1 /*
2 * Common code for mac80211 Prism54 drivers
3 *
4 * Copyright (c) 2006, Michael Wu <flamingice@sourmilk.net>
5 * Copyright (c) 2007-2009, Christian Lamparter <chunkeey@web.de>
6 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
7 *
8 * Based on:
9 * - the islsm (softmac prism54) driver, which is:
10 * Copyright 2004-2006 Jean-Baptiste Note <jbnote@gmail.com>, et al.
11 * - stlc45xx driver
12 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies).
13 *
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License version 2 as
16 * published by the Free Software Foundation.
17 */
18
19 #include <linux/export.h>
20 #include <linux/init.h>
21 #include <linux/firmware.h>
22 #include <linux/etherdevice.h>
23 #include <asm/div64.h>
24
25 #include <net/mac80211.h>
26
27 #include "p54.h"
28 #include "lmac.h"
29
30 #ifdef P54_MM_DEBUG
p54_dump_tx_queue(struct p54_common * priv)31 static void p54_dump_tx_queue(struct p54_common *priv)
32 {
33 unsigned long flags;
34 struct ieee80211_tx_info *info;
35 struct p54_tx_info *range;
36 struct sk_buff *skb;
37 struct p54_hdr *hdr;
38 unsigned int i = 0;
39 u32 prev_addr;
40 u32 largest_hole = 0, free;
41
42 spin_lock_irqsave(&priv->tx_queue.lock, flags);
43 wiphy_debug(priv->hw->wiphy, "/ --- tx queue dump (%d entries) ---\n",
44 skb_queue_len(&priv->tx_queue));
45
46 prev_addr = priv->rx_start;
47 skb_queue_walk(&priv->tx_queue, skb) {
48 info = IEEE80211_SKB_CB(skb);
49 range = (void *) info->rate_driver_data;
50 hdr = (void *) skb->data;
51
52 free = range->start_addr - prev_addr;
53 wiphy_debug(priv->hw->wiphy,
54 "| [%02d] => [skb:%p skb_len:0x%04x "
55 "hdr:{flags:%02x len:%04x req_id:%04x type:%02x} "
56 "mem:{start:%04x end:%04x, free:%d}]\n",
57 i++, skb, skb->len,
58 le16_to_cpu(hdr->flags), le16_to_cpu(hdr->len),
59 le32_to_cpu(hdr->req_id), le16_to_cpu(hdr->type),
60 range->start_addr, range->end_addr, free);
61
62 prev_addr = range->end_addr;
63 largest_hole = max(largest_hole, free);
64 }
65 free = priv->rx_end - prev_addr;
66 largest_hole = max(largest_hole, free);
67 wiphy_debug(priv->hw->wiphy,
68 "\\ --- [free: %d], largest free block: %d ---\n",
69 free, largest_hole);
70 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
71 }
72 #endif /* P54_MM_DEBUG */
73
74 /*
75 * So, the firmware is somewhat stupid and doesn't know what places in its
76 * memory incoming data should go to. By poking around in the firmware, we
77 * can find some unused memory to upload our packets to. However, data that we
78 * want the card to TX needs to stay intact until the card has told us that
79 * it is done with it. This function finds empty places we can upload to and
80 * marks allocated areas as reserved if necessary. p54_find_and_unlink_skb or
81 * p54_free_skb frees allocated areas.
82 */
p54_assign_address(struct p54_common * priv,struct sk_buff * skb)83 static int p54_assign_address(struct p54_common *priv, struct sk_buff *skb)
84 {
85 struct sk_buff *entry, *target_skb = NULL;
86 struct ieee80211_tx_info *info;
87 struct p54_tx_info *range;
88 struct p54_hdr *data = (void *) skb->data;
89 unsigned long flags;
90 u32 last_addr = priv->rx_start;
91 u32 target_addr = priv->rx_start;
92 u16 len = priv->headroom + skb->len + priv->tailroom + 3;
93
94 info = IEEE80211_SKB_CB(skb);
95 range = (void *) info->rate_driver_data;
96 len = (range->extra_len + len) & ~0x3;
97
98 spin_lock_irqsave(&priv->tx_queue.lock, flags);
99 if (unlikely(skb_queue_len(&priv->tx_queue) == 32)) {
100 /*
101 * The tx_queue is now really full.
102 *
103 * TODO: check if the device has crashed and reset it.
