intersil/p54/txrx.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * Common code for mac80211 Prism54 drivers
0004  *
0005  * Copyright (c) 2006, Michael Wu <flamingice@sourmilk.net>
0006  * Copyright (c) 2007-2009, Christian Lamparter <chunkeey@web.de>
0007  * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
0008  *
0009  * Based on:
0010  * - the islsm (softmac prism54) driver, which is:
0011  *   Copyright 2004-2006 Jean-Baptiste Note <jbnote@gmail.com>, et al.
0012  * - stlc45xx driver
0013  *   Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies).
0014  */
0015
0016 #include <linux/export.h>
0017 #include <linux/firmware.h>
0018 #include <linux/etherdevice.h>
0019 #include <asm/div64.h>
0020
0021 #include <net/mac80211.h>
0022
0023 #include "p54.h"
0024 #include "lmac.h"
0025
0026 #ifdef P54_MM_DEBUG
0027 static void p54_dump_tx_queue(struct p54_common *priv)
0028 {
0029     unsigned long flags;
0030     struct ieee80211_tx_info *info;
0031     struct p54_tx_info *range;
0032     struct sk_buff *skb;
0033     struct p54_hdr *hdr;
0034     unsigned int i = 0;
0035     u32 prev_addr;
0036     u32 largest_hole = 0, free;
0037
0038     spin_lock_irqsave(&priv->tx_queue.lock, flags);
0039     wiphy_debug(priv->hw->wiphy, "/ --- tx queue dump (%d entries) ---\n",
0040             skb_queue_len(&priv->tx_queue));
0041
0042     prev_addr = priv->rx_start;
0043     skb_queue_walk(&priv->tx_queue, skb) {
0044         info = IEEE80211_SKB_CB(skb);
0045         range = (void *) info->rate_driver_data;
0046         hdr = (void *) skb->data;
0047
0048         free = range->start_addr - prev_addr;
0049         wiphy_debug(priv->hw->wiphy,
0050                 "| [%02d] => [skb:%p skb_len:0x%04x "
0051                 "hdr:{flags:%02x len:%04x req_id:%04x type:%02x} "
0052                 "mem:{start:%04x end:%04x, free:%d}]\n",
0053                 i++, skb, skb->len,
0054                 le16_to_cpu(hdr->flags), le16_to_cpu(hdr->len),
0055                 le32_to_cpu(hdr->req_id), le16_to_cpu(hdr->type),
0056                 range->start_addr, range->end_addr, free);
0057
0058         prev_addr = range->end_addr;
0059         largest_hole = max(largest_hole, free);
0060     }
0061     free = priv->rx_end - prev_addr;
0062     largest_hole = max(largest_hole, free);
0063     wiphy_debug(priv->hw->wiphy,
0064             "\\ --- [free: %d], largest free block: %d ---\n",
0065             free, largest_hole);
0066     spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
0067 }
0068 #endif /* P54_MM_DEBUG */
0069
0070 /*
0071  * So, the firmware is somewhat stupid and doesn't know what places in its
0072  * memory incoming data should go to. By poking around in the firmware, we
0073  * can find some unused memory to upload our packets to. However, data that we
0074  * want the card to TX needs to stay intact until the card has told us that
0075  * it is done with it. This function finds empty places we can upload to and
0076  * marks allocated areas as reserved if necessary. p54_find_and_unlink_skb or
0077  * p54_free_skb frees allocated areas.
0078  */
0079 static int p54_assign_address(struct p54_common *priv, struct sk_buff *skb)
0080 {
0081     struct sk_buff *entry, *target_skb = NULL;
0082     struct ieee80211_tx_info *info;
0083     struct p54_tx_info *range;
0084     struct p54_hdr *data = (void *) skb->data;
0085     unsigned long flags;
0086     u32 last_addr = priv->rx_start;
0087     u32 target_addr = priv->rx_start;
0088     u16 len = priv->headroom + skb->len + priv->tailroom + 3;
0089
0090     info = IEEE80211_SKB_CB(skb);
0091     range = (void *) info->rate_driver_data;
0092     len = (range->extra_len + len) & ~0x3;
0093
0094     spin_lock_irqsave(&priv->tx_queue.lock, flags);
0095     if (unlikely(skb_queue_len(&priv->tx_queue) == 32)) {
0096         /*
0097          * The tx_queue is now really full.
0098          *
0099          * TODO: check if the device has crashed and reset it.
