projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Staging: add wlan-ng prism2 usb driver
[deliverable/linux.git] / drivers / staging / wlan-ng / hfa384x_usb.c
1 /* src/prism2/driver/hfa384x_usb.c
2 *
3 * Functions that talk to the USB variantof the Intersil hfa384x MAC
4 *
5 * Copyright (C) 1999 AbsoluteValue Systems, Inc. All Rights Reserved.
6 * --------------------------------------------------------------------
7 *
8 * linux-wlan
9 *
10 * The contents of this file are subject to the Mozilla Public
11 * License Version 1.1 (the "License"); you may not use this file
12 * except in compliance with the License. You may obtain a copy of
13 * the License at http://www.mozilla.org/MPL/
14 *
15 * Software distributed under the License is distributed on an "AS
16 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
17 * implied. See the License for the specific language governing
18 * rights and limitations under the License.
19 *
20 * Alternatively, the contents of this file may be used under the
21 * terms of the GNU Public License version 2 (the "GPL"), in which
22 * case the provisions of the GPL are applicable instead of the
23 * above. If you wish to allow the use of your version of this file
24 * only under the terms of the GPL and not to allow others to use
25 * your version of this file under the MPL, indicate your decision
26 * by deleting the provisions above and replace them with the notice
27 * and other provisions required by the GPL. If you do not delete
28 * the provisions above, a recipient may use your version of this
29 * file under either the MPL or the GPL.
30 *
31 * --------------------------------------------------------------------
32 *
33 * Inquiries regarding the linux-wlan Open Source project can be
34 * made directly to:
35 *
36 * AbsoluteValue Systems Inc.
37 * info@linux-wlan.com
38 * http://www.linux-wlan.com
39 *
40 * --------------------------------------------------------------------
41 *
42 * Portions of the development of this software were funded by
43 * Intersil Corporation as part of PRISM(R) chipset product development.
44 *
45 * --------------------------------------------------------------------
46 *
47 * This file implements functions that correspond to the prism2/hfa384x
48 * 802.11 MAC hardware and firmware host interface.
49 *
50 * The functions can be considered to represent several levels of
51 * abstraction. The lowest level functions are simply C-callable wrappers
52 * around the register accesses. The next higher level represents C-callable
53 * prism2 API functions that match the Intersil documentation as closely
54 * as is reasonable. The next higher layer implements common sequences
55 * of invokations of the API layer (e.g. write to bap, followed by cmd).
56 *
57 * Common sequences:
58 * hfa384x_drvr_xxx Highest level abstractions provided by the
59 * hfa384x code. They are driver defined wrappers
60 * for common sequences. These functions generally
61 * use the services of the lower levels.
62 *
63 * hfa384x_drvr_xxxconfig An example of the drvr level abstraction. These
64 * functions are wrappers for the RID get/set
65 * sequence. They call copy_[to|from]_bap() and
66 * cmd_access(). These functions operate on the
67 * RIDs and buffers without validation. The caller
68 * is responsible for that.
69 *
70 * API wrapper functions:
71 * hfa384x_cmd_xxx functions that provide access to the f/w commands.
72 * The function arguments correspond to each command
73 * argument, even command arguments that get packed
74 * into single registers. These functions _just_
75 * issue the command by setting the cmd/parm regs
76 * & reading the status/resp regs. Additional
77 * activities required to fully use a command
78 * (read/write from/to bap, get/set int status etc.)
79 * are implemented separately. Think of these as
80 * C-callable prism2 commands.
81 *
82 * Lowest Layer Functions:
83 * hfa384x_docmd_xxx These functions implement the sequence required
84 * to issue any prism2 command. Primarily used by the
85 * hfa384x_cmd_xxx functions.
86 *
87 * hfa384x_bap_xxx BAP read/write access functions.
88 * Note: we usually use BAP0 for non-interrupt context
89 * and BAP1 for interrupt context.
90 *
91 * hfa384x_dl_xxx download related functions.
92 *
93 * Driver State Issues:
94 * Note that there are two pairs of functions that manage the
95 * 'initialized' and 'running' states of the hw/MAC combo. The four
96 * functions are create(), destroy(), start(), and stop(). create()
97 * sets up the data structures required to support the hfa384x_*
98 * functions and destroy() cleans them up. The start() function gets
99 * the actual hardware running and enables the interrupts. The stop()
100 * function shuts the hardware down. The sequence should be:
101 * create()
102 * start()
103 * .
104 * . Do interesting things w/ the hardware
105 * .
106 * stop()
107 * destroy()
108 *
109 * Note that destroy() can be called without calling stop() first.
110 * --------------------------------------------------------------------
111 */
112
113 /*================================================================*/
114 /* System Includes */
115 #define WLAN_DBVAR prism2_debug
116
117 #include "version.h"
118
119
120 #include <linux/version.h>
121
122 #include <linux/module.h>
123 #include <linux/kernel.h>
124 #include <linux/sched.h>
125 #include <linux/types.h>
126 #include <linux/slab.h>
127 #include <linux/wireless.h>
128 #include <linux/netdevice.h>
129 #include <linux/timer.h>
130 #include <asm/io.h>
131 #include <linux/delay.h>
132 #include <asm/byteorder.h>
133 #include <asm/bitops.h>
134 #include <linux/list.h>
135 #include <linux/usb.h>
136
137 #include "wlan_compat.h"
138
139 #if (WLAN_HOSTIF != WLAN_USB)
140 #error "This file is specific to USB"
141 #endif
142
143
144 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,10)
145 static int
146 wait_for_completion_interruptible(struct completion *x)
147 {
148 int ret = 0;
149
150 might_sleep();
151
152 spin_lock_irq(&x->wait.lock);
153 if (!x->done) {
154 DECLARE_WAITQUEUE(wait, current);
155
156 wait.flags |= WQ_FLAG_EXCLUSIVE;
157 __add_wait_queue_tail(&x->wait, &wait);
158 do {
159 if (signal_pending(current)) {
160 ret = -ERESTARTSYS;
161 __remove_wait_queue(&x->wait, &wait);
162 goto out;
163 }
164 __set_current_state(TASK_INTERRUPTIBLE);
165 spin_unlock_irq(&x->wait.lock);
166 schedule();
167 spin_lock_irq(&x->wait.lock);
168 } while (!x->done);
169 __remove_wait_queue(&x->wait, &wait);
170 }
171 x->done--;
172 out:
173 spin_unlock_irq(&x->wait.lock);
174
175 return ret;
176 }
177 #endif
178
179 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,5,69)
180 static void
181 usb_init_urb(struct urb *urb)
182 {
183 memset(urb, 0, sizeof(*urb));
184 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,5,0) /* tune me! */
185 urb->count = (atomic_t)ATOMIC_INIT(1);
186 #endif
187 spin_lock_init(&urb->lock);
188 }
189 #endif
190
191 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,5,0) /* tune me! */
192 # define SUBMIT_URB(u,f) usb_submit_urb(u,f)
193 #else
194 # define SUBMIT_URB(u,f) usb_submit_urb(u)
195 #endif
196
197 /*================================================================*/
198 /* Project Includes */
199
200 #include "p80211types.h"
201 #include "p80211hdr.h"
202 #include "p80211mgmt.h"
203 #include "p80211conv.h"
204 #include "p80211msg.h"
205 #include "p80211netdev.h"
206 #include "p80211req.h"
207 #include "p80211metadef.h"
208 #include "p80211metastruct.h"
209 #include "hfa384x.h"
210 #include "prism2mgmt.h"
211
212 /*================================================================*/
213 /* Local Constants */
214
215 enum cmd_mode
216 {
217 DOWAIT = 0,
218 DOASYNC
219 };
220 typedef enum cmd_mode CMD_MODE;
221
222 #define THROTTLE_JIFFIES (HZ/8)
223
224 /*================================================================*/
225 /* Local Macros */
226
227 #define ROUNDUP64(a) (((a)+63)&~63)
228
229 /*================================================================*/
230 /* Local Types */
231
232 /*================================================================*/
233 /* Local Static Definitions */
234 extern int prism2_debug;
235
236 /*================================================================*/
237 /* Local Function Declarations */
238
239 #ifdef DEBUG_USB
240 static void
241 dbprint_urb(struct urb* urb);
242 #endif
243
244 static void
245 hfa384x_int_rxmonitor(
246 wlandevice_t *wlandev,
247 hfa384x_usb_rxfrm_t *rxfrm);
248
249 static void
250 hfa384x_usb_defer(struct work_struct *data);
251
252 static int
253 submit_rx_urb(hfa384x_t *hw, gfp_t flags);
254
255 static int
256 submit_tx_urb(hfa384x_t *hw, struct urb *tx_urb, gfp_t flags);
257
258 /*---------------------------------------------------*/
259 /* Callbacks */
260 #ifdef URB_ONLY_CALLBACK
261 static void
262 hfa384x_usbout_callback(struct urb *urb);
263 static void
264 hfa384x_ctlxout_callback(struct urb *urb);
265 static void
266 hfa384x_usbin_callback(struct urb *urb);
267 #else
268 static void
269 hfa384x_usbout_callback(struct urb *urb, struct pt_regs *regs);
270 static void
271 hfa384x_ctlxout_callback(struct urb *urb, struct pt_regs *regs);
272 static void
273 hfa384x_usbin_callback(struct urb *urb, struct pt_regs *regs);
274 #endif
275
276 static void
277 hfa384x_usbin_txcompl(wlandevice_t *wlandev, hfa384x_usbin_t *usbin);
278
279 static void
280 hfa384x_usbin_rx(wlandevice_t *wlandev, struct sk_buff *skb);
281
282 static void
283 hfa384x_usbin_info(wlandevice_t *wlandev, hfa384x_usbin_t *usbin);
284
285 static void
286 hfa384x_usbout_tx(wlandevice_t *wlandev, hfa384x_usbout_t *usbout);
287
288 static void hfa384x_usbin_ctlx(hfa384x_t *hw, hfa384x_usbin_t *usbin,
289 int urb_status);
290
291 /*---------------------------------------------------*/
292 /* Functions to support the prism2 usb command queue */
293
294 static void
295 hfa384x_usbctlxq_run(hfa384x_t *hw);
296
297 static void
298 hfa384x_usbctlx_reqtimerfn(unsigned long data);
299
300 static void
301 hfa384x_usbctlx_resptimerfn(unsigned long data);
302
303 static void
304 hfa384x_usb_throttlefn(unsigned long data);
305
306 static void
307 hfa384x_usbctlx_completion_task(unsigned long data);
308
309 static void
310 hfa384x_usbctlx_reaper_task(unsigned long data);
311
312 static int
313 hfa384x_usbctlx_submit(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
314
315 static void
316 unlocked_usbctlx_complete(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
317
318 struct usbctlx_completor
319 {
320 int (*complete)(struct usbctlx_completor*);
321 };
322 typedef struct usbctlx_completor usbctlx_completor_t;
323
324 static int
325 hfa384x_usbctlx_complete_sync(hfa384x_t *hw,
326 hfa384x_usbctlx_t *ctlx,
327 usbctlx_completor_t *completor);
328
329 static int
330 unlocked_usbctlx_cancel_async(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
331
332 static void
333 hfa384x_cb_status(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx);
334
335 static void
336 hfa384x_cb_rrid(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx);
337
338 static int
339 usbctlx_get_status(const hfa384x_usb_cmdresp_t *cmdresp,
340 hfa384x_cmdresult_t *result);
341
342 static void
343 usbctlx_get_rridresult(const hfa384x_usb_rridresp_t *rridresp,
344 hfa384x_rridresult_t *result);
345
346 /*---------------------------------------------------*/
347 /* Low level req/resp CTLX formatters and submitters */
348 static int
349 hfa384x_docmd(
350 hfa384x_t *hw,
351 CMD_MODE mode,
352 hfa384x_metacmd_t *cmd,
353 ctlx_cmdcb_t cmdcb,
354 ctlx_usercb_t usercb,
355 void *usercb_data);
356
357 static int
358 hfa384x_dorrid(
359 hfa384x_t *hw,
360 CMD_MODE mode,
361 UINT16 rid,
362 void *riddata,
363 UINT riddatalen,
364 ctlx_cmdcb_t cmdcb,
365 ctlx_usercb_t usercb,
366 void *usercb_data);
367
368 static int
369 hfa384x_dowrid(
370 hfa384x_t *hw,
371 CMD_MODE mode,
372 UINT16 rid,
373 void *riddata,
374 UINT riddatalen,
375 ctlx_cmdcb_t cmdcb,
376 ctlx_usercb_t usercb,
377 void *usercb_data);
378
379 static int
380 hfa384x_dormem(
381 hfa384x_t *hw,
382 CMD_MODE mode,
383 UINT16 page,
384 UINT16 offset,
385 void *data,
386 UINT len,
387 ctlx_cmdcb_t cmdcb,
388 ctlx_usercb_t usercb,
389 void *usercb_data);
390
391 static int
392 hfa384x_dowmem(
393 hfa384x_t *hw,
394 CMD_MODE mode,
395 UINT16 page,
396 UINT16 offset,
397 void *data,
398 UINT len,
399 ctlx_cmdcb_t cmdcb,
400 ctlx_usercb_t usercb,
401 void *usercb_data);
402
403 static int
404 hfa384x_isgood_pdrcode(UINT16 pdrcode);
405
406 /*================================================================*/
407 /* Function Definitions */
408 static inline const char* ctlxstr(CTLX_STATE s)
409 {
410 static const char* ctlx_str[] = {
411 "Initial state",
412 "Complete",
413 "Request failed",
414 "Request pending",
415 "Request packet submitted",
416 "Request packet completed",
417 "Response packet completed"
418 };
419
420 return ctlx_str[s];
421 };
422
423
424 static inline hfa384x_usbctlx_t*
425 get_active_ctlx(hfa384x_t *hw)
426 {
427 return list_entry(hw->ctlxq.active.next, hfa384x_usbctlx_t, list);
428 }
429
430
431 #ifdef DEBUG_USB
432 void
433 dbprint_urb(struct urb* urb)
434 {
435 WLAN_LOG_DEBUG(3,"urb->pipe=0x%08x\n", urb->pipe);
436 WLAN_LOG_DEBUG(3,"urb->status=0x%08x\n", urb->status);
437 WLAN_LOG_DEBUG(3,"urb->transfer_flags=0x%08x\n", urb->transfer_flags);
438 WLAN_LOG_DEBUG(3,"urb->transfer_buffer=0x%08x\n", (UINT)urb->transfer_buffer);
439 WLAN_LOG_DEBUG(3,"urb->transfer_buffer_length=0x%08x\n", urb->transfer_buffer_length);
440 WLAN_LOG_DEBUG(3,"urb->actual_length=0x%08x\n", urb->actual_length);
441 WLAN_LOG_DEBUG(3,"urb->bandwidth=0x%08x\n", urb->bandwidth);
442 WLAN_LOG_DEBUG(3,"urb->setup_packet(ctl)=0x%08x\n", (UINT)urb->setup_packet);
443 WLAN_LOG_DEBUG(3,"urb->start_frame(iso/irq)=0x%08x\n", urb->start_frame);
444 WLAN_LOG_DEBUG(3,"urb->interval(irq)=0x%08x\n", urb->interval);
445 WLAN_LOG_DEBUG(3,"urb->error_count(iso)=0x%08x\n", urb->error_count);
446 WLAN_LOG_DEBUG(3,"urb->timeout=0x%08x\n", urb->timeout);
447 WLAN_LOG_DEBUG(3,"urb->context=0x%08x\n", (UINT)urb->context);
448 WLAN_LOG_DEBUG(3,"urb->complete=0x%08x\n", (UINT)urb->complete);
449 }
450 #endif
451
452
453 /*----------------------------------------------------------------
454 * submit_rx_urb
455 *
456 * Listen for input data on the BULK-IN pipe. If the pipe has
457 * stalled then schedule it to be reset.
458 *
459 * Arguments:
460 * hw device struct
461 * memflags memory allocation flags
462 *
463 * Returns:
464 * error code from submission
465 *
466 * Call context:
467 * Any
468 ----------------------------------------------------------------*/
469 static int
470 submit_rx_urb(hfa384x_t *hw, gfp_t memflags)
471 {
472 struct sk_buff *skb;
473 int result;
474
475 DBFENTER;
476
477 skb = dev_alloc_skb(sizeof(hfa384x_usbin_t));
478 if (skb == NULL) {
479 result = -ENOMEM;
480 goto done;
481 }
482
483 /* Post the IN urb */
484 usb_fill_bulk_urb(&hw->rx_urb, hw->usb,
485 hw->endp_in,
486 skb->data, sizeof(hfa384x_usbin_t),
487 hfa384x_usbin_callback, hw->wlandev);
488
489 hw->rx_urb_skb = skb;
490
491 result = -ENOLINK;
492 if ( !hw->wlandev->hwremoved && !test_bit(WORK_RX_HALT, &hw->usb_flags)) {
493 result = SUBMIT_URB(&hw->rx_urb, memflags);
494
495 /* Check whether we need to reset the RX pipe */
496 if (result == -EPIPE) {
497 WLAN_LOG_WARNING("%s rx pipe stalled: requesting reset\n",
498 hw->wlandev->netdev->name);
499 if ( !test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) )
500 schedule_work(&hw->usb_work);
501 }
502 }
503
504 /* Don't leak memory if anything should go wrong */
505 if (result != 0) {
506 dev_kfree_skb(skb);
507 hw->rx_urb_skb = NULL;
508 }
509
510 done:
511
512 DBFEXIT;
513 return result;
514 }
515
516 /*----------------------------------------------------------------
517 * submit_tx_urb
518 *
519 * Prepares and submits the URB of transmitted data. If the
520 * submission fails then it will schedule the output pipe to
521 * be reset.
522 *
523 * Arguments:
524 * hw device struct
525 * tx_urb URB of data for tranmission
526 * memflags memory allocation flags
527 *
528 * Returns:
529 * error code from submission
530 *
531 * Call context:
532 * Any
533 ----------------------------------------------------------------*/
534 static int
535 submit_tx_urb(hfa384x_t *hw, struct urb *tx_urb, gfp_t memflags)
536 {
537 struct net_device *netdev = hw->wlandev->netdev;
538 int result;
539
540 DBFENTER;
541
542 result = -ENOLINK;
543 if ( netif_running(netdev) ) {
544
545 if ( !hw->wlandev->hwremoved && !test_bit(WORK_TX_HALT, &hw->usb_flags) ) {
546 result = SUBMIT_URB(tx_urb, memflags);
547
548 /* Test whether we need to reset the TX pipe */
549 if (result == -EPIPE) {
550 WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
551 netdev->name);
552 set_bit(WORK_TX_HALT, &hw->usb_flags);
553 schedule_work(&hw->usb_work);
554 } else if (result == 0) {
555 netif_stop_queue(netdev);
556 }
557 }
558 }
559
560 DBFEXIT;
561
562 return result;
563 }
564
565 /*----------------------------------------------------------------
566 * hfa394x_usb_defer
567 *
568 * There are some things that the USB stack cannot do while
569 * in interrupt context, so we arrange this function to run
570 * in process context.
571 *
572 * Arguments:
573 * hw device structure
574 *
575 * Returns:
576 * nothing
577 *
578 * Call context:
579 * process (by design)
580 ----------------------------------------------------------------*/
581 static void
582 hfa384x_usb_defer(struct work_struct *data)
583 {
584 hfa384x_t *hw = container_of(data, struct hfa384x, usb_work);
585 struct net_device *netdev = hw->wlandev->netdev;
586
587 DBFENTER;
588
589 /* Don't bother trying to reset anything if the plug
590 * has been pulled ...
591 */
592 if ( hw->wlandev->hwremoved ) {
593 DBFEXIT;
594 return;
595 }
596
597 /* Reception has stopped: try to reset the input pipe */
598 if (test_bit(WORK_RX_HALT, &hw->usb_flags)) {
599 int ret;
600
601 usb_kill_urb(&hw->rx_urb); /* Cannot be holding spinlock! */
602
603 ret = usb_clear_halt(hw->usb, hw->endp_in);
604 if (ret != 0) {
605 printk(KERN_ERR
606 "Failed to clear rx pipe for %s: err=%d\n",
607 netdev->name, ret);
608 } else {
609 printk(KERN_INFO "%s rx pipe reset complete.\n",
610 netdev->name);
611 clear_bit(WORK_RX_HALT, &hw->usb_flags);
612 set_bit(WORK_RX_RESUME, &hw->usb_flags);
613 }
614 }
615
616 /* Resume receiving data back from the device. */
617 if ( test_bit(WORK_RX_RESUME, &hw->usb_flags) ) {
618 int ret;
619
620 ret = submit_rx_urb(hw, GFP_KERNEL);
621 if (ret != 0) {
622 printk(KERN_ERR
623 "Failed to resume %s rx pipe.\n", netdev->name);
624 } else {
625 clear_bit(WORK_RX_RESUME, &hw->usb_flags);
626 }
627 }
628
629 /* Transmission has stopped: try to reset the output pipe */
630 if (test_bit(WORK_TX_HALT, &hw->usb_flags)) {
631 int ret;
632
633 usb_kill_urb(&hw->tx_urb);
634 ret = usb_clear_halt(hw->usb, hw->endp_out);
635 if (ret != 0) {
636 printk(KERN_ERR
637 "Failed to clear tx pipe for %s: err=%d\n",
638 netdev->name, ret);
639 } else {
640 printk(KERN_INFO "%s tx pipe reset complete.\n",
641 netdev->name);
642 clear_bit(WORK_TX_HALT, &hw->usb_flags);
643 set_bit(WORK_TX_RESUME, &hw->usb_flags);
644
645 /* Stopping the BULK-OUT pipe also blocked
646 * us from sending any more CTLX URBs, so
647 * we need to re-run our queue ...
