1
2
3
4
5
6
7
8#include "core.h"
9#include "htc.h"
10#include "htt.h"
11#include "txrx.h"
12#include "debug.h"
13#include "trace.h"
14#include "mac.h"
15
16#include <linux/log2.h>
17#include <linux/bitfield.h>
18
19
20#define HTT_RX_RING_REFILL_RETRY_MS 50
21
22#define HTT_RX_RING_REFILL_RESCHED_MS 5
23
24static int ath10k_htt_rx_get_csum_state(struct sk_buff *skb);
25
26static struct sk_buff *
27ath10k_htt_rx_find_skb_paddr(struct ath10k *ar, u64 paddr)
28{
29 struct ath10k_skb_rxcb *rxcb;
30
31 hash_for_each_possible(ar->htt.rx_ring.skb_table, rxcb, hlist, paddr)
32 if (rxcb->paddr == paddr)
33 return ATH10K_RXCB_SKB(rxcb);
34
35 WARN_ON_ONCE(1);
36 return NULL;
37}
38
39static void ath10k_htt_rx_ring_free(struct ath10k_htt *htt)
40{
41 struct sk_buff *skb;
42 struct ath10k_skb_rxcb *rxcb;
43 struct hlist_node *n;
44 int i;
45
46 if (htt->rx_ring.in_ord_rx) {
47 hash_for_each_safe(htt->rx_ring.skb_table, i, n, rxcb, hlist) {
48 skb = ATH10K_RXCB_SKB(rxcb);
49 dma_unmap_single(htt->ar->dev, rxcb->paddr,
50 skb->len + skb_tailroom(skb),
51 DMA_FROM_DEVICE);
52 hash_del(&rxcb->hlist);
53 dev_kfree_skb_any(skb);
54 }
55 } else {
56 for (i = 0; i < htt->rx_ring.size; i++) {
57 skb = htt->rx_ring.netbufs_ring[i];
58 if (!skb)
59 continue;
60
61 rxcb = ATH10K_SKB_RXCB(skb);
62 dma_unmap_single(htt->ar->dev, rxcb->paddr,
63 skb->len + skb_tailroom(skb),
64 DMA_FROM_DEVICE);
65 dev_kfree_skb_any(skb);
66 }
67 }
68
69 htt->rx_ring.fill_cnt = 0;
70 hash_init(htt->rx_ring.skb_table);
71 memset(htt->rx_ring.netbufs_ring, 0,
72 htt->rx_ring.size * sizeof(htt->rx_ring.netbufs_ring[0]));
73}
74
75static size_t ath10k_htt_get_rx_ring_size_32(struct ath10k_htt *htt)
76{
77 return htt->rx_ring.size * sizeof(htt->rx_ring.paddrs_ring_32);
78}
79
80static size_t ath10k_htt_get_rx_ring_size_64(struct ath10k_htt *htt)
81{
82 return htt->rx_ring.size * sizeof(htt->rx_ring.paddrs_ring_64);
83}
84
85static void ath10k_htt_config_paddrs_ring_32(struct ath10k_htt *htt,
86 void *vaddr)
87{
88 htt->rx_ring.paddrs_ring_32 = vaddr;
89}
90
91static void ath10k_htt_config_paddrs_ring_64(struct ath10k_htt *htt,
92 void *vaddr)
93{
94 htt->rx_ring.paddrs_ring_64 = vaddr;
95}
96
97static void ath10k_htt_set_paddrs_ring_32(struct ath10k_htt *htt,
98 dma_addr_t paddr, int idx)
99{
100 htt->rx_ring.paddrs_ring_32[idx] = __cpu_to_le32(paddr);
101}
102
103static void ath10k_htt_set_paddrs_ring_64(struct ath10k_htt *htt,
104 dma_addr_t paddr, int idx)
105{
106 htt->rx_ring.paddrs_ring_64[idx] = __cpu_to_le64(paddr);
107}
108
109static void ath10k_htt_reset_paddrs_ring_32(struct ath10k_htt *htt, int idx)
110{
111 htt->rx_ring.paddrs_ring_32[idx] = 0;
112}
113
114static void ath10k_htt_reset_paddrs_ring_64(struct ath10k_htt *htt, int idx)
115{
116 htt->rx_ring.paddrs_ring_64[idx] = 0;
117}
118
119static void *ath10k_htt_get_vaddr_ring_32(struct ath10k_htt *htt)
120{
121 return (void *)htt->rx_ring.paddrs_ring_32;
122}
123
124static void *ath10k_htt_get_vaddr_ring_64(struct ath10k_htt *htt)
125{
126 return (void *)htt->rx_ring.paddrs_ring_64;
127}
128
129static int __ath10k_htt_rx_ring_fill_n(struct ath10k_htt *htt, int num)
130{
131 struct htt_rx_desc *rx_desc;
132 struct ath10k_skb_rxcb *rxcb;
133 struct sk_buff *skb;
134 dma_addr_t paddr;
135 int ret = 0, idx;
136
137
138
139
140
141
142 BUILD_BUG_ON(HTT_RX_RING_FILL_LEVEL >= HTT_RX_RING_SIZE / 2);
143
144 idx = __le32_to_cpu(*htt->rx_ring.alloc_idx.vaddr);
145 while (num > 0) {
146 skb = dev_alloc_skb(HTT_RX_BUF_SIZE + HTT_RX_DESC_ALIGN);
147 if (!skb) {
148 ret = -ENOMEM;
149 goto fail;
150 }
151
152 if (!IS_ALIGNED((unsigned long)skb->data, HTT_RX_DESC_ALIGN))
153 skb_pull(skb,
154 PTR_ALIGN(skb->data, HTT_RX_DESC_ALIGN) -
155 skb->data);
156
157
158 rx_desc = (struct htt_rx_desc *)skb->data;
159 rx_desc->attention.flags = __cpu_to_le32(0);
160
161 paddr = dma_map_single(htt->ar->dev, skb->data,
162 skb->len + skb_tailroom(skb),
163 DMA_FROM_DEVICE);
164
165 if (unlikely(dma_mapping_error(htt->ar->dev, paddr))) {
166 dev_kfree_skb_any(skb);
167 ret = -ENOMEM;
168 goto fail;
169 }
170
171 rxcb = ATH10K_SKB_RXCB(skb);
172 rxcb->paddr = paddr;
173 htt->rx_ring.netbufs_ring[idx] = skb;
174 ath10k_htt_set_paddrs_ring(htt, paddr, idx);
175 htt->rx_ring.fill_cnt++;
176
177 if (htt->rx_ring.in_ord_rx) {
178 hash_add(htt->rx_ring.skb_table,
179 &ATH10K_SKB_RXCB(skb)->hlist,
180 paddr);
181 }
182
183 num--;
184 idx++;
185 idx &= htt->rx_ring.size_mask;
186 }
187
188fail:
189
190
191
192
193 mb();
194 *htt->rx_ring.alloc_idx.vaddr = __cpu_to_le32(idx);
195 return ret;
196}
197
198static int ath10k_htt_rx_ring_fill_n(struct ath10k_htt *htt, int num)
199{
200 lockdep_assert_held(&htt->rx_ring.lock);
201 return __ath10k_htt_rx_ring_fill_n(htt, num);
202}
203
204static void ath10k_htt_rx_msdu_buff_replenish(struct ath10k_htt *htt)
205{
206 int ret, num_deficit, num_to_fill;
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224 spin_lock_bh(&htt->rx_ring.lock);
225 num_deficit = htt->rx_ring.fill_level - htt->rx_ring.fill_cnt;
226 num_to_fill = min(ATH10K_HTT_MAX_NUM_REFILL, num_deficit);
227 num_deficit -= num_to_fill;
228 ret = ath10k_htt_rx_ring_fill_n(htt, num_to_fill);
229 if (ret == -ENOMEM) {
230
231
232
233
234
235
236 mod_timer(&htt->rx_ring.refill_retry_timer, jiffies +
237 msecs_to_jiffies(HTT_RX_RING_REFILL_RETRY_MS));
238 } else if (num_deficit > 0) {
239 mod_timer(&htt->rx_ring.refill_retry_timer, jiffies +
240 msecs_to_jiffies(HTT_RX_RING_REFILL_RESCHED_MS));
241 }
242 spin_unlock_bh(&htt->rx_ring.lock);
243}
244
245static void ath10k_htt_rx_ring_refill_retry(struct timer_list *t)
246{
247 struct ath10k_htt *htt = from_timer(htt, t, rx_ring.refill_retry_timer);
248
249 ath10k_htt_rx_msdu_buff_replenish(htt);
250}
251
252int ath10k_htt_rx_ring_refill(struct ath10k *ar)
253{
254 struct ath10k_htt *htt = &ar->htt;
255 int ret;
256
257 if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
258 return 0;
259
260 spin_lock_bh(&htt->rx_ring.lock);
261 ret = ath10k_htt_rx_ring_fill_n(htt, (htt->rx_ring.fill_level -
262 htt->rx_ring.fill_cnt));
263
264 if (ret)
265 ath10k_htt_rx_ring_free(htt);
266
267 spin_unlock_bh(&htt->rx_ring.lock);
268
269 return ret;
270}
271
272void ath10k_htt_rx_free(struct ath10k_htt *htt)
273{
274 if (htt->ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
275 return;
276
277 del_timer_sync(&htt->rx_ring.refill_retry_timer);
278
279 skb_queue_purge(&htt->rx_msdus_q);
280 skb_queue_purge(&htt->rx_in_ord_compl_q);
281 skb_queue_purge(&htt->tx_fetch_ind_q);
282
283 spin_lock_bh(&htt->rx_ring.lock);
284 ath10k_htt_rx_ring_free(htt);
285 spin_unlock_bh(&htt->rx_ring.lock);
286
287 dma_free_coherent(htt->ar->dev,
288 ath10k_htt_get_rx_ring_size(htt),
289 ath10k_htt_get_vaddr_ring(htt),
290 htt->rx_ring.base_paddr);
291
292 dma_free_coherent(htt->ar->dev,
293 sizeof(*htt->rx_ring.alloc_idx.vaddr),
294 htt->rx_ring.alloc_idx.vaddr,
295 htt->rx_ring.alloc_idx.paddr);
296
297 kfree(htt->rx_ring.netbufs_ring);
298}
299
300static inline struct sk_buff *ath10k_htt_rx_netbuf_pop(struct ath10k_htt *htt)
301{
302 struct ath10k *ar = htt->ar;
303 int idx;
304 struct sk_buff *msdu;
305
306 lockdep_assert_held(&htt->rx_ring.lock);
307
308 if (htt->rx_ring.fill_cnt == 0) {
309 ath10k_warn(ar, "tried to pop sk_buff from an empty rx ring\n");
310 return NULL;
311 }
312
313 idx = htt->rx_ring.sw_rd_idx.msdu_payld;
314 msdu = htt->rx_ring.netbufs_ring[idx];
315 htt->rx_ring.netbufs_ring[idx] = NULL;
316 ath10k_htt_reset_paddrs_ring(htt, idx);
317
318 idx++;
319 idx &= htt->rx_ring.size_mask;
320 htt->rx_ring.sw_rd_idx.msdu_payld = idx;
321 htt->rx_ring.fill_cnt--;
322
323 dma_unmap_single(htt->ar->dev,
324 ATH10K_SKB_RXCB(msdu)->paddr,
325 msdu->len + skb_tailroom(msdu),
326 DMA_FROM_DEVICE);
327 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt rx netbuf pop: ",
328 msdu->data, msdu->len + skb_tailroom(msdu));
329
330 return msdu;
331}
332
333
334static int ath10k_htt_rx_amsdu_pop(struct ath10k_htt *htt,
335 struct sk_buff_head *amsdu)
336{
337 struct ath10k *ar = htt->ar;
338 int msdu_len, msdu_chaining = 0;
339 struct sk_buff *msdu;
340 struct htt_rx_desc *rx_desc;
341
342 lockdep_assert_held(&htt->rx_ring.lock);
343
344 for (;;) {
345 int last_msdu, msdu_len_invalid, msdu_chained;
346
347 msdu = ath10k_htt_rx_netbuf_pop(htt);
348 if (!msdu) {
349 __skb_queue_purge(amsdu);
350 return -ENOENT;
351 }
352
353 __skb_queue_tail(amsdu, msdu);
354
355 rx_desc = (struct htt_rx_desc *)msdu->data;
356
357
358
359
360 skb_put(msdu, offsetof(struct htt_rx_desc, msdu_payload));
361 skb_pull(msdu, offsetof(struct htt_rx_desc, msdu_payload));
362
363
364
365
366
367
368
369
370
371 if (!(__le32_to_cpu(rx_desc->attention.flags)
372 & RX_ATTENTION_FLAGS_MSDU_DONE)) {
373 __skb_queue_purge(amsdu);
374 return -EIO;
375 }
376
377 msdu_len_invalid = !!(__le32_to_cpu(rx_desc->attention.flags)
378 & (RX_ATTENTION_FLAGS_MPDU_LENGTH_ERR |
379 RX_ATTENTION_FLAGS_MSDU_LENGTH_ERR));
380 msdu_len = MS(__le32_to_cpu(rx_desc->msdu_start.common.info0),
381 RX_MSDU_START_INFO0_MSDU_LENGTH);
382 msdu_chained = rx_desc->frag_info.ring2_more_count;
383
384 if (msdu_len_invalid)
385 msdu_len = 0;
386
387 skb_trim(msdu, 0);
388 skb_put(msdu, min(msdu_len, HTT_RX_MSDU_SIZE));
389 msdu_len -= msdu->len;
390
391
392 while (msdu_chained--) {
393 msdu = ath10k_htt_rx_netbuf_pop(htt);
394 if (!msdu) {
395 __skb_queue_purge(amsdu);
396 return -ENOENT;
397 }
398
399 __skb_queue_tail(amsdu, msdu);
400 skb_trim(msdu, 0);
401 skb_put(msdu, min(msdu_len, HTT_RX_BUF_SIZE));
402 msdu_len -= msdu->len;
403 msdu_chaining = 1;
404 }
405
406 last_msdu = __le32_to_cpu(rx_desc->msdu_end.common.info0) &
407 RX_MSDU_END_INFO0_LAST_MSDU;
408
409 trace_ath10k_htt_rx_desc(ar, &rx_desc->attention,
410 sizeof(*rx_desc) - sizeof(u32));
411
412 if (last_msdu)
413 break;
414 }
415
416 if (skb_queue_empty(amsdu))
417 msdu_chaining = -1;
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432 return msdu_chaining;
433}
434
435static struct sk_buff *ath10k_htt_rx_pop_paddr(struct ath10k_htt *htt,
436 u64 paddr)
437{
438 struct ath10k *ar = htt->ar;
439 struct ath10k_skb_rxcb *rxcb;
440 struct sk_buff *msdu;
441
442 lockdep_assert_held(&htt->rx_ring.lock);
443
444 msdu = ath10k_htt_rx_find_skb_paddr(ar, paddr);
445 if (!msdu)
446 return NULL;
447
448 rxcb = ATH10K_SKB_RXCB(msdu);
449 hash_del(&rxcb->hlist);
450 htt->rx_ring.fill_cnt--;
451
452 dma_unmap_single(htt->ar->dev, rxcb->paddr,
453 msdu->len + skb_tailroom(msdu),
454 DMA_FROM_DEVICE);
455 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt rx netbuf pop: ",
456 msdu->data, msdu->len + skb_tailroom(msdu));
457
458 return msdu;
459}
460
461static inline void ath10k_htt_append_frag_list(struct sk_buff *skb_head,
462 struct sk_buff *frag_list,
463 unsigned int frag_len)
464{
465 skb_shinfo(skb_head)->frag_list = frag_list;
466 skb_head->data_len = frag_len;
467 skb_head->len += skb_head->data_len;
468}
469
470static int ath10k_htt_rx_handle_amsdu_mon_32(struct ath10k_htt *htt,
471 struct sk_buff *msdu,
472 struct htt_rx_in_ord_msdu_desc **msdu_desc)
473{
474 struct ath10k *ar = htt->ar;
475 u32 paddr;
476 struct sk_buff *frag_buf;
477 struct sk_buff *prev_frag_buf;
478 u8 last_frag;
479 struct htt_rx_in_ord_msdu_desc *ind_desc = *msdu_desc;
480 struct htt_rx_desc *rxd;
481 int amsdu_len = __le16_to_cpu(ind_desc->msdu_len);
482
483 rxd = (void *)msdu->data;
484 trace_ath10k_htt_rx_desc(ar, rxd, sizeof(*rxd));
485
486 skb_put(msdu, sizeof(struct htt_rx_desc));
487 skb_pull(msdu, sizeof(struct htt_rx_desc));
488 skb_put(msdu, min(amsdu_len, HTT_RX_MSDU_SIZE));
489 amsdu_len -= msdu->len;
490
491 last_frag = ind_desc->reserved;
492 if (last_frag) {
493 if (amsdu_len) {
494 ath10k_warn(ar, "invalid amsdu len %u, left %d",
495 __le16_to_cpu(ind_desc->msdu_len),
496 amsdu_len);
497 }
498 return 0;
499 }
500
501 ind_desc++;
502 paddr = __le32_to_cpu(ind_desc->msdu_paddr);
503 frag_buf = ath10k_htt_rx_pop_paddr(htt, paddr);
504 if (!frag_buf) {
505 ath10k_warn(ar, "failed to pop frag-1 paddr: 0x%x", paddr);
506 return -ENOENT;
507 }
508
509 skb_put(frag_buf, min(amsdu_len, HTT_RX_BUF_SIZE));
510 ath10k_htt_append_frag_list(msdu, frag_buf, amsdu_len);
511
512 amsdu_len -= frag_buf->len;
513 prev_frag_buf = frag_buf;
514 last_frag = ind_desc->reserved;
515 while (!last_frag) {
516 ind_desc++;
517 paddr = __le32_to_cpu(ind_desc->msdu_paddr);
518 frag_buf = ath10k_htt_rx_pop_paddr(htt, paddr);
519 if (!frag_buf) {
520 ath10k_warn(ar, "failed to pop frag-n paddr: 0x%x",
521 paddr);
522 prev_frag_buf->next = NULL;
523 return -ENOENT;
524 }
525
526 skb_put(frag_buf, min(amsdu_len, HTT_RX_BUF_SIZE));
527 last_frag = ind_desc->reserved;
528 amsdu_len -= frag_buf->len;
529
530 prev_frag_buf->next = frag_buf;
531 prev_frag_buf = frag_buf;
532 }
533
534 if (amsdu_len) {
535 ath10k_warn(ar, "invalid amsdu len %u, left %d",
536 __le16_to_cpu(ind_desc->msdu_len), amsdu_len);
537 }
538
539 *msdu_desc = ind_desc;
540
541 prev_frag_buf->next = NULL;
542 return 0;
543}
544
545static int
546ath10k_htt_rx_handle_amsdu_mon_64(struct ath10k_htt *htt,
547 struct sk_buff *msdu,
548 struct htt_rx_in_ord_msdu_desc_ext **msdu_desc)
549{
550 struct ath10k *ar = htt->ar;
551 u64 paddr;
552 struct sk_buff *frag_buf;
553 struct sk_buff *prev_frag_buf;
554 u8 last_frag;
555 struct htt_rx_in_ord_msdu_desc_ext *ind_desc = *msdu_desc;
556 struct htt_rx_desc *rxd;
557 int amsdu_len = __le16_to_cpu(ind_desc->msdu_len);
558
559 rxd = (void *)msdu->data;
560 trace_ath10k_htt_rx_desc(ar, rxd, sizeof(*rxd));
561
562 skb_put(msdu, sizeof(struct htt_rx_desc));
563 skb_pull(msdu, sizeof(struct htt_rx_desc));
564 skb_put(msdu, min(amsdu_len, HTT_RX_MSDU_SIZE));
565 amsdu_len -= msdu->len;
566
567 last_frag = ind_desc->reserved;
