1 // SPDX-License-Identifier: GPL-2.0-only
2 /******************************************************************************
3 *
4 * Copyright(c) 2008 - 2014 Intel Corporation. All rights reserved.
5 * Copyright (C) 2019 Intel Corporation
6 *
7 * Contact Information:
8 * Intel Linux Wireless <linuxwifi@intel.com>
9 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
10 *
11 *****************************************************************************/
12
13 #include <linux/kernel.h>
14 #include <linux/module.h>
15 #include <linux/sched.h>
16 #include <linux/ieee80211.h>
17 #include "iwl-io.h"
18 #include "iwl-trans.h"
19 #include "iwl-agn-hw.h"
20 #include "dev.h"
21 #include "agn.h"
22
23 static const u8 tid_to_ac[] = {
24 IEEE80211_AC_BE,
25 IEEE80211_AC_BK,
26 IEEE80211_AC_BK,
27 IEEE80211_AC_BE,
28 IEEE80211_AC_VI,
29 IEEE80211_AC_VI,
30 IEEE80211_AC_VO,
31 IEEE80211_AC_VO,
32 };
33
iwlagn_tx_cmd_protection(struct iwl_priv * priv,struct ieee80211_tx_info * info,__le16 fc,__le32 * tx_flags)34 static void iwlagn_tx_cmd_protection(struct iwl_priv *priv,
35 struct ieee80211_tx_info *info,
36 __le16 fc, __le32 *tx_flags)
37 {
38 if (info->control.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS ||
39 info->control.rates[0].flags & IEEE80211_TX_RC_USE_CTS_PROTECT ||
40 info->flags & IEEE80211_TX_CTL_AMPDU)
41 *tx_flags |= TX_CMD_FLG_PROT_REQUIRE_MSK;
42 }
43
44 /*
45 * handle build REPLY_TX command notification.
46 */
iwlagn_tx_cmd_build_basic(struct iwl_priv * priv,struct sk_buff * skb,struct iwl_tx_cmd * tx_cmd,struct ieee80211_tx_info * info,struct ieee80211_hdr * hdr,u8 sta_id)47 static void iwlagn_tx_cmd_build_basic(struct iwl_priv *priv,
48 struct sk_buff *skb,
49 struct iwl_tx_cmd *tx_cmd,
50 struct ieee80211_tx_info *info,
51 struct ieee80211_hdr *hdr, u8 sta_id)
52 {
53 __le16 fc = hdr->frame_control;
54 __le32 tx_flags = tx_cmd->tx_flags;
55
56 tx_cmd->stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE;
57
58 if (!(info->flags & IEEE80211_TX_CTL_NO_ACK))
59 tx_flags |= TX_CMD_FLG_ACK_MSK;
60 else
61 tx_flags &= ~TX_CMD_FLG_ACK_MSK;
62
63 if (ieee80211_is_probe_resp(fc))
64 tx_flags |= TX_CMD_FLG_TSF_MSK;
65 else if (ieee80211_is_back_req(fc))
66 tx_flags |= TX_CMD_FLG_ACK_MSK | TX_CMD_FLG_IMM_BA_RSP_MASK;
67 else if (info->band == NL80211_BAND_2GHZ &&
68 priv->lib->bt_params &&
69 priv->lib->bt_params->advanced_bt_coexist &&
70 (ieee80211_is_auth(fc) || ieee80211_is_assoc_req(fc) ||
71 ieee80211_is_reassoc_req(fc) ||
72 info->control.flags & IEEE80211_TX_CTRL_PORT_CTRL_PROTO))
73 tx_flags |= TX_CMD_FLG_IGNORE_BT;
74
75
76 tx_cmd->sta_id = sta_id;
77 if (ieee80211_has_morefrags(fc))
78 tx_flags |= TX_CMD_FLG_MORE_FRAG_MSK;
79
80 if (ieee80211_is_data_qos(fc)) {
81 u8 *qc = ieee80211_get_qos_ctl(hdr);
82 tx_cmd->tid_tspec = qc[0] & 0xf;
83 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK;
84 } else {
85 tx_cmd->tid_tspec = IWL_TID_NON_QOS;
86 if (info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ)
87 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK;
88 else
89 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK;
90 }
91
92 iwlagn_tx_cmd_protection(priv, info, fc, &tx_flags);
93
94 tx_flags &= ~(TX_CMD_FLG_ANT_SEL_MSK);
95 if (ieee80211_is_mgmt(fc)) {
96 if (ieee80211_is_assoc_req(fc) || ieee80211_is_reassoc_req(fc))
97 tx_cmd->timeout.pm_frame_timeout = cpu_to_le16(3);
98 else
99 tx_cmd->timeout.pm_frame_timeout = cpu_to_le16(2);
100 } else {
101 tx_cmd->timeout.pm_frame_timeout = 0;
102 }
103
104 tx_cmd->driver_txop = 0;
105 tx_cmd->tx_flags = tx_flags;
106 tx_cmd->next_frame_len = 0;
107 }
108
iwlagn_tx_cmd_build_rate(struct iwl_priv * priv,struct iwl_tx_cmd * tx_cmd,struct ieee80211_tx_info * info,struct ieee80211_sta * sta,__le16 fc)109 static void iwlagn_tx_cmd_build_rate(struct iwl_priv *priv,
110 struct iwl_tx_cmd *tx_cmd,
111 struct ieee80211_tx_info *info,
112 struct ieee80211_sta *sta,
113 __le16 fc)
114 {
115 u32 rate_flags;
116 int rate_idx;
117 u8 rts_retry_limit;
118 u8 data_retry_limit;
119 u8 rate_plcp;
120
121 if (priv->wowlan) {
122 rts_retry_limit = IWLAGN_LOW_RETRY_LIMIT;
123 data_retry_limit = IWLAGN_LOW_RETRY_LIMIT;
124 } else {
125 /* Set retry limit on RTS packets */
126 rts_retry_limit = IWLAGN_RTS_DFAULT_RETRY_LIMIT;
127
128 /* Set retry limit on DATA packets and Probe Responses*/
129 if (ieee80211_is_probe_resp(fc)) {
130 data_retry_limit = IWLAGN_MGMT_DFAULT_RETRY_LIMIT;
131 rts_retry_limit =
132 min(data_retry_limit, rts_retry_limit);
133 } else if (ieee80211_is_back_req(fc))
134 data_retry_limit = IWLAGN_BAR_DFAULT_RETRY_LIMIT;
135 else
136 data_retry_limit = IWLAGN_DEFAULT_TX_RETRY;
137 }
138
139 tx_cmd->data_retry_limit = data_retry_limit;
140 tx_cmd->rts_retry_limit = rts_retry_limit;
141
142 /* DATA packets will use the uCode station table for rate/antenna
143 * selection */
144 if (ieee80211_is_data(fc)) {
145 tx_cmd->initial_rate_index = 0;
146 tx_cmd->tx_flags |= TX_CMD_FLG_STA_RATE_MSK;
147 return;
148 } else if (ieee80211_is_back_req(fc))
149 tx_cmd->tx_flags |= TX_CMD_FLG_STA_RATE_MSK;
150
151 /**
152 * If the current TX rate stored in mac80211 has the MCS bit set, it's
153 * not really a TX rate. Thus, we use the lowest supported rate for
154 * this band. Also use the lowest supported rate if the stored rate
155 * index is invalid.
