Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
txrx.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2004-2011 Atheros Communications Inc.
3  * Copyright (c) 2011-2012 Qualcomm Atheros, Inc.
4  *
5  * Permission to use, copy, modify, and/or distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
19 
20 #include "core.h"
21 #include "debug.h"
22 #include "htc-ops.h"
23 
24 /*
25  * tid - tid_mux0..tid_mux3
26  * aid - tid_mux4..tid_mux7
27  */
28 #define ATH6KL_TID_MASK 0xf
29 #define ATH6KL_AID_SHIFT 4
30 
31 static inline u8 ath6kl_get_tid(u8 tid_mux)
32 {
33  return tid_mux & ATH6KL_TID_MASK;
34 }
35 
36 static inline u8 ath6kl_get_aid(u8 tid_mux)
37 {
38  return tid_mux >> ATH6KL_AID_SHIFT;
39 }
40 
41 static u8 ath6kl_ibss_map_epid(struct sk_buff *skb, struct net_device *dev,
42  u32 *map_no)
43 {
44  struct ath6kl *ar = ath6kl_priv(dev);
45  struct ethhdr *eth_hdr;
46  u32 i, ep_map = -1;
47  u8 *datap;
48 
49  *map_no = 0;
50  datap = skb->data;
51  eth_hdr = (struct ethhdr *) (datap + sizeof(struct wmi_data_hdr));
52 
53  if (is_multicast_ether_addr(eth_hdr->h_dest))
54  return ENDPOINT_2;
55 
56  for (i = 0; i < ar->node_num; i++) {
57  if (memcmp(eth_hdr->h_dest, ar->node_map[i].mac_addr,
58  ETH_ALEN) == 0) {
59  *map_no = i + 1;
60  ar->node_map[i].tx_pend++;
61  return ar->node_map[i].ep_id;
62  }
63 
64  if ((ep_map == -1) && !ar->node_map[i].tx_pend)
65  ep_map = i;
66  }
67 
68  if (ep_map == -1) {
69  ep_map = ar->node_num;
70  ar->node_num++;
71  if (ar->node_num > MAX_NODE_NUM)
72  return ENDPOINT_UNUSED;
73  }
74 
75  memcpy(ar->node_map[ep_map].mac_addr, eth_hdr->h_dest, ETH_ALEN);
76 
77  for (i = ENDPOINT_2; i <= ENDPOINT_5; i++) {
78  if (!ar->tx_pending[i]) {
79  ar->node_map[ep_map].ep_id = i;
80  break;
81  }
82 
83  /*
84  * No free endpoint is available, start redistribution on
85  * the inuse endpoints.
86  */
87  if (i == ENDPOINT_5) {
88  ar->node_map[ep_map].ep_id = ar->next_ep_id;
89  ar->next_ep_id++;
90  if (ar->next_ep_id > ENDPOINT_5)
91  ar->next_ep_id = ENDPOINT_2;
92  }
93  }
94 
95  *map_no = ep_map + 1;
96  ar->node_map[ep_map].tx_pend++;
97 
98  return ar->node_map[ep_map].ep_id;
99 }
100 
101 static bool ath6kl_process_uapsdq(struct ath6kl_sta *conn,
102  struct ath6kl_vif *vif,
103  struct sk_buff *skb,
104  u32 *flags)
105 {
106  struct ath6kl *ar = vif->ar;
107  bool is_apsdq_empty = false;
108  struct ethhdr *datap = (struct ethhdr *) skb->data;
109  u8 up = 0, traffic_class, *ip_hdr;
110  u16 ether_type;
111  struct ath6kl_llc_snap_hdr *llc_hdr;
112 
113  if (conn->sta_flags & STA_PS_APSD_TRIGGER) {
114  /*
115  * This tx is because of a uAPSD trigger, determine
116  * more and EOSP bit. Set EOSP if queue is empty
117  * or sufficient frames are delivered for this trigger.
118  */
119  spin_lock_bh(&conn->psq_lock);
120  if (!skb_queue_empty(&conn->apsdq))
121  *flags |= WMI_DATA_HDR_FLAGS_MORE;
122  else if (conn->sta_flags & STA_PS_APSD_EOSP)
123  *flags |= WMI_DATA_HDR_FLAGS_EOSP;
124  *flags |= WMI_DATA_HDR_FLAGS_UAPSD;
125  spin_unlock_bh(&conn->psq_lock);
126  return false;
127  } else if (!conn->apsd_info)
128  return false;
129 
130  if (test_bit(WMM_ENABLED, &vif->flags)) {
131  ether_type = be16_to_cpu(datap->h_proto);
132  if (is_ethertype(ether_type)) {
133  /* packet is in DIX format */
134  ip_hdr = (u8 *)(datap + 1);
135  } else {
136  /* packet is in 802.3 format */
137  llc_hdr = (struct ath6kl_llc_snap_hdr *)
138  (datap + 1);
139  ether_type = be16_to_cpu(llc_hdr->eth_type);
140  ip_hdr = (u8 *)(llc_hdr + 1);
141  }
142 
143  if (ether_type == IP_ETHERTYPE)
144  up = ath6kl_wmi_determine_user_priority(
145  ip_hdr, 0);
146  }
147 
148  traffic_class = ath6kl_wmi_get_traffic_class(up);
149 
150  if ((conn->apsd_info & (1 << traffic_class)) == 0)
151  return false;
152 
153  /* Queue the frames if the STA is sleeping */
154  spin_lock_bh(&conn->psq_lock);
155  is_apsdq_empty = skb_queue_empty(&conn->apsdq);
156  skb_queue_tail(&conn->apsdq, skb);
157  spin_unlock_bh(&conn->psq_lock);
158 
159  /*
160  * If this is the first pkt getting queued
161  * for this STA, update the PVB for this STA
162  */
163  if (is_apsdq_empty) {
164  ath6kl_wmi_set_apsd_bfrd_traf(ar->wmi,
165  vif->fw_vif_idx,
166  conn->aid, 1, 0);
167  }
168  *flags |= WMI_DATA_HDR_FLAGS_UAPSD;
169 
170  return true;
171 }
172 
173 static bool ath6kl_process_psq(struct ath6kl_sta *conn,
174  struct ath6kl_vif *vif,
175  struct sk_buff *skb,
176  u32 *flags)
177 {
178  bool is_psq_empty = false;
179  struct ath6kl *ar = vif->ar;
180 
181  if (conn->sta_flags & STA_PS_POLLED) {
182  spin_lock_bh(&conn->psq_lock);
183  if (!skb_queue_empty(&conn->psq))
184  *flags |= WMI_DATA_HDR_FLAGS_MORE;
185  spin_unlock_bh(&conn->psq_lock);
186  return false;
187  }
188 
189  /* Queue the frames if the STA is sleeping */
190  spin_lock_bh(&conn->psq_lock);
191  is_psq_empty = skb_queue_empty(&conn->psq);
192  skb_queue_tail(&conn->psq, skb);
193  spin_unlock_bh(&conn->psq_lock);
194 
195  /*
196  * If this is the first pkt getting queued
197  * for this STA, update the PVB for this
198  * STA.
199  */
200  if (is_psq_empty)
201  ath6kl_wmi_set_pvb_cmd(ar->wmi,
202  vif->fw_vif_idx,
203  conn->aid, 1);
204  return true;
205 }
206 
207 static bool ath6kl_powersave_ap(struct ath6kl_vif *vif, struct sk_buff *skb,
208  u32 *flags)
209 {
210  struct ethhdr *datap = (struct ethhdr *) skb->data;
211  struct ath6kl_sta *conn = NULL;
212  bool ps_queued = false;
213  struct ath6kl *ar = vif->ar;
214 
215  if (is_multicast_ether_addr(datap->h_dest)) {
216  u8 ctr = 0;
217  bool q_mcast = false;
218 
219  for (ctr = 0; ctr < AP_MAX_NUM_STA; ctr++) {
220  if (ar->sta_list[ctr].sta_flags & STA_PS_SLEEP) {
221  q_mcast = true;
222  break;
223  }
224  }
225 
226  if (q_mcast) {
227  /*
228  * If this transmit is not because of a Dtim Expiry
229  * q it.
230  */
231  if (!test_bit(DTIM_EXPIRED, &vif->flags)) {
232  bool is_mcastq_empty = false;
233 
234  spin_lock_bh(&ar->mcastpsq_lock);
235  is_mcastq_empty =
236  skb_queue_empty(&ar->mcastpsq);
237  skb_queue_tail(&ar->mcastpsq, skb);
238  spin_unlock_bh(&ar->mcastpsq_lock);
239 
240  /*
241  * If this is the first Mcast pkt getting
242  * queued indicate to the target to set the
243  * BitmapControl LSB of the TIM IE.
244  */
245  if (is_mcastq_empty)
246  ath6kl_wmi_set_pvb_cmd(ar->wmi,
247  vif->fw_vif_idx,
248  MCAST_AID, 1);
249 
250  ps_queued = true;
251  } else {
252  /*
253  * This transmit is because of Dtim expiry.