0100          */
0101         spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
0102         return -EBUSY;
0103     }
0104
0105     skb_queue_walk(&priv->tx_queue, entry) {
0106         u32 hole_size;
0107         info = IEEE80211_SKB_CB(entry);
0108         range = (void *) info->rate_driver_data;
0109         hole_size = range->start_addr - last_addr;
0110
0111         if (!target_skb && hole_size >= len) {
0112             target_skb = entry->prev;
0113             hole_size -= len;
0114             target_addr = last_addr;
0115             break;
0116         }
0117         last_addr = range->end_addr;
0118     }
0119     if (unlikely(!target_skb)) {
0120         if (priv->rx_end - last_addr >= len) {
0121             target_skb = skb_peek_tail(&priv->tx_queue);
0122             if (target_skb) {
0123                 info = IEEE80211_SKB_CB(target_skb);
0124                 range = (void *)info->rate_driver_data;
0125                 target_addr = range->end_addr;
0126             }
0127         } else {
0128             spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
0129             return -ENOSPC;
0130         }
0131     }
0132
0133     info = IEEE80211_SKB_CB(skb);
0134     range = (void *) info->rate_driver_data;
0135     range->start_addr = target_addr;
0136     range->end_addr = target_addr + len;
0137     data->req_id = cpu_to_le32(target_addr + priv->headroom);
0138     if (IS_DATA_FRAME(skb) &&
0139         unlikely(GET_HW_QUEUE(skb) == P54_QUEUE_BEACON))
0140         priv->beacon_req_id = data->req_id;
0141
0142     if (target_skb)
0143         __skb_queue_after(&priv->tx_queue, target_skb, skb);
0144     else
0145         __skb_queue_head(&priv->tx_queue, skb);
0146     spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
0147     return 0;
0148 }
0149
0150 static void p54_tx_pending(struct p54_common *priv)
0151 {
0152     struct sk_buff *skb;
0153     int ret;
0154
0155     skb = skb_dequeue(&priv->tx_pending);
0156     if (unlikely(!skb))
0157         return ;
0158
0159     ret = p54_assign_address(priv, skb);
0160     if (unlikely(ret))
0161         skb_queue_head(&priv->tx_pending, skb);
0162     else
0163         priv->tx(priv->hw, skb);
0164 }
0165
0166 static void p54_wake_queues(struct p54_common *priv)
0167 {
0168     unsigned long flags;
0169     unsigned int i;
0170
0171     if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
0172         return ;
0173
0174     p54_tx_pending(priv);
0175
0176     spin_lock_irqsave(&priv->tx_stats_lock, flags);
0177     for (i = 0; i < priv->hw->queues; i++) {
0178         if (priv->tx_stats[i + P54_QUEUE_DATA].len <
0179             priv->tx_stats[i + P54_QUEUE_DATA].limit)
0180             ieee80211_wake_queue(priv->hw, i);
0181     }
0182     spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
0183 }
0184
0185 static int p54_tx_qos_accounting_alloc(struct p54_common *priv,
0186                        struct sk_buff *skb,
0187                        const u16 p54_queue)
0188 {
0189     struct p54_tx_queue_stats *queue;
0190     unsigned long flags;
0191
0192     if (WARN_ON(p54_queue >= P54_QUEUE_NUM))
0193         return -EINVAL;
0194
0195     queue = &priv->tx_stats[p54_queue];
0196
0197     spin_lock_irqsave(&priv->tx_stats_lock, flags);
0198     if (unlikely(queue->len >= queue->limit && IS_QOS_QUEUE(p54_queue))) {
0199         spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
0200         return -ENOSPC;
0201     }
0202
0203     queue->len++;
0204     queue->count++;
0205
0206     if (unlikely(queue->len == queue->limit && IS_QOS_QUEUE(p54_queue))) {
0207         u16 ac_queue = p54_queue - P54_QUEUE_DATA;
0208         ieee80211_stop_queue(priv->hw, ac_queue);
0209     }
0210
0211     spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
0212     return 0;
0213 }
0214
0215 static void p54_tx_qos_accounting_free(struct p54_common *priv,
0216                        struct sk_buff *skb)
0217 {
0218     if (IS_DATA_FRAME(skb)) {
0219         unsigned long flags;
