1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39#include <linux/kernel.h>
40#include <linux/netdevice.h>
41#include <linux/sched.h>
42#include <linux/etherdevice.h>
43#include <linux/wireless.h>
44#include <linux/ieee80211.h>
45#include <linux/if_arp.h>
46#include <linux/list.h>
47#include <net/iw_handler.h>
48
49#include "iwm.h"
50#include "debug.h"
51#include "hal.h"
52#include "umac.h"
53#include "lmac.h"
54#include "commands.h"
55#include "rx.h"
56#include "cfg80211.h"
57#include "eeprom.h"
58
59static int iwm_rx_check_udma_hdr(struct iwm_udma_in_hdr *hdr)
60{
61 if ((le32_to_cpu(hdr->cmd) == UMAC_PAD_TERMINAL) ||
62 (le32_to_cpu(hdr->size) == UMAC_PAD_TERMINAL))
63 return -EINVAL;
64
65 return 0;
66}
67
68static inline int iwm_rx_resp_size(struct iwm_udma_in_hdr *hdr)
69{
70 return ALIGN(le32_to_cpu(hdr->size) + sizeof(struct iwm_udma_in_hdr),
71 16);
72}
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97static int iwm_ntf_error(struct iwm_priv *iwm, u8 *buf,
98 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
99{
100 struct iwm_umac_notif_error *error;
101 struct iwm_fw_error_hdr *fw_err;
102
103 error = (struct iwm_umac_notif_error *)buf;
104 fw_err = &error->err;
105
106 memcpy(iwm->last_fw_err, fw_err, sizeof(struct iwm_fw_error_hdr));
107
108 IWM_ERR(iwm, "%cMAC FW ERROR:\n",
109 (le32_to_cpu(fw_err->category) == UMAC_SYS_ERR_CAT_LMAC) ? 'L' : 'U');
110 IWM_ERR(iwm, "\tCategory: %d\n", le32_to_cpu(fw_err->category));
111 IWM_ERR(iwm, "\tStatus: 0x%x\n", le32_to_cpu(fw_err->status));
112 IWM_ERR(iwm, "\tPC: 0x%x\n", le32_to_cpu(fw_err->pc));
113 IWM_ERR(iwm, "\tblink1: %d\n", le32_to_cpu(fw_err->blink1));
114 IWM_ERR(iwm, "\tblink2: %d\n", le32_to_cpu(fw_err->blink2));
115 IWM_ERR(iwm, "\tilink1: %d\n", le32_to_cpu(fw_err->ilink1));
116 IWM_ERR(iwm, "\tilink2: %d\n", le32_to_cpu(fw_err->ilink2));
117 IWM_ERR(iwm, "\tData1: 0x%x\n", le32_to_cpu(fw_err->data1));
118 IWM_ERR(iwm, "\tData2: 0x%x\n", le32_to_cpu(fw_err->data2));
119 IWM_ERR(iwm, "\tLine number: %d\n", le32_to_cpu(fw_err->line_num));
120 IWM_ERR(iwm, "\tUMAC status: 0x%x\n", le32_to_cpu(fw_err->umac_status));
121 IWM_ERR(iwm, "\tLMAC status: 0x%x\n", le32_to_cpu(fw_err->lmac_status));
122 IWM_ERR(iwm, "\tSDIO status: 0x%x\n", le32_to_cpu(fw_err->sdio_status));
123
124 iwm_resetting(iwm);
125
126 return 0;
127}
128
129static int iwm_ntf_umac_alive(struct iwm_priv *iwm, u8 *buf,
130 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
131{
132 struct iwm_umac_notif_alive *alive_resp =
133 (struct iwm_umac_notif_alive *)(buf);
134 u16 status = le16_to_cpu(alive_resp->status);
135
136 if (status == UMAC_NTFY_ALIVE_STATUS_ERR) {
137 IWM_ERR(iwm, "Receive error UMAC_ALIVE\n");
138 return -EIO;
139 }
140
141 iwm_tx_credit_init_pools(iwm, alive_resp);
142
143 return 0;
144}
145
146static int iwm_ntf_init_complete(struct iwm_priv *iwm, u8 *buf,
147 unsigned long buf_size,
148 struct iwm_wifi_cmd *cmd)
149{
150 struct wiphy *wiphy = iwm_to_wiphy(iwm);
151 struct iwm_umac_notif_init_complete *init_complete =
152 (struct iwm_umac_notif_init_complete *)(buf);
153 u16 status = le16_to_cpu(init_complete->status);
154 bool blocked = (status == UMAC_NTFY_INIT_COMPLETE_STATUS_ERR);
155
156 if (blocked)
157 IWM_DBG_NTF(iwm, DBG, "Hardware rf kill is on (radio off)\n");
158 else
159 IWM_DBG_NTF(iwm, DBG, "Hardware rf kill is off (radio on)\n");
160
161 wiphy_rfkill_set_hw_state(wiphy, blocked);
162
163 return 0;
164}
165
166static int iwm_ntf_tx_credit_update(struct iwm_priv *iwm, u8 *buf,
167 unsigned long buf_size,
168 struct iwm_wifi_cmd *cmd)
169{
170 int pool_nr, total_freed_pages;
171 unsigned long pool_map;
172 int i, id;
173 struct iwm_umac_notif_page_dealloc *dealloc =
174 (struct iwm_umac_notif_page_dealloc *)buf;
175
176 pool_nr = GET_VAL32(dealloc->changes, UMAC_DEALLOC_NTFY_CHANGES_CNT);
177 pool_map = GET_VAL32(dealloc->changes, UMAC_DEALLOC_NTFY_CHANGES_MSK);
178
179 IWM_DBG_TX(iwm, DBG, "UMAC dealloc notification: pool nr %d, "
180 "update map 0x%lx\n", pool_nr, pool_map);
181
182 spin_lock(&iwm->tx_credit.lock);
183
184 for (i = 0; i < pool_nr; i++) {
185 id = GET_VAL32(dealloc->grp_info[i],
186 UMAC_DEALLOC_NTFY_GROUP_NUM);
187 if (test_bit(id, &pool_map)) {
188 total_freed_pages = GET_VAL32(dealloc->grp_info[i],
189 UMAC_DEALLOC_NTFY_PAGE_CNT);
190 iwm_tx_credit_inc(iwm, id, total_freed_pages);
191 }
192 }
193
194 spin_unlock(&iwm->tx_credit.lock);
195
196 return 0;
197}
198
199static int iwm_ntf_umac_reset(struct iwm_priv *iwm, u8 *buf,
200 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
201{
202 IWM_DBG_NTF(iwm, DBG, "UMAC RESET done\n");
203
204 return 0;
205}
206
207static int iwm_ntf_lmac_version(struct iwm_priv *iwm, u8 *buf,
208 unsigned long buf_size,
209 struct iwm_wifi_cmd *cmd)
210{
211 IWM_DBG_NTF(iwm, INFO, "LMAC Version: %x.%x\n", buf[9], buf[8]);
212
213 return 0;
214}
215
216static int iwm_ntf_tx(struct iwm_priv *iwm, u8 *buf,
217 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
218{
219 struct iwm_lmac_tx_resp *tx_resp;
220 struct iwm_umac_wifi_in_hdr *hdr;
221
222 tx_resp = (struct iwm_lmac_tx_resp *)
223 (buf + sizeof(struct iwm_umac_wifi_in_hdr));
224 hdr = (struct iwm_umac_wifi_in_hdr *)buf;
225
226 IWM_DBG_TX(iwm, DBG, "REPLY_TX, buf size: %lu\n", buf_size);
227
228 IWM_DBG_TX(iwm, DBG, "Seqnum: %d\n",
