drivers/net/wireless/marvell/mwifiex/sta_rx.c

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  * NXP Wireless LAN device driver: station RX data handling
   4  *
   5  * Copyright 2011-2020 NXP
   6  */
   7
   8 #include <uapi/linux/ipv6.h>
   9 #include <net/ndisc.h>
  10 #include "decl.h"
  11 #include "ioctl.h"
  12 #include "util.h"
  13 #include "fw.h"
  14 #include "main.h"
  15 #include "11n_aggr.h"
  16 #include "11n_rxreorder.h"
  17
  18 /* This function checks if a frame is IPv4 ARP or IPv6 Neighbour advertisement
  19  * frame. If frame has both source and destination mac address as same, this
  20  * function drops such gratuitous frames.
  21  */
  22 static bool
  23 mwifiex_discard_gratuitous_arp(struct mwifiex_private *priv,
  24                                struct sk_buff *skb)
  25 {
  26         const struct mwifiex_arp_eth_header *arp;
  27         struct ethhdr *eth;
  28         struct ipv6hdr *ipv6;
  29         struct icmp6hdr *icmpv6;
  30
  31         eth = (struct ethhdr *)skb->data;
  32         switch (ntohs(eth->h_proto)) {
  33         case ETH_P_ARP:
  34                 arp = (void *)(skb->data + sizeof(struct ethhdr));
  35                 if (arp->hdr.ar_op == htons(ARPOP_REPLY) ||
  36                     arp->hdr.ar_op == htons(ARPOP_REQUEST)) {
  37                         if (!memcmp(arp->ar_sip, arp->ar_tip, 4))
  38                                 return true;
  39                 }
  40                 break;
  41         case ETH_P_IPV6:
  42                 ipv6 = (void *)(skb->data + sizeof(struct ethhdr));
  43                 icmpv6 = (void *)(skb->data + sizeof(struct ethhdr) +
  44                                   sizeof(struct ipv6hdr));
  45                 if (NDISC_NEIGHBOUR_ADVERTISEMENT == icmpv6->icmp6_type) {
  46                         if (!memcmp(&ipv6->saddr, &ipv6->daddr,
  47                                     sizeof(struct in6_addr)))
  48                                 return true;
  49                 }
  50                 break;
  51         default:
  52                 break;
  53         }
  54
  55         return false;
  56 }
  57
  58 /*
  59  * This function processes the received packet and forwards it
  60  * to kernel/upper layer.
  61  *
  62  * This function parses through the received packet and determines
  63  * if it is a debug packet or normal packet.
  64  *
  65  * For non-debug packets, the function chops off unnecessary leading
  66  * header bytes, reconstructs the packet as an ethernet frame or
  67  * 802.2/llc/snap frame as required, and sends it to kernel/upper layer.
  68  *
  69  * The completion callback is called after processing in complete.
  70  */
  71 int mwifiex_process_rx_packet(struct mwifiex_private *priv,
  72                               struct sk_buff *skb)
  73 {
  74         int ret;
  75         struct rx_packet_hdr *rx_pkt_hdr;
  76         struct rxpd *local_rx_pd;
  77         int hdr_chop;
  78         struct ethhdr *eth;
  79         u16 rx_pkt_off, rx_pkt_len;
  80         u8 *offset;
  81         u8 adj_rx_rate = 0;
  82
  83         local_rx_pd = (struct rxpd *) (skb->data);
  84
  85         rx_pkt_off = le16_to_cpu(local_rx_pd->rx_pkt_offset);
  86         rx_pkt_len = le16_to_cpu(local_rx_pd->rx_pkt_length);
  87         rx_pkt_hdr = (void *)local_rx_pd + rx_pkt_off;
  88
  89         if (sizeof(*rx_pkt_hdr) + rx_pkt_off > skb->len) {
  90                 mwifiex_dbg(priv->adapter, ERROR,
  91                             "wrong rx packet offset: len=%d, rx_pkt_off=%d\n",
  92                             skb->len, rx_pkt_off);
  93                 priv->stats.rx_dropped++;
  94                 dev_kfree_skb_any(skb);
  95                 return -1;
  96         }
  97
  98         if ((!memcmp(&rx_pkt_hdr->rfc1042_hdr, bridge_tunnel_header,
  99                      sizeof(bridge_tunnel_header))) ||
 100             (!memcmp(&rx_pkt_hdr->rfc1042_hdr, rfc1042_header,
 101                      sizeof(rfc1042_header)) &&
 102              ntohs(rx_pkt_hdr->rfc1042_hdr.snap_type) != ETH_P_AARP &&
 103              ntohs(rx_pkt_hdr->rfc1042_hdr.snap_type) != ETH_P_IPX)) {
 104                 /*
 105                  *  Replace the 803 header and rfc1042 header (llc/snap) with an
 106                  *    EthernetII header, keep the src/dst and snap_type
 107                  *    (ethertype).
