1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Common code for mac80211 Prism54 drivers
4 *
5 * Copyright (c) 2006, Michael Wu <flamingice@sourmilk.net>
6 * Copyright (c) 2007-2009, Christian Lamparter <chunkeey@web.de>
7 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
8 *
9 * Based on:
10 * - the islsm (softmac prism54) driver, which is:
11 * Copyright 2004-2006 Jean-Baptiste Note <jbnote@gmail.com>, et al.
12 * - stlc45xx driver
13 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies).
14 */
15
16 #include <linux/export.h>
17 #include <linux/firmware.h>
18 #include <linux/etherdevice.h>
19 #include <asm/div64.h>
20
21 #include <net/mac80211.h>
22
23 #include "p54.h"
24 #include "lmac.h"
25
26 #ifdef P54_MM_DEBUG
p54_dump_tx_queue(struct p54_common * priv)27 static void p54_dump_tx_queue(struct p54_common *priv)
28 {
29 unsigned long flags;
30 struct ieee80211_tx_info *info;
31 struct p54_tx_info *range;
32 struct sk_buff *skb;
33 struct p54_hdr *hdr;
34 unsigned int i = 0;
35 u32 prev_addr;
36 u32 largest_hole = 0, free;
37
38 spin_lock_irqsave(&priv->tx_queue.lock, flags);
39 wiphy_debug(priv->hw->wiphy, "/ --- tx queue dump (%d entries) ---\n",
40 skb_queue_len(&priv->tx_queue));
41
42 prev_addr = priv->rx_start;
43 skb_queue_walk(&priv->tx_queue, skb) {
44 info = IEEE80211_SKB_CB(skb);
45 range = (void *) info->rate_driver_data;
46 hdr = (void *) skb->data;
47
48 free = range->start_addr - prev_addr;
49 wiphy_debug(priv->hw->wiphy,
50 "| [%02d] => [skb:%p skb_len:0x%04x "
51 "hdr:{flags:%02x len:%04x req_id:%04x type:%02x} "
52 "mem:{start:%04x end:%04x, free:%d}]\n",
53 i++, skb, skb->len,
54 le16_to_cpu(hdr->flags), le16_to_cpu(hdr->len),
55 le32_to_cpu(hdr->req_id), le16_to_cpu(hdr->type),
56 range->start_addr, range->end_addr, free);
57
58 prev_addr = range->end_addr;
59 largest_hole = max(largest_hole, free);
60 }
61 free = priv->rx_end - prev_addr;
62 largest_hole = max(largest_hole, free);
63 wiphy_debug(priv->hw->wiphy,
64 "\\ --- [free: %d], largest free block: %d ---\n",
65 free, largest_hole);
66 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
67 }
68 #endif /* P54_MM_DEBUG */
69
70 /*
71 * So, the firmware is somewhat stupid and doesn't know what places in its
72 * memory incoming data should go to. By poking around in the firmware, we
73 * can find some unused memory to upload our packets to. However, data that we
74 * want the card to TX needs to stay intact until the card has told us that
75 * it is done with it. This function finds empty places we can upload to and
76 * marks allocated areas as reserved if necessary. p54_find_and_unlink_skb or
77 * p54_free_skb frees allocated areas.
78 */
p54_assign_address(struct p54_common * priv,struct sk_buff * skb)79 static int p54_assign_address(struct p54_common *priv, struct sk_buff *skb)
80 {
81 struct sk_buff *entry, *target_skb = NULL;
82 struct ieee80211_tx_info *info;
83 struct p54_tx_info *range;
84 struct p54_hdr *data = (void *) skb->data;
85 unsigned long flags;
86 u32 last_addr = priv->rx_start;
87 u32 target_addr = priv->rx_start;
88 u16 len = priv->headroom + skb->len + priv->tailroom + 3;
89
90 info = IEEE80211_SKB_CB(skb);
91 range = (void *) info->rate_driver_data;
92 len = (range->extra_len + len) & ~0x3;
93
94 spin_lock_irqsave(&priv->tx_queue.lock, flags);
95 if (unlikely(skb_queue_len(&priv->tx_queue) == 32)) {
96 /*
97 * The tx_queue is now really full.
98 *
99 * TODO: check if the device has crashed and reset it.
