1a84fab3cSChristian Lamparter /* 2a84fab3cSChristian Lamparter * Atheros CARL9170 driver 3a84fab3cSChristian Lamparter * 4a84fab3cSChristian Lamparter * 802.11 & command trap routines 5a84fab3cSChristian Lamparter * 6a84fab3cSChristian Lamparter * Copyright 2008, Johannes Berg <johannes@sipsolutions.net> 7a84fab3cSChristian Lamparter * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com> 8a84fab3cSChristian Lamparter * 9a84fab3cSChristian Lamparter * This program is free software; you can redistribute it and/or modify 10a84fab3cSChristian Lamparter * it under the terms of the GNU General Public License as published by 11a84fab3cSChristian Lamparter * the Free Software Foundation; either version 2 of the License, or 12a84fab3cSChristian Lamparter * (at your option) any later version. 13a84fab3cSChristian Lamparter * 14a84fab3cSChristian Lamparter * This program is distributed in the hope that it will be useful, 15a84fab3cSChristian Lamparter * but WITHOUT ANY WARRANTY; without even the implied warranty of 16a84fab3cSChristian Lamparter * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17a84fab3cSChristian Lamparter * GNU General Public License for more details. 18a84fab3cSChristian Lamparter * 19a84fab3cSChristian Lamparter * You should have received a copy of the GNU General Public License 20a84fab3cSChristian Lamparter * along with this program; see the file COPYING. If not, see 21a84fab3cSChristian Lamparter * http://www.gnu.org/licenses/. 22a84fab3cSChristian Lamparter * 23a84fab3cSChristian Lamparter * This file incorporates work covered by the following copyright and 24a84fab3cSChristian Lamparter * permission notice: 25a84fab3cSChristian Lamparter * Copyright (c) 2007-2008 Atheros Communications, Inc. 26a84fab3cSChristian Lamparter * 27a84fab3cSChristian Lamparter * Permission to use, copy, modify, and/or distribute this software for any 28a84fab3cSChristian Lamparter * purpose with or without fee is hereby granted, provided that the above 29a84fab3cSChristian Lamparter * copyright notice and this permission notice appear in all copies. 30a84fab3cSChristian Lamparter * 31a84fab3cSChristian Lamparter * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 32a84fab3cSChristian Lamparter * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 33a84fab3cSChristian Lamparter * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 34a84fab3cSChristian Lamparter * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 35a84fab3cSChristian Lamparter * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 36a84fab3cSChristian Lamparter * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 37a84fab3cSChristian Lamparter * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 38a84fab3cSChristian Lamparter */ 39a84fab3cSChristian Lamparter 40a84fab3cSChristian Lamparter #include <linux/init.h> 41a84fab3cSChristian Lamparter #include <linux/slab.h> 42a84fab3cSChristian Lamparter #include <linux/module.h> 43a84fab3cSChristian Lamparter #include <linux/etherdevice.h> 44a84fab3cSChristian Lamparter #include <linux/crc32.h> 45a84fab3cSChristian Lamparter #include <net/mac80211.h> 46a84fab3cSChristian Lamparter #include "carl9170.h" 47a84fab3cSChristian Lamparter #include "hw.h" 48a84fab3cSChristian Lamparter #include "cmd.h" 49a84fab3cSChristian Lamparter 50a84fab3cSChristian Lamparter static void carl9170_dbg_message(struct ar9170 *ar, const char *buf, u32 len) 51a84fab3cSChristian Lamparter { 52a84fab3cSChristian Lamparter bool restart = false; 53a84fab3cSChristian Lamparter enum carl9170_restart_reasons reason = CARL9170_RR_NO_REASON; 54a84fab3cSChristian Lamparter 55a84fab3cSChristian Lamparter if (len > 3) { 56a84fab3cSChristian Lamparter if (memcmp(buf, CARL9170_ERR_MAGIC, 3) == 0) { 57a84fab3cSChristian Lamparter ar->fw.err_counter++; 58a84fab3cSChristian Lamparter if (ar->fw.err_counter > 3) { 59a84fab3cSChristian Lamparter restart = true; 60a84fab3cSChristian Lamparter reason = CARL9170_RR_TOO_MANY_FIRMWARE_ERRORS; 61a84fab3cSChristian Lamparter } 62a84fab3cSChristian Lamparter } 63a84fab3cSChristian Lamparter 64a84fab3cSChristian Lamparter if (memcmp(buf, CARL9170_BUG_MAGIC, 3) == 0) { 65a84fab3cSChristian Lamparter ar->fw.bug_counter++; 66a84fab3cSChristian Lamparter restart = true; 67a84fab3cSChristian Lamparter reason = CARL9170_RR_FATAL_FIRMWARE_ERROR; 68a84fab3cSChristian Lamparter } 69a84fab3cSChristian Lamparter } 70a84fab3cSChristian Lamparter 71a84fab3cSChristian Lamparter wiphy_info(ar->hw->wiphy, "FW: %.*s\n", len, buf); 72a84fab3cSChristian Lamparter 73a84fab3cSChristian Lamparter if (restart) 74a84fab3cSChristian Lamparter carl9170_restart(ar, reason); 75a84fab3cSChristian Lamparter } 76a84fab3cSChristian Lamparter 77a84fab3cSChristian Lamparter static void carl9170_handle_ps(struct ar9170 *ar, struct carl9170_rsp *rsp) 78a84fab3cSChristian Lamparter { 79a84fab3cSChristian Lamparter u32 ps; 80a84fab3cSChristian Lamparter bool new_ps; 81a84fab3cSChristian Lamparter 82a84fab3cSChristian Lamparter ps = le32_to_cpu(rsp->psm.state); 83a84fab3cSChristian Lamparter 84a84fab3cSChristian Lamparter new_ps = (ps & CARL9170_PSM_COUNTER) != CARL9170_PSM_WAKE; 85a84fab3cSChristian Lamparter if (ar->ps.state != new_ps) { 86a84fab3cSChristian Lamparter if (!new_ps) { 87a84fab3cSChristian Lamparter ar->ps.sleep_ms = jiffies_to_msecs(jiffies - 88a84fab3cSChristian Lamparter ar->ps.last_action); 89a84fab3cSChristian Lamparter } 90a84fab3cSChristian Lamparter 91a84fab3cSChristian Lamparter ar->ps.last_action = jiffies; 92a84fab3cSChristian Lamparter 93a84fab3cSChristian Lamparter ar->ps.state = new_ps; 94a84fab3cSChristian Lamparter } 95a84fab3cSChristian Lamparter } 96a84fab3cSChristian Lamparter 97a84fab3cSChristian Lamparter static int carl9170_check_sequence(struct ar9170 *ar, unsigned int seq) 98a84fab3cSChristian Lamparter { 99a84fab3cSChristian Lamparter if (ar->cmd_seq < -1) 100a84fab3cSChristian Lamparter return 0; 101a84fab3cSChristian Lamparter 102a84fab3cSChristian Lamparter /* 103a84fab3cSChristian Lamparter * Initialize Counter 104a84fab3cSChristian Lamparter */ 105a84fab3cSChristian Lamparter if (ar->cmd_seq < 0) 106a84fab3cSChristian Lamparter ar->cmd_seq = seq; 107a84fab3cSChristian Lamparter 108a84fab3cSChristian Lamparter /* 109a84fab3cSChristian Lamparter * The sequence is strictly monotonic increasing and it never skips! 