1// SPDX-License-Identifier: GPL-2.0-only 2/****************************************************************************** 3 * 4 * Copyright(c) 2008 - 2014 Intel Corporation. All rights reserved. 5 * Copyright (C) 2019 Intel Corporation 6 * 7 * Contact Information: 8 * Intel Linux Wireless <linuxwifi@intel.com> 9 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 10 * 11 *****************************************************************************/ 12 13#include <linux/kernel.h> 14#include <linux/module.h> 15#include <linux/sched.h> 16#include <linux/ieee80211.h> 17#include "iwl-io.h" 18#include "iwl-trans.h" 19#include "iwl-agn-hw.h" 20#include "dev.h" 21#include "agn.h" 22 23static const u8 tid_to_ac[] = { 24 IEEE80211_AC_BE, 25 IEEE80211_AC_BK, 26 IEEE80211_AC_BK, 27 IEEE80211_AC_BE, 28 IEEE80211_AC_VI, 29 IEEE80211_AC_VI, 30 IEEE80211_AC_VO, 31 IEEE80211_AC_VO, 32}; 33 34static void iwlagn_tx_cmd_protection(struct iwl_priv *priv, 35 struct ieee80211_tx_info *info, 36 __le16 fc, __le32 *tx_flags) 37{ 38 if (info->control.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS || 39 info->control.rates[0].flags & IEEE80211_TX_RC_USE_CTS_PROTECT || 40 info->flags & IEEE80211_TX_CTL_AMPDU) 41 *tx_flags |= TX_CMD_FLG_PROT_REQUIRE_MSK; 42} 43 44/* 45 * handle build REPLY_TX command notification. 46 */ 47static void iwlagn_tx_cmd_build_basic(struct iwl_priv *priv, 48 struct sk_buff *skb, 49 struct iwl_tx_cmd *tx_cmd, 50 struct ieee80211_tx_info *info, 51 struct ieee80211_hdr *hdr, u8 sta_id) 52{ 53 __le16 fc = hdr->frame_control; 54 __le32 tx_flags = tx_cmd->tx_flags; 55 56 tx_cmd->stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE; 57 58 if (!(info->flags & IEEE80211_TX_CTL_NO_ACK)) 59 tx_flags |= TX_CMD_FLG_ACK_MSK; 60 else 61 tx_flags &= ~TX_CMD_FLG_ACK_MSK; 62 63 if (ieee80211_is_probe_resp(fc)) 64 tx_flags |= TX_CMD_FLG_TSF_MSK; 65 else if (ieee80211_is_back_req(fc)) 66 tx_flags |= TX_CMD_FLG_ACK_MSK | TX_CMD_FLG_IMM_BA_RSP_MASK; 67 else if (info->band == NL80211_BAND_2GHZ && 68 priv->lib->bt_params && 69 priv->lib->bt_params->advanced_bt_coexist && 70 (ieee80211_is_auth(fc) || ieee80211_is_assoc_req(fc) || 71 ieee80211_is_reassoc_req(fc) || 72 info->control.flags & IEEE80211_TX_CTRL_PORT_CTRL_PROTO)) 73 tx_flags |= TX_CMD_FLG_IGNORE_BT; 74 75 76 tx_cmd->sta_id = sta_id; 77 if (ieee80211_has_morefrags(fc)) 78 tx_flags |= TX_CMD_FLG_MORE_FRAG_MSK; 79 80 if (ieee80211_is_data_qos(fc)) { 81 u8 *qc = ieee80211_get_qos_ctl(hdr); 82 tx_cmd->tid_tspec = qc[0] & 0xf; 83 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK; 84 } else { 85 tx_cmd->tid_tspec = IWL_TID_NON_QOS; 86 if (info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ) 87 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK; 88 else 89 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK; 90 } 91 92 iwlagn_tx_cmd_protection(priv, info, fc, &tx_flags); 93 94 tx_flags &= ~(TX_CMD_FLG_ANT_SEL_MSK); 95 if (ieee80211_is_mgmt(fc)) { 96 if (ieee80211_is_assoc_req(fc) || ieee80211_is_reassoc_req(fc)) 97 tx_cmd->timeout.pm_frame_timeout = cpu_to_le16(3); 98 else 99 tx_cmd->timeout.pm_frame_timeout = cpu_to_le16(2); 100 } else { 101 tx_cmd->timeout.pm_frame_timeout = 0; 102 } 103 104 tx_cmd->driver_txop = 0; 105 tx_cmd->tx_flags = tx_flags; 106 tx_cmd->next_frame_len = 0; 107} 108 109static void iwlagn_tx_cmd_build_rate(struct iwl_priv *priv, 110 struct iwl_tx_cmd *tx_cmd, 111 struct ieee80211_tx_info *info, 112 struct ieee80211_sta *sta, 113 __le16 fc) 114{ 115 u32 rate_flags; 116 int rate_idx; 117 u8 rts_retry_limit; 118 u8 data_retry_limit; 119 u8 rate_plcp; 120 121 if (priv->wowlan) { 122 rts_retry_limit = IWLAGN_LOW_RETRY_LIMIT; 123 data_retry_limit = IWLAGN_LOW_RETRY_LIMIT; 124 } else { 125 /* Set retry limit on RTS packets */ 126 rts_retry_limit = IWLAGN_RTS_DFAULT_RETRY_LIMIT; 127 128 /* Set retry limit on DATA packets and Probe Responses*/ 129 if (ieee80211_is_probe_resp(fc)) { 130 data_retry_limit = IWLAGN_MGMT_DFAULT_RETRY_LIMIT; 131 rts_retry_limit = 132 min(data_retry_limit, rts_retry_limit); 133 } else if (ieee80211_is_back_req(fc)) 134 data_retry_limit = IWLAGN_BAR_DFAULT_RETRY_LIMIT; 135 else 136 data_retry_limit = IWLAGN_DEFAULT_TX_RETRY; 137 } 138 139 tx_cmd->data_retry_limit = data_retry_limit; 140 tx_cmd->rts_retry_limit = rts_retry_limit; 141 142 /* DATA packets will use the uCode station table for rate/antenna 143 * selection */ 144 if (ieee80211_is_data(fc)) { 145 tx_cmd->initial_rate_index = 0; 146 tx_cmd->tx_flags |= TX_CMD_FLG_STA_RATE_MSK; 147 return; 148 } else if (ieee80211_is_back_req(fc)) 149 tx_cmd->tx_flags |= TX_CMD_FLG_STA_RATE_MSK; 150 151 /** 152 * If the current TX rate stored in mac80211 has the MCS bit set, it's 153 * not really a TX rate. Thus, we use the lowest supported rate for 154 * this band. Also use the lowest supported rate if the stored rate 155 * index is invalid. 