2 *************************************************************************
4 * 5F., No.36, Taiyuan St., Jhubei City,
8 * (c) Copyright 2002-2007, Ralink Technology, Inc.
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
15 * This program is distributed in the hope that it will be useful, *
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
18 * GNU General Public License for more details. *
20 * You should have received a copy of the GNU General Public License *
21 * along with this program; if not, write to the *
22 * Free Software Foundation, Inc., *
23 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 *************************************************************************
34 -------- ---------- ----------------------------------------------
35 Name Date Modification logs
36 Paul Lin 06-25-2004 created
39 #include "../rt_config.h"
43 ========================================================================
45 Routine Description: NIC initialization complete
55 ========================================================================
58 NTSTATUS RTUSBFirmwareRun(
63 Status = RTUSB_VendorRequest(
65 USBD_TRANSFER_DIRECTION_OUT,
66 DEVICE_VENDOR_REQUEST_OUT,
79 ========================================================================
81 Routine Description: Write Firmware to NIC.
91 ========================================================================
93 NTSTATUS RTUSBFirmwareWrite(
103 Status = RTUSBReadMACRegister(pAd, MAC_CSR0, &MacReg);
107 RTUSBMultiWrite(pAd, FIRMWARE_IMAGE_BASE, pFwImage, writeLen);
109 Status = RTUSBWriteMACRegister(pAd, 0x7014, 0xffffffff);
110 Status = RTUSBWriteMACRegister(pAd, 0x701c, 0xffffffff);
111 Status = RTUSBFirmwareRun(pAd);
114 RTMPusecDelay(10000);
115 RTUSBWriteMACRegister(pAd,H2M_MAILBOX_CSR,0);
116 AsicSendCommandToMcu(pAd, 0x72, 0x00, 0x00, 0x00);//reset rf by MCU supported by new firmware
124 ========================================================================
126 Routine Description: Get current firmware operation mode (Return Value)
131 0 or 1 = Downloaded by host driver
132 others = Driver doesn't download firmware
138 ========================================================================
140 NTSTATUS RTUSBFirmwareOpmode(
141 IN PRTMP_ADAPTER pAd,
146 Status = RTUSB_VendorRequest(
148 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
149 DEVICE_VENDOR_REQUEST_IN,
157 NTSTATUS RTUSBVenderReset(
158 IN PRTMP_ADAPTER pAd)
161 DBGPRINT_RAW(RT_DEBUG_ERROR, ("-->RTUSBVenderReset\n"));
162 Status = RTUSB_VendorRequest(
164 USBD_TRANSFER_DIRECTION_OUT,
165 DEVICE_VENDOR_REQUEST_OUT,
172 DBGPRINT_RAW(RT_DEBUG_ERROR, ("<--RTUSBVenderReset\n"));
176 ========================================================================
178 Routine Description: Read various length data from RT2573
188 ========================================================================
190 NTSTATUS RTUSBMultiRead(
191 IN PRTMP_ADAPTER pAd,
198 Status = RTUSB_VendorRequest(
200 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
201 DEVICE_VENDOR_REQUEST_IN,
212 ========================================================================
214 Routine Description: Write various length data to RT2573
224 ========================================================================
226 NTSTATUS RTUSBMultiWrite_OneByte(
227 IN PRTMP_ADAPTER pAd,
233 // TODO: In 2870, use this funciton carefully cause it's not stable.
234 Status = RTUSB_VendorRequest(
236 USBD_TRANSFER_DIRECTION_OUT,
237 DEVICE_VENDOR_REQUEST_OUT,
247 NTSTATUS RTUSBMultiWrite(
248 IN PRTMP_ADAPTER pAd,
256 USHORT index = 0,Value;
264 Value =(USHORT)( *pSrc | (*(pSrc + 1) << 8));
265 Status = RTUSBSingleWrite(pAd,Offset + index,Value);
275 NTSTATUS RTUSBSingleWrite(
276 IN RTMP_ADAPTER *pAd,
282 Status = RTUSB_VendorRequest(
284 USBD_TRANSFER_DIRECTION_OUT,
285 DEVICE_VENDOR_REQUEST_OUT,
298 ========================================================================
300 Routine Description: Read 32-bit MAC register
310 ========================================================================
312 NTSTATUS RTUSBReadMACRegister(
313 IN PRTMP_ADAPTER pAd,
320 Status = RTUSB_VendorRequest(
322 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
323 DEVICE_VENDOR_REQUEST_IN,
330 *pValue = le2cpu32(localVal);
334 *pValue = 0xffffffff;
341 ========================================================================
343 Routine Description: Write 32-bit MAC register
353 ========================================================================
355 NTSTATUS RTUSBWriteMACRegister(
356 IN PRTMP_ADAPTER pAd,
365 Status = RTUSBSingleWrite(pAd, Offset, (USHORT)(localVal & 0xffff));
366 Status = RTUSBSingleWrite(pAd, Offset + 2, (USHORT)((localVal & 0xffff0000) >> 16));
375 ========================================================================
377 Routine Description: Read 8-bit BBP register
387 ========================================================================
389 NTSTATUS RTUSBReadBBPRegister(
390 IN PRTMP_ADAPTER pAd,
394 BBP_CSR_CFG_STRUC BbpCsr;
398 // Verify the busy condition
401 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
404 if (!(BbpCsr.field.Busy == BUSY))
407 printk("RTUSBReadBBPRegister(BBP_CSR_CFG_1):retry count=%d!\n", i);
410 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
412 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
415 // Read failed then Return Default value.
417 *pValue = pAd->BbpWriteLatch[Id];
419 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
420 return STATUS_UNSUCCESSFUL;
423 // Prepare for write material
425 BbpCsr.field.fRead = 1;
426 BbpCsr.field.Busy = 1;
427 BbpCsr.field.RegNum = Id;
428 RTUSBWriteMACRegister(pAd, BBP_CSR_CFG, BbpCsr.word);
431 // Verify the busy condition
434 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
437 if (!(BbpCsr.field.Busy == BUSY))
439 *pValue = (UCHAR)BbpCsr.field.Value;
443 printk("RTUSBReadBBPRegister(BBP_CSR_CFG_2):retry count=%d!\n", i);
446 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
448 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
451 // Read failed then Return Default value.