110a84fab3cSChristian Lamparter * 111a84fab3cSChristian Lamparter * Therefore we can safely assume that whenever we received an 112a84fab3cSChristian Lamparter * unexpected sequence we have lost some valuable data. 113a84fab3cSChristian Lamparter */ 114a84fab3cSChristian Lamparter if (seq != ar->cmd_seq) { 115a84fab3cSChristian Lamparter int count; 116a84fab3cSChristian Lamparter 117a84fab3cSChristian Lamparter count = (seq - ar->cmd_seq) % ar->fw.cmd_bufs; 118a84fab3cSChristian Lamparter 119a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "lost %d command responses/traps! " 120a84fab3cSChristian Lamparter "w:%d g:%d\n", count, ar->cmd_seq, seq); 121a84fab3cSChristian Lamparter 122a84fab3cSChristian Lamparter carl9170_restart(ar, CARL9170_RR_LOST_RSP); 123a84fab3cSChristian Lamparter return -EIO; 124a84fab3cSChristian Lamparter } 125a84fab3cSChristian Lamparter 126a84fab3cSChristian Lamparter ar->cmd_seq = (ar->cmd_seq + 1) % ar->fw.cmd_bufs; 127a84fab3cSChristian Lamparter return 0; 128a84fab3cSChristian Lamparter } 129a84fab3cSChristian Lamparter 130a84fab3cSChristian Lamparter static void carl9170_cmd_callback(struct ar9170 *ar, u32 len, void *buffer) 131a84fab3cSChristian Lamparter { 132a84fab3cSChristian Lamparter /* 133a84fab3cSChristian Lamparter * Some commands may have a variable response length 134a84fab3cSChristian Lamparter * and we cannot predict the correct length in advance. 135a84fab3cSChristian Lamparter * So we only check if we provided enough space for the data. 136a84fab3cSChristian Lamparter */ 137a84fab3cSChristian Lamparter if (unlikely(ar->readlen != (len - 4))) { 138a84fab3cSChristian Lamparter dev_warn(&ar->udev->dev, "received invalid command response:" 139a84fab3cSChristian Lamparter "got %d, instead of %d\n", len - 4, ar->readlen); 140a84fab3cSChristian Lamparter print_hex_dump_bytes("carl9170 cmd:", DUMP_PREFIX_OFFSET, 141a84fab3cSChristian Lamparter ar->cmd_buf, (ar->cmd.hdr.len + 4) & 0x3f); 142a84fab3cSChristian Lamparter print_hex_dump_bytes("carl9170 rsp:", DUMP_PREFIX_OFFSET, 143a84fab3cSChristian Lamparter buffer, len); 144a84fab3cSChristian Lamparter /* 145a84fab3cSChristian Lamparter * Do not complete. The command times out, 146a84fab3cSChristian Lamparter * and we get a stack trace from there. 147a84fab3cSChristian Lamparter */ 148a84fab3cSChristian Lamparter carl9170_restart(ar, CARL9170_RR_INVALID_RSP); 149a84fab3cSChristian Lamparter } 150a84fab3cSChristian Lamparter 151a84fab3cSChristian Lamparter spin_lock(&ar->cmd_lock); 152a84fab3cSChristian Lamparter if (ar->readbuf) { 153a84fab3cSChristian Lamparter if (len >= 4) 154a84fab3cSChristian Lamparter memcpy(ar->readbuf, buffer + 4, len - 4); 155a84fab3cSChristian Lamparter 156a84fab3cSChristian Lamparter ar->readbuf = NULL; 157a84fab3cSChristian Lamparter } 158a84fab3cSChristian Lamparter complete(&ar->cmd_wait); 159a84fab3cSChristian Lamparter spin_unlock(&ar->cmd_lock); 160a84fab3cSChristian Lamparter } 161a84fab3cSChristian Lamparter 162a84fab3cSChristian Lamparter void carl9170_handle_command_response(struct ar9170 *ar, void *buf, u32 len) 163a84fab3cSChristian Lamparter { 1642c208890SJoe Perches struct carl9170_rsp *cmd = buf; 165a84fab3cSChristian Lamparter struct ieee80211_vif *vif; 166a84fab3cSChristian Lamparter 167a84fab3cSChristian Lamparter if (carl9170_check_sequence(ar, cmd->hdr.seq)) 168a84fab3cSChristian Lamparter return; 169a84fab3cSChristian Lamparter 170a84fab3cSChristian Lamparter if ((cmd->hdr.cmd & CARL9170_RSP_FLAG) != CARL9170_RSP_FLAG) { 171a84fab3cSChristian Lamparter if (!(cmd->hdr.cmd & CARL9170_CMD_ASYNC_FLAG)) 172a84fab3cSChristian Lamparter carl9170_cmd_callback(ar, len, buf); 173a84fab3cSChristian Lamparter 174a84fab3cSChristian Lamparter return; 175a84fab3cSChristian Lamparter } 176a84fab3cSChristian Lamparter 177a84fab3cSChristian Lamparter if (unlikely(cmd->hdr.len != (len - 4))) { 178a84fab3cSChristian Lamparter if (net_ratelimit()) { 179a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "FW: received over-/under" 180a84fab3cSChristian Lamparter "sized event %x (%d, but should be %d).\n", 181a84fab3cSChristian Lamparter cmd->hdr.cmd, cmd->hdr.len, len - 4); 182a84fab3cSChristian Lamparter 183a84fab3cSChristian Lamparter print_hex_dump_bytes("dump:", DUMP_PREFIX_NONE, 184a84fab3cSChristian Lamparter buf, len); 185a84fab3cSChristian Lamparter } 186a84fab3cSChristian Lamparter 187a84fab3cSChristian Lamparter return; 188a84fab3cSChristian Lamparter } 189a84fab3cSChristian Lamparter 190a84fab3cSChristian Lamparter /* hardware event handlers */ 191a84fab3cSChristian Lamparter switch (cmd->hdr.cmd) { 192a84fab3cSChristian Lamparter case CARL9170_RSP_PRETBTT: 193a84fab3cSChristian Lamparter /* pre-TBTT event */ 194a84fab3cSChristian Lamparter rcu_read_lock(); 195a84fab3cSChristian Lamparter vif = carl9170_get_main_vif(ar); 196a84fab3cSChristian Lamparter 197a84fab3cSChristian Lamparter if (!vif) { 198a84fab3cSChristian Lamparter rcu_read_unlock(); 199a84fab3cSChristian Lamparter break; 200a84fab3cSChristian Lamparter } 201a84fab3cSChristian Lamparter 202a84fab3cSChristian Lamparter switch (vif->type) { 203a84fab3cSChristian Lamparter case NL80211_IFTYPE_STATION: 204a84fab3cSChristian Lamparter carl9170_handle_ps(ar, cmd); 205a84fab3cSChristian Lamparter break; 206a84fab3cSChristian Lamparter 207a84fab3cSChristian Lamparter case NL80211_IFTYPE_AP: 208a84fab3cSChristian Lamparter case NL80211_IFTYPE_ADHOC: 209da93c26dSJavier Lopez case NL80211_IFTYPE_MESH_POINT: 210a84fab3cSChristian Lamparter carl9170_update_beacon(ar, true); 211a84fab3cSChristian Lamparter break; 212a84fab3cSChristian Lamparter 213a84fab3cSChristian Lamparter default: 214a84fab3cSChristian Lamparter break; 215a84fab3cSChristian Lamparter } 216a84fab3cSChristian Lamparter rcu_read_unlock(); 217a84fab3cSChristian Lamparter 218a84fab3cSChristian Lamparter break; 219a84fab3cSChristian Lamparter 220a84fab3cSChristian Lamparter 221a84fab3cSChristian Lamparter case CARL9170_RSP_TXCOMP: 222a84fab3cSChristian Lamparter /* TX status notification */ 223a84fab3cSChristian Lamparter carl9170_tx_process_status(ar, cmd); 224a84fab3cSChristian Lamparter break; 225a84fab3cSChristian Lamparter 226a84fab3cSChristian Lamparter case CARL9170_RSP_BEACON_CONFIG: 227a84fab3cSChristian Lamparter /* 228a84fab3cSChristian Lamparter * (IBSS) beacon send notification 229a84fab3cSChristian Lamparter * bytes: 04 c2 XX YY B4 B3 B2 B1 230a84fab3cSChristian Lamparter * 231a84fab3cSChristian Lamparter * XX always 80 232a84fab3cSChristian Lamparter * YY always 00 233a84fab3cSChristian Lamparter * B1-B4 "should" be the number of send out beacons. 