projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
[deliverable/linux.git] / drivers / net / wireless / ath / carl9170 / rx.c
1 /*
2 * Atheros CARL9170 driver
3 *
4 * 802.11 & command trap routines
5 *
6 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; see the file COPYING. If not, see
21 * http://www.gnu.org/licenses/.
22 *
23 * This file incorporates work covered by the following copyright and
24 * permission notice:
25 * Copyright (c) 2007-2008 Atheros Communications, Inc.
26 *
27 * Permission to use, copy, modify, and/or distribute this software for any
28 * purpose with or without fee is hereby granted, provided that the above
29 * copyright notice and this permission notice appear in all copies.
30 *
31 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
32 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
33 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
34 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
35 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
36 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
37 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
38 */
39
40 #include <linux/init.h>
41 #include <linux/slab.h>
42 #include <linux/module.h>
43 #include <linux/etherdevice.h>
44 #include <linux/crc32.h>
45 #include <net/mac80211.h>
46 #include "carl9170.h"
47 #include "hw.h"
48 #include "cmd.h"
49
50 static void carl9170_dbg_message(struct ar9170 *ar, const char *buf, u32 len)
51 {
52 bool restart = false;
53 enum carl9170_restart_reasons reason = CARL9170_RR_NO_REASON;
54
55 if (len > 3) {
56 if (memcmp(buf, CARL9170_ERR_MAGIC, 3) == 0) {
57 ar->fw.err_counter++;
58 if (ar->fw.err_counter > 3) {
59 restart = true;
60 reason = CARL9170_RR_TOO_MANY_FIRMWARE_ERRORS;
61 }
62 }
63
64 if (memcmp(buf, CARL9170_BUG_MAGIC, 3) == 0) {
65 ar->fw.bug_counter++;
66 restart = true;
67 reason = CARL9170_RR_FATAL_FIRMWARE_ERROR;
68 }
69 }
70
71 wiphy_info(ar->hw->wiphy, "FW: %.*s\n", len, buf);
72
73 if (restart)
74 carl9170_restart(ar, reason);
75 }
76
77 static void carl9170_handle_ps(struct ar9170 *ar, struct carl9170_rsp *rsp)
78 {
79 u32 ps;
80 bool new_ps;
81
82 ps = le32_to_cpu(rsp->psm.state);
83
84 new_ps = (ps & CARL9170_PSM_COUNTER) != CARL9170_PSM_WAKE;
85 if (ar->ps.state != new_ps) {
86 if (!new_ps) {
87 ar->ps.sleep_ms = jiffies_to_msecs(jiffies -
88 ar->ps.last_action);
89 }
90
91 ar->ps.last_action = jiffies;
92
93 ar->ps.state = new_ps;
94 }
95 }
96
97 static int carl9170_check_sequence(struct ar9170 *ar, unsigned int seq)
98 {
99 if (ar->cmd_seq < -1)
100 return 0;
101
102 /*
103 * Initialize Counter
104 */
105 if (ar->cmd_seq < 0)
106 ar->cmd_seq = seq;
107
108 /*
109 * The sequence is strictly monotonic increasing and it never skips!
110 *
111 * Therefore we can safely assume that whenever we received an
112 * unexpected sequence we have lost some valuable data.
113 */
114 if (seq != ar->cmd_seq) {
115 int count;
116
117 count = (seq - ar->cmd_seq) % ar->fw.cmd_bufs;
118
119 wiphy_err(ar->hw->wiphy, "lost %d command responses/traps! "
120 "w:%d g:%d\n", count, ar->cmd_seq, seq);
121
122 carl9170_restart(ar, CARL9170_RR_LOST_RSP);
123 return -EIO;
124 }
125
126 ar->cmd_seq = (ar->cmd_seq + 1) % ar->fw.cmd_bufs;
127 return 0;
128 }
129
130 static void carl9170_cmd_callback(struct ar9170 *ar, u32 len, void *buffer)
131 {
132 /*
133 * Some commands may have a variable response length
134 * and we cannot predict the correct length in advance.
135 * So we only check if we provided enough space for the data.