453 *pValue = pAd->BbpWriteLatch[Id];
455 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
456 return STATUS_UNSUCCESSFUL;
459 return STATUS_SUCCESS;
463 ========================================================================
465 Routine Description: Read 8-bit BBP register via firmware
475 ========================================================================
477 NTSTATUS RTUSBReadBBPRegister(
478 IN PRTMP_ADAPTER pAd,
482 BBP_CSR_CFG_STRUC BbpCsr;
484 for (i=0; i<MAX_BUSY_COUNT; i++)
486 RTUSBReadMACRegister(pAd, H2M_BBP_AGENT, &BbpCsr.word);
487 if (BbpCsr.field.Busy == BUSY)
492 BbpCsr.field.fRead = 1;
493 BbpCsr.field.BBP_RW_MODE = 1;
494 BbpCsr.field.Busy = 1;
495 BbpCsr.field.RegNum = Id;
496 RTUSBWriteMACRegister(pAd, H2M_BBP_AGENT, BbpCsr.word);
497 AsicSendCommandToMcu(pAd, 0x80, 0xff, 0x0, 0x0);
498 for (k=0; k<MAX_BUSY_COUNT; k++)
500 RTUSBReadMACRegister(pAd, H2M_BBP_AGENT, &BbpCsr.word);
501 if (BbpCsr.field.Busy == IDLE)
504 if ((BbpCsr.field.Busy == IDLE) &&
505 (BbpCsr.field.RegNum == Id))
507 *pValue = (UCHAR)BbpCsr.field.Value;
511 if (BbpCsr.field.Busy == BUSY)
513 DBGPRINT_ERR(("BBP read R%d=0x%x fail\n", Id, BbpCsr.word));
514 *pValue = pAd->BbpWriteLatch[Id];
515 return STATUS_UNSUCCESSFUL;
517 return STATUS_SUCCESS;
523 ========================================================================
525 Routine Description: Write 8-bit BBP register
535 ========================================================================
537 NTSTATUS RTUSBWriteBBPRegister(
538 IN PRTMP_ADAPTER pAd,
542 BBP_CSR_CFG_STRUC BbpCsr;
545 // Verify the busy condition
548 status = RTUSBReadMACRegister(pAd, BBP_CSR_CFG, &BbpCsr.word);
551 if (!(BbpCsr.field.Busy == BUSY))
554 printk("RTUSBWriteBBPRegister(BBP_CSR_CFG):retry count=%d!\n", i);
557 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
559 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
561 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
562 return STATUS_UNSUCCESSFUL;
565 // Prepare for write material
567 BbpCsr.field.fRead = 0;
568 BbpCsr.field.Value = Value;
569 BbpCsr.field.Busy = 1;
570 BbpCsr.field.RegNum = Id;
571 RTUSBWriteMACRegister(pAd, BBP_CSR_CFG, BbpCsr.word);
573 pAd->BbpWriteLatch[Id] = Value;
575 return STATUS_SUCCESS;
579 ========================================================================
581 Routine Description: Write 8-bit BBP register via firmware
591 ========================================================================
594 NTSTATUS RTUSBWriteBBPRegister(
595 IN PRTMP_ADAPTER pAd,
600 BBP_CSR_CFG_STRUC BbpCsr;
602 for (BusyCnt=0; BusyCnt<MAX_BUSY_COUNT; BusyCnt++)
604 RTMP_IO_READ32(pAd, H2M_BBP_AGENT, &BbpCsr.word);
605 if (BbpCsr.field.Busy == BUSY)
608 BbpCsr.field.fRead = 0;
609 BbpCsr.field.BBP_RW_MODE = 1;
610 BbpCsr.field.Busy = 1;
611 BbpCsr.field.Value = Value;
612 BbpCsr.field.RegNum = Id;
613 RTMP_IO_WRITE32(pAd, H2M_BBP_AGENT, BbpCsr.word);
614 AsicSendCommandToMcu(pAd, 0x80, 0xff, 0x0, 0x0);
615 pAd->BbpWriteLatch[Id] = Value;
618 if (BusyCnt == MAX_BUSY_COUNT)
620 DBGPRINT_ERR(("BBP write R%d=0x%x fail\n", Id, BbpCsr.word));
621 return STATUS_UNSUCCESSFUL;
623 return STATUS_SUCCESS;
627 ========================================================================
629 Routine Description: Write RF register through MAC
639 ========================================================================
641 NTSTATUS RTUSBWriteRFRegister(
642 IN PRTMP_ADAPTER pAd,
645 PHY_CSR4_STRUC PhyCsr4;
649 NdisZeroMemory(&PhyCsr4, sizeof(PHY_CSR4_STRUC));
652 status = RTUSBReadMACRegister(pAd, RF_CSR_CFG0, &PhyCsr4.word);
655 if (!(PhyCsr4.field.Busy))
658 printk("RTUSBWriteRFRegister(RF_CSR_CFG0):retry count=%d!\n", i);
661 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
663 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
665 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
666 return STATUS_UNSUCCESSFUL;
669 RTUSBWriteMACRegister(pAd, RF_CSR_CFG0, Value);
671 return STATUS_SUCCESS;
676 ========================================================================
678 Routine Description: Write RT3070 RF register through MAC
688 ========================================================================
690 NTSTATUS RT30xxWriteRFRegister(
691 IN PRTMP_ADAPTER pAd,
695 RF_CSR_CFG_STRUC rfcsr;
700 RTUSBReadMACRegister(pAd, RF_CSR_CFG, &rfcsr.word);
702 if (!rfcsr.field.RF_CSR_KICK)
706 while ((i < RETRY_LIMIT) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)));
708 if ((i == RETRY_LIMIT) || (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
710 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Retry count exhausted or device removed!!!\n"));
711 return STATUS_UNSUCCESSFUL;
714 rfcsr.field.RF_CSR_WR = 1;
715 rfcsr.field.RF_CSR_KICK = 1;
716 rfcsr.field.TESTCSR_RFACC_REGNUM = RegID;
717 rfcsr.field.RF_CSR_DATA = Value;
719 RTUSBWriteMACRegister(pAd, RF_CSR_CFG, rfcsr.word);
721 return STATUS_SUCCESS;
725 ========================================================================
727 Routine Description: Read RT3070 RF register through MAC
737 ========================================================================
739 NTSTATUS RT30xxReadRFRegister(
740 IN PRTMP_ADAPTER pAd,
744 RF_CSR_CFG_STRUC rfcsr;
747 for (i=0; i<MAX_BUSY_COUNT; i++)
749 RTUSBReadMACRegister(pAd, RF_CSR_CFG, &rfcsr.word);
751 if (rfcsr.field.RF_CSR_KICK == BUSY)
756 rfcsr.field.RF_CSR_WR = 0;
757 rfcsr.field.RF_CSR_KICK = 1;
758 rfcsr.field.TESTCSR_RFACC_REGNUM = RegID;
759 RTUSBWriteMACRegister(pAd, RF_CSR_CFG, rfcsr.word);
760 for (k=0; k<MAX_BUSY_COUNT; k++)
762 RTUSBReadMACRegister(pAd, RF_CSR_CFG, &rfcsr.word);
764 if (rfcsr.field.RF_CSR_KICK == IDLE)
767 if ((rfcsr.field.RF_CSR_KICK == IDLE) &&
768 (rfcsr.field.TESTCSR_RFACC_REGNUM == RegID))
770 *pValue = (UCHAR)rfcsr.field.RF_CSR_DATA;
774 if (rfcsr.field.RF_CSR_KICK == BUSY)
776 DBGPRINT_ERR(("RF read R%d=0x%x fail\n", RegID, rfcsr.word));
777 return STATUS_UNSUCCESSFUL;
780 return STATUS_SUCCESS;
785 ========================================================================
797 ========================================================================
799 NTSTATUS RTUSBReadEEPROM(
800 IN PRTMP_ADAPTER pAd,
805 NTSTATUS Status = STATUS_SUCCESS;
810 Status =eFuseRead(pAd, Offset, pData, length);