100 */
101 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
102 return -EBUSY;
103 }
104
105 skb_queue_walk(&priv->tx_queue, entry) {
106 u32 hole_size;
107 info = IEEE80211_SKB_CB(entry);
108 range = (void *) info->rate_driver_data;
109 hole_size = range->start_addr - last_addr;
110
111 if (!target_skb && hole_size >= len) {
112 target_skb = entry->prev;
113 hole_size -= len;
114 target_addr = last_addr;
115 break;
116 }
117 last_addr = range->end_addr;
118 }
119 if (unlikely(!target_skb)) {
120 if (priv->rx_end - last_addr >= len) {
121 target_skb = skb_peek_tail(&priv->tx_queue);
122 if (target_skb) {
123 info = IEEE80211_SKB_CB(target_skb);
124 range = (void *)info->rate_driver_data;
125 target_addr = range->end_addr;
126 }
127 } else {
128 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
129 return -ENOSPC;
130 }
131 }
132
133 info = IEEE80211_SKB_CB(skb);
134 range = (void *) info->rate_driver_data;
135 range->start_addr = target_addr;
136 range->end_addr = target_addr + len;
137 data->req_id = cpu_to_le32(target_addr + priv->headroom);
138 if (IS_DATA_FRAME(skb) &&
139 unlikely(GET_HW_QUEUE(skb) == P54_QUEUE_BEACON))
140 priv->beacon_req_id = data->req_id;
141
142 if (target_skb)
143 __skb_queue_after(&priv->tx_queue, target_skb, skb);
144 else
145 __skb_queue_head(&priv->tx_queue, skb);
146 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
147 return 0;
148 }
149
p54_tx_pending(struct p54_common * priv)150 static void p54_tx_pending(struct p54_common *priv)
151 {
152 struct sk_buff *skb;
153 int ret;
154
155 skb = skb_dequeue(&priv->tx_pending);
156 if (unlikely(!skb))
157 return ;
158
159 ret = p54_assign_address(priv, skb);
160 if (unlikely(ret))
161 skb_queue_head(&priv->tx_pending, skb);
162 else
163 priv->tx(priv->hw, skb);
164 }
165
p54_wake_queues(struct p54_common * priv)166 static void p54_wake_queues(struct p54_common *priv)
167 {
168 unsigned long flags;
169 unsigned int i;
170
171 if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
172 return ;
173
174 p54_tx_pending(priv);
175
176 spin_lock_irqsave(&priv->tx_stats_lock, flags);
177 for (i = 0; i < priv->hw->queues; i++) {
178 if (priv->tx_stats[i + P54_QUEUE_DATA].len <
179 priv->tx_stats[i + P54_QUEUE_DATA].limit)
180 ieee80211_wake_queue(priv->hw, i);
181 }
182 spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
183 }
184
p54_tx_qos_accounting_alloc(struct p54_common * priv,struct sk_buff * skb,const u16 p54_queue)185 static int p54_tx_qos_accounting_alloc(struct p54_common *priv,
186 struct sk_buff *skb,
187 const u16 p54_queue)
188 {
189 struct p54_tx_queue_stats *queue;
190 unsigned long flags;
191
192 if (WARN_ON(p54_queue >= P54_QUEUE_NUM))
193 return -EINVAL;
194
195 queue = &priv->tx_stats[p54_queue];
196
197 spin_lock_irqsave(&priv->tx_stats_lock, flags);
198 if (unlikely(queue->len >= queue->limit && IS_QOS_QUEUE(p54_queue))) {
199 spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
200 return -ENOSPC;
201 }
202
203 queue->len++;
204 queue->count++;
205
206 if (unlikely(queue->len == queue->limit && IS_QOS_QUEUE(p54_queue))) {
207 u16 ac_queue = p54_queue - P54_QUEUE_DATA;
208 ieee80211_stop_queue(priv->hw, ac_queue);
209 }
210
211 spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
212 return 0;
213 }
214
p54_tx_qos_accounting_free(struct p54_common * priv,struct sk_buff * skb)215 static void p54_tx_qos_accounting_free(struct p54_common *priv,
216 struct sk_buff *skb)
217 {
218 if (IS_DATA_FRAME(skb)) {
219 unsigned long flags;
220
221 spin_lock_irqsave(&priv->tx_stats_lock, flags);
222 priv->tx_stats[GET_HW_QUEUE(skb)].len--;
