xref: /openbmc/linux/drivers/net/wireless/ath/ath10k/mac.c (revision b4e18b29) 
1 // SPDX-License-Identifier: ISC
2 /*
3  * Copyright (c) 2005-2011 Atheros Communications Inc.
4  * Copyright (c) 2011-2017 Qualcomm Atheros, Inc.
5  * Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
6  */
7 
8 #include "mac.h"
9 
10 #include <net/cfg80211.h>
11 #include <net/mac80211.h>
12 #include <linux/etherdevice.h>
13 #include <linux/acpi.h>
14 #include <linux/of.h>
15 #include <linux/bitfield.h>
16 
17 #include "hif.h"
18 #include "core.h"
19 #include "debug.h"
20 #include "wmi.h"
21 #include "htt.h"
22 #include "txrx.h"
23 #include "testmode.h"
24 #include "wmi-tlv.h"
25 #include "wmi-ops.h"
26 #include "wow.h"
27 
28 /*********/
29 /* Rates */
30 /*********/
31 
32 static struct ieee80211_rate ath10k_rates[] = {
33 	{ .bitrate = 10,
34 	  .hw_value = ATH10K_HW_RATE_CCK_LP_1M },
35 	{ .bitrate = 20,
36 	  .hw_value = ATH10K_HW_RATE_CCK_LP_2M,
37 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_2M,
38 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
39 	{ .bitrate = 55,
40 	  .hw_value = ATH10K_HW_RATE_CCK_LP_5_5M,
41 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_5_5M,
42 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
43 	{ .bitrate = 110,
44 	  .hw_value = ATH10K_HW_RATE_CCK_LP_11M,
45 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_11M,
46 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
47 
48 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
49 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
50 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
51 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
52 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
53 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
54 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
55 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
56 };
57 
58 static struct ieee80211_rate ath10k_rates_rev2[] = {
59 	{ .bitrate = 10,
60 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_1M },
61 	{ .bitrate = 20,
62 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_2M,
63 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_2M,
64 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
65 	{ .bitrate = 55,
66 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_5_5M,
67 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_5_5M,
68 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
69 	{ .bitrate = 110,
70 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_11M,
71 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_11M,
72 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
73 
74 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
75 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
76 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
77 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
78 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
79 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
80 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
81 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
82 };
83 
84 #define ATH10K_MAC_FIRST_OFDM_RATE_IDX 4
85 
86 #define ath10k_a_rates (ath10k_rates + ATH10K_MAC_FIRST_OFDM_RATE_IDX)
87 #define ath10k_a_rates_size (ARRAY_SIZE(ath10k_rates) - \
88 			     ATH10K_MAC_FIRST_OFDM_RATE_IDX)
89 #define ath10k_g_rates (ath10k_rates + 0)
90 #define ath10k_g_rates_size (ARRAY_SIZE(ath10k_rates))
91 
92 #define ath10k_g_rates_rev2 (ath10k_rates_rev2 + 0)
93 #define ath10k_g_rates_rev2_size (ARRAY_SIZE(ath10k_rates_rev2))
94 
95 #define ath10k_wmi_legacy_rates ath10k_rates
96 
97 static bool ath10k_mac_bitrate_is_cck(int bitrate)
98 {
99 	switch (bitrate) {
100 	case 10:
101 	case 20:
102 	case 55:
103 	case 110:
104 		return true;
105 	}
106 
107 	return false;
108 }
109 
110 static u8 ath10k_mac_bitrate_to_rate(int bitrate)
111 {
112 	return DIV_ROUND_UP(bitrate, 5) |
113 	       (ath10k_mac_bitrate_is_cck(bitrate) ? BIT(7) : 0);
114 }
115 
116 u8 ath10k_mac_hw_rate_to_idx(const struct ieee80211_supported_band *sband,
117 			     u8 hw_rate, bool cck)
118 {
119 	const struct ieee80211_rate *rate;
120 	int i;
121 
122 	for (i = 0; i < sband->n_bitrates; i++) {
123 		rate = &sband->bitrates[i];
124 
125 		if (ath10k_mac_bitrate_is_cck(rate->bitrate) != cck)
126 			continue;
127 
128 		if (rate->hw_value == hw_rate)
129 			return i;
130 		else if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE &&
131 			 rate->hw_value_short == hw_rate)
132 			return i;
133 	}
134 
135 	return 0;
136 }
137 
138 u8 ath10k_mac_bitrate_to_idx(const struct ieee80211_supported_band *sband,
139 			     u32 bitrate)
140 {
141 	int i;
142 
143 	for (i = 0; i < sband->n_bitrates; i++)
144 		if (sband->bitrates[i].bitrate == bitrate)
145 			return i;
146 
147 	return 0;
148 }
149 
150 static int ath10k_mac_get_rate_hw_value(int bitrate)
151 {
152 	int i;
153 	u8 hw_value_prefix = 0;
154 
155 	if (ath10k_mac_bitrate_is_cck(bitrate))
156 		hw_value_prefix = WMI_RATE_PREAMBLE_CCK << 6;
157 
158 	for (i = 0; i < ARRAY_SIZE(ath10k_rates); i++) {
159 		if (ath10k_rates[i].bitrate == bitrate)
160 			return hw_value_prefix | ath10k_rates[i].hw_value;
161 	}
162 
163 	return -EINVAL;
164 }
165 
166 static int ath10k_mac_get_max_vht_mcs_map(u16 mcs_map, int nss)
167 {
168 	switch ((mcs_map >> (2 * nss)) & 0x3) {
169 	case IEEE80211_VHT_MCS_SUPPORT_0_7: return BIT(8) - 1;
170 	case IEEE80211_VHT_MCS_SUPPORT_0_8: return BIT(9) - 1;
171 	case IEEE80211_VHT_MCS_SUPPORT_0_9: return BIT(10) - 1;
172 	}
173 	return 0;
174 }
175 
176 static u32
177 ath10k_mac_max_ht_nss(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
178 {
179 	int nss;
180 
181 	for (nss = IEEE80211_HT_MCS_MASK_LEN - 1; nss >= 0; nss--)
182 		if (ht_mcs_mask[nss])
183 			return nss + 1;
184 
185 	return 1;
186 }
187 
188 static u32
189 ath10k_mac_max_vht_nss(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
190 {
191 	int nss;
192 
193 	for (nss = NL80211_VHT_NSS_MAX - 1; nss >= 0; nss--)
194 		if (vht_mcs_mask[nss])
195 			return nss + 1;
196 
197 	return 1;
198 }
199 
200 int ath10k_mac_ext_resource_config(struct ath10k *ar, u32 val)
201 {
202 	enum wmi_host_platform_type platform_type;
203 	int ret;
204 
205 	if (test_bit(WMI_SERVICE_TX_MODE_DYNAMIC, ar->wmi.svc_map))
206 		platform_type = WMI_HOST_PLATFORM_LOW_PERF;
207 	else
208 		platform_type = WMI_HOST_PLATFORM_HIGH_PERF;
209 
210 	ret = ath10k_wmi_ext_resource_config(ar, platform_type, val);
211 
212 	if (ret && ret != -EOPNOTSUPP) {
213 		ath10k_warn(ar, "failed to configure ext resource: %d\n", ret);
214 		return ret;
215 	}
216 
217 	return 0;
218 }
219 
220 /**********/
221 /* Crypto */
222 /**********/
223 
224 static int ath10k_send_key(struct ath10k_vif *arvif,
225 			   struct ieee80211_key_conf *key,
226 			   enum set_key_cmd cmd,
227 			   const u8 *macaddr, u32 flags)
228 {
229 	struct ath10k *ar = arvif->ar;
230 	struct wmi_vdev_install_key_arg arg = {
231 		.vdev_id = arvif->vdev_id,
232 		.key_idx = key->keyidx,
233 		.key_len = key->keylen,
234 		.key_data = key->key,
235 		.key_flags = flags,
236 		.macaddr = macaddr,
237 	};
238 
239 	lockdep_assert_held(&arvif->ar->conf_mutex);
240 
241 	switch (key->cipher) {
242 	case WLAN_CIPHER_SUITE_CCMP:
243 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
244 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
245 		break;
246 	case WLAN_CIPHER_SUITE_TKIP:
247 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_TKIP];
248 		arg.key_txmic_len = 8;
249 		arg.key_rxmic_len = 8;
250 		break;
251 	case WLAN_CIPHER_SUITE_WEP40:
252 	case WLAN_CIPHER_SUITE_WEP104:
253 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_WEP];
254 		break;
255 	case WLAN_CIPHER_SUITE_CCMP_256:
256 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
257 		break;
258 	case WLAN_CIPHER_SUITE_GCMP:
259 	case WLAN_CIPHER_SUITE_GCMP_256:
260 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_GCM];
261 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
262 		break;
263 	case WLAN_CIPHER_SUITE_BIP_GMAC_128:
264 	case WLAN_CIPHER_SUITE_BIP_GMAC_256:
265 	case WLAN_CIPHER_SUITE_BIP_CMAC_256:
266 	case WLAN_CIPHER_SUITE_AES_CMAC:
267 		WARN_ON(1);
268 		return -EINVAL;
269 	default:
270 		ath10k_warn(ar, "cipher %d is not supported\n", key->cipher);
271 		return -EOPNOTSUPP;
272 	}
273 
274 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
275 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
276 
277 	if (cmd == DISABLE_KEY) {
278 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_NONE];
279 		arg.key_data = NULL;
280 	}
281 
282 	return ath10k_wmi_vdev_install_key(arvif->ar, &arg);
283 }
284 
285 static int ath10k_install_key(struct ath10k_vif *arvif,
286 			      struct ieee80211_key_conf *key,
287 			      enum set_key_cmd cmd,
288 			      const u8 *macaddr, u32 flags)
289 {
290 	struct ath10k *ar = arvif->ar;
291 	int ret;
292 	unsigned long time_left;
293 
294 	lockdep_assert_held(&ar->conf_mutex);
295 
296 	reinit_completion(&ar->install_key_done);
297 
298 	if (arvif->nohwcrypt)
299 		return 1;
300 
301 	ret = ath10k_send_key(arvif, key, cmd, macaddr, flags);
302 	if (ret)
303 		return ret;
304 
305 	time_left = wait_for_completion_timeout(&ar->install_key_done, 3 * HZ);
306 	if (time_left == 0)
307 		return -ETIMEDOUT;
308 
309 	return 0;
310 }
311 
312 static int ath10k_install_peer_wep_keys(struct ath10k_vif *arvif,
313 					const u8 *addr)
314 {
315 	struct ath10k *ar = arvif->ar;
316 	struct ath10k_peer *peer;
317 	int ret;
318 	int i;
319 	u32 flags;
320 
321 	lockdep_assert_held(&ar->conf_mutex);
322 
323 	if (WARN_ON(arvif->vif->type != NL80211_IFTYPE_AP &&
324 		    arvif->vif->type != NL80211_IFTYPE_ADHOC &&
325 		    arvif->vif->type != NL80211_IFTYPE_MESH_POINT))
326 		return -EINVAL;
327 
328 	spin_lock_bh(&ar->data_lock);
329 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
330 	spin_unlock_bh(&ar->data_lock);
331 
332 	if (!peer)
333 		return -ENOENT;
334 
335 	for (i = 0; i < ARRAY_SIZE(arvif->wep_keys); i++) {
336 		if (arvif->wep_keys[i] == NULL)
337 			continue;
338 
339 		switch (arvif->vif->type) {
340 		case NL80211_IFTYPE_AP:
341 			flags = WMI_KEY_PAIRWISE;
342 
343 			if (arvif->def_wep_key_idx == i)
344 				flags |= WMI_KEY_TX_USAGE;
345 
346 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
347 						 SET_KEY, addr, flags);
348 			if (ret < 0)
349 				return ret;
350 			break;
351 		case NL80211_IFTYPE_ADHOC:
352 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
353 						 SET_KEY, addr,
354 						 WMI_KEY_PAIRWISE);
355 			if (ret < 0)
356 				return ret;
357 
358 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
359 						 SET_KEY, addr, WMI_KEY_GROUP);
360 			if (ret < 0)
361 				return ret;
362 			break;
363 		default:
364 			WARN_ON(1);
365 			return -EINVAL;
366 		}
367 
368 		spin_lock_bh(&ar->data_lock);
369 		peer->keys[i] = arvif->wep_keys[i];
370 		spin_unlock_bh(&ar->data_lock);
371 	}
372 
373 	/* In some cases (notably with static WEP IBSS with multiple keys)
374 	 * multicast Tx becomes broken. Both pairwise and groupwise keys are
375 	 * installed already. Using WMI_KEY_TX_USAGE in different combinations
376 	 * didn't seem help. Using def_keyid vdev parameter seems to be
377 	 * effective so use that.
378 	 *
379 	 * FIXME: Revisit. Perhaps this can be done in a less hacky way.
380 	 */
381 	if (arvif->vif->type != NL80211_IFTYPE_ADHOC)
382 		return 0;
383 
384 	if (arvif->def_wep_key_idx == -1)
385 		return 0;
386 
387 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
388 					arvif->vdev_id,
389 					arvif->ar->wmi.vdev_param->def_keyid,
390 					arvif->def_wep_key_idx);
391 	if (ret) {
392 		ath10k_warn(ar, "failed to re-set def wpa key idxon vdev %i: %d\n",
393 			    arvif->vdev_id, ret);
394 		return ret;
395 	}
396 
397 	return 0;
398 }
399 
400 static int ath10k_clear_peer_keys(struct ath10k_vif *arvif,
401 				  const u8 *addr)
402 {
403 	struct ath10k *ar = arvif->ar;
404 	struct ath10k_peer *peer;
405 	int first_errno = 0;
406 	int ret;
407 	int i;
408 	u32 flags = 0;
409 
410 	lockdep_assert_held(&ar->conf_mutex);
411 
412 	spin_lock_bh(&ar->data_lock);
413 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
414 	spin_unlock_bh(&ar->data_lock);
415 
416 	if (!peer)
417 		return -ENOENT;
418 
419 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
420 		if (peer->keys[i] == NULL)
421 			continue;
422 
423 		/* key flags are not required to delete the key */
424 		ret = ath10k_install_key(arvif, peer->keys[i],
425 					 DISABLE_KEY, addr, flags);
426 		if (ret < 0 && first_errno == 0)
427 			first_errno = ret;
428 
429 		if (ret < 0)
430 			ath10k_warn(ar, "failed to remove peer wep key %d: %d\n",
431 				    i, ret);
432 
433 		spin_lock_bh(&ar->data_lock);
434 		peer->keys[i] = NULL;
435 		spin_unlock_bh(&ar->data_lock);
436 	}
437 
438 	return first_errno;
439 }
440 
441 bool ath10k_mac_is_peer_wep_key_set(struct ath10k *ar, const u8 *addr,
442 				    u8 keyidx)
443 {
444 	struct ath10k_peer *peer;
445 	int i;
446 
447 	lockdep_assert_held(&ar->data_lock);
448 
449 	/* We don't know which vdev this peer belongs to,
450 	 * since WMI doesn't give us that information.
451 	 *
452 	 * FIXME: multi-bss needs to be handled.
453 	 */
454 	peer = ath10k_peer_find(ar, 0, addr);
455 	if (!peer)
456 		return false;
457 
458 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
459 		if (peer->keys[i] && peer->keys[i]->keyidx == keyidx)
460 			return true;
461 	}
462 
463 	return false;
464 }
465 
466 static int ath10k_clear_vdev_key(struct ath10k_vif *arvif,
467 				 struct ieee80211_key_conf *key)
468 {
469 	struct ath10k *ar = arvif->ar;
470 	struct ath10k_peer *peer;
471 	u8 addr[ETH_ALEN];
472 	int first_errno = 0;
473 	int ret;
474 	int i;
475 	u32 flags = 0;
476 
477 	lockdep_assert_held(&ar->conf_mutex);
478 
479 	for (;;) {
480 		/* since ath10k_install_key we can't hold data_lock all the
481 		 * time, so we try to remove the keys incrementally
482 		 */
483 		spin_lock_bh(&ar->data_lock);
484 		i = 0;
485 		list_for_each_entry(peer, &ar->peers, list) {
486 			for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
487 				if (peer->keys[i] == key) {
488 					ether_addr_copy(addr, peer->addr);
489 					peer->keys[i] = NULL;
490 					break;
491 				}
492 			}
493 
494 			if (i < ARRAY_SIZE(peer->keys))
495 				break;
496 		}
497 		spin_unlock_bh(&ar->data_lock);
498 
499 		if (i == ARRAY_SIZE(peer->keys))
500 			break;
501 		/* key flags are not required to delete the key */
502 		ret = ath10k_install_key(arvif, key, DISABLE_KEY, addr, flags);
503 		if (ret < 0 && first_errno == 0)
504 			first_errno = ret;
505 
506 		if (ret)
507 			ath10k_warn(ar, "failed to remove key for %pM: %d\n",
508 				    addr, ret);
509 	}
510 
511 	return first_errno;
512 }
513 
514 static int ath10k_mac_vif_update_wep_key(struct ath10k_vif *arvif,
515 					 struct ieee80211_key_conf *key)
516 {
517 	struct ath10k *ar = arvif->ar;
518 	struct ath10k_peer *peer;
519 	int ret;
520 
521 	lockdep_assert_held(&ar->conf_mutex);
522 
523 	list_for_each_entry(peer, &ar->peers, list) {
524 		if (ether_addr_equal(peer->addr, arvif->vif->addr))
525 			continue;
526 
527 		if (ether_addr_equal(peer->addr, arvif->bssid))
528 			continue;
529 
530 		if (peer->keys[key->keyidx] == key)
531 			continue;
532 
533 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vif vdev %i update key %i needs update\n",
534 			   arvif->vdev_id, key->keyidx);
535 
536 		ret = ath10k_install_peer_wep_keys(arvif, peer->addr);
537 		if (ret) {
538 			ath10k_warn(ar, "failed to update wep keys on vdev %i for peer %pM: %d\n",
539 				    arvif->vdev_id, peer->addr, ret);
540 			return ret;
541 		}
542 	}
543 
544 	return 0;
545 }
546 
547 /*********************/
548 /* General utilities */
549 /*********************/
550 
551 static inline enum wmi_phy_mode
552 chan_to_phymode(const struct cfg80211_chan_def *chandef)
553 {
554 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
555 
556 	switch (chandef->chan->band) {
557 	case NL80211_BAND_2GHZ:
558 		switch (chandef->width) {
559 		case NL80211_CHAN_WIDTH_20_NOHT:
560 			if (chandef->chan->flags & IEEE80211_CHAN_NO_OFDM)
561 				phymode = MODE_11B;
562 			else
563 				phymode = MODE_11G;
564 			break;
565 		case NL80211_CHAN_WIDTH_20:
566 			phymode = MODE_11NG_HT20;
567 			break;
568 		case NL80211_CHAN_WIDTH_40:
569 			phymode = MODE_11NG_HT40;
570 			break;
571 		default:
572 			phymode = MODE_UNKNOWN;
573 			break;
574 		}
575 		break;
576 	case NL80211_BAND_5GHZ:
577 		switch (chandef->width) {
578 		case NL80211_CHAN_WIDTH_20_NOHT:
579 			phymode = MODE_11A;
580 			break;
581 		case NL80211_CHAN_WIDTH_20:
582 			phymode = MODE_11NA_HT20;
583 			break;
584 		case NL80211_CHAN_WIDTH_40:
585 			phymode = MODE_11NA_HT40;
586 			break;
587 		case NL80211_CHAN_WIDTH_80:
588 			phymode = MODE_11AC_VHT80;
589 			break;
590 		case NL80211_CHAN_WIDTH_160:
591 			phymode = MODE_11AC_VHT160;
592 			break;
593 		case NL80211_CHAN_WIDTH_80P80:
594 			phymode = MODE_11AC_VHT80_80;
595 			break;
596 		default:
597 			phymode = MODE_UNKNOWN;
598 			break;
599 		}
600 		break;
601 	default:
602 		break;
603 	}
604 
605 	WARN_ON(phymode == MODE_UNKNOWN);
606 	return phymode;
607 }
608 
609 static u8 ath10k_parse_mpdudensity(u8 mpdudensity)
610 {
611 /*
612  * 802.11n D2.0 defined values for "Minimum MPDU Start Spacing":
613  *   0 for no restriction
614  *   1 for 1/4 us
615  *   2 for 1/2 us
616  *   3 for 1 us
617  *   4 for 2 us
618  *   5 for 4 us
619  *   6 for 8 us
620  *   7 for 16 us
621  */
622 	switch (mpdudensity) {
623 	case 0:
624 		return 0;
625 	case 1:
626 	case 2:
627 	case 3:
628 	/* Our lower layer calculations limit our precision to
629 	 * 1 microsecond
630 	 */
631 		return 1;
632 	case 4:
633 		return 2;
634 	case 5:
635 		return 4;
636 	case 6:
637 		return 8;
638 	case 7:
639 		return 16;
640 	default:
641 		return 0;
642 	}
643 }
644 
645 int ath10k_mac_vif_chan(struct ieee80211_vif *vif,
646 			struct cfg80211_chan_def *def)
647 {
648 	struct ieee80211_chanctx_conf *conf;
649 
650 	rcu_read_lock();
651 	conf = rcu_dereference(vif->chanctx_conf);
652 	if (!conf) {
653 		rcu_read_unlock();
654 		return -ENOENT;
655 	}
656 
657 	*def = conf->def;
658 	rcu_read_unlock();
659 
660 	return 0;
661 }
662 
663 static void ath10k_mac_num_chanctxs_iter(struct ieee80211_hw *hw,
664 					 struct ieee80211_chanctx_conf *conf,
665 					 void *data)
666 {
667 	int *num = data;
668 
669 	(*num)++;
670 }
671 
672 static int ath10k_mac_num_chanctxs(struct ath10k *ar)
673 {
674 	int num = 0;
675 
676 	ieee80211_iter_chan_contexts_atomic(ar->hw,
677 					    ath10k_mac_num_chanctxs_iter,
678 					    &num);
679 
680 	return num;
681 }
682 
683 static void
684 ath10k_mac_get_any_chandef_iter(struct ieee80211_hw *hw,
685 				struct ieee80211_chanctx_conf *conf,
686 				void *data)
687 {
688 	struct cfg80211_chan_def **def = data;
689 
690 	*def = &conf->def;
691 }
692 
693 static void ath10k_wait_for_peer_delete_done(struct ath10k *ar, u32 vdev_id,
694 					     const u8 *addr)
695 {
696 	unsigned long time_left;
697 	int ret;
698 
699 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
700 		ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
701 		if (ret) {
702 			ath10k_warn(ar, "failed wait for peer deleted");
703 			return;
704 		}
705 
706 		time_left = wait_for_completion_timeout(&ar->peer_delete_done,
707 							5 * HZ);
708 		if (!time_left)
709 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
710 	}
711 }
712 
713 static int ath10k_peer_create(struct ath10k *ar,
714 			      struct ieee80211_vif *vif,
715 			      struct ieee80211_sta *sta,
716 			      u32 vdev_id,
717 			      const u8 *addr,
718 			      enum wmi_peer_type peer_type)
719 {
720 	struct ath10k_vif *arvif;
721 	struct ath10k_peer *peer;
722 	int num_peers = 0;
723 	int ret;
724 
725 	lockdep_assert_held(&ar->conf_mutex);
726 
727 	num_peers = ar->num_peers;
728 
729 	/* Each vdev consumes a peer entry as well */
730 	list_for_each_entry(arvif, &ar->arvifs, list)
731 		num_peers++;
732 
733 	if (num_peers >= ar->max_num_peers)
734 		return -ENOBUFS;
735 
736 	ret = ath10k_wmi_peer_create(ar, vdev_id, addr, peer_type);
737 	if (ret) {
738 		ath10k_warn(ar, "failed to create wmi peer %pM on vdev %i: %i\n",
739 			    addr, vdev_id, ret);
740 		return ret;
741 	}
742 
743 	ret = ath10k_wait_for_peer_created(ar, vdev_id, addr);
744 	if (ret) {
745 		ath10k_warn(ar, "failed to wait for created wmi peer %pM on vdev %i: %i\n",
746 			    addr, vdev_id, ret);
747 		return ret;
748 	}
749 
750 	spin_lock_bh(&ar->data_lock);
751 
752 	peer = ath10k_peer_find(ar, vdev_id, addr);
753 	if (!peer) {
754 		spin_unlock_bh(&ar->data_lock);
755 		ath10k_warn(ar, "failed to find peer %pM on vdev %i after creation\n",
756 			    addr, vdev_id);
757 		ath10k_wait_for_peer_delete_done(ar, vdev_id, addr);
758 		return -ENOENT;
759 	}
760 
761 	peer->vif = vif;
762 	peer->sta = sta;
763 
764 	spin_unlock_bh(&ar->data_lock);
765 
766 	ar->num_peers++;
767 
768 	return 0;
769 }
770 
771 static int ath10k_mac_set_kickout(struct ath10k_vif *arvif)
772 {
773 	struct ath10k *ar = arvif->ar;
774 	u32 param;
775 	int ret;
776 
777 	param = ar->wmi.pdev_param->sta_kickout_th;
778 	ret = ath10k_wmi_pdev_set_param(ar, param,
779 					ATH10K_KICKOUT_THRESHOLD);
780 	if (ret) {
781 		ath10k_warn(ar, "failed to set kickout threshold on vdev %i: %d\n",
782 			    arvif->vdev_id, ret);
783 		return ret;
784 	}
785 
786 	param = ar->wmi.vdev_param->ap_keepalive_min_idle_inactive_time_secs;
787 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
788 					ATH10K_KEEPALIVE_MIN_IDLE);
789 	if (ret) {
790 		ath10k_warn(ar, "failed to set keepalive minimum idle time on vdev %i: %d\n",
791 			    arvif->vdev_id, ret);
792 		return ret;
793 	}
794 
795 	param = ar->wmi.vdev_param->ap_keepalive_max_idle_inactive_time_secs;
796 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
797 					ATH10K_KEEPALIVE_MAX_IDLE);
798 	if (ret) {
799 		ath10k_warn(ar, "failed to set keepalive maximum idle time on vdev %i: %d\n",
800 			    arvif->vdev_id, ret);
801 		return ret;
802 	}
803 
804 	param = ar->wmi.vdev_param->ap_keepalive_max_unresponsive_time_secs;
805 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
806 					ATH10K_KEEPALIVE_MAX_UNRESPONSIVE);
807 	if (ret) {
808 		ath10k_warn(ar, "failed to set keepalive maximum unresponsive time on vdev %i: %d\n",
809 			    arvif->vdev_id, ret);
810 		return ret;
811 	}
812 
813 	return 0;
814 }
815 
816 static int ath10k_mac_set_rts(struct ath10k_vif *arvif, u32 value)
817 {
818 	struct ath10k *ar = arvif->ar;
819 	u32 vdev_param;
820 
821 	vdev_param = ar->wmi.vdev_param->rts_threshold;
822 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, value);
823 }
824 
825 static int ath10k_peer_delete(struct ath10k *ar, u32 vdev_id, const u8 *addr)
826 {
827 	int ret;
828 
829 	lockdep_assert_held(&ar->conf_mutex);
830 
831 	ret = ath10k_wmi_peer_delete(ar, vdev_id, addr);
832 	if (ret)
833 		return ret;
834 
835 	ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
836 	if (ret)
837 		return ret;
838 
839 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
840 		unsigned long time_left;
841 
842 		time_left = wait_for_completion_timeout
843 			    (&ar->peer_delete_done, 5 * HZ);
844 
845 		if (!time_left) {
846 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
847 			return -ETIMEDOUT;
848 		}
849 	}
850 
851 	ar->num_peers--;
852 
853 	return 0;
854 }
855 
856 static void ath10k_peer_cleanup(struct ath10k *ar, u32 vdev_id)
857 {
858 	struct ath10k_peer *peer, *tmp;
859 	int peer_id;
860 	int i;
861 
862 	lockdep_assert_held(&ar->conf_mutex);
863 
864 	spin_lock_bh(&ar->data_lock);
865 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
866 		if (peer->vdev_id != vdev_id)
867 			continue;
868 
869 		ath10k_warn(ar, "removing stale peer %pM from vdev_id %d\n",
870 			    peer->addr, vdev_id);
871 
872 		for_each_set_bit(peer_id, peer->peer_ids,
873 				 ATH10K_MAX_NUM_PEER_IDS) {
874 			ar->peer_map[peer_id] = NULL;
875 		}
876 
877 		/* Double check that peer is properly un-referenced from
878 		 * the peer_map
879 		 */
880 		for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
881 			if (ar->peer_map[i] == peer) {
882 				ath10k_warn(ar, "removing stale peer_map entry for %pM (ptr %pK idx %d)\n",
883 					    peer->addr, peer, i);
884 				ar->peer_map[i] = NULL;
885 			}
886 		}
887 
888 		list_del(&peer->list);
889 		kfree(peer);
890 		ar->num_peers--;
891 	}
892 	spin_unlock_bh(&ar->data_lock);
893 }
894 
895 static void ath10k_peer_cleanup_all(struct ath10k *ar)
896 {
897 	struct ath10k_peer *peer, *tmp;
898 	int i;
899 
900 	lockdep_assert_held(&ar->conf_mutex);
901 
902 	spin_lock_bh(&ar->data_lock);
903 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
904 		list_del(&peer->list);
905 		kfree(peer);
906 	}
907 
908 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++)
909 		ar->peer_map[i] = NULL;
910 
911 	spin_unlock_bh(&ar->data_lock);
912 
913 	ar->num_peers = 0;
914 	ar->num_stations = 0;
915 }
916 
917 static int ath10k_mac_tdls_peer_update(struct ath10k *ar, u32 vdev_id,
918 				       struct ieee80211_sta *sta,
919 				       enum wmi_tdls_peer_state state)
920 {
921 	int ret;
922 	struct wmi_tdls_peer_update_cmd_arg arg = {};
923 	struct wmi_tdls_peer_capab_arg cap = {};
924 	struct wmi_channel_arg chan_arg = {};
925 
926 	lockdep_assert_held(&ar->conf_mutex);
927 
928 	arg.vdev_id = vdev_id;
929 	arg.peer_state = state;
930 	ether_addr_copy(arg.addr, sta->addr);
931 
932 	cap.peer_max_sp = sta->max_sp;
933 	cap.peer_uapsd_queues = sta->uapsd_queues;
934 
935 	if (state == WMI_TDLS_PEER_STATE_CONNECTED &&
936 	    !sta->tdls_initiator)
937 		cap.is_peer_responder = 1;
938 
939 	ret = ath10k_wmi_tdls_peer_update(ar, &arg, &cap, &chan_arg);
940 	if (ret) {
941 		ath10k_warn(ar, "failed to update tdls peer %pM on vdev %i: %i\n",
942 			    arg.addr, vdev_id, ret);
943 		return ret;
944 	}
945 
946 	return 0;
947 }
948 
949 /************************/
950 /* Interface management */
951 /************************/
952 
953 void ath10k_mac_vif_beacon_free(struct ath10k_vif *arvif)
954 {
955 	struct ath10k *ar = arvif->ar;
956 
957 	lockdep_assert_held(&ar->data_lock);
958 
959 	if (!arvif->beacon)
960 		return;
961 
962 	if (!arvif->beacon_buf)
963 		dma_unmap_single(ar->dev, ATH10K_SKB_CB(arvif->beacon)->paddr,
964 				 arvif->beacon->len, DMA_TO_DEVICE);
965 
966 	if (WARN_ON(arvif->beacon_state != ATH10K_BEACON_SCHEDULED &&
967 		    arvif->beacon_state != ATH10K_BEACON_SENT))
968 		return;
969 
970 	dev_kfree_skb_any(arvif->beacon);
971 
972 	arvif->beacon = NULL;
973 	arvif->beacon_state = ATH10K_BEACON_SCHEDULED;
974 }
975 
976 static void ath10k_mac_vif_beacon_cleanup(struct ath10k_vif *arvif)
977 {
978 	struct ath10k *ar = arvif->ar;
979 
980 	lockdep_assert_held(&ar->data_lock);
981 
982 	ath10k_mac_vif_beacon_free(arvif);
983 
984 	if (arvif->beacon_buf) {
985 		dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
986 				  arvif->beacon_buf, arvif->beacon_paddr);
987 		arvif->beacon_buf = NULL;
988 	}
989 }
990 
991 static inline int ath10k_vdev_setup_sync(struct ath10k *ar)
992 {
993 	unsigned long time_left;
994 
995 	lockdep_assert_held(&ar->conf_mutex);
996 
997 	if (test_bit(ATH10K_FLAG_CRASH_FLUSH, &ar->dev_flags))
998 		return -ESHUTDOWN;
999 
1000 	time_left = wait_for_completion_timeout(&ar->vdev_setup_done,
1001 						ATH10K_VDEV_SETUP_TIMEOUT_HZ);
1002 	if (time_left == 0)
1003 		return -ETIMEDOUT;
1004 
1005 	return ar->last_wmi_vdev_start_status;
1006 }
1007 
1008 static int ath10k_monitor_vdev_start(struct ath10k *ar, int vdev_id)
1009 {
1010 	struct cfg80211_chan_def *chandef = NULL;
1011 	struct ieee80211_channel *channel = NULL;
1012 	struct wmi_vdev_start_request_arg arg = {};
1013 	int ret = 0;
1014 
1015 	lockdep_assert_held(&ar->conf_mutex);
1016 
1017 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1018 					    ath10k_mac_get_any_chandef_iter,
1019 					    &chandef);
1020 	if (WARN_ON_ONCE(!chandef))
1021 		return -ENOENT;
1022 
1023 	channel = chandef->chan;
1024 
1025 	arg.vdev_id = vdev_id;
1026 	arg.channel.freq = channel->center_freq;
1027 	arg.channel.band_center_freq1 = chandef->center_freq1;
1028 	arg.channel.band_center_freq2 = chandef->center_freq2;
1029 
1030 	/* TODO setup this dynamically, what in case we
1031 	 * don't have any vifs?
1032 	 */
1033 	arg.channel.mode = chan_to_phymode(chandef);
1034 	arg.channel.chan_radar =
1035 			!!(channel->flags & IEEE80211_CHAN_RADAR);
1036 
1037 	arg.channel.min_power = 0;
1038 	arg.channel.max_power = channel->max_power * 2;
1039 	arg.channel.max_reg_power = channel->max_reg_power * 2;
1040 	arg.channel.max_antenna_gain = channel->max_antenna_gain * 2;
1041 
1042 	reinit_completion(&ar->vdev_setup_done);
1043 	reinit_completion(&ar->vdev_delete_done);
1044 
1045 	ret = ath10k_wmi_vdev_start(ar, &arg);
1046 	if (ret) {
1047 		ath10k_warn(ar, "failed to request monitor vdev %i start: %d\n",
1048 			    vdev_id, ret);
1049 		return ret;
1050 	}
1051 
1052 	ret = ath10k_vdev_setup_sync(ar);
1053 	if (ret) {
1054 		ath10k_warn(ar, "failed to synchronize setup for monitor vdev %i start: %d\n",
1055 			    vdev_id, ret);
1056 		return ret;
1057 	}
1058 
1059 	ret = ath10k_wmi_vdev_up(ar, vdev_id, 0, ar->mac_addr);
1060 	if (ret) {
1061 		ath10k_warn(ar, "failed to put up monitor vdev %i: %d\n",
1062 			    vdev_id, ret);
1063 		goto vdev_stop;
1064 	}
1065 
1066 	ar->monitor_vdev_id = vdev_id;
1067 
1068 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i started\n",
1069 		   ar->monitor_vdev_id);
1070 	return 0;
1071 
1072 vdev_stop:
1073 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1074 	if (ret)
1075 		ath10k_warn(ar, "failed to stop monitor vdev %i after start failure: %d\n",
1076 			    ar->monitor_vdev_id, ret);
1077 
1078 	return ret;
1079 }
1080 
1081 static int ath10k_monitor_vdev_stop(struct ath10k *ar)
1082 {
1083 	int ret = 0;
1084 
1085 	lockdep_assert_held(&ar->conf_mutex);
1086 
1087 	ret = ath10k_wmi_vdev_down(ar, ar->monitor_vdev_id);
1088 	if (ret)
1089 		ath10k_warn(ar, "failed to put down monitor vdev %i: %d\n",
1090 			    ar->monitor_vdev_id, ret);
1091 
1092 	reinit_completion(&ar->vdev_setup_done);
1093 	reinit_completion(&ar->vdev_delete_done);
1094 
1095 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1096 	if (ret)
1097 		ath10k_warn(ar, "failed to request monitor vdev %i stop: %d\n",
1098 			    ar->monitor_vdev_id, ret);
1099 
1100 	ret = ath10k_vdev_setup_sync(ar);
1101 	if (ret)
1102 		ath10k_warn(ar, "failed to synchronize monitor vdev %i stop: %d\n",
1103 			    ar->monitor_vdev_id, ret);
1104 
1105 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i stopped\n",
1106 		   ar->monitor_vdev_id);
1107 	return ret;
1108 }
1109 
1110 static int ath10k_monitor_vdev_create(struct ath10k *ar)
1111 {
1112 	int bit, ret = 0;
1113 
1114 	lockdep_assert_held(&ar->conf_mutex);
1115 
1116 	if (ar->free_vdev_map == 0) {
1117 		ath10k_warn(ar, "failed to find free vdev id for monitor vdev\n");
1118 		return -ENOMEM;
1119 	}
1120 
1121 	bit = __ffs64(ar->free_vdev_map);
1122 
1123 	ar->monitor_vdev_id = bit;
1124 
1125 	ret = ath10k_wmi_vdev_create(ar, ar->monitor_vdev_id,
1126 				     WMI_VDEV_TYPE_MONITOR,
1127 				     0, ar->mac_addr);
1128 	if (ret) {
1129 		ath10k_warn(ar, "failed to request monitor vdev %i creation: %d\n",
1130 			    ar->monitor_vdev_id, ret);
1131 		return ret;
1132 	}
1133 
1134 	ar->free_vdev_map &= ~(1LL << ar->monitor_vdev_id);
1135 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d created\n",
1136 		   ar->monitor_vdev_id);
1137 
1138 	return 0;
1139 }
1140 
1141 static int ath10k_monitor_vdev_delete(struct ath10k *ar)
1142 {
1143 	int ret = 0;
1144 
1145 	lockdep_assert_held(&ar->conf_mutex);
1146 
1147 	ret = ath10k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
1148 	if (ret) {
1149 		ath10k_warn(ar, "failed to request wmi monitor vdev %i removal: %d\n",
1150 			    ar->monitor_vdev_id, ret);
1151 		return ret;
1152 	}
1153 
1154 	ar->free_vdev_map |= 1LL << ar->monitor_vdev_id;
1155 
1156 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d deleted\n",
1157 		   ar->monitor_vdev_id);
1158 	return ret;
1159 }
1160 
1161 static int ath10k_monitor_start(struct ath10k *ar)
1162 {
1163 	int ret;
1164 
1165 	lockdep_assert_held(&ar->conf_mutex);
1166 
1167 	ret = ath10k_monitor_vdev_create(ar);
1168 	if (ret) {
1169 		ath10k_warn(ar, "failed to create monitor vdev: %d\n", ret);
1170 		return ret;
1171 	}
1172 
1173 	ret = ath10k_monitor_vdev_start(ar, ar->monitor_vdev_id);
1174 	if (ret) {
1175 		ath10k_warn(ar, "failed to start monitor vdev: %d\n", ret);
1176 		ath10k_monitor_vdev_delete(ar);
1177 		return ret;
1178 	}
1179 
1180 	ar->monitor_started = true;
1181 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor started\n");
1182 
1183 	return 0;
1184 }
1185 
1186 static int ath10k_monitor_stop(struct ath10k *ar)
1187 {
1188 	int ret;
1189 
1190 	lockdep_assert_held(&ar->conf_mutex);
1191 
1192 	ret = ath10k_monitor_vdev_stop(ar);
1193 	if (ret) {
1194 		ath10k_warn(ar, "failed to stop monitor vdev: %d\n", ret);
1195 		return ret;
1196 	}
1197 
1198 	ret = ath10k_monitor_vdev_delete(ar);
1199 	if (ret) {
1200 		ath10k_warn(ar, "failed to delete monitor vdev: %d\n", ret);
1201 		return ret;
1202 	}
1203 
1204 	ar->monitor_started = false;
1205 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopped\n");
1206 
1207 	return 0;
1208 }
1209 
1210 static bool ath10k_mac_monitor_vdev_is_needed(struct ath10k *ar)
1211 {
1212 	int num_ctx;
1213 
1214 	/* At least one chanctx is required to derive a channel to start
1215 	 * monitor vdev on.
1216 	 */
1217 	num_ctx = ath10k_mac_num_chanctxs(ar);
1218 	if (num_ctx == 0)
1219 		return false;
1220 
1221 	/* If there's already an existing special monitor interface then don't
1222 	 * bother creating another monitor vdev.
1223 	 */
1224 	if (ar->monitor_arvif)
1225 		return false;
1226 
1227 	return ar->monitor ||
1228 	       (!test_bit(ATH10K_FW_FEATURE_ALLOWS_MESH_BCAST,
1229 			  ar->running_fw->fw_file.fw_features) &&
1230 		(ar->filter_flags & FIF_OTHER_BSS)) ||
1231 	       test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1232 }
1233 
1234 static bool ath10k_mac_monitor_vdev_is_allowed(struct ath10k *ar)
1235 {
1236 	int num_ctx;
1237 
1238 	num_ctx = ath10k_mac_num_chanctxs(ar);
1239 
1240 	/* FIXME: Current interface combinations and cfg80211/mac80211 code
1241 	 * shouldn't allow this but make sure to prevent handling the following
1242 	 * case anyway since multi-channel DFS hasn't been tested at all.
1243 	 */
1244 	if (test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags) && num_ctx > 1)
1245 		return false;
1246 
1247 	return true;
1248 }
1249 
1250 static int ath10k_monitor_recalc(struct ath10k *ar)
1251 {
1252 	bool needed;
1253 	bool allowed;
1254 	int ret;
1255 
1256 	lockdep_assert_held(&ar->conf_mutex);
1257 
1258 	needed = ath10k_mac_monitor_vdev_is_needed(ar);
1259 	allowed = ath10k_mac_monitor_vdev_is_allowed(ar);
1260 
1261 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1262 		   "mac monitor recalc started? %d needed? %d allowed? %d\n",
1263 		   ar->monitor_started, needed, allowed);
1264 
1265 	if (WARN_ON(needed && !allowed)) {
1266 		if (ar->monitor_started) {
1267 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopping disallowed monitor\n");
1268 
1269 			ret = ath10k_monitor_stop(ar);
1270 			if (ret)
1271 				ath10k_warn(ar, "failed to stop disallowed monitor: %d\n",
1272 					    ret);
1273 				/* not serious */
1274 		}
1275 
1276 		return -EPERM;
1277 	}
1278 
1279 	if (needed == ar->monitor_started)
1280 		return 0;
1281 
1282 	if (needed)
1283 		return ath10k_monitor_start(ar);
1284 	else
1285 		return ath10k_monitor_stop(ar);
1286 }
1287 
1288 static bool ath10k_mac_can_set_cts_prot(struct ath10k_vif *arvif)
1289 {
1290 	struct ath10k *ar = arvif->ar;
1291 
1292 	lockdep_assert_held(&ar->conf_mutex);
1293 
1294 	if (!arvif->is_started) {
1295 		ath10k_dbg(ar, ATH10K_DBG_MAC, "defer cts setup, vdev is not ready yet\n");
1296 		return false;
1297 	}
1298 
1299 	return true;
1300 }
1301 
1302 static int ath10k_mac_set_cts_prot(struct ath10k_vif *arvif)
1303 {
1304 	struct ath10k *ar = arvif->ar;
1305 	u32 vdev_param;
1306 
1307 	lockdep_assert_held(&ar->conf_mutex);
1308 
1309 	vdev_param = ar->wmi.vdev_param->protection_mode;
1310 
1311 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d cts_protection %d\n",
1312 		   arvif->vdev_id, arvif->use_cts_prot);
1313 
1314 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1315 					 arvif->use_cts_prot ? 1 : 0);
1316 }
1317 
1318 static int ath10k_recalc_rtscts_prot(struct ath10k_vif *arvif)
1319 {
1320 	struct ath10k *ar = arvif->ar;
1321 	u32 vdev_param, rts_cts = 0;
1322 
1323 	lockdep_assert_held(&ar->conf_mutex);
1324 
1325 	vdev_param = ar->wmi.vdev_param->enable_rtscts;
1326 
1327 	rts_cts |= SM(WMI_RTSCTS_ENABLED, WMI_RTSCTS_SET);
1328 
1329 	if (arvif->num_legacy_stations > 0)
1330 		rts_cts |= SM(WMI_RTSCTS_ACROSS_SW_RETRIES,
1331 			      WMI_RTSCTS_PROFILE);
1332 	else
1333 		rts_cts |= SM(WMI_RTSCTS_FOR_SECOND_RATESERIES,
1334 			      WMI_RTSCTS_PROFILE);
1335 
1336 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d recalc rts/cts prot %d\n",
1337 		   arvif->vdev_id, rts_cts);
1338 
1339 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1340 					 rts_cts);
1341 }
1342 
1343 static int ath10k_start_cac(struct ath10k *ar)
1344 {
1345 	int ret;
1346 
1347 	lockdep_assert_held(&ar->conf_mutex);
1348 
1349 	set_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1350 
1351 	ret = ath10k_monitor_recalc(ar);
1352 	if (ret) {
1353 		ath10k_warn(ar, "failed to start monitor (cac): %d\n", ret);
1354 		clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1355 		return ret;
1356 	}
1357 
1358 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac start monitor vdev %d\n",
1359 		   ar->monitor_vdev_id);
1360 
1361 	return 0;
1362 }
1363 
1364 static int ath10k_stop_cac(struct ath10k *ar)
1365 {
1366 	lockdep_assert_held(&ar->conf_mutex);
1367 
1368 	/* CAC is not running - do nothing */
1369 	if (!test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags))
1370 		return 0;
1371 
1372 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1373 	ath10k_monitor_stop(ar);
1374 
1375 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac finished\n");
1376 
1377 	return 0;
1378 }
1379 
1380 static void ath10k_mac_has_radar_iter(struct ieee80211_hw *hw,
1381 				      struct ieee80211_chanctx_conf *conf,
1382 				      void *data)
1383 {
1384 	bool *ret = data;
1385 
1386 	if (!*ret && conf->radar_enabled)
1387 		*ret = true;
1388 }
1389 
1390 static bool ath10k_mac_has_radar_enabled(struct ath10k *ar)
1391 {
1392 	bool has_radar = false;
1393 
1394 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1395 					    ath10k_mac_has_radar_iter,
1396 					    &has_radar);
1397 
1398 	return has_radar;
1399 }
1400 
1401 static void ath10k_recalc_radar_detection(struct ath10k *ar)
1402 {
1403 	int ret;
1404 
1405 	lockdep_assert_held(&ar->conf_mutex);
1406 
1407 	ath10k_stop_cac(ar);
1408 
1409 	if (!ath10k_mac_has_radar_enabled(ar))
1410 		return;
1411 
1412 	if (ar->num_started_vdevs > 0)
1413 		return;
1414 
1415 	ret = ath10k_start_cac(ar);
1416 	if (ret) {
1417 		/*
1418 		 * Not possible to start CAC on current channel so starting
1419 		 * radiation is not allowed, make this channel DFS_UNAVAILABLE
1420 		 * by indicating that radar was detected.