815 Status = RTUSB_VendorRequest(
817 (USBD_TRANSFER_DIRECTION_IN | USBD_SHORT_TRANSFER_OK),
818 DEVICE_VENDOR_REQUEST_IN,
830 ========================================================================
842 ========================================================================
844 NTSTATUS RTUSBWriteEEPROM(
845 IN PRTMP_ADAPTER pAd,
850 NTSTATUS Status = STATUS_SUCCESS;
855 Status = eFuseWrite(pAd, Offset, pData, length);
860 Status = RTUSB_VendorRequest(
862 USBD_TRANSFER_DIRECTION_OUT,
863 DEVICE_VENDOR_REQUEST_OUT,
875 ========================================================================
887 ========================================================================
889 VOID RTUSBPutToSleep(
890 IN PRTMP_ADAPTER pAd)
894 // Timeout 0x40 x 50us
895 value = (SLEEPCID<<16)+(OWNERMCU<<24)+ (0x40<<8)+1;
896 RTUSBWriteMACRegister(pAd, 0x7010, value);
897 RTUSBWriteMACRegister(pAd, 0x404, 0x30);
898 //RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS);
899 DBGPRINT_RAW(RT_DEBUG_ERROR, ("Sleep Mailbox testvalue %x\n", value));
904 ========================================================================
916 ========================================================================
918 NTSTATUS RTUSBWakeUp(
919 IN PRTMP_ADAPTER pAd)
923 Status = RTUSB_VendorRequest(
925 USBD_TRANSFER_DIRECTION_OUT,
926 DEVICE_VENDOR_REQUEST_OUT,
937 ========================================================================
949 ========================================================================
951 VOID RTUSBInitializeCmdQ(
957 cmdq->CmdQState = RT2870_THREAD_INITED;
961 ========================================================================
973 ========================================================================
975 NDIS_STATUS RTUSBEnqueueCmdFromNdis(
976 IN PRTMP_ADAPTER pAd,
978 IN BOOLEAN SetInformation,
979 IN PVOID pInformationBuffer,
980 IN UINT32 InformationBufferLength)
983 PCmdQElmt cmdqelmt = NULL;
984 POS_COOKIE pObj = (POS_COOKIE) pAd->OS_Cookie;
987 BUG_ON(pObj->RTUSBCmdThr_task == NULL);
988 CHECK_PID_LEGALITY(task_pid(pObj->RTUSBCmdThr_task))
991 if (pObj->RTUSBCmdThr_pid < 0)
993 return (NDIS_STATUS_RESOURCES);
995 status = RTMPAllocateMemory((PVOID *)&cmdqelmt, sizeof(CmdQElmt));
996 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt == NULL))
997 return (NDIS_STATUS_RESOURCES);
999 cmdqelmt->buffer = NULL;
1000 if (pInformationBuffer != NULL)
1002 status = RTMPAllocateMemory((PVOID *)&cmdqelmt->buffer, InformationBufferLength);
1003 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt->buffer == NULL))
1006 return (NDIS_STATUS_RESOURCES);
1010 NdisMoveMemory(cmdqelmt->buffer, pInformationBuffer, InformationBufferLength);
1011 cmdqelmt->bufferlength = InformationBufferLength;
1015 cmdqelmt->bufferlength = 0;
1017 cmdqelmt->command = Oid;
1018 cmdqelmt->CmdFromNdis = TRUE;
1019 if (SetInformation == TRUE)
1020 cmdqelmt->SetOperation = TRUE;
1022 cmdqelmt->SetOperation = FALSE;
1024 NdisAcquireSpinLock(&pAd->CmdQLock);
1025 if (pAd->CmdQ.CmdQState & RT2870_THREAD_CAN_DO_INSERT)
1027 EnqueueCmd((&pAd->CmdQ), cmdqelmt);
1028 status = NDIS_STATUS_SUCCESS;
1032 status = NDIS_STATUS_FAILURE;
1034 NdisReleaseSpinLock(&pAd->CmdQLock);
1036 if (status == NDIS_STATUS_FAILURE)
1038 if (cmdqelmt->buffer)
1039 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1040 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1046 return(NDIS_STATUS_SUCCESS);
1050 ========================================================================
1052 Routine Description:
1062 ========================================================================
1064 NDIS_STATUS RTUSBEnqueueInternalCmd(
1065 IN PRTMP_ADAPTER pAd,
1067 IN PVOID pInformationBuffer,
1068 IN UINT32 InformationBufferLength)
1071 PCmdQElmt cmdqelmt = NULL;
1074 status = RTMPAllocateMemory((PVOID *)&cmdqelmt, sizeof(CmdQElmt));
1075 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt == NULL))
1076 return (NDIS_STATUS_RESOURCES);
1077 NdisZeroMemory(cmdqelmt, sizeof(CmdQElmt));
1079 if(InformationBufferLength > 0)
1081 status = RTMPAllocateMemory((PVOID *)&cmdqelmt->buffer, InformationBufferLength);
1082 if ((status != NDIS_STATUS_SUCCESS) || (cmdqelmt->buffer == NULL))
1084 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1085 return (NDIS_STATUS_RESOURCES);
1089 NdisMoveMemory(cmdqelmt->buffer, pInformationBuffer, InformationBufferLength);
1090 cmdqelmt->bufferlength = InformationBufferLength;
1095 cmdqelmt->buffer = NULL;
1096 cmdqelmt->bufferlength = 0;
1099 cmdqelmt->command = Oid;
1100 cmdqelmt->CmdFromNdis = FALSE;
1102 if (cmdqelmt != NULL)
1104 NdisAcquireSpinLock(&pAd->CmdQLock);
1105 if (pAd->CmdQ.CmdQState & RT2870_THREAD_CAN_DO_INSERT)
1107 EnqueueCmd((&pAd->CmdQ), cmdqelmt);
1108 status = NDIS_STATUS_SUCCESS;
1112 status = NDIS_STATUS_FAILURE;
1114 NdisReleaseSpinLock(&pAd->CmdQLock);
1116 if (status == NDIS_STATUS_FAILURE)
1118 if (cmdqelmt->buffer)
1119 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1120 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1125 return(NDIS_STATUS_SUCCESS);
1129 ========================================================================
1131 Routine Description:
1141 ========================================================================
1143 VOID RTUSBDequeueCmd(
1145 OUT PCmdQElmt *pcmdqelmt)
1147 *pcmdqelmt = cmdq->head;
1149 if (*pcmdqelmt != NULL)
1151 cmdq->head = cmdq->head->next;
1153 if (cmdq->size == 0)
1159 ========================================================================
1160 usb_control_msg - Builds a control urb, sends it off and waits for completion
1161 @dev: pointer to the usb device to send the message to
1162 @pipe: endpoint "pipe" to send the message to
1163 @request: USB message request value
1164 @requesttype: USB message request type value
1165 @value: USB message value
1166 @index: USB message index value
1167 @data: pointer to the data to send
1168 @size: length in bytes of the data to send
1169 @timeout: time in jiffies to wait for the message to complete before
1170 timing out (if 0 the wait is forever)
1171 Context: !in_interrupt ()
1173 This function sends a simple control message to a specified endpoint
1174 and waits for the message to complete, or timeout.
