xref: /openbmc/linux/drivers/net/wireless/ath/ath10k/mac.c (revision e6486939)
1 // SPDX-License-Identifier: ISC
2 /*
3  * Copyright (c) 2005-2011 Atheros Communications Inc.
4  * Copyright (c) 2011-2017 Qualcomm Atheros, Inc.
5  * Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
6  */
7 
8 #include "mac.h"
9 
10 #include <net/cfg80211.h>
11 #include <net/mac80211.h>
12 #include <linux/etherdevice.h>
13 #include <linux/acpi.h>
14 #include <linux/of.h>
15 #include <linux/bitfield.h>
16 
17 #include "hif.h"
18 #include "core.h"
19 #include "debug.h"
20 #include "wmi.h"
21 #include "htt.h"
22 #include "txrx.h"
23 #include "testmode.h"
24 #include "wmi-tlv.h"
25 #include "wmi-ops.h"
26 #include "wow.h"
27 
28 /*********/
29 /* Rates */
30 /*********/
31 
32 static struct ieee80211_rate ath10k_rates[] = {
33 	{ .bitrate = 10,
34 	  .hw_value = ATH10K_HW_RATE_CCK_LP_1M },
35 	{ .bitrate = 20,
36 	  .hw_value = ATH10K_HW_RATE_CCK_LP_2M,
37 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_2M,
38 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
39 	{ .bitrate = 55,
40 	  .hw_value = ATH10K_HW_RATE_CCK_LP_5_5M,
41 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_5_5M,
42 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
43 	{ .bitrate = 110,
44 	  .hw_value = ATH10K_HW_RATE_CCK_LP_11M,
45 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_11M,
46 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
47 
48 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
49 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
50 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
51 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
52 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
53 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
54 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
55 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
56 };
57 
58 static struct ieee80211_rate ath10k_rates_rev2[] = {
59 	{ .bitrate = 10,
60 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_1M },
61 	{ .bitrate = 20,
62 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_2M,
63 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_2M,
64 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
65 	{ .bitrate = 55,
66 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_5_5M,
67 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_5_5M,
68 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
69 	{ .bitrate = 110,
70 	  .hw_value = ATH10K_HW_RATE_REV2_CCK_LP_11M,
71 	  .hw_value_short = ATH10K_HW_RATE_REV2_CCK_SP_11M,
72 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
73 
74 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
75 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
76 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
77 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
78 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
79 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
80 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
81 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
82 };
83 
84 static const struct cfg80211_sar_freq_ranges ath10k_sar_freq_ranges[] = {
85 	{.start_freq = 2402, .end_freq = 2494 },
86 	{.start_freq = 5170, .end_freq = 5875 },
87 };
88 
89 static const struct cfg80211_sar_capa ath10k_sar_capa = {
90 	.type = NL80211_SAR_TYPE_POWER,
91 	.num_freq_ranges = (ARRAY_SIZE(ath10k_sar_freq_ranges)),
92 	.freq_ranges = &ath10k_sar_freq_ranges[0],
93 };
94 
95 #define ATH10K_MAC_FIRST_OFDM_RATE_IDX 4
96 
97 #define ath10k_a_rates (ath10k_rates + ATH10K_MAC_FIRST_OFDM_RATE_IDX)
98 #define ath10k_a_rates_size (ARRAY_SIZE(ath10k_rates) - \
99 			     ATH10K_MAC_FIRST_OFDM_RATE_IDX)
100 #define ath10k_g_rates (ath10k_rates + 0)
101 #define ath10k_g_rates_size (ARRAY_SIZE(ath10k_rates))
102 
103 #define ath10k_g_rates_rev2 (ath10k_rates_rev2 + 0)
104 #define ath10k_g_rates_rev2_size (ARRAY_SIZE(ath10k_rates_rev2))
105 
106 #define ath10k_wmi_legacy_rates ath10k_rates
107 
108 static bool ath10k_mac_bitrate_is_cck(int bitrate)
109 {
110 	switch (bitrate) {
111 	case 10:
112 	case 20:
113 	case 55:
114 	case 110:
115 		return true;
116 	}
117 
118 	return false;
119 }
120 
121 static u8 ath10k_mac_bitrate_to_rate(int bitrate)
122 {
123 	return DIV_ROUND_UP(bitrate, 5) |
124 	       (ath10k_mac_bitrate_is_cck(bitrate) ? BIT(7) : 0);
125 }
126 
127 u8 ath10k_mac_hw_rate_to_idx(const struct ieee80211_supported_band *sband,
128 			     u8 hw_rate, bool cck)
129 {
130 	const struct ieee80211_rate *rate;
131 	int i;
132 
133 	for (i = 0; i < sband->n_bitrates; i++) {
134 		rate = &sband->bitrates[i];
135 
136 		if (ath10k_mac_bitrate_is_cck(rate->bitrate) != cck)
137 			continue;
138 
139 		if (rate->hw_value == hw_rate)
140 			return i;
141 		else if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE &&
142 			 rate->hw_value_short == hw_rate)
143 			return i;
144 	}
145 
146 	return 0;
147 }
148 
149 u8 ath10k_mac_bitrate_to_idx(const struct ieee80211_supported_band *sband,
150 			     u32 bitrate)
151 {
152 	int i;
153 
154 	for (i = 0; i < sband->n_bitrates; i++)
155 		if (sband->bitrates[i].bitrate == bitrate)
156 			return i;
157 
158 	return 0;
159 }
160 
161 static int ath10k_mac_get_rate_hw_value(int bitrate)
162 {
163 	int i;
164 	u8 hw_value_prefix = 0;
165 
166 	if (ath10k_mac_bitrate_is_cck(bitrate))
167 		hw_value_prefix = WMI_RATE_PREAMBLE_CCK << 6;
168 
169 	for (i = 0; i < ARRAY_SIZE(ath10k_rates); i++) {
170 		if (ath10k_rates[i].bitrate == bitrate)
171 			return hw_value_prefix | ath10k_rates[i].hw_value;
172 	}
173 
174 	return -EINVAL;
175 }
176 
177 static int ath10k_mac_get_max_vht_mcs_map(u16 mcs_map, int nss)
178 {
179 	switch ((mcs_map >> (2 * nss)) & 0x3) {
180 	case IEEE80211_VHT_MCS_SUPPORT_0_7: return BIT(8) - 1;
181 	case IEEE80211_VHT_MCS_SUPPORT_0_8: return BIT(9) - 1;
182 	case IEEE80211_VHT_MCS_SUPPORT_0_9: return BIT(10) - 1;
183 	}
184 	return 0;
185 }
186 
187 static u32
188 ath10k_mac_max_ht_nss(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
189 {
190 	int nss;
191 
192 	for (nss = IEEE80211_HT_MCS_MASK_LEN - 1; nss >= 0; nss--)
193 		if (ht_mcs_mask[nss])
194 			return nss + 1;
195 
196 	return 1;
197 }
198 
199 static u32
200 ath10k_mac_max_vht_nss(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
201 {
202 	int nss;
203 
204 	for (nss = NL80211_VHT_NSS_MAX - 1; nss >= 0; nss--)
205 		if (vht_mcs_mask[nss])
206 			return nss + 1;
207 
208 	return 1;
209 }
210 
211 int ath10k_mac_ext_resource_config(struct ath10k *ar, u32 val)
212 {
213 	enum wmi_host_platform_type platform_type;
214 	int ret;
215 
216 	if (test_bit(WMI_SERVICE_TX_MODE_DYNAMIC, ar->wmi.svc_map))
217 		platform_type = WMI_HOST_PLATFORM_LOW_PERF;
218 	else
219 		platform_type = WMI_HOST_PLATFORM_HIGH_PERF;
220 
221 	ret = ath10k_wmi_ext_resource_config(ar, platform_type, val);
222 
223 	if (ret && ret != -EOPNOTSUPP) {
224 		ath10k_warn(ar, "failed to configure ext resource: %d\n", ret);
225 		return ret;
226 	}
227 
228 	return 0;
229 }
230 
231 /**********/
232 /* Crypto */
233 /**********/
234 
235 static int ath10k_send_key(struct ath10k_vif *arvif,
236 			   struct ieee80211_key_conf *key,
237 			   enum set_key_cmd cmd,
238 			   const u8 *macaddr, u32 flags)
239 {
240 	struct ath10k *ar = arvif->ar;
241 	struct wmi_vdev_install_key_arg arg = {
242 		.vdev_id = arvif->vdev_id,
243 		.key_idx = key->keyidx,
244 		.key_len = key->keylen,
245 		.key_data = key->key,
246 		.key_flags = flags,
247 		.macaddr = macaddr,
248 	};
249 
250 	lockdep_assert_held(&arvif->ar->conf_mutex);
251 
252 	switch (key->cipher) {
253 	case WLAN_CIPHER_SUITE_CCMP:
254 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
255 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
256 		break;
257 	case WLAN_CIPHER_SUITE_TKIP:
258 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_TKIP];
259 		arg.key_txmic_len = 8;
260 		arg.key_rxmic_len = 8;
261 		break;
262 	case WLAN_CIPHER_SUITE_WEP40:
263 	case WLAN_CIPHER_SUITE_WEP104:
