xref: /openbmc/linux/drivers/net/wireless/ath/ath10k/mac.c (revision c9933d494c54f72290831191c09bb8488bfd5905)
1 // SPDX-License-Identifier: ISC
2 /*
3  * Copyright (c) 2005-2011 Atheros Communications Inc.
4  * Copyright (c) 2011-2017 Qualcomm Atheros, Inc.
5  * Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
6  */
7 
8 #include "mac.h"
9 
10 #include <net/cfg80211.h>
11 #include <net/mac80211.h>
12 #include <linux/etherdevice.h>
13 #include <linux/acpi.h>
14 #include <linux/of.h>
15 #include <linux/bitfield.h>
16 
17 #include "hif.h"
18 #include "core.h"
19 #include "debug.h"
20 #include "wmi.h"
21 #include "htt.h"
22 #include "txrx.h"
23 #include "testmode.h"
24 #include "wmi-tlv.h"
25 #include "wmi-ops.h"
26 #include "wow.h"
27 
28 /*********/
29 /* Rates */
30 /*********/
31 
32 static struct ieee80211_rate ath10k_rates[] = {
33 	{ .bitrate = 10,
34 	  .hw_value = ATH10K_HW_RATE_CCK_LP_1M },
35 	{ .bitrate = 20,
36 	  .hw_value = ATH10K_HW_RATE_CCK_LP_2M,
37 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_2M,
38 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
39 	{ .bitrate = 55,
40 	  .hw_value = ATH10K_HW_RATE_CCK_LP_5_5M,
41 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_5_5M,
42 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
43 	{ .bitrate = 110,
44 	  .hw_value = ATH10K_HW_RATE_CCK_LP_11M,
45 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_11M,
46 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
47 
48 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
49 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
50 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
51 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
52 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
53 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
54 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
55 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
56 };
57 
58 static struct ieee80211_rate ath10k_rates_rev2[] = {
59 	{ .bitrate = 10,
60 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_1M },
61 	{ .bitrate = 20,
62 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_2M,
63 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_2M,
64 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
65 	{ .bitrate = 55,
66 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_5_5M,
67 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_5_5M,
68 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
69 	{ .bitrate = 110,
70 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_11M,
71 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_11M,
72 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
73 
74 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
75 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
76 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
77 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
78 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
79 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
80 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
81 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
82 };
83 
84 static const struct cfg80211_sar_freq_ranges ath10k_sar_freq_ranges[] = {
85 	{.start_freq = 2402, .end_freq = 2494 },
86 	{.start_freq = 5170, .end_freq = 5875 },
87 };
88 
89 static const struct cfg80211_sar_capa ath10k_sar_capa = {
90 	.type = NL80211_SAR_TYPE_POWER,
91 	.num_freq_ranges = (ARRAY_SIZE(ath10k_sar_freq_ranges)),
92 	.freq_ranges = &ath10k_sar_freq_ranges[0],
93 };
94 
95 #define ATH10K_MAC_FIRST_OFDM_RATE_IDX 4
96 
97 #define ath10k_a_rates (ath10k_rates + ATH10K_MAC_FIRST_OFDM_RATE_IDX)
98 #define ath10k_a_rates_size (ARRAY_SIZE(ath10k_rates) - \
99 			     ATH10K_MAC_FIRST_OFDM_RATE_IDX)
100 #define ath10k_g_rates (ath10k_rates + 0)
101 #define ath10k_g_rates_size (ARRAY_SIZE(ath10k_rates))
102 
103 #define ath10k_g_rates_rev2 (ath10k_rates_rev2 + 0)
104 #define ath10k_g_rates_rev2_size (ARRAY_SIZE(ath10k_rates_rev2))
105 
106 #define ath10k_wmi_legacy_rates ath10k_rates
107 
108 static bool ath10k_mac_bitrate_is_cck(int bitrate)
109 {
110 	switch (bitrate) {
111 	case 10:
112 	case 20:
113 	case 55:
114 	case 110:
115 		return true;
116 	}
117 
118 	return false;
119 }
120 
121 static u8 ath10k_mac_bitrate_to_rate(int bitrate)
122 {
123 	return DIV_ROUND_UP(bitrate, 5) |
124 	       (ath10k_mac_bitrate_is_cck(bitrate) ? BIT(7) : 0);
125 }
126 
127 u8 ath10k_mac_hw_rate_to_idx(const struct ieee80211_supported_band *sband,
128 			     u8 hw_rate, bool cck)
129 {
130 	const struct ieee80211_rate *rate;
131 	int i;
132 
133 	for (i = 0; i < sband->n_bitrates; i++) {
134 		rate = &sband->bitrates[i];
135 
136 		if (ath10k_mac_bitrate_is_cck(rate->bitrate) != cck)
137 			continue;
138 
139 		if (rate->hw_value == hw_rate)
140 			return i;
141 		else if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE &&
142 			 rate->hw_value_short == hw_rate)
143 			return i;
144 	}
145 
146 	return 0;
147 }
148 
149 u8 ath10k_mac_bitrate_to_idx(const struct ieee80211_supported_band *sband,
150 			     u32 bitrate)
151 {
152 	int i;
153 
154 	for (i = 0; i < sband->n_bitrates; i++)
155 		if (sband->bitrates[i].bitrate == bitrate)
156 			return i;
157 
158 	return 0;
159 }
160 
161 static int ath10k_mac_get_rate_hw_value(int bitrate)
162 {
163 	int i;
164 	u8 hw_value_prefix = 0;
165 
166 	if (ath10k_mac_bitrate_is_cck(bitrate))
167 		hw_value_prefix = WMI_RATE_PREAMBLE_CCK << 6;
168 
169 	for (i = 0; i < ARRAY_SIZE(ath10k_rates); i++) {
170 		if (ath10k_rates[i].bitrate == bitrate)
171 			return hw_value_prefix | ath10k_rates[i].hw_value;
172 	}
173 
174 	return -EINVAL;
175 }
176 
177 static int ath10k_mac_get_max_vht_mcs_map(u16 mcs_map, int nss)
178 {
179 	switch ((mcs_map >> (2 * nss)) & 0x3) {
180 	case IEEE80211_VHT_MCS_SUPPORT_0_7: return BIT(8) - 1;
181 	case IEEE80211_VHT_MCS_SUPPORT_0_8: return BIT(9) - 1;
182 	case IEEE80211_VHT_MCS_SUPPORT_0_9: return BIT(10) - 1;
183 	}
184 	return 0;
185 }
186 
187 static u32
188 ath10k_mac_max_ht_nss(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
189 {
190 	int nss;
191 
192 	for (nss = IEEE80211_HT_MCS_MASK_LEN - 1; nss >= 0; nss--)
193 		if (ht_mcs_mask[nss])
194 			return nss + 1;
195 
196 	return 1;
197 }
198 
199 static u32
200 ath10k_mac_max_vht_nss(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
201 {
202 	int nss;
203 
204 	for (nss = NL80211_VHT_NSS_MAX - 1; nss >= 0; nss--)
205 		if (vht_mcs_mask[nss])
206 			return nss + 1;
207 
208 	return 1;
209 }
210 
211 int ath10k_mac_ext_resource_config(struct ath10k *ar, u32 val)
212 {
213 	enum wmi_host_platform_type platform_type;
214 	int ret;
215 
216 	if (test_bit(WMI_SERVICE_TX_MODE_DYNAMIC, ar->wmi.svc_map))
217 		platform_type = WMI_HOST_PLATFORM_LOW_PERF;
218 	else
219 		platform_type = WMI_HOST_PLATFORM_HIGH_PERF;
220 
221 	ret = ath10k_wmi_ext_resource_config(ar, platform_type, val);
222 
223 	if (ret && ret != -EOPNOTSUPP) {
224 		ath10k_warn(ar, "failed to configure ext resource: %d\n", ret);
225 		return ret;
226 	}
227 
228 	return 0;
229 }
230 
231 /**********/
232 /* Crypto */
233 /**********/
234 
235 static int ath10k_send_key(struct ath10k_vif *arvif,
236 			   struct ieee80211_key_conf *key,
237 			   enum set_key_cmd cmd,
238 			   const u8 *macaddr, u32 flags)
239 {
240 	struct ath10k *ar = arvif->ar;
241 	struct wmi_vdev_install_key_arg arg = {
242 		.vdev_id = arvif->vdev_id,
243 		.key_idx = key->keyidx,
244 		.key_len = key->keylen,
245 		.key_data = key->key,
246 		.key_flags = flags,
247 		.macaddr = macaddr,
248 	};
249 
250 	lockdep_assert_held(&arvif->ar->conf_mutex);
251 
252 	switch (key->cipher) {
253 	case WLAN_CIPHER_SUITE_CCMP:
254 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
255 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
256 		break;
257 	case WLAN_CIPHER_SUITE_TKIP:
258 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_TKIP];
259 		arg.key_txmic_len = 8;
260 		arg.key_rxmic_len = 8;
261 		break;
262 	case WLAN_CIPHER_SUITE_WEP40:
263 	case WLAN_CIPHER_SUITE_WEP104:
264 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_WEP];
265 		break;
266 	case WLAN_CIPHER_SUITE_CCMP_256:
267 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
268 		break;
269 	case WLAN_CIPHER_SUITE_GCMP:
270 	case WLAN_CIPHER_SUITE_GCMP_256:
271 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_GCM];
272 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
273 		break;
274 	case WLAN_CIPHER_SUITE_BIP_GMAC_128:
275 	case WLAN_CIPHER_SUITE_BIP_GMAC_256:
276 	case WLAN_CIPHER_SUITE_BIP_CMAC_256:
277 	case WLAN_CIPHER_SUITE_AES_CMAC:
278 		WARN_ON(1);
279 		return -EINVAL;
280 	default:
281 		ath10k_warn(ar, "cipher %d is not supported\n", key->cipher);
282 		return -EOPNOTSUPP;
283 	}
284 
285 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
286 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
287 
288 	if (cmd == DISABLE_KEY) {
289 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_NONE];
290 		arg.key_data = NULL;
291 	}
292 
293 	return ath10k_wmi_vdev_install_key(arvif->ar, &arg);
294 }
295 
296 static int ath10k_install_key(struct ath10k_vif *arvif,
297 			      struct ieee80211_key_conf *key,
298 			      enum set_key_cmd cmd,
299 			      const u8 *macaddr, u32 flags)
300 {
301 	struct ath10k *ar = arvif->ar;
302 	int ret;
303 	unsigned long time_left;
304 
305 	lockdep_assert_held(&ar->conf_mutex);
306 
307 	reinit_completion(&ar->install_key_done);
308 
309 	if (arvif->nohwcrypt)
310 		return 1;
311 
312 	ret = ath10k_send_key(arvif, key, cmd, macaddr, flags);
313 	if (ret)
314 		return ret;
315 
316 	time_left = wait_for_completion_timeout(&ar->install_key_done, 3 * HZ);
317 	if (time_left == 0)
318 		return -ETIMEDOUT;
319 
320 	return 0;
321 }
322 
323 static int ath10k_install_peer_wep_keys(struct ath10k_vif *arvif,
324 					const u8 *addr)
325 {
326 	struct ath10k *ar = arvif->ar;
327 	struct ath10k_peer *peer;
328 	int ret;
329 	int i;
330 	u32 flags;
331 
332 	lockdep_assert_held(&ar->conf_mutex);
333 
334 	if (WARN_ON(arvif->vif->type != NL80211_IFTYPE_AP &&
335 		    arvif->vif->type != NL80211_IFTYPE_ADHOC &&
336 		    arvif->vif->type != NL80211_IFTYPE_MESH_POINT))
337 		return -EINVAL;
338 
339 	spin_lock_bh(&ar->data_lock);
340 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
341 	spin_unlock_bh(&ar->data_lock);
342 
343 	if (!peer)
344 		return -ENOENT;
345 
346 	for (i = 0; i < ARRAY_SIZE(arvif->wep_keys); i++) {
347 		if (arvif->wep_keys[i] == NULL)
348 			continue;
349 
350 		switch (arvif->vif->type) {
351 		case NL80211_IFTYPE_AP:
352 			flags = WMI_KEY_PAIRWISE;
353 
354 			if (arvif->def_wep_key_idx == i)
355 				flags |= WMI_KEY_TX_USAGE;
356 
357 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
358 						 SET_KEY, addr, flags);
359 			if (ret < 0)
360 				return ret;
361 			break;
362 		case NL80211_IFTYPE_ADHOC:
363 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
364 						 SET_KEY, addr,
365 						 WMI_KEY_PAIRWISE);
366 			if (ret < 0)
367 				return ret;
368 
369 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
370 						 SET_KEY, addr, WMI_KEY_GROUP);
371 			if (ret < 0)
372 				return ret;
373 			break;
374 		default:
375 			WARN_ON(1);
376 			return -EINVAL;
377 		}
378 
379 		spin_lock_bh(&ar->data_lock);
380 		peer->keys[i] = arvif->wep_keys[i];
381 		spin_unlock_bh(&ar->data_lock);
382 	}
383 
384 	/* In some cases (notably with static WEP IBSS with multiple keys)
385 	 * multicast Tx becomes broken. Both pairwise and groupwise keys are
386 	 * installed already. Using WMI_KEY_TX_USAGE in different combinations
387 	 * didn't seem help. Using def_keyid vdev parameter seems to be
388 	 * effective so use that.
389 	 *
390 	 * FIXME: Revisit. Perhaps this can be done in a less hacky way.
391 	 */
392 	if (arvif->vif->type != NL80211_IFTYPE_ADHOC)
393 		return 0;
394 
395 	if (arvif->def_wep_key_idx == -1)
396 		return 0;
397 
398 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
399 					arvif->vdev_id,
400 					arvif->ar->wmi.vdev_param->def_keyid,
401 					arvif->def_wep_key_idx);
402 	if (ret) {
403 		ath10k_warn(ar, "failed to re-set def wpa key idxon vdev %i: %d\n",
404 			    arvif->vdev_id, ret);
405 		return ret;
406 	}
407 
408 	return 0;
409 }
410 
411 static int ath10k_clear_peer_keys(struct ath10k_vif *arvif,
412 				  const u8 *addr)
413 {
414 	struct ath10k *ar = arvif->ar;
415 	struct ath10k_peer *peer;
416 	int first_errno = 0;
417 	int ret;
418 	int i;
419 	u32 flags = 0;
420 
421 	lockdep_assert_held(&ar->conf_mutex);
422 
423 	spin_lock_bh(&ar->data_lock);
424 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
425 	spin_unlock_bh(&ar->data_lock);
426 
427 	if (!peer)
428 		return -ENOENT;
429 
430 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
431 		if (peer->keys[i] == NULL)
432 			continue;
433 
434 		/* key flags are not required to delete the key */
435 		ret = ath10k_install_key(arvif, peer->keys[i],
436 					 DISABLE_KEY, addr, flags);
437 		if (ret < 0 && first_errno == 0)
438 			first_errno = ret;
439 
440 		if (ret < 0)
441 			ath10k_warn(ar, "failed to remove peer wep key %d: %d\n",
442 				    i, ret);
443 
444 		spin_lock_bh(&ar->data_lock);
445 		peer->keys[i] = NULL;
446 		spin_unlock_bh(&ar->data_lock);
447 	}
448 
449 	return first_errno;
450 }
451 
452 bool ath10k_mac_is_peer_wep_key_set(struct ath10k *ar, const u8 *addr,
453 				    u8 keyidx)
454 {
455 	struct ath10k_peer *peer;
456 	int i;
457 
458 	lockdep_assert_held(&ar->data_lock);
459 
460 	/* We don't know which vdev this peer belongs to,
461 	 * since WMI doesn't give us that information.
462 	 *
463 	 * FIXME: multi-bss needs to be handled.
464 	 */
465 	peer = ath10k_peer_find(ar, 0, addr);
466 	if (!peer)
467 		return false;
468 
469 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
470 		if (peer->keys[i] && peer->keys[i]->keyidx == keyidx)
471 			return true;
472 	}
473 
474 	return false;
475 }
476 
477 static int ath10k_clear_vdev_key(struct ath10k_vif *arvif,
478 				 struct ieee80211_key_conf *key)
479 {
480 	struct ath10k *ar = arvif->ar;
481 	struct ath10k_peer *peer;
482 	u8 addr[ETH_ALEN];
483 	int first_errno = 0;
484 	int ret;
485 	int i;
486 	u32 flags = 0;
487 
488 	lockdep_assert_held(&ar->conf_mutex);
489 
490 	for (;;) {
491 		/* since ath10k_install_key we can't hold data_lock all the
492 		 * time, so we try to remove the keys incrementally
493 		 */
494 		spin_lock_bh(&ar->data_lock);
495 		i = 0;
496 		list_for_each_entry(peer, &ar->peers, list) {
497 			for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
498 				if (peer->keys[i] == key) {
499 					ether_addr_copy(addr, peer->addr);
500 					peer->keys[i] = NULL;
501 					break;
502 				}
503 			}
504 
505 			if (i < ARRAY_SIZE(peer->keys))
506 				break;
507 		}
508 		spin_unlock_bh(&ar->data_lock);
509 
510 		if (i == ARRAY_SIZE(peer->keys))
511 			break;
512 		/* key flags are not required to delete the key */
513 		ret = ath10k_install_key(arvif, key, DISABLE_KEY, addr, flags);
514 		if (ret < 0 && first_errno == 0)
515 			first_errno = ret;
516 
517 		if (ret)
518 			ath10k_warn(ar, "failed to remove key for %pM: %d\n",
519 				    addr, ret);
520 	}
521 
522 	return first_errno;
523 }
524 
525 static int ath10k_mac_vif_update_wep_key(struct ath10k_vif *arvif,
526 					 struct ieee80211_key_conf *key)
527 {
528 	struct ath10k *ar = arvif->ar;
529 	struct ath10k_peer *peer;
530 	int ret;
531 
532 	lockdep_assert_held(&ar->conf_mutex);
533 
534 	list_for_each_entry(peer, &ar->peers, list) {
535 		if (ether_addr_equal(peer->addr, arvif->vif->addr))
536 			continue;
537 
538 		if (ether_addr_equal(peer->addr, arvif->bssid))
539 			continue;
540 
541 		if (peer->keys[key->keyidx] == key)
542 			continue;
543 
544 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vif vdev %i update key %i needs update\n",
545 			   arvif->vdev_id, key->keyidx);
546 
547 		ret = ath10k_install_peer_wep_keys(arvif, peer->addr);
548 		if (ret) {
549 			ath10k_warn(ar, "failed to update wep keys on vdev %i for peer %pM: %d\n",
550 				    arvif->vdev_id, peer->addr, ret);
551 			return ret;
552 		}
553 	}
554 
555 	return 0;
556 }
557 
558 /*********************/
559 /* General utilities */
560 /*********************/
561 
562 static inline enum wmi_phy_mode
563 chan_to_phymode(const struct cfg80211_chan_def *chandef)
564 {
565 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
566 
567 	switch (chandef->chan->band) {
568 	case NL80211_BAND_2GHZ:
569 		switch (chandef->width) {
570 		case NL80211_CHAN_WIDTH_20_NOHT:
571 			if (chandef->chan->flags & IEEE80211_CHAN_NO_OFDM)
572 				phymode = MODE_11B;
573 			else
574 				phymode = MODE_11G;
575 			break;
576 		case NL80211_CHAN_WIDTH_20:
577 			phymode = MODE_11NG_HT20;
578 			break;
579 		case NL80211_CHAN_WIDTH_40:
580 			phymode = MODE_11NG_HT40;
581 			break;
582 		default:
583 			phymode = MODE_UNKNOWN;
584 			break;
585 		}
586 		break;
587 	case NL80211_BAND_5GHZ:
588 		switch (chandef->width) {
589 		case NL80211_CHAN_WIDTH_20_NOHT:
590 			phymode = MODE_11A;
591 			break;
592 		case NL80211_CHAN_WIDTH_20:
593 			phymode = MODE_11NA_HT20;
594 			break;
595 		case NL80211_CHAN_WIDTH_40:
596 			phymode = MODE_11NA_HT40;
597 			break;
598 		case NL80211_CHAN_WIDTH_80:
599 			phymode = MODE_11AC_VHT80;
600 			break;
601 		case NL80211_CHAN_WIDTH_160:
602 			phymode = MODE_11AC_VHT160;
603 			break;
604 		case NL80211_CHAN_WIDTH_80P80:
605 			phymode = MODE_11AC_VHT80_80;
606 			break;
607 		default:
608 			phymode = MODE_UNKNOWN;
609 			break;
610 		}
611 		break;
612 	default:
613 		break;
614 	}
615 
616 	WARN_ON(phymode == MODE_UNKNOWN);
617 	return phymode;
618 }
619 
620 static u8 ath10k_parse_mpdudensity(u8 mpdudensity)
621 {
622 /*
623  * 802.11n D2.0 defined values for "Minimum MPDU Start Spacing":
624  *   0 for no restriction
625  *   1 for 1/4 us
626  *   2 for 1/2 us
627  *   3 for 1 us
628  *   4 for 2 us
629  *   5 for 4 us
630  *   6 for 8 us
631  *   7 for 16 us
632  */
633 	switch (mpdudensity) {
634 	case 0:
635 		return 0;
636 	case 1:
637 	case 2:
638 	case 3:
639 	/* Our lower layer calculations limit our precision to
640 	 * 1 microsecond
641 	 */
642 		return 1;
643 	case 4:
644 		return 2;
645 	case 5:
646 		return 4;
647 	case 6:
648 		return 8;
649 	case 7:
650 		return 16;
651 	default:
652 		return 0;
653 	}
654 }
655 
656 int ath10k_mac_vif_chan(struct ieee80211_vif *vif,
657 			struct cfg80211_chan_def *def)
658 {
659 	struct ieee80211_chanctx_conf *conf;
660 
661 	rcu_read_lock();
662 	conf = rcu_dereference(vif->chanctx_conf);
663 	if (!conf) {
664 		rcu_read_unlock();
665 		return -ENOENT;
666 	}
667 
668 	*def = conf->def;
669 	rcu_read_unlock();
670 
671 	return 0;
672 }
673 
674 static void ath10k_mac_num_chanctxs_iter(struct ieee80211_hw *hw,
675 					 struct ieee80211_chanctx_conf *conf,
676 					 void *data)
677 {
678 	int *num = data;
679 
680 	(*num)++;
681 }
682 
683 static int ath10k_mac_num_chanctxs(struct ath10k *ar)
684 {
685 	int num = 0;
686 
687 	ieee80211_iter_chan_contexts_atomic(ar->hw,
688 					    ath10k_mac_num_chanctxs_iter,
689 					    &num);
690 
691 	return num;
692 }
693 
694 static void
695 ath10k_mac_get_any_chandef_iter(struct ieee80211_hw *hw,
696 				struct ieee80211_chanctx_conf *conf,
697 				void *data)
698 {
699 	struct cfg80211_chan_def **def = data;
700 
701 	*def = &conf->def;
702 }
703 
704 static void ath10k_wait_for_peer_delete_done(struct ath10k *ar, u32 vdev_id,
705 					     const u8 *addr)
706 {
707 	unsigned long time_left;
708 	int ret;
709 
710 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
711 		ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
712 		if (ret) {
713 			ath10k_warn(ar, "failed wait for peer deleted");
714 			return;
715 		}
716 
717 		time_left = wait_for_completion_timeout(&ar->peer_delete_done,
718 							5 * HZ);
719 		if (!time_left)
720 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
721 	}
722 }
723 
724 static int ath10k_peer_create(struct ath10k *ar,
725 			      struct ieee80211_vif *vif,
726 			      struct ieee80211_sta *sta,
727 			      u32 vdev_id,
728 			      const u8 *addr,
729 			      enum wmi_peer_type peer_type)
730 {
731 	struct ath10k_vif *arvif;
732 	struct ath10k_peer *peer;
733 	int num_peers = 0;
734 	int ret;
735 
736 	lockdep_assert_held(&ar->conf_mutex);
737 
738 	num_peers = ar->num_peers;
739 
740 	/* Each vdev consumes a peer entry as well */
741 	list_for_each_entry(arvif, &ar->arvifs, list)
742 		num_peers++;
743 
744 	if (num_peers >= ar->max_num_peers)
745 		return -ENOBUFS;
746 
747 	ret = ath10k_wmi_peer_create(ar, vdev_id, addr, peer_type);
748 	if (ret) {
749 		ath10k_warn(ar, "failed to create wmi peer %pM on vdev %i: %i\n",
750 			    addr, vdev_id, ret);
751 		return ret;
752 	}
753 
754 	ret = ath10k_wait_for_peer_created(ar, vdev_id, addr);
755 	if (ret) {
756 		ath10k_warn(ar, "failed to wait for created wmi peer %pM on vdev %i: %i\n",
757 			    addr, vdev_id, ret);
758 		return ret;
759 	}
760 
761 	spin_lock_bh(&ar->data_lock);
762 
763 	peer = ath10k_peer_find(ar, vdev_id, addr);
764 	if (!peer) {
765 		spin_unlock_bh(&ar->data_lock);
766 		ath10k_warn(ar, "failed to find peer %pM on vdev %i after creation\n",
767 			    addr, vdev_id);
768 		ath10k_wait_for_peer_delete_done(ar, vdev_id, addr);
769 		return -ENOENT;
770 	}
771 
772 	peer->vif = vif;
773 	peer->sta = sta;
774 
775 	spin_unlock_bh(&ar->data_lock);
776 
777 	ar->num_peers++;
778 
779 	return 0;
780 }
781 
782 static int ath10k_mac_set_kickout(struct ath10k_vif *arvif)
783 {
784 	struct ath10k *ar = arvif->ar;
785 	u32 param;
786 	int ret;
787 
788 	param = ar->wmi.pdev_param->sta_kickout_th;
789 	ret = ath10k_wmi_pdev_set_param(ar, param,
790 					ATH10K_KICKOUT_THRESHOLD);
791 	if (ret) {
792 		ath10k_warn(ar, "failed to set kickout threshold on vdev %i: %d\n",
793 			    arvif->vdev_id, ret);
794 		return ret;
795 	}
796 
797 	param = ar->wmi.vdev_param->ap_keepalive_min_idle_inactive_time_secs;
798 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
799 					ATH10K_KEEPALIVE_MIN_IDLE);
800 	if (ret) {
801 		ath10k_warn(ar, "failed to set keepalive minimum idle time on vdev %i: %d\n",
802 			    arvif->vdev_id, ret);
803 		return ret;
804 	}
805 
806 	param = ar->wmi.vdev_param->ap_keepalive_max_idle_inactive_time_secs;
807 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
808 					ATH10K_KEEPALIVE_MAX_IDLE);
809 	if (ret) {
810 		ath10k_warn(ar, "failed to set keepalive maximum idle time on vdev %i: %d\n",
811 			    arvif->vdev_id, ret);
812 		return ret;
813 	}
814 
815 	param = ar->wmi.vdev_param->ap_keepalive_max_unresponsive_time_secs;
816 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
817 					ATH10K_KEEPALIVE_MAX_UNRESPONSIVE);
818 	if (ret) {
819 		ath10k_warn(ar, "failed to set keepalive maximum unresponsive time on vdev %i: %d\n",
820 			    arvif->vdev_id, ret);
821 		return ret;
822 	}
823 
824 	return 0;
825 }
826 
827 static int ath10k_mac_set_rts(struct ath10k_vif *arvif, u32 value)
828 {
829 	struct ath10k *ar = arvif->ar;
830 	u32 vdev_param;
831 
832 	vdev_param = ar->wmi.vdev_param->rts_threshold;
833 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, value);
834 }
835 
836 static int ath10k_peer_delete(struct ath10k *ar, u32 vdev_id, const u8 *addr)
837 {
838 	int ret;
839 
840 	lockdep_assert_held(&ar->conf_mutex);
841 
842 	ret = ath10k_wmi_peer_delete(ar, vdev_id, addr);
843 	if (ret)
844 		return ret;
845 
846 	ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
847 	if (ret)
848 		return ret;
849 
850 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
851 		unsigned long time_left;
852 
853 		time_left = wait_for_completion_timeout
854 			    (&ar->peer_delete_done, 5 * HZ);
855 
856 		if (!time_left) {
857 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
858 			return -ETIMEDOUT;
859 		}
860 	}
861 
862 	ar->num_peers--;
863 
864 	return 0;
865 }
866 
867 static void ath10k_peer_cleanup(struct ath10k *ar, u32 vdev_id)
868 {
869 	struct ath10k_peer *peer, *tmp;
870 	int peer_id;
871 	int i;
872 
873 	lockdep_assert_held(&ar->conf_mutex);
874 
875 	spin_lock_bh(&ar->data_lock);
876 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
877 		if (peer->vdev_id != vdev_id)
878 			continue;
879 
880 		ath10k_warn(ar, "removing stale peer %pM from vdev_id %d\n",
881 			    peer->addr, vdev_id);
882 
883 		for_each_set_bit(peer_id, peer->peer_ids,
884 				 ATH10K_MAX_NUM_PEER_IDS) {
885 			ar->peer_map[peer_id] = NULL;
886 		}
887 
888 		/* Double check that peer is properly un-referenced from
889 		 * the peer_map
890 		 */
891 		for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
892 			if (ar->peer_map[i] == peer) {
893 				ath10k_warn(ar, "removing stale peer_map entry for %pM (ptr %pK idx %d)\n",
894 					    peer->addr, peer, i);
895 				ar->peer_map[i] = NULL;
896 			}
897 		}
898 
899 		list_del(&peer->list);
900 		kfree(peer);
901 		ar->num_peers--;
902 	}
903 	spin_unlock_bh(&ar->data_lock);
904 }
905 
906 static void ath10k_peer_cleanup_all(struct ath10k *ar)
907 {
908 	struct ath10k_peer *peer, *tmp;
909 	int i;
910 
911 	lockdep_assert_held(&ar->conf_mutex);
912 
913 	spin_lock_bh(&ar->data_lock);
914 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
915 		list_del(&peer->list);
916 		kfree(peer);
917 	}
918 
919 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++)
920 		ar->peer_map[i] = NULL;
921 
922 	spin_unlock_bh(&ar->data_lock);
923 
924 	ar->num_peers = 0;
925 	ar->num_stations = 0;
926 }
927 
928 static int ath10k_mac_tdls_peer_update(struct ath10k *ar, u32 vdev_id,
929 				       struct ieee80211_sta *sta,
930 				       enum wmi_tdls_peer_state state)
931 {
932 	int ret;
933 	struct wmi_tdls_peer_update_cmd_arg arg = {};
934 	struct wmi_tdls_peer_capab_arg cap = {};
935 	struct wmi_channel_arg chan_arg = {};
936 
937 	lockdep_assert_held(&ar->conf_mutex);
938 
939 	arg.vdev_id = vdev_id;
940 	arg.peer_state = state;
941 	ether_addr_copy(arg.addr, sta->addr);
942 
943 	cap.peer_max_sp = sta->max_sp;
944 	cap.peer_uapsd_queues = sta->uapsd_queues;
945 
946 	if (state == WMI_TDLS_PEER_STATE_CONNECTED &&
947 	    !sta->tdls_initiator)
948 		cap.is_peer_responder = 1;
949 
950 	ret = ath10k_wmi_tdls_peer_update(ar, &arg, &cap, &chan_arg);
951 	if (ret) {
952 		ath10k_warn(ar, "failed to update tdls peer %pM on vdev %i: %i\n",
953 			    arg.addr, vdev_id, ret);
954 		return ret;
955 	}
956 
957 	return 0;
958 }
959 
960 /************************/
961 /* Interface management */
962 /************************/
963 
964 void ath10k_mac_vif_beacon_free(struct ath10k_vif *arvif)
965 {
966 	struct ath10k *ar = arvif->ar;
967 
968 	lockdep_assert_held(&ar->data_lock);
969 
970 	if (!arvif->beacon)
971 		return;
972 
973 	if (!arvif->beacon_buf)
974 		dma_unmap_single(ar->dev, ATH10K_SKB_CB(arvif->beacon)->paddr,
975 				 arvif->beacon->len, DMA_TO_DEVICE);
976 
977 	if (WARN_ON(arvif->beacon_state != ATH10K_BEACON_SCHEDULED &&
978 		    arvif->beacon_state != ATH10K_BEACON_SENT))
979 		return;
980 
981 	dev_kfree_skb_any(arvif->beacon);
982 
983 	arvif->beacon = NULL;
984 	arvif->beacon_state = ATH10K_BEACON_SCHEDULED;
985 }
986 
987 static void ath10k_mac_vif_beacon_cleanup(struct ath10k_vif *arvif)
988 {
989 	struct ath10k *ar = arvif->ar;
990 
991 	lockdep_assert_held(&ar->data_lock);
992 
993 	ath10k_mac_vif_beacon_free(arvif);
994 
995 	if (arvif->beacon_buf) {
996 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
997 			kfree(arvif->beacon_buf);
998 		else
999 			dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
1000 					  arvif->beacon_buf,
1001 					  arvif->beacon_paddr);
1002 		arvif->beacon_buf = NULL;
1003 	}
1004 }
1005 
1006 static inline int ath10k_vdev_setup_sync(struct ath10k *ar)
1007 {
1008 	unsigned long time_left;
1009 
1010 	lockdep_assert_held(&ar->conf_mutex);
1011 
1012 	if (test_bit(ATH10K_FLAG_CRASH_FLUSH, &ar->dev_flags))
1013 		return -ESHUTDOWN;
1014 
1015 	time_left = wait_for_completion_timeout(&ar->vdev_setup_done,
1016 						ATH10K_VDEV_SETUP_TIMEOUT_HZ);
1017 	if (time_left == 0)
1018 		return -ETIMEDOUT;
1019 
1020 	return ar->last_wmi_vdev_start_status;
1021 }
1022 
1023 static int ath10k_monitor_vdev_start(struct ath10k *ar, int vdev_id)
1024 {
1025 	struct cfg80211_chan_def *chandef = NULL;
1026 	struct ieee80211_channel *channel = NULL;
1027 	struct wmi_vdev_start_request_arg arg = {};
1028 	int ret = 0;
1029 
1030 	lockdep_assert_held(&ar->conf_mutex);
1031 
1032 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1033 					    ath10k_mac_get_any_chandef_iter,
1034 					    &chandef);
1035 	if (WARN_ON_ONCE(!chandef))
1036 		return -ENOENT;
1037 
1038 	channel = chandef->chan;
1039 
1040 	arg.vdev_id = vdev_id;
1041 	arg.channel.freq = channel->center_freq;
1042 	arg.channel.band_center_freq1 = chandef->center_freq1;
1043 	arg.channel.band_center_freq2 = chandef->center_freq2;
1044 
1045 	/* TODO setup this dynamically, what in case we
1046 	 * don't have any vifs?
1047 	 */
1048 	arg.channel.mode = chan_to_phymode(chandef);
1049 	arg.channel.chan_radar =
1050 			!!(channel->flags & IEEE80211_CHAN_RADAR);
1051 
1052 	arg.channel.min_power = 0;
1053 	arg.channel.max_power = channel->max_power * 2;
1054 	arg.channel.max_reg_power = channel->max_reg_power * 2;
1055 	arg.channel.max_antenna_gain = channel->max_antenna_gain;
1056 
1057 	reinit_completion(&ar->vdev_setup_done);
1058 	reinit_completion(&ar->vdev_delete_done);
1059 
1060 	ret = ath10k_wmi_vdev_start(ar, &arg);
1061 	if (ret) {
1062 		ath10k_warn(ar, "failed to request monitor vdev %i start: %d\n",
1063 			    vdev_id, ret);
1064 		return ret;
1065 	}
1066 
1067 	ret = ath10k_vdev_setup_sync(ar);
1068 	if (ret) {
1069 		ath10k_warn(ar, "failed to synchronize setup for monitor vdev %i start: %d\n",
1070 			    vdev_id, ret);
1071 		return ret;
1072 	}
1073 
1074 	ret = ath10k_wmi_vdev_up(ar, vdev_id, 0, ar->mac_addr);
1075 	if (ret) {
1076 		ath10k_warn(ar, "failed to put up monitor vdev %i: %d\n",
1077 			    vdev_id, ret);
1078 		goto vdev_stop;
1079 	}
1080 
1081 	ar->monitor_vdev_id = vdev_id;
1082 
1083 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i started\n",
1084 		   ar->monitor_vdev_id);
1085 	return 0;
1086 
1087 vdev_stop:
1088 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1089 	if (ret)
1090 		ath10k_warn(ar, "failed to stop monitor vdev %i after start failure: %d\n",
1091 			    ar->monitor_vdev_id, ret);
1092 
1093 	return ret;
1094 }
1095 
1096 static int ath10k_monitor_vdev_stop(struct ath10k *ar)
1097 {
1098 	int ret = 0;
1099 
1100 	lockdep_assert_held(&ar->conf_mutex);
1101 
1102 	ret = ath10k_wmi_vdev_down(ar, ar->monitor_vdev_id);
1103 	if (ret)
1104 		ath10k_warn(ar, "failed to put down monitor vdev %i: %d\n",
1105 			    ar->monitor_vdev_id, ret);
1106 
1107 	reinit_completion(&ar->vdev_setup_done);
1108 	reinit_completion(&ar->vdev_delete_done);
1109 
1110 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1111 	if (ret)
1112 		ath10k_warn(ar, "failed to request monitor vdev %i stop: %d\n",
1113 			    ar->monitor_vdev_id, ret);
1114 
1115 	ret = ath10k_vdev_setup_sync(ar);
1116 	if (ret)
1117 		ath10k_warn(ar, "failed to synchronize monitor vdev %i stop: %d\n",
1118 			    ar->monitor_vdev_id, ret);
1119 
1120 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i stopped\n",
1121 		   ar->monitor_vdev_id);
1122 	return ret;
1123 }
1124 
1125 static int ath10k_monitor_vdev_create(struct ath10k *ar)
1126 {
1127 	int bit, ret = 0;
1128 
1129 	lockdep_assert_held(&ar->conf_mutex);
1130 
1131 	if (ar->free_vdev_map == 0) {
1132 		ath10k_warn(ar, "failed to find free vdev id for monitor vdev\n");
1133 		return -ENOMEM;
1134 	}
1135 
1136 	bit = __ffs64(ar->free_vdev_map);
1137 
1138 	ar->monitor_vdev_id = bit;
1139 
1140 	ret = ath10k_wmi_vdev_create(ar, ar->monitor_vdev_id,
1141 				     WMI_VDEV_TYPE_MONITOR,
1142 				     0, ar->mac_addr);
1143 	if (ret) {
1144 		ath10k_warn(ar, "failed to request monitor vdev %i creation: %d\n",
1145 			    ar->monitor_vdev_id, ret);
1146 		return ret;
1147 	}
1148 
1149 	ar->free_vdev_map &= ~(1LL << ar->monitor_vdev_id);
1150 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d created\n",
1151 		   ar->monitor_vdev_id);
1152 
1153 	return 0;
1154 }
1155 
1156 static int ath10k_monitor_vdev_delete(struct ath10k *ar)
1157 {
1158 	int ret = 0;
1159 
1160 	lockdep_assert_held(&ar->conf_mutex);
1161 
1162 	ret = ath10k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
1163 	if (ret) {
1164 		ath10k_warn(ar, "failed to request wmi monitor vdev %i removal: %d\n",
1165 			    ar->monitor_vdev_id, ret);
1166 		return ret;
1167 	}
1168 
1169 	ar->free_vdev_map |= 1LL << ar->monitor_vdev_id;
1170 
1171 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d deleted\n",
1172 		   ar->monitor_vdev_id);
1173 	return ret;
1174 }
1175 
1176 static int ath10k_monitor_start(struct ath10k *ar)
1177 {
1178 	int ret;
1179 
1180 	lockdep_assert_held(&ar->conf_mutex);
1181 
1182 	ret = ath10k_monitor_vdev_create(ar);
1183 	if (ret) {
1184 		ath10k_warn(ar, "failed to create monitor vdev: %d\n", ret);
1185 		return ret;
1186 	}
1187 
1188 	ret = ath10k_monitor_vdev_start(ar, ar->monitor_vdev_id);
1189 	if (ret) {
1190 		ath10k_warn(ar, "failed to start monitor vdev: %d\n", ret);
1191 		ath10k_monitor_vdev_delete(ar);
1192 		return ret;
1193 	}
1194 
1195 	ar->monitor_started = true;
1196 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor started\n");
1197 
1198 	return 0;
1199 }
1200 
1201 static int ath10k_monitor_stop(struct ath10k *ar)
1202 {
1203 	int ret;
1204 
1205 	lockdep_assert_held(&ar->conf_mutex);
1206 
1207 	ret = ath10k_monitor_vdev_stop(ar);
1208 	if (ret) {
1209 		ath10k_warn(ar, "failed to stop monitor vdev: %d\n", ret);
1210 		return ret;
1211 	}
1212 
1213 	ret = ath10k_monitor_vdev_delete(ar);
1214 	if (ret) {
1215 		ath10k_warn(ar, "failed to delete monitor vdev: %d\n", ret);
1216 		return ret;
1217 	}
1218 
1219 	ar->monitor_started = false;
1220 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopped\n");
1221 
1222 	return 0;
1223 }
1224 
1225 static bool ath10k_mac_monitor_vdev_is_needed(struct ath10k *ar)
1226 {
1227 	int num_ctx;
1228 
1229 	/* At least one chanctx is required to derive a channel to start
1230 	 * monitor vdev on.
1231 	 */
1232 	num_ctx = ath10k_mac_num_chanctxs(ar);
1233 	if (num_ctx == 0)
1234 		return false;
1235 
1236 	/* If there's already an existing special monitor interface then don't
1237 	 * bother creating another monitor vdev.
1238 	 */
1239 	if (ar->monitor_arvif)
1240 		return false;
1241 
1242 	return ar->monitor ||
1243 	       (!test_bit(ATH10K_FW_FEATURE_ALLOWS_MESH_BCAST,
1244 			  ar->running_fw->fw_file.fw_features) &&
1245 		(ar->filter_flags & FIF_OTHER_BSS)) ||
1246 	       test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1247 }
1248 
1249 static bool ath10k_mac_monitor_vdev_is_allowed(struct ath10k *ar)
1250 {
1251 	int num_ctx;
1252 
1253 	num_ctx = ath10k_mac_num_chanctxs(ar);
1254 
1255 	/* FIXME: Current interface combinations and cfg80211/mac80211 code
1256 	 * shouldn't allow this but make sure to prevent handling the following
1257 	 * case anyway since multi-channel DFS hasn't been tested at all.
1258 	 */
1259 	if (test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags) && num_ctx > 1)
1260 		return false;
1261 
1262 	return true;
1263 }
1264 
1265 static int ath10k_monitor_recalc(struct ath10k *ar)
1266 {
1267 	bool needed;
1268 	bool allowed;
1269 	int ret;
1270 
1271 	lockdep_assert_held(&ar->conf_mutex);
1272 
1273 	needed = ath10k_mac_monitor_vdev_is_needed(ar);
1274 	allowed = ath10k_mac_monitor_vdev_is_allowed(ar);
1275 
1276 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1277 		   "mac monitor recalc started? %d needed? %d allowed? %d\n",
1278 		   ar->monitor_started, needed, allowed);
1279 
1280 	if (WARN_ON(needed && !allowed)) {
1281 		if (ar->monitor_started) {
1282 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopping disallowed monitor\n");
1283 
1284 			ret = ath10k_monitor_stop(ar);
1285 			if (ret)
1286 				ath10k_warn(ar, "failed to stop disallowed monitor: %d\n",
1287 					    ret);
1288 				/* not serious */
1289 		}
1290 
1291 		return -EPERM;
1292 	}
1293 
1294 	if (needed == ar->monitor_started)
1295 		return 0;
1296 
1297 	if (needed)
1298 		return ath10k_monitor_start(ar);
1299 	else
1300 		return ath10k_monitor_stop(ar);
1301 }
1302 
1303 static bool ath10k_mac_can_set_cts_prot(struct ath10k_vif *arvif)
1304 {
1305 	struct ath10k *ar = arvif->ar;
1306 
1307 	lockdep_assert_held(&ar->conf_mutex);
1308 
1309 	if (!arvif->is_started) {
1310 		ath10k_dbg(ar, ATH10K_DBG_MAC, "defer cts setup, vdev is not ready yet\n");
1311 		return false;
1312 	}
1313 
1314 	return true;
1315 }
1316 
1317 static int ath10k_mac_set_cts_prot(struct ath10k_vif *arvif)
1318 {
1319 	struct ath10k *ar = arvif->ar;
1320 	u32 vdev_param;
1321 
1322 	lockdep_assert_held(&ar->conf_mutex);
1323 
1324 	vdev_param = ar->wmi.vdev_param->protection_mode;
1325 
1326 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d cts_protection %d\n",
1327 		   arvif->vdev_id, arvif->use_cts_prot);
1328 
1329 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1330 					 arvif->use_cts_prot ? 1 : 0);
1331 }
1332 
1333 static int ath10k_recalc_rtscts_prot(struct ath10k_vif *arvif)
1334 {
1335 	struct ath10k *ar = arvif->ar;
1336 	u32 vdev_param, rts_cts = 0;
1337 
1338 	lockdep_assert_held(&ar->conf_mutex);
1339 
1340 	vdev_param = ar->wmi.vdev_param->enable_rtscts;
1341 
1342 	rts_cts |= SM(WMI_RTSCTS_ENABLED, WMI_RTSCTS_SET);
1343 
1344 	if (arvif->num_legacy_stations > 0)
1345 		rts_cts |= SM(WMI_RTSCTS_ACROSS_SW_RETRIES,
1346 			      WMI_RTSCTS_PROFILE);
1347 	else
1348 		rts_cts |= SM(WMI_RTSCTS_FOR_SECOND_RATESERIES,
1349 			      WMI_RTSCTS_PROFILE);
1350 
1351 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d recalc rts/cts prot %d\n",
1352 		   arvif->vdev_id, rts_cts);
1353 
1354 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1355 					 rts_cts);
1356 }
1357 
1358 static int ath10k_start_cac(struct ath10k *ar)
1359 {
1360 	int ret;
1361 
1362 	lockdep_assert_held(&ar->conf_mutex);
1363 
1364 	set_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1365 
1366 	ret = ath10k_monitor_recalc(ar);
1367 	if (ret) {
1368 		ath10k_warn(ar, "failed to start monitor (cac): %d\n", ret);
1369 		clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1370 		return ret;
1371 	}
1372 
1373 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac start monitor vdev %d\n",
1374 		   ar->monitor_vdev_id);
1375 
1376 	return 0;
1377 }
1378 
1379 static int ath10k_stop_cac(struct ath10k *ar)
1380 {
1381 	lockdep_assert_held(&ar->conf_mutex);
1382 
1383 	/* CAC is not running - do nothing */
1384 	if (!test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags))
1385 		return 0;
1386 
1387 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1388 	ath10k_monitor_stop(ar);
1389 
1390 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac finished\n");
1391 
1392 	return 0;
1393 }
1394 
1395 static void ath10k_mac_has_radar_iter(struct ieee80211_hw *hw,
1396 				      struct ieee80211_chanctx_conf *conf,
1397 				      void *data)
1398 {
1399 	bool *ret = data;
1400 
1401 	if (!*ret && conf->radar_enabled)
1402 		*ret = true;
1403 }
1404 
1405 static bool ath10k_mac_has_radar_enabled(struct ath10k *ar)
1406 {
1407 	bool has_radar = false;
1408 
1409 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1410 					    ath10k_mac_has_radar_iter,
1411 					    &has_radar);
1412 
1413 	return has_radar;
1414 }
1415 
1416 static void ath10k_recalc_radar_detection(struct ath10k *ar)
1417 {
1418 	int ret;
1419 
1420 	lockdep_assert_held(&ar->conf_mutex);
1421 
1422 	ath10k_stop_cac(ar);
1423 
1424 	if (!ath10k_mac_has_radar_enabled(ar))
1425 		return;
1426 
1427 	if (ar->num_started_vdevs > 0)
1428 		return;
1429 
1430 	ret = ath10k_start_cac(ar);
1431 	if (ret) {
1432 		/*
1433 		 * Not possible to start CAC on current channel so starting
1434 		 * radiation is not allowed, make this channel DFS_UNAVAILABLE
1435 		 * by indicating that radar was detected.
