1
/* src/prism2/driver/hfa384x_usb.c
3
* Functions that talk to the USB variantof the Intersil hfa384x MAC
5
* Copyright (C) 1999 AbsoluteValue Systems, Inc. All Rights Reserved.
6
* --------------------------------------------------------------------
10
* The contents of this file are subject to the Mozilla Public
11
* License Version 1.1 (the "License"); you may not use this file
12
* except in compliance with the License. You may obtain a copy of
13
* the License at http://www.mozilla.org/MPL/
15
* Software distributed under the License is distributed on an "AS
16
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
17
* implied. See the License for the specific language governing
18
* rights and limitations under the License.
20
* Alternatively, the contents of this file may be used under the
21
* terms of the GNU Public License version 2 (the "GPL"), in which
22
* case the provisions of the GPL are applicable instead of the
23
* above. If you wish to allow the use of your version of this file
24
* only under the terms of the GPL and not to allow others to use
25
* your version of this file under the MPL, indicate your decision
26
* by deleting the provisions above and replace them with the notice
27
* and other provisions required by the GPL. If you do not delete
28
* the provisions above, a recipient may use your version of this
29
* file under either the MPL or the GPL.
31
* --------------------------------------------------------------------
33
* Inquiries regarding the linux-wlan Open Source project can be
36
* AbsoluteValue Systems Inc.
38
* http://www.linux-wlan.com
40
* --------------------------------------------------------------------
42
* Portions of the development of this software were funded by
43
* Intersil Corporation as part of PRISM(R) chipset product development.
45
* --------------------------------------------------------------------
47
* This file implements functions that correspond to the prism2/hfa384x
48
* 802.11 MAC hardware and firmware host interface.
50
* The functions can be considered to represent several levels of
51
* abstraction. The lowest level functions are simply C-callable wrappers
52
* around the register accesses. The next higher level represents C-callable
53
* prism2 API functions that match the Intersil documentation as closely
54
* as is reasonable. The next higher layer implements common sequences
55
* of invokations of the API layer (e.g. write to bap, followed by cmd).
58
* hfa384x_drvr_xxx Highest level abstractions provided by the
59
* hfa384x code. They are driver defined wrappers
60
* for common sequences. These functions generally
61
* use the services of the lower levels.
63
* hfa384x_drvr_xxxconfig An example of the drvr level abstraction. These
64
* functions are wrappers for the RID get/set
65
* sequence. They call copy_[to|from]_bap() and
66
* cmd_access(). These functions operate on the
67
* RIDs and buffers without validation. The caller
68
* is responsible for that.
70
* API wrapper functions:
71
* hfa384x_cmd_xxx functions that provide access to the f/w commands.
72
* The function arguments correspond to each command
73
* argument, even command arguments that get packed
74
* into single registers. These functions _just_
75
* issue the command by setting the cmd/parm regs
76
* & reading the status/resp regs. Additional
77
* activities required to fully use a command
78
* (read/write from/to bap, get/set int status etc.)
79
* are implemented separately. Think of these as
80
* C-callable prism2 commands.
82
* Lowest Layer Functions:
83
* hfa384x_docmd_xxx These functions implement the sequence required
84
* to issue any prism2 command. Primarily used by the
85
* hfa384x_cmd_xxx functions.
87
* hfa384x_bap_xxx BAP read/write access functions.
88
* Note: we usually use BAP0 for non-interrupt context
89
* and BAP1 for interrupt context.
91
* hfa384x_dl_xxx download related functions.
93
* Driver State Issues:
94
* Note that there are two pairs of functions that manage the
95
* 'initialized' and 'running' states of the hw/MAC combo. The four
96
* functions are create(), destroy(), start(), and stop(). create()
97
* sets up the data structures required to support the hfa384x_*
98
* functions and destroy() cleans them up. The start() function gets
99
* the actual hardware running and enables the interrupts. The stop()
100
* function shuts the hardware down. The sequence should be:
104
* . Do interesting things w/ the hardware
109
* Note that destroy() can be called without calling stop() first.
110
* --------------------------------------------------------------------
113
/*================================================================*/
114
/* System Includes */
115
#define WLAN_DBVAR prism2_debug
117
#include <wlan/version.h>
120
#include <linux/version.h>
122
#include <linux/module.h>
123
#include <linux/kernel.h>
124
#include <linux/sched.h>
125
#include <linux/types.h>
126
#include <linux/slab.h>
127
#include <linux/wireless.h>
128
#include <linux/netdevice.h>
129
#include <linux/timer.h>
131
#include <linux/delay.h>
132
#include <asm/byteorder.h>
133
#include <asm/bitops.h>
134
#include <linux/list.h>
135
#include <linux/usb.h>
137
#include <wlan/wlan_compat.h>
139
#if (WLAN_HOSTIF != WLAN_USB)
140
#error "This file is specific to USB"
144
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,10)
146
wait_for_completion_interruptible(struct completion *x)
152
spin_lock_irq(&x->wait.lock);
154
DECLARE_WAITQUEUE(wait, current);
156
wait.flags |= WQ_FLAG_EXCLUSIVE;
157
__add_wait_queue_tail(&x->wait, &wait);
159
if (signal_pending(current)) {
161
__remove_wait_queue(&x->wait, &wait);
164
__set_current_state(TASK_INTERRUPTIBLE);
165
spin_unlock_irq(&x->wait.lock);
167
spin_lock_irq(&x->wait.lock);
169
__remove_wait_queue(&x->wait, &wait);
173
spin_unlock_irq(&x->wait.lock);
179
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,5,69)
181
usb_init_urb(struct urb *urb)
183
memset(urb, 0, sizeof(*urb));
184
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,5,0) /* tune me! */
185
urb->count = (atomic_t)ATOMIC_INIT(1);
187
spin_lock_init(&urb->lock);
191
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,5,0) /* tune me! */
192
# define SUBMIT_URB(u,f) usb_submit_urb(u,f)
194
# define SUBMIT_URB(u,f) usb_submit_urb(u)
197
/*================================================================*/
198
/* Project Includes */
200
#include <wlan/p80211types.h>
201
#include <wlan/p80211hdr.h>
202
#include <wlan/p80211mgmt.h>
203
#include <wlan/p80211conv.h>
204
#include <wlan/p80211msg.h>
205
#include <wlan/p80211netdev.h>
206
#include <wlan/p80211req.h>
207
#include <wlan/p80211metadef.h>
208
#include <wlan/p80211metastruct.h>
209
#include <prism2/hfa384x.h>
210
#include <prism2/prism2mgmt.h>
212
/*================================================================*/
213
/* Local Constants */
220
typedef enum cmd_mode CMD_MODE;
222
#define THROTTLE_JIFFIES (HZ/8)
224
/*================================================================*/
227
#define ROUNDUP64(a) (((a)+63)&~63)
229
/*================================================================*/
232
/*================================================================*/
233
/* Local Static Definitions */
234
extern int prism2_debug;
236
/*================================================================*/
237
/* Local Function Declarations */
241
dbprint_urb(struct urb* urb);
245
hfa384x_int_rxmonitor(
246
wlandevice_t *wlandev,
247
hfa384x_usb_rxfrm_t *rxfrm);
250
hfa384x_usb_defer(struct work_struct *data);
253
submit_rx_urb(hfa384x_t *hw, gfp_t flags);
256
submit_tx_urb(hfa384x_t *hw, struct urb *tx_urb, gfp_t flags);
258
/*---------------------------------------------------*/
260
#ifdef URB_ONLY_CALLBACK
262
hfa384x_usbout_callback(struct urb *urb);
264
hfa384x_ctlxout_callback(struct urb *urb);
266
hfa384x_usbin_callback(struct urb *urb);
269
hfa384x_usbout_callback(struct urb *urb, struct pt_regs *regs);
271
hfa384x_ctlxout_callback(struct urb *urb, struct pt_regs *regs);
273
hfa384x_usbin_callback(struct urb *urb, struct pt_regs *regs);
277
hfa384x_usbin_txcompl(wlandevice_t *wlandev, hfa384x_usbin_t *usbin);
280
hfa384x_usbin_rx(wlandevice_t *wlandev, struct sk_buff *skb);
283
hfa384x_usbin_info(wlandevice_t *wlandev, hfa384x_usbin_t *usbin);
286
hfa384x_usbout_tx(wlandevice_t *wlandev, hfa384x_usbout_t *usbout);
288
static void hfa384x_usbin_ctlx(hfa384x_t *hw, hfa384x_usbin_t *usbin,
291
/*---------------------------------------------------*/
292
/* Functions to support the prism2 usb command queue */
295
hfa384x_usbctlxq_run(hfa384x_t *hw);
298
hfa384x_usbctlx_reqtimerfn(unsigned long data);
301
hfa384x_usbctlx_resptimerfn(unsigned long data);
304
hfa384x_usb_throttlefn(unsigned long data);
307
hfa384x_usbctlx_completion_task(unsigned long data);
310
hfa384x_usbctlx_reaper_task(unsigned long data);
313
hfa384x_usbctlx_submit(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
316
unlocked_usbctlx_complete(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
318
struct usbctlx_completor
320
int (*complete)(struct usbctlx_completor*);
322
typedef struct usbctlx_completor usbctlx_completor_t;
325
hfa384x_usbctlx_complete_sync(hfa384x_t *hw,
326
hfa384x_usbctlx_t *ctlx,
327
usbctlx_completor_t *completor);
330
unlocked_usbctlx_cancel_async(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
333
hfa384x_cb_status(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx);
336
hfa384x_cb_rrid(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx);
339
usbctlx_get_status(const hfa384x_usb_cmdresp_t *cmdresp,
340
hfa384x_cmdresult_t *result);
343
usbctlx_get_rridresult(const hfa384x_usb_rridresp_t *rridresp,
344
hfa384x_rridresult_t *result);
346
/*---------------------------------------------------*/
347
/* Low level req/resp CTLX formatters and submitters */
352
hfa384x_metacmd_t *cmd,
354
ctlx_usercb_t usercb,
365
ctlx_usercb_t usercb,
376
ctlx_usercb_t usercb,
388
ctlx_usercb_t usercb,
400
ctlx_usercb_t usercb,
404
hfa384x_isgood_pdrcode(UINT16 pdrcode);
406
/*================================================================*/
407
/* Function Definitions */
408
static inline const char* ctlxstr(CTLX_STATE s)
410
static const char* ctlx_str[] = {
415
"Request packet submitted",
416
"Request packet completed",
417
"Response packet completed"
424
static inline hfa384x_usbctlx_t*
425
get_active_ctlx(hfa384x_t *hw)
427
return list_entry(hw->ctlxq.active.next, hfa384x_usbctlx_t, list);
433
dbprint_urb(struct urb* urb)
435
WLAN_LOG_DEBUG(3,"urb->pipe=0x%08x\n", urb->pipe);
436
WLAN_LOG_DEBUG(3,"urb->status=0x%08x\n", urb->status);
437
WLAN_LOG_DEBUG(3,"urb->transfer_flags=0x%08x\n", urb->transfer_flags);
438
WLAN_LOG_DEBUG(3,"urb->transfer_buffer=0x%08x\n", (UINT)urb->transfer_buffer);
439
WLAN_LOG_DEBUG(3,"urb->transfer_buffer_length=0x%08x\n", urb->transfer_buffer_length);
440
WLAN_LOG_DEBUG(3,"urb->actual_length=0x%08x\n", urb->actual_length);
441
WLAN_LOG_DEBUG(3,"urb->bandwidth=0x%08x\n", urb->bandwidth);
442
WLAN_LOG_DEBUG(3,"urb->setup_packet(ctl)=0x%08x\n", (UINT)urb->setup_packet);
443
WLAN_LOG_DEBUG(3,"urb->start_frame(iso/irq)=0x%08x\n", urb->start_frame);
444
WLAN_LOG_DEBUG(3,"urb->interval(irq)=0x%08x\n", urb->interval);
445
WLAN_LOG_DEBUG(3,"urb->error_count(iso)=0x%08x\n", urb->error_count);
446
WLAN_LOG_DEBUG(3,"urb->timeout=0x%08x\n", urb->timeout);
447
WLAN_LOG_DEBUG(3,"urb->context=0x%08x\n", (UINT)urb->context);
448
WLAN_LOG_DEBUG(3,"urb->complete=0x%08x\n", (UINT)urb->complete);
453
/*----------------------------------------------------------------
456
* Listen for input data on the BULK-IN pipe. If the pipe has
457
* stalled then schedule it to be reset.
461
* memflags memory allocation flags
464
* error code from submission
468
----------------------------------------------------------------*/
470
submit_rx_urb(hfa384x_t *hw, gfp_t memflags)
477
skb = dev_alloc_skb(sizeof(hfa384x_usbin_t));
483
/* Post the IN urb */
484
usb_fill_bulk_urb(&hw->rx_urb, hw->usb,
486
skb->data, sizeof(hfa384x_usbin_t),
487
hfa384x_usbin_callback, hw->wlandev);
489
hw->rx_urb_skb = skb;
492
if ( !hw->wlandev->hwremoved && !test_bit(WORK_RX_HALT, &hw->usb_flags)) {
493
result = SUBMIT_URB(&hw->rx_urb, memflags);
495
/* Check whether we need to reset the RX pipe */
496
if (result == -EPIPE) {
497
WLAN_LOG_WARNING("%s rx pipe stalled: requesting reset\n",
498
hw->wlandev->netdev->name);
499
if ( !test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) )
500
schedule_work(&hw->usb_work);
504
/* Don't leak memory if anything should go wrong */
507
hw->rx_urb_skb = NULL;
516
/*----------------------------------------------------------------
519
* Prepares and submits the URB of transmitted data. If the
520
* submission fails then it will schedule the output pipe to
525
* tx_urb URB of data for tranmission
526
* memflags memory allocation flags
529
* error code from submission
533
----------------------------------------------------------------*/
535
submit_tx_urb(hfa384x_t *hw, struct urb *tx_urb, gfp_t memflags)
537
struct net_device *netdev = hw->wlandev->netdev;
543
if ( netif_running(netdev) ) {
545
if ( !hw->wlandev->hwremoved && !test_bit(WORK_TX_HALT, &hw->usb_flags) ) {
546
result = SUBMIT_URB(tx_urb, memflags);
548
/* Test whether we need to reset the TX pipe */
549
if (result == -EPIPE) {
550
WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
552
set_bit(WORK_TX_HALT, &hw->usb_flags);
553
schedule_work(&hw->usb_work);
554
} else if (result == 0) {
555
netif_stop_queue(netdev);
565
/*----------------------------------------------------------------
568
* There are some things that the USB stack cannot do while
569
* in interrupt context, so we arrange this function to run
570
* in process context.
573
* hw device structure
579
* process (by design)
580
----------------------------------------------------------------*/
582
hfa384x_usb_defer(struct work_struct *data)
584
hfa384x_t *hw = container_of(data, struct hfa384x, usb_work);
585
struct net_device *netdev = hw->wlandev->netdev;
589
/* Don't bother trying to reset anything if the plug
590
* has been pulled ...
592
if ( hw->wlandev->hwremoved ) {
597
/* Reception has stopped: try to reset the input pipe */
598
if (test_bit(WORK_RX_HALT, &hw->usb_flags)) {
601
usb_kill_urb(&hw->rx_urb); /* Cannot be holding spinlock! */
603
ret = usb_clear_halt(hw->usb, hw->endp_in);
606
"Failed to clear rx pipe for %s: err=%d\n",
609
printk(KERN_INFO "%s rx pipe reset complete.\n",
611
clear_bit(WORK_RX_HALT, &hw->usb_flags);
612
set_bit(WORK_RX_RESUME, &hw->usb_flags);
616
/* Resume receiving data back from the device. */
617
if ( test_bit(WORK_RX_RESUME, &hw->usb_flags) ) {
620
ret = submit_rx_urb(hw, GFP_KERNEL);
623
"Failed to resume %s rx pipe.\n", netdev->name);
625
clear_bit(WORK_RX_RESUME, &hw->usb_flags);
629
/* Transmission has stopped: try to reset the output pipe */
630
if (test_bit(WORK_TX_HALT, &hw->usb_flags)) {
633
usb_kill_urb(&hw->tx_urb);
634
ret = usb_clear_halt(hw->usb, hw->endp_out);
637
"Failed to clear tx pipe for %s: err=%d\n",
640
printk(KERN_INFO "%s tx pipe reset complete.\n",
642
clear_bit(WORK_TX_HALT, &hw->usb_flags);
643
set_bit(WORK_TX_RESUME, &hw->usb_flags);
645
/* Stopping the BULK-OUT pipe also blocked
646
* us from sending any more CTLX URBs, so
647
* we need to re-run our queue ...