223 spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
224
225 if (unlikely(GET_HW_QUEUE(skb) == P54_QUEUE_BEACON)) {
226 if (priv->beacon_req_id == GET_REQ_ID(skb)) {
227 /* this is the active beacon set anymore */
228 priv->beacon_req_id = 0;
229 }
230 complete(&priv->beacon_comp);
231 }
232 }
233 p54_wake_queues(priv);
234 }
235
p54_free_skb(struct ieee80211_hw * dev,struct sk_buff * skb)236 void p54_free_skb(struct ieee80211_hw *dev, struct sk_buff *skb)
237 {
238 struct p54_common *priv = dev->priv;
239 if (unlikely(!skb))
240 return ;
241
242 skb_unlink(skb, &priv->tx_queue);
243 p54_tx_qos_accounting_free(priv, skb);
244 ieee80211_free_txskb(dev, skb);
245 }
246 EXPORT_SYMBOL_GPL(p54_free_skb);
247
p54_find_and_unlink_skb(struct p54_common * priv,const __le32 req_id)248 static struct sk_buff *p54_find_and_unlink_skb(struct p54_common *priv,
249 const __le32 req_id)
250 {
251 struct sk_buff *entry;
252 unsigned long flags;
253
254 spin_lock_irqsave(&priv->tx_queue.lock, flags);
255 skb_queue_walk(&priv->tx_queue, entry) {
256 struct p54_hdr *hdr = (struct p54_hdr *) entry->data;
257
258 if (hdr->req_id == req_id) {
259 __skb_unlink(entry, &priv->tx_queue);
260 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
261 p54_tx_qos_accounting_free(priv, entry);
262 return entry;
263 }
264 }
265 spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
266 return NULL;
267 }
268
p54_tx(struct p54_common * priv,struct sk_buff * skb)269 void p54_tx(struct p54_common *priv, struct sk_buff *skb)
270 {
271 skb_queue_tail(&priv->tx_pending, skb);
272 p54_tx_pending(priv);
273 }
274
p54_rssi_to_dbm(struct p54_common * priv,int rssi)275 static int p54_rssi_to_dbm(struct p54_common *priv, int rssi)
276 {
277 if (priv->rxhw != 5) {
278 return ((rssi * priv->cur_rssi->mul) / 64 +
279 priv->cur_rssi->add) / 4;
280 } else {
281 /*
282 * TODO: find the correct formula
283 */
284 return rssi / 2 - 110;
285 }
286 }
287
288 /*
289 * Even if the firmware is capable of dealing with incoming traffic,
290 * while dozing, we have to prepared in case mac80211 uses PS-POLL
291 * to retrieve outstanding frames from our AP.
292 * (see comment in net/mac80211/mlme.c @ line 1993)
293 */
p54_pspoll_workaround(struct p54_common * priv,struct sk_buff * skb)294 static void p54_pspoll_workaround(struct p54_common *priv, struct sk_buff *skb)
295 {
296 struct ieee80211_hdr *hdr = (void *) skb->data;
297 struct ieee80211_tim_ie *tim_ie;
298 u8 *tim;
299 u8 tim_len;
300 bool new_psm;
301
302 /* only beacons have a TIM IE */
303 if (!ieee80211_is_beacon(hdr->frame_control))
304 return;
305
306 if (!priv->aid)
307 return;
308
309 /* only consider beacons from the associated BSSID */
310 if (!ether_addr_equal_64bits(hdr->addr3, priv->bssid))
311 return;
312
313 tim = p54_find_ie(skb, WLAN_EID_TIM);
314 if (!tim)
315 return;
316
317 tim_len = tim[1];
318 tim_ie = (struct ieee80211_tim_ie *) &tim[2];
319
320 new_psm = ieee80211_check_tim(tim_ie, tim_len, priv->aid);
321 if (new_psm != priv->powersave_override) {
322 priv->powersave_override = new_psm;
323 p54_set_ps(priv);
324 }
325 }
326
p54_rx_data(struct p54_common * priv,struct sk_buff * skb)327 static int p54_rx_data(struct p54_common *priv, struct sk_buff *skb)
328 {
329 struct p54_rx_data *hdr = (struct p54_rx_data *) skb->data;
330 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
331 u16 freq = le16_to_cpu(hdr->freq);
332 size_t header_len = sizeof(*hdr);
333 u32 tsf32;
334 __le16 fc;
335 u8 rate = hdr->rate & 0xf;
336
337 /*
338 * If the device is in a unspecified state we have to
339 * ignore all data frames. Else we could end up with a
340 * nasty crash.
