If the length isn't set it means we want all the SRAM.
Also - this is perfectly valid to partially dump starting
at offset 0.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Discovered by klocwork
Array 'iwl_rate_mcs' of size 15 may use index value(s) -1
* rs.c:2562: index = iwl_hwrate_to_plcp_idx(rate)
* rs.c:2562: Result of function call 'iwl_hwrate_to_plcp_idx(rate)' is '[-1,14]'
* rs.c:2565: Array 'iwl_rate_mcs' size is 15.
* rs.c:2565: Possible attempt to access element -1 of array 'iwl_rate_mcs'.
While at it stop using index = -1 and always use IWL_RATE_INVALID
Signed-off-by: Eyal Shapira <eyalx.shapira@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Some NIC comes with more than the 4 NVM (non volative
memory) sections described in the nvm_to_read array.
These NICs usually get their NVM from an external file
fetched from userland during init.
We already parsed the file, but sent to the NIC only 4 NVM
sections whereas there could be more sections in the file.
Fix this.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Since seq_number is incremented right after using
it, so printed seq_ctrl was actually the next
one to be used.
Fix it by incrementing the seq_number only later,
before saving it.
Additionally, use the IEEE80211_SEQ_TO_SN macro
in order to print the actual sequence number.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Enabling the oscillator consumes slightly more power (100uA)
but allows to make sure that we exit from L1 on time.
Not doing so might lead to a PCIe specification violation
since we might wake up from L1 at the wrong time.
This issue has been identified on 3160 and 7260 only.
On older NICs L1 off is not enabled, on newer NICs (7265),
the issue is fixed.
When the bug occurs the user sees that the NIC has
disappeared from the PCI bridge, any access to the device
returns 0xff.
This fixes:
https://bugzilla.kernel.org/show_bug.cgi?id=64541
and has been extensively discussed here:
http://markmail.org/thread/mfmpzqt3r333n4bo
Cc: stable@vger.kernel.org [3.10+]
Fixes: 99cd471423 ("iwlwifi: add 7000 series device configuration")
Reported-and-tested-by: wzyboy <wzyboy@wzyboy.org>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
When we disassociate in managed mode, we flush the queues
after mac80211 has already removed the station.
During that time, the pointer to ieee80211_sta to the
fw_id_to_mac_id map is -EINVAL. In that case we should not
set the station as being drained when the last Tx of this
station has exited the shared Tx queue since we are
flushing all the queues anyway.
The draining logic is meant to be used in GO / AP mode only.
In GO / AP mode, we set -EBUSY in the fw_id_to_mac_id map.
This is why testing the ieee80211_sta pointer in the
fw_id_to_mac_id map with IS_ERR isn't enough to set the
station as draining, we need to check that it is -EBUSY.
The only impact of the bug was a print:
Drained sta 1, but it is internal?
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
If we can't switch to a column because no rates are supported
in that column this led to a state where the search cycle
got stuck and never ended. This in turn also led to aggregation
not being turned on. Fix this by marking a column as
visited if we can't switch to it.
Reported-and-tested-by: Karl Beldan <karl.beldan@gmail.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Cleanup of iwl_mvm_leds was missing in case of error,
resulting in the following warning:
WARNING: at lib/kobject.c:196 kobject_add_internal+0x1f4/0x210()
kobject_add_internal failed for phy0-led with -EEXIST, don't try to register things with the same name in the same directory.
which prevents further reloads of the driver.
Cc: stable@vger.kernel.org [3.10+]
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The power settings need to be updated after a binding flow is done
and before quota calculations. This was missing in the start_ap_ibss()
flow. Fix it.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The state variable was not set to false in case of a failure to
complete the start_ap_ibss() flow.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Found by klocwork analysis.
mvm could be NULL which may cause a NULL dereference
in a theoretical call flow
rs_fill_lq_cmd(mvm = NULL, ...)
rs_build_rates_table
rs_fill_rates_for_column
ucode_rate_from_rs_rate
IWL_ERR(mvm,...)
No real reason for passing NULL to rs_fill_lq_cmd so fix that.
Reported-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Currently, the MAC context tsf_id assignment and the master/slave
relations are determined only when a new vif is added, as part
of the MAC context resource allocation. However, at this stage, the
beacon interval is not known, and thus could not be taken into account
in the master-slave algorithm.
To fix this, recalculate the MAC context tsf_id assignment,
just before the MAC context is activated, i.e., just before
a station VMAC is configured to associated and before an AP
VMAC is started.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Change the parameters for calculating an AP TBTT to 64/36 instead of
80/20, to increase the interval between a station vif and an AP
vif TBTT events.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The access to the CSR_RESET reg should be done as a complete
DWORD and not by setting a bit. This is the right way to reset
the device.
Signed-off-by: Eran Harary <eran.harary@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Instead of always calling ieee80211_beacon_loss() on every missed
beacons notification, call this function only if the number of
consecutive missed beacons from last rx is higher than a predefined
threshold.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
If the channel min-width changes, we can update the PHY ctx, even if
it has multiple references.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Reviewed-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
This allows to format it at will using external tools.
Since different teams want it in different formats, dump
the raw data and everyone can play with the data the way
they want.
While at it - make this code slightly more robust by making
the required verification on the offsets / length in the
write handler.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Don't check if mvm->fw->cs is NULL since it can't be.
cs is an array member of iwl_fw, it can't be NULL.
Use memset(ptr, 0, sizeof(*ptr)); instead of
memset(ptr, 0, sizeof(struct ptr_type));
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The firmware needs to be stopped quickly (100ms) after the
RFKILL interrupt fired. Failing to do so would allow the
firmware to access the radio registers which would lead to
a hardware error.