264 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_WEP];
265 		break;
266 	case WLAN_CIPHER_SUITE_CCMP_256:
267 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_CCM];
268 		break;
269 	case WLAN_CIPHER_SUITE_GCMP:
270 	case WLAN_CIPHER_SUITE_GCMP_256:
271 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_AES_GCM];
272 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
273 		break;
274 	case WLAN_CIPHER_SUITE_BIP_GMAC_128:
275 	case WLAN_CIPHER_SUITE_BIP_GMAC_256:
276 	case WLAN_CIPHER_SUITE_BIP_CMAC_256:
277 	case WLAN_CIPHER_SUITE_AES_CMAC:
278 		WARN_ON(1);
279 		return -EINVAL;
280 	default:
281 		ath10k_warn(ar, "cipher %d is not supported\n", key->cipher);
282 		return -EOPNOTSUPP;
283 	}
284 
285 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
286 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
287 
288 	if (cmd == DISABLE_KEY) {
289 		arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_NONE];
290 		arg.key_data = NULL;
291 	}
292 
293 	return ath10k_wmi_vdev_install_key(arvif->ar, &arg);
294 }
295 
296 static int ath10k_install_key(struct ath10k_vif *arvif,
297 			      struct ieee80211_key_conf *key,
298 			      enum set_key_cmd cmd,
299 			      const u8 *macaddr, u32 flags)
300 {
301 	struct ath10k *ar = arvif->ar;
302 	int ret;
303 	unsigned long time_left;
304 
305 	lockdep_assert_held(&ar->conf_mutex);
306 
307 	reinit_completion(&ar->install_key_done);
308 
309 	if (arvif->nohwcrypt)
310 		return 1;
311 
312 	ret = ath10k_send_key(arvif, key, cmd, macaddr, flags);
313 	if (ret)
314 		return ret;
315 
316 	time_left = wait_for_completion_timeout(&ar->install_key_done, 3 * HZ);
317 	if (time_left == 0)
318 		return -ETIMEDOUT;
319 
320 	return 0;
321 }
322 
323 static int ath10k_install_peer_wep_keys(struct ath10k_vif *arvif,
324 					const u8 *addr)
325 {
326 	struct ath10k *ar = arvif->ar;
327 	struct ath10k_peer *peer;
328 	int ret;
329 	int i;
330 	u32 flags;
331 
332 	lockdep_assert_held(&ar->conf_mutex);
333 
334 	if (WARN_ON(arvif->vif->type != NL80211_IFTYPE_AP &&
335 		    arvif->vif->type != NL80211_IFTYPE_ADHOC &&
336 		    arvif->vif->type != NL80211_IFTYPE_MESH_POINT))
337 		return -EINVAL;
338 
339 	spin_lock_bh(&ar->data_lock);
340 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
341 	spin_unlock_bh(&ar->data_lock);
342 
343 	if (!peer)
344 		return -ENOENT;
345 
346 	for (i = 0; i < ARRAY_SIZE(arvif->wep_keys); i++) {
347 		if (arvif->wep_keys[i] == NULL)
348 			continue;
349 
350 		switch (arvif->vif->type) {
351 		case NL80211_IFTYPE_AP:
352 			flags = WMI_KEY_PAIRWISE;
353 
354 			if (arvif->def_wep_key_idx == i)
355 				flags |= WMI_KEY_TX_USAGE;
356 
357 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
358 						 SET_KEY, addr, flags);
359 			if (ret < 0)
360 				return ret;
361 			break;
362 		case NL80211_IFTYPE_ADHOC:
363 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
364 						 SET_KEY, addr,
365 						 WMI_KEY_PAIRWISE);
366 			if (ret < 0)
367 				return ret;
368 
369 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
370 						 SET_KEY, addr, WMI_KEY_GROUP);
371 			if (ret < 0)
372 				return ret;
373 			break;
374 		default:
375 			WARN_ON(1);
376 			return -EINVAL;
377 		}
378 
379 		spin_lock_bh(&ar->data_lock);
380 		peer->keys[i] = arvif->wep_keys[i];
381 		spin_unlock_bh(&ar->data_lock);
382 	}
383 
384 	/* In some cases (notably with static WEP IBSS with multiple keys)
385 	 * multicast Tx becomes broken. Both pairwise and groupwise keys are
386 	 * installed already. Using WMI_KEY_TX_USAGE in different combinations
387 	 * didn't seem help. Using def_keyid vdev parameter seems to be
388 	 * effective so use that.
389 	 *
390 	 * FIXME: Revisit. Perhaps this can be done in a less hacky way.
391 	 */
392 	if (arvif->vif->type != NL80211_IFTYPE_ADHOC)
393 		return 0;
394 
395 	if (arvif->def_wep_key_idx == -1)
396 		return 0;
397 
398 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
399 					arvif->vdev_id,
400 					arvif->ar->wmi.vdev_param->def_keyid,
401 					arvif->def_wep_key_idx);
402 	if (ret) {
403 		ath10k_warn(ar, "failed to re-set def wpa key idxon vdev %i: %d\n",
404 			    arvif->vdev_id, ret);
405 		return ret;
406 	}
407 
408 	return 0;
409 }
410 
411 static int ath10k_clear_peer_keys(struct ath10k_vif *arvif,
412 				  const u8 *addr)
413 {
414 	struct ath10k *ar = arvif->ar;
415 	struct ath10k_peer *peer;
416 	int first_errno = 0;
417 	int ret;
418 	int i;
419 	u32 flags = 0;
420 
421 	lockdep_assert_held(&ar->conf_mutex);
422 
423 	spin_lock_bh(&ar->data_lock);
424 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
425 	spin_unlock_bh(&ar->data_lock);
426 
427 	if (!peer)
428 		return -ENOENT;
429 
430 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
431 		if (peer->keys[i] == NULL)
432 			continue;
433 
434 		/* key flags are not required to delete the key */
435 		ret = ath10k_install_key(arvif, peer->keys[i],
436 					 DISABLE_KEY, addr, flags);
437 		if (ret < 0 && first_errno == 0)
438 			first_errno = ret;
439 
440 		if (ret < 0)
441 			ath10k_warn(ar, "failed to remove peer wep key %d: %d\n",
442 				    i, ret);
443 
444 		spin_lock_bh(&ar->data_lock);
445 		peer->keys[i] = NULL;
446 		spin_unlock_bh(&ar->data_lock);
447 	}
448 
449 	return first_errno;
450 }
451 
452 bool ath10k_mac_is_peer_wep_key_set(struct ath10k *ar, const u8 *addr,
453 				    u8 keyidx)
454 {
455 	struct ath10k_peer *peer;
456 	int i;
457 
458 	lockdep_assert_held(&ar->data_lock);
459 
460 	/* We don't know which vdev this peer belongs to,
461 	 * since WMI doesn't give us that information.
462 	 *
463 	 * FIXME: multi-bss needs to be handled.
464 	 */
465 	peer = ath10k_peer_find(ar, 0, addr);
466 	if (!peer)
467 		return false;
468 
469 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
470 		if (peer->keys[i] && peer->keys[i]->keyidx == keyidx)
471 			return true;
472 	}
473 
474 	return false;
475 }
476 
477 static int ath10k_clear_vdev_key(struct ath10k_vif *arvif,
478 				 struct ieee80211_key_conf *key)
479 {
480 	struct ath10k *ar = arvif->ar;
481 	struct ath10k_peer *peer;
482 	u8 addr[ETH_ALEN];
483 	int first_errno = 0;
484 	int ret;
485 	int i;
486 	u32 flags = 0;
487 
488 	lockdep_assert_held(&ar->conf_mutex);
489 
490 	for (;;) {
491 		/* since ath10k_install_key we can't hold data_lock all the
492 		 * time, so we try to remove the keys incrementally
493 		 */
494 		spin_lock_bh(&ar->data_lock);
495 		i = 0;
496 		list_for_each_entry(peer, &ar->peers, list) {
497 			for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
498 				if (peer->keys[i] == key) {
499 					ether_addr_copy(addr, peer->addr);
500 					peer->keys[i] = NULL;
501 					break;
502 				}
503 			}
504 
505 			if (i < ARRAY_SIZE(peer->keys))
506 				break;
507 		}
508 		spin_unlock_bh(&ar->data_lock);
509 
510 		if (i == ARRAY_SIZE(peer->keys))
511 			break;
512 		/* key flags are not required to delete the key */
513 		ret = ath10k_install_key(arvif, key, DISABLE_KEY, addr, flags);
514 		if (ret < 0 && first_errno == 0)
515 			first_errno = ret;
516 
517 		if (ret)
518 			ath10k_warn(ar, "failed to remove key for %pM: %d\n",
519 				    addr, ret);
520 	}
521 
522 	return first_errno;
523 }
524 
525 static int ath10k_mac_vif_update_wep_key(struct ath10k_vif *arvif,
526 					 struct ieee80211_key_conf *key)
527 {
528 	struct ath10k *ar = arvif->ar;
529 	struct ath10k_peer *peer;
530 	int ret;
531 
532 	lockdep_assert_held(&ar->conf_mutex);
533 
534 	list_for_each_entry(peer, &ar->peers, list) {
535 		if (ether_addr_equal(peer->addr, arvif->vif->addr))
536 			continue;
537 
538 		if (ether_addr_equal(peer->addr, arvif->bssid))
539 			continue;
540 
541 		if (peer->keys[key->keyidx] == key)
542 			continue;
543 
544 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vif vdev %i update key %i needs update\n",
545 			   arvif->vdev_id, key->keyidx);
546 
547 		ret = ath10k_install_peer_wep_keys(arvif, peer->addr);
548 		if (ret) {
549 			ath10k_warn(ar, "failed to update wep keys on vdev %i for peer %pM: %d\n",
550 				    arvif->vdev_id, peer->addr, ret);