1436 		 */
1437 		ath10k_warn(ar, "failed to start CAC: %d\n", ret);
1438 		ieee80211_radar_detected(ar->hw);
1439 	}
1440 }
1441 
1442 static int ath10k_vdev_stop(struct ath10k_vif *arvif)
1443 {
1444 	struct ath10k *ar = arvif->ar;
1445 	int ret;
1446 
1447 	lockdep_assert_held(&ar->conf_mutex);
1448 
1449 	reinit_completion(&ar->vdev_setup_done);
1450 	reinit_completion(&ar->vdev_delete_done);
1451 
1452 	ret = ath10k_wmi_vdev_stop(ar, arvif->vdev_id);
1453 	if (ret) {
1454 		ath10k_warn(ar, "failed to stop WMI vdev %i: %d\n",
1455 			    arvif->vdev_id, ret);
1456 		return ret;
1457 	}
1458 
1459 	ret = ath10k_vdev_setup_sync(ar);
1460 	if (ret) {
1461 		ath10k_warn(ar, "failed to synchronize setup for vdev %i: %d\n",
1462 			    arvif->vdev_id, ret);
1463 		return ret;
1464 	}
1465 
1466 	WARN_ON(ar->num_started_vdevs == 0);
1467 
1468 	if (ar->num_started_vdevs != 0) {
1469 		ar->num_started_vdevs--;
1470 		ath10k_recalc_radar_detection(ar);
1471 	}
1472 
1473 	return ret;
1474 }
1475 
1476 static int ath10k_vdev_start_restart(struct ath10k_vif *arvif,
1477 				     const struct cfg80211_chan_def *chandef,
1478 				     bool restart)
1479 {
1480 	struct ath10k *ar = arvif->ar;
1481 	struct wmi_vdev_start_request_arg arg = {};
1482 	int ret = 0;
1483 
1484 	lockdep_assert_held(&ar->conf_mutex);
1485 
1486 	reinit_completion(&ar->vdev_setup_done);
1487 	reinit_completion(&ar->vdev_delete_done);
1488 
1489 	arg.vdev_id = arvif->vdev_id;
1490 	arg.dtim_period = arvif->dtim_period;
1491 	arg.bcn_intval = arvif->beacon_interval;
1492 
1493 	arg.channel.freq = chandef->chan->center_freq;
1494 	arg.channel.band_center_freq1 = chandef->center_freq1;
1495 	arg.channel.band_center_freq2 = chandef->center_freq2;
1496 	arg.channel.mode = chan_to_phymode(chandef);
1497 
1498 	arg.channel.min_power = 0;
1499 	arg.channel.max_power = chandef->chan->max_power * 2;
1500 	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
1501 	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain;
1502 
1503 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
1504 		arg.ssid = arvif->u.ap.ssid;
1505 		arg.ssid_len = arvif->u.ap.ssid_len;
1506 		arg.hidden_ssid = arvif->u.ap.hidden_ssid;
1507 
1508 		/* For now allow DFS for AP mode */
1509 		arg.channel.chan_radar =
1510 			!!(chandef->chan->flags & IEEE80211_CHAN_RADAR);
1511 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
1512 		arg.ssid = arvif->vif->bss_conf.ssid;
1513 		arg.ssid_len = arvif->vif->bss_conf.ssid_len;
1514 	}
1515 
1516 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1517 		   "mac vdev %d start center_freq %d phymode %s\n",
1518 		   arg.vdev_id, arg.channel.freq,
1519 		   ath10k_wmi_phymode_str(arg.channel.mode));
1520 
1521 	if (restart)
1522 		ret = ath10k_wmi_vdev_restart(ar, &arg);
1523 	else
1524 		ret = ath10k_wmi_vdev_start(ar, &arg);
1525 
1526 	if (ret) {
1527 		ath10k_warn(ar, "failed to start WMI vdev %i: %d\n",
1528 			    arg.vdev_id, ret);
1529 		return ret;
1530 	}
1531 
1532 	ret = ath10k_vdev_setup_sync(ar);
1533 	if (ret) {
1534 		ath10k_warn(ar,
1535 			    "failed to synchronize setup for vdev %i restart %d: %d\n",
1536 			    arg.vdev_id, restart, ret);
1537 		return ret;
1538 	}
1539 
1540 	ar->num_started_vdevs++;
1541 	ath10k_recalc_radar_detection(ar);
1542 
1543 	return ret;
1544 }
1545 
1546 static int ath10k_vdev_start(struct ath10k_vif *arvif,
1547 			     const struct cfg80211_chan_def *def)
1548 {
1549 	return ath10k_vdev_start_restart(arvif, def, false);
1550 }
1551 
1552 static int ath10k_vdev_restart(struct ath10k_vif *arvif,
1553 			       const struct cfg80211_chan_def *def)
1554 {
1555 	return ath10k_vdev_start_restart(arvif, def, true);
1556 }
1557 
1558 static int ath10k_mac_setup_bcn_p2p_ie(struct ath10k_vif *arvif,
1559 				       struct sk_buff *bcn)
1560 {
1561 	struct ath10k *ar = arvif->ar;
1562 	struct ieee80211_mgmt *mgmt;
1563 	const u8 *p2p_ie;
1564 	int ret;
1565 
1566 	if (arvif->vif->type != NL80211_IFTYPE_AP || !arvif->vif->p2p)
1567 		return 0;
1568 
1569 	mgmt = (void *)bcn->data;
1570 	p2p_ie = cfg80211_find_vendor_ie(WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1571 					 mgmt->u.beacon.variable,
1572 					 bcn->len - (mgmt->u.beacon.variable -
1573 						     bcn->data));
1574 	if (!p2p_ie)
1575 		return -ENOENT;
1576 
1577 	ret = ath10k_wmi_p2p_go_bcn_ie(ar, arvif->vdev_id, p2p_ie);
1578 	if (ret) {
1579 		ath10k_warn(ar, "failed to submit p2p go bcn ie for vdev %i: %d\n",
1580 			    arvif->vdev_id, ret);
1581 		return ret;
1582 	}
1583 
1584 	return 0;
1585 }
1586 
1587 static int ath10k_mac_remove_vendor_ie(struct sk_buff *skb, unsigned int oui,
1588 				       u8 oui_type, size_t ie_offset)
1589 {
1590 	size_t len;
1591 	const u8 *next;
1592 	const u8 *end;
1593 	u8 *ie;
1594 
1595 	if (WARN_ON(skb->len < ie_offset))
1596 		return -EINVAL;
1597 
1598 	ie = (u8 *)cfg80211_find_vendor_ie(oui, oui_type,
1599 					   skb->data + ie_offset,
1600 					   skb->len - ie_offset);
1601 	if (!ie)
1602 		return -ENOENT;
1603 
1604 	len = ie[1] + 2;
1605 	end = skb->data + skb->len;
1606 	next = ie + len;
1607 
1608 	if (WARN_ON(next > end))
1609 		return -EINVAL;
1610 
1611 	memmove(ie, next, end - next);
1612 	skb_trim(skb, skb->len - len);
1613 
1614 	return 0;
1615 }
1616 
1617 static int ath10k_mac_setup_bcn_tmpl(struct ath10k_vif *arvif)
1618 {
1619 	struct ath10k *ar = arvif->ar;
1620 	struct ieee80211_hw *hw = ar->hw;
1621 	struct ieee80211_vif *vif = arvif->vif;
1622 	struct ieee80211_mutable_offsets offs = {};
1623 	struct sk_buff *bcn;
1624 	int ret;
1625 
1626 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1627 		return 0;
1628 
1629 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
1630 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
1631 		return 0;
1632 
1633 	bcn = ieee80211_beacon_get_template(hw, vif, &offs);
1634 	if (!bcn) {
1635 		ath10k_warn(ar, "failed to get beacon template from mac80211\n");
1636 		return -EPERM;
1637 	}
1638 
1639 	ret = ath10k_mac_setup_bcn_p2p_ie(arvif, bcn);
1640 	if (ret) {
1641 		ath10k_warn(ar, "failed to setup p2p go bcn ie: %d\n", ret);
1642 		kfree_skb(bcn);
1643 		return ret;
1644 	}
1645 
1646 	/* P2P IE is inserted by firmware automatically (as configured above)
1647 	 * so remove it from the base beacon template to avoid duplicate P2P
1648 	 * IEs in beacon frames.
1649 	 */
1650 	ath10k_mac_remove_vendor_ie(bcn, WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1651 				    offsetof(struct ieee80211_mgmt,
1652 					     u.beacon.variable));
1653 
1654 	ret = ath10k_wmi_bcn_tmpl(ar, arvif->vdev_id, offs.tim_offset, bcn, 0,
1655 				  0, NULL, 0);
1656 	kfree_skb(bcn);
1657 
1658 	if (ret) {
1659 		ath10k_warn(ar, "failed to submit beacon template command: %d\n",
1660 			    ret);
1661 		return ret;
1662 	}
1663 
1664 	return 0;
1665 }
1666 
1667 static int ath10k_mac_setup_prb_tmpl(struct ath10k_vif *arvif)
1668 {
1669 	struct ath10k *ar = arvif->ar;
1670 	struct ieee80211_hw *hw = ar->hw;
1671 	struct ieee80211_vif *vif = arvif->vif;
1672 	struct sk_buff *prb;
1673 	int ret;
1674 
1675 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1676 		return 0;
1677 
1678 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1679 		return 0;
1680 
1681 	 /* For mesh, probe response and beacon share the same template */
1682 	if (ieee80211_vif_is_mesh(vif))
1683 		return 0;
1684 
1685 	prb = ieee80211_proberesp_get(hw, vif);
1686 	if (!prb) {
1687 		ath10k_warn(ar, "failed to get probe resp template from mac80211\n");
1688 		return -EPERM;
1689 	}
1690 
1691 	ret = ath10k_wmi_prb_tmpl(ar, arvif->vdev_id, prb);
1692 	kfree_skb(prb);
1693 
1694 	if (ret) {
1695 		ath10k_warn(ar, "failed to submit probe resp template command: %d\n",
1696 			    ret);
1697 		return ret;
1698 	}
1699 
1700 	return 0;
1701 }
1702 
1703 static int ath10k_mac_vif_fix_hidden_ssid(struct ath10k_vif *arvif)
1704 {
1705 	struct ath10k *ar = arvif->ar;
1706 	struct cfg80211_chan_def def;
1707 	int ret;
1708 
1709 	/* When originally vdev is started during assign_vif_chanctx() some
1710 	 * information is missing, notably SSID. Firmware revisions with beacon
1711 	 * offloading require the SSID to be provided during vdev (re)start to
1712 	 * handle hidden SSID properly.
1713 	 *
1714 	 * Vdev restart must be done after vdev has been both started and
1715 	 * upped. Otherwise some firmware revisions (at least 10.2) fail to
1716 	 * deliver vdev restart response event causing timeouts during vdev
1717 	 * syncing in ath10k.
1718 	 *
1719 	 * Note: The vdev down/up and template reinstallation could be skipped
1720 	 * since only wmi-tlv firmware are known to have beacon offload and
1721 	 * wmi-tlv doesn't seem to misbehave like 10.2 wrt vdev restart
1722 	 * response delivery. It's probably more robust to keep it as is.
1723 	 */
1724 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1725 		return 0;
1726 
1727 	if (WARN_ON(!arvif->is_started))
1728 		return -EINVAL;
1729 
1730 	if (WARN_ON(!arvif->is_up))
1731 		return -EINVAL;
1732 
1733 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
1734 		return -EINVAL;
1735 
1736 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1737 	if (ret) {
1738 		ath10k_warn(ar, "failed to bring down ap vdev %i: %d\n",
1739 			    arvif->vdev_id, ret);
1740 		return ret;
1741 	}
1742 
1743 	/* Vdev down reset beacon & presp templates. Reinstall them. Otherwise
1744 	 * firmware will crash upon vdev up.
1745 	 */
1746 
1747 	ret = ath10k_mac_setup_bcn_tmpl(arvif);
1748 	if (ret) {
1749 		ath10k_warn(ar, "failed to update beacon template: %d\n", ret);
1750 		return ret;
1751 	}
1752 
1753 	ret = ath10k_mac_setup_prb_tmpl(arvif);
1754 	if (ret) {
1755 		ath10k_warn(ar, "failed to update presp template: %d\n", ret);
1756 		return ret;
1757 	}
1758 
1759 	ret = ath10k_vdev_restart(arvif, &def);
1760 	if (ret) {
1761 		ath10k_warn(ar, "failed to restart ap vdev %i: %d\n",
1762 			    arvif->vdev_id, ret);
1763 		return ret;
1764 	}
1765 
1766 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1767 				 arvif->bssid);
1768 	if (ret) {
1769 		ath10k_warn(ar, "failed to bring up ap vdev %i: %d\n",
1770 			    arvif->vdev_id, ret);
1771 		return ret;
1772 	}
1773 
1774 	return 0;
1775 }
1776 
1777 static void ath10k_control_beaconing(struct ath10k_vif *arvif,
1778 				     struct ieee80211_bss_conf *info)
1779 {
1780 	struct ath10k *ar = arvif->ar;
1781 	int ret = 0;
1782 
1783 	lockdep_assert_held(&arvif->ar->conf_mutex);
1784 
1785 	if (!info->enable_beacon) {
1786 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1787 		if (ret)
1788 			ath10k_warn(ar, "failed to down vdev_id %i: %d\n",
1789 				    arvif->vdev_id, ret);
1790 
1791 		arvif->is_up = false;
1792 
1793 		spin_lock_bh(&arvif->ar->data_lock);
1794 		ath10k_mac_vif_beacon_free(arvif);
1795 		spin_unlock_bh(&arvif->ar->data_lock);
1796 
1797 		return;
1798 	}
1799 
1800 	arvif->tx_seq_no = 0x1000;
1801 
1802 	arvif->aid = 0;
1803 	ether_addr_copy(arvif->bssid, info->bssid);
1804 
1805 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1806 				 arvif->bssid);
1807 	if (ret) {
1808 		ath10k_warn(ar, "failed to bring up vdev %d: %i\n",
1809 			    arvif->vdev_id, ret);
1810 		return;
1811 	}
1812 
1813 	arvif->is_up = true;
1814 
1815 	ret = ath10k_mac_vif_fix_hidden_ssid(arvif);
1816 	if (ret) {
1817 		ath10k_warn(ar, "failed to fix hidden ssid for vdev %i, expect trouble: %d\n",
1818 			    arvif->vdev_id, ret);
1819 		return;
1820 	}
1821 
1822 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d up\n", arvif->vdev_id);
1823 }
1824 
1825 static void ath10k_control_ibss(struct ath10k_vif *arvif,
1826 				struct ieee80211_bss_conf *info,
1827 				const u8 self_peer[ETH_ALEN])
1828 {
1829 	struct ath10k *ar = arvif->ar;
1830 	u32 vdev_param;
1831 	int ret = 0;
1832 
1833 	lockdep_assert_held(&arvif->ar->conf_mutex);
1834 
1835 	if (!info->ibss_joined) {
1836 		if (is_zero_ether_addr(arvif->bssid))
1837 			return;
1838 
1839 		eth_zero_addr(arvif->bssid);
1840 
1841 		return;
1842 	}
1843 
1844 	vdev_param = arvif->ar->wmi.vdev_param->atim_window;
1845 	ret = ath10k_wmi_vdev_set_param(arvif->ar, arvif->vdev_id, vdev_param,
1846 					ATH10K_DEFAULT_ATIM);
1847 	if (ret)
1848 		ath10k_warn(ar, "failed to set IBSS ATIM for vdev %d: %d\n",
1849 			    arvif->vdev_id, ret);
1850 }
1851 
1852 static int ath10k_mac_vif_recalc_ps_wake_threshold(struct ath10k_vif *arvif)
1853 {
1854 	struct ath10k *ar = arvif->ar;
1855 	u32 param;
1856 	u32 value;
1857 	int ret;
1858 
1859 	lockdep_assert_held(&arvif->ar->conf_mutex);
1860 
1861 	if (arvif->u.sta.uapsd)
1862 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_NEVER;
1863 	else
1864 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_ALWAYS;
1865 
1866 	param = WMI_STA_PS_PARAM_TX_WAKE_THRESHOLD;
1867 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param, value);
1868 	if (ret) {
1869 		ath10k_warn(ar, "failed to submit ps wake threshold %u on vdev %i: %d\n",
1870 			    value, arvif->vdev_id, ret);
1871 		return ret;
1872 	}
1873 
1874 	return 0;
1875 }
1876 
1877 static int ath10k_mac_vif_recalc_ps_poll_count(struct ath10k_vif *arvif)
1878 {
1879 	struct ath10k *ar = arvif->ar;
1880 	u32 param;
1881 	u32 value;
1882 	int ret;
1883 
1884 	lockdep_assert_held(&arvif->ar->conf_mutex);
1885 
1886 	if (arvif->u.sta.uapsd)
1887 		value = WMI_STA_PS_PSPOLL_COUNT_UAPSD;
1888 	else
1889 		value = WMI_STA_PS_PSPOLL_COUNT_NO_MAX;
1890 
1891 	param = WMI_STA_PS_PARAM_PSPOLL_COUNT;
1892 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
1893 					  param, value);
1894 	if (ret) {
1895 		ath10k_warn(ar, "failed to submit ps poll count %u on vdev %i: %d\n",
1896 			    value, arvif->vdev_id, ret);
1897 		return ret;
1898 	}
1899 
1900 	return 0;
1901 }
1902 
1903 static int ath10k_mac_num_vifs_started(struct ath10k *ar)
1904 {
1905 	struct ath10k_vif *arvif;
1906 	int num = 0;
1907 
1908 	lockdep_assert_held(&ar->conf_mutex);
1909 
1910 	list_for_each_entry(arvif, &ar->arvifs, list)
1911 		if (arvif->is_started)
1912 			num++;
1913 
1914 	return num;
1915 }
1916 
1917 static int ath10k_mac_vif_setup_ps(struct ath10k_vif *arvif)
1918 {
1919 	struct ath10k *ar = arvif->ar;
1920 	struct ieee80211_vif *vif = arvif->vif;
1921 	struct ieee80211_conf *conf = &ar->hw->conf;
1922 	enum wmi_sta_powersave_param param;
1923 	enum wmi_sta_ps_mode psmode;
1924 	int ret;
1925 	int ps_timeout;
1926 	bool enable_ps;
1927 
1928 	lockdep_assert_held(&arvif->ar->conf_mutex);
1929 
1930 	if (arvif->vif->type != NL80211_IFTYPE_STATION)
1931 		return 0;
1932 
1933 	enable_ps = arvif->ps;
1934 
1935 	if (enable_ps && ath10k_mac_num_vifs_started(ar) > 1 &&
1936 	    !test_bit(ATH10K_FW_FEATURE_MULTI_VIF_PS_SUPPORT,
1937 		      ar->running_fw->fw_file.fw_features)) {
1938 		ath10k_warn(ar, "refusing to enable ps on vdev %i: not supported by fw\n",
1939 			    arvif->vdev_id);
1940 		enable_ps = false;
1941 	}
1942 
1943 	if (!arvif->is_started) {
1944 		/* mac80211 can update vif powersave state while disconnected.
1945 		 * Firmware doesn't behave nicely and consumes more power than
1946 		 * necessary if PS is disabled on a non-started vdev. Hence
1947 		 * force-enable PS for non-running vdevs.
1948 		 */
1949 		psmode = WMI_STA_PS_MODE_ENABLED;
1950 	} else if (enable_ps) {
1951 		psmode = WMI_STA_PS_MODE_ENABLED;
1952 		param = WMI_STA_PS_PARAM_INACTIVITY_TIME;
1953 
1954 		ps_timeout = conf->dynamic_ps_timeout;
1955 		if (ps_timeout == 0) {
1956 			/* Firmware doesn't like 0 */
1957 			ps_timeout = ieee80211_tu_to_usec(
1958 				vif->bss_conf.beacon_int) / 1000;
1959 		}
1960 
1961 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param,
1962 						  ps_timeout);
1963 		if (ret) {
1964 			ath10k_warn(ar, "failed to set inactivity time for vdev %d: %i\n",
1965 				    arvif->vdev_id, ret);
1966 			return ret;
1967 		}
1968 	} else {
1969 		psmode = WMI_STA_PS_MODE_DISABLED;
1970 	}
1971 
1972 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d psmode %s\n",
1973 		   arvif->vdev_id, psmode ? "enable" : "disable");
1974 
1975 	ret = ath10k_wmi_set_psmode(ar, arvif->vdev_id, psmode);
1976 	if (ret) {
1977 		ath10k_warn(ar, "failed to set PS Mode %d for vdev %d: %d\n",
1978 			    psmode, arvif->vdev_id, ret);
1979 		return ret;
1980 	}
1981 
1982 	return 0;
1983 }
1984 
1985 static int ath10k_mac_vif_disable_keepalive(struct ath10k_vif *arvif)
1986 {
1987 	struct ath10k *ar = arvif->ar;
1988 	struct wmi_sta_keepalive_arg arg = {};
1989 	int ret;
1990 
1991 	lockdep_assert_held(&arvif->ar->conf_mutex);
1992 
1993 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
1994 		return 0;
1995 
1996 	if (!test_bit(WMI_SERVICE_STA_KEEP_ALIVE, ar->wmi.svc_map))
1997 		return 0;
1998 
1999 	/* Some firmware revisions have a bug and ignore the `enabled` field.
2000 	 * Instead use the interval to disable the keepalive.
2001 	 */
2002 	arg.vdev_id = arvif->vdev_id;
2003 	arg.enabled = 1;
2004 	arg.method = WMI_STA_KEEPALIVE_METHOD_NULL_FRAME;
2005 	arg.interval = WMI_STA_KEEPALIVE_INTERVAL_DISABLE;
2006 
2007 	ret = ath10k_wmi_sta_keepalive(ar, &arg);
2008 	if (ret) {
2009 		ath10k_warn(ar, "failed to submit keepalive on vdev %i: %d\n",
2010 			    arvif->vdev_id, ret);
2011 		return ret;
2012 	}
2013 
2014 	return 0;
2015 }
2016 
2017 static void ath10k_mac_vif_ap_csa_count_down(struct ath10k_vif *arvif)
2018 {
2019 	struct ath10k *ar = arvif->ar;
2020 	struct ieee80211_vif *vif = arvif->vif;
2021 	int ret;
2022 
2023 	lockdep_assert_held(&arvif->ar->conf_mutex);
2024 
2025 	if (WARN_ON(!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)))
2026 		return;
2027 
2028 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
2029 		return;
2030 
2031 	if (!vif->csa_active)
2032 		return;
2033 
2034 	if (!arvif->is_up)
2035 		return;
2036 
2037 	if (!ieee80211_beacon_cntdwn_is_complete(vif)) {
2038 		ieee80211_beacon_update_cntdwn(vif);
2039 
2040 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
2041 		if (ret)
2042 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
2043 				    ret);
2044 
2045 		ret = ath10k_mac_setup_prb_tmpl(arvif);
2046 		if (ret)
2047 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
2048 				    ret);
2049 	} else {
2050 		ieee80211_csa_finish(vif);
2051 	}
2052 }
2053 
2054 static void ath10k_mac_vif_ap_csa_work(struct work_struct *work)
2055 {
2056 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2057 						ap_csa_work);
2058 	struct ath10k *ar = arvif->ar;
2059 
2060 	mutex_lock(&ar->conf_mutex);
2061 	ath10k_mac_vif_ap_csa_count_down(arvif);
2062 	mutex_unlock(&ar->conf_mutex);
2063 }
2064 
2065 static void ath10k_mac_handle_beacon_iter(void *data, u8 *mac,
2066 					  struct ieee80211_vif *vif)
2067 {
2068 	struct sk_buff *skb = data;
2069 	struct ieee80211_mgmt *mgmt = (void *)skb->data;
2070 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2071 
2072 	if (vif->type != NL80211_IFTYPE_STATION)
2073 		return;
2074 
2075 	if (!ether_addr_equal(mgmt->bssid, vif->bss_conf.bssid))
2076 		return;
2077 
2078 	cancel_delayed_work(&arvif->connection_loss_work);
2079 }
2080 
2081 void ath10k_mac_handle_beacon(struct ath10k *ar, struct sk_buff *skb)
2082 {
2083 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2084 						   ATH10K_ITER_NORMAL_FLAGS,
2085 						   ath10k_mac_handle_beacon_iter,
2086 						   skb);
2087 }
2088 
2089 static void ath10k_mac_handle_beacon_miss_iter(void *data, u8 *mac,
2090 					       struct ieee80211_vif *vif)
2091 {
2092 	u32 *vdev_id = data;
2093 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2094 	struct ath10k *ar = arvif->ar;
2095 	struct ieee80211_hw *hw = ar->hw;
2096 
2097 	if (arvif->vdev_id != *vdev_id)
2098 		return;
2099 
2100 	if (!arvif->is_up)
2101 		return;
2102 
2103 	ieee80211_beacon_loss(vif);
2104 
2105 	/* Firmware doesn't report beacon loss events repeatedly. If AP probe
2106 	 * (done by mac80211) succeeds but beacons do not resume then it
2107 	 * doesn't make sense to continue operation. Queue connection loss work
2108 	 * which can be cancelled when beacon is received.
2109 	 */
2110 	ieee80211_queue_delayed_work(hw, &arvif->connection_loss_work,
2111 				     ATH10K_CONNECTION_LOSS_HZ);
2112 }
2113 
2114 void ath10k_mac_handle_beacon_miss(struct ath10k *ar, u32 vdev_id)
2115 {
2116 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2117 						   ATH10K_ITER_NORMAL_FLAGS,
2118 						   ath10k_mac_handle_beacon_miss_iter,
2119 						   &vdev_id);
2120 }
2121 
2122 static void ath10k_mac_vif_sta_connection_loss_work(struct work_struct *work)
2123 {
2124 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2125 						connection_loss_work.work);
2126 	struct ieee80211_vif *vif = arvif->vif;
2127 
2128 	if (!arvif->is_up)
2129 		return;
2130 
2131 	ieee80211_connection_loss(vif);
2132 }
2133 
2134 /**********************/
2135 /* Station management */
2136 /**********************/
2137 
2138 static u32 ath10k_peer_assoc_h_listen_intval(struct ath10k *ar,
2139 					     struct ieee80211_vif *vif)
2140 {
2141 	/* Some firmware revisions have unstable STA powersave when listen
2142 	 * interval is set too high (e.g. 5). The symptoms are firmware doesn't
2143 	 * generate NullFunc frames properly even if buffered frames have been
2144 	 * indicated in Beacon TIM. Firmware would seldom wake up to pull
2145 	 * buffered frames. Often pinging the device from AP would simply fail.
2146 	 *
2147 	 * As a workaround set it to 1.
2148 	 */
2149 	if (vif->type == NL80211_IFTYPE_STATION)
2150 		return 1;
2151 
2152 	return ar->hw->conf.listen_interval;
2153 }
2154 
2155 static void ath10k_peer_assoc_h_basic(struct ath10k *ar,
2156 				      struct ieee80211_vif *vif,
2157 				      struct ieee80211_sta *sta,
2158 				      struct wmi_peer_assoc_complete_arg *arg)
2159 {
2160 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2161 	u32 aid;
2162 
2163 	lockdep_assert_held(&ar->conf_mutex);
2164 
2165 	if (vif->type == NL80211_IFTYPE_STATION)
2166 		aid = vif->bss_conf.aid;
2167 	else
2168 		aid = sta->aid;
2169 
2170 	ether_addr_copy(arg->addr, sta->addr);
2171 	arg->vdev_id = arvif->vdev_id;
2172 	arg->peer_aid = aid;
2173 	arg->peer_flags |= arvif->ar->wmi.peer_flags->auth;
2174 	arg->peer_listen_intval = ath10k_peer_assoc_h_listen_intval(ar, vif);
2175 	arg->peer_num_spatial_streams = 1;
2176 	arg->peer_caps = vif->bss_conf.assoc_capability;
2177 }
2178 
2179 static void ath10k_peer_assoc_h_crypto(struct ath10k *ar,
2180 				       struct ieee80211_vif *vif,
2181 				       struct ieee80211_sta *sta,
2182 				       struct wmi_peer_assoc_complete_arg *arg)
2183 {
2184 	struct ieee80211_bss_conf *info = &vif->bss_conf;
2185 	struct cfg80211_chan_def def;
2186 	struct cfg80211_bss *bss;
2187 	const u8 *rsnie = NULL;
2188 	const u8 *wpaie = NULL;
2189 
2190 	lockdep_assert_held(&ar->conf_mutex);
2191 
2192 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2193 		return;
2194 
2195 	bss = cfg80211_get_bss(ar->hw->wiphy, def.chan, info->bssid,
2196 			       info->ssid_len ? info->ssid : NULL, info->ssid_len,
2197 			       IEEE80211_BSS_TYPE_ANY, IEEE80211_PRIVACY_ANY);
2198 	if (bss) {
2199 		const struct cfg80211_bss_ies *ies;
2200 
2201 		rcu_read_lock();
2202 		rsnie = ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
2203 
2204 		ies = rcu_dereference(bss->ies);
2205 
2206 		wpaie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
2207 						WLAN_OUI_TYPE_MICROSOFT_WPA,
2208 						ies->data,
2209 						ies->len);
2210 		rcu_read_unlock();
2211 		cfg80211_put_bss(ar->hw->wiphy, bss);
2212 	}
2213 
2214 	/* FIXME: base on RSN IE/WPA IE is a correct idea? */
2215 	if (rsnie || wpaie) {
2216 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: rsn ie found\n", __func__);
2217 		arg->peer_flags |= ar->wmi.peer_flags->need_ptk_4_way;
2218 	}
2219 
2220 	if (wpaie) {
2221 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: wpa ie found\n", __func__);
2222 		arg->peer_flags |= ar->wmi.peer_flags->need_gtk_2_way;
2223 	}
2224 
2225 	if (sta->mfp &&
2226 	    test_bit(ATH10K_FW_FEATURE_MFP_SUPPORT,
2227 		     ar->running_fw->fw_file.fw_features)) {
2228 		arg->peer_flags |= ar->wmi.peer_flags->pmf;
2229 	}
2230 }
2231 
2232 static void ath10k_peer_assoc_h_rates(struct ath10k *ar,
2233 				      struct ieee80211_vif *vif,
2234 				      struct ieee80211_sta *sta,
2235 				      struct wmi_peer_assoc_complete_arg *arg)
2236 {
2237 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2238 	struct wmi_rate_set_arg *rateset = &arg->peer_legacy_rates;
2239 	struct cfg80211_chan_def def;
2240 	const struct ieee80211_supported_band *sband;
2241 	const struct ieee80211_rate *rates;
2242 	enum nl80211_band band;
2243 	u32 ratemask;
2244 	u8 rate;
2245 	int i;
2246 
2247 	lockdep_assert_held(&ar->conf_mutex);
2248 
2249 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2250 		return;
2251 
2252 	band = def.chan->band;
2253 	sband = ar->hw->wiphy->bands[band];
2254 	ratemask = sta->deflink.supp_rates[band];
2255 	ratemask &= arvif->bitrate_mask.control[band].legacy;
2256 	rates = sband->bitrates;
2257 
2258 	rateset->num_rates = 0;
2259 
2260 	for (i = 0; i < 32; i++, ratemask >>= 1, rates++) {
2261 		if (!(ratemask & 1))
2262 			continue;
2263 
2264 		rate = ath10k_mac_bitrate_to_rate(rates->bitrate);
2265 		rateset->rates[rateset->num_rates] = rate;
2266 		rateset->num_rates++;
2267 	}
2268 }
2269 
2270 static bool
2271 ath10k_peer_assoc_h_ht_masked(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
2272 {
2273 	int nss;
2274 
2275 	for (nss = 0; nss < IEEE80211_HT_MCS_MASK_LEN; nss++)
2276 		if (ht_mcs_mask[nss])
2277 			return false;
2278 
2279 	return true;
2280 }
2281 
2282 static bool
2283 ath10k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
2284 {
2285 	int nss;
2286 
2287 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++)
2288 		if (vht_mcs_mask[nss])
2289 			return false;
2290 
2291 	return true;
2292 }
2293 
2294 static void ath10k_peer_assoc_h_ht(struct ath10k *ar,
2295 				   struct ieee80211_vif *vif,
2296 				   struct ieee80211_sta *sta,
2297 				   struct wmi_peer_assoc_complete_arg *arg)
2298 {
2299 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->deflink.ht_cap;
2300 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2301 	struct cfg80211_chan_def def;
2302 	enum nl80211_band band;
2303 	const u8 *ht_mcs_mask;
2304 	const u16 *vht_mcs_mask;
2305 	int i, n;
2306 	u8 max_nss;
2307 	u32 stbc;
2308 
2309 	lockdep_assert_held(&ar->conf_mutex);
2310 
2311 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2312 		return;
2313 
2314 	if (!ht_cap->ht_supported)
2315 		return;
2316 
2317 	band = def.chan->band;
2318 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2319 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2320 
2321 	if (ath10k_peer_assoc_h_ht_masked(ht_mcs_mask) &&
2322 	    ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2323 		return;
2324 
2325 	arg->peer_flags |= ar->wmi.peer_flags->ht;
2326 	arg->peer_max_mpdu = (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2327 				    ht_cap->ampdu_factor)) - 1;
2328 
2329 	arg->peer_mpdu_density =
2330 		ath10k_parse_mpdudensity(ht_cap->ampdu_density);
2331 
2332 	arg->peer_ht_caps = ht_cap->cap;
2333 	arg->peer_rate_caps |= WMI_RC_HT_FLAG;
2334 
2335 	if (ht_cap->cap & IEEE80211_HT_CAP_LDPC_CODING)
2336 		arg->peer_flags |= ar->wmi.peer_flags->ldbc;
2337 
2338 	if (sta->deflink.bandwidth >= IEEE80211_STA_RX_BW_40) {
2339 		arg->peer_flags |= ar->wmi.peer_flags->bw40;
2340 		arg->peer_rate_caps |= WMI_RC_CW40_FLAG;
2341 	}
2342 
2343 	if (arvif->bitrate_mask.control[band].gi != NL80211_TXRATE_FORCE_LGI) {
2344 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_20)
2345 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2346 
2347 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_40)
2348 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2349 	}
2350 
2351 	if (ht_cap->cap & IEEE80211_HT_CAP_TX_STBC) {
2352 		arg->peer_rate_caps |= WMI_RC_TX_STBC_FLAG;
2353 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2354 	}
2355 
2356 	if (ht_cap->cap & IEEE80211_HT_CAP_RX_STBC) {
2357 		stbc = ht_cap->cap & IEEE80211_HT_CAP_RX_STBC;
2358 		stbc = stbc >> IEEE80211_HT_CAP_RX_STBC_SHIFT;
2359 		stbc = stbc << WMI_RC_RX_STBC_FLAG_S;
2360 		arg->peer_rate_caps |= stbc;
2361 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2362 	}
2363 
2364 	if (ht_cap->mcs.rx_mask[1] && ht_cap->mcs.rx_mask[2])
2365 		arg->peer_rate_caps |= WMI_RC_TS_FLAG;
2366 	else if (ht_cap->mcs.rx_mask[1])
2367 		arg->peer_rate_caps |= WMI_RC_DS_FLAG;
2368 
2369 	for (i = 0, n = 0, max_nss = 0; i < IEEE80211_HT_MCS_MASK_LEN * 8; i++)
2370 		if ((ht_cap->mcs.rx_mask[i / 8] & BIT(i % 8)) &&
2371 		    (ht_mcs_mask[i / 8] & BIT(i % 8))) {
2372 			max_nss = (i / 8) + 1;
2373 			arg->peer_ht_rates.rates[n++] = i;
2374 		}
2375 
2376 	/*
2377 	 * This is a workaround for HT-enabled STAs which break the spec
2378 	 * and have no HT capabilities RX mask (no HT RX MCS map).
2379 	 *
2380 	 * As per spec, in section 20.3.5 Modulation and coding scheme (MCS),
2381 	 * MCS 0 through 7 are mandatory in 20MHz with 800 ns GI at all STAs.
2382 	 *
2383 	 * Firmware asserts if such situation occurs.
2384 	 */
2385 	if (n == 0) {
2386 		arg->peer_ht_rates.num_rates = 8;
2387 		for (i = 0; i < arg->peer_ht_rates.num_rates; i++)
2388 			arg->peer_ht_rates.rates[i] = i;
2389 	} else {
2390 		arg->peer_ht_rates.num_rates = n;
2391 		arg->peer_num_spatial_streams = min(sta->deflink.rx_nss,
2392 						    max_nss);
2393 	}
2394 
2395 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ht peer %pM mcs cnt %d nss %d\n",
2396 		   arg->addr,
2397 		   arg->peer_ht_rates.num_rates,
2398 		   arg->peer_num_spatial_streams);
2399 }
2400 
2401 static int ath10k_peer_assoc_qos_ap(struct ath10k *ar,
2402 				    struct ath10k_vif *arvif,
2403 				    struct ieee80211_sta *sta)
2404 {
2405 	u32 uapsd = 0;
2406 	u32 max_sp = 0;
2407 	int ret = 0;
2408 
2409 	lockdep_assert_held(&ar->conf_mutex);
2410 
2411 	if (sta->wme && sta->uapsd_queues) {
2412 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac uapsd_queues 0x%x max_sp %d\n",
2413 			   sta->uapsd_queues, sta->max_sp);
2414 
2415 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
2416 			uapsd |= WMI_AP_PS_UAPSD_AC3_DELIVERY_EN |
2417 				 WMI_AP_PS_UAPSD_AC3_TRIGGER_EN;
2418 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
2419 			uapsd |= WMI_AP_PS_UAPSD_AC2_DELIVERY_EN |
2420 				 WMI_AP_PS_UAPSD_AC2_TRIGGER_EN;
2421 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
2422 			uapsd |= WMI_AP_PS_UAPSD_AC1_DELIVERY_EN |
2423 				 WMI_AP_PS_UAPSD_AC1_TRIGGER_EN;
2424 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
2425 			uapsd |= WMI_AP_PS_UAPSD_AC0_DELIVERY_EN |
2426 				 WMI_AP_PS_UAPSD_AC0_TRIGGER_EN;
2427 
2428 		if (sta->max_sp < MAX_WMI_AP_PS_PEER_PARAM_MAX_SP)
2429 			max_sp = sta->max_sp;
2430 
2431 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2432 						 sta->addr,
2433 						 WMI_AP_PS_PEER_PARAM_UAPSD,
2434 						 uapsd);
2435 		if (ret) {
2436 			ath10k_warn(ar, "failed to set ap ps peer param uapsd for vdev %i: %d\n",
2437 				    arvif->vdev_id, ret);
2438 			return ret;
2439 		}
2440 
2441 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2442 						 sta->addr,
2443 						 WMI_AP_PS_PEER_PARAM_MAX_SP,
2444 						 max_sp);
2445 		if (ret) {
2446 			ath10k_warn(ar, "failed to set ap ps peer param max sp for vdev %i: %d\n",
2447 				    arvif->vdev_id, ret);
2448 			return ret;
2449 		}
2450 
2451 		/* TODO setup this based on STA listen interval and
2452 		 * beacon interval. Currently we don't know
2453 		 * sta->listen_interval - mac80211 patch required.
2454 		 * Currently use 10 seconds
2455 		 */
2456 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id, sta->addr,
2457 						 WMI_AP_PS_PEER_PARAM_AGEOUT_TIME,
2458 						 10);
2459 		if (ret) {
2460 			ath10k_warn(ar, "failed to set ap ps peer param ageout time for vdev %i: %d\n",
2461 				    arvif->vdev_id, ret);
2462 			return ret;
2463 		}
2464 	}
2465 
2466 	return 0;
2467 }
2468 
2469 static u16
2470 ath10k_peer_assoc_h_vht_limit(u16 tx_mcs_set,
2471 			      const u16 vht_mcs_limit[NL80211_VHT_NSS_MAX])
2472 {
2473 	int idx_limit;
2474 	int nss;
2475 	u16 mcs_map;
2476 	u16 mcs;
2477 
2478 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
2479 		mcs_map = ath10k_mac_get_max_vht_mcs_map(tx_mcs_set, nss) &
2480 			  vht_mcs_limit[nss];
2481 
2482 		if (mcs_map)
2483 			idx_limit = fls(mcs_map) - 1;
2484 		else
2485 			idx_limit = -1;
2486 
2487 		switch (idx_limit) {
2488 		case 0:
2489 		case 1:
2490 		case 2:
2491 		case 3:
2492 		case 4:
2493 		case 5:
2494 		case 6:
2495 		default:
2496 			/* see ath10k_mac_can_set_bitrate_mask() */
2497 			WARN_ON(1);
2498 			fallthrough;
2499 		case -1:
2500 			mcs = IEEE80211_VHT_MCS_NOT_SUPPORTED;
2501 			break;
2502 		case 7:
2503 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_7;
2504 			break;
2505 		case 8:
2506 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_8;
2507 			break;
2508 		case 9:
2509 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_9;
2510 			break;
2511 		}
2512 
2513 		tx_mcs_set &= ~(0x3 << (nss * 2));
2514 		tx_mcs_set |= mcs << (nss * 2);
2515 	}
2516 
2517 	return tx_mcs_set;
2518 }
2519 
2520 static u32 get_160mhz_nss_from_maxrate(int rate)
2521 {
2522 	u32 nss;
2523 
2524 	switch (rate) {
2525 	case 780:
2526 		nss = 1;
2527 		break;
2528 	case 1560:
2529 		nss = 2;
2530 		break;
2531 	case 2106:
2532 		nss = 3; /* not support MCS9 from spec*/
2533 		break;
2534 	case 3120:
2535 		nss = 4;
2536 		break;
2537 	default:
2538 		 nss = 1;
2539 	}
2540 
2541 	return nss;
2542 }
2543 
2544 static void ath10k_peer_assoc_h_vht(struct ath10k *ar,
2545 				    struct ieee80211_vif *vif,
2546 				    struct ieee80211_sta *sta,
2547 				    struct wmi_peer_assoc_complete_arg *arg)
2548 {
2549 	const struct ieee80211_sta_vht_cap *vht_cap = &sta->deflink.vht_cap;
2550 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2551 	struct ath10k_hw_params *hw = &ar->hw_params;
2552 	struct cfg80211_chan_def def;
2553 	enum nl80211_band band;
2554 	const u16 *vht_mcs_mask;
2555 	u8 ampdu_factor;
2556 	u8 max_nss, vht_mcs;
2557 	int i;
2558 
2559 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2560 		return;
2561 
2562 	if (!vht_cap->vht_supported)
2563 		return;
2564 
2565 	band = def.chan->band;
2566 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2567 
2568 	if (ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2569 		return;
2570 
2571 	arg->peer_flags |= ar->wmi.peer_flags->vht;
2572 
2573 	if (def.chan->band == NL80211_BAND_2GHZ)
2574 		arg->peer_flags |= ar->wmi.peer_flags->vht_2g;
2575 
2576 	arg->peer_vht_caps = vht_cap->cap;
2577 
2578 	ampdu_factor = (vht_cap->cap &
2579 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >>
2580 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
2581 
2582 	/* Workaround: Some Netgear/Linksys 11ac APs set Rx A-MPDU factor to
2583 	 * zero in VHT IE. Using it would result in degraded throughput.
2584 	 * arg->peer_max_mpdu at this point contains HT max_mpdu so keep
2585 	 * it if VHT max_mpdu is smaller.
2586 	 */
2587 	arg->peer_max_mpdu = max(arg->peer_max_mpdu,
2588 				 (1U << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2589 					ampdu_factor)) - 1);
2590 
2591 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2592 		arg->peer_flags |= ar->wmi.peer_flags->bw80;
2593 
2594 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160)
2595 		arg->peer_flags |= ar->wmi.peer_flags->bw160;
2596 
2597 	/* Calculate peer NSS capability from VHT capabilities if STA
2598 	 * supports VHT.
2599 	 */
2600 	for (i = 0, max_nss = 0, vht_mcs = 0; i < NL80211_VHT_NSS_MAX; i++) {
2601 		vht_mcs = __le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map) >>
2602 			  (2 * i) & 3;
2603 
2604 		if ((vht_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) &&
2605 		    vht_mcs_mask[i])
2606 			max_nss = i + 1;
2607 	}
2608 	arg->peer_num_spatial_streams = min(sta->deflink.rx_nss, max_nss);
2609 	arg->peer_vht_rates.rx_max_rate =
2610 		__le16_to_cpu(vht_cap->vht_mcs.rx_highest);
2611 	arg->peer_vht_rates.rx_mcs_set =
2612 		__le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map);
2613 	arg->peer_vht_rates.tx_max_rate =
2614 		__le16_to_cpu(vht_cap->vht_mcs.tx_highest);
2615 	arg->peer_vht_rates.tx_mcs_set = ath10k_peer_assoc_h_vht_limit(
2616 		__le16_to_cpu(vht_cap->vht_mcs.tx_mcs_map), vht_mcs_mask);
2617 
2618 	/* Configure bandwidth-NSS mapping to FW
2619 	 * for the chip's tx chains setting on 160Mhz bw
2620 	 */
2621 	if (arg->peer_phymode == MODE_11AC_VHT160 ||
2622 	    arg->peer_phymode == MODE_11AC_VHT80_80) {
2623 		u32 rx_nss;
2624 		u32 max_rate;
2625 
2626 		max_rate = arg->peer_vht_rates.rx_max_rate;
2627 		rx_nss = get_160mhz_nss_from_maxrate(max_rate);
2628 
2629 		if (rx_nss == 0)
2630 			rx_nss = arg->peer_num_spatial_streams;
2631 		else
2632 			rx_nss = min(arg->peer_num_spatial_streams, rx_nss);
2633 
2634 		max_rate = hw->vht160_mcs_tx_highest;
2635 		rx_nss = min(rx_nss, get_160mhz_nss_from_maxrate(max_rate));
2636 
2637 		arg->peer_bw_rxnss_override =
2638 			FIELD_PREP(WMI_PEER_NSS_MAP_ENABLE, 1) |
2639 			FIELD_PREP(WMI_PEER_NSS_160MHZ_MASK, (rx_nss - 1));
2640 
2641 		if (arg->peer_phymode == MODE_11AC_VHT80_80) {
2642 			arg->peer_bw_rxnss_override |=
2643 			FIELD_PREP(WMI_PEER_NSS_80_80MHZ_MASK, (rx_nss - 1));
2644 		}
2645 	}
2646 	ath10k_dbg(ar, ATH10K_DBG_MAC,
2647 		   "mac vht peer %pM max_mpdu %d flags 0x%x peer_rx_nss_override 0x%x\n",
2648 		   sta->addr, arg->peer_max_mpdu,
2649 		   arg->peer_flags, arg->peer_bw_rxnss_override);
2650 }
2651 
2652 static void ath10k_peer_assoc_h_qos(struct ath10k *ar,
2653 				    struct ieee80211_vif *vif,
2654 				    struct ieee80211_sta *sta,
2655 				    struct wmi_peer_assoc_complete_arg *arg)
2656 {
2657 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2658 
2659 	switch (arvif->vdev_type) {
2660 	case WMI_VDEV_TYPE_AP:
2661 		if (sta->wme)
2662 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2663 
2664 		if (sta->wme && sta->uapsd_queues) {
2665 			arg->peer_flags |= arvif->ar->wmi.peer_flags->apsd;
2666 			arg->peer_rate_caps |= WMI_RC_UAPSD_FLAG;
2667 		}
2668 		break;
2669 	case WMI_VDEV_TYPE_STA:
2670 		if (sta->wme)
2671 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2672 		break;
2673 	case WMI_VDEV_TYPE_IBSS:
2674 		if (sta->wme)
2675 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2676 		break;
2677 	default:
2678 		break;
2679 	}
2680 
2681 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM qos %d\n",
2682 		   sta->addr, !!(arg->peer_flags &
2683 		   arvif->ar->wmi.peer_flags->qos));
2684 }
2685 
2686 static bool ath10k_mac_sta_has_ofdm_only(struct ieee80211_sta *sta)
2687 {
2688 	return sta->deflink.supp_rates[NL80211_BAND_2GHZ] >>
2689 	       ATH10K_MAC_FIRST_OFDM_RATE_IDX;
2690 }
2691 
2692 static enum wmi_phy_mode ath10k_mac_get_phymode_vht(struct ath10k *ar,
2693 						    struct ieee80211_sta *sta)
2694 {
2695 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_160) {
2696 		switch (sta->deflink.vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) {
2697 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ:
2698 			return MODE_11AC_VHT160;
2699 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ:
2700 			return MODE_11AC_VHT80_80;
2701 		default:
2702 			/* not sure if this is a valid case? */
2703 			return MODE_11AC_VHT160;
2704 		}
2705 	}
2706 
2707 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_80)
2708 		return MODE_11AC_VHT80;
2709 
2710 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2711 		return MODE_11AC_VHT40;
2712 
2713 	if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_20)
2714 		return MODE_11AC_VHT20;
2715 
2716 	return MODE_UNKNOWN;
2717 }
2718 
2719 static void ath10k_peer_assoc_h_phymode(struct ath10k *ar,
2720 					struct ieee80211_vif *vif,
2721 					struct ieee80211_sta *sta,
2722 					struct wmi_peer_assoc_complete_arg *arg)
2723 {
2724 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2725 	struct cfg80211_chan_def def;
2726 	enum nl80211_band band;
2727 	const u8 *ht_mcs_mask;
2728 	const u16 *vht_mcs_mask;
2729 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
2730 
2731 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2732 		return;
2733 
2734 	band = def.chan->band;
2735 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2736 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2737 
2738 	switch (band) {
2739 	case NL80211_BAND_2GHZ:
2740 		if (sta->deflink.vht_cap.vht_supported &&
2741 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2742 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2743 				phymode = MODE_11AC_VHT40;
2744 			else
2745 				phymode = MODE_11AC_VHT20;
2746 		} else if (sta->deflink.ht_cap.ht_supported &&
2747 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2748 			if (sta->deflink.bandwidth == IEEE80211_STA_RX_BW_40)
2749 				phymode = MODE_11NG_HT40;
2750 			else
2751 				phymode = MODE_11NG_HT20;
2752 		} else if (ath10k_mac_sta_has_ofdm_only(sta)) {
2753 			phymode = MODE_11G;
2754 		} else {
2755 			phymode = MODE_11B;
2756 		}
2757 
2758 		break;
2759 	case NL80211_BAND_5GHZ:
2760 		/*
2761 		 * Check VHT first.