156 */
157 rate_idx = info->control.rates[0].idx;
158 if (info->control.rates[0].flags & IEEE80211_TX_RC_MCS ||
159 (rate_idx < 0) || (rate_idx > IWL_RATE_COUNT_LEGACY))
160 rate_idx = rate_lowest_index(
161 &priv->nvm_data->bands[info->band], sta);
162 /* For 5 GHZ band, remap mac80211 rate indices into driver indices */
163 if (info->band == NL80211_BAND_5GHZ)
164 rate_idx += IWL_FIRST_OFDM_RATE;
165 /* Get PLCP rate for tx_cmd->rate_n_flags */
166 rate_plcp = iwl_rates[rate_idx].plcp;
167 /* Zero out flags for this packet */
168 rate_flags = 0;
169
170 /* Set CCK flag as needed */
171 if ((rate_idx >= IWL_FIRST_CCK_RATE) && (rate_idx <= IWL_LAST_CCK_RATE))
172 rate_flags |= RATE_MCS_CCK_MSK;
173
174 /* Set up antennas */
175 if (priv->lib->bt_params &&
176 priv->lib->bt_params->advanced_bt_coexist &&
177 priv->bt_full_concurrent) {
178 /* operated as 1x1 in full concurrency mode */
179 priv->mgmt_tx_ant = iwl_toggle_tx_ant(priv, priv->mgmt_tx_ant,
180 first_antenna(priv->nvm_data->valid_tx_ant));
181 } else
182 priv->mgmt_tx_ant = iwl_toggle_tx_ant(
183 priv, priv->mgmt_tx_ant,
184 priv->nvm_data->valid_tx_ant);
185 rate_flags |= iwl_ant_idx_to_flags(priv->mgmt_tx_ant);
186
187 /* Set the rate in the TX cmd */
188 tx_cmd->rate_n_flags = iwl_hw_set_rate_n_flags(rate_plcp, rate_flags);
189 }
190
iwlagn_tx_cmd_build_hwcrypto(struct iwl_priv * priv,struct ieee80211_tx_info * info,struct iwl_tx_cmd * tx_cmd,struct sk_buff * skb_frag)191 static void iwlagn_tx_cmd_build_hwcrypto(struct iwl_priv *priv,
192 struct ieee80211_tx_info *info,
193 struct iwl_tx_cmd *tx_cmd,
194 struct sk_buff *skb_frag)
195 {
196 struct ieee80211_key_conf *keyconf = info->control.hw_key;
197
198 switch (keyconf->cipher) {
199 case WLAN_CIPHER_SUITE_CCMP:
200 tx_cmd->sec_ctl = TX_CMD_SEC_CCM;
201 memcpy(tx_cmd->key, keyconf->key, keyconf->keylen);
202 if (info->flags & IEEE80211_TX_CTL_AMPDU)
203 tx_cmd->tx_flags |= TX_CMD_FLG_AGG_CCMP_MSK;
204 break;
205
206 case WLAN_CIPHER_SUITE_TKIP:
207 tx_cmd->sec_ctl = TX_CMD_SEC_TKIP;
208 ieee80211_get_tkip_p2k(keyconf, skb_frag, tx_cmd->key);
209 break;
210
211 case WLAN_CIPHER_SUITE_WEP104:
212 tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
213 /* fall through */
214 case WLAN_CIPHER_SUITE_WEP40:
215 tx_cmd->sec_ctl |= (TX_CMD_SEC_WEP |
216 (keyconf->keyidx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT);
217
218 memcpy(&tx_cmd->key[3], keyconf->key, keyconf->keylen);
219
220 IWL_DEBUG_TX(priv, "Configuring packet for WEP encryption "
221 "with key %d\n", keyconf->keyidx);
222 break;
223
224 default:
225 IWL_ERR(priv, "Unknown encode cipher %x\n", keyconf->cipher);
226 break;
227 }
228 }
229
230 /**
231 * iwl_sta_id_or_broadcast - return sta_id or broadcast sta
232 * @context: the current context
233 * @sta: mac80211 station
234 *
235 * In certain circumstances mac80211 passes a station pointer
236 * that may be %NULL, for example during TX or key setup. In
237 * that case, we need to use the broadcast station, so this
238 * inline wraps that pattern.
239 */
iwl_sta_id_or_broadcast(struct iwl_rxon_context * context,struct ieee80211_sta * sta)240 static int iwl_sta_id_or_broadcast(struct iwl_rxon_context *context,
241 struct ieee80211_sta *sta)
242 {
243 int sta_id;
244
245 if (!sta)
246 return context->bcast_sta_id;
247
248 sta_id = iwl_sta_id(sta);
249
250 /*
251 * mac80211 should not be passing a partially
252 * initialised station!
253 */
254 WARN_ON(sta_id == IWL_INVALID_STATION);
255
256 return sta_id;
257 }
258
259 /*
260 * start REPLY_TX command process
261 */
iwlagn_tx_skb(struct iwl_priv * priv,struct ieee80211_sta * sta,struct sk_buff * skb)262 int iwlagn_tx_skb(struct iwl_priv *priv,
263 struct ieee80211_sta *sta,
264 struct sk_buff *skb)
265 {
266 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
267 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
268 struct iwl_station_priv *sta_priv = NULL;
269 struct iwl_rxon_context *ctx = &priv->contexts[IWL_RXON_CTX_BSS];
270 struct iwl_device_tx_cmd *dev_cmd;
271 struct iwl_tx_cmd *tx_cmd;
272 __le16 fc;
273 u8 hdr_len;
274 u16 len, seq_number = 0;
275 u8 sta_id, tid = IWL_MAX_TID_COUNT;
276 bool is_agg = false, is_data_qos = false;
277 int txq_id;
278
279 if (info->control.vif)
280 ctx = iwl_rxon_ctx_from_vif(info->control.vif);
281
282 if (iwl_is_rfkill(priv)) {
283 IWL_DEBUG_DROP(priv, "Dropping - RF KILL\n");
284 goto drop_unlock_priv;
285 }
286
287 fc = hdr->frame_control;
288
289 #ifdef CONFIG_IWLWIFI_DEBUG
290 if (ieee80211_is_auth(fc))
291 IWL_DEBUG_TX(priv, "Sending AUTH frame\n");
292 else if (ieee80211_is_assoc_req(fc))
293 IWL_DEBUG_TX(priv, "Sending ASSOC frame\n");
294 else if (ieee80211_is_reassoc_req(fc))
295 IWL_DEBUG_TX(priv, "Sending REASSOC frame\n");
296 #endif
297
298 if (unlikely(ieee80211_is_probe_resp(fc))) {
299 struct iwl_wipan_noa_data *noa_data =
300 rcu_dereference(priv->noa_data);
301
302 if (noa_data &&
303 pskb_expand_head(skb, 0, noa_data->length,
304 GFP_ATOMIC) == 0) {
305 skb_put_data(skb, noa_data->data, noa_data->length);
306 hdr = (struct ieee80211_hdr *)skb->data;
307 }
308 }
309
310 hdr_len = ieee80211_hdrlen(fc);
311
312 /* For management frames use broadcast id to do not break aggregation */
313 if (!ieee80211_is_data(fc))
314 sta_id = ctx->bcast_sta_id;
315 else {
316 /* Find index into station table for destination station */
317 sta_id = iwl_sta_id_or_broadcast(ctx, sta);
318 if (sta_id == IWL_INVALID_STATION) {
319 IWL_DEBUG_DROP(priv, "Dropping - INVALID STATION: %pM\n",
320 hdr->addr1);
321 goto drop_unlock_priv;
322 }
323 }
324
325 if (sta)
326 sta_priv = (void *)sta->drv_priv;
327
328 if (sta_priv && sta_priv->asleep &&
329 (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER)) {
330 /*
331 * This sends an asynchronous command to the device,
332 * but we can rely on it being processed before the
333 * next frame is processed -- and the next frame to
334 * this station is the one that will consume this
335 * counter.
336 * For now set the counter to just 1 since we do not
337 * support uAPSD yet.
338 *
339 * FIXME: If we get two non-bufferable frames one
340 * after the other, we might only send out one of
341 * them because this is racy.
