LXR linux/drivers/net/wireless/p54/txrx.c

   1/*
   2 * Common code for mac80211 Prism54 drivers
   3 *
   4 * Copyright (c) 2006, Michael Wu <flamingice@sourmilk.net>
   5 * Copyright (c) 2007-2009, Christian Lamparter <chunkeey@web.de>
   6 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
   7 *
   8 * Based on:
   9 * - the islsm (softmac prism54) driver, which is:
  10 *   Copyright 2004-2006 Jean-Baptiste Note <jbnote@gmail.com>, et al.
  11 * - stlc45xx driver
  12 *   Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies).
  13 *
  14 * This program is free software; you can redistribute it and/or modify
  15 * it under the terms of the GNU General Public License version 2 as
  16 * published by the Free Software Foundation.
  17 */
  18
  19#include <linux/export.h>
  20#include <linux/init.h>
  21#include <linux/firmware.h>
  22#include <linux/etherdevice.h>
  23#include <asm/div64.h>
  24
  25#include <net/mac80211.h>
  26
  27#include "p54.h"
  28#include "lmac.h"
  29
  30#ifdef P54_MM_DEBUG
  31static void p54_dump_tx_queue(struct p54_common *priv)
  32{
  33        unsigned long flags;
  34        struct ieee80211_tx_info *info;
  35        struct p54_tx_info *range;
  36        struct sk_buff *skb;
  37        struct p54_hdr *hdr;
  38        unsigned int i = 0;
  39        u32 prev_addr;
  40        u32 largest_hole = 0, free;
  41
  42        spin_lock_irqsave(&priv->tx_queue.lock, flags);
  43        wiphy_debug(priv->hw->wiphy, "/ --- tx queue dump (%d entries) ---\n",
  44                    skb_queue_len(&priv->tx_queue));
  45
  46        prev_addr = priv->rx_start;
  47        skb_queue_walk(&priv->tx_queue, skb) {
  48                info = IEEE80211_SKB_CB(skb);
  49                range = (void *) info->rate_driver_data;
  50                hdr = (void *) skb->data;
  51
  52                free = range->start_addr - prev_addr;
  53                wiphy_debug(priv->hw->wiphy,
  54                            "| [%02d] => [skb:%p skb_len:0x%04x "
  55                            "hdr:{flags:%02x len:%04x req_id:%04x type:%02x} "
  56                            "mem:{start:%04x end:%04x, free:%d}]\n",
  57                            i++, skb, skb->len,
  58                            le16_to_cpu(hdr->flags), le16_to_cpu(hdr->len),
  59                            le32_to_cpu(hdr->req_id), le16_to_cpu(hdr->type),
  60                            range->start_addr, range->end_addr, free);
  61
  62                prev_addr = range->end_addr;
  63                largest_hole = max(largest_hole, free);
  64        }
  65        free = priv->rx_end - prev_addr;
  66        largest_hole = max(largest_hole, free);
  67        wiphy_debug(priv->hw->wiphy,
  68                    "\\ --- [free: %d], largest free block: %d ---\n",
  69                    free, largest_hole);
  70        spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
  71}
  72#endif /* P54_MM_DEBUG */
  73
  74/*
  75 * So, the firmware is somewhat stupid and doesn't know what places in its
  76 * memory incoming data should go to. By poking around in the firmware, we
  77 * can find some unused memory to upload our packets to. However, data that we
  78 * want the card to TX needs to stay intact until the card has told us that
  79 * it is done with it. This function finds empty places we can upload to and
  80 * marks allocated areas as reserved if necessary. p54_find_and_unlink_skb or
  81 * p54_free_skb frees allocated areas.
  82 */
  83static int p54_assign_address(struct p54_common *priv, struct sk_buff *skb)
  84{
  85        struct sk_buff *entry, *target_skb = NULL;
  86        struct ieee80211_tx_info *info;
  87        struct p54_tx_info *range;
  88        struct p54_hdr *data = (void *) skb->data;
  89        unsigned long flags;
  90        u32 last_addr = priv->rx_start;
  91        u32 target_addr = priv->rx_start;
  92        u16 len = priv->headroom + skb->len + priv->tailroom + 3;
  93
  94        info = IEEE80211_SKB_CB(skb);
  95        range = (void *) info->rate_driver_data;
  96        len = (range->extra_len + len) & ~0x3;
  97
  98        spin_lock_irqsave(&priv->tx_queue.lock, flags);
  99        if (unlikely(skb_queue_len(&priv->tx_queue) == 32)) {
 100                /*
 101                 * The tx_queue is now really full.
 102                 *
 103                 * TODO: check if the device has crashed and reset it.