229 le16_to_cpu(hdr->sw_hdr.cmd.seq_num));
230 IWM_DBG_TX(iwm, DBG, "\tFrame cnt: %d\n", tx_resp->frame_cnt);
231 IWM_DBG_TX(iwm, DBG, "\tRetry cnt: %d\n",
232 le16_to_cpu(tx_resp->retry_cnt));
233 IWM_DBG_TX(iwm, DBG, "\tSeq ctl: %d\n", le16_to_cpu(tx_resp->seq_ctl));
234 IWM_DBG_TX(iwm, DBG, "\tByte cnt: %d\n",
235 le16_to_cpu(tx_resp->byte_cnt));
236 IWM_DBG_TX(iwm, DBG, "\tStatus: 0x%x\n", le32_to_cpu(tx_resp->status));
237
238 return 0;
239}
240
241
242static int iwm_ntf_calib_res(struct iwm_priv *iwm, u8 *buf,
243 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
244{
245 u8 opcode;
246 u8 *calib_buf;
247 struct iwm_lmac_calib_hdr *hdr = (struct iwm_lmac_calib_hdr *)
248 (buf + sizeof(struct iwm_umac_wifi_in_hdr));
249
250 opcode = hdr->opcode;
251
252 BUG_ON(opcode >= CALIBRATION_CMD_NUM ||
253 opcode < PHY_CALIBRATE_OPCODES_NUM);
254
255 IWM_DBG_NTF(iwm, DBG, "Store calibration result for opcode: %d\n",
256 opcode);
257
258 buf_size -= sizeof(struct iwm_umac_wifi_in_hdr);
259 calib_buf = iwm->calib_res[opcode].buf;
260
261 if (!calib_buf || (iwm->calib_res[opcode].size < buf_size)) {
262 kfree(calib_buf);
263 calib_buf = kzalloc(buf_size, GFP_KERNEL);
264 if (!calib_buf) {
265 IWM_ERR(iwm, "Memory allocation failed: calib_res\n");
266 return -ENOMEM;
267 }
268 iwm->calib_res[opcode].buf = calib_buf;
269 iwm->calib_res[opcode].size = buf_size;
270 }
271
272 memcpy(calib_buf, hdr, buf_size);
273 set_bit(opcode - PHY_CALIBRATE_OPCODES_NUM, &iwm->calib_done_map);
274
275 return 0;
276}
277
278static int iwm_ntf_calib_complete(struct iwm_priv *iwm, u8 *buf,
279 unsigned long buf_size,
280 struct iwm_wifi_cmd *cmd)
281{
282 IWM_DBG_NTF(iwm, DBG, "Calibration completed\n");
283
284 return 0;
285}
286
287static int iwm_ntf_calib_cfg(struct iwm_priv *iwm, u8 *buf,
288 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
289{
290 struct iwm_lmac_cal_cfg_resp *cal_resp;
291
292 cal_resp = (struct iwm_lmac_cal_cfg_resp *)
293 (buf + sizeof(struct iwm_umac_wifi_in_hdr));
294
295 IWM_DBG_NTF(iwm, DBG, "Calibration CFG command status: %d\n",
296 le32_to_cpu(cal_resp->status));
297
298 return 0;
299}
300
301static int iwm_ntf_wifi_status(struct iwm_priv *iwm, u8 *buf,
302 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
303{
304 struct iwm_umac_notif_wifi_status *status =
305 (struct iwm_umac_notif_wifi_status *)buf;
306
307 iwm->core_enabled |= le16_to_cpu(status->status);
308
309 return 0;
310}
311
312static struct iwm_rx_ticket_node *
313iwm_rx_ticket_node_alloc(struct iwm_priv *iwm, struct iwm_rx_ticket *ticket)
314{
315 struct iwm_rx_ticket_node *ticket_node;
316
317 ticket_node = kzalloc(sizeof(struct iwm_rx_ticket_node), GFP_KERNEL);
318 if (!ticket_node) {
319 IWM_ERR(iwm, "Couldn't allocate ticket node\n");
320 return ERR_PTR(-ENOMEM);
321 }
322
323 ticket_node->ticket = kzalloc(sizeof(struct iwm_rx_ticket), GFP_KERNEL);
324 if (!ticket_node->ticket) {
325 IWM_ERR(iwm, "Couldn't allocate RX ticket\n");
326 kfree(ticket_node);
327 return ERR_PTR(-ENOMEM);
328 }
329
330 memcpy(ticket_node->ticket, ticket, sizeof(struct iwm_rx_ticket));
331 INIT_LIST_HEAD(&ticket_node->node);
332
333 return ticket_node;
334}
335
336static void iwm_rx_ticket_node_free(struct iwm_rx_ticket_node *ticket_node)
337{
338 kfree(ticket_node->ticket);
339 kfree(ticket_node);
340}
341
342static struct iwm_rx_packet *iwm_rx_packet_get(struct iwm_priv *iwm, u16 id)
343{
344 u8 id_hash = IWM_RX_ID_GET_HASH(id);
345 struct list_head *packet_list;
346 struct iwm_rx_packet *packet, *next;
347
348 packet_list = &iwm->rx_packets[id_hash];
349
350 list_for_each_entry_safe(packet, next, packet_list, node)
351 if (packet->id == id)
352 return packet;
353
354 return NULL;
355}
356
357static struct iwm_rx_packet *iwm_rx_packet_alloc(struct iwm_priv *iwm, u8 *buf,
358 u32 size, u16 id)
359{
360 struct iwm_rx_packet *packet;
361
362 packet = kzalloc(sizeof(struct iwm_rx_packet), GFP_KERNEL);
363 if (!packet) {
364 IWM_ERR(iwm, "Couldn't allocate packet\n");
365 return ERR_PTR(-ENOMEM);
366 }
367
368 packet->skb = dev_alloc_skb(size);
369 if (!packet->skb) {
370 IWM_ERR(iwm, "Couldn't allocate packet SKB\n");
371 kfree(packet);
372 return ERR_PTR(-ENOMEM);
373 }
374
375 packet->pkt_size = size;
376
377 skb_put(packet->skb, size);
378 memcpy(packet->skb->data, buf, size);
379 INIT_LIST_HEAD(&packet->node);
380 packet->id = id;
381
382 return packet;
383}
384
385void iwm_rx_free(struct iwm_priv *iwm)
386{
387 struct iwm_rx_ticket_node *ticket, *nt;
388 struct iwm_rx_packet *packet, *np;
389 int i;
390
391 list_for_each_entry_safe(ticket, nt, &iwm->rx_tickets, node) {
392 list_del(&ticket->node);
393 iwm_rx_ticket_node_free(ticket);
394 }
395
396 for (i = 0; i < IWM_RX_ID_HASH; i++) {
397 list_for_each_entry_safe(packet, np, &iwm->rx_packets[i],
398 node) {
399 list_del(&packet->node);
400 kfree_skb(packet->skb);
401 kfree(packet);
402 }
403 }
404}
405
406static int iwm_ntf_rx_ticket(struct iwm_priv *iwm, u8 *buf,
407 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
408{
409 struct iwm_umac_notif_rx_ticket *ntf_rx_ticket =
410 (struct iwm_umac_notif_rx_ticket *)buf;
411 struct iwm_rx_ticket *ticket =
412 (struct iwm_rx_ticket *)ntf_rx_ticket->tickets;
413 int i, schedule_rx = 0;
414
415 for (i = 0; i < ntf_rx_ticket->num_tickets; i++) {