649
hfa384x_usbctlxq_run(hw);
653
/* Resume transmitting. */
654
if ( test_and_clear_bit(WORK_TX_RESUME, &hw->usb_flags) ) {
655
p80211netdev_wake_queue(hw->wlandev);
662
/*----------------------------------------------------------------
665
* Sets up the hfa384x_t data structure for use. Note this
666
* does _not_ intialize the actual hardware, just the data structures
667
* we use to keep track of its state.
670
* hw device structure
671
* irq device irq number
672
* iobase i/o base address for register access
673
* membase memory base address for register access
682
----------------------------------------------------------------*/
684
hfa384x_create( hfa384x_t *hw, struct usb_device *usb)
688
memset(hw, 0, sizeof(hfa384x_t));
691
/* set up the endpoints */
692
hw->endp_in = usb_rcvbulkpipe(usb, 1);
693
hw->endp_out = usb_sndbulkpipe(usb, 2);
695
/* Set up the waitq */
696
init_waitqueue_head(&hw->cmdq);
698
/* Initialize the command queue */
699
spin_lock_init(&hw->ctlxq.lock);
700
INIT_LIST_HEAD(&hw->ctlxq.pending);
701
INIT_LIST_HEAD(&hw->ctlxq.active);
702
INIT_LIST_HEAD(&hw->ctlxq.completing);
703
INIT_LIST_HEAD(&hw->ctlxq.reapable);
705
/* Initialize the authentication queue */
706
skb_queue_head_init(&hw->authq);
708
tasklet_init(&hw->reaper_bh,
709
hfa384x_usbctlx_reaper_task,
711
tasklet_init(&hw->completion_bh,
712
hfa384x_usbctlx_completion_task,
714
INIT_WORK2(&hw->link_bh, prism2sta_processing_defer);
715
INIT_WORK2(&hw->usb_work, hfa384x_usb_defer);
717
init_timer(&hw->throttle);
718
hw->throttle.function = hfa384x_usb_throttlefn;
719
hw->throttle.data = (unsigned long)hw;
721
init_timer(&hw->resptimer);
722
hw->resptimer.function = hfa384x_usbctlx_resptimerfn;
723
hw->resptimer.data = (unsigned long)hw;
725
init_timer(&hw->reqtimer);
726
hw->reqtimer.function = hfa384x_usbctlx_reqtimerfn;
727
hw->reqtimer.data = (unsigned long)hw;
729
usb_init_urb(&hw->rx_urb);
730
usb_init_urb(&hw->tx_urb);
731
usb_init_urb(&hw->ctlx_urb);
733
hw->link_status = HFA384x_LINK_NOTCONNECTED;
734
hw->state = HFA384x_STATE_INIT;
736
INIT_WORK2(&hw->commsqual_bh, prism2sta_commsqual_defer);
737
init_timer(&hw->commsqual_timer);
738
hw->commsqual_timer.data = (unsigned long) hw;
739
hw->commsqual_timer.function = prism2sta_commsqual_timer;
745
/*----------------------------------------------------------------
748
* Partner to hfa384x_create(). This function cleans up the hw
749
* structure so that it can be freed by the caller using a simple
750
* kfree. Currently, this function is just a placeholder. If, at some
751
* point in the future, an hw in the 'shutdown' state requires a 'deep'
752
* kfree, this is where it should be done. Note that if this function
753
* is called on a _running_ hw structure, the drvr_stop() function is
757
* hw device structure
760
* nothing, this function is not allowed to fail.
766
----------------------------------------------------------------*/
768
hfa384x_destroy( hfa384x_t *hw)
774
if ( hw->state == HFA384x_STATE_RUNNING ) {
775
hfa384x_drvr_stop(hw);
777
hw->state = HFA384x_STATE_PREINIT;
779
if (hw->scanresults) {
780
kfree(hw->scanresults);
781
hw->scanresults = NULL;
784
/* Now to clean out the auth queue */
785
while ( (skb = skb_dequeue(&hw->authq)) ) {
793
/*----------------------------------------------------------------
795
static hfa384x_usbctlx_t* usbctlx_alloc(void)
797
hfa384x_usbctlx_t *ctlx;
799
ctlx = kmalloc(sizeof(*ctlx), in_interrupt() ? GFP_ATOMIC : GFP_KERNEL);
802
memset(ctlx, 0, sizeof(*ctlx));
803
init_completion(&ctlx->done);
810
/*----------------------------------------------------------------
812
----------------------------------------------------------------*/
814
usbctlx_get_status(const hfa384x_usb_cmdresp_t *cmdresp,
815
hfa384x_cmdresult_t *result)
819
result->status = hfa384x2host_16(cmdresp->status);
820
result->resp0 = hfa384x2host_16(cmdresp->resp0);
821
result->resp1 = hfa384x2host_16(cmdresp->resp1);
822
result->resp2 = hfa384x2host_16(cmdresp->resp2);
824
WLAN_LOG_DEBUG(4, "cmdresult:status=0x%04x "
825
"resp0=0x%04x resp1=0x%04x resp2=0x%04x\n",
832
return (result->status & HFA384x_STATUS_RESULT);
836
usbctlx_get_rridresult(const hfa384x_usb_rridresp_t *rridresp,
837
hfa384x_rridresult_t *result)
841
result->rid = hfa384x2host_16(rridresp->rid);
842
result->riddata = rridresp->data;
843
result->riddata_len = ((hfa384x2host_16(rridresp->frmlen) - 1) * 2);
849
/*----------------------------------------------------------------
851
* This completor must be passed to hfa384x_usbctlx_complete_sync()
852
* when processing a CTLX that returns a hfa384x_cmdresult_t structure.
853
----------------------------------------------------------------*/
854
struct usbctlx_cmd_completor
856
usbctlx_completor_t head;
858
const hfa384x_usb_cmdresp_t *cmdresp;
859
hfa384x_cmdresult_t *result;
861
typedef struct usbctlx_cmd_completor usbctlx_cmd_completor_t;
863
static int usbctlx_cmd_completor_fn(usbctlx_completor_t *head)
865
usbctlx_cmd_completor_t *complete = (usbctlx_cmd_completor_t*)head;
866
return usbctlx_get_status(complete->cmdresp, complete->result);
869
static inline usbctlx_completor_t*
870
init_cmd_completor(usbctlx_cmd_completor_t *completor,
871
const hfa384x_usb_cmdresp_t *cmdresp,
872
hfa384x_cmdresult_t *result)
874
completor->head.complete = usbctlx_cmd_completor_fn;
875
completor->cmdresp = cmdresp;
876
completor->result = result;
877
return &(completor->head);
880
/*----------------------------------------------------------------
882
* This completor must be passed to hfa384x_usbctlx_complete_sync()
883
* when processing a CTLX that reads a RID.
884
----------------------------------------------------------------*/
885
struct usbctlx_rrid_completor
887
usbctlx_completor_t head;
889
const hfa384x_usb_rridresp_t *rridresp;
893
typedef struct usbctlx_rrid_completor usbctlx_rrid_completor_t;
895
static int usbctlx_rrid_completor_fn(usbctlx_completor_t *head)
897
usbctlx_rrid_completor_t *complete = (usbctlx_rrid_completor_t*)head;
898
hfa384x_rridresult_t rridresult;
900
usbctlx_get_rridresult(complete->rridresp, &rridresult);
902
/* Validate the length, note body len calculation in bytes */
903
if ( rridresult.riddata_len != complete->riddatalen ) {
905
"RID len mismatch, rid=0x%04x hlen=%d fwlen=%d\n",
907
complete->riddatalen,
908
rridresult.riddata_len);
912
memcpy(complete->riddata,
914
complete->riddatalen);
918
static inline usbctlx_completor_t*
919
init_rrid_completor(usbctlx_rrid_completor_t *completor,
920
const hfa384x_usb_rridresp_t *rridresp,
924
completor->head.complete = usbctlx_rrid_completor_fn;
925
completor->rridresp = rridresp;
926
completor->riddata = riddata;
927
completor->riddatalen = riddatalen;
928
return &(completor->head);
931
/*----------------------------------------------------------------
933
* Interprets the results of a synchronous RID-write
934
----------------------------------------------------------------*/
935
typedef usbctlx_cmd_completor_t usbctlx_wrid_completor_t;
936
#define init_wrid_completor init_cmd_completor
938
/*----------------------------------------------------------------
940
* Interprets the results of a synchronous memory-write
941
----------------------------------------------------------------*/
942
typedef usbctlx_cmd_completor_t usbctlx_wmem_completor_t;
943
#define init_wmem_completor init_cmd_completor
945
/*----------------------------------------------------------------
947
* Interprets the results of a synchronous memory-read
948
----------------------------------------------------------------*/
949
struct usbctlx_rmem_completor
951
usbctlx_completor_t head;
953
const hfa384x_usb_rmemresp_t *rmemresp;
957
typedef struct usbctlx_rmem_completor usbctlx_rmem_completor_t;
959
static int usbctlx_rmem_completor_fn(usbctlx_completor_t *head)
961
usbctlx_rmem_completor_t *complete = (usbctlx_rmem_completor_t*)head;
963
WLAN_LOG_DEBUG(4,"rmemresp:len=%d\n", complete->rmemresp->frmlen);
964
memcpy(complete->data, complete->rmemresp->data, complete->len);
968
static inline usbctlx_completor_t*
969
init_rmem_completor(usbctlx_rmem_completor_t *completor,
970
hfa384x_usb_rmemresp_t *rmemresp,
974
completor->head.complete = usbctlx_rmem_completor_fn;
975
completor->rmemresp = rmemresp;
976
completor->data = data;
977
completor->len = len;
978
return &(completor->head);
981
/*----------------------------------------------------------------
984
* Ctlx_complete handler for async CMD type control exchanges.
985
* mark the hw struct as such.
987
* Note: If the handling is changed here, it should probably be
988
* changed in docmd as well.
992
* ctlx completed CTLX
1001
----------------------------------------------------------------*/
1003
hfa384x_cb_status(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx)
1007
if ( ctlx->usercb != NULL ) {
1008
hfa384x_cmdresult_t cmdresult;
1010
if (ctlx->state != CTLX_COMPLETE) {
1011
memset(&cmdresult, 0, sizeof(cmdresult));
1012
cmdresult.status = HFA384x_STATUS_RESULT_SET(HFA384x_CMD_ERR);
1014
usbctlx_get_status(&ctlx->inbuf.cmdresp, &cmdresult);
1017
ctlx->usercb(hw, &cmdresult, ctlx->usercb_data);
1024
/*----------------------------------------------------------------
1027
* CTLX completion handler for async RRID type control exchanges.
1029
* Note: If the handling is changed here, it should probably be
1030
* changed in dorrid as well.
1034
* ctlx completed CTLX
1043
----------------------------------------------------------------*/
1045
hfa384x_cb_rrid(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx)
1049
if ( ctlx->usercb != NULL ) {
1050
hfa384x_rridresult_t rridresult;
1052
if (ctlx->state != CTLX_COMPLETE) {
1053
memset(&rridresult, 0, sizeof(rridresult));
1054
rridresult.rid = hfa384x2host_16(ctlx->outbuf.rridreq.rid);
1056
usbctlx_get_rridresult(&ctlx->inbuf.rridresp, &rridresult);
1059
ctlx->usercb(hw, &rridresult, ctlx->usercb_data);
1066
hfa384x_docmd_wait(hfa384x_t *hw, hfa384x_metacmd_t *cmd)
1068
return hfa384x_docmd(hw, DOWAIT, cmd, NULL, NULL, NULL);
1072
hfa384x_docmd_async(hfa384x_t *hw,
1073
hfa384x_metacmd_t *cmd,
1075
ctlx_usercb_t usercb,
1078
return hfa384x_docmd(hw, DOASYNC, cmd,
1079
cmdcb, usercb, usercb_data);
1083
hfa384x_dorrid_wait(hfa384x_t *hw, UINT16 rid, void *riddata, UINT riddatalen)
1085
return hfa384x_dorrid(hw, DOWAIT,
1086
rid, riddata, riddatalen,
1091
hfa384x_dorrid_async(hfa384x_t *hw,
1092
UINT16 rid, void *riddata, UINT riddatalen,
1094
ctlx_usercb_t usercb,
1097
return hfa384x_dorrid(hw, DOASYNC,
1098
rid, riddata, riddatalen,
1099
cmdcb, usercb, usercb_data);
1103
hfa384x_dowrid_wait(hfa384x_t *hw, UINT16 rid, void *riddata, UINT riddatalen)
1105
return hfa384x_dowrid(hw, DOWAIT,
1106
rid, riddata, riddatalen,
1111
hfa384x_dowrid_async(hfa384x_t *hw,
1112
UINT16 rid, void *riddata, UINT riddatalen,
1114
ctlx_usercb_t usercb,
1117
return hfa384x_dowrid(hw, DOASYNC,
1118
rid, riddata, riddatalen,
1119
cmdcb, usercb, usercb_data);
1123
hfa384x_dormem_wait(hfa384x_t *hw,
1124
UINT16 page, UINT16 offset, void *data, UINT len)
1126
return hfa384x_dormem(hw, DOWAIT,
1127
page, offset, data, len,
1132
hfa384x_dormem_async(hfa384x_t *hw,
1133
UINT16 page, UINT16 offset, void *data, UINT len,
1135
ctlx_usercb_t usercb,
1138
return hfa384x_dormem(hw, DOASYNC,
1139
page, offset, data, len,
1140
cmdcb, usercb, usercb_data);
1144
hfa384x_dowmem_wait(
1151
return hfa384x_dowmem(hw, DOWAIT,
1152
page, offset, data, len,
1157
hfa384x_dowmem_async(
1164
ctlx_usercb_t usercb,
1167
return hfa384x_dowmem(hw, DOASYNC,
1168
page, offset, data, len,
1169
cmdcb, usercb, usercb_data);
1172
/*----------------------------------------------------------------
1173
* hfa384x_cmd_initialize
1175
* Issues the initialize command and sets the hw->state based
1179
* hw device structure
1183
* >0 f/w reported error - f/w status code
1184
* <0 driver reported error
1190
----------------------------------------------------------------*/
1192
hfa384x_cmd_initialize(hfa384x_t *hw)
1196
hfa384x_metacmd_t cmd;
1201
cmd.cmd = HFA384x_CMDCODE_INIT;
1206
result = hfa384x_docmd_wait(hw, &cmd);
1209
WLAN_LOG_DEBUG(3,"cmdresp.init: "
1210
"status=0x%04x, resp0=0x%04x, "
1211
"resp1=0x%04x, resp2=0x%04x\n",
1216
if ( result == 0 ) {
1217
for ( i = 0; i < HFA384x_NUMPORTS_MAX; i++) {
1218
hw->port_enabled[i] = 0;
1222
hw->link_status = HFA384x_LINK_NOTCONNECTED;
1229
/*----------------------------------------------------------------
1230
* hfa384x_cmd_disable
1232
* Issues the disable command to stop communications on one of
1236
* hw device structure
1237
* macport MAC port number (host order)
1241
* >0 f/w reported failure - f/w status code
1242
* <0 driver reported error (timeout|bad arg)
1248
----------------------------------------------------------------*/
1249
int hfa384x_cmd_disable(hfa384x_t *hw, UINT16 macport)
1252
hfa384x_metacmd_t cmd;
1256
cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_DISABLE) |
1257
HFA384x_CMD_MACPORT_SET(macport);
1262
result = hfa384x_docmd_wait(hw, &cmd);
1269
/*----------------------------------------------------------------
1270
* hfa384x_cmd_enable
1272
* Issues the enable command to enable communications on one of
1276
* hw device structure
1277
* macport MAC port number
1281
* >0 f/w reported failure - f/w status code
1282
* <0 driver reported error (timeout|bad arg)
1288
----------------------------------------------------------------*/
1289
int hfa384x_cmd_enable(hfa384x_t *hw, UINT16 macport)
1292
hfa384x_metacmd_t cmd;
1296
cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_ENABLE) |
1297
HFA384x_CMD_MACPORT_SET(macport);
1302
result = hfa384x_docmd_wait(hw, &cmd);
1309
/*----------------------------------------------------------------
1310
* hfa384x_cmd_notify
1312
* Sends an info frame to the firmware to alter the behavior
1313
* of the f/w asynch processes. Can only be called when the MAC
1314
* is in the enabled state.
