1 /******************************************************************************
3 * Copyright(c) 2003 - 2014 Intel Corporation. All rights reserved.
4 * Copyright(c) 2015 Intel Deutschland GmbH
6 * Portions of this file are derived from the ipw3945 project, as well
7 * as portionhelp of the ieee80211 subsystem header files.
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of version 2 of the GNU General Public License as
11 * published by the Free Software Foundation.
13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
18 * You should have received a copy of the GNU General Public License along with
19 * this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA
22 * The full GNU General Public License is included in this distribution in the
23 * file called LICENSE.
25 * Contact Information:
26 * Intel Linux Wireless <linuxwifi@intel.com>
27 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
29 *****************************************************************************/
31 #include <linux/etherdevice.h>
32 #include <linux/slab.h>
33 #include <linux/sched.h>
34 #include <net/mac80211.h>
35 #include <asm/unaligned.h>
37 #include "iwl-trans.h"
43 /******************************************************************************
45 * Generic RX handler implementations
47 ******************************************************************************/
49 static void iwlagn_rx_reply_error(struct iwl_priv *priv,
50 struct iwl_rx_cmd_buffer *rxb)
52 struct iwl_rx_packet *pkt = rxb_addr(rxb);
53 struct iwl_error_resp *err_resp = (void *)pkt->data;
55 IWL_ERR(priv, "Error Reply type 0x%08X cmd REPLY_ERROR (0x%02X) "
56 "seq 0x%04X ser 0x%08X\n",
57 le32_to_cpu(err_resp->error_type),
59 le16_to_cpu(err_resp->bad_cmd_seq_num),
60 le32_to_cpu(err_resp->error_info));
63 static void iwlagn_rx_csa(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb)
65 struct iwl_rx_packet *pkt = rxb_addr(rxb);
66 struct iwl_csa_notification *csa = (void *)pkt->data;
69 * See iwlagn_mac_channel_switch.
71 struct iwl_rxon_context *ctx = &priv->contexts[IWL_RXON_CTX_BSS];
72 struct iwl_rxon_cmd *rxon = (void *)&ctx->active;
74 if (!test_bit(STATUS_CHANNEL_SWITCH_PENDING, &priv->status))
77 if (!le32_to_cpu(csa->status) && csa->channel == priv->switch_channel) {
78 rxon->channel = csa->channel;
79 ctx->staging.channel = csa->channel;
80 IWL_DEBUG_11H(priv, "CSA notif: channel %d\n",
81 le16_to_cpu(csa->channel));
82 iwl_chswitch_done(priv, true);
84 IWL_ERR(priv, "CSA notif (fail) : channel %d\n",
85 le16_to_cpu(csa->channel));
86 iwl_chswitch_done(priv, false);
91 static void iwlagn_rx_spectrum_measure_notif(struct iwl_priv *priv,
92 struct iwl_rx_cmd_buffer *rxb)
94 struct iwl_rx_packet *pkt = rxb_addr(rxb);
95 struct iwl_spectrum_notification *report = (void *)pkt->data;
99 "Spectrum Measure Notification: Start\n");
103 memcpy(&priv->measure_report, report, sizeof(*report));
104 priv->measurement_status |= MEASUREMENT_READY;
107 static void iwlagn_rx_pm_sleep_notif(struct iwl_priv *priv,
108 struct iwl_rx_cmd_buffer *rxb)
110 #ifdef CONFIG_IWLWIFI_DEBUG
111 struct iwl_rx_packet *pkt = rxb_addr(rxb);
112 struct iwl_sleep_notification *sleep = (void *)pkt->data;
113 IWL_DEBUG_RX(priv, "sleep mode: %d, src: %d\n",
114 sleep->pm_sleep_mode, sleep->pm_wakeup_src);
118 static void iwlagn_rx_pm_debug_statistics_notif(struct iwl_priv *priv,
119 struct iwl_rx_cmd_buffer *rxb)
121 struct iwl_rx_packet *pkt = rxb_addr(rxb);
122 u32 __maybe_unused len = iwl_rx_packet_len(pkt);
123 IWL_DEBUG_RADIO(priv, "Dumping %d bytes of unhandled "
124 "notification for PM_DEBUG_STATISTIC_NOTIFIC:\n", len);
125 iwl_print_hex_dump(priv, IWL_DL_RADIO, pkt->data, len);
128 static void iwlagn_rx_beacon_notif(struct iwl_priv *priv,
129 struct iwl_rx_cmd_buffer *rxb)
131 struct iwl_rx_packet *pkt = rxb_addr(rxb);
132 struct iwlagn_beacon_notif *beacon = (void *)pkt->data;
133 #ifdef CONFIG_IWLWIFI_DEBUG
134 u16 status = le16_to_cpu(beacon->beacon_notify_hdr.status.status);
135 u8 rate = iwl_hw_get_rate(beacon->beacon_notify_hdr.rate_n_flags);
137 IWL_DEBUG_RX(priv, "beacon status %#x, retries:%d ibssmgr:%d "
138 "tsf:0x%.8x%.8x rate:%d\n",
139 status & TX_STATUS_MSK,
140 beacon->beacon_notify_hdr.failure_frame,
141 le32_to_cpu(beacon->ibss_mgr_status),
142 le32_to_cpu(beacon->high_tsf),
143 le32_to_cpu(beacon->low_tsf), rate);
146 priv->ibss_manager = le32_to_cpu(beacon->ibss_mgr_status);
150 * iwl_good_plcp_health - checks for plcp error.
