2 *************************************************************************
4 * 5F., No.36, Taiyuan St., Jhubei City,
8 * (c) Copyright 2002-2007, Ralink Technology, Inc.
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
15 * This program is distributed in the hope that it will be useful, *
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
18 * GNU General Public License for more details. *
20 * You should have received a copy of the GNU General Public License *
21 * along with this program; if not, write to the *
22 * Free Software Foundation, Inc., *
23 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 *************************************************************************
34 -------- ---------- ----------------------------------------------
35 Name Date Modification logs
36 Paul Lin 06-25-2004 created
39 #include "../rt_config.h"
43 ========================================================================
45 Routine Description: NIC initialization complete
55 ========================================================================
58 NTSTATUS RTUSBFirmwareRun(
63 Status = RTUSB_VendorRequest(
65 USBD_TRANSFER_DIRECTION_OUT,
66 DEVICE_VENDOR_REQUEST_OUT,
79 ========================================================================
81 Routine Description: Write Firmware to NIC.
91 ========================================================================
93 NTSTATUS RTUSBFirmwareWrite(
103 Status = RTUSBReadMACRegister(pAd, MAC_CSR0, &MacReg);
107 RTUSBMultiWrite(pAd, FIRMWARE_IMAGE_BASE, pFwImage, writeLen);
109 Status = RTUSBWriteMACRegister(pAd, 0x7014, 0xffffffff);
110 Status = RTUSBWriteMACRegister(pAd, 0x701c, 0xffffffff);
111 Status = RTUSBFirmwareRun(pAd);
113 RTMPusecDelay(10000);
114 RTUSBWriteMACRegister(pAd,H2M_MAILBOX_CSR,0);
115 AsicSendCommandToMcu(pAd, 0x72, 0x00, 0x00, 0x00);//reset rf by MCU supported by new firmware
122 ========================================================================
124 Routine Description: Get current firmware operation mode (Return Value)
129 0 or 1 = Downloaded by host driver
130 others = Driver doesn't download firmware
136 ========================================================================
138 NTSTATUS RTUSBFirmwareOpmode(
139 IN PRTMP_ADAPTER pAd,
144 Status = RTUSB_VendorRequest(
146 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
147 DEVICE_VENDOR_REQUEST_IN,
155 NTSTATUS RTUSBVenderReset(
156 IN PRTMP_ADAPTER pAd)
159 DBGPRINT_RAW(RT_DEBUG_ERROR, ("-->RTUSBVenderReset\n"));
160 Status = RTUSB_VendorRequest(
162 USBD_TRANSFER_DIRECTION_OUT,
163 DEVICE_VENDOR_REQUEST_OUT,
170 DBGPRINT_RAW(RT_DEBUG_ERROR, ("<--RTUSBVenderReset\n"));
174 ========================================================================
176 Routine Description: Read various length data from RT2573
186 ========================================================================
188 NTSTATUS RTUSBMultiRead(
189 IN PRTMP_ADAPTER pAd,
196 Status = RTUSB_VendorRequest(
198 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
199 DEVICE_VENDOR_REQUEST_IN,
210 ========================================================================
212 Routine Description: Write various length data to RT2573
222 ========================================================================
224 NTSTATUS RTUSBMultiWrite_OneByte(
225 IN PRTMP_ADAPTER pAd,
231 // TODO: In 2870, use this funciton carefully cause it's not stable.
232 Status = RTUSB_VendorRequest(
234 USBD_TRANSFER_DIRECTION_OUT,
235 DEVICE_VENDOR_REQUEST_OUT,
245 NTSTATUS RTUSBMultiWrite(
246 IN PRTMP_ADAPTER pAd,
254 USHORT index = 0,Value;
262 Value =(USHORT)( *pSrc | (*(pSrc + 1) << 8));
263 Status = RTUSBSingleWrite(pAd,Offset + index,Value);
273 NTSTATUS RTUSBSingleWrite(
274 IN RTMP_ADAPTER *pAd,
280 Status = RTUSB_VendorRequest(
282 USBD_TRANSFER_DIRECTION_OUT,
283 DEVICE_VENDOR_REQUEST_OUT,
296 ========================================================================
298 Routine Description: Read 32-bit MAC register
308 ========================================================================
310 NTSTATUS RTUSBReadMACRegister(
311 IN PRTMP_ADAPTER pAd,
318 Status = RTUSB_VendorRequest(
320 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
321 DEVICE_VENDOR_REQUEST_IN,
328 *pValue = le2cpu32(localVal);
332 *pValue = 0xffffffff;
339 ========================================================================
341 Routine Description: Write 32-bit MAC register
351 ========================================================================
353 NTSTATUS RTUSBWriteMACRegister(
354 IN PRTMP_ADAPTER pAd,
363 Status = RTUSBSingleWrite(pAd, Offset, (USHORT)(localVal & 0xffff));
364 Status = RTUSBSingleWrite(pAd, Offset + 2, (USHORT)((localVal & 0xffff0000) >> 16));
373 ========================================================================
375 Routine Description: Read 8-bit BBP register
385 ========================================================================
387 NTSTATUS RTUSBReadBBPRegister(
388 IN PRTMP_ADAPTER pAd,
392 BBP_CSR_CFG_STRUC BbpCsr;
396 // Verify the busy condition
399 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
402 if (!(BbpCsr.field.Busy == BUSY))
405 printk("RTUSBReadBBPRegister(BBP_CSR_CFG_1):retry count=%d!\n", i);
408 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
410 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
413 // Read failed then Return Default value.
415 *pValue = pAd->BbpWriteLatch[Id];
417 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
418 return STATUS_UNSUCCESSFUL;
421 // Prepare for write material
423 BbpCsr.field.fRead = 1;
424 BbpCsr.field.Busy = 1;
425 BbpCsr.field.RegNum = Id;
426 RTUSBWriteMACRegister(pAd, BBP_CSR_CFG, BbpCsr.word);
429 // Verify the busy condition
432 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
435 if (!(BbpCsr.field.Busy == BUSY))
437 *pValue = (UCHAR)BbpCsr.field.Value;
441 printk("RTUSBReadBBPRegister(BBP_CSR_CFG_2):retry count=%d!\n", i);
444 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
446 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
449 // Read failed then Return Default value.
