Merge branch 'core/urgent' into core/futexes
[linux-2.6] / drivers / staging / rt2870 / rt_ate.c
1 /*
2  *************************************************************************
3  * Ralink Tech Inc.
4  * 5F., No.36, Taiyuan St., Jhubei City,
5  * Hsinchu County 302,
6  * Taiwan, R.O.C.
7  *
8  * (c) Copyright 2002-2007, Ralink Technology, Inc.
9  *
10  * This program is free software; you can redistribute it and/or modify  *
11  * it under the terms of the GNU General Public License as published by  *
12  * the Free Software Foundation; either version 2 of the License, or     *
13  * (at your option) any later version.                                   *
14  *                                                                       *
15  * This program is distributed in the hope that it will be useful,       *
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of        *
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
18  * GNU General Public License for more details.                          *
19  *                                                                       *
20  * You should have received a copy of the GNU General Public License     *
21  * along with this program; if not, write to the                         *
22  * Free Software Foundation, Inc.,                                       *
23  * 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             *
24  *                                                                       *
25  *************************************************************************
26  */
27
28 #include "rt_config.h"
29
30 #ifdef UCOS
31 INT IoctlResponse(PUCHAR payload, PUCHAR msg, INT len);
32 #endif // UCOS //
33
34 #ifdef RALINK_ATE
35 UCHAR TemplateFrame[24] = {0x08/* Data type */,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0xAA,0xBB,0x12,0x34,0x56,0x00,0x11,0x22,0xAA,0xBB,0xCC,0x00,0x00};     // 802.11 MAC Header, Type:Data, Length:24bytes
36 extern RTMP_RF_REGS RF2850RegTable[];
37 extern UCHAR NUM_OF_2850_CHNL;
38
39 #ifdef RT2870
40 extern UCHAR EpToQueue[];
41 extern VOID     RTUSBRejectPendingPackets(      IN      PRTMP_ADAPTER   pAd);
42 #endif // RT2870 //
43
44 #ifdef UCOS
45 extern INT ConsoleResponse(IN PUCHAR buff);
46 extern int (*remote_display)(char *);
47 #endif // UCOS //
48
49 static CHAR CCKRateTable[] = {0, 1, 2, 3, 8, 9, 10, 11, -1}; /* CCK Mode. */
50 static CHAR OFDMRateTable[] = {0, 1, 2, 3, 4, 5, 6, 7, -1}; /* OFDM Mode. */
51 static CHAR HTMIXRateTable[] = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, -1}; /* HT Mix Mode. */
52
53 static INT TxDmaBusy(
54         IN PRTMP_ADAPTER pAd);
55
56 static INT RxDmaBusy(
57         IN PRTMP_ADAPTER pAd);
58
59 static VOID RtmpDmaEnable(
60         IN PRTMP_ADAPTER pAd,
61         IN INT Enable);
62
63 static VOID BbpSoftReset(
64         IN PRTMP_ADAPTER pAd);
65
66 static VOID RtmpRfIoWrite(
67         IN PRTMP_ADAPTER pAd);
68
69 static INT ATESetUpFrame(
70         IN PRTMP_ADAPTER pAd,
71         IN UINT32 TxIdx);
72
73 static INT ATETxPwrHandler(
74         IN PRTMP_ADAPTER pAd,
75         IN char index);
76
77 static INT ATECmdHandler(
78         IN      PRTMP_ADAPTER   pAd,
79         IN      PUCHAR                  arg);
80
81 static int CheckMCSValid(
82         IN UCHAR Mode,
83         IN UCHAR Mcs);
84
85
86 #ifdef RT2870
87 static VOID ATEWriteTxInfo(
88         IN      PRTMP_ADAPTER   pAd,
89         IN      PTXINFO_STRUC   pTxInfo,
90         IN        USHORT                USBDMApktLen,
91         IN        BOOLEAN               bWiv,
92         IN        UCHAR                 QueueSel,
93         IN        UCHAR                 NextValid,
94         IN        UCHAR                 TxBurst);
95
96 static VOID ATEWriteTxWI(
97         IN      PRTMP_ADAPTER   pAd,
98         IN      PTXWI_STRUC     pTxWI,
99         IN      BOOLEAN                 FRAG,
100         IN      BOOLEAN                 InsTimestamp,
101         IN      BOOLEAN                 AMPDU,
102         IN      BOOLEAN                 Ack,
103         IN      BOOLEAN                 NSeq,           // HW new a sequence.
104         IN      UCHAR                   BASize,
105         IN      UCHAR                   WCID,
106         IN      ULONG                   Length,
107         IN      UCHAR                   PID,
108         IN      UCHAR                   MIMOps,
109         IN      UCHAR                   Txopmode,
110         IN      BOOLEAN                 CfAck,
111         IN      HTTRANSMIT_SETTING      Transmit);
112
113 #endif // RT2870 //
114
115 static VOID SetJapanFilter(
116         IN      PRTMP_ADAPTER   pAd);
117
118 /*=========================end of prototype=========================*/
119
120
121 #ifdef RT2870
122 static INT TxDmaBusy(
123         IN PRTMP_ADAPTER pAd)
124 {
125         INT result;
126         USB_DMA_CFG_STRUC UsbCfg;
127
128         RTMP_IO_READ32(pAd, USB_DMA_CFG, &UsbCfg.word); // disable DMA
129         if (UsbCfg.field.TxBusy)
130                 result = 1;
131         else
132                 result = 0;
133
134         return result;
135 }
136
137 static INT RxDmaBusy(
138         IN PRTMP_ADAPTER pAd)
139 {
140         INT result;
141         USB_DMA_CFG_STRUC UsbCfg;
142
143         RTMP_IO_READ32(pAd, USB_DMA_CFG, &UsbCfg.word); // disable DMA
144         if (UsbCfg.field.RxBusy)
145                 result = 1;
146         else
147                 result = 0;
148
149         return result;
150 }
151
152 static VOID RtmpDmaEnable(
153         IN PRTMP_ADAPTER pAd,
154         IN INT Enable)
155 {
156         BOOLEAN value;
157         ULONG WaitCnt;
158         USB_DMA_CFG_STRUC UsbCfg;
159
160         value = Enable > 0 ? 1 : 0;
161
162         // check DMA is in busy mode.
163         WaitCnt = 0;
164         while (TxDmaBusy(pAd) || RxDmaBusy(pAd))
165         {
166                 RTMPusecDelay(10);
167                 if (WaitCnt++ > 100)
168                         break;
169         }
170
171         //Why not to clear USB DMA TX path first ???
172         RTMP_IO_READ32(pAd, USB_DMA_CFG, &UsbCfg.word); // disable DMA
173         UsbCfg.field.TxBulkEn = value;
174         UsbCfg.field.RxBulkEn = value;
175         RTMP_IO_WRITE32(pAd, USB_DMA_CFG, UsbCfg.word); // abort all TX rings
176         RTMPusecDelay(5000);
177
178         return;
179 }
180 #endif // RT2870 //
181
182 static VOID BbpSoftReset(
183         IN PRTMP_ADAPTER pAd)
184 {
185         UCHAR BbpData = 0;
186
187         // Soft reset, set BBP R21 bit0=1->0
188         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R21, &BbpData);
189         BbpData |= 0x00000001; //set bit0=1
190         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R21, BbpData);
191
192         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R21, &BbpData);
193         BbpData &= ~(0x00000001); //set bit0=0
194         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R21, BbpData);
195
196         return;
197 }
198
199 static VOID RtmpRfIoWrite(
200         IN PRTMP_ADAPTER pAd)
201 {
202         // Set RF value 1's set R3[bit2] = [0]
203         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R1);
204         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R2);
205         RTMP_RF_IO_WRITE32(pAd, (pAd->LatchRfRegs.R3 & (~0x04)));
206         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R4);
207
208         RTMPusecDelay(200);
209
210         // Set RF value 2's set R3[bit2] = [1]
211         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R1);
212         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R2);
213         RTMP_RF_IO_WRITE32(pAd, (pAd->LatchRfRegs.R3 | 0x04));
214         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R4);
215
216         RTMPusecDelay(200);
217
218         // Set RF value 3's set R3[bit2] = [0]
219         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R1);
220         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R2);
221         RTMP_RF_IO_WRITE32(pAd, (pAd->LatchRfRegs.R3 & (~0x04)));
222         RTMP_RF_IO_WRITE32(pAd, pAd->LatchRfRegs.R4);
223
224         return;
225 }
226
227 static int CheckMCSValid(
228         UCHAR Mode,
229         UCHAR Mcs)
230 {
231         int i;
232         PCHAR pRateTab;
233
234         switch(Mode)
235         {
236                 case 0:
237                         pRateTab = CCKRateTable;
238                         break;
239                 case 1:
240                         pRateTab = OFDMRateTable;
241                         break;
242                 case 2:
243                 case 3:
244                         pRateTab = HTMIXRateTable;
245                         break;
246                 default:
247                         ATEDBGPRINT(RT_DEBUG_ERROR, ("unrecognizable Tx Mode %d\n", Mode));
248                         return -1;
249                         break;
250         }
251
252         i = 0;
253         while(pRateTab[i] != -1)
254         {
255                 if (pRateTab[i] == Mcs)
256                         return 0;
257                 i++;
258         }
259
260         return -1;
261 }
262
263 #if 1
264 static INT ATETxPwrHandler(
265         IN PRTMP_ADAPTER pAd,
266         IN char index)
267 {
268         ULONG R;
269         CHAR TxPower;
270         UCHAR Bbp94 = 0;
271         BOOLEAN bPowerReduce = FALSE;
272
273 #ifdef RALINK_28xx_QA
274         if ((pAd->ate.bQATxStart == TRUE) || (pAd->ate.bQARxStart == TRUE))
275         {
276                 /* When QA is used for Tx, pAd->ate.TxPower0/1 and real tx power
277                 ** are not synchronized.
278                 */
279 /*
280                 pAd->ate.TxPower0 = pAd->LatchRfRegs.xxx;
281                 pAd->ate.TxPower1 = pAd->LatchRfRegs.xxx;
282 */
283                 return 0;
284         }
285         else
286 #endif // RALINK_28xx_QA //
287         {
288                 TxPower = index == 0 ? pAd->ate.TxPower0 : pAd->ate.TxPower1;
289
290                 if (pAd->ate.Channel <= 14)
291                 {
292                         if (TxPower > 31)
293                         {
294                                 //
295                                 // R3, R4 can't large than 31 (0x24), 31 ~ 36 used by BBP 94
296                                 //
297                                 R = 31;
298                                 if (TxPower <= 36)
299                                         Bbp94 = BBPR94_DEFAULT + (UCHAR)(TxPower - 31);
300                         }
301                         else if (TxPower < 0)
302                         {
303                                 //
304                                 // R3, R4 can't less than 0, -1 ~ -6 used by BBP 94
305                                 //
306                                 R = 0;
307                                 if (TxPower >= -6)
308                                         Bbp94 = BBPR94_DEFAULT + TxPower;
309                         }
310                         else
311                         {
312                                 // 0 ~ 31
313                                 R = (ULONG) TxPower;
314                                 Bbp94 = BBPR94_DEFAULT;
315                         }
316
317                         ATEDBGPRINT(RT_DEBUG_TRACE, ("%s (TxPower=%d, R=%ld, BBP_R94=%d)\n", __func__, TxPower, R, Bbp94));
318                 }
319                 else// 5.5 GHz
320                 {
321                         if (TxPower > 15)
322                         {
323                                 //
324                                 // R3, R4 can't large than 15 (0x0F)
325                                 //
326                                 R = 15;
327                         }
328                         else if (TxPower < 0)
329                         {
330                                 //
331                                 // R3, R4 can't less than 0
332                                 //
333                                 // -1 ~ -7
334                                 ASSERT((TxPower >= -7));
335                                 R = (ULONG)(TxPower + 7);
336                                 bPowerReduce = TRUE;
337                         }
338                         else
339                         {
340                                 // 0 ~ 15
341                                 R = (ULONG) TxPower;
342                         }
343
344                         ATEDBGPRINT(RT_DEBUG_TRACE, ("%s (TxPower=%d, R=%lu)\n", __func__, TxPower, R));
345                 }
346
347                 if (pAd->ate.Channel <= 14)
348                 {
349                         if (index == 0)
350                         {
351                                 R = R << 9;             // shift TX power control to correct RF(R3) register bit position
352                                 R |= (pAd->LatchRfRegs.R3 & 0xffffc1ff);
353                                 pAd->LatchRfRegs.R3 = R;
354                         }
355                         else
356                         {
357                                 R = R << 6;             // shift TX power control to correct RF(R4) register bit position
358                                 R |= (pAd->LatchRfRegs.R4 & 0xfffff83f);
359                                 pAd->LatchRfRegs.R4 = R;
360                         }
361                 }
362                 else// 5.5GHz
363                 {
364                         if (bPowerReduce == FALSE)
365                         {
366                                 if (index == 0)
367                                 {
368                                         R = (R << 10) | (1 << 9);               // shift TX power control to correct RF(R3) register bit position
369                                         R |= (pAd->LatchRfRegs.R3 & 0xffffc1ff);
370                                         pAd->LatchRfRegs.R3 = R;
371                                 }
372                                 else
373                                 {
374                                         R = (R << 7) | (1 << 6);                // shift TX power control to correct RF(R4) register bit position
375                                         R |= (pAd->LatchRfRegs.R4 & 0xfffff83f);
376                                         pAd->LatchRfRegs.R4 = R;
377                                 }
378                         }
379                         else
380                         {
381                                 if (index == 0)
382                                 {
383                                         R = (R << 10);          // shift TX power control to correct RF(R3) register bit position
384                                         R |= (pAd->LatchRfRegs.R3 & 0xffffc1ff);
385
386                                         /* Clear bit 9 of R3 to reduce 7dB. */
387                                         pAd->LatchRfRegs.R3 = (R & (~(1 << 9)));
388                                 }
389                                 else
390                                 {
391                                         R = (R << 7);           // shift TX power control to correct RF(R4) register bit position
392                                         R |= (pAd->LatchRfRegs.R4 & 0xfffff83f);
393
394                                         /* Clear bit 6 of R4 to reduce 7dB. */
395                                         pAd->LatchRfRegs.R4 = (R & (~(1 << 6)));
396                                 }
397                         }
398                 }
399
400                 RtmpRfIoWrite(pAd);
401
402                 return 0;
403         }
404 }
405 #else// 1 //
406 static INT ATETxPwrHandler(
407         IN PRTMP_ADAPTER pAd,
408         IN char index)
409 {
410         ULONG R;
411         CHAR TxPower;
412         UCHAR Bbp94 = 0;
413
414 #ifdef RALINK_28xx_QA
415         if ((pAd->ate.bQATxStart == TRUE) || (pAd->ate.bQARxStart == TRUE))
416         {
417                 // TODO: how to get current TxPower0/1 from pAd->LatchRfRegs ?
418                 /* When QA is used for Tx, pAd->ate.TxPower0/1 and real tx power
419                 ** are not synchronized.
420                 */
421 /*
422                 pAd->ate.TxPower0 = pAd->LatchRfRegs.xxx;
423                 pAd->ate.TxPower1 = pAd->LatchRfRegs.xxx;
424 */
425                 return 0;
426         }
427         else
428 #endif // RALINK_28xx_QA //
429         {
430                 TxPower = index == 0 ? pAd->ate.TxPower0 : pAd->ate.TxPower1;
431
432         if (TxPower > 31)
433         {
434                 //
435                 // R3, R4 can't large than 36 (0x24), 31 ~ 36 used by BBP 94
436                 //
437                 R = 31;
438                 if (TxPower <= 36)
439                         Bbp94 = BBPR94_DEFAULT + (UCHAR)(TxPower - 31);
440         }
441         else if (TxPower < 0)
442         {
443                 //
444                 // R3, R4 can't less than 0, -1 ~ -6 used by BBP 94
445                 //
446                 R = 0;
447                 if (TxPower >= -6)
448                         Bbp94 = BBPR94_DEFAULT + TxPower;
449         }
450         else
451         {
452                 // 0 ~ 31
453                 R = (ULONG) TxPower;
454                 Bbp94 = BBPR94_DEFAULT;
455         }
456
457         ATEDBGPRINT(RT_DEBUG_TRACE, ("%s (TxPower=%d, R3=%ld, BBP_R94=%d)\n", __func__, TxPower, R, Bbp94));
458
459                 if (pAd->ate.Channel <= 14)
460                 {
461         if (index == 0)
462         {
463                 R = R << 9;             // shift TX power control to correct RF(R3) register bit position
464                 R |= (pAd->LatchRfRegs.R3 & 0xffffc1ff);
465                 pAd->LatchRfRegs.R3 = R;
466         }
467         else
468         {
469                 R = R << 6;             // shift TX power control to correct RF(R4) register bit position
470                 R |= (pAd->LatchRfRegs.R4 & 0xfffff83f);
471                 pAd->LatchRfRegs.R4 = R;
472         }
473                 }
474                 else
475                 {
476                         if (index == 0)
477                         {
478                                 R = (R << 10) | (1 << 9);               // shift TX power control to correct RF(R3) register bit position
479                                 R |= (pAd->LatchRfRegs.R3 & 0xffffc1ff);
480                                 pAd->LatchRfRegs.R3 = R;
481                         }
482                         else
483                         {
484                                 R = (R << 7) | (1 << 6);                // shift TX power control to correct RF(R4) register bit position
485                                 R |= (pAd->LatchRfRegs.R4 & 0xfffff83f);
486                                 pAd->LatchRfRegs.R4 = R;
487                         }
488                 }
489
490         RtmpRfIoWrite(pAd);
491
492         return 0;
493         }
494 }
495 #endif // 1 //
496 /*
497     ==========================================================================
498     Description:
499         Set ATE operation mode to
500         0. ATESTART  = Start ATE Mode
501         1. ATESTOP   = Stop ATE Mode
502         2. TXCONT    = Continuous Transmit
503         3. TXCARR    = Transmit Carrier
504         4. TXFRAME   = Transmit Frames
505         5. RXFRAME   = Receive Frames
506 #ifdef RALINK_28xx_QA
507         6. TXSTOP    = Stop Any Type of Transmition
508         7. RXSTOP    = Stop Receiving Frames
509 #endif // RALINK_28xx_QA //
510     Return:
511         TRUE if all parameters are OK, FALSE otherwise
512     ==========================================================================
513 */
514 /*                                                           */
515 /*                                                           */
516 /*=======================End of RT2860=======================*/
517
518
519 /*======================Start of RT2870======================*/
520 /*                                                           */
521 /*                                                           */
522
523 #ifdef RT2870
524 static INT      ATECmdHandler(
525         IN      PRTMP_ADAPTER   pAd,
526         IN      PUCHAR                  arg)
527 {
528         UINT32                  Value;
529         UCHAR                   BbpData;
530         UINT32          MacData;
531         UINT                    i=0, atemode;
532         //NDIS_STATUS           Status = NDIS_STATUS_SUCCESS;
533         //PUCHAR                        pDest;
534         UINT32                  temp;
535         ULONG                   IrqFlags;
536
537         ATEDBGPRINT(RT_DEBUG_TRACE, ("===> ATECmdHandler()\n"));
538         ATEAsicSwitchChannel(pAd);
539         /* AsicLockChannel() is empty function so far in fact */
540         AsicLockChannel(pAd, pAd->ate.Channel);
541
542         RTMPusecDelay(5000);
543
544         // Default value in BBP R22 is 0x0.
545         BbpData = 0;
546
547         /* Enter ATE mode and set Tx/Rx Idle */
548         if (!strcmp(arg, "ATESTART"))
549         {
550 #ifdef CONFIG_STA_SUPPORT
551                 BOOLEAN       Cancelled;
552 #endif // CONFIG_STA_SUPPORT //
553                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE: ATESTART\n"));
554
555                 netif_stop_queue(pAd->net_dev);
556
557                 atemode = pAd->ate.Mode;
558                 pAd->ate.Mode = ATE_START;
559 //              pAd->ate.TxDoneCount = pAd->ate.TxCount;
560                 // Disable Rx
561                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
562                 Value &= ~(1 << 3);
563                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
564
565                 // Disable auto responder
566                 RTMP_IO_READ32(pAd, AUTO_RSP_CFG, &temp);
567                 temp = temp & 0xFFFFFFFE;
568                 RTMP_IO_WRITE32(pAd, AUTO_RSP_CFG, temp);
569
570                 // read MAC_SYS_CTRL and backup MAC_SYS_CTRL value.
571                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &MacData);
572                 // clean bit4 to stop continuous Tx production test.
573                 MacData &= 0xFFFFFFEF;
574                 // Stop continuous TX production test.
575                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, MacData);//disable or cancel pending irp first ???
576
577         if (atemode & ATE_TXCARR)
578                 {
579                         // No Carrier Test set BBP R22 bit7=0, bit6=0, bit[5~0]=0x0
580                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
581                         BbpData &= 0xFFFFFF00; //clear bit7, bit6, bit[5~0]
582                     ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
583                 }
584                 else if (atemode & ATE_TXCARRSUPP)
585                 {
586                         // No Cont. TX set BBP R22 bit7=0
587                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
588                         BbpData &= ~(1 << 7); //set bit7=0
589                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
590
591                         // No Carrier Suppression set BBP R24 bit0=0
592                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R24, &BbpData);
593                         BbpData &= 0xFFFFFFFE; //clear bit0
594                     ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R24, BbpData);
595                 }
596                 // We should free some resource which allocate when ATE_TXFRAME , ATE_STOP, and ATE_TXCONT.
597                 // TODO:Should we free some resource which was allocated when LoopBack and ATE_STOP ?
598                 else if ((atemode & ATE_TXFRAME) || (atemode == ATE_STOP))
599                 {
600                         if (atemode & ATE_TXCONT)
601                         {
602                                 // Not Cont. TX anymore, so set BBP R22 bit7=0
603                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
604                                 BbpData &= ~(1 << 7); //set bit7=0
605                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
606                         }
607                         // Abort Tx, Rx DMA.
608                         RtmpDmaEnable(pAd, 0);
609
610                         {
611                                 // It seems nothing to free,
612                                 // because we didn't allocate any resource when we entered ATE_TXFRAME mode latestly.
613                         }
614
615                         // Start Tx, RX DMA
616                         RtmpDmaEnable(pAd, 1);
617                 }
618
619                 RTUSBRejectPendingPackets(pAd);
620                 RTUSBCleanUpDataBulkOutQueue(pAd);
621
622 #ifdef CONFIG_STA_SUPPORT
623                 //
624                 // It will be called in MlmeSuspend().
625                 //
626                 // Cancel pending timers
627                 RTMPCancelTimer(&pAd->MlmeAux.AssocTimer,     &Cancelled);
628                 RTMPCancelTimer(&pAd->MlmeAux.ReassocTimer,   &Cancelled);
629                 RTMPCancelTimer(&pAd->MlmeAux.DisassocTimer,   &Cancelled);
630                 RTMPCancelTimer(&pAd->MlmeAux.AuthTimer,       &Cancelled);
631                 RTMPCancelTimer(&pAd->MlmeAux.BeaconTimer,     &Cancelled);
632                 RTMPCancelTimer(&pAd->MlmeAux.ScanTimer,       &Cancelled);
633 #endif // CONFIG_STA_SUPPORT //
634
635                 //RTUSBCleanUpMLMEWaitQueue(pAd);       /* not used in RT28xx */
636                 RTUSBCleanUpMLMEBulkOutQueue(pAd);
637
638                 // Sometimes kernel will hang on, so we avoid calling MlmeSuspend().
639 //              MlmeSuspend(pAd, TRUE);
640                 //RTMPCancelTimer(&pAd->Mlme.PeriodicTimer, &Cancelled);
641
642                 // Disable Rx
643                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
644                 Value &= ~(1 << 3);
645                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
646
647                 // Abort Tx, RX DMA.
648                 RtmpDmaEnable(pAd, 0);
649
650                 // Disable Tx
651                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
652                 Value &= ~(1 << 2);
653                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
654
655                 // Make sure there are no pending bulk in/out IRPs before we go on.
656 /*=========================================================================*/
657                 /* pAd->PendingRx is not of type atomic_t anymore in 28xx */
658 //              while ((atomic_read(&pAd->PendingRx) > 0))      //pAd->BulkFlags != 0 wait bulk out finish
659                 while ((pAd->PendingRx > 0))    //pAd->BulkFlags != 0 wait bulk out finish
660                 {
661 #if 1
662                         ATE_RTUSBCancelPendingBulkInIRP(pAd);
663 #else
664                         NdisInterlockedDecrement(&pAd->PendingRx);
665 #endif
666                         /* delay 0.5 seconds */
667                         RTMPusecDelay(500000);
668                         pAd->PendingRx = 0;
669                 }
670                 /* peter : why don't we have to get BulkOutLock first ? */
671                 while (((pAd->BulkOutPending[0] == TRUE) ||
672                                 (pAd->BulkOutPending[1] == TRUE) ||
673                                 (pAd->BulkOutPending[2] == TRUE) ||
674                                 (pAd->BulkOutPending[3] == TRUE)) && (pAd->BulkFlags != 0))     //pAd->BulkFlags != 0 wait bulk out finish
675                 {
676                         do
677                         {
678                                 /* pAd->BulkOutPending[y] will be set to FALSE in RTUSBCancelPendingBulkOutIRP(pAd) */
679                                 RTUSBCancelPendingBulkOutIRP(pAd);
680                         } while (FALSE);
681
682                         /* we have enough time delay in RTUSBCancelPendingBulkOutIRP(pAd)
683                         ** so this is not necessary
684                         */
685 //                      RTMPusecDelay(500000);
686                 }
687
688                 /* pAd->PendingRx is not of type atomic_t anymore in 28xx */
689 //              ASSERT(atomic_read(&pAd->PendingRx) == 0);
690                 ASSERT(pAd->PendingRx == 0);
691 /*=========================================================================*/
692
693                 // reset Rx statistics.
694                 pAd->ate.LastSNR0 = 0;
695                 pAd->ate.LastSNR1 = 0;
696                 pAd->ate.LastRssi0 = 0;
697                 pAd->ate.LastRssi1 = 0;
698                 pAd->ate.LastRssi2 = 0;
699                 pAd->ate.AvgRssi0 = 0;
700                 pAd->ate.AvgRssi1 = 0;
701                 pAd->ate.AvgRssi2 = 0;
702                 pAd->ate.AvgRssi0X8 = 0;
703                 pAd->ate.AvgRssi1X8 = 0;
704                 pAd->ate.AvgRssi2X8 = 0;
705                 pAd->ate.NumOfAvgRssiSample = 0;
706
707 #ifdef RALINK_28xx_QA
708                 // Tx frame
709                 pAd->ate.bQATxStart = FALSE;
710                 pAd->ate.bQARxStart = FALSE;
711                 pAd->ate.seq = 0;
712
713                 // counters
714                 pAd->ate.U2M = 0;
715                 pAd->ate.OtherData = 0;
716                 pAd->ate.Beacon = 0;
717                 pAd->ate.OtherCount = 0;
718                 pAd->ate.TxAc0 = 0;
719                 pAd->ate.TxAc1 = 0;
720                 pAd->ate.TxAc2 = 0;
721                 pAd->ate.TxAc3 = 0;
722                 pAd->ate.TxHCCA = 0;
723                 pAd->ate.TxMgmt = 0;
724                 pAd->ate.RSSI0 = 0;
725                 pAd->ate.RSSI1 = 0;
726                 pAd->ate.RSSI2 = 0;
727                 pAd->ate.SNR0 = 0;
728                 pAd->ate.SNR1 = 0;
729
730                 // control
731                 pAd->ate.TxDoneCount = 0;
732                 pAd->ate.TxStatus = 0; // task Tx status // 0 --> task is idle, 1 --> task is running
733 #endif // RALINK_28xx_QA //
734
735                 // Soft reset BBP.
736                 BbpSoftReset(pAd);
737
738
739 #ifdef CONFIG_STA_SUPPORT
740                 AsicDisableSync(pAd);
741
742                 /*
743                 ** If we skip "LinkDown()", we should disable protection
744                 ** to prevent from sending out RTS or CTS-to-self.
745                 */
746                 ATEDisableAsicProtect(pAd);
747                 RTMPStationStop(pAd);
748 #endif // CONFIG_STA_SUPPORT //
749
750                 // Default value in BBP R22 is 0x0.
751                 BbpData = 0;
752                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &MacData);
753
754                 // Clean bit4 to stop continuous Tx production test.
755                 MacData &= 0xFFFFFFEF;
756                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
757                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, MacData);
758                 //Clean ATE Bulk in/out counter and continue setup
759                 InterlockedExchange(&pAd->BulkOutRemained, 0);
760
761                 /* NdisAcquireSpinLock()/NdisReleaseSpinLock() need only one argument in RT28xx */
762                 NdisAcquireSpinLock(&pAd->GenericLock);
763                 pAd->ContinBulkOut = FALSE;
764                 pAd->ContinBulkIn = FALSE;
765                 NdisReleaseSpinLock(&pAd->GenericLock);
766
767                 RTUSB_CLEAR_BULK_FLAG(pAd, fRTUSB_BULK_OUT_DATA_ATE);
768         }
769         else if (!strcmp(arg, "ATESTOP"))
770         {
771                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE : ATESTOP ===>\n"));
772
773                 // Default value in BBP R22 is 0x0.
774                 BbpData = 0;
775                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &MacData);//0820
776                 // Clean bit4 to stop continuous Tx production test.
777                 MacData &= 0xFFFFFFEF;
778                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
779                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, MacData); // recover the MAC_SYS_CTRL register back.
780
781                 // Disable Rx
782                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
783                 Value &= ~(1 << 3);
784                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
785
786                 /*
787                 ** Abort Tx, RX DMA.
788                 ** Q   : How to do the following I/O if Tx, Rx DMA is aborted ?
789                 ** Ans : Bulk endpoints are aborted, while the control endpoint is not.
790                 */
791                 RtmpDmaEnable(pAd, 0);
792
793                 // Disable Tx
794                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
795                 Value &= ~(1 << 2);
796                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
797
798                 /* Make sure there are no pending bulk in/out IRPs before we go on. */
799 /*=========================================================================*/
800 //              while ((atomic_read(&pAd->PendingRx) > 0))      //pAd->BulkFlags != 0 wait bulk out finish
801                 while (pAd->PendingRx > 0)
802                 {
803 #if 1
804                         ATE_RTUSBCancelPendingBulkInIRP(pAd);
805 #else
806 //                      NdisInterlockedDecrement(&pAd->PendingRx);
807                         pAd->PendingRx--;
808 #endif
809                         RTMPusecDelay(500000);
810                 }
811
812                 while (((pAd->BulkOutPending[0] == TRUE) ||
813                                 (pAd->BulkOutPending[1] == TRUE) ||
814                                 (pAd->BulkOutPending[2] == TRUE) ||
815                                 (pAd->BulkOutPending[3] == TRUE)) && (pAd->BulkFlags != 0))     //pAd->BulkFlags != 0 wait bulk out finish
816                 {
817                         do
818                         {
819                                 RTUSBCancelPendingBulkOutIRP(pAd);
820                         } while (FALSE);
821
822                         RTMPusecDelay(500000);
823                 }
824
825 //              ASSERT(atomic_read(&pAd->PendingRx) == 0);
826                 ASSERT(pAd->PendingRx == 0);
827 /*=========================================================================*/
828 /*      Reset Rx RING                                                      */
829 /*=========================================================================*/
830 //              InterlockedExchange(&pAd->PendingRx, 0);
831                 pAd->PendingRx = 0;
832                 pAd->NextRxBulkInReadIndex = 0; // Next Rx Read index
833                 pAd->NextRxBulkInIndex = RX_RING_SIZE - 1;      // Rx Bulk pointer
834                 pAd->NextRxBulkInPosition = 0;
835                 for (i = 0; i < (RX_RING_SIZE); i++)
836                 {
837                         PRX_CONTEXT  pRxContext = &(pAd->RxContext[i]);
838                         NdisZeroMemory(pRxContext->TransferBuffer, MAX_RXBULK_SIZE);
839                         /* peter : why don't we have to get BulkInLock first ? */
840                         pRxContext->pAd = pAd;
841                         pRxContext->pIrp = NULL;
842             /* peter debug ++ */
843                         pRxContext->BulkInOffset = 0;
844                         pRxContext->bRxHandling = FALSE;
845             /* peter debug -- */
846                         pRxContext->InUse               = FALSE;
847                         pRxContext->IRPPending  = FALSE;
848                         pRxContext->Readable    = FALSE;
849 //                      pRxContext->ReorderInUse = FALSE;
850 //                      pRxContext->ReadPosOffset = 0;
851                 }
852
853 /*=========================================================================*/
854 /*      Reset Tx RING                                                      */
855 /*=========================================================================*/
856                 do
857                 {
858                         RTUSBCancelPendingBulkOutIRP(pAd);
859                 } while (FALSE);
860
861 /*=========================================================================*/
862                 // Enable auto responder.
