marvell/mwifiex/uap_txrx.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * NXP Wireless LAN device driver: AP TX and RX data handling
0004  *
0005  * Copyright 2011-2020 NXP
0006  */
0007
0008 #include "decl.h"
0009 #include "ioctl.h"
0010 #include "main.h"
0011 #include "wmm.h"
0012 #include "11n_aggr.h"
0013 #include "11n_rxreorder.h"
0014
0015 /* This function checks if particular RA list has packets more than low bridge
0016  * packet threshold and then deletes packet from this RA list.
0017  * Function deletes packets from such RA list and returns true. If no such list
0018  * is found, false is returned.
0019  */
0020 static bool
0021 mwifiex_uap_del_tx_pkts_in_ralist(struct mwifiex_private *priv,
0022                   struct list_head *ra_list_head,
0023                   int tid)
0024 {
0025     struct mwifiex_ra_list_tbl *ra_list;
0026     struct sk_buff *skb, *tmp;
0027     bool pkt_deleted = false;
0028     struct mwifiex_txinfo *tx_info;
0029     struct mwifiex_adapter *adapter = priv->adapter;
0030
0031     list_for_each_entry(ra_list, ra_list_head, list) {
0032         if (skb_queue_empty(&ra_list->skb_head))
0033             continue;
0034
0035         skb_queue_walk_safe(&ra_list->skb_head, skb, tmp) {
0036             tx_info = MWIFIEX_SKB_TXCB(skb);
0037             if (tx_info->flags & MWIFIEX_BUF_FLAG_BRIDGED_PKT) {
0038                 __skb_unlink(skb, &ra_list->skb_head);
0039                 mwifiex_write_data_complete(adapter, skb, 0,
0040                                 -1);
0041                 if (ra_list->tx_paused)
0042                     priv->wmm.pkts_paused[tid]--;
0043                 else
0044                     atomic_dec(&priv->wmm.tx_pkts_queued);
0045                 pkt_deleted = true;
0046             }
0047             if ((atomic_read(&adapter->pending_bridged_pkts) <=
0048                          MWIFIEX_BRIDGED_PKTS_THR_LOW))
0049                 break;
0050         }
0051     }
0052
0053     return pkt_deleted;
0054 }
0055
0056 /* This function deletes packets from particular RA List. RA list index
0057  * from which packets are deleted is preserved so that packets from next RA
0058  * list are deleted upon subsequent call thus maintaining fairness.
0059  */
0060 static void mwifiex_uap_cleanup_tx_queues(struct mwifiex_private *priv)
0061 {
0062     struct list_head *ra_list;
0063     int i;
0064
0065     spin_lock_bh(&priv->wmm.ra_list_spinlock);
0066
0067     for (i = 0; i < MAX_NUM_TID; i++, priv->del_list_idx++) {
0068         if (priv->del_list_idx == MAX_NUM_TID)
0069             priv->del_list_idx = 0;
0070         ra_list = &priv->wmm.tid_tbl_ptr[priv->del_list_idx].ra_list;
0071         if (mwifiex_uap_del_tx_pkts_in_ralist(priv, ra_list, i)) {
0072             priv->del_list_idx++;
0073             break;
0074         }
0075     }
0076
0077     spin_unlock_bh(&priv->wmm.ra_list_spinlock);
0078 }
0079
0080
0081 static void mwifiex_uap_queue_bridged_pkt(struct mwifiex_private *priv,
0082                      struct sk_buff *skb)
0083 {
0084     struct mwifiex_adapter *adapter = priv->adapter;
0085     struct uap_rxpd *uap_rx_pd;
0086     struct rx_packet_hdr *rx_pkt_hdr;
0087     struct sk_buff *new_skb;
0088     struct mwifiex_txinfo *tx_info;
0089     int hdr_chop;
0090     struct ethhdr *p_ethhdr;
0091     struct mwifiex_sta_node *src_node;
0092     int index;
0093
0094     uap_rx_pd = (struct uap_rxpd *)(skb->data);
0095     rx_pkt_hdr = (void *)uap_rx_pd + le16_to_cpu(uap_rx_pd->rx_pkt_offset);
0096
0097     if ((atomic_read(&adapter->pending_bridged_pkts) >=
0098                          MWIFIEX_BRIDGED_PKTS_THR_HIGH)) {
0099         mwifiex_dbg(priv->adapter, ERROR,
0100                 "Tx: Bridge packet limit reached. Drop packet!\n");
0101         kfree_skb(skb);
0102         mwifiex_uap_cleanup_tx_queues(priv);
0103         return;
0104     }
0105
0106     if ((!memcmp(&rx_pkt_hdr->rfc1042_hdr, bridge_tunnel_header,
0107              sizeof(bridge_tunnel_header))) ||
0108         (!memcmp(&rx_pkt_hdr->rfc1042_hdr, rfc1042_header,
0109              sizeof(rfc1042_header)) &&
0110          ntohs(rx_pkt_hdr->rfc1042_hdr.snap_type) != ETH_P_AARP &&
0111          ntohs(rx_pkt_hdr->rfc1042_hdr.snap_type) != ETH_P_IPX)) {
0112         /* Replace the 803 header and rfc1042 header (llc/snap) with
0113          * an Ethernet II header, keep the src/dst and snap_type
0114          * (ethertype).