341 */
342 if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
343 return 0;
344
345 if (!(hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_IN_FCS_GOOD)))
346 return 0;
347
348 if (hdr->decrypt_status == P54_DECRYPT_OK)
349 rx_status->flag |= RX_FLAG_DECRYPTED;
350 if ((hdr->decrypt_status == P54_DECRYPT_FAIL_MICHAEL) ||
351 (hdr->decrypt_status == P54_DECRYPT_FAIL_TKIP))
352 rx_status->flag |= RX_FLAG_MMIC_ERROR;
353
354 rx_status->signal = p54_rssi_to_dbm(priv, hdr->rssi);
355 if (hdr->rate & 0x10)
356 rx_status->enc_flags |= RX_ENC_FLAG_SHORTPRE;
357 if (priv->hw->conf.chandef.chan->band == NL80211_BAND_5GHZ)
358 rx_status->rate_idx = (rate < 4) ? 0 : rate - 4;
359 else
360 rx_status->rate_idx = rate;
361
362 rx_status->freq = freq;
363 rx_status->band = priv->hw->conf.chandef.chan->band;
364 rx_status->antenna = hdr->antenna;
365
366 tsf32 = le32_to_cpu(hdr->tsf32);
367 if (tsf32 < priv->tsf_low32)
368 priv->tsf_high32++;
369 rx_status->mactime = ((u64)priv->tsf_high32) << 32 | tsf32;
370 priv->tsf_low32 = tsf32;
371
372 /* LMAC API Page 10/29 - s_lm_data_in - clock
373 * "usec accurate timestamp of hardware clock
374 * at end of frame (before OFDM SIFS EOF padding"
375 */
376 rx_status->flag |= RX_FLAG_MACTIME_END;
377
378 if (hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_ALIGN))
379 header_len += hdr->align[0];
380
381 skb_pull(skb, header_len);
382 skb_trim(skb, le16_to_cpu(hdr->len));
383
384 fc = ((struct ieee80211_hdr *)skb->data)->frame_control;
385 if (ieee80211_is_probe_resp(fc) || ieee80211_is_beacon(fc))
386 rx_status->boottime_ns = ktime_get_boottime_ns();
387
388 if (unlikely(priv->hw->conf.flags & IEEE80211_CONF_PS))
389 p54_pspoll_workaround(priv, skb);
390
391 ieee80211_rx_irqsafe(priv->hw, skb);
392
393 ieee80211_queue_delayed_work(priv->hw, &priv->work,
394 msecs_to_jiffies(P54_STATISTICS_UPDATE));
395
396 return -1;
397 }
398
p54_rx_frame_sent(struct p54_common * priv,struct sk_buff * skb)399 static void p54_rx_frame_sent(struct p54_common *priv, struct sk_buff *skb)
400 {
401 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
402 struct p54_frame_sent *payload = (struct p54_frame_sent *) hdr->data;
403 struct ieee80211_tx_info *info;
404 struct p54_hdr *entry_hdr;
405 struct p54_tx_data *entry_data;
406 struct sk_buff *entry;
407 unsigned int pad = 0, frame_len;
408 int count, idx;
409
410 entry = p54_find_and_unlink_skb(priv, hdr->req_id);
411 if (unlikely(!entry))
412 return ;
413
414 frame_len = entry->len;
415 info = IEEE80211_SKB_CB(entry);
416 entry_hdr = (struct p54_hdr *) entry->data;
417 entry_data = (struct p54_tx_data *) entry_hdr->data;
418 priv->stats.dot11ACKFailureCount += payload->tries - 1;
419
420 /*
421 * Frames in P54_QUEUE_FWSCAN and P54_QUEUE_BEACON are
422 * generated by the driver. Therefore tx_status is bogus
423 * and we don't want to confuse the mac80211 stack.
424 */
425 if (unlikely(entry_data->hw_queue < P54_QUEUE_FWSCAN)) {
426 dev_kfree_skb_any(entry);
427 return ;
428 }
429
430 /*
431 * Clear manually, ieee80211_tx_info_clear_status would
432 * clear the counts too and we need them.
433 */
434 memset_after(&info->status, 0, rates);
435
436 if (entry_hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_ALIGN))
437 pad = entry_data->align[0];
438
439 /* walk through the rates array and adjust the counts */
440 count = payload->tries;
441 for (idx = 0; idx < 4; idx++) {
442 if (count >= info->status.rates[idx].count) {
443 count -= info->status.rates[idx].count;
444 } else if (count > 0) {
445 info->status.rates[idx].count = count;
446 count = 0;
447 } else {
448 info->status.rates[idx].idx = -1;
449 info->status.rates[idx].count = 0;
450 }
451 }
452
453 if (!(info->flags & IEEE80211_TX_CTL_NO_ACK) &&