 104                 */
 105                spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
 106                return -EBUSY;
 107        }
 108
 109        skb_queue_walk(&priv->tx_queue, entry) {
 110                u32 hole_size;
 111                info = IEEE80211_SKB_CB(entry);
 112                range = (void *) info->rate_driver_data;
 113                hole_size = range->start_addr - last_addr;
 114
 115                if (!target_skb && hole_size >= len) {
 116                        target_skb = entry->prev;
 117                        hole_size -= len;
 118                        target_addr = last_addr;
 119                        break;
 120                }
 121                last_addr = range->end_addr;
 122        }
 123        if (unlikely(!target_skb)) {
 124                if (priv->rx_end - last_addr >= len) {
 125                        target_skb = priv->tx_queue.prev;
 126                        if (!skb_queue_empty(&priv->tx_queue)) {
 127                                info = IEEE80211_SKB_CB(target_skb);
 128                                range = (void *)info->rate_driver_data;
 129                                target_addr = range->end_addr;
 130                        }
 131                } else {
 132                        spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
 133                        return -ENOSPC;
 134                }
 135        }
 136
 137        info = IEEE80211_SKB_CB(skb);
 138        range = (void *) info->rate_driver_data;
 139        range->start_addr = target_addr;
 140        range->end_addr = target_addr + len;
 141        data->req_id = cpu_to_le32(target_addr + priv->headroom);
 142        if (IS_DATA_FRAME(skb) &&
 143            unlikely(GET_HW_QUEUE(skb) == P54_QUEUE_BEACON))
 144                priv->beacon_req_id = data->req_id;
 145
 146        __skb_queue_after(&priv->tx_queue, target_skb, skb);
 147        spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
 148        return 0;
 149}
 150
 151static void p54_tx_pending(struct p54_common *priv)
 152{
 153        struct sk_buff *skb;
 154        int ret;
 155
 156        skb = skb_dequeue(&priv->tx_pending);
 157        if (unlikely(!skb))
 158                return ;
 159
 160        ret = p54_assign_address(priv, skb);
 161        if (unlikely(ret))
 162                skb_queue_head(&priv->tx_pending, skb);
 163        else
 164                priv->tx(priv->hw, skb);
 165}
 166
 167static void p54_wake_queues(struct p54_common *priv)
 168{
 169        unsigned long flags;
 170        unsigned int i;
 171
 172        if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
 173                return ;
 174
 175        p54_tx_pending(priv);
 176
 177        spin_lock_irqsave(&priv->tx_stats_lock, flags);
 178        for (i = 0; i < priv->hw->queues; i++) {
 179                if (priv->tx_stats[i + P54_QUEUE_DATA].len <
 180                    priv->tx_stats[i + P54_QUEUE_DATA].limit)
 181                        ieee80211_wake_queue(priv->hw, i);
 182        }
 183        spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
 184}
 185
 186static int p54_tx_qos_accounting_alloc(struct p54_common *priv,
 187                                       struct sk_buff *skb,
 188                                       const u16 p54_queue)
 189{
 190        struct p54_tx_queue_stats *queue;
 191        unsigned long flags;
 192
 193        if (WARN_ON(p54_queue >= P54_QUEUE_NUM))
 194                return -EINVAL;
 195
 196        queue = &priv->tx_stats[p54_queue];
 197
 198        spin_lock_irqsave(&priv->tx_stats_lock, flags);
 199        if (unlikely(queue->len >= queue->limit && IS_QOS_QUEUE(p54_queue))) {
 200                spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
 201                return -ENOSPC;
 202        }
 203
 204        queue->len++;
 205        queue->count++;
 206
 207        if (unlikely(queue->len == queue->limit && IS_QOS_QUEUE(p54_queue))) {
 208                u16 ac_queue = p54_queue - P54_QUEUE_DATA;
 209                ieee80211_stop_queue(priv->hw, ac_queue);
 210        }
 211
 212        spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
 213        return 0;
 214}
 215
 216static void p54_tx_qos_accounting_free(struct p54_common *priv,
 217                                       struct sk_buff *skb)
 218{
 219        if (IS_DATA_FRAME(skb)) {