1317
* hw device structure
1318
* reclaim [0|1] indicates whether the given FID will
1319
* be handed back (via Alloc event) for reuse.
1321
* fid FID of buffer containing the frame that was
1322
* previously copied to MAC memory via the bap.
1327
* >0 f/w reported failure - f/w status code
1328
* <0 driver reported error (timeout|bad arg)
1331
* hw->resp0 will contain the FID being used by async notify
1332
* process. If reclaim==0, resp0 will be the same as the fid
1333
* argument. If reclaim==1, resp0 will be the different.
1337
----------------------------------------------------------------*/
1338
int hfa384x_cmd_notify(hfa384x_t *hw, UINT16 reclaim, UINT16 fid,
1339
void *buf, UINT16 len)
1345
cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_NOTIFY) |
1346
HFA384x_CMD_RECL_SET(reclaim);
1347
result = hfa384x_docmd_wait(hw, cmd);
1357
/*----------------------------------------------------------------
1358
* hfa384x_cmd_inquiry
1360
* Requests an info frame from the firmware. The info frame will
1361
* be delivered asynchronously via the Info event.
1364
* hw device structure
1365
* fid FID of the info frame requested. (host order)
1369
* >0 f/w reported failure - f/w status code
1370
* <0 driver reported error (timeout|bad arg)
1376
----------------------------------------------------------------*/
1377
int hfa384x_cmd_inquiry(hfa384x_t *hw, UINT16 fid)
1380
hfa384x_metacmd_t cmd;
1384
cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_INQ);
1389
result = hfa384x_docmd_wait(hw, &cmd);
1397
/*----------------------------------------------------------------
1398
* hfa384x_cmd_monitor
1400
* Enables the 'monitor mode' of the MAC. Here's the description of
1401
* monitor mode that I've received thus far:
1403
* "The "monitor mode" of operation is that the MAC passes all
1404
* frames for which the PLCP checks are correct. All received
1405
* MPDUs are passed to the host with MAC Port = 7, with a
1406
* receive status of good, FCS error, or undecryptable. Passing
1407
* certain MPDUs is a violation of the 802.11 standard, but useful
1408
* for a debugging tool." Normal communication is not possible
1409
* while monitor mode is enabled.
1412
* hw device structure
1413
* enable a code (0x0b|0x0f) that enables/disables
1414
* monitor mode. (host order)
1418
* >0 f/w reported failure - f/w status code
1419
* <0 driver reported error (timeout|bad arg)
1425
----------------------------------------------------------------*/
1426
int hfa384x_cmd_monitor(hfa384x_t *hw, UINT16 enable)
1429
hfa384x_metacmd_t cmd;
1433
cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_MONITOR) |
1434
HFA384x_CMD_AINFO_SET(enable);
1439
result = hfa384x_docmd_wait(hw, &cmd);
1446
/*----------------------------------------------------------------
1447
* hfa384x_cmd_download
1449
* Sets the controls for the MAC controller code/data download
1450
* process. The arguments set the mode and address associated
1451
* with a download. Note that the aux registers should be enabled
1452
* prior to setting one of the download enable modes.
1455
* hw device structure
1456
* mode 0 - Disable programming and begin code exec
1457
* 1 - Enable volatile mem programming
1458
* 2 - Enable non-volatile mem programming
1459
* 3 - Program non-volatile section from NV download
1463
* highaddr For mode 1, sets the high & low order bits of
1464
* the "destination address". This address will be
1465
* the execution start address when download is
1466
* subsequently disabled.
1467
* For mode 2, sets the high & low order bits of
1468
* the destination in NV ram.
1469
* For modes 0 & 3, should be zero. (host order)
1470
* NOTE: these are CMD format.
1471
* codelen Length of the data to write in mode 2,
1472
* zero otherwise. (host order)
1476
* >0 f/w reported failure - f/w status code
1477
* <0 driver reported error (timeout|bad arg)
1483
----------------------------------------------------------------*/
1484
int hfa384x_cmd_download(hfa384x_t *hw, UINT16 mode, UINT16 lowaddr,
1485
UINT16 highaddr, UINT16 codelen)
1488
hfa384x_metacmd_t cmd;
1492
"mode=%d, lowaddr=0x%04x, highaddr=0x%04x, codelen=%d\n",
1493
mode, lowaddr, highaddr, codelen);
1495
cmd.cmd = (HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_DOWNLD) |
1496
HFA384x_CMD_PROGMODE_SET(mode));
1498
cmd.parm0 = lowaddr;
1499
cmd.parm1 = highaddr;
1500
cmd.parm2 = codelen;
1502
result = hfa384x_docmd_wait(hw, &cmd);
1509
/*----------------------------------------------------------------
1510
* hfa384x_copy_from_aux
1512
* Copies a collection of bytes from the controller memory. The
1513
* Auxiliary port MUST be enabled prior to calling this function.
1514
* We _might_ be in a download state.
1517
* hw device structure
1518
* cardaddr address in hfa384x data space to read
1519
* auxctl address space select
1520
* buf ptr to destination host buffer
1521
* len length of data to transfer (in bytes)
1527
* buf contains the data copied
1532
----------------------------------------------------------------*/
1534
hfa384x_copy_from_aux(
1535
hfa384x_t *hw, UINT32 cardaddr, UINT32 auxctl, void *buf, UINT len)
1538
WLAN_LOG_ERROR("not used in USB.\n");
1543
/*----------------------------------------------------------------
1544
* hfa384x_copy_to_aux
1546
* Copies a collection of bytes to the controller memory. The
1547
* Auxiliary port MUST be enabled prior to calling this function.
1548
* We _might_ be in a download state.
1551
* hw device structure
1552
* cardaddr address in hfa384x data space to read
1553
* auxctl address space select
1554
* buf ptr to destination host buffer
1555
* len length of data to transfer (in bytes)
1561
* Controller memory now contains a copy of buf
1566
----------------------------------------------------------------*/
1568
hfa384x_copy_to_aux(
1569
hfa384x_t *hw, UINT32 cardaddr, UINT32 auxctl, void *buf, UINT len)
1572
WLAN_LOG_ERROR("not used in USB.\n");
1577
/*----------------------------------------------------------------
1580
* Perform a reset of the hfa38xx MAC core. We assume that the hw
1581
* structure is in its "created" state. That is, it is initialized
1582
* with proper values. Note that if a reset is done after the
1583
* device has been active for awhile, the caller might have to clean
1584
* up some leftover cruft in the hw structure.
1587
* hw device structure
1588
* holdtime how long (in ms) to hold the reset
1589
* settletime how long (in ms) to wait after releasing
1599
----------------------------------------------------------------*/
1600
int hfa384x_corereset(hfa384x_t *hw, int holdtime, int settletime, int genesis)
1603
#if (LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0))
1604
struct usb_device *parent = hw->usb->parent;
1612
#define P2_USB_RT_PORT (USB_TYPE_CLASS | USB_RECIP_OTHER)
1613
#define P2_USB_FEAT_RESET 4
1614
#define P2_USB_FEAT_C_RESET 20
1619
#if (LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0))
1620
/* Find the hub port */
1621
for ( i = 0; i < parent->maxchild; i++) {
1622
if (parent->children[i] == hw->usb) {
1627
if (port < 0) return -ENOENT;
1629
/* Set and clear the reset */
1630
usb_control_msg(parent, usb_sndctrlpipe(parent, 0),
1631
USB_REQ_SET_FEATURE, P2_USB_RT_PORT, P2_USB_FEAT_RESET,
1632
port+1, NULL, 0, 1*HZ);
1634
usb_control_msg(parent, usb_sndctrlpipe(parent, 0),
1635
USB_REQ_CLEAR_FEATURE, P2_USB_RT_PORT, P2_USB_FEAT_C_RESET,
1636
port+1, NULL, 0, 1*HZ);
1637
wait_ms(settletime);
1639
/* Set the device address */
1640
result=usb_set_address(hw->usb);
1642
WLAN_LOG_ERROR("reset_usbdev: Dev not accepting address, "
1643
"result=%d\n", result);
1644
clear_bit(hw->usb->devnum, &hw->usb->bus->devmap.devicemap);
1645
hw->usb->devnum = -1;
1648
/* Let the address settle */
1651
/* Assume we're reusing the original descriptor data */
1653
/* Set the configuration. */
1654
WLAN_LOG_DEBUG(3, "Setting Configuration %d\n",
1655
hw->usb->config[0].bConfigurationValue);
1656
result=usb_set_configuration(hw->usb, hw->usb->config[0].bConfigurationValue);
1658
WLAN_LOG_ERROR("usb_set_configuration() failed, result=%d.\n",
1662
/* Let the configuration settle */
1667
result=usb_reset_device(hw->usb);
1669
WLAN_LOG_ERROR("usb_reset_device() failed, result=%d.\n",result);
1674
result=usb_reset_device(hw->usb);
1676
WLAN_LOG_ERROR("usb_reset_device() failed, result=%d.\n",result);
1684
/*----------------------------------------------------------------
1685
* hfa384x_usbctlx_complete_sync
1687
* Waits for a synchronous CTLX object to complete,
1688
* and then handles the response.
1691
* hw device structure
1693
* completor functor object to decide what to
1694
* do with the CTLX's result.
1698
* -ERESTARTSYS Interrupted by a signal
1700
* -ENODEV Adapter was unplugged
1701
* ??? Result from completor
1707
----------------------------------------------------------------*/
1708
static int hfa384x_usbctlx_complete_sync(hfa384x_t *hw,
1709
hfa384x_usbctlx_t *ctlx,
1710
usbctlx_completor_t *completor)
1712
unsigned long flags;
1717
result = wait_for_completion_interruptible(&ctlx->done);
1719
spin_lock_irqsave(&hw->ctlxq.lock, flags);
1722
* We can only handle the CTLX if the USB disconnect
1723
* function has not run yet ...
1726
if ( hw->wlandev->hwremoved )
1728
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1731
else if ( result != 0 )
1736
* We were probably interrupted, so delete
1737
* this CTLX asynchronously, kill the timers
1738
* and the URB, and then start the next
1741
* NOTE: We can only delete the timers and
1742
* the URB if this CTLX is active.
1744
if (ctlx == get_active_ctlx(hw))
1746
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1748
del_singleshot_timer_sync(&hw->reqtimer);
1749
del_singleshot_timer_sync(&hw->resptimer);
1750
hw->req_timer_done = 1;
1751
hw->resp_timer_done = 1;
1752
usb_kill_urb(&hw->ctlx_urb);
1754
spin_lock_irqsave(&hw->ctlxq.lock, flags);
1759
* This scenario is so unlikely that I'm
1760
* happy with a grubby "goto" solution ...
1762
if ( hw->wlandev->hwremoved )
1767
* The completion task will send this CTLX
1768
* to the reaper the next time it runs. We
1769
* are no longer in a hurry.
1772
ctlx->state = CTLX_REQ_FAILED;
1773
list_move_tail(&ctlx->list, &hw->ctlxq.completing);
1775
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1778
hfa384x_usbctlxq_run(hw);
1780
if (ctlx->state == CTLX_COMPLETE) {
1781
result = completor->complete(completor);
1783
WLAN_LOG_WARNING("CTLX[%d] error: state(%s)\n",
1784
hfa384x2host_16(ctlx->outbuf.type),
1785
ctlxstr(ctlx->state));
1789
list_del(&ctlx->list);
1790
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1798
/*----------------------------------------------------------------
1801
* Constructs a command CTLX and submits it.
1803
* NOTE: Any changes to the 'post-submit' code in this function
1804
* need to be carried over to hfa384x_cbcmd() since the handling
1805
* is virtually identical.
1808
* hw device structure
1809
* mode DOWAIT or DOASYNC
1810
* cmd cmd structure. Includes all arguments and result
1811
* data points. All in host order. in host order
1812
* cmdcb command-specific callback
1813
* usercb user callback for async calls, NULL for DOWAIT calls
1814
* usercb_data user supplied data pointer for async calls, NULL
1820
* -ERESTARTSYS Awakened on signal
1821
* >0 command indicated error, Status and Resp0-2 are
1829
----------------------------------------------------------------*/
1834
hfa384x_metacmd_t *cmd,
1836
ctlx_usercb_t usercb,
1840
hfa384x_usbctlx_t *ctlx;
1843
ctlx = usbctlx_alloc();
1844
if ( ctlx == NULL ) {
1849
/* Initialize the command */
1850
ctlx->outbuf.cmdreq.type = host2hfa384x_16(HFA384x_USB_CMDREQ);
1851
ctlx->outbuf.cmdreq.cmd = host2hfa384x_16(cmd->cmd);
1852
ctlx->outbuf.cmdreq.parm0 = host2hfa384x_16(cmd->parm0);
1853
ctlx->outbuf.cmdreq.parm1 = host2hfa384x_16(cmd->parm1);
1854
ctlx->outbuf.cmdreq.parm2 = host2hfa384x_16(cmd->parm2);
1856
ctlx->outbufsize = sizeof(ctlx->outbuf.cmdreq);
1858
WLAN_LOG_DEBUG(4, "cmdreq: cmd=0x%04x "
1859
"parm0=0x%04x parm1=0x%04x parm2=0x%04x\n",
1865
ctlx->reapable = mode;
1866
ctlx->cmdcb = cmdcb;
1867
ctlx->usercb = usercb;
1868
ctlx->usercb_data = usercb_data;
1870
result = hfa384x_usbctlx_submit(hw, ctlx);
1873
} else if (mode == DOWAIT) {
1874
usbctlx_cmd_completor_t completor;
1876
result = hfa384x_usbctlx_complete_sync(
1877
hw, ctlx, init_cmd_completor(&completor,
1878
&ctlx->inbuf.cmdresp,
1888
/*----------------------------------------------------------------
1891
* Constructs a read rid CTLX and issues it.
1893
* NOTE: Any changes to the 'post-submit' code in this function
1894
* need to be carried over to hfa384x_cbrrid() since the handling
1895
* is virtually identical.
1898
* hw device structure
1899
* mode DOWAIT or DOASYNC
1900
* rid Read RID number (host order)
1901
* riddata Caller supplied buffer that MAC formatted RID.data
1902
* record will be written to for DOWAIT calls. Should
1903
* be NULL for DOASYNC calls.
1904
* riddatalen Buffer length for DOWAIT calls. Zero for DOASYNC calls.
1905
* cmdcb command callback for async calls, NULL for DOWAIT calls
1906
* usercb user callback for async calls, NULL for DOWAIT calls
1907
* usercb_data user supplied data pointer for async calls, NULL
1913
* -ERESTARTSYS Awakened on signal
1914
* -ENODATA riddatalen != macdatalen
1915
* >0 command indicated error, Status and Resp0-2 are
1921
* interrupt (DOASYNC)
1922
* process (DOWAIT or DOASYNC)
1923
----------------------------------------------------------------*/
1932
ctlx_usercb_t usercb,
1936
hfa384x_usbctlx_t *ctlx;
1939
ctlx = usbctlx_alloc();
1940
if ( ctlx == NULL ) {
1945
/* Initialize the command */
1946
ctlx->outbuf.rridreq.type = host2hfa384x_16(HFA384x_USB_RRIDREQ);
1947
ctlx->outbuf.rridreq.frmlen =
1948
host2hfa384x_16(sizeof(ctlx->outbuf.rridreq.rid));
1949
ctlx->outbuf.rridreq.rid = host2hfa384x_16(rid);
1951
ctlx->outbufsize = sizeof(ctlx->outbuf.rridreq);
1953
ctlx->reapable = mode;
1954
ctlx->cmdcb = cmdcb;
1955
ctlx->usercb = usercb;
1956
ctlx->usercb_data = usercb_data;
1958
/* Submit the CTLX */
1959
result = hfa384x_usbctlx_submit(hw, ctlx);
1962
} else if (mode == DOWAIT) {
1963
usbctlx_rrid_completor_t completor;
1965
result = hfa384x_usbctlx_complete_sync(
1966
hw, ctlx, init_rrid_completor(&completor,
1967
&ctlx->inbuf.rridresp,
1978
/*----------------------------------------------------------------
1981
* Constructs a write rid CTLX and issues it.