234a84fab3cSChristian Lamparter */ 235a84fab3cSChristian Lamparter break; 236a84fab3cSChristian Lamparter 237a84fab3cSChristian Lamparter case CARL9170_RSP_ATIM: 238a84fab3cSChristian Lamparter /* End of Atim Window */ 239a84fab3cSChristian Lamparter break; 240a84fab3cSChristian Lamparter 241a84fab3cSChristian Lamparter case CARL9170_RSP_WATCHDOG: 242a84fab3cSChristian Lamparter /* Watchdog Interrupt */ 243a84fab3cSChristian Lamparter carl9170_restart(ar, CARL9170_RR_WATCHDOG); 244a84fab3cSChristian Lamparter break; 245a84fab3cSChristian Lamparter 246a84fab3cSChristian Lamparter case CARL9170_RSP_TEXT: 247a84fab3cSChristian Lamparter /* firmware debug */ 248a84fab3cSChristian Lamparter carl9170_dbg_message(ar, (char *)buf + 4, len - 4); 249a84fab3cSChristian Lamparter break; 250a84fab3cSChristian Lamparter 251a84fab3cSChristian Lamparter case CARL9170_RSP_HEXDUMP: 252a84fab3cSChristian Lamparter wiphy_dbg(ar->hw->wiphy, "FW: HD %d\n", len - 4); 253a84fab3cSChristian Lamparter print_hex_dump_bytes("FW:", DUMP_PREFIX_NONE, 254a84fab3cSChristian Lamparter (char *)buf + 4, len - 4); 255a84fab3cSChristian Lamparter break; 256a84fab3cSChristian Lamparter 257a84fab3cSChristian Lamparter case CARL9170_RSP_RADAR: 258a84fab3cSChristian Lamparter if (!net_ratelimit()) 259a84fab3cSChristian Lamparter break; 260a84fab3cSChristian Lamparter 261a84fab3cSChristian Lamparter wiphy_info(ar->hw->wiphy, "FW: RADAR! Please report this " 262a84fab3cSChristian Lamparter "incident to linux-wireless@vger.kernel.org !\n"); 263a84fab3cSChristian Lamparter break; 264a84fab3cSChristian Lamparter 265a84fab3cSChristian Lamparter case CARL9170_RSP_GPIO: 266a84fab3cSChristian Lamparter #ifdef CONFIG_CARL9170_WPC 267a84fab3cSChristian Lamparter if (ar->wps.pbc) { 268a84fab3cSChristian Lamparter bool state = !!(cmd->gpio.gpio & cpu_to_le32( 269a84fab3cSChristian Lamparter AR9170_GPIO_PORT_WPS_BUTTON_PRESSED)); 270a84fab3cSChristian Lamparter 271a84fab3cSChristian Lamparter if (state != ar->wps.pbc_state) { 272a84fab3cSChristian Lamparter ar->wps.pbc_state = state; 273a84fab3cSChristian Lamparter input_report_key(ar->wps.pbc, KEY_WPS_BUTTON, 274a84fab3cSChristian Lamparter state); 275a84fab3cSChristian Lamparter input_sync(ar->wps.pbc); 276a84fab3cSChristian Lamparter } 277a84fab3cSChristian Lamparter } 278a84fab3cSChristian Lamparter #endif /* CONFIG_CARL9170_WPC */ 279a84fab3cSChristian Lamparter break; 280a84fab3cSChristian Lamparter 281a84fab3cSChristian Lamparter case CARL9170_RSP_BOOT: 282a84fab3cSChristian Lamparter complete(&ar->fw_boot_wait); 283a84fab3cSChristian Lamparter break; 284a84fab3cSChristian Lamparter 285a84fab3cSChristian Lamparter default: 286a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "FW: received unhandled event %x\n", 287a84fab3cSChristian Lamparter cmd->hdr.cmd); 288a84fab3cSChristian Lamparter print_hex_dump_bytes("dump:", DUMP_PREFIX_NONE, buf, len); 289a84fab3cSChristian Lamparter break; 290a84fab3cSChristian Lamparter } 291a84fab3cSChristian Lamparter } 292a84fab3cSChristian Lamparter 293a84fab3cSChristian Lamparter static int carl9170_rx_mac_status(struct ar9170 *ar, 294a84fab3cSChristian Lamparter struct ar9170_rx_head *head, struct ar9170_rx_macstatus *mac, 295a84fab3cSChristian Lamparter struct ieee80211_rx_status *status) 296a84fab3cSChristian Lamparter { 297a84fab3cSChristian Lamparter struct ieee80211_channel *chan; 298a84fab3cSChristian Lamparter u8 error, decrypt; 299a84fab3cSChristian Lamparter 300a84fab3cSChristian Lamparter BUILD_BUG_ON(sizeof(struct ar9170_rx_head) != 12); 301a84fab3cSChristian Lamparter BUILD_BUG_ON(sizeof(struct ar9170_rx_macstatus) != 4); 302a84fab3cSChristian Lamparter 303a84fab3cSChristian Lamparter error = mac->error; 304a84fab3cSChristian Lamparter 305a84fab3cSChristian Lamparter if (error & AR9170_RX_ERROR_WRONG_RA) { 306a84fab3cSChristian Lamparter if (!ar->sniffer_enabled) 307a84fab3cSChristian Lamparter return -EINVAL; 308a84fab3cSChristian Lamparter } 309a84fab3cSChristian Lamparter 310a84fab3cSChristian Lamparter if (error & AR9170_RX_ERROR_PLCP) { 311a84fab3cSChristian Lamparter if (!(ar->filter_state & FIF_PLCPFAIL)) 312a84fab3cSChristian Lamparter return -EINVAL; 313a84fab3cSChristian Lamparter 314a84fab3cSChristian Lamparter status->flag |= RX_FLAG_FAILED_PLCP_CRC; 315a84fab3cSChristian Lamparter } 316a84fab3cSChristian Lamparter 317a84fab3cSChristian Lamparter if (error & AR9170_RX_ERROR_FCS) { 318a84fab3cSChristian Lamparter ar->tx_fcs_errors++; 319a84fab3cSChristian Lamparter 320a84fab3cSChristian Lamparter if (!(ar->filter_state & FIF_FCSFAIL)) 321a84fab3cSChristian Lamparter return -EINVAL; 322a84fab3cSChristian Lamparter 323a84fab3cSChristian Lamparter status->flag |= RX_FLAG_FAILED_FCS_CRC; 324a84fab3cSChristian Lamparter } 325a84fab3cSChristian Lamparter 326a84fab3cSChristian Lamparter decrypt = ar9170_get_decrypt_type(mac); 327a84fab3cSChristian Lamparter if (!(decrypt & AR9170_RX_ENC_SOFTWARE) && 328a84fab3cSChristian Lamparter decrypt != AR9170_ENC_ALG_NONE) { 329a84fab3cSChristian Lamparter if ((decrypt == AR9170_ENC_ALG_TKIP) && 330a84fab3cSChristian Lamparter (error & AR9170_RX_ERROR_MMIC)) 331a84fab3cSChristian Lamparter status->flag |= RX_FLAG_MMIC_ERROR; 332a84fab3cSChristian Lamparter 333a84fab3cSChristian Lamparter status->flag |= RX_FLAG_DECRYPTED; 334a84fab3cSChristian Lamparter } 335a84fab3cSChristian Lamparter 336a84fab3cSChristian Lamparter if (error & AR9170_RX_ERROR_DECRYPT && !ar->sniffer_enabled) 337a84fab3cSChristian Lamparter return -ENODATA; 338a84fab3cSChristian Lamparter 339a84fab3cSChristian Lamparter error &= ~(AR9170_RX_ERROR_MMIC | 340a84fab3cSChristian Lamparter AR9170_RX_ERROR_FCS | 341a84fab3cSChristian Lamparter AR9170_RX_ERROR_WRONG_RA | 342a84fab3cSChristian Lamparter AR9170_RX_ERROR_DECRYPT | 343a84fab3cSChristian Lamparter AR9170_RX_ERROR_PLCP); 344a84fab3cSChristian Lamparter 345a84fab3cSChristian Lamparter /* drop any other error frames */ 346a84fab3cSChristian Lamparter if (unlikely(error)) { 347a84fab3cSChristian Lamparter /* TODO: update netdevice's RX dropped/errors statistics */ 348a84fab3cSChristian Lamparter 349a84fab3cSChristian Lamparter if (net_ratelimit()) 350a84fab3cSChristian Lamparter wiphy_dbg(ar->hw->wiphy, "received frame with " 351a84fab3cSChristian Lamparter "suspicious error code (%#x).\n", error); 352a84fab3cSChristian Lamparter 353a84fab3cSChristian Lamparter return -EINVAL; 354a84fab3cSChristian Lamparter } 355a84fab3cSChristian Lamparter 356a84fab3cSChristian Lamparter chan = ar->channel; 357a84fab3cSChristian Lamparter if (chan) { 358a84fab3cSChristian Lamparter status->band = chan->band; 359a84fab3cSChristian Lamparter status->freq = chan->center_freq; 360a84fab3cSChristian Lamparter } 361a84fab3cSChristian Lamparter 362a84fab3cSChristian Lamparter switch (mac->status & AR9170_RX_STATUS_MODULATION) { 363a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MODULATION_CCK: 364a84fab3cSChristian Lamparter if (mac->status & AR9170_RX_STATUS_SHORT_PREAMBLE) 365a84fab3cSChristian Lamparter status->flag |= RX_FLAG_SHORTPRE; 366a84fab3cSChristian Lamparter switch (head->plcp[0]) { 367a84fab3cSChristian Lamparter case AR9170_RX_PHY_RATE_CCK_1M: 368a84fab3cSChristian Lamparter status->rate_idx = 0; 369a84fab3cSChristian Lamparter break; 370a84fab3cSChristian Lamparter case AR9170_RX_PHY_RATE_CCK_2M: 371a84fab3cSChristian Lamparter status->rate_idx = 1; 372a84fab3cSChristian Lamparter break; 373a84fab3cSChristian Lamparter case AR9170_RX_PHY_RATE_CCK_5M: 374a84fab3cSChristian Lamparter status->rate_idx = 2; 375a84fab3cSChristian Lamparter break; 376a84fab3cSChristian Lamparter case AR9170_RX_PHY_RATE_CCK_11M: 377a84fab3cSChristian Lamparter status->rate_idx = 3; 378a84fab3cSChristian Lamparter break; 379a84fab3cSChristian Lamparter default: 380a84fab3cSChristian Lamparter if (net_ratelimit()) { 381a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "invalid plcp cck " 382a84fab3cSChristian Lamparter "rate (%x).