0220
0221         spin_lock_irqsave(&priv->tx_stats_lock, flags);
0222         priv->tx_stats[GET_HW_QUEUE(skb)].len--;
0223         spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
0224
0225         if (unlikely(GET_HW_QUEUE(skb) == P54_QUEUE_BEACON)) {
0226             if (priv->beacon_req_id == GET_REQ_ID(skb)) {
0227                 /* this is the  active beacon set anymore */
0228                 priv->beacon_req_id = 0;
0229             }
0230             complete(&priv->beacon_comp);
0231         }
0232     }
0233     p54_wake_queues(priv);
0234 }
0235
0236 void p54_free_skb(struct ieee80211_hw *dev, struct sk_buff *skb)
0237 {
0238     struct p54_common *priv = dev->priv;
0239     if (unlikely(!skb))
0240         return ;
0241
0242     skb_unlink(skb, &priv->tx_queue);
0243     p54_tx_qos_accounting_free(priv, skb);
0244     ieee80211_free_txskb(dev, skb);
0245 }
0246 EXPORT_SYMBOL_GPL(p54_free_skb);
0247
0248 static struct sk_buff *p54_find_and_unlink_skb(struct p54_common *priv,
0249                            const __le32 req_id)
0250 {
0251     struct sk_buff *entry;
0252     unsigned long flags;
0253
0254     spin_lock_irqsave(&priv->tx_queue.lock, flags);
0255     skb_queue_walk(&priv->tx_queue, entry) {
0256         struct p54_hdr *hdr = (struct p54_hdr *) entry->data;
0257
0258         if (hdr->req_id == req_id) {
0259             __skb_unlink(entry, &priv->tx_queue);
0260             spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
0261             p54_tx_qos_accounting_free(priv, entry);
0262             return entry;
0263         }
0264     }
0265     spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
0266     return NULL;
0267 }
0268
0269 void p54_tx(struct p54_common *priv, struct sk_buff *skb)
0270 {
0271     skb_queue_tail(&priv->tx_pending, skb);
0272     p54_tx_pending(priv);
0273 }
0274
0275 static int p54_rssi_to_dbm(struct p54_common *priv, int rssi)
0276 {
0277     if (priv->rxhw != 5) {
0278         return ((rssi * priv->cur_rssi->mul) / 64 +
0279              priv->cur_rssi->add) / 4;
0280     } else {
0281         /*
0282          * TODO: find the correct formula
0283          */
0284         return rssi / 2 - 110;
0285     }
0286 }
0287
0288 /*
0289  * Even if the firmware is capable of dealing with incoming traffic,
0290  * while dozing, we have to prepared in case mac80211 uses PS-POLL
0291  * to retrieve outstanding frames from our AP.
0292  * (see comment in net/mac80211/mlme.c @ line 1993)
0293  */
0294 static void p54_pspoll_workaround(struct p54_common *priv, struct sk_buff *skb)
0295 {
0296     struct ieee80211_hdr *hdr = (void *) skb->data;
0297     struct ieee80211_tim_ie *tim_ie;
0298     u8 *tim;
0299     u8 tim_len;
0300     bool new_psm;
0301
0302     /* only beacons have a TIM IE */
0303     if (!ieee80211_is_beacon(hdr->frame_control))
0304         return;
0305
0306     if (!priv->aid)
0307         return;
0308
0309     /* only consider beacons from the associated BSSID */
0310     if (!ether_addr_equal_64bits(hdr->addr3, priv->bssid))
0311         return;
0312
0313     tim = p54_find_ie(skb, WLAN_EID_TIM);
0314     if (!tim)
0315         return;
0316
0317     tim_len = tim[1];
0318     tim_ie = (struct ieee80211_tim_ie *) &tim[2];
0319
0320     new_psm = ieee80211_check_tim(tim_ie, tim_len, priv->aid);
0321     if (new_psm != priv->powersave_override) {
0322         priv->powersave_override = new_psm;
0323         p54_set_ps(priv);
0324     }
0325 }
0326
0327 static int p54_rx_data(struct p54_common *priv, struct sk_buff *skb)
0328 {
0329     struct p54_rx_data *hdr = (struct p54_rx_data *) skb->data;
0330     struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
0331     u16 freq = le16_to_cpu(hdr->freq);
0332     size_t header_len = sizeof(*hdr);
0333     u32 tsf32;
0334     __le16 fc;
0335     u8 rate = hdr->rate & 0xf;
0336
0337     /*
0338      * If the device is in a unspecified state we have to
0339      * ignore all data frames. Else we could end up with a
0340      * nasty crash.