454 !(payload->status & P54_TX_FAILED))
455 info->flags |= IEEE80211_TX_STAT_ACK;
456 if (payload->status & P54_TX_PSM_CANCELLED)
457 info->flags |= IEEE80211_TX_STAT_TX_FILTERED;
458 info->status.ack_signal = p54_rssi_to_dbm(priv,
459 (int)payload->ack_rssi);
460
461 /* Undo all changes to the frame. */
462 switch (entry_data->key_type) {
463 case P54_CRYPTO_TKIPMICHAEL: {
464 u8 *iv = (u8 *)(entry_data->align + pad +
465 entry_data->crypt_offset);
466
467 /* Restore the original TKIP IV. */
468 iv[2] = iv[0];
469 iv[0] = iv[1];
470 iv[1] = (iv[0] | 0x20) & 0x7f; /* WEPSeed - 8.3.2.2 */
471
472 frame_len -= 12; /* remove TKIP_MMIC + TKIP_ICV */
473 break;
474 }
475 case P54_CRYPTO_AESCCMP:
476 frame_len -= 8; /* remove CCMP_MIC */
477 break;
478 case P54_CRYPTO_WEP:
479 frame_len -= 4; /* remove WEP_ICV */
480 break;
481 }
482
483 skb_trim(entry, frame_len);
484 skb_pull(entry, sizeof(*hdr) + pad + sizeof(*entry_data));
485 ieee80211_tx_status_irqsafe(priv->hw, entry);
486 }
487
p54_rx_eeprom_readback(struct p54_common * priv,struct sk_buff * skb)488 static void p54_rx_eeprom_readback(struct p54_common *priv,
489 struct sk_buff *skb)
490 {
491 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
492 struct p54_eeprom_lm86 *eeprom = (struct p54_eeprom_lm86 *) hdr->data;
493 struct sk_buff *tmp;
494
495 if (!priv->eeprom)
496 return ;
497
498 if (priv->fw_var >= 0x509) {
499 if (le16_to_cpu(eeprom->v2.len) != priv->eeprom_slice_size)
500 return;
501
502 memcpy(priv->eeprom, eeprom->v2.data, priv->eeprom_slice_size);
503 } else {
504 if (le16_to_cpu(eeprom->v1.len) != priv->eeprom_slice_size)
505 return;
506
507 memcpy(priv->eeprom, eeprom->v1.data, priv->eeprom_slice_size);
508 }
509
510 priv->eeprom = NULL;
511 priv->eeprom_slice_size = 0;
512 tmp = p54_find_and_unlink_skb(priv, hdr->req_id);
513 dev_kfree_skb_any(tmp);
514 complete(&priv->eeprom_comp);
515 }
516
p54_rx_stats(struct p54_common * priv,struct sk_buff * skb)517 static void p54_rx_stats(struct p54_common *priv, struct sk_buff *skb)
518 {
519 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
520 struct p54_statistics *stats = (struct p54_statistics *) hdr->data;
521 struct sk_buff *tmp;
522 struct ieee80211_channel *chan;
523 unsigned int i, rssi, tx, cca, dtime, dtotal, dcca, dtx, drssi, unit;
524 u32 tsf32;
525
526 if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
527 return ;
528
529 tsf32 = le32_to_cpu(stats->tsf32);
530 if (tsf32 < priv->tsf_low32)
531 priv->tsf_high32++;
532 priv->tsf_low32 = tsf32;
533
534 priv->stats.dot11RTSFailureCount = le32_to_cpu(stats->rts_fail);
535 priv->stats.dot11RTSSuccessCount = le32_to_cpu(stats->rts_success);
536 priv->stats.dot11FCSErrorCount = le32_to_cpu(stats->rx_bad_fcs);
537
538 priv->noise = p54_rssi_to_dbm(priv, le32_to_cpu(stats->noise));
539
540 /*
541 * STSW450X LMAC API page 26 - 3.8 Statistics
542 * "The exact measurement period can be derived from the
543 * timestamp member".
544 */
545 dtime = tsf32 - priv->survey_raw.timestamp;
546
547 /*
548 * STSW450X LMAC API page 26 - 3.8.1 Noise histogram
549 * The LMAC samples RSSI, CCA and transmit state at regular
550 * periods (typically 8 times per 1k [as in 1024] usec).
551 */
552 cca = le32_to_cpu(stats->sample_cca);
553 tx = le32_to_cpu(stats->sample_tx);
554 rssi = 0;
555 for (i = 0; i < ARRAY_SIZE(stats->sample_noise); i++)
556 rssi += le32_to_cpu(stats->sample_noise[i]);
557
558 dcca = cca - priv->survey_raw.cached_cca;
559 drssi = rssi - priv->survey_raw.cached_rssi;
560 dtx = tx - priv->survey_raw.cached_tx;
561 dtotal = dcca + drssi + dtx;
562
563 /*
564 * update statistics when more than a second is over since the
565 * last call, or when a update is badly needed.