104 */
105 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
106 return -EBUSY;
107 }
108
109 skb_queue_walk(&priv->tx_queue, entry) {
110 u32 hole_size;
111 info = IEEE80211_SKB_CB(entry);
112 range = (void *) info->rate_driver_data;
113 hole_size = range->start_addr - last_addr;
114
115 if (!target_skb && hole_size >= len) {
116 target_skb = entry->prev;
117 hole_size -= len;
118 target_addr = last_addr;
119 break;
120 }
121 last_addr = range->end_addr;
122 }
123 if (unlikely(!target_skb)) {
124 if (priv->rx_end - last_addr >= len) {
125 target_skb = priv->tx_queue.prev;
126 if (!skb_queue_empty(&priv->tx_queue)) {
127 info = IEEE80211_SKB_CB(target_skb);
128 range = (void *)info->rate_driver_data;
129 target_addr = range->end_addr;
130 }
131 } else {
132 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
133 return -ENOSPC;
134 }
135 }
136
137 info = IEEE80211_SKB_CB(skb);
138 range = (void *) info->rate_driver_data;
139 range->start_addr = target_addr;
140 range->end_addr = target_addr + len;
141 data->req_id = cpu_to_le32(target_addr + priv->headroom);
142 if (IS_DATA_FRAME(skb) &&
143 unlikely(GET_HW_QUEUE(skb) == P54_QUEUE_BEACON))
144 priv->beacon_req_id = data->req_id;
145
146 __skb_queue_after(&priv->tx_queue, target_skb, skb);
147 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
148 return 0;
149 }
150
p54_tx_pending(struct p54_common * priv)151 static void p54_tx_pending(struct p54_common *priv)
152 {
153 struct sk_buff *skb;
154 int ret;
155
156 skb = skb_dequeue(&priv->tx_pending);
157 if (unlikely(!skb))
158 return ;
159
160 ret = p54_assign_address(priv, skb);
161 if (unlikely(ret))
162 skb_queue_head(&priv->tx_pending, skb);
163 else
164 priv->tx(priv->hw, skb);
165 }
166
p54_wake_queues(struct p54_common * priv)167 static void p54_wake_queues(struct p54_common *priv)
168 {
169 unsigned long flags;
170 unsigned int i;
171
172 if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
173 return ;
174
175 p54_tx_pending(priv);
176
177 spin_lock_irqsave(&priv->tx_stats_lock, flags);
178 for (i = 0; i < priv->hw->queues; i++) {
179 if (priv->tx_stats[i + P54_QUEUE_DATA].len <
180 priv->tx_stats[i + P54_QUEUE_DATA].limit)
181 ieee80211_wake_queue(priv->hw, i);
182 }
183 spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
184 }
185
p54_tx_qos_accounting_alloc(struct p54_common * priv,struct sk_buff * skb,const u16 p54_queue)186 static int p54_tx_qos_accounting_alloc(struct p54_common *priv,
187 struct sk_buff *skb,
188 const u16 p54_queue)
189 {
190 struct p54_tx_queue_stats *queue;
191 unsigned long flags;
192
193 if (WARN_ON(p54_queue >= P54_QUEUE_NUM))
194 return -EINVAL;
195
196 queue = &priv->tx_stats[p54_queue];
197
198 spin_lock_irqsave(&priv->tx_stats_lock, flags);
199 if (unlikely(queue->len >= queue->limit && IS_QOS_QUEUE(p54_queue))) {
200 spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
201 return -ENOSPC;
202 }
203
204 queue->len++;
205 queue->count++;
206
207 if (unlikely(queue->len == queue->limit && IS_QOS_QUEUE(p54_queue))) {
208 u16 ac_queue = p54_queue - P54_QUEUE_DATA;
209 ieee80211_stop_queue(priv->hw, ac_queue);
210 }
211
212 spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
213 return 0;
214 }
215
p54_tx_qos_accounting_free(struct p54_common * priv,struct sk_buff * skb)216 static void p54_tx_qos_accounting_free(struct p54_common *priv,
217 struct sk_buff *skb)
218 {
219 if (IS_DATA_FRAME(skb)) {
220 unsigned long flags;
221
222 spin_lock_irqsave(&priv->tx_stats_lock, flags);
223 priv->tx_stats[GET_HW_QUEUE(skb)].len--;
224 spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
