1a84fab3cSChristian Lamparter /* 2a84fab3cSChristian Lamparter * Atheros CARL9170 driver 3a84fab3cSChristian Lamparter * 4a84fab3cSChristian Lamparter * 802.11 & command trap routines 5a84fab3cSChristian Lamparter * 6a84fab3cSChristian Lamparter * Copyright 2008, Johannes Berg <johannes@sipsolutions.net> 7a84fab3cSChristian Lamparter * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com> 8a84fab3cSChristian Lamparter * 9a84fab3cSChristian Lamparter * This program is free software; you can redistribute it and/or modify 10a84fab3cSChristian Lamparter * it under the terms of the GNU General Public License as published by 11a84fab3cSChristian Lamparter * the Free Software Foundation; either version 2 of the License, or 12a84fab3cSChristian Lamparter * (at your option) any later version. 13a84fab3cSChristian Lamparter * 14a84fab3cSChristian Lamparter * This program is distributed in the hope that it will be useful, 15a84fab3cSChristian Lamparter * but WITHOUT ANY WARRANTY; without even the implied warranty of 16a84fab3cSChristian Lamparter * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17a84fab3cSChristian Lamparter * GNU General Public License for more details. 18a84fab3cSChristian Lamparter * 19a84fab3cSChristian Lamparter * You should have received a copy of the GNU General Public License 20a84fab3cSChristian Lamparter * along with this program; see the file COPYING. If not, see 21a84fab3cSChristian Lamparter * http://www.gnu.org/licenses/. 22a84fab3cSChristian Lamparter * 23a84fab3cSChristian Lamparter * This file incorporates work covered by the following copyright and 24a84fab3cSChristian Lamparter * permission notice: 25a84fab3cSChristian Lamparter * Copyright (c) 2007-2008 Atheros Communications, Inc. 26a84fab3cSChristian Lamparter * 27a84fab3cSChristian Lamparter * Permission to use, copy, modify, and/or distribute this software for any 28a84fab3cSChristian Lamparter * purpose with or without fee is hereby granted, provided that the above 29a84fab3cSChristian Lamparter * copyright notice and this permission notice appear in all copies. 30a84fab3cSChristian Lamparter * 31a84fab3cSChristian Lamparter * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 32a84fab3cSChristian Lamparter * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 33a84fab3cSChristian Lamparter * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 34a84fab3cSChristian Lamparter * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 35a84fab3cSChristian Lamparter * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 36a84fab3cSChristian Lamparter * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 37a84fab3cSChristian Lamparter * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 38a84fab3cSChristian Lamparter */ 39a84fab3cSChristian Lamparter 40a84fab3cSChristian Lamparter #include <linux/init.h> 41a84fab3cSChristian Lamparter #include <linux/slab.h> 42a84fab3cSChristian Lamparter #include <linux/module.h> 43a84fab3cSChristian Lamparter #include <linux/etherdevice.h> 44a84fab3cSChristian Lamparter #include <linux/crc32.h> 45a84fab3cSChristian Lamparter #include <net/mac80211.h> 46a84fab3cSChristian Lamparter #include "carl9170.h" 47a84fab3cSChristian Lamparter #include "hw.h" 48a84fab3cSChristian Lamparter #include "cmd.h" 49a84fab3cSChristian Lamparter 50a84fab3cSChristian Lamparter static void carl9170_dbg_message(struct ar9170 *ar, const char *buf, u32 len) 51a84fab3cSChristian Lamparter { 52a84fab3cSChristian Lamparter bool restart = false; 53a84fab3cSChristian Lamparter enum carl9170_restart_reasons reason = CARL9170_RR_NO_REASON; 54a84fab3cSChristian Lamparter 55a84fab3cSChristian Lamparter if (len > 3) { 56a84fab3cSChristian Lamparter if (memcmp(buf, CARL9170_ERR_MAGIC, 3) == 0) { 57a84fab3cSChristian Lamparter ar->fw.err_counter++; 58a84fab3cSChristian Lamparter if (ar->fw.err_counter > 3) { 59a84fab3cSChristian Lamparter restart = true; 60a84fab3cSChristian Lamparter reason = CARL9170_RR_TOO_MANY_FIRMWARE_ERRORS; 61a84fab3cSChristian Lamparter } 62a84fab3cSChristian Lamparter } 63a84fab3cSChristian Lamparter 64a84fab3cSChristian Lamparter if (memcmp(buf, CARL9170_BUG_MAGIC, 3) == 0) { 65a84fab3cSChristian Lamparter ar->fw.bug_counter++; 66a84fab3cSChristian Lamparter restart = true; 67a84fab3cSChristian Lamparter reason = CARL9170_RR_FATAL_FIRMWARE_ERROR; 68a84fab3cSChristian Lamparter } 69a84fab3cSChristian Lamparter } 70a84fab3cSChristian Lamparter 71a84fab3cSChristian Lamparter wiphy_info(ar->hw->wiphy, "FW: %.*s\n", len, buf); 72a84fab3cSChristian Lamparter 73a84fab3cSChristian Lamparter if (restart) 74a84fab3cSChristian Lamparter carl9170_restart(ar, reason); 75a84fab3cSChristian Lamparter } 76a84fab3cSChristian Lamparter 77a84fab3cSChristian Lamparter static void carl9170_handle_ps(struct ar9170 *ar, struct carl9170_rsp *rsp) 78a84fab3cSChristian Lamparter { 79a84fab3cSChristian Lamparter u32 ps; 80a84fab3cSChristian Lamparter bool new_ps; 81a84fab3cSChristian Lamparter 82a84fab3cSChristian Lamparter ps = le32_to_cpu(rsp->psm.state); 83a84fab3cSChristian Lamparter 84a84fab3cSChristian Lamparter new_ps = (ps & CARL9170_PSM_COUNTER) != CARL9170_PSM_WAKE; 85a84fab3cSChristian Lamparter if (ar->ps.state != new_ps) { 86a84fab3cSChristian Lamparter if (!new_ps) { 87a84fab3cSChristian Lamparter ar->ps.sleep_ms = jiffies_to_msecs(jiffies - 88a84fab3cSChristian Lamparter ar->ps.last_action); 89a84fab3cSChristian Lamparter } 90a84fab3cSChristian Lamparter 91a84fab3cSChristian Lamparter ar->ps.last_action = jiffies; 92a84fab3cSChristian Lamparter 93a84fab3cSChristian Lamparter ar->ps.state = new_ps; 94a84fab3cSChristian Lamparter } 95a84fab3cSChristian Lamparter } 96a84fab3cSChristian Lamparter 97a84fab3cSChristian Lamparter static int carl9170_check_sequence(struct ar9170 *ar, unsigned int seq) 98a84fab3cSChristian Lamparter { 99a84fab3cSChristian Lamparter if (ar->cmd_seq < -1) 100a84fab3cSChristian Lamparter return 0; 101a84fab3cSChristian Lamparter 102a84fab3cSChristian Lamparter /* 103a84fab3cSChristian Lamparter * Initialize Counter 104a84fab3cSChristian Lamparter */ 105a84fab3cSChristian Lamparter if (ar->cmd_seq < 0) 106a84fab3cSChristian Lamparter ar->cmd_seq = seq; 107a84fab3cSChristian Lamparter 108a84fab3cSChristian Lamparter /* 109a84fab3cSChristian Lamparter * The sequence is strictly monotonic increasing and it never skips! 