254  * Determine if MoreData bit has to be set.
255  */
256  spin_lock_bh(&ar->mcastpsq_lock);
257  if (!skb_queue_empty(&ar->mcastpsq))
258  *flags |= WMI_DATA_HDR_FLAGS_MORE;
259  spin_unlock_bh(&ar->mcastpsq_lock);
260  }
261  }
262  } else {
263  conn = ath6kl_find_sta(vif, datap->h_dest);
264  if (!conn) {
265  dev_kfree_skb(skb);
266 
267  /* Inform the caller that the skb is consumed */
268  return true;
269  }
270 
271  if (conn->sta_flags & STA_PS_SLEEP) {
272  ps_queued = ath6kl_process_uapsdq(conn,
273  vif, skb, flags);
274  if (!(*flags & WMI_DATA_HDR_FLAGS_UAPSD))
275  ps_queued = ath6kl_process_psq(conn,
276  vif, skb, flags);
277  }
278  }
279  return ps_queued;
280 }
281 
282 /* Tx functions */
283 
284 int ath6kl_control_tx(void *devt, struct sk_buff *skb,
285  enum htc_endpoint_id eid)
286 {
287  struct ath6kl *ar = devt;
288  int status = 0;
289  struct ath6kl_cookie *cookie = NULL;
290 
291  if (WARN_ON_ONCE(ar->state == ATH6KL_STATE_WOW))
292  return -EACCES;
293 
294  spin_lock_bh(&ar->lock);
295 
296  ath6kl_dbg(ATH6KL_DBG_WLAN_TX,
297  "%s: skb=0x%p, len=0x%x eid =%d\n", __func__,
298  skb, skb->len, eid);
299 
300  if (test_bit(WMI_CTRL_EP_FULL, &ar->flag) && (eid == ar->ctrl_ep)) {
301  /*
302  * Control endpoint is full, don't allocate resources, we
303  * are just going to drop this packet.
304  */
305  cookie = NULL;
306  ath6kl_err("wmi ctrl ep full, dropping pkt : 0x%p, len:%d\n",
307  skb, skb->len);
308  } else
309  cookie = ath6kl_alloc_cookie(ar);
310 
311  if (cookie == NULL) {
312  spin_unlock_bh(&ar->lock);
313  status = -ENOMEM;
314  goto fail_ctrl_tx;
315  }
316 
317  ar->tx_pending[eid]++;
318 
319  if (eid != ar->ctrl_ep)
320  ar->total_tx_data_pend++;
321 
322  spin_unlock_bh(&ar->lock);
323 
324  cookie->skb = skb;
325  cookie->map_no = 0;
326  set_htc_pkt_info(&cookie->htc_pkt, cookie, skb->data, skb->len,
327  eid, ATH6KL_CONTROL_PKT_TAG);
328  cookie->htc_pkt.skb = skb;
329 
330  /*
331  * This interface is asynchronous, if there is an error, cleanup
332  * will happen in the TX completion callback.
333  */
334  ath6kl_htc_tx(ar->htc_target, &cookie->htc_pkt);
335 
336  return 0;
337 
338 fail_ctrl_tx:
339  dev_kfree_skb(skb);
340  return status;
341 }
342 
343 int ath6kl_data_tx(struct sk_buff *skb, struct net_device *dev)
344 {
345  struct ath6kl *ar = ath6kl_priv(dev);
346  struct ath6kl_cookie *cookie = NULL;
347  enum htc_endpoint_id eid = ENDPOINT_UNUSED;
348  struct ath6kl_vif *vif = netdev_priv(dev);
349  u32 map_no = 0;
350  u16 htc_tag = ATH6KL_DATA_PKT_TAG;
351  u8 ac = 99 ; /* initialize to unmapped ac */
352  bool chk_adhoc_ps_mapping = false;
353  int ret;
354  struct wmi_tx_meta_v2 meta_v2;
355  void *meta;
356  u8 csum_start = 0, csum_dest = 0, csum = skb->ip_summed;
357  u8 meta_ver = 0;
358  u32 flags = 0;
359 
360  ath6kl_dbg(ATH6KL_DBG_WLAN_TX,
361  "%s: skb=0x%p, data=0x%p, len=0x%x\n", __func__,
362  skb, skb->data, skb->len);
363 
364  /* If target is not associated */
365  if (!test_bit(CONNECTED, &vif->flags))
366  goto fail_tx;
367 
368  if (WARN_ON_ONCE(ar->state != ATH6KL_STATE_ON))
369  goto fail_tx;
370 
371  if (!test_bit(WMI_READY, &ar->flag))
372  goto fail_tx;
373 
374  /* AP mode Power saving processing */
375  if (vif->nw_type == AP_NETWORK) {
376  if (ath6kl_powersave_ap(vif, skb, &flags))
377  return 0;
378  }
379 
380  if (test_bit(WMI_ENABLED, &ar->flag)) {
381  if ((dev->features & NETIF_F_IP_CSUM) &&
382  (csum == CHECKSUM_PARTIAL)) {
383  csum_start = skb->csum_start -
384  (skb_network_header(skb) - skb->head) +
385  sizeof(struct ath6kl_llc_snap_hdr);
386  csum_dest = skb->csum_offset + csum_start;
387  }
388 
389  if (skb_headroom(skb) < dev->needed_headroom) {
390  struct sk_buff *tmp_skb = skb;
391 
392  skb = skb_realloc_headroom(skb, dev->needed_headroom);
393  kfree_skb(tmp_skb);
394  if (skb == NULL) {
395  vif->net_stats.tx_dropped++;
396  return 0;
397  }
398  }
399 
400  if (ath6kl_wmi_dix_2_dot3(ar->wmi, skb)) {
401  ath6kl_err("ath6kl_wmi_dix_2_dot3 failed\n");
402  goto fail_tx;
403  }
404 
405  if ((dev->features & NETIF_F_IP_CSUM) &&
406  (csum == CHECKSUM_PARTIAL)) {
407  meta_v2.csum_start = csum_start;
408  meta_v2.csum_dest = csum_dest;
409 
410  /* instruct target to calculate checksum */
411  meta_v2.csum_flags = WMI_META_V2_FLAG_CSUM_OFFLOAD;
412  meta_ver = WMI_META_VERSION_2;
413  meta = &meta_v2;
414  } else {
415  meta_ver = 0;
416  meta = NULL;
417  }
418 
419  ret = ath6kl_wmi_data_hdr_add(ar->wmi, skb,
420  DATA_MSGTYPE, flags, 0,
421  meta_ver,
422  meta, vif->fw_vif_idx);
423 
424  if (ret) {
425  ath6kl_warn("failed to add wmi data header:%d\n"
426  , ret);
427  goto fail_tx;
428  }
429 
430  if ((vif->nw_type == ADHOC_NETWORK) &&
431  ar->ibss_ps_enable && test_bit(CONNECTED, &vif->flags))
432  chk_adhoc_ps_mapping = true;
433  else {
434  /* get the stream mapping */
435  ret = ath6kl_wmi_implicit_create_pstream(ar->wmi,
436  vif->fw_vif_idx, skb,
437  0, test_bit(WMM_ENABLED, &vif->flags), &ac);
438  if (ret)
439  goto fail_tx;
440  }
441  } else
442  goto fail_tx;
443 
444  spin_lock_bh(&ar->lock);
445 
446  if (chk_adhoc_ps_mapping)
447  eid = ath6kl_ibss_map_epid(skb, dev, &map_no);
448  else
449  eid = ar->ac2ep_map[ac];
450 
451  if (eid == 0 || eid == ENDPOINT_UNUSED) {
452  ath6kl_err("eid %d is not mapped!\n", eid);
453  spin_unlock_bh(&ar->lock);
454  goto fail_tx;
455  }
456 
457  /* allocate resource for this packet */
458  cookie = ath6kl_alloc_cookie(ar);
459 
460  if (!cookie) {
461  spin_unlock_bh(&ar->lock);
462  goto fail_tx;
463  }
464 
465  /* update counts while the lock is held */
466  ar->tx_pending[eid]++;
467  ar->total_tx_data_pend++;
468 
469  spin_unlock_bh(&ar->lock);
470 
471  if (!IS_ALIGNED((unsigned long) skb->data - HTC_HDR_LENGTH, 4) &&
472  skb_cloned(skb)) {
473  /*
474  * We will touch (move the buffer data to align it. Since the
475  * skb buffer is cloned and not only the header is changed, we
476  * have to copy it to allow the changes. Since we are copying
477  * the data here, we may as well align it by reserving suitable
478  * headroom to avoid the memmove in ath6kl_htc_tx_buf_align().