0115          *
0116          * The firmware only passes up SNAP frames converting all RX
0117          * data from 802.11 to 802.2/LLC/SNAP frames.
0118          *
0119          * To create the Ethernet II, just move the src, dst address
0120          * right before the snap_type.
0121          */
0122         p_ethhdr = (struct ethhdr *)
0123             ((u8 *)(&rx_pkt_hdr->eth803_hdr)
0124              + sizeof(rx_pkt_hdr->eth803_hdr)
0125              + sizeof(rx_pkt_hdr->rfc1042_hdr)
0126              - sizeof(rx_pkt_hdr->eth803_hdr.h_dest)
0127              - sizeof(rx_pkt_hdr->eth803_hdr.h_source)
0128              - sizeof(rx_pkt_hdr->rfc1042_hdr.snap_type));
0129         memcpy(p_ethhdr->h_source, rx_pkt_hdr->eth803_hdr.h_source,
0130                sizeof(p_ethhdr->h_source));
0131         memcpy(p_ethhdr->h_dest, rx_pkt_hdr->eth803_hdr.h_dest,
0132                sizeof(p_ethhdr->h_dest));
0133         /* Chop off the rxpd + the excess memory from
0134          * 802.2/llc/snap header that was removed.
0135          */
0136         hdr_chop = (u8 *)p_ethhdr - (u8 *)uap_rx_pd;
0137     } else {
0138         /* Chop off the rxpd */
0139         hdr_chop = (u8 *)&rx_pkt_hdr->eth803_hdr - (u8 *)uap_rx_pd;
0140     }
0141
0142     /* Chop off the leading header bytes so that it points
0143      * to the start of either the reconstructed EthII frame
0144      * or the 802.2/llc/snap frame.
0145      */
0146     skb_pull(skb, hdr_chop);
0147
0148     if (skb_headroom(skb) < MWIFIEX_MIN_DATA_HEADER_LEN) {
0149         mwifiex_dbg(priv->adapter, ERROR,
0150                 "data: Tx: insufficient skb headroom %d\n",
0151                 skb_headroom(skb));
0152         /* Insufficient skb headroom - allocate a new skb */
0153         new_skb =
0154             skb_realloc_headroom(skb, MWIFIEX_MIN_DATA_HEADER_LEN);
0155         if (unlikely(!new_skb)) {
0156             mwifiex_dbg(priv->adapter, ERROR,
0157                     "Tx: cannot allocate new_skb\n");
0158             kfree_skb(skb);
0159             priv->stats.tx_dropped++;
0160             return;
0161         }
0162
0163         kfree_skb(skb);
0164         skb = new_skb;
0165         mwifiex_dbg(priv->adapter, INFO,
0166                 "info: new skb headroom %d\n",
0167                 skb_headroom(skb));
0168     }
0169
0170     tx_info = MWIFIEX_SKB_TXCB(skb);
0171     memset(tx_info, 0, sizeof(*tx_info));
0172     tx_info->bss_num = priv->bss_num;
0173     tx_info->bss_type = priv->bss_type;
0174     tx_info->flags |= MWIFIEX_BUF_FLAG_BRIDGED_PKT;
0175
0176     src_node = mwifiex_get_sta_entry(priv, rx_pkt_hdr->eth803_hdr.h_source);
0177     if (src_node) {
0178         src_node->stats.last_rx = jiffies;
0179         src_node->stats.rx_bytes += skb->len;
0180         src_node->stats.rx_packets++;
0181         src_node->stats.last_tx_rate = uap_rx_pd->rx_rate;
0182         src_node->stats.last_tx_htinfo = uap_rx_pd->ht_info;
0183     }
0184
0185     if (is_unicast_ether_addr(rx_pkt_hdr->eth803_hdr.h_dest)) {
0186         /* Update bridge packet statistics as the
0187          * packet is not going to kernel/upper layer.
