xref: /openbmc/linux/drivers/net/wireless/ath/ath10k/mac.c (revision b2abe33d)
1 // SPDX-License-Identifier: ISC
2 /*
3  * Copyright (c) 2005-2011 Atheros Communications Inc.
4  * Copyright (c) 2011-2017 Qualcomm Atheros, Inc.
5  * Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
6  */
7 
8 #include "mac.h"
9 
10 #include <net/cfg80211.h>
11 #include <net/mac80211.h>
12 #include <linux/etherdevice.h>
13 #include <linux/acpi.h>
14 #include <linux/of.h>
15 #include <linux/bitfield.h>
16 
17 #include "hif.h"
18 #include "core.h"
19 #include "debug.h"
20 #include "wmi.h"
21 #include "htt.h"
22 #include "txrx.h"
23 #include "testmode.h"
24 #include "wmi-tlv.h"
25 #include "wmi-ops.h"
26 #include "wow.h"
27 
28 /*********/
29 /* Rates */
30 /*********/
31 
32 static struct ieee80211_rate ath10k_rates[] = {
33 	{ .bitrate = 10,
34 	  .hw_value = ATH10K_HW_RATE_CCK_LP_1M },
35 	{ .bitrate = 20,
36 	  .hw_value = ATH10K_HW_RATE_CCK_LP_2M,
37 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_2M,
38 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
39 	{ .bitrate = 55,
40 	  .hw_value = ATH10K_HW_RATE_CCK_LP_5_5M,
41 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_5_5M,
42 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
43 	{ .bitrate = 110,
44 	  .hw_value = ATH10K_HW_RATE_CCK_LP_11M,
45 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_11M,
46 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
47 
48 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
49 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
50 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
51 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
52 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
53 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
54 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
55 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
56 };
57 
58 static struct ieee80211_rate ath10k_rates_rev2[] = {
59 	{ .bitrate = 10,
60 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_1M },
61 	{ .bitrate = 20,
62 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_2M,
63 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_2M,
64 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
65 	{ .bitrate = 55,
66 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_5_5M,
67 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_5_5M,
68 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
69 	{ .bitrate = 110,
70 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_11M,
71 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_11M,
72 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
73 
74 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
75 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
76 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
77 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
78 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
79 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
80 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
81 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
82 };
83 
84 static const struct cfg80211_sar_freq_ranges ath10k_sar_freq_ranges[] = {
85 	{.start_freq = 2402, .end_freq = 2494 },
86 	{.start_freq = 5170, .end_freq = 5875 },
87 };
88 
89 static const struct cfg80211_sar_capa ath10k_sar_capa = {
90 	.type = NL80211_SAR_TYPE_POWER,
91 	.num_freq_ranges = (ARRAY_SIZE(ath10k_sar_freq_ranges)),
92 	.freq_ranges = &ath10k_sar_freq_ranges[0],
93 };
94 
95 #define ATH10K_MAC_FIRST_OFDM_RATE_IDX 4
96 
97 #define ath10k_a_rates (ath10k_rates + ATH10K_MAC_FIRST_OFDM_RATE_IDX)
98 #define ath10k_a_rates_size (ARRAY_SIZE(ath10k_rates) - \
99 			     ATH10K_MAC_FIRST_OFDM_RATE_IDX)
100 #define ath10k_g_rates (ath10k_rates + 0)
101 #define ath10k_g_rates_size (ARRAY_SIZE(ath10k_rates))
102 
103 #define ath10k_g_rates_rev2 (ath10k_rates_rev2 + 0)
104 #define ath10k_g_rates_rev2_size (ARRAY_SIZE(ath10k_rates_rev2))
105 
106 #define ath10k_wmi_legacy_rates ath10k_rates
107 
108 static bool ath10k_mac_bitrate_is_cck(int bitrate)
109 {
110 	switch (bitrate) {
111 	case 10:
112 	case 20:
113 	case 55:
114 	case 110:
115 		return true;
116 	}
117 
118 	return false;
119 }
120 
121 static u8 ath10k_mac_bitrate_to_rate(int bitrate)
122 {
123 	return DIV_ROUND_UP(bitrate, 5) |
124 	       (ath10k_mac_bitrate_is_cck(bitrate) ? BIT(7) : 0);
125 }
126 
127 u8 ath10k_mac_hw_rate_to_idx(const struct ieee80211_supported_band *sband,
128 			     u8 hw_rate, bool cck)
129 {
130 	const struct ieee80211_rate *rate;
131 	int i;
132 
133 	for (i = 0; i < sband->n_bitrates; i++) {
134 		rate = &sband->bitrates[i];
135 
136 		if (ath10k_mac_bitrate_is_cck(rate->bitrate) != cck)
137 			continue;
138 
139 		if (rate->hw_value == hw_rate)
140 			return i;
141 		else if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE &&
142 			 rate->hw_value_short == hw_rate)
143 			return i;
144 	}
145 
146 	return 0;
147 }
148 
149 u8 ath10k_mac_bitrate_to_idx(const struct ieee80211_supported_band *sband,
150 			     u32 bitrate)
151 {
152 	int i;
153 
154 	for (i = 0; i < sband->n_bitrates; i++)
155 		if (sband->bitrates[i].bitrate == bitrate)
156 			return i;
157 
158 	return 0;
159 }
160 
161 static int ath10k_mac_get_rate_hw_value(int bitrate)
162 {
163 	int i;
164 	u8 hw_value_prefix = 0;
165 
166 	if (ath10k_mac_bitrate_is_cck(bitrate))
167 		hw_value_prefix = WMI_RATE_PREAMBLE_CCK << 6;
168 
169 	for (i = 0; i < ARRAY_SIZE(ath10k_rates); i++) {
170 		if (ath10k_rates[i].bitrate == bitrate)
171 			return hw_value_prefix | ath10k_rates[i].hw_value;
172 	}
173 
174 	return -EINVAL;
175 }
176 
177 static int ath10k_mac_get_max_vht_mcs_map(u16 mcs_map, int nss)
178 {
179 	switch ((mcs_map >> (2 * nss)) & 0x3) {
180 	case IEEE80211_VHT_MCS_SUPPORT_0_7: return BIT(8) - 1;
181 	case IEEE80211_VHT_MCS_SUPPORT_0_8: return BIT(9) - 1;
182 	case IEEE80211_VHT_MCS_SUPPORT_0_9: return BIT(10) - 1;
183 	}
184 	return 0;
185 }
186 
187 static u32
188 ath10k_mac_max_ht_nss(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
189 {
190 	int nss;
191 
192 	for (nss = IEEE80211_HT_MCS_MASK_LEN - 1; nss >= 0; nss--)
193 		if (ht_mcs_mask[nss])
194 			return nss + 1;
195 
196 	return 1;
197 }
198 
199 static u32
200 ath10k_mac_max_vht_nss(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
201 {
202 	int nss;
203 
204 	for (nss = NL80211_VHT_NSS_MAX - 1; nss >= 0; nss--)
205 		if (vht_mcs_mask[nss])
206 			return nss + 1;
207 
208 	return 1;
209 }
210 
211 int ath10k_mac_ext_resource_config(struct ath10k *ar, u32 val)
212 {
213 	enum wmi_host_platform_type platform_type;
214 	int ret;
215 
216 	if (test_bit(WMI_SERVICE_TX_MODE_DYNAMIC, ar->wmi.svc_map))
217 		platform_type = WMI_HOST_PLATFORM_LOW_PERF;
218 	else
219 		platform_type = WMI_HOST_PLATFORM_HIGH_PERF;
220 
221 	ret = ath10k_wmi_ext_resource_config(ar, platform_type, val);
222 
223 	if (ret && ret != -EOPNOTSUPP) {
224 		ath10k_warn(ar, "failed to configure ext resource: %d\n", ret);
225 		return ret;
226 	}
227 
228 	return 0;
229 }
230 
231 /**********/
232 /* Crypto */
233 /**********/
234 
235 static int ath10k_send_key(struct ath10k_vif *arvif,
236 			   struct ieee80211_key_conf *key,
237 			   enum set_key_cmd cmd,
238 			   const u8 *macaddr, u32 flags)
239 {
240 	struct ath10k *ar = arvif->ar;
241 	struct wmi_vdev_install_key_arg arg = {
242 		.vdev_id = arvif->vdev_id,
243 		.key_idx = key->keyidx,
244 		.key_len = key->keylen,
245 		.key_data = key->key,
246 		.key_flags = flags,
247 		.macaddr = macaddr,
248 	};
249 
250 	lockdep_assert_held(&arvif->ar->conf_mutex);
251 
252 	switch (key->cipher) {
253 	case WLAN_CIPHER_SUITE_CCMP:
254 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
255 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
256 		break;
257 	case WLAN_CIPHER_SUITE_TKIP:
258 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_TKIP];
259 		arg.key_txmic_len = 8;
260 		arg.key_rxmic_len = 8;
261 		break;
262 	case WLAN_CIPHER_SUITE_WEP40:
263 	case WLAN_CIPHER_SUITE_WEP104:
264 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_WEP];
265 		break;
266 	case WLAN_CIPHER_SUITE_CCMP_256:
267 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
268 		break;
269 	case WLAN_CIPHER_SUITE_GCMP:
270 	case WLAN_CIPHER_SUITE_GCMP_256:
271 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_GCM];
272 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
273 		break;
274 	case WLAN_CIPHER_SUITE_BIP_GMAC_128:
275 	case WLAN_CIPHER_SUITE_BIP_GMAC_256:
276 	case WLAN_CIPHER_SUITE_BIP_CMAC_256:
277 	case WLAN_CIPHER_SUITE_AES_CMAC:
278 		WARN_ON(1);
279 		return -EINVAL;
280 	default:
281 		ath10k_warn(ar, "cipher %d is not supported\n", key->cipher);
282 		return -EOPNOTSUPP;
283 	}
284 
285 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
286 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
287 
288 	if (cmd == DISABLE_KEY) {
289 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_NONE];
290 		arg.key_data = NULL;
291 	}
292 
293 	return ath10k_wmi_vdev_install_key(arvif->ar, &arg);
294 }
295 
296 static int ath10k_install_key(struct ath10k_vif *arvif,
297 			      struct ieee80211_key_conf *key,
298 			      enum set_key_cmd cmd,
299 			      const u8 *macaddr, u32 flags)
300 {
301 	struct ath10k *ar = arvif->ar;
302 	int ret;
303 	unsigned long time_left;
304 
305 	lockdep_assert_held(&ar->conf_mutex);
306 
307 	reinit_completion(&ar->install_key_done);
308 
309 	if (arvif->nohwcrypt)
310 		return 1;
311 
312 	ret = ath10k_send_key(arvif, key, cmd, macaddr, flags);
313 	if (ret)
314 		return ret;
315 
316 	time_left = wait_for_completion_timeout(&ar->install_key_done, 3 * HZ);
317 	if (time_left == 0)
318 		return -ETIMEDOUT;
319 
320 	return 0;
321 }
322 
323 static int ath10k_install_peer_wep_keys(struct ath10k_vif *arvif,
324 					const u8 *addr)
325 {
326 	struct ath10k *ar = arvif->ar;
327 	struct ath10k_peer *peer;
328 	int ret;
329 	int i;
330 	u32 flags;
331 
332 	lockdep_assert_held(&ar->conf_mutex);
333 
334 	if (WARN_ON(arvif->vif->type != NL80211_IFTYPE_AP &&
335 		    arvif->vif->type != NL80211_IFTYPE_ADHOC &&
336 		    arvif->vif->type != NL80211_IFTYPE_MESH_POINT))
337 		return -EINVAL;
338 
339 	spin_lock_bh(&ar->data_lock);
340 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
341 	spin_unlock_bh(&ar->data_lock);
342 
343 	if (!peer)
344 		return -ENOENT;
345 
346 	for (i = 0; i < ARRAY_SIZE(arvif->wep_keys); i++) {
347 		if (arvif->wep_keys[i] == NULL)
348 			continue;
349 
350 		switch (arvif->vif->type) {
351 		case NL80211_IFTYPE_AP:
352 			flags = WMI_KEY_PAIRWISE;
353 
354 			if (arvif->def_wep_key_idx == i)
355 				flags |= WMI_KEY_TX_USAGE;
356 
357 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
358 						 SET_KEY, addr, flags);
359 			if (ret < 0)
360 				return ret;
361 			break;
362 		case NL80211_IFTYPE_ADHOC:
363 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
364 						 SET_KEY, addr,
365 						 WMI_KEY_PAIRWISE);
366 			if (ret < 0)
367 				return ret;
368 
369 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
370 						 SET_KEY, addr, WMI_KEY_GROUP);
371 			if (ret < 0)
372 				return ret;
373 			break;
374 		default:
375 			WARN_ON(1);
376 			return -EINVAL;
377 		}
378 
379 		spin_lock_bh(&ar->data_lock);
380 		peer->keys[i] = arvif->wep_keys[i];
381 		spin_unlock_bh(&ar->data_lock);
382 	}
383 
384 	/* In some cases (notably with static WEP IBSS with multiple keys)
385 	 * multicast Tx becomes broken. Both pairwise and groupwise keys are
386 	 * installed already. Using WMI_KEY_TX_USAGE in different combinations
387 	 * didn't seem help. Using def_keyid vdev parameter seems to be
388 	 * effective so use that.
389 	 *
390 	 * FIXME: Revisit. Perhaps this can be done in a less hacky way.
391 	 */
392 	if (arvif->vif->type != NL80211_IFTYPE_ADHOC)
393 		return 0;
394 
395 	if (arvif->def_wep_key_idx == -1)
396 		return 0;
397 
398 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
399 					arvif->vdev_id,
400 					arvif->ar->wmi.vdev_param->def_keyid,
401 					arvif->def_wep_key_idx);
402 	if (ret) {
403 		ath10k_warn(ar, "failed to re-set def wpa key idxon vdev %i: %d\n",
404 			    arvif->vdev_id, ret);
405 		return ret;
406 	}
407 
408 	return 0;
409 }
410 
411 static int ath10k_clear_peer_keys(struct ath10k_vif *arvif,
412 				  const u8 *addr)
413 {
414 	struct ath10k *ar = arvif->ar;
415 	struct ath10k_peer *peer;
416 	int first_errno = 0;
417 	int ret;
418 	int i;
419 	u32 flags = 0;
420 
421 	lockdep_assert_held(&ar->conf_mutex);
422 
423 	spin_lock_bh(&ar->data_lock);
424 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
425 	spin_unlock_bh(&ar->data_lock);
426 
427 	if (!peer)
428 		return -ENOENT;
429 
430 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
431 		if (peer->keys[i] == NULL)
432 			continue;
433 
434 		/* key flags are not required to delete the key */
435 		ret = ath10k_install_key(arvif, peer->keys[i],
436 					 DISABLE_KEY, addr, flags);
437 		if (ret < 0 && first_errno == 0)
438 			first_errno = ret;
439 
440 		if (ret < 0)
441 			ath10k_warn(ar, "failed to remove peer wep key %d: %d\n",
442 				    i, ret);
443 
444 		spin_lock_bh(&ar->data_lock);
445 		peer->keys[i] = NULL;
446 		spin_unlock_bh(&ar->data_lock);
447 	}
448 
449 	return first_errno;
450 }
451 
452 bool ath10k_mac_is_peer_wep_key_set(struct ath10k *ar, const u8 *addr,
453 				    u8 keyidx)
454 {
455 	struct ath10k_peer *peer;
456 	int i;
457 
458 	lockdep_assert_held(&ar->data_lock);
459 
460 	/* We don't know which vdev this peer belongs to,
461 	 * since WMI doesn't give us that information.
462 	 *
463 	 * FIXME: multi-bss needs to be handled.
464 	 */
465 	peer = ath10k_peer_find(ar, 0, addr);
466 	if (!peer)
467 		return false;
468 
469 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
470 		if (peer->keys[i] && peer->keys[i]->keyidx == keyidx)
471 			return true;
472 	}
473 
474 	return false;
475 }
476 
477 static int ath10k_clear_vdev_key(struct ath10k_vif *arvif,
478 				 struct ieee80211_key_conf *key)
479 {
480 	struct ath10k *ar = arvif->ar;
481 	struct ath10k_peer *peer;
482 	u8 addr[ETH_ALEN];
483 	int first_errno = 0;
484 	int ret;
485 	int i;
486 	u32 flags = 0;
487 
488 	lockdep_assert_held(&ar->conf_mutex);
489 
490 	for (;;) {
491 		/* since ath10k_install_key we can't hold data_lock all the
492 		 * time, so we try to remove the keys incrementally
493 		 */
494 		spin_lock_bh(&ar->data_lock);
495 		i = 0;
496 		list_for_each_entry(peer, &ar->peers, list) {
497 			for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
498 				if (peer->keys[i] == key) {
499 					ether_addr_copy(addr, peer->addr);
500 					peer->keys[i] = NULL;
501 					break;
502 				}
503 			}
504 
505 			if (i < ARRAY_SIZE(peer->keys))
506 				break;
507 		}
508 		spin_unlock_bh(&ar->data_lock);
509 
510 		if (i == ARRAY_SIZE(peer->keys))
511 			break;
512 		/* key flags are not required to delete the key */
513 		ret = ath10k_install_key(arvif, key, DISABLE_KEY, addr, flags);
514 		if (ret < 0 && first_errno == 0)
515 			first_errno = ret;
516 
517 		if (ret)
518 			ath10k_warn(ar, "failed to remove key for %pM: %d\n",
519 				    addr, ret);
520 	}
521 
522 	return first_errno;
523 }
524 
525 static int ath10k_mac_vif_update_wep_key(struct ath10k_vif *arvif,
526 					 struct ieee80211_key_conf *key)
527 {
528 	struct ath10k *ar = arvif->ar;
529 	struct ath10k_peer *peer;
530 	int ret;
531 
532 	lockdep_assert_held(&ar->conf_mutex);
533 
534 	list_for_each_entry(peer, &ar->peers, list) {
535 		if (ether_addr_equal(peer->addr, arvif->vif->addr))
536 			continue;
537 
538 		if (ether_addr_equal(peer->addr, arvif->bssid))
539 			continue;
540 
541 		if (peer->keys[key->keyidx] == key)
542 			continue;
543 
544 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vif vdev %i update key %i needs update\n",
545 			   arvif->vdev_id, key->keyidx);
546 
547 		ret = ath10k_install_peer_wep_keys(arvif, peer->addr);
548 		if (ret) {
549 			ath10k_warn(ar, "failed to update wep keys on vdev %i for peer %pM: %d\n",
550 				    arvif->vdev_id, peer->addr, ret);
551 			return ret;
552 		}
553 	}
554 
555 	return 0;
556 }
557 
558 /*********************/
559 /* General utilities */
560 /*********************/
561 
562 static inline enum wmi_phy_mode
563 chan_to_phymode(const struct cfg80211_chan_def *chandef)
564 {
565 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
566 
567 	switch (chandef->chan->band) {
568 	case NL80211_BAND_2GHZ:
569 		switch (chandef->width) {
570 		case NL80211_CHAN_WIDTH_20_NOHT:
571 			if (chandef->chan->flags & IEEE80211_CHAN_NO_OFDM)
572 				phymode = MODE_11B;
573 			else
574 				phymode = MODE_11G;
575 			break;
576 		case NL80211_CHAN_WIDTH_20:
577 			phymode = MODE_11NG_HT20;
578 			break;
579 		case NL80211_CHAN_WIDTH_40:
580 			phymode = MODE_11NG_HT40;
581 			break;
582 		default:
583 			phymode = MODE_UNKNOWN;
584 			break;
585 		}
586 		break;
587 	case NL80211_BAND_5GHZ:
588 		switch (chandef->width) {
589 		case NL80211_CHAN_WIDTH_20_NOHT:
590 			phymode = MODE_11A;
591 			break;
592 		case NL80211_CHAN_WIDTH_20:
593 			phymode = MODE_11NA_HT20;
594 			break;
595 		case NL80211_CHAN_WIDTH_40:
596 			phymode = MODE_11NA_HT40;
597 			break;
598 		case NL80211_CHAN_WIDTH_80:
599 			phymode = MODE_11AC_VHT80;
600 			break;
601 		case NL80211_CHAN_WIDTH_160:
602 			phymode = MODE_11AC_VHT160;
603 			break;
604 		case NL80211_CHAN_WIDTH_80P80:
605 			phymode = MODE_11AC_VHT80_80;
606 			break;
607 		default:
608 			phymode = MODE_UNKNOWN;
609 			break;
610 		}
611 		break;
612 	default:
613 		break;
614 	}
615 
616 	WARN_ON(phymode == MODE_UNKNOWN);
617 	return phymode;
618 }
619 
620 static u8 ath10k_parse_mpdudensity(u8 mpdudensity)
621 {
622 /*
623  * 802.11n D2.0 defined values for "Minimum MPDU Start Spacing":
624  *   0 for no restriction
625  *   1 for 1/4 us
626  *   2 for 1/2 us
627  *   3 for 1 us
628  *   4 for 2 us
629  *   5 for 4 us
630  *   6 for 8 us
631  *   7 for 16 us
632  */
633 	switch (mpdudensity) {
634 	case 0:
635 		return 0;
636 	case 1:
637 	case 2:
638 	case 3:
639 	/* Our lower layer calculations limit our precision to
640 	 * 1 microsecond
641 	 */
642 		return 1;
643 	case 4:
644 		return 2;
645 	case 5:
646 		return 4;
647 	case 6:
648 		return 8;
649 	case 7:
650 		return 16;
651 	default:
652 		return 0;
653 	}
654 }
655 
656 int ath10k_mac_vif_chan(struct ieee80211_vif *vif,
657 			struct cfg80211_chan_def *def)
658 {
659 	struct ieee80211_chanctx_conf *conf;
660 
661 	rcu_read_lock();
662 	conf = rcu_dereference(vif->bss_conf.chanctx_conf);
663 	if (!conf) {
664 		rcu_read_unlock();
665 		return -ENOENT;
666 	}
667 
668 	*def = conf->def;
669 	rcu_read_unlock();
670 
671 	return 0;
672 }
673 
674 static void ath10k_mac_num_chanctxs_iter(struct ieee80211_hw *hw,
675 					 struct ieee80211_chanctx_conf *conf,
676 					 void *data)
677 {
678 	int *num = data;
679 
680 	(*num)++;
681 }
682 
683 static int ath10k_mac_num_chanctxs(struct ath10k *ar)
684 {
685 	int num = 0;
686 
687 	ieee80211_iter_chan_contexts_atomic(ar->hw,
688 					    ath10k_mac_num_chanctxs_iter,
689 					    &num);
690 
691 	return num;
692 }
693 
694 static void
695 ath10k_mac_get_any_chandef_iter(struct ieee80211_hw *hw,
696 				struct ieee80211_chanctx_conf *conf,
697 				void *data)
698 {
699 	struct cfg80211_chan_def **def = data;
700 
701 	*def = &conf->def;
702 }
703 
704 static void ath10k_wait_for_peer_delete_done(struct ath10k *ar, u32 vdev_id,
705 					     const u8 *addr)
706 {
707 	unsigned long time_left;
708 	int ret;
709 
710 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
711 		ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
712 		if (ret) {
713 			ath10k_warn(ar, "failed wait for peer deleted");
714 			return;
715 		}
716 
717 		time_left = wait_for_completion_timeout(&ar->peer_delete_done,
718 							5 * HZ);
719 		if (!time_left)
720 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
721 	}
722 }
723 
724 static int ath10k_peer_create(struct ath10k *ar,
725 			      struct ieee80211_vif *vif,
726 			      struct ieee80211_sta *sta,
727 			      u32 vdev_id,
728 			      const u8 *addr,
729 			      enum wmi_peer_type peer_type)
730 {
731 	struct ath10k_vif *arvif;
732 	struct ath10k_peer *peer;
733 	int num_peers = 0;
734 	int ret;
735 
736 	lockdep_assert_held(&ar->conf_mutex);
737 
738 	num_peers = ar->num_peers;
739 
740 	/* Each vdev consumes a peer entry as well */
741 	list_for_each_entry(arvif, &ar->arvifs, list)
742 		num_peers++;
743 
744 	if (num_peers >= ar->max_num_peers)
745 		return -ENOBUFS;
746 
747 	ret = ath10k_wmi_peer_create(ar, vdev_id, addr, peer_type);
748 	if (ret) {
749 		ath10k_warn(ar, "failed to create wmi peer %pM on vdev %i: %i\n",
750 			    addr, vdev_id, ret);
751 		return ret;
752 	}
753 
754 	ret = ath10k_wait_for_peer_created(ar, vdev_id, addr);
755 	if (ret) {
756 		ath10k_warn(ar, "failed to wait for created wmi peer %pM on vdev %i: %i\n",
757 			    addr, vdev_id, ret);
758 		return ret;
759 	}
760 
761 	spin_lock_bh(&ar->data_lock);
762 
763 	peer = ath10k_peer_find(ar, vdev_id, addr);
764 	if (!peer) {
765 		spin_unlock_bh(&ar->data_lock);
766 		ath10k_warn(ar, "failed to find peer %pM on vdev %i after creation\n",
767 			    addr, vdev_id);
768 		ath10k_wait_for_peer_delete_done(ar, vdev_id, addr);
769 		return -ENOENT;
770 	}
771 
772 	peer->vif = vif;
773 	peer->sta = sta;
774 
775 	spin_unlock_bh(&ar->data_lock);
776 
777 	ar->num_peers++;
778 
779 	return 0;
780 }
781 
782 static int ath10k_mac_set_kickout(struct ath10k_vif *arvif)
783 {
784 	struct ath10k *ar = arvif->ar;
785 	u32 param;
786 	int ret;
787 
788 	param = ar->wmi.pdev_param->sta_kickout_th;
789 	ret = ath10k_wmi_pdev_set_param(ar, param,
790 					ATH10K_KICKOUT_THRESHOLD);
791 	if (ret) {
792 		ath10k_warn(ar, "failed to set kickout threshold on vdev %i: %d\n",
793 			    arvif->vdev_id, ret);
794 		return ret;
795 	}
796 
797 	param = ar->wmi.vdev_param->ap_keepalive_min_idle_inactive_time_secs;
798 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
799 					ATH10K_KEEPALIVE_MIN_IDLE);
800 	if (ret) {
801 		ath10k_warn(ar, "failed to set keepalive minimum idle time on vdev %i: %d\n",
802 			    arvif->vdev_id, ret);
803 		return ret;
804 	}
805 
806 	param = ar->wmi.vdev_param->ap_keepalive_max_idle_inactive_time_secs;
807 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
808 					ATH10K_KEEPALIVE_MAX_IDLE);
809 	if (ret) {
810 		ath10k_warn(ar, "failed to set keepalive maximum idle time on vdev %i: %d\n",
811 			    arvif->vdev_id, ret);
812 		return ret;
813 	}
814 
815 	param = ar->wmi.vdev_param->ap_keepalive_max_unresponsive_time_secs;
816 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
817 					ATH10K_KEEPALIVE_MAX_UNRESPONSIVE);
818 	if (ret) {
819 		ath10k_warn(ar, "failed to set keepalive maximum unresponsive time on vdev %i: %d\n",
820 			    arvif->vdev_id, ret);
821 		return ret;
822 	}
823 
824 	return 0;
825 }
826 
827 static int ath10k_mac_set_rts(struct ath10k_vif *arvif, u32 value)
828 {
829 	struct ath10k *ar = arvif->ar;
830 	u32 vdev_param;
831 
832 	vdev_param = ar->wmi.vdev_param->rts_threshold;
833 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, value);
834 }
835 
836 static int ath10k_peer_delete(struct ath10k *ar, u32 vdev_id, const u8 *addr)
837 {
838 	int ret;
839 
840 	lockdep_assert_held(&ar->conf_mutex);
841 
842 	ret = ath10k_wmi_peer_delete(ar, vdev_id, addr);
843 	if (ret)
844 		return ret;
845 
846 	ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
847 	if (ret)
848 		return ret;
849 
850 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
851 		unsigned long time_left;
852 
853 		time_left = wait_for_completion_timeout
854 			    (&ar->peer_delete_done, 5 * HZ);
855 
856 		if (!time_left) {
857 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
858 			return -ETIMEDOUT;
859 		}
860 	}
861 
862 	ar->num_peers--;
863 
864 	return 0;
865 }
866 
867 static void ath10k_peer_map_cleanup(struct ath10k *ar, struct ath10k_peer *peer)
868 {
869 	int peer_id, i;
870 
871 	lockdep_assert_held(&ar->conf_mutex);
872 
873 	for_each_set_bit(peer_id, peer->peer_ids,
874 			 ATH10K_MAX_NUM_PEER_IDS) {
875 		ar->peer_map[peer_id] = NULL;
876 	}
877 
878 	/* Double check that peer is properly un-referenced from
879 	 * the peer_map
880 	 */
881 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
882 		if (ar->peer_map[i] == peer) {
883 			ath10k_warn(ar, "removing stale peer_map entry for %pM (ptr %pK idx %d)\n",
884 				    peer->addr, peer, i);
885 			ar->peer_map[i] = NULL;
886 		}
887 	}
888 
889 	list_del(&peer->list);
890 	kfree(peer);
891 	ar->num_peers--;
892 }
893 
894 static void ath10k_peer_cleanup(struct ath10k *ar, u32 vdev_id)
895 {
896 	struct ath10k_peer *peer, *tmp;
897 
898 	lockdep_assert_held(&ar->conf_mutex);
899 
900 	spin_lock_bh(&ar->data_lock);
901 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
902 		if (peer->vdev_id != vdev_id)
903 			continue;
904 
905 		ath10k_warn(ar, "removing stale peer %pM from vdev_id %d\n",
906 			    peer->addr, vdev_id);
907 
908 		ath10k_peer_map_cleanup(ar, peer);
909 	}
910 	spin_unlock_bh(&ar->data_lock);
911 }
912 
913 static void ath10k_peer_cleanup_all(struct ath10k *ar)
914 {
915 	struct ath10k_peer *peer, *tmp;
916 	int i;
917 
918 	lockdep_assert_held(&ar->conf_mutex);
919 
920 	spin_lock_bh(&ar->data_lock);
921 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
922 		list_del(&peer->list);
923 		kfree(peer);
924 	}
925 
926 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++)
927 		ar->peer_map[i] = NULL;
928 
929 	spin_unlock_bh(&ar->data_lock);
930 
931 	ar->num_peers = 0;
932 	ar->num_stations = 0;
933 }
934 
935 static int ath10k_mac_tdls_peer_update(struct ath10k *ar, u32 vdev_id,
936 				       struct ieee80211_sta *sta,
937 				       enum wmi_tdls_peer_state state)
938 {
939 	int ret;
940 	struct wmi_tdls_peer_update_cmd_arg arg = {};
941 	struct wmi_tdls_peer_capab_arg cap = {};
942 	struct wmi_channel_arg chan_arg = {};
943 
944 	lockdep_assert_held(&ar->conf_mutex);
945 
946 	arg.vdev_id = vdev_id;
947 	arg.peer_state = state;
948 	ether_addr_copy(arg.addr, sta->addr);
949 
950 	cap.peer_max_sp = sta->max_sp;
951 	cap.peer_uapsd_queues = sta->uapsd_queues;
952 
953 	if (state == WMI_TDLS_PEER_STATE_CONNECTED &&
954 	    !sta->tdls_initiator)
955 		cap.is_peer_responder = 1;
956 
957 	ret = ath10k_wmi_tdls_peer_update(ar, &arg, &cap, &chan_arg);
958 	if (ret) {
959 		ath10k_warn(ar, "failed to update tdls peer %pM on vdev %i: %i\n",
960 			    arg.addr, vdev_id, ret);
961 		return ret;
962 	}
963 
964 	return 0;
965 }
966 
967 /************************/
968 /* Interface management */
969 /************************/
970 
971 void ath10k_mac_vif_beacon_free(struct ath10k_vif *arvif)
972 {
973 	struct ath10k *ar = arvif->ar;
974 
975 	lockdep_assert_held(&ar->data_lock);
976 
977 	if (!arvif->beacon)
978 		return;
979 
980 	if (!arvif->beacon_buf)
981 		dma_unmap_single(ar->dev, ATH10K_SKB_CB(arvif->beacon)->paddr,
982 				 arvif->beacon->len, DMA_TO_DEVICE);
983 
984 	if (WARN_ON(arvif->beacon_state != ATH10K_BEACON_SCHEDULED &&
985 		    arvif->beacon_state != ATH10K_BEACON_SENT))
986 		return;
987 
988 	dev_kfree_skb_any(arvif->beacon);
989 
990 	arvif->beacon = NULL;
991 	arvif->beacon_state = ATH10K_BEACON_SCHEDULED;
992 }
993 
994 static void ath10k_mac_vif_beacon_cleanup(struct ath10k_vif *arvif)
995 {
996 	struct ath10k *ar = arvif->ar;
997 
998 	lockdep_assert_held(&ar->data_lock);
999 
1000 	ath10k_mac_vif_beacon_free(arvif);
1001 
1002 	if (arvif->beacon_buf) {
1003 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
1004 			kfree(arvif->beacon_buf);
1005 		else
1006 			dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
1007 					  arvif->beacon_buf,
1008 					  arvif->beacon_paddr);
1009 		arvif->beacon_buf = NULL;
1010 	}
1011 }
1012 
1013 static inline int ath10k_vdev_setup_sync(struct ath10k *ar)
1014 {
1015 	unsigned long time_left;
1016 
1017 	lockdep_assert_held(&ar->conf_mutex);
1018 
1019 	if (test_bit(ATH10K_FLAG_CRASH_FLUSH, &ar->dev_flags))
1020 		return -ESHUTDOWN;
1021 
1022 	time_left = wait_for_completion_timeout(&ar->vdev_setup_done,
1023 						ATH10K_VDEV_SETUP_TIMEOUT_HZ);
1024 	if (time_left == 0)
1025 		return -ETIMEDOUT;
1026 
1027 	return ar->last_wmi_vdev_start_status;
1028 }
1029 
1030 static int ath10k_monitor_vdev_start(struct ath10k *ar, int vdev_id)
1031 {
1032 	struct cfg80211_chan_def *chandef = NULL;
1033 	struct ieee80211_channel *channel = NULL;
1034 	struct wmi_vdev_start_request_arg arg = {};
1035 	int ret = 0;
1036 
1037 	lockdep_assert_held(&ar->conf_mutex);
1038 
1039 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1040 					    ath10k_mac_get_any_chandef_iter,
1041 					    &chandef);
1042 	if (WARN_ON_ONCE(!chandef))
1043 		return -ENOENT;
1044 
1045 	channel = chandef->chan;
1046 
1047 	arg.vdev_id = vdev_id;
1048 	arg.channel.freq = channel->center_freq;
1049 	arg.channel.band_center_freq1 = chandef->center_freq1;
1050 	arg.channel.band_center_freq2 = chandef->center_freq2;
1051 
1052 	/* TODO setup this dynamically, what in case we
1053 	 * don't have any vifs?
1054 	 */
1055 	arg.channel.mode = chan_to_phymode(chandef);
1056 	arg.channel.chan_radar =
1057 			!!(channel->flags & IEEE80211_CHAN_RADAR);
1058 
1059 	arg.channel.min_power = 0;
1060 	arg.channel.max_power = channel->max_power * 2;
1061 	arg.channel.max_reg_power = channel->max_reg_power * 2;
1062 	arg.channel.max_antenna_gain = channel->max_antenna_gain;
1063 
1064 	reinit_completion(&ar->vdev_setup_done);
1065 	reinit_completion(&ar->vdev_delete_done);
1066 
1067 	ret = ath10k_wmi_vdev_start(ar, &arg);
1068 	if (ret) {
1069 		ath10k_warn(ar, "failed to request monitor vdev %i start: %d\n",
1070 			    vdev_id, ret);
1071 		return ret;
1072 	}
1073 
1074 	ret = ath10k_vdev_setup_sync(ar);
1075 	if (ret) {
1076 		ath10k_warn(ar, "failed to synchronize setup for monitor vdev %i start: %d\n",
1077 			    vdev_id, ret);
1078 		return ret;
1079 	}
1080 
1081 	ret = ath10k_wmi_vdev_up(ar, vdev_id, 0, ar->mac_addr);
1082 	if (ret) {
1083 		ath10k_warn(ar, "failed to put up monitor vdev %i: %d\n",
1084 			    vdev_id, ret);
1085 		goto vdev_stop;
1086 	}
1087 
1088 	ar->monitor_vdev_id = vdev_id;
1089 
1090 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i started\n",
1091 		   ar->monitor_vdev_id);
1092 	return 0;
1093 
1094 vdev_stop:
1095 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1096 	if (ret)
1097 		ath10k_warn(ar, "failed to stop monitor vdev %i after start failure: %d\n",
1098 			    ar->monitor_vdev_id, ret);
1099 
1100 	return ret;
1101 }
1102 
1103 static int ath10k_monitor_vdev_stop(struct ath10k *ar)
1104 {
1105 	int ret = 0;
1106 
1107 	lockdep_assert_held(&ar->conf_mutex);
1108 
1109 	ret = ath10k_wmi_vdev_down(ar, ar->monitor_vdev_id);
1110 	if (ret)
1111 		ath10k_warn(ar, "failed to put down monitor vdev %i: %d\n",
1112 			    ar->monitor_vdev_id, ret);
1113 
1114 	reinit_completion(&ar->vdev_setup_done);
1115 	reinit_completion(&ar->vdev_delete_done);
1116 
1117 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1118 	if (ret)
1119 		ath10k_warn(ar, "failed to request monitor vdev %i stop: %d\n",
1120 			    ar->monitor_vdev_id, ret);
1121 
1122 	ret = ath10k_vdev_setup_sync(ar);
1123 	if (ret)
1124 		ath10k_warn(ar, "failed to synchronize monitor vdev %i stop: %d\n",
1125 			    ar->monitor_vdev_id, ret);
1126 
1127 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i stopped\n",
1128 		   ar->monitor_vdev_id);
1129 	return ret;
1130 }
1131 
1132 static int ath10k_monitor_vdev_create(struct ath10k *ar)
1133 {
1134 	int bit, ret = 0;
1135 
1136 	lockdep_assert_held(&ar->conf_mutex);
1137 
1138 	if (ar->free_vdev_map == 0) {
1139 		ath10k_warn(ar, "failed to find free vdev id for monitor vdev\n");
1140 		return -ENOMEM;
1141 	}
1142 
1143 	bit = __ffs64(ar->free_vdev_map);
1144 
1145 	ar->monitor_vdev_id = bit;
1146 
1147 	ret = ath10k_wmi_vdev_create(ar, ar->monitor_vdev_id,
1148 				     WMI_VDEV_TYPE_MONITOR,
1149 				     0, ar->mac_addr);
1150 	if (ret) {
1151 		ath10k_warn(ar, "failed to request monitor vdev %i creation: %d\n",
1152 			    ar->monitor_vdev_id, ret);
1153 		return ret;
1154 	}
1155 
1156 	ar->free_vdev_map &= ~(1LL << ar->monitor_vdev_id);
1157 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d created\n",
1158 		   ar->monitor_vdev_id);
1159 
1160 	return 0;
1161 }
1162 
1163 static int ath10k_monitor_vdev_delete(struct ath10k *ar)
1164 {
1165 	int ret = 0;
1166 
1167 	lockdep_assert_held(&ar->conf_mutex);
1168 
1169 	ret = ath10k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
1170 	if (ret) {
1171 		ath10k_warn(ar, "failed to request wmi monitor vdev %i removal: %d\n",
1172 			    ar->monitor_vdev_id, ret);
1173 		return ret;
1174 	}
1175 
1176 	ar->free_vdev_map |= 1LL << ar->monitor_vdev_id;
1177 
1178 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d deleted\n",
1179 		   ar->monitor_vdev_id);
1180 	return ret;
1181 }
1182 
1183 static int ath10k_monitor_start(struct ath10k *ar)
1184 {
1185 	int ret;
1186 
1187 	lockdep_assert_held(&ar->conf_mutex);
1188 
1189 	ret = ath10k_monitor_vdev_create(ar);
1190 	if (ret) {
1191 		ath10k_warn(ar, "failed to create monitor vdev: %d\n", ret);
1192 		return ret;
1193 	}
1194 
1195 	ret = ath10k_monitor_vdev_start(ar, ar->monitor_vdev_id);
1196 	if (ret) {
1197 		ath10k_warn(ar, "failed to start monitor vdev: %d\n", ret);
1198 		ath10k_monitor_vdev_delete(ar);
1199 		return ret;
1200 	}
1201 
1202 	ar->monitor_started = true;
1203 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor started\n");
1204 
1205 	return 0;
1206 }
1207 
1208 static int ath10k_monitor_stop(struct ath10k *ar)
1209 {
1210 	int ret;
1211 
1212 	lockdep_assert_held(&ar->conf_mutex);
1213 
1214 	ret = ath10k_monitor_vdev_stop(ar);
1215 	if (ret) {
1216 		ath10k_warn(ar, "failed to stop monitor vdev: %d\n", ret);
1217 		return ret;
1218 	}
1219 
1220 	ret = ath10k_monitor_vdev_delete(ar);
1221 	if (ret) {
1222 		ath10k_warn(ar, "failed to delete monitor vdev: %d\n", ret);
1223 		return ret;
1224 	}
1225 
1226 	ar->monitor_started = false;
1227 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopped\n");
1228 
1229 	return 0;
1230 }
1231 
1232 static bool ath10k_mac_monitor_vdev_is_needed(struct ath10k *ar)
1233 {
1234 	int num_ctx;
1235 
1236 	/* At least one chanctx is required to derive a channel to start
1237 	 * monitor vdev on.
1238 	 */
1239 	num_ctx = ath10k_mac_num_chanctxs(ar);
1240 	if (num_ctx == 0)
1241 		return false;
1242 
1243 	/* If there's already an existing special monitor interface then don't
1244 	 * bother creating another monitor vdev.
1245 	 */
1246 	if (ar->monitor_arvif)
1247 		return false;
1248 
1249 	return ar->monitor ||
1250 	       (!test_bit(ATH10K_FW_FEATURE_ALLOWS_MESH_BCAST,
1251 			  ar->running_fw->fw_file.fw_features) &&
1252 		(ar->filter_flags & FIF_OTHER_BSS)) ||
1253 	       test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1254 }
1255 
1256 static bool ath10k_mac_monitor_vdev_is_allowed(struct ath10k *ar)
1257 {
1258 	int num_ctx;
1259 
1260 	num_ctx = ath10k_mac_num_chanctxs(ar);
1261 
1262 	/* FIXME: Current interface combinations and cfg80211/mac80211 code
1263 	 * shouldn't allow this but make sure to prevent handling the following
1264 	 * case anyway since multi-channel DFS hasn't been tested at all.
1265 	 */
1266 	if (test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags) && num_ctx > 1)
1267 		return false;
1268 
1269 	return true;
1270 }
1271 
1272 static int ath10k_monitor_recalc(struct ath10k *ar)
1273 {
1274 	bool needed;
1275 	bool allowed;
1276 	int ret;
1277 
1278 	lockdep_assert_held(&ar->conf_mutex);
1279 
1280 	needed = ath10k_mac_monitor_vdev_is_needed(ar);
1281 	allowed = ath10k_mac_monitor_vdev_is_allowed(ar);
1282 
1283 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1284 		   "mac monitor recalc started? %d needed? %d allowed? %d\n",
1285 		   ar->monitor_started, needed, allowed);
1286 
1287 	if (WARN_ON(needed && !allowed)) {
1288 		if (ar->monitor_started) {
1289 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopping disallowed monitor\n");
1290 
1291 			ret = ath10k_monitor_stop(ar);
1292 			if (ret)
1293 				ath10k_warn(ar, "failed to stop disallowed monitor: %d\n",
1294 					    ret);
1295 				/* not serious */
1296 		}
1297 
1298 		return -EPERM;
1299 	}
1300 
1301 	if (needed == ar->monitor_started)
1302 		return 0;
1303 
1304 	if (needed)
1305 		return ath10k_monitor_start(ar);
1306 	else
1307 		return ath10k_monitor_stop(ar);
1308 }
1309 
1310 static bool ath10k_mac_can_set_cts_prot(struct ath10k_vif *arvif)
1311 {
1312 	struct ath10k *ar = arvif->ar;
1313 
1314 	lockdep_assert_held(&ar->conf_mutex);
1315 
1316 	if (!arvif->is_started) {
1317 		ath10k_dbg(ar, ATH10K_DBG_MAC, "defer cts setup, vdev is not ready yet\n");
1318 		return false;
1319 	}
1320 
1321 	return true;
1322 }
1323 
1324 static int ath10k_mac_set_cts_prot(struct ath10k_vif *arvif)
1325 {
1326 	struct ath10k *ar = arvif->ar;
1327 	u32 vdev_param;
1328 
1329 	lockdep_assert_held(&ar->conf_mutex);
1330 
1331 	vdev_param = ar->wmi.vdev_param->protection_mode;
1332 
1333 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d cts_protection %d\n",
1334 		   arvif->vdev_id, arvif->use_cts_prot);
1335 
1336 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1337 					 arvif->use_cts_prot ? 1 : 0);
1338 }
1339 
1340 static int ath10k_recalc_rtscts_prot(struct ath10k_vif *arvif)
1341 {
1342 	struct ath10k *ar = arvif->ar;
1343 	u32 vdev_param, rts_cts = 0;
1344 
1345 	lockdep_assert_held(&ar->conf_mutex);
1346 
1347 	vdev_param = ar->wmi.vdev_param->enable_rtscts;
1348 
1349 	rts_cts |= SM(WMI_RTSCTS_ENABLED, WMI_RTSCTS_SET);
1350 
1351 	if (arvif->num_legacy_stations > 0)
1352 		rts_cts |= SM(WMI_RTSCTS_ACROSS_SW_RETRIES,
1353 			      WMI_RTSCTS_PROFILE);
1354 	else
1355 		rts_cts |= SM(WMI_RTSCTS_FOR_SECOND_RATESERIES,
1356 			      WMI_RTSCTS_PROFILE);
1357 
1358 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d recalc rts/cts prot %d\n",
1359 		   arvif->vdev_id, rts_cts);
1360 
1361 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1362 					 rts_cts);
1363 }
1364 
1365 static int ath10k_start_cac(struct ath10k *ar)
1366 {
1367 	int ret;
1368 
1369 	lockdep_assert_held(&ar->conf_mutex);
1370 
1371 	set_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1372 
1373 	ret = ath10k_monitor_recalc(ar);
1374 	if (ret) {
1375 		ath10k_warn(ar, "failed to start monitor (cac): %d\n", ret);
1376 		clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1377 		return ret;
1378 	}
1379 
1380 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac start monitor vdev %d\n",
1381 		   ar->monitor_vdev_id);
1382 
1383 	return 0;
1384 }
1385 
1386 static int ath10k_stop_cac(struct ath10k *ar)
1387 {
1388 	lockdep_assert_held(&ar->conf_mutex);
1389 
1390 	/* CAC is not running - do nothing */
1391 	if (!test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags))
1392 		return 0;
1393 
1394 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1395 	ath10k_monitor_stop(ar);
1396 
1397 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac finished\n");
1398 
1399 	return 0;
1400 }
1401 
1402 static void ath10k_mac_has_radar_iter(struct ieee80211_hw *hw,
1403 				      struct ieee80211_chanctx_conf *conf,
1404 				      void *data)
1405 {
1406 	bool *ret = data;
1407 
1408 	if (!*ret && conf->radar_enabled)
1409 		*ret = true;
1410 }
1411 
1412 static bool ath10k_mac_has_radar_enabled(struct ath10k *ar)
1413 {
1414 	bool has_radar = false;
1415 
1416 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1417 					    ath10k_mac_has_radar_iter,
1418 					    &has_radar);
1419 
1420 	return has_radar;
1421 }
1422 
1423 static void ath10k_recalc_radar_detection(struct ath10k *ar)
1424 {
1425 	int ret;
1426 
1427 	lockdep_assert_held(&ar->conf_mutex);
1428 
1429 	ath10k_stop_cac(ar);
1430 
1431 	if (!ath10k_mac_has_radar_enabled(ar))
1432 		return;
1433 
1434 	if (ar->num_started_vdevs > 0)
1435 		return;
1436 
1437 	ret = ath10k_start_cac(ar);
1438 	if (ret) {
1439 		/*
1440 		 * Not possible to start CAC on current channel so starting
1441 		 * radiation is not allowed, make this channel DFS_UNAVAILABLE
1442 		 * by indicating that radar was detected.
