1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18#include "core.h"
19#include "htc.h"
20#include "htt.h"
21#include "txrx.h"
22#include "debug.h"
23#include "trace.h"
24#include "mac.h"
25
26#include <linux/log2.h>
27
28#define HTT_RX_RING_SIZE HTT_RX_RING_SIZE_MAX
29#define HTT_RX_RING_FILL_LEVEL (((HTT_RX_RING_SIZE) / 2) - 1)
30
31
32#define HTT_RX_RING_REFILL_RETRY_MS 50
33
34#define HTT_RX_RING_REFILL_RESCHED_MS 5
35
36static int ath10k_htt_rx_get_csum_state(struct sk_buff *skb);
37
38static struct sk_buff *
39ath10k_htt_rx_find_skb_paddr(struct ath10k *ar, u32 paddr)
40{
41 struct ath10k_skb_rxcb *rxcb;
42
43 hash_for_each_possible(ar->htt.rx_ring.skb_table, rxcb, hlist, paddr)
44 if (rxcb->paddr == paddr)
45 return ATH10K_RXCB_SKB(rxcb);
46
47 WARN_ON_ONCE(1);
48 return NULL;
49}
50
51static void ath10k_htt_rx_ring_free(struct ath10k_htt *htt)
52{
53 struct sk_buff *skb;
54 struct ath10k_skb_rxcb *rxcb;
55 struct hlist_node *n;
56 int i;
57
58 if (htt->rx_ring.in_ord_rx) {
59 hash_for_each_safe(htt->rx_ring.skb_table, i, n, rxcb, hlist) {
60 skb = ATH10K_RXCB_SKB(rxcb);
61 dma_unmap_single(htt->ar->dev, rxcb->paddr,
62 skb->len + skb_tailroom(skb),
63 DMA_FROM_DEVICE);
64 hash_del(&rxcb->hlist);
65 dev_kfree_skb_any(skb);
66 }
67 } else {
68 for (i = 0; i < htt->rx_ring.size; i++) {
69 skb = htt->rx_ring.netbufs_ring[i];
70 if (!skb)
71 continue;
72
73 rxcb = ATH10K_SKB_RXCB(skb);
74 dma_unmap_single(htt->ar->dev, rxcb->paddr,
75 skb->len + skb_tailroom(skb),
76 DMA_FROM_DEVICE);
77 dev_kfree_skb_any(skb);
78 }
79 }
80
81 htt->rx_ring.fill_cnt = 0;
82 hash_init(htt->rx_ring.skb_table);
83 memset(htt->rx_ring.netbufs_ring, 0,
84 htt->rx_ring.size * sizeof(htt->rx_ring.netbufs_ring[0]));
85}
86
87static int __ath10k_htt_rx_ring_fill_n(struct ath10k_htt *htt, int num)
88{
89 struct htt_rx_desc *rx_desc;
90 struct ath10k_skb_rxcb *rxcb;
91 struct sk_buff *skb;
92 dma_addr_t paddr;
93 int ret = 0, idx;
94
95
96
97
98
99
100 BUILD_BUG_ON(HTT_RX_RING_FILL_LEVEL >= HTT_RX_RING_SIZE / 2);
101
102 idx = __le32_to_cpu(*htt->rx_ring.alloc_idx.vaddr);
103 while (num > 0) {
104 skb = dev_alloc_skb(HTT_RX_BUF_SIZE + HTT_RX_DESC_ALIGN);
105 if (!skb) {
106 ret = -ENOMEM;
107 goto fail;
108 }
109
110 if (!IS_ALIGNED((unsigned long)skb->data, HTT_RX_DESC_ALIGN))
111 skb_pull(skb,
112 PTR_ALIGN(skb->data, HTT_RX_DESC_ALIGN) -
113 skb->data);
114
115
116 rx_desc = (struct htt_rx_desc *)skb->data;
117 rx_desc->attention.flags = __cpu_to_le32(0);
118
119 paddr = dma_map_single(htt->ar->dev, skb->data,
120 skb->len + skb_tailroom(skb),
121 DMA_FROM_DEVICE);
122
123 if (unlikely(dma_mapping_error(htt->ar->dev, paddr))) {
124 dev_kfree_skb_any(skb);
125 ret = -ENOMEM;
126 goto fail;
127 }
128
129 rxcb = ATH10K_SKB_RXCB(skb);
130 rxcb->paddr = paddr;
131 htt->rx_ring.netbufs_ring[idx] = skb;
132 htt->rx_ring.paddrs_ring[idx] = __cpu_to_le32(paddr);
133 htt->rx_ring.fill_cnt++;
134
135 if (htt->rx_ring.in_ord_rx) {
136 hash_add(htt->rx_ring.skb_table,
137 &ATH10K_SKB_RXCB(skb)->hlist,
138 (u32)paddr);
139 }
140
141 num--;
142 idx++;
143 idx &= htt->rx_ring.size_mask;
144 }
145
146fail:
147
148
149
150
151 mb();
152 *htt->rx_ring.alloc_idx.vaddr = __cpu_to_le32(idx);
153 return ret;
154}
155
156static int ath10k_htt_rx_ring_fill_n(struct ath10k_htt *htt, int num)
157{
158 lockdep_assert_held(&htt->rx_ring.lock);
159 return __ath10k_htt_rx_ring_fill_n(htt, num);
160}
161
162static void ath10k_htt_rx_msdu_buff_replenish(struct ath10k_htt *htt)
163{
164 int ret, num_deficit, num_to_fill;
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181 spin_lock_bh(&htt->rx_ring.lock);
182 num_deficit = htt->rx_ring.fill_level - htt->rx_ring.fill_cnt;
183 num_to_fill = min(ATH10K_HTT_MAX_NUM_REFILL, num_deficit);
184 num_deficit -= num_to_fill;
185 ret = ath10k_htt_rx_ring_fill_n(htt, num_to_fill);
186 if (ret == -ENOMEM) {
187
188
189
190
191
192
193 mod_timer(&htt->rx_ring.refill_retry_timer, jiffies +
194 msecs_to_jiffies(HTT_RX_RING_REFILL_RETRY_MS));
195 } else if (num_deficit > 0) {
196 mod_timer(&htt->rx_ring.refill_retry_timer, jiffies +
197 msecs_to_jiffies(HTT_RX_RING_REFILL_RESCHED_MS));
198 }
199 spin_unlock_bh(&htt->rx_ring.lock);
200}
201
202static void ath10k_htt_rx_ring_refill_retry(unsigned long arg)
203{
204 struct ath10k_htt *htt = (struct ath10k_htt *)arg;
205
206 ath10k_htt_rx_msdu_buff_replenish(htt);
207}
208
209int ath10k_htt_rx_ring_refill(struct ath10k *ar)
210{
211 struct ath10k_htt *htt = &ar->htt;
212 int ret;
213
214 spin_lock_bh(&htt->rx_ring.lock);
215 ret = ath10k_htt_rx_ring_fill_n(htt, (htt->rx_ring.fill_level -
216 htt->rx_ring.fill_cnt));
217 spin_unlock_bh(&htt->rx_ring.lock);
218
219 if (ret)
220 ath10k_htt_rx_ring_free(htt);
221
222 return ret;
223}
224
225void ath10k_htt_rx_free(struct ath10k_htt *htt)
226{
227 del_timer_sync(&htt->rx_ring.refill_retry_timer);
228
229 skb_queue_purge(&htt->rx_compl_q);
230 skb_queue_purge(&htt->rx_in_ord_compl_q);
231 skb_queue_purge(&htt->tx_fetch_ind_q);
232
233 ath10k_htt_rx_ring_free(htt);
234
235 dma_free_coherent(htt->ar->dev,
236 (htt->rx_ring.size *
237 sizeof(htt->rx_ring.paddrs_ring)),
238 htt->rx_ring.paddrs_ring,
239 htt->rx_ring.base_paddr);
240
241 dma_free_coherent(htt->ar->dev,
242 sizeof(*htt->rx_ring.alloc_idx.vaddr),
243 htt->rx_ring.alloc_idx.vaddr,
244 htt->rx_ring.alloc_idx.paddr);
245
246 kfree(htt->rx_ring.netbufs_ring);
247}
248
249static inline struct sk_buff *ath10k_htt_rx_netbuf_pop(struct ath10k_htt *htt)
250{
251 struct ath10k *ar = htt->ar;
252 int idx;
253 struct sk_buff *msdu;
254
255 lockdep_assert_held(&htt->rx_ring.lock);
256
257 if (htt->rx_ring.fill_cnt == 0) {
258 ath10k_warn(ar, "tried to pop sk_buff from an empty rx ring\n");
259 return NULL;
260 }
261
262 idx = htt->rx_ring.sw_rd_idx.msdu_payld;
263 msdu = htt->rx_ring.netbufs_ring[idx];
264 htt->rx_ring.netbufs_ring[idx] = NULL;
265 htt->rx_ring.paddrs_ring[idx] = 0;
266
267 idx++;
268 idx &= htt->rx_ring.size_mask;
269 htt->rx_ring.sw_rd_idx.msdu_payld = idx;
270 htt->rx_ring.fill_cnt--;
271
272 dma_unmap_single(htt->ar->dev,
273 ATH10K_SKB_RXCB(msdu)->paddr,
274 msdu->len + skb_tailroom(msdu),
275 DMA_FROM_DEVICE);
276 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt rx netbuf pop: ",
277 msdu->data, msdu->len + skb_tailroom(msdu));
278
279 return msdu;
280}
281
282
283static int ath10k_htt_rx_amsdu_pop(struct ath10k_htt *htt,
284 struct sk_buff_head *amsdu)
285{
286 struct ath10k *ar = htt->ar;
287 int msdu_len, msdu_chaining = 0;
288 struct sk_buff *msdu;
289 struct htt_rx_desc *rx_desc;
290
291 lockdep_assert_held(&htt->rx_ring.lock);
292
293 for (;;) {
294 int last_msdu, msdu_len_invalid, msdu_chained;
295
296 msdu = ath10k_htt_rx_netbuf_pop(htt);
297 if (!msdu) {
298 __skb_queue_purge(amsdu);
299 return -ENOENT;
300 }
301
302 __skb_queue_tail(amsdu, msdu);
303
304 rx_desc = (struct htt_rx_desc *)msdu->data;
305
306
307
308 skb_put(msdu, offsetof(struct htt_rx_desc, msdu_payload));
309 skb_pull(msdu, offsetof(struct htt_rx_desc, msdu_payload));
310
311
312
313
314
315
316
317
318
319 if (!(__le32_to_cpu(rx_desc->attention.flags)
320 & RX_ATTENTION_FLAGS_MSDU_DONE)) {
321 __skb_queue_purge(amsdu);
322 return -EIO;
323 }
324
325 msdu_len_invalid = !!(__le32_to_cpu(rx_desc->attention.flags)
326 & (RX_ATTENTION_FLAGS_MPDU_LENGTH_ERR |
327 RX_ATTENTION_FLAGS_MSDU_LENGTH_ERR));
328 msdu_len = MS(__le32_to_cpu(rx_desc->msdu_start.common.info0),
329 RX_MSDU_START_INFO0_MSDU_LENGTH);