568 if (last_frag) {
569 if (amsdu_len) {
570 ath10k_warn(ar, "invalid amsdu len %u, left %d",
571 __le16_to_cpu(ind_desc->msdu_len),
572 amsdu_len);
573 }
574 return 0;
575 }
576
577 ind_desc++;
578 paddr = __le64_to_cpu(ind_desc->msdu_paddr);
579 frag_buf = ath10k_htt_rx_pop_paddr(htt, paddr);
580 if (!frag_buf) {
581 ath10k_warn(ar, "failed to pop frag-1 paddr: 0x%llx", paddr);
582 return -ENOENT;
583 }
584
585 skb_put(frag_buf, min(amsdu_len, HTT_RX_BUF_SIZE));
586 ath10k_htt_append_frag_list(msdu, frag_buf, amsdu_len);
587
588 amsdu_len -= frag_buf->len;
589 prev_frag_buf = frag_buf;
590 last_frag = ind_desc->reserved;
591 while (!last_frag) {
592 ind_desc++;
593 paddr = __le64_to_cpu(ind_desc->msdu_paddr);
594 frag_buf = ath10k_htt_rx_pop_paddr(htt, paddr);
595 if (!frag_buf) {
596 ath10k_warn(ar, "failed to pop frag-n paddr: 0x%llx",
597 paddr);
598 prev_frag_buf->next = NULL;
599 return -ENOENT;
600 }
601
602 skb_put(frag_buf, min(amsdu_len, HTT_RX_BUF_SIZE));
603 last_frag = ind_desc->reserved;
604 amsdu_len -= frag_buf->len;
605
606 prev_frag_buf->next = frag_buf;
607 prev_frag_buf = frag_buf;
608 }
609
610 if (amsdu_len) {
611 ath10k_warn(ar, "invalid amsdu len %u, left %d",
612 __le16_to_cpu(ind_desc->msdu_len), amsdu_len);
613 }
614
615 *msdu_desc = ind_desc;
616
617 prev_frag_buf->next = NULL;
618 return 0;
619}
620
621static int ath10k_htt_rx_pop_paddr32_list(struct ath10k_htt *htt,
622 struct htt_rx_in_ord_ind *ev,
623 struct sk_buff_head *list)
624{
625 struct ath10k *ar = htt->ar;
626 struct htt_rx_in_ord_msdu_desc *msdu_desc = ev->msdu_descs32;
627 struct htt_rx_desc *rxd;
628 struct sk_buff *msdu;
629 int msdu_count, ret;
630 bool is_offload;
631 u32 paddr;
632
633 lockdep_assert_held(&htt->rx_ring.lock);
634
635 msdu_count = __le16_to_cpu(ev->msdu_count);
636 is_offload = !!(ev->info & HTT_RX_IN_ORD_IND_INFO_OFFLOAD_MASK);
637
638 while (msdu_count--) {
639 paddr = __le32_to_cpu(msdu_desc->msdu_paddr);
640
641 msdu = ath10k_htt_rx_pop_paddr(htt, paddr);
642 if (!msdu) {
643 __skb_queue_purge(list);
644 return -ENOENT;
645 }
646
647 if (!is_offload && ar->monitor_arvif) {
648 ret = ath10k_htt_rx_handle_amsdu_mon_32(htt, msdu,
649 &msdu_desc);
650 if (ret) {
651 __skb_queue_purge(list);
652 return ret;
653 }
654 __skb_queue_tail(list, msdu);
655 msdu_desc++;
656 continue;
657 }
658
659 __skb_queue_tail(list, msdu);
660
661 if (!is_offload) {
662 rxd = (void *)msdu->data;
663
664 trace_ath10k_htt_rx_desc(ar, rxd, sizeof(*rxd));
665
666 skb_put(msdu, sizeof(*rxd));
667 skb_pull(msdu, sizeof(*rxd));
668 skb_put(msdu, __le16_to_cpu(msdu_desc->msdu_len));
669
670 if (!(__le32_to_cpu(rxd->attention.flags) &
671 RX_ATTENTION_FLAGS_MSDU_DONE)) {
672 ath10k_warn(htt->ar, "tried to pop an incomplete frame, oops!\n");
673 return -EIO;
674 }
675 }
676
677 msdu_desc++;
678 }
679
680 return 0;
681}
682
683static int ath10k_htt_rx_pop_paddr64_list(struct ath10k_htt *htt,
684 struct htt_rx_in_ord_ind *ev,
685 struct sk_buff_head *list)
686{
687 struct ath10k *ar = htt->ar;
688 struct htt_rx_in_ord_msdu_desc_ext *msdu_desc = ev->msdu_descs64;
689 struct htt_rx_desc *rxd;
690 struct sk_buff *msdu;
691 int msdu_count, ret;
692 bool is_offload;
693 u64 paddr;
694
695 lockdep_assert_held(&htt->rx_ring.lock);
696
697 msdu_count = __le16_to_cpu(ev->msdu_count);
698 is_offload = !!(ev->info & HTT_RX_IN_ORD_IND_INFO_OFFLOAD_MASK);
699
700 while (msdu_count--) {
701 paddr = __le64_to_cpu(msdu_desc->msdu_paddr);
702 msdu = ath10k_htt_rx_pop_paddr(htt, paddr);
703 if (!msdu) {
704 __skb_queue_purge(list);
705 return -ENOENT;
706 }
707
708 if (!is_offload && ar->monitor_arvif) {
709 ret = ath10k_htt_rx_handle_amsdu_mon_64(htt, msdu,
710 &msdu_desc);
711 if (ret) {
712 __skb_queue_purge(list);
713 return ret;
714 }
715 __skb_queue_tail(list, msdu);
716 msdu_desc++;
717 continue;
718 }
719
720 __skb_queue_tail(list, msdu);
721
722 if (!is_offload) {
723 rxd = (void *)msdu->data;
724
725 trace_ath10k_htt_rx_desc(ar, rxd, sizeof(*rxd));
726
727 skb_put(msdu, sizeof(*rxd));
728 skb_pull(msdu, sizeof(*rxd));
729 skb_put(msdu, __le16_to_cpu(msdu_desc->msdu_len));
730
731 if (!(__le32_to_cpu(rxd->attention.flags) &
732 RX_ATTENTION_FLAGS_MSDU_DONE)) {
733 ath10k_warn(htt->ar, "tried to pop an incomplete frame, oops!\n");
734 return -EIO;
735 }
736 }
737
738 msdu_desc++;
739 }
740
741 return 0;
742}
743
744int ath10k_htt_rx_alloc(struct ath10k_htt *htt)
745{
746 struct ath10k *ar = htt->ar;
747 dma_addr_t paddr;
748 void *vaddr, *vaddr_ring;
749 size_t size;
750 struct timer_list *timer = &htt->rx_ring.refill_retry_timer;
751
752 if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
753 return 0;
754
755 htt->rx_confused = false;
756
757
758
759
760 htt->rx_ring.size = HTT_RX_RING_SIZE;
761 htt->rx_ring.size_mask = htt->rx_ring.size - 1;
762 htt->rx_ring.fill_level = ar->hw_params.rx_ring_fill_level;
763
764 if (!is_power_of_2(htt->rx_ring.size)) {
765 ath10k_warn(ar, "htt rx ring size is not power of 2\n");
766 return -EINVAL;
767 }
768
769 htt->rx_ring.netbufs_ring =
770 kcalloc(htt->rx_ring.size, sizeof(struct sk_buff *),
771 GFP_KERNEL);
772 if (!htt->rx_ring.netbufs_ring)
773 goto err_netbuf;
774
775 size = ath10k_htt_get_rx_ring_size(htt);
776
777 vaddr_ring = dma_alloc_coherent(htt->ar->dev, size, &paddr, GFP_KERNEL);
778 if (!vaddr_ring)
779 goto err_dma_ring;
780
781 ath10k_htt_config_paddrs_ring(htt, vaddr_ring);
782 htt->rx_ring.base_paddr = paddr;
783
784 vaddr = dma_alloc_coherent(htt->ar->dev,
785 sizeof(*htt->rx_ring.alloc_idx.vaddr),
786 &paddr, GFP_KERNEL);
787 if (!vaddr)
788 goto err_dma_idx;
789
790 htt->rx_ring.alloc_idx.vaddr = vaddr;
791 htt->rx_ring.alloc_idx.paddr = paddr;
792 htt->rx_ring.sw_rd_idx.msdu_payld = htt->rx_ring.size_mask;
793 *htt->rx_ring.alloc_idx.vaddr = 0;
794
795
796 timer_setup(timer, ath10k_htt_rx_ring_refill_retry, 0);
797
798 spin_lock_init(&htt->rx_ring.lock);
799
800 htt->rx_ring.fill_cnt = 0;
801 htt->rx_ring.sw_rd_idx.msdu_payld = 0;
802 hash_init(htt->rx_ring.skb_table);
803
804 skb_queue_head_init(&htt->rx_msdus_q);
805 skb_queue_head_init(&htt->rx_in_ord_compl_q);
806 skb_queue_head_init(&htt->tx_fetch_ind_q);
807 atomic_set(&htt->num_mpdus_ready, 0);
808
809 ath10k_dbg(ar, ATH10K_DBG_BOOT, "htt rx ring size %d fill_level %d\n",
810 htt->rx_ring.size, htt->rx_ring.fill_level);
811 return 0;
812
813err_dma_idx:
814 dma_free_coherent(htt->ar->dev,
815 ath10k_htt_get_rx_ring_size(htt),
816 vaddr_ring,
817 htt->rx_ring.base_paddr);
818err_dma_ring:
819 kfree(htt->rx_ring.netbufs_ring);
820err_netbuf:
821 return -ENOMEM;
822}
823
824static int ath10k_htt_rx_crypto_param_len(struct ath10k *ar,
825 enum htt_rx_mpdu_encrypt_type type)
826{
827 switch (type) {
828 case HTT_RX_MPDU_ENCRYPT_NONE:
829 return 0;
830 case HTT_RX_MPDU_ENCRYPT_WEP40:
831 case HTT_RX_MPDU_ENCRYPT_WEP104:
832 return IEEE80211_WEP_IV_LEN;
833 case HTT_RX_MPDU_ENCRYPT_TKIP_WITHOUT_MIC:
834 case HTT_RX_MPDU_ENCRYPT_TKIP_WPA:
835 return IEEE80211_TKIP_IV_LEN;
836 case HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2:
837 return IEEE80211_CCMP_HDR_LEN;
838 case HTT_RX_MPDU_ENCRYPT_AES_CCM256_WPA2:
839 return IEEE80211_CCMP_256_HDR_LEN;
840 case HTT_RX_MPDU_ENCRYPT_AES_GCMP_WPA2:
841 case HTT_RX_MPDU_ENCRYPT_AES_GCMP256_WPA2:
842 return IEEE80211_GCMP_HDR_LEN;
843 case HTT_RX_MPDU_ENCRYPT_WEP128:
844 case HTT_RX_MPDU_ENCRYPT_WAPI:
845 break;
846 }
847
848 ath10k_warn(ar, "unsupported encryption type %d\n", type);
849 return 0;
850}
851
852#define MICHAEL_MIC_LEN 8
853
854static int ath10k_htt_rx_crypto_mic_len(struct ath10k *ar,
855 enum htt_rx_mpdu_encrypt_type type)
856{
857 switch (type) {
858 case HTT_RX_MPDU_ENCRYPT_NONE:
859 case HTT_RX_MPDU_ENCRYPT_WEP40:
860 case HTT_RX_MPDU_ENCRYPT_WEP104:
861 case HTT_RX_MPDU_ENCRYPT_TKIP_WITHOUT_MIC:
862 case HTT_RX_MPDU_ENCRYPT_TKIP_WPA:
863 return 0;
864 case HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2:
865 return IEEE80211_CCMP_MIC_LEN;
866 case HTT_RX_MPDU_ENCRYPT_AES_CCM256_WPA2:
867 return IEEE80211_CCMP_256_MIC_LEN;
868 case HTT_RX_MPDU_ENCRYPT_AES_GCMP_WPA2:
869 case HTT_RX_MPDU_ENCRYPT_AES_GCMP256_WPA2:
870 return IEEE80211_GCMP_MIC_LEN;
871 case HTT_RX_MPDU_ENCRYPT_WEP128:
872 case HTT_RX_MPDU_ENCRYPT_WAPI:
873 break;
874 }
875
876 ath10k_warn(ar, "unsupported encryption type %d\n", type);
877 return 0;
878}
879
880static int ath10k_htt_rx_crypto_icv_len(struct ath10k *ar,
881 enum htt_rx_mpdu_encrypt_type type)
882{
883 switch (type) {
884 case HTT_RX_MPDU_ENCRYPT_NONE:
885 case HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2:
886 case HTT_RX_MPDU_ENCRYPT_AES_CCM256_WPA2:
887 case HTT_RX_MPDU_ENCRYPT_AES_GCMP_WPA2:
888 case HTT_RX_MPDU_ENCRYPT_AES_GCMP256_WPA2:
889 return 0;
890 case HTT_RX_MPDU_ENCRYPT_WEP40:
891 case HTT_RX_MPDU_ENCRYPT_WEP104:
892 return IEEE80211_WEP_ICV_LEN;
893 case HTT_RX_MPDU_ENCRYPT_TKIP_WITHOUT_MIC:
894 case HTT_RX_MPDU_ENCRYPT_TKIP_WPA:
895 return IEEE80211_TKIP_ICV_LEN;
896 case HTT_RX_MPDU_ENCRYPT_WEP128:
897 case HTT_RX_MPDU_ENCRYPT_WAPI:
898 break;
899 }
900
901 ath10k_warn(ar, "unsupported encryption type %d\n", type);
902 return 0;
903}
904
905struct amsdu_subframe_hdr {
906 u8 dst[ETH_ALEN];
907 u8 src[ETH_ALEN];
908 __be16 len;
909} __packed;
910
911#define GROUP_ID_IS_SU_MIMO(x) ((x) == 0 || (x) == 63)
912
913static inline u8 ath10k_bw_to_mac80211_bw(u8 bw)
914{
915 u8 ret = 0;
916
917 switch (bw) {
918 case 0:
919 ret = RATE_INFO_BW_20;
920 break;
921 case 1:
922 ret = RATE_INFO_BW_40;
923 break;
924 case 2:
925 ret = RATE_INFO_BW_80;
926 break;
927 case 3:
928 ret = RATE_INFO_BW_160;
929 break;
930 }
931
932 return ret;
933}
934
935static void ath10k_htt_rx_h_rates(struct ath10k *ar,
936 struct ieee80211_rx_status *status,
937 struct htt_rx_desc *rxd)
938{
939 struct ieee80211_supported_band *sband;
940 u8 cck, rate, bw, sgi, mcs, nss;
941 u8 preamble = 0;
942 u8 group_id;
943 u32 info1, info2, info3;
944
945 info1 = __le32_to_cpu(rxd->ppdu_start.info1);
946 info2 = __le32_to_cpu(rxd->ppdu_start.info2);
947 info3 = __le32_to_cpu(rxd->ppdu_start.info3);
948
949 preamble = MS(info1, RX_PPDU_START_INFO1_PREAMBLE_TYPE);
950
951 switch (preamble) {
952 case HTT_RX_LEGACY:
953
954
955
956 if (!status->freq)
957 return;
958
959 cck = info1 & RX_PPDU_START_INFO1_L_SIG_RATE_SELECT;
960 rate = MS(info1, RX_PPDU_START_INFO1_L_SIG_RATE);
961 rate &= ~RX_PPDU_START_RATE_FLAG;
962
963 sband = &ar->mac.sbands[status->band];
964 status->rate_idx = ath10k_mac_hw_rate_to_idx(sband, rate, cck);
965 break;
966 case HTT_RX_HT:
967 case HTT_RX_HT_WITH_TXBF:
968
969 mcs = info2 & 0x1F;
970 nss = mcs >> 3;
971 bw = (info2 >> 7) & 1;
972 sgi = (info3 >> 7) & 1;
973
974 status->rate_idx = mcs;
975 status->encoding = RX_ENC_HT;
976 if (sgi)
977 status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
978 if (bw)
979 status->bw = RATE_INFO_BW_40;
980 break;
981 case HTT_RX_VHT:
982 case HTT_RX_VHT_WITH_TXBF:
983
984
985
986 bw = info2 & 3;
987 sgi = info3 & 1;
988 group_id = (info2 >> 4) & 0x3F;
989
990 if (GROUP_ID_IS_SU_MIMO(group_id)) {
991 mcs = (info3 >> 4) & 0x0F;
992 nss = ((info2 >> 10) & 0x07) + 1;
993 } else {
994
995
996
997
998
999
1000
1001
1002
1003
1004 mcs = 0;
1005 nss = 1;
1006 }
1007
1008 if (mcs > 0x09) {
1009 ath10k_warn(ar, "invalid MCS received %u\n", mcs);
1010 ath10k_warn(ar, "rxd %08x mpdu start %08x %08x msdu start %08x %08x ppdu start %08x %08x %08x %08x %08x\n",
1011 __le32_to_cpu(rxd->attention.flags),
1012 __le32_to_cpu(rxd->mpdu_start.info0),
1013 __le32_to_cpu(rxd->mpdu_start.info1),
1014 __le32_to_cpu(rxd->msdu_start.common.info0),
1015 __le32_to_cpu(rxd->msdu_start.common.info1),
1016 rxd->ppdu_start.info0,
1017 __le32_to_cpu(rxd->ppdu_start.info1),
1018 __le32_to_cpu(rxd->ppdu_start.info2),
1019 __le32_to_cpu(rxd->ppdu_start.info3),
1020 __le32_to_cpu(rxd->ppdu_start.info4));
1021
1022 ath10k_warn(ar, "msdu end %08x mpdu end %08x\n",
1023 __le32_to_cpu(rxd->msdu_end.common.info0),
1024 __le32_to_cpu(rxd->mpdu_end.info0));
1025
1026 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL,
1027 "rx desc msdu payload: ",
1028 rxd->msdu_payload, 50);
1029 }
1030
1031 status->rate_idx = mcs;
1032 status->nss = nss;
1033
1034 if (sgi)
1035 status->enc_flags |= RX_ENC_FLAG_SHORT_GI;
1036
1037 status->bw = ath10k_bw_to_mac80211_bw(bw);
1038 status->encoding = RX_ENC_VHT;
1039 break;
1040 default:
1041 break;
1042 }
1043}
1044
1045static struct ieee80211_channel *
1046ath10k_htt_rx_h_peer_channel(struct ath10k *ar, struct htt_rx_desc *rxd)
1047{
1048 struct ath10k_peer *peer;
1049 struct ath10k_vif *arvif;
1050 struct cfg80211_chan_def def;
1051 u16 peer_id;
1052
1053 lockdep_assert_held(&ar->data_lock);
1054
1055 if (!rxd)
1056 return NULL;
1057
1058 if (rxd->attention.flags &
1059 __cpu_to_le32(RX_ATTENTION_FLAGS_PEER_IDX_INVALID))
1060 return NULL;
1061
1062 if (!(rxd->msdu_end.common.info0 &
1063 __cpu_to_le32(RX_MSDU_END_INFO0_FIRST_MSDU)))
1064 return NULL;
1065
1066 peer_id = MS(__le32_to_cpu(rxd->mpdu_start.info0),
1067 RX_MPDU_START_INFO0_PEER_IDX);
1068
1069 peer = ath10k_peer_find_by_id(ar, peer_id);
1070 if (!peer)
1071 return NULL;
1072
1073 arvif = ath10k_get_arvif(ar, peer->vdev_id);
1074 if (WARN_ON_ONCE(!arvif))
1075 return NULL;
1076
1077 if (ath10k_mac_vif_chan(arvif->vif, &def))
1078 return NULL;
1079
1080 return def.chan;
1081}
1082
1083static struct ieee80211_channel *
1084ath10k_htt_rx_h_vdev_channel(struct ath10k *ar, u32 vdev_id)
1085{
1086 struct ath10k_vif *arvif;
1087 struct cfg80211_chan_def def;
1088
1089 lockdep_assert_held(&ar->data_lock);
1090
1091 list_for_each_entry(arvif, &ar->arvifs, list) {
1092 if (arvif->vdev_id == vdev_id &&
1093 ath10k_mac_vif_chan(arvif->vif, &def) == 0)
1094 return def.chan;
