2 * ---------------------------------------------------------------------------
6 * This file provides the upper edge interface to the linux netdevice
7 * and wireless extensions.
8 * It is part of the porting exercise.
10 * Copyright (C) 2005-2010 by Cambridge Silicon Radio Ltd.
12 * Refer to LICENSE.txt included with this source code for details on
15 * ---------------------------------------------------------------------------
20 * This file implements the data plane of the UniFi linux driver.
22 * All the Tx packets are passed to the HIP core lib, using the
23 * unifi_send_signal() API. For EAPOL packets use the MLME-EAPOL.req
24 * signal, for all other use the MLME-UNITDATA.req. The unifi_send_signal()
25 * expects the wire-formatted (packed) signal. For convenience, in the OS
26 * layer we only use the native (unpacked) signal structures. The HIP core lib
27 * provides the write_pack() helper function to convert to the packed signal.
28 * The packet is stored in the bulk data of the signal. We do not need to
29 * allocate new memory to store the packet, because unifi_net_data_malloc()
30 * is implemented to return a skb, which is the format of packet in Linux.
31 * The HIP core lib frees the bulk data buffers, so we do not need to do
32 * this in the OS layer.
34 * All the Rx packets are MLME-UNITDATA.ind signals, passed by the HIP core lib
35 * in unifi_receive_event(). We do not need to allocate an skb and copy the
36 * received packet because the HIP core lib has stored in memory allocated by
37 * unifi_net_data_malloc(). Also, we can perform the 802.11 to Ethernet
38 * translation in-place because we allocate the extra memory allocated in
39 * unifi_net_data_malloc().
41 * If possible, the porting exercise should appropriately implement
42 * unifi_net_data_malloc() and unifi_net_data_free() to save copies between
43 * network and driver buffers.
46 #include <linux/types.h>
47 #include <linux/etherdevice.h>
48 #include <linux/mutex.h>
49 #include <linux/semaphore.h>
50 #include <linux/version.h>
51 #include <linux/vmalloc.h>
52 #include "csr_wifi_hip_unifi.h"
53 #include "csr_wifi_hip_conversions.h"
54 #include "unifi_priv.h"
55 #include <net/pkt_sched.h>
59 #define UF_ALLOC_NETDEV(_dev, _size, _name, _setup, _num_of_queues) \
61 static char name[8]; \
62 sprintf(name, "%s%s", UNIFI_NET_NAME, _name); \
63 _dev = alloc_netdev_mq(_size, name, _setup, _num_of_queues); \
66 #define UF_ALLOC_NETDEV(_dev, _size, _name, _setup, _num_of_queues) \
68 _dev = alloc_etherdev_mq(_size, _num_of_queues); \
70 #endif /* UNIFI_NET_NAME */
73 /* Wext handler is suported only if CSR_SUPPORT_WEXT is defined */
74 #ifdef CSR_SUPPORT_WEXT
75 extern struct iw_handler_def unifi_iw_handler_def;
76 #endif /* CSR_SUPPORT_WEXT */
77 static void check_ba_frame_age_timeout( unifi_priv_t *priv,
78 netInterface_priv_t *interfacePriv,
79 ba_session_rx_struct *ba_session);
80 static void process_ba_frame(unifi_priv_t *priv,
81 netInterface_priv_t *interfacePriv,
82 ba_session_rx_struct *ba_session,
83 frame_desc_struct *frame_desc);
84 static void process_ba_complete(unifi_priv_t *priv, netInterface_priv_t *interfacePriv);
85 static void process_ma_packet_error_ind(unifi_priv_t *priv, CSR_SIGNAL *signal, bulk_data_param_t *bulkdata);
86 static void process_amsdu(unifi_priv_t *priv, CSR_SIGNAL *signal, bulk_data_param_t *bulkdata);
87 static int uf_net_open(struct net_device *dev);
88 static int uf_net_ioctl(struct net_device *dev, struct ifreq *rq, int cmd);
89 static int uf_net_stop(struct net_device *dev);
90 static struct net_device_stats *uf_net_get_stats(struct net_device *dev);
91 static u16 uf_net_select_queue(struct net_device *dev, struct sk_buff *skb);
92 static netdev_tx_t uf_net_xmit(struct sk_buff *skb, struct net_device *dev);
93 static void uf_set_multicast_list(struct net_device *dev);
96 typedef int (*tx_signal_handler)(unifi_priv_t *priv, struct sk_buff *skb, const struct ethhdr *ehdr, CSR_PRIORITY priority);
98 #ifdef CONFIG_NET_SCHED
100 * Queueing Discipline Interface
101 * Only used if kernel is configured with CONFIG_NET_SCHED
105 * The driver uses the qdisc interface to buffer and control all
106 * outgoing traffic. We create a root qdisc, register our qdisc operations
107 * and later we create two subsiduary pfifo queues for the uncontrolled
108 * and controlled ports.
110 * The network stack delivers all outgoing packets in our enqueue handler.
111 * There, we classify the packet and decide whether to store it or drop it
112 * (if the controlled port state is set to "discard").
113 * If the packet is enqueued, the network stack call our dequeue handler.
114 * There, we decide whether we can send the packet, delay it or drop it
115 * (the controlled port configuration might have changed meanwhile).
116 * If a packet is dequeued, then the network stack calls our hard_start_xmit
117 * handler where finally we send the packet.
119 * If the hard_start_xmit handler fails to send the packet, we return
120 * NETDEV_TX_BUSY and the network stack call our requeue handler where
121 * we put the packet back in the same queue in came from.
127 /* Traffic Classifier TBD */
128 struct tcf_proto *filter_list;
130 struct Qdisc *queues[UNIFI_TRAFFIC_Q_MAX];
133 struct uf_tx_packet_data {
134 /* Queue the packet is stored in */
135 unifi_TrafficQueue queue;
136 /* QoS Priority determined when enqueing packet */
137 CSR_PRIORITY priority;
139 unsigned long host_tag;
142 #endif /* CONFIG_NET_SCHED */
144 static const struct net_device_ops uf_netdev_ops =
146 .ndo_open = uf_net_open,
147 .ndo_stop = uf_net_stop,
148 .ndo_start_xmit = uf_net_xmit,
149 .ndo_do_ioctl = uf_net_ioctl,
150 .ndo_get_stats = uf_net_get_stats, /* called by /proc/net/dev */
151 .ndo_set_rx_mode = uf_set_multicast_list,
152 .ndo_select_queue = uf_net_select_queue,
155 static u8 oui_rfc1042[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 };
156 static u8 oui_8021h[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 };
159 /* Callback for event logging to blocking clients */
160 static void netdev_mlme_event_handler(ul_client_t *client,
161 const u8 *sig_packed, int sig_len,
162 const bulk_data_param_t *bulkdata,
165 #ifdef CSR_SUPPORT_WEXT
166 /* Declare netdev_notifier block which will contain the state change
167 * handler callback function
169 static struct notifier_block uf_netdev_notifier;
173 * ---------------------------------------------------------------------------
176 * Allocate memory for the net_device and device private structs
177 * for this interface.
178 * Fill in the fields, but don't register the interface yet.
179 * We need to configure the UniFi first.
182 * sdio_dev Pointer to SDIO context handle to use for all
184 * bus_id A small number indicating the SDIO card position on the
185 * bus. Typically this is the slot number, e.g. 0, 1 etc.
186 * Valid values are 0 to MAX_UNIFI_DEVS-1.
189 * Pointer to device private struct.
192 * The net_device and device private structs are allocated together
193 * and should be freed by freeing the net_device pointer.
194 * ---------------------------------------------------------------------------
197 uf_alloc_netdevice(CsrSdioFunction *sdio_dev, int bus_id)
199 struct net_device *dev;
201 netInterface_priv_t *interfacePriv;
202 #ifdef CSR_SUPPORT_WEXT
205 unsigned char i; /* loop index */
208 * Allocate netdevice struct, assign name template and
209 * setup as an ethernet device.
210 * The net_device and private structs are zeroed. Ether_setup() then
211 * sets up ethernet handlers and values.
212 * The RedHat 9 redhat-config-network tool doesn't recognise wlan* devices,
213 * so use "eth*" (like other wireless extns drivers).
215 UF_ALLOC_NETDEV(dev, sizeof(unifi_priv_t)+sizeof(netInterface_priv_t), "%d", ether_setup, UNIFI_TRAFFIC_Q_MAX);
221 /* Set up back pointer from priv to netdev */
222 interfacePriv = (netInterface_priv_t *)netdev_priv(dev);
223 priv = (unifi_priv_t *)(interfacePriv + 1);
224 interfacePriv->privPtr = priv;
225 interfacePriv->InterfaceTag = 0;
228 /* Initialize all supported netdev interface to be NULL */
229 for(i=0; i<CSR_WIFI_NUM_INTERFACES; i++) {
230 priv->netdev[i] = NULL;
231 priv->interfacePriv[i] = NULL;
233 priv->netdev[0] = dev;
234 priv->interfacePriv[0] = interfacePriv;
236 /* Setup / override net_device fields */
237 dev->netdev_ops = &uf_netdev_ops;
239 #ifdef CSR_SUPPORT_WEXT
240 dev->wireless_handlers = &unifi_iw_handler_def;
241 #if IW_HANDLER_VERSION < 6
242 dev->get_wireless_stats = unifi_get_wireless_stats;
243 #endif /* IW_HANDLER_VERSION */
244 #endif /* CSR_SUPPORT_WEXT */
246 /* This gives us enough headroom to add the 802.11 header */
247 dev->needed_headroom = 32;
249 /* Use bus_id as instance number */
250 priv->instance = bus_id;
251 /* Store SDIO pointer to pass in the core */
252 priv->sdio = sdio_dev;
254 sdio_dev->driverData = (void*)priv;
255 /* Consider UniFi to be uninitialised */
256 priv->init_progress = UNIFI_INIT_NONE;
258 priv->prev_queue = 0;
261 * Initialise the clients structure array.
262 * We do not need protection around ul_init_clients() because
263 * the character device can not be used until uf_alloc_netdevice()
264 * returns and Unifi_instances[bus_id]=priv is set, since unifi_open()
265 * will return -ENODEV.
267 ul_init_clients(priv);
270 * Register a new ul client to send the multicast list signals.
271 * Note: priv->instance must be set before calling this.
273 priv->netdev_client = ul_register_client(priv,
275 netdev_mlme_event_handler);
276 if (priv->netdev_client == NULL) {
278 "Failed to register a unifi client for background netdev processing\n");
279 free_netdev(priv->netdev[0]);
282 unifi_trace(priv, UDBG2, "Netdev %p client (id:%d s:0x%X) is registered\n",
283 dev, priv->netdev_client->client_id, priv->netdev_client->sender_id);
285 priv->sta_wmm_capabilities = 0;
287 #if (defined(CSR_WIFI_SECURITY_WAPI_ENABLE) && defined(CSR_SUPPORT_SME))
288 priv->wapi_multicast_filter = 0;
289 priv->wapi_unicast_filter = 0;
290 priv->wapi_unicast_queued_pkt_filter = 0;
291 #ifdef CSR_WIFI_SECURITY_WAPI_QOSCTRL_MIC_WORKAROUND
292 priv->isWapiConnection = FALSE;
296 /* Enable all queues by default */
297 interfacePriv->queueEnabled[0] = 1;
298 interfacePriv->queueEnabled[1] = 1;
299 interfacePriv->queueEnabled[2] = 1;
300 interfacePriv->queueEnabled[3] = 1;
302 #ifdef CSR_SUPPORT_SME
303 priv->allPeerDozing = 0;
306 * Initialise the OS private struct.
309 * Instead of deciding in advance to use 11bg or 11a, we could do a more
310 * clever scan on both radios.
313 priv->if_index = CSR_INDEX_5G;
314 unifi_info(priv, "Using the 802.11a radio\n");
316 priv->if_index = CSR_INDEX_2G4;
319 /* Initialise bh thread structure */
320 priv->bh_thread.thread_task = NULL;
321 priv->bh_thread.block_thread = 1;
322 init_waitqueue_head(&priv->bh_thread.wakeup_q);
323 priv->bh_thread.wakeup_flag = 0;
324 sprintf(priv->bh_thread.name, "uf_bh_thread");
326 /* reset the connected state for the interface */
327 interfacePriv->connected = UnifiConnectedUnknown; /* -1 unknown, 0 no, 1 yes */
329 #ifdef USE_DRIVER_LOCK
330 sema_init(&priv->lock, 1);
331 #endif /* USE_DRIVER_LOCK */
333 spin_lock_init(&priv->send_signal_lock);
335 spin_lock_init(&priv->m4_lock);
336 sema_init(&priv->ba_mutex, 1);
338 #if (defined(CSR_WIFI_SECURITY_WAPI_ENABLE) && defined(CSR_WIFI_SECURITY_WAPI_SW_ENCRYPTION))
339 spin_lock_init(&priv->wapi_lock);
342 #ifdef CSR_SUPPORT_SME
343 spin_lock_init(&priv->staRecord_lock);
344 spin_lock_init(&priv->tx_q_lock);
347 /* Create the Traffic Analysis workqueue */
348 priv->unifi_workqueue = create_singlethread_workqueue("unifi_workq");
349 if (priv->unifi_workqueue == NULL) {
350 /* Deregister priv->netdev_client */
351 ul_deregister_client(priv->netdev_client);
352 free_netdev(priv->netdev[0]);
356 #ifdef CSR_SUPPORT_SME
357 /* Create the Multicast Addresses list work structure */
358 INIT_WORK(&priv->multicast_list_task, uf_multicast_list_wq);
360 /* Create m4 buffering work structure */
361 INIT_WORK(&interfacePriv->send_m4_ready_task, uf_send_m4_ready_wq);
363 #if (defined(CSR_WIFI_SECURITY_WAPI_ENABLE) && defined(CSR_WIFI_SECURITY_WAPI_SW_ENCRYPTION))
364 /* Create work structure to buffer the WAPI data packets to be sent to SME for encryption */
365 INIT_WORK(&interfacePriv->send_pkt_to_encrypt, uf_send_pkt_to_encrypt);
371 priv->amp_client = NULL;
372 priv->coredump_mode = 0;
373 priv->ptest_mode = 0;
374 priv->wol_suspend = FALSE;
375 INIT_LIST_HEAD(&interfacePriv->rx_uncontrolled_list);
376 INIT_LIST_HEAD(&interfacePriv->rx_controlled_list);
377 sema_init(&priv->rx_q_sem, 1);
379 #ifdef CSR_SUPPORT_WEXT
380 interfacePriv->netdev_callback_registered = FALSE;
381 interfacePriv->wait_netdev_change = FALSE;
382 /* Register callback for netdevice state changes */
383 if ((rc = register_netdevice_notifier(&uf_netdev_notifier)) == 0) {
384 interfacePriv->netdev_callback_registered = TRUE;
387 unifi_warning(priv, "Failed to register netdevice notifier : %d %p\n", rc, dev);
389 #endif /* CSR_SUPPORT_WEXT */
391 #ifdef CSR_WIFI_SPLIT_PATCH
392 /* set it to some invalid value */
393 priv->pending_mode_set.common.destination = 0xaaaa;
397 } /* uf_alloc_netdevice() */
400 *---------------------------------------------------------------------------
401 * uf_alloc_netdevice_for_other_interfaces
403 * Allocate memory for the net_device and device private structs
404 * for this interface.
405 * Fill in the fields, but don't register the interface yet.
406 * We need to configure the UniFi first.
409 * interfaceTag Interface number.
410 * sdio_dev Pointer to SDIO context handle to use for all
412 * bus_id A small number indicating the SDIO card position on the
413 * bus. Typically this is the slot number, e.g. 0, 1 etc.
414 * Valid values are 0 to MAX_UNIFI_DEVS-1.
417 * Pointer to device private struct.
420 * The device private structure contains the interfaceTag and pointer to the unifi_priv
421 * structure created allocated by net_device od interface0.