648 */
649 hfa384x_usbctlxq_run(hw);
650 }
651 }
652
653 /* Resume transmitting. */
654 if ( test_and_clear_bit(WORK_TX_RESUME, &hw->usb_flags) ) {
655 p80211netdev_wake_queue(hw->wlandev);
656 }
657
658 DBFEXIT;
659 }
660
661
662 /*----------------------------------------------------------------
663 * hfa384x_create
664 *
665 * Sets up the hfa384x_t data structure for use. Note this
666 * does _not_ intialize the actual hardware, just the data structures
667 * we use to keep track of its state.
668 *
669 * Arguments:
670 * hw device structure
671 * irq device irq number
672 * iobase i/o base address for register access
673 * membase memory base address for register access
674 *
675 * Returns:
676 * nothing
677 *
678 * Side effects:
679 *
680 * Call context:
681 * process
682 ----------------------------------------------------------------*/
683 void
684 hfa384x_create( hfa384x_t *hw, struct usb_device *usb)
685 {
686 DBFENTER;
687
688 memset(hw, 0, sizeof(hfa384x_t));
689 hw->usb = usb;
690
691 /* set up the endpoints */
692 hw->endp_in = usb_rcvbulkpipe(usb, 1);
693 hw->endp_out = usb_sndbulkpipe(usb, 2);
694
695 /* Set up the waitq */
696 init_waitqueue_head(&hw->cmdq);
697
698 /* Initialize the command queue */
699 spin_lock_init(&hw->ctlxq.lock);
700 INIT_LIST_HEAD(&hw->ctlxq.pending);
701 INIT_LIST_HEAD(&hw->ctlxq.active);
702 INIT_LIST_HEAD(&hw->ctlxq.completing);
703 INIT_LIST_HEAD(&hw->ctlxq.reapable);
704
705 /* Initialize the authentication queue */
706 skb_queue_head_init(&hw->authq);
707
708 tasklet_init(&hw->reaper_bh,
709 hfa384x_usbctlx_reaper_task,
710 (unsigned long)hw);
711 tasklet_init(&hw->completion_bh,
712 hfa384x_usbctlx_completion_task,
713 (unsigned long)hw);
714 INIT_WORK2(&hw->link_bh, prism2sta_processing_defer);
715 INIT_WORK2(&hw->usb_work, hfa384x_usb_defer);
716
717 init_timer(&hw->throttle);
718 hw->throttle.function = hfa384x_usb_throttlefn;
719 hw->throttle.data = (unsigned long)hw;
720
721 init_timer(&hw->resptimer);
722 hw->resptimer.function = hfa384x_usbctlx_resptimerfn;
723 hw->resptimer.data = (unsigned long)hw;
724
725 init_timer(&hw->reqtimer);
726 hw->reqtimer.function = hfa384x_usbctlx_reqtimerfn;
727 hw->reqtimer.data = (unsigned long)hw;
728
729 usb_init_urb(&hw->rx_urb);
730 usb_init_urb(&hw->tx_urb);
731 usb_init_urb(&hw->ctlx_urb);
732
733 hw->link_status = HFA384x_LINK_NOTCONNECTED;
734 hw->state = HFA384x_STATE_INIT;
735
736 INIT_WORK2(&hw->commsqual_bh, prism2sta_commsqual_defer);
737 init_timer(&hw->commsqual_timer);
738 hw->commsqual_timer.data = (unsigned long) hw;
739 hw->commsqual_timer.function = prism2sta_commsqual_timer;
740
741 DBFEXIT;
742 }
743
744
745 /*----------------------------------------------------------------
746 * hfa384x_destroy
747 *
748 * Partner to hfa384x_create(). This function cleans up the hw
749 * structure so that it can be freed by the caller using a simple
750 * kfree. Currently, this function is just a placeholder. If, at some
751 * point in the future, an hw in the 'shutdown' state requires a 'deep'
752 * kfree, this is where it should be done. Note that if this function
753 * is called on a _running_ hw structure, the drvr_stop() function is
754 * called.
755 *
756 * Arguments:
757 * hw device structure
758 *
759 * Returns:
760 * nothing, this function is not allowed to fail.
761 *
762 * Side effects:
763 *
764 * Call context:
765 * process
766 ----------------------------------------------------------------*/
767 void
768 hfa384x_destroy( hfa384x_t *hw)
769 {
770 struct sk_buff *skb;
771
772 DBFENTER;
773
774 if ( hw->state == HFA384x_STATE_RUNNING ) {
775 hfa384x_drvr_stop(hw);
776 }
777 hw->state = HFA384x_STATE_PREINIT;
778
779 if (hw->scanresults) {
780 kfree(hw->scanresults);
781 hw->scanresults = NULL;
782 }
783
784 /* Now to clean out the auth queue */
785 while ( (skb = skb_dequeue(&hw->authq)) ) {
786 dev_kfree_skb(skb);
787 }
788
789 DBFEXIT;
790 }
791
792
793 /*----------------------------------------------------------------
794 */
795 static hfa384x_usbctlx_t* usbctlx_alloc(void)
796 {
797 hfa384x_usbctlx_t *ctlx;
798
799 ctlx = kmalloc(sizeof(*ctlx), in_interrupt() ? GFP_ATOMIC : GFP_KERNEL);
800 if (ctlx != NULL)
801 {
802 memset(ctlx, 0, sizeof(*ctlx));
803 init_completion(&ctlx->done);
804 }
805
806 return ctlx;
807 }
808
809
810 /*----------------------------------------------------------------
811 *
812 ----------------------------------------------------------------*/
813 static int
814 usbctlx_get_status(const hfa384x_usb_cmdresp_t *cmdresp,
815 hfa384x_cmdresult_t *result)
816 {
817 DBFENTER;
818
819 result->status = hfa384x2host_16(cmdresp->status);
820 result->resp0 = hfa384x2host_16(cmdresp->resp0);
821 result->resp1 = hfa384x2host_16(cmdresp->resp1);
822 result->resp2 = hfa384x2host_16(cmdresp->resp2);
823
824 WLAN_LOG_DEBUG(4, "cmdresult:status=0x%04x "
825 "resp0=0x%04x resp1=0x%04x resp2=0x%04x\n",
826 result->status,
827 result->resp0,
828 result->resp1,
829 result->resp2);
830
831 DBFEXIT;
832 return (result->status & HFA384x_STATUS_RESULT);
833 }
834
835 static void
836 usbctlx_get_rridresult(const hfa384x_usb_rridresp_t *rridresp,
837 hfa384x_rridresult_t *result)
838 {
839 DBFENTER;
840
841 result->rid = hfa384x2host_16(rridresp->rid);
842 result->riddata = rridresp->data;
843 result->riddata_len = ((hfa384x2host_16(rridresp->frmlen) - 1) * 2);
844
845 DBFEXIT;
846 }
847
848
849 /*----------------------------------------------------------------
850 * Completor object:
851 * This completor must be passed to hfa384x_usbctlx_complete_sync()
852 * when processing a CTLX that returns a hfa384x_cmdresult_t structure.
853 ----------------------------------------------------------------*/
854 struct usbctlx_cmd_completor
855 {
856 usbctlx_completor_t head;
857
858 const hfa384x_usb_cmdresp_t *cmdresp;
859 hfa384x_cmdresult_t *result;
860 };
861 typedef struct usbctlx_cmd_completor usbctlx_cmd_completor_t;
862
863 static int usbctlx_cmd_completor_fn(usbctlx_completor_t *head)
864 {
865 usbctlx_cmd_completor_t *complete = (usbctlx_cmd_completor_t*)head;
866 return usbctlx_get_status(complete->cmdresp, complete->result);
867 }
868
869 static inline usbctlx_completor_t*
870 init_cmd_completor(usbctlx_cmd_completor_t *completor,
871 const hfa384x_usb_cmdresp_t *cmdresp,
872 hfa384x_cmdresult_t *result)
873 {
874 completor->head.complete = usbctlx_cmd_completor_fn;
875 completor->cmdresp = cmdresp;
876 completor->result = result;
877 return &(completor->head);
878 }
879
880 /*----------------------------------------------------------------
881 * Completor object:
882 * This completor must be passed to hfa384x_usbctlx_complete_sync()
883 * when processing a CTLX that reads a RID.
884 ----------------------------------------------------------------*/
885 struct usbctlx_rrid_completor
886 {
887 usbctlx_completor_t head;
888
889 const hfa384x_usb_rridresp_t *rridresp;
890 void *riddata;
891 UINT riddatalen;
892 };
893 typedef struct usbctlx_rrid_completor usbctlx_rrid_completor_t;
894
895 static int usbctlx_rrid_completor_fn(usbctlx_completor_t *head)
896 {
897 usbctlx_rrid_completor_t *complete = (usbctlx_rrid_completor_t*)head;
898 hfa384x_rridresult_t rridresult;
899
900 usbctlx_get_rridresult(complete->rridresp, &rridresult);
901
902 /* Validate the length, note body len calculation in bytes */
903 if ( rridresult.riddata_len != complete->riddatalen ) {
904 WLAN_LOG_WARNING(
905 "RID len mismatch, rid=0x%04x hlen=%d fwlen=%d\n",
906 rridresult.rid,
907 complete->riddatalen,
908 rridresult.riddata_len);
909 return -ENODATA;
910 }
911
912 memcpy(complete->riddata,
913 rridresult.riddata,
914 complete->riddatalen);
915 return 0;
916 }
917
918 static inline usbctlx_completor_t*
919 init_rrid_completor(usbctlx_rrid_completor_t *completor,
920 const hfa384x_usb_rridresp_t *rridresp,
921 void *riddata,
922 UINT riddatalen)
923 {
924 completor->head.complete = usbctlx_rrid_completor_fn;
925 completor->rridresp = rridresp;
926 completor->riddata = riddata;
927 completor->riddatalen = riddatalen;
928 return &(completor->head);
929 }
930
931 /*----------------------------------------------------------------
932 * Completor object:
933 * Interprets the results of a synchronous RID-write
934 ----------------------------------------------------------------*/
935 typedef usbctlx_cmd_completor_t usbctlx_wrid_completor_t;
936 #define init_wrid_completor init_cmd_completor
937
938 /*----------------------------------------------------------------
939 * Completor object:
940 * Interprets the results of a synchronous memory-write
941 ----------------------------------------------------------------*/
942 typedef usbctlx_cmd_completor_t usbctlx_wmem_completor_t;
943 #define init_wmem_completor init_cmd_completor
944
945 /*----------------------------------------------------------------
946 * Completor object:
947 * Interprets the results of a synchronous memory-read
948 ----------------------------------------------------------------*/
949 struct usbctlx_rmem_completor
950 {
951 usbctlx_completor_t head;
952
953 const hfa384x_usb_rmemresp_t *rmemresp;
954 void *data;
955 UINT len;
956 };
957 typedef struct usbctlx_rmem_completor usbctlx_rmem_completor_t;
958
959 static int usbctlx_rmem_completor_fn(usbctlx_completor_t *head)
960 {
961 usbctlx_rmem_completor_t *complete = (usbctlx_rmem_completor_t*)head;
962
963 WLAN_LOG_DEBUG(4,"rmemresp:len=%d\n", complete->rmemresp->frmlen);
964 memcpy(complete->data, complete->rmemresp->data, complete->len);
965 return 0;
966 }
967
968 static inline usbctlx_completor_t*
969 init_rmem_completor(usbctlx_rmem_completor_t *completor,
970 hfa384x_usb_rmemresp_t *rmemresp,
971 void *data,
972 UINT len)
973 {
974 completor->head.complete = usbctlx_rmem_completor_fn;
975 completor->rmemresp = rmemresp;
976 completor->data = data;
977 completor->len = len;
978 return &(completor->head);
979 }
980
981 /*----------------------------------------------------------------
982 * hfa384x_cb_status
983 *
984 * Ctlx_complete handler for async CMD type control exchanges.
985 * mark the hw struct as such.
986 *
987 * Note: If the handling is changed here, it should probably be
988 * changed in docmd as well.
989 *
990 * Arguments:
991 * hw hw struct
992 * ctlx completed CTLX
993 *
994 * Returns:
995 * nothing
996 *
997 * Side effects:
998 *
999 * Call context:
1000 * interrupt
1001 ----------------------------------------------------------------*/
1002 static void
1003 hfa384x_cb_status(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx)
1004 {
1005 DBFENTER;
1006
1007 if ( ctlx->usercb != NULL ) {
1008 hfa384x_cmdresult_t cmdresult;
1009
1010 if (ctlx->state != CTLX_COMPLETE) {
1011 memset(&cmdresult, 0, sizeof(cmdresult));
1012 cmdresult.status = HFA384x_STATUS_RESULT_SET(HFA384x_CMD_ERR);
1013 } else {
1014 usbctlx_get_status(&ctlx->inbuf.cmdresp, &cmdresult);
1015 }
1016
1017 ctlx->usercb(hw, &cmdresult, ctlx->usercb_data);
1018 }
1019
1020 DBFEXIT;
1021 }
1022
1023
1024 /*----------------------------------------------------------------
1025 * hfa384x_cb_rrid
1026 *
1027 * CTLX completion handler for async RRID type control exchanges.
1028 *
1029 * Note: If the handling is changed here, it should probably be
1030 * changed in dorrid as well.
1031 *
1032 * Arguments:
1033 * hw hw struct
1034 * ctlx completed CTLX
1035 *
1036 * Returns:
1037 * nothing
1038 *
1039 * Side effects:
1040 *
1041 * Call context:
1042 * interrupt
1043 ----------------------------------------------------------------*/
1044 static void
1045 hfa384x_cb_rrid(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx)
1046 {
1047 DBFENTER;
1048
1049 if ( ctlx->usercb != NULL ) {
1050 hfa384x_rridresult_t rridresult;
1051
1052 if (ctlx->state != CTLX_COMPLETE) {
1053 memset(&rridresult, 0, sizeof(rridresult));
1054 rridresult.rid = hfa384x2host_16(ctlx->outbuf.rridreq.rid);
1055 } else {
1056 usbctlx_get_rridresult(&ctlx->inbuf.rridresp, &rridresult);
1057 }
1058
1059 ctlx->usercb(hw, &rridresult, ctlx->usercb_data);
1060 }
1061
1062 DBFEXIT;
1063 }
1064
1065 static inline int
1066 hfa384x_docmd_wait(hfa384x_t *hw, hfa384x_metacmd_t *cmd)
1067 {
1068 return hfa384x_docmd(hw, DOWAIT, cmd, NULL, NULL, NULL);
1069 }
1070
1071 static inline int
1072 hfa384x_docmd_async(hfa384x_t *hw,
1073 hfa384x_metacmd_t *cmd,
1074 ctlx_cmdcb_t cmdcb,
1075 ctlx_usercb_t usercb,
1076 void *usercb_data)
1077 {
1078 return hfa384x_docmd(hw, DOASYNC, cmd,
1079 cmdcb, usercb, usercb_data);
1080 }
1081
1082 static inline int
1083 hfa384x_dorrid_wait(hfa384x_t *hw, UINT16 rid, void *riddata, UINT riddatalen)
1084 {
1085 return hfa384x_dorrid(hw, DOWAIT,
1086 rid, riddata, riddatalen,
1087 NULL, NULL, NULL);
1088 }
1089
1090 static inline int
1091 hfa384x_dorrid_async(hfa384x_t *hw,
1092 UINT16 rid, void *riddata, UINT riddatalen,
1093 ctlx_cmdcb_t cmdcb,
1094 ctlx_usercb_t usercb,
1095 void *usercb_data)
1096 {
1097 return hfa384x_dorrid(hw, DOASYNC,
1098 rid, riddata, riddatalen,
1099 cmdcb, usercb, usercb_data);
1100 }
1101
1102 static inline int
1103 hfa384x_dowrid_wait(hfa384x_t *hw, UINT16 rid, void *riddata, UINT riddatalen)
1104 {
1105 return hfa384x_dowrid(hw, DOWAIT,
1106 rid, riddata, riddatalen,
1107 NULL, NULL, NULL);
1108 }
1109
1110 static inline int
1111 hfa384x_dowrid_async(hfa384x_t *hw,
1112 UINT16 rid, void *riddata, UINT riddatalen,
1113 ctlx_cmdcb_t cmdcb,
1114 ctlx_usercb_t usercb,
1115 void *usercb_data)
1116 {
1117 return hfa384x_dowrid(hw, DOASYNC,
1118 rid, riddata, riddatalen,
1119 cmdcb, usercb, usercb_data);
1120 }
1121
1122 static inline int
1123 hfa384x_dormem_wait(hfa384x_t *hw,
1124 UINT16 page, UINT16 offset, void *data, UINT len)
1125 {
1126 return hfa384x_dormem(hw, DOWAIT,
1127 page, offset, data, len,
1128 NULL, NULL, NULL);
1129 }
1130
1131 static inline int
1132 hfa384x_dormem_async(hfa384x_t *hw,
1133 UINT16 page, UINT16 offset, void *data, UINT len,
1134 ctlx_cmdcb_t cmdcb,
1135 ctlx_usercb_t usercb,
1136 void *usercb_data)
1137 {
1138 return hfa384x_dormem(hw, DOASYNC,
1139 page, offset, data, len,
1140 cmdcb, usercb, usercb_data);
1141 }
1142
1143 static inline int
1144 hfa384x_dowmem_wait(
1145 hfa384x_t *hw,
1146 UINT16 page,
1147 UINT16 offset,
1148 void *data,
1149 UINT len)
1150 {
1151 return hfa384x_dowmem(hw, DOWAIT,
1152 page, offset, data, len,
1153 NULL, NULL, NULL);
1154 }
1155
1156 static inline int
1157 hfa384x_dowmem_async(
1158 hfa384x_t *hw,
1159 UINT16 page,
1160 UINT16 offset,
1161 void *data,
1162 UINT len,
1163 ctlx_cmdcb_t cmdcb,
1164 ctlx_usercb_t usercb,
1165 void *usercb_data)
1166 {
1167 return hfa384x_dowmem(hw, DOASYNC,
1168 page, offset, data, len,
1169 cmdcb, usercb, usercb_data);
1170 }
1171
1172 /*----------------------------------------------------------------
1173 * hfa384x_cmd_initialize
1174 *
1175 * Issues the initialize command and sets the hw->state based
1176 * on the result.
1177 *
1178 * Arguments:
1179 * hw device structure
1180 *
1181 * Returns:
1182 * 0 success
1183 * >0 f/w reported error - f/w status code
1184 * <0 driver reported error
1185 *
1186 * Side effects:
1187 *
1188 * Call context:
1189 * process
1190 ----------------------------------------------------------------*/
1191 int
1192 hfa384x_cmd_initialize(hfa384x_t *hw)
1193 {
1194 int result = 0;
1195 int i;
1196 hfa384x_metacmd_t cmd;
1197
1198 DBFENTER;
1199
1200
1201 cmd.cmd = HFA384x_CMDCODE_INIT;
1202 cmd.parm0 = 0;
1203 cmd.parm1 = 0;
1204 cmd.parm2 = 0;
1205
1206 result = hfa384x_docmd_wait(hw, &cmd);
1207
1208
1209 WLAN_LOG_DEBUG(3,"cmdresp.init: "
1210 "status=0x%04x, resp0=0x%04x, "
1211 "resp1=0x%04x, resp2=0x%04x\n",
1212 cmd.result.status,
1213 cmd.result.resp0,
1214 cmd.result.resp1,
1215 cmd.result.resp2);
1216 if ( result == 0 ) {
1217 for ( i = 0; i < HFA384x_NUMPORTS_MAX; i++) {
1218 hw->port_enabled[i] = 0;
1219 }
1220 }
1221
1222 hw->link_status = HFA384x_LINK_NOTCONNECTED;
1223
1224 DBFEXIT;
1225 return result;
1226 }
1227
1228
1229 /*----------------------------------------------------------------
1230 * hfa384x_cmd_disable
1231 *
1232 * Issues the disable command to stop communications on one of
1233 * the MACs 'ports'.
1234 *
1235 * Arguments:
1236 * hw device structure
1237 * macport MAC port number (host order)
1238 *
1239 * Returns:
1240 * 0 success
1241 * >0 f/w reported failure - f/w status code
1242 * <0 driver reported error (timeout|bad arg)
1243 *
1244 * Side effects:
1245 *
1246 * Call context:
1247 * process
1248 ----------------------------------------------------------------*/
1249 int hfa384x_cmd_disable(hfa384x_t *hw, UINT16 macport)
1250 {
1251 int result = 0;
1252 hfa384x_metacmd_t cmd;
1253
1254 DBFENTER;
1255
1256 cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_DISABLE) |
1257 HFA384x_CMD_MACPORT_SET(macport);
1258 cmd.parm0 = 0;
1259 cmd.parm1 = 0;
1260 cmd.parm2 = 0;
1261
1262 result = hfa384x_docmd_wait(hw, &cmd);
1263
1264 DBFEXIT;
1265 return result;
1266 }
1267
1268
1269 /*----------------------------------------------------------------
1270 * hfa384x_cmd_enable
1271 *
1272 * Issues the enable command to enable communications on one of
1273 * the MACs 'ports'.