152 * When the plcp error is exceeding the thresholds, reset the radio
153 * to improve the throughput.
155 static bool iwlagn_good_plcp_health(struct iwl_priv *priv,
156 struct statistics_rx_phy *cur_ofdm,
157 struct statistics_rx_ht_phy *cur_ofdm_ht,
161 int threshold = priv->plcp_delta_threshold;
163 if (threshold == IWL_MAX_PLCP_ERR_THRESHOLD_DISABLE) {
164 IWL_DEBUG_RADIO(priv, "plcp_err check disabled\n");
168 delta = le32_to_cpu(cur_ofdm->plcp_err) -
169 le32_to_cpu(priv->statistics.rx_ofdm.plcp_err) +
170 le32_to_cpu(cur_ofdm_ht->plcp_err) -
171 le32_to_cpu(priv->statistics.rx_ofdm_ht.plcp_err);
173 /* Can be negative if firmware reset statistics */
177 if ((delta * 100 / msecs) > threshold) {
178 IWL_DEBUG_RADIO(priv,
179 "plcp health threshold %u delta %d msecs %u\n",
180 threshold, delta, msecs);
187 int iwl_force_rf_reset(struct iwl_priv *priv, bool external)
189 struct iwl_rf_reset *rf_reset;
191 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
194 if (!iwl_is_any_associated(priv)) {
195 IWL_DEBUG_SCAN(priv, "force reset rejected: not associated\n");
199 rf_reset = &priv->rf_reset;
200 rf_reset->reset_request_count++;
201 if (!external && rf_reset->last_reset_jiffies &&
202 time_after(rf_reset->last_reset_jiffies +
203 IWL_DELAY_NEXT_FORCE_RF_RESET, jiffies)) {
204 IWL_DEBUG_INFO(priv, "RF reset rejected\n");
205 rf_reset->reset_reject_count++;
208 rf_reset->reset_success_count++;
209 rf_reset->last_reset_jiffies = jiffies;
212 * There is no easy and better way to force reset the radio,
213 * the only known method is switching channel which will force to
214 * reset and tune the radio.
215 * Use internal short scan (single channel) operation to should
216 * achieve this objective.
217 * Driver should reset the radio when number of consecutive missed
218 * beacon, or any other uCode error condition detected.
220 IWL_DEBUG_INFO(priv, "perform radio reset.\n");
221 iwl_internal_short_hw_scan(priv);
226 static void iwlagn_recover_from_statistics(struct iwl_priv *priv,
227 struct statistics_rx_phy *cur_ofdm,
228 struct statistics_rx_ht_phy *cur_ofdm_ht,
229 struct statistics_tx *tx,
234 if (test_bit(STATUS_EXIT_PENDING, &priv->status))
237 msecs = jiffies_to_msecs(stamp - priv->rx_statistics_jiffies);
239 /* Only gather statistics and update time stamp when not associated */
240 if (!iwl_is_any_associated(priv))
243 /* Do not check/recover when do not have enough statistics data */
247 if (!iwlagn_good_plcp_health(priv, cur_ofdm, cur_ofdm_ht, msecs))
248 iwl_force_rf_reset(priv, false);
251 /* Calculate noise level, based on measurements during network silence just
252 * before arriving beacon. This measurement can be done only if we know
253 * exactly when to expect beacons, therefore only when we're associated. */
254 static void iwlagn_rx_calc_noise(struct iwl_priv *priv)
256 struct statistics_rx_non_phy *rx_info;
257 int num_active_rx = 0;
258 int total_silence = 0;
259 int bcn_silence_a, bcn_silence_b, bcn_silence_c;
262 rx_info = &priv->statistics.rx_non_phy;
265 le32_to_cpu(rx_info->beacon_silence_rssi_a) & IN_BAND_FILTER;
267 le32_to_cpu(rx_info->beacon_silence_rssi_b) & IN_BAND_FILTER;
269 le32_to_cpu(rx_info->beacon_silence_rssi_c) & IN_BAND_FILTER;
272 total_silence += bcn_silence_a;
276 total_silence += bcn_silence_b;
280 total_silence += bcn_silence_c;
284 /* Average among active antennas */
286 last_rx_noise = (total_silence / num_active_rx) - 107;
288 last_rx_noise = IWL_NOISE_MEAS_NOT_AVAILABLE;
290 IWL_DEBUG_CALIB(priv, "inband silence a %u, b %u, c %u, dBm %d\n",
291 bcn_silence_a, bcn_silence_b, bcn_silence_c,
295 #ifdef CONFIG_IWLWIFI_DEBUGFS
297 * based on the assumption of all statistics counter are in DWORD
298 * FIXME: This function is for debugging, do not deal with
299 * the case of counters roll-over.
