1 /* src/prism2/driver/hfa384x_usb.c
3 * Functions that talk to the USB variantof the Intersil hfa384x MAC
5 * Copyright (C) 1999 AbsoluteValue Systems, Inc. All Rights Reserved.
6 * --------------------------------------------------------------------
10 * The contents of this file are subject to the Mozilla Public
11 * License Version 1.1 (the "License"); you may not use this file
12 * except in compliance with the License. You may obtain a copy of
13 * the License at http://www.mozilla.org/MPL/
15 * Software distributed under the License is distributed on an "AS
16 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
17 * implied. See the License for the specific language governing
18 * rights and limitations under the License.
20 * Alternatively, the contents of this file may be used under the
21 * terms of the GNU Public License version 2 (the "GPL"), in which
22 * case the provisions of the GPL are applicable instead of the
23 * above. If you wish to allow the use of your version of this file
24 * only under the terms of the GPL and not to allow others to use
25 * your version of this file under the MPL, indicate your decision
26 * by deleting the provisions above and replace them with the notice
27 * and other provisions required by the GPL. If you do not delete
28 * the provisions above, a recipient may use your version of this
29 * file under either the MPL or the GPL.
31 * --------------------------------------------------------------------
33 * Inquiries regarding the linux-wlan Open Source project can be
36 * AbsoluteValue Systems Inc.
38 * http://www.linux-wlan.com
40 * --------------------------------------------------------------------
42 * Portions of the development of this software were funded by
43 * Intersil Corporation as part of PRISM(R) chipset product development.
45 * --------------------------------------------------------------------
47 * This file implements functions that correspond to the prism2/hfa384x
48 * 802.11 MAC hardware and firmware host interface.
50 * The functions can be considered to represent several levels of
51 * abstraction. The lowest level functions are simply C-callable wrappers
52 * around the register accesses. The next higher level represents C-callable
53 * prism2 API functions that match the Intersil documentation as closely
54 * as is reasonable. The next higher layer implements common sequences
55 * of invokations of the API layer (e.g. write to bap, followed by cmd).
58 * hfa384x_drvr_xxx Highest level abstractions provided by the
59 * hfa384x code. They are driver defined wrappers
60 * for common sequences. These functions generally
61 * use the services of the lower levels.
63 * hfa384x_drvr_xxxconfig An example of the drvr level abstraction. These
64 * functions are wrappers for the RID get/set
65 * sequence. They call copy_[to|from]_bap() and
66 * cmd_access(). These functions operate on the
67 * RIDs and buffers without validation. The caller
68 * is responsible for that.
70 * API wrapper functions:
71 * hfa384x_cmd_xxx functions that provide access to the f/w commands.
72 * The function arguments correspond to each command
73 * argument, even command arguments that get packed
74 * into single registers. These functions _just_
75 * issue the command by setting the cmd/parm regs
76 * & reading the status/resp regs. Additional
77 * activities required to fully use a command
78 * (read/write from/to bap, get/set int status etc.)
79 * are implemented separately. Think of these as
80 * C-callable prism2 commands.
82 * Lowest Layer Functions:
83 * hfa384x_docmd_xxx These functions implement the sequence required
84 * to issue any prism2 command. Primarily used by the
85 * hfa384x_cmd_xxx functions.
87 * hfa384x_bap_xxx BAP read/write access functions.
88 * Note: we usually use BAP0 for non-interrupt context
89 * and BAP1 for interrupt context.
91 * hfa384x_dl_xxx download related functions.
93 * Driver State Issues:
94 * Note that there are two pairs of functions that manage the
95 * 'initialized' and 'running' states of the hw/MAC combo. The four
96 * functions are create(), destroy(), start(), and stop(). create()
97 * sets up the data structures required to support the hfa384x_*
98 * functions and destroy() cleans them up. The start() function gets
99 * the actual hardware running and enables the interrupts. The stop()
100 * function shuts the hardware down. The sequence should be:
104 * . Do interesting things w/ the hardware
109 * Note that destroy() can be called without calling stop() first.
110 * --------------------------------------------------------------------
113 /*================================================================*/
114 /* System Includes */
115 #define WLAN_DBVAR prism2_debug
120 #include <linux/version.h>
122 #include <linux/module.h>
123 #include <linux/kernel.h>
124 #include <linux/sched.h>
125 #include <linux/types.h>
126 #include <linux/slab.h>
127 #include <linux/wireless.h>
128 #include <linux/netdevice.h>
129 #include <linux/timer.h>
131 #include <linux/delay.h>
132 #include <asm/byteorder.h>
133 #include <asm/bitops.h>
134 #include <linux/list.h>
135 #include <linux/usb.h>
137 #include "wlan_compat.h"
139 #if (WLAN_HOSTIF != WLAN_USB)
140 #error "This file is specific to USB"
144 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,10)
146 wait_for_completion_interruptible(struct completion
*x
)
152 spin_lock_irq(&x
->wait
.lock
);
154 DECLARE_WAITQUEUE(wait
, current
);
156 wait
.flags
|= WQ_FLAG_EXCLUSIVE
;
157 __add_wait_queue_tail(&x
->wait
, &wait
);
159 if (signal_pending(current
)) {
161 __remove_wait_queue(&x
->wait
, &wait
);
164 __set_current_state(TASK_INTERRUPTIBLE
);
165 spin_unlock_irq(&x
->wait
.lock
);
167 spin_lock_irq(&x
->wait
.lock
);
169 __remove_wait_queue(&x
->wait
, &wait
);
173 spin_unlock_irq(&x
->wait
.lock
);
179 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,5,69)
181 usb_init_urb(struct urb
*urb
)
183 memset(urb
, 0, sizeof(*urb
));
184 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,5,0) /* tune me! */
185 urb
->count
= (atomic_t
)ATOMIC_INIT(1);
187 spin_lock_init(&urb
->lock
);
191 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,5,0) /* tune me! */
192 # define SUBMIT_URB(u,f) usb_submit_urb(u,f)
194 # define SUBMIT_URB(u,f) usb_submit_urb(u)
197 /*================================================================*/
198 /* Project Includes */
200 #include "p80211types.h"
201 #include "p80211hdr.h"
202 #include "p80211mgmt.h"
203 #include "p80211conv.h"
204 #include "p80211msg.h"
205 #include "p80211netdev.h"
206 #include "p80211req.h"
207 #include "p80211metadef.h"
208 #include "p80211metastruct.h"
210 #include "prism2mgmt.h"
212 /*================================================================*/
213 /* Local Constants */
220 typedef enum cmd_mode CMD_MODE
;
222 #define THROTTLE_JIFFIES (HZ/8)
224 /*================================================================*/
227 #define ROUNDUP64(a) (((a)+63)&~63)
229 /*================================================================*/
232 /*================================================================*/
233 /* Local Static Definitions */
234 extern int prism2_debug
;
236 /*================================================================*/
237 /* Local Function Declarations */
241 dbprint_urb(struct urb
* urb
);
245 hfa384x_int_rxmonitor(
246 wlandevice_t
*wlandev
,
247 hfa384x_usb_rxfrm_t
*rxfrm
);
250 hfa384x_usb_defer(struct work_struct
*data
);
253 submit_rx_urb(hfa384x_t
*hw
, gfp_t flags
);
256 submit_tx_urb(hfa384x_t
*hw
, struct urb
*tx_urb
, gfp_t flags
);
258 /*---------------------------------------------------*/
260 #ifdef URB_ONLY_CALLBACK
262 hfa384x_usbout_callback(struct urb
*urb
);
264 hfa384x_ctlxout_callback(struct urb
*urb
);
266 hfa384x_usbin_callback(struct urb
*urb
);
269 hfa384x_usbout_callback(struct urb
*urb
, struct pt_regs
*regs
);
271 hfa384x_ctlxout_callback(struct urb
*urb
, struct pt_regs
*regs
);
273 hfa384x_usbin_callback(struct urb
*urb
, struct pt_regs
*regs
);
277 hfa384x_usbin_txcompl(wlandevice_t
*wlandev
, hfa384x_usbin_t
*usbin
);
280 hfa384x_usbin_rx(wlandevice_t
*wlandev
, struct sk_buff
*skb
);
283 hfa384x_usbin_info(wlandevice_t
*wlandev
, hfa384x_usbin_t
*usbin
);
286 hfa384x_usbout_tx(wlandevice_t
*wlandev
, hfa384x_usbout_t
*usbout
);
288 static void hfa384x_usbin_ctlx(hfa384x_t
*hw
, hfa384x_usbin_t
*usbin
,
291 /*---------------------------------------------------*/
292 /* Functions to support the prism2 usb command queue */
295 hfa384x_usbctlxq_run(hfa384x_t
*hw
);
298 hfa384x_usbctlx_reqtimerfn(unsigned long data
);
301 hfa384x_usbctlx_resptimerfn(unsigned long data
);
304 hfa384x_usb_throttlefn(unsigned long data
);
307 hfa384x_usbctlx_completion_task(unsigned long data
);
310 hfa384x_usbctlx_reaper_task(unsigned long data
);
313 hfa384x_usbctlx_submit(hfa384x_t
*hw
, hfa384x_usbctlx_t
*ctlx
);
316 unlocked_usbctlx_complete(hfa384x_t
*hw
, hfa384x_usbctlx_t
*ctlx
);
318 struct usbctlx_completor
320 int (*complete
)(struct usbctlx_completor
*);
322 typedef struct usbctlx_completor usbctlx_completor_t
;
325 hfa384x_usbctlx_complete_sync(hfa384x_t
*hw
,
326 hfa384x_usbctlx_t
*ctlx
,
327 usbctlx_completor_t
*completor
);
330 unlocked_usbctlx_cancel_async(hfa384x_t
*hw
, hfa384x_usbctlx_t
*ctlx
);
333 hfa384x_cb_status(hfa384x_t
*hw
, const hfa384x_usbctlx_t
*ctlx
);
336 hfa384x_cb_rrid(hfa384x_t
*hw
, const hfa384x_usbctlx_t
*ctlx
);
339 usbctlx_get_status(const hfa384x_usb_cmdresp_t
*cmdresp
,
340 hfa384x_cmdresult_t
*result
);
343 usbctlx_get_rridresult(const hfa384x_usb_rridresp_t
*rridresp
,
344 hfa384x_rridresult_t
*result
);
346 /*---------------------------------------------------*/
347 /* Low level req/resp CTLX formatters and submitters */
352 hfa384x_metacmd_t
*cmd
,
354 ctlx_usercb_t usercb
,
365 ctlx_usercb_t usercb
,
376 ctlx_usercb_t usercb
,
388 ctlx_usercb_t usercb
,
400 ctlx_usercb_t usercb
,
404 hfa384x_isgood_pdrcode(UINT16 pdrcode
);
406 /*================================================================*/
407 /* Function Definitions */
408 static inline const char* ctlxstr(CTLX_STATE s
)
410 static const char* ctlx_str
[] = {
415 "Request packet submitted",
416 "Request packet completed",
417 "Response packet completed"
424 static inline hfa384x_usbctlx_t
*
425 get_active_ctlx(hfa384x_t
*hw
)
427 return list_entry(hw
->ctlxq
.active
.next
, hfa384x_usbctlx_t
, list
);
433 dbprint_urb(struct urb
* urb
)
435 WLAN_LOG_DEBUG(3,"urb->pipe=0x%08x\n", urb
->pipe
);
436 WLAN_LOG_DEBUG(3,"urb->status=0x%08x\n", urb
->status
);
437 WLAN_LOG_DEBUG(3,"urb->transfer_flags=0x%08x\n", urb
->transfer_flags
);
438 WLAN_LOG_DEBUG(3,"urb->transfer_buffer=0x%08x\n", (UINT
)urb
->transfer_buffer
);
439 WLAN_LOG_DEBUG(3,"urb->transfer_buffer_length=0x%08x\n", urb
->transfer_buffer_length
);
440 WLAN_LOG_DEBUG(3,"urb->actual_length=0x%08x\n", urb
->actual_length
);
441 WLAN_LOG_DEBUG(3,"urb->bandwidth=0x%08x\n", urb
->bandwidth
);
442 WLAN_LOG_DEBUG(3,"urb->setup_packet(ctl)=0x%08x\n", (UINT
)urb
->setup_packet
);
443 WLAN_LOG_DEBUG(3,"urb->start_frame(iso/irq)=0x%08x\n", urb
->start_frame
);
444 WLAN_LOG_DEBUG(3,"urb->interval(irq)=0x%08x\n", urb
->interval
);
445 WLAN_LOG_DEBUG(3,"urb->error_count(iso)=0x%08x\n", urb
->error_count
);
446 WLAN_LOG_DEBUG(3,"urb->timeout=0x%08x\n", urb
->timeout
);
447 WLAN_LOG_DEBUG(3,"urb->context=0x%08x\n", (UINT
)urb
->context
);
448 WLAN_LOG_DEBUG(3,"urb->complete=0x%08x\n", (UINT
)urb
->complete
);
453 /*----------------------------------------------------------------
456 * Listen for input data on the BULK-IN pipe. If the pipe has
457 * stalled then schedule it to be reset.
461 * memflags memory allocation flags
464 * error code from submission
468 ----------------------------------------------------------------*/
470 submit_rx_urb(hfa384x_t
*hw
, gfp_t memflags
)
477 skb
= dev_alloc_skb(sizeof(hfa384x_usbin_t
));
483 /* Post the IN urb */
484 usb_fill_bulk_urb(&hw
->rx_urb
, hw
->usb
,
486 skb
->data
, sizeof(hfa384x_usbin_t
),
487 hfa384x_usbin_callback
, hw
->wlandev
);
489 hw
->rx_urb_skb
= skb
;
492 if ( !hw
->wlandev
->hwremoved
&& !test_bit(WORK_RX_HALT
, &hw
->usb_flags
)) {
493 result
= SUBMIT_URB(&hw
->rx_urb
, memflags
);
495 /* Check whether we need to reset the RX pipe */
496 if (result
== -EPIPE
) {
497 WLAN_LOG_WARNING("%s rx pipe stalled: requesting reset\n",
498 hw
->wlandev
->netdev
->name
);
499 if ( !test_and_set_bit(WORK_RX_HALT
, &hw
->usb_flags
) )
500 schedule_work(&hw
->usb_work
);
504 /* Don't leak memory if anything should go wrong */
507 hw
->rx_urb_skb
= NULL
;
516 /*----------------------------------------------------------------
519 * Prepares and submits the URB of transmitted data. If the
520 * submission fails then it will schedule the output pipe to
525 * tx_urb URB of data for tranmission
526 * memflags memory allocation flags
529 * error code from submission
533 ----------------------------------------------------------------*/
535 submit_tx_urb(hfa384x_t
*hw
, struct urb
*tx_urb
, gfp_t memflags
)
537 struct net_device
*netdev
= hw
->wlandev
->netdev
;
543 if ( netif_running(netdev
) ) {
545 if ( !hw
->wlandev
->hwremoved
&& !test_bit(WORK_TX_HALT
, &hw
->usb_flags
) ) {
546 result
= SUBMIT_URB(tx_urb
, memflags
);
548 /* Test whether we need to reset the TX pipe */
549 if (result
== -EPIPE
) {
550 WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
552 set_bit(WORK_TX_HALT
, &hw
->usb_flags
);
553 schedule_work(&hw
->usb_work
);
554 } else if (result
== 0) {
555 netif_stop_queue(netdev
);
565 /*----------------------------------------------------------------
568 * There are some things that the USB stack cannot do while
569 * in interrupt context, so we arrange this function to run
570 * in process context.
573 * hw device structure
579 * process (by design)
580 ----------------------------------------------------------------*/
582 hfa384x_usb_defer(struct work_struct
*data
)
584 hfa384x_t
*hw
= container_of(data
, struct hfa384x
, usb_work
);
585 struct net_device
*netdev
= hw
->wlandev
->netdev
;
589 /* Don't bother trying to reset anything if the plug
590 * has been pulled ...
592 if ( hw
->wlandev
->hwremoved
) {
597 /* Reception has stopped: try to reset the input pipe */
598 if (test_bit(WORK_RX_HALT
, &hw
->usb_flags
)) {
601 usb_kill_urb(&hw
->rx_urb
); /* Cannot be holding spinlock! */
603 ret
= usb_clear_halt(hw
->usb
, hw
->endp_in
);
606 "Failed to clear rx pipe for %s: err=%d\n",
609 printk(KERN_INFO
"%s rx pipe reset complete.\n",
611 clear_bit(WORK_RX_HALT
, &hw
->usb_flags
);
612 set_bit(WORK_RX_RESUME
, &hw
->usb_flags
);
616 /* Resume receiving data back from the device. */
617 if ( test_bit(WORK_RX_RESUME
, &hw
->usb_flags
) ) {
620 ret
= submit_rx_urb(hw
, GFP_KERNEL
);
623 "Failed to resume %s rx pipe.\n", netdev
->name
);
625 clear_bit(WORK_RX_RESUME
, &hw
->usb_flags
);
629 /* Transmission has stopped: try to reset the output pipe */
630 if (test_bit(WORK_TX_HALT
, &hw
->usb_flags
)) {
633 usb_kill_urb(&hw
->tx_urb
);
634 ret
= usb_clear_halt(hw
->usb
, hw
->endp_out
);
637 "Failed to clear tx pipe for %s: err=%d\n",
640 printk(KERN_INFO
"%s tx pipe reset complete.\n",
642 clear_bit(WORK_TX_HALT
, &hw
->usb_flags
);
643 set_bit(WORK_TX_RESUME
, &hw
->usb_flags
);
645 /* Stopping the BULK-OUT pipe also blocked
646 * us from sending any more CTLX URBs, so
647 * we need to re-run our queue ...