479  */
480  struct sk_buff *nskb;
481 
482  nskb = skb_copy_expand(skb, HTC_HDR_LENGTH, 0, GFP_ATOMIC);
483  if (nskb == NULL)
484  goto fail_tx;
485  kfree_skb(skb);
486  skb = nskb;
487  }
488 
489  cookie->skb = skb;
490  cookie->map_no = map_no;
491  set_htc_pkt_info(&cookie->htc_pkt, cookie, skb->data, skb->len,
492  eid, htc_tag);
493  cookie->htc_pkt.skb = skb;
494 
495  ath6kl_dbg_dump(ATH6KL_DBG_RAW_BYTES, __func__, "tx ",
496  skb->data, skb->len);
497 
498  /*
499  * HTC interface is asynchronous, if this fails, cleanup will
500  * happen in the ath6kl_tx_complete callback.
501  */
502  ath6kl_htc_tx(ar->htc_target, &cookie->htc_pkt);
503 
504  return 0;
505 
506 fail_tx:
507  dev_kfree_skb(skb);
508 
509  vif->net_stats.tx_dropped++;
510  vif->net_stats.tx_aborted_errors++;
511 
512  return 0;
513 }
514 
515 /* indicate tx activity or inactivity on a WMI stream */
516 void ath6kl_indicate_tx_activity(void *devt, u8 traffic_class, bool active)
517 {
518  struct ath6kl *ar = devt;
519  enum htc_endpoint_id eid;
520  int i;
521 
522  eid = ar->ac2ep_map[traffic_class];
523 
524  if (!test_bit(WMI_ENABLED, &ar->flag))
525  goto notify_htc;
526 
527  spin_lock_bh(&ar->lock);
528 
529  ar->ac_stream_active[traffic_class] = active;
530 
531  if (active) {
532  /*
533  * Keep track of the active stream with the highest
534  * priority.
535  */
536  if (ar->ac_stream_pri_map[traffic_class] >
537  ar->hiac_stream_active_pri)
538  /* set the new highest active priority */
539  ar->hiac_stream_active_pri =
540  ar->ac_stream_pri_map[traffic_class];
541 
542  } else {
543  /*
544  * We may have to search for the next active stream
545  * that is the highest priority.
546  */
547  if (ar->hiac_stream_active_pri ==
548  ar->ac_stream_pri_map[traffic_class]) {
549  /*
550  * The highest priority stream just went inactive
551  * reset and search for the "next" highest "active"
552  * priority stream.
553  */
554  ar->hiac_stream_active_pri = 0;
555 
556  for (i = 0; i < WMM_NUM_AC; i++) {
557  if (ar->ac_stream_active[i] &&
558  (ar->ac_stream_pri_map[i] >
559  ar->hiac_stream_active_pri))
560  /*
561  * Set the new highest active
562  * priority.
563  */
564  ar->hiac_stream_active_pri =
565  ar->ac_stream_pri_map[i];
566  }
567  }
568  }
569 
570  spin_unlock_bh(&ar->lock);
571 
572 notify_htc:
573  /* notify HTC, this may cause credit distribution changes */
574  ath6kl_htc_activity_changed(ar->htc_target, eid, active);
575 }
576 
577 enum htc_send_full_action ath6kl_tx_queue_full(struct htc_target *target,
578  struct htc_packet *packet)
579 {
580  struct ath6kl *ar = target->dev->ar;
581  struct ath6kl_vif *vif;
582  enum htc_endpoint_id endpoint = packet->endpoint;
583  enum htc_send_full_action action = HTC_SEND_FULL_KEEP;
584 
585  if (endpoint == ar->ctrl_ep) {
586  /*
587  * Under normal WMI if this is getting full, then something
588  * is running rampant the host should not be exhausting the
589  * WMI queue with too many commands the only exception to
590  * this is during testing using endpointping.
591  */
592  set_bit(WMI_CTRL_EP_FULL, &ar->flag);
593  ath6kl_err("wmi ctrl ep is full\n");
594  return action;
595  }
596 
597  if (packet->info.tx.tag == ATH6KL_CONTROL_PKT_TAG)
598  return action;
599 
600  /*
601  * The last MAX_HI_COOKIE_NUM "batch" of cookies are reserved for
602  * the highest active stream.
603  */
604  if (ar->ac_stream_pri_map[ar->ep2ac_map[endpoint]] <
605  ar->hiac_stream_active_pri &&
606  ar->cookie_count <=
607  target->endpoint[endpoint].tx_drop_packet_threshold)
608  /*
609  * Give preference to the highest priority stream by
610  * dropping the packets which overflowed.
611  */
612  action = HTC_SEND_FULL_DROP;
613 
614  /* FIXME: Locking */
615  spin_lock_bh(&ar->list_lock);
616  list_for_each_entry(vif, &ar->vif_list, list) {
617  if (vif->nw_type == ADHOC_NETWORK ||
618  action != HTC_SEND_FULL_DROP) {
619  spin_unlock_bh(&ar->list_lock);
620 
621  set_bit(NETQ_STOPPED, &vif->flags);
622  netif_stop_queue(vif->ndev);
623 
624  return action;
625  }
626  }
627  spin_unlock_bh(&ar->list_lock);
628 
629  return action;
630 }
631 
632 /* TODO this needs to be looked at */
633 static void ath6kl_tx_clear_node_map(struct ath6kl_vif *vif,
634  enum htc_endpoint_id eid, u32 map_no)
635 {
636  struct ath6kl *ar = vif->ar;
637  u32 i;
638 
639  if (vif->nw_type != ADHOC_NETWORK)
640  return;
641 
642  if (!ar->ibss_ps_enable)
643  return;
644 
645  if (eid == ar->ctrl_ep)
646  return;
647 
648  if (map_no == 0)
649  return;
650 
651  map_no--;
652  ar->node_map[map_no].tx_pend--;
653 
654  if (ar->node_map[map_no].tx_pend)
655  return;
656 
657  if (map_no != (ar->node_num - 1))
658  return;
659 
660  for (i = ar->node_num; i > 0; i--) {
661  if (ar->node_map[i - 1].tx_pend)
662  break;
663 
664  memset(&ar->node_map[i - 1], 0,
665  sizeof(struct ath6kl_node_mapping));
666  ar->node_num--;
667  }
668 }
669 
670 void ath6kl_tx_complete(struct htc_target *target,
671  struct list_head *packet_queue)
672 {
673  struct ath6kl *ar = target->dev->ar;
674  struct sk_buff_head skb_queue;
675  struct htc_packet *packet;
676  struct sk_buff *skb;
677  struct ath6kl_cookie *ath6kl_cookie;
678  u32 map_no = 0;
679  int status;
680  enum htc_endpoint_id eid;
681  bool wake_event = false;
682  bool flushing[ATH6KL_VIF_MAX] = {false};
683  u8 if_idx;
684  struct ath6kl_vif *vif;
685 
686  skb_queue_head_init(&skb_queue);
687 
688  /* lock the driver as we update internal state */
689  spin_lock_bh(&ar->lock);
690 
691  /* reap completed packets */
692  while (!list_empty(packet_queue)) {
693 
694  packet = list_first_entry(packet_queue, struct htc_packet,
695  list);
696  list_del(&packet->list);
697 
698  ath6kl_cookie = (struct ath6kl_cookie *)packet->pkt_cntxt;
699  if (!ath6kl_cookie)
700  goto fatal;
701 
702  status = packet->status;
703  skb = ath6kl_cookie->skb;
704  eid = packet->endpoint;
705  map_no = ath6kl_cookie->map_no;
706 
707  if (!skb || !skb->data)
708  goto fatal;
709 
710  __skb_queue_tail(&skb_queue, skb);
711 
712  if (!status && (packet->act_len != skb->len))
713  goto fatal;
714 
715  ar->tx_pending[eid]--;
716 
717  if (eid != ar->ctrl_ep)
718  ar->total_tx_data_pend--;
719 
720  if (eid == ar->ctrl_ep) {
721  if (test_bit(WMI_CTRL_EP_FULL, &ar->flag))
722  clear_bit(WMI_CTRL_EP_FULL, &ar->flag);
723 
724  if (ar->tx_pending[eid] == 0)
725  wake_event = true;
726  }
727 
728  if (eid == ar->ctrl_ep) {
729  if_idx = wmi_cmd_hdr_get_if_idx(
730  (struct wmi_cmd_hdr *) packet->buf);
731  } else {
732  if_idx = wmi_data_hdr_get_if_idx(
733  (struct wmi_data_hdr *) packet->buf);
734  }
735 
736  vif = ath6kl_get_vif_by_index(ar, if_idx);
737  if (!vif) {
738  ath6kl_free_cookie(ar, ath6kl_cookie);
739  continue;
740  }
741 
742  if (status) {
743  if (status == -ECANCELED)
744  /* a packet was flushed */
745  flushing[if_idx] = true;
746 
747  vif->net_stats.tx_errors++;
748 
749  if (status != -ENOSPC && status != -ECANCELED)
750  ath6kl_warn("tx complete error: %d\n", status);
751 
752  ath6kl_dbg(ATH6KL_DBG_WLAN_TX,