2762 		 */
2763 		if (sta->deflink.vht_cap.vht_supported &&
2764 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2765 			phymode = ath10k_mac_get_phymode_vht(ar, sta);
2766 		} else if (sta->deflink.ht_cap.ht_supported &&
2767 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2768 			if (sta->deflink.bandwidth >= IEEE80211_STA_RX_BW_40)
2769 				phymode = MODE_11NA_HT40;
2770 			else
2771 				phymode = MODE_11NA_HT20;
2772 		} else {
2773 			phymode = MODE_11A;
2774 		}
2775 
2776 		break;
2777 	default:
2778 		break;
2779 	}
2780 
2781 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM phymode %s\n",
2782 		   sta->addr, ath10k_wmi_phymode_str(phymode));
2783 
2784 	arg->peer_phymode = phymode;
2785 	WARN_ON(phymode == MODE_UNKNOWN);
2786 }
2787 
2788 static int ath10k_peer_assoc_prepare(struct ath10k *ar,
2789 				     struct ieee80211_vif *vif,
2790 				     struct ieee80211_sta *sta,
2791 				     struct wmi_peer_assoc_complete_arg *arg)
2792 {
2793 	lockdep_assert_held(&ar->conf_mutex);
2794 
2795 	memset(arg, 0, sizeof(*arg));
2796 
2797 	ath10k_peer_assoc_h_basic(ar, vif, sta, arg);
2798 	ath10k_peer_assoc_h_crypto(ar, vif, sta, arg);
2799 	ath10k_peer_assoc_h_rates(ar, vif, sta, arg);
2800 	ath10k_peer_assoc_h_ht(ar, vif, sta, arg);
2801 	ath10k_peer_assoc_h_phymode(ar, vif, sta, arg);
2802 	ath10k_peer_assoc_h_vht(ar, vif, sta, arg);
2803 	ath10k_peer_assoc_h_qos(ar, vif, sta, arg);
2804 
2805 	return 0;
2806 }
2807 
2808 static const u32 ath10k_smps_map[] = {
2809 	[WLAN_HT_CAP_SM_PS_STATIC] = WMI_PEER_SMPS_STATIC,
2810 	[WLAN_HT_CAP_SM_PS_DYNAMIC] = WMI_PEER_SMPS_DYNAMIC,
2811 	[WLAN_HT_CAP_SM_PS_INVALID] = WMI_PEER_SMPS_PS_NONE,
2812 	[WLAN_HT_CAP_SM_PS_DISABLED] = WMI_PEER_SMPS_PS_NONE,
2813 };
2814 
2815 static int ath10k_setup_peer_smps(struct ath10k *ar, struct ath10k_vif *arvif,
2816 				  const u8 *addr,
2817 				  const struct ieee80211_sta_ht_cap *ht_cap)
2818 {
2819 	int smps;
2820 
2821 	if (!ht_cap->ht_supported)
2822 		return 0;
2823 
2824 	smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
2825 	smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
2826 
2827 	if (smps >= ARRAY_SIZE(ath10k_smps_map))
2828 		return -EINVAL;
2829 
2830 	return ath10k_wmi_peer_set_param(ar, arvif->vdev_id, addr,
2831 					 ar->wmi.peer_param->smps_state,
2832 					 ath10k_smps_map[smps]);
2833 }
2834 
2835 static int ath10k_mac_vif_recalc_txbf(struct ath10k *ar,
2836 				      struct ieee80211_vif *vif,
2837 				      struct ieee80211_sta_vht_cap vht_cap)
2838 {
2839 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2840 	int ret;
2841 	u32 param;
2842 	u32 value;
2843 
2844 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_AFTER_ASSOC)
2845 		return 0;
2846 
2847 	if (!(ar->vht_cap_info &
2848 	      (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2849 	       IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE |
2850 	       IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2851 	       IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)))
2852 		return 0;
2853 
2854 	param = ar->wmi.vdev_param->txbf;
2855 	value = 0;
2856 
2857 	if (WARN_ON(param == WMI_VDEV_PARAM_UNSUPPORTED))
2858 		return 0;
2859 
2860 	/* The following logic is correct. If a remote STA advertises support
2861 	 * for being a beamformer then we should enable us being a beamformee.
2862 	 */
2863 
2864 	if (ar->vht_cap_info &
2865 	    (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2866 	     IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
2867 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
2868 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2869 
2870 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
2871 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFEE;
2872 	}
2873 
2874 	if (ar->vht_cap_info &
2875 	    (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2876 	     IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
2877 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
2878 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2879 
2880 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
2881 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFER;
2882 	}
2883 
2884 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFEE)
2885 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2886 
2887 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFER)
2888 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2889 
2890 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param, value);
2891 	if (ret) {
2892 		ath10k_warn(ar, "failed to submit vdev param txbf 0x%x: %d\n",
2893 			    value, ret);
2894 		return ret;
2895 	}
2896 
2897 	return 0;
2898 }
2899 
2900 static bool ath10k_mac_is_connected(struct ath10k *ar)
2901 {
2902 	struct ath10k_vif *arvif;
2903 
2904 	list_for_each_entry(arvif, &ar->arvifs, list) {
2905 		if (arvif->is_up && arvif->vdev_type == WMI_VDEV_TYPE_STA)
2906 			return true;
2907 	}
2908 
2909 	return false;
2910 }
2911 
2912 static int ath10k_mac_txpower_setup(struct ath10k *ar, int txpower)
2913 {
2914 	int ret;
2915 	u32 param;
2916 	int tx_power_2g, tx_power_5g;
2917 	bool connected;
2918 
2919 	lockdep_assert_held(&ar->conf_mutex);
2920 
2921 	/* ath10k internally uses unit of 0.5 dBm so multiply by 2 */
2922 	tx_power_2g = txpower * 2;
2923 	tx_power_5g = txpower * 2;
2924 
2925 	connected = ath10k_mac_is_connected(ar);
2926 
2927 	if (connected && ar->tx_power_2g_limit)
2928 		if (tx_power_2g > ar->tx_power_2g_limit)
2929 			tx_power_2g = ar->tx_power_2g_limit;
2930 
2931 	if (connected && ar->tx_power_5g_limit)
2932 		if (tx_power_5g > ar->tx_power_5g_limit)
2933 			tx_power_5g = ar->tx_power_5g_limit;
2934 
2935 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac txpower 2g: %d, 5g: %d\n",
2936 		   tx_power_2g, tx_power_5g);
2937 
2938 	param = ar->wmi.pdev_param->txpower_limit2g;
2939 	ret = ath10k_wmi_pdev_set_param(ar, param, tx_power_2g);
2940 	if (ret) {
2941 		ath10k_warn(ar, "failed to set 2g txpower %d: %d\n",
2942 			    tx_power_2g, ret);
2943 		return ret;
2944 	}
2945 
2946 	param = ar->wmi.pdev_param->txpower_limit5g;
2947 	ret = ath10k_wmi_pdev_set_param(ar, param, tx_power_5g);
2948 	if (ret) {
2949 		ath10k_warn(ar, "failed to set 5g txpower %d: %d\n",
2950 			    tx_power_5g, ret);
2951 		return ret;
2952 	}
2953 
2954 	return 0;
2955 }
2956 
2957 static int ath10k_mac_txpower_recalc(struct ath10k *ar)
2958 {
2959 	struct ath10k_vif *arvif;
2960 	int ret, txpower = -1;
2961 
2962 	lockdep_assert_held(&ar->conf_mutex);
2963 
2964 	list_for_each_entry(arvif, &ar->arvifs, list) {
2965 		/* txpower not initialized yet? */
2966 		if (arvif->txpower == INT_MIN)
2967 			continue;
2968 
2969 		if (txpower == -1)
2970 			txpower = arvif->txpower;
2971 		else
2972 			txpower = min(txpower, arvif->txpower);
2973 	}
2974 
2975 	if (txpower == -1)
2976 		return 0;
2977 
2978 	ret = ath10k_mac_txpower_setup(ar, txpower);
2979 	if (ret) {
2980 		ath10k_warn(ar, "failed to setup tx power %d: %d\n",
2981 			    txpower, ret);
2982 		return ret;
2983 	}
2984 
2985 	return 0;
2986 }
2987 
2988 static int ath10k_mac_set_sar_power(struct ath10k *ar)
2989 {
2990 	if (!ar->hw_params.dynamic_sar_support)
2991 		return -EOPNOTSUPP;
2992 
2993 	if (!ath10k_mac_is_connected(ar))
2994 		return 0;
2995 
2996 	/* if connected, then arvif->txpower must be valid */
2997 	return ath10k_mac_txpower_recalc(ar);
2998 }
2999 
3000 static int ath10k_mac_set_sar_specs(struct ieee80211_hw *hw,
3001 				    const struct cfg80211_sar_specs *sar)
3002 {
3003 	const struct cfg80211_sar_sub_specs *sub_specs;
3004 	struct ath10k *ar = hw->priv;
3005 	u32 i;
3006 	int ret;
3007 
3008 	mutex_lock(&ar->conf_mutex);
3009 
3010 	if (!ar->hw_params.dynamic_sar_support) {
3011 		ret = -EOPNOTSUPP;
3012 		goto err;
3013 	}
3014 
3015 	if (!sar || sar->type != NL80211_SAR_TYPE_POWER ||
3016 	    sar->num_sub_specs == 0) {
3017 		ret = -EINVAL;
3018 		goto err;
3019 	}
3020 
3021 	sub_specs = sar->sub_specs;
3022 
3023 	/* 0dbm is not a practical value for ath10k, so use 0
3024 	 * as no SAR limitation on it.
3025 	 */
3026 	ar->tx_power_2g_limit = 0;
3027 	ar->tx_power_5g_limit = 0;
3028 
3029 	/* note the power is in 0.25dbm unit, while ath10k uses
3030 	 * 0.5dbm unit.
3031 	 */
3032 	for (i = 0; i < sar->num_sub_specs; i++) {
3033 		if (sub_specs->freq_range_index == 0)
3034 			ar->tx_power_2g_limit = sub_specs->power / 2;
3035 		else if (sub_specs->freq_range_index == 1)
3036 			ar->tx_power_5g_limit = sub_specs->power / 2;
3037 
3038 		sub_specs++;
3039 	}
3040 
3041 	ret = ath10k_mac_set_sar_power(ar);
3042 	if (ret) {
3043 		ath10k_warn(ar, "failed to set sar power: %d", ret);
3044 		goto err;
3045 	}
3046 
3047 err:
3048 	mutex_unlock(&ar->conf_mutex);
3049 	return ret;
3050 }
3051 
3052 /* can be called only in mac80211 callbacks due to `key_count` usage */
3053 static void ath10k_bss_assoc(struct ieee80211_hw *hw,
3054 			     struct ieee80211_vif *vif,
3055 			     struct ieee80211_bss_conf *bss_conf)
3056 {
3057 	struct ath10k *ar = hw->priv;
3058 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3059 	struct ieee80211_sta_ht_cap ht_cap;
3060 	struct ieee80211_sta_vht_cap vht_cap;
3061 	struct wmi_peer_assoc_complete_arg peer_arg;
3062 	struct ieee80211_sta *ap_sta;
3063 	int ret;
3064 
3065 	lockdep_assert_held(&ar->conf_mutex);
3066 
3067 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i assoc bssid %pM aid %d\n",
3068 		   arvif->vdev_id, arvif->bssid, arvif->aid);
3069 
3070 	rcu_read_lock();
3071 
3072 	ap_sta = ieee80211_find_sta(vif, bss_conf->bssid);
3073 	if (!ap_sta) {
3074 		ath10k_warn(ar, "failed to find station entry for bss %pM vdev %i\n",
3075 			    bss_conf->bssid, arvif->vdev_id);
3076 		rcu_read_unlock();
3077 		return;
3078 	}
3079 
3080 	/* ap_sta must be accessed only within rcu section which must be left
3081 	 * before calling ath10k_setup_peer_smps() which might sleep.
3082 	 */
3083 	ht_cap = ap_sta->deflink.ht_cap;
3084 	vht_cap = ap_sta->deflink.vht_cap;
3085 
3086 	ret = ath10k_peer_assoc_prepare(ar, vif, ap_sta, &peer_arg);
3087 	if (ret) {
3088 		ath10k_warn(ar, "failed to prepare peer assoc for %pM vdev %i: %d\n",
3089 			    bss_conf->bssid, arvif->vdev_id, ret);
3090 		rcu_read_unlock();
3091 		return;
3092 	}
3093 
3094 	rcu_read_unlock();
3095 
3096 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3097 	if (ret) {
3098 		ath10k_warn(ar, "failed to run peer assoc for %pM vdev %i: %d\n",
3099 			    bss_conf->bssid, arvif->vdev_id, ret);
3100 		return;
3101 	}
3102 
3103 	ret = ath10k_setup_peer_smps(ar, arvif, bss_conf->bssid, &ht_cap);
3104 	if (ret) {
3105 		ath10k_warn(ar, "failed to setup peer SMPS for vdev %i: %d\n",
3106 			    arvif->vdev_id, ret);
3107 		return;
3108 	}
3109 
3110 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3111 	if (ret) {
3112 		ath10k_warn(ar, "failed to recalc txbf for vdev %i on bss %pM: %d\n",
3113 			    arvif->vdev_id, bss_conf->bssid, ret);
3114 		return;
3115 	}
3116 
3117 	ath10k_dbg(ar, ATH10K_DBG_MAC,
3118 		   "mac vdev %d up (associated) bssid %pM aid %d\n",
3119 		   arvif->vdev_id, bss_conf->bssid, bss_conf->aid);
3120 
3121 	WARN_ON(arvif->is_up);
3122 
3123 	arvif->aid = bss_conf->aid;
3124 	ether_addr_copy(arvif->bssid, bss_conf->bssid);
3125 
3126 	ret = ath10k_wmi_pdev_set_param(ar,
3127 					ar->wmi.pdev_param->peer_stats_info_enable, 1);
3128 	if (ret)
3129 		ath10k_warn(ar, "failed to enable peer stats info: %d\n", ret);
3130 
3131 	ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, arvif->aid, arvif->bssid);
3132 	if (ret) {
3133 		ath10k_warn(ar, "failed to set vdev %d up: %d\n",
3134 			    arvif->vdev_id, ret);
3135 		return;
3136 	}
3137 
3138 	arvif->is_up = true;
3139 
3140 	ath10k_mac_set_sar_power(ar);
3141 
3142 	/* Workaround: Some firmware revisions (tested with qca6174
3143 	 * WLAN.RM.2.0-00073) have buggy powersave state machine and must be
3144 	 * poked with peer param command.
3145 	 */
3146 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, arvif->bssid,
3147 					ar->wmi.peer_param->dummy_var, 1);
3148 	if (ret) {
3149 		ath10k_warn(ar, "failed to poke peer %pM param for ps workaround on vdev %i: %d\n",
3150 			    arvif->bssid, arvif->vdev_id, ret);
3151 		return;
3152 	}
3153 }
3154 
3155 static void ath10k_bss_disassoc(struct ieee80211_hw *hw,
3156 				struct ieee80211_vif *vif)
3157 {
3158 	struct ath10k *ar = hw->priv;
3159 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3160 	struct ieee80211_sta_vht_cap vht_cap = {};
3161 	int ret;
3162 
3163 	lockdep_assert_held(&ar->conf_mutex);
3164 
3165 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i disassoc bssid %pM\n",
3166 		   arvif->vdev_id, arvif->bssid);
3167 
3168 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
3169 	if (ret)
3170 		ath10k_warn(ar, "failed to down vdev %i: %d\n",
3171 			    arvif->vdev_id, ret);
3172 
3173 	arvif->def_wep_key_idx = -1;
3174 
3175 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3176 	if (ret) {
3177 		ath10k_warn(ar, "failed to recalc txbf for vdev %i: %d\n",
3178 			    arvif->vdev_id, ret);
3179 		return;
3180 	}
3181 
3182 	arvif->is_up = false;
3183 
3184 	ath10k_mac_txpower_recalc(ar);
3185 
3186 	cancel_delayed_work_sync(&arvif->connection_loss_work);
3187 }
3188 
3189 static int ath10k_new_peer_tid_config(struct ath10k *ar,
3190 				      struct ieee80211_sta *sta,
3191 				      struct ath10k_vif *arvif)
3192 {
3193 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
3194 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
3195 	bool config_apply;
3196 	int ret, i;
3197 
3198 	for (i = 0; i < ATH10K_TID_MAX; i++) {
3199 		config_apply = false;
3200 		if (arvif->retry_long[i] || arvif->ampdu[i] ||
3201 		    arvif->rate_ctrl[i] || arvif->rtscts[i]) {
3202 			config_apply = true;
3203 			arg.tid = i;
3204 			arg.vdev_id = arvif->vdev_id;
3205 			arg.retry_count = arvif->retry_long[i];
3206 			arg.aggr_control = arvif->ampdu[i];
3207 			arg.rate_ctrl = arvif->rate_ctrl[i];
3208 			arg.rcode_flags = arvif->rate_code[i];
3209 
3210 			if (arvif->rtscts[i])
3211 				arg.ext_tid_cfg_bitmap =
3212 					WMI_EXT_TID_RTS_CTS_CONFIG;
3213 			else
3214 				arg.ext_tid_cfg_bitmap = 0;
3215 
3216 			arg.rtscts_ctrl = arvif->rtscts[i];
3217 		}
3218 
3219 		if (arvif->noack[i]) {
3220 			arg.ack_policy = arvif->noack[i];
3221 			arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
3222 			arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
3223 			config_apply = true;
3224 		}
3225 
3226 		/* Assign default value(-1) to newly connected station.
3227 		 * This is to identify station specific tid configuration not
3228 		 * configured for the station.
3229 		 */
3230 		arsta->retry_long[i] = -1;
3231 		arsta->noack[i] = -1;
3232 		arsta->ampdu[i] = -1;
3233 
3234 		if (!config_apply)
3235 			continue;
3236 
3237 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
3238 
3239 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
3240 		if (ret) {
3241 			ath10k_warn(ar, "failed to set per tid retry/aggr config for sta %pM: %d\n",
3242 				    sta->addr, ret);
3243 			return ret;
3244 		}
3245 
3246 		memset(&arg, 0, sizeof(arg));
3247 	}
3248 
3249 	return 0;
3250 }
3251 
3252 static int ath10k_station_assoc(struct ath10k *ar,
3253 				struct ieee80211_vif *vif,
3254 				struct ieee80211_sta *sta,
3255 				bool reassoc)
3256 {
3257 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3258 	struct wmi_peer_assoc_complete_arg peer_arg;
3259 	int ret = 0;
3260 
3261 	lockdep_assert_held(&ar->conf_mutex);
3262 
3263 	ret = ath10k_peer_assoc_prepare(ar, vif, sta, &peer_arg);
3264 	if (ret) {
3265 		ath10k_warn(ar, "failed to prepare WMI peer assoc for %pM vdev %i: %i\n",
3266 			    sta->addr, arvif->vdev_id, ret);
3267 		return ret;
3268 	}
3269 
3270 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3271 	if (ret) {
3272 		ath10k_warn(ar, "failed to run peer assoc for STA %pM vdev %i: %d\n",
3273 			    sta->addr, arvif->vdev_id, ret);
3274 		return ret;
3275 	}
3276 
3277 	/* Re-assoc is run only to update supported rates for given station. It
3278 	 * doesn't make much sense to reconfigure the peer completely.
3279 	 */
3280 	if (!reassoc) {
3281 		ret = ath10k_setup_peer_smps(ar, arvif, sta->addr,
3282 					     &sta->deflink.ht_cap);
3283 		if (ret) {
3284 			ath10k_warn(ar, "failed to setup peer SMPS for vdev %d: %d\n",
3285 				    arvif->vdev_id, ret);
3286 			return ret;
3287 		}
3288 
3289 		ret = ath10k_peer_assoc_qos_ap(ar, arvif, sta);
3290 		if (ret) {
3291 			ath10k_warn(ar, "failed to set qos params for STA %pM for vdev %i: %d\n",
3292 				    sta->addr, arvif->vdev_id, ret);
3293 			return ret;
3294 		}
3295 
3296 		if (!sta->wme) {
3297 			arvif->num_legacy_stations++;
3298 			ret  = ath10k_recalc_rtscts_prot(arvif);
3299 			if (ret) {
3300 				ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3301 					    arvif->vdev_id, ret);
3302 				return ret;
3303 			}
3304 		}
3305 
3306 		/* Plumb cached keys only for static WEP */
3307 		if ((arvif->def_wep_key_idx != -1) && (!sta->tdls)) {
3308 			ret = ath10k_install_peer_wep_keys(arvif, sta->addr);
3309 			if (ret) {
3310 				ath10k_warn(ar, "failed to install peer wep keys for vdev %i: %d\n",
3311 					    arvif->vdev_id, ret);
3312 				return ret;
3313 			}
3314 		}
3315 	}
3316 
3317 	if (!test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map))
3318 		return ret;
3319 
3320 	return ath10k_new_peer_tid_config(ar, sta, arvif);
3321 }
3322 
3323 static int ath10k_station_disassoc(struct ath10k *ar,
3324 				   struct ieee80211_vif *vif,
3325 				   struct ieee80211_sta *sta)
3326 {
3327 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3328 	int ret = 0;
3329 
3330 	lockdep_assert_held(&ar->conf_mutex);
3331 
3332 	if (!sta->wme) {
3333 		arvif->num_legacy_stations--;
3334 		ret = ath10k_recalc_rtscts_prot(arvif);
3335 		if (ret) {
3336 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3337 				    arvif->vdev_id, ret);
3338 			return ret;
3339 		}
3340 	}
3341 
3342 	ret = ath10k_clear_peer_keys(arvif, sta->addr);
3343 	if (ret) {
3344 		ath10k_warn(ar, "failed to clear all peer wep keys for vdev %i: %d\n",
3345 			    arvif->vdev_id, ret);
3346 		return ret;
3347 	}
3348 
3349 	return ret;
3350 }
3351 
3352 /**************/
3353 /* Regulatory */
3354 /**************/
3355 
3356 static int ath10k_update_channel_list(struct ath10k *ar)
3357 {
3358 	struct ieee80211_hw *hw = ar->hw;
3359 	struct ieee80211_supported_band **bands;
3360 	enum nl80211_band band;
3361 	struct ieee80211_channel *channel;
3362 	struct wmi_scan_chan_list_arg arg = {0};
3363 	struct wmi_channel_arg *ch;
3364 	bool passive;
3365 	int len;
3366 	int ret;
3367 	int i;
3368 
3369 	lockdep_assert_held(&ar->conf_mutex);
3370 
3371 	bands = hw->wiphy->bands;
3372 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3373 		if (!bands[band])
3374 			continue;
3375 
3376 		for (i = 0; i < bands[band]->n_channels; i++) {
3377 			if (bands[band]->channels[i].flags &
3378 			    IEEE80211_CHAN_DISABLED)
3379 				continue;
3380 
3381 			arg.n_channels++;
3382 		}
3383 	}
3384 
3385 	len = sizeof(struct wmi_channel_arg) * arg.n_channels;
3386 	arg.channels = kzalloc(len, GFP_KERNEL);
3387 	if (!arg.channels)
3388 		return -ENOMEM;
3389 
3390 	ch = arg.channels;
3391 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3392 		if (!bands[band])
3393 			continue;
3394 
3395 		for (i = 0; i < bands[band]->n_channels; i++) {
3396 			channel = &bands[band]->channels[i];
3397 
3398 			if (channel->flags & IEEE80211_CHAN_DISABLED)
3399 				continue;
3400 
3401 			ch->allow_ht = true;
3402 
3403 			/* FIXME: when should we really allow VHT? */
3404 			ch->allow_vht = true;
3405 
3406 			ch->allow_ibss =
3407 				!(channel->flags & IEEE80211_CHAN_NO_IR);
3408 
3409 			ch->ht40plus =
3410 				!(channel->flags & IEEE80211_CHAN_NO_HT40PLUS);
3411 
3412 			ch->chan_radar =
3413 				!!(channel->flags & IEEE80211_CHAN_RADAR);
3414 
3415 			passive = channel->flags & IEEE80211_CHAN_NO_IR;
3416 			ch->passive = passive;
3417 
3418 			/* the firmware is ignoring the "radar" flag of the
3419 			 * channel and is scanning actively using Probe Requests
3420 			 * on "Radar detection"/DFS channels which are not
3421 			 * marked as "available"
3422 			 */
3423 			ch->passive |= ch->chan_radar;
3424 
3425 			ch->freq = channel->center_freq;
3426 			ch->band_center_freq1 = channel->center_freq;
3427 			ch->min_power = 0;
3428 			ch->max_power = channel->max_power * 2;
3429 			ch->max_reg_power = channel->max_reg_power * 2;
3430 			ch->max_antenna_gain = channel->max_antenna_gain;
3431 			ch->reg_class_id = 0; /* FIXME */
3432 
3433 			/* FIXME: why use only legacy modes, why not any
3434 			 * HT/VHT modes? Would that even make any
3435 			 * difference?
3436 			 */
3437 			if (channel->band == NL80211_BAND_2GHZ)
3438 				ch->mode = MODE_11G;
3439 			else
3440 				ch->mode = MODE_11A;
3441 
3442 			if (WARN_ON_ONCE(ch->mode == MODE_UNKNOWN))
3443 				continue;
3444 
3445 			ath10k_dbg(ar, ATH10K_DBG_WMI,
3446 				   "mac channel [%zd/%d] freq %d maxpower %d regpower %d antenna %d mode %d\n",
3447 				    ch - arg.channels, arg.n_channels,
3448 				   ch->freq, ch->max_power, ch->max_reg_power,
3449 				   ch->max_antenna_gain, ch->mode);
3450 
3451 			ch++;
3452 		}
3453 	}
3454 
3455 	ret = ath10k_wmi_scan_chan_list(ar, &arg);
3456 	kfree(arg.channels);
3457 
3458 	return ret;
3459 }
3460 
3461 static enum wmi_dfs_region
3462 ath10k_mac_get_dfs_region(enum nl80211_dfs_regions dfs_region)
3463 {
3464 	switch (dfs_region) {
3465 	case NL80211_DFS_UNSET:
3466 		return WMI_UNINIT_DFS_DOMAIN;
3467 	case NL80211_DFS_FCC:
3468 		return WMI_FCC_DFS_DOMAIN;
3469 	case NL80211_DFS_ETSI:
3470 		return WMI_ETSI_DFS_DOMAIN;
3471 	case NL80211_DFS_JP:
3472 		return WMI_MKK4_DFS_DOMAIN;
3473 	}
3474 	return WMI_UNINIT_DFS_DOMAIN;
3475 }
3476 
3477 static void ath10k_regd_update(struct ath10k *ar)
3478 {
3479 	struct reg_dmn_pair_mapping *regpair;
3480 	int ret;
3481 	enum wmi_dfs_region wmi_dfs_reg;
3482 	enum nl80211_dfs_regions nl_dfs_reg;
3483 
3484 	lockdep_assert_held(&ar->conf_mutex);
3485 
3486 	ret = ath10k_update_channel_list(ar);
3487 	if (ret)
3488 		ath10k_warn(ar, "failed to update channel list: %d\n", ret);
3489 
3490 	regpair = ar->ath_common.regulatory.regpair;
3491 
3492 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3493 		nl_dfs_reg = ar->dfs_detector->region;
3494 		wmi_dfs_reg = ath10k_mac_get_dfs_region(nl_dfs_reg);
3495 	} else {
3496 		wmi_dfs_reg = WMI_UNINIT_DFS_DOMAIN;
3497 	}
3498 
3499 	/* Target allows setting up per-band regdomain but ath_common provides
3500 	 * a combined one only
3501 	 */
3502 	ret = ath10k_wmi_pdev_set_regdomain(ar,
3503 					    regpair->reg_domain,
3504 					    regpair->reg_domain, /* 2ghz */
3505 					    regpair->reg_domain, /* 5ghz */
3506 					    regpair->reg_2ghz_ctl,
3507 					    regpair->reg_5ghz_ctl,
3508 					    wmi_dfs_reg);
3509 	if (ret)
3510 		ath10k_warn(ar, "failed to set pdev regdomain: %d\n", ret);
3511 }
3512 
3513 static void ath10k_mac_update_channel_list(struct ath10k *ar,
3514 					   struct ieee80211_supported_band *band)
3515 {
3516 	int i;
3517 
3518 	if (ar->low_5ghz_chan && ar->high_5ghz_chan) {
3519 		for (i = 0; i < band->n_channels; i++) {
3520 			if (band->channels[i].center_freq < ar->low_5ghz_chan ||
3521 			    band->channels[i].center_freq > ar->high_5ghz_chan)
3522 				band->channels[i].flags |=
3523 					IEEE80211_CHAN_DISABLED;
3524 		}
3525 	}
3526 }
3527 
3528 static void ath10k_reg_notifier(struct wiphy *wiphy,
3529 				struct regulatory_request *request)
3530 {
3531 	struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
3532 	struct ath10k *ar = hw->priv;
3533 	bool result;
3534 
3535 	ath_reg_notifier_apply(wiphy, request, &ar->ath_common.regulatory);
3536 
3537 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3538 		ath10k_dbg(ar, ATH10K_DBG_REGULATORY, "dfs region 0x%x\n",
3539 			   request->dfs_region);
3540 		result = ar->dfs_detector->set_dfs_domain(ar->dfs_detector,
3541 							  request->dfs_region);
3542 		if (!result)
3543 			ath10k_warn(ar, "DFS region 0x%X not supported, will trigger radar for every pulse\n",
3544 				    request->dfs_region);
3545 	}
3546 
3547 	mutex_lock(&ar->conf_mutex);
3548 	if (ar->state == ATH10K_STATE_ON)
3549 		ath10k_regd_update(ar);
3550 	mutex_unlock(&ar->conf_mutex);
3551 
3552 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
3553 		ath10k_mac_update_channel_list(ar,
3554 					       ar->hw->wiphy->bands[NL80211_BAND_5GHZ]);
3555 }
3556 
3557 static void ath10k_stop_radar_confirmation(struct ath10k *ar)
3558 {
3559 	spin_lock_bh(&ar->data_lock);
3560 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_STOPPED;
3561 	spin_unlock_bh(&ar->data_lock);
3562 
3563 	cancel_work_sync(&ar->radar_confirmation_work);
3564 }
3565 
3566 /***************/
3567 /* TX handlers */
3568 /***************/
3569 
3570 enum ath10k_mac_tx_path {
3571 	ATH10K_MAC_TX_HTT,
3572 	ATH10K_MAC_TX_HTT_MGMT,
3573 	ATH10K_MAC_TX_WMI_MGMT,
3574 	ATH10K_MAC_TX_UNKNOWN,
3575 };
3576 
3577 void ath10k_mac_tx_lock(struct ath10k *ar, int reason)
3578 {
3579 	lockdep_assert_held(&ar->htt.tx_lock);
3580 
3581 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3582 	ar->tx_paused |= BIT(reason);
3583 	ieee80211_stop_queues(ar->hw);
3584 }
3585 
3586 static void ath10k_mac_tx_unlock_iter(void *data, u8 *mac,
3587 				      struct ieee80211_vif *vif)
3588 {
3589 	struct ath10k *ar = data;
3590 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3591 
3592 	if (arvif->tx_paused)
3593 		return;
3594 
3595 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3596 }
3597 
3598 void ath10k_mac_tx_unlock(struct ath10k *ar, int reason)
3599 {
3600 	lockdep_assert_held(&ar->htt.tx_lock);
3601 
3602 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3603 	ar->tx_paused &= ~BIT(reason);
3604 
3605 	if (ar->tx_paused)
3606 		return;
3607 
3608 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3609 						   ATH10K_ITER_RESUME_FLAGS,
3610 						   ath10k_mac_tx_unlock_iter,
3611 						   ar);
3612 
3613 	ieee80211_wake_queue(ar->hw, ar->hw->offchannel_tx_hw_queue);
3614 }
3615 
3616 void ath10k_mac_vif_tx_lock(struct ath10k_vif *arvif, int reason)
3617 {
3618 	struct ath10k *ar = arvif->ar;
3619 
3620 	lockdep_assert_held(&ar->htt.tx_lock);
3621 
3622 	WARN_ON(reason >= BITS_PER_LONG);
3623 	arvif->tx_paused |= BIT(reason);
3624 	ieee80211_stop_queue(ar->hw, arvif->vdev_id);
3625 }
3626 
3627 void ath10k_mac_vif_tx_unlock(struct ath10k_vif *arvif, int reason)
3628 {
3629 	struct ath10k *ar = arvif->ar;
3630 
3631 	lockdep_assert_held(&ar->htt.tx_lock);
3632 
3633 	WARN_ON(reason >= BITS_PER_LONG);
3634 	arvif->tx_paused &= ~BIT(reason);
3635 
3636 	if (ar->tx_paused)
3637 		return;
3638 
3639 	if (arvif->tx_paused)
3640 		return;
3641 
3642 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3643 }
3644 
3645 static void ath10k_mac_vif_handle_tx_pause(struct ath10k_vif *arvif,
3646 					   enum wmi_tlv_tx_pause_id pause_id,
3647 					   enum wmi_tlv_tx_pause_action action)
3648 {
3649 	struct ath10k *ar = arvif->ar;
3650 
3651 	lockdep_assert_held(&ar->htt.tx_lock);
3652 
3653 	switch (action) {
3654 	case WMI_TLV_TX_PAUSE_ACTION_STOP:
3655 		ath10k_mac_vif_tx_lock(arvif, pause_id);
3656 		break;
3657 	case WMI_TLV_TX_PAUSE_ACTION_WAKE:
3658 		ath10k_mac_vif_tx_unlock(arvif, pause_id);
3659 		break;
3660 	default:
3661 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
3662 			   "received unknown tx pause action %d on vdev %i, ignoring\n",
3663 			    action, arvif->vdev_id);
3664 		break;
3665 	}
3666 }
3667 
3668 struct ath10k_mac_tx_pause {
3669 	u32 vdev_id;
3670 	enum wmi_tlv_tx_pause_id pause_id;
3671 	enum wmi_tlv_tx_pause_action action;
3672 };
3673 
3674 static void ath10k_mac_handle_tx_pause_iter(void *data, u8 *mac,
3675 					    struct ieee80211_vif *vif)
3676 {
3677 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3678 	struct ath10k_mac_tx_pause *arg = data;
3679 
3680 	if (arvif->vdev_id != arg->vdev_id)
3681 		return;
3682 
3683 	ath10k_mac_vif_handle_tx_pause(arvif, arg->pause_id, arg->action);
3684 }
3685 
3686 void ath10k_mac_handle_tx_pause_vdev(struct ath10k *ar, u32 vdev_id,
3687 				     enum wmi_tlv_tx_pause_id pause_id,
3688 				     enum wmi_tlv_tx_pause_action action)
3689 {
3690 	struct ath10k_mac_tx_pause arg = {
3691 		.vdev_id = vdev_id,
3692 		.pause_id = pause_id,
3693 		.action = action,
3694 	};
3695 
3696 	spin_lock_bh(&ar->htt.tx_lock);
3697 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3698 						   ATH10K_ITER_RESUME_FLAGS,
3699 						   ath10k_mac_handle_tx_pause_iter,
3700 						   &arg);
3701 	spin_unlock_bh(&ar->htt.tx_lock);
3702 }
3703 
3704 static enum ath10k_hw_txrx_mode
3705 ath10k_mac_tx_h_get_txmode(struct ath10k *ar,
3706 			   struct ieee80211_vif *vif,
3707 			   struct ieee80211_sta *sta,
3708 			   struct sk_buff *skb)
3709 {
3710 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3711 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
3712 	__le16 fc = hdr->frame_control;
3713 
3714 	if (!vif || vif->type == NL80211_IFTYPE_MONITOR)
3715 		return ATH10K_HW_TXRX_RAW;
3716 
3717 	if (ieee80211_is_mgmt(fc))
3718 		return ATH10K_HW_TXRX_MGMT;
3719 
3720 	/* Workaround:
3721 	 *
3722 	 * NullFunc frames are mostly used to ping if a client or AP are still
3723 	 * reachable and responsive. This implies tx status reports must be
3724 	 * accurate - otherwise either mac80211 or userspace (e.g. hostapd) can
3725 	 * come to a conclusion that the other end disappeared and tear down
3726 	 * BSS connection or it can never disconnect from BSS/client (which is
3727 	 * the case).
3728 	 *
3729 	 * Firmware with HTT older than 3.0 delivers incorrect tx status for
3730 	 * NullFunc frames to driver. However there's a HTT Mgmt Tx command
3731 	 * which seems to deliver correct tx reports for NullFunc frames. The
3732 	 * downside of using it is it ignores client powersave state so it can
3733 	 * end up disconnecting sleeping clients in AP mode. It should fix STA
3734 	 * mode though because AP don't sleep.
3735 	 */
3736 	if (ar->htt.target_version_major < 3 &&
3737 	    (ieee80211_is_nullfunc(fc) || ieee80211_is_qos_nullfunc(fc)) &&
3738 	    !test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3739 		      ar->running_fw->fw_file.fw_features))
3740 		return ATH10K_HW_TXRX_MGMT;
3741 
3742 	/* Workaround:
3743 	 *
3744 	 * Some wmi-tlv firmwares for qca6174 have broken Tx key selection for
3745 	 * NativeWifi txmode - it selects AP key instead of peer key. It seems
3746 	 * to work with Ethernet txmode so use it.
3747 	 *
3748 	 * FIXME: Check if raw mode works with TDLS.
3749 	 */
3750 	if (ieee80211_is_data_present(fc) && sta && sta->tdls)
3751 		return ATH10K_HW_TXRX_ETHERNET;
3752 
3753 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) ||
3754 	    skb_cb->flags & ATH10K_SKB_F_RAW_TX)
3755 		return ATH10K_HW_TXRX_RAW;
3756 
3757 	return ATH10K_HW_TXRX_NATIVE_WIFI;
3758 }
3759 
3760 static bool ath10k_tx_h_use_hwcrypto(struct ieee80211_vif *vif,
3761 				     struct sk_buff *skb)
3762 {
3763 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3764 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3765 	const u32 mask = IEEE80211_TX_INTFL_DONT_ENCRYPT |
3766 			 IEEE80211_TX_CTL_INJECTED;
3767 
3768 	if (!ieee80211_has_protected(hdr->frame_control))
3769 		return false;
3770 
3771 	if ((info->flags & mask) == mask)
3772 		return false;
3773 
3774 	if (vif)
3775 		return !((struct ath10k_vif *)vif->drv_priv)->nohwcrypt;
3776 
3777 	return true;
3778 }
3779 
3780 /* HTT Tx uses Native Wifi tx mode which expects 802.11 frames without QoS
3781  * Control in the header.
3782  */
3783 static void ath10k_tx_h_nwifi(struct ieee80211_hw *hw, struct sk_buff *skb)
3784 {
3785 	struct ieee80211_hdr *hdr = (void *)skb->data;
3786 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3787 	u8 *qos_ctl;
3788 
3789 	if (!ieee80211_is_data_qos(hdr->frame_control))
3790 		return;
3791 
3792 	qos_ctl = ieee80211_get_qos_ctl(hdr);
3793 	memmove(skb->data + IEEE80211_QOS_CTL_LEN,
3794 		skb->data, (void *)qos_ctl - (void *)skb->data);
3795 	skb_pull(skb, IEEE80211_QOS_CTL_LEN);
3796 
3797 	/* Some firmware revisions don't handle sending QoS NullFunc well.
3798 	 * These frames are mainly used for CQM purposes so it doesn't really
3799 	 * matter whether QoS NullFunc or NullFunc are sent.
3800 	 */
3801 	hdr = (void *)skb->data;
3802 	if (ieee80211_is_qos_nullfunc(hdr->frame_control))
3803 		cb->flags &= ~ATH10K_SKB_F_QOS;
3804 
3805 	hdr->frame_control &= ~__cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
3806 }
3807 
3808 static void ath10k_tx_h_8023(struct sk_buff *skb)
3809 {
3810 	struct ieee80211_hdr *hdr;
3811 	struct rfc1042_hdr *rfc1042;
3812 	struct ethhdr *eth;
3813 	size_t hdrlen;
3814 	u8 da[ETH_ALEN];
3815 	u8 sa[ETH_ALEN];
3816 	__be16 type;
3817 
3818 	hdr = (void *)skb->data;
3819 	hdrlen = ieee80211_hdrlen(hdr->frame_control);
3820 	rfc1042 = (void *)skb->data + hdrlen;
3821 
3822 	ether_addr_copy(da, ieee80211_get_DA(hdr));
3823 	ether_addr_copy(sa, ieee80211_get_SA(hdr));
3824 	type = rfc1042->snap_type;
3825 
3826 	skb_pull(skb, hdrlen + sizeof(*rfc1042));
3827 	skb_push(skb, sizeof(*eth));
3828 
3829 	eth = (void *)skb->data;
3830 	ether_addr_copy(eth->h_dest, da);
3831 	ether_addr_copy(eth->h_source, sa);
3832 	eth->h_proto = type;
3833 }
3834 
3835 static void ath10k_tx_h_add_p2p_noa_ie(struct ath10k *ar,
3836 				       struct ieee80211_vif *vif,
3837 				       struct sk_buff *skb)
3838 {
3839 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
3840 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3841 
3842 	/* This is case only for P2P_GO */
3843 	if (vif->type != NL80211_IFTYPE_AP || !vif->p2p)
3844 		return;
3845 
3846 	if (unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
3847 		spin_lock_bh(&ar->data_lock);
3848 		if (arvif->u.ap.noa_data)
3849 			if (!pskb_expand_head(skb, 0, arvif->u.ap.noa_len,
3850 					      GFP_ATOMIC))
3851 				skb_put_data(skb, arvif->u.ap.noa_data,
3852 					     arvif->u.ap.noa_len);
3853 		spin_unlock_bh(&ar->data_lock);
3854 	}
3855 }
3856 
3857 static void ath10k_mac_tx_h_fill_cb(struct ath10k *ar,
3858 				    struct ieee80211_vif *vif,
3859 				    struct ieee80211_txq *txq,
3860 				    struct ieee80211_sta *sta,
3861 				    struct sk_buff *skb, u16 airtime)
3862 {
3863 	struct ieee80211_hdr *hdr = (void *)skb->data;
3864 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3865 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3866 	bool is_data = ieee80211_is_data(hdr->frame_control) ||
3867 			ieee80211_is_data_qos(hdr->frame_control);
3868 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3869 	struct ath10k_sta *arsta;
3870 	u8 tid, *qos_ctl;
3871 	bool noack = false;
3872 
3873 	cb->flags = 0;
3874 	if (!ath10k_tx_h_use_hwcrypto(vif, skb))
3875 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3876 
3877 	if (ieee80211_is_mgmt(hdr->frame_control))
3878 		cb->flags |= ATH10K_SKB_F_MGMT;
3879 
3880 	if (ieee80211_is_data_qos(hdr->frame_control)) {
3881 		cb->flags |= ATH10K_SKB_F_QOS;
3882 		qos_ctl = ieee80211_get_qos_ctl(hdr);
3883 		tid = (*qos_ctl) & IEEE80211_QOS_CTL_TID_MASK;
3884 
3885 		if (arvif->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3886 			noack = true;
3887 
3888 		if (sta) {
3889 			arsta = (struct ath10k_sta *)sta->drv_priv;
3890 
3891 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3892 				noack = true;
3893 
3894 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_ACK)
3895 				noack = false;
3896 		}
3897 
3898 		if (noack)
3899 			cb->flags |= ATH10K_SKB_F_NOACK_TID;
3900 	}
3901 
3902 	/* Data frames encrypted in software will be posted to firmware
3903 	 * with tx encap mode set to RAW. Ex: Multicast traffic generated
3904 	 * for a specific VLAN group will always be encrypted in software.
3905 	 */
3906 	if (is_data && ieee80211_has_protected(hdr->frame_control) &&
3907 	    !info->control.hw_key) {
3908 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3909 		cb->flags |= ATH10K_SKB_F_RAW_TX;
3910 	}
3911 
3912 	cb->vif = vif;
3913 	cb->txq = txq;
3914 	cb->airtime_est = airtime;
3915 	if (sta) {
3916 		arsta = (struct ath10k_sta *)sta->drv_priv;
3917 		spin_lock_bh(&ar->data_lock);
3918 		cb->ucast_cipher = arsta->ucast_cipher;
3919 		spin_unlock_bh(&ar->data_lock);
3920 	}
3921 }
3922 
3923 bool ath10k_mac_tx_frm_has_freq(struct ath10k *ar)
3924 {
3925 	/* FIXME: Not really sure since when the behaviour changed. At some
3926 	 * point new firmware stopped requiring creation of peer entries for
3927 	 * offchannel tx (and actually creating them causes issues with wmi-htc
3928 	 * tx credit replenishment and reliability). Assuming it's at least 3.4
3929 	 * because that's when the `freq` was introduced to TX_FRM HTT command.
3930 	 */
3931 	return (ar->htt.target_version_major >= 3 &&
3932 		ar->htt.target_version_minor >= 4 &&
3933 		ar->running_fw->fw_file.htt_op_version == ATH10K_FW_HTT_OP_VERSION_TLV);
3934 }
3935 
3936 static int ath10k_mac_tx_wmi_mgmt(struct ath10k *ar, struct sk_buff *skb)
3937 {
3938 	struct sk_buff_head *q = &ar->wmi_mgmt_tx_queue;
3939 
3940 	if (skb_queue_len_lockless(q) >= ATH10K_MAX_NUM_MGMT_PENDING) {
3941 		ath10k_warn(ar, "wmi mgmt tx queue is full\n");
3942 		return -ENOSPC;
3943 	}
3944 
3945 	skb_queue_tail(q, skb);
3946 	ieee80211_queue_work(ar->hw, &ar->wmi_mgmt_tx_work);
3947 
3948 	return 0;
3949 }
3950 
3951 static enum ath10k_mac_tx_path
3952 ath10k_mac_tx_h_get_txpath(struct ath10k *ar,
3953 			   struct sk_buff *skb,
3954 			   enum ath10k_hw_txrx_mode txmode)
3955 {
3956 	switch (txmode) {
3957 	case ATH10K_HW_TXRX_RAW:
3958 	case ATH10K_HW_TXRX_NATIVE_WIFI:
3959 	case ATH10K_HW_TXRX_ETHERNET:
3960 		return ATH10K_MAC_TX_HTT;
3961 	case ATH10K_HW_TXRX_MGMT:
3962 		if (test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3963 			     ar->running_fw->fw_file.fw_features) ||
3964 			     test_bit(WMI_SERVICE_MGMT_TX_WMI,
3965 				      ar->wmi.svc_map))
3966 			return ATH10K_MAC_TX_WMI_MGMT;
3967 		else if (ar->htt.target_version_major >= 3)
3968 			return ATH10K_MAC_TX_HTT;
3969 		else
3970 			return ATH10K_MAC_TX_HTT_MGMT;
3971 	}
3972 
3973 	return ATH10K_MAC_TX_UNKNOWN;
3974 }
3975 
3976 static int ath10k_mac_tx_submit(struct ath10k *ar,
3977 				enum ath10k_hw_txrx_mode txmode,
3978 				enum ath10k_mac_tx_path txpath,
3979 				struct sk_buff *skb)
3980 {
3981 	struct ath10k_htt *htt = &ar->htt;
3982 	int ret = -EINVAL;
3983 
3984 	switch (txpath) {
3985 	case ATH10K_MAC_TX_HTT:
3986 		ret = ath10k_htt_tx(htt, txmode, skb);
3987 		break;
3988 	case ATH10K_MAC_TX_HTT_MGMT:
3989 		ret = ath10k_htt_mgmt_tx(htt, skb);
3990 		break;
3991 	case ATH10K_MAC_TX_WMI_MGMT:
3992 		ret = ath10k_mac_tx_wmi_mgmt(ar, skb);
3993 		break;
3994 	case ATH10K_MAC_TX_UNKNOWN:
3995 		WARN_ON_ONCE(1);
3996 		ret = -EINVAL;
3997 		break;
3998 	}
3999 
4000 	if (ret) {
4001 		ath10k_warn(ar, "failed to transmit packet, dropping: %d\n",
4002 			    ret);
4003 		ieee80211_free_txskb(ar->hw, skb);
4004 	}
4005 
4006 	return ret;
4007 }
4008 
4009 /* This function consumes the sk_buff regardless of return value as far as
4010  * caller is concerned so no freeing is necessary afterwards.