551 			return ret;
552 		}
553 	}
554 
555 	return 0;
556 }
557 
558 /*********************/
559 /* General utilities */
560 /*********************/
561 
562 static inline enum wmi_phy_mode
563 chan_to_phymode(const struct cfg80211_chan_def *chandef)
564 {
565 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
566 
567 	switch (chandef->chan->band) {
568 	case NL80211_BAND_2GHZ:
569 		switch (chandef->width) {
570 		case NL80211_CHAN_WIDTH_20_NOHT:
571 			if (chandef->chan->flags & IEEE80211_CHAN_NO_OFDM)
572 				phymode = MODE_11B;
573 			else
574 				phymode = MODE_11G;
575 			break;
576 		case NL80211_CHAN_WIDTH_20:
577 			phymode = MODE_11NG_HT20;
578 			break;
579 		case NL80211_CHAN_WIDTH_40:
580 			phymode = MODE_11NG_HT40;
581 			break;
582 		default:
583 			phymode = MODE_UNKNOWN;
584 			break;
585 		}
586 		break;
587 	case NL80211_BAND_5GHZ:
588 		switch (chandef->width) {
589 		case NL80211_CHAN_WIDTH_20_NOHT:
590 			phymode = MODE_11A;
591 			break;
592 		case NL80211_CHAN_WIDTH_20:
593 			phymode = MODE_11NA_HT20;
594 			break;
595 		case NL80211_CHAN_WIDTH_40:
596 			phymode = MODE_11NA_HT40;
597 			break;
598 		case NL80211_CHAN_WIDTH_80:
599 			phymode = MODE_11AC_VHT80;
600 			break;
601 		case NL80211_CHAN_WIDTH_160:
602 			phymode = MODE_11AC_VHT160;
603 			break;
604 		case NL80211_CHAN_WIDTH_80P80:
605 			phymode = MODE_11AC_VHT80_80;
606 			break;
607 		default:
608 			phymode = MODE_UNKNOWN;
609 			break;
610 		}
611 		break;
612 	default:
613 		break;
614 	}
615 
616 	WARN_ON(phymode == MODE_UNKNOWN);
617 	return phymode;
618 }
619 
620 static u8 ath10k_parse_mpdudensity(u8 mpdudensity)
621 {
622 /*
623  * 802.11n D2.0 defined values for "Minimum MPDU Start Spacing":
624  *   0 for no restriction
625  *   1 for 1/4 us
626  *   2 for 1/2 us
627  *   3 for 1 us
628  *   4 for 2 us
629  *   5 for 4 us
630  *   6 for 8 us
631  *   7 for 16 us
632  */
633 	switch (mpdudensity) {
634 	case 0:
635 		return 0;
636 	case 1:
637 	case 2:
638 	case 3:
639 	/* Our lower layer calculations limit our precision to
640 	 * 1 microsecond
641 	 */
642 		return 1;
643 	case 4:
644 		return 2;
645 	case 5:
646 		return 4;
647 	case 6:
648 		return 8;
649 	case 7:
650 		return 16;
651 	default:
652 		return 0;
653 	}
654 }
655 
656 int ath10k_mac_vif_chan(struct ieee80211_vif *vif,
657 			struct cfg80211_chan_def *def)
658 {
659 	struct ieee80211_chanctx_conf *conf;
660 
661 	rcu_read_lock();
662 	conf = rcu_dereference(vif->chanctx_conf);
663 	if (!conf) {
664 		rcu_read_unlock();
665 		return -ENOENT;
666 	}
667 
668 	*def = conf->def;
669 	rcu_read_unlock();
670 
671 	return 0;
672 }
673 
674 static void ath10k_mac_num_chanctxs_iter(struct ieee80211_hw *hw,
675 					 struct ieee80211_chanctx_conf *conf,
676 					 void *data)
677 {
678 	int *num = data;
679 
680 	(*num)++;
681 }
682 
683 static int ath10k_mac_num_chanctxs(struct ath10k *ar)
684 {
685 	int num = 0;
686 
687 	ieee80211_iter_chan_contexts_atomic(ar->hw,
688 					    ath10k_mac_num_chanctxs_iter,
689 					    &num);
690 
691 	return num;
692 }
693 
694 static void
695 ath10k_mac_get_any_chandef_iter(struct ieee80211_hw *hw,
696 				struct ieee80211_chanctx_conf *conf,
697 				void *data)
698 {
699 	struct cfg80211_chan_def **def = data;
700 
701 	*def = &conf->def;
702 }
703 
704 static void ath10k_wait_for_peer_delete_done(struct ath10k *ar, u32 vdev_id,
705 					     const u8 *addr)
706 {
707 	unsigned long time_left;
708 	int ret;
709 
710 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
711 		ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
712 		if (ret) {
713 			ath10k_warn(ar, "failed wait for peer deleted");
714 			return;
715 		}
716 
717 		time_left = wait_for_completion_timeout(&ar->peer_delete_done,
718 							5 * HZ);
719 		if (!time_left)
720 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
721 	}
722 }
723 
724 static int ath10k_peer_create(struct ath10k *ar,
725 			      struct ieee80211_vif *vif,
726 			      struct ieee80211_sta *sta,
727 			      u32 vdev_id,
728 			      const u8 *addr,
729 			      enum wmi_peer_type peer_type)
730 {
731 	struct ath10k_vif *arvif;
732 	struct ath10k_peer *peer;
733 	int num_peers = 0;
734 	int ret;
735 
736 	lockdep_assert_held(&ar->conf_mutex);
737 
738 	num_peers = ar->num_peers;
739 
740 	/* Each vdev consumes a peer entry as well */
741 	list_for_each_entry(arvif, &ar->arvifs, list)
742 		num_peers++;
743 
744 	if (num_peers >= ar->max_num_peers)
745 		return -ENOBUFS;
746 
747 	ret = ath10k_wmi_peer_create(ar, vdev_id, addr, peer_type);
748 	if (ret) {
749 		ath10k_warn(ar, "failed to create wmi peer %pM on vdev %i: %i\n",
750 			    addr, vdev_id, ret);
751 		return ret;
752 	}
753 
754 	ret = ath10k_wait_for_peer_created(ar, vdev_id, addr);
755 	if (ret) {
756 		ath10k_warn(ar, "failed to wait for created wmi peer %pM on vdev %i: %i\n",
757 			    addr, vdev_id, ret);
758 		return ret;
759 	}
760 
761 	spin_lock_bh(&ar->data_lock);
762 
763 	peer = ath10k_peer_find(ar, vdev_id, addr);
764 	if (!peer) {
765 		spin_unlock_bh(&ar->data_lock);
766 		ath10k_warn(ar, "failed to find peer %pM on vdev %i after creation\n",
767 			    addr, vdev_id);
768 		ath10k_wait_for_peer_delete_done(ar, vdev_id, addr);
769 		return -ENOENT;
770 	}
771 
772 	peer->vif = vif;
773 	peer->sta = sta;
774 
775 	spin_unlock_bh(&ar->data_lock);
776 
777 	ar->num_peers++;
778 
779 	return 0;
780 }
781 
782 static int ath10k_mac_set_kickout(struct ath10k_vif *arvif)
783 {
784 	struct ath10k *ar = arvif->ar;
785 	u32 param;
786 	int ret;
787 
788 	param = ar->wmi.pdev_param->sta_kickout_th;
789 	ret = ath10k_wmi_pdev_set_param(ar, param,
790 					ATH10K_KICKOUT_THRESHOLD);
791 	if (ret) {
792 		ath10k_warn(ar, "failed to set kickout threshold on vdev %i: %d\n",
793 			    arvif->vdev_id, ret);
794 		return ret;
795 	}
796 
797 	param = ar->wmi.vdev_param->ap_keepalive_min_idle_inactive_time_secs;
798 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
799 					ATH10K_KEEPALIVE_MIN_IDLE);
800 	if (ret) {
801 		ath10k_warn(ar, "failed to set keepalive minimum idle time on vdev %i: %d\n",
802 			    arvif->vdev_id, ret);
803 		return ret;
804 	}
805 
806 	param = ar->wmi.vdev_param->ap_keepalive_max_idle_inactive_time_secs;
807 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
808 					ATH10K_KEEPALIVE_MAX_IDLE);
809 	if (ret) {
810 		ath10k_warn(ar, "failed to set keepalive maximum idle time on vdev %i: %d\n",
811 			    arvif->vdev_id, ret);
812 		return ret;
813 	}
814 
815 	param = ar->wmi.vdev_param->ap_keepalive_max_unresponsive_time_secs;
816 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
817 					ATH10K_KEEPALIVE_MAX_UNRESPONSIVE);
818 	if (ret) {
819 		ath10k_warn(ar, "failed to set keepalive maximum unresponsive time on vdev %i: %d\n",
820 			    arvif->vdev_id, ret);
821 		return ret;
822 	}
823 
824 	return 0;
825 }
826 
827 static int ath10k_mac_set_rts(struct ath10k_vif *arvif, u32 value)
828 {
829 	struct ath10k *ar = arvif->ar;
830 	u32 vdev_param;
831 
832 	vdev_param = ar->wmi.vdev_param->rts_threshold;
833 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, value);
834 }
835 
836 static int ath10k_peer_delete(struct ath10k *ar, u32 vdev_id, const u8 *addr)
837 {
838 	int ret;
839 
840 	lockdep_assert_held(&ar->conf_mutex);
841 
842 	ret = ath10k_wmi_peer_delete(ar, vdev_id, addr);
843 	if (ret)
844 		return ret;
845 
846 	ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
847 	if (ret)
848 		return ret;
849 
850 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
851 		unsigned long time_left;
852 
853 		time_left = wait_for_completion_timeout
854 			    (&ar->peer_delete_done, 5 * HZ);
855 
856 		if (!time_left) {
857 			ath10k_warn(ar, "Timeout in receiving peer delete response\n");
858 			return -ETIMEDOUT;
859 		}
860 	}
861 
862 	ar->num_peers--;
863 
864 	return 0;
865 }
866 
867 static void ath10k_peer_cleanup(struct ath10k *ar, u32 vdev_id)
868 {
869 	struct ath10k_peer *peer, *tmp;
870 	int peer_id;
871 	int i;
872 