863                 RTMP_IO_READ32(pAd, AUTO_RSP_CFG, &temp);
864                 temp = temp | (0x01);
865                 RTMP_IO_WRITE32(pAd, AUTO_RSP_CFG, temp);
866
867 /*================================================*/
868                 AsicEnableBssSync(pAd);
869
870                 /* Soft reset BBP.*/
871                 /* In 2870 chipset, ATE_BBP_IO_READ8_BY_REG_ID() == RTMP_BBP_IO_READ8_BY_REG_ID() */
872                 /* Both rt2870ap and rt2870sta use BbpSoftReset(pAd) to do BBP soft reset */
873                 BbpSoftReset(pAd);
874 /*================================================*/
875                 {
876 #ifdef CONFIG_STA_SUPPORT
877                         // Set all state machines back IDLE
878                         pAd->Mlme.CntlMachine.CurrState    = CNTL_IDLE;
879                         pAd->Mlme.AssocMachine.CurrState   = ASSOC_IDLE;
880                         pAd->Mlme.AuthMachine.CurrState    = AUTH_REQ_IDLE;
881                         pAd->Mlme.AuthRspMachine.CurrState = AUTH_RSP_IDLE;
882                         pAd->Mlme.SyncMachine.CurrState    = SYNC_IDLE;
883                         pAd->Mlme.ActMachine.CurrState    = ACT_IDLE;
884 #endif // CONFIG_STA_SUPPORT //
885
886                         //
887                         // ===> refer to MlmeRestartStateMachine().
888                         // When we entered ATE_START mode, PeriodicTimer was not cancelled.
889                         // So we don't have to set it here.
890                         //
891                         //RTMPSetTimer(pAd, &pAd->Mlme.PeriodicTimer, MLME_TASK_EXEC_INTV);
892
893                         ASSERT(pAd->CommonCfg.Channel != 0);
894
895                         AsicSwitchChannel(pAd, pAd->CommonCfg.Channel, FALSE);
896                         AsicLockChannel(pAd, pAd->CommonCfg.Channel);
897
898
899 #ifdef CONFIG_STA_SUPPORT
900                     RTMPStationStart(pAd);
901 #endif // CONFIG_STA_SUPPORT //
902                 }
903 //
904 // These two steps have been done when entering ATE_STOP mode.
905 //
906 #if 0
907             RTUSBWriteBBPRegister(pAd, BBP_R22, BbpData);
908                 RTUSBWriteMACRegister(pAd, MAC_SYS_CTRL, MacData);
909 #endif
910                 // Clean ATE Bulk in/out counter and continue setup.
911                 InterlockedExchange(&pAd->BulkOutRemained, 0);
912                 NdisAcquireSpinLock(&pAd->GenericLock);
913                 pAd->ContinBulkOut = FALSE;
914                 pAd->ContinBulkIn = FALSE;
915                 NdisReleaseSpinLock(&pAd->GenericLock);
916
917                 /* Wait 50ms to prevent next URB to bulkout during HW reset. */
918                 /* todo : remove this if not necessary */
919                 NdisMSleep(50000);
920
921                 pAd->ate.Mode = ATE_STOP;
922
923                 // Enable Tx
924                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
925                 Value |= (1 << 2);
926                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
927
928 /*=========================================================================*/
929                 /* restore RX_FILTR_CFG */
930 #ifdef CONFIG_STA_SUPPORT
931                 /* restore RX_FILTR_CFG in order that QA maybe set it to 0x3 */
932                 RTMP_IO_WRITE32(pAd, RX_FILTR_CFG, STANORMAL);
933 #endif // CONFIG_STA_SUPPORT //
934 /*=========================================================================*/
935
936                 // Enable Tx, RX DMA.
937                 RtmpDmaEnable(pAd, 1);
938
939                 // Enable Rx
940                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
941                 Value |= (1 << 3);
942                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
943
944                 // Wait 10ms to wait all of the bulk-in URBs to complete.
945                 /* todo : remove this if not necessary */
946                 NdisMSleep(10000);
947
948                 // Everything is ready to start normal Tx/Rx.
949                 RTUSBBulkReceive(pAd);
950                 netif_start_queue(pAd->net_dev);
951
952                 ATEDBGPRINT(RT_DEBUG_TRACE, ("<=== ATE : ATESTOP \n"));
953         }
954         else if (!strcmp(arg, "TXCARR"))        // Tx Carrier
955         {
956                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE: TXCARR\n"));
957                 pAd->ate.Mode |= ATE_TXCARR;
958
959                 // Disable Rx
960                 // May be we need not to do this, because these have been done in ATE_START mode ???
961                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
962                 Value &= ~(1 << 3);
963                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
964
965                 // QA has done the following steps if it is used.
966                 if (pAd->ate.bQATxStart == FALSE)
967                 {
968                         // Soft reset BBP.
969                         BbpSoftReset(pAd);
970
971                         // Carrier Test set BBP R22 bit7=1, bit6=1, bit[5~0]=0x01
972                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
973                         BbpData &= 0xFFFFFF00; //clear bit7, bit6, bit[5~0]
974                         BbpData |= 0x000000C1; //set bit7=1, bit6=1, bit[5~0]=0x01
975                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
976
977                         // set MAC_SYS_CTRL(0x1004) Continuous Tx Production Test (bit4) = 1
978                         RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
979                         Value = Value | 0x00000010;
980                         RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
981                 }
982         }
983         else if (!strcmp(arg, "TXCONT"))        // Tx Continue
984         {
985                 if (pAd->ate.bQATxStart == TRUE)
986                 {
987                         /* set MAC_SYS_CTRL(0x1004) bit4(Continuous Tx Production Test)
988                            and bit2(MAC TX enable) back to zero. */
989                         RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &MacData);
990                         MacData &= 0xFFFFFFEB;
991                         RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, MacData);
992
993                         // set BBP R22 bit7=0
994                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
995                         BbpData &= 0xFFFFFF7F; //set bit7=0
996                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
997                 }
998
999                 /* for TxCont mode.
1000                 ** Step 1: Send 50 packets first then wait for a moment.
1001                 ** Step 2: Send more 50 packet then start continue mode.
1002                 */
1003                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE: TXCONT\n"));
1004                 // Step 1: send 50 packets first.
1005                 pAd->ate.Mode |= ATE_TXCONT;
1006                 pAd->ate.TxCount = 50;
1007                 pAd->ate.TxDoneCount = 0;
1008
1009                 // Soft reset BBP.
1010                 BbpSoftReset(pAd);
1011
1012                 // Abort Tx, RX DMA.
1013                 RtmpDmaEnable(pAd, 0);
1014
1015
1016                 /* Only needed if we have to send some normal frames. */
1017                 SetJapanFilter(pAd);
1018
1019                 // Setup frame format.
1020                 ATESetUpFrame(pAd, 0);
1021
1022                 // Enable Tx
1023                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1024                 Value |= (1 << 2);
1025                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1026
1027                 // Disable Rx
1028                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1029                 Value &= ~(1 << 3);
1030                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1031
1032                 // Start Tx, RX DMA.
1033                 RtmpDmaEnable(pAd, 1);
1034
1035                 InterlockedExchange(&pAd->BulkOutRemained, pAd->ate.TxCount);
1036
1037 #ifdef  RALINK_28xx_QA
1038                 if (pAd->ate.bQATxStart == TRUE)
1039                 {
1040                         pAd->ate.TxStatus = 1;
1041                         //pAd->ate.Repeat = 0;
1042                 }
1043 #endif  // RALINK_28xx_QA //
1044
1045                 NdisAcquireSpinLock(&pAd->GenericLock);//0820
1046                 pAd->ContinBulkOut = FALSE;
1047                 NdisReleaseSpinLock(&pAd->GenericLock);
1048
1049                 RTUSB_SET_BULK_FLAG(pAd, fRTUSB_BULK_OUT_DATA_ATE);
1050
1051                 // Kick bulk out
1052                 RTUSBKickBulkOut(pAd);
1053
1054                 /* To make sure all the 50 frames have been bulk out before executing step 2 */
1055                 while (atomic_read(&pAd->BulkOutRemained) > 0)
1056                 {
1057                         RTMPusecDelay(5000);
1058                 }
1059
1060                 // Step 2: send more 50 packets then start continue mode.
1061                 // Abort Tx, RX DMA.
1062                 RtmpDmaEnable(pAd, 0);
1063
1064                 // Cont. TX set BBP R22 bit7=1
1065                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
1066                 BbpData |= 0x00000080; //set bit7=1
1067                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
1068
1069                 pAd->ate.TxCount = 50;
1070                 pAd->ate.TxDoneCount = 0;
1071
1072                 SetJapanFilter(pAd);
1073
1074                 // Setup frame format.
1075                 ATESetUpFrame(pAd, 0);
1076
1077                 // Enable Tx
1078                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1079                 Value |= (1 << 2);
1080                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1081
1082                 // Disable Rx
1083                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1084                 Value &= ~(1 << 3);
1085
1086                 // Start Tx, RX DMA.
1087                 RtmpDmaEnable(pAd, 1);
1088
1089                 InterlockedExchange(&pAd->BulkOutRemained, pAd->ate.TxCount);
1090
1091 #ifdef  RALINK_28xx_QA
1092                 if (pAd->ate.bQATxStart == TRUE)
1093                 {
1094                         pAd->ate.TxStatus = 1;
1095                         //pAd->ate.Repeat = 0;
1096                 }
1097 #endif  // RALINK_28xx_QA //
1098
1099                 NdisAcquireSpinLock(&pAd->GenericLock);//0820
1100                 pAd->ContinBulkOut = FALSE;
1101                 NdisReleaseSpinLock(&pAd->GenericLock);
1102
1103                 RTUSB_SET_BULK_FLAG(pAd, fRTUSB_BULK_OUT_DATA_ATE);
1104                 // Kick bulk out
1105                 RTUSBKickBulkOut(pAd);
1106
1107 #if 1
1108                 RTMPusecDelay(500);
1109 #else
1110                 while (atomic_read(&pAd->BulkOutRemained) > 0)
1111                 {
1112                         RTMPusecDelay(5000);
1113                 }
1114 #endif // 1 //
1115
1116                 // Set MAC_SYS_CTRL(0x1004) Continuous Tx Production Test (bit4) = 1.
1117                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &MacData);
1118                 MacData |= 0x00000010;
1119                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, MacData);
1120         }
1121         else if (!strcmp(arg, "TXFRAME"))       // Tx Frames
1122         {
1123                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE: TXFRAME(Count=0x%08x)\n", pAd->ate.TxCount));
1124                 pAd->ate.Mode |= ATE_TXFRAME;
1125
1126                 // Soft reset BBP.
1127                 BbpSoftReset(pAd);
1128
1129                 // Default value in BBP R22 is 0x0.
1130                 BbpData = 0;
1131
1132                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &MacData);
1133
1134                 // Clean bit4 to stop continuous Tx production test.
1135                 MacData &= 0xFFFFFFEF;
1136
1137                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
1138                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, MacData);
1139
1140 #ifdef RALINK_28xx_QA
1141                 // add this for LoopBack mode
1142                 if (pAd->ate.bQARxStart == FALSE)
1143                 {
1144                         // Disable Rx
1145                         RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1146                         Value &= ~(1 << 3);
1147                         RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1148                 }
1149
1150                 if (pAd->ate.bQATxStart == TRUE)
1151                 {
1152                         pAd->ate.TxStatus = 1;
1153                         //pAd->ate.Repeat = 0;
1154                 }
1155 #else
1156                 // Disable Rx
1157                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1158                 Value &= ~(1 << 3);
1159                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1160 #endif // RALINK_28xx_QA //
1161
1162                 // Enable Tx
1163                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1164                 Value |= (1 << 2);
1165                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1166
1167         SetJapanFilter(pAd);
1168
1169                 // Abort Tx, RX DMA.
1170                 RtmpDmaEnable(pAd, 0);
1171
1172                 pAd->ate.TxDoneCount = 0;
1173
1174         // Setup frame format
1175                 ATESetUpFrame(pAd, 0);
1176
1177                 // Start Tx, RX DMA.
1178                 RtmpDmaEnable(pAd, 1);
1179
1180                 // Check count is continuous or not yet.
1181                 //
1182                 // Due to the type mismatch between "pAd->BulkOutRemained"(atomic_t) and "pAd->ate.TxCount"(UINT32)
1183                 //
1184                 if (pAd->ate.TxCount == 0)
1185                 {
1186                         InterlockedExchange(&pAd->BulkOutRemained, 0);
1187                 }
1188                 else
1189                 {
1190                         InterlockedExchange(&pAd->BulkOutRemained, pAd->ate.TxCount);
1191                 }
1192                 ATEDBGPRINT(RT_DEBUG_TRACE, ("bulk out count = %d\n", atomic_read(&pAd->BulkOutRemained)));
1193                 ASSERT((atomic_read(&pAd->BulkOutRemained) >= 0));
1194
1195                 if (atomic_read(&pAd->BulkOutRemained) == 0)
1196                 {
1197                         ATEDBGPRINT(RT_DEBUG_TRACE, ("Send packet countinuously\n"));
1198
1199                         /* In 28xx, NdisAcquireSpinLock() == spin_lock_bh() */
1200                         /* NdisAcquireSpinLock only need one argument in 28xx. */
1201                         NdisAcquireSpinLock(&pAd->GenericLock);
1202                         pAd->ContinBulkOut = TRUE;
1203                         NdisReleaseSpinLock(&pAd->GenericLock);
1204
1205                         /* In 28xx, BULK_OUT_LOCK() == spin_lock_irqsave() */
1206                         BULK_OUT_LOCK(&pAd->BulkOutLock[0], IrqFlags);// peter : NdisAcquireSpinLock ==> BULK_OUT_LOCK
1207                         pAd->BulkOutPending[0] = FALSE;
1208                         BULK_OUT_UNLOCK(&pAd->BulkOutLock[0], IrqFlags);// peter : NdisAcquireSpinLock ==> BULK_OUT_LOCK
1209                 }
1210                 else
1211                 {
1212                         ATEDBGPRINT(RT_DEBUG_TRACE, ("Send packets depend on counter\n"));
1213
1214                         NdisAcquireSpinLock(&pAd->GenericLock);
1215                         pAd->ContinBulkOut = FALSE;
1216                         NdisReleaseSpinLock(&pAd->GenericLock);
1217
1218                         BULK_OUT_LOCK(&pAd->BulkOutLock[0], IrqFlags);
1219                         pAd->BulkOutPending[0] = FALSE;
1220                         BULK_OUT_UNLOCK(&pAd->BulkOutLock[0], IrqFlags);
1221                 }
1222
1223                 RTUSB_SET_BULK_FLAG(pAd, fRTUSB_BULK_OUT_DATA_ATE);
1224
1225                 // Kick bulk out
1226                 RTUSBKickBulkOut(pAd);
1227         }
1228 #ifdef RALINK_28xx_QA
1229         else if (!strcmp(arg, "TXSTOP"))                //Enter ATE mode and set Tx/Rx Idle
1230         {
1231                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE: TXSTOP\n"));
1232
1233                 atemode = pAd->ate.Mode;
1234                 pAd->ate.Mode &= ATE_TXSTOP;
1235                 pAd->ate.bQATxStart = FALSE;
1236 //              pAd->ate.TxDoneCount = pAd->ate.TxCount;
1237
1238 /*=========================================================================*/
1239                 if (atemode & ATE_TXCARR)
1240                 {
1241                         // No Carrier Test set BBP R22 bit7=0, bit6=0, bit[5~0]=0x0
1242                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
1243                         BbpData &= 0xFFFFFF00; //clear bit7, bit6, bit[5~0]
1244                     ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
1245                 }
1246                 else if (atemode & ATE_TXCARRSUPP)
1247                 {
1248                         // No Cont. TX set BBP R22 bit7=0
1249                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
1250                         BbpData &= ~(1 << 7); //set bit7=0
1251                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
1252
1253                         // No Carrier Suppression set BBP R24 bit0=0
1254                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R24, &BbpData);
1255                         BbpData &= 0xFFFFFFFE; //clear bit0
1256                     ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R24, BbpData);
1257                 }
1258                 else if ((atemode & ATE_TXFRAME) || (atemode == ATE_STOP))
1259                 {
1260                         if (atemode & ATE_TXCONT)
1261                         {
1262                                 // No Cont. TX set BBP R22 bit7=0
1263                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R22, &BbpData);
1264                                 BbpData &= ~(1 << 7); //set bit7=0
1265                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
1266                         }
1267                 }
1268
1269 /*=========================================================================*/
1270                 RTUSBRejectPendingPackets(pAd);
1271                 RTUSBCleanUpDataBulkOutQueue(pAd);
1272
1273                 /* not used in RT28xx */
1274                 //RTUSBCleanUpMLMEWaitQueue(pAd);
1275                 /* empty function so far */
1276                 RTUSBCleanUpMLMEBulkOutQueue(pAd);
1277 /*=========================================================================*/
1278                 // Abort Tx, RX DMA.
1279                 RtmpDmaEnable(pAd, 0);
1280 /*=========================================================================*/
1281
1282                 /* In 28xx, pAd->PendingRx is not of type atomic_t anymore */
1283 //              while ((atomic_read(&pAd->PendingRx) > 0))      //pAd->BulkFlags != 0 wait bulk out finish
1284                 /* peter todo : BulkInLock */
1285                 while (pAd->PendingRx > 0)
1286                 {
1287 #if 1
1288                         ATE_RTUSBCancelPendingBulkInIRP(pAd);
1289 #else
1290 //                      NdisInterlockedDecrement(&pAd->PendingRx);
1291                         pAd->PendingRx--;
1292 #endif
1293                         RTMPusecDelay(500000);
1294                 }
1295
1296                 while (((pAd->BulkOutPending[0] == TRUE) ||
1297                                 (pAd->BulkOutPending[1] == TRUE) ||
1298                                 (pAd->BulkOutPending[2] == TRUE) ||
1299                                 (pAd->BulkOutPending[3] == TRUE)) && (pAd->BulkFlags != 0))     //pAd->BulkFlags != 0 wait bulk out finish
1300                 {
1301                         do
1302                         {
1303                                 RTUSBCancelPendingBulkOutIRP(pAd);
1304                         } while (FALSE);
1305
1306                         RTMPusecDelay(500000);
1307                 }
1308
1309                 ASSERT(pAd->PendingRx == 0);
1310 /*=========================================================================*/
1311                 // Enable Tx, Rx DMA.
1312                 RtmpDmaEnable(pAd, 1);
1313
1314                 /* task Tx status : 0 --> task is idle, 1 --> task is running */
1315                 pAd->ate.TxStatus = 0;
1316
1317                 // Soft reset BBP.
1318                 BbpSoftReset(pAd);
1319
1320                 // Disable Tx
1321                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &MacData);
1322                 MacData &= (0xfffffffb);
1323                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, MacData);
1324
1325                 //Clean ATE Bulk in/out counter and continue setup
1326                 InterlockedExchange(&pAd->BulkOutRemained, 0);
1327
1328                 pAd->ContinBulkOut = FALSE;
1329         }
1330         else if (!strcmp(arg, "RXSTOP"))
1331         {
1332                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE: RXSTOP\n"));
1333                 atemode = pAd->ate.Mode;
1334
1335                 // Disable Rx
1336                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1337                 Value &= ~(1 << 3);
1338                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1339
1340                 pAd->ate.Mode &= ATE_RXSTOP;
1341                 pAd->ate.bQARxStart = FALSE;
1342 //              pAd->ate.TxDoneCount = pAd->ate.TxCount;
1343
1344 /*=========================================================================*/
1345                 RTUSBRejectPendingPackets(pAd);
1346                 RTUSBCleanUpDataBulkOutQueue(pAd);
1347
1348                 /* not used in RT28xx */
1349                 //RTUSBCleanUpMLMEWaitQueue(pAd);
1350                 RTUSBCleanUpMLMEBulkOutQueue(pAd);
1351 /*=========================================================================*/
1352
1353                 // Abort Tx, RX DMA.
1354                 RtmpDmaEnable(pAd, 0);
1355 /*=========================================================================*/
1356 //              while ((atomic_read(&pAd->PendingRx) > 0))
1357                 while (pAd->PendingRx > 0)
1358                 {
1359 #if 1
1360                         ATE_RTUSBCancelPendingBulkInIRP(pAd);
1361 #else
1362 //                      NdisInterlockedDecrement(&pAd->PendingRx);
1363                         pAd->PendingRx--;
1364 #endif
1365                         RTMPusecDelay(500000);
1366                 }
1367
1368                 while (((pAd->BulkOutPending[0] == TRUE) ||
1369                                 (pAd->BulkOutPending[1] == TRUE) ||
1370                                 (pAd->BulkOutPending[2] == TRUE) ||
1371                                 (pAd->BulkOutPending[3] == TRUE)) && (pAd->BulkFlags != 0))     //pAd->BulkFlags != 0 wait bulk out finish
1372                 {
1373                         do
1374                         {
1375                                 RTUSBCancelPendingBulkOutIRP(pAd);
1376                         } while (FALSE);
1377
1378                         RTMPusecDelay(500000);
1379                 }
1380
1381                 ASSERT(pAd->PendingRx == 0);
1382 /*=========================================================================*/
1383
1384                 // Soft reset BBP.
1385                 BbpSoftReset(pAd);
1386                 pAd->ContinBulkIn = FALSE;
1387         }
1388 #endif // RALINK_28xx_QA //
1389         else if (!strcmp(arg, "RXFRAME")) // Rx Frames
1390         {
1391                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE: RXFRAME\n"));
1392
1393                 // Disable Rx of MAC block
1394                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1395                 Value &= ~(1 << 3);
1396                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1397
1398                 // Default value in BBP R22 is 0x0.
1399                 BbpData = 0;
1400
1401                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &MacData);
1402                 // Clean bit4 to stop continuous Tx production test.
1403                 MacData &= 0xFFFFFFEF;
1404
1405                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R22, BbpData);
1406                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, MacData);
1407
1408                 pAd->ate.Mode |= ATE_RXFRAME;
1409
1410                 // Abort Tx, RX DMA.
1411                 RtmpDmaEnable(pAd, 0);
1412
1413                 // Disable TX of MAC block
1414                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1415                 Value &= ~(1 << 2);
1416                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1417
1418         // Reset Rx RING.
1419                 for ( i = 0; i < (RX_RING_SIZE); i++)
1420                 {
1421                         PRX_CONTEXT  pRxContext = &(pAd->RxContext[i]);
1422
1423                         pRxContext->InUse = FALSE;
1424                         pRxContext->IRPPending = FALSE;
1425                         pRxContext->Readable = FALSE;
1426
1427                         //
1428                         // Get the urb from kernel back to driver.
1429                         //
1430                         RTUSB_UNLINK_URB(pRxContext->pUrb);
1431
1432                         /* Sleep 200 microsecs to give cancellation time to work. */
1433                         NdisMSleep(200);
1434                         pAd->BulkInReq = 0;
1435
1436 //                      InterlockedExchange(&pAd->PendingRx, 0);
1437                         pAd->PendingRx = 0;
1438                         pAd->NextRxBulkInReadIndex = 0; // Next Rx Read index
1439                         pAd->NextRxBulkInIndex          = RX_RING_SIZE - 1;     // Rx Bulk pointer
1440                         pAd->NextRxBulkInPosition = 0;
1441                 }
1442
1443                 // read to clear counters
1444                 RTUSBReadMACRegister(pAd, RX_STA_CNT0, &temp); //RX PHY & RX CRC count
1445                 RTUSBReadMACRegister(pAd, RX_STA_CNT1, &temp); //RX PLCP error count & CCA false alarm count
1446                 RTUSBReadMACRegister(pAd, RX_STA_CNT2, &temp); //RX FIFO overflow frame count & RX duplicated filtered frame count
1447
1448                 pAd->ContinBulkIn = TRUE;
1449
1450                 // Enable Tx, RX DMA.