110a84fab3cSChristian Lamparter * 111a84fab3cSChristian Lamparter * Therefore we can safely assume that whenever we received an 112a84fab3cSChristian Lamparter * unexpected sequence we have lost some valuable data. 113a84fab3cSChristian Lamparter */ 114a84fab3cSChristian Lamparter if (seq != ar->cmd_seq) { 115a84fab3cSChristian Lamparter int count; 116a84fab3cSChristian Lamparter 117a84fab3cSChristian Lamparter count = (seq - ar->cmd_seq) % ar->fw.cmd_bufs; 118a84fab3cSChristian Lamparter 119a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "lost %d command responses/traps! " 120a84fab3cSChristian Lamparter "w:%d g:%d\n", count, ar->cmd_seq, seq); 121a84fab3cSChristian Lamparter 122a84fab3cSChristian Lamparter carl9170_restart(ar, CARL9170_RR_LOST_RSP); 123a84fab3cSChristian Lamparter return -EIO; 124a84fab3cSChristian Lamparter } 125a84fab3cSChristian Lamparter 126a84fab3cSChristian Lamparter ar->cmd_seq = (ar->cmd_seq + 1) % ar->fw.cmd_bufs; 127a84fab3cSChristian Lamparter return 0; 128a84fab3cSChristian Lamparter } 129a84fab3cSChristian Lamparter 130a84fab3cSChristian Lamparter static void carl9170_cmd_callback(struct ar9170 *ar, u32 len, void *buffer) 131a84fab3cSChristian Lamparter { 132a84fab3cSChristian Lamparter /* 133a84fab3cSChristian Lamparter * Some commands may have a variable response length 134a84fab3cSChristian Lamparter * and we cannot predict the correct length in advance. 135a84fab3cSChristian Lamparter * So we only check if we provided enough space for the data. 136a84fab3cSChristian Lamparter */ 137a84fab3cSChristian Lamparter if (unlikely(ar->readlen != (len - 4))) { 138a84fab3cSChristian Lamparter dev_warn(&ar->udev->dev, "received invalid command response:" 139a84fab3cSChristian Lamparter "got %d, instead of %d\n", len - 4, ar->readlen); 140a84fab3cSChristian Lamparter print_hex_dump_bytes("carl9170 cmd:", DUMP_PREFIX_OFFSET, 141a84fab3cSChristian Lamparter ar->cmd_buf, (ar->cmd.hdr.len + 4) & 0x3f); 142a84fab3cSChristian Lamparter print_hex_dump_bytes("carl9170 rsp:", DUMP_PREFIX_OFFSET, 143a84fab3cSChristian Lamparter buffer, len); 144a84fab3cSChristian Lamparter /* 145a84fab3cSChristian Lamparter * Do not complete. The command times out, 146a84fab3cSChristian Lamparter * and we get a stack trace from there. 147a84fab3cSChristian Lamparter */ 148a84fab3cSChristian Lamparter carl9170_restart(ar, CARL9170_RR_INVALID_RSP); 149a84fab3cSChristian Lamparter } 150a84fab3cSChristian Lamparter 151a84fab3cSChristian Lamparter spin_lock(&ar->cmd_lock); 152a84fab3cSChristian Lamparter if (ar->readbuf) { 153a84fab3cSChristian Lamparter if (len >= 4) 154a84fab3cSChristian Lamparter memcpy(ar->readbuf, buffer + 4, len - 4); 155a84fab3cSChristian Lamparter 156a84fab3cSChristian Lamparter ar->readbuf = NULL; 157a84fab3cSChristian Lamparter } 158a84fab3cSChristian Lamparter complete(&ar->cmd_wait); 159a84fab3cSChristian Lamparter spin_unlock(&ar->cmd_lock); 160a84fab3cSChristian Lamparter } 161a84fab3cSChristian Lamparter 162a84fab3cSChristian Lamparter void carl9170_handle_command_response(struct ar9170 *ar, void *buf, u32 len) 163a84fab3cSChristian Lamparter { 1642c208890SJoe Perches struct carl9170_rsp *cmd = buf; 165a84fab3cSChristian Lamparter struct ieee80211_vif *vif; 166a84fab3cSChristian Lamparter 167a84fab3cSChristian Lamparter if ((cmd->hdr.cmd & CARL9170_RSP_FLAG) != CARL9170_RSP_FLAG) { 168a84fab3cSChristian Lamparter if (!(cmd->hdr.cmd & CARL9170_CMD_ASYNC_FLAG)) 169a84fab3cSChristian Lamparter carl9170_cmd_callback(ar, len, buf); 170a84fab3cSChristian Lamparter 171a84fab3cSChristian Lamparter return; 172a84fab3cSChristian Lamparter } 173a84fab3cSChristian Lamparter 174a84fab3cSChristian Lamparter if (unlikely(cmd->hdr.len != (len - 4))) { 175a84fab3cSChristian Lamparter if (net_ratelimit()) { 176a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "FW: received over-/under" 177a84fab3cSChristian Lamparter "sized event %x (%d, but should be %d).\n", 178a84fab3cSChristian Lamparter cmd->hdr.cmd, cmd->hdr.len, len - 4); 179a84fab3cSChristian Lamparter 180a84fab3cSChristian Lamparter print_hex_dump_bytes("dump:", DUMP_PREFIX_NONE, 181a84fab3cSChristian Lamparter buf, len); 182a84fab3cSChristian Lamparter } 183a84fab3cSChristian Lamparter 184a84fab3cSChristian Lamparter return; 185a84fab3cSChristian Lamparter } 186a84fab3cSChristian Lamparter 187a84fab3cSChristian Lamparter /* hardware event handlers */ 188a84fab3cSChristian Lamparter switch (cmd->hdr.cmd) { 189a84fab3cSChristian Lamparter case CARL9170_RSP_PRETBTT: 190a84fab3cSChristian Lamparter /* pre-TBTT event */ 191a84fab3cSChristian Lamparter rcu_read_lock(); 192a84fab3cSChristian Lamparter vif = carl9170_get_main_vif(ar); 193a84fab3cSChristian Lamparter 194a84fab3cSChristian Lamparter if (!vif) { 195a84fab3cSChristian Lamparter rcu_read_unlock(); 196a84fab3cSChristian Lamparter break; 197a84fab3cSChristian Lamparter } 198a84fab3cSChristian Lamparter 199a84fab3cSChristian Lamparter switch (vif->type) { 200a84fab3cSChristian Lamparter case NL80211_IFTYPE_STATION: 201a84fab3cSChristian Lamparter carl9170_handle_ps(ar, cmd); 202a84fab3cSChristian Lamparter break; 203a84fab3cSChristian Lamparter 204a84fab3cSChristian Lamparter case NL80211_IFTYPE_AP: 205a84fab3cSChristian Lamparter case NL80211_IFTYPE_ADHOC: 206da93c26dSJavier Lopez case NL80211_IFTYPE_MESH_POINT: 207a84fab3cSChristian Lamparter carl9170_update_beacon(ar, true); 208a84fab3cSChristian Lamparter break; 209a84fab3cSChristian Lamparter 210a84fab3cSChristian Lamparter default: 211a84fab3cSChristian Lamparter break; 212a84fab3cSChristian Lamparter } 213a84fab3cSChristian Lamparter rcu_read_unlock(); 214a84fab3cSChristian Lamparter 215a84fab3cSChristian Lamparter break; 216a84fab3cSChristian Lamparter 217a84fab3cSChristian Lamparter 218a84fab3cSChristian Lamparter case CARL9170_RSP_TXCOMP: 219a84fab3cSChristian Lamparter /* TX status notification */ 220a84fab3cSChristian Lamparter carl9170_tx_process_status(ar, cmd); 221a84fab3cSChristian Lamparter break; 222a84fab3cSChristian Lamparter 223a84fab3cSChristian Lamparter case CARL9170_RSP_BEACON_CONFIG: 224a84fab3cSChristian Lamparter /* 225a84fab3cSChristian Lamparter * (IBSS) beacon send notification 226a84fab3cSChristian Lamparter * bytes: 04 c2 XX YY B4 B3 B2 B1 227a84fab3cSChristian Lamparter * 228a84fab3cSChristian Lamparter * XX always 80 229a84fab3cSChristian Lamparter * YY always 00 230a84fab3cSChristian Lamparter * B1-B4 "should" be the number of send out beacons. 