225
226 if (unlikely(GET_HW_QUEUE(skb) == P54_QUEUE_BEACON)) {
227 if (priv->beacon_req_id == GET_REQ_ID(skb)) {
228 /* this is the active beacon set anymore */
229 priv->beacon_req_id = 0;
230 }
231 complete(&priv->beacon_comp);
232 }
233 }
234 p54_wake_queues(priv);
235 }
236
p54_free_skb(struct ieee80211_hw * dev,struct sk_buff * skb)237 void p54_free_skb(struct ieee80211_hw *dev, struct sk_buff *skb)
238 {
239 struct p54_common *priv = dev->priv;
240 if (unlikely(!skb))
241 return ;
242
243 skb_unlink(skb, &priv->tx_queue);
244 p54_tx_qos_accounting_free(priv, skb);
245 ieee80211_free_txskb(dev, skb);
246 }
247 EXPORT_SYMBOL_GPL(p54_free_skb);
248
p54_find_and_unlink_skb(struct p54_common * priv,const __le32 req_id)249 static struct sk_buff *p54_find_and_unlink_skb(struct p54_common *priv,
250 const __le32 req_id)
251 {
252 struct sk_buff *entry;
253 unsigned long flags;
254
255 spin_lock_irqsave(&priv->tx_queue.lock, flags);
256 skb_queue_walk(&priv->tx_queue, entry) {
257 struct p54_hdr *hdr = (struct p54_hdr *) entry->data;
258
259 if (hdr->req_id == req_id) {
260 __skb_unlink(entry, &priv->tx_queue);
261 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
262 p54_tx_qos_accounting_free(priv, entry);
263 return entry;
264 }
265 }
266 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
267 return NULL;
268 }
269
p54_tx(struct p54_common * priv,struct sk_buff * skb)270 void p54_tx(struct p54_common *priv, struct sk_buff *skb)
271 {
272 skb_queue_tail(&priv->tx_pending, skb);
273 p54_tx_pending(priv);
274 }
275
p54_rssi_to_dbm(struct p54_common * priv,int rssi)276 static int p54_rssi_to_dbm(struct p54_common *priv, int rssi)
277 {
278 if (priv->rxhw != 5) {
279 return ((rssi * priv->cur_rssi->mul) / 64 +
280 priv->cur_rssi->add) / 4;
281 } else {
282 /*
283 * TODO: find the correct formula
284 */
285 return rssi / 2 - 110;
286 }
287 }
288
289 /*
290 * Even if the firmware is capable of dealing with incoming traffic,
291 * while dozing, we have to prepared in case mac80211 uses PS-POLL
292 * to retrieve outstanding frames from our AP.
293 * (see comment in net/mac80211/mlme.c @ line 1993)
294 */
p54_pspoll_workaround(struct p54_common * priv,struct sk_buff * skb)295 static void p54_pspoll_workaround(struct p54_common *priv, struct sk_buff *skb)
296 {
297 struct ieee80211_hdr *hdr = (void *) skb->data;
298 struct ieee80211_tim_ie *tim_ie;
299 u8 *tim;
300 u8 tim_len;
301 bool new_psm;
302
303 /* only beacons have a TIM IE */
304 if (!ieee80211_is_beacon(hdr->frame_control))
305 return;
306
307 if (!priv->aid)
308 return;
309
310 /* only consider beacons from the associated BSSID */
311 if (compare_ether_addr(hdr->addr3, priv->bssid))
312 return;
313
314 tim = p54_find_ie(skb, WLAN_EID_TIM);
315 if (!tim)
316 return;
317
318 tim_len = tim[1];
319 tim_ie = (struct ieee80211_tim_ie *) &tim[2];
320
321 new_psm = ieee80211_check_tim(tim_ie, tim_len, priv->aid);
322 if (new_psm != priv->powersave_override) {
323 priv->powersave_override = new_psm;
324 p54_set_ps(priv);
325 }
326 }
327
p54_rx_data(struct p54_common * priv,struct sk_buff * skb)328 static int p54_rx_data(struct p54_common *priv, struct sk_buff *skb)
329 {
330 struct p54_rx_data *hdr = (struct p54_rx_data *) skb->data;
331 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
332 u16 freq = le16_to_cpu(hdr->freq);
333 size_t header_len = sizeof(*hdr);
334 u32 tsf32;
335 u8 rate = hdr->rate & 0xf;
336
337 /*
338 * If the device is in a unspecified state we have to
339 * ignore all data frames. Else we could end up with a
340 * nasty crash.