649 hfa384x_usbctlxq_run(hw
);
653 /* Resume transmitting. */
654 if ( test_and_clear_bit(WORK_TX_RESUME
, &hw
->usb_flags
) ) {
655 p80211netdev_wake_queue(hw
->wlandev
);
662 /*----------------------------------------------------------------
665 * Sets up the hfa384x_t data structure for use. Note this
666 * does _not_ intialize the actual hardware, just the data structures
667 * we use to keep track of its state.
670 * hw device structure
671 * irq device irq number
672 * iobase i/o base address for register access
673 * membase memory base address for register access
682 ----------------------------------------------------------------*/
684 hfa384x_create( hfa384x_t
*hw
, struct usb_device
*usb
)
688 memset(hw
, 0, sizeof(hfa384x_t
));
691 /* set up the endpoints */
692 hw
->endp_in
= usb_rcvbulkpipe(usb
, 1);
693 hw
->endp_out
= usb_sndbulkpipe(usb
, 2);
695 /* Set up the waitq */
696 init_waitqueue_head(&hw
->cmdq
);
698 /* Initialize the command queue */
699 spin_lock_init(&hw
->ctlxq
.lock
);
700 INIT_LIST_HEAD(&hw
->ctlxq
.pending
);
701 INIT_LIST_HEAD(&hw
->ctlxq
.active
);
702 INIT_LIST_HEAD(&hw
->ctlxq
.completing
);
703 INIT_LIST_HEAD(&hw
->ctlxq
.reapable
);
705 /* Initialize the authentication queue */
706 skb_queue_head_init(&hw
->authq
);
708 tasklet_init(&hw
->reaper_bh
,
709 hfa384x_usbctlx_reaper_task
,
711 tasklet_init(&hw
->completion_bh
,
712 hfa384x_usbctlx_completion_task
,
714 INIT_WORK2(&hw
->link_bh
, prism2sta_processing_defer
);
715 INIT_WORK2(&hw
->usb_work
, hfa384x_usb_defer
);
717 init_timer(&hw
->throttle
);
718 hw
->throttle
.function
= hfa384x_usb_throttlefn
;
719 hw
->throttle
.data
= (unsigned long)hw
;
721 init_timer(&hw
->resptimer
);
722 hw
->resptimer
.function
= hfa384x_usbctlx_resptimerfn
;
723 hw
->resptimer
.data
= (unsigned long)hw
;
725 init_timer(&hw
->reqtimer
);
726 hw
->reqtimer
.function
= hfa384x_usbctlx_reqtimerfn
;
727 hw
->reqtimer
.data
= (unsigned long)hw
;
729 usb_init_urb(&hw
->rx_urb
);
730 usb_init_urb(&hw
->tx_urb
);
731 usb_init_urb(&hw
->ctlx_urb
);
733 hw
->link_status
= HFA384x_LINK_NOTCONNECTED
;
734 hw
->state
= HFA384x_STATE_INIT
;
736 INIT_WORK2(&hw
->commsqual_bh
, prism2sta_commsqual_defer
);
737 init_timer(&hw
->commsqual_timer
);
738 hw
->commsqual_timer
.data
= (unsigned long) hw
;
739 hw
->commsqual_timer
.function
= prism2sta_commsqual_timer
;
745 /*----------------------------------------------------------------
748 * Partner to hfa384x_create(). This function cleans up the hw
749 * structure so that it can be freed by the caller using a simple
750 * kfree. Currently, this function is just a placeholder. If, at some
751 * point in the future, an hw in the 'shutdown' state requires a 'deep'
752 * kfree, this is where it should be done. Note that if this function
753 * is called on a _running_ hw structure, the drvr_stop() function is
757 * hw device structure
760 * nothing, this function is not allowed to fail.
766 ----------------------------------------------------------------*/
768 hfa384x_destroy( hfa384x_t
*hw
)
774 if ( hw
->state
== HFA384x_STATE_RUNNING
) {
775 hfa384x_drvr_stop(hw
);
777 hw
->state
= HFA384x_STATE_PREINIT
;
779 if (hw
->scanresults
) {
780 kfree(hw
->scanresults
);
781 hw
->scanresults
= NULL
;
784 /* Now to clean out the auth queue */
785 while ( (skb
= skb_dequeue(&hw
->authq
)) ) {
793 /*----------------------------------------------------------------
795 static hfa384x_usbctlx_t
* usbctlx_alloc(void)
797 hfa384x_usbctlx_t
*ctlx
;
799 ctlx
= kmalloc(sizeof(*ctlx
), in_interrupt() ? GFP_ATOMIC
: GFP_KERNEL
);
802 memset(ctlx
, 0, sizeof(*ctlx
));
803 init_completion(&ctlx
->done
);
810 /*----------------------------------------------------------------
812 ----------------------------------------------------------------*/
814 usbctlx_get_status(const hfa384x_usb_cmdresp_t
*cmdresp
,
815 hfa384x_cmdresult_t
*result
)
819 result
->status
= hfa384x2host_16(cmdresp
->status
);
820 result
->resp0
= hfa384x2host_16(cmdresp
->resp0
);
821 result
->resp1
= hfa384x2host_16(cmdresp
->resp1
);
822 result
->resp2
= hfa384x2host_16(cmdresp
->resp2
);
824 WLAN_LOG_DEBUG(4, "cmdresult:status=0x%04x "
825 "resp0=0x%04x resp1=0x%04x resp2=0x%04x\n",
832 return (result
->status
& HFA384x_STATUS_RESULT
);
836 usbctlx_get_rridresult(const hfa384x_usb_rridresp_t
*rridresp
,
837 hfa384x_rridresult_t
*result
)
841 result
->rid
= hfa384x2host_16(rridresp
->rid
);
842 result
->riddata
= rridresp
->data
;
843 result
->riddata_len
= ((hfa384x2host_16(rridresp
->frmlen
) - 1) * 2);
849 /*----------------------------------------------------------------
851 * This completor must be passed to hfa384x_usbctlx_complete_sync()
852 * when processing a CTLX that returns a hfa384x_cmdresult_t structure.
853 ----------------------------------------------------------------*/
854 struct usbctlx_cmd_completor
856 usbctlx_completor_t head
;
858 const hfa384x_usb_cmdresp_t
*cmdresp
;
859 hfa384x_cmdresult_t
*result
;
861 typedef struct usbctlx_cmd_completor usbctlx_cmd_completor_t
;
863 static int usbctlx_cmd_completor_fn(usbctlx_completor_t
*head
)
865 usbctlx_cmd_completor_t
*complete
= (usbctlx_cmd_completor_t
*)head
;
866 return usbctlx_get_status(complete
->cmdresp
, complete
->result
);
869 static inline usbctlx_completor_t
*
870 init_cmd_completor(usbctlx_cmd_completor_t
*completor
,
871 const hfa384x_usb_cmdresp_t
*cmdresp
,
872 hfa384x_cmdresult_t
*result
)
874 completor
->head
.complete
= usbctlx_cmd_completor_fn
;
875 completor
->cmdresp
= cmdresp
;
876 completor
->result
= result
;
877 return &(completor
->head
);
880 /*----------------------------------------------------------------
882 * This completor must be passed to hfa384x_usbctlx_complete_sync()
883 * when processing a CTLX that reads a RID.
884 ----------------------------------------------------------------*/
885 struct usbctlx_rrid_completor
887 usbctlx_completor_t head
;
889 const hfa384x_usb_rridresp_t
*rridresp
;
893 typedef struct usbctlx_rrid_completor usbctlx_rrid_completor_t
;
895 static int usbctlx_rrid_completor_fn(usbctlx_completor_t
*head
)
897 usbctlx_rrid_completor_t
*complete
= (usbctlx_rrid_completor_t
*)head
;
898 hfa384x_rridresult_t rridresult
;
900 usbctlx_get_rridresult(complete
->rridresp
, &rridresult
);
902 /* Validate the length, note body len calculation in bytes */
903 if ( rridresult
.riddata_len
!= complete
->riddatalen
) {
905 "RID len mismatch, rid=0x%04x hlen=%d fwlen=%d\n",
907 complete
->riddatalen
,
908 rridresult
.riddata_len
);
912 memcpy(complete
->riddata
,
914 complete
->riddatalen
);
918 static inline usbctlx_completor_t
*
919 init_rrid_completor(usbctlx_rrid_completor_t
*completor
,
920 const hfa384x_usb_rridresp_t
*rridresp
,
924 completor
->head
.complete
= usbctlx_rrid_completor_fn
;
925 completor
->rridresp
= rridresp
;
926 completor
->riddata
= riddata
;
927 completor
->riddatalen
= riddatalen
;
928 return &(completor
->head
);
931 /*----------------------------------------------------------------
933 * Interprets the results of a synchronous RID-write
934 ----------------------------------------------------------------*/
935 typedef usbctlx_cmd_completor_t usbctlx_wrid_completor_t
;
936 #define init_wrid_completor init_cmd_completor
938 /*----------------------------------------------------------------
940 * Interprets the results of a synchronous memory-write
941 ----------------------------------------------------------------*/
942 typedef usbctlx_cmd_completor_t usbctlx_wmem_completor_t
;
943 #define init_wmem_completor init_cmd_completor
945 /*----------------------------------------------------------------
947 * Interprets the results of a synchronous memory-read
948 ----------------------------------------------------------------*/
949 struct usbctlx_rmem_completor
951 usbctlx_completor_t head
;
953 const hfa384x_usb_rmemresp_t
*rmemresp
;
957 typedef struct usbctlx_rmem_completor usbctlx_rmem_completor_t
;
959 static int usbctlx_rmem_completor_fn(usbctlx_completor_t
*head
)
961 usbctlx_rmem_completor_t
*complete
= (usbctlx_rmem_completor_t
*)head
;
963 WLAN_LOG_DEBUG(4,"rmemresp:len=%d\n", complete
->rmemresp
->frmlen
);
964 memcpy(complete
->data
, complete
->rmemresp
->data
, complete
->len
);
968 static inline usbctlx_completor_t
*
969 init_rmem_completor(usbctlx_rmem_completor_t
*completor
,
970 hfa384x_usb_rmemresp_t
*rmemresp
,
974 completor
->head
.complete
= usbctlx_rmem_completor_fn
;
975 completor
->rmemresp
= rmemresp
;
976 completor
->data
= data
;
977 completor
->len
= len
;
978 return &(completor
->head
);
981 /*----------------------------------------------------------------
984 * Ctlx_complete handler for async CMD type control exchanges.
985 * mark the hw struct as such.
987 * Note: If the handling is changed here, it should probably be
988 * changed in docmd as well.
992 * ctlx completed CTLX
1001 ----------------------------------------------------------------*/
1003 hfa384x_cb_status(hfa384x_t
*hw
, const hfa384x_usbctlx_t
*ctlx
)
1007 if ( ctlx
->usercb
!= NULL
) {
1008 hfa384x_cmdresult_t cmdresult
;
1010 if (ctlx
->state
!= CTLX_COMPLETE
) {
1011 memset(&cmdresult
, 0, sizeof(cmdresult
));
1012 cmdresult
.status
= HFA384x_STATUS_RESULT_SET(HFA384x_CMD_ERR
);
1014 usbctlx_get_status(&ctlx
->inbuf
.cmdresp
, &cmdresult
);
1017 ctlx
->usercb(hw
, &cmdresult
, ctlx
->usercb_data
);
1024 /*----------------------------------------------------------------
1027 * CTLX completion handler for async RRID type control exchanges.
1029 * Note: If the handling is changed here, it should probably be
1030 * changed in dorrid as well.
1034 * ctlx completed CTLX
1043 ----------------------------------------------------------------*/
1045 hfa384x_cb_rrid(hfa384x_t
*hw
, const hfa384x_usbctlx_t
*ctlx
)
1049 if ( ctlx
->usercb
!= NULL
) {
1050 hfa384x_rridresult_t rridresult
;
1052 if (ctlx
->state
!= CTLX_COMPLETE
) {
1053 memset(&rridresult
, 0, sizeof(rridresult
));
1054 rridresult
.rid
= hfa384x2host_16(ctlx
->outbuf
.rridreq
.rid
);
1056 usbctlx_get_rridresult(&ctlx
->inbuf
.rridresp
, &rridresult
);
1059 ctlx
->usercb(hw
, &rridresult
, ctlx
->usercb_data
);
1066 hfa384x_docmd_wait(hfa384x_t
*hw
, hfa384x_metacmd_t
*cmd
)
1068 return hfa384x_docmd(hw
, DOWAIT
, cmd
, NULL
, NULL
, NULL
);
1072 hfa384x_docmd_async(hfa384x_t
*hw
,
1073 hfa384x_metacmd_t
*cmd
,
1075 ctlx_usercb_t usercb
,
1078 return hfa384x_docmd(hw
, DOASYNC
, cmd
,
1079 cmdcb
, usercb
, usercb_data
);
1083 hfa384x_dorrid_wait(hfa384x_t
*hw
, UINT16 rid
, void *riddata
, UINT riddatalen
)
1085 return hfa384x_dorrid(hw
, DOWAIT
,
1086 rid
, riddata
, riddatalen
,
1091 hfa384x_dorrid_async(hfa384x_t
*hw
,
1092 UINT16 rid
, void *riddata
, UINT riddatalen
,
1094 ctlx_usercb_t usercb
,
1097 return hfa384x_dorrid(hw
, DOASYNC
,
1098 rid
, riddata
, riddatalen
,
1099 cmdcb
, usercb
, usercb_data
);
1103 hfa384x_dowrid_wait(hfa384x_t
*hw
, UINT16 rid
, void *riddata
, UINT riddatalen
)
1105 return hfa384x_dowrid(hw
, DOWAIT
,
1106 rid
, riddata
, riddatalen
,
1111 hfa384x_dowrid_async(hfa384x_t
*hw
,
1112 UINT16 rid
, void *riddata
, UINT riddatalen
,
1114 ctlx_usercb_t usercb
,
1117 return hfa384x_dowrid(hw
, DOASYNC
,
1118 rid
, riddata
, riddatalen
,
1119 cmdcb
, usercb
, usercb_data
);
1123 hfa384x_dormem_wait(hfa384x_t
*hw
,
1124 UINT16 page
, UINT16 offset
, void *data
, UINT len
)
1126 return hfa384x_dormem(hw
, DOWAIT
,
1127 page
, offset
, data
, len
,
1132 hfa384x_dormem_async(hfa384x_t
*hw
,
1133 UINT16 page
, UINT16 offset
, void *data
, UINT len
,
1135 ctlx_usercb_t usercb
,
1138 return hfa384x_dormem(hw
, DOASYNC
,
1139 page
, offset
, data
, len
,
1140 cmdcb
, usercb
, usercb_data
);
1144 hfa384x_dowmem_wait(
1151 return hfa384x_dowmem(hw
, DOWAIT
,
1152 page
, offset
, data
, len
,
1157 hfa384x_dowmem_async(
1164 ctlx_usercb_t usercb
,
1167 return hfa384x_dowmem(hw
, DOASYNC
,
1168 page
, offset
, data
, len
,
1169 cmdcb
, usercb
, usercb_data
);
1172 /*----------------------------------------------------------------
1173 * hfa384x_cmd_initialize
1175 * Issues the initialize command and sets the hw->state based
1179 * hw device structure
1183 * >0 f/w reported error - f/w status code
1184 * <0 driver reported error
1190 ----------------------------------------------------------------*/
1192 hfa384x_cmd_initialize(hfa384x_t
*hw
)
1196 hfa384x_metacmd_t cmd
;
1201 cmd
.cmd
= HFA384x_CMDCODE_INIT
;
1206 result
= hfa384x_docmd_wait(hw
, &cmd
);
1209 WLAN_LOG_DEBUG(3,"cmdresp.init: "
1210 "status=0x%04x, resp0=0x%04x, "
1211 "resp1=0x%04x, resp2=0x%04x\n",
1216 if ( result
== 0 ) {
1217 for ( i
= 0; i
< HFA384x_NUMPORTS_MAX
; i
++) {
1218 hw
->port_enabled
[i
] = 0;
1222 hw
->link_status
= HFA384x_LINK_NOTCONNECTED
;
1229 /*----------------------------------------------------------------
1230 * hfa384x_cmd_disable
1232 * Issues the disable command to stop communications on one of
1236 * hw device structure
1237 * macport MAC port number (host order)
1241 * >0 f/w reported failure - f/w status code
1242 * <0 driver reported error (timeout|bad arg)
1248 ----------------------------------------------------------------*/
1249 int hfa384x_cmd_disable(hfa384x_t
*hw
, UINT16 macport
)
1252 hfa384x_metacmd_t cmd
;
1256 cmd
.cmd
= HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_DISABLE
) |
1257 HFA384x_CMD_MACPORT_SET(macport
);
1262 result
= hfa384x_docmd_wait(hw
, &cmd
);
1269 /*----------------------------------------------------------------
1270 * hfa384x_cmd_enable
1272 * Issues the enable command to enable communications on one of
1276 * hw device structure
1277 * macport MAC port number
1281 * >0 f/w reported failure - f/w status code
1282 * <0 driver reported error (timeout|bad arg)
1288 ----------------------------------------------------------------*/
1289 int hfa384x_cmd_enable(hfa384x_t
*hw
, UINT16 macport
)
1292 hfa384x_metacmd_t cmd
;
1296 cmd
.cmd
= HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_ENABLE
) |
1297 HFA384x_CMD_MACPORT_SET(macport
);
1302 result
= hfa384x_docmd_wait(hw
, &cmd
);
1309 /*----------------------------------------------------------------
1310 * hfa384x_cmd_notify
1312 * Sends an info frame to the firmware to alter the behavior
1313 * of the f/w asynch processes. Can only be called when the MAC
1314 * is in the enabled state.