136 */
137 if (unlikely(ar->readlen != (len - 4))) {
138 dev_warn(&ar->udev->dev, "received invalid command response:"
139 "got %d, instead of %d\n", len - 4, ar->readlen);
140 print_hex_dump_bytes("carl9170 cmd:", DUMP_PREFIX_OFFSET,
141 ar->cmd_buf, (ar->cmd.hdr.len + 4) & 0x3f);
142 print_hex_dump_bytes("carl9170 rsp:", DUMP_PREFIX_OFFSET,
143 buffer, len);
144 /*
145 * Do not complete. The command times out,
146 * and we get a stack trace from there.
147 */
148 carl9170_restart(ar, CARL9170_RR_INVALID_RSP);
149 }
150
151 spin_lock(&ar->cmd_lock);
152 if (ar->readbuf) {
153 if (len >= 4)
154 memcpy(ar->readbuf, buffer + 4, len - 4);
155
156 ar->readbuf = NULL;
157 }
158 complete(&ar->cmd_wait);
159 spin_unlock(&ar->cmd_lock);
160 }
161
162 void carl9170_handle_command_response(struct ar9170 *ar, void *buf, u32 len)
163 {
164 struct carl9170_rsp *cmd = buf;
165 struct ieee80211_vif *vif;
166
167 if (carl9170_check_sequence(ar, cmd->hdr.seq))
168 return;
169
170 if ((cmd->hdr.cmd & CARL9170_RSP_FLAG) != CARL9170_RSP_FLAG) {
171 if (!(cmd->hdr.cmd & CARL9170_CMD_ASYNC_FLAG))
172 carl9170_cmd_callback(ar, len, buf);
173
174 return;
175 }
176
177 if (unlikely(cmd->hdr.len != (len - 4))) {
178 if (net_ratelimit()) {
179 wiphy_err(ar->hw->wiphy, "FW: received over-/under"
180 "sized event %x (%d, but should be %d).\n",
181 cmd->hdr.cmd, cmd->hdr.len, len - 4);
182
183 print_hex_dump_bytes("dump:", DUMP_PREFIX_NONE,
184 buf, len);
185 }
186
187 return;
188 }
189
190 /* hardware event handlers */
191 switch (cmd->hdr.cmd) {
192 case CARL9170_RSP_PRETBTT:
193 /* pre-TBTT event */
194 rcu_read_lock();
195 vif = carl9170_get_main_vif(ar);
196
197 if (!vif) {
198 rcu_read_unlock();
199 break;
200 }
201
202 switch (vif->type) {
203 case NL80211_IFTYPE_STATION:
204 carl9170_handle_ps(ar, cmd);
205 break;
206
207 case NL80211_IFTYPE_AP:
208 case NL80211_IFTYPE_ADHOC:
209 case NL80211_IFTYPE_MESH_POINT:
210 carl9170_update_beacon(ar, true);
211 break;
212
213 default:
214 break;
215 }
216 rcu_read_unlock();
217
218 break;
219
220
221 case CARL9170_RSP_TXCOMP:
222 /* TX status notification */
223 carl9170_tx_process_status(ar, cmd);
224 break;
225
226 case CARL9170_RSP_BEACON_CONFIG:
227 /*
228 * (IBSS) beacon send notification
229 * bytes: 04 c2 XX YY B4 B3 B2 B1
230 *
231 * XX always 80
232 * YY always 00
233 * B1-B4 "should" be the number of send out beacons.