341 */
342 if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
343 return 0;
344
345 if (!(hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_IN_FCS_GOOD)))
346 return 0;
347
348 if (hdr->decrypt_status == P54_DECRYPT_OK)
349 rx_status->flag |= RX_FLAG_DECRYPTED;
350 if ((hdr->decrypt_status == P54_DECRYPT_FAIL_MICHAEL) ||
351 (hdr->decrypt_status == P54_DECRYPT_FAIL_TKIP))
352 rx_status->flag |= RX_FLAG_MMIC_ERROR;
353
354 rx_status->signal = p54_rssi_to_dbm(priv, hdr->rssi);
355 if (hdr->rate & 0x10)
356 rx_status->flag |= RX_FLAG_SHORTPRE;
357 if (priv->hw->conf.channel->band == IEEE80211_BAND_5GHZ)
358 rx_status->rate_idx = (rate < 4) ? 0 : rate - 4;
359 else
360 rx_status->rate_idx = rate;
361
362 rx_status->freq = freq;
363 rx_status->band = priv->hw->conf.channel->band;
364 rx_status->antenna = hdr->antenna;
365
366 tsf32 = le32_to_cpu(hdr->tsf32);
367 if (tsf32 < priv->tsf_low32)
368 priv->tsf_high32++;
369 rx_status->mactime = ((u64)priv->tsf_high32) << 32 | tsf32;
370 priv->tsf_low32 = tsf32;
371
372 rx_status->flag |= RX_FLAG_MACTIME_MPDU;
373
374 if (hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_ALIGN))
375 header_len += hdr->align[0];
376
377 skb_pull(skb, header_len);
378 skb_trim(skb, le16_to_cpu(hdr->len));
379 if (unlikely(priv->hw->conf.flags & IEEE80211_CONF_PS))
380 p54_pspoll_workaround(priv, skb);
381
382 ieee80211_rx_irqsafe(priv->hw, skb);
383
384 ieee80211_queue_delayed_work(priv->hw, &priv->work,
385 msecs_to_jiffies(P54_STATISTICS_UPDATE));
386
387 return -1;
388 }
389
p54_rx_frame_sent(struct p54_common * priv,struct sk_buff * skb)390 static void p54_rx_frame_sent(struct p54_common *priv, struct sk_buff *skb)
391 {
392 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
393 struct p54_frame_sent *payload = (struct p54_frame_sent *) hdr->data;
394 struct ieee80211_tx_info *info;
395 struct p54_hdr *entry_hdr;
396 struct p54_tx_data *entry_data;
397 struct sk_buff *entry;
398 unsigned int pad = 0, frame_len;
399 int count, idx;
400
401 entry = p54_find_and_unlink_skb(priv, hdr->req_id);
402 if (unlikely(!entry))
403 return ;
404
405 frame_len = entry->len;
406 info = IEEE80211_SKB_CB(entry);
407 entry_hdr = (struct p54_hdr *) entry->data;
408 entry_data = (struct p54_tx_data *) entry_hdr->data;
409 priv->stats.dot11ACKFailureCount += payload->tries - 1;
410
411 /*
412 * Frames in P54_QUEUE_FWSCAN and P54_QUEUE_BEACON are
413 * generated by the driver. Therefore tx_status is bogus
414 * and we don't want to confuse the mac80211 stack.
415 */
416 if (unlikely(entry_data->hw_queue < P54_QUEUE_FWSCAN)) {
417 dev_kfree_skb_any(entry);
418 return ;
419 }
420
421 /*
422 * Clear manually, ieee80211_tx_info_clear_status would
423 * clear the counts too and we need them.
424 */
425 memset(&info->status.ampdu_ack_len, 0,
426 sizeof(struct ieee80211_tx_info) -
427 offsetof(struct ieee80211_tx_info, status.ampdu_ack_len));
428 BUILD_BUG_ON(offsetof(struct ieee80211_tx_info,
429 status.ampdu_ack_len) != 23);
430
431 if (entry_hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_ALIGN))
432 pad = entry_data->align[0];
433
434 /* walk through the rates array and adjust the counts */
435 count = payload->tries;
436 for (idx = 0; idx < 4; idx++) {
437 if (count >= info->status.rates[idx].count) {
438 count -= info->status.rates[idx].count;
439 } else if (count > 0) {
440 info->status.rates[idx].count = count;
441 count = 0;
442 } else {
443 info->status.rates[idx].idx = -1;
444 info->status.rates[idx].count = 0;
445 }
446 }
447
448 if (!(info->flags & IEEE80211_TX_CTL_NO_ACK) &&
