1// SPDX-License-Identifier: GPL-2.0-only 2/****************************************************************************** 3 * 4 * Copyright(c) 2008 - 2014 Intel Corporation. All rights reserved. 5 * Copyright (C) 2019 Intel Corporation 6 * Copyright (C) 2023 Intel Corporation 7 *****************************************************************************/ 8 9#include <linux/kernel.h> 10#include <linux/module.h> 11#include <linux/sched.h> 12#include <linux/ieee80211.h> 13#include "iwl-io.h" 14#include "iwl-trans.h" 15#include "iwl-agn-hw.h" 16#include "dev.h" 17#include "agn.h" 18 19static const u8 tid_to_ac[] = { 20 IEEE80211_AC_BE, 21 IEEE80211_AC_BK, 22 IEEE80211_AC_BK, 23 IEEE80211_AC_BE, 24 IEEE80211_AC_VI, 25 IEEE80211_AC_VI, 26 IEEE80211_AC_VO, 27 IEEE80211_AC_VO, 28}; 29 30static void iwlagn_tx_cmd_protection(struct iwl_priv *priv, 31 struct ieee80211_tx_info *info, 32 __le16 fc, __le32 *tx_flags) 33{ 34 if (info->control.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS || 35 info->control.rates[0].flags & IEEE80211_TX_RC_USE_CTS_PROTECT || 36 info->flags & IEEE80211_TX_CTL_AMPDU) 37 *tx_flags |= TX_CMD_FLG_PROT_REQUIRE_MSK; 38} 39 40/* 41 * handle build REPLY_TX command notification. 42 */ 43static void iwlagn_tx_cmd_build_basic(struct iwl_priv *priv, 44 struct sk_buff *skb, 45 struct iwl_tx_cmd *tx_cmd, 46 struct ieee80211_tx_info *info, 47 struct ieee80211_hdr *hdr, u8 sta_id) 48{ 49 __le16 fc = hdr->frame_control; 50 __le32 tx_flags = tx_cmd->tx_flags; 51 52 tx_cmd->stop_time.life_time = TX_CMD_LIFE_TIME_INFINITE; 53 54 if (!(info->flags & IEEE80211_TX_CTL_NO_ACK)) 55 tx_flags |= TX_CMD_FLG_ACK_MSK; 56 else 57 tx_flags &= ~TX_CMD_FLG_ACK_MSK; 58 59 if (ieee80211_is_probe_resp(fc)) 60 tx_flags |= TX_CMD_FLG_TSF_MSK; 61 else if (ieee80211_is_back_req(fc)) 62 tx_flags |= TX_CMD_FLG_ACK_MSK | TX_CMD_FLG_IMM_BA_RSP_MASK; 63 else if (info->band == NL80211_BAND_2GHZ && 64 priv->lib->bt_params && 65 priv->lib->bt_params->advanced_bt_coexist && 66 (ieee80211_is_auth(fc) || ieee80211_is_assoc_req(fc) || 67 ieee80211_is_reassoc_req(fc) || 68 info->control.flags & IEEE80211_TX_CTRL_PORT_CTRL_PROTO)) 69 tx_flags |= TX_CMD_FLG_IGNORE_BT; 70 71 72 tx_cmd->sta_id = sta_id; 73 if (ieee80211_has_morefrags(fc)) 74 tx_flags |= TX_CMD_FLG_MORE_FRAG_MSK; 75 76 if (ieee80211_is_data_qos(fc)) { 77 u8 *qc = ieee80211_get_qos_ctl(hdr); 78 tx_cmd->tid_tspec = qc[0] & 0xf; 79 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK; 80 } else { 81 tx_cmd->tid_tspec = IWL_TID_NON_QOS; 82 if (info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ) 83 tx_flags |= TX_CMD_FLG_SEQ_CTL_MSK; 84 else 85 tx_flags &= ~TX_CMD_FLG_SEQ_CTL_MSK; 86 } 87 88 iwlagn_tx_cmd_protection(priv, info, fc, &tx_flags); 89 90 tx_flags &= ~(TX_CMD_FLG_ANT_SEL_MSK); 91 if (ieee80211_is_mgmt(fc)) { 92 if (ieee80211_is_assoc_req(fc) || ieee80211_is_reassoc_req(fc)) 93 tx_cmd->timeout.pm_frame_timeout = cpu_to_le16(3); 94 else 95 tx_cmd->timeout.pm_frame_timeout = cpu_to_le16(2); 96 } else { 97 tx_cmd->timeout.pm_frame_timeout = 0; 98 } 99 100 tx_cmd->driver_txop = 0; 101 tx_cmd->tx_flags = tx_flags; 102 tx_cmd->next_frame_len = 0; 103} 104 105static void iwlagn_tx_cmd_build_rate(struct iwl_priv *priv, 106 struct iwl_tx_cmd *tx_cmd, 107 struct ieee80211_tx_info *info, 108 struct ieee80211_sta *sta, 109 __le16 fc) 110{ 111 u32 rate_flags; 112 int rate_idx; 113 u8 rts_retry_limit; 114 u8 data_retry_limit; 115 u8 rate_plcp; 116 117 if (priv->wowlan) { 118 rts_retry_limit = IWLAGN_LOW_RETRY_LIMIT; 119 data_retry_limit = IWLAGN_LOW_RETRY_LIMIT; 120 } else { 121 /* Set retry limit on RTS packets */ 122 rts_retry_limit = IWLAGN_RTS_DFAULT_RETRY_LIMIT; 123 124 /* Set retry limit on DATA packets and Probe Responses*/ 125 if (ieee80211_is_probe_resp(fc)) { 126 data_retry_limit = IWLAGN_MGMT_DFAULT_RETRY_LIMIT; 127 rts_retry_limit = 128 min(data_retry_limit, rts_retry_limit); 129 } else if (ieee80211_is_back_req(fc)) 130 data_retry_limit = IWLAGN_BAR_DFAULT_RETRY_LIMIT; 131 else 132 data_retry_limit = IWLAGN_DEFAULT_TX_RETRY; 133 } 134 135 tx_cmd->data_retry_limit = data_retry_limit; 136 tx_cmd->rts_retry_limit = rts_retry_limit; 137 138 /* DATA packets will use the uCode station table for rate/antenna 139 * selection */ 140 if (ieee80211_is_data(fc)) { 141 tx_cmd->initial_rate_index = 0; 142 tx_cmd->tx_flags |= TX_CMD_FLG_STA_RATE_MSK; 143 return; 144 } else if (ieee80211_is_back_req(fc)) 145 tx_cmd->tx_flags |= TX_CMD_FLG_STA_RATE_MSK; 146 147 /** 148 * If the current TX rate stored in mac80211 has the MCS bit set, it's 149 * not really a TX rate. Thus, we use the lowest supported rate for 150 * this band. Also use the lowest supported rate if the stored rate 151 * index is invalid. 