301 static void accum_stats(__le32 *prev, __le32 *cur, __le32 *delta,
302 __le32 *max_delta, __le32 *accum, int size)
307 i < size / sizeof(__le32);
308 i++, prev++, cur++, delta++, max_delta++, accum++) {
309 if (le32_to_cpu(*cur) > le32_to_cpu(*prev)) {
310 *delta = cpu_to_le32(
311 le32_to_cpu(*cur) - le32_to_cpu(*prev));
312 le32_add_cpu(accum, le32_to_cpu(*delta));
313 if (le32_to_cpu(*delta) > le32_to_cpu(*max_delta))
320 iwlagn_accumulative_statistics(struct iwl_priv *priv,
321 struct statistics_general_common *common,
322 struct statistics_rx_non_phy *rx_non_phy,
323 struct statistics_rx_phy *rx_ofdm,
324 struct statistics_rx_ht_phy *rx_ofdm_ht,
325 struct statistics_rx_phy *rx_cck,
326 struct statistics_tx *tx,
327 struct statistics_bt_activity *bt_activity)
329 #define ACCUM(_name) \
330 accum_stats((__le32 *)&priv->statistics._name, \
332 (__le32 *)&priv->delta_stats._name, \
333 (__le32 *)&priv->max_delta_stats._name, \
334 (__le32 *)&priv->accum_stats._name, \
349 iwlagn_accumulative_statistics(struct iwl_priv *priv,
350 struct statistics_general_common *common,
351 struct statistics_rx_non_phy *rx_non_phy,
352 struct statistics_rx_phy *rx_ofdm,
353 struct statistics_rx_ht_phy *rx_ofdm_ht,
354 struct statistics_rx_phy *rx_cck,
355 struct statistics_tx *tx,
356 struct statistics_bt_activity *bt_activity)
361 static void iwlagn_rx_statistics(struct iwl_priv *priv,
362 struct iwl_rx_cmd_buffer *rxb)
364 unsigned long stamp = jiffies;
365 const int reg_recalib_period = 60;
367 struct iwl_rx_packet *pkt = rxb_addr(rxb);
368 u32 len = iwl_rx_packet_payload_len(pkt);
370 struct statistics_general_common *common;
371 struct statistics_rx_non_phy *rx_non_phy;
372 struct statistics_rx_phy *rx_ofdm;
373 struct statistics_rx_ht_phy *rx_ofdm_ht;
374 struct statistics_rx_phy *rx_cck;
375 struct statistics_tx *tx;
376 struct statistics_bt_activity *bt_activity;
378 IWL_DEBUG_RX(priv, "Statistics notification received (%d bytes).\n",
381 spin_lock(&priv->statistics.lock);
383 if (len == sizeof(struct iwl_bt_notif_statistics)) {
384 struct iwl_bt_notif_statistics *stats;
385 stats = (void *)&pkt->data;
387 common = &stats->general.common;
388 rx_non_phy = &stats->rx.general.common;
389 rx_ofdm = &stats->rx.ofdm;
390 rx_ofdm_ht = &stats->rx.ofdm_ht;
391 rx_cck = &stats->rx.cck;
393 bt_activity = &stats->general.activity;
395 #ifdef CONFIG_IWLWIFI_DEBUGFS
396 /* handle this exception directly */
397 priv->statistics.num_bt_kills = stats->rx.general.num_bt_kills;
398 le32_add_cpu(&priv->statistics.accum_num_bt_kills,
399 le32_to_cpu(stats->rx.general.num_bt_kills));
401 } else if (len == sizeof(struct iwl_notif_statistics)) {
402 struct iwl_notif_statistics *stats;
403 stats = (void *)&pkt->data;
405 common = &stats->general.common;
406 rx_non_phy = &stats->rx.general;
407 rx_ofdm = &stats->rx.ofdm;
408 rx_ofdm_ht = &stats->rx.ofdm_ht;
409 rx_cck = &stats->rx.cck;
413 WARN_ONCE(1, "len %d doesn't match BT (%zu) or normal (%zu)\n",
414 len, sizeof(struct iwl_bt_notif_statistics),
415 sizeof(struct iwl_notif_statistics));
416 spin_unlock(&priv->statistics.lock);
420 change = common->temperature != priv->statistics.common.temperature ||
421 (*flag & STATISTICS_REPLY_FLG_HT40_MODE_MSK) !=
422 (priv->statistics.flag & STATISTICS_REPLY_FLG_HT40_MODE_MSK);
424 iwlagn_accumulative_statistics(priv, common, rx_non_phy, rx_ofdm,
425 rx_ofdm_ht, rx_cck, tx, bt_activity);
427 iwlagn_recover_from_statistics(priv, rx_ofdm, rx_ofdm_ht, tx, stamp);
429 priv->statistics.flag = *flag;
430 memcpy(&priv->statistics.common, common, sizeof(*common));
431 memcpy(&priv->statistics.rx_non_phy, rx_non_phy, sizeof(*rx_non_phy));
432 memcpy(&priv->statistics.rx_ofdm, rx_ofdm, sizeof(*rx_ofdm));
433 memcpy(&priv->statistics.rx_ofdm_ht, rx_ofdm_ht, sizeof(*rx_ofdm_ht));
434 memcpy(&priv->statistics.rx_cck, rx_cck, sizeof(*rx_cck));
435 memcpy(&priv->statistics.tx, tx, sizeof(*tx));