422 * The net_device and device private structs are allocated together
423 * and should be freed by freeing the net_device pointer.
424 * ---------------------------------------------------------------------------
427 uf_alloc_netdevice_for_other_interfaces(unifi_priv_t *priv, u16 interfaceTag)
429 struct net_device *dev;
430 netInterface_priv_t *interfacePriv;
433 * Allocate netdevice struct, assign name template and
434 * setup as an ethernet device.
435 * The net_device and private structs are zeroed. Ether_setup() then
436 * sets up ethernet handlers and values.
437 * The RedHat 9 redhat-config-network tool doesn't recognise wlan* devices,
438 * so use "eth*" (like other wireless extns drivers).
440 UF_ALLOC_NETDEV(dev, sizeof(netInterface_priv_t), "%d", ether_setup, 1);
445 if (interfaceTag >= CSR_WIFI_NUM_INTERFACES) {
446 unifi_error(priv, "uf_alloc_netdevice_for_other_interfaces bad interfaceTag\n");
450 /* Set up back pointer from priv to netdev */
451 interfacePriv = (netInterface_priv_t *)netdev_priv(dev);
452 interfacePriv->privPtr = priv;
453 interfacePriv->InterfaceTag = interfaceTag;
454 priv->netdev[interfaceTag] = dev;
455 priv->interfacePriv[interfacePriv->InterfaceTag] = interfacePriv;
457 /* reset the connected state for the interface */
458 interfacePriv->connected = UnifiConnectedUnknown; /* -1 unknown, 0 no, 1 yes */
459 INIT_LIST_HEAD(&interfacePriv->rx_uncontrolled_list);
460 INIT_LIST_HEAD(&interfacePriv->rx_controlled_list);
462 /* Setup / override net_device fields */
463 dev->netdev_ops = &uf_netdev_ops;
465 #ifdef CSR_SUPPORT_WEXT
466 dev->wireless_handlers = &unifi_iw_handler_def;
467 #if IW_HANDLER_VERSION < 6
468 dev->get_wireless_stats = unifi_get_wireless_stats;
469 #endif /* IW_HANDLER_VERSION */
470 #endif /* CSR_SUPPORT_WEXT */
472 } /* uf_alloc_netdevice() */
477 * ---------------------------------------------------------------------------
480 * Unregister the network device and free the memory allocated for it.
481 * NB This includes the memory for the priv struct.
484 * priv Device private pointer.
488 * ---------------------------------------------------------------------------
491 uf_free_netdevice(unifi_priv_t *priv)
498 unifi_trace(priv, UDBG1, "uf_free_netdevice\n");
505 * Free any buffers used for holding firmware
507 uf_release_firmware_files(priv);
509 #if (defined CSR_SUPPORT_SME) && (defined CSR_SUPPORT_WEXT)
510 if (priv->connection_config.mlmeAssociateReqInformationElements) {
511 kfree(priv->connection_config.mlmeAssociateReqInformationElements);
513 priv->connection_config.mlmeAssociateReqInformationElements = NULL;
514 priv->connection_config.mlmeAssociateReqInformationElementsLength = 0;
516 if (priv->mib_data.length) {
517 vfree(priv->mib_data.data);
519 priv->mib_data.data = NULL;
520 priv->mib_data.length = 0;
522 #endif /* CSR_SUPPORT_SME && CSR_SUPPORT_WEXT*/
524 /* Free any bulkdata buffers allocated for M4 caching */
525 spin_lock_irqsave(&priv->m4_lock, flags);
526 for (i = 0; i < CSR_WIFI_NUM_INTERFACES; i++) {
527 netInterface_priv_t *interfacePriv = priv->interfacePriv[i];
528 if (interfacePriv->m4_bulk_data.data_length > 0) {
529 unifi_trace(priv, UDBG5, "uf_free_netdevice: free M4 bulkdata %d\n", i);
530 unifi_net_data_free(priv, &interfacePriv->m4_bulk_data);
533 spin_unlock_irqrestore(&priv->m4_lock, flags);
535 #if (defined(CSR_WIFI_SECURITY_WAPI_ENABLE) && defined(CSR_WIFI_SECURITY_WAPI_SW_ENCRYPTION))
536 /* Free any bulkdata buffers allocated for M4 caching */
537 spin_lock_irqsave(&priv->wapi_lock, flags);
538 for (i = 0; i < CSR_WIFI_NUM_INTERFACES; i++) {
539 netInterface_priv_t *interfacePriv = priv->interfacePriv[i];
540 if (interfacePriv->wapi_unicast_bulk_data.data_length > 0) {
541 unifi_trace(priv, UDBG5, "uf_free_netdevice: free WAPI PKT bulk data %d\n", i);
542 unifi_net_data_free(priv, &interfacePriv->wapi_unicast_bulk_data);
545 spin_unlock_irqrestore(&priv->wapi_lock, flags);
548 #ifdef CSR_SUPPORT_WEXT
549 /* Unregister callback for netdevice state changes */
550 unregister_netdevice_notifier(&uf_netdev_notifier);
551 #endif /* CSR_SUPPORT_WEXT */
553 #ifdef CSR_SUPPORT_SME
554 /* Cancel work items and destroy the workqueue */
555 cancel_work_sync(&priv->multicast_list_task);
557 /* Destroy the workqueues. */
558 flush_workqueue(priv->unifi_workqueue);
559 destroy_workqueue(priv->unifi_workqueue);
561 /* Free up netdev in reverse order: priv is allocated with netdev[0].
562 * So, netdev[0] should be freed after all other netdevs are freed up
564 for (i=CSR_WIFI_NUM_INTERFACES-1; i>=0; i--) {
565 /*Free the netdev struct and priv, which are all one lump*/
566 if (priv->netdev[i]) {
567 unifi_error(priv, "uf_free_netdevice: netdev %d %p\n", i, priv->netdev[i]);
568 free_netdev(priv->netdev[i]);
574 } /* uf_free_netdevice() */
578 * ---------------------------------------------------------------------------
581 * Called when userland does "ifconfig wlan0 up".
584 * dev Device pointer.
588 * ---------------------------------------------------------------------------
591 uf_net_open(struct net_device *dev)
593 netInterface_priv_t *interfacePriv = (netInterface_priv_t *)netdev_priv(dev);
594 unifi_priv_t *priv = interfacePriv->privPtr;
598 /* If we haven't finished UniFi initialisation, we can't start */
599 if (priv->init_progress != UNIFI_INIT_COMPLETED) {
600 unifi_warning(priv, "%s: unifi not ready, failing net_open\n", __FUNCTION__);
604 #if (defined CSR_NATIVE_LINUX) && (defined UNIFI_SNIFF_ARPHRD) && defined(CSR_SUPPORT_WEXT)
606 * To sniff, the user must do "iwconfig mode monitor", which sets
607 * priv->wext_conf.mode to IW_MODE_MONITOR.
608 * Then he/she must do "ifconfig ethn up", which calls this fn.
609 * There is no point in starting the sniff with SNIFFJOIN until
612 if (priv->wext_conf.mode == IW_MODE_MONITOR) {
614 err = uf_start_sniff(priv);
618 netif_carrier_on(dev);
622 #ifdef CSR_SUPPORT_WEXT
623 if (interfacePriv->wait_netdev_change) {
624 unifi_trace(priv, UDBG1, "%s: Waiting for NETDEV_CHANGE, assume connected\n",
626 interfacePriv->connected = UnifiConnected;
627 interfacePriv->wait_netdev_change = FALSE;
631 UF_NETIF_TX_START_ALL_QUEUES(dev);
635 } /* uf_net_open() */
639 uf_net_stop(struct net_device *dev)
641 #if defined(CSR_NATIVE_LINUX) && defined(UNIFI_SNIFF_ARPHRD) && defined(CSR_SUPPORT_WEXT)
642 netInterface_priv_t *interfacePriv = (netInterface_priv_t*)netdev_priv(dev);
643 unifi_priv_t *priv = interfacePriv->privPtr;
647 /* Stop sniffing if in Monitor mode */
648 if (priv->wext_conf.mode == IW_MODE_MONITOR) {
651 err = unifi_reset_state(priv, dev->dev_addr, 1);
661 UF_NETIF_TX_STOP_ALL_QUEUES(dev);
665 } /* uf_net_stop() */
668 /* This is called after the WE handlers */
670 uf_net_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
677 } /* uf_net_ioctl() */
681 static struct net_device_stats *
682 uf_net_get_stats(struct net_device *dev)
684 netInterface_priv_t *interfacePriv = (netInterface_priv_t *)netdev_priv(dev);
686 return &interfacePriv->stats;
687 } /* uf_net_get_stats() */
689 static CSR_PRIORITY uf_get_packet_priority(unifi_priv_t *priv, netInterface_priv_t *interfacePriv, struct sk_buff *skb, const int proto)
691 CSR_PRIORITY priority = CSR_CONTENTION;
694 priority = (CSR_PRIORITY) (skb->priority >> 5);
696 if (priority == CSR_QOS_UP0) { /* 0 */
698 unifi_trace(priv, UDBG5, "uf_get_packet_priority: proto = 0x%.4X\n", proto);
701 case 0x0800: /* IPv4 */
702 case 0x814C: /* SNMP */
703 case 0x880C: /* GSMP */
704 priority = (CSR_PRIORITY) (skb->data[1 + ETH_HLEN] >> 5);
707 case 0x8100: /* VLAN */
708 priority = (CSR_PRIORITY) (skb->data[0 + ETH_HLEN] >> 5);
711 case 0x86DD: /* IPv6 */
712 priority = (CSR_PRIORITY) ((skb->data[0 + ETH_HLEN] & 0x0E) >> 1);
716 priority = CSR_QOS_UP0;
721 /* Check if we are allowed to transmit on this AC. Because of ACM we may have to downgrade to a lower
723 if (interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_STA ||
724 interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_P2PCLI) {
725 unifi_TrafficQueue queue;
727 /* Keep trying lower priorities until we find a queue
728 * Priority to queue mapping is 1,2 - BK, 0,3 - BE, 4,5 - VI, 6,7 - VO */
729 queue = unifi_frame_priority_to_queue(priority);
731 while (queue > UNIFI_TRAFFIC_Q_BK && !interfacePriv->queueEnabled[queue]) {
733 priority = unifi_get_default_downgrade_priority(queue);
737 unifi_trace(priv, UDBG5, "Packet priority = %d\n", priority);
746 * ---------------------------------------------------------------------------
747 * get_packet_priority
750 * priv private data area of functional driver
752 * ehdr ethernet header to fetch protocol
753 * interfacePriv For accessing station record database
758 * ---------------------------------------------------------------------------
761 get_packet_priority(unifi_priv_t *priv, struct sk_buff *skb, const struct ethhdr *ehdr, netInterface_priv_t *interfacePriv)
763 CSR_PRIORITY priority = CSR_CONTENTION;
764 const int proto = ntohs(ehdr->h_proto);
766 u8 interfaceMode = interfacePriv->interfaceMode;
770 /* Priority Mapping for all the Modes */
771 switch(interfaceMode)
773 case CSR_WIFI_ROUTER_CTRL_MODE_STA:
774 case CSR_WIFI_ROUTER_CTRL_MODE_P2PCLI:
775 unifi_trace(priv, UDBG4, "mode is STA \n");
776 if ((priv->sta_wmm_capabilities & QOS_CAPABILITY_WMM_ENABLED) == 1) {
777 priority = uf_get_packet_priority(priv, interfacePriv, skb, proto);
779 priority = CSR_CONTENTION;
782 #ifdef CSR_SUPPORT_SME
783 case CSR_WIFI_ROUTER_CTRL_MODE_AP:
784 case CSR_WIFI_ROUTER_CTRL_MODE_P2PGO:
785 case CSR_WIFI_ROUTER_CTRL_MODE_IBSS:
787 CsrWifiRouterCtrlStaInfo_t * dstStaInfo =
788 CsrWifiRouterCtrlGetStationRecordFromPeerMacAddress(priv,ehdr->h_dest, interfacePriv->InterfaceTag);
789 unifi_trace(priv, UDBG4, "mode is AP \n");
790 if (!(ehdr->h_dest[0] & 0x01) && dstStaInfo && dstStaInfo->wmmOrQosEnabled) {
791 /* If packet is not Broadcast/multicast */
792 priority = uf_get_packet_priority(priv, interfacePriv, skb, proto);
794 /* Since packet destination is not QSTA, set priority to CSR_CONTENTION */
795 unifi_trace(priv, UDBG4, "Destination is not QSTA or BroadCast/Multicast\n");
796 priority = CSR_CONTENTION;
802 unifi_trace(priv, UDBG3, " mode unknown in %s func, mode=%x\n", __FUNCTION__, interfaceMode);
804 unifi_trace(priv, UDBG5, "priority = %x\n", priority);
811 * ---------------------------------------------------------------------------
812 * uf_net_select_queue
814 * Called by the kernel to select which queue to put the packet in
822 * ---------------------------------------------------------------------------
825 uf_net_select_queue(struct net_device *dev, struct sk_buff *skb)
827 netInterface_priv_t *interfacePriv = (netInterface_priv_t *)netdev_priv(dev);
828 unifi_priv_t *priv = (unifi_priv_t *)interfacePriv->privPtr;
830 unifi_TrafficQueue queue;
832 CSR_PRIORITY priority;
836 memcpy(&ehdr, skb->data, ETH_HLEN);
837 proto = ntohs(ehdr.h_proto);
839 /* 802.1x - apply controlled/uncontrolled port rules */
840 if ((proto != ETH_P_PAE)
841 #ifdef CSR_WIFI_SECURITY_WAPI_ENABLE
842 && (proto != ETH_P_WAI)
846 priority = get_packet_priority(priv, skb, &ehdr, interfacePriv);
847 queue = unifi_frame_priority_to_queue(priority);
850 queue = UNIFI_TRAFFIC_Q_EAPOL;
856 } /* uf_net_select_queue() */
859 skb_add_llc_snap(struct net_device *dev, struct sk_buff *skb, int proto)
861 llc_snap_hdr_t *snap;
862 netInterface_priv_t *interfacePriv = (netInterface_priv_t *)netdev_priv(dev);
863 unifi_priv_t *priv = interfacePriv->privPtr;
866 /* get the headroom available in skb */
867 headroom = skb_headroom(skb);
868 /* step 1: classify ether frame, DIX or 802.3? */
871 /* codes <= 1500 reserved for 802.3 lengths */
872 /* it's 802.3, pass ether payload unchanged, */
873 unifi_trace(priv, UDBG3, "802.3 len: %d\n", skb->len);
875 /* leave off any PAD octets. */
876 skb_trim(skb, proto);
877 } else if (proto == ETH_P_8021Q) {
879 /* Store the VLAN SNAP (should be 87-65). */
880 u16 vlan_snap = *(u16*)skb->data;
881 /* check for headroom availability before skb_push 14 = (4 + 10) */
883 unifi_trace(priv, UDBG3, "cant append vlan snap: debug\n");
886 /* Add AA-AA-03-00-00-00 */
887 snap = (llc_snap_hdr_t *)skb_push(skb, 4);
888 snap->dsap = snap->ssap = 0xAA;
890 memcpy(snap->oui, oui_rfc1042, P80211_OUI_LEN);
892 /* Add AA-AA-03-00-00-00 */
893 snap = (llc_snap_hdr_t *)skb_push(skb, 10);
894 snap->dsap = snap->ssap = 0xAA;
896 memcpy(snap->oui, oui_rfc1042, P80211_OUI_LEN);
898 /* Add the VLAN specific information */
899 snap->protocol = htons(proto);
900 *(u16*)(snap + 1) = vlan_snap;
904 /* it's DIXII, time for some conversion */
905 unifi_trace(priv, UDBG3, "DIXII len: %d\n", skb->len);
907 /* check for headroom availability before skb_push */
908 if (headroom < sizeof(llc_snap_hdr_t)) {
909 unifi_trace(priv, UDBG3, "cant append snap: debug\n");
913 snap = (llc_snap_hdr_t *)skb_push(skb, sizeof(llc_snap_hdr_t));
914 snap->dsap = snap->ssap = 0xAA;
916 /* Use the appropriate OUI. */
917 if ((proto == ETH_P_AARP) || (proto == ETH_P_IPX)) {
918 memcpy(snap->oui, oui_8021h, P80211_OUI_LEN);
920 memcpy(snap->oui, oui_rfc1042, P80211_OUI_LEN);
922 snap->protocol = htons(proto);
926 } /* skb_add_llc_snap() */
928 #ifdef CSR_SUPPORT_SME
930 _identify_sme_ma_pkt_ind(unifi_priv_t *priv,
931 const s8 *oui, u16 protocol,
932 const CSR_SIGNAL *signal,
933 bulk_data_param_t *bulkdata,
934 const unsigned char *daddr,
935 const unsigned char *saddr)
937 CSR_MA_PACKET_INDICATION *pkt_ind = (CSR_MA_PACKET_INDICATION*)&signal->u.MaPacketIndication;
941 unifi_trace(priv, UDBG5,
942 "_identify_sme_ma_pkt_ind -->\n");
943 for (i = 0; i < MAX_MA_UNIDATA_IND_FILTERS; i++) {
944 if (priv->sme_unidata_ind_filters[i].in_use) {
945 if (!memcmp(oui, priv->sme_unidata_ind_filters[i].oui, 3) &&
946 (protocol == priv->sme_unidata_ind_filters[i].protocol)) {
951 * Pass the packet to the SME, using unifi_sys_ma_unitdata_ind().