1317 * hw device structure
1318 * reclaim [0|1] indicates whether the given FID will
1319 * be handed back (via Alloc event) for reuse.
1321 * fid FID of buffer containing the frame that was
1322 * previously copied to MAC memory via the bap.
1327 * >0 f/w reported failure - f/w status code
1328 * <0 driver reported error (timeout|bad arg)
1331 * hw->resp0 will contain the FID being used by async notify
1332 * process. If reclaim==0, resp0 will be the same as the fid
1333 * argument. If reclaim==1, resp0 will be the different.
1337 ----------------------------------------------------------------*/
1338 int hfa384x_cmd_notify(hfa384x_t
*hw
, UINT16 reclaim
, UINT16 fid
,
1339 void *buf
, UINT16 len
)
1345 cmd
= HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_NOTIFY
) |
1346 HFA384x_CMD_RECL_SET(reclaim
);
1347 result
= hfa384x_docmd_wait(hw
, cmd
);
1357 /*----------------------------------------------------------------
1358 * hfa384x_cmd_inquiry
1360 * Requests an info frame from the firmware. The info frame will
1361 * be delivered asynchronously via the Info event.
1364 * hw device structure
1365 * fid FID of the info frame requested. (host order)
1369 * >0 f/w reported failure - f/w status code
1370 * <0 driver reported error (timeout|bad arg)
1376 ----------------------------------------------------------------*/
1377 int hfa384x_cmd_inquiry(hfa384x_t
*hw
, UINT16 fid
)
1380 hfa384x_metacmd_t cmd
;
1384 cmd
.cmd
= HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_INQ
);
1389 result
= hfa384x_docmd_wait(hw
, &cmd
);
1397 /*----------------------------------------------------------------
1398 * hfa384x_cmd_monitor
1400 * Enables the 'monitor mode' of the MAC. Here's the description of
1401 * monitor mode that I've received thus far:
1403 * "The "monitor mode" of operation is that the MAC passes all
1404 * frames for which the PLCP checks are correct. All received
1405 * MPDUs are passed to the host with MAC Port = 7, with a
1406 * receive status of good, FCS error, or undecryptable. Passing
1407 * certain MPDUs is a violation of the 802.11 standard, but useful
1408 * for a debugging tool." Normal communication is not possible
1409 * while monitor mode is enabled.
1412 * hw device structure
1413 * enable a code (0x0b|0x0f) that enables/disables
1414 * monitor mode. (host order)
1418 * >0 f/w reported failure - f/w status code
1419 * <0 driver reported error (timeout|bad arg)
1425 ----------------------------------------------------------------*/
1426 int hfa384x_cmd_monitor(hfa384x_t
*hw
, UINT16 enable
)
1429 hfa384x_metacmd_t cmd
;
1433 cmd
.cmd
= HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_MONITOR
) |
1434 HFA384x_CMD_AINFO_SET(enable
);
1439 result
= hfa384x_docmd_wait(hw
, &cmd
);
1446 /*----------------------------------------------------------------
1447 * hfa384x_cmd_download
1449 * Sets the controls for the MAC controller code/data download
1450 * process. The arguments set the mode and address associated
1451 * with a download. Note that the aux registers should be enabled
1452 * prior to setting one of the download enable modes.
1455 * hw device structure
1456 * mode 0 - Disable programming and begin code exec
1457 * 1 - Enable volatile mem programming
1458 * 2 - Enable non-volatile mem programming
1459 * 3 - Program non-volatile section from NV download
1463 * highaddr For mode 1, sets the high & low order bits of
1464 * the "destination address". This address will be
1465 * the execution start address when download is
1466 * subsequently disabled.
1467 * For mode 2, sets the high & low order bits of
1468 * the destination in NV ram.
1469 * For modes 0 & 3, should be zero. (host order)
1470 * NOTE: these are CMD format.
1471 * codelen Length of the data to write in mode 2,
1472 * zero otherwise. (host order)
1476 * >0 f/w reported failure - f/w status code
1477 * <0 driver reported error (timeout|bad arg)
1483 ----------------------------------------------------------------*/
1484 int hfa384x_cmd_download(hfa384x_t
*hw
, UINT16 mode
, UINT16 lowaddr
,
1485 UINT16 highaddr
, UINT16 codelen
)
1488 hfa384x_metacmd_t cmd
;
1492 "mode=%d, lowaddr=0x%04x, highaddr=0x%04x, codelen=%d\n",
1493 mode
, lowaddr
, highaddr
, codelen
);
1495 cmd
.cmd
= (HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_DOWNLD
) |
1496 HFA384x_CMD_PROGMODE_SET(mode
));
1498 cmd
.parm0
= lowaddr
;
1499 cmd
.parm1
= highaddr
;
1500 cmd
.parm2
= codelen
;
1502 result
= hfa384x_docmd_wait(hw
, &cmd
);
1509 /*----------------------------------------------------------------
1510 * hfa384x_copy_from_aux
1512 * Copies a collection of bytes from the controller memory. The
1513 * Auxiliary port MUST be enabled prior to calling this function.
1514 * We _might_ be in a download state.
1517 * hw device structure
1518 * cardaddr address in hfa384x data space to read
1519 * auxctl address space select
1520 * buf ptr to destination host buffer
1521 * len length of data to transfer (in bytes)
1527 * buf contains the data copied
1532 ----------------------------------------------------------------*/
1534 hfa384x_copy_from_aux(
1535 hfa384x_t
*hw
, UINT32 cardaddr
, UINT32 auxctl
, void *buf
, UINT len
)
1538 WLAN_LOG_ERROR("not used in USB.\n");
1543 /*----------------------------------------------------------------
1544 * hfa384x_copy_to_aux
1546 * Copies a collection of bytes to the controller memory. The
1547 * Auxiliary port MUST be enabled prior to calling this function.
1548 * We _might_ be in a download state.
1551 * hw device structure
1552 * cardaddr address in hfa384x data space to read
1553 * auxctl address space select
1554 * buf ptr to destination host buffer
1555 * len length of data to transfer (in bytes)
1561 * Controller memory now contains a copy of buf
1566 ----------------------------------------------------------------*/
1568 hfa384x_copy_to_aux(
1569 hfa384x_t
*hw
, UINT32 cardaddr
, UINT32 auxctl
, void *buf
, UINT len
)
1572 WLAN_LOG_ERROR("not used in USB.\n");
1577 /*----------------------------------------------------------------
1580 * Perform a reset of the hfa38xx MAC core. We assume that the hw
1581 * structure is in its "created" state. That is, it is initialized
1582 * with proper values. Note that if a reset is done after the
1583 * device has been active for awhile, the caller might have to clean
1584 * up some leftover cruft in the hw structure.
1587 * hw device structure
1588 * holdtime how long (in ms) to hold the reset
1589 * settletime how long (in ms) to wait after releasing
1599 ----------------------------------------------------------------*/
1600 int hfa384x_corereset(hfa384x_t
*hw
, int holdtime
, int settletime
, int genesis
)
1603 #if (LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0))
1604 struct usb_device
*parent
= hw
->usb
->parent
;
1612 #define P2_USB_RT_PORT (USB_TYPE_CLASS | USB_RECIP_OTHER)
1613 #define P2_USB_FEAT_RESET 4
1614 #define P2_USB_FEAT_C_RESET 20
1619 #if (LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0))
1620 /* Find the hub port */
1621 for ( i
= 0; i
< parent
->maxchild
; i
++) {
1622 if (parent
->children
[i
] == hw
->usb
) {
1627 if (port
< 0) return -ENOENT
;
1629 /* Set and clear the reset */
1630 usb_control_msg(parent
, usb_sndctrlpipe(parent
, 0),
1631 USB_REQ_SET_FEATURE
, P2_USB_RT_PORT
, P2_USB_FEAT_RESET
,
1632 port
+1, NULL
, 0, 1*HZ
);
1634 usb_control_msg(parent
, usb_sndctrlpipe(parent
, 0),
1635 USB_REQ_CLEAR_FEATURE
, P2_USB_RT_PORT
, P2_USB_FEAT_C_RESET
,
1636 port
+1, NULL
, 0, 1*HZ
);
1637 wait_ms(settletime
);
1639 /* Set the device address */
1640 result
=usb_set_address(hw
->usb
);
1642 WLAN_LOG_ERROR("reset_usbdev: Dev not accepting address, "
1643 "result=%d\n", result
);
1644 clear_bit(hw
->usb
->devnum
, &hw
->usb
->bus
->devmap
.devicemap
);
1645 hw
->usb
->devnum
= -1;
1648 /* Let the address settle */
1651 /* Assume we're reusing the original descriptor data */
1653 /* Set the configuration. */
1654 WLAN_LOG_DEBUG(3, "Setting Configuration %d\n",
1655 hw
->usb
->config
[0].bConfigurationValue
);
1656 result
=usb_set_configuration(hw
->usb
, hw
->usb
->config
[0].bConfigurationValue
);
1658 WLAN_LOG_ERROR("usb_set_configuration() failed, result=%d.\n",
1662 /* Let the configuration settle */
1667 result
=usb_reset_device(hw
->usb
);
1669 WLAN_LOG_ERROR("usb_reset_device() failed, result=%d.\n",result
);
1674 result
=usb_reset_device(hw
->usb
);
1676 WLAN_LOG_ERROR("usb_reset_device() failed, result=%d.\n",result
);
1684 /*----------------------------------------------------------------
1685 * hfa384x_usbctlx_complete_sync
1687 * Waits for a synchronous CTLX object to complete,
1688 * and then handles the response.
1691 * hw device structure
1693 * completor functor object to decide what to
1694 * do with the CTLX's result.
1698 * -ERESTARTSYS Interrupted by a signal
1700 * -ENODEV Adapter was unplugged
1701 * ??? Result from completor
1707 ----------------------------------------------------------------*/
1708 static int hfa384x_usbctlx_complete_sync(hfa384x_t
*hw
,
1709 hfa384x_usbctlx_t
*ctlx
,
1710 usbctlx_completor_t
*completor
)
1712 unsigned long flags
;
1717 result
= wait_for_completion_interruptible(&ctlx
->done
);
1719 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
1722 * We can only handle the CTLX if the USB disconnect
1723 * function has not run yet ...
1726 if ( hw
->wlandev
->hwremoved
)
1728 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
1731 else if ( result
!= 0 )
1736 * We were probably interrupted, so delete
1737 * this CTLX asynchronously, kill the timers
1738 * and the URB, and then start the next
1741 * NOTE: We can only delete the timers and
1742 * the URB if this CTLX is active.
1744 if (ctlx
== get_active_ctlx(hw
))
1746 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
1748 del_singleshot_timer_sync(&hw
->reqtimer
);
1749 del_singleshot_timer_sync(&hw
->resptimer
);
1750 hw
->req_timer_done
= 1;
1751 hw
->resp_timer_done
= 1;
1752 usb_kill_urb(&hw
->ctlx_urb
);
1754 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
1759 * This scenario is so unlikely that I'm
1760 * happy with a grubby "goto" solution ...
1762 if ( hw
->wlandev
->hwremoved
)
1767 * The completion task will send this CTLX
1768 * to the reaper the next time it runs. We
1769 * are no longer in a hurry.
1772 ctlx
->state
= CTLX_REQ_FAILED
;
1773 list_move_tail(&ctlx
->list
, &hw
->ctlxq
.completing
);
1775 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
1778 hfa384x_usbctlxq_run(hw
);
1780 if (ctlx
->state
== CTLX_COMPLETE
) {
1781 result
= completor
->complete(completor
);
1783 WLAN_LOG_WARNING("CTLX[%d] error: state(%s)\n",
1784 hfa384x2host_16(ctlx
->outbuf
.type
),
1785 ctlxstr(ctlx
->state
));
1789 list_del(&ctlx
->list
);
1790 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
1798 /*----------------------------------------------------------------
1801 * Constructs a command CTLX and submits it.
1803 * NOTE: Any changes to the 'post-submit' code in this function
1804 * need to be carried over to hfa384x_cbcmd() since the handling
1805 * is virtually identical.
1808 * hw device structure
1809 * mode DOWAIT or DOASYNC
1810 * cmd cmd structure. Includes all arguments and result
1811 * data points. All in host order. in host order
1812 * cmdcb command-specific callback
1813 * usercb user callback for async calls, NULL for DOWAIT calls
1814 * usercb_data user supplied data pointer for async calls, NULL
1820 * -ERESTARTSYS Awakened on signal
1821 * >0 command indicated error, Status and Resp0-2 are
1829 ----------------------------------------------------------------*/
1834 hfa384x_metacmd_t
*cmd
,
1836 ctlx_usercb_t usercb
,
1840 hfa384x_usbctlx_t
*ctlx
;
1843 ctlx
= usbctlx_alloc();
1844 if ( ctlx
== NULL
) {
1849 /* Initialize the command */
1850 ctlx
->outbuf
.cmdreq
.type
= host2hfa384x_16(HFA384x_USB_CMDREQ
);
1851 ctlx
->outbuf
.cmdreq
.cmd
= host2hfa384x_16(cmd
->cmd
);
1852 ctlx
->outbuf
.cmdreq
.parm0
= host2hfa384x_16(cmd
->parm0
);
1853 ctlx
->outbuf
.cmdreq
.parm1
= host2hfa384x_16(cmd
->parm1
);
1854 ctlx
->outbuf
.cmdreq
.parm2
= host2hfa384x_16(cmd
->parm2
);
1856 ctlx
->outbufsize
= sizeof(ctlx
->outbuf
.cmdreq
);
1858 WLAN_LOG_DEBUG(4, "cmdreq: cmd=0x%04x "
1859 "parm0=0x%04x parm1=0x%04x parm2=0x%04x\n",
1865 ctlx
->reapable
= mode
;
1866 ctlx
->cmdcb
= cmdcb
;
1867 ctlx
->usercb
= usercb
;
1868 ctlx
->usercb_data
= usercb_data
;
1870 result
= hfa384x_usbctlx_submit(hw
, ctlx
);
1873 } else if (mode
== DOWAIT
) {
1874 usbctlx_cmd_completor_t completor
;
1876 result
= hfa384x_usbctlx_complete_sync(
1877 hw
, ctlx
, init_cmd_completor(&completor
,
1878 &ctlx
->inbuf
.cmdresp
,
1888 /*----------------------------------------------------------------
1891 * Constructs a read rid CTLX and issues it.
1893 * NOTE: Any changes to the 'post-submit' code in this function
1894 * need to be carried over to hfa384x_cbrrid() since the handling
1895 * is virtually identical.
1898 * hw device structure
1899 * mode DOWAIT or DOASYNC
1900 * rid Read RID number (host order)
1901 * riddata Caller supplied buffer that MAC formatted RID.data
1902 * record will be written to for DOWAIT calls. Should
1903 * be NULL for DOASYNC calls.
1904 * riddatalen Buffer length for DOWAIT calls. Zero for DOASYNC calls.
