1 /******************************************************************************
2 *
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
5 *
6 * GPL LICENSE SUMMARY
7 *
8 * Copyright(c) 2012 - 2015, 2018 - 2020 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
10 * Copyright(c) 2016 - 2017 Intel Deutschland GmbH
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of version 2 of the GNU General Public License as
14 * published by the Free Software Foundation.
15 *
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
20 *
21 * The full GNU General Public License is included in this distribution
22 * in the file called COPYING.
23 *
24 * Contact Information:
25 * Intel Linux Wireless <linuxwifi@intel.com>
26 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
27 *
28 * BSD LICENSE
29 *
30 * Copyright(c) 2012 - 2015, 2018 - 2020 Intel Corporation. All rights reserved.
31 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
32 * Copyright(c) 2016 - 2017 Intel Deutschland GmbH
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms, with or without
36 * modification, are permitted provided that the following conditions
37 * are met:
38 *
39 * * Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * * Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in
43 * the documentation and/or other materials provided with the
44 * distribution.
45 * * Neither the name Intel Corporation nor the names of its
46 * contributors may be used to endorse or promote products derived
47 * from this software without specific prior written permission.
48 *
49 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
50 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
51 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
52 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
53 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
54 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
55 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
56 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
57 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
58 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
59 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
60 *
61 *****************************************************************************/
62 #include <net/mac80211.h>
63
64 #include "mvm.h"
65 #include "sta.h"
66 #include "rs.h"
67
68 /*
69 * New version of ADD_STA_sta command added new fields at the end of the
70 * structure, so sending the size of the relevant API's structure is enough to
71 * support both API versions.
72 */
iwl_mvm_add_sta_cmd_size(struct iwl_mvm * mvm)73 static inline int iwl_mvm_add_sta_cmd_size(struct iwl_mvm *mvm)
74 {
75 if (iwl_mvm_has_new_rx_api(mvm) ||
76 fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE))
77 return sizeof(struct iwl_mvm_add_sta_cmd);
78 else
79 return sizeof(struct iwl_mvm_add_sta_cmd_v7);
80 }
81
iwl_mvm_find_free_sta_id(struct iwl_mvm * mvm,enum nl80211_iftype iftype)82 static int iwl_mvm_find_free_sta_id(struct iwl_mvm *mvm,
83 enum nl80211_iftype iftype)
84 {
85 int sta_id;
86 u32 reserved_ids = 0;
87
88 BUILD_BUG_ON(IWL_MVM_STATION_COUNT_MAX > 32);
89 WARN_ON_ONCE(test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status));
90
91 lockdep_assert_held(&mvm->mutex);
92
93 /* d0i3/d3 assumes the AP's sta_id (of sta vif) is 0. reserve it. */
94 if (iftype != NL80211_IFTYPE_STATION)
95 reserved_ids = BIT(0);
96
97 /* Don't take rcu_read_lock() since we are protected by mvm->mutex */
98 for (sta_id = 0; sta_id < mvm->fw->ucode_capa.num_stations; sta_id++) {
99 if (BIT(sta_id) & reserved_ids)
100 continue;
101
102 if (!rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
103 lockdep_is_held(&mvm->mutex)))
104 return sta_id;
105 }
106 return IWL_MVM_INVALID_STA;
107 }
108
109 /* send station add/update command to firmware */
iwl_mvm_sta_send_to_fw(struct iwl_mvm * mvm,struct ieee80211_sta * sta,bool update,unsigned int flags)110 int iwl_mvm_sta_send_to_fw(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
111 bool update, unsigned int flags)
112 {
113 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
114 struct iwl_mvm_add_sta_cmd add_sta_cmd = {
115 .sta_id = mvm_sta->sta_id,
116 .mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color),
117 .add_modify = update ? 1 : 0,
118 .station_flags_msk = cpu_to_le32(STA_FLG_FAT_EN_MSK |
119 STA_FLG_MIMO_EN_MSK |
120 STA_FLG_RTS_MIMO_PROT),
121 .tid_disable_tx = cpu_to_le16(mvm_sta->tid_disable_agg),
122 };
123 int ret;
124 u32 status;
125 u32 agg_size = 0, mpdu_dens = 0;
126
127 if (fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE))
128 add_sta_cmd.station_type = mvm_sta->sta_type;
129
130 if (!update || (flags & STA_MODIFY_QUEUES)) {
131 memcpy(&add_sta_cmd.addr, sta->addr, ETH_ALEN);
132
133 if (!iwl_mvm_has_new_tx_api(mvm)) {
134 add_sta_cmd.tfd_queue_msk =
135 cpu_to_le32(mvm_sta->tfd_queue_msk);
136
137 if (flags & STA_MODIFY_QUEUES)
138 add_sta_cmd.modify_mask |= STA_MODIFY_QUEUES;
139 } else {
140 WARN_ON(flags & STA_MODIFY_QUEUES);
141 }
142 }
143
144 switch (sta->bandwidth) {
145 case IEEE80211_STA_RX_BW_160:
146 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_160MHZ);
147 /* fall through */
148 case IEEE80211_STA_RX_BW_80:
149 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_80MHZ);
150 /* fall through */
151 case IEEE80211_STA_RX_BW_40:
152 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_FAT_EN_40MHZ);
153 /* fall through */
154 case IEEE80211_STA_RX_BW_20:
155 if (sta->ht_cap.ht_supported)
156 add_sta_cmd.station_flags |=
157 cpu_to_le32(STA_FLG_FAT_EN_20MHZ);
158 break;
159 }
160
161 switch (sta->rx_nss) {
162 case 1:
163 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO);
164 break;
165 case 2:
166 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO2);
167 break;
168 case 3 ... 8:
169 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_MIMO3);
170 break;
171 }
172
173 switch (sta->smps_mode) {
174 case IEEE80211_SMPS_AUTOMATIC:
175 case IEEE80211_SMPS_NUM_MODES:
176 WARN_ON(1);
177 break;
178 case IEEE80211_SMPS_STATIC:
179 /* override NSS */
180 add_sta_cmd.station_flags &= ~cpu_to_le32(STA_FLG_MIMO_EN_MSK);
181 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_MIMO_EN_SISO);
182 break;
183 case IEEE80211_SMPS_DYNAMIC:
184 add_sta_cmd.station_flags |= cpu_to_le32(STA_FLG_RTS_MIMO_PROT);
185 break;
186 case IEEE80211_SMPS_OFF:
187 /* nothing */
188 break;
189 }
190
191 if (sta->ht_cap.ht_supported) {
192 add_sta_cmd.station_flags_msk |=
193 cpu_to_le32(STA_FLG_MAX_AGG_SIZE_MSK |
194 STA_FLG_AGG_MPDU_DENS_MSK);
195
196 mpdu_dens = sta->ht_cap.ampdu_density;
197 }
198
199
200 if (sta->vht_cap.vht_supported) {
201 agg_size = sta->vht_cap.cap &
202 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
203 agg_size >>=
204 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
205 } else if (sta->ht_cap.ht_supported) {
206 agg_size = sta->ht_cap.ampdu_factor;
207 }
208
209 /* D6.0 10.12.2 A-MPDU length limit rules
210 * A STA indicates the maximum length of the A-MPDU preEOF padding
211 * that it can receive in an HE PPDU in the Maximum A-MPDU Length
212 * Exponent field in its HT Capabilities, VHT Capabilities,
213 * and HE 6 GHz Band Capabilities elements (if present) and the
214 * Maximum AMPDU Length Exponent Extension field in its HE
215 * Capabilities element
216 */
217 if (sta->he_cap.has_he)
218 agg_size += u8_get_bits(sta->he_cap.he_cap_elem.mac_cap_info[3],
219 IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_MASK);
220
221 /* Limit to max A-MPDU supported by FW */
222 if (agg_size > (STA_FLG_MAX_AGG_SIZE_4M >> STA_FLG_MAX_AGG_SIZE_SHIFT))
223 agg_size = (STA_FLG_MAX_AGG_SIZE_4M >>
224 STA_FLG_MAX_AGG_SIZE_SHIFT);
225
226 add_sta_cmd.station_flags |=
227 cpu_to_le32(agg_size << STA_FLG_MAX_AGG_SIZE_SHIFT);
228 add_sta_cmd.station_flags |=
229 cpu_to_le32(mpdu_dens << STA_FLG_AGG_MPDU_DENS_SHIFT);
230 if (mvm_sta->sta_state >= IEEE80211_STA_ASSOC)
231 add_sta_cmd.assoc_id = cpu_to_le16(sta->aid);
232
233 if (sta->wme) {
234 add_sta_cmd.modify_mask |= STA_MODIFY_UAPSD_ACS;
235
236 if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
237 add_sta_cmd.uapsd_acs |= BIT(AC_BK);
238 if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
239 add_sta_cmd.uapsd_acs |= BIT(AC_BE);
240 if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
241 add_sta_cmd.uapsd_acs |= BIT(AC_VI);
242 if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
243 add_sta_cmd.uapsd_acs |= BIT(AC_VO);
244 add_sta_cmd.uapsd_acs |= add_sta_cmd.uapsd_acs << 4;
245 add_sta_cmd.sp_length = sta->max_sp ? sta->max_sp * 2 : 128;
246 }
247
248 status = ADD_STA_SUCCESS;
249 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
250 iwl_mvm_add_sta_cmd_size(mvm),
251 &add_sta_cmd, &status);
252 if (ret)
253 return ret;
254
255 switch (status & IWL_ADD_STA_STATUS_MASK) {
256 case ADD_STA_SUCCESS:
257 IWL_DEBUG_ASSOC(mvm, "ADD_STA PASSED\n");
258 break;
259 default:
260 ret = -EIO;
261 IWL_ERR(mvm, "ADD_STA failed\n");
262 break;
263 }
264
265 return ret;
266 }
267
iwl_mvm_rx_agg_session_expired(struct timer_list * t)268 static void iwl_mvm_rx_agg_session_expired(struct timer_list *t)
269 {
270 struct iwl_mvm_baid_data *data =
271 from_timer(data, t, session_timer);
272 struct iwl_mvm_baid_data __rcu **rcu_ptr = data->rcu_ptr;
273 struct iwl_mvm_baid_data *ba_data;
274 struct ieee80211_sta *sta;
275 struct iwl_mvm_sta *mvm_sta;
276 unsigned long timeout;
277
278 rcu_read_lock();
279
280 ba_data = rcu_dereference(*rcu_ptr);
281
282 if (WARN_ON(!ba_data))
283 goto unlock;
284
285 if (!ba_data->timeout)
286 goto unlock;
287
288 timeout = ba_data->last_rx + TU_TO_JIFFIES(ba_data->timeout * 2);
289 if (time_is_after_jiffies(timeout)) {
290 mod_timer(&ba_data->session_timer, timeout);
291 goto unlock;
292 }
293
294 /* Timer expired */
295 sta = rcu_dereference(ba_data->mvm->fw_id_to_mac_id[ba_data->sta_id]);
296
297 /*
298 * sta should be valid unless the following happens:
299 * The firmware asserts which triggers a reconfig flow, but
300 * the reconfig fails before we set the pointer to sta into
301 * the fw_id_to_mac_id pointer table. Mac80211 can't stop
302 * A-MDPU and hence the timer continues to run. Then, the
303 * timer expires and sta is NULL.
304 */
305 if (!sta)
306 goto unlock;
307
308 mvm_sta = iwl_mvm_sta_from_mac80211(sta);
309 ieee80211_rx_ba_timer_expired(mvm_sta->vif,
310 sta->addr, ba_data->tid);
311 unlock:
312 rcu_read_unlock();
313 }
314
315 /* Disable aggregations for a bitmap of TIDs for a given station */
iwl_mvm_invalidate_sta_queue(struct iwl_mvm * mvm,int queue,unsigned long disable_agg_tids,bool remove_queue)316 static int iwl_mvm_invalidate_sta_queue(struct iwl_mvm *mvm, int queue,
317 unsigned long disable_agg_tids,
318 bool remove_queue)
319 {
320 struct iwl_mvm_add_sta_cmd cmd = {};
321 struct ieee80211_sta *sta;
322 struct iwl_mvm_sta *mvmsta;
323 u32 status;
324 u8 sta_id;
325
326 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
327 return -EINVAL;
328
329 sta_id = mvm->queue_info[queue].ra_sta_id;
330
331 rcu_read_lock();
332
333 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]);
334
335 if (WARN_ON_ONCE(IS_ERR_OR_NULL(sta))) {
336 rcu_read_unlock();
337 return -EINVAL;
338 }
339
340 mvmsta = iwl_mvm_sta_from_mac80211(sta);
341
342 mvmsta->tid_disable_agg |= disable_agg_tids;
343
344 cmd.mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color);
345 cmd.sta_id = mvmsta->sta_id;
346 cmd.add_modify = STA_MODE_MODIFY;
347 cmd.modify_mask = STA_MODIFY_QUEUES;
348 if (disable_agg_tids)
349 cmd.modify_mask |= STA_MODIFY_TID_DISABLE_TX;
350 if (remove_queue)
351 cmd.modify_mask |= STA_MODIFY_QUEUE_REMOVAL;
352 cmd.tfd_queue_msk = cpu_to_le32(mvmsta->tfd_queue_msk);
353 cmd.tid_disable_tx = cpu_to_le16(mvmsta->tid_disable_agg);
354
355 rcu_read_unlock();
356
357 /* Notify FW of queue removal from the STA queues */
358 status = ADD_STA_SUCCESS;
359 return iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
360 iwl_mvm_add_sta_cmd_size(mvm),
361 &cmd, &status);
362 }
363
iwl_mvm_disable_txq(struct iwl_mvm * mvm,struct ieee80211_sta * sta,int queue,u8 tid,u8 flags)364 static int iwl_mvm_disable_txq(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
365 int queue, u8 tid, u8 flags)
366 {
367 struct iwl_scd_txq_cfg_cmd cmd = {
368 .scd_queue = queue,
369 .action = SCD_CFG_DISABLE_QUEUE,
370 };
371 int ret;
372
373 if (iwl_mvm_has_new_tx_api(mvm)) {
374 iwl_trans_txq_free(mvm->trans, queue);
375
376 return 0;
377 }
378
379 if (WARN_ON(mvm->queue_info[queue].tid_bitmap == 0))
380 return 0;
381
382 mvm->queue_info[queue].tid_bitmap &= ~BIT(tid);
383
384 cmd.action = mvm->queue_info[queue].tid_bitmap ?
385 SCD_CFG_ENABLE_QUEUE : SCD_CFG_DISABLE_QUEUE;
386 if (cmd.action == SCD_CFG_DISABLE_QUEUE)
387 mvm->queue_info[queue].status = IWL_MVM_QUEUE_FREE;
388
389 IWL_DEBUG_TX_QUEUES(mvm,
390 "Disabling TXQ #%d tids=0x%x\n",
391 queue,
392 mvm->queue_info[queue].tid_bitmap);
393
394 /* If the queue is still enabled - nothing left to do in this func */
395 if (cmd.action == SCD_CFG_ENABLE_QUEUE)
396 return 0;
397
398 cmd.sta_id = mvm->queue_info[queue].ra_sta_id;
399 cmd.tid = mvm->queue_info[queue].txq_tid;
400
401 /* Make sure queue info is correct even though we overwrite it */
402 WARN(mvm->queue_info[queue].tid_bitmap,
403 "TXQ #%d info out-of-sync - tids=0x%x\n",
404 queue, mvm->queue_info[queue].tid_bitmap);
405
406 /* If we are here - the queue is freed and we can zero out these vals */
407 mvm->queue_info[queue].tid_bitmap = 0;
408
409 if (sta) {
410 struct iwl_mvm_txq *mvmtxq =
411 iwl_mvm_txq_from_tid(sta, tid);
412
413 mvmtxq->txq_id = IWL_MVM_INVALID_QUEUE;
414 }
415
416 /* Regardless if this is a reserved TXQ for a STA - mark it as false */
417 mvm->queue_info[queue].reserved = false;
418
419 iwl_trans_txq_disable(mvm->trans, queue, false);
420 ret = iwl_mvm_send_cmd_pdu(mvm, SCD_QUEUE_CFG, flags,
421 sizeof(struct iwl_scd_txq_cfg_cmd), &cmd);
422
423 if (ret)
424 IWL_ERR(mvm, "Failed to disable queue %d (ret=%d)\n",
425 queue, ret);
426 return ret;
427 }
428
iwl_mvm_get_queue_agg_tids(struct iwl_mvm * mvm,int queue)429 static int iwl_mvm_get_queue_agg_tids(struct iwl_mvm *mvm, int queue)
430 {
431 struct ieee80211_sta *sta;
432 struct iwl_mvm_sta *mvmsta;
433 unsigned long tid_bitmap;
434 unsigned long agg_tids = 0;
435 u8 sta_id;
436 int tid;
437
438 lockdep_assert_held(&mvm->mutex);
439
440 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
441 return -EINVAL;
442
443 sta_id = mvm->queue_info[queue].ra_sta_id;
444 tid_bitmap = mvm->queue_info[queue].tid_bitmap;
445
446 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
447 lockdep_is_held(&mvm->mutex));
448
449 if (WARN_ON_ONCE(IS_ERR_OR_NULL(sta)))
450 return -EINVAL;
451
452 mvmsta = iwl_mvm_sta_from_mac80211(sta);
453
454 spin_lock_bh(&mvmsta->lock);
455 for_each_set_bit(tid, &tid_bitmap, IWL_MAX_TID_COUNT + 1) {
456 if (mvmsta->tid_data[tid].state == IWL_AGG_ON)
457 agg_tids |= BIT(tid);
458 }
459 spin_unlock_bh(&mvmsta->lock);
460
461 return agg_tids;
462 }
463
464 /*
465 * Remove a queue from a station's resources.
466 * Note that this only marks as free. It DOESN'T delete a BA agreement, and
467 * doesn't disable the queue
468 */
iwl_mvm_remove_sta_queue_marking(struct iwl_mvm * mvm,int queue)469 static int iwl_mvm_remove_sta_queue_marking(struct iwl_mvm *mvm, int queue)
470 {
471 struct ieee80211_sta *sta;
472 struct iwl_mvm_sta *mvmsta;
473 unsigned long tid_bitmap;
474 unsigned long disable_agg_tids = 0;
475 u8 sta_id;
476 int tid;
477
478 lockdep_assert_held(&mvm->mutex);
479
480 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
481 return -EINVAL;
482
483 sta_id = mvm->queue_info[queue].ra_sta_id;
484 tid_bitmap = mvm->queue_info[queue].tid_bitmap;
485
486 rcu_read_lock();
487
488 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]);
489
490 if (WARN_ON_ONCE(IS_ERR_OR_NULL(sta))) {
491 rcu_read_unlock();
492 return 0;
493 }
494
495 mvmsta = iwl_mvm_sta_from_mac80211(sta);
496
497 spin_lock_bh(&mvmsta->lock);
498 /* Unmap MAC queues and TIDs from this queue */
499 for_each_set_bit(tid, &tid_bitmap, IWL_MAX_TID_COUNT + 1) {
500 struct iwl_mvm_txq *mvmtxq =
501 iwl_mvm_txq_from_tid(sta, tid);
502
503 if (mvmsta->tid_data[tid].state == IWL_AGG_ON)
504 disable_agg_tids |= BIT(tid);
505 mvmsta->tid_data[tid].txq_id = IWL_MVM_INVALID_QUEUE;
506
507 mvmtxq->txq_id = IWL_MVM_INVALID_QUEUE;
508 }
509
510 mvmsta->tfd_queue_msk &= ~BIT(queue); /* Don't use this queue anymore */
511 spin_unlock_bh(&mvmsta->lock);
512
513 rcu_read_unlock();
514
515 /*
516 * The TX path may have been using this TXQ_ID from the tid_data,
517 * so make sure it's no longer running so that we can safely reuse
518 * this TXQ later. We've set all the TIDs to IWL_MVM_INVALID_QUEUE
519 * above, but nothing guarantees we've stopped using them. Thus,
520 * without this, we could get to iwl_mvm_disable_txq() and remove
521 * the queue while still sending frames to it.
522 */
523 synchronize_net();
524
525 return disable_agg_tids;
526 }
527
iwl_mvm_free_inactive_queue(struct iwl_mvm * mvm,int queue,struct ieee80211_sta * old_sta,u8 new_sta_id)528 static int iwl_mvm_free_inactive_queue(struct iwl_mvm *mvm, int queue,
529 struct ieee80211_sta *old_sta,
530 u8 new_sta_id)
531 {
532 struct iwl_mvm_sta *mvmsta;
533 u8 sta_id, tid;
534 unsigned long disable_agg_tids = 0;
535 bool same_sta;
536 int ret;
537
538 lockdep_assert_held(&mvm->mutex);
539
540 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
541 return -EINVAL;
542
543 sta_id = mvm->queue_info[queue].ra_sta_id;
544 tid = mvm->queue_info[queue].txq_tid;
545
546 same_sta = sta_id == new_sta_id;
547
548 mvmsta = iwl_mvm_sta_from_staid_protected(mvm, sta_id);
549 if (WARN_ON(!mvmsta))
550 return -EINVAL;
551
552 disable_agg_tids = iwl_mvm_remove_sta_queue_marking(mvm, queue);
553 /* Disable the queue */
554 if (disable_agg_tids)
555 iwl_mvm_invalidate_sta_queue(mvm, queue,
556 disable_agg_tids, false);
557
558 ret = iwl_mvm_disable_txq(mvm, old_sta, queue, tid, 0);
559 if (ret) {
560 IWL_ERR(mvm,
561 "Failed to free inactive queue %d (ret=%d)\n",
562 queue, ret);
563
564 return ret;
565 }
566
567 /* If TXQ is allocated to another STA, update removal in FW */
568 if (!same_sta)
569 iwl_mvm_invalidate_sta_queue(mvm, queue, 0, true);
570
571 return 0;
572 }
573
iwl_mvm_get_shared_queue(struct iwl_mvm * mvm,unsigned long tfd_queue_mask,u8 ac)574 static int iwl_mvm_get_shared_queue(struct iwl_mvm *mvm,
575 unsigned long tfd_queue_mask, u8 ac)
576 {
577 int queue = 0;
578 u8 ac_to_queue[IEEE80211_NUM_ACS];
579 int i;
580
581 /*
582 * This protects us against grabbing a queue that's being reconfigured
583 * by the inactivity checker.