753  "%s: skb=0x%p data=0x%p len=0x%x eid=%d %s\n",
754  __func__, skb, packet->buf, packet->act_len,
755  eid, "error!");
756  } else {
757  ath6kl_dbg(ATH6KL_DBG_WLAN_TX,
758  "%s: skb=0x%p data=0x%p len=0x%x eid=%d %s\n",
759  __func__, skb, packet->buf, packet->act_len,
760  eid, "OK");
761 
762  flushing[if_idx] = false;
763  vif->net_stats.tx_packets++;
764  vif->net_stats.tx_bytes += skb->len;
765  }
766 
767  ath6kl_tx_clear_node_map(vif, eid, map_no);
768 
769  ath6kl_free_cookie(ar, ath6kl_cookie);
770 
771  if (test_bit(NETQ_STOPPED, &vif->flags))
772  clear_bit(NETQ_STOPPED, &vif->flags);
773  }
774 
775  spin_unlock_bh(&ar->lock);
776 
777  __skb_queue_purge(&skb_queue);
778 
779  /* FIXME: Locking */
780  spin_lock_bh(&ar->list_lock);
781  list_for_each_entry(vif, &ar->vif_list, list) {
782  if (test_bit(CONNECTED, &vif->flags) &&
783  !flushing[vif->fw_vif_idx]) {
784  spin_unlock_bh(&ar->list_lock);
785  netif_wake_queue(vif->ndev);
786  spin_lock_bh(&ar->list_lock);
787  }
788  }
789  spin_unlock_bh(&ar->list_lock);
790 
791  if (wake_event)
792  wake_up(&ar->event_wq);
793 
794  return;
795 
796 fatal:
797  WARN_ON(1);
798  spin_unlock_bh(&ar->lock);
799  return;
800 }
801 
802 void ath6kl_tx_data_cleanup(struct ath6kl *ar)
803 {
804  int i;
805 
806  /* flush all the data (non-control) streams */
807  for (i = 0; i < WMM_NUM_AC; i++)
808  ath6kl_htc_flush_txep(ar->htc_target, ar->ac2ep_map[i],
809  ATH6KL_DATA_PKT_TAG);
810 }
811 
812 /* Rx functions */
813 
814 static void ath6kl_deliver_frames_to_nw_stack(struct net_device *dev,
815  struct sk_buff *skb)
816 {
817  if (!skb)
818  return;
819 
820  skb->dev = dev;
821 
822  if (!(skb->dev->flags & IFF_UP)) {
823  dev_kfree_skb(skb);
824  return;
825  }
826 
827  skb->protocol = eth_type_trans(skb, skb->dev);
828 
829  netif_rx_ni(skb);
830 }
831 
832 static void ath6kl_alloc_netbufs(struct sk_buff_head *q, u16 num)
833 {
834  struct sk_buff *skb;
835 
836  while (num) {
837  skb = ath6kl_buf_alloc(ATH6KL_BUFFER_SIZE);
838  if (!skb) {
839  ath6kl_err("netbuf allocation failed\n");
840  return;
841  }
842  skb_queue_tail(q, skb);
843  num--;
844  }
845 }
846 
847 static struct sk_buff *aggr_get_free_skb(struct aggr_info *p_aggr)
848 {
849  struct sk_buff *skb = NULL;
850 
851  if (skb_queue_len(&p_aggr->rx_amsdu_freeq) <
852  (AGGR_NUM_OF_FREE_NETBUFS >> 2))
853  ath6kl_alloc_netbufs(&p_aggr->rx_amsdu_freeq,
854  AGGR_NUM_OF_FREE_NETBUFS);
855 
856  skb = skb_dequeue(&p_aggr->rx_amsdu_freeq);
857 
858  return skb;
859 }
860 
861 void ath6kl_rx_refill(struct htc_target *target, enum htc_endpoint_id endpoint)
862 {
863  struct ath6kl *ar = target->dev->ar;
864  struct sk_buff *skb;
865  int rx_buf;
866  int n_buf_refill;
867  struct htc_packet *packet;
868  struct list_head queue;
869 
870  n_buf_refill = ATH6KL_MAX_RX_BUFFERS -
871  ath6kl_htc_get_rxbuf_num(ar->htc_target, endpoint);
872 
873  if (n_buf_refill <= 0)
874  return;
875 
876  INIT_LIST_HEAD(&queue);
877 
878  ath6kl_dbg(ATH6KL_DBG_WLAN_RX,
879  "%s: providing htc with %d buffers at eid=%d\n",
880  __func__, n_buf_refill, endpoint);
881 
882  for (rx_buf = 0; rx_buf < n_buf_refill; rx_buf++) {
883  skb = ath6kl_buf_alloc(ATH6KL_BUFFER_SIZE);
884  if (!skb)
885  break;
886 
887  packet = (struct htc_packet *) skb->head;
888  if (!IS_ALIGNED((unsigned long) skb->data, 4))
889  skb->data = PTR_ALIGN(skb->data - 4, 4);
890  set_htc_rxpkt_info(packet, skb, skb->data,
891  ATH6KL_BUFFER_SIZE, endpoint);
892  packet->skb = skb;
893  list_add_tail(&packet->list, &queue);
894  }
895 
896  if (!list_empty(&queue))
897  ath6kl_htc_add_rxbuf_multiple(ar->htc_target, &queue);
898 }
899 
900 void ath6kl_refill_amsdu_rxbufs(struct ath6kl *ar, int count)
901 {
902  struct htc_packet *packet;
903  struct sk_buff *skb;
904 
905  while (count) {
906  skb = ath6kl_buf_alloc(ATH6KL_AMSDU_BUFFER_SIZE);
907  if (!skb)
908  return;
909 
910  packet = (struct htc_packet *) skb->head;
911  if (!IS_ALIGNED((unsigned long) skb->data, 4))
912  skb->data = PTR_ALIGN(skb->data - 4, 4);
913  set_htc_rxpkt_info(packet, skb, skb->data,
914  ATH6KL_AMSDU_BUFFER_SIZE, 0);
915  packet->skb = skb;
916 
917  spin_lock_bh(&ar->lock);
918  list_add_tail(&packet->list, &ar->amsdu_rx_buffer_queue);
919  spin_unlock_bh(&ar->lock);
920  count--;
921  }
922 }
923 
924 /*
925  * Callback to allocate a receive buffer for a pending packet. We use a
926  * pre-allocated list of buffers of maximum AMSDU size (4K).
927  */
928 struct htc_packet *ath6kl_alloc_amsdu_rxbuf(struct htc_target *target,
929  enum htc_endpoint_id endpoint,
930  int len)
931 {
932  struct ath6kl *ar = target->dev->ar;
933  struct htc_packet *packet = NULL;
934  struct list_head *pkt_pos;
935  int refill_cnt = 0, depth = 0;
936 
937  ath6kl_dbg(ATH6KL_DBG_WLAN_RX, "%s: eid=%d, len:%d\n",
938  __func__, endpoint, len);
939 
940  if ((len <= ATH6KL_BUFFER_SIZE) ||
941  (len > ATH6KL_AMSDU_BUFFER_SIZE))
942  return NULL;
943 
944  spin_lock_bh(&ar->lock);
945 
946  if (list_empty(&ar->amsdu_rx_buffer_queue)) {
947  spin_unlock_bh(&ar->lock);
948  refill_cnt = ATH6KL_MAX_AMSDU_RX_BUFFERS;
949  goto refill_buf;
950  }
951 
952  packet = list_first_entry(&ar->amsdu_rx_buffer_queue,
953  struct htc_packet, list);
954  list_del(&packet->list);
955  list_for_each(pkt_pos, &ar->amsdu_rx_buffer_queue)
956  depth++;
957 
958  refill_cnt = ATH6KL_MAX_AMSDU_RX_BUFFERS - depth;
959  spin_unlock_bh(&ar->lock);
960 
961  /* set actual endpoint ID */
962  packet->endpoint = endpoint;
963 
964 refill_buf:
965  if (refill_cnt >= ATH6KL_AMSDU_REFILL_THRESHOLD)
966  ath6kl_refill_amsdu_rxbufs(ar, refill_cnt);
967 
968  return packet;
969 }
970 
971 static void aggr_slice_amsdu(struct aggr_info *p_aggr,
972  struct rxtid *rxtid, struct sk_buff *skb)
973 {
974  struct sk_buff *new_skb;
975  struct ethhdr *hdr;
976  u16 frame_8023_len, payload_8023_len, mac_hdr_len, amsdu_len;
977  u8 *framep;
978 
979  mac_hdr_len = sizeof(struct ethhdr);
980  framep = skb->data + mac_hdr_len;
981  amsdu_len = skb->len - mac_hdr_len;
982 
983  while (amsdu_len > mac_hdr_len) {
984  hdr = (struct ethhdr *) framep;
985  payload_8023_len = ntohs(hdr->h_proto);
986 
987  if (payload_8023_len < MIN_MSDU_SUBFRAME_PAYLOAD_LEN ||
988  payload_8023_len > MAX_MSDU_SUBFRAME_PAYLOAD_LEN) {
989  ath6kl_err("802.3 AMSDU frame bound check failed. len %d\n",
990  payload_8023_len);
991  break;
992  }
993 
994  frame_8023_len = payload_8023_len + mac_hdr_len;
995  new_skb = aggr_get_free_skb(p_aggr);
996  if (!new_skb) {
997  ath6kl_err("no buffer available\n");
998  break;
999  }
1000 
1001  memcpy(new_skb->data, framep, frame_8023_len);
1002  skb_put(new_skb, frame_8023_len);
1003  if (ath6kl_wmi_dot3_2_dix(new_skb)) {
1004  ath6kl_err("dot3_2_dix error\n");
1005  dev_kfree_skb(new_skb);
1006  break;
1007  }
1008 
1009  skb_queue_tail(&rxtid->q, new_skb);
1010 
1011  /* Is this the last subframe within this aggregate ? */
1012  if ((amsdu_len - frame_8023_len) == 0)
1013  break;
1014 
1015  /* Add the length of A-MSDU subframe padding bytes -
1016  * Round to nearest word.