1421 		 */
1422 		ath10k_warn(ar, "failed to start CAC: %d\n", ret);
1423 		ieee80211_radar_detected(ar->hw);
1424 	}
1425 }
1426 
1427 static int ath10k_vdev_stop(struct ath10k_vif *arvif)
1428 {
1429 	struct ath10k *ar = arvif->ar;
1430 	int ret;
1431 
1432 	lockdep_assert_held(&ar->conf_mutex);
1433 
1434 	reinit_completion(&ar->vdev_setup_done);
1435 	reinit_completion(&ar->vdev_delete_done);
1436 
1437 	ret = ath10k_wmi_vdev_stop(ar, arvif->vdev_id);
1438 	if (ret) {
1439 		ath10k_warn(ar, "failed to stop WMI vdev %i: %d\n",
1440 			    arvif->vdev_id, ret);
1441 		return ret;
1442 	}
1443 
1444 	ret = ath10k_vdev_setup_sync(ar);
1445 	if (ret) {
1446 		ath10k_warn(ar, "failed to synchronize setup for vdev %i: %d\n",
1447 			    arvif->vdev_id, ret);
1448 		return ret;
1449 	}
1450 
1451 	WARN_ON(ar->num_started_vdevs == 0);
1452 
1453 	if (ar->num_started_vdevs != 0) {
1454 		ar->num_started_vdevs--;
1455 		ath10k_recalc_radar_detection(ar);
1456 	}
1457 
1458 	return ret;
1459 }
1460 
1461 static int ath10k_vdev_start_restart(struct ath10k_vif *arvif,
1462 				     const struct cfg80211_chan_def *chandef,
1463 				     bool restart)
1464 {
1465 	struct ath10k *ar = arvif->ar;
1466 	struct wmi_vdev_start_request_arg arg = {};
1467 	int ret = 0;
1468 
1469 	lockdep_assert_held(&ar->conf_mutex);
1470 
1471 	reinit_completion(&ar->vdev_setup_done);
1472 	reinit_completion(&ar->vdev_delete_done);
1473 
1474 	arg.vdev_id = arvif->vdev_id;
1475 	arg.dtim_period = arvif->dtim_period;
1476 	arg.bcn_intval = arvif->beacon_interval;
1477 
1478 	arg.channel.freq = chandef->chan->center_freq;
1479 	arg.channel.band_center_freq1 = chandef->center_freq1;
1480 	arg.channel.band_center_freq2 = chandef->center_freq2;
1481 	arg.channel.mode = chan_to_phymode(chandef);
1482 
1483 	arg.channel.min_power = 0;
1484 	arg.channel.max_power = chandef->chan->max_power * 2;
1485 	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
1486 	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain * 2;
1487 
1488 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
1489 		arg.ssid = arvif->u.ap.ssid;
1490 		arg.ssid_len = arvif->u.ap.ssid_len;
1491 		arg.hidden_ssid = arvif->u.ap.hidden_ssid;
1492 
1493 		/* For now allow DFS for AP mode */
1494 		arg.channel.chan_radar =
1495 			!!(chandef->chan->flags & IEEE80211_CHAN_RADAR);
1496 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
1497 		arg.ssid = arvif->vif->bss_conf.ssid;
1498 		arg.ssid_len = arvif->vif->bss_conf.ssid_len;
1499 	}
1500 
1501 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1502 		   "mac vdev %d start center_freq %d phymode %s\n",
1503 		   arg.vdev_id, arg.channel.freq,
1504 		   ath10k_wmi_phymode_str(arg.channel.mode));
1505 
1506 	if (restart)
1507 		ret = ath10k_wmi_vdev_restart(ar, &arg);
1508 	else
1509 		ret = ath10k_wmi_vdev_start(ar, &arg);
1510 
1511 	if (ret) {
1512 		ath10k_warn(ar, "failed to start WMI vdev %i: %d\n",
1513 			    arg.vdev_id, ret);
1514 		return ret;
1515 	}
1516 
1517 	ret = ath10k_vdev_setup_sync(ar);
1518 	if (ret) {
1519 		ath10k_warn(ar,
1520 			    "failed to synchronize setup for vdev %i restart %d: %d\n",
1521 			    arg.vdev_id, restart, ret);
1522 		return ret;
1523 	}
1524 
1525 	ar->num_started_vdevs++;
1526 	ath10k_recalc_radar_detection(ar);
1527 
1528 	return ret;
1529 }
1530 
1531 static int ath10k_vdev_start(struct ath10k_vif *arvif,
1532 			     const struct cfg80211_chan_def *def)
1533 {
1534 	return ath10k_vdev_start_restart(arvif, def, false);
1535 }
1536 
1537 static int ath10k_vdev_restart(struct ath10k_vif *arvif,
1538 			       const struct cfg80211_chan_def *def)
1539 {
1540 	return ath10k_vdev_start_restart(arvif, def, true);
1541 }
1542 
1543 static int ath10k_mac_setup_bcn_p2p_ie(struct ath10k_vif *arvif,
1544 				       struct sk_buff *bcn)
1545 {
1546 	struct ath10k *ar = arvif->ar;
1547 	struct ieee80211_mgmt *mgmt;
1548 	const u8 *p2p_ie;
1549 	int ret;
1550 
1551 	if (arvif->vif->type != NL80211_IFTYPE_AP || !arvif->vif->p2p)
1552 		return 0;
1553 
1554 	mgmt = (void *)bcn->data;
1555 	p2p_ie = cfg80211_find_vendor_ie(WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1556 					 mgmt->u.beacon.variable,
1557 					 bcn->len - (mgmt->u.beacon.variable -
1558 						     bcn->data));
1559 	if (!p2p_ie)
1560 		return -ENOENT;
1561 
1562 	ret = ath10k_wmi_p2p_go_bcn_ie(ar, arvif->vdev_id, p2p_ie);
1563 	if (ret) {
1564 		ath10k_warn(ar, "failed to submit p2p go bcn ie for vdev %i: %d\n",
1565 			    arvif->vdev_id, ret);
1566 		return ret;
1567 	}
1568 
1569 	return 0;
1570 }
1571 
1572 static int ath10k_mac_remove_vendor_ie(struct sk_buff *skb, unsigned int oui,
1573 				       u8 oui_type, size_t ie_offset)
1574 {
1575 	size_t len;
1576 	const u8 *next;
1577 	const u8 *end;
1578 	u8 *ie;
1579 
1580 	if (WARN_ON(skb->len < ie_offset))
1581 		return -EINVAL;
1582 
1583 	ie = (u8 *)cfg80211_find_vendor_ie(oui, oui_type,
1584 					   skb->data + ie_offset,
1585 					   skb->len - ie_offset);
1586 	if (!ie)
1587 		return -ENOENT;
1588 
1589 	len = ie[1] + 2;
1590 	end = skb->data + skb->len;
1591 	next = ie + len;
1592 
1593 	if (WARN_ON(next > end))
1594 		return -EINVAL;
1595 
1596 	memmove(ie, next, end - next);
1597 	skb_trim(skb, skb->len - len);
1598 
1599 	return 0;
1600 }
1601 
1602 static int ath10k_mac_setup_bcn_tmpl(struct ath10k_vif *arvif)
1603 {
1604 	struct ath10k *ar = arvif->ar;
1605 	struct ieee80211_hw *hw = ar->hw;
1606 	struct ieee80211_vif *vif = arvif->vif;
1607 	struct ieee80211_mutable_offsets offs = {};
1608 	struct sk_buff *bcn;
1609 	int ret;
1610 
1611 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1612 		return 0;
1613 
1614 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
1615 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
1616 		return 0;
1617 
1618 	bcn = ieee80211_beacon_get_template(hw, vif, &offs);
1619 	if (!bcn) {
1620 		ath10k_warn(ar, "failed to get beacon template from mac80211\n");
1621 		return -EPERM;
1622 	}
1623 
1624 	ret = ath10k_mac_setup_bcn_p2p_ie(arvif, bcn);
1625 	if (ret) {
1626 		ath10k_warn(ar, "failed to setup p2p go bcn ie: %d\n", ret);
1627 		kfree_skb(bcn);
1628 		return ret;
1629 	}
1630 
1631 	/* P2P IE is inserted by firmware automatically (as configured above)
1632 	 * so remove it from the base beacon template to avoid duplicate P2P
1633 	 * IEs in beacon frames.
1634 	 */
1635 	ath10k_mac_remove_vendor_ie(bcn, WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1636 				    offsetof(struct ieee80211_mgmt,
1637 					     u.beacon.variable));
1638 
1639 	ret = ath10k_wmi_bcn_tmpl(ar, arvif->vdev_id, offs.tim_offset, bcn, 0,
1640 				  0, NULL, 0);
1641 	kfree_skb(bcn);
1642 
1643 	if (ret) {
1644 		ath10k_warn(ar, "failed to submit beacon template command: %d\n",
1645 			    ret);
1646 		return ret;
1647 	}
1648 
1649 	return 0;
1650 }
1651 
1652 static int ath10k_mac_setup_prb_tmpl(struct ath10k_vif *arvif)
1653 {
1654 	struct ath10k *ar = arvif->ar;
1655 	struct ieee80211_hw *hw = ar->hw;
1656 	struct ieee80211_vif *vif = arvif->vif;
1657 	struct sk_buff *prb;
1658 	int ret;
1659 
1660 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1661 		return 0;
1662 
1663 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1664 		return 0;
1665 
1666 	 /* For mesh, probe response and beacon share the same template */
1667 	if (ieee80211_vif_is_mesh(vif))
1668 		return 0;
1669 
1670 	prb = ieee80211_proberesp_get(hw, vif);
1671 	if (!prb) {
1672 		ath10k_warn(ar, "failed to get probe resp template from mac80211\n");
1673 		return -EPERM;
1674 	}
1675 
1676 	ret = ath10k_wmi_prb_tmpl(ar, arvif->vdev_id, prb);
1677 	kfree_skb(prb);
1678 
1679 	if (ret) {
1680 		ath10k_warn(ar, "failed to submit probe resp template command: %d\n",
1681 			    ret);
1682 		return ret;
1683 	}
1684 
1685 	return 0;
1686 }
1687 
1688 static int ath10k_mac_vif_fix_hidden_ssid(struct ath10k_vif *arvif)
1689 {
1690 	struct ath10k *ar = arvif->ar;
1691 	struct cfg80211_chan_def def;
1692 	int ret;
1693 
1694 	/* When originally vdev is started during assign_vif_chanctx() some
1695 	 * information is missing, notably SSID. Firmware revisions with beacon
1696 	 * offloading require the SSID to be provided during vdev (re)start to
1697 	 * handle hidden SSID properly.
1698 	 *
1699 	 * Vdev restart must be done after vdev has been both started and
1700 	 * upped. Otherwise some firmware revisions (at least 10.2) fail to
1701 	 * deliver vdev restart response event causing timeouts during vdev
1702 	 * syncing in ath10k.
1703 	 *
1704 	 * Note: The vdev down/up and template reinstallation could be skipped
1705 	 * since only wmi-tlv firmware are known to have beacon offload and
1706 	 * wmi-tlv doesn't seem to misbehave like 10.2 wrt vdev restart
1707 	 * response delivery. It's probably more robust to keep it as is.
1708 	 */
1709 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1710 		return 0;
1711 
1712 	if (WARN_ON(!arvif->is_started))
1713 		return -EINVAL;
1714 
1715 	if (WARN_ON(!arvif->is_up))
1716 		return -EINVAL;
1717 
1718 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
1719 		return -EINVAL;
1720 
1721 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1722 	if (ret) {
1723 		ath10k_warn(ar, "failed to bring down ap vdev %i: %d\n",
1724 			    arvif->vdev_id, ret);
1725 		return ret;
1726 	}
1727 
1728 	/* Vdev down reset beacon & presp templates. Reinstall them. Otherwise
1729 	 * firmware will crash upon vdev up.
1730 	 */
1731 
1732 	ret = ath10k_mac_setup_bcn_tmpl(arvif);
1733 	if (ret) {
1734 		ath10k_warn(ar, "failed to update beacon template: %d\n", ret);
1735 		return ret;
1736 	}
1737 
1738 	ret = ath10k_mac_setup_prb_tmpl(arvif);
1739 	if (ret) {
1740 		ath10k_warn(ar, "failed to update presp template: %d\n", ret);
1741 		return ret;
1742 	}
1743 
1744 	ret = ath10k_vdev_restart(arvif, &def);
1745 	if (ret) {
1746 		ath10k_warn(ar, "failed to restart ap vdev %i: %d\n",
1747 			    arvif->vdev_id, ret);
1748 		return ret;
1749 	}
1750 
1751 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1752 				 arvif->bssid);
1753 	if (ret) {
1754 		ath10k_warn(ar, "failed to bring up ap vdev %i: %d\n",
1755 			    arvif->vdev_id, ret);
1756 		return ret;
1757 	}
1758 
1759 	return 0;
1760 }
1761 
1762 static void ath10k_control_beaconing(struct ath10k_vif *arvif,
1763 				     struct ieee80211_bss_conf *info)
1764 {
1765 	struct ath10k *ar = arvif->ar;
1766 	int ret = 0;
1767 
1768 	lockdep_assert_held(&arvif->ar->conf_mutex);
1769 
1770 	if (!info->enable_beacon) {
1771 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1772 		if (ret)
1773 			ath10k_warn(ar, "failed to down vdev_id %i: %d\n",
1774 				    arvif->vdev_id, ret);
1775 
1776 		arvif->is_up = false;
1777 
1778 		spin_lock_bh(&arvif->ar->data_lock);
1779 		ath10k_mac_vif_beacon_free(arvif);
1780 		spin_unlock_bh(&arvif->ar->data_lock);
1781 
1782 		return;
1783 	}
1784 
1785 	arvif->tx_seq_no = 0x1000;
1786 
1787 	arvif->aid = 0;
1788 	ether_addr_copy(arvif->bssid, info->bssid);
1789 
1790 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1791 				 arvif->bssid);
1792 	if (ret) {
1793 		ath10k_warn(ar, "failed to bring up vdev %d: %i\n",
1794 			    arvif->vdev_id, ret);
1795 		return;
1796 	}
1797 
1798 	arvif->is_up = true;
1799 
1800 	ret = ath10k_mac_vif_fix_hidden_ssid(arvif);
1801 	if (ret) {
1802 		ath10k_warn(ar, "failed to fix hidden ssid for vdev %i, expect trouble: %d\n",
1803 			    arvif->vdev_id, ret);
1804 		return;
1805 	}
1806 
1807 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d up\n", arvif->vdev_id);
1808 }
1809 
1810 static void ath10k_control_ibss(struct ath10k_vif *arvif,
1811 				struct ieee80211_bss_conf *info,
1812 				const u8 self_peer[ETH_ALEN])
1813 {
1814 	struct ath10k *ar = arvif->ar;
1815 	u32 vdev_param;
1816 	int ret = 0;
1817 
1818 	lockdep_assert_held(&arvif->ar->conf_mutex);
1819 
1820 	if (!info->ibss_joined) {
1821 		if (is_zero_ether_addr(arvif->bssid))
1822 			return;
1823 
1824 		eth_zero_addr(arvif->bssid);
1825 
1826 		return;
1827 	}
1828 
1829 	vdev_param = arvif->ar->wmi.vdev_param->atim_window;
1830 	ret = ath10k_wmi_vdev_set_param(arvif->ar, arvif->vdev_id, vdev_param,
1831 					ATH10K_DEFAULT_ATIM);
1832 	if (ret)
1833 		ath10k_warn(ar, "failed to set IBSS ATIM for vdev %d: %d\n",
1834 			    arvif->vdev_id, ret);
1835 }
1836 
1837 static int ath10k_mac_vif_recalc_ps_wake_threshold(struct ath10k_vif *arvif)
1838 {
1839 	struct ath10k *ar = arvif->ar;
1840 	u32 param;
1841 	u32 value;
1842 	int ret;
1843 
1844 	lockdep_assert_held(&arvif->ar->conf_mutex);
1845 
1846 	if (arvif->u.sta.uapsd)
1847 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_NEVER;
1848 	else
1849 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_ALWAYS;
1850 
1851 	param = WMI_STA_PS_PARAM_TX_WAKE_THRESHOLD;
1852 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param, value);
1853 	if (ret) {
1854 		ath10k_warn(ar, "failed to submit ps wake threshold %u on vdev %i: %d\n",
1855 			    value, arvif->vdev_id, ret);
1856 		return ret;
1857 	}
1858 
1859 	return 0;
1860 }
1861 
1862 static int ath10k_mac_vif_recalc_ps_poll_count(struct ath10k_vif *arvif)
1863 {
1864 	struct ath10k *ar = arvif->ar;
1865 	u32 param;
1866 	u32 value;
1867 	int ret;
1868 
1869 	lockdep_assert_held(&arvif->ar->conf_mutex);
1870 
1871 	if (arvif->u.sta.uapsd)
1872 		value = WMI_STA_PS_PSPOLL_COUNT_UAPSD;
1873 	else
1874 		value = WMI_STA_PS_PSPOLL_COUNT_NO_MAX;
1875 
1876 	param = WMI_STA_PS_PARAM_PSPOLL_COUNT;
1877 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
1878 					  param, value);
1879 	if (ret) {
1880 		ath10k_warn(ar, "failed to submit ps poll count %u on vdev %i: %d\n",
1881 			    value, arvif->vdev_id, ret);
1882 		return ret;
1883 	}
1884 
1885 	return 0;
1886 }
1887 
1888 static int ath10k_mac_num_vifs_started(struct ath10k *ar)
1889 {
1890 	struct ath10k_vif *arvif;
1891 	int num = 0;
1892 
1893 	lockdep_assert_held(&ar->conf_mutex);
1894 
1895 	list_for_each_entry(arvif, &ar->arvifs, list)
1896 		if (arvif->is_started)
1897 			num++;
1898 
1899 	return num;
1900 }
1901 
1902 static int ath10k_mac_vif_setup_ps(struct ath10k_vif *arvif)
1903 {
1904 	struct ath10k *ar = arvif->ar;
1905 	struct ieee80211_vif *vif = arvif->vif;
1906 	struct ieee80211_conf *conf = &ar->hw->conf;
1907 	enum wmi_sta_powersave_param param;
1908 	enum wmi_sta_ps_mode psmode;
1909 	int ret;
1910 	int ps_timeout;
1911 	bool enable_ps;
1912 
1913 	lockdep_assert_held(&arvif->ar->conf_mutex);
1914 
1915 	if (arvif->vif->type != NL80211_IFTYPE_STATION)
1916 		return 0;
1917 
1918 	enable_ps = arvif->ps;
1919 
1920 	if (enable_ps && ath10k_mac_num_vifs_started(ar) > 1 &&
1921 	    !test_bit(ATH10K_FW_FEATURE_MULTI_VIF_PS_SUPPORT,
1922 		      ar->running_fw->fw_file.fw_features)) {
1923 		ath10k_warn(ar, "refusing to enable ps on vdev %i: not supported by fw\n",
1924 			    arvif->vdev_id);
1925 		enable_ps = false;
1926 	}
1927 
1928 	if (!arvif->is_started) {
1929 		/* mac80211 can update vif powersave state while disconnected.
1930 		 * Firmware doesn't behave nicely and consumes more power than
1931 		 * necessary if PS is disabled on a non-started vdev. Hence
1932 		 * force-enable PS for non-running vdevs.
1933 		 */
1934 		psmode = WMI_STA_PS_MODE_ENABLED;
1935 	} else if (enable_ps) {
1936 		psmode = WMI_STA_PS_MODE_ENABLED;
1937 		param = WMI_STA_PS_PARAM_INACTIVITY_TIME;
1938 
1939 		ps_timeout = conf->dynamic_ps_timeout;
1940 		if (ps_timeout == 0) {
1941 			/* Firmware doesn't like 0 */
1942 			ps_timeout = ieee80211_tu_to_usec(
1943 				vif->bss_conf.beacon_int) / 1000;
1944 		}
1945 
1946 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param,
1947 						  ps_timeout);
1948 		if (ret) {
1949 			ath10k_warn(ar, "failed to set inactivity time for vdev %d: %i\n",
1950 				    arvif->vdev_id, ret);
1951 			return ret;
1952 		}
1953 	} else {
1954 		psmode = WMI_STA_PS_MODE_DISABLED;
1955 	}
1956 
1957 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d psmode %s\n",
1958 		   arvif->vdev_id, psmode ? "enable" : "disable");
1959 
1960 	ret = ath10k_wmi_set_psmode(ar, arvif->vdev_id, psmode);
1961 	if (ret) {
1962 		ath10k_warn(ar, "failed to set PS Mode %d for vdev %d: %d\n",
1963 			    psmode, arvif->vdev_id, ret);
1964 		return ret;
1965 	}
1966 
1967 	return 0;
1968 }
1969 
1970 static int ath10k_mac_vif_disable_keepalive(struct ath10k_vif *arvif)
1971 {
1972 	struct ath10k *ar = arvif->ar;
1973 	struct wmi_sta_keepalive_arg arg = {};
1974 	int ret;
1975 
1976 	lockdep_assert_held(&arvif->ar->conf_mutex);
1977 
1978 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
1979 		return 0;
1980 
1981 	if (!test_bit(WMI_SERVICE_STA_KEEP_ALIVE, ar->wmi.svc_map))
1982 		return 0;
1983 
1984 	/* Some firmware revisions have a bug and ignore the `enabled` field.
1985 	 * Instead use the interval to disable the keepalive.
1986 	 */
1987 	arg.vdev_id = arvif->vdev_id;
1988 	arg.enabled = 1;
1989 	arg.method = WMI_STA_KEEPALIVE_METHOD_NULL_FRAME;
1990 	arg.interval = WMI_STA_KEEPALIVE_INTERVAL_DISABLE;
1991 
1992 	ret = ath10k_wmi_sta_keepalive(ar, &arg);
1993 	if (ret) {
1994 		ath10k_warn(ar, "failed to submit keepalive on vdev %i: %d\n",
1995 			    arvif->vdev_id, ret);
1996 		return ret;
1997 	}
1998 
1999 	return 0;
2000 }
2001 
2002 static void ath10k_mac_vif_ap_csa_count_down(struct ath10k_vif *arvif)
2003 {
2004 	struct ath10k *ar = arvif->ar;
2005 	struct ieee80211_vif *vif = arvif->vif;
2006 	int ret;
2007 
2008 	lockdep_assert_held(&arvif->ar->conf_mutex);
2009 
2010 	if (WARN_ON(!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)))
2011 		return;
2012 
2013 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
2014 		return;
2015 
2016 	if (!vif->csa_active)
2017 		return;
2018 
2019 	if (!arvif->is_up)
2020 		return;
2021 
2022 	if (!ieee80211_beacon_cntdwn_is_complete(vif)) {
2023 		ieee80211_beacon_update_cntdwn(vif);
2024 
2025 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
2026 		if (ret)
2027 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
2028 				    ret);
2029 
2030 		ret = ath10k_mac_setup_prb_tmpl(arvif);
2031 		if (ret)
2032 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
2033 				    ret);
2034 	} else {
2035 		ieee80211_csa_finish(vif);
2036 	}
2037 }
2038 
2039 static void ath10k_mac_vif_ap_csa_work(struct work_struct *work)
2040 {
2041 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2042 						ap_csa_work);
2043 	struct ath10k *ar = arvif->ar;
2044 
2045 	mutex_lock(&ar->conf_mutex);
2046 	ath10k_mac_vif_ap_csa_count_down(arvif);
2047 	mutex_unlock(&ar->conf_mutex);
2048 }
2049 
2050 static void ath10k_mac_handle_beacon_iter(void *data, u8 *mac,
2051 					  struct ieee80211_vif *vif)
2052 {
2053 	struct sk_buff *skb = data;
2054 	struct ieee80211_mgmt *mgmt = (void *)skb->data;
2055 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2056 
2057 	if (vif->type != NL80211_IFTYPE_STATION)
2058 		return;
2059 
2060 	if (!ether_addr_equal(mgmt->bssid, vif->bss_conf.bssid))
2061 		return;
2062 
2063 	cancel_delayed_work(&arvif->connection_loss_work);
2064 }
2065 
2066 void ath10k_mac_handle_beacon(struct ath10k *ar, struct sk_buff *skb)
2067 {
2068 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2069 						   ATH10K_ITER_NORMAL_FLAGS,
2070 						   ath10k_mac_handle_beacon_iter,
2071 						   skb);
2072 }
2073 
2074 static void ath10k_mac_handle_beacon_miss_iter(void *data, u8 *mac,
2075 					       struct ieee80211_vif *vif)
2076 {
2077 	u32 *vdev_id = data;
2078 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2079 	struct ath10k *ar = arvif->ar;
2080 	struct ieee80211_hw *hw = ar->hw;
2081 
2082 	if (arvif->vdev_id != *vdev_id)
2083 		return;
2084 
2085 	if (!arvif->is_up)
2086 		return;
2087 
2088 	ieee80211_beacon_loss(vif);
2089 
2090 	/* Firmware doesn't report beacon loss events repeatedly. If AP probe
2091 	 * (done by mac80211) succeeds but beacons do not resume then it
2092 	 * doesn't make sense to continue operation. Queue connection loss work
2093 	 * which can be cancelled when beacon is received.
2094 	 */
2095 	ieee80211_queue_delayed_work(hw, &arvif->connection_loss_work,
2096 				     ATH10K_CONNECTION_LOSS_HZ);
2097 }
2098 
2099 void ath10k_mac_handle_beacon_miss(struct ath10k *ar, u32 vdev_id)
2100 {
2101 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2102 						   ATH10K_ITER_NORMAL_FLAGS,
2103 						   ath10k_mac_handle_beacon_miss_iter,
2104 						   &vdev_id);
2105 }
2106 
2107 static void ath10k_mac_vif_sta_connection_loss_work(struct work_struct *work)
2108 {
2109 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2110 						connection_loss_work.work);
2111 	struct ieee80211_vif *vif = arvif->vif;
2112 
2113 	if (!arvif->is_up)
2114 		return;
2115 
2116 	ieee80211_connection_loss(vif);
2117 }
2118 
2119 /**********************/
2120 /* Station management */
2121 /**********************/
2122 
2123 static u32 ath10k_peer_assoc_h_listen_intval(struct ath10k *ar,
2124 					     struct ieee80211_vif *vif)
2125 {
2126 	/* Some firmware revisions have unstable STA powersave when listen
2127 	 * interval is set too high (e.g. 5). The symptoms are firmware doesn't
2128 	 * generate NullFunc frames properly even if buffered frames have been
2129 	 * indicated in Beacon TIM. Firmware would seldom wake up to pull
2130 	 * buffered frames. Often pinging the device from AP would simply fail.
2131 	 *
2132 	 * As a workaround set it to 1.
2133 	 */
2134 	if (vif->type == NL80211_IFTYPE_STATION)
2135 		return 1;
2136 
2137 	return ar->hw->conf.listen_interval;
2138 }
2139 
2140 static void ath10k_peer_assoc_h_basic(struct ath10k *ar,
2141 				      struct ieee80211_vif *vif,
2142 				      struct ieee80211_sta *sta,
2143 				      struct wmi_peer_assoc_complete_arg *arg)
2144 {
2145 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2146 	u32 aid;
2147 
2148 	lockdep_assert_held(&ar->conf_mutex);
2149 
2150 	if (vif->type == NL80211_IFTYPE_STATION)
2151 		aid = vif->bss_conf.aid;
2152 	else
2153 		aid = sta->aid;
2154 
2155 	ether_addr_copy(arg->addr, sta->addr);
2156 	arg->vdev_id = arvif->vdev_id;
2157 	arg->peer_aid = aid;
2158 	arg->peer_flags |= arvif->ar->wmi.peer_flags->auth;
2159 	arg->peer_listen_intval = ath10k_peer_assoc_h_listen_intval(ar, vif);
2160 	arg->peer_num_spatial_streams = 1;
2161 	arg->peer_caps = vif->bss_conf.assoc_capability;
2162 }
2163 
2164 static void ath10k_peer_assoc_h_crypto(struct ath10k *ar,
2165 				       struct ieee80211_vif *vif,
2166 				       struct ieee80211_sta *sta,
2167 				       struct wmi_peer_assoc_complete_arg *arg)
2168 {
2169 	struct ieee80211_bss_conf *info = &vif->bss_conf;
2170 	struct cfg80211_chan_def def;
2171 	struct cfg80211_bss *bss;
2172 	const u8 *rsnie = NULL;
2173 	const u8 *wpaie = NULL;
2174 
2175 	lockdep_assert_held(&ar->conf_mutex);
2176 
2177 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2178 		return;
2179 
2180 	bss = cfg80211_get_bss(ar->hw->wiphy, def.chan, info->bssid, NULL, 0,
2181 			       IEEE80211_BSS_TYPE_ANY, IEEE80211_PRIVACY_ANY);
2182 	if (bss) {
2183 		const struct cfg80211_bss_ies *ies;
2184 
2185 		rcu_read_lock();
2186 		rsnie = ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
2187 
2188 		ies = rcu_dereference(bss->ies);
2189 
2190 		wpaie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
2191 						WLAN_OUI_TYPE_MICROSOFT_WPA,
2192 						ies->data,
2193 						ies->len);
2194 		rcu_read_unlock();
2195 		cfg80211_put_bss(ar->hw->wiphy, bss);
2196 	}
2197 
2198 	/* FIXME: base on RSN IE/WPA IE is a correct idea? */
2199 	if (rsnie || wpaie) {
2200 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: rsn ie found\n", __func__);
2201 		arg->peer_flags |= ar->wmi.peer_flags->need_ptk_4_way;
2202 	}
2203 
2204 	if (wpaie) {
2205 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: wpa ie found\n", __func__);
2206 		arg->peer_flags |= ar->wmi.peer_flags->need_gtk_2_way;
2207 	}
2208 
2209 	if (sta->mfp &&
2210 	    test_bit(ATH10K_FW_FEATURE_MFP_SUPPORT,
2211 		     ar->running_fw->fw_file.fw_features)) {
2212 		arg->peer_flags |= ar->wmi.peer_flags->pmf;
2213 	}
2214 }
2215 
2216 static void ath10k_peer_assoc_h_rates(struct ath10k *ar,
2217 				      struct ieee80211_vif *vif,
2218 				      struct ieee80211_sta *sta,
2219 				      struct wmi_peer_assoc_complete_arg *arg)
2220 {
2221 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2222 	struct wmi_rate_set_arg *rateset = &arg->peer_legacy_rates;
2223 	struct cfg80211_chan_def def;
2224 	const struct ieee80211_supported_band *sband;
2225 	const struct ieee80211_rate *rates;
2226 	enum nl80211_band band;
2227 	u32 ratemask;
2228 	u8 rate;
2229 	int i;
2230 
2231 	lockdep_assert_held(&ar->conf_mutex);
2232 
2233 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2234 		return;
2235 
2236 	band = def.chan->band;
2237 	sband = ar->hw->wiphy->bands[band];
2238 	ratemask = sta->supp_rates[band];
2239 	ratemask &= arvif->bitrate_mask.control[band].legacy;
2240 	rates = sband->bitrates;
2241 
2242 	rateset->num_rates = 0;
2243 
2244 	for (i = 0; i < 32; i++, ratemask >>= 1, rates++) {
2245 		if (!(ratemask & 1))
2246 			continue;
2247 
2248 		rate = ath10k_mac_bitrate_to_rate(rates->bitrate);
2249 		rateset->rates[rateset->num_rates] = rate;
2250 		rateset->num_rates++;
2251 	}
2252 }
2253 
2254 static bool
2255 ath10k_peer_assoc_h_ht_masked(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
2256 {
2257 	int nss;
2258 
2259 	for (nss = 0; nss < IEEE80211_HT_MCS_MASK_LEN; nss++)
2260 		if (ht_mcs_mask[nss])
2261 			return false;
2262 
2263 	return true;
2264 }
2265 
2266 static bool
2267 ath10k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
2268 {
2269 	int nss;
2270 
2271 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++)
2272 		if (vht_mcs_mask[nss])
2273 			return false;
2274 
2275 	return true;
2276 }
2277 
2278 static void ath10k_peer_assoc_h_ht(struct ath10k *ar,
2279 				   struct ieee80211_vif *vif,
2280 				   struct ieee80211_sta *sta,
2281 				   struct wmi_peer_assoc_complete_arg *arg)
2282 {
2283 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->ht_cap;
2284 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2285 	struct cfg80211_chan_def def;
2286 	enum nl80211_band band;
2287 	const u8 *ht_mcs_mask;
2288 	const u16 *vht_mcs_mask;
2289 	int i, n;
2290 	u8 max_nss;
2291 	u32 stbc;
2292 
2293 	lockdep_assert_held(&ar->conf_mutex);
2294 
2295 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2296 		return;
2297 
2298 	if (!ht_cap->ht_supported)
2299 		return;
2300 
2301 	band = def.chan->band;
2302 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2303 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2304 
2305 	if (ath10k_peer_assoc_h_ht_masked(ht_mcs_mask) &&
2306 	    ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2307 		return;
2308 
2309 	arg->peer_flags |= ar->wmi.peer_flags->ht;
2310 	arg->peer_max_mpdu = (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2311 				    ht_cap->ampdu_factor)) - 1;
2312 
2313 	arg->peer_mpdu_density =
2314 		ath10k_parse_mpdudensity(ht_cap->ampdu_density);
2315 
2316 	arg->peer_ht_caps = ht_cap->cap;
2317 	arg->peer_rate_caps |= WMI_RC_HT_FLAG;
2318 
2319 	if (ht_cap->cap & IEEE80211_HT_CAP_LDPC_CODING)
2320 		arg->peer_flags |= ar->wmi.peer_flags->ldbc;
2321 
2322 	if (sta->bandwidth >= IEEE80211_STA_RX_BW_40) {
2323 		arg->peer_flags |= ar->wmi.peer_flags->bw40;
2324 		arg->peer_rate_caps |= WMI_RC_CW40_FLAG;
2325 	}
2326 
2327 	if (arvif->bitrate_mask.control[band].gi != NL80211_TXRATE_FORCE_LGI) {
2328 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_20)
2329 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2330 
2331 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_40)
2332 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2333 	}
2334 
2335 	if (ht_cap->cap & IEEE80211_HT_CAP_TX_STBC) {
2336 		arg->peer_rate_caps |= WMI_RC_TX_STBC_FLAG;
2337 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2338 	}
2339 
2340 	if (ht_cap->cap & IEEE80211_HT_CAP_RX_STBC) {
2341 		stbc = ht_cap->cap & IEEE80211_HT_CAP_RX_STBC;
2342 		stbc = stbc >> IEEE80211_HT_CAP_RX_STBC_SHIFT;
2343 		stbc = stbc << WMI_RC_RX_STBC_FLAG_S;
2344 		arg->peer_rate_caps |= stbc;
2345 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2346 	}
2347 
2348 	if (ht_cap->mcs.rx_mask[1] && ht_cap->mcs.rx_mask[2])
2349 		arg->peer_rate_caps |= WMI_RC_TS_FLAG;
2350 	else if (ht_cap->mcs.rx_mask[1])
2351 		arg->peer_rate_caps |= WMI_RC_DS_FLAG;
2352 
2353 	for (i = 0, n = 0, max_nss = 0; i < IEEE80211_HT_MCS_MASK_LEN * 8; i++)
2354 		if ((ht_cap->mcs.rx_mask[i / 8] & BIT(i % 8)) &&
2355 		    (ht_mcs_mask[i / 8] & BIT(i % 8))) {
2356 			max_nss = (i / 8) + 1;
2357 			arg->peer_ht_rates.rates[n++] = i;
2358 		}
2359 
2360 	/*
2361 	 * This is a workaround for HT-enabled STAs which break the spec
2362 	 * and have no HT capabilities RX mask (no HT RX MCS map).
2363 	 *
2364 	 * As per spec, in section 20.3.5 Modulation and coding scheme (MCS),
2365 	 * MCS 0 through 7 are mandatory in 20MHz with 800 ns GI at all STAs.
2366 	 *
2367 	 * Firmware asserts if such situation occurs.
2368 	 */
2369 	if (n == 0) {
2370 		arg->peer_ht_rates.num_rates = 8;
2371 		for (i = 0; i < arg->peer_ht_rates.num_rates; i++)
2372 			arg->peer_ht_rates.rates[i] = i;
2373 	} else {
2374 		arg->peer_ht_rates.num_rates = n;
2375 		arg->peer_num_spatial_streams = min(sta->rx_nss, max_nss);
2376 	}
2377 
2378 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ht peer %pM mcs cnt %d nss %d\n",
2379 		   arg->addr,
2380 		   arg->peer_ht_rates.num_rates,
2381 		   arg->peer_num_spatial_streams);
2382 }
2383 
2384 static int ath10k_peer_assoc_qos_ap(struct ath10k *ar,
2385 				    struct ath10k_vif *arvif,
2386 				    struct ieee80211_sta *sta)
2387 {
2388 	u32 uapsd = 0;
2389 	u32 max_sp = 0;
2390 	int ret = 0;
2391 
2392 	lockdep_assert_held(&ar->conf_mutex);
2393 
2394 	if (sta->wme && sta->uapsd_queues) {
2395 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac uapsd_queues 0x%x max_sp %d\n",
2396 			   sta->uapsd_queues, sta->max_sp);
2397 
2398 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
2399 			uapsd |= WMI_AP_PS_UAPSD_AC3_DELIVERY_EN |
2400 				 WMI_AP_PS_UAPSD_AC3_TRIGGER_EN;
2401 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
2402 			uapsd |= WMI_AP_PS_UAPSD_AC2_DELIVERY_EN |
2403 				 WMI_AP_PS_UAPSD_AC2_TRIGGER_EN;
2404 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
2405 			uapsd |= WMI_AP_PS_UAPSD_AC1_DELIVERY_EN |
2406 				 WMI_AP_PS_UAPSD_AC1_TRIGGER_EN;
2407 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
2408 			uapsd |= WMI_AP_PS_UAPSD_AC0_DELIVERY_EN |
2409 				 WMI_AP_PS_UAPSD_AC0_TRIGGER_EN;
2410 
2411 		if (sta->max_sp < MAX_WMI_AP_PS_PEER_PARAM_MAX_SP)
2412 			max_sp = sta->max_sp;
2413 
2414 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2415 						 sta->addr,
2416 						 WMI_AP_PS_PEER_PARAM_UAPSD,
2417 						 uapsd);
2418 		if (ret) {
2419 			ath10k_warn(ar, "failed to set ap ps peer param uapsd for vdev %i: %d\n",
2420 				    arvif->vdev_id, ret);
2421 			return ret;
2422 		}
2423 
2424 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2425 						 sta->addr,
2426 						 WMI_AP_PS_PEER_PARAM_MAX_SP,
2427 						 max_sp);
2428 		if (ret) {
2429 			ath10k_warn(ar, "failed to set ap ps peer param max sp for vdev %i: %d\n",
2430 				    arvif->vdev_id, ret);
2431 			return ret;
2432 		}
2433 
2434 		/* TODO setup this based on STA listen interval and
2435 		 * beacon interval. Currently we don't know
2436 		 * sta->listen_interval - mac80211 patch required.
2437 		 * Currently use 10 seconds
2438 		 */
2439 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id, sta->addr,
2440 						 WMI_AP_PS_PEER_PARAM_AGEOUT_TIME,
2441 						 10);
2442 		if (ret) {
2443 			ath10k_warn(ar, "failed to set ap ps peer param ageout time for vdev %i: %d\n",
2444 				    arvif->vdev_id, ret);
2445 			return ret;
2446 		}
2447 	}
2448 
2449 	return 0;
2450 }
2451 
2452 static u16
2453 ath10k_peer_assoc_h_vht_limit(u16 tx_mcs_set,
2454 			      const u16 vht_mcs_limit[NL80211_VHT_NSS_MAX])
2455 {
2456 	int idx_limit;
2457 	int nss;
2458 	u16 mcs_map;
2459 	u16 mcs;
2460 
2461 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
2462 		mcs_map = ath10k_mac_get_max_vht_mcs_map(tx_mcs_set, nss) &
2463 			  vht_mcs_limit[nss];
2464 
2465 		if (mcs_map)
2466 			idx_limit = fls(mcs_map) - 1;
2467 		else
2468 			idx_limit = -1;
2469 
2470 		switch (idx_limit) {
2471 		case 0:
2472 		case 1:
2473 		case 2:
2474 		case 3:
2475 		case 4:
2476 		case 5:
2477 		case 6:
2478 		default:
2479 			/* see ath10k_mac_can_set_bitrate_mask() */
2480 			WARN_ON(1);
2481 			fallthrough;
2482 		case -1:
2483 			mcs = IEEE80211_VHT_MCS_NOT_SUPPORTED;
2484 			break;
2485 		case 7:
2486 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_7;
2487 			break;
2488 		case 8:
2489 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_8;
2490 			break;
2491 		case 9:
2492 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_9;
2493 			break;
2494 		}
2495 
2496 		tx_mcs_set &= ~(0x3 << (nss * 2));
2497 		tx_mcs_set |= mcs << (nss * 2);
2498 	}
2499 
2500 	return tx_mcs_set;
2501 }
2502 
2503 static u32 get_160mhz_nss_from_maxrate(int rate)
2504 {
2505 	u32 nss;
2506 
2507 	switch (rate) {
2508 	case 780:
2509 		nss = 1;
2510 		break;
2511 	case 1560:
2512 		nss = 2;
2513 		break;
2514 	case 2106:
2515 		nss = 3; /* not support MCS9 from spec*/
2516 		break;
2517 	case 3120:
2518 		nss = 4;
2519 		break;
2520 	default:
2521 		 nss = 1;
2522 	}
2523 
2524 	return nss;
2525 }
2526 
2527 static void ath10k_peer_assoc_h_vht(struct ath10k *ar,
2528 				    struct ieee80211_vif *vif,
2529 				    struct ieee80211_sta *sta,
2530 				    struct wmi_peer_assoc_complete_arg *arg)
2531 {
2532 	const struct ieee80211_sta_vht_cap *vht_cap = &sta->vht_cap;
2533 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2534 	struct ath10k_hw_params *hw = &ar->hw_params;
2535 	struct cfg80211_chan_def def;
2536 	enum nl80211_band band;
2537 	const u16 *vht_mcs_mask;
2538 	u8 ampdu_factor;
2539 	u8 max_nss, vht_mcs;
2540 	int i;
2541 
2542 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2543 		return;
2544 
2545 	if (!vht_cap->vht_supported)
2546 		return;
2547 
2548 	band = def.chan->band;
2549 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2550 
2551 	if (ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2552 		return;
2553 
2554 	arg->peer_flags |= ar->wmi.peer_flags->vht;
2555 
2556 	if (def.chan->band == NL80211_BAND_2GHZ)
2557 		arg->peer_flags |= ar->wmi.peer_flags->vht_2g;
2558 
2559 	arg->peer_vht_caps = vht_cap->cap;
2560 
2561 	ampdu_factor = (vht_cap->cap &
2562 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >>
2563 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
2564 
2565 	/* Workaround: Some Netgear/Linksys 11ac APs set Rx A-MPDU factor to
2566 	 * zero in VHT IE. Using it would result in degraded throughput.
2567 	 * arg->peer_max_mpdu at this point contains HT max_mpdu so keep
2568 	 * it if VHT max_mpdu is smaller.
2569 	 */
2570 	arg->peer_max_mpdu = max(arg->peer_max_mpdu,
2571 				 (1U << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2572 					ampdu_factor)) - 1);
2573 
2574 	if (sta->bandwidth == IEEE80211_STA_RX_BW_80)
2575 		arg->peer_flags |= ar->wmi.peer_flags->bw80;
2576 
2577 	if (sta->bandwidth == IEEE80211_STA_RX_BW_160)
2578 		arg->peer_flags |= ar->wmi.peer_flags->bw160;
2579 
2580 	/* Calculate peer NSS capability from VHT capabilities if STA
2581 	 * supports VHT.
2582 	 */
2583 	for (i = 0, max_nss = 0, vht_mcs = 0; i < NL80211_VHT_NSS_MAX; i++) {
2584 		vht_mcs = __le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map) >>
2585 			  (2 * i) & 3;
2586 
2587 		if ((vht_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) &&
2588 		    vht_mcs_mask[i])
2589 			max_nss = i + 1;
2590 	}
2591 	arg->peer_num_spatial_streams = min(sta->rx_nss, max_nss);
2592 	arg->peer_vht_rates.rx_max_rate =
2593 		__le16_to_cpu(vht_cap->vht_mcs.rx_highest);
2594 	arg->peer_vht_rates.rx_mcs_set =
2595 		__le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map);
2596 	arg->peer_vht_rates.tx_max_rate =
2597 		__le16_to_cpu(vht_cap->vht_mcs.tx_highest);
2598 	arg->peer_vht_rates.tx_mcs_set = ath10k_peer_assoc_h_vht_limit(
2599 		__le16_to_cpu(vht_cap->vht_mcs.tx_mcs_map), vht_mcs_mask);
2600 
2601 	/* Configure bandwidth-NSS mapping to FW
2602 	 * for the chip's tx chains setting on 160Mhz bw
2603 	 */
2604 	if (arg->peer_phymode == MODE_11AC_VHT160 ||
2605 	    arg->peer_phymode == MODE_11AC_VHT80_80) {
2606 		u32 rx_nss;
2607 		u32 max_rate;
2608 
2609 		max_rate = arg->peer_vht_rates.rx_max_rate;
2610 		rx_nss = get_160mhz_nss_from_maxrate(max_rate);
2611 
2612 		if (rx_nss == 0)
2613 			rx_nss = arg->peer_num_spatial_streams;
2614 		else
2615 			rx_nss = min(arg->peer_num_spatial_streams, rx_nss);
2616 
2617 		max_rate = hw->vht160_mcs_tx_highest;
2618 		rx_nss = min(rx_nss, get_160mhz_nss_from_maxrate(max_rate));
2619 
2620 		arg->peer_bw_rxnss_override =
2621 			FIELD_PREP(WMI_PEER_NSS_MAP_ENABLE, 1) |
2622 			FIELD_PREP(WMI_PEER_NSS_160MHZ_MASK, (rx_nss - 1));
2623 
2624 		if (arg->peer_phymode == MODE_11AC_VHT80_80) {
2625 			arg->peer_bw_rxnss_override |=
2626 			FIELD_PREP(WMI_PEER_NSS_80_80MHZ_MASK, (rx_nss - 1));
2627 		}
2628 	}
2629 	ath10k_dbg(ar, ATH10K_DBG_MAC,
2630 		   "mac vht peer %pM max_mpdu %d flags 0x%x peer_rx_nss_override 0x%x\n",
2631 		   sta->addr, arg->peer_max_mpdu,
2632 		   arg->peer_flags, arg->peer_bw_rxnss_override);
2633 }
2634 
2635 static void ath10k_peer_assoc_h_qos(struct ath10k *ar,
2636 				    struct ieee80211_vif *vif,
2637 				    struct ieee80211_sta *sta,
2638 				    struct wmi_peer_assoc_complete_arg *arg)
2639 {
2640 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2641 
2642 	switch (arvif->vdev_type) {
2643 	case WMI_VDEV_TYPE_AP:
2644 		if (sta->wme)
2645 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2646 
2647 		if (sta->wme && sta->uapsd_queues) {
2648 			arg->peer_flags |= arvif->ar->wmi.peer_flags->apsd;
2649 			arg->peer_rate_caps |= WMI_RC_UAPSD_FLAG;
2650 		}
2651 		break;
2652 	case WMI_VDEV_TYPE_STA:
2653 		if (sta->wme)
2654 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2655 		break;
2656 	case WMI_VDEV_TYPE_IBSS:
2657 		if (sta->wme)
2658 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2659 		break;
2660 	default:
2661 		break;
2662 	}
2663 
2664 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM qos %d\n",
2665 		   sta->addr, !!(arg->peer_flags &
2666 		   arvif->ar->wmi.peer_flags->qos));
2667 }
2668 
2669 static bool ath10k_mac_sta_has_ofdm_only(struct ieee80211_sta *sta)
2670 {
2671 	return sta->supp_rates[NL80211_BAND_2GHZ] >>
2672 	       ATH10K_MAC_FIRST_OFDM_RATE_IDX;
2673 }
2674 
2675 static enum wmi_phy_mode ath10k_mac_get_phymode_vht(struct ath10k *ar,
2676 						    struct ieee80211_sta *sta)
2677 {
2678 	if (sta->bandwidth == IEEE80211_STA_RX_BW_160) {
2679 		switch (sta->vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) {
2680 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ:
2681 			return MODE_11AC_VHT160;
2682 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ:
2683 			return MODE_11AC_VHT80_80;
2684 		default:
2685 			/* not sure if this is a valid case? */
2686 			return MODE_11AC_VHT160;
2687 		}
2688 	}
2689 
2690 	if (sta->bandwidth == IEEE80211_STA_RX_BW_80)
2691 		return MODE_11AC_VHT80;
2692 
2693 	if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2694 		return MODE_11AC_VHT40;
2695 
2696 	if (sta->bandwidth == IEEE80211_STA_RX_BW_20)
2697 		return MODE_11AC_VHT20;
2698 
2699 	return MODE_UNKNOWN;
2700 }
2701 
2702 static void ath10k_peer_assoc_h_phymode(struct ath10k *ar,
2703 					struct ieee80211_vif *vif,
2704 					struct ieee80211_sta *sta,
2705 					struct wmi_peer_assoc_complete_arg *arg)
2706 {
2707 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2708 	struct cfg80211_chan_def def;
2709 	enum nl80211_band band;
2710 	const u8 *ht_mcs_mask;
2711 	const u16 *vht_mcs_mask;
2712 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
2713 
2714 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2715 		return;
2716 
2717 	band = def.chan->band;
2718 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2719 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2720 
2721 	switch (band) {
2722 	case NL80211_BAND_2GHZ:
2723 		if (sta->vht_cap.vht_supported &&
2724 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2725 			if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2726 				phymode = MODE_11AC_VHT40;
2727 			else
2728 				phymode = MODE_11AC_VHT20;
2729 		} else if (sta->ht_cap.ht_supported &&
2730 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2731 			if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2732 				phymode = MODE_11NG_HT40;
2733 			else
2734 				phymode = MODE_11NG_HT20;
2735 		} else if (ath10k_mac_sta_has_ofdm_only(sta)) {
2736 			phymode = MODE_11G;
2737 		} else {
2738 			phymode = MODE_11B;
2739 		}
2740 
2741 		break;
2742 	case NL80211_BAND_5GHZ:
2743 		/*
2744 		 * Check VHT first.