566 */
567 if (dtotal && (priv->update_stats || dtime >= USEC_PER_SEC) &&
568 dtime >= dtotal) {
569 priv->survey_raw.timestamp = tsf32;
570 priv->update_stats = false;
571 unit = dtime / dtotal;
572
573 if (dcca) {
574 priv->survey_raw.cca += dcca * unit;
575 priv->survey_raw.cached_cca = cca;
576 }
577 if (dtx) {
578 priv->survey_raw.tx += dtx * unit;
579 priv->survey_raw.cached_tx = tx;
580 }
581 if (drssi) {
582 priv->survey_raw.rssi += drssi * unit;
583 priv->survey_raw.cached_rssi = rssi;
584 }
585
586 /* 1024 usec / 8 times = 128 usec / time */
587 if (!(priv->phy_ps || priv->phy_idle))
588 priv->survey_raw.active += dtotal * unit;
589 else
590 priv->survey_raw.active += (dcca + dtx) * unit;
591 }
592
593 chan = priv->curchan;
594 if (chan) {
595 struct survey_info *survey = &priv->survey[chan->hw_value];
596 survey->noise = clamp(priv->noise, -128, 127);
597 survey->time = priv->survey_raw.active;
598 survey->time_tx = priv->survey_raw.tx;
599 survey->time_busy = priv->survey_raw.tx +
600 priv->survey_raw.cca;
601 do_div(survey->time, 1024);
602 do_div(survey->time_tx, 1024);
603 do_div(survey->time_busy, 1024);
604 }
605
606 tmp = p54_find_and_unlink_skb(priv, hdr->req_id);
607 dev_kfree_skb_any(tmp);
608 complete(&priv->stat_comp);
609 }
610
p54_rx_trap(struct p54_common * priv,struct sk_buff * skb)611 static void p54_rx_trap(struct p54_common *priv, struct sk_buff *skb)
612 {
613 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
614 struct p54_trap *trap = (struct p54_trap *) hdr->data;
615 u16 event = le16_to_cpu(trap->event);
616 u16 freq = le16_to_cpu(trap->frequency);
617
618 switch (event) {
619 case P54_TRAP_BEACON_TX:
620 break;
621 case P54_TRAP_RADAR:
622 wiphy_info(priv->hw->wiphy, "radar (freq:%d MHz)\n", freq);
623 break;
624 case P54_TRAP_NO_BEACON:
625 if (priv->vif)
626 ieee80211_beacon_loss(priv->vif);
627 break;
628 case P54_TRAP_SCAN:
629 break;
630 case P54_TRAP_TBTT:
631 break;
632 case P54_TRAP_TIMER:
633 break;
634 case P54_TRAP_FAA_RADIO_OFF:
635 wiphy_rfkill_set_hw_state(priv->hw->wiphy, true);
636 break;
637 case P54_TRAP_FAA_RADIO_ON:
638 wiphy_rfkill_set_hw_state(priv->hw->wiphy, false);
639 break;
640 default:
641 wiphy_info(priv->hw->wiphy, "received event:%x freq:%d\n",
642 event, freq);
643 break;
644 }
645 }
646
p54_rx_control(struct p54_common * priv,struct sk_buff * skb)647 static int p54_rx_control(struct p54_common *priv, struct sk_buff *skb)
648 {
649 struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
650
651 switch (le16_to_cpu(hdr->type)) {
652 case P54_CONTROL_TYPE_TXDONE:
653 p54_rx_frame_sent(priv, skb);
654 break;
655 case P54_CONTROL_TYPE_TRAP:
656 p54_rx_trap(priv, skb);
657 break;
658 case P54_CONTROL_TYPE_BBP:
659 break;
660 case P54_CONTROL_TYPE_STAT_READBACK:
661 p54_rx_stats(priv, skb);
662 break;
663 case P54_CONTROL_TYPE_EEPROM_READBACK:
664 p54_rx_eeprom_readback(priv, skb);
665 break;
666 default:
667 wiphy_debug(priv->hw->wiphy,
668 "not handling 0x%02x type control frame\n",
669 le16_to_cpu(hdr->type));
670 break;
671 }
672 return 0;
673 }
674
675 /* returns zero if skb can be reused */
p54_rx(struct ieee80211_hw * dev,struct sk_buff * skb)676 int p54_rx(struct ieee80211_hw *dev, struct sk_buff *skb)
677 {
678 struct p54_common *priv = dev->priv;
679 u16 type = le16_to_cpu(*((__le16 *)skb->data));
680
681 if (type & P54_HDR_FLAG_CONTROL)
682 return p54_rx_control(priv, skb);
683 else
684 return p54_rx_data(priv, skb);
685 }
686 EXPORT_SYMBOL_GPL(p54_rx);
687
p54_tx_80211_header(struct p54_common * priv,struct sk_buff * skb,struct ieee80211_tx_info * info,struct ieee80211_sta * sta,u8 * queue,u32 * extra_len,u16 * flags,u16 * aid,bool * burst_possible)688 static void p54_tx_80211_header(struct p54_common *priv, struct sk_buff *skb,
689 struct ieee80211_tx_info *info,
690 struct ieee80211_sta *sta,
691 u8 *queue, u32 *extra_len, u16 *flags, u16 *aid,
692 bool *burst_possible)
693 {
694 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
695
696 if (ieee80211_is_data_qos(hdr->frame_control))
697 *burst_possible = true;
698 else
699 *burst_possible = false;
700
701 if (!(info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ))
702 *flags |= P54_HDR_FLAG_DATA_OUT_SEQNR;
703
704 if (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER)
705 *flags |= P54_HDR_FLAG_DATA_OUT_NOCANCEL;
706
707 if (info->flags & IEEE80211_TX_CTL_CLEAR_PS_FILT)
708 *flags |= P54_HDR_FLAG_DATA_OUT_NOCANCEL;
709
710 *queue = skb_get_queue_mapping(skb) + P54_QUEUE_DATA;
711
712 switch (priv->mode) {
713 case NL80211_IFTYPE_MONITOR:
714 /*
715 * We have to set P54_HDR_FLAG_DATA_OUT_PROMISC for
716 * every frame in promiscuous/monitor mode.
