mt76x02_usb_core.c - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
mt76x02_usb_core.c (7670B)
      1// SPDX-License-Identifier: ISC
      2/*
      3 * Copyright (C) 2018 Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>
      4 */
      5
      6#include "mt76x02_usb.h"
      7
      8static void mt76x02u_remove_dma_hdr(struct sk_buff *skb)
      9{
     10	int hdr_len;
     11
     12	skb_pull(skb, sizeof(struct mt76x02_txwi) + MT_DMA_HDR_LEN);
     13	hdr_len = ieee80211_get_hdrlen_from_skb(skb);
     14	if (hdr_len % 4)
     15		mt76x02_remove_hdr_pad(skb, 2);
     16}
     17
     18void mt76x02u_tx_complete_skb(struct mt76_dev *mdev, struct mt76_queue_entry *e)
     19{
     20	mt76x02u_remove_dma_hdr(e->skb);
     21	mt76_tx_complete_skb(mdev, e->wcid, e->skb);
     22}
     23EXPORT_SYMBOL_GPL(mt76x02u_tx_complete_skb);
     24
     25int mt76x02u_mac_start(struct mt76x02_dev *dev)
     26{
     27	mt76x02_mac_reset_counters(dev);
     28
     29	mt76_wr(dev, MT_MAC_SYS_CTRL, MT_MAC_SYS_CTRL_ENABLE_TX);
     30	if (!mt76x02_wait_for_wpdma(&dev->mt76, 200000))
     31		return -ETIMEDOUT;
     32
     33	mt76_wr(dev, MT_RX_FILTR_CFG, dev->mt76.rxfilter);
     34
     35	mt76_wr(dev, MT_MAC_SYS_CTRL,
     36		MT_MAC_SYS_CTRL_ENABLE_TX |
     37		MT_MAC_SYS_CTRL_ENABLE_RX);
     38
     39	if (!mt76x02_wait_for_wpdma(&dev->mt76, 50))
     40		return -ETIMEDOUT;
     41
     42	return 0;
     43}
     44EXPORT_SYMBOL_GPL(mt76x02u_mac_start);
     45
     46int mt76x02u_skb_dma_info(struct sk_buff *skb, int port, u32 flags)
     47{
     48	u32 info, pad;
     49
     50	/* Buffer layout:
     51	 *	|   4B   | xfer len |      pad       |  4B  |
     52	 *	| TXINFO | pkt/cmd  | zero pad to 4B | zero |
     53	 *
     54	 * length field of TXINFO should be set to 'xfer len'.
     55	 */
     56	info = FIELD_PREP(MT_TXD_INFO_LEN, round_up(skb->len, 4)) |
     57	       FIELD_PREP(MT_TXD_INFO_DPORT, port) | flags;
     58	put_unaligned_le32(info, skb_push(skb, sizeof(info)));
     59
     60	pad = round_up(skb->len, 4) + 4 - skb->len;
     61	return mt76_skb_adjust_pad(skb, pad);
     62}
     63
     64int mt76x02u_tx_prepare_skb(struct mt76_dev *mdev, void *data,
     65			    enum mt76_txq_id qid, struct mt76_wcid *wcid,
     66			    struct ieee80211_sta *sta,
     67			    struct mt76_tx_info *tx_info)
     68{
     69	struct mt76x02_dev *dev = container_of(mdev, struct mt76x02_dev, mt76);
     70	int pid, len = tx_info->skb->len, ep = q2ep(dev->mphy.q_tx[qid]->hw_idx);
     71	struct mt76x02_txwi *txwi;
     72	bool ampdu = IEEE80211_SKB_CB(tx_info->skb)->flags & IEEE80211_TX_CTL_AMPDU;
     73	enum mt76_qsel qsel;
     74	u32 flags;
     75	int err;
     76
     77	mt76_insert_hdr_pad(tx_info->skb);
     78
     79	txwi = (struct mt76x02_txwi *)(tx_info->skb->data - sizeof(*txwi));
     80	mt76x02_mac_write_txwi(dev, txwi, tx_info->skb, wcid, sta, len);
     81	skb_push(tx_info->skb, sizeof(*txwi));
     82
     83	pid = mt76_tx_status_skb_add(mdev, wcid, tx_info->skb);
     84
     85	/* encode packet rate for no-skb packet id to fix up status reporting */
     86	if (pid == MT_PACKET_ID_NO_SKB)
     87		pid = MT_PACKET_ID_HAS_RATE |
     88		      (le16_to_cpu(txwi->rate) & MT_PKTID_RATE) |