152 */ 153 rate_idx = info->control.rates[0].idx; 154 if (info->control.rates[0].flags & IEEE80211_TX_RC_MCS || 155 (rate_idx < 0) || (rate_idx > IWL_RATE_COUNT_LEGACY)) 156 rate_idx = rate_lowest_index( 157 &priv->nvm_data->bands[info->band], sta); 158 /* For 5 GHZ band, remap mac80211 rate indices into driver indices */ 159 if (info->band == NL80211_BAND_5GHZ) 160 rate_idx += IWL_FIRST_OFDM_RATE; 161 /* Get PLCP rate for tx_cmd->rate_n_flags */ 162 rate_plcp = iwl_rates[rate_idx].plcp; 163 /* Zero out flags for this packet */ 164 rate_flags = 0; 165 166 /* Set CCK flag as needed */ 167 if ((rate_idx >= IWL_FIRST_CCK_RATE) && (rate_idx <= IWL_LAST_CCK_RATE)) 168 rate_flags |= RATE_MCS_CCK_MSK; 169 170 /* Set up antennas */ 171 if (priv->lib->bt_params && 172 priv->lib->bt_params->advanced_bt_coexist && 173 priv->bt_full_concurrent) { 174 /* operated as 1x1 in full concurrency mode */ 175 priv->mgmt_tx_ant = iwl_toggle_tx_ant(priv, priv->mgmt_tx_ant, 176 first_antenna(priv->nvm_data->valid_tx_ant)); 177 } else 178 priv->mgmt_tx_ant = iwl_toggle_tx_ant( 179 priv, priv->mgmt_tx_ant, 180 priv->nvm_data->valid_tx_ant); 181 rate_flags |= iwl_ant_idx_to_flags(priv->mgmt_tx_ant); 182 183 /* Set the rate in the TX cmd */ 184 tx_cmd->rate_n_flags = iwl_hw_set_rate_n_flags(rate_plcp, rate_flags); 185} 186 187static void iwlagn_tx_cmd_build_hwcrypto(struct iwl_priv *priv, 188 struct ieee80211_tx_info *info, 189 struct iwl_tx_cmd *tx_cmd, 190 struct sk_buff *skb_frag) 191{ 192 struct ieee80211_key_conf *keyconf = info->control.hw_key; 193 194 switch (keyconf->cipher) { 195 case WLAN_CIPHER_SUITE_CCMP: 196 tx_cmd->sec_ctl = TX_CMD_SEC_CCM; 197 memcpy(tx_cmd->key, keyconf->key, keyconf->keylen); 198 if (info->flags & IEEE80211_TX_CTL_AMPDU) 199 tx_cmd->tx_flags |= TX_CMD_FLG_AGG_CCMP_MSK; 200 break; 201 202 case WLAN_CIPHER_SUITE_TKIP: 203 tx_cmd->sec_ctl = TX_CMD_SEC_TKIP; 204 ieee80211_get_tkip_p2k(keyconf, skb_frag, tx_cmd->key); 205 break; 206 207 case WLAN_CIPHER_SUITE_WEP104: 208 tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128; 209 fallthrough; 210 case WLAN_CIPHER_SUITE_WEP40: 211 tx_cmd->sec_ctl |= (TX_CMD_SEC_WEP | 212 (keyconf->keyidx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT); 213 214 memcpy(&tx_cmd->key[3], keyconf->key, keyconf->keylen); 215 216 IWL_DEBUG_TX(priv, "Configuring packet for WEP encryption " 217 "with key %d\n", keyconf->keyidx); 218 break; 219 220 default: 221 IWL_ERR(priv, "Unknown encode cipher %x\n", keyconf->cipher); 222 break; 223 } 224} 225 226/** 227 * iwl_sta_id_or_broadcast - return sta_id or broadcast sta 228 * @context: the current context 229 * @sta: mac80211 station 230 * 231 * In certain circumstances mac80211 passes a station pointer 232 * that may be %NULL, for example during TX or key setup. In 233 * that case, we need to use the broadcast station, so this 234 * inline wraps that pattern. 235 */ 236static int iwl_sta_id_or_broadcast(struct iwl_rxon_context *context, 237 struct ieee80211_sta *sta) 238{ 239 int sta_id; 240 241 if (!sta) 242 return context->bcast_sta_id; 243 244 sta_id = iwl_sta_id(sta); 245 246 /* 247 * mac80211 should not be passing a partially 248 * initialised station! 249 */ 250 WARN_ON(sta_id == IWL_INVALID_STATION); 251 252 return sta_id; 253} 254 255/* 256 * start REPLY_TX command process 257 */ 258int iwlagn_tx_skb(struct iwl_priv *priv, 259 struct ieee80211_sta *sta, 260 struct sk_buff *skb) 261{ 262 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 263 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 264 struct iwl_station_priv *sta_priv = NULL; 265 struct iwl_rxon_context *ctx = &priv->contexts[IWL_RXON_CTX_BSS]; 266 struct iwl_device_tx_cmd *dev_cmd; 267 struct iwl_tx_cmd *tx_cmd; 268 __le16 fc; 269 u8 hdr_len; 270 u16 len, seq_number = 0; 271 u8 sta_id, tid = IWL_MAX_TID_COUNT; 272 bool is_agg = false, is_data_qos = false; 273 int txq_id; 274 275 if (info->control.vif) 276 ctx = iwl_rxon_ctx_from_vif(info->control.vif); 277 278 if (iwl_is_rfkill(priv)) { 279 IWL_DEBUG_DROP(priv, "Dropping - RF KILL\n"); 280 goto drop_unlock_priv; 281 } 282 283 fc = hdr->frame_control; 284 285#ifdef CONFIG_IWLWIFI_DEBUG 286 if (ieee80211_is_auth(fc)) 287 IWL_DEBUG_TX(priv, "Sending AUTH frame\n"); 288 else if (ieee80211_is_assoc_req(fc)) 289 IWL_DEBUG_TX(priv, "Sending ASSOC frame\n"); 290 else if (ieee80211_is_reassoc_req(fc)) 291 IWL_DEBUG_TX(priv, "Sending REASSOC frame\n"); 292#endif 293 294 if (unlikely(ieee80211_is_probe_resp(fc))) { 295 struct iwl_wipan_noa_data *noa_data = 296 rcu_dereference(priv->noa_data); 297 298 if (noa_data && 299 pskb_expand_head(skb, 0, noa_data->length, 300 GFP_ATOMIC) == 0) { 301 skb_put_data(skb, noa_data->data, noa_data->length); 302 hdr = (struct ieee80211_hdr *)skb->data; 303 } 304 } 305 306 hdr_len = ieee80211_hdrlen(fc); 307 308 /* For management frames use broadcast id to do not break aggregation */ 309 if (!ieee80211_is_data(fc)) 310 sta_id = ctx->bcast_sta_id; 311 else { 312 /* Find index into station table for destination station */ 313 sta_id = iwl_sta_id_or_broadcast(ctx, sta); 314 if (sta_id == IWL_INVALID_STATION) { 315 IWL_DEBUG_DROP(priv, "Dropping - INVALID STATION: %pM\n", 316 hdr->addr1); 317 goto drop_unlock_priv; 318 } 319 } 320 321 if (sta) 322 sta_priv = (void *)sta->drv_priv; 323 324 if (sta_priv && sta_priv->asleep && 325 (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER)) { 326 /* 327 * This sends an asynchronous command to the device, 328 * but we can rely on it being processed before the 329 * next frame is processed -- and the next frame to 330 * this station is the one that will consume this 331 * counter. 