 108                  *  The firmware only passes up SNAP frames converting
 109                  *    all RX Data from 802.11 to 802.2/LLC/SNAP frames.
 110                  *  To create the Ethernet II, just move the src, dst address
 111                  *    right before the snap_type.
 112                  */
 113                 eth = (struct ethhdr *)
 114                         ((u8 *) &rx_pkt_hdr->eth803_hdr
 115                          + sizeof(rx_pkt_hdr->eth803_hdr) +
 116                          sizeof(rx_pkt_hdr->rfc1042_hdr)
 117                          - sizeof(rx_pkt_hdr->eth803_hdr.h_dest)
 118                          - sizeof(rx_pkt_hdr->eth803_hdr.h_source)
 119                          - sizeof(rx_pkt_hdr->rfc1042_hdr.snap_type));
 120
 121                 memcpy(eth->h_source, rx_pkt_hdr->eth803_hdr.h_source,
 122                        sizeof(eth->h_source));
 123                 memcpy(eth->h_dest, rx_pkt_hdr->eth803_hdr.h_dest,
 124                        sizeof(eth->h_dest));
 125
 126                 /* Chop off the rxpd + the excess memory from the 802.2/llc/snap
 127                    header that was removed. */
 128                 hdr_chop = (u8 *) eth - (u8 *) local_rx_pd;
 129         } else {
 130                 /* Chop off the rxpd */
 131                 hdr_chop = (u8 *) &rx_pkt_hdr->eth803_hdr -
 132                         (u8 *) local_rx_pd;
 133         }
 134
 135         /* Chop off the leading header bytes so the it points to the start of
 136            either the reconstructed EthII frame or the 802.2/llc/snap frame */
 137         skb_pull(skb, hdr_chop);
 138
 139         if (priv->hs2_enabled &&
 140             mwifiex_discard_gratuitous_arp(priv, skb)) {
 141                 mwifiex_dbg(priv->adapter, INFO, "Bypassed Gratuitous ARP\n");
 142                 dev_kfree_skb_any(skb);
 143                 return 0;
 144         }
 145
 146         if (ISSUPP_TDLS_ENABLED(priv->adapter->fw_cap_info) &&
 147             ntohs(rx_pkt_hdr->eth803_hdr.h_proto) == ETH_P_TDLS) {
 148                 offset = (u8 *)local_rx_pd + rx_pkt_off;
 149                 mwifiex_process_tdls_action_frame(priv, offset, rx_pkt_len);
 150         }
 151
 152         /* Only stash RX bitrate for unicast packets. */
 153         if (likely(!is_multicast_ether_addr(rx_pkt_hdr->eth803_hdr.h_dest))) {
 154                 priv->rxpd_rate = local_rx_pd->rx_rate;
 155                 priv->rxpd_htinfo = local_rx_pd->ht_info;
 156         }
 157
 158         if (GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_STA ||
 159             GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_UAP) {
 160                 adj_rx_rate = mwifiex_adjust_data_rate(priv,
 161                                                        local_rx_pd->rx_rate,
 162                                                        local_rx_pd->ht_info);
 163                 mwifiex_hist_data_add(priv, adj_rx_rate, local_rx_pd->snr,
 164                                       local_rx_pd->nf);
 165         }
 166
 167         ret = mwifiex_recv_packet(priv, skb);
 168         if (ret == -1)
 169                 mwifiex_dbg(priv->adapter, ERROR,
 170                             "recv packet failed\n");
 171
 172         return ret;
 173 }
 174
 175 /*
 176  * This function processes the received buffer.
 177  *
 178  * The function looks into the RxPD and performs sanity tests on the
 179  * received buffer to ensure its a valid packet, before processing it
 180  * further. If the packet is determined to be aggregated, it is
 181  * de-aggregated accordingly. Non-unicast packets are sent directly to
 182  * the kernel/upper layers. Unicast packets are handed over to the
 183  * Rx reordering routine if 11n is enabled.
 184  *
 185  * The completion callback is called after processing in complete.
