1 /* 2 * WSM host interface (HI) implementation for 3 * ST-Ericsson CW1200 mac80211 drivers. 4 * 5 * Copyright (c) 2010, ST-Ericsson 6 * Author: Dmitry Tarnyagin <dmitry.tarnyagin@lockless.no> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13 #include <linux/skbuff.h> 14 #include <linux/wait.h> 15 #include <linux/delay.h> 16 #include <linux/sched.h> 17 #include <linux/random.h> 18 19 #include "cw1200.h" 20 #include "wsm.h" 21 #include "bh.h" 22 #include "sta.h" 23 #include "debug.h" 24 25 #define WSM_CMD_TIMEOUT (2 * HZ) /* With respect to interrupt loss */ 26 #define WSM_CMD_START_TIMEOUT (7 * HZ) 27 #define WSM_CMD_RESET_TIMEOUT (3 * HZ) /* 2 sec. timeout was observed. */ 28 #define WSM_CMD_MAX_TIMEOUT (3 * HZ) 29 30 #define WSM_SKIP(buf, size) \ 31 do { \ 32 if ((buf)->data + size > (buf)->end) \ 33 goto underflow; \ 34 (buf)->data += size; \ 35 } while (0) 36 37 #define WSM_GET(buf, ptr, size) \ 38 do { \ 39 if ((buf)->data + size > (buf)->end) \ 40 goto underflow; \ 41 memcpy(ptr, (buf)->data, size); \ 42 (buf)->data += size; \ 43 } while (0) 44 45 #define __WSM_GET(buf, type, type2, cvt) \ 46 ({ \ 47 type val; \ 48 if ((buf)->data + sizeof(type) > (buf)->end) \ 49 goto underflow; \ 50 val = cvt(*(type2 *)(buf)->data); \ 51 (buf)->data += sizeof(type); \ 52 val; \ 53 }) 54 55 #define WSM_GET8(buf) __WSM_GET(buf, u8, u8, (u8)) 56 #define WSM_GET16(buf) __WSM_GET(buf, u16, __le16, __le16_to_cpu) 57 #define WSM_GET32(buf) __WSM_GET(buf, u32, __le32, __le32_to_cpu) 58 59 #define WSM_PUT(buf, ptr, size) \ 60 do { \ 61 if ((buf)->data + size > (buf)->end) \ 62 if (wsm_buf_reserve((buf), size)) \ 63 goto nomem; \ 64 memcpy((buf)->data, ptr, size); \ 65 (buf)->data += size; \ 66 } while (0) 67 68 #define __WSM_PUT(buf, val, type, type2, cvt) \ 69 do { \ 70 if ((buf)->data + sizeof(type) > (buf)->end) \ 71 if (wsm_buf_reserve((buf), sizeof(type))) \ 72 goto nomem; \ 73 *(type2 *)(buf)->data = cvt(val); \ 74 (buf)->data += sizeof(type); \ 75 } while (0) 76 77 #define WSM_PUT8(buf, val) __WSM_PUT(buf, val, u8, u8, (u8)) 78 #define WSM_PUT16(buf, val) __WSM_PUT(buf, val, u16, __le16, __cpu_to_le16) 79 #define WSM_PUT32(buf, val) __WSM_PUT(buf, val, u32, __le32, __cpu_to_le32) 80 81 static void wsm_buf_reset(struct wsm_buf *buf); 82 static int wsm_buf_reserve(struct wsm_buf *buf, size_t extra_size); 83 84 static int wsm_cmd_send(struct cw1200_common *priv, 85 struct wsm_buf *buf, 86 void *arg, u16 cmd, long tmo); 87 88 #define wsm_cmd_lock(__priv) mutex_lock(&((__priv)->wsm_cmd_mux)) 89 #define wsm_cmd_unlock(__priv) mutex_unlock(&((__priv)->wsm_cmd_mux)) 90 91 /* ******************************************************************** */ 92 /* WSM API implementation */ 93 94 static int wsm_generic_confirm(struct cw1200_common *priv, 95 void *arg, 96 struct wsm_buf *buf) 97 { 98 u32 status = WSM_GET32(buf); 99 if (status != WSM_STATUS_SUCCESS) 100 return -EINVAL; 101 return 0; 102 103 underflow: 104 WARN_ON(1); 105 return -EINVAL; 106 } 107 108 int wsm_configuration(struct cw1200_common *priv, struct wsm_configuration *arg) 109 { 110 int ret; 111 struct wsm_buf *buf = &priv->wsm_cmd_buf; 112 113 wsm_cmd_lock(priv); 114 115 WSM_PUT32(buf, arg->dot11MaxTransmitMsduLifeTime); 116 WSM_PUT32(buf, arg->dot11MaxReceiveLifeTime); 117 WSM_PUT32(buf, arg->dot11RtsThreshold); 118 119 /* DPD block. */ 120 WSM_PUT16(buf, arg->dpdData_size + 12); 121 WSM_PUT16(buf, 1); /* DPD version */ 122 WSM_PUT(buf, arg->dot11StationId, ETH_ALEN); 123 WSM_PUT16(buf, 5); /* DPD flags */ 124 WSM_PUT(buf, arg->dpdData, arg->dpdData_size); 125 126 ret = wsm_cmd_send(priv, buf, arg, 127 WSM_CONFIGURATION_REQ_ID, WSM_CMD_TIMEOUT); 128 129 wsm_cmd_unlock(priv); 130 return ret; 131 132 nomem: 133 wsm_cmd_unlock(priv); 134 return -ENOMEM; 135 } 136 137 static int wsm_configuration_confirm(struct cw1200_common *priv, 138 struct wsm_configuration *arg, 139 struct wsm_buf *buf) 140 { 141 int i; 142 int status; 143 144 status = WSM_GET32(buf); 145 if (WARN_ON(status != WSM_STATUS_SUCCESS)) 146 return -EINVAL; 147 148 WSM_GET(buf, arg->dot11StationId, ETH_ALEN); 149 arg->dot11FrequencyBandsSupported = WSM_GET8(buf); 150 WSM_SKIP(buf, 1); 151 arg->supportedRateMask = WSM_GET32(buf); 152 for (i = 0; i < 2; ++i) { 153 arg->txPowerRange[i].min_power_level = WSM_GET32(buf); 154 arg->txPowerRange[i].max_power_level = WSM_GET32(buf); 155 arg->txPowerRange[i].stepping = WSM_GET32(buf); 156 } 157 return 0; 158 159 underflow: 160 WARN_ON(1); 161 return -EINVAL; 162 } 163 164 /* ******************************************************************** */ 165 166 int wsm_reset(struct cw1200_common *priv, const struct wsm_reset *arg) 167 { 168 int ret; 169 struct wsm_buf *buf = &priv->wsm_cmd_buf; 170 u16 cmd = WSM_RESET_REQ_ID | WSM_TX_LINK_ID(arg->link_id); 171 172 wsm_cmd_lock(priv); 173 174 WSM_PUT32(buf, arg->reset_statistics ? 0 : 1); 175 ret = wsm_cmd_send(priv, buf, NULL, cmd, WSM_CMD_RESET_TIMEOUT); 176 wsm_cmd_unlock(priv); 177 return ret; 178 179 nomem: 180 wsm_cmd_unlock(priv); 181 return -ENOMEM; 182 } 183 184 /* ******************************************************************** */ 185 186 struct wsm_mib { 187 u16 mib_id; 188 void *buf; 189 size_t buf_size; 190 }; 191 192 int wsm_read_mib(struct cw1200_common *priv, u16 mib_id, void *_buf, 193 size_t buf_size) 194 { 195 int ret; 196 struct wsm_buf *buf = &priv->wsm_cmd_buf; 197 struct wsm_mib mib_buf = { 198 .mib_id = mib_id, 199 .buf = _buf, 200 .buf_size = buf_size, 201 }; 202 wsm_cmd_lock(priv); 203 204 WSM_PUT16(buf, mib_id); 205 WSM_PUT16(buf, 0); 206 207 ret = wsm_cmd_send(priv, buf, &mib_buf, 208 WSM_READ_MIB_REQ_ID, WSM_CMD_TIMEOUT); 209 wsm_cmd_unlock(priv); 210 return ret; 211 212 nomem: 213 wsm_cmd_unlock(priv); 214 return -ENOMEM; 215 } 216 217 static int wsm_read_mib_confirm(struct cw1200_common *priv, 218 struct wsm_mib *arg, 219 struct wsm_buf *buf) 220 { 221 u16 size; 222 if (WARN_ON(WSM_GET32(buf) != WSM_STATUS_SUCCESS)) 223 return -EINVAL; 224 225 if (WARN_ON(WSM_GET16(buf) != arg->mib_id)) 226 return -EINVAL; 227 228 size = WSM_GET16(buf); 229 if (size > arg->buf_size) 230 size = arg->buf_size; 231 232 