873 	lockdep_assert_held(&ar->conf_mutex);
874 
875 	spin_lock_bh(&ar->data_lock);
876 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
877 		if (peer->vdev_id != vdev_id)
878 			continue;
879 
880 		ath10k_warn(ar, "removing stale peer %pM from vdev_id %d\n",
881 			    peer->addr, vdev_id);
882 
883 		for_each_set_bit(peer_id, peer->peer_ids,
884 				 ATH10K_MAX_NUM_PEER_IDS) {
885 			ar->peer_map[peer_id] = NULL;
886 		}
887 
888 		/* Double check that peer is properly un-referenced from
889 		 * the peer_map
890 		 */
891 		for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
892 			if (ar->peer_map[i] == peer) {
893 				ath10k_warn(ar, "removing stale peer_map entry for %pM (ptr %pK idx %d)\n",
894 					    peer->addr, peer, i);
895 				ar->peer_map[i] = NULL;
896 			}
897 		}
898 
899 		list_del(&peer->list);
900 		kfree(peer);
901 		ar->num_peers--;
902 	}
903 	spin_unlock_bh(&ar->data_lock);
904 }
905 
906 static void ath10k_peer_cleanup_all(struct ath10k *ar)
907 {
908 	struct ath10k_peer *peer, *tmp;
909 	int i;
910 
911 	lockdep_assert_held(&ar->conf_mutex);
912 
913 	spin_lock_bh(&ar->data_lock);
914 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
915 		list_del(&peer->list);
916 		kfree(peer);
917 	}
918 
919 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++)
920 		ar->peer_map[i] = NULL;
921 
922 	spin_unlock_bh(&ar->data_lock);
923 
924 	ar->num_peers = 0;
925 	ar->num_stations = 0;
926 }
927 
928 static int ath10k_mac_tdls_peer_update(struct ath10k *ar, u32 vdev_id,
929 				       struct ieee80211_sta *sta,
930 				       enum wmi_tdls_peer_state state)
931 {
932 	int ret;
933 	struct wmi_tdls_peer_update_cmd_arg arg = {};
934 	struct wmi_tdls_peer_capab_arg cap = {};
935 	struct wmi_channel_arg chan_arg = {};
936 
937 	lockdep_assert_held(&ar->conf_mutex);
938 
939 	arg.vdev_id = vdev_id;
940 	arg.peer_state = state;
941 	ether_addr_copy(arg.addr, sta->addr);
942 
943 	cap.peer_max_sp = sta->max_sp;
944 	cap.peer_uapsd_queues = sta->uapsd_queues;
945 
946 	if (state == WMI_TDLS_PEER_STATE_CONNECTED &&
947 	    !sta->tdls_initiator)
948 		cap.is_peer_responder = 1;
949 
950 	ret = ath10k_wmi_tdls_peer_update(ar, &arg, &cap, &chan_arg);
951 	if (ret) {
952 		ath10k_warn(ar, "failed to update tdls peer %pM on vdev %i: %i\n",
953 			    arg.addr, vdev_id, ret);
954 		return ret;
955 	}
956 
957 	return 0;
958 }
959 
960 /************************/
961 /* Interface management */
962 /************************/
963 
964 void ath10k_mac_vif_beacon_free(struct ath10k_vif *arvif)
965 {
966 	struct ath10k *ar = arvif->ar;
967 
968 	lockdep_assert_held(&ar->data_lock);
969 
970 	if (!arvif->beacon)
971 		return;
972 
973 	if (!arvif->beacon_buf)
974 		dma_unmap_single(ar->dev, ATH10K_SKB_CB(arvif->beacon)->paddr,
975 				 arvif->beacon->len, DMA_TO_DEVICE);
976 
977 	if (WARN_ON(arvif->beacon_state != ATH10K_BEACON_SCHEDULED &&
978 		    arvif->beacon_state != ATH10K_BEACON_SENT))
979 		return;
980 
981 	dev_kfree_skb_any(arvif->beacon);
982 
983 	arvif->beacon = NULL;
984 	arvif->beacon_state = ATH10K_BEACON_SCHEDULED;
985 }
986 
987 static void ath10k_mac_vif_beacon_cleanup(struct ath10k_vif *arvif)
988 {
989 	struct ath10k *ar = arvif->ar;
990 
991 	lockdep_assert_held(&ar->data_lock);
992 
993 	ath10k_mac_vif_beacon_free(arvif);
994 
995 	if (arvif->beacon_buf) {
996 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
997 			kfree(arvif->beacon_buf);
998 		else
999 			dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
1000 					  arvif->beacon_buf,
1001 					  arvif->beacon_paddr);
1002 		arvif->beacon_buf = NULL;
1003 	}
1004 }
1005 
1006 static inline int ath10k_vdev_setup_sync(struct ath10k *ar)
1007 {
1008 	unsigned long time_left;
1009 
1010 	lockdep_assert_held(&ar->conf_mutex);
1011 
1012 	if (test_bit(ATH10K_FLAG_CRASH_FLUSH, &ar->dev_flags))
1013 		return -ESHUTDOWN;
1014 
1015 	time_left = wait_for_completion_timeout(&ar->vdev_setup_done,
1016 						ATH10K_VDEV_SETUP_TIMEOUT_HZ);
1017 	if (time_left == 0)
1018 		return -ETIMEDOUT;
1019 
1020 	return ar->last_wmi_vdev_start_status;
1021 }
1022 
1023 static int ath10k_monitor_vdev_start(struct ath10k *ar, int vdev_id)
1024 {
1025 	struct cfg80211_chan_def *chandef = NULL;
1026 	struct ieee80211_channel *channel = NULL;
1027 	struct wmi_vdev_start_request_arg arg = {};
1028 	int ret = 0;
1029 
1030 	lockdep_assert_held(&ar->conf_mutex);
1031 
1032 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1033 					    ath10k_mac_get_any_chandef_iter,
1034 					    &chandef);
1035 	if (WARN_ON_ONCE(!chandef))
1036 		return -ENOENT;
1037 
1038 	channel = chandef->chan;
1039 
1040 	arg.vdev_id = vdev_id;
1041 	arg.channel.freq = channel->center_freq;
1042 	arg.channel.band_center_freq1 = chandef->center_freq1;
1043 	arg.channel.band_center_freq2 = chandef->center_freq2;
1044 
1045 	/* TODO setup this dynamically, what in case we
1046 	 * don't have any vifs?
1047 	 */
1048 	arg.channel.mode = chan_to_phymode(chandef);
1049 	arg.channel.chan_radar =
1050 			!!(channel->flags & IEEE80211_CHAN_RADAR);
1051 
1052 	arg.channel.min_power = 0;
1053 	arg.channel.max_power = channel->max_power * 2;
1054 	arg.channel.max_reg_power = channel->max_reg_power * 2;
1055 	arg.channel.max_antenna_gain = channel->max_antenna_gain;
1056 
1057 	reinit_completion(&ar->vdev_setup_done);
1058 	reinit_completion(&ar->vdev_delete_done);
1059 
1060 	ret = ath10k_wmi_vdev_start(ar, &arg);
1061 	if (ret) {
1062 		ath10k_warn(ar, "failed to request monitor vdev %i start: %d\n",
1063 			    vdev_id, ret);
1064 		return ret;
1065 	}
1066 
1067 	ret = ath10k_vdev_setup_sync(ar);
1068 	if (ret) {
1069 		ath10k_warn(ar, "failed to synchronize setup for monitor vdev %i start: %d\n",
1070 			    vdev_id, ret);
1071 		return ret;
1072 	}
1073 
1074 	ret = ath10k_wmi_vdev_up(ar, vdev_id, 0, ar->mac_addr);
1075 	if (ret) {
1076 		ath10k_warn(ar, "failed to put up monitor vdev %i: %d\n",
1077 			    vdev_id, ret);
1078 		goto vdev_stop;
1079 	}
1080 
1081 	ar->monitor_vdev_id = vdev_id;
1082 
1083 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i started\n",
1084 		   ar->monitor_vdev_id);
1085 	return 0;
1086 
1087 vdev_stop:
1088 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1089 	if (ret)
1090 		ath10k_warn(ar, "failed to stop monitor vdev %i after start failure: %d\n",
1091 			    ar->monitor_vdev_id, ret);
1092 
1093 	return ret;
1094 }
1095 
1096 static int ath10k_monitor_vdev_stop(struct ath10k *ar)
1097 {
1098 	int ret = 0;
1099 
1100 	lockdep_assert_held(&ar->conf_mutex);
1101 
1102 	ret = ath10k_wmi_vdev_down(ar, ar->monitor_vdev_id);
1103 	if (ret)
1104 		ath10k_warn(ar, "failed to put down monitor vdev %i: %d\n",
1105 			    ar->monitor_vdev_id, ret);
1106 
1107 	reinit_completion(&ar->vdev_setup_done);
1108 	reinit_completion(&ar->vdev_delete_done);
1109 
1110 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
1111 	if (ret)
1112 		ath10k_warn(ar, "failed to request monitor vdev %i stop: %d\n",
1113 			    ar->monitor_vdev_id, ret);
1114 
1115 	ret = ath10k_vdev_setup_sync(ar);
1116 	if (ret)
1117 		ath10k_warn(ar, "failed to synchronize monitor vdev %i stop: %d\n",
1118 			    ar->monitor_vdev_id, ret);
1119 
1120 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i stopped\n",
1121 		   ar->monitor_vdev_id);
1122 	return ret;
1123 }
1124 
1125 static int ath10k_monitor_vdev_create(struct ath10k *ar)
1126 {
1127 	int bit, ret = 0;
1128 
1129 	lockdep_assert_held(&ar->conf_mutex);
1130 
1131 	if (ar->free_vdev_map == 0) {
1132 		ath10k_warn(ar, "failed to find free vdev id for monitor vdev\n");
1133 		return -ENOMEM;
1134 	}
1135 
1136 	bit = __ffs64(ar->free_vdev_map);
1137 
1138 	ar->monitor_vdev_id = bit;
1139 
1140 	ret = ath10k_wmi_vdev_create(ar, ar->monitor_vdev_id,
1141 				     WMI_VDEV_TYPE_MONITOR,
1142 				     0, ar->mac_addr);
1143 	if (ret) {
1144 		ath10k_warn(ar, "failed to request monitor vdev %i creation: %d\n",
1145 			    ar->monitor_vdev_id, ret);
1146 		return ret;
1147 	}
1148 
1149 	ar->free_vdev_map &= ~(1LL << ar->monitor_vdev_id);