 220                unsigned long flags;
 221
 222                spin_lock_irqsave(&priv->tx_stats_lock, flags);
 223                priv->tx_stats[GET_HW_QUEUE(skb)].len--;
 224                spin_unlock_irqrestore(&priv->tx_stats_lock, flags);
 225
 226                if (unlikely(GET_HW_QUEUE(skb) == P54_QUEUE_BEACON)) {
 227                        if (priv->beacon_req_id == GET_REQ_ID(skb)) {
 228                                /* this is the  active beacon set anymore */
 229                                priv->beacon_req_id = 0;
 230                        }
 231                        complete(&priv->beacon_comp);
 232                }
 233        }
 234        p54_wake_queues(priv);
 235}
 236
 237void p54_free_skb(struct ieee80211_hw *dev, struct sk_buff *skb)
 238{
 239        struct p54_common *priv = dev->priv;
 240        if (unlikely(!skb))
 241                return ;
 242
 243        skb_unlink(skb, &priv->tx_queue);
 244        p54_tx_qos_accounting_free(priv, skb);
 245        ieee80211_free_txskb(dev, skb);
 246}
 247EXPORT_SYMBOL_GPL(p54_free_skb);
 248
 249static struct sk_buff *p54_find_and_unlink_skb(struct p54_common *priv,
 250                                               const __le32 req_id)
 251{
 252        struct sk_buff *entry;
 253        unsigned long flags;
 254
 255        spin_lock_irqsave(&priv->tx_queue.lock, flags);
 256        skb_queue_walk(&priv->tx_queue, entry) {
 257                struct p54_hdr *hdr = (struct p54_hdr *) entry->data;
 258
 259                if (hdr->req_id == req_id) {
 260                        __skb_unlink(entry, &priv->tx_queue);
 261                        spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
 262                        p54_tx_qos_accounting_free(priv, entry);
 263                        return entry;
 264                }
 265        }
 266        spin_unlock_irqrestore(&priv->tx_queue.lock, flags);
 267        return NULL;
 268}
 269
 270void p54_tx(struct p54_common *priv, struct sk_buff *skb)
 271{
 272        skb_queue_tail(&priv->tx_pending, skb);
 273        p54_tx_pending(priv);
 274}
 275
 276static int p54_rssi_to_dbm(struct p54_common *priv, int rssi)
 277{
 278        if (priv->rxhw != 5) {
 279                return ((rssi * priv->cur_rssi->mul) / 64 +
 280                         priv->cur_rssi->add) / 4;
 281        } else {
 282                /*
 283                 * TODO: find the correct formula
 284                 */
 285                return rssi / 2 - 110;
 286        }
 287}
 288
 289/*
 290 * Even if the firmware is capable of dealing with incoming traffic,
 291 * while dozing, we have to prepared in case mac80211 uses PS-POLL
 292 * to retrieve outstanding frames from our AP.
 293 * (see comment in net/mac80211/mlme.c @ line 1993)
 294 */
 295static void p54_pspoll_workaround(struct p54_common *priv, struct sk_buff *skb)
 296{
 297        struct ieee80211_hdr *hdr = (void *) skb->data;
 298        struct ieee80211_tim_ie *tim_ie;
 299        u8 *tim;
 300        u8 tim_len;
 301        bool new_psm;
 302
 303        /* only beacons have a TIM IE */
 304        if (!ieee80211_is_beacon(hdr->frame_control))
 305                return;
 306
 307        if (!priv->aid)
 308                return;
 309
 310        /* only consider beacons from the associated BSSID */
 311        if (!ether_addr_equal(hdr->addr3, priv->bssid))
 312                return;
 313
 314        tim = p54_find_ie(skb, WLAN_EID_TIM);
 315        if (!tim)
 316                return;
 317
 318        tim_len = tim[1];
 319        tim_ie = (struct ieee80211_tim_ie *) &tim[2];
 320
 321        new_psm = ieee80211_check_tim(tim_ie, tim_len, priv->aid);
 322        if (new_psm != priv->powersave_override) {
 323                priv->powersave_override = new_psm;
 324                p54_set_ps(priv);
 325        }
 326}
 327
 328static int p54_rx_data(struct p54_common *priv, struct sk_buff *skb)
 329{
 330        struct p54_rx_data *hdr = (struct p54_rx_data *) skb->data;
 331        struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
 332        u16 freq = le16_to_cpu(hdr->freq);
 333        size_t header_len = sizeof(*hdr);
 334        u32 tsf32;
 335        u8 rate = hdr->rate & 0xf;
 336
 337        /*
 338         * If the device is in a unspecified state we have to
 339         * ignore all data frames. Else we could end up with a
 340         * nasty crash.