1451                 RtmpDmaEnable(pAd, 1);
1452
1453                 // Enable RX of MAC block
1454                 RTMP_IO_READ32(pAd, MAC_SYS_CTRL, &Value);
1455                 Value |= (1 << 3);
1456                 RTMP_IO_WRITE32(pAd, MAC_SYS_CTRL, Value);
1457
1458                 // Kick bulk in
1459                 RTUSBBulkReceive(pAd);
1460         }
1461         else
1462         {
1463                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ATE: Invalid arg!\n"));
1464                 return FALSE;
1465         }
1466         RTMPusecDelay(5000);
1467
1468         ATEDBGPRINT(RT_DEBUG_TRACE, ("<=== ATECmdHandler()\n"));
1469
1470         return TRUE;
1471 }
1472 #endif // RT2870 //
1473
1474 INT     Set_ATE_Proc(
1475         IN      PRTMP_ADAPTER   pAd,
1476         IN      PUCHAR                  arg)
1477 {
1478         if (ATECmdHandler(pAd, arg))
1479         {
1480                 ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_Proc Success\n"));
1481
1482
1483                 return TRUE;
1484         }
1485         else
1486         {
1487                 ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_Proc Failed\n"));
1488                 return FALSE;
1489         }
1490 }
1491
1492 /*
1493     ==========================================================================
1494     Description:
1495         Set ATE ADDR1=DA for TxFrame(AP  : To DS = 0 ; From DS = 1)
1496         or
1497         Set ATE ADDR3=DA for TxFrame(STA : To DS = 1 ; From DS = 0)
1498
1499     Return:
1500         TRUE if all parameters are OK, FALSE otherwise
1501     ==========================================================================
1502 */
1503 INT     Set_ATE_DA_Proc(
1504         IN      PRTMP_ADAPTER   pAd,
1505         IN      PUCHAR                  arg)
1506 {
1507         CHAR                            *value;
1508         INT                                     i;
1509
1510         if(strlen(arg) != 17)  //Mac address acceptable format 01:02:03:04:05:06 length 17
1511                 return FALSE;
1512
1513     for (i=0, value = rstrtok(arg, ":"); value; value = rstrtok(NULL, ":"))
1514         {
1515                 if((strlen(value) != 2) || (!isxdigit(*value)) || (!isxdigit(*(value+1))) )
1516                         return FALSE;  //Invalid
1517
1518
1519 #ifdef CONFIG_STA_SUPPORT
1520                 AtoH(value, &pAd->ate.Addr3[i++], 1);
1521 #endif // CONFIG_STA_SUPPORT //
1522         }
1523
1524         if(i != 6)
1525                 return FALSE;  //Invalid
1526
1527
1528 #ifdef CONFIG_STA_SUPPORT
1529         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_DA_Proc (DA = %2X:%2X:%2X:%2X:%2X:%2X)\n", pAd->ate.Addr3[0],
1530                 pAd->ate.Addr3[1], pAd->ate.Addr3[2], pAd->ate.Addr3[3], pAd->ate.Addr3[4], pAd->ate.Addr3[5]));
1531 #endif // CONFIG_STA_SUPPORT //
1532
1533         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_DA_Proc Success\n"));
1534
1535         return TRUE;
1536 }
1537
1538 /*
1539     ==========================================================================
1540     Description:
1541         Set ATE ADDR3=SA for TxFrame(AP  : To DS = 0 ; From DS = 1)
1542         or
1543         Set ATE ADDR2=SA for TxFrame(STA : To DS = 1 ; From DS = 0)
1544
1545     Return:
1546         TRUE if all parameters are OK, FALSE otherwise
1547     ==========================================================================
1548 */
1549 INT     Set_ATE_SA_Proc(
1550         IN      PRTMP_ADAPTER   pAd,
1551         IN      PUCHAR                  arg)
1552 {
1553         CHAR                            *value;
1554         INT                                     i;
1555
1556         if(strlen(arg) != 17)  //Mac address acceptable format 01:02:03:04:05:06 length 17
1557                 return FALSE;
1558
1559     for (i=0, value = rstrtok(arg, ":"); value; value = rstrtok(NULL, ":"))
1560         {
1561                 if((strlen(value) != 2) || (!isxdigit(*value)) || (!isxdigit(*(value+1))) )
1562                         return FALSE;  //Invalid
1563
1564
1565 #ifdef CONFIG_STA_SUPPORT
1566                 AtoH(value, &pAd->ate.Addr2[i++], 1);
1567 #endif // CONFIG_STA_SUPPORT //
1568         }
1569
1570         if(i != 6)
1571                 return FALSE;  //Invalid
1572
1573
1574 #ifdef CONFIG_STA_SUPPORT
1575         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_SA_Proc (SA = %2X:%2X:%2X:%2X:%2X:%2X)\n", pAd->ate.Addr2[0],
1576                 pAd->ate.Addr2[1], pAd->ate.Addr2[2], pAd->ate.Addr2[3], pAd->ate.Addr2[4], pAd->ate.Addr2[5]));
1577 #endif // CONFIG_STA_SUPPORT //
1578
1579         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_SA_Proc Success\n"));
1580
1581         return TRUE;
1582 }
1583
1584 /*
1585     ==========================================================================
1586     Description:
1587         Set ATE ADDR2=BSSID for TxFrame(AP  : To DS = 0 ; From DS = 1)
1588         or
1589         Set ATE ADDR1=BSSID for TxFrame(STA : To DS = 1 ; From DS = 0)
1590
1591     Return:
1592         TRUE if all parameters are OK, FALSE otherwise
1593     ==========================================================================
1594 */
1595 INT     Set_ATE_BSSID_Proc(
1596         IN      PRTMP_ADAPTER   pAd,
1597         IN      PUCHAR                  arg)
1598 {
1599         CHAR                            *value;
1600         INT                                     i;
1601
1602         if(strlen(arg) != 17)  //Mac address acceptable format 01:02:03:04:05:06 length 17
1603                 return FALSE;
1604
1605     for (i=0, value = rstrtok(arg, ":"); value; value = rstrtok(NULL, ":"))
1606         {
1607                 if((strlen(value) != 2) || (!isxdigit(*value)) || (!isxdigit(*(value+1))) )
1608                         return FALSE;  //Invalid
1609
1610
1611 #ifdef CONFIG_STA_SUPPORT
1612                 AtoH(value, &pAd->ate.Addr1[i++], 1);
1613 #endif // CONFIG_STA_SUPPORT //
1614         }
1615
1616         if(i != 6)
1617                 return FALSE;  //Invalid
1618
1619
1620 #ifdef CONFIG_STA_SUPPORT
1621         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_BSSID_Proc (BSSID = %2X:%2X:%2X:%2X:%2X:%2X)\n",  pAd->ate.Addr1[0],
1622                 pAd->ate.Addr1[1], pAd->ate.Addr1[2], pAd->ate.Addr1[3], pAd->ate.Addr1[4], pAd->ate.Addr1[5]));
1623 #endif // CONFIG_STA_SUPPORT //
1624
1625         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_BSSID_Proc Success\n"));
1626
1627         return TRUE;
1628 }
1629
1630 /*
1631     ==========================================================================
1632     Description:
1633         Set ATE Tx Channel
1634
1635     Return:
1636         TRUE if all parameters are OK, FALSE otherwise
1637     ==========================================================================
1638 */
1639 INT     Set_ATE_CHANNEL_Proc(
1640         IN      PRTMP_ADAPTER   pAd,
1641         IN      PUCHAR                  arg)
1642 {
1643         UCHAR channel;
1644
1645         channel = simple_strtol(arg, 0, 10);
1646
1647         if ((channel < 1) || (channel > 216))// to allow A band channel : ((channel < 1) || (channel > 14))
1648         {
1649                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_CHANNEL_Proc::Out of range, it should be in range of 1~14.\n"));
1650                 return FALSE;
1651         }
1652         pAd->ate.Channel = channel;
1653
1654         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_CHANNEL_Proc (ATE Channel = %d)\n", pAd->ate.Channel));
1655         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_CHANNEL_Proc Success\n"));
1656
1657
1658         return TRUE;
1659 }
1660
1661 /*
1662     ==========================================================================
1663     Description:
1664         Set ATE Tx Power0
1665
1666     Return:
1667         TRUE if all parameters are OK, FALSE otherwise
1668     ==========================================================================
1669 */
1670 INT     Set_ATE_TX_POWER0_Proc(
1671         IN      PRTMP_ADAPTER   pAd,
1672         IN      PUCHAR                  arg)
1673 {
1674         CHAR TxPower;
1675
1676         TxPower = simple_strtol(arg, 0, 10);
1677
1678         if (pAd->ate.Channel <= 14)
1679         {
1680                 if ((TxPower > 31) || (TxPower < 0))
1681                 {
1682                         ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_POWER0_Proc::Out of range (Value=%d)\n", TxPower));
1683                         return FALSE;
1684                 }
1685         }
1686         else// 5.5GHz
1687         {
1688                 if ((TxPower > 15) || (TxPower < -7))
1689                 {
1690                         ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_POWER0_Proc::Out of range (Value=%d)\n", TxPower));
1691                         return FALSE;
1692                 }
1693         }
1694
1695         pAd->ate.TxPower0 = TxPower;
1696         ATETxPwrHandler(pAd, 0);
1697         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_POWER0_Proc Success\n"));
1698
1699
1700         return TRUE;
1701 }
1702
1703 /*
1704     ==========================================================================
1705     Description:
1706         Set ATE Tx Power1
1707
1708     Return:
1709         TRUE if all parameters are OK, FALSE otherwise
1710     ==========================================================================
1711 */
1712 INT     Set_ATE_TX_POWER1_Proc(
1713         IN      PRTMP_ADAPTER   pAd,
1714         IN      PUCHAR                  arg)
1715 {
1716         CHAR TxPower;
1717
1718         TxPower = simple_strtol(arg, 0, 10);
1719
1720         if (pAd->ate.Channel <= 14)
1721         {
1722         if ((TxPower > 31) || (TxPower < 0))
1723         {
1724                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_POWER1_Proc::Out of range (Value=%d)\n", TxPower));
1725                 return FALSE;
1726         }
1727         }
1728         else
1729         {
1730                 if ((TxPower > 15) || (TxPower < -7))
1731                 {
1732                         ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_POWER1_Proc::Out of range (Value=%d)\n", TxPower));
1733                         return FALSE;
1734                 }
1735         }
1736
1737         pAd->ate.TxPower1 = TxPower;
1738         ATETxPwrHandler(pAd, 1);
1739         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_POWER1_Proc Success\n"));
1740
1741
1742         return TRUE;
1743 }
1744
1745 /*
1746     ==========================================================================
1747     Description:
1748         Set ATE Tx Antenna
1749
1750     Return:
1751         TRUE if all parameters are OK, FALSE otherwise
1752     ==========================================================================
1753 */
1754 INT     Set_ATE_TX_Antenna_Proc(
1755         IN      PRTMP_ADAPTER   pAd,
1756         IN      PUCHAR                  arg)
1757 {
1758         CHAR value;
1759
1760         value = simple_strtol(arg, 0, 10);
1761
1762         if ((value > 2) || (value < 0))
1763         {
1764                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_Antenna_Proc::Out of range (Value=%d)\n", value));
1765                 return FALSE;
1766         }
1767
1768         pAd->ate.TxAntennaSel = value;
1769
1770         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_TX_Antenna_Proc (Antenna = %d)\n", pAd->ate.TxAntennaSel));
1771         ATEDBGPRINT(RT_DEBUG_TRACE,("Ralink: Set_ATE_TX_Antenna_Proc Success\n"));
1772
1773
1774         return TRUE;
1775 }
1776
1777 /*
1778     ==========================================================================
1779     Description:
1780         Set ATE Rx Antenna
1781
1782     Return:
1783         TRUE if all parameters are OK, FALSE otherwise
1784     ==========================================================================
1785 */
1786 INT     Set_ATE_RX_Antenna_Proc(
1787         IN      PRTMP_ADAPTER   pAd,
1788         IN      PUCHAR                  arg)
1789 {
1790         CHAR value;
1791
1792         value = simple_strtol(arg, 0, 10);
1793
1794         if ((value > 3) || (value < 0))
1795         {
1796                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_RX_Antenna_Proc::Out of range (Value=%d)\n", value));
1797                 return FALSE;
1798         }
1799
1800         pAd->ate.RxAntennaSel = value;
1801
1802         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_RX_Antenna_Proc (Antenna = %d)\n", pAd->ate.RxAntennaSel));
1803         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_RX_Antenna_Proc Success\n"));
1804
1805
1806         return TRUE;
1807 }
1808
1809 /*
1810     ==========================================================================
1811     Description:
1812         Set ATE RF frequence offset
1813
1814     Return:
1815         TRUE if all parameters are OK, FALSE otherwise
1816     ==========================================================================
1817 */
1818 INT     Set_ATE_TX_FREQOFFSET_Proc(
1819         IN      PRTMP_ADAPTER   pAd,
1820         IN      PUCHAR                  arg)
1821 {
1822         UCHAR RFFreqOffset;
1823         ULONG R4;
1824
1825         RFFreqOffset = simple_strtol(arg, 0, 10);
1826
1827         if(RFFreqOffset >= 64)
1828         {
1829                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_FREQOFFSET_Proc::Out of range, it should be in range of 0~63.\n"));
1830                 return FALSE;
1831         }
1832
1833         pAd->ate.RFFreqOffset = RFFreqOffset;
1834         R4 = pAd->ate.RFFreqOffset << 15;               // shift TX power control to correct RF register bit position
1835         R4 |= (pAd->LatchRfRegs.R4 & ((~0x001f8000)));
1836         pAd->LatchRfRegs.R4 = R4;
1837
1838         RtmpRfIoWrite(pAd);
1839
1840         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_TX_FREQOFFSET_Proc (RFFreqOffset = %d)\n", pAd->ate.RFFreqOffset));
1841         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_FREQOFFSET_Proc Success\n"));
1842
1843
1844         return TRUE;
1845 }
1846
1847 /*
1848     ==========================================================================
1849     Description:
1850         Set ATE RF BW
1851
1852     Return:
1853         TRUE if all parameters are OK, FALSE otherwise
1854     ==========================================================================
1855 */
1856 INT     Set_ATE_TX_BW_Proc(
1857         IN      PRTMP_ADAPTER   pAd,
1858         IN      PUCHAR                  arg)
1859 {
1860         int i;
1861         UCHAR value = 0;
1862         UCHAR BBPCurrentBW;
1863
1864         BBPCurrentBW = simple_strtol(arg, 0, 10);
1865
1866         if(BBPCurrentBW == 0)
1867                 pAd->ate.TxWI.BW = BW_20;
1868         else
1869                 pAd->ate.TxWI.BW = BW_40;
1870
1871         if(pAd->ate.TxWI.BW == BW_20)
1872         {
1873                 if(pAd->ate.Channel <= 14)
1874                 {
1875                 for (i=0; i<5; i++)
1876                 {
1877                                 if (pAd->Tx20MPwrCfgGBand[i] != 0xffffffff)
1878                                 {
1879                                         RTMP_IO_WRITE32(pAd, TX_PWR_CFG_0 + i*4, pAd->Tx20MPwrCfgGBand[i]);
1880                                         RTMPusecDelay(5000);
1881                                 }
1882                         }
1883                 }
1884                 else
1885                 {
1886                         for (i=0; i<5; i++)
1887                         {
1888                                 if (pAd->Tx20MPwrCfgABand[i] != 0xffffffff)
1889                         {
1890                                         RTMP_IO_WRITE32(pAd, TX_PWR_CFG_0 + i*4, pAd->Tx20MPwrCfgABand[i]);
1891                                 RTMPusecDelay(5000);
1892                         }
1893                 }
1894                 }
1895
1896                 //Set BBP R4 bit[4:3]=0:0
1897                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &value);
1898                 value &= (~0x18);
1899                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, value);
1900
1901                 //Set BBP R66=0x3C
1902                 value = 0x3C;
1903                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R66, value);
1904                 //Set BBP R68=0x0B
1905                 //to improve Rx sensitivity.
1906                 value = 0x0B;
1907                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R68, value);
1908                 //Set BBP R69=0x16
1909                 value = 0x16;
1910                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R69, value);
1911                 //Set BBP R70=0x08
1912                 value = 0x08;
1913                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R70, value);
1914                 //Set BBP R73=0x11
1915                 value = 0x11;
1916                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R73, value);
1917
1918             // If Channel=14, Bandwidth=20M and Mode=CCK, Set BBP R4 bit5=1
1919             // (Japan filter coefficients)
1920             // This segment of code will only works when ATETXMODE and ATECHANNEL
1921             // were set to MODE_CCK and 14 respectively before ATETXBW is set to 0.
1922             //=====================================================================
1923                 if (pAd->ate.Channel == 14)
1924                 {
1925                         int TxMode = pAd->ate.TxWI.PHYMODE;
1926                         if (TxMode == MODE_CCK)
1927                         {
1928                                 // when Channel==14 && Mode==CCK && BandWidth==20M, BBP R4 bit5=1
1929                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &value);
1930                                 value |= 0x20; //set bit5=1
1931                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, value);
1932                         }
1933                 }
1934
1935             //=====================================================================
1936                 // If bandwidth != 40M, RF Reg4 bit 21 = 0.
1937                 pAd->LatchRfRegs.R4 &= ~0x00200000;
1938                 RtmpRfIoWrite(pAd);
1939         }
1940         else if(pAd->ate.TxWI.BW == BW_40)
1941         {
1942                 if(pAd->ate.Channel <= 14)
1943                 {
1944                         for (i=0; i<5; i++)
1945                         {
1946                                 if (pAd->Tx40MPwrCfgGBand[i] != 0xffffffff)
1947                                 {
1948                                         RTMP_IO_WRITE32(pAd, TX_PWR_CFG_0 + i*4, pAd->Tx40MPwrCfgGBand[i]);
1949                                         RTMPusecDelay(5000);
1950                                 }
1951                         }
1952                 }
1953                 else
1954                 {
1955                         for (i=0; i<5; i++)
1956                         {
1957                                 if (pAd->Tx40MPwrCfgABand[i] != 0xffffffff)
1958                                 {
1959                                         RTMP_IO_WRITE32(pAd, TX_PWR_CFG_0 + i*4, pAd->Tx40MPwrCfgABand[i]);
1960                                         RTMPusecDelay(5000);
1961                                 }
1962                         }
1963 #ifdef DOT11_N_SUPPORT
1964                         if ((pAd->ate.TxWI.PHYMODE >= MODE_HTMIX) && (pAd->ate.TxWI.MCS == 7))
1965                         {
1966                         value = 0x28;
1967                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R67, value);
1968                         }
1969 #endif // DOT11_N_SUPPORT //
1970                 }
1971
1972                 //Set BBP R4 bit[4:3]=1:0
1973                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &value);
1974                 value &= (~0x18);
1975                 value |= 0x10;
1976                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, value);
1977
1978                 //Set BBP R66=0x3C
1979                 value = 0x3C;
1980                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R66, value);
1981                 //Set BBP R68=0x0C
1982                 //to improve Rx sensitivity.
1983                 value = 0x0C;
1984                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R68, value);
1985                 //Set BBP R69=0x1A
1986                 value = 0x1A;
1987                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R69, value);
1988                 //Set BBP R70=0x0A
1989                 value = 0x0A;
1990                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R70, value);
1991                 //Set BBP R73=0x16
1992                 value = 0x16;
1993                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R73, value);
1994
1995                 // If bandwidth = 40M, set RF Reg4 bit 21 = 1.
1996                 pAd->LatchRfRegs.R4 |= 0x00200000;
1997                 RtmpRfIoWrite(pAd);
1998         }
1999
2000         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_TX_BW_Proc (BBPCurrentBW = %d)\n", pAd->ate.TxWI.BW));
2001         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_BW_Proc Success\n"));
2002
2003
2004         return TRUE;
2005 }
2006
2007 /*
2008     ==========================================================================
2009     Description:
2010         Set ATE Tx frame length
2011
2012     Return:
2013         TRUE if all parameters are OK, FALSE otherwise
2014     ==========================================================================
2015 */
2016 INT     Set_ATE_TX_LENGTH_Proc(
2017         IN      PRTMP_ADAPTER   pAd,
2018         IN      PUCHAR                  arg)
2019 {
2020         pAd->ate.TxLength = simple_strtol(arg, 0, 10);
2021
2022         if((pAd->ate.TxLength < 24) || (pAd->ate.TxLength > (MAX_FRAME_SIZE - 34/* == 2312 */)))
2023         {
2024                 pAd->ate.TxLength = (MAX_FRAME_SIZE - 34/* == 2312 */);
2025                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_LENGTH_Proc::Out of range, it should be in range of 24~%d.\n", (MAX_FRAME_SIZE - 34/* == 2312 */)));
2026                 return FALSE;
2027         }
2028
2029         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_TX_LENGTH_Proc (TxLength = %d)\n", pAd->ate.TxLength));
2030         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_LENGTH_Proc Success\n"));
2031
2032
2033         return TRUE;
2034 }
2035
2036 /*
2037     ==========================================================================
2038     Description:
2039         Set ATE Tx frame count
2040
2041     Return:
2042         TRUE if all parameters are OK, FALSE otherwise
2043     ==========================================================================
2044 */
2045 INT     Set_ATE_TX_COUNT_Proc(
2046         IN      PRTMP_ADAPTER   pAd,
2047         IN      PUCHAR                  arg)
2048 {
2049         pAd->ate.TxCount = simple_strtol(arg, 0, 10);
2050
2051         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_TX_COUNT_Proc (TxCount = %d)\n", pAd->ate.TxCount));
2052         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_COUNT_Proc Success\n"));
2053
2054
2055         return TRUE;
2056 }
2057
2058 /*
2059     ==========================================================================
2060     Description:
2061         Set ATE Tx frame MCS
2062
2063         Return:
2064                 TRUE if all parameters are OK, FALSE otherwise
2065     ==========================================================================
2066 */
2067 INT     Set_ATE_TX_MCS_Proc(
2068         IN      PRTMP_ADAPTER   pAd,
2069         IN      PUCHAR                  arg)
2070 {
2071         UCHAR MCS;
2072         int result;
2073
2074         MCS = simple_strtol(arg, 0, 10);
2075         result = CheckMCSValid(pAd->ate.TxWI.PHYMODE, MCS);
2076
2077         if (result != -1)
2078         {
2079                 pAd->ate.TxWI.MCS = (UCHAR)MCS;
2080         }
2081         else
2082         {
2083                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_MCS_Proc::Out of range, refer to rate table.\n"));
2084                 return FALSE;
2085         }
2086
2087         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_TX_MCS_Proc (MCS = %d)\n", pAd->ate.TxWI.MCS));
2088         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_MCS_Proc Success\n"));
2089
2090
2091         return TRUE;
2092 }
2093
2094 /*
2095     ==========================================================================
2096     Description:
2097         Set ATE Tx frame Mode
2098         0: MODE_CCK
2099         1: MODE_OFDM
2100         2: MODE_HTMIX
2101         3: MODE_HTGREENFIELD
2102
2103         Return:
2104                 TRUE if all parameters are OK, FALSE otherwise
2105     ==========================================================================
2106 */
2107 INT     Set_ATE_TX_MODE_Proc(
2108         IN      PRTMP_ADAPTER   pAd,
2109         IN      PUCHAR                  arg)
2110 {
2111         pAd->ate.TxWI.PHYMODE = simple_strtol(arg, 0, 10);
2112
2113         if(pAd->ate.TxWI.PHYMODE > 3)
2114         {
2115                 pAd->ate.TxWI.PHYMODE = 0;
2116                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_MODE_Proc::Out of range. it should be in range of 0~3\n"));
2117                 ATEDBGPRINT(RT_DEBUG_ERROR, ("0: CCK, 1: OFDM, 2: HT_MIX, 3: HT_GREEN_FIELD.\n"));
2118                 return FALSE;
2119         }
2120
2121         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_TX_MODE_Proc (TxMode = %d)\n", pAd->ate.TxWI.PHYMODE));
2122         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_MODE_Proc Success\n"));
2123
2124
2125         return TRUE;
2126 }
2127
2128 /*
2129     ==========================================================================
2130     Description:
2131         Set ATE Tx frame GI
2132
2133         Return:
2134                 TRUE if all parameters are OK, FALSE otherwise
2135     ==========================================================================
2136 */
2137 INT     Set_ATE_TX_GI_Proc(
2138         IN      PRTMP_ADAPTER   pAd,
2139         IN      PUCHAR                  arg)
2140 {
2141         pAd->ate.TxWI.ShortGI = simple_strtol(arg, 0, 10);
2142
2143         if(pAd->ate.TxWI.ShortGI > 1)
2144         {
2145                 pAd->ate.TxWI.ShortGI = 0;
2146                 ATEDBGPRINT(RT_DEBUG_ERROR, ("Set_ATE_TX_GI_Proc::Out of range\n"));
2147                 return FALSE;
2148         }
2149
2150         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_TX_GI_Proc (GI = %d)\n", pAd->ate.TxWI.ShortGI));
2151         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_TX_GI_Proc Success\n"));
2152
2153
2154         return TRUE;
2155 }
2156
2157 /*
2158     ==========================================================================
2159     Description:
2160     ==========================================================================
2161  */
2162 INT     Set_ATE_RX_FER_Proc(
2163         IN      PRTMP_ADAPTER   pAd,
2164         IN      PUCHAR                  arg)
2165 {
2166         pAd->ate.bRxFer = simple_strtol(arg, 0, 10);
2167
2168         if (pAd->ate.bRxFer == 1)
2169         {
2170                 pAd->ate.RxCntPerSec = 0;
2171                 pAd->ate.RxTotalCnt = 0;
2172         }
2173
2174         ATEDBGPRINT(RT_DEBUG_TRACE, ("Set_ATE_RX_FER_Proc (bRxFer = %d)\n", pAd->ate.bRxFer));
2175         ATEDBGPRINT(RT_DEBUG_TRACE, ("Ralink: Set_ATE_RX_FER_Proc Success\n"));
2176
2177
2178         return TRUE;
2179 }
2180
2181 INT Set_ATE_Read_RF_Proc(
2182         IN      PRTMP_ADAPTER   pAd,
2183         IN      PUCHAR                  arg)
2184 {
2185         ate_print(KERN_EMERG "R1 = %lx\n", pAd->LatchRfRegs.R1);
2186         ate_print(KERN_EMERG "R2 = %lx\n", pAd->LatchRfRegs.R2);
2187         ate_print(KERN_EMERG "R3 = %lx\n", pAd->LatchRfRegs.R3);
2188         ate_print(KERN_EMERG "R4 = %lx\n", pAd->LatchRfRegs.R4);
2189
2190         return TRUE;
2191 }
2192
2193 INT Set_ATE_Write_RF1_Proc(
2194         IN      PRTMP_ADAPTER   pAd,
2195         IN      PUCHAR                  arg)
2196 {
2197         UINT32 value = simple_strtol(arg, 0, 16);
2198
2199         pAd->LatchRfRegs.R1 = value;
2200         RtmpRfIoWrite(pAd);
2201
2202         return TRUE;
2203 }
2204
2205 INT Set_ATE_Write_RF2_Proc(
2206         IN      PRTMP_ADAPTER   pAd,
2207         IN      PUCHAR                  arg)
2208 {
2209         UINT32 value = simple_strtol(arg, 0, 16);
2210
2211         pAd->LatchRfRegs.R2 = value;
2212         RtmpRfIoWrite(pAd);
2213
2214         return TRUE;
2215 }
2216
2217 INT Set_ATE_Write_RF3_Proc(
2218         IN      PRTMP_ADAPTER   pAd,
2219         IN      PUCHAR                  arg)
2220 {
2221         UINT32 value = simple_strtol(arg, 0, 16);
2222
2223         pAd->LatchRfRegs.R3 = value;
2224         RtmpRfIoWrite(pAd);
2225
2226         return TRUE;
2227 }
2228
2229 INT Set_ATE_Write_RF4_Proc(
2230         IN      PRTMP_ADAPTER   pAd,
2231         IN      PUCHAR                  arg)
2232 {
2233         UINT32 value = simple_strtol(arg, 0, 16);
2234
2235         pAd->LatchRfRegs.R4 = value;
2236         RtmpRfIoWrite(pAd);
2237
2238         return TRUE;
2239 }
2240
2241 /*
2242     ==========================================================================
2243     Description:
2244         Load and Write EEPROM from a binary file prepared in advance.
2245
2246         Return:
2247                 TRUE if all parameters are OK, FALSE otherwise
2248     ==========================================================================
2249 */
2250 #ifndef UCOS
2251 INT Set_ATE_Load_E2P_Proc(
2252         IN      PRTMP_ADAPTER   pAd,
2253         IN      PUCHAR                  arg)
2254 {
2255         BOOLEAN             ret = FALSE;
2256         PUCHAR                  src = EEPROM_BIN_FILE_NAME;
2257         struct file             *srcf;
2258         INT32                   retval, orgfsuid, orgfsgid;
2259         mm_segment_t    orgfs;
2260         USHORT                  WriteEEPROM[(EEPROM_SIZE/2)];
2261         UINT32                  FileLength = 0;
2262         UINT32                  value = simple_strtol(arg, 0, 10);
2263
2264         ATEDBGPRINT(RT_DEBUG_ERROR, ("===> %s (value=%d)\n\n", __func__, value));
2265
2266         if (value > 0)
2267         {
2268                 /* zero the e2p buffer */
2269                 NdisZeroMemory((PUCHAR)WriteEEPROM, EEPROM_SIZE);
2270
2271                 /* save uid and gid used for filesystem access.
2272             ** set user and group to 0 (root)
2273             */
2274                 orgfsuid = current->fsuid;
2275                 orgfsgid = current->fsgid;
2276                 /* as root */
2277                 current->fsuid = current->fsgid = 0;
2278         orgfs = get_fs();
2279         set_fs(KERNEL_DS);
2280
2281                 do
2282                 {
2283                         /* open the bin file */
2284                         srcf = filp_open(src, O_RDONLY, 0);
2285
2286                         if (IS_ERR(srcf))
2287                         {
2288                                 ate_print("%s - Error %ld opening %s\n", __func__, -PTR_ERR(srcf), src);
2289                                 break;
2290                         }
2291
2292                         /* the object must have a read method */
2293                         if ((srcf->f_op == NULL) || (srcf->f_op->read == NULL))
2294                         {
2295                                 ate_print("%s - %s does not have a read method\n", __func__, src);
2296                                 break;
2297                         }
2298
2299                         /* read the firmware from the file *.bin */
2300                         FileLength = srcf->f_op->read(srcf,
2301                                                                                   (PUCHAR)WriteEEPROM,
2302                                                                                   EEPROM_SIZE,
2303                                                                                   &srcf->f_pos);
2304
2305                         if (FileLength != EEPROM_SIZE)
2306                         {
2307                                 ate_print("%s: error file length (=%d) in e2p.bin\n",
2308                                            __func__, FileLength);
2309                                 break;
2310                         }
2311                         else
2312                         {
2313                                 /* write the content of .bin file to EEPROM */
2314                                 rt_ee_write_all(pAd, WriteEEPROM);
2315                                 ret = TRUE;
2316                         }
2317                         break;
2318                 } while(TRUE);
2319
2320                 /* close firmware file */
2321                 if (IS_ERR(srcf))
2322                 {
2323                                 ;
2324                 }
2325                 else
2326                 {
2327                         retval = filp_close(srcf, NULL);
2328                         if (retval)
2329                         {
2330                                 ATEDBGPRINT(RT_DEBUG_ERROR, ("--> Error %d closing %s\n", -retval, src));
2331
2332                         }
2333                 }
2334
2335                 /* restore */
2336                 set_fs(orgfs);
2337                 current->fsuid = orgfsuid;
2338                 current->fsgid = orgfsgid;
2339         }
2340     ATEDBGPRINT(RT_DEBUG_ERROR, ("<=== %s (ret=%d)\n", __func__, ret));
2341
2342     return ret;
2343
2344 }
2345 #else
2346 INT Set_ATE_Load_E2P_Proc(
2347         IN      PRTMP_ADAPTER   pAd,
2348         IN      PUCHAR                  arg)
2349 {
2350         USHORT                  WriteEEPROM[(EEPROM_SIZE/2)];
2351         struct iwreq    *wrq = (struct iwreq *)arg;
2352
2353         ATEDBGPRINT(RT_DEBUG_TRACE, ("===> %s (wrq->u.data.length = %d)\n\n", __func__, wrq->u.data.length));
2354
2355         if (wrq->u.data.length != EEPROM_SIZE)
2356         {
2357                 ate_print("%s: error length (=%d) from host\n",
2358                            __func__, wrq->u.data.length);
2359                 return FALSE;
2360         }
2361         else/* (wrq->u.data.length == EEPROM_SIZE) */
2362         {
2363                 /* zero the e2p buffer */
2364                 NdisZeroMemory((PUCHAR)WriteEEPROM, EEPROM_SIZE);
2365
2366                 /* fill the local buffer */
2367                 NdisMoveMemory((PUCHAR)WriteEEPROM, wrq->u.data.pointer, wrq->u.data.length);
2368
2369                 do
2370                 {
2371                                 /* write the content of .bin file to EEPROM */
2372                                 rt_ee_write_all(pAd, WriteEEPROM);
2373
2374                 } while(FALSE);
2375                 }
2376
2377     ATEDBGPRINT(RT_DEBUG_TRACE, ("<=== %s\n", __func__));
2378
2379     return TRUE;
2380
2381 }
2382 #endif // !UCOS //
2383
2384 INT Set_ATE_Read_E2P_Proc(
2385         IN      PRTMP_ADAPTER   pAd,
2386         IN      PUCHAR                  arg)
2387 {
2388         USHORT buffer[EEPROM_SIZE/2];
2389         USHORT *p;
2390         int i;
2391
2392         rt_ee_read_all(pAd, (USHORT *)buffer);
2393         p = buffer;
2394         for (i = 0; i < (EEPROM_SIZE/2); i++)
2395         {
2396                 ate_print("%4.4x ", *p);
2397                 if (((i+1) % 16) == 0)
2398                         ate_print("\n");
2399                 p++;
2400         }
2401         return TRUE;
2402 }
2403
2404 INT     Set_ATE_Show_Proc(
2405         IN      PRTMP_ADAPTER   pAd,
2406         IN      PUCHAR                  arg)
2407 {
2408         ate_print("Mode=%d\n", pAd->ate.Mode);
2409         ate_print("TxPower0=%d\n", pAd->ate.TxPower0);
2410         ate_print("TxPower1=%d\n", pAd->ate.TxPower1);
2411         ate_print("TxAntennaSel=%d\n", pAd->ate.TxAntennaSel);
2412         ate_print("RxAntennaSel=%d\n", pAd->ate.RxAntennaSel);
2413         ate_print("BBPCurrentBW=%d\n", pAd->ate.TxWI.BW);
2414         ate_print("GI=%d\n", pAd->ate.TxWI.ShortGI);
2415         ate_print("MCS=%d\n", pAd->ate.TxWI.MCS);
2416         ate_print("TxMode=%d\n", pAd->ate.TxWI.PHYMODE);
2417         ate_print("Addr1=%02x:%02x:%02x:%02x:%02x:%02x\n",
2418                 pAd->ate.Addr1[0], pAd->ate.Addr1[1], pAd->ate.Addr1[2], pAd->ate.Addr1[3], pAd->ate.Addr1[4], pAd->ate.Addr1[5]);
2419         ate_print("Addr2=%02x:%02x:%02x:%02x:%02x:%02x\n",
2420                 pAd->ate.Addr2[0], pAd->ate.Addr2[1], pAd->ate.Addr2[2], pAd->ate.Addr2[3], pAd->ate.Addr2[4], pAd->ate.Addr2[5]);
2421         ate_print("Addr3=%02x:%02x:%02x:%02x:%02x:%02x\n",
2422                 pAd->ate.Addr3[0], pAd->ate.Addr3[1], pAd->ate.Addr3[2], pAd->ate.Addr3[3], pAd->ate.Addr3[4], pAd->ate.Addr3[5]);
2423         ate_print("Channel=%d\n", pAd->ate.Channel);
2424         ate_print("TxLength=%d\n", pAd->ate.TxLength);
2425         ate_print("TxCount=%u\n", pAd->ate.TxCount);
2426         ate_print("RFFreqOffset=%d\n", pAd->ate.RFFreqOffset);
2427         ate_print(KERN_EMERG "Set_ATE_Show_Proc Success\n");
2428         return TRUE;
2429 }
2430
2431 INT     Set_ATE_Help_Proc(
2432         IN      PRTMP_ADAPTER   pAd,
2433         IN      PUCHAR                  arg)
2434 {
2435         ate_print("ATE=ATESTART, ATESTOP, TXCONT, TXCARR, TXFRAME, RXFRAME\n");
2436         ate_print("ATEDA\n");
2437         ate_print("ATESA\n");
2438         ate_print("ATEBSSID\n");
2439         ate_print("ATECHANNEL, range:0~14(unless A band !)\n");
2440         ate_print("ATETXPOW0, set power level of antenna 1.\n");
2441         ate_print("ATETXPOW1, set power level of antenna 2.\n");
2442         ate_print("ATETXANT, set TX antenna. 0:all, 1:antenna one, 2:antenna two.\n");
2443         ate_print("ATERXANT, set RX antenna.0:all, 1:antenna one, 2:antenna two, 3:antenna three.\n");
2444         ate_print("ATETXFREQOFFSET, set frequency offset, range 0~63\n");
2445         ate_print("ATETXBW, set BandWidth, 0:20MHz, 1:40MHz.\n");
2446         ate_print("ATETXLEN, set Frame length, range 24~%d\n", (MAX_FRAME_SIZE - 34/* == 2312 */));
2447         ate_print("ATETXCNT, set how many frame going to transmit.\n");
2448         ate_print("ATETXMCS, set MCS, reference to rate table.\n");
2449         ate_print("ATETXMODE, set Mode 0:CCK, 1:OFDM, 2:HT-Mix, 3:GreenField, reference to rate table.\n");
2450         ate_print("ATETXGI, set GI interval, 0:Long, 1:Short\n");
2451         ate_print("ATERXFER, 0:disable Rx Frame error rate. 1:enable Rx Frame error rate.\n");
2452         ate_print("ATERRF, show all RF registers.\n");
2453         ate_print("ATEWRF1, set RF1 register.\n");
2454         ate_print("ATEWRF2, set RF2 register.\n");
2455         ate_print("ATEWRF3, set RF3 register.\n");
2456         ate_print("ATEWRF4, set RF4 register.\n");
2457         ate_print("ATELDE2P, load EEPROM from .bin file.\n");
2458         ate_print("ATERE2P, display all EEPROM content.\n");
2459         ate_print("ATESHOW, display all parameters of ATE.\n");
2460         ate_print("ATEHELP, online help.\n");
2461
2462         return TRUE;
2463 }
2464
2465 /*
2466     ==========================================================================