436 #ifdef CONFIG_IWLWIFI_DEBUGFS
438 memcpy(&priv->statistics.bt_activity, bt_activity,
439 sizeof(*bt_activity));
442 priv->rx_statistics_jiffies = stamp;
444 set_bit(STATUS_STATISTICS, &priv->status);
446 /* Reschedule the statistics timer to occur in
447 * reg_recalib_period seconds to ensure we get a
448 * thermal update even if the uCode doesn't give
450 mod_timer(&priv->statistics_periodic, jiffies +
451 msecs_to_jiffies(reg_recalib_period * 1000));
453 if (unlikely(!test_bit(STATUS_SCANNING, &priv->status)) &&
454 (pkt->hdr.cmd == STATISTICS_NOTIFICATION)) {
455 iwlagn_rx_calc_noise(priv);
456 queue_work(priv->workqueue, &priv->run_time_calib_work);
458 if (priv->lib->temperature && change)
459 priv->lib->temperature(priv);
461 spin_unlock(&priv->statistics.lock);
464 static void iwlagn_rx_reply_statistics(struct iwl_priv *priv,
465 struct iwl_rx_cmd_buffer *rxb)
467 struct iwl_rx_packet *pkt = rxb_addr(rxb);
468 struct iwl_notif_statistics *stats = (void *)pkt->data;
470 if (le32_to_cpu(stats->flag) & UCODE_STATISTICS_CLEAR_MSK) {
471 #ifdef CONFIG_IWLWIFI_DEBUGFS
472 memset(&priv->accum_stats, 0,
473 sizeof(priv->accum_stats));
474 memset(&priv->delta_stats, 0,
475 sizeof(priv->delta_stats));
476 memset(&priv->max_delta_stats, 0,
477 sizeof(priv->max_delta_stats));
479 IWL_DEBUG_RX(priv, "Statistics have been cleared\n");
482 iwlagn_rx_statistics(priv, rxb);
485 /* Handle notification from uCode that card's power state is changing
486 * due to software, hardware, or critical temperature RFKILL */
487 static void iwlagn_rx_card_state_notif(struct iwl_priv *priv,
488 struct iwl_rx_cmd_buffer *rxb)
490 struct iwl_rx_packet *pkt = rxb_addr(rxb);
491 struct iwl_card_state_notif *card_state_notif = (void *)pkt->data;
492 u32 flags = le32_to_cpu(card_state_notif->flags);
493 unsigned long status = priv->status;
495 IWL_DEBUG_RF_KILL(priv, "Card state received: HW:%s SW:%s CT:%s\n",
496 (flags & HW_CARD_DISABLED) ? "Kill" : "On",
497 (flags & SW_CARD_DISABLED) ? "Kill" : "On",
498 (flags & CT_CARD_DISABLED) ?
499 "Reached" : "Not reached");
501 if (flags & (SW_CARD_DISABLED | HW_CARD_DISABLED |
504 iwl_write32(priv->trans, CSR_UCODE_DRV_GP1_SET,
505 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
507 iwl_write_direct32(priv->trans, HBUS_TARG_MBX_C,
508 HBUS_TARG_MBX_C_REG_BIT_CMD_BLOCKED);
510 if (!(flags & RXON_CARD_DISABLED)) {
511 iwl_write32(priv->trans, CSR_UCODE_DRV_GP1_CLR,
512 CSR_UCODE_DRV_GP1_BIT_CMD_BLOCKED);
513 iwl_write_direct32(priv->trans, HBUS_TARG_MBX_C,
514 HBUS_TARG_MBX_C_REG_BIT_CMD_BLOCKED);
516 if (flags & CT_CARD_DISABLED)
517 iwl_tt_enter_ct_kill(priv);
519 if (!(flags & CT_CARD_DISABLED))
520 iwl_tt_exit_ct_kill(priv);
522 if (flags & HW_CARD_DISABLED)
523 set_bit(STATUS_RF_KILL_HW, &priv->status);
525 clear_bit(STATUS_RF_KILL_HW, &priv->status);
528 if (!(flags & RXON_CARD_DISABLED))
529 iwl_scan_cancel(priv);
531 if ((test_bit(STATUS_RF_KILL_HW, &status) !=
532 test_bit(STATUS_RF_KILL_HW, &priv->status)))
533 wiphy_rfkill_set_hw_state(priv->hw->wiphy,
534 test_bit(STATUS_RF_KILL_HW, &priv->status));
537 static void iwlagn_rx_missed_beacon_notif(struct iwl_priv *priv,
538 struct iwl_rx_cmd_buffer *rxb)
541 struct iwl_rx_packet *pkt = rxb_addr(rxb);
542 struct iwl_missed_beacon_notif *missed_beacon = (void *)pkt->data;
544 if (le32_to_cpu(missed_beacon->consecutive_missed_beacons) >
545 priv->missed_beacon_threshold) {
546 IWL_DEBUG_CALIB(priv,
547 "missed bcn cnsq %d totl %d rcd %d expctd %d\n",
548 le32_to_cpu(missed_beacon->consecutive_missed_beacons),
549 le32_to_cpu(missed_beacon->total_missed_becons),
550 le32_to_cpu(missed_beacon->num_recvd_beacons),
551 le32_to_cpu(missed_beacon->num_expected_beacons));
552 if (!test_bit(STATUS_SCANNING, &priv->status))
553 iwl_init_sensitivity(priv);
557 /* Cache phy data (Rx signal strength, etc) for HT frame (REPLY_RX_PHY_CMD).