584 */
585 lockdep_assert_held(&mvm->mutex);
586
587 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
588 return -EINVAL;
589
590 memset(&ac_to_queue, IEEE80211_INVAL_HW_QUEUE, sizeof(ac_to_queue));
591
592 /* See what ACs the existing queues for this STA have */
593 for_each_set_bit(i, &tfd_queue_mask, IWL_MVM_DQA_MAX_DATA_QUEUE) {
594 /* Only DATA queues can be shared */
595 if (i < IWL_MVM_DQA_MIN_DATA_QUEUE &&
596 i != IWL_MVM_DQA_BSS_CLIENT_QUEUE)
597 continue;
598
599 ac_to_queue[mvm->queue_info[i].mac80211_ac] = i;
600 }
601
602 /*
603 * The queue to share is chosen only from DATA queues as follows (in
604 * descending priority):
605 * 1. An AC_BE queue
606 * 2. Same AC queue
607 * 3. Highest AC queue that is lower than new AC
608 * 4. Any existing AC (there always is at least 1 DATA queue)
609 */
610
611 /* Priority 1: An AC_BE queue */
612 if (ac_to_queue[IEEE80211_AC_BE] != IEEE80211_INVAL_HW_QUEUE)
613 queue = ac_to_queue[IEEE80211_AC_BE];
614 /* Priority 2: Same AC queue */
615 else if (ac_to_queue[ac] != IEEE80211_INVAL_HW_QUEUE)
616 queue = ac_to_queue[ac];
617 /* Priority 3a: If new AC is VO and VI exists - use VI */
618 else if (ac == IEEE80211_AC_VO &&
619 ac_to_queue[IEEE80211_AC_VI] != IEEE80211_INVAL_HW_QUEUE)
620 queue = ac_to_queue[IEEE80211_AC_VI];
621 /* Priority 3b: No BE so only AC less than the new one is BK */
622 else if (ac_to_queue[IEEE80211_AC_BK] != IEEE80211_INVAL_HW_QUEUE)
623 queue = ac_to_queue[IEEE80211_AC_BK];
624 /* Priority 4a: No BE nor BK - use VI if exists */
625 else if (ac_to_queue[IEEE80211_AC_VI] != IEEE80211_INVAL_HW_QUEUE)
626 queue = ac_to_queue[IEEE80211_AC_VI];
627 /* Priority 4b: No BE, BK nor VI - use VO if exists */
628 else if (ac_to_queue[IEEE80211_AC_VO] != IEEE80211_INVAL_HW_QUEUE)
629 queue = ac_to_queue[IEEE80211_AC_VO];
630
631 /* Make sure queue found (or not) is legal */
632 if (!iwl_mvm_is_dqa_data_queue(mvm, queue) &&
633 !iwl_mvm_is_dqa_mgmt_queue(mvm, queue) &&
634 (queue != IWL_MVM_DQA_BSS_CLIENT_QUEUE)) {
635 IWL_ERR(mvm, "No DATA queues available to share\n");
636 return -ENOSPC;
637 }
638
639 return queue;
640 }
641
642 /*
643 * If a given queue has a higher AC than the TID stream that is being compared
644 * to, the queue needs to be redirected to the lower AC. This function does that
645 * in such a case, otherwise - if no redirection required - it does nothing,
646 * unless the %force param is true.
647 */
iwl_mvm_redirect_queue(struct iwl_mvm * mvm,int queue,int tid,int ac,int ssn,unsigned int wdg_timeout,bool force,struct iwl_mvm_txq * txq)648 static int iwl_mvm_redirect_queue(struct iwl_mvm *mvm, int queue, int tid,
649 int ac, int ssn, unsigned int wdg_timeout,
650 bool force, struct iwl_mvm_txq *txq)
651 {
652 struct iwl_scd_txq_cfg_cmd cmd = {
653 .scd_queue = queue,
654 .action = SCD_CFG_DISABLE_QUEUE,
655 };
656 bool shared_queue;
657 int ret;
658
659 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
660 return -EINVAL;
661
662 /*
663 * If the AC is lower than current one - FIFO needs to be redirected to
664 * the lowest one of the streams in the queue. Check if this is needed
665 * here.
666 * Notice that the enum ieee80211_ac_numbers is "flipped", so BK is with
667 * value 3 and VO with value 0, so to check if ac X is lower than ac Y
668 * we need to check if the numerical value of X is LARGER than of Y.
669 */
670 if (ac <= mvm->queue_info[queue].mac80211_ac && !force) {
671 IWL_DEBUG_TX_QUEUES(mvm,
672 "No redirection needed on TXQ #%d\n",
673 queue);
674 return 0;
675 }
676
677 cmd.sta_id = mvm->queue_info[queue].ra_sta_id;
678 cmd.tx_fifo = iwl_mvm_ac_to_tx_fifo[mvm->queue_info[queue].mac80211_ac];
679 cmd.tid = mvm->queue_info[queue].txq_tid;
680 shared_queue = hweight16(mvm->queue_info[queue].tid_bitmap) > 1;
681
682 IWL_DEBUG_TX_QUEUES(mvm, "Redirecting TXQ #%d to FIFO #%d\n",
683 queue, iwl_mvm_ac_to_tx_fifo[ac]);
684
685 /* Stop the queue and wait for it to empty */
686 txq->stopped = true;
687
688 ret = iwl_trans_wait_tx_queues_empty(mvm->trans, BIT(queue));
689 if (ret) {
690 IWL_ERR(mvm, "Error draining queue %d before reconfig\n",
691 queue);
692 ret = -EIO;
693 goto out;
694 }
695
696 /* Before redirecting the queue we need to de-activate it */
697 iwl_trans_txq_disable(mvm->trans, queue, false);
698 ret = iwl_mvm_send_cmd_pdu(mvm, SCD_QUEUE_CFG, 0, sizeof(cmd), &cmd);
699 if (ret)
700 IWL_ERR(mvm, "Failed SCD disable TXQ %d (ret=%d)\n", queue,
701 ret);
702
703 /* Make sure the SCD wrptr is correctly set before reconfiguring */
704 iwl_trans_txq_enable_cfg(mvm->trans, queue, ssn, NULL, wdg_timeout);
705
706 /* Update the TID "owner" of the queue */
707 mvm->queue_info[queue].txq_tid = tid;
708
709 /* TODO: Work-around SCD bug when moving back by multiples of 0x40 */
710
711 /* Redirect to lower AC */
712 iwl_mvm_reconfig_scd(mvm, queue, iwl_mvm_ac_to_tx_fifo[ac],
713 cmd.sta_id, tid, IWL_FRAME_LIMIT, ssn);
714
715 /* Update AC marking of the queue */
716 mvm->queue_info[queue].mac80211_ac = ac;
717
718 /*
719 * Mark queue as shared in transport if shared
720 * Note this has to be done after queue enablement because enablement
721 * can also set this value, and there is no indication there to shared
722 * queues
723 */
724 if (shared_queue)
725 iwl_trans_txq_set_shared_mode(mvm->trans, queue, true);
726
727 out:
728 /* Continue using the queue */
729 txq->stopped = false;
730
731 return ret;
732 }
733
iwl_mvm_find_free_queue(struct iwl_mvm * mvm,u8 sta_id,u8 minq,u8 maxq)734 static int iwl_mvm_find_free_queue(struct iwl_mvm *mvm, u8 sta_id,
735 u8 minq, u8 maxq)
736 {
737 int i;
738
739 lockdep_assert_held(&mvm->mutex);
740
741 if (WARN(maxq >= mvm->trans->trans_cfg->base_params->num_of_queues,
742 "max queue %d >= num_of_queues (%d)", maxq,
743 mvm->trans->trans_cfg->base_params->num_of_queues))
744 maxq = mvm->trans->trans_cfg->base_params->num_of_queues - 1;
745
746 /* This should not be hit with new TX path */
747 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
748 return -ENOSPC;
749
750 /* Start by looking for a free queue */
751 for (i = minq; i <= maxq; i++)
752 if (mvm->queue_info[i].tid_bitmap == 0 &&
753 mvm->queue_info[i].status == IWL_MVM_QUEUE_FREE)
754 return i;
755
756 return -ENOSPC;
757 }
758
iwl_mvm_tvqm_enable_txq(struct iwl_mvm * mvm,u8 sta_id,u8 tid,unsigned int timeout)759 static int iwl_mvm_tvqm_enable_txq(struct iwl_mvm *mvm,
760 u8 sta_id, u8 tid, unsigned int timeout)
761 {
762 int queue, size = max_t(u32, IWL_DEFAULT_QUEUE_SIZE,
763 mvm->trans->cfg->min_256_ba_txq_size);
764
765 if (tid == IWL_MAX_TID_COUNT) {
766 tid = IWL_MGMT_TID;
767 size = max_t(u32, IWL_MGMT_QUEUE_SIZE,
768 mvm->trans->cfg->min_txq_size);
769 }
770
771 do {
772 __le16 enable = cpu_to_le16(TX_QUEUE_CFG_ENABLE_QUEUE);
773
774 queue = iwl_trans_txq_alloc(mvm->trans, enable,
775 sta_id, tid, SCD_QUEUE_CFG,
776 size, timeout);
777
778 if (queue < 0)
779 IWL_DEBUG_TX_QUEUES(mvm,
780 "Failed allocating TXQ of size %d for sta %d tid %d, ret: %d\n",
781 size, sta_id, tid, queue);
782 size /= 2;
783 } while (queue < 0 && size >= 16);
784
785 if (queue < 0)
786 return queue;
787
788 IWL_DEBUG_TX_QUEUES(mvm, "Enabling TXQ #%d for sta %d tid %d\n",
789 queue, sta_id, tid);
790
791 return queue;
792 }
793
iwl_mvm_sta_alloc_queue_tvqm(struct iwl_mvm * mvm,struct ieee80211_sta * sta,u8 ac,int tid)794 static int iwl_mvm_sta_alloc_queue_tvqm(struct iwl_mvm *mvm,
795 struct ieee80211_sta *sta, u8 ac,
796 int tid)
797 {
798 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
799 struct iwl_mvm_txq *mvmtxq =
800 iwl_mvm_txq_from_tid(sta, tid);
801 unsigned int wdg_timeout =
802 iwl_mvm_get_wd_timeout(mvm, mvmsta->vif, false, false);
803 int queue = -1;
804
805 lockdep_assert_held(&mvm->mutex);
806
807 IWL_DEBUG_TX_QUEUES(mvm,
808 "Allocating queue for sta %d on tid %d\n",
809 mvmsta->sta_id, tid);
810 queue = iwl_mvm_tvqm_enable_txq(mvm, mvmsta->sta_id, tid, wdg_timeout);
811 if (queue < 0)
812 return queue;
813
814 mvmtxq->txq_id = queue;
815 mvm->tvqm_info[queue].txq_tid = tid;
816 mvm->tvqm_info[queue].sta_id = mvmsta->sta_id;
817
818 IWL_DEBUG_TX_QUEUES(mvm, "Allocated queue is %d\n", queue);
819
820 spin_lock_bh(&mvmsta->lock);
821 mvmsta->tid_data[tid].txq_id = queue;
822 spin_unlock_bh(&mvmsta->lock);
823
824 return 0;
825 }
826
iwl_mvm_update_txq_mapping(struct iwl_mvm * mvm,struct ieee80211_sta * sta,int queue,u8 sta_id,u8 tid)827 static bool iwl_mvm_update_txq_mapping(struct iwl_mvm *mvm,
828 struct ieee80211_sta *sta,
829 int queue, u8 sta_id, u8 tid)
830 {
831 bool enable_queue = true;
832
833 /* Make sure this TID isn't already enabled */
834 if (mvm->queue_info[queue].tid_bitmap & BIT(tid)) {
835 IWL_ERR(mvm, "Trying to enable TXQ %d with existing TID %d\n",
836 queue, tid);
837 return false;
838 }
839
840 /* Update mappings and refcounts */
841 if (mvm->queue_info[queue].tid_bitmap)
842 enable_queue = false;
843
844 mvm->queue_info[queue].tid_bitmap |= BIT(tid);
845 mvm->queue_info[queue].ra_sta_id = sta_id;
846
847 if (enable_queue) {
848 if (tid != IWL_MAX_TID_COUNT)
849 mvm->queue_info[queue].mac80211_ac =
850 tid_to_mac80211_ac[tid];
851 else
852 mvm->queue_info[queue].mac80211_ac = IEEE80211_AC_VO;
853
854 mvm->queue_info[queue].txq_tid = tid;
855 }
856
857 if (sta) {
858 struct iwl_mvm_txq *mvmtxq =
859 iwl_mvm_txq_from_tid(sta, tid);
860
861 mvmtxq->txq_id = queue;
862 }
863
864 IWL_DEBUG_TX_QUEUES(mvm,
865 "Enabling TXQ #%d tids=0x%x\n",
866 queue, mvm->queue_info[queue].tid_bitmap);
867
868 return enable_queue;
869 }
870
iwl_mvm_enable_txq(struct iwl_mvm * mvm,struct ieee80211_sta * sta,int queue,u16 ssn,const struct iwl_trans_txq_scd_cfg * cfg,unsigned int wdg_timeout)871 static bool iwl_mvm_enable_txq(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
872 int queue, u16 ssn,
873 const struct iwl_trans_txq_scd_cfg *cfg,
874 unsigned int wdg_timeout)
875 {
876 struct iwl_scd_txq_cfg_cmd cmd = {
877 .scd_queue = queue,
878 .action = SCD_CFG_ENABLE_QUEUE,
879 .window = cfg->frame_limit,
880 .sta_id = cfg->sta_id,
881 .ssn = cpu_to_le16(ssn),
882 .tx_fifo = cfg->fifo,
883 .aggregate = cfg->aggregate,
884 .tid = cfg->tid,
885 };
886 bool inc_ssn;
887
888 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
889 return false;
890
891 /* Send the enabling command if we need to */
892 if (!iwl_mvm_update_txq_mapping(mvm, sta, queue, cfg->sta_id, cfg->tid))
893 return false;
894
895 inc_ssn = iwl_trans_txq_enable_cfg(mvm->trans, queue, ssn,
896 NULL, wdg_timeout);
897 if (inc_ssn)
898 le16_add_cpu(&cmd.ssn, 1);
899
900 WARN(iwl_mvm_send_cmd_pdu(mvm, SCD_QUEUE_CFG, 0, sizeof(cmd), &cmd),
901 "Failed to configure queue %d on FIFO %d\n", queue, cfg->fifo);
902
903 return inc_ssn;
904 }
905
iwl_mvm_change_queue_tid(struct iwl_mvm * mvm,int queue)906 static void iwl_mvm_change_queue_tid(struct iwl_mvm *mvm, int queue)
907 {
908 struct iwl_scd_txq_cfg_cmd cmd = {
909 .scd_queue = queue,
910 .action = SCD_CFG_UPDATE_QUEUE_TID,
911 };
912 int tid;
913 unsigned long tid_bitmap;
914 int ret;
915
916 lockdep_assert_held(&mvm->mutex);
917
918 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
919 return;
920
921 tid_bitmap = mvm->queue_info[queue].tid_bitmap;
922
923 if (WARN(!tid_bitmap, "TXQ %d has no tids assigned to it\n", queue))
924 return;
925
926 /* Find any TID for queue */
927 tid = find_first_bit(&tid_bitmap, IWL_MAX_TID_COUNT + 1);
928 cmd.tid = tid;
929 cmd.tx_fifo = iwl_mvm_ac_to_tx_fifo[tid_to_mac80211_ac[tid]];
930
931 ret = iwl_mvm_send_cmd_pdu(mvm, SCD_QUEUE_CFG, 0, sizeof(cmd), &cmd);
932 if (ret) {
933 IWL_ERR(mvm, "Failed to update owner of TXQ %d (ret=%d)\n",
934 queue, ret);
935 return;
936 }
937
938 mvm->queue_info[queue].txq_tid = tid;
939 IWL_DEBUG_TX_QUEUES(mvm, "Changed TXQ %d ownership to tid %d\n",
940 queue, tid);
941 }
942
iwl_mvm_unshare_queue(struct iwl_mvm * mvm,int queue)943 static void iwl_mvm_unshare_queue(struct iwl_mvm *mvm, int queue)
944 {
945 struct ieee80211_sta *sta;
946 struct iwl_mvm_sta *mvmsta;
947 u8 sta_id;
948 int tid = -1;
949 unsigned long tid_bitmap;
950 unsigned int wdg_timeout;
951 int ssn;
952 int ret = true;
953
954 /* queue sharing is disabled on new TX path */
955 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
956 return;
957
958 lockdep_assert_held(&mvm->mutex);
959
960 sta_id = mvm->queue_info[queue].ra_sta_id;
961 tid_bitmap = mvm->queue_info[queue].tid_bitmap;
962
963 /* Find TID for queue, and make sure it is the only one on the queue */
964 tid = find_first_bit(&tid_bitmap, IWL_MAX_TID_COUNT + 1);
965 if (tid_bitmap != BIT(tid)) {
966 IWL_ERR(mvm, "Failed to unshare q %d, active tids=0x%lx\n",
967 queue, tid_bitmap);
968 return;
969 }
970
971 IWL_DEBUG_TX_QUEUES(mvm, "Unsharing TXQ %d, keeping tid %d\n", queue,
972 tid);
973
974 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
975 lockdep_is_held(&mvm->mutex));
976
977 if (WARN_ON_ONCE(IS_ERR_OR_NULL(sta)))
978 return;
979
980 mvmsta = iwl_mvm_sta_from_mac80211(sta);
981 wdg_timeout = iwl_mvm_get_wd_timeout(mvm, mvmsta->vif, false, false);
982
983 ssn = IEEE80211_SEQ_TO_SN(mvmsta->tid_data[tid].seq_number);
984
985 ret = iwl_mvm_redirect_queue(mvm, queue, tid,
986 tid_to_mac80211_ac[tid], ssn,
987 wdg_timeout, true,
988 iwl_mvm_txq_from_tid(sta, tid));
989 if (ret) {
990 IWL_ERR(mvm, "Failed to redirect TXQ %d\n", queue);
991 return;
992 }
993
994 /* If aggs should be turned back on - do it */
995 if (mvmsta->tid_data[tid].state == IWL_AGG_ON) {
996 struct iwl_mvm_add_sta_cmd cmd = {0};
997
998 mvmsta->tid_disable_agg &= ~BIT(tid);
999
1000 cmd.mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color);
1001 cmd.sta_id = mvmsta->sta_id;
1002 cmd.add_modify = STA_MODE_MODIFY;
1003 cmd.modify_mask = STA_MODIFY_TID_DISABLE_TX;
1004 cmd.tfd_queue_msk = cpu_to_le32(mvmsta->tfd_queue_msk);
1005 cmd.tid_disable_tx = cpu_to_le16(mvmsta->tid_disable_agg);
1006
1007 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC,
1008 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
1009 if (!ret) {
1010 IWL_DEBUG_TX_QUEUES(mvm,
1011 "TXQ #%d is now aggregated again\n",
1012 queue);
1013
1014 /* Mark queue intenally as aggregating again */
1015 iwl_trans_txq_set_shared_mode(mvm->trans, queue, false);
1016 }
1017 }
1018
1019 mvm->queue_info[queue].status = IWL_MVM_QUEUE_READY;
1020 }
1021
1022 /*
1023 * Remove inactive TIDs of a given queue.
1024 * If all queue TIDs are inactive - mark the queue as inactive
1025 * If only some the queue TIDs are inactive - unmap them from the queue
1026 *
1027 * Returns %true if all TIDs were removed and the queue could be reused.