451 *pValue = pAd->BbpWriteLatch[Id];
453 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
454 return STATUS_UNSUCCESSFUL;
457 return STATUS_SUCCESS;
461 ========================================================================
463 Routine Description: Read 8-bit BBP register via firmware
473 ========================================================================
475 NTSTATUS RTUSBReadBBPRegister(
476 IN PRTMP_ADAPTER pAd,
480 BBP_CSR_CFG_STRUC BbpCsr;
482 for (i=0; i<MAX_BUSY_COUNT; i++)
484 RTUSBReadMACRegister(pAd, H2M_BBP_AGENT, &BbpCsr.word);
485 if (BbpCsr.field.Busy == BUSY)
490 BbpCsr.field.fRead = 1;
491 BbpCsr.field.BBP_RW_MODE = 1;
492 BbpCsr.field.Busy = 1;
493 BbpCsr.field.RegNum = Id;
494 RTUSBWriteMACRegister(pAd, H2M_BBP_AGENT, BbpCsr.word);
495 AsicSendCommandToMcu(pAd, 0x80, 0xff, 0x0, 0x0);
496 for (k=0; k<MAX_BUSY_COUNT; k++)
498 RTUSBReadMACRegister(pAd, H2M_BBP_AGENT, &BbpCsr.word);
499 if (BbpCsr.field.Busy == IDLE)
502 if ((BbpCsr.field.Busy == IDLE) &&
503 (BbpCsr.field.RegNum == Id))
505 *pValue = (UCHAR)BbpCsr.field.Value;
509 if (BbpCsr.field.Busy == BUSY)
511 DBGPRINT_ERR(("BBP read R%d=0x%x fail\n", Id, BbpCsr.word));
512 *pValue = pAd->BbpWriteLatch[Id];
513 return STATUS_UNSUCCESSFUL;
515 return STATUS_SUCCESS;
521 ========================================================================
523 Routine Description: Write 8-bit BBP register
533 ========================================================================
535 NTSTATUS RTUSBWriteBBPRegister(
536 IN PRTMP_ADAPTER pAd,
540 BBP_CSR_CFG_STRUC BbpCsr;
543 // Verify the busy condition
546 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
549 if (!(BbpCsr.field.Busy == BUSY))
552 printk("RTUSBWriteBBPRegister(BBP_CSR_CFG):retry count=%d!\n", i);
555 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
557 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
559 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
560 return STATUS_UNSUCCESSFUL;
563 // Prepare for write material
565 BbpCsr.field.fRead = 0;
566 BbpCsr.field.Value = Value;
567 BbpCsr.field.Busy = 1;
568 BbpCsr.field.RegNum = Id;
569 RTUSBWriteMACRegister(pAd, BBP_CSR_CFG, BbpCsr.word);
571 pAd->BbpWriteLatch[Id] = Value;
573 return STATUS_SUCCESS;
577 ========================================================================
579 Routine Description: Write 8-bit BBP register via firmware
589 ========================================================================
592 NTSTATUS RTUSBWriteBBPRegister(
593 IN PRTMP_ADAPTER pAd,
598 BBP_CSR_CFG_STRUC BbpCsr;
600 for (BusyCnt=0; BusyCnt<MAX_BUSY_COUNT; BusyCnt++)
602 RTMP_IO_READ32(pAd, H2M_BBP_AGENT, &BbpCsr.word);
603 if (BbpCsr.field.Busy == BUSY)
606 BbpCsr.field.fRead = 0;
607 BbpCsr.field.BBP_RW_MODE = 1;
608 BbpCsr.field.Busy = 1;
609 BbpCsr.field.Value = Value;
610 BbpCsr.field.RegNum = Id;
611 RTMP_IO_WRITE32(pAd, H2M_BBP_AGENT, BbpCsr.word);
612 AsicSendCommandToMcu(pAd, 0x80, 0xff, 0x0, 0x0);
613 pAd->BbpWriteLatch[Id] = Value;
616 if (BusyCnt == MAX_BUSY_COUNT)
618 DBGPRINT_ERR(("BBP write R%d=0x%x fail\n", Id, BbpCsr.word));
619 return STATUS_UNSUCCESSFUL;
621 return STATUS_SUCCESS;
625 ========================================================================
627 Routine Description: Write RF register through MAC
637 ========================================================================
639 NTSTATUS RTUSBWriteRFRegister(
640 IN PRTMP_ADAPTER pAd,
643 PHY_CSR4_STRUC PhyCsr4;
647 NdisZeroMemory(&PhyCsr4, sizeof(PHY_CSR4_STRUC));
650 status = RTUSBReadMACRegister(pAd, RF_CSR_CFG0, &PhyCsr4.word);
653 if (!(PhyCsr4.field.Busy))
656 printk("RTUSBWriteRFRegister(RF_CSR_CFG0):retry count=%d!\n", i);
659 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
661 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
663 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
664 return STATUS_UNSUCCESSFUL;
667 RTUSBWriteMACRegister(pAd, RF_CSR_CFG0, Value);
669 return STATUS_SUCCESS;
674 ========================================================================
686 ========================================================================
688 NTSTATUS RTUSBReadEEPROM(
689 IN PRTMP_ADAPTER pAd,
694 NTSTATUS Status = STATUS_SUCCESS;
699 Status =eFuseRead(pAd, Offset, pData, length);
704 Status = RTUSB_VendorRequest(
706 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
707 DEVICE_VENDOR_REQUEST_IN,
719 ========================================================================
731 ========================================================================
733 NTSTATUS RTUSBWriteEEPROM(
734 IN PRTMP_ADAPTER pAd,
739 NTSTATUS Status = STATUS_SUCCESS;
744 Status = eFuseWrite(pAd, Offset, pData, length);
749 Status = RTUSB_VendorRequest(
751 USBD_TRANSFER_DIRECTION_OUT,
752 DEVICE_VENDOR_REQUEST_OUT,
764 ========================================================================
776 ========================================================================
778 VOID RTUSBPutToSleep(
779 IN PRTMP_ADAPTER pAd)
783 // Timeout 0x40 x 50us
784 value = (SLEEPCID<<16)+(OWNERMCU<<24)+ (0x40<<8)+1;
785 RTUSBWriteMACRegister(pAd, 0x7010, value);
786 RTUSBWriteMACRegister(pAd, 0x404, 0x30);
787 //RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS);
788 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Sleep Mailbox testvalue %x\n", value));
793 ========================================================================