0188          */
0189         priv->stats.rx_bytes += skb->len;
0190         priv->stats.rx_packets++;
0191
0192         /* Sending bridge packet to TX queue, so save the packet
0193          * length in TXCB to update statistics in TX complete.
0194          */
0195         tx_info->pkt_len = skb->len;
0196     }
0197
0198     __net_timestamp(skb);
0199
0200     index = mwifiex_1d_to_wmm_queue[skb->priority];
0201     atomic_inc(&priv->wmm_tx_pending[index]);
0202     mwifiex_wmm_add_buf_txqueue(priv, skb);
0203     atomic_inc(&adapter->tx_pending);
0204     atomic_inc(&adapter->pending_bridged_pkts);
0205
0206     mwifiex_queue_main_work(priv->adapter);
0207
0208     return;
0209 }
0210
0211 /*
0212  * This function contains logic for AP packet forwarding.
0213  *
0214  * If a packet is multicast/broadcast, it is sent to kernel/upper layer
0215  * as well as queued back to AP TX queue so that it can be sent to other
0216  * associated stations.
0217  * If a packet is unicast and RA is present in associated station list,
0218  * it is again requeued into AP TX queue.
0219  * If a packet is unicast and RA is not in associated station list,
0220  * packet is forwarded to kernel to handle routing logic.
0221  */
0222 int mwifiex_handle_uap_rx_forward(struct mwifiex_private *priv,
0223                   struct sk_buff *skb)
0224 {
0225     struct mwifiex_adapter *adapter = priv->adapter;
0226     struct uap_rxpd *uap_rx_pd;
0227     struct rx_packet_hdr *rx_pkt_hdr;
0228     u8 ra[ETH_ALEN];
0229     struct sk_buff *skb_uap;
0230
0231     uap_rx_pd = (struct uap_rxpd *)(skb->data);
0232     rx_pkt_hdr = (void *)uap_rx_pd + le16_to_cpu(uap_rx_pd->rx_pkt_offset);
0233
0234     /* don't do packet forwarding in disconnected state */
0235     if (!priv->media_connected) {
0236         mwifiex_dbg(adapter, ERROR,
0237                 "drop packet in disconnected state.\n");
0238         dev_kfree_skb_any(skb);
0239         return 0;
0240     }
0241
0242     memcpy(ra, rx_pkt_hdr->eth803_hdr.h_dest, ETH_ALEN);
0243
0244     if (is_multicast_ether_addr(ra)) {
0245         skb_uap = skb_copy(skb, GFP_ATOMIC);
0246         mwifiex_uap_queue_bridged_pkt(priv, skb_uap);
0247     } else {
0248         if (mwifiex_get_sta_entry(priv, ra)) {
0249             /* Requeue Intra-BSS packet */
0250             mwifiex_uap_queue_bridged_pkt(priv, skb);
0251             return 0;
0252         }
0253     }
0254
0255     /* Forward unicat/Inter-BSS packets to kernel. */
0256     return mwifiex_process_rx_packet(priv, skb);
0257 }
0258
0259 int mwifiex_uap_recv_packet(struct mwifiex_private *priv,
0260                 struct sk_buff *skb)
0261 {
0262     struct mwifiex_adapter *adapter = priv->adapter;
0263     struct mwifiex_sta_node *src_node;
0264     struct ethhdr *p_ethhdr;
0265     struct sk_buff *skb_uap;
0266     struct mwifiex_txinfo *tx_info;
0267
0268     if (!skb)
0269         return -1;
0270
0271     p_ethhdr = (void *)skb->data;
0272     src_node = mwifiex_get_sta_entry(priv, p_ethhdr->h_source);
0273     if (src_node) {
0274         src_node->stats.last_rx = jiffies;
0275         src_node->stats.rx_bytes += skb->len;