2467     Description:
2468
2469         AsicSwitchChannel() dedicated for ATE.
2470
2471     ==========================================================================
2472 */
2473 VOID ATEAsicSwitchChannel(
2474     IN PRTMP_ADAPTER pAd)
2475 {
2476         UINT32 R2 = 0, R3 = DEFAULT_RF_TX_POWER, R4 = 0, Value = 0;
2477         CHAR TxPwer = 0, TxPwer2 = 0;
2478         UCHAR index, BbpValue = 0, R66 = 0x30;
2479         RTMP_RF_REGS *RFRegTable;
2480         UCHAR Channel;
2481
2482 #ifdef RALINK_28xx_QA
2483         if ((pAd->ate.bQATxStart == TRUE) || (pAd->ate.bQARxStart == TRUE))
2484         {
2485                 if (pAd->ate.Channel != pAd->LatchRfRegs.Channel)
2486                 {
2487                         pAd->ate.Channel = pAd->LatchRfRegs.Channel;
2488                 }
2489                 return;
2490         }
2491         else
2492 #endif // RALINK_28xx_QA //
2493         Channel = pAd->ate.Channel;
2494
2495         // Select antenna
2496         AsicAntennaSelect(pAd, Channel);
2497
2498         // fill Tx power value
2499         TxPwer = pAd->ate.TxPower0;
2500         TxPwer2 = pAd->ate.TxPower1;
2501
2502         RFRegTable = RF2850RegTable;
2503
2504         switch (pAd->RfIcType)
2505         {
2506                 /* But only 2850 and 2750 support 5.5GHz band... */
2507                 case RFIC_2820:
2508                 case RFIC_2850:
2509                 case RFIC_2720:
2510                 case RFIC_2750:
2511
2512                         for (index = 0; index < NUM_OF_2850_CHNL; index++)
2513                         {
2514                                 if (Channel == RFRegTable[index].Channel)
2515                                 {
2516                                         R2 = RFRegTable[index].R2;
2517                                         if (pAd->Antenna.field.TxPath == 1)
2518                                         {
2519                                                 R2 |= 0x4000;   // If TXpath is 1, bit 14 = 1;
2520                                         }
2521
2522                                         if (pAd->Antenna.field.RxPath == 2)
2523                                         {
2524                                                 switch (pAd->ate.RxAntennaSel)
2525                                                 {
2526                                                         case 1:
2527                                                                 R2 |= 0x20040;
2528                                                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &BbpValue);
2529                                                                 BbpValue &= 0xE4;
2530                                                                 BbpValue |= 0x00;
2531                                                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, BbpValue);
2532                                                                 break;
2533                                                         case 2:
2534                                                                 R2 |= 0x10040;
2535                                                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &BbpValue);
2536                                                                 BbpValue &= 0xE4;
2537                                                                 BbpValue |= 0x01;
2538                                                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, BbpValue);
2539                                                                 break;
2540                                                         default:
2541                                                                 R2 |= 0x40;
2542                                                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &BbpValue);
2543                                                                 BbpValue &= 0xE4;
2544                                                                 /* Only enable two Antenna to receive. */
2545                                                                 BbpValue |= 0x08;
2546                                                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, BbpValue);
2547                                                                 break;
2548                                                 }
2549                                         }
2550                                         else if (pAd->Antenna.field.RxPath == 1)
2551                                         {
2552                                                 R2 |= 0x20040;  // write 1 to off RxPath
2553                                         }
2554
2555                                         if (pAd->Antenna.field.TxPath == 2)
2556                                         {
2557                                                 if (pAd->ate.TxAntennaSel == 1)
2558                                                 {
2559                                                         R2 |= 0x4000;   // If TX Antenna select is 1 , bit 14 = 1; Disable Ant 2
2560                                                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R1, &BbpValue);
2561                                                         BbpValue &= 0xE7;               //11100111B
2562                                                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R1, BbpValue);
2563                                                 }
2564                                                 else if (pAd->ate.TxAntennaSel == 2)
2565                                                 {
2566                                                         R2 |= 0x8000;   // If TX Antenna select is 2 , bit 15 = 1; Disable Ant 1
2567                                                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R1, &BbpValue);
2568                                                         BbpValue &= 0xE7;
2569                                                         BbpValue |= 0x08;
2570                                                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R1, BbpValue);
2571                                                 }
2572                                                 else
2573                                                 {
2574                                                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R1, &BbpValue);
2575                                                         BbpValue &= 0xE7;
2576                                                         BbpValue |= 0x10;
2577                                                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R1, BbpValue);
2578                                                 }
2579                                         }
2580                                         if (pAd->Antenna.field.RxPath == 3)
2581                                         {
2582                                                 switch (pAd->ate.RxAntennaSel)
2583                                                 {
2584                                                         case 1:
2585                                                                 R2 |= 0x20040;
2586                                                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &BbpValue);
2587                                                                 BbpValue &= 0xE4;
2588                                                                 BbpValue |= 0x00;
2589                                                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, BbpValue);
2590                                                                 break;
2591                                                         case 2:
2592                                                                 R2 |= 0x10040;
2593                                                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &BbpValue);
2594                                                                 BbpValue &= 0xE4;
2595                                                                 BbpValue |= 0x01;
2596                                                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, BbpValue);
2597                                                                 break;
2598                                                         case 3:
2599                                                                 R2 |= 0x30000;
2600                                                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &BbpValue);
2601                                                                 BbpValue &= 0xE4;
2602                                                                 BbpValue |= 0x02;
2603                                                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, BbpValue);
2604                                                                 break;
2605                                                         default:
2606                                                                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &BbpValue);
2607                                                                 BbpValue &= 0xE4;
2608                                                                 BbpValue |= 0x10;
2609                                                                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, BbpValue);
2610                                                                 break;
2611                                                 }
2612                                         }
2613
2614                                         if (Channel > 14)
2615                                         {
2616                                                 // initialize R3, R4
2617                                                 R3 = (RFRegTable[index].R3 & 0xffffc1ff);
2618                                                 R4 = (RFRegTable[index].R4 & (~0x001f87c0)) | (pAd->ate.RFFreqOffset << 15);
2619
2620                         // According the Rory's suggestion to solve the middle range issue.
2621                                                 // 5.5G band power range: 0xF9~0X0F, TX0 Reg3 bit9/TX1 Reg4 bit6="0" means the TX power reduce 7dB
2622                                                 // R3
2623                                                 if ((TxPwer >= -7) && (TxPwer < 0))
2624                                                 {
2625                                                         TxPwer = (7+TxPwer);
2626                                                         TxPwer = (TxPwer > 0xF) ? (0xF) : (TxPwer);
2627                                                         R3 |= (TxPwer << 10);
2628                                                         ATEDBGPRINT(RT_DEBUG_TRACE, ("ATEAsicSwitchChannel: TxPwer=%d \n", TxPwer));
2629                                                 }
2630                                                 else
2631                                                 {
2632                                                         TxPwer = (TxPwer > 0xF) ? (0xF) : (TxPwer);
2633                                                         R3 |= (TxPwer << 10) | (1 << 9);
2634                                                 }
2635
2636                                                 // R4
2637                                                 if ((TxPwer2 >= -7) && (TxPwer2 < 0))
2638                                                 {
2639                                                         TxPwer2 = (7+TxPwer2);
2640                                                         TxPwer2 = (TxPwer2 > 0xF) ? (0xF) : (TxPwer2);
2641                                                         R4 |= (TxPwer2 << 7);
2642                                                         ATEDBGPRINT(RT_DEBUG_TRACE, ("ATEAsicSwitchChannel: TxPwer2=%d \n", TxPwer2));
2643                                                 }
2644                                                 else
2645                                                 {
2646                                                         TxPwer2 = (TxPwer2 > 0xF) ? (0xF) : (TxPwer2);
2647                                                         R4 |= (TxPwer2 << 7) | (1 << 6);
2648                                                 }
2649                                         }
2650                                         else
2651                                         {
2652                                                 R3 = (RFRegTable[index].R3 & 0xffffc1ff) | (TxPwer << 9); // set TX power0
2653                                                 R4 = (RFRegTable[index].R4 & (~0x001f87c0)) | (pAd->ate.RFFreqOffset << 15) | (TxPwer2 <<6);// Set freq offset & TxPwr1
2654                                         }
2655
2656                                         // Based on BBP current mode before changing RF channel.
2657                                         if (pAd->ate.TxWI.BW == BW_40)
2658                                         {
2659                                                 R4 |=0x200000;
2660                                         }
2661
2662                                         // Update variables
2663                                         pAd->LatchRfRegs.Channel = Channel;
2664                                         pAd->LatchRfRegs.R1 = RFRegTable[index].R1;
2665                                         pAd->LatchRfRegs.R2 = R2;
2666                                         pAd->LatchRfRegs.R3 = R3;
2667                                         pAd->LatchRfRegs.R4 = R4;
2668
2669                                         RtmpRfIoWrite(pAd);
2670
2671                                         break;
2672                                 }
2673                         }
2674                         break;
2675
2676                 default:
2677                         break;
2678         }
2679
2680         // Change BBP setting during switch from a->g, g->a
2681         if (Channel <= 14)
2682         {
2683             ULONG       TxPinCfg = 0x00050F0A;// 2007.10.09 by Brian : 0x0005050A ==> 0x00050F0A
2684
2685                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R62, (0x37 - GET_LNA_GAIN(pAd)));
2686                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R63, (0x37 - GET_LNA_GAIN(pAd)));
2687                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R64, (0x37 - GET_LNA_GAIN(pAd)));
2688
2689                 /* For 1T/2R chip only... */
2690             if (pAd->NicConfig2.field.ExternalLNAForG)
2691             {
2692                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R82, 0x62);
2693             }
2694             else
2695             {
2696                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R82, 0x84);
2697             }
2698
2699         // According the Rory's suggestion to solve the middle range issue.
2700                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R86, &BbpValue);
2701                 ASSERT((BbpValue == 0x00));
2702                 if ((BbpValue != 0x00))
2703                 {
2704                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R86, 0x00);
2705                 }
2706
2707                 // 5.5GHz band selection PIN, bit1 and bit2 are complement
2708                 RTMP_IO_READ32(pAd, TX_BAND_CFG, &Value);
2709                 Value &= (~0x6);
2710                 Value |= (0x04);
2711                 RTMP_IO_WRITE32(pAd, TX_BAND_CFG, Value);
2712
2713         // Turn off unused PA or LNA when only 1T or 1R.
2714                 if (pAd->Antenna.field.TxPath == 1)
2715                 {
2716                         TxPinCfg &= 0xFFFFFFF3;
2717                 }
2718                 if (pAd->Antenna.field.RxPath == 1)
2719                 {
2720                         TxPinCfg &= 0xFFFFF3FF;
2721                 }
2722
2723                 RTMP_IO_WRITE32(pAd, TX_PIN_CFG, TxPinCfg);
2724         }
2725         else
2726         {
2727             ULONG       TxPinCfg = 0x00050F05;//2007.10.09 by Brian : 0x00050505 ==> 0x00050F05
2728
2729                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R62, (0x37 - GET_LNA_GAIN(pAd)));
2730                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R63, (0x37 - GET_LNA_GAIN(pAd)));
2731                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R64, (0x37 - GET_LNA_GAIN(pAd)));
2732                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R82, 0xF2);
2733
2734         // According the Rory's suggestion to solve the middle range issue.
2735                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R86, &BbpValue);
2736                 ASSERT((BbpValue == 0x00));
2737                 if ((BbpValue != 0x00))
2738                 {
2739                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R86, 0x00);
2740                 }
2741                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R91, &BbpValue);
2742                 ASSERT((BbpValue == 0x04));
2743
2744                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R92, &BbpValue);
2745                 ASSERT((BbpValue == 0x00));
2746
2747                 // 5.5GHz band selection PIN, bit1 and bit2 are complement
2748                 RTMP_IO_READ32(pAd, TX_BAND_CFG, &Value);
2749                 Value &= (~0x6);
2750                 Value |= (0x02);
2751                 RTMP_IO_WRITE32(pAd, TX_BAND_CFG, Value);
2752
2753         // Turn off unused PA or LNA when only 1T or 1R.
2754                 if (pAd->Antenna.field.TxPath == 1)
2755                 {
2756                         TxPinCfg &= 0xFFFFFFF3;
2757             }
2758                 if (pAd->Antenna.field.RxPath == 1)
2759                 {
2760                         TxPinCfg &= 0xFFFFF3FF;
2761                 }
2762
2763                 RTMP_IO_WRITE32(pAd, TX_PIN_CFG, TxPinCfg);
2764         }
2765
2766     // R66 should be set according to Channel and use 20MHz when scanning
2767         if (Channel <= 14)
2768         {
2769                 // BG band
2770                 R66 = 0x2E + GET_LNA_GAIN(pAd);
2771                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R66, R66);
2772         }
2773         else
2774         {
2775                 // 5.5 GHz band
2776                 if (pAd->ate.TxWI.BW == BW_20)
2777                 {
2778                         R66 = (UCHAR)(0x32 + (GET_LNA_GAIN(pAd)*5)/3);
2779                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R66, R66);
2780                 }
2781                 else
2782                 {
2783                         R66 = (UCHAR)(0x3A + (GET_LNA_GAIN(pAd)*5)/3);
2784                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R66, R66);
2785                 }
2786         }
2787
2788         //
2789         // On 11A, We should delay and wait RF/BBP to be stable
2790         // and the appropriate time should be 1000 micro seconds
2791         // 2005/06/05 - On 11G, We also need this delay time. Otherwise it's difficult to pass the WHQL.
2792         //
2793         RTMPusecDelay(1000);
2794
2795         if (Channel > 14)
2796         {
2797                 // When 5.5GHz band the LSB of TxPwr will be used to reduced 7dB or not.
2798                 ATEDBGPRINT(RT_DEBUG_TRACE, ("SwitchChannel#%d(RF=%d, %dT) to , R1=0x%08lx, R2=0x%08lx, R3=0x%08lx, R4=0x%08lx\n",
2799                                                                   Channel,
2800                                                                   pAd->RfIcType,
2801                                                                   pAd->Antenna.field.TxPath,
2802                                                                   pAd->LatchRfRegs.R1,
2803                                                                   pAd->LatchRfRegs.R2,
2804                                                                   pAd->LatchRfRegs.R3,
2805                                                                   pAd->LatchRfRegs.R4));
2806         }
2807         else
2808         {
2809                 ATEDBGPRINT(RT_DEBUG_TRACE, ("SwitchChannel#%d(RF=%d, Pwr0=%u, Pwr1=%u, %dT) to , R1=0x%08lx, R2=0x%08lx, R3=0x%08lx, R4=0x%08lx\n",
2810                                                                   Channel,
2811                                                                   pAd->RfIcType,
2812                                                                   (R3 & 0x00003e00) >> 9,
2813                                                                   (R4 & 0x000007c0) >> 6,
2814                                                                   pAd->Antenna.field.TxPath,
2815                                                                   pAd->LatchRfRegs.R1,
2816                                                                   pAd->LatchRfRegs.R2,
2817                                                                   pAd->LatchRfRegs.R3,
2818                                                                   pAd->LatchRfRegs.R4));
2819     }
2820 }
2821
2822 //
2823 // In fact, no one will call this routine so far !
2824 //
2825 /*
2826         ==========================================================================
2827         Description:
2828                 Gives CCK TX rate 2 more dB TX power.
2829                 This routine works only in ATE mode.
2830
2831                 calculate desired Tx power in RF R3.Tx0~5,      should consider -
2832                 0. if current radio is a noisy environment (pAd->DrsCounters.fNoisyEnvironment)
2833                 1. TxPowerPercentage
2834                 2. auto calibration based on TSSI feedback
2835                 3. extra 2 db for CCK
2836                 4. -10 db upon very-short distance (AvgRSSI >= -40db) to AP
2837
2838         NOTE: Since this routine requires the value of (pAd->DrsCounters.fNoisyEnvironment),
2839                 it should be called AFTER MlmeDynamicTxRateSwitching()
2840         ==========================================================================
2841  */
2842 VOID ATEAsicAdjustTxPower(
2843         IN PRTMP_ADAPTER pAd)
2844 {
2845         INT                     i, j;
2846         CHAR            DeltaPwr = 0;
2847         BOOLEAN         bAutoTxAgc = FALSE;
2848         UCHAR           TssiRef, *pTssiMinusBoundary, *pTssiPlusBoundary, TxAgcStep;
2849         UCHAR           BbpR49 = 0, idx;
2850         PCHAR           pTxAgcCompensate;
2851         ULONG           TxPwr[5];
2852         CHAR            Value;
2853
2854         /* no one calls this procedure so far */
2855         if (pAd->ate.TxWI.BW == BW_40)
2856         {
2857                 if (pAd->ate.Channel > 14)
2858                 {
2859                         TxPwr[0] = pAd->Tx40MPwrCfgABand[0];
2860                         TxPwr[1] = pAd->Tx40MPwrCfgABand[1];
2861                         TxPwr[2] = pAd->Tx40MPwrCfgABand[2];
2862                         TxPwr[3] = pAd->Tx40MPwrCfgABand[3];
2863                         TxPwr[4] = pAd->Tx40MPwrCfgABand[4];
2864                 }
2865                 else
2866                 {
2867                         TxPwr[0] = pAd->Tx40MPwrCfgGBand[0];
2868                         TxPwr[1] = pAd->Tx40MPwrCfgGBand[1];
2869                         TxPwr[2] = pAd->Tx40MPwrCfgGBand[2];
2870                         TxPwr[3] = pAd->Tx40MPwrCfgGBand[3];
2871                         TxPwr[4] = pAd->Tx40MPwrCfgGBand[4];
2872                 }
2873         }
2874         else
2875         {
2876                 if (pAd->ate.Channel > 14)
2877                 {
2878                         TxPwr[0] = pAd->Tx20MPwrCfgABand[0];
2879                         TxPwr[1] = pAd->Tx20MPwrCfgABand[1];
2880                         TxPwr[2] = pAd->Tx20MPwrCfgABand[2];
2881                         TxPwr[3] = pAd->Tx20MPwrCfgABand[3];
2882                         TxPwr[4] = pAd->Tx20MPwrCfgABand[4];
2883                 }
2884                 else
2885                 {
2886                         TxPwr[0] = pAd->Tx20MPwrCfgGBand[0];
2887                         TxPwr[1] = pAd->Tx20MPwrCfgGBand[1];
2888                         TxPwr[2] = pAd->Tx20MPwrCfgGBand[2];
2889                         TxPwr[3] = pAd->Tx20MPwrCfgGBand[3];
2890                         TxPwr[4] = pAd->Tx20MPwrCfgGBand[4];
2891                 }
2892         }
2893
2894         // TX power compensation for temperature variation based on TSSI.
2895         // Do it per 4 seconds.
2896         if (pAd->Mlme.OneSecPeriodicRound % 4 == 0)
2897         {
2898                 if (pAd->ate.Channel <= 14)
2899                 {
2900                         /* bg channel */
2901                         bAutoTxAgc         = pAd->bAutoTxAgcG;
2902                         TssiRef            = pAd->TssiRefG;
2903                         pTssiMinusBoundary = &pAd->TssiMinusBoundaryG[0];
2904                         pTssiPlusBoundary  = &pAd->TssiPlusBoundaryG[0];
2905                         TxAgcStep          = pAd->TxAgcStepG;
2906                         pTxAgcCompensate   = &pAd->TxAgcCompensateG;
2907                 }
2908                 else
2909                 {
2910                         /* a channel */
2911                         bAutoTxAgc         = pAd->bAutoTxAgcA;
2912                         TssiRef            = pAd->TssiRefA;
2913                         pTssiMinusBoundary = &pAd->TssiMinusBoundaryA[0];
2914                         pTssiPlusBoundary  = &pAd->TssiPlusBoundaryA[0];
2915                         TxAgcStep          = pAd->TxAgcStepA;
2916                         pTxAgcCompensate   = &pAd->TxAgcCompensateA;
2917                 }
2918
2919                 if (bAutoTxAgc)
2920                 {
2921                         /* BbpR49 is unsigned char */
2922                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R49, &BbpR49);
2923
2924                         /* (p) TssiPlusBoundaryG[0] = 0 = (m) TssiMinusBoundaryG[0] */
2925                         /* compensate: +4     +3   +2   +1    0   -1   -2   -3   -4 * steps */
2926                         /* step value is defined in pAd->TxAgcStepG for tx power value */
2927
2928                         /* [4]+1+[4]   p4     p3   p2   p1   o1   m1   m2   m3   m4 */
2929                         /* ex:         0x00 0x15 0x25 0x45 0x88 0xA0 0xB5 0xD0 0xF0
2930                            above value are examined in mass factory production */
2931                         /*             [4]    [3]  [2]  [1]  [0]  [1]  [2]  [3]  [4] */
2932
2933                         /* plus is 0x10 ~ 0x40, minus is 0x60 ~ 0x90 */
2934                         /* if value is between p1 ~ o1 or o1 ~ s1, no need to adjust tx power */
2935                         /* if value is 0x65, tx power will be -= TxAgcStep*(2-1) */
2936
2937                         if (BbpR49 > pTssiMinusBoundary[1])
2938                         {
2939                                 // Reading is larger than the reference value.
2940                                 // Check for how large we need to decrease the Tx power.
2941                                 for (idx = 1; idx < 5; idx++)
2942                                 {
2943                                         if (BbpR49 <= pTssiMinusBoundary[idx])  // Found the range
2944                                                 break;
2945                                 }
2946                                 // The index is the step we should decrease, idx = 0 means there is nothing to compensate
2947 //                              if (R3 > (ULONG) (TxAgcStep * (idx-1)))
2948                                         *pTxAgcCompensate = -(TxAgcStep * (idx-1));
2949 //                              else
2950 //                                      *pTxAgcCompensate = -((UCHAR)R3);
2951
2952                                 DeltaPwr += (*pTxAgcCompensate);
2953                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("-- Tx Power, BBP R1=%x, TssiRef=%x, TxAgcStep=%x, step = -%d\n",
2954                                         BbpR49, TssiRef, TxAgcStep, idx-1));
2955                         }
2956                         else if (BbpR49 < pTssiPlusBoundary[1])
2957                         {
2958                                 // Reading is smaller than the reference value
2959                                 // check for how large we need to increase the Tx power
2960                                 for (idx = 1; idx < 5; idx++)
2961                                 {
2962                                         if (BbpR49 >= pTssiPlusBoundary[idx])   // Found the range
2963                                                 break;
2964                                 }
2965                                 // The index is the step we should increase, idx = 0 means there is nothing to compensate
2966                                 *pTxAgcCompensate = TxAgcStep * (idx-1);
2967                                 DeltaPwr += (*pTxAgcCompensate);
2968                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("++ Tx Power, BBP R1=%x, TssiRef=%x, TxAgcStep=%x, step = +%d\n",
2969                                         BbpR49, TssiRef, TxAgcStep, idx-1));
2970                         }
2971                         else
2972                         {
2973                                 *pTxAgcCompensate = 0;
2974                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("   Tx Power, BBP R1=%x, TssiRef=%x, TxAgcStep=%x, step = +%d\n",
2975                                         BbpR49, TssiRef, TxAgcStep, 0));
2976                         }
2977                 }
2978         }
2979         else
2980         {
2981                 if (pAd->ate.Channel <= 14)
2982                 {
2983                         bAutoTxAgc         = pAd->bAutoTxAgcG;
2984                         pTxAgcCompensate   = &pAd->TxAgcCompensateG;
2985                 }
2986                 else
2987                 {
2988                         bAutoTxAgc         = pAd->bAutoTxAgcA;
2989                         pTxAgcCompensate   = &pAd->TxAgcCompensateA;
2990                 }
2991
2992                 if (bAutoTxAgc)
2993                         DeltaPwr += (*pTxAgcCompensate);
2994         }
2995
2996         /* calculate delta power based on the percentage specified from UI */
2997         // E2PROM setting is calibrated for maximum TX power (i.e. 100%)
2998         // We lower TX power here according to the percentage specified from UI
2999         if (pAd->CommonCfg.TxPowerPercentage == 0xffffffff)       // AUTO TX POWER control
3000                 ;
3001         else if (pAd->CommonCfg.TxPowerPercentage > 90)  // 91 ~ 100% & AUTO, treat as 100% in terms of mW
3002                 ;
3003         else if (pAd->CommonCfg.TxPowerPercentage > 60)  // 61 ~ 90%, treat as 75% in terms of mW
3004         {
3005                 DeltaPwr -= 1;
3006         }
3007         else if (pAd->CommonCfg.TxPowerPercentage > 30)  // 31 ~ 60%, treat as 50% in terms of mW
3008         {
3009                 DeltaPwr -= 3;
3010         }
3011         else if (pAd->CommonCfg.TxPowerPercentage > 15)  // 16 ~ 30%, treat as 25% in terms of mW
3012         {
3013                 DeltaPwr -= 6;
3014         }
3015         else if (pAd->CommonCfg.TxPowerPercentage > 9)   // 10 ~ 15%, treat as 12.5% in terms of mW
3016         {
3017                 DeltaPwr -= 9;
3018         }
3019         else                                           // 0 ~ 9 %, treat as MIN(~3%) in terms of mW
3020         {
3021                 DeltaPwr -= 12;
3022         }
3023
3024         /* reset different new tx power for different TX rate */
3025         for(i=0; i<5; i++)
3026         {
3027                 if (TxPwr[i] != 0xffffffff)
3028                 {
3029                         for (j=0; j<8; j++)
3030                         {
3031                                 Value = (CHAR)((TxPwr[i] >> j*4) & 0x0F); /* 0 ~ 15 */
3032
3033                                 if ((Value + DeltaPwr) < 0)
3034                                 {
3035                                         Value = 0; /* min */
3036                                 }
3037                                 else if ((Value + DeltaPwr) > 0xF)
3038                                 {
3039                                         Value = 0xF; /* max */
3040                                 }
3041                                 else
3042                                 {
3043                                         Value += DeltaPwr; /* temperature compensation */
3044                                 }
3045
3046                                 /* fill new value to CSR offset */
3047                                 TxPwr[i] = (TxPwr[i] & ~(0x0000000F << j*4)) | (Value << j*4);
3048                         }
3049
3050                         /* write tx power value to CSR */
3051                         /* TX_PWR_CFG_0 (8 tx rate) for TX power for OFDM 12M/18M
3052                                                                                         TX power for OFDM 6M/9M
3053                                                                                         TX power for CCK5.5M/11M
3054                                                                                         TX power for CCK1M/2M */
3055                         /* TX_PWR_CFG_1 ~ TX_PWR_CFG_4 */
3056                         RTMP_IO_WRITE32(pAd, TX_PWR_CFG_0 + i*4, TxPwr[i]);
3057
3058
3059                 }
3060         }
3061
3062 }
3063
3064 /*
3065         ========================================================================
3066         Routine Description:
3067                 Write TxWI for ATE mode.
3068
3069         Return Value:
3070                 None
3071         ========================================================================
3072 */
3073
3074 #ifdef RT2870
3075 static VOID ATEWriteTxWI(
3076         IN      PRTMP_ADAPTER   pAd,
3077         IN      PTXWI_STRUC     pTxWI,
3078         IN      BOOLEAN                 FRAG,
3079         IN      BOOLEAN                 InsTimestamp,
3080         IN      BOOLEAN                 AMPDU,
3081         IN      BOOLEAN                 Ack,
3082         IN      BOOLEAN                 NSeq,           // HW new a sequence.
3083         IN      UCHAR                   BASize,
3084         IN      UCHAR                   WCID,
3085         IN      ULONG                   Length,
3086         IN      UCHAR                   PID,
3087         IN      UCHAR                   MIMOps,
3088         IN      UCHAR                   Txopmode,
3089         IN      BOOLEAN                 CfAck,
3090         IN      HTTRANSMIT_SETTING      Transmit)
3091 {
3092         //
3093         // Always use Long preamble before verifiation short preamble functionality works well.
3094         // Todo: remove the following line if short preamble functionality works
3095         //
3096         OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_SHORT_PREAMBLE_INUSED);
3097         pTxWI->FRAG= FRAG;
3098         pTxWI->TS= InsTimestamp;
3099         pTxWI->AMPDU = AMPDU;
3100
3101         pTxWI->MIMOps = PWR_ACTIVE;
3102         pTxWI->MpduDensity = 4;
3103         pTxWI->ACK = Ack;
3104         pTxWI->txop = Txopmode;
3105         pTxWI->NSEQ = NSeq;
3106         pTxWI->BAWinSize = BASize;
3107
3108         pTxWI->WirelessCliID = WCID;
3109         pTxWI->MPDUtotalByteCount = Length;
3110         pTxWI->PacketId = PID;
3111
3112         pTxWI->BW = Transmit.field.BW;
3113         pTxWI->ShortGI = Transmit.field.ShortGI;
3114         pTxWI->STBC= Transmit.field.STBC;
3115
3116         pTxWI->MCS = Transmit.field.MCS;
3117         pTxWI->PHYMODE= Transmit.field.MODE;
3118
3119 #ifdef DOT11_N_SUPPORT
3120         //
3121         // MMPS is 802.11n features. Because TxWI->MCS > 7 must be HT mode,
3122         // so need not check if it's HT rate.
3123         //
3124         if ((MIMOps == MMPS_STATIC) && (pTxWI->MCS > 7))
3125                 pTxWI->MCS = 7;
3126
3127         if ((MIMOps == MMPS_DYNAMIC) && (pTxWI->MCS > 7)) // SMPS protect 2 spatial.
3128                 pTxWI->MIMOps = 1;
3129 #endif // DOT11_N_SUPPORT //
3130
3131         pTxWI->CFACK = CfAck;
3132
3133         return;
3134 }
3135 #endif // RT2870 //
3136 /*
3137         ========================================================================
3138
3139         Routine Description:
3140                 Disable protection for ATE.
3141         ========================================================================
3142 */
3143 VOID ATEDisableAsicProtect(
3144         IN              PRTMP_ADAPTER   pAd)
3145 {
3146         PROT_CFG_STRUC  ProtCfg, ProtCfg4;
3147         UINT32 Protect[6];
3148         USHORT                  offset;
3149         UCHAR                   i;
3150         UINT32 MacReg = 0;
3151
3152         // Config ASIC RTS threshold register
3153         RTMP_IO_READ32(pAd, TX_RTS_CFG, &MacReg);
3154         MacReg &= 0xFF0000FF;
3155         MacReg |= (pAd->CommonCfg.RtsThreshold << 8);
3156         RTMP_IO_WRITE32(pAd, TX_RTS_CFG, MacReg);
3157
3158         // Initial common protection settings
3159         RTMPZeroMemory(Protect, sizeof(Protect));
3160         ProtCfg4.word = 0;
3161         ProtCfg.word = 0;
3162         ProtCfg.field.TxopAllowGF40 = 1;
3163         ProtCfg.field.TxopAllowGF20 = 1;
3164         ProtCfg.field.TxopAllowMM40 = 1;
3165         ProtCfg.field.TxopAllowMM20 = 1;
3166         ProtCfg.field.TxopAllowOfdm = 1;
3167         ProtCfg.field.TxopAllowCck = 1;
3168         ProtCfg.field.RTSThEn = 1;
3169         ProtCfg.field.ProtectNav = ASIC_SHORTNAV;
3170
3171         // Handle legacy(B/G) protection
3172         ProtCfg.field.ProtectRate = pAd->CommonCfg.RtsRate;
3173         ProtCfg.field.ProtectCtrl = 0;
3174         Protect[0] = ProtCfg.word;
3175         Protect[1] = ProtCfg.word;
3176
3177         // NO PROTECT
3178         // 1.All STAs in the BSS are 20/40 MHz HT
3179         // 2. in ai 20/40MHz BSS
3180         // 3. all STAs are 20MHz in a 20MHz BSS
3181         // Pure HT. no protection.