234 */
235 break;
236
237 case CARL9170_RSP_ATIM:
238 /* End of Atim Window */
239 break;
240
241 case CARL9170_RSP_WATCHDOG:
242 /* Watchdog Interrupt */
243 carl9170_restart(ar, CARL9170_RR_WATCHDOG);
244 break;
245
246 case CARL9170_RSP_TEXT:
247 /* firmware debug */
248 carl9170_dbg_message(ar, (char *)buf + 4, len - 4);
249 break;
250
251 case CARL9170_RSP_HEXDUMP:
252 wiphy_dbg(ar->hw->wiphy, "FW: HD %d\n", len - 4);
253 print_hex_dump_bytes("FW:", DUMP_PREFIX_NONE,
254 (char *)buf + 4, len - 4);
255 break;
256
257 case CARL9170_RSP_RADAR:
258 if (!net_ratelimit())
259 break;
260
261 wiphy_info(ar->hw->wiphy, "FW: RADAR! Please report this "
262 "incident to linux-wireless@vger.kernel.org !\n");
263 break;
264
265 case CARL9170_RSP_GPIO:
266 #ifdef CONFIG_CARL9170_WPC
267 if (ar->wps.pbc) {
268 bool state = !!(cmd->gpio.gpio & cpu_to_le32(
269 AR9170_GPIO_PORT_WPS_BUTTON_PRESSED));
270
271 if (state != ar->wps.pbc_state) {
272 ar->wps.pbc_state = state;
273 input_report_key(ar->wps.pbc, KEY_WPS_BUTTON,
274 state);
275 input_sync(ar->wps.pbc);
276 }
277 }
278 #endif /* CONFIG_CARL9170_WPC */
279 break;
280
281 case CARL9170_RSP_BOOT:
282 complete(&ar->fw_boot_wait);
283 break;
284
285 default:
286 wiphy_err(ar->hw->wiphy, "FW: received unhandled event %x\n",
287 cmd->hdr.cmd);
288 print_hex_dump_bytes("dump:", DUMP_PREFIX_NONE, buf, len);
289 break;
290 }
291 }
292
293 static int carl9170_rx_mac_status(struct ar9170 *ar,
294 struct ar9170_rx_head *head, struct ar9170_rx_macstatus *mac,
295 struct ieee80211_rx_status *status)
296 {
297 struct ieee80211_channel *chan;
298 u8 error, decrypt;
299
300 BUILD_BUG_ON(sizeof(struct ar9170_rx_head) != 12);
301 BUILD_BUG_ON(sizeof(struct ar9170_rx_macstatus) != 4);
302
303 error = mac->error;
304
305 if (error & AR9170_RX_ERROR_WRONG_RA) {
306 if (!ar->sniffer_enabled)
307 return -EINVAL;
308 }
309
310 if (error & AR9170_RX_ERROR_PLCP) {
311 if (!(ar->filter_state & FIF_PLCPFAIL))
312 return -EINVAL;
313
314 status->flag |= RX_FLAG_FAILED_PLCP_CRC;
315 }
316
317 if (error & AR9170_RX_ERROR_FCS) {
318 ar->tx_fcs_errors++;
319
320 if (!(ar->filter_state & FIF_FCSFAIL))
321 return -EINVAL;
322
323 status->flag |= RX_FLAG_FAILED_FCS_CRC;
324 }
325
326 decrypt = ar9170_get_decrypt_type(mac);
327 if (!(decrypt & AR9170_RX_ENC_SOFTWARE) &&
328 decrypt != AR9170_ENC_ALG_NONE) {
329 if ((decrypt == AR9170_ENC_ALG_TKIP) &&
330 (error & AR9170_RX_ERROR_MMIC))
331 status->flag |= RX_FLAG_MMIC_ERROR;
332
333 status->flag |= RX_FLAG_DECRYPTED;
334 }
335
336 if (error & AR9170_RX_ERROR_DECRYPT && !ar->sniffer_enabled)
337 return -ENODATA;
338
339 error &= ~(AR9170_RX_ERROR_MMIC |
340 AR9170_RX_ERROR_FCS |
341 AR9170_RX_ERROR_WRONG_RA |
342 AR9170_RX_ERROR_DECRYPT |
343 AR9170_RX_ERROR_PLCP);
344
345 /* drop any other error frames */
346 if (unlikely(error)) {
347 /* TODO: update netdevice's RX dropped/errors statistics */
348
349 if (net_ratelimit())
350 wiphy_dbg(ar->hw->wiphy, "received frame with "
351 "suspicious error code (%#x).\n", error);
352
353 return -EINVAL;
354 }
355
356 chan = ar->channel;
357 if (chan) {
358 status->band = chan->band;
359 status->freq = chan->center_freq;
360 }
361
362 switch (mac->status & AR9170_RX_STATUS_MODULATION) {
363 case AR9170_RX_STATUS_MODULATION_CCK:
364 if (mac->status & AR9170_RX_STATUS_SHORT_PREAMBLE)
365 status->flag |= RX_FLAG_SHORTPRE;
366 switch (head->plcp[0]) {
367 case AR9170_RX_PHY_RATE_CCK_1M:
368 status->rate_idx = 0;
369 break;
370 case AR9170_RX_PHY_RATE_CCK_2M:
371 status->rate_idx = 1;
372 break;
373 case AR9170_RX_PHY_RATE_CCK_5M:
374 status->rate_idx = 2;
375 break;
376 case AR9170_RX_PHY_RATE_CCK_11M:
377 status->rate_idx = 3;
378 break;
379 default:
380 if (net_ratelimit()) {
381 wiphy_err(ar->hw->wiphy, "invalid plcp cck "
382 "rate (%x).\n", head->plcp[0]);
383 }
384
385 return -EINVAL;
386 }
387 break;
388
389 case AR9170_RX_STATUS_MODULATION_DUPOFDM:
390 case AR9170_RX_STATUS_MODULATION_OFDM:
391 switch (head->plcp[0] & 0xf) {
392 case AR9170_TXRX_PHY_RATE_OFDM_6M:
393 status->rate_idx = 0;
394 break;
395 case AR9170_TXRX_PHY_RATE_OFDM_9M:
396 status->rate_idx = 1;
397 break;
398 case AR9170_TXRX_PHY_RATE_OFDM_12M:
399 status->rate_idx = 2;
400 break;
401 case AR9170_TXRX_PHY_RATE_OFDM_18M:
402 status->rate_idx = 3;
403 break;
404 case AR9170_TXRX_PHY_RATE_OFDM_24M:
405 status->rate_idx = 4;
406 break;
407 case AR9170_TXRX_PHY_RATE_OFDM_36M:
408 status->rate_idx = 5;
409 break;
410 case AR9170_TXRX_PHY_RATE_OFDM_48M:
411 status->rate_idx = 6;
412 break;
413 case AR9170_TXRX_PHY_RATE_OFDM_54M:
414 status->rate_idx = 7;
415 break;
416 default:
417 if (net_ratelimit()) {
418 wiphy_err(ar->hw->wiphy, "invalid plcp ofdm "
419 "rate (%x).\n", head->plcp[0]);
420 }
421
422 return -EINVAL;
423 }
424 if (status->band == IEEE80211_BAND_2GHZ)
425 status->rate_idx += 4;
426 break;
427
428 case AR9170_RX_STATUS_MODULATION_HT:
429 if (head->plcp[3] & 0x80)
430 status->flag |= RX_FLAG_40MHZ;
431 if (head->plcp[6] & 0x80)
432 status->flag |= RX_FLAG_SHORT_GI;
433
434 status->rate_idx = clamp(0, 75, head->plcp[3] & 0x7f);
435 status->flag |= RX_FLAG_HT;
436 break;
437
438 default:
439 BUG();
440 return -ENOSYS;
441 }
442
443 return 0;
444 }
445
446 static void carl9170_rx_phy_status(struct ar9170 *ar,
447 struct ar9170_rx_phystatus *phy, struct ieee80211_rx_status *status)
448 {
449 int i;
450
451 BUILD_BUG_ON(sizeof(struct ar9170_rx_phystatus) != 20);
452
453 for (i = 0; i < 3; i++)
454 if (phy->rssi[i] != 0x80)
455 status->antenna |= BIT(i);
456
457 /* post-process RSSI */
458 for (i = 0; i < 7; i++)
459 if (phy->rssi[i] & 0x80)
460 phy->rssi[i] = ((phy->rssi[i] & 0x7f) + 1) & 0x7f;
461
462 /* TODO: we could do something with phy_errors */
463 status->signal = ar->noise[0] + phy->rssi_combined;
464 }
465
466 static struct sk_buff *carl9170_rx_copy_data(u8 *buf, int len)
467 {
468 struct sk_buff *skb;
469 int reserved = 0;
470 struct ieee80211_hdr *hdr = (void *) buf;
471
472 if (ieee80211_is_data_qos(hdr->frame_control)) {
473 u8 *qc = ieee80211_get_qos_ctl(hdr);
474 reserved += NET_IP_ALIGN;
475
476 if (*qc & IEEE80211_QOS_CTL_A_MSDU_PRESENT)
477 reserved += NET_IP_ALIGN;
478 }
479
480 if (ieee80211_has_a4(hdr->frame_control))
481 reserved += NET_IP_ALIGN;
482
483 reserved = 32 + (reserved & NET_IP_ALIGN);
484
485 skb = dev_alloc_skb(len + reserved);
486 if (likely(skb)) {
487 skb_reserve(skb, reserved);
488 memcpy(skb_put(skb, len), buf, len);
489 }
490
491 return skb;
492 }
493
494 static u8 *carl9170_find_ie(u8 *data, unsigned int len, u8 ie)
495 {
496 struct ieee80211_mgmt *mgmt = (void *)data;
497 u8 *pos, *end;
498
499 pos = (u8 *)mgmt->u.beacon.variable;
500 end = data + len;
501 while (pos < end) {
502 if (pos + 2 + pos[1] > end)
503 return NULL;
504
505 if (pos[0] == ie)
506 return pos;
507
508 pos += 2 + pos[1];
509 }
510 return NULL;
511 }
512
513 /*
514 * NOTE:
515 *
516 * The firmware is in charge of waking up the device just before
517 * the AP is expected to transmit the next beacon.