1095 }
1096
1097 return NULL;
1098}
1099
1100static void
1101ath10k_htt_rx_h_any_chan_iter(struct ieee80211_hw *hw,
1102 struct ieee80211_chanctx_conf *conf,
1103 void *data)
1104{
1105 struct cfg80211_chan_def *def = data;
1106
1107 *def = conf->def;
1108}
1109
1110static struct ieee80211_channel *
1111ath10k_htt_rx_h_any_channel(struct ath10k *ar)
1112{
1113 struct cfg80211_chan_def def = {};
1114
1115 ieee80211_iter_chan_contexts_atomic(ar->hw,
1116 ath10k_htt_rx_h_any_chan_iter,
1117 &def);
1118
1119 return def.chan;
1120}
1121
1122static bool ath10k_htt_rx_h_channel(struct ath10k *ar,
1123 struct ieee80211_rx_status *status,
1124 struct htt_rx_desc *rxd,
1125 u32 vdev_id)
1126{
1127 struct ieee80211_channel *ch;
1128
1129 spin_lock_bh(&ar->data_lock);
1130 ch = ar->scan_channel;
1131 if (!ch)
1132 ch = ar->rx_channel;
1133 if (!ch)
1134 ch = ath10k_htt_rx_h_peer_channel(ar, rxd);
1135 if (!ch)
1136 ch = ath10k_htt_rx_h_vdev_channel(ar, vdev_id);
1137 if (!ch)
1138 ch = ath10k_htt_rx_h_any_channel(ar);
1139 if (!ch)
1140 ch = ar->tgt_oper_chan;
1141 spin_unlock_bh(&ar->data_lock);
1142
1143 if (!ch)
1144 return false;
1145
1146 status->band = ch->band;
1147 status->freq = ch->center_freq;
1148
1149 return true;
1150}
1151
1152static void ath10k_htt_rx_h_signal(struct ath10k *ar,
1153 struct ieee80211_rx_status *status,
1154 struct htt_rx_desc *rxd)
1155{
1156 int i;
1157
1158 for (i = 0; i < IEEE80211_MAX_CHAINS ; i++) {
1159 status->chains &= ~BIT(i);
1160
1161 if (rxd->ppdu_start.rssi_chains[i].pri20_mhz != 0x80) {
1162 status->chain_signal[i] = ATH10K_DEFAULT_NOISE_FLOOR +
1163 rxd->ppdu_start.rssi_chains[i].pri20_mhz;
1164
1165 status->chains |= BIT(i);
1166 }
1167 }
1168
1169
1170 status->signal = ATH10K_DEFAULT_NOISE_FLOOR +
1171 rxd->ppdu_start.rssi_comb;
1172 status->flag &= ~RX_FLAG_NO_SIGNAL_VAL;
1173}
1174
1175static void ath10k_htt_rx_h_mactime(struct ath10k *ar,
1176 struct ieee80211_rx_status *status,
1177 struct htt_rx_desc *rxd)
1178{
1179
1180
1181
1182
1183
1184
1185 status->mactime = __le32_to_cpu(rxd->ppdu_end.common.tsf_timestamp);
1186 status->flag |= RX_FLAG_MACTIME_END;
1187}
1188
1189static void ath10k_htt_rx_h_ppdu(struct ath10k *ar,
1190 struct sk_buff_head *amsdu,
1191 struct ieee80211_rx_status *status,
1192 u32 vdev_id)
1193{
1194 struct sk_buff *first;
1195 struct htt_rx_desc *rxd;
1196 bool is_first_ppdu;
1197 bool is_last_ppdu;
1198
1199 if (skb_queue_empty(amsdu))
1200 return;
1201
1202 first = skb_peek(amsdu);
1203 rxd = (void *)first->data - sizeof(*rxd);
1204
1205 is_first_ppdu = !!(rxd->attention.flags &
1206 __cpu_to_le32(RX_ATTENTION_FLAGS_FIRST_MPDU));
1207 is_last_ppdu = !!(rxd->attention.flags &
1208 __cpu_to_le32(RX_ATTENTION_FLAGS_LAST_MPDU));
1209
1210 if (is_first_ppdu) {
1211
1212 status->freq = 0;
1213 status->rate_idx = 0;
1214 status->nss = 0;
1215 status->encoding = RX_ENC_LEGACY;
1216 status->bw = RATE_INFO_BW_20;
1217
1218 status->flag &= ~RX_FLAG_MACTIME_END;
1219 status->flag |= RX_FLAG_NO_SIGNAL_VAL;
1220
1221 status->flag &= ~(RX_FLAG_AMPDU_IS_LAST);
1222 status->flag |= RX_FLAG_AMPDU_DETAILS | RX_FLAG_AMPDU_LAST_KNOWN;
1223 status->ampdu_reference = ar->ampdu_reference;
1224
1225 ath10k_htt_rx_h_signal(ar, status, rxd);
1226 ath10k_htt_rx_h_channel(ar, status, rxd, vdev_id);
1227 ath10k_htt_rx_h_rates(ar, status, rxd);
1228 }
1229
1230 if (is_last_ppdu) {
1231 ath10k_htt_rx_h_mactime(ar, status, rxd);
1232
1233
1234 status->flag |= RX_FLAG_AMPDU_IS_LAST;
1235 ar->ampdu_reference++;
1236 }
1237}
1238
1239static const char * const tid_to_ac[] = {
1240 "BE",
1241 "BK",
1242 "BK",
1243 "BE",
1244 "VI",
1245 "VI",
1246 "VO",
1247 "VO",
1248};
1249
1250static char *ath10k_get_tid(struct ieee80211_hdr *hdr, char *out, size_t size)
1251{
1252 u8 *qc;
1253 int tid;
1254
1255 if (!ieee80211_is_data_qos(hdr->frame_control))
1256 return "";
1257
1258 qc = ieee80211_get_qos_ctl(hdr);
1259 tid = *qc & IEEE80211_QOS_CTL_TID_MASK;
1260 if (tid < 8)
1261 snprintf(out, size, "tid %d (%s)", tid, tid_to_ac[tid]);
1262 else
1263 snprintf(out, size, "tid %d", tid);
1264
1265 return out;
1266}
1267
1268static void ath10k_htt_rx_h_queue_msdu(struct ath10k *ar,
1269 struct ieee80211_rx_status *rx_status,
1270 struct sk_buff *skb)
1271{
1272 struct ieee80211_rx_status *status;
1273
1274 status = IEEE80211_SKB_RXCB(skb);
1275 *status = *rx_status;
1276
1277 skb_queue_tail(&ar->htt.rx_msdus_q, skb);
1278}
1279
1280static void ath10k_process_rx(struct ath10k *ar, struct sk_buff *skb)
1281{
1282 struct ieee80211_rx_status *status;
1283 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1284 char tid[32];
1285
1286 status = IEEE80211_SKB_RXCB(skb);
1287
1288 ath10k_dbg(ar, ATH10K_DBG_DATA,
1289 "rx skb %pK len %u peer %pM %s %s sn %u %s%s%s%s%s%s %srate_idx %u vht_nss %u freq %u band %u flag 0x%x fcs-err %i mic-err %i amsdu-more %i\n",
1290 skb,
1291 skb->len,
1292 ieee80211_get_SA(hdr),
1293 ath10k_get_tid(hdr, tid, sizeof(tid)),
1294 is_multicast_ether_addr(ieee80211_get_DA(hdr)) ?
1295 "mcast" : "ucast",
1296 (__le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_SEQ) >> 4,
1297 (status->encoding == RX_ENC_LEGACY) ? "legacy" : "",
1298 (status->encoding == RX_ENC_HT) ? "ht" : "",
1299 (status->encoding == RX_ENC_VHT) ? "vht" : "",
1300 (status->bw == RATE_INFO_BW_40) ? "40" : "",
1301 (status->bw == RATE_INFO_BW_80) ? "80" : "",
1302 (status->bw == RATE_INFO_BW_160) ? "160" : "",
1303 status->enc_flags & RX_ENC_FLAG_SHORT_GI ? "sgi " : "",
1304 status->rate_idx,
1305 status->nss,
1306 status->freq,
1307 status->band, status->flag,
1308 !!(status->flag & RX_FLAG_FAILED_FCS_CRC),
1309 !!(status->flag & RX_FLAG_MMIC_ERROR),
1310 !!(status->flag & RX_FLAG_AMSDU_MORE));
1311 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "rx skb: ",
1312 skb->data, skb->len);
1313 trace_ath10k_rx_hdr(ar, skb->data, skb->len);
1314 trace_ath10k_rx_payload(ar, skb->data, skb->len);
1315
1316 ieee80211_rx_napi(ar->hw, NULL, skb, &ar->napi);
1317}
1318
1319static int ath10k_htt_rx_nwifi_hdrlen(struct ath10k *ar,
1320 struct ieee80211_hdr *hdr)
1321{
1322 int len = ieee80211_hdrlen(hdr->frame_control);
1323
1324 if (!test_bit(ATH10K_FW_FEATURE_NO_NWIFI_DECAP_4ADDR_PADDING,
1325 ar->running_fw->fw_file.fw_features))
1326 len = round_up(len, 4);
1327
1328 return len;
1329}
1330
1331static void ath10k_htt_rx_h_undecap_raw(struct ath10k *ar,
1332 struct sk_buff *msdu,
1333 struct ieee80211_rx_status *status,
1334 enum htt_rx_mpdu_encrypt_type enctype,
1335 bool is_decrypted,
1336 const u8 first_hdr[64])
1337{
1338 struct ieee80211_hdr *hdr;
1339 struct htt_rx_desc *rxd;
1340 size_t hdr_len;
1341 size_t crypto_len;
1342 bool is_first;
1343 bool is_last;
1344 bool msdu_limit_err;
1345 int bytes_aligned = ar->hw_params.decap_align_bytes;
1346 u8 *qos;
1347
1348 rxd = (void *)msdu->data - sizeof(*rxd);
1349 is_first = !!(rxd->msdu_end.common.info0 &
1350 __cpu_to_le32(RX_MSDU_END_INFO0_FIRST_MSDU));
1351 is_last = !!(rxd->msdu_end.common.info0 &
1352 __cpu_to_le32(RX_MSDU_END_INFO0_LAST_MSDU));
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369 msdu_limit_err = ath10k_rx_desc_msdu_limit_error(&ar->hw_params, rxd);
1370
1371
1372
1373
1374
1375 if (WARN_ON_ONCE(!is_first && !msdu_limit_err))
1376 return;
1377
1378
1379 if (WARN_ON_ONCE(!(is_first && is_last) && !msdu_limit_err))
1380 return;
1381
1382 skb_trim(msdu, msdu->len - FCS_LEN);
1383
1384
1385 if (unlikely(msdu_limit_err)) {
1386 hdr = (struct ieee80211_hdr *)first_hdr;
1387 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1388 crypto_len = ath10k_htt_rx_crypto_param_len(ar, enctype);
1389
1390 if (ieee80211_is_data_qos(hdr->frame_control)) {
1391 qos = ieee80211_get_qos_ctl(hdr);
1392 qos[0] |= IEEE80211_QOS_CTL_A_MSDU_PRESENT;
1393 }
1394
1395 if (crypto_len)
1396 memcpy(skb_push(msdu, crypto_len),
1397 (void *)hdr + round_up(hdr_len, bytes_aligned),
1398 crypto_len);
1399
1400 memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
1401 }
1402
1403
1404
1405
1406
1407
1408
1409
1410 if (!is_decrypted)
1411 return;
1412
1413
1414
1415
1416
1417 hdr = (void *)msdu->data;
1418
1419
1420 if (status->flag & RX_FLAG_IV_STRIPPED) {
1421 skb_trim(msdu, msdu->len -
1422 ath10k_htt_rx_crypto_mic_len(ar, enctype));
1423
1424 skb_trim(msdu, msdu->len -
1425 ath10k_htt_rx_crypto_icv_len(ar, enctype));
1426 } else {
1427
1428 if (status->flag & RX_FLAG_MIC_STRIPPED)
1429 skb_trim(msdu, msdu->len -
1430 ath10k_htt_rx_crypto_mic_len(ar, enctype));
1431
1432
1433 if (status->flag & RX_FLAG_ICV_STRIPPED)
1434 skb_trim(msdu, msdu->len -
1435 ath10k_htt_rx_crypto_icv_len(ar, enctype));
1436 }
1437
1438
1439 if ((status->flag & RX_FLAG_MMIC_STRIPPED) &&
1440 !ieee80211_has_morefrags(hdr->frame_control) &&
1441 enctype == HTT_RX_MPDU_ENCRYPT_TKIP_WPA)
1442 skb_trim(msdu, msdu->len - MICHAEL_MIC_LEN);
1443
1444
1445 if (status->flag & RX_FLAG_IV_STRIPPED) {
1446 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1447 crypto_len = ath10k_htt_rx_crypto_param_len(ar, enctype);
1448
1449 memmove((void *)msdu->data + crypto_len,
1450 (void *)msdu->data, hdr_len);
1451 skb_pull(msdu, crypto_len);
1452 }
1453}
1454
1455static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
1456 struct sk_buff *msdu,
1457 struct ieee80211_rx_status *status,
1458 const u8 first_hdr[64],
1459 enum htt_rx_mpdu_encrypt_type enctype)
1460{
1461 struct ieee80211_hdr *hdr;
1462 struct htt_rx_desc *rxd;
1463 size_t hdr_len;
1464 u8 da[ETH_ALEN];
1465 u8 sa[ETH_ALEN];
1466 int l3_pad_bytes;
1467 int bytes_aligned = ar->hw_params.decap_align_bytes;
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481 rxd = (void *)msdu->data - sizeof(*rxd);
1482
1483 l3_pad_bytes = ath10k_rx_desc_get_l3_pad_bytes(&ar->hw_params, rxd);
1484 skb_put(msdu, l3_pad_bytes);
1485
1486 hdr = (struct ieee80211_hdr *)(msdu->data + l3_pad_bytes);
1487
1488 hdr_len = ath10k_htt_rx_nwifi_hdrlen(ar, hdr);
1489 ether_addr_copy(da, ieee80211_get_DA(hdr));
1490 ether_addr_copy(sa, ieee80211_get_SA(hdr));
1491 skb_pull(msdu, hdr_len);
1492
1493
1494 hdr = (struct ieee80211_hdr *)first_hdr;
1495 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1496
1497 if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
1498 memcpy(skb_push(msdu,
1499 ath10k_htt_rx_crypto_param_len(ar, enctype)),
1500 (void *)hdr + round_up(hdr_len, bytes_aligned),
1501 ath10k_htt_rx_crypto_param_len(ar, enctype));
1502 }
1503
1504 memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
1505
1506
1507
1508
1509 hdr = (struct ieee80211_hdr *)msdu->data;
1510 ether_addr_copy(ieee80211_get_DA(hdr), da);
1511 ether_addr_copy(ieee80211_get_SA(hdr), sa);
1512}
1513
1514static void *ath10k_htt_rx_h_find_rfc1042(struct ath10k *ar,
1515 struct sk_buff *msdu,
1516 enum htt_rx_mpdu_encrypt_type enctype)
1517{
1518 struct ieee80211_hdr *hdr;
1519 struct htt_rx_desc *rxd;
1520 size_t hdr_len, crypto_len;
1521 void *rfc1042;
1522 bool is_first, is_last, is_amsdu;
1523 int bytes_aligned = ar->hw_params.decap_align_bytes;
1524
1525 rxd = (void *)msdu->data - sizeof(*rxd);
1526 hdr = (void *)rxd->rx_hdr_status;
1527
1528 is_first = !!(rxd->msdu_end.common.info0 &
1529 __cpu_to_le32(RX_MSDU_END_INFO0_FIRST_MSDU));
1530 is_last = !!(rxd->msdu_end.common.info0 &
1531 __cpu_to_le32(RX_MSDU_END_INFO0_LAST_MSDU));
1532 is_amsdu = !(is_first && is_last);
1533
1534 rfc1042 = hdr;
1535
1536 if (is_first) {
1537 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1538 crypto_len = ath10k_htt_rx_crypto_param_len(ar, enctype);
1539
1540 rfc1042 += round_up(hdr_len, bytes_aligned) +
1541 round_up(crypto_len, bytes_aligned);
1542 }
1543
1544 if (is_amsdu)
1545 rfc1042 += sizeof(struct amsdu_subframe_hdr);
1546
1547 return rfc1042;
1548}
1549
1550static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
1551 struct sk_buff *msdu,
1552 struct ieee80211_rx_status *status,
1553 const u8 first_hdr[64],
1554 enum htt_rx_mpdu_encrypt_type enctype)
1555{
1556 struct ieee80211_hdr *hdr;
1557 struct ethhdr *eth;
1558 size_t hdr_len;
1559 void *rfc1042;
1560 u8 da[ETH_ALEN];
1561 u8 sa[ETH_ALEN];
1562 int l3_pad_bytes;
1563 struct htt_rx_desc *rxd;
1564 int bytes_aligned = ar->hw_params.decap_align_bytes;
1565
1566
1567
1568
1569
1570
1571 rfc1042 = ath10k_htt_rx_h_find_rfc1042(ar, msdu, enctype);
1572 if (WARN_ON_ONCE(!rfc1042))
1573 return;
1574
1575 rxd = (void *)msdu->data - sizeof(*rxd);
1576 l3_pad_bytes = ath10k_rx_desc_get_l3_pad_bytes(&ar->hw_params, rxd);
1577 skb_put(msdu, l3_pad_bytes);
1578 skb_pull(msdu, l3_pad_bytes);
1579
1580
1581 eth = (struct ethhdr *)msdu->data;
1582 ether_addr_copy(da, eth->h_dest);
1583 ether_addr_copy(sa, eth->h_source);
1584 skb_pull(msdu, sizeof(struct ethhdr));
1585
1586
1587 memcpy(skb_push(msdu, sizeof(struct rfc1042_hdr)), rfc1042,
1588 sizeof(struct rfc1042_hdr));
1589
1590
1591 hdr = (struct ieee80211_hdr *)first_hdr;
1592 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1593
1594 if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
1595 memcpy(skb_push(msdu,
1596 ath10k_htt_rx_crypto_param_len(ar, enctype)),
1597 (void *)hdr + round_up(hdr_len, bytes_aligned),
1598 ath10k_htt_rx_crypto_param_len(ar, enctype));
1599 }
1600
1601 memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
1602
1603
1604
1605
1606 hdr = (struct ieee80211_hdr *)msdu->data;
1607 ether_addr_copy(ieee80211_get_DA(hdr), da);
1608 ether_addr_copy(ieee80211_get_SA(hdr), sa);
1609}
1610
1611static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
1612 struct sk_buff *msdu,
1613 struct ieee80211_rx_status *status,
1614 const u8 first_hdr[64],
1615 enum htt_rx_mpdu_encrypt_type enctype)
1616{
1617 struct ieee80211_hdr *hdr;
1618 size_t hdr_len;
1619 int l3_pad_bytes;
1620 struct htt_rx_desc *rxd;