1175 If successful, it returns the number of bytes transferred, otherwise a negative error number.
1177 Don't use this function from within an interrupt context, like a
1178 bottom half handler. If you need an asynchronous message, or need to send
1179 a message from within interrupt context, use usb_submit_urb()
1180 If a thread in your driver uses this call, make sure your disconnect()
1181 method can wait for it to complete. Since you don't have a handle on
1182 the URB used, you can't cancel the request.
1185 Routine Description:
1193 ========================================================================
1195 NTSTATUS RTUSB_VendorRequest(
1196 IN PRTMP_ADAPTER pAd,
1197 IN UINT32 TransferFlags,
1198 IN UCHAR RequestType,
1202 IN PVOID TransferBuffer,
1203 IN UINT32 TransferBufferLength)
1206 POS_COOKIE pObj = (POS_COOKIE) pAd->OS_Cookie;
1208 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST))
1210 DBGPRINT(RT_DEBUG_ERROR, ("device disconnected\n"));
1213 else if (in_interrupt())
1215 DBGPRINT(RT_DEBUG_ERROR, ("in_interrupt, RTUSB_VendorRequest Request%02x Value%04x Offset%04x\n",Request,Value,Index));
1221 #define MAX_RETRY_COUNT 10
1224 void *tmpBuf = TransferBuffer;
1226 // Acquire Control token
1228 if( RequestType == DEVICE_VENDOR_REQUEST_OUT)
1229 ret=usb_control_msg(pObj->pUsb_Dev, usb_sndctrlpipe( pObj->pUsb_Dev, 0 ), Request, RequestType, Value,Index, tmpBuf, TransferBufferLength, CONTROL_TIMEOUT_JIFFIES);
1230 else if(RequestType == DEVICE_VENDOR_REQUEST_IN)
1231 ret=usb_control_msg(pObj->pUsb_Dev, usb_rcvctrlpipe( pObj->pUsb_Dev, 0 ), Request, RequestType, Value,Index, tmpBuf, TransferBufferLength, CONTROL_TIMEOUT_JIFFIES);
1234 DBGPRINT(RT_DEBUG_ERROR, ("vendor request direction is failed\n"));
1241 RTMPusecDelay(5000);
1243 } while((ret < 0) && (retryCount < MAX_RETRY_COUNT));
1246 // DBGPRINT(RT_DEBUG_ERROR, ("USBVendorRequest failed ret=%d \n",ret));
1247 DBGPRINT(RT_DEBUG_ERROR, ("RTUSB_VendorRequest failed(%d),TxFlags=0x%x, ReqType=%s, Req=0x%x, Index=0x%x\n",
1248 ret, TransferFlags, (RequestType == DEVICE_VENDOR_REQUEST_OUT ? "OUT" : "IN"), Request, Index));
1250 DBGPRINT(RT_DEBUG_ERROR, ("\tRequest Value=0x%04x!\n", Value));
1252 if ((TransferBuffer!= NULL) && (TransferBufferLength > 0))
1253 hex_dump("Failed TransferBuffer value", TransferBuffer, TransferBufferLength);
1260 ========================================================================
1262 Routine Description:
1263 Creates an IRP to submite an IOCTL_INTERNAL_USB_RESET_PORT
1264 synchronously. Callers of this function must be running at
1273 ========================================================================
1275 NTSTATUS RTUSB_ResetDevice(
1276 IN PRTMP_ADAPTER pAd)
1278 NTSTATUS Status = TRUE;
1280 DBGPRINT_RAW(RT_DEBUG_TRACE, ("--->USB_ResetDevice\n"));
1281 //RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_RESET_IN_PROGRESS);
1286 IN PRTMP_ADAPTER pAd)
1290 NDIS_STATUS NdisStatus = NDIS_STATUS_SUCCESS;
1293 // unsigned long IrqFlags;
1295 while (pAd->CmdQ.size > 0)
1297 NdisStatus = NDIS_STATUS_SUCCESS;
1299 NdisAcquireSpinLock(&pAd->CmdQLock);
1300 RTUSBDequeueCmd(&pAd->CmdQ, &cmdqelmt);
1301 NdisReleaseSpinLock(&pAd->CmdQLock);
1303 if (cmdqelmt == NULL)
1306 pData = cmdqelmt->buffer;
1308 if(!(RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST) || RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)))
1310 switch (cmdqelmt->command)
1312 case CMDTHREAD_CHECK_GPIO:
1317 // Read GPIO pin2 as Hardware controlled radio state
1319 RTUSBReadMACRegister( pAd, GPIO_CTRL_CFG, &data);
1323 pAd->StaCfg.bHwRadio = TRUE;
1327 pAd->StaCfg.bHwRadio = FALSE;
1330 if(pAd->StaCfg.bRadio != (pAd->StaCfg.bHwRadio && pAd->StaCfg.bSwRadio))
1332 pAd->StaCfg.bRadio = (pAd->StaCfg.bHwRadio && pAd->StaCfg.bSwRadio);
1333 if(pAd->StaCfg.bRadio == TRUE)
1335 DBGPRINT_RAW(RT_DEBUG_ERROR, ("!!! Radio On !!!\n"));
1338 // Update extra information
1339 pAd->ExtraInfo = EXTRA_INFO_CLEAR;
1343 DBGPRINT_RAW(RT_DEBUG_ERROR, ("!!! Radio Off !!!\n"));
1346 // Update extra information
1347 pAd->ExtraInfo = HW_RADIO_OFF;
1354 case CMDTHREAD_QKERIODIC_EXECUT:
1356 StaQuickResponeForRateUpExec(NULL, pAd, NULL, NULL);
1360 case CMDTHREAD_RESET_BULK_OUT:
1365 PHT_TX_CONTEXT pHTTXContext;
1366 // RTMP_TX_RING *pTxRing;
1367 unsigned long IrqFlags;
1369 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_OUT(ResetPipeid=0x%0x)===>\n", pAd->bulkResetPipeid));
1370 // All transfers must be aborted or cancelled before attempting to reset the pipe.