330 msdu_chained = rx_desc->frag_info.ring2_more_count;
331
332 if (msdu_len_invalid)
333 msdu_len = 0;
334
335 skb_trim(msdu, 0);
336 skb_put(msdu, min(msdu_len, HTT_RX_MSDU_SIZE));
337 msdu_len -= msdu->len;
338
339
340 while (msdu_chained--) {
341 msdu = ath10k_htt_rx_netbuf_pop(htt);
342 if (!msdu) {
343 __skb_queue_purge(amsdu);
344 return -ENOENT;
345 }
346
347 __skb_queue_tail(amsdu, msdu);
348 skb_trim(msdu, 0);
349 skb_put(msdu, min(msdu_len, HTT_RX_BUF_SIZE));
350 msdu_len -= msdu->len;
351 msdu_chaining = 1;
352 }
353
354 last_msdu = __le32_to_cpu(rx_desc->msdu_end.common.info0) &
355 RX_MSDU_END_INFO0_LAST_MSDU;
356
357 trace_ath10k_htt_rx_desc(ar, &rx_desc->attention,
358 sizeof(*rx_desc) - sizeof(u32));
359
360 if (last_msdu)
361 break;
362 }
363
364 if (skb_queue_empty(amsdu))
365 msdu_chaining = -1;
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380 return msdu_chaining;
381}
382
383static struct sk_buff *ath10k_htt_rx_pop_paddr(struct ath10k_htt *htt,
384 u32 paddr)
385{
386 struct ath10k *ar = htt->ar;
387 struct ath10k_skb_rxcb *rxcb;
388 struct sk_buff *msdu;
389
390 lockdep_assert_held(&htt->rx_ring.lock);
391
392 msdu = ath10k_htt_rx_find_skb_paddr(ar, paddr);
393 if (!msdu)
394 return NULL;
395
396 rxcb = ATH10K_SKB_RXCB(msdu);
397 hash_del(&rxcb->hlist);
398 htt->rx_ring.fill_cnt--;
399
400 dma_unmap_single(htt->ar->dev, rxcb->paddr,
401 msdu->len + skb_tailroom(msdu),
402 DMA_FROM_DEVICE);
403 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt rx netbuf pop: ",
404 msdu->data, msdu->len + skb_tailroom(msdu));
405
406 return msdu;
407}
408
409static int ath10k_htt_rx_pop_paddr_list(struct ath10k_htt *htt,
410 struct htt_rx_in_ord_ind *ev,
411 struct sk_buff_head *list)
412{
413 struct ath10k *ar = htt->ar;
414 struct htt_rx_in_ord_msdu_desc *msdu_desc = ev->msdu_descs;
415 struct htt_rx_desc *rxd;
416 struct sk_buff *msdu;
417 int msdu_count;
418 bool is_offload;
419 u32 paddr;
420
421 lockdep_assert_held(&htt->rx_ring.lock);
422
423 msdu_count = __le16_to_cpu(ev->msdu_count);
424 is_offload = !!(ev->info & HTT_RX_IN_ORD_IND_INFO_OFFLOAD_MASK);
425
426 while (msdu_count--) {
427 paddr = __le32_to_cpu(msdu_desc->msdu_paddr);
428
429 msdu = ath10k_htt_rx_pop_paddr(htt, paddr);
430 if (!msdu) {
431 __skb_queue_purge(list);
432 return -ENOENT;
433 }
434
435 __skb_queue_tail(list, msdu);
436
437 if (!is_offload) {
438 rxd = (void *)msdu->data;
439
440 trace_ath10k_htt_rx_desc(ar, rxd, sizeof(*rxd));
441
442 skb_put(msdu, sizeof(*rxd));
443 skb_pull(msdu, sizeof(*rxd));
444 skb_put(msdu, __le16_to_cpu(msdu_desc->msdu_len));
445
446 if (!(__le32_to_cpu(rxd->attention.flags) &
447 RX_ATTENTION_FLAGS_MSDU_DONE)) {
448 ath10k_warn(htt->ar, "tried to pop an incomplete frame, oops!\n");
449 return -EIO;
450 }
451 }
452
453 msdu_desc++;
454 }
455
456 return 0;
457}
458
459int ath10k_htt_rx_alloc(struct ath10k_htt *htt)
460{
461 struct ath10k *ar = htt->ar;
462 dma_addr_t paddr;
463 void *vaddr;
464 size_t size;
465 struct timer_list *timer = &htt->rx_ring.refill_retry_timer;
466
467 htt->rx_confused = false;
468
469
470
471
472 htt->rx_ring.size = HTT_RX_RING_SIZE;
473 htt->rx_ring.size_mask = htt->rx_ring.size - 1;
474 htt->rx_ring.fill_level = HTT_RX_RING_FILL_LEVEL;
475
476 if (!is_power_of_2(htt->rx_ring.size)) {
477 ath10k_warn(ar, "htt rx ring size is not power of 2\n");
478 return -EINVAL;
479 }
480
481 htt->rx_ring.netbufs_ring =
482 kzalloc(htt->rx_ring.size * sizeof(struct sk_buff *),
483 GFP_KERNEL);
484 if (!htt->rx_ring.netbufs_ring)
485 goto err_netbuf;
486
487 size = htt->rx_ring.size * sizeof(htt->rx_ring.paddrs_ring);
488
489 vaddr = dma_alloc_coherent(htt->ar->dev, size, &paddr, GFP_KERNEL);
490 if (!vaddr)
491 goto err_dma_ring;
492
493 htt->rx_ring.paddrs_ring = vaddr;
494 htt->rx_ring.base_paddr = paddr;
495
496 vaddr = dma_alloc_coherent(htt->ar->dev,
497 sizeof(*htt->rx_ring.alloc_idx.vaddr),
498 &paddr, GFP_KERNEL);
499 if (!vaddr)
500 goto err_dma_idx;
501
502 htt->rx_ring.alloc_idx.vaddr = vaddr;
503 htt->rx_ring.alloc_idx.paddr = paddr;
504 htt->rx_ring.sw_rd_idx.msdu_payld = htt->rx_ring.size_mask;
505 *htt->rx_ring.alloc_idx.vaddr = 0;
506
507
508 setup_timer(timer, ath10k_htt_rx_ring_refill_retry, (unsigned long)htt);
509
510 spin_lock_init(&htt->rx_ring.lock);
511
512 htt->rx_ring.fill_cnt = 0;
513 htt->rx_ring.sw_rd_idx.msdu_payld = 0;
514 hash_init(htt->rx_ring.skb_table);
515
516 skb_queue_head_init(&htt->rx_compl_q);
517 skb_queue_head_init(&htt->rx_in_ord_compl_q);
518 skb_queue_head_init(&htt->tx_fetch_ind_q);
519 atomic_set(&htt->num_mpdus_ready, 0);
520
521 ath10k_dbg(ar, ATH10K_DBG_BOOT, "htt rx ring size %d fill_level %d\n",
522 htt->rx_ring.size, htt->rx_ring.fill_level);
523 return 0;
524
525err_dma_idx:
526 dma_free_coherent(htt->ar->dev,
527 (htt->rx_ring.size *
528 sizeof(htt->rx_ring.paddrs_ring)),
529 htt->rx_ring.paddrs_ring,
530 htt->rx_ring.base_paddr);
531err_dma_ring:
532 kfree(htt->rx_ring.netbufs_ring);
533err_netbuf:
534 return -ENOMEM;
535}
536
537static int ath10k_htt_rx_crypto_param_len(struct ath10k *ar,
538 enum htt_rx_mpdu_encrypt_type type)
539{
540 switch (type) {
541 case HTT_RX_MPDU_ENCRYPT_NONE:
542 return 0;
543 case HTT_RX_MPDU_ENCRYPT_WEP40:
544 case HTT_RX_MPDU_ENCRYPT_WEP104:
545 return IEEE80211_WEP_IV_LEN;
546 case HTT_RX_MPDU_ENCRYPT_TKIP_WITHOUT_MIC:
547 case HTT_RX_MPDU_ENCRYPT_TKIP_WPA:
548 return IEEE80211_TKIP_IV_LEN;
549 case HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2:
550 return IEEE80211_CCMP_HDR_LEN;
551 case HTT_RX_MPDU_ENCRYPT_WEP128:
552 case HTT_RX_MPDU_ENCRYPT_WAPI:
553 break;
554 }
555
556 ath10k_warn(ar, "unsupported encryption type %d\n", type);
557 return 0;
558}
559
560#define MICHAEL_MIC_LEN 8
561
562static int ath10k_htt_rx_crypto_tail_len(struct ath10k *ar,
563 enum htt_rx_mpdu_encrypt_type type)
564{
565 switch (type) {
566 case HTT_RX_MPDU_ENCRYPT_NONE:
567 return 0;
568 case HTT_RX_MPDU_ENCRYPT_WEP40:
569 case HTT_RX_MPDU_ENCRYPT_WEP104:
570 return IEEE80211_WEP_ICV_LEN;
571 case HTT_RX_MPDU_ENCRYPT_TKIP_WITHOUT_MIC:
572 case HTT_RX_MPDU_ENCRYPT_TKIP_WPA:
573 return IEEE80211_TKIP_ICV_LEN;
574 case HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2:
575 return IEEE80211_CCMP_MIC_LEN;
576 case HTT_RX_MPDU_ENCRYPT_WEP128:
577 case HTT_RX_MPDU_ENCRYPT_WAPI:
578 break;
579 }
580
581 ath10k_warn(ar, "unsupported encryption type %d\n", type);
582 return 0;
583}
584
585struct amsdu_subframe_hdr {
586 u8 dst[ETH_ALEN];
587 u8 src[ETH_ALEN];
588 __be16 len;
589} __packed;
590
591#define GROUP_ID_IS_SU_MIMO(x) ((x) == 0 || (x) == 63)
592
593static void ath10k_htt_rx_h_rates(struct ath10k *ar,
594 struct ieee80211_rx_status *status,
595 struct htt_rx_desc *rxd)
596{
597 struct ieee80211_supported_band *sband;
598 u8 cck, rate, bw, sgi, mcs, nss;
599 u8 preamble = 0;
600 u8 group_id;
601 u32 info1, info2, info3;
602
603 info1 = __le32_to_cpu(rxd->ppdu_start.info1);
604 info2 = __le32_to_cpu(rxd->ppdu_start.info2);
605 info3 = __le32_to_cpu(rxd->ppdu_start.info3);
606
607 preamble = MS(info1, RX_PPDU_START_INFO1_PREAMBLE_TYPE);
608
609 switch (preamble) {
610 case HTT_RX_LEGACY:
611
612
613
614 if (!status->freq)
615 return;
616
617 cck = info1 & RX_PPDU_START_INFO1_L_SIG_RATE_SELECT;
618 rate = MS(info1, RX_PPDU_START_INFO1_L_SIG_RATE);
619 rate &= ~RX_PPDU_START_RATE_FLAG;
620
621 sband = &ar->mac.sbands[status->band];
622 status->rate_idx = ath10k_mac_hw_rate_to_idx(sband, rate, cck);
623 break;
624 case HTT_RX_HT:
625 case HTT_RX_HT_WITH_TXBF:
626
627 mcs = info2 & 0x1F;
628 nss = mcs >> 3;
629 bw = (info2 >> 7) & 1;
630 sgi = (info3 >> 7) & 1;
631
632 status->rate_idx = mcs;
633 status->flag |= RX_FLAG_HT;
634 if (sgi)
635 status->flag |= RX_FLAG_SHORT_GI;
636 if (bw)
637 status->flag |= RX_FLAG_40MHZ;
638 break;
639 case HTT_RX_VHT:
640 case HTT_RX_VHT_WITH_TXBF:
641
642
643 bw = info2 & 3;
644 sgi = info3 & 1;
645 group_id = (info2 >> 4) & 0x3F;
646
647 if (GROUP_ID_IS_SU_MIMO(group_id)) {
648 mcs = (info3 >> 4) & 0x0F;
649 nss = ((info2 >> 10) & 0x07) + 1;
650 } else {
651
652
653
654
655
656
657
658
659
660
661 mcs = 0;
662 nss = 1;
663 }
664
665 if (mcs > 0x09) {
666 ath10k_warn(ar, "invalid MCS received %u\n", mcs);
667 ath10k_warn(ar, "rxd %08x mpdu start %08x %08x msdu start %08x %08x ppdu start %08x %08x %08x %08x %08x\n",
668 __le32_to_cpu(rxd->attention.flags),
669 __le32_to_cpu(rxd->mpdu_start.info0),
670 __le32_to_cpu(rxd->mpdu_start.info1),
671 __le32_to_cpu(rxd->msdu_start.common.info0),
672 __le32_to_cpu(rxd->msdu_start.common.info1),
673 rxd->ppdu_start.info0,
674 __le32_to_cpu(rxd->ppdu_start.info1),
675 __le32_to_cpu(rxd->ppdu_start.info2),
676 __le32_to_cpu(rxd->ppdu_start.info3),
677 __le32_to_cpu(rxd->ppdu_start.info4));
678
679 ath10k_warn(ar, "msdu end %08x mpdu end %08x\n",
680 __le32_to_cpu(rxd->msdu_end.common.info0),
681 __le32_to_cpu(rxd->mpdu_end.info0));
682
683 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL,
684 "rx desc msdu payload: ",
685 rxd->msdu_payload, 50);
686 }
687
688 status->rate_idx = mcs;
689 status->vht_nss = nss;
690
691 if (sgi)
692 status->flag |= RX_FLAG_SHORT_GI;
693
694 switch (bw) {
695
696 case 0:
697 break;
698
699 case 1:
700 status->flag |= RX_FLAG_40MHZ;
701 break;
702
703 case 2:
704 status->vht_flag |= RX_VHT_FLAG_80MHZ;
705 break;
706 case 3:
707 status->vht_flag |= RX_VHT_FLAG_160MHZ;
708 break;
709 }
710
711 status->flag |= RX_FLAG_VHT;
712 break;
713 default:
714 break;
715 }
716}
717
718static struct ieee80211_channel *
719ath10k_htt_rx_h_peer_channel(struct ath10k *ar, struct htt_rx_desc *rxd)
720{
721 struct ath10k_peer *peer;
722 struct ath10k_vif *arvif;
723 struct cfg80211_chan_def def;
724 u16 peer_id;
725
726 lockdep_assert_held(&ar->data_lock);
727
728 if (!rxd)
729 return NULL;
730
731 if (rxd->attention.flags &
732 __cpu_to_le32(RX_ATTENTION_FLAGS_PEER_IDX_INVALID))
733 return NULL;
734
735 if (!(rxd->msdu_end.common.info0 &
736 __cpu_to_le32(RX_MSDU_END_INFO0_FIRST_MSDU)))
737 return NULL;
738
739 peer_id = MS(__le32_to_cpu(rxd->mpdu_start.info0),
740 RX_MPDU_START_INFO0_PEER_IDX);
741
742 peer = ath10k_peer_find_by_id(ar, peer_id);
743 if (!peer)
744 return NULL;
745
746 arvif = ath10k_get_arvif(ar, peer->vdev_id);
747 if (WARN_ON_ONCE(!arvif))
748 return NULL;
749
750 if (ath10k_mac_vif_chan(arvif->vif, &def))
751 return NULL;
752
753 return def.chan;
754}
755
756static struct ieee80211_channel *
757ath10k_htt_rx_h_vdev_channel(struct ath10k *ar, u32 vdev_id)
758{
759 struct ath10k_vif *arvif;
760 struct cfg80211_chan_def def;
761
762 lockdep_assert_held(&ar->data_lock);
763
764 list_for_each_entry(arvif, &ar->arvifs, list) {
765 if (arvif->vdev_id == vdev_id &&
766 ath10k_mac_vif_chan(arvif->vif, &def) == 0)
767 return def.chan;
768 }
769
770 return NULL;
771}
772
773static void
774ath10k_htt_rx_h_any_chan_iter(struct ieee80211_hw *hw,
775 struct ieee80211_chanctx_conf *conf,
776 void *data)
777{
778 struct cfg80211_chan_def *def = data;
779
780 *def = conf->def;
781}
782
783static struct ieee80211_channel *
784ath10k_htt_rx_h_any_channel(struct ath10k *ar)
785{
786 struct cfg80211_chan_def def = {};
787
788 ieee80211_iter_chan_contexts_atomic(ar->hw,
789 ath10k_htt_rx_h_any_chan_iter,
790 &def);
791
792 return def.chan;
793}
794
795static bool ath10k_htt_rx_h_channel(struct ath10k *ar,
796 struct ieee80211_rx_status *status,
797 struct htt_rx_desc *rxd,
798 u32 vdev_id)
799{
800 struct ieee80211_channel *ch;
801
802 spin_lock_bh(&ar->data_lock);
803 ch = ar->scan_channel;
804 if (!ch)
805 ch = ar->rx_channel;
806 if (!ch)
807 ch = ath10k_htt_rx_h_peer_channel(ar, rxd);
808 if (!ch)
809 ch = ath10k_htt_rx_h_vdev_channel(ar, vdev_id);
810 if (!ch)
811 ch = ath10k_htt_rx_h_any_channel(ar);
812 if (!ch)
813 ch = ar->tgt_oper_chan;
814 spin_unlock_bh(&ar->data_lock);
815
816 if (!ch)
817 return false;
818
819 status->band = ch->band;
820 status->freq = ch->center_freq;
821
822 return true;
823}
824
825static void ath10k_htt_rx_h_signal(struct ath10k *ar,
826 struct ieee80211_rx_status *status,
827 struct htt_rx_desc *rxd)
828{
829
830 status->signal = ATH10K_DEFAULT_NOISE_FLOOR +
831 rxd->ppdu_start.rssi_comb;
832 status->flag &= ~RX_FLAG_NO_SIGNAL_VAL;
833}
834
835static void ath10k_htt_rx_h_mactime(struct ath10k *ar,
836 struct ieee80211_rx_status *status,
837 struct htt_rx_desc *rxd)
838{
839
840
841
842
843
844
845 status->mactime = __le32_to_cpu(rxd->ppdu_end.common.tsf_timestamp);
846 status->flag |= RX_FLAG_MACTIME_END;
847}
848
849static void ath10k_htt_rx_h_ppdu(struct ath10k *ar,
850 struct sk_buff_head *amsdu,
851 struct ieee80211_rx_status *status,
852 u32 vdev_id)
853{
854 struct sk_buff *first;
855 struct htt_rx_desc *rxd;
856 bool is_first_ppdu;
857 bool is_last_ppdu;
858
859 if (skb_queue_empty(amsdu))
860 return;
861
862 first = skb_peek(amsdu);
863 rxd = (void *)first->data - sizeof(*rxd);
864
865 is_first_ppdu = !!(rxd->attention.flags &
866 __cpu_to_le32(RX_ATTENTION_FLAGS_FIRST_MPDU));
867 is_last_ppdu = !!(rxd->attention.flags &
868 __cpu_to_le32(RX_ATTENTION_FLAGS_LAST_MPDU));
869
870 if (is_first_ppdu) {
871
872 status->freq = 0;
873 status->rate_idx = 0;
874 status->vht_nss = 0;
875 status->vht_flag &= ~RX_VHT_FLAG_80MHZ;
876 status->flag &= ~(RX_FLAG_HT |
877 RX_FLAG_VHT |
878 RX_FLAG_SHORT_GI |
879 RX_FLAG_40MHZ |
880 RX_FLAG_MACTIME_END);
881 status->flag |= RX_FLAG_NO_SIGNAL_VAL;
882
883 ath10k_htt_rx_h_signal(ar, status, rxd);
884 ath10k_htt_rx_h_channel(ar, status, rxd, vdev_id);
885 ath10k_htt_rx_h_rates(ar, status, rxd);
886 }
887
888 if (is_last_ppdu)
889 ath10k_htt_rx_h_mactime(ar, status, rxd);
890}
891
892static const char * const tid_to_ac[] = {
893 "BE",
894 "BK",
895 "BK",
896 "BE",
897 "VI",
898 "VI",
899 "VO",
900 "VO",
901};
902
903static char *ath10k_get_tid(struct ieee80211_hdr *hdr, char *out, size_t size)
904{
905 u8 *qc;
906 int tid;
907
908 if (!ieee80211_is_data_qos(hdr->frame_control))
909 return "";
910
911 qc = ieee80211_get_qos_ctl(hdr);
912 tid = *qc & IEEE80211_QOS_CTL_TID_MASK;
913 if (tid < 8)
914 snprintf(out, size, "tid %d (%s)", tid, tid_to_ac[tid]);
915 else
916 snprintf(out, size, "tid %d", tid);
917
918 return out;
919}
920
921static void ath10k_process_rx(struct ath10k *ar,
922 struct ieee80211_rx_status *rx_status,
923 struct sk_buff *skb)
924{
925 struct ieee80211_rx_status *status;
926 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
927 char tid[32];
928
929 status = IEEE80211_SKB_RXCB(skb);
930 *status = *rx_status;
931
932 ath10k_dbg(ar, ATH10K_DBG_DATA,
933 "rx skb %pK len %u peer %pM %s %s sn %u %s%s%s%s%s%s %srate_idx %u vht_nss %u freq %u band %u flag 0x%llx fcs-err %i mic-err %i amsdu-more %i\n",
934 skb,
935 skb->len,
936 ieee80211_get_SA(hdr),
937 ath10k_get_tid(hdr, tid, sizeof(tid)),
938 is_multicast_ether_addr(ieee80211_get_DA(hdr)) ?
939 "mcast" : "ucast",
940 (__le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_SEQ) >> 4,
941 (status->flag & (RX_FLAG_HT | RX_FLAG_VHT)) == 0 ?