1905 * cmdcb command callback for async calls, NULL for DOWAIT calls
1906 * usercb user callback for async calls, NULL for DOWAIT calls
1907 * usercb_data user supplied data pointer for async calls, NULL
1913 * -ERESTARTSYS Awakened on signal
1914 * -ENODATA riddatalen != macdatalen
1915 * >0 command indicated error, Status and Resp0-2 are
1921 * interrupt (DOASYNC)
1922 * process (DOWAIT or DOASYNC)
1923 ----------------------------------------------------------------*/
1932 ctlx_usercb_t usercb
,
1936 hfa384x_usbctlx_t
*ctlx
;
1939 ctlx
= usbctlx_alloc();
1940 if ( ctlx
== NULL
) {
1945 /* Initialize the command */
1946 ctlx
->outbuf
.rridreq
.type
= host2hfa384x_16(HFA384x_USB_RRIDREQ
);
1947 ctlx
->outbuf
.rridreq
.frmlen
=
1948 host2hfa384x_16(sizeof(ctlx
->outbuf
.rridreq
.rid
));
1949 ctlx
->outbuf
.rridreq
.rid
= host2hfa384x_16(rid
);
1951 ctlx
->outbufsize
= sizeof(ctlx
->outbuf
.rridreq
);
1953 ctlx
->reapable
= mode
;
1954 ctlx
->cmdcb
= cmdcb
;
1955 ctlx
->usercb
= usercb
;
1956 ctlx
->usercb_data
= usercb_data
;
1958 /* Submit the CTLX */
1959 result
= hfa384x_usbctlx_submit(hw
, ctlx
);
1962 } else if (mode
== DOWAIT
) {
1963 usbctlx_rrid_completor_t completor
;
1965 result
= hfa384x_usbctlx_complete_sync(
1966 hw
, ctlx
, init_rrid_completor(&completor
,
1967 &ctlx
->inbuf
.rridresp
,
1978 /*----------------------------------------------------------------
1981 * Constructs a write rid CTLX and issues it.
1983 * NOTE: Any changes to the 'post-submit' code in this function
1984 * need to be carried over to hfa384x_cbwrid() since the handling
1985 * is virtually identical.
1988 * hw device structure
1989 * CMD_MODE DOWAIT or DOASYNC
1991 * riddata Data portion of RID formatted for MAC
1992 * riddatalen Length of the data portion in bytes
1993 * cmdcb command callback for async calls, NULL for DOWAIT calls
1994 * usercb user callback for async calls, NULL for DOWAIT calls
1995 * usercb_data user supplied data pointer for async calls
1999 * -ETIMEDOUT timed out waiting for register ready or
2000 * command completion
2001 * >0 command indicated error, Status and Resp0-2 are
2007 * interrupt (DOASYNC)
2008 * process (DOWAIT or DOASYNC)
2009 ----------------------------------------------------------------*/
2018 ctlx_usercb_t usercb
,
2022 hfa384x_usbctlx_t
*ctlx
;
2025 ctlx
= usbctlx_alloc();
2026 if ( ctlx
== NULL
) {
2031 /* Initialize the command */
2032 ctlx
->outbuf
.wridreq
.type
= host2hfa384x_16(HFA384x_USB_WRIDREQ
);
2033 ctlx
->outbuf
.wridreq
.frmlen
= host2hfa384x_16(
2034 (sizeof(ctlx
->outbuf
.wridreq
.rid
) +
2035 riddatalen
+ 1) / 2);
2036 ctlx
->outbuf
.wridreq
.rid
= host2hfa384x_16(rid
);
2037 memcpy(ctlx
->outbuf
.wridreq
.data
, riddata
, riddatalen
);
2039 ctlx
->outbufsize
= sizeof(ctlx
->outbuf
.wridreq
.type
) +
2040 sizeof(ctlx
->outbuf
.wridreq
.frmlen
) +
2041 sizeof(ctlx
->outbuf
.wridreq
.rid
) +
2044 ctlx
->reapable
= mode
;
2045 ctlx
->cmdcb
= cmdcb
;
2046 ctlx
->usercb
= usercb
;
2047 ctlx
->usercb_data
= usercb_data
;
2049 /* Submit the CTLX */
2050 result
= hfa384x_usbctlx_submit(hw
, ctlx
);
2053 } else if (mode
== DOWAIT
) {
2054 usbctlx_wrid_completor_t completor
;
2055 hfa384x_cmdresult_t wridresult
;
2057 result
= hfa384x_usbctlx_complete_sync(
2060 init_wrid_completor(&completor
,
2061 &ctlx
->inbuf
.wridresp
,
2070 /*----------------------------------------------------------------
2073 * Constructs a readmem CTLX and issues it.
2075 * NOTE: Any changes to the 'post-submit' code in this function
2076 * need to be carried over to hfa384x_cbrmem() since the handling
2077 * is virtually identical.
2080 * hw device structure
2081 * mode DOWAIT or DOASYNC
2082 * page MAC address space page (CMD format)
2083 * offset MAC address space offset
2084 * data Ptr to data buffer to receive read
2085 * len Length of the data to read (max == 2048)
2086 * cmdcb command callback for async calls, NULL for DOWAIT calls
2087 * usercb user callback for async calls, NULL for DOWAIT calls
2088 * usercb_data user supplied data pointer for async calls
2092 * -ETIMEDOUT timed out waiting for register ready or
2093 * command completion
2094 * >0 command indicated error, Status and Resp0-2 are
2100 * interrupt (DOASYNC)
2101 * process (DOWAIT or DOASYNC)
2102 ----------------------------------------------------------------*/
2112 ctlx_usercb_t usercb
,
2116 hfa384x_usbctlx_t
*ctlx
;
2119 ctlx
= usbctlx_alloc();
2120 if ( ctlx
== NULL
) {
2125 /* Initialize the command */
2126 ctlx
->outbuf
.rmemreq
.type
= host2hfa384x_16(HFA384x_USB_RMEMREQ
);
2127 ctlx
->outbuf
.rmemreq
.frmlen
= host2hfa384x_16(
2128 sizeof(ctlx
->outbuf
.rmemreq
.offset
) +
2129 sizeof(ctlx
->outbuf
.rmemreq
.page
) +
2131 ctlx
->outbuf
.rmemreq
.offset
= host2hfa384x_16(offset
);
2132 ctlx
->outbuf
.rmemreq
.page
= host2hfa384x_16(page
);
2134 ctlx
->outbufsize
= sizeof(ctlx
->outbuf
.rmemreq
);
2137 "type=0x%04x frmlen=%d offset=0x%04x page=0x%04x\n",
2138 ctlx
->outbuf
.rmemreq
.type
,
2139 ctlx
->outbuf
.rmemreq
.frmlen
,
2140 ctlx
->outbuf
.rmemreq
.offset
,
2141 ctlx
->outbuf
.rmemreq
.page
);
2143 WLAN_LOG_DEBUG(4,"pktsize=%zd\n",
2144 ROUNDUP64(sizeof(ctlx
->outbuf
.rmemreq
)));
2146 ctlx
->reapable
= mode
;
2147 ctlx
->cmdcb
= cmdcb
;
2148 ctlx
->usercb
= usercb
;
2149 ctlx
->usercb_data
= usercb_data
;
2151 result
= hfa384x_usbctlx_submit(hw
, ctlx
);
2154 } else if ( mode
== DOWAIT
) {
2155 usbctlx_rmem_completor_t completor
;
2157 result
= hfa384x_usbctlx_complete_sync(
2158 hw
, ctlx
, init_rmem_completor(&completor
,
2159 &ctlx
->inbuf
.rmemresp
,
2171 /*----------------------------------------------------------------
2174 * Constructs a writemem CTLX and issues it.
2176 * NOTE: Any changes to the 'post-submit' code in this function
2177 * need to be carried over to hfa384x_cbwmem() since the handling
2178 * is virtually identical.
2181 * hw device structure
2182 * mode DOWAIT or DOASYNC
2183 * page MAC address space page (CMD format)
2184 * offset MAC address space offset
2185 * data Ptr to data buffer containing write data
2186 * len Length of the data to read (max == 2048)
2187 * cmdcb command callback for async calls, NULL for DOWAIT calls
2188 * usercb user callback for async calls, NULL for DOWAIT calls
2189 * usercb_data user supplied data pointer for async calls.
2193 * -ETIMEDOUT timed out waiting for register ready or
2194 * command completion
2195 * >0 command indicated error, Status and Resp0-2 are
2201 * interrupt (DOWAIT)
2202 * process (DOWAIT or DOASYNC)
2203 ----------------------------------------------------------------*/
2213 ctlx_usercb_t usercb
,
2217 hfa384x_usbctlx_t
*ctlx
;
2220 WLAN_LOG_DEBUG(5, "page=0x%04x offset=0x%04x len=%d\n",
2223 ctlx
= usbctlx_alloc();
2224 if ( ctlx
== NULL
) {
2229 /* Initialize the command */
2230 ctlx
->outbuf
.wmemreq
.type
= host2hfa384x_16(HFA384x_USB_WMEMREQ
);
2231 ctlx
->outbuf
.wmemreq
.frmlen
= host2hfa384x_16(
2232 sizeof(ctlx
->outbuf
.wmemreq
.offset
) +
2233 sizeof(ctlx
->outbuf
.wmemreq
.page
) +
2235 ctlx
->outbuf
.wmemreq
.offset
= host2hfa384x_16(offset
);
2236 ctlx
->outbuf
.wmemreq
.page
= host2hfa384x_16(page
);
2237 memcpy(ctlx
->outbuf
.wmemreq
.data
, data
, len
);
2239 ctlx
->outbufsize
= sizeof(ctlx
->outbuf
.wmemreq
.type
) +
2240 sizeof(ctlx
->outbuf
.wmemreq
.frmlen
) +
2241 sizeof(ctlx
->outbuf
.wmemreq
.offset
) +
2242 sizeof(ctlx
->outbuf
.wmemreq
.page
) +
2245 ctlx
->reapable
= mode
;
2246 ctlx
->cmdcb
= cmdcb
;
2247 ctlx
->usercb
= usercb
;
2248 ctlx
->usercb_data
= usercb_data
;
2250 result
= hfa384x_usbctlx_submit(hw
, ctlx
);
2253 } else if ( mode
== DOWAIT
) {
2254 usbctlx_wmem_completor_t completor
;
2255 hfa384x_cmdresult_t wmemresult
;
2257 result
= hfa384x_usbctlx_complete_sync(
2260 init_wmem_completor(&completor
,
2261 &ctlx
->inbuf
.wmemresp
,
2271 /*----------------------------------------------------------------
2272 * hfa384x_drvr_commtallies
2274 * Send a commtallies inquiry to the MAC. Note that this is an async
2275 * call that will result in an info frame arriving sometime later.
2278 * hw device structure
2287 ----------------------------------------------------------------*/
2288 int hfa384x_drvr_commtallies( hfa384x_t
*hw
)
2290 hfa384x_metacmd_t cmd
;
2294 cmd
.cmd
= HFA384x_CMDCODE_INQ
;
2295 cmd
.parm0
= HFA384x_IT_COMMTALLIES
;
2299 hfa384x_docmd_async(hw
, &cmd
, NULL
, NULL
, NULL
);
2306 /*----------------------------------------------------------------
2307 * hfa384x_drvr_disable
2309 * Issues the disable command to stop communications on one of
2310 * the MACs 'ports'. Only macport 0 is valid for stations.
2311 * APs may also disable macports 1-6. Only ports that have been
2312 * previously enabled may be disabled.
2315 * hw device structure
2316 * macport MAC port number (host order)
2320 * >0 f/w reported failure - f/w status code
2321 * <0 driver reported error (timeout|bad arg)
2327 ----------------------------------------------------------------*/
2328 int hfa384x_drvr_disable(hfa384x_t
*hw
, UINT16 macport
)
2333 if ((!hw
->isap
&& macport
!= 0) ||
2334 (hw
->isap
&& !(macport
<= HFA384x_PORTID_MAX
)) ||
2335 !(hw
->port_enabled
[macport
]) ){
2338 result
= hfa384x_cmd_disable(hw
, macport
);
2339 if ( result
== 0 ) {
2340 hw
->port_enabled
[macport
] = 0;
2348 /*----------------------------------------------------------------
2349 * hfa384x_drvr_enable
2351 * Issues the enable command to enable communications on one of
2352 * the MACs 'ports'. Only macport 0 is valid for stations.
2353 * APs may also enable macports 1-6. Only ports that are currently
2354 * disabled may be enabled.
2357 * hw device structure
2358 * macport MAC port number
2362 * >0 f/w reported failure - f/w status code
2363 * <0 driver reported error (timeout|bad arg)
2369 ----------------------------------------------------------------*/
2370 int hfa384x_drvr_enable(hfa384x_t
*hw
, UINT16 macport
)
2375 if ((!hw
->isap
&& macport
!= 0) ||
2376 (hw
->isap
&& !(macport
<= HFA384x_PORTID_MAX
)) ||
2377 (hw
->port_enabled
[macport
]) ){
2380 result
= hfa384x_cmd_enable(hw
, macport
);
2381 if ( result
== 0 ) {
2382 hw
->port_enabled
[macport
] = 1;
2390 /*----------------------------------------------------------------
2391 * hfa384x_drvr_flashdl_enable
2393 * Begins the flash download state. Checks to see that we're not
2394 * already in a download state and that a port isn't enabled.
2395 * Sets the download state and retrieves the flash download
2396 * buffer location, buffer size, and timeout length.
2399 * hw device structure
2403 * >0 f/w reported error - f/w status code
2404 * <0 driver reported error
2410 ----------------------------------------------------------------*/
2411 int hfa384x_drvr_flashdl_enable(hfa384x_t
*hw
)
2417 /* Check that a port isn't active */
2418 for ( i
= 0; i
< HFA384x_PORTID_MAX
; i
++) {
2419 if ( hw
->port_enabled
[i
] ) {
2420 WLAN_LOG_DEBUG(1,"called when port enabled.\n");
2425 /* Check that we're not already in a download state */
2426 if ( hw
->dlstate
!= HFA384x_DLSTATE_DISABLED
) {
2430 /* Retrieve the buffer loc&size and timeout */
2431 if ( (result
= hfa384x_drvr_getconfig(hw
, HFA384x_RID_DOWNLOADBUFFER
,
2432 &(hw
->bufinfo
), sizeof(hw
->bufinfo
))) ) {
2435 hw
->bufinfo
.page
= hfa384x2host_16(hw
->bufinfo
.page
);
2436 hw
->bufinfo
.offset
= hfa384x2host_16(hw
->bufinfo
.offset
);
2437 hw
->bufinfo
.len
= hfa384x2host_16(hw
->bufinfo
.len
);
2438 if ( (result
= hfa384x_drvr_getconfig16(hw
, HFA384x_RID_MAXLOADTIME
,
2439 &(hw
->dltimeout
))) ) {
2442 hw
->dltimeout
= hfa384x2host_16(hw
->dltimeout
);
2444 WLAN_LOG_DEBUG(1,"flashdl_enable\n");
2446 hw
->dlstate
= HFA384x_DLSTATE_FLASHENABLED
;
2452 /*----------------------------------------------------------------
2453 * hfa384x_drvr_flashdl_disable
2455 * Ends the flash download state. Note that this will cause the MAC
2456 * firmware to restart.
2459 * hw device structure
2463 * >0 f/w reported error - f/w status code
2464 * <0 driver reported error
2470 ----------------------------------------------------------------*/
2471 int hfa384x_drvr_flashdl_disable(hfa384x_t
*hw
)
2474 /* Check that we're already in the download state */
2475 if ( hw
->dlstate
!= HFA384x_DLSTATE_FLASHENABLED
) {
2479 WLAN_LOG_DEBUG(1,"flashdl_enable\n");
2481 /* There isn't much we can do at this point, so I don't */
2482 /* bother w/ the return value */
2483 hfa384x_cmd_download(hw
, HFA384x_PROGMODE_DISABLE
, 0, 0 , 0);
2484 hw
->dlstate
= HFA384x_DLSTATE_DISABLED
;
2491 /*----------------------------------------------------------------
2492 * hfa384x_drvr_flashdl_write
2494 * Performs a FLASH download of a chunk of data. First checks to see
2495 * that we're in the FLASH download state, then sets the download
2496 * mode, uses the aux functions to 1) copy the data to the flash
2497 * buffer, 2) sets the download 'write flash' mode, 3) readback and
2498 * compare. Lather rinse, repeat as many times an necessary to get
2499 * all the given data into flash.
2500 * When all data has been written using this function (possibly
2501 * repeatedly), call drvr_flashdl_disable() to end the download state
2502 * and restart the MAC.
2505 * hw device structure
2506 * daddr Card address to write to. (host order)
2507 * buf Ptr to data to write.
2508 * len Length of data (host order).
2512 * >0 f/w reported error - f/w status code
2513 * <0 driver reported error
2519 ----------------------------------------------------------------*/
2521 hfa384x_drvr_flashdl_write(
2543 WLAN_LOG_DEBUG(5,"daddr=0x%08x len=%d\n", daddr
, len
);
2545 /* Check that we're in the flash download state */
2546 if ( hw
->dlstate
!= HFA384x_DLSTATE_FLASHENABLED
) {
2550 WLAN_LOG_INFO("Download %d bytes to flash @0x%06x\n", len
, daddr
);
2552 /* Convert to flat address for arithmetic */
2553 /* NOTE: dlbuffer RID stores the address in AUX format */
2554 dlbufaddr
= HFA384x_ADDR_AUX_MKFLAT(
2555 hw
->bufinfo
.page
, hw
->bufinfo
.offset
);
2557 "dlbuf.page=0x%04x dlbuf.offset=0x%04x dlbufaddr=0x%08x\n",
2558 hw
->bufinfo
.page
, hw
->bufinfo
.offset
, dlbufaddr
);
2561 WLAN_LOG_WARNING("dlbuf@0x%06lx len=%d to=%d\n", dlbufaddr
, hw
->bufinfo
.len
, hw
->dltimeout
);
2563 /* Calculations to determine how many fills of the dlbuffer to do
2564 * and how many USB wmemreq's to do for each fill. At this point
2565 * in time, the dlbuffer size and the wmemreq size are the same.