1983
* NOTE: Any changes to the 'post-submit' code in this function
1984
* need to be carried over to hfa384x_cbwrid() since the handling
1985
* is virtually identical.
1988
* hw device structure
1989
* CMD_MODE DOWAIT or DOASYNC
1991
* riddata Data portion of RID formatted for MAC
1992
* riddatalen Length of the data portion in bytes
1993
* cmdcb command callback for async calls, NULL for DOWAIT calls
1994
* usercb user callback for async calls, NULL for DOWAIT calls
1995
* usercb_data user supplied data pointer for async calls
1999
* -ETIMEDOUT timed out waiting for register ready or
2000
* command completion
2001
* >0 command indicated error, Status and Resp0-2 are
2007
* interrupt (DOASYNC)
2008
* process (DOWAIT or DOASYNC)
2009
----------------------------------------------------------------*/
2018
ctlx_usercb_t usercb,
2022
hfa384x_usbctlx_t *ctlx;
2025
ctlx = usbctlx_alloc();
2026
if ( ctlx == NULL ) {
2031
/* Initialize the command */
2032
ctlx->outbuf.wridreq.type = host2hfa384x_16(HFA384x_USB_WRIDREQ);
2033
ctlx->outbuf.wridreq.frmlen = host2hfa384x_16(
2034
(sizeof(ctlx->outbuf.wridreq.rid) +
2035
riddatalen + 1) / 2);
2036
ctlx->outbuf.wridreq.rid = host2hfa384x_16(rid);
2037
memcpy(ctlx->outbuf.wridreq.data, riddata, riddatalen);
2039
ctlx->outbufsize = sizeof(ctlx->outbuf.wridreq.type) +
2040
sizeof(ctlx->outbuf.wridreq.frmlen) +
2041
sizeof(ctlx->outbuf.wridreq.rid) +
2044
ctlx->reapable = mode;
2045
ctlx->cmdcb = cmdcb;
2046
ctlx->usercb = usercb;
2047
ctlx->usercb_data = usercb_data;
2049
/* Submit the CTLX */
2050
result = hfa384x_usbctlx_submit(hw, ctlx);
2053
} else if (mode == DOWAIT) {
2054
usbctlx_wrid_completor_t completor;
2055
hfa384x_cmdresult_t wridresult;
2057
result = hfa384x_usbctlx_complete_sync(
2060
init_wrid_completor(&completor,
2061
&ctlx->inbuf.wridresp,
2070
/*----------------------------------------------------------------
2073
* Constructs a readmem CTLX and issues it.
2075
* NOTE: Any changes to the 'post-submit' code in this function
2076
* need to be carried over to hfa384x_cbrmem() since the handling
2077
* is virtually identical.
2080
* hw device structure
2081
* mode DOWAIT or DOASYNC
2082
* page MAC address space page (CMD format)
2083
* offset MAC address space offset
2084
* data Ptr to data buffer to receive read
2085
* len Length of the data to read (max == 2048)
2086
* cmdcb command callback for async calls, NULL for DOWAIT calls
2087
* usercb user callback for async calls, NULL for DOWAIT calls
2088
* usercb_data user supplied data pointer for async calls
2092
* -ETIMEDOUT timed out waiting for register ready or
2093
* command completion
2094
* >0 command indicated error, Status and Resp0-2 are
2100
* interrupt (DOASYNC)
2101
* process (DOWAIT or DOASYNC)
2102
----------------------------------------------------------------*/
2112
ctlx_usercb_t usercb,
2116
hfa384x_usbctlx_t *ctlx;
2119
ctlx = usbctlx_alloc();
2120
if ( ctlx == NULL ) {
2125
/* Initialize the command */
2126
ctlx->outbuf.rmemreq.type = host2hfa384x_16(HFA384x_USB_RMEMREQ);
2127
ctlx->outbuf.rmemreq.frmlen = host2hfa384x_16(
2128
sizeof(ctlx->outbuf.rmemreq.offset) +
2129
sizeof(ctlx->outbuf.rmemreq.page) +
2131
ctlx->outbuf.rmemreq.offset = host2hfa384x_16(offset);
2132
ctlx->outbuf.rmemreq.page = host2hfa384x_16(page);
2134
ctlx->outbufsize = sizeof(ctlx->outbuf.rmemreq);
2137
"type=0x%04x frmlen=%d offset=0x%04x page=0x%04x\n",
2138
ctlx->outbuf.rmemreq.type,
2139
ctlx->outbuf.rmemreq.frmlen,
2140
ctlx->outbuf.rmemreq.offset,
2141
ctlx->outbuf.rmemreq.page);
2143
WLAN_LOG_DEBUG(4,"pktsize=%zd\n",
2144
ROUNDUP64(sizeof(ctlx->outbuf.rmemreq)));
2146
ctlx->reapable = mode;
2147
ctlx->cmdcb = cmdcb;
2148
ctlx->usercb = usercb;
2149
ctlx->usercb_data = usercb_data;
2151
result = hfa384x_usbctlx_submit(hw, ctlx);
2154
} else if ( mode == DOWAIT ) {
2155
usbctlx_rmem_completor_t completor;
2157
result = hfa384x_usbctlx_complete_sync(
2158
hw, ctlx, init_rmem_completor(&completor,
2159
&ctlx->inbuf.rmemresp,
2171
/*----------------------------------------------------------------
2174
* Constructs a writemem CTLX and issues it.
2176
* NOTE: Any changes to the 'post-submit' code in this function
2177
* need to be carried over to hfa384x_cbwmem() since the handling
2178
* is virtually identical.
2181
* hw device structure
2182
* mode DOWAIT or DOASYNC
2183
* page MAC address space page (CMD format)
2184
* offset MAC address space offset
2185
* data Ptr to data buffer containing write data
2186
* len Length of the data to read (max == 2048)
2187
* cmdcb command callback for async calls, NULL for DOWAIT calls
2188
* usercb user callback for async calls, NULL for DOWAIT calls
2189
* usercb_data user supplied data pointer for async calls.
2193
* -ETIMEDOUT timed out waiting for register ready or
2194
* command completion
2195
* >0 command indicated error, Status and Resp0-2 are
2201
* interrupt (DOWAIT)
2202
* process (DOWAIT or DOASYNC)
2203
----------------------------------------------------------------*/
2213
ctlx_usercb_t usercb,
2217
hfa384x_usbctlx_t *ctlx;
2220
WLAN_LOG_DEBUG(5, "page=0x%04x offset=0x%04x len=%d\n",
2223
ctlx = usbctlx_alloc();
2224
if ( ctlx == NULL ) {
2229
/* Initialize the command */
2230
ctlx->outbuf.wmemreq.type = host2hfa384x_16(HFA384x_USB_WMEMREQ);
2231
ctlx->outbuf.wmemreq.frmlen = host2hfa384x_16(
2232
sizeof(ctlx->outbuf.wmemreq.offset) +
2233
sizeof(ctlx->outbuf.wmemreq.page) +
2235
ctlx->outbuf.wmemreq.offset = host2hfa384x_16(offset);
2236
ctlx->outbuf.wmemreq.page = host2hfa384x_16(page);
2237
memcpy(ctlx->outbuf.wmemreq.data, data, len);
2239
ctlx->outbufsize = sizeof(ctlx->outbuf.wmemreq.type) +
2240
sizeof(ctlx->outbuf.wmemreq.frmlen) +
2241
sizeof(ctlx->outbuf.wmemreq.offset) +
2242
sizeof(ctlx->outbuf.wmemreq.page) +
2245
ctlx->reapable = mode;
2246
ctlx->cmdcb = cmdcb;
2247
ctlx->usercb = usercb;
2248
ctlx->usercb_data = usercb_data;
2250
result = hfa384x_usbctlx_submit(hw, ctlx);
2253
} else if ( mode == DOWAIT ) {
2254
usbctlx_wmem_completor_t completor;
2255
hfa384x_cmdresult_t wmemresult;
2257
result = hfa384x_usbctlx_complete_sync(
2260
init_wmem_completor(&completor,
2261
&ctlx->inbuf.wmemresp,
2271
/*----------------------------------------------------------------
2272
* hfa384x_drvr_commtallies
2274
* Send a commtallies inquiry to the MAC. Note that this is an async
2275
* call that will result in an info frame arriving sometime later.
2278
* hw device structure
2287
----------------------------------------------------------------*/
2288
int hfa384x_drvr_commtallies( hfa384x_t *hw )
2290
hfa384x_metacmd_t cmd;
2294
cmd.cmd = HFA384x_CMDCODE_INQ;
2295
cmd.parm0 = HFA384x_IT_COMMTALLIES;
2299
hfa384x_docmd_async(hw, &cmd, NULL, NULL, NULL);
2306
/*----------------------------------------------------------------
2307
* hfa384x_drvr_disable
2309
* Issues the disable command to stop communications on one of
2310
* the MACs 'ports'. Only macport 0 is valid for stations.
2311
* APs may also disable macports 1-6. Only ports that have been
2312
* previously enabled may be disabled.
2315
* hw device structure
2316
* macport MAC port number (host order)
2320
* >0 f/w reported failure - f/w status code
2321
* <0 driver reported error (timeout|bad arg)
2327
----------------------------------------------------------------*/
2328
int hfa384x_drvr_disable(hfa384x_t *hw, UINT16 macport)
2333
if ((!hw->isap && macport != 0) ||
2334
(hw->isap && !(macport <= HFA384x_PORTID_MAX)) ||
2335
!(hw->port_enabled[macport]) ){
2338
result = hfa384x_cmd_disable(hw, macport);
2339
if ( result == 0 ) {
2340
hw->port_enabled[macport] = 0;
2348
/*----------------------------------------------------------------
2349
* hfa384x_drvr_enable
2351
* Issues the enable command to enable communications on one of
2352
* the MACs 'ports'. Only macport 0 is valid for stations.
2353
* APs may also enable macports 1-6. Only ports that are currently
2354
* disabled may be enabled.
2357
* hw device structure
2358
* macport MAC port number
2362
* >0 f/w reported failure - f/w status code
2363
* <0 driver reported error (timeout|bad arg)
2369
----------------------------------------------------------------*/
2370
int hfa384x_drvr_enable(hfa384x_t *hw, UINT16 macport)
2375
if ((!hw->isap && macport != 0) ||
2376
(hw->isap && !(macport <= HFA384x_PORTID_MAX)) ||
2377
(hw->port_enabled[macport]) ){
2380
result = hfa384x_cmd_enable(hw, macport);
2381
if ( result == 0 ) {
2382
hw->port_enabled[macport] = 1;
2390
/*----------------------------------------------------------------
2391
* hfa384x_drvr_flashdl_enable
2393
* Begins the flash download state. Checks to see that we're not
2394
* already in a download state and that a port isn't enabled.
2395
* Sets the download state and retrieves the flash download
2396
* buffer location, buffer size, and timeout length.
2399
* hw device structure
2403
* >0 f/w reported error - f/w status code
2404
* <0 driver reported error
2410
----------------------------------------------------------------*/
2411
int hfa384x_drvr_flashdl_enable(hfa384x_t *hw)
2417
/* Check that a port isn't active */
2418
for ( i = 0; i < HFA384x_PORTID_MAX; i++) {
2419
if ( hw->port_enabled[i] ) {
2420
WLAN_LOG_DEBUG(1,"called when port enabled.\n");
2425
/* Check that we're not already in a download state */
2426
if ( hw->dlstate != HFA384x_DLSTATE_DISABLED ) {
2430
/* Retrieve the buffer loc&size and timeout */
2431
if ( (result = hfa384x_drvr_getconfig(hw, HFA384x_RID_DOWNLOADBUFFER,
2432
&(hw->bufinfo), sizeof(hw->bufinfo))) ) {
2435
hw->bufinfo.page = hfa384x2host_16(hw->bufinfo.page);
2436
hw->bufinfo.offset = hfa384x2host_16(hw->bufinfo.offset);
2437
hw->bufinfo.len = hfa384x2host_16(hw->bufinfo.len);
2438
if ( (result = hfa384x_drvr_getconfig16(hw, HFA384x_RID_MAXLOADTIME,
2439
&(hw->dltimeout))) ) {
2442
hw->dltimeout = hfa384x2host_16(hw->dltimeout);
2444
WLAN_LOG_DEBUG(1,"flashdl_enable\n");
2446
hw->dlstate = HFA384x_DLSTATE_FLASHENABLED;
2452
/*----------------------------------------------------------------
2453
* hfa384x_drvr_flashdl_disable
2455
* Ends the flash download state. Note that this will cause the MAC
2456
* firmware to restart.
2459
* hw device structure
2463
* >0 f/w reported error - f/w status code
2464
* <0 driver reported error
2470
----------------------------------------------------------------*/
2471
int hfa384x_drvr_flashdl_disable(hfa384x_t *hw)
2474
/* Check that we're already in the download state */
2475
if ( hw->dlstate != HFA384x_DLSTATE_FLASHENABLED ) {
2479
WLAN_LOG_DEBUG(1,"flashdl_enable\n");
2481
/* There isn't much we can do at this point, so I don't */
2482
/* bother w/ the return value */
2483
hfa384x_cmd_download(hw, HFA384x_PROGMODE_DISABLE, 0, 0 , 0);
2484
hw->dlstate = HFA384x_DLSTATE_DISABLED;
2491
/*----------------------------------------------------------------
2492
* hfa384x_drvr_flashdl_write
2494
* Performs a FLASH download of a chunk of data. First checks to see
2495
* that we're in the FLASH download state, then sets the download
2496
* mode, uses the aux functions to 1) copy the data to the flash
2497
* buffer, 2) sets the download 'write flash' mode, 3) readback and
2498
* compare. Lather rinse, repeat as many times an necessary to get
2499
* all the given data into flash.
2500
* When all data has been written using this function (possibly
2501
* repeatedly), call drvr_flashdl_disable() to end the download state
2502
* and restart the MAC.
2505
* hw device structure
2506
* daddr Card address to write to. (host order)
2507
* buf Ptr to data to write.
2508
* len Length of data (host order).
2512
* >0 f/w reported error - f/w status code
2513
* <0 driver reported error
2519
----------------------------------------------------------------*/
2521
hfa384x_drvr_flashdl_write(
2543
WLAN_LOG_DEBUG(5,"daddr=0x%08x len=%d\n", daddr, len);
2545
/* Check that we're in the flash download state */
2546
if ( hw->dlstate != HFA384x_DLSTATE_FLASHENABLED ) {
2550
WLAN_LOG_INFO("Download %d bytes to flash @0x%06x\n", len, daddr);
2552
/* Convert to flat address for arithmetic */
2553
/* NOTE: dlbuffer RID stores the address in AUX format */
2554
dlbufaddr = HFA384x_ADDR_AUX_MKFLAT(
2555
hw->bufinfo.page, hw->bufinfo.offset);
2557
"dlbuf.page=0x%04x dlbuf.offset=0x%04x dlbufaddr=0x%08x\n",
2558
hw->bufinfo.page, hw->bufinfo.offset, dlbufaddr);
2561
WLAN_LOG_WARNING("dlbuf@0x%06lx len=%d to=%d\n", dlbufaddr, hw->bufinfo.len, hw->dltimeout);
2563
/* Calculations to determine how many fills of the dlbuffer to do
2564
* and how many USB wmemreq's to do for each fill. At this point
2565
* in time, the dlbuffer size and the wmemreq size are the same.
2566
* Therefore, nwrites should always be 1. The extra complexity
2567
* here is a hedge against future changes.