942 "legacy" : "",
943 status->flag & RX_FLAG_HT ? "ht" : "",
944 status->flag & RX_FLAG_VHT ? "vht" : "",
945 status->flag & RX_FLAG_40MHZ ? "40" : "",
946 status->vht_flag & RX_VHT_FLAG_80MHZ ? "80" : "",
947 status->vht_flag & RX_VHT_FLAG_160MHZ ? "160" : "",
948 status->flag & RX_FLAG_SHORT_GI ? "sgi " : "",
949 status->rate_idx,
950 status->vht_nss,
951 status->freq,
952 status->band, status->flag,
953 !!(status->flag & RX_FLAG_FAILED_FCS_CRC),
954 !!(status->flag & RX_FLAG_MMIC_ERROR),
955 !!(status->flag & RX_FLAG_AMSDU_MORE));
956 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "rx skb: ",
957 skb->data, skb->len);
958 trace_ath10k_rx_hdr(ar, skb->data, skb->len);
959 trace_ath10k_rx_payload(ar, skb->data, skb->len);
960
961 ieee80211_rx_napi(ar->hw, NULL, skb, &ar->napi);
962}
963
964static int ath10k_htt_rx_nwifi_hdrlen(struct ath10k *ar,
965 struct ieee80211_hdr *hdr)
966{
967 int len = ieee80211_hdrlen(hdr->frame_control);
968
969 if (!test_bit(ATH10K_FW_FEATURE_NO_NWIFI_DECAP_4ADDR_PADDING,
970 ar->running_fw->fw_file.fw_features))
971 len = round_up(len, 4);
972
973 return len;
974}
975
976static void ath10k_htt_rx_h_undecap_raw(struct ath10k *ar,
977 struct sk_buff *msdu,
978 struct ieee80211_rx_status *status,
979 enum htt_rx_mpdu_encrypt_type enctype,
980 bool is_decrypted)
981{
982 struct ieee80211_hdr *hdr;
983 struct htt_rx_desc *rxd;
984 size_t hdr_len;
985 size_t crypto_len;
986 bool is_first;
987 bool is_last;
988
989 rxd = (void *)msdu->data - sizeof(*rxd);
990 is_first = !!(rxd->msdu_end.common.info0 &
991 __cpu_to_le32(RX_MSDU_END_INFO0_FIRST_MSDU));
992 is_last = !!(rxd->msdu_end.common.info0 &
993 __cpu_to_le32(RX_MSDU_END_INFO0_LAST_MSDU));
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006 if (unlikely(WARN_ON_ONCE(!is_first)))
1007 return;
1008
1009
1010 if (unlikely(WARN_ON_ONCE(!(is_first && is_last))))
1011 return;
1012
1013 skb_trim(msdu, msdu->len - FCS_LEN);
1014
1015
1016
1017
1018
1019
1020
1021
1022 if (!is_decrypted)
1023 return;
1024
1025
1026
1027
1028
1029 hdr = (void *)msdu->data;
1030
1031
1032 if (status->flag & RX_FLAG_IV_STRIPPED)
1033 skb_trim(msdu, msdu->len -
1034 ath10k_htt_rx_crypto_tail_len(ar, enctype));
1035
1036
1037 if ((status->flag & RX_FLAG_MMIC_STRIPPED) &&
1038 !ieee80211_has_morefrags(hdr->frame_control) &&
1039 enctype == HTT_RX_MPDU_ENCRYPT_TKIP_WPA)
1040 skb_trim(msdu, msdu->len - 8);
1041
1042
1043 if (status->flag & RX_FLAG_IV_STRIPPED) {
1044 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1045 crypto_len = ath10k_htt_rx_crypto_param_len(ar, enctype);
1046
1047 memmove((void *)msdu->data + crypto_len,
1048 (void *)msdu->data, hdr_len);
1049 skb_pull(msdu, crypto_len);
1050 }
1051}
1052
1053static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
1054 struct sk_buff *msdu,
1055 struct ieee80211_rx_status *status,
1056 const u8 first_hdr[64])
1057{
1058 struct ieee80211_hdr *hdr;
1059 struct htt_rx_desc *rxd;
1060 size_t hdr_len;
1061 u8 da[ETH_ALEN];
1062 u8 sa[ETH_ALEN];
1063 int l3_pad_bytes;
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077 rxd = (void *)msdu->data - sizeof(*rxd);
1078
1079 l3_pad_bytes = ath10k_rx_desc_get_l3_pad_bytes(&ar->hw_params, rxd);
1080 skb_put(msdu, l3_pad_bytes);
1081
1082 hdr = (struct ieee80211_hdr *)(msdu->data + l3_pad_bytes);
1083
1084 hdr_len = ath10k_htt_rx_nwifi_hdrlen(ar, hdr);
1085 ether_addr_copy(da, ieee80211_get_DA(hdr));
1086 ether_addr_copy(sa, ieee80211_get_SA(hdr));
1087 skb_pull(msdu, hdr_len);
1088
1089
1090 hdr = (struct ieee80211_hdr *)first_hdr;
1091 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1092 memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
1093
1094
1095
1096
1097 hdr = (struct ieee80211_hdr *)msdu->data;
1098 ether_addr_copy(ieee80211_get_DA(hdr), da);
1099 ether_addr_copy(ieee80211_get_SA(hdr), sa);
1100}
1101
1102static void *ath10k_htt_rx_h_find_rfc1042(struct ath10k *ar,
1103 struct sk_buff *msdu,
1104 enum htt_rx_mpdu_encrypt_type enctype)
1105{
1106 struct ieee80211_hdr *hdr;
1107 struct htt_rx_desc *rxd;
1108 size_t hdr_len, crypto_len;
1109 void *rfc1042;
1110 bool is_first, is_last, is_amsdu;
1111 int bytes_aligned = ar->hw_params.decap_align_bytes;
1112
1113 rxd = (void *)msdu->data - sizeof(*rxd);
1114 hdr = (void *)rxd->rx_hdr_status;
1115
1116 is_first = !!(rxd->msdu_end.common.info0 &
1117 __cpu_to_le32(RX_MSDU_END_INFO0_FIRST_MSDU));
1118 is_last = !!(rxd->msdu_end.common.info0 &
1119 __cpu_to_le32(RX_MSDU_END_INFO0_LAST_MSDU));
1120 is_amsdu = !(is_first && is_last);
1121
1122 rfc1042 = hdr;
1123
1124 if (is_first) {
1125 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1126 crypto_len = ath10k_htt_rx_crypto_param_len(ar, enctype);
1127
1128 rfc1042 += round_up(hdr_len, bytes_aligned) +
1129 round_up(crypto_len, bytes_aligned);
1130 }
1131
1132 if (is_amsdu)
1133 rfc1042 += sizeof(struct amsdu_subframe_hdr);
1134
1135 return rfc1042;
1136}
1137
1138static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
1139 struct sk_buff *msdu,
1140 struct ieee80211_rx_status *status,
1141 const u8 first_hdr[64],
1142 enum htt_rx_mpdu_encrypt_type enctype)
1143{
1144 struct ieee80211_hdr *hdr;
1145 struct ethhdr *eth;
1146 size_t hdr_len;
1147 void *rfc1042;
1148 u8 da[ETH_ALEN];
1149 u8 sa[ETH_ALEN];
1150 int l3_pad_bytes;
1151 struct htt_rx_desc *rxd;
1152
1153
1154
1155
1156
1157
1158 rfc1042 = ath10k_htt_rx_h_find_rfc1042(ar, msdu, enctype);
1159 if (WARN_ON_ONCE(!rfc1042))
1160 return;
1161
1162 rxd = (void *)msdu->data - sizeof(*rxd);
1163 l3_pad_bytes = ath10k_rx_desc_get_l3_pad_bytes(&ar->hw_params, rxd);
1164 skb_put(msdu, l3_pad_bytes);
1165 skb_pull(msdu, l3_pad_bytes);
1166
1167
1168 eth = (struct ethhdr *)msdu->data;
1169 ether_addr_copy(da, eth->h_dest);
1170 ether_addr_copy(sa, eth->h_source);
1171 skb_pull(msdu, sizeof(struct ethhdr));
1172
1173
1174 memcpy(skb_push(msdu, sizeof(struct rfc1042_hdr)), rfc1042,
1175 sizeof(struct rfc1042_hdr));
1176
1177
1178 hdr = (struct ieee80211_hdr *)first_hdr;
1179 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1180 memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
1181
1182
1183
1184
1185 hdr = (struct ieee80211_hdr *)msdu->data;
1186 ether_addr_copy(ieee80211_get_DA(hdr), da);
1187 ether_addr_copy(ieee80211_get_SA(hdr), sa);
1188}
1189
1190static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
1191 struct sk_buff *msdu,
1192 struct ieee80211_rx_status *status,
1193 const u8 first_hdr[64])
1194{
1195 struct ieee80211_hdr *hdr;
1196 size_t hdr_len;
1197 int l3_pad_bytes;
1198 struct htt_rx_desc *rxd;
1199
1200
1201
1202
1203
1204
1205
1206 rxd = (void *)msdu->data - sizeof(*rxd);
1207 l3_pad_bytes = ath10k_rx_desc_get_l3_pad_bytes(&ar->hw_params, rxd);
1208
1209 skb_put(msdu, l3_pad_bytes);
1210 skb_pull(msdu, sizeof(struct amsdu_subframe_hdr) + l3_pad_bytes);
1211
1212 hdr = (struct ieee80211_hdr *)first_hdr;
1213 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1214 memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
1215}
1216
1217static void ath10k_htt_rx_h_undecap(struct ath10k *ar,
1218 struct sk_buff *msdu,
1219 struct ieee80211_rx_status *status,
1220 u8 first_hdr[64],
1221 enum htt_rx_mpdu_encrypt_type enctype,
1222 bool is_decrypted)
1223{
1224 struct htt_rx_desc *rxd;
1225 enum rx_msdu_decap_format decap;
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238 rxd = (void *)msdu->data - sizeof(*rxd);
1239 decap = MS(__le32_to_cpu(rxd->msdu_start.common.info1),
1240 RX_MSDU_START_INFO1_DECAP_FORMAT);
1241
1242 switch (decap) {
1243 case RX_MSDU_DECAP_RAW:
1244 ath10k_htt_rx_h_undecap_raw(ar, msdu, status, enctype,
1245 is_decrypted);
1246 break;
1247 case RX_MSDU_DECAP_NATIVE_WIFI:
1248 ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hdr);
1249 break;
1250 case RX_MSDU_DECAP_ETHERNET2_DIX:
1251 ath10k_htt_rx_h_undecap_eth(ar, msdu, status, first_hdr, enctype);
1252 break;
1253 case RX_MSDU_DECAP_8023_SNAP_LLC:
1254 ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr);
1255 break;
1256 }
1257}
1258
1259static int ath10k_htt_rx_get_csum_state(struct sk_buff *skb)
1260{
1261 struct htt_rx_desc *rxd;
1262 u32 flags, info;
1263 bool is_ip4, is_ip6;
1264 bool is_tcp, is_udp;
1265 bool ip_csum_ok, tcpudp_csum_ok;
1266
1267 rxd = (void *)skb->data - sizeof(*rxd);
1268 flags = __le32_to_cpu(rxd->attention.flags);
1269 info = __le32_to_cpu(rxd->msdu_start.common.info1);
1270
1271 is_ip4 = !!(info & RX_MSDU_START_INFO1_IPV4_PROTO);
1272 is_ip6 = !!(info & RX_MSDU_START_INFO1_IPV6_PROTO);
1273 is_tcp = !!(info & RX_MSDU_START_INFO1_TCP_PROTO);
1274 is_udp = !!(info & RX_MSDU_START_INFO1_UDP_PROTO);
1275 ip_csum_ok = !(flags & RX_ATTENTION_FLAGS_IP_CHKSUM_FAIL);
1276 tcpudp_csum_ok = !(flags & RX_ATTENTION_FLAGS_TCP_UDP_CHKSUM_FAIL);
1277
1278 if (!is_ip4 && !is_ip6)
1279 return CHECKSUM_NONE;
1280 if (!is_tcp && !is_udp)
1281 return CHECKSUM_NONE;
1282 if (!ip_csum_ok)
1283 return CHECKSUM_NONE;
1284 if (!tcpudp_csum_ok)
1285 return CHECKSUM_NONE;
1286
1287 return CHECKSUM_UNNECESSARY;
1288}
1289
1290static void ath10k_htt_rx_h_csum_offload(struct sk_buff *msdu)
1291{