1028 */
iwl_mvm_remove_inactive_tids(struct iwl_mvm * mvm,struct iwl_mvm_sta * mvmsta,int queue,unsigned long tid_bitmap,unsigned long * unshare_queues,unsigned long * changetid_queues)1029 static bool iwl_mvm_remove_inactive_tids(struct iwl_mvm *mvm,
1030 struct iwl_mvm_sta *mvmsta, int queue,
1031 unsigned long tid_bitmap,
1032 unsigned long *unshare_queues,
1033 unsigned long *changetid_queues)
1034 {
1035 int tid;
1036
1037 lockdep_assert_held(&mvmsta->lock);
1038 lockdep_assert_held(&mvm->mutex);
1039
1040 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
1041 return false;
1042
1043 /* Go over all non-active TIDs, incl. IWL_MAX_TID_COUNT (for mgmt) */
1044 for_each_set_bit(tid, &tid_bitmap, IWL_MAX_TID_COUNT + 1) {
1045 /* If some TFDs are still queued - don't mark TID as inactive */
1046 if (iwl_mvm_tid_queued(mvm, &mvmsta->tid_data[tid]))
1047 tid_bitmap &= ~BIT(tid);
1048
1049 /* Don't mark as inactive any TID that has an active BA */
1050 if (mvmsta->tid_data[tid].state != IWL_AGG_OFF)
1051 tid_bitmap &= ~BIT(tid);
1052 }
1053
1054 /* If all TIDs in the queue are inactive - return it can be reused */
1055 if (tid_bitmap == mvm->queue_info[queue].tid_bitmap) {
1056 IWL_DEBUG_TX_QUEUES(mvm, "Queue %d is inactive\n", queue);
1057 return true;
1058 }
1059
1060 /*
1061 * If we are here, this is a shared queue and not all TIDs timed-out.
1062 * Remove the ones that did.
1063 */
1064 for_each_set_bit(tid, &tid_bitmap, IWL_MAX_TID_COUNT + 1) {
1065 u16 tid_bitmap;
1066
1067 mvmsta->tid_data[tid].txq_id = IWL_MVM_INVALID_QUEUE;
1068 mvm->queue_info[queue].tid_bitmap &= ~BIT(tid);
1069
1070 tid_bitmap = mvm->queue_info[queue].tid_bitmap;
1071
1072 /*
1073 * We need to take into account a situation in which a TXQ was
1074 * allocated to TID x, and then turned shared by adding TIDs y
1075 * and z. If TID x becomes inactive and is removed from the TXQ,
1076 * ownership must be given to one of the remaining TIDs.
1077 * This is mainly because if TID x continues - a new queue can't
1078 * be allocated for it as long as it is an owner of another TXQ.
1079 *
1080 * Mark this queue in the right bitmap, we'll send the command
1081 * to the firmware later.
1082 */
1083 if (!(tid_bitmap & BIT(mvm->queue_info[queue].txq_tid)))
1084 set_bit(queue, changetid_queues);
1085
1086 IWL_DEBUG_TX_QUEUES(mvm,
1087 "Removing inactive TID %d from shared Q:%d\n",
1088 tid, queue);
1089 }
1090
1091 IWL_DEBUG_TX_QUEUES(mvm,
1092 "TXQ #%d left with tid bitmap 0x%x\n", queue,
1093 mvm->queue_info[queue].tid_bitmap);
1094
1095 /*
1096 * There may be different TIDs with the same mac queues, so make
1097 * sure all TIDs have existing corresponding mac queues enabled
1098 */
1099 tid_bitmap = mvm->queue_info[queue].tid_bitmap;
1100
1101 /* If the queue is marked as shared - "unshare" it */
1102 if (hweight16(mvm->queue_info[queue].tid_bitmap) == 1 &&
1103 mvm->queue_info[queue].status == IWL_MVM_QUEUE_SHARED) {
1104 IWL_DEBUG_TX_QUEUES(mvm, "Marking Q:%d for reconfig\n",
1105 queue);
1106 set_bit(queue, unshare_queues);
1107 }
1108
1109 return false;
1110 }
1111
1112 /*
1113 * Check for inactivity - this includes checking if any queue
1114 * can be unshared and finding one (and only one) that can be
1115 * reused.
1116 * This function is also invoked as a sort of clean-up task,
1117 * in which case @alloc_for_sta is IWL_MVM_INVALID_STA.
1118 *
1119 * Returns the queue number, or -ENOSPC.
1120 */
iwl_mvm_inactivity_check(struct iwl_mvm * mvm,u8 alloc_for_sta)1121 static int iwl_mvm_inactivity_check(struct iwl_mvm *mvm, u8 alloc_for_sta)
1122 {
1123 unsigned long now = jiffies;
1124 unsigned long unshare_queues = 0;
1125 unsigned long changetid_queues = 0;
1126 int i, ret, free_queue = -ENOSPC;
1127 struct ieee80211_sta *queue_owner = NULL;
1128
1129 lockdep_assert_held(&mvm->mutex);
1130
1131 if (iwl_mvm_has_new_tx_api(mvm))
1132 return -ENOSPC;
1133
1134 rcu_read_lock();
1135
1136 /* we skip the CMD queue below by starting at 1 */
1137 BUILD_BUG_ON(IWL_MVM_DQA_CMD_QUEUE != 0);
1138
1139 for (i = 1; i < IWL_MAX_HW_QUEUES; i++) {
1140 struct ieee80211_sta *sta;
1141 struct iwl_mvm_sta *mvmsta;
1142 u8 sta_id;
1143 int tid;
1144 unsigned long inactive_tid_bitmap = 0;
1145 unsigned long queue_tid_bitmap;
1146
1147 queue_tid_bitmap = mvm->queue_info[i].tid_bitmap;
1148 if (!queue_tid_bitmap)
1149 continue;
1150
1151 /* If TXQ isn't in active use anyway - nothing to do here... */
1152 if (mvm->queue_info[i].status != IWL_MVM_QUEUE_READY &&
1153 mvm->queue_info[i].status != IWL_MVM_QUEUE_SHARED)
1154 continue;
1155
1156 /* Check to see if there are inactive TIDs on this queue */
1157 for_each_set_bit(tid, &queue_tid_bitmap,
1158 IWL_MAX_TID_COUNT + 1) {
1159 if (time_after(mvm->queue_info[i].last_frame_time[tid] +
1160 IWL_MVM_DQA_QUEUE_TIMEOUT, now))
1161 continue;
1162
1163 inactive_tid_bitmap |= BIT(tid);
1164 }
1165
1166 /* If all TIDs are active - finish check on this queue */
1167 if (!inactive_tid_bitmap)
1168 continue;
1169
1170 /*
1171 * If we are here - the queue hadn't been served recently and is
1172 * in use
1173 */
1174
1175 sta_id = mvm->queue_info[i].ra_sta_id;
1176 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]);
1177
1178 /*
1179 * If the STA doesn't exist anymore, it isn't an error. It could
1180 * be that it was removed since getting the queues, and in this
1181 * case it should've inactivated its queues anyway.
1182 */
1183 if (IS_ERR_OR_NULL(sta))
1184 continue;
1185
1186 mvmsta = iwl_mvm_sta_from_mac80211(sta);
1187
1188 spin_lock_bh(&mvmsta->lock);
1189 ret = iwl_mvm_remove_inactive_tids(mvm, mvmsta, i,
1190 inactive_tid_bitmap,
1191 &unshare_queues,
1192 &changetid_queues);
1193 if (ret && free_queue < 0) {
1194 queue_owner = sta;
1195 free_queue = i;
1196 }
1197 /* only unlock sta lock - we still need the queue info lock */
1198 spin_unlock_bh(&mvmsta->lock);
1199 }
1200
1201
1202 /* Reconfigure queues requiring reconfiguation */
1203 for_each_set_bit(i, &unshare_queues, IWL_MAX_HW_QUEUES)
1204 iwl_mvm_unshare_queue(mvm, i);
1205 for_each_set_bit(i, &changetid_queues, IWL_MAX_HW_QUEUES)
1206 iwl_mvm_change_queue_tid(mvm, i);
1207
1208 rcu_read_unlock();
1209
1210 if (free_queue >= 0 && alloc_for_sta != IWL_MVM_INVALID_STA) {
1211 ret = iwl_mvm_free_inactive_queue(mvm, free_queue, queue_owner,
1212 alloc_for_sta);
1213 if (ret)
1214 return ret;
1215 }
1216
1217 return free_queue;
1218 }
1219
iwl_mvm_sta_alloc_queue(struct iwl_mvm * mvm,struct ieee80211_sta * sta,u8 ac,int tid)1220 static int iwl_mvm_sta_alloc_queue(struct iwl_mvm *mvm,
1221 struct ieee80211_sta *sta, u8 ac, int tid)
1222 {
1223 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1224 struct iwl_trans_txq_scd_cfg cfg = {
1225 .fifo = iwl_mvm_mac_ac_to_tx_fifo(mvm, ac),
1226 .sta_id = mvmsta->sta_id,
1227 .tid = tid,
1228 .frame_limit = IWL_FRAME_LIMIT,
1229 };
1230 unsigned int wdg_timeout =
1231 iwl_mvm_get_wd_timeout(mvm, mvmsta->vif, false, false);
1232 int queue = -1;
1233 unsigned long disable_agg_tids = 0;
1234 enum iwl_mvm_agg_state queue_state;
1235 bool shared_queue = false, inc_ssn;
1236 int ssn;
1237 unsigned long tfd_queue_mask;
1238 int ret;
1239
1240 lockdep_assert_held(&mvm->mutex);
1241
1242 if (iwl_mvm_has_new_tx_api(mvm))
1243 return iwl_mvm_sta_alloc_queue_tvqm(mvm, sta, ac, tid);
1244
1245 spin_lock_bh(&mvmsta->lock);
1246 tfd_queue_mask = mvmsta->tfd_queue_msk;
1247 ssn = IEEE80211_SEQ_TO_SN(mvmsta->tid_data[tid].seq_number);
1248 spin_unlock_bh(&mvmsta->lock);
1249
1250 if (tid == IWL_MAX_TID_COUNT) {
1251 queue = iwl_mvm_find_free_queue(mvm, mvmsta->sta_id,
1252 IWL_MVM_DQA_MIN_MGMT_QUEUE,
1253 IWL_MVM_DQA_MAX_MGMT_QUEUE);
1254 if (queue >= IWL_MVM_DQA_MIN_MGMT_QUEUE)
1255 IWL_DEBUG_TX_QUEUES(mvm, "Found free MGMT queue #%d\n",
1256 queue);
1257
1258 /* If no such queue is found, we'll use a DATA queue instead */
1259 }
1260
1261 if ((queue < 0 && mvmsta->reserved_queue != IEEE80211_INVAL_HW_QUEUE) &&
1262 (mvm->queue_info[mvmsta->reserved_queue].status ==
1263 IWL_MVM_QUEUE_RESERVED)) {
1264 queue = mvmsta->reserved_queue;
1265 mvm->queue_info[queue].reserved = true;
1266 IWL_DEBUG_TX_QUEUES(mvm, "Using reserved queue #%d\n", queue);
1267 }
1268
1269 if (queue < 0)
1270 queue = iwl_mvm_find_free_queue(mvm, mvmsta->sta_id,
1271 IWL_MVM_DQA_MIN_DATA_QUEUE,
1272 IWL_MVM_DQA_MAX_DATA_QUEUE);
1273 if (queue < 0) {
1274 /* try harder - perhaps kill an inactive queue */
1275 queue = iwl_mvm_inactivity_check(mvm, mvmsta->sta_id);
1276 }
1277
1278 /* No free queue - we'll have to share */
1279 if (queue <= 0) {
1280 queue = iwl_mvm_get_shared_queue(mvm, tfd_queue_mask, ac);
1281 if (queue > 0) {
1282 shared_queue = true;
1283 mvm->queue_info[queue].status = IWL_MVM_QUEUE_SHARED;
1284 }
1285 }
1286
1287 /*
1288 * Mark TXQ as ready, even though it hasn't been fully configured yet,
1289 * to make sure no one else takes it.
1290 * This will allow avoiding re-acquiring the lock at the end of the
1291 * configuration. On error we'll mark it back as free.
1292 */
1293 if (queue > 0 && !shared_queue)
1294 mvm->queue_info[queue].status = IWL_MVM_QUEUE_READY;
1295
1296 /* This shouldn't happen - out of queues */
1297 if (WARN_ON(queue <= 0)) {
1298 IWL_ERR(mvm, "No available queues for tid %d on sta_id %d\n",
1299 tid, cfg.sta_id);
1300 return queue;
1301 }
1302
1303 /*
1304 * Actual en/disablement of aggregations is through the ADD_STA HCMD,
1305 * but for configuring the SCD to send A-MPDUs we need to mark the queue
1306 * as aggregatable.
1307 * Mark all DATA queues as allowing to be aggregated at some point
1308 */
1309 cfg.aggregate = (queue >= IWL_MVM_DQA_MIN_DATA_QUEUE ||
1310 queue == IWL_MVM_DQA_BSS_CLIENT_QUEUE);
1311
1312 IWL_DEBUG_TX_QUEUES(mvm,
1313 "Allocating %squeue #%d to sta %d on tid %d\n",
1314 shared_queue ? "shared " : "", queue,
1315 mvmsta->sta_id, tid);
1316
1317 if (shared_queue) {
1318 /* Disable any open aggs on this queue */
1319 disable_agg_tids = iwl_mvm_get_queue_agg_tids(mvm, queue);
1320
1321 if (disable_agg_tids) {
1322 IWL_DEBUG_TX_QUEUES(mvm, "Disabling aggs on queue %d\n",
1323 queue);
1324 iwl_mvm_invalidate_sta_queue(mvm, queue,
1325 disable_agg_tids, false);
1326 }
1327 }
1328
1329 inc_ssn = iwl_mvm_enable_txq(mvm, sta, queue, ssn, &cfg, wdg_timeout);
1330
1331 /*
1332 * Mark queue as shared in transport if shared
1333 * Note this has to be done after queue enablement because enablement
1334 * can also set this value, and there is no indication there to shared
1335 * queues
1336 */
1337 if (shared_queue)
1338 iwl_trans_txq_set_shared_mode(mvm->trans, queue, true);
1339
1340 spin_lock_bh(&mvmsta->lock);
1341 /*
1342 * This looks racy, but it is not. We have only one packet for
1343 * this ra/tid in our Tx path since we stop the Qdisc when we
1344 * need to allocate a new TFD queue.
1345 */
1346 if (inc_ssn) {
1347 mvmsta->tid_data[tid].seq_number += 0x10;
1348 ssn = (ssn + 1) & IEEE80211_SCTL_SEQ;
1349 }
1350 mvmsta->tid_data[tid].txq_id = queue;
1351 mvmsta->tfd_queue_msk |= BIT(queue);
1352 queue_state = mvmsta->tid_data[tid].state;
1353
1354 if (mvmsta->reserved_queue == queue)
1355 mvmsta->reserved_queue = IEEE80211_INVAL_HW_QUEUE;
1356 spin_unlock_bh(&mvmsta->lock);
1357
1358 if (!shared_queue) {
1359 ret = iwl_mvm_sta_send_to_fw(mvm, sta, true, STA_MODIFY_QUEUES);
1360 if (ret)
1361 goto out_err;
1362
1363 /* If we need to re-enable aggregations... */
1364 if (queue_state == IWL_AGG_ON) {
1365 ret = iwl_mvm_sta_tx_agg(mvm, sta, tid, queue, true);
1366 if (ret)
1367 goto out_err;
1368 }
1369 } else {
1370 /* Redirect queue, if needed */
1371 ret = iwl_mvm_redirect_queue(mvm, queue, tid, ac, ssn,
1372 wdg_timeout, false,
1373 iwl_mvm_txq_from_tid(sta, tid));
1374 if (ret)
1375 goto out_err;
1376 }
1377
1378 return 0;
1379
1380 out_err:
1381 iwl_mvm_disable_txq(mvm, sta, queue, tid, 0);
1382
1383 return ret;
1384 }
1385
iwl_mvm_add_new_dqa_stream_wk(struct work_struct * wk)1386 void iwl_mvm_add_new_dqa_stream_wk(struct work_struct *wk)
1387 {
1388 struct iwl_mvm *mvm = container_of(wk, struct iwl_mvm,
1389 add_stream_wk);
1390
1391 mutex_lock(&mvm->mutex);
1392
1393 iwl_mvm_inactivity_check(mvm, IWL_MVM_INVALID_STA);
1394
1395 while (!list_empty(&mvm->add_stream_txqs)) {
1396 struct iwl_mvm_txq *mvmtxq;
1397 struct ieee80211_txq *txq;
1398 u8 tid;
1399
1400 mvmtxq = list_first_entry(&mvm->add_stream_txqs,
1401 struct iwl_mvm_txq, list);
1402
1403 txq = container_of((void *)mvmtxq, struct ieee80211_txq,
1404 drv_priv);
1405 tid = txq->tid;
1406 if (tid == IEEE80211_NUM_TIDS)
1407 tid = IWL_MAX_TID_COUNT;
1408
1409 /*
1410 * We can't really do much here, but if this fails we can't
1411 * transmit anyway - so just don't transmit the frame etc.
1412 * and let them back up ... we've tried our best to allocate
1413 * a queue in the function itself.
1414 */
1415 if (iwl_mvm_sta_alloc_queue(mvm, txq->sta, txq->ac, tid)) {
1416 list_del_init(&mvmtxq->list);
1417 continue;
1418 }
1419
1420 list_del_init(&mvmtxq->list);
1421 local_bh_disable();
1422 iwl_mvm_mac_itxq_xmit(mvm->hw, txq);
1423 local_bh_enable();
1424 }
1425
1426 mutex_unlock(&mvm->mutex);
1427 }
1428
iwl_mvm_reserve_sta_stream(struct iwl_mvm * mvm,struct ieee80211_sta * sta,enum nl80211_iftype vif_type)1429 static int iwl_mvm_reserve_sta_stream(struct iwl_mvm *mvm,
1430 struct ieee80211_sta *sta,
1431 enum nl80211_iftype vif_type)
1432 {
1433 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
1434 int queue;
1435
1436 /* queue reserving is disabled on new TX path */
1437 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
1438 return 0;
1439
1440 /* run the general cleanup/unsharing of queues */
1441 iwl_mvm_inactivity_check(mvm, IWL_MVM_INVALID_STA);
1442
1443 /* Make sure we have free resources for this STA */
1444 if (vif_type == NL80211_IFTYPE_STATION && !sta->tdls &&
1445 !mvm->queue_info[IWL_MVM_DQA_BSS_CLIENT_QUEUE].tid_bitmap &&
1446 (mvm->queue_info[IWL_MVM_DQA_BSS_CLIENT_QUEUE].status ==
1447 IWL_MVM_QUEUE_FREE))
1448 queue = IWL_MVM_DQA_BSS_CLIENT_QUEUE;
1449 else
1450 queue = iwl_mvm_find_free_queue(mvm, mvmsta->sta_id,
1451 IWL_MVM_DQA_MIN_DATA_QUEUE,
1452 IWL_MVM_DQA_MAX_DATA_QUEUE);
1453 if (queue < 0) {
1454 /* try again - this time kick out a queue if needed */
1455 queue = iwl_mvm_inactivity_check(mvm, mvmsta->sta_id);
1456 if (queue < 0) {
1457 IWL_ERR(mvm, "No available queues for new station\n");
1458 return -ENOSPC;
1459 }
1460 }
1461 mvm->queue_info[queue].status = IWL_MVM_QUEUE_RESERVED;
1462
1463 mvmsta->reserved_queue = queue;
1464
1465 IWL_DEBUG_TX_QUEUES(mvm, "Reserving data queue #%d for sta_id %d\n",
1466 queue, mvmsta->sta_id);
1467
1468 return 0;
1469 }
1470
1471 /*
1472 * In DQA mode, after a HW restart the queues should be allocated as before, in
1473 * order to avoid race conditions when there are shared queues. This function
1474 * does the re-mapping and queue allocation.
1475 *
1476 * Note that re-enabling aggregations isn't done in this function.