1621 int bytes_aligned = ar->hw_params.decap_align_bytes;
1622
1623
1624
1625
1626
1627
1628
1629 rxd = (void *)msdu->data - sizeof(*rxd);
1630 l3_pad_bytes = ath10k_rx_desc_get_l3_pad_bytes(&ar->hw_params, rxd);
1631
1632 skb_put(msdu, l3_pad_bytes);
1633 skb_pull(msdu, sizeof(struct amsdu_subframe_hdr) + l3_pad_bytes);
1634
1635 hdr = (struct ieee80211_hdr *)first_hdr;
1636 hdr_len = ieee80211_hdrlen(hdr->frame_control);
1637
1638 if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
1639 memcpy(skb_push(msdu,
1640 ath10k_htt_rx_crypto_param_len(ar, enctype)),
1641 (void *)hdr + round_up(hdr_len, bytes_aligned),
1642 ath10k_htt_rx_crypto_param_len(ar, enctype));
1643 }
1644
1645 memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
1646}
1647
1648static void ath10k_htt_rx_h_undecap(struct ath10k *ar,
1649 struct sk_buff *msdu,
1650 struct ieee80211_rx_status *status,
1651 u8 first_hdr[64],
1652 enum htt_rx_mpdu_encrypt_type enctype,
1653 bool is_decrypted)
1654{
1655 struct htt_rx_desc *rxd;
1656 enum rx_msdu_decap_format decap;
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669 rxd = (void *)msdu->data - sizeof(*rxd);
1670 decap = MS(__le32_to_cpu(rxd->msdu_start.common.info1),
1671 RX_MSDU_START_INFO1_DECAP_FORMAT);
1672
1673 switch (decap) {
1674 case RX_MSDU_DECAP_RAW:
1675 ath10k_htt_rx_h_undecap_raw(ar, msdu, status, enctype,
1676 is_decrypted, first_hdr);
1677 break;
1678 case RX_MSDU_DECAP_NATIVE_WIFI:
1679 ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hdr,
1680 enctype);
1681 break;
1682 case RX_MSDU_DECAP_ETHERNET2_DIX:
1683 ath10k_htt_rx_h_undecap_eth(ar, msdu, status, first_hdr, enctype);
1684 break;
1685 case RX_MSDU_DECAP_8023_SNAP_LLC:
1686 ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr,
1687 enctype);
1688 break;
1689 }
1690}
1691
1692static int ath10k_htt_rx_get_csum_state(struct sk_buff *skb)
1693{
1694 struct htt_rx_desc *rxd;
1695 u32 flags, info;
1696 bool is_ip4, is_ip6;
1697 bool is_tcp, is_udp;
1698 bool ip_csum_ok, tcpudp_csum_ok;
1699
1700 rxd = (void *)skb->data - sizeof(*rxd);
1701 flags = __le32_to_cpu(rxd->attention.flags);
1702 info = __le32_to_cpu(rxd->msdu_start.common.info1);
1703
1704 is_ip4 = !!(info & RX_MSDU_START_INFO1_IPV4_PROTO);
1705 is_ip6 = !!(info & RX_MSDU_START_INFO1_IPV6_PROTO);
1706 is_tcp = !!(info & RX_MSDU_START_INFO1_TCP_PROTO);
1707 is_udp = !!(info & RX_MSDU_START_INFO1_UDP_PROTO);
1708 ip_csum_ok = !(flags & RX_ATTENTION_FLAGS_IP_CHKSUM_FAIL);
1709 tcpudp_csum_ok = !(flags & RX_ATTENTION_FLAGS_TCP_UDP_CHKSUM_FAIL);
1710
1711 if (!is_ip4 && !is_ip6)
1712 return CHECKSUM_NONE;
1713 if (!is_tcp && !is_udp)
1714 return CHECKSUM_NONE;
1715 if (!ip_csum_ok)
1716 return CHECKSUM_NONE;
1717 if (!tcpudp_csum_ok)
1718 return CHECKSUM_NONE;
1719
1720 return CHECKSUM_UNNECESSARY;
1721}
1722
1723static void ath10k_htt_rx_h_csum_offload(struct sk_buff *msdu)
1724{
1725 msdu->ip_summed = ath10k_htt_rx_get_csum_state(msdu);
1726}
1727
1728static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
1729 struct sk_buff_head *amsdu,
1730 struct ieee80211_rx_status *status,
1731 bool fill_crypt_header,
1732 u8 *rx_hdr,
1733 enum ath10k_pkt_rx_err *err)
1734{
1735 struct sk_buff *first;
1736 struct sk_buff *last;
1737 struct sk_buff *msdu;
1738 struct htt_rx_desc *rxd;
1739 struct ieee80211_hdr *hdr;
1740 enum htt_rx_mpdu_encrypt_type enctype;
1741 u8 first_hdr[64];
1742 u8 *qos;
1743 bool has_fcs_err;
1744 bool has_crypto_err;
1745 bool has_tkip_err;
1746 bool has_peer_idx_invalid;
1747 bool is_decrypted;
1748 bool is_mgmt;
1749 u32 attention;
1750
1751 if (skb_queue_empty(amsdu))
1752 return;
1753
1754 first = skb_peek(amsdu);
1755 rxd = (void *)first->data - sizeof(*rxd);
1756
1757 is_mgmt = !!(rxd->attention.flags &
1758 __cpu_to_le32(RX_ATTENTION_FLAGS_MGMT_TYPE));
1759
1760 enctype = MS(__le32_to_cpu(rxd->mpdu_start.info0),
1761 RX_MPDU_START_INFO0_ENCRYPT_TYPE);
1762
1763
1764
1765
1766 hdr = (void *)rxd->rx_hdr_status;
1767 memcpy(first_hdr, hdr, RX_HTT_HDR_STATUS_LEN);
1768
1769 if (rx_hdr)
1770 memcpy(rx_hdr, hdr, RX_HTT_HDR_STATUS_LEN);
1771
1772
1773
1774
1775 hdr = (void *)first_hdr;
1776
1777 if (ieee80211_is_data_qos(hdr->frame_control)) {
1778 qos = ieee80211_get_qos_ctl(hdr);
1779 qos[0] &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
1780 }
1781
1782
1783 last = skb_peek_tail(amsdu);
1784 rxd = (void *)last->data - sizeof(*rxd);
1785 attention = __le32_to_cpu(rxd->attention.flags);
1786
1787 has_fcs_err = !!(attention & RX_ATTENTION_FLAGS_FCS_ERR);
1788 has_crypto_err = !!(attention & RX_ATTENTION_FLAGS_DECRYPT_ERR);
1789 has_tkip_err = !!(attention & RX_ATTENTION_FLAGS_TKIP_MIC_ERR);
1790 has_peer_idx_invalid = !!(attention & RX_ATTENTION_FLAGS_PEER_IDX_INVALID);
1791
1792
1793
1794
1795
1796 is_decrypted = (enctype != HTT_RX_MPDU_ENCRYPT_NONE &&
1797 !has_fcs_err &&
1798 !has_crypto_err &&
1799 !has_peer_idx_invalid);
1800
1801
1802 status->flag &= ~(RX_FLAG_FAILED_FCS_CRC |
1803 RX_FLAG_MMIC_ERROR |
1804 RX_FLAG_DECRYPTED |
1805 RX_FLAG_IV_STRIPPED |
1806 RX_FLAG_ONLY_MONITOR |
1807 RX_FLAG_MMIC_STRIPPED);
1808
1809 if (has_fcs_err)
1810 status->flag |= RX_FLAG_FAILED_FCS_CRC;
1811
1812 if (has_tkip_err)
1813 status->flag |= RX_FLAG_MMIC_ERROR;
1814
1815 if (err) {
1816 if (has_fcs_err)
1817 *err = ATH10K_PKT_RX_ERR_FCS;
1818 else if (has_tkip_err)
1819 *err = ATH10K_PKT_RX_ERR_TKIP;
1820 else if (has_crypto_err)
1821 *err = ATH10K_PKT_RX_ERR_CRYPT;
1822 else if (has_peer_idx_invalid)
1823 *err = ATH10K_PKT_RX_ERR_PEER_IDX_INVAL;
1824 }
1825
1826
1827
1828
1829
1830
1831 if (is_mgmt)
1832 status->flag |= RX_FLAG_ONLY_MONITOR;
1833
1834 if (is_decrypted) {
1835 status->flag |= RX_FLAG_DECRYPTED;
1836
1837 if (likely(!is_mgmt))
1838 status->flag |= RX_FLAG_MMIC_STRIPPED;
1839
1840 if (fill_crypt_header)
1841 status->flag |= RX_FLAG_MIC_STRIPPED |
1842 RX_FLAG_ICV_STRIPPED;
1843 else
1844 status->flag |= RX_FLAG_IV_STRIPPED;
1845 }
1846
1847 skb_queue_walk(amsdu, msdu) {
1848 ath10k_htt_rx_h_csum_offload(msdu);
1849 ath10k_htt_rx_h_undecap(ar, msdu, status, first_hdr, enctype,
1850 is_decrypted);
1851
1852
1853
1854
1855
1856 if (!is_decrypted)
1857 continue;
1858 if (is_mgmt)
1859 continue;
1860
1861 if (fill_crypt_header)
1862 continue;
1863
1864 hdr = (void *)msdu->data;
1865 hdr->frame_control &= ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
1866 }
1867}
1868
1869static void ath10k_htt_rx_h_enqueue(struct ath10k *ar,
1870 struct sk_buff_head *amsdu,
1871 struct ieee80211_rx_status *status)
1872{
1873 struct sk_buff *msdu;
1874 struct sk_buff *first_subframe;
1875
1876 first_subframe = skb_peek(amsdu);
1877
1878 while ((msdu = __skb_dequeue(amsdu))) {
1879
1880 if (skb_queue_empty(amsdu))
1881 status->flag &= ~RX_FLAG_AMSDU_MORE;
1882 else
1883 status->flag |= RX_FLAG_AMSDU_MORE;
1884
1885 if (msdu == first_subframe) {
1886 first_subframe = NULL;
1887 status->flag &= ~RX_FLAG_ALLOW_SAME_PN;
1888 } else {
1889 status->flag |= RX_FLAG_ALLOW_SAME_PN;
1890 }
1891
1892 ath10k_htt_rx_h_queue_msdu(ar, status, msdu);
1893 }
1894}
1895
1896static int ath10k_unchain_msdu(struct sk_buff_head *amsdu,
1897 unsigned long *unchain_cnt)
1898{
1899 struct sk_buff *skb, *first;
1900 int space;
1901 int total_len = 0;
1902 int amsdu_len = skb_queue_len(amsdu);
1903
1904
1905
1906
1907
1908
1909
1910
1911 first = __skb_dequeue(amsdu);
1912
1913
1914 skb_queue_walk(amsdu, skb)
1915 total_len += skb->len;
1916
1917 space = total_len - skb_tailroom(first);
1918 if ((space > 0) &&
1919 (pskb_expand_head(first, 0, space, GFP_ATOMIC) < 0)) {
1920
1921
1922
1923
1924 __skb_queue_head(amsdu, first);
1925 return -1;
1926 }
1927
1928
1929
1930
1931 while ((skb = __skb_dequeue(amsdu))) {
1932 skb_copy_from_linear_data(skb, skb_put(first, skb->len),
1933 skb->len);
1934 dev_kfree_skb_any(skb);
1935 }
1936
1937 __skb_queue_head(amsdu, first);
1938
1939 *unchain_cnt += amsdu_len - 1;
1940
1941 return 0;
1942}
1943
1944static void ath10k_htt_rx_h_unchain(struct ath10k *ar,
1945 struct sk_buff_head *amsdu,
1946 unsigned long *drop_cnt,
1947 unsigned long *unchain_cnt)
1948{
1949 struct sk_buff *first;
1950 struct htt_rx_desc *rxd;
1951 enum rx_msdu_decap_format decap;
1952
1953 first = skb_peek(amsdu);
1954 rxd = (void *)first->data - sizeof(*rxd);
1955 decap = MS(__le32_to_cpu(rxd->msdu_start.common.info1),
1956 RX_MSDU_START_INFO1_DECAP_FORMAT);
1957
1958
1959
1960
1961
1962
1963 if (decap != RX_MSDU_DECAP_RAW ||
1964 skb_queue_len(amsdu) != 1 + rxd->frag_info.ring2_more_count) {
1965 *drop_cnt += skb_queue_len(amsdu);
1966 __skb_queue_purge(amsdu);
1967 return;
1968 }
1969
1970 ath10k_unchain_msdu(amsdu, unchain_cnt);
1971}
1972
1973static bool ath10k_htt_rx_amsdu_allowed(struct ath10k *ar,
1974 struct sk_buff_head *amsdu,
1975 struct ieee80211_rx_status *rx_status)
1976{
1977
1978
1979
1980
1981 if (!rx_status->freq) {
1982 ath10k_dbg(ar, ATH10K_DBG_HTT, "no channel configured; ignoring frame(s)!\n");
1983 return false;
1984 }
1985
1986 if (test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags)) {
1987 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx cac running\n");
1988 return false;
1989 }
1990
1991 return true;
1992}
1993
1994static void ath10k_htt_rx_h_filter(struct ath10k *ar,
1995 struct sk_buff_head *amsdu,
1996 struct ieee80211_rx_status *rx_status,
1997 unsigned long *drop_cnt)
1998{
1999 if (skb_queue_empty(amsdu))
2000 return;
2001
2002 if (ath10k_htt_rx_amsdu_allowed(ar, amsdu, rx_status))
2003 return;
2004
2005 if (drop_cnt)
2006 *drop_cnt += skb_queue_len(amsdu);
2007
2008 __skb_queue_purge(amsdu);
2009}
2010
2011static int ath10k_htt_rx_handle_amsdu(struct ath10k_htt *htt)
2012{
2013 struct ath10k *ar = htt->ar;
2014 struct ieee80211_rx_status *rx_status = &htt->rx_status;
2015 struct sk_buff_head amsdu;
2016 int ret;
2017 unsigned long drop_cnt = 0;
2018 unsigned long unchain_cnt = 0;
2019 unsigned long drop_cnt_filter = 0;
2020 unsigned long msdus_to_queue, num_msdus;
2021 enum ath10k_pkt_rx_err err = ATH10K_PKT_RX_ERR_MAX;
2022 u8 first_hdr[RX_HTT_HDR_STATUS_LEN];
2023
2024 __skb_queue_head_init(&amsdu);
2025
2026 spin_lock_bh(&htt->rx_ring.lock);
2027 if (htt->rx_confused) {
2028 spin_unlock_bh(&htt->rx_ring.lock);
2029 return -EIO;
2030 }
2031 ret = ath10k_htt_rx_amsdu_pop(htt, &amsdu);
2032 spin_unlock_bh(&htt->rx_ring.lock);
2033
2034 if (ret < 0) {
2035 ath10k_warn(ar, "rx ring became corrupted: %d\n", ret);
2036 __skb_queue_purge(&amsdu);
2037
2038
2039
2040 htt->rx_confused = true;
2041 return ret;
2042 }
2043
2044 num_msdus = skb_queue_len(&amsdu);
2045
2046 ath10k_htt_rx_h_ppdu(ar, &amsdu, rx_status, 0xffff);
2047
2048
2049 if (ret > 0)
2050 ath10k_htt_rx_h_unchain(ar, &amsdu, &drop_cnt, &unchain_cnt);
2051
2052 ath10k_htt_rx_h_filter(ar, &amsdu, rx_status, &drop_cnt_filter);
2053 ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status, true, first_hdr, &err);
2054 msdus_to_queue = skb_queue_len(&amsdu);
2055 ath10k_htt_rx_h_enqueue(ar, &amsdu, rx_status);
2056
2057 ath10k_sta_update_rx_tid_stats(ar, first_hdr, num_msdus, err,
2058 unchain_cnt, drop_cnt, drop_cnt_filter,
2059 msdus_to_queue);
2060
2061 return 0;
2062}
2063
2064static void ath10k_htt_rx_mpdu_desc_pn_hl(struct htt_hl_rx_desc *rx_desc,
2065 union htt_rx_pn_t *pn,
2066 int pn_len_bits)
2067{
2068 switch (pn_len_bits) {
2069 case 48:
2070 pn->pn48 = __le32_to_cpu(rx_desc->pn_31_0) +
2071 ((u64)(__le32_to_cpu(rx_desc->u0.pn_63_32) & 0xFFFF) << 32);
2072 break;
2073 case 24:
2074 pn->pn24 = __le32_to_cpu(rx_desc->pn_31_0);
2075 break;
2076 };
2077}
2078
2079static bool ath10k_htt_rx_pn_cmp48(union htt_rx_pn_t *new_pn,
2080 union htt_rx_pn_t *old_pn)
2081{
2082 return ((new_pn->pn48 & 0xffffffffffffULL) <=
2083 (old_pn->pn48 & 0xffffffffffffULL));
2084}
2085
2086static bool ath10k_htt_rx_pn_check_replay_hl(struct ath10k *ar,
2087 struct ath10k_peer *peer,
2088 struct htt_rx_indication_hl *rx)
2089{
2090 bool last_pn_valid, pn_invalid = false;
2091 enum htt_txrx_sec_cast_type sec_index;
2092 enum htt_security_types sec_type;
2093 union htt_rx_pn_t new_pn = {0};
2094 struct htt_hl_rx_desc *rx_desc;
2095 union htt_rx_pn_t *last_pn;
2096 u32 rx_desc_info, tid;
2097 int num_mpdu_ranges;
2098
2099 lockdep_assert_held(&ar->data_lock);
2100
2101 if (!peer)
2102 return false;
2103
2104 if (!(rx->fw_desc.flags & FW_RX_DESC_FLAGS_FIRST_MSDU))
2105 return false;
2106
2107 num_mpdu_ranges = MS(__le32_to_cpu(rx->hdr.info1),
2108 HTT_RX_INDICATION_INFO1_NUM_MPDU_RANGES);
2109
2110 rx_desc = (struct htt_hl_rx_desc *)&rx->mpdu_ranges[num_mpdu_ranges];
2111 rx_desc_info = __le32_to_cpu(rx_desc->info);
2112
2113 if (!MS(rx_desc_info, HTT_RX_DESC_HL_INFO_ENCRYPTED))
2114 return false;
2115
2116 tid = MS(rx->hdr.info0, HTT_RX_INDICATION_INFO0_EXT_TID);
2117 last_pn_valid = peer->tids_last_pn_valid[tid];
2118 last_pn = &peer->tids_last_pn[tid];
2119
2120 if (MS(rx_desc_info, HTT_RX_DESC_HL_INFO_MCAST_BCAST))
2121 sec_index = HTT_TXRX_SEC_MCAST;
2122 else
2123 sec_index = HTT_TXRX_SEC_UCAST;
2124
2125 sec_type = peer->rx_pn[sec_index].sec_type;
2126 ath10k_htt_rx_mpdu_desc_pn_hl(rx_desc, &new_pn, peer->rx_pn[sec_index].pn_len);
2127
2128 if (sec_type != HTT_SECURITY_AES_CCMP &&
2129 sec_type != HTT_SECURITY_TKIP &&
2130 sec_type != HTT_SECURITY_TKIP_NOMIC)
2131 return false;
2132
2133 if (last_pn_valid)
2134 pn_invalid = ath10k_htt_rx_pn_cmp48(&new_pn, last_pn);
2135 else
2136 peer->tids_last_pn_valid[tid] = 1;
2137
2138 if (!pn_invalid)
2139 last_pn->pn48 = new_pn.pn48;
2140
2141 return pn_invalid;
2142}
2143
2144static bool ath10k_htt_rx_proc_rx_ind_hl(struct ath10k_htt *htt,
2145 struct htt_rx_indication_hl *rx,
2146 struct sk_buff *skb,
2147 enum htt_rx_pn_check_type check_pn_type,
2148 enum htt_rx_tkip_demic_type tkip_mic_type)