1292 msdu->ip_summed = ath10k_htt_rx_get_csum_state(msdu);
1293}
1294
1295static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
1296 struct sk_buff_head *amsdu,
1297 struct ieee80211_rx_status *status)
1298{
1299 struct sk_buff *first;
1300 struct sk_buff *last;
1301 struct sk_buff *msdu;
1302 struct htt_rx_desc *rxd;
1303 struct ieee80211_hdr *hdr;
1304 enum htt_rx_mpdu_encrypt_type enctype;
1305 u8 first_hdr[64];
1306 u8 *qos;
1307 size_t hdr_len;
1308 bool has_fcs_err;
1309 bool has_crypto_err;
1310 bool has_tkip_err;
1311 bool has_peer_idx_invalid;
1312 bool is_decrypted;
1313 bool is_mgmt;
1314 u32 attention;
1315
1316 if (skb_queue_empty(amsdu))
1317 return;
1318
1319 first = skb_peek(amsdu);
1320 rxd = (void *)first->data - sizeof(*rxd);
1321
1322 is_mgmt = !!(rxd->attention.flags &
1323 __cpu_to_le32(RX_ATTENTION_FLAGS_MGMT_TYPE));
1324
1325 enctype = MS(__le32_to_cpu(rxd->mpdu_start.info0),
1326 RX_MPDU_START_INFO0_ENCRYPT_TYPE);
1327
1328
1329
1330
1331 hdr = (void *)rxd->rx_hdr_status;
1332 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1333 memcpy(first_hdr, hdr, hdr_len);
1334
1335
1336
1337
1338 hdr = (void *)first_hdr;
1339 qos = ieee80211_get_qos_ctl(hdr);
1340 qos[0] &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
1341
1342
1343 last = skb_peek_tail(amsdu);
1344 rxd = (void *)last->data - sizeof(*rxd);
1345 attention = __le32_to_cpu(rxd->attention.flags);
1346
1347 has_fcs_err = !!(attention & RX_ATTENTION_FLAGS_FCS_ERR);
1348 has_crypto_err = !!(attention & RX_ATTENTION_FLAGS_DECRYPT_ERR);
1349 has_tkip_err = !!(attention & RX_ATTENTION_FLAGS_TKIP_MIC_ERR);
1350 has_peer_idx_invalid = !!(attention & RX_ATTENTION_FLAGS_PEER_IDX_INVALID);
1351
1352
1353
1354
1355
1356 is_decrypted = (enctype != HTT_RX_MPDU_ENCRYPT_NONE &&
1357 !has_fcs_err &&
1358 !has_crypto_err &&
1359 !has_peer_idx_invalid);
1360
1361
1362 status->flag &= ~(RX_FLAG_FAILED_FCS_CRC |
1363 RX_FLAG_MMIC_ERROR |
1364 RX_FLAG_DECRYPTED |
1365 RX_FLAG_IV_STRIPPED |
1366 RX_FLAG_ONLY_MONITOR |
1367 RX_FLAG_MMIC_STRIPPED);
1368
1369 if (has_fcs_err)
1370 status->flag |= RX_FLAG_FAILED_FCS_CRC;
1371
1372 if (has_tkip_err)
1373 status->flag |= RX_FLAG_MMIC_ERROR;
1374
1375
1376
1377
1378
1379
1380 if (is_mgmt)
1381 status->flag |= RX_FLAG_ONLY_MONITOR;
1382
1383 if (is_decrypted) {
1384 status->flag |= RX_FLAG_DECRYPTED;
1385
1386 if (likely(!is_mgmt))
1387 status->flag |= RX_FLAG_IV_STRIPPED |
1388 RX_FLAG_MMIC_STRIPPED;
1389}
1390
1391 skb_queue_walk(amsdu, msdu) {
1392 ath10k_htt_rx_h_csum_offload(msdu);
1393 ath10k_htt_rx_h_undecap(ar, msdu, status, first_hdr, enctype,
1394 is_decrypted);
1395
1396
1397
1398
1399
1400 if (!is_decrypted)
1401 continue;
1402 if (is_mgmt)
1403 continue;
1404
1405 hdr = (void *)msdu->data;
1406 hdr->frame_control &= ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
1407 }
1408}
1409
1410static void ath10k_htt_rx_h_deliver(struct ath10k *ar,
1411 struct sk_buff_head *amsdu,
1412 struct ieee80211_rx_status *status)
1413{
1414 struct sk_buff *msdu;
1415
1416 while ((msdu = __skb_dequeue(amsdu))) {
1417
1418 if (skb_queue_empty(amsdu))
1419 status->flag &= ~RX_FLAG_AMSDU_MORE;
1420 else
1421 status->flag |= RX_FLAG_AMSDU_MORE;
1422
1423 ath10k_process_rx(ar, status, msdu);
1424 }
1425}
1426
1427static int ath10k_unchain_msdu(struct sk_buff_head *amsdu)
1428{
1429 struct sk_buff *skb, *first;
1430 int space;
1431 int total_len = 0;
1432
1433
1434
1435
1436
1437
1438
1439
1440 first = __skb_dequeue(amsdu);
1441
1442
1443 skb_queue_walk(amsdu, skb)
1444 total_len += skb->len;
1445
1446 space = total_len - skb_tailroom(first);
1447 if ((space > 0) &&
1448 (pskb_expand_head(first, 0, space, GFP_ATOMIC) < 0)) {
1449
1450
1451
1452
1453 __skb_queue_head(amsdu, first);
1454 return -1;
1455 }
1456
1457
1458
1459
1460 while ((skb = __skb_dequeue(amsdu))) {
1461 skb_copy_from_linear_data(skb, skb_put(first, skb->len),
1462 skb->len);
1463 dev_kfree_skb_any(skb);
1464 }
1465
1466 __skb_queue_head(amsdu, first);
1467 return 0;
1468}
1469
1470static void ath10k_htt_rx_h_unchain(struct ath10k *ar,
1471 struct sk_buff_head *amsdu)
1472{
1473 struct sk_buff *first;
1474 struct htt_rx_desc *rxd;
1475 enum rx_msdu_decap_format decap;
1476
1477 first = skb_peek(amsdu);
1478 rxd = (void *)first->data - sizeof(*rxd);
1479 decap = MS(__le32_to_cpu(rxd->msdu_start.common.info1),
1480 RX_MSDU_START_INFO1_DECAP_FORMAT);
1481
1482
1483
1484
1485
1486
1487 if (decap != RX_MSDU_DECAP_RAW ||
1488 skb_queue_len(amsdu) != 1 + rxd->frag_info.ring2_more_count) {
1489 __skb_queue_purge(amsdu);
1490 return;
1491 }
1492
1493 ath10k_unchain_msdu(amsdu);
1494}
1495
1496static bool ath10k_htt_rx_amsdu_allowed(struct ath10k *ar,
1497 struct sk_buff_head *amsdu,
1498 struct ieee80211_rx_status *rx_status)
1499{
1500
1501
1502
1503
1504 if (!rx_status->freq) {
1505 ath10k_warn(ar, "no channel configured; ignoring frame(s)!\n");
1506 return false;
1507 }
1508
1509 if (test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags)) {
1510 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx cac running\n");
1511 return false;
1512 }
1513
1514 return true;
1515}
1516
1517static void ath10k_htt_rx_h_filter(struct ath10k *ar,
1518 struct sk_buff_head *amsdu,
1519 struct ieee80211_rx_status *rx_status)
1520{
1521 if (skb_queue_empty(amsdu))
1522 return;
1523
1524 if (ath10k_htt_rx_amsdu_allowed(ar, amsdu, rx_status))
1525 return;
1526
1527 __skb_queue_purge(amsdu);
1528}
1529
1530static int ath10k_htt_rx_handle_amsdu(struct ath10k_htt *htt)
1531{
1532 struct ath10k *ar = htt->ar;
1533 struct ieee80211_rx_status *rx_status = &htt->rx_status;
1534 struct sk_buff_head amsdu;
1535 int ret, num_msdus;
1536
1537 __skb_queue_head_init(&amsdu);
1538
1539 spin_lock_bh(&htt->rx_ring.lock);
1540 if (htt->rx_confused) {
1541 spin_unlock_bh(&htt->rx_ring.lock);
1542 return -EIO;
1543 }
1544 ret = ath10k_htt_rx_amsdu_pop(htt, &amsdu);
1545 spin_unlock_bh(&htt->rx_ring.lock);
1546
1547 if (ret < 0) {
1548 ath10k_warn(ar, "rx ring became corrupted: %d\n", ret);
1549 __skb_queue_purge(&amsdu);
1550
1551
1552
1553 htt->rx_confused = true;
1554 return ret;
1555 }
1556
1557 num_msdus = skb_queue_len(&amsdu);
1558 ath10k_htt_rx_h_ppdu(ar, &amsdu, rx_status, 0xffff);
1559
1560
1561 if (ret > 0)
1562 ath10k_htt_rx_h_unchain(ar, &amsdu);
1563
1564 ath10k_htt_rx_h_filter(ar, &amsdu, rx_status);
1565 ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status);
1566 ath10k_htt_rx_h_deliver(ar, &amsdu, rx_status);
1567
1568 return num_msdus;
1569}
1570
1571static void ath10k_htt_rx_proc_rx_ind(struct ath10k_htt *htt,
1572 struct htt_rx_indication *rx)
1573{
1574 struct ath10k *ar = htt->ar;
1575 struct htt_rx_indication_mpdu_range *mpdu_ranges;
1576 int num_mpdu_ranges;
1577 int i, mpdu_count = 0;
1578
1579 num_mpdu_ranges = MS(__le32_to_cpu(rx->hdr.info1),
1580 HTT_RX_INDICATION_INFO1_NUM_MPDU_RANGES);
1581 mpdu_ranges = htt_rx_ind_get_mpdu_ranges(rx);
1582
1583 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt rx ind: ",
1584 rx, sizeof(*rx) +
1585 (sizeof(struct htt_rx_indication_mpdu_range) *
1586 num_mpdu_ranges));
1587
1588 for (i = 0; i < num_mpdu_ranges; i++)
1589 mpdu_count += mpdu_ranges[i].mpdu_count;
1590
1591 atomic_add(mpdu_count, &htt->num_mpdus_ready);
1592}
1593
1594static void ath10k_htt_rx_tx_compl_ind(struct ath10k *ar,
1595 struct sk_buff *skb)
1596{
1597 struct ath10k_htt *htt = &ar->htt;
1598 struct htt_resp *resp = (struct htt_resp *)skb->data;
1599 struct htt_tx_done tx_done = {};
1600 int status = MS(resp->data_tx_completion.flags, HTT_DATA_TX_STATUS);
1601 __le16 msdu_id;
1602 int i;
1603
1604 switch (status) {
1605 case HTT_DATA_TX_STATUS_NO_ACK:
1606 tx_done.status = HTT_TX_COMPL_STATE_NOACK;
1607 break;
1608 case HTT_DATA_TX_STATUS_OK:
1609 tx_done.status = HTT_TX_COMPL_STATE_ACK;
1610 break;
1611 case HTT_DATA_TX_STATUS_DISCARD:
1612 case HTT_DATA_TX_STATUS_POSTPONE:
1613 case HTT_DATA_TX_STATUS_DOWNLOAD_FAIL:
1614 tx_done.status = HTT_TX_COMPL_STATE_DISCARD;
1615 break;
1616 default:
1617 ath10k_warn(ar, "unhandled tx completion status %d\n", status);
1618 tx_done.status = HTT_TX_COMPL_STATE_DISCARD;
1619 break;
1620 }
1621
1622 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt tx completion num_msdus %d\n",
1623 resp->data_tx_completion.num_msdus);
1624
1625 for (i = 0; i < resp->data_tx_completion.num_msdus; i++) {
1626 msdu_id = resp->data_tx_completion.msdus[i];
1627 tx_done.msdu_id = __le16_to_cpu(msdu_id);
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637 if (!kfifo_put(&htt->txdone_fifo, &tx_done)) {
1638 ath10k_warn(ar, "txdone fifo overrun, msdu_id %d status %d\n",
1639 tx_done.msdu_id, tx_done.status);
1640 ath10k_txrx_tx_unref(htt, &tx_done);
1641 }
1642 }
1643}
1644
1645static void ath10k_htt_rx_addba(struct ath10k *ar, struct htt_resp *resp)
1646{
1647 struct htt_rx_addba *ev = &resp->rx_addba;
1648 struct ath10k_peer *peer;
1649 struct ath10k_vif *arvif;
1650 u16 info0, tid, peer_id;
1651
1652 info0 = __le16_to_cpu(ev->info0);
1653 tid = MS(info0, HTT_RX_BA_INFO0_TID);
1654 peer_id = MS(info0, HTT_RX_BA_INFO0_PEER_ID);
1655