952 * The frame needs to be converted according to the encapsulation.
954 unifi_trace(priv, UDBG1,
955 "_identify_sme_ma_pkt_ind: handle=%d, encap=%d, proto=%x\n",
956 i, priv->sme_unidata_ind_filters[i].encapsulation,
957 priv->sme_unidata_ind_filters[i].protocol);
958 if (priv->sme_unidata_ind_filters[i].encapsulation == CSR_WIFI_ROUTER_ENCAPSULATION_ETHERNET) {
960 /* The translation is performed on skb... */
961 skb = (struct sk_buff*)bulkdata->d[0].os_net_buf_ptr;
962 skb->len = bulkdata->d[0].data_length;
964 unifi_trace(priv, UDBG1,
965 "_identify_sme_ma_pkt_ind: skb_80211_to_ether -->\n");
966 r = skb_80211_to_ether(priv, skb, daddr, saddr,
968 unifi_trace(priv, UDBG1,
969 "_identify_sme_ma_pkt_ind: skb_80211_to_ether <--\n");
974 /* ... but we indicate buffer and length */
975 bulkdata->d[0].os_data_ptr = skb->data;
976 bulkdata->d[0].data_length = skb->len;
978 /* Add the MAC addresses before the SNAP */
979 bulkdata->d[0].os_data_ptr -= 2*ETH_ALEN;
980 bulkdata->d[0].data_length += 2*ETH_ALEN;
981 memcpy((void*)bulkdata->d[0].os_data_ptr, daddr, ETH_ALEN);
982 memcpy((void*)bulkdata->d[0].os_data_ptr + ETH_ALEN, saddr, ETH_ALEN);
985 unifi_trace(priv, UDBG1,
986 "_identify_sme_ma_pkt_ind: unifi_sys_ma_pkt_ind -->\n");
987 CsrWifiRouterMaPacketIndSend(priv->sme_unidata_ind_filters[i].appHandle,
988 (pkt_ind->VirtualInterfaceIdentifier & 0xff),
990 pkt_ind->ReceptionStatus,
991 bulkdata->d[0].data_length,
992 (u8*)bulkdata->d[0].os_data_ptr,
996 pkt_ind->ReceivedRate);
999 unifi_trace(priv, UDBG1,
1000 "_identify_sme_ma_pkt_ind: unifi_sys_ma_pkt_ind <--\n");
1010 #endif /* CSR_SUPPORT_SME */
1013 * ---------------------------------------------------------------------------
1014 * skb_80211_to_ether
1016 * Make sure the received frame is in Ethernet (802.3) form.
1017 * De-encapsulates SNAP if necessary, adds a ethernet header.
1018 * The source buffer should not contain an 802.11 MAC header
1021 * payload Pointer to packet data received from UniFi.
1022 * payload_length Number of bytes of data received from UniFi.
1023 * daddr Destination MAC address.
1024 * saddr Source MAC address.
1027 * 0 on success, -1 if the packet is bad and should be dropped,
1028 * 1 if the packet was forwarded to the SME or AMP client.
1029 * ---------------------------------------------------------------------------
1032 skb_80211_to_ether(unifi_priv_t *priv, struct sk_buff *skb,
1033 const unsigned char *daddr, const unsigned char *saddr,
1034 const CSR_SIGNAL *signal,
1035 bulk_data_param_t *bulkdata)
1037 unsigned char *payload;
1040 llc_snap_hdr_t *snap;
1042 #define UF_VLAN_LLC_HEADER_SIZE 18
1043 static const u8 vlan_inner_snap[] = { 0xAA, 0xAA, 0x03, 0x00, 0x00, 0x00 };
1044 #if defined(CSR_NATIVE_SOFTMAC) && defined(CSR_SUPPORT_SME)
1045 const CSR_MA_PACKET_INDICATION *pkt_ind = &signal->u.MaPacketIndication;
1048 if(skb== NULL || daddr == NULL || saddr == NULL){
1049 unifi_error(priv,"skb_80211_to_ether: PBC fail\n");
1053 payload = skb->data;
1054 payload_length = skb->len;
1056 snap = (llc_snap_hdr_t *)payload;
1057 eth = (struct ethhdr *)payload;
1059 /* get the skb headroom size */
1060 headroom = skb_headroom(skb);
1063 * Test for the various encodings
1065 if ((payload_length >= sizeof(llc_snap_hdr_t)) &&
1066 (snap->dsap == 0xAA) &&
1067 (snap->ssap == 0xAA) &&
1068 (snap->ctrl == 0x03) &&
1069 (snap->oui[0] == 0) &&
1070 (snap->oui[1] == 0) &&
1071 ((snap->oui[2] == 0) || (snap->oui[2] == 0xF8)))
1073 /* AppleTalk AARP (2) or IPX SNAP */
1074 if ((snap->oui[2] == 0) &&
1075 ((ntohs(snap->protocol) == ETH_P_AARP) || (ntohs(snap->protocol) == ETH_P_IPX)))
1079 unifi_trace(priv, UDBG3, "%s len: %d\n",
1080 (ntohs(snap->protocol) == ETH_P_AARP) ? "ETH_P_AARP" : "ETH_P_IPX",
1083 /* check for headroom availability before skb_push */
1084 if (headroom < (2 * ETH_ALEN + 2)) {
1085 unifi_warning(priv, "headroom not available to skb_push ether header\n");
1089 /* Add 802.3 header and leave full payload */
1090 len = htons(skb->len);
1091 memcpy(skb_push(skb, 2), &len, 2);
1092 memcpy(skb_push(skb, ETH_ALEN), saddr, ETH_ALEN);
1093 memcpy(skb_push(skb, ETH_ALEN), daddr, ETH_ALEN);
1097 /* VLAN-tagged IP */
1098 if ((snap->oui[2] == 0) && (ntohs(snap->protocol) == ETH_P_8021Q))
1101 * The translation doesn't change the packet length, so is done in-place.
1103 * Example header (from Std 802.11-2007 Annex M):
1104 * AA-AA-03-00-00-00-81-00-87-65-AA-AA-03-00-00-00-08-06
1105 * -------SNAP-------p1-p1-ll-ll-------SNAP--------p2-p2
1106 * dd-dd-dd-dd-dd-dd-aa-aa-aa-aa-aa-aa-p1-p1-ll-ll-p2-p2
1107 * dd-dd-dd-dd-dd-dd-aa-aa-aa-aa-aa-aa-81-00-87-65-08-06
1111 if (payload_length < UF_VLAN_LLC_HEADER_SIZE) {
1112 unifi_warning(priv, "VLAN SNAP header too short: %d bytes\n", payload_length);
1116 if (memcmp(payload + 10, vlan_inner_snap, 6)) {
1117 unifi_warning(priv, "VLAN malformatted SNAP header.\n");
1121 unifi_trace(priv, UDBG3, "VLAN SNAP: %02x-%02x\n", payload[8], payload[9]);
1122 unifi_trace(priv, UDBG3, "VLAN len: %d\n", payload_length);
1124 /* Create the 802.3 header */
1126 vlan_snap = *((u16*)(payload + 8));
1128 /* Create LLC header without byte-swapping */
1129 eth->h_proto = snap->protocol;
1131 memcpy(eth->h_dest, daddr, ETH_ALEN);
1132 memcpy(eth->h_source, saddr, ETH_ALEN);
1133 *(u16*)(eth + 1) = vlan_snap;
1137 /* it's a SNAP + RFC1042 frame */
1138 unifi_trace(priv, UDBG3, "SNAP+RFC1042 len: %d\n", payload_length);
1140 /* chop SNAP+llc header from skb. */
1141 skb_pull(skb, sizeof(llc_snap_hdr_t));
1143 /* Since skb_pull called above to chop snap+llc, no need to check for headroom
1144 * availability before skb_push
1146 /* create 802.3 header at beginning of skb. */
1147 eth = (struct ethhdr *)skb_push(skb, ETH_HLEN);
1148 memcpy(eth->h_dest, daddr, ETH_ALEN);
1149 memcpy(eth->h_source, saddr, ETH_ALEN);
1150 /* Copy protocol field without byte-swapping */
1151 eth->h_proto = snap->protocol;
1155 /* check for headroom availability before skb_push */
1156 if (headroom < (2 * ETH_ALEN + 2)) {
1157 unifi_warning(priv, "headroom not available to skb_push ether header\n");
1160 /* Add 802.3 header and leave full payload */
1161 len = htons(skb->len);
1162 memcpy(skb_push(skb, 2), &len, 2);
1163 memcpy(skb_push(skb, ETH_ALEN), saddr, ETH_ALEN);
1164 memcpy(skb_push(skb, ETH_ALEN), daddr, ETH_ALEN);
1170 } /* skb_80211_to_ether() */
1173 static CsrWifiRouterCtrlPortAction verify_port(unifi_priv_t *priv, unsigned char *address, int queue, u16 interfaceTag)
1175 #ifdef CSR_NATIVE_LINUX
1176 #ifdef CSR_SUPPORT_WEXT
1177 if (queue == UF_CONTROLLED_PORT_Q) {
1178 return priv->wext_conf.block_controlled_port;
1180 return CSR_WIFI_ROUTER_CTRL_PORT_ACTION_8021X_PORT_OPEN;
1183 return CSR_WIFI_ROUTER_CTRL_PORT_ACTION_8021X_PORT_OPEN; /* default to open for softmac dev */
1186 return uf_sme_port_state(priv, address, queue, interfaceTag);
1191 * ---------------------------------------------------------------------------
1192 * prepare_and_add_macheader
1195 * These functions adds mac header for packet from netdev
1196 * to UniFi for transmission.
1197 * EAP protocol packets are also appended with Mac header &
1198 * sent using send_ma_pkt_request().
1201 * priv Pointer to device private context struct
1202 * skb Socket buffer containing data packet to transmit
1203 * newSkb Socket buffer containing data packet + Mac header if no sufficient headroom in skb
1204 * serviceClass to append QOS control header in Mac header
1205 * bulkdata if newSkb allocated then bulkdata updated to send to unifi
1206 * interfaceTag the interfaceID on which activity going on
1207 * daddr destination address
1208 * saddr source address
1209 * protection protection bit set in framce control of mac header
1212 * Zero on success or error code.