1371 //RTUSBCancelPendingBulkOutIRP(pAd);
1372 // Wait 10ms to let previous packet that are already in HW FIFO to clear. by MAXLEE 12-25-2007
1376 RTUSBReadMACRegister(pAd, TXRXQ_PCNT, &MACValue);
1377 if ((MACValue & 0xf00000/*0x800000*/) == 0)
1380 RTMPusecDelay(10000);
1381 }while(Index < 100);
1383 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1384 // To prevent Read Register error, we 2nd check the validity.
1385 if ((MACValue & 0xc00000) == 0)
1386 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1387 // To prevent Read Register error, we 3rd check the validity.
1388 if ((MACValue & 0xc00000) == 0)
1389 RTUSBReadMACRegister(pAd, USB_DMA_CFG, &MACValue);
1390 MACValue |= 0x80000;
1391 RTUSBWriteMACRegister(pAd, USB_DMA_CFG, MACValue);
1393 // Wait 1ms to prevent next URB to bulkout before HW reset. by MAXLEE 12-25-2007
1394 RTMPusecDelay(1000);
1396 MACValue &= (~0x80000);
1397 RTUSBWriteMACRegister(pAd, USB_DMA_CFG, MACValue);
1398 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tSet 0x2a0 bit19. Clear USB DMA TX path\n"));
1400 // Wait 5ms to prevent next URB to bulkout before HW reset. by MAXLEE 12-25-2007
1401 //RTMPusecDelay(5000);
1403 if ((pAd->bulkResetPipeid & BULKOUT_MGMT_RESET_FLAG) == BULKOUT_MGMT_RESET_FLAG)
1405 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1406 if (pAd->MgmtRing.TxSwFreeIdx < MGMT_RING_SIZE /* pMLMEContext->bWaitingBulkOut == TRUE */)
1408 RTUSB_SET_BULK_FLAG(pAd, fRTUSB_BULK_OUT_MLME);
1410 RTUSBKickBulkOut(pAd);
1412 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tTX MGMT RECOVER Done!\n"));
1416 pHTTXContext = &(pAd->TxContext[pAd->bulkResetPipeid]);
1417 //NdisAcquireSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1418 RTMP_INT_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1419 if ( pAd->BulkOutPending[pAd->bulkResetPipeid] == FALSE)
1421 pAd->BulkOutPending[pAd->bulkResetPipeid] = TRUE;
1422 pHTTXContext->IRPPending = TRUE;
1423 pAd->watchDogTxPendingCnt[pAd->bulkResetPipeid] = 1;
1425 // no matter what, clean the flag
1426 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1428 //NdisReleaseSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1429 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1430 /*-----------------------------------------------------------------------------------------------*/
1431 /*-----------------------------------------------------------------------------------------------*/
1433 RTUSBInitHTTxDesc(pAd, pHTTXContext, pAd->bulkResetPipeid, pHTTXContext->BulkOutSize, (usb_complete_t)RTUSBBulkOutDataPacketComplete);
1435 if((ret = RTUSB_SUBMIT_URB(pHTTXContext->pUrb))!=0)
1437 RTMP_INT_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1438 pAd->BulkOutPending[pAd->bulkResetPipeid] = FALSE;
1439 pHTTXContext->IRPPending = FALSE;
1440 pAd->watchDogTxPendingCnt[pAd->bulkResetPipeid] = 0;
1441 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1443 DBGPRINT(RT_DEBUG_ERROR, ("CmdThread : CMDTHREAD_RESET_BULK_OUT: Submit Tx URB failed %d\n", ret));
1447 RTMP_IRQ_LOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1448 DBGPRINT_RAW(RT_DEBUG_TRACE,("\tCMDTHREAD_RESET_BULK_OUT: TxContext[%d]:CWPos=%ld, NBPos=%ld, ENBPos=%ld, bCopy=%d, pending=%d!\n",
1449 pAd->bulkResetPipeid, pHTTXContext->CurWritePosition, pHTTXContext->NextBulkOutPosition,
1450 pHTTXContext->ENextBulkOutPosition, pHTTXContext->bCopySavePad, pAd->BulkOutPending[pAd->bulkResetPipeid]));
1451 DBGPRINT_RAW(RT_DEBUG_TRACE,("\t\tBulkOut Req=0x%lx, Complete=0x%lx, Other=0x%lx\n",
1452 pAd->BulkOutReq, pAd->BulkOutComplete, pAd->BulkOutCompleteOther));
1453 RTMP_IRQ_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1454 DBGPRINT_RAW(RT_DEBUG_TRACE, ("\tCMDTHREAD_RESET_BULK_OUT: Submit Tx DATA URB for failed BulkReq(0x%lx) Done, status=%d!\n", pAd->bulkResetReq[pAd->bulkResetPipeid], pHTTXContext->pUrb->status));
1461 //NdisReleaseSpinLock(&pAd->BulkOutLock[pAd->bulkResetPipeid]);
1462 //RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1464 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CmdThread : TX DATA RECOVER FAIL for BulkReq(0x%lx) because BulkOutPending[%d] is TRUE!\n", pAd->bulkResetReq[pAd->bulkResetPipeid], pAd->bulkResetPipeid));
1465 if (pAd->bulkResetPipeid == 0)
1467 UCHAR pendingContext = 0;
1468 PHT_TX_CONTEXT pHTTXContext = (PHT_TX_CONTEXT)(&pAd->TxContext[pAd->bulkResetPipeid ]);
1469 PTX_CONTEXT pMLMEContext = (PTX_CONTEXT)(pAd->MgmtRing.Cell[pAd->MgmtRing.TxDmaIdx].AllocVa);
1470 PTX_CONTEXT pNULLContext = (PTX_CONTEXT)(&pAd->PsPollContext);
1471 PTX_CONTEXT pPsPollContext = (PTX_CONTEXT)(&pAd->NullContext);
1473 if (pHTTXContext->IRPPending)
1474 pendingContext |= 1;
1475 else if (pMLMEContext->IRPPending)
1476 pendingContext |= 2;
1477 else if (pNULLContext->IRPPending)
1478 pendingContext |= 4;
1479 else if (pPsPollContext->IRPPending)
1480 pendingContext |= 8;
1484 DBGPRINT_RAW(RT_DEBUG_ERROR, ("\tTX Occupied by %d!\n", pendingContext));
1487 // no matter what, clean the flag
1488 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKOUT_RESET);
1490 RTMP_INT_UNLOCK(&pAd->BulkOutLock[pAd->bulkResetPipeid], IrqFlags);
1492 RTUSB_SET_BULK_FLAG(pAd, (fRTUSB_BULK_OUT_DATA_NORMAL << pAd->bulkResetPipeid));
1495 RTMPDeQueuePacket(pAd, FALSE, NUM_OF_TX_RING, MAX_TX_PROCESS);
1496 //RTUSBKickBulkOut(pAd);
1501 // Don't cancel BULKIN.