2745 		 */
2746 		if (sta->vht_cap.vht_supported &&
2747 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2748 			phymode = ath10k_mac_get_phymode_vht(ar, sta);
2749 		} else if (sta->ht_cap.ht_supported &&
2750 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2751 			if (sta->bandwidth >= IEEE80211_STA_RX_BW_40)
2752 				phymode = MODE_11NA_HT40;
2753 			else
2754 				phymode = MODE_11NA_HT20;
2755 		} else {
2756 			phymode = MODE_11A;
2757 		}
2758 
2759 		break;
2760 	default:
2761 		break;
2762 	}
2763 
2764 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM phymode %s\n",
2765 		   sta->addr, ath10k_wmi_phymode_str(phymode));
2766 
2767 	arg->peer_phymode = phymode;
2768 	WARN_ON(phymode == MODE_UNKNOWN);
2769 }
2770 
2771 static int ath10k_peer_assoc_prepare(struct ath10k *ar,
2772 				     struct ieee80211_vif *vif,
2773 				     struct ieee80211_sta *sta,
2774 				     struct wmi_peer_assoc_complete_arg *arg)
2775 {
2776 	lockdep_assert_held(&ar->conf_mutex);
2777 
2778 	memset(arg, 0, sizeof(*arg));
2779 
2780 	ath10k_peer_assoc_h_basic(ar, vif, sta, arg);
2781 	ath10k_peer_assoc_h_crypto(ar, vif, sta, arg);
2782 	ath10k_peer_assoc_h_rates(ar, vif, sta, arg);
2783 	ath10k_peer_assoc_h_ht(ar, vif, sta, arg);
2784 	ath10k_peer_assoc_h_phymode(ar, vif, sta, arg);
2785 	ath10k_peer_assoc_h_vht(ar, vif, sta, arg);
2786 	ath10k_peer_assoc_h_qos(ar, vif, sta, arg);
2787 
2788 	return 0;
2789 }
2790 
2791 static const u32 ath10k_smps_map[] = {
2792 	[WLAN_HT_CAP_SM_PS_STATIC] = WMI_PEER_SMPS_STATIC,
2793 	[WLAN_HT_CAP_SM_PS_DYNAMIC] = WMI_PEER_SMPS_DYNAMIC,
2794 	[WLAN_HT_CAP_SM_PS_INVALID] = WMI_PEER_SMPS_PS_NONE,
2795 	[WLAN_HT_CAP_SM_PS_DISABLED] = WMI_PEER_SMPS_PS_NONE,
2796 };
2797 
2798 static int ath10k_setup_peer_smps(struct ath10k *ar, struct ath10k_vif *arvif,
2799 				  const u8 *addr,
2800 				  const struct ieee80211_sta_ht_cap *ht_cap)
2801 {
2802 	int smps;
2803 
2804 	if (!ht_cap->ht_supported)
2805 		return 0;
2806 
2807 	smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
2808 	smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
2809 
2810 	if (smps >= ARRAY_SIZE(ath10k_smps_map))
2811 		return -EINVAL;
2812 
2813 	return ath10k_wmi_peer_set_param(ar, arvif->vdev_id, addr,
2814 					 ar->wmi.peer_param->smps_state,
2815 					 ath10k_smps_map[smps]);
2816 }
2817 
2818 static int ath10k_mac_vif_recalc_txbf(struct ath10k *ar,
2819 				      struct ieee80211_vif *vif,
2820 				      struct ieee80211_sta_vht_cap vht_cap)
2821 {
2822 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2823 	int ret;
2824 	u32 param;
2825 	u32 value;
2826 
2827 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_AFTER_ASSOC)
2828 		return 0;
2829 
2830 	if (!(ar->vht_cap_info &
2831 	      (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2832 	       IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE |
2833 	       IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2834 	       IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)))
2835 		return 0;
2836 
2837 	param = ar->wmi.vdev_param->txbf;
2838 	value = 0;
2839 
2840 	if (WARN_ON(param == WMI_VDEV_PARAM_UNSUPPORTED))
2841 		return 0;
2842 
2843 	/* The following logic is correct. If a remote STA advertises support
2844 	 * for being a beamformer then we should enable us being a beamformee.
2845 	 */
2846 
2847 	if (ar->vht_cap_info &
2848 	    (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2849 	     IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
2850 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
2851 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2852 
2853 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
2854 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFEE;
2855 	}
2856 
2857 	if (ar->vht_cap_info &
2858 	    (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2859 	     IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
2860 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
2861 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2862 
2863 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
2864 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFER;
2865 	}
2866 
2867 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFEE)
2868 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2869 
2870 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFER)
2871 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2872 
2873 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param, value);
2874 	if (ret) {
2875 		ath10k_warn(ar, "failed to submit vdev param txbf 0x%x: %d\n",
2876 			    value, ret);
2877 		return ret;
2878 	}
2879 
2880 	return 0;
2881 }
2882 
2883 /* can be called only in mac80211 callbacks due to `key_count` usage */
2884 static void ath10k_bss_assoc(struct ieee80211_hw *hw,
2885 			     struct ieee80211_vif *vif,
2886 			     struct ieee80211_bss_conf *bss_conf)
2887 {
2888 	struct ath10k *ar = hw->priv;
2889 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2890 	struct ieee80211_sta_ht_cap ht_cap;
2891 	struct ieee80211_sta_vht_cap vht_cap;
2892 	struct wmi_peer_assoc_complete_arg peer_arg;
2893 	struct ieee80211_sta *ap_sta;
2894 	int ret;
2895 
2896 	lockdep_assert_held(&ar->conf_mutex);
2897 
2898 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i assoc bssid %pM aid %d\n",
2899 		   arvif->vdev_id, arvif->bssid, arvif->aid);
2900 
2901 	rcu_read_lock();
2902 
2903 	ap_sta = ieee80211_find_sta(vif, bss_conf->bssid);
2904 	if (!ap_sta) {
2905 		ath10k_warn(ar, "failed to find station entry for bss %pM vdev %i\n",
2906 			    bss_conf->bssid, arvif->vdev_id);
2907 		rcu_read_unlock();
2908 		return;
2909 	}
2910 
2911 	/* ap_sta must be accessed only within rcu section which must be left
2912 	 * before calling ath10k_setup_peer_smps() which might sleep.
2913 	 */
2914 	ht_cap = ap_sta->ht_cap;
2915 	vht_cap = ap_sta->vht_cap;
2916 
2917 	ret = ath10k_peer_assoc_prepare(ar, vif, ap_sta, &peer_arg);
2918 	if (ret) {
2919 		ath10k_warn(ar, "failed to prepare peer assoc for %pM vdev %i: %d\n",
2920 			    bss_conf->bssid, arvif->vdev_id, ret);
2921 		rcu_read_unlock();
2922 		return;
2923 	}
2924 
2925 	rcu_read_unlock();
2926 
2927 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
2928 	if (ret) {
2929 		ath10k_warn(ar, "failed to run peer assoc for %pM vdev %i: %d\n",
2930 			    bss_conf->bssid, arvif->vdev_id, ret);
2931 		return;
2932 	}
2933 
2934 	ret = ath10k_setup_peer_smps(ar, arvif, bss_conf->bssid, &ht_cap);
2935 	if (ret) {
2936 		ath10k_warn(ar, "failed to setup peer SMPS for vdev %i: %d\n",
2937 			    arvif->vdev_id, ret);
2938 		return;
2939 	}
2940 
2941 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
2942 	if (ret) {
2943 		ath10k_warn(ar, "failed to recalc txbf for vdev %i on bss %pM: %d\n",
2944 			    arvif->vdev_id, bss_conf->bssid, ret);
2945 		return;
2946 	}
2947 
2948 	ath10k_dbg(ar, ATH10K_DBG_MAC,
2949 		   "mac vdev %d up (associated) bssid %pM aid %d\n",
2950 		   arvif->vdev_id, bss_conf->bssid, bss_conf->aid);
2951 
2952 	WARN_ON(arvif->is_up);
2953 
2954 	arvif->aid = bss_conf->aid;
2955 	ether_addr_copy(arvif->bssid, bss_conf->bssid);
2956 
2957 	ret = ath10k_wmi_pdev_set_param(ar,
2958 					ar->wmi.pdev_param->peer_stats_info_enable, 1);
2959 	if (ret)
2960 		ath10k_warn(ar, "failed to enable peer stats info: %d\n", ret);
2961 
2962 	ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, arvif->aid, arvif->bssid);
2963 	if (ret) {
2964 		ath10k_warn(ar, "failed to set vdev %d up: %d\n",
2965 			    arvif->vdev_id, ret);
2966 		return;
2967 	}
2968 
2969 	arvif->is_up = true;
2970 
2971 	/* Workaround: Some firmware revisions (tested with qca6174
2972 	 * WLAN.RM.2.0-00073) have buggy powersave state machine and must be
2973 	 * poked with peer param command.
2974 	 */
2975 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, arvif->bssid,
2976 					ar->wmi.peer_param->dummy_var, 1);
2977 	if (ret) {
2978 		ath10k_warn(ar, "failed to poke peer %pM param for ps workaround on vdev %i: %d\n",
2979 			    arvif->bssid, arvif->vdev_id, ret);
2980 		return;
2981 	}
2982 }
2983 
2984 static void ath10k_bss_disassoc(struct ieee80211_hw *hw,
2985 				struct ieee80211_vif *vif)
2986 {
2987 	struct ath10k *ar = hw->priv;
2988 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2989 	struct ieee80211_sta_vht_cap vht_cap = {};
2990 	int ret;
2991 
2992 	lockdep_assert_held(&ar->conf_mutex);
2993 
2994 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i disassoc bssid %pM\n",
2995 		   arvif->vdev_id, arvif->bssid);
2996 
2997 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
2998 	if (ret)
2999 		ath10k_warn(ar, "failed to down vdev %i: %d\n",
3000 			    arvif->vdev_id, ret);
3001 
3002 	arvif->def_wep_key_idx = -1;
3003 
3004 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3005 	if (ret) {
3006 		ath10k_warn(ar, "failed to recalc txbf for vdev %i: %d\n",
3007 			    arvif->vdev_id, ret);
3008 		return;
3009 	}
3010 
3011 	arvif->is_up = false;
3012 
3013 	cancel_delayed_work_sync(&arvif->connection_loss_work);
3014 }
3015 
3016 static int ath10k_new_peer_tid_config(struct ath10k *ar,
3017 				      struct ieee80211_sta *sta,
3018 				      struct ath10k_vif *arvif)
3019 {
3020 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
3021 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
3022 	bool config_apply;
3023 	int ret, i;
3024 
3025 	for (i = 0; i < ATH10K_TID_MAX; i++) {
3026 		config_apply = false;
3027 		if (arvif->retry_long[i] || arvif->ampdu[i] ||
3028 		    arvif->rate_ctrl[i] || arvif->rtscts[i]) {
3029 			config_apply = true;
3030 			arg.tid = i;
3031 			arg.vdev_id = arvif->vdev_id;
3032 			arg.retry_count = arvif->retry_long[i];
3033 			arg.aggr_control = arvif->ampdu[i];
3034 			arg.rate_ctrl = arvif->rate_ctrl[i];
3035 			arg.rcode_flags = arvif->rate_code[i];
3036 
3037 			if (arvif->rtscts[i])
3038 				arg.ext_tid_cfg_bitmap =
3039 					WMI_EXT_TID_RTS_CTS_CONFIG;
3040 			else
3041 				arg.ext_tid_cfg_bitmap = 0;
3042 
3043 			arg.rtscts_ctrl = arvif->rtscts[i];
3044 		}
3045 
3046 		if (arvif->noack[i]) {
3047 			arg.ack_policy = arvif->noack[i];
3048 			arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
3049 			arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
3050 			config_apply = true;
3051 		}
3052 
3053 		/* Assign default value(-1) to newly connected station.
3054 		 * This is to identify station specific tid configuration not
3055 		 * configured for the station.
3056 		 */
3057 		arsta->retry_long[i] = -1;
3058 		arsta->noack[i] = -1;
3059 		arsta->ampdu[i] = -1;
3060 
3061 		if (!config_apply)
3062 			continue;
3063 
3064 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
3065 
3066 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
3067 		if (ret) {
3068 			ath10k_warn(ar, "failed to set per tid retry/aggr config for sta %pM: %d\n",
3069 				    sta->addr, ret);
3070 			return ret;
3071 		}
3072 
3073 		memset(&arg, 0, sizeof(arg));
3074 	}
3075 
3076 	return 0;
3077 }
3078 
3079 static int ath10k_station_assoc(struct ath10k *ar,
3080 				struct ieee80211_vif *vif,
3081 				struct ieee80211_sta *sta,
3082 				bool reassoc)
3083 {
3084 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3085 	struct wmi_peer_assoc_complete_arg peer_arg;
3086 	int ret = 0;
3087 
3088 	lockdep_assert_held(&ar->conf_mutex);
3089 
3090 	ret = ath10k_peer_assoc_prepare(ar, vif, sta, &peer_arg);
3091 	if (ret) {
3092 		ath10k_warn(ar, "failed to prepare WMI peer assoc for %pM vdev %i: %i\n",
3093 			    sta->addr, arvif->vdev_id, ret);
3094 		return ret;
3095 	}
3096 
3097 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3098 	if (ret) {
3099 		ath10k_warn(ar, "failed to run peer assoc for STA %pM vdev %i: %d\n",
3100 			    sta->addr, arvif->vdev_id, ret);
3101 		return ret;
3102 	}
3103 
3104 	/* Re-assoc is run only to update supported rates for given station. It
3105 	 * doesn't make much sense to reconfigure the peer completely.
3106 	 */
3107 	if (!reassoc) {
3108 		ret = ath10k_setup_peer_smps(ar, arvif, sta->addr,
3109 					     &sta->ht_cap);
3110 		if (ret) {
3111 			ath10k_warn(ar, "failed to setup peer SMPS for vdev %d: %d\n",
3112 				    arvif->vdev_id, ret);
3113 			return ret;
3114 		}
3115 
3116 		ret = ath10k_peer_assoc_qos_ap(ar, arvif, sta);
3117 		if (ret) {
3118 			ath10k_warn(ar, "failed to set qos params for STA %pM for vdev %i: %d\n",
3119 				    sta->addr, arvif->vdev_id, ret);
3120 			return ret;
3121 		}
3122 
3123 		if (!sta->wme) {
3124 			arvif->num_legacy_stations++;
3125 			ret  = ath10k_recalc_rtscts_prot(arvif);
3126 			if (ret) {
3127 				ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3128 					    arvif->vdev_id, ret);
3129 				return ret;
3130 			}
3131 		}
3132 
3133 		/* Plumb cached keys only for static WEP */
3134 		if ((arvif->def_wep_key_idx != -1) && (!sta->tdls)) {
3135 			ret = ath10k_install_peer_wep_keys(arvif, sta->addr);
3136 			if (ret) {
3137 				ath10k_warn(ar, "failed to install peer wep keys for vdev %i: %d\n",
3138 					    arvif->vdev_id, ret);
3139 				return ret;
3140 			}
3141 		}
3142 	}
3143 
3144 	if (!test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map))
3145 		return ret;
3146 
3147 	return ath10k_new_peer_tid_config(ar, sta, arvif);
3148 }
3149 
3150 static int ath10k_station_disassoc(struct ath10k *ar,
3151 				   struct ieee80211_vif *vif,
3152 				   struct ieee80211_sta *sta)
3153 {
3154 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3155 	int ret = 0;
3156 
3157 	lockdep_assert_held(&ar->conf_mutex);
3158 
3159 	if (!sta->wme) {
3160 		arvif->num_legacy_stations--;
3161 		ret = ath10k_recalc_rtscts_prot(arvif);
3162 		if (ret) {
3163 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3164 				    arvif->vdev_id, ret);
3165 			return ret;
3166 		}
3167 	}
3168 
3169 	ret = ath10k_clear_peer_keys(arvif, sta->addr);
3170 	if (ret) {
3171 		ath10k_warn(ar, "failed to clear all peer wep keys for vdev %i: %d\n",
3172 			    arvif->vdev_id, ret);
3173 		return ret;
3174 	}
3175 
3176 	return ret;
3177 }
3178 
3179 /**************/
3180 /* Regulatory */
3181 /**************/
3182 
3183 static int ath10k_update_channel_list(struct ath10k *ar)
3184 {
3185 	struct ieee80211_hw *hw = ar->hw;
3186 	struct ieee80211_supported_band **bands;
3187 	enum nl80211_band band;
3188 	struct ieee80211_channel *channel;
3189 	struct wmi_scan_chan_list_arg arg = {0};
3190 	struct wmi_channel_arg *ch;
3191 	bool passive;
3192 	int len;
3193 	int ret;
3194 	int i;
3195 
3196 	lockdep_assert_held(&ar->conf_mutex);
3197 
3198 	bands = hw->wiphy->bands;
3199 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3200 		if (!bands[band])
3201 			continue;
3202 
3203 		for (i = 0; i < bands[band]->n_channels; i++) {
3204 			if (bands[band]->channels[i].flags &
3205 			    IEEE80211_CHAN_DISABLED)
3206 				continue;
3207 
3208 			arg.n_channels++;
3209 		}
3210 	}
3211 
3212 	len = sizeof(struct wmi_channel_arg) * arg.n_channels;
3213 	arg.channels = kzalloc(len, GFP_KERNEL);
3214 	if (!arg.channels)
3215 		return -ENOMEM;
3216 
3217 	ch = arg.channels;
3218 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3219 		if (!bands[band])
3220 			continue;
3221 
3222 		for (i = 0; i < bands[band]->n_channels; i++) {
3223 			channel = &bands[band]->channels[i];
3224 
3225 			if (channel->flags & IEEE80211_CHAN_DISABLED)
3226 				continue;
3227 
3228 			ch->allow_ht = true;
3229 
3230 			/* FIXME: when should we really allow VHT? */
3231 			ch->allow_vht = true;
3232 
3233 			ch->allow_ibss =
3234 				!(channel->flags & IEEE80211_CHAN_NO_IR);
3235 
3236 			ch->ht40plus =
3237 				!(channel->flags & IEEE80211_CHAN_NO_HT40PLUS);
3238 
3239 			ch->chan_radar =
3240 				!!(channel->flags & IEEE80211_CHAN_RADAR);
3241 
3242 			passive = channel->flags & IEEE80211_CHAN_NO_IR;
3243 			ch->passive = passive;
3244 
3245 			/* the firmware is ignoring the "radar" flag of the
3246 			 * channel and is scanning actively using Probe Requests
3247 			 * on "Radar detection"/DFS channels which are not
3248 			 * marked as "available"
3249 			 */
3250 			ch->passive |= ch->chan_radar;
3251 
3252 			ch->freq = channel->center_freq;
3253 			ch->band_center_freq1 = channel->center_freq;
3254 			ch->min_power = 0;
3255 			ch->max_power = channel->max_power * 2;
3256 			ch->max_reg_power = channel->max_reg_power * 2;
3257 			ch->max_antenna_gain = channel->max_antenna_gain * 2;
3258 			ch->reg_class_id = 0; /* FIXME */
3259 
3260 			/* FIXME: why use only legacy modes, why not any
3261 			 * HT/VHT modes? Would that even make any
3262 			 * difference?
3263 			 */
3264 			if (channel->band == NL80211_BAND_2GHZ)
3265 				ch->mode = MODE_11G;
3266 			else
3267 				ch->mode = MODE_11A;
3268 
3269 			if (WARN_ON_ONCE(ch->mode == MODE_UNKNOWN))
3270 				continue;
3271 
3272 			ath10k_dbg(ar, ATH10K_DBG_WMI,
3273 				   "mac channel [%zd/%d] freq %d maxpower %d regpower %d antenna %d mode %d\n",
3274 				    ch - arg.channels, arg.n_channels,
3275 				   ch->freq, ch->max_power, ch->max_reg_power,
3276 				   ch->max_antenna_gain, ch->mode);
3277 
3278 			ch++;
3279 		}
3280 	}
3281 
3282 	ret = ath10k_wmi_scan_chan_list(ar, &arg);
3283 	kfree(arg.channels);
3284 
3285 	return ret;
3286 }
3287 
3288 static enum wmi_dfs_region
3289 ath10k_mac_get_dfs_region(enum nl80211_dfs_regions dfs_region)
3290 {
3291 	switch (dfs_region) {
3292 	case NL80211_DFS_UNSET:
3293 		return WMI_UNINIT_DFS_DOMAIN;
3294 	case NL80211_DFS_FCC:
3295 		return WMI_FCC_DFS_DOMAIN;
3296 	case NL80211_DFS_ETSI:
3297 		return WMI_ETSI_DFS_DOMAIN;
3298 	case NL80211_DFS_JP:
3299 		return WMI_MKK4_DFS_DOMAIN;
3300 	}
3301 	return WMI_UNINIT_DFS_DOMAIN;
3302 }
3303 
3304 static void ath10k_regd_update(struct ath10k *ar)
3305 {
3306 	struct reg_dmn_pair_mapping *regpair;
3307 	int ret;
3308 	enum wmi_dfs_region wmi_dfs_reg;
3309 	enum nl80211_dfs_regions nl_dfs_reg;
3310 
3311 	lockdep_assert_held(&ar->conf_mutex);
3312 
3313 	ret = ath10k_update_channel_list(ar);
3314 	if (ret)
3315 		ath10k_warn(ar, "failed to update channel list: %d\n", ret);
3316 
3317 	regpair = ar->ath_common.regulatory.regpair;
3318 
3319 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3320 		nl_dfs_reg = ar->dfs_detector->region;
3321 		wmi_dfs_reg = ath10k_mac_get_dfs_region(nl_dfs_reg);
3322 	} else {
3323 		wmi_dfs_reg = WMI_UNINIT_DFS_DOMAIN;
3324 	}
3325 
3326 	/* Target allows setting up per-band regdomain but ath_common provides
3327 	 * a combined one only
3328 	 */
3329 	ret = ath10k_wmi_pdev_set_regdomain(ar,
3330 					    regpair->reg_domain,
3331 					    regpair->reg_domain, /* 2ghz */
3332 					    regpair->reg_domain, /* 5ghz */
3333 					    regpair->reg_2ghz_ctl,
3334 					    regpair->reg_5ghz_ctl,
3335 					    wmi_dfs_reg);
3336 	if (ret)
3337 		ath10k_warn(ar, "failed to set pdev regdomain: %d\n", ret);
3338 }
3339 
3340 static void ath10k_mac_update_channel_list(struct ath10k *ar,
3341 					   struct ieee80211_supported_band *band)
3342 {
3343 	int i;
3344 
3345 	if (ar->low_5ghz_chan && ar->high_5ghz_chan) {
3346 		for (i = 0; i < band->n_channels; i++) {
3347 			if (band->channels[i].center_freq < ar->low_5ghz_chan ||
3348 			    band->channels[i].center_freq > ar->high_5ghz_chan)
3349 				band->channels[i].flags |=
3350 					IEEE80211_CHAN_DISABLED;
3351 		}
3352 	}
3353 }
3354 
3355 static void ath10k_reg_notifier(struct wiphy *wiphy,
3356 				struct regulatory_request *request)
3357 {
3358 	struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
3359 	struct ath10k *ar = hw->priv;
3360 	bool result;
3361 
3362 	ath_reg_notifier_apply(wiphy, request, &ar->ath_common.regulatory);
3363 
3364 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3365 		ath10k_dbg(ar, ATH10K_DBG_REGULATORY, "dfs region 0x%x\n",
3366 			   request->dfs_region);
3367 		result = ar->dfs_detector->set_dfs_domain(ar->dfs_detector,
3368 							  request->dfs_region);
3369 		if (!result)
3370 			ath10k_warn(ar, "DFS region 0x%X not supported, will trigger radar for every pulse\n",
3371 				    request->dfs_region);
3372 	}
3373 
3374 	mutex_lock(&ar->conf_mutex);
3375 	if (ar->state == ATH10K_STATE_ON)
3376 		ath10k_regd_update(ar);
3377 	mutex_unlock(&ar->conf_mutex);
3378 
3379 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
3380 		ath10k_mac_update_channel_list(ar,
3381 					       ar->hw->wiphy->bands[NL80211_BAND_5GHZ]);
3382 }
3383 
3384 static void ath10k_stop_radar_confirmation(struct ath10k *ar)
3385 {
3386 	spin_lock_bh(&ar->data_lock);
3387 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_STOPPED;
3388 	spin_unlock_bh(&ar->data_lock);
3389 
3390 	cancel_work_sync(&ar->radar_confirmation_work);
3391 }
3392 
3393 /***************/
3394 /* TX handlers */
3395 /***************/
3396 
3397 enum ath10k_mac_tx_path {
3398 	ATH10K_MAC_TX_HTT,
3399 	ATH10K_MAC_TX_HTT_MGMT,
3400 	ATH10K_MAC_TX_WMI_MGMT,
3401 	ATH10K_MAC_TX_UNKNOWN,
3402 };
3403 
3404 void ath10k_mac_tx_lock(struct ath10k *ar, int reason)
3405 {
3406 	lockdep_assert_held(&ar->htt.tx_lock);
3407 
3408 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3409 	ar->tx_paused |= BIT(reason);
3410 	ieee80211_stop_queues(ar->hw);
3411 }
3412 
3413 static void ath10k_mac_tx_unlock_iter(void *data, u8 *mac,
3414 				      struct ieee80211_vif *vif)
3415 {
3416 	struct ath10k *ar = data;
3417 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3418 
3419 	if (arvif->tx_paused)
3420 		return;
3421 
3422 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3423 }
3424 
3425 void ath10k_mac_tx_unlock(struct ath10k *ar, int reason)
3426 {
3427 	lockdep_assert_held(&ar->htt.tx_lock);
3428 
3429 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3430 	ar->tx_paused &= ~BIT(reason);
3431 
3432 	if (ar->tx_paused)
3433 		return;
3434 
3435 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3436 						   ATH10K_ITER_RESUME_FLAGS,
3437 						   ath10k_mac_tx_unlock_iter,
3438 						   ar);
3439 
3440 	ieee80211_wake_queue(ar->hw, ar->hw->offchannel_tx_hw_queue);
3441 }
3442 
3443 void ath10k_mac_vif_tx_lock(struct ath10k_vif *arvif, int reason)
3444 {
3445 	struct ath10k *ar = arvif->ar;
3446 
3447 	lockdep_assert_held(&ar->htt.tx_lock);
3448 
3449 	WARN_ON(reason >= BITS_PER_LONG);
3450 	arvif->tx_paused |= BIT(reason);
3451 	ieee80211_stop_queue(ar->hw, arvif->vdev_id);
3452 }
3453 
3454 void ath10k_mac_vif_tx_unlock(struct ath10k_vif *arvif, int reason)
3455 {
3456 	struct ath10k *ar = arvif->ar;
3457 
3458 	lockdep_assert_held(&ar->htt.tx_lock);
3459 
3460 	WARN_ON(reason >= BITS_PER_LONG);
3461 	arvif->tx_paused &= ~BIT(reason);
3462 
3463 	if (ar->tx_paused)
3464 		return;
3465 
3466 	if (arvif->tx_paused)
3467 		return;
3468 
3469 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3470 }
3471 
3472 static void ath10k_mac_vif_handle_tx_pause(struct ath10k_vif *arvif,
3473 					   enum wmi_tlv_tx_pause_id pause_id,
3474 					   enum wmi_tlv_tx_pause_action action)
3475 {
3476 	struct ath10k *ar = arvif->ar;
3477 
3478 	lockdep_assert_held(&ar->htt.tx_lock);
3479 
3480 	switch (action) {
3481 	case WMI_TLV_TX_PAUSE_ACTION_STOP:
3482 		ath10k_mac_vif_tx_lock(arvif, pause_id);
3483 		break;
3484 	case WMI_TLV_TX_PAUSE_ACTION_WAKE:
3485 		ath10k_mac_vif_tx_unlock(arvif, pause_id);
3486 		break;
3487 	default:
3488 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
3489 			   "received unknown tx pause action %d on vdev %i, ignoring\n",
3490 			    action, arvif->vdev_id);
3491 		break;
3492 	}
3493 }
3494 
3495 struct ath10k_mac_tx_pause {
3496 	u32 vdev_id;
3497 	enum wmi_tlv_tx_pause_id pause_id;
3498 	enum wmi_tlv_tx_pause_action action;
3499 };
3500 
3501 static void ath10k_mac_handle_tx_pause_iter(void *data, u8 *mac,
3502 					    struct ieee80211_vif *vif)
3503 {
3504 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3505 	struct ath10k_mac_tx_pause *arg = data;
3506 
3507 	if (arvif->vdev_id != arg->vdev_id)
3508 		return;
3509 
3510 	ath10k_mac_vif_handle_tx_pause(arvif, arg->pause_id, arg->action);
3511 }
3512 
3513 void ath10k_mac_handle_tx_pause_vdev(struct ath10k *ar, u32 vdev_id,
3514 				     enum wmi_tlv_tx_pause_id pause_id,
3515 				     enum wmi_tlv_tx_pause_action action)
3516 {
3517 	struct ath10k_mac_tx_pause arg = {
3518 		.vdev_id = vdev_id,
3519 		.pause_id = pause_id,
3520 		.action = action,
3521 	};
3522 
3523 	spin_lock_bh(&ar->htt.tx_lock);
3524 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3525 						   ATH10K_ITER_RESUME_FLAGS,
3526 						   ath10k_mac_handle_tx_pause_iter,
3527 						   &arg);
3528 	spin_unlock_bh(&ar->htt.tx_lock);
3529 }
3530 
3531 static enum ath10k_hw_txrx_mode
3532 ath10k_mac_tx_h_get_txmode(struct ath10k *ar,
3533 			   struct ieee80211_vif *vif,
3534 			   struct ieee80211_sta *sta,
3535 			   struct sk_buff *skb)
3536 {
3537 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3538 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
3539 	__le16 fc = hdr->frame_control;
3540 
3541 	if (!vif || vif->type == NL80211_IFTYPE_MONITOR)
3542 		return ATH10K_HW_TXRX_RAW;
3543 
3544 	if (ieee80211_is_mgmt(fc))
3545 		return ATH10K_HW_TXRX_MGMT;
3546 
3547 	/* Workaround:
3548 	 *
3549 	 * NullFunc frames are mostly used to ping if a client or AP are still
3550 	 * reachable and responsive. This implies tx status reports must be
3551 	 * accurate - otherwise either mac80211 or userspace (e.g. hostapd) can
3552 	 * come to a conclusion that the other end disappeared and tear down
3553 	 * BSS connection or it can never disconnect from BSS/client (which is
3554 	 * the case).
3555 	 *
3556 	 * Firmware with HTT older than 3.0 delivers incorrect tx status for
3557 	 * NullFunc frames to driver. However there's a HTT Mgmt Tx command
3558 	 * which seems to deliver correct tx reports for NullFunc frames. The
3559 	 * downside of using it is it ignores client powersave state so it can
3560 	 * end up disconnecting sleeping clients in AP mode. It should fix STA
3561 	 * mode though because AP don't sleep.
3562 	 */
3563 	if (ar->htt.target_version_major < 3 &&
3564 	    (ieee80211_is_nullfunc(fc) || ieee80211_is_qos_nullfunc(fc)) &&
3565 	    !test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3566 		      ar->running_fw->fw_file.fw_features))
3567 		return ATH10K_HW_TXRX_MGMT;
3568 
3569 	/* Workaround:
3570 	 *
3571 	 * Some wmi-tlv firmwares for qca6174 have broken Tx key selection for
3572 	 * NativeWifi txmode - it selects AP key instead of peer key. It seems
3573 	 * to work with Ethernet txmode so use it.
3574 	 *
3575 	 * FIXME: Check if raw mode works with TDLS.
3576 	 */
3577 	if (ieee80211_is_data_present(fc) && sta && sta->tdls)
3578 		return ATH10K_HW_TXRX_ETHERNET;
3579 
3580 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) ||
3581 	    skb_cb->flags & ATH10K_SKB_F_RAW_TX)
3582 		return ATH10K_HW_TXRX_RAW;
3583 
3584 	return ATH10K_HW_TXRX_NATIVE_WIFI;
3585 }
3586 
3587 static bool ath10k_tx_h_use_hwcrypto(struct ieee80211_vif *vif,
3588 				     struct sk_buff *skb)
3589 {
3590 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3591 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3592 	const u32 mask = IEEE80211_TX_INTFL_DONT_ENCRYPT |
3593 			 IEEE80211_TX_CTL_INJECTED;
3594 
3595 	if (!ieee80211_has_protected(hdr->frame_control))
3596 		return false;
3597 
3598 	if ((info->flags & mask) == mask)
3599 		return false;
3600 
3601 	if (vif)
3602 		return !((struct ath10k_vif *)vif->drv_priv)->nohwcrypt;
3603 
3604 	return true;
3605 }
3606 
3607 /* HTT Tx uses Native Wifi tx mode which expects 802.11 frames without QoS
3608  * Control in the header.
3609  */
3610 static void ath10k_tx_h_nwifi(struct ieee80211_hw *hw, struct sk_buff *skb)
3611 {
3612 	struct ieee80211_hdr *hdr = (void *)skb->data;
3613 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3614 	u8 *qos_ctl;
3615 
3616 	if (!ieee80211_is_data_qos(hdr->frame_control))
3617 		return;
3618 
3619 	qos_ctl = ieee80211_get_qos_ctl(hdr);
3620 	memmove(skb->data + IEEE80211_QOS_CTL_LEN,
3621 		skb->data, (void *)qos_ctl - (void *)skb->data);
3622 	skb_pull(skb, IEEE80211_QOS_CTL_LEN);
3623 
3624 	/* Some firmware revisions don't handle sending QoS NullFunc well.
3625 	 * These frames are mainly used for CQM purposes so it doesn't really
3626 	 * matter whether QoS NullFunc or NullFunc are sent.
3627 	 */
3628 	hdr = (void *)skb->data;
3629 	if (ieee80211_is_qos_nullfunc(hdr->frame_control))
3630 		cb->flags &= ~ATH10K_SKB_F_QOS;
3631 
3632 	hdr->frame_control &= ~__cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
3633 }
3634 
3635 static void ath10k_tx_h_8023(struct sk_buff *skb)
3636 {
3637 	struct ieee80211_hdr *hdr;
3638 	struct rfc1042_hdr *rfc1042;
3639 	struct ethhdr *eth;
3640 	size_t hdrlen;
3641 	u8 da[ETH_ALEN];
3642 	u8 sa[ETH_ALEN];
3643 	__be16 type;
3644 
3645 	hdr = (void *)skb->data;
3646 	hdrlen = ieee80211_hdrlen(hdr->frame_control);
3647 	rfc1042 = (void *)skb->data + hdrlen;
3648 
3649 	ether_addr_copy(da, ieee80211_get_DA(hdr));
3650 	ether_addr_copy(sa, ieee80211_get_SA(hdr));
3651 	type = rfc1042->snap_type;
3652 
3653 	skb_pull(skb, hdrlen + sizeof(*rfc1042));
3654 	skb_push(skb, sizeof(*eth));
3655 
3656 	eth = (void *)skb->data;
3657 	ether_addr_copy(eth->h_dest, da);
3658 	ether_addr_copy(eth->h_source, sa);
3659 	eth->h_proto = type;
3660 }
3661 
3662 static void ath10k_tx_h_add_p2p_noa_ie(struct ath10k *ar,
3663 				       struct ieee80211_vif *vif,
3664 				       struct sk_buff *skb)
3665 {
3666 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
3667 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3668 
3669 	/* This is case only for P2P_GO */
3670 	if (vif->type != NL80211_IFTYPE_AP || !vif->p2p)
3671 		return;
3672 
3673 	if (unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
3674 		spin_lock_bh(&ar->data_lock);
3675 		if (arvif->u.ap.noa_data)
3676 			if (!pskb_expand_head(skb, 0, arvif->u.ap.noa_len,
3677 					      GFP_ATOMIC))
3678 				skb_put_data(skb, arvif->u.ap.noa_data,
3679 					     arvif->u.ap.noa_len);
3680 		spin_unlock_bh(&ar->data_lock);
3681 	}
3682 }
3683 
3684 static void ath10k_mac_tx_h_fill_cb(struct ath10k *ar,
3685 				    struct ieee80211_vif *vif,
3686 				    struct ieee80211_txq *txq,
3687 				    struct ieee80211_sta *sta,
3688 				    struct sk_buff *skb, u16 airtime)
3689 {
3690 	struct ieee80211_hdr *hdr = (void *)skb->data;
3691 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3692 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3693 	bool is_data = ieee80211_is_data(hdr->frame_control) ||
3694 			ieee80211_is_data_qos(hdr->frame_control);
3695 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3696 	struct ath10k_sta *arsta;
3697 	u8 tid, *qos_ctl;
3698 	bool noack = false;
3699 
3700 	cb->flags = 0;
3701 	if (!ath10k_tx_h_use_hwcrypto(vif, skb))
3702 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3703 
3704 	if (ieee80211_is_mgmt(hdr->frame_control))
3705 		cb->flags |= ATH10K_SKB_F_MGMT;
3706 
3707 	if (ieee80211_is_data_qos(hdr->frame_control)) {
3708 		cb->flags |= ATH10K_SKB_F_QOS;
3709 		qos_ctl = ieee80211_get_qos_ctl(hdr);
3710 		tid = (*qos_ctl) & IEEE80211_QOS_CTL_TID_MASK;
3711 
3712 		if (arvif->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3713 			noack = true;
3714 
3715 		if (sta) {
3716 			arsta = (struct ath10k_sta *)sta->drv_priv;
3717 
3718 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3719 				noack = true;
3720 
3721 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_ACK)
3722 				noack = false;
3723 		}
3724 
3725 		if (noack)
3726 			cb->flags |= ATH10K_SKB_F_NOACK_TID;
3727 	}
3728 
3729 	/* Data frames encrypted in software will be posted to firmware
3730 	 * with tx encap mode set to RAW. Ex: Multicast traffic generated
3731 	 * for a specific VLAN group will always be encrypted in software.
3732 	 */
3733 	if (is_data && ieee80211_has_protected(hdr->frame_control) &&
3734 	    !info->control.hw_key) {
3735 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3736 		cb->flags |= ATH10K_SKB_F_RAW_TX;
3737 	}
3738 
3739 	cb->vif = vif;
3740 	cb->txq = txq;
3741 	cb->airtime_est = airtime;
3742 	if (sta) {
3743 		arsta = (struct ath10k_sta *)sta->drv_priv;
3744 		spin_lock_bh(&ar->data_lock);
3745 		cb->ucast_cipher = arsta->ucast_cipher;
3746 		spin_unlock_bh(&ar->data_lock);
3747 	}
3748 }
3749 
3750 bool ath10k_mac_tx_frm_has_freq(struct ath10k *ar)
3751 {
3752 	/* FIXME: Not really sure since when the behaviour changed. At some
3753 	 * point new firmware stopped requiring creation of peer entries for
3754 	 * offchannel tx (and actually creating them causes issues with wmi-htc
3755 	 * tx credit replenishment and reliability). Assuming it's at least 3.4
3756 	 * because that's when the `freq` was introduced to TX_FRM HTT command.
3757 	 */
3758 	return (ar->htt.target_version_major >= 3 &&
3759 		ar->htt.target_version_minor >= 4 &&
3760 		ar->running_fw->fw_file.htt_op_version == ATH10K_FW_HTT_OP_VERSION_TLV);
3761 }
3762 
3763 static int ath10k_mac_tx_wmi_mgmt(struct ath10k *ar, struct sk_buff *skb)
3764 {
3765 	struct sk_buff_head *q = &ar->wmi_mgmt_tx_queue;
3766 	int ret = 0;
3767 
3768 	spin_lock_bh(&ar->data_lock);
3769 
3770 	if (skb_queue_len(q) == ATH10K_MAX_NUM_MGMT_PENDING) {
3771 		ath10k_warn(ar, "wmi mgmt tx queue is full\n");
3772 		ret = -ENOSPC;
3773 		goto unlock;
3774 	}
3775 
3776 	__skb_queue_tail(q, skb);
3777 	ieee80211_queue_work(ar->hw, &ar->wmi_mgmt_tx_work);
3778 
3779 unlock:
3780 	spin_unlock_bh(&ar->data_lock);
3781 
3782 	return ret;
3783 }
3784 
3785 static enum ath10k_mac_tx_path
3786 ath10k_mac_tx_h_get_txpath(struct ath10k *ar,
3787 			   struct sk_buff *skb,
3788 			   enum ath10k_hw_txrx_mode txmode)
3789 {
3790 	switch (txmode) {
3791 	case ATH10K_HW_TXRX_RAW:
3792 	case ATH10K_HW_TXRX_NATIVE_WIFI:
3793 	case ATH10K_HW_TXRX_ETHERNET:
3794 		return ATH10K_MAC_TX_HTT;
3795 	case ATH10K_HW_TXRX_MGMT:
3796 		if (test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3797 			     ar->running_fw->fw_file.fw_features) ||
3798 			     test_bit(WMI_SERVICE_MGMT_TX_WMI,
3799 				      ar->wmi.svc_map))
3800 			return ATH10K_MAC_TX_WMI_MGMT;
3801 		else if (ar->htt.target_version_major >= 3)
3802 			return ATH10K_MAC_TX_HTT;
3803 		else
3804 			return ATH10K_MAC_TX_HTT_MGMT;
3805 	}
3806 
3807 	return ATH10K_MAC_TX_UNKNOWN;
3808 }
3809 
3810 static int ath10k_mac_tx_submit(struct ath10k *ar,
3811 				enum ath10k_hw_txrx_mode txmode,
3812 				enum ath10k_mac_tx_path txpath,
3813 				struct sk_buff *skb)
3814 {
3815 	struct ath10k_htt *htt = &ar->htt;
3816 	int ret = -EINVAL;
3817 
3818 	switch (txpath) {
3819 	case ATH10K_MAC_TX_HTT:
3820 		ret = ath10k_htt_tx(htt, txmode, skb);
3821 		break;
3822 	case ATH10K_MAC_TX_HTT_MGMT:
3823 		ret = ath10k_htt_mgmt_tx(htt, skb);
3824 		break;
3825 	case ATH10K_MAC_TX_WMI_MGMT:
3826 		ret = ath10k_mac_tx_wmi_mgmt(ar, skb);
3827 		break;
3828 	case ATH10K_MAC_TX_UNKNOWN:
3829 		WARN_ON_ONCE(1);
3830 		ret = -EINVAL;
3831 		break;
3832 	}
3833 
3834 	if (ret) {
3835 		ath10k_warn(ar, "failed to transmit packet, dropping: %d\n",
3836 			    ret);
3837 		ieee80211_free_txskb(ar->hw, skb);
3838 	}
3839 
3840 	return ret;
3841 }
3842 
3843 /* This function consumes the sk_buff regardless of return value as far as
3844  * caller is concerned so no freeing is necessary afterwards.
3845  */
3846 static int ath10k_mac_tx(struct ath10k *ar,
3847 			 struct ieee80211_vif *vif,
3848 			 enum ath10k_hw_txrx_mode txmode,
3849 			 enum ath10k_mac_tx_path txpath,
3850 			 struct sk_buff *skb, bool noque_offchan)
3851 {
3852 	struct ieee80211_hw *hw = ar->hw;
3853 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3854 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
3855 	int ret;
3856 
3857 	/* We should disable CCK RATE due to P2P */
3858 	if (info->flags & IEEE80211_TX_CTL_NO_CCK_RATE)
3859 		ath10k_dbg(ar, ATH10K_DBG_MAC, "IEEE80211_TX_CTL_NO_CCK_RATE\n");
3860 
3861 	switch (txmode) {
3862 	case ATH10K_HW_TXRX_MGMT:
3863 	case ATH10K_HW_TXRX_NATIVE_WIFI:
3864 		ath10k_tx_h_nwifi(hw, skb);
3865 		ath10k_tx_h_add_p2p_noa_ie(ar, vif, skb);
3866 		ath10k_tx_h_seq_no(vif, skb);
3867 		break;
3868 	case ATH10K_HW_TXRX_ETHERNET:
3869 		ath10k_tx_h_8023(skb);
3870 		break;
3871 	case ATH10K_HW_TXRX_RAW:
3872 		if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) &&
3873 		    !(skb_cb->flags & ATH10K_SKB_F_RAW_TX)) {
3874 			WARN_ON_ONCE(1);
3875 			ieee80211_free_txskb(hw, skb);
3876 			return -ENOTSUPP;
3877 		}
3878 	}
3879 
3880 	if (!noque_offchan && info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) {
3881 		if (!ath10k_mac_tx_frm_has_freq(ar)) {
3882 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac queued offchannel skb %pK len %d\n",
3883 				   skb, skb->len);
3884 
3885 			skb_queue_tail(&ar->offchan_tx_queue, skb);
3886 			ieee80211_queue_work(hw, &ar->offchan_tx_work);
3887 			return 0;
3888 		}
3889 	}
3890 
3891 	ret = ath10k_mac_tx_submit(ar, txmode, txpath, skb);
3892 	if (ret) {
3893 		ath10k_warn(ar, "failed to submit frame: %d\n", ret);
3894 		return ret;
3895 	}
3896 
3897 	return 0;
3898 }
3899 
3900 void ath10k_offchan_tx_purge(struct ath10k *ar)
3901 {
3902 	struct sk_buff *skb;
3903 
3904 	for (;;) {
3905 		skb = skb_dequeue(&ar->offchan_tx_queue);
3906 		if (!skb)
3907 			break;
3908 
3909 		ieee80211_free_txskb(ar->hw, skb);
3910 	}
3911 }
3912 
3913 void ath10k_offchan_tx_work(struct work_struct *work)
3914 {
3915 	struct ath10k *ar = container_of(work, struct ath10k, offchan_tx_work);
3916 	struct ath10k_peer *peer;
3917 	struct ath10k_vif *arvif;
3918 	enum ath10k_hw_txrx_mode txmode;
3919 	enum ath10k_mac_tx_path txpath;
3920 	struct ieee80211_hdr *hdr;
3921 	struct ieee80211_vif *vif;
3922 	struct ieee80211_sta *sta;
3923 	struct sk_buff *skb;
3924 	const u8 *peer_addr;
3925 	int vdev_id;
3926 	int ret;
3927 	unsigned long time_left;
3928 	bool tmp_peer_created = false;
3929 
3930 	/* FW requirement: We must create a peer before FW will send out
3931 	 * an offchannel frame. Otherwise the frame will be stuck and
3932 	 * never transmitted. We delete the peer upon tx completion.