\n", head->plcp[0]); 383a84fab3cSChristian Lamparter } 384a84fab3cSChristian Lamparter 385a84fab3cSChristian Lamparter return -EINVAL; 386a84fab3cSChristian Lamparter } 387a84fab3cSChristian Lamparter break; 388a84fab3cSChristian Lamparter 389a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MODULATION_DUPOFDM: 390a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MODULATION_OFDM: 391a84fab3cSChristian Lamparter switch (head->plcp[0] & 0xf) { 392a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_6M: 393a84fab3cSChristian Lamparter status->rate_idx = 0; 394a84fab3cSChristian Lamparter break; 395a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_9M: 396a84fab3cSChristian Lamparter status->rate_idx = 1; 397a84fab3cSChristian Lamparter break; 398a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_12M: 399a84fab3cSChristian Lamparter status->rate_idx = 2; 400a84fab3cSChristian Lamparter break; 401a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_18M: 402a84fab3cSChristian Lamparter status->rate_idx = 3; 403a84fab3cSChristian Lamparter break; 404a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_24M: 405a84fab3cSChristian Lamparter status->rate_idx = 4; 406a84fab3cSChristian Lamparter break; 407a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_36M: 408a84fab3cSChristian Lamparter status->rate_idx = 5; 409a84fab3cSChristian Lamparter break; 410a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_48M: 411a84fab3cSChristian Lamparter status->rate_idx = 6; 412a84fab3cSChristian Lamparter break; 413a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_54M: 414a84fab3cSChristian Lamparter status->rate_idx = 7; 415a84fab3cSChristian Lamparter break; 416a84fab3cSChristian Lamparter default: 417a84fab3cSChristian Lamparter if (net_ratelimit()) { 418a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "invalid plcp ofdm " 419a84fab3cSChristian Lamparter "rate (%x).\n", head->plcp[0]); 420a84fab3cSChristian Lamparter } 421a84fab3cSChristian Lamparter 422a84fab3cSChristian Lamparter return -EINVAL; 423a84fab3cSChristian Lamparter } 424a84fab3cSChristian Lamparter if (status->band == IEEE80211_BAND_2GHZ) 425a84fab3cSChristian Lamparter status->rate_idx += 4; 426a84fab3cSChristian Lamparter break; 427a84fab3cSChristian Lamparter 428a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MODULATION_HT: 429a84fab3cSChristian Lamparter if (head->plcp[3] & 0x80) 430a84fab3cSChristian Lamparter status->flag |= RX_FLAG_40MHZ; 431a84fab3cSChristian Lamparter if (head->plcp[6] & 0x80) 432a84fab3cSChristian Lamparter status->flag |= RX_FLAG_SHORT_GI; 433a84fab3cSChristian Lamparter 434a84fab3cSChristian Lamparter status->rate_idx = clamp(0, 75, head->plcp[3] & 0x7f); 435a84fab3cSChristian Lamparter status->flag |= RX_FLAG_HT; 436a84fab3cSChristian Lamparter break; 437a84fab3cSChristian Lamparter 438a84fab3cSChristian Lamparter default: 439a84fab3cSChristian Lamparter BUG(); 440a84fab3cSChristian Lamparter return -ENOSYS; 441a84fab3cSChristian Lamparter } 442a84fab3cSChristian Lamparter 443a84fab3cSChristian Lamparter return 0; 444a84fab3cSChristian Lamparter } 445a84fab3cSChristian Lamparter 446a84fab3cSChristian Lamparter static void carl9170_rx_phy_status(struct ar9170 *ar, 447a84fab3cSChristian Lamparter struct ar9170_rx_phystatus *phy, struct ieee80211_rx_status *status) 448a84fab3cSChristian Lamparter { 449a84fab3cSChristian Lamparter int i; 450a84fab3cSChristian Lamparter 451a84fab3cSChristian Lamparter BUILD_BUG_ON(sizeof(struct ar9170_rx_phystatus) != 20); 452a84fab3cSChristian Lamparter 453a84fab3cSChristian Lamparter for (i = 0; i < 3; i++) 454a84fab3cSChristian Lamparter if (phy->rssi[i] != 0x80) 455a84fab3cSChristian Lamparter status->antenna |= BIT(i); 456a84fab3cSChristian Lamparter 457a84fab3cSChristian Lamparter /* post-process RSSI */ 458a84fab3cSChristian Lamparter for (i = 0; i < 7; i++) 459a84fab3cSChristian Lamparter if (phy->rssi[i] & 0x80) 460a84fab3cSChristian Lamparter phy->rssi[i] = ((phy->rssi[i] & 0x7f) + 1) & 0x7f; 461a84fab3cSChristian Lamparter 462a84fab3cSChristian Lamparter /* TODO: we could do something with phy_errors */ 463a84fab3cSChristian Lamparter status->signal = ar->noise[0] + phy->rssi_combined; 464a84fab3cSChristian Lamparter } 465a84fab3cSChristian Lamparter 466a84fab3cSChristian Lamparter static struct sk_buff *carl9170_rx_copy_data(u8 *buf, int len) 467a84fab3cSChristian Lamparter { 468a84fab3cSChristian Lamparter struct sk_buff *skb; 469a84fab3cSChristian Lamparter int reserved = 0; 470a84fab3cSChristian Lamparter struct ieee80211_hdr *hdr = (void *) buf; 471a84fab3cSChristian Lamparter 472a84fab3cSChristian Lamparter if (ieee80211_is_data_qos(hdr->frame_control)) { 473a84fab3cSChristian Lamparter u8 *qc = ieee80211_get_qos_ctl(hdr); 474a84fab3cSChristian Lamparter reserved += NET_IP_ALIGN; 475a84fab3cSChristian Lamparter 47604b7dcf9SJohannes Berg if (*qc & IEEE80211_QOS_CTL_A_MSDU_PRESENT) 477a84fab3cSChristian Lamparter reserved += NET_IP_ALIGN; 478a84fab3cSChristian Lamparter } 479a84fab3cSChristian Lamparter 480a84fab3cSChristian Lamparter if (ieee80211_has_a4(hdr->frame_control)) 481a84fab3cSChristian Lamparter reserved += NET_IP_ALIGN; 482a84fab3cSChristian Lamparter 483a84fab3cSChristian Lamparter reserved = 32 + (reserved & NET_IP_ALIGN); 484a84fab3cSChristian Lamparter 485a84fab3cSChristian Lamparter skb = dev_alloc_skb(len + reserved); 486a84fab3cSChristian Lamparter if (likely(skb)) { 487a84fab3cSChristian Lamparter skb_reserve(skb, reserved); 488a84fab3cSChristian Lamparter memcpy(skb_put(skb, len), buf, len); 489a84fab3cSChristian Lamparter } 490a84fab3cSChristian Lamparter 491a84fab3cSChristian Lamparter return skb; 492a84fab3cSChristian Lamparter } 493a84fab3cSChristian Lamparter 494a84fab3cSChristian Lamparter static u8 *carl9170_find_ie(u8 *data, unsigned int len, u8 ie) 495a84fab3cSChristian Lamparter { 496a84fab3cSChristian Lamparter struct