518 *
519 * This leaves the driver with the important task of deciding when
520 * to set the PHY back to bed again.
521 */
522 static void carl9170_ps_beacon(struct ar9170 *ar, void *data, unsigned int len)
523 {
524 struct ieee80211_hdr *hdr = data;
525 struct ieee80211_tim_ie *tim_ie;
526 u8 *tim;
527 u8 tim_len;
528 bool cam;
529
530 if (likely(!(ar->hw->conf.flags & IEEE80211_CONF_PS)))
531 return;
532
533 /* check if this really is a beacon */
534 if (!ieee80211_is_beacon(hdr->frame_control))
535 return;
536
537 /* min. beacon length + FCS_LEN */
538 if (len <= 40 + FCS_LEN)
539 return;
540
541 /* and only beacons from the associated BSSID, please */
542 if (!ether_addr_equal(hdr->addr3, ar->common.curbssid) ||
543 !ar->common.curaid)
544 return;
545
546 ar->ps.last_beacon = jiffies;
547
548 tim = carl9170_find_ie(data, len - FCS_LEN, WLAN_EID_TIM);
549 if (!tim)
550 return;
551
552 if (tim[1] < sizeof(*tim_ie))
553 return;
554
555 tim_len = tim[1];
556 tim_ie = (struct ieee80211_tim_ie *) &tim[2];
557
558 if (!WARN_ON_ONCE(!ar->hw->conf.ps_dtim_period))
559 ar->ps.dtim_counter = (tim_ie->dtim_count - 1) %
560 ar->hw->conf.ps_dtim_period;
561
562 /* Check whenever the PHY can be turned off again. */
563
564 /* 1. What about buffered unicast traffic for our AID? */
565 cam = ieee80211_check_tim(tim_ie, tim_len, ar->common.curaid);
566
567 /* 2. Maybe the AP wants to send multicast/broadcast data? */
568 cam |= !!(tim_ie->bitmap_ctrl & 0x01);
569
570 if (!cam) {
571 /* back to low-power land. */
572 ar->ps.off_override &= ~PS_OFF_BCN;
573 carl9170_ps_check(ar);
574 } else {
575 /* force CAM */
576 ar->ps.off_override |= PS_OFF_BCN;
577 }
578 }
579
580 static void carl9170_ba_check(struct ar9170 *ar, void *data, unsigned int len)
581 {
582 struct ieee80211_bar *bar = (void *) data;
583 struct carl9170_bar_list_entry *entry;
584 unsigned int queue;
585
586 if (likely(!ieee80211_is_back(bar->frame_control)))
587 return;
588
589 if (len <= sizeof(*bar) + FCS_LEN)
590 return;
591
592 queue = TID_TO_WME_AC(((le16_to_cpu(bar->control) &
593 IEEE80211_BAR_CTRL_TID_INFO_MASK) >>
594 IEEE80211_BAR_CTRL_TID_INFO_SHIFT) & 7);
595
596 rcu_read_lock();
597 list_for_each_entry_rcu(entry, &ar->bar_list[queue], list) {
598 struct sk_buff *entry_skb = entry->skb;
599 struct _carl9170_tx_superframe *super = (void *)entry_skb->data;
600 struct ieee80211_bar *entry_bar = (void *)super->frame_data;
601
602 #define TID_CHECK(a, b) ( \
603 ((a) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK)) == \
604 ((b) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK))) \
605
606 if (bar->start_seq_num == entry_bar->start_seq_num &&
607 TID_CHECK(bar->control, entry_bar->control) &&
608 compare_ether_addr(bar->ra, entry_bar->ta) == 0 &&
609 compare_ether_addr(bar->ta, entry_bar->ra) == 0) {
610 struct ieee80211_tx_info *tx_info;
611
612 tx_info = IEEE80211_SKB_CB(entry_skb);
613 tx_info->flags |= IEEE80211_TX_STAT_ACK;
614
615 spin_lock_bh(&ar->bar_list_lock[queue]);
616 list_del_rcu(&entry->list);
617 spin_unlock_bh(&ar->bar_list_lock[queue]);
618 kfree_rcu(entry, head);
619 break;
620 }
621 }
622 rcu_read_unlock();
623
624 #undef TID_CHECK
625 }
626
627 static bool carl9170_ampdu_check(struct ar9170 *ar, u8 *buf, u8 ms)
628 {
629 __le16 fc;
630
631 if ((ms & AR9170_RX_STATUS_MPDU) == AR9170_RX_STATUS_MPDU_SINGLE) {
632 /*
633 * This frame is not part of an aMPDU.