342 */
343 iwl_sta_modify_sleep_tx_count(priv, sta_id, 1);
344 }
345
346 dev_cmd = iwl_trans_alloc_tx_cmd(priv->trans);
347
348 if (unlikely(!dev_cmd))
349 goto drop_unlock_priv;
350
351 dev_cmd->hdr.cmd = REPLY_TX;
352 tx_cmd = (struct iwl_tx_cmd *) dev_cmd->payload;
353
354 /* Total # bytes to be transmitted */
355 len = (u16)skb->len;
356 tx_cmd->len = cpu_to_le16(len);
357
358 if (info->control.hw_key)
359 iwlagn_tx_cmd_build_hwcrypto(priv, info, tx_cmd, skb);
360
361 /* TODO need this for burst mode later on */
362 iwlagn_tx_cmd_build_basic(priv, skb, tx_cmd, info, hdr, sta_id);
363
364 iwlagn_tx_cmd_build_rate(priv, tx_cmd, info, sta, fc);
365
366 memset(&info->status, 0, sizeof(info->status));
367 memset(info->driver_data, 0, sizeof(info->driver_data));
368
369 info->driver_data[0] = ctx;
370 info->driver_data[1] = dev_cmd;
371 /* From now on, we cannot access info->control */
372
373 spin_lock(&priv->sta_lock);
374
375 if (ieee80211_is_data_qos(fc) && !ieee80211_is_qos_nullfunc(fc)) {
376 u8 *qc = NULL;
377 struct iwl_tid_data *tid_data;
378 qc = ieee80211_get_qos_ctl(hdr);
379 tid = qc[0] & IEEE80211_QOS_CTL_TID_MASK;
380 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT))
381 goto drop_unlock_sta;
382 tid_data = &priv->tid_data[sta_id][tid];
383
384 /* aggregation is on for this <sta,tid> */
385 if (info->flags & IEEE80211_TX_CTL_AMPDU &&
386 tid_data->agg.state != IWL_AGG_ON) {
387 IWL_ERR(priv,
388 "TX_CTL_AMPDU while not in AGG: Tx flags = 0x%08x, agg.state = %d\n",
389 info->flags, tid_data->agg.state);
390 IWL_ERR(priv, "sta_id = %d, tid = %d seq_num = %d\n",
391 sta_id, tid,
392 IEEE80211_SEQ_TO_SN(tid_data->seq_number));
393 goto drop_unlock_sta;
394 }
395
396 /* We can receive packets from the stack in IWL_AGG_{ON,OFF}
397 * only. Check this here.
398 */
399 if (WARN_ONCE(tid_data->agg.state != IWL_AGG_ON &&
400 tid_data->agg.state != IWL_AGG_OFF,
401 "Tx while agg.state = %d\n", tid_data->agg.state))
402 goto drop_unlock_sta;
403
404 seq_number = tid_data->seq_number;
405 seq_number &= IEEE80211_SCTL_SEQ;
406 hdr->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG);
407 hdr->seq_ctrl |= cpu_to_le16(seq_number);
408 seq_number += 0x10;
409
410 if (info->flags & IEEE80211_TX_CTL_AMPDU)
411 is_agg = true;
412 is_data_qos = true;
413 }
414
415 /* Copy MAC header from skb into command buffer */
416 memcpy(tx_cmd->hdr, hdr, hdr_len);
417
418 txq_id = info->hw_queue;
419
420 if (is_agg)
421 txq_id = priv->tid_data[sta_id][tid].agg.txq_id;
422 else if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) {
423 /*
424 * The microcode will clear the more data
425 * bit in the last frame it transmits.
426 */
427 hdr->frame_control |=
428 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
429 }
430
431 WARN_ON_ONCE(is_agg &&
432 priv->queue_to_mac80211[txq_id] != info->hw_queue);
433
434 IWL_DEBUG_TX(priv, "TX to [%d|%d] Q:%d - seq: 0x%x\n", sta_id, tid,
435 txq_id, seq_number);
436
437 if (iwl_trans_tx(priv->trans, skb, dev_cmd, txq_id))
438 goto drop_unlock_sta;
439
440 if (is_data_qos && !ieee80211_has_morefrags(fc))
441 priv->tid_data[sta_id][tid].seq_number = seq_number;
442
443 spin_unlock(&priv->sta_lock);
444
445 /*
446 * Avoid atomic ops if it isn't an associated client.
447 * Also, if this is a packet for aggregation, don't
448 * increase the counter because the ucode will stop
449 * aggregation queues when their respective station
450 * goes to sleep.
451 */
452 if (sta_priv && sta_priv->client && !is_agg)
453 atomic_inc(&sta_priv->pending_frames);
454
455 return 0;
456
457 drop_unlock_sta:
458 if (dev_cmd)
459 iwl_trans_free_tx_cmd(priv->trans, dev_cmd);
460 spin_unlock(&priv->sta_lock);
461 drop_unlock_priv:
462 return -1;
463 }
464
iwlagn_alloc_agg_txq(struct iwl_priv * priv,int mq)465 static int iwlagn_alloc_agg_txq(struct iwl_priv *priv, int mq)
466 {
467 int q;
468
469 for (q = IWLAGN_FIRST_AMPDU_QUEUE;
470 q < priv->trans->trans_cfg->base_params->num_of_queues; q++) {
471 if (!test_and_set_bit(q, priv->agg_q_alloc)) {
472 priv->queue_to_mac80211[q] = mq;
473 return q;
474 }
475 }
476
477 return -ENOSPC;
478 }
479
iwlagn_dealloc_agg_txq(struct iwl_priv * priv,int q)480 static void iwlagn_dealloc_agg_txq(struct iwl_priv *priv, int q)
481 {
482 clear_bit(q, priv->agg_q_alloc);
483 priv->queue_to_mac80211[q] = IWL_INVALID_MAC80211_QUEUE;
484 }
485
iwlagn_tx_agg_stop(struct iwl_priv * priv,struct ieee80211_vif * vif,struct ieee80211_sta * sta,u16 tid)486 int iwlagn_tx_agg_stop(struct iwl_priv *priv, struct ieee80211_vif *vif,
487 struct ieee80211_sta *sta, u16 tid)
488 {
489 struct iwl_tid_data *tid_data;
490 int sta_id, txq_id;
491 enum iwl_agg_state agg_state;
492
493 sta_id = iwl_sta_id(sta);
494
495 if (sta_id == IWL_INVALID_STATION) {
496 IWL_ERR(priv, "Invalid station for AGG tid %d\n", tid);
497 return -ENXIO;
498 }
499
500 spin_lock_bh(&priv->sta_lock);
501
502 tid_data = &priv->tid_data[sta_id][tid];
503 txq_id = tid_data->agg.txq_id;
504
505 switch (tid_data->agg.state) {
506 case IWL_EMPTYING_HW_QUEUE_ADDBA:
507 /*
508 * This can happen if the peer stops aggregation
509 * again before we've had a chance to drain the
510 * queue we selected previously, i.e. before the
511 * session was really started completely.
512 */
513 IWL_DEBUG_HT(priv, "AGG stop before setup done\n");
514 goto turn_off;
515 case IWL_AGG_STARTING:
516 /*
517 * This can happen when the session is stopped before
518 * we receive ADDBA response
519 */
520 IWL_DEBUG_HT(priv, "AGG stop before AGG became operational\n");
521 goto turn_off;
522 case IWL_AGG_ON:
523 break;
524 default:
525 IWL_WARN(priv,
526 "Stopping AGG while state not ON or starting for %d on %d (%d)\n",
527 sta_id, tid, tid_data->agg.state);
528 spin_unlock_bh(&priv->sta_lock);
529 return 0;
530 }
531
532 tid_data->agg.ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
533
534 /* There are still packets for this RA / TID in the HW */
535 if (!test_bit(txq_id, priv->agg_q_alloc)) {
536 IWL_DEBUG_TX_QUEUES(priv,
537 "stopping AGG on STA/TID %d/%d but hwq %d not used\n",
538 sta_id, tid, txq_id);
539 } else if (tid_data->agg.ssn != tid_data->next_reclaimed) {
540 IWL_DEBUG_TX_QUEUES(priv,
541 "Can't proceed: ssn %d, next_recl = %d\n",
542 tid_data->agg.ssn,
543 tid_data->next_reclaimed);
544 tid_data->agg.state = IWL_EMPTYING_HW_QUEUE_DELBA;
545 spin_unlock_bh(&priv->sta_lock);
546 return 0;
547 }
548
549 IWL_DEBUG_TX_QUEUES(priv, "Can proceed: ssn = next_recl = %d\n",
550 tid_data->agg.ssn);
551 turn_off:
552 agg_state = tid_data->agg.state;
553 tid_data->agg.state = IWL_AGG_OFF;
554
555 spin_unlock_bh(&priv->sta_lock);
556
557 if (test_bit(txq_id, priv->agg_q_alloc)) {
558 /*
559 * If the transport didn't know that we wanted to start
560 * agreggation, don't tell it that we want to stop them.