156 */ 157 rate_idx = info->control.rates[0].idx; 158 if (info->control.rates[0].flags & IEEE80211_TX_RC_MCS || 159 (rate_idx < 0) || (rate_idx > IWL_RATE_COUNT_LEGACY)) 160 rate_idx = rate_lowest_index( 161 &priv->nvm_data->bands[info->band], sta); 162 /* For 5 GHZ band, remap mac80211 rate indices into driver indices */ 163 if (info->band == NL80211_BAND_5GHZ) 164 rate_idx += IWL_FIRST_OFDM_RATE; 165 /* Get PLCP rate for tx_cmd->rate_n_flags */ 166 rate_plcp = iwl_rates[rate_idx].plcp; 167 /* Zero out flags for this packet */ 168 rate_flags = 0; 169 170 /* Set CCK flag as needed */ 171 if ((rate_idx >= IWL_FIRST_CCK_RATE) && (rate_idx <= IWL_LAST_CCK_RATE)) 172 rate_flags |= RATE_MCS_CCK_MSK; 173 174 /* Set up antennas */ 175 if (priv->lib->bt_params && 176 priv->lib->bt_params->advanced_bt_coexist && 177 priv->bt_full_concurrent) { 178 /* operated as 1x1 in full concurrency mode */ 179 priv->mgmt_tx_ant = iwl_toggle_tx_ant(priv, priv->mgmt_tx_ant, 180 first_antenna(priv->nvm_data->valid_tx_ant)); 181 } else 182 priv->mgmt_tx_ant = iwl_toggle_tx_ant( 183 priv, priv->mgmt_tx_ant, 184 priv->nvm_data->valid_tx_ant); 185 rate_flags |= iwl_ant_idx_to_flags(priv->mgmt_tx_ant); 186 187 /* Set the rate in the TX cmd */ 188 tx_cmd->rate_n_flags = iwl_hw_set_rate_n_flags(rate_plcp, rate_flags); 189} 190 191static void iwlagn_tx_cmd_build_hwcrypto(struct iwl_priv *priv, 192 struct ieee80211_tx_info *info, 193 struct iwl_tx_cmd *tx_cmd, 194 struct sk_buff *skb_frag) 195{ 196 struct ieee80211_key_conf *keyconf = info->control.hw_key; 197 198 switch (keyconf->cipher) { 199 case WLAN_CIPHER_SUITE_CCMP: 200 tx_cmd->sec_ctl = TX_CMD_SEC_CCM; 201 memcpy(tx_cmd->key, keyconf->key, keyconf->keylen); 202 if (info->flags & IEEE80211_TX_CTL_AMPDU) 203 tx_cmd->tx_flags |= TX_CMD_FLG_AGG_CCMP_MSK; 204 break; 205 206 case WLAN_CIPHER_SUITE_TKIP: 207 tx_cmd->sec_ctl = TX_CMD_SEC_TKIP; 208 ieee80211_get_tkip_p2k(keyconf, skb_frag, tx_cmd->key); 209 break; 210 211 case WLAN_CIPHER_SUITE_WEP104: 212 tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128; 213 /* fall through */ 214 case WLAN_CIPHER_SUITE_WEP40: 215 tx_cmd->sec_ctl |= (TX_CMD_SEC_WEP | 216 (keyconf->keyidx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT); 217 218 memcpy(&tx_cmd->key[3], keyconf->key, keyconf->keylen); 219 220 IWL_DEBUG_TX(priv, "Configuring packet for WEP encryption " 221 "with key %d\n", keyconf->keyidx); 222 break; 223 224 default: 225 IWL_ERR(priv, "Unknown encode cipher %x\n", keyconf->cipher); 226 break; 227 } 228} 229 230/** 231 * iwl_sta_id_or_broadcast - return sta_id or broadcast sta 232 * @context: the current context 233 * @sta: mac80211 station 234 * 235 * In certain circumstances mac80211 passes a station pointer 236 * that may be %NULL, for example during TX or key setup. In 237 * that case, we need to use the broadcast station, so this 238 * inline wraps that pattern. 239 */ 240static int iwl_sta_id_or_broadcast(struct iwl_rxon_context *context, 241 struct ieee80211_sta *sta) 242{ 243 int sta_id; 244 245 if (!sta) 246 return context->bcast_sta_id; 247 248 sta_id = iwl_sta_id(sta); 249 250 /* 251 * mac80211 should not be passing a partially 252 * initialised station! 253 */ 254 WARN_ON(sta_id == IWL_INVALID_STATION); 255 256 return sta_id; 257} 258 259/* 260 * start REPLY_TX command process 261 */ 262int iwlagn_tx_skb(struct iwl_priv *priv, 263 struct ieee80211_sta *sta, 264 struct sk_buff *skb) 265{ 266 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 267 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 268 struct iwl_station_priv *sta_priv = NULL; 269 struct iwl_rxon_context *ctx = &priv->contexts[IWL_RXON_CTX_BSS]; 270 struct iwl_device_tx_cmd *dev_cmd; 271 struct iwl_tx_cmd *tx_cmd; 272 __le16 fc; 273 u8 hdr_len; 274 u16 len, seq_number = 0; 275 u8 sta_id, tid = IWL_MAX_TID_COUNT; 276 bool is_agg = false, is_data_qos = false; 277 int txq_id; 278 279 if (info->control.vif) 280 ctx = iwl_rxon_ctx_from_vif(info->control.vif); 281 282 if (iwl_is_rfkill(priv)) { 283 IWL_DEBUG_DROP(priv, "Dropping - RF KILL\n"); 284 goto drop_unlock_priv; 285 } 286 287 fc = hdr->frame_control; 288 289#ifdef CONFIG_IWLWIFI_DEBUG 290 if (ieee80211_is_auth(fc)) 291 IWL_DEBUG_TX(priv, "Sending AUTH frame\n"); 292 else if (ieee80211_is_assoc_req(fc)) 293 IWL_DEBUG_TX(priv, "Sending ASSOC frame\n"); 294 else if (ieee80211_is_reassoc_req(fc)) 295 IWL_DEBUG_TX(priv, "Sending REASSOC frame\n"); 296#endif 297 298 if (unlikely(ieee80211_is_probe_resp(fc))) { 299 struct iwl_wipan_noa_data *noa_data = 300 rcu_dereference(priv->noa_data); 301 302 if (noa_data && 303 pskb_expand_head(skb, 0, noa_data->length, 304 GFP_ATOMIC) == 0) { 305 skb_put_data(skb, noa_data->data, noa_data->length); 306 hdr = (struct ieee80211_hdr *)skb->data; 307 } 308 } 309 310 hdr_len = ieee80211_hdrlen(fc); 311 312 /* For management frames use broadcast id to do not break aggregation */ 313 if (!ieee80211_is_data(fc)) 314 sta_id = ctx->bcast_sta_id; 315 else { 316 /* Find index into station table for destination station */ 317 sta_id = iwl_sta_id_or_broadcast(ctx, sta); 318 if (sta_id == IWL_INVALID_STATION) { 319 IWL_DEBUG_DROP(priv, "Dropping - INVALID STATION: %pM\n", 320 hdr->addr1); 321 goto drop_unlock_priv; 322 } 323 } 324 325 if (sta) 326 sta_priv = (void *)sta->drv_priv; 327 328 if (sta_priv && sta_priv->asleep && 329 (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER)) { 330 /* 331 * This sends an asynchronous command to the device, 332 * but we can rely on it being processed before the 333 * next frame is processed -- and the next frame to 334 * this station is the one that will consume this 335 * counter. 