634 * Therefore it is not subjected to any
635 * of the following content restrictions.
636 */
637 return true;
638 }
639
640 /*
641 * "802.11n - 7.4a.3 A-MPDU contents" describes in which contexts
642 * certain frame types can be part of an aMPDU.
643 *
644 * In order to keep the processing cost down, I opted for a
645 * stateless filter solely based on the frame control field.
646 */
647
648 fc = ((struct ieee80211_hdr *)buf)->frame_control;
649 if (ieee80211_is_data_qos(fc) && ieee80211_is_data_present(fc))
650 return true;
651
652 if (ieee80211_is_ack(fc) || ieee80211_is_back(fc) ||
653 ieee80211_is_back_req(fc))
654 return true;
655
656 if (ieee80211_is_action(fc))
657 return true;
658
659 return false;
660 }
661
662 /*
663 * If the frame alignment is right (or the kernel has
664 * CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS), and there
665 * is only a single MPDU in the USB frame, then we could
666 * submit to mac80211 the SKB directly. However, since
667 * there may be multiple packets in one SKB in stream
668 * mode, and we need to observe the proper ordering,
669 * this is non-trivial.
670 */
671
672 static void carl9170_handle_mpdu(struct ar9170 *ar, u8 *buf, int len)
673 {
674 struct ar9170_rx_head *head;
675 struct ar9170_rx_macstatus *mac;
676 struct ar9170_rx_phystatus *phy = NULL;
677 struct ieee80211_rx_status status;
678 struct sk_buff *skb;
679 int mpdu_len;
680 u8 mac_status;
681
682 if (!IS_STARTED(ar))
683 return;
684
685 if (unlikely(len < sizeof(*mac)))
686 goto drop;
687
688 mpdu_len = len - sizeof(*mac);
689
690 mac = (void *)(buf + mpdu_len);
691 mac_status = mac->status;
692 switch (mac_status & AR9170_RX_STATUS_MPDU) {
693 case AR9170_RX_STATUS_MPDU_FIRST:
694 /* Aggregated MPDUs start with an PLCP header */
695 if (likely(mpdu_len >= sizeof(struct ar9170_rx_head))) {
696 head = (void *) buf;
697
698 /*
699 * The PLCP header needs to be cached for the
700 * following MIDDLE + LAST A-MPDU packets.
701 *
702 * So, if you are wondering why all frames seem
703 * to share a common RX status information,
704 * then you have the answer right here...
705 */
706 memcpy(&ar->rx_plcp, (void *) buf,
707 sizeof(struct ar9170_rx_head));
708
709 mpdu_len -= sizeof(struct ar9170_rx_head);
710 buf += sizeof(struct ar9170_rx_head);
711
712 ar->rx_has_plcp = true;
713 } else {
714 if (net_ratelimit()) {
715 wiphy_err(ar->hw->wiphy, "plcp info "
716 "is clipped.\n");
717 }
718
719 goto drop;
720 }
721 break;
722
723 case AR9170_RX_STATUS_MPDU_LAST:
724 /*
725 * The last frame of an A-MPDU has an extra tail
726 * which does contain the phy status of the whole
727 * aggregate.