1502 while ((atomic_read(&pAd->PendingRx) > 0) &&
1503 (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1505 if (atomic_read(&pAd->PendingRx) > 0)
1507 DBGPRINT_RAW(RT_DEBUG_ERROR, ("BulkIn IRP Pending!!cancel it!\n"));
1508 RTUSBCancelPendingBulkInIRP(pAd);
1510 RTMPusecDelay(100000);
1513 if ((atomic_read(&pAd->PendingRx) == 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)))
1517 pAd->NextRxBulkInReadIndex = 0; // Next Rx Read index
1518 pAd->NextRxBulkInIndex = 0; // Rx Bulk pointer
1519 for (i = 0; i < (RX_RING_SIZE); i++)
1521 PRX_CONTEXT pRxContext = &(pAd->RxContext[i]);
1523 pRxContext->pAd = pAd;
1524 pRxContext->InUse = FALSE;
1525 pRxContext->IRPPending = FALSE;
1526 pRxContext->Readable = FALSE;
1527 pRxContext->ReorderInUse = FALSE;
1530 RTUSBBulkReceive(pAd);
1531 DBGPRINT_RAW(RT_DEBUG_ERROR, ("RTUSBBulkReceive\n"));
1533 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_OUT<===\n"));
1536 case CMDTHREAD_RESET_BULK_IN:
1537 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_IN === >\n"));
1539 // All transfers must be aborted or cancelled before attempting to reset the pipe.
1542 /*-----------------------------------------------------------------------------------------------*/
1543 /*-----------------------------------------------------------------------------------------------*/
1545 //while ((atomic_read(&pAd->PendingRx) > 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1546 if((pAd->PendingRx > 0) && (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST)))
1548 DBGPRINT_RAW(RT_DEBUG_ERROR, ("BulkIn IRP Pending!!!\n"));
1549 RTUSBCancelPendingBulkInIRP(pAd);
1550 RTMPusecDelay(100000);
1555 // Wait 10ms before reading register.
1556 RTMPusecDelay(10000);
1557 ntStatus = RTUSBReadMACRegister(pAd, MAC_CSR0, &MACValue);
1559 if ((NT_SUCCESS(ntStatus) == TRUE) &&
1560 (!(RTMP_TEST_FLAG(pAd, (fRTMP_ADAPTER_RESET_IN_PROGRESS | fRTMP_ADAPTER_RADIO_OFF |
1561 fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)))))
1565 if (RTMP_TEST_FLAG(pAd, (fRTMP_ADAPTER_RESET_IN_PROGRESS | fRTMP_ADAPTER_RADIO_OFF |
1566 fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)))
1568 pAd->NextRxBulkInPosition = pAd->RxContext[pAd->NextRxBulkInIndex].BulkInOffset;
1569 DBGPRINT(RT_DEBUG_TRACE, ("BULK_IN_RESET: NBIIdx=0x%x,NBIRIdx=0x%x, BIRPos=0x%lx. BIReq=x%lx, BIComplete=0x%lx, BICFail0x%lx\n",
1570 pAd->NextRxBulkInIndex, pAd->NextRxBulkInReadIndex, pAd->NextRxBulkInPosition, pAd->BulkInReq, pAd->BulkInComplete, pAd->BulkInCompleteFail));
1571 for (i = 0; i < RX_RING_SIZE; i++)
1573 DBGPRINT(RT_DEBUG_TRACE, ("\tRxContext[%d]: IRPPending=%d, InUse=%d, Readable=%d!\n"
1574 , i, pAd->RxContext[i].IRPPending, pAd->RxContext[i].InUse, pAd->RxContext[i].Readable));
1578 DBGPRINT_RAW(RT_DEBUG_ERROR, ("==========================================\n"));
1580 pAd->NextRxBulkInReadIndex = 0; // Next Rx Read index
1581 pAd->NextRxBulkInIndex = 0; // Rx Bulk pointer
1582 for (i = 0; i < (RX_RING_SIZE); i++)
1584 PRX_CONTEXT pRxContext = &(pAd->RxContext[i]);
1586 pRxContext->pAd = pAd;
1587 pRxContext->InUse = FALSE;
1588 pRxContext->IRPPending = FALSE;
1589 pRxContext->Readable = FALSE;
1590 pRxContext->ReorderInUse = FALSE;
1593 RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BULKIN_RESET);
1594 for (i = 0; i < pAd->CommonCfg.NumOfBulkInIRP; i++)
1596 //RTUSBBulkReceive(pAd);
1597 PRX_CONTEXT pRxContext;
1600 unsigned long IrqFlags;
1603 RTMP_IRQ_LOCK(&pAd->BulkInLock, IrqFlags);
1604 pRxContext = &(pAd->RxContext[pAd->NextRxBulkInIndex]);
1605 if ((pAd->PendingRx > 0) || (pRxContext->Readable == TRUE) || (pRxContext->InUse == TRUE))
1607 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1610 pRxContext->InUse = TRUE;
1611 pRxContext->IRPPending = TRUE;
1614 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1616 // Init Rx context descriptor
1617 RTUSBInitRxDesc(pAd, pRxContext);
1618 pUrb = pRxContext->pUrb;
1619 if ((ret = RTUSB_SUBMIT_URB(pUrb))!=0)
1622 RTMP_IRQ_LOCK(&pAd->BulkInLock, IrqFlags);
1623 pRxContext->InUse = FALSE;
1624 pRxContext->IRPPending = FALSE;
1627 RTMP_IRQ_UNLOCK(&pAd->BulkInLock, IrqFlags);
1628 DBGPRINT(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Submit Rx URB failed(%d), status=%d\n", ret, pUrb->status));
1632 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CMDTHREAD_RESET_BULK_IN: Submit Rx URB Done, status=%d!\n", pUrb->status));
1633 ASSERT((pRxContext->InUse == pRxContext->IRPPending));
1640 // Card must be removed
1641 if (NT_SUCCESS(ntStatus) != TRUE)
1643 RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST);
1644 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Read Register Failed!Card must be removed!!\n\n"));
1648 DBGPRINT_RAW(RT_DEBUG_ERROR, ("CMDTHREAD_RESET_BULK_IN: Cannot do bulk in because flags(0x%lx) on !\n", pAd->Flags));
1652 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_RESET_BULK_IN <===\n"));