4011  */
4012 static int ath10k_mac_tx(struct ath10k *ar,
4013 			 struct ieee80211_vif *vif,
4014 			 enum ath10k_hw_txrx_mode txmode,
4015 			 enum ath10k_mac_tx_path txpath,
4016 			 struct sk_buff *skb, bool noque_offchan)
4017 {
4018 	struct ieee80211_hw *hw = ar->hw;
4019 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4020 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
4021 	int ret;
4022 
4023 	/* We should disable CCK RATE due to P2P */
4024 	if (info->flags & IEEE80211_TX_CTL_NO_CCK_RATE)
4025 		ath10k_dbg(ar, ATH10K_DBG_MAC, "IEEE80211_TX_CTL_NO_CCK_RATE\n");
4026 
4027 	switch (txmode) {
4028 	case ATH10K_HW_TXRX_MGMT:
4029 	case ATH10K_HW_TXRX_NATIVE_WIFI:
4030 		ath10k_tx_h_nwifi(hw, skb);
4031 		ath10k_tx_h_add_p2p_noa_ie(ar, vif, skb);
4032 		ath10k_tx_h_seq_no(vif, skb);
4033 		break;
4034 	case ATH10K_HW_TXRX_ETHERNET:
4035 		ath10k_tx_h_8023(skb);
4036 		break;
4037 	case ATH10K_HW_TXRX_RAW:
4038 		if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) &&
4039 		    !(skb_cb->flags & ATH10K_SKB_F_RAW_TX)) {
4040 			WARN_ON_ONCE(1);
4041 			ieee80211_free_txskb(hw, skb);
4042 			return -ENOTSUPP;
4043 		}
4044 	}
4045 
4046 	if (!noque_offchan && info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) {
4047 		if (!ath10k_mac_tx_frm_has_freq(ar)) {
4048 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac queued offchannel skb %pK len %d\n",
4049 				   skb, skb->len);
4050 
4051 			skb_queue_tail(&ar->offchan_tx_queue, skb);
4052 			ieee80211_queue_work(hw, &ar->offchan_tx_work);
4053 			return 0;
4054 		}
4055 	}
4056 
4057 	ret = ath10k_mac_tx_submit(ar, txmode, txpath, skb);
4058 	if (ret) {
4059 		ath10k_warn(ar, "failed to submit frame: %d\n", ret);
4060 		return ret;
4061 	}
4062 
4063 	return 0;
4064 }
4065 
4066 void ath10k_offchan_tx_purge(struct ath10k *ar)
4067 {
4068 	struct sk_buff *skb;
4069 
4070 	for (;;) {
4071 		skb = skb_dequeue(&ar->offchan_tx_queue);
4072 		if (!skb)
4073 			break;
4074 
4075 		ieee80211_free_txskb(ar->hw, skb);
4076 	}
4077 }
4078 
4079 void ath10k_offchan_tx_work(struct work_struct *work)
4080 {
4081 	struct ath10k *ar = container_of(work, struct ath10k, offchan_tx_work);
4082 	struct ath10k_peer *peer;
4083 	struct ath10k_vif *arvif;
4084 	enum ath10k_hw_txrx_mode txmode;
4085 	enum ath10k_mac_tx_path txpath;
4086 	struct ieee80211_hdr *hdr;
4087 	struct ieee80211_vif *vif;
4088 	struct ieee80211_sta *sta;
4089 	struct sk_buff *skb;
4090 	const u8 *peer_addr;
4091 	int vdev_id;
4092 	int ret;
4093 	unsigned long time_left;
4094 	bool tmp_peer_created = false;
4095 
4096 	/* FW requirement: We must create a peer before FW will send out
4097 	 * an offchannel frame. Otherwise the frame will be stuck and
4098 	 * never transmitted. We delete the peer upon tx completion.
4099 	 * It is unlikely that a peer for offchannel tx will already be
4100 	 * present. However it may be in some rare cases so account for that.
4101 	 * Otherwise we might remove a legitimate peer and break stuff.
4102 	 */
4103 
4104 	for (;;) {
4105 		skb = skb_dequeue(&ar->offchan_tx_queue);
4106 		if (!skb)
4107 			break;
4108 
4109 		mutex_lock(&ar->conf_mutex);
4110 
4111 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac offchannel skb %pK len %d\n",
4112 			   skb, skb->len);
4113 
4114 		hdr = (struct ieee80211_hdr *)skb->data;
4115 		peer_addr = ieee80211_get_DA(hdr);
4116 
4117 		spin_lock_bh(&ar->data_lock);
4118 		vdev_id = ar->scan.vdev_id;
4119 		peer = ath10k_peer_find(ar, vdev_id, peer_addr);
4120 		spin_unlock_bh(&ar->data_lock);
4121 
4122 		if (peer) {
4123 			ath10k_warn(ar, "peer %pM on vdev %d already present\n",
4124 				    peer_addr, vdev_id);
4125 		} else {
4126 			ret = ath10k_peer_create(ar, NULL, NULL, vdev_id,
4127 						 peer_addr,
4128 						 WMI_PEER_TYPE_DEFAULT);
4129 			if (ret)
4130 				ath10k_warn(ar, "failed to create peer %pM on vdev %d: %d\n",
4131 					    peer_addr, vdev_id, ret);
4132 			tmp_peer_created = (ret == 0);
4133 		}
4134 
4135 		spin_lock_bh(&ar->data_lock);
4136 		reinit_completion(&ar->offchan_tx_completed);
4137 		ar->offchan_tx_skb = skb;
4138 		spin_unlock_bh(&ar->data_lock);
4139 
4140 		/* It's safe to access vif and sta - conf_mutex guarantees that
4141 		 * sta_state() and remove_interface() are locked exclusively
4142 		 * out wrt to this offchannel worker.
4143 		 */
4144 		arvif = ath10k_get_arvif(ar, vdev_id);
4145 		if (arvif) {
4146 			vif = arvif->vif;
4147 			sta = ieee80211_find_sta(vif, peer_addr);
4148 		} else {
4149 			vif = NULL;
4150 			sta = NULL;
4151 		}
4152 
4153 		txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4154 		txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4155 
4156 		ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, true);
4157 		if (ret) {
4158 			ath10k_warn(ar, "failed to transmit offchannel frame: %d\n",
4159 				    ret);
4160 			/* not serious */
4161 		}
4162 
4163 		time_left =
4164 		wait_for_completion_timeout(&ar->offchan_tx_completed, 3 * HZ);
4165 		if (time_left == 0)
4166 			ath10k_warn(ar, "timed out waiting for offchannel skb %pK, len: %d\n",
4167 				    skb, skb->len);
4168 
4169 		if (!peer && tmp_peer_created) {
4170 			ret = ath10k_peer_delete(ar, vdev_id, peer_addr);
4171 			if (ret)
4172 				ath10k_warn(ar, "failed to delete peer %pM on vdev %d: %d\n",
4173 					    peer_addr, vdev_id, ret);
4174 		}
4175 
4176 		mutex_unlock(&ar->conf_mutex);
4177 	}
4178 }
4179 
4180 void ath10k_mgmt_over_wmi_tx_purge(struct ath10k *ar)
4181 {
4182 	struct sk_buff *skb;
4183 
4184 	for (;;) {
4185 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4186 		if (!skb)
4187 			break;
4188 
4189 		ieee80211_free_txskb(ar->hw, skb);
4190 	}
4191 }
4192 
4193 void ath10k_mgmt_over_wmi_tx_work(struct work_struct *work)
4194 {
4195 	struct ath10k *ar = container_of(work, struct ath10k, wmi_mgmt_tx_work);
4196 	struct sk_buff *skb;
4197 	dma_addr_t paddr;
4198 	int ret;
4199 
4200 	for (;;) {
4201 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4202 		if (!skb)
4203 			break;
4204 
4205 		if (test_bit(ATH10K_FW_FEATURE_MGMT_TX_BY_REF,
4206 			     ar->running_fw->fw_file.fw_features)) {
4207 			paddr = dma_map_single(ar->dev, skb->data,
4208 					       skb->len, DMA_TO_DEVICE);
4209 			if (dma_mapping_error(ar->dev, paddr)) {
4210 				ieee80211_free_txskb(ar->hw, skb);
4211 				continue;
4212 			}
4213 			ret = ath10k_wmi_mgmt_tx_send(ar, skb, paddr);
4214 			if (ret) {
4215 				ath10k_warn(ar, "failed to transmit management frame by ref via WMI: %d\n",
4216 					    ret);
4217 				/* remove this msdu from idr tracking */
4218 				ath10k_wmi_cleanup_mgmt_tx_send(ar, skb);
4219 
4220 				dma_unmap_single(ar->dev, paddr, skb->len,
4221 						 DMA_TO_DEVICE);
4222 				ieee80211_free_txskb(ar->hw, skb);
4223 			}
4224 		} else {
4225 			ret = ath10k_wmi_mgmt_tx(ar, skb);
4226 			if (ret) {
4227 				ath10k_warn(ar, "failed to transmit management frame via WMI: %d\n",
4228 					    ret);
4229 				ieee80211_free_txskb(ar->hw, skb);
4230 			}
4231 		}
4232 	}
4233 }
4234 
4235 static void ath10k_mac_txq_init(struct ieee80211_txq *txq)
4236 {
4237 	struct ath10k_txq *artxq;
4238 
4239 	if (!txq)
4240 		return;
4241 
4242 	artxq = (void *)txq->drv_priv;
4243 	INIT_LIST_HEAD(&artxq->list);
4244 }
4245 
4246 static void ath10k_mac_txq_unref(struct ath10k *ar, struct ieee80211_txq *txq)
4247 {
4248 	struct ath10k_skb_cb *cb;
4249 	struct sk_buff *msdu;
4250 	int msdu_id;
4251 
4252 	if (!txq)
4253 		return;
4254 
4255 	spin_lock_bh(&ar->htt.tx_lock);
4256 	idr_for_each_entry(&ar->htt.pending_tx, msdu, msdu_id) {
4257 		cb = ATH10K_SKB_CB(msdu);
4258 		if (cb->txq == txq)
4259 			cb->txq = NULL;
4260 	}
4261 	spin_unlock_bh(&ar->htt.tx_lock);
4262 }
4263 
4264 struct ieee80211_txq *ath10k_mac_txq_lookup(struct ath10k *ar,
4265 					    u16 peer_id,
4266 					    u8 tid)
4267 {
4268 	struct ath10k_peer *peer;
4269 
4270 	lockdep_assert_held(&ar->data_lock);
4271 
4272 	peer = ar->peer_map[peer_id];
4273 	if (!peer)
4274 		return NULL;
4275 
4276 	if (peer->removed)
4277 		return NULL;
4278 
4279 	if (peer->sta)
4280 		return peer->sta->txq[tid];
4281 	else if (peer->vif)
4282 		return peer->vif->txq;
4283 	else
4284 		return NULL;
4285 }
4286 
4287 static bool ath10k_mac_tx_can_push(struct ieee80211_hw *hw,
4288 				   struct ieee80211_txq *txq)
4289 {
4290 	struct ath10k *ar = hw->priv;
4291 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4292 
4293 	/* No need to get locks */
4294 	if (ar->htt.tx_q_state.mode == HTT_TX_MODE_SWITCH_PUSH)
4295 		return true;
4296 
4297 	if (ar->htt.num_pending_tx < ar->htt.tx_q_state.num_push_allowed)
4298 		return true;
4299 
4300 	if (artxq->num_fw_queued < artxq->num_push_allowed)
4301 		return true;
4302 
4303 	return false;
4304 }
4305 
4306 /* Return estimated airtime in microsecond, which is calculated using last
4307  * reported TX rate. This is just a rough estimation because host driver has no
4308  * knowledge of the actual transmit rate, retries or aggregation. If actual
4309  * airtime can be reported by firmware, then delta between estimated and actual
4310  * airtime can be adjusted from deficit.
4311  */
4312 #define IEEE80211_ATF_OVERHEAD		100	/* IFS + some slot time */
4313 #define IEEE80211_ATF_OVERHEAD_IFS	16	/* IFS only */
4314 static u16 ath10k_mac_update_airtime(struct ath10k *ar,
4315 				     struct ieee80211_txq *txq,
4316 				     struct sk_buff *skb)
4317 {
4318 	struct ath10k_sta *arsta;
4319 	u32 pktlen;
4320 	u16 airtime = 0;
4321 
4322 	if (!txq || !txq->sta)
4323 		return airtime;
4324 
4325 	if (test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
4326 		return airtime;
4327 
4328 	spin_lock_bh(&ar->data_lock);
4329 	arsta = (struct ath10k_sta *)txq->sta->drv_priv;
4330 
4331 	pktlen = skb->len + 38; /* Assume MAC header 30, SNAP 8 for most case */
4332 	if (arsta->last_tx_bitrate) {
4333 		/* airtime in us, last_tx_bitrate in 100kbps */
4334 		airtime = (pktlen * 8 * (1000 / 100))
4335 				/ arsta->last_tx_bitrate;
4336 		/* overhead for media access time and IFS */
4337 		airtime += IEEE80211_ATF_OVERHEAD_IFS;
4338 	} else {
4339 		/* This is mostly for throttle excessive BC/MC frames, and the
4340 		 * airtime/rate doesn't need be exact. Airtime of BC/MC frames
4341 		 * in 2G get some discount, which helps prevent very low rate
4342 		 * frames from being blocked for too long.
4343 		 */
4344 		airtime = (pktlen * 8 * (1000 / 100)) / 60; /* 6M */
4345 		airtime += IEEE80211_ATF_OVERHEAD;
4346 	}
4347 	spin_unlock_bh(&ar->data_lock);
4348 
4349 	return airtime;
4350 }
4351 
4352 int ath10k_mac_tx_push_txq(struct ieee80211_hw *hw,
4353 			   struct ieee80211_txq *txq)
4354 {
4355 	struct ath10k *ar = hw->priv;
4356 	struct ath10k_htt *htt = &ar->htt;
4357 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4358 	struct ieee80211_vif *vif = txq->vif;
4359 	struct ieee80211_sta *sta = txq->sta;
4360 	enum ath10k_hw_txrx_mode txmode;
4361 	enum ath10k_mac_tx_path txpath;
4362 	struct sk_buff *skb;
4363 	struct ieee80211_hdr *hdr;
4364 	size_t skb_len;
4365 	bool is_mgmt, is_presp;
4366 	int ret;
4367 	u16 airtime;
4368 
4369 	spin_lock_bh(&ar->htt.tx_lock);
4370 	ret = ath10k_htt_tx_inc_pending(htt);
4371 	spin_unlock_bh(&ar->htt.tx_lock);
4372 
4373 	if (ret)
4374 		return ret;
4375 
4376 	skb = ieee80211_tx_dequeue_ni(hw, txq);
4377 	if (!skb) {
4378 		spin_lock_bh(&ar->htt.tx_lock);
4379 		ath10k_htt_tx_dec_pending(htt);
4380 		spin_unlock_bh(&ar->htt.tx_lock);
4381 
4382 		return -ENOENT;
4383 	}
4384 
4385 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4386 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4387 
4388 	skb_len = skb->len;
4389 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4390 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4391 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4392 
4393 	if (is_mgmt) {
4394 		hdr = (struct ieee80211_hdr *)skb->data;
4395 		is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4396 
4397 		spin_lock_bh(&ar->htt.tx_lock);
4398 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4399 
4400 		if (ret) {
4401 			ath10k_htt_tx_dec_pending(htt);
4402 			spin_unlock_bh(&ar->htt.tx_lock);
4403 			return ret;
4404 		}
4405 		spin_unlock_bh(&ar->htt.tx_lock);
4406 	}
4407 
4408 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4409 	if (unlikely(ret)) {
4410 		ath10k_warn(ar, "failed to push frame: %d\n", ret);
4411 
4412 		spin_lock_bh(&ar->htt.tx_lock);
4413 		ath10k_htt_tx_dec_pending(htt);
4414 		if (is_mgmt)
4415 			ath10k_htt_tx_mgmt_dec_pending(htt);
4416 		spin_unlock_bh(&ar->htt.tx_lock);
4417 
4418 		return ret;
4419 	}
4420 
4421 	spin_lock_bh(&ar->htt.tx_lock);
4422 	artxq->num_fw_queued++;
4423 	spin_unlock_bh(&ar->htt.tx_lock);
4424 
4425 	return skb_len;
4426 }
4427 
4428 static int ath10k_mac_schedule_txq(struct ieee80211_hw *hw, u32 ac)
4429 {
4430 	struct ieee80211_txq *txq;
4431 	int ret = 0;
4432 
4433 	ieee80211_txq_schedule_start(hw, ac);
4434 	while ((txq = ieee80211_next_txq(hw, ac))) {
4435 		while (ath10k_mac_tx_can_push(hw, txq)) {
4436 			ret = ath10k_mac_tx_push_txq(hw, txq);
4437 			if (ret < 0)
4438 				break;
4439 		}
4440 		ieee80211_return_txq(hw, txq, false);
4441 		ath10k_htt_tx_txq_update(hw, txq);
4442 		if (ret == -EBUSY)
4443 			break;
4444 	}
4445 	ieee80211_txq_schedule_end(hw, ac);
4446 
4447 	return ret;
4448 }
4449 
4450 void ath10k_mac_tx_push_pending(struct ath10k *ar)
4451 {
4452 	struct ieee80211_hw *hw = ar->hw;
4453 	u32 ac;
4454 
4455 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4456 		return;
4457 
4458 	if (ar->htt.num_pending_tx >= (ar->htt.max_num_pending_tx / 2))
4459 		return;
4460 
4461 	rcu_read_lock();
4462 	for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
4463 		if (ath10k_mac_schedule_txq(hw, ac) == -EBUSY)
4464 			break;
4465 	}
4466 	rcu_read_unlock();
4467 }
4468 EXPORT_SYMBOL(ath10k_mac_tx_push_pending);
4469 
4470 /************/
4471 /* Scanning */
4472 /************/
4473 
4474 void __ath10k_scan_finish(struct ath10k *ar)
4475 {
4476 	lockdep_assert_held(&ar->data_lock);
4477 
4478 	switch (ar->scan.state) {
4479 	case ATH10K_SCAN_IDLE:
4480 		break;
4481 	case ATH10K_SCAN_RUNNING:
4482 	case ATH10K_SCAN_ABORTING:
4483 		if (!ar->scan.is_roc) {
4484 			struct cfg80211_scan_info info = {
4485 				.aborted = (ar->scan.state ==
4486 					    ATH10K_SCAN_ABORTING),
4487 			};
4488 
4489 			ieee80211_scan_completed(ar->hw, &info);
4490 		} else if (ar->scan.roc_notify) {
4491 			ieee80211_remain_on_channel_expired(ar->hw);
4492 		}
4493 		fallthrough;
4494 	case ATH10K_SCAN_STARTING:
4495 		ar->scan.state = ATH10K_SCAN_IDLE;
4496 		ar->scan_channel = NULL;
4497 		ar->scan.roc_freq = 0;
4498 		ath10k_offchan_tx_purge(ar);
4499 		cancel_delayed_work(&ar->scan.timeout);
4500 		complete(&ar->scan.completed);
4501 		break;
4502 	}
4503 }
4504 
4505 void ath10k_scan_finish(struct ath10k *ar)
4506 {
4507 	spin_lock_bh(&ar->data_lock);
4508 	__ath10k_scan_finish(ar);
4509 	spin_unlock_bh(&ar->data_lock);
4510 }
4511 
4512 static int ath10k_scan_stop(struct ath10k *ar)
4513 {
4514 	struct wmi_stop_scan_arg arg = {
4515 		.req_id = 1, /* FIXME */
4516 		.req_type = WMI_SCAN_STOP_ONE,
4517 		.u.scan_id = ATH10K_SCAN_ID,
4518 	};
4519 	int ret;
4520 
4521 	lockdep_assert_held(&ar->conf_mutex);
4522 
4523 	ret = ath10k_wmi_stop_scan(ar, &arg);
4524 	if (ret) {
4525 		ath10k_warn(ar, "failed to stop wmi scan: %d\n", ret);
4526 		goto out;
4527 	}
4528 
4529 	ret = wait_for_completion_timeout(&ar->scan.completed, 3 * HZ);
4530 	if (ret == 0) {
4531 		ath10k_warn(ar, "failed to receive scan abortion completion: timed out\n");
4532 		ret = -ETIMEDOUT;
4533 	} else if (ret > 0) {
4534 		ret = 0;
4535 	}
4536 
4537 out:
4538 	/* Scan state should be updated upon scan completion but in case
4539 	 * firmware fails to deliver the event (for whatever reason) it is
4540 	 * desired to clean up scan state anyway. Firmware may have just
4541 	 * dropped the scan completion event delivery due to transport pipe
4542 	 * being overflown with data and/or it can recover on its own before
4543 	 * next scan request is submitted.
4544 	 */
4545 	spin_lock_bh(&ar->data_lock);
4546 	if (ar->scan.state != ATH10K_SCAN_IDLE)
4547 		__ath10k_scan_finish(ar);
4548 	spin_unlock_bh(&ar->data_lock);
4549 
4550 	return ret;
4551 }
4552 
4553 static void ath10k_scan_abort(struct ath10k *ar)
4554 {
4555 	int ret;
4556 
4557 	lockdep_assert_held(&ar->conf_mutex);
4558 
4559 	spin_lock_bh(&ar->data_lock);
4560 
4561 	switch (ar->scan.state) {
4562 	case ATH10K_SCAN_IDLE:
4563 		/* This can happen if timeout worker kicked in and called
4564 		 * abortion while scan completion was being processed.
4565 		 */
4566 		break;
4567 	case ATH10K_SCAN_STARTING:
4568 	case ATH10K_SCAN_ABORTING:
4569 		ath10k_warn(ar, "refusing scan abortion due to invalid scan state: %s (%d)\n",
4570 			    ath10k_scan_state_str(ar->scan.state),
4571 			    ar->scan.state);
4572 		break;
4573 	case ATH10K_SCAN_RUNNING:
4574 		ar->scan.state = ATH10K_SCAN_ABORTING;
4575 		spin_unlock_bh(&ar->data_lock);
4576 
4577 		ret = ath10k_scan_stop(ar);
4578 		if (ret)
4579 			ath10k_warn(ar, "failed to abort scan: %d\n", ret);
4580 
4581 		spin_lock_bh(&ar->data_lock);
4582 		break;
4583 	}
4584 
4585 	spin_unlock_bh(&ar->data_lock);
4586 }
4587 
4588 void ath10k_scan_timeout_work(struct work_struct *work)
4589 {
4590 	struct ath10k *ar = container_of(work, struct ath10k,
4591 					 scan.timeout.work);
4592 
4593 	mutex_lock(&ar->conf_mutex);
4594 	ath10k_scan_abort(ar);
4595 	mutex_unlock(&ar->conf_mutex);
4596 }
4597 
4598 static int ath10k_start_scan(struct ath10k *ar,
4599 			     const struct wmi_start_scan_arg *arg)
4600 {
4601 	int ret;
4602 
4603 	lockdep_assert_held(&ar->conf_mutex);
4604 
4605 	ret = ath10k_wmi_start_scan(ar, arg);
4606 	if (ret)
4607 		return ret;
4608 
4609 	ret = wait_for_completion_timeout(&ar->scan.started, 1 * HZ);
4610 	if (ret == 0) {
4611 		ret = ath10k_scan_stop(ar);
4612 		if (ret)
4613 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
4614 
4615 		return -ETIMEDOUT;
4616 	}
4617 
4618 	/* If we failed to start the scan, return error code at
4619 	 * this point.  This is probably due to some issue in the
4620 	 * firmware, but no need to wedge the driver due to that...
4621 	 */
4622 	spin_lock_bh(&ar->data_lock);
4623 	if (ar->scan.state == ATH10K_SCAN_IDLE) {
4624 		spin_unlock_bh(&ar->data_lock);
4625 		return -EINVAL;
4626 	}
4627 	spin_unlock_bh(&ar->data_lock);
4628 
4629 	return 0;
4630 }
4631 
4632 /**********************/
4633 /* mac80211 callbacks */
4634 /**********************/
4635 
4636 static void ath10k_mac_op_tx(struct ieee80211_hw *hw,
4637 			     struct ieee80211_tx_control *control,
4638 			     struct sk_buff *skb)
4639 {
4640 	struct ath10k *ar = hw->priv;
4641 	struct ath10k_htt *htt = &ar->htt;
4642 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4643 	struct ieee80211_vif *vif = info->control.vif;
4644 	struct ieee80211_sta *sta = control->sta;
4645 	struct ieee80211_txq *txq = NULL;
4646 	struct ieee80211_hdr *hdr = (void *)skb->data;
4647 	enum ath10k_hw_txrx_mode txmode;
4648 	enum ath10k_mac_tx_path txpath;
4649 	bool is_htt;
4650 	bool is_mgmt;
4651 	bool is_presp;
4652 	int ret;
4653 	u16 airtime;
4654 
4655 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4656 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4657 
4658 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4659 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4660 	is_htt = (txpath == ATH10K_MAC_TX_HTT ||
4661 		  txpath == ATH10K_MAC_TX_HTT_MGMT);
4662 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4663 
4664 	if (is_htt) {
4665 		spin_lock_bh(&ar->htt.tx_lock);
4666 		is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4667 
4668 		ret = ath10k_htt_tx_inc_pending(htt);
4669 		if (ret) {
4670 			ath10k_warn(ar, "failed to increase tx pending count: %d, dropping\n",
4671 				    ret);
4672 			spin_unlock_bh(&ar->htt.tx_lock);
4673 			ieee80211_free_txskb(ar->hw, skb);
4674 			return;
4675 		}
4676 
4677 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4678 		if (ret) {
4679 			ath10k_dbg(ar, ATH10K_DBG_MAC, "failed to increase tx mgmt pending count: %d, dropping\n",
4680 				   ret);
4681 			ath10k_htt_tx_dec_pending(htt);
4682 			spin_unlock_bh(&ar->htt.tx_lock);
4683 			ieee80211_free_txskb(ar->hw, skb);
4684 			return;
4685 		}
4686 		spin_unlock_bh(&ar->htt.tx_lock);
4687 	}
4688 
4689 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4690 	if (ret) {
4691 		ath10k_warn(ar, "failed to transmit frame: %d\n", ret);
4692 		if (is_htt) {
4693 			spin_lock_bh(&ar->htt.tx_lock);
4694 			ath10k_htt_tx_dec_pending(htt);
4695 			if (is_mgmt)
4696 				ath10k_htt_tx_mgmt_dec_pending(htt);
4697 			spin_unlock_bh(&ar->htt.tx_lock);
4698 		}
4699 		return;
4700 	}
4701 }
4702 
4703 static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw,
4704 					struct ieee80211_txq *txq)
4705 {
4706 	struct ath10k *ar = hw->priv;
4707 	int ret;
4708 	u8 ac;
4709 
4710 	ath10k_htt_tx_txq_update(hw, txq);
4711 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4712 		return;
4713 
4714 	ac = txq->ac;
4715 	ieee80211_txq_schedule_start(hw, ac);
4716 	txq = ieee80211_next_txq(hw, ac);
4717 	if (!txq)
4718 		goto out;
4719 
4720 	while (ath10k_mac_tx_can_push(hw, txq)) {
4721 		ret = ath10k_mac_tx_push_txq(hw, txq);
4722 		if (ret < 0)
4723 			break;
4724 	}
4725 	ieee80211_return_txq(hw, txq, false);
4726 	ath10k_htt_tx_txq_update(hw, txq);
4727 out:
4728 	ieee80211_txq_schedule_end(hw, ac);
4729 }
4730 
4731 /* Must not be called with conf_mutex held as workers can use that also. */
4732 void ath10k_drain_tx(struct ath10k *ar)
4733 {
4734 	lockdep_assert_not_held(&ar->conf_mutex);
4735 
4736 	/* make sure rcu-protected mac80211 tx path itself is drained */
4737 	synchronize_net();
4738 
4739 	ath10k_offchan_tx_purge(ar);
4740 	ath10k_mgmt_over_wmi_tx_purge(ar);
4741 
4742 	cancel_work_sync(&ar->offchan_tx_work);
4743 	cancel_work_sync(&ar->wmi_mgmt_tx_work);
4744 }
4745 
4746 void ath10k_halt(struct ath10k *ar)
4747 {
4748 	struct ath10k_vif *arvif;
4749 
4750 	lockdep_assert_held(&ar->conf_mutex);
4751 
4752 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
4753 	ar->filter_flags = 0;
4754 	ar->monitor = false;
4755 	ar->monitor_arvif = NULL;
4756 
4757 	if (ar->monitor_started)
4758 		ath10k_monitor_stop(ar);
4759 
4760 	ar->monitor_started = false;
4761 	ar->tx_paused = 0;
4762 
4763 	ath10k_scan_finish(ar);
4764 	ath10k_peer_cleanup_all(ar);
4765 	ath10k_stop_radar_confirmation(ar);
4766 	ath10k_core_stop(ar);
4767 	ath10k_hif_power_down(ar);
4768 
4769 	spin_lock_bh(&ar->data_lock);
4770 	list_for_each_entry(arvif, &ar->arvifs, list)
4771 		ath10k_mac_vif_beacon_cleanup(arvif);
4772 	spin_unlock_bh(&ar->data_lock);
4773 }
4774 
4775 static int ath10k_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
4776 {
4777 	struct ath10k *ar = hw->priv;
4778 
4779 	mutex_lock(&ar->conf_mutex);
4780 
4781 	*tx_ant = ar->cfg_tx_chainmask;
4782 	*rx_ant = ar->cfg_rx_chainmask;
4783 
4784 	mutex_unlock(&ar->conf_mutex);
4785 
4786 	return 0;
4787 }
4788 
4789 static bool ath10k_check_chain_mask(struct ath10k *ar, u32 cm, const char *dbg)
4790 {
4791 	/* It is not clear that allowing gaps in chainmask
4792 	 * is helpful.  Probably it will not do what user
4793 	 * is hoping for, so warn in that case.
4794 	 */
4795 	if (cm == 15 || cm == 7 || cm == 3 || cm == 1 || cm == 0)
4796 		return true;
4797 
4798 	ath10k_warn(ar, "mac %s antenna chainmask is invalid: 0x%x.  Suggested values: 15, 7, 3, 1 or 0.\n",
4799 		    dbg, cm);
4800 	return false;
4801 }
4802 
4803 static int ath10k_mac_get_vht_cap_bf_sts(struct ath10k *ar)
4804 {
4805 	int nsts = ar->vht_cap_info;
4806 
4807 	nsts &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4808 	nsts >>= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4809 
4810 	/* If firmware does not deliver to host number of space-time
4811 	 * streams supported, assume it support up to 4 BF STS and return
4812 	 * the value for VHT CAP: nsts-1)
4813 	 */
4814 	if (nsts == 0)
4815 		return 3;
4816 
4817 	return nsts;
4818 }
4819 
4820 static int ath10k_mac_get_vht_cap_bf_sound_dim(struct ath10k *ar)
4821 {
4822 	int sound_dim = ar->vht_cap_info;
4823 
4824 	sound_dim &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4825 	sound_dim >>= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4826 
4827 	/* If the sounding dimension is not advertised by the firmware,
4828 	 * let's use a default value of 1
4829 	 */
4830 	if (sound_dim == 0)
4831 		return 1;
4832 
4833 	return sound_dim;
4834 }
4835 
4836 static struct ieee80211_sta_vht_cap ath10k_create_vht_cap(struct ath10k *ar)
4837 {
4838 	struct ieee80211_sta_vht_cap vht_cap = {0};
4839 	struct ath10k_hw_params *hw = &ar->hw_params;
4840 	u16 mcs_map;
4841 	u32 val;
4842 	int i;
4843 
4844 	vht_cap.vht_supported = 1;
4845 	vht_cap.cap = ar->vht_cap_info;
4846 
4847 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
4848 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
4849 		val = ath10k_mac_get_vht_cap_bf_sts(ar);
4850 		val <<= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4851 		val &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4852 
4853 		vht_cap.cap |= val;
4854 	}
4855 
4856 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
4857 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
4858 		val = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
4859 		val <<= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4860 		val &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4861 
4862 		vht_cap.cap |= val;
4863 	}
4864 
4865 	mcs_map = 0;
4866 	for (i = 0; i < 8; i++) {
4867 		if ((i < ar->num_rf_chains) && (ar->cfg_tx_chainmask & BIT(i)))
4868 			mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
4869 		else
4870 			mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
4871 	}
4872 
4873 	if (ar->cfg_tx_chainmask <= 1)
4874 		vht_cap.cap &= ~IEEE80211_VHT_CAP_TXSTBC;
4875 
4876 	vht_cap.vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
4877 	vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
4878 
4879 	/* If we are supporting 160Mhz or 80+80, then the NIC may be able to do
4880 	 * a restricted NSS for 160 or 80+80 vs what it can do for 80Mhz.  Give
4881 	 * user-space a clue if that is the case.
4882 	 */
4883 	if ((vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) &&
4884 	    (hw->vht160_mcs_rx_highest != 0 ||
4885 	     hw->vht160_mcs_tx_highest != 0)) {
4886 		vht_cap.vht_mcs.rx_highest = cpu_to_le16(hw->vht160_mcs_rx_highest);
4887 		vht_cap.vht_mcs.tx_highest = cpu_to_le16(hw->vht160_mcs_tx_highest);
4888 	}
4889 
4890 	return vht_cap;
4891 }
4892 
4893 static struct ieee80211_sta_ht_cap ath10k_get_ht_cap(struct ath10k *ar)
4894 {
4895 	int i;
4896 	struct ieee80211_sta_ht_cap ht_cap = {0};
4897 
4898 	if (!(ar->ht_cap_info & WMI_HT_CAP_ENABLED))
4899 		return ht_cap;
4900 
4901 	ht_cap.ht_supported = 1;
4902 	ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
4903 	ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_8;
4904 	ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
4905 	ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
4906 	ht_cap.cap |=
4907 		WLAN_HT_CAP_SM_PS_DISABLED << IEEE80211_HT_CAP_SM_PS_SHIFT;
4908 
4909 	if (ar->ht_cap_info & WMI_HT_CAP_HT20_SGI)
4910 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
4911 
4912 	if (ar->ht_cap_info & WMI_HT_CAP_HT40_SGI)
4913 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
4914 
4915 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS) {
4916 		u32 smps;
4917 
4918 		smps   = WLAN_HT_CAP_SM_PS_DYNAMIC;
4919 		smps <<= IEEE80211_HT_CAP_SM_PS_SHIFT;
4920 
4921 		ht_cap.cap |= smps;
4922 	}
4923 
4924 	if (ar->ht_cap_info & WMI_HT_CAP_TX_STBC && (ar->cfg_tx_chainmask > 1))
4925 		ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
4926 
4927 	if (ar->ht_cap_info & WMI_HT_CAP_RX_STBC) {
4928 		u32 stbc;
4929 
4930 		stbc   = ar->ht_cap_info;
4931 		stbc  &= WMI_HT_CAP_RX_STBC;
4932 		stbc >>= WMI_HT_CAP_RX_STBC_MASK_SHIFT;
4933 		stbc <<= IEEE80211_HT_CAP_RX_STBC_SHIFT;
4934 		stbc  &= IEEE80211_HT_CAP_RX_STBC;
4935 
4936 		ht_cap.cap |= stbc;
4937 	}
4938 
4939 	if (ar->ht_cap_info & WMI_HT_CAP_LDPC || (ar->ht_cap_info &
4940 	    WMI_HT_CAP_RX_LDPC && (ar->ht_cap_info & WMI_HT_CAP_TX_LDPC)))
4941 		ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
4942 
4943 	if (ar->ht_cap_info & WMI_HT_CAP_L_SIG_TXOP_PROT)
4944 		ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
4945 
4946 	/* max AMSDU is implicitly taken from vht_cap_info */
4947 	if (ar->vht_cap_info & WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
4948 		ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
4949 
4950 	for (i = 0; i < ar->num_rf_chains; i++) {
4951 		if (ar->cfg_rx_chainmask & BIT(i))
4952 			ht_cap.mcs.rx_mask[i] = 0xFF;
4953 	}
4954 
4955 	ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
4956 
4957 	return ht_cap;
4958 }
4959 
4960 static void ath10k_mac_setup_ht_vht_cap(struct ath10k *ar)
4961 {
4962 	struct ieee80211_supported_band *band;
4963 	struct ieee80211_sta_vht_cap vht_cap;
4964 	struct ieee80211_sta_ht_cap ht_cap;
4965 
4966 	ht_cap = ath10k_get_ht_cap(ar);
4967 	vht_cap = ath10k_create_vht_cap(ar);
4968 
4969 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
4970 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
4971 		band->ht_cap = ht_cap;
4972 	}
4973 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
4974 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
4975 		band->ht_cap = ht_cap;
4976 		band->vht_cap = vht_cap;
4977 	}
4978 }
4979 
4980 static int __ath10k_set_antenna(struct ath10k *ar, u32 tx_ant, u32 rx_ant)
4981 {
4982 	int ret;
4983 	bool is_valid_tx_chain_mask, is_valid_rx_chain_mask;
4984 
4985 	lockdep_assert_held(&ar->conf_mutex);
4986 
4987 	is_valid_tx_chain_mask = ath10k_check_chain_mask(ar, tx_ant, "tx");
4988 	is_valid_rx_chain_mask = ath10k_check_chain_mask(ar, rx_ant, "rx");
4989 
4990 	if (!is_valid_tx_chain_mask || !is_valid_rx_chain_mask)
4991 		return -EINVAL;
4992 
4993 	ar->cfg_tx_chainmask = tx_ant;
4994 	ar->cfg_rx_chainmask = rx_ant;
4995 
4996 	if ((ar->state != ATH10K_STATE_ON) &&
4997 	    (ar->state != ATH10K_STATE_RESTARTED))
4998 		return 0;
4999 
5000 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->tx_chain_mask,
5001 					tx_ant);
5002 	if (ret) {
5003 		ath10k_warn(ar, "failed to set tx-chainmask: %d, req 0x%x\n",
5004 			    ret, tx_ant);
5005 		return ret;
5006 	}
5007 
5008 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rx_chain_mask,
5009 					rx_ant);
5010 	if (ret) {
5011 		ath10k_warn(ar, "failed to set rx-chainmask: %d, req 0x%x\n",
5012 			    ret, rx_ant);
5013 		return ret;
5014 	}
5015 
5016 	/* Reload HT/VHT capability */
5017 	ath10k_mac_setup_ht_vht_cap(ar);
5018 
5019 	return 0;
5020 }
5021 
5022 static int ath10k_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
5023 {
5024 	struct ath10k *ar = hw->priv;
5025 	int ret;
5026 
5027 	mutex_lock(&ar->conf_mutex);
5028 	ret = __ath10k_set_antenna(ar, tx_ant, rx_ant);
5029 	mutex_unlock(&ar->conf_mutex);
5030 	return ret;
5031 }
5032 
5033 static int __ath10k_fetch_bb_timing_dt(struct ath10k *ar,
5034 				       struct wmi_bb_timing_cfg_arg *bb_timing)
5035 {
5036 	struct device_node *node;
5037 	const char *fem_name;
5038 	int ret;
5039 
5040 	node = ar->dev->of_node;
5041 	if (!node)
5042 		return -ENOENT;
5043 
5044 	ret = of_property_read_string_index(node, "ext-fem-name", 0, &fem_name);
5045 	if (ret)
5046 		return -ENOENT;
5047 
5048 	/*
5049 	 * If external Front End module used in hardware, then default base band timing
5050 	 * parameter cannot be used since they were fine tuned for reference hardware,
5051 	 * so choosing different value suitable for that external FEM.
5052 	 */
5053 	if (!strcmp("microsemi-lx5586", fem_name)) {
5054 		bb_timing->bb_tx_timing = 0x00;
5055 		bb_timing->bb_xpa_timing = 0x0101;
5056 	} else {
5057 		return -ENOENT;
5058 	}
5059 
5060 	ath10k_dbg(ar, ATH10K_DBG_BOOT, "boot bb_tx_timing 0x%x bb_xpa_timing 0x%x\n",
5061 		   bb_timing->bb_tx_timing, bb_timing->bb_xpa_timing);
5062 	return 0;
5063 }
5064 
5065 static int ath10k_mac_rfkill_config(struct ath10k *ar)
5066 {
5067 	u32 param;
5068 	int ret;
5069 
5070 	if (ar->hw_values->rfkill_pin == 0) {
5071 		ath10k_warn(ar, "ath10k does not support hardware rfkill with this device\n");
5072 		return -EOPNOTSUPP;
5073 	}
5074 
5075 	ath10k_dbg(ar, ATH10K_DBG_MAC,
5076 		   "mac rfkill_pin %d rfkill_cfg %d rfkill_on_level %d",
5077 		   ar->hw_values->rfkill_pin, ar->hw_values->rfkill_cfg,
5078 		   ar->hw_values->rfkill_on_level);
5079 
5080 	param = FIELD_PREP(WMI_TLV_RFKILL_CFG_RADIO_LEVEL,
5081 			   ar->hw_values->rfkill_on_level) |
5082 		FIELD_PREP(WMI_TLV_RFKILL_CFG_GPIO_PIN_NUM,
5083 			   ar->hw_values->rfkill_pin) |
5084 		FIELD_PREP(WMI_TLV_RFKILL_CFG_PIN_AS_GPIO,
5085 			   ar->hw_values->rfkill_cfg);
5086 
5087 	ret = ath10k_wmi_pdev_set_param(ar,
5088 					ar->wmi.pdev_param->rfkill_config,
5089 					param);
5090 	if (ret) {
5091 		ath10k_warn(ar,
5092 			    "failed to set rfkill config 0x%x: %d\n",
5093 			    param, ret);
5094 		return ret;
5095 	}
5096 	return 0;
5097 }
5098 
5099 int ath10k_mac_rfkill_enable_radio(struct ath10k *ar, bool enable)
5100 {
5101 	enum wmi_tlv_rfkill_enable_radio param;
5102 	int ret;
5103 
5104 	if (enable)
5105 		param = WMI_TLV_RFKILL_ENABLE_RADIO_ON;
5106 	else
5107 		param = WMI_TLV_RFKILL_ENABLE_RADIO_OFF;
5108 
5109 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac rfkill enable %d", param);
5110 
5111 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rfkill_enable,
5112 					param);
5113 	if (ret) {
5114 		ath10k_warn(ar, "failed to set rfkill enable param %d: %d\n",
5115 			    param, ret);
5116 		return ret;
5117 	}
5118 
5119 	return 0;
5120 }
5121 
5122 static int ath10k_start(struct ieee80211_hw *hw)
5123 {
5124 	struct ath10k *ar = hw->priv;
5125 	u32 param;
5126 	int ret = 0;
5127 	struct wmi_bb_timing_cfg_arg bb_timing = {0};
5128 
5129 	/*
5130 	 * This makes sense only when restarting hw. It is harmless to call
5131 	 * unconditionally. This is necessary to make sure no HTT/WMI tx
5132 	 * commands will be submitted while restarting.
5133 	 */
5134 	ath10k_drain_tx(ar);
5135 
5136 	mutex_lock(&ar->conf_mutex);
5137 
5138 	switch (ar->state) {
5139 	case ATH10K_STATE_OFF:
5140 		ar->state = ATH10K_STATE_ON;
5141 		break;
5142 	case ATH10K_STATE_RESTARTING:
5143 		ar->state = ATH10K_STATE_RESTARTED;
5144 		break;
5145 	case ATH10K_STATE_ON:
5146 	case ATH10K_STATE_RESTARTED:
5147 	case ATH10K_STATE_WEDGED:
5148 		WARN_ON(1);
5149 		ret = -EINVAL;
5150 		goto err;
5151 	case ATH10K_STATE_UTF:
5152 		ret = -EBUSY;
5153 		goto err;
5154 	}
5155 
5156 	spin_lock_bh(&ar->data_lock);
5157 
5158 	if (ar->hw_rfkill_on) {
5159 		ar->hw_rfkill_on = false;
5160 		spin_unlock_bh(&ar->data_lock);
5161 		goto err;
5162 	}
5163 
5164 	spin_unlock_bh(&ar->data_lock);
5165 
5166 	ret = ath10k_hif_power_up(ar, ATH10K_FIRMWARE_MODE_NORMAL);
5167 	if (ret) {
5168 		ath10k_err(ar, "Could not init hif: %d\n", ret);
5169 		goto err_off;
5170 	}
5171 
5172 	ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_NORMAL,
5173 				&ar->normal_mode_fw);
5174 	if (ret) {
5175 		ath10k_err(ar, "Could not init core: %d\n", ret);
5176 		goto err_power_down;
5177 	}
5178 
5179 	if (ar->sys_cap_info & WMI_TLV_SYS_CAP_INFO_RFKILL) {
5180 		ret = ath10k_mac_rfkill_config(ar);
5181 		if (ret && ret != -EOPNOTSUPP) {
5182 			ath10k_warn(ar, "failed to configure rfkill: %d", ret);
5183 			goto err_core_stop;
5184 		}
5185 	}
5186 
5187 	param = ar->wmi.pdev_param->pmf_qos;
5188 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5189 	if (ret) {
5190 		ath10k_warn(ar, "failed to enable PMF QOS: %d\n", ret);
5191 		goto err_core_stop;
5192 	}
5193 
5194 	param = ar->wmi.pdev_param->dynamic_bw;
5195 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5196 	if (ret) {
5197 		ath10k_warn(ar, "failed to enable dynamic BW: %d\n", ret);
5198 		goto err_core_stop;
5199 	}
5200 
5201 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
5202 		ret = ath10k_wmi_scan_prob_req_oui(ar, ar->mac_addr);
5203 		if (ret) {
5204 			ath10k_err(ar, "failed to set prob req oui: %i\n", ret);
5205 			goto err_core_stop;
5206 		}
5207 	}
5208 
5209 	if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
5210 		ret = ath10k_wmi_adaptive_qcs(ar, true);
5211 		if (ret) {
5212 			ath10k_warn(ar, "failed to enable adaptive qcs: %d\n",
5213 				    ret);
5214 			goto err_core_stop;
5215 		}
5216 	}
5217 
5218 	if (test_bit(WMI_SERVICE_BURST, ar->wmi.svc_map)) {
5219 		param = ar->wmi.pdev_param->burst_enable;
5220 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5221 		if (ret) {
5222 			ath10k_warn(ar, "failed to disable burst: %d\n", ret);
5223 			goto err_core_stop;
5224 		}
5225 	}
5226 
5227 	param = ar->wmi.pdev_param->idle_ps_config;
5228 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5229 	if (ret && ret != -EOPNOTSUPP) {
5230 		ath10k_warn(ar, "failed to enable idle_ps_config: %d\n", ret);
5231 		goto err_core_stop;
5232 	}
5233 
5234 	__ath10k_set_antenna(ar, ar->cfg_tx_chainmask, ar->cfg_rx_chainmask);
5235 
5236 	/*
5237 	 * By default FW set ARP frames ac to voice (6). In that case ARP
5238 	 * exchange is not working properly for UAPSD enabled AP. ARP requests
5239 	 * which arrives with access category 0 are processed by network stack
5240 	 * and send back with access category 0, but FW changes access category
5241 	 * to 6. Set ARP frames access category to best effort (0) solves
5242 	 * this problem.