728 */
729
730 if (likely(mpdu_len >= sizeof(struct ar9170_rx_phystatus))) {
731 mpdu_len -= sizeof(struct ar9170_rx_phystatus);
732 phy = (void *)(buf + mpdu_len);
733 } else {
734 if (net_ratelimit()) {
735 wiphy_err(ar->hw->wiphy, "frame tail "
736 "is clipped.\n");
737 }
738
739 goto drop;
740 }
741
742 case AR9170_RX_STATUS_MPDU_MIDDLE:
743 /* These are just data + mac status */
744 if (unlikely(!ar->rx_has_plcp)) {
745 if (!net_ratelimit())
746 return;
747
748 wiphy_err(ar->hw->wiphy, "rx stream does not start "
749 "with a first_mpdu frame tag.\n");
750
751 goto drop;
752 }
753
754 head = &ar->rx_plcp;
755 break;
756
757 case AR9170_RX_STATUS_MPDU_SINGLE:
758 /* single mpdu has both: plcp (head) and phy status (tail) */
759 head = (void *) buf;
760
761 mpdu_len -= sizeof(struct ar9170_rx_head);
762 mpdu_len -= sizeof(struct ar9170_rx_phystatus);
763
764 buf += sizeof(struct ar9170_rx_head);
765 phy = (void *)(buf + mpdu_len);
766 break;
767
768 default:
769 BUG_ON(1);
770 break;
771 }
772
773 /* FC + DU + RA + FCS */
774 if (unlikely(mpdu_len < (2 + 2 + ETH_ALEN + FCS_LEN)))
775 goto drop;
776
777 memset(&status, 0, sizeof(status));
778 if (unlikely(carl9170_rx_mac_status(ar, head, mac, &status)))
779 goto drop;
780
781 if (!carl9170_ampdu_check(ar, buf, mac_status))
782 goto drop;
783
784 if (phy)
785 carl9170_rx_phy_status(ar, phy, &status);
786
787 carl9170_ps_beacon(ar, buf, mpdu_len);
788
789 carl9170_ba_check(ar, buf, mpdu_len);
790
791 skb = carl9170_rx_copy_data(buf, mpdu_len);
792 if (!skb)
793 goto drop;
794
795 memcpy(IEEE80211_SKB_RXCB(skb), &status, sizeof(status));
796 ieee80211_rx(ar->hw, skb);
797 return;
798
799 drop:
800 ar->rx_dropped++;
801 }
802
803 static void carl9170_rx_untie_cmds(struct ar9170 *ar, const u8 *respbuf,
804 const unsigned int resplen)
805 {
806 struct carl9170_rsp *cmd;
807 int i = 0;
808
809 while (i < resplen) {
810 cmd = (void *) &respbuf[i];
811
812 i += cmd->hdr.len + 4;
813 if (unlikely(i > resplen))
814 break;
815
816 carl9170_handle_command_response(ar, cmd, cmd->hdr.len + 4);
817 }
818
819 if (unlikely(i != resplen)) {
820 if (!net_ratelimit())
821 return;
822
823 wiphy_err(ar->hw->wiphy, "malformed firmware trap:\n");
824 print_hex_dump_bytes("rxcmd:", DUMP_PREFIX_OFFSET,
825 respbuf, resplen);
826 }
827 }
828
829 static void __carl9170_rx(struct ar9170 *ar, u8 *buf, unsigned int len)
830 {
831 unsigned int i = 0;
832
833 /* weird thing, but this is the same in the original driver */
834 while (len > 2 && i < 12 && buf[0] == 0xff && buf[1] == 0xff) {
835 i += 2;
836 len -= 2;
837 buf += 2;
838 }
839
840 if (unlikely(len < 4))
841 return;
842
843 /* found the 6 * 0xffff marker? */
844 if (i == 12)
845 carl9170_rx_untie_cmds(ar, buf, len);
846 else
847 carl9170_handle_mpdu(ar, buf, len);
848 }
849
850 static void carl9170_rx_stream(struct ar9170 *ar, void *buf, unsigned int len)
851 {
852 unsigned int tlen, wlen = 0, clen = 0;
853 struct ar9170_stream *rx_stream;
854 u8 *tbuf;
855
856 tbuf = buf;
857 tlen = len;
858
859 while (tlen >= 4) {
860 rx_stream = (void *) tbuf;
861 clen = le16_to_cpu(rx_stream->length);
862 wlen = ALIGN(clen, 4);
863
864 /* check if this is stream has a valid tag.*/
865 if (rx_stream->tag != cpu_to_le16(AR9170_RX_STREAM_TAG)) {
866 /*
867 * TODO: handle the highly unlikely event that the
868 * corrupted stream has the TAG at the right position.