 341         */
 342        if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
 343                return 0;
 344
 345        if (!(hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_IN_FCS_GOOD)))
 346                return 0;
 347
 348        if (hdr->decrypt_status == P54_DECRYPT_OK)
 349                rx_status->flag |= RX_FLAG_DECRYPTED;
 350        if ((hdr->decrypt_status == P54_DECRYPT_FAIL_MICHAEL) ||
 351            (hdr->decrypt_status == P54_DECRYPT_FAIL_TKIP))
 352                rx_status->flag |= RX_FLAG_MMIC_ERROR;
 353
 354        rx_status->signal = p54_rssi_to_dbm(priv, hdr->rssi);
 355        if (hdr->rate & 0x10)
 356                rx_status->flag |= RX_FLAG_SHORTPRE;
 357        if (priv->hw->conf.chandef.chan->band == IEEE80211_BAND_5GHZ)
 358                rx_status->rate_idx = (rate < 4) ? 0 : rate - 4;
 359        else
 360                rx_status->rate_idx = rate;
 361
 362        rx_status->freq = freq;
 363        rx_status->band =  priv->hw->conf.chandef.chan->band;
 364        rx_status->antenna = hdr->antenna;
 365
 366        tsf32 = le32_to_cpu(hdr->tsf32);
 367        if (tsf32 < priv->tsf_low32)
 368                priv->tsf_high32++;
 369        rx_status->mactime = ((u64)priv->tsf_high32) << 32 | tsf32;
 370        priv->tsf_low32 = tsf32;
 371
 372        /* LMAC API Page 10/29 - s_lm_data_in - clock
 373         * "usec accurate timestamp of hardware clock
 374         * at end of frame (before OFDM SIFS EOF padding"
 375         */
 376        rx_status->flag |= RX_FLAG_MACTIME_END;
 377
 378        if (hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_ALIGN))
 379                header_len += hdr->align[0];
 380
 381        skb_pull(skb, header_len);
 382        skb_trim(skb, le16_to_cpu(hdr->len));
 383        if (unlikely(priv->hw->conf.flags & IEEE80211_CONF_PS))
 384                p54_pspoll_workaround(priv, skb);
 385
 386        ieee80211_rx_irqsafe(priv->hw, skb);
 387
 388        ieee80211_queue_delayed_work(priv->hw, &priv->work,
 389                           msecs_to_jiffies(P54_STATISTICS_UPDATE));
 390
 391        return -1;
 392}
 393
 394static void p54_rx_frame_sent(struct p54_common *priv, struct sk_buff *skb)
 395{
 396        struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
 397        struct p54_frame_sent *payload = (struct p54_frame_sent *) hdr->data;
 398        struct ieee80211_tx_info *info;
 399        struct p54_hdr *entry_hdr;
 400        struct p54_tx_data *entry_data;
 401        struct sk_buff *entry;
 402        unsigned int pad = 0, frame_len;
 403        int count, idx;
 404
 405        entry = p54_find_and_unlink_skb(priv, hdr->req_id);
 406        if (unlikely(!entry))
 407                return ;
 408
 409        frame_len = entry->len;
 410        info = IEEE80211_SKB_CB(entry);
 411        entry_hdr = (struct p54_hdr *) entry->data;
 412        entry_data = (struct p54_tx_data *) entry_hdr->data;
 413        priv->stats.dot11ACKFailureCount += payload->tries - 1;
 414
 415        /*
 416         * Frames in P54_QUEUE_FWSCAN and P54_QUEUE_BEACON are
 417         * generated by the driver. Therefore tx_status is bogus
 418         * and we don't want to confuse the mac80211 stack.
 419         */
 420        if (unlikely(entry_data->hw_queue < P54_QUEUE_FWSCAN)) {
 421                dev_kfree_skb_any(entry);
 422                return ;
 423        }
 424
 425        /*
 426         * Clear manually, ieee80211_tx_info_clear_status would
 427         * clear the counts too and we need them.
 428         */
 429        memset(&info->status.ack_signal, 0,
 430               sizeof(struct ieee80211_tx_info) -
 431               offsetof(struct ieee80211_tx_info, status.ack_signal));
 432        BUILD_BUG_ON(offsetof(struct ieee80211_tx_info,
 433                              status.ack_signal) != 20);
 434
 435        if (entry_hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_ALIGN))
 436                pad = entry_data->align[0];
 437
 438        /* walk through the rates array and adjust the counts */
 439        count = payload->tries;
 440        for (idx = 0; idx < 4; idx++) {
 441                if (count >= info->status.rates[idx].count) {
 442                        count -= info->status.rates[idx].count;
 443                } else if (count > 0) {
 444                        info->status.rates[idx].count = count;
 445                        count = 0;
 446                } else {
 447                        info->status.rates[idx].idx = -1;