336 * For now set the counter to just 1 since we do not 337 * support uAPSD yet. 338 * 339 * FIXME: If we get two non-bufferable frames one 340 * after the other, we might only send out one of 341 * them because this is racy. 342 */ 343 iwl_sta_modify_sleep_tx_count(priv, sta_id, 1); 344 } 345 346 dev_cmd = iwl_trans_alloc_tx_cmd(priv->trans); 347 348 if (unlikely(!dev_cmd)) 349 goto drop_unlock_priv; 350 351 dev_cmd->hdr.cmd = REPLY_TX; 352 tx_cmd = (struct iwl_tx_cmd *) dev_cmd->payload; 353 354 /* Total # bytes to be transmitted */ 355 len = (u16)skb->len; 356 tx_cmd->len = cpu_to_le16(len); 357 358 if (info->control.hw_key) 359 iwlagn_tx_cmd_build_hwcrypto(priv, info, tx_cmd, skb); 360 361 /* TODO need this for burst mode later on */ 362 iwlagn_tx_cmd_build_basic(priv, skb, tx_cmd, info, hdr, sta_id); 363 364 iwlagn_tx_cmd_build_rate(priv, tx_cmd, info, sta, fc); 365 366 memset(&info->status, 0, sizeof(info->status)); 367 memset(info->driver_data, 0, sizeof(info->driver_data)); 368 369 info->driver_data[0] = ctx; 370 info->driver_data[1] = dev_cmd; 371 /* From now on, we cannot access info->control */ 372 373 spin_lock(&priv->sta_lock); 374 375 if (ieee80211_is_data_qos(fc) && !ieee80211_is_qos_nullfunc(fc)) { 376 u8 *qc = NULL; 377 struct iwl_tid_data *tid_data; 378 qc = ieee80211_get_qos_ctl(hdr); 379 tid = qc[0] & IEEE80211_QOS_CTL_TID_MASK; 380 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT)) 381 goto drop_unlock_sta; 382 tid_data = &priv->tid_data[sta_id][tid]; 383 384 /* aggregation is on for this <sta,tid> */ 385 if (info->flags & IEEE80211_TX_CTL_AMPDU && 386 tid_data->agg.state != IWL_AGG_ON) { 387 IWL_ERR(priv, 388 "TX_CTL_AMPDU while not in AGG: Tx flags = 0x%08x, agg.state = %d\n", 389 info->flags, tid_data->agg.state); 390 IWL_ERR(priv, "sta_id = %d, tid = %d seq_num = %d\n", 391 sta_id, tid, 392 IEEE80211_SEQ_TO_SN(tid_data->seq_number)); 393 goto drop_unlock_sta; 394 } 395 396 /* We can receive packets from the stack in IWL_AGG_{ON,OFF} 397 * only. Check this here. 398 */ 399 if (WARN_ONCE(tid_data->agg.state != IWL_AGG_ON && 400 tid_data->agg.state != IWL_AGG_OFF, 401 "Tx while agg.state = %d\n", tid_data->agg.state)) 402 goto drop_unlock_sta; 403 404 seq_number = tid_data->seq_number; 405 seq_number &= IEEE80211_SCTL_SEQ; 406 hdr->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG); 407 hdr->seq_ctrl |= cpu_to_le16(seq_number); 408 seq_number += 0x10; 409 410 if (info->flags & IEEE80211_TX_CTL_AMPDU) 411 is_agg = true; 412 is_data_qos = true; 413 } 414 415 /* Copy MAC header from skb into command buffer */ 416 memcpy(tx_cmd->hdr, hdr, hdr_len); 417 418 txq_id = info->hw_queue; 419 420 if (is_agg) 421 txq_id = priv->tid_data[sta_id][tid].agg.txq_id; 422 else if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) { 423 /* 424 * The microcode will clear the more data 425 * bit in the last frame it transmits. 426 */ 427 hdr->frame_control |= 428 cpu_to_le16(IEEE80211_FCTL_MOREDATA); 429 } 430 431 WARN_ON_ONCE(is_agg && 432 priv->queue_to_mac80211[txq_id] != info->hw_queue); 433 434 IWL_DEBUG_TX(priv, "TX to [%d|%d] Q:%d - seq: 0x%x\n", sta_id, tid, 435 txq_id, seq_number); 436 437 if (iwl_trans_tx(priv->trans, skb, dev_cmd, txq_id)) 438 goto drop_unlock_sta; 439 440 if (is_data_qos && !ieee80211_has_morefrags(fc)) 441 priv->tid_data[sta_id][tid].seq_number = seq_number; 442 443 spin_unlock(&priv->sta_lock); 444 445 /* 446 * Avoid atomic ops if it isn't an associated client. 447 * Also, if this is a packet for aggregation, don't 448 * increase the counter because the ucode will stop 449 * aggregation queues when their respective station 450 * goes to sleep. 451 */ 452 if (sta_priv && sta_priv->client && !is_agg) 453 atomic_inc(&sta_priv->pending_frames); 454 455 return 0; 456 457drop_unlock_sta: 458 if (dev_cmd) 459 iwl_trans_free_tx_cmd(priv->trans, dev_cmd); 460 spin_unlock(&priv->sta_lock); 461drop_unlock_priv: 462 return -1; 463} 464 465static int iwlagn_alloc_agg_txq(struct iwl_priv *priv, int mq) 466{ 467 int q; 468 469 for (q = IWLAGN_FIRST_AMPDU_QUEUE; 470 q < priv->trans->trans_cfg->base_params->num_of_queues; q++) { 471 if (!test_and_set_bit(q, priv->agg_q_alloc)) { 472 priv->queue_to_mac80211[q] = mq; 473 return q; 474 } 475 } 476 477 return -ENOSPC; 478} 479 480static void iwlagn_dealloc_agg_txq(struct iwl_priv *priv, int q) 481{ 482 clear_bit(q, priv->agg_q_alloc); 483 priv->queue_to_mac80211[q] = IWL_INVALID_MAC80211_QUEUE; 484} 485 486int iwlagn_tx_agg_stop(struct iwl_priv *priv, struct ieee80211_vif *vif, 487 struct ieee80211_sta *sta, u16 tid) 488{ 489 struct iwl_tid_data *tid_data; 490 int sta_id, txq_id; 491 enum iwl_agg_state agg_state; 492 493 sta_id = iwl_sta_id(sta); 494 495 if (sta_id == IWL_INVALID_STATION) { 496 IWL_ERR(priv, "Invalid station for AGG tid %d\n", tid); 497 return -ENXIO; 498 } 499 500 spin_lock_bh(&priv->sta_lock); 501 502 tid_data = &priv->tid_data[sta_id][tid]; 503 txq_id = tid_data->agg.txq_id; 504 505 switch (tid_data->agg.state) { 506 case IWL_EMPTYING_HW_QUEUE_ADDBA: 507 /* 508 * This can happen if the peer stops aggregation 509 * again before we've had a chance to drain the 510 * queue we selected previously, i.e. before the 511 * session was really started completely. 512 */ 513 IWL_DEBUG_HT(priv, "AGG stop before setup done\n"); 514 goto turn_off; 515 case IWL_AGG_STARTING: 516 /* 517 * This can happen when the session is stopped before 518 * we receive ADDBA response 519 */ 520 IWL_DEBUG_HT(priv, "AGG stop before AGG became operational\n"); 521 goto turn_off; 522 case IWL_AGG_ON: 523 break; 524 default: 525 IWL_WARN(priv, 526 "Stopping AGG while state not ON or starting for %d on %d (%d)\n", 527 sta_id, tid, tid_data->agg.state); 528 spin_unlock_bh(&priv->sta_lock); 529 return 0; 530 } 531 532 tid_data->agg.ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number); 533 534 /* There are still packets for this RA / TID in the HW */ 535 if (!test_bit(txq_id, priv->agg_q_alloc)) { 536 IWL_DEBUG_TX_QUEUES(priv, 537 "stopping AGG on STA/TID %d/%d but hwq %d not used\n", 538 sta_id, tid, txq_id); 539 } else if (tid_data->agg.ssn != tid_data->next_reclaimed) { 540 IWL_DEBUG_TX_QUEUES(priv, 541 "Can't proceed: ssn %d, next_recl = %d\n", 542 tid_data->agg.ssn, 543 tid_data->next_reclaimed); 544 tid_data->agg.state = IWL_EMPTYING_HW_QUEUE_DELBA; 545 spin_unlock_bh(&priv->sta_lock); 546 return 0; 547 } 548 549 IWL_DEBUG_TX_QUEUES(priv, "Can proceed: ssn = next_recl = %d\n", 550 tid_data->agg.ssn); 551turn_off: 552 agg_state = tid_data->agg.state; 553 tid_data->agg.state = IWL_AGG_OFF; 554 555 spin_unlock_bh(&priv->sta_lock); 556 557 if (test_bit(txq_id, priv->agg_q_alloc)) { 558 /* 559 * If the transport didn't know that we wanted to start 560 * agreggation, don't tell it that we want to stop them. 561 * This can happen when we don't get the addBA response on 562 * time, or we hadn't time to drain the AC queues. 563 */ 564 if (agg_state == IWL_AGG_ON) 565 iwl_trans_txq_disable(priv->trans, txq_id, true); 566 else 567 IWL_DEBUG_TX_QUEUES(priv, "Don't disable tx agg: %d\n", 568 agg_state); 569 iwlagn_dealloc_agg_txq(priv, txq_id); 570 } 571 572 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid); 573 574 return 0; 575} 576 577int iwlagn_tx_agg_start(struct iwl_priv *priv, struct ieee80211_vif *vif, 578 struct ieee80211_sta *sta, u16 tid, u16 *ssn) 579{ 580 struct iwl_rxon_context *ctx = iwl_rxon_ctx_from_vif(vif); 581 struct iwl_tid_data *tid_data; 582 int sta_id, txq_id, ret; 583 584 IWL_DEBUG_HT(priv, "TX AGG request on ra = %pM tid = %d\n", 585 sta->addr, tid); 586 587 sta_id = iwl_sta_id(sta); 588 if (sta_id == IWL_INVALID_STATION) { 589 IWL_ERR(priv, "Start AGG on invalid station\n"); 590 return -ENXIO; 591 } 592 if (unlikely(tid >= IWL_MAX_TID_COUNT)) 593 return -EINVAL; 594 595 if (priv->tid_data[sta_id][tid].agg.state != IWL_AGG_OFF) { 596 IWL_ERR(priv, "Start AGG when state is not IWL_AGG_OFF !\n"); 597 return -ENXIO; 598 } 599 600 txq_id = iwlagn_alloc_agg_txq(priv, ctx->ac_to_queue[tid_to_ac[tid]]); 601 if (txq_id < 0) { 602 IWL_DEBUG_TX_QUEUES(priv, 603 "No free aggregation queue for %pM/%d\n", 604 sta->addr, tid); 605 return txq_id; 606 } 607 608 ret = iwl_sta_tx_modify_enable_tid(priv, sta_id, tid); 609 if (ret) 610 return ret; 611 612 spin_lock_bh(&priv->sta_lock); 613 tid_data = &priv->tid_data[sta_id][tid]; 614 tid_data->agg.ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number); 615 tid_data->agg.txq_id = txq_id; 616 617 *ssn = tid_data->agg.ssn; 618 619 if (*ssn == tid_data->next_reclaimed) { 620 IWL_DEBUG_TX_QUEUES(priv, "Can proceed: ssn = next_recl = %d\n", 621 tid_data->agg.ssn); 622 tid_data->agg.state = IWL_AGG_STARTING; 623 ret = IEEE80211_AMPDU_TX_START_IMMEDIATE; 624 } else { 625 IWL_DEBUG_TX_QUEUES(priv, "Can't proceed: ssn %d, " 626 "next_reclaimed = %d\n", 627 tid_data->agg.ssn, 628 tid_data->next_reclaimed); 629 tid_data->agg.state = IWL_EMPTYING_HW_QUEUE_ADDBA; 630 } 631 spin_unlock_bh(&priv->sta_lock); 632 633 return ret; 634} 635 636int iwlagn_tx_agg_flush(struct iwl_priv *priv, struct ieee80211_vif *vif, 637 struct ieee80211_sta *sta, u16 tid) 638{ 639 struct iwl_tid_data *tid_data; 640 enum iwl_agg_state agg_state; 641 int sta_id, txq_id; 642 sta_id = iwl_sta_id(sta); 643 644 /* 645 * First set the agg state to OFF to avoid calling 646 * ieee80211_stop_tx_ba_cb in iwlagn_check_ratid_empty. 647 */ 648 spin_lock_bh(&priv->sta_lock); 649 650 tid_data = &priv->tid_data[sta_id][tid]; 651 txq_id = tid_data->agg.txq_id; 652 agg_state = tid_data->agg.state; 653 IWL_DEBUG_TX_QUEUES(priv, "Flush AGG: sta %d tid %d q %d state %d\n", 654 sta_id, tid, txq_id, tid_data->agg.state); 655 656 tid_data->agg.state = IWL_AGG_OFF; 657 658 spin_unlock_bh(&priv->sta_lock); 659 660 if (iwlagn_txfifo_flush(priv, BIT(txq_id))) 661 IWL_ERR(priv, "Couldn't flush the AGG queue\n"); 662 663 if (test_bit(txq_id, priv->agg_q_alloc)) { 664 /* 665 * If the transport didn't know that we wanted to start 666 * agreggation, don't tell it that we want to stop them. 667 * This can happen when we don't get the addBA response on 668 * time, or we hadn't time to drain the AC queues. 669 */ 670 if (agg_state == IWL_AGG_ON) 671 iwl_trans_txq_disable(priv->trans, txq_id, true); 672 else 673 IWL_DEBUG_TX_QUEUES(priv, "Don't disable tx agg: %d\n", 674 agg_state); 675 iwlagn_dealloc_agg_txq(priv, txq_id); 676 } 677 678 return 0; 679} 680 681int iwlagn_tx_agg_oper(struct iwl_priv *priv, struct ieee80211_vif *vif, 682 struct ieee80211_sta *sta, u16 tid, u8 buf_size) 683{ 684 struct iwl_station_priv *sta_priv = (void *) sta->drv_priv; 685 struct iwl_rxon_context *ctx = iwl_rxon_ctx_from_vif(vif); 686 int q, fifo; 687 u16 ssn; 688 689 buf_size = min_t(int, buf_size, LINK_QUAL_AGG_FRAME_LIMIT_DEF); 690 691 spin_lock_bh(&priv->sta_lock); 692 ssn = priv->tid_data[sta_priv->sta_id][tid].agg.ssn; 693 q = priv->tid_data[sta_priv->sta_id][tid].agg.txq_id; 694 priv->tid_data[sta_priv->sta_id][tid].agg.state = IWL_AGG_ON; 695 spin_unlock_bh(&priv->sta_lock); 696 697 fifo = ctx->ac_to_fifo[tid_to_ac[tid]]; 698 699 iwl_trans_txq_enable(priv->trans, q, fifo, sta_priv->sta_id, tid, 700 buf_size, ssn, 0); 701 702 /* 703 * If the limit is 0, then it wasn't initialised yet, 704 * use the default. We can do that since we take the 705 * minimum below, and we don't want to go above our 706 * default due to hardware restrictions. 