1656 ath10k_dbg(ar, ATH10K_DBG_HTT,
1657 "htt rx addba tid %hu peer_id %hu size %hhu\n",
1658 tid, peer_id, ev->window_size);
1659
1660 spin_lock_bh(&ar->data_lock);
1661 peer = ath10k_peer_find_by_id(ar, peer_id);
1662 if (!peer) {
1663 ath10k_warn(ar, "received addba event for invalid peer_id: %hu\n",
1664 peer_id);
1665 spin_unlock_bh(&ar->data_lock);
1666 return;
1667 }
1668
1669 arvif = ath10k_get_arvif(ar, peer->vdev_id);
1670 if (!arvif) {
1671 ath10k_warn(ar, "received addba event for invalid vdev_id: %u\n",
1672 peer->vdev_id);
1673 spin_unlock_bh(&ar->data_lock);
1674 return;
1675 }
1676
1677 ath10k_dbg(ar, ATH10K_DBG_HTT,
1678 "htt rx start rx ba session sta %pM tid %hu size %hhu\n",
1679 peer->addr, tid, ev->window_size);
1680
1681 ieee80211_start_rx_ba_session_offl(arvif->vif, peer->addr, tid);
1682 spin_unlock_bh(&ar->data_lock);
1683}
1684
1685static void ath10k_htt_rx_delba(struct ath10k *ar, struct htt_resp *resp)
1686{
1687 struct htt_rx_delba *ev = &resp->rx_delba;
1688 struct ath10k_peer *peer;
1689 struct ath10k_vif *arvif;
1690 u16 info0, tid, peer_id;
1691
1692 info0 = __le16_to_cpu(ev->info0);
1693 tid = MS(info0, HTT_RX_BA_INFO0_TID);
1694 peer_id = MS(info0, HTT_RX_BA_INFO0_PEER_ID);
1695
1696 ath10k_dbg(ar, ATH10K_DBG_HTT,
1697 "htt rx delba tid %hu peer_id %hu\n",
1698 tid, peer_id);
1699
1700 spin_lock_bh(&ar->data_lock);
1701 peer = ath10k_peer_find_by_id(ar, peer_id);
1702 if (!peer) {
1703 ath10k_warn(ar, "received addba event for invalid peer_id: %hu\n",
1704 peer_id);
1705 spin_unlock_bh(&ar->data_lock);
1706 return;
1707 }
1708
1709 arvif = ath10k_get_arvif(ar, peer->vdev_id);
1710 if (!arvif) {
1711 ath10k_warn(ar, "received addba event for invalid vdev_id: %u\n",
1712 peer->vdev_id);
1713 spin_unlock_bh(&ar->data_lock);
1714 return;
1715 }
1716
1717 ath10k_dbg(ar, ATH10K_DBG_HTT,
1718 "htt rx stop rx ba session sta %pM tid %hu\n",
1719 peer->addr, tid);
1720
1721 ieee80211_stop_rx_ba_session_offl(arvif->vif, peer->addr, tid);
1722 spin_unlock_bh(&ar->data_lock);
1723}
1724
1725static int ath10k_htt_rx_extract_amsdu(struct sk_buff_head *list,
1726 struct sk_buff_head *amsdu)
1727{
1728 struct sk_buff *msdu;
1729 struct htt_rx_desc *rxd;
1730
1731 if (skb_queue_empty(list))
1732 return -ENOBUFS;
1733
1734 if (WARN_ON(!skb_queue_empty(amsdu)))
1735 return -EINVAL;
1736
1737 while ((msdu = __skb_dequeue(list))) {
1738 __skb_queue_tail(amsdu, msdu);
1739
1740 rxd = (void *)msdu->data - sizeof(*rxd);
1741 if (rxd->msdu_end.common.info0 &
1742 __cpu_to_le32(RX_MSDU_END_INFO0_LAST_MSDU))
1743 break;
1744 }
1745
1746 msdu = skb_peek_tail(amsdu);
1747 rxd = (void *)msdu->data - sizeof(*rxd);
1748 if (!(rxd->msdu_end.common.info0 &
1749 __cpu_to_le32(RX_MSDU_END_INFO0_LAST_MSDU))) {
1750 skb_queue_splice_init(amsdu, list);
1751 return -EAGAIN;
1752 }
1753
1754 return 0;
1755}
1756
1757static void ath10k_htt_rx_h_rx_offload_prot(struct ieee80211_rx_status *status,
1758 struct sk_buff *skb)
1759{
1760 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1761
1762 if (!ieee80211_has_protected(hdr->frame_control))
1763 return;
1764
1765
1766
1767
1768
1769
1770 hdr->frame_control &= ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
1771 status->flag |= RX_FLAG_DECRYPTED |
1772 RX_FLAG_IV_STRIPPED |
1773 RX_FLAG_MMIC_STRIPPED;
1774}
1775
1776static int ath10k_htt_rx_h_rx_offload(struct ath10k *ar,
1777 struct sk_buff_head *list)
1778{
1779 struct ath10k_htt *htt = &ar->htt;
1780 struct ieee80211_rx_status *status = &htt->rx_status;
1781 struct htt_rx_offload_msdu *rx;
1782 struct sk_buff *msdu;
1783 size_t offset;
1784 int num_msdu = 0;
1785
1786 while ((msdu = __skb_dequeue(list))) {
1787
1788
1789
1790
1791 rx = (void *)msdu->data;
1792
1793 skb_put(msdu, sizeof(*rx));
1794 skb_pull(msdu, sizeof(*rx));
1795
1796 if (skb_tailroom(msdu) < __le16_to_cpu(rx->msdu_len)) {
1797 ath10k_warn(ar, "dropping frame: offloaded rx msdu is too long!\n");
1798 dev_kfree_skb_any(msdu);
1799 continue;
1800 }
1801
1802 skb_put(msdu, __le16_to_cpu(rx->msdu_len));
1803
1804
1805
1806
1807
1808
1809 offset = 4 - ((unsigned long)msdu->data & 3);
1810 skb_put(msdu, offset);
1811 memmove(msdu->data + offset, msdu->data, msdu->len);
1812 skb_pull(msdu, offset);
1813
1814
1815
1816
1817
1818 memset(status, 0, sizeof(*status));
1819 status->flag |= RX_FLAG_NO_SIGNAL_VAL;
1820
1821 ath10k_htt_rx_h_rx_offload_prot(status, msdu);
1822 ath10k_htt_rx_h_channel(ar, status, NULL, rx->vdev_id);
1823 ath10k_process_rx(ar, status, msdu);
1824 num_msdu++;
1825 }
1826 return num_msdu;
1827}
1828
1829static int ath10k_htt_rx_in_ord_ind(struct ath10k *ar, struct sk_buff *skb)
1830{
1831 struct ath10k_htt *htt = &ar->htt;
1832 struct htt_resp *resp = (void *)skb->data;
1833 struct ieee80211_rx_status *status = &htt->rx_status;
1834 struct sk_buff_head list;
1835 struct sk_buff_head amsdu;
1836 u16 peer_id;
1837 u16 msdu_count;
1838 u8 vdev_id;
1839 u8 tid;
1840 bool offload;
1841 bool frag;
1842 int ret, num_msdus = 0;
1843
1844 lockdep_assert_held(&htt->rx_ring.lock);
1845
1846 if (htt->rx_confused)
1847 return -EIO;
1848
1849 skb_pull(skb, sizeof(resp->hdr));
1850 skb_pull(skb, sizeof(resp->rx_in_ord_ind));
1851
1852 peer_id = __le16_to_cpu(resp->rx_in_ord_ind.peer_id);
1853 msdu_count = __le16_to_cpu(resp->rx_in_ord_ind.msdu_count);
1854 vdev_id = resp->rx_in_ord_ind.vdev_id;
1855 tid = SM(resp->rx_in_ord_ind.info, HTT_RX_IN_ORD_IND_INFO_TID);
1856 offload = !!(resp->rx_in_ord_ind.info &
1857 HTT_RX_IN_ORD_IND_INFO_OFFLOAD_MASK);
1858 frag = !!(resp->rx_in_ord_ind.info & HTT_RX_IN_ORD_IND_INFO_FRAG_MASK);
1859
1860 ath10k_dbg(ar, ATH10K_DBG_HTT,
1861 "htt rx in ord vdev %i peer %i tid %i offload %i frag %i msdu count %i\n",
1862 vdev_id, peer_id, tid, offload, frag, msdu_count);
1863
1864 if (skb->len < msdu_count * sizeof(*resp->rx_in_ord_ind.msdu_descs)) {
1865 ath10k_warn(ar, "dropping invalid in order rx indication\n");
1866 return -EINVAL;
1867 }
1868
1869
1870
1871
1872 __skb_queue_head_init(&list);
1873 ret = ath10k_htt_rx_pop_paddr_list(htt, &resp->rx_in_ord_ind, &list);
1874 if (ret < 0) {
1875 ath10k_warn(ar, "failed to pop paddr list: %d\n", ret);
1876 htt->rx_confused = true;
1877 return -EIO;
1878 }
1879
1880
1881
1882
1883 if (offload)
1884 num_msdus = ath10k_htt_rx_h_rx_offload(ar, &list);
1885
1886 while (!skb_queue_empty(&list)) {
1887 __skb_queue_head_init(&amsdu);
1888 ret = ath10k_htt_rx_extract_amsdu(&list, &amsdu);
1889 switch (ret) {
1890 case 0:
1891
1892
1893
1894
1895
1896
1897 num_msdus += skb_queue_len(&amsdu);
1898 ath10k_htt_rx_h_ppdu(ar, &amsdu, status, vdev_id);
1899 ath10k_htt_rx_h_filter(ar, &amsdu, status);
1900 ath10k_htt_rx_h_mpdu(ar, &amsdu, status);
1901 ath10k_htt_rx_h_deliver(ar, &amsdu, status);
1902 break;
1903 case -EAGAIN:
1904
1905 default:
1906
1907 ath10k_warn(ar, "failed to extract amsdu: %d\n", ret);
1908 htt->rx_confused = true;
1909 __skb_queue_purge(&list);
1910 return -EIO;
1911 }
1912 }
1913 return num_msdus;
1914}
1915
1916static void ath10k_htt_rx_tx_fetch_resp_id_confirm(struct ath10k *ar,
1917 const __le32 *resp_ids,
1918 int num_resp_ids)
1919{
1920 int i;
1921 u32 resp_id;
1922
1923 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch confirm num_resp_ids %d\n",
1924 num_resp_ids);
1925
1926 for (i = 0; i < num_resp_ids; i++) {
1927 resp_id = le32_to_cpu(resp_ids[i]);
1928
1929 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch confirm resp_id %u\n",
1930 resp_id);
1931
1932
1933 }
1934}
1935
1936static void ath10k_htt_rx_tx_fetch_ind(struct ath10k *ar, struct sk_buff *skb)
1937{
1938 struct ieee80211_hw *hw = ar->hw;
1939 struct ieee80211_txq *txq;
1940 struct htt_resp *resp = (struct htt_resp *)skb->data;
1941 struct htt_tx_fetch_record *record;
1942 size_t len;
1943 size_t max_num_bytes;
1944 size_t max_num_msdus;
1945 size_t num_bytes;
1946 size_t num_msdus;
1947 const __le32 *resp_ids;
1948 u16 num_records;
1949 u16 num_resp_ids;
1950 u16 peer_id;
1951 u8 tid;
1952 int ret;
1953 int i;
1954
1955 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch ind\n");
1956
1957 len = sizeof(resp->hdr) + sizeof(resp->tx_fetch_ind);
1958 if (unlikely(skb->len < len)) {
1959 ath10k_warn(ar, "received corrupted tx_fetch_ind event: buffer too short\n");
1960 return;
1961 }
1962
1963 num_records = le16_to_cpu(resp->tx_fetch_ind.num_records);
1964 num_resp_ids = le16_to_cpu(resp->tx_fetch_ind.num_resp_ids);
1965
1966 len += sizeof(resp->tx_fetch_ind.records[0]) * num_records;
1967 len += sizeof(resp->tx_fetch_ind.resp_ids[0]) * num_resp_ids;
1968
1969 if (unlikely(skb->len < len)) {
1970 ath10k_warn(ar, "received corrupted tx_fetch_ind event: too many records/resp_ids\n");
1971 return;
1972 }
1973
1974 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch ind num records %hu num resps %hu seq %hu\n",
1975 num_records, num_resp_ids,
1976 le16_to_cpu(resp->tx_fetch_ind.fetch_seq_num));
1977
1978 if (!ar->htt.tx_q_state.enabled) {
1979 ath10k_warn(ar, "received unexpected tx_fetch_ind event: not enabled\n");
1980 return;
1981 }
1982
1983 if (ar->htt.tx_q_state.mode == HTT_TX_MODE_SWITCH_PUSH) {