1443 		 */
1444 		ath10k_warn(ar, "failed to start CAC: %d\n", ret);
1445 		ieee80211_radar_detected(ar->hw);
1446 	}
1447 }
1448 
1449 static int ath10k_vdev_stop(struct ath10k_vif *arvif)
1450 {
1451 	struct ath10k *ar = arvif->ar;
1452 	int ret;
1453 
1454 	lockdep_assert_held(&ar->conf_mutex);
1455 
1456 	reinit_completion(&ar->vdev_setup_done);
1457 	reinit_completion(&ar->vdev_delete_done);
1458 
1459 	ret = ath10k_wmi_vdev_stop(ar, arvif->vdev_id);
1460 	if (ret) {
1461 		ath10k_warn(ar, "failed to stop WMI vdev %i: %d\n",
1462 			    arvif->vdev_id, ret);
1463 		return ret;
1464 	}
1465 
1466 	ret = ath10k_vdev_setup_sync(ar);
1467 	if (ret) {
1468 		ath10k_warn(ar, "failed to synchronize setup for vdev %i: %d\n",
1469 			    arvif->vdev_id, ret);
1470 		return ret;
1471 	}
1472 
1473 	WARN_ON(ar->num_started_vdevs == 0);
1474 
1475 	if (ar->num_started_vdevs != 0) {
1476 		ar->num_started_vdevs--;
1477 		ath10k_recalc_radar_detection(ar);
1478 	}
1479 
1480 	return ret;
1481 }
1482 
1483 static int ath10k_vdev_start_restart(struct ath10k_vif *arvif,
1484 				     const struct cfg80211_chan_def *chandef,
1485 				     bool restart)
1486 {
1487 	struct ath10k *ar = arvif->ar;
1488 	struct wmi_vdev_start_request_arg arg = {};
1489 	int ret = 0;
1490 
1491 	lockdep_assert_held(&ar->conf_mutex);
1492 
1493 	reinit_completion(&ar->vdev_setup_done);
1494 	reinit_completion(&ar->vdev_delete_done);
1495 
1496 	arg.vdev_id = arvif->vdev_id;
1497 	arg.dtim_period = arvif->dtim_period;
1498 	arg.bcn_intval = arvif->beacon_interval;
1499 
1500 	arg.channel.freq = chandef->chan->center_freq;
1501 	arg.channel.band_center_freq1 = chandef->center_freq1;
1502 	arg.channel.band_center_freq2 = chandef->center_freq2;
1503 	arg.channel.mode = chan_to_phymode(chandef);
1504 
1505 	arg.channel.min_power = 0;
1506 	arg.channel.max_power = chandef->chan->max_power * 2;
1507 	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
1508 	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain;
1509 
1510 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
1511 		arg.ssid = arvif->u.ap.ssid;
1512 		arg.ssid_len = arvif->u.ap.ssid_len;
1513 		arg.hidden_ssid = arvif->u.ap.hidden_ssid;
1514 
1515 		/* For now allow DFS for AP mode */
1516 		arg.channel.chan_radar =
1517 			!!(chandef->chan->flags & IEEE80211_CHAN_RADAR);
1518 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
1519 		arg.ssid = arvif->vif->cfg.ssid;
1520 		arg.ssid_len = arvif->vif->cfg.ssid_len;
1521 	}
1522 
1523 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1524 		   "mac vdev %d start center_freq %d phymode %s\n",
1525 		   arg.vdev_id, arg.channel.freq,
1526 		   ath10k_wmi_phymode_str(arg.channel.mode));
1527 
1528 	if (restart)
1529 		ret = ath10k_wmi_vdev_restart(ar, &arg);
1530 	else
1531 		ret = ath10k_wmi_vdev_start(ar, &arg);
1532 
1533 	if (ret) {
1534 		ath10k_warn(ar, "failed to start WMI vdev %i: %d\n",
1535 			    arg.vdev_id, ret);
1536 		return ret;
1537 	}
1538 
1539 	ret = ath10k_vdev_setup_sync(ar);
1540 	if (ret) {
1541 		ath10k_warn(ar,
1542 			    "failed to synchronize setup for vdev %i restart %d: %d\n",
1543 			    arg.vdev_id, restart, ret);
1544 		return ret;
1545 	}
1546 
1547 	ar->num_started_vdevs++;
1548 	ath10k_recalc_radar_detection(ar);
1549 
1550 	return ret;
1551 }
1552 
1553 static int ath10k_vdev_start(struct ath10k_vif *arvif,
1554 			     const struct cfg80211_chan_def *def)
1555 {
1556 	return ath10k_vdev_start_restart(arvif, def, false);
1557 }
1558 
1559 static int ath10k_vdev_restart(struct ath10k_vif *arvif,
1560 			       const struct cfg80211_chan_def *def)
1561 {
1562 	return ath10k_vdev_start_restart(arvif, def, true);
1563 }
1564 
1565 static int ath10k_mac_setup_bcn_p2p_ie(struct ath10k_vif *arvif,
1566 				       struct sk_buff *bcn)
1567 {
1568 	struct ath10k *ar = arvif->ar;
1569 	struct ieee80211_mgmt *mgmt;
1570 	const u8 *p2p_ie;
1571 	int ret;
1572 
1573 	if (arvif->vif->type != NL80211_IFTYPE_AP || !arvif->vif->p2p)
1574 		return 0;
1575 
1576 	mgmt = (void *)bcn->data;
1577 	p2p_ie = cfg80211_find_vendor_ie(WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1578 					 mgmt->u.beacon.variable,
1579 					 bcn->len - (mgmt->u.beacon.variable -
1580 						     bcn->data));
1581 	if (!p2p_ie)
1582 		return -ENOENT;
1583 
1584 	ret = ath10k_wmi_p2p_go_bcn_ie(ar, arvif->vdev_id, p2p_ie);
1585 	if (ret) {
1586 		ath10k_warn(ar, "failed to submit p2p go bcn ie for vdev %i: %d\n",
1587 			    arvif->vdev_id, ret);
1588 		return ret;
1589 	}
1590 
1591 	return 0;
1592 }
1593 
1594 static int ath10k_mac_remove_vendor_ie(struct sk_buff *skb, unsigned int oui,
1595 				       u8 oui_type, size_t ie_offset)
1596 {
1597 	size_t len;
1598 	const u8 *next;
1599 	const u8 *end;
1600 	u8 *ie;
1601 
1602 	if (WARN_ON(skb->len < ie_offset))
1603 		return -EINVAL;
1604 
1605 	ie = (u8 *)cfg80211_find_vendor_ie(oui, oui_type,
1606 					   skb->data + ie_offset,
1607 					   skb->len - ie_offset);
1608 	if (!ie)
1609 		return -ENOENT;
1610 
1611 	len = ie[1] + 2;
1612 	end = skb->data + skb->len;
1613 	next = ie + len;
1614 
1615 	if (WARN_ON(next > end))
1616 		return -EINVAL;
1617 
1618 	memmove(ie, next, end - next);
1619 	skb_trim(skb, skb->len - len);
1620 
1621 	return 0;
1622 }
1623 
1624 static int ath10k_mac_setup_bcn_tmpl(struct ath10k_vif *arvif)
1625 {
1626 	struct ath10k *ar = arvif->ar;
1627 	struct ieee80211_hw *hw = ar->hw;
1628 	struct ieee80211_vif *vif = arvif->vif;
1629 	struct ieee80211_mutable_offsets offs = {};
1630 	struct sk_buff *bcn;
1631 	int ret;
1632 
1633 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1634 		return 0;
1635 
1636 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
1637 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
1638 		return 0;
1639 
1640 	bcn = ieee80211_beacon_get_template(hw, vif, &offs, 0);
1641 	if (!bcn) {
1642 		ath10k_warn(ar, "failed to get beacon template from mac80211\n");
1643 		return -EPERM;
1644 	}
1645 
1646 	ret = ath10k_mac_setup_bcn_p2p_ie(arvif, bcn);
1647 	if (ret) {
1648 		ath10k_warn(ar, "failed to setup p2p go bcn ie: %d\n", ret);
1649 		kfree_skb(bcn);
1650 		return ret;
1651 	}
1652 
1653 	/* P2P IE is inserted by firmware automatically (as configured above)
1654 	 * so remove it from the base beacon template to avoid duplicate P2P
1655 	 * IEs in beacon frames.
1656 	 */
1657 	ath10k_mac_remove_vendor_ie(bcn, WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1658 				    offsetof(struct ieee80211_mgmt,
1659 					     u.beacon.variable));
1660 
1661 	ret = ath10k_wmi_bcn_tmpl(ar, arvif->vdev_id, offs.tim_offset, bcn, 0,
1662 				  0, NULL, 0);
1663 	kfree_skb(bcn);
1664 
1665 	if (ret) {
1666 		ath10k_warn(ar, "failed to submit beacon template command: %d\n",
1667 			    ret);
1668 		return ret;
1669 	}
1670 
1671 	return 0;
1672 }
1673 
1674 static int ath10k_mac_setup_prb_tmpl(struct ath10k_vif *arvif)
1675 {
1676 	struct ath10k *ar = arvif->ar;
1677 	struct ieee80211_hw *hw = ar->hw;
1678 	struct ieee80211_vif *vif = arvif->vif;
1679 	struct sk_buff *prb;
1680 	int ret;
1681 
1682 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1683 		return 0;
1684 
1685 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1686 		return 0;
1687 
1688 	 /* For mesh, probe response and beacon share the same template */
1689 	if (ieee80211_vif_is_mesh(vif))
1690 		return 0;
1691 
1692 	prb = ieee80211_proberesp_get(hw, vif);
1693 	if (!prb) {
1694 		ath10k_warn(ar, "failed to get probe resp template from mac80211\n");
1695 		return -EPERM;
1696 	}
1697 
1698 	ret = ath10k_wmi_prb_tmpl(ar, arvif->vdev_id, prb);
1699 	kfree_skb(prb);
1700 
1701 	if (ret) {
1702 		ath10k_warn(ar, "failed to submit probe resp template command: %d\n",
1703 			    ret);
1704 		return ret;
1705 	}
1706 
1707 	return 0;
1708 }
1709 
1710 static int ath10k_mac_vif_fix_hidden_ssid(struct ath10k_vif *arvif)
1711 {
1712 	struct ath10k *ar = arvif->ar;
1713 	struct cfg80211_chan_def def;
1714 	int ret;
1715 
1716 	/* When originally vdev is started during assign_vif_chanctx() some
1717 	 * information is missing, notably SSID. Firmware revisions with beacon
1718 	 * offloading require the SSID to be provided during vdev (re)start to
1719 	 * handle hidden SSID properly.
1720 	 *
1721 	 * Vdev restart must be done after vdev has been both started and
1722 	 * upped. Otherwise some firmware revisions (at least 10.2) fail to
1723 	 * deliver vdev restart response event causing timeouts during vdev
1724 	 * syncing in ath10k.
1725 	 *
1726 	 * Note: The vdev down/up and template reinstallation could be skipped
1727 	 * since only wmi-tlv firmware are known to have beacon offload and
1728 	 * wmi-tlv doesn't seem to misbehave like 10.2 wrt vdev restart
1729 	 * response delivery. It's probably more robust to keep it as is.
1730 	 */
1731 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1732 		return 0;
1733 
1734 	if (WARN_ON(!arvif->is_started))
1735 		return -EINVAL;
1736 
1737 	if (WARN_ON(!arvif->is_up))
1738 		return -EINVAL;
1739 
1740 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
1741 		return -EINVAL;
1742 
1743 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1744 	if (ret) {
1745 		ath10k_warn(ar, "failed to bring down ap vdev %i: %d\n",
1746 			    arvif->vdev_id, ret);
1747 		return ret;
1748 	}
1749 
1750 	/* Vdev down reset beacon & presp templates. Reinstall them. Otherwise
1751 	 * firmware will crash upon vdev up.
1752 	 */
1753 
1754 	ret = ath10k_mac_setup_bcn_tmpl(arvif);
1755 	if (ret) {
1756 		ath10k_warn(ar, "failed to update beacon template: %d\n", ret);
1757 		return ret;
1758 	}
1759 
1760 	ret = ath10k_mac_setup_prb_tmpl(arvif);
1761 	if (ret) {
1762 		ath10k_warn(ar, "failed to update presp template: %d\n", ret);
1763 		return ret;
1764 	}
1765 
1766 	ret = ath10k_vdev_restart(arvif, &def);
1767 	if (ret) {
1768 		ath10k_warn(ar, "failed to restart ap vdev %i: %d\n",
1769 			    arvif->vdev_id, ret);
1770 		return ret;
1771 	}
1772 
1773 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1774 				 arvif->bssid);
1775 	if (ret) {
1776 		ath10k_warn(ar, "failed to bring up ap vdev %i: %d\n",
1777 			    arvif->vdev_id, ret);
1778 		return ret;
1779 	}
1780 
1781 	return 0;
1782 }
1783 
1784 static void ath10k_control_beaconing(struct ath10k_vif *arvif,
1785 				     struct ieee80211_bss_conf *info)
1786 {
1787 	struct ath10k *ar = arvif->ar;
1788 	int ret = 0;
1789 
1790 	lockdep_assert_held(&arvif->ar->conf_mutex);
1791 
1792 	if (!info->enable_beacon) {
1793 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1794 		if (ret)
1795 			ath10k_warn(ar, "failed to down vdev_id %i: %d\n",
1796 				    arvif->vdev_id, ret);
1797 
1798 		arvif->is_up = false;
1799 
1800 		spin_lock_bh(&arvif->ar->data_lock);
1801 		ath10k_mac_vif_beacon_free(arvif);
1802 		spin_unlock_bh(&arvif->ar->data_lock);
1803 
1804 		return;
1805 	}
1806 
1807 	arvif->tx_seq_no = 0x1000;
1808 
1809 	arvif->aid = 0;
1810 	ether_addr_copy(arvif->bssid, info->bssid);
1811 
1812 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1813 				 arvif->bssid);
1814 	if (ret) {
1815 		ath10k_warn(ar, "failed to bring up vdev %d: %i\n",
1816 			    arvif->vdev_id, ret);
1817 		return;
1818 	}
1819 
1820 	arvif->is_up = true;
1821 
1822 	ret = ath10k_mac_vif_fix_hidden_ssid(arvif);
1823 	if (ret) {
1824 		ath10k_warn(ar, "failed to fix hidden ssid for vdev %i, expect trouble: %d\n",
1825 			    arvif->vdev_id, ret);
1826 		return;
1827 	}
1828 
1829 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d up\n", arvif->vdev_id);
1830 }
1831 
1832 static void ath10k_control_ibss(struct ath10k_vif *arvif,
1833 				struct ieee80211_vif *vif)
1834 {
1835 	struct ath10k *ar = arvif->ar;
1836 	u32 vdev_param;
1837 	int ret = 0;
1838 
1839 	lockdep_assert_held(&arvif->ar->conf_mutex);
1840 
1841 	if (!vif->cfg.ibss_joined) {
1842 		if (is_zero_ether_addr(arvif->bssid))
1843 			return;
1844 
1845 		eth_zero_addr(arvif->bssid);
1846 
1847 		return;
1848 	}
1849 
1850 	vdev_param = arvif->ar->wmi.vdev_param->atim_window;
1851 	ret = ath10k_wmi_vdev_set_param(arvif->ar, arvif->vdev_id, vdev_param,
1852 					ATH10K_DEFAULT_ATIM);
1853 	if (ret)
1854 		ath10k_warn(ar, "failed to set IBSS ATIM for vdev %d: %d\n",
1855 			    arvif->vdev_id, ret);
1856 }
1857 
1858 static int ath10k_mac_vif_recalc_ps_wake_threshold(struct ath10k_vif *arvif)
1859 {
1860 	struct ath10k *ar = arvif->ar;
1861 	u32 param;
1862 	u32 value;
1863 	int ret;
1864 
1865 	lockdep_assert_held(&arvif->ar->conf_mutex);
1866 
1867 	if (arvif->u.sta.uapsd)
1868 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_NEVER;
1869 	else
1870 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_ALWAYS;
1871 
1872 	param = WMI_STA_PS_PARAM_TX_WAKE_THRESHOLD;
1873 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param, value);
1874 	if (ret) {
1875 		ath10k_warn(ar, "failed to submit ps wake threshold %u on vdev %i: %d\n",
1876 			    value, arvif->vdev_id, ret);
1877 		return ret;
1878 	}
1879 
1880 	return 0;
1881 }
1882 
1883 static int ath10k_mac_vif_recalc_ps_poll_count(struct ath10k_vif *arvif)
1884 {
1885 	struct ath10k *ar = arvif->ar;
1886 	u32 param;
1887 	u32 value;
1888 	int ret;
1889 
1890 	lockdep_assert_held(&arvif->ar->conf_mutex);
1891 
1892 	if (arvif->u.sta.uapsd)
1893 		value = WMI_STA_PS_PSPOLL_COUNT_UAPSD;
1894 	else
1895 		value = WMI_STA_PS_PSPOLL_COUNT_NO_MAX;
1896 
1897 	param = WMI_STA_PS_PARAM_PSPOLL_COUNT;
1898 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
1899 					  param, value);
1900 	if (ret) {
1901 		ath10k_warn(ar, "failed to submit ps poll count %u on vdev %i: %d\n",
1902 			    value, arvif->vdev_id, ret);
1903 		return ret;
1904 	}
1905 
1906 	return 0;
1907 }
1908 
1909 static int ath10k_mac_num_vifs_started(struct ath10k *ar)
1910 {
1911 	struct ath10k_vif *arvif;
1912 	int num = 0;
1913 
1914 	lockdep_assert_held(&ar->conf_mutex);
1915 
1916 	list_for_each_entry(arvif, &ar->arvifs, list)
1917 		if (arvif->is_started)
1918 			num++;
1919 
1920 	return num;
1921 }
1922 
1923 static int ath10k_mac_vif_setup_ps(struct ath10k_vif *arvif)
1924 {
1925 	struct ath10k *ar = arvif->ar;
1926 	struct ieee80211_vif *vif = arvif->vif;
1927 	struct ieee80211_conf *conf = &ar->hw->conf;
1928 	enum wmi_sta_powersave_param param;
1929 	enum wmi_sta_ps_mode psmode;
1930 	int ret;
1931 	int ps_timeout;
1932 	bool enable_ps;
1933 
1934 	lockdep_assert_held(&arvif->ar->conf_mutex);
1935 
1936 	if (arvif->vif->type != NL80211_IFTYPE_STATION)
1937 		return 0;
1938 
1939 	enable_ps = arvif->ps;
1940 
1941 	if (enable_ps && ath10k_mac_num_vifs_started(ar) > 1 &&
1942 	    !test_bit(ATH10K_FW_FEATURE_MULTI_VIF_PS_SUPPORT,
1943 		      ar->running_fw->fw_file.fw_features)) {
1944 		ath10k_warn(ar, "refusing to enable ps on vdev %i: not supported by fw\n",
1945 			    arvif->vdev_id);
1946 		enable_ps = false;
1947 	}
1948 
1949 	if (!arvif->is_started) {
1950 		/* mac80211 can update vif powersave state while disconnected.
1951 		 * Firmware doesn't behave nicely and consumes more power than
1952 		 * necessary if PS is disabled on a non-started vdev. Hence
1953 		 * force-enable PS for non-running vdevs.
1954 		 */
1955 		psmode = WMI_STA_PS_MODE_ENABLED;
1956 	} else if (enable_ps) {
1957 		psmode = WMI_STA_PS_MODE_ENABLED;
1958 		param = WMI_STA_PS_PARAM_INACTIVITY_TIME;
1959 
1960 		ps_timeout = conf->dynamic_ps_timeout;
1961 		if (ps_timeout == 0) {
1962 			/* Firmware doesn't like 0 */
1963 			ps_timeout = ieee80211_tu_to_usec(
1964 				vif->bss_conf.beacon_int) / 1000;
1965 		}
1966 
1967 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param,
1968 						  ps_timeout);
1969 		if (ret) {
1970 			ath10k_warn(ar, "failed to set inactivity time for vdev %d: %i\n",
1971 				    arvif->vdev_id, ret);
1972 			return ret;
1973 		}
1974 	} else {
1975 		psmode = WMI_STA_PS_MODE_DISABLED;
1976 	}
1977 
1978 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d psmode %s\n",
1979 		   arvif->vdev_id, psmode ? "enable" : "disable");
1980 
1981 	ret = ath10k_wmi_set_psmode(ar, arvif->vdev_id, psmode);
1982 	if (ret) {
1983 		ath10k_warn(ar, "failed to set PS Mode %d for vdev %d: %d\n",
1984 			    psmode, arvif->vdev_id, ret);
1985 		return ret;
1986 	}
1987 
1988 	return 0;
1989 }
1990 
1991 static int ath10k_mac_vif_disable_keepalive(struct ath10k_vif *arvif)
1992 {
1993 	struct ath10k *ar = arvif->ar;
1994 	struct wmi_sta_keepalive_arg arg = {};
1995 	int ret;
1996 
1997 	lockdep_assert_held(&arvif->ar->conf_mutex);
1998 
1999 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
2000 		return 0;
2001 
2002 	if (!test_bit(WMI_SERVICE_STA_KEEP_ALIVE, ar->wmi.svc_map))
2003 		return 0;
2004 
2005 	/* Some firmware revisions have a bug and ignore the `enabled` field.
2006 	 * Instead use the interval to disable the keepalive.
2007 	 */
2008 	arg.vdev_id = arvif->vdev_id;
2009 	arg.enabled = 1;
2010 	arg.method = WMI_STA_KEEPALIVE_METHOD_NULL_FRAME;
2011 	arg.interval = WMI_STA_KEEPALIVE_INTERVAL_DISABLE;
2012 
2013 	ret = ath10k_wmi_sta_keepalive(ar, &arg);
2014 	if (ret) {
2015 		ath10k_warn(ar, "failed to submit keepalive on vdev %i: %d\n",
2016 			    arvif->vdev_id, ret);
2017 		return ret;
2018 	}
2019 
2020 	return 0;
2021 }
2022 
2023 static void ath10k_mac_vif_ap_csa_count_down(struct ath10k_vif *arvif)
2024 {
2025 	struct ath10k *ar = arvif->ar;
2026 	struct ieee80211_vif *vif = arvif->vif;
2027 	int ret;
2028 
2029 	lockdep_assert_held(&arvif->ar->conf_mutex);
2030 
2031 	if (WARN_ON(!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)))
2032 		return;
2033 
2034 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
2035 		return;
2036 
2037 	if (!vif->bss_conf.csa_active)
2038 		return;
2039 
2040 	if (!arvif->is_up)
2041 		return;
2042 
2043 	if (!ieee80211_beacon_cntdwn_is_complete(vif)) {
2044 		ieee80211_beacon_update_cntdwn(vif);
2045 
2046 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
2047 		if (ret)
2048 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
2049 				    ret);
2050 
2051 		ret = ath10k_mac_setup_prb_tmpl(arvif);
2052 		if (ret)
2053 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
2054 				    ret);
2055 	} else {
2056 		ieee80211_csa_finish(vif);
2057 	}
2058 }
2059 
2060 static void ath10k_mac_vif_ap_csa_work(struct work_struct *work)
2061 {
2062 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2063 						ap_csa_work);
2064 	struct ath10k *ar = arvif->ar;
2065 
2066 	mutex_lock(&ar->conf_mutex);
2067 	ath10k_mac_vif_ap_csa_count_down(arvif);
2068 	mutex_unlock(&ar->conf_mutex);
2069 }
2070 
2071 static void ath10k_mac_handle_beacon_iter(void *data, u8 *mac,
2072 					  struct ieee80211_vif *vif)
2073 {
2074 	struct sk_buff *skb = data;
2075 	struct ieee80211_mgmt *mgmt = (void *)skb->data;
2076 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2077 
2078 	if (vif->type != NL80211_IFTYPE_STATION)
2079 		return;
2080 
2081 	if (!ether_addr_equal(mgmt->bssid, vif->bss_conf.bssid))
2082 		return;
2083 
2084 	cancel_delayed_work(&arvif->connection_loss_work);
2085 }
2086 
2087 void ath10k_mac_handle_beacon(struct ath10k *ar, struct sk_buff *skb)
2088 {
2089 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2090 						   ATH10K_ITER_NORMAL_FLAGS,
2091 						   ath10k_mac_handle_beacon_iter,
2092 						   skb);
2093 }
2094 
2095 static void ath10k_mac_handle_beacon_miss_iter(void *data, u8 *mac,
2096 					       struct ieee80211_vif *vif)
2097 {
2098 	u32 *vdev_id = data;
2099 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2100 	struct ath10k *ar = arvif->ar;
2101 	struct ieee80211_hw *hw = ar->hw;
2102 
2103 	if (arvif->vdev_id != *vdev_id)
2104 		return;
2105 
2106 	if (!arvif->is_up)
2107 		return;
2108 
2109 	ieee80211_beacon_loss(vif);
2110 
2111 	/* Firmware doesn't report beacon loss events repeatedly. If AP probe
2112 	 * (done by mac80211) succeeds but beacons do not resume then it
2113 	 * doesn't make sense to continue operation. Queue connection loss work
2114 	 * which can be cancelled when beacon is received.
2115 	 */
2116 	ieee80211_queue_delayed_work(hw, &arvif->connection_loss_work,
2117 				     ATH10K_CONNECTION_LOSS_HZ);
2118 }
2119 
2120 void ath10k_mac_handle_beacon_miss(struct ath10k *ar, u32 vdev_id)
2121 {
2122 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2123 						   ATH10K_ITER_NORMAL_FLAGS,
2124 						   ath10k_mac_handle_beacon_miss_iter,
2125 						   &vdev_id);
2126 }
2127 
2128 static void ath10k_mac_vif_sta_connection_loss_work(struct work_struct *work)
2129 {
2130 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2131 						connection_loss_work.work);
2132 	struct ieee80211_vif *vif = arvif->vif;
2133 
2134 	if (!arvif->is_up)
2135 		return;
2136 
2137 	ieee80211_connection_loss(vif);
2138 }
2139 
2140 /**********************/
2141 /* Station management */
2142 /**********************/
2143 
2144 static u32 ath10k_peer_assoc_h_listen_intval(struct ath10k *ar,
2145 					     struct ieee80211_vif *vif)
2146 {
2147 	/* Some firmware revisions have unstable STA powersave when listen
2148 	 * interval is set too high (e.g. 5). The symptoms are firmware doesn't
2149 	 * generate NullFunc frames properly even if buffered frames have been
2150 	 * indicated in Beacon TIM. Firmware would seldom wake up to pull
2151 	 * buffered frames. Often pinging the device from AP would simply fail.
2152 	 *
2153 	 * As a workaround set it to 1.
2154 	 */
2155 	if (vif->type == NL80211_IFTYPE_STATION)
2156 		return 1;
2157 
2158 	return ar->hw->conf.listen_interval;
2159 }
2160 
2161 static void ath10k_peer_assoc_h_basic(struct ath10k *ar,
2162 				      struct ieee80211_vif *vif,
2163 				      struct ieee80211_sta *sta,
2164 				      struct wmi_peer_assoc_complete_arg *arg)
2165 {
2166 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2167 	u32 aid;
2168 
2169 	lockdep_assert_held(&ar->conf_mutex);
2170 
2171 	if (vif->type == NL80211_IFTYPE_STATION)
2172 		aid = vif->cfg.aid;
2173 	else
2174 		aid = sta->aid;
2175 
2176 	ether_addr_copy(arg->addr, sta->addr);
2177 	arg->vdev_id = arvif->vdev_id;
2178 	arg->peer_aid = aid;
2179 	arg->peer_flags |= arvif->ar->wmi.peer_flags->auth;
2180 	arg->peer_listen_intval = ath10k_peer_assoc_h_listen_intval(ar, vif);
2181 	arg->peer_num_spatial_streams = 1;
2182 	arg->peer_caps = vif->bss_conf.assoc_capability;
2183 }
2184 
2185 static void ath10k_peer_assoc_h_crypto(struct ath10k *ar,
2186 				       struct ieee80211_vif *vif,
2187 				       struct ieee80211_sta *sta,
2188 				       struct wmi_peer_assoc_complete_arg *arg)
2189 {
2190 	struct ieee80211_bss_conf *info = &vif->bss_conf;
2191 	struct cfg80211_chan_def def;
2192 	struct cfg80211_bss *bss;
2193 	const u8 *rsnie = NULL;
2194 	const u8 *wpaie = NULL;
2195 
2196 	lockdep_assert_held(&ar->conf_mutex);
2197 
2198 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2199 		return;
2200 
2201 	bss = cfg80211_get_bss(ar->hw->wiphy, def.chan, info->bssid,
2202 			       vif->cfg.ssid_len ? vif->cfg.ssid : NULL,
2203 			       vif->cfg.ssid_len,
2204 			       IEEE80211_BSS_TYPE_ANY, IEEE80211_PRIVACY_ANY);
2205 	if (bss) {
2206 		const struct cfg80211_bss_ies *ies;
2207 
2208 		rcu_read_lock();
2209 		rsnie = ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
2210 
2211 		ies = rcu_dereference(bss->ies);
2212 
2213 		wpaie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
2214 						WLAN_OUI_TYPE_MICROSOFT_WPA,
2215 						ies->data,
2216 						ies->len);
2217 		rcu_read_unlock();
2218 		cfg80211_put_bss(ar->hw->wiphy, bss);
2219 	}
2220 
2221 	/* FIXME: base on RSN IE/WPA IE is a correct idea? */
2222 	if (rsnie || wpaie) {
2223 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: rsn ie found\n", __func__);
2224 		arg->peer_flags |= ar->wmi.peer_flags->need_ptk_4_way;
2225 	}
2226 
2227 	if (wpaie) {
2228 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: wpa ie found\n", __func__);
2229 		arg->peer_flags |= ar->wmi.peer_flags->need_gtk_2_way;
2230 	}
2231 
2232 	if (sta->mfp &&
2233 	    test_bit(ATH10K_FW_FEATURE_MFP_SUPPORT,
2234 		     ar->running_fw->fw_file.fw_features)) {
2235 		arg->peer_flags |= ar->wmi.peer_flags->pmf;
2236 	}
2237 }
2238 
2239 static void ath10k_peer_assoc_h_rates(struct ath10k *ar,
2240 				      struct ieee80211_vif *vif,
2241 				      struct ieee80211_sta *sta,
2242 				      struct wmi_peer_assoc_complete_arg *arg)
2243 {
2244 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2245 	struct wmi_rate_set_arg *rateset = &arg->peer_legacy_rates;
2246 	struct cfg80211_chan_def def;
2247 	const struct ieee80211_supported_band *sband;
2248 	const struct ieee80211_rate *rates;
2249 	enum nl80211_band band;
2250 	u32 ratemask;
2251 	u8 rate;
2252 	int i;
2253 
2254 	lockdep_assert_held(&ar->conf_mutex);
2255 
2256 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2257 		return;
2258 
2259 	band = def.chan->band;
2260 	sband = ar->hw->wiphy->bands[band];
2261 	ratemask = sta->deflink.supp_rates[band];
2262 	ratemask &= arvif->bitrate_mask.control[band].legacy;
2263 	rates = sband->bitrates;
2264 
2265 	rateset->num_rates = 0;
2266 
2267 	for (i = 0; i < 32; i++, ratemask >>= 1, rates++) {
2268 		if (!(ratemask & 1))
2269 			continue;
2270 
2271 		rate = ath10k_mac_bitrate_to_rate(rates->bitrate);
2272 		rateset->rates[rateset->num_rates] = rate;
2273 		rateset->num_rates++;
2274 	}
2275 }
2276 
2277 static bool
2278 ath10k_peer_assoc_h_ht_masked(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
2279 {
2280 	int nss;
2281 
2282 	for (nss = 0; nss < IEEE80211_HT_MCS_MASK_LEN; nss++)
2283 		if (ht_mcs_mask[nss])
2284 			return false;
2285 
2286 	return true;
2287 }
2288 
2289 static bool
2290 ath10k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
2291 {
2292 	int nss;
2293 
2294 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++)
2295 		if (vht_mcs_mask[nss])
2296 			return false;
2297 
2298 	return true;
2299 }
2300 
2301 static void ath10k_peer_assoc_h_ht(struct ath10k *ar,
2302 				   struct ieee80211_vif *vif,
2303 				   struct ieee80211_sta *sta,
2304 				   struct wmi_peer_assoc_complete_arg *arg)
2305 {
2306 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->deflink.ht_cap;
2307 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2308 	struct cfg80211_chan_def def;
2309 	enum nl80211_band band;
2310 	const u8 *ht_mcs_mask;
2311 	const u16 *vht_mcs_mask;
2312 	int i, n;
2313 	u8 max_nss;
2314 	u32 stbc;
2315 
2316 	lockdep_assert_held(&ar->conf_mutex);
2317 
2318 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2319 		return;
2320 
2321 	if (!ht_cap->ht_supported)
2322 		return;
2323 
2324 	band = def.chan->band;
2325 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2326 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2327 
2328 	if (ath10k_peer_assoc_h_ht_masked(ht_mcs_mask) &&
2329 	    ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2330 		return;
2331 
2332 	arg->peer_flags |= ar->wmi.peer_flags->ht;
2333 	arg->peer_max_mpdu = (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2334 				    ht_cap->ampdu_factor)) - 1;
2335 
2336 	arg->peer_mpdu_density =
2337 		ath10k_parse_mpdudensity(ht_cap->ampdu_density);
2338 
2339 	arg->peer_ht_caps = ht_cap->cap;
2340 	arg->peer_rate_caps |= WMI_RC_HT_FLAG;
2341 
2342 	if (ht_cap->cap & IEEE80211_HT_CAP_LDPC_CODING)
2343 		arg->peer_flags |= ar->wmi.peer_flags->ldbc;
2344 
2345 	if (sta->deflink.bandwidth >= IEEE80211_STA_RX_BW_40) {
2346 		arg->peer_flags |= ar->wmi.peer_flags->bw40;
2347 		arg->peer_rate_caps |= WMI_RC_CW40_FLAG;
2348 	}
2349 
2350 	if (arvif->bitrate_mask.control[band].gi != NL80211_TXRATE_FORCE_LGI) {
2351 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_20)
2352 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2353 
2354 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_40)
2355 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2356 	}
2357 
2358 	if (ht_cap->cap & IEEE80211_HT_CAP_TX_STBC) {
2359 		arg->peer_rate_caps |= WMI_RC_TX_STBC_FLAG;
2360 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2361 	}
2362 
2363 	if (ht_cap->cap & IEEE80211_HT_CAP_RX_STBC) {
2364 		stbc = ht_cap->cap & IEEE80211_HT_CAP_RX_STBC;
2365 		stbc = stbc >> IEEE80211_HT_CAP_RX_STBC_SHIFT;
2366 		stbc = stbc << WMI_RC_RX_STBC_FLAG_S;
2367 		arg->peer_rate_caps |= stbc;
2368 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2369 	}
2370 
2371 	if (ht_cap->mcs.rx_mask[1] && ht_cap->mcs.rx_mask[2])
2372 		arg->peer_rate_caps |= WMI_RC_TS_FLAG;
2373 	else if (ht_cap->mcs.rx_mask[1])
2374 		arg->peer_rate_caps |= WMI_RC_DS_FLAG;
2375 
2376 	for (i = 0, n = 0, max_nss = 0; i < IEEE80211_HT_MCS_MASK_LEN * 8; i++)
2377 		if ((ht_cap->mcs.rx_mask[i / 8] & BIT(i % 8)) &&
2378 		    (ht_mcs_mask[i / 8] & BIT(i % 8))) {
2379 			max_nss = (i / 8) + 1;
2380 			arg->peer_ht_rates.rates[n++] = i;
2381 		}
2382 
2383 	/*
2384 	 * This is a workaround for HT-enabled STAs which break the spec
2385 	 * and have no HT capabilities RX mask (no HT RX MCS map).
2386 	 *
2387 	 * As per spec, in section 20.3.5 Modulation and coding scheme (MCS),
2388 	 * MCS 0 through 7 are mandatory in 20MHz with 800 ns GI at all STAs.
2389 	 *
2390 	 * Firmware asserts if such situation occurs.
2391 	 */
2392 	if (n == 0) {
2393 		arg->peer_ht_rates.num_rates = 8;
2394 		for (i = 0; i < arg->peer_ht_rates.num_rates; i++)
2395 			arg->peer_ht_rates.rates[i] = i;
2396 	} else {
2397 		arg->peer_ht_rates.num_rates = n;
2398 		arg->peer_num_spatial_streams = min(sta->deflink.rx_nss,
2399 						    max_nss);
2400 	}
2401 
2402 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ht peer %pM mcs cnt %d nss %d\n",
2403 		   arg->addr,
2404 		   arg->peer_ht_rates.num_rates,
2405 		   arg->peer_num_spatial_streams);
2406 }
2407 
2408 static int ath10k_peer_assoc_qos_ap(struct ath10k *ar,
2409 				    struct ath10k_vif *arvif,
2410 				    struct ieee80211_sta *sta)
2411 {
2412 	u32 uapsd = 0;
2413 	u32 max_sp = 0;
2414 	int ret = 0;
2415 
2416 	lockdep_assert_held(&ar->conf_mutex);
2417 
2418 	if (sta->wme && sta->uapsd_queues) {
2419 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac uapsd_queues 0x%x max_sp %d\n",
2420 			   sta->uapsd_queues, sta->max_sp);
2421 
2422 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
2423 			uapsd |= WMI_AP_PS_UAPSD_AC3_DELIVERY_EN |
2424 				 WMI_AP_PS_UAPSD_AC3_TRIGGER_EN;
2425 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
2426 			uapsd |= WMI_AP_PS_UAPSD_AC2_DELIVERY_EN |
2427 				 WMI_AP_PS_UAPSD_AC2_TRIGGER_EN;
2428 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
2429 			uapsd |= WMI_AP_PS_UAPSD_AC1_DELIVERY_EN |
2430 				 WMI_AP_PS_UAPSD_AC1_TRIGGER_EN;
2431 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
2432 			uapsd |= WMI_AP_PS_UAPSD_AC0_DELIVERY_EN |
2433 				 WMI_AP_PS_UAPSD_AC0_TRIGGER_EN;
2434 
2435 		if (sta->max_sp < MAX_WMI_AP_PS_PEER_PARAM_MAX_SP)
2436 			max_sp = sta->max_sp;
2437 
2438 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2439 						 sta->addr,
2440 						 WMI_AP_PS_PEER_PARAM_UAPSD,
2441 						 uapsd);
2442 		if (ret) {
2443 			ath10k_warn(ar, "failed to set ap ps peer param uapsd for vdev %i: %d\n",
2444 				    arvif->vdev_id, ret);
2445 			return ret;
2446 		}
2447 
2448 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2449 						 sta->addr,
2450 						 WMI_AP_PS_PEER_PARAM_MAX_SP,
2451 						 max_sp);
2452 		if (ret) {
2453 			ath10k_warn(ar, "failed to set ap ps peer param max sp for vdev %i: %d\n",
2454 				    arvif->vdev_id, ret);
2455 			return ret;
2456 		}
2457 
2458 		/* TODO setup this based on STA listen interval and
2459 		 * beacon interval. Currently we don't know
2460 		 * sta->listen_interval - mac80211 patch required.
2461 		 * Currently use 10 seconds
2462 		 */
2463 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id, sta->addr,
2464 						 WMI_AP_PS_PEER_PARAM_AGEOUT_TIME,
2465 						 10);
2466 		if (ret) {
2467 			ath10k_warn(ar, "failed to set ap ps peer param ageout time for vdev %i: %d\n",
2468 				    arvif->vdev_id, ret);
2469 			return ret;
2470 		}
2471 	}
2472 
2473 	return 0;
2474 }
2475 
2476 static u16
2477 ath10k_peer_assoc_h_vht_limit(u16 tx_mcs_set,
2478 			      const u16 vht_mcs_limit[NL80211_VHT_NSS_MAX])
2479 {
2480 	int idx_limit;
2481 	int nss;
2482 	u16 mcs_map;
2483 	u16 mcs;
2484 
2485 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
2486 		mcs_map = ath10k_mac_get_max_vht_mcs_map(tx_mcs_set, nss) &
2487 			  vht_mcs_limit[nss];
2488 
2489 		if (mcs_map)
2490 			idx_limit = fls(mcs_map) - 1;
2491 		else
2492 			idx_limit = -1;
2493 
2494 		switch (idx_limit) {
2495 		case 0:
2496 		case 1:
2497 		case 2:
2498 		case 3:
2499 		case 4:
2500 		case 5:
2501 		case 6:
2502 		default:
2503 			/* see ath10k_mac_can_set_bitrate_mask() */
2504 			WARN_ON(1);
2505 			fallthrough;
2506 		case -1:
2507 			mcs = IEEE80211_VHT_MCS_NOT_SUPPORTED;
2508 			break;
2509 		case 7:
2510 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_7;
2511 			break;
2512 		case 8:
2513 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_8;
2514 			break;
2515 		case 9:
2516 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_9;
2517 			break;
2518 		}
2519 
2520 		tx_mcs_set &= ~(0x3 << (nss * 2));
2521 		tx_mcs_set |= mcs << (nss * 2);
2522 	}
2523 
2524 	return tx_mcs_set;
2525 }
2526 
2527 static u32 get_160mhz_nss_from_maxrate(int rate)
2528 {
2529 	u32 nss;
2530 
2531 	switch (rate) {
2532 	case 780:
2533 		nss = 1;
2534 		break;
2535 	case 1560:
2536 		nss = 2;
2537 		break;
2538 	case 2106:
2539 		nss = 3; /* not support MCS9 from spec*/
2540 		break;
2541 	case 3120:
2542 		nss = 4;
2543 		break;
2544 	default:
2545 		 nss = 1;
2546 	}
2547 
2548 	return nss;
2549 }
2550 
2551 static void ath10k_peer_assoc_h_vht(struct ath10k *ar,
2552 				    struct ieee80211_vif *vif,
2553 				    struct ieee80211_sta *sta,
2554 				    struct wmi_peer_assoc_complete_arg *arg)
2555 {
2556 	const struct ieee80211_sta_vht_cap *vht_cap = &sta->deflink.vht_cap;
2557 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2558 	struct ath10k_hw_params *hw = &ar->hw_params;
2559 	struct cfg80211_chan_def def;
2560 	enum nl80211_band band;
2561 	const u16 *vht_mcs_mask;
2562 	u8 ampdu_factor;
2563 	u8 max_nss, vht_mcs;
2564 	int i;
2565 
2566 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2567 		return;
2568 
2569 	if (!vht_cap->vht_supported)
2570 		return;
2571 
2572 	band = def.chan->band;
2573 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2574 
2575 	if (ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2576 		return;
2577 
2578 	arg->peer_flags |= ar->wmi.peer_flags->vht;
2579 
2580 	if (def.chan->band == NL80211_BAND_2GHZ)
2581 		arg->peer_flags |= ar->wmi.peer_flags->vht_2g;
2582 
2583 	arg->peer_vht_caps = vht_cap->cap;
2584 
2585 	ampdu_factor = (vht_cap->cap &
2586 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >>
2587 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
2588 
2589 	/* Workaround: Some Netgear/Linksys 11ac APs set Rx A-MPDU factor to
2590 	 * zero in VHT IE. Using it would result in degraded throughput.
2591 	 * arg->peer_max_mpdu at this point contains HT max_mpdu so keep
2592 	 * it if VHT max_mpdu is smaller.
2593 	 */
2594 	arg->peer_max_mpdu = max(arg->peer_max_mpdu,
2595 				 (1U << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2596 					ampdu_factor)) - 1);
2597 
2598 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2599 		arg->peer_flags |= ar->wmi.peer_flags->bw80;
2600 
2601 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160)
2602 		arg->peer_flags |= ar->wmi.peer_flags->bw160;
2603 
2604 	/* Calculate peer NSS capability from VHT capabilities if STA
2605 	 * supports VHT.
2606 	 */
2607 	for (i = 0, max_nss = 0, vht_mcs = 0; i < NL80211_VHT_NSS_MAX; i++) {
2608 		vht_mcs = __le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map) >>
2609 			  (2 * i) & 3;
2610 
2611 		if ((vht_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) &&
2612 		    vht_mcs_mask[i])
2613 			max_nss = i + 1;
2614 	}
2615 	arg->peer_num_spatial_streams = min(sta->deflink.rx_nss, max_nss);
2616 	arg->peer_vht_rates.rx_max_rate =
2617 		__le16_to_cpu(vht_cap->vht_mcs.rx_highest);
2618 	arg->peer_vht_rates.rx_mcs_set =
2619 		__le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map);
2620 	arg->peer_vht_rates.tx_max_rate =
2621 		__le16_to_cpu(vht_cap->vht_mcs.tx_highest);
2622 	arg->peer_vht_rates.tx_mcs_set = ath10k_peer_assoc_h_vht_limit(
2623 		__le16_to_cpu(vht_cap->vht_mcs.tx_mcs_map), vht_mcs_mask);
2624 
2625 	/* Configure bandwidth-NSS mapping to FW
2626 	 * for the chip's tx chains setting on 160Mhz bw
2627 	 */
2628 	if (arg->peer_phymode == MODE_11AC_VHT160 ||
2629 	    arg->peer_phymode == MODE_11AC_VHT80_80) {
2630 		u32 rx_nss;
2631 		u32 max_rate;
2632 
2633 		max_rate = arg->peer_vht_rates.rx_max_rate;
2634 		rx_nss = get_160mhz_nss_from_maxrate(max_rate);
2635 
2636 		if (rx_nss == 0)
2637 			rx_nss = arg->peer_num_spatial_streams;
2638 		else
2639 			rx_nss = min(arg->peer_num_spatial_streams, rx_nss);
2640 
2641 		max_rate = hw->vht160_mcs_tx_highest;
2642 		rx_nss = min(rx_nss, get_160mhz_nss_from_maxrate(max_rate));
2643 
2644 		arg->peer_bw_rxnss_override =
2645 			FIELD_PREP(WMI_PEER_NSS_MAP_ENABLE, 1) |
2646 			FIELD_PREP(WMI_PEER_NSS_160MHZ_MASK, (rx_nss - 1));
2647 
2648 		if (arg->peer_phymode == MODE_11AC_VHT80_80) {
2649 			arg->peer_bw_rxnss_override |=
2650 			FIELD_PREP(WMI_PEER_NSS_80_80MHZ_MASK, (rx_nss - 1));
2651 		}
2652 	}
2653 	ath10k_dbg(ar, ATH10K_DBG_MAC,
2654 		   "mac vht peer %pM max_mpdu %d flags 0x%x peer_rx_nss_override 0x%x\n",
2655 		   sta->addr, arg->peer_max_mpdu,
2656 		   arg->peer_flags, arg->peer_bw_rxnss_override);
2657 }
2658 
2659 static void ath10k_peer_assoc_h_qos(struct ath10k *ar,
2660 				    struct ieee80211_vif *vif,
2661 				    struct ieee80211_sta *sta,
2662 				    struct wmi_peer_assoc_complete_arg *arg)
2663 {
2664 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2665 
2666 	switch (arvif->vdev_type) {
2667 	case WMI_VDEV_TYPE_AP:
2668 		if (sta->wme)
2669 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2670 
2671 		if (sta->wme && sta->uapsd_queues) {
2672 			arg->peer_flags |= arvif->ar->wmi.peer_flags->apsd;
2673 			arg->peer_rate_caps |= WMI_RC_UAPSD_FLAG;
2674 		}
2675 		break;
2676 	case WMI_VDEV_TYPE_STA:
2677 		if (sta->wme)
2678 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2679 		break;
2680 	case WMI_VDEV_TYPE_IBSS:
2681 		if (sta->wme)
2682 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2683 		break;
2684 	default:
2685 		break;
2686 	}
2687 
2688 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM qos %d\n",
2689 		   sta->addr, !!(arg->peer_flags &
2690 		   arvif->ar->wmi.peer_flags->qos));
2691 }
2692 
2693 static bool ath10k_mac_sta_has_ofdm_only(struct ieee80211_sta *sta)
2694 {
2695 	return sta->deflink.supp_rates[NL80211_BAND_2GHZ] >>
2696 	       ATH10K_MAC_FIRST_OFDM_RATE_IDX;
2697 }
2698 
2699 static enum wmi_phy_mode ath10k_mac_get_phymode_vht(struct ath10k *ar,
2700 						    struct ieee80211_sta *sta)
2701 {
2702 	struct ieee80211_sta_vht_cap *vht_cap = &sta->deflink.vht_cap;
2703 
2704 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) {
2705 		switch (vht_cap->cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) {
2706 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ:
2707 			return MODE_11AC_VHT160;
2708 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ:
2709 			return MODE_11AC_VHT80_80;
2710 		default:
2711 			/* not sure if this is a valid case? */
2712 			return MODE_11AC_VHT160;
2713 		}
2714 	}
2715 
2716 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2717 		return MODE_11AC_VHT80;
2718 
2719 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2720 		return MODE_11AC_VHT40;
2721 
2722 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_20)
2723 		return MODE_11AC_VHT20;
2724 
2725 	return MODE_UNKNOWN;
2726 }
2727 
2728 static void ath10k_peer_assoc_h_phymode(struct ath10k *ar,
2729 					struct ieee80211_vif *vif,
2730 					struct ieee80211_sta *sta,
2731 					struct wmi_peer_assoc_complete_arg *arg)
2732 {
2733 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2734 	struct cfg80211_chan_def def;
2735 	enum nl80211_band band;
2736 	const u8 *ht_mcs_mask;
2737 	const u16 *vht_mcs_mask;
2738 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
2739 
2740 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2741 		return;
2742 
2743 	band = def.chan->band;
2744 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2745 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2746 
2747 	switch (band) {
2748 	case NL80211_BAND_2GHZ:
2749 		if (sta->deflink.vht_cap.vht_supported &&
2750 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2751 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2752 				phymode = MODE_11AC_VHT40;
2753 			else
2754 				phymode = MODE_11AC_VHT20;
2755 		} else if (sta->deflink.ht_cap.ht_supported &&
2756 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2757 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2758 				phymode = MODE_11NG_HT40;
2759 			else
2760 				phymode = MODE_11NG_HT20;
2761 		} else if (ath10k_mac_sta_has_ofdm_only(sta)) {
2762 			phymode = MODE_11G;
2763 		} else {
2764 			phymode = MODE_11B;
2765 		}
2766 
2767 		break;
2768 	case NL80211_BAND_5GHZ:
2769 		/*
2770 		 * Check VHT first.