2149{
2150 struct ath10k *ar = htt->ar;
2151 struct ath10k_peer *peer;
2152 struct htt_rx_indication_mpdu_range *mpdu_ranges;
2153 struct fw_rx_desc_hl *fw_desc;
2154 struct ieee80211_hdr *hdr;
2155 struct ieee80211_rx_status *rx_status;
2156 u16 peer_id;
2157 u8 rx_desc_len;
2158 int num_mpdu_ranges;
2159 size_t tot_hdr_len;
2160 struct ieee80211_channel *ch;
2161 bool pn_invalid;
2162
2163 peer_id = __le16_to_cpu(rx->hdr.peer_id);
2164
2165 spin_lock_bh(&ar->data_lock);
2166 peer = ath10k_peer_find_by_id(ar, peer_id);
2167 spin_unlock_bh(&ar->data_lock);
2168 if (!peer && peer_id != HTT_INVALID_PEERID)
2169 ath10k_warn(ar, "Got RX ind from invalid peer: %u\n", peer_id);
2170
2171 num_mpdu_ranges = MS(__le32_to_cpu(rx->hdr.info1),
2172 HTT_RX_INDICATION_INFO1_NUM_MPDU_RANGES);
2173 mpdu_ranges = htt_rx_ind_get_mpdu_ranges_hl(rx);
2174 fw_desc = &rx->fw_desc;
2175 rx_desc_len = fw_desc->len;
2176
2177
2178
2179
2180
2181 if (num_mpdu_ranges > 1)
2182 ath10k_warn(ar,
2183 "Unsupported number of MPDU ranges: %d, ignoring all but the first\n",
2184 num_mpdu_ranges);
2185
2186 if (mpdu_ranges->mpdu_range_status !=
2187 HTT_RX_IND_MPDU_STATUS_OK &&
2188 mpdu_ranges->mpdu_range_status !=
2189 HTT_RX_IND_MPDU_STATUS_TKIP_MIC_ERR) {
2190 ath10k_warn(ar, "MPDU range status: %d\n",
2191 mpdu_ranges->mpdu_range_status);
2192 goto err;
2193 }
2194
2195 if (check_pn_type == HTT_RX_PN_CHECK) {
2196 spin_lock_bh(&ar->data_lock);
2197 pn_invalid = ath10k_htt_rx_pn_check_replay_hl(ar, peer, rx);
2198 spin_unlock_bh(&ar->data_lock);
2199 if (pn_invalid)
2200 goto err;
2201 }
2202
2203
2204
2205
2206 tot_hdr_len = sizeof(struct htt_resp_hdr) + sizeof(rx->hdr) +
2207 sizeof(rx->ppdu) + sizeof(rx->prefix) +
2208 sizeof(rx->fw_desc) +
2209 sizeof(*mpdu_ranges) * num_mpdu_ranges + rx_desc_len;
2210
2211 skb_pull(skb, tot_hdr_len);
2212
2213 hdr = (struct ieee80211_hdr *)skb->data;
2214 rx_status = IEEE80211_SKB_RXCB(skb);
2215 rx_status->chains |= BIT(0);
2216 if (rx->ppdu.combined_rssi == 0) {
2217
2218 rx_status->signal = 0;
2219 rx_status->flag |= RX_FLAG_NO_SIGNAL_VAL;
2220 } else {
2221 rx_status->signal = ATH10K_DEFAULT_NOISE_FLOOR +
2222 rx->ppdu.combined_rssi;
2223 rx_status->flag &= ~RX_FLAG_NO_SIGNAL_VAL;
2224 }
2225
2226 spin_lock_bh(&ar->data_lock);
2227 ch = ar->scan_channel;
2228 if (!ch)
2229 ch = ar->rx_channel;
2230 if (!ch)
2231 ch = ath10k_htt_rx_h_any_channel(ar);
2232 if (!ch)
2233 ch = ar->tgt_oper_chan;
2234 spin_unlock_bh(&ar->data_lock);
2235
2236 if (ch) {
2237 rx_status->band = ch->band;
2238 rx_status->freq = ch->center_freq;
2239 }
2240 if (rx->fw_desc.flags & FW_RX_DESC_FLAGS_LAST_MSDU)
2241 rx_status->flag &= ~RX_FLAG_AMSDU_MORE;
2242 else
2243 rx_status->flag |= RX_FLAG_AMSDU_MORE;
2244
2245
2246
2247
2248
2249
2250
2251
2252 if (ieee80211_has_protected(hdr->frame_control)) {
2253 hdr->frame_control &= ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
2254 rx_status->flag |= RX_FLAG_DECRYPTED |
2255 RX_FLAG_IV_STRIPPED |
2256 RX_FLAG_MMIC_STRIPPED;
2257 }
2258
2259 if (tkip_mic_type == HTT_RX_TKIP_MIC)
2260 rx_status->flag &= ~RX_FLAG_IV_STRIPPED &
2261 ~RX_FLAG_MMIC_STRIPPED;
2262
2263 if (mpdu_ranges->mpdu_range_status == HTT_RX_IND_MPDU_STATUS_TKIP_MIC_ERR)
2264 rx_status->flag |= RX_FLAG_MMIC_ERROR;
2265
2266 ieee80211_rx_ni(ar->hw, skb);
2267
2268
2269
2270
2271 return false;
2272err:
2273
2274
2275
2276 return true;
2277}
2278
2279static int ath10k_htt_rx_frag_tkip_decap_nomic(struct sk_buff *skb,
2280 u16 head_len,
2281 u16 hdr_len)
2282{
2283 u8 *ivp, *orig_hdr;
2284
2285 orig_hdr = skb->data;
2286 ivp = orig_hdr + hdr_len + head_len;
2287
2288
2289 if (!(ivp[IEEE80211_WEP_IV_LEN - 1] & ATH10K_IEEE80211_EXTIV))
2290 return -EINVAL;
2291
2292 memmove(orig_hdr + IEEE80211_TKIP_IV_LEN, orig_hdr, head_len + hdr_len);
2293 skb_pull(skb, IEEE80211_TKIP_IV_LEN);
2294 skb_trim(skb, skb->len - ATH10K_IEEE80211_TKIP_MICLEN);
2295 return 0;
2296}
2297
2298static int ath10k_htt_rx_frag_tkip_decap_withmic(struct sk_buff *skb,
2299 u16 head_len,
2300 u16 hdr_len)
2301{
2302 u8 *ivp, *orig_hdr;
2303
2304 orig_hdr = skb->data;
2305 ivp = orig_hdr + hdr_len + head_len;
2306
2307
2308 if (!(ivp[IEEE80211_WEP_IV_LEN - 1] & ATH10K_IEEE80211_EXTIV))
2309 return -EINVAL;
2310
2311 memmove(orig_hdr + IEEE80211_TKIP_IV_LEN, orig_hdr, head_len + hdr_len);
2312 skb_pull(skb, IEEE80211_TKIP_IV_LEN);
2313 skb_trim(skb, skb->len - IEEE80211_TKIP_ICV_LEN);
2314 return 0;
2315}
2316
2317static int ath10k_htt_rx_frag_ccmp_decap(struct sk_buff *skb,
2318 u16 head_len,
2319 u16 hdr_len)
2320{
2321 u8 *ivp, *orig_hdr;
2322
2323 orig_hdr = skb->data;
2324 ivp = orig_hdr + hdr_len + head_len;
2325
2326
2327 if (!(ivp[IEEE80211_WEP_IV_LEN - 1] & ATH10K_IEEE80211_EXTIV))
2328 return -EINVAL;
2329
2330 skb_trim(skb, skb->len - IEEE80211_CCMP_MIC_LEN);
2331 memmove(orig_hdr + IEEE80211_CCMP_HDR_LEN, orig_hdr, head_len + hdr_len);
2332 skb_pull(skb, IEEE80211_CCMP_HDR_LEN);
2333 return 0;
2334}
2335
2336static int ath10k_htt_rx_frag_wep_decap(struct sk_buff *skb,
2337 u16 head_len,
2338 u16 hdr_len)
2339{
2340 u8 *orig_hdr;
2341
2342 orig_hdr = skb->data;
2343
2344 memmove(orig_hdr + IEEE80211_WEP_IV_LEN,
2345 orig_hdr, head_len + hdr_len);
2346 skb_pull(skb, IEEE80211_WEP_IV_LEN);
2347 skb_trim(skb, skb->len - IEEE80211_WEP_ICV_LEN);
2348 return 0;
2349}
2350
2351static bool ath10k_htt_rx_proc_rx_frag_ind_hl(struct ath10k_htt *htt,
2352 struct htt_rx_fragment_indication *rx,
2353 struct sk_buff *skb)
2354{
2355 struct ath10k *ar = htt->ar;
2356 enum htt_rx_tkip_demic_type tkip_mic = HTT_RX_NON_TKIP_MIC;
2357 enum htt_txrx_sec_cast_type sec_index;
2358 struct htt_rx_indication_hl *rx_hl;
2359 enum htt_security_types sec_type;
2360 u32 tid, frag, seq, rx_desc_info;
2361 union htt_rx_pn_t new_pn = {0};
2362 struct htt_hl_rx_desc *rx_desc;
2363 u16 peer_id, sc, hdr_space;
2364 union htt_rx_pn_t *last_pn;
2365 struct ieee80211_hdr *hdr;
2366 int ret, num_mpdu_ranges;
2367 struct ath10k_peer *peer;
2368 struct htt_resp *resp;
2369 size_t tot_hdr_len;
2370
2371 resp = (struct htt_resp *)(skb->data + HTT_RX_FRAG_IND_INFO0_HEADER_LEN);
2372 skb_pull(skb, HTT_RX_FRAG_IND_INFO0_HEADER_LEN);
2373 skb_trim(skb, skb->len - FCS_LEN);
2374
2375 peer_id = __le16_to_cpu(rx->peer_id);
2376 rx_hl = (struct htt_rx_indication_hl *)(&resp->rx_ind_hl);
2377
2378 spin_lock_bh(&ar->data_lock);
2379 peer = ath10k_peer_find_by_id(ar, peer_id);
2380 if (!peer) {
2381 ath10k_dbg(ar, ATH10K_DBG_HTT, "invalid peer: %u\n", peer_id);
2382 goto err;
2383 }
2384
2385 num_mpdu_ranges = MS(__le32_to_cpu(rx_hl->hdr.info1),
2386 HTT_RX_INDICATION_INFO1_NUM_MPDU_RANGES);
2387
2388 tot_hdr_len = sizeof(struct htt_resp_hdr) +
2389 sizeof(rx_hl->hdr) +
2390 sizeof(rx_hl->ppdu) +
2391 sizeof(rx_hl->prefix) +
2392 sizeof(rx_hl->fw_desc) +
2393 sizeof(struct htt_rx_indication_mpdu_range) * num_mpdu_ranges;
2394
2395 tid = MS(rx_hl->hdr.info0, HTT_RX_INDICATION_INFO0_EXT_TID);
2396 rx_desc = (struct htt_hl_rx_desc *)(skb->data + tot_hdr_len);
2397 rx_desc_info = __le32_to_cpu(rx_desc->info);
2398
2399 if (!MS(rx_desc_info, HTT_RX_DESC_HL_INFO_ENCRYPTED)) {
2400 spin_unlock_bh(&ar->data_lock);
2401 return ath10k_htt_rx_proc_rx_ind_hl(htt, &resp->rx_ind_hl, skb,
2402 HTT_RX_NON_PN_CHECK,
2403 HTT_RX_NON_TKIP_MIC);
2404 }
2405
2406 hdr = (struct ieee80211_hdr *)((u8 *)rx_desc + rx_hl->fw_desc.len);
2407
2408 if (ieee80211_has_retry(hdr->frame_control))
2409 goto err;
2410
2411 hdr_space = ieee80211_hdrlen(hdr->frame_control);
2412 sc = __le16_to_cpu(hdr->seq_ctrl);
2413 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
2414 frag = sc & IEEE80211_SCTL_FRAG;
2415
2416 sec_index = MS(rx_desc_info, HTT_RX_DESC_HL_INFO_MCAST_BCAST) ?
2417 HTT_TXRX_SEC_MCAST : HTT_TXRX_SEC_UCAST;
2418 sec_type = peer->rx_pn[sec_index].sec_type;
2419 ath10k_htt_rx_mpdu_desc_pn_hl(rx_desc, &new_pn, peer->rx_pn[sec_index].pn_len);
2420
2421 switch (sec_type) {
2422 case HTT_SECURITY_TKIP:
2423 tkip_mic = HTT_RX_TKIP_MIC;
2424 ret = ath10k_htt_rx_frag_tkip_decap_withmic(skb,
2425 tot_hdr_len +
2426 rx_hl->fw_desc.len,
2427 hdr_space);
2428 if (ret)
2429 goto err;
2430 break;
2431 case HTT_SECURITY_TKIP_NOMIC:
2432 ret = ath10k_htt_rx_frag_tkip_decap_nomic(skb,
2433 tot_hdr_len +
2434 rx_hl->fw_desc.len,
2435 hdr_space);
2436 if (ret)
2437 goto err;
2438 break;
2439 case HTT_SECURITY_AES_CCMP:
2440 ret = ath10k_htt_rx_frag_ccmp_decap(skb,
2441 tot_hdr_len + rx_hl->fw_desc.len,
2442 hdr_space);
2443 if (ret)
2444 goto err;
2445 break;
2446 case HTT_SECURITY_WEP128:
2447 case HTT_SECURITY_WEP104:
2448 case HTT_SECURITY_WEP40:
2449 ret = ath10k_htt_rx_frag_wep_decap(skb,
2450 tot_hdr_len + rx_hl->fw_desc.len,
2451 hdr_space);
2452 if (ret)
2453 goto err;
2454 break;
2455 default:
2456 break;
2457 }
2458
2459 resp = (struct htt_resp *)(skb->data);
2460
2461 if (sec_type != HTT_SECURITY_AES_CCMP &&
2462 sec_type != HTT_SECURITY_TKIP &&
2463 sec_type != HTT_SECURITY_TKIP_NOMIC) {
2464 spin_unlock_bh(&ar->data_lock);
2465 return ath10k_htt_rx_proc_rx_ind_hl(htt, &resp->rx_ind_hl, skb,
2466 HTT_RX_NON_PN_CHECK,
2467 HTT_RX_NON_TKIP_MIC);
2468 }
2469
2470 last_pn = &peer->frag_tids_last_pn[tid];
2471
2472 if (frag == 0) {
2473 if (ath10k_htt_rx_pn_check_replay_hl(ar, peer, &resp->rx_ind_hl))
2474 goto err;
2475
2476 last_pn->pn48 = new_pn.pn48;
2477 peer->frag_tids_seq[tid] = seq;
2478 } else if (sec_type == HTT_SECURITY_AES_CCMP) {
2479 if (seq != peer->frag_tids_seq[tid])
2480 goto err;
2481
2482 if (new_pn.pn48 != last_pn->pn48 + 1)
2483 goto err;
2484
2485 last_pn->pn48 = new_pn.pn48;
2486 last_pn = &peer->tids_last_pn[tid];
2487 last_pn->pn48 = new_pn.pn48;
2488 }
2489
2490 spin_unlock_bh(&ar->data_lock);
2491
2492 return ath10k_htt_rx_proc_rx_ind_hl(htt, &resp->rx_ind_hl, skb,
2493 HTT_RX_NON_PN_CHECK, tkip_mic);
2494
2495err:
2496 spin_unlock_bh(&ar->data_lock);
2497
2498
2499
2500
2501 return true;
2502}
2503
2504static void ath10k_htt_rx_proc_rx_ind_ll(struct ath10k_htt *htt,
2505 struct htt_rx_indication *rx)
2506{
2507 struct ath10k *ar = htt->ar;
2508 struct htt_rx_indication_mpdu_range *mpdu_ranges;
2509 int num_mpdu_ranges;
2510 int i, mpdu_count = 0;
2511 u16 peer_id;
2512 u8 tid;
2513
2514 num_mpdu_ranges = MS(__le32_to_cpu(rx->hdr.info1),
2515 HTT_RX_INDICATION_INFO1_NUM_MPDU_RANGES);
2516 peer_id = __le16_to_cpu(rx->hdr.peer_id);
2517 tid = MS(rx->hdr.info0, HTT_RX_INDICATION_INFO0_EXT_TID);
2518
2519 mpdu_ranges = htt_rx_ind_get_mpdu_ranges(rx);
2520
2521 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt rx ind: ",
2522 rx, struct_size(rx, mpdu_ranges, num_mpdu_ranges));
2523
2524 for (i = 0; i < num_mpdu_ranges; i++)
2525 mpdu_count += mpdu_ranges[i].mpdu_count;
2526
2527 atomic_add(mpdu_count, &htt->num_mpdus_ready);
2528
2529 ath10k_sta_update_rx_tid_stats_ampdu(ar, peer_id, tid, mpdu_ranges,
2530 num_mpdu_ranges);
2531}
2532
2533static void ath10k_htt_rx_tx_compl_ind(struct ath10k *ar,
2534 struct sk_buff *skb)
2535{
2536 struct ath10k_htt *htt = &ar->htt;
2537 struct htt_resp *resp = (struct htt_resp *)skb->data;
2538 struct htt_tx_done tx_done = {};
2539 int status = MS(resp->data_tx_completion.flags, HTT_DATA_TX_STATUS);
2540 __le16 msdu_id, *msdus;
2541 bool rssi_enabled = false;
2542 u8 msdu_count = 0, num_airtime_records, tid;
2543 int i, htt_pad = 0;
2544 struct htt_data_tx_compl_ppdu_dur *ppdu_info;
2545 struct ath10k_peer *peer;
2546 u16 ppdu_info_offset = 0, peer_id;
2547 u32 tx_duration;
2548
2549 switch (status) {
2550 case HTT_DATA_TX_STATUS_NO_ACK:
2551 tx_done.status = HTT_TX_COMPL_STATE_NOACK;
2552 break;
2553 case HTT_DATA_TX_STATUS_OK:
2554 tx_done.status = HTT_TX_COMPL_STATE_ACK;
2555 break;
2556 case HTT_DATA_TX_STATUS_DISCARD:
2557 case HTT_DATA_TX_STATUS_POSTPONE:
2558 case HTT_DATA_TX_STATUS_DOWNLOAD_FAIL:
2559 tx_done.status = HTT_TX_COMPL_STATE_DISCARD;
2560 break;
2561 default:
2562 ath10k_warn(ar, "unhandled tx completion status %d\n", status);
2563 tx_done.status = HTT_TX_COMPL_STATE_DISCARD;
2564 break;
2565 }
2566
2567 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt tx completion num_msdus %d\n",
2568 resp->data_tx_completion.num_msdus);
2569
2570 msdu_count = resp->data_tx_completion.num_msdus;
2571 msdus = resp->data_tx_completion.msdus;
2572 rssi_enabled = ath10k_is_rssi_enable(&ar->hw_params, resp);
2573
2574 if (rssi_enabled)
2575 htt_pad = ath10k_tx_data_rssi_get_pad_bytes(&ar->hw_params,
2576 resp);
2577
2578 for (i = 0; i < msdu_count; i++) {
2579 msdu_id = msdus[i];
2580 tx_done.msdu_id = __le16_to_cpu(msdu_id);
2581
2582 if (rssi_enabled) {
2583
2584
2585
2586
2587 if (msdu_count & 0x01) {
2588 msdu_id = msdus[msdu_count + i + 1 + htt_pad];
2589 tx_done.ack_rssi = __le16_to_cpu(msdu_id);
2590 } else {
2591 msdu_id = msdus[msdu_count + i + htt_pad];
2592 tx_done.ack_rssi = __le16_to_cpu(msdu_id);
2593 }
2594 }
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604 if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL) {
2605 ath10k_txrx_tx_unref(htt, &tx_done);
2606 } else if (!kfifo_put(&htt->txdone_fifo, tx_done)) {
2607 ath10k_warn(ar, "txdone fifo overrun, msdu_id %d status %d\n",
2608 tx_done.msdu_id, tx_done.status);
2609 ath10k_txrx_tx_unref(htt, &tx_done);
2610 }
2611 }
2612
2613 if (!(resp->data_tx_completion.flags2 & HTT_TX_CMPL_FLAG_PPDU_DURATION_PRESENT))
2614 return;
2615
2616 ppdu_info_offset = (msdu_count & 0x01) ? msdu_count + 1 : msdu_count;
2617
2618 if (rssi_enabled)
2619 ppdu_info_offset += ppdu_info_offset;
2620
2621 if (resp->data_tx_completion.flags2 &
2622 (HTT_TX_CMPL_FLAG_PPID_PRESENT | HTT_TX_CMPL_FLAG_PA_PRESENT))
2623 ppdu_info_offset += 2;
2624
2625 ppdu_info = (struct htt_data_tx_compl_ppdu_dur *)&msdus[ppdu_info_offset];