ieee80211_mgmt *mgmt = (void *)data; 497a84fab3cSChristian Lamparter u8 *pos, *end; 498a84fab3cSChristian Lamparter 499a84fab3cSChristian Lamparter pos = (u8 *)mgmt->u.beacon.variable; 500a84fab3cSChristian Lamparter end = data + len; 501a84fab3cSChristian Lamparter while (pos < end) { 502a84fab3cSChristian Lamparter if (pos + 2 + pos[1] > end) 503a84fab3cSChristian Lamparter return NULL; 504a84fab3cSChristian Lamparter 505a84fab3cSChristian Lamparter if (pos[0] == ie) 506a84fab3cSChristian Lamparter return pos; 507a84fab3cSChristian Lamparter 508a84fab3cSChristian Lamparter pos += 2 + pos[1]; 509a84fab3cSChristian Lamparter } 510a84fab3cSChristian Lamparter return NULL; 511a84fab3cSChristian Lamparter } 512a84fab3cSChristian Lamparter 513a84fab3cSChristian Lamparter /* 514a84fab3cSChristian Lamparter * NOTE: 515a84fab3cSChristian Lamparter * 516a84fab3cSChristian Lamparter * The firmware is in charge of waking up the device just before 517a84fab3cSChristian Lamparter * the AP is expected to transmit the next beacon. 518a84fab3cSChristian Lamparter * 519a84fab3cSChristian Lamparter * This leaves the driver with the important task of deciding when 520a84fab3cSChristian Lamparter * to set the PHY back to bed again. 521a84fab3cSChristian Lamparter */ 522a84fab3cSChristian Lamparter static void carl9170_ps_beacon(struct ar9170 *ar, void *data, unsigned int len) 523a84fab3cSChristian Lamparter { 5242c208890SJoe Perches struct ieee80211_hdr *hdr = data; 525a84fab3cSChristian Lamparter struct ieee80211_tim_ie *tim_ie; 526a84fab3cSChristian Lamparter u8 *tim; 527a84fab3cSChristian Lamparter u8 tim_len; 528a84fab3cSChristian Lamparter bool cam; 529a84fab3cSChristian Lamparter 530a84fab3cSChristian Lamparter if (likely(!(ar->hw->conf.flags & IEEE80211_CONF_PS))) 531a84fab3cSChristian Lamparter return; 532a84fab3cSChristian Lamparter 533a84fab3cSChristian Lamparter /* check if this really is a beacon */ 534a84fab3cSChristian Lamparter if (!ieee80211_is_beacon(hdr->frame_control)) 535a84fab3cSChristian Lamparter return; 536a84fab3cSChristian Lamparter 537a84fab3cSChristian Lamparter /* min. beacon length + FCS_LEN */ 538a84fab3cSChristian Lamparter if (len <= 40 + FCS_LEN) 539a84fab3cSChristian Lamparter return; 540a84fab3cSChristian Lamparter 541a84fab3cSChristian Lamparter /* and only beacons from the associated BSSID, please */ 5422e42e474SJoe Perches if (!ether_addr_equal(hdr->addr3, ar->common.curbssid) || 543a84fab3cSChristian Lamparter !ar->common.curaid) 544a84fab3cSChristian Lamparter return; 545a84fab3cSChristian Lamparter 546a84fab3cSChristian Lamparter ar->ps.last_beacon = jiffies; 547a84fab3cSChristian Lamparter 548a84fab3cSChristian Lamparter tim = carl9170_find_ie(data, len - FCS_LEN, WLAN_EID_TIM); 549a84fab3cSChristian Lamparter if (!tim) 550a84fab3cSChristian Lamparter return; 551a84fab3cSChristian Lamparter 552a84fab3cSChristian Lamparter if (tim[1] < sizeof(*tim_ie)) 553a84fab3cSChristian Lamparter return; 554a84fab3cSChristian Lamparter 555a84fab3cSChristian Lamparter tim_len = tim[1]; 556a84fab3cSChristian Lamparter tim_ie = (struct ieee80211_tim_ie *) &tim[2]; 557a84fab3cSChristian Lamparter 558a84fab3cSChristian Lamparter if (!WARN_ON_ONCE(!ar->hw->conf.ps_dtim_period)) 559a84fab3cSChristian Lamparter ar->ps.dtim_counter = (tim_ie->dtim_count - 1) % 560a84fab3cSChristian Lamparter ar->hw->conf.ps_dtim_period; 561a84fab3cSChristian Lamparter 562a84fab3cSChristian Lamparter /* Check whenever the PHY can be turned off again. */ 563a84fab3cSChristian Lamparter 564a84fab3cSChristian Lamparter /* 1. What about buffered unicast traffic for our AID? */ 565a84fab3cSChristian Lamparter cam = ieee80211_check_tim(tim_ie, tim_len, ar->common.curaid); 566a84fab3cSChristian Lamparter 567a84fab3cSChristian Lamparter /* 2. Maybe the AP wants to send multicast/broadcast data? */ 5685820de53SChristian Lamparter cam |= !!(tim_ie->bitmap_ctrl & 0x01); 569a84fab3cSChristian Lamparter 570a84fab3cSChristian Lamparter if (!cam) { 571a84fab3cSChristian Lamparter /* back to low-power land. */ 572a84fab3cSChristian Lamparter ar->ps.off_override &= ~PS_OFF_BCN; 573a84fab3cSChristian Lamparter carl9170_ps_check(ar); 574a84fab3cSChristian Lamparter } else { 575a84fab3cSChristian Lamparter /* force CAM */ 576a84fab3cSChristian Lamparter ar->ps.off_override |= PS_OFF_BCN; 577a84fab3cSChristian Lamparter } 578a84fab3cSChristian Lamparter } 579a84fab3cSChristian Lamparter 580c9122c0dSChristian Lamparter static void carl9170_ba_check(struct ar9170 *ar, void *data, unsigned int len) 581c9122c0dSChristian Lamparter { 582c9122c0dSChristian Lamparter struct ieee80211_bar *bar = (void *) data; 583c9122c0dSChristian Lamparter struct carl9170_bar_list_entry *entry; 584c9122c0dSChristian Lamparter unsigned int queue; 585c9122c0dSChristian Lamparter 586c9122c0dSChristian Lamparter if (likely(!ieee80211_is_back(bar->frame_control))) 587c9122c0dSChristian Lamparter return; 588c9122c0dSChristian Lamparter 589c9122c0dSChristian Lamparter if (len <= sizeof(*bar) + FCS_LEN) 590c9122c0dSChristian Lamparter return; 591c9122c0dSChristian Lamparter 592c9122c0dSChristian Lamparter queue = TID_TO_WME_AC(((le16_to_cpu(bar->control) & 593c9122c0dSChristian Lamparter IEEE80211_BAR_CTRL_TID_INFO_MASK) >> 594c9122c0dSChristian Lamparter IEEE80211_BAR_CTRL_TID_INFO_SHIFT) & 7); 595c9122c0dSChristian Lamparter 596c9122c0dSChristian Lamparter rcu_read_lock(); 597c9122c0dSChristian Lamparter list_for_each_entry_rcu(entry, &ar->bar_list[queue], list) { 598c9122c0dSChristian Lamparter struct sk_buff *entry_skb = entry->skb; 599c9122c0dSChristian Lamparter struct _carl9170_tx_superframe *super = (void *)entry_skb->data; 600c9122c0dSChristian Lamparter struct ieee80211_bar *entry_bar = (void *)super->frame_data; 601c9122c0dSChristian Lamparter 602c9122c0dSChristian Lamparter #define TID_CHECK(a, b) ( \ 603c9122c0dSChristian Lamparter ((a) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK)) == \ 604c9122c0dSChristian Lamparter ((b) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK))) \ 605c9122c0dSChristian Lamparter 606c9122c0dSChristian Lamparter if (bar->start_seq_num == entry_bar->start_seq_num && 607c9122c0dSChristian Lamparter TID_CHECK(bar->control, entry_bar->control) && 608c9122c0dSChristian Lamparter compare_ether_addr(bar->ra, entry_bar->ta) == 0 && 609c9122c0dSChristian Lamparter compare_ether_addr(bar->ta, entry_bar->ra) == 0) { 610c9122c0dSChristian Lamparter struct ieee80211_tx_info *tx_info; 611c9122c0dSChristian Lamparter 612c9122c0dSChristian Lamparter tx_info = IEEE80211_SKB_CB(entry_skb); 613c9122c0dSChristian Lamparter tx_info->flags |= IEEE80211_TX_STAT_ACK; 614c9122c0dSChristian Lamparter 615c9122c0dSChristian Lamparter