707 */ 708 if (sta_priv->max_agg_bufsize == 0) 709 sta_priv->max_agg_bufsize = 710 LINK_QUAL_AGG_FRAME_LIMIT_DEF; 711 712 /* 713 * Even though in theory the peer could have different 714 * aggregation reorder buffer sizes for different sessions, 715 * our ucode doesn't allow for that and has a global limit 716 * for each station. Therefore, use the minimum of all the 717 * aggregation sessions and our default value. 718 */ 719 sta_priv->max_agg_bufsize = 720 min(sta_priv->max_agg_bufsize, buf_size); 721 722 if (priv->hw_params.use_rts_for_aggregation) { 723 /* 724 * switch to RTS/CTS if it is the prefer protection 725 * method for HT traffic 726 */ 727 728 sta_priv->lq_sta.lq.general_params.flags |= 729 LINK_QUAL_FLAGS_SET_STA_TLC_RTS_MSK; 730 } 731 priv->agg_tids_count++; 732 IWL_DEBUG_HT(priv, "priv->agg_tids_count = %u\n", 733 priv->agg_tids_count); 734 735 sta_priv->lq_sta.lq.agg_params.agg_frame_cnt_limit = 736 sta_priv->max_agg_bufsize; 737 738 IWL_DEBUG_HT(priv, "Tx aggregation enabled on ra = %pM tid = %d\n", 739 sta->addr, tid); 740 741 return iwl_send_lq_cmd(priv, ctx, 742 &sta_priv->lq_sta.lq, CMD_ASYNC, false); 743} 744 745static void iwlagn_check_ratid_empty(struct iwl_priv *priv, int sta_id, u8 tid) 746{ 747 struct iwl_tid_data *tid_data = &priv->tid_data[sta_id][tid]; 748 enum iwl_rxon_context_id ctx; 749 struct ieee80211_vif *vif; 750 u8 *addr; 751 752 lockdep_assert_held(&priv->sta_lock); 753 754 addr = priv->stations[sta_id].sta.sta.addr; 755 ctx = priv->stations[sta_id].ctxid; 756 vif = priv->contexts[ctx].vif; 757 758 switch (priv->tid_data[sta_id][tid].agg.state) { 759 case IWL_EMPTYING_HW_QUEUE_DELBA: 760 /* There are no packets for this RA / TID in the HW any more */ 761 if (tid_data->agg.ssn == tid_data->next_reclaimed) { 762 IWL_DEBUG_TX_QUEUES(priv, 763 "Can continue DELBA flow ssn = next_recl = %d\n", 764 tid_data->next_reclaimed); 765 iwl_trans_txq_disable(priv->trans, 766 tid_data->agg.txq_id, true); 767 iwlagn_dealloc_agg_txq(priv, tid_data->agg.txq_id); 768 tid_data->agg.state = IWL_AGG_OFF; 769 ieee80211_stop_tx_ba_cb_irqsafe(vif, addr, tid); 770 } 771 break; 772 case IWL_EMPTYING_HW_QUEUE_ADDBA: 773 /* There are no packets for this RA / TID in the HW any more */ 774 if (tid_data->agg.ssn == tid_data->next_reclaimed) { 775 IWL_DEBUG_TX_QUEUES(priv, 776 "Can continue ADDBA flow ssn = next_recl = %d\n", 777 tid_data->next_reclaimed); 778 tid_data->agg.state = IWL_AGG_STARTING; 779 ieee80211_start_tx_ba_cb_irqsafe(vif, addr, tid); 780 } 781 break; 782 default: 783 break; 784 } 785} 786 787static void iwlagn_non_agg_tx_status(struct iwl_priv *priv, 788 struct iwl_rxon_context *ctx, 789 const u8 *addr1) 790{ 791 struct ieee80211_sta *sta; 792 struct iwl_station_priv *sta_priv; 793 794 rcu_read_lock(); 795 sta = ieee80211_find_sta(ctx->vif, addr1); 796 if (sta) { 797 sta_priv = (void *)sta->drv_priv; 798 /* avoid atomic ops if this isn't a client */ 799 if (sta_priv->client && 800 atomic_dec_return(&sta_priv->pending_frames) == 0) 801 ieee80211_sta_block_awake(priv->hw, sta, false); 802 } 803 rcu_read_unlock(); 804} 805 806/* 807 * translate ucode response to mac80211 tx status control values 808 */ 809static void iwlagn_hwrate_to_tx_control(struct iwl_priv *priv, u32 rate_n_flags, 810 struct ieee80211_tx_info *info) 811{ 812 struct ieee80211_tx_rate *r = &info->status.rates[0]; 813 814 info->status.antenna = 815 ((rate_n_flags & RATE_MCS_ANT_ABC_MSK) >> RATE_MCS_ANT_POS); 816 if (rate_n_flags & RATE_MCS_HT_MSK) 817 r->flags |= IEEE80211_TX_RC_MCS; 818 if (rate_n_flags & RATE_MCS_GF_MSK) 819 r->flags |= IEEE80211_TX_RC_GREEN_FIELD; 820 if (rate_n_flags & RATE_MCS_HT40_MSK) 821 r->flags |= IEEE80211_TX_RC_40_MHZ_WIDTH; 822 if (rate_n_flags & RATE_MCS_DUP_MSK) 823 r->flags |= IEEE80211_TX_RC_DUP_DATA; 824 if (rate_n_flags & RATE_MCS_SGI_MSK) 825 r->flags |= IEEE80211_TX_RC_SHORT_GI; 826 r->idx = iwlagn_hwrate_to_mac80211_idx(rate_n_flags, info->band); 827} 828 829#ifdef CONFIG_IWLWIFI_DEBUG 830const char *iwl_get_tx_fail_reason(u32 status) 831{ 832#define TX_STATUS_FAIL(x) case TX_STATUS_FAIL_ ## x: return #x 833#define TX_STATUS_POSTPONE(x) case TX_STATUS_POSTPONE_ ## x: return #x 834 835 switch (status & TX_STATUS_MSK) { 836 case TX_STATUS_SUCCESS: 837 return "SUCCESS"; 838 TX_STATUS_POSTPONE(DELAY); 839 TX_STATUS_POSTPONE(FEW_BYTES); 840 TX_STATUS_POSTPONE(BT_PRIO); 841 TX_STATUS_POSTPONE(QUIET_PERIOD); 842 TX_STATUS_POSTPONE(CALC_TTAK); 843 TX_STATUS_FAIL(INTERNAL_CROSSED_RETRY); 844 TX_STATUS_FAIL(SHORT_LIMIT); 845 TX_STATUS_FAIL(LONG_LIMIT); 846 TX_STATUS_FAIL(FIFO_UNDERRUN); 847 TX_STATUS_FAIL(DRAIN_FLOW); 848 TX_STATUS_FAIL(RFKILL_FLUSH); 849 TX_STATUS_FAIL(LIFE_EXPIRE); 850 TX_STATUS_FAIL(DEST_PS); 851 TX_STATUS_FAIL(HOST_ABORTED); 852 TX_STATUS_FAIL(BT_RETRY); 853 TX_STATUS_FAIL(STA_INVALID); 854 TX_STATUS_FAIL(FRAG_DROPPED); 855 TX_STATUS_FAIL(TID_DISABLE); 856 TX_STATUS_FAIL(FIFO_FLUSHED); 857 TX_STATUS_FAIL(INSUFFICIENT_CF_POLL); 858 TX_STATUS_FAIL(PASSIVE_NO_RX); 859 TX_STATUS_FAIL(NO_BEACON_ON_RADAR); 860 } 861 862 return "UNKNOWN"; 863 864#undef TX_STATUS_FAIL 865#undef TX_STATUS_POSTPONE 866} 867#endif /* CONFIG_IWLWIFI_DEBUG */ 868 869static void iwlagn_count_agg_tx_err_status(struct iwl_priv *priv, u16 status) 870{ 871 status &= AGG_TX_STATUS_MSK; 872 873 switch (status) { 874 case AGG_TX_STATE_UNDERRUN_MSK: 875 priv->reply_agg_tx_stats.underrun++; 876 break; 877 case AGG_TX_STATE_BT_PRIO_MSK: 878 priv->reply_agg_tx_stats.bt_prio++; 