2771 		 */
2772 		if (sta->deflink.vht_cap.vht_supported &&
2773 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2774 			phymode = ath10k_mac_get_phymode_vht(ar, sta);
2775 		} else if (sta->deflink.ht_cap.ht_supported &&
2776 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2777 			if (sta->deflink.bandwidth >= IEEE80211_STA_RX_BW_40)
2778 				phymode = MODE_11NA_HT40;
2779 			else
2780 				phymode = MODE_11NA_HT20;
2781 		} else {
2782 			phymode = MODE_11A;
2783 		}
2784 
2785 		break;
2786 	default:
2787 		break;
2788 	}
2789 
2790 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM phymode %s\n",
2791 		   sta->addr, ath10k_wmi_phymode_str(phymode));
2792 
2793 	arg->peer_phymode = phymode;
2794 	WARN_ON(phymode == MODE_UNKNOWN);
2795 }
2796 
2797 static int ath10k_peer_assoc_prepare(struct ath10k *ar,
2798 				     struct ieee80211_vif *vif,
2799 				     struct ieee80211_sta *sta,
2800 				     struct wmi_peer_assoc_complete_arg *arg)
2801 {
2802 	lockdep_assert_held(&ar->conf_mutex);
2803 
2804 	memset(arg, 0, sizeof(*arg));
2805 
2806 	ath10k_peer_assoc_h_basic(ar, vif, sta, arg);
2807 	ath10k_peer_assoc_h_crypto(ar, vif, sta, arg);
2808 	ath10k_peer_assoc_h_rates(ar, vif, sta, arg);
2809 	ath10k_peer_assoc_h_ht(ar, vif, sta, arg);
2810 	ath10k_peer_assoc_h_phymode(ar, vif, sta, arg);
2811 	ath10k_peer_assoc_h_vht(ar, vif, sta, arg);
2812 	ath10k_peer_assoc_h_qos(ar, vif, sta, arg);
2813 
2814 	return 0;
2815 }
2816 
2817 static const u32 ath10k_smps_map[] = {
2818 	[WLAN_HT_CAP_SM_PS_STATIC] = WMI_PEER_SMPS_STATIC,
2819 	[WLAN_HT_CAP_SM_PS_DYNAMIC] = WMI_PEER_SMPS_DYNAMIC,
2820 	[WLAN_HT_CAP_SM_PS_INVALID] = WMI_PEER_SMPS_PS_NONE,
2821 	[WLAN_HT_CAP_SM_PS_DISABLED] = WMI_PEER_SMPS_PS_NONE,
2822 };
2823 
2824 static int ath10k_setup_peer_smps(struct ath10k *ar, struct ath10k_vif *arvif,
2825 				  const u8 *addr,
2826 				  const struct ieee80211_sta_ht_cap *ht_cap)
2827 {
2828 	int smps;
2829 
2830 	if (!ht_cap->ht_supported)
2831 		return 0;
2832 
2833 	smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
2834 	smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
2835 
2836 	if (smps >= ARRAY_SIZE(ath10k_smps_map))
2837 		return -EINVAL;
2838 
2839 	return ath10k_wmi_peer_set_param(ar, arvif->vdev_id, addr,
2840 					 ar->wmi.peer_param->smps_state,
2841 					 ath10k_smps_map[smps]);
2842 }
2843 
2844 static int ath10k_mac_vif_recalc_txbf(struct ath10k *ar,
2845 				      struct ieee80211_vif *vif,
2846 				      struct ieee80211_sta_vht_cap vht_cap)
2847 {
2848 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2849 	int ret;
2850 	u32 param;
2851 	u32 value;
2852 
2853 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_AFTER_ASSOC)
2854 		return 0;
2855 
2856 	if (!(ar->vht_cap_info &
2857 	      (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2858 	       IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE |
2859 	       IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2860 	       IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)))
2861 		return 0;
2862 
2863 	param = ar->wmi.vdev_param->txbf;
2864 	value = 0;
2865 
2866 	if (WARN_ON(param == WMI_VDEV_PARAM_UNSUPPORTED))
2867 		return 0;
2868 
2869 	/* The following logic is correct. If a remote STA advertises support
2870 	 * for being a beamformer then we should enable us being a beamformee.
2871 	 */
2872 
2873 	if (ar->vht_cap_info &
2874 	    (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2875 	     IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
2876 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
2877 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2878 
2879 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
2880 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFEE;
2881 	}
2882 
2883 	if (ar->vht_cap_info &
2884 	    (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2885 	     IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
2886 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
2887 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2888 
2889 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
2890 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFER;
2891 	}
2892 
2893 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFEE)
2894 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2895 
2896 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFER)
2897 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2898 
2899 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param, value);
2900 	if (ret) {
2901 		ath10k_warn(ar, "failed to submit vdev param txbf 0x%x: %d\n",
2902 			    value, ret);
2903 		return ret;
2904 	}
2905 
2906 	return 0;
2907 }
2908 
2909 static bool ath10k_mac_is_connected(struct ath10k *ar)
2910 {
2911 	struct ath10k_vif *arvif;
2912 
2913 	list_for_each_entry(arvif, &ar->arvifs, list) {
2914 		if (arvif->is_up && arvif->vdev_type == WMI_VDEV_TYPE_STA)
2915 			return true;
2916 	}
2917 
2918 	return false;
2919 }
2920 
2921 static int ath10k_mac_txpower_setup(struct ath10k *ar, int txpower)
2922 {
2923 	int ret;
2924 	u32 param;
2925 	int tx_power_2g, tx_power_5g;
2926 	bool connected;
2927 
2928 	lockdep_assert_held(&ar->conf_mutex);
2929 
2930 	/* ath10k internally uses unit of 0.5 dBm so multiply by 2 */
2931 	tx_power_2g = txpower * 2;
2932 	tx_power_5g = txpower * 2;
2933 
2934 	connected = ath10k_mac_is_connected(ar);
2935 
2936 	if (connected && ar->tx_power_2g_limit)
2937 		if (tx_power_2g > ar->tx_power_2g_limit)
2938 			tx_power_2g = ar->tx_power_2g_limit;
2939 
2940 	if (connected && ar->tx_power_5g_limit)
2941 		if (tx_power_5g > ar->tx_power_5g_limit)
2942 			tx_power_5g = ar->tx_power_5g_limit;
2943 
2944 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac txpower 2g: %d, 5g: %d\n",
2945 		   tx_power_2g, tx_power_5g);
2946 
2947 	param = ar->wmi.pdev_param->txpower_limit2g;
2948 	ret = ath10k_wmi_pdev_set_param(ar, param, tx_power_2g);
2949 	if (ret) {
2950 		ath10k_warn(ar, "failed to set 2g txpower %d: %d\n",
2951 			    tx_power_2g, ret);
2952 		return ret;
2953 	}
2954 
2955 	param = ar->wmi.pdev_param->txpower_limit5g;
2956 	ret = ath10k_wmi_pdev_set_param(ar, param, tx_power_5g);
2957 	if (ret) {
2958 		ath10k_warn(ar, "failed to set 5g txpower %d: %d\n",
2959 			    tx_power_5g, ret);
2960 		return ret;
2961 	}
2962 
2963 	return 0;
2964 }
2965 
2966 static int ath10k_mac_txpower_recalc(struct ath10k *ar)
2967 {
2968 	struct ath10k_vif *arvif;
2969 	int ret, txpower = -1;
2970 
2971 	lockdep_assert_held(&ar->conf_mutex);
2972 
2973 	list_for_each_entry(arvif, &ar->arvifs, list) {
2974 		/* txpower not initialized yet? */
2975 		if (arvif->txpower == INT_MIN)
2976 			continue;
2977 
2978 		if (txpower == -1)
2979 			txpower = arvif->txpower;
2980 		else
2981 			txpower = min(txpower, arvif->txpower);
2982 	}
2983 
2984 	if (txpower == -1)
2985 		return 0;
2986 
2987 	ret = ath10k_mac_txpower_setup(ar, txpower);
2988 	if (ret) {
2989 		ath10k_warn(ar, "failed to setup tx power %d: %d\n",
2990 			    txpower, ret);
2991 		return ret;
2992 	}
2993 
2994 	return 0;
2995 }
2996 
2997 static int ath10k_mac_set_sar_power(struct ath10k *ar)
2998 {
2999 	if (!ar->hw_params.dynamic_sar_support)
3000 		return -EOPNOTSUPP;
3001 
3002 	if (!ath10k_mac_is_connected(ar))
3003 		return 0;
3004 
3005 	/* if connected, then arvif->txpower must be valid */
3006 	return ath10k_mac_txpower_recalc(ar);
3007 }
3008 
3009 static int ath10k_mac_set_sar_specs(struct ieee80211_hw *hw,
3010 				    const struct cfg80211_sar_specs *sar)
3011 {
3012 	const struct cfg80211_sar_sub_specs *sub_specs;
3013 	struct ath10k *ar = hw->priv;
3014 	u32 i;
3015 	int ret;
3016 
3017 	mutex_lock(&ar->conf_mutex);
3018 
3019 	if (!ar->hw_params.dynamic_sar_support) {
3020 		ret = -EOPNOTSUPP;
3021 		goto err;
3022 	}
3023 
3024 	if (!sar || sar->type != NL80211_SAR_TYPE_POWER ||
3025 	    sar->num_sub_specs == 0) {
3026 		ret = -EINVAL;
3027 		goto err;
3028 	}
3029 
3030 	sub_specs = sar->sub_specs;
3031 
3032 	/* 0dbm is not a practical value for ath10k, so use 0
3033 	 * as no SAR limitation on it.
3034 	 */
3035 	ar->tx_power_2g_limit = 0;
3036 	ar->tx_power_5g_limit = 0;
3037 
3038 	/* note the power is in 0.25dbm unit, while ath10k uses
3039 	 * 0.5dbm unit.
3040 	 */
3041 	for (i = 0; i < sar->num_sub_specs; i++) {
3042 		if (sub_specs->freq_range_index == 0)
3043 			ar->tx_power_2g_limit = sub_specs->power / 2;
3044 		else if (sub_specs->freq_range_index == 1)
3045 			ar->tx_power_5g_limit = sub_specs->power / 2;
3046 
3047 		sub_specs++;
3048 	}
3049 
3050 	ret = ath10k_mac_set_sar_power(ar);
3051 	if (ret) {
3052 		ath10k_warn(ar, "failed to set sar power: %d", ret);
3053 		goto err;
3054 	}
3055 
3056 err:
3057 	mutex_unlock(&ar->conf_mutex);
3058 	return ret;
3059 }
3060 
3061 /* can be called only in mac80211 callbacks due to `key_count` usage */
3062 static void ath10k_bss_assoc(struct ieee80211_hw *hw,
3063 			     struct ieee80211_vif *vif,
3064 			     struct ieee80211_bss_conf *bss_conf)
3065 {
3066 	struct ath10k *ar = hw->priv;
3067 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3068 	struct ieee80211_sta_ht_cap ht_cap;
3069 	struct ieee80211_sta_vht_cap vht_cap;
3070 	struct wmi_peer_assoc_complete_arg peer_arg;
3071 	struct ieee80211_sta *ap_sta;
3072 	int ret;
3073 
3074 	lockdep_assert_held(&ar->conf_mutex);
3075 
3076 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i assoc bssid %pM aid %d\n",
3077 		   arvif->vdev_id, arvif->bssid, arvif->aid);
3078 
3079 	rcu_read_lock();
3080 
3081 	ap_sta = ieee80211_find_sta(vif, bss_conf->bssid);
3082 	if (!ap_sta) {
3083 		ath10k_warn(ar, "failed to find station entry for bss %pM vdev %i\n",
3084 			    bss_conf->bssid, arvif->vdev_id);
3085 		rcu_read_unlock();
3086 		return;
3087 	}
3088 
3089 	/* ap_sta must be accessed only within rcu section which must be left
3090 	 * before calling ath10k_setup_peer_smps() which might sleep.
3091 	 */
3092 	ht_cap = ap_sta->deflink.ht_cap;
3093 	vht_cap = ap_sta->deflink.vht_cap;
3094 
3095 	ret = ath10k_peer_assoc_prepare(ar, vif, ap_sta, &peer_arg);
3096 	if (ret) {
3097 		ath10k_warn(ar, "failed to prepare peer assoc for %pM vdev %i: %d\n",
3098 			    bss_conf->bssid, arvif->vdev_id, ret);
3099 		rcu_read_unlock();
3100 		return;
3101 	}
3102 
3103 	rcu_read_unlock();
3104 
3105 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3106 	if (ret) {
3107 		ath10k_warn(ar, "failed to run peer assoc for %pM vdev %i: %d\n",
3108 			    bss_conf->bssid, arvif->vdev_id, ret);
3109 		return;
3110 	}
3111 
3112 	ret = ath10k_setup_peer_smps(ar, arvif, bss_conf->bssid, &ht_cap);
3113 	if (ret) {
3114 		ath10k_warn(ar, "failed to setup peer SMPS for vdev %i: %d\n",
3115 			    arvif->vdev_id, ret);
3116 		return;
3117 	}
3118 
3119 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3120 	if (ret) {
3121 		ath10k_warn(ar, "failed to recalc txbf for vdev %i on bss %pM: %d\n",
3122 			    arvif->vdev_id, bss_conf->bssid, ret);
3123 		return;
3124 	}
3125 
3126 	ath10k_dbg(ar, ATH10K_DBG_MAC,
3127 		   "mac vdev %d up (associated) bssid %pM aid %d\n",
3128 		   arvif->vdev_id, bss_conf->bssid, vif->cfg.aid);
3129 
3130 	WARN_ON(arvif->is_up);
3131 
3132 	arvif->aid = vif->cfg.aid;
3133 	ether_addr_copy(arvif->bssid, bss_conf->bssid);
3134 
3135 	ret = ath10k_wmi_pdev_set_param(ar,
3136 					ar->wmi.pdev_param->peer_stats_info_enable, 1);
3137 	if (ret)
3138 		ath10k_warn(ar, "failed to enable peer stats info: %d\n", ret);
3139 
3140 	ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, arvif->aid, arvif->bssid);
3141 	if (ret) {
3142 		ath10k_warn(ar, "failed to set vdev %d up: %d\n",
3143 			    arvif->vdev_id, ret);
3144 		return;
3145 	}
3146 
3147 	arvif->is_up = true;
3148 
3149 	ath10k_mac_set_sar_power(ar);
3150 
3151 	/* Workaround: Some firmware revisions (tested with qca6174
3152 	 * WLAN.RM.2.0-00073) have buggy powersave state machine and must be
3153 	 * poked with peer param command.
3154 	 */
3155 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, arvif->bssid,
3156 					ar->wmi.peer_param->dummy_var, 1);
3157 	if (ret) {
3158 		ath10k_warn(ar, "failed to poke peer %pM param for ps workaround on vdev %i: %d\n",
3159 			    arvif->bssid, arvif->vdev_id, ret);
3160 		return;
3161 	}
3162 }
3163 
3164 static void ath10k_bss_disassoc(struct ieee80211_hw *hw,
3165 				struct ieee80211_vif *vif)
3166 {
3167 	struct ath10k *ar = hw->priv;
3168 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3169 	struct ieee80211_sta_vht_cap vht_cap = {};
3170 	int ret;
3171 
3172 	lockdep_assert_held(&ar->conf_mutex);
3173 
3174 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i disassoc bssid %pM\n",
3175 		   arvif->vdev_id, arvif->bssid);
3176 
3177 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
3178 	if (ret)
3179 		ath10k_warn(ar, "failed to down vdev %i: %d\n",
3180 			    arvif->vdev_id, ret);
3181 
3182 	arvif->def_wep_key_idx = -1;
3183 
3184 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3185 	if (ret) {
3186 		ath10k_warn(ar, "failed to recalc txbf for vdev %i: %d\n",
3187 			    arvif->vdev_id, ret);
3188 		return;
3189 	}
3190 
3191 	arvif->is_up = false;
3192 
3193 	ath10k_mac_txpower_recalc(ar);
3194 
3195 	cancel_delayed_work_sync(&arvif->connection_loss_work);
3196 }
3197 
3198 static int ath10k_new_peer_tid_config(struct ath10k *ar,
3199 				      struct ieee80211_sta *sta,
3200 				      struct ath10k_vif *arvif)
3201 {
3202 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
3203 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
3204 	bool config_apply;
3205 	int ret, i;
3206 
3207 	for (i = 0; i < ATH10K_TID_MAX; i++) {
3208 		config_apply = false;
3209 		if (arvif->retry_long[i] || arvif->ampdu[i] ||
3210 		    arvif->rate_ctrl[i] || arvif->rtscts[i]) {
3211 			config_apply = true;
3212 			arg.tid = i;
3213 			arg.vdev_id = arvif->vdev_id;
3214 			arg.retry_count = arvif->retry_long[i];
3215 			arg.aggr_control = arvif->ampdu[i];
3216 			arg.rate_ctrl = arvif->rate_ctrl[i];
3217 			arg.rcode_flags = arvif->rate_code[i];
3218 
3219 			if (arvif->rtscts[i])
3220 				arg.ext_tid_cfg_bitmap =
3221 					WMI_EXT_TID_RTS_CTS_CONFIG;
3222 			else
3223 				arg.ext_tid_cfg_bitmap = 0;
3224 
3225 			arg.rtscts_ctrl = arvif->rtscts[i];
3226 		}
3227 
3228 		if (arvif->noack[i]) {
3229 			arg.ack_policy = arvif->noack[i];
3230 			arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
3231 			arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
3232 			config_apply = true;
3233 		}
3234 
3235 		/* Assign default value(-1) to newly connected station.
3236 		 * This is to identify station specific tid configuration not
3237 		 * configured for the station.
3238 		 */
3239 		arsta->retry_long[i] = -1;
3240 		arsta->noack[i] = -1;
3241 		arsta->ampdu[i] = -1;
3242 
3243 		if (!config_apply)
3244 			continue;
3245 
3246 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
3247 
3248 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
3249 		if (ret) {
3250 			ath10k_warn(ar, "failed to set per tid retry/aggr config for sta %pM: %d\n",
3251 				    sta->addr, ret);
3252 			return ret;
3253 		}
3254 
3255 		memset(&arg, 0, sizeof(arg));
3256 	}
3257 
3258 	return 0;
3259 }
3260 
3261 static int ath10k_station_assoc(struct ath10k *ar,
3262 				struct ieee80211_vif *vif,
3263 				struct ieee80211_sta *sta,
3264 				bool reassoc)
3265 {
3266 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3267 	struct wmi_peer_assoc_complete_arg peer_arg;
3268 	int ret = 0;
3269 
3270 	lockdep_assert_held(&ar->conf_mutex);
3271 
3272 	ret = ath10k_peer_assoc_prepare(ar, vif, sta, &peer_arg);
3273 	if (ret) {
3274 		ath10k_warn(ar, "failed to prepare WMI peer assoc for %pM vdev %i: %i\n",
3275 			    sta->addr, arvif->vdev_id, ret);
3276 		return ret;
3277 	}
3278 
3279 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3280 	if (ret) {
3281 		ath10k_warn(ar, "failed to run peer assoc for STA %pM vdev %i: %d\n",
3282 			    sta->addr, arvif->vdev_id, ret);
3283 		return ret;
3284 	}
3285 
3286 	/* Re-assoc is run only to update supported rates for given station. It
3287 	 * doesn't make much sense to reconfigure the peer completely.
3288 	 */
3289 	if (!reassoc) {
3290 		ret = ath10k_setup_peer_smps(ar, arvif, sta->addr,
3291 					     &sta->deflink.ht_cap);
3292 		if (ret) {
3293 			ath10k_warn(ar, "failed to setup peer SMPS for vdev %d: %d\n",
3294 				    arvif->vdev_id, ret);
3295 			return ret;
3296 		}
3297 
3298 		ret = ath10k_peer_assoc_qos_ap(ar, arvif, sta);
3299 		if (ret) {
3300 			ath10k_warn(ar, "failed to set qos params for STA %pM for vdev %i: %d\n",
3301 				    sta->addr, arvif->vdev_id, ret);
3302 			return ret;
3303 		}
3304 
3305 		if (!sta->wme) {
3306 			arvif->num_legacy_stations++;
3307 			ret  = ath10k_recalc_rtscts_prot(arvif);
3308 			if (ret) {
3309 				ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3310 					    arvif->vdev_id, ret);
3311 				return ret;
3312 			}
3313 		}
3314 
3315 		/* Plumb cached keys only for static WEP */
3316 		if ((arvif->def_wep_key_idx != -1) && (!sta->tdls)) {
3317 			ret = ath10k_install_peer_wep_keys(arvif, sta->addr);
3318 			if (ret) {
3319 				ath10k_warn(ar, "failed to install peer wep keys for vdev %i: %d\n",
3320 					    arvif->vdev_id, ret);
3321 				return ret;
3322 			}
3323 		}
3324 	}
3325 
3326 	if (!test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map))
3327 		return ret;
3328 
3329 	return ath10k_new_peer_tid_config(ar, sta, arvif);
3330 }
3331 
3332 static int ath10k_station_disassoc(struct ath10k *ar,
3333 				   struct ieee80211_vif *vif,
3334 				   struct ieee80211_sta *sta)
3335 {
3336 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3337 	int ret = 0;
3338 
3339 	lockdep_assert_held(&ar->conf_mutex);
3340 
3341 	if (!sta->wme) {
3342 		arvif->num_legacy_stations--;
3343 		ret = ath10k_recalc_rtscts_prot(arvif);
3344 		if (ret) {
3345 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3346 				    arvif->vdev_id, ret);
3347 			return ret;
3348 		}
3349 	}
3350 
3351 	ret = ath10k_clear_peer_keys(arvif, sta->addr);
3352 	if (ret) {
3353 		ath10k_warn(ar, "failed to clear all peer wep keys for vdev %i: %d\n",
3354 			    arvif->vdev_id, ret);
3355 		return ret;
3356 	}
3357 
3358 	return ret;
3359 }
3360 
3361 /**************/
3362 /* Regulatory */
3363 /**************/
3364 
3365 static int ath10k_update_channel_list(struct ath10k *ar)
3366 {
3367 	struct ieee80211_hw *hw = ar->hw;
3368 	struct ieee80211_supported_band **bands;
3369 	enum nl80211_band band;
3370 	struct ieee80211_channel *channel;
3371 	struct wmi_scan_chan_list_arg arg = {0};
3372 	struct wmi_channel_arg *ch;
3373 	bool passive;
3374 	int len;
3375 	int ret;
3376 	int i;
3377 
3378 	lockdep_assert_held(&ar->conf_mutex);
3379 
3380 	bands = hw->wiphy->bands;
3381 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3382 		if (!bands[band])
3383 			continue;
3384 
3385 		for (i = 0; i < bands[band]->n_channels; i++) {
3386 			if (bands[band]->channels[i].flags &
3387 			    IEEE80211_CHAN_DISABLED)
3388 				continue;
3389 
3390 			arg.n_channels++;
3391 		}
3392 	}
3393 
3394 	len = sizeof(struct wmi_channel_arg) * arg.n_channels;
3395 	arg.channels = kzalloc(len, GFP_KERNEL);
3396 	if (!arg.channels)
3397 		return -ENOMEM;
3398 
3399 	ch = arg.channels;
3400 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3401 		if (!bands[band])
3402 			continue;
3403 
3404 		for (i = 0; i < bands[band]->n_channels; i++) {
3405 			channel = &bands[band]->channels[i];
3406 
3407 			if (channel->flags & IEEE80211_CHAN_DISABLED)
3408 				continue;
3409 
3410 			ch->allow_ht = true;
3411 
3412 			/* FIXME: when should we really allow VHT? */
3413 			ch->allow_vht = true;
3414 
3415 			ch->allow_ibss =
3416 				!(channel->flags & IEEE80211_CHAN_NO_IR);
3417 
3418 			ch->ht40plus =
3419 				!(channel->flags & IEEE80211_CHAN_NO_HT40PLUS);
3420 
3421 			ch->chan_radar =
3422 				!!(channel->flags & IEEE80211_CHAN_RADAR);
3423 
3424 			passive = channel->flags & IEEE80211_CHAN_NO_IR;
3425 			ch->passive = passive;
3426 
3427 			/* the firmware is ignoring the "radar" flag of the
3428 			 * channel and is scanning actively using Probe Requests
3429 			 * on "Radar detection"/DFS channels which are not
3430 			 * marked as "available"
3431 			 */
3432 			ch->passive |= ch->chan_radar;
3433 
3434 			ch->freq = channel->center_freq;
3435 			ch->band_center_freq1 = channel->center_freq;
3436 			ch->min_power = 0;
3437 			ch->max_power = channel->max_power * 2;
3438 			ch->max_reg_power = channel->max_reg_power * 2;
3439 			ch->max_antenna_gain = channel->max_antenna_gain;
3440 			ch->reg_class_id = 0; /* FIXME */
3441 
3442 			/* FIXME: why use only legacy modes, why not any
3443 			 * HT/VHT modes? Would that even make any
3444 			 * difference?
3445 			 */
3446 			if (channel->band == NL80211_BAND_2GHZ)
3447 				ch->mode = MODE_11G;
3448 			else
3449 				ch->mode = MODE_11A;
3450 
3451 			if (WARN_ON_ONCE(ch->mode == MODE_UNKNOWN))
3452 				continue;
3453 
3454 			ath10k_dbg(ar, ATH10K_DBG_WMI,
3455 				   "mac channel [%zd/%d] freq %d maxpower %d regpower %d antenna %d mode %d\n",
3456 				    ch - arg.channels, arg.n_channels,
3457 				   ch->freq, ch->max_power, ch->max_reg_power,
3458 				   ch->max_antenna_gain, ch->mode);
3459 
3460 			ch++;
3461 		}
3462 	}
3463 
3464 	ret = ath10k_wmi_scan_chan_list(ar, &arg);
3465 	kfree(arg.channels);
3466 
3467 	return ret;
3468 }
3469 
3470 static enum wmi_dfs_region
3471 ath10k_mac_get_dfs_region(enum nl80211_dfs_regions dfs_region)
3472 {
3473 	switch (dfs_region) {
3474 	case NL80211_DFS_UNSET:
3475 		return WMI_UNINIT_DFS_DOMAIN;
3476 	case NL80211_DFS_FCC:
3477 		return WMI_FCC_DFS_DOMAIN;
3478 	case NL80211_DFS_ETSI:
3479 		return WMI_ETSI_DFS_DOMAIN;
3480 	case NL80211_DFS_JP:
3481 		return WMI_MKK4_DFS_DOMAIN;
3482 	}
3483 	return WMI_UNINIT_DFS_DOMAIN;
3484 }
3485 
3486 static void ath10k_regd_update(struct ath10k *ar)
3487 {
3488 	struct reg_dmn_pair_mapping *regpair;
3489 	int ret;
3490 	enum wmi_dfs_region wmi_dfs_reg;
3491 	enum nl80211_dfs_regions nl_dfs_reg;
3492 
3493 	lockdep_assert_held(&ar->conf_mutex);
3494 
3495 	ret = ath10k_update_channel_list(ar);
3496 	if (ret)
3497 		ath10k_warn(ar, "failed to update channel list: %d\n", ret);
3498 
3499 	regpair = ar->ath_common.regulatory.regpair;
3500 
3501 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3502 		nl_dfs_reg = ar->dfs_detector->region;
3503 		wmi_dfs_reg = ath10k_mac_get_dfs_region(nl_dfs_reg);
3504 	} else {
3505 		wmi_dfs_reg = WMI_UNINIT_DFS_DOMAIN;
3506 	}
3507 
3508 	/* Target allows setting up per-band regdomain but ath_common provides
3509 	 * a combined one only
3510 	 */
3511 	ret = ath10k_wmi_pdev_set_regdomain(ar,
3512 					    regpair->reg_domain,
3513 					    regpair->reg_domain, /* 2ghz */
3514 					    regpair->reg_domain, /* 5ghz */
3515 					    regpair->reg_2ghz_ctl,
3516 					    regpair->reg_5ghz_ctl,
3517 					    wmi_dfs_reg);
3518 	if (ret)
3519 		ath10k_warn(ar, "failed to set pdev regdomain: %d\n", ret);
3520 }
3521 
3522 static void ath10k_mac_update_channel_list(struct ath10k *ar,
3523 					   struct ieee80211_supported_band *band)
3524 {
3525 	int i;
3526 
3527 	if (ar->low_5ghz_chan && ar->high_5ghz_chan) {
3528 		for (i = 0; i < band->n_channels; i++) {
3529 			if (band->channels[i].center_freq < ar->low_5ghz_chan ||
3530 			    band->channels[i].center_freq > ar->high_5ghz_chan)
3531 				band->channels[i].flags |=
3532 					IEEE80211_CHAN_DISABLED;
3533 		}
3534 	}
3535 }
3536 
3537 static void ath10k_reg_notifier(struct wiphy *wiphy,
3538 				struct regulatory_request *request)
3539 {
3540 	struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
3541 	struct ath10k *ar = hw->priv;
3542 	bool result;
3543 
3544 	ath_reg_notifier_apply(wiphy, request, &ar->ath_common.regulatory);
3545 
3546 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3547 		ath10k_dbg(ar, ATH10K_DBG_REGULATORY, "dfs region 0x%x\n",
3548 			   request->dfs_region);
3549 		result = ar->dfs_detector->set_dfs_domain(ar->dfs_detector,
3550 							  request->dfs_region);
3551 		if (!result)
3552 			ath10k_warn(ar, "DFS region 0x%X not supported, will trigger radar for every pulse\n",
3553 				    request->dfs_region);
3554 	}
3555 
3556 	mutex_lock(&ar->conf_mutex);
3557 	if (ar->state == ATH10K_STATE_ON)
3558 		ath10k_regd_update(ar);
3559 	mutex_unlock(&ar->conf_mutex);
3560 
3561 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
3562 		ath10k_mac_update_channel_list(ar,
3563 					       ar->hw->wiphy->bands[NL80211_BAND_5GHZ]);
3564 }
3565 
3566 static void ath10k_stop_radar_confirmation(struct ath10k *ar)
3567 {
3568 	spin_lock_bh(&ar->data_lock);
3569 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_STOPPED;
3570 	spin_unlock_bh(&ar->data_lock);
3571 
3572 	cancel_work_sync(&ar->radar_confirmation_work);
3573 }
3574 
3575 /***************/
3576 /* TX handlers */
3577 /***************/
3578 
3579 enum ath10k_mac_tx_path {
3580 	ATH10K_MAC_TX_HTT,
3581 	ATH10K_MAC_TX_HTT_MGMT,
3582 	ATH10K_MAC_TX_WMI_MGMT,
3583 	ATH10K_MAC_TX_UNKNOWN,
3584 };
3585 
3586 void ath10k_mac_tx_lock(struct ath10k *ar, int reason)
3587 {
3588 	lockdep_assert_held(&ar->htt.tx_lock);
3589 
3590 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3591 	ar->tx_paused |= BIT(reason);
3592 	ieee80211_stop_queues(ar->hw);
3593 }
3594 
3595 static void ath10k_mac_tx_unlock_iter(void *data, u8 *mac,
3596 				      struct ieee80211_vif *vif)
3597 {
3598 	struct ath10k *ar = data;
3599 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3600 
3601 	if (arvif->tx_paused)
3602 		return;
3603 
3604 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3605 }
3606 
3607 void ath10k_mac_tx_unlock(struct ath10k *ar, int reason)
3608 {
3609 	lockdep_assert_held(&ar->htt.tx_lock);
3610 
3611 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3612 	ar->tx_paused &= ~BIT(reason);
3613 
3614 	if (ar->tx_paused)
3615 		return;
3616 
3617 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3618 						   ATH10K_ITER_RESUME_FLAGS,
3619 						   ath10k_mac_tx_unlock_iter,
3620 						   ar);
3621 
3622 	ieee80211_wake_queue(ar->hw, ar->hw->offchannel_tx_hw_queue);
3623 }
3624 
3625 void ath10k_mac_vif_tx_lock(struct ath10k_vif *arvif, int reason)
3626 {
3627 	struct ath10k *ar = arvif->ar;
3628 
3629 	lockdep_assert_held(&ar->htt.tx_lock);
3630 
3631 	WARN_ON(reason >= BITS_PER_LONG);
3632 	arvif->tx_paused |= BIT(reason);
3633 	ieee80211_stop_queue(ar->hw, arvif->vdev_id);
3634 }
3635 
3636 void ath10k_mac_vif_tx_unlock(struct ath10k_vif *arvif, int reason)
3637 {
3638 	struct ath10k *ar = arvif->ar;
3639 
3640 	lockdep_assert_held(&ar->htt.tx_lock);
3641 
3642 	WARN_ON(reason >= BITS_PER_LONG);
3643 	arvif->tx_paused &= ~BIT(reason);
3644 
3645 	if (ar->tx_paused)
3646 		return;
3647 
3648 	if (arvif->tx_paused)
3649 		return;
3650 
3651 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3652 }
3653 
3654 static void ath10k_mac_vif_handle_tx_pause(struct ath10k_vif *arvif,
3655 					   enum wmi_tlv_tx_pause_id pause_id,
3656 					   enum wmi_tlv_tx_pause_action action)
3657 {
3658 	struct ath10k *ar = arvif->ar;
3659 
3660 	lockdep_assert_held(&ar->htt.tx_lock);
3661 
3662 	switch (action) {
3663 	case WMI_TLV_TX_PAUSE_ACTION_STOP:
3664 		ath10k_mac_vif_tx_lock(arvif, pause_id);
3665 		break;
3666 	case WMI_TLV_TX_PAUSE_ACTION_WAKE:
3667 		ath10k_mac_vif_tx_unlock(arvif, pause_id);
3668 		break;
3669 	default:
3670 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
3671 			   "received unknown tx pause action %d on vdev %i, ignoring\n",
3672 			    action, arvif->vdev_id);
3673 		break;
3674 	}
3675 }
3676 
3677 struct ath10k_mac_tx_pause {
3678 	u32 vdev_id;
3679 	enum wmi_tlv_tx_pause_id pause_id;
3680 	enum wmi_tlv_tx_pause_action action;
3681 };
3682 
3683 static void ath10k_mac_handle_tx_pause_iter(void *data, u8 *mac,
3684 					    struct ieee80211_vif *vif)
3685 {
3686 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3687 	struct ath10k_mac_tx_pause *arg = data;
3688 
3689 	if (arvif->vdev_id != arg->vdev_id)
3690 		return;
3691 
3692 	ath10k_mac_vif_handle_tx_pause(arvif, arg->pause_id, arg->action);
3693 }
3694 
3695 void ath10k_mac_handle_tx_pause_vdev(struct ath10k *ar, u32 vdev_id,
3696 				     enum wmi_tlv_tx_pause_id pause_id,
3697 				     enum wmi_tlv_tx_pause_action action)
3698 {
3699 	struct ath10k_mac_tx_pause arg = {
3700 		.vdev_id = vdev_id,
3701 		.pause_id = pause_id,
3702 		.action = action,
3703 	};
3704 
3705 	spin_lock_bh(&ar->htt.tx_lock);
3706 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3707 						   ATH10K_ITER_RESUME_FLAGS,
3708 						   ath10k_mac_handle_tx_pause_iter,
3709 						   &arg);
3710 	spin_unlock_bh(&ar->htt.tx_lock);
3711 }
3712 
3713 static enum ath10k_hw_txrx_mode
3714 ath10k_mac_tx_h_get_txmode(struct ath10k *ar,
3715 			   struct ieee80211_vif *vif,
3716 			   struct ieee80211_sta *sta,
3717 			   struct sk_buff *skb)
3718 {
3719 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3720 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
3721 	__le16 fc = hdr->frame_control;
3722 
3723 	if (IEEE80211_SKB_CB(skb)->flags & IEEE80211_TX_CTL_HW_80211_ENCAP)
3724 		return ATH10K_HW_TXRX_ETHERNET;
3725 
3726 	if (!vif || vif->type == NL80211_IFTYPE_MONITOR)
3727 		return ATH10K_HW_TXRX_RAW;
3728 
3729 	if (ieee80211_is_mgmt(fc))
3730 		return ATH10K_HW_TXRX_MGMT;
3731 
3732 	/* Workaround:
3733 	 *
3734 	 * NullFunc frames are mostly used to ping if a client or AP are still
3735 	 * reachable and responsive. This implies tx status reports must be
3736 	 * accurate - otherwise either mac80211 or userspace (e.g. hostapd) can
3737 	 * come to a conclusion that the other end disappeared and tear down
3738 	 * BSS connection or it can never disconnect from BSS/client (which is
3739 	 * the case).
3740 	 *
3741 	 * Firmware with HTT older than 3.0 delivers incorrect tx status for
3742 	 * NullFunc frames to driver. However there's a HTT Mgmt Tx command
3743 	 * which seems to deliver correct tx reports for NullFunc frames. The
3744 	 * downside of using it is it ignores client powersave state so it can
3745 	 * end up disconnecting sleeping clients in AP mode. It should fix STA
3746 	 * mode though because AP don't sleep.
3747 	 */
3748 	if (ar->htt.target_version_major < 3 &&
3749 	    (ieee80211_is_nullfunc(fc) || ieee80211_is_qos_nullfunc(fc)) &&
3750 	    !test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3751 		      ar->running_fw->fw_file.fw_features))
3752 		return ATH10K_HW_TXRX_MGMT;
3753 
3754 	/* Workaround:
3755 	 *
3756 	 * Some wmi-tlv firmwares for qca6174 have broken Tx key selection for
3757 	 * NativeWifi txmode - it selects AP key instead of peer key. It seems
3758 	 * to work with Ethernet txmode so use it.
3759 	 *
3760 	 * FIXME: Check if raw mode works with TDLS.
3761 	 */
3762 	if (ieee80211_is_data_present(fc) && sta && sta->tdls)
3763 		return ATH10K_HW_TXRX_ETHERNET;
3764 
3765 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) ||
3766 	    skb_cb->flags & ATH10K_SKB_F_RAW_TX)
3767 		return ATH10K_HW_TXRX_RAW;
3768 
3769 	return ATH10K_HW_TXRX_NATIVE_WIFI;
3770 }
3771 
3772 static bool ath10k_tx_h_use_hwcrypto(struct ieee80211_vif *vif,
3773 				     struct sk_buff *skb)
3774 {
3775 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3776 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3777 	const u32 mask = IEEE80211_TX_INTFL_DONT_ENCRYPT |
3778 			 IEEE80211_TX_CTL_INJECTED;
3779 
3780 	if (!ieee80211_has_protected(hdr->frame_control))
3781 		return false;
3782 
3783 	if ((info->flags & mask) == mask)
3784 		return false;
3785 
3786 	if (vif)
3787 		return !((struct ath10k_vif *)vif->drv_priv)->nohwcrypt;
3788 
3789 	return true;
3790 }
3791 
3792 /* HTT Tx uses Native Wifi tx mode which expects 802.11 frames without QoS
3793  * Control in the header.
3794  */
3795 static void ath10k_tx_h_nwifi(struct ieee80211_hw *hw, struct sk_buff *skb)
3796 {
3797 	struct ieee80211_hdr *hdr = (void *)skb->data;
3798 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3799 	u8 *qos_ctl;
3800 
3801 	if (!ieee80211_is_data_qos(hdr->frame_control))
3802 		return;
3803 
3804 	qos_ctl = ieee80211_get_qos_ctl(hdr);
3805 	memmove(skb->data + IEEE80211_QOS_CTL_LEN,
3806 		skb->data, (void *)qos_ctl - (void *)skb->data);
3807 	skb_pull(skb, IEEE80211_QOS_CTL_LEN);
3808 
3809 	/* Some firmware revisions don't handle sending QoS NullFunc well.
3810 	 * These frames are mainly used for CQM purposes so it doesn't really
3811 	 * matter whether QoS NullFunc or NullFunc are sent.
3812 	 */
3813 	hdr = (void *)skb->data;
3814 	if (ieee80211_is_qos_nullfunc(hdr->frame_control))
3815 		cb->flags &= ~ATH10K_SKB_F_QOS;
3816 
3817 	hdr->frame_control &= ~__cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
3818 }
3819 
3820 static void ath10k_tx_h_8023(struct sk_buff *skb)
3821 {
3822 	struct ieee80211_hdr *hdr;
3823 	struct rfc1042_hdr *rfc1042;
3824 	struct ethhdr *eth;
3825 	size_t hdrlen;
3826 	u8 da[ETH_ALEN];
3827 	u8 sa[ETH_ALEN];
3828 	__be16 type;
3829 
3830 	hdr = (void *)skb->data;
3831 	hdrlen = ieee80211_hdrlen(hdr->frame_control);
3832 	rfc1042 = (void *)skb->data + hdrlen;
3833 
3834 	ether_addr_copy(da, ieee80211_get_DA(hdr));
3835 	ether_addr_copy(sa, ieee80211_get_SA(hdr));
3836 	type = rfc1042->snap_type;
3837 
3838 	skb_pull(skb, hdrlen + sizeof(*rfc1042));
3839 	skb_push(skb, sizeof(*eth));
3840 
3841 	eth = (void *)skb->data;
3842 	ether_addr_copy(eth->h_dest, da);
3843 	ether_addr_copy(eth->h_source, sa);
3844 	eth->h_proto = type;
3845 }
3846 
3847 static void ath10k_tx_h_add_p2p_noa_ie(struct ath10k *ar,
3848 				       struct ieee80211_vif *vif,
3849 				       struct sk_buff *skb)
3850 {
3851 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
3852 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3853 
3854 	/* This is case only for P2P_GO */
3855 	if (vif->type != NL80211_IFTYPE_AP || !vif->p2p)
3856 		return;
3857 
3858 	if (unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
3859 		spin_lock_bh(&ar->data_lock);
3860 		if (arvif->u.ap.noa_data)
3861 			if (!pskb_expand_head(skb, 0, arvif->u.ap.noa_len,
3862 					      GFP_ATOMIC))
3863 				skb_put_data(skb, arvif->u.ap.noa_data,
3864 					     arvif->u.ap.noa_len);
3865 		spin_unlock_bh(&ar->data_lock);
3866 	}
3867 }
3868 
3869 static void ath10k_mac_tx_h_fill_cb(struct ath10k *ar,
3870 				    struct ieee80211_vif *vif,
3871 				    struct ieee80211_txq *txq,
3872 				    struct ieee80211_sta *sta,
3873 				    struct sk_buff *skb, u16 airtime)
3874 {
3875 	struct ieee80211_hdr *hdr = (void *)skb->data;
3876 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3877 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3878 	bool is_data = ieee80211_is_data(hdr->frame_control) ||
3879 			ieee80211_is_data_qos(hdr->frame_control);
3880 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3881 	struct ath10k_sta *arsta;
3882 	u8 tid, *qos_ctl;
3883 	bool noack = false;
3884 
3885 	cb->flags = 0;
3886 
3887 	if (info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) {
3888 		cb->flags |= ATH10K_SKB_F_QOS;	/* Assume data frames are QoS */
3889 		goto finish_cb_fill;
3890 	}
3891 
3892 	if (!ath10k_tx_h_use_hwcrypto(vif, skb))
3893 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3894 
3895 	if (ieee80211_is_mgmt(hdr->frame_control))
3896 		cb->flags |= ATH10K_SKB_F_MGMT;
3897 
3898 	if (ieee80211_is_data_qos(hdr->frame_control)) {
3899 		cb->flags |= ATH10K_SKB_F_QOS;
3900 		qos_ctl = ieee80211_get_qos_ctl(hdr);
3901 		tid = (*qos_ctl) & IEEE80211_QOS_CTL_TID_MASK;
3902 
3903 		if (arvif->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3904 			noack = true;
3905 
3906 		if (sta) {
3907 			arsta = (struct ath10k_sta *)sta->drv_priv;
3908 
3909 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3910 				noack = true;
3911 
3912 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_ACK)
3913 				noack = false;
3914 		}
3915 
3916 		if (noack)
3917 			cb->flags |= ATH10K_SKB_F_NOACK_TID;
3918 	}
3919 
3920 	/* Data frames encrypted in software will be posted to firmware
3921 	 * with tx encap mode set to RAW. Ex: Multicast traffic generated
3922 	 * for a specific VLAN group will always be encrypted in software.
3923 	 */
3924 	if (is_data && ieee80211_has_protected(hdr->frame_control) &&
3925 	    !info->control.hw_key) {
3926 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3927 		cb->flags |= ATH10K_SKB_F_RAW_TX;
3928 	}
3929 
3930 finish_cb_fill:
3931 	cb->vif = vif;
3932 	cb->txq = txq;
3933 	cb->airtime_est = airtime;
3934 	if (sta) {
3935 		arsta = (struct ath10k_sta *)sta->drv_priv;
3936 		spin_lock_bh(&ar->data_lock);
3937 		cb->ucast_cipher = arsta->ucast_cipher;
3938 		spin_unlock_bh(&ar->data_lock);
3939 	}
3940 }
3941 
3942 bool ath10k_mac_tx_frm_has_freq(struct ath10k *ar)
3943 {
3944 	/* FIXME: Not really sure since when the behaviour changed. At some
3945 	 * point new firmware stopped requiring creation of peer entries for
3946 	 * offchannel tx (and actually creating them causes issues with wmi-htc
3947 	 * tx credit replenishment and reliability). Assuming it's at least 3.4
3948 	 * because that's when the `freq` was introduced to TX_FRM HTT command.
3949 	 */
3950 	return (ar->htt.target_version_major >= 3 &&
3951 		ar->htt.target_version_minor >= 4 &&
3952 		ar->running_fw->fw_file.htt_op_version == ATH10K_FW_HTT_OP_VERSION_TLV);
3953 }
3954 
3955 static int ath10k_mac_tx_wmi_mgmt(struct ath10k *ar, struct sk_buff *skb)
3956 {
3957 	struct sk_buff_head *q = &ar->wmi_mgmt_tx_queue;
3958 
3959 	if (skb_queue_len_lockless(q) >= ATH10K_MAX_NUM_MGMT_PENDING) {
3960 		ath10k_warn(ar, "wmi mgmt tx queue is full\n");
3961 		return -ENOSPC;
3962 	}
3963 
3964 	skb_queue_tail(q, skb);
3965 	ieee80211_queue_work(ar->hw, &ar->wmi_mgmt_tx_work);
3966 
3967 	return 0;
3968 }
3969 
3970 static enum ath10k_mac_tx_path
3971 ath10k_mac_tx_h_get_txpath(struct ath10k *ar,
3972 			   struct sk_buff *skb,
3973 			   enum ath10k_hw_txrx_mode txmode)
3974 {
3975 	switch (txmode) {
3976 	case ATH10K_HW_TXRX_RAW:
3977 	case ATH10K_HW_TXRX_NATIVE_WIFI:
3978 	case ATH10K_HW_TXRX_ETHERNET:
3979 		return ATH10K_MAC_TX_HTT;
3980 	case ATH10K_HW_TXRX_MGMT:
3981 		if (test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3982 			     ar->running_fw->fw_file.fw_features) ||
3983 			     test_bit(WMI_SERVICE_MGMT_TX_WMI,
3984 				      ar->wmi.svc_map))
3985 			return ATH10K_MAC_TX_WMI_MGMT;
3986 		else if (ar->htt.target_version_major >= 3)
3987 			return ATH10K_MAC_TX_HTT;
3988 		else
3989 			return ATH10K_MAC_TX_HTT_MGMT;
3990 	}
3991 
3992 	return ATH10K_MAC_TX_UNKNOWN;
3993 }
3994 
3995 static int ath10k_mac_tx_submit(struct ath10k *ar,
3996 				enum ath10k_hw_txrx_mode txmode,
3997 				enum ath10k_mac_tx_path txpath,
3998 				struct sk_buff *skb)
3999 {
4000 	struct ath10k_htt *htt = &ar->htt;
4001 	int ret = -EINVAL;
4002 
4003 	switch (txpath) {
4004 	case ATH10K_MAC_TX_HTT:
4005 		ret = ath10k_htt_tx(htt, txmode, skb);
4006 		break;
4007 	case ATH10K_MAC_TX_HTT_MGMT:
4008 		ret = ath10k_htt_mgmt_tx(htt, skb);
4009 		break;
4010 	case ATH10K_MAC_TX_WMI_MGMT:
4011 		ret = ath10k_mac_tx_wmi_mgmt(ar, skb);
4012 		break;
4013 	case ATH10K_MAC_TX_UNKNOWN:
4014 		WARN_ON_ONCE(1);
4015 		ret = -EINVAL;
4016 		break;
4017 	}
4018 
4019 	if (ret) {
4020 		ath10k_warn(ar, "failed to transmit packet, dropping: %d\n",
4021 			    ret);
4022 		ieee80211_free_txskb(ar->hw, skb);
4023 	}
4024 
4025 	return ret;
4026 }
4027 
4028 /* This function consumes the sk_buff regardless of return value as far as
4029  * caller is concerned so no freeing is necessary afterwards.