0341      */
0342     if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
0343         return 0;
0344
0345     if (!(hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_IN_FCS_GOOD)))
0346         return 0;
0347
0348     if (hdr->decrypt_status == P54_DECRYPT_OK)
0349         rx_status->flag |= RX_FLAG_DECRYPTED;
0350     if ((hdr->decrypt_status == P54_DECRYPT_FAIL_MICHAEL) ||
0351         (hdr->decrypt_status == P54_DECRYPT_FAIL_TKIP))
0352         rx_status->flag |= RX_FLAG_MMIC_ERROR;
0353
0354     rx_status->signal = p54_rssi_to_dbm(priv, hdr->rssi);
0355     if (hdr->rate & 0x10)
0356         rx_status->enc_flags |= RX_ENC_FLAG_SHORTPRE;
0357     if (priv->hw->conf.chandef.chan->band == NL80211_BAND_5GHZ)
0358         rx_status->rate_idx = (rate < 4) ? 0 : rate - 4;
0359     else
0360         rx_status->rate_idx = rate;
0361
0362     rx_status->freq = freq;
0363     rx_status->band =  priv->hw->conf.chandef.chan->band;
0364     rx_status->antenna = hdr->antenna;
0365
0366     tsf32 = le32_to_cpu(hdr->tsf32);
0367     if (tsf32 < priv->tsf_low32)
0368         priv->tsf_high32++;
0369     rx_status->mactime = ((u64)priv->tsf_high32) << 32 | tsf32;
0370     priv->tsf_low32 = tsf32;
0371
0372     /* LMAC API Page 10/29 - s_lm_data_in - clock
0373      * "usec accurate timestamp of hardware clock
0374      * at end of frame (before OFDM SIFS EOF padding"
0375      */
0376     rx_status->flag |= RX_FLAG_MACTIME_END;
0377
0378     if (hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_ALIGN))
0379         header_len += hdr->align[0];
0380
0381     skb_pull(skb, header_len);
0382     skb_trim(skb, le16_to_cpu(hdr->len));
0383
0384     fc = ((struct ieee80211_hdr *)skb->data)->frame_control;
0385     if (ieee80211_is_probe_resp(fc) || ieee80211_is_beacon(fc))
0386         rx_status->boottime_ns = ktime_get_boottime_ns();
0387
0388     if (unlikely(priv->hw->conf.flags & IEEE80211_CONF_PS))
0389         p54_pspoll_workaround(priv, skb);
0390
0391     ieee80211_rx_irqsafe(priv->hw, skb);
0392
0393     ieee80211_queue_delayed_work(priv->hw, &priv->work,
0394                msecs_to_jiffies(P54_STATISTICS_UPDATE));
0395
0396     return -1;
0397 }
0398
0399 static void p54_rx_frame_sent(struct p54_common *priv, struct sk_buff *skb)
0400 {
0401     struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
0402     struct p54_frame_sent *payload = (struct p54_frame_sent *) hdr->data;
0403     struct ieee80211_tx_info *info;
0404     struct p54_hdr *entry_hdr;
0405     struct p54_tx_data *entry_data;
0406     struct sk_buff *entry;
0407     unsigned int pad = 0, frame_len;
0408     int count, idx;
0409
0410     entry = p54_find_and_unlink_skb(priv, hdr->req_id);
0411     if (unlikely(!entry))
0412         return ;
0413
0414     frame_len = entry->len;
0415     info = IEEE80211_SKB_CB(entry);
0416     entry_hdr = (struct p54_hdr *) entry->data;
0417     entry_data = (struct p54_tx_data *) entry_hdr->data;
0418     priv->stats.dot11ACKFailureCount += payload->tries - 1;
0419
0420     /*
0421      * Frames in P54_QUEUE_FWSCAN and P54_QUEUE_BEACON are
0422      * generated by the driver. Therefore tx_status is bogus
0423      * and we don't want to confuse the mac80211 stack.
0424      */
0425     if (unlikely(entry_data->hw_queue < P54_QUEUE_FWSCAN)) {
0426         dev_kfree_skb_any(entry);
0427         return ;
0428     }
0429
0430     /*
0431      * Clear manually, ieee80211_tx_info_clear_status would
0432      * clear the counts too and we need them.
0433      */
0434     memset_after(&info->status, 0, rates);
0435
0436     if (entry_hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_ALIGN))
0437         pad = entry_data->align[0];
0438
0439     /* walk through the rates array and adjust the counts */
0440     count = payload->tries;
0441     for (idx = 0; idx < 4; idx++) {
0442         if (count >= info->status.rates[idx].count) {
0443             count -= info->status.rates[idx].count;
0444         } else if (count > 0) {
0445             info->status.rates[idx].count = count;
0446             count = 0;
0447         } else {
0448             info->status.rates[idx].idx = -1;