 448                        info->status.rates[idx].count = 0;
 449                }
 450        }
 451
 452        if (!(info->flags & IEEE80211_TX_CTL_NO_ACK) &&
 453             !(payload->status & P54_TX_FAILED))
 454                info->flags |= IEEE80211_TX_STAT_ACK;
 455        if (payload->status & P54_TX_PSM_CANCELLED)
 456                info->flags |= IEEE80211_TX_STAT_TX_FILTERED;
 457        info->status.ack_signal = p54_rssi_to_dbm(priv,
 458                                                  (int)payload->ack_rssi);
 459
 460        /* Undo all changes to the frame. */
 461        switch (entry_data->key_type) {
 462        case P54_CRYPTO_TKIPMICHAEL: {
 463                u8 *iv = (u8 *)(entry_data->align + pad +
 464                                entry_data->crypt_offset);
 465
 466                /* Restore the original TKIP IV. */
 467                iv[2] = iv[0];
 468                iv[0] = iv[1];
 469                iv[1] = (iv[0] | 0x20) & 0x7f;  /* WEPSeed - 8.3.2.2 */
 470
 471                frame_len -= 12; /* remove TKIP_MMIC + TKIP_ICV */
 472                break;
 473                }
 474        case P54_CRYPTO_AESCCMP:
 475                frame_len -= 8; /* remove CCMP_MIC */
 476                break;
 477        case P54_CRYPTO_WEP:
 478                frame_len -= 4; /* remove WEP_ICV */
 479                break;
 480        }
 481
 482        skb_trim(entry, frame_len);
 483        skb_pull(entry, sizeof(*hdr) + pad + sizeof(*entry_data));
 484        ieee80211_tx_status_irqsafe(priv->hw, entry);
 485}
 486
 487static void p54_rx_eeprom_readback(struct p54_common *priv,
 488                                   struct sk_buff *skb)
 489{
 490        struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
 491        struct p54_eeprom_lm86 *eeprom = (struct p54_eeprom_lm86 *) hdr->data;
 492        struct sk_buff *tmp;
 493
 494        if (!priv->eeprom)
 495                return ;
 496
 497        if (priv->fw_var >= 0x509) {
 498                memcpy(priv->eeprom, eeprom->v2.data,
 499                       le16_to_cpu(eeprom->v2.len));
 500        } else {
 501                memcpy(priv->eeprom, eeprom->v1.data,
 502                       le16_to_cpu(eeprom->v1.len));
 503        }
 504
 505        priv->eeprom = NULL;
 506        tmp = p54_find_and_unlink_skb(priv, hdr->req_id);
 507        dev_kfree_skb_any(tmp);
 508        complete(&priv->eeprom_comp);
 509}
 510
 511static void p54_rx_stats(struct p54_common *priv, struct sk_buff *skb)
 512{
 513        struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
 514        struct p54_statistics *stats = (struct p54_statistics *) hdr->data;
 515        struct sk_buff *tmp;
 516        struct ieee80211_channel *chan;
 517        unsigned int i, rssi, tx, cca, dtime, dtotal, dcca, dtx, drssi, unit;
 518        u32 tsf32;
 519
 520        if (unlikely(priv->mode == NL80211_IFTYPE_UNSPECIFIED))
 521                return ;
 522
 523        tsf32 = le32_to_cpu(stats->tsf32);
 524        if (tsf32 < priv->tsf_low32)
 525                priv->tsf_high32++;
 526        priv->tsf_low32 = tsf32;
 527
 528        priv->stats.dot11RTSFailureCount = le32_to_cpu(stats->rts_fail);
 529        priv->stats.dot11RTSSuccessCount = le32_to_cpu(stats->rts_success);
 530        priv->stats.dot11FCSErrorCount = le32_to_cpu(stats->rx_bad_fcs);
 531
 532        priv->noise = p54_rssi_to_dbm(priv, le32_to_cpu(stats->noise));
 533
 534        /*
 535         * STSW450X LMAC API page 26 - 3.8 Statistics
 536         * "The exact measurement period can be derived from the
 537         * timestamp member".
 538         */
 539        dtime = tsf32 - priv->survey_raw.timestamp;
 540
 541        /*
 542         * STSW450X LMAC API page 26 - 3.8.1 Noise histogram
 543         * The LMAC samples RSSI, CCA and transmit state at regular
 544         * periods (typically 8 times per 1k [as in 1024] usec).
 545         */
 546        cca = le32_to_cpu(stats->sample_cca);
 547        tx = le32_to_cpu(stats->sample_tx);
 548        rssi = 0;
 549        for (i = 0; i < ARRAY_SIZE(stats->sample_noise); i++)
 550                rssi += le32_to_cpu(stats->sample_noise[i]);
 551
 552        dcca = cca - priv->survey_raw.cached_cca;
 553        drssi = rssi - priv->survey_raw.cached_rssi;
 554        dtx = tx - priv->survey_raw.cached_tx;
 555        dtotal = dcca + drssi + dtx;
 556
 557        /*
 558         * update statistics when more than a second is over since the
 559         * last call, or when a update is badly needed.