416 struct iwm_rx_ticket_node *ticket_node;
417
418 switch (le16_to_cpu(ticket->action)) {
419 case IWM_RX_TICKET_RELEASE:
420 case IWM_RX_TICKET_DROP:
421
422 ticket_node = iwm_rx_ticket_node_alloc(iwm, ticket);
423 if (IS_ERR(ticket_node))
424 return PTR_ERR(ticket_node);
425
426 IWM_DBG_RX(iwm, DBG, "TICKET RELEASE(%d)\n",
427 ticket->id);
428 list_add_tail(&ticket_node->node, &iwm->rx_tickets);
429
430
431
432
433
434
435
436 schedule_rx = 1;
437
438 break;
439
440 default:
441 IWM_ERR(iwm, "Invalid RX ticket action: 0x%x\n",
442 ticket->action);
443 }
444
445 ticket++;
446 }
447
448 if (schedule_rx)
449 queue_work(iwm->rx_wq, &iwm->rx_worker);
450
451 return 0;
452}
453
454static int iwm_ntf_rx_packet(struct iwm_priv *iwm, u8 *buf,
455 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
456{
457 struct iwm_umac_wifi_in_hdr *wifi_hdr;
458 struct iwm_rx_packet *packet;
459 u16 id, buf_offset;
460 u32 packet_size;
461
462 IWM_DBG_RX(iwm, DBG, "\n");
463
464 wifi_hdr = (struct iwm_umac_wifi_in_hdr *)buf;
465 id = le16_to_cpu(wifi_hdr->sw_hdr.cmd.seq_num);
466 buf_offset = sizeof(struct iwm_umac_wifi_in_hdr);
467 packet_size = buf_size - sizeof(struct iwm_umac_wifi_in_hdr);
468
469 IWM_DBG_RX(iwm, DBG, "CMD:0x%x, seqnum: %d, packet size: %d\n",
470 wifi_hdr->sw_hdr.cmd.cmd, id, packet_size);
471 IWM_DBG_RX(iwm, DBG, "Packet id: %d\n", id);
472 IWM_HEXDUMP(iwm, DBG, RX, "PACKET: ", buf + buf_offset, packet_size);
473
474 packet = iwm_rx_packet_alloc(iwm, buf + buf_offset, packet_size, id);
475 if (IS_ERR(packet))
476 return PTR_ERR(packet);
477
478 list_add_tail(&packet->node, &iwm->rx_packets[IWM_RX_ID_GET_HASH(id)]);
479
480
481 queue_work(iwm->rx_wq, &iwm->rx_worker);
482
483 return 0;
484}
485
486
487static int iwm_mlme_assoc_start(struct iwm_priv *iwm, u8 *buf,
488 unsigned long buf_size,
489 struct iwm_wifi_cmd *cmd)
490{
491 struct iwm_umac_notif_assoc_start *start;
492
493 start = (struct iwm_umac_notif_assoc_start *)buf;
494
495 IWM_DBG_MLME(iwm, INFO, "Association with %pM Started, reason: %d\n",
496 start->bssid, le32_to_cpu(start->roam_reason));
497
498 wake_up_interruptible(&iwm->mlme_queue);
499
500 return 0;
501}
502
503static int iwm_mlme_assoc_complete(struct iwm_priv *iwm, u8 *buf,
504 unsigned long buf_size,
505 struct iwm_wifi_cmd *cmd)
506{
507 struct iwm_umac_notif_assoc_complete *complete =
508 (struct iwm_umac_notif_assoc_complete *)buf;
509
510 IWM_DBG_MLME(iwm, INFO, "Association with %pM completed, status: %d\n",
511 complete->bssid, complete->status);
512
513 switch (le32_to_cpu(complete->status)) {
514 case UMAC_ASSOC_COMPLETE_SUCCESS:
515 set_bit(IWM_STATUS_ASSOCIATED, &iwm->status);
516 memcpy(iwm->bssid, complete->bssid, ETH_ALEN);
517 iwm->channel = complete->channel;
518
519
520 if (!test_and_clear_bit(IWM_STATUS_SME_CONNECTING, &iwm->status)
521 && iwm->conf.mode == UMAC_MODE_BSS) {
522 cancel_delayed_work(&iwm->disconnect);
523 cfg80211_roamed(iwm_to_ndev(iwm),
524 complete->bssid,
525 iwm->req_ie, iwm->req_ie_len,
526 iwm->resp_ie, iwm->resp_ie_len,
527 GFP_KERNEL);
528 break;
529 }
530
531 iwm_link_on(iwm);
532
533 if (iwm->conf.mode == UMAC_MODE_IBSS)
534 goto ibss;
535
536 if (!test_bit(IWM_STATUS_RESETTING, &iwm->status))
537 cfg80211_connect_result(iwm_to_ndev(iwm),
538 complete->bssid,
539 iwm->req_ie, iwm->req_ie_len,
540 iwm->resp_ie, iwm->resp_ie_len,
541 WLAN_STATUS_SUCCESS,
542 GFP_KERNEL);
543 else
544 cfg80211_roamed(iwm_to_ndev(iwm),
545 complete->bssid,
546 iwm->req_ie, iwm->req_ie_len,
547 iwm->resp_ie, iwm->resp_ie_len,
548 GFP_KERNEL);
549 break;
550 case UMAC_ASSOC_COMPLETE_FAILURE:
551 clear_bit(IWM_STATUS_ASSOCIATED, &iwm->status);
552 memset(iwm->bssid, 0, ETH_ALEN);
553 iwm->channel = 0;
554
555
556 if (!test_and_clear_bit(IWM_STATUS_SME_CONNECTING, &iwm->status)
557 && iwm->conf.mode == UMAC_MODE_BSS) {
558 cancel_delayed_work(&iwm->disconnect);
559 break;
560 }
561
562 iwm_link_off(iwm);
563
564 if (iwm->conf.mode == UMAC_MODE_IBSS)
565 goto ibss;
566
567 if (!test_bit(IWM_STATUS_RESETTING, &iwm->status))
568 cfg80211_connect_result(iwm_to_ndev(iwm),
569 complete->bssid,
570 NULL, 0, NULL, 0,
571 WLAN_STATUS_UNSPECIFIED_FAILURE,
572 GFP_KERNEL);
573 else
574 cfg80211_disconnected(iwm_to_ndev(iwm), 0, NULL, 0,
575 GFP_KERNEL);
576 break;
577 default:
578 break;
579 }
580
581 clear_bit(IWM_STATUS_RESETTING, &iwm->status);
582 return 0;
583
584 ibss:
585 cfg80211_ibss_joined(iwm_to_ndev(iwm), iwm->bssid, GFP_KERNEL);
586 clear_bit(IWM_STATUS_RESETTING, &iwm->status);
587 return 0;
588}
589
590static int iwm_mlme_profile_invalidate(struct iwm_priv *iwm, u8 *buf,
591 unsigned long buf_size,
592 struct iwm_wifi_cmd *cmd)
593{
594 struct iwm_umac_notif_profile_invalidate *invalid;
595 u32 reason;
596
597 invalid = (struct iwm_umac_notif_profile_invalidate *)buf;
598 reason = le32_to_cpu(invalid->reason);
599
600 IWM_DBG_MLME(iwm, INFO, "Profile Invalidated. Reason: %d\n", reason);
601
602 if (reason != UMAC_PROFILE_INVALID_REQUEST &&
603 test_bit(IWM_STATUS_SME_CONNECTING, &iwm->status))
604 cfg80211_connect_result(iwm_to_ndev(iwm), NULL, NULL, 0, NULL,
605 0, WLAN_STATUS_UNSPECIFIED_FAILURE,
606 GFP_KERNEL);
607
608 clear_bit(IWM_STATUS_SME_CONNECTING, &iwm->status);
609 clear_bit(IWM_STATUS_ASSOCIATED, &iwm->status);
610