1213 * ---------------------------------------------------------------------------
1216 int prepare_and_add_macheader(unifi_priv_t *priv, struct sk_buff *skb, struct sk_buff *newSkb,
1217 CSR_PRIORITY priority,
1218 bulk_data_param_t *bulkdata,
1226 u8 macHeaderLengthInBytes = MAC_HEADER_SIZE, *bufPtr = NULL;
1227 bulk_data_param_t data_ptrs;
1228 CsrResult csrResult;
1231 netInterface_priv_t *interfacePriv = priv->interfacePriv[interfaceTag];
1233 u8 bQosNull = false;
1236 unifi_error(priv,"prepare_and_add_macheader: Invalid SKB reference\n");
1240 /* add a MAC header refer: 7.1.3.1 Frame Control field in P802.11REVmb.book */
1241 if (priority != CSR_CONTENTION) {
1242 /* EAPOL packets don't go as QOS_DATA */
1243 if (priority == CSR_MANAGEMENT) {
1244 fc |= cpu_to_le16(IEEE802_11_FC_TYPE_DATA);
1246 /* Qos Control Field */
1247 macHeaderLengthInBytes += QOS_CONTROL_HEADER_SIZE;
1251 fc |= cpu_to_le16(IEEE802_11_FC_TYPE_QOS_DATA);
1253 fc |= cpu_to_le16(IEEE802_11_FC_TYPE_QOS_NULL);
1259 fc |= cpu_to_le16(IEEE802_11_FC_TYPE_NULL);
1261 fc |= cpu_to_le16(IEEE802_11_FC_TYPE_DATA);
1265 switch (interfacePriv->interfaceMode)
1267 case CSR_WIFI_ROUTER_CTRL_MODE_STA:
1268 case CSR_WIFI_ROUTER_CTRL_MODE_P2PCLI:
1270 fc |= cpu_to_le16(IEEE802_11_FC_TO_DS_MASK);
1272 case CSR_WIFI_ROUTER_CTRL_MODE_IBSS:
1275 case CSR_WIFI_ROUTER_CTRL_MODE_AP:
1276 case CSR_WIFI_ROUTER_CTRL_MODE_P2PGO:
1278 fc |= cpu_to_le16(IEEE802_11_FC_FROM_DS_MASK);
1280 case CSR_WIFI_ROUTER_CTRL_MODE_AMP:
1281 if (priority == CSR_MANAGEMENT ) {
1284 fc |= cpu_to_le16(IEEE802_11_FC_TO_DS_MASK);
1286 /* Data frames have to use WDS 4 address frames */
1288 fc |= cpu_to_le16(IEEE802_11_FC_TO_DS_MASK | IEEE802_11_FC_FROM_DS_MASK);
1289 macHeaderLengthInBytes += 6;
1293 unifi_warning(priv, "prepare_and_add_macheader: Unknown mode %d\n",
1294 interfacePriv->interfaceMode);
1298 /* If Sta is QOS & HTC is supported then need to set 'order' bit */
1299 /* We don't support HT Control for now */
1302 fc |= cpu_to_le16(IEEE802_11_FC_PROTECTED_MASK);
1305 /* check the skb headroom before pushing mac header */
1306 headroom = skb_headroom(skb);
1308 if (headroom < macHeaderLengthInBytes) {
1309 unifi_trace(priv, UDBG5,
1310 "prepare_and_add_macheader: Allocate headroom extra %d bytes\n",
1311 macHeaderLengthInBytes);
1313 csrResult = unifi_net_data_malloc(priv, &data_ptrs.d[0], skb->len + macHeaderLengthInBytes);
1315 if (csrResult != CSR_RESULT_SUCCESS) {
1316 unifi_error(priv, " failed to allocate request_data. in %s func\n", __FUNCTION__);
1319 newSkb = (struct sk_buff *)(data_ptrs.d[0].os_net_buf_ptr);
1320 newSkb->len = skb->len + macHeaderLengthInBytes;
1322 memcpy((void*)data_ptrs.d[0].os_data_ptr + macHeaderLengthInBytes,
1323 skb->data, skb->len);
1325 bulkdata->d[0].os_data_ptr = newSkb->data;
1326 bulkdata->d[0].os_net_buf_ptr = (unsigned char*)newSkb;
1327 bulkdata->d[0].data_length = newSkb->len;
1329 bufPtr = (u8*)data_ptrs.d[0].os_data_ptr;
1331 /* The old skb will not be used again */
1335 /* headroom has sufficient size, so will get proper pointer */
1336 bufPtr = (u8*)skb_push(skb, macHeaderLengthInBytes);
1337 bulkdata->d[0].os_data_ptr = skb->data;
1338 bulkdata->d[0].os_net_buf_ptr = (unsigned char*)skb;
1339 bulkdata->d[0].data_length = skb->len;
1342 /* Frame the actual MAC header */
1344 memset(bufPtr, 0, macHeaderLengthInBytes);
1346 /* copy frameControl field */
1347 memcpy(bufPtr, &fc, sizeof(fc));
1348 bufPtr += sizeof(fc);
1349 macHeaderLengthInBytes -= sizeof(fc);
1351 /* Duration/ID field which is 2 bytes */
1353 macHeaderLengthInBytes -= 2;
1358 /* Its an Ad-Hoc no need to route it through AP */
1359 /* Address1: MAC address of the destination from eth header */
1360 memcpy(bufPtr, daddr, ETH_ALEN);
1362 macHeaderLengthInBytes -= ETH_ALEN;
1364 /* Address2: MAC address of the source */
1365 memcpy(bufPtr, saddr, ETH_ALEN);
1367 macHeaderLengthInBytes -= ETH_ALEN;
1369 /* Address3: the BSSID (locally generated in AdHoc (creators Bssid)) */
1370 memcpy(bufPtr, &interfacePriv->bssid, ETH_ALEN);
1372 macHeaderLengthInBytes -= ETH_ALEN;
1375 /* Address1: MAC address of the actual destination */
1376 memcpy(bufPtr, daddr, ETH_ALEN);
1378 macHeaderLengthInBytes -= ETH_ALEN;
1379 /* Address2: The MAC address of the AP */
1380 memcpy(bufPtr, &interfacePriv->bssid, ETH_ALEN);
1382 macHeaderLengthInBytes -= ETH_ALEN;
1384 /* Address3: MAC address of the source from eth header */
1385 memcpy(bufPtr, saddr, ETH_ALEN);
1387 macHeaderLengthInBytes -= ETH_ALEN;
1390 /* Address1: To AP is the MAC address of the AP to which its associated */
1391 memcpy(bufPtr, &interfacePriv->bssid, ETH_ALEN);
1393 macHeaderLengthInBytes -= ETH_ALEN;
1395 /* Address2: MAC address of the source from eth header */
1396 memcpy(bufPtr, saddr, ETH_ALEN);
1398 macHeaderLengthInBytes -= ETH_ALEN;
1400 /* Address3: MAC address of the actual destination on the distribution system */
1401 memcpy(bufPtr, daddr, ETH_ALEN);
1403 macHeaderLengthInBytes -= ETH_ALEN;
1406 memcpy(bufPtr, &interfacePriv->bssid, ETH_ALEN);
1408 macHeaderLengthInBytes -= ETH_ALEN;
1410 /* Address2: MAC address of the source from eth header */
1411 memcpy(bufPtr, saddr, ETH_ALEN);
1413 macHeaderLengthInBytes -= ETH_ALEN;
1415 /* Address3: MAC address of the actual destination on the distribution system */
1416 memcpy(bufPtr, daddr, ETH_ALEN);
1418 macHeaderLengthInBytes -= ETH_ALEN;
1421 unifi_error(priv,"Unknown direction =%d : Not handled now\n",direction);
1424 /* 2 bytes of frame control field, appended by firmware */
1426 macHeaderLengthInBytes -= 2;
1428 if (3 == direction) {
1429 /* Address4: MAC address of the source */
1430 memcpy(bufPtr, saddr, ETH_ALEN);
1432 macHeaderLengthInBytes -= ETH_ALEN;
1435 /* IF Qos Data or Qos Null Data then set QosControl field */
1436 if ((priority != CSR_CONTENTION) && (macHeaderLengthInBytes >= QOS_CONTROL_HEADER_SIZE)) {
1439 unifi_trace(priv, UDBG1, "data packets priority is more than 7, priority = %x\n", priority);
1444 /*assigning address1
1445 * Address1 offset taken fromm bufPtr(currently bufPtr pointing to Qos contorl) variable in reverse direction
1446 * Address4 don't exit
1449 addressOne = bufPtr- ADDRESS_ONE_OFFSET;
1451 if (addressOne[0] & 0x1) {
1452 /* multicast/broadcast frames, no acknowledgement needed */
1455 /* non-AP mode only for now */
1456 if(interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_STA ||
1457 interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_IBSS ||
1458 interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_P2PCLI) {
1459 /* In case of STA and IBSS case eosp and txop limit is 0. */
1466 /* append Qos control field to mac header */
1468 /* txop limit is 0 */
1470 macHeaderLengthInBytes -= QOS_CONTROL_HEADER_SIZE;
1472 if (macHeaderLengthInBytes) {
1473 unifi_warning(priv, " Mac header not appended properly\n");
1480 * ---------------------------------------------------------------------------
1481 * send_ma_pkt_request
1483 * These functions send a data packet to UniFi for transmission.
1484 * EAP protocol packets are also sent as send_ma_pkt_request().
1487 * priv Pointer to device private context struct
1488 * skb Socket buffer containing data packet to transmit
1489 * ehdr Pointer to Ethernet header within skb.
1492 * Zero on success or error code.
1493 * ---------------------------------------------------------------------------
1497 send_ma_pkt_request(unifi_priv_t *priv, struct sk_buff *skb, const struct ethhdr *ehdr, CSR_PRIORITY priority)
1501 u8 eapolStore = FALSE;
1502 struct sk_buff *newSkb = NULL;
1503 bulk_data_param_t bulkdata;
1504 const int proto = ntohs(ehdr->h_proto);
1506 CsrWifiMacAddress peerAddress;
1507 CSR_TRANSMISSION_CONTROL transmissionControl = CSR_NO_CONFIRM_REQUIRED;
1509 netInterface_priv_t *interfacePriv = NULL;
1510 CSR_RATE TransmitRate = (CSR_RATE)0;
1512 unifi_trace(priv, UDBG5, "entering send_ma_pkt_request\n");
1514 /* Get the interface Tag by means of source Mac address */
1515 for (i = 0; i < CSR_WIFI_NUM_INTERFACES; i++) {
1516 if (!memcmp(priv->netdev[i]->dev_addr, ehdr->h_source, ETH_ALEN)) {
1518 interfacePriv = priv->interfacePriv[interfaceTag];
1523 if (interfacePriv == NULL) {
1524 /* No match found - error */
1526 interfacePriv = priv->interfacePriv[interfaceTag];
1527 unifi_warning(priv, "Mac address not matching ... debugging needed\n");
1528 interfacePriv->stats.tx_dropped++;
1533 /* Add a SNAP header if necessary */
1534 if (skb_add_llc_snap(priv->netdev[interfaceTag], skb, proto) != 0) {
1535 /* convert failed */
1536 unifi_error(priv, "skb_add_llc_snap failed.\n");
1541 bulkdata.d[0].os_data_ptr = skb->data;
1542 bulkdata.d[0].os_net_buf_ptr = (unsigned char*)skb;
1543 bulkdata.d[0].net_buf_length = bulkdata.d[0].data_length = skb->len;
1544 bulkdata.d[1].os_data_ptr = NULL;
1545 bulkdata.d[1].os_net_buf_ptr = NULL;
1546 bulkdata.d[1].net_buf_length = bulkdata.d[1].data_length = 0;
1548 #ifdef CSR_SUPPORT_SME
1549 /* Notify the TA module for the Tx frame for non AP/P2PGO mode*/
1550 if ((interfacePriv->interfaceMode != CSR_WIFI_ROUTER_CTRL_MODE_AP) &&
1551 (interfacePriv->interfaceMode != CSR_WIFI_ROUTER_CTRL_MODE_P2PGO)) {
1552 unifi_ta_sample(priv->card, CSR_WIFI_ROUTER_CTRL_PROTOCOL_DIRECTION_TX,
1553 &bulkdata.d[0], ehdr->h_source,
1554 priv->netdev[interfaceTag]->dev_addr,
1555 jiffies_to_msecs(jiffies),
1556 0); /* rate is unknown on tx */
1558 #endif /* CSR_SUPPORT_SME */
1560 if ((proto == ETH_P_PAE)
1561 #ifdef CSR_WIFI_SECURITY_WAPI_ENABLE
1562 || (proto == ETH_P_WAI)
1566 /* check for m4 detection */
1567 if (0 == uf_verify_m4(priv, bulkdata.d[0].os_data_ptr, bulkdata.d[0].data_length)) {
1572 #ifdef CSR_WIFI_SECURITY_WAPI_ENABLE
1573 if (proto == ETH_P_WAI)
1575 protection = 0; /*WAI packets always sent unencrypted*/
1580 #ifdef CSR_SUPPORT_SME
1581 if ((protection = uf_get_protection_bit_from_interfacemode(priv, interfaceTag, ehdr->h_dest)) < 0) {
1582 unifi_warning(priv, "unicast address, but destination not in station record database\n");
1583 unifi_net_data_free(priv, &bulkdata.d[0]);
1589 #ifdef CSR_WIFI_SECURITY_WAPI_ENABLE
1593 /* append Mac header for Eapol as well as data packet */
1594 if (prepare_and_add_macheader(priv, skb, newSkb, priority, &bulkdata, interfaceTag, ehdr->h_dest, ehdr->h_source, protection)) {
1595 unifi_error(priv, "failed to create MAC header\n");
1596 unifi_net_data_free(priv, &bulkdata.d[0]);
1600 /* RA adrress must contain the immediate destination MAC address that is similiar to
1601 * the Address 1 field of 802.11 Mac header here 4 is: (sizeof(framecontrol) + sizeof (durationID))
1602 * which is address 1 field
1604 memcpy(peerAddress.a, ((u8 *) bulkdata.d[0].os_data_ptr) + 4, ETH_ALEN);
1606 unifi_trace(priv, UDBG5, "RA[0]=%x, RA[1]=%x, RA[2]=%x, RA[3]=%x, RA[4]=%x, RA[5]=%x\n",
1607 peerAddress.a[0],peerAddress.a[1], peerAddress.a[2], peerAddress.a[3],
1608 peerAddress.a[4],peerAddress.a[5]);
1611 if ((proto == ETH_P_PAE)
1612 #ifdef CSR_WIFI_SECURITY_WAPI_ENABLE
1613 || (proto == ETH_P_WAI)
1618 CSR_MA_PACKET_REQUEST *req = &signal.u.MaPacketRequest;
1620 /* initialize signal to zero */
1621 memset(&signal, 0, sizeof(CSR_SIGNAL));
1623 /* Frame MA_PACKET request */
1624 signal.SignalPrimitiveHeader.SignalId = CSR_MA_PACKET_REQUEST_ID;
1625 signal.SignalPrimitiveHeader.ReceiverProcessId = 0;
1626 signal.SignalPrimitiveHeader.SenderProcessId = priv->netdev_client->sender_id;
1628 transmissionControl = req->TransmissionControl = 0;
1629 #ifdef CSR_SUPPORT_SME
1632 netInterface_priv_t *netpriv = (netInterface_priv_t *)netdev_priv(priv->netdev[interfaceTag]);
1634 /* Fill the MA-PACKET.req */
1636 req->Priority = priority;
1637 unifi_trace(priv, UDBG3, "Tx Frame with Priority: %x\n", req->Priority);
1639 /* rate selected by firmware */
1640 req->TransmitRate = 0;
1641 req->HostTag = CSR_WIFI_EAPOL_M4_HOST_TAG;
1642 /* RA address matching with address 1 of Mac header */
1643 memcpy(req->Ra.x, ((u8 *) bulkdata.d[0].os_data_ptr) + 4, ETH_ALEN);
1645 spin_lock(&priv->m4_lock);
1646 /* Store the M4-PACKET.req for later */
1647 interfacePriv->m4_signal = signal;
1648 interfacePriv->m4_bulk_data.net_buf_length = bulkdata.d[0].net_buf_length;
1649 interfacePriv->m4_bulk_data.data_length = bulkdata.d[0].data_length;
1650 interfacePriv->m4_bulk_data.os_data_ptr = bulkdata.d[0].os_data_ptr;
1651 interfacePriv->m4_bulk_data.os_net_buf_ptr = bulkdata.d[0].os_net_buf_ptr;
1652 spin_unlock(&priv->m4_lock);
1654 /* Signal the workqueue to call CsrWifiRouterCtrlM4ReadyToSendIndSend().
1655 * It cannot be called directly from the tx path because it
1656 * does a non-atomic kmalloc via the framework's CsrPmemAlloc().
1658 queue_work(priv->unifi_workqueue, &netpriv->send_m4_ready_task);
1663 }/*EAPOL or WAI packet*/
1665 #if (defined(CSR_WIFI_SECURITY_WAPI_ENABLE) && defined(CSR_WIFI_SECURITY_WAPI_SW_ENCRYPTION))
1666 if ((CSR_WIFI_ROUTER_CTRL_MODE_STA == interfacePriv->interfaceMode) && \
1667 (priv->wapi_unicast_filter) && \
1668 (proto != ETH_P_PAE) && \
1669 (proto != ETH_P_WAI) && \
1673 CSR_MA_PACKET_REQUEST *req = &signal.u.MaPacketRequest;
1674 netInterface_priv_t *netpriv = (netInterface_priv_t *)netdev_priv(priv->netdev[interfaceTag]);
1676 unifi_trace(priv, UDBG4, "send_ma_pkt_request() - WAPI unicast data packet when USKID = 1 \n");
1678 /* initialize signal to zero */
1679 memset(&signal, 0, sizeof(CSR_SIGNAL));
1680 /* Frame MA_PACKET request */
1681 signal.SignalPrimitiveHeader.SignalId = CSR_MA_PACKET_REQUEST_ID;
1682 signal.SignalPrimitiveHeader.ReceiverProcessId = 0;
1683 signal.SignalPrimitiveHeader.SenderProcessId = priv->netdev_client->sender_id;
1685 /* Fill the MA-PACKET.req */
1686 req->TransmissionControl = 0;
1687 req->Priority = priority;
1688 unifi_trace(priv, UDBG3, "Tx Frame with Priority: %x\n", req->Priority);
1689 req->TransmitRate = (CSR_RATE) 0; /* rate selected by firmware */
1690 req->HostTag = 0xffffffff; /* Ask for a new HostTag */
1691 /* RA address matching with address 1 of Mac header */
1692 memcpy(req->Ra.x, ((u8 *) bulkdata.d[0].os_data_ptr) + 4, ETH_ALEN);
1694 /* Store the M4-PACKET.req for later */
1695 spin_lock(&priv->wapi_lock);
1696 interfacePriv->wapi_unicast_ma_pkt_sig = signal;
1697 interfacePriv->wapi_unicast_bulk_data.net_buf_length = bulkdata.d[0].net_buf_length;
1698 interfacePriv->wapi_unicast_bulk_data.data_length = bulkdata.d[0].data_length;
1699 interfacePriv->wapi_unicast_bulk_data.os_data_ptr = bulkdata.d[0].os_data_ptr;
1700 interfacePriv->wapi_unicast_bulk_data.os_net_buf_ptr = bulkdata.d[0].os_net_buf_ptr;
1701 spin_unlock(&priv->wapi_lock);
1703 /* Signal the workqueue to call CsrWifiRouterCtrlWapiUnicastTxEncryptIndSend().
1704 * It cannot be called directly from the tx path because it
1705 * does a non-atomic kmalloc via the framework's CsrPmemAlloc().