WSM_GET(buf, arg->buf, size); 233 arg->buf_size = size; 234 return 0; 235 236 underflow: 237 WARN_ON(1); 238 return -EINVAL; 239 } 240 241 /* ******************************************************************** */ 242 243 int wsm_write_mib(struct cw1200_common *priv, u16 mib_id, void *_buf, 244 size_t buf_size) 245 { 246 int ret; 247 struct wsm_buf *buf = &priv->wsm_cmd_buf; 248 struct wsm_mib mib_buf = { 249 .mib_id = mib_id, 250 .buf = _buf, 251 .buf_size = buf_size, 252 }; 253 254 wsm_cmd_lock(priv); 255 256 WSM_PUT16(buf, mib_id); 257 WSM_PUT16(buf, buf_size); 258 WSM_PUT(buf, _buf, buf_size); 259 260 ret = wsm_cmd_send(priv, buf, &mib_buf, 261 WSM_WRITE_MIB_REQ_ID, WSM_CMD_TIMEOUT); 262 wsm_cmd_unlock(priv); 263 return ret; 264 265 nomem: 266 wsm_cmd_unlock(priv); 267 return -ENOMEM; 268 } 269 270 static int wsm_write_mib_confirm(struct cw1200_common *priv, 271 struct wsm_mib *arg, 272 struct wsm_buf *buf) 273 { 274 int ret; 275 276 ret = wsm_generic_confirm(priv, arg, buf); 277 if (ret) 278 return ret; 279 280 if (arg->mib_id == WSM_MIB_ID_OPERATIONAL_POWER_MODE) { 281 /* OperationalMode: update PM status. */ 282 const char *p = arg->buf; 283 cw1200_enable_powersave(priv, (p[0] & 0x0F) ? true : false); 284 } 285 return 0; 286 } 287 288 /* ******************************************************************** */ 289 290 int wsm_scan(struct cw1200_common *priv, const struct wsm_scan *arg) 291 { 292 int i; 293 int ret; 294 struct wsm_buf *buf = &priv->wsm_cmd_buf; 295 296 if (arg->num_channels > 48) 297 return -EINVAL; 298 299 if (arg->num_ssids > 2) 300 return -EINVAL; 301 302 if (arg->band > 1) 303 return -EINVAL; 304 305 wsm_cmd_lock(priv); 306 307 WSM_PUT8(buf, arg->band); 308 WSM_PUT8(buf, arg->type); 309 WSM_PUT8(buf, arg->flags); 310 WSM_PUT8(buf, arg->max_tx_rate); 311 WSM_PUT32(buf, arg->auto_scan_interval); 312 WSM_PUT8(buf, arg->num_probes); 313 WSM_PUT8(buf, arg->num_channels); 314 WSM_PUT8(buf, arg->num_ssids); 315 WSM_PUT8(buf, arg->probe_delay); 316 317 for (i = 0; i < arg->num_channels; ++i) { 318 WSM_PUT16(buf, arg->ch[i].number); 319 WSM_PUT16(buf, 0); 320 WSM_PUT32(buf, arg->ch[i].min_chan_time); 321 WSM_PUT32(buf, arg->ch[i].max_chan_time); 322 WSM_PUT32(buf, 0); 323 } 324 325 for (i = 0; i < arg->num_ssids; ++i) { 326 WSM_PUT32(buf, arg->ssids[i].length); 327 WSM_PUT(buf, &arg->ssids[i].ssid[0], 328 sizeof(arg->ssids[i].ssid)); 329 } 330 331 ret = wsm_cmd_send(priv, buf, NULL, 332 WSM_START_SCAN_REQ_ID, WSM_CMD_TIMEOUT); 333 wsm_cmd_unlock(priv); 334 return ret; 335 336 nomem: 337 wsm_cmd_unlock(priv); 338 return -ENOMEM; 339 } 340 341 /* ******************************************************************** */ 342 343 int wsm_stop_scan(struct cw1200_common *priv) 344 { 345 int ret; 346 struct wsm_buf *buf = &priv->wsm_cmd_buf; 347 wsm_cmd_lock(priv); 348 ret = wsm_cmd_send(priv, buf, NULL, 349 WSM_STOP_SCAN_REQ_ID, WSM_CMD_TIMEOUT); 350 wsm_cmd_unlock(priv); 351 return ret; 352 } 353 354 355 static int wsm_tx_confirm(struct cw1200_common *priv, 356 struct wsm_buf *buf, 357 int link_id) 358 { 359 struct wsm_tx_confirm tx_confirm; 360 361 tx_confirm.packet_id = WSM_GET32(buf); 362 tx_confirm.status = WSM_GET32(buf); 363 tx_confirm.tx_rate = WSM_GET8(buf); 364 tx_confirm.ack_failures = WSM_GET8(buf); 365 tx_confirm.flags = WSM_GET16(buf); 366 tx_confirm.media_delay = WSM_GET32(buf); 367 tx_confirm.tx_queue_delay = WSM_GET32(buf); 368 369 cw1200_tx_confirm_cb(priv, link_id, &tx_confirm); 370 return 0; 371 372 underflow: 373 WARN_ON(1); 374 return -EINVAL; 375 } 376 377 static int wsm_multi_tx_confirm(struct cw1200_common *priv, 378 struct wsm_buf *buf, int link_id) 379 { 380 int ret; 381 int count; 382 int i; 383 384 count = WSM_GET32(buf); 385 if (WARN_ON(count <= 0)) 386 return -EINVAL; 387 388 if (count > 1) { 389 /* We already released one buffer, now for the rest */ 390 ret = wsm_release_tx_buffer(priv, count - 1); 391 if (ret < 0) 392 return ret; 393 else if (ret > 0) 394 cw1200_bh_wakeup(priv); 395 } 396 397 cw1200_debug_txed_multi(priv, count); 398 for (i = 0; i < count; ++i) { 399 ret = wsm_tx_confirm(priv, buf, link_id); 400 if (ret) 401 return ret; 402 } 403 return ret; 404 405 underflow: 406 WARN_ON(1); 407 return -EINVAL; 408 } 409 410 /* ******************************************************************** */ 411 412 static int wsm_join_confirm(struct cw1200_common *priv, 413 struct wsm_join_cnf *arg, 414 struct wsm_buf *buf) 415 { 416 arg->status = WSM_GET32(buf); 417 if (WARN_ON(arg->status) != WSM_STATUS_SUCCESS) 418 return -EINVAL; 419 420 arg->min_power_level = WSM_GET32(buf); 421 arg->max_power_level = WSM_GET32(buf); 422 423 return 0; 424 425 underflow: 426 WARN_ON(1); 427 return -EINVAL; 428 } 429 430 int wsm_join(struct cw1200_common *priv, struct wsm_join *arg) 431 { 432 int ret; 433 struct wsm_buf *buf = &priv->wsm_cmd_buf; 434 struct wsm_join_cnf resp; 435 wsm_cmd_lock(priv); 436 437 WSM_PUT8(buf, arg->mode); 438 WSM_PUT8(buf, arg->band); 439 WSM_PUT16(buf, arg->channel_number); 440 WSM_PUT(buf, &arg->bssid[0], sizeof(arg->bssid)); 441 WSM_PUT16(buf, arg->atim_window); 442 WSM_PUT8(buf, arg->preamble_type); 443 WSM_PUT8(buf, arg->probe_for_join); 444 WSM_PUT8(buf, arg->dtim_period); 445 WSM_PUT8(buf, arg->flags); 446 WSM_PUT32(buf, arg->ssid_len); 447 WSM_PUT(buf, &arg->ssid[0], sizeof(arg->ssid)); 448 WSM_PUT32(buf, arg->beacon_interval); 449 WSM_PUT32(buf, arg->basic_rate_set); 450 451 priv->tx_burst_idx = -1; 452 ret = wsm_cmd_send(priv, buf, &resp, 453 WSM_JOIN_REQ_ID, WSM_CMD_TIMEOUT); 454 /* TODO: Update state based on resp.min|max_power_level */ 455 456 priv->join_complete_status = resp.status; 457 458 wsm_cmd_unlock(priv); 459 return ret; 460 461 nomem: 462 wsm_cmd_unlock(priv); 463 return -ENOMEM; 464 } 465 466 /* ******************************************************************** */ 467 468 int wsm_set_bss_params(struct cw1200_common *priv, 469 const struct wsm_set_bss_params *arg) 470 { 471 int ret; 472 struct wsm_buf *buf = &priv->wsm_cmd_buf; 473 474 wsm_cmd_lock(priv); 475 476 WSM_PUT8(buf, (arg->reset_beacon_loss ? 