1150 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d created\n",
1151 		   ar->monitor_vdev_id);
1152 
1153 	return 0;
1154 }
1155 
1156 static int ath10k_monitor_vdev_delete(struct ath10k *ar)
1157 {
1158 	int ret = 0;
1159 
1160 	lockdep_assert_held(&ar->conf_mutex);
1161 
1162 	ret = ath10k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
1163 	if (ret) {
1164 		ath10k_warn(ar, "failed to request wmi monitor vdev %i removal: %d\n",
1165 			    ar->monitor_vdev_id, ret);
1166 		return ret;
1167 	}
1168 
1169 	ar->free_vdev_map |= 1LL << ar->monitor_vdev_id;
1170 
1171 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d deleted\n",
1172 		   ar->monitor_vdev_id);
1173 	return ret;
1174 }
1175 
1176 static int ath10k_monitor_start(struct ath10k *ar)
1177 {
1178 	int ret;
1179 
1180 	lockdep_assert_held(&ar->conf_mutex);
1181 
1182 	ret = ath10k_monitor_vdev_create(ar);
1183 	if (ret) {
1184 		ath10k_warn(ar, "failed to create monitor vdev: %d\n", ret);
1185 		return ret;
1186 	}
1187 
1188 	ret = ath10k_monitor_vdev_start(ar, ar->monitor_vdev_id);
1189 	if (ret) {
1190 		ath10k_warn(ar, "failed to start monitor vdev: %d\n", ret);
1191 		ath10k_monitor_vdev_delete(ar);
1192 		return ret;
1193 	}
1194 
1195 	ar->monitor_started = true;
1196 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor started\n");
1197 
1198 	return 0;
1199 }
1200 
1201 static int ath10k_monitor_stop(struct ath10k *ar)
1202 {
1203 	int ret;
1204 
1205 	lockdep_assert_held(&ar->conf_mutex);
1206 
1207 	ret = ath10k_monitor_vdev_stop(ar);
1208 	if (ret) {
1209 		ath10k_warn(ar, "failed to stop monitor vdev: %d\n", ret);
1210 		return ret;
1211 	}
1212 
1213 	ret = ath10k_monitor_vdev_delete(ar);
1214 	if (ret) {
1215 		ath10k_warn(ar, "failed to delete monitor vdev: %d\n", ret);
1216 		return ret;
1217 	}
1218 
1219 	ar->monitor_started = false;
1220 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopped\n");
1221 
1222 	return 0;
1223 }
1224 
1225 static bool ath10k_mac_monitor_vdev_is_needed(struct ath10k *ar)
1226 {
1227 	int num_ctx;
1228 
1229 	/* At least one chanctx is required to derive a channel to start
1230 	 * monitor vdev on.
1231 	 */
1232 	num_ctx = ath10k_mac_num_chanctxs(ar);
1233 	if (num_ctx == 0)
1234 		return false;
1235 
1236 	/* If there's already an existing special monitor interface then don't
1237 	 * bother creating another monitor vdev.
1238 	 */
1239 	if (ar->monitor_arvif)
1240 		return false;
1241 
1242 	return ar->monitor ||
1243 	       (!test_bit(ATH10K_FW_FEATURE_ALLOWS_MESH_BCAST,
1244 			  ar->running_fw->fw_file.fw_features) &&
1245 		(ar->filter_flags & FIF_OTHER_BSS)) ||
1246 	       test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1247 }
1248 
1249 static bool ath10k_mac_monitor_vdev_is_allowed(struct ath10k *ar)
1250 {
1251 	int num_ctx;
1252 
1253 	num_ctx = ath10k_mac_num_chanctxs(ar);
1254 
1255 	/* FIXME: Current interface combinations and cfg80211/mac80211 code
1256 	 * shouldn't allow this but make sure to prevent handling the following
1257 	 * case anyway since multi-channel DFS hasn't been tested at all.
1258 	 */
1259 	if (test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags) && num_ctx > 1)
1260 		return false;
1261 
1262 	return true;
1263 }
1264 
1265 static int ath10k_monitor_recalc(struct ath10k *ar)
1266 {
1267 	bool needed;
1268 	bool allowed;
1269 	int ret;
1270 
1271 	lockdep_assert_held(&ar->conf_mutex);
1272 
1273 	needed = ath10k_mac_monitor_vdev_is_needed(ar);
1274 	allowed = ath10k_mac_monitor_vdev_is_allowed(ar);
1275 
1276 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1277 		   "mac monitor recalc started? %d needed? %d allowed? %d\n",
1278 		   ar->monitor_started, needed, allowed);
1279 
1280 	if (WARN_ON(needed && !allowed)) {
1281 		if (ar->monitor_started) {
1282 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopping disallowed monitor\n");
1283 
1284 			ret = ath10k_monitor_stop(ar);
1285 			if (ret)
1286 				ath10k_warn(ar, "failed to stop disallowed monitor: %d\n",
1287 					    ret);
1288 				/* not serious */
1289 		}
1290 
1291 		return -EPERM;
1292 	}
1293 
1294 	if (needed == ar->monitor_started)
1295 		return 0;
1296 
1297 	if (needed)
1298 		return ath10k_monitor_start(ar);
1299 	else
1300 		return ath10k_monitor_stop(ar);
1301 }
1302 
1303 static bool ath10k_mac_can_set_cts_prot(struct ath10k_vif *arvif)
1304 {
1305 	struct ath10k *ar = arvif->ar;
1306 
1307 	lockdep_assert_held(&ar->conf_mutex);
1308 
1309 	if (!arvif->is_started) {
1310 		ath10k_dbg(ar, ATH10K_DBG_MAC, "defer cts setup, vdev is not ready yet\n");
1311 		return false;
1312 	}
1313 
1314 	return true;
1315 }
1316 
1317 static int ath10k_mac_set_cts_prot(struct ath10k_vif *arvif)
1318 {
1319 	struct ath10k *ar = arvif->ar;
1320 	u32 vdev_param;
1321 
1322 	lockdep_assert_held(&ar->conf_mutex);
1323 
1324 	vdev_param = ar->wmi.vdev_param->protection_mode;
1325 
1326 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d cts_protection %d\n",
1327 		   arvif->vdev_id, arvif->use_cts_prot);
1328 
1329 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1330 					 arvif->use_cts_prot ? 1 : 0);
1331 }
1332 
1333 static int ath10k_recalc_rtscts_prot(struct ath10k_vif *arvif)
1334 {
1335 	struct ath10k *ar = arvif->ar;
1336 	u32 vdev_param, rts_cts = 0;
1337 
1338 	lockdep_assert_held(&ar->conf_mutex);
1339 
1340 	vdev_param = ar->wmi.vdev_param->enable_rtscts;
1341 
1342 	rts_cts |= SM(WMI_RTSCTS_ENABLED, WMI_RTSCTS_SET);
1343 
1344 	if (arvif->num_legacy_stations > 0)
1345 		rts_cts |= SM(WMI_RTSCTS_ACROSS_SW_RETRIES,
1346 			      WMI_RTSCTS_PROFILE);
1347 	else
1348 		rts_cts |= SM(WMI_RTSCTS_FOR_SECOND_RATESERIES,
1349 			      WMI_RTSCTS_PROFILE);
1350 
1351 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d recalc rts/cts prot %d\n",
1352 		   arvif->vdev_id, rts_cts);
1353 
1354 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1355 					 rts_cts);
1356 }
1357 
1358 static int ath10k_start_cac(struct ath10k *ar)
1359 {
1360 	int ret;
1361 
1362 	lockdep_assert_held(&ar->conf_mutex);
1363 
1364 	set_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1365 
1366 	ret = ath10k_monitor_recalc(ar);
1367 	if (ret) {
1368 		ath10k_warn(ar, "failed to start monitor (cac): %d\n", ret);
1369 		clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1370 		return ret;
1371 	}
1372 
1373 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac start monitor vdev %d\n",
1374 		   ar->monitor_vdev_id);
1375 
1376 	return 0;
1377 }
1378 
1379 static int ath10k_stop_cac(struct ath10k *ar)
1380 {
1381 	lockdep_assert_held(&ar->conf_mutex);
1382 
1383 	/* CAC is not running - do nothing */
1384 	if (!test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags))
1385 		return 0;
1386 
1387 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1388 	ath10k_monitor_stop(ar);
1389 
1390 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac finished\n");
1391 
1392 	return 0;
1393 }
1394 
1395 static void ath10k_mac_has_radar_iter(struct ieee80211_hw *hw,
1396 				      struct ieee80211_chanctx_conf *conf,
1397 				      void *data)
1398 {
1399 	bool *ret = data;
1400 
1401 	if (!*ret && conf->radar_enabled)
1402 		*ret = true;
1403 }
1404 
1405 static bool ath10k_mac_has_radar_enabled(struct ath10k *ar)
1406 {
1407 	bool has_radar = false;
1408 
1409 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1410 					    ath10k_mac_has_radar_iter,
1411 					    &has_radar);
1412 
1413 	return has_radar;
1414 }
1415 
1416 static void ath10k_recalc_radar_detection(struct ath10k *ar)
1417 {
1418 	int ret;
1419 
1420 	lockdep_assert_held(&ar->conf_mutex);
1421 
1422 	ath10k_stop_cac(ar);
1423 
1424 	if (!ath10k_mac_has_radar_enabled(ar))
1425 		return;
1426 
1427 	if (ar->num_started_vdevs > 0)
1428 		return;
1429 
1430 	ret = ath10k_start_cac(ar);
1431 	if (ret) {
1432 		/*
1433 		 * Not possible to start CAC on current channel so starting
1434 		 * radiation is not allowed, make this channel DFS_UNAVAILABLE
1435 		 * by indicating that radar was detected.