2626 num_airtime_records = FIELD_GET(HTT_TX_COMPL_PPDU_DUR_INFO0_NUM_ENTRIES_MASK,
2627 __le32_to_cpu(ppdu_info->info0));
2628
2629 for (i = 0; i < num_airtime_records; i++) {
2630 struct htt_data_tx_ppdu_dur *ppdu_dur;
2631 u32 info0;
2632
2633 ppdu_dur = &ppdu_info->ppdu_dur[i];
2634 info0 = __le32_to_cpu(ppdu_dur->info0);
2635
2636 peer_id = FIELD_GET(HTT_TX_PPDU_DUR_INFO0_PEER_ID_MASK,
2637 info0);
2638 rcu_read_lock();
2639 spin_lock_bh(&ar->data_lock);
2640
2641 peer = ath10k_peer_find_by_id(ar, peer_id);
2642 if (!peer) {
2643 spin_unlock_bh(&ar->data_lock);
2644 rcu_read_unlock();
2645 continue;
2646 }
2647
2648 tid = FIELD_GET(HTT_TX_PPDU_DUR_INFO0_TID_MASK, info0);
2649 tx_duration = __le32_to_cpu(ppdu_dur->tx_duration);
2650
2651 ieee80211_sta_register_airtime(peer->sta, tid, tx_duration, 0);
2652
2653 spin_unlock_bh(&ar->data_lock);
2654 rcu_read_unlock();
2655 }
2656}
2657
2658static void ath10k_htt_rx_addba(struct ath10k *ar, struct htt_resp *resp)
2659{
2660 struct htt_rx_addba *ev = &resp->rx_addba;
2661 struct ath10k_peer *peer;
2662 struct ath10k_vif *arvif;
2663 u16 info0, tid, peer_id;
2664
2665 info0 = __le16_to_cpu(ev->info0);
2666 tid = MS(info0, HTT_RX_BA_INFO0_TID);
2667 peer_id = MS(info0, HTT_RX_BA_INFO0_PEER_ID);
2668
2669 ath10k_dbg(ar, ATH10K_DBG_HTT,
2670 "htt rx addba tid %hu peer_id %hu size %hhu\n",
2671 tid, peer_id, ev->window_size);
2672
2673 spin_lock_bh(&ar->data_lock);
2674 peer = ath10k_peer_find_by_id(ar, peer_id);
2675 if (!peer) {
2676 ath10k_warn(ar, "received addba event for invalid peer_id: %hu\n",
2677 peer_id);
2678 spin_unlock_bh(&ar->data_lock);
2679 return;
2680 }
2681
2682 arvif = ath10k_get_arvif(ar, peer->vdev_id);
2683 if (!arvif) {
2684 ath10k_warn(ar, "received addba event for invalid vdev_id: %u\n",
2685 peer->vdev_id);
2686 spin_unlock_bh(&ar->data_lock);
2687 return;
2688 }
2689
2690 ath10k_dbg(ar, ATH10K_DBG_HTT,
2691 "htt rx start rx ba session sta %pM tid %hu size %hhu\n",
2692 peer->addr, tid, ev->window_size);
2693
2694 ieee80211_start_rx_ba_session_offl(arvif->vif, peer->addr, tid);
2695 spin_unlock_bh(&ar->data_lock);
2696}
2697
2698static void ath10k_htt_rx_delba(struct ath10k *ar, struct htt_resp *resp)
2699{
2700 struct htt_rx_delba *ev = &resp->rx_delba;
2701 struct ath10k_peer *peer;
2702 struct ath10k_vif *arvif;
2703 u16 info0, tid, peer_id;
2704
2705 info0 = __le16_to_cpu(ev->info0);
2706 tid = MS(info0, HTT_RX_BA_INFO0_TID);
2707 peer_id = MS(info0, HTT_RX_BA_INFO0_PEER_ID);
2708
2709 ath10k_dbg(ar, ATH10K_DBG_HTT,
2710 "htt rx delba tid %hu peer_id %hu\n",
2711 tid, peer_id);
2712
2713 spin_lock_bh(&ar->data_lock);
2714 peer = ath10k_peer_find_by_id(ar, peer_id);
2715 if (!peer) {
2716 ath10k_warn(ar, "received addba event for invalid peer_id: %hu\n",
2717 peer_id);
2718 spin_unlock_bh(&ar->data_lock);
2719 return;
2720 }
2721
2722 arvif = ath10k_get_arvif(ar, peer->vdev_id);
2723 if (!arvif) {
2724 ath10k_warn(ar, "received addba event for invalid vdev_id: %u\n",
2725 peer->vdev_id);
2726 spin_unlock_bh(&ar->data_lock);
2727 return;
2728 }
2729
2730 ath10k_dbg(ar, ATH10K_DBG_HTT,
2731 "htt rx stop rx ba session sta %pM tid %hu\n",
2732 peer->addr, tid);
2733
2734 ieee80211_stop_rx_ba_session_offl(arvif->vif, peer->addr, tid);
2735 spin_unlock_bh(&ar->data_lock);
2736}
2737
2738static int ath10k_htt_rx_extract_amsdu(struct sk_buff_head *list,
2739 struct sk_buff_head *amsdu)
2740{
2741 struct sk_buff *msdu;
2742 struct htt_rx_desc *rxd;
2743
2744 if (skb_queue_empty(list))
2745 return -ENOBUFS;
2746
2747 if (WARN_ON(!skb_queue_empty(amsdu)))
2748 return -EINVAL;
2749
2750 while ((msdu = __skb_dequeue(list))) {
2751 __skb_queue_tail(amsdu, msdu);
2752
2753 rxd = (void *)msdu->data - sizeof(*rxd);
2754 if (rxd->msdu_end.common.info0 &
2755 __cpu_to_le32(RX_MSDU_END_INFO0_LAST_MSDU))
2756 break;
2757 }
2758
2759 msdu = skb_peek_tail(amsdu);
2760 rxd = (void *)msdu->data - sizeof(*rxd);
2761 if (!(rxd->msdu_end.common.info0 &
2762 __cpu_to_le32(RX_MSDU_END_INFO0_LAST_MSDU))) {
2763 skb_queue_splice_init(amsdu, list);
2764 return -EAGAIN;
2765 }
2766
2767 return 0;
2768}
2769
2770static void ath10k_htt_rx_h_rx_offload_prot(struct ieee80211_rx_status *status,
2771 struct sk_buff *skb)
2772{
2773 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
2774
2775 if (!ieee80211_has_protected(hdr->frame_control))
2776 return;
2777
2778
2779
2780
2781
2782
2783 hdr->frame_control &= ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
2784 status->flag |= RX_FLAG_DECRYPTED |
2785 RX_FLAG_IV_STRIPPED |
2786 RX_FLAG_MMIC_STRIPPED;
2787}
2788
2789static void ath10k_htt_rx_h_rx_offload(struct ath10k *ar,
2790 struct sk_buff_head *list)
2791{
2792 struct ath10k_htt *htt = &ar->htt;
2793 struct ieee80211_rx_status *status = &htt->rx_status;
2794 struct htt_rx_offload_msdu *rx;
2795 struct sk_buff *msdu;
2796 size_t offset;
2797
2798 while ((msdu = __skb_dequeue(list))) {
2799
2800
2801
2802
2803 rx = (void *)msdu->data;
2804
2805 skb_put(msdu, sizeof(*rx));
2806 skb_pull(msdu, sizeof(*rx));
2807
2808 if (skb_tailroom(msdu) < __le16_to_cpu(rx->msdu_len)) {
2809 ath10k_warn(ar, "dropping frame: offloaded rx msdu is too long!\n");
2810 dev_kfree_skb_any(msdu);
2811 continue;
2812 }
2813
2814 skb_put(msdu, __le16_to_cpu(rx->msdu_len));
2815
2816
2817
2818
2819
2820
2821 offset = 4 - ((unsigned long)msdu->data & 3);
2822 skb_put(msdu, offset);
2823 memmove(msdu->data + offset, msdu->data, msdu->len);
2824 skb_pull(msdu, offset);
2825
2826
2827
2828
2829
2830 memset(status, 0, sizeof(*status));
2831 status->flag |= RX_FLAG_NO_SIGNAL_VAL;
2832
2833 ath10k_htt_rx_h_rx_offload_prot(status, msdu);
2834 ath10k_htt_rx_h_channel(ar, status, NULL, rx->vdev_id);
2835 ath10k_htt_rx_h_queue_msdu(ar, status, msdu);
2836 }
2837}
2838
2839static int ath10k_htt_rx_in_ord_ind(struct ath10k *ar, struct sk_buff *skb)
2840{
2841 struct ath10k_htt *htt = &ar->htt;
2842 struct htt_resp *resp = (void *)skb->data;
2843 struct ieee80211_rx_status *status = &htt->rx_status;
2844 struct sk_buff_head list;
2845 struct sk_buff_head amsdu;
2846 u16 peer_id;
2847 u16 msdu_count;
2848 u8 vdev_id;
2849 u8 tid;
2850 bool offload;
2851 bool frag;
2852 int ret;
2853
2854 lockdep_assert_held(&htt->rx_ring.lock);
2855
2856 if (htt->rx_confused)
2857 return -EIO;
2858
2859 skb_pull(skb, sizeof(resp->hdr));
2860 skb_pull(skb, sizeof(resp->rx_in_ord_ind));
2861
2862 peer_id = __le16_to_cpu(resp->rx_in_ord_ind.peer_id);
2863 msdu_count = __le16_to_cpu(resp->rx_in_ord_ind.msdu_count);
2864 vdev_id = resp->rx_in_ord_ind.vdev_id;
2865 tid = SM(resp->rx_in_ord_ind.info, HTT_RX_IN_ORD_IND_INFO_TID);
2866 offload = !!(resp->rx_in_ord_ind.info &
2867 HTT_RX_IN_ORD_IND_INFO_OFFLOAD_MASK);
2868 frag = !!(resp->rx_in_ord_ind.info & HTT_RX_IN_ORD_IND_INFO_FRAG_MASK);
2869
2870 ath10k_dbg(ar, ATH10K_DBG_HTT,
2871 "htt rx in ord vdev %i peer %i tid %i offload %i frag %i msdu count %i\n",
2872 vdev_id, peer_id, tid, offload, frag, msdu_count);
2873
2874 if (skb->len < msdu_count * sizeof(*resp->rx_in_ord_ind.msdu_descs32)) {
2875 ath10k_warn(ar, "dropping invalid in order rx indication\n");
2876 return -EINVAL;
2877 }
2878
2879
2880
2881
2882 __skb_queue_head_init(&list);
2883 if (ar->hw_params.target_64bit)
2884 ret = ath10k_htt_rx_pop_paddr64_list(htt, &resp->rx_in_ord_ind,
2885 &list);
2886 else
2887 ret = ath10k_htt_rx_pop_paddr32_list(htt, &resp->rx_in_ord_ind,
2888 &list);
2889
2890 if (ret < 0) {
2891 ath10k_warn(ar, "failed to pop paddr list: %d\n", ret);
2892 htt->rx_confused = true;
2893 return -EIO;
2894 }
2895
2896
2897
2898
2899 if (offload)
2900 ath10k_htt_rx_h_rx_offload(ar, &list);
2901
2902 while (!skb_queue_empty(&list)) {
2903 __skb_queue_head_init(&amsdu);
2904 ret = ath10k_htt_rx_extract_amsdu(&list, &amsdu);
2905 switch (ret) {
2906 case 0:
2907
2908
2909
2910
2911
2912
2913 ath10k_htt_rx_h_ppdu(ar, &amsdu, status, vdev_id);
2914 ath10k_htt_rx_h_filter(ar, &amsdu, status, NULL);
2915 ath10k_htt_rx_h_mpdu(ar, &amsdu, status, false, NULL,
2916 NULL);
2917 ath10k_htt_rx_h_enqueue(ar, &amsdu, status);
2918 break;
2919 case -EAGAIN:
2920
2921 default:
2922
2923 ath10k_warn(ar, "failed to extract amsdu: %d\n", ret);
2924 htt->rx_confused = true;
2925 __skb_queue_purge(&list);
2926 return -EIO;
2927 }
2928 }
2929 return ret;
2930}
2931
2932static void ath10k_htt_rx_tx_fetch_resp_id_confirm(struct ath10k *ar,
2933 const __le32 *resp_ids,
2934 int num_resp_ids)
2935{
2936 int i;
2937 u32 resp_id;
2938
2939 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch confirm num_resp_ids %d\n",
2940 num_resp_ids);
2941
2942 for (i = 0; i < num_resp_ids; i++) {
2943 resp_id = le32_to_cpu(resp_ids[i]);
2944
2945 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch confirm resp_id %u\n",
2946 resp_id);
2947
2948
2949 }
2950}
2951
2952static void ath10k_htt_rx_tx_fetch_ind(struct ath10k *ar, struct sk_buff *skb)
2953{
2954 struct ieee80211_hw *hw = ar->hw;
2955 struct ieee80211_txq *txq;
2956 struct htt_resp *resp = (struct htt_resp *)skb->data;
2957 struct htt_tx_fetch_record *record;
2958 size_t len;
2959 size_t max_num_bytes;
2960 size_t max_num_msdus;
2961 size_t num_bytes;
2962 size_t num_msdus;
2963 const __le32 *resp_ids;
2964 u16 num_records;
2965 u16 num_resp_ids;
2966 u16 peer_id;
2967 u8 tid;
2968 int ret;
2969 int i;
2970 bool may_tx;
2971
2972 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch ind\n");
2973
2974 len = sizeof(resp->hdr) + sizeof(resp->tx_fetch_ind);
2975 if (unlikely(skb->len < len)) {
2976 ath10k_warn(ar, "received corrupted tx_fetch_ind event: buffer too short\n");
2977 return;
2978 }
2979
2980 num_records = le16_to_cpu(resp->tx_fetch_ind.num_records);
2981 num_resp_ids = le16_to_cpu(resp->tx_fetch_ind.num_resp_ids);
2982
2983 len += sizeof(resp->tx_fetch_ind.records[0]) * num_records;
2984 len += sizeof(resp->tx_fetch_ind.resp_ids[0]) * num_resp_ids;
2985
2986 if (unlikely(skb->len < len)) {
2987 ath10k_warn(ar, "received corrupted tx_fetch_ind event: too many records/resp_ids\n");
2988 return;
2989 }
2990
2991 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch ind num records %hu num resps %hu seq %hu\n",
2992 num_records, num_resp_ids,
2993 le16_to_cpu(resp->tx_fetch_ind.fetch_seq_num));
2994
2995 if (!ar->htt.tx_q_state.enabled) {
2996 ath10k_warn(ar, "received unexpected tx_fetch_ind event: not enabled\n");
2997 return;
2998 }
2999
3000 if (ar->htt.tx_q_state.mode == HTT_TX_MODE_SWITCH_PUSH) {
3001 ath10k_warn(ar, "received unexpected tx_fetch_ind event: in push mode\n");
3002 return;
3003 }
3004
3005 rcu_read_lock();
3006
3007 for (i = 0; i < num_records; i++) {
3008 record = &resp->tx_fetch_ind.records[i];
3009 peer_id = MS(le16_to_cpu(record->info),
3010 HTT_TX_FETCH_RECORD_INFO_PEER_ID);
3011 tid = MS(le16_to_cpu(record->info),
3012 HTT_TX_FETCH_RECORD_INFO_TID);
3013 max_num_msdus = le16_to_cpu(record->num_msdus);
3014 max_num_bytes = le32_to_cpu(record->num_bytes);
3015
3016 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch record %i peer_id %hu tid %hhu msdus %zu bytes %zu\n",
3017 i, peer_id, tid, max_num_msdus, max_num_bytes);
3018
3019 if (unlikely(peer_id >= ar->htt.tx_q_state.num_peers) ||
3020 unlikely(tid >= ar->htt.tx_q_state.num_tids)) {
3021 ath10k_warn(ar, "received out of range peer_id %hu tid %hhu\n",
3022 peer_id, tid);
3023 continue;
3024 }
3025
3026 spin_lock_bh(&ar->data_lock);
3027 txq = ath10k_mac_txq_lookup(ar, peer_id, tid);
3028 spin_unlock_bh(&ar->data_lock);
3029
3030
3031
3032
3033
3034 if (unlikely(!txq)) {
3035 ath10k_warn(ar, "failed to lookup txq for peer_id %hu tid %hhu\n",
3036 peer_id, tid);
3037 continue;
3038 }
3039
3040 num_msdus = 0;
3041 num_bytes = 0;
3042
3043 ieee80211_txq_schedule_start(hw, txq->ac);
3044 may_tx = ieee80211_txq_may_transmit(hw, txq);
3045 while (num_msdus < max_num_msdus &&
3046 num_bytes < max_num_bytes) {
3047 if (!may_tx)
3048 break;
3049
3050 ret = ath10k_mac_tx_push_txq(hw, txq);
3051 if (ret < 0)
3052 break;
3053
3054 num_msdus++;
3055 num_bytes += ret;
3056 }
3057 ieee80211_return_txq(hw, txq, false);
3058 ieee80211_txq_schedule_end(hw, txq->ac);
3059
3060 record->num_msdus = cpu_to_le16(num_msdus);
3061 record->num_bytes = cpu_to_le32(num_bytes);
3062
3063 ath10k_htt_tx_txq_recalc(hw, txq);
3064 }
3065
3066 rcu_read_unlock();
3067
3068 resp_ids = ath10k_htt_get_tx_fetch_ind_resp_ids(&resp->tx_fetch_ind);
3069 ath10k_htt_rx_tx_fetch_resp_id_confirm(ar, resp_ids, num_resp_ids);
3070
3071 ret = ath10k_htt_tx_fetch_resp(ar,
3072 resp->tx_fetch_ind.token,
3073 resp->tx_fetch_ind.fetch_seq_num,
3074 resp->tx_fetch_ind.records,
3075 num_records);
3076 if (unlikely(ret)) {
3077 ath10k_warn(ar, "failed to submit tx fetch resp for token 0x%08x: %d\n",
3078 le32_to_cpu(resp->tx_fetch_ind.token), ret);
3079
3080 }
3081
3082 ath10k_htt_tx_txq_sync(ar);
3083}
3084
3085static void ath10k_htt_rx_tx_fetch_confirm(struct ath10k *ar,
3086 struct sk_buff *skb)
3087{
3088 const struct htt_resp *resp = (void *)skb->data;
3089 size_t len;
3090 int num_resp_ids;
3091
3092 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx fetch confirm\n");
3093
3094 len = sizeof(resp->hdr) + sizeof(resp->tx_fetch_confirm);
3095 if (unlikely(skb->len < len)) {
3096 ath10k_warn(ar, "received corrupted tx_fetch_confirm event: buffer too short\n");
3097 return;
3098 }
3099
3100 num_resp_ids = le16_to_cpu(resp->tx_fetch_confirm.num_resp_ids);
3101 len += sizeof(resp->tx_fetch_confirm.resp_ids[0]) * num_resp_ids;
3102
3103 if (unlikely(skb->len < len)) {
3104 ath10k_warn(ar, "received corrupted tx_fetch_confirm event: resp_ids buffer overflow\n");
3105 return;
3106 }
3107
3108 ath10k_htt_rx_tx_fetch_resp_id_confirm(ar,
3109 resp->tx_fetch_confirm.resp_ids,
3110 num_resp_ids);
3111}
3112