332 * For now set the counter to just 1 since we do not 333 * support uAPSD yet. 334 * 335 * FIXME: If we get two non-bufferable frames one 336 * after the other, we might only send out one of 337 * them because this is racy. 338 */ 339 iwl_sta_modify_sleep_tx_count(priv, sta_id, 1); 340 } 341 342 dev_cmd = iwl_trans_alloc_tx_cmd(priv->trans); 343 344 if (unlikely(!dev_cmd)) 345 goto drop_unlock_priv; 346 347 dev_cmd->hdr.cmd = REPLY_TX; 348 tx_cmd = (struct iwl_tx_cmd *) dev_cmd->payload; 349 350 /* Total # bytes to be transmitted */ 351 len = (u16)skb->len; 352 tx_cmd->len = cpu_to_le16(len); 353 354 if (info->control.hw_key) 355 iwlagn_tx_cmd_build_hwcrypto(priv, info, tx_cmd, skb); 356 357 /* TODO need this for burst mode later on */ 358 iwlagn_tx_cmd_build_basic(priv, skb, tx_cmd, info, hdr, sta_id); 359 360 iwlagn_tx_cmd_build_rate(priv, tx_cmd, info, sta, fc); 361 362 memset(&info->status, 0, sizeof(info->status)); 363 memset(info->driver_data, 0, sizeof(info->driver_data)); 364 365 info->driver_data[0] = ctx; 366 info->driver_data[1] = dev_cmd; 367 /* From now on, we cannot access info->control */ 368 369 spin_lock(&priv->sta_lock); 370 371 if (ieee80211_is_data_qos(fc) && !ieee80211_is_qos_nullfunc(fc)) { 372 u8 *qc = NULL; 373 struct iwl_tid_data *tid_data; 374 qc = ieee80211_get_qos_ctl(hdr); 375 tid = qc[0] & IEEE80211_QOS_CTL_TID_MASK; 376 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT)) 377 goto drop_unlock_sta; 378 tid_data = &priv->tid_data[sta_id][tid]; 379 380 /* aggregation is on for this <sta,tid> */ 381 if (info->flags & IEEE80211_TX_CTL_AMPDU && 382 tid_data->agg.state != IWL_AGG_ON) { 383 IWL_ERR(priv, 384 "TX_CTL_AMPDU while not in AGG: Tx flags = 0x%08x, agg.state = %d\n", 385 info->flags, tid_data->agg.state); 386 IWL_ERR(priv, "sta_id = %d, tid = %d seq_num = %d\n", 387 sta_id, tid, 388 IEEE80211_SEQ_TO_SN(tid_data->seq_number)); 389 goto drop_unlock_sta; 390 } 391 392 /* We can receive packets from the stack in IWL_AGG_{ON,OFF} 393 * only. Check this here. 394 */ 395 if (WARN_ONCE(tid_data->agg.state != IWL_AGG_ON && 396 tid_data->agg.state != IWL_AGG_OFF, 397 "Tx while agg.state = %d\n", tid_data->agg.state)) 398 goto drop_unlock_sta; 399 400 seq_number = tid_data->seq_number; 401 seq_number &= IEEE80211_SCTL_SEQ; 402 hdr->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG); 403 hdr->seq_ctrl |= cpu_to_le16(seq_number); 404 seq_number += 0x10; 405 406 if (info->flags & IEEE80211_TX_CTL_AMPDU) 407 is_agg = true; 408 is_data_qos = true; 409 } 410 411 /* Copy MAC header from skb into command buffer */ 412 memcpy(tx_cmd->hdr, hdr, hdr_len); 413 414 txq_id = info->hw_queue; 415 416 if (is_agg) 417 txq_id = priv->tid_data[sta_id][tid].agg.txq_id; 418 else if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) { 419 /* 420 * The microcode will clear the more data 421 * bit in the last frame it transmits. 422 */ 423 hdr->frame_control |= 424 cpu_to_le16(IEEE80211_FCTL_MOREDATA); 425 } 426 427 WARN_ON_ONCE(is_agg && 428 priv->queue_to_mac80211[txq_id] != info->hw_queue); 429 430 IWL_DEBUG_TX(priv, "TX to [%d|%d] Q:%d - seq: 0x%x\n", sta_id, tid, 431 txq_id, seq_number); 432 433 if (iwl_trans_tx(priv->trans, skb, dev_cmd, txq_id)) 434 goto drop_unlock_sta; 435 436 if (is_data_qos && !ieee80211_has_morefrags(fc)) 437 priv->tid_data[sta_id][tid].seq_number = seq_number; 438 439 spin_unlock(&priv->sta_lock); 440 441 /* 442 * Avoid atomic ops if it isn't an associated client. 443 * Also, if this is a packet for aggregation, don't 444 * increase the counter because the ucode will stop 445 * aggregation queues when their respective station 446 * goes to sleep. 447 */ 448 if (sta_priv && sta_priv->client && !is_agg) 449 atomic_inc(&sta_priv->pending_frames); 450 451 return 0; 452 453drop_unlock_sta: 454 if (dev_cmd) 455 iwl_trans_free_tx_cmd(priv->trans, dev_cmd); 456 spin_unlock(&priv->sta_lock); 457drop_unlock_priv: 458 return -1; 459} 460 461static int iwlagn_alloc_agg_txq(struct iwl_priv *priv, int mq) 462{ 463 int q; 464 465 for (q = IWLAGN_FIRST_AMPDU_QUEUE; 466 q < priv->trans->trans_cfg->base_params->num_of_queues; q++) { 467 if (!test_and_set_bit(q, priv->agg_q_alloc)) { 468 priv->queue_to_mac80211[q] = mq; 469 return q; 470 } 471 } 472 473 return -ENOSPC; 474} 475 476static void iwlagn_dealloc_agg_txq(struct iwl_priv *priv, int q) 477{ 478 clear_bit(q, priv->agg_q_alloc); 479 priv->queue_to_mac80211[q] = IWL_INVALID_MAC80211_QUEUE; 480} 481 482int iwlagn_tx_agg_stop(struct iwl_priv *priv, struct ieee80211_vif *vif, 483 struct ieee80211_sta *sta, u16 tid) 484{ 485 struct iwl_tid_data *tid_data; 486 int sta_id, txq_id; 487 enum iwl_agg_state agg_state; 488 489 sta_id = iwl_sta_id(sta); 490 491 if (sta_id == IWL_INVALID_STATION) { 492 IWL_ERR(priv, "Invalid station for AGG tid %d\n", tid); 493 return -ENXIO; 494 } 495 496 spin_lock_bh(&priv->sta_lock); 497 498 tid_data = &priv->tid_data[sta_id][tid]; 499 txq_id = tid_data->agg.txq_id; 500 501 switch (tid_data->agg.state) { 502 case IWL_EMPTYING_HW_QUEUE_ADDBA: 503 /* 504 * This can happen if the peer stops aggregation 505 * again before we've had a chance to drain the 506 * queue we selected previously, i.e. before the 507 * session was really started completely. 508 */ 509 IWL_DEBUG_HT(priv, "AGG stop before setup done\n"); 510 goto turn_off; 511 case IWL_AGG_STARTING: 512 /* 513 * This can happen when the session is stopped before 514 * we receive ADDBA response 515 */ 516 IWL_DEBUG_HT(priv, "AGG stop before AGG became operational\n"); 517 goto turn_off; 518 case IWL_AGG_ON: 519 break; 520 default: 521 IWL_WARN(priv, 522 "Stopping AGG while state not ON or starting for %d on %d (%d)\n", 523 sta_id, tid, tid_data->agg.state); 524 spin_unlock_bh(&priv->sta_lock); 525 return 0; 526 } 527 528 tid_data->agg.ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number); 529 530 /* There are still packets for this RA / TID in the HW */ 531 if (!test_bit(txq_id, priv->agg_q_alloc)) { 532 IWL_DEBUG_TX_QUEUES(priv, 533 "stopping AGG on STA/TID %d/%d but hwq %d not used\n", 534 sta_id, tid, txq_id); 535 } else if (tid_data->agg.ssn != tid_data->next_reclaimed) { 536 IWL_DEBUG_TX_QUEUES(priv, 537 "Can't proceed: ssn %d, next_recl = %d\n", 538 tid_data->agg.ssn, 539 tid_data->next_reclaimed); 540 tid_data->agg.state = IWL_EMPTYING_HW_QUEUE_DELBA; 541 spin_unlock_bh(&priv->sta_lock); 542 return 0; 543 } 544 545 IWL_DEBUG_TX_QUEUES(priv, "Can proceed: ssn = next_recl = %d\n", 546 tid_data->agg.ssn); 547turn_off: 548 agg_state = tid_data->agg.state; 549 tid_data->agg.state = IWL_AGG_OFF; 550 551 spin_unlock_bh(&priv->sta_lock); 552 553 if (test_bit(txq_id, priv->agg_q_alloc)) { 554 /* 555 * If the transport didn't know that we wanted to start 556 * agreggation, don't tell it that we want to stop them. 557 * This can happen when we don't get the addBA response on 558 * time, or we hadn't time to drain the AC queues. 559 */ 560 if (agg_state == IWL_AGG_ON) 561 iwl_trans_txq_disable(priv->trans, txq_id, true); 562 else 563 IWL_DEBUG_TX_QUEUES(priv, "Don't disable tx agg: %d\n", 564 agg_state); 565 iwlagn_dealloc_agg_txq(priv, txq_id); 566 } 567 568 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid); 569 570 return 0; 571} 572 573int iwlagn_tx_agg_start(struct iwl_priv *priv, struct ieee80211_vif *vif, 574 struct ieee80211_sta *sta, u16 tid, u16 *ssn) 575{ 576 struct iwl_rxon_context *ctx = iwl_rxon_ctx_from_vif(vif); 577 struct iwl_tid_data *tid_data; 578 int sta_id, txq_id, ret; 579 580 IWL_DEBUG_HT(priv, "TX AGG request on ra = %pM tid = %d\n", 581 sta->addr, tid); 582 583 sta_id = iwl_sta_id(sta); 584 if (sta_id == IWL_INVALID_STATION) { 585 IWL_ERR(priv, "Start AGG on invalid station\n"); 586 return -ENXIO; 587 } 588 if (unlikely(tid >= IWL_MAX_TID_COUNT)) 589 return -EINVAL; 590 591 if (priv->tid_data[sta_id][tid].agg.state != IWL_AGG_OFF) { 592 IWL_ERR(priv, "Start AGG when state is not IWL_AGG_OFF !\n"); 593 return -ENXIO; 594 } 595 596 txq_id = iwlagn_alloc_agg_txq(priv, ctx->ac_to_queue[tid_to_ac[tid]]); 597 if (txq_id < 0) { 598 IWL_DEBUG_TX_QUEUES(priv, 599 "No free aggregation queue for %pM/%d\n", 600 sta->addr, tid); 601 return txq_id; 602 } 603 604 ret = iwl_sta_tx_modify_enable_tid(priv, sta_id, tid); 605 if (ret) 606 return ret; 607 608 spin_lock_bh(&priv->sta_lock); 609 tid_data = &priv->tid_data[sta_id][tid]; 610 tid_data->agg.ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number); 611 tid_data->agg.txq_id = txq_id; 612 613 *ssn = tid_data->agg.ssn; 614 615 if (*ssn == tid_data->next_reclaimed) { 616 IWL_DEBUG_TX_QUEUES(priv, "Can proceed: ssn = next_recl = %d\n", 617 tid_data->agg.ssn); 618 tid_data->agg.state = IWL_AGG_STARTING; 619 ret = IEEE80211_AMPDU_TX_START_IMMEDIATE; 620 } else { 621 IWL_DEBUG_TX_QUEUES(priv, "Can't proceed: ssn %d, " 622 "next_reclaimed = %d\n", 623 tid_data->agg.ssn, 624 tid_data->next_reclaimed); 625 tid_data->agg.state = IWL_EMPTYING_HW_QUEUE_ADDBA; 626 } 627 spin_unlock_bh(&priv->sta_lock); 628 629 return ret; 630} 631 632int iwlagn_tx_agg_flush(struct iwl_priv *priv, struct ieee80211_vif *vif, 633 struct ieee80211_sta *sta, u16 tid) 634{ 635 struct iwl_tid_data *tid_data; 636 enum iwl_agg_state agg_state; 637 int sta_id, txq_id; 638 sta_id = iwl_sta_id(sta); 639 640 /* 641 * First set the agg state to OFF to avoid calling 642 * ieee80211_stop_tx_ba_cb in iwlagn_check_ratid_empty. 643 */ 644 spin_lock_bh(&priv->sta_lock); 645 646 tid_data = &priv->tid_data[sta_id][tid]; 647 txq_id = tid_data->agg.txq_id; 648 agg_state = tid_data->agg.state; 649 IWL_DEBUG_TX_QUEUES(priv, "Flush AGG: sta %d tid %d q %d state %d\n", 650 sta_id, tid, txq_id, tid_data->agg.state); 651 652 tid_data->agg.state = IWL_AGG_OFF; 653 654 spin_unlock_bh(&priv->sta_lock); 655 656 if (iwlagn_txfifo_flush(priv, BIT(txq_id))) 657 IWL_ERR(priv, "Couldn't flush the AGG queue\n"); 658 659 if (test_bit(txq_id, priv->agg_q_alloc)) { 660 /* 661 * If the transport didn't know that we wanted to start 662 * agreggation, don't tell it that we want to stop them. 663 * This can happen when we don't get the addBA response on 664 * time, or we hadn't time to drain the AC queues. 665 */ 666 if (agg_state == IWL_AGG_ON) 667 iwl_trans_txq_disable(priv->trans, txq_id, true); 668 else 669 IWL_DEBUG_TX_QUEUES(priv, "Don't disable tx agg: %d\n", 670 agg_state); 671 iwlagn_dealloc_agg_txq(priv, txq_id); 672 } 673 674 return 0; 675} 676 677int iwlagn_tx_agg_oper(struct iwl_priv *priv, struct ieee80211_vif *vif, 678 struct ieee80211_sta *sta, u16 tid, u8 buf_size) 679{ 680 struct iwl_station_priv *sta_priv = (void *) sta->drv_priv; 681 struct iwl_rxon_context *ctx = iwl_rxon_ctx_from_vif(vif); 682 int q, fifo; 683 u16 ssn; 684 685 buf_size = min_t(int, buf_size, LINK_QUAL_AGG_FRAME_LIMIT_DEF); 686 687 spin_lock_bh(&priv->sta_lock); 688 ssn = priv->tid_data[sta_priv->sta_id][tid].agg.ssn; 689 q = priv->tid_data[sta_priv->sta_id][tid].agg.txq_id; 690 priv->tid_data[sta_priv->sta_id][tid].agg.state = IWL_AGG_ON; 691 spin_unlock_bh(&priv->sta_lock); 692 693 fifo = ctx->ac_to_fifo[tid_to_ac[tid]]; 694 695 iwl_trans_txq_enable(priv->trans, q, fifo, sta_priv->sta_id, tid, 696 buf_size, ssn, 0); 697 698 /* 699 * If the limit is 0, then it wasn't initialised yet, 700 * use the default. We can do that since we take the 701 * minimum below, and we don't want to go above our 702 * default due to hardware restrictions. 