611 iwm->umac_profile_active = 0;
612 memset(iwm->bssid, 0, ETH_ALEN);
613 iwm->channel = 0;
614
615 iwm_link_off(iwm);
616
617 wake_up_interruptible(&iwm->mlme_queue);
618
619 return 0;
620}
621
622#define IWM_DISCONNECT_INTERVAL (5 * HZ)
623
624static int iwm_mlme_connection_terminated(struct iwm_priv *iwm, u8 *buf,
625 unsigned long buf_size,
626 struct iwm_wifi_cmd *cmd)
627{
628 IWM_DBG_MLME(iwm, DBG, "Connection terminated\n");
629
630 schedule_delayed_work(&iwm->disconnect, IWM_DISCONNECT_INTERVAL);
631
632 return 0;
633}
634
635static int iwm_mlme_scan_complete(struct iwm_priv *iwm, u8 *buf,
636 unsigned long buf_size,
637 struct iwm_wifi_cmd *cmd)
638{
639 int ret;
640 struct iwm_umac_notif_scan_complete *scan_complete =
641 (struct iwm_umac_notif_scan_complete *)buf;
642 u32 result = le32_to_cpu(scan_complete->result);
643
644 IWM_DBG_MLME(iwm, INFO, "type:0x%x result:0x%x seq:%d\n",
645 le32_to_cpu(scan_complete->type),
646 le32_to_cpu(scan_complete->result),
647 scan_complete->seq_num);
648
649 if (!test_and_clear_bit(IWM_STATUS_SCANNING, &iwm->status)) {
650 IWM_ERR(iwm, "Scan complete while device not scanning\n");
651 return -EIO;
652 }
653 if (!iwm->scan_request)
654 return 0;
655
656 ret = iwm_cfg80211_inform_bss(iwm);
657
658 cfg80211_scan_done(iwm->scan_request,
659 (result & UMAC_SCAN_RESULT_ABORTED) ? 1 : !!ret);
660 iwm->scan_request = NULL;
661
662 return ret;
663}
664
665static int iwm_mlme_update_sta_table(struct iwm_priv *iwm, u8 *buf,
666 unsigned long buf_size,
667 struct iwm_wifi_cmd *cmd)
668{
669 struct iwm_umac_notif_sta_info *umac_sta =
670 (struct iwm_umac_notif_sta_info *)buf;
671 struct iwm_sta_info *sta;
672 int i;
673
674 switch (le32_to_cpu(umac_sta->opcode)) {
675 case UMAC_OPCODE_ADD_MODIFY:
676 sta = &iwm->sta_table[GET_VAL8(umac_sta->sta_id, LMAC_STA_ID)];
677
678 IWM_DBG_MLME(iwm, INFO, "%s STA: ID = %d, Color = %d, "
679 "addr = %pM, qos = %d\n",
680 sta->valid ? "Modify" : "Add",
681 GET_VAL8(umac_sta->sta_id, LMAC_STA_ID),
682 GET_VAL8(umac_sta->sta_id, LMAC_STA_COLOR),
683 umac_sta->mac_addr,
684 umac_sta->flags & UMAC_STA_FLAG_QOS);
685
686 sta->valid = 1;
687 sta->qos = umac_sta->flags & UMAC_STA_FLAG_QOS;
688 sta->color = GET_VAL8(umac_sta->sta_id, LMAC_STA_COLOR);
689 memcpy(sta->addr, umac_sta->mac_addr, ETH_ALEN);
690 break;
691 case UMAC_OPCODE_REMOVE:
692 IWM_DBG_MLME(iwm, INFO, "Remove STA: ID = %d, Color = %d, "
693 "addr = %pM\n",
694 GET_VAL8(umac_sta->sta_id, LMAC_STA_ID),
695 GET_VAL8(umac_sta->sta_id, LMAC_STA_COLOR),
696 umac_sta->mac_addr);
697
698 sta = &iwm->sta_table[GET_VAL8(umac_sta->sta_id, LMAC_STA_ID)];
699
700 if (!memcmp(sta->addr, umac_sta->mac_addr, ETH_ALEN))
701 sta->valid = 0;
702
703 break;
704 case UMAC_OPCODE_CLEAR_ALL:
705 for (i = 0; i < IWM_STA_TABLE_NUM; i++)
706 iwm->sta_table[i].valid = 0;
707
708 break;
709 default:
710 break;
711 }
712
713 return 0;
714}
715
716static int iwm_mlme_update_bss_table(struct iwm_priv *iwm, u8 *buf,
717 unsigned long buf_size,
718 struct iwm_wifi_cmd *cmd)
719{
720 struct wiphy *wiphy = iwm_to_wiphy(iwm);
721 struct ieee80211_mgmt *mgmt;
722 struct iwm_umac_notif_bss_info *umac_bss =
723 (struct iwm_umac_notif_bss_info *)buf;
724 struct ieee80211_channel *channel;
725 struct ieee80211_supported_band *band;
726 struct iwm_bss_info *bss, *next;
727 s32 signal;
728 int freq;
729 u16 frame_len = le16_to_cpu(umac_bss->frame_len);
730 size_t bss_len = sizeof(struct iwm_umac_notif_bss_info) + frame_len;
731
732 mgmt = (struct ieee80211_mgmt *)(umac_bss->frame_buf);
733
734 IWM_DBG_MLME(iwm, DBG, "New BSS info entry: %pM\n", mgmt->bssid);
735 IWM_DBG_MLME(iwm, DBG, "\tType: 0x%x\n", le32_to_cpu(umac_bss->type));
736 IWM_DBG_MLME(iwm, DBG, "\tTimestamp: %d\n",
737 le32_to_cpu(umac_bss->timestamp));
738 IWM_DBG_MLME(iwm, DBG, "\tTable Index: %d\n",
739 le16_to_cpu(umac_bss->table_idx));
740 IWM_DBG_MLME(iwm, DBG, "\tBand: %d\n", umac_bss->band);
741 IWM_DBG_MLME(iwm, DBG, "\tChannel: %d\n", umac_bss->channel);
742 IWM_DBG_MLME(iwm, DBG, "\tRSSI: %d\n", umac_bss->rssi);
743 IWM_DBG_MLME(iwm, DBG, "\tFrame Length: %d\n", frame_len);
744
745 list_for_each_entry_safe(bss, next, &iwm->bss_list, node)
746 if (bss->bss->table_idx == umac_bss->table_idx)
747 break;
748
749 if (&bss->node != &iwm->bss_list) {
750
751 list_del(&bss->node);
752 kfree(bss->bss);
753 } else {
754
755
756 bss = kzalloc(sizeof(struct iwm_bss_info), GFP_KERNEL);
757 if (!bss) {
758 IWM_ERR(iwm, "Couldn't allocate bss_info\n");
759 return -ENOMEM;
760 }
761 }
762
763 bss->bss = kzalloc(bss_len, GFP_KERNEL);
764 if (!bss) {
765 kfree(bss);
766 IWM_ERR(iwm, "Couldn't allocate bss\n");
767 return -ENOMEM;
768 }
769
770 INIT_LIST_HEAD(&bss->node);
771 memcpy(bss->bss, umac_bss, bss_len);
772
773 if (umac_bss->band == UMAC_BAND_2GHZ)
774 band = wiphy->bands[IEEE80211_BAND_2GHZ];
775 else if (umac_bss->band == UMAC_BAND_5GHZ)
776 band = wiphy->bands[IEEE80211_BAND_5GHZ];
777 else {
778 IWM_ERR(iwm, "Invalid band: %d\n", umac_bss->band);
779 goto err;
780 }
781
782 freq = ieee80211_channel_to_frequency(umac_bss->channel);
783 channel = ieee80211_get_channel(wiphy, freq);
784 signal = umac_bss->rssi * 100;
785
786 bss->cfg_bss = cfg80211_inform_bss_frame(wiphy, channel,
787 mgmt, frame_len,
788 signal, GFP_KERNEL);
789 if (!bss->cfg_bss)