449 !(payload->status & P54_TX_FAILED))
450 info->flags |= IEEE80211_TX_STAT_ACK;
451 if (payload->status & P54_TX_PSM_CANCELLED)
452 info->flags |= IEEE80211_TX_STAT_TX_FILTERED;
453 info->status.ack_signal = p54_rssi_to_dbm(priv,
454 (int)payload->ack_rssi);
455
456 /* Undo all changes to the frame. */
457 switch (entry_data->key_type) {
458 case P54_CRYPTO_TKIPMICHAEL: {
459 u8 *iv = (u8 *)(entry_data->align + pad +
460 entry_data->crypt_offset);
461
462 /* Restore the original TKIP IV. */
463 iv[2] = iv[0];
464 iv[0] = iv[1];
465 iv[1] = (iv[0] | 0x20) & 0x7f; /* WEPSeed - 8.3.2.2 */
466
467 frame_len -= 12; /* remove TKIP_MMIC + TKIP_ICV */
468 break;
469 }
470 case P54_CRYPTO_AESCCMP:
471 frame_len -= 8; /* remove CCMP_MIC */
472 break;
473 case P54_CRYPTO_WEP:
474 frame_len -= 4; /* remove WEP_ICV */
475 break;
476 }
477
478 skb_trim(entry, frame_len);
479 skb_pull(entry, sizeof(*hdr) + pad + sizeof(*entry_data));
480 ieee80211_tx_status_irqsafe(priv->hw, entry);
481 }
482
p54_rx_eeprom_readback(struct p54_common * priv,struct sk_buff * skb)483 static void p54_rx_eeprom_readback(struct p54_common *priv,
484 struct sk_buff *skb)
485 {
486 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
487 struct p54_eeprom_lm86 *eeprom = (struct p54_eeprom_lm86 *) hdr->data;
488 struct sk_buff *tmp;
489
490 if (!priv->eeprom)
491 return ;
492
493 if (priv->fw_var >= 0x509) {
494 memcpy(priv->eeprom, eeprom->v2.data,
495 le16_to_cpu(eeprom->v2.len));
496 } else {
497 memcpy(priv->eeprom, eeprom->v1.data,
498 le16_to_cpu(eeprom->v1.len));
499 }
500
501 priv->eeprom = NULL;
502 tmp = p54_find_and_unlink_skb(priv, hdr->req_id);
503 dev_kfree_skb_any(tmp);
504 complete(&priv->eeprom_comp);
505 }
506
p54_rx_stats(struct p54_common * priv,struct sk_buff * skb)507 static void p54_rx_stats(struct p54_common *priv, struct sk_buff *skb)
508 {
509 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
510 struct p54_statistics *stats = (struct p54_statistics *) hdr->data;
511 struct sk_buff *tmp;
512 struct ieee80211_channel *chan;
513 unsigned int i, rssi, tx, cca, dtime, dtotal, dcca, dtx, drssi, unit;
514 u32 tsf32;
515
516 if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
517 return ;
518
519 tsf32 = le32_to_cpu(stats->tsf32);
520 if (tsf32 < priv->tsf_low32)
521 priv->tsf_high32++;
522 priv->tsf_low32 = tsf32;
523
524 priv->stats.dot11RTSFailureCount = le32_to_cpu(stats->rts_fail);
525 priv->stats.dot11RTSSuccessCount = le32_to_cpu(stats->rts_success);
526 priv->stats.dot11FCSErrorCount = le32_to_cpu(stats->rx_bad_fcs);
527
528 priv->noise = p54_rssi_to_dbm(priv, le32_to_cpu(stats->noise));
529
530 /*
531 * STSW450X LMAC API page 26 - 3.8 Statistics
532 * "The exact measurement period can be derived from the
533 * timestamp member".
534 */
535 dtime = tsf32 - priv->survey_raw.timestamp;
536
537 /*
538 * STSW450X LMAC API page 26 - 3.8.1 Noise histogram
539 * The LMAC samples RSSI, CCA and transmit state at regular
540 * periods (typically 8 times per 1k [as in 1024] usec).
541 */
542 cca = le32_to_cpu(stats->sample_cca);
543 tx = le32_to_cpu(stats->sample_tx);
544 rssi = 0;
545 for (i = 0; i < ARRAY_SIZE(stats->sample_noise); i++)
546 rssi += le32_to_cpu(stats->sample_noise[i]);
547
548 dcca = cca - priv->survey_raw.cached_cca;
549 drssi = rssi - priv->survey_raw.cached_rssi;
550 dtx = tx - priv->survey_raw.cached_tx;
551 dtotal = dcca + drssi + dtx;
552
553 /*
554 * update statistics when more than a second is over since the
555 * last call, or when a update is badly needed.
