIDTable(): Aid=%d, Addr=%02x:%02x:%02x:%02x:%02x:%02x!\n", pEntry->Aid,
1898 pEntry->Addr[0], pEntry->Addr[1], pEntry->Addr[2], pEntry->Addr[3], pEntry->Addr[4], pEntry->Addr[5]);
1902 case OID_802_11_ADD_WEP:
1904 #ifdef CONFIG_STA_SUPPORT
1907 PNDIS_802_11_WEP pWepKey;
1909 DBGPRINT(RT_DEBUG_TRACE, ("CmdThread::OID_802_11_ADD_WEP \n"));
1911 pWepKey = (PNDIS_802_11_WEP)pData;
1912 KeyIdx = pWepKey->KeyIndex & 0x0fffffff;
1914 // it is a shared key
1915 if ((KeyIdx >= 4) || ((pWepKey->KeyLength != 5) && (pWepKey->KeyLength != 13)))
1917 NdisStatus = NDIS_STATUS_INVALID_DATA;
1918 DBGPRINT(RT_DEBUG_ERROR, ("CmdThread::OID_802_11_ADD_WEP, INVALID_DATA!!\n"));
1923 pAd->SharedKey[BSS0][KeyIdx].KeyLen = (UCHAR) pWepKey->KeyLength;
1924 NdisMoveMemory(pAd->SharedKey[BSS0][KeyIdx].Key, &pWepKey->KeyMaterial, pWepKey->KeyLength);
1925 CipherAlg = (pAd->SharedKey[BSS0][KeyIdx].KeyLen == 5)? CIPHER_WEP64 : CIPHER_WEP128;
1928 // Change the WEP cipher to CKIP cipher if CKIP KP on.
1929 // Funk UI or Meetinghouse UI will add ckip key from this path.
1932 if (pAd->OpMode == OPMODE_STA)
1934 pAd->MacTab.Content[BSSID_WCID].PairwiseKey.CipherAlg = pAd->SharedKey[BSS0][KeyIdx].CipherAlg;
1935 pAd->MacTab.Content[BSSID_WCID].PairwiseKey.KeyLen = pAd->SharedKey[BSS0][KeyIdx].KeyLen;
1937 pAd->SharedKey[BSS0][KeyIdx].CipherAlg = CipherAlg;
1938 if (pWepKey->KeyIndex & 0x80000000)
1940 // Default key for tx (shared key)
1942 UINT32 WCIDAttri, Value;
1943 USHORT offset, offset2;
1944 NdisZeroMemory(IVEIV, 8);
1945 pAd->StaCfg.DefaultKeyId = (UCHAR) KeyIdx;
1946 // Add BSSID to WCTable. because this is Tx wep key.
1947 // WCID Attribute UDF:3, BSSIdx:3, Alg:3, Keytable:1=PAIRWISE KEY, BSSIdx is 0
1948 WCIDAttri = (CipherAlg<<1)|SHAREDKEYTABLE;
1950 offset = MAC_WCID_ATTRIBUTE_BASE + (BSSID_WCID* HW_WCID_ATTRI_SIZE);
1951 RTUSBWriteMACRegister(pAd, offset, WCIDAttri);
1953 // Specify key index to find shared key.
1954 IVEIV[3] = (UCHAR)(KeyIdx<< 6); //WEP Eiv bit off. groupkey index is not 0
1955 offset = PAIRWISE_IVEIV_TABLE_BASE + (BSS0Mcast_WCID * HW_IVEIV_ENTRY_SIZE);
1956 offset2 = PAIRWISE_IVEIV_TABLE_BASE + (BSSID_WCID* HW_IVEIV_ENTRY_SIZE);
1960 Value += (IVEIV[i+1]<<8);
1961 Value += (IVEIV[i+2]<<16);
1962 Value += (IVEIV[i+3]<<24);
1963 RTUSBWriteMACRegister(pAd, offset+i, Value);
1964 RTUSBWriteMACRegister(pAd, offset2+i, Value);
1968 // 2. WCID Attribute UDF:3, BSSIdx:3, Alg:3, Keytable:use share key, BSSIdx is 0
1969 WCIDAttri = (pAd->SharedKey[BSS0][KeyIdx].CipherAlg<<1)|SHAREDKEYTABLE;
1970 offset = MAC_WCID_ATTRIBUTE_BASE + (BSS0Mcast_WCID* HW_WCID_ATTRI_SIZE);
1971 DBGPRINT(RT_DEBUG_TRACE, ("BSS0Mcast_WCID : offset = %x, WCIDAttri = %x\n", offset, WCIDAttri));
1972 RTUSBWriteMACRegister(pAd, offset, WCIDAttri);
1975 AsicAddSharedKeyEntry(pAd, BSS0, (UCHAR)KeyIdx, CipherAlg, pWepKey->KeyMaterial, NULL, NULL);
1976 DBGPRINT(RT_DEBUG_TRACE, ("CmdThread::OID_802_11_ADD_WEP (KeyIdx=%d, Len=%d-byte)\n", KeyIdx, pWepKey->KeyLength));
1978 #endif // CONFIG_STA_SUPPORT //
1982 case CMDTHREAD_802_11_COUNTER_MEASURE:
1985 DBGPRINT(RT_DEBUG_ERROR, ("--> Control Thread !! ERROR !! Unknown(cmdqelmt->command=0x%x) !! \n", cmdqelmt->command));
1990 if (cmdqelmt->CmdFromNdis == TRUE)
1992 if (cmdqelmt->buffer != NULL)
1993 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1995 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1999 if ((cmdqelmt->buffer != NULL) && (cmdqelmt->bufferlength != 0))
2000 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
2002 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
2005 } /* end of while */