1274 *
1275 * Arguments:
1276 * hw device structure
1277 * macport MAC port number
1278 *
1279 * Returns:
1280 * 0 success
1281 * >0 f/w reported failure - f/w status code
1282 * <0 driver reported error (timeout|bad arg)
1283 *
1284 * Side effects:
1285 *
1286 * Call context:
1287 * process
1288 ----------------------------------------------------------------*/
1289 int hfa384x_cmd_enable(hfa384x_t *hw, UINT16 macport)
1290 {
1291 int result = 0;
1292 hfa384x_metacmd_t cmd;
1293
1294 DBFENTER;
1295
1296 cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_ENABLE) |
1297 HFA384x_CMD_MACPORT_SET(macport);
1298 cmd.parm0 = 0;
1299 cmd.parm1 = 0;
1300 cmd.parm2 = 0;
1301
1302 result = hfa384x_docmd_wait(hw, &cmd);
1303
1304 DBFEXIT;
1305 return result;
1306 }
1307
1308
1309 /*----------------------------------------------------------------
1310 * hfa384x_cmd_notify
1311 *
1312 * Sends an info frame to the firmware to alter the behavior
1313 * of the f/w asynch processes. Can only be called when the MAC
1314 * is in the enabled state.
1315 *
1316 * Arguments:
1317 * hw device structure
1318 * reclaim [0|1] indicates whether the given FID will
1319 * be handed back (via Alloc event) for reuse.
1320 * (host order)
1321 * fid FID of buffer containing the frame that was
1322 * previously copied to MAC memory via the bap.
1323 * (host order)
1324 *
1325 * Returns:
1326 * 0 success
1327 * >0 f/w reported failure - f/w status code
1328 * <0 driver reported error (timeout|bad arg)
1329 *
1330 * Side effects:
1331 * hw->resp0 will contain the FID being used by async notify
1332 * process. If reclaim==0, resp0 will be the same as the fid
1333 * argument. If reclaim==1, resp0 will be the different.
1334 *
1335 * Call context:
1336 * process
1337 ----------------------------------------------------------------*/
1338 int hfa384x_cmd_notify(hfa384x_t *hw, UINT16 reclaim, UINT16 fid,
1339 void *buf, UINT16 len)
1340 {
1341 #if 0
1342 int result = 0;
1343 UINT16 cmd;
1344 DBFENTER;
1345 cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_NOTIFY) |
1346 HFA384x_CMD_RECL_SET(reclaim);
1347 result = hfa384x_docmd_wait(hw, cmd);
1348
1349 DBFEXIT;
1350 return result;
1351 #endif
1352 return 0;
1353 }
1354
1355
1356 #if 0
1357 /*----------------------------------------------------------------
1358 * hfa384x_cmd_inquiry
1359 *
1360 * Requests an info frame from the firmware. The info frame will
1361 * be delivered asynchronously via the Info event.
1362 *
1363 * Arguments:
1364 * hw device structure
1365 * fid FID of the info frame requested. (host order)
1366 *
1367 * Returns:
1368 * 0 success
1369 * >0 f/w reported failure - f/w status code
1370 * <0 driver reported error (timeout|bad arg)
1371 *
1372 * Side effects:
1373 *
1374 * Call context:
1375 * process
1376 ----------------------------------------------------------------*/
1377 int hfa384x_cmd_inquiry(hfa384x_t *hw, UINT16 fid)
1378 {
1379 int result = 0;
1380 hfa384x_metacmd_t cmd;
1381
1382 DBFENTER;
1383
1384 cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_INQ);
1385 cmd.parm0 = 0;
1386 cmd.parm1 = 0;
1387 cmd.parm2 = 0;
1388
1389 result = hfa384x_docmd_wait(hw, &cmd);
1390
1391 DBFEXIT;
1392 return result;
1393 }
1394 #endif
1395
1396
1397 /*----------------------------------------------------------------
1398 * hfa384x_cmd_monitor
1399 *
1400 * Enables the 'monitor mode' of the MAC. Here's the description of
1401 * monitor mode that I've received thus far:
1402 *
1403 * "The "monitor mode" of operation is that the MAC passes all
1404 * frames for which the PLCP checks are correct. All received
1405 * MPDUs are passed to the host with MAC Port = 7, with a
1406 * receive status of good, FCS error, or undecryptable. Passing
1407 * certain MPDUs is a violation of the 802.11 standard, but useful
1408 * for a debugging tool." Normal communication is not possible
1409 * while monitor mode is enabled.
1410 *
1411 * Arguments:
1412 * hw device structure
1413 * enable a code (0x0b|0x0f) that enables/disables
1414 * monitor mode. (host order)
1415 *
1416 * Returns:
1417 * 0 success
1418 * >0 f/w reported failure - f/w status code
1419 * <0 driver reported error (timeout|bad arg)
1420 *
1421 * Side effects:
1422 *
1423 * Call context:
1424 * process
1425 ----------------------------------------------------------------*/
1426 int hfa384x_cmd_monitor(hfa384x_t *hw, UINT16 enable)
1427 {
1428 int result = 0;
1429 hfa384x_metacmd_t cmd;
1430
1431 DBFENTER;
1432
1433 cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_MONITOR) |
1434 HFA384x_CMD_AINFO_SET(enable);
1435 cmd.parm0 = 0;
1436 cmd.parm1 = 0;
1437 cmd.parm2 = 0;
1438
1439 result = hfa384x_docmd_wait(hw, &cmd);
1440
1441 DBFEXIT;
1442 return result;
1443 }
1444
1445
1446 /*----------------------------------------------------------------
1447 * hfa384x_cmd_download
1448 *
1449 * Sets the controls for the MAC controller code/data download
1450 * process. The arguments set the mode and address associated
1451 * with a download. Note that the aux registers should be enabled
1452 * prior to setting one of the download enable modes.
1453 *
1454 * Arguments:
1455 * hw device structure
1456 * mode 0 - Disable programming and begin code exec
1457 * 1 - Enable volatile mem programming
1458 * 2 - Enable non-volatile mem programming
1459 * 3 - Program non-volatile section from NV download
1460 * buffer.
1461 * (host order)
1462 * lowaddr
1463 * highaddr For mode 1, sets the high & low order bits of
1464 * the "destination address". This address will be
1465 * the execution start address when download is
1466 * subsequently disabled.
1467 * For mode 2, sets the high & low order bits of
1468 * the destination in NV ram.
1469 * For modes 0 & 3, should be zero. (host order)
1470 * NOTE: these are CMD format.
1471 * codelen Length of the data to write in mode 2,
1472 * zero otherwise. (host order)
1473 *
1474 * Returns:
1475 * 0 success
1476 * >0 f/w reported failure - f/w status code
1477 * <0 driver reported error (timeout|bad arg)
1478 *
1479 * Side effects:
1480 *
1481 * Call context:
1482 * process
1483 ----------------------------------------------------------------*/
1484 int hfa384x_cmd_download(hfa384x_t *hw, UINT16 mode, UINT16 lowaddr,
1485 UINT16 highaddr, UINT16 codelen)
1486 {
1487 int result = 0;
1488 hfa384x_metacmd_t cmd;
1489
1490 DBFENTER;
1491 WLAN_LOG_DEBUG(5,
1492 "mode=%d, lowaddr=0x%04x, highaddr=0x%04x, codelen=%d\n",
1493 mode, lowaddr, highaddr, codelen);
1494
1495 cmd.cmd = (HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_DOWNLD) |
1496 HFA384x_CMD_PROGMODE_SET(mode));
1497
1498 cmd.parm0 = lowaddr;
1499 cmd.parm1 = highaddr;
1500 cmd.parm2 = codelen;
1501
1502 result = hfa384x_docmd_wait(hw, &cmd);
1503
1504 DBFEXIT;
1505 return result;
1506 }
1507
1508
1509 /*----------------------------------------------------------------
1510 * hfa384x_copy_from_aux
1511 *
1512 * Copies a collection of bytes from the controller memory. The
1513 * Auxiliary port MUST be enabled prior to calling this function.
1514 * We _might_ be in a download state.
1515 *
1516 * Arguments:
1517 * hw device structure
1518 * cardaddr address in hfa384x data space to read
1519 * auxctl address space select
1520 * buf ptr to destination host buffer
1521 * len length of data to transfer (in bytes)
1522 *
1523 * Returns:
1524 * nothing
1525 *
1526 * Side effects:
1527 * buf contains the data copied
1528 *
1529 * Call context:
1530 * process
1531 * interrupt
1532 ----------------------------------------------------------------*/
1533 void
1534 hfa384x_copy_from_aux(
1535 hfa384x_t *hw, UINT32 cardaddr, UINT32 auxctl, void *buf, UINT len)
1536 {
1537 DBFENTER;
1538 WLAN_LOG_ERROR("not used in USB.\n");
1539 DBFEXIT;
1540 }
1541
1542
1543 /*----------------------------------------------------------------
1544 * hfa384x_copy_to_aux
1545 *
1546 * Copies a collection of bytes to the controller memory. The
1547 * Auxiliary port MUST be enabled prior to calling this function.
1548 * We _might_ be in a download state.
1549 *
1550 * Arguments:
1551 * hw device structure
1552 * cardaddr address in hfa384x data space to read
1553 * auxctl address space select
1554 * buf ptr to destination host buffer
1555 * len length of data to transfer (in bytes)
1556 *
1557 * Returns:
1558 * nothing
1559 *
1560 * Side effects:
1561 * Controller memory now contains a copy of buf
1562 *
1563 * Call context:
1564 * process
1565 * interrupt
1566 ----------------------------------------------------------------*/
1567 void
1568 hfa384x_copy_to_aux(
1569 hfa384x_t *hw, UINT32 cardaddr, UINT32 auxctl, void *buf, UINT len)
1570 {
1571 DBFENTER;
1572 WLAN_LOG_ERROR("not used in USB.\n");
1573 DBFEXIT;
1574 }
1575
1576
1577 /*----------------------------------------------------------------
1578 * hfa384x_corereset
1579 *
1580 * Perform a reset of the hfa38xx MAC core. We assume that the hw
1581 * structure is in its "created" state. That is, it is initialized
1582 * with proper values. Note that if a reset is done after the
1583 * device has been active for awhile, the caller might have to clean
1584 * up some leftover cruft in the hw structure.
1585 *
1586 * Arguments:
1587 * hw device structure
1588 * holdtime how long (in ms) to hold the reset
1589 * settletime how long (in ms) to wait after releasing
1590 * the reset
1591 *
1592 * Returns:
1593 * nothing
1594 *
1595 * Side effects:
1596 *
1597 * Call context:
1598 * process
1599 ----------------------------------------------------------------*/
1600 int hfa384x_corereset(hfa384x_t *hw, int holdtime, int settletime, int genesis)
1601 {
1602 #if 0
1603 #if (LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0))
1604 struct usb_device *parent = hw->usb->parent;
1605 int i;
1606 int port = -1;
1607 #endif
1608 #endif
1609 int result = 0;
1610
1611
1612 #define P2_USB_RT_PORT (USB_TYPE_CLASS | USB_RECIP_OTHER)
1613 #define P2_USB_FEAT_RESET 4
1614 #define P2_USB_FEAT_C_RESET 20
1615
1616 DBFENTER;
1617
1618 #if 0
1619 #if (LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0))
1620 /* Find the hub port */
1621 for ( i = 0; i < parent->maxchild; i++) {
1622 if (parent->children[i] == hw->usb) {
1623 port = i;
1624 break;
1625 }
1626 }
1627 if (port < 0) return -ENOENT;
1628
1629 /* Set and clear the reset */
1630 usb_control_msg(parent, usb_sndctrlpipe(parent, 0),
1631 USB_REQ_SET_FEATURE, P2_USB_RT_PORT, P2_USB_FEAT_RESET,
1632 port+1, NULL, 0, 1*HZ);
1633 wait_ms(holdtime);
1634 usb_control_msg(parent, usb_sndctrlpipe(parent, 0),
1635 USB_REQ_CLEAR_FEATURE, P2_USB_RT_PORT, P2_USB_FEAT_C_RESET,
1636 port+1, NULL, 0, 1*HZ);
1637 wait_ms(settletime);
1638
1639 /* Set the device address */
1640 result=usb_set_address(hw->usb);
1641 if (result < 0) {
1642 WLAN_LOG_ERROR("reset_usbdev: Dev not accepting address, "
1643 "result=%d\n", result);
1644 clear_bit(hw->usb->devnum, &hw->usb->bus->devmap.devicemap);
1645 hw->usb->devnum = -1;
1646 goto done;
1647 }
1648 /* Let the address settle */
1649 wait_ms(20);
1650
1651 /* Assume we're reusing the original descriptor data */
1652
1653 /* Set the configuration. */
1654 WLAN_LOG_DEBUG(3, "Setting Configuration %d\n",
1655 hw->usb->config[0].bConfigurationValue);
1656 result=usb_set_configuration(hw->usb, hw->usb->config[0].bConfigurationValue);
1657 if ( result ) {
1658 WLAN_LOG_ERROR("usb_set_configuration() failed, result=%d.\n",
1659 result);
1660 goto done;
1661 }
1662 /* Let the configuration settle */
1663 wait_ms(20);
1664
1665 done:
1666 #else
1667 result=usb_reset_device(hw->usb);
1668 if(result<0) {
1669 WLAN_LOG_ERROR("usb_reset_device() failed, result=%d.\n",result);
1670 }
1671 #endif
1672 #endif
1673
1674 result=usb_reset_device(hw->usb);
1675 if(result<0) {
1676 WLAN_LOG_ERROR("usb_reset_device() failed, result=%d.\n",result);
1677 }
1678
1679 DBFEXIT;
1680 return result;
1681 }
1682
1683
1684 /*----------------------------------------------------------------
1685 * hfa384x_usbctlx_complete_sync
1686 *
1687 * Waits for a synchronous CTLX object to complete,
1688 * and then handles the response.
1689 *
1690 * Arguments:
1691 * hw device structure
1692 * ctlx CTLX ptr
1693 * completor functor object to decide what to
1694 * do with the CTLX's result.
1695 *
1696 * Returns:
1697 * 0 Success
1698 * -ERESTARTSYS Interrupted by a signal
1699 * -EIO CTLX failed
1700 * -ENODEV Adapter was unplugged
1701 * ??? Result from completor
1702 *
1703 * Side effects:
1704 *
1705 * Call context:
1706 * process
1707 ----------------------------------------------------------------*/
1708 static int hfa384x_usbctlx_complete_sync(hfa384x_t *hw,
1709 hfa384x_usbctlx_t *ctlx,
1710 usbctlx_completor_t *completor)
1711 {
1712 unsigned long flags;
1713 int result;
1714
1715 DBFENTER;
1716
1717 result = wait_for_completion_interruptible(&ctlx->done);
1718
1719 spin_lock_irqsave(&hw->ctlxq.lock, flags);
1720
1721 /*
1722 * We can only handle the CTLX if the USB disconnect
1723 * function has not run yet ...
1724 */
1725 cleanup:
1726 if ( hw->wlandev->hwremoved )
1727 {
1728 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1729 result = -ENODEV;
1730 }
1731 else if ( result != 0 )
1732 {
1733 int runqueue = 0;
1734
1735 /*
1736 * We were probably interrupted, so delete
1737 * this CTLX asynchronously, kill the timers
1738 * and the URB, and then start the next
1739 * pending CTLX.
1740 *
1741 * NOTE: We can only delete the timers and
1742 * the URB if this CTLX is active.
1743 */
1744 if (ctlx == get_active_ctlx(hw))
1745 {
1746 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1747
1748 del_singleshot_timer_sync(&hw->reqtimer);
1749 del_singleshot_timer_sync(&hw->resptimer);
1750 hw->req_timer_done = 1;
1751 hw->resp_timer_done = 1;
1752 usb_kill_urb(&hw->ctlx_urb);
1753
1754 spin_lock_irqsave(&hw->ctlxq.lock, flags);
1755
1756 runqueue = 1;
1757
1758 /*
1759 * This scenario is so unlikely that I'm
1760 * happy with a grubby "goto" solution ...
1761 */
1762 if ( hw->wlandev->hwremoved )
1763 goto cleanup;
1764 }
1765
1766 /*
1767 * The completion task will send this CTLX
1768 * to the reaper the next time it runs. We
1769 * are no longer in a hurry.
1770 */
1771 ctlx->reapable = 1;
1772 ctlx->state = CTLX_REQ_FAILED;
1773 list_move_tail(&ctlx->list, &hw->ctlxq.completing);
1774
1775 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1776
1777 if (runqueue)
1778 hfa384x_usbctlxq_run(hw);
1779 } else {
1780 if (ctlx->state == CTLX_COMPLETE) {
1781 result = completor->complete(completor);
1782 } else {
1783 WLAN_LOG_WARNING("CTLX[%d] error: state(%s)\n",
1784 hfa384x2host_16(ctlx->outbuf.type),
1785 ctlxstr(ctlx->state));
1786 result = -EIO;
1787 }
1788
1789 list_del(&ctlx->list);
1790 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1791 kfree(ctlx);
1792 }
1793
1794 DBFEXIT;
1795 return result;
1796 }
1797
1798 /*----------------------------------------------------------------
1799 * hfa384x_docmd
1800 *
1801 * Constructs a command CTLX and submits it.
1802 *
1803 * NOTE: Any changes to the 'post-submit' code in this function
1804 * need to be carried over to hfa384x_cbcmd() since the handling
1805 * is virtually identical.
1806 *
1807 * Arguments:
1808 * hw device structure
1809 * mode DOWAIT or DOASYNC
1810 * cmd cmd structure. Includes all arguments and result
1811 * data points. All in host order. in host order
1812 * cmdcb command-specific callback
1813 * usercb user callback for async calls, NULL for DOWAIT calls
1814 * usercb_data user supplied data pointer for async calls, NULL
1815 * for DOASYNC calls
1816 *
1817 * Returns:
1818 * 0 success
1819 * -EIO CTLX failure
1820 * -ERESTARTSYS Awakened on signal
1821 * >0 command indicated error, Status and Resp0-2 are
1822 * in hw structure.
1823 *
1824 * Side effects:
1825 *
1826 *
1827 * Call context:
1828 * process
1829 ----------------------------------------------------------------*/
1830 static int
1831 hfa384x_docmd(
1832 hfa384x_t *hw,
1833 CMD_MODE mode,
1834 hfa384x_metacmd_t *cmd,
1835 ctlx_cmdcb_t cmdcb,
1836 ctlx_usercb_t usercb,
1837 void *usercb_data)
1838 {
1839 int result;
1840 hfa384x_usbctlx_t *ctlx;
1841
1842 DBFENTER;
1843 ctlx = usbctlx_alloc();
1844 if ( ctlx == NULL ) {
1845 result = -ENOMEM;
1846 goto done;
1847 }
1848
1849 /* Initialize the command */
1850 ctlx->outbuf.cmdreq.type = host2hfa384x_16(HFA384x_USB_CMDREQ);
1851 ctlx->outbuf.cmdreq.cmd = host2hfa384x_16(cmd->cmd);
1852 ctlx->outbuf.cmdreq.parm0 = host2hfa384x_16(cmd->parm0);
1853 ctlx->outbuf.cmdreq.parm1 = host2hfa384x_16(cmd->parm1);
1854 ctlx->outbuf.cmdreq.parm2 = host2hfa384x_16(cmd->parm2);
1855
1856 ctlx->outbufsize = sizeof(ctlx->outbuf.cmdreq);
1857
1858 WLAN_LOG_DEBUG(4, "cmdreq: cmd=0x%04x "
1859 "parm0=0x%04x parm1=0x%04x parm2=0x%04x\n",
1860 cmd->cmd,
1861 cmd->parm0,
1862 cmd->parm1,
1863 cmd->parm2);
1864
1865 ctlx->reapable = mode;
1866 ctlx->cmdcb = cmdcb;
1867 ctlx->usercb = usercb;
1868 ctlx->usercb_data = usercb_data;
1869
1870 result = hfa384x_usbctlx_submit(hw, ctlx);
1871 if (result != 0) {
1872 kfree(ctlx);
1873 } else if (mode == DOWAIT) {
1874 usbctlx_cmd_completor_t completor;
1875
1876 result = hfa384x_usbctlx_complete_sync(
1877 hw, ctlx, init_cmd_completor(&completor,
1878 &ctlx->inbuf.cmdresp,
1879 &cmd->result) );
1880 }
1881
1882 done:
1883 DBFEXIT;
1884 return result;
1885 }
1886
1887
1888 /*----------------------------------------------------------------
1889 * hfa384x_dorrid
1890 *
1891 * Constructs a read rid CTLX and issues it.
1892 *
1893 * NOTE: Any changes to the 'post-submit' code in this function
1894 * need to be carried over to hfa384x_cbrrid() since the handling
1895 * is virtually identical.
1896 *
1897 * Arguments:
1898 * hw device structure
1899 * mode DOWAIT or DOASYNC
1900 * rid Read RID number (host order)
1901 * riddata Caller supplied buffer that MAC formatted RID.data
1902 * record will be written to for DOWAIT calls. Should
1903 * be NULL for DOASYNC calls.
1904 * riddatalen Buffer length for DOWAIT calls. Zero for DOASYNC calls.
1905 * cmdcb command callback for async calls, NULL for DOWAIT calls
1906 * usercb user callback for async calls, NULL for DOWAIT calls
1907 * usercb_data user supplied data pointer for async calls, NULL
1908 * for DOWAIT calls
1909 *
1910 * Returns:
1911 * 0 success
1912 * -EIO CTLX failure
1913 * -ERESTARTSYS Awakened on signal
1914 * -ENODATA riddatalen != macdatalen
1915 * >0 command indicated error, Status and Resp0-2 are
1916 * in hw structure.