805 ========================================================================
807 NTSTATUS RTUSBWakeUp(
808 IN PRTMP_ADAPTER pAd)
812 Status = RTUSB_VendorRequest(
814 USBD_TRANSFER_DIRECTION_OUT,
815 DEVICE_VENDOR_REQUEST_OUT,
826 ========================================================================
838 ========================================================================
840 VOID RTUSBInitializeCmdQ(
846 cmdq->CmdQState = RT2870_THREAD_INITED;
850 ========================================================================
862 ========================================================================
864 NDIS_STATUS RTUSBEnqueueCmdFromNdis(
865 IN PRTMP_ADAPTER pAd,
867 IN BOOLEAN SetInformation,
868 IN PVOID pInformationBuffer,
869 IN UINT32 InformationBufferLength)
872 PCmdQElmt cmdqelmt = NULL;
873 POS_COOKIE pObj = (POS_COOKIE) pAd->OS_Cookie;
876 if (pObj->RTUSBCmdThr_pid < 0)
877 return (NDIS_STATUS_RESOURCES);
879 status = RTMPAllocateMemory((PVOID *)&cmdqelmt, sizeof(CmdQElmt));
880 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt == NULL))
881 return (NDIS_STATUS_RESOURCES);
883 cmdqelmt->buffer = NULL;
884 if (pInformationBuffer != NULL)
886 status = RTMPAllocateMemory((PVOID *)&cmdqelmt->buffer, InformationBufferLength);
887 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt->buffer == NULL))
890 return (NDIS_STATUS_RESOURCES);
894 NdisMoveMemory(cmdqelmt->buffer, pInformationBuffer, InformationBufferLength);
895 cmdqelmt->bufferlength = InformationBufferLength;
899 cmdqelmt->bufferlength = 0;
901 cmdqelmt->command = Oid;
902 cmdqelmt->CmdFromNdis = TRUE;
903 if (SetInformation == TRUE)
904 cmdqelmt->SetOperation = TRUE;
906 cmdqelmt->SetOperation = FALSE;
908 NdisAcquireSpinLock(&pAd->CmdQLock);
909 if (pAd->CmdQ.CmdQState & RT2870_THREAD_CAN_DO_INSERT)
911 EnqueueCmd((&pAd->CmdQ), cmdqelmt);
912 status = NDIS_STATUS_SUCCESS;
916 status = NDIS_STATUS_FAILURE;
918 NdisReleaseSpinLock(&pAd->CmdQLock);
920 if (status == NDIS_STATUS_FAILURE)
922 if (cmdqelmt->buffer)
923 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
924 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
930 return(NDIS_STATUS_SUCCESS);
934 ========================================================================
946 ========================================================================
948 NDIS_STATUS RTUSBEnqueueInternalCmd(
949 IN PRTMP_ADAPTER pAd,
951 IN PVOID pInformationBuffer,
952 IN UINT32 InformationBufferLength)
955 PCmdQElmt cmdqelmt = NULL;
958 status = RTMPAllocateMemory((PVOID *)&cmdqelmt, sizeof(CmdQElmt));
959 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt == NULL))
960 return (NDIS_STATUS_RESOURCES);
961 NdisZeroMemory(cmdqelmt, sizeof(CmdQElmt));
963 if(InformationBufferLength > 0)
965 status = RTMPAllocateMemory((PVOID *)&cmdqelmt->buffer, InformationBufferLength);
966 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt->buffer == NULL))
968 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
969 return (NDIS_STATUS_RESOURCES);
973 NdisMoveMemory(cmdqelmt->buffer, pInformationBuffer, InformationBufferLength);
974 cmdqelmt->bufferlength = InformationBufferLength;
979 cmdqelmt->buffer = NULL;
980 cmdqelmt->bufferlength = 0;
983 cmdqelmt->command = Oid;
984 cmdqelmt->CmdFromNdis = FALSE;
986 if (cmdqelmt != NULL)
988 NdisAcquireSpinLock(&pAd->CmdQLock);
989 if (pAd->CmdQ.CmdQState & RT2870_THREAD_CAN_DO_INSERT)
991 EnqueueCmd((&pAd->CmdQ), cmdqelmt);
992 status = NDIS_STATUS_SUCCESS;
996 status = NDIS_STATUS_FAILURE;
998 NdisReleaseSpinLock(&pAd->CmdQLock);
1000 if (status == NDIS_STATUS_FAILURE)
1002 if (cmdqelmt->buffer)
1003 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1004 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1009 return(NDIS_STATUS_SUCCESS);
1013 ========================================================================
1015 Routine Description:
1025 ========================================================================
1027 VOID RTUSBDequeueCmd(
1029 OUT PCmdQElmt *pcmdqelmt)
1031 *pcmdqelmt = cmdq->head;
1033 if (*pcmdqelmt != NULL)
1035 cmdq->head = cmdq->head->next;
1037 if (cmdq->size == 0)
1043 ========================================================================
1044 usb_control_msg - Builds a control urb, sends it off and waits for completion
1045 @dev: pointer to the usb device to send the message to
1046 @pipe: endpoint "pipe" to send the message to
1047 @request: USB message request value
1048 @requesttype: USB message request type value
1049 @value: USB message value
1050 @index: USB message index value
1051 @data: pointer to the data to send
1052 @size: length in bytes of the data to send
1053 @timeout: time in jiffies to wait for the message to complete before
1054 timing out (if 0 the wait is forever)
1055 Context: !in_interrupt ()
1057 This function sends a simple control message to a specified endpoint
1058 and waits for the message to complete, or timeout.
1059 If successful, it returns the number of bytes transferred, otherwise a negative error number.
1061 Don't use this function from within an interrupt context, like a
1062 bottom half handler. If you need an asynchronous message, or need to send
1063 a message from within interrupt context, use usb_submit_urb()
1064 If a thread in your driver uses this call, make sure your disconnect()
1065 method can wait for it to complete. Since you don't have a handle on
1066 the URB used, you can't cancel the request.