1707 queue_work(priv->unifi_workqueue, &netpriv->send_pkt_to_encrypt);
1713 if(priv->cmanrTestMode)
1715 TransmitRate = priv->cmanrTestModeTransmitRate;
1716 unifi_trace(priv, UDBG2, "send_ma_pkt_request: cmanrTestModeTransmitRate = %d TransmitRate=%d\n",
1717 priv->cmanrTestModeTransmitRate,
1722 /* Send UniFi msg */
1723 /* Here hostTag is been sent as 0xffffffff, its been appended properly while framing MA-Packet request in pdu_processing.c file */
1724 r = uf_process_ma_packet_req(priv,
1726 0xffffffff, /* Ask for a new HostTag */
1728 transmissionControl,
1731 priv->netdev_client->sender_id,
1735 unifi_trace(priv, UDBG1, "(HIP validation failure) r = %x\n", r);
1736 unifi_net_data_free(priv, &bulkdata.d[0]);
1740 unifi_trace(priv, UDBG3, "leaving send_ma_pkt_request, UNITDATA result code = %d\n", r);
1743 } /* send_ma_pkt_request() */
1746 * ---------------------------------------------------------------------------
1749 * This function is called by the higher level stack to transmit an
1753 * skb Ethernet packet to send.
1754 * dev Pointer to the linux net device.
1757 * 0 on success (packet was consumed, not necessarily transmitted)
1758 * 1 if packet was requeued
1763 * The controlled port is handled in the qdisc dequeue handler.
1764 * ---------------------------------------------------------------------------
1767 uf_net_xmit(struct sk_buff *skb, struct net_device *dev)
1769 netInterface_priv_t *interfacePriv = (netInterface_priv_t *)netdev_priv(dev);
1770 unifi_priv_t *priv = interfacePriv->privPtr;
1774 static tx_signal_handler tx_handler;
1775 CSR_PRIORITY priority;
1776 CsrWifiRouterCtrlPortAction port_action;
1780 unifi_trace(priv, UDBG5, "unifi_net_xmit: skb = %x\n", skb);
1782 memcpy(&ehdr, skb->data, ETH_HLEN);
1783 proto = ntohs(ehdr.h_proto);
1784 priority = get_packet_priority(priv, skb, &ehdr, interfacePriv);
1786 /* All frames are sent as MA-PACKET.req (EAPOL also) */
1787 tx_handler = send_ma_pkt_request;
1789 /* 802.1x - apply controlled/uncontrolled port rules */
1790 if ((proto != ETH_P_PAE)
1791 #ifdef CSR_WIFI_SECURITY_WAPI_ENABLE
1792 && (proto != ETH_P_WAI)
1795 port = UF_CONTROLLED_PORT_Q;
1798 port = UF_UNCONTROLLED_PORT_Q;
1801 /* Uncontrolled port rules apply */
1802 port_action = verify_port(priv
1803 , (((CSR_WIFI_ROUTER_CTRL_MODE_STA == interfacePriv->interfaceMode)||(CSR_WIFI_ROUTER_CTRL_MODE_P2PCLI== interfacePriv->interfaceMode))? interfacePriv->bssid.a: ehdr.h_dest)
1805 , interfacePriv->InterfaceTag);
1807 if (port_action == CSR_WIFI_ROUTER_CTRL_PORT_ACTION_8021X_PORT_OPEN) {
1808 unifi_trace(priv, UDBG5,
1809 "uf_net_xmit: %s controlled port open\n",
1811 /* Remove the ethernet header */
1812 skb_pull(skb, ETH_HLEN);
1813 result = tx_handler(priv, skb, &ehdr, priority);
1816 /* Discard the packet if necessary */
1817 unifi_trace(priv, UDBG2,
1818 "uf_net_xmit: %s controlled port %s\n",
1819 port ? "" : "un", port_action==CSR_WIFI_ROUTER_CTRL_PORT_ACTION_8021X_PORT_CLOSED_BLOCK ? "blocked" : "closed");
1820 interfacePriv->stats.tx_dropped++;
1824 return NETDEV_TX_OK;
1827 if (result == NETDEV_TX_OK) {
1828 #if (defined(CSR_WIFI_SECURITY_WAPI_ENABLE) && defined(CSR_WIFI_SECURITY_WAPI_SW_ENCRYPTION))
1829 /* Don't update the tx stats when the pkt is to be sent for sw encryption*/
1830 if (!((CSR_WIFI_ROUTER_CTRL_MODE_STA == interfacePriv->interfaceMode) &&
1831 (priv->wapi_unicast_filter == 1)))
1833 dev->trans_start = jiffies;
1834 /* Should really count tx stats in the UNITDATA.status signal but
1835 * that doesn't have the length.
1837 interfacePriv->stats.tx_packets++;
1838 /* count only the packet payload */
1839 interfacePriv->stats.tx_bytes += skb->len;
1843 dev->trans_start = jiffies;
1846 * Should really count tx stats in the UNITDATA.status signal but
1847 * that doesn't have the length.
1849 interfacePriv->stats.tx_packets++;
1850 /* count only the packet payload */
1851 interfacePriv->stats.tx_bytes += skb->len;
1853 } else if (result < 0) {
1855 /* Failed to send: fh queue was full, and the skb was discarded.
1856 * Return OK to indicate that the buffer was consumed, to stop the
1857 * kernel re-transmitting the freed buffer.
1859 interfacePriv->stats.tx_dropped++;
1860 unifi_trace(priv, UDBG1, "unifi_net_xmit: (Packet Drop), dropped count = %x\n", interfacePriv->stats.tx_dropped);
1861 result = NETDEV_TX_OK;
1864 /* The skb will have been freed by send_XXX_request() */
1868 } /* uf_net_xmit() */
1871 * ---------------------------------------------------------------------------
1873 * unifi_restart_xmit
1875 * These functions are called from the UniFi core to control the flow
1876 * of packets from the upper layers.
1877 * unifi_pause_xmit() is called when the internal queue is full and
1878 * should take action to stop unifi_ma_unitdata() being called.
1879 * When the queue has drained, unifi_restart_xmit() will be called to
1880 * re-enable the flow of packets for transmission.
1883 * ospriv OS private context pointer.
1886 * unifi_pause_xmit() is called from interrupt context.
1887 * ---------------------------------------------------------------------------
1890 unifi_pause_xmit(void *ospriv, unifi_TrafficQueue queue)
1892 unifi_priv_t *priv = ospriv;
1893 int i; /* used as a loop counter */
1896 unifi_trace(priv, UDBG2, "Stopping queue %d\n", queue);
1898 for(i=0;i<CSR_WIFI_NUM_INTERFACES;i++)
1900 if (netif_running(priv->netdev[i]))
1902 netif_stop_subqueue(priv->netdev[i], (u16)queue);
1906 #ifdef CSR_SUPPORT_SME
1908 routerStartBuffering(priv,queue);
1909 unifi_trace(priv,UDBG2,"Start buffering %d\n", queue);
1911 routerStartBuffering(priv,0);
1912 unifi_error(priv, "Start buffering %d defaulting to 0\n", queue);
1917 } /* unifi_pause_xmit() */
1920 unifi_restart_xmit(void *ospriv, unifi_TrafficQueue queue)
1922 unifi_priv_t *priv = ospriv;
1923 int i=0; /* used as a loop counter */
1926 unifi_trace(priv, UDBG2, "Waking queue %d\n", queue);
1928 for(i=0;i<CSR_WIFI_NUM_INTERFACES;i++)
1930 if (netif_running(priv->netdev[i]))
1932 netif_wake_subqueue(priv->netdev[i], (u16)queue);
1936 #ifdef CSR_SUPPORT_SME
1938 routerStopBuffering(priv,queue);
1939 uf_send_buffered_frames(priv,queue);
1941 routerStopBuffering(priv,0);
1942 uf_send_buffered_frames(priv,0);
1946 } /* unifi_restart_xmit() */
1950 indicate_rx_skb(unifi_priv_t *priv, u16 ifTag, u8* dst_a, u8* src_a, struct sk_buff *skb, CSR_SIGNAL *signal,
1951 bulk_data_param_t *bulkdata)
1954 struct net_device *dev;
1956 #ifdef CSR_SUPPORT_SME
1957 llc_snap_hdr_t *snap;
1959 snap = (llc_snap_hdr_t *)skb->data;
1961 sr = _identify_sme_ma_pkt_ind(priv,
1962 snap->oui, ntohs(snap->protocol),
1969 * Decapsulate any SNAP header and
1970 * prepend an ethernet header so that the skb manipulation and ARP
1973 r = skb_80211_to_ether(priv, skb, dst_a, src_a,
1976 /* Drop the packet and return */
1977 priv->interfacePriv[ifTag]->stats.rx_errors++;
1978 priv->interfacePriv[ifTag]->stats.rx_frame_errors++;
1979 unifi_net_data_free(priv, &bulkdata->d[0]);
1980 unifi_notice(priv, "indicate_rx_skb: Discard unknown frame.\n");
1985 /* Handle the case where packet is sent up through the subscription
1986 * API but should not be given to the network stack (AMP PAL case)
1987 * LLC header is different from WiFi and the packet has been subscribed for
1989 if (r == 1 && sr == 1) {
1990 unifi_net_data_free(priv, &bulkdata->d[0]);
1991 unifi_trace(priv, UDBG5, "indicate_rx_skb: Data given to subscription"
1992 "API, not being given to kernel\n");
1997 dev = priv->netdev[ifTag];
1998 /* Now we look like a regular ethernet frame */
1999 /* Fill in SKB meta data */
2001 skb->protocol = eth_type_trans(skb, dev);
2002 skb->ip_summed = CHECKSUM_UNNECESSARY;
2004 /* Test for an overlength frame */
2005 if (skb->len > (dev->mtu + ETH_HLEN)) {
2006 /* A bogus length ethfrm has been encap'd. */
2007 /* Is someone trying an oflow attack? */
2008 unifi_error(priv, "%s: oversize frame (%d > %d)\n",
2010 skb->len, dev->mtu + ETH_HLEN);
2012 /* Drop the packet and return */
2013 priv->interfacePriv[ifTag]->stats.rx_errors++;
2014 priv->interfacePriv[ifTag]->stats.rx_length_errors++;
2015 unifi_net_data_free(priv, &bulkdata->d[0]);
2021 if(priv->cmanrTestMode)
2023 const CSR_MA_PACKET_INDICATION *pkt_ind = &signal->u.MaPacketIndication;
2024 priv->cmanrTestModeTransmitRate = pkt_ind->ReceivedRate;
2025 unifi_trace(priv, UDBG2, "indicate_rx_skb: cmanrTestModeTransmitRate=%d\n", priv->cmanrTestModeTransmitRate);
2028 /* Pass SKB up the stack */
2029 #ifdef CSR_WIFI_USE_NETIF_RX
2036 dev->last_rx = jiffies;
2040 priv->interfacePriv[ifTag]->stats.rx_packets++;
2041 priv->interfacePriv[ifTag]->stats.rx_bytes += bulkdata->d[0].data_length;
2048 uf_process_rx_pending_queue(unifi_priv_t *priv, int queue,
2049 CsrWifiMacAddress source_address,
2050 int indicate, u16 interfaceTag)
2052 rx_buffered_packets_t *rx_q_item;
2053 struct list_head *rx_list;
2054 struct list_head *n;
2055 struct list_head *l_h;
2056 static const CsrWifiMacAddress broadcast_address = {{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}};
2057 netInterface_priv_t *interfacePriv = priv->interfacePriv[interfaceTag];
2059 if (interfaceTag >= CSR_WIFI_NUM_INTERFACES) {
2060 unifi_error(priv, "uf_process_rx_pending_queue bad interfaceTag\n");
2064 if (queue == UF_CONTROLLED_PORT_Q) {
2065 rx_list = &interfacePriv->rx_controlled_list;
2067 rx_list = &interfacePriv->rx_uncontrolled_list;
2070 down(&priv->rx_q_sem);
2071 list_for_each_safe(l_h, n, rx_list) {
2072 rx_q_item = list_entry(l_h, rx_buffered_packets_t, q);
2074 /* Validate against the source address */
2075 if (memcmp(broadcast_address.a, source_address.a, ETH_ALEN) &&
2076 memcmp(rx_q_item->sa.a, source_address.a, ETH_ALEN)) {
2078 unifi_trace(priv, UDBG2,
2079 "uf_process_rx_pending_queue: Skipping sa=%02X%02X%02X%02X%02X%02X skb=%p, bulkdata=%p\n",
2080 rx_q_item->sa.a[0], rx_q_item->sa.a[1],
2081 rx_q_item->sa.a[2], rx_q_item->sa.a[3],
2082 rx_q_item->sa.a[4], rx_q_item->sa.a[5],
2083 rx_q_item->skb, &rx_q_item->bulkdata.d[0]);
2090 unifi_trace(priv, UDBG2,
2091 "uf_process_rx_pending_queue: Was Blocked skb=%p, bulkdata=%p\n",
2092 rx_q_item->skb, &rx_q_item->bulkdata);
2095 indicate_rx_skb(priv, interfaceTag, rx_q_item->da.a, rx_q_item->sa.a, rx_q_item->skb, &rx_q_item->signal, &rx_q_item->bulkdata);
2097 interfacePriv->stats.rx_dropped++;
2098 unifi_net_data_free(priv, &rx_q_item->bulkdata.d[0]);
2101 /* It is our resposibility to free the Rx structure object. */
2104 up(&priv->rx_q_sem);
2108 * ---------------------------------------------------------------------------
2109 * uf_resume_data_plane
2111 * Is called when the (un)controlled port is set to open,
2112 * to notify the network stack to schedule for transmission
2113 * any packets queued in the qdisk while port was closed and
2114 * indicated to the stack any packets buffered in the Rx queues.
2117 * priv Pointer to device private struct
2120 * ---------------------------------------------------------------------------
2123 uf_resume_data_plane(unifi_priv_t *priv, int queue,
2124 CsrWifiMacAddress peer_address,
2127 #ifdef CSR_SUPPORT_WEXT
2128 netInterface_priv_t *interfacePriv = priv->interfacePriv[interfaceTag];
2131 if (interfaceTag >= CSR_WIFI_NUM_INTERFACES) {
2132 unifi_error(priv, "uf_resume_data_plane bad interfaceTag\n");
2136 unifi_trace(priv, UDBG2, "Resuming netif\n");
2139 * If we are waiting for the net device to enter the up state, don't
2140 * process the rx queue yet as it will be done by the callback when
2141 * the device is ready.
2143 #ifdef CSR_SUPPORT_WEXT
2144 if (!interfacePriv->wait_netdev_change)
2147 #ifdef CONFIG_NET_SCHED
2148 if (netif_running(priv->netdev[interfaceTag])) {
2149 netif_tx_schedule_all(priv->netdev[interfaceTag]);
2152 uf_process_rx_pending_queue(priv, queue, peer_address, 1,interfaceTag);
2154 } /* uf_resume_data_plane() */
2157 void uf_free_pending_rx_packets(unifi_priv_t *priv, int queue, CsrWifiMacAddress peer_address,u16 interfaceTag)
2159 uf_process_rx_pending_queue(priv, queue, peer_address, 0,interfaceTag);
2161 } /* uf_free_pending_rx_packets() */
2165 * ---------------------------------------------------------------------------
2168 * Reformat a UniFi data received packet into a p80211 packet and
2169 * pass it up the protocol stack.