5243 	 */
5244 
5245 	param = ar->wmi.pdev_param->arp_ac_override;
5246 	ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5247 	if (ret) {
5248 		ath10k_warn(ar, "failed to set arp ac override parameter: %d\n",
5249 			    ret);
5250 		goto err_core_stop;
5251 	}
5252 
5253 	if (test_bit(ATH10K_FW_FEATURE_SUPPORTS_ADAPTIVE_CCA,
5254 		     ar->running_fw->fw_file.fw_features)) {
5255 		ret = ath10k_wmi_pdev_enable_adaptive_cca(ar, 1,
5256 							  WMI_CCA_DETECT_LEVEL_AUTO,
5257 							  WMI_CCA_DETECT_MARGIN_AUTO);
5258 		if (ret) {
5259 			ath10k_warn(ar, "failed to enable adaptive cca: %d\n",
5260 				    ret);
5261 			goto err_core_stop;
5262 		}
5263 	}
5264 
5265 	param = ar->wmi.pdev_param->ani_enable;
5266 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5267 	if (ret) {
5268 		ath10k_warn(ar, "failed to enable ani by default: %d\n",
5269 			    ret);
5270 		goto err_core_stop;
5271 	}
5272 
5273 	ar->ani_enabled = true;
5274 
5275 	if (ath10k_peer_stats_enabled(ar)) {
5276 		param = ar->wmi.pdev_param->peer_stats_update_period;
5277 		ret = ath10k_wmi_pdev_set_param(ar, param,
5278 						PEER_DEFAULT_STATS_UPDATE_PERIOD);
5279 		if (ret) {
5280 			ath10k_warn(ar,
5281 				    "failed to set peer stats period : %d\n",
5282 				    ret);
5283 			goto err_core_stop;
5284 		}
5285 	}
5286 
5287 	param = ar->wmi.pdev_param->enable_btcoex;
5288 	if (test_bit(WMI_SERVICE_COEX_GPIO, ar->wmi.svc_map) &&
5289 	    test_bit(ATH10K_FW_FEATURE_BTCOEX_PARAM,
5290 		     ar->running_fw->fw_file.fw_features) &&
5291 	    ar->coex_support) {
5292 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5293 		if (ret) {
5294 			ath10k_warn(ar,
5295 				    "failed to set btcoex param: %d\n", ret);
5296 			goto err_core_stop;
5297 		}
5298 		clear_bit(ATH10K_FLAG_BTCOEX, &ar->dev_flags);
5299 	}
5300 
5301 	if (test_bit(WMI_SERVICE_BB_TIMING_CONFIG_SUPPORT, ar->wmi.svc_map)) {
5302 		ret = __ath10k_fetch_bb_timing_dt(ar, &bb_timing);
5303 		if (!ret) {
5304 			ret = ath10k_wmi_pdev_bb_timing(ar, &bb_timing);
5305 			if (ret) {
5306 				ath10k_warn(ar,
5307 					    "failed to set bb timings: %d\n",
5308 					    ret);
5309 				goto err_core_stop;
5310 			}
5311 		}
5312 	}
5313 
5314 	ar->num_started_vdevs = 0;
5315 	ath10k_regd_update(ar);
5316 
5317 	ath10k_spectral_start(ar);
5318 	ath10k_thermal_set_throttling(ar);
5319 
5320 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_IDLE;
5321 
5322 	mutex_unlock(&ar->conf_mutex);
5323 	return 0;
5324 
5325 err_core_stop:
5326 	ath10k_core_stop(ar);
5327 
5328 err_power_down:
5329 	ath10k_hif_power_down(ar);
5330 
5331 err_off:
5332 	ar->state = ATH10K_STATE_OFF;
5333 
5334 err:
5335 	mutex_unlock(&ar->conf_mutex);
5336 	return ret;
5337 }
5338 
5339 static void ath10k_stop(struct ieee80211_hw *hw)
5340 {
5341 	struct ath10k *ar = hw->priv;
5342 	u32 opt;
5343 
5344 	ath10k_drain_tx(ar);
5345 
5346 	mutex_lock(&ar->conf_mutex);
5347 	if (ar->state != ATH10K_STATE_OFF) {
5348 		if (!ar->hw_rfkill_on) {
5349 			/* If the current driver state is RESTARTING but not yet
5350 			 * fully RESTARTED because of incoming suspend event,
5351 			 * then ath10k_halt() is already called via
5352 			 * ath10k_core_restart() and should not be called here.
5353 			 */
5354 			if (ar->state != ATH10K_STATE_RESTARTING) {
5355 				ath10k_halt(ar);
5356 			} else {
5357 				/* Suspending here, because when in RESTARTING
5358 				 * state, ath10k_core_stop() skips
5359 				 * ath10k_wait_for_suspend().
5360 				 */
5361 				opt = WMI_PDEV_SUSPEND_AND_DISABLE_INTR;
5362 				ath10k_wait_for_suspend(ar, opt);
5363 			}
5364 		}
5365 		ar->state = ATH10K_STATE_OFF;
5366 	}
5367 	mutex_unlock(&ar->conf_mutex);
5368 
5369 	cancel_work_sync(&ar->set_coverage_class_work);
5370 	cancel_delayed_work_sync(&ar->scan.timeout);
5371 	cancel_work_sync(&ar->restart_work);
5372 }
5373 
5374 static int ath10k_config_ps(struct ath10k *ar)
5375 {
5376 	struct ath10k_vif *arvif;
5377 	int ret = 0;
5378 
5379 	lockdep_assert_held(&ar->conf_mutex);
5380 
5381 	list_for_each_entry(arvif, &ar->arvifs, list) {
5382 		ret = ath10k_mac_vif_setup_ps(arvif);
5383 		if (ret) {
5384 			ath10k_warn(ar, "failed to setup powersave: %d\n", ret);
5385 			break;
5386 		}
5387 	}
5388 
5389 	return ret;
5390 }
5391 
5392 static int ath10k_config(struct ieee80211_hw *hw, u32 changed)
5393 {
5394 	struct ath10k *ar = hw->priv;
5395 	struct ieee80211_conf *conf = &hw->conf;
5396 	int ret = 0;
5397 
5398 	mutex_lock(&ar->conf_mutex);
5399 
5400 	if (changed & IEEE80211_CONF_CHANGE_PS)
5401 		ath10k_config_ps(ar);
5402 
5403 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
5404 		ar->monitor = conf->flags & IEEE80211_CONF_MONITOR;
5405 		ret = ath10k_monitor_recalc(ar);
5406 		if (ret)
5407 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5408 	}
5409 
5410 	mutex_unlock(&ar->conf_mutex);
5411 	return ret;
5412 }
5413 
5414 static u32 get_nss_from_chainmask(u16 chain_mask)
5415 {
5416 	if ((chain_mask & 0xf) == 0xf)
5417 		return 4;
5418 	else if ((chain_mask & 0x7) == 0x7)
5419 		return 3;
5420 	else if ((chain_mask & 0x3) == 0x3)
5421 		return 2;
5422 	return 1;
5423 }
5424 
5425 static int ath10k_mac_set_txbf_conf(struct ath10k_vif *arvif)
5426 {
5427 	u32 value = 0;
5428 	struct ath10k *ar = arvif->ar;
5429 	int nsts;
5430 	int sound_dim;
5431 
5432 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_BEFORE_ASSOC)
5433 		return 0;
5434 
5435 	nsts = ath10k_mac_get_vht_cap_bf_sts(ar);
5436 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
5437 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE))
5438 		value |= SM(nsts, WMI_TXBF_STS_CAP_OFFSET);
5439 
5440 	sound_dim = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
5441 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
5442 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE))
5443 		value |= SM(sound_dim, WMI_BF_SOUND_DIM_OFFSET);
5444 
5445 	if (!value)
5446 		return 0;
5447 
5448 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
5449 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
5450 
5451 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
5452 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFER |
5453 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFER);
5454 
5455 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
5456 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
5457 
5458 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
5459 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFEE |
5460 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFEE);
5461 
5462 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
5463 					 ar->wmi.vdev_param->txbf, value);
5464 }
5465 
5466 /*
5467  * TODO:
5468  * Figure out how to handle WMI_VDEV_SUBTYPE_P2P_DEVICE,
5469  * because we will send mgmt frames without CCK. This requirement
5470  * for P2P_FIND/GO_NEG should be handled by checking CCK flag
5471  * in the TX packet.
5472  */
5473 static int ath10k_add_interface(struct ieee80211_hw *hw,
5474 				struct ieee80211_vif *vif)
5475 {
5476 	struct ath10k *ar = hw->priv;
5477 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5478 	struct ath10k_peer *peer;
5479 	enum wmi_sta_powersave_param param;
5480 	int ret = 0;
5481 	u32 value;
5482 	int bit;
5483 	int i;
5484 	u32 vdev_param;
5485 
5486 	vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD;
5487 
5488 	mutex_lock(&ar->conf_mutex);
5489 
5490 	memset(arvif, 0, sizeof(*arvif));
5491 	ath10k_mac_txq_init(vif->txq);
5492 
5493 	arvif->ar = ar;
5494 	arvif->vif = vif;
5495 
5496 	INIT_LIST_HEAD(&arvif->list);
5497 	INIT_WORK(&arvif->ap_csa_work, ath10k_mac_vif_ap_csa_work);
5498 	INIT_DELAYED_WORK(&arvif->connection_loss_work,
5499 			  ath10k_mac_vif_sta_connection_loss_work);
5500 
5501 	for (i = 0; i < ARRAY_SIZE(arvif->bitrate_mask.control); i++) {
5502 		arvif->bitrate_mask.control[i].legacy = 0xffffffff;
5503 		memset(arvif->bitrate_mask.control[i].ht_mcs, 0xff,
5504 		       sizeof(arvif->bitrate_mask.control[i].ht_mcs));
5505 		memset(arvif->bitrate_mask.control[i].vht_mcs, 0xff,
5506 		       sizeof(arvif->bitrate_mask.control[i].vht_mcs));
5507 	}
5508 
5509 	if (ar->num_peers >= ar->max_num_peers) {
5510 		ath10k_warn(ar, "refusing vdev creation due to insufficient peer entry resources in firmware\n");
5511 		ret = -ENOBUFS;
5512 		goto err;
5513 	}
5514 
5515 	if (ar->free_vdev_map == 0) {
5516 		ath10k_warn(ar, "Free vdev map is empty, no more interfaces allowed.\n");
5517 		ret = -EBUSY;
5518 		goto err;
5519 	}
5520 	bit = __ffs64(ar->free_vdev_map);
5521 
5522 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac create vdev %i map %llx\n",
5523 		   bit, ar->free_vdev_map);
5524 
5525 	arvif->vdev_id = bit;
5526 	arvif->vdev_subtype =
5527 		ath10k_wmi_get_vdev_subtype(ar, WMI_VDEV_SUBTYPE_NONE);
5528 
5529 	switch (vif->type) {
5530 	case NL80211_IFTYPE_P2P_DEVICE:
5531 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5532 		arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5533 					(ar, WMI_VDEV_SUBTYPE_P2P_DEVICE);
5534 		break;
5535 	case NL80211_IFTYPE_UNSPECIFIED:
5536 	case NL80211_IFTYPE_STATION:
5537 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5538 		if (vif->p2p)
5539 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5540 					(ar, WMI_VDEV_SUBTYPE_P2P_CLIENT);
5541 		break;
5542 	case NL80211_IFTYPE_ADHOC:
5543 		arvif->vdev_type = WMI_VDEV_TYPE_IBSS;
5544 		break;
5545 	case NL80211_IFTYPE_MESH_POINT:
5546 		if (test_bit(WMI_SERVICE_MESH_11S, ar->wmi.svc_map)) {
5547 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5548 						(ar, WMI_VDEV_SUBTYPE_MESH_11S);
5549 		} else if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5550 			ret = -EINVAL;
5551 			ath10k_warn(ar, "must load driver with rawmode=1 to add mesh interfaces\n");
5552 			goto err;
5553 		}
5554 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5555 		break;
5556 	case NL80211_IFTYPE_AP:
5557 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5558 
5559 		if (vif->p2p)
5560 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5561 						(ar, WMI_VDEV_SUBTYPE_P2P_GO);
5562 		break;
5563 	case NL80211_IFTYPE_MONITOR:
5564 		arvif->vdev_type = WMI_VDEV_TYPE_MONITOR;
5565 		break;
5566 	default:
5567 		WARN_ON(1);
5568 		break;
5569 	}
5570 
5571 	/* Using vdev_id as queue number will make it very easy to do per-vif
5572 	 * tx queue locking. This shouldn't wrap due to interface combinations
5573 	 * but do a modulo for correctness sake and prevent using offchannel tx
5574 	 * queues for regular vif tx.
5575 	 */
5576 	vif->cab_queue = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5577 	for (i = 0; i < ARRAY_SIZE(vif->hw_queue); i++)
5578 		vif->hw_queue[i] = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5579 
5580 	/* Some firmware revisions don't wait for beacon tx completion before
5581 	 * sending another SWBA event. This could lead to hardware using old
5582 	 * (freed) beacon data in some cases, e.g. tx credit starvation
5583 	 * combined with missed TBTT. This is very rare.
5584 	 *
5585 	 * On non-IOMMU-enabled hosts this could be a possible security issue
5586 	 * because hw could beacon some random data on the air.  On
5587 	 * IOMMU-enabled hosts DMAR faults would occur in most cases and target
5588 	 * device would crash.
5589 	 *
5590 	 * Since there are no beacon tx completions (implicit nor explicit)
5591 	 * propagated to host the only workaround for this is to allocate a
5592 	 * DMA-coherent buffer for a lifetime of a vif and use it for all
5593 	 * beacon tx commands. Worst case for this approach is some beacons may
5594 	 * become corrupted, e.g. have garbled IEs or out-of-date TIM bitmap.
5595 	 */
5596 	if (vif->type == NL80211_IFTYPE_ADHOC ||
5597 	    vif->type == NL80211_IFTYPE_MESH_POINT ||
5598 	    vif->type == NL80211_IFTYPE_AP) {
5599 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL) {
5600 			arvif->beacon_buf = kmalloc(IEEE80211_MAX_FRAME_LEN,
5601 						    GFP_KERNEL);
5602 
5603 			/* Using a kernel pointer in place of a dma_addr_t
5604 			 * token can lead to undefined behavior if that
5605 			 * makes it into cache management functions. Use a
5606 			 * known-invalid address token instead, which
5607 			 * avoids the warning and makes it easier to catch
5608 			 * bugs if it does end up getting used.
5609 			 */
5610 			arvif->beacon_paddr = DMA_MAPPING_ERROR;
5611 		} else {
5612 			arvif->beacon_buf =
5613 				dma_alloc_coherent(ar->dev,
5614 						   IEEE80211_MAX_FRAME_LEN,
5615 						   &arvif->beacon_paddr,
5616 						   GFP_ATOMIC);
5617 		}
5618 		if (!arvif->beacon_buf) {
5619 			ret = -ENOMEM;
5620 			ath10k_warn(ar, "failed to allocate beacon buffer: %d\n",
5621 				    ret);
5622 			goto err;
5623 		}
5624 	}
5625 	if (test_bit(ATH10K_FLAG_HW_CRYPTO_DISABLED, &ar->dev_flags))
5626 		arvif->nohwcrypt = true;
5627 
5628 	if (arvif->nohwcrypt &&
5629 	    !test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5630 		ret = -EINVAL;
5631 		ath10k_warn(ar, "cryptmode module param needed for sw crypto\n");
5632 		goto err;
5633 	}
5634 
5635 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev create %d (add interface) type %d subtype %d bcnmode %s\n",
5636 		   arvif->vdev_id, arvif->vdev_type, arvif->vdev_subtype,
5637 		   arvif->beacon_buf ? "single-buf" : "per-skb");
5638 
5639 	ret = ath10k_wmi_vdev_create(ar, arvif->vdev_id, arvif->vdev_type,
5640 				     arvif->vdev_subtype, vif->addr);
5641 	if (ret) {
5642 		ath10k_warn(ar, "failed to create WMI vdev %i: %d\n",
5643 			    arvif->vdev_id, ret);
5644 		goto err;
5645 	}
5646 
5647 	if (test_bit(WMI_SERVICE_VDEV_DISABLE_4_ADDR_SRC_LRN_SUPPORT,
5648 		     ar->wmi.svc_map)) {
5649 		vdev_param = ar->wmi.vdev_param->disable_4addr_src_lrn;
5650 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5651 						WMI_VDEV_DISABLE_4_ADDR_SRC_LRN);
5652 		if (ret && ret != -EOPNOTSUPP) {
5653 			ath10k_warn(ar, "failed to disable 4addr src lrn vdev %i: %d\n",
5654 				    arvif->vdev_id, ret);
5655 		}
5656 	}
5657 
5658 	ar->free_vdev_map &= ~(1LL << arvif->vdev_id);
5659 	spin_lock_bh(&ar->data_lock);
5660 	list_add(&arvif->list, &ar->arvifs);
5661 	spin_unlock_bh(&ar->data_lock);
5662 
5663 	/* It makes no sense to have firmware do keepalives. mac80211 already
5664 	 * takes care of this with idle connection polling.
5665 	 */
5666 	ret = ath10k_mac_vif_disable_keepalive(arvif);
5667 	if (ret) {
5668 		ath10k_warn(ar, "failed to disable keepalive on vdev %i: %d\n",
5669 			    arvif->vdev_id, ret);
5670 		goto err_vdev_delete;
5671 	}
5672 
5673 	arvif->def_wep_key_idx = -1;
5674 
5675 	vdev_param = ar->wmi.vdev_param->tx_encap_type;
5676 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5677 					ATH10K_HW_TXRX_NATIVE_WIFI);
5678 	/* 10.X firmware does not support this VDEV parameter. Do not warn */
5679 	if (ret && ret != -EOPNOTSUPP) {
5680 		ath10k_warn(ar, "failed to set vdev %i TX encapsulation: %d\n",
5681 			    arvif->vdev_id, ret);
5682 		goto err_vdev_delete;
5683 	}
5684 
5685 	/* Configuring number of spatial stream for monitor interface is causing
5686 	 * target assert in qca9888 and qca6174.
5687 	 */
5688 	if (ar->cfg_tx_chainmask && (vif->type != NL80211_IFTYPE_MONITOR)) {
5689 		u16 nss = get_nss_from_chainmask(ar->cfg_tx_chainmask);
5690 
5691 		vdev_param = ar->wmi.vdev_param->nss;
5692 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5693 						nss);
5694 		if (ret) {
5695 			ath10k_warn(ar, "failed to set vdev %i chainmask 0x%x, nss %i: %d\n",
5696 				    arvif->vdev_id, ar->cfg_tx_chainmask, nss,
5697 				    ret);
5698 			goto err_vdev_delete;
5699 		}
5700 	}
5701 
5702 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5703 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5704 		ret = ath10k_peer_create(ar, vif, NULL, arvif->vdev_id,
5705 					 vif->addr, WMI_PEER_TYPE_DEFAULT);
5706 		if (ret) {
5707 			ath10k_warn(ar, "failed to create vdev %i peer for AP/IBSS: %d\n",
5708 				    arvif->vdev_id, ret);
5709 			goto err_vdev_delete;
5710 		}
5711 
5712 		spin_lock_bh(&ar->data_lock);
5713 
5714 		peer = ath10k_peer_find(ar, arvif->vdev_id, vif->addr);
5715 		if (!peer) {
5716 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
5717 				    vif->addr, arvif->vdev_id);
5718 			spin_unlock_bh(&ar->data_lock);
5719 			ret = -ENOENT;
5720 			goto err_peer_delete;
5721 		}
5722 
5723 		arvif->peer_id = find_first_bit(peer->peer_ids,
5724 						ATH10K_MAX_NUM_PEER_IDS);
5725 
5726 		spin_unlock_bh(&ar->data_lock);
5727 	} else {
5728 		arvif->peer_id = HTT_INVALID_PEERID;
5729 	}
5730 
5731 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
5732 		ret = ath10k_mac_set_kickout(arvif);
5733 		if (ret) {
5734 			ath10k_warn(ar, "failed to set vdev %i kickout parameters: %d\n",
5735 				    arvif->vdev_id, ret);
5736 			goto err_peer_delete;
5737 		}
5738 	}
5739 
5740 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
5741 		param = WMI_STA_PS_PARAM_RX_WAKE_POLICY;
5742 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
5743 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5744 						  param, value);
5745 		if (ret) {
5746 			ath10k_warn(ar, "failed to set vdev %i RX wake policy: %d\n",
5747 				    arvif->vdev_id, ret);
5748 			goto err_peer_delete;
5749 		}
5750 
5751 		ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
5752 		if (ret) {
5753 			ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
5754 				    arvif->vdev_id, ret);
5755 			goto err_peer_delete;
5756 		}
5757 
5758 		ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
5759 		if (ret) {
5760 			ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
5761 				    arvif->vdev_id, ret);
5762 			goto err_peer_delete;
5763 		}
5764 	}
5765 
5766 	ret = ath10k_mac_set_txbf_conf(arvif);
5767 	if (ret) {
5768 		ath10k_warn(ar, "failed to set txbf for vdev %d: %d\n",
5769 			    arvif->vdev_id, ret);
5770 		goto err_peer_delete;
5771 	}
5772 
5773 	ret = ath10k_mac_set_rts(arvif, ar->hw->wiphy->rts_threshold);
5774 	if (ret) {
5775 		ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
5776 			    arvif->vdev_id, ret);
5777 		goto err_peer_delete;
5778 	}
5779 
5780 	arvif->txpower = vif->bss_conf.txpower;
5781 	ret = ath10k_mac_txpower_recalc(ar);
5782 	if (ret) {
5783 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
5784 		goto err_peer_delete;
5785 	}
5786 
5787 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
5788 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
5789 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5790 						arvif->ftm_responder);
5791 
5792 		/* It is harmless to not set FTM role. Do not warn */
5793 		if (ret && ret != -EOPNOTSUPP)
5794 			ath10k_warn(ar, "failed to set vdev %i FTM Responder: %d\n",
5795 				    arvif->vdev_id, ret);
5796 	}
5797 
5798 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5799 		ar->monitor_arvif = arvif;
5800 		ret = ath10k_monitor_recalc(ar);
5801 		if (ret) {
5802 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5803 			goto err_peer_delete;
5804 		}
5805 	}
5806 
5807 	spin_lock_bh(&ar->htt.tx_lock);
5808 	if (!ar->tx_paused)
5809 		ieee80211_wake_queue(ar->hw, arvif->vdev_id);
5810 	spin_unlock_bh(&ar->htt.tx_lock);
5811 
5812 	mutex_unlock(&ar->conf_mutex);
5813 	return 0;
5814 
5815 err_peer_delete:
5816 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5817 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5818 		ath10k_wmi_peer_delete(ar, arvif->vdev_id, vif->addr);
5819 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5820 						 vif->addr);
5821 	}
5822 
5823 err_vdev_delete:
5824 	ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5825 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5826 	spin_lock_bh(&ar->data_lock);
5827 	list_del(&arvif->list);
5828 	spin_unlock_bh(&ar->data_lock);
5829 
5830 err:
5831 	if (arvif->beacon_buf) {
5832 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
5833 			kfree(arvif->beacon_buf);
5834 		else
5835 			dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
5836 					  arvif->beacon_buf,
5837 					  arvif->beacon_paddr);
5838 		arvif->beacon_buf = NULL;
5839 	}
5840 
5841 	mutex_unlock(&ar->conf_mutex);
5842 
5843 	return ret;
5844 }
5845 
5846 static void ath10k_mac_vif_tx_unlock_all(struct ath10k_vif *arvif)
5847 {
5848 	int i;
5849 
5850 	for (i = 0; i < BITS_PER_LONG; i++)
5851 		ath10k_mac_vif_tx_unlock(arvif, i);
5852 }
5853 
5854 static void ath10k_remove_interface(struct ieee80211_hw *hw,
5855 				    struct ieee80211_vif *vif)
5856 {
5857 	struct ath10k *ar = hw->priv;
5858 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5859 	struct ath10k_peer *peer;
5860 	unsigned long time_left;
5861 	int ret;
5862 	int i;
5863 
5864 	cancel_work_sync(&arvif->ap_csa_work);
5865 	cancel_delayed_work_sync(&arvif->connection_loss_work);
5866 
5867 	mutex_lock(&ar->conf_mutex);
5868 
5869 	ret = ath10k_spectral_vif_stop(arvif);
5870 	if (ret)
5871 		ath10k_warn(ar, "failed to stop spectral for vdev %i: %d\n",
5872 			    arvif->vdev_id, ret);
5873 
5874 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5875 	spin_lock_bh(&ar->data_lock);
5876 	list_del(&arvif->list);
5877 	spin_unlock_bh(&ar->data_lock);
5878 
5879 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5880 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5881 		ret = ath10k_wmi_peer_delete(arvif->ar, arvif->vdev_id,
5882 					     vif->addr);
5883 		if (ret)
5884 			ath10k_warn(ar, "failed to submit AP/IBSS self-peer removal on vdev %i: %d\n",
5885 				    arvif->vdev_id, ret);
5886 
5887 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5888 						 vif->addr);
5889 		kfree(arvif->u.ap.noa_data);
5890 	}
5891 
5892 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i delete (remove interface)\n",
5893 		   arvif->vdev_id);
5894 
5895 	ret = ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5896 	if (ret)
5897 		ath10k_warn(ar, "failed to delete WMI vdev %i: %d\n",
5898 			    arvif->vdev_id, ret);
5899 
5900 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
5901 		time_left = wait_for_completion_timeout(&ar->vdev_delete_done,
5902 							ATH10K_VDEV_DELETE_TIMEOUT_HZ);
5903 		if (time_left == 0) {
5904 			ath10k_warn(ar, "Timeout in receiving vdev delete response\n");
5905 			goto out;
5906 		}
5907 	}
5908 
5909 	/* Some firmware revisions don't notify host about self-peer removal
5910 	 * until after associated vdev is deleted.
5911 	 */
5912 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5913 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5914 		ret = ath10k_wait_for_peer_deleted(ar, arvif->vdev_id,
5915 						   vif->addr);
5916 		if (ret)
5917 			ath10k_warn(ar, "failed to remove AP self-peer on vdev %i: %d\n",
5918 				    arvif->vdev_id, ret);
5919 
5920 		spin_lock_bh(&ar->data_lock);
5921 		ar->num_peers--;
5922 		spin_unlock_bh(&ar->data_lock);
5923 	}
5924 
5925 	spin_lock_bh(&ar->data_lock);
5926 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
5927 		peer = ar->peer_map[i];
5928 		if (!peer)
5929 			continue;
5930 
5931 		if (peer->vif == vif) {
5932 			ath10k_warn(ar, "found vif peer %pM entry on vdev %i after it was supposedly removed\n",
5933 				    vif->addr, arvif->vdev_id);
5934 			peer->vif = NULL;
5935 		}
5936 	}
5937 
5938 	/* Clean this up late, less opportunity for firmware to access
5939 	 * DMA memory we have deleted.
5940 	 */
5941 	ath10k_mac_vif_beacon_cleanup(arvif);
5942 	spin_unlock_bh(&ar->data_lock);
5943 
5944 	ath10k_peer_cleanup(ar, arvif->vdev_id);
5945 	ath10k_mac_txq_unref(ar, vif->txq);
5946 
5947 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5948 		ar->monitor_arvif = NULL;
5949 		ret = ath10k_monitor_recalc(ar);
5950 		if (ret)
5951 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5952 	}
5953 
5954 	ret = ath10k_mac_txpower_recalc(ar);
5955 	if (ret)
5956 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
5957 
5958 	spin_lock_bh(&ar->htt.tx_lock);
5959 	ath10k_mac_vif_tx_unlock_all(arvif);
5960 	spin_unlock_bh(&ar->htt.tx_lock);
5961 
5962 	ath10k_mac_txq_unref(ar, vif->txq);
5963 
5964 out:
5965 	mutex_unlock(&ar->conf_mutex);
5966 }
5967 
5968 /*
5969  * FIXME: Has to be verified.
5970  */
5971 #define SUPPORTED_FILTERS			\
5972 	(FIF_ALLMULTI |				\
5973 	FIF_CONTROL |				\
5974 	FIF_PSPOLL |				\
5975 	FIF_OTHER_BSS |				\
5976 	FIF_BCN_PRBRESP_PROMISC |		\
5977 	FIF_PROBE_REQ |				\
5978 	FIF_FCSFAIL)
5979 
5980 static void ath10k_configure_filter(struct ieee80211_hw *hw,
5981 				    unsigned int changed_flags,
5982 				    unsigned int *total_flags,
5983 				    u64 multicast)
5984 {
5985 	struct ath10k *ar = hw->priv;
5986 	int ret;
5987 
5988 	mutex_lock(&ar->conf_mutex);
5989 
5990 	changed_flags &= SUPPORTED_FILTERS;
5991 	*total_flags &= SUPPORTED_FILTERS;
5992 	ar->filter_flags = *total_flags;
5993 
5994 	ret = ath10k_monitor_recalc(ar);
5995 	if (ret)
5996 		ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5997 
5998 	mutex_unlock(&ar->conf_mutex);
5999 }
6000 
6001 static void ath10k_recalculate_mgmt_rate(struct ath10k *ar,
6002 					 struct ieee80211_vif *vif,
6003 					 struct cfg80211_chan_def *def)
6004 {
6005 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6006 	const struct ieee80211_supported_band *sband;
6007 	u8 basic_rate_idx;
6008 	int hw_rate_code;
6009 	u32 vdev_param;
6010 	u16 bitrate;
6011 	int ret;
6012 
6013 	lockdep_assert_held(&ar->conf_mutex);
6014 
6015 	sband = ar->hw->wiphy->bands[def->chan->band];
6016 	basic_rate_idx = ffs(vif->bss_conf.basic_rates) - 1;
6017 	bitrate = sband->bitrates[basic_rate_idx].bitrate;
6018 
6019 	hw_rate_code = ath10k_mac_get_rate_hw_value(bitrate);
6020 	if (hw_rate_code < 0) {
6021 		ath10k_warn(ar, "bitrate not supported %d\n", bitrate);
6022 		return;
6023 	}
6024 
6025 	vdev_param = ar->wmi.vdev_param->mgmt_rate;
6026 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6027 					hw_rate_code);
6028 	if (ret)
6029 		ath10k_warn(ar, "failed to set mgmt tx rate %d\n", ret);
6030 }
6031 
6032 static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
6033 				    struct ieee80211_vif *vif,
6034 				    struct ieee80211_bss_conf *info,
6035 				    u32 changed)
6036 {
6037 	struct ath10k *ar = hw->priv;
6038 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6039 	struct cfg80211_chan_def def;
6040 	u32 vdev_param, pdev_param, slottime, preamble;
6041 	u16 bitrate, hw_value;
6042 	u8 rate, rateidx;
6043 	int ret = 0, mcast_rate;
6044 	enum nl80211_band band;
6045 
6046 	mutex_lock(&ar->conf_mutex);
6047 
6048 	if (changed & BSS_CHANGED_IBSS)
6049 		ath10k_control_ibss(arvif, info, vif->addr);
6050 
6051 	if (changed & BSS_CHANGED_BEACON_INT) {
6052 		arvif->beacon_interval = info->beacon_int;
6053 		vdev_param = ar->wmi.vdev_param->beacon_interval;
6054 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6055 						arvif->beacon_interval);
6056 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6057 			   "mac vdev %d beacon_interval %d\n",
6058 			   arvif->vdev_id, arvif->beacon_interval);
6059 
6060 		if (ret)
6061 			ath10k_warn(ar, "failed to set beacon interval for vdev %d: %i\n",
6062 				    arvif->vdev_id, ret);
6063 	}
6064 
6065 	if (changed & BSS_CHANGED_BEACON) {
6066 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6067 			   "vdev %d set beacon tx mode to staggered\n",
6068 			   arvif->vdev_id);
6069 
6070 		pdev_param = ar->wmi.pdev_param->beacon_tx_mode;
6071 		ret = ath10k_wmi_pdev_set_param(ar, pdev_param,
6072 						WMI_BEACON_STAGGERED_MODE);
6073 		if (ret)
6074 			ath10k_warn(ar, "failed to set beacon mode for vdev %d: %i\n",
6075 				    arvif->vdev_id, ret);
6076 
6077 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
6078 		if (ret)
6079 			ath10k_warn(ar, "failed to update beacon template: %d\n",
6080 				    ret);
6081 
6082 		if (ieee80211_vif_is_mesh(vif)) {
6083 			/* mesh doesn't use SSID but firmware needs it */
6084 			strncpy(arvif->u.ap.ssid, "mesh",
6085 				sizeof(arvif->u.ap.ssid));
6086 			arvif->u.ap.ssid_len = 4;
6087 		}
6088 	}
6089 
6090 	if (changed & BSS_CHANGED_AP_PROBE_RESP) {
6091 		ret = ath10k_mac_setup_prb_tmpl(arvif);
6092 		if (ret)
6093 			ath10k_warn(ar, "failed to setup probe resp template on vdev %i: %d\n",
6094 				    arvif->vdev_id, ret);
6095 	}
6096 
6097 	if (changed & (BSS_CHANGED_BEACON_INFO | BSS_CHANGED_BEACON)) {
6098 		arvif->dtim_period = info->dtim_period;
6099 
6100 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6101 			   "mac vdev %d dtim_period %d\n",
6102 			   arvif->vdev_id, arvif->dtim_period);
6103 
6104 		vdev_param = ar->wmi.vdev_param->dtim_period;
6105 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6106 						arvif->dtim_period);
6107 		if (ret)
6108 			ath10k_warn(ar, "failed to set dtim period for vdev %d: %i\n",
6109 				    arvif->vdev_id, ret);
6110 	}
6111 
6112 	if (changed & BSS_CHANGED_SSID &&
6113 	    vif->type == NL80211_IFTYPE_AP) {
6114 		arvif->u.ap.ssid_len = info->ssid_len;
6115 		if (info->ssid_len)
6116 			memcpy(arvif->u.ap.ssid, info->ssid, info->ssid_len);
6117 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
6118 	}
6119 
6120 	if (changed & BSS_CHANGED_BSSID && !is_zero_ether_addr(info->bssid))
6121 		ether_addr_copy(arvif->bssid, info->bssid);
6122 
6123 	if (changed & BSS_CHANGED_FTM_RESPONDER &&
6124 	    arvif->ftm_responder != info->ftm_responder &&
6125 	    test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
6126 		arvif->ftm_responder = info->ftm_responder;
6127 
6128 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
6129 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6130 						arvif->ftm_responder);
6131 
6132 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6133 			   "mac vdev %d ftm_responder %d:ret %d\n",
6134 			   arvif->vdev_id, arvif->ftm_responder, ret);
6135 	}
6136 
6137 	if (changed & BSS_CHANGED_BEACON_ENABLED)
6138 		ath10k_control_beaconing(arvif, info);
6139 
6140 	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
6141 		arvif->use_cts_prot = info->use_cts_prot;
6142 
6143 		ret = ath10k_recalc_rtscts_prot(arvif);
6144 		if (ret)
6145 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
6146 				    arvif->vdev_id, ret);
6147 
6148 		if (ath10k_mac_can_set_cts_prot(arvif)) {
6149 			ret = ath10k_mac_set_cts_prot(arvif);
6150 			if (ret)
6151 				ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
6152 					    arvif->vdev_id, ret);
6153 		}
6154 	}
6155 
6156 	if (changed & BSS_CHANGED_ERP_SLOT) {
6157 		if (info->use_short_slot)
6158 			slottime = WMI_VDEV_SLOT_TIME_SHORT; /* 9us */
6159 
6160 		else
6161 			slottime = WMI_VDEV_SLOT_TIME_LONG; /* 20us */
6162 
6163 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d slot_time %d\n",
6164 			   arvif->vdev_id, slottime);
6165 
6166 		vdev_param = ar->wmi.vdev_param->slot_time;
6167 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6168 						slottime);
6169 		if (ret)
6170 			ath10k_warn(ar, "failed to set erp slot for vdev %d: %i\n",
6171 				    arvif->vdev_id, ret);
6172 	}
6173 
6174 	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
6175 		if (info->use_short_preamble)
6176 			preamble = WMI_VDEV_PREAMBLE_SHORT;
6177 		else
6178 			preamble = WMI_VDEV_PREAMBLE_LONG;
6179 
6180 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6181 			   "mac vdev %d preamble %dn",
6182 			   arvif->vdev_id, preamble);
6183 
6184 		vdev_param = ar->wmi.vdev_param->preamble;
6185 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6186 						preamble);
6187 		if (ret)
6188 			ath10k_warn(ar, "failed to set preamble for vdev %d: %i\n",
6189 				    arvif->vdev_id, ret);
6190 	}
6191 
6192 	if (changed & BSS_CHANGED_ASSOC) {
6193 		if (info->assoc) {
6194 			/* Workaround: Make sure monitor vdev is not running
6195 			 * when associating to prevent some firmware revisions
6196 			 * (e.g. 10.1 and 10.2) from crashing.
6197 			 */
6198 			if (ar->monitor_started)
6199 				ath10k_monitor_stop(ar);
6200 			ath10k_bss_assoc(hw, vif, info);
6201 			ath10k_monitor_recalc(ar);
6202 		} else {
6203 			ath10k_bss_disassoc(hw, vif);
6204 		}
6205 	}
6206 
6207 	if (changed & BSS_CHANGED_TXPOWER) {
6208 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev_id %i txpower %d\n",
6209 			   arvif->vdev_id, info->txpower);
6210 
6211 		arvif->txpower = info->txpower;
6212 		ret = ath10k_mac_txpower_recalc(ar);
6213 		if (ret)
6214 			ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
6215 	}
6216 
6217 	if (changed & BSS_CHANGED_PS) {
6218 		arvif->ps = vif->bss_conf.ps;
6219 
6220 		ret = ath10k_config_ps(ar);
6221 		if (ret)
6222 			ath10k_warn(ar, "failed to setup ps on vdev %i: %d\n",
6223 				    arvif->vdev_id, ret);
6224 	}
6225 
6226 	if (changed & BSS_CHANGED_MCAST_RATE &&
6227 	    !ath10k_mac_vif_chan(arvif->vif, &def)) {
6228 		band = def.chan->band;
6229 		mcast_rate = vif->bss_conf.mcast_rate[band];
6230 		if (mcast_rate > 0)
6231 			rateidx = mcast_rate - 1;
6232 		else
6233 			rateidx = ffs(vif->bss_conf.basic_rates) - 1;
6234 
6235 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6236 			rateidx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6237 
6238 		bitrate = ath10k_wmi_legacy_rates[rateidx].bitrate;
6239 		hw_value = ath10k_wmi_legacy_rates[rateidx].hw_value;
6240 		if (ath10k_mac_bitrate_is_cck(bitrate))
6241 			preamble = WMI_RATE_PREAMBLE_CCK;
6242 		else
6243 			preamble = WMI_RATE_PREAMBLE_OFDM;
6244 
6245 		rate = ATH10K_HW_RATECODE(hw_value, 0, preamble);
6246 
6247 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6248 			   "mac vdev %d mcast_rate %x\n",
6249 			   arvif->vdev_id, rate);
6250 
6251 		vdev_param = ar->wmi.vdev_param->mcast_data_rate;
6252 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6253 						vdev_param, rate);
6254 		if (ret)
6255 			ath10k_warn(ar,
6256 				    "failed to set mcast rate on vdev %i: %d\n",
6257 				    arvif->vdev_id,  ret);
6258 
6259 		vdev_param = ar->wmi.vdev_param->bcast_data_rate;
6260 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6261 						vdev_param, rate);
6262 		if (ret)
6263 			ath10k_warn(ar,
6264 				    "failed to set bcast rate on vdev %i: %d\n",
6265 				    arvif->vdev_id,  ret);
6266 	}
6267 
6268 	if (changed & BSS_CHANGED_BASIC_RATES &&
6269 	    !ath10k_mac_vif_chan(arvif->vif, &def))
6270 		ath10k_recalculate_mgmt_rate(ar, vif, &def);
6271 
6272 	mutex_unlock(&ar->conf_mutex);
6273 }
6274 
6275 static void ath10k_mac_op_set_coverage_class(struct ieee80211_hw *hw, s16 value)
6276 {
6277 	struct ath10k *ar = hw->priv;
6278 
6279 	/* This function should never be called if setting the coverage class
6280 	 * is not supported on this hardware.
6281 	 */
6282 	if (!ar->hw_params.hw_ops->set_coverage_class) {
6283 		WARN_ON_ONCE(1);
6284 		return;
6285 	}
6286 	ar->hw_params.hw_ops->set_coverage_class(ar, value);
6287 }
6288 
6289 struct ath10k_mac_tdls_iter_data {
6290 	u32 num_tdls_stations;
6291 	struct ieee80211_vif *curr_vif;
6292 };
6293 
6294 static void ath10k_mac_tdls_vif_stations_count_iter(void *data,
6295 						    struct ieee80211_sta *sta)
6296 {
6297 	struct ath10k_mac_tdls_iter_data *iter_data = data;
6298 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
6299 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
6300 
6301 	if (sta->tdls && sta_vif == iter_data->curr_vif)
6302 		iter_data->num_tdls_stations++;
6303 }
6304 
6305 static int ath10k_mac_tdls_vif_stations_count(struct ieee80211_hw *hw,
6306 					      struct ieee80211_vif *vif)
6307 {
6308 	struct ath10k_mac_tdls_iter_data data = {};
6309 
6310 	data.curr_vif = vif;
6311 
6312 	ieee80211_iterate_stations_atomic(hw,
6313 					  ath10k_mac_tdls_vif_stations_count_iter,
6314 					  &data);
6315 	return data.num_tdls_stations;
6316 }
6317 
6318 static int ath10k_hw_scan(struct ieee80211_hw *hw,
6319 			  struct ieee80211_vif *vif,
6320 			  struct ieee80211_scan_request *hw_req)
6321 {
6322 	struct ath10k *ar = hw->priv;
6323 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6324 	struct cfg80211_scan_request *req = &hw_req->req;
6325 	struct wmi_start_scan_arg arg;
6326 	int ret = 0;
6327 	int i;
6328 	u32 scan_timeout;
6329 
6330 	mutex_lock(&ar->conf_mutex);
6331 
6332 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
6333 		ret = -EBUSY;
6334 		goto exit;
6335 	}
6336 
6337 	spin_lock_bh(&ar->data_lock);
6338 	switch (ar->scan.state) {
6339 	case ATH10K_SCAN_IDLE:
6340 		reinit_completion(&ar->scan.started);
6341 		reinit_completion(&ar->scan.completed);
6342 		ar->scan.state = ATH10K_SCAN_STARTING;
6343 		ar->scan.is_roc = false;
6344 		ar->scan.vdev_id = arvif->vdev_id;
6345 		ret = 0;
6346 		break;
6347 	case ATH10K_SCAN_STARTING:
6348 	case ATH10K_SCAN_RUNNING:
6349 	case ATH10K_SCAN_ABORTING:
6350 		ret = -EBUSY;
6351 		break;
6352 	}
6353 	spin_unlock_bh(&ar->data_lock);
6354 
6355 	if (ret)
6356 		goto exit;
6357 
6358 	memset(&arg, 0, sizeof(arg));
6359 	ath10k_wmi_start_scan_init(ar, &arg);
6360 	arg.vdev_id = arvif->vdev_id;
6361 	arg.scan_id = ATH10K_SCAN_ID;
6362 
6363 	if (req->ie_len) {
6364 		arg.ie_len = req->ie_len;
6365 		memcpy(arg.ie, req->ie, arg.ie_len);
6366 	}
6367 
6368 	if (req->n_ssids) {
6369 		arg.n_ssids = req->n_ssids;
6370 		for (i = 0; i < arg.n_ssids; i++) {
6371 			arg.ssids[i].len  = req->ssids[i].ssid_len;
6372 			arg.ssids[i].ssid = req->ssids[i].ssid;
6373 		}
6374 	} else {
6375 		arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
6376 	}
6377 
6378 	if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
6379 		arg.scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOFED_MAC_IN_PROBE_REQ;
6380 		ether_addr_copy(arg.mac_addr.addr, req->mac_addr);
6381 		ether_addr_copy(arg.mac_mask.addr, req->mac_addr_mask);
6382 	}
6383 
6384 	if (req->n_channels) {
6385 		arg.n_channels = req->n_channels;
6386 		for (i = 0; i < arg.n_channels; i++)
6387 			arg.channels[i] = req->channels[i]->center_freq;
6388 	}
6389 
6390 	/* if duration is set, default dwell times will be overwritten */
6391 	if (req->duration) {
6392 		arg.dwell_time_active = req->duration;
6393 		arg.dwell_time_passive = req->duration;
6394 		arg.burst_duration_ms = req->duration;
6395 
6396 		scan_timeout = min_t(u32, arg.max_rest_time *
6397 				(arg.n_channels - 1) + (req->duration +
6398 				ATH10K_SCAN_CHANNEL_SWITCH_WMI_EVT_OVERHEAD) *
6399 				arg.n_channels, arg.max_scan_time);
6400 	} else {
6401 		scan_timeout = arg.max_scan_time;
6402 	}
6403 
6404 	/* Add a 200ms margin to account for event/command processing */
6405 	scan_timeout += 200;
6406 
6407 	ret = ath10k_start_scan(ar, &arg);
6408 	if (ret) {
6409 		ath10k_warn(ar, "failed to start hw scan: %d\n", ret);
6410 		spin_lock_bh(&ar->data_lock);
6411 		ar->scan.state = ATH10K_SCAN_IDLE;
6412 		spin_unlock_bh(&ar->data_lock);
6413 	}
6414 
6415 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
6416 				     msecs_to_jiffies(scan_timeout));
6417 
6418 exit:
6419 	mutex_unlock(&ar->conf_mutex);
6420 	return ret;
6421 }
6422 
6423 static void ath10k_cancel_hw_scan(struct ieee80211_hw *hw,
6424 				  struct ieee80211_vif *vif)
6425 {
6426 	struct ath10k *ar = hw->priv;
6427 
6428 	mutex_lock(&ar->conf_mutex);
6429 	ath10k_scan_abort(ar);
6430 	mutex_unlock(&ar->conf_mutex);
6431 
6432 	cancel_delayed_work_sync(&ar->scan.timeout);
6433 }
6434 
6435 static void ath10k_set_key_h_def_keyidx(struct ath10k *ar,
6436 					struct ath10k_vif *arvif,
6437 					enum set_key_cmd cmd,
6438 					struct ieee80211_key_conf *key)
6439 {
6440 	u32 vdev_param = arvif->ar->wmi.vdev_param->def_keyid;
6441 	int ret;
6442 
6443 	/* 10.1 firmware branch requires default key index to be set to group
6444 	 * key index after installing it. Otherwise FW/HW Txes corrupted
6445 	 * frames with multi-vif APs. This is not required for main firmware
6446 	 * branch (e.g. 636).
6447 	 *
6448 	 * This is also needed for 636 fw for IBSS-RSN to work more reliably.
6449 	 *
6450 	 * FIXME: It remains unknown if this is required for multi-vif STA
6451 	 * interfaces on 10.1.
6452 	 */
6453 
6454 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
6455 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
6456 		return;
6457 
6458 	if (key->cipher == WLAN_CIPHER_SUITE_WEP40)
6459 		return;
6460 
6461 	if (key->cipher == WLAN_CIPHER_SUITE_WEP104)
6462 		return;
6463 
6464 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6465 		return;
6466 
6467 	if (cmd != SET_KEY)
6468 		return;
6469 
6470 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6471 					key->keyidx);
6472 	if (ret)
6473 		ath10k_warn(ar, "failed to set vdev %i group key as default key: %d\n",
6474 			    arvif->vdev_id, ret);
6475 }
6476 
6477 static int ath10k_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
6478 			  struct ieee80211_vif *vif, struct ieee80211_sta *sta,
6479 			  struct ieee80211_key_conf *key)
6480 {
6481 	struct ath10k *ar = hw->priv;
6482 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6483 	struct ath10k_sta *arsta;
6484 	struct ath10k_peer *peer;
6485 	const u8 *peer_addr;
6486 	bool is_wep = key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
6487 		      key->cipher == WLAN_CIPHER_SUITE_WEP104;
6488 	int ret = 0;
6489 	int ret2;
6490 	u32 flags = 0;
6491 	u32 flags2;
6492 
6493 	/* this one needs to be done in software */
6494 	if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
6495 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
6496 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256 ||
6497 	    key->cipher == WLAN_CIPHER_SUITE_BIP_CMAC_256)
6498 		return 1;
6499 
6500 	if (arvif->nohwcrypt)
6501 		return 1;
6502 
6503 	if (key->keyidx > WMI_MAX_KEY_INDEX)
6504 		return -ENOSPC;
6505 
6506 	mutex_lock(&ar->conf_mutex);
6507 
6508 	if (sta) {
6509 		arsta = (struct ath10k_sta *)sta->drv_priv;
6510 		peer_addr = sta->addr;
6511 		spin_lock_bh(&ar->data_lock);
6512 		arsta->ucast_cipher = key->cipher;
6513 		spin_unlock_bh(&ar->data_lock);
6514 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
6515 		peer_addr = vif->bss_conf.bssid;
6516 	} else {
6517 		peer_addr = vif->addr;
6518 	}
6519 
6520 	key->hw_key_idx = key->keyidx;
6521 
6522 	if (is_wep) {
6523 		if (cmd == SET_KEY)
6524 			arvif->wep_keys[key->keyidx] = key;
6525 		else
6526 			arvif->wep_keys[key->keyidx] = NULL;
6527 	}
6528 
6529 	/* the peer should not disappear in mid-way (unless FW goes awry) since
6530 	 * we already hold conf_mutex. we just make sure its there now.