1017  */
1018  frame_8023_len = ALIGN(frame_8023_len, 4);
1019 
1020  framep += frame_8023_len;
1021  amsdu_len -= frame_8023_len;
1022  }
1023 
1024  dev_kfree_skb(skb);
1025 }
1026 
1027 static void aggr_deque_frms(struct aggr_info_conn *agg_conn, u8 tid,
1028  u16 seq_no, u8 order)
1029 {
1030  struct sk_buff *skb;
1031  struct rxtid *rxtid;
1032  struct skb_hold_q *node;
1033  u16 idx, idx_end, seq_end;
1034  struct rxtid_stats *stats;
1035 
1036  rxtid = &agg_conn->rx_tid[tid];
1037  stats = &agg_conn->stat[tid];
1038 
1039  spin_lock_bh(&rxtid->lock);
1040  idx = AGGR_WIN_IDX(rxtid->seq_next, rxtid->hold_q_sz);
1041 
1042  /*
1043  * idx_end is typically the last possible frame in the window,
1044  * but changes to 'the' seq_no, when BAR comes. If seq_no
1045  * is non-zero, we will go up to that and stop.
1046  * Note: last seq no in current window will occupy the same
1047  * index position as index that is just previous to start.
1048  * An imp point : if win_sz is 7, for seq_no space of 4095,
1049  * then, there would be holes when sequence wrap around occurs.
1050  * Target should judiciously choose the win_sz, based on
1051  * this condition. For 4095, (TID_WINDOW_SZ = 2 x win_sz
1052  * 2, 4, 8, 16 win_sz works fine).
1053  * We must deque from "idx" to "idx_end", including both.
1054  */
1055  seq_end = seq_no ? seq_no : rxtid->seq_next;
1056  idx_end = AGGR_WIN_IDX(seq_end, rxtid->hold_q_sz);
1057 
1058  do {
1059  node = &rxtid->hold_q[idx];
1060  if ((order == 1) && (!node->skb))
1061  break;
1062 
1063  if (node->skb) {
1064  if (node->is_amsdu)
1065  aggr_slice_amsdu(agg_conn->aggr_info, rxtid,
1066  node->skb);
1067  else
1068  skb_queue_tail(&rxtid->q, node->skb);
1069  node->skb = NULL;
1070  } else
1071  stats->num_hole++;
1072 
1073  rxtid->seq_next = ATH6KL_NEXT_SEQ_NO(rxtid->seq_next);
1074  idx = AGGR_WIN_IDX(rxtid->seq_next, rxtid->hold_q_sz);
1075  } while (idx != idx_end);
1076 
1077  spin_unlock_bh(&rxtid->lock);
1078 
1079  stats->num_delivered += skb_queue_len(&rxtid->q);
1080 
1081  while ((skb = skb_dequeue(&rxtid->q)))
1082  ath6kl_deliver_frames_to_nw_stack(agg_conn->dev, skb);
1083 }
1084 
1085 static bool aggr_process_recv_frm(struct aggr_info_conn *agg_conn, u8 tid,
1086  u16 seq_no,
1087  bool is_amsdu, struct sk_buff *frame)
1088 {
1089  struct rxtid *rxtid;
1090  struct rxtid_stats *stats;
1091  struct sk_buff *skb;
1092  struct skb_hold_q *node;
1093  u16 idx, st, cur, end;
1094  bool is_queued = false;
1095  u16 extended_end;
1096 
1097  rxtid = &agg_conn->rx_tid[tid];
1098  stats = &agg_conn->stat[tid];
1099 
1100  stats->num_into_aggr++;
1101 
1102  if (!rxtid->aggr) {
1103  if (is_amsdu) {
1104  aggr_slice_amsdu(agg_conn->aggr_info, rxtid, frame);
1105  is_queued = true;
1106  stats->num_amsdu++;
1107  while ((skb = skb_dequeue(&rxtid->q)))
1108  ath6kl_deliver_frames_to_nw_stack(agg_conn->dev,
1109  skb);
1110  }
1111  return is_queued;
1112  }
1113 
1114  /* Check the incoming sequence no, if it's in the window */
1115  st = rxtid->seq_next;
1116  cur = seq_no;
1117  end = (st + rxtid->hold_q_sz-1) & ATH6KL_MAX_SEQ_NO;
1118 
1119  if (((st < end) && (cur < st || cur > end)) ||
1120  ((st > end) && (cur > end) && (cur < st))) {
1121  extended_end = (end + rxtid->hold_q_sz - 1) &
1122  ATH6KL_MAX_SEQ_NO;
1123 
1124  if (((end < extended_end) &&
1125  (cur < end || cur > extended_end)) ||
1126  ((end > extended_end) && (cur > extended_end) &&
1127  (cur < end))) {
1128  aggr_deque_frms(agg_conn, tid, 0, 0);
1129  spin_lock_bh(&rxtid->lock);
1130  if (cur >= rxtid->hold_q_sz - 1)
1131  rxtid->seq_next = cur - (rxtid->hold_q_sz - 1);
1132  else
1133  rxtid->seq_next = ATH6KL_MAX_SEQ_NO -
1134  (rxtid->hold_q_sz - 2 - cur);
1135  spin_unlock_bh(&rxtid->lock);
1136  } else {
1137  /*
1138  * Dequeue only those frames that are outside the
1139  * new shifted window.
1140  */
1141  if (cur >= rxtid->hold_q_sz - 1)
1142  st = cur - (rxtid->hold_q_sz - 1);
1143  else
1144  st = ATH6KL_MAX_SEQ_NO -
1145  (rxtid->hold_q_sz - 2 - cur);
1146 
1147  aggr_deque_frms(agg_conn, tid, st, 0);
1148  }
1149 
1150  stats->num_oow++;
1151  }
1152 
1153  idx = AGGR_WIN_IDX(seq_no, rxtid->hold_q_sz);
1154 
1155  node = &rxtid->hold_q[idx];
1156 
1157  spin_lock_bh(&rxtid->lock);
1158 
1159  /*
1160  * Is the cur frame duplicate or something beyond our window(hold_q
1161  * -> which is 2x, already)?
1162  *
1163  * 1. Duplicate is easy - drop incoming frame.
1164  * 2. Not falling in current sliding window.
1165  * 2a. is the frame_seq_no preceding current tid_seq_no?
1166  * -> drop the frame. perhaps sender did not get our ACK.
1167  * this is taken care of above.
1168  * 2b. is the frame_seq_no beyond window(st, TID_WINDOW_SZ);
1169  * -> Taken care of it above, by moving window forward.
1170  */
1171  dev_kfree_skb(node->skb);
1172  stats->num_dups++;
1173 
1174  node->skb = frame;
1175  is_queued = true;
1176  node->is_amsdu = is_amsdu;
1177  node->seq_no = seq_no;
1178 
1179  if (node->is_amsdu)
1180  stats->num_amsdu++;
1181  else
1182  stats->num_mpdu++;
1183 
1184  spin_unlock_bh(&rxtid->lock);
1185 
1186  aggr_deque_frms(agg_conn, tid, 0, 1);
1187 
1188  if (agg_conn->timer_scheduled)
1189  return is_queued;
1190 
1191  spin_lock_bh(&rxtid->lock);
1192  for (idx = 0 ; idx < rxtid->hold_q_sz; idx++) {
1193  if (rxtid->hold_q[idx].skb) {
1194  /*
1195  * There is a frame in the queue and no
1196  * timer so start a timer to ensure that
1197  * the frame doesn't remain stuck
1198  * forever.