spin_lock_bh(&ar->bar_list_lock[queue]); 616c9122c0dSChristian Lamparter list_del_rcu(&entry->list); 617c9122c0dSChristian Lamparter spin_unlock_bh(&ar->bar_list_lock[queue]); 618c9122c0dSChristian Lamparter kfree_rcu(entry, head); 619c9122c0dSChristian Lamparter break; 620c9122c0dSChristian Lamparter } 621c9122c0dSChristian Lamparter } 622c9122c0dSChristian Lamparter rcu_read_unlock(); 623c9122c0dSChristian Lamparter 624c9122c0dSChristian Lamparter #undef TID_CHECK 625c9122c0dSChristian Lamparter } 626c9122c0dSChristian Lamparter 62733dd7699SChristian Lamparter static bool carl9170_ampdu_check(struct ar9170 *ar, u8 *buf, u8 ms, 62833dd7699SChristian Lamparter struct ieee80211_rx_status *rx_status) 6298f236d1bSChristian Lamparter { 6308f236d1bSChristian Lamparter __le16 fc; 6318f236d1bSChristian Lamparter 6328f236d1bSChristian Lamparter if ((ms & AR9170_RX_STATUS_MPDU) == AR9170_RX_STATUS_MPDU_SINGLE) { 6338f236d1bSChristian Lamparter /* 6348f236d1bSChristian Lamparter * This frame is not part of an aMPDU. 6358f236d1bSChristian Lamparter * Therefore it is not subjected to any 6368f236d1bSChristian Lamparter * of the following content restrictions. 6378f236d1bSChristian Lamparter */ 6388f236d1bSChristian Lamparter return true; 6398f236d1bSChristian Lamparter } 6408f236d1bSChristian Lamparter 64133dd7699SChristian Lamparter rx_status->flag |= RX_FLAG_AMPDU_DETAILS | RX_FLAG_AMPDU_LAST_KNOWN; 64233dd7699SChristian Lamparter rx_status->ampdu_reference = ar->ampdu_ref; 64333dd7699SChristian Lamparter 6448f236d1bSChristian Lamparter /* 6458f236d1bSChristian Lamparter * "802.11n - 7.4a.3 A-MPDU contents" describes in which contexts 6468f236d1bSChristian Lamparter * certain frame types can be part of an aMPDU. 6478f236d1bSChristian Lamparter * 6488f236d1bSChristian Lamparter * In order to keep the processing cost down, I opted for a 6498f236d1bSChristian Lamparter * stateless filter solely based on the frame control field. 6508f236d1bSChristian Lamparter */ 6518f236d1bSChristian Lamparter 6528f236d1bSChristian Lamparter fc = ((struct ieee80211_hdr *)buf)->frame_control; 6538f236d1bSChristian Lamparter if (ieee80211_is_data_qos(fc) && ieee80211_is_data_present(fc)) 6548f236d1bSChristian Lamparter return true; 6558f236d1bSChristian Lamparter 6568f236d1bSChristian Lamparter if (ieee80211_is_ack(fc) || ieee80211_is_back(fc) || 6578f236d1bSChristian Lamparter ieee80211_is_back_req(fc)) 6588f236d1bSChristian Lamparter return true; 6598f236d1bSChristian Lamparter 6608f236d1bSChristian Lamparter if (ieee80211_is_action(fc)) 6618f236d1bSChristian Lamparter return true; 6628f236d1bSChristian Lamparter 6638f236d1bSChristian Lamparter return false; 6648f236d1bSChristian Lamparter } 6658f236d1bSChristian Lamparter 666a84fab3cSChristian Lamparter /* 667a84fab3cSChristian Lamparter * If the frame alignment is right (or the kernel has 668a84fab3cSChristian Lamparter * CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS), and there 669a84fab3cSChristian Lamparter * is only a single MPDU in the USB frame, then we could 670a84fab3cSChristian Lamparter * submit to mac80211 the SKB directly. However, since 671a84fab3cSChristian Lamparter * there may be multiple packets in one SKB in stream 672a84fab3cSChristian Lamparter * mode, and we need to observe the proper ordering, 673a84fab3cSChristian Lamparter * this is non-trivial. 674a84fab3cSChristian Lamparter */ 675a84fab3cSChristian Lamparter 676a84fab3cSChristian Lamparter static void carl9170_handle_mpdu(struct ar9170 *ar, u8 *buf, int len) 677a84fab3cSChristian Lamparter { 678a84fab3cSChristian Lamparter struct ar9170_rx_head *head; 679a84fab3cSChristian Lamparter struct ar9170_rx_macstatus *mac; 680a84fab3cSChristian Lamparter struct ar9170_rx_phystatus *phy = NULL; 681a84fab3cSChristian Lamparter struct ieee80211_rx_status status; 682a84fab3cSChristian Lamparter struct sk_buff *skb; 683a84fab3cSChristian Lamparter int mpdu_len; 6848f236d1bSChristian Lamparter u8 mac_status; 685a84fab3cSChristian Lamparter 686a84fab3cSChristian Lamparter if (!IS_STARTED(ar)) 687a84fab3cSChristian Lamparter return; 688a84fab3cSChristian Lamparter 689c8a16c68SChristian Lamparter if (unlikely(len < sizeof(*mac))) 690c8a16c68SChristian Lamparter goto drop; 691a84fab3cSChristian Lamparter 69233dd7699SChristian Lamparter memset(&status, 0, sizeof(status)); 69333dd7699SChristian Lamparter 694a84fab3cSChristian Lamparter mpdu_len = len - sizeof(*mac); 695a84fab3cSChristian Lamparter 696a84fab3cSChristian Lamparter mac = (void *)(buf + mpdu_len); 6978f236d1bSChristian Lamparter mac_status = mac->status; 6988f236d1bSChristian Lamparter switch (mac_status & AR9170_RX_STATUS_MPDU) { 699a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MPDU_FIRST: 70033dd7699SChristian Lamparter ar->ampdu_ref++; 701a84fab3cSChristian Lamparter /* Aggregated MPDUs start with an PLCP header */ 702a84fab3cSChristian Lamparter if (likely(mpdu_len >= sizeof(struct ar9170_rx_head))) { 703a84fab3cSChristian Lamparter head = (void *) buf; 704a84fab3cSChristian Lamparter 705a84fab3cSChristian Lamparter /* 706a84fab3cSChristian Lamparter * The PLCP header needs to be cached for the 707a84fab3cSChristian Lamparter * following MIDDLE + LAST A-MPDU packets. 708a84fab3cSChristian Lamparter * 709a84fab3cSChristian Lamparter * So, if you are wondering why all frames seem 710a84fab3cSChristian Lamparter * to share a common RX status information, 711a84fab3cSChristian Lamparter * then you have the answer right here... 712a84fab3cSChristian Lamparter */ 713a84fab3cSChristian Lamparter memcpy(&ar->rx_plcp, (void *) buf, 714a84fab3cSChristian Lamparter sizeof(struct ar9170_rx_head)); 715a84fab3cSChristian Lamparter 716a84fab3cSChristian Lamparter mpdu_len -= sizeof(struct ar9170_rx_head); 717a84fab3cSChristian Lamparter buf += sizeof(struct ar9170_rx_head); 718a84fab3cSChristian Lamparter 719a84fab3cSChristian Lamparter ar->rx_has_plcp = true; 720a84fab3cSChristian Lamparter } else { 721a84fab3cSChristian Lamparter if (net_ratelimit()) { 722a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "plcp info " 723a84fab3cSChristian Lamparter "is clipped.\n"); 724a84fab3cSChristian Lamparter } 725a84fab3cSChristian Lamparter 726c8a16c68SChristian Lamparter goto drop; 727a84fab3cSChristian Lamparter } 728a84fab3cSChristian Lamparter break; 729a84fab3cSChristian Lamparter 730a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MPDU_LAST: 73133dd7699SChristian Lamparter status.flag |= RX_FLAG_AMPDU_IS_LAST; 73233dd7699SChristian Lamparter 733a84fab3cSChristian Lamparter /* 734a84fab3cSChristian Lamparter * The last frame of an A-MPDU has an extra tail 735a84fab3cSChristian Lamparter * which does contain the phy status of the whole 736a84fab3cSChristian Lamparter * aggregate. 