2570
/* Figure out how many times to do the flash programming */
2571
nburns = len / hw->bufinfo.len;
2572
nburns += (len % hw->bufinfo.len) ? 1 : 0;
2574
/* For each flash program cycle, how many USB wmemreq's are needed? */
2575
nwrites = hw->bufinfo.len / HFA384x_USB_RWMEM_MAXLEN;
2576
nwrites += (hw->bufinfo.len % HFA384x_USB_RWMEM_MAXLEN) ? 1 : 0;
2579
for ( i = 0; i < nburns; i++) {
2580
/* Get the dest address and len */
2581
burnlen = (len - (hw->bufinfo.len * i)) > hw->bufinfo.len ?
2583
(len - (hw->bufinfo.len * i));
2584
burndaddr = daddr + (hw->bufinfo.len * i);
2585
burnlo = HFA384x_ADDR_CMD_MKOFF(burndaddr);
2586
burnhi = HFA384x_ADDR_CMD_MKPAGE(burndaddr);
2588
WLAN_LOG_INFO("Writing %d bytes to flash @0x%06x\n",
2589
burnlen, burndaddr);
2591
/* Set the download mode */
2592
result = hfa384x_cmd_download(hw, HFA384x_PROGMODE_NV,
2593
burnlo, burnhi, burnlen);
2595
WLAN_LOG_ERROR("download(NV,lo=%x,hi=%x,len=%x) "
2596
"cmd failed, result=%d. Aborting d/l\n",
2597
burnlo, burnhi, burnlen, result);
2601
/* copy the data to the flash download buffer */
2602
for ( j=0; j < nwrites; j++) {
2604
(i*hw->bufinfo.len) +
2605
(j*HFA384x_USB_RWMEM_MAXLEN);
2607
writepage = HFA384x_ADDR_CMD_MKPAGE(
2609
(j*HFA384x_USB_RWMEM_MAXLEN));
2610
writeoffset = HFA384x_ADDR_CMD_MKOFF(
2612
(j*HFA384x_USB_RWMEM_MAXLEN));
2614
writelen = burnlen-(j*HFA384x_USB_RWMEM_MAXLEN);
2615
writelen = writelen > HFA384x_USB_RWMEM_MAXLEN ?
2616
HFA384x_USB_RWMEM_MAXLEN :
2619
result = hfa384x_dowmem_wait( hw,
2626
Comment out for debugging, assume the write was successful.
2629
"Write to dl buffer failed, "
2630
"result=0x%04x. Aborting.\n",
2638
/* set the download 'write flash' mode */
2639
result = hfa384x_cmd_download(hw,
2640
HFA384x_PROGMODE_NVWRITE,
2644
"download(NVWRITE,lo=%x,hi=%x,len=%x) "
2645
"cmd failed, result=%d. Aborting d/l\n",
2646
burnlo, burnhi, burnlen, result);
2650
/* TODO: We really should do a readback and compare. */
2655
/* Leave the firmware in the 'post-prog' mode. flashdl_disable will */
2656
/* actually disable programming mode. Remember, that will cause the */
2657
/* the firmware to effectively reset itself. */
2664
/*----------------------------------------------------------------
2665
* hfa384x_drvr_getconfig
2667
* Performs the sequence necessary to read a config/info item.
2670
* hw device structure
2671
* rid config/info record id (host order)
2672
* buf host side record buffer. Upon return it will
2673
* contain the body portion of the record (minus the
2675
* len buffer length (in bytes, should match record length)
2679
* >0 f/w reported error - f/w status code
2680
* <0 driver reported error
2681
* -ENODATA length mismatch between argument and retrieved
2688
----------------------------------------------------------------*/
2689
int hfa384x_drvr_getconfig(hfa384x_t *hw, UINT16 rid, void *buf, UINT16 len)
2694
result = hfa384x_dorrid_wait(hw, rid, buf, len);
2700
/*----------------------------------------------------------------
2701
* hfa384x_drvr_getconfig_async
2703
* Performs the sequence necessary to perform an async read of
2704
* of a config/info item.
2707
* hw device structure
2708
* rid config/info record id (host order)
2709
* buf host side record buffer. Upon return it will
2710
* contain the body portion of the record (minus the
2712
* len buffer length (in bytes, should match record length)
2713
* cbfn caller supplied callback, called when the command
2714
* is done (successful or not).
2715
* cbfndata pointer to some caller supplied data that will be
2716
* passed in as an argument to the cbfn.
2719
* nothing the cbfn gets a status argument identifying if
2722
* Queues an hfa384x_usbcmd_t for subsequent execution.
2726
----------------------------------------------------------------*/
2728
hfa384x_drvr_getconfig_async(
2731
ctlx_usercb_t usercb,
2734
return hfa384x_dorrid_async(hw, rid, NULL, 0,
2735
hfa384x_cb_rrid, usercb, usercb_data);
2738
/*----------------------------------------------------------------
2739
* hfa384x_drvr_setconfig_async
2741
* Performs the sequence necessary to write a config/info item.
2744
* hw device structure
2745
* rid config/info record id (in host order)
2746
* buf host side record buffer
2747
* len buffer length (in bytes)
2748
* usercb completion callback
2749
* usercb_data completion callback argument
2753
* >0 f/w reported error - f/w status code
2754
* <0 driver reported error
2760
----------------------------------------------------------------*/
2762
hfa384x_drvr_setconfig_async(
2767
ctlx_usercb_t usercb,
2770
return hfa384x_dowrid_async(hw, rid, buf, len,
2771
hfa384x_cb_status, usercb, usercb_data);
2774
/*----------------------------------------------------------------
2775
* hfa384x_drvr_handover
2777
* Sends a handover notification to the MAC.
2780
* hw device structure
2781
* addr address of station that's left
2785
* -ERESTARTSYS received signal while waiting for semaphore.
2786
* -EIO failed to write to bap, or failed in cmd.
2792
----------------------------------------------------------------*/
2793
int hfa384x_drvr_handover( hfa384x_t *hw, UINT8 *addr)
2796
WLAN_LOG_ERROR("Not currently supported in USB!\n");
2801
/*----------------------------------------------------------------
2802
* hfa384x_drvr_low_level
2804
* Write test commands to the card. Some test commands don't make
2805
* sense without prior set-up. For example, continous TX isn't very
2806
* useful until you set the channel. That functionality should be
2812
* -----------------------------------------------------------------*/
2813
int hfa384x_drvr_low_level(hfa384x_t *hw, hfa384x_metacmd_t *cmd)
2818
/* Do i need a host2hfa... conversion ? */
2820
result = hfa384x_docmd_wait(hw, cmd);
2826
/*----------------------------------------------------------------
2827
* hfa384x_drvr_mmi_read
2829
* Read mmi registers. mmi is intersil-speak for the baseband
2830
* processor registers.
2833
* hw device structure
2834
* register The test register to be accessed (must be even #).
2838
* >0 f/w reported error - f/w status code
2839
* <0 driver reported error
2845
----------------------------------------------------------------*/
2846
int hfa384x_drvr_mmi_read(hfa384x_t *hw, UINT32 addr, UINT32 *resp)
2850
UINT16 cmd_code = (UINT16) 0x30;
2851
UINT16 param = (UINT16) addr;
2854
/* Do i need a host2hfa... conversion ? */
2855
result = hfa384x_docmd_wait(hw, cmd_code);
2863
/*----------------------------------------------------------------
2864
* hfa384x_drvr_mmi_write
2866
* Read mmi registers. mmi is intersil-speak for the baseband
2867
* processor registers.
2870
* hw device structure
2871
* addr The test register to be accessed (must be even #).
2872
* data The data value to write to the register.
2876
* >0 f/w reported error - f/w status code
2877
* <0 driver reported error
2883
----------------------------------------------------------------*/
2886
hfa384x_drvr_mmi_write(hfa384x_t *hw, UINT32 addr, UINT32 data)
2890
UINT16 cmd_code = (UINT16) 0x31;
2891
UINT16 param0 = (UINT16) addr;
2892
UINT16 param1 = (UINT16) data;
2895
WLAN_LOG_DEBUG(1,"mmi write : addr = 0x%08lx\n", addr);
2896
WLAN_LOG_DEBUG(1,"mmi write : data = 0x%08lx\n", data);
2898
/* Do i need a host2hfa... conversion ? */
2899
result = hfa384x_docmd_wait(hw, cmd_code);
2908
/*----------------------------------------------------------------
2909
* hfa384x_drvr_ramdl_disable
2911
* Ends the ram download state.
2914
* hw device structure
2918
* >0 f/w reported error - f/w status code
2919
* <0 driver reported error
2925
----------------------------------------------------------------*/
2927
hfa384x_drvr_ramdl_disable(hfa384x_t *hw)
2930
/* Check that we're already in the download state */
2931
if ( hw->dlstate != HFA384x_DLSTATE_RAMENABLED ) {
2935
WLAN_LOG_DEBUG(3,"ramdl_disable()\n");
2937
/* There isn't much we can do at this point, so I don't */
2938
/* bother w/ the return value */
2939
hfa384x_cmd_download(hw, HFA384x_PROGMODE_DISABLE, 0, 0 , 0);
2940
hw->dlstate = HFA384x_DLSTATE_DISABLED;
2947
/*----------------------------------------------------------------
2948
* hfa384x_drvr_ramdl_enable
2950
* Begins the ram download state. Checks to see that we're not
2951
* already in a download state and that a port isn't enabled.
2952
* Sets the download state and calls cmd_download with the
2953
* ENABLE_VOLATILE subcommand and the exeaddr argument.
2956
* hw device structure
2957
* exeaddr the card execution address that will be
2958
* jumped to when ramdl_disable() is called
2963
* >0 f/w reported error - f/w status code
2964
* <0 driver reported error
2970
----------------------------------------------------------------*/
2972
hfa384x_drvr_ramdl_enable(hfa384x_t *hw, UINT32 exeaddr)
2979
/* Check that a port isn't active */
2980
for ( i = 0; i < HFA384x_PORTID_MAX; i++) {
2981
if ( hw->port_enabled[i] ) {
2983
"Can't download with a macport enabled.\n");
2988
/* Check that we're not already in a download state */
2989
if ( hw->dlstate != HFA384x_DLSTATE_DISABLED ) {
2991
"Download state not disabled.\n");
2995
WLAN_LOG_DEBUG(3,"ramdl_enable, exeaddr=0x%08x\n", exeaddr);
2997
/* Call the download(1,addr) function */
2998
lowaddr = HFA384x_ADDR_CMD_MKOFF(exeaddr);
2999
hiaddr = HFA384x_ADDR_CMD_MKPAGE(exeaddr);
3001
result = hfa384x_cmd_download(hw, HFA384x_PROGMODE_RAM,
3002
lowaddr, hiaddr, 0);
3005
/* Set the download state */
3006
hw->dlstate = HFA384x_DLSTATE_RAMENABLED;
3009
"cmd_download(0x%04x, 0x%04x) failed, result=%d.\n",
3020
/*----------------------------------------------------------------
3021
* hfa384x_drvr_ramdl_write
3023
* Performs a RAM download of a chunk of data. First checks to see
3024
* that we're in the RAM download state, then uses the [read|write]mem USB
3025
* commands to 1) copy the data, 2) readback and compare. The download
3026
* state is unaffected. When all data has been written using
3027
* this function, call drvr_ramdl_disable() to end the download state
3028
* and restart the MAC.
3031
* hw device structure
3032
* daddr Card address to write to. (host order)
3033
* buf Ptr to data to write.
3034
* len Length of data (host order).
3038
* >0 f/w reported error - f/w status code
3039
* <0 driver reported error
3045
----------------------------------------------------------------*/
3047
hfa384x_drvr_ramdl_write(hfa384x_t *hw, UINT32 daddr, void* buf, UINT32 len)
3058
/* Check that we're in the ram download state */
3059
if ( hw->dlstate != HFA384x_DLSTATE_RAMENABLED ) {
3063
WLAN_LOG_INFO("Writing %d bytes to ram @0x%06x\n", len, daddr);
3065
/* How many dowmem calls? */
3066
nwrites = len / HFA384x_USB_RWMEM_MAXLEN;
3067
nwrites += len % HFA384x_USB_RWMEM_MAXLEN ? 1 : 0;
3069
/* Do blocking wmem's */
3070
for(i=0; i < nwrites; i++) {
3071
/* make address args */
3072
curraddr = daddr + (i * HFA384x_USB_RWMEM_MAXLEN);
3073
currpage = HFA384x_ADDR_CMD_MKPAGE(curraddr);
3074
curroffset = HFA384x_ADDR_CMD_MKOFF(curraddr);
3075
currlen = len - (i * HFA384x_USB_RWMEM_MAXLEN);
3076
if ( currlen > HFA384x_USB_RWMEM_MAXLEN) {
3077
currlen = HFA384x_USB_RWMEM_MAXLEN;
3080
/* Do blocking ctlx */
3081
result = hfa384x_dowmem_wait( hw,
3084
data + (i*HFA384x_USB_RWMEM_MAXLEN),
3089
/* TODO: We really should have a readback. */
3097
/*----------------------------------------------------------------
3098
* hfa384x_drvr_readpda
3100
* Performs the sequence to read the PDA space. Note there is no
3101
* drvr_writepda() function. Writing a PDA is
3102
* generally implemented by a calling component via calls to
3103
* cmd_download and writing to the flash download buffer via the
3107
* hw device structure
3108
* buf buffer to store PDA in
3113
* >0 f/w reported error - f/w status code
3114
* <0 driver reported error
3115
* -ETIMEOUT timout waiting for the cmd regs to become
3116
* available, or waiting for the control reg
3117
* to indicate the Aux port is enabled.
3118
* -ENODATA the buffer does NOT contain a valid PDA.
3119
* Either the card PDA is bad, or the auxdata
3120
* reads are giving us garbage.
3126
* process or non-card interrupt.
3127
----------------------------------------------------------------*/
3128
int hfa384x_drvr_readpda(hfa384x_t *hw, void *buf, UINT len)
3134
int currpdr = 0; /* word offset of the current pdr */
3136
UINT16 pdrlen; /* pdr length in bytes, host order */
3137
UINT16 pdrcode; /* pdr code, host order */
3145
{ HFA3842_PDA_BASE, 0},
3146
{ HFA3841_PDA_BASE, 0},
3147
{ HFA3841_PDA_BOGUS_BASE, 0}
3152
/* Read the pda from each known address. */
3153
for ( i = 0; i < ARRAY_SIZE(pdaloc); i++) {
3155
currpage = HFA384x_ADDR_CMD_MKPAGE(pdaloc[i].cardaddr);
3156
curroffset = HFA384x_ADDR_CMD_MKOFF(pdaloc[i].cardaddr);
3158
result = hfa384x_dormem_wait(hw,
3162
len); /* units of bytes */
3166
"Read from index %zd failed, continuing\n",
3171
/* Test for garbage */
3172
pdaok = 1; /* initially assume good */
3174
while ( pdaok && morepdrs ) {
3175
pdrlen = hfa384x2host_16(pda[currpdr]) * 2;
3176
pdrcode = hfa384x2host_16(pda[currpdr+1]);
3177
/* Test the record length */
3178
if ( pdrlen > HFA384x_PDR_LEN_MAX || pdrlen == 0) {
3179
WLAN_LOG_ERROR("pdrlen invalid=%d\n",
3185
if ( !hfa384x_isgood_pdrcode(pdrcode) ) {
3186
WLAN_LOG_ERROR("pdrcode invalid=%d\n",
3191
/* Test for completion */
3192
if ( pdrcode == HFA384x_PDR_END_OF_PDA) {
3196
/* Move to the next pdr (if necessary) */
3198
/* note the access to pda[], need words here */
3199
currpdr += hfa384x2host_16(pda[currpdr]) + 1;
3204
"PDA Read from 0x%08x in %s space.\n",
3206
pdaloc[i].auxctl == 0 ? "EXTDS" :
3207
pdaloc[i].auxctl == 1 ? "NV" :
3208
pdaloc[i].auxctl == 2 ? "PHY" :
3209
pdaloc[i].auxctl == 3 ? "ICSRAM" :
3214
result = pdaok ? 0 : -ENODATA;
3217
WLAN_LOG_DEBUG(3,"Failure: pda is not okay\n");
3225
/*----------------------------------------------------------------
3226
* hfa384x_drvr_setconfig
3228
* Performs the sequence necessary to write a config/info item.