Before this change, we would kill the firmware only when
mac80211 stops the device which can take a fair amount of
time. Take a shortcut by stopping the device right away
in the interrupt.
This is not relevant if the current firmware is INIT
firmware since that firmware can run while in RFKILL.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Calling stop_device when start_fw wasn't called would issue:
Stopping tx queues that aren't allocated...
Also allow the op_mode to call stop_device and then to
disable the Tx queues - in that case just silently ignore
the disabling on the Tx queues, since the PRPH registers
aren't reachable any more.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
This is useless and introduces a dependency between rfkill
and stop_device - the op_mode can't call stop_device from
the rfkill notification since it would lead to an endless
recursion.
Next patches will need to do so.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Under very specific circumstances, the firmware might
ignore a host command. This was debugged and we ended up
seeing that the power management hardware was faulty.
In order to workaround this issue, we keep the NIC awake
as long as we have host commands in flight. This will avoid
to put the hardware into buggy condition.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
In case of invalid section_id, the function returns after
it aleready allocated memory. Fixed by change the order of actions.
Signed-off-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The AC / fifo mapping was wrong - BE packets landed in VO
FIFO. The iwl_mvm_tx_fifo enumeration isn't in the same
order as ieee80211_ac_numbers enumeration.
Since the firmware relies on fifo / ac mapping - this led
to wrong behavior. E.g. the firmware sends beacon with the
same QoS parameters as VO, and it actually took the
parameters of BK. There are probably more severe issues.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
This lock was never acquired in the primary interrupt
handler, but since it was acquired along with irq_lock
which had to disable interrupts, rxq->lock had to disable
interrupts too.
Now that trans_pcie->irq_lock isn't acquired in the primary
interrupt handler, rxq->lock can let interrupt enabled.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Since we don't take this lock in the primary interrupt
handler, there is no pointin disabling the interrupt
in the critical section protected by trans_pcie->irq_lock.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Handling interrupt with no cause and printing logs doesn't
need to be ICT / non-ICT specific move this to the common
code.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
This was useful when the handling was not in the same
context as the interrupt cause retrieval: we could have
several hard interrupts until the handler gets called.
Since we retrieve the interrupt cause in the handler itself,
there is no need to OR the interrupt causes.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
These functions are meant to return an interrupt cause and
not an irqreturn_t.
We still return IRQ_HANDLED if we had an error and IRQ_NONE
if our device hasn't fired any interrupt.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Instead of having:
iwl_pcie_irq_handler
iwl_pcie_isr_ict
iwl_pcie_isr_non_ict
we now have:
iwl_pcie_irq_handler:
if (use_ict))
iwl_pcie_int_cause_ict;
else
iwl_pcie_int_cause_non_ict;
This is much clearer.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
We now disable the interrupts in the hardware from the
upper half and all the rest (including reading the interrupt
cause) is done in the handler.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The purpose of this is to be able to call these functions
from the interrupt handler and not from the primary
interrupt handler.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Separate the code that simply disables interrupt in the
hardware and the code that checks what interrupt fired.
This will be useful to move the second part in the threaded
handler which will be done in a future patch.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Track the interrupt mask in software, making it exactly
what is configured in the interrupt mask register in the
hardware.
This allows not to access the register from the interrupt
handler. This was the case for ICT interrupt already, but
not for non-ICT interrupt.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Since iwl_trans_pcie_alloc_ict is called in the PCIe
allocation code, we always set CSR_INT_BIT_RX_PERIODIC.
Move that bit to the default list of interrupts we enable
and simplify the code.
Also use dma_zalloc_ and avoid to memset the memory
afterwards.
trans_pcie->ict_index is 0 since trans_pcie has just been
kzalloced, remove the redundant assignment.
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
RTS protection was turned on once aggregation was enabled but it
was never turned off. Remove turning on RTS protection in the LQ command
completely as TX_CMD_FLG_PROT_REQUIRE gets set in iwl_mvm_set_tx_cmd
for every Tx which is part of an aggregation. This would already cause
RTS protection to be used during aggregations.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Set the Tx/Rx highest long GI rates in the VHT Supported MCS Set
field according to the chip capabilties.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
MCS9 introduces some corner cases in the current rs
algorithm which may lead to non optimal throughput and
instability in the throughput. Until all the corner
cases are resolved disable MCS9 for Tx as a workaround
which yields better throughput results as MCS8 is much
more stable.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Extract the scale action decision to a different function
in preparation of modifying it. While at it also convert
the scale action values from hardcoded values to a clear enum.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The logs are emitted in a flow in which there were retries
and the rates in the rate table entry didn't match the active
or search table. This doesn't indicate a problem and is
expected in most cases where there will be retries for some
reason. Remove the logs.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The new logic will attempt more rates with less retries
per rate. Also when starting off with MIMO it will
fallback to SISO with the same MCS and only then to Legacy.
Previously we fell back directly to Legacy.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
The supported legacy rate mask is initialized when rs
is initialized based on the remote peer supported rates.
There's no need to re mask it repeatedly with the supported
remote peer rates.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Simplify the code a bit more by extracting the rates table
building logic into a separate function and handle setting
a fixed rate for debug in a separate flow.
Also avoid using and saving ucode rate format in different
places. Instead use rs_rate struct and convert to ucode format
only when filling the rates table in the LQ command.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Current firmware doesn't handle well uAPSD in P2P Client.
When it will be fixed, the firmware will set a TLV flag to notify
the driver that uAPSD is supported in P2P client mode.
Check this flag when sending power command for P2P client.
Signed-off-by: Alexander Bondar <alexander.bondar@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>