1917 *
1918 * Side effects:
1919 *
1920 * Call context:
1921 * interrupt (DOASYNC)
1922 * process (DOWAIT or DOASYNC)
1923 ----------------------------------------------------------------*/
1924 static int
1925 hfa384x_dorrid(
1926 hfa384x_t *hw,
1927 CMD_MODE mode,
1928 UINT16 rid,
1929 void *riddata,
1930 UINT riddatalen,
1931 ctlx_cmdcb_t cmdcb,
1932 ctlx_usercb_t usercb,
1933 void *usercb_data)
1934 {
1935 int result;
1936 hfa384x_usbctlx_t *ctlx;
1937
1938 DBFENTER;
1939 ctlx = usbctlx_alloc();
1940 if ( ctlx == NULL ) {
1941 result = -ENOMEM;
1942 goto done;
1943 }
1944
1945 /* Initialize the command */
1946 ctlx->outbuf.rridreq.type = host2hfa384x_16(HFA384x_USB_RRIDREQ);
1947 ctlx->outbuf.rridreq.frmlen =
1948 host2hfa384x_16(sizeof(ctlx->outbuf.rridreq.rid));
1949 ctlx->outbuf.rridreq.rid = host2hfa384x_16(rid);
1950
1951 ctlx->outbufsize = sizeof(ctlx->outbuf.rridreq);
1952
1953 ctlx->reapable = mode;
1954 ctlx->cmdcb = cmdcb;
1955 ctlx->usercb = usercb;
1956 ctlx->usercb_data = usercb_data;
1957
1958 /* Submit the CTLX */
1959 result = hfa384x_usbctlx_submit(hw, ctlx);
1960 if (result != 0) {
1961 kfree(ctlx);
1962 } else if (mode == DOWAIT) {
1963 usbctlx_rrid_completor_t completor;
1964
1965 result = hfa384x_usbctlx_complete_sync(
1966 hw, ctlx, init_rrid_completor(&completor,
1967 &ctlx->inbuf.rridresp,
1968 riddata,
1969 riddatalen) );
1970 }
1971
1972 done:
1973 DBFEXIT;
1974 return result;
1975 }
1976
1977
1978 /*----------------------------------------------------------------
1979 * hfa384x_dowrid
1980 *
1981 * Constructs a write rid CTLX and issues it.
1982 *
1983 * NOTE: Any changes to the 'post-submit' code in this function
1984 * need to be carried over to hfa384x_cbwrid() since the handling
1985 * is virtually identical.
1986 *
1987 * Arguments:
1988 * hw device structure
1989 * CMD_MODE DOWAIT or DOASYNC
1990 * rid RID code
1991 * riddata Data portion of RID formatted for MAC
1992 * riddatalen Length of the data portion in bytes
1993 * cmdcb command callback for async calls, NULL for DOWAIT calls
1994 * usercb user callback for async calls, NULL for DOWAIT calls
1995 * usercb_data user supplied data pointer for async calls
1996 *
1997 * Returns:
1998 * 0 success
1999 * -ETIMEDOUT timed out waiting for register ready or
2000 * command completion
2001 * >0 command indicated error, Status and Resp0-2 are
2002 * in hw structure.
2003 *
2004 * Side effects:
2005 *
2006 * Call context:
2007 * interrupt (DOASYNC)
2008 * process (DOWAIT or DOASYNC)
2009 ----------------------------------------------------------------*/
2010 static int
2011 hfa384x_dowrid(
2012 hfa384x_t *hw,
2013 CMD_MODE mode,
2014 UINT16 rid,
2015 void *riddata,
2016 UINT riddatalen,
2017 ctlx_cmdcb_t cmdcb,
2018 ctlx_usercb_t usercb,
2019 void *usercb_data)
2020 {
2021 int result;
2022 hfa384x_usbctlx_t *ctlx;
2023
2024 DBFENTER;
2025 ctlx = usbctlx_alloc();
2026 if ( ctlx == NULL ) {
2027 result = -ENOMEM;
2028 goto done;
2029 }
2030
2031 /* Initialize the command */
2032 ctlx->outbuf.wridreq.type = host2hfa384x_16(HFA384x_USB_WRIDREQ);
2033 ctlx->outbuf.wridreq.frmlen = host2hfa384x_16(
2034 (sizeof(ctlx->outbuf.wridreq.rid) +
2035 riddatalen + 1) / 2);
2036 ctlx->outbuf.wridreq.rid = host2hfa384x_16(rid);
2037 memcpy(ctlx->outbuf.wridreq.data, riddata, riddatalen);
2038
2039 ctlx->outbufsize = sizeof(ctlx->outbuf.wridreq.type) +
2040 sizeof(ctlx->outbuf.wridreq.frmlen) +
2041 sizeof(ctlx->outbuf.wridreq.rid) +
2042 riddatalen;
2043
2044 ctlx->reapable = mode;
2045 ctlx->cmdcb = cmdcb;
2046 ctlx->usercb = usercb;
2047 ctlx->usercb_data = usercb_data;
2048
2049 /* Submit the CTLX */
2050 result = hfa384x_usbctlx_submit(hw, ctlx);
2051 if (result != 0) {
2052 kfree(ctlx);
2053 } else if (mode == DOWAIT) {
2054 usbctlx_wrid_completor_t completor;
2055 hfa384x_cmdresult_t wridresult;
2056
2057 result = hfa384x_usbctlx_complete_sync(
2058 hw,
2059 ctlx,
2060 init_wrid_completor(&completor,
2061 &ctlx->inbuf.wridresp,
2062 &wridresult) );
2063 }
2064
2065 done:
2066 DBFEXIT;
2067 return result;
2068 }
2069
2070 /*----------------------------------------------------------------
2071 * hfa384x_dormem
2072 *
2073 * Constructs a readmem CTLX and issues it.
2074 *
2075 * NOTE: Any changes to the 'post-submit' code in this function
2076 * need to be carried over to hfa384x_cbrmem() since the handling
2077 * is virtually identical.
2078 *
2079 * Arguments:
2080 * hw device structure
2081 * mode DOWAIT or DOASYNC
2082 * page MAC address space page (CMD format)
2083 * offset MAC address space offset
2084 * data Ptr to data buffer to receive read
2085 * len Length of the data to read (max == 2048)
2086 * cmdcb command callback for async calls, NULL for DOWAIT calls
2087 * usercb user callback for async calls, NULL for DOWAIT calls
2088 * usercb_data user supplied data pointer for async calls
2089 *
2090 * Returns:
2091 * 0 success
2092 * -ETIMEDOUT timed out waiting for register ready or
2093 * command completion
2094 * >0 command indicated error, Status and Resp0-2 are
2095 * in hw structure.
2096 *
2097 * Side effects:
2098 *
2099 * Call context:
2100 * interrupt (DOASYNC)
2101 * process (DOWAIT or DOASYNC)
2102 ----------------------------------------------------------------*/
2103 static int
2104 hfa384x_dormem(
2105 hfa384x_t *hw,
2106 CMD_MODE mode,
2107 UINT16 page,
2108 UINT16 offset,
2109 void *data,
2110 UINT len,
2111 ctlx_cmdcb_t cmdcb,
2112 ctlx_usercb_t usercb,
2113 void *usercb_data)
2114 {
2115 int result;
2116 hfa384x_usbctlx_t *ctlx;
2117
2118 DBFENTER;
2119 ctlx = usbctlx_alloc();
2120 if ( ctlx == NULL ) {
2121 result = -ENOMEM;
2122 goto done;
2123 }
2124
2125 /* Initialize the command */
2126 ctlx->outbuf.rmemreq.type = host2hfa384x_16(HFA384x_USB_RMEMREQ);
2127 ctlx->outbuf.rmemreq.frmlen = host2hfa384x_16(
2128 sizeof(ctlx->outbuf.rmemreq.offset) +
2129 sizeof(ctlx->outbuf.rmemreq.page) +
2130 len);
2131 ctlx->outbuf.rmemreq.offset = host2hfa384x_16(offset);
2132 ctlx->outbuf.rmemreq.page = host2hfa384x_16(page);
2133
2134 ctlx->outbufsize = sizeof(ctlx->outbuf.rmemreq);
2135
2136 WLAN_LOG_DEBUG(4,
2137 "type=0x%04x frmlen=%d offset=0x%04x page=0x%04x\n",
2138 ctlx->outbuf.rmemreq.type,
2139 ctlx->outbuf.rmemreq.frmlen,
2140 ctlx->outbuf.rmemreq.offset,
2141 ctlx->outbuf.rmemreq.page);
2142
2143 WLAN_LOG_DEBUG(4,"pktsize=%zd\n",
2144 ROUNDUP64(sizeof(ctlx->outbuf.rmemreq)));
2145
2146 ctlx->reapable = mode;
2147 ctlx->cmdcb = cmdcb;
2148 ctlx->usercb = usercb;
2149 ctlx->usercb_data = usercb_data;
2150
2151 result = hfa384x_usbctlx_submit(hw, ctlx);
2152 if (result != 0) {
2153 kfree(ctlx);
2154 } else if ( mode == DOWAIT ) {
2155 usbctlx_rmem_completor_t completor;
2156
2157 result = hfa384x_usbctlx_complete_sync(
2158 hw, ctlx, init_rmem_completor(&completor,
2159 &ctlx->inbuf.rmemresp,
2160 data,
2161 len) );
2162 }
2163
2164 done:
2165 DBFEXIT;
2166 return result;
2167 }
2168
2169
2170
2171 /*----------------------------------------------------------------
2172 * hfa384x_dowmem
2173 *
2174 * Constructs a writemem CTLX and issues it.
2175 *
2176 * NOTE: Any changes to the 'post-submit' code in this function
2177 * need to be carried over to hfa384x_cbwmem() since the handling
2178 * is virtually identical.
2179 *
2180 * Arguments:
2181 * hw device structure
2182 * mode DOWAIT or DOASYNC
2183 * page MAC address space page (CMD format)
2184 * offset MAC address space offset
2185 * data Ptr to data buffer containing write data
2186 * len Length of the data to read (max == 2048)
2187 * cmdcb command callback for async calls, NULL for DOWAIT calls
2188 * usercb user callback for async calls, NULL for DOWAIT calls
2189 * usercb_data user supplied data pointer for async calls.
2190 *
2191 * Returns:
2192 * 0 success
2193 * -ETIMEDOUT timed out waiting for register ready or
2194 * command completion
2195 * >0 command indicated error, Status and Resp0-2 are
2196 * in hw structure.
2197 *
2198 * Side effects:
2199 *
2200 * Call context:
2201 * interrupt (DOWAIT)
2202 * process (DOWAIT or DOASYNC)
2203 ----------------------------------------------------------------*/
2204 static int
2205 hfa384x_dowmem(
2206 hfa384x_t *hw,
2207 CMD_MODE mode,
2208 UINT16 page,
2209 UINT16 offset,
2210 void *data,
2211 UINT len,
2212 ctlx_cmdcb_t cmdcb,
2213 ctlx_usercb_t usercb,
2214 void *usercb_data)
2215 {
2216 int result;
2217 hfa384x_usbctlx_t *ctlx;
2218
2219 DBFENTER;
2220 WLAN_LOG_DEBUG(5, "page=0x%04x offset=0x%04x len=%d\n",
2221 page,offset,len);
2222
2223 ctlx = usbctlx_alloc();
2224 if ( ctlx == NULL ) {
2225 result = -ENOMEM;
2226 goto done;
2227 }
2228
2229 /* Initialize the command */
2230 ctlx->outbuf.wmemreq.type = host2hfa384x_16(HFA384x_USB_WMEMREQ);
2231 ctlx->outbuf.wmemreq.frmlen = host2hfa384x_16(
2232 sizeof(ctlx->outbuf.wmemreq.offset) +
2233 sizeof(ctlx->outbuf.wmemreq.page) +
2234 len);
2235 ctlx->outbuf.wmemreq.offset = host2hfa384x_16(offset);
2236 ctlx->outbuf.wmemreq.page = host2hfa384x_16(page);
2237 memcpy(ctlx->outbuf.wmemreq.data, data, len);
2238
2239 ctlx->outbufsize = sizeof(ctlx->outbuf.wmemreq.type) +
2240 sizeof(ctlx->outbuf.wmemreq.frmlen) +
2241 sizeof(ctlx->outbuf.wmemreq.offset) +
2242 sizeof(ctlx->outbuf.wmemreq.page) +
2243 len;
2244
2245 ctlx->reapable = mode;
2246 ctlx->cmdcb = cmdcb;
2247 ctlx->usercb = usercb;
2248 ctlx->usercb_data = usercb_data;
2249
2250 result = hfa384x_usbctlx_submit(hw, ctlx);
2251 if (result != 0) {
2252 kfree(ctlx);
2253 } else if ( mode == DOWAIT ) {
2254 usbctlx_wmem_completor_t completor;
2255 hfa384x_cmdresult_t wmemresult;
2256
2257 result = hfa384x_usbctlx_complete_sync(
2258 hw,
2259 ctlx,
2260 init_wmem_completor(&completor,
2261 &ctlx->inbuf.wmemresp,
2262 &wmemresult) );
2263 }
2264
2265 done:
2266 DBFEXIT;
2267 return result;
2268 }
2269
2270
2271 /*----------------------------------------------------------------
2272 * hfa384x_drvr_commtallies
2273 *
2274 * Send a commtallies inquiry to the MAC. Note that this is an async
2275 * call that will result in an info frame arriving sometime later.
2276 *
2277 * Arguments:
2278 * hw device structure
2279 *
2280 * Returns:
2281 * zero success.
2282 *
2283 * Side effects:
2284 *
2285 * Call context:
2286 * process
2287 ----------------------------------------------------------------*/
2288 int hfa384x_drvr_commtallies( hfa384x_t *hw )
2289 {
2290 hfa384x_metacmd_t cmd;
2291
2292 DBFENTER;
2293
2294 cmd.cmd = HFA384x_CMDCODE_INQ;
2295 cmd.parm0 = HFA384x_IT_COMMTALLIES;
2296 cmd.parm1 = 0;
2297 cmd.parm2 = 0;
2298
2299 hfa384x_docmd_async(hw, &cmd, NULL, NULL, NULL);
2300
2301 DBFEXIT;
2302 return 0;
2303 }
2304
2305
2306 /*----------------------------------------------------------------
2307 * hfa384x_drvr_disable
2308 *
2309 * Issues the disable command to stop communications on one of
2310 * the MACs 'ports'. Only macport 0 is valid for stations.
2311 * APs may also disable macports 1-6. Only ports that have been
2312 * previously enabled may be disabled.
2313 *
2314 * Arguments:
2315 * hw device structure
2316 * macport MAC port number (host order)
2317 *
2318 * Returns:
2319 * 0 success
2320 * >0 f/w reported failure - f/w status code
2321 * <0 driver reported error (timeout|bad arg)
2322 *
2323 * Side effects:
2324 *
2325 * Call context:
2326 * process
2327 ----------------------------------------------------------------*/
2328 int hfa384x_drvr_disable(hfa384x_t *hw, UINT16 macport)
2329 {
2330 int result = 0;
2331
2332 DBFENTER;
2333 if ((!hw->isap && macport != 0) ||
2334 (hw->isap && !(macport <= HFA384x_PORTID_MAX)) ||
2335 !(hw->port_enabled[macport]) ){
2336 result = -EINVAL;
2337 } else {
2338 result = hfa384x_cmd_disable(hw, macport);
2339 if ( result == 0 ) {
2340 hw->port_enabled[macport] = 0;
2341 }
2342 }
2343 DBFEXIT;
2344 return result;
2345 }
2346
2347
2348 /*----------------------------------------------------------------
2349 * hfa384x_drvr_enable
2350 *
2351 * Issues the enable command to enable communications on one of
2352 * the MACs 'ports'. Only macport 0 is valid for stations.
2353 * APs may also enable macports 1-6. Only ports that are currently
2354 * disabled may be enabled.
2355 *
2356 * Arguments:
2357 * hw device structure
2358 * macport MAC port number
2359 *
2360 * Returns:
2361 * 0 success
2362 * >0 f/w reported failure - f/w status code
2363 * <0 driver reported error (timeout|bad arg)
2364 *
2365 * Side effects:
2366 *
2367 * Call context:
2368 * process
2369 ----------------------------------------------------------------*/
2370 int hfa384x_drvr_enable(hfa384x_t *hw, UINT16 macport)
2371 {
2372 int result = 0;
2373
2374 DBFENTER;
2375 if ((!hw->isap && macport != 0) ||
2376 (hw->isap && !(macport <= HFA384x_PORTID_MAX)) ||
2377 (hw->port_enabled[macport]) ){
2378 result = -EINVAL;
2379 } else {
2380 result = hfa384x_cmd_enable(hw, macport);
2381 if ( result == 0 ) {
2382 hw->port_enabled[macport] = 1;
2383 }
2384 }
2385 DBFEXIT;
2386 return result;
2387 }
2388
2389
2390 /*----------------------------------------------------------------
2391 * hfa384x_drvr_flashdl_enable
2392 *
2393 * Begins the flash download state. Checks to see that we're not
2394 * already in a download state and that a port isn't enabled.
2395 * Sets the download state and retrieves the flash download
2396 * buffer location, buffer size, and timeout length.
2397 *
2398 * Arguments:
2399 * hw device structure
2400 *
2401 * Returns:
2402 * 0 success
2403 * >0 f/w reported error - f/w status code
2404 * <0 driver reported error
2405 *
2406 * Side effects:
2407 *
2408 * Call context:
2409 * process
2410 ----------------------------------------------------------------*/
2411 int hfa384x_drvr_flashdl_enable(hfa384x_t *hw)
2412 {
2413 int result = 0;
2414 int i;
2415
2416 DBFENTER;
2417 /* Check that a port isn't active */
2418 for ( i = 0; i < HFA384x_PORTID_MAX; i++) {
2419 if ( hw->port_enabled[i] ) {
2420 WLAN_LOG_DEBUG(1,"called when port enabled.\n");
2421 return -EINVAL;
2422 }
2423 }
2424
2425 /* Check that we're not already in a download state */
2426 if ( hw->dlstate != HFA384x_DLSTATE_DISABLED ) {
2427 return -EINVAL;
2428 }
2429
2430 /* Retrieve the buffer loc&size and timeout */
2431 if ( (result = hfa384x_drvr_getconfig(hw, HFA384x_RID_DOWNLOADBUFFER,
2432 &(hw->bufinfo), sizeof(hw->bufinfo))) ) {
2433 return result;
2434 }
2435 hw->bufinfo.page = hfa384x2host_16(hw->bufinfo.page);
2436 hw->bufinfo.offset = hfa384x2host_16(hw->bufinfo.offset);
2437 hw->bufinfo.len = hfa384x2host_16(hw->bufinfo.len);
2438 if ( (result = hfa384x_drvr_getconfig16(hw, HFA384x_RID_MAXLOADTIME,
2439 &(hw->dltimeout))) ) {
2440 return result;
2441 }
2442 hw->dltimeout = hfa384x2host_16(hw->dltimeout);
2443
2444 WLAN_LOG_DEBUG(1,"flashdl_enable\n");
2445
2446 hw->dlstate = HFA384x_DLSTATE_FLASHENABLED;
2447 DBFEXIT;
2448 return result;
2449 }
2450
2451
2452 /*----------------------------------------------------------------
2453 * hfa384x_drvr_flashdl_disable
2454 *
2455 * Ends the flash download state. Note that this will cause the MAC
2456 * firmware to restart.
2457 *
2458 * Arguments:
2459 * hw device structure
2460 *
2461 * Returns:
2462 * 0 success
2463 * >0 f/w reported error - f/w status code
2464 * <0 driver reported error
2465 *
2466 * Side effects:
2467 *
2468 * Call context:
2469 * process
2470 ----------------------------------------------------------------*/
2471 int hfa384x_drvr_flashdl_disable(hfa384x_t *hw)
2472 {
2473 DBFENTER;
2474 /* Check that we're already in the download state */
2475 if ( hw->dlstate != HFA384x_DLSTATE_FLASHENABLED ) {
2476 return -EINVAL;
2477 }
2478
2479 WLAN_LOG_DEBUG(1,"flashdl_enable\n");
2480
2481 /* There isn't much we can do at this point, so I don't */
2482 /* bother w/ the return value */
2483 hfa384x_cmd_download(hw, HFA384x_PROGMODE_DISABLE, 0, 0 , 0);
2484 hw->dlstate = HFA384x_DLSTATE_DISABLED;
2485
2486 DBFEXIT;
2487 return 0;
2488 }
2489
2490
2491 /*----------------------------------------------------------------
2492 * hfa384x_drvr_flashdl_write
2493 *
2494 * Performs a FLASH download of a chunk of data. First checks to see
2495 * that we're in the FLASH download state, then sets the download
2496 * mode, uses the aux functions to 1) copy the data to the flash
2497 * buffer, 2) sets the download 'write flash' mode, 3) readback and
2498 * compare. Lather rinse, repeat as many times an necessary to get
2499 * all the given data into flash.
2500 * When all data has been written using this function (possibly
2501 * repeatedly), call drvr_flashdl_disable() to end the download state
2502 * and restart the MAC.
2503 *
2504 * Arguments:
2505 * hw device structure
2506 * daddr Card address to write to. (host order)
2507 * buf Ptr to data to write.
2508 * len Length of data (host order).