     89		      FIELD_PREP(MT_PKTID_AC,
     90				 skb_get_queue_mapping(tx_info->skb));
     91
     92	txwi->pktid = pid;
     93
     94	if ((mt76_is_skb_pktid(pid) && ampdu) || ep == MT_EP_OUT_HCCA)
     95		qsel = MT_QSEL_MGMT;
     96	else
     97		qsel = MT_QSEL_EDCA;
     98
     99	flags = FIELD_PREP(MT_TXD_INFO_QSEL, qsel) |
    100		MT_TXD_INFO_80211;
    101	if (!wcid || wcid->hw_key_idx == 0xff || wcid->sw_iv)
    102		flags |= MT_TXD_INFO_WIV;
    103
    104	if (sta) {
    105		struct mt76x02_sta *msta = (struct mt76x02_sta *)sta->drv_priv;
    106
    107		ewma_pktlen_add(&msta->pktlen, tx_info->skb->len);
    108	}
    109
    110	err = mt76x02u_skb_dma_info(tx_info->skb, WLAN_PORT, flags);
    111	if (err && wcid)
    112		/* Release pktid in case of error. */
    113		idr_remove(&wcid->pktid, pid);
    114
    115	return err;
    116}
    117EXPORT_SYMBOL_GPL(mt76x02u_tx_prepare_skb);
    118
    119/* Trigger pre-TBTT event 8 ms before TBTT */
    120#define PRE_TBTT_USEC 8000
    121
    122/* Beacon SRAM memory is limited to 8kB. We need to send PS buffered frames
    123 * (which can be 1500 bytes big) via beacon memory. That make limit of number
    124 * of slots to 5. TODO: dynamically calculate offsets in beacon SRAM.
    125 */
    126#define N_BCN_SLOTS 5
    127
    128static void mt76x02u_start_pre_tbtt_timer(struct mt76x02_dev *dev)
    129{
    130	u64 time;
    131	u32 tbtt;
    132
    133	/* Get remaining TBTT in usec */
    134	tbtt = mt76_get_field(dev, MT_TBTT_TIMER, MT_TBTT_TIMER_VAL);
    135	tbtt *= 32;
    136
    137	if (tbtt <= PRE_TBTT_USEC) {
    138		queue_work(system_highpri_wq, &dev->pre_tbtt_work);
    139		return;
    140	}
    141
    142	time = (tbtt - PRE_TBTT_USEC) * 1000ull;
    143	hrtimer_start(&dev->pre_tbtt_timer, time, HRTIMER_MODE_REL);
    144}
    145
    146static void mt76x02u_restart_pre_tbtt_timer(struct mt76x02_dev *dev)
    147{
    148	u32 tbtt, dw0, dw1;
    149	u64 tsf, time;
    150
    151	/* Get remaining TBTT in usec */
    152	tbtt = mt76_get_field(dev, MT_TBTT_TIMER, MT_TBTT_TIMER_VAL);
    153	tbtt *= 32;
    154
    155	dw0 = mt76_rr(dev, MT_TSF_TIMER_DW0);
    156	dw1 = mt76_rr(dev, MT_TSF_TIMER_DW1);
    157	tsf = (u64)dw0 << 32 | dw1;
    158	dev_dbg(dev->mt76.dev, "TSF: %llu us TBTT %u us\n", tsf, tbtt);
    159
    160	/* Convert beacon interval in TU (1024 usec) to nsec */
    161	time = ((1000000000ull * dev->mt76.beacon_int) >> 10);
    162
    163	/* Adjust time to trigger hrtimer 8ms before TBTT */
    164	if (tbtt < PRE_TBTT_USEC)
    165		time -= (PRE_TBTT_USEC - tbtt) * 1000ull;
    166	else
    167		time += (tbtt - PRE_TBTT_USEC) * 1000ull;
    168
    169	hrtimer_start(&dev->pre_tbtt_timer, time, HRTIMER_MODE_REL);
    170}
    171
    172static void mt76x02u_stop_pre_tbtt_timer(struct mt76x02_dev *dev)
    173{
    174	do {
    175		hrtimer_cancel(&dev->pre_tbtt_timer);
    176		cancel_work_sync(&dev->pre_tbtt_work);
    177		/* Timer can be rearmed by work. */
    178	} while (hrtimer_active(&dev->pre_tbtt_timer));
    179}
    180
    181static void mt76x02u_pre_tbtt_work(struct work_struct *work)
    182{
    183	struct mt76x02_dev *dev =
    184		container_of(work, struct mt76x02_dev, pre_tbtt_work);