2566 * Therefore, nwrites should always be 1. The extra complexity
2567 * here is a hedge against future changes.
2570 /* Figure out how many times to do the flash programming */
2571 nburns
= len
/ hw
->bufinfo
.len
;
2572 nburns
+= (len
% hw
->bufinfo
.len
) ? 1 : 0;
2574 /* For each flash program cycle, how many USB wmemreq's are needed? */
2575 nwrites
= hw
->bufinfo
.len
/ HFA384x_USB_RWMEM_MAXLEN
;
2576 nwrites
+= (hw
->bufinfo
.len
% HFA384x_USB_RWMEM_MAXLEN
) ? 1 : 0;
2579 for ( i
= 0; i
< nburns
; i
++) {
2580 /* Get the dest address and len */
2581 burnlen
= (len
- (hw
->bufinfo
.len
* i
)) > hw
->bufinfo
.len
?
2583 (len
- (hw
->bufinfo
.len
* i
));
2584 burndaddr
= daddr
+ (hw
->bufinfo
.len
* i
);
2585 burnlo
= HFA384x_ADDR_CMD_MKOFF(burndaddr
);
2586 burnhi
= HFA384x_ADDR_CMD_MKPAGE(burndaddr
);
2588 WLAN_LOG_INFO("Writing %d bytes to flash @0x%06x\n",
2589 burnlen
, burndaddr
);
2591 /* Set the download mode */
2592 result
= hfa384x_cmd_download(hw
, HFA384x_PROGMODE_NV
,
2593 burnlo
, burnhi
, burnlen
);
2595 WLAN_LOG_ERROR("download(NV,lo=%x,hi=%x,len=%x) "
2596 "cmd failed, result=%d. Aborting d/l\n",
2597 burnlo
, burnhi
, burnlen
, result
);
2601 /* copy the data to the flash download buffer */
2602 for ( j
=0; j
< nwrites
; j
++) {
2604 (i
*hw
->bufinfo
.len
) +
2605 (j
*HFA384x_USB_RWMEM_MAXLEN
);
2607 writepage
= HFA384x_ADDR_CMD_MKPAGE(
2609 (j
*HFA384x_USB_RWMEM_MAXLEN
));
2610 writeoffset
= HFA384x_ADDR_CMD_MKOFF(
2612 (j
*HFA384x_USB_RWMEM_MAXLEN
));
2614 writelen
= burnlen
-(j
*HFA384x_USB_RWMEM_MAXLEN
);
2615 writelen
= writelen
> HFA384x_USB_RWMEM_MAXLEN
?
2616 HFA384x_USB_RWMEM_MAXLEN
:
2619 result
= hfa384x_dowmem_wait( hw
,
2626 Comment out
for debugging
, assume the write was successful
.
2629 "Write to dl buffer failed, "
2630 "result=0x%04x. Aborting.\n",
2638 /* set the download 'write flash' mode */
2639 result
= hfa384x_cmd_download(hw
,
2640 HFA384x_PROGMODE_NVWRITE
,
2644 "download(NVWRITE,lo=%x,hi=%x,len=%x) "
2645 "cmd failed, result=%d. Aborting d/l\n",
2646 burnlo
, burnhi
, burnlen
, result
);
2650 /* TODO: We really should do a readback and compare. */
2655 /* Leave the firmware in the 'post-prog' mode. flashdl_disable will */
2656 /* actually disable programming mode. Remember, that will cause the */
2657 /* the firmware to effectively reset itself. */
2664 /*----------------------------------------------------------------
2665 * hfa384x_drvr_getconfig
2667 * Performs the sequence necessary to read a config/info item.
2670 * hw device structure
2671 * rid config/info record id (host order)
2672 * buf host side record buffer. Upon return it will
2673 * contain the body portion of the record (minus the
2675 * len buffer length (in bytes, should match record length)
2679 * >0 f/w reported error - f/w status code
2680 * <0 driver reported error
2681 * -ENODATA length mismatch between argument and retrieved
2688 ----------------------------------------------------------------*/
2689 int hfa384x_drvr_getconfig(hfa384x_t
*hw
, UINT16 rid
, void *buf
, UINT16 len
)
2694 result
= hfa384x_dorrid_wait(hw
, rid
, buf
, len
);
2700 /*----------------------------------------------------------------
2701 * hfa384x_drvr_getconfig_async
2703 * Performs the sequence necessary to perform an async read of
2704 * of a config/info item.
2707 * hw device structure
2708 * rid config/info record id (host order)
2709 * buf host side record buffer. Upon return it will
2710 * contain the body portion of the record (minus the
2712 * len buffer length (in bytes, should match record length)
2713 * cbfn caller supplied callback, called when the command
2714 * is done (successful or not).
2715 * cbfndata pointer to some caller supplied data that will be
2716 * passed in as an argument to the cbfn.
2719 * nothing the cbfn gets a status argument identifying if
2722 * Queues an hfa384x_usbcmd_t for subsequent execution.
2726 ----------------------------------------------------------------*/
2728 hfa384x_drvr_getconfig_async(
2731 ctlx_usercb_t usercb
,
2734 return hfa384x_dorrid_async(hw
, rid
, NULL
, 0,
2735 hfa384x_cb_rrid
, usercb
, usercb_data
);
2738 /*----------------------------------------------------------------
2739 * hfa384x_drvr_setconfig_async
2741 * Performs the sequence necessary to write a config/info item.
2744 * hw device structure
2745 * rid config/info record id (in host order)
2746 * buf host side record buffer
2747 * len buffer length (in bytes)
2748 * usercb completion callback
2749 * usercb_data completion callback argument
2753 * >0 f/w reported error - f/w status code
2754 * <0 driver reported error
2760 ----------------------------------------------------------------*/
2762 hfa384x_drvr_setconfig_async(
2767 ctlx_usercb_t usercb
,
2770 return hfa384x_dowrid_async(hw
, rid
, buf
, len
,
2771 hfa384x_cb_status
, usercb
, usercb_data
);
2774 /*----------------------------------------------------------------
2775 * hfa384x_drvr_handover
2777 * Sends a handover notification to the MAC.
2780 * hw device structure
2781 * addr address of station that's left
2785 * -ERESTARTSYS received signal while waiting for semaphore.
2786 * -EIO failed to write to bap, or failed in cmd.
2792 ----------------------------------------------------------------*/
2793 int hfa384x_drvr_handover( hfa384x_t
*hw
, UINT8
*addr
)
2796 WLAN_LOG_ERROR("Not currently supported in USB!\n");
2801 /*----------------------------------------------------------------
2802 * hfa384x_drvr_low_level
2804 * Write test commands to the card. Some test commands don't make
2805 * sense without prior set-up. For example, continous TX isn't very
2806 * useful until you set the channel. That functionality should be
2812 * -----------------------------------------------------------------*/
2813 int hfa384x_drvr_low_level(hfa384x_t
*hw
, hfa384x_metacmd_t
*cmd
)
2818 /* Do i need a host2hfa... conversion ? */
2820 result
= hfa384x_docmd_wait(hw
, cmd
);
2826 /*----------------------------------------------------------------
2827 * hfa384x_drvr_mmi_read
2829 * Read mmi registers. mmi is intersil-speak for the baseband
2830 * processor registers.
2833 * hw device structure
2834 * register The test register to be accessed (must be even #).
2838 * >0 f/w reported error - f/w status code
2839 * <0 driver reported error
2845 ----------------------------------------------------------------*/
2846 int hfa384x_drvr_mmi_read(hfa384x_t
*hw
, UINT32 addr
, UINT32
*resp
)
2850 UINT16 cmd_code
= (UINT16
) 0x30;
2851 UINT16 param
= (UINT16
) addr
;
2854 /* Do i need a host2hfa... conversion ? */
2855 result
= hfa384x_docmd_wait(hw
, cmd_code
);
2863 /*----------------------------------------------------------------
2864 * hfa384x_drvr_mmi_write
2866 * Read mmi registers. mmi is intersil-speak for the baseband
2867 * processor registers.
2870 * hw device structure
2871 * addr The test register to be accessed (must be even #).
2872 * data The data value to write to the register.
2876 * >0 f/w reported error - f/w status code
2877 * <0 driver reported error
2883 ----------------------------------------------------------------*/
2886 hfa384x_drvr_mmi_write(hfa384x_t
*hw
, UINT32 addr
, UINT32 data
)
2890 UINT16 cmd_code
= (UINT16
) 0x31;
2891 UINT16 param0
= (UINT16
) addr
;
2892 UINT16 param1
= (UINT16
) data
;
2895 WLAN_LOG_DEBUG(1,"mmi write : addr = 0x%08lx\n", addr
);
2896 WLAN_LOG_DEBUG(1,"mmi write : data = 0x%08lx\n", data
);
2898 /* Do i need a host2hfa... conversion ? */
2899 result
= hfa384x_docmd_wait(hw
, cmd_code
);
2908 /*----------------------------------------------------------------
2909 * hfa384x_drvr_ramdl_disable
2911 * Ends the ram download state.
2914 * hw device structure
2918 * >0 f/w reported error - f/w status code
2919 * <0 driver reported error
2925 ----------------------------------------------------------------*/
2927 hfa384x_drvr_ramdl_disable(hfa384x_t
*hw
)
2930 /* Check that we're already in the download state */
2931 if ( hw
->dlstate
!= HFA384x_DLSTATE_RAMENABLED
) {
2935 WLAN_LOG_DEBUG(3,"ramdl_disable()\n");
2937 /* There isn't much we can do at this point, so I don't */
2938 /* bother w/ the return value */
2939 hfa384x_cmd_download(hw
, HFA384x_PROGMODE_DISABLE
, 0, 0 , 0);
2940 hw
->dlstate
= HFA384x_DLSTATE_DISABLED
;
2947 /*----------------------------------------------------------------
2948 * hfa384x_drvr_ramdl_enable
2950 * Begins the ram download state. Checks to see that we're not
2951 * already in a download state and that a port isn't enabled.
2952 * Sets the download state and calls cmd_download with the
2953 * ENABLE_VOLATILE subcommand and the exeaddr argument.
2956 * hw device structure
2957 * exeaddr the card execution address that will be
2958 * jumped to when ramdl_disable() is called
2963 * >0 f/w reported error - f/w status code
2964 * <0 driver reported error
2970 ----------------------------------------------------------------*/
2972 hfa384x_drvr_ramdl_enable(hfa384x_t
*hw
, UINT32 exeaddr
)
2979 /* Check that a port isn't active */
2980 for ( i
= 0; i
< HFA384x_PORTID_MAX
; i
++) {
2981 if ( hw
->port_enabled
[i
] ) {
2983 "Can't download with a macport enabled.\n");
2988 /* Check that we're not already in a download state */
2989 if ( hw
->dlstate
!= HFA384x_DLSTATE_DISABLED
) {
2991 "Download state not disabled.\n");
2995 WLAN_LOG_DEBUG(3,"ramdl_enable, exeaddr=0x%08x\n", exeaddr
);
2997 /* Call the download(1,addr) function */
2998 lowaddr
= HFA384x_ADDR_CMD_MKOFF(exeaddr
);
2999 hiaddr
= HFA384x_ADDR_CMD_MKPAGE(exeaddr
);
3001 result
= hfa384x_cmd_download(hw
, HFA384x_PROGMODE_RAM
,
3002 lowaddr
, hiaddr
, 0);
3005 /* Set the download state */
3006 hw
->dlstate
= HFA384x_DLSTATE_RAMENABLED
;
3009 "cmd_download(0x%04x, 0x%04x) failed, result=%d.\n",
3020 /*----------------------------------------------------------------
3021 * hfa384x_drvr_ramdl_write
3023 * Performs a RAM download of a chunk of data. First checks to see
3024 * that we're in the RAM download state, then uses the [read|write]mem USB
3025 * commands to 1) copy the data, 2) readback and compare. The download
3026 * state is unaffected. When all data has been written using
3027 * this function, call drvr_ramdl_disable() to end the download state
3028 * and restart the MAC.
3031 * hw device structure
3032 * daddr Card address to write to. (host order)
3033 * buf Ptr to data to write.
3034 * len Length of data (host order).
3038 * >0 f/w reported error - f/w status code
3039 * <0 driver reported error
3045 ----------------------------------------------------------------*/
3047 hfa384x_drvr_ramdl_write(hfa384x_t
*hw
, UINT32 daddr
, void* buf
, UINT32 len
)
3058 /* Check that we're in the ram download state */
3059 if ( hw
->dlstate
!= HFA384x_DLSTATE_RAMENABLED
) {
3063 WLAN_LOG_INFO("Writing %d bytes to ram @0x%06x\n", len
, daddr
);
3065 /* How many dowmem calls? */
3066 nwrites
= len
/ HFA384x_USB_RWMEM_MAXLEN
;
3067 nwrites
+= len
% HFA384x_USB_RWMEM_MAXLEN
? 1 : 0;
3069 /* Do blocking wmem's */
3070 for(i
=0; i
< nwrites
; i
++) {
3071 /* make address args */
3072 curraddr
= daddr
+ (i
* HFA384x_USB_RWMEM_MAXLEN
);
3073 currpage
= HFA384x_ADDR_CMD_MKPAGE(curraddr
);
3074 curroffset
= HFA384x_ADDR_CMD_MKOFF(curraddr
);
3075 currlen
= len
- (i
* HFA384x_USB_RWMEM_MAXLEN
);
3076 if ( currlen
> HFA384x_USB_RWMEM_MAXLEN
) {
3077 currlen
= HFA384x_USB_RWMEM_MAXLEN
;
3080 /* Do blocking ctlx */
3081 result
= hfa384x_dowmem_wait( hw
,
3084 data
+ (i
*HFA384x_USB_RWMEM_MAXLEN
),
3089 /* TODO: We really should have a readback. */
3097 /*----------------------------------------------------------------
3098 * hfa384x_drvr_readpda
3100 * Performs the sequence to read the PDA space. Note there is no
3101 * drvr_writepda() function. Writing a PDA is
3102 * generally implemented by a calling component via calls to
3103 * cmd_download and writing to the flash download buffer via the
3107 * hw device structure
3108 * buf buffer to store PDA in
3113 * >0 f/w reported error - f/w status code
3114 * <0 driver reported error
3115 * -ETIMEOUT timout waiting for the cmd regs to become
3116 * available, or waiting for the control reg
3117 * to indicate the Aux port is enabled.
3118 * -ENODATA the buffer does NOT contain a valid PDA.
3119 * Either the card PDA is bad, or the auxdata
3120 * reads are giving us garbage.
3126 * process or non-card interrupt.
3127 ----------------------------------------------------------------*/
3128 int hfa384x_drvr_readpda(hfa384x_t
*hw
, void *buf
, UINT len
)
3134 int currpdr
= 0; /* word offset of the current pdr */
3136 UINT16 pdrlen
; /* pdr length in bytes, host order */
3137 UINT16 pdrcode
; /* pdr code, host order */
3145 { HFA3842_PDA_BASE
, 0},
3146 { HFA3841_PDA_BASE
, 0},
3147 { HFA3841_PDA_BOGUS_BASE
, 0}
3152 /* Read the pda from each known address. */
3153 for ( i
= 0; i
< ARRAY_SIZE(pdaloc
); i
++) {
3155 currpage
= HFA384x_ADDR_CMD_MKPAGE(pdaloc
[i
].cardaddr
);
3156 curroffset
= HFA384x_ADDR_CMD_MKOFF(pdaloc
[i
].cardaddr
);
3158 result
= hfa384x_dormem_wait(hw
,
3162 len
); /* units of bytes */
3166 "Read from index %zd failed, continuing\n",
3171 /* Test for garbage */
3172 pdaok
= 1; /* initially assume good */
3174 while ( pdaok
&& morepdrs
) {
3175 pdrlen
= hfa384x2host_16(pda
[currpdr
]) * 2;
3176 pdrcode
= hfa384x2host_16(pda
[currpdr
+1]);
3177 /* Test the record length */
3178 if ( pdrlen
> HFA384x_PDR_LEN_MAX
|| pdrlen
== 0) {
3179 WLAN_LOG_ERROR("pdrlen invalid=%d\n",
3185 if ( !hfa384x_isgood_pdrcode(pdrcode
) ) {
3186 WLAN_LOG_ERROR("pdrcode invalid=%d\n",
3191 /* Test for completion */
3192 if ( pdrcode
== HFA384x_PDR_END_OF_PDA
) {
3196 /* Move to the next pdr (if necessary) */
3198 /* note the access to pda[], need words here */
3199 currpdr
+= hfa384x2host_16(pda
[currpdr
]) + 1;
3204 "PDA Read from 0x%08x in %s space.\n",
3206 pdaloc
[i
].auxctl
== 0 ? "EXTDS" :
3207 pdaloc
[i
].auxctl
== 1 ? "NV" :
3208 pdaloc
[i
].auxctl
== 2 ? "PHY" :
3209 pdaloc
[i
].auxctl
== 3 ? "ICSRAM" :
3214 result
= pdaok
? 0 : -ENODATA
;
3217 WLAN_LOG_DEBUG(3,"Failure: pda is not okay\n");
3225 /*----------------------------------------------------------------
3226 * hfa384x_drvr_setconfig
3228 * Performs the sequence necessary to write a config/info item.