1199  */
1200  agg_conn->timer_scheduled = true;
1201  mod_timer(&agg_conn->timer,
1202  (jiffies + (HZ * AGGR_RX_TIMEOUT) / 1000));
1203  rxtid->timer_mon = true;
1204  break;
1205  }
1206  }
1207  spin_unlock_bh(&rxtid->lock);
1208 
1209  return is_queued;
1210 }
1211 
1212 static void ath6kl_uapsd_trigger_frame_rx(struct ath6kl_vif *vif,
1213  struct ath6kl_sta *conn)
1214 {
1215  struct ath6kl *ar = vif->ar;
1216  bool is_apsdq_empty, is_apsdq_empty_at_start;
1217  u32 num_frames_to_deliver, flags;
1218  struct sk_buff *skb = NULL;
1219 
1220  /*
1221  * If the APSD q for this STA is not empty, dequeue and
1222  * send a pkt from the head of the q. Also update the
1223  * More data bit in the WMI_DATA_HDR if there are
1224  * more pkts for this STA in the APSD q.
1225  * If there are no more pkts for this STA,
1226  * update the APSD bitmap for this STA.
1227  */
1228 
1229  num_frames_to_deliver = (conn->apsd_info >> ATH6KL_APSD_NUM_OF_AC) &
1230  ATH6KL_APSD_FRAME_MASK;
1231  /*
1232  * Number of frames to send in a service period is
1233  * indicated by the station
1234  * in the QOS_INFO of the association request
1235  * If it is zero, send all frames
1236  */
1237  if (!num_frames_to_deliver)
1238  num_frames_to_deliver = ATH6KL_APSD_ALL_FRAME;
1239 
1240  spin_lock_bh(&conn->psq_lock);
1241  is_apsdq_empty = skb_queue_empty(&conn->apsdq);
1242  spin_unlock_bh(&conn->psq_lock);
1243  is_apsdq_empty_at_start = is_apsdq_empty;
1244 
1245  while ((!is_apsdq_empty) && (num_frames_to_deliver)) {
1246 
1247  spin_lock_bh(&conn->psq_lock);
1248  skb = skb_dequeue(&conn->apsdq);
1249  is_apsdq_empty = skb_queue_empty(&conn->apsdq);
1250  spin_unlock_bh(&conn->psq_lock);
1251 
1252  /*
1253  * Set the STA flag to Trigger delivery,
1254  * so that the frame will go out
1255  */
1256  conn->sta_flags |= STA_PS_APSD_TRIGGER;
1257  num_frames_to_deliver--;
1258 
1259  /* Last frame in the service period, set EOSP or queue empty */
1260  if ((is_apsdq_empty) || (!num_frames_to_deliver))
1261  conn->sta_flags |= STA_PS_APSD_EOSP;
1262 
1263  ath6kl_data_tx(skb, vif->ndev);
1264  conn->sta_flags &= ~(STA_PS_APSD_TRIGGER);
1265  conn->sta_flags &= ~(STA_PS_APSD_EOSP);
1266  }
1267 
1268  if (is_apsdq_empty) {
1269  if (is_apsdq_empty_at_start)
1270  flags = WMI_AP_APSD_NO_DELIVERY_FRAMES;
1271  else
1272  flags = 0;
1273 
1274  ath6kl_wmi_set_apsd_bfrd_traf(ar->wmi,
1275  vif->fw_vif_idx,
1276  conn->aid, 0, flags);
1277  }
1278 
1279  return;
1280 }
1281 
1282 void ath6kl_rx(struct htc_target *target, struct htc_packet *packet)
1283 {
1284  struct ath6kl *ar = target->dev->ar;
1285  struct sk_buff *skb = packet->pkt_cntxt;
1286  struct wmi_rx_meta_v2 *meta;
1287  struct wmi_data_hdr *dhdr;
1288  int min_hdr_len;
1289  u8 meta_type, dot11_hdr = 0;
1290  u8 pad_before_data_start;
1291  int status = packet->status;
1292  enum htc_endpoint_id ept = packet->endpoint;
1293  bool is_amsdu, prev_ps, ps_state = false;
1294  bool trig_state = false;
1295  struct ath6kl_sta *conn = NULL;
1296  struct sk_buff *skb1 = NULL;
1297  struct ethhdr *datap = NULL;
1298  struct ath6kl_vif *vif;
1299  struct aggr_info_conn *aggr_conn;
1300  u16 seq_no, offset;
1301  u8 tid, if_idx;
1302 
1303  ath6kl_dbg(ATH6KL_DBG_WLAN_RX,
1304  "%s: ar=0x%p eid=%d, skb=0x%p, data=0x%p, len=0x%x status:%d",
1305  __func__, ar, ept, skb, packet->buf,
1306  packet->act_len, status);
1307 
1308  if (status || !(skb->data + HTC_HDR_LENGTH)) {
1309  dev_kfree_skb(skb);
1310  return;
1311  }
1312 
1313  skb_put(skb, packet->act_len + HTC_HDR_LENGTH);
1314  skb_pull(skb, HTC_HDR_LENGTH);
1315 
1316  ath6kl_dbg_dump(ATH6KL_DBG_RAW_BYTES, __func__, "rx ",
1317  skb->data, skb->len);
1318 
1319  if (ept == ar->ctrl_ep) {
1320  if (test_bit(WMI_ENABLED, &ar->flag)) {
1321  ath6kl_check_wow_status(ar);
1322  ath6kl_wmi_control_rx(ar->wmi, skb);
1323  return;
1324  }
1325  if_idx =
1326  wmi_cmd_hdr_get_if_idx((struct wmi_cmd_hdr *) skb->data);
1327  } else {
1328  if_idx =
1329  wmi_data_hdr_get_if_idx((struct wmi_data_hdr *) skb->data);
1330  }
1331 
1332  vif = ath6kl_get_vif_by_index(ar, if_idx);
1333  if (!vif) {
1334  dev_kfree_skb(skb);
1335  return;
1336  }
1337 
1338  /*
1339  * Take lock to protect buffer counts and adaptive power throughput
1340  * state.
1341  */
1342  spin_lock_bh(&vif->if_lock);
1343 
1344  vif->net_stats.rx_packets++;
1345  vif->net_stats.rx_bytes += packet->act_len;
1346 
1347  spin_unlock_bh(&vif->if_lock);
1348 
1349  skb->dev = vif->ndev;
1350 
1351  if (!test_bit(WMI_ENABLED, &ar->flag)) {
1352  if (EPPING_ALIGNMENT_PAD > 0)
1353  skb_pull(skb, EPPING_ALIGNMENT_PAD);
1354  ath6kl_deliver_frames_to_nw_stack(vif->ndev, skb);
1355  return;
1356  }
1357 
1358  ath6kl_check_wow_status(ar);
1359 
1360  min_hdr_len = sizeof(struct ethhdr) + sizeof(struct wmi_data_hdr) +
1361  sizeof(struct ath6kl_llc_snap_hdr);
1362 
1363  dhdr = (struct wmi_data_hdr *) skb->data;
1364 
1365  /*
1366  * In the case of AP mode we may receive NULL data frames
1367  * that do not have LLC hdr. They are 16 bytes in size.
1368  * Allow these frames in the AP mode.
1369  */
1370  if (vif->nw_type != AP_NETWORK &&
1371  ((packet->act_len < min_hdr_len) ||
1372  (packet->act_len > WMI_MAX_AMSDU_RX_DATA_FRAME_LENGTH))) {
1373  ath6kl_info("frame len is too short or too long\n");
1374  vif->net_stats.rx_errors++;
1375  vif->net_stats.rx_length_errors++;
1376  dev_kfree_skb(skb);
1377  return;
1378  }
1379 
1380  /* Get the Power save state of the STA */
1381  if (vif->nw_type == AP_NETWORK) {
1382  meta_type = wmi_data_hdr_get_meta(dhdr);
1383 
1384  ps_state = !!((dhdr->info >> WMI_DATA_HDR_PS_SHIFT) &
1385  WMI_DATA_HDR_PS_MASK);
1386 
1387  offset = sizeof(struct wmi_data_hdr);
1388  trig_state = !!(le16_to_cpu(dhdr->info3) & WMI_DATA_HDR_TRIG);
1389 
1390  switch (meta_type) {
1391  case 0:
1392  break;
1393  case WMI_META_VERSION_1:
1394  offset += sizeof(struct wmi_rx_meta_v1);
1395  break;
1396  case WMI_META_VERSION_2:
1397  offset += sizeof(struct wmi_rx_meta_v2);
1398  break;
1399  default:
1400  break;
1401  }
1402 
1403  datap = (struct ethhdr *) (skb->data + offset);
1404  conn = ath6kl_find_sta(vif, datap->h_source);
1405 
1406  if (!conn) {
1407  dev_kfree_skb(skb);
1408  return;
1409  }
1410 
1411  /*
1412  * If there is a change in PS state of the STA,
1413  * take appropriate steps:
1414  *
1415  * 1. If Sleep-->Awake, flush the psq for the STA
1416  * Clear the PVB for the STA.