4030  */
4031 static int ath10k_mac_tx(struct ath10k *ar,
4032 			 struct ieee80211_vif *vif,
4033 			 enum ath10k_hw_txrx_mode txmode,
4034 			 enum ath10k_mac_tx_path txpath,
4035 			 struct sk_buff *skb, bool noque_offchan)
4036 {
4037 	struct ieee80211_hw *hw = ar->hw;
4038 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4039 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
4040 	int ret;
4041 
4042 	/* We should disable CCK RATE due to P2P */
4043 	if (info->flags & IEEE80211_TX_CTL_NO_CCK_RATE)
4044 		ath10k_dbg(ar, ATH10K_DBG_MAC, "IEEE80211_TX_CTL_NO_CCK_RATE\n");
4045 
4046 	switch (txmode) {
4047 	case ATH10K_HW_TXRX_MGMT:
4048 	case ATH10K_HW_TXRX_NATIVE_WIFI:
4049 		ath10k_tx_h_nwifi(hw, skb);
4050 		ath10k_tx_h_add_p2p_noa_ie(ar, vif, skb);
4051 		ath10k_tx_h_seq_no(vif, skb);
4052 		break;
4053 	case ATH10K_HW_TXRX_ETHERNET:
4054 		/* Convert 802.11->802.3 header only if the frame was erlier
4055 		 * encapsulated to 802.11 by mac80211. Otherwise pass it as is.
4056 		 */
4057 		if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP))
4058 			ath10k_tx_h_8023(skb);
4059 		break;
4060 	case ATH10K_HW_TXRX_RAW:
4061 		if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) &&
4062 		    !(skb_cb->flags & ATH10K_SKB_F_RAW_TX)) {
4063 			WARN_ON_ONCE(1);
4064 			ieee80211_free_txskb(hw, skb);
4065 			return -ENOTSUPP;
4066 		}
4067 	}
4068 
4069 	if (!noque_offchan && info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) {
4070 		if (!ath10k_mac_tx_frm_has_freq(ar)) {
4071 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac queued offchannel skb %pK len %d\n",
4072 				   skb, skb->len);
4073 
4074 			skb_queue_tail(&ar->offchan_tx_queue, skb);
4075 			ieee80211_queue_work(hw, &ar->offchan_tx_work);
4076 			return 0;
4077 		}
4078 	}
4079 
4080 	ret = ath10k_mac_tx_submit(ar, txmode, txpath, skb);
4081 	if (ret) {
4082 		ath10k_warn(ar, "failed to submit frame: %d\n", ret);
4083 		return ret;
4084 	}
4085 
4086 	return 0;
4087 }
4088 
4089 void ath10k_offchan_tx_purge(struct ath10k *ar)
4090 {
4091 	struct sk_buff *skb;
4092 
4093 	for (;;) {
4094 		skb = skb_dequeue(&ar->offchan_tx_queue);
4095 		if (!skb)
4096 			break;
4097 
4098 		ieee80211_free_txskb(ar->hw, skb);
4099 	}
4100 }
4101 
4102 void ath10k_offchan_tx_work(struct work_struct *work)
4103 {
4104 	struct ath10k *ar = container_of(work, struct ath10k, offchan_tx_work);
4105 	struct ath10k_peer *peer;
4106 	struct ath10k_vif *arvif;
4107 	enum ath10k_hw_txrx_mode txmode;
4108 	enum ath10k_mac_tx_path txpath;
4109 	struct ieee80211_hdr *hdr;
4110 	struct ieee80211_vif *vif;
4111 	struct ieee80211_sta *sta;
4112 	struct sk_buff *skb;
4113 	const u8 *peer_addr;
4114 	int vdev_id;
4115 	int ret;
4116 	unsigned long time_left;
4117 	bool tmp_peer_created = false;
4118 
4119 	/* FW requirement: We must create a peer before FW will send out
4120 	 * an offchannel frame. Otherwise the frame will be stuck and
4121 	 * never transmitted. We delete the peer upon tx completion.
4122 	 * It is unlikely that a peer for offchannel tx will already be
4123 	 * present. However it may be in some rare cases so account for that.
4124 	 * Otherwise we might remove a legitimate peer and break stuff.
4125 	 */
4126 
4127 	for (;;) {
4128 		skb = skb_dequeue(&ar->offchan_tx_queue);
4129 		if (!skb)
4130 			break;
4131 
4132 		mutex_lock(&ar->conf_mutex);
4133 
4134 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac offchannel skb %pK len %d\n",
4135 			   skb, skb->len);
4136 
4137 		hdr = (struct ieee80211_hdr *)skb->data;
4138 		peer_addr = ieee80211_get_DA(hdr);
4139 
4140 		spin_lock_bh(&ar->data_lock);
4141 		vdev_id = ar->scan.vdev_id;
4142 		peer = ath10k_peer_find(ar, vdev_id, peer_addr);
4143 		spin_unlock_bh(&ar->data_lock);
4144 
4145 		if (peer) {
4146 			ath10k_warn(ar, "peer %pM on vdev %d already present\n",
4147 				    peer_addr, vdev_id);
4148 		} else {
4149 			ret = ath10k_peer_create(ar, NULL, NULL, vdev_id,
4150 						 peer_addr,
4151 						 WMI_PEER_TYPE_DEFAULT);
4152 			if (ret)
4153 				ath10k_warn(ar, "failed to create peer %pM on vdev %d: %d\n",
4154 					    peer_addr, vdev_id, ret);
4155 			tmp_peer_created = (ret == 0);
4156 		}
4157 
4158 		spin_lock_bh(&ar->data_lock);
4159 		reinit_completion(&ar->offchan_tx_completed);
4160 		ar->offchan_tx_skb = skb;
4161 		spin_unlock_bh(&ar->data_lock);
4162 
4163 		/* It's safe to access vif and sta - conf_mutex guarantees that
4164 		 * sta_state() and remove_interface() are locked exclusively
4165 		 * out wrt to this offchannel worker.
4166 		 */
4167 		arvif = ath10k_get_arvif(ar, vdev_id);
4168 		if (arvif) {
4169 			vif = arvif->vif;
4170 			sta = ieee80211_find_sta(vif, peer_addr);
4171 		} else {
4172 			vif = NULL;
4173 			sta = NULL;
4174 		}
4175 
4176 		txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4177 		txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4178 
4179 		ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, true);
4180 		if (ret) {
4181 			ath10k_warn(ar, "failed to transmit offchannel frame: %d\n",
4182 				    ret);
4183 			/* not serious */
4184 		}
4185 
4186 		time_left =
4187 		wait_for_completion_timeout(&ar->offchan_tx_completed, 3 * HZ);
4188 		if (time_left == 0)
4189 			ath10k_warn(ar, "timed out waiting for offchannel skb %pK, len: %d\n",
4190 				    skb, skb->len);
4191 
4192 		if (!peer && tmp_peer_created) {
4193 			ret = ath10k_peer_delete(ar, vdev_id, peer_addr);
4194 			if (ret)
4195 				ath10k_warn(ar, "failed to delete peer %pM on vdev %d: %d\n",
4196 					    peer_addr, vdev_id, ret);
4197 		}
4198 
4199 		mutex_unlock(&ar->conf_mutex);
4200 	}
4201 }
4202 
4203 void ath10k_mgmt_over_wmi_tx_purge(struct ath10k *ar)
4204 {
4205 	struct sk_buff *skb;
4206 
4207 	for (;;) {
4208 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4209 		if (!skb)
4210 			break;
4211 
4212 		ieee80211_free_txskb(ar->hw, skb);
4213 	}
4214 }
4215 
4216 void ath10k_mgmt_over_wmi_tx_work(struct work_struct *work)
4217 {
4218 	struct ath10k *ar = container_of(work, struct ath10k, wmi_mgmt_tx_work);
4219 	struct sk_buff *skb;
4220 	dma_addr_t paddr;
4221 	int ret;
4222 
4223 	for (;;) {
4224 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4225 		if (!skb)
4226 			break;
4227 
4228 		if (test_bit(ATH10K_FW_FEATURE_MGMT_TX_BY_REF,
4229 			     ar->running_fw->fw_file.fw_features)) {
4230 			paddr = dma_map_single(ar->dev, skb->data,
4231 					       skb->len, DMA_TO_DEVICE);
4232 			if (dma_mapping_error(ar->dev, paddr)) {
4233 				ieee80211_free_txskb(ar->hw, skb);
4234 				continue;
4235 			}
4236 			ret = ath10k_wmi_mgmt_tx_send(ar, skb, paddr);
4237 			if (ret) {
4238 				ath10k_warn(ar, "failed to transmit management frame by ref via WMI: %d\n",
4239 					    ret);
4240 				/* remove this msdu from idr tracking */
4241 				ath10k_wmi_cleanup_mgmt_tx_send(ar, skb);
4242 
4243 				dma_unmap_single(ar->dev, paddr, skb->len,
4244 						 DMA_TO_DEVICE);
4245 				ieee80211_free_txskb(ar->hw, skb);
4246 			}
4247 		} else {
4248 			ret = ath10k_wmi_mgmt_tx(ar, skb);
4249 			if (ret) {
4250 				ath10k_warn(ar, "failed to transmit management frame via WMI: %d\n",
4251 					    ret);
4252 				ieee80211_free_txskb(ar->hw, skb);
4253 			}
4254 		}
4255 	}
4256 }
4257 
4258 static void ath10k_mac_txq_init(struct ieee80211_txq *txq)
4259 {
4260 	struct ath10k_txq *artxq;
4261 
4262 	if (!txq)
4263 		return;
4264 
4265 	artxq = (void *)txq->drv_priv;
4266 	INIT_LIST_HEAD(&artxq->list);
4267 }
4268 
4269 static void ath10k_mac_txq_unref(struct ath10k *ar, struct ieee80211_txq *txq)
4270 {
4271 	struct ath10k_skb_cb *cb;
4272 	struct sk_buff *msdu;
4273 	int msdu_id;
4274 
4275 	if (!txq)
4276 		return;
4277 
4278 	spin_lock_bh(&ar->htt.tx_lock);
4279 	idr_for_each_entry(&ar->htt.pending_tx, msdu, msdu_id) {
4280 		cb = ATH10K_SKB_CB(msdu);
4281 		if (cb->txq == txq)
4282 			cb->txq = NULL;
4283 	}
4284 	spin_unlock_bh(&ar->htt.tx_lock);
4285 }
4286 
4287 struct ieee80211_txq *ath10k_mac_txq_lookup(struct ath10k *ar,
4288 					    u16 peer_id,
4289 					    u8 tid)
4290 {
4291 	struct ath10k_peer *peer;
4292 
4293 	lockdep_assert_held(&ar->data_lock);
4294 
4295 	peer = ar->peer_map[peer_id];
4296 	if (!peer)
4297 		return NULL;
4298 
4299 	if (peer->removed)
4300 		return NULL;
4301 
4302 	if (peer->sta)
4303 		return peer->sta->txq[tid];
4304 	else if (peer->vif)
4305 		return peer->vif->txq;
4306 	else
4307 		return NULL;
4308 }
4309 
4310 static bool ath10k_mac_tx_can_push(struct ieee80211_hw *hw,
4311 				   struct ieee80211_txq *txq)
4312 {
4313 	struct ath10k *ar = hw->priv;
4314 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4315 
4316 	/* No need to get locks */
4317 	if (ar->htt.tx_q_state.mode == HTT_TX_MODE_SWITCH_PUSH)
4318 		return true;
4319 
4320 	if (ar->htt.num_pending_tx < ar->htt.tx_q_state.num_push_allowed)
4321 		return true;
4322 
4323 	if (artxq->num_fw_queued < artxq->num_push_allowed)
4324 		return true;
4325 
4326 	return false;
4327 }
4328 
4329 /* Return estimated airtime in microsecond, which is calculated using last
4330  * reported TX rate. This is just a rough estimation because host driver has no
4331  * knowledge of the actual transmit rate, retries or aggregation. If actual
4332  * airtime can be reported by firmware, then delta between estimated and actual
4333  * airtime can be adjusted from deficit.
4334  */
4335 #define IEEE80211_ATF_OVERHEAD		100	/* IFS + some slot time */
4336 #define IEEE80211_ATF_OVERHEAD_IFS	16	/* IFS only */
4337 static u16 ath10k_mac_update_airtime(struct ath10k *ar,
4338 				     struct ieee80211_txq *txq,
4339 				     struct sk_buff *skb)
4340 {
4341 	struct ath10k_sta *arsta;
4342 	u32 pktlen;
4343 	u16 airtime = 0;
4344 
4345 	if (!txq || !txq->sta)
4346 		return airtime;
4347 
4348 	if (test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
4349 		return airtime;
4350 
4351 	spin_lock_bh(&ar->data_lock);
4352 	arsta = (struct ath10k_sta *)txq->sta->drv_priv;
4353 
4354 	pktlen = skb->len + 38; /* Assume MAC header 30, SNAP 8 for most case */
4355 	if (arsta->last_tx_bitrate) {
4356 		/* airtime in us, last_tx_bitrate in 100kbps */
4357 		airtime = (pktlen * 8 * (1000 / 100))
4358 				/ arsta->last_tx_bitrate;
4359 		/* overhead for media access time and IFS */
4360 		airtime += IEEE80211_ATF_OVERHEAD_IFS;
4361 	} else {
4362 		/* This is mostly for throttle excessive BC/MC frames, and the
4363 		 * airtime/rate doesn't need be exact. Airtime of BC/MC frames
4364 		 * in 2G get some discount, which helps prevent very low rate
4365 		 * frames from being blocked for too long.
4366 		 */
4367 		airtime = (pktlen * 8 * (1000 / 100)) / 60; /* 6M */
4368 		airtime += IEEE80211_ATF_OVERHEAD;
4369 	}
4370 	spin_unlock_bh(&ar->data_lock);
4371 
4372 	return airtime;
4373 }
4374 
4375 int ath10k_mac_tx_push_txq(struct ieee80211_hw *hw,
4376 			   struct ieee80211_txq *txq)
4377 {
4378 	struct ath10k *ar = hw->priv;
4379 	struct ath10k_htt *htt = &ar->htt;
4380 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4381 	struct ieee80211_vif *vif = txq->vif;
4382 	struct ieee80211_sta *sta = txq->sta;
4383 	enum ath10k_hw_txrx_mode txmode;
4384 	enum ath10k_mac_tx_path txpath;
4385 	struct sk_buff *skb;
4386 	struct ieee80211_hdr *hdr;
4387 	size_t skb_len;
4388 	bool is_mgmt, is_presp;
4389 	int ret;
4390 	u16 airtime;
4391 
4392 	spin_lock_bh(&ar->htt.tx_lock);
4393 	ret = ath10k_htt_tx_inc_pending(htt);
4394 	spin_unlock_bh(&ar->htt.tx_lock);
4395 
4396 	if (ret)
4397 		return ret;
4398 
4399 	skb = ieee80211_tx_dequeue_ni(hw, txq);
4400 	if (!skb) {
4401 		spin_lock_bh(&ar->htt.tx_lock);
4402 		ath10k_htt_tx_dec_pending(htt);
4403 		spin_unlock_bh(&ar->htt.tx_lock);
4404 
4405 		return -ENOENT;
4406 	}
4407 
4408 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4409 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4410 
4411 	skb_len = skb->len;
4412 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4413 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4414 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4415 
4416 	if (is_mgmt) {
4417 		hdr = (struct ieee80211_hdr *)skb->data;
4418 		is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4419 
4420 		spin_lock_bh(&ar->htt.tx_lock);
4421 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4422 
4423 		if (ret) {
4424 			ath10k_htt_tx_dec_pending(htt);
4425 			spin_unlock_bh(&ar->htt.tx_lock);
4426 			return ret;
4427 		}
4428 		spin_unlock_bh(&ar->htt.tx_lock);
4429 	}
4430 
4431 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4432 	if (unlikely(ret)) {
4433 		ath10k_warn(ar, "failed to push frame: %d\n", ret);
4434 
4435 		spin_lock_bh(&ar->htt.tx_lock);
4436 		ath10k_htt_tx_dec_pending(htt);
4437 		if (is_mgmt)
4438 			ath10k_htt_tx_mgmt_dec_pending(htt);
4439 		spin_unlock_bh(&ar->htt.tx_lock);
4440 
4441 		return ret;
4442 	}
4443 
4444 	spin_lock_bh(&ar->htt.tx_lock);
4445 	artxq->num_fw_queued++;
4446 	spin_unlock_bh(&ar->htt.tx_lock);
4447 
4448 	return skb_len;
4449 }
4450 
4451 static int ath10k_mac_schedule_txq(struct ieee80211_hw *hw, u32 ac)
4452 {
4453 	struct ieee80211_txq *txq;
4454 	int ret = 0;
4455 
4456 	ieee80211_txq_schedule_start(hw, ac);
4457 	while ((txq = ieee80211_next_txq(hw, ac))) {
4458 		while (ath10k_mac_tx_can_push(hw, txq)) {
4459 			ret = ath10k_mac_tx_push_txq(hw, txq);
4460 			if (ret < 0)
4461 				break;
4462 		}
4463 		ieee80211_return_txq(hw, txq, false);
4464 		ath10k_htt_tx_txq_update(hw, txq);
4465 		if (ret == -EBUSY)
4466 			break;
4467 	}
4468 	ieee80211_txq_schedule_end(hw, ac);
4469 
4470 	return ret;
4471 }
4472 
4473 void ath10k_mac_tx_push_pending(struct ath10k *ar)
4474 {
4475 	struct ieee80211_hw *hw = ar->hw;
4476 	u32 ac;
4477 
4478 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4479 		return;
4480 
4481 	if (ar->htt.num_pending_tx >= (ar->htt.max_num_pending_tx / 2))
4482 		return;
4483 
4484 	rcu_read_lock();
4485 	for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
4486 		if (ath10k_mac_schedule_txq(hw, ac) == -EBUSY)
4487 			break;
4488 	}
4489 	rcu_read_unlock();
4490 }
4491 EXPORT_SYMBOL(ath10k_mac_tx_push_pending);
4492 
4493 /************/
4494 /* Scanning */
4495 /************/
4496 
4497 void __ath10k_scan_finish(struct ath10k *ar)
4498 {
4499 	lockdep_assert_held(&ar->data_lock);
4500 
4501 	switch (ar->scan.state) {
4502 	case ATH10K_SCAN_IDLE:
4503 		break;
4504 	case ATH10K_SCAN_RUNNING:
4505 	case ATH10K_SCAN_ABORTING:
4506 		if (!ar->scan.is_roc) {
4507 			struct cfg80211_scan_info info = {
4508 				.aborted = (ar->scan.state ==
4509 					    ATH10K_SCAN_ABORTING),
4510 			};
4511 
4512 			ieee80211_scan_completed(ar->hw, &info);
4513 		} else if (ar->scan.roc_notify) {
4514 			ieee80211_remain_on_channel_expired(ar->hw);
4515 		}
4516 		fallthrough;
4517 	case ATH10K_SCAN_STARTING:
4518 		ar->scan.state = ATH10K_SCAN_IDLE;
4519 		ar->scan_channel = NULL;
4520 		ar->scan.roc_freq = 0;
4521 		ath10k_offchan_tx_purge(ar);
4522 		cancel_delayed_work(&ar->scan.timeout);
4523 		complete(&ar->scan.completed);
4524 		break;
4525 	}
4526 }
4527 
4528 void ath10k_scan_finish(struct ath10k *ar)
4529 {
4530 	spin_lock_bh(&ar->data_lock);
4531 	__ath10k_scan_finish(ar);
4532 	spin_unlock_bh(&ar->data_lock);
4533 }
4534 
4535 static int ath10k_scan_stop(struct ath10k *ar)
4536 {
4537 	struct wmi_stop_scan_arg arg = {
4538 		.req_id = 1, /* FIXME */
4539 		.req_type = WMI_SCAN_STOP_ONE,
4540 		.u.scan_id = ATH10K_SCAN_ID,
4541 	};
4542 	int ret;
4543 
4544 	lockdep_assert_held(&ar->conf_mutex);
4545 
4546 	ret = ath10k_wmi_stop_scan(ar, &arg);
4547 	if (ret) {
4548 		ath10k_warn(ar, "failed to stop wmi scan: %d\n", ret);
4549 		goto out;
4550 	}
4551 
4552 	ret = wait_for_completion_timeout(&ar->scan.completed, 3 * HZ);
4553 	if (ret == 0) {
4554 		ath10k_warn(ar, "failed to receive scan abortion completion: timed out\n");
4555 		ret = -ETIMEDOUT;
4556 	} else if (ret > 0) {
4557 		ret = 0;
4558 	}
4559 
4560 out:
4561 	/* Scan state should be updated upon scan completion but in case
4562 	 * firmware fails to deliver the event (for whatever reason) it is
4563 	 * desired to clean up scan state anyway. Firmware may have just
4564 	 * dropped the scan completion event delivery due to transport pipe
4565 	 * being overflown with data and/or it can recover on its own before
4566 	 * next scan request is submitted.
4567 	 */
4568 	spin_lock_bh(&ar->data_lock);
4569 	if (ar->scan.state != ATH10K_SCAN_IDLE)
4570 		__ath10k_scan_finish(ar);
4571 	spin_unlock_bh(&ar->data_lock);
4572 
4573 	return ret;
4574 }
4575 
4576 static void ath10k_scan_abort(struct ath10k *ar)
4577 {
4578 	int ret;
4579 
4580 	lockdep_assert_held(&ar->conf_mutex);
4581 
4582 	spin_lock_bh(&ar->data_lock);
4583 
4584 	switch (ar->scan.state) {
4585 	case ATH10K_SCAN_IDLE:
4586 		/* This can happen if timeout worker kicked in and called
4587 		 * abortion while scan completion was being processed.
4588 		 */
4589 		break;
4590 	case ATH10K_SCAN_STARTING:
4591 	case ATH10K_SCAN_ABORTING:
4592 		ath10k_warn(ar, "refusing scan abortion due to invalid scan state: %s (%d)\n",
4593 			    ath10k_scan_state_str(ar->scan.state),
4594 			    ar->scan.state);
4595 		break;
4596 	case ATH10K_SCAN_RUNNING:
4597 		ar->scan.state = ATH10K_SCAN_ABORTING;
4598 		spin_unlock_bh(&ar->data_lock);
4599 
4600 		ret = ath10k_scan_stop(ar);
4601 		if (ret)
4602 			ath10k_warn(ar, "failed to abort scan: %d\n", ret);
4603 
4604 		spin_lock_bh(&ar->data_lock);
4605 		break;
4606 	}
4607 
4608 	spin_unlock_bh(&ar->data_lock);
4609 }
4610 
4611 void ath10k_scan_timeout_work(struct work_struct *work)
4612 {
4613 	struct ath10k *ar = container_of(work, struct ath10k,
4614 					 scan.timeout.work);
4615 
4616 	mutex_lock(&ar->conf_mutex);
4617 	ath10k_scan_abort(ar);
4618 	mutex_unlock(&ar->conf_mutex);
4619 }
4620 
4621 static int ath10k_start_scan(struct ath10k *ar,
4622 			     const struct wmi_start_scan_arg *arg)
4623 {
4624 	int ret;
4625 
4626 	lockdep_assert_held(&ar->conf_mutex);
4627 
4628 	ret = ath10k_wmi_start_scan(ar, arg);
4629 	if (ret)
4630 		return ret;
4631 
4632 	ret = wait_for_completion_timeout(&ar->scan.started, 1 * HZ);
4633 	if (ret == 0) {
4634 		ret = ath10k_scan_stop(ar);
4635 		if (ret)
4636 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
4637 
4638 		return -ETIMEDOUT;
4639 	}
4640 
4641 	/* If we failed to start the scan, return error code at
4642 	 * this point.  This is probably due to some issue in the
4643 	 * firmware, but no need to wedge the driver due to that...
4644 	 */
4645 	spin_lock_bh(&ar->data_lock);
4646 	if (ar->scan.state == ATH10K_SCAN_IDLE) {
4647 		spin_unlock_bh(&ar->data_lock);
4648 		return -EINVAL;
4649 	}
4650 	spin_unlock_bh(&ar->data_lock);
4651 
4652 	return 0;
4653 }
4654 
4655 /**********************/
4656 /* mac80211 callbacks */
4657 /**********************/
4658 
4659 static void ath10k_mac_op_tx(struct ieee80211_hw *hw,
4660 			     struct ieee80211_tx_control *control,
4661 			     struct sk_buff *skb)
4662 {
4663 	struct ath10k *ar = hw->priv;
4664 	struct ath10k_htt *htt = &ar->htt;
4665 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4666 	struct ieee80211_vif *vif = info->control.vif;
4667 	struct ieee80211_sta *sta = control->sta;
4668 	struct ieee80211_txq *txq = NULL;
4669 	enum ath10k_hw_txrx_mode txmode;
4670 	enum ath10k_mac_tx_path txpath;
4671 	bool is_htt;
4672 	bool is_mgmt;
4673 	int ret;
4674 	u16 airtime;
4675 
4676 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4677 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4678 
4679 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4680 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4681 	is_htt = (txpath == ATH10K_MAC_TX_HTT ||
4682 		  txpath == ATH10K_MAC_TX_HTT_MGMT);
4683 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4684 
4685 	if (is_htt) {
4686 		bool is_presp = false;
4687 
4688 		spin_lock_bh(&ar->htt.tx_lock);
4689 		if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP)) {
4690 			struct ieee80211_hdr *hdr = (void *)skb->data;
4691 
4692 			is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4693 		}
4694 
4695 		ret = ath10k_htt_tx_inc_pending(htt);
4696 		if (ret) {
4697 			ath10k_warn(ar, "failed to increase tx pending count: %d, dropping\n",
4698 				    ret);
4699 			spin_unlock_bh(&ar->htt.tx_lock);
4700 			ieee80211_free_txskb(ar->hw, skb);
4701 			return;
4702 		}
4703 
4704 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4705 		if (ret) {
4706 			ath10k_dbg(ar, ATH10K_DBG_MAC, "failed to increase tx mgmt pending count: %d, dropping\n",
4707 				   ret);
4708 			ath10k_htt_tx_dec_pending(htt);
4709 			spin_unlock_bh(&ar->htt.tx_lock);
4710 			ieee80211_free_txskb(ar->hw, skb);
4711 			return;
4712 		}
4713 		spin_unlock_bh(&ar->htt.tx_lock);
4714 	}
4715 
4716 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4717 	if (ret) {
4718 		ath10k_warn(ar, "failed to transmit frame: %d\n", ret);
4719 		if (is_htt) {
4720 			spin_lock_bh(&ar->htt.tx_lock);
4721 			ath10k_htt_tx_dec_pending(htt);
4722 			if (is_mgmt)
4723 				ath10k_htt_tx_mgmt_dec_pending(htt);
4724 			spin_unlock_bh(&ar->htt.tx_lock);
4725 		}
4726 		return;
4727 	}
4728 }
4729 
4730 static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw,
4731 					struct ieee80211_txq *txq)
4732 {
4733 	struct ath10k *ar = hw->priv;
4734 	int ret;
4735 	u8 ac;
4736 
4737 	ath10k_htt_tx_txq_update(hw, txq);
4738 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4739 		return;
4740 
4741 	ac = txq->ac;
4742 	ieee80211_txq_schedule_start(hw, ac);
4743 	txq = ieee80211_next_txq(hw, ac);
4744 	if (!txq)
4745 		goto out;
4746 
4747 	while (ath10k_mac_tx_can_push(hw, txq)) {
4748 		ret = ath10k_mac_tx_push_txq(hw, txq);
4749 		if (ret < 0)
4750 			break;
4751 	}
4752 	ieee80211_return_txq(hw, txq, false);
4753 	ath10k_htt_tx_txq_update(hw, txq);
4754 out:
4755 	ieee80211_txq_schedule_end(hw, ac);
4756 }
4757 
4758 /* Must not be called with conf_mutex held as workers can use that also. */
4759 void ath10k_drain_tx(struct ath10k *ar)
4760 {
4761 	lockdep_assert_not_held(&ar->conf_mutex);
4762 
4763 	/* make sure rcu-protected mac80211 tx path itself is drained */
4764 	synchronize_net();
4765 
4766 	ath10k_offchan_tx_purge(ar);
4767 	ath10k_mgmt_over_wmi_tx_purge(ar);
4768 
4769 	cancel_work_sync(&ar->offchan_tx_work);
4770 	cancel_work_sync(&ar->wmi_mgmt_tx_work);
4771 }
4772 
4773 void ath10k_halt(struct ath10k *ar)
4774 {
4775 	struct ath10k_vif *arvif;
4776 
4777 	lockdep_assert_held(&ar->conf_mutex);
4778 
4779 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
4780 	ar->filter_flags = 0;
4781 	ar->monitor = false;
4782 	ar->monitor_arvif = NULL;
4783 
4784 	if (ar->monitor_started)
4785 		ath10k_monitor_stop(ar);
4786 
4787 	ar->monitor_started = false;
4788 	ar->tx_paused = 0;
4789 
4790 	ath10k_scan_finish(ar);
4791 	ath10k_peer_cleanup_all(ar);
4792 	ath10k_stop_radar_confirmation(ar);
4793 	ath10k_core_stop(ar);
4794 	ath10k_hif_power_down(ar);
4795 
4796 	spin_lock_bh(&ar->data_lock);
4797 	list_for_each_entry(arvif, &ar->arvifs, list)
4798 		ath10k_mac_vif_beacon_cleanup(arvif);
4799 	spin_unlock_bh(&ar->data_lock);
4800 }
4801 
4802 static int ath10k_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
4803 {
4804 	struct ath10k *ar = hw->priv;
4805 
4806 	mutex_lock(&ar->conf_mutex);
4807 
4808 	*tx_ant = ar->cfg_tx_chainmask;
4809 	*rx_ant = ar->cfg_rx_chainmask;
4810 
4811 	mutex_unlock(&ar->conf_mutex);
4812 
4813 	return 0;
4814 }
4815 
4816 static bool ath10k_check_chain_mask(struct ath10k *ar, u32 cm, const char *dbg)
4817 {
4818 	/* It is not clear that allowing gaps in chainmask
4819 	 * is helpful.  Probably it will not do what user
4820 	 * is hoping for, so warn in that case.
4821 	 */
4822 	if (cm == 15 || cm == 7 || cm == 3 || cm == 1 || cm == 0)
4823 		return true;
4824 
4825 	ath10k_warn(ar, "mac %s antenna chainmask is invalid: 0x%x.  Suggested values: 15, 7, 3, 1 or 0.\n",
4826 		    dbg, cm);
4827 	return false;
4828 }
4829 
4830 static int ath10k_mac_get_vht_cap_bf_sts(struct ath10k *ar)
4831 {
4832 	int nsts = ar->vht_cap_info;
4833 
4834 	nsts &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4835 	nsts >>= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4836 
4837 	/* If firmware does not deliver to host number of space-time
4838 	 * streams supported, assume it support up to 4 BF STS and return
4839 	 * the value for VHT CAP: nsts-1)
4840 	 */
4841 	if (nsts == 0)
4842 		return 3;
4843 
4844 	return nsts;
4845 }
4846 
4847 static int ath10k_mac_get_vht_cap_bf_sound_dim(struct ath10k *ar)
4848 {
4849 	int sound_dim = ar->vht_cap_info;
4850 
4851 	sound_dim &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4852 	sound_dim >>= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4853 
4854 	/* If the sounding dimension is not advertised by the firmware,
4855 	 * let's use a default value of 1
4856 	 */
4857 	if (sound_dim == 0)
4858 		return 1;
4859 
4860 	return sound_dim;
4861 }
4862 
4863 static struct ieee80211_sta_vht_cap ath10k_create_vht_cap(struct ath10k *ar)
4864 {
4865 	struct ieee80211_sta_vht_cap vht_cap = {0};
4866 	struct ath10k_hw_params *hw = &ar->hw_params;
4867 	u16 mcs_map;
4868 	u32 val;
4869 	int i;
4870 
4871 	vht_cap.vht_supported = 1;
4872 	vht_cap.cap = ar->vht_cap_info;
4873 
4874 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
4875 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
4876 		val = ath10k_mac_get_vht_cap_bf_sts(ar);
4877 		val <<= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4878 		val &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4879 
4880 		vht_cap.cap |= val;
4881 	}
4882 
4883 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
4884 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
4885 		val = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
4886 		val <<= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4887 		val &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4888 
4889 		vht_cap.cap |= val;
4890 	}
4891 
4892 	mcs_map = 0;
4893 	for (i = 0; i < 8; i++) {
4894 		if ((i < ar->num_rf_chains) && (ar->cfg_tx_chainmask & BIT(i)))
4895 			mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
4896 		else
4897 			mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
4898 	}
4899 
4900 	if (ar->cfg_tx_chainmask <= 1)
4901 		vht_cap.cap &= ~IEEE80211_VHT_CAP_TXSTBC;
4902 
4903 	vht_cap.vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
4904 	vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
4905 
4906 	/* If we are supporting 160Mhz or 80+80, then the NIC may be able to do
4907 	 * a restricted NSS for 160 or 80+80 vs what it can do for 80Mhz.  Give
4908 	 * user-space a clue if that is the case.
4909 	 */
4910 	if ((vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) &&
4911 	    (hw->vht160_mcs_rx_highest != 0 ||
4912 	     hw->vht160_mcs_tx_highest != 0)) {
4913 		vht_cap.vht_mcs.rx_highest = cpu_to_le16(hw->vht160_mcs_rx_highest);
4914 		vht_cap.vht_mcs.tx_highest = cpu_to_le16(hw->vht160_mcs_tx_highest);
4915 	}
4916 
4917 	return vht_cap;
4918 }
4919 
4920 static struct ieee80211_sta_ht_cap ath10k_get_ht_cap(struct ath10k *ar)
4921 {
4922 	int i;
4923 	struct ieee80211_sta_ht_cap ht_cap = {0};
4924 
4925 	if (!(ar->ht_cap_info & WMI_HT_CAP_ENABLED))
4926 		return ht_cap;
4927 
4928 	ht_cap.ht_supported = 1;
4929 	ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
4930 	ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_8;
4931 	ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
4932 	ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
4933 	ht_cap.cap |=
4934 		WLAN_HT_CAP_SM_PS_DISABLED << IEEE80211_HT_CAP_SM_PS_SHIFT;
4935 
4936 	if (ar->ht_cap_info & WMI_HT_CAP_HT20_SGI)
4937 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
4938 
4939 	if (ar->ht_cap_info & WMI_HT_CAP_HT40_SGI)
4940 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
4941 
4942 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS) {
4943 		u32 smps;
4944 
4945 		smps   = WLAN_HT_CAP_SM_PS_DYNAMIC;
4946 		smps <<= IEEE80211_HT_CAP_SM_PS_SHIFT;
4947 
4948 		ht_cap.cap |= smps;
4949 	}
4950 
4951 	if (ar->ht_cap_info & WMI_HT_CAP_TX_STBC && (ar->cfg_tx_chainmask > 1))
4952 		ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
4953 
4954 	if (ar->ht_cap_info & WMI_HT_CAP_RX_STBC) {
4955 		u32 stbc;
4956 
4957 		stbc   = ar->ht_cap_info;
4958 		stbc  &= WMI_HT_CAP_RX_STBC;
4959 		stbc >>= WMI_HT_CAP_RX_STBC_MASK_SHIFT;
4960 		stbc <<= IEEE80211_HT_CAP_RX_STBC_SHIFT;
4961 		stbc  &= IEEE80211_HT_CAP_RX_STBC;
4962 
4963 		ht_cap.cap |= stbc;
4964 	}
4965 
4966 	if (ar->ht_cap_info & WMI_HT_CAP_LDPC || (ar->ht_cap_info &
4967 	    WMI_HT_CAP_RX_LDPC && (ar->ht_cap_info & WMI_HT_CAP_TX_LDPC)))
4968 		ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
4969 
4970 	if (ar->ht_cap_info & WMI_HT_CAP_L_SIG_TXOP_PROT)
4971 		ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
4972 
4973 	/* max AMSDU is implicitly taken from vht_cap_info */
4974 	if (ar->vht_cap_info & WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
4975 		ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
4976 
4977 	for (i = 0; i < ar->num_rf_chains; i++) {
4978 		if (ar->cfg_rx_chainmask & BIT(i))
4979 			ht_cap.mcs.rx_mask[i] = 0xFF;
4980 	}
4981 
4982 	ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
4983 
4984 	return ht_cap;
4985 }
4986 
4987 static void ath10k_mac_setup_ht_vht_cap(struct ath10k *ar)
4988 {
4989 	struct ieee80211_supported_band *band;
4990 	struct ieee80211_sta_vht_cap vht_cap;
4991 	struct ieee80211_sta_ht_cap ht_cap;
4992 
4993 	ht_cap = ath10k_get_ht_cap(ar);
4994 	vht_cap = ath10k_create_vht_cap(ar);
4995 
4996 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
4997 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
4998 		band->ht_cap = ht_cap;
4999 	}
5000 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
5001 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
5002 		band->ht_cap = ht_cap;
5003 		band->vht_cap = vht_cap;
5004 	}
5005 }
5006 
5007 static int __ath10k_set_antenna(struct ath10k *ar, u32 tx_ant, u32 rx_ant)
5008 {
5009 	int ret;
5010 	bool is_valid_tx_chain_mask, is_valid_rx_chain_mask;
5011 
5012 	lockdep_assert_held(&ar->conf_mutex);
5013 
5014 	is_valid_tx_chain_mask = ath10k_check_chain_mask(ar, tx_ant, "tx");
5015 	is_valid_rx_chain_mask = ath10k_check_chain_mask(ar, rx_ant, "rx");
5016 
5017 	if (!is_valid_tx_chain_mask || !is_valid_rx_chain_mask)
5018 		return -EINVAL;
5019 
5020 	ar->cfg_tx_chainmask = tx_ant;
5021 	ar->cfg_rx_chainmask = rx_ant;
5022 
5023 	if ((ar->state != ATH10K_STATE_ON) &&
5024 	    (ar->state != ATH10K_STATE_RESTARTED))
5025 		return 0;
5026 
5027 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->tx_chain_mask,
5028 					tx_ant);
5029 	if (ret) {
5030 		ath10k_warn(ar, "failed to set tx-chainmask: %d, req 0x%x\n",
5031 			    ret, tx_ant);
5032 		return ret;
5033 	}
5034 
5035 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rx_chain_mask,
5036 					rx_ant);
5037 	if (ret) {
5038 		ath10k_warn(ar, "failed to set rx-chainmask: %d, req 0x%x\n",
5039 			    ret, rx_ant);
5040 		return ret;
5041 	}
5042 
5043 	/* Reload HT/VHT capability */
5044 	ath10k_mac_setup_ht_vht_cap(ar);
5045 
5046 	return 0;
5047 }
5048 
5049 static int ath10k_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
5050 {
5051 	struct ath10k *ar = hw->priv;
5052 	int ret;
5053 
5054 	mutex_lock(&ar->conf_mutex);
5055 	ret = __ath10k_set_antenna(ar, tx_ant, rx_ant);
5056 	mutex_unlock(&ar->conf_mutex);
5057 	return ret;
5058 }
5059 
5060 static int __ath10k_fetch_bb_timing_dt(struct ath10k *ar,
5061 				       struct wmi_bb_timing_cfg_arg *bb_timing)
5062 {
5063 	struct device_node *node;
5064 	const char *fem_name;
5065 	int ret;
5066 
5067 	node = ar->dev->of_node;
5068 	if (!node)
5069 		return -ENOENT;
5070 
5071 	ret = of_property_read_string_index(node, "ext-fem-name", 0, &fem_name);
5072 	if (ret)
5073 		return -ENOENT;
5074 
5075 	/*
5076 	 * If external Front End module used in hardware, then default base band timing
5077 	 * parameter cannot be used since they were fine tuned for reference hardware,
5078 	 * so choosing different value suitable for that external FEM.
5079 	 */
5080 	if (!strcmp("microsemi-lx5586", fem_name)) {
5081 		bb_timing->bb_tx_timing = 0x00;
5082 		bb_timing->bb_xpa_timing = 0x0101;
5083 	} else {
5084 		return -ENOENT;
5085 	}
5086 
5087 	ath10k_dbg(ar, ATH10K_DBG_BOOT, "boot bb_tx_timing 0x%x bb_xpa_timing 0x%x\n",
5088 		   bb_timing->bb_tx_timing, bb_timing->bb_xpa_timing);
5089 	return 0;
5090 }
5091 
5092 static int ath10k_mac_rfkill_config(struct ath10k *ar)
5093 {
5094 	u32 param;
5095 	int ret;
5096 
5097 	if (ar->hw_values->rfkill_pin == 0) {
5098 		ath10k_warn(ar, "ath10k does not support hardware rfkill with this device\n");
5099 		return -EOPNOTSUPP;
5100 	}
5101 
5102 	ath10k_dbg(ar, ATH10K_DBG_MAC,
5103 		   "mac rfkill_pin %d rfkill_cfg %d rfkill_on_level %d",
5104 		   ar->hw_values->rfkill_pin, ar->hw_values->rfkill_cfg,
5105 		   ar->hw_values->rfkill_on_level);
5106 
5107 	param = FIELD_PREP(WMI_TLV_RFKILL_CFG_RADIO_LEVEL,
5108 			   ar->hw_values->rfkill_on_level) |
5109 		FIELD_PREP(WMI_TLV_RFKILL_CFG_GPIO_PIN_NUM,
5110 			   ar->hw_values->rfkill_pin) |
5111 		FIELD_PREP(WMI_TLV_RFKILL_CFG_PIN_AS_GPIO,
5112 			   ar->hw_values->rfkill_cfg);
5113 
5114 	ret = ath10k_wmi_pdev_set_param(ar,
5115 					ar->wmi.pdev_param->rfkill_config,
5116 					param);
5117 	if (ret) {
5118 		ath10k_warn(ar,
5119 			    "failed to set rfkill config 0x%x: %d\n",
5120 			    param, ret);
5121 		return ret;
5122 	}
5123 	return 0;
5124 }
5125 
5126 int ath10k_mac_rfkill_enable_radio(struct ath10k *ar, bool enable)
5127 {
5128 	enum wmi_tlv_rfkill_enable_radio param;
5129 	int ret;
5130 
5131 	if (enable)
5132 		param = WMI_TLV_RFKILL_ENABLE_RADIO_ON;
5133 	else
5134 		param = WMI_TLV_RFKILL_ENABLE_RADIO_OFF;
5135 
5136 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac rfkill enable %d", param);
5137 
5138 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rfkill_enable,
5139 					param);
5140 	if (ret) {
5141 		ath10k_warn(ar, "failed to set rfkill enable param %d: %d\n",
5142 			    param, ret);
5143 		return ret;
5144 	}
5145 
5146 	return 0;
5147 }
5148 
5149 static int ath10k_start(struct ieee80211_hw *hw)
5150 {
5151 	struct ath10k *ar = hw->priv;
5152 	u32 param;
5153 	int ret = 0;
5154 	struct wmi_bb_timing_cfg_arg bb_timing = {0};
5155 
5156 	/*
5157 	 * This makes sense only when restarting hw. It is harmless to call
5158 	 * unconditionally. This is necessary to make sure no HTT/WMI tx
5159 	 * commands will be submitted while restarting.
5160 	 */
5161 	ath10k_drain_tx(ar);
5162 
5163 	mutex_lock(&ar->conf_mutex);
5164 
5165 	switch (ar->state) {
5166 	case ATH10K_STATE_OFF:
5167 		ar->state = ATH10K_STATE_ON;
5168 		break;
5169 	case ATH10K_STATE_RESTARTING:
5170 		ar->state = ATH10K_STATE_RESTARTED;
5171 		break;
5172 	case ATH10K_STATE_ON:
5173 	case ATH10K_STATE_RESTARTED:
5174 	case ATH10K_STATE_WEDGED:
5175 		WARN_ON(1);
5176 		ret = -EINVAL;
5177 		goto err;
5178 	case ATH10K_STATE_UTF:
5179 		ret = -EBUSY;
5180 		goto err;
5181 	}
5182 
5183 	spin_lock_bh(&ar->data_lock);
5184 
5185 	if (ar->hw_rfkill_on) {
5186 		ar->hw_rfkill_on = false;
5187 		spin_unlock_bh(&ar->data_lock);
5188 		goto err;
5189 	}
5190 
5191 	spin_unlock_bh(&ar->data_lock);
5192 
5193 	ret = ath10k_hif_power_up(ar, ATH10K_FIRMWARE_MODE_NORMAL);
5194 	if (ret) {
5195 		ath10k_err(ar, "Could not init hif: %d\n", ret);
5196 		goto err_off;
5197 	}
5198 
5199 	ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_NORMAL,
5200 				&ar->normal_mode_fw);
5201 	if (ret) {
5202 		ath10k_err(ar, "Could not init core: %d\n", ret);
5203 		goto err_power_down;
5204 	}
5205 
5206 	if (ar->sys_cap_info & WMI_TLV_SYS_CAP_INFO_RFKILL) {
5207 		ret = ath10k_mac_rfkill_config(ar);
5208 		if (ret && ret != -EOPNOTSUPP) {
5209 			ath10k_warn(ar, "failed to configure rfkill: %d", ret);
5210 			goto err_core_stop;
5211 		}
5212 	}
5213 
5214 	param = ar->wmi.pdev_param->pmf_qos;
5215 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5216 	if (ret) {
5217 		ath10k_warn(ar, "failed to enable PMF QOS: %d\n", ret);
5218 		goto err_core_stop;
5219 	}
5220 
5221 	param = ar->wmi.pdev_param->dynamic_bw;
5222 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5223 	if (ret) {
5224 		ath10k_warn(ar, "failed to enable dynamic BW: %d\n", ret);
5225 		goto err_core_stop;
5226 	}
5227 
5228 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
5229 		ret = ath10k_wmi_scan_prob_req_oui(ar, ar->mac_addr);
5230 		if (ret) {
5231 			ath10k_err(ar, "failed to set prob req oui: %i\n", ret);
5232 			goto err_core_stop;
5233 		}
5234 	}
5235 
5236 	if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
5237 		ret = ath10k_wmi_adaptive_qcs(ar, true);
5238 		if (ret) {
5239 			ath10k_warn(ar, "failed to enable adaptive qcs: %d\n",
5240 				    ret);
5241 			goto err_core_stop;
5242 		}
5243 	}
5244 
5245 	if (test_bit(WMI_SERVICE_BURST, ar->wmi.svc_map)) {
5246 		param = ar->wmi.pdev_param->burst_enable;
5247 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5248 		if (ret) {
5249 			ath10k_warn(ar, "failed to disable burst: %d\n", ret);
5250 			goto err_core_stop;
5251 		}
5252 	}
5253 
5254 	param = ar->wmi.pdev_param->idle_ps_config;
5255 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5256 	if (ret && ret != -EOPNOTSUPP) {
5257 		ath10k_warn(ar, "failed to enable idle_ps_config: %d\n", ret);
5258 		goto err_core_stop;
5259 	}
5260 
5261 	__ath10k_set_antenna(ar, ar->cfg_tx_chainmask, ar->cfg_rx_chainmask);
5262 
5263 	/*
5264 	 * By default FW set ARP frames ac to voice (6). In that case ARP
5265 	 * exchange is not working properly for UAPSD enabled AP. ARP requests
5266 	 * which arrives with access category 0 are processed by network stack
5267 	 * and send back with access category 0, but FW changes access category
5268 	 * to 6. Set ARP frames access category to best effort (0) solves
5269 	 * this problem.