3231
* hw device structure
3232
* rid config/info record id (in host order)
3233
* buf host side record buffer
3234
* len buffer length (in bytes)
3238
* >0 f/w reported error - f/w status code
3239
* <0 driver reported error
3245
----------------------------------------------------------------*/
3246
int hfa384x_drvr_setconfig(hfa384x_t *hw, UINT16 rid, void *buf, UINT16 len)
3248
return hfa384x_dowrid_wait(hw, rid, buf, len);
3251
/*----------------------------------------------------------------
3252
* hfa384x_drvr_start
3254
* Issues the MAC initialize command, sets up some data structures,
3255
* and enables the interrupts. After this function completes, the
3256
* low-level stuff should be ready for any/all commands.
3259
* hw device structure
3262
* >0 f/w reported error - f/w status code
3263
* <0 driver reported error
3269
----------------------------------------------------------------*/
3270
int hfa384x_drvr_start(hfa384x_t *hw)
3272
int result, result1, result2;
3278
/* Clear endpoint stalls - but only do this if the endpoint
3279
* is showing a stall status. Some prism2 cards seem to behave
3280
* badly if a clear_halt is called when the endpoint is already
3283
result = usb_get_status(hw->usb, USB_RECIP_ENDPOINT, hw->endp_in, &status);
3286
"Cannot get bulk in endpoint status.\n");
3289
if ((status == 1) && usb_clear_halt(hw->usb, hw->endp_in)) {
3291
"Failed to reset bulk in endpoint.\n");
3294
result = usb_get_status(hw->usb, USB_RECIP_ENDPOINT, hw->endp_out, &status);
3297
"Cannot get bulk out endpoint status.\n");
3300
if ((status == 1) && usb_clear_halt(hw->usb, hw->endp_out)) {
3302
"Failed to reset bulk out endpoint.\n");
3305
/* Synchronous unlink, in case we're trying to restart the driver */
3306
usb_kill_urb(&hw->rx_urb);
3308
/* Post the IN urb */
3309
result = submit_rx_urb(hw, GFP_KERNEL);
3312
"Fatal, failed to submit RX URB, result=%d\n",
3317
/* Call initialize twice, with a 1 second sleep in between.
3318
* This is a nasty work-around since many prism2 cards seem to
3319
* need time to settle after an init from cold. The second
3320
* call to initialize in theory is not necessary - but we call
3321
* it anyway as a double insurance policy:
3322
* 1) If the first init should fail, the second may well succeed
3323
* and the card can still be used
3324
* 2) It helps ensures all is well with the card after the first
3325
* init and settle time.
3327
result1 = hfa384x_cmd_initialize(hw);
3329
result = result2 = hfa384x_cmd_initialize(hw);
3333
"cmd_initialize() failed on two attempts, results %d and %d\n",
3335
usb_kill_urb(&hw->rx_urb);
3338
WLAN_LOG_DEBUG(0, "First cmd_initialize() failed (result %d),\n",
3340
WLAN_LOG_DEBUG(0, "but second attempt succeeded. All should be ok\n");
3342
} else if (result2 != 0) {
3344
"First cmd_initialize() succeeded, but second attempt failed (result=%d)\n",
3346
WLAN_LOG_WARNING("Most likely the card will be functional\n");
3350
hw->state = HFA384x_STATE_RUNNING;
3358
/*----------------------------------------------------------------
3361
* Shuts down the MAC to the point where it is safe to unload the
3362
* driver. Any subsystem that may be holding a data or function
3363
* ptr into the driver must be cleared/deinitialized.
3366
* hw device structure
3369
* >0 f/w reported error - f/w status code
3370
* <0 driver reported error
3376
----------------------------------------------------------------*/
3378
hfa384x_drvr_stop(hfa384x_t *hw)
3386
/* There's no need for spinlocks here. The USB "disconnect"
3387
* function sets this "removed" flag and then calls us.
3389
if ( !hw->wlandev->hwremoved ) {
3390
/* Call initialize to leave the MAC in its 'reset' state */
3391
hfa384x_cmd_initialize(hw);
3393
/* Cancel the rxurb */
3394
usb_kill_urb(&hw->rx_urb);
3397
hw->link_status = HFA384x_LINK_NOTCONNECTED;
3398
hw->state = HFA384x_STATE_INIT;
3400
del_timer_sync(&hw->commsqual_timer);
3402
/* Clear all the port status */
3403
for ( i = 0; i < HFA384x_NUMPORTS_MAX; i++) {
3404
hw->port_enabled[i] = 0;
3411
/*----------------------------------------------------------------
3412
* hfa384x_drvr_txframe
3414
* Takes a frame from prism2sta and queues it for transmission.
3417
* hw device structure
3418
* skb packet buffer struct. Contains an 802.11
3420
* p80211_hdr points to the 802.11 header for the packet.
3422
* 0 Success and more buffs available
3423
* 1 Success but no more buffs
3424
* 2 Allocation failure
3425
* 4 Buffer full or queue busy
3431
----------------------------------------------------------------*/
3432
int hfa384x_drvr_txframe(hfa384x_t *hw, struct sk_buff *skb, p80211_hdr_t *p80211_hdr, p80211_metawep_t *p80211_wep)
3435
int usbpktlen = sizeof(hfa384x_tx_frame_t);
3442
if (hw->tx_urb.status == -EINPROGRESS) {
3443
WLAN_LOG_WARNING("TX URB already in use\n");
3448
/* Build Tx frame structure */
3449
/* Set up the control field */
3450
memset(&hw->txbuff.txfrm.desc, 0, sizeof(hw->txbuff.txfrm.desc));
3452
/* Setup the usb type field */
3453
hw->txbuff.type = host2hfa384x_16(HFA384x_USB_TXFRM);
3455
/* Set up the sw_support field to identify this frame */
3456
hw->txbuff.txfrm.desc.sw_support = 0x0123;
3458
/* Tx complete and Tx exception disable per dleach. Might be causing
3461
//#define DOEXC SLP -- doboth breaks horribly under load, doexc less so.
3463
hw->txbuff.txfrm.desc.tx_control =
3464
HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3465
HFA384x_TX_TXEX_SET(1) | HFA384x_TX_TXOK_SET(1);
3466
#elif defined(DOEXC)
3467
hw->txbuff.txfrm.desc.tx_control =
3468
HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3469
HFA384x_TX_TXEX_SET(1) | HFA384x_TX_TXOK_SET(0);
3471
hw->txbuff.txfrm.desc.tx_control =
3472
HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3473
HFA384x_TX_TXEX_SET(0) | HFA384x_TX_TXOK_SET(0);
3475
hw->txbuff.txfrm.desc.tx_control =
3476
host2hfa384x_16(hw->txbuff.txfrm.desc.tx_control);
3478
/* copy the header over to the txdesc */
3479
memcpy(&(hw->txbuff.txfrm.desc.frame_control), p80211_hdr, sizeof(p80211_hdr_t));
3481
/* if we're using host WEP, increase size by IV+ICV */
3482
if (p80211_wep->data) {
3483
hw->txbuff.txfrm.desc.data_len = host2hfa384x_16(skb->len+8);
3484
// hw->txbuff.txfrm.desc.tx_control |= HFA384x_TX_NOENCRYPT_SET(1);
3487
hw->txbuff.txfrm.desc.data_len = host2hfa384x_16(skb->len);
3490
usbpktlen += skb->len;
3492
/* copy over the WEP IV if we are using host WEP */
3493
ptr = hw->txbuff.txfrm.data;
3494
if (p80211_wep->data) {
3495
memcpy(ptr, p80211_wep->iv, sizeof(p80211_wep->iv));
3496
ptr+= sizeof(p80211_wep->iv);
3497
memcpy(ptr, p80211_wep->data, skb->len);
3499
memcpy(ptr, skb->data, skb->len);
3501
/* copy over the packet data */
3504
/* copy over the WEP ICV if we are using host WEP */
3505
if (p80211_wep->data) {
3506
memcpy(ptr, p80211_wep->icv, sizeof(p80211_wep->icv));
3509
/* Send the USB packet */
3510
usb_fill_bulk_urb( &(hw->tx_urb), hw->usb,
3512
&(hw->txbuff), ROUNDUP64(usbpktlen),
3513
hfa384x_usbout_callback, hw->wlandev );
3514
hw->tx_urb.transfer_flags |= USB_QUEUE_BULK;
3517
ret = submit_tx_urb(hw, &hw->tx_urb, GFP_ATOMIC);
3520
"submit_tx_urb() failed, error=%d\n", ret);
3529
void hfa384x_tx_timeout(wlandevice_t *wlandev)
3531
hfa384x_t *hw = wlandev->priv;
3532
unsigned long flags;
3536
spin_lock_irqsave(&hw->ctlxq.lock, flags);
3538
if ( !hw->wlandev->hwremoved &&
3539
/* Note the bitwise OR, not the logical OR. */
3540
( !test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) |
3541
!test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) ) )
3543
schedule_work(&hw->usb_work);
3546
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3551
/*----------------------------------------------------------------
3552
* hfa384x_usbctlx_reaper_task
3554
* Tasklet to delete dead CTLX objects
3557
* data ptr to a hfa384x_t
3563
----------------------------------------------------------------*/
3564
static void hfa384x_usbctlx_reaper_task(unsigned long data)
3566
hfa384x_t *hw = (hfa384x_t*)data;
3567
struct list_head *entry;
3568
struct list_head *temp;
3569
unsigned long flags;
3573
spin_lock_irqsave(&hw->ctlxq.lock, flags);
3575
/* This list is guaranteed to be empty if someone
3576
* has unplugged the adapter.
3578
list_for_each_safe(entry, temp, &hw->ctlxq.reapable) {
3579
hfa384x_usbctlx_t *ctlx;
3581
ctlx = list_entry(entry, hfa384x_usbctlx_t, list);
3582
list_del(&ctlx->list);
3586
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3591
/*----------------------------------------------------------------
3592
* hfa384x_usbctlx_completion_task
3594
* Tasklet to call completion handlers for returned CTLXs
3597
* data ptr to hfa384x_t
3604
----------------------------------------------------------------*/
3605
static void hfa384x_usbctlx_completion_task(unsigned long data)
3607
hfa384x_t *hw = (hfa384x_t*)data;
3608
struct list_head *entry;
3609
struct list_head *temp;
3610
unsigned long flags;
3616
spin_lock_irqsave(&hw->ctlxq.lock, flags);
3618
/* This list is guaranteed to be empty if someone
3619
* has unplugged the adapter ...
3621
list_for_each_safe(entry, temp, &hw->ctlxq.completing) {
3622
hfa384x_usbctlx_t *ctlx;
3624
ctlx = list_entry(entry, hfa384x_usbctlx_t, list);
3626
/* Call the completion function that this
3627
* command was assigned, assuming it has one.
3629
if ( ctlx->cmdcb != NULL ) {
3630
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3631
ctlx->cmdcb(hw, ctlx);
3632
spin_lock_irqsave(&hw->ctlxq.lock, flags);
3634
/* Make sure we don't try and complete
3635
* this CTLX more than once!
3639
/* Did someone yank the adapter out
3640
* while our list was (briefly) unlocked?
3642
if ( hw->wlandev->hwremoved )
3650
* "Reapable" CTLXs are ones which don't have any
3651
* threads waiting for them to die. Hence they must
3652
* be delivered to The Reaper!
3654
if ( ctlx->reapable ) {
3655
/* Move the CTLX off the "completing" list (hopefully)
3656
* on to the "reapable" list where the reaper task
3657
* can find it. And "reapable" means that this CTLX
3658
* isn't sitting on a wait-queue somewhere.
3660
list_move_tail(&ctlx->list, &hw->ctlxq.reapable);
3664
complete(&ctlx->done);
3666
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3669
tasklet_schedule(&hw->reaper_bh);
3674
/*----------------------------------------------------------------
3675
* unlocked_usbctlx_cancel_async
3677
* Mark the CTLX dead asynchronously, and ensure that the
3678
* next command on the queue is run afterwards.
3681
* hw ptr to the hfa384x_t structure
3682
* ctlx ptr to a CTLX structure
3685
* 0 the CTLX's URB is inactive
3686
* -EINPROGRESS the URB is currently being unlinked
3689
* Either process or interrupt, but presumably interrupt
3690
----------------------------------------------------------------*/
3691
static int unlocked_usbctlx_cancel_async(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx)
3698
* Try to delete the URB containing our request packet.
3699
* If we succeed, then its completion handler will be
3700
* called with a status of -ECONNRESET.
3702
hw->ctlx_urb.transfer_flags |= URB_ASYNC_UNLINK;
3703
ret = usb_unlink_urb(&hw->ctlx_urb);
3705
if (ret != -EINPROGRESS) {
3707
* The OUT URB had either already completed
3708
* or was still in the pending queue, so the
3709
* URB's completion function will not be called.
3710
* We will have to complete the CTLX ourselves.
3712
ctlx->state = CTLX_REQ_FAILED;
3713
unlocked_usbctlx_complete(hw, ctlx);
3722
/*----------------------------------------------------------------
3723
* unlocked_usbctlx_complete
3725
* A CTLX has completed. It may have been successful, it may not
3726
* have been. At this point, the CTLX should be quiescent. The URBs
3727
* aren't active and the timers should have been stopped.
3729
* The CTLX is migrated to the "completing" queue, and the completing
3730
* tasklet is scheduled.
3733
* hw ptr to a hfa384x_t structure
3734
* ctlx ptr to a ctlx structure
3742
* Either, assume interrupt
3743
----------------------------------------------------------------*/
3744
static void unlocked_usbctlx_complete(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx)
3748
/* Timers have been stopped, and ctlx should be in
3749
* a terminal state. Retire it from the "active"
3752
list_move_tail(&ctlx->list, &hw->ctlxq.completing);
3753
tasklet_schedule(&hw->completion_bh);
3755
switch (ctlx->state) {
3757
case CTLX_REQ_FAILED:
3758
/* This are the correct terminating states. */
3762
WLAN_LOG_ERROR("CTLX[%d] not in a terminating state(%s)\n",
3763
hfa384x2host_16(ctlx->outbuf.type),
3764
ctlxstr(ctlx->state));
3771
/*----------------------------------------------------------------
3772
* hfa384x_usbctlxq_run
3774
* Checks to see if the head item is running. If not, starts it.
3777
* hw ptr to hfa384x_t
3786
----------------------------------------------------------------*/
3788
hfa384x_usbctlxq_run(hfa384x_t *hw)
3790
unsigned long flags;
3794
spin_lock_irqsave(&hw->ctlxq.lock, flags);
3796
/* Only one active CTLX at any one time, because there's no
3797
* other (reliable) way to match the response URB to the
3800
* Don't touch any of these CTLXs if the hardware
3801
* has been removed or the USB subsystem is stalled.
3803
if ( !list_empty(&hw->ctlxq.active) ||
3804
test_bit(WORK_TX_HALT, &hw->usb_flags) ||
3805
hw->wlandev->hwremoved )
3808
while ( !list_empty(&hw->ctlxq.pending) ) {
3809
hfa384x_usbctlx_t *head;
3812
/* This is the first pending command */
3813
head = list_entry(hw->ctlxq.pending.next,
3817
/* We need to split this off to avoid a race condition */
3818
list_move_tail(&head->list, &hw->ctlxq.active);
3820
/* Fill the out packet */
3821
usb_fill_bulk_urb( &(hw->ctlx_urb), hw->usb,
3823
&(head->outbuf), ROUNDUP64(head->outbufsize),
3824
hfa384x_ctlxout_callback, hw);
3825
hw->ctlx_urb.transfer_flags |= USB_QUEUE_BULK;
3827
/* Now submit the URB and update the CTLX's state
3829
if ((result = SUBMIT_URB(&hw->ctlx_urb, GFP_ATOMIC)) == 0) {
3830
/* This CTLX is now running on the active queue */
3831
head->state = CTLX_REQ_SUBMITTED;
3833
/* Start the OUT wait timer */
3834
hw->req_timer_done = 0;
3835
hw->reqtimer.expires = jiffies + HZ;
3836
add_timer(&hw->reqtimer);
3838
/* Start the IN wait timer */
3839
hw->resp_timer_done = 0;
3840
hw->resptimer.expires = jiffies + 2*HZ;
3841
add_timer(&hw->resptimer);
3846
if (result == -EPIPE) {
3847
/* The OUT pipe needs resetting, so put
3848
* this CTLX back in the "pending" queue
3849
* and schedule a reset ...