3933 	 * It is unlikely that a peer for offchannel tx will already be
3934 	 * present. However it may be in some rare cases so account for that.
3935 	 * Otherwise we might remove a legitimate peer and break stuff.
3936 	 */
3937 
3938 	for (;;) {
3939 		skb = skb_dequeue(&ar->offchan_tx_queue);
3940 		if (!skb)
3941 			break;
3942 
3943 		mutex_lock(&ar->conf_mutex);
3944 
3945 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac offchannel skb %pK len %d\n",
3946 			   skb, skb->len);
3947 
3948 		hdr = (struct ieee80211_hdr *)skb->data;
3949 		peer_addr = ieee80211_get_DA(hdr);
3950 
3951 		spin_lock_bh(&ar->data_lock);
3952 		vdev_id = ar->scan.vdev_id;
3953 		peer = ath10k_peer_find(ar, vdev_id, peer_addr);
3954 		spin_unlock_bh(&ar->data_lock);
3955 
3956 		if (peer)
3957 			/* FIXME: should this use ath10k_warn()? */
3958 			ath10k_dbg(ar, ATH10K_DBG_MAC, "peer %pM on vdev %d already present\n",
3959 				   peer_addr, vdev_id);
3960 
3961 		if (!peer) {
3962 			ret = ath10k_peer_create(ar, NULL, NULL, vdev_id,
3963 						 peer_addr,
3964 						 WMI_PEER_TYPE_DEFAULT);
3965 			if (ret)
3966 				ath10k_warn(ar, "failed to create peer %pM on vdev %d: %d\n",
3967 					    peer_addr, vdev_id, ret);
3968 			tmp_peer_created = (ret == 0);
3969 		}
3970 
3971 		spin_lock_bh(&ar->data_lock);
3972 		reinit_completion(&ar->offchan_tx_completed);
3973 		ar->offchan_tx_skb = skb;
3974 		spin_unlock_bh(&ar->data_lock);
3975 
3976 		/* It's safe to access vif and sta - conf_mutex guarantees that
3977 		 * sta_state() and remove_interface() are locked exclusively
3978 		 * out wrt to this offchannel worker.
3979 		 */
3980 		arvif = ath10k_get_arvif(ar, vdev_id);
3981 		if (arvif) {
3982 			vif = arvif->vif;
3983 			sta = ieee80211_find_sta(vif, peer_addr);
3984 		} else {
3985 			vif = NULL;
3986 			sta = NULL;
3987 		}
3988 
3989 		txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
3990 		txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
3991 
3992 		ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, true);
3993 		if (ret) {
3994 			ath10k_warn(ar, "failed to transmit offchannel frame: %d\n",
3995 				    ret);
3996 			/* not serious */
3997 		}
3998 
3999 		time_left =
4000 		wait_for_completion_timeout(&ar->offchan_tx_completed, 3 * HZ);
4001 		if (time_left == 0)
4002 			ath10k_warn(ar, "timed out waiting for offchannel skb %pK, len: %d\n",
4003 				    skb, skb->len);
4004 
4005 		if (!peer && tmp_peer_created) {
4006 			ret = ath10k_peer_delete(ar, vdev_id, peer_addr);
4007 			if (ret)
4008 				ath10k_warn(ar, "failed to delete peer %pM on vdev %d: %d\n",
4009 					    peer_addr, vdev_id, ret);
4010 		}
4011 
4012 		mutex_unlock(&ar->conf_mutex);
4013 	}
4014 }
4015 
4016 void ath10k_mgmt_over_wmi_tx_purge(struct ath10k *ar)
4017 {
4018 	struct sk_buff *skb;
4019 
4020 	for (;;) {
4021 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4022 		if (!skb)
4023 			break;
4024 
4025 		ieee80211_free_txskb(ar->hw, skb);
4026 	}
4027 }
4028 
4029 void ath10k_mgmt_over_wmi_tx_work(struct work_struct *work)
4030 {
4031 	struct ath10k *ar = container_of(work, struct ath10k, wmi_mgmt_tx_work);
4032 	struct sk_buff *skb;
4033 	dma_addr_t paddr;
4034 	int ret;
4035 
4036 	for (;;) {
4037 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4038 		if (!skb)
4039 			break;
4040 
4041 		if (test_bit(ATH10K_FW_FEATURE_MGMT_TX_BY_REF,
4042 			     ar->running_fw->fw_file.fw_features)) {
4043 			paddr = dma_map_single(ar->dev, skb->data,
4044 					       skb->len, DMA_TO_DEVICE);
4045 			if (dma_mapping_error(ar->dev, paddr)) {
4046 				ieee80211_free_txskb(ar->hw, skb);
4047 				continue;
4048 			}
4049 			ret = ath10k_wmi_mgmt_tx_send(ar, skb, paddr);
4050 			if (ret) {
4051 				ath10k_warn(ar, "failed to transmit management frame by ref via WMI: %d\n",
4052 					    ret);
4053 				/* remove this msdu from idr tracking */
4054 				ath10k_wmi_cleanup_mgmt_tx_send(ar, skb);
4055 
4056 				dma_unmap_single(ar->dev, paddr, skb->len,
4057 						 DMA_TO_DEVICE);
4058 				ieee80211_free_txskb(ar->hw, skb);
4059 			}
4060 		} else {
4061 			ret = ath10k_wmi_mgmt_tx(ar, skb);
4062 			if (ret) {
4063 				ath10k_warn(ar, "failed to transmit management frame via WMI: %d\n",
4064 					    ret);
4065 				ieee80211_free_txskb(ar->hw, skb);
4066 			}
4067 		}
4068 	}
4069 }
4070 
4071 static void ath10k_mac_txq_init(struct ieee80211_txq *txq)
4072 {
4073 	struct ath10k_txq *artxq;
4074 
4075 	if (!txq)
4076 		return;
4077 
4078 	artxq = (void *)txq->drv_priv;
4079 	INIT_LIST_HEAD(&artxq->list);
4080 }
4081 
4082 static void ath10k_mac_txq_unref(struct ath10k *ar, struct ieee80211_txq *txq)
4083 {
4084 	struct ath10k_skb_cb *cb;
4085 	struct sk_buff *msdu;
4086 	int msdu_id;
4087 
4088 	if (!txq)
4089 		return;
4090 
4091 	spin_lock_bh(&ar->htt.tx_lock);
4092 	idr_for_each_entry(&ar->htt.pending_tx, msdu, msdu_id) {
4093 		cb = ATH10K_SKB_CB(msdu);
4094 		if (cb->txq == txq)
4095 			cb->txq = NULL;
4096 	}
4097 	spin_unlock_bh(&ar->htt.tx_lock);
4098 }
4099 
4100 struct ieee80211_txq *ath10k_mac_txq_lookup(struct ath10k *ar,
4101 					    u16 peer_id,
4102 					    u8 tid)
4103 {
4104 	struct ath10k_peer *peer;
4105 
4106 	lockdep_assert_held(&ar->data_lock);
4107 
4108 	peer = ar->peer_map[peer_id];
4109 	if (!peer)
4110 		return NULL;
4111 
4112 	if (peer->removed)
4113 		return NULL;
4114 
4115 	if (peer->sta)
4116 		return peer->sta->txq[tid];
4117 	else if (peer->vif)
4118 		return peer->vif->txq;
4119 	else
4120 		return NULL;
4121 }
4122 
4123 static bool ath10k_mac_tx_can_push(struct ieee80211_hw *hw,
4124 				   struct ieee80211_txq *txq)
4125 {
4126 	struct ath10k *ar = hw->priv;
4127 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4128 
4129 	/* No need to get locks */
4130 	if (ar->htt.tx_q_state.mode == HTT_TX_MODE_SWITCH_PUSH)
4131 		return true;
4132 
4133 	if (ar->htt.num_pending_tx < ar->htt.tx_q_state.num_push_allowed)
4134 		return true;
4135 
4136 	if (artxq->num_fw_queued < artxq->num_push_allowed)
4137 		return true;
4138 
4139 	return false;
4140 }
4141 
4142 /* Return estimated airtime in microsecond, which is calculated using last
4143  * reported TX rate. This is just a rough estimation because host driver has no
4144  * knowledge of the actual transmit rate, retries or aggregation. If actual
4145  * airtime can be reported by firmware, then delta between estimated and actual
4146  * airtime can be adjusted from deficit.
4147  */
4148 #define IEEE80211_ATF_OVERHEAD		100	/* IFS + some slot time */
4149 #define IEEE80211_ATF_OVERHEAD_IFS	16	/* IFS only */
4150 static u16 ath10k_mac_update_airtime(struct ath10k *ar,
4151 				     struct ieee80211_txq *txq,
4152 				     struct sk_buff *skb)
4153 {
4154 	struct ath10k_sta *arsta;
4155 	u32 pktlen;
4156 	u16 airtime = 0;
4157 
4158 	if (!txq || !txq->sta)
4159 		return airtime;
4160 
4161 	if (test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
4162 		return airtime;
4163 
4164 	spin_lock_bh(&ar->data_lock);
4165 	arsta = (struct ath10k_sta *)txq->sta->drv_priv;
4166 
4167 	pktlen = skb->len + 38; /* Assume MAC header 30, SNAP 8 for most case */
4168 	if (arsta->last_tx_bitrate) {
4169 		/* airtime in us, last_tx_bitrate in 100kbps */
4170 		airtime = (pktlen * 8 * (1000 / 100))
4171 				/ arsta->last_tx_bitrate;
4172 		/* overhead for media access time and IFS */
4173 		airtime += IEEE80211_ATF_OVERHEAD_IFS;
4174 	} else {
4175 		/* This is mostly for throttle excessive BC/MC frames, and the
4176 		 * airtime/rate doesn't need be exact. Airtime of BC/MC frames
4177 		 * in 2G get some discount, which helps prevent very low rate
4178 		 * frames from being blocked for too long.
4179 		 */
4180 		airtime = (pktlen * 8 * (1000 / 100)) / 60; /* 6M */
4181 		airtime += IEEE80211_ATF_OVERHEAD;
4182 	}
4183 	spin_unlock_bh(&ar->data_lock);
4184 
4185 	return airtime;
4186 }
4187 
4188 int ath10k_mac_tx_push_txq(struct ieee80211_hw *hw,
4189 			   struct ieee80211_txq *txq)
4190 {
4191 	struct ath10k *ar = hw->priv;
4192 	struct ath10k_htt *htt = &ar->htt;
4193 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4194 	struct ieee80211_vif *vif = txq->vif;
4195 	struct ieee80211_sta *sta = txq->sta;
4196 	enum ath10k_hw_txrx_mode txmode;
4197 	enum ath10k_mac_tx_path txpath;
4198 	struct sk_buff *skb;
4199 	struct ieee80211_hdr *hdr;
4200 	size_t skb_len;
4201 	bool is_mgmt, is_presp;
4202 	int ret;
4203 	u16 airtime;
4204 
4205 	spin_lock_bh(&ar->htt.tx_lock);
4206 	ret = ath10k_htt_tx_inc_pending(htt);
4207 	spin_unlock_bh(&ar->htt.tx_lock);
4208 
4209 	if (ret)
4210 		return ret;
4211 
4212 	skb = ieee80211_tx_dequeue_ni(hw, txq);
4213 	if (!skb) {
4214 		spin_lock_bh(&ar->htt.tx_lock);
4215 		ath10k_htt_tx_dec_pending(htt);
4216 		spin_unlock_bh(&ar->htt.tx_lock);
4217 
4218 		return -ENOENT;
4219 	}
4220 
4221 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4222 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4223 
4224 	skb_len = skb->len;
4225 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4226 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4227 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4228 
4229 	if (is_mgmt) {
4230 		hdr = (struct ieee80211_hdr *)skb->data;
4231 		is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4232 
4233 		spin_lock_bh(&ar->htt.tx_lock);
4234 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4235 
4236 		if (ret) {
4237 			ath10k_htt_tx_dec_pending(htt);
4238 			spin_unlock_bh(&ar->htt.tx_lock);
4239 			return ret;
4240 		}
4241 		spin_unlock_bh(&ar->htt.tx_lock);
4242 	}
4243 
4244 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4245 	if (unlikely(ret)) {
4246 		ath10k_warn(ar, "failed to push frame: %d\n", ret);
4247 
4248 		spin_lock_bh(&ar->htt.tx_lock);
4249 		ath10k_htt_tx_dec_pending(htt);
4250 		if (is_mgmt)
4251 			ath10k_htt_tx_mgmt_dec_pending(htt);
4252 		spin_unlock_bh(&ar->htt.tx_lock);
4253 
4254 		return ret;
4255 	}
4256 
4257 	spin_lock_bh(&ar->htt.tx_lock);
4258 	artxq->num_fw_queued++;
4259 	spin_unlock_bh(&ar->htt.tx_lock);
4260 
4261 	return skb_len;
4262 }
4263 
4264 static int ath10k_mac_schedule_txq(struct ieee80211_hw *hw, u32 ac)
4265 {
4266 	struct ieee80211_txq *txq;
4267 	int ret = 0;
4268 
4269 	ieee80211_txq_schedule_start(hw, ac);
4270 	while ((txq = ieee80211_next_txq(hw, ac))) {
4271 		while (ath10k_mac_tx_can_push(hw, txq)) {
4272 			ret = ath10k_mac_tx_push_txq(hw, txq);
4273 			if (ret < 0)
4274 				break;
4275 		}
4276 		ieee80211_return_txq(hw, txq, false);
4277 		ath10k_htt_tx_txq_update(hw, txq);
4278 		if (ret == -EBUSY)
4279 			break;
4280 	}
4281 	ieee80211_txq_schedule_end(hw, ac);
4282 
4283 	return ret;
4284 }
4285 
4286 void ath10k_mac_tx_push_pending(struct ath10k *ar)
4287 {
4288 	struct ieee80211_hw *hw = ar->hw;
4289 	u32 ac;
4290 
4291 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4292 		return;
4293 
4294 	if (ar->htt.num_pending_tx >= (ar->htt.max_num_pending_tx / 2))
4295 		return;
4296 
4297 	rcu_read_lock();
4298 	for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
4299 		if (ath10k_mac_schedule_txq(hw, ac) == -EBUSY)
4300 			break;
4301 	}
4302 	rcu_read_unlock();
4303 }
4304 EXPORT_SYMBOL(ath10k_mac_tx_push_pending);
4305 
4306 /************/
4307 /* Scanning */
4308 /************/
4309 
4310 void __ath10k_scan_finish(struct ath10k *ar)
4311 {
4312 	lockdep_assert_held(&ar->data_lock);
4313 
4314 	switch (ar->scan.state) {
4315 	case ATH10K_SCAN_IDLE:
4316 		break;
4317 	case ATH10K_SCAN_RUNNING:
4318 	case ATH10K_SCAN_ABORTING:
4319 		if (!ar->scan.is_roc) {
4320 			struct cfg80211_scan_info info = {
4321 				.aborted = (ar->scan.state ==
4322 					    ATH10K_SCAN_ABORTING),
4323 			};
4324 
4325 			ieee80211_scan_completed(ar->hw, &info);
4326 		} else if (ar->scan.roc_notify) {
4327 			ieee80211_remain_on_channel_expired(ar->hw);
4328 		}
4329 		fallthrough;
4330 	case ATH10K_SCAN_STARTING:
4331 		ar->scan.state = ATH10K_SCAN_IDLE;
4332 		ar->scan_channel = NULL;
4333 		ar->scan.roc_freq = 0;
4334 		ath10k_offchan_tx_purge(ar);
4335 		cancel_delayed_work(&ar->scan.timeout);
4336 		complete(&ar->scan.completed);
4337 		break;
4338 	}
4339 }
4340 
4341 void ath10k_scan_finish(struct ath10k *ar)
4342 {
4343 	spin_lock_bh(&ar->data_lock);
4344 	__ath10k_scan_finish(ar);
4345 	spin_unlock_bh(&ar->data_lock);
4346 }
4347 
4348 static int ath10k_scan_stop(struct ath10k *ar)
4349 {
4350 	struct wmi_stop_scan_arg arg = {
4351 		.req_id = 1, /* FIXME */
4352 		.req_type = WMI_SCAN_STOP_ONE,
4353 		.u.scan_id = ATH10K_SCAN_ID,
4354 	};
4355 	int ret;
4356 
4357 	lockdep_assert_held(&ar->conf_mutex);
4358 
4359 	ret = ath10k_wmi_stop_scan(ar, &arg);
4360 	if (ret) {
4361 		ath10k_warn(ar, "failed to stop wmi scan: %d\n", ret);
4362 		goto out;
4363 	}
4364 
4365 	ret = wait_for_completion_timeout(&ar->scan.completed, 3 * HZ);
4366 	if (ret == 0) {
4367 		ath10k_warn(ar, "failed to receive scan abortion completion: timed out\n");
4368 		ret = -ETIMEDOUT;
4369 	} else if (ret > 0) {
4370 		ret = 0;
4371 	}
4372 
4373 out:
4374 	/* Scan state should be updated upon scan completion but in case
4375 	 * firmware fails to deliver the event (for whatever reason) it is
4376 	 * desired to clean up scan state anyway. Firmware may have just
4377 	 * dropped the scan completion event delivery due to transport pipe
4378 	 * being overflown with data and/or it can recover on its own before
4379 	 * next scan request is submitted.
4380 	 */
4381 	spin_lock_bh(&ar->data_lock);
4382 	if (ar->scan.state != ATH10K_SCAN_IDLE)
4383 		__ath10k_scan_finish(ar);
4384 	spin_unlock_bh(&ar->data_lock);
4385 
4386 	return ret;
4387 }
4388 
4389 static void ath10k_scan_abort(struct ath10k *ar)
4390 {
4391 	int ret;
4392 
4393 	lockdep_assert_held(&ar->conf_mutex);
4394 
4395 	spin_lock_bh(&ar->data_lock);
4396 
4397 	switch (ar->scan.state) {
4398 	case ATH10K_SCAN_IDLE:
4399 		/* This can happen if timeout worker kicked in and called
4400 		 * abortion while scan completion was being processed.
4401 		 */
4402 		break;
4403 	case ATH10K_SCAN_STARTING:
4404 	case ATH10K_SCAN_ABORTING:
4405 		ath10k_warn(ar, "refusing scan abortion due to invalid scan state: %s (%d)\n",
4406 			    ath10k_scan_state_str(ar->scan.state),
4407 			    ar->scan.state);
4408 		break;
4409 	case ATH10K_SCAN_RUNNING:
4410 		ar->scan.state = ATH10K_SCAN_ABORTING;
4411 		spin_unlock_bh(&ar->data_lock);
4412 
4413 		ret = ath10k_scan_stop(ar);
4414 		if (ret)
4415 			ath10k_warn(ar, "failed to abort scan: %d\n", ret);
4416 
4417 		spin_lock_bh(&ar->data_lock);
4418 		break;
4419 	}
4420 
4421 	spin_unlock_bh(&ar->data_lock);
4422 }
4423 
4424 void ath10k_scan_timeout_work(struct work_struct *work)
4425 {
4426 	struct ath10k *ar = container_of(work, struct ath10k,
4427 					 scan.timeout.work);
4428 
4429 	mutex_lock(&ar->conf_mutex);
4430 	ath10k_scan_abort(ar);
4431 	mutex_unlock(&ar->conf_mutex);
4432 }
4433 
4434 static int ath10k_start_scan(struct ath10k *ar,
4435 			     const struct wmi_start_scan_arg *arg)
4436 {
4437 	int ret;
4438 
4439 	lockdep_assert_held(&ar->conf_mutex);
4440 
4441 	ret = ath10k_wmi_start_scan(ar, arg);
4442 	if (ret)
4443 		return ret;
4444 
4445 	ret = wait_for_completion_timeout(&ar->scan.started, 1 * HZ);
4446 	if (ret == 0) {
4447 		ret = ath10k_scan_stop(ar);
4448 		if (ret)
4449 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
4450 
4451 		return -ETIMEDOUT;
4452 	}
4453 
4454 	/* If we failed to start the scan, return error code at
4455 	 * this point.  This is probably due to some issue in the
4456 	 * firmware, but no need to wedge the driver due to that...
4457 	 */
4458 	spin_lock_bh(&ar->data_lock);
4459 	if (ar->scan.state == ATH10K_SCAN_IDLE) {
4460 		spin_unlock_bh(&ar->data_lock);
4461 		return -EINVAL;
4462 	}
4463 	spin_unlock_bh(&ar->data_lock);
4464 
4465 	return 0;
4466 }
4467 
4468 /**********************/
4469 /* mac80211 callbacks */
4470 /**********************/
4471 
4472 static void ath10k_mac_op_tx(struct ieee80211_hw *hw,
4473 			     struct ieee80211_tx_control *control,
4474 			     struct sk_buff *skb)
4475 {
4476 	struct ath10k *ar = hw->priv;
4477 	struct ath10k_htt *htt = &ar->htt;
4478 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4479 	struct ieee80211_vif *vif = info->control.vif;
4480 	struct ieee80211_sta *sta = control->sta;
4481 	struct ieee80211_txq *txq = NULL;
4482 	struct ieee80211_hdr *hdr = (void *)skb->data;
4483 	enum ath10k_hw_txrx_mode txmode;
4484 	enum ath10k_mac_tx_path txpath;
4485 	bool is_htt;
4486 	bool is_mgmt;
4487 	bool is_presp;
4488 	int ret;
4489 	u16 airtime;
4490 
4491 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4492 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4493 
4494 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4495 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4496 	is_htt = (txpath == ATH10K_MAC_TX_HTT ||
4497 		  txpath == ATH10K_MAC_TX_HTT_MGMT);
4498 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4499 
4500 	if (is_htt) {
4501 		spin_lock_bh(&ar->htt.tx_lock);
4502 		is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4503 
4504 		ret = ath10k_htt_tx_inc_pending(htt);
4505 		if (ret) {
4506 			ath10k_warn(ar, "failed to increase tx pending count: %d, dropping\n",
4507 				    ret);
4508 			spin_unlock_bh(&ar->htt.tx_lock);
4509 			ieee80211_free_txskb(ar->hw, skb);
4510 			return;
4511 		}
4512 
4513 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4514 		if (ret) {
4515 			ath10k_dbg(ar, ATH10K_DBG_MAC, "failed to increase tx mgmt pending count: %d, dropping\n",
4516 				   ret);
4517 			ath10k_htt_tx_dec_pending(htt);
4518 			spin_unlock_bh(&ar->htt.tx_lock);
4519 			ieee80211_free_txskb(ar->hw, skb);
4520 			return;
4521 		}
4522 		spin_unlock_bh(&ar->htt.tx_lock);
4523 	}
4524 
4525 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4526 	if (ret) {
4527 		ath10k_warn(ar, "failed to transmit frame: %d\n", ret);
4528 		if (is_htt) {
4529 			spin_lock_bh(&ar->htt.tx_lock);
4530 			ath10k_htt_tx_dec_pending(htt);
4531 			if (is_mgmt)
4532 				ath10k_htt_tx_mgmt_dec_pending(htt);
4533 			spin_unlock_bh(&ar->htt.tx_lock);
4534 		}
4535 		return;
4536 	}
4537 }
4538 
4539 static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw,
4540 					struct ieee80211_txq *txq)
4541 {
4542 	struct ath10k *ar = hw->priv;
4543 	int ret;
4544 	u8 ac;
4545 
4546 	ath10k_htt_tx_txq_update(hw, txq);
4547 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4548 		return;
4549 
4550 	ac = txq->ac;
4551 	ieee80211_txq_schedule_start(hw, ac);
4552 	txq = ieee80211_next_txq(hw, ac);
4553 	if (!txq)
4554 		goto out;
4555 
4556 	while (ath10k_mac_tx_can_push(hw, txq)) {
4557 		ret = ath10k_mac_tx_push_txq(hw, txq);
4558 		if (ret < 0)
4559 			break;
4560 	}
4561 	ieee80211_return_txq(hw, txq, false);
4562 	ath10k_htt_tx_txq_update(hw, txq);
4563 out:
4564 	ieee80211_txq_schedule_end(hw, ac);
4565 }
4566 
4567 /* Must not be called with conf_mutex held as workers can use that also. */
4568 void ath10k_drain_tx(struct ath10k *ar)
4569 {
4570 	/* make sure rcu-protected mac80211 tx path itself is drained */
4571 	synchronize_net();
4572 
4573 	ath10k_offchan_tx_purge(ar);
4574 	ath10k_mgmt_over_wmi_tx_purge(ar);
4575 
4576 	cancel_work_sync(&ar->offchan_tx_work);
4577 	cancel_work_sync(&ar->wmi_mgmt_tx_work);
4578 }
4579 
4580 void ath10k_halt(struct ath10k *ar)
4581 {
4582 	struct ath10k_vif *arvif;
4583 
4584 	lockdep_assert_held(&ar->conf_mutex);
4585 
4586 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
4587 	ar->filter_flags = 0;
4588 	ar->monitor = false;
4589 	ar->monitor_arvif = NULL;
4590 
4591 	if (ar->monitor_started)
4592 		ath10k_monitor_stop(ar);
4593 
4594 	ar->monitor_started = false;
4595 	ar->tx_paused = 0;
4596 
4597 	ath10k_scan_finish(ar);
4598 	ath10k_peer_cleanup_all(ar);
4599 	ath10k_stop_radar_confirmation(ar);
4600 	ath10k_core_stop(ar);
4601 	ath10k_hif_power_down(ar);
4602 
4603 	spin_lock_bh(&ar->data_lock);
4604 	list_for_each_entry(arvif, &ar->arvifs, list)
4605 		ath10k_mac_vif_beacon_cleanup(arvif);
4606 	spin_unlock_bh(&ar->data_lock);
4607 }
4608 
4609 static int ath10k_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
4610 {
4611 	struct ath10k *ar = hw->priv;
4612 
4613 	mutex_lock(&ar->conf_mutex);
4614 
4615 	*tx_ant = ar->cfg_tx_chainmask;
4616 	*rx_ant = ar->cfg_rx_chainmask;
4617 
4618 	mutex_unlock(&ar->conf_mutex);
4619 
4620 	return 0;
4621 }
4622 
4623 static bool ath10k_check_chain_mask(struct ath10k *ar, u32 cm, const char *dbg)
4624 {
4625 	/* It is not clear that allowing gaps in chainmask
4626 	 * is helpful.  Probably it will not do what user
4627 	 * is hoping for, so warn in that case.
4628 	 */
4629 	if (cm == 15 || cm == 7 || cm == 3 || cm == 1 || cm == 0)
4630 		return true;
4631 
4632 	ath10k_warn(ar, "mac %s antenna chainmask is invalid: 0x%x.  Suggested values: 15, 7, 3, 1 or 0.\n",
4633 		    dbg, cm);
4634 	return false;
4635 }
4636 
4637 static int ath10k_mac_get_vht_cap_bf_sts(struct ath10k *ar)
4638 {
4639 	int nsts = ar->vht_cap_info;
4640 
4641 	nsts &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4642 	nsts >>= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4643 
4644 	/* If firmware does not deliver to host number of space-time
4645 	 * streams supported, assume it support up to 4 BF STS and return
4646 	 * the value for VHT CAP: nsts-1)
4647 	 */
4648 	if (nsts == 0)
4649 		return 3;
4650 
4651 	return nsts;
4652 }
4653 
4654 static int ath10k_mac_get_vht_cap_bf_sound_dim(struct ath10k *ar)
4655 {
4656 	int sound_dim = ar->vht_cap_info;
4657 
4658 	sound_dim &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4659 	sound_dim >>= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4660 
4661 	/* If the sounding dimension is not advertised by the firmware,
4662 	 * let's use a default value of 1
4663 	 */
4664 	if (sound_dim == 0)
4665 		return 1;
4666 
4667 	return sound_dim;
4668 }
4669 
4670 static struct ieee80211_sta_vht_cap ath10k_create_vht_cap(struct ath10k *ar)
4671 {
4672 	struct ieee80211_sta_vht_cap vht_cap = {0};
4673 	struct ath10k_hw_params *hw = &ar->hw_params;
4674 	u16 mcs_map;
4675 	u32 val;
4676 	int i;
4677 
4678 	vht_cap.vht_supported = 1;
4679 	vht_cap.cap = ar->vht_cap_info;
4680 
4681 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
4682 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
4683 		val = ath10k_mac_get_vht_cap_bf_sts(ar);
4684 		val <<= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4685 		val &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4686 
4687 		vht_cap.cap |= val;
4688 	}
4689 
4690 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
4691 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
4692 		val = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
4693 		val <<= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4694 		val &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4695 
4696 		vht_cap.cap |= val;
4697 	}
4698 
4699 	mcs_map = 0;
4700 	for (i = 0; i < 8; i++) {
4701 		if ((i < ar->num_rf_chains) && (ar->cfg_tx_chainmask & BIT(i)))
4702 			mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
4703 		else
4704 			mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
4705 	}
4706 
4707 	if (ar->cfg_tx_chainmask <= 1)
4708 		vht_cap.cap &= ~IEEE80211_VHT_CAP_TXSTBC;
4709 
4710 	vht_cap.vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
4711 	vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
4712 
4713 	/* If we are supporting 160Mhz or 80+80, then the NIC may be able to do
4714 	 * a restricted NSS for 160 or 80+80 vs what it can do for 80Mhz.  Give
4715 	 * user-space a clue if that is the case.
4716 	 */
4717 	if ((vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) &&
4718 	    (hw->vht160_mcs_rx_highest != 0 ||
4719 	     hw->vht160_mcs_tx_highest != 0)) {
4720 		vht_cap.vht_mcs.rx_highest = cpu_to_le16(hw->vht160_mcs_rx_highest);
4721 		vht_cap.vht_mcs.tx_highest = cpu_to_le16(hw->vht160_mcs_tx_highest);
4722 	}
4723 
4724 	return vht_cap;
4725 }
4726 
4727 static struct ieee80211_sta_ht_cap ath10k_get_ht_cap(struct ath10k *ar)
4728 {
4729 	int i;
4730 	struct ieee80211_sta_ht_cap ht_cap = {0};
4731 
4732 	if (!(ar->ht_cap_info & WMI_HT_CAP_ENABLED))
4733 		return ht_cap;
4734 
4735 	ht_cap.ht_supported = 1;
4736 	ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
4737 	ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_8;
4738 	ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
4739 	ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
4740 	ht_cap.cap |=
4741 		WLAN_HT_CAP_SM_PS_DISABLED << IEEE80211_HT_CAP_SM_PS_SHIFT;
4742 
4743 	if (ar->ht_cap_info & WMI_HT_CAP_HT20_SGI)
4744 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
4745 
4746 	if (ar->ht_cap_info & WMI_HT_CAP_HT40_SGI)
4747 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
4748 
4749 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS) {
4750 		u32 smps;
4751 
4752 		smps   = WLAN_HT_CAP_SM_PS_DYNAMIC;
4753 		smps <<= IEEE80211_HT_CAP_SM_PS_SHIFT;
4754 
4755 		ht_cap.cap |= smps;
4756 	}
4757 
4758 	if (ar->ht_cap_info & WMI_HT_CAP_TX_STBC && (ar->cfg_tx_chainmask > 1))
4759 		ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
4760 
4761 	if (ar->ht_cap_info & WMI_HT_CAP_RX_STBC) {
4762 		u32 stbc;
4763 
4764 		stbc   = ar->ht_cap_info;
4765 		stbc  &= WMI_HT_CAP_RX_STBC;
4766 		stbc >>= WMI_HT_CAP_RX_STBC_MASK_SHIFT;
4767 		stbc <<= IEEE80211_HT_CAP_RX_STBC_SHIFT;
4768 		stbc  &= IEEE80211_HT_CAP_RX_STBC;
4769 
4770 		ht_cap.cap |= stbc;
4771 	}
4772 
4773 	if (ar->ht_cap_info & WMI_HT_CAP_LDPC || (ar->ht_cap_info &
4774 	    WMI_HT_CAP_RX_LDPC && (ar->ht_cap_info & WMI_HT_CAP_TX_LDPC)))
4775 		ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
4776 
4777 	if (ar->ht_cap_info & WMI_HT_CAP_L_SIG_TXOP_PROT)
4778 		ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
4779 
4780 	/* max AMSDU is implicitly taken from vht_cap_info */
4781 	if (ar->vht_cap_info & WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
4782 		ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
4783 
4784 	for (i = 0; i < ar->num_rf_chains; i++) {
4785 		if (ar->cfg_rx_chainmask & BIT(i))
4786 			ht_cap.mcs.rx_mask[i] = 0xFF;
4787 	}
4788 
4789 	ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
4790 
4791 	return ht_cap;
4792 }
4793 
4794 static void ath10k_mac_setup_ht_vht_cap(struct ath10k *ar)
4795 {
4796 	struct ieee80211_supported_band *band;
4797 	struct ieee80211_sta_vht_cap vht_cap;
4798 	struct ieee80211_sta_ht_cap ht_cap;
4799 
4800 	ht_cap = ath10k_get_ht_cap(ar);
4801 	vht_cap = ath10k_create_vht_cap(ar);
4802 
4803 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
4804 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
4805 		band->ht_cap = ht_cap;
4806 	}
4807 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
4808 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
4809 		band->ht_cap = ht_cap;
4810 		band->vht_cap = vht_cap;
4811 	}
4812 }
4813 
4814 static int __ath10k_set_antenna(struct ath10k *ar, u32 tx_ant, u32 rx_ant)
4815 {
4816 	int ret;
4817 	bool is_valid_tx_chain_mask, is_valid_rx_chain_mask;
4818 
4819 	lockdep_assert_held(&ar->conf_mutex);
4820 
4821 	is_valid_tx_chain_mask = ath10k_check_chain_mask(ar, tx_ant, "tx");
4822 	is_valid_rx_chain_mask = ath10k_check_chain_mask(ar, rx_ant, "rx");
4823 
4824 	if (!is_valid_tx_chain_mask || !is_valid_rx_chain_mask)
4825 		return -EINVAL;
4826 
4827 	ar->cfg_tx_chainmask = tx_ant;
4828 	ar->cfg_rx_chainmask = rx_ant;
4829 
4830 	if ((ar->state != ATH10K_STATE_ON) &&
4831 	    (ar->state != ATH10K_STATE_RESTARTED))
4832 		return 0;
4833 
4834 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->tx_chain_mask,
4835 					tx_ant);
4836 	if (ret) {
4837 		ath10k_warn(ar, "failed to set tx-chainmask: %d, req 0x%x\n",
4838 			    ret, tx_ant);
4839 		return ret;
4840 	}
4841 
4842 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rx_chain_mask,
4843 					rx_ant);
4844 	if (ret) {
4845 		ath10k_warn(ar, "failed to set rx-chainmask: %d, req 0x%x\n",
4846 			    ret, rx_ant);
4847 		return ret;
4848 	}
4849 
4850 	/* Reload HT/VHT capability */
4851 	ath10k_mac_setup_ht_vht_cap(ar);
4852 
4853 	return 0;
4854 }
4855 
4856 static int ath10k_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
4857 {
4858 	struct ath10k *ar = hw->priv;
4859 	int ret;
4860 
4861 	mutex_lock(&ar->conf_mutex);
4862 	ret = __ath10k_set_antenna(ar, tx_ant, rx_ant);
4863 	mutex_unlock(&ar->conf_mutex);
4864 	return ret;
4865 }
4866 
4867 static int __ath10k_fetch_bb_timing_dt(struct ath10k *ar,
4868 				       struct wmi_bb_timing_cfg_arg *bb_timing)
4869 {
4870 	struct device_node *node;
4871 	const char *fem_name;
4872 	int ret;
4873 
4874 	node = ar->dev->of_node;
4875 	if (!node)
4876 		return -ENOENT;
4877 
4878 	ret = of_property_read_string_index(node, "ext-fem-name", 0, &fem_name);
4879 	if (ret)
4880 		return -ENOENT;
4881 
4882 	/*
4883 	 * If external Front End module used in hardware, then default base band timing
4884 	 * parameter cannot be used since they were fine tuned for reference hardware,
4885 	 * so choosing different value suitable for that external FEM.
4886 	 */
4887 	if (!strcmp("microsemi-lx5586", fem_name)) {
4888 		bb_timing->bb_tx_timing = 0x00;
4889 		bb_timing->bb_xpa_timing = 0x0101;
4890 	} else {
4891 		return -ENOENT;
4892 	}
4893 
4894 	ath10k_dbg(ar, ATH10K_DBG_BOOT, "boot bb_tx_timing 0x%x bb_xpa_timing 0x%x\n",
4895 		   bb_timing->bb_tx_timing, bb_timing->bb_xpa_timing);
4896 	return 0;
4897 }
4898 
4899 static int ath10k_mac_rfkill_config(struct ath10k *ar)
4900 {
4901 	u32 param;
4902 	int ret;
4903 
4904 	if (ar->hw_values->rfkill_pin == 0) {
4905 		ath10k_warn(ar, "ath10k does not support hardware rfkill with this device\n");
4906 		return -EOPNOTSUPP;
4907 	}
4908 
4909 	ath10k_dbg(ar, ATH10K_DBG_MAC,
4910 		   "mac rfkill_pin %d rfkill_cfg %d rfkill_on_level %d",
4911 		   ar->hw_values->rfkill_pin, ar->hw_values->rfkill_cfg,
4912 		   ar->hw_values->rfkill_on_level);
4913 
4914 	param = FIELD_PREP(WMI_TLV_RFKILL_CFG_RADIO_LEVEL,
4915 			   ar->hw_values->rfkill_on_level) |
4916 		FIELD_PREP(WMI_TLV_RFKILL_CFG_GPIO_PIN_NUM,
4917 			   ar->hw_values->rfkill_pin) |
4918 		FIELD_PREP(WMI_TLV_RFKILL_CFG_PIN_AS_GPIO,
4919 			   ar->hw_values->rfkill_cfg);
4920 
4921 	ret = ath10k_wmi_pdev_set_param(ar,
4922 					ar->wmi.pdev_param->rfkill_config,
4923 					param);
4924 	if (ret) {
4925 		ath10k_warn(ar,
4926 			    "failed to set rfkill config 0x%x: %d\n",
4927 			    param, ret);
4928 		return ret;
4929 	}
4930 	return 0;
4931 }
4932 
4933 int ath10k_mac_rfkill_enable_radio(struct ath10k *ar, bool enable)
4934 {
4935 	enum wmi_tlv_rfkill_enable_radio param;
4936 	int ret;
4937 
4938 	if (enable)
4939 		param = WMI_TLV_RFKILL_ENABLE_RADIO_ON;
4940 	else
4941 		param = WMI_TLV_RFKILL_ENABLE_RADIO_OFF;
4942 
4943 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac rfkill enable %d", param);
4944 
4945 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rfkill_enable,
4946 					param);
4947 	if (ret) {
4948 		ath10k_warn(ar, "failed to set rfkill enable param %d: %d\n",
4949 			    param, ret);
4950 		return ret;
4951 	}
4952 
4953 	return 0;
4954 }
4955 
4956 static int ath10k_start(struct ieee80211_hw *hw)
4957 {
4958 	struct ath10k *ar = hw->priv;
4959 	u32 param;
4960 	int ret = 0;
4961 	struct wmi_bb_timing_cfg_arg bb_timing = {0};
4962 
4963 	/*
4964 	 * This makes sense only when restarting hw. It is harmless to call
4965 	 * unconditionally. This is necessary to make sure no HTT/WMI tx
4966 	 * commands will be submitted while restarting.
4967 	 */
4968 	ath10k_drain_tx(ar);
4969 
4970 	mutex_lock(&ar->conf_mutex);
4971 
4972 	switch (ar->state) {
4973 	case ATH10K_STATE_OFF:
4974 		ar->state = ATH10K_STATE_ON;
4975 		break;
4976 	case ATH10K_STATE_RESTARTING:
4977 		ar->state = ATH10K_STATE_RESTARTED;
4978 		break;
4979 	case ATH10K_STATE_ON:
4980 	case ATH10K_STATE_RESTARTED:
4981 	case ATH10K_STATE_WEDGED:
4982 		WARN_ON(1);
4983 		ret = -EINVAL;
4984 		goto err;
4985 	case ATH10K_STATE_UTF:
4986 		ret = -EBUSY;
4987 		goto err;
4988 	}
4989 
4990 	spin_lock_bh(&ar->data_lock);
4991 
4992 	if (ar->hw_rfkill_on) {
4993 		ar->hw_rfkill_on = false;
4994 		spin_unlock_bh(&ar->data_lock);
4995 		goto err;
4996 	}
4997 
4998 	spin_unlock_bh(&ar->data_lock);
4999 
5000 	ret = ath10k_hif_power_up(ar, ATH10K_FIRMWARE_MODE_NORMAL);
5001 	if (ret) {
5002 		ath10k_err(ar, "Could not init hif: %d\n", ret);
5003 		goto err_off;
5004 	}
5005 
5006 	ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_NORMAL,
5007 				&ar->normal_mode_fw);
5008 	if (ret) {
5009 		ath10k_err(ar, "Could not init core: %d\n", ret);
5010 		goto err_power_down;
5011 	}
5012 
5013 	if (ar->sys_cap_info & WMI_TLV_SYS_CAP_INFO_RFKILL) {
5014 		ret = ath10k_mac_rfkill_config(ar);
5015 		if (ret && ret != -EOPNOTSUPP) {
5016 			ath10k_warn(ar, "failed to configure rfkill: %d", ret);
5017 			goto err_core_stop;
5018 		}
5019 	}
5020 
5021 	param = ar->wmi.pdev_param->pmf_qos;
5022 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5023 	if (ret) {
5024 		ath10k_warn(ar, "failed to enable PMF QOS: %d\n", ret);
5025 		goto err_core_stop;
5026 	}
5027 
5028 	param = ar->wmi.pdev_param->dynamic_bw;
5029 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5030 	if (ret) {
5031 		ath10k_warn(ar, "failed to enable dynamic BW: %d\n", ret);
5032 		goto err_core_stop;
5033 	}
5034 
5035 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
5036 		ret = ath10k_wmi_scan_prob_req_oui(ar, ar->mac_addr);
5037 		if (ret) {
5038 			ath10k_err(ar, "failed to set prob req oui: %i\n", ret);
5039 			goto err_core_stop;
5040 		}
5041 	}
5042 
5043 	if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
5044 		ret = ath10k_wmi_adaptive_qcs(ar, true);
5045 		if (ret) {
5046 			ath10k_warn(ar, "failed to enable adaptive qcs: %d\n",
5047 				    ret);
5048 			goto err_core_stop;
5049 		}
5050 	}
5051 
5052 	if (test_bit(WMI_SERVICE_BURST, ar->wmi.svc_map)) {
5053 		param = ar->wmi.pdev_param->burst_enable;
5054 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5055 		if (ret) {
5056 			ath10k_warn(ar, "failed to disable burst: %d\n", ret);
5057 			goto err_core_stop;
5058 		}
5059 	}
5060 
5061 	param = ar->wmi.pdev_param->idle_ps_config;
5062 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5063 	if (ret && ret != -EOPNOTSUPP) {
5064 		ath10k_warn(ar, "failed to enable idle_ps_config: %d\n", ret);
5065 		goto err_core_stop;
5066 	}
5067 
5068 	__ath10k_set_antenna(ar, ar->cfg_tx_chainmask, ar->cfg_rx_chainmask);
5069 
5070 	/*
5071 	 * By default FW set ARP frames ac to voice (6). In that case ARP
5072 	 * exchange is not working properly for UAPSD enabled AP. ARP requests
5073 	 * which arrives with access category 0 are processed by network stack
5074 	 * and send back with access category 0, but FW changes access category
5075 	 * to 6. Set ARP frames access category to best effort (0) solves
5076 	 * this problem.