1069 Routine Description:
1077 ========================================================================
1079 NTSTATUS RTUSB_VendorRequest(
1080 IN PRTMP_ADAPTER pAd,
1081 IN UINT32 TransferFlags,
1082 IN UCHAR RequestType,
1086 IN PVOID TransferBuffer,
1087 IN UINT32 TransferBufferLength)
1090 POS_COOKIE pObj = (POS_COOKIE) pAd->OS_Cookie;
1092 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST))
1094 DBGPRINT(RT_DEBUG_ERROR, ("device disconnected\n"));
1097 else if (in_interrupt())
1099 DBGPRINT(RT_DEBUG_ERROR, ("in_interrupt, RTUSB_VendorRequest Request%02x Value%04x Offset%04x\n",Request,Value,Index));
1105 #define MAX_RETRY_COUNT 10
1108 void *tmpBuf = TransferBuffer;
1110 // Acquire Control token
1111 #ifdef INF_AMAZON_SE
1112 ret = down_interruptible(&(pAd->UsbVendorReq_semaphore));
1113 if (pAd->UsbVendorReqBuf)
1115 ASSERT(TransferBufferLength <MAX_PARAM_BUFFER_SIZE);
1117 tmpBuf = (void *)pAd->UsbVendorReqBuf;
1118 NdisZeroMemory(pAd->UsbVendorReqBuf, TransferBufferLength);
1120 if (RequestType == DEVICE_VENDOR_REQUEST_OUT)
1121 NdisMoveMemory(tmpBuf, TransferBuffer, TransferBufferLength);
1123 #endif // INF_AMAZON_SE //
1125 if( RequestType == DEVICE_VENDOR_REQUEST_OUT)
1126 ret=usb_control_msg(pObj->pUsb_Dev, usb_sndctrlpipe( pObj->pUsb_Dev, 0 ), Request, RequestType, Value,Index, tmpBuf, TransferBufferLength, CONTROL_TIMEOUT_JIFFIES);
1127 else if(RequestType == DEVICE_VENDOR_REQUEST_IN)
1128 ret=usb_control_msg(pObj->pUsb_Dev, usb_rcvctrlpipe( pObj->pUsb_Dev, 0 ), Request, RequestType, Value,Index, tmpBuf, TransferBufferLength, CONTROL_TIMEOUT_JIFFIES);
1131 DBGPRINT(RT_DEBUG_ERROR, ("vendor request direction is failed\n"));
1138 RTMPusecDelay(5000);
1140 } while((ret < 0) && (retryCount < MAX_RETRY_COUNT));
1142 #ifdef INF_AMAZON_SE
1143 if ((pAd->UsbVendorReqBuf) && (RequestType == DEVICE_VENDOR_REQUEST_IN))
1144 NdisMoveMemory(TransferBuffer, tmpBuf, TransferBufferLength);
1145 up(&(pAd->UsbVendorReq_semaphore));
1146 #endif // INF_AMAZON_SE //
1149 // DBGPRINT(RT_DEBUG_ERROR, ("USBVendorRequest failed ret=%d \n",ret));
1150 DBGPRINT(RT_DEBUG_ERROR, ("RTUSB_VendorRequest failed(%d),TxFlags=0x%x, ReqType=%s, Req=0x%x, Index=0x%x\n",
1151 ret, TransferFlags, (RequestType == DEVICE_VENDOR_REQUEST_OUT ? "OUT" : "IN"), Request, Index));
1153 DBGPRINT(RT_DEBUG_ERROR, ("\tRequest Value=0x%04x!\n", Value));
1155 if ((TransferBuffer!= NULL) && (TransferBufferLength > 0))
1156 hex_dump("Failed TransferBuffer value", TransferBuffer, TransferBufferLength);
1163 ========================================================================
1165 Routine Description:
1166 Creates an IRP to submite an IOCTL_INTERNAL_USB_RESET_PORT
1167 synchronously. Callers of this function must be running at
1176 ========================================================================
1178 NTSTATUS RTUSB_ResetDevice(
1179 IN PRTMP_ADAPTER pAd)
1181 NTSTATUS Status = TRUE;
1183 DBGPRINT_RAW(RT_DEBUG_TRACE, ("--->USB_ResetDevice\n"));
1184 //RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_RESET_IN_PROGRESS);
1189 IN PRTMP_ADAPTER pAd)
1193 NDIS_STATUS NdisStatus = NDIS_STATUS_SUCCESS;
1196 // unsigned long IrqFlags;
1198 while (pAd->CmdQ.size > 0)
1200 NdisStatus = NDIS_STATUS_SUCCESS;
1202 NdisAcquireSpinLock(&pAd->CmdQLock);
1203 RTUSBDequeueCmd(&pAd->CmdQ, &cmdqelmt);
1204 NdisReleaseSpinLock(&pAd->CmdQLock);
1206 if (cmdqelmt == NULL)
1209 pData = cmdqelmt->buffer;
1211 if(!(RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST) || RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)))
1213 switch (cmdqelmt->command)
1215 case CMDTHREAD_CHECK_GPIO:
1217 #ifdef CONFIG_STA_SUPPORT
1219 #endif // CONFIG_STA_SUPPORT //
1223 DBGPRINT(RT_DEBUG_TRACE, ("The driver is in ATE mode now\n"));
1226 #endif // RALINK_ATE //
1228 #ifdef CONFIG_STA_SUPPORT
1231 IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
1233 // Read GPIO pin2 as Hardware controlled radio state
1235 RTUSBReadMACRegister( pAd, GPIO_CTRL_CFG, &data);
1239 pAd->StaCfg.bHwRadio = TRUE;
1243 pAd->StaCfg.bHwRadio = FALSE;
1246 if(pAd->StaCfg.bRadio != (pAd->StaCfg.bHwRadio && pAd->StaCfg.bSwRadio))
1248 pAd->StaCfg.bRadio = (pAd->StaCfg.bHwRadio && pAd->StaCfg.bSwRadio);
1249 if(pAd->StaCfg.bRadio == TRUE)
1251 DBGPRINT_RAW(RT_DEBUG_ERROR, ("!!! Radio On !!!\n"));
1254 // Update extra information
1255 pAd->ExtraInfo = EXTRA_INFO_CLEAR;
1259 DBGPRINT_RAW(RT_DEBUG_ERROR, ("!!! Radio Off !!!\n"));
1262 // Update extra information
1263 pAd->ExtraInfo = HW_RADIO_OFF;
1267 #endif // CONFIG_STA_SUPPORT //
1271 #ifdef CONFIG_STA_SUPPORT
1272 case CMDTHREAD_QKERIODIC_EXECUT:
1274 StaQuickResponeForRateUpExec(NULL, pAd, NULL, NULL);
1277 #endif // CONFIG_STA_SUPPORT //
1279 case CMDTHREAD_RESET_BULK_OUT:
1284 PHT_TX_CONTEXT pHTTXContext;
1285 // RTMP_TX_RING *pTxRing;
1286 unsigned long IrqFlags;
1288 PTX_CONTEXT pNullContext = &(pAd->NullContext);
1289 #endif // RALINK_ATE //
1290 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_OUT(ResetPipeid=0x%0x)===>\n", pAd->bulkResetPipeid));
1291 // All transfers must be aborted or cancelled before attempting to reset the pipe.
1292 //RTUSBCancelPendingBulkOutIRP(pAd);
1293 // Wait 10ms to let previous packet that are already in HW FIFO to clear. by MAXLEE 12-25-2007
1297 RTUSBReadMACRegister(pAd, TXRXQ_PCNT, &MACValue);
1298 if ((MACValue & 0xf00000/*0x800000*/) == 0)
1301 RTMPusecDelay(10000);
1302 }while(Index < 100);
1304 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1305 // To prevent Read Register error, we 2nd check the validity.
1306 if ((MACValue & 0xc00000) == 0)
1307 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1308 // To prevent Read Register error, we 3rd check the validity.