703 */ 704 if (sta_priv->max_agg_bufsize == 0) 705 sta_priv->max_agg_bufsize = 706 LINK_QUAL_AGG_FRAME_LIMIT_DEF; 707 708 /* 709 * Even though in theory the peer could have different 710 * aggregation reorder buffer sizes for different sessions, 711 * our ucode doesn't allow for that and has a global limit 712 * for each station. Therefore, use the minimum of all the 713 * aggregation sessions and our default value. 714 */ 715 sta_priv->max_agg_bufsize = 716 min(sta_priv->max_agg_bufsize, buf_size); 717 718 if (priv->hw_params.use_rts_for_aggregation) { 719 /* 720 * switch to RTS/CTS if it is the prefer protection 721 * method for HT traffic 722 */ 723 724 sta_priv->lq_sta.lq.general_params.flags |= 725 LINK_QUAL_FLAGS_SET_STA_TLC_RTS_MSK; 726 } 727 priv->agg_tids_count++; 728 IWL_DEBUG_HT(priv, "priv->agg_tids_count = %u\n", 729 priv->agg_tids_count); 730 731 sta_priv->lq_sta.lq.agg_params.agg_frame_cnt_limit = 732 sta_priv->max_agg_bufsize; 733 734 IWL_DEBUG_HT(priv, "Tx aggregation enabled on ra = %pM tid = %d\n", 735 sta->addr, tid); 736 737 return iwl_send_lq_cmd(priv, ctx, 738 &sta_priv->lq_sta.lq, CMD_ASYNC, false); 739} 740 741static void iwlagn_check_ratid_empty(struct iwl_priv *priv, int sta_id, u8 tid) 742{ 743 struct iwl_tid_data *tid_data = &priv->tid_data[sta_id][tid]; 744 enum iwl_rxon_context_id ctx; 745 struct ieee80211_vif *vif; 746 u8 *addr; 747 748 lockdep_assert_held(&priv->sta_lock); 749 750 addr = priv->stations[sta_id].sta.sta.addr; 751 ctx = priv->stations[sta_id].ctxid; 752 vif = priv->contexts[ctx].vif; 753 754 switch (priv->tid_data[sta_id][tid].agg.state) { 755 case IWL_EMPTYING_HW_QUEUE_DELBA: 756 /* There are no packets for this RA / TID in the HW any more */ 757 if (tid_data->agg.ssn == tid_data->next_reclaimed) { 758 IWL_DEBUG_TX_QUEUES(priv, 759 "Can continue DELBA flow ssn = next_recl = %d\n", 760 tid_data->next_reclaimed); 761 iwl_trans_txq_disable(priv->trans, 762 tid_data->agg.txq_id, true); 763 iwlagn_dealloc_agg_txq(priv, tid_data->agg.txq_id); 764 tid_data->agg.state = IWL_AGG_OFF; 765 ieee80211_stop_tx_ba_cb_irqsafe(vif, addr, tid); 766 } 767 break; 768 case IWL_EMPTYING_HW_QUEUE_ADDBA: 769 /* There are no packets for this RA / TID in the HW any more */ 770 if (tid_data->agg.ssn == tid_data->next_reclaimed) { 771 IWL_DEBUG_TX_QUEUES(priv, 772 "Can continue ADDBA flow ssn = next_recl = %d\n", 773 tid_data->next_reclaimed); 774 tid_data->agg.state = IWL_AGG_STARTING; 775 ieee80211_start_tx_ba_cb_irqsafe(vif, addr, tid); 776 } 777 break; 778 default: 779 break; 780 } 781} 782 783static void iwlagn_non_agg_tx_status(struct iwl_priv *priv, 784 struct iwl_rxon_context *ctx, 785 const u8 *addr1) 786{ 787 struct ieee80211_sta *sta; 788 struct iwl_station_priv *sta_priv; 789 790 rcu_read_lock(); 791 sta = ieee80211_find_sta(ctx->vif, addr1); 792 if (sta) { 793 sta_priv = (void *)sta->drv_priv; 794 /* avoid atomic ops if this isn't a client */ 795 if (sta_priv->client && 796 atomic_dec_return(&sta_priv->pending_frames) == 0) 797 ieee80211_sta_block_awake(priv->hw, sta, false); 798 } 799 rcu_read_unlock(); 800} 801 802/* 803 * translate ucode response to mac80211 tx status control values 804 */ 805static void iwlagn_hwrate_to_tx_control(struct iwl_priv *priv, u32 rate_n_flags, 806 struct ieee80211_tx_info *info) 807{ 808 struct ieee80211_tx_rate *r = &info->status.rates[0]; 809 810 info->status.antenna = 811 ((rate_n_flags & RATE_MCS_ANT_ABC_MSK) >> RATE_MCS_ANT_POS); 812 if (rate_n_flags & RATE_MCS_HT_MSK) 813 r->flags |= IEEE80211_TX_RC_MCS; 814 if (rate_n_flags & RATE_MCS_GF_MSK) 815 r->flags |= IEEE80211_TX_RC_GREEN_FIELD; 816 if (rate_n_flags & RATE_MCS_HT40_MSK) 817 r->flags |= IEEE80211_TX_RC_40_MHZ_WIDTH; 818 if (rate_n_flags & RATE_MCS_DUP_MSK) 819 r->flags |= IEEE80211_TX_RC_DUP_DATA; 820 if (rate_n_flags & RATE_MCS_SGI_MSK) 821 r->flags |= IEEE80211_TX_RC_SHORT_GI; 822 r->idx = iwlagn_hwrate_to_mac80211_idx(rate_n_flags, info->band); 823} 824 825#ifdef CONFIG_IWLWIFI_DEBUG 826const char *iwl_get_tx_fail_reason(u32 status) 827{ 828#define TX_STATUS_FAIL(x) case TX_STATUS_FAIL_ ## x: return #x 829#define TX_STATUS_POSTPONE(x) case TX_STATUS_POSTPONE_ ## x: return #x 830 831 switch (status & TX_STATUS_MSK) { 832 case TX_STATUS_SUCCESS: 833 return "SUCCESS"; 834 TX_STATUS_POSTPONE(DELAY); 835 TX_STATUS_POSTPONE(FEW_BYTES); 836 TX_STATUS_POSTPONE(BT_PRIO); 837 TX_STATUS_POSTPONE(QUIET_PERIOD); 838 TX_STATUS_POSTPONE(CALC_TTAK); 839 TX_STATUS_FAIL(INTERNAL_CROSSED_RETRY); 840 TX_STATUS_FAIL(SHORT_LIMIT); 841 TX_STATUS_FAIL(LONG_LIMIT); 842 TX_STATUS_FAIL(FIFO_UNDERRUN); 843 TX_STATUS_FAIL(DRAIN_FLOW); 844 TX_STATUS_FAIL(RFKILL_FLUSH); 845 TX_STATUS_FAIL(LIFE_EXPIRE); 846 TX_STATUS_FAIL(DEST_PS); 847 TX_STATUS_FAIL(HOST_ABORTED); 848 TX_STATUS_FAIL(BT_RETRY); 849 TX_STATUS_FAIL(STA_INVALID); 850 TX_STATUS_FAIL(FRAG_DROPPED); 851 TX_STATUS_FAIL(TID_DISABLE); 852 TX_STATUS_FAIL(FIFO_FLUSHED); 853 TX_STATUS_FAIL(INSUFFICIENT_CF_POLL); 854 TX_STATUS_FAIL(PASSIVE_NO_RX); 855 TX_STATUS_FAIL(NO_BEACON_ON_RADAR); 856 } 857 858 return "UNKNOWN"; 859 860#undef TX_STATUS_FAIL 861#undef TX_STATUS_POSTPONE 862} 863#endif /* CONFIG_IWLWIFI_DEBUG */ 864 865static void iwlagn_count_agg_tx_err_status(struct iwl_priv *priv, u16 status) 866{ 867 status &= AGG_TX_STATUS_MSK; 868 869 switch (status) { 870 case AGG_TX_STATE_UNDERRUN_MSK: 871 priv->reply_agg_tx_stats.underrun++; 872 break; 873 case AGG_TX_STATE_BT_PRIO_MSK: 874 priv->reply_agg_tx_stats.bt_prio++; 875 break; 876 case AGG_TX_STATE_FEW_BYTES_MSK: 877 