561 * This can happen when we don't get the addBA response on
562 * time, or we hadn't time to drain the AC queues.
563 */
564 if (agg_state == IWL_AGG_ON)
565 iwl_trans_txq_disable(priv->trans, txq_id, true);
566 else
567 IWL_DEBUG_TX_QUEUES(priv, "Don't disable tx agg: %d\n",
568 agg_state);
569 iwlagn_dealloc_agg_txq(priv, txq_id);
570 }
571
572 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
573
574 return 0;
575 }
576
iwlagn_tx_agg_start(struct iwl_priv * priv,struct ieee80211_vif * vif,struct ieee80211_sta * sta,u16 tid,u16 * ssn)577 int iwlagn_tx_agg_start(struct iwl_priv *priv, struct ieee80211_vif *vif,
578 struct ieee80211_sta *sta, u16 tid, u16 *ssn)
579 {
580 struct iwl_rxon_context *ctx = iwl_rxon_ctx_from_vif(vif);
581 struct iwl_tid_data *tid_data;
582 int sta_id, txq_id, ret;
583
584 IWL_DEBUG_HT(priv, "TX AGG request on ra = %pM tid = %d\n",
585 sta->addr, tid);
586
587 sta_id = iwl_sta_id(sta);
588 if (sta_id == IWL_INVALID_STATION) {
589 IWL_ERR(priv, "Start AGG on invalid station\n");
590 return -ENXIO;
591 }
592 if (unlikely(tid >= IWL_MAX_TID_COUNT))
593 return -EINVAL;
594
595 if (priv->tid_data[sta_id][tid].agg.state != IWL_AGG_OFF) {
596 IWL_ERR(priv, "Start AGG when state is not IWL_AGG_OFF !\n");
597 return -ENXIO;
598 }
599
600 txq_id = iwlagn_alloc_agg_txq(priv, ctx->ac_to_queue[tid_to_ac[tid]]);
601 if (txq_id < 0) {
602 IWL_DEBUG_TX_QUEUES(priv,
603 "No free aggregation queue for %pM/%d\n",
604 sta->addr, tid);
605 return txq_id;
606 }
607
608 ret = iwl_sta_tx_modify_enable_tid(priv, sta_id, tid);
609 if (ret)
610 return ret;
611
612 spin_lock_bh(&priv->sta_lock);
613 tid_data = &priv->tid_data[sta_id][tid];
614 tid_data->agg.ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
615 tid_data->agg.txq_id = txq_id;
616
617 *ssn = tid_data->agg.ssn;
618
619 if (*ssn == tid_data->next_reclaimed) {
620 IWL_DEBUG_TX_QUEUES(priv, "Can proceed: ssn = next_recl = %d\n",
621 tid_data->agg.ssn);
622 tid_data->agg.state = IWL_AGG_STARTING;
623 ret = IEEE80211_AMPDU_TX_START_IMMEDIATE;
624 } else {
625 IWL_DEBUG_TX_QUEUES(priv, "Can't proceed: ssn %d, "
626 "next_reclaimed = %d\n",
627 tid_data->agg.ssn,
628 tid_data->next_reclaimed);
629 tid_data->agg.state = IWL_EMPTYING_HW_QUEUE_ADDBA;
630 }
631 spin_unlock_bh(&priv->sta_lock);
632
633 return ret;
634 }
635
iwlagn_tx_agg_flush(struct iwl_priv * priv,struct ieee80211_vif * vif,struct ieee80211_sta * sta,u16 tid)636 int iwlagn_tx_agg_flush(struct iwl_priv *priv, struct ieee80211_vif *vif,
637 struct ieee80211_sta *sta, u16 tid)
638 {
639 struct iwl_tid_data *tid_data;
640 enum iwl_agg_state agg_state;
641 int sta_id, txq_id;
642 sta_id = iwl_sta_id(sta);
643
644 /*
645 * First set the agg state to OFF to avoid calling
646 * ieee80211_stop_tx_ba_cb in iwlagn_check_ratid_empty.
647 */
648 spin_lock_bh(&priv->sta_lock);
649
650 tid_data = &priv->tid_data[sta_id][tid];
651 txq_id = tid_data->agg.txq_id;
652 agg_state = tid_data->agg.state;
653 IWL_DEBUG_TX_QUEUES(priv, "Flush AGG: sta %d tid %d q %d state %d\n",
654 sta_id, tid, txq_id, tid_data->agg.state);
655
656 tid_data->agg.state = IWL_AGG_OFF;
657
658 spin_unlock_bh(&priv->sta_lock);
659
660 if (iwlagn_txfifo_flush(priv, BIT(txq_id)))
661 IWL_ERR(priv, "Couldn't flush the AGG queue\n");
662
663 if (test_bit(txq_id, priv->agg_q_alloc)) {
664 /*
665 * If the transport didn't know that we wanted to start
666 * agreggation, don't tell it that we want to stop them.
667 * This can happen when we don't get the addBA response on
668 * time, or we hadn't time to drain the AC queues.
669 */
670 if (agg_state == IWL_AGG_ON)
671 iwl_trans_txq_disable(priv->trans, txq_id, true);
672 else
673 IWL_DEBUG_TX_QUEUES(priv, "Don't disable tx agg: %d\n",
674 agg_state);
675 iwlagn_dealloc_agg_txq(priv, txq_id);
676 }
677
678 return 0;
679 }
680
iwlagn_tx_agg_oper(struct iwl_priv * priv,struct ieee80211_vif * vif,struct ieee80211_sta * sta,u16 tid,u8 buf_size)681 int iwlagn_tx_agg_oper(struct iwl_priv *priv, struct ieee80211_vif *vif,
682 struct ieee80211_sta *sta, u16 tid, u8 buf_size)
683 {
684 struct iwl_station_priv *sta_priv = (void *) sta->drv_priv;
685 struct iwl_rxon_context *ctx = iwl_rxon_ctx_from_vif(vif);
686 int q, fifo;
687 u16 ssn;
688
689 buf_size = min_t(int, buf_size, LINK_QUAL_AGG_FRAME_LIMIT_DEF);
690
691 spin_lock_bh(&priv->sta_lock);
692 ssn = priv->tid_data[sta_priv->sta_id][tid].agg.ssn;
693 q = priv->tid_data[sta_priv->sta_id][tid].agg.txq_id;
694 priv->tid_data[sta_priv->sta_id][tid].agg.state = IWL_AGG_ON;
695 spin_unlock_bh(&priv->sta_lock);
696
697 fifo = ctx->ac_to_fifo[tid_to_ac[tid]];
698
699 iwl_trans_txq_enable(priv->trans, q, fifo, sta_priv->sta_id, tid,
700 buf_size, ssn, 0);
701
702 /*
703 * If the limit is 0, then it wasn't initialised yet,
704 * use the default. We can do that since we take the
705 * minimum below, and we don't want to go above our
706 * default due to hardware restrictions.
707 */
708 if (sta_priv->max_agg_bufsize == 0)
709 sta_priv->max_agg_bufsize =
710 LINK_QUAL_AGG_FRAME_LIMIT_DEF;
711
712 /*
713 * Even though in theory the peer could have different
714 * aggregation reorder buffer sizes for different sessions,
715 * our ucode doesn't allow for that and has a global limit
716 * for each station. Therefore, use the minimum of all the
717 * aggregation sessions and our default value.