5077 	 */
5078 
5079 	param = ar->wmi.pdev_param->arp_ac_override;
5080 	ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5081 	if (ret) {
5082 		ath10k_warn(ar, "failed to set arp ac override parameter: %d\n",
5083 			    ret);
5084 		goto err_core_stop;
5085 	}
5086 
5087 	if (test_bit(ATH10K_FW_FEATURE_SUPPORTS_ADAPTIVE_CCA,
5088 		     ar->running_fw->fw_file.fw_features)) {
5089 		ret = ath10k_wmi_pdev_enable_adaptive_cca(ar, 1,
5090 							  WMI_CCA_DETECT_LEVEL_AUTO,
5091 							  WMI_CCA_DETECT_MARGIN_AUTO);
5092 		if (ret) {
5093 			ath10k_warn(ar, "failed to enable adaptive cca: %d\n",
5094 				    ret);
5095 			goto err_core_stop;
5096 		}
5097 	}
5098 
5099 	param = ar->wmi.pdev_param->ani_enable;
5100 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5101 	if (ret) {
5102 		ath10k_warn(ar, "failed to enable ani by default: %d\n",
5103 			    ret);
5104 		goto err_core_stop;
5105 	}
5106 
5107 	ar->ani_enabled = true;
5108 
5109 	if (ath10k_peer_stats_enabled(ar)) {
5110 		param = ar->wmi.pdev_param->peer_stats_update_period;
5111 		ret = ath10k_wmi_pdev_set_param(ar, param,
5112 						PEER_DEFAULT_STATS_UPDATE_PERIOD);
5113 		if (ret) {
5114 			ath10k_warn(ar,
5115 				    "failed to set peer stats period : %d\n",
5116 				    ret);
5117 			goto err_core_stop;
5118 		}
5119 	}
5120 
5121 	param = ar->wmi.pdev_param->enable_btcoex;
5122 	if (test_bit(WMI_SERVICE_COEX_GPIO, ar->wmi.svc_map) &&
5123 	    test_bit(ATH10K_FW_FEATURE_BTCOEX_PARAM,
5124 		     ar->running_fw->fw_file.fw_features) &&
5125 	    ar->coex_support) {
5126 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5127 		if (ret) {
5128 			ath10k_warn(ar,
5129 				    "failed to set btcoex param: %d\n", ret);
5130 			goto err_core_stop;
5131 		}
5132 		clear_bit(ATH10K_FLAG_BTCOEX, &ar->dev_flags);
5133 	}
5134 
5135 	if (test_bit(WMI_SERVICE_BB_TIMING_CONFIG_SUPPORT, ar->wmi.svc_map)) {
5136 		ret = __ath10k_fetch_bb_timing_dt(ar, &bb_timing);
5137 		if (!ret) {
5138 			ret = ath10k_wmi_pdev_bb_timing(ar, &bb_timing);
5139 			if (ret) {
5140 				ath10k_warn(ar,
5141 					    "failed to set bb timings: %d\n",
5142 					    ret);
5143 				goto err_core_stop;
5144 			}
5145 		}
5146 	}
5147 
5148 	ar->num_started_vdevs = 0;
5149 	ath10k_regd_update(ar);
5150 
5151 	ath10k_spectral_start(ar);
5152 	ath10k_thermal_set_throttling(ar);
5153 
5154 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_IDLE;
5155 
5156 	mutex_unlock(&ar->conf_mutex);
5157 	return 0;
5158 
5159 err_core_stop:
5160 	ath10k_core_stop(ar);
5161 
5162 err_power_down:
5163 	ath10k_hif_power_down(ar);
5164 
5165 err_off:
5166 	ar->state = ATH10K_STATE_OFF;
5167 
5168 err:
5169 	mutex_unlock(&ar->conf_mutex);
5170 	return ret;
5171 }
5172 
5173 static void ath10k_stop(struct ieee80211_hw *hw)
5174 {
5175 	struct ath10k *ar = hw->priv;
5176 
5177 	ath10k_drain_tx(ar);
5178 
5179 	mutex_lock(&ar->conf_mutex);
5180 	if (ar->state != ATH10K_STATE_OFF) {
5181 		if (!ar->hw_rfkill_on)
5182 			ath10k_halt(ar);
5183 		ar->state = ATH10K_STATE_OFF;
5184 	}
5185 	mutex_unlock(&ar->conf_mutex);
5186 
5187 	cancel_work_sync(&ar->set_coverage_class_work);
5188 	cancel_delayed_work_sync(&ar->scan.timeout);
5189 	cancel_work_sync(&ar->restart_work);
5190 }
5191 
5192 static int ath10k_config_ps(struct ath10k *ar)
5193 {
5194 	struct ath10k_vif *arvif;
5195 	int ret = 0;
5196 
5197 	lockdep_assert_held(&ar->conf_mutex);
5198 
5199 	list_for_each_entry(arvif, &ar->arvifs, list) {
5200 		ret = ath10k_mac_vif_setup_ps(arvif);
5201 		if (ret) {
5202 			ath10k_warn(ar, "failed to setup powersave: %d\n", ret);
5203 			break;
5204 		}
5205 	}
5206 
5207 	return ret;
5208 }
5209 
5210 static int ath10k_mac_txpower_setup(struct ath10k *ar, int txpower)
5211 {
5212 	int ret;
5213 	u32 param;
5214 
5215 	lockdep_assert_held(&ar->conf_mutex);
5216 
5217 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac txpower %d\n", txpower);
5218 
5219 	param = ar->wmi.pdev_param->txpower_limit2g;
5220 	ret = ath10k_wmi_pdev_set_param(ar, param, txpower * 2);
5221 	if (ret) {
5222 		ath10k_warn(ar, "failed to set 2g txpower %d: %d\n",
5223 			    txpower, ret);
5224 		return ret;
5225 	}
5226 
5227 	param = ar->wmi.pdev_param->txpower_limit5g;
5228 	ret = ath10k_wmi_pdev_set_param(ar, param, txpower * 2);
5229 	if (ret) {
5230 		ath10k_warn(ar, "failed to set 5g txpower %d: %d\n",
5231 			    txpower, ret);
5232 		return ret;
5233 	}
5234 
5235 	return 0;
5236 }
5237 
5238 static int ath10k_mac_txpower_recalc(struct ath10k *ar)
5239 {
5240 	struct ath10k_vif *arvif;
5241 	int ret, txpower = -1;
5242 
5243 	lockdep_assert_held(&ar->conf_mutex);
5244 
5245 	list_for_each_entry(arvif, &ar->arvifs, list) {
5246 		/* txpower not initialized yet? */
5247 		if (arvif->txpower == INT_MIN)
5248 			continue;
5249 
5250 		if (txpower == -1)
5251 			txpower = arvif->txpower;
5252 		else
5253 			txpower = min(txpower, arvif->txpower);
5254 	}
5255 
5256 	if (txpower == -1)
5257 		return 0;
5258 
5259 	ret = ath10k_mac_txpower_setup(ar, txpower);
5260 	if (ret) {
5261 		ath10k_warn(ar, "failed to setup tx power %d: %d\n",
5262 			    txpower, ret);
5263 		return ret;
5264 	}
5265 
5266 	return 0;
5267 }
5268 
5269 static int ath10k_config(struct ieee80211_hw *hw, u32 changed)
5270 {
5271 	struct ath10k *ar = hw->priv;
5272 	struct ieee80211_conf *conf = &hw->conf;
5273 	int ret = 0;
5274 
5275 	mutex_lock(&ar->conf_mutex);
5276 
5277 	if (changed & IEEE80211_CONF_CHANGE_PS)
5278 		ath10k_config_ps(ar);
5279 
5280 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
5281 		ar->monitor = conf->flags & IEEE80211_CONF_MONITOR;
5282 		ret = ath10k_monitor_recalc(ar);
5283 		if (ret)
5284 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5285 	}
5286 
5287 	mutex_unlock(&ar->conf_mutex);
5288 	return ret;
5289 }
5290 
5291 static u32 get_nss_from_chainmask(u16 chain_mask)
5292 {
5293 	if ((chain_mask & 0xf) == 0xf)
5294 		return 4;
5295 	else if ((chain_mask & 0x7) == 0x7)
5296 		return 3;
5297 	else if ((chain_mask & 0x3) == 0x3)
5298 		return 2;
5299 	return 1;
5300 }
5301 
5302 static int ath10k_mac_set_txbf_conf(struct ath10k_vif *arvif)
5303 {
5304 	u32 value = 0;
5305 	struct ath10k *ar = arvif->ar;
5306 	int nsts;
5307 	int sound_dim;
5308 
5309 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_BEFORE_ASSOC)
5310 		return 0;
5311 
5312 	nsts = ath10k_mac_get_vht_cap_bf_sts(ar);
5313 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
5314 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE))
5315 		value |= SM(nsts, WMI_TXBF_STS_CAP_OFFSET);
5316 
5317 	sound_dim = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
5318 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
5319 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE))
5320 		value |= SM(sound_dim, WMI_BF_SOUND_DIM_OFFSET);
5321 
5322 	if (!value)
5323 		return 0;
5324 
5325 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
5326 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
5327 
5328 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
5329 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFER |
5330 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFER);
5331 
5332 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
5333 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
5334 
5335 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
5336 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFEE |
5337 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFEE);
5338 
5339 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
5340 					 ar->wmi.vdev_param->txbf, value);
5341 }
5342 
5343 /*
5344  * TODO:
5345  * Figure out how to handle WMI_VDEV_SUBTYPE_P2P_DEVICE,
5346  * because we will send mgmt frames without CCK. This requirement
5347  * for P2P_FIND/GO_NEG should be handled by checking CCK flag
5348  * in the TX packet.
5349  */
5350 static int ath10k_add_interface(struct ieee80211_hw *hw,
5351 				struct ieee80211_vif *vif)
5352 {
5353 	struct ath10k *ar = hw->priv;
5354 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5355 	struct ath10k_peer *peer;
5356 	enum wmi_sta_powersave_param param;
5357 	int ret = 0;
5358 	u32 value;
5359 	int bit;
5360 	int i;
5361 	u32 vdev_param;
5362 
5363 	vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD;
5364 
5365 	mutex_lock(&ar->conf_mutex);
5366 
5367 	memset(arvif, 0, sizeof(*arvif));
5368 	ath10k_mac_txq_init(vif->txq);
5369 
5370 	arvif->ar = ar;
5371 	arvif->vif = vif;
5372 
5373 	INIT_LIST_HEAD(&arvif->list);
5374 	INIT_WORK(&arvif->ap_csa_work, ath10k_mac_vif_ap_csa_work);
5375 	INIT_DELAYED_WORK(&arvif->connection_loss_work,
5376 			  ath10k_mac_vif_sta_connection_loss_work);
5377 
5378 	for (i = 0; i < ARRAY_SIZE(arvif->bitrate_mask.control); i++) {
5379 		arvif->bitrate_mask.control[i].legacy = 0xffffffff;
5380 		memset(arvif->bitrate_mask.control[i].ht_mcs, 0xff,
5381 		       sizeof(arvif->bitrate_mask.control[i].ht_mcs));
5382 		memset(arvif->bitrate_mask.control[i].vht_mcs, 0xff,
5383 		       sizeof(arvif->bitrate_mask.control[i].vht_mcs));
5384 	}
5385 
5386 	if (ar->num_peers >= ar->max_num_peers) {
5387 		ath10k_warn(ar, "refusing vdev creation due to insufficient peer entry resources in firmware\n");
5388 		ret = -ENOBUFS;
5389 		goto err;
5390 	}
5391 
5392 	if (ar->free_vdev_map == 0) {
5393 		ath10k_warn(ar, "Free vdev map is empty, no more interfaces allowed.\n");
5394 		ret = -EBUSY;
5395 		goto err;
5396 	}
5397 	bit = __ffs64(ar->free_vdev_map);
5398 
5399 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac create vdev %i map %llx\n",
5400 		   bit, ar->free_vdev_map);
5401 
5402 	arvif->vdev_id = bit;
5403 	arvif->vdev_subtype =
5404 		ath10k_wmi_get_vdev_subtype(ar, WMI_VDEV_SUBTYPE_NONE);
5405 
5406 	switch (vif->type) {
5407 	case NL80211_IFTYPE_P2P_DEVICE:
5408 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5409 		arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5410 					(ar, WMI_VDEV_SUBTYPE_P2P_DEVICE);
5411 		break;
5412 	case NL80211_IFTYPE_UNSPECIFIED:
5413 	case NL80211_IFTYPE_STATION:
5414 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5415 		if (vif->p2p)
5416 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5417 					(ar, WMI_VDEV_SUBTYPE_P2P_CLIENT);
5418 		break;
5419 	case NL80211_IFTYPE_ADHOC:
5420 		arvif->vdev_type = WMI_VDEV_TYPE_IBSS;
5421 		break;
5422 	case NL80211_IFTYPE_MESH_POINT:
5423 		if (test_bit(WMI_SERVICE_MESH_11S, ar->wmi.svc_map)) {
5424 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5425 						(ar, WMI_VDEV_SUBTYPE_MESH_11S);
5426 		} else if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5427 			ret = -EINVAL;
5428 			ath10k_warn(ar, "must load driver with rawmode=1 to add mesh interfaces\n");
5429 			goto err;
5430 		}
5431 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5432 		break;
5433 	case NL80211_IFTYPE_AP:
5434 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5435 
5436 		if (vif->p2p)
5437 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5438 						(ar, WMI_VDEV_SUBTYPE_P2P_GO);
5439 		break;
5440 	case NL80211_IFTYPE_MONITOR:
5441 		arvif->vdev_type = WMI_VDEV_TYPE_MONITOR;
5442 		break;
5443 	default:
5444 		WARN_ON(1);
5445 		break;
5446 	}
5447 
5448 	/* Using vdev_id as queue number will make it very easy to do per-vif
5449 	 * tx queue locking. This shouldn't wrap due to interface combinations
5450 	 * but do a modulo for correctness sake and prevent using offchannel tx
5451 	 * queues for regular vif tx.
5452 	 */
5453 	vif->cab_queue = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5454 	for (i = 0; i < ARRAY_SIZE(vif->hw_queue); i++)
5455 		vif->hw_queue[i] = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5456 
5457 	/* Some firmware revisions don't wait for beacon tx completion before
5458 	 * sending another SWBA event. This could lead to hardware using old
5459 	 * (freed) beacon data in some cases, e.g. tx credit starvation
5460 	 * combined with missed TBTT. This is very rare.
5461 	 *
5462 	 * On non-IOMMU-enabled hosts this could be a possible security issue
5463 	 * because hw could beacon some random data on the air.  On
5464 	 * IOMMU-enabled hosts DMAR faults would occur in most cases and target
5465 	 * device would crash.
5466 	 *
5467 	 * Since there are no beacon tx completions (implicit nor explicit)
5468 	 * propagated to host the only workaround for this is to allocate a
5469 	 * DMA-coherent buffer for a lifetime of a vif and use it for all
5470 	 * beacon tx commands. Worst case for this approach is some beacons may
5471 	 * become corrupted, e.g. have garbled IEs or out-of-date TIM bitmap.
5472 	 */
5473 	if (vif->type == NL80211_IFTYPE_ADHOC ||
5474 	    vif->type == NL80211_IFTYPE_MESH_POINT ||
5475 	    vif->type == NL80211_IFTYPE_AP) {
5476 		arvif->beacon_buf = dma_alloc_coherent(ar->dev,
5477 						       IEEE80211_MAX_FRAME_LEN,
5478 						       &arvif->beacon_paddr,
5479 						       GFP_ATOMIC);
5480 		if (!arvif->beacon_buf) {
5481 			ret = -ENOMEM;
5482 			ath10k_warn(ar, "failed to allocate beacon buffer: %d\n",
5483 				    ret);
5484 			goto err;
5485 		}
5486 	}
5487 	if (test_bit(ATH10K_FLAG_HW_CRYPTO_DISABLED, &ar->dev_flags))
5488 		arvif->nohwcrypt = true;
5489 
5490 	if (arvif->nohwcrypt &&
5491 	    !test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5492 		ath10k_warn(ar, "cryptmode module param needed for sw crypto\n");
5493 		goto err;
5494 	}
5495 
5496 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev create %d (add interface) type %d subtype %d bcnmode %s\n",
5497 		   arvif->vdev_id, arvif->vdev_type, arvif->vdev_subtype,
5498 		   arvif->beacon_buf ? "single-buf" : "per-skb");
5499 
5500 	ret = ath10k_wmi_vdev_create(ar, arvif->vdev_id, arvif->vdev_type,
5501 				     arvif->vdev_subtype, vif->addr);
5502 	if (ret) {
5503 		ath10k_warn(ar, "failed to create WMI vdev %i: %d\n",
5504 			    arvif->vdev_id, ret);
5505 		goto err;
5506 	}
5507 
5508 	if (test_bit(WMI_SERVICE_VDEV_DISABLE_4_ADDR_SRC_LRN_SUPPORT,
5509 		     ar->wmi.svc_map)) {
5510 		vdev_param = ar->wmi.vdev_param->disable_4addr_src_lrn;
5511 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5512 						WMI_VDEV_DISABLE_4_ADDR_SRC_LRN);
5513 		if (ret && ret != -EOPNOTSUPP) {
5514 			ath10k_warn(ar, "failed to disable 4addr src lrn vdev %i: %d\n",
5515 				    arvif->vdev_id, ret);
5516 		}
5517 	}
5518 
5519 	ar->free_vdev_map &= ~(1LL << arvif->vdev_id);
5520 	spin_lock_bh(&ar->data_lock);
5521 	list_add(&arvif->list, &ar->arvifs);
5522 	spin_unlock_bh(&ar->data_lock);
5523 
5524 	/* It makes no sense to have firmware do keepalives. mac80211 already
5525 	 * takes care of this with idle connection polling.
5526 	 */
5527 	ret = ath10k_mac_vif_disable_keepalive(arvif);
5528 	if (ret) {
5529 		ath10k_warn(ar, "failed to disable keepalive on vdev %i: %d\n",
5530 			    arvif->vdev_id, ret);
5531 		goto err_vdev_delete;
5532 	}
5533 
5534 	arvif->def_wep_key_idx = -1;
5535 
5536 	vdev_param = ar->wmi.vdev_param->tx_encap_type;
5537 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5538 					ATH10K_HW_TXRX_NATIVE_WIFI);
5539 	/* 10.X firmware does not support this VDEV parameter. Do not warn */
5540 	if (ret && ret != -EOPNOTSUPP) {
5541 		ath10k_warn(ar, "failed to set vdev %i TX encapsulation: %d\n",
5542 			    arvif->vdev_id, ret);
5543 		goto err_vdev_delete;
5544 	}
5545 
5546 	/* Configuring number of spatial stream for monitor interface is causing
5547 	 * target assert in qca9888 and qca6174.
5548 	 */
5549 	if (ar->cfg_tx_chainmask && (vif->type != NL80211_IFTYPE_MONITOR)) {
5550 		u16 nss = get_nss_from_chainmask(ar->cfg_tx_chainmask);
5551 
5552 		vdev_param = ar->wmi.vdev_param->nss;
5553 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5554 						nss);
5555 		if (ret) {
5556 			ath10k_warn(ar, "failed to set vdev %i chainmask 0x%x, nss %i: %d\n",
5557 				    arvif->vdev_id, ar->cfg_tx_chainmask, nss,
5558 				    ret);
5559 			goto err_vdev_delete;
5560 		}
5561 	}
5562 
5563 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5564 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5565 		ret = ath10k_peer_create(ar, vif, NULL, arvif->vdev_id,
5566 					 vif->addr, WMI_PEER_TYPE_DEFAULT);
5567 		if (ret) {
5568 			ath10k_warn(ar, "failed to create vdev %i peer for AP/IBSS: %d\n",
5569 				    arvif->vdev_id, ret);
5570 			goto err_vdev_delete;
5571 		}
5572 
5573 		spin_lock_bh(&ar->data_lock);
5574 
5575 		peer = ath10k_peer_find(ar, arvif->vdev_id, vif->addr);
5576 		if (!peer) {
5577 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
5578 				    vif->addr, arvif->vdev_id);
5579 			spin_unlock_bh(&ar->data_lock);
5580 			ret = -ENOENT;
5581 			goto err_peer_delete;
5582 		}
5583 
5584 		arvif->peer_id = find_first_bit(peer->peer_ids,
5585 						ATH10K_MAX_NUM_PEER_IDS);
5586 
5587 		spin_unlock_bh(&ar->data_lock);
5588 	} else {
5589 		arvif->peer_id = HTT_INVALID_PEERID;
5590 	}
5591 
5592 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
5593 		ret = ath10k_mac_set_kickout(arvif);
5594 		if (ret) {
5595 			ath10k_warn(ar, "failed to set vdev %i kickout parameters: %d\n",
5596 				    arvif->vdev_id, ret);
5597 			goto err_peer_delete;
5598 		}
5599 	}
5600 
5601 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
5602 		param = WMI_STA_PS_PARAM_RX_WAKE_POLICY;
5603 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
5604 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5605 						  param, value);
5606 		if (ret) {
5607 			ath10k_warn(ar, "failed to set vdev %i RX wake policy: %d\n",
5608 				    arvif->vdev_id, ret);
5609 			goto err_peer_delete;
5610 		}
5611 
5612 		ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
5613 		if (ret) {
5614 			ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
5615 				    arvif->vdev_id, ret);
5616 			goto err_peer_delete;
5617 		}
5618 
5619 		ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
5620 		if (ret) {
5621 			ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
5622 				    arvif->vdev_id, ret);
5623 			goto err_peer_delete;
5624 		}
5625 	}
5626 
5627 	ret = ath10k_mac_set_txbf_conf(arvif);
5628 	if (ret) {
5629 		ath10k_warn(ar, "failed to set txbf for vdev %d: %d\n",
5630 			    arvif->vdev_id, ret);
5631 		goto err_peer_delete;
5632 	}
5633 
5634 	ret = ath10k_mac_set_rts(arvif, ar->hw->wiphy->rts_threshold);
5635 	if (ret) {
5636 		ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
5637 			    arvif->vdev_id, ret);
5638 		goto err_peer_delete;
5639 	}
5640 
5641 	arvif->txpower = vif->bss_conf.txpower;
5642 	ret = ath10k_mac_txpower_recalc(ar);
5643 	if (ret) {
5644 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
5645 		goto err_peer_delete;
5646 	}
5647 
5648 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
5649 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
5650 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5651 						arvif->ftm_responder);
5652 
5653 		/* It is harmless to not set FTM role. Do not warn */
5654 		if (ret && ret != -EOPNOTSUPP)
5655 			ath10k_warn(ar, "failed to set vdev %i FTM Responder: %d\n",
5656 				    arvif->vdev_id, ret);
5657 	}
5658 
5659 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5660 		ar->monitor_arvif = arvif;
5661 		ret = ath10k_monitor_recalc(ar);
5662 		if (ret) {
5663 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5664 			goto err_peer_delete;
5665 		}
5666 	}
5667 
5668 	spin_lock_bh(&ar->htt.tx_lock);
5669 	if (!ar->tx_paused)
5670 		ieee80211_wake_queue(ar->hw, arvif->vdev_id);
5671 	spin_unlock_bh(&ar->htt.tx_lock);
5672 
5673 	mutex_unlock(&ar->conf_mutex);
5674 	return 0;
5675 
5676 err_peer_delete:
5677 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5678 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5679 		ath10k_wmi_peer_delete(ar, arvif->vdev_id, vif->addr);
5680 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5681 						 vif->addr);
5682 	}
5683 
5684 err_vdev_delete:
5685 	ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5686 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5687 	spin_lock_bh(&ar->data_lock);
5688 	list_del(&arvif->list);
5689 	spin_unlock_bh(&ar->data_lock);
5690 
5691 err:
5692 	if (arvif->beacon_buf) {
5693 		dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
5694 				  arvif->beacon_buf, arvif->beacon_paddr);
5695 		arvif->beacon_buf = NULL;
5696 	}
5697 
5698 	mutex_unlock(&ar->conf_mutex);
5699 
5700 	return ret;
5701 }
5702 
5703 static void ath10k_mac_vif_tx_unlock_all(struct ath10k_vif *arvif)
5704 {
5705 	int i;
5706 
5707 	for (i = 0; i < BITS_PER_LONG; i++)
5708 		ath10k_mac_vif_tx_unlock(arvif, i);
5709 }
5710 
5711 static void ath10k_remove_interface(struct ieee80211_hw *hw,
5712 				    struct ieee80211_vif *vif)
5713 {
5714 	struct ath10k *ar = hw->priv;
5715 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5716 	struct ath10k_peer *peer;
5717 	unsigned long time_left;
5718 	int ret;
5719 	int i;
5720 
5721 	cancel_work_sync(&arvif->ap_csa_work);
5722 	cancel_delayed_work_sync(&arvif->connection_loss_work);
5723 
5724 	mutex_lock(&ar->conf_mutex);
5725 
5726 	ret = ath10k_spectral_vif_stop(arvif);
5727 	if (ret)
5728 		ath10k_warn(ar, "failed to stop spectral for vdev %i: %d\n",
5729 			    arvif->vdev_id, ret);
5730 
5731 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5732 	spin_lock_bh(&ar->data_lock);
5733 	list_del(&arvif->list);
5734 	spin_unlock_bh(&ar->data_lock);
5735 
5736 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5737 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5738 		ret = ath10k_wmi_peer_delete(arvif->ar, arvif->vdev_id,
5739 					     vif->addr);
5740 		if (ret)
5741 			ath10k_warn(ar, "failed to submit AP/IBSS self-peer removal on vdev %i: %d\n",
5742 				    arvif->vdev_id, ret);
5743 
5744 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5745 						 vif->addr);
5746 		kfree(arvif->u.ap.noa_data);
5747 	}
5748 
5749 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i delete (remove interface)\n",
5750 		   arvif->vdev_id);
5751 
5752 	ret = ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5753 	if (ret)
5754 		ath10k_warn(ar, "failed to delete WMI vdev %i: %d\n",
5755 			    arvif->vdev_id, ret);
5756 
5757 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
5758 		time_left = wait_for_completion_timeout(&ar->vdev_delete_done,
5759 							ATH10K_VDEV_DELETE_TIMEOUT_HZ);
5760 		if (time_left == 0) {
5761 			ath10k_warn(ar, "Timeout in receiving vdev delete response\n");
5762 			goto out;
5763 		}
5764 	}
5765 
5766 	/* Some firmware revisions don't notify host about self-peer removal
5767 	 * until after associated vdev is deleted.
5768 	 */
5769 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5770 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5771 		ret = ath10k_wait_for_peer_deleted(ar, arvif->vdev_id,
5772 						   vif->addr);
5773 		if (ret)
5774 			ath10k_warn(ar, "failed to remove AP self-peer on vdev %i: %d\n",
5775 				    arvif->vdev_id, ret);
5776 
5777 		spin_lock_bh(&ar->data_lock);
5778 		ar->num_peers--;
5779 		spin_unlock_bh(&ar->data_lock);
5780 	}
5781 
5782 	spin_lock_bh(&ar->data_lock);
5783 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
5784 		peer = ar->peer_map[i];
5785 		if (!peer)
5786 			continue;
5787 
5788 		if (peer->vif == vif) {
5789 			ath10k_warn(ar, "found vif peer %pM entry on vdev %i after it was supposedly removed\n",
5790 				    vif->addr, arvif->vdev_id);
5791 			peer->vif = NULL;
5792 		}
5793 	}
5794 
5795 	/* Clean this up late, less opportunity for firmware to access
5796 	 * DMA memory we have deleted.
5797 	 */
5798 	ath10k_mac_vif_beacon_cleanup(arvif);
5799 	spin_unlock_bh(&ar->data_lock);
5800 
5801 	ath10k_peer_cleanup(ar, arvif->vdev_id);
5802 	ath10k_mac_txq_unref(ar, vif->txq);
5803 
5804 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5805 		ar->monitor_arvif = NULL;
5806 		ret = ath10k_monitor_recalc(ar);
5807 		if (ret)
5808 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5809 	}
5810 
5811 	ret = ath10k_mac_txpower_recalc(ar);
5812 	if (ret)
5813 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
5814 
5815 	spin_lock_bh(&ar->htt.tx_lock);
5816 	ath10k_mac_vif_tx_unlock_all(arvif);
5817 	spin_unlock_bh(&ar->htt.tx_lock);
5818 
5819 	ath10k_mac_txq_unref(ar, vif->txq);
5820 
5821 out:
5822 	mutex_unlock(&ar->conf_mutex);
5823 }
5824 
5825 /*
5826  * FIXME: Has to be verified.
5827  */
5828 #define SUPPORTED_FILTERS			\
5829 	(FIF_ALLMULTI |				\
5830 	FIF_CONTROL |				\
5831 	FIF_PSPOLL |				\
5832 	FIF_OTHER_BSS |				\
5833 	FIF_BCN_PRBRESP_PROMISC |		\
5834 	FIF_PROBE_REQ |				\
5835 	FIF_FCSFAIL)
5836 
5837 static void ath10k_configure_filter(struct ieee80211_hw *hw,
5838 				    unsigned int changed_flags,
5839 				    unsigned int *total_flags,
5840 				    u64 multicast)
5841 {
5842 	struct ath10k *ar = hw->priv;
5843 	int ret;
5844 
5845 	mutex_lock(&ar->conf_mutex);
5846 
5847 	changed_flags &= SUPPORTED_FILTERS;
5848 	*total_flags &= SUPPORTED_FILTERS;
5849 	ar->filter_flags = *total_flags;
5850 
5851 	ret = ath10k_monitor_recalc(ar);
5852 	if (ret)
5853 		ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5854 
5855 	mutex_unlock(&ar->conf_mutex);
5856 }
5857 
5858 static void ath10k_recalculate_mgmt_rate(struct ath10k *ar,
5859 					 struct ieee80211_vif *vif,
5860 					 struct cfg80211_chan_def *def)
5861 {
5862 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5863 	const struct ieee80211_supported_band *sband;
5864 	u8 basic_rate_idx;
5865 	int hw_rate_code;
5866 	u32 vdev_param;
5867 	u16 bitrate;
5868 	int ret;
5869 
5870 	lockdep_assert_held(&ar->conf_mutex);
5871 
5872 	sband = ar->hw->wiphy->bands[def->chan->band];
5873 	basic_rate_idx = ffs(vif->bss_conf.basic_rates) - 1;
5874 	bitrate = sband->bitrates[basic_rate_idx].bitrate;
5875 
5876 	hw_rate_code = ath10k_mac_get_rate_hw_value(bitrate);
5877 	if (hw_rate_code < 0) {
5878 		ath10k_warn(ar, "bitrate not supported %d\n", bitrate);
5879 		return;
5880 	}
5881 
5882 	vdev_param = ar->wmi.vdev_param->mgmt_rate;
5883 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5884 					hw_rate_code);
5885 	if (ret)
5886 		ath10k_warn(ar, "failed to set mgmt tx rate %d\n", ret);
5887 }
5888 
5889 static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
5890 				    struct ieee80211_vif *vif,
5891 				    struct ieee80211_bss_conf *info,
5892 				    u32 changed)
5893 {
5894 	struct ath10k *ar = hw->priv;
5895 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5896 	struct cfg80211_chan_def def;
5897 	u32 vdev_param, pdev_param, slottime, preamble;
5898 	u16 bitrate, hw_value;
5899 	u8 rate, rateidx;
5900 	int ret = 0, mcast_rate;
5901 	enum nl80211_band band;
5902 
5903 	mutex_lock(&ar->conf_mutex);
5904 
5905 	if (changed & BSS_CHANGED_IBSS)
5906 		ath10k_control_ibss(arvif, info, vif->addr);
5907 
5908 	if (changed & BSS_CHANGED_BEACON_INT) {
5909 		arvif->beacon_interval = info->beacon_int;
5910 		vdev_param = ar->wmi.vdev_param->beacon_interval;
5911 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5912 						arvif->beacon_interval);
5913 		ath10k_dbg(ar, ATH10K_DBG_MAC,
5914 			   "mac vdev %d beacon_interval %d\n",
5915 			   arvif->vdev_id, arvif->beacon_interval);
5916 
5917 		if (ret)
5918 			ath10k_warn(ar, "failed to set beacon interval for vdev %d: %i\n",
5919 				    arvif->vdev_id, ret);
5920 	}
5921 
5922 	if (changed & BSS_CHANGED_BEACON) {
5923 		ath10k_dbg(ar, ATH10K_DBG_MAC,
5924 			   "vdev %d set beacon tx mode to staggered\n",
5925 			   arvif->vdev_id);
5926 
5927 		pdev_param = ar->wmi.pdev_param->beacon_tx_mode;
5928 		ret = ath10k_wmi_pdev_set_param(ar, pdev_param,
5929 						WMI_BEACON_STAGGERED_MODE);
5930 		if (ret)
5931 			ath10k_warn(ar, "failed to set beacon mode for vdev %d: %i\n",
5932 				    arvif->vdev_id, ret);
5933 
5934 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
5935 		if (ret)
5936 			ath10k_warn(ar, "failed to update beacon template: %d\n",
5937 				    ret);
5938 
5939 		if (ieee80211_vif_is_mesh(vif)) {
5940 			/* mesh doesn't use SSID but firmware needs it */
5941 			strncpy(arvif->u.ap.ssid, "mesh",
5942 				sizeof(arvif->u.ap.ssid));
5943 			arvif->u.ap.ssid_len = 4;
5944 		}
5945 	}
5946 
5947 	if (changed & BSS_CHANGED_AP_PROBE_RESP) {
5948 		ret = ath10k_mac_setup_prb_tmpl(arvif);
5949 		if (ret)
5950 			ath10k_warn(ar, "failed to setup probe resp template on vdev %i: %d\n",
5951 				    arvif->vdev_id, ret);
5952 	}
5953 
5954 	if (changed & (BSS_CHANGED_BEACON_INFO | BSS_CHANGED_BEACON)) {
5955 		arvif->dtim_period = info->dtim_period;
5956 
5957 		ath10k_dbg(ar, ATH10K_DBG_MAC,
5958 			   "mac vdev %d dtim_period %d\n",
5959 			   arvif->vdev_id, arvif->dtim_period);
5960 
5961 		vdev_param = ar->wmi.vdev_param->dtim_period;
5962 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5963 						arvif->dtim_period);
5964 		if (ret)
5965 			ath10k_warn(ar, "failed to set dtim period for vdev %d: %i\n",
5966 				    arvif->vdev_id, ret);
5967 	}
5968 
5969 	if (changed & BSS_CHANGED_SSID &&
5970 	    vif->type == NL80211_IFTYPE_AP) {
5971 		arvif->u.ap.ssid_len = info->ssid_len;
5972 		if (info->ssid_len)
5973 			memcpy(arvif->u.ap.ssid, info->ssid, info->ssid_len);
5974 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
5975 	}
5976 
5977 	if (changed & BSS_CHANGED_BSSID && !is_zero_ether_addr(info->bssid))
5978 		ether_addr_copy(arvif->bssid, info->bssid);
5979 
5980 	if (changed & BSS_CHANGED_FTM_RESPONDER &&
5981 	    arvif->ftm_responder != info->ftm_responder &&
5982 	    test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
5983 		arvif->ftm_responder = info->ftm_responder;
5984 
5985 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
5986 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5987 						arvif->ftm_responder);
5988 
5989 		ath10k_dbg(ar, ATH10K_DBG_MAC,
5990 			   "mac vdev %d ftm_responder %d:ret %d\n",
5991 			   arvif->vdev_id, arvif->ftm_responder, ret);
5992 	}
5993 
5994 	if (changed & BSS_CHANGED_BEACON_ENABLED)
5995 		ath10k_control_beaconing(arvif, info);
5996 
5997 	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
5998 		arvif->use_cts_prot = info->use_cts_prot;
5999 
6000 		ret = ath10k_recalc_rtscts_prot(arvif);
6001 		if (ret)
6002 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
6003 				    arvif->vdev_id, ret);
6004 
6005 		if (ath10k_mac_can_set_cts_prot(arvif)) {
6006 			ret = ath10k_mac_set_cts_prot(arvif);
6007 			if (ret)
6008 				ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
6009 					    arvif->vdev_id, ret);
6010 		}
6011 	}
6012 
6013 	if (changed & BSS_CHANGED_ERP_SLOT) {
6014 		if (info->use_short_slot)
6015 			slottime = WMI_VDEV_SLOT_TIME_SHORT; /* 9us */
6016 
6017 		else
6018 			slottime = WMI_VDEV_SLOT_TIME_LONG; /* 20us */
6019 
6020 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d slot_time %d\n",
6021 			   arvif->vdev_id, slottime);
6022 
6023 		vdev_param = ar->wmi.vdev_param->slot_time;
6024 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6025 						slottime);
6026 		if (ret)
6027 			ath10k_warn(ar, "failed to set erp slot for vdev %d: %i\n",
6028 				    arvif->vdev_id, ret);
6029 	}
6030 
6031 	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
6032 		if (info->use_short_preamble)
6033 			preamble = WMI_VDEV_PREAMBLE_SHORT;
6034 		else
6035 			preamble = WMI_VDEV_PREAMBLE_LONG;
6036 
6037 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6038 			   "mac vdev %d preamble %dn",
6039 			   arvif->vdev_id, preamble);
6040 
6041 		vdev_param = ar->wmi.vdev_param->preamble;
6042 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6043 						preamble);
6044 		if (ret)
6045 			ath10k_warn(ar, "failed to set preamble for vdev %d: %i\n",
6046 				    arvif->vdev_id, ret);
6047 	}
6048 
6049 	if (changed & BSS_CHANGED_ASSOC) {
6050 		if (info->assoc) {
6051 			/* Workaround: Make sure monitor vdev is not running
6052 			 * when associating to prevent some firmware revisions
6053 			 * (e.g. 10.1 and 10.2) from crashing.
6054 			 */
6055 			if (ar->monitor_started)
6056 				ath10k_monitor_stop(ar);
6057 			ath10k_bss_assoc(hw, vif, info);
6058 			ath10k_monitor_recalc(ar);
6059 		} else {
6060 			ath10k_bss_disassoc(hw, vif);
6061 		}
6062 	}
6063 
6064 	if (changed & BSS_CHANGED_TXPOWER) {
6065 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev_id %i txpower %d\n",
6066 			   arvif->vdev_id, info->txpower);
6067 
6068 		arvif->txpower = info->txpower;
6069 		ret = ath10k_mac_txpower_recalc(ar);
6070 		if (ret)
6071 			ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
6072 	}
6073 
6074 	if (changed & BSS_CHANGED_PS) {
6075 		arvif->ps = vif->bss_conf.ps;
6076 
6077 		ret = ath10k_config_ps(ar);
6078 		if (ret)
6079 			ath10k_warn(ar, "failed to setup ps on vdev %i: %d\n",
6080 				    arvif->vdev_id, ret);
6081 	}
6082 
6083 	if (changed & BSS_CHANGED_MCAST_RATE &&
6084 	    !ath10k_mac_vif_chan(arvif->vif, &def)) {
6085 		band = def.chan->band;
6086 		mcast_rate = vif->bss_conf.mcast_rate[band];
6087 		if (mcast_rate > 0)
6088 			rateidx = mcast_rate - 1;
6089 		else
6090 			rateidx = ffs(vif->bss_conf.basic_rates) - 1;
6091 
6092 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6093 			rateidx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6094 
6095 		bitrate = ath10k_wmi_legacy_rates[rateidx].bitrate;
6096 		hw_value = ath10k_wmi_legacy_rates[rateidx].hw_value;
6097 		if (ath10k_mac_bitrate_is_cck(bitrate))
6098 			preamble = WMI_RATE_PREAMBLE_CCK;
6099 		else
6100 			preamble = WMI_RATE_PREAMBLE_OFDM;
6101 
6102 		rate = ATH10K_HW_RATECODE(hw_value, 0, preamble);
6103 
6104 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6105 			   "mac vdev %d mcast_rate %x\n",
6106 			   arvif->vdev_id, rate);
6107 
6108 		vdev_param = ar->wmi.vdev_param->mcast_data_rate;
6109 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6110 						vdev_param, rate);
6111 		if (ret)
6112 			ath10k_warn(ar,
6113 				    "failed to set mcast rate on vdev %i: %d\n",
6114 				    arvif->vdev_id,  ret);
6115 
6116 		vdev_param = ar->wmi.vdev_param->bcast_data_rate;
6117 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6118 						vdev_param, rate);
6119 		if (ret)
6120 			ath10k_warn(ar,
6121 				    "failed to set bcast rate on vdev %i: %d\n",
6122 				    arvif->vdev_id,  ret);
6123 	}
6124 
6125 	if (changed & BSS_CHANGED_BASIC_RATES &&
6126 	    !ath10k_mac_vif_chan(arvif->vif, &def))
6127 		ath10k_recalculate_mgmt_rate(ar, vif, &def);
6128 
6129 	mutex_unlock(&ar->conf_mutex);
6130 }
6131 
6132 static void ath10k_mac_op_set_coverage_class(struct ieee80211_hw *hw, s16 value)
6133 {
6134 	struct ath10k *ar = hw->priv;
6135 
6136 	/* This function should never be called if setting the coverage class
6137 	 * is not supported on this hardware.
6138 	 */
6139 	if (!ar->hw_params.hw_ops->set_coverage_class) {
6140 		WARN_ON_ONCE(1);
6141 		return;
6142 	}
6143 	ar->hw_params.hw_ops->set_coverage_class(ar, value);
6144 }
6145 
6146 struct ath10k_mac_tdls_iter_data {
6147 	u32 num_tdls_stations;
6148 	struct ieee80211_vif *curr_vif;
6149 };
6150 
6151 static void ath10k_mac_tdls_vif_stations_count_iter(void *data,
6152 						    struct ieee80211_sta *sta)
6153 {
6154 	struct ath10k_mac_tdls_iter_data *iter_data = data;
6155 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
6156 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
6157 
6158 	if (sta->tdls && sta_vif == iter_data->curr_vif)
6159 		iter_data->num_tdls_stations++;
6160 }
6161 
6162 static int ath10k_mac_tdls_vif_stations_count(struct ieee80211_hw *hw,
6163 					      struct ieee80211_vif *vif)
6164 {
6165 	struct ath10k_mac_tdls_iter_data data = {};
6166 
6167 	data.curr_vif = vif;
6168 
6169 	ieee80211_iterate_stations_atomic(hw,
6170 					  ath10k_mac_tdls_vif_stations_count_iter,
6171 					  &data);
6172 	return data.num_tdls_stations;
6173 }
6174 
6175 static int ath10k_hw_scan(struct ieee80211_hw *hw,
6176 			  struct ieee80211_vif *vif,
6177 			  struct ieee80211_scan_request *hw_req)
6178 {
6179 	struct ath10k *ar = hw->priv;
6180 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6181 	struct cfg80211_scan_request *req = &hw_req->req;
6182 	struct wmi_start_scan_arg arg;
6183 	int ret = 0;
6184 	int i;
6185 	u32 scan_timeout;
6186 
6187 	mutex_lock(&ar->conf_mutex);
6188 
6189 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
6190 		ret = -EBUSY;
6191 		goto exit;
6192 	}
6193 
6194 	spin_lock_bh(&ar->data_lock);
6195 	switch (ar->scan.state) {
6196 	case ATH10K_SCAN_IDLE:
6197 		reinit_completion(&ar->scan.started);
6198 		reinit_completion(&ar->scan.completed);
6199 		ar->scan.state = ATH10K_SCAN_STARTING;
6200 		ar->scan.is_roc = false;
6201 		ar->scan.vdev_id = arvif->vdev_id;
6202 		ret = 0;
6203 		break;
6204 	case ATH10K_SCAN_STARTING:
6205 	case ATH10K_SCAN_RUNNING:
6206 	case ATH10K_SCAN_ABORTING:
6207 		ret = -EBUSY;
6208 		break;
6209 	}
6210 	spin_unlock_bh(&ar->data_lock);
6211 
6212 	if (ret)
6213 		goto exit;
6214 
6215 	memset(&arg, 0, sizeof(arg));
6216 	ath10k_wmi_start_scan_init(ar, &arg);
6217 	arg.vdev_id = arvif->vdev_id;
6218 	arg.scan_id = ATH10K_SCAN_ID;
6219 
6220 	if (req->ie_len) {
6221 		arg.ie_len = req->ie_len;
6222 		memcpy(arg.ie, req->ie, arg.ie_len);
6223 	}
6224 
6225 	if (req->n_ssids) {
6226 		arg.n_ssids = req->n_ssids;
6227 		for (i = 0; i < arg.n_ssids; i++) {
6228 			arg.ssids[i].len  = req->ssids[i].ssid_len;
6229 			arg.ssids[i].ssid = req->ssids[i].ssid;
6230 		}
6231 	} else {
6232 		arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
6233 	}
6234 
6235 	if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
6236 		arg.scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOFED_MAC_IN_PROBE_REQ;
6237 		ether_addr_copy(arg.mac_addr.addr, req->mac_addr);
6238 		ether_addr_copy(arg.mac_mask.addr, req->mac_addr_mask);
6239 	}
6240 
6241 	if (req->n_channels) {
6242 		arg.n_channels = req->n_channels;
6243 		for (i = 0; i < arg.n_channels; i++)
6244 			arg.channels[i] = req->channels[i]->center_freq;
6245 	}
6246 
6247 	/* if duration is set, default dwell times will be overwritten */
6248 	if (req->duration) {
6249 		arg.dwell_time_active = req->duration;
6250 		arg.dwell_time_passive = req->duration;
6251 		arg.burst_duration_ms = req->duration;
6252 
6253 		scan_timeout = min_t(u32, arg.max_rest_time *
6254 				(arg.n_channels - 1) + (req->duration +
6255 				ATH10K_SCAN_CHANNEL_SWITCH_WMI_EVT_OVERHEAD) *
6256 				arg.n_channels, arg.max_scan_time + 200);
6257 
6258 	} else {
6259 		/* Add a 200ms margin to account for event/command processing */
6260 		scan_timeout = arg.max_scan_time + 200;
6261 	}
6262 
6263 	ret = ath10k_start_scan(ar, &arg);
6264 	if (ret) {
6265 		ath10k_warn(ar, "failed to start hw scan: %d\n", ret);
6266 		spin_lock_bh(&ar->data_lock);
6267 		ar->scan.state = ATH10K_SCAN_IDLE;
6268 		spin_unlock_bh(&ar->data_lock);
6269 	}
6270 
6271 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
6272 				     msecs_to_jiffies(scan_timeout));
6273 
6274 exit:
6275 	mutex_unlock(&ar->conf_mutex);
6276 	return ret;
6277 }
6278 
6279 static void ath10k_cancel_hw_scan(struct ieee80211_hw *hw,
6280 				  struct ieee80211_vif *vif)
6281 {
6282 	struct ath10k *ar = hw->priv;
6283 
6284 	mutex_lock(&ar->conf_mutex);
6285 	ath10k_scan_abort(ar);
6286 	mutex_unlock(&ar->conf_mutex);
6287 
6288 	cancel_delayed_work_sync(&ar->scan.timeout);
6289 }
6290 
6291 static void ath10k_set_key_h_def_keyidx(struct ath10k *ar,
6292 					struct ath10k_vif *arvif,
6293 					enum set_key_cmd cmd,
6294 					struct ieee80211_key_conf *key)
6295 {
6296 	u32 vdev_param = arvif->ar->wmi.vdev_param->def_keyid;
6297 	int ret;
6298 
6299 	/* 10.1 firmware branch requires default key index to be set to group
6300 	 * key index after installing it. Otherwise FW/HW Txes corrupted
6301 	 * frames with multi-vif APs. This is not required for main firmware
6302 	 * branch (e.g. 636).
6303 	 *
6304 	 * This is also needed for 636 fw for IBSS-RSN to work more reliably.
6305 	 *
6306 	 * FIXME: It remains unknown if this is required for multi-vif STA
6307 	 * interfaces on 10.1.
6308 	 */
6309 
6310 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
6311 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
6312 		return;
6313 
6314 	if (key->cipher == WLAN_CIPHER_SUITE_WEP40)
6315 		return;
6316 
6317 	if (key->cipher == WLAN_CIPHER_SUITE_WEP104)
6318 		return;
6319 
6320 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6321 		return;
6322 
6323 	if (cmd != SET_KEY)
6324 		return;
6325 
6326 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6327 					key->keyidx);
6328 	if (ret)
6329 		ath10k_warn(ar, "failed to set vdev %i group key as default key: %d\n",
6330 			    arvif->vdev_id, ret);
6331 }
6332 
6333 static int ath10k_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
6334 			  struct ieee80211_vif *vif, struct ieee80211_sta *sta,
6335 			  struct ieee80211_key_conf *key)
6336 {
6337 	struct ath10k *ar = hw->priv;
6338 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6339 	struct ath10k_sta *arsta;
6340 	struct ath10k_peer *peer;
6341 	const u8 *peer_addr;
6342 	bool is_wep = key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
6343 		      key->cipher == WLAN_CIPHER_SUITE_WEP104;
6344 	int ret = 0;
6345 	int ret2;
6346 	u32 flags = 0;
6347 	u32 flags2;
6348 
6349 	/* this one needs to be done in software */
6350 	if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
6351 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
6352 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256 ||
6353 	    key->cipher == WLAN_CIPHER_SUITE_BIP_CMAC_256)
6354 		return 1;
6355 
6356 	if (arvif->nohwcrypt)
6357 		return 1;
6358 
6359 	if (key->keyidx > WMI_MAX_KEY_INDEX)
6360 		return -ENOSPC;
6361 
6362 	mutex_lock(&ar->conf_mutex);
6363 
6364 	if (sta) {
6365 		arsta = (struct ath10k_sta *)sta->drv_priv;
6366 		peer_addr = sta->addr;
6367 		spin_lock_bh(&ar->data_lock);
6368 		arsta->ucast_cipher = key->cipher;
6369 		spin_unlock_bh(&ar->data_lock);
6370 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
6371 		peer_addr = vif->bss_conf.bssid;
6372 	} else {
6373 		peer_addr = vif->addr;
6374 	}
6375 
6376 	key->hw_key_idx = key->keyidx;
6377 
6378 	if (is_wep) {
6379 		if (cmd == SET_KEY)
6380 			arvif->wep_keys[key->keyidx] = key;
6381 		else
6382 			arvif->wep_keys[key->keyidx] = NULL;
6383 	}
6384 
6385 	/* the peer should not disappear in mid-way (unless FW goes awry) since
6386 	 * we already hold conf_mutex. we just make sure its there now.
6387 	 */
6388 	spin_lock_bh(&ar->data_lock);
6389 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6390 	spin_unlock_bh(&ar->data_lock);
6391 
6392 	if (!peer) {
6393 		if (cmd == SET_KEY) {
6394 			ath10k_warn(ar, "failed to install key for non-existent peer %pM\n",
6395 				    peer_addr);
6396 			ret = -EOPNOTSUPP;
6397 			goto exit;
6398 		} else {
6399 			/* if the peer doesn't exist there is no key to disable anymore */
6400 			goto exit;
6401 		}
6402 	}
6403 
6404 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6405 		flags |= WMI_KEY_PAIRWISE;
6406 	else
6407 		flags |= WMI_KEY_GROUP;
6408 
6409 	if (is_wep) {
6410 		if (cmd == DISABLE_KEY)
6411 			ath10k_clear_vdev_key(arvif, key);
6412 
6413 		/* When WEP keys are uploaded it's possible that there are
6414 		 * stations associated already (e.g. when merging) without any
6415 		 * keys. Static WEP needs an explicit per-peer key upload.
6416 		 */
6417 		if (vif->type == NL80211_IFTYPE_ADHOC &&
6418 		    cmd == SET_KEY)
6419 			ath10k_mac_vif_update_wep_key(arvif, key);
6420 
6421 		/* 802.1x never sets the def_wep_key_idx so each set_key()
6422 		 * call changes default tx key.
6423 		 *
6424 		 * Static WEP sets def_wep_key_idx via .set_default_unicast_key
6425 		 * after first set_key().
6426 		 */
6427 		if (cmd == SET_KEY && arvif->def_wep_key_idx == -1)
6428 			flags |= WMI_KEY_TX_USAGE;
6429 	}
6430 
6431 	ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags);
6432 	if (ret) {
6433 		WARN_ON(ret > 0);
6434 		ath10k_warn(ar, "failed to install key for vdev %i peer %pM: %d\n",
6435 			    arvif->vdev_id, peer_addr, ret);
6436 		goto exit;
6437 	}
6438 
6439 	/* mac80211 sets static WEP keys as groupwise while firmware requires
6440 	 * them to be installed twice as both pairwise and groupwise.