1984 ath10k_warn(ar, "received unexpected tx_fetch_ind event: in push mode\n");
1985 return;
1986 }
1987
1988 rcu_read_lock();
1989
1990 for (i = 0; i < num_records; i++) {
1991 record = &resp->tx_fetch_ind.records[i];
1992 peer_id = MS(le16_to_cpu(record->info),
1993 HTT_TX_FETCH_RECORD_INFO_PEER_ID);
1994 tid = MS(le16_to_cpu(record->info),
1995 HTT_TX_FETCH_RECORD_INFO_TID);
1996 max_num_msdus = le16_to_cpu(record->num_msdus);
1997 max_num_bytes = le32_to_cpu(record->num_bytes);
1998
1999 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch record %i peer_id %hu tid %hhu msdus %zu bytes %zu\n",
2000 i, peer_id, tid, max_num_msdus, max_num_bytes);
2001
2002 if (unlikely(peer_id >= ar->htt.tx_q_state.num_peers) ||
2003 unlikely(tid >= ar->htt.tx_q_state.num_tids)) {
2004 ath10k_warn(ar, "received out of range peer_id %hu tid %hhu\n",
2005 peer_id, tid);
2006 continue;
2007 }
2008
2009 spin_lock_bh(&ar->data_lock);
2010 txq = ath10k_mac_txq_lookup(ar, peer_id, tid);
2011 spin_unlock_bh(&ar->data_lock);
2012
2013
2014
2015
2016
2017 if (unlikely(!txq)) {
2018 ath10k_warn(ar, "failed to lookup txq for peer_id %hu tid %hhu\n",
2019 peer_id, tid);
2020 continue;
2021 }
2022
2023 num_msdus = 0;
2024 num_bytes = 0;
2025
2026 while (num_msdus < max_num_msdus &&
2027 num_bytes < max_num_bytes) {
2028 ret = ath10k_mac_tx_push_txq(hw, txq);
2029 if (ret < 0)
2030 break;
2031
2032 num_msdus++;
2033 num_bytes += ret;
2034 }
2035
2036 record->num_msdus = cpu_to_le16(num_msdus);
2037 record->num_bytes = cpu_to_le32(num_bytes);
2038
2039 ath10k_htt_tx_txq_recalc(hw, txq);
2040 }
2041
2042 rcu_read_unlock();
2043
2044 resp_ids = ath10k_htt_get_tx_fetch_ind_resp_ids(&resp->tx_fetch_ind);
2045 ath10k_htt_rx_tx_fetch_resp_id_confirm(ar, resp_ids, num_resp_ids);
2046
2047 ret = ath10k_htt_tx_fetch_resp(ar,
2048 resp->tx_fetch_ind.token,
2049 resp->tx_fetch_ind.fetch_seq_num,
2050 resp->tx_fetch_ind.records,
2051 num_records);
2052 if (unlikely(ret)) {
2053 ath10k_warn(ar, "failed to submit tx fetch resp for token 0x%08x: %d\n",
2054 le32_to_cpu(resp->tx_fetch_ind.token), ret);
2055
2056 }
2057
2058 ath10k_htt_tx_txq_sync(ar);
2059}
2060
2061static void ath10k_htt_rx_tx_fetch_confirm(struct ath10k *ar,
2062 struct sk_buff *skb)
2063{
2064 const struct htt_resp *resp = (void *)skb->data;
2065 size_t len;
2066 int num_resp_ids;
2067
2068 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch confirm\n");
2069
2070 len = sizeof(resp->hdr) + sizeof(resp->tx_fetch_confirm);
2071 if (unlikely(skb->len < len)) {
2072 ath10k_warn(ar, "received corrupted tx_fetch_confirm event: buffer too short\n");
2073 return;
2074 }
2075
2076 num_resp_ids = le16_to_cpu(resp->tx_fetch_confirm.num_resp_ids);
2077 len += sizeof(resp->tx_fetch_confirm.resp_ids[0]) * num_resp_ids;
2078
2079 if (unlikely(skb->len < len)) {
2080 ath10k_warn(ar, "received corrupted tx_fetch_confirm event: resp_ids buffer overflow\n");
2081 return;
2082 }
2083
2084 ath10k_htt_rx_tx_fetch_resp_id_confirm(ar,
2085 resp->tx_fetch_confirm.resp_ids,
2086 num_resp_ids);
2087}
2088
2089static void ath10k_htt_rx_tx_mode_switch_ind(struct ath10k *ar,
2090 struct sk_buff *skb)
2091{
2092 const struct htt_resp *resp = (void *)skb->data;
2093 const struct htt_tx_mode_switch_record *record;
2094 struct ieee80211_txq *txq;
2095 struct ath10k_txq *artxq;
2096 size_t len;
2097 size_t num_records;
2098 enum htt_tx_mode_switch_mode mode;
2099 bool enable;
2100 u16 info0;
2101 u16 info1;
2102 u16 threshold;
2103 u16 peer_id;
2104 u8 tid;
2105 int i;
2106
2107 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx mode switch ind\n");
2108
2109 len = sizeof(resp->hdr) + sizeof(resp->tx_mode_switch_ind);
2110 if (unlikely(skb->len < len)) {
2111 ath10k_warn(ar, "received corrupted tx_mode_switch_ind event: buffer too short\n");
2112 return;
2113 }
2114
2115 info0 = le16_to_cpu(resp->tx_mode_switch_ind.info0);
2116 info1 = le16_to_cpu(resp->tx_mode_switch_ind.info1);
2117
2118 enable = !!(info0 & HTT_TX_MODE_SWITCH_IND_INFO0_ENABLE);
2119 num_records = MS(info0, HTT_TX_MODE_SWITCH_IND_INFO1_THRESHOLD);
2120 mode = MS(info1, HTT_TX_MODE_SWITCH_IND_INFO1_MODE);
2121 threshold = MS(info1, HTT_TX_MODE_SWITCH_IND_INFO1_THRESHOLD);
2122
2123 ath10k_dbg(ar, ATH10K_DBG_HTT,
2124 "htt rx tx mode switch ind info0 0x%04hx info1 0x%04hx enable %d num records %zd mode %d threshold %hu\n",
2125 info0, info1, enable, num_records, mode, threshold);
2126
2127 len += sizeof(resp->tx_mode_switch_ind.records[0]) * num_records;
2128
2129 if (unlikely(skb->len < len)) {
2130 ath10k_warn(ar, "received corrupted tx_mode_switch_mode_ind event: too many records\n");
2131 return;
2132 }
2133
2134 switch (mode) {
2135 case HTT_TX_MODE_SWITCH_PUSH:
2136 case HTT_TX_MODE_SWITCH_PUSH_PULL:
2137 break;
2138 default:
2139 ath10k_warn(ar, "received invalid tx_mode_switch_mode_ind mode %d, ignoring\n",
2140 mode);
2141 return;
2142 }
2143
2144 if (!enable)
2145 return;
2146
2147 ar->htt.tx_q_state.enabled = enable;
2148 ar->htt.tx_q_state.mode = mode;
2149 ar->htt.tx_q_state.num_push_allowed = threshold;
2150
2151 rcu_read_lock();
2152
2153 for (i = 0; i < num_records; i++) {
2154 record = &resp->tx_mode_switch_ind.records[i];
2155 info0 = le16_to_cpu(record->info0);
2156 peer_id = MS(info0, HTT_TX_MODE_SWITCH_RECORD_INFO0_PEER_ID);
2157 tid = MS(info0, HTT_TX_MODE_SWITCH_RECORD_INFO0_TID);
2158
2159 if (unlikely(peer_id >= ar->htt.tx_q_state.num_peers) ||
2160 unlikely(tid >= ar->htt.tx_q_state.num_tids)) {
2161 ath10k_warn(ar, "received out of range peer_id %hu tid %hhu\n",
2162 peer_id, tid);
2163 continue;
2164 }
2165
2166 spin_lock_bh(&ar->data_lock);
2167 txq = ath10k_mac_txq_lookup(ar, peer_id, tid);
2168 spin_unlock_bh(&ar->data_lock);
2169
2170
2171
2172
2173
2174 if (unlikely(!txq)) {
2175 ath10k_warn(ar, "failed to lookup txq for peer_id %hu tid %hhu\n",
2176 peer_id, tid);
2177 continue;
2178 }
2179
2180 spin_lock_bh(&ar->htt.tx_lock);
2181 artxq = (void *)txq->drv_priv;
2182 artxq->num_push_allowed = le16_to_cpu(record->num_max_msdus);
2183 spin_unlock_bh(&ar->htt.tx_lock);
2184 }
2185
2186 rcu_read_unlock();
2187
2188 ath10k_mac_tx_push_pending(ar);
2189}
2190
2191void ath10k_htt_htc_t2h_msg_handler(struct ath10k *ar, struct sk_buff *skb)
2192{
2193 bool release;
2194
2195 release = ath10k_htt_t2h_msg_handler(ar, skb);
2196
2197
2198 if (release)
2199 dev_kfree_skb_any(skb);
2200}
2201
2202static inline bool is_valid_legacy_rate(u8 rate)
2203{
2204 static const u8 legacy_rates[] = {1, 2, 5, 11, 6, 9, 12,
2205 18, 24, 36, 48, 54};
2206 int i;
2207
2208 for (i = 0; i < ARRAY_SIZE(legacy_rates); i++) {
2209 if (rate == legacy_rates[i])
2210 return true;
2211 }
2212
2213 return false;
2214}
2215
2216static void
2217ath10k_update_per_peer_tx_stats(struct ath10k *ar,
2218 struct ieee80211_sta *sta,
2219 struct ath10k_per_peer_tx_stats *peer_stats)
2220{
2221 struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
2222 u8 rate = 0, sgi;
2223 struct rate_info txrate;
2224
2225 lockdep_assert_held(&ar->data_lock);
2226
2227 txrate.flags = ATH10K_HW_PREAMBLE(peer_stats->ratecode);
2228 txrate.bw = ATH10K_HW_BW(peer_stats->flags);
2229 txrate.nss = ATH10K_HW_NSS(peer_stats->ratecode);
2230 txrate.mcs = ATH10K_HW_MCS_RATE(peer_stats->ratecode);
2231 sgi = ATH10K_HW_GI(peer_stats->flags);
2232
2233 if (((txrate.flags == WMI_RATE_PREAMBLE_HT) ||
2234 (txrate.flags == WMI_RATE_PREAMBLE_VHT)) && txrate.mcs > 9) {
2235 ath10k_warn(ar, "Invalid mcs %hhd peer stats", txrate.mcs);
2236 return;
2237 }
2238
2239 memset(&arsta->txrate, 0, sizeof(arsta->txrate));
2240
2241 if (txrate.flags == WMI_RATE_PREAMBLE_CCK ||
2242 txrate.flags == WMI_RATE_PREAMBLE_OFDM) {
2243 rate = ATH10K_HW_LEGACY_RATE(peer_stats->ratecode);
2244
2245 if (!is_valid_legacy_rate(rate)) {
2246 ath10k_warn(ar, "Invalid legacy rate %hhd peer stats",
2247 rate);
2248 return;
2249 }
2250
2251
2252 rate *= 10;
2253 if (rate == 60 && txrate.flags == WMI_RATE_PREAMBLE_CCK)
2254 rate = rate - 5;
2255 arsta->txrate.legacy = rate;
2256 } else if (txrate.flags == WMI_RATE_PREAMBLE_HT) {
2257 arsta->txrate.flags = RATE_INFO_FLAGS_MCS;
2258 arsta->txrate.mcs = txrate.mcs;
2259 } else {
2260 arsta->txrate.flags = RATE_INFO_FLAGS_VHT_MCS;
2261 arsta->txrate.mcs = txrate.mcs;
2262 }
2263
2264 if (sgi)
2265 arsta->txrate.flags |= RATE_INFO_FLAGS_SHORT_GI;
2266
2267 arsta->txrate.nss = txrate.nss;
2268 arsta->txrate.bw = txrate.bw + RATE_INFO_BW_20;
2269}
2270
2271static void ath10k_htt_fetch_peer_stats(struct ath10k *ar,
2272 struct sk_buff *skb)
2273{
2274 struct htt_resp *resp = (struct htt_resp *)skb->data;
2275 struct ath10k_per_peer_tx_stats *p_tx_stats = &ar->peer_tx_stats;
2276 struct htt_per_peer_tx_stats_ind *tx_stats;
2277 struct ieee80211_sta *sta;
2278 struct ath10k_peer *peer;
2279 int peer_id, i;
2280 u8 ppdu_len, num_ppdu;
2281
2282 num_ppdu = resp->peer_tx_stats.num_ppdu;
2283 ppdu_len = resp->peer_tx_stats.ppdu_len * sizeof(__le32);
2284
2285 if (skb->len < sizeof(struct htt_resp_hdr) + num_ppdu * ppdu_len) {
2286 ath10k_warn(ar, "Invalid peer stats buf length %d\n", skb->len);
2287 return;