718 */
719 sta_priv->max_agg_bufsize =
720 min(sta_priv->max_agg_bufsize, buf_size);
721
722 if (priv->hw_params.use_rts_for_aggregation) {
723 /*
724 * switch to RTS/CTS if it is the prefer protection
725 * method for HT traffic
726 */
727
728 sta_priv->lq_sta.lq.general_params.flags |=
729 LINK_QUAL_FLAGS_SET_STA_TLC_RTS_MSK;
730 }
731 priv->agg_tids_count++;
732 IWL_DEBUG_HT(priv, "priv->agg_tids_count = %u\n",
733 priv->agg_tids_count);
734
735 sta_priv->lq_sta.lq.agg_params.agg_frame_cnt_limit =
736 sta_priv->max_agg_bufsize;
737
738 IWL_DEBUG_HT(priv, "Tx aggregation enabled on ra = %pM tid = %d\n",
739 sta->addr, tid);
740
741 return iwl_send_lq_cmd(priv, ctx,
742 &sta_priv->lq_sta.lq, CMD_ASYNC, false);
743 }
744
iwlagn_check_ratid_empty(struct iwl_priv * priv,int sta_id,u8 tid)745 static void iwlagn_check_ratid_empty(struct iwl_priv *priv, int sta_id, u8 tid)
746 {
747 struct iwl_tid_data *tid_data = &priv->tid_data[sta_id][tid];
748 enum iwl_rxon_context_id ctx;
749 struct ieee80211_vif *vif;
750 u8 *addr;
751
752 lockdep_assert_held(&priv->sta_lock);
753
754 addr = priv->stations[sta_id].sta.sta.addr;
755 ctx = priv->stations[sta_id].ctxid;
756 vif = priv->contexts[ctx].vif;
757
758 switch (priv->tid_data[sta_id][tid].agg.state) {
759 case IWL_EMPTYING_HW_QUEUE_DELBA:
760 /* There are no packets for this RA / TID in the HW any more */
761 if (tid_data->agg.ssn == tid_data->next_reclaimed) {
762 IWL_DEBUG_TX_QUEUES(priv,
763 "Can continue DELBA flow ssn = next_recl = %d\n",
764 tid_data->next_reclaimed);
765 iwl_trans_txq_disable(priv->trans,
766 tid_data->agg.txq_id, true);
767 iwlagn_dealloc_agg_txq(priv, tid_data->agg.txq_id);
768 tid_data->agg.state = IWL_AGG_OFF;
769 ieee80211_stop_tx_ba_cb_irqsafe(vif, addr, tid);
770 }
771 break;
772 case IWL_EMPTYING_HW_QUEUE_ADDBA:
773 /* There are no packets for this RA / TID in the HW any more */
774 if (tid_data->agg.ssn == tid_data->next_reclaimed) {
775 IWL_DEBUG_TX_QUEUES(priv,
776 "Can continue ADDBA flow ssn = next_recl = %d\n",
777 tid_data->next_reclaimed);
778 tid_data->agg.state = IWL_AGG_STARTING;
779 ieee80211_start_tx_ba_cb_irqsafe(vif, addr, tid);
780 }
781 break;
782 default:
783 break;
784 }
785 }
786
iwlagn_non_agg_tx_status(struct iwl_priv * priv,struct iwl_rxon_context * ctx,const u8 * addr1)787 static void iwlagn_non_agg_tx_status(struct iwl_priv *priv,
788 struct iwl_rxon_context *ctx,
789 const u8 *addr1)
790 {
791 struct ieee80211_sta *sta;
792 struct iwl_station_priv *sta_priv;
793
794 rcu_read_lock();
795 sta = ieee80211_find_sta(ctx->vif, addr1);
796 if (sta) {
797 sta_priv = (void *)sta->drv_priv;
798 /* avoid atomic ops if this isn't a client */
799 if (sta_priv->client &&
800 atomic_dec_return(&sta_priv->pending_frames) == 0)
801 ieee80211_sta_block_awake(priv->hw, sta, false);
802 }
803 rcu_read_unlock();
804 }
805
806 /*
807 * translate ucode response to mac80211 tx status control values
808 */
iwlagn_hwrate_to_tx_control(struct iwl_priv * priv,u32 rate_n_flags,struct ieee80211_tx_info * info)809 static void iwlagn_hwrate_to_tx_control(struct iwl_priv *priv, u32 rate_n_flags,
810 struct ieee80211_tx_info *info)
811 {
812 struct ieee80211_tx_rate *r = &info->status.rates[0];
813
814 info->status.antenna =
815 ((rate_n_flags & RATE_MCS_ANT_ABC_MSK) >> RATE_MCS_ANT_POS);
816 if (rate_n_flags & RATE_MCS_HT_MSK)
817 r->flags |= IEEE80211_TX_RC_MCS;
818 if (rate_n_flags & RATE_MCS_GF_MSK)
819 r->flags |= IEEE80211_TX_RC_GREEN_FIELD;
820 if (rate_n_flags & RATE_MCS_HT40_MSK)
821 r->flags |= IEEE80211_TX_RC_40_MHZ_WIDTH;
822 if (rate_n_flags & RATE_MCS_DUP_MSK)
823 r->flags |= IEEE80211_TX_RC_DUP_DATA;
824 if (rate_n_flags & RATE_MCS_SGI_MSK)
825 r->flags |= IEEE80211_TX_RC_SHORT_GI;
826 r->idx = iwlagn_hwrate_to_mac80211_idx(rate_n_flags, info->band);
827 }
828
829 #ifdef CONFIG_IWLWIFI_DEBUG
iwl_get_tx_fail_reason(u32 status)830 const char *iwl_get_tx_fail_reason(u32 status)
831 {
832 #define TX_STATUS_FAIL(x) case TX_STATUS_FAIL_ ## x: return #x
833 #define TX_STATUS_POSTPONE(x) case TX_STATUS_POSTPONE_ ## x: return #x
834
835 switch (status & TX_STATUS_MSK) {
836 case TX_STATUS_SUCCESS:
837 return "SUCCESS";
838 TX_STATUS_POSTPONE(DELAY);
839 TX_STATUS_POSTPONE(FEW_BYTES);
840 TX_STATUS_POSTPONE(BT_PRIO);
841 TX_STATUS_POSTPONE(QUIET_PERIOD);
842 TX_STATUS_POSTPONE(CALC_TTAK);
843 TX_STATUS_FAIL(INTERNAL_CROSSED_RETRY);
844 TX_STATUS_FAIL(SHORT_LIMIT);
845 TX_STATUS_FAIL(LONG_LIMIT);
846 TX_STATUS_FAIL(FIFO_UNDERRUN);
847 TX_STATUS_FAIL(DRAIN_FLOW);
848 TX_STATUS_FAIL(RFKILL_FLUSH);
849 TX_STATUS_FAIL(LIFE_EXPIRE);
850 TX_STATUS_FAIL(DEST_PS);
851 TX_STATUS_FAIL(HOST_ABORTED);
852 TX_STATUS_FAIL(BT_RETRY);
853 TX_STATUS_FAIL(STA_INVALID);
854 TX_STATUS_FAIL(FRAG_DROPPED);
855 TX_STATUS_FAIL(TID_DISABLE);
856 TX_STATUS_FAIL(FIFO_FLUSHED);
857 TX_STATUS_FAIL(INSUFFICIENT_CF_POLL);
858 TX_STATUS_FAIL(PASSIVE_NO_RX);
859 TX_STATUS_FAIL(NO_BEACON_ON_RADAR);
860 }
861
862 return "UNKNOWN";
863
864 #undef TX_STATUS_FAIL
865 #undef TX_STATUS_POSTPONE
866 }
867 #endif /* CONFIG_IWLWIFI_DEBUG */
868
iwlagn_count_agg_tx_err_status(struct iwl_priv * priv,u16 status)869 static void iwlagn_count_agg_tx_err_status(struct iwl_priv *priv, u16 status)
870 {
871 status &= AGG_TX_STATUS_MSK;
872
873 switch (status) {
874 case AGG_TX_STATE_UNDERRUN_MSK:
875 priv->reply_agg_tx_stats.underrun++;
876 break;
877 case AGG_TX_STATE_BT_PRIO_MSK:
878 priv->reply_agg_tx_stats.bt_prio++;
879 break;
880 case AGG_TX_STATE_FEW_BYTES_MSK:
881 priv->reply_agg_tx_stats.few_bytes++;
882 break;
883 case AGG_TX_STATE_ABORT_MSK:
884 priv->reply_agg_tx_stats.abort++;
885 break;
886 case AGG_TX_STATE_LAST_SENT_TTL_MSK:
887 priv->reply_agg_tx_stats.last_sent_ttl++;
888 break;
889 case AGG_TX_STATE_LAST_SENT_TRY_CNT_MSK:
890 priv->reply_agg_tx_stats.last_sent_try++;
891 break;
892 case AGG_TX_STATE_LAST_SENT_BT_KILL_MSK:
893 priv->reply_agg_tx_stats.last_sent_bt_kill++;
894 break;
895 case AGG_TX_STATE_SCD_QUERY_MSK:
896 priv->reply_agg_tx_stats.scd_query++;