0276         src_node->stats.rx_packets++;
0277     }
0278
0279     if (is_multicast_ether_addr(p_ethhdr->h_dest) ||
0280         mwifiex_get_sta_entry(priv, p_ethhdr->h_dest)) {
0281         if (skb_headroom(skb) < MWIFIEX_MIN_DATA_HEADER_LEN)
0282             skb_uap =
0283             skb_realloc_headroom(skb, MWIFIEX_MIN_DATA_HEADER_LEN);
0284         else
0285             skb_uap = skb_copy(skb, GFP_ATOMIC);
0286
0287         if (likely(skb_uap)) {
0288             tx_info = MWIFIEX_SKB_TXCB(skb_uap);
0289             memset(tx_info, 0, sizeof(*tx_info));
0290             tx_info->bss_num = priv->bss_num;
0291             tx_info->bss_type = priv->bss_type;
0292             tx_info->flags |= MWIFIEX_BUF_FLAG_BRIDGED_PKT;
0293             __net_timestamp(skb_uap);
0294             mwifiex_wmm_add_buf_txqueue(priv, skb_uap);
0295             atomic_inc(&adapter->tx_pending);
0296             atomic_inc(&adapter->pending_bridged_pkts);
0297             if ((atomic_read(&adapter->pending_bridged_pkts) >=
0298                     MWIFIEX_BRIDGED_PKTS_THR_HIGH)) {
0299                 mwifiex_dbg(adapter, ERROR,
0300                         "Tx: Bridge packet limit reached. Drop packet!\n");
0301                 mwifiex_uap_cleanup_tx_queues(priv);
0302             }
0303
0304         } else {
0305             mwifiex_dbg(adapter, ERROR, "failed to allocate skb_uap");
0306         }
0307
0308         mwifiex_queue_main_work(adapter);
0309         /* Don't forward Intra-BSS unicast packet to upper layer*/
0310         if (mwifiex_get_sta_entry(priv, p_ethhdr->h_dest))
0311             return 0;
0312     }
0313
0314     skb->dev = priv->netdev;
0315     skb->protocol = eth_type_trans(skb, priv->netdev);
0316     skb->ip_summed = CHECKSUM_NONE;
0317
0318     /* This is required only in case of 11n and USB/PCIE as we alloc
0319      * a buffer of 4K only if its 11N (to be able to receive 4K
0320      * AMSDU packets). In case of SD we allocate buffers based
0321      * on the size of packet and hence this is not needed.
0322      *
0323      * Modifying the truesize here as our allocation for each
0324      * skb is 4K but we only receive 2K packets and this cause
0325      * the kernel to start dropping packets in case where
0326      * application has allocated buffer based on 2K size i.e.
0327      * if there a 64K packet received (in IP fragments and
0328      * application allocates 64K to receive this packet but
0329      * this packet would almost double up because we allocate
0330      * each 1.5K fragment in 4K and pass it up. As soon as the
0331      * 64K limit hits kernel will start to drop rest of the
0332      * fragments. Currently we fail the Filesndl-ht.scr script
0333      * for UDP, hence this fix
0334      */
0335     if ((adapter->iface_type == MWIFIEX_USB ||
0336          adapter->iface_type == MWIFIEX_PCIE) &&
0337         skb->truesize > MWIFIEX_RX_DATA_BUF_SIZE)
0338         skb->truesize += (skb->len - MWIFIEX_RX_DATA_BUF_SIZE);
0339
0340     /* Forward multicast/broadcast packet to upper layer*/
0341     netif_rx(skb);
0342     return 0;
0343 }
0344
0345 /*
0346  * This function processes the packet received on AP interface.