717 * see STSW45x0C LMAC API - page 12.
718 */
719 *aid = 0;
720 *flags |= P54_HDR_FLAG_DATA_OUT_PROMISC;
721 break;
722 case NL80211_IFTYPE_STATION:
723 *aid = 1;
724 break;
725 case NL80211_IFTYPE_AP:
726 case NL80211_IFTYPE_ADHOC:
727 case NL80211_IFTYPE_MESH_POINT:
728 if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) {
729 *aid = 0;
730 *queue = P54_QUEUE_CAB;
731 return;
732 }
733
734 if (unlikely(ieee80211_is_mgmt(hdr->frame_control))) {
735 if (ieee80211_is_probe_resp(hdr->frame_control)) {
736 *aid = 0;
737 *flags |= P54_HDR_FLAG_DATA_OUT_TIMESTAMP |
738 P54_HDR_FLAG_DATA_OUT_NOCANCEL;
739 return;
740 } else if (ieee80211_is_beacon(hdr->frame_control)) {
741 *aid = 0;
742
743 if (info->flags & IEEE80211_TX_CTL_INJECTED) {
744 /*
745 * Injecting beacons on top of a AP is
746 * not a good idea... nevertheless,
747 * it should be doable.
748 */
749
750 return;
751 }
752
753 *flags |= P54_HDR_FLAG_DATA_OUT_TIMESTAMP;
754 *queue = P54_QUEUE_BEACON;
755 *extra_len = IEEE80211_MAX_TIM_LEN;
756 return;
757 }
758 }
759
760 if (sta)
761 *aid = sta->aid;
762 break;
763 }
764 }
765
p54_convert_algo(u32 cipher)766 static u8 p54_convert_algo(u32 cipher)
767 {
768 switch (cipher) {
769 case WLAN_CIPHER_SUITE_WEP40:
770 case WLAN_CIPHER_SUITE_WEP104:
771 return P54_CRYPTO_WEP;
772 case WLAN_CIPHER_SUITE_TKIP:
773 return P54_CRYPTO_TKIPMICHAEL;
774 case WLAN_CIPHER_SUITE_CCMP:
775 return P54_CRYPTO_AESCCMP;
776 default:
777 return 0;
778 }
779 }
780
p54_tx_80211(struct ieee80211_hw * dev,struct ieee80211_tx_control * control,struct sk_buff * skb)781 void p54_tx_80211(struct ieee80211_hw *dev,
782 struct ieee80211_tx_control *control,
783 struct sk_buff *skb)
784 {
785 struct p54_common *priv = dev->priv;
786 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
787 struct p54_tx_info *p54info;
788 struct p54_hdr *hdr;
789 struct p54_tx_data *txhdr;
790 unsigned int padding, len, extra_len = 0;
791 int i, j, ridx;
792 u16 hdr_flags = 0, aid = 0;
793 u8 rate, queue = 0, crypt_offset = 0;
794 u8 cts_rate = 0x20;
795 u8 rc_flags;
796 u8 calculated_tries[4];
797 u8 nrates = 0, nremaining = 8;
798 bool burst_allowed = false;
799
800 p54_tx_80211_header(priv, skb, info, control->sta, &queue, &extra_len,
801 &hdr_flags, &aid, &burst_allowed);
802
803 if (p54_tx_qos_accounting_alloc(priv, skb, queue)) {
804 ieee80211_free_txskb(dev, skb);
805 return;
806 }
807
808 padding = (unsigned long)(skb->data - (sizeof(*hdr) + sizeof(*txhdr))) & 3;
809 len = skb->len;
810
811 if (info->control.hw_key) {
812 crypt_offset = ieee80211_get_hdrlen_from_skb(skb);
813 if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
814 u8 *iv = (u8 *)(skb->data + crypt_offset);
815 /*
816 * The firmware excepts that the IV has to have
817 * this special format
818 */
819 iv[1] = iv[0];
820 iv[0] = iv[2];
821 iv[2] = 0;
822 }
823 }
824
825 txhdr = skb_push(skb, sizeof(*txhdr) + padding);
826 hdr = skb_push(skb, sizeof(*hdr));
827
828 if (padding)
829 hdr_flags |= P54_HDR_FLAG_DATA_ALIGN;
830 hdr->type = cpu_to_le16(aid);
831 hdr->rts_tries = info->control.rates[0].count;
832
833 /*
834 * we register the rates in perfect order, and
835 * RTS/CTS won't happen on 5 GHz
836 */
837 cts_rate = info->control.rts_cts_rate_idx;
838
839 memset(&txhdr->rateset, 0, sizeof(txhdr->rateset));
840
841 /* see how many rates got used */
842 for (i = 0; i < dev->max_rates; i++) {
843 if (info->control.rates[i].idx < 0)
844 break;
845 nrates++;
846 }
847
848 /* limit tries to 8/nrates per rate */
849 for (i = 0; i < nrates; i++) {
850 /*
851 * The magic expression here is equivalent to 8/nrates for
852 * all values that matter, but avoids division and jumps.