231a84fab3cSChristian Lamparter */ 232a84fab3cSChristian Lamparter break; 233a84fab3cSChristian Lamparter 234a84fab3cSChristian Lamparter case CARL9170_RSP_ATIM: 235a84fab3cSChristian Lamparter /* End of Atim Window */ 236a84fab3cSChristian Lamparter break; 237a84fab3cSChristian Lamparter 238a84fab3cSChristian Lamparter case CARL9170_RSP_WATCHDOG: 239a84fab3cSChristian Lamparter /* Watchdog Interrupt */ 240a84fab3cSChristian Lamparter carl9170_restart(ar, CARL9170_RR_WATCHDOG); 241a84fab3cSChristian Lamparter break; 242a84fab3cSChristian Lamparter 243a84fab3cSChristian Lamparter case CARL9170_RSP_TEXT: 244a84fab3cSChristian Lamparter /* firmware debug */ 245a84fab3cSChristian Lamparter carl9170_dbg_message(ar, (char *)buf + 4, len - 4); 246a84fab3cSChristian Lamparter break; 247a84fab3cSChristian Lamparter 248a84fab3cSChristian Lamparter case CARL9170_RSP_HEXDUMP: 249a84fab3cSChristian Lamparter wiphy_dbg(ar->hw->wiphy, "FW: HD %d\n", len - 4); 250a84fab3cSChristian Lamparter print_hex_dump_bytes("FW:", DUMP_PREFIX_NONE, 251a84fab3cSChristian Lamparter (char *)buf + 4, len - 4); 252a84fab3cSChristian Lamparter break; 253a84fab3cSChristian Lamparter 254a84fab3cSChristian Lamparter case CARL9170_RSP_RADAR: 255a84fab3cSChristian Lamparter if (!net_ratelimit()) 256a84fab3cSChristian Lamparter break; 257a84fab3cSChristian Lamparter 258a84fab3cSChristian Lamparter wiphy_info(ar->hw->wiphy, "FW: RADAR! Please report this " 259a84fab3cSChristian Lamparter "incident to linux-wireless@vger.kernel.org !\n"); 260a84fab3cSChristian Lamparter break; 261a84fab3cSChristian Lamparter 262a84fab3cSChristian Lamparter case CARL9170_RSP_GPIO: 263a84fab3cSChristian Lamparter #ifdef CONFIG_CARL9170_WPC 264a84fab3cSChristian Lamparter if (ar->wps.pbc) { 265a84fab3cSChristian Lamparter bool state = !!(cmd->gpio.gpio & cpu_to_le32( 266a84fab3cSChristian Lamparter AR9170_GPIO_PORT_WPS_BUTTON_PRESSED)); 267a84fab3cSChristian Lamparter 268a84fab3cSChristian Lamparter if (state != ar->wps.pbc_state) { 269a84fab3cSChristian Lamparter ar->wps.pbc_state = state; 270a84fab3cSChristian Lamparter input_report_key(ar->wps.pbc, KEY_WPS_BUTTON, 271a84fab3cSChristian Lamparter state); 272a84fab3cSChristian Lamparter input_sync(ar->wps.pbc); 273a84fab3cSChristian Lamparter } 274a84fab3cSChristian Lamparter } 275a84fab3cSChristian Lamparter #endif /* CONFIG_CARL9170_WPC */ 276a84fab3cSChristian Lamparter break; 277a84fab3cSChristian Lamparter 278a84fab3cSChristian Lamparter case CARL9170_RSP_BOOT: 279a84fab3cSChristian Lamparter complete(&ar->fw_boot_wait); 280a84fab3cSChristian Lamparter break; 281a84fab3cSChristian Lamparter 282a84fab3cSChristian Lamparter default: 283a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "FW: received unhandled event %x\n", 284a84fab3cSChristian Lamparter cmd->hdr.cmd); 285a84fab3cSChristian Lamparter print_hex_dump_bytes("dump:", DUMP_PREFIX_NONE, buf, len); 286a84fab3cSChristian Lamparter break; 287a84fab3cSChristian Lamparter } 288a84fab3cSChristian Lamparter } 289a84fab3cSChristian Lamparter 290a84fab3cSChristian Lamparter static int carl9170_rx_mac_status(struct ar9170 *ar, 291a84fab3cSChristian Lamparter struct ar9170_rx_head *head, struct ar9170_rx_macstatus *mac, 292a84fab3cSChristian Lamparter struct ieee80211_rx_status *status) 293a84fab3cSChristian Lamparter { 294a84fab3cSChristian Lamparter struct ieee80211_channel *chan; 295a84fab3cSChristian Lamparter u8 error, decrypt; 296a84fab3cSChristian Lamparter 297a84fab3cSChristian Lamparter BUILD_BUG_ON(sizeof(struct ar9170_rx_head) != 12); 298a84fab3cSChristian Lamparter BUILD_BUG_ON(sizeof(struct ar9170_rx_macstatus) != 4); 299a84fab3cSChristian Lamparter 300a84fab3cSChristian Lamparter error = mac->error; 301a84fab3cSChristian Lamparter 302a84fab3cSChristian Lamparter if (error & AR9170_RX_ERROR_WRONG_RA) { 303a84fab3cSChristian Lamparter if (!ar->sniffer_enabled) 304a84fab3cSChristian Lamparter return -EINVAL; 305a84fab3cSChristian Lamparter } 306a84fab3cSChristian Lamparter 307a84fab3cSChristian Lamparter if (error & AR9170_RX_ERROR_PLCP) { 308a84fab3cSChristian Lamparter if (!(ar->filter_state & FIF_PLCPFAIL)) 309a84fab3cSChristian Lamparter return -EINVAL; 310a84fab3cSChristian Lamparter 311a84fab3cSChristian Lamparter status->flag |= RX_FLAG_FAILED_PLCP_CRC; 312a84fab3cSChristian Lamparter } 313a84fab3cSChristian Lamparter 314a84fab3cSChristian Lamparter if (error & AR9170_RX_ERROR_FCS) { 315a84fab3cSChristian Lamparter ar->tx_fcs_errors++; 316a84fab3cSChristian Lamparter 317a84fab3cSChristian Lamparter if (!(ar->filter_state & FIF_FCSFAIL)) 318a84fab3cSChristian Lamparter return -EINVAL; 319a84fab3cSChristian Lamparter 320a84fab3cSChristian Lamparter status->flag |= RX_FLAG_FAILED_FCS_CRC; 321a84fab3cSChristian Lamparter } 322a84fab3cSChristian Lamparter 323a84fab3cSChristian Lamparter decrypt = ar9170_get_decrypt_type(mac); 324a84fab3cSChristian Lamparter if (!(decrypt & AR9170_RX_ENC_SOFTWARE) && 325a84fab3cSChristian Lamparter decrypt != AR9170_ENC_ALG_NONE) { 326a84fab3cSChristian Lamparter if ((decrypt == AR9170_ENC_ALG_TKIP) && 327a84fab3cSChristian Lamparter (error & AR9170_RX_ERROR_MMIC)) 328a84fab3cSChristian Lamparter status->flag |= RX_FLAG_MMIC_ERROR; 329a84fab3cSChristian Lamparter 330a84fab3cSChristian Lamparter status->flag |= RX_FLAG_DECRYPTED; 331a84fab3cSChristian Lamparter } 332a84fab3cSChristian Lamparter 333a84fab3cSChristian Lamparter if (error & AR9170_RX_ERROR_DECRYPT && !ar->sniffer_enabled) 334a84fab3cSChristian Lamparter return -ENODATA; 335a84fab3cSChristian Lamparter 336a84fab3cSChristian Lamparter error &= ~(AR9170_RX_ERROR_MMIC | 337a84fab3cSChristian Lamparter AR9170_RX_ERROR_FCS | 338a84fab3cSChristian Lamparter AR9170_RX_ERROR_WRONG_RA | 339a84fab3cSChristian Lamparter AR9170_RX_ERROR_DECRYPT | 340a84fab3cSChristian Lamparter AR9170_RX_ERROR_PLCP); 341a84fab3cSChristian Lamparter 342a84fab3cSChristian Lamparter /* drop any other error frames */ 343a84fab3cSChristian Lamparter if (unlikely(error)) { 344a84fab3cSChristian Lamparter /* TODO: update netdevice's RX dropped/errors statistics */ 345a84fab3cSChristian Lamparter 346a84fab3cSChristian Lamparter if (net_ratelimit()) 347a84fab3cSChristian Lamparter wiphy_dbg(ar->hw->wiphy, "received frame with " 348a84fab3cSChristian Lamparter "suspicious error code (%#x).\n", error); 349a84fab3cSChristian Lamparter 350a84fab3cSChristian Lamparter return -EINVAL; 351a84fab3cSChristian Lamparter } 352a84fab3cSChristian Lamparter 353a84fab3cSChristian Lamparter chan = ar->channel; 354a84fab3cSChristian Lamparter if (chan) { 355a84fab3cSChristian Lamparter status->band = chan->band; 356a84fab3cSChristian Lamparter status->freq = chan->center_freq; 357a84fab3cSChristian Lamparter } 358a84fab3cSChristian Lamparter 359a84fab3cSChristian Lamparter switch (mac->status & AR9170_RX_STATUS_MODULATION) { 360a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MODULATION_CCK: 361a84fab3cSChristian Lamparter if (mac->status & AR9170_RX_STATUS_SHORT_PREAMBLE) 362a84fab3cSChristian Lamparter status->flag |= RX_FLAG_SHORTPRE; 363a84fab3cSChristian Lamparter switch (head->plcp[0]) { 364a84fab3cSChristian Lamparter case AR9170_RX_PHY_RATE_CCK_1M: 365a84fab3cSChristian Lamparter status->rate_idx = 0; 366a84fab3cSChristian Lamparter break; 367a84fab3cSChristian Lamparter case AR9170_RX_PHY_RATE_CCK_2M: 368a84fab3cSChristian Lamparter status->rate_idx = 1; 369a84fab3cSChristian Lamparter break; 370a84fab3cSChristian Lamparter case AR9170_RX_PHY_RATE_CCK_5M: 371a84fab3cSChristian Lamparter status->rate_idx = 2; 372a84fab3cSChristian Lamparter break; 373a84fab3cSChristian Lamparter case AR9170_RX_PHY_RATE_CCK_11M: 374a84fab3cSChristian Lamparter status->rate_idx = 3; 375a84fab3cSChristian Lamparter break; 376a84fab3cSChristian Lamparter default: 377a84fab3cSChristian Lamparter if (net_ratelimit()) { 378a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "invalid plcp cck " 379a84fab3cSChristian Lamparter "rate (%x).