879 break; 880 case AGG_TX_STATE_FEW_BYTES_MSK: 881 priv->reply_agg_tx_stats.few_bytes++; 882 break; 883 case AGG_TX_STATE_ABORT_MSK: 884 priv->reply_agg_tx_stats.abort++; 885 break; 886 case AGG_TX_STATE_LAST_SENT_TTL_MSK: 887 priv->reply_agg_tx_stats.last_sent_ttl++; 888 break; 889 case AGG_TX_STATE_LAST_SENT_TRY_CNT_MSK: 890 priv->reply_agg_tx_stats.last_sent_try++; 891 break; 892 case AGG_TX_STATE_LAST_SENT_BT_KILL_MSK: 893 priv->reply_agg_tx_stats.last_sent_bt_kill++; 894 break; 895 case AGG_TX_STATE_SCD_QUERY_MSK: 896 priv->reply_agg_tx_stats.scd_query++; 897 break; 898 case AGG_TX_STATE_TEST_BAD_CRC32_MSK: 899 priv->reply_agg_tx_stats.bad_crc32++; 900 break; 901 case AGG_TX_STATE_RESPONSE_MSK: 902 priv->reply_agg_tx_stats.response++; 903 break; 904 case AGG_TX_STATE_DUMP_TX_MSK: 905 priv->reply_agg_tx_stats.dump_tx++; 906 break; 907 case AGG_TX_STATE_DELAY_TX_MSK: 908 priv->reply_agg_tx_stats.delay_tx++; 909 break; 910 default: 911 priv->reply_agg_tx_stats.unknown++; 912 break; 913 } 914} 915 916static inline u32 iwlagn_get_scd_ssn(struct iwlagn_tx_resp *tx_resp) 917{ 918 return le32_to_cpup((__le32 *)&tx_resp->status + 919 tx_resp->frame_count) & IEEE80211_MAX_SN; 920} 921 922static void iwl_rx_reply_tx_agg(struct iwl_priv *priv, 923 struct iwlagn_tx_resp *tx_resp) 924{ 925 struct agg_tx_status *frame_status = &tx_resp->status; 926 int tid = (tx_resp->ra_tid & IWLAGN_TX_RES_TID_MSK) >> 927 IWLAGN_TX_RES_TID_POS; 928 int sta_id = (tx_resp->ra_tid & IWLAGN_TX_RES_RA_MSK) >> 929 IWLAGN_TX_RES_RA_POS; 930 struct iwl_ht_agg *agg = &priv->tid_data[sta_id][tid].agg; 931 u32 status = le16_to_cpu(tx_resp->status.status); 932 int i; 933 934 WARN_ON(tid == IWL_TID_NON_QOS); 935 936 if (agg->wait_for_ba) 937 IWL_DEBUG_TX_REPLY(priv, 938 "got tx response w/o block-ack\n"); 939 940 agg->rate_n_flags = le32_to_cpu(tx_resp->rate_n_flags); 941 agg->wait_for_ba = (tx_resp->frame_count > 1); 942 943 /* 944 * If the BT kill count is non-zero, we'll get this 945 * notification again. 946 */ 947 if (tx_resp->bt_kill_count && tx_resp->frame_count == 1 && 948 priv->lib->bt_params && 949 priv->lib->bt_params->advanced_bt_coexist) { 950 IWL_DEBUG_COEX(priv, "receive reply tx w/ bt_kill\n"); 951 } 952 953 if (tx_resp->frame_count == 1) 954 return; 955 956 IWL_DEBUG_TX_REPLY(priv, "TXQ %d initial_rate 0x%x ssn %d frm_cnt %d\n", 957 agg->txq_id, 958 le32_to_cpu(tx_resp->rate_n_flags), 959 iwlagn_get_scd_ssn(tx_resp), tx_resp->frame_count); 960 961 /* Construct bit-map of pending frames within Tx window */ 962 for (i = 0; i < tx_resp->frame_count; i++) { 963 u16 fstatus = le16_to_cpu(frame_status[i].status); 964 u8 retry_cnt = (fstatus & AGG_TX_TRY_MSK) >> AGG_TX_TRY_POS; 965 966 if (status & AGG_TX_STATUS_MSK) 967 iwlagn_count_agg_tx_err_status(priv, fstatus); 968 969 if (status & (AGG_TX_STATE_FEW_BYTES_MSK | 970 AGG_TX_STATE_ABORT_MSK)) 971 continue; 972 973 if (status & AGG_TX_STATUS_MSK || retry_cnt > 1) 974 IWL_DEBUG_TX_REPLY(priv, 975 "%d: status %s (0x%04x), try-count (0x%01x)\n", 976 i, 977 iwl_get_agg_tx_fail_reason(fstatus), 978 fstatus & AGG_TX_STATUS_MSK, 979 retry_cnt); 980 } 981} 982 983#ifdef CONFIG_IWLWIFI_DEBUG 984#define AGG_TX_STATE_FAIL(x) case AGG_TX_STATE_ ## x: return #x 985 986const char *iwl_get_agg_tx_fail_reason(u16 status) 987{ 988 status &= AGG_TX_STATUS_MSK; 989 switch (status) { 990 case AGG_TX_STATE_TRANSMITTED: 991 return "SUCCESS"; 992 AGG_TX_STATE_FAIL(UNDERRUN_MSK); 993 AGG_TX_STATE_FAIL(BT_PRIO_MSK); 994 AGG_TX_STATE_FAIL(FEW_BYTES_MSK); 995 AGG_TX_STATE_FAIL(ABORT_MSK); 996 AGG_TX_STATE_FAIL(LAST_SENT_TTL_MSK); 997 AGG_TX_STATE_FAIL(LAST_SENT_TRY_CNT_MSK); 998 AGG_TX_STATE_FAIL(LAST_SENT_BT_KILL_MSK); 999 AGG_TX_STATE_FAIL(SCD_QUERY_MSK); 1000 AGG_TX_STATE_FAIL(TEST_BAD_CRC32_MSK); 1001 AGG_TX_STATE_FAIL(RESPONSE_MSK); 1002 AGG_TX_STATE_FAIL(DUMP_TX_MSK); 1003 AGG_TX_STATE_FAIL(DELAY_TX_MSK); 1004 } 1005 1006 return "UNKNOWN"; 1007} 1008#endif /* CONFIG_IWLWIFI_DEBUG */ 1009 1010static void iwlagn_count_tx_err_status(struct iwl_priv *priv, u16 status) 1011{ 1012 status &= TX_STATUS_MSK; 1013 1014 switch (status) { 1015 case TX_STATUS_POSTPONE_DELAY: 1016 priv->reply_tx_stats.pp_delay++; 1017 break; 1018 case TX_STATUS_POSTPONE_FEW_BYTES: 1019 priv->reply_tx_stats.pp_few_bytes++; 1020 break; 1021 case TX_STATUS_POSTPONE_BT_PRIO: 1022 priv->reply_tx_stats.pp_bt_prio++; 1023 break; 1024 case TX_STATUS_POSTPONE_QUIET_PERIOD: 1025 priv->reply_tx_stats.pp_quiet_period++; 1026 break; 1027 case TX_STATUS_POSTPONE_CALC_TTAK: 1028 priv->reply_tx_stats.pp_calc_ttak++; 1029 break; 1030 case TX_STATUS_FAIL_INTERNAL_CROSSED_RETRY: 1031 priv->reply_tx_stats.int_crossed_retry++; 1032 break; 1033 case TX_STATUS_FAIL_SHORT_LIMIT: 1034 priv->reply_tx_stats.short_limit++; 1035 break; 1036 case TX_STATUS_FAIL_LONG_LIMIT: 1037 priv->reply_tx_stats.long_limit++; 1038 break; 1039 case TX_STATUS_FAIL_FIFO_UNDERRUN: 1040 priv->reply_tx_stats.fifo_underrun++; 1041 break; 1042 case TX_STATUS_FAIL_DRAIN_FLOW: 1043 priv->reply_tx_stats.drain_flow++; 1044 break; 1045 case TX_STATUS_FAIL_RFKILL_FLUSH: 1046 priv->reply_tx_stats.rfkill_flush++; 1047 break; 1048 case TX_STATUS_FAIL_LIFE_EXPIRE: 1049 priv->reply_tx_stats.life_expire++; 1050 break; 1051 case TX_STATUS_FAIL_DEST_PS: 1052 priv->reply_tx_stats.dest_ps++; 1053 break; 1054 case TX_STATUS_FAIL_HOST_ABORTED: 1055 priv->reply_tx_stats.host_abort++; 1056 break; 1057 case TX_STATUS_FAIL_BT_RETRY: 1058 priv->reply_tx_stats.bt_retry++; 1059 