0347  *
0348  * The function looks into the RxPD and performs sanity tests on the
0349  * received buffer to ensure its a valid packet before processing it
0350  * further. If the packet is determined to be aggregated, it is
0351  * de-aggregated accordingly. Then skb is passed to AP packet forwarding logic.
0352  *
0353  * The completion callback is called after processing is complete.
0354  */
0355 int mwifiex_process_uap_rx_packet(struct mwifiex_private *priv,
0356                   struct sk_buff *skb)
0357 {
0358     struct mwifiex_adapter *adapter = priv->adapter;
0359     int ret;
0360     struct uap_rxpd *uap_rx_pd;
0361     struct rx_packet_hdr *rx_pkt_hdr;
0362     u16 rx_pkt_type;
0363     u8 ta[ETH_ALEN], pkt_type;
0364     struct mwifiex_sta_node *node;
0365
0366     uap_rx_pd = (struct uap_rxpd *)(skb->data);
0367     rx_pkt_type = le16_to_cpu(uap_rx_pd->rx_pkt_type);
0368     rx_pkt_hdr = (void *)uap_rx_pd + le16_to_cpu(uap_rx_pd->rx_pkt_offset);
0369
0370     ether_addr_copy(ta, rx_pkt_hdr->eth803_hdr.h_source);
0371
0372     if ((le16_to_cpu(uap_rx_pd->rx_pkt_offset) +
0373          le16_to_cpu(uap_rx_pd->rx_pkt_length)) > (u16) skb->len) {
0374         mwifiex_dbg(adapter, ERROR,
0375                 "wrong rx packet: len=%d, offset=%d, length=%d\n",
0376                 skb->len, le16_to_cpu(uap_rx_pd->rx_pkt_offset),
0377                 le16_to_cpu(uap_rx_pd->rx_pkt_length));
0378         priv->stats.rx_dropped++;
0379
0380         node = mwifiex_get_sta_entry(priv, ta);
0381         if (node)
0382             node->stats.tx_failed++;
0383
0384         dev_kfree_skb_any(skb);
0385         return 0;
0386     }
0387
0388     if (rx_pkt_type == PKT_TYPE_MGMT) {
0389         ret = mwifiex_process_mgmt_packet(priv, skb);
0390         if (ret)
0391             mwifiex_dbg(adapter, DATA, "Rx of mgmt packet failed");
0392         dev_kfree_skb_any(skb);
0393         return ret;
0394     }
0395
0396
0397     if (rx_pkt_type != PKT_TYPE_BAR && uap_rx_pd->priority < MAX_NUM_TID) {
0398         spin_lock_bh(&priv->sta_list_spinlock);
0399         node = mwifiex_get_sta_entry(priv, ta);
0400         if (node)
0401             node->rx_seq[uap_rx_pd->priority] =
0402                         le16_to_cpu(uap_rx_pd->seq_num);
0403         spin_unlock_bh(&priv->sta_list_spinlock);
0404     }
0405
0406     if (!priv->ap_11n_enabled ||
0407         (!mwifiex_11n_get_rx_reorder_tbl(priv, uap_rx_pd->priority, ta) &&
0408         (le16_to_cpu(uap_rx_pd->rx_pkt_type) != PKT_TYPE_AMSDU))) {
0409         ret = mwifiex_handle_uap_rx_forward(priv, skb);
0410         return ret;
0411     }
0412
0413     /* Reorder and send to kernel */
0414     pkt_type = (u8)le16_to_cpu(uap_rx_pd->rx_pkt_type);
0415     ret = mwifiex_11n_rx_reorder_pkt(priv, le16_to_cpu(uap_rx_pd->seq_num),
0416                      uap_rx_pd->priority, ta, pkt_type,
0417                      skb);
0418
0419     if (ret || (rx_pkt_type == PKT_TYPE_BAR))
0420         dev_kfree_skb_any(skb);
0421
0422     if (ret)
0423         priv->stats.rx_dropped++;
0424
0425     return ret;
0426 }
0427
0428 /*
0429  * This function fills the TxPD for AP tx packets.