1417  * 2. If Awake-->Sleep, Starting queueing frames
1418  * the STA.
1419  */
1420  prev_ps = !!(conn->sta_flags & STA_PS_SLEEP);
1421 
1422  if (ps_state)
1423  conn->sta_flags |= STA_PS_SLEEP;
1424  else
1425  conn->sta_flags &= ~STA_PS_SLEEP;
1426 
1427  /* Accept trigger only when the station is in sleep */
1428  if ((conn->sta_flags & STA_PS_SLEEP) && trig_state)
1429  ath6kl_uapsd_trigger_frame_rx(vif, conn);
1430 
1431  if (prev_ps ^ !!(conn->sta_flags & STA_PS_SLEEP)) {
1432  if (!(conn->sta_flags & STA_PS_SLEEP)) {
1433  struct sk_buff *skbuff = NULL;
1434  bool is_apsdq_empty;
1435  struct ath6kl_mgmt_buff *mgmt;
1436  u8 idx;
1437 
1438  spin_lock_bh(&conn->psq_lock);
1439  while (conn->mgmt_psq_len > 0) {
1440  mgmt = list_first_entry(
1441  &conn->mgmt_psq,
1442  struct ath6kl_mgmt_buff,
1443  list);
1444  list_del(&mgmt->list);
1445  conn->mgmt_psq_len--;
1446  spin_unlock_bh(&conn->psq_lock);
1447  idx = vif->fw_vif_idx;
1448 
1449  ath6kl_wmi_send_mgmt_cmd(ar->wmi,
1450  idx,
1451  mgmt->id,
1452  mgmt->freq,
1453  mgmt->wait,
1454  mgmt->buf,
1455  mgmt->len,
1456  mgmt->no_cck);
1457 
1458  kfree(mgmt);
1459  spin_lock_bh(&conn->psq_lock);
1460  }
1461  conn->mgmt_psq_len = 0;
1462  while ((skbuff = skb_dequeue(&conn->psq))) {
1463  spin_unlock_bh(&conn->psq_lock);
1464  ath6kl_data_tx(skbuff, vif->ndev);
1465  spin_lock_bh(&conn->psq_lock);
1466  }
1467 
1468  is_apsdq_empty = skb_queue_empty(&conn->apsdq);
1469  while ((skbuff = skb_dequeue(&conn->apsdq))) {
1470  spin_unlock_bh(&conn->psq_lock);
1471  ath6kl_data_tx(skbuff, vif->ndev);
1472  spin_lock_bh(&conn->psq_lock);
1473  }
1474  spin_unlock_bh(&conn->psq_lock);
1475 
1476  if (!is_apsdq_empty)
1477  ath6kl_wmi_set_apsd_bfrd_traf(
1478  ar->wmi,
1479  vif->fw_vif_idx,
1480  conn->aid, 0, 0);
1481 
1482  /* Clear the PVB for this STA */
1483  ath6kl_wmi_set_pvb_cmd(ar->wmi, vif->fw_vif_idx,
1484  conn->aid, 0);
1485  }
1486  }
1487 
1488  /* drop NULL data frames here */
1489  if ((packet->act_len < min_hdr_len) ||
1490  (packet->act_len >
1491  WMI_MAX_AMSDU_RX_DATA_FRAME_LENGTH)) {
1492  dev_kfree_skb(skb);
1493  return;
1494  }
1495  }
1496 
1497  is_amsdu = wmi_data_hdr_is_amsdu(dhdr) ? true : false;
1498  tid = wmi_data_hdr_get_up(dhdr);
1499  seq_no = wmi_data_hdr_get_seqno(dhdr);
1500  meta_type = wmi_data_hdr_get_meta(dhdr);
1501  dot11_hdr = wmi_data_hdr_get_dot11(dhdr);
1502  pad_before_data_start =
1503  (le16_to_cpu(dhdr->info3) >> WMI_DATA_HDR_PAD_BEFORE_DATA_SHIFT)
1504  & WMI_DATA_HDR_PAD_BEFORE_DATA_MASK;
1505 
1506  skb_pull(skb, sizeof(struct wmi_data_hdr));
1507 
1508  switch (meta_type) {
1509  case WMI_META_VERSION_1:
1510  skb_pull(skb, sizeof(struct wmi_rx_meta_v1));
1511  break;
1512  case WMI_META_VERSION_2:
1513  meta = (struct wmi_rx_meta_v2 *) skb->data;
1514  if (meta->csum_flags & 0x1) {
1515  skb->ip_summed = CHECKSUM_COMPLETE;
1516  skb->csum = (__force __wsum) meta->csum;
1517  }
1518  skb_pull(skb, sizeof(struct wmi_rx_meta_v2));
1519  break;
1520  default:
1521  break;
1522  }
1523 
1524  skb_pull(skb, pad_before_data_start);
1525 
1526  if (dot11_hdr)
1527  status = ath6kl_wmi_dot11_hdr_remove(ar->wmi, skb);
1528  else if (!is_amsdu)
1529  status = ath6kl_wmi_dot3_2_dix(skb);
1530 
1531  if (status) {
1532  /*
1533  * Drop frames that could not be processed (lack of
1534  * memory, etc.)
1535  */
1536  dev_kfree_skb(skb);
1537  return;
1538  }
1539 
1540  if (!(vif->ndev->flags & IFF_UP)) {
1541  dev_kfree_skb(skb);
1542  return;
1543  }
1544 
1545  if (vif->nw_type == AP_NETWORK) {
1546  datap = (struct ethhdr *) skb->data;
1547  if (is_multicast_ether_addr(datap->h_dest))
1548  /*
1549  * Bcast/Mcast frames should be sent to the
1550  * OS stack as well as on the air.
1551  */
1552  skb1 = skb_copy(skb, GFP_ATOMIC);
1553  else {
1554  /*
1555  * Search for a connected STA with dstMac
1556  * as the Mac address. If found send the
1557  * frame to it on the air else send the
1558  * frame up the stack.
1559  */
1560  conn = ath6kl_find_sta(vif, datap->h_dest);
1561 
1562  if (conn && ar->intra_bss) {
1563  skb1 = skb;
1564  skb = NULL;
1565  } else if (conn && !ar->intra_bss) {
1566  dev_kfree_skb(skb);
1567  skb = NULL;
1568  }
1569  }
1570  if (skb1)
1571  ath6kl_data_tx(skb1, vif->ndev);
1572 
1573  if (skb == NULL) {
1574  /* nothing to deliver up the stack */
1575  return;
1576  }
1577  }
1578 
1579  datap = (struct ethhdr *) skb->data;
1580 
1581  if (is_unicast_ether_addr(datap->h_dest)) {
1582  if (vif->nw_type == AP_NETWORK) {
1583  conn = ath6kl_find_sta(vif, datap->h_source);
1584  if (!conn)
1585  return;
1586  aggr_conn = conn->aggr_conn;
1587  } else
1588  aggr_conn = vif->aggr_cntxt->aggr_conn;
1589 
1590  if (aggr_process_recv_frm(aggr_conn, tid, seq_no,
1591  is_amsdu, skb)) {
1592  /* aggregation code will handle the skb */
1593  return;
1594  }
1595  } else if (!is_broadcast_ether_addr(datap->h_dest))
1596  vif->net_stats.multicast++;
1597 
1598  ath6kl_deliver_frames_to_nw_stack(vif->ndev, skb);
1599 }
1600 
1601 static void aggr_timeout(unsigned long arg)
1602 {
1603  u8 i, j;
1604  struct aggr_info_conn *aggr_conn = (struct aggr_info_conn *) arg;
1605  struct rxtid *rxtid;
1606  struct rxtid_stats *stats;
1607 
1608  for (i = 0; i < NUM_OF_TIDS; i++) {
1609  rxtid = &aggr_conn->rx_tid[i];
1610  stats = &aggr_conn->stat[i];
1611 
1612  if (!rxtid->aggr || !rxtid->timer_mon)
1613  continue;
1614 
1615  stats->num_timeouts++;
1616  ath6kl_dbg(ATH6KL_DBG_AGGR,
1617  "aggr timeout (st %d end %d)\n",
1618  rxtid->seq_next,
1619  ((rxtid->seq_next + rxtid->hold_q_sz-1) &
1620  ATH6KL_MAX_SEQ_NO));
1621  aggr_deque_frms(aggr_conn, i, 0, 0);
1622  }
1623 
1624  aggr_conn->timer_scheduled = false;
1625 
1626  for (i = 0; i < NUM_OF_TIDS; i++) {
1627  rxtid = &aggr_conn->rx_tid[i];
1628 
1629  if (rxtid->aggr && rxtid->hold_q) {
1630  spin_lock_bh(&rxtid->lock);