1655 case CMDTHREAD_SET_ASIC_WCID:
1657 RT_SET_ASIC_WCID SetAsicWcid;
1659 UINT32 MACValue, MACRValue = 0;
1660 SetAsicWcid = *((PRT_SET_ASIC_WCID)(pData));
1662 if (SetAsicWcid.WCID >= MAX_LEN_OF_MAC_TABLE)
1665 offset = MAC_WCID_BASE + ((UCHAR)SetAsicWcid.WCID)*HW_WCID_ENTRY_SIZE;
1667 DBGPRINT_RAW(RT_DEBUG_TRACE, ("CmdThread : CMDTHREAD_SET_ASIC_WCID : WCID = %ld, SetTid = %lx, DeleteTid = %lx.\n", SetAsicWcid.WCID, SetAsicWcid.SetTid, SetAsicWcid.DeleteTid));
1668 MACValue = (pAd->MacTab.Content[SetAsicWcid.WCID].Addr[3]<<24)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[2]<<16)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[1]<<8)+(pAd->MacTab.Content[SetAsicWcid.WCID].Addr[0]);
1669 DBGPRINT_RAW(RT_DEBUG_TRACE, ("1-MACValue= %x,\n", MACValue));
1670 RTUSBWriteMACRegister(pAd, offset, MACValue);
1672 RTUSBReadMACRegister(pAd, offset+4, &MACRValue);
1673 if ( SetAsicWcid.DeleteTid != 0xffffffff)
1674 MACRValue &= (~SetAsicWcid.DeleteTid);
1675 if (SetAsicWcid.SetTid != 0xffffffff)
1676 MACRValue |= (SetAsicWcid.SetTid);
1677 MACRValue &= 0xffff0000;
1679 MACValue = (pAd->MacTab.Content[SetAsicWcid.WCID].Addr[5]<<8)+pAd->MacTab.Content[SetAsicWcid.WCID].Addr[4];
1680 MACValue |= MACRValue;
1681 RTUSBWriteMACRegister(pAd, offset+4, MACValue);
1683 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-MACValue= %x,\n", MACValue));
1687 case CMDTHREAD_SET_ASIC_WCID_CIPHER:
1689 RT_SET_ASIC_WCID_ATTRI SetAsicWcidAttri;
1691 UINT32 MACRValue = 0;
1692 SHAREDKEY_MODE_STRUC csr1;
1693 SetAsicWcidAttri = *((PRT_SET_ASIC_WCID_ATTRI)(pData));
1695 if (SetAsicWcidAttri.WCID >= MAX_LEN_OF_MAC_TABLE)
1698 offset = MAC_WCID_ATTRIBUTE_BASE + ((UCHAR)SetAsicWcidAttri.WCID)*HW_WCID_ATTRI_SIZE;
1700 DBGPRINT_RAW(RT_DEBUG_TRACE, ("Cmd : CMDTHREAD_SET_ASIC_WCID_CIPHER : WCID = %ld, Cipher = %lx.\n", SetAsicWcidAttri.WCID, SetAsicWcidAttri.Cipher));
1702 RTUSBReadMACRegister(pAd, offset, &MACRValue);
1704 MACRValue |= (((UCHAR)SetAsicWcidAttri.Cipher) << 1);
1706 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1707 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-offset = %x , MACValue= %x,\n", offset, MACRValue));
1709 offset = PAIRWISE_IVEIV_TABLE_BASE + ((UCHAR)SetAsicWcidAttri.WCID)*HW_IVEIV_ENTRY_SIZE;
1711 if ( (SetAsicWcidAttri.Cipher <= CIPHER_WEP128))
1712 MACRValue |= ( pAd->StaCfg.DefaultKeyId << 30);
1714 MACRValue |= (0x20000000);
1715 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1716 DBGPRINT_RAW(RT_DEBUG_TRACE, ("2-offset = %x , MACValue= %x,\n", offset, MACRValue));
1719 // Update cipher algorithm. WSTA always use BSS0
1721 // for adhoc mode only ,because wep status slow than add key, when use zero config
1722 if (pAd->StaCfg.BssType == BSS_ADHOC )
1724 offset = MAC_WCID_ATTRIBUTE_BASE;
1726 RTUSBReadMACRegister(pAd, offset, &MACRValue);
1727 MACRValue &= (~0xe);
1728 MACRValue |= (((UCHAR)SetAsicWcidAttri.Cipher) << 1);
1730 RTUSBWriteMACRegister(pAd, offset, MACRValue);
1732 //Update group key cipher,,because wep status slow than add key, when use zero config
1733 RTUSBReadMACRegister(pAd, SHARED_KEY_MODE_BASE+4*(0/2), &csr1.word);
1735 csr1.field.Bss0Key0CipherAlg = SetAsicWcidAttri.Cipher;
1736 csr1.field.Bss0Key1CipherAlg = SetAsicWcidAttri.Cipher;
1738 RTUSBWriteMACRegister(pAd, SHARED_KEY_MODE_BASE+4*(0/2), csr1.word);
1744 //Benson modified for USB interface, avoid in interrupt when write key, 20080724 -->
1745 case RT_CMD_SET_KEY_TABLE: //General call for AsicAddPairwiseKeyEntry()
1747 RT_ADD_PAIRWISE_KEY_ENTRY KeyInfo;
1748 KeyInfo = *((PRT_ADD_PAIRWISE_KEY_ENTRY)(pData));
1749 AsicAddPairwiseKeyEntry(pAd,
1751 (UCHAR)KeyInfo.MacTabMatchWCID,
1752 &KeyInfo.CipherKey);
1755 case RT_CMD_SET_RX_WCID_TABLE: //General call for RTMPAddWcidAttributeEntry()
1757 PMAC_TABLE_ENTRY pEntry;
1762 pEntry = (PMAC_TABLE_ENTRY)(pData);
1764 RTMPAddWcidAttributeEntry(
1772 //Benson modified for USB interface, avoid in interrupt when write key, 20080724 <--
1775 case CMDTHREAD_SET_CLIENT_MAC_ENTRY:
1777 MAC_TABLE_ENTRY *pEntry;
1778 pEntry = (MAC_TABLE_ENTRY *)pData;
1781 AsicRemovePairwiseKeyEntry(pAd, pEntry->apidx, (UCHAR)pEntry->Aid);
1782 if ((pEntry->AuthMode <= Ndis802_11AuthModeAutoSwitch) && (pEntry->WepStatus == Ndis802_11Encryption1Enabled))
1787 ptr = (PUCHAR) &uIV;
1788 *(ptr + 3) = (pAd->StaCfg.DefaultKeyId << 6);
1789 AsicUpdateWCIDIVEIV(pAd, pEntry->Aid, uIV, 0);
1790 AsicUpdateWCIDAttribute(pAd, pEntry->Aid, BSS0, pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, FALSE);
1792 else if (pEntry->AuthMode == Ndis802_11AuthModeWPANone)
1797 ptr = (PUCHAR) &uIV;
1798 *(ptr + 3) = (pAd->StaCfg.DefaultKeyId << 6);
1799 AsicUpdateWCIDIVEIV(pAd, pEntry->Aid, uIV, 0);
1800 AsicUpdateWCIDAttribute(pAd, pEntry->Aid, BSS0, pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, FALSE);
1805 // Other case, disable engine.