3851
WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
3852
hw->wlandev->netdev->name);
3853
list_move(&head->list, &hw->ctlxq.pending);
3854
set_bit(WORK_TX_HALT, &hw->usb_flags);
3855
schedule_work(&hw->usb_work);
3859
if (result == -ESHUTDOWN) {
3860
WLAN_LOG_WARNING("%s urb shutdown!\n",
3861
hw->wlandev->netdev->name);
3865
WLAN_LOG_ERROR("Failed to submit CTLX[%d]: error=%d\n",
3866
hfa384x2host_16(head->outbuf.type), result);
3867
unlocked_usbctlx_complete(hw, head);
3871
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3877
/*----------------------------------------------------------------
3878
* hfa384x_usbin_callback
3880
* Callback for URBs on the BULKIN endpoint.
3883
* urb ptr to the completed urb
3892
----------------------------------------------------------------*/
3893
#ifdef URB_ONLY_CALLBACK
3894
static void hfa384x_usbin_callback(struct urb *urb)
3896
static void hfa384x_usbin_callback(struct urb *urb, struct pt_regs *regs)
3899
wlandevice_t *wlandev = urb->context;
3901
hfa384x_usbin_t *usbin = (hfa384x_usbin_t *) urb->transfer_buffer;
3902
struct sk_buff *skb = NULL;
3917
wlandev->hwremoved )
3924
skb = hw->rx_urb_skb;
3925
if (!skb || (skb->data != urb->transfer_buffer)) {
3928
hw->rx_urb_skb = NULL;
3930
/* Check for error conditions within the URB */
3931
switch (urb->status) {
3935
/* Check for short packet */
3936
if ( urb->actual_length == 0 ) {
3937
++(wlandev->linux_stats.rx_errors);
3938
++(wlandev->linux_stats.rx_length_errors);
3944
WLAN_LOG_WARNING("%s rx pipe stalled: requesting reset\n",
3945
wlandev->netdev->name);
3946
if ( !test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) )
3947
schedule_work(&hw->usb_work);
3948
++(wlandev->linux_stats.rx_errors);
3955
if ( !test_and_set_bit(THROTTLE_RX, &hw->usb_flags) &&
3956
!timer_pending(&hw->throttle) ) {
3957
mod_timer(&hw->throttle, jiffies + THROTTLE_JIFFIES);
3959
++(wlandev->linux_stats.rx_errors);
3964
++(wlandev->linux_stats.rx_over_errors);
3970
WLAN_LOG_DEBUG(3,"status=%d, device removed.\n", urb->status);
3976
WLAN_LOG_DEBUG(3,"status=%d, urb explicitly unlinked.\n", urb->status);
3981
WLAN_LOG_DEBUG(3,"urb status=%d, transfer flags=0x%x\n",
3982
urb->status, urb->transfer_flags);
3983
++(wlandev->linux_stats.rx_errors);
3988
urb_status = urb->status;
3990
if (action != ABORT) {
3991
/* Repost the RX URB */
3992
result = submit_rx_urb(hw, GFP_ATOMIC);
3996
"Fatal, failed to resubmit rx_urb. error=%d\n",
4001
/* Handle any USB-IN packet */
4002
/* Note: the check of the sw_support field, the type field doesn't
4003
* have bit 12 set like the docs suggest.
4005
type = hfa384x2host_16(usbin->type);
4006
if (HFA384x_USB_ISRXFRM(type)) {
4007
if (action == HANDLE) {
4008
if (usbin->txfrm.desc.sw_support == 0x0123) {
4009
hfa384x_usbin_txcompl(wlandev, usbin);
4011
skb_put(skb, sizeof(*usbin));
4012
hfa384x_usbin_rx(wlandev, skb);
4018
if (HFA384x_USB_ISTXFRM(type)) {
4019
if (action == HANDLE)
4020
hfa384x_usbin_txcompl(wlandev, usbin);
4024
case HFA384x_USB_INFOFRM:
4025
if (action == ABORT)
4027
if (action == HANDLE)
4028
hfa384x_usbin_info(wlandev, usbin);
4031
case HFA384x_USB_CMDRESP:
4032
case HFA384x_USB_WRIDRESP:
4033
case HFA384x_USB_RRIDRESP:
4034
case HFA384x_USB_WMEMRESP:
4035
case HFA384x_USB_RMEMRESP:
4036
/* ALWAYS, ALWAYS, ALWAYS handle this CTLX!!!! */
4037
hfa384x_usbin_ctlx(hw, usbin, urb_status);
4040
case HFA384x_USB_BUFAVAIL:
4041
WLAN_LOG_DEBUG(3,"Received BUFAVAIL packet, frmlen=%d\n",
4042
usbin->bufavail.frmlen);
4045
case HFA384x_USB_ERROR:
4046
WLAN_LOG_DEBUG(3,"Received USB_ERROR packet, errortype=%d\n",
4047
usbin->usberror.errortype);
4051
WLAN_LOG_DEBUG(3,"Unrecognized USBIN packet, type=%x, status=%d\n",
4052
usbin->type, urb_status);
4065
/*----------------------------------------------------------------
4066
* hfa384x_usbin_ctlx
4068
* We've received a URB containing a Prism2 "response" message.
4069
* This message needs to be matched up with a CTLX on the active
4070
* queue and our state updated accordingly.
4073
* hw ptr to hfa384x_t
4074
* usbin ptr to USB IN packet
4075
* urb_status status of this Bulk-In URB
4084
----------------------------------------------------------------*/
4085
static void hfa384x_usbin_ctlx(hfa384x_t *hw, hfa384x_usbin_t *usbin,
4088
hfa384x_usbctlx_t *ctlx;
4090
unsigned long flags;
4095
spin_lock_irqsave(&hw->ctlxq.lock, flags);
4097
/* There can be only one CTLX on the active queue
4098
* at any one time, and this is the CTLX that the
4099
* timers are waiting for.
4101
if ( list_empty(&hw->ctlxq.active) ) {
4105
/* Remove the "response timeout". It's possible that
4106
* we are already too late, and that the timeout is
4107
* already running. And that's just too bad for us,
4108
* because we could lose our CTLX from the active
4111
if (del_timer(&hw->resptimer) == 0) {
4112
if (hw->resp_timer_done == 0) {
4113
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4118
hw->resp_timer_done = 1;
4121
ctlx = get_active_ctlx(hw);
4123
if (urb_status != 0) {
4125
* Bad CTLX, so get rid of it. But we only
4126
* remove it from the active queue if we're no
4127
* longer expecting the OUT URB to complete.
4129
if (unlocked_usbctlx_cancel_async(hw, ctlx) == 0)
4132
const UINT16 intype = (usbin->type&~host2hfa384x_16(0x8000));
4135
* Check that our message is what we're expecting ...
4137
if (ctlx->outbuf.type != intype) {
4138
WLAN_LOG_WARNING("Expected IN[%d], received IN[%d] - ignored.\n",
4139
hfa384x2host_16(ctlx->outbuf.type),
4140
hfa384x2host_16(intype));
4144
/* This URB has succeeded, so grab the data ... */
4145
memcpy(&ctlx->inbuf, usbin, sizeof(ctlx->inbuf));
4147
switch (ctlx->state) {
4148
case CTLX_REQ_SUBMITTED:
4150
* We have received our response URB before
4151
* our request has been acknowledged. Odd,
4152
* but our OUT URB is still alive...
4154
WLAN_LOG_DEBUG(0, "Causality violation: please reboot Universe, or email linux-wlan-devel@lists.linux-wlan.com\n");
4155
ctlx->state = CTLX_RESP_COMPLETE;
4158
case CTLX_REQ_COMPLETE:
4160
* This is the usual path: our request
4161
* has already been acknowledged, and
4162
* now we have received the reply too.
4164
ctlx->state = CTLX_COMPLETE;
4165
unlocked_usbctlx_complete(hw, ctlx);
4171
* Throw this CTLX away ...
4173
WLAN_LOG_ERROR("Matched IN URB, CTLX[%d] in invalid state(%s)."
4175
hfa384x2host_16(ctlx->outbuf.type),
4176
ctlxstr(ctlx->state));
4177
if (unlocked_usbctlx_cancel_async(hw, ctlx) == 0)
4184
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4187
hfa384x_usbctlxq_run(hw);
4193
/*----------------------------------------------------------------
4194
* hfa384x_usbin_txcompl
4196
* At this point we have the results of a previous transmit.
4199
* wlandev wlan device
4200
* usbin ptr to the usb transfer buffer
4209
----------------------------------------------------------------*/
4210
static void hfa384x_usbin_txcompl(wlandevice_t *wlandev, hfa384x_usbin_t *usbin)
4215
status = hfa384x2host_16(usbin->type); /* yeah I know it says type...*/
4217
/* Was there an error? */
4218
if (HFA384x_TXSTATUS_ISERROR(status)) {
4219
prism2sta_ev_txexc(wlandev, status);
4221
prism2sta_ev_tx(wlandev, status);
4223
// prism2sta_ev_alloc(wlandev);
4229
/*----------------------------------------------------------------
4232
* At this point we have a successful received a rx frame packet.
4235
* wlandev wlan device
4236
* usbin ptr to the usb transfer buffer
4245
----------------------------------------------------------------*/
4246
static void hfa384x_usbin_rx(wlandevice_t *wlandev, struct sk_buff *skb)
4248
hfa384x_usbin_t *usbin = (hfa384x_usbin_t *) skb->data;
4249
hfa384x_t *hw = wlandev->priv;
4251
p80211_rxmeta_t *rxmeta;
4257
/* Byte order convert once up front. */
4258
usbin->rxfrm.desc.status =
4259
hfa384x2host_16(usbin->rxfrm.desc.status);
4260
usbin->rxfrm.desc.time =
4261
hfa384x2host_32(usbin->rxfrm.desc.time);
4263
/* Now handle frame based on port# */
4264
switch( HFA384x_RXSTATUS_MACPORT_GET(usbin->rxfrm.desc.status) )
4267
fc = ieee2host16(usbin->rxfrm.desc.frame_control);
4269
/* If exclude and we receive an unencrypted, drop it */
4270
if ( (wlandev->hostwep & HOSTWEP_EXCLUDEUNENCRYPTED) &&
4271
!WLAN_GET_FC_ISWEP(fc)){
4275
data_len = hfa384x2host_16(usbin->rxfrm.desc.data_len);
4277
/* How much header data do we have? */
4278
hdrlen = p80211_headerlen(fc);
4280
/* Pull off the descriptor */
4281
skb_pull(skb, sizeof(hfa384x_rx_frame_t));
4283
/* Now shunt the header block up against the data block
4284
* with an "overlapping" copy
4286
memmove(skb_push(skb, hdrlen),
4287
&usbin->rxfrm.desc.frame_control,
4290
skb->dev = wlandev->netdev;
4291
skb->dev->last_rx = jiffies;
4293
/* And set the frame length properly */
4294
skb_trim(skb, data_len + hdrlen);
4296
/* The prism2 series does not return the CRC */
4297
memset(skb_put(skb, WLAN_CRC_LEN), 0xff, WLAN_CRC_LEN);
4299
skb_reset_mac_header(skb);
4301
/* Attach the rxmeta, set some stuff */
4302
p80211skb_rxmeta_attach(wlandev, skb);
4303
rxmeta = P80211SKB_RXMETA(skb);
4304
rxmeta->mactime = usbin->rxfrm.desc.time;
4305
rxmeta->rxrate = usbin->rxfrm.desc.rate;
4306
rxmeta->signal = usbin->rxfrm.desc.signal - hw->dbmadjust;
4307
rxmeta->noise = usbin->rxfrm.desc.silence - hw->dbmadjust;
4309
prism2sta_ev_rx(wlandev, skb);
4314
if ( ! HFA384x_RXSTATUS_ISFCSERR(usbin->rxfrm.desc.status) ) {
4315
/* Copy to wlansnif skb */
4316
hfa384x_int_rxmonitor( wlandev, &usbin->rxfrm);
4319
WLAN_LOG_DEBUG(3,"Received monitor frame: FCSerr set\n");
4324
WLAN_LOG_WARNING("Received frame on unsupported port=%d\n",
4325
HFA384x_RXSTATUS_MACPORT_GET(usbin->rxfrm.desc.status) );
4335
/*----------------------------------------------------------------
4336
* hfa384x_int_rxmonitor
4338
* Helper function for int_rx. Handles monitor frames.
4339
* Note that this function allocates space for the FCS and sets it
4340
* to 0xffffffff. The hfa384x doesn't give us the FCS value but the
4341
* higher layers expect it. 0xffffffff is used as a flag to indicate
4345
* wlandev wlan device structure
4346
* rxfrm rx descriptor read from card in int_rx
4352
* Allocates an skb and passes it up via the PF_PACKET interface.
4355
----------------------------------------------------------------*/
4356
static void hfa384x_int_rxmonitor( wlandevice_t *wlandev, hfa384x_usb_rxfrm_t *rxfrm)
4358
hfa384x_rx_frame_t *rxdesc = &(rxfrm->desc);
4362
p80211msg_lnxind_wlansniffrm_t *msg;
4365
struct sk_buff *skb;
4366
hfa384x_t *hw = wlandev->priv;
4370
/* Don't forget the status, time, and data_len fields are in host order */
4371
/* Figure out how big the frame is */
4372
fc = ieee2host16(rxdesc->frame_control);
4373
hdrlen = p80211_headerlen(fc);
4374
datalen = hfa384x2host_16(rxdesc->data_len);
4376
/* Allocate an ind message+framesize skb */
4377
skblen = sizeof(p80211msg_lnxind_wlansniffrm_t) +
4378
hdrlen + datalen + WLAN_CRC_LEN;
4380
/* sanity check the length */
4382
(sizeof(p80211msg_lnxind_wlansniffrm_t) +
4383
WLAN_HDR_A4_LEN + WLAN_DATA_MAXLEN + WLAN_CRC_LEN) ) {
4384
WLAN_LOG_DEBUG(1, "overlen frm: len=%zd\n",
4385
skblen - sizeof(p80211msg_lnxind_wlansniffrm_t));
4388
if ( (skb = dev_alloc_skb(skblen)) == NULL ) {
4389
WLAN_LOG_ERROR("alloc_skb failed trying to allocate %d bytes\n", skblen);
4393
/* only prepend the prism header if in the right mode */
4394
if ((wlandev->netdev->type == ARPHRD_IEEE80211_PRISM) &&
4395
(hw->sniffhdr == 0)) {
4396
datap = skb_put(skb, sizeof(p80211msg_lnxind_wlansniffrm_t));
4397
msg = (p80211msg_lnxind_wlansniffrm_t*) datap;
4399
/* Initialize the message members */
4400
msg->msgcode = DIDmsg_lnxind_wlansniffrm;
4401
msg->msglen = sizeof(p80211msg_lnxind_wlansniffrm_t);
4402
strcpy(msg->devname, wlandev->name);
4404
msg->hosttime.did = DIDmsg_lnxind_wlansniffrm_hosttime;
4405
msg->hosttime.status = 0;
4406
msg->hosttime.len = 4;
4407
msg->hosttime.data = jiffies;
4409
msg->mactime.did = DIDmsg_lnxind_wlansniffrm_mactime;
4410
msg->mactime.status = 0;
4411
msg->mactime.len = 4;
4412
msg->mactime.data = rxdesc->time;
4414
msg->channel.did = DIDmsg_lnxind_wlansniffrm_channel;
4415
msg->channel.status = 0;
4416
msg->channel.len = 4;
4417
msg->channel.data = hw->sniff_channel;
4419
msg->rssi.did = DIDmsg_lnxind_wlansniffrm_rssi;
4420
msg->rssi.status = P80211ENUM_msgitem_status_no_value;
4424
msg->sq.did = DIDmsg_lnxind_wlansniffrm_sq;
4425
msg->sq.status = P80211ENUM_msgitem_status_no_value;
4429
msg->signal.did = DIDmsg_lnxind_wlansniffrm_signal;
4430
msg->signal.status = 0;
4431
msg->signal.len = 4;
4432
msg->signal.data = rxdesc->signal;
4434
msg->noise.did = DIDmsg_lnxind_wlansniffrm_noise;
4435
msg->noise.status = 0;
4437
msg->noise.data = rxdesc->silence;
4439
msg->rate.did = DIDmsg_lnxind_wlansniffrm_rate;
4440
msg->rate.status = 0;
4442
msg->rate.data = rxdesc->rate / 5; /* set to 802.11 units */
4444
msg->istx.did = DIDmsg_lnxind_wlansniffrm_istx;
4445
msg->istx.status = 0;
4447
msg->istx.data = P80211ENUM_truth_false;
4449
msg->frmlen.did = DIDmsg_lnxind_wlansniffrm_frmlen;
4450
msg->frmlen.status = 0;
4451
msg->frmlen.len = 4;
4452
msg->frmlen.data = hdrlen + datalen + WLAN_CRC_LEN;
4453
} else if ((wlandev->netdev->type == ARPHRD_IEEE80211_PRISM) &&
4454
(hw->sniffhdr != 0)) {
4455
p80211_caphdr_t *caphdr;
4456
/* The NEW header format! */
4457
datap = skb_put(skb, sizeof(p80211_caphdr_t));
4458
caphdr = (p80211_caphdr_t*) datap;
4460
caphdr->version = htonl(P80211CAPTURE_VERSION);
4461
caphdr->length = htonl(sizeof(p80211_caphdr_t));
4462
caphdr->mactime = __cpu_to_be64(rxdesc->time) * 1000;
4463
caphdr->hosttime = __cpu_to_be64(jiffies);
4464
caphdr->phytype = htonl(4); /* dss_dot11_b */
4465
caphdr->channel = htonl(hw->sniff_channel);
4466
caphdr->datarate = htonl(rxdesc->rate);
4467
caphdr->antenna = htonl(0); /* unknown */
4468
caphdr->priority = htonl(0); /* unknown */
4469
caphdr->ssi_type = htonl(3); /* rssi_raw */
4470
caphdr->ssi_signal = htonl(rxdesc->signal);
4471
caphdr->ssi_noise = htonl(rxdesc->silence);
4472
caphdr->preamble = htonl(0); /* unknown */
4473
caphdr->encoding = htonl(1); /* cck */
4476
/* Copy the 802.11 header to the skb (ctl frames may be less than a full header) */
4477
datap = skb_put(skb, hdrlen);
4478
memcpy( datap, &(rxdesc->frame_control), hdrlen);
4480
/* If any, copy the data from the card to the skb */
4483
datap = skb_put(skb, datalen);
4484
memcpy(datap, rxfrm->data, datalen);
4486
/* check for unencrypted stuff if WEP bit set. */
4487
if (*(datap - hdrlen + 1) & 0x40) // wep set
4488
if ((*(datap) == 0xaa) && (*(datap+1) == 0xaa))
4489
*(datap - hdrlen + 1) &= 0xbf; // clear wep; it's the 802.2 header!