897 break;
898 case AGG_TX_STATE_TEST_BAD_CRC32_MSK:
899 priv->reply_agg_tx_stats.bad_crc32++;
900 break;
901 case AGG_TX_STATE_RESPONSE_MSK:
902 priv->reply_agg_tx_stats.response++;
903 break;
904 case AGG_TX_STATE_DUMP_TX_MSK:
905 priv->reply_agg_tx_stats.dump_tx++;
906 break;
907 case AGG_TX_STATE_DELAY_TX_MSK:
908 priv->reply_agg_tx_stats.delay_tx++;
909 break;
910 default:
911 priv->reply_agg_tx_stats.unknown++;
912 break;
913 }
914 }
915
iwlagn_get_scd_ssn(struct iwlagn_tx_resp * tx_resp)916 static inline u32 iwlagn_get_scd_ssn(struct iwlagn_tx_resp *tx_resp)
917 {
918 return le32_to_cpup((__le32 *)&tx_resp->status +
919 tx_resp->frame_count) & IEEE80211_MAX_SN;
920 }
921
iwl_rx_reply_tx_agg(struct iwl_priv * priv,struct iwlagn_tx_resp * tx_resp)922 static void iwl_rx_reply_tx_agg(struct iwl_priv *priv,
923 struct iwlagn_tx_resp *tx_resp)
924 {
925 struct agg_tx_status *frame_status = &tx_resp->status;
926 int tid = (tx_resp->ra_tid & IWLAGN_TX_RES_TID_MSK) >>
927 IWLAGN_TX_RES_TID_POS;
928 int sta_id = (tx_resp->ra_tid & IWLAGN_TX_RES_RA_MSK) >>
929 IWLAGN_TX_RES_RA_POS;
930 struct iwl_ht_agg *agg = &priv->tid_data[sta_id][tid].agg;
931 u32 status = le16_to_cpu(tx_resp->status.status);
932 int i;
933
934 WARN_ON(tid == IWL_TID_NON_QOS);
935
936 if (agg->wait_for_ba)
937 IWL_DEBUG_TX_REPLY(priv,
938 "got tx response w/o block-ack\n");
939
940 agg->rate_n_flags = le32_to_cpu(tx_resp->rate_n_flags);
941 agg->wait_for_ba = (tx_resp->frame_count > 1);
942
943 /*
944 * If the BT kill count is non-zero, we'll get this
945 * notification again.
946 */
947 if (tx_resp->bt_kill_count && tx_resp->frame_count == 1 &&
948 priv->lib->bt_params &&
949 priv->lib->bt_params->advanced_bt_coexist) {
950 IWL_DEBUG_COEX(priv, "receive reply tx w/ bt_kill\n");
951 }
952
953 if (tx_resp->frame_count == 1)
954 return;
955
956 IWL_DEBUG_TX_REPLY(priv, "TXQ %d initial_rate 0x%x ssn %d frm_cnt %d\n",
957 agg->txq_id,
958 le32_to_cpu(tx_resp->rate_n_flags),
959 iwlagn_get_scd_ssn(tx_resp), tx_resp->frame_count);
960
961 /* Construct bit-map of pending frames within Tx window */
962 for (i = 0; i < tx_resp->frame_count; i++) {
963 u16 fstatus = le16_to_cpu(frame_status[i].status);
964 u8 retry_cnt = (fstatus & AGG_TX_TRY_MSK) >> AGG_TX_TRY_POS;
965
966 if (status & AGG_TX_STATUS_MSK)
967 iwlagn_count_agg_tx_err_status(priv, fstatus);
968
969 if (status & (AGG_TX_STATE_FEW_BYTES_MSK |
970 AGG_TX_STATE_ABORT_MSK))
971 continue;
972
973 if (status & AGG_TX_STATUS_MSK || retry_cnt > 1)
974 IWL_DEBUG_TX_REPLY(priv,
975 "%d: status %s (0x%04x), try-count (0x%01x)\n",
976 i,
977 iwl_get_agg_tx_fail_reason(fstatus),
978 fstatus & AGG_TX_STATUS_MSK,
979 retry_cnt);
980 }
981 }
982
983 #ifdef CONFIG_IWLWIFI_DEBUG
984 #define AGG_TX_STATE_FAIL(x) case AGG_TX_STATE_ ## x: return #x
985
iwl_get_agg_tx_fail_reason(u16 status)986 const char *iwl_get_agg_tx_fail_reason(u16 status)
987 {
988 status &= AGG_TX_STATUS_MSK;
989 switch (status) {
990 case AGG_TX_STATE_TRANSMITTED:
991 return "SUCCESS";
992 AGG_TX_STATE_FAIL(UNDERRUN_MSK);
993 AGG_TX_STATE_FAIL(BT_PRIO_MSK);
994 AGG_TX_STATE_FAIL(FEW_BYTES_MSK);
995 AGG_TX_STATE_FAIL(ABORT_MSK);
996 AGG_TX_STATE_FAIL(LAST_SENT_TTL_MSK);
997 AGG_TX_STATE_FAIL(LAST_SENT_TRY_CNT_MSK);
998 AGG_TX_STATE_FAIL(LAST_SENT_BT_KILL_MSK);
999 AGG_TX_STATE_FAIL(SCD_QUERY_MSK);
1000 AGG_TX_STATE_FAIL(TEST_BAD_CRC32_MSK);
1001 AGG_TX_STATE_FAIL(RESPONSE_MSK);
1002 AGG_TX_STATE_FAIL(DUMP_TX_MSK);
1003 AGG_TX_STATE_FAIL(DELAY_TX_MSK);
1004 }
1005
1006 return "UNKNOWN";
1007 }
1008 #endif /* CONFIG_IWLWIFI_DEBUG */
1009
iwlagn_count_tx_err_status(struct iwl_priv * priv,u16 status)1010 static void iwlagn_count_tx_err_status(struct iwl_priv *priv, u16 status)
1011 {
1012 status &= TX_STATUS_MSK;
1013
1014 switch (status) {
1015 case TX_STATUS_POSTPONE_DELAY:
1016 priv->reply_tx_stats.pp_delay++;
1017 break;
1018 case TX_STATUS_POSTPONE_FEW_BYTES:
1019 priv->reply_tx_stats.pp_few_bytes++;
1020 break;
1021 case TX_STATUS_POSTPONE_BT_PRIO:
1022 priv->reply_tx_stats.pp_bt_prio++;
1023 break;
1024 case TX_STATUS_POSTPONE_QUIET_PERIOD:
1025 priv->reply_tx_stats.pp_quiet_period++;
1026 break;
1027 case TX_STATUS_POSTPONE_CALC_TTAK:
1028 priv->reply_tx_stats.pp_calc_ttak++;
1029 break;
1030 case TX_STATUS_FAIL_INTERNAL_CROSSED_RETRY:
1031 priv->reply_tx_stats.int_crossed_retry++;
1032 break;
1033 case TX_STATUS_FAIL_SHORT_LIMIT:
1034 priv->reply_tx_stats.short_limit++;
1035 break;
1036 case TX_STATUS_FAIL_LONG_LIMIT:
1037 priv->reply_tx_stats.long_limit++;
1038 break;
1039 case TX_STATUS_FAIL_FIFO_UNDERRUN:
1040 priv->reply_tx_stats.fifo_underrun++;
1041 break;
1042 case TX_STATUS_FAIL_DRAIN_FLOW:
1043 priv->reply_tx_stats.drain_flow++;
1044 break;
1045 case TX_STATUS_FAIL_RFKILL_FLUSH:
1046 priv->reply_tx_stats.rfkill_flush++;
1047 break;
1048 case TX_STATUS_FAIL_LIFE_EXPIRE:
1049 priv->reply_tx_stats.life_expire++;
1050 break;
1051 case TX_STATUS_FAIL_DEST_PS:
1052 priv->reply_tx_stats.dest_ps++;
1053 break;
1054 case TX_STATUS_FAIL_HOST_ABORTED:
1055 priv->reply_tx_stats.host_abort++;
1056 break;
1057 case TX_STATUS_FAIL_BT_RETRY:
1058 priv->reply_tx_stats.bt_retry++;
1059 break;
1060 case TX_STATUS_FAIL_STA_INVALID:
1061 priv->reply_tx_stats.sta_invalid++;
1062 break;
1063 case TX_STATUS_FAIL_FRAG_DROPPED:
1064 priv->reply_tx_stats.frag_drop++;
1065 break;
1066 case TX_STATUS_FAIL_TID_DISABLE:
1067 priv->reply_tx_stats.tid_disable++;
1068 break;
1069 case TX_STATUS_FAIL_FIFO_FLUSHED:
1070 priv->reply_tx_stats.fifo_flush++;
1071 break;
1072 case TX_STATUS_FAIL_INSUFFICIENT_CF_POLL:
1073 priv->reply_tx_stats.insuff_cf_poll++;
1074 break;
1075 case TX_STATUS_FAIL_PASSIVE_NO_RX:
1076 priv->reply_tx_stats.fail_hw_drop++;
1077 break;
1078 case TX_STATUS_FAIL_NO_BEACON_ON_RADAR:
1079 priv->reply_tx_stats.sta_color_mismatch++;
1080 break;
1081 default:
1082 priv->reply_tx_stats.unknown++;
1083 break;
1084 }
1085 }
1086
iwlagn_set_tx_status(struct iwl_priv * priv,struct ieee80211_tx_info * info,struct iwlagn_tx_resp * tx_resp)1087 static void iwlagn_set_tx_status(struct iwl_priv *priv,