priv->reply_agg_tx_stats.few_bytes++; 878 break; 879 case AGG_TX_STATE_ABORT_MSK: 880 priv->reply_agg_tx_stats.abort++; 881 break; 882 case AGG_TX_STATE_LAST_SENT_TTL_MSK: 883 priv->reply_agg_tx_stats.last_sent_ttl++; 884 break; 885 case AGG_TX_STATE_LAST_SENT_TRY_CNT_MSK: 886 priv->reply_agg_tx_stats.last_sent_try++; 887 break; 888 case AGG_TX_STATE_LAST_SENT_BT_KILL_MSK: 889 priv->reply_agg_tx_stats.last_sent_bt_kill++; 890 break; 891 case AGG_TX_STATE_SCD_QUERY_MSK: 892 priv->reply_agg_tx_stats.scd_query++; 893 break; 894 case AGG_TX_STATE_TEST_BAD_CRC32_MSK: 895 priv->reply_agg_tx_stats.bad_crc32++; 896 break; 897 case AGG_TX_STATE_RESPONSE_MSK: 898 priv->reply_agg_tx_stats.response++; 899 break; 900 case AGG_TX_STATE_DUMP_TX_MSK: 901 priv->reply_agg_tx_stats.dump_tx++; 902 break; 903 case AGG_TX_STATE_DELAY_TX_MSK: 904 priv->reply_agg_tx_stats.delay_tx++; 905 break; 906 default: 907 priv->reply_agg_tx_stats.unknown++; 908 break; 909 } 910} 911 912static inline u32 iwlagn_get_scd_ssn(struct iwlagn_tx_resp *tx_resp) 913{ 914 return le32_to_cpup((__le32 *)&tx_resp->status + 915 tx_resp->frame_count) & IEEE80211_MAX_SN; 916} 917 918static void iwl_rx_reply_tx_agg(struct iwl_priv *priv, 919 struct iwlagn_tx_resp *tx_resp) 920{ 921 struct agg_tx_status *frame_status = &tx_resp->status; 922 int tid = (tx_resp->ra_tid & IWLAGN_TX_RES_TID_MSK) >> 923 IWLAGN_TX_RES_TID_POS; 924 int sta_id = (tx_resp->ra_tid & IWLAGN_TX_RES_RA_MSK) >> 925 IWLAGN_TX_RES_RA_POS; 926 struct iwl_ht_agg *agg = &priv->tid_data[sta_id][tid].agg; 927 u32 status = le16_to_cpu(tx_resp->status.status); 928 int i; 929 930 WARN_ON(tid == IWL_TID_NON_QOS); 931 932 if (agg->wait_for_ba) 933 IWL_DEBUG_TX_REPLY(priv, 934 "got tx response w/o block-ack\n"); 935 936 agg->rate_n_flags = le32_to_cpu(tx_resp->rate_n_flags); 937 agg->wait_for_ba = (tx_resp->frame_count > 1); 938 939 /* 940 * If the BT kill count is non-zero, we'll get this 941 * notification again. 942 */ 943 if (tx_resp->bt_kill_count && tx_resp->frame_count == 1 && 944 priv->lib->bt_params && 945 priv->lib->bt_params->advanced_bt_coexist) { 946 IWL_DEBUG_COEX(priv, "receive reply tx w/ bt_kill\n"); 947 } 948 949 if (tx_resp->frame_count == 1) 950 return; 951 952 IWL_DEBUG_TX_REPLY(priv, "TXQ %d initial_rate 0x%x ssn %d frm_cnt %d\n", 953 agg->txq_id, 954 le32_to_cpu(tx_resp->rate_n_flags), 955 iwlagn_get_scd_ssn(tx_resp), tx_resp->frame_count); 956 957 /* Construct bit-map of pending frames within Tx window */ 958 for (i = 0; i < tx_resp->frame_count; i++) { 959 u16 fstatus = le16_to_cpu(frame_status[i].status); 960 u8 retry_cnt = (fstatus & AGG_TX_TRY_MSK) >> AGG_TX_TRY_POS; 961 962 if (status & AGG_TX_STATUS_MSK) 963 iwlagn_count_agg_tx_err_status(priv, fstatus); 964 965 if (status & (AGG_TX_STATE_FEW_BYTES_MSK | 966 AGG_TX_STATE_ABORT_MSK)) 967 continue; 968 969 if (status & AGG_TX_STATUS_MSK || retry_cnt > 1) 970 IWL_DEBUG_TX_REPLY(priv, 971 "%d: status %s (0x%04x), try-count (0x%01x)\n", 972 i, 973 iwl_get_agg_tx_fail_reason(fstatus), 974 fstatus & AGG_TX_STATUS_MSK, 975 retry_cnt); 976 } 977} 978 979#ifdef CONFIG_IWLWIFI_DEBUG 980#define AGG_TX_STATE_FAIL(x) case AGG_TX_STATE_ ## x: return #x 981 982const char *iwl_get_agg_tx_fail_reason(u16 status) 983{ 984 status &= AGG_TX_STATUS_MSK; 985 switch (status) { 986 case AGG_TX_STATE_TRANSMITTED: 987 return "SUCCESS"; 988 AGG_TX_STATE_FAIL(UNDERRUN_MSK); 989 AGG_TX_STATE_FAIL(BT_PRIO_MSK); 990 AGG_TX_STATE_FAIL(FEW_BYTES_MSK); 991 AGG_TX_STATE_FAIL(ABORT_MSK); 992 AGG_TX_STATE_FAIL(LAST_SENT_TTL_MSK); 993 AGG_TX_STATE_FAIL(LAST_SENT_TRY_CNT_MSK); 994 AGG_TX_STATE_FAIL(LAST_SENT_BT_KILL_MSK); 995 AGG_TX_STATE_FAIL(SCD_QUERY_MSK); 996 AGG_TX_STATE_FAIL(TEST_BAD_CRC32_MSK); 997 AGG_TX_STATE_FAIL(RESPONSE_MSK); 998 AGG_TX_STATE_FAIL(DUMP_TX_MSK); 999 AGG_TX_STATE_FAIL(DELAY_TX_MSK); 1000 } 1001 1002 return "UNKNOWN"; 1003} 1004#endif /* CONFIG_IWLWIFI_DEBUG */ 1005 1006static void iwlagn_count_tx_err_status(struct iwl_priv *priv, u16 status) 1007{ 1008 status &= TX_STATUS_MSK; 1009 1010 switch (status) { 1011 case TX_STATUS_POSTPONE_DELAY: 1012 priv->reply_tx_stats.pp_delay++; 1013 break; 1014 case TX_STATUS_POSTPONE_FEW_BYTES: 1015 priv->reply_tx_stats.pp_few_bytes++; 1016 break; 1017 case TX_STATUS_POSTPONE_BT_PRIO: 1018 priv->reply_tx_stats.pp_bt_prio++; 1019 break; 1020 case TX_STATUS_POSTPONE_QUIET_PERIOD: 1021 priv->reply_tx_stats.pp_quiet_period++; 1022 break; 1023 case TX_STATUS_POSTPONE_CALC_TTAK: 1024 priv->reply_tx_stats.pp_calc_ttak++; 1025 break; 1026 case TX_STATUS_FAIL_INTERNAL_CROSSED_RETRY: 1027 priv->reply_tx_stats.int_crossed_retry++; 1028 break; 1029 case TX_STATUS_FAIL_SHORT_LIMIT: 1030 priv->reply_tx_stats.short_limit++; 1031 break; 1032 case TX_STATUS_FAIL_LONG_LIMIT: 1033 priv->reply_tx_stats.long_limit++; 1034 break; 1035 case TX_STATUS_FAIL_FIFO_UNDERRUN: 1036 priv->reply_tx_stats.fifo_underrun++; 1037 break; 1038 case TX_STATUS_FAIL_DRAIN_FLOW: 1039 priv->reply_tx_stats.drain_flow++; 1040 break; 1041 case TX_STATUS_FAIL_RFKILL_FLUSH: 1042 priv->reply_tx_stats.rfkill_flush++; 1043 break; 1044 case TX_STATUS_FAIL_LIFE_EXPIRE: 1045 priv->reply_tx_stats.life_expire++; 1046 break; 1047 case TX_STATUS_FAIL_DEST_PS: 1048 priv->reply_tx_stats.dest_ps++; 1049 break; 1050 case TX_STATUS_FAIL_HOST_ABORTED: 1051 priv->reply_tx_stats.host_abort++; 1052 break; 1053 case TX_STATUS_FAIL_BT_RETRY: 1054 priv->reply_tx_stats.bt_retry++; 1055 break; 1056 case TX_STATUS_FAIL_STA_INVALID: 1057 