0x1 : 0)); 477 WSM_PUT8(buf, arg->beacon_lost_count); 478 WSM_PUT16(buf, arg->aid); 479 WSM_PUT32(buf, arg->operational_rate_set); 480 481 ret = wsm_cmd_send(priv, buf, NULL, 482 WSM_SET_BSS_PARAMS_REQ_ID, WSM_CMD_TIMEOUT); 483 484 wsm_cmd_unlock(priv); 485 return ret; 486 487 nomem: 488 wsm_cmd_unlock(priv); 489 return -ENOMEM; 490 } 491 492 /* ******************************************************************** */ 493 494 int wsm_add_key(struct cw1200_common *priv, const struct wsm_add_key *arg) 495 { 496 int ret; 497 struct wsm_buf *buf = &priv->wsm_cmd_buf; 498 499 wsm_cmd_lock(priv); 500 501 WSM_PUT(buf, arg, sizeof(*arg)); 502 503 ret = wsm_cmd_send(priv, buf, NULL, 504 WSM_ADD_KEY_REQ_ID, WSM_CMD_TIMEOUT); 505 506 wsm_cmd_unlock(priv); 507 return ret; 508 509 nomem: 510 wsm_cmd_unlock(priv); 511 return -ENOMEM; 512 } 513 514 /* ******************************************************************** */ 515 516 int wsm_remove_key(struct cw1200_common *priv, const struct wsm_remove_key *arg) 517 { 518 int ret; 519 struct wsm_buf *buf = &priv->wsm_cmd_buf; 520 521 wsm_cmd_lock(priv); 522 523 WSM_PUT8(buf, arg->index); 524 WSM_PUT8(buf, 0); 525 WSM_PUT16(buf, 0); 526 527 ret = wsm_cmd_send(priv, buf, NULL, 528 WSM_REMOVE_KEY_REQ_ID, WSM_CMD_TIMEOUT); 529 530 wsm_cmd_unlock(priv); 531 return ret; 532 533 nomem: 534 wsm_cmd_unlock(priv); 535 return -ENOMEM; 536 } 537 538 /* ******************************************************************** */ 539 540 int wsm_set_tx_queue_params(struct cw1200_common *priv, 541 const struct wsm_set_tx_queue_params *arg, u8 id) 542 { 543 int ret; 544 struct wsm_buf *buf = &priv->wsm_cmd_buf; 545 u8 queue_id_to_wmm_aci[] = {3, 2, 0, 1}; 546 547 wsm_cmd_lock(priv); 548 549 WSM_PUT8(buf, queue_id_to_wmm_aci[id]); 550 WSM_PUT8(buf, 0); 551 WSM_PUT8(buf, arg->ackPolicy); 552 WSM_PUT8(buf, 0); 553 WSM_PUT32(buf, arg->maxTransmitLifetime); 554 WSM_PUT16(buf, arg->allowedMediumTime); 555 WSM_PUT16(buf, 0); 556 557 ret = wsm_cmd_send(priv, buf, NULL, 0x0012, WSM_CMD_TIMEOUT); 558 559 wsm_cmd_unlock(priv); 560 return ret; 561 562 nomem: 563 wsm_cmd_unlock(priv); 564 return -ENOMEM; 565 } 566 567 /* ******************************************************************** */ 568 569 int wsm_set_edca_params(struct cw1200_common *priv, 570 const struct wsm_edca_params *arg) 571 { 572 int ret; 573 struct wsm_buf *buf = &priv->wsm_cmd_buf; 574 575 wsm_cmd_lock(priv); 576 577 /* Implemented according to specification. */ 578 579 WSM_PUT16(buf, arg->params[3].cwmin); 580 WSM_PUT16(buf, arg->params[2].cwmin); 581 WSM_PUT16(buf, arg->params[1].cwmin); 582 WSM_PUT16(buf, arg->params[0].cwmin); 583 584 WSM_PUT16(buf, arg->params[3].cwmax); 585 WSM_PUT16(buf, arg->params[2].cwmax); 586 WSM_PUT16(buf, arg->params[1].cwmax); 587 WSM_PUT16(buf, arg->params[0].cwmax); 588 589 WSM_PUT8(buf, arg->params[3].aifns); 590 WSM_PUT8(buf, arg->params[2].aifns); 591 WSM_PUT8(buf, arg->params[1].aifns); 592 WSM_PUT8(buf, arg->params[0].aifns); 593 594 WSM_PUT16(buf, arg->params[3].txop_limit); 595 WSM_PUT16(buf, arg->params[2].txop_limit); 596 WSM_PUT16(buf, arg->params[1].txop_limit); 597 WSM_PUT16(buf, arg->params[0].txop_limit); 598 599 WSM_PUT32(buf, arg->params[3].max_rx_lifetime); 600 WSM_PUT32(buf, arg->params[2].max_rx_lifetime); 601 WSM_PUT32(buf, arg->params[1].max_rx_lifetime); 602 WSM_PUT32(buf, arg->params[0].max_rx_lifetime); 603 604 ret = wsm_cmd_send(priv, buf, NULL, 605 WSM_EDCA_PARAMS_REQ_ID, WSM_CMD_TIMEOUT); 606 wsm_cmd_unlock(priv); 607 return ret; 608 609 nomem: 610 wsm_cmd_unlock(priv); 611 return -ENOMEM; 612 } 613 614 /* ******************************************************************** */ 615 616 int wsm_switch_channel(struct cw1200_common *priv, 617 const struct wsm_switch_channel *arg) 618 { 619 int ret; 620 struct wsm_buf *buf = &priv->wsm_cmd_buf; 621 622 wsm_cmd_lock(priv); 623 624 WSM_PUT8(buf, arg->mode); 625 WSM_PUT8(buf, arg->switch_count); 626 WSM_PUT16(buf, arg->channel_number); 627 628 priv->channel_switch_in_progress = 1; 629 630 ret = wsm_cmd_send(priv, buf, NULL, 631 WSM_SWITCH_CHANNEL_REQ_ID, WSM_CMD_TIMEOUT); 632 if (ret) 633 priv->channel_switch_in_progress = 0; 634 635 wsm_cmd_unlock(priv); 636 return ret; 637 638 nomem: 639 wsm_cmd_unlock(priv); 640 return -ENOMEM; 641 } 642 643 /* ******************************************************************** */ 644 645 int wsm_set_pm(struct cw1200_common *priv, const struct wsm_set_pm *arg) 646 { 647 int ret; 648 struct wsm_buf *buf = &priv->wsm_cmd_buf; 649 priv->ps_mode_switch_in_progress = 1; 650 651 wsm_cmd_lock(priv); 652 653 WSM_PUT8(buf, arg->mode); 654 WSM_PUT8(buf, arg->fast_psm_idle_period); 655 WSM_PUT8(buf, arg->ap_psm_change_period); 656 WSM_PUT8(buf, arg->min_auto_pspoll_period); 657 658 ret = wsm_cmd_send(priv, buf, NULL, 659 WSM_SET_PM_REQ_ID, WSM_CMD_TIMEOUT); 660 661 wsm_cmd_unlock(priv); 662 return ret; 663 664 nomem: 665 wsm_cmd_unlock(priv); 666 return -ENOMEM; 667 } 668 669 /* ******************************************************************** */ 670 671 int wsm_start(struct cw1200_common *priv, const struct wsm_start *arg) 672 { 673 int ret; 674 struct wsm_buf *buf = &priv->wsm_cmd_buf; 675 676 wsm_cmd_lock(priv); 677 678 WSM_PUT8(buf, arg->mode); 679 WSM_PUT8(buf, arg->band); 680 WSM_PUT16(buf, arg->channel_number); 681 WSM_PUT32(buf, arg->ct_window); 682 WSM_PUT32(buf, arg->beacon_interval); 683 WSM_PUT8(buf, arg->dtim_period); 684 WSM_PUT8(buf, arg->preamble); 685 WSM_PUT8(buf, arg->probe_delay); 686 WSM_PUT8(buf, arg->ssid_len); 687 WSM_PUT(buf, arg->ssid, sizeof(arg->ssid)); 688 WSM_PUT32(buf, arg->basic_rate_set); 689 690 priv->tx_burst_idx = -1; 691 ret = wsm_cmd_send(priv, buf, NULL, 692 WSM_START_REQ_ID, WSM_CMD_START_TIMEOUT); 693 694 wsm_cmd_unlock(priv); 695 return ret; 696 697 nomem: 698 wsm_cmd_unlock(priv); 699 return -ENOMEM; 700 } 701 702 /* ******************************************************************** */ 703 704 int wsm_beacon_transmit(struct cw1200_common *priv, 705 const struct wsm_beacon_transmit *arg) 706 { 707 int ret; 708 struct wsm_buf *buf = &priv->wsm_cmd_buf; 709 710 wsm_cmd_lock(priv); 711 712 WSM_PUT32(buf, arg->enable_beaconing ? 