556 */
557 if (dtotal && (priv->update_stats || dtime >= USEC_PER_SEC) &&
558 dtime >= dtotal) {
559 priv->survey_raw.timestamp = tsf32;
560 priv->update_stats = false;
561 unit = dtime / dtotal;
562
563 if (dcca) {
564 priv->survey_raw.cca += dcca * unit;
565 priv->survey_raw.cached_cca = cca;
566 }
567 if (dtx) {
568 priv->survey_raw.tx += dtx * unit;
569 priv->survey_raw.cached_tx = tx;
570 }
571 if (drssi) {
572 priv->survey_raw.rssi += drssi * unit;
573 priv->survey_raw.cached_rssi = rssi;
574 }
575
576 /* 1024 usec / 8 times = 128 usec / time */
577 if (!(priv->phy_ps || priv->phy_idle))
578 priv->survey_raw.active += dtotal * unit;
579 else
580 priv->survey_raw.active += (dcca + dtx) * unit;
581 }
582
583 chan = priv->curchan;
584 if (chan) {
585 struct survey_info *survey = &priv->survey[chan->hw_value];
586 survey->noise = clamp(priv->noise, -128, 127);
587 survey->channel_time = priv->survey_raw.active;
588 survey->channel_time_tx = priv->survey_raw.tx;
589 survey->channel_time_busy = priv->survey_raw.tx +
590 priv->survey_raw.cca;
591 do_div(survey->channel_time, 1024);
592 do_div(survey->channel_time_tx, 1024);
593 do_div(survey->channel_time_busy, 1024);
594 }
595
596 tmp = p54_find_and_unlink_skb(priv, hdr->req_id);
597 dev_kfree_skb_any(tmp);
598 complete(&priv->stat_comp);
599 }
600
p54_rx_trap(struct p54_common * priv,struct sk_buff * skb)601 static void p54_rx_trap(struct p54_common *priv, struct sk_buff *skb)
602 {
603 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
604 struct p54_trap *trap = (struct p54_trap *) hdr->data;
605 u16 event = le16_to_cpu(trap->event);
606 u16 freq = le16_to_cpu(trap->frequency);
607
608 switch (event) {
609 case P54_TRAP_BEACON_TX:
610 break;
611 case P54_TRAP_RADAR:
612 wiphy_info(priv->hw->wiphy, "radar (freq:%d MHz)\n", freq);
613 break;
614 case P54_TRAP_NO_BEACON:
615 if (priv->vif)
616 ieee80211_beacon_loss(priv->vif);
617 break;
618 case P54_TRAP_SCAN:
619 break;
620 case P54_TRAP_TBTT:
621 break;
622 case P54_TRAP_TIMER:
623 break;
624 case P54_TRAP_FAA_RADIO_OFF:
625 wiphy_rfkill_set_hw_state(priv->hw->wiphy, true);
626 break;
627 case P54_TRAP_FAA_RADIO_ON:
628 wiphy_rfkill_set_hw_state(priv->hw->wiphy, false);
629 break;
630 default:
631 wiphy_info(priv->hw->wiphy, "received event:%x freq:%d\n",
632 event, freq);
633 break;
634 }
635 }
636
p54_rx_control(struct p54_common * priv,struct sk_buff * skb)637 static int p54_rx_control(struct p54_common *priv, struct sk_buff *skb)
638 {
639 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
640
641 switch (le16_to_cpu(hdr->type)) {
642 case P54_CONTROL_TYPE_TXDONE:
643 p54_rx_frame_sent(priv, skb);
644 break;
645 case P54_CONTROL_TYPE_TRAP:
646 p54_rx_trap(priv, skb);
647 break;
648 case P54_CONTROL_TYPE_BBP:
649 break;
650 case P54_CONTROL_TYPE_STAT_READBACK:
651 p54_rx_stats(priv, skb);
652 break;
653 case P54_CONTROL_TYPE_EEPROM_READBACK:
654 p54_rx_eeprom_readback(priv, skb);
655 break;
656 default:
657 wiphy_debug(priv->hw->wiphy,
658 "not handling 0x%02x type control frame\n",
659 le16_to_cpu(hdr->type));
660 break;
661 }
662 return 0;
663 }
664
665 /* returns zero if skb can be reused */
p54_rx(struct ieee80211_hw * dev,struct sk_buff * skb)666 int p54_rx(struct ieee80211_hw *dev, struct sk_buff *skb)
667 {
668 struct p54_common *priv = dev->priv;
669 u16 type = le16_to_cpu(*((__le16 *)skb->data));
670
671 if (type & P54_HDR_FLAG_CONTROL)
672 return p54_rx_control(priv, skb);
673 else
674 return p54_rx_data(priv, skb);
675 }
676 EXPORT_SYMBOL_GPL(p54_rx);
677
p54_tx_80211_header(struct p54_common * priv,struct sk_buff * skb,struct ieee80211_tx_info * info,u8 * queue,u32 * extra_len,u16 * flags,u16 * aid,bool * burst_possible)678 static void p54_tx_80211_header(struct p54_common *priv, struct sk_buff *skb,
679 struct ieee80211_tx_info *info, u8 *queue,
680 u32 *extra_len, u16 *flags, u16 *aid,
681 bool *burst_possible)
682 {
683 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
684
685 if (ieee80211_is_data_qos(hdr->frame_control))
686 *burst_possible = true;
687 else
688 *burst_possible = false;
689
690 if (!(info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ))
691 *flags |= P54_HDR_FLAG_DATA_OUT_SEQNR;
692
693 if (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER)
694 *flags |= P54_HDR_FLAG_DATA_OUT_NOCANCEL;
695
696 if (info->flags & IEEE80211_TX_CTL_CLEAR_PS_FILT)
697 *flags |= P54_HDR_FLAG_DATA_OUT_NOCANCEL;
698
699 *queue = skb_get_queue_mapping(skb) + P54_QUEUE_DATA;
700
701 switch (priv->mode) {
702 case NL80211_IFTYPE_MONITOR:
703 /*
704 * We have to set P54_HDR_FLAG_DATA_OUT_PROMISC for
705 * every frame in promiscuous/monitor mode.