1309 if ((MACValue & 0xc00000) == 0)
1310 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1311 MACValue |= 0x80000;
1312 RTUSBWriteMACRegister(pAd, USB_DMA_CFG, MACValue);
1314 // Wait 1ms to prevent next URB to bulkout before HW reset. by MAXLEE 12-25-2007
1315 RTMPusecDelay(1000);
1317 MACValue &= (~0x80000);
1318 RTUSBWriteMACRegister(pAd, USB_DMA_CFG, MACValue);
1319 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tSet 0x2a0 bit19. Clear USB DMA TX path\n"));
1321 // Wait 5ms to prevent next URB to bulkout before HW reset. by MAXLEE 12-25-2007
1322 //RTMPusecDelay(5000);
1324 if ((pAd->bulkResetPipeid & BULKOUT_MGMT_RESET_FLAG) == BULKOUT_MGMT_RESET_FLAG)
1326 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1327 if (pAd->MgmtRing.TxSwFreeIdx < MGMT_RING_SIZE /* pMLMEContext->bWaitingBulkOut == TRUE */)
1329 RTUSB_SET_BULK_FLAG(pAd, fRTUSB_BULK_OUT_MLME);
1331 RTUSBKickBulkOut(pAd);
1333 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tTX MGMT RECOVER Done!\n"));
1337 pHTTXContext = &(pAd->TxContext[pAd->bulkResetPipeid]);
1338 //NdisAcquireSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1339 RTMP_INT_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1340 if ( pAd->BulkOutPending[pAd->bulkResetPipeid] == FALSE)
1342 pAd->BulkOutPending[pAd->bulkResetPipeid] = TRUE;
1343 pHTTXContext->IRPPending = TRUE;
1344 pAd->watchDogTxPendingCnt[pAd->bulkResetPipeid] = 1;
1346 // no matter what, clean the flag
1347 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1349 //NdisReleaseSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1350 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1351 /*-----------------------------------------------------------------------------------------------*/
1355 pNullContext->IRPPending = TRUE;
1357 // If driver is still in ATE TXFRAME mode,
1358 // keep on transmitting ATE frames.
1360 DBGPRINT_RAW(RT_DEBUG_TRACE, ("pAd->ate.Mode == %d\npAd->ContinBulkOut == %d\npAd->BulkOutRemained == %d\n", pAd->ate.Mode, pAd->ContinBulkOut, atomic_read(&pAd->BulkOutRemained)));
1361 if((pAd->ate.Mode == ATE_TXFRAME) && ((pAd->ContinBulkOut == TRUE) || (atomic_read(&pAd->BulkOutRemained) > 0)))
1363 DBGPRINT_RAW(RT_DEBUG_TRACE, ("After CMDTHREAD_RESET_BULK_OUT, continue to bulk out frames !\n"));
1365 // Init Tx context descriptor
1366 RTUSBInitTxDesc(pAd, pNullContext, 0/* pAd->bulkResetPipeid */, (usb_complete_t)ATE_RTUSBBulkOutDataPacketComplete);
1368 if((ret = RTUSB_SUBMIT_URB(pNullContext->pUrb))!=0)
1370 DBGPRINT(RT_DEBUG_ERROR, ("ATE_RTUSBBulkOutDataPacket: Submit Tx URB failed %d\n", ret));
1377 #endif // RALINK_ATE //
1378 /*-----------------------------------------------------------------------------------------------*/
1380 RTUSBInitHTTxDesc(pAd, pHTTXContext, pAd->bulkResetPipeid, pHTTXContext->BulkOutSize, (usb_complete_t)RTUSBBulkOutDataPacketComplete);
1382 if((ret = RTUSB_SUBMIT_URB(pHTTXContext->pUrb))!=0)
1384 RTMP_INT_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1385 pAd->BulkOutPending[pAd->bulkResetPipeid] = FALSE;
1386 pHTTXContext->IRPPending = FALSE;
1387 pAd->watchDogTxPendingCnt[pAd->bulkResetPipeid] = 0;
1388 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1390 DBGPRINT(RT_DEBUG_ERROR, ("CmdThread : CMDTHREAD_RESET_BULK_OUT: Submit Tx URB failed %d\n", ret));
1394 RTMP_IRQ_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1395 DBGPRINT_RAW(RT_DEBUG_TRACE,("\tCMDTHREAD_RESET_BULK_OUT: TxContext[%d]:CWPos=%ld, NBPos=%ld, ENBPos=%ld, bCopy=%d, pending=%d!\n",
1396 pAd->bulkResetPipeid, pHTTXContext->CurWritePosition, pHTTXContext->NextBulkOutPosition,
1397 pHTTXContext->ENextBulkOutPosition, pHTTXContext->bCopySavePad, pAd->BulkOutPending[pAd->bulkResetPipeid]));
1398 DBGPRINT_RAW(RT_DEBUG_TRACE,("\t\tBulkOut Req=0x%lx, Complete=0x%lx, Other=0x%lx\n",
1399 pAd->BulkOutReq, pAd->BulkOutComplete, pAd->BulkOutCompleteOther));
1400 RTMP_IRQ_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1401 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tCMDTHREAD_RESET_BULK_OUT: Submit Tx DATA URB for failed BulkReq(0x%lx) Done, status=%d!\n", pAd->bulkResetReq[pAd->bulkResetPipeid], pHTTXContext->pUrb->status));
1408 //NdisReleaseSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1409 //RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1411 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CmdThread : TX DATA RECOVER FAIL for BulkReq(0x%lx) because BulkOutPending[%d] is TRUE!\n", pAd->bulkResetReq[pAd->bulkResetPipeid], pAd->bulkResetPipeid));
1412 if (pAd->bulkResetPipeid == 0)
1414 UCHAR pendingContext = 0;
1415 PHT_TX_CONTEXT pHTTXContext = (PHT_TX_CONTEXT)(&pAd->TxContext[pAd->bulkResetPipeid ]);
1416 PTX_CONTEXT pMLMEContext = (PTX_CONTEXT)(pAd->MgmtRing.Cell[pAd->MgmtRing.TxDmaIdx].AllocVa);
1417 PTX_CONTEXT pNULLContext = (PTX_CONTEXT)(&pAd->PsPollContext);
1418 PTX_CONTEXT pPsPollContext = (PTX_CONTEXT)(&pAd->NullContext);
1420 if (pHTTXContext->IRPPending)
1421 pendingContext |= 1;
1422 else if (pMLMEContext->IRPPending)
1423 pendingContext |= 2;
1424 else if (pNULLContext->IRPPending)
1425 pendingContext |= 4;
1426 else if (pPsPollContext->IRPPending)
1427 pendingContext |= 8;
1431 DBGPRINT_RAW(RT_DEBUG_ERROR, ("\tTX Occupied by %d!\n", pendingContext));
1434 // no matter what, clean the flag
1435 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1437 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1439 RTUSB_SET_BULK_FLAG(pAd, (fRTUSB_BULK_OUT_DATA_NORMAL << pAd->bulkResetPipeid));
1442 RTMPDeQueuePacket(pAd, FALSE, NUM_OF_TX_RING, MAX_TX_PROCESS);
1443 //RTUSBKickBulkOut(pAd);
1448 // Don't cancel BULKIN.