737a84fab3cSChristian Lamparter */ 738a84fab3cSChristian Lamparter if (likely(mpdu_len >= sizeof(struct ar9170_rx_phystatus))) { 739a84fab3cSChristian Lamparter mpdu_len -= sizeof(struct ar9170_rx_phystatus); 740a84fab3cSChristian Lamparter phy = (void *)(buf + mpdu_len); 741a84fab3cSChristian Lamparter } else { 742a84fab3cSChristian Lamparter if (net_ratelimit()) { 743a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "frame tail " 744a84fab3cSChristian Lamparter "is clipped.\n"); 745a84fab3cSChristian Lamparter } 746a84fab3cSChristian Lamparter 747c8a16c68SChristian Lamparter goto drop; 748a84fab3cSChristian Lamparter } 749a84fab3cSChristian Lamparter 750a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MPDU_MIDDLE: 751a84fab3cSChristian Lamparter /* These are just data + mac status */ 752a84fab3cSChristian Lamparter if (unlikely(!ar->rx_has_plcp)) { 753a84fab3cSChristian Lamparter if (!net_ratelimit()) 754a84fab3cSChristian Lamparter return; 755a84fab3cSChristian Lamparter 756a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "rx stream does not start " 757a84fab3cSChristian Lamparter "with a first_mpdu frame tag.\n"); 758a84fab3cSChristian Lamparter 759c8a16c68SChristian Lamparter goto drop; 760a84fab3cSChristian Lamparter } 761a84fab3cSChristian Lamparter 762a84fab3cSChristian Lamparter head = &ar->rx_plcp; 763a84fab3cSChristian Lamparter break; 764a84fab3cSChristian Lamparter 765a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MPDU_SINGLE: 766a84fab3cSChristian Lamparter /* single mpdu has both: plcp (head) and phy status (tail) */ 767a84fab3cSChristian Lamparter head = (void *) buf; 768a84fab3cSChristian Lamparter 769a84fab3cSChristian Lamparter mpdu_len -= sizeof(struct ar9170_rx_head); 770a84fab3cSChristian Lamparter mpdu_len -= sizeof(struct ar9170_rx_phystatus); 771a84fab3cSChristian Lamparter 772a84fab3cSChristian Lamparter buf += sizeof(struct ar9170_rx_head); 773a84fab3cSChristian Lamparter phy = (void *)(buf + mpdu_len); 774a84fab3cSChristian Lamparter break; 775a84fab3cSChristian Lamparter 776a84fab3cSChristian Lamparter default: 777a84fab3cSChristian Lamparter BUG_ON(1); 778a84fab3cSChristian Lamparter break; 779a84fab3cSChristian Lamparter } 780a84fab3cSChristian Lamparter 781a84fab3cSChristian Lamparter /* FC + DU + RA + FCS */ 782c8a16c68SChristian Lamparter if (unlikely(mpdu_len < (2 + 2 + ETH_ALEN + FCS_LEN))) 783c8a16c68SChristian Lamparter goto drop; 784a84fab3cSChristian Lamparter 785c8a16c68SChristian Lamparter if (unlikely(carl9170_rx_mac_status(ar, head, mac, &status))) 786c8a16c68SChristian Lamparter goto drop; 787a84fab3cSChristian Lamparter 78833dd7699SChristian Lamparter if (!carl9170_ampdu_check(ar, buf, mac_status, &status)) 7898f236d1bSChristian Lamparter goto drop; 7908f236d1bSChristian Lamparter 791a84fab3cSChristian Lamparter if (phy) 792a84fab3cSChristian Lamparter carl9170_rx_phy_status(ar, phy, &status); 793a84fab3cSChristian Lamparter 794a84fab3cSChristian Lamparter carl9170_ps_beacon(ar, buf, mpdu_len); 795a84fab3cSChristian Lamparter 796c9122c0dSChristian Lamparter carl9170_ba_check(ar, buf, mpdu_len); 797c9122c0dSChristian Lamparter 798a84fab3cSChristian Lamparter skb = carl9170_rx_copy_data(buf, mpdu_len); 799c8a16c68SChristian Lamparter if (!skb) 800c8a16c68SChristian Lamparter goto drop; 801c8a16c68SChristian Lamparter 802a84fab3cSChristian Lamparter memcpy(IEEE80211_SKB_RXCB(skb), &status, sizeof(status)); 803a84fab3cSChristian Lamparter ieee80211_rx(ar->hw, skb); 804c8a16c68SChristian Lamparter return; 805c8a16c68SChristian Lamparter 806c8a16c68SChristian Lamparter drop: 807a84fab3cSChristian Lamparter ar->rx_dropped++; 808a84fab3cSChristian Lamparter } 809a84fab3cSChristian Lamparter 810a84fab3cSChristian Lamparter static void carl9170_rx_untie_cmds(struct ar9170 *ar, const u8 *respbuf, 811a84fab3cSChristian Lamparter const unsigned int resplen) 812a84fab3cSChristian Lamparter { 813a84fab3cSChristian Lamparter struct carl9170_rsp *cmd; 814a84fab3cSChristian Lamparter int i = 0; 815a84fab3cSChristian Lamparter 816a84fab3cSChristian Lamparter while (i < resplen) { 817a84fab3cSChristian Lamparter cmd = (void *) &respbuf[i]; 818a84fab3cSChristian Lamparter 819a84fab3cSChristian Lamparter i += cmd->hdr.len + 4; 820a84fab3cSChristian Lamparter if (unlikely(i > resplen)) 821a84fab3cSChristian Lamparter break; 822a84fab3cSChristian Lamparter 823a84fab3cSChristian Lamparter carl9170_handle_command_response(ar, cmd, cmd->hdr.len + 4); 824a84fab3cSChristian Lamparter } 825a84fab3cSChristian Lamparter 826a84fab3cSChristian Lamparter if (unlikely(i != resplen)) { 827a84fab3cSChristian Lamparter if (!net_ratelimit()) 828a84fab3cSChristian Lamparter return; 829a84fab3cSChristian Lamparter 830a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "malformed firmware trap:\n"); 831a84fab3cSChristian Lamparter print_hex_dump_bytes("rxcmd:", DUMP_PREFIX_OFFSET, 832a84fab3cSChristian Lamparter respbuf, resplen); 833a84fab3cSChristian Lamparter } 834a84fab3cSChristian Lamparter } 835a84fab3cSChristian Lamparter 836a84fab3cSChristian Lamparter static void __carl9170_rx(struct ar9170 *ar, u8 *buf, unsigned int len) 837a84fab3cSChristian Lamparter { 838a84fab3cSChristian Lamparter unsigned int i = 0; 839a84fab3cSChristian Lamparter 840a84fab3cSChristian Lamparter /* weird thing, but this is the same in the original driver */ 841a84fab3cSChristian Lamparter while (len > 2 && i < 12 && buf[0] == 0xff && buf[1] == 0xff) { 842a84fab3cSChristian Lamparter i += 2; 843a84fab3cSChristian Lamparter len -= 2; 844a84fab3cSChristian Lamparter buf += 2; 845a84fab3cSChristian Lamparter } 846a84fab3cSChristian Lamparter 847a84fab3cSChristian Lamparter if (unlikely(len < 4)) 848a84fab3cSChristian Lamparter return; 849a84fab3cSChristian Lamparter 850a84fab3cSChristian Lamparter /* found the 6 * 0xffff marker? */ 851a84fab3cSChristian Lamparter if (i == 12) 852a84fab3cSChristian Lamparter carl9170_rx_untie_cmds(ar, buf, len); 853a84fab3cSChristian Lamparter else 854a84fab3cSChristian Lamparter carl9170_handle_mpdu(ar, buf, len); 855a84fab3cSChristian Lamparter } 856a84fab3cSChristian Lamparter 857a84fab3cSChristian Lamparter static void carl9170_rx_stream(struct ar9170 *ar, void *buf, unsigned int len) 858a84fab3cSChristian Lamparter { 859a84fab3cSChristian Lamparter unsigned int tlen, wlen = 0, clen = 0; 860a84fab3cSChristian Lamparter struct ar9170_stream *rx_stream; 861a84fab3cSChristian Lamparter u8 *tbuf; 862a84fab3cSChristian Lamparter 863a84fab3cSChristian Lamparter tbuf = buf; 864a84fab3cSChristian Lamparter tlen = len; 865a84fab3cSChristian Lamparter 866a84fab3cSChristian Lamparter while (tlen >= 4) { 867a84fab3cSChristian Lamparter rx_stream = (void *) tbuf; 868a84fab3cSChristian Lamparter clen = le16_to_cpu(rx_stream->length); 869a84fab3cSChristian Lamparter wlen = ALIGN(clen, 4); 870a84fab3cSChristian Lamparter 871a84fab3cSChristian Lamparter /* check if this is stream has a valid tag.