3182
3183         // MM20_PROT_CFG
3184         //      Reserved (31:27)
3185         //      PROT_TXOP(25:20) -- 010111
3186         //      PROT_NAV(19:18)  -- 01 (Short NAV protection)
3187         //  PROT_CTRL(17:16) -- 00 (None)
3188         //      PROT_RATE(15:0)  -- 0x4004 (OFDM 24M)
3189         Protect[2] = 0x01744004;
3190
3191         // MM40_PROT_CFG
3192         //      Reserved (31:27)
3193         //      PROT_TXOP(25:20) -- 111111
3194         //      PROT_NAV(19:18)  -- 01 (Short NAV protection)
3195         //  PROT_CTRL(17:16) -- 00 (None)
3196         //      PROT_RATE(15:0)  -- 0x4084 (duplicate OFDM 24M)
3197         Protect[3] = 0x03f44084;
3198
3199         // CF20_PROT_CFG
3200         //      Reserved (31:27)
3201         //      PROT_TXOP(25:20) -- 010111
3202         //      PROT_NAV(19:18)  -- 01 (Short NAV protection)
3203         //  PROT_CTRL(17:16) -- 00 (None)
3204         //      PROT_RATE(15:0)  -- 0x4004 (OFDM 24M)
3205         Protect[4] = 0x01744004;
3206
3207         // CF40_PROT_CFG
3208         //      Reserved (31:27)
3209         //      PROT_TXOP(25:20) -- 111111
3210         //      PROT_NAV(19:18)  -- 01 (Short NAV protection)
3211         //  PROT_CTRL(17:16) -- 00 (None)
3212         //      PROT_RATE(15:0)  -- 0x4084 (duplicate OFDM 24M)
3213         Protect[5] = 0x03f44084;
3214
3215         pAd->CommonCfg.IOTestParm.bRTSLongProtOn = FALSE;
3216
3217         offset = CCK_PROT_CFG;
3218         for (i = 0;i < 6;i++)
3219                 RTMP_IO_WRITE32(pAd, offset + i*4, Protect[i]);
3220
3221 }
3222
3223 #ifdef RT2870
3224 /*
3225         ========================================================================
3226         Routine Description:
3227                 Write TxInfo for ATE mode.
3228
3229         Return Value:
3230                 None
3231         ========================================================================
3232 */
3233 static VOID ATEWriteTxInfo(
3234         IN      PRTMP_ADAPTER   pAd,
3235         IN      PTXINFO_STRUC   pTxInfo,
3236         IN      USHORT          USBDMApktLen,
3237         IN      BOOLEAN         bWiv,
3238         IN      UCHAR                   QueueSel,
3239         IN      UCHAR                   NextValid,
3240         IN      UCHAR                   TxBurst)
3241 {
3242         pTxInfo->USBDMATxPktLen = USBDMApktLen;
3243         pTxInfo->QSEL = QueueSel;
3244
3245         if (QueueSel != FIFO_EDCA)
3246                 ATEDBGPRINT(RT_DEBUG_TRACE, ("=======> QueueSel != FIFO_EDCA<=======\n"));
3247
3248         pTxInfo->USBDMANextVLD = NextValid;
3249         pTxInfo->USBDMATxburst = TxBurst;
3250         pTxInfo->WIV = bWiv;
3251         pTxInfo->SwUseLastRound = 0;
3252         pTxInfo->rsv = 0;
3253         pTxInfo->rsv2 = 0;
3254
3255         return;
3256 }
3257 #endif // RT2870 //
3258
3259 /* There are two ways to convert Rssi */
3260 #if 1
3261 //
3262 // The way used with GET_LNA_GAIN().
3263 //
3264 CHAR ATEConvertToRssi(
3265         IN PRTMP_ADAPTER pAd,
3266         IN      CHAR    Rssi,
3267         IN  UCHAR   RssiNumber)
3268 {
3269         UCHAR   RssiOffset, LNAGain;
3270
3271         // Rssi equals to zero should be an invalid value
3272         if (Rssi == 0)
3273                 return -99;
3274
3275         LNAGain = GET_LNA_GAIN(pAd);
3276         if (pAd->LatchRfRegs.Channel > 14)
3277         {
3278                 if (RssiNumber == 0)
3279                         RssiOffset = pAd->ARssiOffset0;
3280                 else if (RssiNumber == 1)
3281                         RssiOffset = pAd->ARssiOffset1;
3282                 else
3283                         RssiOffset = pAd->ARssiOffset2;
3284         }
3285         else
3286         {
3287                 if (RssiNumber == 0)
3288                         RssiOffset = pAd->BGRssiOffset0;
3289                 else if (RssiNumber == 1)
3290                         RssiOffset = pAd->BGRssiOffset1;
3291                 else
3292                         RssiOffset = pAd->BGRssiOffset2;
3293         }
3294
3295         return (-12 - RssiOffset - LNAGain - Rssi);
3296 }
3297 #else
3298 //
3299 // The way originally used in ATE of rt2860ap.
3300 //
3301 CHAR ATEConvertToRssi(
3302         IN PRTMP_ADAPTER pAd,
3303         IN      CHAR                    Rssi,
3304         IN  UCHAR   RssiNumber)
3305 {
3306         UCHAR   RssiOffset, LNAGain;
3307
3308         // Rssi equals to zero should be an invalid value
3309         if (Rssi == 0)
3310                 return -99;
3311
3312     if (pAd->LatchRfRegs.Channel > 14)
3313     {
3314         LNAGain = pAd->ALNAGain;
3315         if (RssiNumber == 0)
3316                         RssiOffset = pAd->ARssiOffset0;
3317                 else if (RssiNumber == 1)
3318                         RssiOffset = pAd->ARssiOffset1;
3319                 else
3320                         RssiOffset = pAd->ARssiOffset2;
3321     }
3322     else
3323     {
3324         LNAGain = pAd->BLNAGain;
3325         if (RssiNumber == 0)
3326                         RssiOffset = pAd->BGRssiOffset0;
3327                 else if (RssiNumber == 1)
3328                         RssiOffset = pAd->BGRssiOffset1;
3329                 else
3330                         RssiOffset = pAd->BGRssiOffset2;
3331     }
3332
3333     return (-32 - RssiOffset + LNAGain - Rssi);
3334 }
3335 #endif /* end of #if 1 */
3336
3337 /*
3338         ========================================================================
3339
3340         Routine Description:
3341                 Set Japan filter coefficients if needed.
3342         Note:
3343                 This routine should only be called when
3344                 entering TXFRAME mode or TXCONT mode.
3345
3346         ========================================================================
3347 */
3348 static VOID SetJapanFilter(
3349         IN              PRTMP_ADAPTER   pAd)
3350 {
3351         UCHAR                   BbpData = 0;
3352
3353         //
3354         // If Channel=14 and Bandwidth=20M and Mode=CCK, set BBP R4 bit5=1
3355         // (Japan Tx filter coefficients)when (TXFRAME or TXCONT).
3356         //
3357         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &BbpData);
3358
3359     if ((pAd->ate.TxWI.PHYMODE == MODE_CCK) && (pAd->ate.Channel == 14) && (pAd->ate.TxWI.BW == BW_20))
3360     {
3361         BbpData |= 0x20;    // turn on
3362         ATEDBGPRINT(RT_DEBUG_TRACE, ("SetJapanFilter!!!\n"));
3363     }
3364     else
3365     {
3366                 BbpData &= 0xdf;    // turn off
3367                 ATEDBGPRINT(RT_DEBUG_TRACE, ("ClearJapanFilter!!!\n"));
3368     }
3369
3370         ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, BbpData);
3371 }
3372
3373 VOID ATESampleRssi(
3374         IN PRTMP_ADAPTER        pAd,
3375         IN PRXWI_STRUC          pRxWI)
3376 {
3377         /* There are two ways to collect RSSI. */
3378 #if 1
3379         //pAd->LastRxRate = (USHORT)((pRxWI->MCS) + (pRxWI->BW <<7) + (pRxWI->ShortGI <<8)+ (pRxWI->PHYMODE <<14)) ;
3380         if (pRxWI->RSSI0 != 0)
3381         {
3382                 pAd->ate.LastRssi0      = ATEConvertToRssi(pAd, (CHAR) pRxWI->RSSI0, RSSI_0);
3383                 pAd->ate.AvgRssi0X8     = (pAd->ate.AvgRssi0X8 - pAd->ate.AvgRssi0) + pAd->ate.LastRssi0;
3384                 pAd->ate.AvgRssi0       = pAd->ate.AvgRssi0X8 >> 3;
3385         }
3386         if (pRxWI->RSSI1 != 0)
3387         {
3388                 pAd->ate.LastRssi1      = ATEConvertToRssi(pAd, (CHAR) pRxWI->RSSI1, RSSI_1);
3389                 pAd->ate.AvgRssi1X8     = (pAd->ate.AvgRssi1X8 - pAd->ate.AvgRssi1) + pAd->ate.LastRssi1;
3390                 pAd->ate.AvgRssi1       = pAd->ate.AvgRssi1X8 >> 3;
3391         }
3392         if (pRxWI->RSSI2 != 0)
3393         {
3394                 pAd->ate.LastRssi2      = ATEConvertToRssi(pAd, (CHAR) pRxWI->RSSI2, RSSI_2);
3395                 pAd->ate.AvgRssi2X8     = (pAd->ate.AvgRssi2X8 - pAd->ate.AvgRssi2) + pAd->ate.LastRssi2;
3396                 pAd->ate.AvgRssi2       = pAd->ate.AvgRssi2X8 >> 3;
3397         }
3398
3399         pAd->ate.LastSNR0 = (CHAR)(pRxWI->SNR0);// CHAR ==> UCHAR ?
3400         pAd->ate.LastSNR1 = (CHAR)(pRxWI->SNR1);// CHAR ==> UCHAR ?
3401
3402         pAd->ate.NumOfAvgRssiSample ++;
3403 #else
3404         pAd->ate.LastSNR0 = (CHAR)(pRxWI->SNR0);
3405         pAd->ate.LastSNR1 = (CHAR)(pRxWI->SNR1);
3406         pAd->ate.RxCntPerSec++;
3407         pAd->ate.LastRssi0 = ATEConvertToRssi(pAd, (CHAR) pRxWI->RSSI0, RSSI_0);
3408         pAd->ate.LastRssi1 = ATEConvertToRssi(pAd, (CHAR) pRxWI->RSSI1, RSSI_1);
3409         pAd->ate.LastRssi2 = ATEConvertToRssi(pAd, (CHAR) pRxWI->RSSI2, RSSI_2);
3410         pAd->ate.AvgRssi0X8 = (pAd->ate.AvgRssi0X8 - pAd->ate.AvgRssi0) + pAd->ate.LastRssi0;
3411         pAd->ate.AvgRssi0 = pAd->ate.AvgRssi0X8 >> 3;
3412         pAd->ate.AvgRssi1X8 = (pAd->ate.AvgRssi1X8 - pAd->ate.AvgRssi1) + pAd->ate.LastRssi1;
3413         pAd->ate.AvgRssi1 = pAd->ate.AvgRssi1X8 >> 3;
3414         pAd->ate.AvgRssi2X8 = (pAd->ate.AvgRssi2X8 - pAd->ate.AvgRssi2) + pAd->ate.LastRssi2;
3415         pAd->ate.AvgRssi2 = pAd->ate.AvgRssi2X8 >> 3;
3416         pAd->ate.NumOfAvgRssiSample ++;
3417 #endif
3418 }
3419
3420 #ifdef CONFIG_STA_SUPPORT
3421 VOID RTMPStationStop(
3422     IN  PRTMP_ADAPTER   pAd)
3423 {
3424 //      BOOLEAN       Cancelled;
3425
3426     ATEDBGPRINT(RT_DEBUG_TRACE, ("==> RTMPStationStop\n"));
3427
3428 #if 0
3429         RTMPCancelTimer(&pAd->MlmeAux.AssocTimer,      &Cancelled);
3430         RTMPCancelTimer(&pAd->MlmeAux.ReassocTimer,    &Cancelled);
3431         RTMPCancelTimer(&pAd->MlmeAux.DisassocTimer,   &Cancelled);
3432         RTMPCancelTimer(&pAd->MlmeAux.AuthTimer,       &Cancelled);
3433         RTMPCancelTimer(&pAd->MlmeAux.BeaconTimer,     &Cancelled);
3434         RTMPCancelTimer(&pAd->MlmeAux.ScanTimer,       &Cancelled);
3435 #endif
3436         // For rx statistics, we need to keep this timer running.
3437 //      RTMPCancelTimer(&pAd->Mlme.PeriodicTimer,      &Cancelled);
3438
3439     ATEDBGPRINT(RT_DEBUG_TRACE, ("<== RTMPStationStop\n"));
3440 }
3441
3442 VOID RTMPStationStart(
3443     IN  PRTMP_ADAPTER   pAd)
3444 {
3445     ATEDBGPRINT(RT_DEBUG_TRACE, ("==> RTMPStationStart\n"));
3446         ATEDBGPRINT(RT_DEBUG_TRACE, ("<== RTMPStationStart\n"));
3447 }
3448 #endif // CONFIG_STA_SUPPORT //
3449
3450 /*
3451         ==========================================================================
3452         Description:
3453                 Setup Frame format.
3454         NOTE:
3455                 This routine should only be used in ATE mode.
3456         ==========================================================================
3457  */
3458
3459 #ifdef RT2870
3460 /*======================Start of RT2870======================*/
3461 /*                                                           */
3462 /*                                                           */
3463 static INT ATESetUpFrame(
3464         IN PRTMP_ADAPTER pAd,
3465         IN UINT32 TxIdx)
3466 {
3467         UINT j;
3468         PTX_CONTEXT     pNullContext;
3469         PUCHAR                  pDest;
3470         HTTRANSMIT_SETTING      TxHTPhyMode;
3471         PTXWI_STRUC             pTxWI;
3472         PTXINFO_STRUC           pTxInfo;
3473         UINT32                  TransferBufferLength, OrgBufferLength = 0;
3474         UCHAR                   padLen = 0;
3475 #ifdef RALINK_28xx_QA
3476         PHEADER_802_11  pHeader80211 = NULL;
3477 #endif // RALINK_28xx_QA //
3478
3479         if ((RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_RESET_IN_PROGRESS)) ||
3480                 (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET)) ||
3481                 (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)) ||
3482                 (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
3483         {
3484                 return -1;
3485         }
3486
3487         /* We always use QID_AC_BE and FIFO_EDCA in ATE mode. */
3488
3489         pNullContext = &(pAd->NullContext);
3490         ASSERT(pNullContext != NULL);
3491
3492         if (pNullContext->InUse == FALSE)
3493         {
3494                 // Set the in use bit
3495                 pNullContext->InUse = TRUE;
3496                 NdisZeroMemory(&(pAd->NullFrame), sizeof(HEADER_802_11));
3497
3498                 // Fill 802.11 header.
3499 #ifdef RALINK_28xx_QA
3500                 if (pAd->ate.bQATxStart == TRUE)
3501                 {
3502                         pHeader80211 = NdisMoveMemory(&(pAd->NullFrame), pAd->ate.Header, pAd->ate.HLen);
3503 //                      pDest = NdisMoveMemory(&(pAd->NullFrame), pAd->ate.Header, pAd->ate.HLen);
3504 //                      pHeader80211 = (PHEADER_802_11)pDest;
3505                 }
3506                 else
3507 #endif // RALINK_28xx_QA //
3508                 {
3509                         // Fill 802.11 header.
3510                         NdisMoveMemory(&(pAd->NullFrame), TemplateFrame, sizeof(HEADER_802_11));
3511                 }
3512 #ifdef RT_BIG_ENDIAN
3513                 RTMPFrameEndianChange(pAd, (PUCHAR)&(pAd->NullFrame), DIR_READ, FALSE);
3514 #endif // RT_BIG_ENDIAN //
3515
3516 #ifdef RALINK_28xx_QA
3517                 if (pAd->ate.bQATxStart == TRUE)
3518                 {
3519                         /* modify sequence number.... */
3520                         if (pAd->ate.TxDoneCount == 0)
3521                         {
3522                                 pAd->ate.seq = pHeader80211->Sequence;
3523                         }
3524                         else
3525                         {
3526                                 pHeader80211->Sequence = ++pAd->ate.seq;
3527                         }
3528                         /* We already got all the addr. fields from QA GUI. */
3529                 }
3530                 else
3531 #endif // RALINK_28xx_QA //
3532                 {
3533                         COPY_MAC_ADDR(pAd->NullFrame.Addr1, pAd->ate.Addr1);
3534                         COPY_MAC_ADDR(pAd->NullFrame.Addr2, pAd->ate.Addr2);
3535                         COPY_MAC_ADDR(pAd->NullFrame.Addr3, pAd->ate.Addr3);
3536                 }
3537
3538                 RTMPZeroMemory(&pAd->NullContext.TransferBuffer->field.WirelessPacket[0], TX_BUFFER_NORMSIZE);//???
3539                 pTxInfo = (PTXINFO_STRUC)&pAd->NullContext.TransferBuffer->field.WirelessPacket[0];
3540
3541 #ifdef RALINK_28xx_QA
3542                 if (pAd->ate.bQATxStart == TRUE)
3543                 {
3544                         // Avoid to exceed the range of WirelessPacket[].
3545                         ASSERT(pAd->ate.TxInfo.USBDMATxPktLen <= (MAX_FRAME_SIZE - 34/* == 2312 */));
3546                         NdisMoveMemory(pTxInfo, &(pAd->ate.TxInfo), sizeof(pAd->ate.TxInfo));
3547                 }
3548                 else
3549 #endif // RALINK_28xx_QA //
3550                 {
3551                         // Avoid to exceed the range of WirelessPacket[].
3552                         ASSERT(pAd->ate.TxLength <= (MAX_FRAME_SIZE - 34/* == 2312 */));
3553
3554                         // pTxInfo->USBDMATxPktLen will be updated to include padding later.
3555                         ATEWriteTxInfo(pAd, pTxInfo, (USHORT)(TXWI_SIZE + pAd->ate.TxLength), TRUE, EpToQueue[MGMTPIPEIDX], FALSE,  FALSE);
3556                         pTxInfo->QSEL = FIFO_EDCA;
3557                 }
3558
3559                 pTxWI = (PTXWI_STRUC)&pAd->NullContext.TransferBuffer->field.WirelessPacket[TXINFO_SIZE];
3560
3561                 // Fill TxWI.
3562                 if (pAd->ate.bQATxStart == TRUE)
3563                 {
3564                         TxHTPhyMode.field.BW = pAd->ate.TxWI.BW;
3565                         TxHTPhyMode.field.ShortGI = pAd->ate.TxWI.ShortGI;
3566                         TxHTPhyMode.field.STBC = pAd->ate.TxWI.STBC;
3567                         TxHTPhyMode.field.MCS = pAd->ate.TxWI.MCS;
3568                         TxHTPhyMode.field.MODE = pAd->ate.TxWI.PHYMODE;
3569                         ATEWriteTxWI(pAd, pTxWI, pAd->ate.TxWI.FRAG, pAd->ate.TxWI.TS, pAd->ate.TxWI.AMPDU, pAd->ate.TxWI.ACK, pAd->ate.TxWI.NSEQ,
3570                                 pAd->ate.TxWI.BAWinSize, BSSID_WCID, pAd->ate.TxWI.MPDUtotalByteCount/* include 802.11 header */, pAd->ate.TxWI.PacketId, 0, pAd->ate.TxWI.txop/*IFS_HTTXOP*/, pAd->ate.TxWI.CFACK/*FALSE*/, TxHTPhyMode);
3571                 }
3572                 else
3573                 {
3574                         TxHTPhyMode.field.BW = pAd->ate.TxWI.BW;
3575                         TxHTPhyMode.field.ShortGI = pAd->ate.TxWI.ShortGI;
3576                         TxHTPhyMode.field.STBC = 0;
3577                         TxHTPhyMode.field.MCS = pAd->ate.TxWI.MCS;
3578                         TxHTPhyMode.field.MODE = pAd->ate.TxWI.PHYMODE;
3579
3580                         ATEWriteTxWI(pAd, pTxWI,  FALSE, FALSE, FALSE, FALSE/* No ack required. */, FALSE, 0, BSSID_WCID, pAd->ate.TxLength,
3581                                 0, 0, IFS_HTTXOP, FALSE, TxHTPhyMode);// "MMPS_STATIC" instead of "MMPS_DYNAMIC" ???
3582                 }
3583
3584                 RTMPMoveMemory(&pAd->NullContext.TransferBuffer->field.WirelessPacket[TXINFO_SIZE+TXWI_SIZE], &pAd->NullFrame, sizeof(HEADER_802_11));
3585
3586                 pDest = &(pAd->NullContext.TransferBuffer->field.WirelessPacket[TXINFO_SIZE+TXWI_SIZE+sizeof(HEADER_802_11)]);
3587
3588                 // Prepare frame payload
3589 #ifdef RALINK_28xx_QA
3590                 if (pAd->ate.bQATxStart == TRUE)
3591                 {
3592                         // copy pattern
3593                         if ((pAd->ate.PLen != 0))
3594                         {
3595                                 for (j = 0; j < pAd->ate.DLen; j+=pAd->ate.PLen)
3596                                 {
3597                                         RTMPMoveMemory(pDest, pAd->ate.Pattern, pAd->ate.PLen);
3598                                         pDest += pAd->ate.PLen;
3599                                 }
3600                         }
3601                         TransferBufferLength = TXINFO_SIZE + TXWI_SIZE + pAd->ate.TxWI.MPDUtotalByteCount;
3602                 }
3603                 else
3604 #endif // RALINK_28xx_QA //
3605                 {
3606                     for (j = 0; j < (pAd->ate.TxLength - sizeof(HEADER_802_11)); j++)
3607                     {
3608                                 *pDest = 0xA5;
3609                                 pDest += 1;
3610                     }
3611                         TransferBufferLength = TXINFO_SIZE + TXWI_SIZE + pAd->ate.TxLength;
3612                 }
3613
3614 #if 1
3615                 OrgBufferLength = TransferBufferLength;
3616                 TransferBufferLength = (TransferBufferLength + 3) & (~3);
3617
3618                 // Always add 4 extra bytes at every packet.
3619                 padLen = TransferBufferLength - OrgBufferLength + 4;/* 4 == last packet padding */
3620                 ASSERT((padLen <= (RTMP_PKT_TAIL_PADDING - 4/* 4 == MaxBulkOutsize alignment padding */)));
3621
3622                 /* Now memzero all extra padding bytes. */
3623                 NdisZeroMemory(pDest, padLen);
3624                 pDest += padLen;
3625 #else
3626                 if ((TransferBufferLength % 4) == 1)
3627                 {
3628                         NdisZeroMemory(pDest, 7);
3629                         pDest += 7;
3630                         TransferBufferLength  += 3;
3631                 }
3632                 else if ((TransferBufferLength % 4) == 2)
3633                 {
3634                         NdisZeroMemory(pDest, 6);
3635                         pDest += 6;
3636                         TransferBufferLength  += 2;
3637                 }
3638                 else if ((TransferBufferLength % 4) == 3)
3639                 {
3640                         NdisZeroMemory(pDest, 5);
3641                         pDest += 5;
3642                         TransferBufferLength  += 1;
3643                 }
3644 #endif // 1 //
3645
3646                 // Update pTxInfo->USBDMATxPktLen to include padding.
3647                 pTxInfo->USBDMATxPktLen = TransferBufferLength - TXINFO_SIZE;
3648
3649                 TransferBufferLength += 4;
3650
3651                 // If TransferBufferLength is multiple of 64, add extra 4 bytes again.
3652                 if ((TransferBufferLength % pAd->BulkOutMaxPacketSize) == 0)
3653                 {
3654                         NdisZeroMemory(pDest, 4);
3655                         TransferBufferLength += 4;
3656                 }
3657
3658                 // Fill out frame length information for global Bulk out arbitor
3659                 pAd->NullContext.BulkOutSize = TransferBufferLength;
3660         }
3661 #ifdef RT_BIG_ENDIAN
3662         RTMPWIEndianChange((PUCHAR)pTxWI, TYPE_TXWI);
3663         RTMPFrameEndianChange(pAd, (((PUCHAR)pTxInfo)+TXWI_SIZE+TXINFO_SIZE), DIR_WRITE, FALSE);
3664     RTMPDescriptorEndianChange((PUCHAR)pTxInfo, TYPE_TXINFO);
3665 #endif // RT_BIG_ENDIAN //
3666         return 0;
3667 }
3668
3669 VOID ATE_RTUSBBulkOutDataPacketComplete(purbb_t pUrb, struct pt_regs *pt_regs)
3670 {
3671         PRTMP_ADAPTER           pAd;
3672         PTX_CONTEXT                 pNullContext;
3673         UCHAR                           BulkOutPipeId;
3674         NTSTATUS                        Status;
3675         unsigned long           IrqFlags;
3676         ULONG                       OldValue;
3677
3678         pNullContext = (PTX_CONTEXT)pUrb->context;
3679         pAd = pNullContext->pAd;
3680
3681
3682         // Reset Null frame context flags
3683         pNullContext->IRPPending = FALSE;
3684         pNullContext->InUse = FALSE;
3685         Status = pUrb->status;
3686
3687         // Store BulkOut PipeId
3688         BulkOutPipeId = pNullContext->BulkOutPipeId;
3689         pAd->BulkOutDataOneSecCount++;
3690
3691         if (Status == USB_ST_NOERROR)
3692         {
3693 #ifdef RALINK_28xx_QA
3694                 if ((ATE_ON(pAd)) && (pAd->ate.bQATxStart == TRUE))
3695                 {
3696                         if (pAd->ate.QID == BulkOutPipeId)
3697                         {
3698                                 // Let Rx can have a chance to break in during Tx process,
3699                                 // especially for loopback mode in QA ATE.
3700                                 // To trade off between tx performance and loopback mode integrity.
3701                                 /* Q   : Now Rx is handled by tasklet, do we still need this delay ? */
3702                                 /* Ans : Even tasklet is used, Rx/Tx < 1 if we do not delay for a while right here. */
3703                                 RTMPusecDelay(500);
3704                                 pAd->ate.TxDoneCount++;
3705                                 pAd->RalinkCounters.KickTxCount++;
3706                                 ASSERT(pAd->ate.QID == 0);
3707                                 pAd->ate.TxAc0++;
3708                         }
3709                 }
3710 #endif // RALINK_28xx_QA //
3711                 pAd->BulkOutComplete++;
3712
3713                 pAd->Counters8023.GoodTransmits++;
3714
3715                 /* Don't worry about the queue is empty or not. This function will check itself. */
3716                 RTMPDeQueuePacket(pAd, TRUE, BulkOutPipeId, MAX_TX_PROCESS);
3717
3718                 /* In 28xx, SendTxWaitQueue ==> TxSwQueue  */
3719 /*
3720                 if (pAd->SendTxWaitQueue[BulkOutPipeId].Number > 0)
3721                 {
3722                         RTMPDeQueuePacket(pAd, BulkOutPipeId);
3723                 }
3724 */
3725         }
3726         else    // STATUS_OTHER
3727         {
3728                 pAd->BulkOutCompleteOther++;
3729
3730                 ATEDBGPRINT(RT_DEBUG_ERROR, ("BulkOutDataPacket Failed STATUS_OTHER = 0x%x . \n", Status));
3731                 ATEDBGPRINT(RT_DEBUG_ERROR, (">>BulkOutReq=0x%lx, BulkOutComplete=0x%lx\n", pAd->BulkOutReq, pAd->BulkOutComplete));
3732
3733                 if ((!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_RESET_IN_PROGRESS)) &&
3734                         (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)) &&
3735                         (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)) &&
3736                         (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET)))
3737                 {
3738                         RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
3739                         /* In 28xx, RT_OID_USB_RESET_BULK_OUT ==> CMDTHREAD_RESET_BULK_OUT */
3740                         RTUSBEnqueueInternalCmd(pAd, CMDTHREAD_RESET_BULK_OUT, NULL, 0);
3741                         // Check
3742                         BULK_OUT_LOCK(&pAd->BulkOutLock[BulkOutPipeId], IrqFlags);
3743                         pAd->BulkOutPending[BulkOutPipeId] = FALSE;
3744                         pAd->bulkResetPipeid = BulkOutPipeId;
3745                         BULK_OUT_UNLOCK(&pAd->BulkOutLock[BulkOutPipeId], IrqFlags);
3746                         return;
3747                 }
3748         }
3749
3750
3751
3752         if (atomic_read(&pAd->BulkOutRemained) > 0)
3753         {
3754                 atomic_dec(&pAd->BulkOutRemained);
3755         }
3756
3757         // 1st - Transmit Success
3758         OldValue = pAd->WlanCounters.TransmittedFragmentCount.u.LowPart;
3759         pAd->WlanCounters.TransmittedFragmentCount.u.LowPart++;
3760
3761         if (pAd->WlanCounters.TransmittedFragmentCount.u.LowPart < OldValue)
3762         {
3763                 pAd->WlanCounters.TransmittedFragmentCount.u.HighPart++;
3764         }
3765
3766         if(((pAd->ContinBulkOut == TRUE ) ||(atomic_read(&pAd->BulkOutRemained) > 0)) && (pAd->ate.Mode & ATE_TXFRAME))
3767         {
3768                 RTUSB_SET_BULK_FLAG(pAd, fRTUSB_BULK_OUT_DATA_ATE);
3769         }
3770         else
3771         {
3772                 RTUSB_CLEAR_BULK_FLAG(pAd, fRTUSB_BULK_OUT_DATA_ATE);
3773 #ifdef RALINK_28xx_QA
3774                 pAd->ate.TxStatus = 0;
3775 #endif // RALINK_28xx_QA //
3776         }
3777
3778         BULK_OUT_LOCK(&pAd->BulkOutLock[BulkOutPipeId], IrqFlags);
3779         pAd->BulkOutPending[BulkOutPipeId] = FALSE;
3780         BULK_OUT_UNLOCK(&pAd->BulkOutLock[BulkOutPipeId], IrqFlags);
3781
3782         // Always call Bulk routine, even reset bulk.
3783         // The protection of rest bulk should be in BulkOut routine.