2509 *
2510 * Returns:
2511 * 0 success
2512 * >0 f/w reported error - f/w status code
2513 * <0 driver reported error
2514 *
2515 * Side effects:
2516 *
2517 * Call context:
2518 * process
2519 ----------------------------------------------------------------*/
2520 int
2521 hfa384x_drvr_flashdl_write(
2522 hfa384x_t *hw,
2523 UINT32 daddr,
2524 void *buf,
2525 UINT32 len)
2526 {
2527 int result = 0;
2528 UINT32 dlbufaddr;
2529 int nburns;
2530 UINT32 burnlen;
2531 UINT32 burndaddr;
2532 UINT16 burnlo;
2533 UINT16 burnhi;
2534 int nwrites;
2535 UINT8 *writebuf;
2536 UINT16 writepage;
2537 UINT16 writeoffset;
2538 UINT32 writelen;
2539 int i;
2540 int j;
2541
2542 DBFENTER;
2543 WLAN_LOG_DEBUG(5,"daddr=0x%08x len=%d\n", daddr, len);
2544
2545 /* Check that we're in the flash download state */
2546 if ( hw->dlstate != HFA384x_DLSTATE_FLASHENABLED ) {
2547 return -EINVAL;
2548 }
2549
2550 WLAN_LOG_INFO("Download %d bytes to flash @0x%06x\n", len, daddr);
2551
2552 /* Convert to flat address for arithmetic */
2553 /* NOTE: dlbuffer RID stores the address in AUX format */
2554 dlbufaddr = HFA384x_ADDR_AUX_MKFLAT(
2555 hw->bufinfo.page, hw->bufinfo.offset);
2556 WLAN_LOG_DEBUG(5,
2557 "dlbuf.page=0x%04x dlbuf.offset=0x%04x dlbufaddr=0x%08x\n",
2558 hw->bufinfo.page, hw->bufinfo.offset, dlbufaddr);
2559
2560 #if 0
2561 WLAN_LOG_WARNING("dlbuf@0x%06lx len=%d to=%d\n", dlbufaddr, hw->bufinfo.len, hw->dltimeout);
2562 #endif
2563 /* Calculations to determine how many fills of the dlbuffer to do
2564 * and how many USB wmemreq's to do for each fill. At this point
2565 * in time, the dlbuffer size and the wmemreq size are the same.
2566 * Therefore, nwrites should always be 1. The extra complexity
2567 * here is a hedge against future changes.
2568 */
2569
2570 /* Figure out how many times to do the flash programming */
2571 nburns = len / hw->bufinfo.len;
2572 nburns += (len % hw->bufinfo.len) ? 1 : 0;
2573
2574 /* For each flash program cycle, how many USB wmemreq's are needed? */
2575 nwrites = hw->bufinfo.len / HFA384x_USB_RWMEM_MAXLEN;
2576 nwrites += (hw->bufinfo.len % HFA384x_USB_RWMEM_MAXLEN) ? 1 : 0;
2577
2578 /* For each burn */
2579 for ( i = 0; i < nburns; i++) {
2580 /* Get the dest address and len */
2581 burnlen = (len - (hw->bufinfo.len * i)) > hw->bufinfo.len ?
2582 hw->bufinfo.len :
2583 (len - (hw->bufinfo.len * i));
2584 burndaddr = daddr + (hw->bufinfo.len * i);
2585 burnlo = HFA384x_ADDR_CMD_MKOFF(burndaddr);
2586 burnhi = HFA384x_ADDR_CMD_MKPAGE(burndaddr);
2587
2588 WLAN_LOG_INFO("Writing %d bytes to flash @0x%06x\n",
2589 burnlen, burndaddr);
2590
2591 /* Set the download mode */
2592 result = hfa384x_cmd_download(hw, HFA384x_PROGMODE_NV,
2593 burnlo, burnhi, burnlen);
2594 if ( result ) {
2595 WLAN_LOG_ERROR("download(NV,lo=%x,hi=%x,len=%x) "
2596 "cmd failed, result=%d. Aborting d/l\n",
2597 burnlo, burnhi, burnlen, result);
2598 goto exit_proc;
2599 }
2600
2601 /* copy the data to the flash download buffer */
2602 for ( j=0; j < nwrites; j++) {
2603 writebuf = buf +
2604 (i*hw->bufinfo.len) +
2605 (j*HFA384x_USB_RWMEM_MAXLEN);
2606
2607 writepage = HFA384x_ADDR_CMD_MKPAGE(
2608 dlbufaddr +
2609 (j*HFA384x_USB_RWMEM_MAXLEN));
2610 writeoffset = HFA384x_ADDR_CMD_MKOFF(
2611 dlbufaddr +
2612 (j*HFA384x_USB_RWMEM_MAXLEN));
2613
2614 writelen = burnlen-(j*HFA384x_USB_RWMEM_MAXLEN);
2615 writelen = writelen > HFA384x_USB_RWMEM_MAXLEN ?
2616 HFA384x_USB_RWMEM_MAXLEN :
2617 writelen;
2618
2619 result = hfa384x_dowmem_wait( hw,
2620 writepage,
2621 writeoffset,
2622 writebuf,
2623 writelen );
2624 #if 0
2625
2626 Comment out for debugging, assume the write was successful.
2627 if (result) {
2628 WLAN_LOG_ERROR(
2629 "Write to dl buffer failed, "
2630 "result=0x%04x. Aborting.\n",
2631 result);
2632 goto exit_proc;
2633 }
2634 #endif
2635
2636 }
2637
2638 /* set the download 'write flash' mode */
2639 result = hfa384x_cmd_download(hw,
2640 HFA384x_PROGMODE_NVWRITE,
2641 0,0,0);
2642 if ( result ) {
2643 WLAN_LOG_ERROR(
2644 "download(NVWRITE,lo=%x,hi=%x,len=%x) "
2645 "cmd failed, result=%d. Aborting d/l\n",
2646 burnlo, burnhi, burnlen, result);
2647 goto exit_proc;
2648 }
2649
2650 /* TODO: We really should do a readback and compare. */
2651 }
2652
2653 exit_proc:
2654
2655 /* Leave the firmware in the 'post-prog' mode. flashdl_disable will */
2656 /* actually disable programming mode. Remember, that will cause the */
2657 /* the firmware to effectively reset itself. */
2658
2659 DBFEXIT;
2660 return result;
2661 }
2662
2663
2664 /*----------------------------------------------------------------
2665 * hfa384x_drvr_getconfig
2666 *
2667 * Performs the sequence necessary to read a config/info item.
2668 *
2669 * Arguments:
2670 * hw device structure
2671 * rid config/info record id (host order)
2672 * buf host side record buffer. Upon return it will
2673 * contain the body portion of the record (minus the
2674 * RID and len).
2675 * len buffer length (in bytes, should match record length)
2676 *
2677 * Returns:
2678 * 0 success
2679 * >0 f/w reported error - f/w status code
2680 * <0 driver reported error
2681 * -ENODATA length mismatch between argument and retrieved
2682 * record.
2683 *
2684 * Side effects:
2685 *
2686 * Call context:
2687 * process
2688 ----------------------------------------------------------------*/
2689 int hfa384x_drvr_getconfig(hfa384x_t *hw, UINT16 rid, void *buf, UINT16 len)
2690 {
2691 int result;
2692 DBFENTER;
2693
2694 result = hfa384x_dorrid_wait(hw, rid, buf, len);
2695
2696 DBFEXIT;
2697 return result;
2698 }
2699
2700 /*----------------------------------------------------------------
2701 * hfa384x_drvr_getconfig_async
2702 *
2703 * Performs the sequence necessary to perform an async read of
2704 * of a config/info item.
2705 *
2706 * Arguments:
2707 * hw device structure
2708 * rid config/info record id (host order)
2709 * buf host side record buffer. Upon return it will
2710 * contain the body portion of the record (minus the
2711 * RID and len).
2712 * len buffer length (in bytes, should match record length)
2713 * cbfn caller supplied callback, called when the command
2714 * is done (successful or not).
2715 * cbfndata pointer to some caller supplied data that will be
2716 * passed in as an argument to the cbfn.
2717 *
2718 * Returns:
2719 * nothing the cbfn gets a status argument identifying if
2720 * any errors occur.
2721 * Side effects:
2722 * Queues an hfa384x_usbcmd_t for subsequent execution.
2723 *
2724 * Call context:
2725 * Any
2726 ----------------------------------------------------------------*/
2727 int
2728 hfa384x_drvr_getconfig_async(
2729 hfa384x_t *hw,
2730 UINT16 rid,
2731 ctlx_usercb_t usercb,
2732 void *usercb_data)
2733 {
2734 return hfa384x_dorrid_async(hw, rid, NULL, 0,
2735 hfa384x_cb_rrid, usercb, usercb_data);
2736 }
2737
2738 /*----------------------------------------------------------------
2739 * hfa384x_drvr_setconfig_async
2740 *
2741 * Performs the sequence necessary to write a config/info item.
2742 *
2743 * Arguments:
2744 * hw device structure
2745 * rid config/info record id (in host order)
2746 * buf host side record buffer
2747 * len buffer length (in bytes)
2748 * usercb completion callback
2749 * usercb_data completion callback argument
2750 *
2751 * Returns:
2752 * 0 success
2753 * >0 f/w reported error - f/w status code
2754 * <0 driver reported error
2755 *
2756 * Side effects:
2757 *
2758 * Call context:
2759 * process
2760 ----------------------------------------------------------------*/
2761 int
2762 hfa384x_drvr_setconfig_async(
2763 hfa384x_t *hw,
2764 UINT16 rid,
2765 void *buf,
2766 UINT16 len,
2767 ctlx_usercb_t usercb,
2768 void *usercb_data)
2769 {
2770 return hfa384x_dowrid_async(hw, rid, buf, len,
2771 hfa384x_cb_status, usercb, usercb_data);
2772 }
2773
2774 /*----------------------------------------------------------------
2775 * hfa384x_drvr_handover
2776 *
2777 * Sends a handover notification to the MAC.
2778 *
2779 * Arguments:
2780 * hw device structure
2781 * addr address of station that's left
2782 *
2783 * Returns:
2784 * zero success.
2785 * -ERESTARTSYS received signal while waiting for semaphore.
2786 * -EIO failed to write to bap, or failed in cmd.
2787 *
2788 * Side effects:
2789 *
2790 * Call context:
2791 * process
2792 ----------------------------------------------------------------*/
2793 int hfa384x_drvr_handover( hfa384x_t *hw, UINT8 *addr)
2794 {
2795 DBFENTER;
2796 WLAN_LOG_ERROR("Not currently supported in USB!\n");
2797 DBFEXIT;
2798 return -EIO;
2799 }
2800
2801 /*----------------------------------------------------------------
2802 * hfa384x_drvr_low_level
2803 *
2804 * Write test commands to the card. Some test commands don't make
2805 * sense without prior set-up. For example, continous TX isn't very
2806 * useful until you set the channel. That functionality should be
2807 *
2808 * Side effects:
2809 *
2810 * Call context:
2811 * process thread
2812 * -----------------------------------------------------------------*/
2813 int hfa384x_drvr_low_level(hfa384x_t *hw, hfa384x_metacmd_t *cmd)
2814 {
2815 int result;
2816 DBFENTER;
2817
2818 /* Do i need a host2hfa... conversion ? */
2819
2820 result = hfa384x_docmd_wait(hw, cmd);
2821
2822 DBFEXIT;
2823 return result;
2824 }
2825
2826 /*----------------------------------------------------------------
2827 * hfa384x_drvr_mmi_read
2828 *
2829 * Read mmi registers. mmi is intersil-speak for the baseband
2830 * processor registers.
2831 *
2832 * Arguments:
2833 * hw device structure
2834 * register The test register to be accessed (must be even #).
2835 *
2836 * Returns:
2837 * 0 success
2838 * >0 f/w reported error - f/w status code
2839 * <0 driver reported error
2840 *
2841 * Side effects:
2842 *
2843 * Call context:
2844 * process
2845 ----------------------------------------------------------------*/
2846 int hfa384x_drvr_mmi_read(hfa384x_t *hw, UINT32 addr, UINT32 *resp)
2847 {
2848 #if 0
2849 int result = 0;
2850 UINT16 cmd_code = (UINT16) 0x30;
2851 UINT16 param = (UINT16) addr;
2852 DBFENTER;
2853
2854 /* Do i need a host2hfa... conversion ? */
2855 result = hfa384x_docmd_wait(hw, cmd_code);
2856
2857 DBFEXIT;
2858 return result;
2859 #endif
2860 return 0;
2861 }
2862
2863 /*----------------------------------------------------------------
2864 * hfa384x_drvr_mmi_write
2865 *
2866 * Read mmi registers. mmi is intersil-speak for the baseband
2867 * processor registers.
2868 *
2869 * Arguments:
2870 * hw device structure
2871 * addr The test register to be accessed (must be even #).
2872 * data The data value to write to the register.
2873 *
2874 * Returns:
2875 * 0 success
2876 * >0 f/w reported error - f/w status code
2877 * <0 driver reported error
2878 *
2879 * Side effects:
2880 *
2881 * Call context:
2882 * process
2883 ----------------------------------------------------------------*/
2884
2885 int
2886 hfa384x_drvr_mmi_write(hfa384x_t *hw, UINT32 addr, UINT32 data)
2887 {
2888 #if 0
2889 int result = 0;
2890 UINT16 cmd_code = (UINT16) 0x31;
2891 UINT16 param0 = (UINT16) addr;
2892 UINT16 param1 = (UINT16) data;
2893 DBFENTER;
2894
2895 WLAN_LOG_DEBUG(1,"mmi write : addr = 0x%08lx\n", addr);
2896 WLAN_LOG_DEBUG(1,"mmi write : data = 0x%08lx\n", data);
2897
2898 /* Do i need a host2hfa... conversion ? */
2899 result = hfa384x_docmd_wait(hw, cmd_code);
2900
2901 DBFEXIT;
2902 return result;
2903 #endif
2904 return 0;
2905 }
2906
2907
2908 /*----------------------------------------------------------------
2909 * hfa384x_drvr_ramdl_disable
2910 *
2911 * Ends the ram download state.
2912 *
2913 * Arguments:
2914 * hw device structure
2915 *
2916 * Returns:
2917 * 0 success
2918 * >0 f/w reported error - f/w status code
2919 * <0 driver reported error
2920 *
2921 * Side effects:
2922 *
2923 * Call context:
2924 * process
2925 ----------------------------------------------------------------*/
2926 int
2927 hfa384x_drvr_ramdl_disable(hfa384x_t *hw)
2928 {
2929 DBFENTER;
2930 /* Check that we're already in the download state */
2931 if ( hw->dlstate != HFA384x_DLSTATE_RAMENABLED ) {
2932 return -EINVAL;
2933 }
2934
2935 WLAN_LOG_DEBUG(3,"ramdl_disable()\n");
2936
2937 /* There isn't much we can do at this point, so I don't */
2938 /* bother w/ the return value */
2939 hfa384x_cmd_download(hw, HFA384x_PROGMODE_DISABLE, 0, 0 , 0);
2940 hw->dlstate = HFA384x_DLSTATE_DISABLED;
2941
2942 DBFEXIT;
2943 return 0;
2944 }
2945
2946
2947 /*----------------------------------------------------------------
2948 * hfa384x_drvr_ramdl_enable
2949 *
2950 * Begins the ram download state. Checks to see that we're not
2951 * already in a download state and that a port isn't enabled.
2952 * Sets the download state and calls cmd_download with the
2953 * ENABLE_VOLATILE subcommand and the exeaddr argument.
2954 *
2955 * Arguments:
2956 * hw device structure
2957 * exeaddr the card execution address that will be
2958 * jumped to when ramdl_disable() is called
2959 * (host order).
2960 *
2961 * Returns:
2962 * 0 success
2963 * >0 f/w reported error - f/w status code
2964 * <0 driver reported error
2965 *
2966 * Side effects:
2967 *
2968 * Call context:
2969 * process
2970 ----------------------------------------------------------------*/
2971 int
2972 hfa384x_drvr_ramdl_enable(hfa384x_t *hw, UINT32 exeaddr)
2973 {
2974 int result = 0;
2975 UINT16 lowaddr;
2976 UINT16 hiaddr;
2977 int i;
2978 DBFENTER;
2979 /* Check that a port isn't active */
2980 for ( i = 0; i < HFA384x_PORTID_MAX; i++) {
2981 if ( hw->port_enabled[i] ) {
2982 WLAN_LOG_ERROR(
2983 "Can't download with a macport enabled.\n");
2984 return -EINVAL;
2985 }
2986 }
2987
2988 /* Check that we're not already in a download state */
2989 if ( hw->dlstate != HFA384x_DLSTATE_DISABLED ) {
2990 WLAN_LOG_ERROR(
2991 "Download state not disabled.\n");
2992 return -EINVAL;
2993 }
2994
2995 WLAN_LOG_DEBUG(3,"ramdl_enable, exeaddr=0x%08x\n", exeaddr);
2996
2997 /* Call the download(1,addr) function */
2998 lowaddr = HFA384x_ADDR_CMD_MKOFF(exeaddr);
2999 hiaddr = HFA384x_ADDR_CMD_MKPAGE(exeaddr);
3000
3001 result = hfa384x_cmd_download(hw, HFA384x_PROGMODE_RAM,
3002 lowaddr, hiaddr, 0);
3003
3004 if ( result == 0) {
3005 /* Set the download state */
3006 hw->dlstate = HFA384x_DLSTATE_RAMENABLED;
3007 } else {
3008 WLAN_LOG_DEBUG(1,
3009 "cmd_download(0x%04x, 0x%04x) failed, result=%d.\n",
3010 lowaddr,
3011 hiaddr,
3012 result);
3013 }
3014
3015 DBFEXIT;
3016 return result;
3017 }
3018
3019
3020 /*----------------------------------------------------------------
3021 * hfa384x_drvr_ramdl_write
3022 *
3023 * Performs a RAM download of a chunk of data. First checks to see
3024 * that we're in the RAM download state, then uses the [read|write]mem USB
3025 * commands to 1) copy the data, 2) readback and compare. The download
3026 * state is unaffected. When all data has been written using
3027 * this function, call drvr_ramdl_disable() to end the download state
3028 * and restart the MAC.
3029 *
3030 * Arguments:
3031 * hw device structure
3032 * daddr Card address to write to. (host order)
3033 * buf Ptr to data to write.
3034 * len Length of data (host order).
3035 *
3036 * Returns:
3037 * 0 success
3038 * >0 f/w reported error - f/w status code
3039 * <0 driver reported error
3040 *
3041 * Side effects:
3042 *
3043 * Call context:
3044 * process
3045 ----------------------------------------------------------------*/
3046 int
3047 hfa384x_drvr_ramdl_write(hfa384x_t *hw, UINT32 daddr, void* buf, UINT32 len)
3048 {
3049 int result = 0;
3050 int nwrites;
3051 UINT8 *data = buf;
3052 int i;
3053 UINT32 curraddr;
3054 UINT16 currpage;
3055 UINT16 curroffset;
3056 UINT16 currlen;
3057 DBFENTER;
3058 /* Check that we're in the ram download state */
3059 if ( hw->dlstate != HFA384x_DLSTATE_RAMENABLED ) {
3060 return -EINVAL;
3061 }
3062
3063 WLAN_LOG_INFO("Writing %d bytes to ram @0x%06x\n", len, daddr);
3064
3065 /* How many dowmem calls? */
3066 nwrites = len / HFA384x_USB_RWMEM_MAXLEN;
3067 nwrites += len % HFA384x_USB_RWMEM_MAXLEN ? 1 : 0;
3068
3069 /* Do blocking wmem's */
3070 for(i=0; i < nwrites; i++) {
3071 /* make address args */
3072 curraddr = daddr + (i * HFA384x_USB_RWMEM_MAXLEN);
3073 currpage = HFA384x_ADDR_CMD_MKPAGE(curraddr);
3074 curroffset = HFA384x_ADDR_CMD_MKOFF(curraddr);
3075 currlen = len - (i * HFA384x_USB_RWMEM_MAXLEN);
3076 if ( currlen > HFA384x_USB_RWMEM_MAXLEN) {
3077 currlen = HFA384x_USB_RWMEM_MAXLEN;
3078 }
3079
3080 /* Do blocking ctlx */
3081 result = hfa384x_dowmem_wait( hw,
3082 currpage,
3083 curroffset,
3084 data + (i*HFA384x_USB_RWMEM_MAXLEN),
3085 currlen );
3086
3087 if (result) break;
3088
3089 /* TODO: We really should have a readback. */
3090 }
3091
3092 DBFEXIT;
3093 return result;
3094 }
3095
3096
3097 /*----------------------------------------------------------------
3098 * hfa384x_drvr_readpda
3099 *
3100 * Performs the sequence to read the PDA space. Note there is no
3101 * drvr_writepda() function. Writing a PDA is
3102 * generally implemented by a calling component via calls to
3103 * cmd_download and writing to the flash download buffer via the
3104 * aux regs.
3105 *
3106 * Arguments:
3107 * hw device structure
3108 * buf buffer to store PDA in
3109 * len buffer length
3110 *
3111 * Returns:
3112 * 0 success
3113 * >0 f/w reported error - f/w status code
3114 * <0 driver reported error
3115 * -ETIMEOUT timout waiting for the cmd regs to become
3116 * available, or waiting for the control reg
3117 * to indicate the Aux port is enabled.
3118 * -ENODATA the buffer does NOT contain a valid PDA.
3119 * Either the card PDA is bad, or the auxdata
3120 * reads are giving us garbage.
3121
3122 *
3123 * Side effects:
3124 *
3125 * Call context:
3126 * process or non-card interrupt.