3113static void ath10k_htt_rx_tx_mode_switch_ind(struct ath10k *ar,
3114 struct sk_buff *skb)
3115{
3116 const struct htt_resp *resp = (void *)skb->data;
3117 const struct htt_tx_mode_switch_record *record;
3118 struct ieee80211_txq *txq;
3119 struct ath10k_txq *artxq;
3120 size_t len;
3121 size_t num_records;
3122 enum htt_tx_mode_switch_mode mode;
3123 bool enable;
3124 u16 info0;
3125 u16 info1;
3126 u16 threshold;
3127 u16 peer_id;
3128 u8 tid;
3129 int i;
3130
3131 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx tx mode switch ind\n");
3132
3133 len = sizeof(resp->hdr) + sizeof(resp->tx_mode_switch_ind);
3134 if (unlikely(skb->len < len)) {
3135 ath10k_warn(ar, "received corrupted tx_mode_switch_ind event: buffer too short\n");
3136 return;
3137 }
3138
3139 info0 = le16_to_cpu(resp->tx_mode_switch_ind.info0);
3140 info1 = le16_to_cpu(resp->tx_mode_switch_ind.info1);
3141
3142 enable = !!(info0 & HTT_TX_MODE_SWITCH_IND_INFO0_ENABLE);
3143 num_records = MS(info0, HTT_TX_MODE_SWITCH_IND_INFO1_THRESHOLD);
3144 mode = MS(info1, HTT_TX_MODE_SWITCH_IND_INFO1_MODE);
3145 threshold = MS(info1, HTT_TX_MODE_SWITCH_IND_INFO1_THRESHOLD);
3146
3147 ath10k_dbg(ar, ATH10K_DBG_HTT,
3148 "htt rx tx mode switch ind info0 0x%04hx info1 0x%04hx enable %d num records %zd mode %d threshold %hu\n",
3149 info0, info1, enable, num_records, mode, threshold);
3150
3151 len += sizeof(resp->tx_mode_switch_ind.records[0]) * num_records;
3152
3153 if (unlikely(skb->len < len)) {
3154 ath10k_warn(ar, "received corrupted tx_mode_switch_mode_ind event: too many records\n");
3155 return;
3156 }
3157
3158 switch (mode) {
3159 case HTT_TX_MODE_SWITCH_PUSH:
3160 case HTT_TX_MODE_SWITCH_PUSH_PULL:
3161 break;
3162 default:
3163 ath10k_warn(ar, "received invalid tx_mode_switch_mode_ind mode %d, ignoring\n",
3164 mode);
3165 return;
3166 }
3167
3168 if (!enable)
3169 return;
3170
3171 ar->htt.tx_q_state.enabled = enable;
3172 ar->htt.tx_q_state.mode = mode;
3173 ar->htt.tx_q_state.num_push_allowed = threshold;
3174
3175 rcu_read_lock();
3176
3177 for (i = 0; i < num_records; i++) {
3178 record = &resp->tx_mode_switch_ind.records[i];
3179 info0 = le16_to_cpu(record->info0);
3180 peer_id = MS(info0, HTT_TX_MODE_SWITCH_RECORD_INFO0_PEER_ID);
3181 tid = MS(info0, HTT_TX_MODE_SWITCH_RECORD_INFO0_TID);
3182
3183 if (unlikely(peer_id >= ar->htt.tx_q_state.num_peers) ||
3184 unlikely(tid >= ar->htt.tx_q_state.num_tids)) {
3185 ath10k_warn(ar, "received out of range peer_id %hu tid %hhu\n",
3186 peer_id, tid);
3187 continue;
3188 }
3189
3190 spin_lock_bh(&ar->data_lock);
3191 txq = ath10k_mac_txq_lookup(ar, peer_id, tid);
3192 spin_unlock_bh(&ar->data_lock);
3193
3194
3195
3196
3197
3198 if (unlikely(!txq)) {
3199 ath10k_warn(ar, "failed to lookup txq for peer_id %hu tid %hhu\n",
3200 peer_id, tid);
3201 continue;
3202 }
3203
3204 spin_lock_bh(&ar->htt.tx_lock);
3205 artxq = (void *)txq->drv_priv;
3206 artxq->num_push_allowed = le16_to_cpu(record->num_max_msdus);
3207 spin_unlock_bh(&ar->htt.tx_lock);
3208 }
3209
3210 rcu_read_unlock();
3211
3212 ath10k_mac_tx_push_pending(ar);
3213}
3214
3215void ath10k_htt_htc_t2h_msg_handler(struct ath10k *ar, struct sk_buff *skb)
3216{
3217 bool release;
3218
3219 release = ath10k_htt_t2h_msg_handler(ar, skb);
3220
3221
3222 if (release)
3223 dev_kfree_skb_any(skb);
3224}
3225
3226static inline s8 ath10k_get_legacy_rate_idx(struct ath10k *ar, u8 rate)
3227{
3228 static const u8 legacy_rates[] = {1, 2, 5, 11, 6, 9, 12,
3229 18, 24, 36, 48, 54};
3230 int i;
3231
3232 for (i = 0; i < ARRAY_SIZE(legacy_rates); i++) {
3233 if (rate == legacy_rates[i])
3234 return i;
3235 }
3236
3237 ath10k_warn(ar, "Invalid legacy rate %hhd peer stats", rate);
3238 return -EINVAL;
3239}
3240
3241static void
3242ath10k_accumulate_per_peer_tx_stats(struct ath10k *ar,
3243 struct ath10k_sta *arsta,
3244 struct ath10k_per_peer_tx_stats *pstats,
3245 s8 legacy_rate_idx)
3246{
3247 struct rate_info *txrate = &arsta->txrate;
3248 struct ath10k_htt_tx_stats *tx_stats;
3249 int idx, ht_idx, gi, mcs, bw, nss;
3250 unsigned long flags;
3251
3252 if (!arsta->tx_stats)
3253 return;
3254
3255 tx_stats = arsta->tx_stats;
3256 flags = txrate->flags;
3257 gi = test_bit(ATH10K_RATE_INFO_FLAGS_SGI_BIT, &flags);
3258 mcs = ATH10K_HW_MCS_RATE(pstats->ratecode);
3259 bw = txrate->bw;
3260 nss = txrate->nss;
3261 ht_idx = mcs + (nss - 1) * 8;
3262 idx = mcs * 8 + 8 * 10 * (nss - 1);
3263 idx += bw * 2 + gi;
3264
3265#define STATS_OP_FMT(name) tx_stats->stats[ATH10K_STATS_TYPE_##name]
3266
3267 if (txrate->flags & RATE_INFO_FLAGS_VHT_MCS) {
3268 STATS_OP_FMT(SUCC).vht[0][mcs] += pstats->succ_bytes;
3269 STATS_OP_FMT(SUCC).vht[1][mcs] += pstats->succ_pkts;
3270 STATS_OP_FMT(FAIL).vht[0][mcs] += pstats->failed_bytes;
3271 STATS_OP_FMT(FAIL).vht[1][mcs] += pstats->failed_pkts;
3272 STATS_OP_FMT(RETRY).vht[0][mcs] += pstats->retry_bytes;
3273 STATS_OP_FMT(RETRY).vht[1][mcs] += pstats->retry_pkts;
3274 } else if (txrate->flags & RATE_INFO_FLAGS_MCS) {
3275 STATS_OP_FMT(SUCC).ht[0][ht_idx] += pstats->succ_bytes;
3276 STATS_OP_FMT(SUCC).ht[1][ht_idx] += pstats->succ_pkts;
3277 STATS_OP_FMT(FAIL).ht[0][ht_idx] += pstats->failed_bytes;
3278 STATS_OP_FMT(FAIL).ht[1][ht_idx] += pstats->failed_pkts;
3279 STATS_OP_FMT(RETRY).ht[0][ht_idx] += pstats->retry_bytes;
3280 STATS_OP_FMT(RETRY).ht[1][ht_idx] += pstats->retry_pkts;
3281 } else {
3282 mcs = legacy_rate_idx;
3283
3284 STATS_OP_FMT(SUCC).legacy[0][mcs] += pstats->succ_bytes;
3285 STATS_OP_FMT(SUCC).legacy[1][mcs] += pstats->succ_pkts;
3286 STATS_OP_FMT(FAIL).legacy[0][mcs] += pstats->failed_bytes;
3287 STATS_OP_FMT(FAIL).legacy[1][mcs] += pstats->failed_pkts;
3288 STATS_OP_FMT(RETRY).legacy[0][mcs] += pstats->retry_bytes;
3289 STATS_OP_FMT(RETRY).legacy[1][mcs] += pstats->retry_pkts;
3290 }
3291
3292 if (ATH10K_HW_AMPDU(pstats->flags)) {
3293 tx_stats->ba_fails += ATH10K_HW_BA_FAIL(pstats->flags);
3294
3295 if (txrate->flags & RATE_INFO_FLAGS_MCS) {
3296 STATS_OP_FMT(AMPDU).ht[0][ht_idx] +=
3297 pstats->succ_bytes + pstats->retry_bytes;
3298 STATS_OP_FMT(AMPDU).ht[1][ht_idx] +=
3299 pstats->succ_pkts + pstats->retry_pkts;
3300 } else {
3301 STATS_OP_FMT(AMPDU).vht[0][mcs] +=
3302 pstats->succ_bytes + pstats->retry_bytes;
3303 STATS_OP_FMT(AMPDU).vht[1][mcs] +=
3304 pstats->succ_pkts + pstats->retry_pkts;
3305 }
3306 STATS_OP_FMT(AMPDU).bw[0][bw] +=
3307 pstats->succ_bytes + pstats->retry_bytes;
3308 STATS_OP_FMT(AMPDU).nss[0][nss - 1] +=
3309 pstats->succ_bytes + pstats->retry_bytes;
3310 STATS_OP_FMT(AMPDU).gi[0][gi] +=
3311 pstats->succ_bytes + pstats->retry_bytes;
3312 STATS_OP_FMT(AMPDU).rate_table[0][idx] +=
3313 pstats->succ_bytes + pstats->retry_bytes;
3314 STATS_OP_FMT(AMPDU).bw[1][bw] +=
3315 pstats->succ_pkts + pstats->retry_pkts;
3316 STATS_OP_FMT(AMPDU).nss[1][nss - 1] +=
3317 pstats->succ_pkts + pstats->retry_pkts;
3318 STATS_OP_FMT(AMPDU).gi[1][gi] +=
3319 pstats->succ_pkts + pstats->retry_pkts;
3320 STATS_OP_FMT(AMPDU).rate_table[1][idx] +=
3321 pstats->succ_pkts + pstats->retry_pkts;
3322 } else {
3323 tx_stats->ack_fails +=
3324 ATH10K_HW_BA_FAIL(pstats->flags);
3325 }
3326
3327 STATS_OP_FMT(SUCC).bw[0][bw] += pstats->succ_bytes;
3328 STATS_OP_FMT(SUCC).nss[0][nss - 1] += pstats->succ_bytes;
3329 STATS_OP_FMT(SUCC).gi[0][gi] += pstats->succ_bytes;
3330
3331 STATS_OP_FMT(SUCC).bw[1][bw] += pstats->succ_pkts;
3332 STATS_OP_FMT(SUCC).nss[1][nss - 1] += pstats->succ_pkts;
3333 STATS_OP_FMT(SUCC).gi[1][gi] += pstats->succ_pkts;
3334
3335 STATS_OP_FMT(FAIL).bw[0][bw] += pstats->failed_bytes;
3336 STATS_OP_FMT(FAIL).nss[0][nss - 1] += pstats->failed_bytes;
3337 STATS_OP_FMT(FAIL).gi[0][gi] += pstats->failed_bytes;
3338
3339 STATS_OP_FMT(FAIL).bw[1][bw] += pstats->failed_pkts;
3340 STATS_OP_FMT(FAIL).nss[1][nss - 1] += pstats->failed_pkts;
3341 STATS_OP_FMT(FAIL).gi[1][gi] += pstats->failed_pkts;
3342
3343 STATS_OP_FMT(RETRY).bw[0][bw] += pstats->retry_bytes;
3344 STATS_OP_FMT(RETRY).nss[0][nss - 1] += pstats->retry_bytes;
3345 STATS_OP_FMT(RETRY).gi[0][gi] += pstats->retry_bytes;
3346
3347 STATS_OP_FMT(RETRY).bw[1][bw] += pstats->retry_pkts;
3348 STATS_OP_FMT(RETRY).nss[1][nss - 1] += pstats->retry_pkts;
3349 STATS_OP_FMT(RETRY).gi[1][gi] += pstats->retry_pkts;
3350
3351 if (txrate->flags >= RATE_INFO_FLAGS_MCS) {
3352 STATS_OP_FMT(SUCC).rate_table[0][idx] += pstats->succ_bytes;
3353 STATS_OP_FMT(SUCC).rate_table[1][idx] += pstats->succ_pkts;
3354 STATS_OP_FMT(FAIL).rate_table[0][idx] += pstats->failed_bytes;
3355 STATS_OP_FMT(FAIL).rate_table[1][idx] += pstats->failed_pkts;
3356 STATS_OP_FMT(RETRY).rate_table[0][idx] += pstats->retry_bytes;
3357 STATS_OP_FMT(RETRY).rate_table[1][idx] += pstats->retry_pkts;
3358 }
3359
3360 tx_stats->tx_duration += pstats->duration;
3361}
3362
3363static void
3364ath10k_update_per_peer_tx_stats(struct ath10k *ar,
3365 struct ieee80211_sta *sta,
3366 struct ath10k_per_peer_tx_stats *peer_stats)
3367{
3368 struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
3369 struct ieee80211_chanctx_conf *conf = NULL;
3370 u8 rate = 0, sgi;
3371 s8 rate_idx = 0;
3372 bool skip_auto_rate;
3373 struct rate_info txrate;
3374
3375 lockdep_assert_held(&ar->data_lock);
3376
3377 txrate.flags = ATH10K_HW_PREAMBLE(peer_stats->ratecode);
3378 txrate.bw = ATH10K_HW_BW(peer_stats->flags);
3379 txrate.nss = ATH10K_HW_NSS(peer_stats->ratecode);
3380 txrate.mcs = ATH10K_HW_MCS_RATE(peer_stats->ratecode);
3381 sgi = ATH10K_HW_GI(peer_stats->flags);
3382 skip_auto_rate = ATH10K_FW_SKIPPED_RATE_CTRL(peer_stats->flags);
3383
3384
3385
3386
3387 if (skip_auto_rate)
3388 return;
3389
3390 if (txrate.flags == WMI_RATE_PREAMBLE_VHT && txrate.mcs > 9) {
3391 ath10k_warn(ar, "Invalid VHT mcs %hhd peer stats", txrate.mcs);
3392 return;
3393 }
3394
3395 if (txrate.flags == WMI_RATE_PREAMBLE_HT &&
3396 (txrate.mcs > 7 || txrate.nss < 1)) {
3397 ath10k_warn(ar, "Invalid HT mcs %hhd nss %hhd peer stats",
3398 txrate.mcs, txrate.nss);
3399 return;
3400 }
3401
3402 memset(&arsta->txrate, 0, sizeof(arsta->txrate));
3403 memset(&arsta->tx_info.status, 0, sizeof(arsta->tx_info.status));
3404 if (txrate.flags == WMI_RATE_PREAMBLE_CCK ||
3405 txrate.flags == WMI_RATE_PREAMBLE_OFDM) {
3406 rate = ATH10K_HW_LEGACY_RATE(peer_stats->ratecode);
3407
3408 if (rate == 6 && txrate.flags == WMI_RATE_PREAMBLE_CCK)
3409 rate = 5;
3410 rate_idx = ath10k_get_legacy_rate_idx(ar, rate);
3411 if (rate_idx < 0)
3412 return;
3413 arsta->txrate.legacy = rate;
3414 } else if (txrate.flags == WMI_RATE_PREAMBLE_HT) {
3415 arsta->txrate.flags = RATE_INFO_FLAGS_MCS;
3416 arsta->txrate.mcs = txrate.mcs + 8 * (txrate.nss - 1);
3417 } else {
3418 arsta->txrate.flags = RATE_INFO_FLAGS_VHT_MCS;
3419 arsta->txrate.mcs = txrate.mcs;
3420 }
3421
3422 switch (txrate.flags) {
3423 case WMI_RATE_PREAMBLE_OFDM:
3424 if (arsta->arvif && arsta->arvif->vif)
3425 conf = rcu_dereference(arsta->arvif->vif->chanctx_conf);
3426 if (conf && conf->def.chan->band == NL80211_BAND_5GHZ)
3427 arsta->tx_info.status.rates[0].idx = rate_idx - 4;
3428 break;
3429 case WMI_RATE_PREAMBLE_CCK:
3430 arsta->tx_info.status.rates[0].idx = rate_idx;
3431 if (sgi)
3432 arsta->tx_info.status.rates[0].flags |=
3433 (IEEE80211_TX_RC_USE_SHORT_PREAMBLE |
3434 IEEE80211_TX_RC_SHORT_GI);
3435 break;
3436 case WMI_RATE_PREAMBLE_HT:
3437 arsta->tx_info.status.rates[0].idx =
3438 txrate.mcs + ((txrate.nss - 1) * 8);
3439 if (sgi)
3440 arsta->tx_info.status.rates[0].flags |=
3441 IEEE80211_TX_RC_SHORT_GI;
3442 arsta->tx_info.status.rates[0].flags |= IEEE80211_TX_RC_MCS;
3443 break;
3444 case WMI_RATE_PREAMBLE_VHT:
3445 ieee80211_rate_set_vht(&arsta->tx_info.status.rates[0],
3446 txrate.mcs, txrate.nss);
3447 if (sgi)
3448 arsta->tx_info.status.rates[0].flags |=
3449 IEEE80211_TX_RC_SHORT_GI;
3450 arsta->tx_info.status.rates[0].flags |= IEEE80211_TX_RC_VHT_MCS;
3451 break;
3452 }
3453
3454 arsta->txrate.nss = txrate.nss;
3455 arsta->txrate.bw = ath10k_bw_to_mac80211_bw(txrate.bw);
3456 arsta->last_tx_bitrate = cfg80211_calculate_bitrate(&arsta->txrate);
3457 if (sgi)
3458 arsta->txrate.flags |= RATE_INFO_FLAGS_SHORT_GI;
3459
3460 switch (arsta->txrate.bw) {
3461 case RATE_INFO_BW_40:
3462 arsta->tx_info.status.rates[0].flags |=
3463 IEEE80211_TX_RC_40_MHZ_WIDTH;
3464 break;
3465 case RATE_INFO_BW_80:
3466 arsta->tx_info.status.rates[0].flags |=
3467 IEEE80211_TX_RC_80_MHZ_WIDTH;
3468 break;
3469 }
3470
3471 if (peer_stats->succ_pkts) {
3472 arsta->tx_info.flags = IEEE80211_TX_STAT_ACK;
3473 arsta->tx_info.status.rates[0].count = 1;
3474 ieee80211_tx_rate_update(ar->hw, sta, &arsta->tx_info);
3475 }
3476
3477 if (ath10k_debug_is_extd_tx_stats_enabled(ar))
3478 ath10k_accumulate_per_peer_tx_stats(ar, arsta, peer_stats,
3479 rate_idx);
3480}
3481
3482static void ath10k_htt_fetch_peer_stats(struct ath10k *ar,
3483 struct sk_buff *skb)
3484{
3485 struct htt_resp *resp = (struct htt_resp *)skb->data;
3486 struct ath10k_per_peer_tx_stats *p_tx_stats = &ar->peer_tx_stats;
3487 struct htt_per_peer_tx_stats_ind *tx_stats;
3488 struct ieee80211_sta *sta;
3489 struct ath10k_peer *peer;
3490 int peer_id, i;
3491 u8 ppdu_len, num_ppdu;
3492
3493 num_ppdu = resp->peer_tx_stats.num_ppdu;
3494 ppdu_len = resp->peer_tx_stats.ppdu_len * sizeof(__le32);
3495
3496 if (skb->len < sizeof(struct htt_resp_hdr) + num_ppdu * ppdu_len) {
3497 ath10k_warn(ar, "Invalid peer stats buf length %d\n", skb->len);
3498 return;
3499 }
3500
3501 tx_stats = (struct htt_per_peer_tx_stats_ind *)
3502 (resp->peer_tx_stats.payload);
3503 peer_id = __le16_to_cpu(tx_stats->peer_id);
3504
3505 rcu_read_lock();
3506 spin_lock_bh(&ar->data_lock);
3507 peer = ath10k_peer_find_by_id(ar, peer_id);
3508 if (!peer || !peer->sta) {
3509 ath10k_warn(ar, "Invalid peer id %d peer stats buffer\n",
3510 peer_id);
3511 goto out;