706 * see STSW45x0C LMAC API - page 12.
707 */
708 *aid = 0;
709 *flags |= P54_HDR_FLAG_DATA_OUT_PROMISC;
710 break;
711 case NL80211_IFTYPE_STATION:
712 *aid = 1;
713 break;
714 case NL80211_IFTYPE_AP:
715 case NL80211_IFTYPE_ADHOC:
716 case NL80211_IFTYPE_MESH_POINT:
717 if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) {
718 *aid = 0;
719 *queue = P54_QUEUE_CAB;
720 return;
721 }
722
723 if (unlikely(ieee80211_is_mgmt(hdr->frame_control))) {
724 if (ieee80211_is_probe_resp(hdr->frame_control)) {
725 *aid = 0;
726 *flags |= P54_HDR_FLAG_DATA_OUT_TIMESTAMP |
727 P54_HDR_FLAG_DATA_OUT_NOCANCEL;
728 return;
729 } else if (ieee80211_is_beacon(hdr->frame_control)) {
730 *aid = 0;
731
732 if (info->flags & IEEE80211_TX_CTL_INJECTED) {
733 /*
734 * Injecting beacons on top of a AP is
735 * not a good idea... nevertheless,
736 * it should be doable.
737 */
738
739 return;
740 }
741
742 *flags |= P54_HDR_FLAG_DATA_OUT_TIMESTAMP;
743 *queue = P54_QUEUE_BEACON;
744 *extra_len = IEEE80211_MAX_TIM_LEN;
745 return;
746 }
747 }
748
749 if (info->control.sta)
750 *aid = info->control.sta->aid;
751 break;
752 }
753 }
754
p54_convert_algo(u32 cipher)755 static u8 p54_convert_algo(u32 cipher)
756 {
757 switch (cipher) {
758 case WLAN_CIPHER_SUITE_WEP40:
759 case WLAN_CIPHER_SUITE_WEP104:
760 return P54_CRYPTO_WEP;
761 case WLAN_CIPHER_SUITE_TKIP:
762 return P54_CRYPTO_TKIPMICHAEL;
763 case WLAN_CIPHER_SUITE_CCMP:
764 return P54_CRYPTO_AESCCMP;
765 default:
766 return 0;
767 }
768 }
769
p54_tx_80211(struct ieee80211_hw * dev,struct sk_buff * skb)770 void p54_tx_80211(struct ieee80211_hw *dev, struct sk_buff *skb)
771 {
772 struct p54_common *priv = dev->priv;
773 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
774 struct p54_tx_info *p54info;
775 struct p54_hdr *hdr;
776 struct p54_tx_data *txhdr;
777 unsigned int padding, len, extra_len = 0;
778 int i, j, ridx;
779 u16 hdr_flags = 0, aid = 0;
780 u8 rate, queue = 0, crypt_offset = 0;
781 u8 cts_rate = 0x20;
782 u8 rc_flags;
783 u8 calculated_tries[4];
784 u8 nrates = 0, nremaining = 8;
785 bool burst_allowed = false;
786
787 p54_tx_80211_header(priv, skb, info, &queue, &extra_len,
788 &hdr_flags, &aid, &burst_allowed);
789
790 if (p54_tx_qos_accounting_alloc(priv, skb, queue)) {
791 ieee80211_free_txskb(dev, skb);
792 return;
793 }
794
795 padding = (unsigned long)(skb->data - (sizeof(*hdr) + sizeof(*txhdr))) & 3;
796 len = skb->len;
797
798 if (info->control.hw_key) {
799 crypt_offset = ieee80211_get_hdrlen_from_skb(skb);
800 if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
801 u8 *iv = (u8 *)(skb->data + crypt_offset);
802 /*
803 * The firmware excepts that the IV has to have
804 * this special format
805 */
806 iv[1] = iv[0];
807 iv[0] = iv[2];
808 iv[2] = 0;
809 }
810 }
811
812 txhdr = (struct p54_tx_data *) skb_push(skb, sizeof(*txhdr) + padding);
813 hdr = (struct p54_hdr *) skb_push(skb, sizeof(*hdr));
814
815 if (padding)
816 hdr_flags |= P54_HDR_FLAG_DATA_ALIGN;
817 hdr->type = cpu_to_le16(aid);
818 hdr->rts_tries = info->control.rates[0].count;
819
820 /*
821 * we register the rates in perfect order, and
822 * RTS/CTS won't happen on 5 GHz
823 */
824 cts_rate = info->control.rts_cts_rate_idx;
825
826 memset(&txhdr->rateset, 0, sizeof(txhdr->rateset));
827
828 /* see how many rates got used */
829 for (i = 0; i < dev->max_rates; i++) {
830 if (info->control.rates[i].idx < 0)
831 break;
832 nrates++;
833 }
834
835 /* limit tries to 8/nrates per rate */
836 for (i = 0; i < nrates; i++) {
837 /*
838 * The magic expression here is equivalent to 8/nrates for
839 * all values that matter, but avoids division and jumps.