3784         RTUSBKickBulkOut(pAd);
3785 }
3786
3787 /*
3788         ========================================================================
3789
3790         Routine Description:
3791
3792         Arguments:
3793
3794         Return Value:
3795
3796         Note:
3797
3798         ========================================================================
3799 */
3800 VOID    ATE_RTUSBBulkOutDataPacket(
3801         IN      PRTMP_ADAPTER   pAd,
3802         IN      UCHAR                   BulkOutPipeId)
3803 {
3804         PTX_CONTEXT             pNullContext = &(pAd->NullContext);
3805         PURB                    pUrb;
3806         int                             ret = 0;
3807         unsigned long   IrqFlags;
3808
3809
3810         ASSERT(BulkOutPipeId == 0);
3811
3812         /* Build up the frame first. */
3813 //      ATESetUpFrame(pAd, 0);
3814
3815         BULK_OUT_LOCK(&pAd->BulkOutLock[BulkOutPipeId], IrqFlags);
3816
3817         if (pAd->BulkOutPending[BulkOutPipeId] == TRUE)
3818         {
3819                 BULK_OUT_UNLOCK(&pAd->BulkOutLock[BulkOutPipeId], IrqFlags);
3820                 return;
3821         }
3822
3823         pAd->BulkOutPending[BulkOutPipeId] = TRUE;
3824         BULK_OUT_UNLOCK(&pAd->BulkOutLock[BulkOutPipeId], IrqFlags);
3825
3826         // Increase Total transmit byte counter
3827         pAd->RalinkCounters.OneSecTransmittedByteCount +=  pNullContext->BulkOutSize;
3828         pAd->RalinkCounters.TransmittedByteCount +=  pNullContext->BulkOutSize;
3829
3830         // Clear ATE frame bulk out flag
3831         RTUSB_CLEAR_BULK_FLAG(pAd, fRTUSB_BULK_OUT_DATA_ATE);
3832
3833         // Init Tx context descriptor
3834         pNullContext->IRPPending = TRUE;
3835         RTUSBInitTxDesc(pAd, pNullContext, BulkOutPipeId, (usb_complete_t)ATE_RTUSBBulkOutDataPacketComplete);
3836         pUrb = pNullContext->pUrb;
3837
3838         if((ret = RTUSB_SUBMIT_URB(pUrb))!=0)
3839         {
3840                 ATEDBGPRINT(RT_DEBUG_ERROR, ("ATE_RTUSBBulkOutDataPacket: Submit Tx URB failed %d\n", ret));
3841                 return;
3842         }
3843
3844         pAd->BulkOutReq++;
3845         return;
3846
3847 }
3848
3849 /*
3850         ========================================================================
3851
3852         Routine Description:
3853
3854         Arguments:
3855
3856         Return Value:
3857
3858         Note:
3859
3860         ========================================================================
3861 */
3862 VOID    ATE_RTUSBCancelPendingBulkInIRP(
3863         IN      PRTMP_ADAPTER   pAd)
3864 {
3865         PRX_CONTEXT             pRxContext;
3866         UINT                    i;
3867
3868         ATEDBGPRINT(RT_DEBUG_TRACE, ("--->ATE_RTUSBCancelPendingBulkInIRP\n"));
3869 #if 1
3870         for ( i = 0; i < (RX_RING_SIZE); i++)
3871         {
3872                 pRxContext = &(pAd->RxContext[i]);
3873                 if(pRxContext->IRPPending == TRUE)
3874                 {
3875                         RTUSB_UNLINK_URB(pRxContext->pUrb);
3876                         pRxContext->IRPPending = FALSE;
3877                         pRxContext->InUse = FALSE;
3878                         //NdisInterlockedDecrement(&pAd->PendingRx);
3879                         //pAd->PendingRx--;
3880                 }
3881         }
3882 #else
3883         for ( i = 0; i < (RX_RING_SIZE); i++)
3884         {
3885                 pRxContext = &(pAd->RxContext[i]);
3886                 if(atomic_read(&pRxContext->IrpLock) == IRPLOCK_CANCELABLE)
3887                 {
3888                         RTUSB_UNLINK_URB(pRxContext->pUrb);
3889                 }
3890                 InterlockedExchange(&pRxContext->IrpLock, IRPLOCK_CANCE_START);
3891         }
3892 #endif // 1 //
3893         ATEDBGPRINT(RT_DEBUG_TRACE, ("<---ATE_RTUSBCancelPendingBulkInIRP\n"));
3894         return;
3895 }
3896 #endif // RT2870 //
3897
3898 VOID rt_ee_read_all(PRTMP_ADAPTER pAd, USHORT *Data)
3899 {
3900         USHORT i;
3901         USHORT value;
3902
3903         for (i = 0 ; i < EEPROM_SIZE/2 ; )
3904         {
3905                 /* "value" is expecially for some compilers... */
3906                 RT28xx_EEPROM_READ16(pAd, i*2, value);
3907                 Data[i] = value;
3908                 i++;
3909         }
3910 }
3911
3912 VOID rt_ee_write_all(PRTMP_ADAPTER pAd, USHORT *Data)
3913 {
3914         USHORT i;
3915         USHORT value;
3916
3917         for (i = 0 ; i < EEPROM_SIZE/2 ; )
3918         {
3919                 /* "value" is expecially for some compilers... */
3920                 value = Data[i];
3921                 RT28xx_EEPROM_WRITE16(pAd, i*2, value);
3922                 i ++;
3923         }
3924 }
3925 #ifdef RALINK_28xx_QA
3926 VOID ATE_QA_Statistics(
3927         IN PRTMP_ADAPTER                        pAd,
3928         IN PRXWI_STRUC                          pRxWI,
3929         IN PRT28XX_RXD_STRUC            pRxD,
3930         IN PHEADER_802_11                       pHeader)
3931 {
3932         // update counter first
3933         if (pHeader != NULL)
3934         {
3935                 if (pHeader->FC.Type == BTYPE_DATA)
3936                 {
3937                         if (pRxD->U2M)
3938                                 pAd->ate.U2M++;
3939                         else
3940                                 pAd->ate.OtherData++;
3941                 }
3942                 else if (pHeader->FC.Type == BTYPE_MGMT)
3943                 {
3944                         if (pHeader->FC.SubType == SUBTYPE_BEACON)
3945                                 pAd->ate.Beacon++;
3946                         else
3947                                 pAd->ate.OtherCount++;
3948                 }
3949                 else if (pHeader->FC.Type == BTYPE_CNTL)
3950                 {
3951                         pAd->ate.OtherCount++;
3952                 }
3953         }
3954         pAd->ate.RSSI0 = pRxWI->RSSI0;
3955         pAd->ate.RSSI1 = pRxWI->RSSI1;
3956         pAd->ate.RSSI2 = pRxWI->RSSI2;
3957         pAd->ate.SNR0 = pRxWI->SNR0;
3958         pAd->ate.SNR1 = pRxWI->SNR1;
3959 }
3960
3961 /* command id with Cmd Type == 0x0008(for 28xx)/0x0005(for iNIC) */
3962 #define RACFG_CMD_RF_WRITE_ALL          0x0000
3963 #define RACFG_CMD_E2PROM_READ16         0x0001
3964 #define RACFG_CMD_E2PROM_WRITE16        0x0002
3965 #define RACFG_CMD_E2PROM_READ_ALL       0x0003
3966 #define RACFG_CMD_E2PROM_WRITE_ALL      0x0004
3967 #define RACFG_CMD_IO_READ                       0x0005
3968 #define RACFG_CMD_IO_WRITE                      0x0006
3969 #define RACFG_CMD_IO_READ_BULK          0x0007
3970 #define RACFG_CMD_BBP_READ8                     0x0008
3971 #define RACFG_CMD_BBP_WRITE8            0x0009
3972 #define RACFG_CMD_BBP_READ_ALL          0x000a
3973 #define RACFG_CMD_GET_COUNTER           0x000b
3974 #define RACFG_CMD_CLEAR_COUNTER         0x000c
3975
3976 #define RACFG_CMD_RSV1                          0x000d
3977 #define RACFG_CMD_RSV2                          0x000e
3978 #define RACFG_CMD_RSV3                          0x000f
3979
3980 #define RACFG_CMD_TX_START                      0x0010
3981 #define RACFG_CMD_GET_TX_STATUS         0x0011
3982 #define RACFG_CMD_TX_STOP                       0x0012
3983 #define RACFG_CMD_RX_START                      0x0013
3984 #define RACFG_CMD_RX_STOP                       0x0014
3985 #define RACFG_CMD_GET_NOISE_LEVEL       0x0015
3986
3987 #define RACFG_CMD_ATE_START                     0x0080
3988 #define RACFG_CMD_ATE_STOP                      0x0081
3989
3990 #define RACFG_CMD_ATE_START_TX_CARRIER          0x0100
3991 #define RACFG_CMD_ATE_START_TX_CONT                     0x0101
3992 #define RACFG_CMD_ATE_START_TX_FRAME            0x0102
3993 #define RACFG_CMD_ATE_SET_BW                0x0103
3994 #define RACFG_CMD_ATE_SET_TX_POWER0             0x0104
3995 #define RACFG_CMD_ATE_SET_TX_POWER1                     0x0105
3996 #define RACFG_CMD_ATE_SET_FREQ_OFFSET           0x0106
3997 #define RACFG_CMD_ATE_GET_STATISTICS            0x0107
3998 #define RACFG_CMD_ATE_RESET_COUNTER                     0x0108
3999 #define RACFG_CMD_ATE_SEL_TX_ANTENNA            0x0109
4000 #define RACFG_CMD_ATE_SEL_RX_ANTENNA            0x010a
4001 #define RACFG_CMD_ATE_SET_PREAMBLE                      0x010b
4002 #define RACFG_CMD_ATE_SET_CHANNEL                       0x010c
4003 #define RACFG_CMD_ATE_SET_ADDR1                         0x010d
4004 #define RACFG_CMD_ATE_SET_ADDR2                         0x010e
4005 #define RACFG_CMD_ATE_SET_ADDR3                         0x010f
4006 #define RACFG_CMD_ATE_SET_RATE                          0x0110
4007 #define RACFG_CMD_ATE_SET_TX_FRAME_LEN          0x0111
4008 #define RACFG_CMD_ATE_SET_TX_FRAME_COUNT        0x0112
4009 #define RACFG_CMD_ATE_START_RX_FRAME            0x0113
4010 #define RACFG_CMD_ATE_E2PROM_READ_BULK  0x0114
4011 #define RACFG_CMD_ATE_E2PROM_WRITE_BULK 0x0115
4012 #define RACFG_CMD_ATE_IO_WRITE_BULK             0x0116
4013 #define RACFG_CMD_ATE_BBP_READ_BULK             0x0117
4014 #define RACFG_CMD_ATE_BBP_WRITE_BULK    0x0118
4015 #define RACFG_CMD_ATE_RF_READ_BULK              0x0119
4016 #define RACFG_CMD_ATE_RF_WRITE_BULK             0x011a
4017
4018
4019
4020 #define A2Hex(_X, _p)                           \
4021 {                                                                       \
4022         UCHAR *p;                                               \
4023         _X = 0;                                                 \
4024         p = _p;                                                 \
4025         while (((*p >= 'a') && (*p <= 'f')) || ((*p >= 'A') && (*p <= 'F')) || ((*p >= '0') && (*p <= '9')))            \
4026         {                                                                                               \
4027                 if ((*p >= 'a') && (*p <= 'f'))                         \
4028                         _X = _X * 16 + *p - 87;                                 \
4029                 else if ((*p >= 'A') && (*p <= 'F'))            \
4030                         _X = _X * 16 + *p - 55;                                 \
4031                 else if ((*p >= '0') && (*p <= '9'))            \
4032                         _X = _X * 16 + *p - 48;                                 \
4033                 p++;                                                                            \
4034         }                                                                                               \
4035 }
4036
4037
4038 static VOID memcpy_exl(PRTMP_ADAPTER pAd, UCHAR *dst, UCHAR *src, ULONG len);
4039 static VOID memcpy_exs(PRTMP_ADAPTER pAd, UCHAR *dst, UCHAR *src, ULONG len);
4040 static VOID RTMP_IO_READ_BULK(PRTMP_ADAPTER pAd, UCHAR *dst, UCHAR *src, UINT32 len);
4041
4042 #ifdef UCOS
4043 int ate_copy_to_user(
4044         IN PUCHAR payload,
4045         IN PUCHAR msg,
4046         IN INT    len)
4047 {
4048         memmove(payload, msg, len);
4049         return 0;
4050 }
4051
4052 #undef  copy_to_user
4053 #define copy_to_user(x,y,z) ate_copy_to_user((PUCHAR)x, (PUCHAR)y, z)
4054 #endif // UCOS //
4055
4056 #define LEN_OF_ARG 16
4057
4058 VOID RtmpDoAte(
4059         IN      PRTMP_ADAPTER   pAdapter,
4060         IN      struct iwreq    *wrq)
4061 {
4062         unsigned short Command_Id;
4063         struct ate_racfghdr *pRaCfg;
4064         INT     Status = NDIS_STATUS_SUCCESS;
4065
4066
4067
4068         if((pRaCfg = kmalloc(sizeof(struct ate_racfghdr), GFP_KERNEL)) == NULL)
4069         {
4070                 Status = -EINVAL;
4071                 return;
4072         }
4073
4074         NdisZeroMemory(pRaCfg, sizeof(struct ate_racfghdr));
4075
4076     if (copy_from_user((PUCHAR)pRaCfg, wrq->u.data.pointer, wrq->u.data.length))
4077         {
4078                 Status = -EFAULT;
4079                 kfree(pRaCfg);
4080                 return;
4081         }
4082
4083
4084         Command_Id = ntohs(pRaCfg->command_id);
4085
4086         ATEDBGPRINT(RT_DEBUG_TRACE,("\n%s: Command_Id = 0x%04x !\n", __func__, Command_Id));
4087
4088         switch (Command_Id)
4089         {
4090                 // We will get this command when QA starts.
4091                 case RACFG_CMD_ATE_START:
4092                         {
4093                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_START\n"));
4094
4095                                 // prepare feedback as soon as we can to avoid QA timeout.
4096                                 pRaCfg->length = htons(2);
4097                                 pRaCfg->status = htons(0);
4098
4099                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4100                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4101                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4102
4103                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("wrq->u.data.length = %d\n", wrq->u.data.length));
4104
4105                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4106                 {
4107                         ATEDBGPRINT(RT_DEBUG_TRACE, ("copy_to_user() fail in case RACFG_CMD_ATE_START\n"));
4108                     Status = -EFAULT;
4109                 }
4110                                 else
4111                                 {
4112                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_START is done !\n"));
4113                                 }
4114                                 Set_ATE_Proc(pAdapter, "ATESTART");
4115                         }
4116                         break;
4117
4118                 // We will get this command either QA is closed or ated is killed by user.
4119                 case RACFG_CMD_ATE_STOP:
4120                         {
4121 #ifndef UCOS
4122                                 INT32 ret;
4123 #endif // !UCOS //
4124
4125                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_STOP\n"));
4126
4127                                 // Distinguish this command came from QA(via ated)
4128                                 // or ate daemon according to the existence of pid in payload.
4129                                 // No need to prepare feedback if this cmd came directly from ate daemon.
4130                                 pRaCfg->length = ntohs(pRaCfg->length);
4131
4132                                 if (pRaCfg->length == sizeof(pAdapter->ate.AtePid))
4133                                 {
4134                                         // This command came from QA.
4135                                         // Get the pid of ATE daemon.
4136                                         memcpy((UCHAR *)&pAdapter->ate.AtePid,
4137                                                 (&pRaCfg->data[0]) - 2/* == &(pRaCfg->status) */,
4138                                                 sizeof(pAdapter->ate.AtePid));
4139
4140                                         // prepare feedback as soon as we can to avoid QA timeout.
4141                                         pRaCfg->length = htons(2);
4142                                         pRaCfg->status = htons(0);
4143
4144                                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4145                                                                                 + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4146                                                                                 + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4147
4148                                         ATEDBGPRINT(RT_DEBUG_TRACE, ("wrq->u.data.length = %d\n", wrq->u.data.length));
4149
4150                         if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4151                         {
4152                                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_STOP\n"));
4153                             Status = -EFAULT;
4154                         }
4155
4156                                         //
4157                                         // kill ATE daemon when leaving ATE mode.
4158                                         // We must kill ATE daemon first before setting ATESTOP,
4159                                         // or Microsoft will report sth. wrong.
4160 #ifndef UCOS
4161                                         ret = KILL_THREAD_PID(pAdapter->ate.AtePid, SIGTERM, 1);
4162                                         if (ret)
4163                                         {
4164                                                 ATEDBGPRINT(RT_DEBUG_ERROR, ("%s: unable to signal thread\n", pAdapter->net_dev->name));
4165                                         }
4166 #endif // !UCOS //
4167                                 }
4168
4169                                 // AP might have in ATE_STOP mode due to cmd from QA.
4170                                 if (ATE_ON(pAdapter))
4171                                 {
4172                                         // Someone has killed ate daemon while QA GUI is still open.
4173                                         Set_ATE_Proc(pAdapter, "ATESTOP");
4174                                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_AP_START is done !\n"));
4175                                 }
4176                         }
4177                         break;
4178
4179                 case RACFG_CMD_RF_WRITE_ALL:
4180                         {
4181                                 UINT32 R1, R2, R3, R4;
4182                                 USHORT channel;
4183
4184                                 memcpy(&R1, pRaCfg->data-2, 4);
4185                                 memcpy(&R2, pRaCfg->data+2, 4);
4186                                 memcpy(&R3, pRaCfg->data+6, 4);
4187                                 memcpy(&R4, pRaCfg->data+10, 4);
4188                                 memcpy(&channel, pRaCfg->data+14, 2);
4189
4190                                 pAdapter->LatchRfRegs.R1 = ntohl(R1);
4191                                 pAdapter->LatchRfRegs.R2 = ntohl(R2);
4192                                 pAdapter->LatchRfRegs.R3 = ntohl(R3);
4193                                 pAdapter->LatchRfRegs.R4 = ntohl(R4);
4194                                 pAdapter->LatchRfRegs.Channel = ntohs(channel);
4195
4196                                 RTMP_RF_IO_WRITE32(pAdapter, pAdapter->LatchRfRegs.R1);
4197                                 RTMP_RF_IO_WRITE32(pAdapter, pAdapter->LatchRfRegs.R2);
4198                                 RTMP_RF_IO_WRITE32(pAdapter, pAdapter->LatchRfRegs.R3);
4199                                 RTMP_RF_IO_WRITE32(pAdapter, pAdapter->LatchRfRegs.R4);
4200
4201                                 // prepare feedback
4202                                 pRaCfg->length = htons(2);
4203                                 pRaCfg->status = htons(0);
4204
4205                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4206                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4207                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4208
4209                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("wrq->u.data.length = %d\n", wrq->u.data.length));
4210                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4211                 {
4212                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_RF_WRITE_ALL\n"));
4213                     Status = -EFAULT;
4214                 }
4215                                 else
4216                                 {
4217                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_RF_WRITE_ALL is done !\n"));
4218                                 }
4219                         }
4220             break;
4221
4222                 case RACFG_CMD_E2PROM_READ16:
4223                         {
4224                                 USHORT  offset, value, tmp;
4225
4226                                 offset = ntohs(pRaCfg->status);
4227                                 /* "tmp" is expecially for some compilers... */
4228                                 RT28xx_EEPROM_READ16(pAdapter, offset, tmp);
4229                                 value = tmp;
4230                                 value = htons(value);
4231
4232                                 ATEDBGPRINT(RT_DEBUG_TRACE,("EEPROM Read offset = 0x%04x, value = 0x%04x\n", offset, value));
4233
4234                                 // prepare feedback
4235                                 pRaCfg->length = htons(4);
4236                                 pRaCfg->status = htons(0);
4237                                 memcpy(pRaCfg->data, &value, 2);
4238
4239                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4240                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4241                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4242
4243                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("sizeof(struct ate_racfghdr) = %d\n", sizeof(struct ate_racfghdr)));
4244                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("wrq->u.data.length = %d\n", wrq->u.data.length));
4245
4246                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4247                 {
4248                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_E2PROM_READ16\n"));
4249                     Status = -EFAULT;
4250                 }
4251                                 else
4252                                 {
4253                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_E2PROM_READ16 is done !\n"));
4254                                 }
4255                 }
4256                         break;
4257
4258                 case RACFG_CMD_E2PROM_WRITE16:
4259                         {
4260                                 USHORT  offset, value;
4261
4262                                 offset = ntohs(pRaCfg->status);
4263                                 memcpy(&value, pRaCfg->data, 2);
4264                                 value = ntohs(value);
4265                                 RT28xx_EEPROM_WRITE16(pAdapter, offset, value);
4266
4267                                 // prepare feedback
4268                                 pRaCfg->length = htons(2);
4269                                 pRaCfg->status = htons(0);
4270                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4271                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4272                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4273
4274                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4275                 {
4276                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_E2PROM_WRITE16\n"));
4277                     Status = -EFAULT;
4278                 }
4279                                 else
4280                                 {
4281                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_E2PROM_WRITE16 is done !\n"));
4282                                 }
4283                         }
4284                         break;
4285
4286                 case RACFG_CMD_E2PROM_READ_ALL:
4287                         {
4288                                 USHORT buffer[EEPROM_SIZE/2];
4289
4290                                 rt_ee_read_all(pAdapter,(USHORT *)buffer);
4291                                 memcpy_exs(pAdapter, pRaCfg->data, (UCHAR *)buffer, EEPROM_SIZE);
4292
4293                                 // prepare feedback
4294                                 pRaCfg->length = htons(2+EEPROM_SIZE);
4295                                 pRaCfg->status = htons(0);
4296                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4297                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4298                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4299
4300                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4301                 {
4302                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_E2PROM_READ_ALL\n"));
4303                     Status = -EFAULT;
4304                 }
4305                                 else
4306                                 {
4307                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_E2PROM_READ_ALL is done !\n"));
4308                                 }
4309                         }
4310                         break;
4311
4312                 case RACFG_CMD_E2PROM_WRITE_ALL:
4313                         {
4314                                 USHORT buffer[EEPROM_SIZE/2];
4315
4316                                 NdisZeroMemory((UCHAR *)buffer, EEPROM_SIZE);
4317                                 memcpy_exs(pAdapter, (UCHAR *)buffer, (UCHAR *)&pRaCfg->status, EEPROM_SIZE);
4318                                 rt_ee_write_all(pAdapter,(USHORT *)buffer);
4319
4320                                 // prepare feedback
4321                                 pRaCfg->length = htons(2);
4322                                 pRaCfg->status = htons(0);
4323                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4324                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4325                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4326
4327                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4328                 {
4329                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_E2PROM_WRITE_ALL\n"));
4330                     Status = -EFAULT;
4331                 }
4332                                 else
4333                                 {
4334                         ATEDBGPRINT(RT_DEBUG_ERROR, ("RACFG_CMD_E2PROM_WRITE_ALL is done !\n"));
4335                                 }
4336
4337                         }
4338                         break;
4339
4340                 case RACFG_CMD_IO_READ:
4341                         {
4342                                 UINT32  offset;
4343                                 UINT32  value;
4344
4345                                 memcpy(&offset, &pRaCfg->status, 4);
4346                                 offset = ntohl(offset);
4347
4348                                 // We do not need the base address.
4349                                 // So just extract the offset out.
4350                                 offset &= 0x0000FFFF;
4351                                 RTMP_IO_READ32(pAdapter, offset, &value);
4352                                 value = htonl(value);
4353
4354                                 // prepare feedback
4355                                 pRaCfg->length = htons(6);
4356                                 pRaCfg->status = htons(0);
4357                                 memcpy(pRaCfg->data, &value, 4);
4358
4359                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4360                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4361                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4362
4363                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4364                 {
4365                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_IO_READ\n"));
4366                     Status = -EFAULT;
4367                 }
4368                                 else
4369                                 {
4370                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_IO_READ is done !\n"));
4371                                 }
4372                         }
4373                         break;
4374
4375                 case RACFG_CMD_IO_WRITE:
4376                         {
4377                                 UINT32  offset, value;
4378
4379                                 memcpy(&offset, pRaCfg->data-2, 4);
4380                                 memcpy(&value, pRaCfg->data+2, 4);
4381
4382                                 offset = ntohl(offset);
4383
4384                                 // We do not need the base address.
4385                                 // So just extract out the offset.
4386                                 offset &= 0x0000FFFF;
4387                                 value = ntohl(value);
4388                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_IO_WRITE: offset = %x, value = %x\n", offset, value));
4389                                 RTMP_IO_WRITE32(pAdapter, offset, value);
4390
4391                                 // prepare feedback
4392                                 pRaCfg->length = htons(2);
4393                                 pRaCfg->status = htons(0);
4394                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4395                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4396                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4397
4398                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4399                 {
4400                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_IO_WRITE\n"));
4401                     Status = -EFAULT;
4402                 }
4403                                 else
4404                                 {
4405                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_IO_WRITE is done !\n"));
4406                                 }
4407                         }
4408                         break;
4409
4410                 case RACFG_CMD_IO_READ_BULK:
4411                         {
4412                                 UINT32  offset;
4413                                 USHORT  len;
4414
4415                                 memcpy(&offset, &pRaCfg->status, 4);
4416                                 offset = ntohl(offset);
4417
4418                                 // We do not need the base address.
4419                                 // So just extract the offset.