break; 1060 case TX_STATUS_FAIL_STA_INVALID: 1061 priv->reply_tx_stats.sta_invalid++; 1062 break; 1063 case TX_STATUS_FAIL_FRAG_DROPPED: 1064 priv->reply_tx_stats.frag_drop++; 1065 break; 1066 case TX_STATUS_FAIL_TID_DISABLE: 1067 priv->reply_tx_stats.tid_disable++; 1068 break; 1069 case TX_STATUS_FAIL_FIFO_FLUSHED: 1070 priv->reply_tx_stats.fifo_flush++; 1071 break; 1072 case TX_STATUS_FAIL_INSUFFICIENT_CF_POLL: 1073 priv->reply_tx_stats.insuff_cf_poll++; 1074 break; 1075 case TX_STATUS_FAIL_PASSIVE_NO_RX: 1076 priv->reply_tx_stats.fail_hw_drop++; 1077 break; 1078 case TX_STATUS_FAIL_NO_BEACON_ON_RADAR: 1079 priv->reply_tx_stats.sta_color_mismatch++; 1080 break; 1081 default: 1082 priv->reply_tx_stats.unknown++; 1083 break; 1084 } 1085} 1086 1087static void iwlagn_set_tx_status(struct iwl_priv *priv, 1088 struct ieee80211_tx_info *info, 1089 struct iwlagn_tx_resp *tx_resp) 1090{ 1091 u16 status = le16_to_cpu(tx_resp->status.status); 1092 1093 info->flags &= ~IEEE80211_TX_CTL_AMPDU; 1094 1095 info->status.rates[0].count = tx_resp->failure_frame + 1; 1096 info->flags |= iwl_tx_status_to_mac80211(status); 1097 iwlagn_hwrate_to_tx_control(priv, le32_to_cpu(tx_resp->rate_n_flags), 1098 info); 1099 if (!iwl_is_tx_success(status)) 1100 iwlagn_count_tx_err_status(priv, status); 1101} 1102 1103static void iwl_check_abort_status(struct iwl_priv *priv, 1104 u8 frame_count, u32 status) 1105{ 1106 if (frame_count == 1 && status == TX_STATUS_FAIL_RFKILL_FLUSH) { 1107 IWL_ERR(priv, "Tx flush command to flush out all frames\n"); 1108 if (!test_bit(STATUS_EXIT_PENDING, &priv->status)) 1109 queue_work(priv->workqueue, &priv->tx_flush); 1110 } 1111} 1112 1113void iwlagn_rx_reply_tx(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb) 1114{ 1115 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1116 u16 sequence = le16_to_cpu(pkt->hdr.sequence); 1117 int txq_id = SEQ_TO_QUEUE(sequence); 1118 int cmd_index __maybe_unused = SEQ_TO_INDEX(sequence); 1119 struct iwlagn_tx_resp *tx_resp = (void *)pkt->data; 1120 struct ieee80211_hdr *hdr; 1121 u32 status = le16_to_cpu(tx_resp->status.status); 1122 u16 ssn = iwlagn_get_scd_ssn(tx_resp); 1123 int tid; 1124 int sta_id; 1125 int freed; 1126 struct ieee80211_tx_info *info; 1127 struct sk_buff_head skbs; 1128 struct sk_buff *skb; 1129 struct iwl_rxon_context *ctx; 1130 bool is_agg = (txq_id >= IWLAGN_FIRST_AMPDU_QUEUE); 1131 1132 tid = (tx_resp->ra_tid & IWLAGN_TX_RES_TID_MSK) >> 1133 IWLAGN_TX_RES_TID_POS; 1134 sta_id = (tx_resp->ra_tid & IWLAGN_TX_RES_RA_MSK) >> 1135 IWLAGN_TX_RES_RA_POS; 1136 1137 spin_lock_bh(&priv->sta_lock); 1138 1139 if (is_agg) { 1140 WARN_ON_ONCE(sta_id >= IWLAGN_STATION_COUNT || 1141 tid >= IWL_MAX_TID_COUNT); 1142 if (txq_id != priv->tid_data[sta_id][tid].agg.txq_id) 1143 IWL_ERR(priv, "txq_id mismatch: %d %d\n", txq_id, 1144 priv->tid_data[sta_id][tid].agg.txq_id); 1145 iwl_rx_reply_tx_agg(priv, tx_resp); 1146 } 1147 1148 __skb_queue_head_init(&skbs); 1149 1150 if (tx_resp->frame_count == 1) { 1151 u16 next_reclaimed = le16_to_cpu(tx_resp->seq_ctl); 1152 next_reclaimed = IEEE80211_SEQ_TO_SN(next_reclaimed + 0x10); 1153 1154 if (is_agg) { 1155 /* If this is an aggregation queue, we can rely on the 1156 * ssn since the wifi sequence number corresponds to 1157 * the index in the TFD ring (%256). 1158 * The seq_ctl is the sequence control of the packet 1159 * to which this Tx response relates. But if there is a 1160 * hole in the bitmap of the BA we received, this Tx 1161 * response may allow to reclaim the hole and all the 1162 * subsequent packets that were already acked. 1163 * In that case, seq_ctl != ssn, and the next packet 1164 * to be reclaimed will be ssn and not seq_ctl. 1165 */ 1166 next_reclaimed = ssn; 1167 } 1168 1169 if (tid != IWL_TID_NON_QOS) { 1170 priv->tid_data[sta_id][tid].next_reclaimed = 1171 next_reclaimed; 1172 IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n", 1173 next_reclaimed); 1174 iwlagn_check_ratid_empty(priv, sta_id, tid); 1175 } 1176 1177 iwl_trans_reclaim(priv->trans, txq_id, ssn, &skbs); 1178 1179 freed = 0; 1180 1181 /* process frames */ 1182 skb_queue_walk(&skbs, skb) { 1183 hdr = (struct ieee80211_hdr *)skb->data; 1184 1185 if (!ieee80211_is_data_qos(hdr->frame_control)) 1186 priv->last_seq_ctl = tx_resp->seq_ctl; 1187 1188 info = IEEE80211_SKB_CB(skb); 1189 ctx = info->driver_data[0]; 1190 iwl_trans_free_tx_cmd(priv->trans, 1191 info->driver_data[1]); 1192 1193 memset(&info->status, 0, sizeof(info->status)); 1194 1195 if (status == TX_STATUS_FAIL_PASSIVE_NO_RX && 1196 ctx->vif && 1197 ctx->vif->type == NL80211_IFTYPE_STATION) { 1198 /* block and stop all queues */ 1199 priv->passive_no_rx = true; 1200 IWL_DEBUG_TX_QUEUES(priv, 1201 "stop all queues: passive channel\n"); 1202 ieee80211_stop_queues(priv->hw); 1203 1204 IWL_DEBUG_TX_REPLY(priv, 1205 "TXQ %d status %s (0x%08x) " 1206 "rate_n_flags 0x%x retries %d\n", 1207 txq_id, 1208 iwl_get_tx_fail_reason(status), 1209 status, 1210 le32_to_cpu(tx_resp->rate_n_flags), 1211 tx_resp->failure_frame); 1212 1213 IWL_DEBUG_TX_REPLY(priv, 1214 "FrameCnt = %d, idx=%d\n", 1215 tx_resp->frame_count, cmd_index); 1216 } 1217 1218 /* check if BAR is needed */ 1219 if (is_agg && !iwl_is_tx_success(status)) 1220 info->flags |= IEEE80211_TX_STAT_AMPDU_NO_BACK; 1221 iwlagn_set_tx_status(priv, IEEE80211_SKB_CB(skb), 1222 tx_resp); 1223 if (!is_agg) 1224 iwlagn_non_agg_tx_status(priv, ctx, hdr->addr1); 1225 1226 freed++; 1227 } 1228 1229 if (tid != IWL_TID_NON_QOS) { 1230 priv->tid_data[sta_id][tid].next_reclaimed = 1231 next_reclaimed; 1232 IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n", 1233 next_reclaimed); 1234 } 1235 1236 if (!is_agg && freed != 1) 1237 IWL_ERR(priv, "Q: %d, freed %d\n", txq_id, freed); 1238 1239 IWL_DEBUG_TX_REPLY(priv, "TXQ %d status %s (0x%08x)\n", txq_id, 1240 iwl_get_tx_fail_reason(status), status); 1241 1242 IWL_DEBUG_TX_REPLY(priv, 1243 "\t\t\t\tinitial_rate 0x%x retries %d, idx=%d ssn=%d seq_ctl=0x%x\n", 1244 le32_to_cpu(tx_resp->rate_n_flags), 1245 tx_resp->failure_frame, 1246 SEQ_TO_INDEX(sequence), ssn, 1247 le16_to_cpu(tx_resp->seq_ctl)); 1248 } 1249 1250 iwl_check_abort_status(priv, tx_resp->frame_count, status); 1251 spin_unlock_bh(&priv->sta_lock); 1252 1253 while (!skb_queue_empty(&skbs)) { 1254 skb = __skb_dequeue(&skbs); 1255 ieee80211_tx_status(priv->hw, skb); 1256 } 1257} 1258 1259/* 1260 * iwlagn_rx_reply_compressed_ba - Handler for REPLY_COMPRESSED_BA 1261 * 1262 * Handles block-acknowledge notification from device, which reports success 1263 * of frames sent via aggregation. 1264 */ 1265void iwlagn_rx_reply_compressed_ba(struct iwl_priv *priv, 1266 struct iwl_rx_cmd_buffer *rxb) 1267{ 1268 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1269 struct iwl_compressed_ba_resp *ba_resp = (void *)pkt->data; 1270 struct iwl_ht_agg *agg; 1271 struct sk_buff_head reclaimed_skbs; 1272 struct sk_buff *skb; 1273 int sta_id; 1274 int tid; 1275 int freed; 1276 1277 /* "flow" corresponds to Tx queue */ 1278 u16 scd_flow = le16_to_cpu(ba_resp->scd_flow); 1279 1280 /* "ssn" is start of block-ack Tx window, corresponds to index 1281 * (in Tx queue's circular buffer) of first TFD/frame in window */ 1282 u16 ba_resp_scd_ssn = le16_to_cpu(ba_resp->scd_ssn); 1283 1284 if (scd_flow >= priv->trans->trans_cfg->base_params->num_of_queues) { 1285 IWL_ERR(priv, 1286 "BUG_ON scd_flow is bigger than number of queues\n"); 1287 return; 1288 } 1289 1290 sta_id = ba_resp->sta_id; 1291 tid = ba_resp->tid; 1292 agg = &priv->tid_data[sta_id][tid].agg; 1293 1294 spin_lock_bh(&priv->sta_lock); 1295 1296 if (unlikely(!agg->wait_for_ba)) { 1297 if (unlikely(ba_resp->bitmap)) 1298 IWL_ERR(priv, "Received BA when not expected\n"); 1299 spin_unlock_bh(&priv->sta_lock); 1300 return; 1301 } 1302 1303 if (unlikely(scd_flow != agg->txq_id)) { 1304 /* 1305 * FIXME: this is a uCode bug which need to be addressed, 1306 * log the information and return for now. 1307 * Since it is can possibly happen very often and in order 1308 * not to fill the syslog, don't use IWL_ERR or IWL_WARN 1309 */ 1310 IWL_DEBUG_TX_QUEUES(priv, 1311 "Bad queue mapping txq_id=%d, agg_txq[sta:%d,tid:%d]=%d\n", 1312 scd_flow, sta_id, tid, agg->txq_id); 1313 spin_unlock_bh(&priv->sta_lock); 1314 return; 1315 } 1316 1317 __skb_queue_head_init(&reclaimed_skbs); 1318 1319 /* Release all TFDs before the SSN, i.e. all TFDs in front of 1320 * block-ack window (we assume that they've been successfully 1321 * transmitted ... if not, it's too late anyway). */ 1322 iwl_trans_reclaim(priv->trans, scd_flow, ba_resp_scd_ssn, 1323 &reclaimed_skbs); 1324 1325 IWL_DEBUG_TX_REPLY(priv, "REPLY_COMPRESSED_BA [%d] Received from %pM, " 1326 "sta_id = %d\n", 1327 agg->wait_for_ba, 1328 (u8 *) &ba_resp->sta_addr_lo32, 1329 ba_resp->sta_id); 1330 IWL_DEBUG_TX_REPLY(priv, "TID = %d, SeqCtl = %d, bitmap = 0x%llx, " 1331 "scd_flow = %d, scd_ssn = %d sent:%d, acked:%d\n", 1332 ba_resp->tid, le16_to_cpu(ba_resp->seq_ctl), 1333 (unsigned long long)le64_to_cpu(ba_resp->bitmap), 1334 scd_flow, ba_resp_scd_ssn, ba_resp->txed, 1335 ba_resp->txed_2_done); 1336 1337 /* Mark that the expected block-ack response arrived */ 1338 agg->wait_for_ba = false; 1339 1340 /* Sanity check values reported by uCode */ 1341 if (ba_resp->txed_2_done > ba_resp->txed) { 1342 IWL_DEBUG_TX_REPLY(priv, 1343 "bogus sent(%d) and ack(%d) count\n", 1344 ba_resp->txed, ba_resp->txed_2_done); 1345 /* 1346 * set txed_2_done = txed, 1347 * so it won't impact rate scale 1348 */ 1349 ba_resp->txed = ba_resp->txed_2_done; 1350 } 1351 1352 priv->tid_data[sta_id][tid].next_reclaimed = ba_resp_scd_ssn; 1353 1354 iwlagn_check_ratid_empty(priv, sta_id, tid); 1355 freed = 0; 1356 1357 skb_queue_walk(&reclaimed_skbs, skb) { 1358 struct ieee80211_hdr *hdr = (void *)skb->data; 1359 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1360 1361 if (ieee80211_is_data_qos(hdr->frame_control)) 1362 freed++; 1363 else 1364 WARN_ON_ONCE(1); 1365 1366 iwl_trans_free_tx_cmd(priv->trans, info->driver_data[1]); 1367 1368 memset(&info->status, 0, sizeof(info->status)); 1369 /* Packet was transmitted successfully, failures come as single 1370 * frames because before failing a frame the firmware transmits 1371 * it without aggregation at least once. 1372 */ 1373 info->flags |= IEEE80211_TX_STAT_ACK; 1374 1375 if (freed == 1) { 1376 /* this is the first skb we deliver in this batch */ 1377 /* put the rate scaling data there */ 1378 info = IEEE80211_SKB_CB(skb); 1379 memset(&info->status, 0, sizeof(info->status)); 1380 info->flags |= IEEE80211_TX_STAT_AMPDU; 1381 info->status.ampdu_ack_len = ba_resp->txed_2_done; 1382 info->status.ampdu_len = ba_resp->txed; 1383 iwlagn_hwrate_to_tx_control(priv, agg->rate_n_flags, 1384 info); 1385 } 1386 } 1387 1388 spin_unlock_bh(&priv->sta_lock); 1389 1390 while (!skb_queue_empty(&reclaimed_skbs)) { 1391 skb = __skb_dequeue(&reclaimed_skbs); 1392 ieee80211_tx_status(priv->hw, skb); 1393 } 1394} 1395