1477 */
iwl_mvm_realloc_queues_after_restart(struct iwl_mvm * mvm,struct ieee80211_sta * sta)1478 static void iwl_mvm_realloc_queues_after_restart(struct iwl_mvm *mvm,
1479 struct ieee80211_sta *sta)
1480 {
1481 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1482 unsigned int wdg =
1483 iwl_mvm_get_wd_timeout(mvm, mvm_sta->vif, false, false);
1484 int i;
1485 struct iwl_trans_txq_scd_cfg cfg = {
1486 .sta_id = mvm_sta->sta_id,
1487 .frame_limit = IWL_FRAME_LIMIT,
1488 };
1489
1490 /* Make sure reserved queue is still marked as such (if allocated) */
1491 if (mvm_sta->reserved_queue != IEEE80211_INVAL_HW_QUEUE)
1492 mvm->queue_info[mvm_sta->reserved_queue].status =
1493 IWL_MVM_QUEUE_RESERVED;
1494
1495 for (i = 0; i <= IWL_MAX_TID_COUNT; i++) {
1496 struct iwl_mvm_tid_data *tid_data = &mvm_sta->tid_data[i];
1497 int txq_id = tid_data->txq_id;
1498 int ac;
1499
1500 if (txq_id == IWL_MVM_INVALID_QUEUE)
1501 continue;
1502
1503 ac = tid_to_mac80211_ac[i];
1504
1505 if (iwl_mvm_has_new_tx_api(mvm)) {
1506 IWL_DEBUG_TX_QUEUES(mvm,
1507 "Re-mapping sta %d tid %d\n",
1508 mvm_sta->sta_id, i);
1509 txq_id = iwl_mvm_tvqm_enable_txq(mvm, mvm_sta->sta_id,
1510 i, wdg);
1511 /*
1512 * on failures, just set it to IWL_MVM_INVALID_QUEUE
1513 * to try again later, we have no other good way of
1514 * failing here
1515 */
1516 if (txq_id < 0)
1517 txq_id = IWL_MVM_INVALID_QUEUE;
1518 tid_data->txq_id = txq_id;
1519
1520 /*
1521 * Since we don't set the seq number after reset, and HW
1522 * sets it now, FW reset will cause the seq num to start
1523 * at 0 again, so driver will need to update it
1524 * internally as well, so it keeps in sync with real val
1525 */
1526 tid_data->seq_number = 0;
1527 } else {
1528 u16 seq = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
1529
1530 cfg.tid = i;
1531 cfg.fifo = iwl_mvm_mac_ac_to_tx_fifo(mvm, ac);
1532 cfg.aggregate = (txq_id >= IWL_MVM_DQA_MIN_DATA_QUEUE ||
1533 txq_id ==
1534 IWL_MVM_DQA_BSS_CLIENT_QUEUE);
1535
1536 IWL_DEBUG_TX_QUEUES(mvm,
1537 "Re-mapping sta %d tid %d to queue %d\n",
1538 mvm_sta->sta_id, i, txq_id);
1539
1540 iwl_mvm_enable_txq(mvm, sta, txq_id, seq, &cfg, wdg);
1541 mvm->queue_info[txq_id].status = IWL_MVM_QUEUE_READY;
1542 }
1543 }
1544 }
1545
iwl_mvm_add_int_sta_common(struct iwl_mvm * mvm,struct iwl_mvm_int_sta * sta,const u8 * addr,u16 mac_id,u16 color)1546 static int iwl_mvm_add_int_sta_common(struct iwl_mvm *mvm,
1547 struct iwl_mvm_int_sta *sta,
1548 const u8 *addr,
1549 u16 mac_id, u16 color)
1550 {
1551 struct iwl_mvm_add_sta_cmd cmd;
1552 int ret;
1553 u32 status = ADD_STA_SUCCESS;
1554
1555 lockdep_assert_held(&mvm->mutex);
1556
1557 memset(&cmd, 0, sizeof(cmd));
1558 cmd.sta_id = sta->sta_id;
1559
1560 if (iwl_fw_lookup_cmd_ver(mvm->fw, LONG_GROUP, ADD_STA,
1561 0) >= 12 &&
1562 sta->type == IWL_STA_AUX_ACTIVITY)
1563 cmd.mac_id_n_color = cpu_to_le32(mac_id);
1564 else
1565 cmd.mac_id_n_color = cpu_to_le32(FW_CMD_ID_AND_COLOR(mac_id,
1566 color));
1567
1568 if (fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE))
1569 cmd.station_type = sta->type;
1570
1571 if (!iwl_mvm_has_new_tx_api(mvm))
1572 cmd.tfd_queue_msk = cpu_to_le32(sta->tfd_queue_msk);
1573 cmd.tid_disable_tx = cpu_to_le16(0xffff);
1574
1575 if (addr)
1576 memcpy(cmd.addr, addr, ETH_ALEN);
1577
1578 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
1579 iwl_mvm_add_sta_cmd_size(mvm),
1580 &cmd, &status);
1581 if (ret)
1582 return ret;
1583
1584 switch (status & IWL_ADD_STA_STATUS_MASK) {
1585 case ADD_STA_SUCCESS:
1586 IWL_DEBUG_INFO(mvm, "Internal station added.\n");
1587 return 0;
1588 default:
1589 ret = -EIO;
1590 IWL_ERR(mvm, "Add internal station failed, status=0x%x\n",
1591 status);
1592 break;
1593 }
1594 return ret;
1595 }
1596
iwl_mvm_add_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta)1597 int iwl_mvm_add_sta(struct iwl_mvm *mvm,
1598 struct ieee80211_vif *vif,
1599 struct ieee80211_sta *sta)
1600 {
1601 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1602 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1603 struct iwl_mvm_rxq_dup_data *dup_data;
1604 int i, ret, sta_id;
1605 bool sta_update = false;
1606 unsigned int sta_flags = 0;
1607
1608 lockdep_assert_held(&mvm->mutex);
1609
1610 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status))
1611 sta_id = iwl_mvm_find_free_sta_id(mvm,
1612 ieee80211_vif_type_p2p(vif));
1613 else
1614 sta_id = mvm_sta->sta_id;
1615
1616 if (sta_id == IWL_MVM_INVALID_STA)
1617 return -ENOSPC;
1618
1619 spin_lock_init(&mvm_sta->lock);
1620
1621 /* if this is a HW restart re-alloc existing queues */
1622 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
1623 struct iwl_mvm_int_sta tmp_sta = {
1624 .sta_id = sta_id,
1625 .type = mvm_sta->sta_type,
1626 };
1627
1628 /*
1629 * First add an empty station since allocating
1630 * a queue requires a valid station
1631 */
1632 ret = iwl_mvm_add_int_sta_common(mvm, &tmp_sta, sta->addr,
1633 mvmvif->id, mvmvif->color);
1634 if (ret)
1635 goto err;
1636
1637 iwl_mvm_realloc_queues_after_restart(mvm, sta);
1638 sta_update = true;
1639 sta_flags = iwl_mvm_has_new_tx_api(mvm) ? 0 : STA_MODIFY_QUEUES;
1640 goto update_fw;
1641 }
1642
1643 mvm_sta->sta_id = sta_id;
1644 mvm_sta->mac_id_n_color = FW_CMD_ID_AND_COLOR(mvmvif->id,
1645 mvmvif->color);
1646 mvm_sta->vif = vif;
1647 if (!mvm->trans->trans_cfg->gen2)
1648 mvm_sta->max_agg_bufsize = LINK_QUAL_AGG_FRAME_LIMIT_DEF;
1649 else
1650 mvm_sta->max_agg_bufsize = LINK_QUAL_AGG_FRAME_LIMIT_GEN2_DEF;
1651 mvm_sta->tx_protection = 0;
1652 mvm_sta->tt_tx_protection = false;
1653 mvm_sta->sta_type = sta->tdls ? IWL_STA_TDLS_LINK : IWL_STA_LINK;
1654
1655 /* HW restart, don't assume the memory has been zeroed */
1656 mvm_sta->tid_disable_agg = 0xffff; /* No aggs at first */
1657 mvm_sta->tfd_queue_msk = 0;
1658
1659 /* for HW restart - reset everything but the sequence number */
1660 for (i = 0; i <= IWL_MAX_TID_COUNT; i++) {
1661 u16 seq = mvm_sta->tid_data[i].seq_number;
1662 memset(&mvm_sta->tid_data[i], 0, sizeof(mvm_sta->tid_data[i]));
1663 mvm_sta->tid_data[i].seq_number = seq;
1664
1665 /*
1666 * Mark all queues for this STA as unallocated and defer TX
1667 * frames until the queue is allocated
1668 */
1669 mvm_sta->tid_data[i].txq_id = IWL_MVM_INVALID_QUEUE;
1670 }
1671
1672 for (i = 0; i < ARRAY_SIZE(sta->txq); i++) {
1673 struct iwl_mvm_txq *mvmtxq =
1674 iwl_mvm_txq_from_mac80211(sta->txq[i]);
1675
1676 mvmtxq->txq_id = IWL_MVM_INVALID_QUEUE;
1677 INIT_LIST_HEAD(&mvmtxq->list);
1678 atomic_set(&mvmtxq->tx_request, 0);
1679 }
1680
1681 mvm_sta->agg_tids = 0;
1682
1683 if (iwl_mvm_has_new_rx_api(mvm) &&
1684 !test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
1685 int q;
1686
1687 dup_data = kcalloc(mvm->trans->num_rx_queues,
1688 sizeof(*dup_data), GFP_KERNEL);
1689 if (!dup_data)
1690 return -ENOMEM;
1691 /*
1692 * Initialize all the last_seq values to 0xffff which can never
1693 * compare equal to the frame's seq_ctrl in the check in
1694 * iwl_mvm_is_dup() since the lower 4 bits are the fragment
1695 * number and fragmented packets don't reach that function.
1696 *
1697 * This thus allows receiving a packet with seqno 0 and the
1698 * retry bit set as the very first packet on a new TID.
1699 */
1700 for (q = 0; q < mvm->trans->num_rx_queues; q++)
1701 memset(dup_data[q].last_seq, 0xff,
1702 sizeof(dup_data[q].last_seq));
1703 mvm_sta->dup_data = dup_data;
1704 }
1705
1706 if (!iwl_mvm_has_new_tx_api(mvm)) {
1707 ret = iwl_mvm_reserve_sta_stream(mvm, sta,
1708 ieee80211_vif_type_p2p(vif));
1709 if (ret)
1710 goto err;
1711 }
1712
1713 /*
1714 * if rs is registered with mac80211, then "add station" will be handled
1715 * via the corresponding ops, otherwise need to notify rate scaling here
1716 */
1717 if (iwl_mvm_has_tlc_offload(mvm))
1718 iwl_mvm_rs_add_sta(mvm, mvm_sta);
1719 else
1720 spin_lock_init(&mvm_sta->lq_sta.rs_drv.pers.lock);
1721
1722 iwl_mvm_toggle_tx_ant(mvm, &mvm_sta->tx_ant);
1723
1724 update_fw:
1725 ret = iwl_mvm_sta_send_to_fw(mvm, sta, sta_update, sta_flags);
1726 if (ret)
1727 goto err;
1728
1729 if (vif->type == NL80211_IFTYPE_STATION) {
1730 if (!sta->tdls) {
1731 WARN_ON(mvmvif->ap_sta_id != IWL_MVM_INVALID_STA);
1732 mvmvif->ap_sta_id = sta_id;
1733 } else {
1734 WARN_ON(mvmvif->ap_sta_id == IWL_MVM_INVALID_STA);
1735 }
1736 }
1737
1738 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta_id], sta);
1739
1740 return 0;
1741
1742 err:
1743 return ret;
1744 }
1745
iwl_mvm_drain_sta(struct iwl_mvm * mvm,struct iwl_mvm_sta * mvmsta,bool drain)1746 int iwl_mvm_drain_sta(struct iwl_mvm *mvm, struct iwl_mvm_sta *mvmsta,
1747 bool drain)
1748 {
1749 struct iwl_mvm_add_sta_cmd cmd = {};
1750 int ret;
1751 u32 status;
1752
1753 lockdep_assert_held(&mvm->mutex);
1754
1755 cmd.mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color);
1756 cmd.sta_id = mvmsta->sta_id;
1757 cmd.add_modify = STA_MODE_MODIFY;
1758 cmd.station_flags = drain ? cpu_to_le32(STA_FLG_DRAIN_FLOW) : 0;
1759 cmd.station_flags_msk = cpu_to_le32(STA_FLG_DRAIN_FLOW);
1760
1761 status = ADD_STA_SUCCESS;
1762 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
1763 iwl_mvm_add_sta_cmd_size(mvm),
1764 &cmd, &status);
1765 if (ret)
1766 return ret;
1767
1768 switch (status & IWL_ADD_STA_STATUS_MASK) {
1769 case ADD_STA_SUCCESS:
1770 IWL_DEBUG_INFO(mvm, "Frames for staid %d will drained in fw\n",
1771 mvmsta->sta_id);
1772 break;
1773 default:
1774 ret = -EIO;
1775 IWL_ERR(mvm, "Couldn't drain frames for staid %d\n",
1776 mvmsta->sta_id);
1777 break;
1778 }
1779
1780 return ret;
1781 }
1782
1783 /*
1784 * Remove a station from the FW table. Before sending the command to remove
1785 * the station validate that the station is indeed known to the driver (sanity
1786 * only).
1787 */
iwl_mvm_rm_sta_common(struct iwl_mvm * mvm,u8 sta_id)1788 static int iwl_mvm_rm_sta_common(struct iwl_mvm *mvm, u8 sta_id)
1789 {
1790 struct ieee80211_sta *sta;
1791 struct iwl_mvm_rm_sta_cmd rm_sta_cmd = {
1792 .sta_id = sta_id,
1793 };
1794 int ret;
1795
1796 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
1797 lockdep_is_held(&mvm->mutex));
1798
1799 /* Note: internal stations are marked as error values */
1800 if (!sta) {
1801 IWL_ERR(mvm, "Invalid station id\n");
1802 return -EINVAL;
1803 }
1804
1805 ret = iwl_mvm_send_cmd_pdu(mvm, REMOVE_STA, 0,
1806 sizeof(rm_sta_cmd), &rm_sta_cmd);
1807 if (ret) {
1808 IWL_ERR(mvm, "Failed to remove station. Id=%d\n", sta_id);
1809 return ret;
1810 }
1811
1812 return 0;
1813 }
1814
iwl_mvm_disable_sta_queues(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta)1815 static void iwl_mvm_disable_sta_queues(struct iwl_mvm *mvm,
1816 struct ieee80211_vif *vif,
1817 struct ieee80211_sta *sta)
1818 {
1819 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1820 int i;
1821
1822 lockdep_assert_held(&mvm->mutex);
1823
1824 for (i = 0; i < ARRAY_SIZE(mvm_sta->tid_data); i++) {
1825 if (mvm_sta->tid_data[i].txq_id == IWL_MVM_INVALID_QUEUE)
1826 continue;
1827
1828 iwl_mvm_disable_txq(mvm, sta, mvm_sta->tid_data[i].txq_id, i,
1829 0);
1830 mvm_sta->tid_data[i].txq_id = IWL_MVM_INVALID_QUEUE;
1831 }
1832
1833 for (i = 0; i < ARRAY_SIZE(sta->txq); i++) {
1834 struct iwl_mvm_txq *mvmtxq =
1835 iwl_mvm_txq_from_mac80211(sta->txq[i]);
1836
1837 mvmtxq->txq_id = IWL_MVM_INVALID_QUEUE;
1838 }
1839 }
1840
iwl_mvm_wait_sta_queues_empty(struct iwl_mvm * mvm,struct iwl_mvm_sta * mvm_sta)1841 int iwl_mvm_wait_sta_queues_empty(struct iwl_mvm *mvm,
1842 struct iwl_mvm_sta *mvm_sta)
1843 {
1844 int i;
1845
1846 for (i = 0; i < ARRAY_SIZE(mvm_sta->tid_data); i++) {
1847 u16 txq_id;
1848 int ret;
1849
1850 spin_lock_bh(&mvm_sta->lock);
1851 txq_id = mvm_sta->tid_data[i].txq_id;
1852 spin_unlock_bh(&mvm_sta->lock);
1853
1854 if (txq_id == IWL_MVM_INVALID_QUEUE)
1855 continue;
1856
1857 ret = iwl_trans_wait_txq_empty(mvm->trans, txq_id);
1858 if (ret)
1859 return ret;
1860 }
1861
1862 return 0;
1863 }
1864
iwl_mvm_rm_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta)1865 int iwl_mvm_rm_sta(struct iwl_mvm *mvm,
1866 struct ieee80211_vif *vif,
1867 struct ieee80211_sta *sta)
1868 {
1869 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1870 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
1871 u8 sta_id = mvm_sta->sta_id;
1872 int ret;
1873
1874 lockdep_assert_held(&mvm->mutex);
1875
1876 if (iwl_mvm_has_new_rx_api(mvm))
1877 kfree(mvm_sta->dup_data);
1878
1879 ret = iwl_mvm_drain_sta(mvm, mvm_sta, true);
1880 if (ret)
1881 return ret;
1882
1883 /* flush its queues here since we are freeing mvm_sta */
1884 ret = iwl_mvm_flush_sta(mvm, mvm_sta, false);
1885 if (ret)
1886 return ret;
1887 if (iwl_mvm_has_new_tx_api(mvm)) {
1888 ret = iwl_mvm_wait_sta_queues_empty(mvm, mvm_sta);
1889 } else {
1890 u32 q_mask = mvm_sta->tfd_queue_msk;
1891
1892 ret = iwl_trans_wait_tx_queues_empty(mvm->trans,
1893 q_mask);
1894 }
1895 if (ret)
1896 return ret;
1897
1898 ret = iwl_mvm_drain_sta(mvm, mvm_sta, false);
1899
1900 iwl_mvm_disable_sta_queues(mvm, vif, sta);
1901
1902 /* If there is a TXQ still marked as reserved - free it */
1903 if (mvm_sta->reserved_queue != IEEE80211_INVAL_HW_QUEUE) {
1904 u8 reserved_txq = mvm_sta->reserved_queue;
1905 enum iwl_mvm_queue_status *status;
1906
1907 /*
1908 * If no traffic has gone through the reserved TXQ - it
1909 * is still marked as IWL_MVM_QUEUE_RESERVED, and
1910 * should be manually marked as free again
1911 */
1912 status = &mvm->queue_info[reserved_txq].status;
1913 if (WARN((*status != IWL_MVM_QUEUE_RESERVED) &&
1914 (*status != IWL_MVM_QUEUE_FREE),
1915 "sta_id %d reserved txq %d status %d",
1916 sta_id, reserved_txq, *status))
1917 return -EINVAL;
1918
1919 *status = IWL_MVM_QUEUE_FREE;
1920 }
1921
1922 if (vif->type == NL80211_IFTYPE_STATION &&
1923 mvmvif->ap_sta_id == sta_id) {
1924 /* if associated - we can't remove the AP STA now */
1925 if (vif->bss_conf.assoc)
1926 return ret;
1927
1928 /* unassoc - go ahead - remove the AP STA now */
1929 mvmvif->ap_sta_id = IWL_MVM_INVALID_STA;
1930 }
1931
1932 /*
1933 * This shouldn't happen - the TDLS channel switch should be canceled
1934 * before the STA is removed.
1935 */
1936 if (WARN_ON_ONCE(mvm->tdls_cs.peer.sta_id == sta_id)) {
1937 mvm->tdls_cs.peer.sta_id = IWL_MVM_INVALID_STA;
1938 cancel_delayed_work(&mvm->tdls_cs.dwork);
1939 }
1940
1941 /*
1942 * Make sure that the tx response code sees the station as -EBUSY and
1943 * calls the drain worker.