3231 * hw device structure
3232 * rid config/info record id (in host order)
3233 * buf host side record buffer
3234 * len buffer length (in bytes)
3238 * >0 f/w reported error - f/w status code
3239 * <0 driver reported error
3245 ----------------------------------------------------------------*/
3246 int hfa384x_drvr_setconfig(hfa384x_t
*hw
, UINT16 rid
, void *buf
, UINT16 len
)
3248 return hfa384x_dowrid_wait(hw
, rid
, buf
, len
);
3251 /*----------------------------------------------------------------
3252 * hfa384x_drvr_start
3254 * Issues the MAC initialize command, sets up some data structures,
3255 * and enables the interrupts. After this function completes, the
3256 * low-level stuff should be ready for any/all commands.
3259 * hw device structure
3262 * >0 f/w reported error - f/w status code
3263 * <0 driver reported error
3269 ----------------------------------------------------------------*/
3270 int hfa384x_drvr_start(hfa384x_t
*hw
)
3277 if (usb_clear_halt(hw
->usb
, hw
->endp_in
)) {
3279 "Failed to reset bulk in endpoint.\n");
3282 if (usb_clear_halt(hw
->usb
, hw
->endp_out
)) {
3284 "Failed to reset bulk out endpoint.\n");
3287 /* Synchronous unlink, in case we're trying to restart the driver */
3288 usb_kill_urb(&hw
->rx_urb
);
3290 /* Post the IN urb */
3291 result
= submit_rx_urb(hw
, GFP_KERNEL
);
3294 "Fatal, failed to submit RX URB, result=%d\n",
3299 /* call initialize */
3300 result
= hfa384x_cmd_initialize(hw
);
3302 usb_kill_urb(&hw
->rx_urb
);
3304 "cmd_initialize() failed, result=%d\n",
3309 hw
->state
= HFA384x_STATE_RUNNING
;
3317 /*----------------------------------------------------------------
3320 * Shuts down the MAC to the point where it is safe to unload the
3321 * driver. Any subsystem that may be holding a data or function
3322 * ptr into the driver must be cleared/deinitialized.
3325 * hw device structure
3328 * >0 f/w reported error - f/w status code
3329 * <0 driver reported error
3335 ----------------------------------------------------------------*/
3337 hfa384x_drvr_stop(hfa384x_t
*hw
)
3345 /* There's no need for spinlocks here. The USB "disconnect"
3346 * function sets this "removed" flag and then calls us.
3348 if ( !hw
->wlandev
->hwremoved
) {
3349 /* Call initialize to leave the MAC in its 'reset' state */
3350 hfa384x_cmd_initialize(hw
);
3352 /* Cancel the rxurb */
3353 usb_kill_urb(&hw
->rx_urb
);
3356 hw
->link_status
= HFA384x_LINK_NOTCONNECTED
;
3357 hw
->state
= HFA384x_STATE_INIT
;
3359 del_timer_sync(&hw
->commsqual_timer
);
3361 /* Clear all the port status */
3362 for ( i
= 0; i
< HFA384x_NUMPORTS_MAX
; i
++) {
3363 hw
->port_enabled
[i
] = 0;
3370 /*----------------------------------------------------------------
3371 * hfa384x_drvr_txframe
3373 * Takes a frame from prism2sta and queues it for transmission.
3376 * hw device structure
3377 * skb packet buffer struct. Contains an 802.11
3379 * p80211_hdr points to the 802.11 header for the packet.
3381 * 0 Success and more buffs available
3382 * 1 Success but no more buffs
3383 * 2 Allocation failure
3384 * 4 Buffer full or queue busy
3390 ----------------------------------------------------------------*/
3391 int hfa384x_drvr_txframe(hfa384x_t
*hw
, struct sk_buff
*skb
, p80211_hdr_t
*p80211_hdr
, p80211_metawep_t
*p80211_wep
)
3394 int usbpktlen
= sizeof(hfa384x_tx_frame_t
);
3401 if (hw
->tx_urb
.status
== -EINPROGRESS
) {
3402 WLAN_LOG_WARNING("TX URB already in use\n");
3407 /* Build Tx frame structure */
3408 /* Set up the control field */
3409 memset(&hw
->txbuff
.txfrm
.desc
, 0, sizeof(hw
->txbuff
.txfrm
.desc
));
3411 /* Setup the usb type field */
3412 hw
->txbuff
.type
= host2hfa384x_16(HFA384x_USB_TXFRM
);
3414 /* Set up the sw_support field to identify this frame */
3415 hw
->txbuff
.txfrm
.desc
.sw_support
= 0x0123;
3417 /* Tx complete and Tx exception disable per dleach. Might be causing
3420 //#define DOEXC SLP -- doboth breaks horribly under load, doexc less so.
3422 hw
->txbuff
.txfrm
.desc
.tx_control
=
3423 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3424 HFA384x_TX_TXEX_SET(1) | HFA384x_TX_TXOK_SET(1);
3425 #elif defined(DOEXC)
3426 hw
->txbuff
.txfrm
.desc
.tx_control
=
3427 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3428 HFA384x_TX_TXEX_SET(1) | HFA384x_TX_TXOK_SET(0);
3430 hw
->txbuff
.txfrm
.desc
.tx_control
=
3431 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3432 HFA384x_TX_TXEX_SET(0) | HFA384x_TX_TXOK_SET(0);
3434 hw
->txbuff
.txfrm
.desc
.tx_control
=
3435 host2hfa384x_16(hw
->txbuff
.txfrm
.desc
.tx_control
);
3437 /* copy the header over to the txdesc */
3438 memcpy(&(hw
->txbuff
.txfrm
.desc
.frame_control
), p80211_hdr
, sizeof(p80211_hdr_t
));
3440 /* if we're using host WEP, increase size by IV+ICV */
3441 if (p80211_wep
->data
) {
3442 hw
->txbuff
.txfrm
.desc
.data_len
= host2hfa384x_16(skb
->len
+8);
3443 // hw->txbuff.txfrm.desc.tx_control |= HFA384x_TX_NOENCRYPT_SET(1);
3446 hw
->txbuff
.txfrm
.desc
.data_len
= host2hfa384x_16(skb
->len
);
3449 usbpktlen
+= skb
->len
;
3451 /* copy over the WEP IV if we are using host WEP */
3452 ptr
= hw
->txbuff
.txfrm
.data
;
3453 if (p80211_wep
->data
) {
3454 memcpy(ptr
, p80211_wep
->iv
, sizeof(p80211_wep
->iv
));
3455 ptr
+= sizeof(p80211_wep
->iv
);
3456 memcpy(ptr
, p80211_wep
->data
, skb
->len
);
3458 memcpy(ptr
, skb
->data
, skb
->len
);
3460 /* copy over the packet data */
3463 /* copy over the WEP ICV if we are using host WEP */
3464 if (p80211_wep
->data
) {
3465 memcpy(ptr
, p80211_wep
->icv
, sizeof(p80211_wep
->icv
));
3468 /* Send the USB packet */
3469 usb_fill_bulk_urb( &(hw
->tx_urb
), hw
->usb
,
3471 &(hw
->txbuff
), ROUNDUP64(usbpktlen
),
3472 hfa384x_usbout_callback
, hw
->wlandev
);
3473 hw
->tx_urb
.transfer_flags
|= USB_QUEUE_BULK
;
3476 ret
= submit_tx_urb(hw
, &hw
->tx_urb
, GFP_ATOMIC
);
3479 "submit_tx_urb() failed, error=%d\n", ret
);
3488 void hfa384x_tx_timeout(wlandevice_t
*wlandev
)
3490 hfa384x_t
*hw
= wlandev
->priv
;
3491 unsigned long flags
;
3495 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
3497 if ( !hw
->wlandev
->hwremoved
&&
3498 /* Note the bitwise OR, not the logical OR. */
3499 ( !test_and_set_bit(WORK_TX_HALT
, &hw
->usb_flags
) |
3500 !test_and_set_bit(WORK_RX_HALT
, &hw
->usb_flags
) ) )
3502 schedule_work(&hw
->usb_work
);
3505 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
3510 /*----------------------------------------------------------------
3511 * hfa384x_usbctlx_reaper_task
3513 * Tasklet to delete dead CTLX objects
3516 * data ptr to a hfa384x_t
3522 ----------------------------------------------------------------*/
3523 static void hfa384x_usbctlx_reaper_task(unsigned long data
)
3525 hfa384x_t
*hw
= (hfa384x_t
*)data
;
3526 struct list_head
*entry
;
3527 struct list_head
*temp
;
3528 unsigned long flags
;
3532 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
3534 /* This list is guaranteed to be empty if someone
3535 * has unplugged the adapter.
3537 list_for_each_safe(entry
, temp
, &hw
->ctlxq
.reapable
) {
3538 hfa384x_usbctlx_t
*ctlx
;
3540 ctlx
= list_entry(entry
, hfa384x_usbctlx_t
, list
);
3541 list_del(&ctlx
->list
);
3545 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
3550 /*----------------------------------------------------------------
3551 * hfa384x_usbctlx_completion_task
3553 * Tasklet to call completion handlers for returned CTLXs
3556 * data ptr to hfa384x_t
3563 ----------------------------------------------------------------*/
3564 static void hfa384x_usbctlx_completion_task(unsigned long data
)
3566 hfa384x_t
*hw
= (hfa384x_t
*)data
;
3567 struct list_head
*entry
;
3568 struct list_head
*temp
;
3569 unsigned long flags
;
3575 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
3577 /* This list is guaranteed to be empty if someone
3578 * has unplugged the adapter ...
3580 list_for_each_safe(entry
, temp
, &hw
->ctlxq
.completing
) {
3581 hfa384x_usbctlx_t
*ctlx
;
3583 ctlx
= list_entry(entry
, hfa384x_usbctlx_t
, list
);
3585 /* Call the completion function that this
3586 * command was assigned, assuming it has one.
3588 if ( ctlx
->cmdcb
!= NULL
) {
3589 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
3590 ctlx
->cmdcb(hw
, ctlx
);
3591 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
3593 /* Make sure we don't try and complete
3594 * this CTLX more than once!
3598 /* Did someone yank the adapter out
3599 * while our list was (briefly) unlocked?
3601 if ( hw
->wlandev
->hwremoved
)
3609 * "Reapable" CTLXs are ones which don't have any
3610 * threads waiting for them to die. Hence they must
3611 * be delivered to The Reaper!
3613 if ( ctlx
->reapable
) {
3614 /* Move the CTLX off the "completing" list (hopefully)
3615 * on to the "reapable" list where the reaper task
3616 * can find it. And "reapable" means that this CTLX
3617 * isn't sitting on a wait-queue somewhere.
3619 list_move_tail(&ctlx
->list
, &hw
->ctlxq
.reapable
);
3623 complete(&ctlx
->done
);
3625 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
3628 tasklet_schedule(&hw
->reaper_bh
);
3633 /*----------------------------------------------------------------
3634 * unlocked_usbctlx_cancel_async
3636 * Mark the CTLX dead asynchronously, and ensure that the
3637 * next command on the queue is run afterwards.
3640 * hw ptr to the hfa384x_t structure
3641 * ctlx ptr to a CTLX structure
3644 * 0 the CTLX's URB is inactive
3645 * -EINPROGRESS the URB is currently being unlinked
3648 * Either process or interrupt, but presumably interrupt
3649 ----------------------------------------------------------------*/
3650 static int unlocked_usbctlx_cancel_async(hfa384x_t
*hw
, hfa384x_usbctlx_t
*ctlx
)
3657 * Try to delete the URB containing our request packet.
3658 * If we succeed, then its completion handler will be
3659 * called with a status of -ECONNRESET.
3661 hw
->ctlx_urb
.transfer_flags
|= URB_ASYNC_UNLINK
;
3662 ret
= usb_unlink_urb(&hw
->ctlx_urb
);
3664 if (ret
!= -EINPROGRESS
) {
3666 * The OUT URB had either already completed
3667 * or was still in the pending queue, so the
3668 * URB's completion function will not be called.
3669 * We will have to complete the CTLX ourselves.
3671 ctlx
->state
= CTLX_REQ_FAILED
;
3672 unlocked_usbctlx_complete(hw
, ctlx
);
3681 /*----------------------------------------------------------------
3682 * unlocked_usbctlx_complete
3684 * A CTLX has completed. It may have been successful, it may not
3685 * have been. At this point, the CTLX should be quiescent. The URBs
3686 * aren't active and the timers should have been stopped.
3688 * The CTLX is migrated to the "completing" queue, and the completing
3689 * tasklet is scheduled.
3692 * hw ptr to a hfa384x_t structure
3693 * ctlx ptr to a ctlx structure
3701 * Either, assume interrupt
3702 ----------------------------------------------------------------*/
3703 static void unlocked_usbctlx_complete(hfa384x_t
*hw
, hfa384x_usbctlx_t
*ctlx
)
3707 /* Timers have been stopped, and ctlx should be in
3708 * a terminal state. Retire it from the "active"
3711 list_move_tail(&ctlx
->list
, &hw
->ctlxq
.completing
);
3712 tasklet_schedule(&hw
->completion_bh
);
3714 switch (ctlx
->state
) {
3716 case CTLX_REQ_FAILED
:
3717 /* This are the correct terminating states. */
3721 WLAN_LOG_ERROR("CTLX[%d] not in a terminating state(%s)\n",
3722 hfa384x2host_16(ctlx
->outbuf
.type
),
3723 ctlxstr(ctlx
->state
));
3730 /*----------------------------------------------------------------
3731 * hfa384x_usbctlxq_run
3733 * Checks to see if the head item is running. If not, starts it.
3736 * hw ptr to hfa384x_t
3745 ----------------------------------------------------------------*/
3747 hfa384x_usbctlxq_run(hfa384x_t
*hw
)
3749 unsigned long flags
;
3753 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
3755 /* Only one active CTLX at any one time, because there's no
3756 * other (reliable) way to match the response URB to the
3759 * Don't touch any of these CTLXs if the hardware
3760 * has been removed or the USB subsystem is stalled.
3762 if ( !list_empty(&hw
->ctlxq
.active
) ||
3763 test_bit(WORK_TX_HALT
, &hw
->usb_flags
) ||
3764 hw
->wlandev
->hwremoved
)
3767 while ( !list_empty(&hw
->ctlxq
.pending
) ) {
3768 hfa384x_usbctlx_t
*head
;
3771 /* This is the first pending command */
3772 head
= list_entry(hw
->ctlxq
.pending
.next
,
3776 /* We need to split this off to avoid a race condition */
3777 list_move_tail(&head
->list
, &hw
->ctlxq
.active
);
3779 /* Fill the out packet */
3780 usb_fill_bulk_urb( &(hw
->ctlx_urb
), hw
->usb
,
3782 &(head
->outbuf
), ROUNDUP64(head
->outbufsize
),
3783 hfa384x_ctlxout_callback
, hw
);
3784 hw
->ctlx_urb
.transfer_flags
|= USB_QUEUE_BULK
;
3786 /* Now submit the URB and update the CTLX's state
3788 if ((result
= SUBMIT_URB(&hw
->ctlx_urb
, GFP_ATOMIC
)) == 0) {
3789 /* This CTLX is now running on the active queue */
3790 head
->state
= CTLX_REQ_SUBMITTED
;
3792 /* Start the OUT wait timer */
3793 hw
->req_timer_done
= 0;
3794 hw
->reqtimer
.expires
= jiffies
+ HZ
;
3795 add_timer(&hw
->reqtimer
);
3797 /* Start the IN wait timer */
3798 hw
->resp_timer_done
= 0;
3799 hw
->resptimer
.expires
= jiffies
+ 2*HZ
;
3800 add_timer(&hw
->resptimer
);
3805 if (result
== -EPIPE
) {
3806 /* The OUT pipe needs resetting, so put
3807 * this CTLX back in the "pending" queue
3808 * and schedule a reset ...