558 * This will be used later in iwl_rx_reply_rx() for REPLY_RX_MPDU_CMD. */
559 static void iwlagn_rx_reply_rx_phy(struct iwl_priv *priv,
560 struct iwl_rx_cmd_buffer *rxb)
562 struct iwl_rx_packet *pkt = rxb_addr(rxb);
564 priv->last_phy_res_valid = true;
566 memcpy(&priv->last_phy_res, pkt->data,
567 sizeof(struct iwl_rx_phy_res));
571 * returns non-zero if packet should be dropped
573 static int iwlagn_set_decrypted_flag(struct iwl_priv *priv,
574 struct ieee80211_hdr *hdr,
576 struct ieee80211_rx_status *stats)
578 u16 fc = le16_to_cpu(hdr->frame_control);
581 * All contexts have the same setting here due to it being
582 * a module parameter, so OK to check any context.
584 if (priv->contexts[IWL_RXON_CTX_BSS].active.filter_flags &
585 RXON_FILTER_DIS_DECRYPT_MSK)
588 if (!(fc & IEEE80211_FCTL_PROTECTED))
591 IWL_DEBUG_RX(priv, "decrypt_res:0x%x\n", decrypt_res);
592 switch (decrypt_res & RX_RES_STATUS_SEC_TYPE_MSK) {
593 case RX_RES_STATUS_SEC_TYPE_TKIP:
594 /* The uCode has got a bad phase 1 Key, pushes the packet.
595 * Decryption will be done in SW. */
596 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
597 RX_RES_STATUS_BAD_KEY_TTAK)
600 case RX_RES_STATUS_SEC_TYPE_WEP:
601 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
602 RX_RES_STATUS_BAD_ICV_MIC) {
603 /* bad ICV, the packet is destroyed since the
604 * decryption is inplace, drop it */
605 IWL_DEBUG_RX(priv, "Packet destroyed\n");
608 case RX_RES_STATUS_SEC_TYPE_CCMP:
609 if ((decrypt_res & RX_RES_STATUS_DECRYPT_TYPE_MSK) ==
610 RX_RES_STATUS_DECRYPT_OK) {
611 IWL_DEBUG_RX(priv, "hw decrypt successfully!!!\n");
612 stats->flag |= RX_FLAG_DECRYPTED;
622 static void iwlagn_pass_packet_to_mac80211(struct iwl_priv *priv,
623 struct ieee80211_hdr *hdr,
626 struct iwl_rx_cmd_buffer *rxb,
627 struct ieee80211_rx_status *stats)
630 __le16 fc = hdr->frame_control;
631 struct iwl_rxon_context *ctx;
632 unsigned int hdrlen, fraglen;
634 /* We only process data packets if the interface is open */
635 if (unlikely(!priv->is_open)) {
636 IWL_DEBUG_DROP_LIMIT(priv,
637 "Dropping packet while interface is not open.\n");
641 /* In case of HW accelerated crypto and bad decryption, drop */
642 if (!iwlwifi_mod_params.sw_crypto &&
643 iwlagn_set_decrypted_flag(priv, hdr, ampdu_status, stats))
646 /* Dont use dev_alloc_skb(), we'll have enough headroom once
647 * ieee80211_hdr pulled.
649 skb = alloc_skb(128, GFP_ATOMIC);
651 IWL_ERR(priv, "alloc_skb failed\n");
654 /* If frame is small enough to fit in skb->head, pull it completely.
655 * If not, only pull ieee80211_hdr so that splice() or TCP coalesce
656 * are more efficient.
658 hdrlen = (len <= skb_tailroom(skb)) ? len : sizeof(*hdr);
660 memcpy(skb_put(skb, hdrlen), hdr, hdrlen);
661 fraglen = len - hdrlen;
664 int offset = (void *)hdr + hdrlen -
665 rxb_addr(rxb) + rxb_offset(rxb);
667 skb_add_rx_frag(skb, 0, rxb_steal_page(rxb), offset,
668 fraglen, rxb->truesize);
672 * Wake any queues that were stopped due to a passive channel tx
673 * failure. This can happen because the regulatory enforcement in
674 * the device waits for a beacon before allowing transmission,
675 * sometimes even after already having transmitted frames for the
676 * association because the new RXON may reset the information.