\n", head->plcp[0]); 380a84fab3cSChristian Lamparter } 381a84fab3cSChristian Lamparter 382a84fab3cSChristian Lamparter return -EINVAL; 383a84fab3cSChristian Lamparter } 384a84fab3cSChristian Lamparter break; 385a84fab3cSChristian Lamparter 386a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MODULATION_DUPOFDM: 387a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MODULATION_OFDM: 388a84fab3cSChristian Lamparter switch (head->plcp[0] & 0xf) { 389a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_6M: 390a84fab3cSChristian Lamparter status->rate_idx = 0; 391a84fab3cSChristian Lamparter break; 392a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_9M: 393a84fab3cSChristian Lamparter status->rate_idx = 1; 394a84fab3cSChristian Lamparter break; 395a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_12M: 396a84fab3cSChristian Lamparter status->rate_idx = 2; 397a84fab3cSChristian Lamparter break; 398a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_18M: 399a84fab3cSChristian Lamparter status->rate_idx = 3; 400a84fab3cSChristian Lamparter break; 401a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_24M: 402a84fab3cSChristian Lamparter status->rate_idx = 4; 403a84fab3cSChristian Lamparter break; 404a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_36M: 405a84fab3cSChristian Lamparter status->rate_idx = 5; 406a84fab3cSChristian Lamparter break; 407a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_48M: 408a84fab3cSChristian Lamparter status->rate_idx = 6; 409a84fab3cSChristian Lamparter break; 410a84fab3cSChristian Lamparter case AR9170_TXRX_PHY_RATE_OFDM_54M: 411a84fab3cSChristian Lamparter status->rate_idx = 7; 412a84fab3cSChristian Lamparter break; 413a84fab3cSChristian Lamparter default: 414a84fab3cSChristian Lamparter if (net_ratelimit()) { 415a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "invalid plcp ofdm " 416a84fab3cSChristian Lamparter "rate (%x).\n", head->plcp[0]); 417a84fab3cSChristian Lamparter } 418a84fab3cSChristian Lamparter 419a84fab3cSChristian Lamparter return -EINVAL; 420a84fab3cSChristian Lamparter } 421a84fab3cSChristian Lamparter if (status->band == IEEE80211_BAND_2GHZ) 422a84fab3cSChristian Lamparter status->rate_idx += 4; 423a84fab3cSChristian Lamparter break; 424a84fab3cSChristian Lamparter 425a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MODULATION_HT: 426a84fab3cSChristian Lamparter if (head->plcp[3] & 0x80) 427a84fab3cSChristian Lamparter status->flag |= RX_FLAG_40MHZ; 428a84fab3cSChristian Lamparter if (head->plcp[6] & 0x80) 429a84fab3cSChristian Lamparter status->flag |= RX_FLAG_SHORT_GI; 430a84fab3cSChristian Lamparter 431a84fab3cSChristian Lamparter status->rate_idx = clamp(0, 75, head->plcp[3] & 0x7f); 432a84fab3cSChristian Lamparter status->flag |= RX_FLAG_HT; 433a84fab3cSChristian Lamparter break; 434a84fab3cSChristian Lamparter 435a84fab3cSChristian Lamparter default: 436a84fab3cSChristian Lamparter BUG(); 437a84fab3cSChristian Lamparter return -ENOSYS; 438a84fab3cSChristian Lamparter } 439a84fab3cSChristian Lamparter 440a84fab3cSChristian Lamparter return 0; 441a84fab3cSChristian Lamparter } 442a84fab3cSChristian Lamparter 443a84fab3cSChristian Lamparter static void carl9170_rx_phy_status(struct ar9170 *ar, 444a84fab3cSChristian Lamparter struct ar9170_rx_phystatus *phy, struct ieee80211_rx_status *status) 445a84fab3cSChristian Lamparter { 446a84fab3cSChristian Lamparter int i; 447a84fab3cSChristian Lamparter 448a84fab3cSChristian Lamparter BUILD_BUG_ON(sizeof(struct ar9170_rx_phystatus) != 20); 449a84fab3cSChristian Lamparter 450a84fab3cSChristian Lamparter for (i = 0; i < 3; i++) 451a84fab3cSChristian Lamparter if (phy->rssi[i] != 0x80) 452a84fab3cSChristian Lamparter status->antenna |= BIT(i); 453a84fab3cSChristian Lamparter 454a84fab3cSChristian Lamparter /* post-process RSSI */ 455a84fab3cSChristian Lamparter for (i = 0; i < 7; i++) 456a84fab3cSChristian Lamparter if (phy->rssi[i] & 0x80) 457a84fab3cSChristian Lamparter phy->rssi[i] = ((phy->rssi[i] & 0x7f) + 1) & 0x7f; 458a84fab3cSChristian Lamparter 459a84fab3cSChristian Lamparter /* TODO: we could do something with phy_errors */ 460a84fab3cSChristian Lamparter status->signal = ar->noise[0] + phy->rssi_combined; 461a84fab3cSChristian Lamparter } 462a84fab3cSChristian Lamparter 463a84fab3cSChristian Lamparter static struct sk_buff *carl9170_rx_copy_data(u8 *buf, int len) 464a84fab3cSChristian Lamparter { 465a84fab3cSChristian Lamparter struct sk_buff *skb; 466a84fab3cSChristian Lamparter int reserved = 0; 467a84fab3cSChristian Lamparter struct ieee80211_hdr *hdr = (void *) buf; 468a84fab3cSChristian Lamparter 469a84fab3cSChristian Lamparter if (ieee80211_is_data_qos(hdr->frame_control)) { 470a84fab3cSChristian Lamparter u8 *qc = ieee80211_get_qos_ctl(hdr); 471a84fab3cSChristian Lamparter reserved += NET_IP_ALIGN; 472a84fab3cSChristian Lamparter 47304b7dcf9SJohannes Berg if (*qc & IEEE80211_QOS_CTL_A_MSDU_PRESENT) 474a84fab3cSChristian Lamparter reserved += NET_IP_ALIGN; 475a84fab3cSChristian Lamparter } 476a84fab3cSChristian Lamparter 477a84fab3cSChristian Lamparter if (ieee80211_has_a4(hdr->frame_control)) 478a84fab3cSChristian Lamparter reserved += NET_IP_ALIGN; 479a84fab3cSChristian Lamparter 480a84fab3cSChristian Lamparter reserved = 32 + (reserved & NET_IP_ALIGN); 481a84fab3cSChristian Lamparter 482a84fab3cSChristian Lamparter skb = dev_alloc_skb(len + reserved); 483a84fab3cSChristian Lamparter if (likely(skb)) { 484a84fab3cSChristian Lamparter skb_reserve(skb, reserved); 485a84fab3cSChristian Lamparter memcpy(skb_put(skb, len), buf, len); 486a84fab3cSChristian Lamparter } 487a84fab3cSChristian Lamparter 488a84fab3cSChristian Lamparter return skb; 489a84fab3cSChristian Lamparter } 490a84fab3cSChristian Lamparter 491a84fab3cSChristian Lamparter static u8 *carl9170_find_ie(u8 *data, unsigned int len, u8 ie) 492a84fab3cSChristian Lamparter { 493a84fab3cSChristian Lamparter struct ieee80211_mgmt *mgmt = (void *)data; 494a84fab3cSChristian Lamparter u8 *pos, *end; 495a84fab3cSChristian Lamparter 496a84fab3cSChristian Lamparter pos = (u8 *)mgmt->u.beacon.variable; 497a84fab3cSChristian Lamparter end = data + len; 498a84fab3cSChristian Lamparter while (pos < end) { 499a84fab3cSChristian Lamparter if (pos + 2 + pos[1] > end) 500a84fab3cSChristian Lamparter return NULL; 501a84fab3cSChristian Lamparter 502a84fab3cSChristian Lamparter if (pos[0] == ie) 503a84fab3cSChristian Lamparter return pos; 504a84fab3cSChristian Lamparter 505a84fab3cSChristian Lamparter pos += 2 + pos[1]; 506a84fab3cSChristian Lamparter } 507a84fab3cSChristian Lamparter return NULL; 508a84fab3cSChristian Lamparter } 509a84fab3cSChristian Lamparter 510a84fab3cSChristian Lamparter /* 511a84fab3cSChristian Lamparter * NOTE: 512a84fab3cSChristian Lamparter * 513a84fab3cSChristian Lamparter * The firmware is in charge of waking up the device just before 514a84fab3cSChristian Lamparter * the AP is expected to transmit the next beacon. 