3127 ----------------------------------------------------------------*/
3128 int hfa384x_drvr_readpda(hfa384x_t *hw, void *buf, UINT len)
3129 {
3130 int result = 0;
3131 UINT16 *pda = buf;
3132 int pdaok = 0;
3133 int morepdrs = 1;
3134 int currpdr = 0; /* word offset of the current pdr */
3135 size_t i;
3136 UINT16 pdrlen; /* pdr length in bytes, host order */
3137 UINT16 pdrcode; /* pdr code, host order */
3138 UINT16 currpage;
3139 UINT16 curroffset;
3140 struct pdaloc {
3141 UINT32 cardaddr;
3142 UINT16 auxctl;
3143 } pdaloc[] =
3144 {
3145 { HFA3842_PDA_BASE, 0},
3146 { HFA3841_PDA_BASE, 0},
3147 { HFA3841_PDA_BOGUS_BASE, 0}
3148 };
3149
3150 DBFENTER;
3151
3152 /* Read the pda from each known address. */
3153 for ( i = 0; i < ARRAY_SIZE(pdaloc); i++) {
3154 /* Make address */
3155 currpage = HFA384x_ADDR_CMD_MKPAGE(pdaloc[i].cardaddr);
3156 curroffset = HFA384x_ADDR_CMD_MKOFF(pdaloc[i].cardaddr);
3157
3158 result = hfa384x_dormem_wait(hw,
3159 currpage,
3160 curroffset,
3161 buf,
3162 len); /* units of bytes */
3163
3164 if (result) {
3165 WLAN_LOG_WARNING(
3166 "Read from index %zd failed, continuing\n",
3167 i );
3168 continue;
3169 }
3170
3171 /* Test for garbage */
3172 pdaok = 1; /* initially assume good */
3173 morepdrs = 1;
3174 while ( pdaok && morepdrs ) {
3175 pdrlen = hfa384x2host_16(pda[currpdr]) * 2;
3176 pdrcode = hfa384x2host_16(pda[currpdr+1]);
3177 /* Test the record length */
3178 if ( pdrlen > HFA384x_PDR_LEN_MAX || pdrlen == 0) {
3179 WLAN_LOG_ERROR("pdrlen invalid=%d\n",
3180 pdrlen);
3181 pdaok = 0;
3182 break;
3183 }
3184 /* Test the code */
3185 if ( !hfa384x_isgood_pdrcode(pdrcode) ) {
3186 WLAN_LOG_ERROR("pdrcode invalid=%d\n",
3187 pdrcode);
3188 pdaok = 0;
3189 break;
3190 }
3191 /* Test for completion */
3192 if ( pdrcode == HFA384x_PDR_END_OF_PDA) {
3193 morepdrs = 0;
3194 }
3195
3196 /* Move to the next pdr (if necessary) */
3197 if ( morepdrs ) {
3198 /* note the access to pda[], need words here */
3199 currpdr += hfa384x2host_16(pda[currpdr]) + 1;
3200 }
3201 }
3202 if ( pdaok ) {
3203 WLAN_LOG_INFO(
3204 "PDA Read from 0x%08x in %s space.\n",
3205 pdaloc[i].cardaddr,
3206 pdaloc[i].auxctl == 0 ? "EXTDS" :
3207 pdaloc[i].auxctl == 1 ? "NV" :
3208 pdaloc[i].auxctl == 2 ? "PHY" :
3209 pdaloc[i].auxctl == 3 ? "ICSRAM" :
3210 "<bogus auxctl>");
3211 break;
3212 }
3213 }
3214 result = pdaok ? 0 : -ENODATA;
3215
3216 if ( result ) {
3217 WLAN_LOG_DEBUG(3,"Failure: pda is not okay\n");
3218 }
3219
3220 DBFEXIT;
3221 return result;
3222 }
3223
3224
3225 /*----------------------------------------------------------------
3226 * hfa384x_drvr_setconfig
3227 *
3228 * Performs the sequence necessary to write a config/info item.
3229 *
3230 * Arguments:
3231 * hw device structure
3232 * rid config/info record id (in host order)
3233 * buf host side record buffer
3234 * len buffer length (in bytes)
3235 *
3236 * Returns:
3237 * 0 success
3238 * >0 f/w reported error - f/w status code
3239 * <0 driver reported error
3240 *
3241 * Side effects:
3242 *
3243 * Call context:
3244 * process
3245 ----------------------------------------------------------------*/
3246 int hfa384x_drvr_setconfig(hfa384x_t *hw, UINT16 rid, void *buf, UINT16 len)
3247 {
3248 return hfa384x_dowrid_wait(hw, rid, buf, len);
3249 }
3250
3251 /*----------------------------------------------------------------
3252 * hfa384x_drvr_start
3253 *
3254 * Issues the MAC initialize command, sets up some data structures,
3255 * and enables the interrupts. After this function completes, the
3256 * low-level stuff should be ready for any/all commands.
3257 *
3258 * Arguments:
3259 * hw device structure
3260 * Returns:
3261 * 0 success
3262 * >0 f/w reported error - f/w status code
3263 * <0 driver reported error
3264 *
3265 * Side effects:
3266 *
3267 * Call context:
3268 * process
3269 ----------------------------------------------------------------*/
3270 int hfa384x_drvr_start(hfa384x_t *hw)
3271 {
3272 int result;
3273 DBFENTER;
3274
3275 might_sleep();
3276
3277 if (usb_clear_halt(hw->usb, hw->endp_in)) {
3278 WLAN_LOG_ERROR(
3279 "Failed to reset bulk in endpoint.\n");
3280 }
3281
3282 if (usb_clear_halt(hw->usb, hw->endp_out)) {
3283 WLAN_LOG_ERROR(
3284 "Failed to reset bulk out endpoint.\n");
3285 }
3286
3287 /* Synchronous unlink, in case we're trying to restart the driver */
3288 usb_kill_urb(&hw->rx_urb);
3289
3290 /* Post the IN urb */
3291 result = submit_rx_urb(hw, GFP_KERNEL);
3292 if (result != 0) {
3293 WLAN_LOG_ERROR(
3294 "Fatal, failed to submit RX URB, result=%d\n",
3295 result);
3296 goto done;
3297 }
3298
3299 /* call initialize */
3300 result = hfa384x_cmd_initialize(hw);
3301 if (result != 0) {
3302 usb_kill_urb(&hw->rx_urb);
3303 WLAN_LOG_ERROR(
3304 "cmd_initialize() failed, result=%d\n",
3305 result);
3306 goto done;
3307 }
3308
3309 hw->state = HFA384x_STATE_RUNNING;
3310
3311 done:
3312 DBFEXIT;
3313 return result;
3314 }
3315
3316
3317 /*----------------------------------------------------------------
3318 * hfa384x_drvr_stop
3319 *
3320 * Shuts down the MAC to the point where it is safe to unload the
3321 * driver. Any subsystem that may be holding a data or function
3322 * ptr into the driver must be cleared/deinitialized.
3323 *
3324 * Arguments:
3325 * hw device structure
3326 * Returns:
3327 * 0 success
3328 * >0 f/w reported error - f/w status code
3329 * <0 driver reported error
3330 *
3331 * Side effects:
3332 *
3333 * Call context:
3334 * process
3335 ----------------------------------------------------------------*/
3336 int
3337 hfa384x_drvr_stop(hfa384x_t *hw)
3338 {
3339 int result = 0;
3340 int i;
3341 DBFENTER;
3342
3343 might_sleep();
3344
3345 /* There's no need for spinlocks here. The USB "disconnect"
3346 * function sets this "removed" flag and then calls us.
3347 */
3348 if ( !hw->wlandev->hwremoved ) {
3349 /* Call initialize to leave the MAC in its 'reset' state */
3350 hfa384x_cmd_initialize(hw);
3351
3352 /* Cancel the rxurb */
3353 usb_kill_urb(&hw->rx_urb);
3354 }
3355
3356 hw->link_status = HFA384x_LINK_NOTCONNECTED;
3357 hw->state = HFA384x_STATE_INIT;
3358
3359 del_timer_sync(&hw->commsqual_timer);
3360
3361 /* Clear all the port status */
3362 for ( i = 0; i < HFA384x_NUMPORTS_MAX; i++) {
3363 hw->port_enabled[i] = 0;
3364 }
3365
3366 DBFEXIT;
3367 return result;
3368 }
3369
3370 /*----------------------------------------------------------------
3371 * hfa384x_drvr_txframe
3372 *
3373 * Takes a frame from prism2sta and queues it for transmission.
3374 *
3375 * Arguments:
3376 * hw device structure
3377 * skb packet buffer struct. Contains an 802.11
3378 * data frame.
3379 * p80211_hdr points to the 802.11 header for the packet.
3380 * Returns:
3381 * 0 Success and more buffs available
3382 * 1 Success but no more buffs
3383 * 2 Allocation failure
3384 * 4 Buffer full or queue busy
3385 *
3386 * Side effects:
3387 *
3388 * Call context:
3389 * interrupt
3390 ----------------------------------------------------------------*/
3391 int hfa384x_drvr_txframe(hfa384x_t *hw, struct sk_buff *skb, p80211_hdr_t *p80211_hdr, p80211_metawep_t *p80211_wep)
3392
3393 {
3394 int usbpktlen = sizeof(hfa384x_tx_frame_t);
3395 int result;
3396 int ret;
3397 char *ptr;
3398
3399 DBFENTER;
3400
3401 if (hw->tx_urb.status == -EINPROGRESS) {
3402 WLAN_LOG_WARNING("TX URB already in use\n");
3403 result = 3;
3404 goto exit;
3405 }
3406
3407 /* Build Tx frame structure */
3408 /* Set up the control field */
3409 memset(&hw->txbuff.txfrm.desc, 0, sizeof(hw->txbuff.txfrm.desc));
3410
3411 /* Setup the usb type field */
3412 hw->txbuff.type = host2hfa384x_16(HFA384x_USB_TXFRM);
3413
3414 /* Set up the sw_support field to identify this frame */
3415 hw->txbuff.txfrm.desc.sw_support = 0x0123;
3416
3417 /* Tx complete and Tx exception disable per dleach. Might be causing
3418 * buf depletion
3419 */
3420 //#define DOEXC SLP -- doboth breaks horribly under load, doexc less so.
3421 #if defined(DOBOTH)
3422 hw->txbuff.txfrm.desc.tx_control =
3423 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3424 HFA384x_TX_TXEX_SET(1) | HFA384x_TX_TXOK_SET(1);
3425 #elif defined(DOEXC)
3426 hw->txbuff.txfrm.desc.tx_control =
3427 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3428 HFA384x_TX_TXEX_SET(1) | HFA384x_TX_TXOK_SET(0);
3429 #else
3430 hw->txbuff.txfrm.desc.tx_control =
3431 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3432 HFA384x_TX_TXEX_SET(0) | HFA384x_TX_TXOK_SET(0);
3433 #endif
3434 hw->txbuff.txfrm.desc.tx_control =
3435 host2hfa384x_16(hw->txbuff.txfrm.desc.tx_control);
3436
3437 /* copy the header over to the txdesc */
3438 memcpy(&(hw->txbuff.txfrm.desc.frame_control), p80211_hdr, sizeof(p80211_hdr_t));
3439
3440 /* if we're using host WEP, increase size by IV+ICV */
3441 if (p80211_wep->data) {
3442 hw->txbuff.txfrm.desc.data_len = host2hfa384x_16(skb->len+8);
3443 // hw->txbuff.txfrm.desc.tx_control |= HFA384x_TX_NOENCRYPT_SET(1);
3444 usbpktlen+=8;
3445 } else {
3446 hw->txbuff.txfrm.desc.data_len = host2hfa384x_16(skb->len);
3447 }
3448
3449 usbpktlen += skb->len;
3450
3451 /* copy over the WEP IV if we are using host WEP */
3452 ptr = hw->txbuff.txfrm.data;
3453 if (p80211_wep->data) {
3454 memcpy(ptr, p80211_wep->iv, sizeof(p80211_wep->iv));
3455 ptr+= sizeof(p80211_wep->iv);
3456 memcpy(ptr, p80211_wep->data, skb->len);
3457 } else {
3458 memcpy(ptr, skb->data, skb->len);
3459 }
3460 /* copy over the packet data */
3461 ptr+= skb->len;
3462
3463 /* copy over the WEP ICV if we are using host WEP */
3464 if (p80211_wep->data) {
3465 memcpy(ptr, p80211_wep->icv, sizeof(p80211_wep->icv));
3466 }
3467
3468 /* Send the USB packet */
3469 usb_fill_bulk_urb( &(hw->tx_urb), hw->usb,
3470 hw->endp_out,
3471 &(hw->txbuff), ROUNDUP64(usbpktlen),
3472 hfa384x_usbout_callback, hw->wlandev );
3473 hw->tx_urb.transfer_flags |= USB_QUEUE_BULK;
3474
3475 result = 1;
3476 ret = submit_tx_urb(hw, &hw->tx_urb, GFP_ATOMIC);
3477 if ( ret != 0 ) {
3478 WLAN_LOG_ERROR(
3479 "submit_tx_urb() failed, error=%d\n", ret);
3480 result = 3;
3481 }
3482
3483 exit:
3484 DBFEXIT;
3485 return result;
3486 }
3487
3488 void hfa384x_tx_timeout(wlandevice_t *wlandev)
3489 {
3490 hfa384x_t *hw = wlandev->priv;
3491 unsigned long flags;
3492
3493 DBFENTER;
3494
3495 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3496
3497 if ( !hw->wlandev->hwremoved &&
3498 /* Note the bitwise OR, not the logical OR. */
3499 ( !test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) |
3500 !test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) ) )
3501 {
3502 schedule_work(&hw->usb_work);
3503 }
3504
3505 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3506
3507 DBFEXIT;
3508 }
3509
3510 /*----------------------------------------------------------------
3511 * hfa384x_usbctlx_reaper_task
3512 *
3513 * Tasklet to delete dead CTLX objects
3514 *
3515 * Arguments:
3516 * data ptr to a hfa384x_t
3517 *
3518 * Returns:
3519 *
3520 * Call context:
3521 * Interrupt
3522 ----------------------------------------------------------------*/
3523 static void hfa384x_usbctlx_reaper_task(unsigned long data)
3524 {
3525 hfa384x_t *hw = (hfa384x_t*)data;
3526 struct list_head *entry;
3527 struct list_head *temp;
3528 unsigned long flags;
3529
3530 DBFENTER;
3531
3532 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3533
3534 /* This list is guaranteed to be empty if someone
3535 * has unplugged the adapter.
3536 */
3537 list_for_each_safe(entry, temp, &hw->ctlxq.reapable) {
3538 hfa384x_usbctlx_t *ctlx;
3539
3540 ctlx = list_entry(entry, hfa384x_usbctlx_t, list);
3541 list_del(&ctlx->list);
3542 kfree(ctlx);
3543 }
3544
3545 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3546
3547 DBFEXIT;
3548 }
3549
3550 /*----------------------------------------------------------------
3551 * hfa384x_usbctlx_completion_task
3552 *
3553 * Tasklet to call completion handlers for returned CTLXs
3554 *
3555 * Arguments:
3556 * data ptr to hfa384x_t
3557 *
3558 * Returns:
3559 * Nothing
3560 *
3561 * Call context:
3562 * Interrupt
3563 ----------------------------------------------------------------*/
3564 static void hfa384x_usbctlx_completion_task(unsigned long data)
3565 {
3566 hfa384x_t *hw = (hfa384x_t*)data;
3567 struct list_head *entry;
3568 struct list_head *temp;
3569 unsigned long flags;
3570
3571 int reap = 0;
3572
3573 DBFENTER;
3574
3575 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3576
3577 /* This list is guaranteed to be empty if someone
3578 * has unplugged the adapter ...
3579 */
3580 list_for_each_safe(entry, temp, &hw->ctlxq.completing) {
3581 hfa384x_usbctlx_t *ctlx;
3582
3583 ctlx = list_entry(entry, hfa384x_usbctlx_t, list);
3584
3585 /* Call the completion function that this
3586 * command was assigned, assuming it has one.
3587 */
3588 if ( ctlx->cmdcb != NULL ) {
3589 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3590 ctlx->cmdcb(hw, ctlx);
3591 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3592
3593 /* Make sure we don't try and complete
3594 * this CTLX more than once!
3595 */
3596 ctlx->cmdcb = NULL;
3597
3598 /* Did someone yank the adapter out
3599 * while our list was (briefly) unlocked?
3600 */
3601 if ( hw->wlandev->hwremoved )
3602 {
3603 reap = 0;
3604 break;
3605 }
3606 }
3607
3608 /*
3609 * "Reapable" CTLXs are ones which don't have any
3610 * threads waiting for them to die. Hence they must
3611 * be delivered to The Reaper!
3612 */
3613 if ( ctlx->reapable ) {
3614 /* Move the CTLX off the "completing" list (hopefully)
3615 * on to the "reapable" list where the reaper task
3616 * can find it. And "reapable" means that this CTLX
3617 * isn't sitting on a wait-queue somewhere.
3618 */
3619 list_move_tail(&ctlx->list, &hw->ctlxq.reapable);
3620 reap = 1;
3621 }
3622
3623 complete(&ctlx->done);
3624 }
3625 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3626
3627 if (reap)
3628 tasklet_schedule(&hw->reaper_bh);
3629
3630 DBFEXIT;
3631 }
3632
3633 /*----------------------------------------------------------------
3634 * unlocked_usbctlx_cancel_async
3635 *
3636 * Mark the CTLX dead asynchronously, and ensure that the
3637 * next command on the queue is run afterwards.
3638 *
3639 * Arguments:
3640 * hw ptr to the hfa384x_t structure
3641 * ctlx ptr to a CTLX structure
3642 *
3643 * Returns:
3644 * 0 the CTLX's URB is inactive
3645 * -EINPROGRESS the URB is currently being unlinked
3646 *
3647 * Call context:
3648 * Either process or interrupt, but presumably interrupt
3649 ----------------------------------------------------------------*/
3650 static int unlocked_usbctlx_cancel_async(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx)
3651 {
3652 int ret;
3653
3654 DBFENTER;
3655
3656 /*
3657 * Try to delete the URB containing our request packet.
3658 * If we succeed, then its completion handler will be
3659 * called with a status of -ECONNRESET.
3660 */
3661 hw->ctlx_urb.transfer_flags |= URB_ASYNC_UNLINK;
3662 ret = usb_unlink_urb(&hw->ctlx_urb);
3663
3664 if (ret != -EINPROGRESS) {
3665 /*
3666 * The OUT URB had either already completed
3667 * or was still in the pending queue, so the
3668 * URB's completion function will not be called.
3669 * We will have to complete the CTLX ourselves.
3670 */
3671 ctlx->state = CTLX_REQ_FAILED;
3672 unlocked_usbctlx_complete(hw, ctlx);
3673 ret = 0;
3674 }
3675
3676 DBFEXIT;
3677
3678 return ret;
3679 }
3680
3681 /*----------------------------------------------------------------
3682 * unlocked_usbctlx_complete
3683 *
3684 * A CTLX has completed. It may have been successful, it may not
3685 * have been. At this point, the CTLX should be quiescent. The URBs
3686 * aren't active and the timers should have been stopped.
3687 *
3688 * The CTLX is migrated to the "completing" queue, and the completing
3689 * tasklet is scheduled.
3690 *
3691 * Arguments:
3692 * hw ptr to a hfa384x_t structure
3693 * ctlx ptr to a ctlx structure
3694 *
3695 * Returns:
3696 * nothing
3697 *
3698 * Side effects:
3699 *
3700 * Call context:
3701 * Either, assume interrupt
3702 ----------------------------------------------------------------*/
3703 static void unlocked_usbctlx_complete(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx)
3704 {
3705 DBFENTER;
3706
3707 /* Timers have been stopped, and ctlx should be in
3708 * a terminal state. Retire it from the "active"
3709 * queue.
3710 */
3711 list_move_tail(&ctlx->list, &hw->ctlxq.completing);
3712 tasklet_schedule(&hw->completion_bh);
3713
3714 switch (ctlx->state) {
3715 case CTLX_COMPLETE:
3716 case CTLX_REQ_FAILED:
3717 /* This are the correct terminating states. */
3718 break;
3719
3720 default:
3721 WLAN_LOG_ERROR("CTLX[%d] not in a terminating state(%s)\n",
3722 hfa384x2host_16(ctlx->outbuf.type),
3723 ctlxstr(ctlx->state));
3724 break;
3725 } /* switch */
3726
3727 DBFEXIT;
3728 }
3729
3730 /*----------------------------------------------------------------
3731 * hfa384x_usbctlxq_run
3732 *
3733 * Checks to see if the head item is running. If not, starts it.
3734 *
3735 * Arguments:
3736 * hw ptr to hfa384x_t
3737 *
3738 * Returns:
3739 * nothing
3740 *
3741 * Side effects:
3742 *
3743 * Call context:
3744 * any
3745 ----------------------------------------------------------------*/
3746 static void
3747 hfa384x_usbctlxq_run(hfa384x_t *hw)
3748 {
3749 unsigned long flags;
3750 DBFENTER;
3751
3752 /* acquire lock */
3753 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3754
3755 /* Only one active CTLX at any one time, because there's no
3756 * other (reliable) way to match the response URB to the
3757 * correct CTLX.
3758 *
3759 * Don't touch any of these CTLXs if the hardware
3760 * has been removed or the USB subsystem is stalled.
3761 */
3762 if ( !list_empty(&hw->ctlxq.active) ||
3763 test_bit(WORK_TX_HALT, &hw->usb_flags) ||
3764 hw->wlandev->hwremoved )
3765 goto unlock;
3766
3767 while ( !list_empty(&hw->ctlxq.pending) ) {
3768 hfa384x_usbctlx_t *head;
3769 int result;
3770
3771 /* This is the first pending command */
3772 head = list_entry(hw->ctlxq.pending.next,
3773 hfa384x_usbctlx_t,
3774 list);
3775
3776 /* We need to split this off to avoid a race condition */
3777 list_move_tail(&head->list, &hw->ctlxq.active);
3778
3779 /* Fill the out packet */
3780 usb_fill_bulk_urb( &(hw->ctlx_urb), hw->usb,
3781 hw->endp_out,
3782 &(head->outbuf), ROUNDUP64(head->outbufsize),
3783 hfa384x_ctlxout_callback, hw);
3784 hw->ctlx_urb.transfer_flags |= USB_QUEUE_BULK;
3785
3786 /* Now submit the URB and update the CTLX's state
3787 */
3788 if ((result = SUBMIT_URB(&hw->ctlx_urb, GFP_ATOMIC)) == 0) {
3789 /* This CTLX is now running on the active queue */
3790 head->state = CTLX_REQ_SUBMITTED;
3791
3792 /* Start the OUT wait timer */
3793 hw->req_timer_done = 0;
3794 hw->reqtimer.expires = jiffies + HZ;
3795 add_timer(&hw->reqtimer);
3796
3797 /* Start the IN wait timer */
3798 hw->resp_timer_done = 0;
3799 hw->resptimer.expires = jiffies + 2*HZ;
3800 add_timer(&hw->resptimer);
3801
3802 break;
3803 }
3804
3805 if (result == -EPIPE) {
3806 /* The OUT pipe needs resetting, so put
3807 * this CTLX back in the "pending" queue
3808 * and schedule a reset ...