678 if (unlikely(ieee80211_is_beacon(fc) && priv->passive_no_rx)) {
679 for_each_context(priv, ctx) {
680 if (!ether_addr_equal(hdr->addr3,
681 ctx->active.bssid_addr))
683 iwlagn_lift_passive_no_rx(priv);
687 memcpy(IEEE80211_SKB_RXCB(skb), stats, sizeof(*stats));
689 ieee80211_rx_napi(priv->hw, NULL, skb, priv->napi);
692 static u32 iwlagn_translate_rx_status(struct iwl_priv *priv, u32 decrypt_in)
696 if ((decrypt_in & RX_RES_STATUS_STATION_FOUND) ==
697 RX_RES_STATUS_STATION_FOUND)
698 decrypt_out |= (RX_RES_STATUS_STATION_FOUND |
699 RX_RES_STATUS_NO_STATION_INFO_MISMATCH);
701 decrypt_out |= (decrypt_in & RX_RES_STATUS_SEC_TYPE_MSK);
703 /* packet was not encrypted */
704 if ((decrypt_in & RX_RES_STATUS_SEC_TYPE_MSK) ==
705 RX_RES_STATUS_SEC_TYPE_NONE)
708 /* packet was encrypted with unknown alg */
709 if ((decrypt_in & RX_RES_STATUS_SEC_TYPE_MSK) ==
710 RX_RES_STATUS_SEC_TYPE_ERR)
713 /* decryption was not done in HW */
714 if ((decrypt_in & RX_MPDU_RES_STATUS_DEC_DONE_MSK) !=
715 RX_MPDU_RES_STATUS_DEC_DONE_MSK)
718 switch (decrypt_in & RX_RES_STATUS_SEC_TYPE_MSK) {
720 case RX_RES_STATUS_SEC_TYPE_CCMP:
721 /* alg is CCM: check MIC only */
722 if (!(decrypt_in & RX_MPDU_RES_STATUS_MIC_OK))
724 decrypt_out |= RX_RES_STATUS_BAD_ICV_MIC;
726 decrypt_out |= RX_RES_STATUS_DECRYPT_OK;
730 case RX_RES_STATUS_SEC_TYPE_TKIP:
731 if (!(decrypt_in & RX_MPDU_RES_STATUS_TTAK_OK)) {
733 decrypt_out |= RX_RES_STATUS_BAD_KEY_TTAK;
736 /* fall through if TTAK OK */
738 if (!(decrypt_in & RX_MPDU_RES_STATUS_ICV_OK))
739 decrypt_out |= RX_RES_STATUS_BAD_ICV_MIC;
741 decrypt_out |= RX_RES_STATUS_DECRYPT_OK;
745 IWL_DEBUG_RX(priv, "decrypt_in:0x%x decrypt_out = 0x%x\n",
746 decrypt_in, decrypt_out);
751 /* Calc max signal level (dBm) among 3 possible receivers */
752 static int iwlagn_calc_rssi(struct iwl_priv *priv,
753 struct iwl_rx_phy_res *rx_resp)
755 /* data from PHY/DSP regarding signal strength, etc.,
756 * contents are always there, not configurable by host
758 struct iwlagn_non_cfg_phy *ncphy =
759 (struct iwlagn_non_cfg_phy *)rx_resp->non_cfg_phy_buf;
760 u32 val, rssi_a, rssi_b, rssi_c, max_rssi;
763 val = le32_to_cpu(ncphy->non_cfg_phy[IWLAGN_RX_RES_AGC_IDX]);
764 agc = (val & IWLAGN_OFDM_AGC_MSK) >> IWLAGN_OFDM_AGC_BIT_POS;
766 /* Find max rssi among 3 possible receivers.
767 * These values are measured by the digital signal processor (DSP).
768 * They should stay fairly constant even as the signal strength varies,
769 * if the radio's automatic gain control (AGC) is working right.
770 * AGC value (see below) will provide the "interesting" info.
772 val = le32_to_cpu(ncphy->non_cfg_phy[IWLAGN_RX_RES_RSSI_AB_IDX]);
773 rssi_a = (val & IWLAGN_OFDM_RSSI_INBAND_A_BITMSK) >>
774 IWLAGN_OFDM_RSSI_A_BIT_POS;
775 rssi_b = (val & IWLAGN_OFDM_RSSI_INBAND_B_BITMSK) >>
776 IWLAGN_OFDM_RSSI_B_BIT_POS;
777 val = le32_to_cpu(ncphy->non_cfg_phy[IWLAGN_RX_RES_RSSI_C_IDX]);
778 rssi_c = (val & IWLAGN_OFDM_RSSI_INBAND_C_BITMSK) >>
779 IWLAGN_OFDM_RSSI_C_BIT_POS;
781 max_rssi = max_t(u32, rssi_a, rssi_b);
782 max_rssi = max_t(u32, max_rssi, rssi_c);
784 IWL_DEBUG_STATS(priv, "Rssi In A %d B %d C %d Max %d AGC dB %d\n",
785 rssi_a, rssi_b, rssi_c, max_rssi, agc);
787 /* dBm = max_rssi dB - agc dB - constant.