1449 while ((atomic_read(&pAd->PendingRx) > 0) &&
1450 (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1452 if (atomic_read(&pAd->PendingRx) > 0)
1454 DBGPRINT_RAW(RT_DEBUG_ERROR, ("BulkIn IRP Pending!!cancel it!\n"));
1455 RTUSBCancelPendingBulkInIRP(pAd);
1457 RTMPusecDelay(100000);
1460 if ((atomic_read(&pAd->PendingRx) == 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)))
1464 pAd->NextRxBulkInReadIndex = 0; // Next Rx Read index
1465 pAd->NextRxBulkInIndex = 0; // Rx Bulk pointer
1466 for (i = 0; i < (RX_RING_SIZE); i++)
1468 PRX_CONTEXT pRxContext = &(pAd->RxContext[i]);
1470 pRxContext->pAd = pAd;
1471 pRxContext->InUse = FALSE;
1472 pRxContext->IRPPending = FALSE;
1473 pRxContext->Readable = FALSE;
1474 pRxContext->ReorderInUse = FALSE;
1477 RTUSBBulkReceive(pAd);
1478 DBGPRINT_RAW(RT_DEBUG_ERROR, ("RTUSBBulkReceive\n"));
1480 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_OUT<===\n"));
1483 case CMDTHREAD_RESET_BULK_IN:
1484 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_IN === >\n"));
1486 // All transfers must be aborted or cancelled before attempting to reset the pipe.
1489 /*-----------------------------------------------------------------------------------------------*/
1493 if((pAd->PendingRx > 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1495 DBGPRINT_RAW(RT_DEBUG_ERROR, ("ATE : BulkIn IRP Pending!!!\n"));
1496 ATE_RTUSBCancelPendingBulkInIRP(pAd);
1497 RTMPusecDelay(100000);
1502 #endif // RALINK_ATE //
1503 /*-----------------------------------------------------------------------------------------------*/
1505 //while ((atomic_read(&pAd->PendingRx) > 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1506 if((pAd->PendingRx > 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1508 DBGPRINT_RAW(RT_DEBUG_ERROR, ("BulkIn IRP Pending!!!\n"));
1509 RTUSBCancelPendingBulkInIRP(pAd);
1510 RTMPusecDelay(100000);
1515 // Wait 10ms before reading register.
1516 RTMPusecDelay(10000);
1517 ntStatus = RTUSBReadMACRegister(pAd, MAC_CSR0, &MACValue);
1519 if ((NT_SUCCESS(ntStatus) == TRUE) &&
1520 (!(RTMP_TEST_FLAG(pAd, (fRTMP_ADAPTER_RESET_IN_PROGRESS | fRTMP_ADAPTER_RADIO_OFF |
1521 fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)))))
1525 if (RTMP_TEST_FLAG(pAd, (fRTMP_ADAPTER_RESET_IN_PROGRESS | fRTMP_ADAPTER_RADIO_OFF |
1526 fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)))
1528 pAd->NextRxBulkInPosition = pAd->RxContext[pAd->NextRxBulkInIndex].BulkInOffset;
1529 DBGPRINT(RT_DEBUG_TRACE, ("BULK_IN_RESET: NBIIdx=0x%x,NBIRIdx=0x%x, BIRPos=0x%lx. BIReq=x%lx, BIComplete=0x%lx, BICFail0x%lx\n",
1530 pAd->NextRxBulkInIndex, pAd->NextRxBulkInReadIndex, pAd->NextRxBulkInPosition, pAd->BulkInReq, pAd->BulkInComplete, pAd->BulkInCompleteFail));
1531 for (i = 0; i < RX_RING_SIZE; i++)
1533 DBGPRINT(RT_DEBUG_TRACE, ("\tRxContext[%d]: IRPPending=%d, InUse=%d, Readable=%d!\n"
1534 , i, pAd->RxContext[i].IRPPending, pAd->RxContext[i].InUse, pAd->RxContext[i].Readable));
1538 DBGPRINT_RAW(RT_DEBUG_ERROR, ("==========================================\n"));
1540 pAd->NextRxBulkInReadIndex = 0; // Next Rx Read index
1541 pAd->NextRxBulkInIndex = 0; // Rx Bulk pointer
1542 for (i = 0; i < (RX_RING_SIZE); i++)
1544 PRX_CONTEXT pRxContext = &(pAd->RxContext[i]);
1546 pRxContext->pAd = pAd;
1547 pRxContext->InUse = FALSE;
1548 pRxContext->IRPPending = FALSE;
1549 pRxContext->Readable = FALSE;
1550 pRxContext->ReorderInUse = FALSE;
1553 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKIN_RESET);
1554 for (i = 0; i < pAd->CommonCfg.NumOfBulkInIRP; i++)
1556 //RTUSBBulkReceive(pAd);
1557 PRX_CONTEXT pRxContext;
1560 unsigned long IrqFlags;
1563 RTMP_IRQ_LOCK(&pAd->BulkInLock, IrqFlags);
1564 pRxContext = &(pAd->RxContext[pAd->NextRxBulkInIndex]);
1565 if ((pAd->PendingRx > 0) || (pRxContext->Readable == TRUE) || (pRxContext->InUse == TRUE))
1567 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1570 pRxContext->InUse = TRUE;
1571 pRxContext->IRPPending = TRUE;
1574 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1576 // Init Rx context descriptor
1577 RTUSBInitRxDesc(pAd, pRxContext);
1578 pUrb = pRxContext->pUrb;
1579 if ((ret = RTUSB_SUBMIT_URB(pUrb))!=0)
1582 RTMP_IRQ_LOCK(&pAd->BulkInLock, IrqFlags);
1583 pRxContext->InUse = FALSE;
1584 pRxContext->IRPPending = FALSE;
1587 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1588 DBGPRINT(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Submit Rx URB failed(%d), status=%d\n", ret, pUrb->status));
1592 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CMDTHREAD_RESET_BULK_IN: Submit Rx URB Done, status=%d!\n", pUrb->status));
1593 ASSERT((pRxContext->InUse == pRxContext->IRPPending));
1600 // Card must be removed
1601 if (NT_SUCCESS(ntStatus) != TRUE)
1603 RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST);
1604 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Read Register Failed!Card must be removed!!\n\n"));
1608 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Cannot do bulk in because flags(0x%lx) on !\n", pAd->Flags));
1612 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_IN <===\n"));
1615 case CMDTHREAD_SET_ASIC_WCID:
1617 RT_SET_ASIC_WCID SetAsicWcid;
1619 UINT32 MACValue, MACRValue = 0;
1620 SetAsicWcid = *((PRT_SET_ASIC_WCID)(pData));
1622 if (SetAsicWcid.WCID >= MAX_LEN_OF_MAC_TABLE)
1625 offset = MAC_WCID_BASE + ((UCHAR)SetAsicWcid.WCID)*HW_WCID_ENTRY_SIZE;
1627 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_SET_ASIC_WCID : WCID = %ld, SetTid = %lx, DeleteTid = %lx.\n", SetAsicWcid.WCID, SetAsicWcid.SetTid, SetAsicWcid.DeleteTid));
1628 MACValue = (pAd->MacTab.Content[SetAsicWcid.WCID].Addr[3]<<24)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[2]<<16)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[1]<<8)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[0]);
1629 DBGPRINT_RAW(RT_DEBUG_TRACE, ("1-MACValue= %x,\n", MACValue));
1630 RTUSBWriteMACRegister(pAd, offset, MACValue);
1632 RTUSBReadMACRegister(pAd, offset+4, &MACRValue);
1633 if ( SetAsicWcid.DeleteTid != 0xffffffff)
1634 MACRValue &= (~SetAsicWcid.DeleteTid);
1635 if (SetAsicWcid.SetTid != 0xffffffff)
1636 MACRValue |= (SetAsicWcid.SetTid);
1637 MACRValue &= 0xffff0000;
1639 MACValue = (pAd->MacTab.Content[SetAsicWcid.WCID].Addr[5]<<8)+pAd->MacTab.Content[SetAsicWcid.WCID].Addr[4];
1640 MACValue |= MACRValue;
1641 RTUSBWriteMACRegister(pAd, offset+4, MACValue);
1643 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-MACValue= %x,\n", MACValue));
1647 case CMDTHREAD_SET_ASIC_WCID_CIPHER:
1649 #ifdef CONFIG_STA_SUPPORT
1650 RT_SET_ASIC_WCID_ATTRI SetAsicWcidAttri;
1652 UINT32 MACRValue = 0;
1653 SHAREDKEY_MODE_STRUC csr1;
1654 SetAsicWcidAttri = *((PRT_SET_ASIC_WCID_ATTRI)(pData));
1656 if (SetAsicWcidAttri.WCID >= MAX_LEN_OF_MAC_TABLE)
1659 offset = MAC_WCID_ATTRIBUTE_BASE + ((UCHAR)SetAsicWcidAttri.WCID)*HW_WCID_ATTRI_SIZE;
1661 DBGPRINT_RAW(RT_DEBUG_TRACE, ("Cmd : CMDTHREAD_SET_ASIC_WCID_CIPHER : WCID = %ld, Cipher = %lx.\n", SetAsicWcidAttri.WCID, SetAsicWcidAttri.Cipher));
1663 RTUSBReadMACRegister(pAd, offset, &MACRValue);
1665 MACRValue |= (((UCHAR)SetAsicWcidAttri.Cipher) << 1);
1667 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1668 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-offset = %x , MACValue= %x,\n", offset, MACRValue));
1670 offset = PAIRWISE_IVEIV_TABLE_BASE + ((UCHAR)SetAsicWcidAttri.WCID)*HW_IVEIV_ENTRY_SIZE;
1672 if ( (SetAsicWcidAttri.Cipher <= CIPHER_WEP128))
1673 MACRValue |= ( pAd->StaCfg.DefaultKeyId << 30);
1675 MACRValue |= (0x20000000);
1676 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1677 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-offset = %x , MACValue= %x,\n", offset, MACRValue));
1680 // Update cipher algorithm. WSTA always use BSS0
1682 // for adhoc mode only ,because wep status slow than add key, when use zero config
1683 if (pAd->StaCfg.BssType == BSS_ADHOC )
1685 offset = MAC_WCID_ATTRIBUTE_BASE;
1687 RTUSBReadMACRegister(pAd, offset, &MACRValue);
1688 MACRValue &= (~0xe);
1689 MACRValue |= (((UCHAR)SetAsicWcidAttri.Cipher) << 1);
1691 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1693 //Update group key cipher,,because wep status slow than add key, when use zero config
1694 RTUSBReadMACRegister(pAd, SHARED_KEY_MODE_BASE+4*(0/2), &csr1.word);
1696 csr1.field.Bss0Key0CipherAlg = SetAsicWcidAttri.Cipher;
1697 csr1.field.Bss0Key1CipherAlg = SetAsicWcidAttri.Cipher;
1699 RTUSBWriteMACRegister(pAd, SHARED_KEY_MODE_BASE+4*(0/2), csr1.word);
1701 #endif // CONFIG_STA_SUPPORT //
1705 //Benson modified for USB interface, avoid in interrupt when write key, 20080724 -->
1706 case RT_CMD_SET_KEY_TABLE: //General call for AsicAddPairwiseKeyEntry()
1708 RT_ADD_PAIRWISE_KEY_ENTRY KeyInfo;
1709 KeyInfo = *((PRT_ADD_PAIRWISE_KEY_ENTRY)(pData));
1710 AsicAddPairwiseKeyEntry(pAd,
1712 (UCHAR)KeyInfo.MacTabMatchWCID,
1713 &KeyInfo.CipherKey);
1716 case RT_CMD_SET_RX_WCID_TABLE: //General call for RTMPAddWcidAttributeEntry()
1718 PMAC_TABLE_ENTRY pEntry;
1723 pEntry = (PMAC_TABLE_ENTRY)(pData);
1725 #ifdef CONFIG_STA_SUPPORT
1726 #ifdef QOS_DLS_SUPPORT
1728 CipherAlg = pEntry->PairwiseKey.CipherAlg;
1730 #endif // QOS_DLS_SUPPORT //
1731 #endif // CONFIG_STA_SUPPORT //
1734 RTMPAddWcidAttributeEntry(
1742 //Benson modified for USB interface, avoid in interrupt when write key, 20080724 <--
1744 case CMDTHREAD_SET_CLIENT_MAC_ENTRY:
1746 MAC_TABLE_ENTRY *pEntry;
1747 pEntry = (MAC_TABLE_ENTRY *)pData;
1750 #ifdef CONFIG_STA_SUPPORT
1751 IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
1753 AsicRemovePairwiseKeyEntry(pAd, pEntry->apidx, (UCHAR)pEntry->Aid);
1754 if ((pEntry->AuthMode <= Ndis802_11AuthModeAutoSwitch) && (pEntry->WepStatus == Ndis802_11Encryption1Enabled))
1759 ptr = (PUCHAR) &uIV;
1760 *(ptr + 3) = (pAd->StaCfg.DefaultKeyId << 6);
1761 AsicUpdateWCIDIVEIV(pAd, pEntry->Aid, uIV, 0);
1762 AsicUpdateWCIDAttribute(pAd, pEntry->Aid, BSS0, pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, FALSE);
1764 else if (pEntry->AuthMode == Ndis802_11AuthModeWPANone)
1769 ptr = (PUCHAR) &uIV;
1770 *(ptr + 3) = (pAd->StaCfg.DefaultKeyId << 6);
1771 AsicUpdateWCIDIVEIV(pAd, pEntry->Aid, uIV, 0);
1772 AsicUpdateWCIDAttribute(pAd, pEntry->Aid, BSS0, pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, FALSE);
1777 // Other case, disable engine.