1088 struct ieee80211_tx_info *info,
1089 struct iwlagn_tx_resp *tx_resp)
1090 {
1091 u16 status = le16_to_cpu(tx_resp->status.status);
1092
1093 info->flags &= ~IEEE80211_TX_CTL_AMPDU;
1094
1095 info->status.rates[0].count = tx_resp->failure_frame + 1;
1096 info->flags |= iwl_tx_status_to_mac80211(status);
1097 iwlagn_hwrate_to_tx_control(priv, le32_to_cpu(tx_resp->rate_n_flags),
1098 info);
1099 if (!iwl_is_tx_success(status))
1100 iwlagn_count_tx_err_status(priv, status);
1101 }
1102
iwl_check_abort_status(struct iwl_priv * priv,u8 frame_count,u32 status)1103 static void iwl_check_abort_status(struct iwl_priv *priv,
1104 u8 frame_count, u32 status)
1105 {
1106 if (frame_count == 1 && status == TX_STATUS_FAIL_RFKILL_FLUSH) {
1107 IWL_ERR(priv, "Tx flush command to flush out all frames\n");
1108 if (!test_bit(STATUS_EXIT_PENDING, &priv->status))
1109 queue_work(priv->workqueue, &priv->tx_flush);
1110 }
1111 }
1112
iwlagn_rx_reply_tx(struct iwl_priv * priv,struct iwl_rx_cmd_buffer * rxb)1113 void iwlagn_rx_reply_tx(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb)
1114 {
1115 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1116 u16 sequence = le16_to_cpu(pkt->hdr.sequence);
1117 int txq_id = SEQ_TO_QUEUE(sequence);
1118 int cmd_index __maybe_unused = SEQ_TO_INDEX(sequence);
1119 struct iwlagn_tx_resp *tx_resp = (void *)pkt->data;
1120 struct ieee80211_hdr *hdr;
1121 u32 status = le16_to_cpu(tx_resp->status.status);
1122 u16 ssn = iwlagn_get_scd_ssn(tx_resp);
1123 int tid;
1124 int sta_id;
1125 int freed;
1126 struct ieee80211_tx_info *info;
1127 struct sk_buff_head skbs;
1128 struct sk_buff *skb;
1129 struct iwl_rxon_context *ctx;
1130 bool is_agg = (txq_id >= IWLAGN_FIRST_AMPDU_QUEUE);
1131
1132 tid = (tx_resp->ra_tid & IWLAGN_TX_RES_TID_MSK) >>
1133 IWLAGN_TX_RES_TID_POS;
1134 sta_id = (tx_resp->ra_tid & IWLAGN_TX_RES_RA_MSK) >>
1135 IWLAGN_TX_RES_RA_POS;
1136
1137 spin_lock_bh(&priv->sta_lock);
1138
1139 if (is_agg) {
1140 WARN_ON_ONCE(sta_id >= IWLAGN_STATION_COUNT ||
1141 tid >= IWL_MAX_TID_COUNT);
1142 if (txq_id != priv->tid_data[sta_id][tid].agg.txq_id)
1143 IWL_ERR(priv, "txq_id mismatch: %d %d\n", txq_id,
1144 priv->tid_data[sta_id][tid].agg.txq_id);
1145 iwl_rx_reply_tx_agg(priv, tx_resp);
1146 }
1147
1148 __skb_queue_head_init(&skbs);
1149
1150 if (tx_resp->frame_count == 1) {
1151 u16 next_reclaimed = le16_to_cpu(tx_resp->seq_ctl);
1152 next_reclaimed = IEEE80211_SEQ_TO_SN(next_reclaimed + 0x10);
1153
1154 if (is_agg) {
1155 /* If this is an aggregation queue, we can rely on the
1156 * ssn since the wifi sequence number corresponds to
1157 * the index in the TFD ring (%256).
1158 * The seq_ctl is the sequence control of the packet
1159 * to which this Tx response relates. But if there is a
1160 * hole in the bitmap of the BA we received, this Tx
1161 * response may allow to reclaim the hole and all the
1162 * subsequent packets that were already acked.
1163 * In that case, seq_ctl != ssn, and the next packet
1164 * to be reclaimed will be ssn and not seq_ctl.
1165 */
1166 next_reclaimed = ssn;
1167 }
1168
1169 if (tid != IWL_TID_NON_QOS) {
1170 priv->tid_data[sta_id][tid].next_reclaimed =
1171 next_reclaimed;
1172 IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n",
1173 next_reclaimed);
1174 iwlagn_check_ratid_empty(priv, sta_id, tid);
1175 }
1176
1177 iwl_trans_reclaim(priv->trans, txq_id, ssn, &skbs);
1178
1179 freed = 0;
1180
1181 /* process frames */
1182 skb_queue_walk(&skbs, skb) {
1183 hdr = (struct ieee80211_hdr *)skb->data;
1184
1185 if (!ieee80211_is_data_qos(hdr->frame_control))
1186 priv->last_seq_ctl = tx_resp->seq_ctl;
1187
1188 info = IEEE80211_SKB_CB(skb);
1189 ctx = info->driver_data[0];
1190 iwl_trans_free_tx_cmd(priv->trans,
1191 info->driver_data[1]);
1192
1193 memset(&info->status, 0, sizeof(info->status));
1194
1195 if (status == TX_STATUS_FAIL_PASSIVE_NO_RX &&
1196 ctx->vif &&
1197 ctx->vif->type == NL80211_IFTYPE_STATION) {
1198 /* block and stop all queues */
1199 priv->passive_no_rx = true;
1200 IWL_DEBUG_TX_QUEUES(priv,
1201 "stop all queues: passive channel\n");
1202 ieee80211_stop_queues(priv->hw);
1203
1204 IWL_DEBUG_TX_REPLY(priv,
1205 "TXQ %d status %s (0x%08x) "
1206 "rate_n_flags 0x%x retries %d\n",
1207 txq_id,
1208 iwl_get_tx_fail_reason(status),
1209 status,
1210 le32_to_cpu(tx_resp->rate_n_flags),
1211 tx_resp->failure_frame);
1212
1213 IWL_DEBUG_TX_REPLY(priv,
1214 "FrameCnt = %d, idx=%d\n",
1215 tx_resp->frame_count, cmd_index);
1216 }
1217
1218 /* check if BAR is needed */
1219 if (is_agg && !iwl_is_tx_success(status))
1220 info->flags |= IEEE80211_TX_STAT_AMPDU_NO_BACK;
1221 iwlagn_set_tx_status(priv, IEEE80211_SKB_CB(skb),
1222 tx_resp);
1223 if (!is_agg)
1224 iwlagn_non_agg_tx_status(priv, ctx, hdr->addr1);
1225
1226 freed++;
1227 }
1228
1229 if (tid != IWL_TID_NON_QOS) {
1230 priv->tid_data[sta_id][tid].next_reclaimed =
1231 next_reclaimed;
1232 IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n",
1233 next_reclaimed);
1234 }
1235
1236 if (!is_agg && freed != 1)
1237 IWL_ERR(priv, "Q: %d, freed %d\n", txq_id, freed);
1238
1239 IWL_DEBUG_TX_REPLY(priv, "TXQ %d status %s (0x%08x)\n", txq_id,
1240 iwl_get_tx_fail_reason(status), status);
1241
1242 IWL_DEBUG_TX_REPLY(priv,
1243 "\t\t\t\tinitial_rate 0x%x retries %d, idx=%d ssn=%d seq_ctl=0x%x\n",
1244 le32_to_cpu(tx_resp->rate_n_flags),
1245 tx_resp->failure_frame,
1246 SEQ_TO_INDEX(sequence), ssn,
1247 le16_to_cpu(tx_resp->seq_ctl));
1248 }
1249
1250 iwl_check_abort_status(priv, tx_resp->frame_count, status);
1251 spin_unlock_bh(&priv->sta_lock);
1252
1253 while (!skb_queue_empty(&skbs)) {
1254 skb = __skb_dequeue(&skbs);
1255 ieee80211_tx_status(priv->hw, skb);
1256 }
1257 }
1258
1259 /*
1260 * iwlagn_rx_reply_compressed_ba - Handler for REPLY_COMPRESSED_BA
1261 *
1262 * Handles block-acknowledge notification from device, which reports success
1263 * of frames sent via aggregation.