1944 */
1945 spin_lock_bh(&mvm_sta->lock);
1946 spin_unlock_bh(&mvm_sta->lock);
1947
1948 ret = iwl_mvm_rm_sta_common(mvm, mvm_sta->sta_id);
1949 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[mvm_sta->sta_id], NULL);
1950
1951 return ret;
1952 }
1953
iwl_mvm_rm_sta_id(struct iwl_mvm * mvm,struct ieee80211_vif * vif,u8 sta_id)1954 int iwl_mvm_rm_sta_id(struct iwl_mvm *mvm,
1955 struct ieee80211_vif *vif,
1956 u8 sta_id)
1957 {
1958 int ret = iwl_mvm_rm_sta_common(mvm, sta_id);
1959
1960 lockdep_assert_held(&mvm->mutex);
1961
1962 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta_id], NULL);
1963 return ret;
1964 }
1965
iwl_mvm_allocate_int_sta(struct iwl_mvm * mvm,struct iwl_mvm_int_sta * sta,u32 qmask,enum nl80211_iftype iftype,enum iwl_sta_type type)1966 int iwl_mvm_allocate_int_sta(struct iwl_mvm *mvm,
1967 struct iwl_mvm_int_sta *sta,
1968 u32 qmask, enum nl80211_iftype iftype,
1969 enum iwl_sta_type type)
1970 {
1971 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) ||
1972 sta->sta_id == IWL_MVM_INVALID_STA) {
1973 sta->sta_id = iwl_mvm_find_free_sta_id(mvm, iftype);
1974 if (WARN_ON_ONCE(sta->sta_id == IWL_MVM_INVALID_STA))
1975 return -ENOSPC;
1976 }
1977
1978 sta->tfd_queue_msk = qmask;
1979 sta->type = type;
1980
1981 /* put a non-NULL value so iterating over the stations won't stop */
1982 rcu_assign_pointer(mvm->fw_id_to_mac_id[sta->sta_id], ERR_PTR(-EINVAL));
1983 return 0;
1984 }
1985
iwl_mvm_dealloc_int_sta(struct iwl_mvm * mvm,struct iwl_mvm_int_sta * sta)1986 void iwl_mvm_dealloc_int_sta(struct iwl_mvm *mvm, struct iwl_mvm_int_sta *sta)
1987 {
1988 RCU_INIT_POINTER(mvm->fw_id_to_mac_id[sta->sta_id], NULL);
1989 memset(sta, 0, sizeof(struct iwl_mvm_int_sta));
1990 sta->sta_id = IWL_MVM_INVALID_STA;
1991 }
1992
iwl_mvm_enable_aux_snif_queue(struct iwl_mvm * mvm,u16 queue,u8 sta_id,u8 fifo)1993 static void iwl_mvm_enable_aux_snif_queue(struct iwl_mvm *mvm, u16 queue,
1994 u8 sta_id, u8 fifo)
1995 {
1996 unsigned int wdg_timeout =
1997 mvm->trans->trans_cfg->base_params->wd_timeout;
1998 struct iwl_trans_txq_scd_cfg cfg = {
1999 .fifo = fifo,
2000 .sta_id = sta_id,
2001 .tid = IWL_MAX_TID_COUNT,
2002 .aggregate = false,
2003 .frame_limit = IWL_FRAME_LIMIT,
2004 };
2005
2006 WARN_ON(iwl_mvm_has_new_tx_api(mvm));
2007
2008 iwl_mvm_enable_txq(mvm, NULL, queue, 0, &cfg, wdg_timeout);
2009 }
2010
iwl_mvm_enable_aux_snif_queue_tvqm(struct iwl_mvm * mvm,u8 sta_id)2011 static int iwl_mvm_enable_aux_snif_queue_tvqm(struct iwl_mvm *mvm, u8 sta_id)
2012 {
2013 unsigned int wdg_timeout =
2014 mvm->trans->trans_cfg->base_params->wd_timeout;
2015
2016 WARN_ON(!iwl_mvm_has_new_tx_api(mvm));
2017
2018 return iwl_mvm_tvqm_enable_txq(mvm, sta_id, IWL_MAX_TID_COUNT,
2019 wdg_timeout);
2020 }
2021
iwl_mvm_add_int_sta_with_queue(struct iwl_mvm * mvm,int macidx,int maccolor,u8 * addr,struct iwl_mvm_int_sta * sta,u16 * queue,int fifo)2022 static int iwl_mvm_add_int_sta_with_queue(struct iwl_mvm *mvm, int macidx,
2023 int maccolor, u8 *addr,
2024 struct iwl_mvm_int_sta *sta,
2025 u16 *queue, int fifo)
2026 {
2027 int ret;
2028
2029 /* Map queue to fifo - needs to happen before adding station */
2030 if (!iwl_mvm_has_new_tx_api(mvm))
2031 iwl_mvm_enable_aux_snif_queue(mvm, *queue, sta->sta_id, fifo);
2032
2033 ret = iwl_mvm_add_int_sta_common(mvm, sta, addr, macidx, maccolor);
2034 if (ret) {
2035 if (!iwl_mvm_has_new_tx_api(mvm))
2036 iwl_mvm_disable_txq(mvm, NULL, *queue,
2037 IWL_MAX_TID_COUNT, 0);
2038 return ret;
2039 }
2040
2041 /*
2042 * For 22000 firmware and on we cannot add queue to a station unknown
2043 * to firmware so enable queue here - after the station was added
2044 */
2045 if (iwl_mvm_has_new_tx_api(mvm)) {
2046 int txq;
2047
2048 txq = iwl_mvm_enable_aux_snif_queue_tvqm(mvm, sta->sta_id);
2049 if (txq < 0) {
2050 iwl_mvm_rm_sta_common(mvm, sta->sta_id);
2051 return txq;
2052 }
2053
2054 *queue = txq;
2055 }
2056
2057 return 0;
2058 }
2059
iwl_mvm_add_aux_sta(struct iwl_mvm * mvm,u32 lmac_id)2060 int iwl_mvm_add_aux_sta(struct iwl_mvm *mvm, u32 lmac_id)
2061 {
2062 int ret;
2063
2064 lockdep_assert_held(&mvm->mutex);
2065
2066 /* Allocate aux station and assign to it the aux queue */
2067 ret = iwl_mvm_allocate_int_sta(mvm, &mvm->aux_sta, BIT(mvm->aux_queue),
2068 NL80211_IFTYPE_UNSPECIFIED,
2069 IWL_STA_AUX_ACTIVITY);
2070 if (ret)
2071 return ret;
2072
2073 /*
2074 * In CDB NICs we need to specify which lmac to use for aux activity
2075 * using the mac_id argument place to send lmac_id to the function
2076 */
2077 ret = iwl_mvm_add_int_sta_with_queue(mvm, lmac_id, 0, NULL,
2078 &mvm->aux_sta, &mvm->aux_queue,
2079 IWL_MVM_TX_FIFO_MCAST);
2080 if (ret) {
2081 iwl_mvm_dealloc_int_sta(mvm, &mvm->aux_sta);
2082 return ret;
2083 }
2084
2085 return 0;
2086 }
2087
iwl_mvm_add_snif_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2088 int iwl_mvm_add_snif_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2089 {
2090 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2091
2092 lockdep_assert_held(&mvm->mutex);
2093
2094 return iwl_mvm_add_int_sta_with_queue(mvm, mvmvif->id, mvmvif->color,
2095 NULL, &mvm->snif_sta,
2096 &mvm->snif_queue,
2097 IWL_MVM_TX_FIFO_BE);
2098 }
2099
iwl_mvm_rm_snif_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2100 int iwl_mvm_rm_snif_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2101 {
2102 int ret;
2103
2104 lockdep_assert_held(&mvm->mutex);
2105
2106 iwl_mvm_disable_txq(mvm, NULL, mvm->snif_queue, IWL_MAX_TID_COUNT, 0);
2107 ret = iwl_mvm_rm_sta_common(mvm, mvm->snif_sta.sta_id);
2108 if (ret)
2109 IWL_WARN(mvm, "Failed sending remove station\n");
2110
2111 return ret;
2112 }
2113
iwl_mvm_rm_aux_sta(struct iwl_mvm * mvm)2114 int iwl_mvm_rm_aux_sta(struct iwl_mvm *mvm)
2115 {
2116 int ret;
2117
2118 lockdep_assert_held(&mvm->mutex);
2119
2120 iwl_mvm_disable_txq(mvm, NULL, mvm->aux_queue, IWL_MAX_TID_COUNT, 0);
2121 ret = iwl_mvm_rm_sta_common(mvm, mvm->aux_sta.sta_id);
2122 if (ret)
2123 IWL_WARN(mvm, "Failed sending remove station\n");
2124 iwl_mvm_dealloc_int_sta(mvm, &mvm->aux_sta);
2125
2126 return ret;
2127 }
2128
iwl_mvm_dealloc_snif_sta(struct iwl_mvm * mvm)2129 void iwl_mvm_dealloc_snif_sta(struct iwl_mvm *mvm)
2130 {
2131 iwl_mvm_dealloc_int_sta(mvm, &mvm->snif_sta);
2132 }
2133
2134 /*
2135 * Send the add station command for the vif's broadcast station.
2136 * Assumes that the station was already allocated.
2137 *
2138 * @mvm: the mvm component
2139 * @vif: the interface to which the broadcast station is added
2140 * @bsta: the broadcast station to add.
2141 */
iwl_mvm_send_add_bcast_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2142 int iwl_mvm_send_add_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2143 {
2144 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2145 struct iwl_mvm_int_sta *bsta = &mvmvif->bcast_sta;
2146 static const u8 _baddr[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
2147 const u8 *baddr = _baddr;
2148 int queue;
2149 int ret;
2150 unsigned int wdg_timeout =
2151 iwl_mvm_get_wd_timeout(mvm, vif, false, false);
2152 struct iwl_trans_txq_scd_cfg cfg = {
2153 .fifo = IWL_MVM_TX_FIFO_VO,
2154 .sta_id = mvmvif->bcast_sta.sta_id,
2155 .tid = IWL_MAX_TID_COUNT,
2156 .aggregate = false,
2157 .frame_limit = IWL_FRAME_LIMIT,
2158 };
2159
2160 lockdep_assert_held(&mvm->mutex);
2161
2162 if (!iwl_mvm_has_new_tx_api(mvm)) {
2163 if (vif->type == NL80211_IFTYPE_AP ||
2164 vif->type == NL80211_IFTYPE_ADHOC) {
2165 queue = mvm->probe_queue;
2166 } else if (vif->type == NL80211_IFTYPE_P2P_DEVICE) {
2167 queue = mvm->p2p_dev_queue;
2168 } else {
2169 WARN(1, "Missing required TXQ for adding bcast STA\n");
2170 return -EINVAL;
2171 }
2172
2173 bsta->tfd_queue_msk |= BIT(queue);
2174
2175 iwl_mvm_enable_txq(mvm, NULL, queue, 0, &cfg, wdg_timeout);
2176 }
2177
2178 if (vif->type == NL80211_IFTYPE_ADHOC)
2179 baddr = vif->bss_conf.bssid;
2180
2181 if (WARN_ON_ONCE(bsta->sta_id == IWL_MVM_INVALID_STA))
2182 return -ENOSPC;
2183
2184 ret = iwl_mvm_add_int_sta_common(mvm, bsta, baddr,
2185 mvmvif->id, mvmvif->color);
2186 if (ret)
2187 return ret;
2188
2189 /*
2190 * For 22000 firmware and on we cannot add queue to a station unknown
2191 * to firmware so enable queue here - after the station was added
2192 */
2193 if (iwl_mvm_has_new_tx_api(mvm)) {
2194 queue = iwl_mvm_tvqm_enable_txq(mvm, bsta->sta_id,
2195 IWL_MAX_TID_COUNT,
2196 wdg_timeout);
2197 if (queue < 0) {
2198 iwl_mvm_rm_sta_common(mvm, bsta->sta_id);
2199 return queue;
2200 }
2201
2202 if (vif->type == NL80211_IFTYPE_AP ||
2203 vif->type == NL80211_IFTYPE_ADHOC)
2204 mvm->probe_queue = queue;
2205 else if (vif->type == NL80211_IFTYPE_P2P_DEVICE)
2206 mvm->p2p_dev_queue = queue;
2207 }
2208
2209 return 0;
2210 }
2211
iwl_mvm_free_bcast_sta_queues(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2212 static void iwl_mvm_free_bcast_sta_queues(struct iwl_mvm *mvm,
2213 struct ieee80211_vif *vif)
2214 {
2215 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2216 int queue;
2217
2218 lockdep_assert_held(&mvm->mutex);
2219
2220 iwl_mvm_flush_sta(mvm, &mvmvif->bcast_sta, true);
2221
2222 switch (vif->type) {
2223 case NL80211_IFTYPE_AP:
2224 case NL80211_IFTYPE_ADHOC:
2225 queue = mvm->probe_queue;
2226 break;
2227 case NL80211_IFTYPE_P2P_DEVICE:
2228 queue = mvm->p2p_dev_queue;
2229 break;
2230 default:
2231 WARN(1, "Can't free bcast queue on vif type %d\n",
2232 vif->type);
2233 return;
2234 }
2235
2236 iwl_mvm_disable_txq(mvm, NULL, queue, IWL_MAX_TID_COUNT, 0);
2237 if (iwl_mvm_has_new_tx_api(mvm))
2238 return;
2239
2240 WARN_ON(!(mvmvif->bcast_sta.tfd_queue_msk & BIT(queue)));
2241 mvmvif->bcast_sta.tfd_queue_msk &= ~BIT(queue);
2242 }
2243
2244 /* Send the FW a request to remove the station from it's internal data
2245 * structures, but DO NOT remove the entry from the local data structures. */
iwl_mvm_send_rm_bcast_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2246 int iwl_mvm_send_rm_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2247 {
2248 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2249 int ret;
2250
2251 lockdep_assert_held(&mvm->mutex);
2252
2253 iwl_mvm_free_bcast_sta_queues(mvm, vif);
2254
2255 ret = iwl_mvm_rm_sta_common(mvm, mvmvif->bcast_sta.sta_id);
2256 if (ret)
2257 IWL_WARN(mvm, "Failed sending remove station\n");
2258 return ret;
2259 }
2260
iwl_mvm_alloc_bcast_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2261 int iwl_mvm_alloc_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2262 {
2263 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2264
2265 lockdep_assert_held(&mvm->mutex);
2266
2267 return iwl_mvm_allocate_int_sta(mvm, &mvmvif->bcast_sta, 0,
2268 ieee80211_vif_type_p2p(vif),
2269 IWL_STA_GENERAL_PURPOSE);
2270 }
2271
2272 /* Allocate a new station entry for the broadcast station to the given vif,
2273 * and send it to the FW.
2274 * Note that each P2P mac should have its own broadcast station.
2275 *
2276 * @mvm: the mvm component
2277 * @vif: the interface to which the broadcast station is added
2278 * @bsta: the broadcast station to add. */
iwl_mvm_add_p2p_bcast_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2279 int iwl_mvm_add_p2p_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2280 {
2281 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2282 struct iwl_mvm_int_sta *bsta = &mvmvif->bcast_sta;
2283 int ret;
2284
2285 lockdep_assert_held(&mvm->mutex);
2286
2287 ret = iwl_mvm_alloc_bcast_sta(mvm, vif);
2288 if (ret)
2289 return ret;
2290
2291 ret = iwl_mvm_send_add_bcast_sta(mvm, vif);
2292
2293 if (ret)
2294 iwl_mvm_dealloc_int_sta(mvm, bsta);
2295
2296 return ret;
2297 }
2298
iwl_mvm_dealloc_bcast_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2299 void iwl_mvm_dealloc_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2300 {
2301 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2302
2303 iwl_mvm_dealloc_int_sta(mvm, &mvmvif->bcast_sta);
2304 }
2305
2306 /*
2307 * Send the FW a request to remove the station from it's internal data
2308 * structures, and in addition remove it from the local data structure.
2309 */
iwl_mvm_rm_p2p_bcast_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2310 int iwl_mvm_rm_p2p_bcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2311 {
2312 int ret;
2313
2314 lockdep_assert_held(&mvm->mutex);
2315
2316 ret = iwl_mvm_send_rm_bcast_sta(mvm, vif);
2317
2318 iwl_mvm_dealloc_bcast_sta(mvm, vif);
2319
2320 return ret;
2321 }
2322
2323 /*
2324 * Allocate a new station entry for the multicast station to the given vif,
2325 * and send it to the FW.
2326 * Note that each AP/GO mac should have its own multicast station.
2327 *
2328 * @mvm: the mvm component
2329 * @vif: the interface to which the multicast station is added
2330 */
iwl_mvm_add_mcast_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2331 int iwl_mvm_add_mcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2332 {
2333 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2334 struct iwl_mvm_int_sta *msta = &mvmvif->mcast_sta;
2335 static const u8 _maddr[] = {0x03, 0x00, 0x00, 0x00, 0x00, 0x00};
2336 const u8 *maddr = _maddr;
2337 struct iwl_trans_txq_scd_cfg cfg = {
2338 .fifo = vif->type == NL80211_IFTYPE_AP ?
2339 IWL_MVM_TX_FIFO_MCAST : IWL_MVM_TX_FIFO_BE,
2340 .sta_id = msta->sta_id,
2341 .tid = 0,
2342 .aggregate = false,
2343 .frame_limit = IWL_FRAME_LIMIT,
2344 };
2345 unsigned int timeout = iwl_mvm_get_wd_timeout(mvm, vif, false, false);
2346 int ret;
2347
2348 lockdep_assert_held(&mvm->mutex);
2349
2350 if (WARN_ON(vif->type != NL80211_IFTYPE_AP &&
2351 vif->type != NL80211_IFTYPE_ADHOC))
2352 return -ENOTSUPP;
2353
2354 /*
2355 * In IBSS, ieee80211_check_queues() sets the cab_queue to be
2356 * invalid, so make sure we use the queue we want.
2357 * Note that this is done here as we want to avoid making DQA
2358 * changes in mac80211 layer.
2359 */
2360 if (vif->type == NL80211_IFTYPE_ADHOC)
2361 mvmvif->cab_queue = IWL_MVM_DQA_GCAST_QUEUE;
2362
2363 /*
2364 * While in previous FWs we had to exclude cab queue from TFD queue
2365 * mask, now it is needed as any other queue.
2366 */
2367 if (!iwl_mvm_has_new_tx_api(mvm) &&
2368 fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE)) {
2369 iwl_mvm_enable_txq(mvm, NULL, mvmvif->cab_queue, 0, &cfg,
2370 timeout);
2371 msta->tfd_queue_msk |= BIT(mvmvif->cab_queue);
2372 }
2373 ret = iwl_mvm_add_int_sta_common(mvm, msta, maddr,
2374 mvmvif->id, mvmvif->color);
2375 if (ret)
2376 goto err;
2377
2378 /*
2379 * Enable cab queue after the ADD_STA command is sent.
2380 * This is needed for 22000 firmware which won't accept SCD_QUEUE_CFG
2381 * command with unknown station id, and for FW that doesn't support
2382 * station API since the cab queue is not included in the
2383 * tfd_queue_mask.
2384 */
2385 if (iwl_mvm_has_new_tx_api(mvm)) {
2386 int queue = iwl_mvm_tvqm_enable_txq(mvm, msta->sta_id,
2387 0,
2388 timeout);
2389 if (queue < 0) {
2390 ret = queue;
2391 goto err;
2392 }
2393 mvmvif->cab_queue = queue;
2394 } else if (!fw_has_api(&mvm->fw->ucode_capa,
2395 IWL_UCODE_TLV_API_STA_TYPE))
2396 iwl_mvm_enable_txq(mvm, NULL, mvmvif->cab_queue, 0, &cfg,
2397 timeout);
2398
2399 return 0;
2400 err:
2401 iwl_mvm_dealloc_int_sta(mvm, msta);
2402 return ret;
2403 }
2404
__iwl_mvm_remove_sta_key(struct iwl_mvm * mvm,u8 sta_id,struct ieee80211_key_conf * keyconf,bool mcast)2405 static int __iwl_mvm_remove_sta_key(struct iwl_mvm *mvm, u8 sta_id,
2406 struct ieee80211_key_conf *keyconf,
2407 bool mcast)
2408 {
2409 union {
2410 struct iwl_mvm_add_sta_key_cmd_v1 cmd_v1;
2411 struct iwl_mvm_add_sta_key_cmd cmd;
2412 } u = {};
2413 bool new_api = fw_has_api(&mvm->fw->ucode_capa,
2414 IWL_UCODE_TLV_API_TKIP_MIC_KEYS);
2415 __le16 key_flags;
2416 int ret, size;
2417 u32 status;
2418
2419 /* This is a valid situation for GTK removal */
2420 if (sta_id == IWL_MVM_INVALID_STA)
2421 return 0;
2422
2423 key_flags = cpu_to_le16((keyconf->keyidx << STA_KEY_FLG_KEYID_POS) &
2424 STA_KEY_FLG_KEYID_MSK);
2425 key_flags |= cpu_to_le16(STA_KEY_FLG_NO_ENC | STA_KEY_FLG_WEP_KEY_MAP);
2426 key_flags |= cpu_to_le16(STA_KEY_NOT_VALID);
2427
2428 if (mcast)
2429 key_flags |= cpu_to_le16(STA_KEY_MULTICAST);
2430
2431 /*
2432 * The fields assigned here are in the same location at the start
2433 * of the command, so we can do this union trick.
2434 */
2435 u.cmd.common.key_flags = key_flags;
2436 u.cmd.common.key_offset = keyconf->hw_key_idx;
2437 u.cmd.common.sta_id = sta_id;
2438
2439 size = new_api ? sizeof(u.cmd) : sizeof(u.cmd_v1);
2440
2441 status = ADD_STA_SUCCESS;
2442 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, size, &u.cmd,
2443 &status);
2444
2445 switch (status) {
2446 case ADD_STA_SUCCESS:
2447 IWL_DEBUG_WEP(mvm, "MODIFY_STA: remove sta key passed\n");
2448 break;
2449 default:
2450 ret = -EIO;
2451 IWL_ERR(mvm, "MODIFY_STA: remove sta key failed\n");
2452 break;
2453 }
2454
2455 return ret;
2456 }
2457
2458 /*
2459 * Send the FW a request to remove the station from it's internal data
2460 * structures, and in addition remove it from the local data structure.
2461 */
iwl_mvm_rm_mcast_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif)2462 int iwl_mvm_rm_mcast_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
2463 {
2464 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2465 int ret;
2466
2467 lockdep_assert_held(&mvm->mutex);
2468
2469 iwl_mvm_flush_sta(mvm, &mvmvif->mcast_sta, true);
2470
2471 iwl_mvm_disable_txq(mvm, NULL, mvmvif->cab_queue, 0, 0);
2472
2473 ret = iwl_mvm_rm_sta_common(mvm, mvmvif->mcast_sta.sta_id);
2474 if (ret)
2475 IWL_WARN(mvm, "Failed sending remove station\n");
2476
2477 return ret;
2478 }
2479
2480 #define IWL_MAX_RX_BA_SESSIONS 16
2481
iwl_mvm_sync_rxq_del_ba(struct iwl_mvm * mvm,u8 baid)2482 static void iwl_mvm_sync_rxq_del_ba(struct iwl_mvm *mvm, u8 baid)
2483 {
2484 struct iwl_mvm_rss_sync_notif notif = {
2485 .metadata.type = IWL_MVM_RXQ_NOTIF_DEL_BA,
2486 .metadata.sync = 1,
2487 .delba.baid = baid,
2488 };
2489 iwl_mvm_sync_rx_queues_internal(mvm, (void *)¬if, sizeof(notif));
2490 };
2491
iwl_mvm_free_reorder(struct iwl_mvm * mvm,struct iwl_mvm_baid_data * data)2492 static void iwl_mvm_free_reorder(struct iwl_mvm *mvm,
2493 struct iwl_mvm_baid_data *data)
2494 {
2495 int i;
2496
2497 iwl_mvm_sync_rxq_del_ba(mvm, data->baid);
2498
2499 for (i = 0; i < mvm->trans->num_rx_queues; i++) {
2500 int j;
2501 struct iwl_mvm_reorder_buffer *reorder_buf =
2502 &data->reorder_buf[i];
2503 struct iwl_mvm_reorder_buf_entry *entries =
2504 &data->entries[i * data->entries_per_queue];
2505
2506 spin_lock_bh(&reorder_buf->lock);
2507 if (likely(!reorder_buf->num_stored)) {
2508 spin_unlock_bh(&reorder_buf->lock);
2509 continue;
2510 }
2511
2512 /*
2513 * This shouldn't happen in regular DELBA since the internal
2514 * delBA notification should trigger a release of all frames in
2515 * the reorder buffer.