4420                                 offset &= 0x0000FFFF;
4421                                 memcpy(&len, pRaCfg->data+2, 2);
4422                                 len = ntohs(len);
4423
4424                                 if (len > 371)
4425                                 {
4426                                         ATEDBGPRINT(RT_DEBUG_TRACE,("len is too large, make it smaller\n"));
4427                                         pRaCfg->length = htons(2);
4428                                         pRaCfg->status = htons(1);
4429                                         break;
4430                                 }
4431
4432                                 RTMP_IO_READ_BULK(pAdapter, pRaCfg->data, (UCHAR *)offset, len*4);// unit in four bytes
4433
4434                                 // prepare feedback
4435                                 pRaCfg->length = htons(2+len*4);// unit in four bytes
4436                                 pRaCfg->status = htons(0);
4437                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4438                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4439                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4440
4441                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4442                 {
4443                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_IO_READ_BULK\n"));
4444                     Status = -EFAULT;
4445                 }
4446                                 else
4447                                 {
4448                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_IO_READ_BULK is done !\n"));
4449                                 }
4450                         }
4451                         break;
4452
4453                 case RACFG_CMD_BBP_READ8:
4454                         {
4455                                 USHORT  offset;
4456                                 UCHAR   value;
4457
4458                                 value = 0;
4459                                 offset = ntohs(pRaCfg->status);
4460
4461                                 if (ATE_ON(pAdapter))
4462                                 {
4463                                         ATE_BBP_IO_READ8_BY_REG_ID(pAdapter, offset,  &value);
4464                                 }
4465                                 else
4466                                 {
4467                                         RTMP_BBP_IO_READ8_BY_REG_ID(pAdapter, offset,  &value);
4468                                 }
4469                                 // prepare feedback
4470                                 pRaCfg->length = htons(3);
4471                                 pRaCfg->status = htons(0);
4472                                 pRaCfg->data[0] = value;
4473
4474                                 ATEDBGPRINT(RT_DEBUG_TRACE,("BBP value = %x\n", value));
4475
4476                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4477                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4478                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4479
4480                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4481                 {
4482                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_BBP_READ8\n"));
4483                     Status = -EFAULT;
4484                 }
4485                                 else
4486                                 {
4487                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_BBP_READ8 is done !\n"));
4488                                 }
4489                         }
4490                         break;
4491                 case RACFG_CMD_BBP_WRITE8:
4492                         {
4493                                 USHORT  offset;
4494                                 UCHAR   value;
4495
4496                                 offset = ntohs(pRaCfg->status);
4497                                 memcpy(&value, pRaCfg->data, 1);
4498
4499                                 if (ATE_ON(pAdapter))
4500                                 {
4501                                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAdapter, offset,  value);
4502                                 }
4503                                 else
4504                                 {
4505                                         RTMP_BBP_IO_WRITE8_BY_REG_ID(pAdapter, offset,  value);
4506                                 }
4507
4508                                 if ((offset == BBP_R1) || (offset == BBP_R3))
4509                                 {
4510                                         SyncTxRxConfig(pAdapter, offset, value);
4511                                 }
4512
4513                                 // prepare feedback
4514                                 pRaCfg->length = htons(2);
4515                                 pRaCfg->status = htons(0);
4516                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4517                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4518                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4519
4520                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4521                 {
4522                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_BBP_WRITE8\n"));
4523                     Status = -EFAULT;
4524                 }
4525                                 else
4526                                 {
4527                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_BBP_WRITE8 is done !\n"));
4528                                 }
4529                         }
4530                         break;
4531
4532                 case RACFG_CMD_BBP_READ_ALL:
4533                         {
4534                                 USHORT j;
4535
4536                                 for (j = 0; j < 137; j++)
4537                                 {
4538                                         pRaCfg->data[j] = 0;
4539
4540                                         if (ATE_ON(pAdapter))
4541                                         {
4542                                                 ATE_BBP_IO_READ8_BY_REG_ID(pAdapter, j,  &pRaCfg->data[j]);
4543                                         }
4544                                         else
4545                                         {
4546                                                 RTMP_BBP_IO_READ8_BY_REG_ID(pAdapter, j,  &pRaCfg->data[j]);
4547                                         }
4548                                 }
4549
4550                                 // prepare feedback
4551                                 pRaCfg->length = htons(2+137);
4552                                 pRaCfg->status = htons(0);
4553
4554                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4555                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4556                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4557
4558                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4559                 {
4560                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_BBP_READ_ALL\n"));
4561                     Status = -EFAULT;
4562                 }
4563                                 else
4564                                 {
4565                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_BBP_READ_ALL is done !\n"));
4566                                 }
4567                         }
4568
4569                         break;
4570
4571                 case RACFG_CMD_ATE_E2PROM_READ_BULK:
4572                 {
4573                         USHORT offset;
4574                         USHORT len;
4575                         USHORT buffer[EEPROM_SIZE/2];
4576
4577                         offset = ntohs(pRaCfg->status);
4578                         memcpy(&len, pRaCfg->data, 2);
4579                         len = ntohs(len);
4580
4581                         rt_ee_read_all(pAdapter,(USHORT *)buffer);
4582                         if (offset + len <= EEPROM_SIZE)
4583                                 memcpy_exs(pAdapter, pRaCfg->data, (UCHAR *)buffer+offset, len);
4584                         else
4585                                 ATEDBGPRINT(RT_DEBUG_ERROR, ("exceed EEPROM size\n"));
4586
4587                         // prepare feedback
4588                         pRaCfg->length = htons(2+len);
4589                         pRaCfg->status = htons(0);
4590                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4591                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4592                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4593
4594             if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4595             {
4596                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_E2PROM_READ_BULK\n"));
4597                 Status = -EFAULT;
4598             }
4599                         else
4600                         {
4601                 ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_E2PROM_READ_BULK is done !\n"));
4602                         }
4603
4604                 }
4605                         break;
4606
4607                 case RACFG_CMD_ATE_E2PROM_WRITE_BULK:
4608                 {
4609                         USHORT offset;
4610                         USHORT len;
4611                         USHORT buffer[EEPROM_SIZE/2];
4612
4613                         offset = ntohs(pRaCfg->status);
4614                         memcpy(&len, pRaCfg->data, 2);
4615                         len = ntohs(len);
4616
4617                         rt_ee_read_all(pAdapter,(USHORT *)buffer);
4618                         memcpy_exs(pAdapter, (UCHAR *)buffer + offset, (UCHAR *)pRaCfg->data + 2, len);
4619                         rt_ee_write_all(pAdapter,(USHORT *)buffer);
4620
4621                         // prepare feedback
4622                         pRaCfg->length = htons(2);
4623                         pRaCfg->status = htons(0);
4624                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4625                                                                 + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4626                                                                 + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4627             if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4628             {
4629                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_E2PROM_WRITE_BULK\n"));
4630                    Status = -EFAULT;
4631             }
4632                         else
4633                         {
4634                 ATEDBGPRINT(RT_DEBUG_ERROR, ("RACFG_CMD_ATE_E2PROM_WRITE_BULK is done !\n"));
4635                         }
4636
4637                 }
4638                         break;
4639
4640                 case RACFG_CMD_ATE_IO_WRITE_BULK:
4641                 {
4642                         UINT32 offset, i, value;
4643                         USHORT len;
4644
4645                         memcpy(&offset, &pRaCfg->status, 4);
4646                         offset = ntohl(offset);
4647                         memcpy(&len, pRaCfg->data+2, 2);
4648                         len = ntohs(len);
4649
4650                         for (i = 0; i < len; i += 4)
4651                         {
4652                                 memcpy_exl(pAdapter, (UCHAR *)&value, pRaCfg->data+4+i, 4);
4653                                 printk("Write %x %x\n", offset + i, value);
4654                                 RTMP_IO_WRITE32(pAdapter, (offset +i) & 0xffff, value);
4655                         }
4656
4657                         // prepare feedback
4658                         pRaCfg->length = htons(2);
4659                         pRaCfg->status = htons(0);
4660                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4661                                                                 + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4662                                                                 + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4663             if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4664             {
4665                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_IO_WRITE_BULK\n"));
4666                    Status = -EFAULT;
4667             }
4668                         else
4669                         {
4670                 ATEDBGPRINT(RT_DEBUG_ERROR, ("RACFG_CMD_ATE_IO_WRITE_BULK is done !\n"));
4671                         }
4672
4673                 }
4674                         break;
4675
4676                 case RACFG_CMD_ATE_BBP_READ_BULK:
4677                 {
4678                         USHORT offset;
4679                         USHORT len;
4680                         USHORT j;
4681
4682                         offset = ntohs(pRaCfg->status);
4683                         memcpy(&len, pRaCfg->data, 2);
4684                         len = ntohs(len);
4685
4686
4687                         for (j = offset; j < (offset+len); j++)
4688                         {
4689                                 pRaCfg->data[j - offset] = 0;
4690
4691                                 if (pAdapter->ate.Mode == ATE_STOP)
4692                                 {
4693                                         RTMP_BBP_IO_READ8_BY_REG_ID(pAdapter, j,  &pRaCfg->data[j - offset]);
4694                                 }
4695                                 else
4696                                 {
4697                                         ATE_BBP_IO_READ8_BY_REG_ID(pAdapter, j,  &pRaCfg->data[j - offset]);
4698                                 }
4699                         }
4700
4701                         // prepare feedback
4702                         pRaCfg->length = htons(2+len);
4703                         pRaCfg->status = htons(0);
4704                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4705                                                                 + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4706                                                                 + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4707
4708             if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4709             {
4710                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_BBP_READ_BULK\n"));
4711                    Status = -EFAULT;
4712             }
4713                         else
4714                         {
4715                 ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_BBP_READ_BULK is done !\n"));
4716                         }
4717
4718                 }
4719                         break;
4720
4721                 case RACFG_CMD_ATE_BBP_WRITE_BULK:
4722                 {
4723                         USHORT offset;
4724                         USHORT len;
4725                         USHORT j;
4726                         UCHAR *value;
4727
4728                         offset = ntohs(pRaCfg->status);
4729                         memcpy(&len, pRaCfg->data, 2);
4730                         len = ntohs(len);
4731
4732                         for (j = offset; j < (offset+len); j++)
4733                         {
4734                                 value = pRaCfg->data + 2 + (j - offset);
4735                                 if (pAdapter->ate.Mode == ATE_STOP)
4736                                 {
4737                                         RTMP_BBP_IO_WRITE8_BY_REG_ID(pAdapter, j,  *value);
4738                                 }
4739                                 else
4740                                 {
4741                                         ATE_BBP_IO_WRITE8_BY_REG_ID(pAdapter, j,  *value);
4742                                 }
4743                         }
4744
4745                         // prepare feedback
4746                         pRaCfg->length = htons(2);
4747                         pRaCfg->status = htons(0);
4748                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4749                                                                 + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4750                                                                 + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4751
4752             if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4753             {
4754                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_BBP_WRITE_BULK\n"));
4755                    Status = -EFAULT;
4756             }
4757                         else
4758                         {
4759                 ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_BBP_WRITE_BULK is done !\n"));
4760                         }
4761                 }
4762                         break;
4763
4764 #ifdef CONFIG_RALINK_RT3052
4765                 case RACFG_CMD_ATE_RF_READ_BULK:
4766                 {
4767                         USHORT offset;
4768                         USHORT len;
4769                         USHORT j;
4770
4771                         offset = ntohs(pRaCfg->status);
4772                         memcpy(&len, pRaCfg->data, 2);
4773                         len = ntohs(len);
4774
4775                         for (j = offset; j < (offset+len); j++)
4776                         {
4777                                 pRaCfg->data[j - offset] = 0;
4778                                 RT30xxReadRFRegister(pAdapter, j,  &pRaCfg->data[j - offset]);
4779                         }
4780
4781                         // prepare feedback
4782                         pRaCfg->length = htons(2+len);
4783                         pRaCfg->status = htons(0);
4784                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4785                                                                 + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4786                                                                 + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4787
4788             if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4789             {
4790                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_RF_READ_BULK\n"));
4791                    Status = -EFAULT;
4792             }
4793                         else
4794                         {
4795                 ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_RF_READ_BULK is done !\n"));
4796                         }
4797
4798                 }
4799                         break;
4800
4801                 case RACFG_CMD_ATE_RF_WRITE_BULK:
4802                 {
4803                         USHORT offset;
4804                         USHORT len;
4805                         USHORT j;
4806                         UCHAR *value;
4807
4808                         offset = ntohs(pRaCfg->status);
4809                         memcpy(&len, pRaCfg->data, 2);
4810                         len = ntohs(len);
4811
4812                         for (j = offset; j < (offset+len); j++)
4813                         {
4814                                 value = pRaCfg->data + 2 + (j - offset);
4815                                 RT30xxWriteRFRegister(pAdapter, j,  *value);
4816                         }
4817
4818                         // prepare feedback
4819                         pRaCfg->length = htons(2);
4820                         pRaCfg->status = htons(0);
4821                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4822                                                                 + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4823                                                                 + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4824
4825             if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4826             {
4827                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_RF_WRITE_BULK\n"));
4828                    Status = -EFAULT;
4829             }
4830                         else
4831                         {
4832                 ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_RF_WRITE_BULK is done !\n"));
4833                         }
4834
4835                 }
4836                         break;
4837 #endif
4838
4839
4840                 case RACFG_CMD_GET_NOISE_LEVEL:
4841                         {
4842                                 UCHAR   channel;
4843                                 INT32   buffer[3][10];/* 3 : RxPath ; 10 : no. of per rssi samples */
4844
4845                                 channel = (ntohs(pRaCfg->status) & 0x00FF);
4846                                 CalNoiseLevel(pAdapter, channel, buffer);
4847                                 memcpy_exl(pAdapter, (UCHAR *)pRaCfg->data, (UCHAR *)&(buffer[0][0]), (sizeof(INT32)*3*10));
4848
4849                                 // prepare feedback
4850                                 pRaCfg->length = htons(2 + (sizeof(INT32)*3*10));
4851                                 pRaCfg->status = htons(0);
4852                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4853                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4854                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4855
4856                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4857                 {
4858                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_GET_NOISE_LEVEL\n"));
4859                     Status = -EFAULT;
4860                 }
4861                                 else
4862                                 {
4863                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_GET_NOISE_LEVEL is done !\n"));
4864                                 }
4865                         }
4866                         break;
4867
4868                 case RACFG_CMD_GET_COUNTER:
4869                         {
4870                                 memcpy_exl(pAdapter, &pRaCfg->data[0], (UCHAR *)&pAdapter->ate.U2M, 4);
4871                                 memcpy_exl(pAdapter, &pRaCfg->data[4], (UCHAR *)&pAdapter->ate.OtherData, 4);
4872                                 memcpy_exl(pAdapter, &pRaCfg->data[8], (UCHAR *)&pAdapter->ate.Beacon, 4);
4873                                 memcpy_exl(pAdapter, &pRaCfg->data[12], (UCHAR *)&pAdapter->ate.OtherCount, 4);
4874                                 memcpy_exl(pAdapter, &pRaCfg->data[16], (UCHAR *)&pAdapter->ate.TxAc0, 4);
4875                                 memcpy_exl(pAdapter, &pRaCfg->data[20], (UCHAR *)&pAdapter->ate.TxAc1, 4);
4876                                 memcpy_exl(pAdapter, &pRaCfg->data[24], (UCHAR *)&pAdapter->ate.TxAc2, 4);
4877                                 memcpy_exl(pAdapter, &pRaCfg->data[28], (UCHAR *)&pAdapter->ate.TxAc3, 4);
4878                                 memcpy_exl(pAdapter, &pRaCfg->data[32], (UCHAR *)&pAdapter->ate.TxHCCA, 4);
4879                                 memcpy_exl(pAdapter, &pRaCfg->data[36], (UCHAR *)&pAdapter->ate.TxMgmt, 4);
4880                                 memcpy_exl(pAdapter, &pRaCfg->data[40], (UCHAR *)&pAdapter->ate.RSSI0, 4);
4881                                 memcpy_exl(pAdapter, &pRaCfg->data[44], (UCHAR *)&pAdapter->ate.RSSI1, 4);
4882                                 memcpy_exl(pAdapter, &pRaCfg->data[48], (UCHAR *)&pAdapter->ate.RSSI2, 4);
4883                                 memcpy_exl(pAdapter, &pRaCfg->data[52], (UCHAR *)&pAdapter->ate.SNR0, 4);
4884                                 memcpy_exl(pAdapter, &pRaCfg->data[56], (UCHAR *)&pAdapter->ate.SNR1, 4);
4885
4886                                 pRaCfg->length = htons(2+60);
4887                                 pRaCfg->status = htons(0);
4888                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4889                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4890                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4891
4892                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4893                 {
4894                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_GET_COUNTER\n"));
4895                     Status = -EFAULT;
4896                 }
4897                                 else
4898                                 {
4899                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_GET_COUNTER is done !\n"));
4900                                 }
4901                         }
4902                         break;
4903
4904                 case RACFG_CMD_CLEAR_COUNTER:
4905                         {
4906                                 pAdapter->ate.U2M = 0;
4907                                 pAdapter->ate.OtherData = 0;
4908                                 pAdapter->ate.Beacon = 0;
4909                                 pAdapter->ate.OtherCount = 0;
4910                                 pAdapter->ate.TxAc0 = 0;
4911                                 pAdapter->ate.TxAc1 = 0;
4912                                 pAdapter->ate.TxAc2 = 0;
4913                                 pAdapter->ate.TxAc3 = 0;
4914                                 pAdapter->ate.TxHCCA = 0;
4915                                 pAdapter->ate.TxMgmt = 0;
4916                                 pAdapter->ate.TxDoneCount = 0;
4917
4918                                 pRaCfg->length = htons(2);
4919                                 pRaCfg->status = htons(0);
4920
4921                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
4922                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
4923                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
4924
4925                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
4926                 {
4927                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_CLEAR_COUNTER\n"));
4928                     Status = -EFAULT;
4929                 }
4930                                 else
4931                                 {
4932                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_CLEAR_COUNTER is done !\n"));
4933                                 }
4934                         }
4935
4936                         break;
4937
4938                 case RACFG_CMD_TX_START:
4939                         {
4940                                 USHORT *p;
4941                                 USHORT  err = 1;
4942                                 UCHAR   Bbp22Value = 0, Bbp24Value = 0;
4943
4944                                 if ((pAdapter->ate.TxStatus != 0) && (pAdapter->ate.Mode & ATE_TXFRAME))
4945                                 {
4946                                         ATEDBGPRINT(RT_DEBUG_TRACE,("Ate Tx is already running, to run next Tx, you must stop it first\n"));
4947                                         err = 2;
4948                                         goto TX_START_ERROR;
4949                                 }
4950                                 else if ((pAdapter->ate.TxStatus != 0) && !(pAdapter->ate.Mode & ATE_TXFRAME))
4951                                 {
4952                                         int i = 0;
4953
4954                                         while ((i++ < 10) && (pAdapter->ate.TxStatus != 0))
4955                                         {
4956                                                 RTMPusecDelay(5000);
4957                                         }
4958
4959                                         // force it to stop
4960                                         pAdapter->ate.TxStatus = 0;
4961                                         pAdapter->ate.TxDoneCount = 0;
4962                                         //pAdapter->ate.Repeat = 0;
4963                                         pAdapter->ate.bQATxStart = FALSE;
4964                                 }
4965
4966                                 // If pRaCfg->length == 0, this "RACFG_CMD_TX_START" is for Carrier test or Carrier Suppression.
4967                                 if (ntohs(pRaCfg->length) != 0)
4968                                 {
4969                                         // Get frame info
4970 #ifdef RT2870
4971                                         NdisMoveMemory(&pAdapter->ate.TxInfo, pRaCfg->data - 2, 4);
4972 #ifdef RT_BIG_ENDIAN
4973                                         RTMPDescriptorEndianChange((PUCHAR) &pAdapter->ate.TxInfo, TYPE_TXINFO);
4974 #endif // RT_BIG_ENDIAN //
4975 #endif // RT2870 //
4976
4977                                         NdisMoveMemory(&pAdapter->ate.TxWI, pRaCfg->data + 2, 16);
4978 #ifdef RT_BIG_ENDIAN
4979                                         RTMPWIEndianChange((PUCHAR)&pAdapter->ate.TxWI, TYPE_TXWI);
4980 #endif // RT_BIG_ENDIAN //
4981
4982                                         NdisMoveMemory(&pAdapter->ate.TxCount, pRaCfg->data + 18, 4);
4983                                         pAdapter->ate.TxCount = ntohl(pAdapter->ate.TxCount);
4984
4985                                         p = (USHORT *)(&pRaCfg->data[22]);
4986                                         //p = pRaCfg->data + 22;
4987                                         // always use QID_AC_BE
4988                                         pAdapter->ate.QID = 0;
4989                                         p = (USHORT *)(&pRaCfg->data[24]);
4990                                         //p = pRaCfg->data + 24;
4991                                         pAdapter->ate.HLen = ntohs(*p);
4992
4993                                         if (pAdapter->ate.HLen > 32)
4994                                         {
4995                                                 ATEDBGPRINT(RT_DEBUG_ERROR,("pAdapter->ate.HLen > 32\n"));
4996                                                 err = 3;
4997                                                 goto TX_START_ERROR;
4998                                         }
4999
5000                                         NdisMoveMemory(&pAdapter->ate.Header, pRaCfg->data + 26, pAdapter->ate.HLen);
5001
5002
5003                                         pAdapter->ate.PLen = ntohs(pRaCfg->length) - (pAdapter->ate.HLen + 28);
5004
5005                                         if (pAdapter->ate.PLen > 32)
5006                                         {
5007                                                 ATEDBGPRINT(RT_DEBUG_ERROR,("pAdapter->ate.PLen > 32\n"));
5008                                                 err = 4;
5009                                                 goto TX_START_ERROR;
5010                                         }
5011
5012                                         NdisMoveMemory(&pAdapter->ate.Pattern, pRaCfg->data + 26 + pAdapter->ate.HLen, pAdapter->ate.PLen);
5013                                         pAdapter->ate.DLen = pAdapter->ate.TxWI.MPDUtotalByteCount - pAdapter->ate.HLen;
5014                                 }
5015
5016                                 ATE_BBP_IO_READ8_BY_REG_ID(pAdapter, BBP_R22, &Bbp22Value);
5017
5018                                 switch (Bbp22Value)
5019                                 {
5020                                         case BBP22_TXFRAME:
5021                                                 {
5022                                                         if (pAdapter->ate.TxCount == 0)
5023                                                         {
5024                                                         }
5025                                                         ATEDBGPRINT(RT_DEBUG_TRACE,("START TXFRAME\n"));
5026                                                         pAdapter->ate.bQATxStart = TRUE;
5027                                                         Set_ATE_Proc(pAdapter, "TXFRAME");
5028                                                 }
5029                                                 break;
5030
5031                                         case BBP22_TXCONT_OR_CARRSUPP:
5032                                                 {
5033                                                         ATEDBGPRINT(RT_DEBUG_TRACE,("BBP22_TXCONT_OR_CARRSUPP\n"));
5034                                                         ATE_BBP_IO_READ8_BY_REG_ID(pAdapter, 24, &Bbp24Value);
5035
5036                                                         switch (Bbp24Value)
5037                                                         {
5038                                                                 case BBP24_TXCONT:
5039                                                                         {
5040                                                                                 ATEDBGPRINT(RT_DEBUG_TRACE,("START TXCONT\n"));
5041                                                                                 pAdapter->ate.bQATxStart = TRUE;
5042                                                                                 Set_ATE_Proc(pAdapter, "TXCONT");
5043                                                                         }
5044                                                                         break;
5045
5046                                                                 case BBP24_CARRSUPP:
5047                                                                         {
5048                                                                                 ATEDBGPRINT(RT_DEBUG_TRACE,("START TXCARRSUPP\n"));
5049                                                                                 pAdapter->ate.bQATxStart = TRUE;
5050                                                                                 pAdapter->ate.Mode |= ATE_TXCARRSUPP;
5051                                                                         }
5052                                                                         break;
5053
5054                                                                 default:
5055                                                                         {
5056                                                                                 ATEDBGPRINT(RT_DEBUG_ERROR,("Unknown Start TX subtype !"));
5057                                                                         }
5058                                                                         break;
5059                                                         }
5060                                                 }
5061                                                 break;
5062
5063                                         case BBP22_TXCARR:
5064                                                 {
5065                                                         ATEDBGPRINT(RT_DEBUG_TRACE,("START TXCARR\n"));
5066                                                         pAdapter->ate.bQATxStart = TRUE;
5067                                                         Set_ATE_Proc(pAdapter, "TXCARR");
5068                                                 }
5069                                                 break;
5070
5071                                         default:
5072                                                 {
5073                                                         ATEDBGPRINT(RT_DEBUG_ERROR,("Unknown Start TX subtype !"));
5074                                                 }
5075                                                 break;
5076                                 }
5077
5078                                 if (pAdapter->ate.bQATxStart == TRUE)
5079                                 {
5080                                         // prepare feedback
5081                                         pRaCfg->length = htons(2);
5082                                         pRaCfg->status = htons(0);
5083
5084                                         wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5085                                                                                 + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5086                                                                                 + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5087
5088                         if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5089                         {
5090                                 ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() was failed in case RACFG_CMD_TX_START\n"));
5091                             Status = -EFAULT;
5092                         }
5093                                         else
5094                                         {
5095                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_TX_START is done !\n"));
5096                                         }
5097                                         break;
5098                                 }
5099
5100 TX_START_ERROR:
5101                                 // prepare feedback
5102                                 pRaCfg->length = htons(2);
5103                                 pRaCfg->status = htons(err);
5104
5105                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5106                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5107                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5108                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5109                 {
5110                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_TX_START\n"));
5111                     Status = -EFAULT;
5112                 }
5113                                 else
5114                                 {
5115                         ATEDBGPRINT(RT_DEBUG_TRACE, ("feedback of TX_START_ERROR is done !\n"));
5116                                 }
5117                         }
5118                         break;
5119
5120                 case RACFG_CMD_GET_TX_STATUS:
5121                         {
5122                                 UINT32 count;
5123
5124                                 // prepare feedback
5125                                 pRaCfg->length = htons(6);
5126                                 pRaCfg->status = htons(0);
5127                                 count = htonl(pAdapter->ate.TxDoneCount);
5128                                 NdisMoveMemory(pRaCfg->data, &count, 4);
5129                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5130                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5131                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5132
5133                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5134                 {
5135                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_GET_TX_STATUS\n"));
5136                     Status = -EFAULT;
5137                 }
5138                                 else
5139                                 {
5140                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_GET_TX_STATUS is done !\n"));
5141                                 }
5142                         }
5143                         break;
5144
5145                 case RACFG_CMD_TX_STOP:
5146                         {
5147                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_TX_STOP\n"));
5148
5149                                 Set_ATE_Proc(pAdapter, "TXSTOP");
5150
5151                                 // prepare feedback
5152                                 pRaCfg->length = htons(2);
5153                                 pRaCfg->status = htons(0);
5154                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5155                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5156                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5157
5158                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5159                 {
5160                         ATEDBGPRINT(RT_DEBUG_TRACE, ("copy_to_user() fail in case RACFG_CMD_TX_STOP\n"));
5161                     Status = -EFAULT;
5162                 }
5163                                 else
5164                                 {
5165                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_TX_STOP is done !\n"));
5166                                 }
5167                         }
5168                         break;
5169
5170                 case RACFG_CMD_RX_START:
5171                         {
5172                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_RX_START\n"));
5173
5174                                 pAdapter->ate.bQARxStart = TRUE;
5175                                 Set_ATE_Proc(pAdapter, "RXFRAME");
5176
5177                                 // prepare feedback
5178                                 pRaCfg->length = htons(2);
5179                                 pRaCfg->status = htons(0);
5180                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5181                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5182                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5183
5184                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5185                 {
5186                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_RX_START\n"));
5187                     Status = -EFAULT;
5188                 }
5189                                 else
5190                                 {
5191                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_RX_START is done !\n"));
5192                                 }
5193                         }
5194                         break;
5195
5196                 case RACFG_CMD_RX_STOP:
5197                         {
5198                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_RX_STOP\n"));
5199
5200                                 Set_ATE_Proc(pAdapter, "RXSTOP");
5201
5202                                 // prepare feedback
5203                                 pRaCfg->length = htons(2);
5204                                 pRaCfg->status = htons(0);
5205                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5206                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5207                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5208
5209                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5210                 {
5211                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_RX_STOP\n"));
5212                     Status = -EFAULT;
5213                 }
5214                                 else
5215                                 {
5216                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_RX_STOP is done !\n"));
5217                                 }
5218                         }
5219                         break;
5220
5221                 /* The following cases are for new ATE GUI(not QA). */
5222                 /*==================================================*/
5223                 case RACFG_CMD_ATE_START_TX_CARRIER:
5224                         {
5225                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_START_TX_CARRIER\n"));
5226
5227                                 Set_ATE_Proc(pAdapter, "TXCARR");
5228
5229                                 pRaCfg->length = htons(2);
5230                                 pRaCfg->status = htons(0);
5231
5232                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5233                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5234                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5235
5236                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("wrq->u.data.length = %d\n", wrq->u.data.length));
5237
5238                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5239                 {
5240                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_START_TX_CARRIER\n"));
5241                     Status = -EFAULT;
5242                 }
5243                                 else
5244                                 {
5245                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_START_TX_CARRIER is done !\n"));
5246                                 }
5247                         }
5248                         break;
5249
5250                 case RACFG_CMD_ATE_START_TX_CONT:
5251                         {
5252                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_START_TX_CONT\n"));
5253
5254                                 Set_ATE_Proc(pAdapter, "TXCONT");
5255
5256                                 pRaCfg->length = htons(2);
5257                                 pRaCfg->status = htons(0);
5258
5259                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5260                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5261                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5262
5263                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("wrq->u.data.length = %d\n", wrq->u.data.length));
5264
5265                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5266                 {
5267                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_START_TX_CONT\n"));
5268                     Status = -EFAULT;
5269                 }
5270                                 else
5271                                 {
5272                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_START_TX_CONT is done !\n"));
5273                                 }
5274                         }
5275                         break;
5276
5277                 case RACFG_CMD_ATE_START_TX_FRAME:
5278                         {
5279                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_START_TX_FRAME\n"));
5280
5281                                 Set_ATE_Proc(pAdapter, "TXFRAME");
5282
5283                                 pRaCfg->length = htons(2);
5284                                 pRaCfg->status = htons(0);
5285
5286                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5287                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5288                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5289
5290                                 ATEDBGPRINT(RT_DEBUG_TRACE, ("wrq->u.data.length = %d\n", wrq->u.data.length));
5291
5292                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5293                 {
5294                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_START_TX_FRAME\n"));
5295                     Status = -EFAULT;
5296                 }
5297                                 else
5298                                 {
5299                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_START_TX_FRAME is done !\n"));
5300                                 }
5301                         }
5302                         break;
5303
5304                 case RACFG_CMD_ATE_SET_BW:
5305                         {
5306                                 SHORT    value = 0;
5307                                 UCHAR    str[LEN_OF_ARG];
5308
5309                                 NdisZeroMemory(str, LEN_OF_ARG);
5310
5311                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_BW\n"));
5312
5313                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5314                                 value = ntohs(value);
5315                                 sprintf((PCHAR)str, "%d", value);
5316
5317                                 Set_ATE_TX_BW_Proc(pAdapter, str);
5318
5319                                 // prepare feedback
5320                                 pRaCfg->length = htons(2);
5321                                 pRaCfg->status = htons(0);
5322                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5323                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5324                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5325
5326                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5327                 {
5328                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_BW\n"));
5329                     Status = -EFAULT;
5330                 }
5331                                 else
5332                                 {
5333                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_BW is done !\n"));
5334                                 }
5335                         }
5336                         break;
5337
5338                 case RACFG_CMD_ATE_SET_TX_POWER0:
5339                         {
5340                                 SHORT    value = 0;
5341                                 UCHAR    str[LEN_OF_ARG];
5342
5343                                 NdisZeroMemory(str, LEN_OF_ARG);
5344
5345                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_TX_POWER0\n"));
5346
5347                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5348                                 value = ntohs(value);
5349                                 sprintf((PCHAR)str, "%d", value);
5350                                 Set_ATE_TX_POWER0_Proc(pAdapter, str);
5351
5352                                 // prepare feedback
5353                                 pRaCfg->length = htons(2);
5354                                 pRaCfg->status = htons(0);
5355                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5356                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5357                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5358
5359                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5360                 {
5361                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_TX_POWER0\n"));
5362                     Status = -EFAULT;
5363                 }
5364                                 else
5365                                 {
5366                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_TX_POWER0 is done !\n"));
5367                                 }
5368                         }
5369                         break;
5370
5371                 case RACFG_CMD_ATE_SET_TX_POWER1:
5372                         {
5373                                 SHORT    value = 0;
5374                                 UCHAR    str[LEN_OF_ARG];
5375
5376                                 NdisZeroMemory(str, LEN_OF_ARG);
5377
5378                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_TX_POWER1\n"));
5379
5380                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5381                                 value = ntohs(value);
5382                                 sprintf((PCHAR)str, "%d", value);
5383                                 Set_ATE_TX_POWER1_Proc(pAdapter, str);
5384
5385                                 // prepare feedback
5386                                 pRaCfg->length = htons(2);
5387                                 pRaCfg->status = htons(0);
5388                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5389                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5390                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5391
5392                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5393                 {
5394                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_TX_POWER1\n"));
5395                     Status = -EFAULT;
5396                 }
5397                                 else
5398                                 {
5399                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_TX_POWER1 is done !\n"));
5400                                 }
5401                         }
5402                         break;
5403
5404                 case RACFG_CMD_ATE_SET_FREQ_OFFSET:
5405                         {
5406                                 SHORT    value = 0;
5407                                 UCHAR    str[LEN_OF_ARG];
5408
5409                                 NdisZeroMemory(str, LEN_OF_ARG);
5410
5411                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_FREQ_OFFSET\n"));
5412
5413                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5414                                 value = ntohs(value);
5415                                 sprintf((PCHAR)str, "%d", value);
5416                                 Set_ATE_TX_FREQOFFSET_Proc(pAdapter, str);
5417
5418                                 // prepare feedback
5419                                 pRaCfg->length = htons(2);
5420                                 pRaCfg->status = htons(0);
5421                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5422                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5423                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5424
5425                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5426                 {
5427                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_FREQ_OFFSET\n"));
5428                     Status = -EFAULT;
5429                 }
5430                                 else
5431                                 {
5432                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_FREQ_OFFSET is done !\n"));
5433                                 }
5434                         }
5435                         break;
5436
5437                 case RACFG_CMD_ATE_GET_STATISTICS:
5438                         {
5439                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_GET_STATISTICS\n"));
5440
5441                                 memcpy_exl(pAdapter, &pRaCfg->data[0], (UCHAR *)&pAdapter->ate.TxDoneCount, 4);
5442                                 memcpy_exl(pAdapter, &pRaCfg->data[4], (UCHAR *)&pAdapter->WlanCounters.RetryCount.u.LowPart, 4);
5443                                 memcpy_exl(pAdapter, &pRaCfg->data[8], (UCHAR *)&pAdapter->WlanCounters.FailedCount.u.LowPart, 4);
5444                                 memcpy_exl(pAdapter, &pRaCfg->data[12], (UCHAR *)&pAdapter->WlanCounters.RTSSuccessCount.u.LowPart, 4);
5445                                 memcpy_exl(pAdapter, &pRaCfg->data[16], (UCHAR *)&pAdapter->WlanCounters.RTSFailureCount.u.LowPart, 4);
5446                                 memcpy_exl(pAdapter, &pRaCfg->data[20], (UCHAR *)&pAdapter->WlanCounters.ReceivedFragmentCount.QuadPart, 4);
5447                                 memcpy_exl(pAdapter, &pRaCfg->data[24], (UCHAR *)&pAdapter->WlanCounters.FCSErrorCount.u.LowPart, 4);
5448                                 memcpy_exl(pAdapter, &pRaCfg->data[28], (UCHAR *)&pAdapter->Counters8023.RxNoBuffer, 4);
5449                                 memcpy_exl(pAdapter, &pRaCfg->data[32], (UCHAR *)&pAdapter->WlanCounters.FrameDuplicateCount.u.LowPart, 4);
5450                                 memcpy_exl(pAdapter, &pRaCfg->data[36], (UCHAR *)&pAdapter->RalinkCounters.OneSecFalseCCACnt, 4);
5451
5452                                 if (pAdapter->ate.RxAntennaSel == 0)
5453                                 {
5454                                         INT32 RSSI0 = 0;
5455                                         INT32 RSSI1 = 0;
5456                                         INT32 RSSI2 = 0;
5457
5458                                         RSSI0 = (INT32)(pAdapter->ate.LastRssi0 - pAdapter->BbpRssiToDbmDelta);
5459                                         RSSI1 = (INT32)(pAdapter->ate.LastRssi1 - pAdapter->BbpRssiToDbmDelta);
5460                                         RSSI2 = (INT32)(pAdapter->ate.LastRssi2 - pAdapter->BbpRssiToDbmDelta);
5461                                         memcpy_exl(pAdapter, &pRaCfg->data[40], (UCHAR *)&RSSI0, 4);
5462                                         memcpy_exl(pAdapter, &pRaCfg->data[44], (UCHAR *)&RSSI1, 4);
5463                                         memcpy_exl(pAdapter, &pRaCfg->data[48], (UCHAR *)&RSSI2, 4);
5464                                         pRaCfg->length = htons(2+52);
5465                                 }
5466                                 else
5467                                 {
5468                                         INT32 RSSI0 = 0;
5469
5470                                         RSSI0 = (INT32)(pAdapter->ate.LastRssi0 - pAdapter->BbpRssiToDbmDelta);
5471                                         memcpy_exl(pAdapter, &pRaCfg->data[40], (UCHAR *)&RSSI0, 4);
5472                                         pRaCfg->length = htons(2+44);
5473                                 }
5474                                 pRaCfg->status = htons(0);
5475                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5476                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5477                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5478
5479                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5480                 {
5481                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_GET_STATISTICS\n"));
5482                     Status = -EFAULT;
5483                 }
5484                                 else
5485                                 {
5486                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_GET_STATISTICS is done !\n"));
5487                                 }
5488                         }
5489                         break;
5490
5491                 case RACFG_CMD_ATE_RESET_COUNTER:
5492                         {
5493                                 SHORT    value = 1;
5494                                 UCHAR    str[LEN_OF_ARG];
5495
5496                                 NdisZeroMemory(str, LEN_OF_ARG);
5497
5498                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_RESET_COUNTER\n"));
5499
5500                                 sprintf((PCHAR)str, "%d", value);
5501                                 Set_ResetStatCounter_Proc(pAdapter, str);
5502
5503                                 pAdapter->ate.TxDoneCount = 0;
5504
5505                                 pRaCfg->length = htons(2);
5506                                 pRaCfg->status = htons(0);
5507
5508                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5509                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5510                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5511
5512                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5513                 {
5514                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_RESET_COUNTER\n"));
5515                     Status = -EFAULT;
5516                 }
5517                                 else
5518                                 {
5519                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_RESET_COUNTER is done !\n"));
5520                                 }
5521                         }
5522
5523                         break;
5524
5525                 case RACFG_CMD_ATE_SEL_TX_ANTENNA:
5526                         {
5527                                 SHORT    value = 0;
5528                                 UCHAR    str[LEN_OF_ARG];
5529
5530                                 NdisZeroMemory(str, LEN_OF_ARG);
5531
5532                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SEL_TX_ANTENNA\n"));
5533
5534                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5535                                 value = ntohs(value);
5536                                 sprintf((PCHAR)str, "%d", value);
5537                                 Set_ATE_TX_Antenna_Proc(pAdapter, str);
5538
5539                                 // prepare feedback
5540                                 pRaCfg->length = htons(2);
5541                                 pRaCfg->status = htons(0);
5542                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5543                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5544                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5545
5546                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5547                 {
5548                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SEL_TX_ANTENNA\n"));
5549                     Status = -EFAULT;
5550                 }
5551                                 else
5552                                 {
5553                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SEL_TX_ANTENNA is done !\n"));
5554                                 }
5555                         }
5556                         break;
5557
5558                 case RACFG_CMD_ATE_SEL_RX_ANTENNA:
5559                         {
5560                                 SHORT    value = 0;
5561                                 UCHAR    str[LEN_OF_ARG];
5562
5563                                 NdisZeroMemory(str, LEN_OF_ARG);
5564
5565                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SEL_RX_ANTENNA\n"));
5566
5567                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5568                                 value = ntohs(value);
5569                                 sprintf((PCHAR)str, "%d", value);
5570                                 Set_ATE_RX_Antenna_Proc(pAdapter, str);
5571
5572                                 // prepare feedback
5573                                 pRaCfg->length = htons(2);
5574                                 pRaCfg->status = htons(0);
5575                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5576                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5577                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5578
5579                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5580                 {
5581                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SEL_RX_ANTENNA\n"));
5582                     Status = -EFAULT;
5583                 }
5584                                 else
5585                                 {
5586                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SEL_RX_ANTENNA is done !\n"));
5587                                 }
5588                         }
5589                         break;
5590
5591                 case RACFG_CMD_ATE_SET_PREAMBLE:
5592                         {
5593                                 SHORT    value = 0;
5594                                 UCHAR    str[LEN_OF_ARG];
5595
5596                                 NdisZeroMemory(str, LEN_OF_ARG);
5597
5598                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_PREAMBLE\n"));
5599
5600                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5601                                 value = ntohs(value);
5602                                 sprintf((PCHAR)str, "%d", value);
5603                                 Set_ATE_TX_MODE_Proc(pAdapter, str);
5604
5605                                 // prepare feedback
5606                                 pRaCfg->length = htons(2);
5607                                 pRaCfg->status = htons(0);
5608                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5609                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5610                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5611
5612                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5613                 {
5614                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_PREAMBLE\n"));
5615                     Status = -EFAULT;
5616                 }
5617                                 else
5618                                 {
5619                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_PREAMBLE is done !\n"));
5620                                 }
5621                         }
5622                         break;
5623
5624                 case RACFG_CMD_ATE_SET_CHANNEL:
5625                         {
5626                                 SHORT    value = 0;
5627                                 UCHAR    str[LEN_OF_ARG];
5628
5629                                 NdisZeroMemory(str, LEN_OF_ARG);
5630
5631                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_CHANNEL\n"));
5632
5633                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5634                                 value = ntohs(value);
5635                                 sprintf((PCHAR)str, "%d", value);
5636                                 Set_ATE_CHANNEL_Proc(pAdapter, str);
5637
5638                                 // prepare feedback
5639                                 pRaCfg->length = htons(2);
5640                                 pRaCfg->status = htons(0);
5641                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5642                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5643                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5644
5645                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5646                 {
5647                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_CHANNEL\n"));
5648                     Status = -EFAULT;
5649                 }
5650                                 else
5651                                 {
5652                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_CHANNEL is done !\n"));
5653                                 }
5654                         }
5655                         break;
5656
5657                 case RACFG_CMD_ATE_SET_ADDR1:
5658                         {
5659                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_ADDR1\n"));
5660
5661                                 // Addr is an array of UCHAR,
5662                                 // so no need to perform endian swap.