4492
if (hw->sniff_fcs) {
4494
datap = skb_put(skb, WLAN_CRC_LEN);
4495
memset( datap, 0xff, WLAN_CRC_LEN);
4498
/* pass it back up */
4499
prism2sta_ev_rx(wlandev, skb);
4507
/*----------------------------------------------------------------
4508
* hfa384x_usbin_info
4510
* At this point we have a successful received a Prism2 info frame.
4513
* wlandev wlan device
4514
* usbin ptr to the usb transfer buffer
4523
----------------------------------------------------------------*/
4524
static void hfa384x_usbin_info(wlandevice_t *wlandev, hfa384x_usbin_t *usbin)
4528
usbin->infofrm.info.framelen = hfa384x2host_16(usbin->infofrm.info.framelen);
4529
prism2sta_ev_info(wlandev, &usbin->infofrm.info);
4536
/*----------------------------------------------------------------
4537
* hfa384x_usbout_callback
4539
* Callback for URBs on the BULKOUT endpoint.
4542
* urb ptr to the completed urb
4551
----------------------------------------------------------------*/
4552
#ifdef URB_ONLY_CALLBACK
4553
static void hfa384x_usbout_callback(struct urb *urb)
4555
static void hfa384x_usbout_callback(struct urb *urb, struct pt_regs *regs)
4558
wlandevice_t *wlandev = urb->context;
4559
hfa384x_usbout_t *usbout = urb->transfer_buffer;
4569
switch(urb->status) {
4571
hfa384x_usbout_tx(wlandev, usbout);
4576
hfa384x_t *hw = wlandev->priv;
4577
WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
4578
wlandev->netdev->name);
4579
if ( !test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) )
4580
schedule_work(&hw->usb_work);
4581
++(wlandev->linux_stats.tx_errors);
4589
hfa384x_t *hw = wlandev->priv;
4591
if ( !test_and_set_bit(THROTTLE_TX, &hw->usb_flags)
4592
&& !timer_pending(&hw->throttle) ) {
4593
mod_timer(&hw->throttle,
4594
jiffies + THROTTLE_JIFFIES);
4596
++(wlandev->linux_stats.tx_errors);
4597
netif_stop_queue(wlandev->netdev);
4603
/* Ignorable errors */
4607
WLAN_LOG_INFO("unknown urb->status=%d\n", urb->status);
4608
++(wlandev->linux_stats.tx_errors);
4617
/*----------------------------------------------------------------
4618
* hfa384x_ctlxout_callback
4620
* Callback for control data on the BULKOUT endpoint.
4623
* urb ptr to the completed urb
4632
----------------------------------------------------------------*/
4633
#ifdef URB_ONLY_CALLBACK
4634
static void hfa384x_ctlxout_callback(struct urb *urb)
4636
static void hfa384x_ctlxout_callback(struct urb *urb, struct pt_regs *regs)
4639
hfa384x_t *hw = urb->context;
4640
int delete_resptimer = 0;
4643
hfa384x_usbctlx_t *ctlx;
4644
unsigned long flags;
4648
WLAN_LOG_DEBUG(3,"urb->status=%d\n", urb->status);
4652
if ( (urb->status == -ESHUTDOWN) ||
4653
(urb->status == -ENODEV) ||
4658
spin_lock_irqsave(&hw->ctlxq.lock, flags);
4661
* Only one CTLX at a time on the "active" list, and
4662
* none at all if we are unplugged. However, we can
4663
* rely on the disconnect function to clean everything
4664
* up if someone unplugged the adapter.
4666
if ( list_empty(&hw->ctlxq.active) ) {
4667
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4672
* Having something on the "active" queue means
4673
* that we have timers to worry about ...
4675
if (del_timer(&hw->reqtimer) == 0) {
4676
if (hw->req_timer_done == 0) {
4678
* This timer was actually running while we
4679
* were trying to delete it. Let it terminate
4680
* gracefully instead.
4682
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4687
hw->req_timer_done = 1;
4690
ctlx = get_active_ctlx(hw);
4692
if ( urb->status == 0 ) {
4693
/* Request portion of a CTLX is successful */
4694
switch ( ctlx->state ) {
4695
case CTLX_REQ_SUBMITTED:
4696
/* This OUT-ACK received before IN */
4697
ctlx->state = CTLX_REQ_COMPLETE;
4700
case CTLX_RESP_COMPLETE:
4701
/* IN already received before this OUT-ACK,
4702
* so this command must now be complete.
4704
ctlx->state = CTLX_COMPLETE;
4705
unlocked_usbctlx_complete(hw, ctlx);
4710
/* This is NOT a valid CTLX "success" state! */
4712
"Illegal CTLX[%d] success state(%s, %d) in OUT URB\n",
4713
hfa384x2host_16(ctlx->outbuf.type),
4714
ctlxstr(ctlx->state), urb->status);
4718
/* If the pipe has stalled then we need to reset it */
4719
if ( (urb->status == -EPIPE) &&
4720
!test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) ) {
4721
WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
4722
hw->wlandev->netdev->name);
4723
schedule_work(&hw->usb_work);
4726
/* If someone cancels the OUT URB then its status
4727
* should be either -ECONNRESET or -ENOENT.
4729
ctlx->state = CTLX_REQ_FAILED;
4730
unlocked_usbctlx_complete(hw, ctlx);
4731
delete_resptimer = 1;
4736
if (delete_resptimer) {
4737
if ((timer_ok = del_timer(&hw->resptimer)) != 0) {
4738
hw->resp_timer_done = 1;
4742
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4744
if ( !timer_ok && (hw->resp_timer_done == 0) ) {
4745
spin_lock_irqsave(&hw->ctlxq.lock, flags);
4750
hfa384x_usbctlxq_run(hw);
4757
/*----------------------------------------------------------------
4758
* hfa384x_usbctlx_reqtimerfn
4760
* Timer response function for CTLX request timeouts. If this
4761
* function is called, it means that the callback for the OUT
4762
* URB containing a Prism2.x XXX_Request was never called.
4765
* data a ptr to the hfa384x_t
4774
----------------------------------------------------------------*/
4776
hfa384x_usbctlx_reqtimerfn(unsigned long data)
4778
hfa384x_t *hw = (hfa384x_t*)data;
4779
unsigned long flags;
4782
spin_lock_irqsave(&hw->ctlxq.lock, flags);
4784
hw->req_timer_done = 1;
4786
/* Removing the hardware automatically empties
4787
* the active list ...
4789
if ( !list_empty(&hw->ctlxq.active) )
4792
* We must ensure that our URB is removed from
4793
* the system, if it hasn't already expired.
4795
hw->ctlx_urb.transfer_flags |= URB_ASYNC_UNLINK;
4796
if (usb_unlink_urb(&hw->ctlx_urb) == -EINPROGRESS)
4798
hfa384x_usbctlx_t *ctlx = get_active_ctlx(hw);
4800
ctlx->state = CTLX_REQ_FAILED;
4802
/* This URB was active, but has now been
4803
* cancelled. It will now have a status of
4804
* -ECONNRESET in the callback function.
4806
* We are cancelling this CTLX, so we're
4807
* not going to need to wait for a response.
4808
* The URB's callback function will check
4809
* that this timer is truly dead.
4811
if (del_timer(&hw->resptimer) != 0)
4812
hw->resp_timer_done = 1;
4816
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4822
/*----------------------------------------------------------------
4823
* hfa384x_usbctlx_resptimerfn
4825
* Timer response function for CTLX response timeouts. If this
4826
* function is called, it means that the callback for the IN
4827
* URB containing a Prism2.x XXX_Response was never called.
4830
* data a ptr to the hfa384x_t
4839
----------------------------------------------------------------*/
4841
hfa384x_usbctlx_resptimerfn(unsigned long data)
4843
hfa384x_t *hw = (hfa384x_t*)data;
4844
unsigned long flags;
4848
spin_lock_irqsave(&hw->ctlxq.lock, flags);
4850
hw->resp_timer_done = 1;
4852
/* The active list will be empty if the
4853
* adapter has been unplugged ...
4855
if ( !list_empty(&hw->ctlxq.active) )
4857
hfa384x_usbctlx_t *ctlx = get_active_ctlx(hw);
4859
if ( unlocked_usbctlx_cancel_async(hw, ctlx) == 0 )
4861
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4862
hfa384x_usbctlxq_run(hw);
4867
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4873
/*----------------------------------------------------------------
4874
* hfa384x_usb_throttlefn
4887
----------------------------------------------------------------*/
4889
hfa384x_usb_throttlefn(unsigned long data)
4891
hfa384x_t *hw = (hfa384x_t*)data;
4892
unsigned long flags;
4896
spin_lock_irqsave(&hw->ctlxq.lock, flags);
4899
* We need to check BOTH the RX and the TX throttle controls,
4900
* so we use the bitwise OR instead of the logical OR.
4902
WLAN_LOG_DEBUG(3, "flags=0x%lx\n", hw->usb_flags);
4903
if ( !hw->wlandev->hwremoved &&
4905
(test_and_clear_bit(THROTTLE_RX, &hw->usb_flags) &&
4906
!test_and_set_bit(WORK_RX_RESUME, &hw->usb_flags))
4908
(test_and_clear_bit(THROTTLE_TX, &hw->usb_flags) &&
4909
!test_and_set_bit(WORK_TX_RESUME, &hw->usb_flags))
4912
schedule_work(&hw->usb_work);
4915
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4921
/*----------------------------------------------------------------
4922
* hfa384x_usbctlx_submit
4924
* Called from the doxxx functions to submit a CTLX to the queue
4927
* hw ptr to the hw struct
4928
* ctlx ctlx structure to enqueue
4931
* -ENODEV if the adapter is unplugged
4937
* process or interrupt
4938
----------------------------------------------------------------*/
4940
hfa384x_usbctlx_submit(
4942
hfa384x_usbctlx_t *ctlx)
4944
unsigned long flags;
4949
spin_lock_irqsave(&hw->ctlxq.lock, flags);
4951
if (hw->wlandev->hwremoved) {
4952
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4955
ctlx->state = CTLX_PENDING;
4956
list_add_tail(&ctlx->list, &hw->ctlxq.pending);
4958
spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4959
hfa384x_usbctlxq_run(hw);
4968
/*----------------------------------------------------------------
4971
* At this point we have finished a send of a frame. Mark the URB
4972
* as available and call ev_alloc to notify higher layers we're
4976
* wlandev wlan device
4977
* usbout ptr to the usb transfer buffer
4986
----------------------------------------------------------------*/
4987
static void hfa384x_usbout_tx(wlandevice_t *wlandev, hfa384x_usbout_t *usbout)
4991
prism2sta_ev_alloc(wlandev);
4996
/*----------------------------------------------------------------
4997
* hfa384x_isgood_pdrcore
4999
* Quick check of PDR codes.
5002
* pdrcode PDR code number (host order)
5011
----------------------------------------------------------------*/
5013
hfa384x_isgood_pdrcode(UINT16 pdrcode)
5016
case HFA384x_PDR_END_OF_PDA:
5017
case HFA384x_PDR_PCB_PARTNUM:
5018
case HFA384x_PDR_PDAVER:
5019
case HFA384x_PDR_NIC_SERIAL:
5020
case HFA384x_PDR_MKK_MEASUREMENTS:
5021
case HFA384x_PDR_NIC_RAMSIZE:
5022
case HFA384x_PDR_MFISUPRANGE:
5023
case HFA384x_PDR_CFISUPRANGE:
5024
case HFA384x_PDR_NICID:
5025
case HFA384x_PDR_MAC_ADDRESS:
5026
case HFA384x_PDR_REGDOMAIN:
5027
case HFA384x_PDR_ALLOWED_CHANNEL:
5028
case HFA384x_PDR_DEFAULT_CHANNEL:
5029
case HFA384x_PDR_TEMPTYPE:
5030
case HFA384x_PDR_IFR_SETTING:
5031
case HFA384x_PDR_RFR_SETTING:
5032
case HFA384x_PDR_HFA3861_BASELINE:
5033
case HFA384x_PDR_HFA3861_SHADOW:
5034
case HFA384x_PDR_HFA3861_IFRF:
5035
case HFA384x_PDR_HFA3861_CHCALSP:
5036
case HFA384x_PDR_HFA3861_CHCALI:
5037
case HFA384x_PDR_3842_NIC_CONFIG:
5038
case HFA384x_PDR_USB_ID:
5039
case HFA384x_PDR_PCI_ID:
5040
case HFA384x_PDR_PCI_IFCONF:
5041
case HFA384x_PDR_PCI_PMCONF:
5042
case HFA384x_PDR_RFENRGY:
5043
case HFA384x_PDR_HFA3861_MANF_TESTSP:
5044
case HFA384x_PDR_HFA3861_MANF_TESTI:
5049
if ( pdrcode < 0x1000 ) {
5050
/* code is OK, but we don't know exactly what it is */
5052
"Encountered unknown PDR#=0x%04x, "
5053
"assuming it's ok.\n",
5059
"Encountered unknown PDR#=0x%04x, "
5060
"(>=0x1000), assuming it's bad.\n",
5066
return 0; /* avoid compiler warnings */