 560         */
 561        if (dtotal && (priv->update_stats || dtime >= USEC_PER_SEC) &&
 562            dtime >= dtotal) {
 563                priv->survey_raw.timestamp = tsf32;
 564                priv->update_stats = false;
 565                unit = dtime / dtotal;
 566
 567                if (dcca) {
 568                        priv->survey_raw.cca += dcca * unit;
 569                        priv->survey_raw.cached_cca = cca;
 570                }
 571                if (dtx) {
 572                        priv->survey_raw.tx += dtx * unit;
 573                        priv->survey_raw.cached_tx = tx;
 574                }
 575                if (drssi) {
 576                        priv->survey_raw.rssi += drssi * unit;
 577                        priv->survey_raw.cached_rssi = rssi;
 578                }
 579
 580                /* 1024 usec / 8 times = 128 usec / time */
 581                if (!(priv->phy_ps || priv->phy_idle))
 582                        priv->survey_raw.active += dtotal * unit;
 583                else
 584                        priv->survey_raw.active += (dcca + dtx) * unit;
 585        }
 586
 587        chan = priv->curchan;
 588        if (chan) {
 589                struct survey_info *survey = &priv->survey[chan->hw_value];
 590                survey->noise = clamp_t(s8, priv->noise, -128, 127);
 591                survey->channel_time = priv->survey_raw.active;
 592                survey->channel_time_tx = priv->survey_raw.tx;
 593                survey->channel_time_busy = priv->survey_raw.tx +
 594                        priv->survey_raw.cca;
 595                do_div(survey->channel_time, 1024);
 596                do_div(survey->channel_time_tx, 1024);
 597                do_div(survey->channel_time_busy, 1024);
 598        }
 599
 600        tmp = p54_find_and_unlink_skb(priv, hdr->req_id);
 601        dev_kfree_skb_any(tmp);
 602        complete(&priv->stat_comp);
 603}
 604
 605static void p54_rx_trap(struct p54_common *priv, struct sk_buff *skb)
 606{
 607        struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
 608        struct p54_trap *trap = (struct p54_trap *) hdr->data;
 609        u16 event = le16_to_cpu(trap->event);
 610        u16 freq = le16_to_cpu(trap->frequency);
 611
 612        switch (event) {
 613        case P54_TRAP_BEACON_TX:
 614                break;
 615        case P54_TRAP_RADAR:
 616                wiphy_info(priv->hw->wiphy, "radar (freq:%d MHz)\n", freq);
 617                break;
 618        case P54_TRAP_NO_BEACON:
 619                if (priv->vif)
 620                        ieee80211_beacon_loss(priv->vif);
 621                break;
 622        case P54_TRAP_SCAN:
 623                break;
 624        case P54_TRAP_TBTT:
 625                break;
 626        case P54_TRAP_TIMER:
 627                break;
 628        case P54_TRAP_FAA_RADIO_OFF:
 629                wiphy_rfkill_set_hw_state(priv->hw->wiphy, true);
 630                break;
 631        case P54_TRAP_FAA_RADIO_ON:
 632                wiphy_rfkill_set_hw_state(priv->hw->wiphy, false);
 633                break;
 634        default:
 635                wiphy_info(priv->hw->wiphy, "received event:%x freq:%d\n",
 636                           event, freq);
 637                break;
 638        }
 639}
 640
 641static int p54_rx_control(struct p54_common *priv, struct sk_buff *skb)
 642{
 643        struct p54_hdr *hdr = (struct p54_hdr *) skb->data;
 644
 645        switch (le16_to_cpu(hdr->type)) {
 646        case P54_CONTROL_TYPE_TXDONE:
 647                p54_rx_frame_sent(priv, skb);
 648                break;
 649        case P54_CONTROL_TYPE_TRAP:
 650                p54_rx_trap(priv, skb);
 651                break;
 652        case P54_CONTROL_TYPE_BBP:
 653                break;
 654        case P54_CONTROL_TYPE_STAT_READBACK:
 655                p54_rx_stats(priv, skb);
 656                break;
 657        case P54_CONTROL_TYPE_EEPROM_READBACK:
 658                p54_rx_eeprom_readback(priv, skb);
 659                break;
 660        default:
 661                wiphy_debug(priv->hw->wiphy,
 662                            "not handling 0x%02x type control frame\n",
 663                            le16_to_cpu(hdr->type));
 664                break;
 665        }
 666        return 0;
 667}
 668
 669/* returns zero if skb can be reused */
 670int p54_rx(struct ieee80211_hw *dev, struct sk_buff *skb)
 671{
 672        struct p54_common *priv = dev->priv;
 673        u16 type = le16_to_cpu(*((__le16 *)skb->data));
 674
 675        if (type & P54_HDR_FLAG_CONTROL)
 676                return p54_rx_control(priv, skb);
 677        else
 678                return p54_rx_data(priv, skb);
 679}
 680EXPORT_SYMBOL_GPL(p54_rx);
 681
 682static void p54_tx_80211_header(struct p54_common *priv, struct sk_buff *skb,
 683                                struct ieee80211_tx_info *info,
 684                                struct ieee80211_sta *sta,
 685                                u8 *queue, u32 *extra_len, u16 *flags, u16 *aid,
 686                                bool *burst_possible)
 687{
 688        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
 689
 690        if (ieee80211_is_data_qos(hdr->frame_control))
 691                *burst_possible = true;
 692        else
 693                *burst_possible = false;
 694
 695        if (!(info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ))
 696                *flags |= P54_HDR_FLAG_DATA_OUT_SEQNR;
 697
 698        if (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER)
 699                *flags |= P54_HDR_FLAG_DATA_OUT_NOCANCEL;
 700
 701        if (info->flags & IEEE80211_TX_CTL_CLEAR_PS_FILT)
 702                *flags |= P54_HDR_FLAG_DATA_OUT_NOCANCEL;
 703
 704        *queue = skb_get_queue_mapping(skb) + P54_QUEUE_DATA;
 705
 706        switch (priv->mode) {
 707        case NL80211_IFTYPE_MONITOR:
 708                /*
 709                 * We have to set P54_HDR_FLAG_DATA_OUT_PROMISC for
 710                 * every frame in promiscuous/monitor mode.