1631  for (j = 0; j < rxtid->hold_q_sz; j++) {
1632  if (rxtid->hold_q[j].skb) {
1633  aggr_conn->timer_scheduled = true;
1634  rxtid->timer_mon = true;
1635  break;
1636  }
1637  }
1638  spin_unlock_bh(&rxtid->lock);
1639 
1640  if (j >= rxtid->hold_q_sz)
1641  rxtid->timer_mon = false;
1642  }
1643  }
1644 
1645  if (aggr_conn->timer_scheduled)
1646  mod_timer(&aggr_conn->timer,
1647  jiffies + msecs_to_jiffies(AGGR_RX_TIMEOUT));
1648 }
1649 
1650 static void aggr_delete_tid_state(struct aggr_info_conn *aggr_conn, u8 tid)
1651 {
1652  struct rxtid *rxtid;
1653  struct rxtid_stats *stats;
1654 
1655  if (!aggr_conn || tid >= NUM_OF_TIDS)
1656  return;
1657 
1658  rxtid = &aggr_conn->rx_tid[tid];
1659  stats = &aggr_conn->stat[tid];
1660 
1661  if (rxtid->aggr)
1662  aggr_deque_frms(aggr_conn, tid, 0, 0);
1663 
1664  rxtid->aggr = false;
1665  rxtid->timer_mon = false;
1666  rxtid->win_sz = 0;
1667  rxtid->seq_next = 0;
1668  rxtid->hold_q_sz = 0;
1669 
1670  kfree(rxtid->hold_q);
1671  rxtid->hold_q = NULL;
1672 
1673  memset(stats, 0, sizeof(struct rxtid_stats));
1674 }
1675 
1676 void aggr_recv_addba_req_evt(struct ath6kl_vif *vif, u8 tid_mux, u16 seq_no,
1677  u8 win_sz)
1678 {
1679  struct ath6kl_sta *sta;
1680  struct aggr_info_conn *aggr_conn = NULL;
1681  struct rxtid *rxtid;
1682  struct rxtid_stats *stats;
1683  u16 hold_q_size;
1684  u8 tid, aid;
1685 
1686  if (vif->nw_type == AP_NETWORK) {
1687  aid = ath6kl_get_aid(tid_mux);
1688  sta = ath6kl_find_sta_by_aid(vif->ar, aid);
1689  if (sta)
1690  aggr_conn = sta->aggr_conn;
1691  } else
1692  aggr_conn = vif->aggr_cntxt->aggr_conn;
1693 
1694  if (!aggr_conn)
1695  return;
1696 
1697  tid = ath6kl_get_tid(tid_mux);
1698  if (tid >= NUM_OF_TIDS)
1699  return;
1700 
1701  rxtid = &aggr_conn->rx_tid[tid];
1702  stats = &aggr_conn->stat[tid];
1703 
1704  if (win_sz < AGGR_WIN_SZ_MIN || win_sz > AGGR_WIN_SZ_MAX)
1705  ath6kl_dbg(ATH6KL_DBG_WLAN_RX, "%s: win_sz %d, tid %d\n",
1706  __func__, win_sz, tid);
1707 
1708  if (rxtid->aggr)
1709  aggr_delete_tid_state(aggr_conn, tid);
1710 
1711  rxtid->seq_next = seq_no;
1712  hold_q_size = TID_WINDOW_SZ(win_sz) * sizeof(struct skb_hold_q);
1713  rxtid->hold_q = kzalloc(hold_q_size, GFP_KERNEL);
1714  if (!rxtid->hold_q)
1715  return;
1716 
1717  rxtid->win_sz = win_sz;
1718  rxtid->hold_q_sz = TID_WINDOW_SZ(win_sz);
1719  if (!skb_queue_empty(&rxtid->q))
1720  return;
1721 
1722  rxtid->aggr = true;
1723 }
1724 
1725 void aggr_conn_init(struct ath6kl_vif *vif, struct aggr_info *aggr_info,
1726  struct aggr_info_conn *aggr_conn)
1727 {
1728  struct rxtid *rxtid;
1729  u8 i;
1730 
1731  aggr_conn->aggr_sz = AGGR_SZ_DEFAULT;
1732  aggr_conn->dev = vif->ndev;
1733  init_timer(&aggr_conn->timer);
1734  aggr_conn->timer.function = aggr_timeout;
1735  aggr_conn->timer.data = (unsigned long) aggr_conn;
1736  aggr_conn->aggr_info = aggr_info;
1737 
1738  aggr_conn->timer_scheduled = false;
1739 
1740  for (i = 0; i < NUM_OF_TIDS; i++) {
1741  rxtid = &aggr_conn->rx_tid[i];
1742  rxtid->aggr = false;
1743  rxtid->timer_mon = false;
1744  skb_queue_head_init(&rxtid->q);
1745  spin_lock_init(&rxtid->lock);
1746  }
1747 
1748 }
1749 
1750 struct aggr_info *aggr_init(struct ath6kl_vif *vif)
1751 {
1752  struct aggr_info *p_aggr = NULL;
1753 
1754  p_aggr = kzalloc(sizeof(struct aggr_info), GFP_KERNEL);
1755  if (!p_aggr) {
1756  ath6kl_err("failed to alloc memory for aggr_node\n");
1757  return NULL;
1758  }
1759 
1760  p_aggr->aggr_conn = kzalloc(sizeof(struct aggr_info_conn), GFP_KERNEL);
1761  if (!p_aggr->aggr_conn) {
1762  ath6kl_err("failed to alloc memory for connection specific aggr info\n");
1763  kfree(p_aggr);
1764  return NULL;
1765  }
1766 
1767  aggr_conn_init(vif, p_aggr, p_aggr->aggr_conn);
1768 
1769  skb_queue_head_init(&p_aggr->rx_amsdu_freeq);
1770  ath6kl_alloc_netbufs(&p_aggr->rx_amsdu_freeq, AGGR_NUM_OF_FREE_NETBUFS);
1771 
1772  return p_aggr;
1773 }
1774 
1775 void aggr_recv_delba_req_evt(struct ath6kl_vif *vif, u8 tid_mux)
1776 {
1777  struct ath6kl_sta *sta;
1778  struct rxtid *rxtid;
1779  struct aggr_info_conn *aggr_conn = NULL;
1780  u8 tid, aid;
1781 
1782  if (vif->nw_type == AP_NETWORK) {
1783  aid = ath6kl_get_aid(tid_mux);
1784  sta = ath6kl_find_sta_by_aid(vif->ar, aid);
1785  if (sta)
1786  aggr_conn = sta->aggr_conn;
1787  } else
1788  aggr_conn = vif->aggr_cntxt->aggr_conn;
1789 
1790  if (!aggr_conn)
1791  return;
1792 
1793  tid = ath6kl_get_tid(tid_mux);
1794  if (tid >= NUM_OF_TIDS)
1795  return;
1796 
1797  rxtid = &aggr_conn->rx_tid[tid];
1798 
1799  if (rxtid->aggr)
1800  aggr_delete_tid_state(aggr_conn, tid);
1801 }
1802 
1803 void aggr_reset_state(struct aggr_info_conn *aggr_conn)
1804 {
1805  u8 tid;
1806 
1807  if (!aggr_conn)
1808  return;
1809 
1810  if (aggr_conn->timer_scheduled) {
1811  del_timer(&aggr_conn->timer);
1812  aggr_conn->timer_scheduled = false;
1813  }
1814 
1815  for (tid = 0; tid < NUM_OF_TIDS; tid++)
1816  aggr_delete_tid_state(aggr_conn, tid);
1817 }
1818 
1819 /* clean up our amsdu buffer list */
1820 void ath6kl_cleanup_amsdu_rxbufs(struct ath6kl *ar)
1821 {
1822  struct htc_packet *packet, *tmp_pkt;
1823 
1824  spin_lock_bh(&ar->lock);
1825  if (list_empty(&ar->amsdu_rx_buffer_queue)) {
1826  spin_unlock_bh(&ar->lock);
1827  return;
1828  }
1829 
1830  list_for_each_entry_safe(packet, tmp_pkt, &ar->amsdu_rx_buffer_queue,
1831  list) {
1832  list_del(&packet->list);
1833  spin_unlock_bh(&ar->lock);
1834  dev_kfree_skb(packet->pkt_cntxt);
1835  spin_lock_bh(&ar->lock);
1836  }
1837 
1838  spin_unlock_bh(&ar->lock);
1839 }
1840 
1841 void aggr_module_destroy(struct aggr_info *aggr_info)
1842 {
1843  if (!aggr_info)
1844  return;
1845 
1846  aggr_reset_state(aggr_info->aggr_conn);
1847  skb_queue_purge(&aggr_info->rx_amsdu_freeq);
1848  kfree(aggr_info->aggr_conn);
1849  kfree(aggr_info);
1850 }
Generated on Thu Jan 10 2013 14:08:45 for Linux Kernel by   doxygen 1.8.2