2176 * ---------------------------------------------------------------------------
2179 unifi_rx(unifi_priv_t *priv, CSR_SIGNAL *signal, bulk_data_param_t *bulkdata)
2182 bulk_data_desc_t *pData;
2183 const CSR_MA_PACKET_INDICATION *pkt_ind = &signal->u.MaPacketIndication;
2184 struct sk_buff *skb;
2185 CsrWifiRouterCtrlPortAction port_action;
2190 u8 da[ETH_ALEN], sa[ETH_ALEN];
2191 u8 toDs, fromDs, frameType, macHeaderLengthInBytes = MAC_HEADER_SIZE;
2193 netInterface_priv_t *interfacePriv;
2198 interfaceTag = (pkt_ind->VirtualInterfaceIdentifier & 0xff);
2199 interfacePriv = priv->interfacePriv[interfaceTag];
2201 /* Sanity check that the VIF refers to a sensible interface */
2202 if (interfaceTag >= CSR_WIFI_NUM_INTERFACES)
2204 unifi_error(priv, "%s: MA-PACKET indication with bad interfaceTag %d\n", __FUNCTION__, interfaceTag);
2205 unifi_net_data_free(priv,&bulkdata->d[0]);
2210 /* Sanity check that the VIF refers to an allocated netdev */
2211 if (!interfacePriv->netdev_registered)
2213 unifi_error(priv, "%s: MA-PACKET indication with unallocated interfaceTag %d\n", __FUNCTION__, interfaceTag);
2214 unifi_net_data_free(priv, &bulkdata->d[0]);
2219 if (bulkdata->d[0].data_length == 0) {
2220 unifi_warning(priv, "%s: MA-PACKET indication with zero bulk data\n", __FUNCTION__);
2221 unifi_net_data_free(priv,&bulkdata->d[0]);
2227 skb = (struct sk_buff*)bulkdata->d[0].os_net_buf_ptr;
2228 skb->len = bulkdata->d[0].data_length;
2230 /* Point to the addresses */
2231 toDs = (skb->data[1] & 0x01) ? 1 : 0;
2232 fromDs = (skb->data[1] & 0x02) ? 1 : 0;
2234 memcpy(da,(skb->data+4+toDs*12),ETH_ALEN);/* Address1 or 3 */
2235 memcpy(sa,(skb->data+10+fromDs*(6+toDs*8)),ETH_ALEN); /* Address2, 3 or 4 */
2238 pData = &bulkdata->d[0];
2239 frameControl = CSR_GET_UINT16_FROM_LITTLE_ENDIAN(pData->os_data_ptr);
2240 frameType = ((frameControl & 0x000C) >> 2);
2242 dataFrameType =((frameControl & 0x00f0) >> 4);
2243 unifi_trace(priv, UDBG6,
2244 "%s: Receive Data Frame Type %d \n", __FUNCTION__,dataFrameType);
2246 switch(dataFrameType)
2250 /* If both are set then the Address4 exists (only for AP) */
2253 /* 6 is the size of Address4 field */
2254 macHeaderLengthInBytes += (QOS_CONTROL_HEADER_SIZE + 6);
2258 macHeaderLengthInBytes += QOS_CONTROL_HEADER_SIZE;
2261 /* If order bit set then HT control field is the part of MAC header */
2262 if (frameControl & FRAME_CONTROL_ORDER_BIT)
2263 macHeaderLengthInBytes += HT_CONTROL_HEADER_SIZE;
2267 macHeaderLengthInBytes += 6;
2270 /* Prepare the ethernet header from snap header of skb data */
2271 switch(dataFrameType)
2275 /* This is for only queue info fetching, EAPOL wont come as
2276 * null data so the proto is initialized as zero
2282 llc_snap_hdr_t *snap;
2283 /* Fetch a snap header to find protocol (for IPV4/IPV6 packets
2284 * the snap header fetching offset is same)
2286 snap = (llc_snap_hdr_t *) (skb->data + macHeaderLengthInBytes);
2288 /* prepare the ethernet header from the snap header & addresses */
2289 ehdr.h_proto = snap->protocol;
2290 memcpy(ehdr.h_dest, da, ETH_ALEN);
2291 memcpy(ehdr.h_source, sa, ETH_ALEN);
2293 proto = ntohs(ehdr.h_proto);
2295 unifi_trace(priv, UDBG3, "in unifi_rx protocol from snap header = 0x%x\n", proto);
2297 if ((proto != ETH_P_PAE)
2298 #ifdef CSR_WIFI_SECURITY_WAPI_ENABLE
2299 && (proto != ETH_P_WAI)
2302 queue = UF_CONTROLLED_PORT_Q;
2304 queue = UF_UNCONTROLLED_PORT_Q;
2307 port_action = verify_port(priv, (unsigned char*)sa, queue, interfaceTag);
2308 unifi_trace(priv, UDBG3, "in unifi_rx port action is = 0x%x & queue = %x\n", port_action, queue);
2310 #ifdef CSR_SUPPORT_SME
2311 /* Notify the TA module for the Rx frame for non P2PGO and AP cases*/
2312 if((interfacePriv->interfaceMode != CSR_WIFI_ROUTER_CTRL_MODE_AP) &&
2313 (interfacePriv->interfaceMode != CSR_WIFI_ROUTER_CTRL_MODE_P2PGO))
2315 /* Remove MAC header of length(macHeaderLengthInBytes) before sampling */
2316 skb_pull(skb, macHeaderLengthInBytes);
2317 pData->os_data_ptr = skb->data;
2318 pData->data_length -= macHeaderLengthInBytes;
2320 if (pData->data_length) {
2321 unifi_ta_sample(priv->card, CSR_WIFI_ROUTER_CTRL_PROTOCOL_DIRECTION_RX,
2323 sa, priv->netdev[interfaceTag]->dev_addr,
2324 jiffies_to_msecs(jiffies),
2325 pkt_ind->ReceivedRate);
2329 /* AP/P2PGO specific handling here */
2330 CsrWifiRouterCtrlStaInfo_t * srcStaInfo =
2331 CsrWifiRouterCtrlGetStationRecordFromPeerMacAddress(priv,sa,interfaceTag);
2333 /* Defensive check only; Source address is already checked in
2334 process_ma_packet_ind and we should have a valid source address here */
2336 if(srcStaInfo == NULL) {
2337 CsrWifiMacAddress peerMacAddress;
2338 /* Unknown data PDU */
2339 memcpy(peerMacAddress.a,sa,ETH_ALEN);
2340 unifi_trace(priv, UDBG1, "%s: Unexpected frame from peer = %x:%x:%x:%x:%x:%x\n", __FUNCTION__,
2341 sa[0], sa[1],sa[2], sa[3], sa[4],sa[5]);
2342 CsrWifiRouterCtrlUnexpectedFrameIndSend(priv->CSR_WIFI_SME_IFACEQUEUE,0,interfaceTag,peerMacAddress);
2343 unifi_net_data_free(priv, &bulkdata->d[0]);
2348 /* For AP GO mode, don't store the PDUs */
2349 if (port_action != CSR_WIFI_ROUTER_CTRL_PORT_ACTION_8021X_PORT_OPEN) {
2350 /* Drop the packet and return */
2351 CsrWifiMacAddress peerMacAddress;
2352 memcpy(peerMacAddress.a,sa,ETH_ALEN);
2353 unifi_trace(priv, UDBG3, "%s: Port is not open: unexpected frame from peer = %x:%x:%x:%x:%x:%x\n",
2354 __FUNCTION__, sa[0], sa[1],sa[2], sa[3], sa[4],sa[5]);
2356 CsrWifiRouterCtrlUnexpectedFrameIndSend(priv->CSR_WIFI_SME_IFACEQUEUE,0,interfaceTag,peerMacAddress);
2357 interfacePriv->stats.rx_dropped++;
2358 unifi_net_data_free(priv, &bulkdata->d[0]);
2359 unifi_notice(priv, "%s: Dropping packet, proto=0x%04x, %s port\n", __FUNCTION__,
2360 proto, queue ? "Controlled" : "Un-controlled");
2365 /* Qos NULL/Data NULL are freed here and not processed further */
2366 if((dataFrameType == QOS_DATA_NULL) || (dataFrameType == DATA_NULL)){
2367 unifi_trace(priv, UDBG5, "%s: Null Frame Received and Freed\n", __FUNCTION__);
2368 unifi_net_data_free(priv, &bulkdata->d[0]);
2373 /* Now we have done with MAC header so proceed with the real data part*/
2374 /* This function takes care of appropriate routing for AP/P2PGO case*/
2375 /* the function hadnles following things
2376 2. Routing the PDU to appropriate location
2377 3. Error case handling
2379 if(!(uf_ap_process_data_pdu(priv, skb, &ehdr, srcStaInfo,
2382 macHeaderLengthInBytes)))
2387 unifi_trace(priv, UDBG5, "unifi_rx: no specific AP handling process as normal frame, MAC Header len %d\n",macHeaderLengthInBytes);
2388 /* Remove the MAC header for subsequent conversion */
2389 skb_pull(skb, macHeaderLengthInBytes);
2390 pData->os_data_ptr = skb->data;
2391 pData->data_length -= macHeaderLengthInBytes;
2392 pData->os_net_buf_ptr = (unsigned char*)skb;
2393 pData->net_buf_length = skb->len;
2395 #endif /* CSR_SUPPORT_SME */
2398 /* Now that the MAC header is removed, null-data frames have zero length
2399 * and can be dropped
2401 if (pData->data_length == 0) {
2402 if (((frameControl & 0x00f0) >> 4) != QOS_DATA_NULL &&
2403 ((frameControl & 0x00f0) >> 4) != DATA_NULL) {
2404 unifi_trace(priv, UDBG1, "Zero length frame, but not null-data %04x\n", frameControl);
2406 unifi_net_data_free(priv, &bulkdata->d[0]);
2411 if (port_action == CSR_WIFI_ROUTER_CTRL_PORT_ACTION_8021X_PORT_CLOSED_DISCARD) {
2412 /* Drop the packet and return */
2413 interfacePriv->stats.rx_dropped++;
2414 unifi_net_data_free(priv, &bulkdata->d[0]);
2415 unifi_notice(priv, "%s: Dropping packet, proto=0x%04x, %s port\n",
2416 __FUNCTION__, proto, queue ? "controlled" : "uncontrolled");
2419 } else if ( (port_action == CSR_WIFI_ROUTER_CTRL_PORT_ACTION_8021X_PORT_CLOSED_BLOCK) ||
2420 (interfacePriv->connected != UnifiConnected) ) {
2422 /* Buffer the packet into the Rx queues */
2423 rx_buffered_packets_t *rx_q_item;
2424 struct list_head *rx_list;
2426 rx_q_item = (rx_buffered_packets_t *)kmalloc(sizeof(rx_buffered_packets_t),
2428 if (rx_q_item == NULL) {
2429 unifi_error(priv, "%s: Failed to allocate %d bytes for rx packet record\n",
2430 __FUNCTION__, sizeof(rx_buffered_packets_t));
2431 interfacePriv->stats.rx_dropped++;
2432 unifi_net_data_free(priv, &bulkdata->d[0]);
2437 INIT_LIST_HEAD(&rx_q_item->q);
2438 rx_q_item->bulkdata = *bulkdata;
2439 rx_q_item->skb = skb;
2440 rx_q_item->signal = *signal;
2441 memcpy(rx_q_item->sa.a, sa, ETH_ALEN);
2442 memcpy(rx_q_item->da.a, da, ETH_ALEN);
2443 unifi_trace(priv, UDBG2, "%s: Blocked skb=%p, bulkdata=%p\n",
2444 __FUNCTION__, rx_q_item->skb, &rx_q_item->bulkdata);
2446 if (queue == UF_CONTROLLED_PORT_Q) {
2447 rx_list = &interfacePriv->rx_controlled_list;
2449 rx_list = &interfacePriv->rx_uncontrolled_list;
2452 /* Add to tail of packets queue */
2453 down(&priv->rx_q_sem);
2454 list_add_tail(&rx_q_item->q, rx_list);
2455 up(&priv->rx_q_sem);
2462 indicate_rx_skb(priv, interfaceTag, da, sa, skb, signal, bulkdata);
2468 static void process_ma_packet_cfm(unifi_priv_t *priv, CSR_SIGNAL *signal, bulk_data_param_t *bulkdata)
2471 const CSR_MA_PACKET_CONFIRM *pkt_cfm = &signal->u.MaPacketConfirm;
2472 netInterface_priv_t *interfacePriv;
2475 interfaceTag = (pkt_cfm->VirtualInterfaceIdentifier & 0xff);
2476 interfacePriv = priv->interfacePriv[interfaceTag];
2478 /* Sanity check that the VIF refers to a sensible interface */
2479 if (interfaceTag >= CSR_WIFI_NUM_INTERFACES)
2481 unifi_error(priv, "%s: MA-PACKET confirm with bad interfaceTag %d\n", __FUNCTION__, interfaceTag);
2485 #ifdef CSR_SUPPORT_SME
2486 if(interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_AP ||
2487 interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_P2PGO) {
2489 uf_process_ma_pkt_cfm_for_ap(priv,interfaceTag,pkt_cfm);
2490 } else if (interfacePriv->m4_sent && (pkt_cfm->HostTag == interfacePriv->m4_hostTag)) {
2491 /* Check if this is a confirm for EAPOL M4 frame and we need to send transmistted ind*/
2492 CsrResult result = pkt_cfm->TransmissionStatus == CSR_TX_SUCCESSFUL?CSR_RESULT_SUCCESS:CSR_RESULT_FAILURE;
2493 CsrWifiMacAddress peerMacAddress;
2494 memcpy(peerMacAddress.a, interfacePriv->m4_signal.u.MaPacketRequest.Ra.x, ETH_ALEN);
2496 unifi_trace(priv, UDBG1, "%s: Sending M4 Transmit CFM\n", __FUNCTION__);
2497 CsrWifiRouterCtrlM4TransmittedIndSend(priv->CSR_WIFI_SME_IFACEQUEUE, 0,
2501 interfacePriv->m4_sent = FALSE;
2502 interfacePriv->m4_hostTag = 0xffffffff;
2511 * ---------------------------------------------------------------------------
2514 * Reformat a UniFi data received packet into a p80211 packet and
2515 * pass it up the protocol stack.