5270 	 */
5271 
5272 	param = ar->wmi.pdev_param->arp_ac_override;
5273 	ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5274 	if (ret) {
5275 		ath10k_warn(ar, "failed to set arp ac override parameter: %d\n",
5276 			    ret);
5277 		goto err_core_stop;
5278 	}
5279 
5280 	if (test_bit(ATH10K_FW_FEATURE_SUPPORTS_ADAPTIVE_CCA,
5281 		     ar->running_fw->fw_file.fw_features)) {
5282 		ret = ath10k_wmi_pdev_enable_adaptive_cca(ar, 1,
5283 							  WMI_CCA_DETECT_LEVEL_AUTO,
5284 							  WMI_CCA_DETECT_MARGIN_AUTO);
5285 		if (ret) {
5286 			ath10k_warn(ar, "failed to enable adaptive cca: %d\n",
5287 				    ret);
5288 			goto err_core_stop;
5289 		}
5290 	}
5291 
5292 	param = ar->wmi.pdev_param->ani_enable;
5293 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5294 	if (ret) {
5295 		ath10k_warn(ar, "failed to enable ani by default: %d\n",
5296 			    ret);
5297 		goto err_core_stop;
5298 	}
5299 
5300 	ar->ani_enabled = true;
5301 
5302 	if (ath10k_peer_stats_enabled(ar)) {
5303 		param = ar->wmi.pdev_param->peer_stats_update_period;
5304 		ret = ath10k_wmi_pdev_set_param(ar, param,
5305 						PEER_DEFAULT_STATS_UPDATE_PERIOD);
5306 		if (ret) {
5307 			ath10k_warn(ar,
5308 				    "failed to set peer stats period : %d\n",
5309 				    ret);
5310 			goto err_core_stop;
5311 		}
5312 	}
5313 
5314 	param = ar->wmi.pdev_param->enable_btcoex;
5315 	if (test_bit(WMI_SERVICE_COEX_GPIO, ar->wmi.svc_map) &&
5316 	    test_bit(ATH10K_FW_FEATURE_BTCOEX_PARAM,
5317 		     ar->running_fw->fw_file.fw_features) &&
5318 	    ar->coex_support) {
5319 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5320 		if (ret) {
5321 			ath10k_warn(ar,
5322 				    "failed to set btcoex param: %d\n", ret);
5323 			goto err_core_stop;
5324 		}
5325 		clear_bit(ATH10K_FLAG_BTCOEX, &ar->dev_flags);
5326 	}
5327 
5328 	if (test_bit(WMI_SERVICE_BB_TIMING_CONFIG_SUPPORT, ar->wmi.svc_map)) {
5329 		ret = __ath10k_fetch_bb_timing_dt(ar, &bb_timing);
5330 		if (!ret) {
5331 			ret = ath10k_wmi_pdev_bb_timing(ar, &bb_timing);
5332 			if (ret) {
5333 				ath10k_warn(ar,
5334 					    "failed to set bb timings: %d\n",
5335 					    ret);
5336 				goto err_core_stop;
5337 			}
5338 		}
5339 	}
5340 
5341 	ar->num_started_vdevs = 0;
5342 	ath10k_regd_update(ar);
5343 
5344 	ath10k_spectral_start(ar);
5345 	ath10k_thermal_set_throttling(ar);
5346 
5347 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_IDLE;
5348 
5349 	mutex_unlock(&ar->conf_mutex);
5350 	return 0;
5351 
5352 err_core_stop:
5353 	ath10k_core_stop(ar);
5354 
5355 err_power_down:
5356 	ath10k_hif_power_down(ar);
5357 
5358 err_off:
5359 	ar->state = ATH10K_STATE_OFF;
5360 
5361 err:
5362 	mutex_unlock(&ar->conf_mutex);
5363 	return ret;
5364 }
5365 
5366 static void ath10k_stop(struct ieee80211_hw *hw)
5367 {
5368 	struct ath10k *ar = hw->priv;
5369 	u32 opt;
5370 
5371 	ath10k_drain_tx(ar);
5372 
5373 	mutex_lock(&ar->conf_mutex);
5374 	if (ar->state != ATH10K_STATE_OFF) {
5375 		if (!ar->hw_rfkill_on) {
5376 			/* If the current driver state is RESTARTING but not yet
5377 			 * fully RESTARTED because of incoming suspend event,
5378 			 * then ath10k_halt() is already called via
5379 			 * ath10k_core_restart() and should not be called here.
5380 			 */
5381 			if (ar->state != ATH10K_STATE_RESTARTING) {
5382 				ath10k_halt(ar);
5383 			} else {
5384 				/* Suspending here, because when in RESTARTING
5385 				 * state, ath10k_core_stop() skips
5386 				 * ath10k_wait_for_suspend().
5387 				 */
5388 				opt = WMI_PDEV_SUSPEND_AND_DISABLE_INTR;
5389 				ath10k_wait_for_suspend(ar, opt);
5390 			}
5391 		}
5392 		ar->state = ATH10K_STATE_OFF;
5393 	}
5394 	mutex_unlock(&ar->conf_mutex);
5395 
5396 	cancel_work_sync(&ar->set_coverage_class_work);
5397 	cancel_delayed_work_sync(&ar->scan.timeout);
5398 	cancel_work_sync(&ar->restart_work);
5399 }
5400 
5401 static int ath10k_config_ps(struct ath10k *ar)
5402 {
5403 	struct ath10k_vif *arvif;
5404 	int ret = 0;
5405 
5406 	lockdep_assert_held(&ar->conf_mutex);
5407 
5408 	list_for_each_entry(arvif, &ar->arvifs, list) {
5409 		ret = ath10k_mac_vif_setup_ps(arvif);
5410 		if (ret) {
5411 			ath10k_warn(ar, "failed to setup powersave: %d\n", ret);
5412 			break;
5413 		}
5414 	}
5415 
5416 	return ret;
5417 }
5418 
5419 static int ath10k_config(struct ieee80211_hw *hw, u32 changed)
5420 {
5421 	struct ath10k *ar = hw->priv;
5422 	struct ieee80211_conf *conf = &hw->conf;
5423 	int ret = 0;
5424 
5425 	mutex_lock(&ar->conf_mutex);
5426 
5427 	if (changed & IEEE80211_CONF_CHANGE_PS)
5428 		ath10k_config_ps(ar);
5429 
5430 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
5431 		ar->monitor = conf->flags & IEEE80211_CONF_MONITOR;
5432 		ret = ath10k_monitor_recalc(ar);
5433 		if (ret)
5434 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5435 	}
5436 
5437 	mutex_unlock(&ar->conf_mutex);
5438 	return ret;
5439 }
5440 
5441 static u32 get_nss_from_chainmask(u16 chain_mask)
5442 {
5443 	if ((chain_mask & 0xf) == 0xf)
5444 		return 4;
5445 	else if ((chain_mask & 0x7) == 0x7)
5446 		return 3;
5447 	else if ((chain_mask & 0x3) == 0x3)
5448 		return 2;
5449 	return 1;
5450 }
5451 
5452 static int ath10k_mac_set_txbf_conf(struct ath10k_vif *arvif)
5453 {
5454 	u32 value = 0;
5455 	struct ath10k *ar = arvif->ar;
5456 	int nsts;
5457 	int sound_dim;
5458 
5459 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_BEFORE_ASSOC)
5460 		return 0;
5461 
5462 	nsts = ath10k_mac_get_vht_cap_bf_sts(ar);
5463 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
5464 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE))
5465 		value |= SM(nsts, WMI_TXBF_STS_CAP_OFFSET);
5466 
5467 	sound_dim = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
5468 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
5469 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE))
5470 		value |= SM(sound_dim, WMI_BF_SOUND_DIM_OFFSET);
5471 
5472 	if (!value)
5473 		return 0;
5474 
5475 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
5476 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
5477 
5478 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
5479 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFER |
5480 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFER);
5481 
5482 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
5483 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
5484 
5485 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
5486 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFEE |
5487 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFEE);
5488 
5489 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
5490 					 ar->wmi.vdev_param->txbf, value);
5491 }
5492 
5493 static void ath10k_update_vif_offload(struct ieee80211_hw *hw,
5494 				      struct ieee80211_vif *vif)
5495 {
5496 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5497 	struct ath10k *ar = hw->priv;
5498 	u32 vdev_param;
5499 	int ret;
5500 
5501 	if (ath10k_frame_mode != ATH10K_HW_TXRX_ETHERNET ||
5502 	    ar->wmi.vdev_param->tx_encap_type == WMI_VDEV_PARAM_UNSUPPORTED ||
5503 	     (vif->type != NL80211_IFTYPE_STATION &&
5504 	      vif->type != NL80211_IFTYPE_AP))
5505 		vif->offload_flags &= ~IEEE80211_OFFLOAD_ENCAP_ENABLED;
5506 
5507 	vdev_param = ar->wmi.vdev_param->tx_encap_type;
5508 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5509 					ATH10K_HW_TXRX_NATIVE_WIFI);
5510 	/* 10.X firmware does not support this VDEV parameter. Do not warn */
5511 	if (ret && ret != -EOPNOTSUPP) {
5512 		ath10k_warn(ar, "failed to set vdev %i TX encapsulation: %d\n",
5513 			    arvif->vdev_id, ret);
5514 	}
5515 }
5516 
5517 /*
5518  * TODO:
5519  * Figure out how to handle WMI_VDEV_SUBTYPE_P2P_DEVICE,
5520  * because we will send mgmt frames without CCK. This requirement
5521  * for P2P_FIND/GO_NEG should be handled by checking CCK flag
5522  * in the TX packet.
5523  */
5524 static int ath10k_add_interface(struct ieee80211_hw *hw,
5525 				struct ieee80211_vif *vif)
5526 {
5527 	struct ath10k *ar = hw->priv;
5528 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5529 	struct ath10k_peer *peer;
5530 	enum wmi_sta_powersave_param param;
5531 	int ret = 0;
5532 	u32 value;
5533 	int bit;
5534 	int i;
5535 	u32 vdev_param;
5536 
5537 	vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD;
5538 
5539 	mutex_lock(&ar->conf_mutex);
5540 
5541 	memset(arvif, 0, sizeof(*arvif));
5542 	ath10k_mac_txq_init(vif->txq);
5543 
5544 	arvif->ar = ar;
5545 	arvif->vif = vif;
5546 
5547 	INIT_LIST_HEAD(&arvif->list);
5548 	INIT_WORK(&arvif->ap_csa_work, ath10k_mac_vif_ap_csa_work);
5549 	INIT_DELAYED_WORK(&arvif->connection_loss_work,
5550 			  ath10k_mac_vif_sta_connection_loss_work);
5551 
5552 	for (i = 0; i < ARRAY_SIZE(arvif->bitrate_mask.control); i++) {
5553 		arvif->bitrate_mask.control[i].legacy = 0xffffffff;
5554 		memset(arvif->bitrate_mask.control[i].ht_mcs, 0xff,
5555 		       sizeof(arvif->bitrate_mask.control[i].ht_mcs));
5556 		memset(arvif->bitrate_mask.control[i].vht_mcs, 0xff,
5557 		       sizeof(arvif->bitrate_mask.control[i].vht_mcs));
5558 	}
5559 
5560 	if (ar->num_peers >= ar->max_num_peers) {
5561 		ath10k_warn(ar, "refusing vdev creation due to insufficient peer entry resources in firmware\n");
5562 		ret = -ENOBUFS;
5563 		goto err;
5564 	}
5565 
5566 	if (ar->free_vdev_map == 0) {
5567 		ath10k_warn(ar, "Free vdev map is empty, no more interfaces allowed.\n");
5568 		ret = -EBUSY;
5569 		goto err;
5570 	}
5571 	bit = __ffs64(ar->free_vdev_map);
5572 
5573 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac create vdev %i map %llx\n",
5574 		   bit, ar->free_vdev_map);
5575 
5576 	arvif->vdev_id = bit;
5577 	arvif->vdev_subtype =
5578 		ath10k_wmi_get_vdev_subtype(ar, WMI_VDEV_SUBTYPE_NONE);
5579 
5580 	switch (vif->type) {
5581 	case NL80211_IFTYPE_P2P_DEVICE:
5582 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5583 		arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5584 					(ar, WMI_VDEV_SUBTYPE_P2P_DEVICE);
5585 		break;
5586 	case NL80211_IFTYPE_UNSPECIFIED:
5587 	case NL80211_IFTYPE_STATION:
5588 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5589 		if (vif->p2p)
5590 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5591 					(ar, WMI_VDEV_SUBTYPE_P2P_CLIENT);
5592 		break;
5593 	case NL80211_IFTYPE_ADHOC:
5594 		arvif->vdev_type = WMI_VDEV_TYPE_IBSS;
5595 		break;
5596 	case NL80211_IFTYPE_MESH_POINT:
5597 		if (test_bit(WMI_SERVICE_MESH_11S, ar->wmi.svc_map)) {
5598 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5599 						(ar, WMI_VDEV_SUBTYPE_MESH_11S);
5600 		} else if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5601 			ret = -EINVAL;
5602 			ath10k_warn(ar, "must load driver with rawmode=1 to add mesh interfaces\n");
5603 			goto err;
5604 		}
5605 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5606 		break;
5607 	case NL80211_IFTYPE_AP:
5608 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5609 
5610 		if (vif->p2p)
5611 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5612 						(ar, WMI_VDEV_SUBTYPE_P2P_GO);
5613 		break;
5614 	case NL80211_IFTYPE_MONITOR:
5615 		arvif->vdev_type = WMI_VDEV_TYPE_MONITOR;
5616 		break;
5617 	default:
5618 		WARN_ON(1);
5619 		break;
5620 	}
5621 
5622 	/* Using vdev_id as queue number will make it very easy to do per-vif
5623 	 * tx queue locking. This shouldn't wrap due to interface combinations
5624 	 * but do a modulo for correctness sake and prevent using offchannel tx
5625 	 * queues for regular vif tx.
5626 	 */
5627 	vif->cab_queue = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5628 	for (i = 0; i < ARRAY_SIZE(vif->hw_queue); i++)
5629 		vif->hw_queue[i] = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5630 
5631 	/* Some firmware revisions don't wait for beacon tx completion before
5632 	 * sending another SWBA event. This could lead to hardware using old
5633 	 * (freed) beacon data in some cases, e.g. tx credit starvation
5634 	 * combined with missed TBTT. This is very rare.
5635 	 *
5636 	 * On non-IOMMU-enabled hosts this could be a possible security issue
5637 	 * because hw could beacon some random data on the air.  On
5638 	 * IOMMU-enabled hosts DMAR faults would occur in most cases and target
5639 	 * device would crash.
5640 	 *
5641 	 * Since there are no beacon tx completions (implicit nor explicit)
5642 	 * propagated to host the only workaround for this is to allocate a
5643 	 * DMA-coherent buffer for a lifetime of a vif and use it for all
5644 	 * beacon tx commands. Worst case for this approach is some beacons may
5645 	 * become corrupted, e.g. have garbled IEs or out-of-date TIM bitmap.
5646 	 */
5647 	if (vif->type == NL80211_IFTYPE_ADHOC ||
5648 	    vif->type == NL80211_IFTYPE_MESH_POINT ||
5649 	    vif->type == NL80211_IFTYPE_AP) {
5650 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL) {
5651 			arvif->beacon_buf = kmalloc(IEEE80211_MAX_FRAME_LEN,
5652 						    GFP_KERNEL);
5653 
5654 			/* Using a kernel pointer in place of a dma_addr_t
5655 			 * token can lead to undefined behavior if that
5656 			 * makes it into cache management functions. Use a
5657 			 * known-invalid address token instead, which
5658 			 * avoids the warning and makes it easier to catch
5659 			 * bugs if it does end up getting used.
5660 			 */
5661 			arvif->beacon_paddr = DMA_MAPPING_ERROR;
5662 		} else {
5663 			arvif->beacon_buf =
5664 				dma_alloc_coherent(ar->dev,
5665 						   IEEE80211_MAX_FRAME_LEN,
5666 						   &arvif->beacon_paddr,
5667 						   GFP_ATOMIC);
5668 		}
5669 		if (!arvif->beacon_buf) {
5670 			ret = -ENOMEM;
5671 			ath10k_warn(ar, "failed to allocate beacon buffer: %d\n",
5672 				    ret);
5673 			goto err;
5674 		}
5675 	}
5676 	if (test_bit(ATH10K_FLAG_HW_CRYPTO_DISABLED, &ar->dev_flags))
5677 		arvif->nohwcrypt = true;
5678 
5679 	if (arvif->nohwcrypt &&
5680 	    !test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5681 		ret = -EINVAL;
5682 		ath10k_warn(ar, "cryptmode module param needed for sw crypto\n");
5683 		goto err;
5684 	}
5685 
5686 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev create %d (add interface) type %d subtype %d bcnmode %s\n",
5687 		   arvif->vdev_id, arvif->vdev_type, arvif->vdev_subtype,
5688 		   arvif->beacon_buf ? "single-buf" : "per-skb");
5689 
5690 	ret = ath10k_wmi_vdev_create(ar, arvif->vdev_id, arvif->vdev_type,
5691 				     arvif->vdev_subtype, vif->addr);
5692 	if (ret) {
5693 		ath10k_warn(ar, "failed to create WMI vdev %i: %d\n",
5694 			    arvif->vdev_id, ret);
5695 		goto err;
5696 	}
5697 
5698 	if (test_bit(WMI_SERVICE_VDEV_DISABLE_4_ADDR_SRC_LRN_SUPPORT,
5699 		     ar->wmi.svc_map)) {
5700 		vdev_param = ar->wmi.vdev_param->disable_4addr_src_lrn;
5701 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5702 						WMI_VDEV_DISABLE_4_ADDR_SRC_LRN);
5703 		if (ret && ret != -EOPNOTSUPP) {
5704 			ath10k_warn(ar, "failed to disable 4addr src lrn vdev %i: %d\n",
5705 				    arvif->vdev_id, ret);
5706 		}
5707 	}
5708 
5709 	ar->free_vdev_map &= ~(1LL << arvif->vdev_id);
5710 	spin_lock_bh(&ar->data_lock);
5711 	list_add(&arvif->list, &ar->arvifs);
5712 	spin_unlock_bh(&ar->data_lock);
5713 
5714 	/* It makes no sense to have firmware do keepalives. mac80211 already
5715 	 * takes care of this with idle connection polling.
5716 	 */
5717 	ret = ath10k_mac_vif_disable_keepalive(arvif);
5718 	if (ret) {
5719 		ath10k_warn(ar, "failed to disable keepalive on vdev %i: %d\n",
5720 			    arvif->vdev_id, ret);
5721 		goto err_vdev_delete;
5722 	}
5723 
5724 	arvif->def_wep_key_idx = -1;
5725 
5726 	ath10k_update_vif_offload(hw, vif);
5727 
5728 	/* Configuring number of spatial stream for monitor interface is causing
5729 	 * target assert in qca9888 and qca6174.
5730 	 */
5731 	if (ar->cfg_tx_chainmask && (vif->type != NL80211_IFTYPE_MONITOR)) {
5732 		u16 nss = get_nss_from_chainmask(ar->cfg_tx_chainmask);
5733 
5734 		vdev_param = ar->wmi.vdev_param->nss;
5735 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5736 						nss);
5737 		if (ret) {
5738 			ath10k_warn(ar, "failed to set vdev %i chainmask 0x%x, nss %i: %d\n",
5739 				    arvif->vdev_id, ar->cfg_tx_chainmask, nss,
5740 				    ret);
5741 			goto err_vdev_delete;
5742 		}
5743 	}
5744 
5745 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5746 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5747 		ret = ath10k_peer_create(ar, vif, NULL, arvif->vdev_id,
5748 					 vif->addr, WMI_PEER_TYPE_DEFAULT);
5749 		if (ret) {
5750 			ath10k_warn(ar, "failed to create vdev %i peer for AP/IBSS: %d\n",
5751 				    arvif->vdev_id, ret);
5752 			goto err_vdev_delete;
5753 		}
5754 
5755 		spin_lock_bh(&ar->data_lock);
5756 
5757 		peer = ath10k_peer_find(ar, arvif->vdev_id, vif->addr);
5758 		if (!peer) {
5759 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
5760 				    vif->addr, arvif->vdev_id);
5761 			spin_unlock_bh(&ar->data_lock);
5762 			ret = -ENOENT;
5763 			goto err_peer_delete;
5764 		}
5765 
5766 		arvif->peer_id = find_first_bit(peer->peer_ids,
5767 						ATH10K_MAX_NUM_PEER_IDS);
5768 
5769 		spin_unlock_bh(&ar->data_lock);
5770 	} else {
5771 		arvif->peer_id = HTT_INVALID_PEERID;
5772 	}
5773 
5774 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
5775 		ret = ath10k_mac_set_kickout(arvif);
5776 		if (ret) {
5777 			ath10k_warn(ar, "failed to set vdev %i kickout parameters: %d\n",
5778 				    arvif->vdev_id, ret);
5779 			goto err_peer_delete;
5780 		}
5781 	}
5782 
5783 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
5784 		param = WMI_STA_PS_PARAM_RX_WAKE_POLICY;
5785 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
5786 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5787 						  param, value);
5788 		if (ret) {
5789 			ath10k_warn(ar, "failed to set vdev %i RX wake policy: %d\n",
5790 				    arvif->vdev_id, ret);
5791 			goto err_peer_delete;
5792 		}
5793 
5794 		ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
5795 		if (ret) {
5796 			ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
5797 				    arvif->vdev_id, ret);
5798 			goto err_peer_delete;
5799 		}
5800 
5801 		ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
5802 		if (ret) {
5803 			ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
5804 				    arvif->vdev_id, ret);
5805 			goto err_peer_delete;
5806 		}
5807 	}
5808 
5809 	ret = ath10k_mac_set_txbf_conf(arvif);
5810 	if (ret) {
5811 		ath10k_warn(ar, "failed to set txbf for vdev %d: %d\n",
5812 			    arvif->vdev_id, ret);
5813 		goto err_peer_delete;
5814 	}
5815 
5816 	ret = ath10k_mac_set_rts(arvif, ar->hw->wiphy->rts_threshold);
5817 	if (ret) {
5818 		ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
5819 			    arvif->vdev_id, ret);
5820 		goto err_peer_delete;
5821 	}
5822 
5823 	arvif->txpower = vif->bss_conf.txpower;
5824 	ret = ath10k_mac_txpower_recalc(ar);
5825 	if (ret) {
5826 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
5827 		goto err_peer_delete;
5828 	}
5829 
5830 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
5831 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
5832 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5833 						arvif->ftm_responder);
5834 
5835 		/* It is harmless to not set FTM role. Do not warn */
5836 		if (ret && ret != -EOPNOTSUPP)
5837 			ath10k_warn(ar, "failed to set vdev %i FTM Responder: %d\n",
5838 				    arvif->vdev_id, ret);
5839 	}
5840 
5841 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5842 		ar->monitor_arvif = arvif;
5843 		ret = ath10k_monitor_recalc(ar);
5844 		if (ret) {
5845 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5846 			goto err_peer_delete;
5847 		}
5848 	}
5849 
5850 	spin_lock_bh(&ar->htt.tx_lock);
5851 	if (!ar->tx_paused)
5852 		ieee80211_wake_queue(ar->hw, arvif->vdev_id);
5853 	spin_unlock_bh(&ar->htt.tx_lock);
5854 
5855 	mutex_unlock(&ar->conf_mutex);
5856 	return 0;
5857 
5858 err_peer_delete:
5859 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5860 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5861 		ath10k_wmi_peer_delete(ar, arvif->vdev_id, vif->addr);
5862 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5863 						 vif->addr);
5864 	}
5865 
5866 err_vdev_delete:
5867 	ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5868 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5869 	spin_lock_bh(&ar->data_lock);
5870 	list_del(&arvif->list);
5871 	spin_unlock_bh(&ar->data_lock);
5872 
5873 err:
5874 	if (arvif->beacon_buf) {
5875 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
5876 			kfree(arvif->beacon_buf);
5877 		else
5878 			dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
5879 					  arvif->beacon_buf,
5880 					  arvif->beacon_paddr);
5881 		arvif->beacon_buf = NULL;
5882 	}
5883 
5884 	mutex_unlock(&ar->conf_mutex);
5885 
5886 	return ret;
5887 }
5888 
5889 static void ath10k_mac_vif_tx_unlock_all(struct ath10k_vif *arvif)
5890 {
5891 	int i;
5892 
5893 	for (i = 0; i < BITS_PER_LONG; i++)
5894 		ath10k_mac_vif_tx_unlock(arvif, i);
5895 }
5896 
5897 static void ath10k_remove_interface(struct ieee80211_hw *hw,
5898 				    struct ieee80211_vif *vif)
5899 {
5900 	struct ath10k *ar = hw->priv;
5901 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5902 	struct ath10k_peer *peer;
5903 	unsigned long time_left;
5904 	int ret;
5905 	int i;
5906 
5907 	cancel_work_sync(&arvif->ap_csa_work);
5908 	cancel_delayed_work_sync(&arvif->connection_loss_work);
5909 
5910 	mutex_lock(&ar->conf_mutex);
5911 
5912 	ret = ath10k_spectral_vif_stop(arvif);
5913 	if (ret)
5914 		ath10k_warn(ar, "failed to stop spectral for vdev %i: %d\n",
5915 			    arvif->vdev_id, ret);
5916 
5917 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5918 	spin_lock_bh(&ar->data_lock);
5919 	list_del(&arvif->list);
5920 	spin_unlock_bh(&ar->data_lock);
5921 
5922 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5923 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5924 		ret = ath10k_wmi_peer_delete(arvif->ar, arvif->vdev_id,
5925 					     vif->addr);
5926 		if (ret)
5927 			ath10k_warn(ar, "failed to submit AP/IBSS self-peer removal on vdev %i: %d\n",
5928 				    arvif->vdev_id, ret);
5929 
5930 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5931 						 vif->addr);
5932 		kfree(arvif->u.ap.noa_data);
5933 	}
5934 
5935 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i delete (remove interface)\n",
5936 		   arvif->vdev_id);
5937 
5938 	ret = ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5939 	if (ret)
5940 		ath10k_warn(ar, "failed to delete WMI vdev %i: %d\n",
5941 			    arvif->vdev_id, ret);
5942 
5943 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
5944 		time_left = wait_for_completion_timeout(&ar->vdev_delete_done,
5945 							ATH10K_VDEV_DELETE_TIMEOUT_HZ);
5946 		if (time_left == 0) {
5947 			ath10k_warn(ar, "Timeout in receiving vdev delete response\n");
5948 			goto out;
5949 		}
5950 	}
5951 
5952 	/* Some firmware revisions don't notify host about self-peer removal
5953 	 * until after associated vdev is deleted.
5954 	 */
5955 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5956 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5957 		ret = ath10k_wait_for_peer_deleted(ar, arvif->vdev_id,
5958 						   vif->addr);
5959 		if (ret)
5960 			ath10k_warn(ar, "failed to remove AP self-peer on vdev %i: %d\n",
5961 				    arvif->vdev_id, ret);
5962 
5963 		spin_lock_bh(&ar->data_lock);
5964 		ar->num_peers--;
5965 		spin_unlock_bh(&ar->data_lock);
5966 	}
5967 
5968 	spin_lock_bh(&ar->data_lock);
5969 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
5970 		peer = ar->peer_map[i];
5971 		if (!peer)
5972 			continue;
5973 
5974 		if (peer->vif == vif) {
5975 			ath10k_warn(ar, "found vif peer %pM entry on vdev %i after it was supposedly removed\n",
5976 				    vif->addr, arvif->vdev_id);
5977 			peer->vif = NULL;
5978 		}
5979 	}
5980 
5981 	/* Clean this up late, less opportunity for firmware to access
5982 	 * DMA memory we have deleted.
5983 	 */
5984 	ath10k_mac_vif_beacon_cleanup(arvif);
5985 	spin_unlock_bh(&ar->data_lock);
5986 
5987 	ath10k_peer_cleanup(ar, arvif->vdev_id);
5988 	ath10k_mac_txq_unref(ar, vif->txq);
5989 
5990 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5991 		ar->monitor_arvif = NULL;
5992 		ret = ath10k_monitor_recalc(ar);
5993 		if (ret)
5994 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5995 	}
5996 
5997 	ret = ath10k_mac_txpower_recalc(ar);
5998 	if (ret)
5999 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
6000 
6001 	spin_lock_bh(&ar->htt.tx_lock);
6002 	ath10k_mac_vif_tx_unlock_all(arvif);
6003 	spin_unlock_bh(&ar->htt.tx_lock);
6004 
6005 	ath10k_mac_txq_unref(ar, vif->txq);
6006 
6007 out:
6008 	mutex_unlock(&ar->conf_mutex);
6009 }
6010 
6011 /*
6012  * FIXME: Has to be verified.
6013  */
6014 #define SUPPORTED_FILTERS			\
6015 	(FIF_ALLMULTI |				\
6016 	FIF_CONTROL |				\
6017 	FIF_PSPOLL |				\
6018 	FIF_OTHER_BSS |				\
6019 	FIF_BCN_PRBRESP_PROMISC |		\
6020 	FIF_PROBE_REQ |				\
6021 	FIF_FCSFAIL)
6022 
6023 static void ath10k_configure_filter(struct ieee80211_hw *hw,
6024 				    unsigned int changed_flags,
6025 				    unsigned int *total_flags,
6026 				    u64 multicast)
6027 {
6028 	struct ath10k *ar = hw->priv;
6029 	int ret;
6030 
6031 	mutex_lock(&ar->conf_mutex);
6032 
6033 	changed_flags &= SUPPORTED_FILTERS;
6034 	*total_flags &= SUPPORTED_FILTERS;
6035 	ar->filter_flags = *total_flags;
6036 
6037 	ret = ath10k_monitor_recalc(ar);
6038 	if (ret)
6039 		ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
6040 
6041 	mutex_unlock(&ar->conf_mutex);
6042 }
6043 
6044 static void ath10k_recalculate_mgmt_rate(struct ath10k *ar,
6045 					 struct ieee80211_vif *vif,
6046 					 struct cfg80211_chan_def *def)
6047 {
6048 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6049 	const struct ieee80211_supported_band *sband;
6050 	u8 basic_rate_idx;
6051 	int hw_rate_code;
6052 	u32 vdev_param;
6053 	u16 bitrate;
6054 	int ret;
6055 
6056 	lockdep_assert_held(&ar->conf_mutex);
6057 
6058 	sband = ar->hw->wiphy->bands[def->chan->band];
6059 	basic_rate_idx = ffs(vif->bss_conf.basic_rates) - 1;
6060 	bitrate = sband->bitrates[basic_rate_idx].bitrate;
6061 
6062 	hw_rate_code = ath10k_mac_get_rate_hw_value(bitrate);
6063 	if (hw_rate_code < 0) {
6064 		ath10k_warn(ar, "bitrate not supported %d\n", bitrate);
6065 		return;
6066 	}
6067 
6068 	vdev_param = ar->wmi.vdev_param->mgmt_rate;
6069 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6070 					hw_rate_code);
6071 	if (ret)
6072 		ath10k_warn(ar, "failed to set mgmt tx rate %d\n", ret);
6073 }
6074 
6075 static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
6076 				    struct ieee80211_vif *vif,
6077 				    struct ieee80211_bss_conf *info,
6078 				    u64 changed)
6079 {
6080 	struct ath10k *ar = hw->priv;
6081 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6082 	struct cfg80211_chan_def def;
6083 	u32 vdev_param, pdev_param, slottime, preamble;
6084 	u16 bitrate, hw_value;
6085 	u8 rate, rateidx;
6086 	int ret = 0, mcast_rate;
6087 	enum nl80211_band band;
6088 
6089 	mutex_lock(&ar->conf_mutex);
6090 
6091 	if (changed & BSS_CHANGED_IBSS)
6092 		ath10k_control_ibss(arvif, vif);
6093 
6094 	if (changed & BSS_CHANGED_BEACON_INT) {
6095 		arvif->beacon_interval = info->beacon_int;
6096 		vdev_param = ar->wmi.vdev_param->beacon_interval;
6097 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6098 						arvif->beacon_interval);
6099 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6100 			   "mac vdev %d beacon_interval %d\n",
6101 			   arvif->vdev_id, arvif->beacon_interval);
6102 
6103 		if (ret)
6104 			ath10k_warn(ar, "failed to set beacon interval for vdev %d: %i\n",
6105 				    arvif->vdev_id, ret);
6106 	}
6107 
6108 	if (changed & BSS_CHANGED_BEACON) {
6109 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6110 			   "vdev %d set beacon tx mode to staggered\n",
6111 			   arvif->vdev_id);
6112 
6113 		pdev_param = ar->wmi.pdev_param->beacon_tx_mode;
6114 		ret = ath10k_wmi_pdev_set_param(ar, pdev_param,
6115 						WMI_BEACON_STAGGERED_MODE);
6116 		if (ret)
6117 			ath10k_warn(ar, "failed to set beacon mode for vdev %d: %i\n",
6118 				    arvif->vdev_id, ret);
6119 
6120 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
6121 		if (ret)
6122 			ath10k_warn(ar, "failed to update beacon template: %d\n",
6123 				    ret);
6124 
6125 		if (ieee80211_vif_is_mesh(vif)) {
6126 			/* mesh doesn't use SSID but firmware needs it */
6127 			strncpy(arvif->u.ap.ssid, "mesh",
6128 				sizeof(arvif->u.ap.ssid));
6129 			arvif->u.ap.ssid_len = 4;
6130 		}
6131 	}
6132 
6133 	if (changed & BSS_CHANGED_AP_PROBE_RESP) {
6134 		ret = ath10k_mac_setup_prb_tmpl(arvif);
6135 		if (ret)
6136 			ath10k_warn(ar, "failed to setup probe resp template on vdev %i: %d\n",
6137 				    arvif->vdev_id, ret);
6138 	}
6139 
6140 	if (changed & (BSS_CHANGED_BEACON_INFO | BSS_CHANGED_BEACON)) {
6141 		arvif->dtim_period = info->dtim_period;
6142 
6143 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6144 			   "mac vdev %d dtim_period %d\n",
6145 			   arvif->vdev_id, arvif->dtim_period);
6146 
6147 		vdev_param = ar->wmi.vdev_param->dtim_period;
6148 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6149 						arvif->dtim_period);
6150 		if (ret)
6151 			ath10k_warn(ar, "failed to set dtim period for vdev %d: %i\n",
6152 				    arvif->vdev_id, ret);
6153 	}
6154 
6155 	if (changed & BSS_CHANGED_SSID &&
6156 	    vif->type == NL80211_IFTYPE_AP) {
6157 		arvif->u.ap.ssid_len = vif->cfg.ssid_len;
6158 		if (vif->cfg.ssid_len)
6159 			memcpy(arvif->u.ap.ssid, vif->cfg.ssid,
6160 			       vif->cfg.ssid_len);
6161 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
6162 	}
6163 
6164 	if (changed & BSS_CHANGED_BSSID && !is_zero_ether_addr(info->bssid))
6165 		ether_addr_copy(arvif->bssid, info->bssid);
6166 
6167 	if (changed & BSS_CHANGED_FTM_RESPONDER &&
6168 	    arvif->ftm_responder != info->ftm_responder &&
6169 	    test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
6170 		arvif->ftm_responder = info->ftm_responder;
6171 
6172 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
6173 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6174 						arvif->ftm_responder);
6175 
6176 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6177 			   "mac vdev %d ftm_responder %d:ret %d\n",
6178 			   arvif->vdev_id, arvif->ftm_responder, ret);
6179 	}
6180 
6181 	if (changed & BSS_CHANGED_BEACON_ENABLED)
6182 		ath10k_control_beaconing(arvif, info);
6183 
6184 	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
6185 		arvif->use_cts_prot = info->use_cts_prot;
6186 
6187 		ret = ath10k_recalc_rtscts_prot(arvif);
6188 		if (ret)
6189 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
6190 				    arvif->vdev_id, ret);
6191 
6192 		if (ath10k_mac_can_set_cts_prot(arvif)) {
6193 			ret = ath10k_mac_set_cts_prot(arvif);
6194 			if (ret)
6195 				ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
6196 					    arvif->vdev_id, ret);
6197 		}
6198 	}
6199 
6200 	if (changed & BSS_CHANGED_ERP_SLOT) {
6201 		if (info->use_short_slot)
6202 			slottime = WMI_VDEV_SLOT_TIME_SHORT; /* 9us */
6203 
6204 		else
6205 			slottime = WMI_VDEV_SLOT_TIME_LONG; /* 20us */
6206 
6207 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d slot_time %d\n",
6208 			   arvif->vdev_id, slottime);
6209 
6210 		vdev_param = ar->wmi.vdev_param->slot_time;
6211 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6212 						slottime);
6213 		if (ret)
6214 			ath10k_warn(ar, "failed to set erp slot for vdev %d: %i\n",
6215 				    arvif->vdev_id, ret);
6216 	}
6217 
6218 	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
6219 		if (info->use_short_preamble)
6220 			preamble = WMI_VDEV_PREAMBLE_SHORT;
6221 		else
6222 			preamble = WMI_VDEV_PREAMBLE_LONG;
6223 
6224 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6225 			   "mac vdev %d preamble %dn",
6226 			   arvif->vdev_id, preamble);
6227 
6228 		vdev_param = ar->wmi.vdev_param->preamble;
6229 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6230 						preamble);
6231 		if (ret)
6232 			ath10k_warn(ar, "failed to set preamble for vdev %d: %i\n",
6233 				    arvif->vdev_id, ret);
6234 	}
6235 
6236 	if (changed & BSS_CHANGED_ASSOC) {
6237 		if (vif->cfg.assoc) {
6238 			/* Workaround: Make sure monitor vdev is not running
6239 			 * when associating to prevent some firmware revisions
6240 			 * (e.g. 10.1 and 10.2) from crashing.
6241 			 */
6242 			if (ar->monitor_started)
6243 				ath10k_monitor_stop(ar);
6244 			ath10k_bss_assoc(hw, vif, info);
6245 			ath10k_monitor_recalc(ar);
6246 		} else {
6247 			ath10k_bss_disassoc(hw, vif);
6248 		}
6249 	}
6250 
6251 	if (changed & BSS_CHANGED_TXPOWER) {
6252 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev_id %i txpower %d\n",
6253 			   arvif->vdev_id, info->txpower);
6254 
6255 		arvif->txpower = info->txpower;
6256 		ret = ath10k_mac_txpower_recalc(ar);
6257 		if (ret)
6258 			ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
6259 	}
6260 
6261 	if (changed & BSS_CHANGED_PS) {
6262 		arvif->ps = vif->cfg.ps;
6263 
6264 		ret = ath10k_config_ps(ar);
6265 		if (ret)
6266 			ath10k_warn(ar, "failed to setup ps on vdev %i: %d\n",
6267 				    arvif->vdev_id, ret);
6268 	}
6269 
6270 	if (changed & BSS_CHANGED_MCAST_RATE &&
6271 	    !ath10k_mac_vif_chan(arvif->vif, &def)) {
6272 		band = def.chan->band;
6273 		mcast_rate = vif->bss_conf.mcast_rate[band];
6274 		if (mcast_rate > 0)
6275 			rateidx = mcast_rate - 1;
6276 		else
6277 			rateidx = ffs(vif->bss_conf.basic_rates) - 1;
6278 
6279 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6280 			rateidx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6281 
6282 		bitrate = ath10k_wmi_legacy_rates[rateidx].bitrate;
6283 		hw_value = ath10k_wmi_legacy_rates[rateidx].hw_value;
6284 		if (ath10k_mac_bitrate_is_cck(bitrate))
6285 			preamble = WMI_RATE_PREAMBLE_CCK;
6286 		else
6287 			preamble = WMI_RATE_PREAMBLE_OFDM;
6288 
6289 		rate = ATH10K_HW_RATECODE(hw_value, 0, preamble);
6290 
6291 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6292 			   "mac vdev %d mcast_rate %x\n",
6293 			   arvif->vdev_id, rate);
6294 
6295 		vdev_param = ar->wmi.vdev_param->mcast_data_rate;
6296 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6297 						vdev_param, rate);
6298 		if (ret)
6299 			ath10k_warn(ar,
6300 				    "failed to set mcast rate on vdev %i: %d\n",
6301 				    arvif->vdev_id,  ret);
6302 
6303 		vdev_param = ar->wmi.vdev_param->bcast_data_rate;
6304 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6305 						vdev_param, rate);
6306 		if (ret)
6307 			ath10k_warn(ar,
6308 				    "failed to set bcast rate on vdev %i: %d\n",
6309 				    arvif->vdev_id,  ret);
6310 	}
6311 
6312 	if (changed & BSS_CHANGED_BASIC_RATES &&
6313 	    !ath10k_mac_vif_chan(arvif->vif, &def))
6314 		ath10k_recalculate_mgmt_rate(ar, vif, &def);
6315 
6316 	mutex_unlock(&ar->conf_mutex);
6317 }
6318 
6319 static void ath10k_mac_op_set_coverage_class(struct ieee80211_hw *hw, s16 value)
6320 {
6321 	struct ath10k *ar = hw->priv;
6322 
6323 	/* This function should never be called if setting the coverage class
6324 	 * is not supported on this hardware.
6325 	 */
6326 	if (!ar->hw_params.hw_ops->set_coverage_class) {
6327 		WARN_ON_ONCE(1);
6328 		return;
6329 	}
6330 	ar->hw_params.hw_ops->set_coverage_class(ar, value);
6331 }
6332 
6333 struct ath10k_mac_tdls_iter_data {
6334 	u32 num_tdls_stations;
6335 	struct ieee80211_vif *curr_vif;
6336 };
6337 
6338 static void ath10k_mac_tdls_vif_stations_count_iter(void *data,
6339 						    struct ieee80211_sta *sta)
6340 {
6341 	struct ath10k_mac_tdls_iter_data *iter_data = data;
6342 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
6343 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
6344 
6345 	if (sta->tdls && sta_vif == iter_data->curr_vif)
6346 		iter_data->num_tdls_stations++;
6347 }
6348 
6349 static int ath10k_mac_tdls_vif_stations_count(struct ieee80211_hw *hw,
6350 					      struct ieee80211_vif *vif)
6351 {
6352 	struct ath10k_mac_tdls_iter_data data = {};
6353 
6354 	data.curr_vif = vif;
6355 
6356 	ieee80211_iterate_stations_atomic(hw,
6357 					  ath10k_mac_tdls_vif_stations_count_iter,
6358 					  &data);
6359 	return data.num_tdls_stations;
6360 }
6361 
6362 static int ath10k_hw_scan(struct ieee80211_hw *hw,
6363 			  struct ieee80211_vif *vif,
6364 			  struct ieee80211_scan_request *hw_req)
6365 {
6366 	struct ath10k *ar = hw->priv;
6367 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6368 	struct cfg80211_scan_request *req = &hw_req->req;
6369 	struct wmi_start_scan_arg arg;
6370 	int ret = 0;
6371 	int i;
6372 	u32 scan_timeout;
6373 
6374 	mutex_lock(&ar->conf_mutex);
6375 
6376 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
6377 		ret = -EBUSY;
6378 		goto exit;
6379 	}
6380 
6381 	spin_lock_bh(&ar->data_lock);
6382 	switch (ar->scan.state) {
6383 	case ATH10K_SCAN_IDLE:
6384 		reinit_completion(&ar->scan.started);
6385 		reinit_completion(&ar->scan.completed);
6386 		ar->scan.state = ATH10K_SCAN_STARTING;
6387 		ar->scan.is_roc = false;
6388 		ar->scan.vdev_id = arvif->vdev_id;
6389 		ret = 0;
6390 		break;
6391 	case ATH10K_SCAN_STARTING:
6392 	case ATH10K_SCAN_RUNNING:
6393 	case ATH10K_SCAN_ABORTING:
6394 		ret = -EBUSY;
6395 		break;
6396 	}
6397 	spin_unlock_bh(&ar->data_lock);
6398 
6399 	if (ret)
6400 		goto exit;
6401 
6402 	memset(&arg, 0, sizeof(arg));
6403 	ath10k_wmi_start_scan_init(ar, &arg);
6404 	arg.vdev_id = arvif->vdev_id;
6405 	arg.scan_id = ATH10K_SCAN_ID;
6406 
6407 	if (req->ie_len) {
6408 		arg.ie_len = req->ie_len;
6409 		memcpy(arg.ie, req->ie, arg.ie_len);
6410 	}
6411 
6412 	if (req->n_ssids) {
6413 		arg.n_ssids = req->n_ssids;
6414 		for (i = 0; i < arg.n_ssids; i++) {
6415 			arg.ssids[i].len  = req->ssids[i].ssid_len;
6416 			arg.ssids[i].ssid = req->ssids[i].ssid;
6417 		}
6418 	} else {
6419 		arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
6420 	}
6421 
6422 	if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
6423 		arg.scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOFED_MAC_IN_PROBE_REQ;
6424 		ether_addr_copy(arg.mac_addr.addr, req->mac_addr);
6425 		ether_addr_copy(arg.mac_mask.addr, req->mac_addr_mask);
6426 	}
6427 
6428 	if (req->n_channels) {
6429 		arg.n_channels = req->n_channels;
6430 		for (i = 0; i < arg.n_channels; i++)
6431 			arg.channels[i] = req->channels[i]->center_freq;
6432 	}
6433 
6434 	/* if duration is set, default dwell times will be overwritten */
6435 	if (req->duration) {
6436 		arg.dwell_time_active = req->duration;
6437 		arg.dwell_time_passive = req->duration;
6438 		arg.burst_duration_ms = req->duration;
6439 
6440 		scan_timeout = min_t(u32, arg.max_rest_time *
6441 				(arg.n_channels - 1) + (req->duration +
6442 				ATH10K_SCAN_CHANNEL_SWITCH_WMI_EVT_OVERHEAD) *
6443 				arg.n_channels, arg.max_scan_time);
6444 	} else {
6445 		scan_timeout = arg.max_scan_time;
6446 	}
6447 
6448 	/* Add a 200ms margin to account for event/command processing */
6449 	scan_timeout += 200;
6450 
6451 	ret = ath10k_start_scan(ar, &arg);
6452 	if (ret) {
6453 		ath10k_warn(ar, "failed to start hw scan: %d\n", ret);
6454 		spin_lock_bh(&ar->data_lock);
6455 		ar->scan.state = ATH10K_SCAN_IDLE;
6456 		spin_unlock_bh(&ar->data_lock);
6457 	}
6458 
6459 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
6460 				     msecs_to_jiffies(scan_timeout));
6461 
6462 exit:
6463 	mutex_unlock(&ar->conf_mutex);
6464 	return ret;
6465 }
6466 
6467 static void ath10k_cancel_hw_scan(struct ieee80211_hw *hw,
6468 				  struct ieee80211_vif *vif)
6469 {
6470 	struct ath10k *ar = hw->priv;
6471 
6472 	mutex_lock(&ar->conf_mutex);
6473 	ath10k_scan_abort(ar);
6474 	mutex_unlock(&ar->conf_mutex);
6475 
6476 	cancel_delayed_work_sync(&ar->scan.timeout);
6477 }
6478 
6479 static void ath10k_set_key_h_def_keyidx(struct ath10k *ar,
6480 					struct ath10k_vif *arvif,
6481 					enum set_key_cmd cmd,
6482 					struct ieee80211_key_conf *key)
6483 {
6484 	u32 vdev_param = arvif->ar->wmi.vdev_param->def_keyid;
6485 	int ret;
6486 
6487 	/* 10.1 firmware branch requires default key index to be set to group
6488 	 * key index after installing it. Otherwise FW/HW Txes corrupted
6489 	 * frames with multi-vif APs. This is not required for main firmware
6490 	 * branch (e.g. 636).
6491 	 *
6492 	 * This is also needed for 636 fw for IBSS-RSN to work more reliably.
6493 	 *
6494 	 * FIXME: It remains unknown if this is required for multi-vif STA
6495 	 * interfaces on 10.1.
6496 	 */
6497 
6498 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
6499 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
6500 		return;
6501 
6502 	if (key->cipher == WLAN_CIPHER_SUITE_WEP40)
6503 		return;
6504 
6505 	if (key->cipher == WLAN_CIPHER_SUITE_WEP104)
6506 		return;
6507 
6508 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6509 		return;
6510 
6511 	if (cmd != SET_KEY)
6512 		return;
6513 
6514 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6515 					key->keyidx);
6516 	if (ret)
6517 		ath10k_warn(ar, "failed to set vdev %i group key as default key: %d\n",
6518 			    arvif->vdev_id, ret);
6519 }
6520 
6521 static int ath10k_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
6522 			  struct ieee80211_vif *vif, struct ieee80211_sta *sta,
6523 			  struct ieee80211_key_conf *key)
6524 {
6525 	struct ath10k *ar = hw->priv;
6526 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6527 	struct ath10k_sta *arsta;
6528 	struct ath10k_peer *peer;
6529 	const u8 *peer_addr;
6530 	bool is_wep = key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
6531 		      key->cipher == WLAN_CIPHER_SUITE_WEP104;
6532 	int ret = 0;
6533 	int ret2;
6534 	u32 flags = 0;
6535 	u32 flags2;
6536 
6537 	/* this one needs to be done in software */
6538 	if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
6539 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
6540 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256 ||
6541 	    key->cipher == WLAN_CIPHER_SUITE_BIP_CMAC_256)
6542 		return 1;
6543 
6544 	if (arvif->nohwcrypt)
6545 		return 1;
6546 
6547 	if (key->keyidx > WMI_MAX_KEY_INDEX)
6548 		return -ENOSPC;
6549 
6550 	mutex_lock(&ar->conf_mutex);
6551 
6552 	if (sta) {
6553 		arsta = (struct ath10k_sta *)sta->drv_priv;
6554 		peer_addr = sta->addr;
6555 		spin_lock_bh(&ar->data_lock);
6556 		arsta->ucast_cipher = key->cipher;
6557 		spin_unlock_bh(&ar->data_lock);
6558 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
6559 		peer_addr = vif->bss_conf.bssid;
6560 	} else {
6561 		peer_addr = vif->addr;
6562 	}
6563 
6564 	key->hw_key_idx = key->keyidx;
6565 
6566 	if (is_wep) {
6567 		if (cmd == SET_KEY)
6568 			arvif->wep_keys[key->keyidx] = key;
6569 		else
6570 			arvif->wep_keys[key->keyidx] = NULL;
6571 	}
6572 
6573 	/* the peer should not disappear in mid-way (unless FW goes awry) since
6574 	 * we already hold conf_mutex. we just make sure its there now.