1436 		 */
1437 		ath10k_warn(ar, "failed to start CAC: %d\n", ret);
1438 		ieee80211_radar_detected(ar->hw);
1439 	}
1440 }
1441 
1442 static int ath10k_vdev_stop(struct ath10k_vif *arvif)
1443 {
1444 	struct ath10k *ar = arvif->ar;
1445 	int ret;
1446 
1447 	lockdep_assert_held(&ar->conf_mutex);
1448 
1449 	reinit_completion(&ar->vdev_setup_done);
1450 	reinit_completion(&ar->vdev_delete_done);
1451 
1452 	ret = ath10k_wmi_vdev_stop(ar, arvif->vdev_id);
1453 	if (ret) {
1454 		ath10k_warn(ar, "failed to stop WMI vdev %i: %d\n",
1455 			    arvif->vdev_id, ret);
1456 		return ret;
1457 	}
1458 
1459 	ret = ath10k_vdev_setup_sync(ar);
1460 	if (ret) {
1461 		ath10k_warn(ar, "failed to synchronize setup for vdev %i: %d\n",
1462 			    arvif->vdev_id, ret);
1463 		return ret;
1464 	}
1465 
1466 	WARN_ON(ar->num_started_vdevs == 0);
1467 
1468 	if (ar->num_started_vdevs != 0) {
1469 		ar->num_started_vdevs--;
1470 		ath10k_recalc_radar_detection(ar);
1471 	}
1472 
1473 	return ret;
1474 }
1475 
1476 static int ath10k_vdev_start_restart(struct ath10k_vif *arvif,
1477 				     const struct cfg80211_chan_def *chandef,
1478 				     bool restart)
1479 {
1480 	struct ath10k *ar = arvif->ar;
1481 	struct wmi_vdev_start_request_arg arg = {};
1482 	int ret = 0;
1483 
1484 	lockdep_assert_held(&ar->conf_mutex);
1485 
1486 	reinit_completion(&ar->vdev_setup_done);
1487 	reinit_completion(&ar->vdev_delete_done);
1488 
1489 	arg.vdev_id = arvif->vdev_id;
1490 	arg.dtim_period = arvif->dtim_period;
1491 	arg.bcn_intval = arvif->beacon_interval;
1492 
1493 	arg.channel.freq = chandef->chan->center_freq;
1494 	arg.channel.band_center_freq1 = chandef->center_freq1;
1495 	arg.channel.band_center_freq2 = chandef->center_freq2;
1496 	arg.channel.mode = chan_to_phymode(chandef);
1497 
1498 	arg.channel.min_power = 0;
1499 	arg.channel.max_power = chandef->chan->max_power * 2;
1500 	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
1501 	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain;
1502 
1503 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
1504 		arg.ssid = arvif->u.ap.ssid;
1505 		arg.ssid_len = arvif->u.ap.ssid_len;
1506 		arg.hidden_ssid = arvif->u.ap.hidden_ssid;
1507 
1508 		/* For now allow DFS for AP mode */
1509 		arg.channel.chan_radar =
1510 			!!(chandef->chan->flags & IEEE80211_CHAN_RADAR);
1511 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
1512 		arg.ssid = arvif->vif->bss_conf.ssid;
1513 		arg.ssid_len = arvif->vif->bss_conf.ssid_len;
1514 	}
1515 
1516 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1517 		   "mac vdev %d start center_freq %d phymode %s\n",
1518 		   arg.vdev_id, arg.channel.freq,
1519 		   ath10k_wmi_phymode_str(arg.channel.mode));
1520 
1521 	if (restart)
1522 		ret = ath10k_wmi_vdev_restart(ar, &arg);
1523 	else
1524 		ret = ath10k_wmi_vdev_start(ar, &arg);
1525 
1526 	if (ret) {
1527 		ath10k_warn(ar, "failed to start WMI vdev %i: %d\n",
1528 			    arg.vdev_id, ret);
1529 		return ret;
1530 	}
1531 
1532 	ret = ath10k_vdev_setup_sync(ar);
1533 	if (ret) {
1534 		ath10k_warn(ar,
1535 			    "failed to synchronize setup for vdev %i restart %d: %d\n",
1536 			    arg.vdev_id, restart, ret);
1537 		return ret;
1538 	}
1539 
1540 	ar->num_started_vdevs++;
1541 	ath10k_recalc_radar_detection(ar);
1542 
1543 	return ret;
1544 }
1545 
1546 static int ath10k_vdev_start(struct ath10k_vif *arvif,
1547 			     const struct cfg80211_chan_def *def)
1548 {
1549 	return ath10k_vdev_start_restart(arvif, def, false);
1550 }
1551 
1552 static int ath10k_vdev_restart(struct ath10k_vif *arvif,
1553 			       const struct cfg80211_chan_def *def)
1554 {
1555 	return ath10k_vdev_start_restart(arvif, def, true);
1556 }
1557 
1558 static int ath10k_mac_setup_bcn_p2p_ie(struct ath10k_vif *arvif,
1559 				       struct sk_buff *bcn)
1560 {
1561 	struct ath10k *ar = arvif->ar;
1562 	struct ieee80211_mgmt *mgmt;
1563 	const u8 *p2p_ie;
1564 	int ret;
1565 
1566 	if (arvif->vif->type != NL80211_IFTYPE_AP || !arvif->vif->p2p)
1567 		return 0;
1568 
1569 	mgmt = (void *)bcn->data;
1570 	p2p_ie = cfg80211_find_vendor_ie(WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1571 					 mgmt->u.beacon.variable,
1572 					 bcn->len - (mgmt->u.beacon.variable -
1573 						     bcn->data));
1574 	if (!p2p_ie)
1575 		return -ENOENT;
1576 
1577 	ret = ath10k_wmi_p2p_go_bcn_ie(ar, arvif->vdev_id, p2p_ie);
1578 	if (ret) {
1579 		ath10k_warn(ar, "failed to submit p2p go bcn ie for vdev %i: %d\n",
1580 			    arvif->vdev_id, ret);
1581 		return ret;
1582 	}
1583 
1584 	return 0;
1585 }
1586 
1587 static int ath10k_mac_remove_vendor_ie(struct sk_buff *skb, unsigned int oui,
1588 				       u8 oui_type, size_t ie_offset)
1589 {
1590 	size_t len;
1591 	const u8 *next;
1592 	const u8 *end;
1593 	u8 *ie;
1594 
1595 	if (WARN_ON(skb->len < ie_offset))
1596 		return -EINVAL;
1597 
1598 	ie = (u8 *)cfg80211_find_vendor_ie(oui, oui_type,
1599 					   skb->data + ie_offset,
1600 					   skb->len - ie_offset);
1601 	if (!ie)
1602 		return -ENOENT;
1603 
1604 	len = ie[1] + 2;
1605 	end = skb->data + skb->len;
1606 	next = ie + len;
1607 
1608 	if (WARN_ON(next > end))
1609 		return -EINVAL;
1610 
1611 	memmove(ie, next, end - next);
1612 	skb_trim(skb, skb->len - len);
1613 
1614 	return 0;
1615 }
1616 
1617 static int ath10k_mac_setup_bcn_tmpl(struct ath10k_vif *arvif)
1618 {
1619 	struct ath10k *ar = arvif->ar;
1620 	struct ieee80211_hw *hw = ar->hw;
1621 	struct ieee80211_vif *vif = arvif->vif;
1622 	struct ieee80211_mutable_offsets offs = {};
1623 	struct sk_buff *bcn;
1624 	int ret;
1625 
1626 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1627 		return 0;
1628 
1629 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
1630 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
1631 		return 0;
1632 
1633 	bcn = ieee80211_beacon_get_template(hw, vif, &offs);
1634 	if (!bcn) {
1635 		ath10k_warn(ar, "failed to get beacon template from mac80211\n");
1636 		return -EPERM;
1637 	}
1638 
1639 	ret = ath10k_mac_setup_bcn_p2p_ie(arvif, bcn);
1640 	if (ret) {
1641 		ath10k_warn(ar, "failed to setup p2p go bcn ie: %d\n", ret);
1642 		kfree_skb(bcn);
1643 		return ret;
1644 	}
1645 
1646 	/* P2P IE is inserted by firmware automatically (as configured above)
1647 	 * so remove it from the base beacon template to avoid duplicate P2P
1648 	 * IEs in beacon frames.