2522 * ---------------------------------------------------------------------------
2524 static void process_ma_packet_ind(unifi_priv_t *priv, CSR_SIGNAL *signal, bulk_data_param_t *bulkdata)
2527 bulk_data_desc_t *pData;
2528 CSR_MA_PACKET_INDICATION *pkt_ind = (CSR_MA_PACKET_INDICATION*)&signal->u.MaPacketIndication;
2529 struct sk_buff *skb;
2531 netInterface_priv_t *interfacePriv;
2532 u8 da[ETH_ALEN], sa[ETH_ALEN];
2533 u8 *bssid = NULL, *ba_addr = NULL;
2534 u8 toDs, fromDs, frameType;
2537 #ifdef CSR_SUPPORT_SME
2538 u8 dataFrameType = 0;
2539 u8 powerSaveChanged = FALSE;
2541 CsrWifiRouterCtrlStaInfo_t *srcStaInfo = NULL;
2548 interfaceTag = (pkt_ind->VirtualInterfaceIdentifier & 0xff);
2549 interfacePriv = priv->interfacePriv[interfaceTag];
2552 /* Sanity check that the VIF refers to a sensible interface */
2553 if (interfaceTag >= CSR_WIFI_NUM_INTERFACES)
2555 unifi_error(priv, "%s: MA-PACKET indication with bad interfaceTag %d\n", __FUNCTION__, interfaceTag);
2556 unifi_net_data_free(priv,&bulkdata->d[0]);
2561 /* Sanity check that the VIF refers to an allocated netdev */
2562 if (!interfacePriv->netdev_registered)
2564 unifi_error(priv, "%s: MA-PACKET indication with unallocated interfaceTag %d\n", __FUNCTION__, interfaceTag);
2565 unifi_net_data_free(priv, &bulkdata->d[0]);
2570 if (bulkdata->d[0].data_length == 0) {
2571 unifi_warning(priv, "%s: MA-PACKET indication with zero bulk data\n", __FUNCTION__);
2572 unifi_net_data_free(priv,&bulkdata->d[0]);
2576 /* For monitor mode we need to pass this indication to the registered application
2577 handle this seperately*/
2578 /* MIC failure is already taken care of so no need to send the PDUs which are not successfully received in non-monitor mode*/
2579 if(pkt_ind->ReceptionStatus != CSR_RX_SUCCESS)
2581 unifi_warning(priv, "%s: MA-PACKET indication with status = %d\n",__FUNCTION__, pkt_ind->ReceptionStatus);
2582 unifi_net_data_free(priv,&bulkdata->d[0]);
2588 skb = (struct sk_buff*)bulkdata->d[0].os_net_buf_ptr;
2589 skb->len = bulkdata->d[0].data_length;
2591 /* Point to the addresses */
2592 toDs = (skb->data[1] & 0x01) ? 1 : 0;
2593 fromDs = (skb->data[1] & 0x02) ? 1 : 0;
2595 memcpy(da,(skb->data+4+toDs*12),ETH_ALEN);/* Address1 or 3 */
2596 memcpy(sa,(skb->data+10+fromDs*(6+toDs*8)),ETH_ALEN); /* Address2, 3 or 4 */
2598 /* Find the BSSID, which will be used to match the BA session */
2601 unifi_trace(priv, UDBG6, "4 address frame - don't try to find BSSID\n");
2606 bssid = (u8 *) (skb->data + 4 + 12 - (fromDs * 6) - (toDs * 12));
2609 pData = &bulkdata->d[0];
2610 frameControl = CSR_GET_UINT16_FROM_LITTLE_ENDIAN(pData->os_data_ptr);
2611 frameType = ((frameControl & 0x000C) >> 2);
2613 unifi_trace(priv, UDBG3, "Rx Frame Type: %d sn: %d\n",frameType,
2614 (le16_to_cpu(*((u16*)(bulkdata->d[0].os_data_ptr + IEEE802_11_SEQUENCE_CONTROL_OFFSET))) >> 4) & 0xfff);
2615 if(frameType == IEEE802_11_FRAMETYPE_CONTROL){
2616 #ifdef CSR_SUPPORT_SME
2617 unifi_trace(priv, UDBG6, "%s: Received Control Frame\n", __FUNCTION__);
2619 if((frameControl & 0x00f0) == 0x00A0){
2620 /* This is a PS-POLL request */
2621 u8 pmBit = (frameControl & 0x1000)?0x01:0x00;
2622 unifi_trace(priv, UDBG6, "%s: Received PS-POLL Frame\n", __FUNCTION__);
2624 uf_process_ps_poll(priv,sa,da,pmBit,interfaceTag);
2627 unifi_warning(priv, "%s: Non PS-POLL control frame is received\n", __FUNCTION__);
2630 unifi_net_data_free(priv,&bulkdata->d[0]);
2634 if(frameType != IEEE802_11_FRAMETYPE_DATA) {
2635 unifi_warning(priv, "%s: Non control Non Data frame is received\n",__FUNCTION__);
2636 unifi_net_data_free(priv,&bulkdata->d[0]);
2641 #ifdef CSR_SUPPORT_SME
2642 if((interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_AP) ||
2643 (interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_P2PGO)){
2645 srcStaInfo = CsrWifiRouterCtrlGetStationRecordFromPeerMacAddress(priv,sa,interfaceTag);
2647 if(srcStaInfo == NULL) {
2648 CsrWifiMacAddress peerMacAddress;
2649 /* Unknown data PDU */
2650 memcpy(peerMacAddress.a,sa,ETH_ALEN);
2651 unifi_trace(priv, UDBG1, "%s: Unexpected frame from peer = %x:%x:%x:%x:%x:%x\n", __FUNCTION__,
2652 sa[0], sa[1],sa[2], sa[3], sa[4],sa[5]);
2653 CsrWifiRouterCtrlUnexpectedFrameIndSend(priv->CSR_WIFI_SME_IFACEQUEUE,0,interfaceTag,peerMacAddress);
2654 unifi_net_data_free(priv, &bulkdata->d[0]);
2660 verify power management bit here so as to ensure host and unifi are always
2661 in sync with power management status of peer.
2663 If we do it later, it may so happen we have stored the frame in BA re-ordering
2664 buffer and hence host and unifi are out of sync for power management status
2667 pmBit = (frameControl & 0x1000)?0x01:0x00;
2668 powerSaveChanged = uf_process_pm_bit_for_peer(priv,srcStaInfo,pmBit,interfaceTag);
2670 /* Update station last activity time */
2671 srcStaInfo->activity_flag = TRUE;
2673 /* For Qos Frame if PM bit is toggled to indicate the change in power save state then it shall not be
2674 considered as Trigger Frame. Enter only if WMM STA and peer is in Power save */
2676 dataFrameType = ((frameControl & 0x00f0) >> 4);
2678 if((powerSaveChanged == FALSE)&&(srcStaInfo->wmmOrQosEnabled == TRUE)&&
2679 (srcStaInfo->currentPeerState == CSR_WIFI_ROUTER_CTRL_PEER_CONNECTED_POWER_SAVE)){
2681 if((dataFrameType == QOS_DATA) || (dataFrameType == QOS_DATA_NULL)){
2684 * QoS control field is offset from frame control by 2 (frame control)
2685 * + 2 (duration/ID) + 2 (sequence control) + 3*ETH_ALEN or 4*ETH_ALEN
2687 if((frameControl & IEEE802_11_FC_TO_DS_MASK) && (frameControl & IEEE802_11_FC_FROM_DS_MASK)){
2688 qosControl= CSR_GET_UINT16_FROM_LITTLE_ENDIAN(pData->os_data_ptr + 30);
2691 qosControl = CSR_GET_UINT16_FROM_LITTLE_ENDIAN(pData->os_data_ptr + 24);
2693 unifi_trace(priv, UDBG5, "%s: Check if U-APSD operations are triggered for qosControl: 0x%x\n",__FUNCTION__,qosControl);
2694 uf_process_wmm_deliver_ac_uapsd(priv,srcStaInfo,qosControl,interfaceTag);
2701 if( ((frameControl & 0x00f0) >> 4) == QOS_DATA) {
2702 u8 *qos_control_ptr = (u8*)bulkdata->d[0].os_data_ptr + (((frameControl & IEEE802_11_FC_TO_DS_MASK) && (frameControl & IEEE802_11_FC_FROM_DS_MASK))?30: 24);
2703 int tID = *qos_control_ptr & IEEE802_11_QC_TID_MASK; /* using ls octet of qos control */
2704 ba_session_rx_struct *ba_session;
2705 u8 ba_session_idx = 0;
2706 /* Get the BA originator address */
2707 if(interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_AP ||
2708 interfacePriv->interfaceMode == CSR_WIFI_ROUTER_CTRL_MODE_P2PGO){
2714 down(&priv->ba_mutex);
2715 for (ba_session_idx=0; ba_session_idx < MAX_SUPPORTED_BA_SESSIONS_RX; ba_session_idx++){
2716 ba_session = interfacePriv->ba_session_rx[ba_session_idx];
2718 unifi_trace(priv, UDBG6, "found ba_session=0x%x ba_session_idx=%d", ba_session, ba_session_idx);
2719 if ((!memcmp(ba_session->macAddress.a, ba_addr, ETH_ALEN)) && (ba_session->tID == tID)){
2720 frame_desc_struct frame_desc;
2721 frame_desc.bulkdata = *bulkdata;
2722 frame_desc.signal = *signal;
2723 frame_desc.sn = (le16_to_cpu(*((u16*)(bulkdata->d[0].os_data_ptr + IEEE802_11_SEQUENCE_CONTROL_OFFSET))) >> 4) & 0xfff;
2724 frame_desc.active = TRUE;
2725 unifi_trace(priv, UDBG6, "%s: calling process_ba_frame (session=%d)\n", __FUNCTION__, ba_session_idx);
2726 process_ba_frame(priv, interfacePriv, ba_session, &frame_desc);
2727 up(&priv->ba_mutex);
2728 process_ba_complete(priv, interfacePriv);
2733 if (ba_session_idx == MAX_SUPPORTED_BA_SESSIONS_RX){
2734 up(&priv->ba_mutex);
2735 unifi_trace(priv, UDBG6, "%s: calling process_amsdu()", __FUNCTION__);
2736 process_amsdu(priv, signal, bulkdata);
2739 unifi_trace(priv, UDBG6, "calling unifi_rx()");
2740 unifi_rx(priv, signal, bulkdata);
2743 /* check if the frames in reorder buffer has aged, the check
2744 * is done after receive processing so that if the missing frame
2745 * has arrived in this receive process, then it is handled cleanly.
2747 * And also this code here takes care that timeout check is made for all
2748 * the receive indications
2750 down(&priv->ba_mutex);
2751 for (i=0; i < MAX_SUPPORTED_BA_SESSIONS_RX; i++){
2752 ba_session_rx_struct *ba_session;
2753 ba_session = interfacePriv->ba_session_rx[i];
2755 check_ba_frame_age_timeout(priv, interfacePriv, ba_session);
2758 up(&priv->ba_mutex);
2759 process_ba_complete(priv, interfacePriv);
2764 * ---------------------------------------------------------------------------
2765 * uf_set_multicast_list
2767 * This function is called by the higher level stack to set
2768 * a list of multicast rx addresses.
2771 * dev Network Device pointer.
2777 * ---------------------------------------------------------------------------
2781 uf_set_multicast_list(struct net_device *dev)
2783 netInterface_priv_t *interfacePriv = (netInterface_priv_t *)netdev_priv(dev);
2784 unifi_priv_t *priv = interfacePriv->privPtr;
2786 #ifdef CSR_NATIVE_LINUX
2787 unifi_trace(priv, UDBG3, "uf_set_multicast_list unsupported\n");
2791 u8 *mc_list = interfacePriv->mc_list;
2792 struct netdev_hw_addr *mc_addr;
2795 if (priv->init_progress != UNIFI_INIT_COMPLETED) {
2799 mc_addr_count = netdev_mc_count(dev);
2801 unifi_trace(priv, UDBG3,
2802 "uf_set_multicast_list (count=%d)\n", mc_addr_count);
2805 /* Not enough space? */
2806 if (mc_addr_count > UNIFI_MAX_MULTICAST_ADDRESSES) {
2810 /* Store the list to be processed by the work item. */
2811 interfacePriv->mc_list_count = mc_addr_count;
2812 netdev_hw_addr_list_for_each(mc_addr, &dev->mc) {
2813 memcpy(mc_list, mc_addr->addr, ETH_ALEN);
2814 mc_list += ETH_ALEN;
2817 /* Send a message to the workqueue */
2818 queue_work(priv->unifi_workqueue, &priv->multicast_list_task);
2821 } /* uf_set_multicast_list() */
2824 * ---------------------------------------------------------------------------
2825 * netdev_mlme_event_handler
2827 * Callback function to be used as the udi_event_callback when registering
2828 * as a netdev client.
2829 * To use it, a client specifies this function as the udi_event_callback
2830 * to ul_register_client(). The signal dispatcher in
2831 * unifi_receive_event() will call this function to deliver a signal.
2834 * pcli Pointer to the client instance.
2835 * signal Pointer to the received signal.
2836 * signal_len Size of the signal structure in bytes.
2837 * bulkdata Pointer to structure containing any associated bulk data.
2838 * dir Direction of the signal. Zero means from host,
2839 * non-zero means to host.
2843 * ---------------------------------------------------------------------------
2846 netdev_mlme_event_handler(ul_client_t *pcli, const u8 *sig_packed, int sig_len,
2847 const bulk_data_param_t *bulkdata_o, int dir)
2850 unifi_priv_t *priv = uf_find_instance(pcli->instance);
2852 bulk_data_param_t bulkdata;
2856 /* Just a sanity check */
2857 if (sig_packed == NULL) {
2862 * This copy is to silence a compiler warning about discarding the
2865 bulkdata = *bulkdata_o;
2867 /* Get the unpacked signal */
2868 r = read_unpack_signal(sig_packed, &signal);
2871 * The CSR_MLME_CONNECTED_INDICATION_ID has a receiverID=0 so will
2872 * fall through this case. It is safe to ignore this signal.
2874 unifi_trace(priv, UDBG1,
2875 "Netdev - Received unknown signal 0x%.4X.\n",
2876 CSR_GET_UINT16_FROM_LITTLE_ENDIAN(sig_packed));
2880 id = signal.SignalPrimitiveHeader.SignalId;
2881 unifi_trace(priv, UDBG3, "Netdev - Process signal 0x%.4X\n", id);
2884 * Take the appropriate action for the signal.
2887 case CSR_MA_PACKET_ERROR_INDICATION_ID:
2888 process_ma_packet_error_ind(priv, &signal, &bulkdata);
2890 case CSR_MA_PACKET_INDICATION_ID:
2891 process_ma_packet_ind(priv, &signal, &bulkdata);
2893 case CSR_MA_PACKET_CONFIRM_ID:
2894 process_ma_packet_cfm(priv, &signal, &bulkdata);
2896 #ifdef CSR_SUPPORT_SME
2897 case CSR_MLME_SET_TIM_CONFIRM_ID:
2898 /* Handle TIM confirms from FW & set the station record's TIM state appropriately,
2899 * In case of failures, tries with max_retransmit limit
2901 uf_handle_tim_cfm(priv, &signal.u.MlmeSetTimConfirm, signal.SignalPrimitiveHeader.ReceiverProcessId);
2904 case CSR_DEBUG_STRING_INDICATION_ID:
2905 debug_string_indication(priv, bulkdata.d[0].os_data_ptr, bulkdata.d[0].data_length);
2908 case CSR_DEBUG_WORD16_INDICATION_ID:
2909 debug_word16_indication(priv, &signal);
2912 case CSR_DEBUG_GENERIC_CONFIRM_ID:
2913 case CSR_DEBUG_GENERIC_INDICATION_ID:
2914 debug_generic_indication(priv, &signal);
2921 } /* netdev_mlme_event_handler() */
2925 * ---------------------------------------------------------------------------
2928 * Retrieve the name (e.g. eth1) associated with this network device
2931 * dev Pointer to the network device.
2932 * name Buffer to write name
2933 * len Size of buffer in bytes
2939 * ---------------------------------------------------------------------------
2941 void uf_net_get_name(struct net_device *dev, char *name, int len)
2945 strlcpy(name, dev->name, (len > IFNAMSIZ) ? IFNAMSIZ : len);
2948 } /* uf_net_get_name */
2950 #ifdef CSR_SUPPORT_WEXT
2953 * ---------------------------------------------------------------------------
2956 * Callback function to handle netdev state changes
2959 * notif Pointer to a notifier_block.
2960 * event Event prompting notification
2961 * ptr net_device pointer
2967 * The event handler is global, and may occur on non-UniFi netdevs.
2968 * ---------------------------------------------------------------------------
2971 uf_netdev_event(struct notifier_block *notif, unsigned long event, void* ptr) {
2972 struct net_device *netdev = ptr;
2973 netInterface_priv_t *interfacePriv = (netInterface_priv_t *)netdev_priv(netdev);
2974 unifi_priv_t *priv = NULL;
2975 static const CsrWifiMacAddress broadcast_address = {{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}};
2977 /* Check that the event is for a UniFi netdev. If it's not, the netdev_priv
2978 * structure is not safe to use.