2516 */
2517 WARN_ON(1);
2518
2519 for (j = 0; j < reorder_buf->buf_size; j++)
2520 __skb_queue_purge(&entries[j].e.frames);
2521 /*
2522 * Prevent timer re-arm. This prevents a very far fetched case
2523 * where we timed out on the notification. There may be prior
2524 * RX frames pending in the RX queue before the notification
2525 * that might get processed between now and the actual deletion
2526 * and we would re-arm the timer although we are deleting the
2527 * reorder buffer.
2528 */
2529 reorder_buf->removed = true;
2530 spin_unlock_bh(&reorder_buf->lock);
2531 del_timer_sync(&reorder_buf->reorder_timer);
2532 }
2533 }
2534
iwl_mvm_init_reorder_buffer(struct iwl_mvm * mvm,struct iwl_mvm_baid_data * data,u16 ssn,u16 buf_size)2535 static void iwl_mvm_init_reorder_buffer(struct iwl_mvm *mvm,
2536 struct iwl_mvm_baid_data *data,
2537 u16 ssn, u16 buf_size)
2538 {
2539 int i;
2540
2541 for (i = 0; i < mvm->trans->num_rx_queues; i++) {
2542 struct iwl_mvm_reorder_buffer *reorder_buf =
2543 &data->reorder_buf[i];
2544 struct iwl_mvm_reorder_buf_entry *entries =
2545 &data->entries[i * data->entries_per_queue];
2546 int j;
2547
2548 reorder_buf->num_stored = 0;
2549 reorder_buf->head_sn = ssn;
2550 reorder_buf->buf_size = buf_size;
2551 /* rx reorder timer */
2552 timer_setup(&reorder_buf->reorder_timer,
2553 iwl_mvm_reorder_timer_expired, 0);
2554 spin_lock_init(&reorder_buf->lock);
2555 reorder_buf->mvm = mvm;
2556 reorder_buf->queue = i;
2557 reorder_buf->valid = false;
2558 for (j = 0; j < reorder_buf->buf_size; j++)
2559 __skb_queue_head_init(&entries[j].e.frames);
2560 }
2561 }
2562
iwl_mvm_sta_rx_agg(struct iwl_mvm * mvm,struct ieee80211_sta * sta,int tid,u16 ssn,bool start,u16 buf_size,u16 timeout)2563 int iwl_mvm_sta_rx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
2564 int tid, u16 ssn, bool start, u16 buf_size, u16 timeout)
2565 {
2566 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
2567 struct iwl_mvm_add_sta_cmd cmd = {};
2568 struct iwl_mvm_baid_data *baid_data = NULL;
2569 int ret;
2570 u32 status;
2571
2572 lockdep_assert_held(&mvm->mutex);
2573
2574 if (start && mvm->rx_ba_sessions >= IWL_MAX_RX_BA_SESSIONS) {
2575 IWL_WARN(mvm, "Not enough RX BA SESSIONS\n");
2576 return -ENOSPC;
2577 }
2578
2579 if (iwl_mvm_has_new_rx_api(mvm) && start) {
2580 u16 reorder_buf_size = buf_size * sizeof(baid_data->entries[0]);
2581
2582 /* sparse doesn't like the __align() so don't check */
2583 #ifndef __CHECKER__
2584 /*
2585 * The division below will be OK if either the cache line size
2586 * can be divided by the entry size (ALIGN will round up) or if
2587 * if the entry size can be divided by the cache line size, in
2588 * which case the ALIGN() will do nothing.
2589 */
2590 BUILD_BUG_ON(SMP_CACHE_BYTES % sizeof(baid_data->entries[0]) &&
2591 sizeof(baid_data->entries[0]) % SMP_CACHE_BYTES);
2592 #endif
2593
2594 /*
2595 * Upward align the reorder buffer size to fill an entire cache
2596 * line for each queue, to avoid sharing cache lines between
2597 * different queues.
2598 */
2599 reorder_buf_size = ALIGN(reorder_buf_size, SMP_CACHE_BYTES);
2600
2601 /*
2602 * Allocate here so if allocation fails we can bail out early
2603 * before starting the BA session in the firmware
2604 */
2605 baid_data = kzalloc(sizeof(*baid_data) +
2606 mvm->trans->num_rx_queues *
2607 reorder_buf_size,
2608 GFP_KERNEL);
2609 if (!baid_data)
2610 return -ENOMEM;
2611
2612 /*
2613 * This division is why we need the above BUILD_BUG_ON(),
2614 * if that doesn't hold then this will not be right.
2615 */
2616 baid_data->entries_per_queue =
2617 reorder_buf_size / sizeof(baid_data->entries[0]);
2618 }
2619
2620 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color);
2621 cmd.sta_id = mvm_sta->sta_id;
2622 cmd.add_modify = STA_MODE_MODIFY;
2623 if (start) {
2624 cmd.add_immediate_ba_tid = (u8) tid;
2625 cmd.add_immediate_ba_ssn = cpu_to_le16(ssn);
2626 cmd.rx_ba_window = cpu_to_le16(buf_size);
2627 } else {
2628 cmd.remove_immediate_ba_tid = (u8) tid;
2629 }
2630 cmd.modify_mask = start ? STA_MODIFY_ADD_BA_TID :
2631 STA_MODIFY_REMOVE_BA_TID;
2632
2633 status = ADD_STA_SUCCESS;
2634 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
2635 iwl_mvm_add_sta_cmd_size(mvm),
2636 &cmd, &status);
2637 if (ret)
2638 goto out_free;
2639
2640 switch (status & IWL_ADD_STA_STATUS_MASK) {
2641 case ADD_STA_SUCCESS:
2642 IWL_DEBUG_HT(mvm, "RX BA Session %sed in fw\n",
2643 start ? "start" : "stopp");
2644 break;
2645 case ADD_STA_IMMEDIATE_BA_FAILURE:
2646 IWL_WARN(mvm, "RX BA Session refused by fw\n");
2647 ret = -ENOSPC;
2648 break;
2649 default:
2650 ret = -EIO;
2651 IWL_ERR(mvm, "RX BA Session failed %sing, status 0x%x\n",
2652 start ? "start" : "stopp", status);
2653 break;
2654 }
2655
2656 if (ret)
2657 goto out_free;
2658
2659 if (start) {
2660 u8 baid;
2661
2662 mvm->rx_ba_sessions++;
2663
2664 if (!iwl_mvm_has_new_rx_api(mvm))
2665 return 0;
2666
2667 if (WARN_ON(!(status & IWL_ADD_STA_BAID_VALID_MASK))) {
2668 ret = -EINVAL;
2669 goto out_free;
2670 }
2671 baid = (u8)((status & IWL_ADD_STA_BAID_MASK) >>
2672 IWL_ADD_STA_BAID_SHIFT);
2673 baid_data->baid = baid;
2674 baid_data->timeout = timeout;
2675 baid_data->last_rx = jiffies;
2676 baid_data->rcu_ptr = &mvm->baid_map[baid];
2677 timer_setup(&baid_data->session_timer,
2678 iwl_mvm_rx_agg_session_expired, 0);
2679 baid_data->mvm = mvm;
2680 baid_data->tid = tid;
2681 baid_data->sta_id = mvm_sta->sta_id;
2682
2683 mvm_sta->tid_to_baid[tid] = baid;
2684 if (timeout)
2685 mod_timer(&baid_data->session_timer,
2686 TU_TO_EXP_TIME(timeout * 2));
2687
2688 iwl_mvm_init_reorder_buffer(mvm, baid_data, ssn, buf_size);
2689 /*
2690 * protect the BA data with RCU to cover a case where our
2691 * internal RX sync mechanism will timeout (not that it's
2692 * supposed to happen) and we will free the session data while
2693 * RX is being processed in parallel
2694 */
2695 IWL_DEBUG_HT(mvm, "Sta %d(%d) is assigned to BAID %d\n",
2696 mvm_sta->sta_id, tid, baid);
2697 WARN_ON(rcu_access_pointer(mvm->baid_map[baid]));
2698 rcu_assign_pointer(mvm->baid_map[baid], baid_data);
2699 } else {
2700 u8 baid = mvm_sta->tid_to_baid[tid];
2701
2702 if (mvm->rx_ba_sessions > 0)
2703 /* check that restart flow didn't zero the counter */
2704 mvm->rx_ba_sessions--;
2705 if (!iwl_mvm_has_new_rx_api(mvm))
2706 return 0;
2707
2708 if (WARN_ON(baid == IWL_RX_REORDER_DATA_INVALID_BAID))
2709 return -EINVAL;
2710
2711 baid_data = rcu_access_pointer(mvm->baid_map[baid]);
2712 if (WARN_ON(!baid_data))
2713 return -EINVAL;
2714
2715 /* synchronize all rx queues so we can safely delete */
2716 iwl_mvm_free_reorder(mvm, baid_data);
2717 del_timer_sync(&baid_data->session_timer);
2718 RCU_INIT_POINTER(mvm->baid_map[baid], NULL);
2719 kfree_rcu(baid_data, rcu_head);
2720 IWL_DEBUG_HT(mvm, "BAID %d is free\n", baid);
2721 }
2722 return 0;
2723
2724 out_free:
2725 kfree(baid_data);
2726 return ret;
2727 }
2728
iwl_mvm_sta_tx_agg(struct iwl_mvm * mvm,struct ieee80211_sta * sta,int tid,u8 queue,bool start)2729 int iwl_mvm_sta_tx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
2730 int tid, u8 queue, bool start)
2731 {
2732 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
2733 struct iwl_mvm_add_sta_cmd cmd = {};
2734 int ret;
2735 u32 status;
2736
2737 lockdep_assert_held(&mvm->mutex);
2738
2739 if (start) {
2740 mvm_sta->tfd_queue_msk |= BIT(queue);
2741 mvm_sta->tid_disable_agg &= ~BIT(tid);
2742 } else {
2743 /* In DQA-mode the queue isn't removed on agg termination */
2744 mvm_sta->tid_disable_agg |= BIT(tid);
2745 }
2746
2747 cmd.mac_id_n_color = cpu_to_le32(mvm_sta->mac_id_n_color);
2748 cmd.sta_id = mvm_sta->sta_id;
2749 cmd.add_modify = STA_MODE_MODIFY;
2750 if (!iwl_mvm_has_new_tx_api(mvm))
2751 cmd.modify_mask = STA_MODIFY_QUEUES;
2752 cmd.modify_mask |= STA_MODIFY_TID_DISABLE_TX;
2753 cmd.tfd_queue_msk = cpu_to_le32(mvm_sta->tfd_queue_msk);
2754 cmd.tid_disable_tx = cpu_to_le16(mvm_sta->tid_disable_agg);
2755
2756 status = ADD_STA_SUCCESS;
2757 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA,
2758 iwl_mvm_add_sta_cmd_size(mvm),
2759 &cmd, &status);
2760 if (ret)
2761 return ret;
2762
2763 switch (status & IWL_ADD_STA_STATUS_MASK) {
2764 case ADD_STA_SUCCESS:
2765 break;
2766 default:
2767 ret = -EIO;
2768 IWL_ERR(mvm, "TX BA Session failed %sing, status 0x%x\n",
2769 start ? "start" : "stopp", status);
2770 break;
2771 }
2772
2773 return ret;
2774 }
2775
2776 const u8 tid_to_mac80211_ac[] = {
2777 IEEE80211_AC_BE,
2778 IEEE80211_AC_BK,
2779 IEEE80211_AC_BK,
2780 IEEE80211_AC_BE,
2781 IEEE80211_AC_VI,
2782 IEEE80211_AC_VI,
2783 IEEE80211_AC_VO,
2784 IEEE80211_AC_VO,
2785 IEEE80211_AC_VO, /* We treat MGMT as TID 8, which is set as AC_VO */
2786 };
2787
2788 static const u8 tid_to_ucode_ac[] = {
2789 AC_BE,
2790 AC_BK,
2791 AC_BK,
2792 AC_BE,
2793 AC_VI,
2794 AC_VI,
2795 AC_VO,
2796 AC_VO,
2797 };
2798
iwl_mvm_sta_tx_agg_start(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta,u16 tid,u16 * ssn)2799 int iwl_mvm_sta_tx_agg_start(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2800 struct ieee80211_sta *sta, u16 tid, u16 *ssn)
2801 {
2802 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
2803 struct iwl_mvm_tid_data *tid_data;
2804 u16 normalized_ssn;
2805 u16 txq_id;
2806 int ret;
2807
2808 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT))
2809 return -EINVAL;
2810
2811 if (mvmsta->tid_data[tid].state != IWL_AGG_QUEUED &&
2812 mvmsta->tid_data[tid].state != IWL_AGG_OFF) {
2813 IWL_ERR(mvm,
2814 "Start AGG when state is not IWL_AGG_QUEUED or IWL_AGG_OFF %d!\n",
2815 mvmsta->tid_data[tid].state);
2816 return -ENXIO;
2817 }
2818
2819 lockdep_assert_held(&mvm->mutex);
2820
2821 if (mvmsta->tid_data[tid].txq_id == IWL_MVM_INVALID_QUEUE &&
2822 iwl_mvm_has_new_tx_api(mvm)) {
2823 u8 ac = tid_to_mac80211_ac[tid];
2824
2825 ret = iwl_mvm_sta_alloc_queue_tvqm(mvm, sta, ac, tid);
2826 if (ret)
2827 return ret;
2828 }
2829
2830 spin_lock_bh(&mvmsta->lock);
2831
2832 /*
2833 * Note the possible cases:
2834 * 1. An enabled TXQ - TXQ needs to become agg'ed
2835 * 2. The TXQ hasn't yet been enabled, so find a free one and mark
2836 * it as reserved
2837 */
2838 txq_id = mvmsta->tid_data[tid].txq_id;
2839 if (txq_id == IWL_MVM_INVALID_QUEUE) {
2840 ret = iwl_mvm_find_free_queue(mvm, mvmsta->sta_id,
2841 IWL_MVM_DQA_MIN_DATA_QUEUE,
2842 IWL_MVM_DQA_MAX_DATA_QUEUE);
2843 if (ret < 0) {
2844 IWL_ERR(mvm, "Failed to allocate agg queue\n");
2845 goto out;
2846 }
2847
2848 txq_id = ret;
2849
2850 /* TXQ hasn't yet been enabled, so mark it only as reserved */
2851 mvm->queue_info[txq_id].status = IWL_MVM_QUEUE_RESERVED;
2852 } else if (WARN_ON(txq_id >= IWL_MAX_HW_QUEUES)) {
2853 ret = -ENXIO;
2854 IWL_ERR(mvm, "tid_id %d out of range (0, %d)!\n",
2855 tid, IWL_MAX_HW_QUEUES - 1);
2856 goto out;
2857
2858 } else if (unlikely(mvm->queue_info[txq_id].status ==
2859 IWL_MVM_QUEUE_SHARED)) {
2860 ret = -ENXIO;
2861 IWL_DEBUG_TX_QUEUES(mvm,
2862 "Can't start tid %d agg on shared queue!\n",
2863 tid);
2864 goto out;
2865 }
2866
2867 IWL_DEBUG_TX_QUEUES(mvm,
2868 "AGG for tid %d will be on queue #%d\n",
2869 tid, txq_id);
2870
2871 tid_data = &mvmsta->tid_data[tid];
2872 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
2873 tid_data->txq_id = txq_id;
2874 *ssn = tid_data->ssn;
2875
2876 IWL_DEBUG_TX_QUEUES(mvm,
2877 "Start AGG: sta %d tid %d queue %d - ssn = %d, next_recl = %d\n",
2878 mvmsta->sta_id, tid, txq_id, tid_data->ssn,
2879 tid_data->next_reclaimed);
2880
2881 /*
2882 * In 22000 HW, the next_reclaimed index is only 8 bit, so we'll need
2883 * to align the wrap around of ssn so we compare relevant values.
2884 */
2885 normalized_ssn = tid_data->ssn;
2886 if (mvm->trans->trans_cfg->gen2)
2887 normalized_ssn &= 0xff;
2888
2889 if (normalized_ssn == tid_data->next_reclaimed) {
2890 tid_data->state = IWL_AGG_STARTING;
2891 ret = IEEE80211_AMPDU_TX_START_IMMEDIATE;
2892 } else {
2893 tid_data->state = IWL_EMPTYING_HW_QUEUE_ADDBA;
2894 ret = IEEE80211_AMPDU_TX_START_DELAY_ADDBA;
2895 }
2896
2897 out:
2898 spin_unlock_bh(&mvmsta->lock);
2899
2900 return ret;
2901 }
2902
iwl_mvm_sta_tx_agg_oper(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta,u16 tid,u16 buf_size,bool amsdu)2903 int iwl_mvm_sta_tx_agg_oper(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
2904 struct ieee80211_sta *sta, u16 tid, u16 buf_size,
2905 bool amsdu)
2906 {
2907 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
2908 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
2909 unsigned int wdg_timeout =
2910 iwl_mvm_get_wd_timeout(mvm, vif, sta->tdls, false);
2911 int queue, ret;
2912 bool alloc_queue = true;
2913 enum iwl_mvm_queue_status queue_status;
2914 u16 ssn;
2915
2916 struct iwl_trans_txq_scd_cfg cfg = {
2917 .sta_id = mvmsta->sta_id,
2918 .tid = tid,
2919 .frame_limit = buf_size,
2920 .aggregate = true,
2921 };
2922
2923 /*
2924 * When FW supports TLC_OFFLOAD, it also implements Tx aggregation
2925 * manager, so this function should never be called in this case.
2926 */
2927 if (WARN_ON_ONCE(iwl_mvm_has_tlc_offload(mvm)))
2928 return -EINVAL;
2929
2930 BUILD_BUG_ON((sizeof(mvmsta->agg_tids) * BITS_PER_BYTE)
2931 != IWL_MAX_TID_COUNT);
2932
2933 spin_lock_bh(&mvmsta->lock);
2934 ssn = tid_data->ssn;
2935 queue = tid_data->txq_id;
2936 tid_data->state = IWL_AGG_ON;
2937 mvmsta->agg_tids |= BIT(tid);
2938 tid_data->ssn = 0xffff;
2939 tid_data->amsdu_in_ampdu_allowed = amsdu;
2940 spin_unlock_bh(&mvmsta->lock);
2941
2942 if (iwl_mvm_has_new_tx_api(mvm)) {
2943 /*
2944 * If there is no queue for this tid, iwl_mvm_sta_tx_agg_start()
2945 * would have failed, so if we are here there is no need to
2946 * allocate a queue.
2947 * However, if aggregation size is different than the default
2948 * size, the scheduler should be reconfigured.
2949 * We cannot do this with the new TX API, so return unsupported
2950 * for now, until it will be offloaded to firmware..
2951 * Note that if SCD default value changes - this condition
2952 * should be updated as well.
2953 */
2954 if (buf_size < IWL_FRAME_LIMIT)
2955 return -ENOTSUPP;
2956
2957 ret = iwl_mvm_sta_tx_agg(mvm, sta, tid, queue, true);
2958 if (ret)
2959 return -EIO;
2960 goto out;
2961 }
2962
2963 cfg.fifo = iwl_mvm_ac_to_tx_fifo[tid_to_mac80211_ac[tid]];
2964
2965 queue_status = mvm->queue_info[queue].status;
2966
2967 /* Maybe there is no need to even alloc a queue... */
2968 if (mvm->queue_info[queue].status == IWL_MVM_QUEUE_READY)
2969 alloc_queue = false;
2970
2971 /*
2972 * Only reconfig the SCD for the queue if the window size has
2973 * changed from current (become smaller)
2974 */
2975 if (!alloc_queue && buf_size < IWL_FRAME_LIMIT) {
2976 /*
2977 * If reconfiguring an existing queue, it first must be
2978 * drained
2979 */
2980 ret = iwl_trans_wait_tx_queues_empty(mvm->trans,
2981 BIT(queue));
2982 if (ret) {
2983 IWL_ERR(mvm,
2984 "Error draining queue before reconfig\n");
2985 return ret;
2986 }
2987
2988 ret = iwl_mvm_reconfig_scd(mvm, queue, cfg.fifo,
2989 mvmsta->sta_id, tid,
2990 buf_size, ssn);
2991 if (ret) {
2992 IWL_ERR(mvm,
2993 "Error reconfiguring TXQ #%d\n", queue);
2994 return ret;
2995 }
2996 }
2997
2998 if (alloc_queue)
2999 iwl_mvm_enable_txq(mvm, sta, queue, ssn,
3000 &cfg, wdg_timeout);
3001
3002 /* Send ADD_STA command to enable aggs only if the queue isn't shared */
3003 if (queue_status != IWL_MVM_QUEUE_SHARED) {
3004 ret = iwl_mvm_sta_tx_agg(mvm, sta, tid, queue, true);
3005 if (ret)
3006 return -EIO;
3007 }
3008
3009 /* No need to mark as reserved */
3010 mvm->queue_info[queue].status = IWL_MVM_QUEUE_READY;
3011
3012 out:
3013 /*
3014 * Even though in theory the peer could have different
3015 * aggregation reorder buffer sizes for different sessions,
3016 * our ucode doesn't allow for that and has a global limit
3017 * for each station. Therefore, use the minimum of all the
3018 * aggregation sessions and our default value.