1 : 0); 713 714 ret = wsm_cmd_send(priv, buf, NULL, 715 WSM_BEACON_TRANSMIT_REQ_ID, WSM_CMD_TIMEOUT); 716 717 wsm_cmd_unlock(priv); 718 return ret; 719 720 nomem: 721 wsm_cmd_unlock(priv); 722 return -ENOMEM; 723 } 724 725 /* ******************************************************************** */ 726 727 int wsm_start_find(struct cw1200_common *priv) 728 { 729 int ret; 730 struct wsm_buf *buf = &priv->wsm_cmd_buf; 731 732 wsm_cmd_lock(priv); 733 ret = wsm_cmd_send(priv, buf, NULL, 0x0019, WSM_CMD_TIMEOUT); 734 wsm_cmd_unlock(priv); 735 return ret; 736 } 737 738 /* ******************************************************************** */ 739 740 int wsm_stop_find(struct cw1200_common *priv) 741 { 742 int ret; 743 struct wsm_buf *buf = &priv->wsm_cmd_buf; 744 745 wsm_cmd_lock(priv); 746 ret = wsm_cmd_send(priv, buf, NULL, 0x001A, WSM_CMD_TIMEOUT); 747 wsm_cmd_unlock(priv); 748 return ret; 749 } 750 751 /* ******************************************************************** */ 752 753 int wsm_map_link(struct cw1200_common *priv, const struct wsm_map_link *arg) 754 { 755 int ret; 756 struct wsm_buf *buf = &priv->wsm_cmd_buf; 757 u16 cmd = 0x001C | WSM_TX_LINK_ID(arg->link_id); 758 759 wsm_cmd_lock(priv); 760 761 WSM_PUT(buf, &arg->mac_addr[0], sizeof(arg->mac_addr)); 762 WSM_PUT16(buf, 0); 763 764 ret = wsm_cmd_send(priv, buf, NULL, cmd, WSM_CMD_TIMEOUT); 765 766 wsm_cmd_unlock(priv); 767 return ret; 768 769 nomem: 770 wsm_cmd_unlock(priv); 771 return -ENOMEM; 772 } 773 774 /* ******************************************************************** */ 775 776 int wsm_update_ie(struct cw1200_common *priv, 777 const struct wsm_update_ie *arg) 778 { 779 int ret; 780 struct wsm_buf *buf = &priv->wsm_cmd_buf; 781 782 wsm_cmd_lock(priv); 783 784 WSM_PUT16(buf, arg->what); 785 WSM_PUT16(buf, arg->count); 786 WSM_PUT(buf, arg->ies, arg->length); 787 788 ret = wsm_cmd_send(priv, buf, NULL, 0x001B, WSM_CMD_TIMEOUT); 789 790 wsm_cmd_unlock(priv); 791 return ret; 792 793 nomem: 794 wsm_cmd_unlock(priv); 795 return -ENOMEM; 796 } 797 798 /* ******************************************************************** */ 799 int wsm_set_probe_responder(struct cw1200_common *priv, bool enable) 800 { 801 priv->rx_filter.probeResponder = enable; 802 return wsm_set_rx_filter(priv, &priv->rx_filter); 803 } 804 805 /* ******************************************************************** */ 806 /* WSM indication events implementation */ 807 const char * const cw1200_fw_types[] = { 808 "ETF", 809 "WFM", 810 "WSM", 811 "HI test", 812 "Platform test" 813 }; 814 815 static int wsm_startup_indication(struct cw1200_common *priv, 816 struct wsm_buf *buf) 817 { 818 priv->wsm_caps.input_buffers = WSM_GET16(buf); 819 priv->wsm_caps.input_buffer_size = WSM_GET16(buf); 820 priv->wsm_caps.hw_id = WSM_GET16(buf); 821 priv->wsm_caps.hw_subid = WSM_GET16(buf); 822 priv->wsm_caps.status = WSM_GET16(buf); 823 priv->wsm_caps.fw_cap = WSM_GET16(buf); 824 priv->wsm_caps.fw_type = WSM_GET16(buf); 825 priv->wsm_caps.fw_api = WSM_GET16(buf); 826 priv->wsm_caps.fw_build = WSM_GET16(buf); 827 priv->wsm_caps.fw_ver = WSM_GET16(buf); 828 WSM_GET(buf, priv->wsm_caps.fw_label, sizeof(priv->wsm_caps.fw_label)); 829 priv->wsm_caps.fw_label[sizeof(priv->wsm_caps.fw_label) - 1] = 0; /* Do not trust FW too much... */ 830 831 if (WARN_ON(priv->wsm_caps.status)) 832 return -EINVAL; 833 834 if (WARN_ON(priv->wsm_caps.fw_type > 4)) 835 return -EINVAL; 836 837 pr_info("CW1200 WSM init done.\n" 838 " Input buffers: %d x %d bytes\n" 839 " Hardware: %d.%d\n" 840 " %s firmware [%s], ver: %d, build: %d," 841 " api: %d, cap: 0x%.4X\n", 842 priv->wsm_caps.input_buffers, 843 priv->wsm_caps.input_buffer_size, 844 priv->wsm_caps.hw_id, priv->wsm_caps.hw_subid, 845 cw1200_fw_types[priv->wsm_caps.fw_type], 846 priv->wsm_caps.fw_label, priv->wsm_caps.fw_ver, 847 priv->wsm_caps.fw_build, 848 priv->wsm_caps.fw_api, priv->wsm_caps.fw_cap); 849 850 /* Disable unsupported frequency bands */ 851 if (!(priv->wsm_caps.fw_cap & 0x1)) 852 priv->hw->wiphy->bands[IEEE80211_BAND_2GHZ] = NULL; 853 if (!(priv->wsm_caps.fw_cap & 0x2)) 854 priv->hw->wiphy->bands[IEEE80211_BAND_5GHZ] = NULL; 855 856 priv->firmware_ready = 1; 857 wake_up(&priv->wsm_startup_done); 858 return 0; 859 860 underflow: 861 WARN_ON(1); 862 return -EINVAL; 863 } 864 865 static int wsm_receive_indication(struct cw1200_common *priv, 866 int link_id, 867 struct wsm_buf *buf, 868 struct sk_buff **skb_p) 869 { 870 struct wsm_rx rx; 871 struct ieee80211_hdr *hdr; 872 size_t hdr_len; 873 __le16 fctl; 874 875 rx.status = WSM_GET32(buf); 876 rx.channel_number = WSM_GET16(buf); 877 rx.rx_rate = WSM_GET8(buf); 878 rx.rcpi_rssi = WSM_GET8(buf); 879 rx.flags = WSM_GET32(buf); 880 881 /* FW Workaround: Drop probe resp or 882 beacon when RSSI is 0 883 */ 884 hdr = (struct ieee80211_hdr *)(*skb_p)->data; 885 886 if (!rx.rcpi_rssi && 887 (ieee80211_is_probe_resp(hdr->frame_control) || 888 ieee80211_is_beacon(hdr->frame_control))) 889 return 0; 890 891 /* If no RSSI subscription has been made, 892 * convert RCPI to RSSI here 893 */ 894 if (!priv->cqm_use_rssi) 895 rx.rcpi_rssi = rx.rcpi_rssi / 2 - 110; 896 897 fctl = *(__le16 *)buf->data; 898 hdr_len = buf->data - buf->begin; 899 skb_pull(*skb_p, hdr_len); 900 if (!rx.status && ieee80211_is_deauth(fctl)) { 901 if (priv->join_status == CW1200_JOIN_STATUS_STA) { 902 /* Shedule unjoin work */ 903 pr_debug("[WSM] Issue unjoin command (RX).