1778 // Don't worry WPA key, we will add WPA Key after 4-Way handshaking.
1781 offset = MAC_WCID_ATTRIBUTE_BASE + (pEntry->Aid * HW_WCID_ATTRI_SIZE);
1782 // RX_PKEY_MODE:0 for no security; RX_KEY_TAB:0 for shared key table; BSS_IDX:0
1783 RTUSBWriteMACRegister(pAd, offset, 0);
1786 #endif // CONFIG_STA_SUPPORT //
1788 AsicUpdateRxWCIDTable(pAd, pEntry->Aid, pEntry->Addr);
1789 printk("UpdateRxWCIDTable(): Aid=%d, Addr=%02x:%02x:%02x:%02x:%02x:%02x!\n", pEntry->Aid,
1790 pEntry->Addr[0], pEntry->Addr[1], pEntry->Addr[2], pEntry->Addr[3], pEntry->Addr[4], pEntry->Addr[5]);
1794 // add by johnli, fix "in_interrupt" error when call "MacTableDeleteEntry" in Rx tasklet
1795 case CMDTHREAD_UPDATE_PROTECT:
1797 AsicUpdateProtect(pAd, 0, (ALLN_SETPROTECT), TRUE, 0);
1802 case OID_802_11_ADD_WEP:
1804 #ifdef CONFIG_STA_SUPPORT
1807 PNDIS_802_11_WEP pWepKey;
1809 DBGPRINT(RT_DEBUG_TRACE, ("CmdThread::OID_802_11_ADD_WEP \n"));
1811 pWepKey = (PNDIS_802_11_WEP)pData;
1812 KeyIdx = pWepKey->KeyIndex & 0x0fffffff;
1814 // it is a shared key
1815 if ((KeyIdx >= 4) || ((pWepKey->KeyLength != 5) && (pWepKey->KeyLength != 13)))
1817 NdisStatus = NDIS_STATUS_INVALID_DATA;
1818 DBGPRINT(RT_DEBUG_ERROR, ("CmdThread::OID_802_11_ADD_WEP, INVALID_DATA!!\n"));
1823 pAd->SharedKey[BSS0][KeyIdx].KeyLen = (UCHAR) pWepKey->KeyLength;
1824 NdisMoveMemory(pAd->SharedKey[BSS0][KeyIdx].Key, &pWepKey->KeyMaterial, pWepKey->KeyLength);
1825 CipherAlg = (pAd->SharedKey[BSS0][KeyIdx].KeyLen == 5)? CIPHER_WEP64 : CIPHER_WEP128;
1828 // Change the WEP cipher to CKIP cipher if CKIP KP on.
1829 // Funk UI or Meetinghouse UI will add ckip key from this path.
1832 if (pAd->OpMode == OPMODE_STA)
1834 pAd->MacTab.Content[BSSID_WCID].PairwiseKey.CipherAlg = pAd->SharedKey[BSS0][KeyIdx].CipherAlg;
1835 pAd->MacTab.Content[BSSID_WCID].PairwiseKey.KeyLen = pAd->SharedKey[BSS0][KeyIdx].KeyLen;
1837 pAd->SharedKey[BSS0][KeyIdx].CipherAlg = CipherAlg;
1838 if (pWepKey->KeyIndex & 0x80000000)
1840 // Default key for tx (shared key)
1842 UINT32 WCIDAttri, Value;
1843 USHORT offset, offset2;
1844 NdisZeroMemory(IVEIV, 8);
1845 pAd->StaCfg.DefaultKeyId = (UCHAR) KeyIdx;
1846 // Add BSSID to WCTable. because this is Tx wep key.
1847 // WCID Attribute UDF:3, BSSIdx:3, Alg:3, Keytable:1=PAIRWISE KEY, BSSIdx is 0
1848 WCIDAttri = (CipherAlg<<1)|SHAREDKEYTABLE;
1850 offset = MAC_WCID_ATTRIBUTE_BASE + (BSSID_WCID* HW_WCID_ATTRI_SIZE);
1851 RTUSBWriteMACRegister(pAd, offset, WCIDAttri);
1853 // Specify key index to find shared key.
1854 IVEIV[3] = (UCHAR)(KeyIdx<< 6); //WEP Eiv bit off. groupkey index is not 0
1855 offset = PAIRWISE_IVEIV_TABLE_BASE + (BSS0Mcast_WCID * HW_IVEIV_ENTRY_SIZE);
1856 offset2 = PAIRWISE_IVEIV_TABLE_BASE + (BSSID_WCID* HW_IVEIV_ENTRY_SIZE);
1860 Value += (IVEIV[i+1]<<8);
1861 Value += (IVEIV[i+2]<<16);
1862 Value += (IVEIV[i+3]<<24);
1863 RTUSBWriteMACRegister(pAd, offset+i, Value);
1864 RTUSBWriteMACRegister(pAd, offset2+i, Value);
1868 // 2. WCID Attribute UDF:3, BSSIdx:3, Alg:3, Keytable:use share key, BSSIdx is 0
1869 WCIDAttri = (pAd->SharedKey[BSS0][KeyIdx].CipherAlg<<1)|SHAREDKEYTABLE;
1870 offset = MAC_WCID_ATTRIBUTE_BASE + (BSS0Mcast_WCID* HW_WCID_ATTRI_SIZE);
1871 DBGPRINT(RT_DEBUG_TRACE, ("BSS0Mcast_WCID : offset = %x, WCIDAttri = %x\n", offset, WCIDAttri));
1872 RTUSBWriteMACRegister(pAd, offset, WCIDAttri);
1875 AsicAddSharedKeyEntry(pAd, BSS0, (UCHAR)KeyIdx, CipherAlg, pWepKey->KeyMaterial, NULL, NULL);
1876 DBGPRINT(RT_DEBUG_TRACE, ("CmdThread::OID_802_11_ADD_WEP (KeyIdx=%d, Len=%d-byte)\n", KeyIdx, pWepKey->KeyLength));
1878 #endif // CONFIG_STA_SUPPORT //
1882 case CMDTHREAD_802_11_COUNTER_MEASURE:
1886 DBGPRINT(RT_DEBUG_ERROR, ("--> Control Thread !! ERROR !! Unknown(cmdqelmt->command=0x%x) !! \n", cmdqelmt->command));
1891 if (cmdqelmt->CmdFromNdis == TRUE)
1893 if (cmdqelmt->buffer != NULL)
1894 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1896 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1900 if ((cmdqelmt->buffer != NULL) && (cmdqelmt->bufferlength != 0))
1901 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1903 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1906 } /* end of while */