788 * Higher AGC (higher radio gain) means lower signal. */
789 return max_rssi - agc - IWLAGN_RSSI_OFFSET;
792 /* Called for REPLY_RX_MPDU_CMD */
793 static void iwlagn_rx_reply_rx(struct iwl_priv *priv,
794 struct iwl_rx_cmd_buffer *rxb)
796 struct ieee80211_hdr *header;
797 struct ieee80211_rx_status rx_status = {};
798 struct iwl_rx_packet *pkt = rxb_addr(rxb);
799 struct iwl_rx_phy_res *phy_res;
800 __le32 rx_pkt_status;
801 struct iwl_rx_mpdu_res_start *amsdu;
806 if (!priv->last_phy_res_valid) {
807 IWL_ERR(priv, "MPDU frame without cached PHY data\n");
810 phy_res = &priv->last_phy_res;
811 amsdu = (struct iwl_rx_mpdu_res_start *)pkt->data;
812 header = (struct ieee80211_hdr *)(pkt->data + sizeof(*amsdu));
813 len = le16_to_cpu(amsdu->byte_count);
814 rx_pkt_status = *(__le32 *)(pkt->data + sizeof(*amsdu) + len);
815 ampdu_status = iwlagn_translate_rx_status(priv,
816 le32_to_cpu(rx_pkt_status));
818 if ((unlikely(phy_res->cfg_phy_cnt > 20))) {
819 IWL_DEBUG_DROP(priv, "dsp size out of range [0,20]: %d\n",
820 phy_res->cfg_phy_cnt);
824 if (!(rx_pkt_status & RX_RES_STATUS_NO_CRC32_ERROR) ||
825 !(rx_pkt_status & RX_RES_STATUS_NO_RXE_OVERFLOW)) {
826 IWL_DEBUG_RX(priv, "Bad CRC or FIFO: 0x%08X.\n",
827 le32_to_cpu(rx_pkt_status));
831 /* This will be used in several places later */
832 rate_n_flags = le32_to_cpu(phy_res->rate_n_flags);
834 /* rx_status carries information about the packet to mac80211 */
835 rx_status.mactime = le64_to_cpu(phy_res->timestamp);
836 rx_status.band = (phy_res->phy_flags & RX_RES_PHY_FLAGS_BAND_24_MSK) ?
837 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ;
839 ieee80211_channel_to_frequency(le16_to_cpu(phy_res->channel),
842 iwlagn_hwrate_to_mac80211_idx(rate_n_flags, rx_status.band);
845 /* TSF isn't reliable. In order to allow smooth user experience,
846 * this W/A doesn't propagate it to the mac80211 */
847 /*rx_status.flag |= RX_FLAG_MACTIME_START;*/
849 priv->ucode_beacon_time = le32_to_cpu(phy_res->beacon_time_stamp);
851 /* Find max signal strength (dBm) among 3 antenna/receiver chains */
852 rx_status.signal = iwlagn_calc_rssi(priv, phy_res);
854 IWL_DEBUG_STATS_LIMIT(priv, "Rssi %d, TSF %llu\n",
855 rx_status.signal, (unsigned long long)rx_status.mactime);
860 * It seems that the antenna field in the phy flags value
861 * is actually a bit field. This is undefined by radiotap,
862 * it wants an actual antenna number but I always get "7"
863 * for most legacy frames I receive indicating that the
864 * same frame was received on all three RX chains.
866 * I think this field should be removed in favor of a
867 * new 802.11n radiotap field "RX chains" that is defined
871 (le16_to_cpu(phy_res->phy_flags) & RX_RES_PHY_FLAGS_ANTENNA_MSK)
872 >> RX_RES_PHY_FLAGS_ANTENNA_POS;
874 /* set the preamble flag if appropriate */
875 if (phy_res->phy_flags & RX_RES_PHY_FLAGS_SHORT_PREAMBLE_MSK)
876 rx_status.flag |= RX_FLAG_SHORTPRE;
878 if (phy_res->phy_flags & RX_RES_PHY_FLAGS_AGG_MSK) {
880 * We know which subframes of an A-MPDU belong
881 * together since we get a single PHY response
882 * from the firmware for all of them
884 rx_status.flag |= RX_FLAG_AMPDU_DETAILS;
885 rx_status.ampdu_reference = priv->ampdu_ref;
888 /* Set up the HT phy flags */
889 if (rate_n_flags & RATE_MCS_HT_MSK)
890 rx_status.flag |= RX_FLAG_HT;
891 if (rate_n_flags & RATE_MCS_HT40_MSK)
892 rx_status.flag |= RX_FLAG_40MHZ;
893 if (rate_n_flags & RATE_MCS_SGI_MSK)
894 rx_status.flag |= RX_FLAG_SHORT_GI;
895 if (rate_n_flags & RATE_MCS_GF_MSK)
896 rx_status.flag |= RX_FLAG_HT_GF;
898 iwlagn_pass_packet_to_mac80211(priv, header, len, ampdu_status,
902 static void iwlagn_rx_noa_notification(struct iwl_priv *priv,
903 struct iwl_rx_cmd_buffer *rxb)