6531 	 */
6532 	spin_lock_bh(&ar->data_lock);
6533 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6534 	spin_unlock_bh(&ar->data_lock);
6535 
6536 	if (!peer) {
6537 		if (cmd == SET_KEY) {
6538 			ath10k_warn(ar, "failed to install key for non-existent peer %pM\n",
6539 				    peer_addr);
6540 			ret = -EOPNOTSUPP;
6541 			goto exit;
6542 		} else {
6543 			/* if the peer doesn't exist there is no key to disable anymore */
6544 			goto exit;
6545 		}
6546 	}
6547 
6548 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6549 		flags |= WMI_KEY_PAIRWISE;
6550 	else
6551 		flags |= WMI_KEY_GROUP;
6552 
6553 	if (is_wep) {
6554 		if (cmd == DISABLE_KEY)
6555 			ath10k_clear_vdev_key(arvif, key);
6556 
6557 		/* When WEP keys are uploaded it's possible that there are
6558 		 * stations associated already (e.g. when merging) without any
6559 		 * keys. Static WEP needs an explicit per-peer key upload.
6560 		 */
6561 		if (vif->type == NL80211_IFTYPE_ADHOC &&
6562 		    cmd == SET_KEY)
6563 			ath10k_mac_vif_update_wep_key(arvif, key);
6564 
6565 		/* 802.1x never sets the def_wep_key_idx so each set_key()
6566 		 * call changes default tx key.
6567 		 *
6568 		 * Static WEP sets def_wep_key_idx via .set_default_unicast_key
6569 		 * after first set_key().
6570 		 */
6571 		if (cmd == SET_KEY && arvif->def_wep_key_idx == -1)
6572 			flags |= WMI_KEY_TX_USAGE;
6573 	}
6574 
6575 	ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags);
6576 	if (ret) {
6577 		WARN_ON(ret > 0);
6578 		ath10k_warn(ar, "failed to install key for vdev %i peer %pM: %d\n",
6579 			    arvif->vdev_id, peer_addr, ret);
6580 		goto exit;
6581 	}
6582 
6583 	/* mac80211 sets static WEP keys as groupwise while firmware requires
6584 	 * them to be installed twice as both pairwise and groupwise.
6585 	 */
6586 	if (is_wep && !sta && vif->type == NL80211_IFTYPE_STATION) {
6587 		flags2 = flags;
6588 		flags2 &= ~WMI_KEY_GROUP;
6589 		flags2 |= WMI_KEY_PAIRWISE;
6590 
6591 		ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags2);
6592 		if (ret) {
6593 			WARN_ON(ret > 0);
6594 			ath10k_warn(ar, "failed to install (ucast) key for vdev %i peer %pM: %d\n",
6595 				    arvif->vdev_id, peer_addr, ret);
6596 			ret2 = ath10k_install_key(arvif, key, DISABLE_KEY,
6597 						  peer_addr, flags);
6598 			if (ret2) {
6599 				WARN_ON(ret2 > 0);
6600 				ath10k_warn(ar, "failed to disable (mcast) key for vdev %i peer %pM: %d\n",
6601 					    arvif->vdev_id, peer_addr, ret2);
6602 			}
6603 			goto exit;
6604 		}
6605 	}
6606 
6607 	ath10k_set_key_h_def_keyidx(ar, arvif, cmd, key);
6608 
6609 	spin_lock_bh(&ar->data_lock);
6610 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6611 	if (peer && cmd == SET_KEY)
6612 		peer->keys[key->keyidx] = key;
6613 	else if (peer && cmd == DISABLE_KEY)
6614 		peer->keys[key->keyidx] = NULL;
6615 	else if (peer == NULL)
6616 		/* impossible unless FW goes crazy */
6617 		ath10k_warn(ar, "Peer %pM disappeared!\n", peer_addr);
6618 	spin_unlock_bh(&ar->data_lock);
6619 
6620 	if (sta && sta->tdls)
6621 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6622 					  ar->wmi.peer_param->authorize, 1);
6623 	else if (sta && cmd == SET_KEY && (key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
6624 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, peer_addr,
6625 					  ar->wmi.peer_param->authorize, 1);
6626 
6627 exit:
6628 	mutex_unlock(&ar->conf_mutex);
6629 	return ret;
6630 }
6631 
6632 static void ath10k_set_default_unicast_key(struct ieee80211_hw *hw,
6633 					   struct ieee80211_vif *vif,
6634 					   int keyidx)
6635 {
6636 	struct ath10k *ar = hw->priv;
6637 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6638 	int ret;
6639 
6640 	mutex_lock(&arvif->ar->conf_mutex);
6641 
6642 	if (arvif->ar->state != ATH10K_STATE_ON)
6643 		goto unlock;
6644 
6645 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d set keyidx %d\n",
6646 		   arvif->vdev_id, keyidx);
6647 
6648 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
6649 					arvif->vdev_id,
6650 					arvif->ar->wmi.vdev_param->def_keyid,
6651 					keyidx);
6652 
6653 	if (ret) {
6654 		ath10k_warn(ar, "failed to update wep key index for vdev %d: %d\n",
6655 			    arvif->vdev_id,
6656 			    ret);
6657 		goto unlock;
6658 	}
6659 
6660 	arvif->def_wep_key_idx = keyidx;
6661 
6662 unlock:
6663 	mutex_unlock(&arvif->ar->conf_mutex);
6664 }
6665 
6666 static void ath10k_sta_rc_update_wk(struct work_struct *wk)
6667 {
6668 	struct ath10k *ar;
6669 	struct ath10k_vif *arvif;
6670 	struct ath10k_sta *arsta;
6671 	struct ieee80211_sta *sta;
6672 	struct cfg80211_chan_def def;
6673 	enum nl80211_band band;
6674 	const u8 *ht_mcs_mask;
6675 	const u16 *vht_mcs_mask;
6676 	u32 changed, bw, nss, smps;
6677 	int err;
6678 
6679 	arsta = container_of(wk, struct ath10k_sta, update_wk);
6680 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
6681 	arvif = arsta->arvif;
6682 	ar = arvif->ar;
6683 
6684 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
6685 		return;
6686 
6687 	band = def.chan->band;
6688 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
6689 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
6690 
6691 	spin_lock_bh(&ar->data_lock);
6692 
6693 	changed = arsta->changed;
6694 	arsta->changed = 0;
6695 
6696 	bw = arsta->bw;
6697 	nss = arsta->nss;
6698 	smps = arsta->smps;
6699 
6700 	spin_unlock_bh(&ar->data_lock);
6701 
6702 	mutex_lock(&ar->conf_mutex);
6703 
6704 	nss = max_t(u32, 1, nss);
6705 	nss = min(nss, max(ath10k_mac_max_ht_nss(ht_mcs_mask),
6706 			   ath10k_mac_max_vht_nss(vht_mcs_mask)));
6707 
6708 	if (changed & IEEE80211_RC_BW_CHANGED) {
6709 		enum wmi_phy_mode mode;
6710 
6711 		mode = chan_to_phymode(&def);
6712 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM peer bw %d phymode %d\n",
6713 			   sta->addr, bw, mode);
6714 
6715 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6716 						ar->wmi.peer_param->phymode, mode);
6717 		if (err) {
6718 			ath10k_warn(ar, "failed to update STA %pM peer phymode %d: %d\n",
6719 				    sta->addr, mode, err);
6720 			goto exit;
6721 		}
6722 
6723 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6724 						ar->wmi.peer_param->chan_width, bw);
6725 		if (err)
6726 			ath10k_warn(ar, "failed to update STA %pM peer bw %d: %d\n",
6727 				    sta->addr, bw, err);
6728 	}
6729 
6730 	if (changed & IEEE80211_RC_NSS_CHANGED) {
6731 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM nss %d\n",
6732 			   sta->addr, nss);
6733 
6734 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6735 						ar->wmi.peer_param->nss, nss);
6736 		if (err)
6737 			ath10k_warn(ar, "failed to update STA %pM nss %d: %d\n",
6738 				    sta->addr, nss, err);
6739 	}
6740 
6741 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
6742 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM smps %d\n",
6743 			   sta->addr, smps);
6744 
6745 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6746 						ar->wmi.peer_param->smps_state, smps);
6747 		if (err)
6748 			ath10k_warn(ar, "failed to update STA %pM smps %d: %d\n",
6749 				    sta->addr, smps, err);
6750 	}
6751 
6752 	if (changed & IEEE80211_RC_SUPP_RATES_CHANGED) {
6753 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM supp rates\n",
6754 			   sta->addr);
6755 
6756 		err = ath10k_station_assoc(ar, arvif->vif, sta, true);
6757 		if (err)
6758 			ath10k_warn(ar, "failed to reassociate station: %pM\n",
6759 				    sta->addr);
6760 	}
6761 
6762 exit:
6763 	mutex_unlock(&ar->conf_mutex);
6764 }
6765 
6766 static int ath10k_mac_inc_num_stations(struct ath10k_vif *arvif,
6767 				       struct ieee80211_sta *sta)
6768 {
6769 	struct ath10k *ar = arvif->ar;
6770 
6771 	lockdep_assert_held(&ar->conf_mutex);
6772 
6773 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6774 		return 0;
6775 
6776 	if (ar->num_stations >= ar->max_num_stations)
6777 		return -ENOBUFS;
6778 
6779 	ar->num_stations++;
6780 
6781 	return 0;
6782 }
6783 
6784 static void ath10k_mac_dec_num_stations(struct ath10k_vif *arvif,
6785 					struct ieee80211_sta *sta)
6786 {
6787 	struct ath10k *ar = arvif->ar;
6788 
6789 	lockdep_assert_held(&ar->conf_mutex);
6790 
6791 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6792 		return;
6793 
6794 	ar->num_stations--;
6795 }
6796 
6797 static int ath10k_sta_set_txpwr(struct ieee80211_hw *hw,
6798 				struct ieee80211_vif *vif,
6799 				struct ieee80211_sta *sta)
6800 {
6801 	struct ath10k *ar = hw->priv;
6802 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6803 	int ret = 0;
6804 	s16 txpwr;
6805 
6806 	if (sta->deflink.txpwr.type == NL80211_TX_POWER_AUTOMATIC) {
6807 		txpwr = 0;
6808 	} else {
6809 		txpwr = sta->deflink.txpwr.power;
6810 		if (!txpwr)
6811 			return -EINVAL;
6812 	}
6813 
6814 	if (txpwr > ATH10K_TX_POWER_MAX_VAL || txpwr < ATH10K_TX_POWER_MIN_VAL)
6815 		return -EINVAL;
6816 
6817 	mutex_lock(&ar->conf_mutex);
6818 
6819 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6820 					ar->wmi.peer_param->use_fixed_power, txpwr);
6821 	if (ret) {
6822 		ath10k_warn(ar, "failed to set tx power for station ret: %d\n",
6823 			    ret);
6824 		goto out;
6825 	}
6826 
6827 out:
6828 	mutex_unlock(&ar->conf_mutex);
6829 	return ret;
6830 }
6831 
6832 struct ath10k_mac_iter_tid_conf_data {
6833 	struct ieee80211_vif *curr_vif;
6834 	struct ath10k *ar;
6835 	bool reset_config;
6836 };
6837 
6838 static bool
6839 ath10k_mac_bitrate_mask_has_single_rate(struct ath10k *ar,
6840 					enum nl80211_band band,
6841 					const struct cfg80211_bitrate_mask *mask,
6842 					int *vht_num_rates)
6843 {
6844 	int num_rates = 0;
6845 	int i, tmp;
6846 
6847 	num_rates += hweight32(mask->control[band].legacy);
6848 
6849 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++)
6850 		num_rates += hweight8(mask->control[band].ht_mcs[i]);
6851 
6852 	*vht_num_rates = 0;
6853 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6854 		tmp = hweight16(mask->control[band].vht_mcs[i]);
6855 		num_rates += tmp;
6856 		*vht_num_rates += tmp;
6857 	}
6858 
6859 	return num_rates == 1;
6860 }
6861 
6862 static int
6863 ath10k_mac_bitrate_mask_get_single_rate(struct ath10k *ar,
6864 					enum nl80211_band band,
6865 					const struct cfg80211_bitrate_mask *mask,
6866 					u8 *rate, u8 *nss, bool vht_only)
6867 {
6868 	int rate_idx;
6869 	int i;
6870 	u16 bitrate;
6871 	u8 preamble;
6872 	u8 hw_rate;
6873 
6874 	if (vht_only)
6875 		goto next;
6876 
6877 	if (hweight32(mask->control[band].legacy) == 1) {
6878 		rate_idx = ffs(mask->control[band].legacy) - 1;
6879 
6880 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6881 			rate_idx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6882 
6883 		hw_rate = ath10k_wmi_legacy_rates[rate_idx].hw_value;
6884 		bitrate = ath10k_wmi_legacy_rates[rate_idx].bitrate;
6885 
6886 		if (ath10k_mac_bitrate_is_cck(bitrate))
6887 			preamble = WMI_RATE_PREAMBLE_CCK;
6888 		else
6889 			preamble = WMI_RATE_PREAMBLE_OFDM;
6890 
6891 		*nss = 1;
6892 		*rate = preamble << 6 |
6893 			(*nss - 1) << 4 |
6894 			hw_rate << 0;
6895 
6896 		return 0;
6897 	}
6898 
6899 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
6900 		if (hweight8(mask->control[band].ht_mcs[i]) == 1) {
6901 			*nss = i + 1;
6902 			*rate = WMI_RATE_PREAMBLE_HT << 6 |
6903 				(*nss - 1) << 4 |
6904 				(ffs(mask->control[band].ht_mcs[i]) - 1);
6905 
6906 			return 0;
6907 		}
6908 	}
6909 
6910 next:
6911 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6912 		if (hweight16(mask->control[band].vht_mcs[i]) == 1) {
6913 			*nss = i + 1;
6914 			*rate = WMI_RATE_PREAMBLE_VHT << 6 |
6915 				(*nss - 1) << 4 |
6916 				(ffs(mask->control[band].vht_mcs[i]) - 1);
6917 
6918 			return 0;
6919 		}
6920 	}
6921 
6922 	return -EINVAL;
6923 }
6924 
6925 static int ath10k_mac_validate_rate_mask(struct ath10k *ar,
6926 					 struct ieee80211_sta *sta,
6927 					 u32 rate_ctrl_flag, u8 nss)
6928 {
6929 	if (nss > sta->deflink.rx_nss) {
6930 		ath10k_warn(ar, "Invalid nss field, configured %u limit %u\n",
6931 			    nss, sta->deflink.rx_nss);
6932 		return -EINVAL;
6933 	}
6934 
6935 	if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_VHT) {
6936 		if (!sta->deflink.vht_cap.vht_supported) {
6937 			ath10k_warn(ar, "Invalid VHT rate for sta %pM\n",
6938 				    sta->addr);
6939 			return -EINVAL;
6940 		}
6941 	} else if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_HT) {
6942 		if (!sta->deflink.ht_cap.ht_supported || sta->deflink.vht_cap.vht_supported) {
6943 			ath10k_warn(ar, "Invalid HT rate for sta %pM\n",
6944 				    sta->addr);
6945 			return -EINVAL;
6946 		}
6947 	} else {
6948 		if (sta->deflink.ht_cap.ht_supported || sta->deflink.vht_cap.vht_supported)
6949 			return -EINVAL;
6950 	}
6951 
6952 	return 0;
6953 }
6954 
6955 static int
6956 ath10k_mac_tid_bitrate_config(struct ath10k *ar,
6957 			      struct ieee80211_vif *vif,
6958 			      struct ieee80211_sta *sta,
6959 			      u32 *rate_ctrl_flag, u8 *rate_ctrl,
6960 			      enum nl80211_tx_rate_setting txrate_type,
6961 			      const struct cfg80211_bitrate_mask *mask)
6962 {
6963 	struct cfg80211_chan_def def;
6964 	enum nl80211_band band;
6965 	u8 nss, rate;
6966 	int vht_num_rates, ret;
6967 
6968 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
6969 		return -EINVAL;
6970 
6971 	if (txrate_type == NL80211_TX_RATE_AUTOMATIC) {
6972 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
6973 		*rate_ctrl_flag = 0;
6974 		return 0;
6975 	}
6976 
6977 	band = def.chan->band;
6978 
6979 	if (!ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
6980 						     &vht_num_rates)) {
6981 		return -EINVAL;
6982 	}
6983 
6984 	ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
6985 						      &rate, &nss, false);
6986 	if (ret) {
6987 		ath10k_warn(ar, "failed to get single rate: %d\n",
6988 			    ret);
6989 		return ret;
6990 	}
6991 
6992 	*rate_ctrl_flag = rate;
6993 
6994 	if (sta && ath10k_mac_validate_rate_mask(ar, sta, *rate_ctrl_flag, nss))
6995 		return -EINVAL;
6996 
6997 	if (txrate_type == NL80211_TX_RATE_FIXED)
6998 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_FIXED_RATE;
6999 	else if (txrate_type == NL80211_TX_RATE_LIMITED &&
7000 		 (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
7001 			   ar->wmi.svc_map)))
7002 		*rate_ctrl = WMI_PEER_TID_CONFIG_RATE_UPPER_CAP;
7003 	else
7004 		return -EOPNOTSUPP;
7005 
7006 	return 0;
7007 }
7008 
7009 static int ath10k_mac_set_tid_config(struct ath10k *ar, struct ieee80211_sta *sta,
7010 				     struct ieee80211_vif *vif, u32 changed,
7011 				     struct wmi_per_peer_per_tid_cfg_arg *arg)
7012 {
7013 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7014 	struct ath10k_sta *arsta;
7015 	int ret;
7016 
7017 	if (sta) {
7018 		if (!sta->wme)
7019 			return -ENOTSUPP;
7020 
7021 		arsta = (struct ath10k_sta *)sta->drv_priv;
7022 
7023 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7024 			if ((arsta->retry_long[arg->tid] > 0 ||
7025 			     arsta->rate_code[arg->tid] > 0 ||
7026 			     arsta->ampdu[arg->tid] ==
7027 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
7028 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
7029 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
7030 				arg->ack_policy = 0;
7031 				arg->aggr_control = 0;
7032 				arg->rate_ctrl = 0;
7033 				arg->rcode_flags = 0;
7034 			}
7035 		}
7036 
7037 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7038 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
7039 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7040 				arg->aggr_control = 0;
7041 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
7042 			}
7043 		}
7044 
7045 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7046 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7047 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
7048 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7049 				arg->rate_ctrl = 0;
7050 				arg->rcode_flags = 0;
7051 			}
7052 		}
7053 
7054 		ether_addr_copy(arg->peer_macaddr.addr, sta->addr);
7055 
7056 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, arg);
7057 		if (ret)
7058 			return ret;
7059 
7060 		/* Store the configured parameters in success case */
7061 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7062 			arsta->noack[arg->tid] = arg->ack_policy;
7063 			arg->ack_policy = 0;
7064 			arg->aggr_control = 0;
7065 			arg->rate_ctrl = 0;
7066 			arg->rcode_flags = 0;
7067 		}
7068 
7069 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7070 			arsta->retry_long[arg->tid] = arg->retry_count;
7071 			arg->retry_count = 0;
7072 		}
7073 
7074 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7075 			arsta->ampdu[arg->tid] = arg->aggr_control;
7076 			arg->aggr_control = 0;
7077 		}
7078 
7079 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7080 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7081 			arsta->rate_ctrl[arg->tid] = arg->rate_ctrl;
7082 			arg->rate_ctrl = 0;
7083 			arg->rcode_flags = 0;
7084 		}
7085 
7086 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7087 			arsta->rtscts[arg->tid] = arg->rtscts_ctrl;
7088 			arg->ext_tid_cfg_bitmap = 0;
7089 		}
7090 	} else {
7091 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7092 			if ((arvif->retry_long[arg->tid] ||
7093 			     arvif->rate_code[arg->tid] ||
7094 			     arvif->ampdu[arg->tid] ==
7095 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
7096 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
7097 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
7098 			} else {
7099 				arvif->noack[arg->tid] = arg->ack_policy;
7100 				arvif->ampdu[arg->tid] = arg->aggr_control;
7101 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
7102 			}
7103 		}
7104 
7105 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7106 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
7107 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
7108 			else
7109 				arvif->retry_long[arg->tid] = arg->retry_count;
7110 		}
7111 
7112 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7113 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
7114 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL);
7115 			else
7116 				arvif->ampdu[arg->tid] = arg->aggr_control;
7117 		}
7118 
7119 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7120 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7121 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7122 				changed &= ~(BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7123 					     BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE));
7124 			} else {
7125 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
7126 				arvif->rate_code[arg->tid] = arg->rcode_flags;
7127 			}
7128 		}
7129 
7130 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7131 			arvif->rtscts[arg->tid] = arg->rtscts_ctrl;
7132 			arg->ext_tid_cfg_bitmap = 0;
7133 		}
7134 
7135 		if (changed)
7136 			arvif->tid_conf_changed[arg->tid] |= changed;
7137 	}
7138 
7139 	return 0;
7140 }
7141 
7142 static int
7143 ath10k_mac_parse_tid_config(struct ath10k *ar,
7144 			    struct ieee80211_sta *sta,
7145 			    struct ieee80211_vif *vif,
7146 			    struct cfg80211_tid_cfg *tid_conf,
7147 			    struct wmi_per_peer_per_tid_cfg_arg *arg)
7148 {
7149 	u32 changed = tid_conf->mask;
7150 	int ret = 0, i = 0;
7151 
7152 	if (!changed)
7153 		return -EINVAL;
7154 
7155 	while (i < ATH10K_TID_MAX) {
7156 		if (!(tid_conf->tids & BIT(i))) {
7157 			i++;
7158 			continue;
7159 		}
7160 
7161 		arg->tid = i;
7162 
7163 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7164 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE) {
7165 				arg->ack_policy = WMI_PEER_TID_CONFIG_NOACK;
7166 				arg->rate_ctrl =
7167 				WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
7168 				arg->aggr_control =
7169 					WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7170 			} else {
7171 				arg->ack_policy =
7172 					WMI_PEER_TID_CONFIG_ACK;
7173 				arg->rate_ctrl =
7174 					WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7175 				arg->aggr_control =
7176 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7177 			}
7178 		}
7179 
7180 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG))
7181 			arg->retry_count = tid_conf->retry_long;
7182 
7183 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7184 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE)
7185 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7186 			else
7187 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7188 		}
7189 
7190 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7191 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7192 			ret = ath10k_mac_tid_bitrate_config(ar, vif, sta,
7193 							    &arg->rcode_flags,
7194 							    &arg->rate_ctrl,
7195 							    tid_conf->txrate_type,
7196 							&tid_conf->txrate_mask);
7197 			if (ret) {
7198 				ath10k_warn(ar, "failed to configure bitrate mask %d\n",
7199 					    ret);
7200 				arg->rcode_flags = 0;
7201 				arg->rate_ctrl = 0;
7202 			}
7203 		}
7204 
7205 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7206 			if (tid_conf->rtscts)
7207 				arg->rtscts_ctrl = tid_conf->rtscts;
7208 
7209 			arg->ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7210 		}
7211 
7212 		ret = ath10k_mac_set_tid_config(ar, sta, vif, changed, arg);
7213 		if (ret)
7214 			return ret;
7215 		i++;
7216 	}
7217 
7218 	return ret;
7219 }
7220 
7221 static int ath10k_mac_reset_tid_config(struct ath10k *ar,
7222 				       struct ieee80211_sta *sta,
7223 				       struct ath10k_vif *arvif,
7224 				       u8 tids)
7225 {
7226 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7227 	struct wmi_per_peer_per_tid_cfg_arg arg;
7228 	int ret = 0, i = 0;
7229 
7230 	arg.vdev_id = arvif->vdev_id;
7231 	while (i < ATH10K_TID_MAX) {
7232 		if (!(tids & BIT(i))) {
7233 			i++;
7234 			continue;
7235 		}
7236 
7237 		arg.tid = i;
7238 		arg.ack_policy = WMI_PEER_TID_CONFIG_ACK;
7239 		arg.retry_count = ATH10K_MAX_RETRY_COUNT;
7240 		arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7241 		arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7242 		arg.rtscts_ctrl = WMI_TID_CONFIG_RTSCTS_CONTROL_ENABLE;
7243 		arg.ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7244 
7245 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7246 
7247 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7248 		if (ret)
7249 			return ret;
7250 
7251 		if (!arvif->tids_rst) {
7252 			arsta->retry_long[i] = -1;
7253 			arsta->noack[i] = -1;
7254 			arsta->ampdu[i] = -1;
7255 			arsta->rate_code[i] = -1;
7256 			arsta->rate_ctrl[i] = 0;
7257 			arsta->rtscts[i] = -1;
7258 		} else {
7259 			arvif->retry_long[i] = 0;
7260 			arvif->noack[i] = 0;
7261 			arvif->ampdu[i] = 0;
7262 			arvif->rate_code[i] = 0;
7263 			arvif->rate_ctrl[i] = 0;
7264 			arvif->rtscts[i] = 0;
7265 		}
7266 
7267 		i++;
7268 	}
7269 
7270 	return ret;
7271 }
7272 
7273 static void ath10k_sta_tid_cfg_wk(struct work_struct *wk)
7274 {
7275 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
7276 	struct ieee80211_sta *sta;
7277 	struct ath10k_sta *arsta;
7278 	struct ath10k_vif *arvif;
7279 	struct ath10k *ar;
7280 	bool config_apply;
7281 	int ret, i;
7282 	u32 changed;
7283 	u8 nss;
7284 
7285 	arsta = container_of(wk, struct ath10k_sta, tid_config_wk);
7286 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
7287 	arvif = arsta->arvif;
7288 	ar = arvif->ar;
7289 
7290 	mutex_lock(&ar->conf_mutex);
7291 
7292 	if (arvif->tids_rst) {
7293 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif,
7294 						  arvif->tids_rst);
7295 		goto exit;
7296 	}
7297 
7298 	ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7299 
7300 	for (i = 0; i < ATH10K_TID_MAX; i++) {
7301 		config_apply = false;
7302 		changed = arvif->tid_conf_changed[i];
7303 
7304 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7305 			if (arsta->noack[i] != -1) {
7306 				arg.ack_policy  = 0;
7307 			} else {
7308 				config_apply = true;
7309 				arg.ack_policy = arvif->noack[i];
7310 				arg.aggr_control = arvif->ampdu[i];
7311 				arg.rate_ctrl = arvif->rate_ctrl[i];
7312 			}
7313 		}
7314 
7315 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7316 			if (arsta->retry_long[i] != -1 ||
7317 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7318 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7319 				arg.retry_count = 0;
7320 			} else {
7321 				arg.retry_count = arvif->retry_long[i];
7322 				config_apply = true;
7323 			}
7324 		}
7325 
7326 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7327 			if (arsta->ampdu[i] != -1 ||
7328 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7329 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7330 				arg.aggr_control = 0;
7331 			} else {
7332 				arg.aggr_control = arvif->ampdu[i];
7333 				config_apply = true;
7334 			}
7335 		}
7336 
7337 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7338 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7339 			nss = ATH10K_HW_NSS(arvif->rate_code[i]);
7340 			ret = ath10k_mac_validate_rate_mask(ar, sta,
7341 							    arvif->rate_code[i],
7342 							    nss);
7343 			if (ret &&
7344 			    arvif->rate_ctrl[i] > WMI_TID_CONFIG_RATE_CONTROL_AUTO) {
7345 				arg.rate_ctrl = 0;
7346 				arg.rcode_flags = 0;
7347 			}
7348 
7349 			if (arsta->rate_ctrl[i] >
7350 			    WMI_TID_CONFIG_RATE_CONTROL_AUTO ||
7351 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7352 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7353 				arg.rate_ctrl = 0;
7354 				arg.rcode_flags = 0;
7355 			} else {
7356 				arg.rate_ctrl = arvif->rate_ctrl[i];
7357 				arg.rcode_flags = arvif->rate_code[i];
7358 				config_apply = true;
7359 			}
7360 		}
7361 
7362 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7363 			if (arsta->rtscts[i]) {
7364 				arg.rtscts_ctrl = 0;
7365 				arg.ext_tid_cfg_bitmap = 0;
7366 			} else {
7367 				arg.rtscts_ctrl = arvif->rtscts[i] - 1;
7368 				arg.ext_tid_cfg_bitmap =
7369 					WMI_EXT_TID_RTS_CTS_CONFIG;
7370 				config_apply = true;
7371 			}
7372 		}
7373 
7374 		arg.tid = i;
7375 
7376 		if (config_apply) {
7377 			ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7378 			if (ret)
7379 				ath10k_warn(ar, "failed to set per tid config for sta %pM: %d\n",
7380 					    sta->addr, ret);
7381 		}
7382 
7383 		arg.ack_policy  = 0;
7384 		arg.retry_count  = 0;
7385 		arg.aggr_control  = 0;
7386 		arg.rate_ctrl = 0;
7387 		arg.rcode_flags = 0;
7388 	}
7389 
7390 exit:
7391 	mutex_unlock(&ar->conf_mutex);
7392 }
7393 
7394 static void ath10k_mac_vif_stations_tid_conf(void *data,
7395 					     struct ieee80211_sta *sta)
7396 {
7397 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7398 	struct ath10k_mac_iter_tid_conf_data *iter_data = data;
7399 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
7400 
7401 	if (sta_vif != iter_data->curr_vif || !sta->wme)
7402 		return;
7403 
7404 	ieee80211_queue_work(iter_data->ar->hw, &arsta->tid_config_wk);
7405 }
7406 
7407 static int ath10k_sta_state(struct ieee80211_hw *hw,
7408 			    struct ieee80211_vif *vif,
7409 			    struct ieee80211_sta *sta,
7410 			    enum ieee80211_sta_state old_state,
7411 			    enum ieee80211_sta_state new_state)
7412 {
7413 	struct ath10k *ar = hw->priv;
7414 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7415 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7416 	struct ath10k_peer *peer;
7417 	int ret = 0;
7418 	int i;
7419 
7420 	if (old_state == IEEE80211_STA_NOTEXIST &&
7421 	    new_state == IEEE80211_STA_NONE) {
7422 		memset(arsta, 0, sizeof(*arsta));
7423 		arsta->arvif = arvif;
7424 		arsta->peer_ps_state = WMI_PEER_PS_STATE_DISABLED;
7425 		INIT_WORK(&arsta->update_wk, ath10k_sta_rc_update_wk);
7426 		INIT_WORK(&arsta->tid_config_wk, ath10k_sta_tid_cfg_wk);
7427 
7428 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7429 			ath10k_mac_txq_init(sta->txq[i]);
7430 	}
7431 
7432 	/* cancel must be done outside the mutex to avoid deadlock */
7433 	if ((old_state == IEEE80211_STA_NONE &&
7434 	     new_state == IEEE80211_STA_NOTEXIST)) {
7435 		cancel_work_sync(&arsta->update_wk);
7436 		cancel_work_sync(&arsta->tid_config_wk);
7437 	}
7438 
7439 	mutex_lock(&ar->conf_mutex);
7440 
7441 	if (old_state == IEEE80211_STA_NOTEXIST &&
7442 	    new_state == IEEE80211_STA_NONE) {
7443 		/*
7444 		 * New station addition.
7445 		 */
7446 		enum wmi_peer_type peer_type = WMI_PEER_TYPE_DEFAULT;
7447 		u32 num_tdls_stations;
7448 
7449 		ath10k_dbg(ar, ATH10K_DBG_STA,
7450 			   "mac vdev %d peer create %pM (new sta) sta %d / %d peer %d / %d\n",
7451 			   arvif->vdev_id, sta->addr,
7452 			   ar->num_stations + 1, ar->max_num_stations,
7453 			   ar->num_peers + 1, ar->max_num_peers);
7454 
7455 		num_tdls_stations = ath10k_mac_tdls_vif_stations_count(hw, vif);
7456 
7457 		if (sta->tdls) {
7458 			if (num_tdls_stations >= ar->max_num_tdls_vdevs) {
7459 				ath10k_warn(ar, "vdev %i exceeded maximum number of tdls vdevs %i\n",
7460 					    arvif->vdev_id,
7461 					    ar->max_num_tdls_vdevs);
7462 				ret = -ELNRNG;
7463 				goto exit;
7464 			}
7465 			peer_type = WMI_PEER_TYPE_TDLS;
7466 		}
7467 
7468 		ret = ath10k_mac_inc_num_stations(arvif, sta);
7469 		if (ret) {
7470 			ath10k_warn(ar, "refusing to associate station: too many connected already (%d)\n",
7471 				    ar->max_num_stations);
7472 			goto exit;
7473 		}
7474 
7475 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7476 			arsta->tx_stats = kzalloc(sizeof(*arsta->tx_stats),
7477 						  GFP_KERNEL);
7478 			if (!arsta->tx_stats) {
7479 				ath10k_mac_dec_num_stations(arvif, sta);
7480 				ret = -ENOMEM;
7481 				goto exit;
7482 			}
7483 		}
7484 
7485 		ret = ath10k_peer_create(ar, vif, sta, arvif->vdev_id,
7486 					 sta->addr, peer_type);
7487 		if (ret) {
7488 			ath10k_warn(ar, "failed to add peer %pM for vdev %d when adding a new sta: %i\n",
7489 				    sta->addr, arvif->vdev_id, ret);
7490 			ath10k_mac_dec_num_stations(arvif, sta);
7491 			kfree(arsta->tx_stats);
7492 			goto exit;
7493 		}
7494 
7495 		spin_lock_bh(&ar->data_lock);
7496 
7497 		peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
7498 		if (!peer) {
7499 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
7500 				    vif->addr, arvif->vdev_id);
7501 			spin_unlock_bh(&ar->data_lock);
7502 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7503 			ath10k_mac_dec_num_stations(arvif, sta);
7504 			kfree(arsta->tx_stats);
7505 			ret = -ENOENT;
7506 			goto exit;
7507 		}
7508 
7509 		arsta->peer_id = find_first_bit(peer->peer_ids,
7510 						ATH10K_MAX_NUM_PEER_IDS);
7511 
7512 		spin_unlock_bh(&ar->data_lock);
7513 
7514 		if (!sta->tdls)
7515 			goto exit;
7516 
7517 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7518 						      WMI_TDLS_ENABLE_ACTIVE);
7519 		if (ret) {
7520 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7521 				    arvif->vdev_id, ret);
7522 			ath10k_peer_delete(ar, arvif->vdev_id,
7523 					   sta->addr);
7524 			ath10k_mac_dec_num_stations(arvif, sta);
7525 			kfree(arsta->tx_stats);
7526 			goto exit;
7527 		}
7528 
7529 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7530 						  WMI_TDLS_PEER_STATE_PEERING);
7531 		if (ret) {
7532 			ath10k_warn(ar,
7533 				    "failed to update tdls peer %pM for vdev %d when adding a new sta: %i\n",
7534 				    sta->addr, arvif->vdev_id, ret);
7535 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7536 			ath10k_mac_dec_num_stations(arvif, sta);
7537 			kfree(arsta->tx_stats);
7538 
7539 			if (num_tdls_stations != 0)
7540 				goto exit;
7541 			ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7542 							WMI_TDLS_DISABLE);
7543 		}
7544 	} else if ((old_state == IEEE80211_STA_NONE &&
7545 		    new_state == IEEE80211_STA_NOTEXIST)) {
7546 		/*
7547 		 * Existing station deletion.
7548 		 */
7549 		ath10k_dbg(ar, ATH10K_DBG_STA,
7550 			   "mac vdev %d peer delete %pM sta %pK (sta gone)\n",
7551 			   arvif->vdev_id, sta->addr, sta);
7552 
7553 		if (sta->tdls) {
7554 			ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id,
7555 							  sta,
7556 							  WMI_TDLS_PEER_STATE_TEARDOWN);
7557 			if (ret)
7558 				ath10k_warn(ar, "failed to update tdls peer state for %pM state %d: %i\n",
7559 					    sta->addr,
7560 					    WMI_TDLS_PEER_STATE_TEARDOWN, ret);
7561 		}
7562 
7563 		ret = ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7564 		if (ret)
7565 			ath10k_warn(ar, "failed to delete peer %pM for vdev %d: %i\n",
7566 				    sta->addr, arvif->vdev_id, ret);
7567 
7568 		ath10k_mac_dec_num_stations(arvif, sta);
7569 
7570 		spin_lock_bh(&ar->data_lock);
7571 		for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
7572 			peer = ar->peer_map[i];
7573 			if (!peer)
7574 				continue;
7575 
7576 			if (peer->sta == sta) {
7577 				ath10k_warn(ar, "found sta peer %pM (ptr %pK id %d) entry on vdev %i after it was supposedly removed\n",
7578 					    sta->addr, peer, i, arvif->vdev_id);
7579 				peer->sta = NULL;
7580 
7581 				/* Clean up the peer object as well since we
7582 				 * must have failed to do this above.
7583 				 */
7584 				list_del(&peer->list);
7585 				ar->peer_map[i] = NULL;
7586 				kfree(peer);
7587 				ar->num_peers--;
7588 			}
7589 		}
7590 		spin_unlock_bh(&ar->data_lock);
7591 
7592 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7593 			kfree(arsta->tx_stats);
7594 			arsta->tx_stats = NULL;
7595 		}
7596 
7597 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7598 			ath10k_mac_txq_unref(ar, sta->txq[i]);
7599 
7600 		if (!sta->tdls)
7601 			goto exit;
7602 
7603 		if (ath10k_mac_tdls_vif_stations_count(hw, vif))
7604 			goto exit;
7605 
7606 		/* This was the last tdls peer in current vif */
7607 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7608 						      WMI_TDLS_DISABLE);
7609 		if (ret) {
7610 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7611 				    arvif->vdev_id, ret);
7612 		}
7613 	} else if (old_state == IEEE80211_STA_AUTH &&
7614 		   new_state == IEEE80211_STA_ASSOC &&
7615 		   (vif->type == NL80211_IFTYPE_AP ||
7616 		    vif->type == NL80211_IFTYPE_MESH_POINT ||
7617 		    vif->type == NL80211_IFTYPE_ADHOC)) {
7618 		/*
7619 		 * New association.
7620 		 */
7621 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac sta %pM associated\n",
7622 			   sta->addr);
7623 
7624 		ret = ath10k_station_assoc(ar, vif, sta, false);
7625 		if (ret)
7626 			ath10k_warn(ar, "failed to associate station %pM for vdev %i: %i\n",
7627 				    sta->addr, arvif->vdev_id, ret);
7628 	} else if (old_state == IEEE80211_STA_ASSOC &&
7629 		   new_state == IEEE80211_STA_AUTHORIZED &&
7630 		   sta->tdls) {
7631 		/*
7632 		 * Tdls station authorized.
7633 		 */
7634 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac tdls sta %pM authorized\n",
7635 			   sta->addr);
7636 
7637 		ret = ath10k_station_assoc(ar, vif, sta, false);
7638 		if (ret) {
7639 			ath10k_warn(ar, "failed to associate tdls station %pM for vdev %i: %i\n",
7640 				    sta->addr, arvif->vdev_id, ret);
7641 			goto exit;
7642 		}
7643 
7644 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7645 						  WMI_TDLS_PEER_STATE_CONNECTED);
7646 		if (ret)
7647 			ath10k_warn(ar, "failed to update tdls peer %pM for vdev %i: %i\n",
7648 				    sta->addr, arvif->vdev_id, ret);
7649 	} else if (old_state == IEEE80211_STA_ASSOC &&
7650 		    new_state == IEEE80211_STA_AUTH &&
7651 		    (vif->type == NL80211_IFTYPE_AP ||
7652 		     vif->type == NL80211_IFTYPE_MESH_POINT ||
7653 		     vif->type == NL80211_IFTYPE_ADHOC)) {
7654 		/*
7655 		 * Disassociation.
7656 		 */
7657 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac sta %pM disassociated\n",
7658 			   sta->addr);
7659 
7660 		ret = ath10k_station_disassoc(ar, vif, sta);
7661 		if (ret)
7662 			ath10k_warn(ar, "failed to disassociate station: %pM vdev %i: %i\n",
7663 				    sta->addr, arvif->vdev_id, ret);
7664 	}
7665 exit:
7666 	mutex_unlock(&ar->conf_mutex);
7667 	return ret;
7668 }
7669 
7670 static int ath10k_conf_tx_uapsd(struct ath10k *ar, struct ieee80211_vif *vif,
7671 				u16 ac, bool enable)
7672 {
7673 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7674 	struct wmi_sta_uapsd_auto_trig_arg arg = {};
7675 	u32 prio = 0, acc = 0;
7676 	u32 value = 0;
7677 	int ret = 0;
7678 
7679 	lockdep_assert_held(&ar->conf_mutex);
7680 
7681 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
7682 		return 0;
7683 
7684 	switch (ac) {
7685 	case IEEE80211_AC_VO:
7686 		value = WMI_STA_PS_UAPSD_AC3_DELIVERY_EN |
7687 			WMI_STA_PS_UAPSD_AC3_TRIGGER_EN;
7688 		prio = 7;
7689 		acc = 3;
7690 		break;
7691 	case IEEE80211_AC_VI:
7692 		value = WMI_STA_PS_UAPSD_AC2_DELIVERY_EN |
7693 			WMI_STA_PS_UAPSD_AC2_TRIGGER_EN;
7694 		prio = 5;
7695 		acc = 2;
7696 		break;
7697 	case IEEE80211_AC_BE:
7698 		value = WMI_STA_PS_UAPSD_AC1_DELIVERY_EN |
7699 			WMI_STA_PS_UAPSD_AC1_TRIGGER_EN;
7700 		prio = 2;
7701 		acc = 1;
7702 		break;
7703 	case IEEE80211_AC_BK:
7704 		value = WMI_STA_PS_UAPSD_AC0_DELIVERY_EN |
7705 			WMI_STA_PS_UAPSD_AC0_TRIGGER_EN;
7706 		prio = 0;
7707 		acc = 0;
7708 		break;
7709 	}
7710 
7711 	if (enable)
7712 		arvif->u.sta.uapsd |= value;
7713 	else
7714 		arvif->u.sta.uapsd &= ~value;
7715 
7716 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7717 					  WMI_STA_PS_PARAM_UAPSD,
7718 					  arvif->u.sta.uapsd);
7719 	if (ret) {
7720 		ath10k_warn(ar, "failed to set uapsd params: %d\n", ret);
7721 		goto exit;
7722 	}
7723 
7724 	if (arvif->u.sta.uapsd)
7725 		value = WMI_STA_PS_RX_WAKE_POLICY_POLL_UAPSD;
7726 	else
7727 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
7728 
7729 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7730 					  WMI_STA_PS_PARAM_RX_WAKE_POLICY,
7731 					  value);
7732 	if (ret)
7733 		ath10k_warn(ar, "failed to set rx wake param: %d\n", ret);
7734 
7735 	ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
7736 	if (ret) {
7737 		ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
7738 			    arvif->vdev_id, ret);
7739 		return ret;
7740 	}
7741 
7742 	ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
7743 	if (ret) {
7744 		ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
7745 			    arvif->vdev_id, ret);
7746 		return ret;
7747 	}
7748 
7749 	if (test_bit(WMI_SERVICE_STA_UAPSD_BASIC_AUTO_TRIG, ar->wmi.svc_map) ||
7750 	    test_bit(WMI_SERVICE_STA_UAPSD_VAR_AUTO_TRIG, ar->wmi.svc_map)) {
7751 		/* Only userspace can make an educated decision when to send
7752 		 * trigger frame. The following effectively disables u-UAPSD
7753 		 * autotrigger in firmware (which is enabled by default
7754 		 * provided the autotrigger service is available).
7755 		 */
7756 
7757 		arg.wmm_ac = acc;
7758 		arg.user_priority = prio;
7759 		arg.service_interval = 0;
7760 		arg.suspend_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7761 		arg.delay_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7762 
7763 		ret = ath10k_wmi_vdev_sta_uapsd(ar, arvif->vdev_id,
7764 						arvif->bssid, &arg, 1);
7765 		if (ret) {
7766 			ath10k_warn(ar, "failed to set uapsd auto trigger %d\n",
7767 				    ret);
7768 			return ret;
7769 		}
7770 	}
7771 
7772 exit:
7773 	return ret;
7774 }
7775 
7776 static int ath10k_conf_tx(struct ieee80211_hw *hw,
7777 			  struct ieee80211_vif *vif, u16 ac,
7778 			  const struct ieee80211_tx_queue_params *params)
7779 {
7780 	struct ath10k *ar = hw->priv;
7781 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7782 	struct wmi_wmm_params_arg *p = NULL;
7783 	int ret;
7784 
7785 	mutex_lock(&ar->conf_mutex);
7786 
7787 	switch (ac) {
7788 	case IEEE80211_AC_VO:
7789 		p = &arvif->wmm_params.ac_vo;
7790 		break;
7791 	case IEEE80211_AC_VI:
7792 		p = &arvif->wmm_params.ac_vi;
7793 		break;
7794 	case IEEE80211_AC_BE:
7795 		p = &arvif->wmm_params.ac_be;
7796 		break;
7797 	case IEEE80211_AC_BK:
7798 		p = &arvif->wmm_params.ac_bk;
7799 		break;
7800 	}
7801 
7802 	if (WARN_ON(!p)) {
7803 		ret = -EINVAL;
7804 		goto exit;
7805 	}
7806 
7807 	p->cwmin = params->cw_min;
7808 	p->cwmax = params->cw_max;
7809 	p->aifs = params->aifs;
7810 
7811 	/*
7812 	 * The channel time duration programmed in the HW is in absolute
7813 	 * microseconds, while mac80211 gives the txop in units of
7814 	 * 32 microseconds.
7815 	 */
7816 	p->txop = params->txop * 32;
7817 
7818 	if (ar->wmi.ops->gen_vdev_wmm_conf) {
7819 		ret = ath10k_wmi_vdev_wmm_conf(ar, arvif->vdev_id,
7820 					       &arvif->wmm_params);
7821 		if (ret) {
7822 			ath10k_warn(ar, "failed to set vdev wmm params on vdev %i: %d\n",
7823 				    arvif->vdev_id, ret);
7824 			goto exit;
7825 		}
7826 	} else {
7827 		/* This won't work well with multi-interface cases but it's
7828 		 * better than nothing.
7829 		 */
7830 		ret = ath10k_wmi_pdev_set_wmm_params(ar, &arvif->wmm_params);
7831 		if (ret) {
7832 			ath10k_warn(ar, "failed to set wmm params: %d\n", ret);
7833 			goto exit;
7834 		}
7835 	}
7836 
7837 	ret = ath10k_conf_tx_uapsd(ar, vif, ac, params->uapsd);
7838 	if (ret)
7839 		ath10k_warn(ar, "failed to set sta uapsd: %d\n", ret);
7840 
7841 exit:
7842 	mutex_unlock(&ar->conf_mutex);
7843 	return ret;
7844 }
7845 
7846 static int ath10k_remain_on_channel(struct ieee80211_hw *hw,
7847 				    struct ieee80211_vif *vif,
7848 				    struct ieee80211_channel *chan,
7849 				    int duration,
7850 				    enum ieee80211_roc_type type)
7851 {
7852 	struct ath10k *ar = hw->priv;
7853 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7854 	struct wmi_start_scan_arg arg;
7855 	int ret = 0;
7856 	u32 scan_time_msec;
7857 
7858 	mutex_lock(&ar->conf_mutex);
7859 
7860 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
7861 		ret = -EBUSY;
7862 		goto exit;
7863 	}
7864 
7865 	spin_lock_bh(&ar->data_lock);
7866 	switch (ar->scan.state) {
7867 	case ATH10K_SCAN_IDLE:
7868 		reinit_completion(&ar->scan.started);
7869 		reinit_completion(&ar->scan.completed);
7870 		reinit_completion(&ar->scan.on_channel);
7871 		ar->scan.state = ATH10K_SCAN_STARTING;
7872 		ar->scan.is_roc = true;
7873 		ar->scan.vdev_id = arvif->vdev_id;
7874 		ar->scan.roc_freq = chan->center_freq;
7875 		ar->scan.roc_notify = true;
7876 		ret = 0;
7877 		break;
7878 	case ATH10K_SCAN_STARTING:
7879 	case ATH10K_SCAN_RUNNING:
7880 	case ATH10K_SCAN_ABORTING:
7881 		ret = -EBUSY;
7882 		break;
7883 	}
7884 	spin_unlock_bh(&ar->data_lock);
7885 
7886 	if (ret)
7887 		goto exit;
7888 
7889 	scan_time_msec = ar->hw->wiphy->max_remain_on_channel_duration * 2;
7890 
7891 	memset(&arg, 0, sizeof(arg));
7892 	ath10k_wmi_start_scan_init(ar, &arg);
7893 	arg.vdev_id = arvif->vdev_id;
7894 	arg.scan_id = ATH10K_SCAN_ID;
7895 	arg.n_channels = 1;
7896 	arg.channels[0] = chan->center_freq;
7897 	arg.dwell_time_active = scan_time_msec;
7898 	arg.dwell_time_passive = scan_time_msec;
7899 	arg.max_scan_time = scan_time_msec;
7900 	arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
7901 	arg.scan_ctrl_flags |= WMI_SCAN_FILTER_PROBE_REQ;
7902 	arg.burst_duration_ms = duration;
7903 
7904 	ret = ath10k_start_scan(ar, &arg);
7905 	if (ret) {
7906 		ath10k_warn(ar, "failed to start roc scan: %d\n", ret);
7907 		spin_lock_bh(&ar->data_lock);
7908 		ar->scan.state = ATH10K_SCAN_IDLE;
7909 		spin_unlock_bh(&ar->data_lock);
7910 		goto exit;
7911 	}
7912 
7913 	ret = wait_for_completion_timeout(&ar->scan.on_channel, 3 * HZ);
7914 	if (ret == 0) {
7915 		ath10k_warn(ar, "failed to switch to channel for roc scan\n");
7916 
7917 		ret = ath10k_scan_stop(ar);
7918 		if (ret)
7919 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
7920 
7921 		ret = -ETIMEDOUT;
7922 		goto exit;
7923 	}
7924 
7925 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
7926 				     msecs_to_jiffies(duration));
7927 
7928 	ret = 0;
7929 exit:
7930 	mutex_unlock(&ar->conf_mutex);
7931 	return ret;
7932 }
7933 
7934 static int ath10k_cancel_remain_on_channel(struct ieee80211_hw *hw,
7935 					   struct ieee80211_vif *vif)
7936 {
7937 	struct ath10k *ar = hw->priv;
7938 
7939 	mutex_lock(&ar->conf_mutex);
7940 
7941 	spin_lock_bh(&ar->data_lock);
7942 	ar->scan.roc_notify = false;
7943 	spin_unlock_bh(&ar->data_lock);
7944 
7945 	ath10k_scan_abort(ar);
7946 
7947 	mutex_unlock(&ar->conf_mutex);
7948 
7949 	cancel_delayed_work_sync(&ar->scan.timeout);
7950 
7951 	return 0;
7952 }
7953 
7954 /*
7955  * Both RTS and Fragmentation threshold are interface-specific
7956  * in ath10k, but device-specific in mac80211.