515a84fab3cSChristian Lamparter * 516a84fab3cSChristian Lamparter * This leaves the driver with the important task of deciding when 517a84fab3cSChristian Lamparter * to set the PHY back to bed again. 518a84fab3cSChristian Lamparter */ 519a84fab3cSChristian Lamparter static void carl9170_ps_beacon(struct ar9170 *ar, void *data, unsigned int len) 520a84fab3cSChristian Lamparter { 5212c208890SJoe Perches struct ieee80211_hdr *hdr = data; 522a84fab3cSChristian Lamparter struct ieee80211_tim_ie *tim_ie; 523a84fab3cSChristian Lamparter u8 *tim; 524a84fab3cSChristian Lamparter u8 tim_len; 525a84fab3cSChristian Lamparter bool cam; 526a84fab3cSChristian Lamparter 527a84fab3cSChristian Lamparter if (likely(!(ar->hw->conf.flags & IEEE80211_CONF_PS))) 528a84fab3cSChristian Lamparter return; 529a84fab3cSChristian Lamparter 530a84fab3cSChristian Lamparter /* check if this really is a beacon */ 531a84fab3cSChristian Lamparter if (!ieee80211_is_beacon(hdr->frame_control)) 532a84fab3cSChristian Lamparter return; 533a84fab3cSChristian Lamparter 534a84fab3cSChristian Lamparter /* min. beacon length + FCS_LEN */ 535a84fab3cSChristian Lamparter if (len <= 40 + FCS_LEN) 536a84fab3cSChristian Lamparter return; 537a84fab3cSChristian Lamparter 538a84fab3cSChristian Lamparter /* and only beacons from the associated BSSID, please */ 5392e42e474SJoe Perches if (!ether_addr_equal(hdr->addr3, ar->common.curbssid) || 540a84fab3cSChristian Lamparter !ar->common.curaid) 541a84fab3cSChristian Lamparter return; 542a84fab3cSChristian Lamparter 543a84fab3cSChristian Lamparter ar->ps.last_beacon = jiffies; 544a84fab3cSChristian Lamparter 545a84fab3cSChristian Lamparter tim = carl9170_find_ie(data, len - FCS_LEN, WLAN_EID_TIM); 546a84fab3cSChristian Lamparter if (!tim) 547a84fab3cSChristian Lamparter return; 548a84fab3cSChristian Lamparter 549a84fab3cSChristian Lamparter if (tim[1] < sizeof(*tim_ie)) 550a84fab3cSChristian Lamparter return; 551a84fab3cSChristian Lamparter 552a84fab3cSChristian Lamparter tim_len = tim[1]; 553a84fab3cSChristian Lamparter tim_ie = (struct ieee80211_tim_ie *) &tim[2]; 554a84fab3cSChristian Lamparter 555a84fab3cSChristian Lamparter if (!WARN_ON_ONCE(!ar->hw->conf.ps_dtim_period)) 556a84fab3cSChristian Lamparter ar->ps.dtim_counter = (tim_ie->dtim_count - 1) % 557a84fab3cSChristian Lamparter ar->hw->conf.ps_dtim_period; 558a84fab3cSChristian Lamparter 559a84fab3cSChristian Lamparter /* Check whenever the PHY can be turned off again. */ 560a84fab3cSChristian Lamparter 561a84fab3cSChristian Lamparter /* 1. What about buffered unicast traffic for our AID? */ 562a84fab3cSChristian Lamparter cam = ieee80211_check_tim(tim_ie, tim_len, ar->common.curaid); 563a84fab3cSChristian Lamparter 564a84fab3cSChristian Lamparter /* 2. Maybe the AP wants to send multicast/broadcast data? */ 5655820de53SChristian Lamparter cam |= !!(tim_ie->bitmap_ctrl & 0x01); 566a84fab3cSChristian Lamparter 567a84fab3cSChristian Lamparter if (!cam) { 568a84fab3cSChristian Lamparter /* back to low-power land. */ 569a84fab3cSChristian Lamparter ar->ps.off_override &= ~PS_OFF_BCN; 570a84fab3cSChristian Lamparter carl9170_ps_check(ar); 571a84fab3cSChristian Lamparter } else { 572a84fab3cSChristian Lamparter /* force CAM */ 573a84fab3cSChristian Lamparter ar->ps.off_override |= PS_OFF_BCN; 574a84fab3cSChristian Lamparter } 575a84fab3cSChristian Lamparter } 576a84fab3cSChristian Lamparter 577c9122c0dSChristian Lamparter static void carl9170_ba_check(struct ar9170 *ar, void *data, unsigned int len) 578c9122c0dSChristian Lamparter { 579c9122c0dSChristian Lamparter struct ieee80211_bar *bar = (void *) data; 580c9122c0dSChristian Lamparter struct carl9170_bar_list_entry *entry; 581c9122c0dSChristian Lamparter unsigned int queue; 582c9122c0dSChristian Lamparter 583c9122c0dSChristian Lamparter if (likely(!ieee80211_is_back(bar->frame_control))) 584c9122c0dSChristian Lamparter return; 585c9122c0dSChristian Lamparter 586c9122c0dSChristian Lamparter if (len <= sizeof(*bar) + FCS_LEN) 587c9122c0dSChristian Lamparter return; 588c9122c0dSChristian Lamparter 589c9122c0dSChristian Lamparter queue = TID_TO_WME_AC(((le16_to_cpu(bar->control) & 590c9122c0dSChristian Lamparter IEEE80211_BAR_CTRL_TID_INFO_MASK) >> 591c9122c0dSChristian Lamparter IEEE80211_BAR_CTRL_TID_INFO_SHIFT) & 7); 592c9122c0dSChristian Lamparter 593c9122c0dSChristian Lamparter rcu_read_lock(); 594c9122c0dSChristian Lamparter list_for_each_entry_rcu(entry, &ar->bar_list[queue], list) { 595c9122c0dSChristian Lamparter struct sk_buff *entry_skb = entry->skb; 596c9122c0dSChristian Lamparter struct _carl9170_tx_superframe *super = (void *)entry_skb->data; 597c9122c0dSChristian Lamparter struct ieee80211_bar *entry_bar = (void *)super->frame_data; 598c9122c0dSChristian Lamparter 599c9122c0dSChristian Lamparter #define TID_CHECK(a, b) ( \ 600c9122c0dSChristian Lamparter ((a) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK)) == \ 601c9122c0dSChristian Lamparter ((b) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK))) \ 602c9122c0dSChristian Lamparter 603c9122c0dSChristian Lamparter if (bar->start_seq_num == entry_bar->start_seq_num && 604c9122c0dSChristian Lamparter TID_CHECK(bar->control, entry_bar->control) && 605c9122c0dSChristian Lamparter compare_ether_addr(bar->ra, entry_bar->ta) == 0 && 606c9122c0dSChristian Lamparter compare_ether_addr(bar->ta, entry_bar->ra) == 0) { 607c9122c0dSChristian Lamparter struct ieee80211_tx_info *tx_info; 608c9122c0dSChristian Lamparter 609c9122c0dSChristian Lamparter tx_info = IEEE80211_SKB_CB(entry_skb); 610c9122c0dSChristian Lamparter tx_info->flags |= IEEE80211_TX_STAT_ACK; 611c9122c0dSChristian Lamparter 612c9122c0dSChristian Lamparter spin_lock_bh(&ar->bar_list_lock[queue]); 613c9122c0dSChristian Lamparter list_del_rcu(&entry->list); 614c9122c0dSChristian Lamparter spin_unlock_bh(&ar->bar_list_lock[queue]); 615c9122c0dSChristian Lamparter kfree_rcu(entry, head); 616c9122c0dSChristian Lamparter break; 617c9122c0dSChristian Lamparter } 618c9122c0dSChristian Lamparter } 619c9122c0dSChristian Lamparter rcu_read_unlock(); 620c9122c0dSChristian Lamparter 621c9122c0dSChristian Lamparter #undef TID_CHECK 622c9122c0dSChristian Lamparter } 623c9122c0dSChristian Lamparter 62433dd7699SChristian Lamparter static bool carl9170_ampdu_check(struct ar9170 *ar, u8 *buf, u8 ms, 62533dd7699SChristian Lamparter struct ieee80211_rx_status *rx_status) 6268f236d1bSChristian Lamparter { 6278f236d1bSChristian Lamparter __le16 fc; 6288f236d1bSChristian Lamparter 6298f236d1bSChristian Lamparter if ((ms & AR9170_RX_STATUS_MPDU) == AR9170_RX_STATUS_MPDU_SINGLE) { 6308f236d1bSChristian Lamparter /* 6318f236d1bSChristian Lamparter * This frame is not part of an aMPDU. 