6441 	 */
6442 	if (is_wep && !sta && vif->type == NL80211_IFTYPE_STATION) {
6443 		flags2 = flags;
6444 		flags2 &= ~WMI_KEY_GROUP;
6445 		flags2 |= WMI_KEY_PAIRWISE;
6446 
6447 		ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags2);
6448 		if (ret) {
6449 			WARN_ON(ret > 0);
6450 			ath10k_warn(ar, "failed to install (ucast) key for vdev %i peer %pM: %d\n",
6451 				    arvif->vdev_id, peer_addr, ret);
6452 			ret2 = ath10k_install_key(arvif, key, DISABLE_KEY,
6453 						  peer_addr, flags);
6454 			if (ret2) {
6455 				WARN_ON(ret2 > 0);
6456 				ath10k_warn(ar, "failed to disable (mcast) key for vdev %i peer %pM: %d\n",
6457 					    arvif->vdev_id, peer_addr, ret2);
6458 			}
6459 			goto exit;
6460 		}
6461 	}
6462 
6463 	ath10k_set_key_h_def_keyidx(ar, arvif, cmd, key);
6464 
6465 	spin_lock_bh(&ar->data_lock);
6466 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6467 	if (peer && cmd == SET_KEY)
6468 		peer->keys[key->keyidx] = key;
6469 	else if (peer && cmd == DISABLE_KEY)
6470 		peer->keys[key->keyidx] = NULL;
6471 	else if (peer == NULL)
6472 		/* impossible unless FW goes crazy */
6473 		ath10k_warn(ar, "Peer %pM disappeared!\n", peer_addr);
6474 	spin_unlock_bh(&ar->data_lock);
6475 
6476 	if (sta && sta->tdls)
6477 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6478 					  ar->wmi.peer_param->authorize, 1);
6479 	else if (sta && cmd == SET_KEY && (key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
6480 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, peer_addr,
6481 					  ar->wmi.peer_param->authorize, 1);
6482 
6483 exit:
6484 	mutex_unlock(&ar->conf_mutex);
6485 	return ret;
6486 }
6487 
6488 static void ath10k_set_default_unicast_key(struct ieee80211_hw *hw,
6489 					   struct ieee80211_vif *vif,
6490 					   int keyidx)
6491 {
6492 	struct ath10k *ar = hw->priv;
6493 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6494 	int ret;
6495 
6496 	mutex_lock(&arvif->ar->conf_mutex);
6497 
6498 	if (arvif->ar->state != ATH10K_STATE_ON)
6499 		goto unlock;
6500 
6501 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d set keyidx %d\n",
6502 		   arvif->vdev_id, keyidx);
6503 
6504 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
6505 					arvif->vdev_id,
6506 					arvif->ar->wmi.vdev_param->def_keyid,
6507 					keyidx);
6508 
6509 	if (ret) {
6510 		ath10k_warn(ar, "failed to update wep key index for vdev %d: %d\n",
6511 			    arvif->vdev_id,
6512 			    ret);
6513 		goto unlock;
6514 	}
6515 
6516 	arvif->def_wep_key_idx = keyidx;
6517 
6518 unlock:
6519 	mutex_unlock(&arvif->ar->conf_mutex);
6520 }
6521 
6522 static void ath10k_sta_rc_update_wk(struct work_struct *wk)
6523 {
6524 	struct ath10k *ar;
6525 	struct ath10k_vif *arvif;
6526 	struct ath10k_sta *arsta;
6527 	struct ieee80211_sta *sta;
6528 	struct cfg80211_chan_def def;
6529 	enum nl80211_band band;
6530 	const u8 *ht_mcs_mask;
6531 	const u16 *vht_mcs_mask;
6532 	u32 changed, bw, nss, smps;
6533 	int err;
6534 
6535 	arsta = container_of(wk, struct ath10k_sta, update_wk);
6536 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
6537 	arvif = arsta->arvif;
6538 	ar = arvif->ar;
6539 
6540 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
6541 		return;
6542 
6543 	band = def.chan->band;
6544 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
6545 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
6546 
6547 	spin_lock_bh(&ar->data_lock);
6548 
6549 	changed = arsta->changed;
6550 	arsta->changed = 0;
6551 
6552 	bw = arsta->bw;
6553 	nss = arsta->nss;
6554 	smps = arsta->smps;
6555 
6556 	spin_unlock_bh(&ar->data_lock);
6557 
6558 	mutex_lock(&ar->conf_mutex);
6559 
6560 	nss = max_t(u32, 1, nss);
6561 	nss = min(nss, max(ath10k_mac_max_ht_nss(ht_mcs_mask),
6562 			   ath10k_mac_max_vht_nss(vht_mcs_mask)));
6563 
6564 	if (changed & IEEE80211_RC_BW_CHANGED) {
6565 		enum wmi_phy_mode mode;
6566 
6567 		mode = chan_to_phymode(&def);
6568 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM peer bw %d phymode %d\n",
6569 			   sta->addr, bw, mode);
6570 
6571 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6572 						ar->wmi.peer_param->phymode, mode);
6573 		if (err) {
6574 			ath10k_warn(ar, "failed to update STA %pM peer phymode %d: %d\n",
6575 				    sta->addr, mode, err);
6576 			goto exit;
6577 		}
6578 
6579 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6580 						ar->wmi.peer_param->chan_width, bw);
6581 		if (err)
6582 			ath10k_warn(ar, "failed to update STA %pM peer bw %d: %d\n",
6583 				    sta->addr, bw, err);
6584 	}
6585 
6586 	if (changed & IEEE80211_RC_NSS_CHANGED) {
6587 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM nss %d\n",
6588 			   sta->addr, nss);
6589 
6590 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6591 						ar->wmi.peer_param->nss, nss);
6592 		if (err)
6593 			ath10k_warn(ar, "failed to update STA %pM nss %d: %d\n",
6594 				    sta->addr, nss, err);
6595 	}
6596 
6597 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
6598 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM smps %d\n",
6599 			   sta->addr, smps);
6600 
6601 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6602 						ar->wmi.peer_param->smps_state, smps);
6603 		if (err)
6604 			ath10k_warn(ar, "failed to update STA %pM smps %d: %d\n",
6605 				    sta->addr, smps, err);
6606 	}
6607 
6608 	if (changed & IEEE80211_RC_SUPP_RATES_CHANGED) {
6609 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM supp rates\n",
6610 			   sta->addr);
6611 
6612 		err = ath10k_station_assoc(ar, arvif->vif, sta, true);
6613 		if (err)
6614 			ath10k_warn(ar, "failed to reassociate station: %pM\n",
6615 				    sta->addr);
6616 	}
6617 
6618 exit:
6619 	mutex_unlock(&ar->conf_mutex);
6620 }
6621 
6622 static int ath10k_mac_inc_num_stations(struct ath10k_vif *arvif,
6623 				       struct ieee80211_sta *sta)
6624 {
6625 	struct ath10k *ar = arvif->ar;
6626 
6627 	lockdep_assert_held(&ar->conf_mutex);
6628 
6629 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6630 		return 0;
6631 
6632 	if (ar->num_stations >= ar->max_num_stations)
6633 		return -ENOBUFS;
6634 
6635 	ar->num_stations++;
6636 
6637 	return 0;
6638 }
6639 
6640 static void ath10k_mac_dec_num_stations(struct ath10k_vif *arvif,
6641 					struct ieee80211_sta *sta)
6642 {
6643 	struct ath10k *ar = arvif->ar;
6644 
6645 	lockdep_assert_held(&ar->conf_mutex);
6646 
6647 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6648 		return;
6649 
6650 	ar->num_stations--;
6651 }
6652 
6653 static int ath10k_sta_set_txpwr(struct ieee80211_hw *hw,
6654 				struct ieee80211_vif *vif,
6655 				struct ieee80211_sta *sta)
6656 {
6657 	struct ath10k *ar = hw->priv;
6658 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6659 	int ret = 0;
6660 	s16 txpwr;
6661 
6662 	if (sta->txpwr.type == NL80211_TX_POWER_AUTOMATIC) {
6663 		txpwr = 0;
6664 	} else {
6665 		txpwr = sta->txpwr.power;
6666 		if (!txpwr)
6667 			return -EINVAL;
6668 	}
6669 
6670 	if (txpwr > ATH10K_TX_POWER_MAX_VAL || txpwr < ATH10K_TX_POWER_MIN_VAL)
6671 		return -EINVAL;
6672 
6673 	mutex_lock(&ar->conf_mutex);
6674 
6675 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6676 					ar->wmi.peer_param->use_fixed_power, txpwr);
6677 	if (ret) {
6678 		ath10k_warn(ar, "failed to set tx power for station ret: %d\n",
6679 			    ret);
6680 		goto out;
6681 	}
6682 
6683 out:
6684 	mutex_unlock(&ar->conf_mutex);
6685 	return ret;
6686 }
6687 
6688 struct ath10k_mac_iter_tid_conf_data {
6689 	struct ieee80211_vif *curr_vif;
6690 	struct ath10k *ar;
6691 	bool reset_config;
6692 };
6693 
6694 static bool
6695 ath10k_mac_bitrate_mask_has_single_rate(struct ath10k *ar,
6696 					enum nl80211_band band,
6697 					const struct cfg80211_bitrate_mask *mask,
6698 					int *vht_num_rates)
6699 {
6700 	int num_rates = 0;
6701 	int i, tmp;
6702 
6703 	num_rates += hweight32(mask->control[band].legacy);
6704 
6705 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++)
6706 		num_rates += hweight8(mask->control[band].ht_mcs[i]);
6707 
6708 	*vht_num_rates = 0;
6709 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6710 		tmp = hweight16(mask->control[band].vht_mcs[i]);
6711 		num_rates += tmp;
6712 		*vht_num_rates += tmp;
6713 	}
6714 
6715 	return num_rates == 1;
6716 }
6717 
6718 static int
6719 ath10k_mac_bitrate_mask_get_single_rate(struct ath10k *ar,
6720 					enum nl80211_band band,
6721 					const struct cfg80211_bitrate_mask *mask,
6722 					u8 *rate, u8 *nss, bool vht_only)
6723 {
6724 	int rate_idx;
6725 	int i;
6726 	u16 bitrate;
6727 	u8 preamble;
6728 	u8 hw_rate;
6729 
6730 	if (vht_only)
6731 		goto next;
6732 
6733 	if (hweight32(mask->control[band].legacy) == 1) {
6734 		rate_idx = ffs(mask->control[band].legacy) - 1;
6735 
6736 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6737 			rate_idx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6738 
6739 		hw_rate = ath10k_wmi_legacy_rates[rate_idx].hw_value;
6740 		bitrate = ath10k_wmi_legacy_rates[rate_idx].bitrate;
6741 
6742 		if (ath10k_mac_bitrate_is_cck(bitrate))
6743 			preamble = WMI_RATE_PREAMBLE_CCK;
6744 		else
6745 			preamble = WMI_RATE_PREAMBLE_OFDM;
6746 
6747 		*nss = 1;
6748 		*rate = preamble << 6 |
6749 			(*nss - 1) << 4 |
6750 			hw_rate << 0;
6751 
6752 		return 0;
6753 	}
6754 
6755 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
6756 		if (hweight8(mask->control[band].ht_mcs[i]) == 1) {
6757 			*nss = i + 1;
6758 			*rate = WMI_RATE_PREAMBLE_HT << 6 |
6759 				(*nss - 1) << 4 |
6760 				(ffs(mask->control[band].ht_mcs[i]) - 1);
6761 
6762 			return 0;
6763 		}
6764 	}
6765 
6766 next:
6767 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6768 		if (hweight16(mask->control[band].vht_mcs[i]) == 1) {
6769 			*nss = i + 1;
6770 			*rate = WMI_RATE_PREAMBLE_VHT << 6 |
6771 				(*nss - 1) << 4 |
6772 				(ffs(mask->control[band].vht_mcs[i]) - 1);
6773 
6774 			return 0;
6775 		}
6776 	}
6777 
6778 	return -EINVAL;
6779 }
6780 
6781 static int ath10k_mac_validate_rate_mask(struct ath10k *ar,
6782 					 struct ieee80211_sta *sta,
6783 					 u32 rate_ctrl_flag, u8 nss)
6784 {
6785 	if (nss > sta->rx_nss) {
6786 		ath10k_warn(ar, "Invalid nss field, configured %u limit %u\n",
6787 			    nss, sta->rx_nss);
6788 		return -EINVAL;
6789 	}
6790 
6791 	if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_VHT) {
6792 		if (!sta->vht_cap.vht_supported) {
6793 			ath10k_warn(ar, "Invalid VHT rate for sta %pM\n",
6794 				    sta->addr);
6795 			return -EINVAL;
6796 		}
6797 	} else if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_HT) {
6798 		if (!sta->ht_cap.ht_supported || sta->vht_cap.vht_supported) {
6799 			ath10k_warn(ar, "Invalid HT rate for sta %pM\n",
6800 				    sta->addr);
6801 			return -EINVAL;
6802 		}
6803 	} else {
6804 		if (sta->ht_cap.ht_supported || sta->vht_cap.vht_supported)
6805 			return -EINVAL;
6806 	}
6807 
6808 	return 0;
6809 }
6810 
6811 static int
6812 ath10k_mac_tid_bitrate_config(struct ath10k *ar,
6813 			      struct ieee80211_vif *vif,
6814 			      struct ieee80211_sta *sta,
6815 			      u32 *rate_ctrl_flag, u8 *rate_ctrl,
6816 			      enum nl80211_tx_rate_setting txrate_type,
6817 			      const struct cfg80211_bitrate_mask *mask)
6818 {
6819 	struct cfg80211_chan_def def;
6820 	enum nl80211_band band;
6821 	u8 nss, rate;
6822 	int vht_num_rates, ret;
6823 
6824 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
6825 		return -EINVAL;
6826 
6827 	if (txrate_type == NL80211_TX_RATE_AUTOMATIC) {
6828 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
6829 		*rate_ctrl_flag = 0;
6830 		return 0;
6831 	}
6832 
6833 	band = def.chan->band;
6834 
6835 	if (!ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
6836 						     &vht_num_rates)) {
6837 		return -EINVAL;
6838 	}
6839 
6840 	ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
6841 						      &rate, &nss, false);
6842 	if (ret) {
6843 		ath10k_warn(ar, "failed to get single rate: %d\n",
6844 			    ret);
6845 		return ret;
6846 	}
6847 
6848 	*rate_ctrl_flag = rate;
6849 
6850 	if (sta && ath10k_mac_validate_rate_mask(ar, sta, *rate_ctrl_flag, nss))
6851 		return -EINVAL;
6852 
6853 	if (txrate_type == NL80211_TX_RATE_FIXED)
6854 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_FIXED_RATE;
6855 	else if (txrate_type == NL80211_TX_RATE_LIMITED &&
6856 		 (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
6857 			   ar->wmi.svc_map)))
6858 		*rate_ctrl = WMI_PEER_TID_CONFIG_RATE_UPPER_CAP;
6859 	else
6860 		return -EOPNOTSUPP;
6861 
6862 	return 0;
6863 }
6864 
6865 static int ath10k_mac_set_tid_config(struct ath10k *ar, struct ieee80211_sta *sta,
6866 				     struct ieee80211_vif *vif, u32 changed,
6867 				     struct wmi_per_peer_per_tid_cfg_arg *arg)
6868 {
6869 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6870 	struct ath10k_sta *arsta;
6871 	int ret;
6872 
6873 	if (sta) {
6874 		if (!sta->wme)
6875 			return -ENOTSUPP;
6876 
6877 		arsta = (struct ath10k_sta *)sta->drv_priv;
6878 
6879 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
6880 			if ((arsta->retry_long[arg->tid] > 0 ||
6881 			     arsta->rate_code[arg->tid] > 0 ||
6882 			     arsta->ampdu[arg->tid] ==
6883 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
6884 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
6885 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
6886 				arg->ack_policy = 0;
6887 				arg->aggr_control = 0;
6888 				arg->rate_ctrl = 0;
6889 				arg->rcode_flags = 0;
6890 			}
6891 		}
6892 
6893 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
6894 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
6895 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
6896 				arg->aggr_control = 0;
6897 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
6898 			}
6899 		}
6900 
6901 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
6902 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
6903 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
6904 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
6905 				arg->rate_ctrl = 0;
6906 				arg->rcode_flags = 0;
6907 			}
6908 		}
6909 
6910 		ether_addr_copy(arg->peer_macaddr.addr, sta->addr);
6911 
6912 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, arg);
6913 		if (ret)
6914 			return ret;
6915 
6916 		/* Store the configured parameters in success case */
6917 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
6918 			arsta->noack[arg->tid] = arg->ack_policy;
6919 			arg->ack_policy = 0;
6920 			arg->aggr_control = 0;
6921 			arg->rate_ctrl = 0;
6922 			arg->rcode_flags = 0;
6923 		}
6924 
6925 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
6926 			arsta->retry_long[arg->tid] = arg->retry_count;
6927 			arg->retry_count = 0;
6928 		}
6929 
6930 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
6931 			arsta->ampdu[arg->tid] = arg->aggr_control;
6932 			arg->aggr_control = 0;
6933 		}
6934 
6935 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
6936 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
6937 			arsta->rate_ctrl[arg->tid] = arg->rate_ctrl;
6938 			arg->rate_ctrl = 0;
6939 			arg->rcode_flags = 0;
6940 		}
6941 
6942 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
6943 			arsta->rtscts[arg->tid] = arg->rtscts_ctrl;
6944 			arg->ext_tid_cfg_bitmap = 0;
6945 		}
6946 	} else {
6947 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
6948 			if ((arvif->retry_long[arg->tid] ||
6949 			     arvif->rate_code[arg->tid] ||
6950 			     arvif->ampdu[arg->tid] ==
6951 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
6952 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
6953 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
6954 			} else {
6955 				arvif->noack[arg->tid] = arg->ack_policy;
6956 				arvif->ampdu[arg->tid] = arg->aggr_control;
6957 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
6958 			}
6959 		}
6960 
6961 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
6962 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
6963 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
6964 			else
6965 				arvif->retry_long[arg->tid] = arg->retry_count;
6966 		}
6967 
6968 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
6969 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
6970 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL);
6971 			else
6972 				arvif->ampdu[arg->tid] = arg->aggr_control;
6973 		}
6974 
6975 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
6976 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
6977 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
6978 				changed &= ~(BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
6979 					     BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE));
6980 			} else {
6981 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
6982 				arvif->rate_code[arg->tid] = arg->rcode_flags;
6983 			}
6984 		}
6985 
6986 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
6987 			arvif->rtscts[arg->tid] = arg->rtscts_ctrl;
6988 			arg->ext_tid_cfg_bitmap = 0;
6989 		}
6990 
6991 		if (changed)
6992 			arvif->tid_conf_changed[arg->tid] |= changed;
6993 	}
6994 
6995 	return 0;
6996 }
6997 
6998 static int
6999 ath10k_mac_parse_tid_config(struct ath10k *ar,
7000 			    struct ieee80211_sta *sta,
7001 			    struct ieee80211_vif *vif,
7002 			    struct cfg80211_tid_cfg *tid_conf,
7003 			    struct wmi_per_peer_per_tid_cfg_arg *arg)
7004 {
7005 	u32 changed = tid_conf->mask;
7006 	int ret = 0, i = 0;
7007 
7008 	if (!changed)
7009 		return -EINVAL;
7010 
7011 	while (i < ATH10K_TID_MAX) {
7012 		if (!(tid_conf->tids & BIT(i))) {
7013 			i++;
7014 			continue;
7015 		}
7016 
7017 		arg->tid = i;
7018 
7019 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7020 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE) {
7021 				arg->ack_policy = WMI_PEER_TID_CONFIG_NOACK;
7022 				arg->rate_ctrl =
7023 				WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
7024 				arg->aggr_control =
7025 					WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7026 			} else {
7027 				arg->ack_policy =
7028 					WMI_PEER_TID_CONFIG_ACK;
7029 				arg->rate_ctrl =
7030 					WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7031 				arg->aggr_control =
7032 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7033 			}
7034 		}
7035 
7036 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG))
7037 			arg->retry_count = tid_conf->retry_long;
7038 
7039 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7040 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE)
7041 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7042 			else
7043 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7044 		}
7045 
7046 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7047 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7048 			ret = ath10k_mac_tid_bitrate_config(ar, vif, sta,
7049 							    &arg->rcode_flags,
7050 							    &arg->rate_ctrl,
7051 							    tid_conf->txrate_type,
7052 							&tid_conf->txrate_mask);
7053 			if (ret) {
7054 				ath10k_warn(ar, "failed to configure bitrate mask %d\n",
7055 					    ret);
7056 				arg->rcode_flags = 0;
7057 				arg->rate_ctrl = 0;
7058 			}
7059 		}
7060 
7061 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7062 			if (tid_conf->rtscts)
7063 				arg->rtscts_ctrl = tid_conf->rtscts;
7064 
7065 			arg->ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7066 		}
7067 
7068 		ret = ath10k_mac_set_tid_config(ar, sta, vif, changed, arg);
7069 		if (ret)
7070 			return ret;
7071 		i++;
7072 	}
7073 
7074 	return ret;
7075 }
7076 
7077 static int ath10k_mac_reset_tid_config(struct ath10k *ar,
7078 				       struct ieee80211_sta *sta,
7079 				       struct ath10k_vif *arvif,
7080 				       u8 tids)
7081 {
7082 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7083 	struct wmi_per_peer_per_tid_cfg_arg arg;
7084 	int ret = 0, i = 0;
7085 
7086 	arg.vdev_id = arvif->vdev_id;
7087 	while (i < ATH10K_TID_MAX) {
7088 		if (!(tids & BIT(i))) {
7089 			i++;
7090 			continue;
7091 		}
7092 
7093 		arg.tid = i;
7094 		arg.ack_policy = WMI_PEER_TID_CONFIG_ACK;
7095 		arg.retry_count = ATH10K_MAX_RETRY_COUNT;
7096 		arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7097 		arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7098 		arg.rtscts_ctrl = WMI_TID_CONFIG_RTSCTS_CONTROL_ENABLE;
7099 		arg.ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7100 
7101 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7102 
7103 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7104 		if (ret)
7105 			return ret;
7106 
7107 		if (!arvif->tids_rst) {
7108 			arsta->retry_long[i] = -1;
7109 			arsta->noack[i] = -1;
7110 			arsta->ampdu[i] = -1;
7111 			arsta->rate_code[i] = -1;
7112 			arsta->rate_ctrl[i] = 0;
7113 			arsta->rtscts[i] = -1;
7114 		} else {
7115 			arvif->retry_long[i] = 0;
7116 			arvif->noack[i] = 0;
7117 			arvif->ampdu[i] = 0;
7118 			arvif->rate_code[i] = 0;
7119 			arvif->rate_ctrl[i] = 0;
7120 			arvif->rtscts[i] = 0;
7121 		}
7122 
7123 		i++;
7124 	}
7125 
7126 	return ret;
7127 }
7128 
7129 static void ath10k_sta_tid_cfg_wk(struct work_struct *wk)
7130 {
7131 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
7132 	struct ieee80211_sta *sta;
7133 	struct ath10k_sta *arsta;
7134 	struct ath10k_vif *arvif;
7135 	struct ath10k *ar;
7136 	bool config_apply;
7137 	int ret, i;
7138 	u32 changed;
7139 	u8 nss;
7140 
7141 	arsta = container_of(wk, struct ath10k_sta, tid_config_wk);
7142 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
7143 	arvif = arsta->arvif;
7144 	ar = arvif->ar;
7145 
7146 	mutex_lock(&ar->conf_mutex);
7147 
7148 	if (arvif->tids_rst) {
7149 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif,
7150 						  arvif->tids_rst);
7151 		goto exit;
7152 	}
7153 
7154 	ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7155 
7156 	for (i = 0; i < ATH10K_TID_MAX; i++) {
7157 		config_apply = false;
7158 		changed = arvif->tid_conf_changed[i];
7159 
7160 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7161 			if (arsta->noack[i] != -1) {
7162 				arg.ack_policy  = 0;
7163 			} else {
7164 				config_apply = true;
7165 				arg.ack_policy = arvif->noack[i];
7166 				arg.aggr_control = arvif->ampdu[i];
7167 				arg.rate_ctrl = arvif->rate_ctrl[i];
7168 			}
7169 		}
7170 
7171 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7172 			if (arsta->retry_long[i] != -1 ||
7173 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7174 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7175 				arg.retry_count = 0;
7176 			} else {
7177 				arg.retry_count = arvif->retry_long[i];
7178 				config_apply = true;
7179 			}
7180 		}
7181 
7182 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7183 			if (arsta->ampdu[i] != -1 ||
7184 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7185 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7186 				arg.aggr_control = 0;
7187 			} else {
7188 				arg.aggr_control = arvif->ampdu[i];
7189 				config_apply = true;
7190 			}
7191 		}
7192 
7193 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7194 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7195 			nss = ATH10K_HW_NSS(arvif->rate_code[i]);
7196 			ret = ath10k_mac_validate_rate_mask(ar, sta,
7197 							    arvif->rate_code[i],
7198 							    nss);
7199 			if (ret &&
7200 			    arvif->rate_ctrl[i] > WMI_TID_CONFIG_RATE_CONTROL_AUTO) {
7201 				arg.rate_ctrl = 0;
7202 				arg.rcode_flags = 0;
7203 			}
7204 
7205 			if (arsta->rate_ctrl[i] >
7206 			    WMI_TID_CONFIG_RATE_CONTROL_AUTO ||
7207 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7208 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7209 				arg.rate_ctrl = 0;
7210 				arg.rcode_flags = 0;
7211 			} else {
7212 				arg.rate_ctrl = arvif->rate_ctrl[i];
7213 				arg.rcode_flags = arvif->rate_code[i];
7214 				config_apply = true;
7215 			}
7216 		}
7217 
7218 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7219 			if (arsta->rtscts[i]) {
7220 				arg.rtscts_ctrl = 0;
7221 				arg.ext_tid_cfg_bitmap = 0;
7222 			} else {
7223 				arg.rtscts_ctrl = arvif->rtscts[i] - 1;
7224 				arg.ext_tid_cfg_bitmap =
7225 					WMI_EXT_TID_RTS_CTS_CONFIG;
7226 				config_apply = true;
7227 			}
7228 		}
7229 
7230 		arg.tid = i;
7231 
7232 		if (config_apply) {
7233 			ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7234 			if (ret)
7235 				ath10k_warn(ar, "failed to set per tid config for sta %pM: %d\n",
7236 					    sta->addr, ret);
7237 		}
7238 
7239 		arg.ack_policy  = 0;
7240 		arg.retry_count  = 0;
7241 		arg.aggr_control  = 0;
7242 		arg.rate_ctrl = 0;
7243 		arg.rcode_flags = 0;
7244 	}
7245 
7246 exit:
7247 	mutex_unlock(&ar->conf_mutex);
7248 }
7249 
7250 static void ath10k_mac_vif_stations_tid_conf(void *data,
7251 					     struct ieee80211_sta *sta)
7252 {
7253 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7254 	struct ath10k_mac_iter_tid_conf_data *iter_data = data;
7255 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
7256 
7257 	if (sta_vif != iter_data->curr_vif || !sta->wme)
7258 		return;
7259 
7260 	ieee80211_queue_work(iter_data->ar->hw, &arsta->tid_config_wk);
7261 }
7262 
7263 static int ath10k_sta_state(struct ieee80211_hw *hw,
7264 			    struct ieee80211_vif *vif,
7265 			    struct ieee80211_sta *sta,
7266 			    enum ieee80211_sta_state old_state,
7267 			    enum ieee80211_sta_state new_state)
7268 {
7269 	struct ath10k *ar = hw->priv;
7270 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7271 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7272 	struct ath10k_peer *peer;
7273 	int ret = 0;
7274 	int i;
7275 
7276 	if (old_state == IEEE80211_STA_NOTEXIST &&
7277 	    new_state == IEEE80211_STA_NONE) {
7278 		memset(arsta, 0, sizeof(*arsta));
7279 		arsta->arvif = arvif;
7280 		arsta->peer_ps_state = WMI_PEER_PS_STATE_DISABLED;
7281 		INIT_WORK(&arsta->update_wk, ath10k_sta_rc_update_wk);
7282 		INIT_WORK(&arsta->tid_config_wk, ath10k_sta_tid_cfg_wk);
7283 
7284 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7285 			ath10k_mac_txq_init(sta->txq[i]);
7286 	}
7287 
7288 	/* cancel must be done outside the mutex to avoid deadlock */
7289 	if ((old_state == IEEE80211_STA_NONE &&
7290 	     new_state == IEEE80211_STA_NOTEXIST)) {
7291 		cancel_work_sync(&arsta->update_wk);
7292 		cancel_work_sync(&arsta->tid_config_wk);
7293 	}
7294 
7295 	mutex_lock(&ar->conf_mutex);
7296 
7297 	if (old_state == IEEE80211_STA_NOTEXIST &&
7298 	    new_state == IEEE80211_STA_NONE) {
7299 		/*
7300 		 * New station addition.
7301 		 */
7302 		enum wmi_peer_type peer_type = WMI_PEER_TYPE_DEFAULT;
7303 		u32 num_tdls_stations;
7304 
7305 		ath10k_dbg(ar, ATH10K_DBG_MAC,
7306 			   "mac vdev %d peer create %pM (new sta) sta %d / %d peer %d / %d\n",
7307 			   arvif->vdev_id, sta->addr,
7308 			   ar->num_stations + 1, ar->max_num_stations,
7309 			   ar->num_peers + 1, ar->max_num_peers);
7310 
7311 		num_tdls_stations = ath10k_mac_tdls_vif_stations_count(hw, vif);
7312 
7313 		if (sta->tdls) {
7314 			if (num_tdls_stations >= ar->max_num_tdls_vdevs) {
7315 				ath10k_warn(ar, "vdev %i exceeded maximum number of tdls vdevs %i\n",
7316 					    arvif->vdev_id,
7317 					    ar->max_num_tdls_vdevs);
7318 				ret = -ELNRNG;
7319 				goto exit;
7320 			}
7321 			peer_type = WMI_PEER_TYPE_TDLS;
7322 		}
7323 
7324 		ret = ath10k_mac_inc_num_stations(arvif, sta);
7325 		if (ret) {
7326 			ath10k_warn(ar, "refusing to associate station: too many connected already (%d)\n",
7327 				    ar->max_num_stations);
7328 			goto exit;
7329 		}
7330 
7331 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7332 			arsta->tx_stats = kzalloc(sizeof(*arsta->tx_stats),
7333 						  GFP_KERNEL);
7334 			if (!arsta->tx_stats) {
7335 				ath10k_mac_dec_num_stations(arvif, sta);
7336 				ret = -ENOMEM;
7337 				goto exit;
7338 			}
7339 		}
7340 
7341 		ret = ath10k_peer_create(ar, vif, sta, arvif->vdev_id,
7342 					 sta->addr, peer_type);
7343 		if (ret) {
7344 			ath10k_warn(ar, "failed to add peer %pM for vdev %d when adding a new sta: %i\n",
7345 				    sta->addr, arvif->vdev_id, ret);
7346 			ath10k_mac_dec_num_stations(arvif, sta);
7347 			kfree(arsta->tx_stats);
7348 			goto exit;
7349 		}
7350 
7351 		spin_lock_bh(&ar->data_lock);
7352 
7353 		peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
7354 		if (!peer) {
7355 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
7356 				    vif->addr, arvif->vdev_id);
7357 			spin_unlock_bh(&ar->data_lock);
7358 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7359 			ath10k_mac_dec_num_stations(arvif, sta);
7360 			kfree(arsta->tx_stats);
7361 			ret = -ENOENT;
7362 			goto exit;
7363 		}
7364 
7365 		arsta->peer_id = find_first_bit(peer->peer_ids,
7366 						ATH10K_MAX_NUM_PEER_IDS);
7367 
7368 		spin_unlock_bh(&ar->data_lock);
7369 
7370 		if (!sta->tdls)
7371 			goto exit;
7372 
7373 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7374 						      WMI_TDLS_ENABLE_ACTIVE);
7375 		if (ret) {
7376 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7377 				    arvif->vdev_id, ret);
7378 			ath10k_peer_delete(ar, arvif->vdev_id,
7379 					   sta->addr);
7380 			ath10k_mac_dec_num_stations(arvif, sta);
7381 			kfree(arsta->tx_stats);
7382 			goto exit;
7383 		}
7384 
7385 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7386 						  WMI_TDLS_PEER_STATE_PEERING);
7387 		if (ret) {
7388 			ath10k_warn(ar,
7389 				    "failed to update tdls peer %pM for vdev %d when adding a new sta: %i\n",
7390 				    sta->addr, arvif->vdev_id, ret);
7391 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7392 			ath10k_mac_dec_num_stations(arvif, sta);
7393 			kfree(arsta->tx_stats);
7394 
7395 			if (num_tdls_stations != 0)
7396 				goto exit;
7397 			ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7398 							WMI_TDLS_DISABLE);
7399 		}
7400 	} else if ((old_state == IEEE80211_STA_NONE &&
7401 		    new_state == IEEE80211_STA_NOTEXIST)) {
7402 		/*
7403 		 * Existing station deletion.
7404 		 */
7405 		ath10k_dbg(ar, ATH10K_DBG_MAC,
7406 			   "mac vdev %d peer delete %pM sta %pK (sta gone)\n",
7407 			   arvif->vdev_id, sta->addr, sta);
7408 
7409 		if (sta->tdls) {
7410 			ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id,
7411 							  sta,
7412 							  WMI_TDLS_PEER_STATE_TEARDOWN);
7413 			if (ret)
7414 				ath10k_warn(ar, "failed to update tdls peer state for %pM state %d: %i\n",
7415 					    sta->addr,
7416 					    WMI_TDLS_PEER_STATE_TEARDOWN, ret);
7417 		}
7418 
7419 		ret = ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7420 		if (ret)
7421 			ath10k_warn(ar, "failed to delete peer %pM for vdev %d: %i\n",
7422 				    sta->addr, arvif->vdev_id, ret);
7423 
7424 		ath10k_mac_dec_num_stations(arvif, sta);
7425 
7426 		spin_lock_bh(&ar->data_lock);
7427 		for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
7428 			peer = ar->peer_map[i];
7429 			if (!peer)
7430 				continue;
7431 
7432 			if (peer->sta == sta) {
7433 				ath10k_warn(ar, "found sta peer %pM (ptr %pK id %d) entry on vdev %i after it was supposedly removed\n",
7434 					    sta->addr, peer, i, arvif->vdev_id);
7435 				peer->sta = NULL;
7436 
7437 				/* Clean up the peer object as well since we
7438 				 * must have failed to do this above.
7439 				 */
7440 				list_del(&peer->list);
7441 				ar->peer_map[i] = NULL;
7442 				kfree(peer);
7443 				ar->num_peers--;
7444 			}
7445 		}
7446 		spin_unlock_bh(&ar->data_lock);
7447 
7448 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7449 			kfree(arsta->tx_stats);
7450 			arsta->tx_stats = NULL;
7451 		}
7452 
7453 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7454 			ath10k_mac_txq_unref(ar, sta->txq[i]);
7455 
7456 		if (!sta->tdls)
7457 			goto exit;
7458 
7459 		if (ath10k_mac_tdls_vif_stations_count(hw, vif))
7460 			goto exit;
7461 
7462 		/* This was the last tdls peer in current vif */
7463 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7464 						      WMI_TDLS_DISABLE);
7465 		if (ret) {
7466 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7467 				    arvif->vdev_id, ret);
7468 		}
7469 	} else if (old_state == IEEE80211_STA_AUTH &&
7470 		   new_state == IEEE80211_STA_ASSOC &&
7471 		   (vif->type == NL80211_IFTYPE_AP ||
7472 		    vif->type == NL80211_IFTYPE_MESH_POINT ||
7473 		    vif->type == NL80211_IFTYPE_ADHOC)) {
7474 		/*
7475 		 * New association.
7476 		 */
7477 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac sta %pM associated\n",
7478 			   sta->addr);
7479 
7480 		ret = ath10k_station_assoc(ar, vif, sta, false);
7481 		if (ret)
7482 			ath10k_warn(ar, "failed to associate station %pM for vdev %i: %i\n",
7483 				    sta->addr, arvif->vdev_id, ret);
7484 	} else if (old_state == IEEE80211_STA_ASSOC &&
7485 		   new_state == IEEE80211_STA_AUTHORIZED &&
7486 		   sta->tdls) {
7487 		/*
7488 		 * Tdls station authorized.
7489 		 */
7490 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac tdls sta %pM authorized\n",
7491 			   sta->addr);
7492 
7493 		ret = ath10k_station_assoc(ar, vif, sta, false);
7494 		if (ret) {
7495 			ath10k_warn(ar, "failed to associate tdls station %pM for vdev %i: %i\n",
7496 				    sta->addr, arvif->vdev_id, ret);
7497 			goto exit;
7498 		}
7499 
7500 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7501 						  WMI_TDLS_PEER_STATE_CONNECTED);
7502 		if (ret)
7503 			ath10k_warn(ar, "failed to update tdls peer %pM for vdev %i: %i\n",
7504 				    sta->addr, arvif->vdev_id, ret);
7505 	} else if (old_state == IEEE80211_STA_ASSOC &&
7506 		    new_state == IEEE80211_STA_AUTH &&
7507 		    (vif->type == NL80211_IFTYPE_AP ||
7508 		     vif->type == NL80211_IFTYPE_MESH_POINT ||
7509 		     vif->type == NL80211_IFTYPE_ADHOC)) {
7510 		/*
7511 		 * Disassociation.
7512 		 */
7513 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac sta %pM disassociated\n",
7514 			   sta->addr);
7515 
7516 		ret = ath10k_station_disassoc(ar, vif, sta);
7517 		if (ret)
7518 			ath10k_warn(ar, "failed to disassociate station: %pM vdev %i: %i\n",
7519 				    sta->addr, arvif->vdev_id, ret);
7520 	}
7521 exit:
7522 	mutex_unlock(&ar->conf_mutex);
7523 	return ret;
7524 }
7525 
7526 static int ath10k_conf_tx_uapsd(struct ath10k *ar, struct ieee80211_vif *vif,
7527 				u16 ac, bool enable)
7528 {
7529 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7530 	struct wmi_sta_uapsd_auto_trig_arg arg = {};
7531 	u32 prio = 0, acc = 0;
7532 	u32 value = 0;
7533 	int ret = 0;
7534 
7535 	lockdep_assert_held(&ar->conf_mutex);
7536 
7537 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
7538 		return 0;
7539 
7540 	switch (ac) {
7541 	case IEEE80211_AC_VO:
7542 		value = WMI_STA_PS_UAPSD_AC3_DELIVERY_EN |
7543 			WMI_STA_PS_UAPSD_AC3_TRIGGER_EN;
7544 		prio = 7;
7545 		acc = 3;
7546 		break;
7547 	case IEEE80211_AC_VI:
7548 		value = WMI_STA_PS_UAPSD_AC2_DELIVERY_EN |
7549 			WMI_STA_PS_UAPSD_AC2_TRIGGER_EN;
7550 		prio = 5;
7551 		acc = 2;
7552 		break;
7553 	case IEEE80211_AC_BE:
7554 		value = WMI_STA_PS_UAPSD_AC1_DELIVERY_EN |
7555 			WMI_STA_PS_UAPSD_AC1_TRIGGER_EN;
7556 		prio = 2;
7557 		acc = 1;
7558 		break;
7559 	case IEEE80211_AC_BK:
7560 		value = WMI_STA_PS_UAPSD_AC0_DELIVERY_EN |
7561 			WMI_STA_PS_UAPSD_AC0_TRIGGER_EN;
7562 		prio = 0;
7563 		acc = 0;
7564 		break;
7565 	}
7566 
7567 	if (enable)
7568 		arvif->u.sta.uapsd |= value;
7569 	else
7570 		arvif->u.sta.uapsd &= ~value;
7571 
7572 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7573 					  WMI_STA_PS_PARAM_UAPSD,
7574 					  arvif->u.sta.uapsd);
7575 	if (ret) {
7576 		ath10k_warn(ar, "failed to set uapsd params: %d\n", ret);
7577 		goto exit;
7578 	}
7579 
7580 	if (arvif->u.sta.uapsd)
7581 		value = WMI_STA_PS_RX_WAKE_POLICY_POLL_UAPSD;
7582 	else
7583 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
7584 
7585 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7586 					  WMI_STA_PS_PARAM_RX_WAKE_POLICY,
7587 					  value);
7588 	if (ret)
7589 		ath10k_warn(ar, "failed to set rx wake param: %d\n", ret);
7590 
7591 	ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
7592 	if (ret) {
7593 		ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
7594 			    arvif->vdev_id, ret);
7595 		return ret;
7596 	}
7597 
7598 	ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
7599 	if (ret) {
7600 		ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
7601 			    arvif->vdev_id, ret);
7602 		return ret;
7603 	}
7604 
7605 	if (test_bit(WMI_SERVICE_STA_UAPSD_BASIC_AUTO_TRIG, ar->wmi.svc_map) ||
7606 	    test_bit(WMI_SERVICE_STA_UAPSD_VAR_AUTO_TRIG, ar->wmi.svc_map)) {
7607 		/* Only userspace can make an educated decision when to send
7608 		 * trigger frame. The following effectively disables u-UAPSD
7609 		 * autotrigger in firmware (which is enabled by default
7610 		 * provided the autotrigger service is available).
7611 		 */
7612 
7613 		arg.wmm_ac = acc;
7614 		arg.user_priority = prio;
7615 		arg.service_interval = 0;
7616 		arg.suspend_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7617 		arg.delay_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7618 
7619 		ret = ath10k_wmi_vdev_sta_uapsd(ar, arvif->vdev_id,
7620 						arvif->bssid, &arg, 1);
7621 		if (ret) {
7622 			ath10k_warn(ar, "failed to set uapsd auto trigger %d\n",
7623 				    ret);
7624 			return ret;
7625 		}
7626 	}
7627 
7628 exit:
7629 	return ret;
7630 }
7631 
7632 static int ath10k_conf_tx(struct ieee80211_hw *hw,
7633 			  struct ieee80211_vif *vif, u16 ac,
7634 			  const struct ieee80211_tx_queue_params *params)
7635 {
7636 	struct ath10k *ar = hw->priv;
7637 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7638 	struct wmi_wmm_params_arg *p = NULL;
7639 	int ret;
7640 
7641 	mutex_lock(&ar->conf_mutex);
7642 
7643 	switch (ac) {
7644 	case IEEE80211_AC_VO:
7645 		p = &arvif->wmm_params.ac_vo;
7646 		break;
7647 	case IEEE80211_AC_VI:
7648 		p = &arvif->wmm_params.ac_vi;
7649 		break;
7650 	case IEEE80211_AC_BE:
7651 		p = &arvif->wmm_params.ac_be;
7652 		break;
7653 	case IEEE80211_AC_BK:
7654 		p = &arvif->wmm_params.ac_bk;
7655 		break;
7656 	}
7657 
7658 	if (WARN_ON(!p)) {
7659 		ret = -EINVAL;
7660 		goto exit;
7661 	}
7662 
7663 	p->cwmin = params->cw_min;
7664 	p->cwmax = params->cw_max;
7665 	p->aifs = params->aifs;
7666 
7667 	/*
7668 	 * The channel time duration programmed in the HW is in absolute
7669 	 * microseconds, while mac80211 gives the txop in units of
7670 	 * 32 microseconds.
7671 	 */
7672 	p->txop = params->txop * 32;
7673 
7674 	if (ar->wmi.ops->gen_vdev_wmm_conf) {
7675 		ret = ath10k_wmi_vdev_wmm_conf(ar, arvif->vdev_id,
7676 					       &arvif->wmm_params);
7677 		if (ret) {
7678 			ath10k_warn(ar, "failed to set vdev wmm params on vdev %i: %d\n",
7679 				    arvif->vdev_id, ret);
7680 			goto exit;
7681 		}
7682 	} else {
7683 		/* This won't work well with multi-interface cases but it's
7684 		 * better than nothing.
7685 		 */
7686 		ret = ath10k_wmi_pdev_set_wmm_params(ar, &arvif->wmm_params);
7687 		if (ret) {
7688 			ath10k_warn(ar, "failed to set wmm params: %d\n", ret);
7689 			goto exit;
7690 		}
7691 	}
7692 
7693 	ret = ath10k_conf_tx_uapsd(ar, vif, ac, params->uapsd);
7694 	if (ret)
7695 		ath10k_warn(ar, "failed to set sta uapsd: %d\n", ret);
7696 
7697 exit:
7698 	mutex_unlock(&ar->conf_mutex);
7699 	return ret;
7700 }
7701 
7702 static int ath10k_remain_on_channel(struct ieee80211_hw *hw,
7703 				    struct ieee80211_vif *vif,
7704 				    struct ieee80211_channel *chan,
7705 				    int duration,
7706 				    enum ieee80211_roc_type type)
7707 {
7708 	struct ath10k *ar = hw->priv;
7709 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7710 	struct wmi_start_scan_arg arg;
7711 	int ret = 0;
7712 	u32 scan_time_msec;
7713 
7714 	mutex_lock(&ar->conf_mutex);
7715 
7716 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
7717 		ret = -EBUSY;
7718 		goto exit;
7719 	}
7720 
7721 	spin_lock_bh(&ar->data_lock);
7722 	switch (ar->scan.state) {
7723 	case ATH10K_SCAN_IDLE:
7724 		reinit_completion(&ar->scan.started);
7725 		reinit_completion(&ar->scan.completed);
7726 		reinit_completion(&ar->scan.on_channel);
7727 		ar->scan.state = ATH10K_SCAN_STARTING;
7728 		ar->scan.is_roc = true;
7729 		ar->scan.vdev_id = arvif->vdev_id;
7730 		ar->scan.roc_freq = chan->center_freq;
7731 		ar->scan.roc_notify = true;
7732 		ret = 0;
7733 		break;
7734 	case ATH10K_SCAN_STARTING:
7735 	case ATH10K_SCAN_RUNNING:
7736 	case ATH10K_SCAN_ABORTING:
7737 		ret = -EBUSY;
7738 		break;
7739 	}
7740 	spin_unlock_bh(&ar->data_lock);
7741 
7742 	if (ret)
7743 		goto exit;
7744 
7745 	scan_time_msec = ar->hw->wiphy->max_remain_on_channel_duration * 2;
7746 
7747 	memset(&arg, 0, sizeof(arg));
7748 	ath10k_wmi_start_scan_init(ar, &arg);
7749 	arg.vdev_id = arvif->vdev_id;
7750 	arg.scan_id = ATH10K_SCAN_ID;
7751 	arg.n_channels = 1;
7752 	arg.channels[0] = chan->center_freq;
7753 	arg.dwell_time_active = scan_time_msec;
7754 	arg.dwell_time_passive = scan_time_msec;
7755 	arg.max_scan_time = scan_time_msec;
7756 	arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
7757 	arg.scan_ctrl_flags |= WMI_SCAN_FILTER_PROBE_REQ;
7758 	arg.burst_duration_ms = duration;
7759 
7760 	ret = ath10k_start_scan(ar, &arg);
7761 	if (ret) {
7762 		ath10k_warn(ar, "failed to start roc scan: %d\n", ret);
7763 		spin_lock_bh(&ar->data_lock);
7764 		ar->scan.state = ATH10K_SCAN_IDLE;
7765 		spin_unlock_bh(&ar->data_lock);
7766 		goto exit;
7767 	}
7768 
7769 	ret = wait_for_completion_timeout(&ar->scan.on_channel, 3 * HZ);
7770 	if (ret == 0) {
7771 		ath10k_warn(ar, "failed to switch to channel for roc scan\n");
7772 
7773 		ret = ath10k_scan_stop(ar);
7774 		if (ret)
7775 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
7776 
7777 		ret = -ETIMEDOUT;
7778 		goto exit;
7779 	}
7780 
7781 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
7782 				     msecs_to_jiffies(duration));
7783 
7784 	ret = 0;
7785 exit:
7786 	mutex_unlock(&ar->conf_mutex);
7787 	return ret;
7788 }
7789 
7790 static int ath10k_cancel_remain_on_channel(struct ieee80211_hw *hw,
7791 					   struct ieee80211_vif *vif)
7792 {
7793 	struct ath10k *ar = hw->priv;
7794 
7795 	mutex_lock(&ar->conf_mutex);
7796 
7797 	spin_lock_bh(&ar->data_lock);
7798 	ar->scan.roc_notify = false;
7799 	spin_unlock_bh(&ar->data_lock);
7800 
7801 	ath10k_scan_abort(ar);
7802 
7803 	mutex_unlock(&ar->conf_mutex);
7804 
7805 	cancel_delayed_work_sync(&ar->scan.timeout);
7806 
7807 	return 0;
7808 }
7809 
7810 /*
7811  * Both RTS and Fragmentation threshold are interface-specific
7812  * in ath10k, but device-specific in mac80211.