3019 */
3020 mvmsta->max_agg_bufsize =
3021 min(mvmsta->max_agg_bufsize, buf_size);
3022 mvmsta->lq_sta.rs_drv.lq.agg_frame_cnt_limit = mvmsta->max_agg_bufsize;
3023
3024 IWL_DEBUG_HT(mvm, "Tx aggregation enabled on ra = %pM tid = %d\n",
3025 sta->addr, tid);
3026
3027 return iwl_mvm_send_lq_cmd(mvm, &mvmsta->lq_sta.rs_drv.lq);
3028 }
3029
iwl_mvm_unreserve_agg_queue(struct iwl_mvm * mvm,struct iwl_mvm_sta * mvmsta,struct iwl_mvm_tid_data * tid_data)3030 static void iwl_mvm_unreserve_agg_queue(struct iwl_mvm *mvm,
3031 struct iwl_mvm_sta *mvmsta,
3032 struct iwl_mvm_tid_data *tid_data)
3033 {
3034 u16 txq_id = tid_data->txq_id;
3035
3036 lockdep_assert_held(&mvm->mutex);
3037
3038 if (iwl_mvm_has_new_tx_api(mvm))
3039 return;
3040
3041 /*
3042 * The TXQ is marked as reserved only if no traffic came through yet
3043 * This means no traffic has been sent on this TID (agg'd or not), so
3044 * we no longer have use for the queue. Since it hasn't even been
3045 * allocated through iwl_mvm_enable_txq, so we can just mark it back as
3046 * free.
3047 */
3048 if (mvm->queue_info[txq_id].status == IWL_MVM_QUEUE_RESERVED) {
3049 mvm->queue_info[txq_id].status = IWL_MVM_QUEUE_FREE;
3050 tid_data->txq_id = IWL_MVM_INVALID_QUEUE;
3051 }
3052 }
3053
iwl_mvm_sta_tx_agg_stop(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta,u16 tid)3054 int iwl_mvm_sta_tx_agg_stop(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
3055 struct ieee80211_sta *sta, u16 tid)
3056 {
3057 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
3058 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
3059 u16 txq_id;
3060 int err;
3061
3062 /*
3063 * If mac80211 is cleaning its state, then say that we finished since
3064 * our state has been cleared anyway.
3065 */
3066 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
3067 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
3068 return 0;
3069 }
3070
3071 spin_lock_bh(&mvmsta->lock);
3072
3073 txq_id = tid_data->txq_id;
3074
3075 IWL_DEBUG_TX_QUEUES(mvm, "Stop AGG: sta %d tid %d q %d state %d\n",
3076 mvmsta->sta_id, tid, txq_id, tid_data->state);
3077
3078 mvmsta->agg_tids &= ~BIT(tid);
3079
3080 iwl_mvm_unreserve_agg_queue(mvm, mvmsta, tid_data);
3081
3082 switch (tid_data->state) {
3083 case IWL_AGG_ON:
3084 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
3085
3086 IWL_DEBUG_TX_QUEUES(mvm,
3087 "ssn = %d, next_recl = %d\n",
3088 tid_data->ssn, tid_data->next_reclaimed);
3089
3090 tid_data->ssn = 0xffff;
3091 tid_data->state = IWL_AGG_OFF;
3092 spin_unlock_bh(&mvmsta->lock);
3093
3094 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
3095
3096 iwl_mvm_sta_tx_agg(mvm, sta, tid, txq_id, false);
3097 return 0;
3098 case IWL_AGG_STARTING:
3099 case IWL_EMPTYING_HW_QUEUE_ADDBA:
3100 /*
3101 * The agg session has been stopped before it was set up. This
3102 * can happen when the AddBA timer times out for example.
3103 */
3104
3105 /* No barriers since we are under mutex */
3106 lockdep_assert_held(&mvm->mutex);
3107
3108 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
3109 tid_data->state = IWL_AGG_OFF;
3110 err = 0;
3111 break;
3112 default:
3113 IWL_ERR(mvm,
3114 "Stopping AGG while state not ON or starting for %d on %d (%d)\n",
3115 mvmsta->sta_id, tid, tid_data->state);
3116 IWL_ERR(mvm,
3117 "\ttid_data->txq_id = %d\n", tid_data->txq_id);
3118 err = -EINVAL;
3119 }
3120
3121 spin_unlock_bh(&mvmsta->lock);
3122
3123 return err;
3124 }
3125
iwl_mvm_sta_tx_agg_flush(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta,u16 tid)3126 int iwl_mvm_sta_tx_agg_flush(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
3127 struct ieee80211_sta *sta, u16 tid)
3128 {
3129 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
3130 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
3131 u16 txq_id;
3132 enum iwl_mvm_agg_state old_state;
3133
3134 /*
3135 * First set the agg state to OFF to avoid calling
3136 * ieee80211_stop_tx_ba_cb in iwl_mvm_check_ratid_empty.
3137 */
3138 spin_lock_bh(&mvmsta->lock);
3139 txq_id = tid_data->txq_id;
3140 IWL_DEBUG_TX_QUEUES(mvm, "Flush AGG: sta %d tid %d q %d state %d\n",
3141 mvmsta->sta_id, tid, txq_id, tid_data->state);
3142 old_state = tid_data->state;
3143 tid_data->state = IWL_AGG_OFF;
3144 mvmsta->agg_tids &= ~BIT(tid);
3145 spin_unlock_bh(&mvmsta->lock);
3146
3147 iwl_mvm_unreserve_agg_queue(mvm, mvmsta, tid_data);
3148
3149 if (old_state >= IWL_AGG_ON) {
3150 iwl_mvm_drain_sta(mvm, mvmsta, true);
3151
3152 if (iwl_mvm_has_new_tx_api(mvm)) {
3153 if (iwl_mvm_flush_sta_tids(mvm, mvmsta->sta_id,
3154 BIT(tid), 0))
3155 IWL_ERR(mvm, "Couldn't flush the AGG queue\n");
3156 iwl_trans_wait_txq_empty(mvm->trans, txq_id);
3157 } else {
3158 if (iwl_mvm_flush_tx_path(mvm, BIT(txq_id), 0))
3159 IWL_ERR(mvm, "Couldn't flush the AGG queue\n");
3160 iwl_trans_wait_tx_queues_empty(mvm->trans, BIT(txq_id));
3161 }
3162
3163 iwl_mvm_drain_sta(mvm, mvmsta, false);
3164
3165 iwl_mvm_sta_tx_agg(mvm, sta, tid, txq_id, false);
3166 }
3167
3168 return 0;
3169 }
3170
iwl_mvm_set_fw_key_idx(struct iwl_mvm * mvm)3171 static int iwl_mvm_set_fw_key_idx(struct iwl_mvm *mvm)
3172 {
3173 int i, max = -1, max_offs = -1;
3174
3175 lockdep_assert_held(&mvm->mutex);
3176
3177 /* Pick the unused key offset with the highest 'deleted'
3178 * counter. Every time a key is deleted, all the counters
3179 * are incremented and the one that was just deleted is
3180 * reset to zero. Thus, the highest counter is the one
3181 * that was deleted longest ago. Pick that one.
3182 */
3183 for (i = 0; i < STA_KEY_MAX_NUM; i++) {
3184 if (test_bit(i, mvm->fw_key_table))
3185 continue;
3186 if (mvm->fw_key_deleted[i] > max) {
3187 max = mvm->fw_key_deleted[i];
3188 max_offs = i;
3189 }
3190 }
3191
3192 if (max_offs < 0)
3193 return STA_KEY_IDX_INVALID;
3194
3195 return max_offs;
3196 }
3197
iwl_mvm_get_key_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta)3198 static struct iwl_mvm_sta *iwl_mvm_get_key_sta(struct iwl_mvm *mvm,
3199 struct ieee80211_vif *vif,
3200 struct ieee80211_sta *sta)
3201 {
3202 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3203
3204 if (sta)
3205 return iwl_mvm_sta_from_mac80211(sta);
3206
3207 /*
3208 * The device expects GTKs for station interfaces to be
3209 * installed as GTKs for the AP station. If we have no
3210 * station ID, then use AP's station ID.
3211 */
3212 if (vif->type == NL80211_IFTYPE_STATION &&
3213 mvmvif->ap_sta_id != IWL_MVM_INVALID_STA) {
3214 u8 sta_id = mvmvif->ap_sta_id;
3215
3216 sta = rcu_dereference_check(mvm->fw_id_to_mac_id[sta_id],
3217 lockdep_is_held(&mvm->mutex));
3218
3219 /*
3220 * It is possible that the 'sta' parameter is NULL,
3221 * for example when a GTK is removed - the sta_id will then
3222 * be the AP ID, and no station was passed by mac80211.
3223 */
3224 if (IS_ERR_OR_NULL(sta))
3225 return NULL;
3226
3227 return iwl_mvm_sta_from_mac80211(sta);
3228 }
3229
3230 return NULL;
3231 }
3232
iwl_mvm_send_sta_key(struct iwl_mvm * mvm,u32 sta_id,struct ieee80211_key_conf * key,bool mcast,u32 tkip_iv32,u16 * tkip_p1k,u32 cmd_flags,u8 key_offset,bool mfp)3233 static int iwl_mvm_send_sta_key(struct iwl_mvm *mvm,
3234 u32 sta_id,
3235 struct ieee80211_key_conf *key, bool mcast,
3236 u32 tkip_iv32, u16 *tkip_p1k, u32 cmd_flags,
3237 u8 key_offset, bool mfp)
3238 {
3239 union {
3240 struct iwl_mvm_add_sta_key_cmd_v1 cmd_v1;
3241 struct iwl_mvm_add_sta_key_cmd cmd;
3242 } u = {};
3243 __le16 key_flags;
3244 int ret;
3245 u32 status;
3246 u16 keyidx;
3247 u64 pn = 0;
3248 int i, size;
3249 bool new_api = fw_has_api(&mvm->fw->ucode_capa,
3250 IWL_UCODE_TLV_API_TKIP_MIC_KEYS);
3251
3252 if (sta_id == IWL_MVM_INVALID_STA)
3253 return -EINVAL;
3254
3255 keyidx = (key->keyidx << STA_KEY_FLG_KEYID_POS) &
3256 STA_KEY_FLG_KEYID_MSK;
3257 key_flags = cpu_to_le16(keyidx);
3258 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP_KEY_MAP);
3259
3260 switch (key->cipher) {
3261 case WLAN_CIPHER_SUITE_TKIP:
3262 key_flags |= cpu_to_le16(STA_KEY_FLG_TKIP);
3263 if (new_api) {
3264 memcpy((void *)&u.cmd.tx_mic_key,
3265 &key->key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY],
3266 IWL_MIC_KEY_SIZE);
3267
3268 memcpy((void *)&u.cmd.rx_mic_key,
3269 &key->key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY],
3270 IWL_MIC_KEY_SIZE);
3271 pn = atomic64_read(&key->tx_pn);
3272
3273 } else {
3274 u.cmd_v1.tkip_rx_tsc_byte2 = tkip_iv32;
3275 for (i = 0; i < 5; i++)
3276 u.cmd_v1.tkip_rx_ttak[i] =
3277 cpu_to_le16(tkip_p1k[i]);
3278 }
3279 memcpy(u.cmd.common.key, key->key, key->keylen);
3280 break;
3281 case WLAN_CIPHER_SUITE_CCMP:
3282 key_flags |= cpu_to_le16(STA_KEY_FLG_CCM);
3283 memcpy(u.cmd.common.key, key->key, key->keylen);
3284 if (new_api)
3285 pn = atomic64_read(&key->tx_pn);
3286 break;
3287 case WLAN_CIPHER_SUITE_WEP104:
3288 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP_13BYTES);
3289 /* fall through */
3290 case WLAN_CIPHER_SUITE_WEP40:
3291 key_flags |= cpu_to_le16(STA_KEY_FLG_WEP);
3292 memcpy(u.cmd.common.key + 3, key->key, key->keylen);
3293 break;
3294 case WLAN_CIPHER_SUITE_GCMP_256:
3295 key_flags |= cpu_to_le16(STA_KEY_FLG_KEY_32BYTES);
3296 /* fall through */
3297 case WLAN_CIPHER_SUITE_GCMP:
3298 key_flags |= cpu_to_le16(STA_KEY_FLG_GCMP);
3299 memcpy(u.cmd.common.key, key->key, key->keylen);
3300 if (new_api)
3301 pn = atomic64_read(&key->tx_pn);
3302 break;
3303 default:
3304 key_flags |= cpu_to_le16(STA_KEY_FLG_EXT);
3305 memcpy(u.cmd.common.key, key->key, key->keylen);
3306 }
3307
3308 if (mcast)
3309 key_flags |= cpu_to_le16(STA_KEY_MULTICAST);
3310 if (mfp)
3311 key_flags |= cpu_to_le16(STA_KEY_MFP);
3312
3313 u.cmd.common.key_offset = key_offset;
3314 u.cmd.common.key_flags = key_flags;
3315 u.cmd.common.sta_id = sta_id;
3316
3317 if (new_api) {
3318 u.cmd.transmit_seq_cnt = cpu_to_le64(pn);
3319 size = sizeof(u.cmd);
3320 } else {
3321 size = sizeof(u.cmd_v1);
3322 }
3323
3324 status = ADD_STA_SUCCESS;
3325 if (cmd_flags & CMD_ASYNC)
3326 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA_KEY, CMD_ASYNC, size,
3327 &u.cmd);
3328 else
3329 ret = iwl_mvm_send_cmd_pdu_status(mvm, ADD_STA_KEY, size,
3330 &u.cmd, &status);
3331
3332 switch (status) {
3333 case ADD_STA_SUCCESS:
3334 IWL_DEBUG_WEP(mvm, "MODIFY_STA: set dynamic key passed\n");
3335 break;
3336 default:
3337 ret = -EIO;
3338 IWL_ERR(mvm, "MODIFY_STA: set dynamic key failed\n");
3339 break;
3340 }
3341
3342 return ret;
3343 }
3344
iwl_mvm_send_sta_igtk(struct iwl_mvm * mvm,struct ieee80211_key_conf * keyconf,u8 sta_id,bool remove_key)3345 static int iwl_mvm_send_sta_igtk(struct iwl_mvm *mvm,
3346 struct ieee80211_key_conf *keyconf,
3347 u8 sta_id, bool remove_key)
3348 {
3349 struct iwl_mvm_mgmt_mcast_key_cmd igtk_cmd = {};
3350
3351 /* verify the key details match the required command's expectations */
3352 if (WARN_ON((keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
3353 (keyconf->keyidx != 4 && keyconf->keyidx != 5) ||
3354 (keyconf->cipher != WLAN_CIPHER_SUITE_AES_CMAC &&
3355 keyconf->cipher != WLAN_CIPHER_SUITE_BIP_GMAC_128 &&
3356 keyconf->cipher != WLAN_CIPHER_SUITE_BIP_GMAC_256)))
3357 return -EINVAL;
3358
3359 if (WARN_ON(!iwl_mvm_has_new_rx_api(mvm) &&
3360 keyconf->cipher != WLAN_CIPHER_SUITE_AES_CMAC))
3361 return -EINVAL;
3362
3363 igtk_cmd.key_id = cpu_to_le32(keyconf->keyidx);
3364 igtk_cmd.sta_id = cpu_to_le32(sta_id);
3365
3366 if (remove_key) {
3367 /* This is a valid situation for IGTK */
3368 if (sta_id == IWL_MVM_INVALID_STA)
3369 return 0;
3370
3371 igtk_cmd.ctrl_flags |= cpu_to_le32(STA_KEY_NOT_VALID);
3372 } else {
3373 struct ieee80211_key_seq seq;
3374 const u8 *pn;
3375
3376 switch (keyconf->cipher) {
3377 case WLAN_CIPHER_SUITE_AES_CMAC:
3378 igtk_cmd.ctrl_flags |= cpu_to_le32(STA_KEY_FLG_CCM);
3379 break;
3380 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
3381 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
3382 igtk_cmd.ctrl_flags |= cpu_to_le32(STA_KEY_FLG_GCMP);
3383 break;
3384 default:
3385 return -EINVAL;
3386 }
3387
3388 memcpy(igtk_cmd.igtk, keyconf->key, keyconf->keylen);
3389 if (keyconf->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256)
3390 igtk_cmd.ctrl_flags |=
3391 cpu_to_le32(STA_KEY_FLG_KEY_32BYTES);
3392 ieee80211_get_key_rx_seq(keyconf, 0, &seq);
3393 pn = seq.aes_cmac.pn;
3394 igtk_cmd.receive_seq_cnt = cpu_to_le64(((u64) pn[5] << 0) |
3395 ((u64) pn[4] << 8) |
3396 ((u64) pn[3] << 16) |
3397 ((u64) pn[2] << 24) |
3398 ((u64) pn[1] << 32) |
3399 ((u64) pn[0] << 40));
3400 }
3401
3402 IWL_DEBUG_INFO(mvm, "%s igtk for sta %u\n",
3403 remove_key ? "removing" : "installing",
3404 igtk_cmd.sta_id);
3405
3406 if (!iwl_mvm_has_new_rx_api(mvm)) {
3407 struct iwl_mvm_mgmt_mcast_key_cmd_v1 igtk_cmd_v1 = {
3408 .ctrl_flags = igtk_cmd.ctrl_flags,
3409 .key_id = igtk_cmd.key_id,
3410 .sta_id = igtk_cmd.sta_id,
3411 .receive_seq_cnt = igtk_cmd.receive_seq_cnt
3412 };
3413
3414 memcpy(igtk_cmd_v1.igtk, igtk_cmd.igtk,
3415 ARRAY_SIZE(igtk_cmd_v1.igtk));
3416 return iwl_mvm_send_cmd_pdu(mvm, MGMT_MCAST_KEY, 0,
3417 sizeof(igtk_cmd_v1), &igtk_cmd_v1);
3418 }
3419 return iwl_mvm_send_cmd_pdu(mvm, MGMT_MCAST_KEY, 0,
3420 sizeof(igtk_cmd), &igtk_cmd);
3421 }
3422
3423
iwl_mvm_get_mac_addr(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta)3424 static inline u8 *iwl_mvm_get_mac_addr(struct iwl_mvm *mvm,
3425 struct ieee80211_vif *vif,
3426 struct ieee80211_sta *sta)
3427 {
3428 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3429
3430 if (sta)
3431 return sta->addr;
3432
3433 if (vif->type == NL80211_IFTYPE_STATION &&
3434 mvmvif->ap_sta_id != IWL_MVM_INVALID_STA) {
3435 u8 sta_id = mvmvif->ap_sta_id;
3436 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[sta_id],
3437 lockdep_is_held(&mvm->mutex));
3438 return sta->addr;
3439 }
3440
3441
3442 return NULL;
3443 }
3444
__iwl_mvm_set_sta_key(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta,struct ieee80211_key_conf * keyconf,u8 key_offset,bool mcast)3445 static int __iwl_mvm_set_sta_key(struct iwl_mvm *mvm,
3446 struct ieee80211_vif *vif,
3447 struct ieee80211_sta *sta,
3448 struct ieee80211_key_conf *keyconf,
3449 u8 key_offset,
3450 bool mcast)
3451 {
3452 int ret;
3453 const u8 *addr;
3454 struct ieee80211_key_seq seq;
3455 u16 p1k[5];
3456 u32 sta_id;
3457 bool mfp = false;
3458
3459 if (sta) {
3460 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
3461
3462 sta_id = mvm_sta->sta_id;
3463 mfp = sta->mfp;
3464 } else if (vif->type == NL80211_IFTYPE_AP &&
3465 !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
3466 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3467
3468 sta_id = mvmvif->mcast_sta.sta_id;
3469 } else {
3470 IWL_ERR(mvm, "Failed to find station id\n");
3471 return -EINVAL;
3472 }
3473
3474 switch (keyconf->cipher) {
3475 case WLAN_CIPHER_SUITE_TKIP:
3476 addr = iwl_mvm_get_mac_addr(mvm, vif, sta);
3477 /* get phase 1 key from mac80211 */
3478 ieee80211_get_key_rx_seq(keyconf, 0, &seq);
3479 ieee80211_get_tkip_rx_p1k(keyconf, addr, seq.tkip.iv32, p1k);
3480 ret = iwl_mvm_send_sta_key(mvm, sta_id, keyconf, mcast,
3481 seq.tkip.iv32, p1k, 0, key_offset,
3482 mfp);
3483 break;
3484 case WLAN_CIPHER_SUITE_CCMP:
3485 case WLAN_CIPHER_SUITE_WEP40:
3486 case WLAN_CIPHER_SUITE_WEP104:
3487 case WLAN_CIPHER_SUITE_GCMP:
3488 case WLAN_CIPHER_SUITE_GCMP_256:
3489 ret = iwl_mvm_send_sta_key(mvm, sta_id, keyconf, mcast,
3490 0, NULL, 0, key_offset, mfp);
3491 break;
3492 default:
3493 ret = iwl_mvm_send_sta_key(mvm, sta_id, keyconf, mcast,
3494 0, NULL, 0, key_offset, mfp);
3495 }
3496
3497 return ret;
3498 }
3499
iwl_mvm_set_sta_key(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta,struct ieee80211_key_conf * keyconf,u8 key_offset)3500 int iwl_mvm_set_sta_key(struct iwl_mvm *mvm,
3501 struct ieee80211_vif *vif,
3502 struct ieee80211_sta *sta,
3503 struct ieee80211_key_conf *keyconf,
3504 u8 key_offset)
3505 {
3506 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
3507 struct iwl_mvm_sta *mvm_sta;
3508 u8 sta_id = IWL_MVM_INVALID_STA;
3509 int ret;
3510 static const u8 __maybe_unused zero_addr[ETH_ALEN] = {0};
3511
3512 lockdep_assert_held(&mvm->mutex);
3513
3514 if (vif->type != NL80211_IFTYPE_AP ||
3515 keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
3516 /* Get the station id from the mvm local station table */
3517 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
3518 if (!mvm_sta) {
3519 IWL_ERR(mvm, "Failed to find station\n");
3520 return -EINVAL;
3521 }
3522 sta_id = mvm_sta->sta_id;
3523
3524 /*
3525 * It is possible that the 'sta' parameter is NULL, and thus
3526 * there is a need to retrieve the sta from the local station
3527 * table.