790 goto err;
791
792 list_add_tail(&bss->node, &iwm->bss_list);
793
794 return 0;
795 err:
796 kfree(bss->bss);
797 kfree(bss);
798
799 return -EINVAL;
800}
801
802static int iwm_mlme_remove_bss(struct iwm_priv *iwm, u8 *buf,
803 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
804{
805 struct iwm_umac_notif_bss_removed *bss_rm =
806 (struct iwm_umac_notif_bss_removed *)buf;
807 struct iwm_bss_info *bss, *next;
808 u16 table_idx;
809 int i;
810
811 for (i = 0; i < le32_to_cpu(bss_rm->count); i++) {
812 table_idx = (le16_to_cpu(bss_rm->entries[i])
813 & IWM_BSS_REMOVE_INDEX_MSK);
814 list_for_each_entry_safe(bss, next, &iwm->bss_list, node)
815 if (bss->bss->table_idx == cpu_to_le16(table_idx)) {
816 struct ieee80211_mgmt *mgmt;
817
818 mgmt = (struct ieee80211_mgmt *)
819 (bss->bss->frame_buf);
820 IWM_DBG_MLME(iwm, ERR,
821 "BSS removed: %pM\n",
822 mgmt->bssid);
823 list_del(&bss->node);
824 kfree(bss->bss);
825 kfree(bss);
826 }
827 }
828
829 return 0;
830}
831
832static int iwm_mlme_mgt_frame(struct iwm_priv *iwm, u8 *buf,
833 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
834{
835 struct iwm_umac_notif_mgt_frame *mgt_frame =
836 (struct iwm_umac_notif_mgt_frame *)buf;
837 struct ieee80211_mgmt *mgt = (struct ieee80211_mgmt *)mgt_frame->frame;
838 u8 *ie;
839
840 IWM_HEXDUMP(iwm, DBG, MLME, "MGT: ", mgt_frame->frame,
841 le16_to_cpu(mgt_frame->len));
842
843 if (ieee80211_is_assoc_req(mgt->frame_control)) {
844 ie = mgt->u.assoc_req.variable;;
845 iwm->req_ie_len =
846 le16_to_cpu(mgt_frame->len) - (ie - (u8 *)mgt);
847 kfree(iwm->req_ie);
848 iwm->req_ie = kmemdup(mgt->u.assoc_req.variable,
849 iwm->req_ie_len, GFP_KERNEL);
850 } else if (ieee80211_is_reassoc_req(mgt->frame_control)) {
851 ie = mgt->u.reassoc_req.variable;;
852 iwm->req_ie_len =
853 le16_to_cpu(mgt_frame->len) - (ie - (u8 *)mgt);
854 kfree(iwm->req_ie);
855 iwm->req_ie = kmemdup(mgt->u.reassoc_req.variable,
856 iwm->req_ie_len, GFP_KERNEL);
857 } else if (ieee80211_is_assoc_resp(mgt->frame_control)) {
858 ie = mgt->u.assoc_resp.variable;;
859 iwm->resp_ie_len =
860 le16_to_cpu(mgt_frame->len) - (ie - (u8 *)mgt);
861 kfree(iwm->resp_ie);
862 iwm->resp_ie = kmemdup(mgt->u.assoc_resp.variable,
863 iwm->resp_ie_len, GFP_KERNEL);
864 } else if (ieee80211_is_reassoc_resp(mgt->frame_control)) {
865 ie = mgt->u.reassoc_resp.variable;;
866 iwm->resp_ie_len =
867 le16_to_cpu(mgt_frame->len) - (ie - (u8 *)mgt);
868 kfree(iwm->resp_ie);
869 iwm->resp_ie = kmemdup(mgt->u.reassoc_resp.variable,
870 iwm->resp_ie_len, GFP_KERNEL);
871 } else {
872 IWM_ERR(iwm, "Unsupported management frame: 0x%x",
873 le16_to_cpu(mgt->frame_control));
874 return 0;
875 }
876
877 return 0;
878}
879
880static int iwm_ntf_mlme(struct iwm_priv *iwm, u8 *buf,
881 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
882{
883 struct iwm_umac_notif_wifi_if *notif =
884 (struct iwm_umac_notif_wifi_if *)buf;
885
886 switch (notif->status) {
887 case WIFI_IF_NTFY_ASSOC_START:
888 return iwm_mlme_assoc_start(iwm, buf, buf_size, cmd);
889 case WIFI_IF_NTFY_ASSOC_COMPLETE:
890 return iwm_mlme_assoc_complete(iwm, buf, buf_size, cmd);
891 case WIFI_IF_NTFY_PROFILE_INVALIDATE_COMPLETE:
892 return iwm_mlme_profile_invalidate(iwm, buf, buf_size, cmd);
893 case WIFI_IF_NTFY_CONNECTION_TERMINATED:
894 return iwm_mlme_connection_terminated(iwm, buf, buf_size, cmd);
895 case WIFI_IF_NTFY_SCAN_COMPLETE:
896 return iwm_mlme_scan_complete(iwm, buf, buf_size, cmd);
897 case WIFI_IF_NTFY_STA_TABLE_CHANGE:
898 return iwm_mlme_update_sta_table(iwm, buf, buf_size, cmd);
899 case WIFI_IF_NTFY_EXTENDED_IE_REQUIRED:
900 IWM_DBG_MLME(iwm, DBG, "Extended IE required\n");
901 break;
902 case WIFI_IF_NTFY_BSS_TRK_TABLE_CHANGED:
903 return iwm_mlme_update_bss_table(iwm, buf, buf_size, cmd);
904 case WIFI_IF_NTFY_BSS_TRK_ENTRIES_REMOVED:
905 return iwm_mlme_remove_bss(iwm, buf, buf_size, cmd);
906 break;
907 case WIFI_IF_NTFY_MGMT_FRAME:
908 return iwm_mlme_mgt_frame(iwm, buf, buf_size, cmd);
909 case WIFI_DBG_IF_NTFY_SCAN_SUPER_JOB_START:
910 case WIFI_DBG_IF_NTFY_SCAN_SUPER_JOB_COMPLETE:
911 case WIFI_DBG_IF_NTFY_SCAN_CHANNEL_START:
912 case WIFI_DBG_IF_NTFY_SCAN_CHANNEL_RESULT:
913 case WIFI_DBG_IF_NTFY_SCAN_MINI_JOB_START:
914 case WIFI_DBG_IF_NTFY_SCAN_MINI_JOB_COMPLETE:
915 case WIFI_DBG_IF_NTFY_CNCT_ATC_START:
916 case WIFI_DBG_IF_NTFY_COEX_NOTIFICATION:
917 case WIFI_DBG_IF_NTFY_COEX_HANDLE_ENVELOP:
918 case WIFI_DBG_IF_NTFY_COEX_HANDLE_RELEASE_ENVELOP:
919 IWM_DBG_MLME(iwm, DBG, "MLME debug notification: 0x%x\n",
920 notif->status);
921 break;
922 default:
923 IWM_ERR(iwm, "Unhandled notification: 0x%x\n", notif->status);
924 break;
925 }
926
927 return 0;
928}
929
930#define IWM_STATS_UPDATE_INTERVAL (2 * HZ)
931
932static int iwm_ntf_statistics(struct iwm_priv *iwm, u8 *buf,
933 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
934{
935 struct iwm_umac_notif_stats *stats = (struct iwm_umac_notif_stats *)buf;
936 struct iw_statistics *wstats = &iwm->wstats;
937 u16 max_rate = 0;
938 int i;
939
940 IWM_DBG_MLME(iwm, DBG, "Statistics notification received\n");
941
942 if (test_bit(IWM_STATUS_ASSOCIATED, &iwm->status)) {
943 for (i = 0; i < UMAC_NTF_RATE_SAMPLE_NR; i++) {
944 max_rate = max_t(u16, max_rate,
945 max(le16_to_cpu(stats->tx_rate[i]),
946 le16_to_cpu(stats->rx_rate[i])));