 186  */
 187 int mwifiex_process_sta_rx_packet(struct mwifiex_private *priv,
 188                                   struct sk_buff *skb)
 189 {
 190         struct mwifiex_adapter *adapter = priv->adapter;
 191         int ret = 0;
 192         struct rxpd *local_rx_pd;
 193         struct rx_packet_hdr *rx_pkt_hdr;
 194         u8 ta[ETH_ALEN];
 195         u16 rx_pkt_type, rx_pkt_offset, rx_pkt_length, seq_num;
 196         struct mwifiex_sta_node *sta_ptr;
 197
 198         local_rx_pd = (struct rxpd *) (skb->data);
 199         rx_pkt_type = le16_to_cpu(local_rx_pd->rx_pkt_type);
 200         rx_pkt_offset = le16_to_cpu(local_rx_pd->rx_pkt_offset);
 201         rx_pkt_length = le16_to_cpu(local_rx_pd->rx_pkt_length);
 202         seq_num = le16_to_cpu(local_rx_pd->seq_num);
 203
 204         rx_pkt_hdr = (void *)local_rx_pd + rx_pkt_offset;
 205
 206         if ((rx_pkt_offset + rx_pkt_length) > skb->len ||
 207             sizeof(rx_pkt_hdr->eth803_hdr) + rx_pkt_offset > skb->len) {
 208                 mwifiex_dbg(adapter, ERROR,
 209                             "wrong rx packet: len=%d, rx_pkt_offset=%d, rx_pkt_length=%d\n",
 210                             skb->len, rx_pkt_offset, rx_pkt_length);
 211                 priv->stats.rx_dropped++;
 212                 dev_kfree_skb_any(skb);
 213                 return ret;
 214         }
 215
 216         if (rx_pkt_type == PKT_TYPE_MGMT) {
 217                 ret = mwifiex_process_mgmt_packet(priv, skb);
 218                 if (ret)
 219                         mwifiex_dbg(adapter, DATA, "Rx of mgmt packet failed");
 220                 dev_kfree_skb_any(skb);
 221                 return ret;
 222         }
 223
 224         /*
 225          * If the packet is not an unicast packet then send the packet
 226          * directly to os. Don't pass thru rx reordering
 227          */
 228         if ((!IS_11N_ENABLED(priv) &&
 229              !(ISSUPP_TDLS_ENABLED(priv->adapter->fw_cap_info) &&
 230                !(local_rx_pd->flags & MWIFIEX_RXPD_FLAGS_TDLS_PACKET))) ||
 231             !ether_addr_equal_unaligned(priv->curr_addr, rx_pkt_hdr->eth803_hdr.h_dest)) {
 232                 mwifiex_process_rx_packet(priv, skb);
 233                 return ret;
 234         }
 235
 236         if (mwifiex_queuing_ra_based(priv) ||
 237             (ISSUPP_TDLS_ENABLED(priv->adapter->fw_cap_info) &&
 238              local_rx_pd->flags & MWIFIEX_RXPD_FLAGS_TDLS_PACKET)) {
 239                 memcpy(ta, rx_pkt_hdr->eth803_hdr.h_source, ETH_ALEN);
 240                 if (local_rx_pd->flags & MWIFIEX_RXPD_FLAGS_TDLS_PACKET &&
 241                     local_rx_pd->priority < MAX_NUM_TID) {
 242                         sta_ptr = mwifiex_get_sta_entry(priv, ta);
 243                         if (sta_ptr)
 244                                 sta_ptr->rx_seq[local_rx_pd->priority] =
 245                                               le16_to_cpu(local_rx_pd->seq_num);
 246                         mwifiex_auto_tdls_update_peer_signal(priv, ta,
 247                                                              local_rx_pd->snr,
 248                                                              local_rx_pd->nf);
 249                 }
 250         } else {
 251                 if (rx_pkt_type != PKT_TYPE_BAR &&
 252                     local_rx_pd->priority < MAX_NUM_TID)
 253                         priv->rx_seq[local_rx_pd->priority] = seq_num;
 254                 memcpy(ta, priv->curr_bss_params.bss_descriptor.mac_address,
 255                        ETH_ALEN);
 256         }
 257
 258         /* Reorder and send to OS */
 259         ret = mwifiex_11n_rx_reorder_pkt(priv, seq_num, local_rx_pd->priority,
 260                                          ta, (u8) rx_pkt_type, skb);
 261
 262         if (ret || (rx_pkt_type == PKT_TYPE_BAR))
 263                 dev_kfree_skb_any(skb);
 264
 265         if (ret)
 266                 priv->stats.rx_dropped++;
 267
 268         return ret;
 269 }