\n"); 904 wsm_lock_tx_async(priv); 905 if (queue_work(priv->workqueue, 906 &priv->unjoin_work) <= 0) 907 wsm_unlock_tx(priv); 908 } 909 } 910 cw1200_rx_cb(priv, &rx, link_id, skb_p); 911 if (*skb_p) 912 skb_push(*skb_p, hdr_len); 913 914 return 0; 915 916 underflow: 917 return -EINVAL; 918 } 919 920 static int wsm_event_indication(struct cw1200_common *priv, struct wsm_buf *buf) 921 { 922 int first; 923 struct cw1200_wsm_event *event; 924 925 if (priv->mode == NL80211_IFTYPE_UNSPECIFIED) { 926 /* STA is stopped. */ 927 return 0; 928 } 929 930 event = kzalloc(sizeof(struct cw1200_wsm_event), GFP_KERNEL); 931 if (!event) 932 return -ENOMEM; 933 934 event->evt.id = WSM_GET32(buf); 935 event->evt.data = WSM_GET32(buf); 936 937 pr_debug("[WSM] Event: %d(%d)\n", 938 event->evt.id, event->evt.data); 939 940 spin_lock(&priv->event_queue_lock); 941 first = list_empty(&priv->event_queue); 942 list_add_tail(&event->link, &priv->event_queue); 943 spin_unlock(&priv->event_queue_lock); 944 945 if (first) 946 queue_work(priv->workqueue, &priv->event_handler); 947 948 return 0; 949 950 underflow: 951 kfree(event); 952 return -EINVAL; 953 } 954 955 static int wsm_channel_switch_indication(struct cw1200_common *priv, 956 struct wsm_buf *buf) 957 { 958 WARN_ON(WSM_GET32(buf)); 959 960 priv->channel_switch_in_progress = 0; 961 wake_up(&priv->channel_switch_done); 962 963 wsm_unlock_tx(priv); 964 965 return 0; 966 967 underflow: 968 return -EINVAL; 969 } 970 971 static int wsm_set_pm_indication(struct cw1200_common *priv, 972 struct wsm_buf *buf) 973 { 974 /* TODO: Check buf (struct wsm_set_pm_complete) for validity */ 975 if (priv->ps_mode_switch_in_progress) { 976 priv->ps_mode_switch_in_progress = 0; 977 wake_up(&priv->ps_mode_switch_done); 978 } 979 return 0; 980 } 981 982 static int wsm_scan_started(struct cw1200_common *priv, void *arg, 983 struct wsm_buf *buf) 984 { 985 u32 status = WSM_GET32(buf); 986 if (status != WSM_STATUS_SUCCESS) { 987 cw1200_scan_failed_cb(priv); 988 return -EINVAL; 989 } 990 return 0; 991 992 underflow: 993 WARN_ON(1); 994 return -EINVAL; 995 } 996 997 static int wsm_scan_complete_indication(struct cw1200_common *priv, 998 struct wsm_buf *buf) 999 { 1000 struct wsm_scan_complete arg; 1001 arg.status = WSM_GET32(buf); 1002 arg.psm = WSM_GET8(buf); 1003 arg.num_channels = WSM_GET8(buf); 1004 cw1200_scan_complete_cb(priv, &arg); 1005 1006 return 0; 1007 1008 underflow: 1009 return -EINVAL; 1010 } 1011 1012 static int wsm_join_complete_indication(struct cw1200_common *priv, 1013 struct wsm_buf *buf) 1014 { 1015 struct wsm_join_complete arg; 1016 arg.status = WSM_GET32(buf); 1017 pr_debug("[WSM] Join complete indication, status: %d\n", arg.status); 1018 cw1200_join_complete_cb(priv, &arg); 1019 1020 return 0; 1021 1022 underflow: 1023 return -EINVAL; 1024 } 1025 1026 static int wsm_find_complete_indication(struct cw1200_common *priv, 1027 struct wsm_buf *buf) 1028 { 1029 pr_warn("Implement find_complete_indication\n"); 1030 return 0; 1031 } 1032 1033 static int wsm_ba_timeout_indication(struct cw1200_common *priv, 1034 struct wsm_buf *buf) 1035 { 1036 u32 dummy; 1037 u8 tid; 1038 u8 dummy2; 1039 u8 addr[ETH_ALEN]; 1040 1041 dummy = WSM_GET32(buf); 1042 tid = WSM_GET8(buf); 1043 dummy2 = WSM_GET8(buf); 1044 WSM_GET(buf, addr, ETH_ALEN); 1045 1046 pr_info("BlockACK timeout, tid %d, addr %pM\n", 1047 tid, addr); 1048 1049 return 0; 1050 1051 underflow: 1052 return -EINVAL; 1053 } 1054 1055 static int wsm_suspend_resume_indication(struct cw1200_common *priv, 1056 int link_id, struct wsm_buf *buf) 1057 { 1058 u32 flags; 1059 struct wsm_suspend_resume arg; 1060 1061 flags = WSM_GET32(buf); 1062 arg.link_id = link_id; 1063 arg.stop = !(flags & 1); 1064 arg.multicast = !!(flags & 8); 1065 arg.queue = (flags >> 1) & 3; 1066 1067 cw1200_suspend_resume(priv, &arg); 1068 1069 return 0; 1070 1071 underflow: 1072 return -EINVAL; 1073 } 1074 1075 1076 /* ******************************************************************** */ 1077 /* WSM TX */ 1078 1079 static int wsm_cmd_send(struct cw1200_common *priv, 1080 struct wsm_buf *buf, 1081 void *arg, u16 cmd, long tmo) 1082 { 1083 size_t buf_len = buf->data - buf->begin; 1084 int ret; 1085 1086 /* Don't bother if we're dead. */ 1087 if (priv->bh_error) { 1088 ret = 0; 1089 goto done; 1090 } 1091 1092 /* Block until the cmd buffer is completed. Tortuous. */ 1093 spin_lock(&priv->wsm_cmd.lock); 1094 while (!priv->wsm_cmd.done) { 1095 spin_unlock(&priv->wsm_cmd.lock); 1096 spin_lock(&priv->wsm_cmd.lock); 1097 } 1098 priv->wsm_cmd.done = 0; 1099 spin_unlock(&priv->wsm_cmd.lock); 1100 1101 if (cmd == WSM_WRITE_MIB_REQ_ID || 1102 cmd == WSM_READ_MIB_REQ_ID) 1103 pr_debug("[WSM] >>> 0x%.4X [MIB: 0x%.4X] (%zu)\n", 1104 cmd, __le16_to_cpu(((__le16 *)buf->begin)[2]), 1105 buf_len); 1106 else 1107 pr_debug("[WSM] >>> 0x%.4X (%zu)\n", cmd, buf_len); 1108 1109 /* Due to buggy SPI on CW1200, we need to 1110 * pad the message by a few bytes to ensure 1111 * that it's completely received. 1112 */ 1113 buf_len += 4; 1114 1115 /* Fill HI message header */ 1116 /* BH will add sequence number */ 1117 ((__le16 *)buf->begin)[0] = __cpu_to_le16(buf_len); 1118 ((__le16 *)buf->begin)[1] = __cpu_to_le16(cmd); 1119 1120 spin_lock(&priv->wsm_cmd.lock); 1121 BUG_ON(priv->wsm_cmd.ptr); 1122 priv->wsm_cmd.ptr = buf->begin; 1123 priv->wsm_cmd.len = buf_len; 1124 priv->wsm_cmd.arg = arg; 1125 priv->wsm_cmd.cmd = cmd; 1126 spin_unlock(&priv->wsm_cmd.lock); 1127 1128 cw1200_bh_wakeup(priv); 1129 1130 /* Wait for command completion */ 1131 ret = wait_event_timeout(priv->wsm_cmd_wq, 1132 priv->wsm_cmd.done, tmo); 1133 1134 if (!ret && !priv->wsm_cmd.done) { 1135 spin_lock(&priv->wsm_cmd.lock); 1136 priv->wsm_cmd.done = 1; 1137 priv->wsm_cmd.ptr = NULL; 1138 spin_unlock(&priv->wsm_cmd.lock); 1139 if (priv->bh_error) { 1140 /* Return ok to help system cleanup */ 1141 ret = 0; 1142 } else { 1143 pr_err("CMD req (0x%04x) stuck in firmware, killing BH\n", priv->wsm_cmd.cmd); 1144 print_hex_dump_bytes("REQDUMP: ", DUMP_PREFIX_NONE, 1145 buf->begin, buf_len); 1146 pr_err("Outstanding outgoing frames: %d\n", priv->hw_bufs_used); 1147 1148 /* Kill BH thread to report the error to the top layer. */ 1149 atomic_add(1, &priv->bh_term); 1150 wake_up(&priv->bh_wq); 1151 ret = -ETIMEDOUT; 1152 } 1153 } else { 1154 spin_lock(&priv->wsm_cmd.lock); 1155 BUG_ON(!priv->wsm_cmd.done); 1156 ret = priv->wsm_cmd.ret; 1157 spin_unlock(&priv->wsm_cmd.lock); 1158 } 1159 done: 1160 wsm_buf_reset(buf); 1161 return ret; 1162 } 1163 1164 /* ******************************************************************** */ 1165 /* WSM TX port control */ 1166 1167 void wsm_lock_tx(struct cw1200_common *priv) 1168 { 1169 wsm_cmd_lock(priv); 1170 if (atomic_add_return(1, &priv->tx_lock) == 1) { 1171 if (wsm_flush_tx(priv)) 1172 pr_debug("[WSM] TX is locked.