2288 }
2289
2290 tx_stats = (struct htt_per_peer_tx_stats_ind *)
2291 (resp->peer_tx_stats.payload);
2292 peer_id = __le16_to_cpu(tx_stats->peer_id);
2293
2294 rcu_read_lock();
2295 spin_lock_bh(&ar->data_lock);
2296 peer = ath10k_peer_find_by_id(ar, peer_id);
2297 if (!peer) {
2298 ath10k_warn(ar, "Invalid peer id %d peer stats buffer\n",
2299 peer_id);
2300 goto out;
2301 }
2302
2303 sta = peer->sta;
2304 for (i = 0; i < num_ppdu; i++) {
2305 tx_stats = (struct htt_per_peer_tx_stats_ind *)
2306 (resp->peer_tx_stats.payload + i * ppdu_len);
2307
2308 p_tx_stats->succ_bytes = __le32_to_cpu(tx_stats->succ_bytes);
2309 p_tx_stats->retry_bytes = __le32_to_cpu(tx_stats->retry_bytes);
2310 p_tx_stats->failed_bytes =
2311 __le32_to_cpu(tx_stats->failed_bytes);
2312 p_tx_stats->ratecode = tx_stats->ratecode;
2313 p_tx_stats->flags = tx_stats->flags;
2314 p_tx_stats->succ_pkts = __le16_to_cpu(tx_stats->succ_pkts);
2315 p_tx_stats->retry_pkts = __le16_to_cpu(tx_stats->retry_pkts);
2316 p_tx_stats->failed_pkts = __le16_to_cpu(tx_stats->failed_pkts);
2317
2318 ath10k_update_per_peer_tx_stats(ar, sta, p_tx_stats);
2319 }
2320
2321out:
2322 spin_unlock_bh(&ar->data_lock);
2323 rcu_read_unlock();
2324}
2325
2326bool ath10k_htt_t2h_msg_handler(struct ath10k *ar, struct sk_buff *skb)
2327{
2328 struct ath10k_htt *htt = &ar->htt;
2329 struct htt_resp *resp = (struct htt_resp *)skb->data;
2330 enum htt_t2h_msg_type type;
2331
2332
2333 if (!IS_ALIGNED((unsigned long)skb->data, 4))
2334 ath10k_warn(ar, "unaligned htt message, expect trouble\n");
2335
2336 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx, msg_type: 0x%0X\n",
2337 resp->hdr.msg_type);
2338
2339 if (resp->hdr.msg_type >= ar->htt.t2h_msg_types_max) {
2340 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx, unsupported msg_type: 0x%0X\n max: 0x%0X",
2341 resp->hdr.msg_type, ar->htt.t2h_msg_types_max);
2342 return true;
2343 }
2344 type = ar->htt.t2h_msg_types[resp->hdr.msg_type];
2345
2346 switch (type) {
2347 case HTT_T2H_MSG_TYPE_VERSION_CONF: {
2348 htt->target_version_major = resp->ver_resp.major;
2349 htt->target_version_minor = resp->ver_resp.minor;
2350 complete(&htt->target_version_received);
2351 break;
2352 }
2353 case HTT_T2H_MSG_TYPE_RX_IND:
2354 ath10k_htt_rx_proc_rx_ind(htt, &resp->rx_ind);
2355 break;
2356 case HTT_T2H_MSG_TYPE_PEER_MAP: {
2357 struct htt_peer_map_event ev = {
2358 .vdev_id = resp->peer_map.vdev_id,
2359 .peer_id = __le16_to_cpu(resp->peer_map.peer_id),
2360 };
2361 memcpy(ev.addr, resp->peer_map.addr, sizeof(ev.addr));
2362 ath10k_peer_map_event(htt, &ev);
2363 break;
2364 }
2365 case HTT_T2H_MSG_TYPE_PEER_UNMAP: {
2366 struct htt_peer_unmap_event ev = {
2367 .peer_id = __le16_to_cpu(resp->peer_unmap.peer_id),
2368 };
2369 ath10k_peer_unmap_event(htt, &ev);
2370 break;
2371 }
2372 case HTT_T2H_MSG_TYPE_MGMT_TX_COMPLETION: {
2373 struct htt_tx_done tx_done = {};
2374 int status = __le32_to_cpu(resp->mgmt_tx_completion.status);
2375
2376 tx_done.msdu_id = __le32_to_cpu(resp->mgmt_tx_completion.desc_id);
2377
2378 switch (status) {
2379 case HTT_MGMT_TX_STATUS_OK:
2380 tx_done.status = HTT_TX_COMPL_STATE_ACK;
2381 break;
2382 case HTT_MGMT_TX_STATUS_RETRY:
2383 tx_done.status = HTT_TX_COMPL_STATE_NOACK;
2384 break;
2385 case HTT_MGMT_TX_STATUS_DROP:
2386 tx_done.status = HTT_TX_COMPL_STATE_DISCARD;
2387 break;
2388 }
2389
2390 status = ath10k_txrx_tx_unref(htt, &tx_done);
2391 if (!status) {
2392 spin_lock_bh(&htt->tx_lock);
2393 ath10k_htt_tx_mgmt_dec_pending(htt);
2394 spin_unlock_bh(&htt->tx_lock);
2395 }
2396 break;
2397 }
2398 case HTT_T2H_MSG_TYPE_TX_COMPL_IND:
2399 ath10k_htt_rx_tx_compl_ind(htt->ar, skb);
2400 break;
2401 case HTT_T2H_MSG_TYPE_SEC_IND: {
2402 struct ath10k *ar = htt->ar;
2403 struct htt_security_indication *ev = &resp->security_indication;
2404
2405 ath10k_dbg(ar, ATH10K_DBG_HTT,
2406 "sec ind peer_id %d unicast %d type %d\n",
2407 __le16_to_cpu(ev->peer_id),
2408 !!(ev->flags & HTT_SECURITY_IS_UNICAST),
2409 MS(ev->flags, HTT_SECURITY_TYPE));
2410 complete(&ar->install_key_done);
2411 break;
2412 }
2413 case HTT_T2H_MSG_TYPE_RX_FRAG_IND: {
2414 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt event: ",
2415 skb->data, skb->len);
2416 atomic_inc(&htt->num_mpdus_ready);
2417 break;
2418 }
2419 case HTT_T2H_MSG_TYPE_TEST:
2420 break;
2421 case HTT_T2H_MSG_TYPE_STATS_CONF:
2422 trace_ath10k_htt_stats(ar, skb->data, skb->len);
2423 break;
2424 case HTT_T2H_MSG_TYPE_TX_INSPECT_IND:
2425
2426
2427
2428
2429
2430 ath10k_warn(ar, "received an unexpected htt tx inspect event\n");
2431 break;
2432 case HTT_T2H_MSG_TYPE_RX_ADDBA:
2433 ath10k_htt_rx_addba(ar, resp);
2434 break;
2435 case HTT_T2H_MSG_TYPE_RX_DELBA:
2436 ath10k_htt_rx_delba(ar, resp);
2437 break;
2438 case HTT_T2H_MSG_TYPE_PKTLOG: {
2439 trace_ath10k_htt_pktlog(ar, resp->pktlog_msg.payload,
2440 skb->len -
2441 offsetof(struct htt_resp,
2442 pktlog_msg.payload));
2443 break;
2444 }
2445 case HTT_T2H_MSG_TYPE_RX_FLUSH: {
2446
2447
2448
2449 break;
2450 }
2451 case HTT_T2H_MSG_TYPE_RX_IN_ORD_PADDR_IND: {
2452 __skb_queue_tail(&htt->rx_in_ord_compl_q, skb);
2453 return false;
2454 }
2455 case HTT_T2H_MSG_TYPE_TX_CREDIT_UPDATE_IND:
2456 break;
2457 case HTT_T2H_MSG_TYPE_CHAN_CHANGE: {
2458 u32 phymode = __le32_to_cpu(resp->chan_change.phymode);
2459 u32 freq = __le32_to_cpu(resp->chan_change.freq);
2460
2461 ar->tgt_oper_chan = ieee80211_get_channel(ar->hw->wiphy, freq);
2462 ath10k_dbg(ar, ATH10K_DBG_HTT,
2463 "htt chan change freq %u phymode %s\n",
2464 freq, ath10k_wmi_phymode_str(phymode));
2465 break;
2466 }
2467 case HTT_T2H_MSG_TYPE_AGGR_CONF:
2468 break;
2469 case HTT_T2H_MSG_TYPE_TX_FETCH_IND: {
2470 struct sk_buff *tx_fetch_ind = skb_copy(skb, GFP_ATOMIC);
2471
2472 if (!tx_fetch_ind) {
2473 ath10k_warn(ar, "failed to copy htt tx fetch ind\n");
2474 break;
2475 }
2476 skb_queue_tail(&htt->tx_fetch_ind_q, tx_fetch_ind);
2477 break;
2478 }
2479 case HTT_T2H_MSG_TYPE_TX_FETCH_CONFIRM:
2480 ath10k_htt_rx_tx_fetch_confirm(ar, skb);
2481 break;
2482 case HTT_T2H_MSG_TYPE_TX_MODE_SWITCH_IND:
2483 ath10k_htt_rx_tx_mode_switch_ind(ar, skb);
2484 break;
2485 case HTT_T2H_MSG_TYPE_PEER_STATS:
2486 ath10k_htt_fetch_peer_stats(ar, skb);
2487 break;
2488 case HTT_T2H_MSG_TYPE_EN_STATS:
2489 default:
2490 ath10k_warn(ar, "htt event (%d) not handled\n",
2491 resp->hdr.msg_type);
2492 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt event: ",
2493 skb->data, skb->len);
2494 break;
2495 }
2496 return true;
2497}
2498EXPORT_SYMBOL(ath10k_htt_t2h_msg_handler);
2499
2500void ath10k_htt_rx_pktlog_completion_handler(struct ath10k *ar,
2501 struct sk_buff *skb)
2502{
2503 trace_ath10k_htt_pktlog(ar, skb->data, skb->len);
2504 dev_kfree_skb_any(skb);
2505}
2506EXPORT_SYMBOL(ath10k_htt_rx_pktlog_completion_handler);
2507
2508int ath10k_htt_txrx_compl_task(struct ath10k *ar, int budget)
2509{
2510 struct ath10k_htt *htt = &ar->htt;
2511 struct htt_tx_done tx_done = {};
2512 struct sk_buff_head tx_ind_q;
2513 struct sk_buff *skb;
2514 unsigned long flags;
2515 int quota = 0, done, num_rx_msdus;
2516 bool resched_napi = false;
2517
2518 __skb_queue_head_init(&tx_ind_q);
2519
2520
2521
2522
2523 while (quota < budget) {
2524 if (skb_queue_empty(&htt->rx_in_ord_compl_q))
2525 break;
2526
2527 skb = __skb_dequeue(&htt->rx_in_ord_compl_q);
2528 if (!skb) {
2529 resched_napi = true;
2530 goto exit;
2531 }
2532
2533 spin_lock_bh(&htt->rx_ring.lock);
2534 num_rx_msdus = ath10k_htt_rx_in_ord_ind(ar, skb);
2535 spin_unlock_bh(&htt->rx_ring.lock);
2536 if (num_rx_msdus < 0) {
2537 resched_napi = true;
2538 goto exit;
2539 }
2540
2541 dev_kfree_skb_any(skb);
2542 if (num_rx_msdus > 0)
2543 quota += num_rx_msdus;
2544
2545 if ((quota > ATH10K_NAPI_QUOTA_LIMIT) &&
2546 !skb_queue_empty(&htt->rx_in_ord_compl_q)) {
2547 resched_napi = true;
2548 goto exit;
2549 }
2550 }
2551
2552 while (quota < budget) {
2553
2554 if (!atomic_read(&htt->num_mpdus_ready))
2555 break;
2556
2557 num_rx_msdus = ath10k_htt_rx_handle_amsdu(htt);
2558 if (num_rx_msdus < 0) {
2559 resched_napi = true;
2560 goto exit;
2561 }
2562
2563 quota += num_rx_msdus;
2564 atomic_dec(&htt->num_mpdus_ready);
2565 if ((quota > ATH10K_NAPI_QUOTA_LIMIT) &&
2566 atomic_read(&htt->num_mpdus_ready)) {
2567 resched_napi = true;
2568 goto exit;
2569 }
2570 }
2571
2572
2573
2574
2575
2576
2577 if ((quota < budget) && !kfifo_is_empty(&htt->txdone_fifo))
2578 quota = budget;
2579
2580
2581
2582
2583
2584
2585 while (kfifo_get(&htt->txdone_fifo, &tx_done))
2586 ath10k_txrx_tx_unref(htt, &tx_done);
2587
2588 ath10k_mac_tx_push_pending(ar);
2589
2590 spin_lock_irqsave(&htt->tx_fetch_ind_q.lock, flags);
2591 skb_queue_splice_init(&htt->tx_fetch_ind_q, &tx_ind_q);
2592 spin_unlock_irqrestore(&htt->tx_fetch_ind_q.lock, flags);
2593
2594 while ((skb = __skb_dequeue(&tx_ind_q))) {
2595 ath10k_htt_rx_tx_fetch_ind(ar, skb);
2596 dev_kfree_skb_any(skb);
2597 }
2598
2599exit:
2600 ath10k_htt_rx_msdu_buff_replenish(htt);
2601
2602
2603
2604 done = resched_napi ? budget : quota;
2605
2606 return done;
2607}
2608EXPORT_SYMBOL(ath10k_htt_txrx_compl_task);
2609