 711                 * see STSW45x0C LMAC API - page 12.
 712                 */
 713                *aid = 0;
 714                *flags |= P54_HDR_FLAG_DATA_OUT_PROMISC;
 715                break;
 716        case NL80211_IFTYPE_STATION:
 717                *aid = 1;
 718                break;
 719        case NL80211_IFTYPE_AP:
 720        case NL80211_IFTYPE_ADHOC:
 721        case NL80211_IFTYPE_MESH_POINT:
 722                if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) {
 723                        *aid = 0;
 724                        *queue = P54_QUEUE_CAB;
 725                        return;
 726                }
 727
 728                if (unlikely(ieee80211_is_mgmt(hdr->frame_control))) {
 729                        if (ieee80211_is_probe_resp(hdr->frame_control)) {
 730                                *aid = 0;
 731                                *flags |= P54_HDR_FLAG_DATA_OUT_TIMESTAMP |
 732                                          P54_HDR_FLAG_DATA_OUT_NOCANCEL;
 733                                return;
 734                        } else if (ieee80211_is_beacon(hdr->frame_control)) {
 735                                *aid = 0;
 736
 737                                if (info->flags & IEEE80211_TX_CTL_INJECTED) {
 738                                        /*
 739                                         * Injecting beacons on top of a AP is
 740                                         * not a good idea... nevertheless,
 741                                         * it should be doable.
 742                                         */
 743
 744                                        return;
 745                                }
 746
 747                                *flags |= P54_HDR_FLAG_DATA_OUT_TIMESTAMP;
 748                                *queue = P54_QUEUE_BEACON;
 749                                *extra_len = IEEE80211_MAX_TIM_LEN;
 750                                return;
 751                        }
 752                }
 753
 754                if (sta)
 755                        *aid = sta->aid;
 756                break;
 757        }
 758}
 759
 760static u8 p54_convert_algo(u32 cipher)
 761{
 762        switch (cipher) {
 763        case WLAN_CIPHER_SUITE_WEP40:
 764        case WLAN_CIPHER_SUITE_WEP104:
 765                return P54_CRYPTO_WEP;
 766        case WLAN_CIPHER_SUITE_TKIP:
 767                return P54_CRYPTO_TKIPMICHAEL;
 768        case WLAN_CIPHER_SUITE_CCMP:
 769                return P54_CRYPTO_AESCCMP;
 770        default:
 771                return 0;
 772        }
 773}
 774
 775void p54_tx_80211(struct ieee80211_hw *dev,
 776                  struct ieee80211_tx_control *control,
 777                  struct sk_buff *skb)
 778{
 779        struct p54_common *priv = dev->priv;
 780        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 781        struct p54_tx_info *p54info;
 782        struct p54_hdr *hdr;
 783        struct p54_tx_data *txhdr;
 784        unsigned int padding, len, extra_len = 0;
 785        int i, j, ridx;
 786        u16 hdr_flags = 0, aid = 0;
 787        u8 rate, queue = 0, crypt_offset = 0;
 788        u8 cts_rate = 0x20;
 789        u8 rc_flags;
 790        u8 calculated_tries[4];
 791        u8 nrates = 0, nremaining = 8;
 792        bool burst_allowed = false;
 793
 794        p54_tx_80211_header(priv, skb, info, control->sta, &queue, &extra_len,
 795                            &hdr_flags, &aid, &burst_allowed);
 796
 797        if (p54_tx_qos_accounting_alloc(priv, skb, queue)) {
 798                ieee80211_free_txskb(dev, skb);
 799                return;
 800        }
 801
 802        padding = (unsigned long)(skb->data - (sizeof(*hdr) + sizeof(*txhdr))) & 3;
 803        len = skb->len;
 804
 805        if (info->control.hw_key) {
 806                crypt_offset = ieee80211_get_hdrlen_from_skb(skb);
 807                if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
 808                        u8 *iv = (u8 *)(skb->data + crypt_offset);
 809                        /*
 810                         * The firmware excepts that the IV has to have
 811                         * this special format
 812                         */
 813                        iv[1] = iv[0];
 814                        iv[0] = iv[2];
 815                        iv[2] = 0;
 816                }
 817        }
 818
 819        txhdr = (struct p54_tx_data *) skb_push(skb, sizeof(*txhdr) + padding);
 820        hdr = (struct p54_hdr *) skb_push(skb, sizeof(*hdr));
 821
 822        if (padding)
 823                hdr_flags |= P54_HDR_FLAG_DATA_ALIGN;
 824        hdr->type = cpu_to_le16(aid);
 825        hdr->rts_tries = info->control.rates[0].count;
 826
 827        /*
 828         * we register the rates in perfect order, and
 829         * RTS/CTS won't happen on 5 GHz
 830         */
 831        cts_rate = info->control.rts_cts_rate_idx;
 832
 833        memset(&txhdr->rateset, 0, sizeof(txhdr->rateset));
 834
 835        /* see how many rates got used */
 836        for (i = 0; i < dev->max_rates; i++) {
 837                if (info->control.rates[i].idx < 0)
 838                        break;
 839                nrates++;
 840        }
 841
 842        /* limit tries to 8/nrates per rate */
 843        for (i = 0; i < nrates; i++) {
 844                /*
 845                 * The magic expression here is equivalent to 8/nrates for
 846                 * all values that matter, but avoids division and jumps.