2980 if (uf_find_netdev_priv(interfacePriv) == -1) {
2981 unifi_trace(NULL, UDBG1, "uf_netdev_event: ignore e=%d, ptr=%p, priv=%p %s\n",
2982 event, ptr, interfacePriv, netdev->name);
2988 priv = interfacePriv->privPtr;
2989 unifi_trace(priv, UDBG1, "NETDEV_CHANGE: %p %s %s waiting for it\n",
2992 interfacePriv->wait_netdev_change ? "" : "not");
2994 if (interfacePriv->wait_netdev_change) {
2995 UF_NETIF_TX_WAKE_ALL_QUEUES(priv->netdev[interfacePriv->InterfaceTag]);
2996 interfacePriv->connected = UnifiConnected;
2997 interfacePriv->wait_netdev_change = FALSE;
2998 /* Note: passing the broadcast address here will allow anyone to attempt to join our adhoc network */
2999 uf_process_rx_pending_queue(priv, UF_UNCONTROLLED_PORT_Q, broadcast_address, 1,interfacePriv->InterfaceTag);
3000 uf_process_rx_pending_queue(priv, UF_CONTROLLED_PORT_Q, broadcast_address, 1,interfacePriv->InterfaceTag);
3010 static struct notifier_block uf_netdev_notifier = {
3011 .notifier_call = uf_netdev_event,
3013 #endif /* CSR_SUPPORT_WEXT */
3017 process_amsdu(unifi_priv_t *priv, CSR_SIGNAL *signal, bulk_data_param_t *bulkdata)
3020 u32 length = bulkdata->d[0].data_length;
3021 u32 subframe_length, subframe_body_length, dot11_hdr_size;
3023 bulk_data_param_t subframe_bulkdata;
3024 u8 *dot11_hdr_ptr = (u8*)bulkdata->d[0].os_data_ptr;
3025 CsrResult csrResult;
3027 u8 *qos_control_ptr;
3029 frameControl = le16_to_cpu(*((u16*)dot11_hdr_ptr));
3030 qos_control_ptr = dot11_hdr_ptr + (((frameControl & IEEE802_11_FC_TO_DS_MASK) && (frameControl & IEEE802_11_FC_FROM_DS_MASK))?30: 24);
3031 if(!(*qos_control_ptr & IEEE802_11_QC_A_MSDU_PRESENT)) {
3032 unifi_trace(priv, UDBG6, "%s: calling unifi_rx()", __FUNCTION__);
3033 unifi_rx(priv, signal, bulkdata);
3036 *qos_control_ptr &= ~(IEEE802_11_QC_A_MSDU_PRESENT);
3038 ptr = qos_control_ptr + 2;
3039 offset = dot11_hdr_size = ptr - dot11_hdr_ptr;
3041 while(length > (offset + sizeof(struct ethhdr) + sizeof(llc_snap_hdr_t))) {
3042 subframe_body_length = ntohs(((struct ethhdr*)ptr)->h_proto);
3043 if(subframe_body_length > IEEE802_11_MAX_DATA_LEN) {
3044 unifi_error(priv, "%s: bad subframe_body_length = %d\n", __FUNCTION__, subframe_body_length);
3047 subframe_length = sizeof(struct ethhdr) + subframe_body_length;
3048 memset(&subframe_bulkdata, 0, sizeof(bulk_data_param_t));
3050 csrResult = unifi_net_data_malloc(priv, &subframe_bulkdata.d[0], dot11_hdr_size + subframe_body_length);
3052 if (csrResult != CSR_RESULT_SUCCESS) {
3053 unifi_error(priv, "%s: unifi_net_data_malloc failed\n", __FUNCTION__);
3057 memcpy((u8*)subframe_bulkdata.d[0].os_data_ptr, dot11_hdr_ptr, dot11_hdr_size);
3060 /* When to DS=0 and from DS=0, address 3 will already have BSSID so no need to re-program */
3061 if ((frameControl & IEEE802_11_FC_TO_DS_MASK) && !(frameControl & IEEE802_11_FC_FROM_DS_MASK)){
3062 memcpy((u8*)subframe_bulkdata.d[0].os_data_ptr + IEEE802_11_ADDR3_OFFSET, ((struct ethhdr*)ptr)->h_dest, ETH_ALEN);
3064 else if (!(frameControl & IEEE802_11_FC_TO_DS_MASK) && (frameControl & IEEE802_11_FC_FROM_DS_MASK)){
3065 memcpy((u8*)subframe_bulkdata.d[0].os_data_ptr + IEEE802_11_ADDR3_OFFSET,
3066 ((struct ethhdr*)ptr)->h_source,
3070 memcpy((u8*)subframe_bulkdata.d[0].os_data_ptr + dot11_hdr_size,
3071 ptr + sizeof(struct ethhdr),
3072 subframe_body_length);
3073 unifi_trace(priv, UDBG6, "%s: calling unifi_rx. length = %d subframe_length = %d\n", __FUNCTION__, length, subframe_length);
3074 unifi_rx(priv, signal, &subframe_bulkdata);
3076 subframe_length = (subframe_length + 3)&(~0x3);
3077 ptr += subframe_length;
3078 offset += subframe_length;
3080 unifi_net_data_free(priv, &bulkdata->d[0]);
3084 #define SN_TO_INDEX(__ba_session, __sn) (((__sn - __ba_session->start_sn) & 0xFFF) % __ba_session->wind_size)
3087 #define ADVANCE_EXPECTED_SN(__ba_session) \
3089 __ba_session->expected_sn++; \
3090 __ba_session->expected_sn &= 0xFFF; \
3093 #define FREE_BUFFER_SLOT(__ba_session, __index) \
3095 __ba_session->occupied_slots--; \
3096 __ba_session->buffer[__index].active = FALSE; \
3097 ADVANCE_EXPECTED_SN(__ba_session); \
3100 static void add_frame_to_ba_complete(unifi_priv_t *priv,
3101 netInterface_priv_t *interfacePriv,
3102 frame_desc_struct *frame_desc)
3104 interfacePriv->ba_complete[interfacePriv->ba_complete_index] = *frame_desc;
3105 interfacePriv->ba_complete_index++;
3109 static void update_expected_sn(unifi_priv_t *priv,
3110 netInterface_priv_t *interfacePriv,
3111 ba_session_rx_struct *ba_session,
3117 gap = (sn - ba_session->expected_sn) & 0xFFF;
3118 unifi_trace(priv, UDBG6, "%s: proccess the frames up to new_expected_sn = %d gap = %d\n", __FUNCTION__, sn, gap);
3119 for(j = 0; j < gap && j < ba_session->wind_size; j++) {
3120 i = SN_TO_INDEX(ba_session, ba_session->expected_sn);
3121 unifi_trace(priv, UDBG6, "%s: proccess the slot index = %d\n", __FUNCTION__, i);
3122 if(ba_session->buffer[i].active) {
3123 add_frame_to_ba_complete(priv, interfacePriv, &ba_session->buffer[i]);
3124 unifi_trace(priv, UDBG6, "%s: proccess the frame at index = %d expected_sn = %d\n", __FUNCTION__, i, ba_session->expected_sn);
3125 FREE_BUFFER_SLOT(ba_session, i);
3127 unifi_trace(priv, UDBG6, "%s: empty slot at index = %d\n", __FUNCTION__, i);
3128 ADVANCE_EXPECTED_SN(ba_session);
3131 ba_session->expected_sn = sn;
3135 static void complete_ready_sequence(unifi_priv_t *priv,
3136 netInterface_priv_t *interfacePriv,
3137 ba_session_rx_struct *ba_session)
3141 i = SN_TO_INDEX(ba_session, ba_session->expected_sn);
3142 while (ba_session->buffer[i].active) {
3143 add_frame_to_ba_complete(priv, interfacePriv, &ba_session->buffer[i]);
3144 unifi_trace(priv, UDBG6, "%s: completed stored frame(expected_sn=%d) at i = %d\n", __FUNCTION__, ba_session->expected_sn, i);
3145 FREE_BUFFER_SLOT(ba_session, i);
3146 i = SN_TO_INDEX(ba_session, ba_session->expected_sn);
3151 void scroll_ba_window(unifi_priv_t *priv,
3152 netInterface_priv_t *interfacePriv,
3153 ba_session_rx_struct *ba_session,
3156 if(((sn - ba_session->expected_sn) & 0xFFF) <= 2048) {
3157 update_expected_sn(priv, interfacePriv, ba_session, sn);
3158 complete_ready_sequence(priv, interfacePriv, ba_session);
3163 static int consume_frame_or_get_buffer_index(unifi_priv_t *priv,
3164 netInterface_priv_t *interfacePriv,
3165 ba_session_rx_struct *ba_session,
3167 frame_desc_struct *frame_desc) {
3171 if(((sn - ba_session->expected_sn) & 0xFFF) <= 2048) {
3173 /* once we are in BA window, set the flag for BA trigger */
3174 if(!ba_session->trigger_ba_after_ssn){
3175 ba_session->trigger_ba_after_ssn = TRUE;
3178 sn_temp = ba_session->expected_sn + ba_session->wind_size;
3179 unifi_trace(priv, UDBG6, "%s: new frame: sn=%d\n", __FUNCTION__, sn);
3180 if(!(((sn - sn_temp) & 0xFFF) > 2048)) {
3181 u16 new_expected_sn;
3182 unifi_trace(priv, UDBG6, "%s: frame is out of window\n", __FUNCTION__);
3183 sn_temp = (sn - ba_session->wind_size) & 0xFFF;
3184 new_expected_sn = (sn_temp + 1) & 0xFFF;
3185 update_expected_sn(priv, interfacePriv, ba_session, new_expected_sn);
3188 if (sn == ba_session->expected_sn) {
3189 unifi_trace(priv, UDBG6, "%s: sn = ba_session->expected_sn = %d\n", __FUNCTION__, sn);
3190 ADVANCE_EXPECTED_SN(ba_session);
3191 add_frame_to_ba_complete(priv, interfacePriv, frame_desc);
3193 i = SN_TO_INDEX(ba_session, sn);
3194 unifi_trace(priv, UDBG6, "%s: sn(%d) != ba_session->expected_sn(%d), i = %d\n", __FUNCTION__, sn, ba_session->expected_sn, i);
3195 if (ba_session->buffer[i].active) {
3196 unifi_trace(priv, UDBG6, "%s: free frame at i = %d\n", __FUNCTION__, i);
3198 unifi_net_data_free(priv, &frame_desc->bulkdata.d[0]);
3203 if(!ba_session->trigger_ba_after_ssn){
3204 unifi_trace(priv, UDBG6, "%s: frame before ssn, pass it up: sn=%d\n", __FUNCTION__, sn);
3205 add_frame_to_ba_complete(priv, interfacePriv, frame_desc);
3207 unifi_trace(priv, UDBG6, "%s: old frame, drop: sn=%d, expected_sn=%d\n", __FUNCTION__, sn, ba_session->expected_sn);
3208 unifi_net_data_free(priv, &frame_desc->bulkdata.d[0]);
3216 static void process_ba_frame(unifi_priv_t *priv,
3217 netInterface_priv_t *interfacePriv,
3218 ba_session_rx_struct *ba_session,
3219 frame_desc_struct *frame_desc)
3222 u16 sn = frame_desc->sn;
3224 if (ba_session->timeout) {
3225 mod_timer(&ba_session->timer, (jiffies + usecs_to_jiffies((ba_session->timeout) * 1024)));
3227 unifi_trace(priv, UDBG6, "%s: got frame(sn=%d)\n", __FUNCTION__, sn);
3229 i = consume_frame_or_get_buffer_index(priv, interfacePriv, ba_session, sn, frame_desc);
3231 unifi_trace(priv, UDBG6, "%s: store frame(sn=%d) at i = %d\n", __FUNCTION__, sn, i);
3232 ba_session->buffer[i] = *frame_desc;
3233 ba_session->buffer[i].recv_time = CsrTimeGet(NULL);
3234 ba_session->occupied_slots++;
3236 unifi_trace(priv, UDBG6, "%s: frame consumed - sn = %d\n", __FUNCTION__, sn);
3238 complete_ready_sequence(priv, interfacePriv, ba_session);
3242 static void process_ba_complete(unifi_priv_t *priv, netInterface_priv_t *interfacePriv)
3244 frame_desc_struct *frame_desc;
3247 for(i = 0; i < interfacePriv->ba_complete_index; i++) {
3248 frame_desc = &interfacePriv->ba_complete[i];
3249 unifi_trace(priv, UDBG6, "%s: calling process_amsdu()\n", __FUNCTION__);
3250 process_amsdu(priv, &frame_desc->signal, &frame_desc->bulkdata);
3252 interfacePriv->ba_complete_index = 0;
3257 /* Check if the frames in BA reoder buffer has aged and
3258 * if so release the frames to upper processes and move
3261 static void check_ba_frame_age_timeout( unifi_priv_t *priv,
3262 netInterface_priv_t *interfacePriv,
3263 ba_session_rx_struct *ba_session)
3270 /* gap is started at 1 because we have buffered frames and
3271 * hence a minimum gap of 1 exists
3275 now = CsrTimeGet(NULL);
3277 if (ba_session->occupied_slots)
3279 /* expected sequence has not arrived so start searching from next
3280 * sequence number until a frame is available and determine the gap.
3281 * Check if the frame available has timedout, if so advance the
3282 * expected sequence number and release the frames
3284 sn_temp = (ba_session->expected_sn + 1) & 0xFFF;
3286 for(j = 0; j < ba_session->wind_size; j++)
3288 i = SN_TO_INDEX(ba_session, sn_temp);
3290 if(ba_session->buffer[i].active)
3292 unifi_trace(priv, UDBG6, "check age at slot index = %d sn = %d recv_time = %u now = %u\n",
3294 ba_session->buffer[i].sn,
3295 ba_session->buffer[i].recv_time,
3298 if (ba_session->buffer[i].recv_time > now)
3301 age = CsrTimeAdd((CsrTime)CsrTimeSub(CSR_SCHED_TIME_MAX, ba_session->buffer[i].recv_time), now);
3305 age = (CsrTime)CsrTimeSub(now, ba_session->buffer[i].recv_time);
3308 if (age >= CSR_WIFI_BA_MPDU_FRAME_AGE_TIMEOUT)
3310 unifi_trace(priv, UDBG2, "release the frame at index = %d gap = %d expected_sn = %d sn = %d\n",
3313 ba_session->expected_sn,
3314 ba_session->buffer[i].sn);
3316 /* if it has timedout don't wait for missing frames, move the window */
3319 ADVANCE_EXPECTED_SN(ba_session);
3321 add_frame_to_ba_complete(priv, interfacePriv, &ba_session->buffer[i]);
3322 FREE_BUFFER_SLOT(ba_session, i);
3323 complete_ready_sequence(priv, interfacePriv, ba_session);
3330 /* advance temp sequence number and frame gap */
3331 sn_temp = (sn_temp + 1) & 0xFFF;
3339 static void process_ma_packet_error_ind(unifi_priv_t *priv, CSR_SIGNAL *signal, bulk_data_param_t *bulkdata)
3342 const CSR_MA_PACKET_ERROR_INDICATION *pkt_err_ind = &signal->u.MaPacketErrorIndication;
3343 netInterface_priv_t *interfacePriv;
3344 ba_session_rx_struct *ba_session;
3345 u8 ba_session_idx = 0;
3346 CSR_PRIORITY UserPriority;
3347 CSR_SEQUENCE_NUMBER sn;
3351 interfaceTag = (pkt_err_ind->VirtualInterfaceIdentifier & 0xff);
3354 /* Sanity check that the VIF refers to a sensible interface */
3355 if (interfaceTag >= CSR_WIFI_NUM_INTERFACES)
3357 unifi_error(priv, "%s: MaPacketErrorIndication indication with bad interfaceTag %d\n", __FUNCTION__, interfaceTag);
3362 interfacePriv = priv->interfacePriv[interfaceTag];
3363 UserPriority = pkt_err_ind->UserPriority;
3364 if(UserPriority > 15) {
3365 unifi_error(priv, "%s: MaPacketErrorIndication indication with bad UserPriority=%d\n", __FUNCTION__, UserPriority);
3368 sn = pkt_err_ind->SequenceNumber;
3370 down(&priv->ba_mutex);
3371 /* To find the right ba_session loop through the BA sessions, compare MAC address and tID */
3372 for (ba_session_idx=0; ba_session_idx < MAX_SUPPORTED_BA_SESSIONS_RX; ba_session_idx++){
3373 ba_session = interfacePriv->ba_session_rx[ba_session_idx];
3375 if ((!memcmp(ba_session->macAddress.a, pkt_err_ind->PeerQstaAddress.x, ETH_ALEN)) && (ba_session->tID == UserPriority)){
3376 if (ba_session->timeout) {
3377 mod_timer(&ba_session->timer, (jiffies + usecs_to_jiffies((ba_session->timeout) * 1024)));
3379 scroll_ba_window(priv, interfacePriv, ba_session, sn);
3385 up(&priv->ba_mutex);
3386 process_ba_complete(priv, interfacePriv);