947 }
948
949 iwm->rate = max_rate >> 1;
950 }
951 iwm->txpower = le32_to_cpu(stats->tx_power);
952
953 wstats->status = 0;
954
955 wstats->discard.nwid = le32_to_cpu(stats->rx_drop_other_bssid);
956 wstats->discard.code = le32_to_cpu(stats->rx_drop_decode);
957 wstats->discard.fragment = le32_to_cpu(stats->rx_drop_reassembly);
958 wstats->discard.retries = le32_to_cpu(stats->tx_drop_max_retry);
959
960 wstats->miss.beacon = le32_to_cpu(stats->missed_beacons);
961
962
963 if (stats->rssi_dbm < -110)
964 wstats->qual.qual = 0;
965 else if (stats->rssi_dbm > -40)
966 wstats->qual.qual = 70;
967 else
968 wstats->qual.qual = stats->rssi_dbm + 110;
969
970 wstats->qual.level = stats->rssi_dbm;
971 wstats->qual.noise = stats->noise_dbm;
972 wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
973
974 schedule_delayed_work(&iwm->stats_request, IWM_STATS_UPDATE_INTERVAL);
975
976 mod_timer(&iwm->watchdog, round_jiffies(jiffies + IWM_WATCHDOG_PERIOD));
977
978 return 0;
979}
980
981static int iwm_ntf_eeprom_proxy(struct iwm_priv *iwm, u8 *buf,
982 unsigned long buf_size,
983 struct iwm_wifi_cmd *cmd)
984{
985 struct iwm_umac_cmd_eeprom_proxy *eeprom_proxy =
986 (struct iwm_umac_cmd_eeprom_proxy *)
987 (buf + sizeof(struct iwm_umac_wifi_in_hdr));
988 struct iwm_umac_cmd_eeprom_proxy_hdr *hdr = &eeprom_proxy->hdr;
989 u32 hdr_offset = le32_to_cpu(hdr->offset);
990 u32 hdr_len = le32_to_cpu(hdr->len);
991 u32 hdr_type = le32_to_cpu(hdr->type);
992
993 IWM_DBG_NTF(iwm, DBG, "type: 0x%x, len: %d, offset: 0x%x\n",
994 hdr_type, hdr_len, hdr_offset);
995
996 if ((hdr_offset + hdr_len) > IWM_EEPROM_LEN)
997 return -EINVAL;
998
999 switch (hdr_type) {
1000 case IWM_UMAC_CMD_EEPROM_TYPE_READ:
1001 memcpy(iwm->eeprom + hdr_offset, eeprom_proxy->buf, hdr_len);
1002 break;
1003 case IWM_UMAC_CMD_EEPROM_TYPE_WRITE:
1004 default:
1005 return -ENOTSUPP;
1006 }
1007
1008 return 0;
1009}
1010
1011static int iwm_ntf_channel_info_list(struct iwm_priv *iwm, u8 *buf,
1012 unsigned long buf_size,
1013 struct iwm_wifi_cmd *cmd)
1014{
1015 struct iwm_umac_cmd_get_channel_list *ch_list =
1016 (struct iwm_umac_cmd_get_channel_list *)
1017 (buf + sizeof(struct iwm_umac_wifi_in_hdr));
1018 struct wiphy *wiphy = iwm_to_wiphy(iwm);
1019 struct ieee80211_supported_band *band;
1020 int i;
1021
1022 band = wiphy->bands[IEEE80211_BAND_2GHZ];
1023
1024 for (i = 0; i < band->n_channels; i++) {
1025 unsigned long ch_mask_0 =
1026 le32_to_cpu(ch_list->ch[0].channels_mask);
1027 unsigned long ch_mask_2 =
1028 le32_to_cpu(ch_list->ch[2].channels_mask);
1029
1030 if (!test_bit(i, &ch_mask_0))
1031 band->channels[i].flags |= IEEE80211_CHAN_DISABLED;
1032
1033 if (!test_bit(i, &ch_mask_2))
1034 band->channels[i].flags |= IEEE80211_CHAN_NO_IBSS;
1035 }
1036
1037 band = wiphy->bands[IEEE80211_BAND_5GHZ];
1038
1039 for (i = 0; i < min(band->n_channels, 32); i++) {
1040 unsigned long ch_mask_1 =
1041 le32_to_cpu(ch_list->ch[1].channels_mask);
1042 unsigned long ch_mask_3 =
1043 le32_to_cpu(ch_list->ch[3].channels_mask);
1044
1045 if (!test_bit(i, &ch_mask_1))
1046 band->channels[i].flags |= IEEE80211_CHAN_DISABLED;
1047
1048 if (!test_bit(i, &ch_mask_3))
1049 band->channels[i].flags |= IEEE80211_CHAN_NO_IBSS;
1050 }
1051
1052 return 0;
1053}
1054
1055static int iwm_ntf_wifi_if_wrapper(struct iwm_priv *iwm, u8 *buf,
1056 unsigned long buf_size,
1057 struct iwm_wifi_cmd *cmd)
1058{
1059 struct iwm_umac_wifi_if *hdr =
1060 (struct iwm_umac_wifi_if *)cmd->buf.payload;
1061
1062 IWM_DBG_NTF(iwm, DBG, "WIFI_IF_WRAPPER cmd is delivered to UMAC: "
1063 "oid is 0x%x\n", hdr->oid);
1064
1065 if (hdr->oid <= WIFI_IF_NTFY_MAX) {
1066 set_bit(hdr->oid, &iwm->wifi_ntfy[0]);
1067 wake_up_interruptible(&iwm->wifi_ntfy_queue);
1068 } else
1069 return -EINVAL;
1070
1071 switch (hdr->oid) {
1072 case UMAC_WIFI_IF_CMD_SET_PROFILE:
1073 iwm->umac_profile_active = 1;
1074 break;
1075 default:
1076 break;
1077 }
1078
1079 return 0;
1080}
1081
1082static int iwm_ntf_card_state(struct iwm_priv *iwm, u8 *buf,
1083 unsigned long buf_size, struct iwm_wifi_cmd *cmd)
1084{
1085 struct wiphy *wiphy = iwm_to_wiphy(iwm);
1086 struct iwm_lmac_card_state *state = (struct iwm_lmac_card_state *)
1087 (buf + sizeof(struct iwm_umac_wifi_in_hdr));
1088 u32 flags = le32_to_cpu(state->flags);
1089
1090 IWM_INFO(iwm, "HW RF Kill %s, CT Kill %s\n",
1091 flags & IWM_CARD_STATE_HW_DISABLED ? "ON" : "OFF",
1092 flags & IWM_CARD_STATE_CTKILL_DISABLED ? "ON" : "OFF");
1093
1094 wiphy_rfkill_set_hw_state(wiphy, flags & IWM_CARD_STATE_HW_DISABLED);
1095
1096 return 0;
1097}
1098
1099static int iwm_rx_handle_wifi(struct iwm_priv *iwm, u8 *buf,
1100 unsigned long buf_size)
1101{
1102 struct iwm_umac_wifi_in_hdr *wifi_hdr;
1103 struct iwm_wifi_cmd *cmd;
1104 u8 source, cmd_id;
1105 u16 seq_num;
1106 u32 count;
1107 u8 resp;
1108
1109 wifi_hdr = (struct iwm_umac_wifi_in_hdr *)buf;
1110 cmd_id = wifi_hdr->sw_hdr.cmd.cmd;
1111
1112 source = GET_VAL32(wifi_hdr->hw_hdr.cmd, UMAC_HDI_IN_CMD_SOURCE);
1113 if (source >= IWM_SRC_NUM) {
1114 IWM_CRIT(iwm, "invalid source %d\n", source);
1115 return -EINVAL;
1116 }
1117
1118 count = (GET_VAL32(wifi_hdr->sw_hdr.meta_data, UMAC_FW_CMD_BYTE_COUNT));
1119 count += sizeof(struct iwm_umac_wifi_in_hdr) -
1120 sizeof(struct iwm_dev_cmd_hdr);
1121 if (count > buf_size) {