6575 	 */
6576 	spin_lock_bh(&ar->data_lock);
6577 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6578 	spin_unlock_bh(&ar->data_lock);
6579 
6580 	if (!peer) {
6581 		if (cmd == SET_KEY) {
6582 			ath10k_warn(ar, "failed to install key for non-existent peer %pM\n",
6583 				    peer_addr);
6584 			ret = -EOPNOTSUPP;
6585 			goto exit;
6586 		} else {
6587 			/* if the peer doesn't exist there is no key to disable anymore */
6588 			goto exit;
6589 		}
6590 	}
6591 
6592 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6593 		flags |= WMI_KEY_PAIRWISE;
6594 	else
6595 		flags |= WMI_KEY_GROUP;
6596 
6597 	if (is_wep) {
6598 		if (cmd == DISABLE_KEY)
6599 			ath10k_clear_vdev_key(arvif, key);
6600 
6601 		/* When WEP keys are uploaded it's possible that there are
6602 		 * stations associated already (e.g. when merging) without any
6603 		 * keys. Static WEP needs an explicit per-peer key upload.
6604 		 */
6605 		if (vif->type == NL80211_IFTYPE_ADHOC &&
6606 		    cmd == SET_KEY)
6607 			ath10k_mac_vif_update_wep_key(arvif, key);
6608 
6609 		/* 802.1x never sets the def_wep_key_idx so each set_key()
6610 		 * call changes default tx key.
6611 		 *
6612 		 * Static WEP sets def_wep_key_idx via .set_default_unicast_key
6613 		 * after first set_key().
6614 		 */
6615 		if (cmd == SET_KEY && arvif->def_wep_key_idx == -1)
6616 			flags |= WMI_KEY_TX_USAGE;
6617 	}
6618 
6619 	ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags);
6620 	if (ret) {
6621 		WARN_ON(ret > 0);
6622 		ath10k_warn(ar, "failed to install key for vdev %i peer %pM: %d\n",
6623 			    arvif->vdev_id, peer_addr, ret);
6624 		goto exit;
6625 	}
6626 
6627 	/* mac80211 sets static WEP keys as groupwise while firmware requires
6628 	 * them to be installed twice as both pairwise and groupwise.
6629 	 */
6630 	if (is_wep && !sta && vif->type == NL80211_IFTYPE_STATION) {
6631 		flags2 = flags;
6632 		flags2 &= ~WMI_KEY_GROUP;
6633 		flags2 |= WMI_KEY_PAIRWISE;
6634 
6635 		ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags2);
6636 		if (ret) {
6637 			WARN_ON(ret > 0);
6638 			ath10k_warn(ar, "failed to install (ucast) key for vdev %i peer %pM: %d\n",
6639 				    arvif->vdev_id, peer_addr, ret);
6640 			ret2 = ath10k_install_key(arvif, key, DISABLE_KEY,
6641 						  peer_addr, flags);
6642 			if (ret2) {
6643 				WARN_ON(ret2 > 0);
6644 				ath10k_warn(ar, "failed to disable (mcast) key for vdev %i peer %pM: %d\n",
6645 					    arvif->vdev_id, peer_addr, ret2);
6646 			}
6647 			goto exit;
6648 		}
6649 	}
6650 
6651 	ath10k_set_key_h_def_keyidx(ar, arvif, cmd, key);
6652 
6653 	spin_lock_bh(&ar->data_lock);
6654 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6655 	if (peer && cmd == SET_KEY)
6656 		peer->keys[key->keyidx] = key;
6657 	else if (peer && cmd == DISABLE_KEY)
6658 		peer->keys[key->keyidx] = NULL;
6659 	else if (peer == NULL)
6660 		/* impossible unless FW goes crazy */
6661 		ath10k_warn(ar, "Peer %pM disappeared!\n", peer_addr);
6662 	spin_unlock_bh(&ar->data_lock);
6663 
6664 	if (sta && sta->tdls)
6665 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6666 					  ar->wmi.peer_param->authorize, 1);
6667 	else if (sta && cmd == SET_KEY && (key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
6668 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, peer_addr,
6669 					  ar->wmi.peer_param->authorize, 1);
6670 
6671 exit:
6672 	mutex_unlock(&ar->conf_mutex);
6673 	return ret;
6674 }
6675 
6676 static void ath10k_set_default_unicast_key(struct ieee80211_hw *hw,
6677 					   struct ieee80211_vif *vif,
6678 					   int keyidx)
6679 {
6680 	struct ath10k *ar = hw->priv;
6681 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6682 	int ret;
6683 
6684 	mutex_lock(&arvif->ar->conf_mutex);
6685 
6686 	if (arvif->ar->state != ATH10K_STATE_ON)
6687 		goto unlock;
6688 
6689 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d set keyidx %d\n",
6690 		   arvif->vdev_id, keyidx);
6691 
6692 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
6693 					arvif->vdev_id,
6694 					arvif->ar->wmi.vdev_param->def_keyid,
6695 					keyidx);
6696 
6697 	if (ret) {
6698 		ath10k_warn(ar, "failed to update wep key index for vdev %d: %d\n",
6699 			    arvif->vdev_id,
6700 			    ret);
6701 		goto unlock;
6702 	}
6703 
6704 	arvif->def_wep_key_idx = keyidx;
6705 
6706 unlock:
6707 	mutex_unlock(&arvif->ar->conf_mutex);
6708 }
6709 
6710 static void ath10k_sta_rc_update_wk(struct work_struct *wk)
6711 {
6712 	struct ath10k *ar;
6713 	struct ath10k_vif *arvif;
6714 	struct ath10k_sta *arsta;
6715 	struct ieee80211_sta *sta;
6716 	struct cfg80211_chan_def def;
6717 	enum nl80211_band band;
6718 	const u8 *ht_mcs_mask;
6719 	const u16 *vht_mcs_mask;
6720 	u32 changed, bw, nss, smps;
6721 	int err;
6722 
6723 	arsta = container_of(wk, struct ath10k_sta, update_wk);
6724 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
6725 	arvif = arsta->arvif;
6726 	ar = arvif->ar;
6727 
6728 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
6729 		return;
6730 
6731 	band = def.chan->band;
6732 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
6733 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
6734 
6735 	spin_lock_bh(&ar->data_lock);
6736 
6737 	changed = arsta->changed;
6738 	arsta->changed = 0;
6739 
6740 	bw = arsta->bw;
6741 	nss = arsta->nss;
6742 	smps = arsta->smps;
6743 
6744 	spin_unlock_bh(&ar->data_lock);
6745 
6746 	mutex_lock(&ar->conf_mutex);
6747 
6748 	nss = max_t(u32, 1, nss);
6749 	nss = min(nss, max(ath10k_mac_max_ht_nss(ht_mcs_mask),
6750 			   ath10k_mac_max_vht_nss(vht_mcs_mask)));
6751 
6752 	if (changed & IEEE80211_RC_BW_CHANGED) {
6753 		enum wmi_phy_mode mode;
6754 
6755 		mode = chan_to_phymode(&def);
6756 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM peer bw %d phymode %d\n",
6757 			   sta->addr, bw, mode);
6758 
6759 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6760 						ar->wmi.peer_param->phymode, mode);
6761 		if (err) {
6762 			ath10k_warn(ar, "failed to update STA %pM peer phymode %d: %d\n",
6763 				    sta->addr, mode, err);
6764 			goto exit;
6765 		}
6766 
6767 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6768 						ar->wmi.peer_param->chan_width, bw);
6769 		if (err)
6770 			ath10k_warn(ar, "failed to update STA %pM peer bw %d: %d\n",
6771 				    sta->addr, bw, err);
6772 	}
6773 
6774 	if (changed & IEEE80211_RC_NSS_CHANGED) {
6775 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM nss %d\n",
6776 			   sta->addr, nss);
6777 
6778 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6779 						ar->wmi.peer_param->nss, nss);
6780 		if (err)
6781 			ath10k_warn(ar, "failed to update STA %pM nss %d: %d\n",
6782 				    sta->addr, nss, err);
6783 	}
6784 
6785 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
6786 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM smps %d\n",
6787 			   sta->addr, smps);
6788 
6789 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6790 						ar->wmi.peer_param->smps_state, smps);
6791 		if (err)
6792 			ath10k_warn(ar, "failed to update STA %pM smps %d: %d\n",
6793 				    sta->addr, smps, err);
6794 	}
6795 
6796 	if (changed & IEEE80211_RC_SUPP_RATES_CHANGED) {
6797 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM supp rates\n",
6798 			   sta->addr);
6799 
6800 		err = ath10k_station_assoc(ar, arvif->vif, sta, true);
6801 		if (err)
6802 			ath10k_warn(ar, "failed to reassociate station: %pM\n",
6803 				    sta->addr);
6804 	}
6805 
6806 exit:
6807 	mutex_unlock(&ar->conf_mutex);
6808 }
6809 
6810 static int ath10k_mac_inc_num_stations(struct ath10k_vif *arvif,
6811 				       struct ieee80211_sta *sta)
6812 {
6813 	struct ath10k *ar = arvif->ar;
6814 
6815 	lockdep_assert_held(&ar->conf_mutex);
6816 
6817 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6818 		return 0;
6819 
6820 	if (ar->num_stations >= ar->max_num_stations)
6821 		return -ENOBUFS;
6822 
6823 	ar->num_stations++;
6824 
6825 	return 0;
6826 }
6827 
6828 static void ath10k_mac_dec_num_stations(struct ath10k_vif *arvif,
6829 					struct ieee80211_sta *sta)
6830 {
6831 	struct ath10k *ar = arvif->ar;
6832 
6833 	lockdep_assert_held(&ar->conf_mutex);
6834 
6835 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6836 		return;
6837 
6838 	ar->num_stations--;
6839 }
6840 
6841 static int ath10k_sta_set_txpwr(struct ieee80211_hw *hw,
6842 				struct ieee80211_vif *vif,
6843 				struct ieee80211_sta *sta)
6844 {
6845 	struct ath10k *ar = hw->priv;
6846 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6847 	int ret = 0;
6848 	s16 txpwr;
6849 
6850 	if (sta->deflink.txpwr.type == NL80211_TX_POWER_AUTOMATIC) {
6851 		txpwr = 0;
6852 	} else {
6853 		txpwr = sta->deflink.txpwr.power;
6854 		if (!txpwr)
6855 			return -EINVAL;
6856 	}
6857 
6858 	if (txpwr > ATH10K_TX_POWER_MAX_VAL || txpwr < ATH10K_TX_POWER_MIN_VAL)
6859 		return -EINVAL;
6860 
6861 	mutex_lock(&ar->conf_mutex);
6862 
6863 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6864 					ar->wmi.peer_param->use_fixed_power, txpwr);
6865 	if (ret) {
6866 		ath10k_warn(ar, "failed to set tx power for station ret: %d\n",
6867 			    ret);
6868 		goto out;
6869 	}
6870 
6871 out:
6872 	mutex_unlock(&ar->conf_mutex);
6873 	return ret;
6874 }
6875 
6876 struct ath10k_mac_iter_tid_conf_data {
6877 	struct ieee80211_vif *curr_vif;
6878 	struct ath10k *ar;
6879 	bool reset_config;
6880 };
6881 
6882 static bool
6883 ath10k_mac_bitrate_mask_has_single_rate(struct ath10k *ar,
6884 					enum nl80211_band band,
6885 					const struct cfg80211_bitrate_mask *mask,
6886 					int *vht_num_rates)
6887 {
6888 	int num_rates = 0;
6889 	int i, tmp;
6890 
6891 	num_rates += hweight32(mask->control[band].legacy);
6892 
6893 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++)
6894 		num_rates += hweight8(mask->control[band].ht_mcs[i]);
6895 
6896 	*vht_num_rates = 0;
6897 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6898 		tmp = hweight16(mask->control[band].vht_mcs[i]);
6899 		num_rates += tmp;
6900 		*vht_num_rates += tmp;
6901 	}
6902 
6903 	return num_rates == 1;
6904 }
6905 
6906 static int
6907 ath10k_mac_bitrate_mask_get_single_rate(struct ath10k *ar,
6908 					enum nl80211_band band,
6909 					const struct cfg80211_bitrate_mask *mask,
6910 					u8 *rate, u8 *nss, bool vht_only)
6911 {
6912 	int rate_idx;
6913 	int i;
6914 	u16 bitrate;
6915 	u8 preamble;
6916 	u8 hw_rate;
6917 
6918 	if (vht_only)
6919 		goto next;
6920 
6921 	if (hweight32(mask->control[band].legacy) == 1) {
6922 		rate_idx = ffs(mask->control[band].legacy) - 1;
6923 
6924 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6925 			rate_idx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6926 
6927 		hw_rate = ath10k_wmi_legacy_rates[rate_idx].hw_value;
6928 		bitrate = ath10k_wmi_legacy_rates[rate_idx].bitrate;
6929 
6930 		if (ath10k_mac_bitrate_is_cck(bitrate))
6931 			preamble = WMI_RATE_PREAMBLE_CCK;
6932 		else
6933 			preamble = WMI_RATE_PREAMBLE_OFDM;
6934 
6935 		*nss = 1;
6936 		*rate = preamble << 6 |
6937 			(*nss - 1) << 4 |
6938 			hw_rate << 0;
6939 
6940 		return 0;
6941 	}
6942 
6943 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
6944 		if (hweight8(mask->control[band].ht_mcs[i]) == 1) {
6945 			*nss = i + 1;
6946 			*rate = WMI_RATE_PREAMBLE_HT << 6 |
6947 				(*nss - 1) << 4 |
6948 				(ffs(mask->control[band].ht_mcs[i]) - 1);
6949 
6950 			return 0;
6951 		}
6952 	}
6953 
6954 next:
6955 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6956 		if (hweight16(mask->control[band].vht_mcs[i]) == 1) {
6957 			*nss = i + 1;
6958 			*rate = WMI_RATE_PREAMBLE_VHT << 6 |
6959 				(*nss - 1) << 4 |
6960 				(ffs(mask->control[band].vht_mcs[i]) - 1);
6961 
6962 			return 0;
6963 		}
6964 	}
6965 
6966 	return -EINVAL;
6967 }
6968 
6969 static int ath10k_mac_validate_rate_mask(struct ath10k *ar,
6970 					 struct ieee80211_sta *sta,
6971 					 u32 rate_ctrl_flag, u8 nss)
6972 {
6973 	struct ieee80211_sta_ht_cap *ht_cap = &sta->deflink.ht_cap;
6974 	struct ieee80211_sta_vht_cap *vht_cap = &sta->deflink.vht_cap;
6975 
6976 	if (nss > sta->deflink.rx_nss) {
6977 		ath10k_warn(ar, "Invalid nss field, configured %u limit %u\n",
6978 			    nss, sta->deflink.rx_nss);
6979 		return -EINVAL;
6980 	}
6981 
6982 	if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_VHT) {
6983 		if (!vht_cap->vht_supported) {
6984 			ath10k_warn(ar, "Invalid VHT rate for sta %pM\n",
6985 				    sta->addr);
6986 			return -EINVAL;
6987 		}
6988 	} else if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_HT) {
6989 		if (!ht_cap->ht_supported || vht_cap->vht_supported) {
6990 			ath10k_warn(ar, "Invalid HT rate for sta %pM\n",
6991 				    sta->addr);
6992 			return -EINVAL;
6993 		}
6994 	} else {
6995 		if (ht_cap->ht_supported || vht_cap->vht_supported)
6996 			return -EINVAL;
6997 	}
6998 
6999 	return 0;
7000 }
7001 
7002 static int
7003 ath10k_mac_tid_bitrate_config(struct ath10k *ar,
7004 			      struct ieee80211_vif *vif,
7005 			      struct ieee80211_sta *sta,
7006 			      u32 *rate_ctrl_flag, u8 *rate_ctrl,
7007 			      enum nl80211_tx_rate_setting txrate_type,
7008 			      const struct cfg80211_bitrate_mask *mask)
7009 {
7010 	struct cfg80211_chan_def def;
7011 	enum nl80211_band band;
7012 	u8 nss, rate;
7013 	int vht_num_rates, ret;
7014 
7015 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
7016 		return -EINVAL;
7017 
7018 	if (txrate_type == NL80211_TX_RATE_AUTOMATIC) {
7019 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7020 		*rate_ctrl_flag = 0;
7021 		return 0;
7022 	}
7023 
7024 	band = def.chan->band;
7025 
7026 	if (!ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
7027 						     &vht_num_rates)) {
7028 		return -EINVAL;
7029 	}
7030 
7031 	ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
7032 						      &rate, &nss, false);
7033 	if (ret) {
7034 		ath10k_warn(ar, "failed to get single rate: %d\n",
7035 			    ret);
7036 		return ret;
7037 	}
7038 
7039 	*rate_ctrl_flag = rate;
7040 
7041 	if (sta && ath10k_mac_validate_rate_mask(ar, sta, *rate_ctrl_flag, nss))
7042 		return -EINVAL;
7043 
7044 	if (txrate_type == NL80211_TX_RATE_FIXED)
7045 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_FIXED_RATE;
7046 	else if (txrate_type == NL80211_TX_RATE_LIMITED &&
7047 		 (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
7048 			   ar->wmi.svc_map)))
7049 		*rate_ctrl = WMI_PEER_TID_CONFIG_RATE_UPPER_CAP;
7050 	else
7051 		return -EOPNOTSUPP;
7052 
7053 	return 0;
7054 }
7055 
7056 static int ath10k_mac_set_tid_config(struct ath10k *ar, struct ieee80211_sta *sta,
7057 				     struct ieee80211_vif *vif, u32 changed,
7058 				     struct wmi_per_peer_per_tid_cfg_arg *arg)
7059 {
7060 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7061 	struct ath10k_sta *arsta;
7062 	int ret;
7063 
7064 	if (sta) {
7065 		if (!sta->wme)
7066 			return -ENOTSUPP;
7067 
7068 		arsta = (struct ath10k_sta *)sta->drv_priv;
7069 
7070 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7071 			if ((arsta->retry_long[arg->tid] > 0 ||
7072 			     arsta->rate_code[arg->tid] > 0 ||
7073 			     arsta->ampdu[arg->tid] ==
7074 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
7075 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
7076 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
7077 				arg->ack_policy = 0;
7078 				arg->aggr_control = 0;
7079 				arg->rate_ctrl = 0;
7080 				arg->rcode_flags = 0;
7081 			}
7082 		}
7083 
7084 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7085 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
7086 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7087 				arg->aggr_control = 0;
7088 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
7089 			}
7090 		}
7091 
7092 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7093 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7094 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
7095 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7096 				arg->rate_ctrl = 0;
7097 				arg->rcode_flags = 0;
7098 			}
7099 		}
7100 
7101 		ether_addr_copy(arg->peer_macaddr.addr, sta->addr);
7102 
7103 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, arg);
7104 		if (ret)
7105 			return ret;
7106 
7107 		/* Store the configured parameters in success case */
7108 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7109 			arsta->noack[arg->tid] = arg->ack_policy;
7110 			arg->ack_policy = 0;
7111 			arg->aggr_control = 0;
7112 			arg->rate_ctrl = 0;
7113 			arg->rcode_flags = 0;
7114 		}
7115 
7116 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7117 			arsta->retry_long[arg->tid] = arg->retry_count;
7118 			arg->retry_count = 0;
7119 		}
7120 
7121 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7122 			arsta->ampdu[arg->tid] = arg->aggr_control;
7123 			arg->aggr_control = 0;
7124 		}
7125 
7126 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7127 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7128 			arsta->rate_ctrl[arg->tid] = arg->rate_ctrl;
7129 			arg->rate_ctrl = 0;
7130 			arg->rcode_flags = 0;
7131 		}
7132 
7133 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7134 			arsta->rtscts[arg->tid] = arg->rtscts_ctrl;
7135 			arg->ext_tid_cfg_bitmap = 0;
7136 		}
7137 	} else {
7138 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7139 			if ((arvif->retry_long[arg->tid] ||
7140 			     arvif->rate_code[arg->tid] ||
7141 			     arvif->ampdu[arg->tid] ==
7142 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
7143 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
7144 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
7145 			} else {
7146 				arvif->noack[arg->tid] = arg->ack_policy;
7147 				arvif->ampdu[arg->tid] = arg->aggr_control;
7148 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
7149 			}
7150 		}
7151 
7152 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7153 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
7154 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
7155 			else
7156 				arvif->retry_long[arg->tid] = arg->retry_count;
7157 		}
7158 
7159 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7160 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
7161 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL);
7162 			else
7163 				arvif->ampdu[arg->tid] = arg->aggr_control;
7164 		}
7165 
7166 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7167 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7168 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7169 				changed &= ~(BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7170 					     BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE));
7171 			} else {
7172 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
7173 				arvif->rate_code[arg->tid] = arg->rcode_flags;
7174 			}
7175 		}
7176 
7177 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7178 			arvif->rtscts[arg->tid] = arg->rtscts_ctrl;
7179 			arg->ext_tid_cfg_bitmap = 0;
7180 		}
7181 
7182 		if (changed)
7183 			arvif->tid_conf_changed[arg->tid] |= changed;
7184 	}
7185 
7186 	return 0;
7187 }
7188 
7189 static int
7190 ath10k_mac_parse_tid_config(struct ath10k *ar,
7191 			    struct ieee80211_sta *sta,
7192 			    struct ieee80211_vif *vif,
7193 			    struct cfg80211_tid_cfg *tid_conf,
7194 			    struct wmi_per_peer_per_tid_cfg_arg *arg)
7195 {
7196 	u32 changed = tid_conf->mask;
7197 	int ret = 0, i = 0;
7198 
7199 	if (!changed)
7200 		return -EINVAL;
7201 
7202 	while (i < ATH10K_TID_MAX) {
7203 		if (!(tid_conf->tids & BIT(i))) {
7204 			i++;
7205 			continue;
7206 		}
7207 
7208 		arg->tid = i;
7209 
7210 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7211 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE) {
7212 				arg->ack_policy = WMI_PEER_TID_CONFIG_NOACK;
7213 				arg->rate_ctrl =
7214 				WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
7215 				arg->aggr_control =
7216 					WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7217 			} else {
7218 				arg->ack_policy =
7219 					WMI_PEER_TID_CONFIG_ACK;
7220 				arg->rate_ctrl =
7221 					WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7222 				arg->aggr_control =
7223 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7224 			}
7225 		}
7226 
7227 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG))
7228 			arg->retry_count = tid_conf->retry_long;
7229 
7230 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7231 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE)
7232 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7233 			else
7234 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7235 		}
7236 
7237 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7238 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7239 			ret = ath10k_mac_tid_bitrate_config(ar, vif, sta,
7240 							    &arg->rcode_flags,
7241 							    &arg->rate_ctrl,
7242 							    tid_conf->txrate_type,
7243 							&tid_conf->txrate_mask);
7244 			if (ret) {
7245 				ath10k_warn(ar, "failed to configure bitrate mask %d\n",
7246 					    ret);
7247 				arg->rcode_flags = 0;
7248 				arg->rate_ctrl = 0;
7249 			}
7250 		}
7251 
7252 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7253 			if (tid_conf->rtscts)
7254 				arg->rtscts_ctrl = tid_conf->rtscts;
7255 
7256 			arg->ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7257 		}
7258 
7259 		ret = ath10k_mac_set_tid_config(ar, sta, vif, changed, arg);
7260 		if (ret)
7261 			return ret;
7262 		i++;
7263 	}
7264 
7265 	return ret;
7266 }
7267 
7268 static int ath10k_mac_reset_tid_config(struct ath10k *ar,
7269 				       struct ieee80211_sta *sta,
7270 				       struct ath10k_vif *arvif,
7271 				       u8 tids)
7272 {
7273 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7274 	struct wmi_per_peer_per_tid_cfg_arg arg;
7275 	int ret = 0, i = 0;
7276 
7277 	arg.vdev_id = arvif->vdev_id;
7278 	while (i < ATH10K_TID_MAX) {
7279 		if (!(tids & BIT(i))) {
7280 			i++;
7281 			continue;
7282 		}
7283 
7284 		arg.tid = i;
7285 		arg.ack_policy = WMI_PEER_TID_CONFIG_ACK;
7286 		arg.retry_count = ATH10K_MAX_RETRY_COUNT;
7287 		arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7288 		arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7289 		arg.rtscts_ctrl = WMI_TID_CONFIG_RTSCTS_CONTROL_ENABLE;
7290 		arg.ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7291 
7292 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7293 
7294 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7295 		if (ret)
7296 			return ret;
7297 
7298 		if (!arvif->tids_rst) {
7299 			arsta->retry_long[i] = -1;
7300 			arsta->noack[i] = -1;
7301 			arsta->ampdu[i] = -1;
7302 			arsta->rate_code[i] = -1;
7303 			arsta->rate_ctrl[i] = 0;
7304 			arsta->rtscts[i] = -1;
7305 		} else {
7306 			arvif->retry_long[i] = 0;
7307 			arvif->noack[i] = 0;
7308 			arvif->ampdu[i] = 0;
7309 			arvif->rate_code[i] = 0;
7310 			arvif->rate_ctrl[i] = 0;
7311 			arvif->rtscts[i] = 0;
7312 		}
7313 
7314 		i++;
7315 	}
7316 
7317 	return ret;
7318 }
7319 
7320 static void ath10k_sta_tid_cfg_wk(struct work_struct *wk)
7321 {
7322 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
7323 	struct ieee80211_sta *sta;
7324 	struct ath10k_sta *arsta;
7325 	struct ath10k_vif *arvif;
7326 	struct ath10k *ar;
7327 	bool config_apply;
7328 	int ret, i;
7329 	u32 changed;
7330 	u8 nss;
7331 
7332 	arsta = container_of(wk, struct ath10k_sta, tid_config_wk);
7333 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
7334 	arvif = arsta->arvif;
7335 	ar = arvif->ar;
7336 
7337 	mutex_lock(&ar->conf_mutex);
7338 
7339 	if (arvif->tids_rst) {
7340 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif,
7341 						  arvif->tids_rst);
7342 		goto exit;
7343 	}
7344 
7345 	ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7346 
7347 	for (i = 0; i < ATH10K_TID_MAX; i++) {
7348 		config_apply = false;
7349 		changed = arvif->tid_conf_changed[i];
7350 
7351 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7352 			if (arsta->noack[i] != -1) {
7353 				arg.ack_policy  = 0;
7354 			} else {
7355 				config_apply = true;
7356 				arg.ack_policy = arvif->noack[i];
7357 				arg.aggr_control = arvif->ampdu[i];
7358 				arg.rate_ctrl = arvif->rate_ctrl[i];
7359 			}
7360 		}
7361 
7362 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7363 			if (arsta->retry_long[i] != -1 ||
7364 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7365 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7366 				arg.retry_count = 0;
7367 			} else {
7368 				arg.retry_count = arvif->retry_long[i];
7369 				config_apply = true;
7370 			}
7371 		}
7372 
7373 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7374 			if (arsta->ampdu[i] != -1 ||
7375 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7376 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7377 				arg.aggr_control = 0;
7378 			} else {
7379 				arg.aggr_control = arvif->ampdu[i];
7380 				config_apply = true;
7381 			}
7382 		}
7383 
7384 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7385 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7386 			nss = ATH10K_HW_NSS(arvif->rate_code[i]);
7387 			ret = ath10k_mac_validate_rate_mask(ar, sta,
7388 							    arvif->rate_code[i],
7389 							    nss);
7390 			if (ret &&
7391 			    arvif->rate_ctrl[i] > WMI_TID_CONFIG_RATE_CONTROL_AUTO) {
7392 				arg.rate_ctrl = 0;
7393 				arg.rcode_flags = 0;
7394 			}
7395 
7396 			if (arsta->rate_ctrl[i] >
7397 			    WMI_TID_CONFIG_RATE_CONTROL_AUTO ||
7398 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7399 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7400 				arg.rate_ctrl = 0;
7401 				arg.rcode_flags = 0;
7402 			} else {
7403 				arg.rate_ctrl = arvif->rate_ctrl[i];
7404 				arg.rcode_flags = arvif->rate_code[i];
7405 				config_apply = true;
7406 			}
7407 		}
7408 
7409 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7410 			if (arsta->rtscts[i]) {
7411 				arg.rtscts_ctrl = 0;
7412 				arg.ext_tid_cfg_bitmap = 0;
7413 			} else {
7414 				arg.rtscts_ctrl = arvif->rtscts[i] - 1;
7415 				arg.ext_tid_cfg_bitmap =
7416 					WMI_EXT_TID_RTS_CTS_CONFIG;
7417 				config_apply = true;
7418 			}
7419 		}
7420 
7421 		arg.tid = i;
7422 
7423 		if (config_apply) {
7424 			ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7425 			if (ret)
7426 				ath10k_warn(ar, "failed to set per tid config for sta %pM: %d\n",
7427 					    sta->addr, ret);
7428 		}
7429 
7430 		arg.ack_policy  = 0;
7431 		arg.retry_count  = 0;
7432 		arg.aggr_control  = 0;
7433 		arg.rate_ctrl = 0;
7434 		arg.rcode_flags = 0;
7435 	}
7436 
7437 exit:
7438 	mutex_unlock(&ar->conf_mutex);
7439 }
7440 
7441 static void ath10k_mac_vif_stations_tid_conf(void *data,
7442 					     struct ieee80211_sta *sta)
7443 {
7444 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7445 	struct ath10k_mac_iter_tid_conf_data *iter_data = data;
7446 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
7447 
7448 	if (sta_vif != iter_data->curr_vif || !sta->wme)
7449 		return;
7450 
7451 	ieee80211_queue_work(iter_data->ar->hw, &arsta->tid_config_wk);
7452 }
7453 
7454 static int ath10k_sta_state(struct ieee80211_hw *hw,
7455 			    struct ieee80211_vif *vif,
7456 			    struct ieee80211_sta *sta,
7457 			    enum ieee80211_sta_state old_state,
7458 			    enum ieee80211_sta_state new_state)
7459 {
7460 	struct ath10k *ar = hw->priv;
7461 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7462 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7463 	struct ath10k_peer *peer;
7464 	int ret = 0;
7465 	int i;
7466 
7467 	if (old_state == IEEE80211_STA_NOTEXIST &&
7468 	    new_state == IEEE80211_STA_NONE) {
7469 		memset(arsta, 0, sizeof(*arsta));
7470 		arsta->arvif = arvif;
7471 		arsta->peer_ps_state = WMI_PEER_PS_STATE_DISABLED;
7472 		INIT_WORK(&arsta->update_wk, ath10k_sta_rc_update_wk);
7473 		INIT_WORK(&arsta->tid_config_wk, ath10k_sta_tid_cfg_wk);
7474 
7475 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7476 			ath10k_mac_txq_init(sta->txq[i]);
7477 	}
7478 
7479 	/* cancel must be done outside the mutex to avoid deadlock */
7480 	if ((old_state == IEEE80211_STA_NONE &&
7481 	     new_state == IEEE80211_STA_NOTEXIST)) {
7482 		cancel_work_sync(&arsta->update_wk);
7483 		cancel_work_sync(&arsta->tid_config_wk);
7484 	}
7485 
7486 	mutex_lock(&ar->conf_mutex);
7487 
7488 	if (old_state == IEEE80211_STA_NOTEXIST &&
7489 	    new_state == IEEE80211_STA_NONE) {
7490 		/*
7491 		 * New station addition.
7492 		 */
7493 		enum wmi_peer_type peer_type = WMI_PEER_TYPE_DEFAULT;
7494 		u32 num_tdls_stations;
7495 
7496 		ath10k_dbg(ar, ATH10K_DBG_STA,
7497 			   "mac vdev %d peer create %pM (new sta) sta %d / %d peer %d / %d\n",
7498 			   arvif->vdev_id, sta->addr,
7499 			   ar->num_stations + 1, ar->max_num_stations,
7500 			   ar->num_peers + 1, ar->max_num_peers);
7501 
7502 		num_tdls_stations = ath10k_mac_tdls_vif_stations_count(hw, vif);
7503 
7504 		if (sta->tdls) {
7505 			if (num_tdls_stations >= ar->max_num_tdls_vdevs) {
7506 				ath10k_warn(ar, "vdev %i exceeded maximum number of tdls vdevs %i\n",
7507 					    arvif->vdev_id,
7508 					    ar->max_num_tdls_vdevs);
7509 				ret = -ELNRNG;
7510 				goto exit;
7511 			}
7512 			peer_type = WMI_PEER_TYPE_TDLS;
7513 		}
7514 
7515 		ret = ath10k_mac_inc_num_stations(arvif, sta);
7516 		if (ret) {
7517 			ath10k_warn(ar, "refusing to associate station: too many connected already (%d)\n",
7518 				    ar->max_num_stations);
7519 			goto exit;
7520 		}
7521 
7522 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7523 			arsta->tx_stats = kzalloc(sizeof(*arsta->tx_stats),
7524 						  GFP_KERNEL);
7525 			if (!arsta->tx_stats) {
7526 				ath10k_mac_dec_num_stations(arvif, sta);
7527 				ret = -ENOMEM;
7528 				goto exit;
7529 			}
7530 		}
7531 
7532 		ret = ath10k_peer_create(ar, vif, sta, arvif->vdev_id,
7533 					 sta->addr, peer_type);
7534 		if (ret) {
7535 			ath10k_warn(ar, "failed to add peer %pM for vdev %d when adding a new sta: %i\n",
7536 				    sta->addr, arvif->vdev_id, ret);
7537 			ath10k_mac_dec_num_stations(arvif, sta);
7538 			kfree(arsta->tx_stats);
7539 			goto exit;
7540 		}
7541 
7542 		spin_lock_bh(&ar->data_lock);
7543 
7544 		peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
7545 		if (!peer) {
7546 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
7547 				    vif->addr, arvif->vdev_id);
7548 			spin_unlock_bh(&ar->data_lock);
7549 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7550 			ath10k_mac_dec_num_stations(arvif, sta);
7551 			kfree(arsta->tx_stats);
7552 			ret = -ENOENT;
7553 			goto exit;
7554 		}
7555 
7556 		arsta->peer_id = find_first_bit(peer->peer_ids,
7557 						ATH10K_MAX_NUM_PEER_IDS);
7558 
7559 		spin_unlock_bh(&ar->data_lock);
7560 
7561 		if (!sta->tdls)
7562 			goto exit;
7563 
7564 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7565 						      WMI_TDLS_ENABLE_ACTIVE);
7566 		if (ret) {
7567 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7568 				    arvif->vdev_id, ret);
7569 			ath10k_peer_delete(ar, arvif->vdev_id,
7570 					   sta->addr);
7571 			ath10k_mac_dec_num_stations(arvif, sta);
7572 			kfree(arsta->tx_stats);
7573 			goto exit;
7574 		}
7575 
7576 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7577 						  WMI_TDLS_PEER_STATE_PEERING);
7578 		if (ret) {
7579 			ath10k_warn(ar,
7580 				    "failed to update tdls peer %pM for vdev %d when adding a new sta: %i\n",
7581 				    sta->addr, arvif->vdev_id, ret);
7582 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7583 			ath10k_mac_dec_num_stations(arvif, sta);
7584 			kfree(arsta->tx_stats);
7585 
7586 			if (num_tdls_stations != 0)
7587 				goto exit;
7588 			ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7589 							WMI_TDLS_DISABLE);
7590 		}
7591 	} else if ((old_state == IEEE80211_STA_NONE &&
7592 		    new_state == IEEE80211_STA_NOTEXIST)) {
7593 		/*
7594 		 * Existing station deletion.
7595 		 */
7596 		ath10k_dbg(ar, ATH10K_DBG_STA,
7597 			   "mac vdev %d peer delete %pM sta %pK (sta gone)\n",
7598 			   arvif->vdev_id, sta->addr, sta);
7599 
7600 		if (sta->tdls) {
7601 			ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id,
7602 							  sta,
7603 							  WMI_TDLS_PEER_STATE_TEARDOWN);
7604 			if (ret)
7605 				ath10k_warn(ar, "failed to update tdls peer state for %pM state %d: %i\n",
7606 					    sta->addr,
7607 					    WMI_TDLS_PEER_STATE_TEARDOWN, ret);
7608 		}
7609 
7610 		ret = ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7611 		if (ret)
7612 			ath10k_warn(ar, "failed to delete peer %pM for vdev %d: %i\n",
7613 				    sta->addr, arvif->vdev_id, ret);
7614 
7615 		ath10k_mac_dec_num_stations(arvif, sta);
7616 
7617 		spin_lock_bh(&ar->data_lock);
7618 		for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
7619 			peer = ar->peer_map[i];
7620 			if (!peer)
7621 				continue;
7622 
7623 			if (peer->sta == sta) {
7624 				ath10k_warn(ar, "found sta peer %pM (ptr %pK id %d) entry on vdev %i after it was supposedly removed\n",
7625 					    sta->addr, peer, i, arvif->vdev_id);
7626 				peer->sta = NULL;
7627 
7628 				/* Clean up the peer object as well since we
7629 				 * must have failed to do this above.
7630 				 */
7631 				ath10k_peer_map_cleanup(ar, peer);
7632 			}
7633 		}
7634 		spin_unlock_bh(&ar->data_lock);
7635 
7636 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7637 			kfree(arsta->tx_stats);
7638 			arsta->tx_stats = NULL;
7639 		}
7640 
7641 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7642 			ath10k_mac_txq_unref(ar, sta->txq[i]);
7643 
7644 		if (!sta->tdls)
7645 			goto exit;
7646 
7647 		if (ath10k_mac_tdls_vif_stations_count(hw, vif))
7648 			goto exit;
7649 
7650 		/* This was the last tdls peer in current vif */
7651 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7652 						      WMI_TDLS_DISABLE);
7653 		if (ret) {
7654 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7655 				    arvif->vdev_id, ret);
7656 		}
7657 	} else if (old_state == IEEE80211_STA_AUTH &&
7658 		   new_state == IEEE80211_STA_ASSOC &&
7659 		   (vif->type == NL80211_IFTYPE_AP ||
7660 		    vif->type == NL80211_IFTYPE_MESH_POINT ||
7661 		    vif->type == NL80211_IFTYPE_ADHOC)) {
7662 		/*
7663 		 * New association.
7664 		 */
7665 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac sta %pM associated\n",
7666 			   sta->addr);
7667 
7668 		ret = ath10k_station_assoc(ar, vif, sta, false);
7669 		if (ret)
7670 			ath10k_warn(ar, "failed to associate station %pM for vdev %i: %i\n",
7671 				    sta->addr, arvif->vdev_id, ret);
7672 	} else if (old_state == IEEE80211_STA_ASSOC &&
7673 		   new_state == IEEE80211_STA_AUTHORIZED &&
7674 		   sta->tdls) {
7675 		/*
7676 		 * Tdls station authorized.
7677 		 */
7678 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac tdls sta %pM authorized\n",
7679 			   sta->addr);
7680 
7681 		ret = ath10k_station_assoc(ar, vif, sta, false);
7682 		if (ret) {
7683 			ath10k_warn(ar, "failed to associate tdls station %pM for vdev %i: %i\n",
7684 				    sta->addr, arvif->vdev_id, ret);
7685 			goto exit;
7686 		}
7687 
7688 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7689 						  WMI_TDLS_PEER_STATE_CONNECTED);
7690 		if (ret)
7691 			ath10k_warn(ar, "failed to update tdls peer %pM for vdev %i: %i\n",
7692 				    sta->addr, arvif->vdev_id, ret);
7693 	} else if (old_state == IEEE80211_STA_ASSOC &&
7694 		    new_state == IEEE80211_STA_AUTH &&
7695 		    (vif->type == NL80211_IFTYPE_AP ||
7696 		     vif->type == NL80211_IFTYPE_MESH_POINT ||
7697 		     vif->type == NL80211_IFTYPE_ADHOC)) {
7698 		/*
7699 		 * Disassociation.
7700 		 */
7701 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac sta %pM disassociated\n",
7702 			   sta->addr);
7703 
7704 		ret = ath10k_station_disassoc(ar, vif, sta);
7705 		if (ret)
7706 			ath10k_warn(ar, "failed to disassociate station: %pM vdev %i: %i\n",
7707 				    sta->addr, arvif->vdev_id, ret);
7708 	}
7709 exit:
7710 	mutex_unlock(&ar->conf_mutex);
7711 	return ret;
7712 }
7713 
7714 static int ath10k_conf_tx_uapsd(struct ath10k *ar, struct ieee80211_vif *vif,
7715 				u16 ac, bool enable)
7716 {
7717 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7718 	struct wmi_sta_uapsd_auto_trig_arg arg = {};
7719 	u32 prio = 0, acc = 0;
7720 	u32 value = 0;
7721 	int ret = 0;
7722 
7723 	lockdep_assert_held(&ar->conf_mutex);
7724 
7725 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
7726 		return 0;
7727 
7728 	switch (ac) {
7729 	case IEEE80211_AC_VO:
7730 		value = WMI_STA_PS_UAPSD_AC3_DELIVERY_EN |
7731 			WMI_STA_PS_UAPSD_AC3_TRIGGER_EN;
7732 		prio = 7;
7733 		acc = 3;
7734 		break;
7735 	case IEEE80211_AC_VI:
7736 		value = WMI_STA_PS_UAPSD_AC2_DELIVERY_EN |
7737 			WMI_STA_PS_UAPSD_AC2_TRIGGER_EN;
7738 		prio = 5;
7739 		acc = 2;
7740 		break;
7741 	case IEEE80211_AC_BE:
7742 		value = WMI_STA_PS_UAPSD_AC1_DELIVERY_EN |
7743 			WMI_STA_PS_UAPSD_AC1_TRIGGER_EN;
7744 		prio = 2;
7745 		acc = 1;
7746 		break;
7747 	case IEEE80211_AC_BK:
7748 		value = WMI_STA_PS_UAPSD_AC0_DELIVERY_EN |
7749 			WMI_STA_PS_UAPSD_AC0_TRIGGER_EN;
7750 		prio = 0;
7751 		acc = 0;
7752 		break;
7753 	}
7754 
7755 	if (enable)
7756 		arvif->u.sta.uapsd |= value;
7757 	else
7758 		arvif->u.sta.uapsd &= ~value;
7759 
7760 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7761 					  WMI_STA_PS_PARAM_UAPSD,
7762 					  arvif->u.sta.uapsd);
7763 	if (ret) {
7764 		ath10k_warn(ar, "failed to set uapsd params: %d\n", ret);
7765 		goto exit;
7766 	}
7767 
7768 	if (arvif->u.sta.uapsd)
7769 		value = WMI_STA_PS_RX_WAKE_POLICY_POLL_UAPSD;
7770 	else
7771 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
7772 
7773 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7774 					  WMI_STA_PS_PARAM_RX_WAKE_POLICY,
7775 					  value);
7776 	if (ret)
7777 		ath10k_warn(ar, "failed to set rx wake param: %d\n", ret);
7778 
7779 	ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
7780 	if (ret) {
7781 		ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
7782 			    arvif->vdev_id, ret);
7783 		return ret;
7784 	}
7785 
7786 	ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
7787 	if (ret) {
7788 		ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
7789 			    arvif->vdev_id, ret);
7790 		return ret;
7791 	}
7792 
7793 	if (test_bit(WMI_SERVICE_STA_UAPSD_BASIC_AUTO_TRIG, ar->wmi.svc_map) ||
7794 	    test_bit(WMI_SERVICE_STA_UAPSD_VAR_AUTO_TRIG, ar->wmi.svc_map)) {
7795 		/* Only userspace can make an educated decision when to send
7796 		 * trigger frame. The following effectively disables u-UAPSD
7797 		 * autotrigger in firmware (which is enabled by default
7798 		 * provided the autotrigger service is available).
7799 		 */
7800 
7801 		arg.wmm_ac = acc;
7802 		arg.user_priority = prio;
7803 		arg.service_interval = 0;
7804 		arg.suspend_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7805 		arg.delay_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7806 
7807 		ret = ath10k_wmi_vdev_sta_uapsd(ar, arvif->vdev_id,
7808 						arvif->bssid, &arg, 1);
7809 		if (ret) {
7810 			ath10k_warn(ar, "failed to set uapsd auto trigger %d\n",
7811 				    ret);
7812 			return ret;
7813 		}
7814 	}
7815 
7816 exit:
7817 	return ret;
7818 }
7819 
7820 static int ath10k_conf_tx(struct ieee80211_hw *hw,
7821 			  struct ieee80211_vif *vif,
7822 			  unsigned int link_id, u16 ac,
7823 			  const struct ieee80211_tx_queue_params *params)
7824 {
7825 	struct ath10k *ar = hw->priv;
7826 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7827 	struct wmi_wmm_params_arg *p = NULL;
7828 	int ret;
7829 
7830 	mutex_lock(&ar->conf_mutex);
7831 
7832 	switch (ac) {
7833 	case IEEE80211_AC_VO:
7834 		p = &arvif->wmm_params.ac_vo;
7835 		break;
7836 	case IEEE80211_AC_VI:
7837 		p = &arvif->wmm_params.ac_vi;
7838 		break;
7839 	case IEEE80211_AC_BE:
7840 		p = &arvif->wmm_params.ac_be;
7841 		break;
7842 	case IEEE80211_AC_BK:
7843 		p = &arvif->wmm_params.ac_bk;
7844 		break;
7845 	}
7846 
7847 	if (WARN_ON(!p)) {
7848 		ret = -EINVAL;
7849 		goto exit;
7850 	}
7851 
7852 	p->cwmin = params->cw_min;
7853 	p->cwmax = params->cw_max;
7854 	p->aifs = params->aifs;
7855 
7856 	/*
7857 	 * The channel time duration programmed in the HW is in absolute
7858 	 * microseconds, while mac80211 gives the txop in units of
7859 	 * 32 microseconds.
7860 	 */
7861 	p->txop = params->txop * 32;
7862 
7863 	if (ar->wmi.ops->gen_vdev_wmm_conf) {
7864 		ret = ath10k_wmi_vdev_wmm_conf(ar, arvif->vdev_id,
7865 					       &arvif->wmm_params);
7866 		if (ret) {
7867 			ath10k_warn(ar, "failed to set vdev wmm params on vdev %i: %d\n",
7868 				    arvif->vdev_id, ret);
7869 			goto exit;
7870 		}
7871 	} else {
7872 		/* This won't work well with multi-interface cases but it's
7873 		 * better than nothing.
7874 		 */
7875 		ret = ath10k_wmi_pdev_set_wmm_params(ar, &arvif->wmm_params);
7876 		if (ret) {
7877 			ath10k_warn(ar, "failed to set wmm params: %d\n", ret);
7878 			goto exit;
7879 		}
7880 	}
7881 
7882 	ret = ath10k_conf_tx_uapsd(ar, vif, ac, params->uapsd);
7883 	if (ret)
7884 		ath10k_warn(ar, "failed to set sta uapsd: %d\n", ret);
7885 
7886 exit:
7887 	mutex_unlock(&ar->conf_mutex);
7888 	return ret;
7889 }
7890 
7891 static int ath10k_remain_on_channel(struct ieee80211_hw *hw,
7892 				    struct ieee80211_vif *vif,
7893 				    struct ieee80211_channel *chan,
7894 				    int duration,
7895 				    enum ieee80211_roc_type type)
7896 {
7897 	struct ath10k *ar = hw->priv;
7898 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7899 	struct wmi_start_scan_arg arg;
7900 	int ret = 0;
7901 	u32 scan_time_msec;
7902 
7903 	mutex_lock(&ar->conf_mutex);
7904 
7905 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
7906 		ret = -EBUSY;
7907 		goto exit;
7908 	}
7909 
7910 	spin_lock_bh(&ar->data_lock);
7911 	switch (ar->scan.state) {
7912 	case ATH10K_SCAN_IDLE:
7913 		reinit_completion(&ar->scan.started);
7914 		reinit_completion(&ar->scan.completed);
7915 		reinit_completion(&ar->scan.on_channel);
7916 		ar->scan.state = ATH10K_SCAN_STARTING;
7917 		ar->scan.is_roc = true;
7918 		ar->scan.vdev_id = arvif->vdev_id;
7919 		ar->scan.roc_freq = chan->center_freq;
7920 		ar->scan.roc_notify = true;
7921 		ret = 0;
7922 		break;
7923 	case ATH10K_SCAN_STARTING:
7924 	case ATH10K_SCAN_RUNNING:
7925 	case ATH10K_SCAN_ABORTING:
7926 		ret = -EBUSY;
7927 		break;
7928 	}
7929 	spin_unlock_bh(&ar->data_lock);
7930 
7931 	if (ret)
7932 		goto exit;
7933 
7934 	scan_time_msec = ar->hw->wiphy->max_remain_on_channel_duration * 2;
7935 
7936 	memset(&arg, 0, sizeof(arg));
7937 	ath10k_wmi_start_scan_init(ar, &arg);
7938 	arg.vdev_id = arvif->vdev_id;
7939 	arg.scan_id = ATH10K_SCAN_ID;
7940 	arg.n_channels = 1;
7941 	arg.channels[0] = chan->center_freq;
7942 	arg.dwell_time_active = scan_time_msec;
7943 	arg.dwell_time_passive = scan_time_msec;
7944 	arg.max_scan_time = scan_time_msec;
7945 	arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
7946 	arg.scan_ctrl_flags |= WMI_SCAN_FILTER_PROBE_REQ;
7947 	arg.burst_duration_ms = duration;
7948 
7949 	ret = ath10k_start_scan(ar, &arg);
7950 	if (ret) {
7951 		ath10k_warn(ar, "failed to start roc scan: %d\n", ret);
7952 		spin_lock_bh(&ar->data_lock);
7953 		ar->scan.state = ATH10K_SCAN_IDLE;
7954 		spin_unlock_bh(&ar->data_lock);
7955 		goto exit;
7956 	}
7957 
7958 	ret = wait_for_completion_timeout(&ar->scan.on_channel, 3 * HZ);
7959 	if (ret == 0) {
7960 		ath10k_warn(ar, "failed to switch to channel for roc scan\n");
7961 
7962 		ret = ath10k_scan_stop(ar);
7963 		if (ret)
7964 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
7965 
7966 		ret = -ETIMEDOUT;
7967 		goto exit;
7968 	}
7969 
7970 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
7971 				     msecs_to_jiffies(duration));
7972 
7973 	ret = 0;
7974 exit:
7975 	mutex_unlock(&ar->conf_mutex);
7976 	return ret;
7977 }
7978 
7979 static int ath10k_cancel_remain_on_channel(struct ieee80211_hw *hw,
7980 					   struct ieee80211_vif *vif)
7981 {
7982 	struct ath10k *ar = hw->priv;
7983 
7984 	mutex_lock(&ar->conf_mutex);
7985 
7986 	spin_lock_bh(&ar->data_lock);
7987 	ar->scan.roc_notify = false;
7988 	spin_unlock_bh(&ar->data_lock);
7989 
7990 	ath10k_scan_abort(ar);
7991 
7992 	mutex_unlock(&ar->conf_mutex);
7993 
7994 	cancel_delayed_work_sync(&ar->scan.timeout);
7995 
7996 	return 0;
7997 }
7998 
7999 /*
8000  * Both RTS and Fragmentation threshold are interface-specific
8001  * in ath10k, but device-specific in mac80211.