869 */
870
871 /* check if the frame can be repaired. */
872 if (!ar->rx_failover_missing) {
873
874 /* this is not "short read". */
875 if (net_ratelimit()) {
876 wiphy_err(ar->hw->wiphy,
877 "missing tag!\n");
878 }
879
880 __carl9170_rx(ar, tbuf, tlen);
881 return;
882 }
883
884 if (ar->rx_failover_missing > tlen) {
885 if (net_ratelimit()) {
886 wiphy_err(ar->hw->wiphy,
887 "possible multi "
888 "stream corruption!\n");
889 goto err_telluser;
890 } else {
891 goto err_silent;
892 }
893 }
894
895 memcpy(skb_put(ar->rx_failover, tlen), tbuf, tlen);
896 ar->rx_failover_missing -= tlen;
897
898 if (ar->rx_failover_missing <= 0) {
899 /*
900 * nested carl9170_rx_stream call!
901 *
902 * termination is guaranteed, even when the
903 * combined frame also have an element with
904 * a bad tag.
905 */
906
907 ar->rx_failover_missing = 0;
908 carl9170_rx_stream(ar, ar->rx_failover->data,
909 ar->rx_failover->len);
910
911 skb_reset_tail_pointer(ar->rx_failover);
912 skb_trim(ar->rx_failover, 0);
913 }
914
915 return;
916 }
917
918 /* check if stream is clipped */
919 if (wlen > tlen - 4) {
920 if (ar->rx_failover_missing) {
921 /* TODO: handle double stream corruption. */
922 if (net_ratelimit()) {
923 wiphy_err(ar->hw->wiphy, "double rx "
924 "stream corruption!\n");
925 goto err_telluser;
926 } else {
927 goto err_silent;
928 }
929 }
930
931 /*
932 * save incomplete data set.
933 * the firmware will resend the missing bits when
934 * the rx - descriptor comes round again.
935 */
936
937 memcpy(skb_put(ar->rx_failover, tlen), tbuf, tlen);
938 ar->rx_failover_missing = clen - tlen;
939 return;
940 }
941 __carl9170_rx(ar, rx_stream->payload, clen);
942
943 tbuf += wlen + 4;
944 tlen -= wlen + 4;
945 }
946
947 if (tlen) {
948 if (net_ratelimit()) {
949 wiphy_err(ar->hw->wiphy, "%d bytes of unprocessed "
950 "data left in rx stream!\n", tlen);
951 }
952
953 goto err_telluser;
954 }
955
956 return;
957
958 err_telluser:
959 wiphy_err(ar->hw->wiphy, "damaged RX stream data [want:%d, "
960 "data:%d, rx:%d, pending:%d ]\n", clen, wlen, tlen,
961 ar->rx_failover_missing);
962
963 if (ar->rx_failover_missing)
964 print_hex_dump_bytes("rxbuf:", DUMP_PREFIX_OFFSET,
965 ar->rx_failover->data,
966 ar->rx_failover->len);
967
968 print_hex_dump_bytes("stream:", DUMP_PREFIX_OFFSET,
969 buf, len);
970
971 wiphy_err(ar->hw->wiphy, "please check your hardware and cables, if "
972 "you see this message frequently.\n");
973
974 err_silent:
975 if (ar->rx_failover_missing) {
976 skb_reset_tail_pointer(ar->rx_failover);
977 skb_trim(ar->rx_failover, 0);
978 ar->rx_failover_missing = 0;
979 }
980 }
981
982 void carl9170_rx(struct ar9170 *ar, void *buf, unsigned int len)
983 {
984 if (ar->fw.rx_stream)
985 carl9170_rx_stream(ar, buf, len);
986 else
987 __carl9170_rx(ar, buf, len);
988 }
Linux kernel - Deliverables
This page took 0.134858 seconds and 5 git commands to generate.