0449             info->status.rates[idx].count = 0;
0450         }
0451     }
0452
0453     if (!(info->flags & IEEE80211_TX_CTL_NO_ACK) &&
0454          !(payload->status & P54_TX_FAILED))
0455         info->flags |= IEEE80211_TX_STAT_ACK;
0456     if (payload->status & P54_TX_PSM_CANCELLED)
0457         info->flags |= IEEE80211_TX_STAT_TX_FILTERED;
0458     info->status.ack_signal = p54_rssi_to_dbm(priv,
0459                           (int)payload->ack_rssi);
0460
0461     /* Undo all changes to the frame. */
0462     switch (entry_data->key_type) {
0463     case P54_CRYPTO_TKIPMICHAEL: {
0464         u8 *iv = (u8 *)(entry_data->align + pad +
0465                 entry_data->crypt_offset);
0466
0467         /* Restore the original TKIP IV. */
0468         iv[2] = iv[0];
0469         iv[0] = iv[1];
0470         iv[1] = (iv[0] | 0x20) & 0x7f;  /* WEPSeed - 8.3.2.2 */
0471
0472         frame_len -= 12; /* remove TKIP_MMIC + TKIP_ICV */
0473         break;
0474         }
0475     case P54_CRYPTO_AESCCMP:
0476         frame_len -= 8; /* remove CCMP_MIC */
0477         break;
0478     case P54_CRYPTO_WEP:
0479         frame_len -= 4; /* remove WEP_ICV */
0480         break;
0481     }
0482
0483     skb_trim(entry, frame_len);
0484     skb_pull(entry, sizeof(*hdr) + pad + sizeof(*entry_data));
0485     ieee80211_tx_status_irqsafe(priv->hw, entry);
0486 }
0487
0488 static void p54_rx_eeprom_readback(struct p54_common *priv,
0489                    struct sk_buff *skb)
0490 {
0491     struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
0492     struct p54_eeprom_lm86 *eeprom = (struct p54_eeprom_lm86 *) hdr->data;
0493     struct sk_buff *tmp;
0494
0495     if (!priv->eeprom)
0496         return ;
0497
0498     if (priv->fw_var >= 0x509) {
0499         memcpy(priv->eeprom, eeprom->v2.data,
0500                le16_to_cpu(eeprom->v2.len));
0501     } else {
0502         memcpy(priv->eeprom, eeprom->v1.data,
0503                le16_to_cpu(eeprom->v1.len));
0504     }
0505
0506     priv->eeprom = NULL;
0507     tmp = p54_find_and_unlink_skb(priv, hdr->req_id);
0508     dev_kfree_skb_any(tmp);
0509     complete(&priv->eeprom_comp);
0510 }
0511
0512 static void p54_rx_stats(struct p54_common *priv, struct sk_buff *skb)
0513 {
0514     struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
0515     struct p54_statistics *stats = (struct p54_statistics *) hdr->data;
0516     struct sk_buff *tmp;
0517     struct ieee80211_channel *chan;
0518     unsigned int i, rssi, tx, cca, dtime, dtotal, dcca, dtx, drssi, unit;
0519     u32 tsf32;
0520
0521     if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
0522         return ;
0523
0524     tsf32 = le32_to_cpu(stats->tsf32);
0525     if (tsf32 < priv->tsf_low32)
0526         priv->tsf_high32++;
0527     priv->tsf_low32 = tsf32;
0528
0529     priv->stats.dot11RTSFailureCount = le32_to_cpu(stats->rts_fail);
0530     priv->stats.dot11RTSSuccessCount = le32_to_cpu(stats->rts_success);
0531     priv->stats.dot11FCSErrorCount = le32_to_cpu(stats->rx_bad_fcs);
0532
0533     priv->noise = p54_rssi_to_dbm(priv, le32_to_cpu(stats->noise));
0534
0535     /*
0536      * STSW450X LMAC API page 26 - 3.8 Statistics
0537      * "The exact measurement period can be derived from the
0538      * timestamp member".
0539      */
0540     dtime = tsf32 - priv->survey_raw.timestamp;
0541
0542     /*
0543      * STSW450X LMAC API page 26 - 3.8.1 Noise histogram
0544      * The LMAC samples RSSI, CCA and transmit state at regular
0545      * periods (typically 8 times per 1k [as in 1024] usec).
0546      */
0547     cca = le32_to_cpu(stats->sample_cca);
0548     tx = le32_to_cpu(stats->sample_tx);
0549     rssi = 0;
0550     for (i = 0; i < ARRAY_SIZE(stats->sample_noise); i++)
0551         rssi += le32_to_cpu(stats->sample_noise[i]);
0552
0553     dcca = cca - priv->survey_raw.cached_cca;
0554     drssi = rssi - priv->survey_raw.cached_rssi;
0555     dtx = tx - priv->survey_raw.cached_tx;
0556     dtotal = dcca + drssi + dtx;
0557
0558     /*
0559      * update statistics when more than a second is over since the
0560      * last call, or when a update is badly needed.