1122 IWM_CRIT(iwm, "count %d, buf size:%ld\n", count, buf_size);
1123 return -EINVAL;
1124 }
1125
1126 resp = GET_VAL32(wifi_hdr->sw_hdr.meta_data, UMAC_FW_CMD_STATUS);
1127
1128 seq_num = le16_to_cpu(wifi_hdr->sw_hdr.cmd.seq_num);
1129
1130 IWM_DBG_RX(iwm, DBG, "CMD:0x%x, source: 0x%x, seqnum: %d\n",
1131 cmd_id, source, seq_num);
1132
1133
1134
1135
1136
1137 cmd = iwm_get_pending_wifi_cmd(iwm, seq_num);
1138
1139
1140 switch (source) {
1141 case UMAC_HDI_IN_SOURCE_FHRX:
1142 if (iwm->lmac_handlers[cmd_id] &&
1143 test_bit(cmd_id, &iwm->lmac_handler_map[0]))
1144 return iwm_notif_send(iwm, cmd, cmd_id, source,
1145 buf, count);
1146 break;
1147 case UMAC_HDI_IN_SOURCE_FW:
1148 if (iwm->umac_handlers[cmd_id] &&
1149 test_bit(cmd_id, &iwm->umac_handler_map[0]))
1150 return iwm_notif_send(iwm, cmd, cmd_id, source,
1151 buf, count);
1152 break;
1153 case UMAC_HDI_IN_SOURCE_UDMA:
1154 break;
1155 }
1156
1157 return iwm_rx_handle_resp(iwm, buf, count, cmd);
1158}
1159
1160int iwm_rx_handle_resp(struct iwm_priv *iwm, u8 *buf, unsigned long buf_size,
1161 struct iwm_wifi_cmd *cmd)
1162{
1163 u8 source, cmd_id;
1164 struct iwm_umac_wifi_in_hdr *wifi_hdr;
1165 int ret = 0;
1166
1167 wifi_hdr = (struct iwm_umac_wifi_in_hdr *)buf;
1168 cmd_id = wifi_hdr->sw_hdr.cmd.cmd;
1169
1170 source = GET_VAL32(wifi_hdr->hw_hdr.cmd, UMAC_HDI_IN_CMD_SOURCE);
1171
1172 IWM_DBG_RX(iwm, DBG, "CMD:0x%x, source: 0x%x\n", cmd_id, source);
1173
1174 switch (source) {
1175 case UMAC_HDI_IN_SOURCE_FHRX:
1176 if (iwm->lmac_handlers[cmd_id])
1177 ret = iwm->lmac_handlers[cmd_id]
1178 (iwm, buf, buf_size, cmd);
1179 break;
1180 case UMAC_HDI_IN_SOURCE_FW:
1181 if (iwm->umac_handlers[cmd_id])
1182 ret = iwm->umac_handlers[cmd_id]
1183 (iwm, buf, buf_size, cmd);
1184 break;
1185 case UMAC_HDI_IN_SOURCE_UDMA:
1186 ret = -EINVAL;
1187 break;
1188 }
1189
1190 kfree(cmd);
1191
1192 return ret;
1193}
1194
1195static int iwm_rx_handle_nonwifi(struct iwm_priv *iwm, u8 *buf,
1196 unsigned long buf_size)
1197{
1198 u8 seq_num;
1199 struct iwm_udma_in_hdr *hdr = (struct iwm_udma_in_hdr *)buf;
1200 struct iwm_nonwifi_cmd *cmd, *next;
1201
1202 seq_num = GET_VAL32(hdr->cmd, UDMA_HDI_IN_CMD_NON_WIFI_HW_SEQ_NUM);
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212 list_for_each_entry_safe(cmd, next, &iwm->nonwifi_pending_cmd, pending)
1213 if (cmd->seq_num == seq_num) {
1214 cmd->resp_received = 1;
1215 cmd->buf.len = buf_size;
1216 memcpy(cmd->buf.hdr, buf, buf_size);
1217 wake_up_interruptible(&iwm->nonwifi_queue);
1218 }
1219
1220 return 0;
1221}
1222
1223static int iwm_rx_handle_umac(struct iwm_priv *iwm, u8 *buf,
1224 unsigned long buf_size)
1225{
1226 int ret = 0;
1227 u8 op_code;
1228 unsigned long buf_offset = 0;
1229 struct iwm_udma_in_hdr *hdr;
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241 while (buf_offset < buf_size) {
1242
1243 hdr = (struct iwm_udma_in_hdr *)(buf + buf_offset);
1244
1245 if (iwm_rx_check_udma_hdr(hdr) < 0) {
1246 IWM_DBG_RX(iwm, DBG, "End of frame\n");
1247 break;
1248 }
1249
1250 op_code = GET_VAL32(hdr->cmd, UMAC_HDI_IN_CMD_OPCODE);
1251
1252 IWM_DBG_RX(iwm, DBG, "Op code: 0x%x\n", op_code);
1253
1254 if (op_code == UMAC_HDI_IN_OPCODE_WIFI) {
1255 ret |= iwm_rx_handle_wifi(iwm, buf + buf_offset,
1256 buf_size - buf_offset);
1257 } else if (op_code < UMAC_HDI_IN_OPCODE_NONWIFI_MAX) {
1258 if (GET_VAL32(hdr->cmd,
1259 UDMA_HDI_IN_CMD_NON_WIFI_HW_SIG) !=
1260 UDMA_HDI_IN_CMD_NON_WIFI_HW_SIG) {
1261 IWM_ERR(iwm, "Incorrect hw signature\n");
1262 return -EINVAL;
1263 }
1264 ret |= iwm_rx_handle_nonwifi(iwm, buf + buf_offset,
1265 buf_size - buf_offset);
1266 } else {
1267 IWM_ERR(iwm, "Invalid RX opcode: 0x%x\n", op_code);
1268 ret |= -EINVAL;
1269 }
1270
1271 buf_offset += iwm_rx_resp_size(hdr);
1272 }
1273
1274 return ret;
1275}
1276
1277int iwm_rx_handle(struct iwm_priv *iwm, u8 *buf, unsigned long buf_size)
1278{
1279 struct iwm_udma_in_hdr *hdr;
1280
1281 hdr = (struct iwm_udma_in_hdr *)buf;
1282
1283 switch (le32_to_cpu(hdr->cmd)) {
1284 case UMAC_REBOOT_BARKER:
1285 return iwm_notif_send(iwm, NULL, IWM_BARKER_REBOOT_NOTIFICATION,
1286 IWM_SRC_UDMA, buf, buf_size);
1287 case UMAC_ACK_BARKER:
1288 return iwm_notif_send(iwm, NULL, IWM_ACK_BARKER_NOTIFICATION,
1289 IWM_SRC_UDMA, NULL, 0);
1290 default:
1291 IWM_DBG_RX(iwm, DBG, "Received cmd: 0x%x\n", hdr->cmd);
1292 return iwm_rx_handle_umac(iwm, buf, buf_size);
1293 }
1294
1295 return 0;
1296}
1297
1298static const iwm_handler iwm_umac_handlers[] =
1299{
1300 [UMAC_NOTIFY_OPCODE_ERROR] = iwm_ntf_error,
1301 [UMAC_NOTIFY_OPCODE_ALIVE] = iwm_ntf_umac_alive,
1302 [UMAC_NOTIFY_OPCODE_INIT_COMPLETE] = iwm_ntf_init_complete,
1303 [UMAC_NOTIFY_OPCODE_WIFI_CORE_STATUS] = iwm_ntf_wifi_status,
1304 [UMAC_NOTIFY_OPCODE_WIFI_IF_WRAPPER] = iwm_ntf_mlme,
1305 [UMAC_NOTIFY_OPCODE_PAGE_DEALLOC] = iwm_ntf_tx_credit_update,
1306 [UMAC_NOTIFY_OPCODE_RX_TICKET] = iwm_ntf_rx_ticket,
1307 [UMAC_CMD_OPCODE_RESET] = iwm_ntf_umac_reset,
1308 [UMAC_NOTIFY_OPCODE_STATS] = iwm_ntf_statistics,
1309 [UMAC_CMD_OPCODE_EEPROM_PROXY] = iwm_ntf_eeprom_proxy,
1310 [UMAC_CMD_OPCODE_GET_CHAN_INFO_LIST] = iwm_ntf_channel_info_list,
1311 [REPLY_RX_MPDU_CMD] = iwm_ntf_rx_packet,
1312 [UMAC_CMD_OPCODE_WIFI_IF_WRAPPER] = iwm_ntf_wifi_if_wrapper,
1313};
1314
1315static const iwm_handler iwm_lmac_handlers[] =
1316{