3809 */
3810 WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
3811 hw->wlandev->netdev->name);
3812 list_move(&head->list, &hw->ctlxq.pending);
3813 set_bit(WORK_TX_HALT, &hw->usb_flags);
3814 schedule_work(&hw->usb_work);
3815 break;
3816 }
3817
3818 if (result == -ESHUTDOWN) {
3819 WLAN_LOG_WARNING("%s urb shutdown!\n",
3820 hw->wlandev->netdev->name);
3821 break;
3822 }
3823
3824 WLAN_LOG_ERROR("Failed to submit CTLX[%d]: error=%d\n",
3825 hfa384x2host_16(head->outbuf.type), result);
3826 unlocked_usbctlx_complete(hw, head);
3827 } /* while */
3828
3829 unlock:
3830 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3831
3832 DBFEXIT;
3833 }
3834
3835
3836 /*----------------------------------------------------------------
3837 * hfa384x_usbin_callback
3838 *
3839 * Callback for URBs on the BULKIN endpoint.
3840 *
3841 * Arguments:
3842 * urb ptr to the completed urb
3843 *
3844 * Returns:
3845 * nothing
3846 *
3847 * Side effects:
3848 *
3849 * Call context:
3850 * interrupt
3851 ----------------------------------------------------------------*/
3852 #ifdef URB_ONLY_CALLBACK
3853 static void hfa384x_usbin_callback(struct urb *urb)
3854 #else
3855 static void hfa384x_usbin_callback(struct urb *urb, struct pt_regs *regs)
3856 #endif
3857 {
3858 wlandevice_t *wlandev = urb->context;
3859 hfa384x_t *hw;
3860 hfa384x_usbin_t *usbin = (hfa384x_usbin_t *) urb->transfer_buffer;
3861 struct sk_buff *skb = NULL;
3862 int result;
3863 int urb_status;
3864 UINT16 type;
3865
3866 enum USBIN_ACTION {
3867 HANDLE,
3868 RESUBMIT,
3869 ABORT
3870 } action;
3871
3872 DBFENTER;
3873
3874 if ( !wlandev ||
3875 !wlandev->netdev ||
3876 !netif_device_present(wlandev->netdev) )
3877 goto exit;
3878
3879 hw = wlandev->priv;
3880 if (!hw)
3881 goto exit;
3882
3883 skb = hw->rx_urb_skb;
3884 if (!skb || (skb->data != urb->transfer_buffer)) {
3885 BUG();
3886 }
3887 hw->rx_urb_skb = NULL;
3888
3889 /* Check for error conditions within the URB */
3890 switch (urb->status) {
3891 case 0:
3892 action = HANDLE;
3893
3894 /* Check for short packet */
3895 if ( urb->actual_length == 0 ) {
3896 ++(wlandev->linux_stats.rx_errors);
3897 ++(wlandev->linux_stats.rx_length_errors);
3898 action = RESUBMIT;
3899 }
3900 break;
3901
3902 case -EPIPE:
3903 WLAN_LOG_WARNING("%s rx pipe stalled: requesting reset\n",
3904 wlandev->netdev->name);
3905 if ( !test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) )
3906 schedule_work(&hw->usb_work);
3907 ++(wlandev->linux_stats.rx_errors);
3908 action = ABORT;
3909 break;
3910
3911 case -EILSEQ:
3912 case -ETIMEDOUT:
3913 case -EPROTO:
3914 if ( !test_and_set_bit(THROTTLE_RX, &hw->usb_flags) &&
3915 !timer_pending(&hw->throttle) ) {
3916 mod_timer(&hw->throttle, jiffies + THROTTLE_JIFFIES);
3917 }
3918 ++(wlandev->linux_stats.rx_errors);
3919 action = ABORT;
3920 break;
3921
3922 case -EOVERFLOW:
3923 ++(wlandev->linux_stats.rx_over_errors);
3924 action = RESUBMIT;
3925 break;
3926
3927 case -ENODEV:
3928 case -ESHUTDOWN:
3929 WLAN_LOG_DEBUG(3,"status=%d, device removed.\n", urb->status);
3930 action = ABORT;
3931 break;
3932
3933 case -ENOENT:
3934 case -ECONNRESET:
3935 WLAN_LOG_DEBUG(3,"status=%d, urb explicitly unlinked.\n", urb->status);
3936 action = ABORT;
3937 break;
3938
3939 default:
3940 WLAN_LOG_DEBUG(3,"urb status=%d, transfer flags=0x%x\n",
3941 urb->status, urb->transfer_flags);
3942 ++(wlandev->linux_stats.rx_errors);
3943 action = RESUBMIT;
3944 break;
3945 }
3946
3947 urb_status = urb->status;
3948
3949 if (action != ABORT) {
3950 /* Repost the RX URB */
3951 result = submit_rx_urb(hw, GFP_ATOMIC);
3952
3953 if (result != 0) {
3954 WLAN_LOG_ERROR(
3955 "Fatal, failed to resubmit rx_urb. error=%d\n",
3956 result);
3957 }
3958 }
3959
3960 /* Handle any USB-IN packet */
3961 /* Note: the check of the sw_support field, the type field doesn't
3962 * have bit 12 set like the docs suggest.
3963 */
3964 type = hfa384x2host_16(usbin->type);
3965 if (HFA384x_USB_ISRXFRM(type)) {
3966 if (action == HANDLE) {
3967 if (usbin->txfrm.desc.sw_support == 0x0123) {
3968 hfa384x_usbin_txcompl(wlandev, usbin);
3969 } else {
3970 skb_put(skb, sizeof(*usbin));
3971 hfa384x_usbin_rx(wlandev, skb);
3972 skb = NULL;
3973 }
3974 }
3975 goto exit;
3976 }
3977 if (HFA384x_USB_ISTXFRM(type)) {
3978 if (action == HANDLE)
3979 hfa384x_usbin_txcompl(wlandev, usbin);
3980 goto exit;
3981 }
3982 switch (type) {
3983 case HFA384x_USB_INFOFRM:
3984 if (action == ABORT)
3985 goto exit;
3986 if (action == HANDLE)
3987 hfa384x_usbin_info(wlandev, usbin);
3988 break;
3989
3990 case HFA384x_USB_CMDRESP:
3991 case HFA384x_USB_WRIDRESP:
3992 case HFA384x_USB_RRIDRESP:
3993 case HFA384x_USB_WMEMRESP:
3994 case HFA384x_USB_RMEMRESP:
3995 /* ALWAYS, ALWAYS, ALWAYS handle this CTLX!!!! */
3996 hfa384x_usbin_ctlx(hw, usbin, urb_status);
3997 break;
3998
3999 case HFA384x_USB_BUFAVAIL:
4000 WLAN_LOG_DEBUG(3,"Received BUFAVAIL packet, frmlen=%d\n",
4001 usbin->bufavail.frmlen);
4002 break;
4003
4004 case HFA384x_USB_ERROR:
4005 WLAN_LOG_DEBUG(3,"Received USB_ERROR packet, errortype=%d\n",
4006 usbin->usberror.errortype);
4007 break;
4008
4009 default:
4010 WLAN_LOG_DEBUG(3,"Unrecognized USBIN packet, type=%x, status=%d\n",
4011 usbin->type, urb_status);
4012 break;
4013 } /* switch */
4014
4015 exit:
4016
4017 if (skb)
4018 dev_kfree_skb(skb);
4019
4020 DBFEXIT;
4021 }
4022
4023
4024 /*----------------------------------------------------------------
4025 * hfa384x_usbin_ctlx
4026 *
4027 * We've received a URB containing a Prism2 "response" message.
4028 * This message needs to be matched up with a CTLX on the active
4029 * queue and our state updated accordingly.
4030 *
4031 * Arguments:
4032 * hw ptr to hfa384x_t
4033 * usbin ptr to USB IN packet
4034 * urb_status status of this Bulk-In URB
4035 *
4036 * Returns:
4037 * nothing
4038 *
4039 * Side effects:
4040 *
4041 * Call context:
4042 * interrupt
4043 ----------------------------------------------------------------*/
4044 static void hfa384x_usbin_ctlx(hfa384x_t *hw, hfa384x_usbin_t *usbin,
4045 int urb_status)
4046 {
4047 hfa384x_usbctlx_t *ctlx;
4048 int run_queue = 0;
4049 unsigned long flags;
4050
4051 DBFENTER;
4052
4053 retry:
4054 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4055
4056 /* There can be only one CTLX on the active queue
4057 * at any one time, and this is the CTLX that the
4058 * timers are waiting for.
4059 */
4060 if ( list_empty(&hw->ctlxq.active) ) {
4061 goto unlock;
4062 }
4063
4064 /* Remove the "response timeout". It's possible that
4065 * we are already too late, and that the timeout is
4066 * already running. And that's just too bad for us,
4067 * because we could lose our CTLX from the active
4068 * queue here ...
4069 */
4070 if (del_timer(&hw->resptimer) == 0) {
4071 if (hw->resp_timer_done == 0) {
4072 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4073 goto retry;
4074 }
4075 }
4076 else {
4077 hw->resp_timer_done = 1;
4078 }
4079
4080 ctlx = get_active_ctlx(hw);
4081
4082 if (urb_status != 0) {
4083 /*
4084 * Bad CTLX, so get rid of it. But we only
4085 * remove it from the active queue if we're no
4086 * longer expecting the OUT URB to complete.
4087 */
4088 if (unlocked_usbctlx_cancel_async(hw, ctlx) == 0)
4089 run_queue = 1;
4090 } else {
4091 const UINT16 intype = (usbin->type&~host2hfa384x_16(0x8000));
4092
4093 /*
4094 * Check that our message is what we're expecting ...
4095 */
4096 if (ctlx->outbuf.type != intype) {
4097 WLAN_LOG_WARNING("Expected IN[%d], received IN[%d] - ignored.\n",
4098 hfa384x2host_16(ctlx->outbuf.type),
4099 hfa384x2host_16(intype));
4100 goto unlock;
4101 }
4102
4103 /* This URB has succeeded, so grab the data ... */
4104 memcpy(&ctlx->inbuf, usbin, sizeof(ctlx->inbuf));
4105
4106 switch (ctlx->state) {
4107 case CTLX_REQ_SUBMITTED:
4108 /*
4109 * We have received our response URB before
4110 * our request has been acknowledged. Odd,
4111 * but our OUT URB is still alive...
4112 */
4113 WLAN_LOG_DEBUG(0, "Causality violation: please reboot Universe, or email linux-wlan-devel@lists.linux-wlan.com\n");
4114 ctlx->state = CTLX_RESP_COMPLETE;
4115 break;
4116
4117 case CTLX_REQ_COMPLETE:
4118 /*
4119 * This is the usual path: our request
4120 * has already been acknowledged, and
4121 * now we have received the reply too.
4122 */
4123 ctlx->state = CTLX_COMPLETE;
4124 unlocked_usbctlx_complete(hw, ctlx);
4125 run_queue = 1;
4126 break;
4127
4128 default:
4129 /*
4130 * Throw this CTLX away ...
4131 */
4132 WLAN_LOG_ERROR("Matched IN URB, CTLX[%d] in invalid state(%s)."
4133 " Discarded.\n",
4134 hfa384x2host_16(ctlx->outbuf.type),
4135 ctlxstr(ctlx->state));
4136 if (unlocked_usbctlx_cancel_async(hw, ctlx) == 0)
4137 run_queue = 1;
4138 break;
4139 } /* switch */
4140 }
4141
4142 unlock:
4143 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4144
4145 if (run_queue)
4146 hfa384x_usbctlxq_run(hw);
4147
4148 DBFEXIT;
4149 }
4150
4151
4152 /*----------------------------------------------------------------
4153 * hfa384x_usbin_txcompl
4154 *
4155 * At this point we have the results of a previous transmit.
4156 *
4157 * Arguments:
4158 * wlandev wlan device
4159 * usbin ptr to the usb transfer buffer
4160 *
4161 * Returns:
4162 * nothing
4163 *
4164 * Side effects:
4165 *
4166 * Call context:
4167 * interrupt
4168 ----------------------------------------------------------------*/
4169 static void hfa384x_usbin_txcompl(wlandevice_t *wlandev, hfa384x_usbin_t *usbin)
4170 {
4171 UINT16 status;
4172 DBFENTER;
4173
4174 status = hfa384x2host_16(usbin->type); /* yeah I know it says type...*/
4175
4176 /* Was there an error? */
4177 if (HFA384x_TXSTATUS_ISERROR(status)) {
4178 prism2sta_ev_txexc(wlandev, status);
4179 } else {
4180 prism2sta_ev_tx(wlandev, status);
4181 }
4182 // prism2sta_ev_alloc(wlandev);
4183
4184 DBFEXIT;
4185 }
4186
4187
4188 /*----------------------------------------------------------------
4189 * hfa384x_usbin_rx
4190 *
4191 * At this point we have a successful received a rx frame packet.
4192 *
4193 * Arguments:
4194 * wlandev wlan device
4195 * usbin ptr to the usb transfer buffer
4196 *
4197 * Returns:
4198 * nothing
4199 *
4200 * Side effects:
4201 *
4202 * Call context:
4203 * interrupt
4204 ----------------------------------------------------------------*/
4205 static void hfa384x_usbin_rx(wlandevice_t *wlandev, struct sk_buff *skb)
4206 {
4207 hfa384x_usbin_t *usbin = (hfa384x_usbin_t *) skb->data;
4208 hfa384x_t *hw = wlandev->priv;
4209 int hdrlen;
4210 p80211_rxmeta_t *rxmeta;
4211 UINT16 data_len;
4212 UINT16 fc;
4213
4214 DBFENTER;
4215
4216 /* Byte order convert once up front. */
4217 usbin->rxfrm.desc.status =
4218 hfa384x2host_16(usbin->rxfrm.desc.status);
4219 usbin->rxfrm.desc.time =
4220 hfa384x2host_32(usbin->rxfrm.desc.time);
4221
4222 /* Now handle frame based on port# */
4223 switch( HFA384x_RXSTATUS_MACPORT_GET(usbin->rxfrm.desc.status) )
4224 {
4225 case 0:
4226 fc = ieee2host16(usbin->rxfrm.desc.frame_control);
4227
4228 /* If exclude and we receive an unencrypted, drop it */
4229 if ( (wlandev->hostwep & HOSTWEP_EXCLUDEUNENCRYPTED) &&
4230 !WLAN_GET_FC_ISWEP(fc)){
4231 goto done;
4232 }
4233
4234 data_len = hfa384x2host_16(usbin->rxfrm.desc.data_len);
4235
4236 /* How much header data do we have? */
4237 hdrlen = p80211_headerlen(fc);
4238
4239 /* Pull off the descriptor */
4240 skb_pull(skb, sizeof(hfa384x_rx_frame_t));
4241
4242 /* Now shunt the header block up against the data block
4243 * with an "overlapping" copy
4244 */
4245 memmove(skb_push(skb, hdrlen),
4246 &usbin->rxfrm.desc.frame_control,
4247 hdrlen);
4248
4249 skb->dev = wlandev->netdev;
4250 skb->dev->last_rx = jiffies;
4251
4252 /* And set the frame length properly */
4253 skb_trim(skb, data_len + hdrlen);
4254
4255 /* The prism2 series does not return the CRC */
4256 memset(skb_put(skb, WLAN_CRC_LEN), 0xff, WLAN_CRC_LEN);
4257
4258 skb_reset_mac_header(skb);
4259
4260 /* Attach the rxmeta, set some stuff */
4261 p80211skb_rxmeta_attach(wlandev, skb);
4262 rxmeta = P80211SKB_RXMETA(skb);
4263 rxmeta->mactime = usbin->rxfrm.desc.time;
4264 rxmeta->rxrate = usbin->rxfrm.desc.rate;
4265 rxmeta->signal = usbin->rxfrm.desc.signal - hw->dbmadjust;
4266 rxmeta->noise = usbin->rxfrm.desc.silence - hw->dbmadjust;
4267
4268 prism2sta_ev_rx(wlandev, skb);
4269
4270 break;
4271
4272 case 7:
4273 if ( ! HFA384x_RXSTATUS_ISFCSERR(usbin->rxfrm.desc.status) ) {
4274 /* Copy to wlansnif skb */
4275 hfa384x_int_rxmonitor( wlandev, &usbin->rxfrm);
4276 dev_kfree_skb(skb);
4277 } else {
4278 WLAN_LOG_DEBUG(3,"Received monitor frame: FCSerr set\n");
4279 }
4280 break;
4281
4282 default:
4283 WLAN_LOG_WARNING("Received frame on unsupported port=%d\n",
4284 HFA384x_RXSTATUS_MACPORT_GET(usbin->rxfrm.desc.status) );
4285 goto done;
4286 break;
4287 }
4288
4289 done:
4290 DBFEXIT;
4291 return;
4292 }
4293
4294 /*----------------------------------------------------------------
4295 * hfa384x_int_rxmonitor
4296 *
4297 * Helper function for int_rx. Handles monitor frames.
4298 * Note that this function allocates space for the FCS and sets it
4299 * to 0xffffffff. The hfa384x doesn't give us the FCS value but the
4300 * higher layers expect it. 0xffffffff is used as a flag to indicate
4301 * the FCS is bogus.
4302 *
4303 * Arguments:
4304 * wlandev wlan device structure
4305 * rxfrm rx descriptor read from card in int_rx
4306 *
4307 * Returns:
4308 * nothing
4309 *
4310 * Side effects:
4311 * Allocates an skb and passes it up via the PF_PACKET interface.
4312 * Call context:
4313 * interrupt
4314 ----------------------------------------------------------------*/
4315 static void hfa384x_int_rxmonitor( wlandevice_t *wlandev, hfa384x_usb_rxfrm_t *rxfrm)
4316 {
4317 hfa384x_rx_frame_t *rxdesc = &(rxfrm->desc);
4318 UINT hdrlen = 0;
4319 UINT datalen = 0;
4320 UINT skblen = 0;
4321 p80211msg_lnxind_wlansniffrm_t *msg;
4322 UINT8 *datap;
4323 UINT16 fc;
4324 struct sk_buff *skb;
4325 hfa384x_t *hw = wlandev->priv;
4326
4327
4328 DBFENTER;
4329 /* Don't forget the status, time, and data_len fields are in host order */
4330 /* Figure out how big the frame is */
4331 fc = ieee2host16(rxdesc->frame_control);
4332 hdrlen = p80211_headerlen(fc);
4333 datalen = hfa384x2host_16(rxdesc->data_len);
4334
4335 /* Allocate an ind message+framesize skb */
4336 skblen = sizeof(p80211msg_lnxind_wlansniffrm_t) +
4337 hdrlen + datalen + WLAN_CRC_LEN;
4338
4339 /* sanity check the length */
4340 if ( skblen >
4341 (sizeof(p80211msg_lnxind_wlansniffrm_t) +
4342 WLAN_HDR_A4_LEN + WLAN_DATA_MAXLEN + WLAN_CRC_LEN) ) {
4343 WLAN_LOG_DEBUG(1, "overlen frm: len=%zd\n",
4344 skblen - sizeof(p80211msg_lnxind_wlansniffrm_t));
4345 }
4346
4347 if ( (skb = dev_alloc_skb(skblen)) == NULL ) {
4348 WLAN_LOG_ERROR("alloc_skb failed trying to allocate %d bytes\n", skblen);
4349 return;
4350 }
4351
4352 /* only prepend the prism header if in the right mode */
4353 if ((wlandev->netdev->type == ARPHRD_IEEE80211_PRISM) &&
4354 (hw->sniffhdr == 0)) {
4355 datap = skb_put(skb, sizeof(p80211msg_lnxind_wlansniffrm_t));
4356 msg = (p80211msg_lnxind_wlansniffrm_t*) datap;
4357
4358 /* Initialize the message members */
4359 msg->msgcode = DIDmsg_lnxind_wlansniffrm;
4360 msg->msglen = sizeof(p80211msg_lnxind_wlansniffrm_t);
4361 strcpy(msg->devname, wlandev->name);
4362
4363 msg->hosttime.did = DIDmsg_lnxind_wlansniffrm_hosttime;
4364 msg->hosttime.status = 0;
4365 msg->hosttime.len = 4;
4366 msg->hosttime.data = jiffies;
4367
4368 msg->mactime.did = DIDmsg_lnxind_wlansniffrm_mactime;
4369 msg->mactime.status = 0;
4370 msg->mactime.len = 4;
4371 msg->mactime.data = rxdesc->time;
4372
4373 msg->channel.did = DIDmsg_lnxind_wlansniffrm_channel;
4374 msg->channel.status = 0;
4375 msg->channel.len = 4;
4376 msg->channel.data = hw->sniff_channel;
4377
4378 msg->rssi.did = DIDmsg_lnxind_wlansniffrm_rssi;
4379 msg->rssi.status = P80211ENUM_msgitem_status_no_value;
4380 msg->rssi.len = 4;
4381 msg->rssi.data = 0;
4382
4383 msg->sq.did = DIDmsg_lnxind_wlansniffrm_sq;
4384 msg->sq.status = P80211ENUM_msgitem_status_no_value;
4385 msg->sq.len = 4;
4386 msg->sq.data = 0;
4387
4388 msg->signal.did = DIDmsg_lnxind_wlansniffrm_signal;
4389 msg->signal.status = 0;
4390 msg->signal.len = 4;
4391 msg->signal.data = rxdesc->signal;
4392
4393 msg->noise.did = DIDmsg_lnxind_wlansniffrm_noise;
4394 msg->noise.status = 0;
4395 msg->noise.len = 4;
4396 msg->noise.data = rxdesc->silence;
4397
4398 msg->rate.did = DIDmsg_lnxind_wlansniffrm_rate;
4399 msg->rate.status = 0;
4400 msg->rate.len = 4;
4401 msg->rate.data = rxdesc->rate / 5; /* set to 802.11 units */
4402
4403 msg->istx.did = DIDmsg_lnxind_wlansniffrm_istx;
4404 msg->istx.status = 0;
4405 msg->istx.len = 4;
4406 msg->istx.data = P80211ENUM_truth_false;
4407
4408 msg->frmlen.did = DIDmsg_lnxind_wlansniffrm_frmlen;
4409 msg->frmlen.status = 0;
4410 msg->frmlen.len = 4;
4411 msg->frmlen.data = hdrlen + datalen + WLAN_CRC_LEN;
4412 } else if ((wlandev->netdev->type == ARPHRD_IEEE80211_PRISM) &&
4413 (hw->sniffhdr != 0)) {
4414 p80211_caphdr_t *caphdr;
4415 /* The NEW header format! */
4416 datap = skb_put(skb, sizeof(p80211_caphdr_t));
4417 caphdr = (p80211_caphdr_t*) datap;
4418
4419 caphdr->version = htonl(P80211CAPTURE_VERSION);
4420 caphdr->length = htonl(sizeof(p80211_caphdr_t));
4421 caphdr->mactime = __cpu_to_be64(rxdesc->time) * 1000;
4422 caphdr->hosttime = __cpu_to_be64(jiffies);
4423 caphdr->phytype = htonl(4); /* dss_dot11_b */
4424 caphdr->channel = htonl(hw->sniff_channel);
4425 caphdr->datarate = htonl(rxdesc->rate);
4426 caphdr->antenna = htonl(0); /* unknown */
4427 caphdr->priority = htonl(0); /* unknown */
4428 caphdr->ssi_type = htonl(3); /* rssi_raw */
4429 caphdr->ssi_signal = htonl(rxdesc->signal);
4430 caphdr->ssi_noise = htonl(rxdesc->silence);
4431 caphdr->preamble = htonl(0); /* unknown */
4432 caphdr->encoding = htonl(1); /* cck */
4433 }
4434
4435 /* Copy the 802.11 header to the skb (ctl frames may be less than a full header) */
4436 datap = skb_put(skb, hdrlen);
4437 memcpy( datap, &(rxdesc->frame_control), hdrlen);
4438
4439 /* If any, copy the data from the card to the skb */
4440 if ( datalen > 0 )
4441 {
4442 datap = skb_put(skb, datalen);
4443 memcpy(datap, rxfrm->data, datalen);
4444
4445 /* check for unencrypted stuff if WEP bit set. */
4446 if (*(datap - hdrlen + 1) & 0x40) // wep set
4447 if ((*(datap) == 0xaa) && (*(datap+1) == 0xaa))
4448 *(datap - hdrlen + 1) &= 0xbf; // clear wep; it's the 802.2 header!