0561      */
0562     if (dtotal && (priv->update_stats || dtime >= USEC_PER_SEC) &&
0563         dtime >= dtotal) {
0564         priv->survey_raw.timestamp = tsf32;
0565         priv->update_stats = false;
0566         unit = dtime / dtotal;
0567
0568         if (dcca) {
0569             priv->survey_raw.cca += dcca * unit;
0570             priv->survey_raw.cached_cca = cca;
0571         }
0572         if (dtx) {
0573             priv->survey_raw.tx += dtx * unit;
0574             priv->survey_raw.cached_tx = tx;
0575         }
0576         if (drssi) {
0577             priv->survey_raw.rssi += drssi * unit;
0578             priv->survey_raw.cached_rssi = rssi;
0579         }
0580
0581         /* 1024 usec / 8 times = 128 usec / time */
0582         if (!(priv->phy_ps || priv->phy_idle))
0583             priv->survey_raw.active += dtotal * unit;
0584         else
0585             priv->survey_raw.active += (dcca + dtx) * unit;
0586     }
0587
0588     chan = priv->curchan;
0589     if (chan) {
0590         struct survey_info *survey = &priv->survey[chan->hw_value];
0591         survey->noise = clamp(priv->noise, -128, 127);
0592         survey->time = priv->survey_raw.active;
0593         survey->time_tx = priv->survey_raw.tx;
0594         survey->time_busy = priv->survey_raw.tx +
0595             priv->survey_raw.cca;
0596         do_div(survey->time, 1024);
0597         do_div(survey->time_tx, 1024);
0598         do_div(survey->time_busy, 1024);
0599     }
0600
0601     tmp = p54_find_and_unlink_skb(priv, hdr->req_id);
0602     dev_kfree_skb_any(tmp);
0603     complete(&priv->stat_comp);
0604 }
0605
0606 static void p54_rx_trap(struct p54_common *priv, struct sk_buff *skb)
0607 {
0608     struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
0609     struct p54_trap *trap = (struct p54_trap *) hdr->data;
0610     u16 event = le16_to_cpu(trap->event);
0611     u16 freq = le16_to_cpu(trap->frequency);
0612
0613     switch (event) {
0614     case P54_TRAP_BEACON_TX:
0615         break;
0616     case P54_TRAP_RADAR:
0617         wiphy_info(priv->hw->wiphy, "radar (freq:%d MHz)\n", freq);
0618         break;
0619     case P54_TRAP_NO_BEACON:
0620         if (priv->vif)
0621             ieee80211_beacon_loss(priv->vif);
0622         break;
0623     case P54_TRAP_SCAN:
0624         break;
0625     case P54_TRAP_TBTT:
0626         break;
0627     case P54_TRAP_TIMER:
0628         break;
0629     case P54_TRAP_FAA_RADIO_OFF:
0630         wiphy_rfkill_set_hw_state(priv->hw->wiphy, true);
0631         break;
0632     case P54_TRAP_FAA_RADIO_ON:
0633         wiphy_rfkill_set_hw_state(priv->hw->wiphy, false);
0634         break;
0635     default:
0636         wiphy_info(priv->hw->wiphy, "received event:%x freq:%d\n",
0637                event, freq);
0638         break;
0639     }
0640 }
0641
0642 static int p54_rx_control(struct p54_common *priv, struct sk_buff *skb)
0643 {
0644     struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
0645
0646     switch (le16_to_cpu(hdr->type)) {
0647     case P54_CONTROL_TYPE_TXDONE:
0648         p54_rx_frame_sent(priv, skb);
0649         break;
0650     case P54_CONTROL_TYPE_TRAP:
0651         p54_rx_trap(priv, skb);
0652         break;
0653     case P54_CONTROL_TYPE_BBP:
0654         break;
0655     case P54_CONTROL_TYPE_STAT_READBACK:
0656         p54_rx_stats(priv, skb);
0657         break;
0658     case P54_CONTROL_TYPE_EEPROM_READBACK:
0659         p54_rx_eeprom_readback(priv, skb);
0660         break;
0661     default:
0662         wiphy_debug(priv->hw->wiphy,
0663                 "not handling 0x%02x type control frame\n",
0664                 le16_to_cpu(hdr->type));
0665         break;
0666     }
0667     return 0;
0668 }
0669
0670 /* returns zero if skb can be reused */
0671 int p54_rx(struct ieee80211_hw *dev, struct sk_buff *skb)
0672 {
0673     struct p54_common *priv = dev->priv;
0674     u16 type = le16_to_cpu(*((__le16 *)skb->data));
0675
0676     if (type & P54_HDR_FLAG_CONTROL)
0677         return p54_rx_control(priv, skb);
0678     else
0679         return p54_rx_data(priv, skb);
0680 }
0681 EXPORT_SYMBOL_GPL(p54_rx);
0682
0683 static void p54_tx_80211_header(struct p54_common *priv, struct sk_buff *skb,
0684                 struct ieee80211_tx_info *info,
0685                 struct ieee80211_sta *sta,
0686                 u8 *queue, u32 *extra_len, u16 *flags, u16 *aid,
0687                 bool *burst_possible)
0688 {
0689     struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
0690
0691     if (ieee80211_is_data_qos(hdr->frame_control))
0692         *burst_possible = true;
0693     else
0694         *burst_possible = false;
0695
0696     if (!(info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ))
0697         *flags |= P54_HDR_FLAG_DATA_OUT_SEQNR;
0698
0699     if (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER)
0700         *flags |= P54_HDR_FLAG_DATA_OUT_NOCANCEL;
0701
0702     if (info->flags & IEEE80211_TX_CTL_CLEAR_PS_FILT)
0703         *flags |= P54_HDR_FLAG_DATA_OUT_NOCANCEL;
0704
0705     *queue = skb_get_queue_mapping(skb) + P54_QUEUE_DATA;
0706
0707     switch (priv->mode) {
0708     case NL80211_IFTYPE_MONITOR:
0709         /*
0710          * We have to set P54_HDR_FLAG_DATA_OUT_PROMISC for
0711          * every frame in promiscuous/monitor mode.