7957  */
7958 
7959 static int ath10k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
7960 {
7961 	struct ath10k *ar = hw->priv;
7962 	struct ath10k_vif *arvif;
7963 	int ret = 0;
7964 
7965 	mutex_lock(&ar->conf_mutex);
7966 	list_for_each_entry(arvif, &ar->arvifs, list) {
7967 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d rts threshold %d\n",
7968 			   arvif->vdev_id, value);
7969 
7970 		ret = ath10k_mac_set_rts(arvif, value);
7971 		if (ret) {
7972 			ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
7973 				    arvif->vdev_id, ret);
7974 			break;
7975 		}
7976 	}
7977 	mutex_unlock(&ar->conf_mutex);
7978 
7979 	return ret;
7980 }
7981 
7982 static int ath10k_mac_op_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
7983 {
7984 	/* Even though there's a WMI enum for fragmentation threshold no known
7985 	 * firmware actually implements it. Moreover it is not possible to rely
7986 	 * frame fragmentation to mac80211 because firmware clears the "more
7987 	 * fragments" bit in frame control making it impossible for remote
7988 	 * devices to reassemble frames.
7989 	 *
7990 	 * Hence implement a dummy callback just to say fragmentation isn't
7991 	 * supported. This effectively prevents mac80211 from doing frame
7992 	 * fragmentation in software.
7993 	 */
7994 	return -EOPNOTSUPP;
7995 }
7996 
7997 void ath10k_mac_wait_tx_complete(struct ath10k *ar)
7998 {
7999 	bool skip;
8000 	long time_left;
8001 
8002 	/* mac80211 doesn't care if we really xmit queued frames or not
8003 	 * we'll collect those frames either way if we stop/delete vdevs
8004 	 */
8005 
8006 	if (ar->state == ATH10K_STATE_WEDGED)
8007 		return;
8008 
8009 	time_left = wait_event_timeout(ar->htt.empty_tx_wq, ({
8010 			bool empty;
8011 
8012 			spin_lock_bh(&ar->htt.tx_lock);
8013 			empty = (ar->htt.num_pending_tx == 0);
8014 			spin_unlock_bh(&ar->htt.tx_lock);
8015 
8016 			skip = (ar->state == ATH10K_STATE_WEDGED) ||
8017 			       test_bit(ATH10K_FLAG_CRASH_FLUSH,
8018 					&ar->dev_flags);
8019 
8020 			(empty || skip);
8021 		}), ATH10K_FLUSH_TIMEOUT_HZ);
8022 
8023 	if (time_left == 0 || skip)
8024 		ath10k_warn(ar, "failed to flush transmit queue (skip %i ar-state %i): %ld\n",
8025 			    skip, ar->state, time_left);
8026 }
8027 
8028 static void ath10k_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
8029 			 u32 queues, bool drop)
8030 {
8031 	struct ath10k *ar = hw->priv;
8032 	struct ath10k_vif *arvif;
8033 	u32 bitmap;
8034 
8035 	if (drop) {
8036 		if (vif && vif->type == NL80211_IFTYPE_STATION) {
8037 			bitmap = ~(1 << WMI_MGMT_TID);
8038 			list_for_each_entry(arvif, &ar->arvifs, list) {
8039 				if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
8040 					ath10k_wmi_peer_flush(ar, arvif->vdev_id,
8041 							      arvif->bssid, bitmap);
8042 			}
8043 			ath10k_htt_flush_tx(&ar->htt);
8044 		}
8045 		return;
8046 	}
8047 
8048 	mutex_lock(&ar->conf_mutex);
8049 	ath10k_mac_wait_tx_complete(ar);
8050 	mutex_unlock(&ar->conf_mutex);
8051 }
8052 
8053 /* TODO: Implement this function properly
8054  * For now it is needed to reply to Probe Requests in IBSS mode.
8055  * Propably we need this information from FW.
8056  */
8057 static int ath10k_tx_last_beacon(struct ieee80211_hw *hw)
8058 {
8059 	return 1;
8060 }
8061 
8062 static void ath10k_reconfig_complete(struct ieee80211_hw *hw,
8063 				     enum ieee80211_reconfig_type reconfig_type)
8064 {
8065 	struct ath10k *ar = hw->priv;
8066 
8067 	if (reconfig_type != IEEE80211_RECONFIG_TYPE_RESTART)
8068 		return;
8069 
8070 	mutex_lock(&ar->conf_mutex);
8071 
8072 	/* If device failed to restart it will be in a different state, e.g.
8073 	 * ATH10K_STATE_WEDGED
8074 	 */
8075 	if (ar->state == ATH10K_STATE_RESTARTED) {
8076 		ath10k_info(ar, "device successfully recovered\n");
8077 		ar->state = ATH10K_STATE_ON;
8078 		ieee80211_wake_queues(ar->hw);
8079 		clear_bit(ATH10K_FLAG_RESTARTING, &ar->dev_flags);
8080 	}
8081 
8082 	mutex_unlock(&ar->conf_mutex);
8083 }
8084 
8085 static void
8086 ath10k_mac_update_bss_chan_survey(struct ath10k *ar,
8087 				  struct ieee80211_channel *channel)
8088 {
8089 	int ret;
8090 	enum wmi_bss_survey_req_type type = WMI_BSS_SURVEY_REQ_TYPE_READ;
8091 
8092 	lockdep_assert_held(&ar->conf_mutex);
8093 
8094 	if (!test_bit(WMI_SERVICE_BSS_CHANNEL_INFO_64, ar->wmi.svc_map) ||
8095 	    (ar->rx_channel != channel))
8096 		return;
8097 
8098 	if (ar->scan.state != ATH10K_SCAN_IDLE) {
8099 		ath10k_dbg(ar, ATH10K_DBG_MAC, "ignoring bss chan info request while scanning..\n");
8100 		return;
8101 	}
8102 
8103 	reinit_completion(&ar->bss_survey_done);
8104 
8105 	ret = ath10k_wmi_pdev_bss_chan_info_request(ar, type);
8106 	if (ret) {
8107 		ath10k_warn(ar, "failed to send pdev bss chan info request\n");
8108 		return;
8109 	}
8110 
8111 	ret = wait_for_completion_timeout(&ar->bss_survey_done, 3 * HZ);
8112 	if (!ret) {
8113 		ath10k_warn(ar, "bss channel survey timed out\n");
8114 		return;
8115 	}
8116 }
8117 
8118 static int ath10k_get_survey(struct ieee80211_hw *hw, int idx,
8119 			     struct survey_info *survey)
8120 {
8121 	struct ath10k *ar = hw->priv;
8122 	struct ieee80211_supported_band *sband;
8123 	struct survey_info *ar_survey = &ar->survey[idx];
8124 	int ret = 0;
8125 
8126 	mutex_lock(&ar->conf_mutex);
8127 
8128 	sband = hw->wiphy->bands[NL80211_BAND_2GHZ];
8129 	if (sband && idx >= sband->n_channels) {
8130 		idx -= sband->n_channels;
8131 		sband = NULL;
8132 	}
8133 
8134 	if (!sband)
8135 		sband = hw->wiphy->bands[NL80211_BAND_5GHZ];
8136 
8137 	if (!sband || idx >= sband->n_channels) {
8138 		ret = -ENOENT;
8139 		goto exit;
8140 	}
8141 
8142 	ath10k_mac_update_bss_chan_survey(ar, &sband->channels[idx]);
8143 
8144 	spin_lock_bh(&ar->data_lock);
8145 	memcpy(survey, ar_survey, sizeof(*survey));
8146 	spin_unlock_bh(&ar->data_lock);
8147 
8148 	survey->channel = &sband->channels[idx];
8149 
8150 	if (ar->rx_channel == survey->channel)
8151 		survey->filled |= SURVEY_INFO_IN_USE;
8152 
8153 exit:
8154 	mutex_unlock(&ar->conf_mutex);
8155 	return ret;
8156 }
8157 
8158 static bool
8159 ath10k_mac_bitrate_mask_get_single_nss(struct ath10k *ar,
8160 				       enum nl80211_band band,
8161 				       const struct cfg80211_bitrate_mask *mask,
8162 				       int *nss)
8163 {
8164 	struct ieee80211_supported_band *sband = &ar->mac.sbands[band];
8165 	u16 vht_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
8166 	u8 ht_nss_mask = 0;
8167 	u8 vht_nss_mask = 0;
8168 	int i;
8169 
8170 	if (mask->control[band].legacy)
8171 		return false;
8172 
8173 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
8174 		if (mask->control[band].ht_mcs[i] == 0)
8175 			continue;
8176 		else if (mask->control[band].ht_mcs[i] ==
8177 			 sband->ht_cap.mcs.rx_mask[i])
8178 			ht_nss_mask |= BIT(i);
8179 		else
8180 			return false;
8181 	}
8182 
8183 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
8184 		if (mask->control[band].vht_mcs[i] == 0)
8185 			continue;
8186 		else if (mask->control[band].vht_mcs[i] ==
8187 			 ath10k_mac_get_max_vht_mcs_map(vht_mcs_map, i))
8188 			vht_nss_mask |= BIT(i);
8189 		else
8190 			return false;
8191 	}
8192 
8193 	if (ht_nss_mask != vht_nss_mask)
8194 		return false;
8195 
8196 	if (ht_nss_mask == 0)
8197 		return false;
8198 
8199 	if (BIT(fls(ht_nss_mask)) - 1 != ht_nss_mask)
8200 		return false;
8201 
8202 	*nss = fls(ht_nss_mask);
8203 
8204 	return true;
8205 }
8206 
8207 static int ath10k_mac_set_fixed_rate_params(struct ath10k_vif *arvif,
8208 					    u8 rate, u8 nss, u8 sgi, u8 ldpc)
8209 {
8210 	struct ath10k *ar = arvif->ar;
8211 	u32 vdev_param;
8212 	int ret;
8213 
8214 	lockdep_assert_held(&ar->conf_mutex);
8215 
8216 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac set fixed rate params vdev %i rate 0x%02x nss %u sgi %u\n",
8217 		   arvif->vdev_id, rate, nss, sgi);
8218 
8219 	vdev_param = ar->wmi.vdev_param->fixed_rate;
8220 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, rate);
8221 	if (ret) {
8222 		ath10k_warn(ar, "failed to set fixed rate param 0x%02x: %d\n",
8223 			    rate, ret);
8224 		return ret;
8225 	}
8226 
8227 	vdev_param = ar->wmi.vdev_param->nss;
8228 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, nss);
8229 	if (ret) {
8230 		ath10k_warn(ar, "failed to set nss param %d: %d\n", nss, ret);
8231 		return ret;
8232 	}
8233 
8234 	vdev_param = ar->wmi.vdev_param->sgi;
8235 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, sgi);
8236 	if (ret) {
8237 		ath10k_warn(ar, "failed to set sgi param %d: %d\n", sgi, ret);
8238 		return ret;
8239 	}
8240 
8241 	vdev_param = ar->wmi.vdev_param->ldpc;
8242 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, ldpc);
8243 	if (ret) {
8244 		ath10k_warn(ar, "failed to set ldpc param %d: %d\n", ldpc, ret);
8245 		return ret;
8246 	}
8247 
8248 	return 0;
8249 }
8250 
8251 static bool
8252 ath10k_mac_can_set_bitrate_mask(struct ath10k *ar,
8253 				enum nl80211_band band,
8254 				const struct cfg80211_bitrate_mask *mask,
8255 				bool allow_pfr)
8256 {
8257 	int i;
8258 	u16 vht_mcs;
8259 
8260 	/* Due to firmware limitation in WMI_PEER_ASSOC_CMDID it is impossible
8261 	 * to express all VHT MCS rate masks. Effectively only the following
8262 	 * ranges can be used: none, 0-7, 0-8 and 0-9.
8263 	 */
8264 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
8265 		vht_mcs = mask->control[band].vht_mcs[i];
8266 
8267 		switch (vht_mcs) {
8268 		case 0:
8269 		case BIT(8) - 1:
8270 		case BIT(9) - 1:
8271 		case BIT(10) - 1:
8272 			break;
8273 		default:
8274 			if (!allow_pfr)
8275 				ath10k_warn(ar, "refusing bitrate mask with missing 0-7 VHT MCS rates\n");
8276 			return false;
8277 		}
8278 	}
8279 
8280 	return true;
8281 }
8282 
8283 static bool ath10k_mac_set_vht_bitrate_mask_fixup(struct ath10k *ar,
8284 						  struct ath10k_vif *arvif,
8285 						  struct ieee80211_sta *sta)
8286 {
8287 	int err;
8288 	u8 rate = arvif->vht_pfr;
8289 
8290 	/* skip non vht and multiple rate peers */
8291 	if (!sta->deflink.vht_cap.vht_supported || arvif->vht_num_rates != 1)
8292 		return false;
8293 
8294 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8295 					WMI_PEER_PARAM_FIXED_RATE, rate);
8296 	if (err)
8297 		ath10k_warn(ar, "failed to enable STA %pM peer fixed rate: %d\n",
8298 			    sta->addr, err);
8299 
8300 	return true;
8301 }
8302 
8303 static void ath10k_mac_set_bitrate_mask_iter(void *data,
8304 					     struct ieee80211_sta *sta)
8305 {
8306 	struct ath10k_vif *arvif = data;
8307 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8308 	struct ath10k *ar = arvif->ar;
8309 
8310 	if (arsta->arvif != arvif)
8311 		return;
8312 
8313 	if (ath10k_mac_set_vht_bitrate_mask_fixup(ar, arvif, sta))
8314 		return;
8315 
8316 	spin_lock_bh(&ar->data_lock);
8317 	arsta->changed |= IEEE80211_RC_SUPP_RATES_CHANGED;
8318 	spin_unlock_bh(&ar->data_lock);
8319 
8320 	ieee80211_queue_work(ar->hw, &arsta->update_wk);
8321 }
8322 
8323 static void ath10k_mac_clr_bitrate_mask_iter(void *data,
8324 					     struct ieee80211_sta *sta)
8325 {
8326 	struct ath10k_vif *arvif = data;
8327 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8328 	struct ath10k *ar = arvif->ar;
8329 	int err;
8330 
8331 	/* clear vht peers only */
8332 	if (arsta->arvif != arvif || !sta->deflink.vht_cap.vht_supported)
8333 		return;
8334 
8335 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8336 					WMI_PEER_PARAM_FIXED_RATE,
8337 					WMI_FIXED_RATE_NONE);
8338 	if (err)
8339 		ath10k_warn(ar, "failed to clear STA %pM peer fixed rate: %d\n",
8340 			    sta->addr, err);
8341 }
8342 
8343 static int ath10k_mac_op_set_bitrate_mask(struct ieee80211_hw *hw,
8344 					  struct ieee80211_vif *vif,
8345 					  const struct cfg80211_bitrate_mask *mask)
8346 {
8347 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8348 	struct cfg80211_chan_def def;
8349 	struct ath10k *ar = arvif->ar;
8350 	enum nl80211_band band;
8351 	const u8 *ht_mcs_mask;
8352 	const u16 *vht_mcs_mask;
8353 	u8 rate;
8354 	u8 nss;
8355 	u8 sgi;
8356 	u8 ldpc;
8357 	int single_nss;
8358 	int ret;
8359 	int vht_num_rates, allow_pfr;
8360 	u8 vht_pfr;
8361 	bool update_bitrate_mask = true;
8362 
8363 	if (ath10k_mac_vif_chan(vif, &def))
8364 		return -EPERM;
8365 
8366 	band = def.chan->band;
8367 	ht_mcs_mask = mask->control[band].ht_mcs;
8368 	vht_mcs_mask = mask->control[band].vht_mcs;
8369 	ldpc = !!(ar->ht_cap_info & WMI_HT_CAP_LDPC);
8370 
8371 	sgi = mask->control[band].gi;
8372 	if (sgi == NL80211_TXRATE_FORCE_LGI)
8373 		return -EINVAL;
8374 
8375 	allow_pfr = test_bit(ATH10K_FW_FEATURE_PEER_FIXED_RATE,
8376 			     ar->normal_mode_fw.fw_file.fw_features);
8377 	if (allow_pfr) {
8378 		mutex_lock(&ar->conf_mutex);
8379 		ieee80211_iterate_stations_atomic(ar->hw,
8380 						  ath10k_mac_clr_bitrate_mask_iter,
8381 						  arvif);
8382 		mutex_unlock(&ar->conf_mutex);
8383 	}
8384 
8385 	if (ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
8386 						    &vht_num_rates)) {
8387 		ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8388 							      &rate, &nss,
8389 							      false);
8390 		if (ret) {
8391 			ath10k_warn(ar, "failed to get single rate for vdev %i: %d\n",
8392 				    arvif->vdev_id, ret);
8393 			return ret;
8394 		}
8395 	} else if (ath10k_mac_bitrate_mask_get_single_nss(ar, band, mask,
8396 							  &single_nss)) {
8397 		rate = WMI_FIXED_RATE_NONE;
8398 		nss = single_nss;
8399 	} else {
8400 		rate = WMI_FIXED_RATE_NONE;
8401 		nss = min(ar->num_rf_chains,
8402 			  max(ath10k_mac_max_ht_nss(ht_mcs_mask),
8403 			      ath10k_mac_max_vht_nss(vht_mcs_mask)));
8404 
8405 		if (!ath10k_mac_can_set_bitrate_mask(ar, band, mask,
8406 						     allow_pfr)) {
8407 			u8 vht_nss;
8408 
8409 			if (!allow_pfr || vht_num_rates != 1)
8410 				return -EINVAL;
8411 
8412 			/* Reach here, firmware supports peer fixed rate and has
8413 			 * single vht rate, and don't update vif birate_mask, as
8414 			 * the rate only for specific peer.
8415 			 */
8416 			ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8417 								&vht_pfr,
8418 								&vht_nss,
8419 								true);
8420 			update_bitrate_mask = false;
8421 		} else {
8422 			vht_pfr = 0;
8423 		}
8424 
8425 		mutex_lock(&ar->conf_mutex);
8426 
8427 		if (update_bitrate_mask)
8428 			arvif->bitrate_mask = *mask;
8429 		arvif->vht_num_rates = vht_num_rates;
8430 		arvif->vht_pfr = vht_pfr;
8431 		ieee80211_iterate_stations_atomic(ar->hw,
8432 						  ath10k_mac_set_bitrate_mask_iter,
8433 						  arvif);
8434 
8435 		mutex_unlock(&ar->conf_mutex);
8436 	}
8437 
8438 	mutex_lock(&ar->conf_mutex);
8439 
8440 	ret = ath10k_mac_set_fixed_rate_params(arvif, rate, nss, sgi, ldpc);
8441 	if (ret) {
8442 		ath10k_warn(ar, "failed to set fixed rate params on vdev %i: %d\n",
8443 			    arvif->vdev_id, ret);
8444 		goto exit;
8445 	}
8446 
8447 exit:
8448 	mutex_unlock(&ar->conf_mutex);
8449 
8450 	return ret;
8451 }
8452 
8453 static void ath10k_sta_rc_update(struct ieee80211_hw *hw,
8454 				 struct ieee80211_vif *vif,
8455 				 struct ieee80211_sta *sta,
8456 				 u32 changed)
8457 {
8458 	struct ath10k *ar = hw->priv;
8459 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8460 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8461 	struct ath10k_peer *peer;
8462 	u32 bw, smps;
8463 
8464 	spin_lock_bh(&ar->data_lock);
8465 
8466 	peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
8467 	if (!peer) {
8468 		spin_unlock_bh(&ar->data_lock);
8469 		ath10k_warn(ar, "mac sta rc update failed to find peer %pM on vdev %i\n",
8470 			    sta->addr, arvif->vdev_id);
8471 		return;
8472 	}
8473 
8474 	ath10k_dbg(ar, ATH10K_DBG_STA,
8475 		   "mac sta rc update for %pM changed %08x bw %d nss %d smps %d\n",
8476 		   sta->addr, changed, sta->deflink.bandwidth,
8477 		   sta->deflink.rx_nss,
8478 		   sta->smps_mode);
8479 
8480 	if (changed & IEEE80211_RC_BW_CHANGED) {
8481 		bw = WMI_PEER_CHWIDTH_20MHZ;
8482 
8483 		switch (sta->deflink.bandwidth) {
8484 		case IEEE80211_STA_RX_BW_20:
8485 			bw = WMI_PEER_CHWIDTH_20MHZ;
8486 			break;
8487 		case IEEE80211_STA_RX_BW_40:
8488 			bw = WMI_PEER_CHWIDTH_40MHZ;
8489 			break;
8490 		case IEEE80211_STA_RX_BW_80:
8491 			bw = WMI_PEER_CHWIDTH_80MHZ;
8492 			break;
8493 		case IEEE80211_STA_RX_BW_160:
8494 			bw = WMI_PEER_CHWIDTH_160MHZ;
8495 			break;
8496 		default:
8497 			ath10k_warn(ar, "Invalid bandwidth %d in rc update for %pM\n",
8498 				    sta->deflink.bandwidth, sta->addr);
8499 			bw = WMI_PEER_CHWIDTH_20MHZ;
8500 			break;
8501 		}
8502 
8503 		arsta->bw = bw;
8504 	}
8505 
8506 	if (changed & IEEE80211_RC_NSS_CHANGED)
8507 		arsta->nss = sta->deflink.rx_nss;
8508 
8509 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
8510 		smps = WMI_PEER_SMPS_PS_NONE;
8511 
8512 		switch (sta->smps_mode) {
8513 		case IEEE80211_SMPS_AUTOMATIC:
8514 		case IEEE80211_SMPS_OFF:
8515 			smps = WMI_PEER_SMPS_PS_NONE;
8516 			break;
8517 		case IEEE80211_SMPS_STATIC:
8518 			smps = WMI_PEER_SMPS_STATIC;
8519 			break;
8520 		case IEEE80211_SMPS_DYNAMIC:
8521 			smps = WMI_PEER_SMPS_DYNAMIC;
8522 			break;
8523 		case IEEE80211_SMPS_NUM_MODES:
8524 			ath10k_warn(ar, "Invalid smps %d in sta rc update for %pM\n",
8525 				    sta->smps_mode, sta->addr);
8526 			smps = WMI_PEER_SMPS_PS_NONE;
8527 			break;
8528 		}
8529 
8530 		arsta->smps = smps;
8531 	}
8532 
8533 	arsta->changed |= changed;
8534 
8535 	spin_unlock_bh(&ar->data_lock);
8536 
8537 	ieee80211_queue_work(hw, &arsta->update_wk);
8538 }
8539 
8540 static void ath10k_offset_tsf(struct ieee80211_hw *hw,
8541 			      struct ieee80211_vif *vif, s64 tsf_offset)
8542 {
8543 	struct ath10k *ar = hw->priv;
8544 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8545 	u32 offset, vdev_param;
8546 	int ret;
8547 
8548 	if (tsf_offset < 0) {
8549 		vdev_param = ar->wmi.vdev_param->dec_tsf;
8550 		offset = -tsf_offset;
8551 	} else {
8552 		vdev_param = ar->wmi.vdev_param->inc_tsf;
8553 		offset = tsf_offset;
8554 	}
8555 
8556 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
8557 					vdev_param, offset);
8558 
8559 	if (ret && ret != -EOPNOTSUPP)
8560 		ath10k_warn(ar, "failed to set tsf offset %d cmd %d: %d\n",
8561 			    offset, vdev_param, ret);
8562 }
8563 
8564 static int ath10k_ampdu_action(struct ieee80211_hw *hw,
8565 			       struct ieee80211_vif *vif,
8566 			       struct ieee80211_ampdu_params *params)
8567 {
8568 	struct ath10k *ar = hw->priv;
8569 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8570 	struct ieee80211_sta *sta = params->sta;
8571 	enum ieee80211_ampdu_mlme_action action = params->action;
8572 	u16 tid = params->tid;
8573 
8574 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ampdu vdev_id %i sta %pM tid %u action %d\n",
8575 		   arvif->vdev_id, sta->addr, tid, action);
8576 
8577 	switch (action) {
8578 	case IEEE80211_AMPDU_RX_START:
8579 	case IEEE80211_AMPDU_RX_STOP:
8580 		/* HTT AddBa/DelBa events trigger mac80211 Rx BA session
8581 		 * creation/removal. Do we need to verify this?
8582 		 */
8583 		return 0;
8584 	case IEEE80211_AMPDU_TX_START:
8585 	case IEEE80211_AMPDU_TX_STOP_CONT:
8586 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
8587 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
8588 	case IEEE80211_AMPDU_TX_OPERATIONAL:
8589 		/* Firmware offloads Tx aggregation entirely so deny mac80211
8590 		 * Tx aggregation requests.
8591 		 */
8592 		return -EOPNOTSUPP;
8593 	}
8594 
8595 	return -EINVAL;
8596 }
8597 
8598 static void
8599 ath10k_mac_update_rx_channel(struct ath10k *ar,
8600 			     struct ieee80211_chanctx_conf *ctx,
8601 			     struct ieee80211_vif_chanctx_switch *vifs,
8602 			     int n_vifs)
8603 {
8604 	struct cfg80211_chan_def *def = NULL;
8605 
8606 	/* Both locks are required because ar->rx_channel is modified. This
8607 	 * allows readers to hold either lock.
8608 	 */
8609 	lockdep_assert_held(&ar->conf_mutex);
8610 	lockdep_assert_held(&ar->data_lock);
8611 
8612 	WARN_ON(ctx && vifs);
8613 	WARN_ON(vifs && !n_vifs);
8614 
8615 	/* FIXME: Sort of an optimization and a workaround. Peers and vifs are
8616 	 * on a linked list now. Doing a lookup peer -> vif -> chanctx for each
8617 	 * ppdu on Rx may reduce performance on low-end systems. It should be
8618 	 * possible to make tables/hashmaps to speed the lookup up (be vary of
8619 	 * cpu data cache lines though regarding sizes) but to keep the initial
8620 	 * implementation simple and less intrusive fallback to the slow lookup
8621 	 * only for multi-channel cases. Single-channel cases will remain to
8622 	 * use the old channel derival and thus performance should not be
8623 	 * affected much.
8624 	 */
8625 	rcu_read_lock();
8626 	if (!ctx && ath10k_mac_num_chanctxs(ar) == 1) {
8627 		ieee80211_iter_chan_contexts_atomic(ar->hw,
8628 						    ath10k_mac_get_any_chandef_iter,
8629 						    &def);
8630 
8631 		if (vifs)
8632 			def = &vifs[0].new_ctx->def;
8633 
8634 		ar->rx_channel = def->chan;
8635 	} else if ((ctx && ath10k_mac_num_chanctxs(ar) == 0) ||
8636 		   (ctx && (ar->state == ATH10K_STATE_RESTARTED))) {
8637 		/* During driver restart due to firmware assert, since mac80211
8638 		 * already has valid channel context for given radio, channel
8639 		 * context iteration return num_chanctx > 0. So fix rx_channel
8640 		 * when restart is in progress.
8641 		 */
8642 		ar->rx_channel = ctx->def.chan;
8643 	} else {
8644 		ar->rx_channel = NULL;
8645 	}
8646 	rcu_read_unlock();
8647 }
8648 
8649 static void
8650 ath10k_mac_update_vif_chan(struct ath10k *ar,
8651 			   struct ieee80211_vif_chanctx_switch *vifs,
8652 			   int n_vifs)
8653 {
8654 	struct ath10k_vif *arvif;
8655 	int ret;
8656 	int i;
8657 
8658 	lockdep_assert_held(&ar->conf_mutex);
8659 
8660 	/* First stop monitor interface. Some FW versions crash if there's a
8661 	 * lone monitor interface.
8662 	 */
8663 	if (ar->monitor_started)
8664 		ath10k_monitor_stop(ar);
8665 
8666 	for (i = 0; i < n_vifs; i++) {
8667 		arvif = (void *)vifs[i].vif->drv_priv;
8668 
8669 		ath10k_dbg(ar, ATH10K_DBG_MAC,
8670 			   "mac chanctx switch vdev_id %i freq %u->%u width %d->%d\n",
8671 			   arvif->vdev_id,
8672 			   vifs[i].old_ctx->def.chan->center_freq,
8673 			   vifs[i].new_ctx->def.chan->center_freq,
8674 			   vifs[i].old_ctx->def.width,
8675 			   vifs[i].new_ctx->def.width);
8676 
8677 		if (WARN_ON(!arvif->is_started))
8678 			continue;
8679 
8680 		if (WARN_ON(!arvif->is_up))
8681 			continue;
8682 
8683 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
8684 		if (ret) {
8685 			ath10k_warn(ar, "failed to down vdev %d: %d\n",
8686 				    arvif->vdev_id, ret);
8687 			continue;
8688 		}
8689 	}
8690 
8691 	/* All relevant vdevs are downed and associated channel resources
8692 	 * should be available for the channel switch now.
8693 	 */
8694 
8695 	spin_lock_bh(&ar->data_lock);
8696 	ath10k_mac_update_rx_channel(ar, NULL, vifs, n_vifs);
8697 	spin_unlock_bh(&ar->data_lock);
8698 
8699 	for (i = 0; i < n_vifs; i++) {
8700 		arvif = (void *)vifs[i].vif->drv_priv;
8701 
8702 		if (WARN_ON(!arvif->is_started))
8703 			continue;
8704 
8705 		if (WARN_ON(!arvif->is_up))
8706 			continue;
8707 
8708 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
8709 		if (ret)
8710 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
8711 				    ret);
8712 
8713 		ret = ath10k_mac_setup_prb_tmpl(arvif);
8714 		if (ret)
8715 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
8716 				    ret);
8717 
8718 		ret = ath10k_vdev_restart(arvif, &vifs[i].new_ctx->def);
8719 		if (ret) {
8720 			ath10k_warn(ar, "failed to restart vdev %d: %d\n",
8721 				    arvif->vdev_id, ret);
8722 			continue;
8723 		}
8724 
8725 		ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
8726 					 arvif->bssid);
8727 		if (ret) {
8728 			ath10k_warn(ar, "failed to bring vdev up %d: %d\n",
8729 				    arvif->vdev_id, ret);
8730 			continue;
8731 		}
8732 	}
8733 
8734 	ath10k_monitor_recalc(ar);
8735 }
8736 
8737 static int
8738 ath10k_mac_op_add_chanctx(struct ieee80211_hw *hw,
8739 			  struct ieee80211_chanctx_conf *ctx)
8740 {
8741 	struct ath10k *ar = hw->priv;
8742 
8743 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8744 		   "mac chanctx add freq %u width %d ptr %pK\n",
8745 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8746 
8747 	mutex_lock(&ar->conf_mutex);
8748 
8749 	spin_lock_bh(&ar->data_lock);
8750 	ath10k_mac_update_rx_channel(ar, ctx, NULL, 0);
8751 	spin_unlock_bh(&ar->data_lock);
8752 
8753 	ath10k_recalc_radar_detection(ar);
8754 	ath10k_monitor_recalc(ar);
8755 
8756 	mutex_unlock(&ar->conf_mutex);
8757 
8758 	return 0;
8759 }
8760 
8761 static void
8762 ath10k_mac_op_remove_chanctx(struct ieee80211_hw *hw,
8763 			     struct ieee80211_chanctx_conf *ctx)
8764 {
8765 	struct ath10k *ar = hw->priv;
8766 
8767 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8768 		   "mac chanctx remove freq %u width %d ptr %pK\n",
8769 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8770 
8771 	mutex_lock(&ar->conf_mutex);
8772 
8773 	spin_lock_bh(&ar->data_lock);
8774 	ath10k_mac_update_rx_channel(ar, NULL, NULL, 0);
8775 	spin_unlock_bh(&ar->data_lock);
8776 
8777 	ath10k_recalc_radar_detection(ar);
8778 	ath10k_monitor_recalc(ar);
8779 
8780 	mutex_unlock(&ar->conf_mutex);
8781 }
8782 
8783 struct ath10k_mac_change_chanctx_arg {
8784 	struct ieee80211_chanctx_conf *ctx;
8785 	struct ieee80211_vif_chanctx_switch *vifs;
8786 	int n_vifs;
8787 	int next_vif;
8788 };
8789 
8790 static void
8791 ath10k_mac_change_chanctx_cnt_iter(void *data, u8 *mac,
8792 				   struct ieee80211_vif *vif)
8793 {
8794 	struct ath10k_mac_change_chanctx_arg *arg = data;
8795 
8796 	if (rcu_access_pointer(vif->chanctx_conf) != arg->ctx)
8797 		return;
8798 
8799 	arg->n_vifs++;
8800 }
8801 
8802 static void
8803 ath10k_mac_change_chanctx_fill_iter(void *data, u8 *mac,
8804 				    struct ieee80211_vif *vif)
8805 {
8806 	struct ath10k_mac_change_chanctx_arg *arg = data;
8807 	struct ieee80211_chanctx_conf *ctx;
8808 
8809 	ctx = rcu_access_pointer(vif->chanctx_conf);
8810 	if (ctx != arg->ctx)
8811 		return;
8812 
8813 	if (WARN_ON(arg->next_vif == arg->n_vifs))
8814 		return;
8815 
8816 	arg->vifs[arg->next_vif].vif = vif;
8817 	arg->vifs[arg->next_vif].old_ctx = ctx;
8818 	arg->vifs[arg->next_vif].new_ctx = ctx;
8819 	arg->next_vif++;
8820 }
8821 
8822 static void
8823 ath10k_mac_op_change_chanctx(struct ieee80211_hw *hw,
8824 			     struct ieee80211_chanctx_conf *ctx,
8825 			     u32 changed)
8826 {
8827 	struct ath10k *ar = hw->priv;
8828 	struct ath10k_mac_change_chanctx_arg arg = { .ctx = ctx };
8829 
8830 	mutex_lock(&ar->conf_mutex);
8831 
8832 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8833 		   "mac chanctx change freq %u width %d ptr %pK changed %x\n",
8834 		   ctx->def.chan->center_freq, ctx->def.width, ctx, changed);
8835 
8836 	/* This shouldn't really happen because channel switching should use
8837 	 * switch_vif_chanctx().
8838 	 */
8839 	if (WARN_ON(changed & IEEE80211_CHANCTX_CHANGE_CHANNEL))
8840 		goto unlock;
8841 
8842 	if (changed & IEEE80211_CHANCTX_CHANGE_WIDTH) {
8843 		ieee80211_iterate_active_interfaces_atomic(
8844 					hw,
8845 					ATH10K_ITER_NORMAL_FLAGS,
8846 					ath10k_mac_change_chanctx_cnt_iter,
8847 					&arg);
8848 		if (arg.n_vifs == 0)
8849 			goto radar;
8850 
8851 		arg.vifs = kcalloc(arg.n_vifs, sizeof(arg.vifs[0]),
8852 				   GFP_KERNEL);
8853 		if (!arg.vifs)
8854 			goto radar;
8855 
8856 		ieee80211_iterate_active_interfaces_atomic(
8857 					hw,
8858 					ATH10K_ITER_NORMAL_FLAGS,
8859 					ath10k_mac_change_chanctx_fill_iter,
8860 					&arg);
8861 		ath10k_mac_update_vif_chan(ar, arg.vifs, arg.n_vifs);
8862 		kfree(arg.vifs);
8863 	}
8864 
8865 radar:
8866 	ath10k_recalc_radar_detection(ar);
8867 
8868 	/* FIXME: How to configure Rx chains properly? */
8869 
8870 	/* No other actions are actually necessary. Firmware maintains channel
8871 	 * definitions per vdev internally and there's no host-side channel
8872 	 * context abstraction to configure, e.g. channel width.