6328f236d1bSChristian Lamparter * Therefore it is not subjected to any 6338f236d1bSChristian Lamparter * of the following content restrictions. 6348f236d1bSChristian Lamparter */ 6358f236d1bSChristian Lamparter return true; 6368f236d1bSChristian Lamparter } 6378f236d1bSChristian Lamparter 63833dd7699SChristian Lamparter rx_status->flag |= RX_FLAG_AMPDU_DETAILS | RX_FLAG_AMPDU_LAST_KNOWN; 63933dd7699SChristian Lamparter rx_status->ampdu_reference = ar->ampdu_ref; 64033dd7699SChristian Lamparter 6418f236d1bSChristian Lamparter /* 6428f236d1bSChristian Lamparter * "802.11n - 7.4a.3 A-MPDU contents" describes in which contexts 6438f236d1bSChristian Lamparter * certain frame types can be part of an aMPDU. 6448f236d1bSChristian Lamparter * 6458f236d1bSChristian Lamparter * In order to keep the processing cost down, I opted for a 6468f236d1bSChristian Lamparter * stateless filter solely based on the frame control field. 6478f236d1bSChristian Lamparter */ 6488f236d1bSChristian Lamparter 6498f236d1bSChristian Lamparter fc = ((struct ieee80211_hdr *)buf)->frame_control; 6508f236d1bSChristian Lamparter if (ieee80211_is_data_qos(fc) && ieee80211_is_data_present(fc)) 6518f236d1bSChristian Lamparter return true; 6528f236d1bSChristian Lamparter 6538f236d1bSChristian Lamparter if (ieee80211_is_ack(fc) || ieee80211_is_back(fc) || 6548f236d1bSChristian Lamparter ieee80211_is_back_req(fc)) 6558f236d1bSChristian Lamparter return true; 6568f236d1bSChristian Lamparter 6578f236d1bSChristian Lamparter if (ieee80211_is_action(fc)) 6588f236d1bSChristian Lamparter return true; 6598f236d1bSChristian Lamparter 6608f236d1bSChristian Lamparter return false; 6618f236d1bSChristian Lamparter } 6628f236d1bSChristian Lamparter 663a84fab3cSChristian Lamparter /* 664a84fab3cSChristian Lamparter * If the frame alignment is right (or the kernel has 665a84fab3cSChristian Lamparter * CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS), and there 666a84fab3cSChristian Lamparter * is only a single MPDU in the USB frame, then we could 667a84fab3cSChristian Lamparter * submit to mac80211 the SKB directly. However, since 668a84fab3cSChristian Lamparter * there may be multiple packets in one SKB in stream 669a84fab3cSChristian Lamparter * mode, and we need to observe the proper ordering, 670a84fab3cSChristian Lamparter * this is non-trivial. 671a84fab3cSChristian Lamparter */ 672a84fab3cSChristian Lamparter 673a84fab3cSChristian Lamparter static void carl9170_handle_mpdu(struct ar9170 *ar, u8 *buf, int len) 674a84fab3cSChristian Lamparter { 675a84fab3cSChristian Lamparter struct ar9170_rx_head *head; 676a84fab3cSChristian Lamparter struct ar9170_rx_macstatus *mac; 677a84fab3cSChristian Lamparter struct ar9170_rx_phystatus *phy = NULL; 678a84fab3cSChristian Lamparter struct ieee80211_rx_status status; 679a84fab3cSChristian Lamparter struct sk_buff *skb; 680a84fab3cSChristian Lamparter int mpdu_len; 6818f236d1bSChristian Lamparter u8 mac_status; 682a84fab3cSChristian Lamparter 683a84fab3cSChristian Lamparter if (!IS_STARTED(ar)) 684a84fab3cSChristian Lamparter return; 685a84fab3cSChristian Lamparter 686c8a16c68SChristian Lamparter if (unlikely(len < sizeof(*mac))) 687c8a16c68SChristian Lamparter goto drop; 688a84fab3cSChristian Lamparter 68933dd7699SChristian Lamparter memset(&status, 0, sizeof(status)); 69033dd7699SChristian Lamparter 691a84fab3cSChristian Lamparter mpdu_len = len - sizeof(*mac); 692a84fab3cSChristian Lamparter 693a84fab3cSChristian Lamparter mac = (void *)(buf + mpdu_len); 6948f236d1bSChristian Lamparter mac_status = mac->status; 6958f236d1bSChristian Lamparter switch (mac_status & AR9170_RX_STATUS_MPDU) { 696a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MPDU_FIRST: 69733dd7699SChristian Lamparter ar->ampdu_ref++; 698a84fab3cSChristian Lamparter /* Aggregated MPDUs start with an PLCP header */ 699a84fab3cSChristian Lamparter if (likely(mpdu_len >= sizeof(struct ar9170_rx_head))) { 700a84fab3cSChristian Lamparter head = (void *) buf; 701a84fab3cSChristian Lamparter 702a84fab3cSChristian Lamparter /* 703a84fab3cSChristian Lamparter * The PLCP header needs to be cached for the 704a84fab3cSChristian Lamparter * following MIDDLE + LAST A-MPDU packets. 705a84fab3cSChristian Lamparter * 706a84fab3cSChristian Lamparter * So, if you are wondering why all frames seem 707a84fab3cSChristian Lamparter * to share a common RX status information, 708a84fab3cSChristian Lamparter * then you have the answer right here... 709a84fab3cSChristian Lamparter */ 710a84fab3cSChristian Lamparter memcpy(&ar->rx_plcp, (void *) buf, 711a84fab3cSChristian Lamparter sizeof(struct ar9170_rx_head)); 712a84fab3cSChristian Lamparter 713a84fab3cSChristian Lamparter mpdu_len -= sizeof(struct ar9170_rx_head); 714a84fab3cSChristian Lamparter buf += sizeof(struct ar9170_rx_head); 715a84fab3cSChristian Lamparter 716a84fab3cSChristian Lamparter ar->rx_has_plcp = true; 717a84fab3cSChristian Lamparter } else { 718a84fab3cSChristian Lamparter if (net_ratelimit()) { 719a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "plcp info " 720a84fab3cSChristian Lamparter "is clipped.\n"); 721a84fab3cSChristian Lamparter } 722a84fab3cSChristian Lamparter 723c8a16c68SChristian Lamparter goto drop; 724a84fab3cSChristian Lamparter } 725a84fab3cSChristian Lamparter break; 726a84fab3cSChristian Lamparter 727a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MPDU_LAST: 72833dd7699SChristian Lamparter status.flag |= RX_FLAG_AMPDU_IS_LAST; 72933dd7699SChristian Lamparter 730a84fab3cSChristian Lamparter /* 731a84fab3cSChristian Lamparter * The last frame of an A-MPDU has an extra tail 732a84fab3cSChristian Lamparter * which does contain the phy status of the whole 733a84fab3cSChristian Lamparter * aggregate. 