0712          * see STSW45x0C LMAC API - page 12.
0713          */
0714         *aid = 0;
0715         *flags |= P54_HDR_FLAG_DATA_OUT_PROMISC;
0716         break;
0717     case NL80211_IFTYPE_STATION:
0718         *aid = 1;
0719         break;
0720     case NL80211_IFTYPE_AP:
0721     case NL80211_IFTYPE_ADHOC:
0722     case NL80211_IFTYPE_MESH_POINT:
0723         if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) {
0724             *aid = 0;
0725             *queue = P54_QUEUE_CAB;
0726             return;
0727         }
0728
0729         if (unlikely(ieee80211_is_mgmt(hdr->frame_control))) {
0730             if (ieee80211_is_probe_resp(hdr->frame_control)) {
0731                 *aid = 0;
0732                 *flags |= P54_HDR_FLAG_DATA_OUT_TIMESTAMP |
0733                       P54_HDR_FLAG_DATA_OUT_NOCANCEL;
0734                 return;
0735             } else if (ieee80211_is_beacon(hdr->frame_control)) {
0736                 *aid = 0;
0737
0738                 if (info->flags & IEEE80211_TX_CTL_INJECTED) {
0739                     /*
0740                      * Injecting beacons on top of a AP is
0741                      * not a good idea... nevertheless,
0742                      * it should be doable.
0743                      */
0744
0745                     return;
0746                 }
0747
0748                 *flags |= P54_HDR_FLAG_DATA_OUT_TIMESTAMP;
0749                 *queue = P54_QUEUE_BEACON;
0750                 *extra_len = IEEE80211_MAX_TIM_LEN;
0751                 return;
0752             }
0753         }
0754
0755         if (sta)
0756             *aid = sta->aid;
0757         break;
0758     }
0759 }
0760
0761 static u8 p54_convert_algo(u32 cipher)
0762 {
0763     switch (cipher) {
0764     case WLAN_CIPHER_SUITE_WEP40:
0765     case WLAN_CIPHER_SUITE_WEP104:
0766         return P54_CRYPTO_WEP;
0767     case WLAN_CIPHER_SUITE_TKIP:
0768         return P54_CRYPTO_TKIPMICHAEL;
0769     case WLAN_CIPHER_SUITE_CCMP:
0770         return P54_CRYPTO_AESCCMP;
0771     default:
0772         return 0;
0773     }
0774 }
0775
0776 void p54_tx_80211(struct ieee80211_hw *dev,
0777           struct ieee80211_tx_control *control,
0778           struct sk_buff *skb)
0779 {
0780     struct p54_common *priv = dev->priv;
0781     struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
0782     struct p54_tx_info *p54info;
0783     struct p54_hdr *hdr;
0784     struct p54_tx_data *txhdr;
0785     unsigned int padding, len, extra_len = 0;
0786     int i, j, ridx;
0787     u16 hdr_flags = 0, aid = 0;
0788     u8 rate, queue = 0, crypt_offset = 0;
0789     u8 cts_rate = 0x20;
0790     u8 rc_flags;
0791     u8 calculated_tries[4];
0792     u8 nrates = 0, nremaining = 8;
0793     bool burst_allowed = false;
0794
0795     p54_tx_80211_header(priv, skb, info, control->sta, &queue, &extra_len,
0796                 &hdr_flags, &aid, &burst_allowed);
0797
0798     if (p54_tx_qos_accounting_alloc(priv, skb, queue)) {
0799         ieee80211_free_txskb(dev, skb);
0800         return;
0801     }
0802
0803     padding = (unsigned long)(skb->data - (sizeof(*hdr) + sizeof(*txhdr))) & 3;
0804     len = skb->len;
0805
0806     if (info->control.hw_key) {
0807         crypt_offset = ieee80211_get_hdrlen_from_skb(skb);
0808         if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
0809             u8 *iv = (u8 *)(skb->data + crypt_offset);
0810             /*
0811              * The firmware excepts that the IV has to have
0812              * this special format
0813              */
0814             iv[1] = iv[0];
0815             iv[0] = iv[2];
0816             iv[2] = 0;
0817         }
0818     }
0819
0820     txhdr = skb_push(skb, sizeof(*txhdr) + padding);
0821     hdr = skb_push(skb, sizeof(*hdr));
0822
0823     if (padding)
0824         hdr_flags |= P54_HDR_FLAG_DATA_ALIGN;
0825     hdr->type = cpu_to_le16(aid);
0826     hdr->rts_tries = info->control.rates[0].count;
0827
0828     /*
0829      * we register the rates in perfect order, and
0830      * RTS/CTS won't happen on 5 GHz
0831      */
0832     cts_rate = info->control.rts_cts_rate_idx;
0833
0834     memset(&txhdr->rateset, 0, sizeof(txhdr->rateset));
0835
0836     /* see how many rates got used */
0837     for (i = 0; i < dev->max_rates; i++) {
0838         if (info->control.rates[i].idx < 0)
0839             break;
0840         nrates++;
0841     }
0842
0843     /* limit tries to 8/nrates per rate */
0844     for (i = 0; i < nrates; i++) {
0845         /*
0846          * The magic expression here is equivalent to 8/nrates for
0847          * all values that matter, but avoids division and jumps.