3810 WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
3811 hw
->wlandev
->netdev
->name
);
3812 list_move(&head
->list
, &hw
->ctlxq
.pending
);
3813 set_bit(WORK_TX_HALT
, &hw
->usb_flags
);
3814 schedule_work(&hw
->usb_work
);
3818 if (result
== -ESHUTDOWN
) {
3819 WLAN_LOG_WARNING("%s urb shutdown!\n",
3820 hw
->wlandev
->netdev
->name
);
3824 WLAN_LOG_ERROR("Failed to submit CTLX[%d]: error=%d\n",
3825 hfa384x2host_16(head
->outbuf
.type
), result
);
3826 unlocked_usbctlx_complete(hw
, head
);
3830 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
3836 /*----------------------------------------------------------------
3837 * hfa384x_usbin_callback
3839 * Callback for URBs on the BULKIN endpoint.
3842 * urb ptr to the completed urb
3851 ----------------------------------------------------------------*/
3852 #ifdef URB_ONLY_CALLBACK
3853 static void hfa384x_usbin_callback(struct urb
*urb
)
3855 static void hfa384x_usbin_callback(struct urb
*urb
, struct pt_regs
*regs
)
3858 wlandevice_t
*wlandev
= urb
->context
;
3860 hfa384x_usbin_t
*usbin
= (hfa384x_usbin_t
*) urb
->transfer_buffer
;
3861 struct sk_buff
*skb
= NULL
;
3876 !netif_device_present(wlandev
->netdev
) )
3883 skb
= hw
->rx_urb_skb
;
3884 if (!skb
|| (skb
->data
!= urb
->transfer_buffer
)) {
3887 hw
->rx_urb_skb
= NULL
;
3889 /* Check for error conditions within the URB */
3890 switch (urb
->status
) {
3894 /* Check for short packet */
3895 if ( urb
->actual_length
== 0 ) {
3896 ++(wlandev
->linux_stats
.rx_errors
);
3897 ++(wlandev
->linux_stats
.rx_length_errors
);
3903 WLAN_LOG_WARNING("%s rx pipe stalled: requesting reset\n",
3904 wlandev
->netdev
->name
);
3905 if ( !test_and_set_bit(WORK_RX_HALT
, &hw
->usb_flags
) )
3906 schedule_work(&hw
->usb_work
);
3907 ++(wlandev
->linux_stats
.rx_errors
);
3914 if ( !test_and_set_bit(THROTTLE_RX
, &hw
->usb_flags
) &&
3915 !timer_pending(&hw
->throttle
) ) {
3916 mod_timer(&hw
->throttle
, jiffies
+ THROTTLE_JIFFIES
);
3918 ++(wlandev
->linux_stats
.rx_errors
);
3923 ++(wlandev
->linux_stats
.rx_over_errors
);
3929 WLAN_LOG_DEBUG(3,"status=%d, device removed.\n", urb
->status
);
3935 WLAN_LOG_DEBUG(3,"status=%d, urb explicitly unlinked.\n", urb
->status
);
3940 WLAN_LOG_DEBUG(3,"urb status=%d, transfer flags=0x%x\n",
3941 urb
->status
, urb
->transfer_flags
);
3942 ++(wlandev
->linux_stats
.rx_errors
);
3947 urb_status
= urb
->status
;
3949 if (action
!= ABORT
) {
3950 /* Repost the RX URB */
3951 result
= submit_rx_urb(hw
, GFP_ATOMIC
);
3955 "Fatal, failed to resubmit rx_urb. error=%d\n",
3960 /* Handle any USB-IN packet */
3961 /* Note: the check of the sw_support field, the type field doesn't
3962 * have bit 12 set like the docs suggest.
3964 type
= hfa384x2host_16(usbin
->type
);
3965 if (HFA384x_USB_ISRXFRM(type
)) {
3966 if (action
== HANDLE
) {
3967 if (usbin
->txfrm
.desc
.sw_support
== 0x0123) {
3968 hfa384x_usbin_txcompl(wlandev
, usbin
);
3970 skb_put(skb
, sizeof(*usbin
));
3971 hfa384x_usbin_rx(wlandev
, skb
);
3977 if (HFA384x_USB_ISTXFRM(type
)) {
3978 if (action
== HANDLE
)
3979 hfa384x_usbin_txcompl(wlandev
, usbin
);
3983 case HFA384x_USB_INFOFRM
:
3984 if (action
== ABORT
)
3986 if (action
== HANDLE
)
3987 hfa384x_usbin_info(wlandev
, usbin
);
3990 case HFA384x_USB_CMDRESP
:
3991 case HFA384x_USB_WRIDRESP
:
3992 case HFA384x_USB_RRIDRESP
:
3993 case HFA384x_USB_WMEMRESP
:
3994 case HFA384x_USB_RMEMRESP
:
3995 /* ALWAYS, ALWAYS, ALWAYS handle this CTLX!!!! */
3996 hfa384x_usbin_ctlx(hw
, usbin
, urb_status
);
3999 case HFA384x_USB_BUFAVAIL
:
4000 WLAN_LOG_DEBUG(3,"Received BUFAVAIL packet, frmlen=%d\n",
4001 usbin
->bufavail
.frmlen
);
4004 case HFA384x_USB_ERROR
:
4005 WLAN_LOG_DEBUG(3,"Received USB_ERROR packet, errortype=%d\n",
4006 usbin
->usberror
.errortype
);
4010 WLAN_LOG_DEBUG(3,"Unrecognized USBIN packet, type=%x, status=%d\n",
4011 usbin
->type
, urb_status
);
4024 /*----------------------------------------------------------------
4025 * hfa384x_usbin_ctlx
4027 * We've received a URB containing a Prism2 "response" message.
4028 * This message needs to be matched up with a CTLX on the active
4029 * queue and our state updated accordingly.
4032 * hw ptr to hfa384x_t
4033 * usbin ptr to USB IN packet
4034 * urb_status status of this Bulk-In URB
4043 ----------------------------------------------------------------*/
4044 static void hfa384x_usbin_ctlx(hfa384x_t
*hw
, hfa384x_usbin_t
*usbin
,
4047 hfa384x_usbctlx_t
*ctlx
;
4049 unsigned long flags
;
4054 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
4056 /* There can be only one CTLX on the active queue
4057 * at any one time, and this is the CTLX that the
4058 * timers are waiting for.
4060 if ( list_empty(&hw
->ctlxq
.active
) ) {
4064 /* Remove the "response timeout". It's possible that
4065 * we are already too late, and that the timeout is
4066 * already running. And that's just too bad for us,
4067 * because we could lose our CTLX from the active
4070 if (del_timer(&hw
->resptimer
) == 0) {
4071 if (hw
->resp_timer_done
== 0) {
4072 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4077 hw
->resp_timer_done
= 1;
4080 ctlx
= get_active_ctlx(hw
);
4082 if (urb_status
!= 0) {
4084 * Bad CTLX, so get rid of it. But we only
4085 * remove it from the active queue if we're no
4086 * longer expecting the OUT URB to complete.
4088 if (unlocked_usbctlx_cancel_async(hw
, ctlx
) == 0)
4091 const UINT16 intype
= (usbin
->type
&~host2hfa384x_16(0x8000));
4094 * Check that our message is what we're expecting ...
4096 if (ctlx
->outbuf
.type
!= intype
) {
4097 WLAN_LOG_WARNING("Expected IN[%d], received IN[%d] - ignored.\n",
4098 hfa384x2host_16(ctlx
->outbuf
.type
),
4099 hfa384x2host_16(intype
));
4103 /* This URB has succeeded, so grab the data ... */
4104 memcpy(&ctlx
->inbuf
, usbin
, sizeof(ctlx
->inbuf
));
4106 switch (ctlx
->state
) {
4107 case CTLX_REQ_SUBMITTED
:
4109 * We have received our response URB before
4110 * our request has been acknowledged. Odd,
4111 * but our OUT URB is still alive...
4113 WLAN_LOG_DEBUG(0, "Causality violation: please reboot Universe, or email linux-wlan-devel@lists.linux-wlan.com\n");
4114 ctlx
->state
= CTLX_RESP_COMPLETE
;
4117 case CTLX_REQ_COMPLETE
:
4119 * This is the usual path: our request
4120 * has already been acknowledged, and
4121 * now we have received the reply too.
4123 ctlx
->state
= CTLX_COMPLETE
;
4124 unlocked_usbctlx_complete(hw
, ctlx
);
4130 * Throw this CTLX away ...
4132 WLAN_LOG_ERROR("Matched IN URB, CTLX[%d] in invalid state(%s)."
4134 hfa384x2host_16(ctlx
->outbuf
.type
),
4135 ctlxstr(ctlx
->state
));
4136 if (unlocked_usbctlx_cancel_async(hw
, ctlx
) == 0)
4143 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4146 hfa384x_usbctlxq_run(hw
);
4152 /*----------------------------------------------------------------
4153 * hfa384x_usbin_txcompl
4155 * At this point we have the results of a previous transmit.
4158 * wlandev wlan device
4159 * usbin ptr to the usb transfer buffer
4168 ----------------------------------------------------------------*/
4169 static void hfa384x_usbin_txcompl(wlandevice_t
*wlandev
, hfa384x_usbin_t
*usbin
)
4174 status
= hfa384x2host_16(usbin
->type
); /* yeah I know it says type...*/
4176 /* Was there an error? */
4177 if (HFA384x_TXSTATUS_ISERROR(status
)) {
4178 prism2sta_ev_txexc(wlandev
, status
);
4180 prism2sta_ev_tx(wlandev
, status
);
4182 // prism2sta_ev_alloc(wlandev);
4188 /*----------------------------------------------------------------
4191 * At this point we have a successful received a rx frame packet.
4194 * wlandev wlan device
4195 * usbin ptr to the usb transfer buffer
4204 ----------------------------------------------------------------*/
4205 static void hfa384x_usbin_rx(wlandevice_t
*wlandev
, struct sk_buff
*skb
)
4207 hfa384x_usbin_t
*usbin
= (hfa384x_usbin_t
*) skb
->data
;
4208 hfa384x_t
*hw
= wlandev
->priv
;
4210 p80211_rxmeta_t
*rxmeta
;
4216 /* Byte order convert once up front. */
4217 usbin
->rxfrm
.desc
.status
=
4218 hfa384x2host_16(usbin
->rxfrm
.desc
.status
);
4219 usbin
->rxfrm
.desc
.time
=
4220 hfa384x2host_32(usbin
->rxfrm
.desc
.time
);
4222 /* Now handle frame based on port# */
4223 switch( HFA384x_RXSTATUS_MACPORT_GET(usbin
->rxfrm
.desc
.status
) )
4226 fc
= ieee2host16(usbin
->rxfrm
.desc
.frame_control
);
4228 /* If exclude and we receive an unencrypted, drop it */
4229 if ( (wlandev
->hostwep
& HOSTWEP_EXCLUDEUNENCRYPTED
) &&
4230 !WLAN_GET_FC_ISWEP(fc
)){
4234 data_len
= hfa384x2host_16(usbin
->rxfrm
.desc
.data_len
);
4236 /* How much header data do we have? */
4237 hdrlen
= p80211_headerlen(fc
);
4239 /* Pull off the descriptor */
4240 skb_pull(skb
, sizeof(hfa384x_rx_frame_t
));
4242 /* Now shunt the header block up against the data block
4243 * with an "overlapping" copy
4245 memmove(skb_push(skb
, hdrlen
),
4246 &usbin
->rxfrm
.desc
.frame_control
,
4249 skb
->dev
= wlandev
->netdev
;
4250 skb
->dev
->last_rx
= jiffies
;
4252 /* And set the frame length properly */
4253 skb_trim(skb
, data_len
+ hdrlen
);
4255 /* The prism2 series does not return the CRC */
4256 memset(skb_put(skb
, WLAN_CRC_LEN
), 0xff, WLAN_CRC_LEN
);
4258 skb_reset_mac_header(skb
);
4260 /* Attach the rxmeta, set some stuff */
4261 p80211skb_rxmeta_attach(wlandev
, skb
);
4262 rxmeta
= P80211SKB_RXMETA(skb
);
4263 rxmeta
->mactime
= usbin
->rxfrm
.desc
.time
;
4264 rxmeta
->rxrate
= usbin
->rxfrm
.desc
.rate
;
4265 rxmeta
->signal
= usbin
->rxfrm
.desc
.signal
- hw
->dbmadjust
;
4266 rxmeta
->noise
= usbin
->rxfrm
.desc
.silence
- hw
->dbmadjust
;
4268 prism2sta_ev_rx(wlandev
, skb
);
4273 if ( ! HFA384x_RXSTATUS_ISFCSERR(usbin
->rxfrm
.desc
.status
) ) {
4274 /* Copy to wlansnif skb */
4275 hfa384x_int_rxmonitor( wlandev
, &usbin
->rxfrm
);
4278 WLAN_LOG_DEBUG(3,"Received monitor frame: FCSerr set\n");
4283 WLAN_LOG_WARNING("Received frame on unsupported port=%d\n",
4284 HFA384x_RXSTATUS_MACPORT_GET(usbin
->rxfrm
.desc
.status
) );
4294 /*----------------------------------------------------------------
4295 * hfa384x_int_rxmonitor
4297 * Helper function for int_rx. Handles monitor frames.
4298 * Note that this function allocates space for the FCS and sets it
4299 * to 0xffffffff. The hfa384x doesn't give us the FCS value but the
4300 * higher layers expect it. 0xffffffff is used as a flag to indicate
4304 * wlandev wlan device structure
4305 * rxfrm rx descriptor read from card in int_rx
4311 * Allocates an skb and passes it up via the PF_PACKET interface.
4314 ----------------------------------------------------------------*/
4315 static void hfa384x_int_rxmonitor( wlandevice_t
*wlandev
, hfa384x_usb_rxfrm_t
*rxfrm
)
4317 hfa384x_rx_frame_t
*rxdesc
= &(rxfrm
->desc
);
4321 p80211msg_lnxind_wlansniffrm_t
*msg
;
4324 struct sk_buff
*skb
;
4325 hfa384x_t
*hw
= wlandev
->priv
;
4329 /* Don't forget the status, time, and data_len fields are in host order */
4330 /* Figure out how big the frame is */
4331 fc
= ieee2host16(rxdesc
->frame_control
);
4332 hdrlen
= p80211_headerlen(fc
);
4333 datalen
= hfa384x2host_16(rxdesc
->data_len
);
4335 /* Allocate an ind message+framesize skb */
4336 skblen
= sizeof(p80211msg_lnxind_wlansniffrm_t
) +
4337 hdrlen
+ datalen
+ WLAN_CRC_LEN
;
4339 /* sanity check the length */
4341 (sizeof(p80211msg_lnxind_wlansniffrm_t
) +
4342 WLAN_HDR_A4_LEN
+ WLAN_DATA_MAXLEN
+ WLAN_CRC_LEN
) ) {
4343 WLAN_LOG_DEBUG(1, "overlen frm: len=%zd\n",
4344 skblen
- sizeof(p80211msg_lnxind_wlansniffrm_t
));
4347 if ( (skb
= dev_alloc_skb(skblen
)) == NULL
) {
4348 WLAN_LOG_ERROR("alloc_skb failed trying to allocate %d bytes\n", skblen
);
4352 /* only prepend the prism header if in the right mode */
4353 if ((wlandev
->netdev
->type
== ARPHRD_IEEE80211_PRISM
) &&
4354 (hw
->sniffhdr
== 0)) {
4355 datap
= skb_put(skb
, sizeof(p80211msg_lnxind_wlansniffrm_t
));
4356 msg
= (p80211msg_lnxind_wlansniffrm_t
*) datap
;
4358 /* Initialize the message members */
4359 msg
->msgcode
= DIDmsg_lnxind_wlansniffrm
;
4360 msg
->msglen
= sizeof(p80211msg_lnxind_wlansniffrm_t
);
4361 strcpy(msg
->devname
, wlandev
->name
);
4363 msg
->hosttime
.did
= DIDmsg_lnxind_wlansniffrm_hosttime
;
4364 msg
->hosttime
.status
= 0;
4365 msg
->hosttime
.len
= 4;
4366 msg
->hosttime
.data
= jiffies
;
4368 msg
->mactime
.did
= DIDmsg_lnxind_wlansniffrm_mactime
;
4369 msg
->mactime
.status
= 0;
4370 msg
->mactime
.len
= 4;
4371 msg
->mactime
.data
= rxdesc
->time
;
4373 msg
->channel
.did
= DIDmsg_lnxind_wlansniffrm_channel
;
4374 msg
->channel
.status
= 0;
4375 msg
->channel
.len
= 4;
4376 msg
->channel
.data
= hw
->sniff_channel
;
4378 msg
->rssi
.did
= DIDmsg_lnxind_wlansniffrm_rssi
;
4379 msg
->rssi
.status
= P80211ENUM_msgitem_status_no_value
;
4383 msg
->sq
.did
= DIDmsg_lnxind_wlansniffrm_sq
;
4384 msg
->sq
.status
= P80211ENUM_msgitem_status_no_value
;
4388 msg
->signal
.did
= DIDmsg_lnxind_wlansniffrm_signal
;
4389 msg
->signal
.status
= 0;
4390 msg
->signal
.len
= 4;
4391 msg
->signal
.data
= rxdesc
->signal
;
4393 msg
->noise
.did
= DIDmsg_lnxind_wlansniffrm_noise
;
4394 msg
->noise
.status
= 0;
4396 msg
->noise
.data
= rxdesc
->silence
;
4398 msg
->rate
.did
= DIDmsg_lnxind_wlansniffrm_rate
;
4399 msg
->rate
.status
= 0;
4401 msg
->rate
.data
= rxdesc
->rate
/ 5; /* set to 802.11 units */
4403 msg
->istx
.did
= DIDmsg_lnxind_wlansniffrm_istx
;
4404 msg
->istx
.status
= 0;
4406 msg
->istx
.data
= P80211ENUM_truth_false
;
4408 msg
->frmlen
.did
= DIDmsg_lnxind_wlansniffrm_frmlen
;
4409 msg
->frmlen
.status
= 0;
4410 msg
->frmlen
.len
= 4;
4411 msg
->frmlen
.data
= hdrlen
+ datalen
+ WLAN_CRC_LEN
;
4412 } else if ((wlandev
->netdev
->type
== ARPHRD_IEEE80211_PRISM
) &&
4413 (hw
->sniffhdr
!= 0)) {
4414 p80211_caphdr_t
*caphdr
;
4415 /* The NEW header format! */
4416 datap
= skb_put(skb
, sizeof(p80211_caphdr_t
));
4417 caphdr
= (p80211_caphdr_t
*) datap
;
4419 caphdr
->version
= htonl(P80211CAPTURE_VERSION
);
4420 caphdr
->length
= htonl(sizeof(p80211_caphdr_t
));
4421 caphdr
->mactime
= __cpu_to_be64(rxdesc
->time
) * 1000;
4422 caphdr
->hosttime
= __cpu_to_be64(jiffies
);
4423 caphdr
->phytype
= htonl(4); /* dss_dot11_b */
4424 caphdr
->channel
= htonl(hw
->sniff_channel
);
4425 caphdr
->datarate
= htonl(rxdesc
->rate
);
4426 caphdr
->antenna
= htonl(0); /* unknown */
4427 caphdr
->priority
= htonl(0); /* unknown */
4428 caphdr
->ssi_type
= htonl(3); /* rssi_raw */
4429 caphdr
->ssi_signal
= htonl(rxdesc
->signal
);
4430 caphdr
->ssi_noise
= htonl(rxdesc
->silence
);
4431 caphdr
->preamble
= htonl(0); /* unknown */
4432 caphdr
->encoding
= htonl(1); /* cck */
4435 /* Copy the 802.11 header to the skb (ctl frames may be less than a full header) */
4436 datap
= skb_put(skb
, hdrlen
);
4437 memcpy( datap
, &(rxdesc
->frame_control
), hdrlen
);
4439 /* If any, copy the data from the card to the skb */
4442 datap
= skb_put(skb
, datalen
);
4443 memcpy(datap
, rxfrm
->data
, datalen
);
4445 /* check for unencrypted stuff if WEP bit set. */
4446 if (*(datap
- hdrlen
+ 1) & 0x40) // wep set
4447 if ((*(datap
) == 0xaa) && (*(datap
+1) == 0xaa))
4448 *(datap
- hdrlen
+ 1) &= 0xbf; // clear wep; it's the 802.2 header!