    185	struct beacon_bc_data data = {};
    186	struct sk_buff *skb;
    187	int nbeacons;
    188
    189	if (!dev->mt76.beacon_mask)
    190		return;
    191
    192	if (mt76_hw(dev)->conf.flags & IEEE80211_CONF_OFFCHANNEL)
    193		return;
    194
    195	mt76x02_resync_beacon_timer(dev);
    196
    197	/* Prevent corrupt transmissions during update */
    198	mt76_set(dev, MT_BCN_BYPASS_MASK, 0xffff);
    199	dev->beacon_data_count = 0;
    200
    201	ieee80211_iterate_active_interfaces(mt76_hw(dev),
    202		IEEE80211_IFACE_ITER_RESUME_ALL,
    203		mt76x02_update_beacon_iter, dev);
    204
    205	mt76_csa_check(&dev->mt76);
    206
    207	if (dev->mt76.csa_complete) {
    208		mt76_csa_finish(&dev->mt76);
    209		goto out;
    210	}
    211
    212	nbeacons = hweight8(dev->mt76.beacon_mask);
    213	mt76x02_enqueue_buffered_bc(dev, &data, N_BCN_SLOTS - nbeacons);
    214
    215	while ((skb = __skb_dequeue(&data.q)) != NULL)
    216		mt76x02_mac_set_beacon(dev, skb);
    217
    218out:
    219	mt76_wr(dev, MT_BCN_BYPASS_MASK,
    220		0xff00 | ~(0xff00 >> dev->beacon_data_count));
    221
    222	mt76x02u_restart_pre_tbtt_timer(dev);
    223}
    224
    225static enum hrtimer_restart mt76x02u_pre_tbtt_interrupt(struct hrtimer *timer)
    226{
    227	struct mt76x02_dev *dev =
    228	    container_of(timer, struct mt76x02_dev, pre_tbtt_timer);
    229
    230	queue_work(system_highpri_wq, &dev->pre_tbtt_work);
    231
    232	return HRTIMER_NORESTART;
    233}
    234
    235static void mt76x02u_pre_tbtt_enable(struct mt76x02_dev *dev, bool en)
    236{
    237	if (en && dev->mt76.beacon_mask &&
    238	    !hrtimer_active(&dev->pre_tbtt_timer))
    239		mt76x02u_start_pre_tbtt_timer(dev);
    240	if (!en)
    241		mt76x02u_stop_pre_tbtt_timer(dev);
    242}
    243
    244static void mt76x02u_beacon_enable(struct mt76x02_dev *dev, bool en)
    245{
    246	if (WARN_ON_ONCE(!dev->mt76.beacon_int))
    247		return;
    248
    249	if (en)
    250		mt76x02u_start_pre_tbtt_timer(dev);
    251}
    252
    253void mt76x02u_init_beacon_config(struct mt76x02_dev *dev)
    254{
    255	static const struct mt76x02_beacon_ops beacon_ops = {
    256		.nslots = N_BCN_SLOTS,
    257		.slot_size = (8192 / N_BCN_SLOTS) & ~63,
    258		.pre_tbtt_enable = mt76x02u_pre_tbtt_enable,
    259		.beacon_enable = mt76x02u_beacon_enable,
    260	};
    261	dev->beacon_ops = &beacon_ops;
    262
    263	hrtimer_init(&dev->pre_tbtt_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
    264	dev->pre_tbtt_timer.function = mt76x02u_pre_tbtt_interrupt;
    265	INIT_WORK(&dev->pre_tbtt_work, mt76x02u_pre_tbtt_work);
    266
    267	mt76x02_init_beacon_config(dev);
    268}
    269EXPORT_SYMBOL_GPL(mt76x02u_init_beacon_config);
    270
    271void mt76x02u_exit_beacon_config(struct mt76x02_dev *dev)
    272{
    273	if (!test_bit(MT76_REMOVED, &dev->mphy.state))
    274		mt76_clear(dev, MT_BEACON_TIME_CFG,
    275			   MT_BEACON_TIME_CFG_TIMER_EN |
    276			   MT_BEACON_TIME_CFG_SYNC_MODE |
    277			   MT_BEACON_TIME_CFG_TBTT_EN |
    278			   MT_BEACON_TIME_CFG_BEACON_TX);
    279
    280	mt76x02u_stop_pre_tbtt_timer(dev);
    281}
    282EXPORT_SYMBOL_GPL(mt76x02u_exit_beacon_config);