0848          * Note that nrates can only take the values 1 through 4.
0849          */
0850         calculated_tries[i] = min_t(int, ((15 >> nrates) | 1) + 1,
0851                          info->control.rates[i].count);
0852         nremaining -= calculated_tries[i];
0853     }
0854
0855     /* if there are tries left, distribute from back to front */
0856     for (i = nrates - 1; nremaining > 0 && i >= 0; i--) {
0857         int tmp = info->control.rates[i].count - calculated_tries[i];
0858
0859         if (tmp <= 0)
0860             continue;
0861         /* RC requested more tries at this rate */
0862
0863         tmp = min_t(int, tmp, nremaining);
0864         calculated_tries[i] += tmp;
0865         nremaining -= tmp;
0866     }
0867
0868     ridx = 0;
0869     for (i = 0; i < nrates && ridx < 8; i++) {
0870         /* we register the rates in perfect order */
0871         rate = info->control.rates[i].idx;
0872         if (info->band == NL80211_BAND_5GHZ)
0873             rate += 4;
0874
0875         /* store the count we actually calculated for TX status */
0876         info->control.rates[i].count = calculated_tries[i];
0877
0878         rc_flags = info->control.rates[i].flags;
0879         if (rc_flags & IEEE80211_TX_RC_USE_SHORT_PREAMBLE) {
0880             rate |= 0x10;
0881             cts_rate |= 0x10;
0882         }
0883         if (rc_flags & IEEE80211_TX_RC_USE_RTS_CTS) {
0884             burst_allowed = false;
0885             rate |= 0x40;
0886         } else if (rc_flags & IEEE80211_TX_RC_USE_CTS_PROTECT) {
0887             rate |= 0x20;
0888             burst_allowed = false;
0889         }
0890         for (j = 0; j < calculated_tries[i] && ridx < 8; j++) {
0891             txhdr->rateset[ridx] = rate;
0892             ridx++;
0893         }
0894     }
0895
0896     if (burst_allowed)
0897         hdr_flags |= P54_HDR_FLAG_DATA_OUT_BURST;
0898
0899     /* TODO: enable bursting */
0900     hdr->flags = cpu_to_le16(hdr_flags);
0901     hdr->tries = ridx;
0902     txhdr->rts_rate_idx = 0;
0903     if (info->control.hw_key) {
0904         txhdr->key_type = p54_convert_algo(info->control.hw_key->cipher);
0905         txhdr->key_len = min((u8)16, info->control.hw_key->keylen);
0906         memcpy(txhdr->key, info->control.hw_key->key, txhdr->key_len);
0907         if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
0908             /* reserve space for the MIC key */
0909             len += 8;
0910             skb_put_data(skb,
0911                      &(info->control.hw_key->key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY]),
0912                      8);
0913         }
0914         /* reserve some space for ICV */
0915         len += info->control.hw_key->icv_len;
0916         skb_put_zero(skb, info->control.hw_key->icv_len);
0917     } else {
0918         txhdr->key_type = 0;
0919         txhdr->key_len = 0;
0920     }
0921     txhdr->crypt_offset = crypt_offset;
0922     txhdr->hw_queue = queue;
0923     txhdr->backlog = priv->tx_stats[queue].len - 1;
0924     memset(txhdr->durations, 0, sizeof(txhdr->durations));
0925     txhdr->tx_antenna = 2 & priv->tx_diversity_mask;
0926     if (priv->rxhw == 5) {
0927         txhdr->longbow.cts_rate = cts_rate;
0928         txhdr->longbow.output_power = cpu_to_le16(priv->output_power);
0929     } else {
0930         txhdr->normal.output_power = priv->output_power;
0931         txhdr->normal.cts_rate = cts_rate;
0932     }
0933     if (padding)
0934         txhdr->align[0] = padding;
0935
0936     hdr->len = cpu_to_le16(len);
0937     /* modifies skb->cb and with it info, so must be last! */
0938     p54info = (void *) info->rate_driver_data;
0939     p54info->extra_len = extra_len;
0940
0941     p54_tx(priv, skb);
0942 }