1317 [REPLY_TX] = iwm_ntf_tx,
1318 [REPLY_ALIVE] = iwm_ntf_lmac_version,
1319 [CALIBRATION_RES_NOTIFICATION] = iwm_ntf_calib_res,
1320 [CALIBRATION_COMPLETE_NOTIFICATION] = iwm_ntf_calib_complete,
1321 [CALIBRATION_CFG_CMD] = iwm_ntf_calib_cfg,
1322 [REPLY_RX_MPDU_CMD] = iwm_ntf_rx_packet,
1323 [CARD_STATE_NOTIFICATION] = iwm_ntf_card_state,
1324};
1325
1326void iwm_rx_setup_handlers(struct iwm_priv *iwm)
1327{
1328 iwm->umac_handlers = (iwm_handler *) iwm_umac_handlers;
1329 iwm->lmac_handlers = (iwm_handler *) iwm_lmac_handlers;
1330}
1331
1332static void iwm_remove_iv(struct sk_buff *skb, u32 hdr_total_len)
1333{
1334 struct ieee80211_hdr *hdr;
1335 unsigned int hdr_len;
1336
1337 hdr = (struct ieee80211_hdr *)skb->data;
1338
1339 if (!ieee80211_has_protected(hdr->frame_control))
1340 return;
1341
1342 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1343 if (hdr_total_len <= hdr_len)
1344 return;
1345
1346 memmove(skb->data + (hdr_total_len - hdr_len), skb->data, hdr_len);
1347 skb_pull(skb, (hdr_total_len - hdr_len));
1348}
1349
1350static void iwm_rx_adjust_packet(struct iwm_priv *iwm,
1351 struct iwm_rx_packet *packet,
1352 struct iwm_rx_ticket_node *ticket_node)
1353{
1354 u32 payload_offset = 0, payload_len;
1355 struct iwm_rx_ticket *ticket = ticket_node->ticket;
1356 struct iwm_rx_mpdu_hdr *mpdu_hdr;
1357 struct ieee80211_hdr *hdr;
1358
1359 mpdu_hdr = (struct iwm_rx_mpdu_hdr *)packet->skb->data;
1360 payload_offset += sizeof(struct iwm_rx_mpdu_hdr);
1361
1362 payload_len = le16_to_cpu(mpdu_hdr->len) +
1363 (le16_to_cpu(ticket->flags) & IWM_RX_TICKET_PAD_SIZE_MSK);
1364 payload_len -= ticket->tail_len;
1365
1366 IWM_DBG_RX(iwm, DBG, "Packet adjusted, len:%d, offset:%d, "
1367 "ticket offset:%d ticket tail len:%d\n",
1368 payload_len, payload_offset, ticket->payload_offset,
1369 ticket->tail_len);
1370
1371 IWM_HEXDUMP(iwm, DBG, RX, "RAW: ", packet->skb->data, packet->skb->len);
1372
1373 skb_pull(packet->skb, payload_offset);
1374 skb_trim(packet->skb, payload_len);
1375
1376 iwm_remove_iv(packet->skb, ticket->payload_offset);
1377
1378 hdr = (struct ieee80211_hdr *) packet->skb->data;
1379 if (ieee80211_is_data_qos(hdr->frame_control)) {
1380
1381
1382 memmove(packet->skb->data + IEEE80211_QOS_CTL_LEN + 2,
1383 packet->skb->data,
1384 ieee80211_hdrlen(hdr->frame_control) -
1385 IEEE80211_QOS_CTL_LEN);
1386 hdr = (struct ieee80211_hdr *) skb_pull(packet->skb,
1387 IEEE80211_QOS_CTL_LEN + 2);
1388 hdr->frame_control &= ~cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
1389 }
1390
1391 IWM_HEXDUMP(iwm, DBG, RX, "ADJUSTED: ",
1392 packet->skb->data, packet->skb->len);
1393}
1394
1395static void classify8023(struct sk_buff *skb)
1396{
1397 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1398
1399 if (ieee80211_is_data_qos(hdr->frame_control)) {
1400 u8 *qc = ieee80211_get_qos_ctl(hdr);
1401
1402 skb->priority = *qc & IEEE80211_QOS_CTL_TID_MASK;
1403 } else {
1404 skb->priority = 0;
1405 }
1406}
1407
1408static void iwm_rx_process_packet(struct iwm_priv *iwm,
1409 struct iwm_rx_packet *packet,
1410 struct iwm_rx_ticket_node *ticket_node)
1411{
1412 int ret;
1413 struct sk_buff *skb = packet->skb;
1414 struct wireless_dev *wdev = iwm_to_wdev(iwm);
1415 struct net_device *ndev = iwm_to_ndev(iwm);
1416
1417 IWM_DBG_RX(iwm, DBG, "Processing packet ID %d\n", packet->id);
1418
1419 switch (le16_to_cpu(ticket_node->ticket->action)) {
1420 case IWM_RX_TICKET_RELEASE:
1421 IWM_DBG_RX(iwm, DBG, "RELEASE packet\n");
1422 classify8023(skb);
1423 iwm_rx_adjust_packet(iwm, packet, ticket_node);
1424 ret = ieee80211_data_to_8023(skb, ndev->dev_addr, wdev->iftype);
1425 if (ret < 0) {
1426 IWM_DBG_RX(iwm, DBG, "Couldn't convert 802.11 header - "
1427 "%d\n", ret);
1428 break;
1429 }
1430
1431 IWM_HEXDUMP(iwm, DBG, RX, "802.3: ", skb->data, skb->len);
1432
1433 skb->dev = iwm_to_ndev(iwm);
1434 skb->protocol = eth_type_trans(skb, ndev);
1435 skb->ip_summed = CHECKSUM_NONE;
1436 memset(skb->cb, 0, sizeof(skb->cb));
1437
1438 ndev->stats.rx_packets++;
1439 ndev->stats.rx_bytes += skb->len;
1440
1441 if (netif_rx_ni(skb) == NET_RX_DROP) {
1442 IWM_ERR(iwm, "Packet dropped\n");
1443 ndev->stats.rx_dropped++;
1444 }
1445 break;
1446 case IWM_RX_TICKET_DROP:
1447 IWM_DBG_RX(iwm, DBG, "DROP packet\n");
1448 kfree_skb(packet->skb);
1449 break;
1450 default:
1451 IWM_ERR(iwm, "Unknow ticket action: %d\n",
1452 le16_to_cpu(ticket_node->ticket->action));
1453 kfree_skb(packet->skb);
1454 }
1455
1456 kfree(packet);
1457 iwm_rx_ticket_node_free(ticket_node);
1458}
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472void iwm_rx_worker(struct work_struct *work)
1473{
1474 struct iwm_priv *iwm;
1475 struct iwm_rx_ticket_node *ticket, *next;
1476
1477 iwm = container_of(work, struct iwm_priv, rx_worker);
1478
1479
1480
1481
1482
1483
1484
1485 list_for_each_entry_safe(ticket, next, &iwm->rx_tickets, node) {
1486 struct iwm_rx_packet *packet =
1487 iwm_rx_packet_get(iwm, le16_to_cpu(ticket->ticket->id));
1488
1489 if (!packet) {
1490 IWM_DBG_RX(iwm, DBG, "Skip rx_work: Wait for ticket %d "
1491 "to be handled first\n",
1492 le16_to_cpu(ticket->ticket->id));
1493 return;
1494 }
1495
1496 list_del(&ticket->node);
1497 list_del(&packet->node);
1498 iwm_rx_process_packet(iwm, packet, ticket);
1499 }
1500}
1501
1502