5663                                 memcpy(pAdapter->ate.Addr1, (PUCHAR)(pRaCfg->data - 2), MAC_ADDR_LEN);
5664
5665                                 // prepare feedback
5666                                 pRaCfg->length = htons(2);
5667                                 pRaCfg->status = htons(0);
5668                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5669                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5670                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5671
5672                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5673                 {
5674                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_ADDR1\n"));
5675                     Status = -EFAULT;
5676                 }
5677                                 else
5678                                 {
5679                                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_ADDR1 is done !\n (ADDR1 = %2X:%2X:%2X:%2X:%2X:%2X)\n", pAdapter->ate.Addr1[0],
5680                                                 pAdapter->ate.Addr1[1], pAdapter->ate.Addr1[2], pAdapter->ate.Addr1[3], pAdapter->ate.Addr1[4], pAdapter->ate.Addr1[5]));
5681                                 }
5682                         }
5683                         break;
5684
5685                 case RACFG_CMD_ATE_SET_ADDR2:
5686                         {
5687                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_ADDR2\n"));
5688
5689                                 // Addr is an array of UCHAR,
5690                                 // so no need to perform endian swap.
5691                                 memcpy(pAdapter->ate.Addr2, (PUCHAR)(pRaCfg->data - 2), MAC_ADDR_LEN);
5692
5693                                 // prepare feedback
5694                                 pRaCfg->length = htons(2);
5695                                 pRaCfg->status = htons(0);
5696                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5697                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5698                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5699
5700                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5701                 {
5702                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_ADDR2\n"));
5703                     Status = -EFAULT;
5704                 }
5705                                 else
5706                                 {
5707                                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_ADDR2 is done !\n (ADDR2 = %2X:%2X:%2X:%2X:%2X:%2X)\n", pAdapter->ate.Addr2[0],
5708                                                 pAdapter->ate.Addr2[1], pAdapter->ate.Addr2[2], pAdapter->ate.Addr2[3], pAdapter->ate.Addr2[4], pAdapter->ate.Addr2[5]));
5709                                 }
5710                         }
5711                         break;
5712
5713                 case RACFG_CMD_ATE_SET_ADDR3:
5714                         {
5715                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_ADDR3\n"));
5716
5717                                 // Addr is an array of UCHAR,
5718                                 // so no need to perform endian swap.
5719                                 memcpy(pAdapter->ate.Addr3, (PUCHAR)(pRaCfg->data - 2), MAC_ADDR_LEN);
5720
5721                                 // prepare feedback
5722                                 pRaCfg->length = htons(2);
5723                                 pRaCfg->status = htons(0);
5724                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5725                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5726                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5727
5728                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5729                 {
5730                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_ADDR3\n"));
5731                     Status = -EFAULT;
5732                 }
5733                                 else
5734                                 {
5735                                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_ADDR3 is done !\n (ADDR3 = %2X:%2X:%2X:%2X:%2X:%2X)\n", pAdapter->ate.Addr3[0],
5736                                                 pAdapter->ate.Addr3[1], pAdapter->ate.Addr3[2], pAdapter->ate.Addr3[3], pAdapter->ate.Addr3[4], pAdapter->ate.Addr3[5]));
5737                                 }
5738                         }
5739                         break;
5740
5741                 case RACFG_CMD_ATE_SET_RATE:
5742                         {
5743                                 SHORT    value = 0;
5744                                 UCHAR    str[LEN_OF_ARG];
5745
5746                                 NdisZeroMemory(str, LEN_OF_ARG);
5747
5748                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_RATE\n"));
5749
5750                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5751                                 value = ntohs(value);
5752                                 sprintf((PCHAR)str, "%d", value);
5753                                 Set_ATE_TX_MCS_Proc(pAdapter, str);
5754
5755                                 // prepare feedback
5756                                 pRaCfg->length = htons(2);
5757                                 pRaCfg->status = htons(0);
5758                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5759                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5760                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5761
5762                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5763                 {
5764                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_RATE\n"));
5765                     Status = -EFAULT;
5766                 }
5767                                 else
5768                                 {
5769                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_RATE is done !\n"));
5770                                 }
5771                         }
5772                         break;
5773
5774                 case RACFG_CMD_ATE_SET_TX_FRAME_LEN:
5775                         {
5776                                 SHORT    value = 0;
5777                                 UCHAR    str[LEN_OF_ARG];
5778
5779                                 NdisZeroMemory(str, LEN_OF_ARG);
5780
5781                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_TX_FRAME_LEN\n"));
5782
5783                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5784                                 value = ntohs(value);
5785                                 sprintf((PCHAR)str, "%d", value);
5786                                 Set_ATE_TX_LENGTH_Proc(pAdapter, str);
5787
5788                                 // prepare feedback
5789                                 pRaCfg->length = htons(2);
5790                                 pRaCfg->status = htons(0);
5791                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5792                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5793                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5794
5795                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5796                 {
5797                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_TX_FRAME_LEN\n"));
5798                     Status = -EFAULT;
5799                 }
5800                                 else
5801                                 {
5802                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_TX_FRAME_LEN is done !\n"));
5803                                 }
5804                         }
5805                         break;
5806
5807                 case RACFG_CMD_ATE_SET_TX_FRAME_COUNT:
5808                         {
5809                                 USHORT    value = 0;
5810                                 UCHAR    str[LEN_OF_ARG];
5811
5812                                 NdisZeroMemory(str, LEN_OF_ARG);
5813
5814                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_ATE_SET_TX_FRAME_COUNT\n"));
5815
5816                                 memcpy((PUCHAR)&value, (PUCHAR)&(pRaCfg->status), 2);
5817                                 value = ntohs(value);
5818                                 {
5819                                         sprintf((PCHAR)str, "%d", value);
5820                                         Set_ATE_TX_COUNT_Proc(pAdapter, str);
5821                                 }
5822
5823                                 // prepare feedback
5824                                 pRaCfg->length = htons(2);
5825                                 pRaCfg->status = htons(0);
5826                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5827                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5828                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5829
5830                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5831                 {
5832                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_ATE_SET_TX_FRAME_COUNT\n"));
5833                     Status = -EFAULT;
5834                 }
5835                                 else
5836                                 {
5837                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_ATE_SET_TX_FRAME_COUNT is done !\n"));
5838                                 }
5839                         }
5840                         break;
5841
5842                 case RACFG_CMD_ATE_START_RX_FRAME:
5843                         {
5844                                 ATEDBGPRINT(RT_DEBUG_TRACE,("RACFG_CMD_RX_START\n"));
5845
5846                                 Set_ATE_Proc(pAdapter, "RXFRAME");
5847
5848                                 // prepare feedback
5849                                 pRaCfg->length = htons(2);
5850                                 pRaCfg->status = htons(0);
5851                                 wrq->u.data.length = sizeof(pRaCfg->magic_no) + sizeof(pRaCfg->command_type)
5852                                                                         + sizeof(pRaCfg->command_id) + sizeof(pRaCfg->length)
5853                                                                         + sizeof(pRaCfg->sequence) + ntohs(pRaCfg->length);
5854
5855                 if (copy_to_user(wrq->u.data.pointer, pRaCfg, wrq->u.data.length))
5856                 {
5857                         ATEDBGPRINT(RT_DEBUG_ERROR, ("copy_to_user() fail in case RACFG_CMD_RX_START\n"));
5858                     Status = -EFAULT;
5859                 }
5860                                 else
5861                                 {
5862                         ATEDBGPRINT(RT_DEBUG_TRACE, ("RACFG_CMD_RX_START is done !\n"));
5863                                 }
5864                         }
5865                         break;
5866                 default:
5867                         break;
5868         }
5869     ASSERT(pRaCfg != NULL);
5870     if (pRaCfg != NULL)
5871     {
5872     kfree(pRaCfg);
5873     }
5874         return;
5875 }
5876
5877 VOID BubbleSort(INT32 n, INT32 a[])
5878 {
5879         INT32 k, j, temp;
5880
5881         for (k = n-1;  k>0;  k--)
5882         {
5883                 for (j = 0; j<k; j++)
5884                 {
5885                         if(a[j] > a[j+1])
5886                         {
5887                                 temp = a[j];
5888                                 a[j]=a[j+1];
5889                                 a[j+1]=temp;
5890                         }
5891                 }
5892         }
5893 }
5894
5895 VOID CalNoiseLevel(PRTMP_ADAPTER pAd, UCHAR channel, INT32 RSSI[3][10])
5896 {
5897         INT32           RSSI0, RSSI1, RSSI2;
5898         CHAR            Rssi0Offset, Rssi1Offset, Rssi2Offset;
5899         UCHAR           BbpR50Rssi0 = 0, BbpR51Rssi1 = 0, BbpR52Rssi2 = 0;
5900         UCHAR           Org_BBP66value = 0, Org_BBP69value = 0, Org_BBP70value = 0, data = 0;
5901         USHORT          LNA_Gain = 0;
5902         INT32       j = 0;
5903         UCHAR           Org_Channel = pAd->ate.Channel;
5904         USHORT      GainValue = 0, OffsetValue = 0;
5905
5906         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R66, &Org_BBP66value);
5907         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R69, &Org_BBP69value);
5908         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R70, &Org_BBP70value);
5909
5910         //**********************************************************************
5911         // Read the value of LNA gain and Rssi offset
5912         //**********************************************************************
5913         RT28xx_EEPROM_READ16(pAd, EEPROM_LNA_OFFSET, GainValue);
5914
5915         // for Noise Level
5916         if (channel <= 14)
5917         {
5918                 LNA_Gain = GainValue & 0x00FF;
5919
5920                 RT28xx_EEPROM_READ16(pAd, EEPROM_RSSI_BG_OFFSET, OffsetValue);
5921                 Rssi0Offset = OffsetValue & 0x00FF;
5922                 Rssi1Offset = (OffsetValue & 0xFF00) >> 8;
5923                 RT28xx_EEPROM_READ16(pAd, (EEPROM_RSSI_BG_OFFSET + 2)/* 0x48 */, OffsetValue);
5924                 Rssi2Offset = OffsetValue & 0x00FF;
5925         }
5926         else
5927         {
5928                 LNA_Gain = (GainValue & 0xFF00) >> 8;
5929
5930                 RT28xx_EEPROM_READ16(pAd, EEPROM_RSSI_A_OFFSET, OffsetValue);
5931                 Rssi0Offset = OffsetValue & 0x00FF;
5932                 Rssi1Offset = (OffsetValue & 0xFF00) >> 8;
5933                 RT28xx_EEPROM_READ16(pAd, (EEPROM_RSSI_A_OFFSET + 2)/* 0x4C */, OffsetValue);
5934                 Rssi2Offset = OffsetValue & 0x00FF;
5935         }
5936         //**********************************************************************
5937         {
5938                 pAd->ate.Channel = channel;
5939                 ATEAsicSwitchChannel(pAd);
5940                 mdelay(5);
5941
5942                 data = 0x10;
5943                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R66, data);
5944                 data = 0x40;
5945                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R69, data);
5946                 data = 0x40;
5947                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R70, data);
5948                 mdelay(5);
5949
5950                 // Start Rx
5951                 pAd->ate.bQARxStart = TRUE;
5952                 Set_ATE_Proc(pAd, "RXFRAME");
5953
5954                 mdelay(5);
5955
5956                 for (j = 0; j < 10; j++)
5957                 {
5958                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R50, &BbpR50Rssi0);
5959                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R51, &BbpR51Rssi1);
5960                         ATE_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R52, &BbpR52Rssi2);
5961
5962                         mdelay(10);
5963
5964                         // Calculate RSSI 0
5965                         if (BbpR50Rssi0 == 0)
5966                         {
5967                                 RSSI0 = -100;
5968                         }
5969                         else
5970                         {
5971                                 RSSI0 = (INT32)(-12 - BbpR50Rssi0 - LNA_Gain - Rssi0Offset);
5972                         }
5973                         RSSI[0][j] = RSSI0;
5974
5975                         if ( pAd->Antenna.field.RxPath >= 2 ) // 2R
5976                         {
5977                                 // Calculate RSSI 1
5978                                 if (BbpR51Rssi1 == 0)
5979                                 {
5980                                         RSSI1 = -100;
5981                                 }
5982                                 else
5983                                 {
5984                                         RSSI1 = (INT32)(-12 - BbpR51Rssi1 - LNA_Gain - Rssi1Offset);
5985                                 }
5986                                 RSSI[1][j] = RSSI1;
5987                         }
5988
5989                         if ( pAd->Antenna.field.RxPath >= 3 ) // 3R
5990                         {
5991                                 // Calculate RSSI 2
5992                                 if (BbpR52Rssi2 == 0)
5993                                         RSSI2 = -100;
5994                                 else
5995                                         RSSI2 = (INT32)(-12 - BbpR52Rssi2 - LNA_Gain - Rssi2Offset);
5996
5997                                 RSSI[2][j] = RSSI2;
5998                         }
5999                 }
6000
6001                 // Stop Rx
6002                 Set_ATE_Proc(pAd, "RXSTOP");
6003
6004                 mdelay(5);
6005
6006 #if 0// Debug Message................
6007                 ate_print("\n**********************************************************\n");
6008                 ate_print("Noise Level: Channel %d\n", channel);
6009                 ate_print("RSSI0 = %d, %d, %d, %d, %d, %d, %d, %d, %d, %d\n",
6010                         RSSI[0][0], RSSI[0][1], RSSI[0][2],
6011                         RSSI[0][3], RSSI[0][4], RSSI[0][5],
6012                         RSSI[0][6], RSSI[0][7], RSSI[0][8],
6013                         RSSI[0][9]);
6014                 if ( pAd->Antenna.field.RxPath >= 2 ) // 2R
6015                 {
6016                         ate_print("RSSI1 = %d, %d, %d, %d, %d, %d, %d, %d, %d, %d\n",
6017                                 RSSI[1][0], RSSI[1][1], RSSI[1][2],
6018                                 RSSI[1][3], RSSI[1][4], RSSI[1][5],
6019                                 RSSI[1][6], RSSI[1][7], RSSI[1][8],
6020                                 RSSI[1][9]);
6021                 }
6022                 if ( pAd->Antenna.field.RxPath >= 3 ) // 3R
6023                 {
6024                         ate_print("RSSI2 = %d, %d, %d, %d, %d, %d, %d, %d, %d, %d\n",
6025                                 RSSI[2][0], RSSI[2][1], RSSI[2][2],
6026                                 RSSI[2][3], RSSI[2][4], RSSI[2][5],
6027                                 RSSI[2][6], RSSI[2][7], RSSI[2][8],
6028                                 RSSI[2][9]);
6029                 }
6030 #endif // 0 //
6031                 BubbleSort(10, RSSI[0]);        // 1R
6032
6033                 if ( pAd->Antenna.field.RxPath >= 2 ) // 2R
6034                 {
6035                         BubbleSort(10, RSSI[1]);
6036                 }
6037
6038                 if ( pAd->Antenna.field.RxPath >= 3 ) // 3R
6039                 {
6040                         BubbleSort(10, RSSI[2]);
6041                 }
6042
6043 #if 0// Debug Message................
6044                 ate_print("\nAfter Sorting....Channel %d\n", channel);
6045                 ate_print("RSSI0 = %d, %d, %d, %d, %d, %d, %d, %d, %d, %d\n",
6046                         RSSI[0][0], RSSI[0][1], RSSI[0][2],
6047                         RSSI[0][3], RSSI[0][4], RSSI[0][5],
6048                         RSSI[0][6], RSSI[0][7], RSSI[0][8],
6049                         RSSI[0][9]);
6050                 if ( pAd->Antenna.field.RxPath >= 2 ) // 2R
6051                 {
6052                         ate_print("RSSI1 = %d, %d, %d, %d, %d, %d, %d, %d, %d, %d\n",
6053                                 RSSI[1][0], RSSI[1][1], RSSI[1][2],
6054                                 RSSI[1][3], RSSI[1][4], RSSI[1][5],
6055                                 RSSI[1][6], RSSI[1][7], RSSI[1][8],
6056                                 RSSI[1][9]);
6057                 }
6058                 if ( pAd->Antenna.field.RxPath >= 3 ) // 3R
6059                 {
6060                         ate_print("RSSI2 = %d, %d, %d, %d, %d, %d, %d, %d, %d, %d\n",
6061                                 RSSI[2][0], RSSI[2][1], RSSI[2][2],
6062                                 RSSI[2][3], RSSI[2][4], RSSI[2][5],
6063                                 RSSI[2][6], RSSI[2][7], RSSI[2][8],
6064                                 RSSI[2][9]);
6065                 }
6066                 ate_print("**********************************************************\n");
6067 #endif // 0 //
6068         }
6069
6070         pAd->ate.Channel = Org_Channel;
6071         ATEAsicSwitchChannel(pAd);
6072
6073         // Restore original value
6074     ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R66, Org_BBP66value);
6075     ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R69, Org_BBP69value);
6076     ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R70, Org_BBP70value);
6077
6078         return;
6079 }
6080
6081 BOOLEAN SyncTxRxConfig(PRTMP_ADAPTER pAd, USHORT offset, UCHAR value)
6082 {
6083         UCHAR tmp = 0, bbp_data = 0;
6084
6085         if (ATE_ON(pAd))
6086         {
6087                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, offset, &bbp_data);
6088         }
6089         else
6090         {
6091                 RTMP_BBP_IO_READ8_BY_REG_ID(pAd, offset, &bbp_data);
6092         }
6093
6094         /* confirm again */
6095         ASSERT(bbp_data == value);
6096
6097         switch(offset)
6098         {
6099                 case BBP_R1:
6100                         /* Need to sync. tx configuration with legacy ATE. */
6101                         tmp = (bbp_data & ((1 << 4) | (1 << 3))/* 0x18 */) >> 3;
6102                     switch(tmp)
6103                     {
6104                                 /* The BBP R1 bit[4:3] = 2 :: Both DACs will be used by QA. */
6105                         case 2:
6106                                         /* All */
6107                                         pAd->ate.TxAntennaSel = 0;
6108                             break;
6109                                 /* The BBP R1 bit[4:3] = 0 :: DAC 0 will be used by QA. */
6110                         case 0:
6111                                         /* Antenna one */
6112                                         pAd->ate.TxAntennaSel = 1;
6113                             break;
6114                                 /* The BBP R1 bit[4:3] = 1 :: DAC 1 will be used by QA. */
6115                         case 1:
6116                                         /* Antenna two */
6117                                         pAd->ate.TxAntennaSel = 2;
6118                             break;
6119                         default:
6120                             DBGPRINT(RT_DEBUG_TRACE, ("%s -- Sth. wrong!  : return FALSE; \n", __func__));
6121                             return FALSE;
6122                     }
6123                         break;/* case BBP_R1 */
6124
6125                 case BBP_R3:
6126                         /* Need to sync. rx configuration with legacy ATE. */
6127                         tmp = (bbp_data & ((1 << 1) | (1 << 0))/* 0x03 */);
6128                     switch(tmp)
6129                     {
6130                                 /* The BBP R3 bit[1:0] = 3 :: All ADCs will be used by QA. */
6131                         case 3:
6132                                         /* All */
6133                                         pAd->ate.RxAntennaSel = 0;
6134                             break;
6135                                 /* The BBP R3 bit[1:0] = 0 :: ADC 0 will be used by QA, */
6136                                 /* unless the BBP R3 bit[4:3] = 2 */
6137                         case 0:
6138                                         /* Antenna one */
6139                                         pAd->ate.RxAntennaSel = 1;
6140                                         tmp = ((bbp_data & ((1 << 4) | (1 << 3))/* 0x03 */) >> 3);
6141                                         if (tmp == 2)// 3R
6142                                         {
6143                                                 /* Default : All ADCs will be used by QA */
6144                                                 pAd->ate.RxAntennaSel = 0;
6145                                         }
6146                             break;
6147                                 /* The BBP R3 bit[1:0] = 1 :: ADC 1 will be used by QA. */
6148                         case 1:
6149                                         /* Antenna two */
6150                                         pAd->ate.RxAntennaSel = 2;
6151                             break;
6152                                 /* The BBP R3 bit[1:0] = 2 :: ADC 2 will be used by QA. */
6153                         case 2:
6154                                         /* Antenna three */
6155                                         pAd->ate.RxAntennaSel = 3;
6156                             break;
6157                         default:
6158                             DBGPRINT(RT_DEBUG_ERROR, ("%s -- Impossible!  : return FALSE; \n", __func__));
6159                             return FALSE;
6160                     }
6161                         break;/* case BBP_R3 */
6162
6163         default:
6164             DBGPRINT(RT_DEBUG_ERROR, ("%s -- Sth. wrong!  : return FALSE; \n", __func__));
6165             return FALSE;
6166
6167         }
6168         return TRUE;
6169 }
6170
6171 static VOID memcpy_exl(PRTMP_ADAPTER pAd, UCHAR *dst, UCHAR *src, ULONG len)
6172 {
6173         ULONG i, Value = 0;
6174         ULONG *pDst, *pSrc;
6175         UCHAR *p8;
6176
6177         p8 = src;
6178         pDst = (ULONG *) dst;
6179         pSrc = (ULONG *) src;
6180
6181         for (i = 0 ; i < (len/4); i++)
6182         {
6183                 /* For alignment issue, we need a variable "Value". */
6184                 memmove(&Value, pSrc, 4);
6185                 Value = htonl(Value);
6186                 memmove(pDst, &Value, 4);
6187                 pDst++;
6188                 pSrc++;
6189         }
6190         if ((len % 4) != 0)
6191         {
6192                 /* wish that it will never reach here */
6193                 memmove(&Value, pSrc, (len % 4));
6194                 Value = htonl(Value);
6195                 memmove(pDst, &Value, (len % 4));
6196         }
6197 }
6198
6199 static VOID memcpy_exs(PRTMP_ADAPTER pAd, UCHAR *dst, UCHAR *src, ULONG len)
6200 {
6201         ULONG i;
6202         UCHAR *pDst, *pSrc;
6203
6204         pDst = dst;
6205         pSrc = src;
6206
6207         for (i = 0; i < (len/2); i++)
6208         {
6209                 memmove(pDst, pSrc, 2);
6210                 *((USHORT *)pDst) = htons(*((USHORT *)pDst));
6211                 pDst+=2;
6212                 pSrc+=2;
6213         }
6214
6215         if ((len % 2) != 0)
6216         {
6217                 memmove(pDst, pSrc, 1);
6218         }
6219 }
6220
6221 static VOID RTMP_IO_READ_BULK(PRTMP_ADAPTER pAd, UCHAR *dst, UCHAR *src, UINT32 len)
6222 {
6223         UINT32 i, Value;
6224         UINT32 *pDst, *pSrc;
6225
6226         pDst = (UINT32 *) dst;
6227         pSrc = (UINT32 *) src;
6228
6229         for (i = 0 ; i < (len/4); i++)
6230         {
6231                 RTMP_IO_READ32(pAd, (ULONG)pSrc, &Value);
6232                 Value = htonl(Value);
6233                 memmove(pDst, &Value, 4);
6234                 pDst++;
6235                 pSrc++;
6236         }
6237         return;
6238 }
6239
6240 // TODO:
6241 #if 0
6242 /* These work only when RALINK_ATE is defined */
6243 INT Set_TxStart_Proc(
6244         IN      PRTMP_ADAPTER   pAd,
6245         IN      PUCHAR                  arg)
6246 {
6247         ULONG value = simple_strtol(arg, 0, 10);
6248         UCHAR buffer[26] = {0x88, 0x02, 0x2c, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x00, 0x55, 0x44, 0x33, 0x22, 0x11, 0xc0, 0x22, 0x00, 0x00};
6249         POS_COOKIE pObj;
6250
6251         if (pAd->ate.TxStatus != 0)
6252                 return FALSE;
6253
6254         pAd->ate.TxInfo = 0x04000000;
6255         bzero(&pAd->ate.TxWI, sizeof(TXWI_STRUC));
6256         pAd->ate.TxWI.PHYMODE = 0;// MODE_CCK
6257         pAd->ate.TxWI.MPDUtotalByteCount = 1226;
6258         pAd->ate.TxWI.MCS = 3;
6259         //pAd->ate.Mode = ATE_START;
6260         pAd->ate.Mode |= ATE_TXFRAME;
6261         pAd->ate.TxCount = value;
6262         pAd->ate.QID = 0;
6263         pAd->ate.HLen = 26;
6264         pAd->ate.PLen = 0;
6265         pAd->ate.DLen = 1200;
6266         memcpy(pAd->ate.Header, buffer, 26);
6267         pAd->ate.bQATxStart = TRUE;
6268         //pObj = (POS_COOKIE) pAd->OS_Cookie;
6269         //tasklet_hi_schedule(&pObj->AteTxTask);
6270         return TRUE;
6271 }
6272 #endif  /* end of #if 0 */
6273
6274 INT Set_TxStop_Proc(
6275         IN      PRTMP_ADAPTER   pAd,
6276         IN      PUCHAR                  arg)
6277 {
6278         ATEDBGPRINT(RT_DEBUG_TRACE,("Set_TxStop_Proc\n"));
6279
6280         if (Set_ATE_Proc(pAd, "TXSTOP"))
6281         {
6282         return TRUE;
6283 }
6284         else
6285         {
6286                 return FALSE;
6287         }
6288 }
6289
6290 INT Set_RxStop_Proc(
6291         IN      PRTMP_ADAPTER   pAd,
6292         IN      PUCHAR                  arg)
6293 {
6294         ATEDBGPRINT(RT_DEBUG_TRACE,("Set_RxStop_Proc\n"));
6295
6296         if (Set_ATE_Proc(pAd, "RXSTOP"))
6297         {
6298         return TRUE;
6299 }
6300         else
6301         {
6302                 return FALSE;
6303         }
6304 }
6305
6306 #if 0
6307 INT Set_EEWrite_Proc(
6308         IN      PRTMP_ADAPTER   pAd,
6309         IN      PUCHAR                  arg)
6310 {
6311         USHORT offset = 0, value;
6312         PUCHAR p2 = arg;
6313
6314         while((*p2 != ':') && (*p2 != '\0'))
6315         {
6316                 p2++;
6317         }
6318
6319         if (*p2 == ':')
6320         {
6321                 A2Hex(offset, arg);
6322                 A2Hex(value, p2+ 1);
6323         }
6324         else
6325         {
6326                 A2Hex(value, arg);
6327         }
6328
6329         if (offset >= EEPROM_SIZE)
6330         {
6331                 ate_print("Offset can not exceed EEPROM_SIZE( == 0x%04x)\n", EEPROM_SIZE);
6332                 return FALSE;
6333         }
6334
6335         RTMP_EEPROM_WRITE16(pAd, offset, value);
6336
6337         return TRUE;
6338 }
6339
6340 INT Set_BBPRead_Proc(
6341         IN      PRTMP_ADAPTER   pAd,
6342         IN      PUCHAR                  arg)
6343 {
6344         UCHAR value = 0, offset;
6345
6346         A2Hex(offset, arg);
6347
6348         if (ATE_ON(pAd))
6349         {
6350                 ATE_BBP_IO_READ8_BY_REG_ID(pAd, offset,  &value);
6351         }
6352         else
6353         {
6354                 RTMP_BBP_IO_READ8_BY_REG_ID(pAd, offset,  &value);
6355         }
6356
6357         ate_print("%x\n", value);
6358
6359         return TRUE;
6360 }
6361
6362
6363 INT Set_BBPWrite_Proc(
6364         IN      PRTMP_ADAPTER   pAd,
6365         IN      PUCHAR                  arg)
6366 {
6367         USHORT offset = 0;
6368         PUCHAR p2 = arg;
6369         UCHAR value;
6370
6371         while((*p2 != ':') && (*p2 != '\0'))
6372         {
6373                 p2++;
6374         }
6375
6376         if (*p2 == ':')
6377         {
6378                 A2Hex(offset, arg);
6379                 A2Hex(value, p2+ 1);
6380         }
6381         else
6382         {
6383                 A2Hex(value, arg);
6384         }
6385
6386         if (ATE_ON(pAd))
6387         {
6388                 ATE_BBP_IO_WRITE8_BY_REG_ID(pAd, offset,  value);
6389         }
6390         else
6391         {
6392                 RTNP_BBP_IO_WRITE8_BY_REG_ID(pAd, offset,  value);
6393         }
6394
6395         return TRUE;
6396 }
6397
6398 INT Set_RFWrite_Proc(
6399         IN      PRTMP_ADAPTER   pAd,
6400         IN      PUCHAR                  arg)
6401 {
6402         PUCHAR p2, p3, p4;
6403         ULONG R1, R2, R3, R4;
6404
6405         p2 = arg;
6406
6407         while((*p2 != ':') && (*p2 != '\0'))
6408         {
6409                 p2++;
6410         }
6411
6412         if (*p2 != ':')
6413                 return FALSE;
6414
6415         p3 = p2 + 1;
6416
6417         while((*p3 != ':') && (*p3 != '\0'))
6418         {
6419                 p3++;
6420         }
6421
6422         if (*p3 != ':')
6423                 return FALSE;
6424
6425         p4 = p3 + 1;
6426
6427         while((*p4 != ':') && (*p4 != '\0'))
6428         {
6429                 p4++;
6430         }
6431
6432         if (*p4 != ':')
6433                 return FALSE;
6434
6435
6436         A2Hex(R1, arg);
6437         A2Hex(R2, p2 + 1);
6438         A2Hex(R3, p3 + 1);
6439         A2Hex(R4, p4 + 1);
6440
6441         RTMP_RF_IO_WRITE32(pAd, R1);
6442         RTMP_RF_IO_WRITE32(pAd, R2);
6443         RTMP_RF_IO_WRITE32(pAd, R3);
6444         RTMP_RF_IO_WRITE32(pAd, R4);
6445
6446         return TRUE;
6447 }
6448 #endif  // end of #if 0 //
6449 #endif  // RALINK_28xx_QA //
6450
6451 #endif  // RALINK_ATE //
6452