734a84fab3cSChristian Lamparter */ 735a84fab3cSChristian Lamparter if (likely(mpdu_len >= sizeof(struct ar9170_rx_phystatus))) { 736a84fab3cSChristian Lamparter mpdu_len -= sizeof(struct ar9170_rx_phystatus); 737a84fab3cSChristian Lamparter phy = (void *)(buf + mpdu_len); 738a84fab3cSChristian Lamparter } else { 739a84fab3cSChristian Lamparter if (net_ratelimit()) { 740a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "frame tail " 741a84fab3cSChristian Lamparter "is clipped.\n"); 742a84fab3cSChristian Lamparter } 743a84fab3cSChristian Lamparter 744c8a16c68SChristian Lamparter goto drop; 745a84fab3cSChristian Lamparter } 746a84fab3cSChristian Lamparter 747a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MPDU_MIDDLE: 748a84fab3cSChristian Lamparter /* These are just data + mac status */ 749a84fab3cSChristian Lamparter if (unlikely(!ar->rx_has_plcp)) { 750a84fab3cSChristian Lamparter if (!net_ratelimit()) 751a84fab3cSChristian Lamparter return; 752a84fab3cSChristian Lamparter 753a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "rx stream does not start " 754a84fab3cSChristian Lamparter "with a first_mpdu frame tag.\n"); 755a84fab3cSChristian Lamparter 756c8a16c68SChristian Lamparter goto drop; 757a84fab3cSChristian Lamparter } 758a84fab3cSChristian Lamparter 759a84fab3cSChristian Lamparter head = &ar->rx_plcp; 760a84fab3cSChristian Lamparter break; 761a84fab3cSChristian Lamparter 762a84fab3cSChristian Lamparter case AR9170_RX_STATUS_MPDU_SINGLE: 763a84fab3cSChristian Lamparter /* single mpdu has both: plcp (head) and phy status (tail) */ 764a84fab3cSChristian Lamparter head = (void *) buf; 765a84fab3cSChristian Lamparter 766a84fab3cSChristian Lamparter mpdu_len -= sizeof(struct ar9170_rx_head); 767a84fab3cSChristian Lamparter mpdu_len -= sizeof(struct ar9170_rx_phystatus); 768a84fab3cSChristian Lamparter 769a84fab3cSChristian Lamparter buf += sizeof(struct ar9170_rx_head); 770a84fab3cSChristian Lamparter phy = (void *)(buf + mpdu_len); 771a84fab3cSChristian Lamparter break; 772a84fab3cSChristian Lamparter 773a84fab3cSChristian Lamparter default: 774a84fab3cSChristian Lamparter BUG_ON(1); 775a84fab3cSChristian Lamparter break; 776a84fab3cSChristian Lamparter } 777a84fab3cSChristian Lamparter 778a84fab3cSChristian Lamparter /* FC + DU + RA + FCS */ 779c8a16c68SChristian Lamparter if (unlikely(mpdu_len < (2 + 2 + ETH_ALEN + FCS_LEN))) 780c8a16c68SChristian Lamparter goto drop; 781a84fab3cSChristian Lamparter 782c8a16c68SChristian Lamparter if (unlikely(carl9170_rx_mac_status(ar, head, mac, &status))) 783c8a16c68SChristian Lamparter goto drop; 784a84fab3cSChristian Lamparter 78533dd7699SChristian Lamparter if (!carl9170_ampdu_check(ar, buf, mac_status, &status)) 7868f236d1bSChristian Lamparter goto drop; 7878f236d1bSChristian Lamparter 788a84fab3cSChristian Lamparter if (phy) 789a84fab3cSChristian Lamparter carl9170_rx_phy_status(ar, phy, &status); 790a84fab3cSChristian Lamparter 791a84fab3cSChristian Lamparter carl9170_ps_beacon(ar, buf, mpdu_len); 792a84fab3cSChristian Lamparter 793c9122c0dSChristian Lamparter carl9170_ba_check(ar, buf, mpdu_len); 794c9122c0dSChristian Lamparter 795a84fab3cSChristian Lamparter skb = carl9170_rx_copy_data(buf, mpdu_len); 796c8a16c68SChristian Lamparter if (!skb) 797c8a16c68SChristian Lamparter goto drop; 798c8a16c68SChristian Lamparter 799a84fab3cSChristian Lamparter memcpy(IEEE80211_SKB_RXCB(skb), &status, sizeof(status)); 800a84fab3cSChristian Lamparter ieee80211_rx(ar->hw, skb); 801c8a16c68SChristian Lamparter return; 802c8a16c68SChristian Lamparter 803c8a16c68SChristian Lamparter drop: 804a84fab3cSChristian Lamparter ar->rx_dropped++; 805a84fab3cSChristian Lamparter } 806a84fab3cSChristian Lamparter 807a84fab3cSChristian Lamparter static void carl9170_rx_untie_cmds(struct ar9170 *ar, const u8 *respbuf, 808a84fab3cSChristian Lamparter const unsigned int resplen) 809a84fab3cSChristian Lamparter { 810a84fab3cSChristian Lamparter struct carl9170_rsp *cmd; 811a84fab3cSChristian Lamparter int i = 0; 812a84fab3cSChristian Lamparter 813a84fab3cSChristian Lamparter while (i < resplen) { 814a84fab3cSChristian Lamparter cmd = (void *) &respbuf[i]; 815a84fab3cSChristian Lamparter 816a84fab3cSChristian Lamparter i += cmd->hdr.len + 4; 817a84fab3cSChristian Lamparter if (unlikely(i > resplen)) 818a84fab3cSChristian Lamparter break; 819a84fab3cSChristian Lamparter 820b4764c80SChristian Lamparter if (carl9170_check_sequence(ar, cmd->hdr.seq)) 821b4764c80SChristian Lamparter break; 822b4764c80SChristian Lamparter 823a84fab3cSChristian Lamparter carl9170_handle_command_response(ar, cmd, cmd->hdr.len + 4); 824a84fab3cSChristian Lamparter } 825a84fab3cSChristian Lamparter 826a84fab3cSChristian Lamparter if (unlikely(i != resplen)) { 827a84fab3cSChristian Lamparter if (!net_ratelimit()) 828a84fab3cSChristian Lamparter return; 829a84fab3cSChristian Lamparter 830a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "malformed firmware trap:\n"); 831a84fab3cSChristian Lamparter print_hex_dump_bytes("rxcmd:", DUMP_PREFIX_OFFSET, 832a84fab3cSChristian Lamparter respbuf, resplen); 833a84fab3cSChristian Lamparter } 834a84fab3cSChristian Lamparter } 835a84fab3cSChristian Lamparter 836a84fab3cSChristian Lamparter static void __carl9170_rx(struct ar9170 *ar, u8 *buf, unsigned int len) 837a84fab3cSChristian Lamparter { 838a84fab3cSChristian Lamparter unsigned int i = 0; 839a84fab3cSChristian Lamparter 840a84fab3cSChristian Lamparter /* weird thing, but this is the same in the original driver */ 841a84fab3cSChristian Lamparter while (len > 2 && i < 12 && buf[0] == 0xff && buf[1] == 0xff) { 842a84fab3cSChristian Lamparter i += 2; 843a84fab3cSChristian Lamparter len -= 2; 844a84fab3cSChristian Lamparter buf += 2; 845a84fab3cSChristian Lamparter } 846a84fab3cSChristian Lamparter 847a84fab3cSChristian Lamparter if (unlikely(len < 4)) 848a84fab3cSChristian Lamparter return; 849a84fab3cSChristian Lamparter 850a84fab3cSChristian Lamparter /* found the 6 * 0xffff marker? */ 851a84fab3cSChristian Lamparter if (i == 12) 852a84fab3cSChristian Lamparter carl9170_rx_untie_cmds(ar, buf, len); 853a84fab3cSChristian Lamparter else 854a84fab3cSChristian Lamparter carl9170_handle_mpdu(ar, buf, len); 855a84fab3cSChristian Lamparter } 856a84fab3cSChristian Lamparter 857a84fab3cSChristian Lamparter static void carl9170_rx_stream(struct ar9170 *ar, void *buf, unsigned int len) 858a84fab3cSChristian Lamparter { 859a84fab3cSChristian Lamparter unsigned int tlen, wlen = 0, clen = 0; 860a84fab3cSChristian Lamparter struct ar9170_stream *rx_stream; 861a84fab3cSChristian Lamparter u8 *tbuf; 862a84fab3cSChristian Lamparter 863a84fab3cSChristian Lamparter tbuf = buf; 864a84fab3cSChristian Lamparter tlen = len; 865a84fab3cSChristian Lamparter 866a84fab3cSChristian Lamparter while (tlen >= 4) { 867a84fab3cSChristian Lamparter rx_stream = (void *) tbuf; 868a84fab3cSChristian Lamparter clen = le16_to_cpu(rx_stream->length); 869a84fab3cSChristian Lamparter wlen = ALIGN(clen, 4); 870a84fab3cSChristian Lamparter 871a84fab3cSChristian Lamparter /* check if this is stream has a valid tag.