1806 // Don't worry WPA key, we will add WPA Key after 4-Way handshaking.
1809 offset = MAC_WCID_ATTRIBUTE_BASE + (pEntry->Aid * HW_WCID_ATTRI_SIZE);
1810 // RX_PKEY_MODE:0 for no security; RX_KEY_TAB:0 for shared key table; BSS_IDX:0
1811 RTUSBWriteMACRegister(pAd, offset, 0);
1815 AsicUpdateRxWCIDTable(pAd, pEntry->Aid, pEntry->Addr);
1816 printk("UpdateRxWCIDTable(): Aid=%d, Addr=%02x:%02x:%02x:%02x:%02x:%02x!\n", pEntry->Aid,
1817 pEntry->Addr[0], pEntry->Addr[1], pEntry->Addr[2], pEntry->Addr[3], pEntry->Addr[4], pEntry->Addr[5]);
1822 // add by johnli, fix "in_interrupt" error when call "MacTableDeleteEntry" in Rx tasklet
1823 case CMDTHREAD_UPDATE_PROTECT:
1825 AsicUpdateProtect(pAd, 0, (ALLN_SETPROTECT), TRUE, 0);
1831 case OID_802_11_ADD_WEP:
1835 PNDIS_802_11_WEP pWepKey;
1837 DBGPRINT(RT_DEBUG_TRACE, ("CmdThread::OID_802_11_ADD_WEP \n"));
1839 pWepKey = (PNDIS_802_11_WEP)pData;
1840 KeyIdx = pWepKey->KeyIndex & 0x0fffffff;
1842 // it is a shared key
1843 if ((KeyIdx >= 4) || ((pWepKey->KeyLength != 5) && (pWepKey->KeyLength != 13)))
1845 NdisStatus = NDIS_STATUS_INVALID_DATA;
1846 DBGPRINT(RT_DEBUG_ERROR, ("CmdThread::OID_802_11_ADD_WEP, INVALID_DATA!!\n"));
1851 pAd->SharedKey[BSS0][KeyIdx].KeyLen = (UCHAR) pWepKey->KeyLength;
1852 NdisMoveMemory(pAd->SharedKey[BSS0][KeyIdx].Key, &pWepKey->KeyMaterial, pWepKey->KeyLength);
1853 CipherAlg = (pAd->SharedKey[BSS0][KeyIdx].KeyLen == 5)? CIPHER_WEP64 : CIPHER_WEP128;
1856 // Change the WEP cipher to CKIP cipher if CKIP KP on.
1857 // Funk UI or Meetinghouse UI will add ckip key from this path.
1860 if (pAd->OpMode == OPMODE_STA)
1862 pAd->MacTab.Content[BSSID_WCID].PairwiseKey.CipherAlg = pAd->SharedKey[BSS0][KeyIdx].CipherAlg;
1863 pAd->MacTab.Content[BSSID_WCID].PairwiseKey.KeyLen = pAd->SharedKey[BSS0][KeyIdx].KeyLen;
1865 pAd->SharedKey[BSS0][KeyIdx].CipherAlg = CipherAlg;
1866 if (pWepKey->KeyIndex & 0x80000000)
1868 // Default key for tx (shared key)
1870 UINT32 WCIDAttri, Value;
1871 USHORT offset, offset2;
1872 NdisZeroMemory(IVEIV, 8);
1873 pAd->StaCfg.DefaultKeyId = (UCHAR) KeyIdx;
1874 // Add BSSID to WCTable. because this is Tx wep key.
1875 // WCID Attribute UDF:3, BSSIdx:3, Alg:3, Keytable:1=PAIRWISE KEY, BSSIdx is 0
1876 WCIDAttri = (CipherAlg<<1)|SHAREDKEYTABLE;
1878 offset = MAC_WCID_ATTRIBUTE_BASE + (BSSID_WCID* HW_WCID_ATTRI_SIZE);
1879 RTUSBWriteMACRegister(pAd, offset, WCIDAttri);
1881 // Specify key index to find shared key.
1882 IVEIV[3] = (UCHAR)(KeyIdx<< 6); //WEP Eiv bit off. groupkey index is not 0
1883 offset = PAIRWISE_IVEIV_TABLE_BASE + (BSS0Mcast_WCID * HW_IVEIV_ENTRY_SIZE);
1884 offset2 = PAIRWISE_IVEIV_TABLE_BASE + (BSSID_WCID* HW_IVEIV_ENTRY_SIZE);
1888 Value += (IVEIV[i+1]<<8);
1889 Value += (IVEIV[i+2]<<16);
1890 Value += (IVEIV[i+3]<<24);
1891 RTUSBWriteMACRegister(pAd, offset+i, Value);
1892 RTUSBWriteMACRegister(pAd, offset2+i, Value);
1896 // 2. WCID Attribute UDF:3, BSSIdx:3, Alg:3, Keytable:use share key, BSSIdx is 0
1897 WCIDAttri = (pAd->SharedKey[BSS0][KeyIdx].CipherAlg<<1)|SHAREDKEYTABLE;
1898 offset = MAC_WCID_ATTRIBUTE_BASE + (BSS0Mcast_WCID* HW_WCID_ATTRI_SIZE);
1899 DBGPRINT(RT_DEBUG_TRACE, ("BSS0Mcast_WCID : offset = %x, WCIDAttri = %x\n", offset, WCIDAttri));
1900 RTUSBWriteMACRegister(pAd, offset, WCIDAttri);
1903 AsicAddSharedKeyEntry(pAd, BSS0, (UCHAR)KeyIdx, CipherAlg, pWepKey->KeyMaterial, NULL, NULL);
1904 DBGPRINT(RT_DEBUG_TRACE, ("CmdThread::OID_802_11_ADD_WEP (KeyIdx=%d, Len=%d-byte)\n", KeyIdx, pWepKey->KeyLength));
1909 case CMDTHREAD_802_11_COUNTER_MEASURE:
1912 DBGPRINT(RT_DEBUG_ERROR, ("--> Control Thread !! ERROR !! Unknown(cmdqelmt->command=0x%x) !! \n", cmdqelmt->command));
1917 if (cmdqelmt->CmdFromNdis == TRUE)
1919 if (cmdqelmt->buffer != NULL)
1920 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1922 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1926 if ((cmdqelmt->buffer != NULL) && (cmdqelmt->bufferlength != 0))
1927 NdisFreeMemory(cmdqelmt->buffer, cmdqelmt->bufferlength, 0);
1929 NdisFreeMemory(cmdqelmt, sizeof(CmdQElmt), 0);
1932 } /* end of while */