 847                 * Note that nrates can only take the values 1 through 4.
 848                 */
 849                calculated_tries[i] = min_t(int, ((15 >> nrates) | 1) + 1,
 850                                                 info->control.rates[i].count);
 851                nremaining -= calculated_tries[i];
 852        }
 853
 854        /* if there are tries left, distribute from back to front */
 855        for (i = nrates - 1; nremaining > 0 && i >= 0; i--) {
 856                int tmp = info->control.rates[i].count - calculated_tries[i];
 857
 858                if (tmp <= 0)
 859                        continue;
 860                /* RC requested more tries at this rate */
 861
 862                tmp = min_t(int, tmp, nremaining);
 863                calculated_tries[i] += tmp;
 864                nremaining -= tmp;
 865        }
 866
 867        ridx = 0;
 868        for (i = 0; i < nrates && ridx < 8; i++) {
 869                /* we register the rates in perfect order */
 870                rate = info->control.rates[i].idx;
 871                if (info->band == IEEE80211_BAND_5GHZ)
 872                        rate += 4;
 873
 874                /* store the count we actually calculated for TX status */
 875                info->control.rates[i].count = calculated_tries[i];
 876
 877                rc_flags = info->control.rates[i].flags;
 878                if (rc_flags & IEEE80211_TX_RC_USE_SHORT_PREAMBLE) {
 879                        rate |= 0x10;
 880                        cts_rate |= 0x10;
 881                }
 882                if (rc_flags & IEEE80211_TX_RC_USE_RTS_CTS) {
 883                        burst_allowed = false;
 884                        rate |= 0x40;
 885                } else if (rc_flags & IEEE80211_TX_RC_USE_CTS_PROTECT) {
 886                        rate |= 0x20;
 887                        burst_allowed = false;
 888                }
 889                for (j = 0; j < calculated_tries[i] && ridx < 8; j++) {
 890                        txhdr->rateset[ridx] = rate;
 891                        ridx++;
 892                }
 893        }
 894
 895        if (burst_allowed)
 896                hdr_flags |= P54_HDR_FLAG_DATA_OUT_BURST;
 897
 898        /* TODO: enable bursting */
 899        hdr->flags = cpu_to_le16(hdr_flags);
 900        hdr->tries = ridx;
 901        txhdr->rts_rate_idx = 0;
 902        if (info->control.hw_key) {
 903                txhdr->key_type = p54_convert_algo(info->control.hw_key->cipher);
 904                txhdr->key_len = min((u8)16, info->control.hw_key->keylen);
 905                memcpy(txhdr->key, info->control.hw_key->key, txhdr->key_len);
 906                if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
 907                        /* reserve space for the MIC key */
 908                        len += 8;
 909                        memcpy(skb_put(skb, 8), &(info->control.hw_key->key
 910                                [NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY]), 8);
 911                }
 912                /* reserve some space for ICV */
 913                len += info->control.hw_key->icv_len;
 914                memset(skb_put(skb, info->control.hw_key->icv_len), 0,
 915                       info->control.hw_key->icv_len);
 916        } else {
 917                txhdr->key_type = 0;
 918                txhdr->key_len = 0;
 919        }
 920        txhdr->crypt_offset = crypt_offset;
 921        txhdr->hw_queue = queue;
 922        txhdr->backlog = priv->tx_stats[queue].len - 1;
 923        memset(txhdr->durations, 0, sizeof(txhdr->durations));
 924        txhdr->tx_antenna = 2 & priv->tx_diversity_mask;
 925        if (priv->rxhw == 5) {
 926                txhdr->longbow.cts_rate = cts_rate;
 927                txhdr->longbow.output_power = cpu_to_le16(priv->output_power);
 928        } else {
 929                txhdr->normal.output_power = priv->output_power;
 930                txhdr->normal.cts_rate = cts_rate;
 931        }
 932        if (padding)
 933                txhdr->align[0] = padding;
 934
 935        hdr->len = cpu_to_le16(len);
 936        /* modifies skb->cb and with it info, so must be last! */
 937        p54info = (void *) info->rate_driver_data;
 938        p54info->extra_len = extra_len;
 939
 940        p54_tx(priv, skb);
 941}
 942