priv->reply_tx_stats.sta_invalid++; 1058 break; 1059 case TX_STATUS_FAIL_FRAG_DROPPED: 1060 priv->reply_tx_stats.frag_drop++; 1061 break; 1062 case TX_STATUS_FAIL_TID_DISABLE: 1063 priv->reply_tx_stats.tid_disable++; 1064 break; 1065 case TX_STATUS_FAIL_FIFO_FLUSHED: 1066 priv->reply_tx_stats.fifo_flush++; 1067 break; 1068 case TX_STATUS_FAIL_INSUFFICIENT_CF_POLL: 1069 priv->reply_tx_stats.insuff_cf_poll++; 1070 break; 1071 case TX_STATUS_FAIL_PASSIVE_NO_RX: 1072 priv->reply_tx_stats.fail_hw_drop++; 1073 break; 1074 case TX_STATUS_FAIL_NO_BEACON_ON_RADAR: 1075 priv->reply_tx_stats.sta_color_mismatch++; 1076 break; 1077 default: 1078 priv->reply_tx_stats.unknown++; 1079 break; 1080 } 1081} 1082 1083static void iwlagn_set_tx_status(struct iwl_priv *priv, 1084 struct ieee80211_tx_info *info, 1085 struct iwlagn_tx_resp *tx_resp) 1086{ 1087 u16 status = le16_to_cpu(tx_resp->status.status); 1088 1089 info->flags &= ~IEEE80211_TX_CTL_AMPDU; 1090 1091 info->status.rates[0].count = tx_resp->failure_frame + 1; 1092 info->flags |= iwl_tx_status_to_mac80211(status); 1093 iwlagn_hwrate_to_tx_control(priv, le32_to_cpu(tx_resp->rate_n_flags), 1094 info); 1095 if (!iwl_is_tx_success(status)) 1096 iwlagn_count_tx_err_status(priv, status); 1097} 1098 1099static void iwl_check_abort_status(struct iwl_priv *priv, 1100 u8 frame_count, u32 status) 1101{ 1102 if (frame_count == 1 && status == TX_STATUS_FAIL_RFKILL_FLUSH) { 1103 IWL_ERR(priv, "Tx flush command to flush out all frames\n"); 1104 if (!test_bit(STATUS_EXIT_PENDING, &priv->status)) 1105 queue_work(priv->workqueue, &priv->tx_flush); 1106 } 1107} 1108 1109void iwlagn_rx_reply_tx(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb) 1110{ 1111 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1112 u16 sequence = le16_to_cpu(pkt->hdr.sequence); 1113 int txq_id = SEQ_TO_QUEUE(sequence); 1114 int cmd_index __maybe_unused = SEQ_TO_INDEX(sequence); 1115 struct iwlagn_tx_resp *tx_resp = (void *)pkt->data; 1116 struct ieee80211_hdr *hdr; 1117 u32 status = le16_to_cpu(tx_resp->status.status); 1118 u16 ssn = iwlagn_get_scd_ssn(tx_resp); 1119 int tid; 1120 int sta_id; 1121 int freed; 1122 struct ieee80211_tx_info *info; 1123 struct sk_buff_head skbs; 1124 struct sk_buff *skb; 1125 struct iwl_rxon_context *ctx; 1126 bool is_agg = (txq_id >= IWLAGN_FIRST_AMPDU_QUEUE); 1127 1128 tid = (tx_resp->ra_tid & IWLAGN_TX_RES_TID_MSK) >> 1129 IWLAGN_TX_RES_TID_POS; 1130 sta_id = (tx_resp->ra_tid & IWLAGN_TX_RES_RA_MSK) >> 1131 IWLAGN_TX_RES_RA_POS; 1132 1133 spin_lock_bh(&priv->sta_lock); 1134 1135 if (is_agg) { 1136 WARN_ON_ONCE(sta_id >= IWLAGN_STATION_COUNT || 1137 tid >= IWL_MAX_TID_COUNT); 1138 if (txq_id != priv->tid_data[sta_id][tid].agg.txq_id) 1139 IWL_ERR(priv, "txq_id mismatch: %d %d\n", txq_id, 1140 priv->tid_data[sta_id][tid].agg.txq_id); 1141 iwl_rx_reply_tx_agg(priv, tx_resp); 1142 } 1143 1144 __skb_queue_head_init(&skbs); 1145 1146 if (tx_resp->frame_count == 1) { 1147 u16 next_reclaimed = le16_to_cpu(tx_resp->seq_ctl); 1148 next_reclaimed = IEEE80211_SEQ_TO_SN(next_reclaimed + 0x10); 1149 1150 if (is_agg) { 1151 /* If this is an aggregation queue, we can rely on the 1152 * ssn since the wifi sequence number corresponds to 1153 * the index in the TFD ring (%256). 1154 * The seq_ctl is the sequence control of the packet 1155 * to which this Tx response relates. But if there is a 1156 * hole in the bitmap of the BA we received, this Tx 1157 * response may allow to reclaim the hole and all the 1158 * subsequent packets that were already acked. 1159 * In that case, seq_ctl != ssn, and the next packet 1160 * to be reclaimed will be ssn and not seq_ctl. 1161 */ 1162 next_reclaimed = ssn; 1163 } 1164 1165 if (tid != IWL_TID_NON_QOS) { 1166 priv->tid_data[sta_id][tid].next_reclaimed = 1167 next_reclaimed; 1168 IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n", 1169 next_reclaimed); 1170 iwlagn_check_ratid_empty(priv, sta_id, tid); 1171 } 1172 1173 iwl_trans_reclaim(priv->trans, txq_id, ssn, &skbs, false); 1174 1175 freed = 0; 1176 1177 /* process frames */ 1178 skb_queue_walk(&skbs, skb) { 1179 hdr = (struct ieee80211_hdr *)skb->data; 1180 1181 if (!ieee80211_is_data_qos(hdr->frame_control)) 1182 priv->last_seq_ctl = tx_resp->seq_ctl; 1183 1184 info = IEEE80211_SKB_CB(skb); 1185 ctx = info->driver_data[0]; 1186 iwl_trans_free_tx_cmd(priv->trans, 1187 info->driver_data[1]); 1188 1189 memset(&info->status, 0, sizeof(info->status)); 1190 1191 if (status == TX_STATUS_FAIL_PASSIVE_NO_RX && 1192 ctx->vif && 1193 ctx->vif->type == NL80211_IFTYPE_STATION) { 1194 /* block and stop all queues */ 1195 priv->passive_no_rx = true; 1196 IWL_DEBUG_TX_QUEUES(priv, 1197 "stop all queues: passive channel\n"); 1198 ieee80211_stop_queues(priv->hw); 1199 1200 IWL_DEBUG_TX_REPLY(priv, 1201 "TXQ %d status %s (0x%08x) " 1202 "rate_n_flags 0x%x retries %d\n", 1203 txq_id, 1204 iwl_get_tx_fail_reason(status), 1205 status, 1206 le32_to_cpu(tx_resp->rate_n_flags), 1207 tx_resp->failure_frame); 1208 1209 IWL_DEBUG_TX_REPLY(priv, 1210 "FrameCnt = %d, idx=%d\n", 1211 tx_resp->frame_count, cmd_index); 1212 } 1213 1214 /* check if BAR is needed */ 1215 if (is_agg && !iwl_is_tx_success(status)) 1216 info->flags |= IEEE80211_TX_STAT_AMPDU_NO_BACK; 1217 iwlagn_set_tx_status(priv, IEEE80211_SKB_CB(skb), 1218 tx_resp); 1219 if (!is_agg) 1220 iwlagn_non_agg_tx_status(priv, ctx, hdr->addr1); 1221 1222 freed++; 1223 } 1224 1225 if (tid != IWL_TID_NON_QOS) { 1226 