8002  */
8003 
8004 static int ath10k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
8005 {
8006 	struct ath10k *ar = hw->priv;
8007 	struct ath10k_vif *arvif;
8008 	int ret = 0;
8009 
8010 	mutex_lock(&ar->conf_mutex);
8011 	list_for_each_entry(arvif, &ar->arvifs, list) {
8012 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d rts threshold %d\n",
8013 			   arvif->vdev_id, value);
8014 
8015 		ret = ath10k_mac_set_rts(arvif, value);
8016 		if (ret) {
8017 			ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
8018 				    arvif->vdev_id, ret);
8019 			break;
8020 		}
8021 	}
8022 	mutex_unlock(&ar->conf_mutex);
8023 
8024 	return ret;
8025 }
8026 
8027 static int ath10k_mac_op_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
8028 {
8029 	/* Even though there's a WMI enum for fragmentation threshold no known
8030 	 * firmware actually implements it. Moreover it is not possible to rely
8031 	 * frame fragmentation to mac80211 because firmware clears the "more
8032 	 * fragments" bit in frame control making it impossible for remote
8033 	 * devices to reassemble frames.
8034 	 *
8035 	 * Hence implement a dummy callback just to say fragmentation isn't
8036 	 * supported. This effectively prevents mac80211 from doing frame
8037 	 * fragmentation in software.
8038 	 */
8039 	return -EOPNOTSUPP;
8040 }
8041 
8042 void ath10k_mac_wait_tx_complete(struct ath10k *ar)
8043 {
8044 	bool skip;
8045 	long time_left;
8046 
8047 	/* mac80211 doesn't care if we really xmit queued frames or not
8048 	 * we'll collect those frames either way if we stop/delete vdevs
8049 	 */
8050 
8051 	if (ar->state == ATH10K_STATE_WEDGED)
8052 		return;
8053 
8054 	time_left = wait_event_timeout(ar->htt.empty_tx_wq, ({
8055 			bool empty;
8056 
8057 			spin_lock_bh(&ar->htt.tx_lock);
8058 			empty = (ar->htt.num_pending_tx == 0);
8059 			spin_unlock_bh(&ar->htt.tx_lock);
8060 
8061 			skip = (ar->state == ATH10K_STATE_WEDGED) ||
8062 			       test_bit(ATH10K_FLAG_CRASH_FLUSH,
8063 					&ar->dev_flags);
8064 
8065 			(empty || skip);
8066 		}), ATH10K_FLUSH_TIMEOUT_HZ);
8067 
8068 	if (time_left == 0 || skip)
8069 		ath10k_warn(ar, "failed to flush transmit queue (skip %i ar-state %i): %ld\n",
8070 			    skip, ar->state, time_left);
8071 }
8072 
8073 static void ath10k_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
8074 			 u32 queues, bool drop)
8075 {
8076 	struct ath10k *ar = hw->priv;
8077 	struct ath10k_vif *arvif;
8078 	u32 bitmap;
8079 
8080 	if (drop) {
8081 		if (vif && vif->type == NL80211_IFTYPE_STATION) {
8082 			bitmap = ~(1 << WMI_MGMT_TID);
8083 			list_for_each_entry(arvif, &ar->arvifs, list) {
8084 				if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
8085 					ath10k_wmi_peer_flush(ar, arvif->vdev_id,
8086 							      arvif->bssid, bitmap);
8087 			}
8088 			ath10k_htt_flush_tx(&ar->htt);
8089 		}
8090 		return;
8091 	}
8092 
8093 	mutex_lock(&ar->conf_mutex);
8094 	ath10k_mac_wait_tx_complete(ar);
8095 	mutex_unlock(&ar->conf_mutex);
8096 }
8097 
8098 /* TODO: Implement this function properly
8099  * For now it is needed to reply to Probe Requests in IBSS mode.
8100  * Propably we need this information from FW.
8101  */
8102 static int ath10k_tx_last_beacon(struct ieee80211_hw *hw)
8103 {
8104 	return 1;
8105 }
8106 
8107 static void ath10k_reconfig_complete(struct ieee80211_hw *hw,
8108 				     enum ieee80211_reconfig_type reconfig_type)
8109 {
8110 	struct ath10k *ar = hw->priv;
8111 
8112 	if (reconfig_type != IEEE80211_RECONFIG_TYPE_RESTART)
8113 		return;
8114 
8115 	mutex_lock(&ar->conf_mutex);
8116 
8117 	/* If device failed to restart it will be in a different state, e.g.
8118 	 * ATH10K_STATE_WEDGED
8119 	 */
8120 	if (ar->state == ATH10K_STATE_RESTARTED) {
8121 		ath10k_info(ar, "device successfully recovered\n");
8122 		ar->state = ATH10K_STATE_ON;
8123 		ieee80211_wake_queues(ar->hw);
8124 		clear_bit(ATH10K_FLAG_RESTARTING, &ar->dev_flags);
8125 	}
8126 
8127 	mutex_unlock(&ar->conf_mutex);
8128 }
8129 
8130 static void
8131 ath10k_mac_update_bss_chan_survey(struct ath10k *ar,
8132 				  struct ieee80211_channel *channel)
8133 {
8134 	int ret;
8135 	enum wmi_bss_survey_req_type type = WMI_BSS_SURVEY_REQ_TYPE_READ;
8136 
8137 	lockdep_assert_held(&ar->conf_mutex);
8138 
8139 	if (!test_bit(WMI_SERVICE_BSS_CHANNEL_INFO_64, ar->wmi.svc_map) ||
8140 	    (ar->rx_channel != channel))
8141 		return;
8142 
8143 	if (ar->scan.state != ATH10K_SCAN_IDLE) {
8144 		ath10k_dbg(ar, ATH10K_DBG_MAC, "ignoring bss chan info request while scanning..\n");
8145 		return;
8146 	}
8147 
8148 	reinit_completion(&ar->bss_survey_done);
8149 
8150 	ret = ath10k_wmi_pdev_bss_chan_info_request(ar, type);
8151 	if (ret) {
8152 		ath10k_warn(ar, "failed to send pdev bss chan info request\n");
8153 		return;
8154 	}
8155 
8156 	ret = wait_for_completion_timeout(&ar->bss_survey_done, 3 * HZ);
8157 	if (!ret) {
8158 		ath10k_warn(ar, "bss channel survey timed out\n");
8159 		return;
8160 	}
8161 }
8162 
8163 static int ath10k_get_survey(struct ieee80211_hw *hw, int idx,
8164 			     struct survey_info *survey)
8165 {
8166 	struct ath10k *ar = hw->priv;
8167 	struct ieee80211_supported_band *sband;
8168 	struct survey_info *ar_survey = &ar->survey[idx];
8169 	int ret = 0;
8170 
8171 	mutex_lock(&ar->conf_mutex);
8172 
8173 	sband = hw->wiphy->bands[NL80211_BAND_2GHZ];
8174 	if (sband && idx >= sband->n_channels) {
8175 		idx -= sband->n_channels;
8176 		sband = NULL;
8177 	}
8178 
8179 	if (!sband)
8180 		sband = hw->wiphy->bands[NL80211_BAND_5GHZ];
8181 
8182 	if (!sband || idx >= sband->n_channels) {
8183 		ret = -ENOENT;
8184 		goto exit;
8185 	}
8186 
8187 	ath10k_mac_update_bss_chan_survey(ar, &sband->channels[idx]);
8188 
8189 	spin_lock_bh(&ar->data_lock);
8190 	memcpy(survey, ar_survey, sizeof(*survey));
8191 	spin_unlock_bh(&ar->data_lock);
8192 
8193 	survey->channel = &sband->channels[idx];
8194 
8195 	if (ar->rx_channel == survey->channel)
8196 		survey->filled |= SURVEY_INFO_IN_USE;
8197 
8198 exit:
8199 	mutex_unlock(&ar->conf_mutex);
8200 	return ret;
8201 }
8202 
8203 static bool
8204 ath10k_mac_bitrate_mask_get_single_nss(struct ath10k *ar,
8205 				       enum nl80211_band band,
8206 				       const struct cfg80211_bitrate_mask *mask,
8207 				       int *nss)
8208 {
8209 	struct ieee80211_supported_band *sband = &ar->mac.sbands[band];
8210 	u16 vht_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
8211 	u8 ht_nss_mask = 0;
8212 	u8 vht_nss_mask = 0;
8213 	int i;
8214 
8215 	if (mask->control[band].legacy)
8216 		return false;
8217 
8218 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
8219 		if (mask->control[band].ht_mcs[i] == 0)
8220 			continue;
8221 		else if (mask->control[band].ht_mcs[i] ==
8222 			 sband->ht_cap.mcs.rx_mask[i])
8223 			ht_nss_mask |= BIT(i);
8224 		else
8225 			return false;
8226 	}
8227 
8228 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
8229 		if (mask->control[band].vht_mcs[i] == 0)
8230 			continue;
8231 		else if (mask->control[band].vht_mcs[i] ==
8232 			 ath10k_mac_get_max_vht_mcs_map(vht_mcs_map, i))
8233 			vht_nss_mask |= BIT(i);
8234 		else
8235 			return false;
8236 	}
8237 
8238 	if (ht_nss_mask != vht_nss_mask)
8239 		return false;
8240 
8241 	if (ht_nss_mask == 0)
8242 		return false;
8243 
8244 	if (BIT(fls(ht_nss_mask)) - 1 != ht_nss_mask)
8245 		return false;
8246 
8247 	*nss = fls(ht_nss_mask);
8248 
8249 	return true;
8250 }
8251 
8252 static int ath10k_mac_set_fixed_rate_params(struct ath10k_vif *arvif,
8253 					    u8 rate, u8 nss, u8 sgi, u8 ldpc)
8254 {
8255 	struct ath10k *ar = arvif->ar;
8256 	u32 vdev_param;
8257 	int ret;
8258 
8259 	lockdep_assert_held(&ar->conf_mutex);
8260 
8261 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac set fixed rate params vdev %i rate 0x%02x nss %u sgi %u\n",
8262 		   arvif->vdev_id, rate, nss, sgi);
8263 
8264 	vdev_param = ar->wmi.vdev_param->fixed_rate;
8265 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, rate);
8266 	if (ret) {
8267 		ath10k_warn(ar, "failed to set fixed rate param 0x%02x: %d\n",
8268 			    rate, ret);
8269 		return ret;
8270 	}
8271 
8272 	vdev_param = ar->wmi.vdev_param->nss;
8273 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, nss);
8274 	if (ret) {
8275 		ath10k_warn(ar, "failed to set nss param %d: %d\n", nss, ret);
8276 		return ret;
8277 	}
8278 
8279 	vdev_param = ar->wmi.vdev_param->sgi;
8280 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, sgi);
8281 	if (ret) {
8282 		ath10k_warn(ar, "failed to set sgi param %d: %d\n", sgi, ret);
8283 		return ret;
8284 	}
8285 
8286 	vdev_param = ar->wmi.vdev_param->ldpc;
8287 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, ldpc);
8288 	if (ret) {
8289 		ath10k_warn(ar, "failed to set ldpc param %d: %d\n", ldpc, ret);
8290 		return ret;
8291 	}
8292 
8293 	return 0;
8294 }
8295 
8296 static bool
8297 ath10k_mac_can_set_bitrate_mask(struct ath10k *ar,
8298 				enum nl80211_band band,
8299 				const struct cfg80211_bitrate_mask *mask,
8300 				bool allow_pfr)
8301 {
8302 	int i;
8303 	u16 vht_mcs;
8304 
8305 	/* Due to firmware limitation in WMI_PEER_ASSOC_CMDID it is impossible
8306 	 * to express all VHT MCS rate masks. Effectively only the following
8307 	 * ranges can be used: none, 0-7, 0-8 and 0-9.
8308 	 */
8309 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
8310 		vht_mcs = mask->control[band].vht_mcs[i];
8311 
8312 		switch (vht_mcs) {
8313 		case 0:
8314 		case BIT(8) - 1:
8315 		case BIT(9) - 1:
8316 		case BIT(10) - 1:
8317 			break;
8318 		default:
8319 			if (!allow_pfr)
8320 				ath10k_warn(ar, "refusing bitrate mask with missing 0-7 VHT MCS rates\n");
8321 			return false;
8322 		}
8323 	}
8324 
8325 	return true;
8326 }
8327 
8328 static bool ath10k_mac_set_vht_bitrate_mask_fixup(struct ath10k *ar,
8329 						  struct ath10k_vif *arvif,
8330 						  struct ieee80211_sta *sta)
8331 {
8332 	int err;
8333 	u8 rate = arvif->vht_pfr;
8334 
8335 	/* skip non vht and multiple rate peers */
8336 	if (!sta->deflink.vht_cap.vht_supported || arvif->vht_num_rates != 1)
8337 		return false;
8338 
8339 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8340 					WMI_PEER_PARAM_FIXED_RATE, rate);
8341 	if (err)
8342 		ath10k_warn(ar, "failed to enable STA %pM peer fixed rate: %d\n",
8343 			    sta->addr, err);
8344 
8345 	return true;
8346 }
8347 
8348 static void ath10k_mac_set_bitrate_mask_iter(void *data,
8349 					     struct ieee80211_sta *sta)
8350 {
8351 	struct ath10k_vif *arvif = data;
8352 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8353 	struct ath10k *ar = arvif->ar;
8354 
8355 	if (arsta->arvif != arvif)
8356 		return;
8357 
8358 	if (ath10k_mac_set_vht_bitrate_mask_fixup(ar, arvif, sta))
8359 		return;
8360 
8361 	spin_lock_bh(&ar->data_lock);
8362 	arsta->changed |= IEEE80211_RC_SUPP_RATES_CHANGED;
8363 	spin_unlock_bh(&ar->data_lock);
8364 
8365 	ieee80211_queue_work(ar->hw, &arsta->update_wk);
8366 }
8367 
8368 static void ath10k_mac_clr_bitrate_mask_iter(void *data,
8369 					     struct ieee80211_sta *sta)
8370 {
8371 	struct ath10k_vif *arvif = data;
8372 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8373 	struct ath10k *ar = arvif->ar;
8374 	int err;
8375 
8376 	/* clear vht peers only */
8377 	if (arsta->arvif != arvif || !sta->deflink.vht_cap.vht_supported)
8378 		return;
8379 
8380 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8381 					WMI_PEER_PARAM_FIXED_RATE,
8382 					WMI_FIXED_RATE_NONE);
8383 	if (err)
8384 		ath10k_warn(ar, "failed to clear STA %pM peer fixed rate: %d\n",
8385 			    sta->addr, err);
8386 }
8387 
8388 static int ath10k_mac_op_set_bitrate_mask(struct ieee80211_hw *hw,
8389 					  struct ieee80211_vif *vif,
8390 					  const struct cfg80211_bitrate_mask *mask)
8391 {
8392 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8393 	struct cfg80211_chan_def def;
8394 	struct ath10k *ar = arvif->ar;
8395 	enum nl80211_band band;
8396 	const u8 *ht_mcs_mask;
8397 	const u16 *vht_mcs_mask;
8398 	u8 rate;
8399 	u8 nss;
8400 	u8 sgi;
8401 	u8 ldpc;
8402 	int single_nss;
8403 	int ret;
8404 	int vht_num_rates, allow_pfr;
8405 	u8 vht_pfr;
8406 	bool update_bitrate_mask = true;
8407 
8408 	if (ath10k_mac_vif_chan(vif, &def))
8409 		return -EPERM;
8410 
8411 	band = def.chan->band;
8412 	ht_mcs_mask = mask->control[band].ht_mcs;
8413 	vht_mcs_mask = mask->control[band].vht_mcs;
8414 	ldpc = !!(ar->ht_cap_info & WMI_HT_CAP_LDPC);
8415 
8416 	sgi = mask->control[band].gi;
8417 	if (sgi == NL80211_TXRATE_FORCE_LGI)
8418 		return -EINVAL;
8419 
8420 	allow_pfr = test_bit(ATH10K_FW_FEATURE_PEER_FIXED_RATE,
8421 			     ar->normal_mode_fw.fw_file.fw_features);
8422 	if (allow_pfr) {
8423 		mutex_lock(&ar->conf_mutex);
8424 		ieee80211_iterate_stations_atomic(ar->hw,
8425 						  ath10k_mac_clr_bitrate_mask_iter,
8426 						  arvif);
8427 		mutex_unlock(&ar->conf_mutex);
8428 	}
8429 
8430 	if (ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
8431 						    &vht_num_rates)) {
8432 		ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8433 							      &rate, &nss,
8434 							      false);
8435 		if (ret) {
8436 			ath10k_warn(ar, "failed to get single rate for vdev %i: %d\n",
8437 				    arvif->vdev_id, ret);
8438 			return ret;
8439 		}
8440 	} else if (ath10k_mac_bitrate_mask_get_single_nss(ar, band, mask,
8441 							  &single_nss)) {
8442 		rate = WMI_FIXED_RATE_NONE;
8443 		nss = single_nss;
8444 	} else {
8445 		rate = WMI_FIXED_RATE_NONE;
8446 		nss = min(ar->num_rf_chains,
8447 			  max(ath10k_mac_max_ht_nss(ht_mcs_mask),
8448 			      ath10k_mac_max_vht_nss(vht_mcs_mask)));
8449 
8450 		if (!ath10k_mac_can_set_bitrate_mask(ar, band, mask,
8451 						     allow_pfr)) {
8452 			u8 vht_nss;
8453 
8454 			if (!allow_pfr || vht_num_rates != 1)
8455 				return -EINVAL;
8456 
8457 			/* Reach here, firmware supports peer fixed rate and has
8458 			 * single vht rate, and don't update vif birate_mask, as
8459 			 * the rate only for specific peer.
8460 			 */
8461 			ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8462 								&vht_pfr,
8463 								&vht_nss,
8464 								true);
8465 			update_bitrate_mask = false;
8466 		} else {
8467 			vht_pfr = 0;
8468 		}
8469 
8470 		mutex_lock(&ar->conf_mutex);
8471 
8472 		if (update_bitrate_mask)
8473 			arvif->bitrate_mask = *mask;
8474 		arvif->vht_num_rates = vht_num_rates;
8475 		arvif->vht_pfr = vht_pfr;
8476 		ieee80211_iterate_stations_atomic(ar->hw,
8477 						  ath10k_mac_set_bitrate_mask_iter,
8478 						  arvif);
8479 
8480 		mutex_unlock(&ar->conf_mutex);
8481 	}
8482 
8483 	mutex_lock(&ar->conf_mutex);
8484 
8485 	ret = ath10k_mac_set_fixed_rate_params(arvif, rate, nss, sgi, ldpc);
8486 	if (ret) {
8487 		ath10k_warn(ar, "failed to set fixed rate params on vdev %i: %d\n",
8488 			    arvif->vdev_id, ret);
8489 		goto exit;
8490 	}
8491 
8492 exit:
8493 	mutex_unlock(&ar->conf_mutex);
8494 
8495 	return ret;
8496 }
8497 
8498 static void ath10k_sta_rc_update(struct ieee80211_hw *hw,
8499 				 struct ieee80211_vif *vif,
8500 				 struct ieee80211_sta *sta,
8501 				 u32 changed)
8502 {
8503 	struct ath10k *ar = hw->priv;
8504 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8505 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8506 	struct ath10k_peer *peer;
8507 	u32 bw, smps;
8508 
8509 	spin_lock_bh(&ar->data_lock);
8510 
8511 	peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
8512 	if (!peer) {
8513 		spin_unlock_bh(&ar->data_lock);
8514 		ath10k_warn(ar, "mac sta rc update failed to find peer %pM on vdev %i\n",
8515 			    sta->addr, arvif->vdev_id);
8516 		return;
8517 	}
8518 
8519 	ath10k_dbg(ar, ATH10K_DBG_STA,
8520 		   "mac sta rc update for %pM changed %08x bw %d nss %d smps %d\n",
8521 		   sta->addr, changed, sta->deflink.bandwidth,
8522 		   sta->deflink.rx_nss,
8523 		   sta->smps_mode);
8524 
8525 	if (changed & IEEE80211_RC_BW_CHANGED) {
8526 		bw = WMI_PEER_CHWIDTH_20MHZ;
8527 
8528 		switch (sta->deflink.bandwidth) {
8529 		case IEEE80211_STA_RX_BW_20:
8530 			bw = WMI_PEER_CHWIDTH_20MHZ;
8531 			break;
8532 		case IEEE80211_STA_RX_BW_40:
8533 			bw = WMI_PEER_CHWIDTH_40MHZ;
8534 			break;
8535 		case IEEE80211_STA_RX_BW_80:
8536 			bw = WMI_PEER_CHWIDTH_80MHZ;
8537 			break;
8538 		case IEEE80211_STA_RX_BW_160:
8539 			bw = WMI_PEER_CHWIDTH_160MHZ;
8540 			break;
8541 		default:
8542 			ath10k_warn(ar, "Invalid bandwidth %d in rc update for %pM\n",
8543 				    sta->deflink.bandwidth, sta->addr);
8544 			bw = WMI_PEER_CHWIDTH_20MHZ;
8545 			break;
8546 		}
8547 
8548 		arsta->bw = bw;
8549 	}
8550 
8551 	if (changed & IEEE80211_RC_NSS_CHANGED)
8552 		arsta->nss = sta->deflink.rx_nss;
8553 
8554 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
8555 		smps = WMI_PEER_SMPS_PS_NONE;
8556 
8557 		switch (sta->smps_mode) {
8558 		case IEEE80211_SMPS_AUTOMATIC:
8559 		case IEEE80211_SMPS_OFF:
8560 			smps = WMI_PEER_SMPS_PS_NONE;
8561 			break;
8562 		case IEEE80211_SMPS_STATIC:
8563 			smps = WMI_PEER_SMPS_STATIC;
8564 			break;
8565 		case IEEE80211_SMPS_DYNAMIC:
8566 			smps = WMI_PEER_SMPS_DYNAMIC;
8567 			break;
8568 		case IEEE80211_SMPS_NUM_MODES:
8569 			ath10k_warn(ar, "Invalid smps %d in sta rc update for %pM\n",
8570 				    sta->smps_mode, sta->addr);
8571 			smps = WMI_PEER_SMPS_PS_NONE;
8572 			break;
8573 		}
8574 
8575 		arsta->smps = smps;
8576 	}
8577 
8578 	arsta->changed |= changed;
8579 
8580 	spin_unlock_bh(&ar->data_lock);
8581 
8582 	ieee80211_queue_work(hw, &arsta->update_wk);
8583 }
8584 
8585 static void ath10k_offset_tsf(struct ieee80211_hw *hw,
8586 			      struct ieee80211_vif *vif, s64 tsf_offset)
8587 {
8588 	struct ath10k *ar = hw->priv;
8589 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8590 	u32 offset, vdev_param;
8591 	int ret;
8592 
8593 	if (tsf_offset < 0) {
8594 		vdev_param = ar->wmi.vdev_param->dec_tsf;
8595 		offset = -tsf_offset;
8596 	} else {
8597 		vdev_param = ar->wmi.vdev_param->inc_tsf;
8598 		offset = tsf_offset;
8599 	}
8600 
8601 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
8602 					vdev_param, offset);
8603 
8604 	if (ret && ret != -EOPNOTSUPP)
8605 		ath10k_warn(ar, "failed to set tsf offset %d cmd %d: %d\n",
8606 			    offset, vdev_param, ret);
8607 }
8608 
8609 static int ath10k_ampdu_action(struct ieee80211_hw *hw,
8610 			       struct ieee80211_vif *vif,
8611 			       struct ieee80211_ampdu_params *params)
8612 {
8613 	struct ath10k *ar = hw->priv;
8614 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8615 	struct ieee80211_sta *sta = params->sta;
8616 	enum ieee80211_ampdu_mlme_action action = params->action;
8617 	u16 tid = params->tid;
8618 
8619 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ampdu vdev_id %i sta %pM tid %u action %d\n",
8620 		   arvif->vdev_id, sta->addr, tid, action);
8621 
8622 	switch (action) {
8623 	case IEEE80211_AMPDU_RX_START:
8624 	case IEEE80211_AMPDU_RX_STOP:
8625 		/* HTT AddBa/DelBa events trigger mac80211 Rx BA session
8626 		 * creation/removal. Do we need to verify this?
8627 		 */
8628 		return 0;
8629 	case IEEE80211_AMPDU_TX_START:
8630 	case IEEE80211_AMPDU_TX_STOP_CONT:
8631 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
8632 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
8633 	case IEEE80211_AMPDU_TX_OPERATIONAL:
8634 		/* Firmware offloads Tx aggregation entirely so deny mac80211
8635 		 * Tx aggregation requests.
8636 		 */
8637 		return -EOPNOTSUPP;
8638 	}
8639 
8640 	return -EINVAL;
8641 }
8642 
8643 static void
8644 ath10k_mac_update_rx_channel(struct ath10k *ar,
8645 			     struct ieee80211_chanctx_conf *ctx,
8646 			     struct ieee80211_vif_chanctx_switch *vifs,
8647 			     int n_vifs)
8648 {
8649 	struct cfg80211_chan_def *def = NULL;
8650 
8651 	/* Both locks are required because ar->rx_channel is modified. This
8652 	 * allows readers to hold either lock.
8653 	 */
8654 	lockdep_assert_held(&ar->conf_mutex);
8655 	lockdep_assert_held(&ar->data_lock);
8656 
8657 	WARN_ON(ctx && vifs);
8658 	WARN_ON(vifs && !n_vifs);
8659 
8660 	/* FIXME: Sort of an optimization and a workaround. Peers and vifs are
8661 	 * on a linked list now. Doing a lookup peer -> vif -> chanctx for each
8662 	 * ppdu on Rx may reduce performance on low-end systems. It should be
8663 	 * possible to make tables/hashmaps to speed the lookup up (be vary of
8664 	 * cpu data cache lines though regarding sizes) but to keep the initial
8665 	 * implementation simple and less intrusive fallback to the slow lookup
8666 	 * only for multi-channel cases. Single-channel cases will remain to
8667 	 * use the old channel derival and thus performance should not be
8668 	 * affected much.
8669 	 */
8670 	rcu_read_lock();
8671 	if (!ctx && ath10k_mac_num_chanctxs(ar) == 1) {
8672 		ieee80211_iter_chan_contexts_atomic(ar->hw,
8673 						    ath10k_mac_get_any_chandef_iter,
8674 						    &def);
8675 
8676 		if (vifs)
8677 			def = &vifs[0].new_ctx->def;
8678 
8679 		ar->rx_channel = def->chan;
8680 	} else if ((ctx && ath10k_mac_num_chanctxs(ar) == 0) ||
8681 		   (ctx && (ar->state == ATH10K_STATE_RESTARTED))) {
8682 		/* During driver restart due to firmware assert, since mac80211
8683 		 * already has valid channel context for given radio, channel
8684 		 * context iteration return num_chanctx > 0. So fix rx_channel
8685 		 * when restart is in progress.
8686 		 */
8687 		ar->rx_channel = ctx->def.chan;
8688 	} else {
8689 		ar->rx_channel = NULL;
8690 	}
8691 	rcu_read_unlock();
8692 }
8693 
8694 static void
8695 ath10k_mac_update_vif_chan(struct ath10k *ar,
8696 			   struct ieee80211_vif_chanctx_switch *vifs,
8697 			   int n_vifs)
8698 {
8699 	struct ath10k_vif *arvif;
8700 	int ret;
8701 	int i;
8702 
8703 	lockdep_assert_held(&ar->conf_mutex);
8704 
8705 	/* First stop monitor interface. Some FW versions crash if there's a
8706 	 * lone monitor interface.
8707 	 */
8708 	if (ar->monitor_started)
8709 		ath10k_monitor_stop(ar);
8710 
8711 	for (i = 0; i < n_vifs; i++) {
8712 		arvif = (void *)vifs[i].vif->drv_priv;
8713 
8714 		ath10k_dbg(ar, ATH10K_DBG_MAC,
8715 			   "mac chanctx switch vdev_id %i freq %u->%u width %d->%d\n",
8716 			   arvif->vdev_id,
8717 			   vifs[i].old_ctx->def.chan->center_freq,
8718 			   vifs[i].new_ctx->def.chan->center_freq,
8719 			   vifs[i].old_ctx->def.width,
8720 			   vifs[i].new_ctx->def.width);
8721 
8722 		if (WARN_ON(!arvif->is_started))
8723 			continue;
8724 
8725 		if (WARN_ON(!arvif->is_up))
8726 			continue;
8727 
8728 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
8729 		if (ret) {
8730 			ath10k_warn(ar, "failed to down vdev %d: %d\n",
8731 				    arvif->vdev_id, ret);
8732 			continue;
8733 		}
8734 	}
8735 
8736 	/* All relevant vdevs are downed and associated channel resources
8737 	 * should be available for the channel switch now.
8738 	 */
8739 
8740 	spin_lock_bh(&ar->data_lock);
8741 	ath10k_mac_update_rx_channel(ar, NULL, vifs, n_vifs);
8742 	spin_unlock_bh(&ar->data_lock);
8743 
8744 	for (i = 0; i < n_vifs; i++) {
8745 		arvif = (void *)vifs[i].vif->drv_priv;
8746 
8747 		if (WARN_ON(!arvif->is_started))
8748 			continue;
8749 
8750 		if (WARN_ON(!arvif->is_up))
8751 			continue;
8752 
8753 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
8754 		if (ret)
8755 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
8756 				    ret);
8757 
8758 		ret = ath10k_mac_setup_prb_tmpl(arvif);
8759 		if (ret)
8760 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
8761 				    ret);
8762 
8763 		ret = ath10k_vdev_restart(arvif, &vifs[i].new_ctx->def);
8764 		if (ret) {
8765 			ath10k_warn(ar, "failed to restart vdev %d: %d\n",
8766 				    arvif->vdev_id, ret);
8767 			continue;
8768 		}
8769 
8770 		ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
8771 					 arvif->bssid);
8772 		if (ret) {
8773 			ath10k_warn(ar, "failed to bring vdev up %d: %d\n",
8774 				    arvif->vdev_id, ret);
8775 			continue;
8776 		}
8777 	}
8778 
8779 	ath10k_monitor_recalc(ar);
8780 }
8781 
8782 static int
8783 ath10k_mac_op_add_chanctx(struct ieee80211_hw *hw,
8784 			  struct ieee80211_chanctx_conf *ctx)
8785 {
8786 	struct ath10k *ar = hw->priv;
8787 
8788 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8789 		   "mac chanctx add freq %u width %d ptr %pK\n",
8790 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8791 
8792 	mutex_lock(&ar->conf_mutex);
8793 
8794 	spin_lock_bh(&ar->data_lock);
8795 	ath10k_mac_update_rx_channel(ar, ctx, NULL, 0);
8796 	spin_unlock_bh(&ar->data_lock);
8797 
8798 	ath10k_recalc_radar_detection(ar);
8799 	ath10k_monitor_recalc(ar);
8800 
8801 	mutex_unlock(&ar->conf_mutex);
8802 
8803 	return 0;
8804 }
8805 
8806 static void
8807 ath10k_mac_op_remove_chanctx(struct ieee80211_hw *hw,
8808 			     struct ieee80211_chanctx_conf *ctx)
8809 {
8810 	struct ath10k *ar = hw->priv;
8811 
8812 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8813 		   "mac chanctx remove freq %u width %d ptr %pK\n",
8814 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8815 
8816 	mutex_lock(&ar->conf_mutex);
8817 
8818 	spin_lock_bh(&ar->data_lock);
8819 	ath10k_mac_update_rx_channel(ar, NULL, NULL, 0);
8820 	spin_unlock_bh(&ar->data_lock);
8821 
8822 	ath10k_recalc_radar_detection(ar);
8823 	ath10k_monitor_recalc(ar);
8824 
8825 	mutex_unlock(&ar->conf_mutex);
8826 }
8827 
8828 struct ath10k_mac_change_chanctx_arg {
8829 	struct ieee80211_chanctx_conf *ctx;
8830 	struct ieee80211_vif_chanctx_switch *vifs;
8831 	int n_vifs;
8832 	int next_vif;
8833 };
8834 
8835 static void
8836 ath10k_mac_change_chanctx_cnt_iter(void *data, u8 *mac,
8837 				   struct ieee80211_vif *vif)
8838 {
8839 	struct ath10k_mac_change_chanctx_arg *arg = data;
8840 
8841 	if (rcu_access_pointer(vif->bss_conf.chanctx_conf) != arg->ctx)
8842 		return;
8843 
8844 	arg->n_vifs++;
8845 }
8846 
8847 static void
8848 ath10k_mac_change_chanctx_fill_iter(void *data, u8 *mac,
8849 				    struct ieee80211_vif *vif)
8850 {
8851 	struct ath10k_mac_change_chanctx_arg *arg = data;
8852 	struct ieee80211_chanctx_conf *ctx;
8853 
8854 	ctx = rcu_access_pointer(vif->bss_conf.chanctx_conf);
8855 	if (ctx != arg->ctx)
8856 		return;
8857 
8858 	if (WARN_ON(arg->next_vif == arg->n_vifs))
8859 		return;
8860 
8861 	arg->vifs[arg->next_vif].vif = vif;
8862 	arg->vifs[arg->next_vif].old_ctx = ctx;
8863 	arg->vifs[arg->next_vif].new_ctx = ctx;
8864 	arg->next_vif++;
8865 }
8866 
8867 static void
8868 ath10k_mac_op_change_chanctx(struct ieee80211_hw *hw,
8869 			     struct ieee80211_chanctx_conf *ctx,
8870 			     u32 changed)
8871 {
8872 	struct ath10k *ar = hw->priv;
8873 	struct ath10k_mac_change_chanctx_arg arg = { .ctx = ctx };
8874 
8875 	mutex_lock(&ar->conf_mutex);
8876 
8877 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8878 		   "mac chanctx change freq %u width %d ptr %pK changed %x\n",
8879 		   ctx->def.chan->center_freq, ctx->def.width, ctx, changed);
8880 
8881 	/* This shouldn't really happen because channel switching should use
8882 	 * switch_vif_chanctx().
8883 	 */
8884 	if (WARN_ON(changed & IEEE80211_CHANCTX_CHANGE_CHANNEL))
8885 		goto unlock;
8886 
8887 	if (changed & IEEE80211_CHANCTX_CHANGE_WIDTH) {
8888 		ieee80211_iterate_active_interfaces_atomic(
8889 					hw,
8890 					ATH10K_ITER_NORMAL_FLAGS,
8891 					ath10k_mac_change_chanctx_cnt_iter,
8892 					&arg);
8893 		if (arg.n_vifs == 0)
8894 			goto radar;
8895 
8896 		arg.vifs = kcalloc(arg.n_vifs, sizeof(arg.vifs[0]),
8897 				   GFP_KERNEL);
8898 		if (!arg.vifs)
8899 			goto radar;
8900 
8901 		ieee80211_iterate_active_interfaces_atomic(
8902 					hw,
8903 					ATH10K_ITER_NORMAL_FLAGS,
8904 					ath10k_mac_change_chanctx_fill_iter,
8905 					&arg);
8906 		ath10k_mac_update_vif_chan(ar, arg.vifs, arg.n_vifs);
8907 		kfree(arg.vifs);
8908 	}
8909 
8910 radar:
8911 	ath10k_recalc_radar_detection(ar);
8912 
8913 	/* FIXME: How to configure Rx chains properly? */
8914 
8915 	/* No other actions are actually necessary. Firmware maintains channel
8916 	 * definitions per vdev internally and there's no host-side channel
8917 	 * context abstraction to configure, e.g. channel width.