7813  */
7814 
7815 static int ath10k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
7816 {
7817 	struct ath10k *ar = hw->priv;
7818 	struct ath10k_vif *arvif;
7819 	int ret = 0;
7820 
7821 	mutex_lock(&ar->conf_mutex);
7822 	list_for_each_entry(arvif, &ar->arvifs, list) {
7823 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d rts threshold %d\n",
7824 			   arvif->vdev_id, value);
7825 
7826 		ret = ath10k_mac_set_rts(arvif, value);
7827 		if (ret) {
7828 			ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
7829 				    arvif->vdev_id, ret);
7830 			break;
7831 		}
7832 	}
7833 	mutex_unlock(&ar->conf_mutex);
7834 
7835 	return ret;
7836 }
7837 
7838 static int ath10k_mac_op_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
7839 {
7840 	/* Even though there's a WMI enum for fragmentation threshold no known
7841 	 * firmware actually implements it. Moreover it is not possible to rely
7842 	 * frame fragmentation to mac80211 because firmware clears the "more
7843 	 * fragments" bit in frame control making it impossible for remote
7844 	 * devices to reassemble frames.
7845 	 *
7846 	 * Hence implement a dummy callback just to say fragmentation isn't
7847 	 * supported. This effectively prevents mac80211 from doing frame
7848 	 * fragmentation in software.
7849 	 */
7850 	return -EOPNOTSUPP;
7851 }
7852 
7853 void ath10k_mac_wait_tx_complete(struct ath10k *ar)
7854 {
7855 	bool skip;
7856 	long time_left;
7857 
7858 	/* mac80211 doesn't care if we really xmit queued frames or not
7859 	 * we'll collect those frames either way if we stop/delete vdevs
7860 	 */
7861 
7862 	if (ar->state == ATH10K_STATE_WEDGED)
7863 		return;
7864 
7865 	time_left = wait_event_timeout(ar->htt.empty_tx_wq, ({
7866 			bool empty;
7867 
7868 			spin_lock_bh(&ar->htt.tx_lock);
7869 			empty = (ar->htt.num_pending_tx == 0);
7870 			spin_unlock_bh(&ar->htt.tx_lock);
7871 
7872 			skip = (ar->state == ATH10K_STATE_WEDGED) ||
7873 			       test_bit(ATH10K_FLAG_CRASH_FLUSH,
7874 					&ar->dev_flags);
7875 
7876 			(empty || skip);
7877 		}), ATH10K_FLUSH_TIMEOUT_HZ);
7878 
7879 	if (time_left == 0 || skip)
7880 		ath10k_warn(ar, "failed to flush transmit queue (skip %i ar-state %i): %ld\n",
7881 			    skip, ar->state, time_left);
7882 }
7883 
7884 static void ath10k_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
7885 			 u32 queues, bool drop)
7886 {
7887 	struct ath10k *ar = hw->priv;
7888 	struct ath10k_vif *arvif;
7889 	u32 bitmap;
7890 
7891 	if (drop) {
7892 		if (vif && vif->type == NL80211_IFTYPE_STATION) {
7893 			bitmap = ~(1 << WMI_MGMT_TID);
7894 			list_for_each_entry(arvif, &ar->arvifs, list) {
7895 				if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
7896 					ath10k_wmi_peer_flush(ar, arvif->vdev_id,
7897 							      arvif->bssid, bitmap);
7898 			}
7899 			ath10k_htt_flush_tx(&ar->htt);
7900 		}
7901 		return;
7902 	}
7903 
7904 	mutex_lock(&ar->conf_mutex);
7905 	ath10k_mac_wait_tx_complete(ar);
7906 	mutex_unlock(&ar->conf_mutex);
7907 }
7908 
7909 /* TODO: Implement this function properly
7910  * For now it is needed to reply to Probe Requests in IBSS mode.
7911  * Propably we need this information from FW.
7912  */
7913 static int ath10k_tx_last_beacon(struct ieee80211_hw *hw)
7914 {
7915 	return 1;
7916 }
7917 
7918 static void ath10k_reconfig_complete(struct ieee80211_hw *hw,
7919 				     enum ieee80211_reconfig_type reconfig_type)
7920 {
7921 	struct ath10k *ar = hw->priv;
7922 
7923 	if (reconfig_type != IEEE80211_RECONFIG_TYPE_RESTART)
7924 		return;
7925 
7926 	mutex_lock(&ar->conf_mutex);
7927 
7928 	/* If device failed to restart it will be in a different state, e.g.
7929 	 * ATH10K_STATE_WEDGED
7930 	 */
7931 	if (ar->state == ATH10K_STATE_RESTARTED) {
7932 		ath10k_info(ar, "device successfully recovered\n");
7933 		ar->state = ATH10K_STATE_ON;
7934 		ieee80211_wake_queues(ar->hw);
7935 		clear_bit(ATH10K_FLAG_RESTARTING, &ar->dev_flags);
7936 	}
7937 
7938 	mutex_unlock(&ar->conf_mutex);
7939 }
7940 
7941 static void
7942 ath10k_mac_update_bss_chan_survey(struct ath10k *ar,
7943 				  struct ieee80211_channel *channel)
7944 {
7945 	int ret;
7946 	enum wmi_bss_survey_req_type type = WMI_BSS_SURVEY_REQ_TYPE_READ;
7947 
7948 	lockdep_assert_held(&ar->conf_mutex);
7949 
7950 	if (!test_bit(WMI_SERVICE_BSS_CHANNEL_INFO_64, ar->wmi.svc_map) ||
7951 	    (ar->rx_channel != channel))
7952 		return;
7953 
7954 	if (ar->scan.state != ATH10K_SCAN_IDLE) {
7955 		ath10k_dbg(ar, ATH10K_DBG_MAC, "ignoring bss chan info request while scanning..\n");
7956 		return;
7957 	}
7958 
7959 	reinit_completion(&ar->bss_survey_done);
7960 
7961 	ret = ath10k_wmi_pdev_bss_chan_info_request(ar, type);
7962 	if (ret) {
7963 		ath10k_warn(ar, "failed to send pdev bss chan info request\n");
7964 		return;
7965 	}
7966 
7967 	ret = wait_for_completion_timeout(&ar->bss_survey_done, 3 * HZ);
7968 	if (!ret) {
7969 		ath10k_warn(ar, "bss channel survey timed out\n");
7970 		return;
7971 	}
7972 }
7973 
7974 static int ath10k_get_survey(struct ieee80211_hw *hw, int idx,
7975 			     struct survey_info *survey)
7976 {
7977 	struct ath10k *ar = hw->priv;
7978 	struct ieee80211_supported_band *sband;
7979 	struct survey_info *ar_survey = &ar->survey[idx];
7980 	int ret = 0;
7981 
7982 	mutex_lock(&ar->conf_mutex);
7983 
7984 	sband = hw->wiphy->bands[NL80211_BAND_2GHZ];
7985 	if (sband && idx >= sband->n_channels) {
7986 		idx -= sband->n_channels;
7987 		sband = NULL;
7988 	}
7989 
7990 	if (!sband)
7991 		sband = hw->wiphy->bands[NL80211_BAND_5GHZ];
7992 
7993 	if (!sband || idx >= sband->n_channels) {
7994 		ret = -ENOENT;
7995 		goto exit;
7996 	}
7997 
7998 	ath10k_mac_update_bss_chan_survey(ar, &sband->channels[idx]);
7999 
8000 	spin_lock_bh(&ar->data_lock);
8001 	memcpy(survey, ar_survey, sizeof(*survey));
8002 	spin_unlock_bh(&ar->data_lock);
8003 
8004 	survey->channel = &sband->channels[idx];
8005 
8006 	if (ar->rx_channel == survey->channel)
8007 		survey->filled |= SURVEY_INFO_IN_USE;
8008 
8009 exit:
8010 	mutex_unlock(&ar->conf_mutex);
8011 	return ret;
8012 }
8013 
8014 static bool
8015 ath10k_mac_bitrate_mask_get_single_nss(struct ath10k *ar,
8016 				       enum nl80211_band band,
8017 				       const struct cfg80211_bitrate_mask *mask,
8018 				       int *nss)
8019 {
8020 	struct ieee80211_supported_band *sband = &ar->mac.sbands[band];
8021 	u16 vht_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
8022 	u8 ht_nss_mask = 0;
8023 	u8 vht_nss_mask = 0;
8024 	int i;
8025 
8026 	if (mask->control[band].legacy)
8027 		return false;
8028 
8029 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
8030 		if (mask->control[band].ht_mcs[i] == 0)
8031 			continue;
8032 		else if (mask->control[band].ht_mcs[i] ==
8033 			 sband->ht_cap.mcs.rx_mask[i])
8034 			ht_nss_mask |= BIT(i);
8035 		else
8036 			return false;
8037 	}
8038 
8039 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
8040 		if (mask->control[band].vht_mcs[i] == 0)
8041 			continue;
8042 		else if (mask->control[band].vht_mcs[i] ==
8043 			 ath10k_mac_get_max_vht_mcs_map(vht_mcs_map, i))
8044 			vht_nss_mask |= BIT(i);
8045 		else
8046 			return false;
8047 	}
8048 
8049 	if (ht_nss_mask != vht_nss_mask)
8050 		return false;
8051 
8052 	if (ht_nss_mask == 0)
8053 		return false;
8054 
8055 	if (BIT(fls(ht_nss_mask)) - 1 != ht_nss_mask)
8056 		return false;
8057 
8058 	*nss = fls(ht_nss_mask);
8059 
8060 	return true;
8061 }
8062 
8063 static int ath10k_mac_set_fixed_rate_params(struct ath10k_vif *arvif,
8064 					    u8 rate, u8 nss, u8 sgi, u8 ldpc)
8065 {
8066 	struct ath10k *ar = arvif->ar;
8067 	u32 vdev_param;
8068 	int ret;
8069 
8070 	lockdep_assert_held(&ar->conf_mutex);
8071 
8072 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac set fixed rate params vdev %i rate 0x%02hhx nss %hhu sgi %hhu\n",
8073 		   arvif->vdev_id, rate, nss, sgi);
8074 
8075 	vdev_param = ar->wmi.vdev_param->fixed_rate;
8076 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, rate);
8077 	if (ret) {
8078 		ath10k_warn(ar, "failed to set fixed rate param 0x%02x: %d\n",
8079 			    rate, ret);
8080 		return ret;
8081 	}
8082 
8083 	vdev_param = ar->wmi.vdev_param->nss;
8084 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, nss);
8085 	if (ret) {
8086 		ath10k_warn(ar, "failed to set nss param %d: %d\n", nss, ret);
8087 		return ret;
8088 	}
8089 
8090 	vdev_param = ar->wmi.vdev_param->sgi;
8091 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, sgi);
8092 	if (ret) {
8093 		ath10k_warn(ar, "failed to set sgi param %d: %d\n", sgi, ret);
8094 		return ret;
8095 	}
8096 
8097 	vdev_param = ar->wmi.vdev_param->ldpc;
8098 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, ldpc);
8099 	if (ret) {
8100 		ath10k_warn(ar, "failed to set ldpc param %d: %d\n", ldpc, ret);
8101 		return ret;
8102 	}
8103 
8104 	return 0;
8105 }
8106 
8107 static bool
8108 ath10k_mac_can_set_bitrate_mask(struct ath10k *ar,
8109 				enum nl80211_band band,
8110 				const struct cfg80211_bitrate_mask *mask,
8111 				bool allow_pfr)
8112 {
8113 	int i;
8114 	u16 vht_mcs;
8115 
8116 	/* Due to firmware limitation in WMI_PEER_ASSOC_CMDID it is impossible
8117 	 * to express all VHT MCS rate masks. Effectively only the following
8118 	 * ranges can be used: none, 0-7, 0-8 and 0-9.
8119 	 */
8120 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
8121 		vht_mcs = mask->control[band].vht_mcs[i];
8122 
8123 		switch (vht_mcs) {
8124 		case 0:
8125 		case BIT(8) - 1:
8126 		case BIT(9) - 1:
8127 		case BIT(10) - 1:
8128 			break;
8129 		default:
8130 			if (!allow_pfr)
8131 				ath10k_warn(ar, "refusing bitrate mask with missing 0-7 VHT MCS rates\n");
8132 			return false;
8133 		}
8134 	}
8135 
8136 	return true;
8137 }
8138 
8139 static bool ath10k_mac_set_vht_bitrate_mask_fixup(struct ath10k *ar,
8140 						  struct ath10k_vif *arvif,
8141 						  struct ieee80211_sta *sta)
8142 {
8143 	int err;
8144 	u8 rate = arvif->vht_pfr;
8145 
8146 	/* skip non vht and multiple rate peers */
8147 	if (!sta->vht_cap.vht_supported || arvif->vht_num_rates != 1)
8148 		return false;
8149 
8150 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8151 					WMI_PEER_PARAM_FIXED_RATE, rate);
8152 	if (err)
8153 		ath10k_warn(ar, "failed to enable STA %pM peer fixed rate: %d\n",
8154 			    sta->addr, err);
8155 
8156 	return true;
8157 }
8158 
8159 static void ath10k_mac_set_bitrate_mask_iter(void *data,
8160 					     struct ieee80211_sta *sta)
8161 {
8162 	struct ath10k_vif *arvif = data;
8163 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8164 	struct ath10k *ar = arvif->ar;
8165 
8166 	if (arsta->arvif != arvif)
8167 		return;
8168 
8169 	if (ath10k_mac_set_vht_bitrate_mask_fixup(ar, arvif, sta))
8170 		return;
8171 
8172 	spin_lock_bh(&ar->data_lock);
8173 	arsta->changed |= IEEE80211_RC_SUPP_RATES_CHANGED;
8174 	spin_unlock_bh(&ar->data_lock);
8175 
8176 	ieee80211_queue_work(ar->hw, &arsta->update_wk);
8177 }
8178 
8179 static void ath10k_mac_clr_bitrate_mask_iter(void *data,
8180 					     struct ieee80211_sta *sta)
8181 {
8182 	struct ath10k_vif *arvif = data;
8183 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8184 	struct ath10k *ar = arvif->ar;
8185 	int err;
8186 
8187 	/* clear vht peers only */
8188 	if (arsta->arvif != arvif || !sta->vht_cap.vht_supported)
8189 		return;
8190 
8191 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8192 					WMI_PEER_PARAM_FIXED_RATE,
8193 					WMI_FIXED_RATE_NONE);
8194 	if (err)
8195 		ath10k_warn(ar, "failed to clear STA %pM peer fixed rate: %d\n",
8196 			    sta->addr, err);
8197 }
8198 
8199 static int ath10k_mac_op_set_bitrate_mask(struct ieee80211_hw *hw,
8200 					  struct ieee80211_vif *vif,
8201 					  const struct cfg80211_bitrate_mask *mask)
8202 {
8203 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8204 	struct cfg80211_chan_def def;
8205 	struct ath10k *ar = arvif->ar;
8206 	enum nl80211_band band;
8207 	const u8 *ht_mcs_mask;
8208 	const u16 *vht_mcs_mask;
8209 	u8 rate;
8210 	u8 nss;
8211 	u8 sgi;
8212 	u8 ldpc;
8213 	int single_nss;
8214 	int ret;
8215 	int vht_num_rates, allow_pfr;
8216 	u8 vht_pfr;
8217 	bool update_bitrate_mask = true;
8218 
8219 	if (ath10k_mac_vif_chan(vif, &def))
8220 		return -EPERM;
8221 
8222 	band = def.chan->band;
8223 	ht_mcs_mask = mask->control[band].ht_mcs;
8224 	vht_mcs_mask = mask->control[band].vht_mcs;
8225 	ldpc = !!(ar->ht_cap_info & WMI_HT_CAP_LDPC);
8226 
8227 	sgi = mask->control[band].gi;
8228 	if (sgi == NL80211_TXRATE_FORCE_LGI)
8229 		return -EINVAL;
8230 
8231 	allow_pfr = test_bit(ATH10K_FW_FEATURE_PEER_FIXED_RATE,
8232 			     ar->normal_mode_fw.fw_file.fw_features);
8233 	if (allow_pfr) {
8234 		mutex_lock(&ar->conf_mutex);
8235 		ieee80211_iterate_stations_atomic(ar->hw,
8236 						  ath10k_mac_clr_bitrate_mask_iter,
8237 						  arvif);
8238 		mutex_unlock(&ar->conf_mutex);
8239 	}
8240 
8241 	if (ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
8242 						    &vht_num_rates)) {
8243 		ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8244 							      &rate, &nss,
8245 							      false);
8246 		if (ret) {
8247 			ath10k_warn(ar, "failed to get single rate for vdev %i: %d\n",
8248 				    arvif->vdev_id, ret);
8249 			return ret;
8250 		}
8251 	} else if (ath10k_mac_bitrate_mask_get_single_nss(ar, band, mask,
8252 							  &single_nss)) {
8253 		rate = WMI_FIXED_RATE_NONE;
8254 		nss = single_nss;
8255 	} else {
8256 		rate = WMI_FIXED_RATE_NONE;
8257 		nss = min(ar->num_rf_chains,
8258 			  max(ath10k_mac_max_ht_nss(ht_mcs_mask),
8259 			      ath10k_mac_max_vht_nss(vht_mcs_mask)));
8260 
8261 		if (!ath10k_mac_can_set_bitrate_mask(ar, band, mask,
8262 						     allow_pfr)) {
8263 			u8 vht_nss;
8264 
8265 			if (!allow_pfr || vht_num_rates != 1)
8266 				return -EINVAL;
8267 
8268 			/* Reach here, firmware supports peer fixed rate and has
8269 			 * single vht rate, and don't update vif birate_mask, as
8270 			 * the rate only for specific peer.
8271 			 */
8272 			ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8273 								&vht_pfr,
8274 								&vht_nss,
8275 								true);
8276 			update_bitrate_mask = false;
8277 		} else {
8278 			vht_pfr = 0;
8279 		}
8280 
8281 		mutex_lock(&ar->conf_mutex);
8282 
8283 		if (update_bitrate_mask)
8284 			arvif->bitrate_mask = *mask;
8285 		arvif->vht_num_rates = vht_num_rates;
8286 		arvif->vht_pfr = vht_pfr;
8287 		ieee80211_iterate_stations_atomic(ar->hw,
8288 						  ath10k_mac_set_bitrate_mask_iter,
8289 						  arvif);
8290 
8291 		mutex_unlock(&ar->conf_mutex);
8292 	}
8293 
8294 	mutex_lock(&ar->conf_mutex);
8295 
8296 	ret = ath10k_mac_set_fixed_rate_params(arvif, rate, nss, sgi, ldpc);
8297 	if (ret) {
8298 		ath10k_warn(ar, "failed to set fixed rate params on vdev %i: %d\n",
8299 			    arvif->vdev_id, ret);
8300 		goto exit;
8301 	}
8302 
8303 exit:
8304 	mutex_unlock(&ar->conf_mutex);
8305 
8306 	return ret;
8307 }
8308 
8309 static void ath10k_sta_rc_update(struct ieee80211_hw *hw,
8310 				 struct ieee80211_vif *vif,
8311 				 struct ieee80211_sta *sta,
8312 				 u32 changed)
8313 {
8314 	struct ath10k *ar = hw->priv;
8315 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8316 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8317 	struct ath10k_peer *peer;
8318 	u32 bw, smps;
8319 
8320 	spin_lock_bh(&ar->data_lock);
8321 
8322 	peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
8323 	if (!peer) {
8324 		spin_unlock_bh(&ar->data_lock);
8325 		ath10k_warn(ar, "mac sta rc update failed to find peer %pM on vdev %i\n",
8326 			    sta->addr, arvif->vdev_id);
8327 		return;
8328 	}
8329 
8330 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8331 		   "mac sta rc update for %pM changed %08x bw %d nss %d smps %d\n",
8332 		   sta->addr, changed, sta->bandwidth, sta->rx_nss,
8333 		   sta->smps_mode);
8334 
8335 	if (changed & IEEE80211_RC_BW_CHANGED) {
8336 		bw = WMI_PEER_CHWIDTH_20MHZ;
8337 
8338 		switch (sta->bandwidth) {
8339 		case IEEE80211_STA_RX_BW_20:
8340 			bw = WMI_PEER_CHWIDTH_20MHZ;
8341 			break;
8342 		case IEEE80211_STA_RX_BW_40:
8343 			bw = WMI_PEER_CHWIDTH_40MHZ;
8344 			break;
8345 		case IEEE80211_STA_RX_BW_80:
8346 			bw = WMI_PEER_CHWIDTH_80MHZ;
8347 			break;
8348 		case IEEE80211_STA_RX_BW_160:
8349 			bw = WMI_PEER_CHWIDTH_160MHZ;
8350 			break;
8351 		default:
8352 			ath10k_warn(ar, "Invalid bandwidth %d in rc update for %pM\n",
8353 				    sta->bandwidth, sta->addr);
8354 			bw = WMI_PEER_CHWIDTH_20MHZ;
8355 			break;
8356 		}
8357 
8358 		arsta->bw = bw;
8359 	}
8360 
8361 	if (changed & IEEE80211_RC_NSS_CHANGED)
8362 		arsta->nss = sta->rx_nss;
8363 
8364 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
8365 		smps = WMI_PEER_SMPS_PS_NONE;
8366 
8367 		switch (sta->smps_mode) {
8368 		case IEEE80211_SMPS_AUTOMATIC:
8369 		case IEEE80211_SMPS_OFF:
8370 			smps = WMI_PEER_SMPS_PS_NONE;
8371 			break;
8372 		case IEEE80211_SMPS_STATIC:
8373 			smps = WMI_PEER_SMPS_STATIC;
8374 			break;
8375 		case IEEE80211_SMPS_DYNAMIC:
8376 			smps = WMI_PEER_SMPS_DYNAMIC;
8377 			break;
8378 		case IEEE80211_SMPS_NUM_MODES:
8379 			ath10k_warn(ar, "Invalid smps %d in sta rc update for %pM\n",
8380 				    sta->smps_mode, sta->addr);
8381 			smps = WMI_PEER_SMPS_PS_NONE;
8382 			break;
8383 		}
8384 
8385 		arsta->smps = smps;
8386 	}
8387 
8388 	arsta->changed |= changed;
8389 
8390 	spin_unlock_bh(&ar->data_lock);
8391 
8392 	ieee80211_queue_work(hw, &arsta->update_wk);
8393 }
8394 
8395 static void ath10k_offset_tsf(struct ieee80211_hw *hw,
8396 			      struct ieee80211_vif *vif, s64 tsf_offset)
8397 {
8398 	struct ath10k *ar = hw->priv;
8399 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8400 	u32 offset, vdev_param;
8401 	int ret;
8402 
8403 	if (tsf_offset < 0) {
8404 		vdev_param = ar->wmi.vdev_param->dec_tsf;
8405 		offset = -tsf_offset;
8406 	} else {
8407 		vdev_param = ar->wmi.vdev_param->inc_tsf;
8408 		offset = tsf_offset;
8409 	}
8410 
8411 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
8412 					vdev_param, offset);
8413 
8414 	if (ret && ret != -EOPNOTSUPP)
8415 		ath10k_warn(ar, "failed to set tsf offset %d cmd %d: %d\n",
8416 			    offset, vdev_param, ret);
8417 }
8418 
8419 static int ath10k_ampdu_action(struct ieee80211_hw *hw,
8420 			       struct ieee80211_vif *vif,
8421 			       struct ieee80211_ampdu_params *params)
8422 {
8423 	struct ath10k *ar = hw->priv;
8424 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8425 	struct ieee80211_sta *sta = params->sta;
8426 	enum ieee80211_ampdu_mlme_action action = params->action;
8427 	u16 tid = params->tid;
8428 
8429 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ampdu vdev_id %i sta %pM tid %hu action %d\n",
8430 		   arvif->vdev_id, sta->addr, tid, action);
8431 
8432 	switch (action) {
8433 	case IEEE80211_AMPDU_RX_START:
8434 	case IEEE80211_AMPDU_RX_STOP:
8435 		/* HTT AddBa/DelBa events trigger mac80211 Rx BA session
8436 		 * creation/removal. Do we need to verify this?
8437 		 */
8438 		return 0;
8439 	case IEEE80211_AMPDU_TX_START:
8440 	case IEEE80211_AMPDU_TX_STOP_CONT:
8441 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
8442 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
8443 	case IEEE80211_AMPDU_TX_OPERATIONAL:
8444 		/* Firmware offloads Tx aggregation entirely so deny mac80211
8445 		 * Tx aggregation requests.
8446 		 */
8447 		return -EOPNOTSUPP;
8448 	}
8449 
8450 	return -EINVAL;
8451 }
8452 
8453 static void
8454 ath10k_mac_update_rx_channel(struct ath10k *ar,
8455 			     struct ieee80211_chanctx_conf *ctx,
8456 			     struct ieee80211_vif_chanctx_switch *vifs,
8457 			     int n_vifs)
8458 {
8459 	struct cfg80211_chan_def *def = NULL;
8460 
8461 	/* Both locks are required because ar->rx_channel is modified. This
8462 	 * allows readers to hold either lock.
8463 	 */
8464 	lockdep_assert_held(&ar->conf_mutex);
8465 	lockdep_assert_held(&ar->data_lock);
8466 
8467 	WARN_ON(ctx && vifs);
8468 	WARN_ON(vifs && !n_vifs);
8469 
8470 	/* FIXME: Sort of an optimization and a workaround. Peers and vifs are
8471 	 * on a linked list now. Doing a lookup peer -> vif -> chanctx for each
8472 	 * ppdu on Rx may reduce performance on low-end systems. It should be
8473 	 * possible to make tables/hashmaps to speed the lookup up (be vary of
8474 	 * cpu data cache lines though regarding sizes) but to keep the initial
8475 	 * implementation simple and less intrusive fallback to the slow lookup
8476 	 * only for multi-channel cases. Single-channel cases will remain to
8477 	 * use the old channel derival and thus performance should not be
8478 	 * affected much.
8479 	 */
8480 	rcu_read_lock();
8481 	if (!ctx && ath10k_mac_num_chanctxs(ar) == 1) {
8482 		ieee80211_iter_chan_contexts_atomic(ar->hw,
8483 						    ath10k_mac_get_any_chandef_iter,
8484 						    &def);
8485 
8486 		if (vifs)
8487 			def = &vifs[0].new_ctx->def;
8488 
8489 		ar->rx_channel = def->chan;
8490 	} else if ((ctx && ath10k_mac_num_chanctxs(ar) == 0) ||
8491 		   (ctx && (ar->state == ATH10K_STATE_RESTARTED))) {
8492 		/* During driver restart due to firmware assert, since mac80211
8493 		 * already has valid channel context for given radio, channel
8494 		 * context iteration return num_chanctx > 0. So fix rx_channel
8495 		 * when restart is in progress.
8496 		 */
8497 		ar->rx_channel = ctx->def.chan;
8498 	} else {
8499 		ar->rx_channel = NULL;
8500 	}
8501 	rcu_read_unlock();
8502 }
8503 
8504 static void
8505 ath10k_mac_update_vif_chan(struct ath10k *ar,
8506 			   struct ieee80211_vif_chanctx_switch *vifs,
8507 			   int n_vifs)
8508 {
8509 	struct ath10k_vif *arvif;
8510 	int ret;
8511 	int i;
8512 
8513 	lockdep_assert_held(&ar->conf_mutex);
8514 
8515 	/* First stop monitor interface. Some FW versions crash if there's a
8516 	 * lone monitor interface.
8517 	 */
8518 	if (ar->monitor_started)
8519 		ath10k_monitor_stop(ar);
8520 
8521 	for (i = 0; i < n_vifs; i++) {
8522 		arvif = (void *)vifs[i].vif->drv_priv;
8523 
8524 		ath10k_dbg(ar, ATH10K_DBG_MAC,
8525 			   "mac chanctx switch vdev_id %i freq %hu->%hu width %d->%d\n",
8526 			   arvif->vdev_id,
8527 			   vifs[i].old_ctx->def.chan->center_freq,
8528 			   vifs[i].new_ctx->def.chan->center_freq,
8529 			   vifs[i].old_ctx->def.width,
8530 			   vifs[i].new_ctx->def.width);
8531 
8532 		if (WARN_ON(!arvif->is_started))
8533 			continue;
8534 
8535 		if (WARN_ON(!arvif->is_up))
8536 			continue;
8537 
8538 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
8539 		if (ret) {
8540 			ath10k_warn(ar, "failed to down vdev %d: %d\n",
8541 				    arvif->vdev_id, ret);
8542 			continue;
8543 		}
8544 	}
8545 
8546 	/* All relevant vdevs are downed and associated channel resources
8547 	 * should be available for the channel switch now.
8548 	 */
8549 
8550 	spin_lock_bh(&ar->data_lock);
8551 	ath10k_mac_update_rx_channel(ar, NULL, vifs, n_vifs);
8552 	spin_unlock_bh(&ar->data_lock);
8553 
8554 	for (i = 0; i < n_vifs; i++) {
8555 		arvif = (void *)vifs[i].vif->drv_priv;
8556 
8557 		if (WARN_ON(!arvif->is_started))
8558 			continue;
8559 
8560 		if (WARN_ON(!arvif->is_up))
8561 			continue;
8562 
8563 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
8564 		if (ret)
8565 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
8566 				    ret);
8567 
8568 		ret = ath10k_mac_setup_prb_tmpl(arvif);
8569 		if (ret)
8570 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
8571 				    ret);
8572 
8573 		ret = ath10k_vdev_restart(arvif, &vifs[i].new_ctx->def);
8574 		if (ret) {
8575 			ath10k_warn(ar, "failed to restart vdev %d: %d\n",
8576 				    arvif->vdev_id, ret);
8577 			continue;
8578 		}
8579 
8580 		ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
8581 					 arvif->bssid);
8582 		if (ret) {
8583 			ath10k_warn(ar, "failed to bring vdev up %d: %d\n",
8584 				    arvif->vdev_id, ret);
8585 			continue;
8586 		}
8587 	}
8588 
8589 	ath10k_monitor_recalc(ar);
8590 }
8591 
8592 static int
8593 ath10k_mac_op_add_chanctx(struct ieee80211_hw *hw,
8594 			  struct ieee80211_chanctx_conf *ctx)
8595 {
8596 	struct ath10k *ar = hw->priv;
8597 
8598 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8599 		   "mac chanctx add freq %hu width %d ptr %pK\n",
8600 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8601 
8602 	mutex_lock(&ar->conf_mutex);
8603 
8604 	spin_lock_bh(&ar->data_lock);
8605 	ath10k_mac_update_rx_channel(ar, ctx, NULL, 0);
8606 	spin_unlock_bh(&ar->data_lock);
8607 
8608 	ath10k_recalc_radar_detection(ar);
8609 	ath10k_monitor_recalc(ar);
8610 
8611 	mutex_unlock(&ar->conf_mutex);
8612 
8613 	return 0;
8614 }
8615 
8616 static void
8617 ath10k_mac_op_remove_chanctx(struct ieee80211_hw *hw,
8618 			     struct ieee80211_chanctx_conf *ctx)
8619 {
8620 	struct ath10k *ar = hw->priv;
8621 
8622 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8623 		   "mac chanctx remove freq %hu width %d ptr %pK\n",
8624 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8625 
8626 	mutex_lock(&ar->conf_mutex);
8627 
8628 	spin_lock_bh(&ar->data_lock);
8629 	ath10k_mac_update_rx_channel(ar, NULL, NULL, 0);
8630 	spin_unlock_bh(&ar->data_lock);
8631 
8632 	ath10k_recalc_radar_detection(ar);
8633 	ath10k_monitor_recalc(ar);
8634 
8635 	mutex_unlock(&ar->conf_mutex);
8636 }
8637 
8638 struct ath10k_mac_change_chanctx_arg {
8639 	struct ieee80211_chanctx_conf *ctx;
8640 	struct ieee80211_vif_chanctx_switch *vifs;
8641 	int n_vifs;
8642 	int next_vif;
8643 };
8644 
8645 static void
8646 ath10k_mac_change_chanctx_cnt_iter(void *data, u8 *mac,
8647 				   struct ieee80211_vif *vif)
8648 {
8649 	struct ath10k_mac_change_chanctx_arg *arg = data;
8650 
8651 	if (rcu_access_pointer(vif->chanctx_conf) != arg->ctx)
8652 		return;
8653 
8654 	arg->n_vifs++;
8655 }
8656 
8657 static void
8658 ath10k_mac_change_chanctx_fill_iter(void *data, u8 *mac,
8659 				    struct ieee80211_vif *vif)
8660 {
8661 	struct ath10k_mac_change_chanctx_arg *arg = data;
8662 	struct ieee80211_chanctx_conf *ctx;
8663 
8664 	ctx = rcu_access_pointer(vif->chanctx_conf);
8665 	if (ctx != arg->ctx)
8666 		return;
8667 
8668 	if (WARN_ON(arg->next_vif == arg->n_vifs))
8669 		return;
8670 
8671 	arg->vifs[arg->next_vif].vif = vif;
8672 	arg->vifs[arg->next_vif].old_ctx = ctx;
8673 	arg->vifs[arg->next_vif].new_ctx = ctx;
8674 	arg->next_vif++;
8675 }
8676 
8677 static void
8678 ath10k_mac_op_change_chanctx(struct ieee80211_hw *hw,
8679 			     struct ieee80211_chanctx_conf *ctx,
8680 			     u32 changed)
8681 {
8682 	struct ath10k *ar = hw->priv;
8683 	struct ath10k_mac_change_chanctx_arg arg = { .ctx = ctx };
8684 
8685 	mutex_lock(&ar->conf_mutex);
8686 
8687 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8688 		   "mac chanctx change freq %hu width %d ptr %pK changed %x\n",
8689 		   ctx->def.chan->center_freq, ctx->def.width, ctx, changed);
8690 
8691 	/* This shouldn't really happen because channel switching should use
8692 	 * switch_vif_chanctx().
8693 	 */
8694 	if (WARN_ON(changed & IEEE80211_CHANCTX_CHANGE_CHANNEL))
8695 		goto unlock;
8696 
8697 	if (changed & IEEE80211_CHANCTX_CHANGE_WIDTH) {
8698 		ieee80211_iterate_active_interfaces_atomic(
8699 					hw,
8700 					ATH10K_ITER_NORMAL_FLAGS,
8701 					ath10k_mac_change_chanctx_cnt_iter,
8702 					&arg);
8703 		if (arg.n_vifs == 0)
8704 			goto radar;
8705 
8706 		arg.vifs = kcalloc(arg.n_vifs, sizeof(arg.vifs[0]),
8707 				   GFP_KERNEL);
8708 		if (!arg.vifs)
8709 			goto radar;
8710 
8711 		ieee80211_iterate_active_interfaces_atomic(
8712 					hw,
8713 					ATH10K_ITER_NORMAL_FLAGS,
8714 					ath10k_mac_change_chanctx_fill_iter,
8715 					&arg);
8716 		ath10k_mac_update_vif_chan(ar, arg.vifs, arg.n_vifs);
8717 		kfree(arg.vifs);
8718 	}
8719 
8720 radar:
8721 	ath10k_recalc_radar_detection(ar);
8722 
8723 	/* FIXME: How to configure Rx chains properly? */
8724 
8725 	/* No other actions are actually necessary. Firmware maintains channel
8726 	 * definitions per vdev internally and there's no host-side channel
8727 	 * context abstraction to configure, e.g. channel width.