905 struct iwl_wipan_noa_data *new_data, *old_data;
906 struct iwl_rx_packet *pkt = rxb_addr(rxb);
907 struct iwl_wipan_noa_notification *noa_notif = (void *)pkt->data;
909 /* no condition -- we're in softirq */
910 old_data = rcu_dereference_protected(priv->noa_data, true);
912 if (noa_notif->noa_active) {
913 u32 len = le16_to_cpu(noa_notif->noa_attribute.length);
916 /* EID, len, OUI, subtype */
917 len += 1 + 1 + 3 + 1;
918 /* P2P id, P2P length */
922 new_data = kmalloc(sizeof(*new_data) + len, GFP_ATOMIC);
924 new_data->length = len;
925 new_data->data[0] = WLAN_EID_VENDOR_SPECIFIC;
926 new_data->data[1] = len - 2; /* not counting EID, len */
927 new_data->data[2] = (WLAN_OUI_WFA >> 16) & 0xff;
928 new_data->data[3] = (WLAN_OUI_WFA >> 8) & 0xff;
929 new_data->data[4] = (WLAN_OUI_WFA >> 0) & 0xff;
930 new_data->data[5] = WLAN_OUI_TYPE_WFA_P2P;
931 memcpy(&new_data->data[6], &noa_notif->noa_attribute,
937 rcu_assign_pointer(priv->noa_data, new_data);
940 kfree_rcu(old_data, rcu_head);
944 * iwl_setup_rx_handlers - Initialize Rx handler callbacks
946 * Setup the RX handlers for each of the reply types sent from the uCode
949 void iwl_setup_rx_handlers(struct iwl_priv *priv)
951 void (**handlers)(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb);
953 handlers = priv->rx_handlers;
955 handlers[REPLY_ERROR] = iwlagn_rx_reply_error;
956 handlers[CHANNEL_SWITCH_NOTIFICATION] = iwlagn_rx_csa;
957 handlers[SPECTRUM_MEASURE_NOTIFICATION] =
958 iwlagn_rx_spectrum_measure_notif;
959 handlers[PM_SLEEP_NOTIFICATION] = iwlagn_rx_pm_sleep_notif;
960 handlers[PM_DEBUG_STATISTIC_NOTIFIC] =
961 iwlagn_rx_pm_debug_statistics_notif;
962 handlers[BEACON_NOTIFICATION] = iwlagn_rx_beacon_notif;
963 handlers[REPLY_ADD_STA] = iwl_add_sta_callback;
965 handlers[REPLY_WIPAN_NOA_NOTIFICATION] = iwlagn_rx_noa_notification;
968 * The same handler is used for both the REPLY to a discrete
969 * statistics request from the host as well as for the periodic
970 * statistics notifications (after received beacons) from the uCode.
972 handlers[REPLY_STATISTICS_CMD] = iwlagn_rx_reply_statistics;
973 handlers[STATISTICS_NOTIFICATION] = iwlagn_rx_statistics;
975 iwl_setup_rx_scan_handlers(priv);
977 handlers[CARD_STATE_NOTIFICATION] = iwlagn_rx_card_state_notif;
978 handlers[MISSED_BEACONS_NOTIFICATION] =
979 iwlagn_rx_missed_beacon_notif;
982 handlers[REPLY_RX_PHY_CMD] = iwlagn_rx_reply_rx_phy;
983 handlers[REPLY_RX_MPDU_CMD] = iwlagn_rx_reply_rx;
986 handlers[REPLY_COMPRESSED_BA] =
987 iwlagn_rx_reply_compressed_ba;
989 priv->rx_handlers[REPLY_TX] = iwlagn_rx_reply_tx;
991 /* set up notification wait support */
992 iwl_notification_wait_init(&priv->notif_wait);
994 /* Set up BT Rx handlers */
995 if (priv->lib->bt_params)
996 iwlagn_bt_rx_handler_setup(priv);
999 void iwl_rx_dispatch(struct iwl_op_mode *op_mode, struct napi_struct *napi,
1000 struct iwl_rx_cmd_buffer *rxb)
1002 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1003 struct iwl_priv *priv = IWL_OP_MODE_GET_DVM(op_mode);
1006 * Do the notification wait before RX handlers so
1007 * even if the RX handler consumes the RXB we have
1008 * access to it in the notification wait entry.
1010 iwl_notification_wait_notify(&priv->notif_wait, pkt);
1012 /* Based on type of command response or notification,
1013 * handle those that need handling via function in
1014 * rx_handlers table. See iwl_setup_rx_handlers() */
1015 if (priv->rx_handlers[pkt->hdr.cmd]) {
1016 priv->rx_handlers_stats[pkt->hdr.cmd]++;
1017 priv->rx_handlers[pkt->hdr.cmd](priv, rxb);
1019 /* No handling needed */
1020 IWL_DEBUG_RX(priv, "No handler needed for %s, 0x%02x\n",
1021 iwl_get_cmd_string(priv->trans,
1022 iwl_cmd_id(pkt->hdr.cmd,
projects / cascardo / linux.git / blob