\n"); 1173 } 1174 wsm_cmd_unlock(priv); 1175 } 1176 1177 void wsm_lock_tx_async(struct cw1200_common *priv) 1178 { 1179 if (atomic_add_return(1, &priv->tx_lock) == 1) 1180 pr_debug("[WSM] TX is locked (async).\n"); 1181 } 1182 1183 bool wsm_flush_tx(struct cw1200_common *priv) 1184 { 1185 unsigned long timestamp = jiffies; 1186 bool pending = false; 1187 long timeout; 1188 int i; 1189 1190 /* Flush must be called with TX lock held. */ 1191 BUG_ON(!atomic_read(&priv->tx_lock)); 1192 1193 /* First check if we really need to do something. 1194 * It is safe to use unprotected access, as hw_bufs_used 1195 * can only decrements. 1196 */ 1197 if (!priv->hw_bufs_used) 1198 return true; 1199 1200 if (priv->bh_error) { 1201 /* In case of failure do not wait for magic. */ 1202 pr_err("[WSM] Fatal error occurred, will not flush TX.\n"); 1203 return false; 1204 } else { 1205 /* Get a timestamp of "oldest" frame */ 1206 for (i = 0; i < 4; ++i) 1207 pending |= cw1200_queue_get_xmit_timestamp( 1208 &priv->tx_queue[i], 1209 ×tamp, 0xffffffff); 1210 /* If there's nothing pending, we're good */ 1211 if (!pending) 1212 return true; 1213 1214 timeout = timestamp + WSM_CMD_LAST_CHANCE_TIMEOUT - jiffies; 1215 if (timeout < 0 || wait_event_timeout(priv->bh_evt_wq, 1216 !priv->hw_bufs_used, 1217 timeout) <= 0) { 1218 /* Hmmm... Not good. Frame had stuck in firmware. */ 1219 priv->bh_error = 1; 1220 wiphy_err(priv->hw->wiphy, "[WSM] TX Frames (%d) stuck in firmware, killing BH\n", priv->hw_bufs_used); 1221 wake_up(&priv->bh_wq); 1222 return false; 1223 } 1224 1225 /* Ok, everything is flushed. */ 1226 return true; 1227 } 1228 } 1229 1230 void wsm_unlock_tx(struct cw1200_common *priv) 1231 { 1232 int tx_lock; 1233 tx_lock = atomic_sub_return(1, &priv->tx_lock); 1234 BUG_ON(tx_lock < 0); 1235 1236 if (tx_lock == 0) { 1237 if (!priv->bh_error) 1238 cw1200_bh_wakeup(priv); 1239 pr_debug("[WSM] TX is unlocked.\n"); 1240 } 1241 } 1242 1243 /* ******************************************************************** */ 1244 /* WSM RX */ 1245 1246 int wsm_handle_exception(struct cw1200_common *priv, u8 *data, size_t len) 1247 { 1248 struct wsm_buf buf; 1249 u32 reason; 1250 u32 reg[18]; 1251 char fname[48]; 1252 unsigned int i; 1253 1254 static const char * const reason_str[] = { 1255 "undefined instruction", 1256 "prefetch abort", 1257 "data abort", 1258 "unknown error", 1259 }; 1260 1261 buf.begin = buf.data = data; 1262 buf.end = &buf.begin[len]; 1263 1264 reason = WSM_GET32(&buf); 1265 for (i = 0; i < ARRAY_SIZE(reg); ++i) 1266 reg[i] = WSM_GET32(&buf); 1267 WSM_GET(&buf, fname, sizeof(fname)); 1268 1269 if (reason < 4) 1270 wiphy_err(priv->hw->wiphy, 1271 "Firmware exception: %s.\n", 1272 reason_str[reason]); 1273 else 1274 wiphy_err(priv->hw->wiphy, 1275 "Firmware assert at %.*s, line %d\n", 1276 (int) sizeof(fname), fname, reg[1]); 1277 1278 for (i = 0; i < 12; i += 4) 1279 wiphy_err(priv->hw->wiphy, 1280 "R%d: 0x%.8X, R%d: 0x%.8X, R%d: 0x%.8X, R%d: 0x%.8X,\n", 1281 i + 0, reg[i + 0], i + 1, reg[i + 1], 1282 i + 2, reg[i + 2], i + 3, reg[i + 3]); 1283 wiphy_err(priv->hw->wiphy, 1284 "R12: 0x%.8X, SP: 0x%.8X, LR: 0x%.8X, PC: 0x%.8X,\n", 1285 reg[i + 0], reg[i + 1], reg[i + 2], reg[i + 3]); 1286 i += 4; 1287 wiphy_err(priv->hw->wiphy, 1288 "CPSR: 0x%.8X, SPSR: 0x%.8X\n", 1289 reg[i + 0], reg[i + 1]); 1290 1291 print_hex_dump_bytes("R1: ", DUMP_PREFIX_NONE, 1292 fname, sizeof(fname)); 1293 return 0; 1294 1295 underflow: 1296 wiphy_err(priv->hw->wiphy, "Firmware exception.\n"); 1297 print_hex_dump_bytes("Exception: ", DUMP_PREFIX_NONE, 1298 data, len); 1299 return -EINVAL; 1300 } 1301 1302 int wsm_handle_rx(struct cw1200_common *priv, u16 id, 1303 struct wsm_hdr *wsm, struct sk_buff **skb_p) 1304 { 1305 int ret = 0; 1306 struct wsm_buf wsm_buf; 1307 int link_id = (id >> 6) & 0x0F; 1308 1309 /* Strip link id. */ 1310 id &= ~WSM_TX_LINK_ID(WSM_TX_LINK_ID_MAX); 1311 1312 wsm_buf.begin = (u8 *)&wsm[0]; 1313 wsm_buf.data = (u8 *)&wsm[1]; 1314 wsm_buf.end = &wsm_buf.begin[__le16_to_cpu(wsm->len)]; 1315 1316 pr_debug("[WSM] <<< 0x%.4X (%td)\n", id, 1317 wsm_buf.end - wsm_buf.begin); 1318 1319 if (id == WSM_TX_CONFIRM_IND_ID) { 1320 ret = wsm_tx_confirm(priv, &wsm_buf, link_id); 1321 } else if (id == WSM_MULTI_TX_CONFIRM_ID) { 1322 ret = wsm_multi_tx_confirm(priv, &wsm_buf, link_id); 1323 } else if (id & 0x0400) { 1324 void *wsm_arg; 1325 u16 wsm_cmd; 1326 1327 /* Do not trust FW too much. Protection against repeated 1328 * response and race condition removal (see above). 1329 */ 1330 spin_lock(&priv->wsm_cmd.lock); 1331 wsm_arg = priv->wsm_cmd.arg; 1332 wsm_cmd = priv->wsm_cmd.cmd & 1333 ~WSM_TX_LINK_ID(WSM_TX_LINK_ID_MAX); 1334 priv->wsm_cmd.cmd = 0xFFFF; 1335 spin_unlock(&priv->wsm_cmd.lock); 1336 1337 if (WARN_ON((id & ~0x0400) != wsm_cmd)) { 1338 /* Note that any non-zero is a fatal retcode. */ 1339 ret = -EINVAL; 1340 goto out; 1341 } 1342 1343 /* Note that wsm_arg can be NULL in case of timeout in 1344 * wsm_cmd_send(). 1345 */ 1346 1347 switch (id) { 1348 case WSM_READ_MIB_RESP_ID: 1349 if (wsm_arg) 1350 ret = wsm_read_mib_confirm(priv, wsm_arg, 1351 &wsm_buf); 1352 break; 1353 case WSM_WRITE_MIB_RESP_ID: 1354 if (wsm_arg) 1355 ret = wsm_write_mib_confirm(priv, wsm_arg, 1356 &wsm_buf); 1357 break; 1358 case WSM_START_SCAN_RESP_ID: 1359 if (wsm_arg) 1360 ret = wsm_scan_started(priv, wsm_arg, &wsm_buf); 1361 break; 1362 case WSM_CONFIGURATION_RESP_ID: 1363 if (wsm_arg) 1364 ret = wsm_configuration_confirm(priv, wsm_arg, 1365 &wsm_buf); 1366 break; 1367 case WSM_JOIN_RESP_ID: 1368 if (wsm_arg) 1369 ret = wsm_join_confirm(priv, wsm_arg, &wsm_buf); 1370 break; 1371 case WSM_STOP_SCAN_RESP_ID: 1372 case WSM_RESET_RESP_ID: 1373 case WSM_ADD_KEY_RESP_ID: 1374 case WSM_REMOVE_KEY_RESP_ID: 1375 case WSM_SET_PM_RESP_ID: 1376 case WSM_SET_BSS_PARAMS_RESP_ID: 1377 case 0x0412: /* set_tx_queue_params */ 1378 case WSM_EDCA_PARAMS_RESP_ID: 1379 case WSM_SWITCH_CHANNEL_RESP_ID: 1380 case WSM_START_RESP_ID: 1381 case WSM_BEACON_TRANSMIT_RESP_ID: 1382 case 0x0419: /* start_find */ 1383 case 0x041A: /* stop_find */ 1384 case 0x041B: /* update_ie */ 1385 case 0x041C: /* map_link */ 1386 WARN_ON(wsm_arg != NULL); 1387 ret = wsm_generic_confirm(priv, wsm_arg, &wsm_buf); 1388 if (ret) { 1389 wiphy_warn(priv->hw->wiphy, 1390 "wsm_generic_confirm failed for request 0x%04x.