8918 	 */
8919 
8920 unlock:
8921 	mutex_unlock(&ar->conf_mutex);
8922 }
8923 
8924 static int
8925 ath10k_mac_op_assign_vif_chanctx(struct ieee80211_hw *hw,
8926 				 struct ieee80211_vif *vif,
8927 				 struct ieee80211_bss_conf *link_conf,
8928 				 struct ieee80211_chanctx_conf *ctx)
8929 {
8930 	struct ath10k *ar = hw->priv;
8931 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8932 	int ret;
8933 
8934 	mutex_lock(&ar->conf_mutex);
8935 
8936 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8937 		   "mac chanctx assign ptr %pK vdev_id %i\n",
8938 		   ctx, arvif->vdev_id);
8939 
8940 	if (WARN_ON(arvif->is_started)) {
8941 		mutex_unlock(&ar->conf_mutex);
8942 		return -EBUSY;
8943 	}
8944 
8945 	ret = ath10k_vdev_start(arvif, &ctx->def);
8946 	if (ret) {
8947 		ath10k_warn(ar, "failed to start vdev %i addr %pM on freq %d: %d\n",
8948 			    arvif->vdev_id, vif->addr,
8949 			    ctx->def.chan->center_freq, ret);
8950 		goto err;
8951 	}
8952 
8953 	arvif->is_started = true;
8954 
8955 	ret = ath10k_mac_vif_setup_ps(arvif);
8956 	if (ret) {
8957 		ath10k_warn(ar, "failed to update vdev %i ps: %d\n",
8958 			    arvif->vdev_id, ret);
8959 		goto err_stop;
8960 	}
8961 
8962 	if (vif->type == NL80211_IFTYPE_MONITOR) {
8963 		ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, 0, vif->addr);
8964 		if (ret) {
8965 			ath10k_warn(ar, "failed to up monitor vdev %i: %d\n",
8966 				    arvif->vdev_id, ret);
8967 			goto err_stop;
8968 		}
8969 
8970 		arvif->is_up = true;
8971 	}
8972 
8973 	if (ath10k_mac_can_set_cts_prot(arvif)) {
8974 		ret = ath10k_mac_set_cts_prot(arvif);
8975 		if (ret)
8976 			ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
8977 				    arvif->vdev_id, ret);
8978 	}
8979 
8980 	if (ath10k_peer_stats_enabled(ar) &&
8981 	    ar->hw_params.tx_stats_over_pktlog) {
8982 		ar->pktlog_filter |= ATH10K_PKTLOG_PEER_STATS;
8983 		ret = ath10k_wmi_pdev_pktlog_enable(ar,
8984 						    ar->pktlog_filter);
8985 		if (ret) {
8986 			ath10k_warn(ar, "failed to enable pktlog %d\n", ret);
8987 			goto err_stop;
8988 		}
8989 	}
8990 
8991 	mutex_unlock(&ar->conf_mutex);
8992 	return 0;
8993 
8994 err_stop:
8995 	ath10k_vdev_stop(arvif);
8996 	arvif->is_started = false;
8997 	ath10k_mac_vif_setup_ps(arvif);
8998 
8999 err:
9000 	mutex_unlock(&ar->conf_mutex);
9001 	return ret;
9002 }
9003 
9004 static void
9005 ath10k_mac_op_unassign_vif_chanctx(struct ieee80211_hw *hw,
9006 				   struct ieee80211_vif *vif,
9007 				   struct ieee80211_bss_conf *link_conf,
9008 				   struct ieee80211_chanctx_conf *ctx)
9009 {
9010 	struct ath10k *ar = hw->priv;
9011 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9012 	int ret;
9013 
9014 	mutex_lock(&ar->conf_mutex);
9015 
9016 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9017 		   "mac chanctx unassign ptr %pK vdev_id %i\n",
9018 		   ctx, arvif->vdev_id);
9019 
9020 	WARN_ON(!arvif->is_started);
9021 
9022 	if (vif->type == NL80211_IFTYPE_MONITOR) {
9023 		WARN_ON(!arvif->is_up);
9024 
9025 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
9026 		if (ret)
9027 			ath10k_warn(ar, "failed to down monitor vdev %i: %d\n",
9028 				    arvif->vdev_id, ret);
9029 
9030 		arvif->is_up = false;
9031 	}
9032 
9033 	ret = ath10k_vdev_stop(arvif);
9034 	if (ret)
9035 		ath10k_warn(ar, "failed to stop vdev %i: %d\n",
9036 			    arvif->vdev_id, ret);
9037 
9038 	arvif->is_started = false;
9039 
9040 	mutex_unlock(&ar->conf_mutex);
9041 }
9042 
9043 static int
9044 ath10k_mac_op_switch_vif_chanctx(struct ieee80211_hw *hw,
9045 				 struct ieee80211_vif_chanctx_switch *vifs,
9046 				 int n_vifs,
9047 				 enum ieee80211_chanctx_switch_mode mode)
9048 {
9049 	struct ath10k *ar = hw->priv;
9050 
9051 	mutex_lock(&ar->conf_mutex);
9052 
9053 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9054 		   "mac chanctx switch n_vifs %d mode %d\n",
9055 		   n_vifs, mode);
9056 	ath10k_mac_update_vif_chan(ar, vifs, n_vifs);
9057 
9058 	mutex_unlock(&ar->conf_mutex);
9059 	return 0;
9060 }
9061 
9062 static void ath10k_mac_op_sta_pre_rcu_remove(struct ieee80211_hw *hw,
9063 					     struct ieee80211_vif *vif,
9064 					     struct ieee80211_sta *sta)
9065 {
9066 	struct ath10k *ar;
9067 	struct ath10k_peer *peer;
9068 
9069 	ar = hw->priv;
9070 
9071 	list_for_each_entry(peer, &ar->peers, list)
9072 		if (peer->sta == sta)
9073 			peer->removed = true;
9074 }
9075 
9076 /* HT MCS parameters with Nss = 1 */
9077 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss1[] = {
9078 	/* MCS  L20   L40   S20  S40 */
9079 	{0,  { 65,  135,  72,  150} },
9080 	{1,  { 130, 270,  144, 300} },
9081 	{2,  { 195, 405,  217, 450} },
9082 	{3,  { 260, 540,  289, 600} },
9083 	{4,  { 390, 810,  433, 900} },
9084 	{5,  { 520, 1080, 578, 1200} },
9085 	{6,  { 585, 1215, 650, 1350} },
9086 	{7,  { 650, 1350, 722, 1500} }
9087 };
9088 
9089 /* HT MCS parameters with Nss = 2 */
9090 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss2[] = {
9091 	/* MCS  L20    L40   S20   S40 */
9092 	{0,  {130,  270,  144,  300} },
9093 	{1,  {260,  540,  289,  600} },
9094 	{2,  {390,  810,  433,  900} },
9095 	{3,  {520,  1080, 578,  1200} },
9096 	{4,  {780,  1620, 867,  1800} },
9097 	{5,  {1040, 2160, 1156, 2400} },
9098 	{6,  {1170, 2430, 1300, 2700} },
9099 	{7,  {1300, 2700, 1444, 3000} }
9100 };
9101 
9102 /* MCS parameters with Nss = 1 */
9103 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss1[] = {
9104 	/* MCS  L80    S80     L40   S40    L20   S20 */
9105 	{0,  {293,  325},  {135,  150},  {65,   72} },
9106 	{1,  {585,  650},  {270,  300},  {130,  144} },
9107 	{2,  {878,  975},  {405,  450},  {195,  217} },
9108 	{3,  {1170, 1300}, {540,  600},  {260,  289} },
9109 	{4,  {1755, 1950}, {810,  900},  {390,  433} },
9110 	{5,  {2340, 2600}, {1080, 1200}, {520,  578} },
9111 	{6,  {2633, 2925}, {1215, 1350}, {585,  650} },
9112 	{7,  {2925, 3250}, {1350, 1500}, {650,  722} },
9113 	{8,  {3510, 3900}, {1620, 1800}, {780,  867} },
9114 	{9,  {3900, 4333}, {1800, 2000}, {780,  867} }
9115 };
9116 
9117 /*MCS parameters with Nss = 2 */
9118 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss2[] = {
9119 	/* MCS  L80    S80     L40   S40    L20   S20 */
9120 	{0,  {585,  650},  {270,  300},  {130,  144} },
9121 	{1,  {1170, 1300}, {540,  600},  {260,  289} },
9122 	{2,  {1755, 1950}, {810,  900},  {390,  433} },
9123 	{3,  {2340, 2600}, {1080, 1200}, {520,  578} },
9124 	{4,  {3510, 3900}, {1620, 1800}, {780,  867} },
9125 	{5,  {4680, 5200}, {2160, 2400}, {1040, 1156} },
9126 	{6,  {5265, 5850}, {2430, 2700}, {1170, 1300} },
9127 	{7,  {5850, 6500}, {2700, 3000}, {1300, 1444} },
9128 	{8,  {7020, 7800}, {3240, 3600}, {1560, 1733} },
9129 	{9,  {7800, 8667}, {3600, 4000}, {1560, 1733} }
9130 };
9131 
9132 static void ath10k_mac_get_rate_flags_ht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
9133 					 u8 *flags, u8 *bw)
9134 {
9135 	struct ath10k_index_ht_data_rate_type *mcs_rate;
9136 	u8 index;
9137 	size_t len_nss1 = ARRAY_SIZE(supported_ht_mcs_rate_nss1);
9138 	size_t len_nss2 = ARRAY_SIZE(supported_ht_mcs_rate_nss2);
9139 
9140 	if (mcs >= (len_nss1 + len_nss2)) {
9141 		ath10k_warn(ar, "not supported mcs %d in current rate table", mcs);
9142 		return;
9143 	}
9144 
9145 	mcs_rate = (struct ath10k_index_ht_data_rate_type *)
9146 		   ((nss == 1) ? &supported_ht_mcs_rate_nss1 :
9147 		   &supported_ht_mcs_rate_nss2);
9148 
9149 	if (mcs >= len_nss1)
9150 		index = mcs - len_nss1;
9151 	else
9152 		index = mcs;
9153 
9154 	if (rate == mcs_rate[index].supported_rate[0]) {
9155 		*bw = RATE_INFO_BW_20;
9156 	} else if (rate == mcs_rate[index].supported_rate[1]) {
9157 		*bw |= RATE_INFO_BW_40;
9158 	} else if (rate == mcs_rate[index].supported_rate[2]) {
9159 		*bw |= RATE_INFO_BW_20;
9160 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9161 	} else if (rate == mcs_rate[index].supported_rate[3]) {
9162 		*bw |= RATE_INFO_BW_40;
9163 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9164 	} else {
9165 		ath10k_warn(ar, "invalid ht params rate %d 100kbps nss %d mcs %d",
9166 			    rate, nss, mcs);
9167 	}
9168 }
9169 
9170 static void ath10k_mac_get_rate_flags_vht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
9171 					  u8 *flags, u8 *bw)
9172 {
9173 	struct ath10k_index_vht_data_rate_type *mcs_rate;
9174 
9175 	mcs_rate = (struct ath10k_index_vht_data_rate_type *)
9176 		   ((nss == 1) ? &supported_vht_mcs_rate_nss1 :
9177 		   &supported_vht_mcs_rate_nss2);
9178 
9179 	if (rate == mcs_rate[mcs].supported_VHT80_rate[0]) {
9180 		*bw = RATE_INFO_BW_80;
9181 	} else if (rate == mcs_rate[mcs].supported_VHT80_rate[1]) {
9182 		*bw = RATE_INFO_BW_80;
9183 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9184 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[0]) {
9185 		*bw = RATE_INFO_BW_40;
9186 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[1]) {
9187 		*bw = RATE_INFO_BW_40;
9188 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9189 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[0]) {
9190 		*bw = RATE_INFO_BW_20;
9191 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[1]) {
9192 		*bw = RATE_INFO_BW_20;
9193 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9194 	} else {
9195 		ath10k_warn(ar, "invalid vht params rate %d 100kbps nss %d mcs %d",
9196 			    rate, nss, mcs);
9197 	}
9198 }
9199 
9200 static void ath10k_mac_get_rate_flags(struct ath10k *ar, u32 rate,
9201 				      enum ath10k_phy_mode mode, u8 nss, u8 mcs,
9202 				      u8 *flags, u8 *bw)
9203 {
9204 	if (mode == ATH10K_PHY_MODE_HT) {
9205 		*flags = RATE_INFO_FLAGS_MCS;
9206 		ath10k_mac_get_rate_flags_ht(ar, rate, nss, mcs, flags, bw);
9207 	} else if (mode == ATH10K_PHY_MODE_VHT) {
9208 		*flags = RATE_INFO_FLAGS_VHT_MCS;
9209 		ath10k_mac_get_rate_flags_vht(ar, rate, nss, mcs, flags, bw);
9210 	}
9211 }
9212 
9213 static void ath10k_mac_parse_bitrate(struct ath10k *ar, u32 rate_code,
9214 				     u32 bitrate_kbps, struct rate_info *rate)
9215 {
9216 	enum ath10k_phy_mode mode = ATH10K_PHY_MODE_LEGACY;
9217 	enum wmi_rate_preamble preamble = WMI_TLV_GET_HW_RC_PREAM_V1(rate_code);
9218 	u8 nss = WMI_TLV_GET_HW_RC_NSS_V1(rate_code) + 1;
9219 	u8 mcs = WMI_TLV_GET_HW_RC_RATE_V1(rate_code);
9220 	u8 flags = 0, bw = 0;
9221 
9222 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac parse rate code 0x%x bitrate %d kbps\n",
9223 		   rate_code, bitrate_kbps);
9224 
9225 	if (preamble == WMI_RATE_PREAMBLE_HT)
9226 		mode = ATH10K_PHY_MODE_HT;
9227 	else if (preamble == WMI_RATE_PREAMBLE_VHT)
9228 		mode = ATH10K_PHY_MODE_VHT;
9229 
9230 	ath10k_mac_get_rate_flags(ar, bitrate_kbps / 100, mode, nss, mcs, &flags, &bw);
9231 
9232 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9233 		   "mac parse bitrate preamble %d mode %d nss %d mcs %d flags %x bw %d\n",
9234 		   preamble, mode, nss, mcs, flags, bw);
9235 
9236 	rate->flags = flags;
9237 	rate->bw = bw;
9238 	rate->legacy = bitrate_kbps / 100;
9239 	rate->nss = nss;
9240 	rate->mcs = mcs;
9241 }
9242 
9243 static void ath10k_mac_sta_get_peer_stats_info(struct ath10k *ar,
9244 					       struct ieee80211_sta *sta,
9245 					       struct station_info *sinfo)
9246 {
9247 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9248 	struct ath10k_peer *peer;
9249 	unsigned long time_left;
9250 	int ret;
9251 
9252 	if (!(ar->hw_params.supports_peer_stats_info &&
9253 	      arsta->arvif->vdev_type == WMI_VDEV_TYPE_STA))
9254 		return;
9255 
9256 	spin_lock_bh(&ar->data_lock);
9257 	peer = ath10k_peer_find(ar, arsta->arvif->vdev_id, sta->addr);
9258 	spin_unlock_bh(&ar->data_lock);
9259 	if (!peer)
9260 		return;
9261 
9262 	reinit_completion(&ar->peer_stats_info_complete);
9263 
9264 	ret = ath10k_wmi_request_peer_stats_info(ar,
9265 						 arsta->arvif->vdev_id,
9266 						 WMI_REQUEST_ONE_PEER_STATS_INFO,
9267 						 arsta->arvif->bssid,
9268 						 0);
9269 	if (ret && ret != -EOPNOTSUPP) {
9270 		ath10k_warn(ar, "could not request peer stats info: %d\n", ret);
9271 		return;
9272 	}
9273 
9274 	time_left = wait_for_completion_timeout(&ar->peer_stats_info_complete, 3 * HZ);
9275 	if (time_left == 0) {
9276 		ath10k_warn(ar, "timed out waiting peer stats info\n");
9277 		return;
9278 	}
9279 
9280 	if (arsta->rx_rate_code != 0 && arsta->rx_bitrate_kbps != 0) {
9281 		ath10k_mac_parse_bitrate(ar, arsta->rx_rate_code,
9282 					 arsta->rx_bitrate_kbps,
9283 					 &sinfo->rxrate);
9284 
9285 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
9286 		arsta->rx_rate_code = 0;
9287 		arsta->rx_bitrate_kbps = 0;
9288 	}
9289 
9290 	if (arsta->tx_rate_code != 0 && arsta->tx_bitrate_kbps != 0) {
9291 		ath10k_mac_parse_bitrate(ar, arsta->tx_rate_code,
9292 					 arsta->tx_bitrate_kbps,
9293 					 &sinfo->txrate);
9294 
9295 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9296 		arsta->tx_rate_code = 0;
9297 		arsta->tx_bitrate_kbps = 0;
9298 	}
9299 }
9300 
9301 static void ath10k_sta_statistics(struct ieee80211_hw *hw,
9302 				  struct ieee80211_vif *vif,
9303 				  struct ieee80211_sta *sta,
9304 				  struct station_info *sinfo)
9305 {
9306 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9307 	struct ath10k *ar = arsta->arvif->ar;
9308 
9309 	if (!ath10k_peer_stats_enabled(ar))
9310 		return;
9311 
9312 	mutex_lock(&ar->conf_mutex);
9313 	ath10k_debug_fw_stats_request(ar);
9314 	mutex_unlock(&ar->conf_mutex);
9315 
9316 	sinfo->rx_duration = arsta->rx_duration;
9317 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_DURATION);
9318 
9319 	if (arsta->txrate.legacy || arsta->txrate.nss) {
9320 		if (arsta->txrate.legacy) {
9321 			sinfo->txrate.legacy = arsta->txrate.legacy;
9322 		} else {
9323 			sinfo->txrate.mcs = arsta->txrate.mcs;
9324 			sinfo->txrate.nss = arsta->txrate.nss;
9325 			sinfo->txrate.bw = arsta->txrate.bw;
9326 		}
9327 		sinfo->txrate.flags = arsta->txrate.flags;
9328 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9329 	}
9330 
9331 	if (ar->htt.disable_tx_comp) {
9332 		sinfo->tx_failed = arsta->tx_failed;
9333 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
9334 	}
9335 
9336 	sinfo->tx_retries = arsta->tx_retries;
9337 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_RETRIES);
9338 
9339 	ath10k_mac_sta_get_peer_stats_info(ar, sta, sinfo);
9340 }
9341 
9342 static int ath10k_mac_op_set_tid_config(struct ieee80211_hw *hw,
9343 					struct ieee80211_vif *vif,
9344 					struct ieee80211_sta *sta,
9345 					struct cfg80211_tid_config *tid_config)
9346 {
9347 	struct ath10k *ar = hw->priv;
9348 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9349 	struct ath10k_mac_iter_tid_conf_data data = {};
9350 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
9351 	int ret, i;
9352 
9353 	mutex_lock(&ar->conf_mutex);
9354 	arg.vdev_id = arvif->vdev_id;
9355 
9356 	arvif->tids_rst = 0;
9357 	memset(arvif->tid_conf_changed, 0, sizeof(arvif->tid_conf_changed));
9358 
9359 	for (i = 0; i < tid_config->n_tid_conf; i++) {
9360 		ret = ath10k_mac_parse_tid_config(ar, sta, vif,
9361 						  &tid_config->tid_conf[i],
9362 						  &arg);
9363 		if (ret)
9364 			goto exit;
9365 	}
9366 
9367 	ret = 0;
9368 
9369 	if (sta)
9370 		goto exit;
9371 
9372 	arvif->tids_rst = 0;
9373 	data.curr_vif = vif;
9374 	data.ar = ar;
9375 
9376 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9377 					  &data);
9378 
9379 exit:
9380 	mutex_unlock(&ar->conf_mutex);
9381 	return ret;
9382 }
9383 
9384 static int ath10k_mac_op_reset_tid_config(struct ieee80211_hw *hw,
9385 					  struct ieee80211_vif *vif,
9386 					  struct ieee80211_sta *sta,
9387 					  u8 tids)
9388 {
9389 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9390 	struct ath10k_mac_iter_tid_conf_data data = {};
9391 	struct ath10k *ar = hw->priv;
9392 	int ret = 0;
9393 
9394 	mutex_lock(&ar->conf_mutex);
9395 
9396 	if (sta) {
9397 		arvif->tids_rst = 0;
9398 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif, tids);
9399 		goto exit;
9400 	}
9401 
9402 	arvif->tids_rst = tids;
9403 	data.curr_vif = vif;
9404 	data.ar = ar;
9405 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9406 					  &data);
9407 
9408 exit:
9409 	mutex_unlock(&ar->conf_mutex);
9410 	return ret;
9411 }
9412 
9413 static const struct ieee80211_ops ath10k_ops = {
9414 	.tx				= ath10k_mac_op_tx,
9415 	.wake_tx_queue			= ath10k_mac_op_wake_tx_queue,
9416 	.start				= ath10k_start,
9417 	.stop				= ath10k_stop,
9418 	.config				= ath10k_config,
9419 	.add_interface			= ath10k_add_interface,
9420 	.update_vif_offload		= ath10k_update_vif_offload,
9421 	.remove_interface		= ath10k_remove_interface,
9422 	.configure_filter		= ath10k_configure_filter,
9423 	.bss_info_changed		= ath10k_bss_info_changed,
9424 	.set_coverage_class		= ath10k_mac_op_set_coverage_class,
9425 	.hw_scan			= ath10k_hw_scan,
9426 	.cancel_hw_scan			= ath10k_cancel_hw_scan,
9427 	.set_key			= ath10k_set_key,
9428 	.set_default_unicast_key        = ath10k_set_default_unicast_key,
9429 	.sta_state			= ath10k_sta_state,
9430 	.sta_set_txpwr			= ath10k_sta_set_txpwr,
9431 	.conf_tx			= ath10k_conf_tx,
9432 	.remain_on_channel		= ath10k_remain_on_channel,
9433 	.cancel_remain_on_channel	= ath10k_cancel_remain_on_channel,
9434 	.set_rts_threshold		= ath10k_set_rts_threshold,
9435 	.set_frag_threshold		= ath10k_mac_op_set_frag_threshold,
9436 	.flush				= ath10k_flush,
9437 	.tx_last_beacon			= ath10k_tx_last_beacon,
9438 	.set_antenna			= ath10k_set_antenna,
9439 	.get_antenna			= ath10k_get_antenna,
9440 	.reconfig_complete		= ath10k_reconfig_complete,
9441 	.get_survey			= ath10k_get_survey,
9442 	.set_bitrate_mask		= ath10k_mac_op_set_bitrate_mask,
9443 	.sta_rc_update			= ath10k_sta_rc_update,
9444 	.offset_tsf			= ath10k_offset_tsf,
9445 	.ampdu_action			= ath10k_ampdu_action,
9446 	.get_et_sset_count		= ath10k_debug_get_et_sset_count,
9447 	.get_et_stats			= ath10k_debug_get_et_stats,
9448 	.get_et_strings			= ath10k_debug_get_et_strings,
9449 	.add_chanctx			= ath10k_mac_op_add_chanctx,
9450 	.remove_chanctx			= ath10k_mac_op_remove_chanctx,
9451 	.change_chanctx			= ath10k_mac_op_change_chanctx,
9452 	.assign_vif_chanctx		= ath10k_mac_op_assign_vif_chanctx,
9453 	.unassign_vif_chanctx		= ath10k_mac_op_unassign_vif_chanctx,
9454 	.switch_vif_chanctx		= ath10k_mac_op_switch_vif_chanctx,
9455 	.sta_pre_rcu_remove		= ath10k_mac_op_sta_pre_rcu_remove,
9456 	.sta_statistics			= ath10k_sta_statistics,
9457 	.set_tid_config			= ath10k_mac_op_set_tid_config,
9458 	.reset_tid_config		= ath10k_mac_op_reset_tid_config,
9459 
9460 	CFG80211_TESTMODE_CMD(ath10k_tm_cmd)
9461 
9462 #ifdef CONFIG_PM
9463 	.suspend			= ath10k_wow_op_suspend,
9464 	.resume				= ath10k_wow_op_resume,
9465 	.set_wakeup			= ath10k_wow_op_set_wakeup,
9466 #endif
9467 #ifdef CONFIG_MAC80211_DEBUGFS
9468 	.sta_add_debugfs		= ath10k_sta_add_debugfs,
9469 #endif
9470 	.set_sar_specs			= ath10k_mac_set_sar_specs,
9471 };
9472 
9473 #define CHAN2G(_channel, _freq, _flags) { \
9474 	.band			= NL80211_BAND_2GHZ, \
9475 	.hw_value		= (_channel), \
9476 	.center_freq		= (_freq), \
9477 	.flags			= (_flags), \
9478 	.max_antenna_gain	= 0, \
9479 	.max_power		= 30, \
9480 }
9481 
9482 #define CHAN5G(_channel, _freq, _flags) { \
9483 	.band			= NL80211_BAND_5GHZ, \
9484 	.hw_value		= (_channel), \
9485 	.center_freq		= (_freq), \
9486 	.flags			= (_flags), \
9487 	.max_antenna_gain	= 0, \
9488 	.max_power		= 30, \
9489 }
9490 
9491 static const struct ieee80211_channel ath10k_2ghz_channels[] = {
9492 	CHAN2G(1, 2412, 0),
9493 	CHAN2G(2, 2417, 0),
9494 	CHAN2G(3, 2422, 0),
9495 	CHAN2G(4, 2427, 0),
9496 	CHAN2G(5, 2432, 0),
9497 	CHAN2G(6, 2437, 0),
9498 	CHAN2G(7, 2442, 0),
9499 	CHAN2G(8, 2447, 0),
9500 	CHAN2G(9, 2452, 0),
9501 	CHAN2G(10, 2457, 0),
9502 	CHAN2G(11, 2462, 0),
9503 	CHAN2G(12, 2467, 0),
9504 	CHAN2G(13, 2472, 0),
9505 	CHAN2G(14, 2484, 0),
9506 };
9507 
9508 static const struct ieee80211_channel ath10k_5ghz_channels[] = {
9509 	CHAN5G(36, 5180, 0),
9510 	CHAN5G(40, 5200, 0),
9511 	CHAN5G(44, 5220, 0),
9512 	CHAN5G(48, 5240, 0),
9513 	CHAN5G(52, 5260, 0),
9514 	CHAN5G(56, 5280, 0),
9515 	CHAN5G(60, 5300, 0),
9516 	CHAN5G(64, 5320, 0),
9517 	CHAN5G(100, 5500, 0),
9518 	CHAN5G(104, 5520, 0),
9519 	CHAN5G(108, 5540, 0),
9520 	CHAN5G(112, 5560, 0),
9521 	CHAN5G(116, 5580, 0),
9522 	CHAN5G(120, 5600, 0),
9523 	CHAN5G(124, 5620, 0),
9524 	CHAN5G(128, 5640, 0),
9525 	CHAN5G(132, 5660, 0),
9526 	CHAN5G(136, 5680, 0),
9527 	CHAN5G(140, 5700, 0),
9528 	CHAN5G(144, 5720, 0),
9529 	CHAN5G(149, 5745, 0),
9530 	CHAN5G(153, 5765, 0),
9531 	CHAN5G(157, 5785, 0),
9532 	CHAN5G(161, 5805, 0),
9533 	CHAN5G(165, 5825, 0),
9534 	CHAN5G(169, 5845, 0),
9535 	CHAN5G(173, 5865, 0),
9536 	/* If you add more, you may need to change ATH10K_MAX_5G_CHAN */
9537 	/* And you will definitely need to change ATH10K_NUM_CHANS in core.h */
9538 };
9539 
9540 struct ath10k *ath10k_mac_create(size_t priv_size)
9541 {
9542 	struct ieee80211_hw *hw;
9543 	struct ieee80211_ops *ops;
9544 	struct ath10k *ar;
9545 
9546 	ops = kmemdup(&ath10k_ops, sizeof(ath10k_ops), GFP_KERNEL);
9547 	if (!ops)
9548 		return NULL;
9549 
9550 	hw = ieee80211_alloc_hw(sizeof(struct ath10k) + priv_size, ops);
9551 	if (!hw) {
9552 		kfree(ops);
9553 		return NULL;
9554 	}
9555 
9556 	ar = hw->priv;
9557 	ar->hw = hw;
9558 	ar->ops = ops;
9559 
9560 	return ar;
9561 }
9562 
9563 void ath10k_mac_destroy(struct ath10k *ar)
9564 {
9565 	struct ieee80211_ops *ops = ar->ops;
9566 
9567 	ieee80211_free_hw(ar->hw);
9568 	kfree(ops);
9569 }
9570 
9571 static const struct ieee80211_iface_limit ath10k_if_limits[] = {
9572 	{
9573 		.max	= 8,
9574 		.types	= BIT(NL80211_IFTYPE_STATION)
9575 			| BIT(NL80211_IFTYPE_P2P_CLIENT)
9576 	},
9577 	{
9578 		.max	= 3,
9579 		.types	= BIT(NL80211_IFTYPE_P2P_GO)
9580 	},
9581 	{
9582 		.max	= 1,
9583 		.types	= BIT(NL80211_IFTYPE_P2P_DEVICE)
9584 	},
9585 	{
9586 		.max	= 7,
9587 		.types	= BIT(NL80211_IFTYPE_AP)
9588 #ifdef CONFIG_MAC80211_MESH
9589 			| BIT(NL80211_IFTYPE_MESH_POINT)
9590 #endif
9591 	},
9592 };
9593 
9594 static const struct ieee80211_iface_limit ath10k_10x_if_limits[] = {
9595 	{
9596 		.max	= 8,
9597 		.types	= BIT(NL80211_IFTYPE_AP)
9598 #ifdef CONFIG_MAC80211_MESH
9599 			| BIT(NL80211_IFTYPE_MESH_POINT)
9600 #endif
9601 	},
9602 	{
9603 		.max	= 1,
9604 		.types	= BIT(NL80211_IFTYPE_STATION)
9605 	},
9606 };
9607 
9608 static const struct ieee80211_iface_combination ath10k_if_comb[] = {
9609 	{
9610 		.limits = ath10k_if_limits,
9611 		.n_limits = ARRAY_SIZE(ath10k_if_limits),
9612 		.max_interfaces = 8,
9613 		.num_different_channels = 1,
9614 		.beacon_int_infra_match = true,
9615 	},
9616 };
9617 
9618 static const struct ieee80211_iface_combination ath10k_10x_if_comb[] = {
9619 	{
9620 		.limits = ath10k_10x_if_limits,
9621 		.n_limits = ARRAY_SIZE(ath10k_10x_if_limits),
9622 		.max_interfaces = 8,
9623 		.num_different_channels = 1,
9624 		.beacon_int_infra_match = true,
9625 		.beacon_int_min_gcd = 1,
9626 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9627 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9628 					BIT(NL80211_CHAN_WIDTH_20) |
9629 					BIT(NL80211_CHAN_WIDTH_40) |
9630 					BIT(NL80211_CHAN_WIDTH_80),
9631 #endif
9632 	},
9633 };
9634 
9635 static const struct ieee80211_iface_limit ath10k_tlv_if_limit[] = {
9636 	{
9637 		.max = 2,
9638 		.types = BIT(NL80211_IFTYPE_STATION),
9639 	},
9640 	{
9641 		.max = 2,
9642 		.types = BIT(NL80211_IFTYPE_AP) |
9643 #ifdef CONFIG_MAC80211_MESH
9644 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9645 #endif
9646 			 BIT(NL80211_IFTYPE_P2P_CLIENT) |
9647 			 BIT(NL80211_IFTYPE_P2P_GO),
9648 	},
9649 	{
9650 		.max = 1,
9651 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9652 	},
9653 };
9654 
9655 static const struct ieee80211_iface_limit ath10k_tlv_qcs_if_limit[] = {
9656 	{
9657 		.max = 2,
9658 		.types = BIT(NL80211_IFTYPE_STATION),
9659 	},
9660 	{
9661 		.max = 2,
9662 		.types = BIT(NL80211_IFTYPE_P2P_CLIENT),
9663 	},
9664 	{
9665 		.max = 1,
9666 		.types = BIT(NL80211_IFTYPE_AP) |
9667 #ifdef CONFIG_MAC80211_MESH
9668 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9669 #endif
9670 			 BIT(NL80211_IFTYPE_P2P_GO),
9671 	},
9672 	{
9673 		.max = 1,
9674 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9675 	},
9676 };
9677 
9678 static const struct ieee80211_iface_limit ath10k_tlv_if_limit_ibss[] = {
9679 	{
9680 		.max = 1,
9681 		.types = BIT(NL80211_IFTYPE_STATION),
9682 	},
9683 	{
9684 		.max = 1,
9685 		.types = BIT(NL80211_IFTYPE_ADHOC),
9686 	},
9687 };
9688 
9689 /* FIXME: This is not thouroughly tested. These combinations may over- or
9690  * underestimate hw/fw capabilities.
9691  */
9692 static struct ieee80211_iface_combination ath10k_tlv_if_comb[] = {
9693 	{
9694 		.limits = ath10k_tlv_if_limit,
9695 		.num_different_channels = 1,
9696 		.max_interfaces = 4,
9697 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9698 	},
9699 	{
9700 		.limits = ath10k_tlv_if_limit_ibss,
9701 		.num_different_channels = 1,
9702 		.max_interfaces = 2,
9703 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9704 	},
9705 };
9706 
9707 static struct ieee80211_iface_combination ath10k_tlv_qcs_if_comb[] = {
9708 	{
9709 		.limits = ath10k_tlv_if_limit,
9710 		.num_different_channels = 1,
9711 		.max_interfaces = 4,
9712 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9713 	},
9714 	{
9715 		.limits = ath10k_tlv_qcs_if_limit,
9716 		.num_different_channels = 2,
9717 		.max_interfaces = 4,
9718 		.n_limits = ARRAY_SIZE(ath10k_tlv_qcs_if_limit),
9719 	},
9720 	{
9721 		.limits = ath10k_tlv_if_limit_ibss,
9722 		.num_different_channels = 1,
9723 		.max_interfaces = 2,
9724 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9725 	},
9726 };
9727 
9728 static const struct ieee80211_iface_limit ath10k_10_4_if_limits[] = {
9729 	{
9730 		.max = 1,
9731 		.types = BIT(NL80211_IFTYPE_STATION),
9732 	},
9733 	{
9734 		.max	= 16,
9735 		.types	= BIT(NL80211_IFTYPE_AP)
9736 #ifdef CONFIG_MAC80211_MESH
9737 			| BIT(NL80211_IFTYPE_MESH_POINT)
9738 #endif
9739 	},
9740 };
9741 
9742 static const struct ieee80211_iface_combination ath10k_10_4_if_comb[] = {
9743 	{
9744 		.limits = ath10k_10_4_if_limits,
9745 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9746 		.max_interfaces = 16,
9747 		.num_different_channels = 1,
9748 		.beacon_int_infra_match = true,
9749 		.beacon_int_min_gcd = 1,
9750 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9751 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9752 					BIT(NL80211_CHAN_WIDTH_20) |
9753 					BIT(NL80211_CHAN_WIDTH_40) |
9754 					BIT(NL80211_CHAN_WIDTH_80) |
9755 					BIT(NL80211_CHAN_WIDTH_80P80) |
9756 					BIT(NL80211_CHAN_WIDTH_160),
9757 #endif
9758 	},
9759 };
9760 
9761 static const struct
9762 ieee80211_iface_combination ath10k_10_4_bcn_int_if_comb[] = {
9763 	{
9764 		.limits = ath10k_10_4_if_limits,
9765 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9766 		.max_interfaces = 16,
9767 		.num_different_channels = 1,
9768 		.beacon_int_infra_match = true,
9769 		.beacon_int_min_gcd = 100,
9770 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9771 		.radar_detect_widths =  BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9772 					BIT(NL80211_CHAN_WIDTH_20) |
9773 					BIT(NL80211_CHAN_WIDTH_40) |
9774 					BIT(NL80211_CHAN_WIDTH_80) |
9775 					BIT(NL80211_CHAN_WIDTH_80P80) |
9776 					BIT(NL80211_CHAN_WIDTH_160),
9777 #endif
9778 	},
9779 };
9780 
9781 static void ath10k_get_arvif_iter(void *data, u8 *mac,
9782 				  struct ieee80211_vif *vif)
9783 {
9784 	struct ath10k_vif_iter *arvif_iter = data;
9785 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9786 
9787 	if (arvif->vdev_id == arvif_iter->vdev_id)
9788 		arvif_iter->arvif = arvif;
9789 }
9790 
9791 struct ath10k_vif *ath10k_get_arvif(struct ath10k *ar, u32 vdev_id)
9792 {
9793 	struct ath10k_vif_iter arvif_iter;
9794 
9795 	memset(&arvif_iter, 0, sizeof(struct ath10k_vif_iter));
9796 	arvif_iter.vdev_id = vdev_id;
9797 
9798 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
9799 						   ATH10K_ITER_RESUME_FLAGS,
9800 						   ath10k_get_arvif_iter,
9801 						   &arvif_iter);
9802 	if (!arvif_iter.arvif) {
9803 		ath10k_warn(ar, "No VIF found for vdev %d\n", vdev_id);
9804 		return NULL;
9805 	}
9806 
9807 	return arvif_iter.arvif;
9808 }
9809 
9810 #define WRD_METHOD "WRDD"
9811 #define WRDD_WIFI  (0x07)
9812 
9813 static u32 ath10k_mac_wrdd_get_mcc(struct ath10k *ar, union acpi_object *wrdd)
9814 {
9815 	union acpi_object *mcc_pkg;
9816 	union acpi_object *domain_type;
9817 	union acpi_object *mcc_value;
9818 	u32 i;
9819 
9820 	if (wrdd->type != ACPI_TYPE_PACKAGE ||
9821 	    wrdd->package.count < 2 ||
9822 	    wrdd->package.elements[0].type != ACPI_TYPE_INTEGER ||
9823 	    wrdd->package.elements[0].integer.value != 0) {
9824 		ath10k_warn(ar, "ignoring malformed/unsupported wrdd structure\n");
9825 		return 0;
9826 	}
9827 
9828 	for (i = 1; i < wrdd->package.count; ++i) {
9829 		mcc_pkg = &wrdd->package.elements[i];
9830 
9831 		if (mcc_pkg->type != ACPI_TYPE_PACKAGE)
9832 			continue;
9833 		if (mcc_pkg->package.count < 2)
9834 			continue;
9835 		if (mcc_pkg->package.elements[0].type != ACPI_TYPE_INTEGER ||
9836 		    mcc_pkg->package.elements[1].type != ACPI_TYPE_INTEGER)
9837 			continue;
9838 
9839 		domain_type = &mcc_pkg->package.elements[0];
9840 		if (domain_type->integer.value != WRDD_WIFI)
9841 			continue;
9842 
9843 		mcc_value = &mcc_pkg->package.elements[1];
9844 		return mcc_value->integer.value;
9845 	}
9846 	return 0;
9847 }
9848 
9849 static int ath10k_mac_get_wrdd_regulatory(struct ath10k *ar, u16 *rd)
9850 {
9851 	acpi_handle root_handle;
9852 	acpi_handle handle;
9853 	struct acpi_buffer wrdd = {ACPI_ALLOCATE_BUFFER, NULL};
9854 	acpi_status status;
9855 	u32 alpha2_code;
9856 	char alpha2[3];
9857 
9858 	root_handle = ACPI_HANDLE(ar->dev);
9859 	if (!root_handle)
9860 		return -EOPNOTSUPP;
9861 
9862 	status = acpi_get_handle(root_handle, (acpi_string)WRD_METHOD, &handle);
9863 	if (ACPI_FAILURE(status)) {
9864 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9865 			   "failed to get wrd method %d\n", status);
9866 		return -EIO;
9867 	}
9868 
9869 	status = acpi_evaluate_object(handle, NULL, NULL, &wrdd);
9870 	if (ACPI_FAILURE(status)) {
9871 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9872 			   "failed to call wrdc %d\n", status);
9873 		return -EIO;
9874 	}
9875 
9876 	alpha2_code = ath10k_mac_wrdd_get_mcc(ar, wrdd.pointer);
9877 	kfree(wrdd.pointer);
9878 	if (!alpha2_code)
9879 		return -EIO;
9880 
9881 	alpha2[0] = (alpha2_code >> 8) & 0xff;
9882 	alpha2[1] = (alpha2_code >> 0) & 0xff;
9883 	alpha2[2] = '\0';
9884 
9885 	ath10k_dbg(ar, ATH10K_DBG_BOOT,
9886 		   "regulatory hint from WRDD (alpha2-code): %s\n", alpha2);
9887 
9888 	*rd = ath_regd_find_country_by_name(alpha2);
9889 	if (*rd == 0xffff)
9890 		return -EIO;
9891 
9892 	*rd |= COUNTRY_ERD_FLAG;
9893 	return 0;
9894 }
9895 
9896 static int ath10k_mac_init_rd(struct ath10k *ar)
9897 {
9898 	int ret;
9899 	u16 rd;
9900 
9901 	ret = ath10k_mac_get_wrdd_regulatory(ar, &rd);
9902 	if (ret) {
9903 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9904 			   "fallback to eeprom programmed regulatory settings\n");
9905 		rd = ar->hw_eeprom_rd;
9906 	}
9907 
9908 	ar->ath_common.regulatory.current_rd = rd;
9909 	return 0;
9910 }
9911 
9912 int ath10k_mac_register(struct ath10k *ar)
9913 {
9914 	static const u32 cipher_suites[] = {
9915 		WLAN_CIPHER_SUITE_WEP40,
9916 		WLAN_CIPHER_SUITE_WEP104,
9917 		WLAN_CIPHER_SUITE_TKIP,
9918 		WLAN_CIPHER_SUITE_CCMP,
9919 
9920 		/* Do not add hardware supported ciphers before this line.
9921 		 * Allow software encryption for all chips. Don't forget to
9922 		 * update n_cipher_suites below.
9923 		 */
9924 		WLAN_CIPHER_SUITE_AES_CMAC,
9925 		WLAN_CIPHER_SUITE_BIP_CMAC_256,
9926 		WLAN_CIPHER_SUITE_BIP_GMAC_128,
9927 		WLAN_CIPHER_SUITE_BIP_GMAC_256,
9928 
9929 		/* Only QCA99x0 and QCA4019 varients support GCMP-128, GCMP-256
9930 		 * and CCMP-256 in hardware.
9931 		 */
9932 		WLAN_CIPHER_SUITE_GCMP,
9933 		WLAN_CIPHER_SUITE_GCMP_256,
9934 		WLAN_CIPHER_SUITE_CCMP_256,
9935 	};
9936 	struct ieee80211_supported_band *band;
9937 	void *channels;
9938 	int ret;
9939 
9940 	if (!is_valid_ether_addr(ar->mac_addr)) {
9941 		ath10k_warn(ar, "invalid MAC address; choosing random\n");
9942 		eth_random_addr(ar->mac_addr);
9943 	}
9944 	SET_IEEE80211_PERM_ADDR(ar->hw, ar->mac_addr);
9945 
9946 	SET_IEEE80211_DEV(ar->hw, ar->dev);
9947 
9948 	BUILD_BUG_ON((ARRAY_SIZE(ath10k_2ghz_channels) +
9949 		      ARRAY_SIZE(ath10k_5ghz_channels)) !=
9950 		     ATH10K_NUM_CHANS);
9951 
9952 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
9953 		channels = kmemdup(ath10k_2ghz_channels,
9954 				   sizeof(ath10k_2ghz_channels),
9955 				   GFP_KERNEL);
9956 		if (!channels) {
9957 			ret = -ENOMEM;
9958 			goto err_free;
9959 		}
9960 
9961 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
9962 		band->n_channels = ARRAY_SIZE(ath10k_2ghz_channels);
9963 		band->channels = channels;
9964 
9965 		if (ar->hw_params.cck_rate_map_rev2) {
9966 			band->n_bitrates = ath10k_g_rates_rev2_size;
9967 			band->bitrates = ath10k_g_rates_rev2;
9968 		} else {
9969 			band->n_bitrates = ath10k_g_rates_size;
9970 			band->bitrates = ath10k_g_rates;
9971 		}
9972 
9973 		ar->hw->wiphy->bands[NL80211_BAND_2GHZ] = band;
9974 	}
9975 
9976 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
9977 		channels = kmemdup(ath10k_5ghz_channels,
9978 				   sizeof(ath10k_5ghz_channels),
9979 				   GFP_KERNEL);
9980 		if (!channels) {
9981 			ret = -ENOMEM;
9982 			goto err_free;
9983 		}
9984 
9985 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
9986 		band->n_channels = ARRAY_SIZE(ath10k_5ghz_channels);
9987 		band->channels = channels;
9988 		band->n_bitrates = ath10k_a_rates_size;
9989 		band->bitrates = ath10k_a_rates;
9990 		ar->hw->wiphy->bands[NL80211_BAND_5GHZ] = band;
9991 	}
9992 
9993 	wiphy_read_of_freq_limits(ar->hw->wiphy);
9994 	ath10k_mac_setup_ht_vht_cap(ar);
9995 
9996 	ar->hw->wiphy->interface_modes =
9997 		BIT(NL80211_IFTYPE_STATION) |
9998 		BIT(NL80211_IFTYPE_AP) |
9999 		BIT(NL80211_IFTYPE_MESH_POINT);
10000 
10001 	ar->hw->wiphy->available_antennas_rx = ar->cfg_rx_chainmask;
10002 	ar->hw->wiphy->available_antennas_tx = ar->cfg_tx_chainmask;
10003 
10004 	if (!test_bit(ATH10K_FW_FEATURE_NO_P2P, ar->normal_mode_fw.fw_file.fw_features))
10005 		ar->hw->wiphy->interface_modes |=
10006 			BIT(NL80211_IFTYPE_P2P_DEVICE) |
10007 			BIT(NL80211_IFTYPE_P2P_CLIENT) |
10008 			BIT(NL80211_IFTYPE_P2P_GO);
10009 
10010 	ieee80211_hw_set(ar->hw, SIGNAL_DBM);
10011 
10012 	if (!test_bit(ATH10K_FW_FEATURE_NO_PS,
10013 		      ar->running_fw->fw_file.fw_features)) {
10014 		ieee80211_hw_set(ar->hw, SUPPORTS_PS);
10015 		ieee80211_hw_set(ar->hw, SUPPORTS_DYNAMIC_PS);
10016 	}
10017 
10018 	ieee80211_hw_set(ar->hw, MFP_CAPABLE);
10019 	ieee80211_hw_set(ar->hw, REPORTS_TX_ACK_STATUS);
10020 	ieee80211_hw_set(ar->hw, HAS_RATE_CONTROL);
10021 	ieee80211_hw_set(ar->hw, AP_LINK_PS);
10022 	ieee80211_hw_set(ar->hw, SPECTRUM_MGMT);
10023 	ieee80211_hw_set(ar->hw, SUPPORT_FAST_XMIT);
10024 	ieee80211_hw_set(ar->hw, CONNECTION_MONITOR);
10025 	ieee80211_hw_set(ar->hw, SUPPORTS_PER_STA_GTK);
10026 	ieee80211_hw_set(ar->hw, WANT_MONITOR_VIF);
10027 	ieee80211_hw_set(ar->hw, CHANCTX_STA_CSA);
10028 	ieee80211_hw_set(ar->hw, QUEUE_CONTROL);
10029 	ieee80211_hw_set(ar->hw, SUPPORTS_TX_FRAG);
10030 	ieee80211_hw_set(ar->hw, REPORTS_LOW_ACK);
10031 
10032 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
10033 		ieee80211_hw_set(ar->hw, SW_CRYPTO_CONTROL);
10034 
10035 	ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
10036 	ar->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
10037 
10038 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS)
10039 		ar->hw->wiphy->features |= NL80211_FEATURE_DYNAMIC_SMPS;
10040 
10041 	if (ar->ht_cap_info & WMI_HT_CAP_ENABLED) {
10042 		ieee80211_hw_set(ar->hw, AMPDU_AGGREGATION);
10043 		ieee80211_hw_set(ar->hw, TX_AMPDU_SETUP_IN_HW);
10044 	}
10045 
10046 	ar->hw->wiphy->max_scan_ssids = WLAN_SCAN_PARAMS_MAX_SSID;
10047 	ar->hw->wiphy->max_scan_ie_len = WLAN_SCAN_PARAMS_MAX_IE_LEN;
10048 
10049 	if (test_bit(WMI_SERVICE_NLO, ar->wmi.svc_map)) {
10050 		ar->hw->wiphy->max_sched_scan_ssids = WMI_PNO_MAX_SUPP_NETWORKS;
10051 		ar->hw->wiphy->max_match_sets = WMI_PNO_MAX_SUPP_NETWORKS;
10052 		ar->hw->wiphy->max_sched_scan_ie_len = WMI_PNO_MAX_IE_LENGTH;
10053 		ar->hw->wiphy->max_sched_scan_plans = WMI_PNO_MAX_SCHED_SCAN_PLANS;
10054 		ar->hw->wiphy->max_sched_scan_plan_interval =
10055 			WMI_PNO_MAX_SCHED_SCAN_PLAN_INT;
10056 		ar->hw->wiphy->max_sched_scan_plan_iterations =
10057 			WMI_PNO_MAX_SCHED_SCAN_PLAN_ITRNS;
10058 		ar->hw->wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
10059 	}
10060 
10061 	ar->hw->vif_data_size = sizeof(struct ath10k_vif);
10062 	ar->hw->sta_data_size = sizeof(struct ath10k_sta);
10063 	ar->hw->txq_data_size = sizeof(struct ath10k_txq);
10064 
10065 	ar->hw->max_listen_interval = ATH10K_MAX_HW_LISTEN_INTERVAL;
10066 
10067 	if (test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)) {
10068 		ar->hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
10069 
10070 		/* Firmware delivers WPS/P2P Probe Requests frames to driver so
10071 		 * that userspace (e.g. wpa_supplicant/hostapd) can generate
10072 		 * correct Probe Responses. This is more of a hack advert..
10073 		 */
10074 		ar->hw->wiphy->probe_resp_offload |=
10075 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS |
10076 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2 |
10077 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
10078 	}
10079 
10080 	if (test_bit(WMI_SERVICE_TDLS, ar->wmi.svc_map) ||
10081 	    test_bit(WMI_SERVICE_TDLS_EXPLICIT_MODE_ONLY, ar->wmi.svc_map)) {
10082 		ar->hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
10083 		if (test_bit(WMI_SERVICE_TDLS_WIDER_BANDWIDTH, ar->wmi.svc_map))
10084 			ieee80211_hw_set(ar->hw, TDLS_WIDER_BW);
10085 	}
10086 
10087 	if (test_bit(WMI_SERVICE_TDLS_UAPSD_BUFFER_STA, ar->wmi.svc_map))
10088 		ieee80211_hw_set(ar->hw, SUPPORTS_TDLS_BUFFER_STA);
10089 
10090 	if (ath10k_frame_mode == ATH10K_HW_TXRX_ETHERNET) {
10091 		if (ar->wmi.vdev_param->tx_encap_type !=
10092 		    WMI_VDEV_PARAM_UNSUPPORTED)
10093 			ieee80211_hw_set(ar->hw, SUPPORTS_TX_ENCAP_OFFLOAD);
10094 	}
10095 
10096 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
10097 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
10098 	ar->hw->wiphy->max_remain_on_channel_duration = 5000;
10099 
10100 	ar->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
10101 	ar->hw->wiphy->features |= NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
10102 				   NL80211_FEATURE_AP_SCAN;
10103 
10104 	ar->hw->wiphy->max_ap_assoc_sta = ar->max_num_stations;
10105 
10106 	ret = ath10k_wow_init(ar);
10107 	if (ret) {
10108 		ath10k_warn(ar, "failed to init wow: %d\n", ret);
10109 		goto err_free;
10110 	}
10111 
10112 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
10113 	wiphy_ext_feature_set(ar->hw->wiphy,
10114 			      NL80211_EXT_FEATURE_SET_SCAN_DWELL);
10115 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_AQL);
10116 
10117 	if (test_bit(WMI_SERVICE_TX_DATA_ACK_RSSI, ar->wmi.svc_map) ||
10118 	    test_bit(WMI_SERVICE_HTT_MGMT_TX_COMP_VALID_FLAGS, ar->wmi.svc_map))
10119 		wiphy_ext_feature_set(ar->hw->wiphy,
10120 				      NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT);
10121 
10122 	if (ath10k_peer_stats_enabled(ar) ||
10123 	    test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
10124 		wiphy_ext_feature_set(ar->hw->wiphy,
10125 				      NL80211_EXT_FEATURE_AIRTIME_FAIRNESS);
10126 
10127 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map))
10128 		wiphy_ext_feature_set(ar->hw->wiphy,
10129 				      NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER);
10130 
10131 	if (test_bit(WMI_SERVICE_TX_PWR_PER_PEER, ar->wmi.svc_map))
10132 		wiphy_ext_feature_set(ar->hw->wiphy,
10133 				      NL80211_EXT_FEATURE_STA_TX_PWR);
10134 
10135 	if (test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map)) {
10136 		ar->hw->wiphy->tid_config_support.vif |=
10137 				BIT(NL80211_TID_CONFIG_ATTR_NOACK) |
10138 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_SHORT) |
10139 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG) |
10140 				BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL) |
10141 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
10142 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE);
10143 
10144 		if (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
10145 			     ar->wmi.svc_map)) {
10146 			ar->hw->wiphy->tid_config_support.vif |=
10147 				BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL);
10148 		}
10149 
10150 		ar->hw->wiphy->tid_config_support.peer =
10151 				ar->hw->wiphy->tid_config_support.vif;
10152 		ar->hw->wiphy->max_data_retry_count = ATH10K_MAX_RETRY_COUNT;
10153 	} else {
10154 		ar->ops->set_tid_config = NULL;
10155 	}
10156 	/*
10157 	 * on LL hardware queues are managed entirely by the FW
10158 	 * so we only advertise to mac we can do the queues thing
10159 	 */
10160 	ar->hw->queues = IEEE80211_MAX_QUEUES;
10161 
10162 	/* vdev_ids are used as hw queue numbers. Make sure offchan tx queue is
10163 	 * something that vdev_ids can't reach so that we don't stop the queue
10164 	 * accidentally.
10165 	 */
10166 	ar->hw->offchannel_tx_hw_queue = IEEE80211_MAX_QUEUES - 1;
10167 
10168 	switch (ar->running_fw->fw_file.wmi_op_version) {
10169 	case ATH10K_FW_WMI_OP_VERSION_MAIN:
10170 		ar->hw->wiphy->iface_combinations = ath10k_if_comb;
10171 		ar->hw->wiphy->n_iface_combinations =
10172 			ARRAY_SIZE(ath10k_if_comb);
10173 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
10174 		break;
10175 	case ATH10K_FW_WMI_OP_VERSION_TLV:
10176 		if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
10177 			ar->hw->wiphy->iface_combinations =
10178 				ath10k_tlv_qcs_if_comb;
10179 			ar->hw->wiphy->n_iface_combinations =
10180 				ARRAY_SIZE(ath10k_tlv_qcs_if_comb);
10181 		} else {
10182 			ar->hw->wiphy->iface_combinations = ath10k_tlv_if_comb;
10183 			ar->hw->wiphy->n_iface_combinations =
10184 				ARRAY_SIZE(ath10k_tlv_if_comb);
10185 		}
10186 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
10187 		break;
10188 	case ATH10K_FW_WMI_OP_VERSION_10_1:
10189 	case ATH10K_FW_WMI_OP_VERSION_10_2:
10190 	case ATH10K_FW_WMI_OP_VERSION_10_2_4:
10191 		ar->hw->wiphy->iface_combinations = ath10k_10x_if_comb;
10192 		ar->hw->wiphy->n_iface_combinations =
10193 			ARRAY_SIZE(ath10k_10x_if_comb);
10194 		break;
10195 	case ATH10K_FW_WMI_OP_VERSION_10_4:
10196 		ar->hw->wiphy->iface_combinations = ath10k_10_4_if_comb;
10197 		ar->hw->wiphy->n_iface_combinations =
10198 			ARRAY_SIZE(ath10k_10_4_if_comb);
10199 		if (test_bit(WMI_SERVICE_VDEV_DIFFERENT_BEACON_INTERVAL_SUPPORT,
10200 			     ar->wmi.svc_map)) {
10201 			ar->hw->wiphy->iface_combinations =
10202 				ath10k_10_4_bcn_int_if_comb;
10203 			ar->hw->wiphy->n_iface_combinations =
10204 				ARRAY_SIZE(ath10k_10_4_bcn_int_if_comb);
10205 		}
10206 		break;
10207 	case ATH10K_FW_WMI_OP_VERSION_UNSET:
10208 	case ATH10K_FW_WMI_OP_VERSION_MAX:
10209 		WARN_ON(1);
10210 		ret = -EINVAL;
10211 		goto err_free;
10212 	}
10213 
10214 	if (ar->hw_params.dynamic_sar_support)
10215 		ar->hw->wiphy->sar_capa = &ath10k_sar_capa;
10216 
10217 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
10218 		ar->hw->netdev_features = NETIF_F_HW_CSUM;
10219 
10220 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED)) {
10221 		/* Init ath dfs pattern detector */
10222 		ar->ath_common.debug_mask = ATH_DBG_DFS;
10223 		ar->dfs_detector = dfs_pattern_detector_init(&ar->ath_common,
10224 							     NL80211_DFS_UNSET);
10225 
10226 		if (!ar->dfs_detector)
10227 			ath10k_warn(ar, "failed to initialise DFS pattern detector\n");
10228 	}
10229 
10230 	ret = ath10k_mac_init_rd(ar);
10231 	if (ret) {
10232 		ath10k_err(ar, "failed to derive regdom: %d\n", ret);
10233 		goto err_dfs_detector_exit;
10234 	}
10235 
10236 	/* Disable set_coverage_class for chipsets that do not support it. */
10237 	if (!ar->hw_params.hw_ops->set_coverage_class)
10238 		ar->ops->set_coverage_class = NULL;
10239 
10240 	ret = ath_regd_init(&ar->ath_common.regulatory, ar->hw->wiphy,
10241 			    ath10k_reg_notifier);
10242 	if (ret) {
10243 		ath10k_err(ar, "failed to initialise regulatory: %i\n", ret);
10244 		goto err_dfs_detector_exit;
10245 	}
10246 
10247 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
10248 		ar->hw->wiphy->features |=
10249 			NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
10250 	}
10251 
10252 	ar->hw->wiphy->cipher_suites = cipher_suites;
10253 
10254 	/* QCA988x and QCA6174 family chips do not support CCMP-256, GCMP-128
10255 	 * and GCMP-256 ciphers in hardware. Fetch number of ciphers supported
10256 	 * from chip specific hw_param table.
10257 	 */
10258 	if (!ar->hw_params.n_cipher_suites ||
10259 	    ar->hw_params.n_cipher_suites > ARRAY_SIZE(cipher_suites)) {
10260 		ath10k_err(ar, "invalid hw_params.n_cipher_suites %d\n",
10261 			   ar->hw_params.n_cipher_suites);
10262 		ar->hw_params.n_cipher_suites = 8;
10263 	}
10264 	ar->hw->wiphy->n_cipher_suites = ar->hw_params.n_cipher_suites;
10265 
10266 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
10267 
10268 	ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER;
10269 
10270 	ret = ieee80211_register_hw(ar->hw);
10271 	if (ret) {
10272 		ath10k_err(ar, "failed to register ieee80211: %d\n", ret);
10273 		goto err_dfs_detector_exit;
10274 	}
10275 
10276 	if (test_bit(WMI_SERVICE_PER_PACKET_SW_ENCRYPT, ar->wmi.svc_map)) {
10277 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN);
10278 		ar->hw->wiphy->software_iftypes |= BIT(NL80211_IFTYPE_AP_VLAN);
10279 	}
10280 
10281 	if (!ath_is_world_regd(&ar->ath_common.reg_world_copy) &&
10282 	    !ath_is_world_regd(&ar->ath_common.regulatory)) {
10283 		ret = regulatory_hint(ar->hw->wiphy,
10284 				      ar->ath_common.regulatory.alpha2);
10285 		if (ret)
10286 			goto err_unregister;
10287 	}
10288 
10289 	return 0;
10290 
10291 err_unregister:
10292 	ieee80211_unregister_hw(ar->hw);
10293 
10294 err_dfs_detector_exit:
10295 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10296 		ar->dfs_detector->exit(ar->dfs_detector);
10297 
10298 err_free:
10299 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10300 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10301 
10302 	SET_IEEE80211_DEV(ar->hw, NULL);
10303 	return ret;
10304 }
10305 
10306 void ath10k_mac_unregister(struct ath10k *ar)
10307 {
10308 	ieee80211_unregister_hw(ar->hw);
10309 
10310 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10311 		ar->dfs_detector->exit(ar->dfs_detector);
10312 
10313 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10314 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10315 
10316 	SET_IEEE80211_DEV(ar->hw, NULL);
10317 }
10318