3512 }
3513
3514 sta = peer->sta;
3515 for (i = 0; i < num_ppdu; i++) {
3516 tx_stats = (struct htt_per_peer_tx_stats_ind *)
3517 (resp->peer_tx_stats.payload + i * ppdu_len);
3518
3519 p_tx_stats->succ_bytes = __le32_to_cpu(tx_stats->succ_bytes);
3520 p_tx_stats->retry_bytes = __le32_to_cpu(tx_stats->retry_bytes);
3521 p_tx_stats->failed_bytes =
3522 __le32_to_cpu(tx_stats->failed_bytes);
3523 p_tx_stats->ratecode = tx_stats->ratecode;
3524 p_tx_stats->flags = tx_stats->flags;
3525 p_tx_stats->succ_pkts = __le16_to_cpu(tx_stats->succ_pkts);
3526 p_tx_stats->retry_pkts = __le16_to_cpu(tx_stats->retry_pkts);
3527 p_tx_stats->failed_pkts = __le16_to_cpu(tx_stats->failed_pkts);
3528 p_tx_stats->duration = __le16_to_cpu(tx_stats->tx_duration);
3529
3530 ath10k_update_per_peer_tx_stats(ar, sta, p_tx_stats);
3531 }
3532
3533out:
3534 spin_unlock_bh(&ar->data_lock);
3535 rcu_read_unlock();
3536}
3537
3538static void ath10k_fetch_10_2_tx_stats(struct ath10k *ar, u8 *data)
3539{
3540 struct ath10k_pktlog_hdr *hdr = (struct ath10k_pktlog_hdr *)data;
3541 struct ath10k_per_peer_tx_stats *p_tx_stats = &ar->peer_tx_stats;
3542 struct ath10k_10_2_peer_tx_stats *tx_stats;
3543 struct ieee80211_sta *sta;
3544 struct ath10k_peer *peer;
3545 u16 log_type = __le16_to_cpu(hdr->log_type);
3546 u32 peer_id = 0, i;
3547
3548 if (log_type != ATH_PKTLOG_TYPE_TX_STAT)
3549 return;
3550
3551 tx_stats = (struct ath10k_10_2_peer_tx_stats *)((hdr->payload) +
3552 ATH10K_10_2_TX_STATS_OFFSET);
3553
3554 if (!tx_stats->tx_ppdu_cnt)
3555 return;
3556
3557 peer_id = tx_stats->peer_id;
3558
3559 rcu_read_lock();
3560 spin_lock_bh(&ar->data_lock);
3561 peer = ath10k_peer_find_by_id(ar, peer_id);
3562 if (!peer || !peer->sta) {
3563 ath10k_warn(ar, "Invalid peer id %d in peer stats buffer\n",
3564 peer_id);
3565 goto out;
3566 }
3567
3568 sta = peer->sta;
3569 for (i = 0; i < tx_stats->tx_ppdu_cnt; i++) {
3570 p_tx_stats->succ_bytes =
3571 __le16_to_cpu(tx_stats->success_bytes[i]);
3572 p_tx_stats->retry_bytes =
3573 __le16_to_cpu(tx_stats->retry_bytes[i]);
3574 p_tx_stats->failed_bytes =
3575 __le16_to_cpu(tx_stats->failed_bytes[i]);
3576 p_tx_stats->ratecode = tx_stats->ratecode[i];
3577 p_tx_stats->flags = tx_stats->flags[i];
3578 p_tx_stats->succ_pkts = tx_stats->success_pkts[i];
3579 p_tx_stats->retry_pkts = tx_stats->retry_pkts[i];
3580 p_tx_stats->failed_pkts = tx_stats->failed_pkts[i];
3581
3582 ath10k_update_per_peer_tx_stats(ar, sta, p_tx_stats);
3583 }
3584 spin_unlock_bh(&ar->data_lock);
3585 rcu_read_unlock();
3586
3587 return;
3588
3589out:
3590 spin_unlock_bh(&ar->data_lock);
3591 rcu_read_unlock();
3592}
3593
3594static int ath10k_htt_rx_pn_len(enum htt_security_types sec_type)
3595{
3596 switch (sec_type) {
3597 case HTT_SECURITY_TKIP:
3598 case HTT_SECURITY_TKIP_NOMIC:
3599 case HTT_SECURITY_AES_CCMP:
3600 return 48;
3601 default:
3602 return 0;
3603 }
3604}
3605
3606static void ath10k_htt_rx_sec_ind_handler(struct ath10k *ar,
3607 struct htt_security_indication *ev)
3608{
3609 enum htt_txrx_sec_cast_type sec_index;
3610 enum htt_security_types sec_type;
3611 struct ath10k_peer *peer;
3612
3613 spin_lock_bh(&ar->data_lock);
3614
3615 peer = ath10k_peer_find_by_id(ar, __le16_to_cpu(ev->peer_id));
3616 if (!peer) {
3617 ath10k_warn(ar, "failed to find peer id %d for security indication",
3618 __le16_to_cpu(ev->peer_id));
3619 goto out;
3620 }
3621
3622 sec_type = MS(ev->flags, HTT_SECURITY_TYPE);
3623
3624 if (ev->flags & HTT_SECURITY_IS_UNICAST)
3625 sec_index = HTT_TXRX_SEC_UCAST;
3626 else
3627 sec_index = HTT_TXRX_SEC_MCAST;
3628
3629 peer->rx_pn[sec_index].sec_type = sec_type;
3630 peer->rx_pn[sec_index].pn_len = ath10k_htt_rx_pn_len(sec_type);
3631
3632 memset(peer->tids_last_pn_valid, 0, sizeof(peer->tids_last_pn_valid));
3633 memset(peer->tids_last_pn, 0, sizeof(peer->tids_last_pn));
3634
3635out:
3636 spin_unlock_bh(&ar->data_lock);
3637}
3638
3639bool ath10k_htt_t2h_msg_handler(struct ath10k *ar, struct sk_buff *skb)
3640{
3641 struct ath10k_htt *htt = &ar->htt;
3642 struct htt_resp *resp = (struct htt_resp *)skb->data;
3643 enum htt_t2h_msg_type type;
3644
3645
3646 if (!IS_ALIGNED((unsigned long)skb->data, 4))
3647 ath10k_warn(ar, "unaligned htt message, expect trouble\n");
3648
3649 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx, msg_type: 0x%0X\n",
3650 resp->hdr.msg_type);
3651
3652 if (resp->hdr.msg_type >= ar->htt.t2h_msg_types_max) {
3653 ath10k_dbg(ar, ATH10K_DBG_HTT, "htt rx, unsupported msg_type: 0x%0X\n max: 0x%0X",
3654 resp->hdr.msg_type, ar->htt.t2h_msg_types_max);
3655 return true;
3656 }
3657 type = ar->htt.t2h_msg_types[resp->hdr.msg_type];
3658
3659 switch (type) {
3660 case HTT_T2H_MSG_TYPE_VERSION_CONF: {
3661 htt->target_version_major = resp->ver_resp.major;
3662 htt->target_version_minor = resp->ver_resp.minor;
3663 complete(&htt->target_version_received);
3664 break;
3665 }
3666 case HTT_T2H_MSG_TYPE_RX_IND:
3667 if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
3668 return ath10k_htt_rx_proc_rx_ind_hl(htt,
3669 &resp->rx_ind_hl,
3670 skb,
3671 HTT_RX_PN_CHECK,
3672 HTT_RX_NON_TKIP_MIC);
3673 else
3674 ath10k_htt_rx_proc_rx_ind_ll(htt, &resp->rx_ind);
3675 break;
3676 case HTT_T2H_MSG_TYPE_PEER_MAP: {
3677 struct htt_peer_map_event ev = {
3678 .vdev_id = resp->peer_map.vdev_id,
3679 .peer_id = __le16_to_cpu(resp->peer_map.peer_id),
3680 };
3681 memcpy(ev.addr, resp->peer_map.addr, sizeof(ev.addr));
3682 ath10k_peer_map_event(htt, &ev);
3683 break;
3684 }
3685 case HTT_T2H_MSG_TYPE_PEER_UNMAP: {
3686 struct htt_peer_unmap_event ev = {
3687 .peer_id = __le16_to_cpu(resp->peer_unmap.peer_id),
3688 };
3689 ath10k_peer_unmap_event(htt, &ev);
3690 break;
3691 }
3692 case HTT_T2H_MSG_TYPE_MGMT_TX_COMPLETION: {
3693 struct htt_tx_done tx_done = {};
3694 int status = __le32_to_cpu(resp->mgmt_tx_completion.status);
3695 int info = __le32_to_cpu(resp->mgmt_tx_completion.info);
3696
3697 tx_done.msdu_id = __le32_to_cpu(resp->mgmt_tx_completion.desc_id);
3698
3699 switch (status) {
3700 case HTT_MGMT_TX_STATUS_OK:
3701 tx_done.status = HTT_TX_COMPL_STATE_ACK;
3702 if (test_bit(WMI_SERVICE_HTT_MGMT_TX_COMP_VALID_FLAGS,
3703 ar->wmi.svc_map) &&
3704 (resp->mgmt_tx_completion.flags &
3705 HTT_MGMT_TX_CMPL_FLAG_ACK_RSSI)) {
3706 tx_done.ack_rssi =
3707 FIELD_GET(HTT_MGMT_TX_CMPL_INFO_ACK_RSSI_MASK,
3708 info);
3709 }
3710 break;
3711 case HTT_MGMT_TX_STATUS_RETRY:
3712 tx_done.status = HTT_TX_COMPL_STATE_NOACK;
3713 break;
3714 case HTT_MGMT_TX_STATUS_DROP:
3715 tx_done.status = HTT_TX_COMPL_STATE_DISCARD;
3716 break;
3717 }
3718
3719 status = ath10k_txrx_tx_unref(htt, &tx_done);
3720 if (!status) {
3721 spin_lock_bh(&htt->tx_lock);
3722 ath10k_htt_tx_mgmt_dec_pending(htt);
3723 spin_unlock_bh(&htt->tx_lock);
3724 }
3725 break;
3726 }
3727 case HTT_T2H_MSG_TYPE_TX_COMPL_IND:
3728 ath10k_htt_rx_tx_compl_ind(htt->ar, skb);
3729 break;
3730 case HTT_T2H_MSG_TYPE_SEC_IND: {
3731 struct ath10k *ar = htt->ar;
3732 struct htt_security_indication *ev = &resp->security_indication;
3733
3734 ath10k_htt_rx_sec_ind_handler(ar, ev);
3735 ath10k_dbg(ar, ATH10K_DBG_HTT,
3736 "sec ind peer_id %d unicast %d type %d\n",
3737 __le16_to_cpu(ev->peer_id),
3738 !!(ev->flags & HTT_SECURITY_IS_UNICAST),
3739 MS(ev->flags, HTT_SECURITY_TYPE));
3740 complete(&ar->install_key_done);
3741 break;
3742 }
3743 case HTT_T2H_MSG_TYPE_RX_FRAG_IND: {
3744 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt event: ",
3745 skb->data, skb->len);
3746 atomic_inc(&htt->num_mpdus_ready);
3747
3748 return ath10k_htt_rx_proc_rx_frag_ind(htt,
3749 &resp->rx_frag_ind,
3750 skb);
3751 break;
3752 }
3753 case HTT_T2H_MSG_TYPE_TEST:
3754 break;
3755 case HTT_T2H_MSG_TYPE_STATS_CONF:
3756 trace_ath10k_htt_stats(ar, skb->data, skb->len);
3757 break;
3758 case HTT_T2H_MSG_TYPE_TX_INSPECT_IND:
3759
3760
3761
3762
3763
3764 ath10k_warn(ar, "received an unexpected htt tx inspect event\n");
3765 break;
3766 case HTT_T2H_MSG_TYPE_RX_ADDBA:
3767 ath10k_htt_rx_addba(ar, resp);
3768 break;
3769 case HTT_T2H_MSG_TYPE_RX_DELBA:
3770 ath10k_htt_rx_delba(ar, resp);
3771 break;
3772 case HTT_T2H_MSG_TYPE_PKTLOG: {
3773 trace_ath10k_htt_pktlog(ar, resp->pktlog_msg.payload,
3774 skb->len -
3775 offsetof(struct htt_resp,
3776 pktlog_msg.payload));
3777
3778 if (ath10k_peer_stats_enabled(ar))
3779 ath10k_fetch_10_2_tx_stats(ar,
3780 resp->pktlog_msg.payload);
3781 break;
3782 }
3783 case HTT_T2H_MSG_TYPE_RX_FLUSH: {
3784
3785
3786
3787 break;
3788 }
3789 case HTT_T2H_MSG_TYPE_RX_IN_ORD_PADDR_IND: {
3790 skb_queue_tail(&htt->rx_in_ord_compl_q, skb);
3791 return false;
3792 }
3793 case HTT_T2H_MSG_TYPE_TX_CREDIT_UPDATE_IND:
3794 break;
3795 case HTT_T2H_MSG_TYPE_CHAN_CHANGE: {
3796 u32 phymode = __le32_to_cpu(resp->chan_change.phymode);
3797 u32 freq = __le32_to_cpu(resp->chan_change.freq);
3798
3799 ar->tgt_oper_chan = ieee80211_get_channel(ar->hw->wiphy, freq);
3800 ath10k_dbg(ar, ATH10K_DBG_HTT,
3801 "htt chan change freq %u phymode %s\n",
3802 freq, ath10k_wmi_phymode_str(phymode));
3803 break;
3804 }
3805 case HTT_T2H_MSG_TYPE_AGGR_CONF:
3806 break;
3807 case HTT_T2H_MSG_TYPE_TX_FETCH_IND: {
3808 struct sk_buff *tx_fetch_ind = skb_copy(skb, GFP_ATOMIC);
3809
3810 if (!tx_fetch_ind) {
3811 ath10k_warn(ar, "failed to copy htt tx fetch ind\n");
3812 break;
3813 }
3814 skb_queue_tail(&htt->tx_fetch_ind_q, tx_fetch_ind);
3815 break;
3816 }
3817 case HTT_T2H_MSG_TYPE_TX_FETCH_CONFIRM:
3818 ath10k_htt_rx_tx_fetch_confirm(ar, skb);
3819 break;
3820 case HTT_T2H_MSG_TYPE_TX_MODE_SWITCH_IND:
3821 ath10k_htt_rx_tx_mode_switch_ind(ar, skb);
3822 break;
3823 case HTT_T2H_MSG_TYPE_PEER_STATS:
3824 ath10k_htt_fetch_peer_stats(ar, skb);
3825 break;
3826 case HTT_T2H_MSG_TYPE_EN_STATS:
3827 default:
3828 ath10k_warn(ar, "htt event (%d) not handled\n",
3829 resp->hdr.msg_type);
3830 ath10k_dbg_dump(ar, ATH10K_DBG_HTT_DUMP, NULL, "htt event: ",
3831 skb->data, skb->len);
3832 break;
3833 }
3834 return true;
3835}
3836EXPORT_SYMBOL(ath10k_htt_t2h_msg_handler);
3837
3838void ath10k_htt_rx_pktlog_completion_handler(struct ath10k *ar,
3839 struct sk_buff *skb)
3840{
3841 trace_ath10k_htt_pktlog(ar, skb->data, skb->len);
3842 dev_kfree_skb_any(skb);
3843}
3844EXPORT_SYMBOL(ath10k_htt_rx_pktlog_completion_handler);
3845
3846static int ath10k_htt_rx_deliver_msdu(struct ath10k *ar, int quota, int budget)
3847{
3848 struct sk_buff *skb;
3849
3850 while (quota < budget) {
3851 if (skb_queue_empty(&ar->htt.rx_msdus_q))
3852 break;
3853
3854 skb = skb_dequeue(&ar->htt.rx_msdus_q);
3855 if (!skb)
3856 break;
3857 ath10k_process_rx(ar, skb);
3858 quota++;
3859 }
3860
3861 return quota;
3862}
3863
3864int ath10k_htt_txrx_compl_task(struct ath10k *ar, int budget)
3865{
3866 struct ath10k_htt *htt = &ar->htt;
3867 struct htt_tx_done tx_done = {};
3868 struct sk_buff_head tx_ind_q;
3869 struct sk_buff *skb;
3870 unsigned long flags;
3871 int quota = 0, done, ret;
3872 bool resched_napi = false;
3873
3874 __skb_queue_head_init(&tx_ind_q);
3875
3876
3877
3878
3879 quota = ath10k_htt_rx_deliver_msdu(ar, quota, budget);
3880 if (quota == budget) {
3881 resched_napi = true;
3882 goto exit;
3883 }
3884
3885 while ((skb = skb_dequeue(&htt->rx_in_ord_compl_q))) {
3886 spin_lock_bh(&htt->rx_ring.lock);
3887 ret = ath10k_htt_rx_in_ord_ind(ar, skb);
3888 spin_unlock_bh(&htt->rx_ring.lock);
3889
3890 dev_kfree_skb_any(skb);
3891 if (ret == -EIO) {
3892 resched_napi = true;
3893 goto exit;
3894 }
3895 }
3896
3897 while (atomic_read(&htt->num_mpdus_ready)) {
3898 ret = ath10k_htt_rx_handle_amsdu(htt);
3899 if (ret == -EIO) {
3900 resched_napi = true;
3901 goto exit;
3902 }
3903 atomic_dec(&htt->num_mpdus_ready);
3904 }
3905
3906
3907 quota = ath10k_htt_rx_deliver_msdu(ar, quota, budget);
3908
3909
3910
3911
3912
3913
3914 if ((quota < budget) && !kfifo_is_empty(&htt->txdone_fifo))
3915 quota = budget;
3916
3917
3918
3919
3920
3921
3922 while (kfifo_get(&htt->txdone_fifo, &tx_done))
3923 ath10k_txrx_tx_unref(htt, &tx_done);
3924
3925 ath10k_mac_tx_push_pending(ar);
3926
3927 spin_lock_irqsave(&htt->tx_fetch_ind_q.lock, flags);
3928 skb_queue_splice_init(&htt->tx_fetch_ind_q, &tx_ind_q);
3929 spin_unlock_irqrestore(&htt->tx_fetch_ind_q.lock, flags);
3930
3931 while ((skb = __skb_dequeue(&tx_ind_q))) {
3932 ath10k_htt_rx_tx_fetch_ind(ar, skb);
3933 dev_kfree_skb_any(skb);
3934 }
3935
3936exit:
3937 ath10k_htt_rx_msdu_buff_replenish(htt);
3938
3939
3940
3941 done = resched_napi ? budget : quota;
3942
3943 return done;
3944}
3945EXPORT_SYMBOL(ath10k_htt_txrx_compl_task);
3946
3947static const struct ath10k_htt_rx_ops htt_rx_ops_32 = {
3948 .htt_get_rx_ring_size = ath10k_htt_get_rx_ring_size_32,
3949 .htt_config_paddrs_ring = ath10k_htt_config_paddrs_ring_32,
3950 .htt_set_paddrs_ring = ath10k_htt_set_paddrs_ring_32,
3951 .htt_get_vaddr_ring = ath10k_htt_get_vaddr_ring_32,
3952 .htt_reset_paddrs_ring = ath10k_htt_reset_paddrs_ring_32,
3953};
3954
3955static const struct ath10k_htt_rx_ops htt_rx_ops_64 = {
3956 .htt_get_rx_ring_size = ath10k_htt_get_rx_ring_size_64,
3957 .htt_config_paddrs_ring = ath10k_htt_config_paddrs_ring_64,
3958 .htt_set_paddrs_ring = ath10k_htt_set_paddrs_ring_64,
3959 .htt_get_vaddr_ring = ath10k_htt_get_vaddr_ring_64,
3960 .htt_reset_paddrs_ring = ath10k_htt_reset_paddrs_ring_64,
3961};
3962
3963static const struct ath10k_htt_rx_ops htt_rx_ops_hl = {
3964 .htt_rx_proc_rx_frag_ind = ath10k_htt_rx_proc_rx_frag_ind_hl,
3965};
3966
3967void ath10k_htt_set_rx_ops(struct ath10k_htt *htt)
3968{
3969 struct ath10k *ar = htt->ar;
3970
3971 if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
3972 htt->rx_ops = &htt_rx_ops_hl;
3973 else if (ar->hw_params.target_64bit)
3974 htt->rx_ops = &htt_rx_ops_64;
3975 else
3976 htt->rx_ops = &htt_rx_ops_32;
3977}
3978