\n", 1391 id & ~0x0400); 1392 1393 /* often 0x407 and 0x410 occur, this means we're dead.. */ 1394 if (priv->join_status >= CW1200_JOIN_STATUS_JOINING) { 1395 wsm_lock_tx(priv); 1396 if (queue_work(priv->workqueue, &priv->unjoin_work) <= 0) 1397 wsm_unlock_tx(priv); 1398 } 1399 } 1400 break; 1401 default: 1402 wiphy_warn(priv->hw->wiphy, 1403 "Unrecognized confirmation 0x%04x\n", 1404 id & ~0x0400); 1405 } 1406 1407 spin_lock(&priv->wsm_cmd.lock); 1408 priv->wsm_cmd.ret = ret; 1409 priv->wsm_cmd.done = 1; 1410 spin_unlock(&priv->wsm_cmd.lock); 1411 1412 ret = 0; /* Error response from device should ne stop BH. */ 1413 1414 wake_up(&priv->wsm_cmd_wq); 1415 } else if (id & 0x0800) { 1416 switch (id) { 1417 case WSM_STARTUP_IND_ID: 1418 ret = wsm_startup_indication(priv, &wsm_buf); 1419 break; 1420 case WSM_RECEIVE_IND_ID: 1421 ret = wsm_receive_indication(priv, link_id, 1422 &wsm_buf, skb_p); 1423 break; 1424 case 0x0805: 1425 ret = wsm_event_indication(priv, &wsm_buf); 1426 break; 1427 case WSM_SCAN_COMPLETE_IND_ID: 1428 ret = wsm_scan_complete_indication(priv, &wsm_buf); 1429 break; 1430 case 0x0808: 1431 ret = wsm_ba_timeout_indication(priv, &wsm_buf); 1432 break; 1433 case 0x0809: 1434 ret = wsm_set_pm_indication(priv, &wsm_buf); 1435 break; 1436 case 0x080A: 1437 ret = wsm_channel_switch_indication(priv, &wsm_buf); 1438 break; 1439 case 0x080B: 1440 ret = wsm_find_complete_indication(priv, &wsm_buf); 1441 break; 1442 case 0x080C: 1443 ret = wsm_suspend_resume_indication(priv, 1444 link_id, &wsm_buf); 1445 break; 1446 case 0x080F: 1447 ret = wsm_join_complete_indication(priv, &wsm_buf); 1448 break; 1449 default: 1450 pr_warn("Unrecognised WSM ID %04x\n", id); 1451 } 1452 } else { 1453 WARN_ON(1); 1454 ret = -EINVAL; 1455 } 1456 out: 1457 return ret; 1458 } 1459 1460 static bool wsm_handle_tx_data(struct cw1200_common *priv, 1461 struct wsm_tx *wsm, 1462 const struct ieee80211_tx_info *tx_info, 1463 const struct cw1200_txpriv *txpriv, 1464 struct cw1200_queue *queue) 1465 { 1466 bool handled = false; 1467 const struct ieee80211_hdr *frame = 1468 (struct ieee80211_hdr *)&((u8 *)wsm)[txpriv->offset]; 1469 __le16 fctl = frame->frame_control; 1470 enum { 1471 do_probe, 1472 do_drop, 1473 do_wep, 1474 do_tx, 1475 } action = do_tx; 1476 1477 switch (priv->mode) { 1478 case NL80211_IFTYPE_STATION: 1479 if (priv->join_status == CW1200_JOIN_STATUS_MONITOR) 1480 action = do_tx; 1481 else if (priv->join_status < CW1200_JOIN_STATUS_PRE_STA) 1482 action = do_drop; 1483 break; 1484 case NL80211_IFTYPE_AP: 1485 if (!priv->join_status) { 1486 action = do_drop; 1487 } else if (!(BIT(txpriv->raw_link_id) & 1488 (BIT(0) | priv->link_id_map))) { 1489 wiphy_warn(priv->hw->wiphy, 1490 "A frame with expired link id is dropped.\n"); 1491 action = do_drop; 1492 } 1493 if (cw1200_queue_get_generation(wsm->packet_id) > 1494 CW1200_MAX_REQUEUE_ATTEMPTS) { 1495 /* HACK!!! WSM324 firmware has tendency to requeue 1496 * multicast frames in a loop, causing performance 1497 * drop and high power consumption of the driver. 1498 * In this situation it is better just to drop 1499 * the problematic frame. 1500 */ 1501 wiphy_warn(priv->hw->wiphy, 1502 "Too many attempts to requeue a frame; dropped.\n"); 1503 action = do_drop; 1504 } 1505 break; 1506 case NL80211_IFTYPE_ADHOC: 1507 if (priv->join_status != CW1200_JOIN_STATUS_IBSS) 1508 action = do_drop; 1509 break; 1510 case NL80211_IFTYPE_MESH_POINT: 1511 action = do_tx; /* TODO: Test me! */ 1512 break; 1513 case NL80211_IFTYPE_MONITOR: 1514 default: 1515 action = do_drop; 1516 break; 1517 } 1518 1519 if (action == do_tx) { 1520 if (ieee80211_is_nullfunc(fctl)) { 1521 spin_lock(&priv->bss_loss_lock); 1522 if (priv->bss_loss_state) { 1523 priv->bss_loss_confirm_id = wsm->packet_id; 1524 wsm->queue_id = WSM_QUEUE_VOICE; 1525 } 1526 spin_unlock(&priv->bss_loss_lock); 1527 } else if (ieee80211_is_probe_req(fctl)) { 1528 action = do_probe; 1529 } else if (ieee80211_is_deauth(fctl) && 1530 priv->mode != NL80211_IFTYPE_AP) { 1531 pr_debug("[WSM] Issue unjoin command due to tx deauth.\n"); 1532 wsm_lock_tx_async(priv); 1533 if (queue_work(priv->workqueue, 1534 &priv->unjoin_work) <= 0) 1535 wsm_unlock_tx(priv); 1536 } else if (ieee80211_has_protected(fctl) && 1537 tx_info->control.hw_key && 1538 tx_info->control.hw_key->keyidx != priv->wep_default_key_id && 1539 (tx_info->control.hw_key->cipher == WLAN_CIPHER_SUITE_WEP40 || 1540 tx_info->control.hw_key->cipher == WLAN_CIPHER_SUITE_WEP104)) { 1541 action = do_wep; 1542 } 1543 } 1544 1545 switch (action) { 1546 case do_probe: 1547 /* An interesting FW "feature". Device filters probe responses. 1548 * The easiest way to get it back is to convert 1549 * probe request into WSM start_scan command. 1550 */ 1551 pr_debug("[WSM] Convert probe request to scan.\n"); 1552 wsm_lock_tx_async(priv); 1553 priv->pending_frame_id = wsm->packet_id; 1554 if (queue_delayed_work(priv->workqueue, 1555 &priv->scan.probe_work, 0) <= 0) 1556 wsm_unlock_tx(priv); 1557 handled = true; 1558 break; 1559 case do_drop: 1560 pr_debug("[WSM] Drop frame (0x%.4X).\n", fctl); 1561 BUG_ON(cw1200_queue_remove(queue, wsm->packet_id)); 1562 handled = true; 1563 break; 1564 case do_wep: 1565 pr_debug("[WSM] Issue set_default_wep_key.\n"); 1566 wsm_lock_tx_async(priv); 1567 priv->wep_default_key_id = tx_info->control.hw_key->keyidx; 1568 priv->pending_frame_id = wsm->packet_id; 1569 if (queue_work(priv->workqueue, &priv->wep_key_work) <= 0) 1570 wsm_unlock_tx(priv); 1571 handled = true; 1572 break; 1573 case do_tx: 1574 pr_debug("[WSM] Transmit frame.