853 * Note that nrates can only take the values 1 through 4.
854 */
855 calculated_tries[i] = min_t(int, ((15 >> nrates) | 1) + 1,
856 info->control.rates[i].count);
857 nremaining -= calculated_tries[i];
858 }
859
860 /* if there are tries left, distribute from back to front */
861 for (i = nrates - 1; nremaining > 0 && i >= 0; i--) {
862 int tmp = info->control.rates[i].count - calculated_tries[i];
863
864 if (tmp <= 0)
865 continue;
866 /* RC requested more tries at this rate */
867
868 tmp = min_t(int, tmp, nremaining);
869 calculated_tries[i] += tmp;
870 nremaining -= tmp;
871 }
872
873 ridx = 0;
874 for (i = 0; i < nrates && ridx < 8; i++) {
875 /* we register the rates in perfect order */
876 rate = info->control.rates[i].idx;
877 if (info->band == NL80211_BAND_5GHZ)
878 rate += 4;
879
880 /* store the count we actually calculated for TX status */
881 info->control.rates[i].count = calculated_tries[i];
882
883 rc_flags = info->control.rates[i].flags;
884 if (rc_flags & IEEE80211_TX_RC_USE_SHORT_PREAMBLE) {
885 rate |= 0x10;
886 cts_rate |= 0x10;
887 }
888 if (rc_flags & IEEE80211_TX_RC_USE_RTS_CTS) {
889 burst_allowed = false;
890 rate |= 0x40;
891 } else if (rc_flags & IEEE80211_TX_RC_USE_CTS_PROTECT) {
892 rate |= 0x20;
893 burst_allowed = false;
894 }
895 for (j = 0; j < calculated_tries[i] && ridx < 8; j++) {
896 txhdr->rateset[ridx] = rate;
897 ridx++;
898 }
899 }
900
901 if (burst_allowed)
902 hdr_flags |= P54_HDR_FLAG_DATA_OUT_BURST;
903
904 /* TODO: enable bursting */
905 hdr->flags = cpu_to_le16(hdr_flags);
906 hdr->tries = ridx;
907 txhdr->rts_rate_idx = 0;
908 if (info->control.hw_key) {
909 txhdr->key_type = p54_convert_algo(info->control.hw_key->cipher);
910 txhdr->key_len = min((u8)16, info->control.hw_key->keylen);
911 memcpy(txhdr->key, info->control.hw_key->key, txhdr->key_len);
912 if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
913 /* reserve space for the MIC key */
914 len += 8;
915 skb_put_data(skb,
916 &(info->control.hw_key->key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY]),
917 8);
918 }
919 /* reserve some space for ICV */
920 len += info->control.hw_key->icv_len;
921 skb_put_zero(skb, info->control.hw_key->icv_len);
922 } else {
923 txhdr->key_type = 0;
924 txhdr->key_len = 0;
925 }
926 txhdr->crypt_offset = crypt_offset;
927 txhdr->hw_queue = queue;
928 txhdr->backlog = priv->tx_stats[queue].len - 1;
929 memset(txhdr->durations, 0, sizeof(txhdr->durations));
930 txhdr->tx_antenna = 2 & priv->tx_diversity_mask;
931 if (priv->rxhw == 5) {
932 txhdr->longbow.cts_rate = cts_rate;
933 txhdr->longbow.output_power = cpu_to_le16(priv->output_power);
934 } else {
935 txhdr->normal.output_power = priv->output_power;
936 txhdr->normal.cts_rate = cts_rate;
937 }
938 if (padding)
939 txhdr->align[0] = padding;
940
941 hdr->len = cpu_to_le16(len);
942 /* modifies skb->cb and with it info, so must be last! */
943 p54info = (void *) info->rate_driver_data;
944 p54info->extra_len = extra_len;
945
946 p54_tx(priv, skb);
947 }
948