0430  *
0431  * The Tx buffer received by this function should already have the
0432  * header space allocated for TxPD.
0433  *
0434  * This function inserts the TxPD in between interface header and actual
0435  * data and adjusts the buffer pointers accordingly.
0436  *
0437  * The following TxPD fields are set by this function, as required -
0438  *      - BSS number
0439  *      - Tx packet length and offset
0440  *      - Priority
0441  *      - Packet delay
0442  *      - Priority specific Tx control
0443  *      - Flags
0444  */
0445 void *mwifiex_process_uap_txpd(struct mwifiex_private *priv,
0446                    struct sk_buff *skb)
0447 {
0448     struct mwifiex_adapter *adapter = priv->adapter;
0449     struct uap_txpd *txpd;
0450     struct mwifiex_txinfo *tx_info = MWIFIEX_SKB_TXCB(skb);
0451     int pad;
0452     u16 pkt_type, pkt_offset;
0453     int hroom = adapter->intf_hdr_len;
0454
0455     if (!skb->len) {
0456         mwifiex_dbg(adapter, ERROR,
0457                 "Tx: bad packet length: %d\n", skb->len);
0458         tx_info->status_code = -1;
0459         return skb->data;
0460     }
0461
0462     BUG_ON(skb_headroom(skb) < MWIFIEX_MIN_DATA_HEADER_LEN);
0463
0464     pkt_type = mwifiex_is_skb_mgmt_frame(skb) ? PKT_TYPE_MGMT : 0;
0465
0466     pad = ((uintptr_t)skb->data - (sizeof(*txpd) + hroom)) &
0467            (MWIFIEX_DMA_ALIGN_SZ - 1);
0468
0469     skb_push(skb, sizeof(*txpd) + pad);
0470
0471     txpd = (struct uap_txpd *)skb->data;
0472     memset(txpd, 0, sizeof(*txpd));
0473     txpd->bss_num = priv->bss_num;
0474     txpd->bss_type = priv->bss_type;
0475     txpd->tx_pkt_length = cpu_to_le16((u16)(skb->len - (sizeof(*txpd) +
0476                         pad)));
0477     txpd->priority = (u8)skb->priority;
0478
0479     txpd->pkt_delay_2ms = mwifiex_wmm_compute_drv_pkt_delay(priv, skb);
0480
0481     if (tx_info->flags & MWIFIEX_BUF_FLAG_EAPOL_TX_STATUS ||
0482         tx_info->flags & MWIFIEX_BUF_FLAG_ACTION_TX_STATUS) {
0483         txpd->tx_token_id = tx_info->ack_frame_id;
0484         txpd->flags |= MWIFIEX_TXPD_FLAGS_REQ_TX_STATUS;
0485     }
0486
0487     if (txpd->priority < ARRAY_SIZE(priv->wmm.user_pri_pkt_tx_ctrl))
0488         /*
0489          * Set the priority specific tx_control field, setting of 0 will
0490          * cause the default value to be used later in this function.
0491          */
0492         txpd->tx_control =
0493             cpu_to_le32(priv->wmm.user_pri_pkt_tx_ctrl[txpd->priority]);
0494
0495     /* Offset of actual data */
0496     pkt_offset = sizeof(*txpd) + pad;
0497     if (pkt_type == PKT_TYPE_MGMT) {
0498         /* Set the packet type and add header for management frame */
0499         txpd->tx_pkt_type = cpu_to_le16(pkt_type);
0500         pkt_offset += MWIFIEX_MGMT_FRAME_HEADER_SIZE;
0501     }
0502
0503     txpd->tx_pkt_offset = cpu_to_le16(pkt_offset);
0504
0505     /* make space for adapter->intf_hdr_len */
0506     skb_push(skb, hroom);
0507
0508     if (!txpd->tx_control)
0509         /* TxCtrl set by user or default */
0510         txpd->tx_control = cpu_to_le32(priv->pkt_tx_ctrl);
0511
0512     return skb->data;
0513 }