8728 	 */
8729 
8730 unlock:
8731 	mutex_unlock(&ar->conf_mutex);
8732 }
8733 
8734 static int
8735 ath10k_mac_op_assign_vif_chanctx(struct ieee80211_hw *hw,
8736 				 struct ieee80211_vif *vif,
8737 				 struct ieee80211_chanctx_conf *ctx)
8738 {
8739 	struct ath10k *ar = hw->priv;
8740 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8741 	int ret;
8742 
8743 	mutex_lock(&ar->conf_mutex);
8744 
8745 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8746 		   "mac chanctx assign ptr %pK vdev_id %i\n",
8747 		   ctx, arvif->vdev_id);
8748 
8749 	if (WARN_ON(arvif->is_started)) {
8750 		mutex_unlock(&ar->conf_mutex);
8751 		return -EBUSY;
8752 	}
8753 
8754 	ret = ath10k_vdev_start(arvif, &ctx->def);
8755 	if (ret) {
8756 		ath10k_warn(ar, "failed to start vdev %i addr %pM on freq %d: %d\n",
8757 			    arvif->vdev_id, vif->addr,
8758 			    ctx->def.chan->center_freq, ret);
8759 		goto err;
8760 	}
8761 
8762 	arvif->is_started = true;
8763 
8764 	ret = ath10k_mac_vif_setup_ps(arvif);
8765 	if (ret) {
8766 		ath10k_warn(ar, "failed to update vdev %i ps: %d\n",
8767 			    arvif->vdev_id, ret);
8768 		goto err_stop;
8769 	}
8770 
8771 	if (vif->type == NL80211_IFTYPE_MONITOR) {
8772 		ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, 0, vif->addr);
8773 		if (ret) {
8774 			ath10k_warn(ar, "failed to up monitor vdev %i: %d\n",
8775 				    arvif->vdev_id, ret);
8776 			goto err_stop;
8777 		}
8778 
8779 		arvif->is_up = true;
8780 	}
8781 
8782 	if (ath10k_mac_can_set_cts_prot(arvif)) {
8783 		ret = ath10k_mac_set_cts_prot(arvif);
8784 		if (ret)
8785 			ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
8786 				    arvif->vdev_id, ret);
8787 	}
8788 
8789 	if (ath10k_peer_stats_enabled(ar) &&
8790 	    ar->hw_params.tx_stats_over_pktlog) {
8791 		ar->pktlog_filter |= ATH10K_PKTLOG_PEER_STATS;
8792 		ret = ath10k_wmi_pdev_pktlog_enable(ar,
8793 						    ar->pktlog_filter);
8794 		if (ret) {
8795 			ath10k_warn(ar, "failed to enable pktlog %d\n", ret);
8796 			goto err_stop;
8797 		}
8798 	}
8799 
8800 	mutex_unlock(&ar->conf_mutex);
8801 	return 0;
8802 
8803 err_stop:
8804 	ath10k_vdev_stop(arvif);
8805 	arvif->is_started = false;
8806 	ath10k_mac_vif_setup_ps(arvif);
8807 
8808 err:
8809 	mutex_unlock(&ar->conf_mutex);
8810 	return ret;
8811 }
8812 
8813 static void
8814 ath10k_mac_op_unassign_vif_chanctx(struct ieee80211_hw *hw,
8815 				   struct ieee80211_vif *vif,
8816 				   struct ieee80211_chanctx_conf *ctx)
8817 {
8818 	struct ath10k *ar = hw->priv;
8819 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8820 	int ret;
8821 
8822 	mutex_lock(&ar->conf_mutex);
8823 
8824 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8825 		   "mac chanctx unassign ptr %pK vdev_id %i\n",
8826 		   ctx, arvif->vdev_id);
8827 
8828 	WARN_ON(!arvif->is_started);
8829 
8830 	if (vif->type == NL80211_IFTYPE_MONITOR) {
8831 		WARN_ON(!arvif->is_up);
8832 
8833 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
8834 		if (ret)
8835 			ath10k_warn(ar, "failed to down monitor vdev %i: %d\n",
8836 				    arvif->vdev_id, ret);
8837 
8838 		arvif->is_up = false;
8839 	}
8840 
8841 	ret = ath10k_vdev_stop(arvif);
8842 	if (ret)
8843 		ath10k_warn(ar, "failed to stop vdev %i: %d\n",
8844 			    arvif->vdev_id, ret);
8845 
8846 	arvif->is_started = false;
8847 
8848 	mutex_unlock(&ar->conf_mutex);
8849 }
8850 
8851 static int
8852 ath10k_mac_op_switch_vif_chanctx(struct ieee80211_hw *hw,
8853 				 struct ieee80211_vif_chanctx_switch *vifs,
8854 				 int n_vifs,
8855 				 enum ieee80211_chanctx_switch_mode mode)
8856 {
8857 	struct ath10k *ar = hw->priv;
8858 
8859 	mutex_lock(&ar->conf_mutex);
8860 
8861 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8862 		   "mac chanctx switch n_vifs %d mode %d\n",
8863 		   n_vifs, mode);
8864 	ath10k_mac_update_vif_chan(ar, vifs, n_vifs);
8865 
8866 	mutex_unlock(&ar->conf_mutex);
8867 	return 0;
8868 }
8869 
8870 static void ath10k_mac_op_sta_pre_rcu_remove(struct ieee80211_hw *hw,
8871 					     struct ieee80211_vif *vif,
8872 					     struct ieee80211_sta *sta)
8873 {
8874 	struct ath10k *ar;
8875 	struct ath10k_peer *peer;
8876 
8877 	ar = hw->priv;
8878 
8879 	list_for_each_entry(peer, &ar->peers, list)
8880 		if (peer->sta == sta)
8881 			peer->removed = true;
8882 }
8883 
8884 /* HT MCS parameters with Nss = 1 */
8885 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss1[] = {
8886 	/* MCS  L20   L40   S20  S40 */
8887 	{0,  { 65,  135,  72,  150} },
8888 	{1,  { 130, 270,  144, 300} },
8889 	{2,  { 195, 405,  217, 450} },
8890 	{3,  { 260, 540,  289, 600} },
8891 	{4,  { 390, 810,  433, 900} },
8892 	{5,  { 520, 1080, 578, 1200} },
8893 	{6,  { 585, 1215, 650, 1350} },
8894 	{7,  { 650, 1350, 722, 1500} }
8895 };
8896 
8897 /* HT MCS parameters with Nss = 2 */
8898 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss2[] = {
8899 	/* MCS  L20    L40   S20   S40 */
8900 	{0,  {130,  270,  144,  300} },
8901 	{1,  {260,  540,  289,  600} },
8902 	{2,  {390,  810,  433,  900} },
8903 	{3,  {520,  1080, 578,  1200} },
8904 	{4,  {780,  1620, 867,  1800} },
8905 	{5,  {1040, 2160, 1156, 2400} },
8906 	{6,  {1170, 2430, 1300, 2700} },
8907 	{7,  {1300, 2700, 1444, 3000} }
8908 };
8909 
8910 /* MCS parameters with Nss = 1 */
8911 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss1[] = {
8912 	/* MCS  L80    S80     L40   S40    L20   S20 */
8913 	{0,  {293,  325},  {135,  150},  {65,   72} },
8914 	{1,  {585,  650},  {270,  300},  {130,  144} },
8915 	{2,  {878,  975},  {405,  450},  {195,  217} },
8916 	{3,  {1170, 1300}, {540,  600},  {260,  289} },
8917 	{4,  {1755, 1950}, {810,  900},  {390,  433} },
8918 	{5,  {2340, 2600}, {1080, 1200}, {520,  578} },
8919 	{6,  {2633, 2925}, {1215, 1350}, {585,  650} },
8920 	{7,  {2925, 3250}, {1350, 1500}, {650,  722} },
8921 	{8,  {3510, 3900}, {1620, 1800}, {780,  867} },
8922 	{9,  {3900, 4333}, {1800, 2000}, {780,  867} }
8923 };
8924 
8925 /*MCS parameters with Nss = 2 */
8926 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss2[] = {
8927 	/* MCS  L80    S80     L40   S40    L20   S20 */
8928 	{0,  {585,  650},  {270,  300},  {130,  144} },
8929 	{1,  {1170, 1300}, {540,  600},  {260,  289} },
8930 	{2,  {1755, 1950}, {810,  900},  {390,  433} },
8931 	{3,  {2340, 2600}, {1080, 1200}, {520,  578} },
8932 	{4,  {3510, 3900}, {1620, 1800}, {780,  867} },
8933 	{5,  {4680, 5200}, {2160, 2400}, {1040, 1156} },
8934 	{6,  {5265, 5850}, {2430, 2700}, {1170, 1300} },
8935 	{7,  {5850, 6500}, {2700, 3000}, {1300, 1444} },
8936 	{8,  {7020, 7800}, {3240, 3600}, {1560, 1733} },
8937 	{9,  {7800, 8667}, {3600, 4000}, {1560, 1733} }
8938 };
8939 
8940 static void ath10k_mac_get_rate_flags_ht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
8941 					 u8 *flags, u8 *bw)
8942 {
8943 	struct ath10k_index_ht_data_rate_type *mcs_rate;
8944 	u8 index;
8945 	size_t len_nss1 = ARRAY_SIZE(supported_ht_mcs_rate_nss1);
8946 	size_t len_nss2 = ARRAY_SIZE(supported_ht_mcs_rate_nss2);
8947 
8948 	if (mcs >= (len_nss1 + len_nss2)) {
8949 		ath10k_warn(ar, "not supported mcs %d in current rate table", mcs);
8950 		return;
8951 	}
8952 
8953 	mcs_rate = (struct ath10k_index_ht_data_rate_type *)
8954 		   ((nss == 1) ? &supported_ht_mcs_rate_nss1 :
8955 		   &supported_ht_mcs_rate_nss2);
8956 
8957 	if (mcs >= len_nss1)
8958 		index = mcs - len_nss1;
8959 	else
8960 		index = mcs;
8961 
8962 	if (rate == mcs_rate[index].supported_rate[0]) {
8963 		*bw = RATE_INFO_BW_20;
8964 	} else if (rate == mcs_rate[index].supported_rate[1]) {
8965 		*bw |= RATE_INFO_BW_40;
8966 	} else if (rate == mcs_rate[index].supported_rate[2]) {
8967 		*bw |= RATE_INFO_BW_20;
8968 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
8969 	} else if (rate == mcs_rate[index].supported_rate[3]) {
8970 		*bw |= RATE_INFO_BW_40;
8971 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
8972 	} else {
8973 		ath10k_warn(ar, "invalid ht params rate %d 100kbps nss %d mcs %d",
8974 			    rate, nss, mcs);
8975 	}
8976 }
8977 
8978 static void ath10k_mac_get_rate_flags_vht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
8979 					  u8 *flags, u8 *bw)
8980 {
8981 	struct ath10k_index_vht_data_rate_type *mcs_rate;
8982 
8983 	mcs_rate = (struct ath10k_index_vht_data_rate_type *)
8984 		   ((nss == 1) ? &supported_vht_mcs_rate_nss1 :
8985 		   &supported_vht_mcs_rate_nss2);
8986 
8987 	if (rate == mcs_rate[mcs].supported_VHT80_rate[0]) {
8988 		*bw = RATE_INFO_BW_80;
8989 	} else if (rate == mcs_rate[mcs].supported_VHT80_rate[1]) {
8990 		*bw = RATE_INFO_BW_80;
8991 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
8992 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[0]) {
8993 		*bw = RATE_INFO_BW_40;
8994 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[1]) {
8995 		*bw = RATE_INFO_BW_40;
8996 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
8997 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[0]) {
8998 		*bw = RATE_INFO_BW_20;
8999 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[1]) {
9000 		*bw = RATE_INFO_BW_20;
9001 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9002 	} else {
9003 		ath10k_warn(ar, "invalid vht params rate %d 100kbps nss %d mcs %d",
9004 			    rate, nss, mcs);
9005 	}
9006 }
9007 
9008 static void ath10k_mac_get_rate_flags(struct ath10k *ar, u32 rate,
9009 				      enum ath10k_phy_mode mode, u8 nss, u8 mcs,
9010 				      u8 *flags, u8 *bw)
9011 {
9012 	if (mode == ATH10K_PHY_MODE_HT) {
9013 		*flags = RATE_INFO_FLAGS_MCS;
9014 		ath10k_mac_get_rate_flags_ht(ar, rate, nss, mcs, flags, bw);
9015 	} else if (mode == ATH10K_PHY_MODE_VHT) {
9016 		*flags = RATE_INFO_FLAGS_VHT_MCS;
9017 		ath10k_mac_get_rate_flags_vht(ar, rate, nss, mcs, flags, bw);
9018 	}
9019 }
9020 
9021 static void ath10k_mac_parse_bitrate(struct ath10k *ar, u32 rate_code,
9022 				     u32 bitrate_kbps, struct rate_info *rate)
9023 {
9024 	enum ath10k_phy_mode mode = ATH10K_PHY_MODE_LEGACY;
9025 	enum wmi_rate_preamble preamble = WMI_TLV_GET_HW_RC_PREAM_V1(rate_code);
9026 	u8 nss = WMI_TLV_GET_HW_RC_NSS_V1(rate_code) + 1;
9027 	u8 mcs = WMI_TLV_GET_HW_RC_RATE_V1(rate_code);
9028 	u8 flags = 0, bw = 0;
9029 
9030 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac parse rate code 0x%x bitrate %d kbps\n",
9031 		   rate_code, bitrate_kbps);
9032 
9033 	if (preamble == WMI_RATE_PREAMBLE_HT)
9034 		mode = ATH10K_PHY_MODE_HT;
9035 	else if (preamble == WMI_RATE_PREAMBLE_VHT)
9036 		mode = ATH10K_PHY_MODE_VHT;
9037 
9038 	ath10k_mac_get_rate_flags(ar, bitrate_kbps / 100, mode, nss, mcs, &flags, &bw);
9039 
9040 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9041 		   "mac parse bitrate preamble %d mode %d nss %d mcs %d flags %x bw %d\n",
9042 		   preamble, mode, nss, mcs, flags, bw);
9043 
9044 	rate->flags = flags;
9045 	rate->bw = bw;
9046 	rate->legacy = bitrate_kbps / 100;
9047 	rate->nss = nss;
9048 	rate->mcs = mcs;
9049 }
9050 
9051 static void ath10k_mac_sta_get_peer_stats_info(struct ath10k *ar,
9052 					       struct ieee80211_sta *sta,
9053 					       struct station_info *sinfo)
9054 {
9055 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9056 	struct ath10k_peer *peer;
9057 	unsigned long time_left;
9058 	int ret;
9059 
9060 	if (!(ar->hw_params.supports_peer_stats_info &&
9061 	      arsta->arvif->vdev_type == WMI_VDEV_TYPE_STA))
9062 		return;
9063 
9064 	spin_lock_bh(&ar->data_lock);
9065 	peer = ath10k_peer_find(ar, arsta->arvif->vdev_id, sta->addr);
9066 	spin_unlock_bh(&ar->data_lock);
9067 	if (!peer)
9068 		return;
9069 
9070 	reinit_completion(&ar->peer_stats_info_complete);
9071 
9072 	ret = ath10k_wmi_request_peer_stats_info(ar,
9073 						 arsta->arvif->vdev_id,
9074 						 WMI_REQUEST_ONE_PEER_STATS_INFO,
9075 						 arsta->arvif->bssid,
9076 						 0);
9077 	if (ret && ret != -EOPNOTSUPP) {
9078 		ath10k_warn(ar, "could not request peer stats info: %d\n", ret);
9079 		return;
9080 	}
9081 
9082 	time_left = wait_for_completion_timeout(&ar->peer_stats_info_complete, 3 * HZ);
9083 	if (time_left == 0) {
9084 		ath10k_warn(ar, "timed out waiting peer stats info\n");
9085 		return;
9086 	}
9087 
9088 	if (arsta->rx_rate_code != 0 && arsta->rx_bitrate_kbps != 0) {
9089 		ath10k_mac_parse_bitrate(ar, arsta->rx_rate_code,
9090 					 arsta->rx_bitrate_kbps,
9091 					 &sinfo->rxrate);
9092 
9093 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
9094 		arsta->rx_rate_code = 0;
9095 		arsta->rx_bitrate_kbps = 0;
9096 	}
9097 
9098 	if (arsta->tx_rate_code != 0 && arsta->tx_bitrate_kbps != 0) {
9099 		ath10k_mac_parse_bitrate(ar, arsta->tx_rate_code,
9100 					 arsta->tx_bitrate_kbps,
9101 					 &sinfo->txrate);
9102 
9103 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9104 		arsta->tx_rate_code = 0;
9105 		arsta->tx_bitrate_kbps = 0;
9106 	}
9107 }
9108 
9109 static void ath10k_sta_statistics(struct ieee80211_hw *hw,
9110 				  struct ieee80211_vif *vif,
9111 				  struct ieee80211_sta *sta,
9112 				  struct station_info *sinfo)
9113 {
9114 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9115 	struct ath10k *ar = arsta->arvif->ar;
9116 
9117 	if (!ath10k_peer_stats_enabled(ar))
9118 		return;
9119 
9120 	ath10k_debug_fw_stats_request(ar);
9121 
9122 	sinfo->rx_duration = arsta->rx_duration;
9123 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_DURATION);
9124 
9125 	if (arsta->txrate.legacy || arsta->txrate.nss) {
9126 		if (arsta->txrate.legacy) {
9127 			sinfo->txrate.legacy = arsta->txrate.legacy;
9128 		} else {
9129 			sinfo->txrate.mcs = arsta->txrate.mcs;
9130 			sinfo->txrate.nss = arsta->txrate.nss;
9131 			sinfo->txrate.bw = arsta->txrate.bw;
9132 		}
9133 		sinfo->txrate.flags = arsta->txrate.flags;
9134 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9135 	}
9136 
9137 	if (ar->htt.disable_tx_comp) {
9138 		sinfo->tx_failed = arsta->tx_failed;
9139 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
9140 	}
9141 
9142 	sinfo->tx_retries = arsta->tx_retries;
9143 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_RETRIES);
9144 
9145 	ath10k_mac_sta_get_peer_stats_info(ar, sta, sinfo);
9146 }
9147 
9148 static int ath10k_mac_op_set_tid_config(struct ieee80211_hw *hw,
9149 					struct ieee80211_vif *vif,
9150 					struct ieee80211_sta *sta,
9151 					struct cfg80211_tid_config *tid_config)
9152 {
9153 	struct ath10k *ar = hw->priv;
9154 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9155 	struct ath10k_mac_iter_tid_conf_data data = {};
9156 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
9157 	int ret, i;
9158 
9159 	mutex_lock(&ar->conf_mutex);
9160 	arg.vdev_id = arvif->vdev_id;
9161 
9162 	arvif->tids_rst = 0;
9163 	memset(arvif->tid_conf_changed, 0, sizeof(arvif->tid_conf_changed));
9164 
9165 	for (i = 0; i < tid_config->n_tid_conf; i++) {
9166 		ret = ath10k_mac_parse_tid_config(ar, sta, vif,
9167 						  &tid_config->tid_conf[i],
9168 						  &arg);
9169 		if (ret)
9170 			goto exit;
9171 	}
9172 
9173 	ret = 0;
9174 
9175 	if (sta)
9176 		goto exit;
9177 
9178 	arvif->tids_rst = 0;
9179 	data.curr_vif = vif;
9180 	data.ar = ar;
9181 
9182 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9183 					  &data);
9184 
9185 exit:
9186 	mutex_unlock(&ar->conf_mutex);
9187 	return ret;
9188 }
9189 
9190 static int ath10k_mac_op_reset_tid_config(struct ieee80211_hw *hw,
9191 					  struct ieee80211_vif *vif,
9192 					  struct ieee80211_sta *sta,
9193 					  u8 tids)
9194 {
9195 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9196 	struct ath10k_mac_iter_tid_conf_data data = {};
9197 	struct ath10k *ar = hw->priv;
9198 	int ret = 0;
9199 
9200 	mutex_lock(&ar->conf_mutex);
9201 
9202 	if (sta) {
9203 		arvif->tids_rst = 0;
9204 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif, tids);
9205 		goto exit;
9206 	}
9207 
9208 	arvif->tids_rst = tids;
9209 	data.curr_vif = vif;
9210 	data.ar = ar;
9211 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9212 					  &data);
9213 
9214 exit:
9215 	mutex_unlock(&ar->conf_mutex);
9216 	return ret;
9217 }
9218 
9219 static const struct ieee80211_ops ath10k_ops = {
9220 	.tx				= ath10k_mac_op_tx,
9221 	.wake_tx_queue			= ath10k_mac_op_wake_tx_queue,
9222 	.start				= ath10k_start,
9223 	.stop				= ath10k_stop,
9224 	.config				= ath10k_config,
9225 	.add_interface			= ath10k_add_interface,
9226 	.remove_interface		= ath10k_remove_interface,
9227 	.configure_filter		= ath10k_configure_filter,
9228 	.bss_info_changed		= ath10k_bss_info_changed,
9229 	.set_coverage_class		= ath10k_mac_op_set_coverage_class,
9230 	.hw_scan			= ath10k_hw_scan,
9231 	.cancel_hw_scan			= ath10k_cancel_hw_scan,
9232 	.set_key			= ath10k_set_key,
9233 	.set_default_unicast_key        = ath10k_set_default_unicast_key,
9234 	.sta_state			= ath10k_sta_state,
9235 	.sta_set_txpwr			= ath10k_sta_set_txpwr,
9236 	.conf_tx			= ath10k_conf_tx,
9237 	.remain_on_channel		= ath10k_remain_on_channel,
9238 	.cancel_remain_on_channel	= ath10k_cancel_remain_on_channel,
9239 	.set_rts_threshold		= ath10k_set_rts_threshold,
9240 	.set_frag_threshold		= ath10k_mac_op_set_frag_threshold,
9241 	.flush				= ath10k_flush,
9242 	.tx_last_beacon			= ath10k_tx_last_beacon,
9243 	.set_antenna			= ath10k_set_antenna,
9244 	.get_antenna			= ath10k_get_antenna,
9245 	.reconfig_complete		= ath10k_reconfig_complete,
9246 	.get_survey			= ath10k_get_survey,
9247 	.set_bitrate_mask		= ath10k_mac_op_set_bitrate_mask,
9248 	.sta_rc_update			= ath10k_sta_rc_update,
9249 	.offset_tsf			= ath10k_offset_tsf,
9250 	.ampdu_action			= ath10k_ampdu_action,
9251 	.get_et_sset_count		= ath10k_debug_get_et_sset_count,
9252 	.get_et_stats			= ath10k_debug_get_et_stats,
9253 	.get_et_strings			= ath10k_debug_get_et_strings,
9254 	.add_chanctx			= ath10k_mac_op_add_chanctx,
9255 	.remove_chanctx			= ath10k_mac_op_remove_chanctx,
9256 	.change_chanctx			= ath10k_mac_op_change_chanctx,
9257 	.assign_vif_chanctx		= ath10k_mac_op_assign_vif_chanctx,
9258 	.unassign_vif_chanctx		= ath10k_mac_op_unassign_vif_chanctx,
9259 	.switch_vif_chanctx		= ath10k_mac_op_switch_vif_chanctx,
9260 	.sta_pre_rcu_remove		= ath10k_mac_op_sta_pre_rcu_remove,
9261 	.sta_statistics			= ath10k_sta_statistics,
9262 	.set_tid_config			= ath10k_mac_op_set_tid_config,
9263 	.reset_tid_config		= ath10k_mac_op_reset_tid_config,
9264 
9265 	CFG80211_TESTMODE_CMD(ath10k_tm_cmd)
9266 
9267 #ifdef CONFIG_PM
9268 	.suspend			= ath10k_wow_op_suspend,
9269 	.resume				= ath10k_wow_op_resume,
9270 	.set_wakeup			= ath10k_wow_op_set_wakeup,
9271 #endif
9272 #ifdef CONFIG_MAC80211_DEBUGFS
9273 	.sta_add_debugfs		= ath10k_sta_add_debugfs,
9274 #endif
9275 };
9276 
9277 #define CHAN2G(_channel, _freq, _flags) { \
9278 	.band			= NL80211_BAND_2GHZ, \
9279 	.hw_value		= (_channel), \
9280 	.center_freq		= (_freq), \
9281 	.flags			= (_flags), \
9282 	.max_antenna_gain	= 0, \
9283 	.max_power		= 30, \
9284 }
9285 
9286 #define CHAN5G(_channel, _freq, _flags) { \
9287 	.band			= NL80211_BAND_5GHZ, \
9288 	.hw_value		= (_channel), \
9289 	.center_freq		= (_freq), \
9290 	.flags			= (_flags), \
9291 	.max_antenna_gain	= 0, \
9292 	.max_power		= 30, \
9293 }
9294 
9295 static const struct ieee80211_channel ath10k_2ghz_channels[] = {
9296 	CHAN2G(1, 2412, 0),
9297 	CHAN2G(2, 2417, 0),
9298 	CHAN2G(3, 2422, 0),
9299 	CHAN2G(4, 2427, 0),
9300 	CHAN2G(5, 2432, 0),
9301 	CHAN2G(6, 2437, 0),
9302 	CHAN2G(7, 2442, 0),
9303 	CHAN2G(8, 2447, 0),
9304 	CHAN2G(9, 2452, 0),
9305 	CHAN2G(10, 2457, 0),
9306 	CHAN2G(11, 2462, 0),
9307 	CHAN2G(12, 2467, 0),
9308 	CHAN2G(13, 2472, 0),
9309 	CHAN2G(14, 2484, 0),
9310 };
9311 
9312 static const struct ieee80211_channel ath10k_5ghz_channels[] = {
9313 	CHAN5G(36, 5180, 0),
9314 	CHAN5G(40, 5200, 0),
9315 	CHAN5G(44, 5220, 0),
9316 	CHAN5G(48, 5240, 0),
9317 	CHAN5G(52, 5260, 0),
9318 	CHAN5G(56, 5280, 0),
9319 	CHAN5G(60, 5300, 0),
9320 	CHAN5G(64, 5320, 0),
9321 	CHAN5G(100, 5500, 0),
9322 	CHAN5G(104, 5520, 0),
9323 	CHAN5G(108, 5540, 0),
9324 	CHAN5G(112, 5560, 0),
9325 	CHAN5G(116, 5580, 0),
9326 	CHAN5G(120, 5600, 0),
9327 	CHAN5G(124, 5620, 0),
9328 	CHAN5G(128, 5640, 0),
9329 	CHAN5G(132, 5660, 0),
9330 	CHAN5G(136, 5680, 0),
9331 	CHAN5G(140, 5700, 0),
9332 	CHAN5G(144, 5720, 0),
9333 	CHAN5G(149, 5745, 0),
9334 	CHAN5G(153, 5765, 0),
9335 	CHAN5G(157, 5785, 0),
9336 	CHAN5G(161, 5805, 0),
9337 	CHAN5G(165, 5825, 0),
9338 	CHAN5G(169, 5845, 0),
9339 	CHAN5G(173, 5865, 0),
9340 	/* If you add more, you may need to change ATH10K_MAX_5G_CHAN */
9341 	/* And you will definitely need to change ATH10K_NUM_CHANS in core.h */
9342 };
9343 
9344 struct ath10k *ath10k_mac_create(size_t priv_size)
9345 {
9346 	struct ieee80211_hw *hw;
9347 	struct ieee80211_ops *ops;
9348 	struct ath10k *ar;
9349 
9350 	ops = kmemdup(&ath10k_ops, sizeof(ath10k_ops), GFP_KERNEL);
9351 	if (!ops)
9352 		return NULL;
9353 
9354 	hw = ieee80211_alloc_hw(sizeof(struct ath10k) + priv_size, ops);
9355 	if (!hw) {
9356 		kfree(ops);
9357 		return NULL;
9358 	}
9359 
9360 	ar = hw->priv;
9361 	ar->hw = hw;
9362 	ar->ops = ops;
9363 
9364 	return ar;
9365 }
9366 
9367 void ath10k_mac_destroy(struct ath10k *ar)
9368 {
9369 	struct ieee80211_ops *ops = ar->ops;
9370 
9371 	ieee80211_free_hw(ar->hw);
9372 	kfree(ops);
9373 }
9374 
9375 static const struct ieee80211_iface_limit ath10k_if_limits[] = {
9376 	{
9377 		.max	= 8,
9378 		.types	= BIT(NL80211_IFTYPE_STATION)
9379 			| BIT(NL80211_IFTYPE_P2P_CLIENT)
9380 	},
9381 	{
9382 		.max	= 3,
9383 		.types	= BIT(NL80211_IFTYPE_P2P_GO)
9384 	},
9385 	{
9386 		.max	= 1,
9387 		.types	= BIT(NL80211_IFTYPE_P2P_DEVICE)
9388 	},
9389 	{
9390 		.max	= 7,
9391 		.types	= BIT(NL80211_IFTYPE_AP)
9392 #ifdef CONFIG_MAC80211_MESH
9393 			| BIT(NL80211_IFTYPE_MESH_POINT)
9394 #endif
9395 	},
9396 };
9397 
9398 static const struct ieee80211_iface_limit ath10k_10x_if_limits[] = {
9399 	{
9400 		.max	= 8,
9401 		.types	= BIT(NL80211_IFTYPE_AP)
9402 #ifdef CONFIG_MAC80211_MESH
9403 			| BIT(NL80211_IFTYPE_MESH_POINT)
9404 #endif
9405 	},
9406 	{
9407 		.max	= 1,
9408 		.types	= BIT(NL80211_IFTYPE_STATION)
9409 	},
9410 };
9411 
9412 static const struct ieee80211_iface_combination ath10k_if_comb[] = {
9413 	{
9414 		.limits = ath10k_if_limits,
9415 		.n_limits = ARRAY_SIZE(ath10k_if_limits),
9416 		.max_interfaces = 8,
9417 		.num_different_channels = 1,
9418 		.beacon_int_infra_match = true,
9419 	},
9420 };
9421 
9422 static const struct ieee80211_iface_combination ath10k_10x_if_comb[] = {
9423 	{
9424 		.limits = ath10k_10x_if_limits,
9425 		.n_limits = ARRAY_SIZE(ath10k_10x_if_limits),
9426 		.max_interfaces = 8,
9427 		.num_different_channels = 1,
9428 		.beacon_int_infra_match = true,
9429 		.beacon_int_min_gcd = 1,
9430 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9431 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9432 					BIT(NL80211_CHAN_WIDTH_20) |
9433 					BIT(NL80211_CHAN_WIDTH_40) |
9434 					BIT(NL80211_CHAN_WIDTH_80),
9435 #endif
9436 	},
9437 };
9438 
9439 static const struct ieee80211_iface_limit ath10k_tlv_if_limit[] = {
9440 	{
9441 		.max = 2,
9442 		.types = BIT(NL80211_IFTYPE_STATION),
9443 	},
9444 	{
9445 		.max = 2,
9446 		.types = BIT(NL80211_IFTYPE_AP) |
9447 #ifdef CONFIG_MAC80211_MESH
9448 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9449 #endif
9450 			 BIT(NL80211_IFTYPE_P2P_CLIENT) |
9451 			 BIT(NL80211_IFTYPE_P2P_GO),
9452 	},
9453 	{
9454 		.max = 1,
9455 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9456 	},
9457 };
9458 
9459 static const struct ieee80211_iface_limit ath10k_tlv_qcs_if_limit[] = {
9460 	{
9461 		.max = 2,
9462 		.types = BIT(NL80211_IFTYPE_STATION),
9463 	},
9464 	{
9465 		.max = 2,
9466 		.types = BIT(NL80211_IFTYPE_P2P_CLIENT),
9467 	},
9468 	{
9469 		.max = 1,
9470 		.types = BIT(NL80211_IFTYPE_AP) |
9471 #ifdef CONFIG_MAC80211_MESH
9472 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9473 #endif
9474 			 BIT(NL80211_IFTYPE_P2P_GO),
9475 	},
9476 	{
9477 		.max = 1,
9478 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9479 	},
9480 };
9481 
9482 static const struct ieee80211_iface_limit ath10k_tlv_if_limit_ibss[] = {
9483 	{
9484 		.max = 1,
9485 		.types = BIT(NL80211_IFTYPE_STATION),
9486 	},
9487 	{
9488 		.max = 1,
9489 		.types = BIT(NL80211_IFTYPE_ADHOC),
9490 	},
9491 };
9492 
9493 /* FIXME: This is not thouroughly tested. These combinations may over- or
9494  * underestimate hw/fw capabilities.
9495  */
9496 static struct ieee80211_iface_combination ath10k_tlv_if_comb[] = {
9497 	{
9498 		.limits = ath10k_tlv_if_limit,
9499 		.num_different_channels = 1,
9500 		.max_interfaces = 4,
9501 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9502 	},
9503 	{
9504 		.limits = ath10k_tlv_if_limit_ibss,
9505 		.num_different_channels = 1,
9506 		.max_interfaces = 2,
9507 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9508 	},
9509 };
9510 
9511 static struct ieee80211_iface_combination ath10k_tlv_qcs_if_comb[] = {
9512 	{
9513 		.limits = ath10k_tlv_if_limit,
9514 		.num_different_channels = 1,
9515 		.max_interfaces = 4,
9516 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9517 	},
9518 	{
9519 		.limits = ath10k_tlv_qcs_if_limit,
9520 		.num_different_channels = 2,
9521 		.max_interfaces = 4,
9522 		.n_limits = ARRAY_SIZE(ath10k_tlv_qcs_if_limit),
9523 	},
9524 	{
9525 		.limits = ath10k_tlv_if_limit_ibss,
9526 		.num_different_channels = 1,
9527 		.max_interfaces = 2,
9528 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9529 	},
9530 };
9531 
9532 static const struct ieee80211_iface_limit ath10k_10_4_if_limits[] = {
9533 	{
9534 		.max = 1,
9535 		.types = BIT(NL80211_IFTYPE_STATION),
9536 	},
9537 	{
9538 		.max	= 16,
9539 		.types	= BIT(NL80211_IFTYPE_AP)
9540 #ifdef CONFIG_MAC80211_MESH
9541 			| BIT(NL80211_IFTYPE_MESH_POINT)
9542 #endif
9543 	},
9544 };
9545 
9546 static const struct ieee80211_iface_combination ath10k_10_4_if_comb[] = {
9547 	{
9548 		.limits = ath10k_10_4_if_limits,
9549 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9550 		.max_interfaces = 16,
9551 		.num_different_channels = 1,
9552 		.beacon_int_infra_match = true,
9553 		.beacon_int_min_gcd = 1,
9554 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9555 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9556 					BIT(NL80211_CHAN_WIDTH_20) |
9557 					BIT(NL80211_CHAN_WIDTH_40) |
9558 					BIT(NL80211_CHAN_WIDTH_80) |
9559 					BIT(NL80211_CHAN_WIDTH_80P80) |
9560 					BIT(NL80211_CHAN_WIDTH_160),
9561 #endif
9562 	},
9563 };
9564 
9565 static const struct
9566 ieee80211_iface_combination ath10k_10_4_bcn_int_if_comb[] = {
9567 	{
9568 		.limits = ath10k_10_4_if_limits,
9569 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9570 		.max_interfaces = 16,
9571 		.num_different_channels = 1,
9572 		.beacon_int_infra_match = true,
9573 		.beacon_int_min_gcd = 100,
9574 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9575 		.radar_detect_widths =  BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9576 					BIT(NL80211_CHAN_WIDTH_20) |
9577 					BIT(NL80211_CHAN_WIDTH_40) |
9578 					BIT(NL80211_CHAN_WIDTH_80) |
9579 					BIT(NL80211_CHAN_WIDTH_80P80) |
9580 					BIT(NL80211_CHAN_WIDTH_160),
9581 #endif
9582 	},
9583 };
9584 
9585 static void ath10k_get_arvif_iter(void *data, u8 *mac,
9586 				  struct ieee80211_vif *vif)
9587 {
9588 	struct ath10k_vif_iter *arvif_iter = data;
9589 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9590 
9591 	if (arvif->vdev_id == arvif_iter->vdev_id)
9592 		arvif_iter->arvif = arvif;
9593 }
9594 
9595 struct ath10k_vif *ath10k_get_arvif(struct ath10k *ar, u32 vdev_id)
9596 {
9597 	struct ath10k_vif_iter arvif_iter;
9598 
9599 	memset(&arvif_iter, 0, sizeof(struct ath10k_vif_iter));
9600 	arvif_iter.vdev_id = vdev_id;
9601 
9602 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
9603 						   ATH10K_ITER_RESUME_FLAGS,
9604 						   ath10k_get_arvif_iter,
9605 						   &arvif_iter);
9606 	if (!arvif_iter.arvif) {
9607 		ath10k_warn(ar, "No VIF found for vdev %d\n", vdev_id);
9608 		return NULL;
9609 	}
9610 
9611 	return arvif_iter.arvif;
9612 }
9613 
9614 #define WRD_METHOD "WRDD"
9615 #define WRDD_WIFI  (0x07)
9616 
9617 static u32 ath10k_mac_wrdd_get_mcc(struct ath10k *ar, union acpi_object *wrdd)
9618 {
9619 	union acpi_object *mcc_pkg;
9620 	union acpi_object *domain_type;
9621 	union acpi_object *mcc_value;
9622 	u32 i;
9623 
9624 	if (wrdd->type != ACPI_TYPE_PACKAGE ||
9625 	    wrdd->package.count < 2 ||
9626 	    wrdd->package.elements[0].type != ACPI_TYPE_INTEGER ||
9627 	    wrdd->package.elements[0].integer.value != 0) {
9628 		ath10k_warn(ar, "ignoring malformed/unsupported wrdd structure\n");
9629 		return 0;
9630 	}
9631 
9632 	for (i = 1; i < wrdd->package.count; ++i) {
9633 		mcc_pkg = &wrdd->package.elements[i];
9634 
9635 		if (mcc_pkg->type != ACPI_TYPE_PACKAGE)
9636 			continue;
9637 		if (mcc_pkg->package.count < 2)
9638 			continue;
9639 		if (mcc_pkg->package.elements[0].type != ACPI_TYPE_INTEGER ||
9640 		    mcc_pkg->package.elements[1].type != ACPI_TYPE_INTEGER)
9641 			continue;
9642 
9643 		domain_type = &mcc_pkg->package.elements[0];
9644 		if (domain_type->integer.value != WRDD_WIFI)
9645 			continue;
9646 
9647 		mcc_value = &mcc_pkg->package.elements[1];
9648 		return mcc_value->integer.value;
9649 	}
9650 	return 0;
9651 }
9652 
9653 static int ath10k_mac_get_wrdd_regulatory(struct ath10k *ar, u16 *rd)
9654 {
9655 	acpi_handle root_handle;
9656 	acpi_handle handle;
9657 	struct acpi_buffer wrdd = {ACPI_ALLOCATE_BUFFER, NULL};
9658 	acpi_status status;
9659 	u32 alpha2_code;
9660 	char alpha2[3];
9661 
9662 	root_handle = ACPI_HANDLE(ar->dev);
9663 	if (!root_handle)
9664 		return -EOPNOTSUPP;
9665 
9666 	status = acpi_get_handle(root_handle, (acpi_string)WRD_METHOD, &handle);
9667 	if (ACPI_FAILURE(status)) {
9668 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9669 			   "failed to get wrd method %d\n", status);
9670 		return -EIO;
9671 	}
9672 
9673 	status = acpi_evaluate_object(handle, NULL, NULL, &wrdd);
9674 	if (ACPI_FAILURE(status)) {
9675 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9676 			   "failed to call wrdc %d\n", status);
9677 		return -EIO;
9678 	}
9679 
9680 	alpha2_code = ath10k_mac_wrdd_get_mcc(ar, wrdd.pointer);
9681 	kfree(wrdd.pointer);
9682 	if (!alpha2_code)
9683 		return -EIO;
9684 
9685 	alpha2[0] = (alpha2_code >> 8) & 0xff;
9686 	alpha2[1] = (alpha2_code >> 0) & 0xff;
9687 	alpha2[2] = '\0';
9688 
9689 	ath10k_dbg(ar, ATH10K_DBG_BOOT,
9690 		   "regulatory hint from WRDD (alpha2-code): %s\n", alpha2);
9691 
9692 	*rd = ath_regd_find_country_by_name(alpha2);
9693 	if (*rd == 0xffff)
9694 		return -EIO;
9695 
9696 	*rd |= COUNTRY_ERD_FLAG;
9697 	return 0;
9698 }
9699 
9700 static int ath10k_mac_init_rd(struct ath10k *ar)
9701 {
9702 	int ret;
9703 	u16 rd;
9704 
9705 	ret = ath10k_mac_get_wrdd_regulatory(ar, &rd);
9706 	if (ret) {
9707 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9708 			   "fallback to eeprom programmed regulatory settings\n");
9709 		rd = ar->hw_eeprom_rd;
9710 	}
9711 
9712 	ar->ath_common.regulatory.current_rd = rd;
9713 	return 0;
9714 }
9715 
9716 int ath10k_mac_register(struct ath10k *ar)
9717 {
9718 	static const u32 cipher_suites[] = {
9719 		WLAN_CIPHER_SUITE_WEP40,
9720 		WLAN_CIPHER_SUITE_WEP104,
9721 		WLAN_CIPHER_SUITE_TKIP,
9722 		WLAN_CIPHER_SUITE_CCMP,
9723 
9724 		/* Do not add hardware supported ciphers before this line.
9725 		 * Allow software encryption for all chips. Don't forget to
9726 		 * update n_cipher_suites below.
9727 		 */
9728 		WLAN_CIPHER_SUITE_AES_CMAC,
9729 		WLAN_CIPHER_SUITE_BIP_CMAC_256,
9730 		WLAN_CIPHER_SUITE_BIP_GMAC_128,
9731 		WLAN_CIPHER_SUITE_BIP_GMAC_256,
9732 
9733 		/* Only QCA99x0 and QCA4019 varients support GCMP-128, GCMP-256
9734 		 * and CCMP-256 in hardware.
9735 		 */
9736 		WLAN_CIPHER_SUITE_GCMP,
9737 		WLAN_CIPHER_SUITE_GCMP_256,
9738 		WLAN_CIPHER_SUITE_CCMP_256,
9739 	};
9740 	struct ieee80211_supported_band *band;
9741 	void *channels;
9742 	int ret;
9743 
9744 	if (!is_valid_ether_addr(ar->mac_addr)) {
9745 		ath10k_warn(ar, "invalid MAC address; choosing random\n");
9746 		eth_random_addr(ar->mac_addr);
9747 	}
9748 	SET_IEEE80211_PERM_ADDR(ar->hw, ar->mac_addr);
9749 
9750 	SET_IEEE80211_DEV(ar->hw, ar->dev);
9751 
9752 	BUILD_BUG_ON((ARRAY_SIZE(ath10k_2ghz_channels) +
9753 		      ARRAY_SIZE(ath10k_5ghz_channels)) !=
9754 		     ATH10K_NUM_CHANS);
9755 
9756 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
9757 		channels = kmemdup(ath10k_2ghz_channels,
9758 				   sizeof(ath10k_2ghz_channels),
9759 				   GFP_KERNEL);
9760 		if (!channels) {
9761 			ret = -ENOMEM;
9762 			goto err_free;
9763 		}
9764 
9765 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
9766 		band->n_channels = ARRAY_SIZE(ath10k_2ghz_channels);
9767 		band->channels = channels;
9768 
9769 		if (ar->hw_params.cck_rate_map_rev2) {
9770 			band->n_bitrates = ath10k_g_rates_rev2_size;
9771 			band->bitrates = ath10k_g_rates_rev2;
9772 		} else {
9773 			band->n_bitrates = ath10k_g_rates_size;
9774 			band->bitrates = ath10k_g_rates;
9775 		}
9776 
9777 		ar->hw->wiphy->bands[NL80211_BAND_2GHZ] = band;
9778 	}
9779 
9780 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
9781 		channels = kmemdup(ath10k_5ghz_channels,
9782 				   sizeof(ath10k_5ghz_channels),
9783 				   GFP_KERNEL);
9784 		if (!channels) {
9785 			ret = -ENOMEM;
9786 			goto err_free;
9787 		}
9788 
9789 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
9790 		band->n_channels = ARRAY_SIZE(ath10k_5ghz_channels);
9791 		band->channels = channels;
9792 		band->n_bitrates = ath10k_a_rates_size;
9793 		band->bitrates = ath10k_a_rates;
9794 		ar->hw->wiphy->bands[NL80211_BAND_5GHZ] = band;
9795 	}
9796 
9797 	wiphy_read_of_freq_limits(ar->hw->wiphy);
9798 	ath10k_mac_setup_ht_vht_cap(ar);
9799 
9800 	ar->hw->wiphy->interface_modes =
9801 		BIT(NL80211_IFTYPE_STATION) |
9802 		BIT(NL80211_IFTYPE_AP) |
9803 		BIT(NL80211_IFTYPE_MESH_POINT);
9804 
9805 	ar->hw->wiphy->available_antennas_rx = ar->cfg_rx_chainmask;
9806 	ar->hw->wiphy->available_antennas_tx = ar->cfg_tx_chainmask;
9807 
9808 	if (!test_bit(ATH10K_FW_FEATURE_NO_P2P, ar->normal_mode_fw.fw_file.fw_features))
9809 		ar->hw->wiphy->interface_modes |=
9810 			BIT(NL80211_IFTYPE_P2P_DEVICE) |
9811 			BIT(NL80211_IFTYPE_P2P_CLIENT) |
9812 			BIT(NL80211_IFTYPE_P2P_GO);
9813 
9814 	ieee80211_hw_set(ar->hw, SIGNAL_DBM);
9815 
9816 	if (!test_bit(ATH10K_FW_FEATURE_NO_PS,
9817 		      ar->running_fw->fw_file.fw_features)) {
9818 		ieee80211_hw_set(ar->hw, SUPPORTS_PS);
9819 		ieee80211_hw_set(ar->hw, SUPPORTS_DYNAMIC_PS);
9820 	}
9821 
9822 	ieee80211_hw_set(ar->hw, MFP_CAPABLE);
9823 	ieee80211_hw_set(ar->hw, REPORTS_TX_ACK_STATUS);
9824 	ieee80211_hw_set(ar->hw, HAS_RATE_CONTROL);
9825 	ieee80211_hw_set(ar->hw, AP_LINK_PS);
9826 	ieee80211_hw_set(ar->hw, SPECTRUM_MGMT);
9827 	ieee80211_hw_set(ar->hw, SUPPORT_FAST_XMIT);
9828 	ieee80211_hw_set(ar->hw, CONNECTION_MONITOR);
9829 	ieee80211_hw_set(ar->hw, SUPPORTS_PER_STA_GTK);
9830 	ieee80211_hw_set(ar->hw, WANT_MONITOR_VIF);
9831 	ieee80211_hw_set(ar->hw, CHANCTX_STA_CSA);
9832 	ieee80211_hw_set(ar->hw, QUEUE_CONTROL);
9833 	ieee80211_hw_set(ar->hw, SUPPORTS_TX_FRAG);
9834 	ieee80211_hw_set(ar->hw, REPORTS_LOW_ACK);
9835 
9836 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
9837 		ieee80211_hw_set(ar->hw, SW_CRYPTO_CONTROL);
9838 
9839 	ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
9840 	ar->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
9841 
9842 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS)
9843 		ar->hw->wiphy->features |= NL80211_FEATURE_DYNAMIC_SMPS;
9844 
9845 	if (ar->ht_cap_info & WMI_HT_CAP_ENABLED) {
9846 		ieee80211_hw_set(ar->hw, AMPDU_AGGREGATION);
9847 		ieee80211_hw_set(ar->hw, TX_AMPDU_SETUP_IN_HW);
9848 	}
9849 
9850 	ar->hw->wiphy->max_scan_ssids = WLAN_SCAN_PARAMS_MAX_SSID;
9851 	ar->hw->wiphy->max_scan_ie_len = WLAN_SCAN_PARAMS_MAX_IE_LEN;
9852 
9853 	if (test_bit(WMI_SERVICE_NLO, ar->wmi.svc_map)) {
9854 		ar->hw->wiphy->max_sched_scan_ssids = WMI_PNO_MAX_SUPP_NETWORKS;
9855 		ar->hw->wiphy->max_match_sets = WMI_PNO_MAX_SUPP_NETWORKS;
9856 		ar->hw->wiphy->max_sched_scan_ie_len = WMI_PNO_MAX_IE_LENGTH;
9857 		ar->hw->wiphy->max_sched_scan_plans = WMI_PNO_MAX_SCHED_SCAN_PLANS;
9858 		ar->hw->wiphy->max_sched_scan_plan_interval =
9859 			WMI_PNO_MAX_SCHED_SCAN_PLAN_INT;
9860 		ar->hw->wiphy->max_sched_scan_plan_iterations =
9861 			WMI_PNO_MAX_SCHED_SCAN_PLAN_ITRNS;
9862 		ar->hw->wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
9863 	}
9864 
9865 	ar->hw->vif_data_size = sizeof(struct ath10k_vif);
9866 	ar->hw->sta_data_size = sizeof(struct ath10k_sta);
9867 	ar->hw->txq_data_size = sizeof(struct ath10k_txq);
9868 
9869 	ar->hw->max_listen_interval = ATH10K_MAX_HW_LISTEN_INTERVAL;
9870 
9871 	if (test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)) {
9872 		ar->hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
9873 
9874 		/* Firmware delivers WPS/P2P Probe Requests frames to driver so
9875 		 * that userspace (e.g. wpa_supplicant/hostapd) can generate
9876 		 * correct Probe Responses. This is more of a hack advert..
9877 		 */
9878 		ar->hw->wiphy->probe_resp_offload |=
9879 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS |
9880 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2 |
9881 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
9882 	}
9883 
9884 	if (test_bit(WMI_SERVICE_TDLS, ar->wmi.svc_map) ||
9885 	    test_bit(WMI_SERVICE_TDLS_EXPLICIT_MODE_ONLY, ar->wmi.svc_map)) {
9886 		ar->hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
9887 		if (test_bit(WMI_SERVICE_TDLS_WIDER_BANDWIDTH, ar->wmi.svc_map))
9888 			ieee80211_hw_set(ar->hw, TDLS_WIDER_BW);
9889 	}
9890 
9891 	if (test_bit(WMI_SERVICE_TDLS_UAPSD_BUFFER_STA, ar->wmi.svc_map))
9892 		ieee80211_hw_set(ar->hw, SUPPORTS_TDLS_BUFFER_STA);
9893 
9894 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
9895 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
9896 	ar->hw->wiphy->max_remain_on_channel_duration = 5000;
9897 
9898 	ar->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
9899 	ar->hw->wiphy->features |= NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
9900 				   NL80211_FEATURE_AP_SCAN;
9901 
9902 	ar->hw->wiphy->max_ap_assoc_sta = ar->max_num_stations;
9903 
9904 	ret = ath10k_wow_init(ar);
9905 	if (ret) {
9906 		ath10k_warn(ar, "failed to init wow: %d\n", ret);
9907 		goto err_free;
9908 	}
9909 
9910 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
9911 	wiphy_ext_feature_set(ar->hw->wiphy,
9912 			      NL80211_EXT_FEATURE_SET_SCAN_DWELL);
9913 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_AQL);
9914 
9915 	if (test_bit(WMI_SERVICE_TX_DATA_ACK_RSSI, ar->wmi.svc_map) ||
9916 	    test_bit(WMI_SERVICE_HTT_MGMT_TX_COMP_VALID_FLAGS, ar->wmi.svc_map))
9917 		wiphy_ext_feature_set(ar->hw->wiphy,
9918 				      NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT);
9919 
9920 	if (ath10k_peer_stats_enabled(ar) ||
9921 	    test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
9922 		wiphy_ext_feature_set(ar->hw->wiphy,
9923 				      NL80211_EXT_FEATURE_AIRTIME_FAIRNESS);
9924 
9925 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map))
9926 		wiphy_ext_feature_set(ar->hw->wiphy,
9927 				      NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER);
9928 
9929 	if (test_bit(WMI_SERVICE_TX_PWR_PER_PEER, ar->wmi.svc_map))
9930 		wiphy_ext_feature_set(ar->hw->wiphy,
9931 				      NL80211_EXT_FEATURE_STA_TX_PWR);
9932 
9933 	if (test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map)) {
9934 		ar->hw->wiphy->tid_config_support.vif |=
9935 				BIT(NL80211_TID_CONFIG_ATTR_NOACK) |
9936 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_SHORT) |
9937 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG) |
9938 				BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL) |
9939 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
9940 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE);
9941 
9942 		if (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
9943 			     ar->wmi.svc_map)) {
9944 			ar->hw->wiphy->tid_config_support.vif |=
9945 				BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL);
9946 		}
9947 
9948 		ar->hw->wiphy->tid_config_support.peer =
9949 				ar->hw->wiphy->tid_config_support.vif;
9950 		ar->hw->wiphy->max_data_retry_count = ATH10K_MAX_RETRY_COUNT;
9951 	} else {
9952 		ar->ops->set_tid_config = NULL;
9953 	}
9954 	/*
9955 	 * on LL hardware queues are managed entirely by the FW
9956 	 * so we only advertise to mac we can do the queues thing
9957 	 */
9958 	ar->hw->queues = IEEE80211_MAX_QUEUES;
9959 
9960 	/* vdev_ids are used as hw queue numbers. Make sure offchan tx queue is
9961 	 * something that vdev_ids can't reach so that we don't stop the queue
9962 	 * accidentally.
9963 	 */
9964 	ar->hw->offchannel_tx_hw_queue = IEEE80211_MAX_QUEUES - 1;
9965 
9966 	switch (ar->running_fw->fw_file.wmi_op_version) {
9967 	case ATH10K_FW_WMI_OP_VERSION_MAIN:
9968 		ar->hw->wiphy->iface_combinations = ath10k_if_comb;
9969 		ar->hw->wiphy->n_iface_combinations =
9970 			ARRAY_SIZE(ath10k_if_comb);
9971 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
9972 		break;
9973 	case ATH10K_FW_WMI_OP_VERSION_TLV:
9974 		if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
9975 			ar->hw->wiphy->iface_combinations =
9976 				ath10k_tlv_qcs_if_comb;
9977 			ar->hw->wiphy->n_iface_combinations =
9978 				ARRAY_SIZE(ath10k_tlv_qcs_if_comb);
9979 		} else {
9980 			ar->hw->wiphy->iface_combinations = ath10k_tlv_if_comb;
9981 			ar->hw->wiphy->n_iface_combinations =
9982 				ARRAY_SIZE(ath10k_tlv_if_comb);
9983 		}
9984 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
9985 		break;
9986 	case ATH10K_FW_WMI_OP_VERSION_10_1:
9987 	case ATH10K_FW_WMI_OP_VERSION_10_2:
9988 	case ATH10K_FW_WMI_OP_VERSION_10_2_4:
9989 		ar->hw->wiphy->iface_combinations = ath10k_10x_if_comb;
9990 		ar->hw->wiphy->n_iface_combinations =
9991 			ARRAY_SIZE(ath10k_10x_if_comb);
9992 		break;
9993 	case ATH10K_FW_WMI_OP_VERSION_10_4:
9994 		ar->hw->wiphy->iface_combinations = ath10k_10_4_if_comb;
9995 		ar->hw->wiphy->n_iface_combinations =
9996 			ARRAY_SIZE(ath10k_10_4_if_comb);
9997 		if (test_bit(WMI_SERVICE_VDEV_DIFFERENT_BEACON_INTERVAL_SUPPORT,
9998 			     ar->wmi.svc_map)) {
9999 			ar->hw->wiphy->iface_combinations =
10000 				ath10k_10_4_bcn_int_if_comb;
10001 			ar->hw->wiphy->n_iface_combinations =
10002 				ARRAY_SIZE(ath10k_10_4_bcn_int_if_comb);
10003 		}
10004 		break;
10005 	case ATH10K_FW_WMI_OP_VERSION_UNSET:
10006 	case ATH10K_FW_WMI_OP_VERSION_MAX:
10007 		WARN_ON(1);
10008 		ret = -EINVAL;
10009 		goto err_free;
10010 	}
10011 
10012 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
10013 		ar->hw->netdev_features = NETIF_F_HW_CSUM;
10014 
10015 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED)) {
10016 		/* Init ath dfs pattern detector */
10017 		ar->ath_common.debug_mask = ATH_DBG_DFS;
10018 		ar->dfs_detector = dfs_pattern_detector_init(&ar->ath_common,
10019 							     NL80211_DFS_UNSET);
10020 
10021 		if (!ar->dfs_detector)
10022 			ath10k_warn(ar, "failed to initialise DFS pattern detector\n");
10023 	}
10024 
10025 	ret = ath10k_mac_init_rd(ar);
10026 	if (ret) {
10027 		ath10k_err(ar, "failed to derive regdom: %d\n", ret);
10028 		goto err_dfs_detector_exit;
10029 	}
10030 
10031 	/* Disable set_coverage_class for chipsets that do not support it. */
10032 	if (!ar->hw_params.hw_ops->set_coverage_class)
10033 		ar->ops->set_coverage_class = NULL;
10034 
10035 	ret = ath_regd_init(&ar->ath_common.regulatory, ar->hw->wiphy,
10036 			    ath10k_reg_notifier);
10037 	if (ret) {
10038 		ath10k_err(ar, "failed to initialise regulatory: %i\n", ret);
10039 		goto err_dfs_detector_exit;
10040 	}
10041 
10042 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
10043 		ar->hw->wiphy->features |=
10044 			NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
10045 	}
10046 
10047 	ar->hw->wiphy->cipher_suites = cipher_suites;
10048 
10049 	/* QCA988x and QCA6174 family chips do not support CCMP-256, GCMP-128
10050 	 * and GCMP-256 ciphers in hardware. Fetch number of ciphers supported
10051 	 * from chip specific hw_param table.
10052 	 */
10053 	if (!ar->hw_params.n_cipher_suites ||
10054 	    ar->hw_params.n_cipher_suites > ARRAY_SIZE(cipher_suites)) {
10055 		ath10k_err(ar, "invalid hw_params.n_cipher_suites %d\n",
10056 			   ar->hw_params.n_cipher_suites);
10057 		ar->hw_params.n_cipher_suites = 8;
10058 	}
10059 	ar->hw->wiphy->n_cipher_suites = ar->hw_params.n_cipher_suites;
10060 
10061 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
10062 
10063 	ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER;
10064 
10065 	ret = ieee80211_register_hw(ar->hw);
10066 	if (ret) {
10067 		ath10k_err(ar, "failed to register ieee80211: %d\n", ret);
10068 		goto err_dfs_detector_exit;
10069 	}
10070 
10071 	if (test_bit(WMI_SERVICE_PER_PACKET_SW_ENCRYPT, ar->wmi.svc_map)) {
10072 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN);
10073 		ar->hw->wiphy->software_iftypes |= BIT(NL80211_IFTYPE_AP_VLAN);
10074 	}
10075 
10076 	if (!ath_is_world_regd(&ar->ath_common.regulatory)) {
10077 		ret = regulatory_hint(ar->hw->wiphy,
10078 				      ar->ath_common.regulatory.alpha2);
10079 		if (ret)
10080 			goto err_unregister;
10081 	}
10082 
10083 	return 0;
10084 
10085 err_unregister:
10086 	ieee80211_unregister_hw(ar->hw);
10087 
10088 err_dfs_detector_exit:
10089 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10090 		ar->dfs_detector->exit(ar->dfs_detector);
10091 
10092 err_free:
10093 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10094 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10095 
10096 	SET_IEEE80211_DEV(ar->hw, NULL);
10097 	return ret;
10098 }
10099 
10100 void ath10k_mac_unregister(struct ath10k *ar)
10101 {
10102 	ieee80211_unregister_hw(ar->hw);
10103 
10104 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10105 		ar->dfs_detector->exit(ar->dfs_detector);
10106 
10107 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10108 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10109 
10110 	SET_IEEE80211_DEV(ar->hw, NULL);
10111 }
10112