8873 	 */
8874 
8875 unlock:
8876 	mutex_unlock(&ar->conf_mutex);
8877 }
8878 
8879 static int
8880 ath10k_mac_op_assign_vif_chanctx(struct ieee80211_hw *hw,
8881 				 struct ieee80211_vif *vif,
8882 				 struct ieee80211_chanctx_conf *ctx)
8883 {
8884 	struct ath10k *ar = hw->priv;
8885 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8886 	int ret;
8887 
8888 	mutex_lock(&ar->conf_mutex);
8889 
8890 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8891 		   "mac chanctx assign ptr %pK vdev_id %i\n",
8892 		   ctx, arvif->vdev_id);
8893 
8894 	if (WARN_ON(arvif->is_started)) {
8895 		mutex_unlock(&ar->conf_mutex);
8896 		return -EBUSY;
8897 	}
8898 
8899 	ret = ath10k_vdev_start(arvif, &ctx->def);
8900 	if (ret) {
8901 		ath10k_warn(ar, "failed to start vdev %i addr %pM on freq %d: %d\n",
8902 			    arvif->vdev_id, vif->addr,
8903 			    ctx->def.chan->center_freq, ret);
8904 		goto err;
8905 	}
8906 
8907 	arvif->is_started = true;
8908 
8909 	ret = ath10k_mac_vif_setup_ps(arvif);
8910 	if (ret) {
8911 		ath10k_warn(ar, "failed to update vdev %i ps: %d\n",
8912 			    arvif->vdev_id, ret);
8913 		goto err_stop;
8914 	}
8915 
8916 	if (vif->type == NL80211_IFTYPE_MONITOR) {
8917 		ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, 0, vif->addr);
8918 		if (ret) {
8919 			ath10k_warn(ar, "failed to up monitor vdev %i: %d\n",
8920 				    arvif->vdev_id, ret);
8921 			goto err_stop;
8922 		}
8923 
8924 		arvif->is_up = true;
8925 	}
8926 
8927 	if (ath10k_mac_can_set_cts_prot(arvif)) {
8928 		ret = ath10k_mac_set_cts_prot(arvif);
8929 		if (ret)
8930 			ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
8931 				    arvif->vdev_id, ret);
8932 	}
8933 
8934 	if (ath10k_peer_stats_enabled(ar) &&
8935 	    ar->hw_params.tx_stats_over_pktlog) {
8936 		ar->pktlog_filter |= ATH10K_PKTLOG_PEER_STATS;
8937 		ret = ath10k_wmi_pdev_pktlog_enable(ar,
8938 						    ar->pktlog_filter);
8939 		if (ret) {
8940 			ath10k_warn(ar, "failed to enable pktlog %d\n", ret);
8941 			goto err_stop;
8942 		}
8943 	}
8944 
8945 	mutex_unlock(&ar->conf_mutex);
8946 	return 0;
8947 
8948 err_stop:
8949 	ath10k_vdev_stop(arvif);
8950 	arvif->is_started = false;
8951 	ath10k_mac_vif_setup_ps(arvif);
8952 
8953 err:
8954 	mutex_unlock(&ar->conf_mutex);
8955 	return ret;
8956 }
8957 
8958 static void
8959 ath10k_mac_op_unassign_vif_chanctx(struct ieee80211_hw *hw,
8960 				   struct ieee80211_vif *vif,
8961 				   struct ieee80211_chanctx_conf *ctx)
8962 {
8963 	struct ath10k *ar = hw->priv;
8964 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8965 	int ret;
8966 
8967 	mutex_lock(&ar->conf_mutex);
8968 
8969 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8970 		   "mac chanctx unassign ptr %pK vdev_id %i\n",
8971 		   ctx, arvif->vdev_id);
8972 
8973 	WARN_ON(!arvif->is_started);
8974 
8975 	if (vif->type == NL80211_IFTYPE_MONITOR) {
8976 		WARN_ON(!arvif->is_up);
8977 
8978 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
8979 		if (ret)
8980 			ath10k_warn(ar, "failed to down monitor vdev %i: %d\n",
8981 				    arvif->vdev_id, ret);
8982 
8983 		arvif->is_up = false;
8984 	}
8985 
8986 	ret = ath10k_vdev_stop(arvif);
8987 	if (ret)
8988 		ath10k_warn(ar, "failed to stop vdev %i: %d\n",
8989 			    arvif->vdev_id, ret);
8990 
8991 	arvif->is_started = false;
8992 
8993 	mutex_unlock(&ar->conf_mutex);
8994 }
8995 
8996 static int
8997 ath10k_mac_op_switch_vif_chanctx(struct ieee80211_hw *hw,
8998 				 struct ieee80211_vif_chanctx_switch *vifs,
8999 				 int n_vifs,
9000 				 enum ieee80211_chanctx_switch_mode mode)
9001 {
9002 	struct ath10k *ar = hw->priv;
9003 
9004 	mutex_lock(&ar->conf_mutex);
9005 
9006 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9007 		   "mac chanctx switch n_vifs %d mode %d\n",
9008 		   n_vifs, mode);
9009 	ath10k_mac_update_vif_chan(ar, vifs, n_vifs);
9010 
9011 	mutex_unlock(&ar->conf_mutex);
9012 	return 0;
9013 }
9014 
9015 static void ath10k_mac_op_sta_pre_rcu_remove(struct ieee80211_hw *hw,
9016 					     struct ieee80211_vif *vif,
9017 					     struct ieee80211_sta *sta)
9018 {
9019 	struct ath10k *ar;
9020 	struct ath10k_peer *peer;
9021 
9022 	ar = hw->priv;
9023 
9024 	list_for_each_entry(peer, &ar->peers, list)
9025 		if (peer->sta == sta)
9026 			peer->removed = true;
9027 }
9028 
9029 /* HT MCS parameters with Nss = 1 */
9030 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss1[] = {
9031 	/* MCS  L20   L40   S20  S40 */
9032 	{0,  { 65,  135,  72,  150} },
9033 	{1,  { 130, 270,  144, 300} },
9034 	{2,  { 195, 405,  217, 450} },
9035 	{3,  { 260, 540,  289, 600} },
9036 	{4,  { 390, 810,  433, 900} },
9037 	{5,  { 520, 1080, 578, 1200} },
9038 	{6,  { 585, 1215, 650, 1350} },
9039 	{7,  { 650, 1350, 722, 1500} }
9040 };
9041 
9042 /* HT MCS parameters with Nss = 2 */
9043 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss2[] = {
9044 	/* MCS  L20    L40   S20   S40 */
9045 	{0,  {130,  270,  144,  300} },
9046 	{1,  {260,  540,  289,  600} },
9047 	{2,  {390,  810,  433,  900} },
9048 	{3,  {520,  1080, 578,  1200} },
9049 	{4,  {780,  1620, 867,  1800} },
9050 	{5,  {1040, 2160, 1156, 2400} },
9051 	{6,  {1170, 2430, 1300, 2700} },
9052 	{7,  {1300, 2700, 1444, 3000} }
9053 };
9054 
9055 /* MCS parameters with Nss = 1 */
9056 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss1[] = {
9057 	/* MCS  L80    S80     L40   S40    L20   S20 */
9058 	{0,  {293,  325},  {135,  150},  {65,   72} },
9059 	{1,  {585,  650},  {270,  300},  {130,  144} },
9060 	{2,  {878,  975},  {405,  450},  {195,  217} },
9061 	{3,  {1170, 1300}, {540,  600},  {260,  289} },
9062 	{4,  {1755, 1950}, {810,  900},  {390,  433} },
9063 	{5,  {2340, 2600}, {1080, 1200}, {520,  578} },
9064 	{6,  {2633, 2925}, {1215, 1350}, {585,  650} },
9065 	{7,  {2925, 3250}, {1350, 1500}, {650,  722} },
9066 	{8,  {3510, 3900}, {1620, 1800}, {780,  867} },
9067 	{9,  {3900, 4333}, {1800, 2000}, {780,  867} }
9068 };
9069 
9070 /*MCS parameters with Nss = 2 */
9071 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss2[] = {
9072 	/* MCS  L80    S80     L40   S40    L20   S20 */
9073 	{0,  {585,  650},  {270,  300},  {130,  144} },
9074 	{1,  {1170, 1300}, {540,  600},  {260,  289} },
9075 	{2,  {1755, 1950}, {810,  900},  {390,  433} },
9076 	{3,  {2340, 2600}, {1080, 1200}, {520,  578} },
9077 	{4,  {3510, 3900}, {1620, 1800}, {780,  867} },
9078 	{5,  {4680, 5200}, {2160, 2400}, {1040, 1156} },
9079 	{6,  {5265, 5850}, {2430, 2700}, {1170, 1300} },
9080 	{7,  {5850, 6500}, {2700, 3000}, {1300, 1444} },
9081 	{8,  {7020, 7800}, {3240, 3600}, {1560, 1733} },
9082 	{9,  {7800, 8667}, {3600, 4000}, {1560, 1733} }
9083 };
9084 
9085 static void ath10k_mac_get_rate_flags_ht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
9086 					 u8 *flags, u8 *bw)
9087 {
9088 	struct ath10k_index_ht_data_rate_type *mcs_rate;
9089 	u8 index;
9090 	size_t len_nss1 = ARRAY_SIZE(supported_ht_mcs_rate_nss1);
9091 	size_t len_nss2 = ARRAY_SIZE(supported_ht_mcs_rate_nss2);
9092 
9093 	if (mcs >= (len_nss1 + len_nss2)) {
9094 		ath10k_warn(ar, "not supported mcs %d in current rate table", mcs);
9095 		return;
9096 	}
9097 
9098 	mcs_rate = (struct ath10k_index_ht_data_rate_type *)
9099 		   ((nss == 1) ? &supported_ht_mcs_rate_nss1 :
9100 		   &supported_ht_mcs_rate_nss2);
9101 
9102 	if (mcs >= len_nss1)
9103 		index = mcs - len_nss1;
9104 	else
9105 		index = mcs;
9106 
9107 	if (rate == mcs_rate[index].supported_rate[0]) {
9108 		*bw = RATE_INFO_BW_20;
9109 	} else if (rate == mcs_rate[index].supported_rate[1]) {
9110 		*bw |= RATE_INFO_BW_40;
9111 	} else if (rate == mcs_rate[index].supported_rate[2]) {
9112 		*bw |= RATE_INFO_BW_20;
9113 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9114 	} else if (rate == mcs_rate[index].supported_rate[3]) {
9115 		*bw |= RATE_INFO_BW_40;
9116 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9117 	} else {
9118 		ath10k_warn(ar, "invalid ht params rate %d 100kbps nss %d mcs %d",
9119 			    rate, nss, mcs);
9120 	}
9121 }
9122 
9123 static void ath10k_mac_get_rate_flags_vht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
9124 					  u8 *flags, u8 *bw)
9125 {
9126 	struct ath10k_index_vht_data_rate_type *mcs_rate;
9127 
9128 	mcs_rate = (struct ath10k_index_vht_data_rate_type *)
9129 		   ((nss == 1) ? &supported_vht_mcs_rate_nss1 :
9130 		   &supported_vht_mcs_rate_nss2);
9131 
9132 	if (rate == mcs_rate[mcs].supported_VHT80_rate[0]) {
9133 		*bw = RATE_INFO_BW_80;
9134 	} else if (rate == mcs_rate[mcs].supported_VHT80_rate[1]) {
9135 		*bw = RATE_INFO_BW_80;
9136 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9137 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[0]) {
9138 		*bw = RATE_INFO_BW_40;
9139 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[1]) {
9140 		*bw = RATE_INFO_BW_40;
9141 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9142 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[0]) {
9143 		*bw = RATE_INFO_BW_20;
9144 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[1]) {
9145 		*bw = RATE_INFO_BW_20;
9146 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9147 	} else {
9148 		ath10k_warn(ar, "invalid vht params rate %d 100kbps nss %d mcs %d",
9149 			    rate, nss, mcs);
9150 	}
9151 }
9152 
9153 static void ath10k_mac_get_rate_flags(struct ath10k *ar, u32 rate,
9154 				      enum ath10k_phy_mode mode, u8 nss, u8 mcs,
9155 				      u8 *flags, u8 *bw)
9156 {
9157 	if (mode == ATH10K_PHY_MODE_HT) {
9158 		*flags = RATE_INFO_FLAGS_MCS;
9159 		ath10k_mac_get_rate_flags_ht(ar, rate, nss, mcs, flags, bw);
9160 	} else if (mode == ATH10K_PHY_MODE_VHT) {
9161 		*flags = RATE_INFO_FLAGS_VHT_MCS;
9162 		ath10k_mac_get_rate_flags_vht(ar, rate, nss, mcs, flags, bw);
9163 	}
9164 }
9165 
9166 static void ath10k_mac_parse_bitrate(struct ath10k *ar, u32 rate_code,
9167 				     u32 bitrate_kbps, struct rate_info *rate)
9168 {
9169 	enum ath10k_phy_mode mode = ATH10K_PHY_MODE_LEGACY;
9170 	enum wmi_rate_preamble preamble = WMI_TLV_GET_HW_RC_PREAM_V1(rate_code);
9171 	u8 nss = WMI_TLV_GET_HW_RC_NSS_V1(rate_code) + 1;
9172 	u8 mcs = WMI_TLV_GET_HW_RC_RATE_V1(rate_code);
9173 	u8 flags = 0, bw = 0;
9174 
9175 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac parse rate code 0x%x bitrate %d kbps\n",
9176 		   rate_code, bitrate_kbps);
9177 
9178 	if (preamble == WMI_RATE_PREAMBLE_HT)
9179 		mode = ATH10K_PHY_MODE_HT;
9180 	else if (preamble == WMI_RATE_PREAMBLE_VHT)
9181 		mode = ATH10K_PHY_MODE_VHT;
9182 
9183 	ath10k_mac_get_rate_flags(ar, bitrate_kbps / 100, mode, nss, mcs, &flags, &bw);
9184 
9185 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9186 		   "mac parse bitrate preamble %d mode %d nss %d mcs %d flags %x bw %d\n",
9187 		   preamble, mode, nss, mcs, flags, bw);
9188 
9189 	rate->flags = flags;
9190 	rate->bw = bw;
9191 	rate->legacy = bitrate_kbps / 100;
9192 	rate->nss = nss;
9193 	rate->mcs = mcs;
9194 }
9195 
9196 static void ath10k_mac_sta_get_peer_stats_info(struct ath10k *ar,
9197 					       struct ieee80211_sta *sta,
9198 					       struct station_info *sinfo)
9199 {
9200 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9201 	struct ath10k_peer *peer;
9202 	unsigned long time_left;
9203 	int ret;
9204 
9205 	if (!(ar->hw_params.supports_peer_stats_info &&
9206 	      arsta->arvif->vdev_type == WMI_VDEV_TYPE_STA))
9207 		return;
9208 
9209 	spin_lock_bh(&ar->data_lock);
9210 	peer = ath10k_peer_find(ar, arsta->arvif->vdev_id, sta->addr);
9211 	spin_unlock_bh(&ar->data_lock);
9212 	if (!peer)
9213 		return;
9214 
9215 	reinit_completion(&ar->peer_stats_info_complete);
9216 
9217 	ret = ath10k_wmi_request_peer_stats_info(ar,
9218 						 arsta->arvif->vdev_id,
9219 						 WMI_REQUEST_ONE_PEER_STATS_INFO,
9220 						 arsta->arvif->bssid,
9221 						 0);
9222 	if (ret && ret != -EOPNOTSUPP) {
9223 		ath10k_warn(ar, "could not request peer stats info: %d\n", ret);
9224 		return;
9225 	}
9226 
9227 	time_left = wait_for_completion_timeout(&ar->peer_stats_info_complete, 3 * HZ);
9228 	if (time_left == 0) {
9229 		ath10k_warn(ar, "timed out waiting peer stats info\n");
9230 		return;
9231 	}
9232 
9233 	if (arsta->rx_rate_code != 0 && arsta->rx_bitrate_kbps != 0) {
9234 		ath10k_mac_parse_bitrate(ar, arsta->rx_rate_code,
9235 					 arsta->rx_bitrate_kbps,
9236 					 &sinfo->rxrate);
9237 
9238 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
9239 		arsta->rx_rate_code = 0;
9240 		arsta->rx_bitrate_kbps = 0;
9241 	}
9242 
9243 	if (arsta->tx_rate_code != 0 && arsta->tx_bitrate_kbps != 0) {
9244 		ath10k_mac_parse_bitrate(ar, arsta->tx_rate_code,
9245 					 arsta->tx_bitrate_kbps,
9246 					 &sinfo->txrate);
9247 
9248 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9249 		arsta->tx_rate_code = 0;
9250 		arsta->tx_bitrate_kbps = 0;
9251 	}
9252 }
9253 
9254 static void ath10k_sta_statistics(struct ieee80211_hw *hw,
9255 				  struct ieee80211_vif *vif,
9256 				  struct ieee80211_sta *sta,
9257 				  struct station_info *sinfo)
9258 {
9259 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9260 	struct ath10k *ar = arsta->arvif->ar;
9261 
9262 	if (!ath10k_peer_stats_enabled(ar))
9263 		return;
9264 
9265 	mutex_lock(&ar->conf_mutex);
9266 	ath10k_debug_fw_stats_request(ar);
9267 	mutex_unlock(&ar->conf_mutex);
9268 
9269 	sinfo->rx_duration = arsta->rx_duration;
9270 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_DURATION);
9271 
9272 	if (arsta->txrate.legacy || arsta->txrate.nss) {
9273 		if (arsta->txrate.legacy) {
9274 			sinfo->txrate.legacy = arsta->txrate.legacy;
9275 		} else {
9276 			sinfo->txrate.mcs = arsta->txrate.mcs;
9277 			sinfo->txrate.nss = arsta->txrate.nss;
9278 			sinfo->txrate.bw = arsta->txrate.bw;
9279 		}
9280 		sinfo->txrate.flags = arsta->txrate.flags;
9281 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9282 	}
9283 
9284 	if (ar->htt.disable_tx_comp) {
9285 		sinfo->tx_failed = arsta->tx_failed;
9286 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
9287 	}
9288 
9289 	sinfo->tx_retries = arsta->tx_retries;
9290 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_RETRIES);
9291 
9292 	ath10k_mac_sta_get_peer_stats_info(ar, sta, sinfo);
9293 }
9294 
9295 static int ath10k_mac_op_set_tid_config(struct ieee80211_hw *hw,
9296 					struct ieee80211_vif *vif,
9297 					struct ieee80211_sta *sta,
9298 					struct cfg80211_tid_config *tid_config)
9299 {
9300 	struct ath10k *ar = hw->priv;
9301 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9302 	struct ath10k_mac_iter_tid_conf_data data = {};
9303 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
9304 	int ret, i;
9305 
9306 	mutex_lock(&ar->conf_mutex);
9307 	arg.vdev_id = arvif->vdev_id;
9308 
9309 	arvif->tids_rst = 0;
9310 	memset(arvif->tid_conf_changed, 0, sizeof(arvif->tid_conf_changed));
9311 
9312 	for (i = 0; i < tid_config->n_tid_conf; i++) {
9313 		ret = ath10k_mac_parse_tid_config(ar, sta, vif,
9314 						  &tid_config->tid_conf[i],
9315 						  &arg);
9316 		if (ret)
9317 			goto exit;
9318 	}
9319 
9320 	ret = 0;
9321 
9322 	if (sta)
9323 		goto exit;
9324 
9325 	arvif->tids_rst = 0;
9326 	data.curr_vif = vif;
9327 	data.ar = ar;
9328 
9329 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9330 					  &data);
9331 
9332 exit:
9333 	mutex_unlock(&ar->conf_mutex);
9334 	return ret;
9335 }
9336 
9337 static int ath10k_mac_op_reset_tid_config(struct ieee80211_hw *hw,
9338 					  struct ieee80211_vif *vif,
9339 					  struct ieee80211_sta *sta,
9340 					  u8 tids)
9341 {
9342 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9343 	struct ath10k_mac_iter_tid_conf_data data = {};
9344 	struct ath10k *ar = hw->priv;
9345 	int ret = 0;
9346 
9347 	mutex_lock(&ar->conf_mutex);
9348 
9349 	if (sta) {
9350 		arvif->tids_rst = 0;
9351 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif, tids);
9352 		goto exit;
9353 	}
9354 
9355 	arvif->tids_rst = tids;
9356 	data.curr_vif = vif;
9357 	data.ar = ar;
9358 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9359 					  &data);
9360 
9361 exit:
9362 	mutex_unlock(&ar->conf_mutex);
9363 	return ret;
9364 }
9365 
9366 static const struct ieee80211_ops ath10k_ops = {
9367 	.tx				= ath10k_mac_op_tx,
9368 	.wake_tx_queue			= ath10k_mac_op_wake_tx_queue,
9369 	.start				= ath10k_start,
9370 	.stop				= ath10k_stop,
9371 	.config				= ath10k_config,
9372 	.add_interface			= ath10k_add_interface,
9373 	.remove_interface		= ath10k_remove_interface,
9374 	.configure_filter		= ath10k_configure_filter,
9375 	.bss_info_changed		= ath10k_bss_info_changed,
9376 	.set_coverage_class		= ath10k_mac_op_set_coverage_class,
9377 	.hw_scan			= ath10k_hw_scan,
9378 	.cancel_hw_scan			= ath10k_cancel_hw_scan,
9379 	.set_key			= ath10k_set_key,
9380 	.set_default_unicast_key        = ath10k_set_default_unicast_key,
9381 	.sta_state			= ath10k_sta_state,
9382 	.sta_set_txpwr			= ath10k_sta_set_txpwr,
9383 	.conf_tx			= ath10k_conf_tx,
9384 	.remain_on_channel		= ath10k_remain_on_channel,
9385 	.cancel_remain_on_channel	= ath10k_cancel_remain_on_channel,
9386 	.set_rts_threshold		= ath10k_set_rts_threshold,
9387 	.set_frag_threshold		= ath10k_mac_op_set_frag_threshold,
9388 	.flush				= ath10k_flush,
9389 	.tx_last_beacon			= ath10k_tx_last_beacon,
9390 	.set_antenna			= ath10k_set_antenna,
9391 	.get_antenna			= ath10k_get_antenna,
9392 	.reconfig_complete		= ath10k_reconfig_complete,
9393 	.get_survey			= ath10k_get_survey,
9394 	.set_bitrate_mask		= ath10k_mac_op_set_bitrate_mask,
9395 	.sta_rc_update			= ath10k_sta_rc_update,
9396 	.offset_tsf			= ath10k_offset_tsf,
9397 	.ampdu_action			= ath10k_ampdu_action,
9398 	.get_et_sset_count		= ath10k_debug_get_et_sset_count,
9399 	.get_et_stats			= ath10k_debug_get_et_stats,
9400 	.get_et_strings			= ath10k_debug_get_et_strings,
9401 	.add_chanctx			= ath10k_mac_op_add_chanctx,
9402 	.remove_chanctx			= ath10k_mac_op_remove_chanctx,
9403 	.change_chanctx			= ath10k_mac_op_change_chanctx,
9404 	.assign_vif_chanctx		= ath10k_mac_op_assign_vif_chanctx,
9405 	.unassign_vif_chanctx		= ath10k_mac_op_unassign_vif_chanctx,
9406 	.switch_vif_chanctx		= ath10k_mac_op_switch_vif_chanctx,
9407 	.sta_pre_rcu_remove		= ath10k_mac_op_sta_pre_rcu_remove,
9408 	.sta_statistics			= ath10k_sta_statistics,
9409 	.set_tid_config			= ath10k_mac_op_set_tid_config,
9410 	.reset_tid_config		= ath10k_mac_op_reset_tid_config,
9411 
9412 	CFG80211_TESTMODE_CMD(ath10k_tm_cmd)
9413 
9414 #ifdef CONFIG_PM
9415 	.suspend			= ath10k_wow_op_suspend,
9416 	.resume				= ath10k_wow_op_resume,
9417 	.set_wakeup			= ath10k_wow_op_set_wakeup,
9418 #endif
9419 #ifdef CONFIG_MAC80211_DEBUGFS
9420 	.sta_add_debugfs		= ath10k_sta_add_debugfs,
9421 #endif
9422 	.set_sar_specs			= ath10k_mac_set_sar_specs,
9423 };
9424 
9425 #define CHAN2G(_channel, _freq, _flags) { \
9426 	.band			= NL80211_BAND_2GHZ, \
9427 	.hw_value		= (_channel), \
9428 	.center_freq		= (_freq), \
9429 	.flags			= (_flags), \
9430 	.max_antenna_gain	= 0, \
9431 	.max_power		= 30, \
9432 }
9433 
9434 #define CHAN5G(_channel, _freq, _flags) { \
9435 	.band			= NL80211_BAND_5GHZ, \
9436 	.hw_value		= (_channel), \
9437 	.center_freq		= (_freq), \
9438 	.flags			= (_flags), \
9439 	.max_antenna_gain	= 0, \
9440 	.max_power		= 30, \
9441 }
9442 
9443 static const struct ieee80211_channel ath10k_2ghz_channels[] = {
9444 	CHAN2G(1, 2412, 0),
9445 	CHAN2G(2, 2417, 0),
9446 	CHAN2G(3, 2422, 0),
9447 	CHAN2G(4, 2427, 0),
9448 	CHAN2G(5, 2432, 0),
9449 	CHAN2G(6, 2437, 0),
9450 	CHAN2G(7, 2442, 0),
9451 	CHAN2G(8, 2447, 0),
9452 	CHAN2G(9, 2452, 0),
9453 	CHAN2G(10, 2457, 0),
9454 	CHAN2G(11, 2462, 0),
9455 	CHAN2G(12, 2467, 0),
9456 	CHAN2G(13, 2472, 0),
9457 	CHAN2G(14, 2484, 0),
9458 };
9459 
9460 static const struct ieee80211_channel ath10k_5ghz_channels[] = {
9461 	CHAN5G(36, 5180, 0),
9462 	CHAN5G(40, 5200, 0),
9463 	CHAN5G(44, 5220, 0),
9464 	CHAN5G(48, 5240, 0),
9465 	CHAN5G(52, 5260, 0),
9466 	CHAN5G(56, 5280, 0),
9467 	CHAN5G(60, 5300, 0),
9468 	CHAN5G(64, 5320, 0),
9469 	CHAN5G(100, 5500, 0),
9470 	CHAN5G(104, 5520, 0),
9471 	CHAN5G(108, 5540, 0),
9472 	CHAN5G(112, 5560, 0),
9473 	CHAN5G(116, 5580, 0),
9474 	CHAN5G(120, 5600, 0),
9475 	CHAN5G(124, 5620, 0),
9476 	CHAN5G(128, 5640, 0),
9477 	CHAN5G(132, 5660, 0),
9478 	CHAN5G(136, 5680, 0),
9479 	CHAN5G(140, 5700, 0),
9480 	CHAN5G(144, 5720, 0),
9481 	CHAN5G(149, 5745, 0),
9482 	CHAN5G(153, 5765, 0),
9483 	CHAN5G(157, 5785, 0),
9484 	CHAN5G(161, 5805, 0),
9485 	CHAN5G(165, 5825, 0),
9486 	CHAN5G(169, 5845, 0),
9487 	CHAN5G(173, 5865, 0),
9488 	/* If you add more, you may need to change ATH10K_MAX_5G_CHAN */
9489 	/* And you will definitely need to change ATH10K_NUM_CHANS in core.h */
9490 };
9491 
9492 struct ath10k *ath10k_mac_create(size_t priv_size)
9493 {
9494 	struct ieee80211_hw *hw;
9495 	struct ieee80211_ops *ops;
9496 	struct ath10k *ar;
9497 
9498 	ops = kmemdup(&ath10k_ops, sizeof(ath10k_ops), GFP_KERNEL);
9499 	if (!ops)
9500 		return NULL;
9501 
9502 	hw = ieee80211_alloc_hw(sizeof(struct ath10k) + priv_size, ops);
9503 	if (!hw) {
9504 		kfree(ops);
9505 		return NULL;
9506 	}
9507 
9508 	ar = hw->priv;
9509 	ar->hw = hw;
9510 	ar->ops = ops;
9511 
9512 	return ar;
9513 }
9514 
9515 void ath10k_mac_destroy(struct ath10k *ar)
9516 {
9517 	struct ieee80211_ops *ops = ar->ops;
9518 
9519 	ieee80211_free_hw(ar->hw);
9520 	kfree(ops);
9521 }
9522 
9523 static const struct ieee80211_iface_limit ath10k_if_limits[] = {
9524 	{
9525 		.max	= 8,
9526 		.types	= BIT(NL80211_IFTYPE_STATION)
9527 			| BIT(NL80211_IFTYPE_P2P_CLIENT)
9528 	},
9529 	{
9530 		.max	= 3,
9531 		.types	= BIT(NL80211_IFTYPE_P2P_GO)
9532 	},
9533 	{
9534 		.max	= 1,
9535 		.types	= BIT(NL80211_IFTYPE_P2P_DEVICE)
9536 	},
9537 	{
9538 		.max	= 7,
9539 		.types	= BIT(NL80211_IFTYPE_AP)
9540 #ifdef CONFIG_MAC80211_MESH
9541 			| BIT(NL80211_IFTYPE_MESH_POINT)
9542 #endif
9543 	},
9544 };
9545 
9546 static const struct ieee80211_iface_limit ath10k_10x_if_limits[] = {
9547 	{
9548 		.max	= 8,
9549 		.types	= BIT(NL80211_IFTYPE_AP)
9550 #ifdef CONFIG_MAC80211_MESH
9551 			| BIT(NL80211_IFTYPE_MESH_POINT)
9552 #endif
9553 	},
9554 	{
9555 		.max	= 1,
9556 		.types	= BIT(NL80211_IFTYPE_STATION)
9557 	},
9558 };
9559 
9560 static const struct ieee80211_iface_combination ath10k_if_comb[] = {
9561 	{
9562 		.limits = ath10k_if_limits,
9563 		.n_limits = ARRAY_SIZE(ath10k_if_limits),
9564 		.max_interfaces = 8,
9565 		.num_different_channels = 1,
9566 		.beacon_int_infra_match = true,
9567 	},
9568 };
9569 
9570 static const struct ieee80211_iface_combination ath10k_10x_if_comb[] = {
9571 	{
9572 		.limits = ath10k_10x_if_limits,
9573 		.n_limits = ARRAY_SIZE(ath10k_10x_if_limits),
9574 		.max_interfaces = 8,
9575 		.num_different_channels = 1,
9576 		.beacon_int_infra_match = true,
9577 		.beacon_int_min_gcd = 1,
9578 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9579 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9580 					BIT(NL80211_CHAN_WIDTH_20) |
9581 					BIT(NL80211_CHAN_WIDTH_40) |
9582 					BIT(NL80211_CHAN_WIDTH_80),
9583 #endif
9584 	},
9585 };
9586 
9587 static const struct ieee80211_iface_limit ath10k_tlv_if_limit[] = {
9588 	{
9589 		.max = 2,
9590 		.types = BIT(NL80211_IFTYPE_STATION),
9591 	},
9592 	{
9593 		.max = 2,
9594 		.types = BIT(NL80211_IFTYPE_AP) |
9595 #ifdef CONFIG_MAC80211_MESH
9596 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9597 #endif
9598 			 BIT(NL80211_IFTYPE_P2P_CLIENT) |
9599 			 BIT(NL80211_IFTYPE_P2P_GO),
9600 	},
9601 	{
9602 		.max = 1,
9603 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9604 	},
9605 };
9606 
9607 static const struct ieee80211_iface_limit ath10k_tlv_qcs_if_limit[] = {
9608 	{
9609 		.max = 2,
9610 		.types = BIT(NL80211_IFTYPE_STATION),
9611 	},
9612 	{
9613 		.max = 2,
9614 		.types = BIT(NL80211_IFTYPE_P2P_CLIENT),
9615 	},
9616 	{
9617 		.max = 1,
9618 		.types = BIT(NL80211_IFTYPE_AP) |
9619 #ifdef CONFIG_MAC80211_MESH
9620 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9621 #endif
9622 			 BIT(NL80211_IFTYPE_P2P_GO),
9623 	},
9624 	{
9625 		.max = 1,
9626 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9627 	},
9628 };
9629 
9630 static const struct ieee80211_iface_limit ath10k_tlv_if_limit_ibss[] = {
9631 	{
9632 		.max = 1,
9633 		.types = BIT(NL80211_IFTYPE_STATION),
9634 	},
9635 	{
9636 		.max = 1,
9637 		.types = BIT(NL80211_IFTYPE_ADHOC),
9638 	},
9639 };
9640 
9641 /* FIXME: This is not thouroughly tested. These combinations may over- or
9642  * underestimate hw/fw capabilities.
9643  */
9644 static struct ieee80211_iface_combination ath10k_tlv_if_comb[] = {
9645 	{
9646 		.limits = ath10k_tlv_if_limit,
9647 		.num_different_channels = 1,
9648 		.max_interfaces = 4,
9649 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9650 	},
9651 	{
9652 		.limits = ath10k_tlv_if_limit_ibss,
9653 		.num_different_channels = 1,
9654 		.max_interfaces = 2,
9655 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9656 	},
9657 };
9658 
9659 static struct ieee80211_iface_combination ath10k_tlv_qcs_if_comb[] = {
9660 	{
9661 		.limits = ath10k_tlv_if_limit,
9662 		.num_different_channels = 1,
9663 		.max_interfaces = 4,
9664 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9665 	},
9666 	{
9667 		.limits = ath10k_tlv_qcs_if_limit,
9668 		.num_different_channels = 2,
9669 		.max_interfaces = 4,
9670 		.n_limits = ARRAY_SIZE(ath10k_tlv_qcs_if_limit),
9671 	},
9672 	{
9673 		.limits = ath10k_tlv_if_limit_ibss,
9674 		.num_different_channels = 1,
9675 		.max_interfaces = 2,
9676 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9677 	},
9678 };
9679 
9680 static const struct ieee80211_iface_limit ath10k_10_4_if_limits[] = {
9681 	{
9682 		.max = 1,
9683 		.types = BIT(NL80211_IFTYPE_STATION),
9684 	},
9685 	{
9686 		.max	= 16,
9687 		.types	= BIT(NL80211_IFTYPE_AP)
9688 #ifdef CONFIG_MAC80211_MESH
9689 			| BIT(NL80211_IFTYPE_MESH_POINT)
9690 #endif
9691 	},
9692 };
9693 
9694 static const struct ieee80211_iface_combination ath10k_10_4_if_comb[] = {
9695 	{
9696 		.limits = ath10k_10_4_if_limits,
9697 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9698 		.max_interfaces = 16,
9699 		.num_different_channels = 1,
9700 		.beacon_int_infra_match = true,
9701 		.beacon_int_min_gcd = 1,
9702 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9703 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9704 					BIT(NL80211_CHAN_WIDTH_20) |
9705 					BIT(NL80211_CHAN_WIDTH_40) |
9706 					BIT(NL80211_CHAN_WIDTH_80) |
9707 					BIT(NL80211_CHAN_WIDTH_80P80) |
9708 					BIT(NL80211_CHAN_WIDTH_160),
9709 #endif
9710 	},
9711 };
9712 
9713 static const struct
9714 ieee80211_iface_combination ath10k_10_4_bcn_int_if_comb[] = {
9715 	{
9716 		.limits = ath10k_10_4_if_limits,
9717 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9718 		.max_interfaces = 16,
9719 		.num_different_channels = 1,
9720 		.beacon_int_infra_match = true,
9721 		.beacon_int_min_gcd = 100,
9722 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9723 		.radar_detect_widths =  BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9724 					BIT(NL80211_CHAN_WIDTH_20) |
9725 					BIT(NL80211_CHAN_WIDTH_40) |
9726 					BIT(NL80211_CHAN_WIDTH_80) |
9727 					BIT(NL80211_CHAN_WIDTH_80P80) |
9728 					BIT(NL80211_CHAN_WIDTH_160),
9729 #endif
9730 	},
9731 };
9732 
9733 static void ath10k_get_arvif_iter(void *data, u8 *mac,
9734 				  struct ieee80211_vif *vif)
9735 {
9736 	struct ath10k_vif_iter *arvif_iter = data;
9737 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9738 
9739 	if (arvif->vdev_id == arvif_iter->vdev_id)
9740 		arvif_iter->arvif = arvif;
9741 }
9742 
9743 struct ath10k_vif *ath10k_get_arvif(struct ath10k *ar, u32 vdev_id)
9744 {
9745 	struct ath10k_vif_iter arvif_iter;
9746 
9747 	memset(&arvif_iter, 0, sizeof(struct ath10k_vif_iter));
9748 	arvif_iter.vdev_id = vdev_id;
9749 
9750 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
9751 						   ATH10K_ITER_RESUME_FLAGS,
9752 						   ath10k_get_arvif_iter,
9753 						   &arvif_iter);
9754 	if (!arvif_iter.arvif) {
9755 		ath10k_warn(ar, "No VIF found for vdev %d\n", vdev_id);
9756 		return NULL;
9757 	}
9758 
9759 	return arvif_iter.arvif;
9760 }
9761 
9762 #define WRD_METHOD "WRDD"
9763 #define WRDD_WIFI  (0x07)
9764 
9765 static u32 ath10k_mac_wrdd_get_mcc(struct ath10k *ar, union acpi_object *wrdd)
9766 {
9767 	union acpi_object *mcc_pkg;
9768 	union acpi_object *domain_type;
9769 	union acpi_object *mcc_value;
9770 	u32 i;
9771 
9772 	if (wrdd->type != ACPI_TYPE_PACKAGE ||
9773 	    wrdd->package.count < 2 ||
9774 	    wrdd->package.elements[0].type != ACPI_TYPE_INTEGER ||
9775 	    wrdd->package.elements[0].integer.value != 0) {
9776 		ath10k_warn(ar, "ignoring malformed/unsupported wrdd structure\n");
9777 		return 0;
9778 	}
9779 
9780 	for (i = 1; i < wrdd->package.count; ++i) {
9781 		mcc_pkg = &wrdd->package.elements[i];
9782 
9783 		if (mcc_pkg->type != ACPI_TYPE_PACKAGE)
9784 			continue;
9785 		if (mcc_pkg->package.count < 2)
9786 			continue;
9787 		if (mcc_pkg->package.elements[0].type != ACPI_TYPE_INTEGER ||
9788 		    mcc_pkg->package.elements[1].type != ACPI_TYPE_INTEGER)
9789 			continue;
9790 
9791 		domain_type = &mcc_pkg->package.elements[0];
9792 		if (domain_type->integer.value != WRDD_WIFI)
9793 			continue;
9794 
9795 		mcc_value = &mcc_pkg->package.elements[1];
9796 		return mcc_value->integer.value;
9797 	}
9798 	return 0;
9799 }
9800 
9801 static int ath10k_mac_get_wrdd_regulatory(struct ath10k *ar, u16 *rd)
9802 {
9803 	acpi_handle root_handle;
9804 	acpi_handle handle;
9805 	struct acpi_buffer wrdd = {ACPI_ALLOCATE_BUFFER, NULL};
9806 	acpi_status status;
9807 	u32 alpha2_code;
9808 	char alpha2[3];
9809 
9810 	root_handle = ACPI_HANDLE(ar->dev);
9811 	if (!root_handle)
9812 		return -EOPNOTSUPP;
9813 
9814 	status = acpi_get_handle(root_handle, (acpi_string)WRD_METHOD, &handle);
9815 	if (ACPI_FAILURE(status)) {
9816 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9817 			   "failed to get wrd method %d\n", status);
9818 		return -EIO;
9819 	}
9820 
9821 	status = acpi_evaluate_object(handle, NULL, NULL, &wrdd);
9822 	if (ACPI_FAILURE(status)) {
9823 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9824 			   "failed to call wrdc %d\n", status);
9825 		return -EIO;
9826 	}
9827 
9828 	alpha2_code = ath10k_mac_wrdd_get_mcc(ar, wrdd.pointer);
9829 	kfree(wrdd.pointer);
9830 	if (!alpha2_code)
9831 		return -EIO;
9832 
9833 	alpha2[0] = (alpha2_code >> 8) & 0xff;
9834 	alpha2[1] = (alpha2_code >> 0) & 0xff;
9835 	alpha2[2] = '\0';
9836 
9837 	ath10k_dbg(ar, ATH10K_DBG_BOOT,
9838 		   "regulatory hint from WRDD (alpha2-code): %s\n", alpha2);
9839 
9840 	*rd = ath_regd_find_country_by_name(alpha2);
9841 	if (*rd == 0xffff)
9842 		return -EIO;
9843 
9844 	*rd |= COUNTRY_ERD_FLAG;
9845 	return 0;
9846 }
9847 
9848 static int ath10k_mac_init_rd(struct ath10k *ar)
9849 {
9850 	int ret;
9851 	u16 rd;
9852 
9853 	ret = ath10k_mac_get_wrdd_regulatory(ar, &rd);
9854 	if (ret) {
9855 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9856 			   "fallback to eeprom programmed regulatory settings\n");
9857 		rd = ar->hw_eeprom_rd;
9858 	}
9859 
9860 	ar->ath_common.regulatory.current_rd = rd;
9861 	return 0;
9862 }
9863 
9864 int ath10k_mac_register(struct ath10k *ar)
9865 {
9866 	static const u32 cipher_suites[] = {
9867 		WLAN_CIPHER_SUITE_WEP40,
9868 		WLAN_CIPHER_SUITE_WEP104,
9869 		WLAN_CIPHER_SUITE_TKIP,
9870 		WLAN_CIPHER_SUITE_CCMP,
9871 
9872 		/* Do not add hardware supported ciphers before this line.
9873 		 * Allow software encryption for all chips. Don't forget to
9874 		 * update n_cipher_suites below.
9875 		 */
9876 		WLAN_CIPHER_SUITE_AES_CMAC,
9877 		WLAN_CIPHER_SUITE_BIP_CMAC_256,
9878 		WLAN_CIPHER_SUITE_BIP_GMAC_128,
9879 		WLAN_CIPHER_SUITE_BIP_GMAC_256,
9880 
9881 		/* Only QCA99x0 and QCA4019 varients support GCMP-128, GCMP-256
9882 		 * and CCMP-256 in hardware.
9883 		 */
9884 		WLAN_CIPHER_SUITE_GCMP,
9885 		WLAN_CIPHER_SUITE_GCMP_256,
9886 		WLAN_CIPHER_SUITE_CCMP_256,
9887 	};
9888 	struct ieee80211_supported_band *band;
9889 	void *channels;
9890 	int ret;
9891 
9892 	if (!is_valid_ether_addr(ar->mac_addr)) {
9893 		ath10k_warn(ar, "invalid MAC address; choosing random\n");
9894 		eth_random_addr(ar->mac_addr);
9895 	}
9896 	SET_IEEE80211_PERM_ADDR(ar->hw, ar->mac_addr);
9897 
9898 	SET_IEEE80211_DEV(ar->hw, ar->dev);
9899 
9900 	BUILD_BUG_ON((ARRAY_SIZE(ath10k_2ghz_channels) +
9901 		      ARRAY_SIZE(ath10k_5ghz_channels)) !=
9902 		     ATH10K_NUM_CHANS);
9903 
9904 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
9905 		channels = kmemdup(ath10k_2ghz_channels,
9906 				   sizeof(ath10k_2ghz_channels),
9907 				   GFP_KERNEL);
9908 		if (!channels) {
9909 			ret = -ENOMEM;
9910 			goto err_free;
9911 		}
9912 
9913 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
9914 		band->n_channels = ARRAY_SIZE(ath10k_2ghz_channels);
9915 		band->channels = channels;
9916 
9917 		if (ar->hw_params.cck_rate_map_rev2) {
9918 			band->n_bitrates = ath10k_g_rates_rev2_size;
9919 			band->bitrates = ath10k_g_rates_rev2;
9920 		} else {
9921 			band->n_bitrates = ath10k_g_rates_size;
9922 			band->bitrates = ath10k_g_rates;
9923 		}
9924 
9925 		ar->hw->wiphy->bands[NL80211_BAND_2GHZ] = band;
9926 	}
9927 
9928 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
9929 		channels = kmemdup(ath10k_5ghz_channels,
9930 				   sizeof(ath10k_5ghz_channels),
9931 				   GFP_KERNEL);
9932 		if (!channels) {
9933 			ret = -ENOMEM;
9934 			goto err_free;
9935 		}
9936 
9937 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
9938 		band->n_channels = ARRAY_SIZE(ath10k_5ghz_channels);
9939 		band->channels = channels;
9940 		band->n_bitrates = ath10k_a_rates_size;
9941 		band->bitrates = ath10k_a_rates;
9942 		ar->hw->wiphy->bands[NL80211_BAND_5GHZ] = band;
9943 	}
9944 
9945 	wiphy_read_of_freq_limits(ar->hw->wiphy);
9946 	ath10k_mac_setup_ht_vht_cap(ar);
9947 
9948 	ar->hw->wiphy->interface_modes =
9949 		BIT(NL80211_IFTYPE_STATION) |
9950 		BIT(NL80211_IFTYPE_AP) |
9951 		BIT(NL80211_IFTYPE_MESH_POINT);
9952 
9953 	ar->hw->wiphy->available_antennas_rx = ar->cfg_rx_chainmask;
9954 	ar->hw->wiphy->available_antennas_tx = ar->cfg_tx_chainmask;
9955 
9956 	if (!test_bit(ATH10K_FW_FEATURE_NO_P2P, ar->normal_mode_fw.fw_file.fw_features))
9957 		ar->hw->wiphy->interface_modes |=
9958 			BIT(NL80211_IFTYPE_P2P_DEVICE) |
9959 			BIT(NL80211_IFTYPE_P2P_CLIENT) |
9960 			BIT(NL80211_IFTYPE_P2P_GO);
9961 
9962 	ieee80211_hw_set(ar->hw, SIGNAL_DBM);
9963 
9964 	if (!test_bit(ATH10K_FW_FEATURE_NO_PS,
9965 		      ar->running_fw->fw_file.fw_features)) {
9966 		ieee80211_hw_set(ar->hw, SUPPORTS_PS);
9967 		ieee80211_hw_set(ar->hw, SUPPORTS_DYNAMIC_PS);
9968 	}
9969 
9970 	ieee80211_hw_set(ar->hw, MFP_CAPABLE);
9971 	ieee80211_hw_set(ar->hw, REPORTS_TX_ACK_STATUS);
9972 	ieee80211_hw_set(ar->hw, HAS_RATE_CONTROL);
9973 	ieee80211_hw_set(ar->hw, AP_LINK_PS);
9974 	ieee80211_hw_set(ar->hw, SPECTRUM_MGMT);
9975 	ieee80211_hw_set(ar->hw, SUPPORT_FAST_XMIT);
9976 	ieee80211_hw_set(ar->hw, CONNECTION_MONITOR);
9977 	ieee80211_hw_set(ar->hw, SUPPORTS_PER_STA_GTK);
9978 	ieee80211_hw_set(ar->hw, WANT_MONITOR_VIF);
9979 	ieee80211_hw_set(ar->hw, CHANCTX_STA_CSA);
9980 	ieee80211_hw_set(ar->hw, QUEUE_CONTROL);
9981 	ieee80211_hw_set(ar->hw, SUPPORTS_TX_FRAG);
9982 	ieee80211_hw_set(ar->hw, REPORTS_LOW_ACK);
9983 
9984 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
9985 		ieee80211_hw_set(ar->hw, SW_CRYPTO_CONTROL);
9986 
9987 	ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
9988 	ar->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
9989 
9990 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS)
9991 		ar->hw->wiphy->features |= NL80211_FEATURE_DYNAMIC_SMPS;
9992 
9993 	if (ar->ht_cap_info & WMI_HT_CAP_ENABLED) {
9994 		ieee80211_hw_set(ar->hw, AMPDU_AGGREGATION);
9995 		ieee80211_hw_set(ar->hw, TX_AMPDU_SETUP_IN_HW);
9996 	}
9997 
9998 	ar->hw->wiphy->max_scan_ssids = WLAN_SCAN_PARAMS_MAX_SSID;
9999 	ar->hw->wiphy->max_scan_ie_len = WLAN_SCAN_PARAMS_MAX_IE_LEN;
10000 
10001 	if (test_bit(WMI_SERVICE_NLO, ar->wmi.svc_map)) {
10002 		ar->hw->wiphy->max_sched_scan_ssids = WMI_PNO_MAX_SUPP_NETWORKS;
10003 		ar->hw->wiphy->max_match_sets = WMI_PNO_MAX_SUPP_NETWORKS;
10004 		ar->hw->wiphy->max_sched_scan_ie_len = WMI_PNO_MAX_IE_LENGTH;
10005 		ar->hw->wiphy->max_sched_scan_plans = WMI_PNO_MAX_SCHED_SCAN_PLANS;
10006 		ar->hw->wiphy->max_sched_scan_plan_interval =
10007 			WMI_PNO_MAX_SCHED_SCAN_PLAN_INT;
10008 		ar->hw->wiphy->max_sched_scan_plan_iterations =
10009 			WMI_PNO_MAX_SCHED_SCAN_PLAN_ITRNS;
10010 		ar->hw->wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
10011 	}
10012 
10013 	ar->hw->vif_data_size = sizeof(struct ath10k_vif);
10014 	ar->hw->sta_data_size = sizeof(struct ath10k_sta);
10015 	ar->hw->txq_data_size = sizeof(struct ath10k_txq);
10016 
10017 	ar->hw->max_listen_interval = ATH10K_MAX_HW_LISTEN_INTERVAL;
10018 
10019 	if (test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)) {
10020 		ar->hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
10021 
10022 		/* Firmware delivers WPS/P2P Probe Requests frames to driver so
10023 		 * that userspace (e.g. wpa_supplicant/hostapd) can generate
10024 		 * correct Probe Responses. This is more of a hack advert..
10025 		 */
10026 		ar->hw->wiphy->probe_resp_offload |=
10027 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS |
10028 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2 |
10029 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
10030 	}
10031 
10032 	if (test_bit(WMI_SERVICE_TDLS, ar->wmi.svc_map) ||
10033 	    test_bit(WMI_SERVICE_TDLS_EXPLICIT_MODE_ONLY, ar->wmi.svc_map)) {
10034 		ar->hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
10035 		if (test_bit(WMI_SERVICE_TDLS_WIDER_BANDWIDTH, ar->wmi.svc_map))
10036 			ieee80211_hw_set(ar->hw, TDLS_WIDER_BW);
10037 	}
10038 
10039 	if (test_bit(WMI_SERVICE_TDLS_UAPSD_BUFFER_STA, ar->wmi.svc_map))
10040 		ieee80211_hw_set(ar->hw, SUPPORTS_TDLS_BUFFER_STA);
10041 
10042 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
10043 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
10044 	ar->hw->wiphy->max_remain_on_channel_duration = 5000;
10045 
10046 	ar->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
10047 	ar->hw->wiphy->features |= NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
10048 				   NL80211_FEATURE_AP_SCAN;
10049 
10050 	ar->hw->wiphy->max_ap_assoc_sta = ar->max_num_stations;
10051 
10052 	ret = ath10k_wow_init(ar);
10053 	if (ret) {
10054 		ath10k_warn(ar, "failed to init wow: %d\n", ret);
10055 		goto err_free;
10056 	}
10057 
10058 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
10059 	wiphy_ext_feature_set(ar->hw->wiphy,
10060 			      NL80211_EXT_FEATURE_SET_SCAN_DWELL);
10061 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_AQL);
10062 
10063 	if (test_bit(WMI_SERVICE_TX_DATA_ACK_RSSI, ar->wmi.svc_map) ||
10064 	    test_bit(WMI_SERVICE_HTT_MGMT_TX_COMP_VALID_FLAGS, ar->wmi.svc_map))
10065 		wiphy_ext_feature_set(ar->hw->wiphy,
10066 				      NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT);
10067 
10068 	if (ath10k_peer_stats_enabled(ar) ||
10069 	    test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
10070 		wiphy_ext_feature_set(ar->hw->wiphy,
10071 				      NL80211_EXT_FEATURE_AIRTIME_FAIRNESS);
10072 
10073 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map))
10074 		wiphy_ext_feature_set(ar->hw->wiphy,
10075 				      NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER);
10076 
10077 	if (test_bit(WMI_SERVICE_TX_PWR_PER_PEER, ar->wmi.svc_map))
10078 		wiphy_ext_feature_set(ar->hw->wiphy,
10079 				      NL80211_EXT_FEATURE_STA_TX_PWR);
10080 
10081 	if (test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map)) {
10082 		ar->hw->wiphy->tid_config_support.vif |=
10083 				BIT(NL80211_TID_CONFIG_ATTR_NOACK) |
10084 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_SHORT) |
10085 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG) |
10086 				BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL) |
10087 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
10088 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE);
10089 
10090 		if (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
10091 			     ar->wmi.svc_map)) {
10092 			ar->hw->wiphy->tid_config_support.vif |=
10093 				BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL);
10094 		}
10095 
10096 		ar->hw->wiphy->tid_config_support.peer =
10097 				ar->hw->wiphy->tid_config_support.vif;
10098 		ar->hw->wiphy->max_data_retry_count = ATH10K_MAX_RETRY_COUNT;
10099 	} else {
10100 		ar->ops->set_tid_config = NULL;
10101 	}
10102 	/*
10103 	 * on LL hardware queues are managed entirely by the FW
10104 	 * so we only advertise to mac we can do the queues thing
10105 	 */
10106 	ar->hw->queues = IEEE80211_MAX_QUEUES;
10107 
10108 	/* vdev_ids are used as hw queue numbers. Make sure offchan tx queue is
10109 	 * something that vdev_ids can't reach so that we don't stop the queue
10110 	 * accidentally.
10111 	 */
10112 	ar->hw->offchannel_tx_hw_queue = IEEE80211_MAX_QUEUES - 1;
10113 
10114 	switch (ar->running_fw->fw_file.wmi_op_version) {
10115 	case ATH10K_FW_WMI_OP_VERSION_MAIN:
10116 		ar->hw->wiphy->iface_combinations = ath10k_if_comb;
10117 		ar->hw->wiphy->n_iface_combinations =
10118 			ARRAY_SIZE(ath10k_if_comb);
10119 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
10120 		break;
10121 	case ATH10K_FW_WMI_OP_VERSION_TLV:
10122 		if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
10123 			ar->hw->wiphy->iface_combinations =
10124 				ath10k_tlv_qcs_if_comb;
10125 			ar->hw->wiphy->n_iface_combinations =
10126 				ARRAY_SIZE(ath10k_tlv_qcs_if_comb);
10127 		} else {
10128 			ar->hw->wiphy->iface_combinations = ath10k_tlv_if_comb;
10129 			ar->hw->wiphy->n_iface_combinations =
10130 				ARRAY_SIZE(ath10k_tlv_if_comb);
10131 		}
10132 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
10133 		break;
10134 	case ATH10K_FW_WMI_OP_VERSION_10_1:
10135 	case ATH10K_FW_WMI_OP_VERSION_10_2:
10136 	case ATH10K_FW_WMI_OP_VERSION_10_2_4:
10137 		ar->hw->wiphy->iface_combinations = ath10k_10x_if_comb;
10138 		ar->hw->wiphy->n_iface_combinations =
10139 			ARRAY_SIZE(ath10k_10x_if_comb);
10140 		break;
10141 	case ATH10K_FW_WMI_OP_VERSION_10_4:
10142 		ar->hw->wiphy->iface_combinations = ath10k_10_4_if_comb;
10143 		ar->hw->wiphy->n_iface_combinations =
10144 			ARRAY_SIZE(ath10k_10_4_if_comb);
10145 		if (test_bit(WMI_SERVICE_VDEV_DIFFERENT_BEACON_INTERVAL_SUPPORT,
10146 			     ar->wmi.svc_map)) {
10147 			ar->hw->wiphy->iface_combinations =
10148 				ath10k_10_4_bcn_int_if_comb;
10149 			ar->hw->wiphy->n_iface_combinations =
10150 				ARRAY_SIZE(ath10k_10_4_bcn_int_if_comb);
10151 		}
10152 		break;
10153 	case ATH10K_FW_WMI_OP_VERSION_UNSET:
10154 	case ATH10K_FW_WMI_OP_VERSION_MAX:
10155 		WARN_ON(1);
10156 		ret = -EINVAL;
10157 		goto err_free;
10158 	}
10159 
10160 	if (ar->hw_params.dynamic_sar_support)
10161 		ar->hw->wiphy->sar_capa = &ath10k_sar_capa;
10162 
10163 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
10164 		ar->hw->netdev_features = NETIF_F_HW_CSUM;
10165 
10166 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED)) {
10167 		/* Init ath dfs pattern detector */
10168 		ar->ath_common.debug_mask = ATH_DBG_DFS;
10169 		ar->dfs_detector = dfs_pattern_detector_init(&ar->ath_common,
10170 							     NL80211_DFS_UNSET);
10171 
10172 		if (!ar->dfs_detector)
10173 			ath10k_warn(ar, "failed to initialise DFS pattern detector\n");
10174 	}
10175 
10176 	ret = ath10k_mac_init_rd(ar);
10177 	if (ret) {
10178 		ath10k_err(ar, "failed to derive regdom: %d\n", ret);
10179 		goto err_dfs_detector_exit;
10180 	}
10181 
10182 	/* Disable set_coverage_class for chipsets that do not support it. */
10183 	if (!ar->hw_params.hw_ops->set_coverage_class)
10184 		ar->ops->set_coverage_class = NULL;
10185 
10186 	ret = ath_regd_init(&ar->ath_common.regulatory, ar->hw->wiphy,
10187 			    ath10k_reg_notifier);
10188 	if (ret) {
10189 		ath10k_err(ar, "failed to initialise regulatory: %i\n", ret);
10190 		goto err_dfs_detector_exit;
10191 	}
10192 
10193 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
10194 		ar->hw->wiphy->features |=
10195 			NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
10196 	}
10197 
10198 	ar->hw->wiphy->cipher_suites = cipher_suites;
10199 
10200 	/* QCA988x and QCA6174 family chips do not support CCMP-256, GCMP-128
10201 	 * and GCMP-256 ciphers in hardware. Fetch number of ciphers supported
10202 	 * from chip specific hw_param table.
10203 	 */
10204 	if (!ar->hw_params.n_cipher_suites ||
10205 	    ar->hw_params.n_cipher_suites > ARRAY_SIZE(cipher_suites)) {
10206 		ath10k_err(ar, "invalid hw_params.n_cipher_suites %d\n",
10207 			   ar->hw_params.n_cipher_suites);
10208 		ar->hw_params.n_cipher_suites = 8;
10209 	}
10210 	ar->hw->wiphy->n_cipher_suites = ar->hw_params.n_cipher_suites;
10211 
10212 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
10213 
10214 	ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER;
10215 
10216 	ret = ieee80211_register_hw(ar->hw);
10217 	if (ret) {
10218 		ath10k_err(ar, "failed to register ieee80211: %d\n", ret);
10219 		goto err_dfs_detector_exit;
10220 	}
10221 
10222 	if (test_bit(WMI_SERVICE_PER_PACKET_SW_ENCRYPT, ar->wmi.svc_map)) {
10223 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN);
10224 		ar->hw->wiphy->software_iftypes |= BIT(NL80211_IFTYPE_AP_VLAN);
10225 	}
10226 
10227 	if (!ath_is_world_regd(&ar->ath_common.regulatory)) {
10228 		ret = regulatory_hint(ar->hw->wiphy,
10229 				      ar->ath_common.regulatory.alpha2);
10230 		if (ret)
10231 			goto err_unregister;
10232 	}
10233 
10234 	return 0;
10235 
10236 err_unregister:
10237 	ieee80211_unregister_hw(ar->hw);
10238 
10239 err_dfs_detector_exit:
10240 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10241 		ar->dfs_detector->exit(ar->dfs_detector);
10242 
10243 err_free:
10244 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10245 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10246 
10247 	SET_IEEE80211_DEV(ar->hw, NULL);
10248 	return ret;
10249 }
10250 
10251 void ath10k_mac_unregister(struct ath10k *ar)
10252 {
10253 	ieee80211_unregister_hw(ar->hw);
10254 
10255 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10256 		ar->dfs_detector->exit(ar->dfs_detector);
10257 
10258 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10259 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10260 
10261 	SET_IEEE80211_DEV(ar->hw, NULL);
10262 }
10263