840 * Note that nrates can only take the values 1 through 4.
841 */
842 calculated_tries[i] = min_t(int, ((15 >> nrates) | 1) + 1,
843 info->control.rates[i].count);
844 nremaining -= calculated_tries[i];
845 }
846
847 /* if there are tries left, distribute from back to front */
848 for (i = nrates - 1; nremaining > 0 && i >= 0; i--) {
849 int tmp = info->control.rates[i].count - calculated_tries[i];
850
851 if (tmp <= 0)
852 continue;
853 /* RC requested more tries at this rate */
854
855 tmp = min_t(int, tmp, nremaining);
856 calculated_tries[i] += tmp;
857 nremaining -= tmp;
858 }
859
860 ridx = 0;
861 for (i = 0; i < nrates && ridx < 8; i++) {
862 /* we register the rates in perfect order */
863 rate = info->control.rates[i].idx;
864 if (info->band == IEEE80211_BAND_5GHZ)
865 rate += 4;
866
867 /* store the count we actually calculated for TX status */
868 info->control.rates[i].count = calculated_tries[i];
869
870 rc_flags = info->control.rates[i].flags;
871 if (rc_flags & IEEE80211_TX_RC_USE_SHORT_PREAMBLE) {
872 rate |= 0x10;
873 cts_rate |= 0x10;
874 }
875 if (rc_flags & IEEE80211_TX_RC_USE_RTS_CTS) {
876 burst_allowed = false;
877 rate |= 0x40;
878 } else if (rc_flags & IEEE80211_TX_RC_USE_CTS_PROTECT) {
879 rate |= 0x20;
880 burst_allowed = false;
881 }
882 for (j = 0; j < calculated_tries[i] && ridx < 8; j++) {
883 txhdr->rateset[ridx] = rate;
884 ridx++;
885 }
886 }
887
888 if (burst_allowed)
889 hdr_flags |= P54_HDR_FLAG_DATA_OUT_BURST;
890
891 /* TODO: enable bursting */
892 hdr->flags = cpu_to_le16(hdr_flags);
893 hdr->tries = ridx;
894 txhdr->rts_rate_idx = 0;
895 if (info->control.hw_key) {
896 txhdr->key_type = p54_convert_algo(info->control.hw_key->cipher);
897 txhdr->key_len = min((u8)16, info->control.hw_key->keylen);
898 memcpy(txhdr->key, info->control.hw_key->key, txhdr->key_len);
899 if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
900 /* reserve space for the MIC key */
901 len += 8;
902 memcpy(skb_put(skb, 8), &(info->control.hw_key->key
903 [NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY]), 8);
904 }
905 /* reserve some space for ICV */
906 len += info->control.hw_key->icv_len;
907 memset(skb_put(skb, info->control.hw_key->icv_len), 0,
908 info->control.hw_key->icv_len);
909 } else {
910 txhdr->key_type = 0;
911 txhdr->key_len = 0;
912 }
913 txhdr->crypt_offset = crypt_offset;
914 txhdr->hw_queue = queue;
915 txhdr->backlog = priv->tx_stats[queue].len - 1;
916 memset(txhdr->durations, 0, sizeof(txhdr->durations));
917 txhdr->tx_antenna = ((info->antenna_sel_tx == 0) ?
918 2 : info->antenna_sel_tx - 1) & priv->tx_diversity_mask;
919 if (priv->rxhw == 5) {
920 txhdr->longbow.cts_rate = cts_rate;
921 txhdr->longbow.output_power = cpu_to_le16(priv->output_power);
922 } else {
923 txhdr->normal.output_power = priv->output_power;
924 txhdr->normal.cts_rate = cts_rate;
925 }
926 if (padding)
927 txhdr->align[0] = padding;
928
929 hdr->len = cpu_to_le16(len);
930 /* modifies skb->cb and with it info, so must be last! */
931 p54info = (void *) info->rate_driver_data;
932 p54info->extra_len = extra_len;
933
934 p54_tx(priv, skb);
935 }
936