priv->tid_data[sta_id][tid].next_reclaimed = 1227 next_reclaimed; 1228 IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n", 1229 next_reclaimed); 1230 } 1231 1232 if (!is_agg && freed != 1) 1233 IWL_ERR(priv, "Q: %d, freed %d\n", txq_id, freed); 1234 1235 IWL_DEBUG_TX_REPLY(priv, "TXQ %d status %s (0x%08x)\n", txq_id, 1236 iwl_get_tx_fail_reason(status), status); 1237 1238 IWL_DEBUG_TX_REPLY(priv, 1239 "\t\t\t\tinitial_rate 0x%x retries %d, idx=%d ssn=%d seq_ctl=0x%x\n", 1240 le32_to_cpu(tx_resp->rate_n_flags), 1241 tx_resp->failure_frame, 1242 SEQ_TO_INDEX(sequence), ssn, 1243 le16_to_cpu(tx_resp->seq_ctl)); 1244 } 1245 1246 iwl_check_abort_status(priv, tx_resp->frame_count, status); 1247 spin_unlock_bh(&priv->sta_lock); 1248 1249 while (!skb_queue_empty(&skbs)) { 1250 skb = __skb_dequeue(&skbs); 1251 ieee80211_tx_status_skb(priv->hw, skb); 1252 } 1253} 1254 1255/* 1256 * iwlagn_rx_reply_compressed_ba - Handler for REPLY_COMPRESSED_BA 1257 * 1258 * Handles block-acknowledge notification from device, which reports success 1259 * of frames sent via aggregation. 1260 */ 1261void iwlagn_rx_reply_compressed_ba(struct iwl_priv *priv, 1262 struct iwl_rx_cmd_buffer *rxb) 1263{ 1264 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1265 struct iwl_compressed_ba_resp *ba_resp = (void *)pkt->data; 1266 struct iwl_ht_agg *agg; 1267 struct sk_buff_head reclaimed_skbs; 1268 struct sk_buff *skb; 1269 int sta_id; 1270 int tid; 1271 int freed; 1272 1273 /* "flow" corresponds to Tx queue */ 1274 u16 scd_flow = le16_to_cpu(ba_resp->scd_flow); 1275 1276 /* "ssn" is start of block-ack Tx window, corresponds to index 1277 * (in Tx queue's circular buffer) of first TFD/frame in window */ 1278 u16 ba_resp_scd_ssn = le16_to_cpu(ba_resp->scd_ssn); 1279 1280 if (scd_flow >= priv->trans->trans_cfg->base_params->num_of_queues) { 1281 IWL_ERR(priv, 1282 "BUG_ON scd_flow is bigger than number of queues\n"); 1283 return; 1284 } 1285 1286 sta_id = ba_resp->sta_id; 1287 tid = ba_resp->tid; 1288 agg = &priv->tid_data[sta_id][tid].agg; 1289 1290 spin_lock_bh(&priv->sta_lock); 1291 1292 if (unlikely(!agg->wait_for_ba)) { 1293 if (unlikely(ba_resp->bitmap)) 1294 IWL_ERR(priv, "Received BA when not expected\n"); 1295 spin_unlock_bh(&priv->sta_lock); 1296 return; 1297 } 1298 1299 if (unlikely(scd_flow != agg->txq_id)) { 1300 /* 1301 * FIXME: this is a uCode bug which need to be addressed, 1302 * log the information and return for now. 1303 * Since it is can possibly happen very often and in order 1304 * not to fill the syslog, don't use IWL_ERR or IWL_WARN 1305 */ 1306 IWL_DEBUG_TX_QUEUES(priv, 1307 "Bad queue mapping txq_id=%d, agg_txq[sta:%d,tid:%d]=%d\n", 1308 scd_flow, sta_id, tid, agg->txq_id); 1309 spin_unlock_bh(&priv->sta_lock); 1310 return; 1311 } 1312 1313 __skb_queue_head_init(&reclaimed_skbs); 1314 1315 /* Release all TFDs before the SSN, i.e. all TFDs in front of 1316 * block-ack window (we assume that they've been successfully 1317 * transmitted ... if not, it's too late anyway). */ 1318 iwl_trans_reclaim(priv->trans, scd_flow, ba_resp_scd_ssn, 1319 &reclaimed_skbs, false); 1320 1321 IWL_DEBUG_TX_REPLY(priv, "REPLY_COMPRESSED_BA [%d] Received from %pM, " 1322 "sta_id = %d\n", 1323 agg->wait_for_ba, 1324 (u8 *) &ba_resp->sta_addr_lo32, 1325 ba_resp->sta_id); 1326 IWL_DEBUG_TX_REPLY(priv, "TID = %d, SeqCtl = %d, bitmap = 0x%llx, " 1327 "scd_flow = %d, scd_ssn = %d sent:%d, acked:%d\n", 1328 ba_resp->tid, le16_to_cpu(ba_resp->seq_ctl), 1329 (unsigned long long)le64_to_cpu(ba_resp->bitmap), 1330 scd_flow, ba_resp_scd_ssn, ba_resp->txed, 1331 ba_resp->txed_2_done); 1332 1333 /* Mark that the expected block-ack response arrived */ 1334 agg->wait_for_ba = false; 1335 1336 /* Sanity check values reported by uCode */ 1337 if (ba_resp->txed_2_done > ba_resp->txed) { 1338 IWL_DEBUG_TX_REPLY(priv, 1339 "bogus sent(%d) and ack(%d) count\n", 1340 ba_resp->txed, ba_resp->txed_2_done); 1341 /* 1342 * set txed_2_done = txed, 1343 * so it won't impact rate scale 1344 */ 1345 ba_resp->txed = ba_resp->txed_2_done; 1346 } 1347 1348 priv->tid_data[sta_id][tid].next_reclaimed = ba_resp_scd_ssn; 1349 1350 iwlagn_check_ratid_empty(priv, sta_id, tid); 1351 freed = 0; 1352 1353 skb_queue_walk(&reclaimed_skbs, skb) { 1354 struct ieee80211_hdr *hdr = (void *)skb->data; 1355 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1356 1357 if (ieee80211_is_data_qos(hdr->frame_control)) 1358 freed++; 1359 else 1360 WARN_ON_ONCE(1); 1361 1362 iwl_trans_free_tx_cmd(priv->trans, info->driver_data[1]); 1363 1364 memset(&info->status, 0, sizeof(info->status)); 1365 /* Packet was transmitted successfully, failures come as single 1366 * frames because before failing a frame the firmware transmits 1367 * it without aggregation at least once. 1368 */ 1369 info->flags |= IEEE80211_TX_STAT_ACK; 1370 1371 if (freed == 1) { 1372 /* this is the first skb we deliver in this batch */ 1373 /* put the rate scaling data there */ 1374 info = IEEE80211_SKB_CB(skb); 1375 memset(&info->status, 0, sizeof(info->status)); 1376 info->flags |= IEEE80211_TX_STAT_AMPDU; 1377 info->status.ampdu_ack_len = ba_resp->txed_2_done; 1378 info->status.ampdu_len = ba_resp->txed; 1379 iwlagn_hwrate_to_tx_control(priv, agg->rate_n_flags, 1380 info); 1381 } 1382 } 1383 1384 spin_unlock_bh(&priv->sta_lock); 1385 1386 while (!skb_queue_empty(&reclaimed_skbs)) { 1387 skb = __skb_dequeue(&reclaimed_skbs); 1388 ieee80211_tx_status_skb(priv->hw, skb); 1389 } 1390} 1391