3528 */
3529 if (!sta) {
3530 sta = rcu_dereference_protected(
3531 mvm->fw_id_to_mac_id[sta_id],
3532 lockdep_is_held(&mvm->mutex));
3533 if (IS_ERR_OR_NULL(sta)) {
3534 IWL_ERR(mvm, "Invalid station id\n");
3535 return -EINVAL;
3536 }
3537 }
3538
3539 if (WARN_ON_ONCE(iwl_mvm_sta_from_mac80211(sta)->vif != vif))
3540 return -EINVAL;
3541 } else {
3542 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3543
3544 sta_id = mvmvif->mcast_sta.sta_id;
3545 }
3546
3547 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
3548 keyconf->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
3549 keyconf->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256) {
3550 ret = iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, false);
3551 goto end;
3552 }
3553
3554 /* If the key_offset is not pre-assigned, we need to find a
3555 * new offset to use. In normal cases, the offset is not
3556 * pre-assigned, but during HW_RESTART we want to reuse the
3557 * same indices, so we pass them when this function is called.
3558 *
3559 * In D3 entry, we need to hardcoded the indices (because the
3560 * firmware hardcodes the PTK offset to 0). In this case, we
3561 * need to make sure we don't overwrite the hw_key_idx in the
3562 * keyconf structure, because otherwise we cannot configure
3563 * the original ones back when resuming.
3564 */
3565 if (key_offset == STA_KEY_IDX_INVALID) {
3566 key_offset = iwl_mvm_set_fw_key_idx(mvm);
3567 if (key_offset == STA_KEY_IDX_INVALID)
3568 return -ENOSPC;
3569 keyconf->hw_key_idx = key_offset;
3570 }
3571
3572 ret = __iwl_mvm_set_sta_key(mvm, vif, sta, keyconf, key_offset, mcast);
3573 if (ret)
3574 goto end;
3575
3576 /*
3577 * For WEP, the same key is used for multicast and unicast. Upload it
3578 * again, using the same key offset, and now pointing the other one
3579 * to the same key slot (offset).
3580 * If this fails, remove the original as well.
3581 */
3582 if ((keyconf->cipher == WLAN_CIPHER_SUITE_WEP40 ||
3583 keyconf->cipher == WLAN_CIPHER_SUITE_WEP104) &&
3584 sta) {
3585 ret = __iwl_mvm_set_sta_key(mvm, vif, sta, keyconf,
3586 key_offset, !mcast);
3587 if (ret) {
3588 __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, mcast);
3589 goto end;
3590 }
3591 }
3592
3593 __set_bit(key_offset, mvm->fw_key_table);
3594
3595 end:
3596 IWL_DEBUG_WEP(mvm, "key: cipher=%x len=%d idx=%d sta=%pM ret=%d\n",
3597 keyconf->cipher, keyconf->keylen, keyconf->keyidx,
3598 sta ? sta->addr : zero_addr, ret);
3599 return ret;
3600 }
3601
iwl_mvm_remove_sta_key(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_sta * sta,struct ieee80211_key_conf * keyconf)3602 int iwl_mvm_remove_sta_key(struct iwl_mvm *mvm,
3603 struct ieee80211_vif *vif,
3604 struct ieee80211_sta *sta,
3605 struct ieee80211_key_conf *keyconf)
3606 {
3607 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
3608 struct iwl_mvm_sta *mvm_sta;
3609 u8 sta_id = IWL_MVM_INVALID_STA;
3610 int ret, i;
3611
3612 lockdep_assert_held(&mvm->mutex);
3613
3614 /* Get the station from the mvm local station table */
3615 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
3616 if (mvm_sta)
3617 sta_id = mvm_sta->sta_id;
3618 else if (!sta && vif->type == NL80211_IFTYPE_AP && mcast)
3619 sta_id = iwl_mvm_vif_from_mac80211(vif)->mcast_sta.sta_id;
3620
3621
3622 IWL_DEBUG_WEP(mvm, "mvm remove dynamic key: idx=%d sta=%d\n",
3623 keyconf->keyidx, sta_id);
3624
3625 if (keyconf->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
3626 keyconf->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
3627 keyconf->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256)
3628 return iwl_mvm_send_sta_igtk(mvm, keyconf, sta_id, true);
3629
3630 if (!__test_and_clear_bit(keyconf->hw_key_idx, mvm->fw_key_table)) {
3631 IWL_ERR(mvm, "offset %d not used in fw key table.\n",
3632 keyconf->hw_key_idx);
3633 return -ENOENT;
3634 }
3635
3636 /* track which key was deleted last */
3637 for (i = 0; i < STA_KEY_MAX_NUM; i++) {
3638 if (mvm->fw_key_deleted[i] < U8_MAX)
3639 mvm->fw_key_deleted[i]++;
3640 }
3641 mvm->fw_key_deleted[keyconf->hw_key_idx] = 0;
3642
3643 if (sta && !mvm_sta) {
3644 IWL_DEBUG_WEP(mvm, "station non-existent, early return.\n");
3645 return 0;
3646 }
3647
3648 ret = __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, mcast);
3649 if (ret)
3650 return ret;
3651
3652 /* delete WEP key twice to get rid of (now useless) offset */
3653 if (keyconf->cipher == WLAN_CIPHER_SUITE_WEP40 ||
3654 keyconf->cipher == WLAN_CIPHER_SUITE_WEP104)
3655 ret = __iwl_mvm_remove_sta_key(mvm, sta_id, keyconf, !mcast);
3656
3657 return ret;
3658 }
3659
iwl_mvm_update_tkip_key(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_key_conf * keyconf,struct ieee80211_sta * sta,u32 iv32,u16 * phase1key)3660 void iwl_mvm_update_tkip_key(struct iwl_mvm *mvm,
3661 struct ieee80211_vif *vif,
3662 struct ieee80211_key_conf *keyconf,
3663 struct ieee80211_sta *sta, u32 iv32,
3664 u16 *phase1key)
3665 {
3666 struct iwl_mvm_sta *mvm_sta;
3667 bool mcast = !(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE);
3668 bool mfp = sta ? sta->mfp : false;
3669
3670 rcu_read_lock();
3671
3672 mvm_sta = iwl_mvm_get_key_sta(mvm, vif, sta);
3673 if (WARN_ON_ONCE(!mvm_sta))
3674 goto unlock;
3675 iwl_mvm_send_sta_key(mvm, mvm_sta->sta_id, keyconf, mcast,
3676 iv32, phase1key, CMD_ASYNC, keyconf->hw_key_idx,
3677 mfp);
3678
3679 unlock:
3680 rcu_read_unlock();
3681 }
3682
iwl_mvm_sta_modify_ps_wake(struct iwl_mvm * mvm,struct ieee80211_sta * sta)3683 void iwl_mvm_sta_modify_ps_wake(struct iwl_mvm *mvm,
3684 struct ieee80211_sta *sta)
3685 {
3686 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
3687 struct iwl_mvm_add_sta_cmd cmd = {
3688 .add_modify = STA_MODE_MODIFY,
3689 .sta_id = mvmsta->sta_id,
3690 .station_flags_msk = cpu_to_le32(STA_FLG_PS),
3691 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
3692 };
3693 int ret;
3694
3695 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC,
3696 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
3697 if (ret)
3698 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
3699 }
3700
iwl_mvm_sta_modify_sleep_tx_count(struct iwl_mvm * mvm,struct ieee80211_sta * sta,enum ieee80211_frame_release_type reason,u16 cnt,u16 tids,bool more_data,bool single_sta_queue)3701 void iwl_mvm_sta_modify_sleep_tx_count(struct iwl_mvm *mvm,
3702 struct ieee80211_sta *sta,
3703 enum ieee80211_frame_release_type reason,
3704 u16 cnt, u16 tids, bool more_data,
3705 bool single_sta_queue)
3706 {
3707 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
3708 struct iwl_mvm_add_sta_cmd cmd = {
3709 .add_modify = STA_MODE_MODIFY,
3710 .sta_id = mvmsta->sta_id,
3711 .modify_mask = STA_MODIFY_SLEEPING_STA_TX_COUNT,
3712 .sleep_tx_count = cpu_to_le16(cnt),
3713 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
3714 };
3715 int tid, ret;
3716 unsigned long _tids = tids;
3717
3718 /* convert TIDs to ACs - we don't support TSPEC so that's OK
3719 * Note that this field is reserved and unused by firmware not
3720 * supporting GO uAPSD, so it's safe to always do this.
3721 */
3722 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT)
3723 cmd.awake_acs |= BIT(tid_to_ucode_ac[tid]);
3724
3725 /* If we're releasing frames from aggregation or dqa queues then check
3726 * if all the queues that we're releasing frames from, combined, have:
3727 * - more frames than the service period, in which case more_data
3728 * needs to be set
3729 * - fewer than 'cnt' frames, in which case we need to adjust the
3730 * firmware command (but do that unconditionally)
3731 */
3732 if (single_sta_queue) {
3733 int remaining = cnt;
3734 int sleep_tx_count;
3735
3736 spin_lock_bh(&mvmsta->lock);
3737 for_each_set_bit(tid, &_tids, IWL_MAX_TID_COUNT) {
3738 struct iwl_mvm_tid_data *tid_data;
3739 u16 n_queued;
3740
3741 tid_data = &mvmsta->tid_data[tid];
3742
3743 n_queued = iwl_mvm_tid_queued(mvm, tid_data);
3744 if (n_queued > remaining) {
3745 more_data = true;
3746 remaining = 0;
3747 break;
3748 }
3749 remaining -= n_queued;
3750 }
3751 sleep_tx_count = cnt - remaining;
3752 if (reason == IEEE80211_FRAME_RELEASE_UAPSD)
3753 mvmsta->sleep_tx_count = sleep_tx_count;
3754 spin_unlock_bh(&mvmsta->lock);
3755
3756 cmd.sleep_tx_count = cpu_to_le16(sleep_tx_count);
3757 if (WARN_ON(cnt - remaining == 0)) {
3758 ieee80211_sta_eosp(sta);
3759 return;
3760 }
3761 }
3762
3763 /* Note: this is ignored by firmware not supporting GO uAPSD */
3764 if (more_data)
3765 cmd.sleep_state_flags |= STA_SLEEP_STATE_MOREDATA;
3766
3767 if (reason == IEEE80211_FRAME_RELEASE_PSPOLL) {
3768 mvmsta->next_status_eosp = true;
3769 cmd.sleep_state_flags |= STA_SLEEP_STATE_PS_POLL;
3770 } else {
3771 cmd.sleep_state_flags |= STA_SLEEP_STATE_UAPSD;
3772 }
3773
3774 /* block the Tx queues until the FW updated the sleep Tx count */
3775 iwl_trans_block_txq_ptrs(mvm->trans, true);
3776
3777 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA,
3778 CMD_ASYNC | CMD_WANT_ASYNC_CALLBACK,
3779 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
3780 if (ret)
3781 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
3782 }
3783
iwl_mvm_rx_eosp_notif(struct iwl_mvm * mvm,struct iwl_rx_cmd_buffer * rxb)3784 void iwl_mvm_rx_eosp_notif(struct iwl_mvm *mvm,
3785 struct iwl_rx_cmd_buffer *rxb)
3786 {
3787 struct iwl_rx_packet *pkt = rxb_addr(rxb);
3788 struct iwl_mvm_eosp_notification *notif = (void *)pkt->data;
3789 struct ieee80211_sta *sta;
3790 u32 sta_id = le32_to_cpu(notif->sta_id);
3791
3792 if (WARN_ON_ONCE(sta_id >= mvm->fw->ucode_capa.num_stations))
3793 return;
3794
3795 rcu_read_lock();
3796 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]);
3797 if (!IS_ERR_OR_NULL(sta))
3798 ieee80211_sta_eosp(sta);
3799 rcu_read_unlock();
3800 }
3801
iwl_mvm_sta_modify_disable_tx(struct iwl_mvm * mvm,struct iwl_mvm_sta * mvmsta,bool disable)3802 void iwl_mvm_sta_modify_disable_tx(struct iwl_mvm *mvm,
3803 struct iwl_mvm_sta *mvmsta, bool disable)
3804 {
3805 struct iwl_mvm_add_sta_cmd cmd = {
3806 .add_modify = STA_MODE_MODIFY,
3807 .sta_id = mvmsta->sta_id,
3808 .station_flags = disable ? cpu_to_le32(STA_FLG_DISABLE_TX) : 0,
3809 .station_flags_msk = cpu_to_le32(STA_FLG_DISABLE_TX),
3810 .mac_id_n_color = cpu_to_le32(mvmsta->mac_id_n_color),
3811 };
3812 int ret;
3813
3814 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, CMD_ASYNC,
3815 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
3816 if (ret)
3817 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
3818 }
3819
iwl_mvm_sta_modify_disable_tx_ap(struct iwl_mvm * mvm,struct ieee80211_sta * sta,bool disable)3820 void iwl_mvm_sta_modify_disable_tx_ap(struct iwl_mvm *mvm,
3821 struct ieee80211_sta *sta,
3822 bool disable)
3823 {
3824 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
3825
3826 spin_lock_bh(&mvm_sta->lock);
3827
3828 if (mvm_sta->disable_tx == disable) {
3829 spin_unlock_bh(&mvm_sta->lock);
3830 return;
3831 }
3832
3833 mvm_sta->disable_tx = disable;
3834
3835 /* Tell mac80211 to start/stop queuing tx for this station */
3836 ieee80211_sta_block_awake(mvm->hw, sta, disable);
3837
3838 iwl_mvm_sta_modify_disable_tx(mvm, mvm_sta, disable);
3839
3840 spin_unlock_bh(&mvm_sta->lock);
3841 }
3842
iwl_mvm_int_sta_modify_disable_tx(struct iwl_mvm * mvm,struct iwl_mvm_vif * mvmvif,struct iwl_mvm_int_sta * sta,bool disable)3843 static void iwl_mvm_int_sta_modify_disable_tx(struct iwl_mvm *mvm,
3844 struct iwl_mvm_vif *mvmvif,
3845 struct iwl_mvm_int_sta *sta,
3846 bool disable)
3847 {
3848 u32 id = FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color);
3849 struct iwl_mvm_add_sta_cmd cmd = {
3850 .add_modify = STA_MODE_MODIFY,
3851 .sta_id = sta->sta_id,
3852 .station_flags = disable ? cpu_to_le32(STA_FLG_DISABLE_TX) : 0,
3853 .station_flags_msk = cpu_to_le32(STA_FLG_DISABLE_TX),
3854 .mac_id_n_color = cpu_to_le32(id),
3855 };
3856 int ret;
3857
3858 ret = iwl_mvm_send_cmd_pdu(mvm, ADD_STA, 0,
3859 iwl_mvm_add_sta_cmd_size(mvm), &cmd);
3860 if (ret)
3861 IWL_ERR(mvm, "Failed to send ADD_STA command (%d)\n", ret);
3862 }
3863
iwl_mvm_modify_all_sta_disable_tx(struct iwl_mvm * mvm,struct iwl_mvm_vif * mvmvif,bool disable)3864 void iwl_mvm_modify_all_sta_disable_tx(struct iwl_mvm *mvm,
3865 struct iwl_mvm_vif *mvmvif,
3866 bool disable)
3867 {
3868 struct ieee80211_sta *sta;
3869 struct iwl_mvm_sta *mvm_sta;
3870 int i;
3871
3872 lockdep_assert_held(&mvm->mutex);
3873
3874 /* Block/unblock all the stations of the given mvmvif */
3875 for (i = 0; i < mvm->fw->ucode_capa.num_stations; i++) {
3876 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i],
3877 lockdep_is_held(&mvm->mutex));
3878 if (IS_ERR_OR_NULL(sta))
3879 continue;
3880
3881 mvm_sta = iwl_mvm_sta_from_mac80211(sta);
3882 if (mvm_sta->mac_id_n_color !=
3883 FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color))
3884 continue;
3885
3886 iwl_mvm_sta_modify_disable_tx_ap(mvm, sta, disable);
3887 }
3888
3889 if (!fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE))
3890 return;
3891
3892 /* Need to block/unblock also multicast station */
3893 if (mvmvif->mcast_sta.sta_id != IWL_MVM_INVALID_STA)
3894 iwl_mvm_int_sta_modify_disable_tx(mvm, mvmvif,
3895 &mvmvif->mcast_sta, disable);
3896
3897 /*
3898 * Only unblock the broadcast station (FW blocks it for immediate
3899 * quiet, not the driver)
3900 */
3901 if (!disable && mvmvif->bcast_sta.sta_id != IWL_MVM_INVALID_STA)
3902 iwl_mvm_int_sta_modify_disable_tx(mvm, mvmvif,
3903 &mvmvif->bcast_sta, disable);
3904 }
3905
iwl_mvm_csa_client_absent(struct iwl_mvm * mvm,struct ieee80211_vif * vif)3906 void iwl_mvm_csa_client_absent(struct iwl_mvm *mvm, struct ieee80211_vif *vif)
3907 {
3908 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3909 struct iwl_mvm_sta *mvmsta;
3910
3911 rcu_read_lock();
3912
3913 mvmsta = iwl_mvm_sta_from_staid_rcu(mvm, mvmvif->ap_sta_id);
3914
3915 if (!WARN_ON(!mvmsta))
3916 iwl_mvm_sta_modify_disable_tx(mvm, mvmsta, true);
3917
3918 rcu_read_unlock();
3919 }
3920
iwl_mvm_tid_queued(struct iwl_mvm * mvm,struct iwl_mvm_tid_data * tid_data)3921 u16 iwl_mvm_tid_queued(struct iwl_mvm *mvm, struct iwl_mvm_tid_data *tid_data)
3922 {
3923 u16 sn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
3924
3925 /*
3926 * In 22000 HW, the next_reclaimed index is only 8 bit, so we'll need
3927 * to align the wrap around of ssn so we compare relevant values.
3928 */
3929 if (mvm->trans->trans_cfg->gen2)
3930 sn &= 0xff;
3931
3932 return ieee80211_sn_sub(sn, tid_data->next_reclaimed);
3933 }
3934
iwl_mvm_add_pasn_sta(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct iwl_mvm_int_sta * sta,u8 * addr,u32 cipher,u8 * key,u32 key_len)3935 int iwl_mvm_add_pasn_sta(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
3936 struct iwl_mvm_int_sta *sta, u8 *addr, u32 cipher,
3937 u8 *key, u32 key_len)
3938 {
3939 int ret;
3940 u16 queue;
3941 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3942 struct ieee80211_key_conf *keyconf;
3943
3944 ret = iwl_mvm_allocate_int_sta(mvm, sta, 0,
3945 NL80211_IFTYPE_UNSPECIFIED,
3946 IWL_STA_LINK);
3947 if (ret)
3948 return ret;
3949
3950 ret = iwl_mvm_add_int_sta_with_queue(mvm, mvmvif->id, mvmvif->color,
3951 addr, sta, &queue,
3952 IWL_MVM_TX_FIFO_BE);
3953 if (ret)
3954 goto out;
3955
3956 keyconf = kzalloc(sizeof(*keyconf) + key_len, GFP_KERNEL);
3957 if (!keyconf) {
3958 ret = -ENOBUFS;
3959 goto out;
3960 }
3961
3962 keyconf->cipher = cipher;
3963 memcpy(keyconf->key, key, key_len);
3964 keyconf->keylen = key_len;
3965
3966 ret = iwl_mvm_send_sta_key(mvm, sta->sta_id, keyconf, false,
3967 0, NULL, 0, 0, true);
3968 kfree(keyconf);
3969 return 0;
3970 out:
3971 iwl_mvm_dealloc_int_sta(mvm, sta);
3972 return ret;
3973 }
3974