*/ 872a84fab3cSChristian Lamparter if (rx_stream->tag != cpu_to_le16(AR9170_RX_STREAM_TAG)) { 873a84fab3cSChristian Lamparter /* 874a84fab3cSChristian Lamparter * TODO: handle the highly unlikely event that the 875a84fab3cSChristian Lamparter * corrupted stream has the TAG at the right position. 876a84fab3cSChristian Lamparter */ 877a84fab3cSChristian Lamparter 878a84fab3cSChristian Lamparter /* check if the frame can be repaired. */ 879a84fab3cSChristian Lamparter if (!ar->rx_failover_missing) { 880a84fab3cSChristian Lamparter 881a84fab3cSChristian Lamparter /* this is not "short read". */ 882a84fab3cSChristian Lamparter if (net_ratelimit()) { 883a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, 884a84fab3cSChristian Lamparter "missing tag!\n"); 885a84fab3cSChristian Lamparter } 886a84fab3cSChristian Lamparter 887a84fab3cSChristian Lamparter __carl9170_rx(ar, tbuf, tlen); 888a84fab3cSChristian Lamparter return; 889a84fab3cSChristian Lamparter } 890a84fab3cSChristian Lamparter 891a84fab3cSChristian Lamparter if (ar->rx_failover_missing > tlen) { 892a84fab3cSChristian Lamparter if (net_ratelimit()) { 893a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, 894a84fab3cSChristian Lamparter "possible multi " 895a84fab3cSChristian Lamparter "stream corruption!\n"); 896a84fab3cSChristian Lamparter goto err_telluser; 897a84fab3cSChristian Lamparter } else { 898a84fab3cSChristian Lamparter goto err_silent; 899a84fab3cSChristian Lamparter } 900a84fab3cSChristian Lamparter } 901a84fab3cSChristian Lamparter 902a84fab3cSChristian Lamparter memcpy(skb_put(ar->rx_failover, tlen), tbuf, tlen); 903a84fab3cSChristian Lamparter ar->rx_failover_missing -= tlen; 904a84fab3cSChristian Lamparter 905a84fab3cSChristian Lamparter if (ar->rx_failover_missing <= 0) { 906a84fab3cSChristian Lamparter /* 907a84fab3cSChristian Lamparter * nested carl9170_rx_stream call! 908a84fab3cSChristian Lamparter * 90925985edcSLucas De Marchi * termination is guaranteed, even when the 910a84fab3cSChristian Lamparter * combined frame also have an element with 911a84fab3cSChristian Lamparter * a bad tag. 912a84fab3cSChristian Lamparter */ 913a84fab3cSChristian Lamparter 914a84fab3cSChristian Lamparter ar->rx_failover_missing = 0; 915a84fab3cSChristian Lamparter carl9170_rx_stream(ar, ar->rx_failover->data, 916a84fab3cSChristian Lamparter ar->rx_failover->len); 917a84fab3cSChristian Lamparter 918a84fab3cSChristian Lamparter skb_reset_tail_pointer(ar->rx_failover); 919a84fab3cSChristian Lamparter skb_trim(ar->rx_failover, 0); 920a84fab3cSChristian Lamparter } 921a84fab3cSChristian Lamparter 922a84fab3cSChristian Lamparter return; 923a84fab3cSChristian Lamparter } 924a84fab3cSChristian Lamparter 925a84fab3cSChristian Lamparter /* check if stream is clipped */ 926a84fab3cSChristian Lamparter if (wlen > tlen - 4) { 927a84fab3cSChristian Lamparter if (ar->rx_failover_missing) { 928a84fab3cSChristian Lamparter /* TODO: handle double stream corruption. */ 929a84fab3cSChristian Lamparter if (net_ratelimit()) { 930a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "double rx " 931a84fab3cSChristian Lamparter "stream corruption!\n"); 932a84fab3cSChristian Lamparter goto err_telluser; 933a84fab3cSChristian Lamparter } else { 934a84fab3cSChristian Lamparter goto err_silent; 935a84fab3cSChristian Lamparter } 936a84fab3cSChristian Lamparter } 937a84fab3cSChristian Lamparter 938a84fab3cSChristian Lamparter /* 939a84fab3cSChristian Lamparter * save incomplete data set. 940a84fab3cSChristian Lamparter * the firmware will resend the missing bits when 941a84fab3cSChristian Lamparter * the rx - descriptor comes round again. 942a84fab3cSChristian Lamparter */ 943a84fab3cSChristian Lamparter 944a84fab3cSChristian Lamparter memcpy(skb_put(ar->rx_failover, tlen), tbuf, tlen); 945a84fab3cSChristian Lamparter ar->rx_failover_missing = clen - tlen; 946a84fab3cSChristian Lamparter return; 947a84fab3cSChristian Lamparter } 948a84fab3cSChristian Lamparter __carl9170_rx(ar, rx_stream->payload, clen); 949a84fab3cSChristian Lamparter 950a84fab3cSChristian Lamparter tbuf += wlen + 4; 951a84fab3cSChristian Lamparter tlen -= wlen + 4; 952a84fab3cSChristian Lamparter } 953a84fab3cSChristian Lamparter 954a84fab3cSChristian Lamparter if (tlen) { 955a84fab3cSChristian Lamparter if (net_ratelimit()) { 956a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "%d bytes of unprocessed " 957a84fab3cSChristian Lamparter "data left in rx stream!\n", tlen); 958a84fab3cSChristian Lamparter } 959a84fab3cSChristian Lamparter 960a84fab3cSChristian Lamparter goto err_telluser; 961a84fab3cSChristian Lamparter } 962a84fab3cSChristian Lamparter 963a84fab3cSChristian Lamparter return; 964a84fab3cSChristian Lamparter 965a84fab3cSChristian Lamparter err_telluser: 966a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "damaged RX stream data [want:%d, " 967a84fab3cSChristian Lamparter "data:%d, rx:%d, pending:%d ]\n", clen, wlen, tlen, 968a84fab3cSChristian Lamparter ar->rx_failover_missing); 969a84fab3cSChristian Lamparter 970a84fab3cSChristian Lamparter if (ar->rx_failover_missing) 971a84fab3cSChristian Lamparter print_hex_dump_bytes("rxbuf:", DUMP_PREFIX_OFFSET, 972a84fab3cSChristian Lamparter ar->rx_failover->data, 973a84fab3cSChristian Lamparter ar->rx_failover->len); 974a84fab3cSChristian Lamparter 975a84fab3cSChristian Lamparter print_hex_dump_bytes("stream:", DUMP_PREFIX_OFFSET, 976a84fab3cSChristian Lamparter buf, len); 977a84fab3cSChristian Lamparter 978a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "please check your hardware and cables, if " 979a84fab3cSChristian Lamparter "you see this message frequently.\n"); 980a84fab3cSChristian Lamparter 981a84fab3cSChristian Lamparter err_silent: 982a84fab3cSChristian Lamparter if (ar->rx_failover_missing) { 983a84fab3cSChristian Lamparter skb_reset_tail_pointer(ar->rx_failover); 984a84fab3cSChristian Lamparter skb_trim(ar->rx_failover, 0); 985a84fab3cSChristian Lamparter ar->rx_failover_missing = 0; 986a84fab3cSChristian Lamparter } 987a84fab3cSChristian Lamparter } 988a84fab3cSChristian Lamparter 989a84fab3cSChristian Lamparter void carl9170_rx(struct ar9170 *ar, void *buf, unsigned int len) 990a84fab3cSChristian Lamparter { 991a84fab3cSChristian Lamparter if (ar->fw.rx_stream) 992a84fab3cSChristian Lamparter carl9170_rx_stream(ar, buf, len); 993a84fab3cSChristian Lamparter else 994a84fab3cSChristian Lamparter __carl9170_rx(ar, buf, len); 995a84fab3cSChristian Lamparter } 996