4451 if (hw
->sniff_fcs
) {
4453 datap
= skb_put(skb
, WLAN_CRC_LEN
);
4454 memset( datap
, 0xff, WLAN_CRC_LEN
);
4457 /* pass it back up */
4458 prism2sta_ev_rx(wlandev
, skb
);
4466 /*----------------------------------------------------------------
4467 * hfa384x_usbin_info
4469 * At this point we have a successful received a Prism2 info frame.
4472 * wlandev wlan device
4473 * usbin ptr to the usb transfer buffer
4482 ----------------------------------------------------------------*/
4483 static void hfa384x_usbin_info(wlandevice_t
*wlandev
, hfa384x_usbin_t
*usbin
)
4487 usbin
->infofrm
.info
.framelen
= hfa384x2host_16(usbin
->infofrm
.info
.framelen
);
4488 prism2sta_ev_info(wlandev
, &usbin
->infofrm
.info
);
4495 /*----------------------------------------------------------------
4496 * hfa384x_usbout_callback
4498 * Callback for URBs on the BULKOUT endpoint.
4501 * urb ptr to the completed urb
4510 ----------------------------------------------------------------*/
4511 #ifdef URB_ONLY_CALLBACK
4512 static void hfa384x_usbout_callback(struct urb
*urb
)
4514 static void hfa384x_usbout_callback(struct urb
*urb
, struct pt_regs
*regs
)
4517 wlandevice_t
*wlandev
= urb
->context
;
4518 hfa384x_usbout_t
*usbout
= urb
->transfer_buffer
;
4528 switch(urb
->status
) {
4530 hfa384x_usbout_tx(wlandev
, usbout
);
4535 hfa384x_t
*hw
= wlandev
->priv
;
4536 WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
4537 wlandev
->netdev
->name
);
4538 if ( !test_and_set_bit(WORK_TX_HALT
, &hw
->usb_flags
) )
4539 schedule_work(&hw
->usb_work
);
4540 ++(wlandev
->linux_stats
.tx_errors
);
4548 hfa384x_t
*hw
= wlandev
->priv
;
4550 if ( !test_and_set_bit(THROTTLE_TX
, &hw
->usb_flags
)
4551 && !timer_pending(&hw
->throttle
) ) {
4552 mod_timer(&hw
->throttle
,
4553 jiffies
+ THROTTLE_JIFFIES
);
4555 ++(wlandev
->linux_stats
.tx_errors
);
4556 netif_stop_queue(wlandev
->netdev
);
4562 /* Ignorable errors */
4566 WLAN_LOG_INFO("unknown urb->status=%d\n", urb
->status
);
4567 ++(wlandev
->linux_stats
.tx_errors
);
4576 /*----------------------------------------------------------------
4577 * hfa384x_ctlxout_callback
4579 * Callback for control data on the BULKOUT endpoint.
4582 * urb ptr to the completed urb
4591 ----------------------------------------------------------------*/
4592 #ifdef URB_ONLY_CALLBACK
4593 static void hfa384x_ctlxout_callback(struct urb
*urb
)
4595 static void hfa384x_ctlxout_callback(struct urb
*urb
, struct pt_regs
*regs
)
4598 hfa384x_t
*hw
= urb
->context
;
4599 int delete_resptimer
= 0;
4602 hfa384x_usbctlx_t
*ctlx
;
4603 unsigned long flags
;
4607 WLAN_LOG_DEBUG(3,"urb->status=%d\n", urb
->status
);
4611 if ( (urb
->status
== -ESHUTDOWN
) ||
4612 (urb
->status
== -ENODEV
) ||
4617 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
4620 * Only one CTLX at a time on the "active" list, and
4621 * none at all if we are unplugged. However, we can
4622 * rely on the disconnect function to clean everything
4623 * up if someone unplugged the adapter.
4625 if ( list_empty(&hw
->ctlxq
.active
) ) {
4626 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4631 * Having something on the "active" queue means
4632 * that we have timers to worry about ...
4634 if (del_timer(&hw
->reqtimer
) == 0) {
4635 if (hw
->req_timer_done
== 0) {
4637 * This timer was actually running while we
4638 * were trying to delete it. Let it terminate
4639 * gracefully instead.
4641 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4646 hw
->req_timer_done
= 1;
4649 ctlx
= get_active_ctlx(hw
);
4651 if ( urb
->status
== 0 ) {
4652 /* Request portion of a CTLX is successful */
4653 switch ( ctlx
->state
) {
4654 case CTLX_REQ_SUBMITTED
:
4655 /* This OUT-ACK received before IN */
4656 ctlx
->state
= CTLX_REQ_COMPLETE
;
4659 case CTLX_RESP_COMPLETE
:
4660 /* IN already received before this OUT-ACK,
4661 * so this command must now be complete.
4663 ctlx
->state
= CTLX_COMPLETE
;
4664 unlocked_usbctlx_complete(hw
, ctlx
);
4669 /* This is NOT a valid CTLX "success" state! */
4671 "Illegal CTLX[%d] success state(%s, %d) in OUT URB\n",
4672 hfa384x2host_16(ctlx
->outbuf
.type
),
4673 ctlxstr(ctlx
->state
), urb
->status
);
4677 /* If the pipe has stalled then we need to reset it */
4678 if ( (urb
->status
== -EPIPE
) &&
4679 !test_and_set_bit(WORK_TX_HALT
, &hw
->usb_flags
) ) {
4680 WLAN_LOG_WARNING("%s tx pipe stalled: requesting reset\n",
4681 hw
->wlandev
->netdev
->name
);
4682 schedule_work(&hw
->usb_work
);
4685 /* If someone cancels the OUT URB then its status
4686 * should be either -ECONNRESET or -ENOENT.
4688 ctlx
->state
= CTLX_REQ_FAILED
;
4689 unlocked_usbctlx_complete(hw
, ctlx
);
4690 delete_resptimer
= 1;
4695 if (delete_resptimer
) {
4696 if ((timer_ok
= del_timer(&hw
->resptimer
)) != 0) {
4697 hw
->resp_timer_done
= 1;
4701 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4703 if ( !timer_ok
&& (hw
->resp_timer_done
== 0) ) {
4704 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
4709 hfa384x_usbctlxq_run(hw
);
4716 /*----------------------------------------------------------------
4717 * hfa384x_usbctlx_reqtimerfn
4719 * Timer response function for CTLX request timeouts. If this
4720 * function is called, it means that the callback for the OUT
4721 * URB containing a Prism2.x XXX_Request was never called.
4724 * data a ptr to the hfa384x_t
4733 ----------------------------------------------------------------*/
4735 hfa384x_usbctlx_reqtimerfn(unsigned long data
)
4737 hfa384x_t
*hw
= (hfa384x_t
*)data
;
4738 unsigned long flags
;
4741 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
4743 hw
->req_timer_done
= 1;
4745 /* Removing the hardware automatically empties
4746 * the active list ...
4748 if ( !list_empty(&hw
->ctlxq
.active
) )
4751 * We must ensure that our URB is removed from
4752 * the system, if it hasn't already expired.
4754 hw
->ctlx_urb
.transfer_flags
|= URB_ASYNC_UNLINK
;
4755 if (usb_unlink_urb(&hw
->ctlx_urb
) == -EINPROGRESS
)
4757 hfa384x_usbctlx_t
*ctlx
= get_active_ctlx(hw
);
4759 ctlx
->state
= CTLX_REQ_FAILED
;
4761 /* This URB was active, but has now been
4762 * cancelled. It will now have a status of
4763 * -ECONNRESET in the callback function.
4765 * We are cancelling this CTLX, so we're
4766 * not going to need to wait for a response.
4767 * The URB's callback function will check
4768 * that this timer is truly dead.
4770 if (del_timer(&hw
->resptimer
) != 0)
4771 hw
->resp_timer_done
= 1;
4775 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4781 /*----------------------------------------------------------------
4782 * hfa384x_usbctlx_resptimerfn
4784 * Timer response function for CTLX response timeouts. If this
4785 * function is called, it means that the callback for the IN
4786 * URB containing a Prism2.x XXX_Response was never called.
4789 * data a ptr to the hfa384x_t
4798 ----------------------------------------------------------------*/
4800 hfa384x_usbctlx_resptimerfn(unsigned long data
)
4802 hfa384x_t
*hw
= (hfa384x_t
*)data
;
4803 unsigned long flags
;
4807 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
4809 hw
->resp_timer_done
= 1;
4811 /* The active list will be empty if the
4812 * adapter has been unplugged ...
4814 if ( !list_empty(&hw
->ctlxq
.active
) )
4816 hfa384x_usbctlx_t
*ctlx
= get_active_ctlx(hw
);
4818 if ( unlocked_usbctlx_cancel_async(hw
, ctlx
) == 0 )
4820 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4821 hfa384x_usbctlxq_run(hw
);
4826 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4832 /*----------------------------------------------------------------
4833 * hfa384x_usb_throttlefn
4846 ----------------------------------------------------------------*/
4848 hfa384x_usb_throttlefn(unsigned long data
)
4850 hfa384x_t
*hw
= (hfa384x_t
*)data
;
4851 unsigned long flags
;
4855 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
4858 * We need to check BOTH the RX and the TX throttle controls,
4859 * so we use the bitwise OR instead of the logical OR.
4861 WLAN_LOG_DEBUG(3, "flags=0x%lx\n", hw
->usb_flags
);
4862 if ( !hw
->wlandev
->hwremoved
&&
4864 (test_and_clear_bit(THROTTLE_RX
, &hw
->usb_flags
) &&
4865 !test_and_set_bit(WORK_RX_RESUME
, &hw
->usb_flags
))
4867 (test_and_clear_bit(THROTTLE_TX
, &hw
->usb_flags
) &&
4868 !test_and_set_bit(WORK_TX_RESUME
, &hw
->usb_flags
))
4871 schedule_work(&hw
->usb_work
);
4874 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4880 /*----------------------------------------------------------------
4881 * hfa384x_usbctlx_submit
4883 * Called from the doxxx functions to submit a CTLX to the queue
4886 * hw ptr to the hw struct
4887 * ctlx ctlx structure to enqueue
4890 * -ENODEV if the adapter is unplugged
4896 * process or interrupt
4897 ----------------------------------------------------------------*/
4899 hfa384x_usbctlx_submit(
4901 hfa384x_usbctlx_t
*ctlx
)
4903 unsigned long flags
;
4908 spin_lock_irqsave(&hw
->ctlxq
.lock
, flags
);
4910 if (hw
->wlandev
->hwremoved
) {
4911 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4914 ctlx
->state
= CTLX_PENDING
;
4915 list_add_tail(&ctlx
->list
, &hw
->ctlxq
.pending
);
4917 spin_unlock_irqrestore(&hw
->ctlxq
.lock
, flags
);
4918 hfa384x_usbctlxq_run(hw
);
4927 /*----------------------------------------------------------------
4930 * At this point we have finished a send of a frame. Mark the URB
4931 * as available and call ev_alloc to notify higher layers we're
4935 * wlandev wlan device
4936 * usbout ptr to the usb transfer buffer
4945 ----------------------------------------------------------------*/
4946 static void hfa384x_usbout_tx(wlandevice_t
*wlandev
, hfa384x_usbout_t
*usbout
)
4950 prism2sta_ev_alloc(wlandev
);
4955 /*----------------------------------------------------------------
4956 * hfa384x_isgood_pdrcore
4958 * Quick check of PDR codes.
4961 * pdrcode PDR code number (host order)
4970 ----------------------------------------------------------------*/
4972 hfa384x_isgood_pdrcode(UINT16 pdrcode
)
4975 case HFA384x_PDR_END_OF_PDA
:
4976 case HFA384x_PDR_PCB_PARTNUM
:
4977 case HFA384x_PDR_PDAVER
:
4978 case HFA384x_PDR_NIC_SERIAL
:
4979 case HFA384x_PDR_MKK_MEASUREMENTS
:
4980 case HFA384x_PDR_NIC_RAMSIZE
:
4981 case HFA384x_PDR_MFISUPRANGE
:
4982 case HFA384x_PDR_CFISUPRANGE
:
4983 case HFA384x_PDR_NICID
:
4984 case HFA384x_PDR_MAC_ADDRESS
:
4985 case HFA384x_PDR_REGDOMAIN
:
4986 case HFA384x_PDR_ALLOWED_CHANNEL
:
4987 case HFA384x_PDR_DEFAULT_CHANNEL
:
4988 case HFA384x_PDR_TEMPTYPE
:
4989 case HFA384x_PDR_IFR_SETTING
:
4990 case HFA384x_PDR_RFR_SETTING
:
4991 case HFA384x_PDR_HFA3861_BASELINE
:
4992 case HFA384x_PDR_HFA3861_SHADOW
:
4993 case HFA384x_PDR_HFA3861_IFRF
:
4994 case HFA384x_PDR_HFA3861_CHCALSP
:
4995 case HFA384x_PDR_HFA3861_CHCALI
:
4996 case HFA384x_PDR_3842_NIC_CONFIG
:
4997 case HFA384x_PDR_USB_ID
:
4998 case HFA384x_PDR_PCI_ID
:
4999 case HFA384x_PDR_PCI_IFCONF
:
5000 case HFA384x_PDR_PCI_PMCONF
:
5001 case HFA384x_PDR_RFENRGY
:
5002 case HFA384x_PDR_HFA3861_MANF_TESTSP
:
5003 case HFA384x_PDR_HFA3861_MANF_TESTI
:
5008 if ( pdrcode
< 0x1000 ) {
5009 /* code is OK, but we don't know exactly what it is */
5011 "Encountered unknown PDR#=0x%04x, "
5012 "assuming it's ok.\n",
5018 "Encountered unknown PDR#=0x%04x, "
5019 "(>=0x1000), assuming it's bad.\n",
5025 return 0; /* avoid compiler warnings */