1264 */
iwlagn_rx_reply_compressed_ba(struct iwl_priv * priv,struct iwl_rx_cmd_buffer * rxb)1265 void iwlagn_rx_reply_compressed_ba(struct iwl_priv *priv,
1266 struct iwl_rx_cmd_buffer *rxb)
1267 {
1268 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1269 struct iwl_compressed_ba_resp *ba_resp = (void *)pkt->data;
1270 struct iwl_ht_agg *agg;
1271 struct sk_buff_head reclaimed_skbs;
1272 struct sk_buff *skb;
1273 int sta_id;
1274 int tid;
1275 int freed;
1276
1277 /* "flow" corresponds to Tx queue */
1278 u16 scd_flow = le16_to_cpu(ba_resp->scd_flow);
1279
1280 /* "ssn" is start of block-ack Tx window, corresponds to index
1281 * (in Tx queue's circular buffer) of first TFD/frame in window */
1282 u16 ba_resp_scd_ssn = le16_to_cpu(ba_resp->scd_ssn);
1283
1284 if (scd_flow >= priv->trans->trans_cfg->base_params->num_of_queues) {
1285 IWL_ERR(priv,
1286 "BUG_ON scd_flow is bigger than number of queues\n");
1287 return;
1288 }
1289
1290 sta_id = ba_resp->sta_id;
1291 tid = ba_resp->tid;
1292 agg = &priv->tid_data[sta_id][tid].agg;
1293
1294 spin_lock_bh(&priv->sta_lock);
1295
1296 if (unlikely(!agg->wait_for_ba)) {
1297 if (unlikely(ba_resp->bitmap))
1298 IWL_ERR(priv, "Received BA when not expected\n");
1299 spin_unlock_bh(&priv->sta_lock);
1300 return;
1301 }
1302
1303 if (unlikely(scd_flow != agg->txq_id)) {
1304 /*
1305 * FIXME: this is a uCode bug which need to be addressed,
1306 * log the information and return for now.
1307 * Since it is can possibly happen very often and in order
1308 * not to fill the syslog, don't use IWL_ERR or IWL_WARN
1309 */
1310 IWL_DEBUG_TX_QUEUES(priv,
1311 "Bad queue mapping txq_id=%d, agg_txq[sta:%d,tid:%d]=%d\n",
1312 scd_flow, sta_id, tid, agg->txq_id);
1313 spin_unlock_bh(&priv->sta_lock);
1314 return;
1315 }
1316
1317 __skb_queue_head_init(&reclaimed_skbs);
1318
1319 /* Release all TFDs before the SSN, i.e. all TFDs in front of
1320 * block-ack window (we assume that they've been successfully
1321 * transmitted ... if not, it's too late anyway). */
1322 iwl_trans_reclaim(priv->trans, scd_flow, ba_resp_scd_ssn,
1323 &reclaimed_skbs);
1324
1325 IWL_DEBUG_TX_REPLY(priv, "REPLY_COMPRESSED_BA [%d] Received from %pM, "
1326 "sta_id = %d\n",
1327 agg->wait_for_ba,
1328 (u8 *) &ba_resp->sta_addr_lo32,
1329 ba_resp->sta_id);
1330 IWL_DEBUG_TX_REPLY(priv, "TID = %d, SeqCtl = %d, bitmap = 0x%llx, "
1331 "scd_flow = %d, scd_ssn = %d sent:%d, acked:%d\n",
1332 ba_resp->tid, le16_to_cpu(ba_resp->seq_ctl),
1333 (unsigned long long)le64_to_cpu(ba_resp->bitmap),
1334 scd_flow, ba_resp_scd_ssn, ba_resp->txed,
1335 ba_resp->txed_2_done);
1336
1337 /* Mark that the expected block-ack response arrived */
1338 agg->wait_for_ba = false;
1339
1340 /* Sanity check values reported by uCode */
1341 if (ba_resp->txed_2_done > ba_resp->txed) {
1342 IWL_DEBUG_TX_REPLY(priv,
1343 "bogus sent(%d) and ack(%d) count\n",
1344 ba_resp->txed, ba_resp->txed_2_done);
1345 /*
1346 * set txed_2_done = txed,
1347 * so it won't impact rate scale
1348 */
1349 ba_resp->txed = ba_resp->txed_2_done;
1350 }
1351
1352 priv->tid_data[sta_id][tid].next_reclaimed = ba_resp_scd_ssn;
1353
1354 iwlagn_check_ratid_empty(priv, sta_id, tid);
1355 freed = 0;
1356
1357 skb_queue_walk(&reclaimed_skbs, skb) {
1358 struct ieee80211_hdr *hdr = (void *)skb->data;
1359 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1360
1361 if (ieee80211_is_data_qos(hdr->frame_control))
1362 freed++;
1363 else
1364 WARN_ON_ONCE(1);
1365
1366 iwl_trans_free_tx_cmd(priv->trans, info->driver_data[1]);
1367
1368 memset(&info->status, 0, sizeof(info->status));
1369 /* Packet was transmitted successfully, failures come as single
1370 * frames because before failing a frame the firmware transmits
1371 * it without aggregation at least once.
1372 */
1373 info->flags |= IEEE80211_TX_STAT_ACK;
1374
1375 if (freed == 1) {
1376 /* this is the first skb we deliver in this batch */
1377 /* put the rate scaling data there */
1378 info = IEEE80211_SKB_CB(skb);
1379 memset(&info->status, 0, sizeof(info->status));
1380 info->flags |= IEEE80211_TX_STAT_AMPDU;
1381 info->status.ampdu_ack_len = ba_resp->txed_2_done;
1382 info->status.ampdu_len = ba_resp->txed;
1383 iwlagn_hwrate_to_tx_control(priv, agg->rate_n_flags,
1384 info);
1385 }
1386 }
1387
1388 spin_unlock_bh(&priv->sta_lock);
1389
1390 while (!skb_queue_empty(&reclaimed_skbs)) {
1391 skb = __skb_dequeue(&reclaimed_skbs);
1392 ieee80211_tx_status(priv->hw, skb);
1393 }
1394 }
1395