\n"); 1575 break; 1576 default: 1577 /* Do nothing */ 1578 break; 1579 } 1580 return handled; 1581 } 1582 1583 static int cw1200_get_prio_queue(struct cw1200_common *priv, 1584 u32 link_id_map, int *total) 1585 { 1586 static const int urgent = BIT(CW1200_LINK_ID_AFTER_DTIM) | 1587 BIT(CW1200_LINK_ID_UAPSD); 1588 struct wsm_edca_queue_params *edca; 1589 unsigned score, best = -1; 1590 int winner = -1; 1591 int queued; 1592 int i; 1593 1594 /* search for a winner using edca params */ 1595 for (i = 0; i < 4; ++i) { 1596 queued = cw1200_queue_get_num_queued(&priv->tx_queue[i], 1597 link_id_map); 1598 if (!queued) 1599 continue; 1600 *total += queued; 1601 edca = &priv->edca.params[i]; 1602 score = ((edca->aifns + edca->cwmin) << 16) + 1603 ((edca->cwmax - edca->cwmin) * 1604 (get_random_int() & 0xFFFF)); 1605 if (score < best && (winner < 0 || i != 3)) { 1606 best = score; 1607 winner = i; 1608 } 1609 } 1610 1611 /* override winner if bursting */ 1612 if (winner >= 0 && priv->tx_burst_idx >= 0 && 1613 winner != priv->tx_burst_idx && 1614 !cw1200_queue_get_num_queued( 1615 &priv->tx_queue[winner], 1616 link_id_map & urgent) && 1617 cw1200_queue_get_num_queued( 1618 &priv->tx_queue[priv->tx_burst_idx], 1619 link_id_map)) 1620 winner = priv->tx_burst_idx; 1621 1622 return winner; 1623 } 1624 1625 static int wsm_get_tx_queue_and_mask(struct cw1200_common *priv, 1626 struct cw1200_queue **queue_p, 1627 u32 *tx_allowed_mask_p, 1628 bool *more) 1629 { 1630 int idx; 1631 u32 tx_allowed_mask; 1632 int total = 0; 1633 1634 /* Search for a queue with multicast frames buffered */ 1635 if (priv->tx_multicast) { 1636 tx_allowed_mask = BIT(CW1200_LINK_ID_AFTER_DTIM); 1637 idx = cw1200_get_prio_queue(priv, 1638 tx_allowed_mask, &total); 1639 if (idx >= 0) { 1640 *more = total > 1; 1641 goto found; 1642 } 1643 } 1644 1645 /* Search for unicast traffic */ 1646 tx_allowed_mask = ~priv->sta_asleep_mask; 1647 tx_allowed_mask |= BIT(CW1200_LINK_ID_UAPSD); 1648 if (priv->sta_asleep_mask) { 1649 tx_allowed_mask |= priv->pspoll_mask; 1650 tx_allowed_mask &= ~BIT(CW1200_LINK_ID_AFTER_DTIM); 1651 } else { 1652 tx_allowed_mask |= BIT(CW1200_LINK_ID_AFTER_DTIM); 1653 } 1654 idx = cw1200_get_prio_queue(priv, 1655 tx_allowed_mask, &total); 1656 if (idx < 0) 1657 return -ENOENT; 1658 1659 found: 1660 *queue_p = &priv->tx_queue[idx]; 1661 *tx_allowed_mask_p = tx_allowed_mask; 1662 return 0; 1663 } 1664 1665 int wsm_get_tx(struct cw1200_common *priv, u8 **data, 1666 size_t *tx_len, int *burst) 1667 { 1668 struct wsm_tx *wsm = NULL; 1669 struct ieee80211_tx_info *tx_info; 1670 struct cw1200_queue *queue = NULL; 1671 int queue_num; 1672 u32 tx_allowed_mask = 0; 1673 const struct cw1200_txpriv *txpriv = NULL; 1674 int count = 0; 1675 1676 /* More is used only for broadcasts. */ 1677 bool more = false; 1678 1679 if (priv->wsm_cmd.ptr) { /* CMD request */ 1680 ++count; 1681 spin_lock(&priv->wsm_cmd.lock); 1682 BUG_ON(!priv->wsm_cmd.ptr); 1683 *data = priv->wsm_cmd.ptr; 1684 *tx_len = priv->wsm_cmd.len; 1685 *burst = 1; 1686 spin_unlock(&priv->wsm_cmd.lock); 1687 } else { 1688 for (;;) { 1689 int ret; 1690 1691 if (atomic_add_return(0, &priv->tx_lock)) 1692 break; 1693 1694 spin_lock_bh(&priv->ps_state_lock); 1695 1696 ret = wsm_get_tx_queue_and_mask(priv, &queue, 1697 &tx_allowed_mask, &more); 1698 queue_num = queue - priv->tx_queue; 1699 1700 if (priv->buffered_multicasts && 1701 (ret || !more) && 1702 (priv->tx_multicast || !priv->sta_asleep_mask)) { 1703 priv->buffered_multicasts = false; 1704 if (priv->tx_multicast) { 1705 priv->tx_multicast = false; 1706 queue_work(priv->workqueue, 1707 &priv->multicast_stop_work); 1708 } 1709 } 1710 1711 spin_unlock_bh(&priv->ps_state_lock); 1712 1713 if (ret) 1714 break; 1715 1716 if (cw1200_queue_get(queue, 1717 tx_allowed_mask, 1718 &wsm, &tx_info, &txpriv)) 1719 continue; 1720 1721 if (wsm_handle_tx_data(priv, wsm, 1722 tx_info, txpriv, queue)) 1723 continue; /* Handled by WSM */ 1724 1725 wsm->hdr.id &= __cpu_to_le16( 1726 ~WSM_TX_LINK_ID(WSM_TX_LINK_ID_MAX)); 1727 wsm->hdr.id |= cpu_to_le16( 1728 WSM_TX_LINK_ID(txpriv->raw_link_id)); 1729 priv->pspoll_mask &= ~BIT(txpriv->raw_link_id); 1730 1731 *data = (u8 *)wsm; 1732 *tx_len = __le16_to_cpu(wsm->hdr.len); 1733 1734 /* allow bursting if txop is set */ 1735 if (priv->edca.params[queue_num].txop_limit) 1736 *burst = min(*burst, 1737 (int)cw1200_queue_get_num_queued(queue, tx_allowed_mask) + 1); 1738 else 1739 *burst = 1; 1740 1741 /* store index of bursting queue */ 1742 if (*burst > 1) 1743 priv->tx_burst_idx = queue_num; 1744 else 1745 priv->tx_burst_idx = -1; 1746 1747 if (more) { 1748 struct ieee80211_hdr *hdr = 1749 (struct ieee80211_hdr *) 1750 &((u8 *)wsm)[txpriv->offset]; 1751 /* more buffered multicast/broadcast frames 1752 * ==> set MoreData flag in IEEE 802.11 header 1753 * to inform PS STAs 1754 */ 1755 hdr->frame_control |= 1756 cpu_to_le16(IEEE80211_FCTL_MOREDATA); 1757 } 1758 1759 pr_debug("[WSM] >>> 0x%.4X (%zu) %p %c\n", 1760 0x0004, *tx_len, *data, 1761 wsm->more ? 'M' : ' '); 1762 ++count; 1763 break; 1764 } 1765 } 1766 1767 return count; 1768 } 1769 1770 void wsm_txed(struct cw1200_common *priv, u8 *data) 1771 { 1772 if (data == priv->wsm_cmd.ptr) { 1773 spin_lock(&priv->wsm_cmd.lock); 1774 priv->wsm_cmd.ptr = NULL; 1775 spin_unlock(&priv->wsm_cmd.lock); 1776 } 1777 } 1778 1779 /* ******************************************************************** */ 1780 /* WSM buffer */ 1781 1782 void wsm_buf_init(struct wsm_buf *buf) 1783 { 1784 BUG_ON(buf->begin); 1785 buf->begin = kmalloc(FWLOAD_BLOCK_SIZE, GFP_KERNEL | GFP_DMA); 1786 buf->end = buf->begin ? &buf->begin[FWLOAD_BLOCK_SIZE] : buf->begin; 1787 wsm_buf_reset(buf); 1788 } 1789 1790 void wsm_buf_deinit(struct wsm_buf *buf) 1791 { 1792 kfree(buf->begin); 1793 buf->begin = buf->data = buf->end = NULL; 1794 } 1795 1796 static void wsm_buf_reset(struct wsm_buf *buf) 1797 { 1798 if (buf->begin) { 1799 buf->data = &buf->begin[4]; 1800 *(u32 *)buf->begin = 0; 1801 } else { 1802 buf->data = buf->begin; 1803 } 1804 } 1805 1806 static int wsm_buf_reserve(struct wsm_buf *buf, size_t extra_size) 1807 { 1808 size_t pos = buf->data - buf->begin; 1809 size_t size = pos + extra_size; 1810 1811 size = round_up(size, FWLOAD_BLOCK_SIZE); 1812 1813 buf->begin = krealloc(buf->begin, size, GFP_KERNEL | GFP_DMA); 1814 if (buf->begin) { 1815 buf->data = &buf->begin[pos]; 1816 buf->end = &buf->begin[size]; 1817 return 0; 1818 } else { 1819 buf->end = buf->data = buf->begin; 1820 return -ENOMEM; 1821 } 1822 } 1823