4449 }
4450
4451 if (hw->sniff_fcs) {
4452 /* Set the FCS */
4453 datap = skb_put(skb, WLAN_CRC_LEN);
4454 memset( datap, 0xff, WLAN_CRC_LEN);
4455 }
4456
4457 /* pass it back up */
4458 prism2sta_ev_rx(wlandev, skb);
4459
4460 DBFEXIT;
4461 return;
4462 }
4463
4464
4465
4466 /*----------------------------------------------------------------
4467 * hfa384x_usbin_info
4468 *
4469 * At this point we have a successful received a Prism2 info frame.
4470 *
4471 * Arguments:
4472 * wlandev wlan device
4473 * usbin ptr to the usb transfer buffer
4474 *
4475 * Returns:
4476 * nothing
4477 *
4478 * Side effects:
4479 *
4480 * Call context:
4481 * interrupt
4482 ----------------------------------------------------------------*/
4483 static void hfa384x_usbin_info(wlandevice_t *wlandev, hfa384x_usbin_t *usbin)
4484 {
4485 DBFENTER;
4486
4487 usbin->infofrm.info.framelen = hfa384x2host_16(usbin->infofrm.info.framelen);
4488 prism2sta_ev_info(wlandev, &usbin->infofrm.info);
4489
4490 DBFEXIT;
4491 }
4492
4493
4494
4495 /*----------------------------------------------------------------
4496 * hfa384x_usbout_callback
4497 *
4498 * Callback for URBs on the BULKOUT endpoint.
4499 *
4500 * Arguments:
4501 * urb ptr to the completed urb
4502 *
4503 * Returns:
4504 * nothing
4505 *
4506 * Side effects:
4507 *
4508 * Call context:
4509 * interrupt
4510 ----------------------------------------------------------------*/
4511 #ifdef URB_ONLY_CALLBACK
4512 static void hfa384x_usbout_callback(struct urb *urb)
4513 #else
4514 static void hfa384x_usbout_callback(struct urb *urb, struct pt_regs *regs)
4515 #endif
4516 {
4517 wlandevice_t *wlandev = urb->context;
4518 hfa384x_usbout_t *usbout = urb->transfer_buffer;
4519 DBFENTER;
4520
4521 #ifdef DEBUG_USB
4522 dbprint_urb(urb);
4523 #endif
4524
4525 if ( wlandev &&
4526 wlandev->netdev ) {
4527
4528 switch(urb->status) {
4529 case 0:
4530 hfa384x_usbout_tx(wlandev, usbout);
4531 break;
4532
4533 case -EPIPE:
4534 {
4535 hfa384x_t *hw = wlandev->priv;
4536 WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
4537 wlandev->netdev->name);
4538 if ( !test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) )
4539 schedule_work(&hw->usb_work);
4540 ++(wlandev->linux_stats.tx_errors);
4541 break;
4542 }
4543
4544 case -EPROTO:
4545 case -ETIMEDOUT:
4546 case -EILSEQ:
4547 {
4548 hfa384x_t *hw = wlandev->priv;
4549
4550 if ( !test_and_set_bit(THROTTLE_TX, &hw->usb_flags)
4551 && !timer_pending(&hw->throttle) ) {
4552 mod_timer(&hw->throttle,
4553 jiffies + THROTTLE_JIFFIES);
4554 }
4555 ++(wlandev->linux_stats.tx_errors);
4556 netif_stop_queue(wlandev->netdev);
4557 break;
4558 }
4559
4560 case -ENOENT:
4561 case -ESHUTDOWN:
4562 /* Ignorable errors */
4563 break;
4564
4565 default:
4566 WLAN_LOG_INFO("unknown urb->status=%d\n", urb->status);
4567 ++(wlandev->linux_stats.tx_errors);
4568 break;
4569 } /* switch */
4570 }
4571
4572 DBFEXIT;
4573 }
4574
4575
4576 /*----------------------------------------------------------------
4577 * hfa384x_ctlxout_callback
4578 *
4579 * Callback for control data on the BULKOUT endpoint.
4580 *
4581 * Arguments:
4582 * urb ptr to the completed urb
4583 *
4584 * Returns:
4585 * nothing
4586 *
4587 * Side effects:
4588 *
4589 * Call context:
4590 * interrupt
4591 ----------------------------------------------------------------*/
4592 #ifdef URB_ONLY_CALLBACK
4593 static void hfa384x_ctlxout_callback(struct urb *urb)
4594 #else
4595 static void hfa384x_ctlxout_callback(struct urb *urb, struct pt_regs *regs)
4596 #endif
4597 {
4598 hfa384x_t *hw = urb->context;
4599 int delete_resptimer = 0;
4600 int timer_ok = 1;
4601 int run_queue = 0;
4602 hfa384x_usbctlx_t *ctlx;
4603 unsigned long flags;
4604
4605 DBFENTER;
4606
4607 WLAN_LOG_DEBUG(3,"urb->status=%d\n", urb->status);
4608 #ifdef DEBUG_USB
4609 dbprint_urb(urb);
4610 #endif
4611 if ( (urb->status == -ESHUTDOWN) ||
4612 (urb->status == -ENODEV) ||
4613 (hw == NULL) )
4614 goto done;
4615
4616 retry:
4617 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4618
4619 /*
4620 * Only one CTLX at a time on the "active" list, and
4621 * none at all if we are unplugged. However, we can
4622 * rely on the disconnect function to clean everything
4623 * up if someone unplugged the adapter.
4624 */
4625 if ( list_empty(&hw->ctlxq.active) ) {
4626 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4627 goto done;
4628 }
4629
4630 /*
4631 * Having something on the "active" queue means
4632 * that we have timers to worry about ...
4633 */
4634 if (del_timer(&hw->reqtimer) == 0) {
4635 if (hw->req_timer_done == 0) {
4636 /*
4637 * This timer was actually running while we
4638 * were trying to delete it. Let it terminate
4639 * gracefully instead.
4640 */
4641 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4642 goto retry;
4643 }
4644 }
4645 else {
4646 hw->req_timer_done = 1;
4647 }
4648
4649 ctlx = get_active_ctlx(hw);
4650
4651 if ( urb->status == 0 ) {
4652 /* Request portion of a CTLX is successful */
4653 switch ( ctlx->state ) {
4654 case CTLX_REQ_SUBMITTED:
4655 /* This OUT-ACK received before IN */
4656 ctlx->state = CTLX_REQ_COMPLETE;
4657 break;
4658
4659 case CTLX_RESP_COMPLETE:
4660 /* IN already received before this OUT-ACK,
4661 * so this command must now be complete.
4662 */
4663 ctlx->state = CTLX_COMPLETE;
4664 unlocked_usbctlx_complete(hw, ctlx);
4665 run_queue = 1;
4666 break;
4667
4668 default:
4669 /* This is NOT a valid CTLX "success" state! */
4670 WLAN_LOG_ERROR(
4671 "Illegal CTLX[%d] success state(%s, %d) in OUT URB\n",
4672 hfa384x2host_16(ctlx->outbuf.type),
4673 ctlxstr(ctlx->state), urb->status);
4674 break;
4675 } /* switch */
4676 } else {
4677 /* If the pipe has stalled then we need to reset it */
4678 if ( (urb->status == -EPIPE) &&
4679 !test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) ) {
4680 WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
4681 hw->wlandev->netdev->name);
4682 schedule_work(&hw->usb_work);
4683 }
4684
4685 /* If someone cancels the OUT URB then its status
4686 * should be either -ECONNRESET or -ENOENT.
4687 */
4688 ctlx->state = CTLX_REQ_FAILED;
4689 unlocked_usbctlx_complete(hw, ctlx);
4690 delete_resptimer = 1;
4691 run_queue = 1;
4692 }
4693
4694 delresp:
4695 if (delete_resptimer) {
4696 if ((timer_ok = del_timer(&hw->resptimer)) != 0) {
4697 hw->resp_timer_done = 1;
4698 }
4699 }
4700
4701 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4702
4703 if ( !timer_ok && (hw->resp_timer_done == 0) ) {
4704 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4705 goto delresp;
4706 }
4707
4708 if (run_queue)
4709 hfa384x_usbctlxq_run(hw);
4710
4711 done:
4712 DBFEXIT;
4713 }
4714
4715
4716 /*----------------------------------------------------------------
4717 * hfa384x_usbctlx_reqtimerfn
4718 *
4719 * Timer response function for CTLX request timeouts. If this
4720 * function is called, it means that the callback for the OUT
4721 * URB containing a Prism2.x XXX_Request was never called.
4722 *
4723 * Arguments:
4724 * data a ptr to the hfa384x_t
4725 *
4726 * Returns:
4727 * nothing
4728 *
4729 * Side effects:
4730 *
4731 * Call context:
4732 * interrupt
4733 ----------------------------------------------------------------*/
4734 static void
4735 hfa384x_usbctlx_reqtimerfn(unsigned long data)
4736 {
4737 hfa384x_t *hw = (hfa384x_t*)data;
4738 unsigned long flags;
4739 DBFENTER;
4740
4741 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4742
4743 hw->req_timer_done = 1;
4744
4745 /* Removing the hardware automatically empties
4746 * the active list ...
4747 */
4748 if ( !list_empty(&hw->ctlxq.active) )
4749 {
4750 /*
4751 * We must ensure that our URB is removed from
4752 * the system, if it hasn't already expired.
4753 */
4754 hw->ctlx_urb.transfer_flags |= URB_ASYNC_UNLINK;
4755 if (usb_unlink_urb(&hw->ctlx_urb) == -EINPROGRESS)
4756 {
4757 hfa384x_usbctlx_t *ctlx = get_active_ctlx(hw);
4758
4759 ctlx->state = CTLX_REQ_FAILED;
4760
4761 /* This URB was active, but has now been
4762 * cancelled. It will now have a status of
4763 * -ECONNRESET in the callback function.
4764 *
4765 * We are cancelling this CTLX, so we're
4766 * not going to need to wait for a response.
4767 * The URB's callback function will check
4768 * that this timer is truly dead.
4769 */
4770 if (del_timer(&hw->resptimer) != 0)
4771 hw->resp_timer_done = 1;
4772 }
4773 }
4774
4775 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4776
4777 DBFEXIT;
4778 }
4779
4780
4781 /*----------------------------------------------------------------
4782 * hfa384x_usbctlx_resptimerfn
4783 *
4784 * Timer response function for CTLX response timeouts. If this
4785 * function is called, it means that the callback for the IN
4786 * URB containing a Prism2.x XXX_Response was never called.
4787 *
4788 * Arguments:
4789 * data a ptr to the hfa384x_t
4790 *
4791 * Returns:
4792 * nothing
4793 *
4794 * Side effects:
4795 *
4796 * Call context:
4797 * interrupt
4798 ----------------------------------------------------------------*/
4799 static void
4800 hfa384x_usbctlx_resptimerfn(unsigned long data)
4801 {
4802 hfa384x_t *hw = (hfa384x_t*)data;
4803 unsigned long flags;
4804
4805 DBFENTER;
4806
4807 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4808
4809 hw->resp_timer_done = 1;
4810
4811 /* The active list will be empty if the
4812 * adapter has been unplugged ...
4813 */
4814 if ( !list_empty(&hw->ctlxq.active) )
4815 {
4816 hfa384x_usbctlx_t *ctlx = get_active_ctlx(hw);
4817
4818 if ( unlocked_usbctlx_cancel_async(hw, ctlx) == 0 )
4819 {
4820 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4821 hfa384x_usbctlxq_run(hw);
4822 goto done;
4823 }
4824 }
4825
4826 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4827
4828 done:
4829 DBFEXIT;
4830 }
4831
4832 /*----------------------------------------------------------------
4833 * hfa384x_usb_throttlefn
4834 *
4835 *
4836 * Arguments:
4837 * data ptr to hw
4838 *
4839 * Returns:
4840 * Nothing
4841 *
4842 * Side effects:
4843 *
4844 * Call context:
4845 * Interrupt
4846 ----------------------------------------------------------------*/
4847 static void
4848 hfa384x_usb_throttlefn(unsigned long data)
4849 {
4850 hfa384x_t *hw = (hfa384x_t*)data;
4851 unsigned long flags;
4852
4853 DBFENTER;
4854
4855 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4856
4857 /*
4858 * We need to check BOTH the RX and the TX throttle controls,
4859 * so we use the bitwise OR instead of the logical OR.
4860 */
4861 WLAN_LOG_DEBUG(3, "flags=0x%lx\n", hw->usb_flags);
4862 if ( !hw->wlandev->hwremoved &&
4863 (
4864 (test_and_clear_bit(THROTTLE_RX, &hw->usb_flags) &&
4865 !test_and_set_bit(WORK_RX_RESUME, &hw->usb_flags))
4866 |
4867 (test_and_clear_bit(THROTTLE_TX, &hw->usb_flags) &&
4868 !test_and_set_bit(WORK_TX_RESUME, &hw->usb_flags))
4869 ) )
4870 {
4871 schedule_work(&hw->usb_work);
4872 }
4873
4874 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4875
4876 DBFEXIT;
4877 }
4878
4879
4880 /*----------------------------------------------------------------
4881 * hfa384x_usbctlx_submit
4882 *
4883 * Called from the doxxx functions to submit a CTLX to the queue
4884 *
4885 * Arguments:
4886 * hw ptr to the hw struct
4887 * ctlx ctlx structure to enqueue
4888 *
4889 * Returns:
4890 * -ENODEV if the adapter is unplugged
4891 * 0
4892 *
4893 * Side effects:
4894 *
4895 * Call context:
4896 * process or interrupt
4897 ----------------------------------------------------------------*/
4898 static int
4899 hfa384x_usbctlx_submit(
4900 hfa384x_t *hw,
4901 hfa384x_usbctlx_t *ctlx)
4902 {
4903 unsigned long flags;
4904 int ret;
4905
4906 DBFENTER;
4907
4908 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4909
4910 if (hw->wlandev->hwremoved) {
4911 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4912 ret = -ENODEV;
4913 } else {
4914 ctlx->state = CTLX_PENDING;
4915 list_add_tail(&ctlx->list, &hw->ctlxq.pending);
4916
4917 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4918 hfa384x_usbctlxq_run(hw);
4919 ret = 0;
4920 }
4921
4922 DBFEXIT;
4923 return ret;
4924 }
4925
4926
4927 /*----------------------------------------------------------------
4928 * hfa384x_usbout_tx
4929 *
4930 * At this point we have finished a send of a frame. Mark the URB
4931 * as available and call ev_alloc to notify higher layers we're
4932 * ready for more.
4933 *
4934 * Arguments:
4935 * wlandev wlan device
4936 * usbout ptr to the usb transfer buffer
4937 *
4938 * Returns:
4939 * nothing
4940 *
4941 * Side effects:
4942 *
4943 * Call context:
4944 * interrupt
4945 ----------------------------------------------------------------*/
4946 static void hfa384x_usbout_tx(wlandevice_t *wlandev, hfa384x_usbout_t *usbout)
4947 {
4948 DBFENTER;
4949
4950 prism2sta_ev_alloc(wlandev);
4951
4952 DBFEXIT;
4953 }
4954
4955 /*----------------------------------------------------------------
4956 * hfa384x_isgood_pdrcore
4957 *
4958 * Quick check of PDR codes.
4959 *
4960 * Arguments:
4961 * pdrcode PDR code number (host order)
4962 *
4963 * Returns:
4964 * zero not good.
4965 * one is good.
4966 *
4967 * Side effects:
4968 *
4969 * Call context:
4970 ----------------------------------------------------------------*/
4971 static int
4972 hfa384x_isgood_pdrcode(UINT16 pdrcode)
4973 {
4974 switch(pdrcode) {
4975 case HFA384x_PDR_END_OF_PDA:
4976 case HFA384x_PDR_PCB_PARTNUM:
4977 case HFA384x_PDR_PDAVER:
4978 case HFA384x_PDR_NIC_SERIAL:
4979 case HFA384x_PDR_MKK_MEASUREMENTS:
4980 case HFA384x_PDR_NIC_RAMSIZE:
4981 case HFA384x_PDR_MFISUPRANGE:
4982 case HFA384x_PDR_CFISUPRANGE:
4983 case HFA384x_PDR_NICID:
4984 case HFA384x_PDR_MAC_ADDRESS:
4985 case HFA384x_PDR_REGDOMAIN:
4986 case HFA384x_PDR_ALLOWED_CHANNEL:
4987 case HFA384x_PDR_DEFAULT_CHANNEL:
4988 case HFA384x_PDR_TEMPTYPE:
4989 case HFA384x_PDR_IFR_SETTING:
4990 case HFA384x_PDR_RFR_SETTING:
4991 case HFA384x_PDR_HFA3861_BASELINE:
4992 case HFA384x_PDR_HFA3861_SHADOW:
4993 case HFA384x_PDR_HFA3861_IFRF:
4994 case HFA384x_PDR_HFA3861_CHCALSP:
4995 case HFA384x_PDR_HFA3861_CHCALI:
4996 case HFA384x_PDR_3842_NIC_CONFIG:
4997 case HFA384x_PDR_USB_ID:
4998 case HFA384x_PDR_PCI_ID:
4999 case HFA384x_PDR_PCI_IFCONF:
5000 case HFA384x_PDR_PCI_PMCONF:
5001 case HFA384x_PDR_RFENRGY:
5002 case HFA384x_PDR_HFA3861_MANF_TESTSP:
5003 case HFA384x_PDR_HFA3861_MANF_TESTI:
5004 /* code is OK */
5005 return 1;
5006 break;
5007 default:
5008 if ( pdrcode < 0x1000 ) {
5009 /* code is OK, but we don't know exactly what it is */
5010 WLAN_LOG_DEBUG(3,
5011 "Encountered unknown PDR#=0x%04x, "
5012 "assuming it's ok.\n",
5013 pdrcode);
5014 return 1;
5015 } else {
5016 /* bad code */
5017 WLAN_LOG_DEBUG(3,
5018 "Encountered unknown PDR#=0x%04x, "
5019 "(>=0x1000), assuming it's bad.\n",
5020 pdrcode);
5021 return 0;
5022 }
5023 break;
5024 }
5025 return 0; /* avoid compiler warnings */
5026 }
5027
Linux kernel - Deliverables
This page took 0.242609 seconds and 5 git commands to generate.