1649 	 */
1650 	ath10k_mac_remove_vendor_ie(bcn, WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1651 				    offsetof(struct ieee80211_mgmt,
1652 					     u.beacon.variable));
1653 
1654 	ret = ath10k_wmi_bcn_tmpl(ar, arvif->vdev_id, offs.tim_offset, bcn, 0,
1655 				  0, NULL, 0);
1656 	kfree_skb(bcn);
1657 
1658 	if (ret) {
1659 		ath10k_warn(ar, "failed to submit beacon template command: %d\n",
1660 			    ret);
1661 		return ret;
1662 	}
1663 
1664 	return 0;
1665 }
1666 
1667 static int ath10k_mac_setup_prb_tmpl(struct ath10k_vif *arvif)
1668 {
1669 	struct ath10k *ar = arvif->ar;
1670 	struct ieee80211_hw *hw = ar->hw;
1671 	struct ieee80211_vif *vif = arvif->vif;
1672 	struct sk_buff *prb;
1673 	int ret;
1674 
1675 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1676 		return 0;
1677 
1678 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1679 		return 0;
1680 
1681 	 /* For mesh, probe response and beacon share the same template */
1682 	if (ieee80211_vif_is_mesh(vif))
1683 		return 0;
1684 
1685 	prb = ieee80211_proberesp_get(hw, vif);
1686 	if (!prb) {
1687 		ath10k_warn(ar, "failed to get probe resp template from mac80211\n");
1688 		return -EPERM;
1689 	}
1690 
1691 	ret = ath10k_wmi_prb_tmpl(ar, arvif->vdev_id, prb);
1692 	kfree_skb(prb);
1693 
1694 	if (ret) {
1695 		ath10k_warn(ar, "failed to submit probe resp template command: %d\n",
1696 			    ret);
1697 		return ret;
1698 	}
1699 
1700 	return 0;
1701 }
1702 
1703 static int ath10k_mac_vif_fix_hidden_ssid(struct ath10k_vif *arvif)
1704 {
1705 	struct ath10k *ar = arvif->ar;
1706 	struct cfg80211_chan_def def;
1707 	int ret;
1708 
1709 	/* When originally vdev is started during assign_vif_chanctx() some
1710 	 * information is missing, notably SSID. Firmware revisions with beacon
1711 	 * offloading require the SSID to be provided during vdev (re)start to
1712 	 * handle hidden SSID properly.
1713 	 *
1714 	 * Vdev restart must be done after vdev has been both started and
1715 	 * upped. Otherwise some firmware revisions (at least 10.2) fail to
1716 	 * deliver vdev restart response event causing timeouts during vdev
1717 	 * syncing in ath10k.
1718 	 *
1719 	 * Note: The vdev down/up and template reinstallation could be skipped
1720 	 * since only wmi-tlv firmware are known to have beacon offload and
1721 	 * wmi-tlv doesn't seem to misbehave like 10.2 wrt vdev restart
1722 	 * response delivery. It's probably more robust to keep it as is.
1723 	 */
1724 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1725 		return 0;
1726 
1727 	if (WARN_ON(!arvif->is_started))
1728 		return -EINVAL;
1729 
1730 	if (WARN_ON(!arvif->is_up))
1731 		return -EINVAL;
1732 
1733 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
1734 		return -EINVAL;
1735 
1736 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1737 	if (ret) {
1738 		ath10k_warn(ar, "failed to bring down ap vdev %i: %d\n",
1739 			    arvif->vdev_id, ret);
1740 		return ret;
1741 	}
1742 
1743 	/* Vdev down reset beacon & presp templates. Reinstall them. Otherwise
1744 	 * firmware will crash upon vdev up.
1745 	 */
1746 
1747 	ret = ath10k_mac_setup_bcn_tmpl(arvif);
1748 	if (ret) {
1749 		ath10k_warn(ar, "failed to update beacon template: %d\n", ret);
1750 		return ret;
1751 	}
1752 
1753 	ret = ath10k_mac_setup_prb_tmpl(arvif);
1754 	if (ret) {
1755 		ath10k_warn(ar, "failed to update presp template: %d\n", ret);
1756 		return ret;
1757 	}
1758 
1759 	ret = ath10k_vdev_restart(arvif, &def);
1760 	if (ret) {
1761 		ath10k_warn(ar, "failed to restart ap vdev %i: %d\n",
1762 			    arvif->vdev_id, ret);
1763 		return ret;
1764 	}
1765 
1766 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1767 				 arvif->bssid);
1768 	if (ret) {
1769 		ath10k_warn(ar, "failed to bring up ap vdev %i: %d\n",
1770 			    arvif->vdev_id, ret);
1771 		return ret;
1772 	}
1773 
1774 	return 0;
1775 }
1776 
1777 static void ath10k_control_beaconing(struct ath10k_vif *arvif,
1778 				     struct ieee80211_bss_conf *info)
1779 {
1780 	struct ath10k *ar = arvif->ar;
1781 	int ret = 0;
1782 
1783 	lockdep_assert_held(&arvif->ar->conf_mutex);
1784 
1785 	if (!info->enable_beacon) {
1786 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1787 		if (ret)
1788 			ath10k_warn(ar, "failed to down vdev_id %i: %d\n",
1789 				    arvif->vdev_id, ret);
1790 
1791 		arvif->is_up = false;
1792 
1793 		spin_lock_bh(&arvif->ar->data_lock);
1794 		ath10k_mac_vif_beacon_free(arvif);
1795 		spin_unlock_bh(&arvif->ar->data_lock);
1796 
1797 		return;
1798 	}
1799 
1800 	arvif->tx_seq_no = 0x1000;
1801 
1802 	arvif->aid = 0;
1803 	ether_addr_copy(arvif->bssid, info->bssid);
1804 
1805 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1806 				 arvif->bssid);
1807 	if (ret) {
1808 		ath10k_warn(ar, "failed to bring up vdev %d: %i\n",
1809 			    arvif->vdev_id, ret);
1810 		return;
1811 	}
1812 
1813 	arvif->is_up = true;
1814 
1815 	ret = ath10k_mac_vif_fix_hidden_ssid(arvif);
1816 	if (ret) {
1817 		ath10k_warn(ar, "failed to fix hidden ssid for vdev %i, expect trouble: %d\n",
1818 			    arvif->vdev_id, ret);
1819 		return;
1820 	}
1821 
1822 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d up\n", arvif->vdev_id);
1823 }
1824 
1825 static void ath10k_control_ibss(struct ath10k_vif *arvif,
1826 				struct ieee80211_bss_conf *info,
1827 				const u8 self_peer[ETH_ALEN])
1828 {
1829 	struct ath10k *ar = arvif->ar;
1830 	u32 vdev_param;
1831 	int ret = 0;
1832 
1833 	lockdep_assert_held(&arvif->ar->conf_mutex);
1834 
1835 	if (!info->ibss_joined) {
1836 		if (is_zero_ether_addr(arvif->bssid))
1837 			return;
1838 
1839 		eth_zero_addr(arvif->bssid);
1840 
1841 		return;
1842 	}
1843 
1844 	vdev_param = arvif->ar->wmi.vdev_param->atim_window;
1845 	ret = ath10k_wmi_vdev_set_param(arvif->ar, arvif->vdev_id, vdev_param,
1846 					ATH10K_DEFAULT_ATIM);
1847 	if (ret)
1848 		ath10k_warn(ar, "failed to set IBSS ATIM for vdev %d: %d\n",
1849 			    arvif->vdev_id, ret);
1850 }
1851 
1852 static int ath10k_mac_vif_recalc_ps_wake_threshold(struct ath10k_vif *arvif)
1853 {
1854 	struct ath10k *ar = arvif->ar;
1855 	u32 param;
1856 	u32 value;
1857 	int ret;
1858 
1859 	lockdep_assert_held(&arvif->ar->conf_mutex);
1860 
1861 	if (arvif->u.sta.uapsd)
1862 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_NEVER;
1863 	else
1864 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_ALWAYS;
1865 
1866 	param = WMI_STA_PS_PARAM_TX_WAKE_THRESHOLD;
1867 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param, value);
1868 	if (ret) {
1869 		ath10k_warn(ar, "failed to submit ps wake threshold %u on vdev %i: %d\n",
1870 			    value, arvif->vdev_id, ret);
1871 		return ret;
1872 	}
1873 
1874 	return 0;
1875 }
1876 
1877 static int ath10k_mac_vif_recalc_ps_poll_count(struct ath10k_vif *arvif)
1878 {
1879 	struct ath10k *ar = arvif->ar;
1880 	u32 param;
1881 	u32 value;
1882 	int ret;
1883 
1884 	lockdep_assert_held(&arvif->ar->conf_mutex);
1885 
1886 	if (arvif->u.sta.uapsd)
1887 		value = WMI_STA_PS_PSPOLL_COUNT_UAPSD;
1888 	else
1889 		value = WMI_STA_PS_PSPOLL_COUNT_NO_MAX;
1890 
1891 	param = WMI_STA_PS_PARAM_PSPOLL_COUNT;
1892 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
1893 					  param, value);
1894 	if (ret) {
1895 		ath10k_warn(ar, "failed to submit ps poll count %u on vdev %i: %d\n",
1896 			    value, arvif->vdev_id, ret);
1897 		return ret;
1898 	}
1899 
1900 	return 0;
1901 }
1902 
1903 static int ath10k_mac_num_vifs_started(struct ath10k *ar)
1904 {
1905 	struct ath10k_vif *arvif;
1906 	int num = 0;
1907 
1908 	lockdep_assert_held(&ar->conf_mutex);
1909 
1910 	list_for_each_entry(arvif, &ar->arvifs, list)
1911 		if (arvif->is_started)
1912 			num++;
1913 
1914 	return num;
1915 }
1916 
1917 static int ath10k_mac_vif_setup_ps(struct ath10k_vif *arvif)
1918 {
1919 	struct ath10k *ar = arvif->ar;
1920 	struct ieee80211_vif *vif = arvif->vif;
1921 	struct ieee80211_conf *conf = &ar->hw->conf;
1922 	enum wmi_sta_powersave_param param;
1923 	enum wmi_sta_ps_mode psmode;
1924 	int ret;
1925 	int ps_timeout;
1926 	bool enable_ps;
1927 
1928 	lockdep_assert_held(&arvif->ar->conf_mutex);
1929 
1930 	if (arvif->vif->type != NL80211_IFTYPE_STATION)
1931 		return 0;
1932 
1933 	enable_ps = arvif->ps;
1934 
1935 	if (enable_ps && ath10k_mac_num_vifs_started(ar) > 1 &&
1936 	    !test_bit(ATH10K_FW_FEATURE_MULTI_VIF_PS_SUPPORT,
1937 		      ar->running_fw->fw_file.fw_features)) {
1938 		ath10k_warn(ar, "refusing to enable ps on vdev %i: not supported by fw\n",
1939 			    arvif->vdev_id);
1940 		enable_ps = false;
1941 	}
1942 
1943 	if (!arvif->is_started) {
1944 		/* mac80211 can update vif powersave state while disconnected.