*/ 872a84fab3cSChristian Lamparter if (rx_stream->tag != cpu_to_le16(AR9170_RX_STREAM_TAG)) { 873a84fab3cSChristian Lamparter /* 874a84fab3cSChristian Lamparter * TODO: handle the highly unlikely event that the 875a84fab3cSChristian Lamparter * corrupted stream has the TAG at the right position. 876a84fab3cSChristian Lamparter */ 877a84fab3cSChristian Lamparter 878a84fab3cSChristian Lamparter /* check if the frame can be repaired. */ 879a84fab3cSChristian Lamparter if (!ar->rx_failover_missing) { 880a84fab3cSChristian Lamparter 881a84fab3cSChristian Lamparter /* this is not "short read". */ 882a84fab3cSChristian Lamparter if (net_ratelimit()) { 883a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, 884a84fab3cSChristian Lamparter "missing tag!\n"); 885a84fab3cSChristian Lamparter } 886a84fab3cSChristian Lamparter 887a84fab3cSChristian Lamparter __carl9170_rx(ar, tbuf, tlen); 888a84fab3cSChristian Lamparter return; 889a84fab3cSChristian Lamparter } 890a84fab3cSChristian Lamparter 891a84fab3cSChristian Lamparter if (ar->rx_failover_missing > tlen) { 892a84fab3cSChristian Lamparter if (net_ratelimit()) { 893a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, 894a84fab3cSChristian Lamparter "possible multi " 895a84fab3cSChristian Lamparter "stream corruption!\n"); 896a84fab3cSChristian Lamparter goto err_telluser; 897a84fab3cSChristian Lamparter } else { 898a84fab3cSChristian Lamparter goto err_silent; 899a84fab3cSChristian Lamparter } 900a84fab3cSChristian Lamparter } 901a84fab3cSChristian Lamparter 902a84fab3cSChristian Lamparter memcpy(skb_put(ar->rx_failover, tlen), tbuf, tlen); 903a84fab3cSChristian Lamparter ar->rx_failover_missing -= tlen; 904a84fab3cSChristian Lamparter 905a84fab3cSChristian Lamparter if (ar->rx_failover_missing <= 0) { 906a84fab3cSChristian Lamparter /* 907a84fab3cSChristian Lamparter * nested carl9170_rx_stream call! 908a84fab3cSChristian Lamparter * 90925985edcSLucas De Marchi * termination is guaranteed, even when the 910a84fab3cSChristian Lamparter * combined frame also have an element with 911a84fab3cSChristian Lamparter * a bad tag. 912a84fab3cSChristian Lamparter */ 913a84fab3cSChristian Lamparter 914a84fab3cSChristian Lamparter ar->rx_failover_missing = 0; 915a84fab3cSChristian Lamparter carl9170_rx_stream(ar, ar->rx_failover->data, 916a84fab3cSChristian Lamparter ar->rx_failover->len); 917a84fab3cSChristian Lamparter 918a84fab3cSChristian Lamparter skb_reset_tail_pointer(ar->rx_failover); 919a84fab3cSChristian Lamparter skb_trim(ar->rx_failover, 0); 920a84fab3cSChristian Lamparter } 921a84fab3cSChristian Lamparter 922a84fab3cSChristian Lamparter return; 923a84fab3cSChristian Lamparter } 924a84fab3cSChristian Lamparter 925a84fab3cSChristian Lamparter /* check if stream is clipped */ 926a84fab3cSChristian Lamparter if (wlen > tlen - 4) { 927a84fab3cSChristian Lamparter if (ar->rx_failover_missing) { 928a84fab3cSChristian Lamparter /* TODO: handle double stream corruption. */ 929a84fab3cSChristian Lamparter if (net_ratelimit()) { 930a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "double rx " 931a84fab3cSChristian Lamparter "stream corruption!\n"); 932a84fab3cSChristian Lamparter goto err_telluser; 933a84fab3cSChristian Lamparter } else { 934a84fab3cSChristian Lamparter goto err_silent; 935a84fab3cSChristian Lamparter } 936a84fab3cSChristian Lamparter } 937a84fab3cSChristian Lamparter 938a84fab3cSChristian Lamparter /* 939a84fab3cSChristian Lamparter * save incomplete data set. 940a84fab3cSChristian Lamparter * the firmware will resend the missing bits when 941a84fab3cSChristian Lamparter * the rx - descriptor comes round again. 942a84fab3cSChristian Lamparter */ 943a84fab3cSChristian Lamparter 944a84fab3cSChristian Lamparter memcpy(skb_put(ar->rx_failover, tlen), tbuf, tlen); 945a84fab3cSChristian Lamparter ar->rx_failover_missing = clen - tlen; 946a84fab3cSChristian Lamparter return; 947a84fab3cSChristian Lamparter } 948a84fab3cSChristian Lamparter __carl9170_rx(ar, rx_stream->payload, clen); 949a84fab3cSChristian Lamparter 950a84fab3cSChristian Lamparter tbuf += wlen + 4; 951a84fab3cSChristian Lamparter tlen -= wlen + 4; 952a84fab3cSChristian Lamparter } 953a84fab3cSChristian Lamparter 954a84fab3cSChristian Lamparter if (tlen) { 955a84fab3cSChristian Lamparter if (net_ratelimit()) { 956a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "%d bytes of unprocessed " 957a84fab3cSChristian Lamparter "data left in rx stream!\n", tlen); 958a84fab3cSChristian Lamparter } 959a84fab3cSChristian Lamparter 960a84fab3cSChristian Lamparter goto err_telluser; 961a84fab3cSChristian Lamparter } 962a84fab3cSChristian Lamparter 963a84fab3cSChristian Lamparter return; 964a84fab3cSChristian Lamparter 965a84fab3cSChristian Lamparter err_telluser: 966a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "damaged RX stream data [want:%d, " 967a84fab3cSChristian Lamparter "data:%d, rx:%d, pending:%d ]\n", clen, wlen, tlen, 968a84fab3cSChristian Lamparter ar->rx_failover_missing); 969a84fab3cSChristian Lamparter 970a84fab3cSChristian Lamparter if (ar->rx_failover_missing) 971a84fab3cSChristian Lamparter print_hex_dump_bytes("rxbuf:", DUMP_PREFIX_OFFSET, 972a84fab3cSChristian Lamparter ar->rx_failover->data, 973a84fab3cSChristian Lamparter ar->rx_failover->len); 974a84fab3cSChristian Lamparter 975a84fab3cSChristian Lamparter print_hex_dump_bytes("stream:", DUMP_PREFIX_OFFSET, 976a84fab3cSChristian Lamparter buf, len); 977a84fab3cSChristian Lamparter 978a84fab3cSChristian Lamparter wiphy_err(ar->hw->wiphy, "please check your hardware and cables, if " 979a84fab3cSChristian Lamparter "you see this message frequently.\n"); 980a84fab3cSChristian Lamparter 981a84fab3cSChristian Lamparter err_silent: 982a84fab3cSChristian Lamparter if (ar->rx_failover_missing) { 983a84fab3cSChristian Lamparter skb_reset_tail_pointer(ar->rx_failover); 984a84fab3cSChristian Lamparter skb_trim(ar->rx_failover, 0); 985a84fab3cSChristian Lamparter ar->rx_failover_missing = 0; 986a84fab3cSChristian Lamparter } 987a84fab3cSChristian Lamparter } 988a84fab3cSChristian Lamparter 989a84fab3cSChristian Lamparter void carl9170_rx(struct ar9170 *ar, void *buf, unsigned int len) 990a84fab3cSChristian Lamparter { 991a84fab3cSChristian Lamparter if (ar->fw.rx_stream) 992a84fab3cSChristian Lamparter carl9170_rx_stream(ar, buf, len); 993a84fab3cSChristian Lamparter else 994a84fab3cSChristian Lamparter __carl9170_rx(ar, buf, len); 995a84fab3cSChristian Lamparter } 996