1945 		 * Firmware doesn't behave nicely and consumes more power than
1946 		 * necessary if PS is disabled on a non-started vdev. Hence
1947 		 * force-enable PS for non-running vdevs.
1948 		 */
1949 		psmode = WMI_STA_PS_MODE_ENABLED;
1950 	} else if (enable_ps) {
1951 		psmode = WMI_STA_PS_MODE_ENABLED;
1952 		param = WMI_STA_PS_PARAM_INACTIVITY_TIME;
1953 
1954 		ps_timeout = conf->dynamic_ps_timeout;
1955 		if (ps_timeout == 0) {
1956 			/* Firmware doesn't like 0 */
1957 			ps_timeout = ieee80211_tu_to_usec(
1958 				vif->bss_conf.beacon_int) / 1000;
1959 		}
1960 
1961 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param,
1962 						  ps_timeout);
1963 		if (ret) {
1964 			ath10k_warn(ar, "failed to set inactivity time for vdev %d: %i\n",
1965 				    arvif->vdev_id, ret);
1966 			return ret;
1967 		}
1968 	} else {
1969 		psmode = WMI_STA_PS_MODE_DISABLED;
1970 	}
1971 
1972 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d psmode %s\n",
1973 		   arvif->vdev_id, psmode ? "enable" : "disable");
1974 
1975 	ret = ath10k_wmi_set_psmode(ar, arvif->vdev_id, psmode);
1976 	if (ret) {
1977 		ath10k_warn(ar, "failed to set PS Mode %d for vdev %d: %d\n",
1978 			    psmode, arvif->vdev_id, ret);
1979 		return ret;
1980 	}
1981 
1982 	return 0;
1983 }
1984 
1985 static int ath10k_mac_vif_disable_keepalive(struct ath10k_vif *arvif)
1986 {
1987 	struct ath10k *ar = arvif->ar;
1988 	struct wmi_sta_keepalive_arg arg = {};
1989 	int ret;
1990 
1991 	lockdep_assert_held(&arvif->ar->conf_mutex);
1992 
1993 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
1994 		return 0;
1995 
1996 	if (!test_bit(WMI_SERVICE_STA_KEEP_ALIVE, ar->wmi.svc_map))
1997 		return 0;
1998 
1999 	/* Some firmware revisions have a bug and ignore the `enabled` field.
2000 	 * Instead use the interval to disable the keepalive.
2001 	 */
2002 	arg.vdev_id = arvif->vdev_id;
2003 	arg.enabled = 1;
2004 	arg.method = WMI_STA_KEEPALIVE_METHOD_NULL_FRAME;
2005 	arg.interval = WMI_STA_KEEPALIVE_INTERVAL_DISABLE;
2006 
2007 	ret = ath10k_wmi_sta_keepalive(ar, &arg);
2008 	if (ret) {
2009 		ath10k_warn(ar, "failed to submit keepalive on vdev %i: %d\n",
2010 			    arvif->vdev_id, ret);
2011 		return ret;
2012 	}
2013 
2014 	return 0;
2015 }
2016 
2017 static void ath10k_mac_vif_ap_csa_count_down(struct ath10k_vif *arvif)
2018 {
2019 	struct ath10k *ar = arvif->ar;
2020 	struct ieee80211_vif *vif = arvif->vif;
2021 	int ret;
2022 
2023 	lockdep_assert_held(&arvif->ar->conf_mutex);
2024 
2025 	if (WARN_ON(!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)))
2026 		return;
2027 
2028 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
2029 		return;
2030 
2031 	if (!vif->csa_active)
2032 		return;
2033 
2034 	if (!arvif->is_up)
2035 		return;
2036 
2037 	if (!ieee80211_beacon_cntdwn_is_complete(vif)) {
2038 		ieee80211_beacon_update_cntdwn(vif);
2039 
2040 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
2041 		if (ret)
2042 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
2043 				    ret);
2044 
2045 		ret = ath10k_mac_setup_prb_tmpl(arvif);
2046 		if (ret)
2047 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
2048 				    ret);
2049 	} else {
2050 		ieee80211_csa_finish(vif);
2051 	}
2052 }
2053 
2054 static void ath10k_mac_vif_ap_csa_work(struct work_struct *work)
2055 {
2056 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2057 						ap_csa_work);
2058 	struct ath10k *ar = arvif->ar;
2059 
2060 	mutex_lock(&ar->conf_mutex);
2061 	ath10k_mac_vif_ap_csa_count_down(arvif);
2062 	mutex_unlock(&ar->conf_mutex);
2063 }
2064 
2065 static void ath10k_mac_handle_beacon_iter(void *data, u8 *mac,
2066 					  struct ieee80211_vif *vif)
2067 {
2068 	struct sk_buff *skb = data;
2069 	struct ieee80211_mgmt *mgmt = (void *)skb->data;
2070 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2071 
2072 	if (vif->type != NL80211_IFTYPE_STATION)
2073 		return;
2074 
2075 	if (!ether_addr_equal(mgmt->bssid, vif->bss_conf.bssid))
2076 		return;
2077 
2078 	cancel_delayed_work(&arvif->connection_loss_work);
2079 }
2080 
2081 void ath10k_mac_handle_beacon(struct ath10k *ar, struct sk_buff *skb)
2082 {
2083 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2084 						   ATH10K_ITER_NORMAL_FLAGS,
2085 						   ath10k_mac_handle_beacon_iter,
2086 						   skb);
2087 }
2088 
2089 static void ath10k_mac_handle_beacon_miss_iter(void *data, u8 *mac,
2090 					       struct ieee80211_vif *vif)
2091 {
2092 	u32 *vdev_id = data;
2093 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2094 	struct ath10k *ar = arvif->ar;
2095 	struct ieee80211_hw *hw = ar->hw;
2096 
2097 	if (arvif->vdev_id != *vdev_id)
2098 		return;
2099 
2100 	if (!arvif->is_up)
2101 		return;
2102 
2103 	ieee80211_beacon_loss(vif);
2104 
2105 	/* Firmware doesn't report beacon loss events repeatedly. If AP probe
2106 	 * (done by mac80211) succeeds but beacons do not resume then it
2107 	 * doesn't make sense to continue operation. Queue connection loss work
2108 	 * which can be cancelled when beacon is received.
2109 	 */
2110 	ieee80211_queue_delayed_work(hw, &arvif->connection_loss_work,
2111 				     ATH10K_CONNECTION_LOSS_HZ);
2112 }
2113 
2114 void ath10k_mac_handle_beacon_miss(struct ath10k *ar, u32 vdev_id)
2115 {
2116 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
2117 						   ATH10K_ITER_NORMAL_FLAGS,
2118 						   ath10k_mac_handle_beacon_miss_iter,
2119 						   &vdev_id);
2120 }
2121 
2122 static void ath10k_mac_vif_sta_connection_loss_work(struct work_struct *work)
2123 {
2124 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
2125 						connection_loss_work.work);
2126 	struct ieee80211_vif *vif = arvif->vif;
2127 
2128 	if (!arvif->is_up)
2129 		return;
2130 
2131 	ieee80211_connection_loss(vif);
2132 }
2133 
2134 /**********************/
2135 /* Station management */
2136 /**********************/
2137 
2138 static u32 ath10k_peer_assoc_h_listen_intval(struct ath10k *ar,
2139 					     struct ieee80211_vif *vif)
2140 {
2141 	/* Some firmware revisions have unstable STA powersave when listen
2142 	 * interval is set too high (e.g. 5). The symptoms are firmware doesn't
2143 	 * generate NullFunc frames properly even if buffered frames have been
2144 	 * indicated in Beacon TIM. Firmware would seldom wake up to pull
2145 	 * buffered frames. Often pinging the device from AP would simply fail.
2146 	 *
2147 	 * As a workaround set it to 1.
2148 	 */
2149 	if (vif->type == NL80211_IFTYPE_STATION)
2150 		return 1;
2151 
2152 	return ar->hw->conf.listen_interval;
2153 }
2154 
2155 static void ath10k_peer_assoc_h_basic(struct ath10k *ar,
2156 				      struct ieee80211_vif *vif,
2157 				      struct ieee80211_sta *sta,
2158 				      struct wmi_peer_assoc_complete_arg *arg)
2159 {
2160 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2161 	u32 aid;
2162 
2163 	lockdep_assert_held(&ar->conf_mutex);
2164 
2165 	if (vif->type == NL80211_IFTYPE_STATION)
2166 		aid = vif->bss_conf.aid;
2167 	else
2168 		aid = sta->aid;
2169 
2170 	ether_addr_copy(arg->addr, sta->addr);
2171 	arg->vdev_id = arvif->vdev_id;
2172 	arg->peer_aid = aid;
2173 	arg->peer_flags |= arvif->ar->wmi.peer_flags->auth;
2174 	arg->peer_listen_intval = ath10k_peer_assoc_h_listen_intval(ar, vif);
2175 	arg->peer_num_spatial_streams = 1;
2176 	arg->peer_caps = vif->bss_conf.assoc_capability;
2177 }
2178 
2179 static void ath10k_peer_assoc_h_crypto(struct ath10k *ar,
2180 				       struct ieee80211_vif *vif,
2181 				       struct ieee80211_sta *sta,
2182 				       struct wmi_peer_assoc_complete_arg *arg)
2183 {
2184 	struct ieee80211_bss_conf *info = &vif->bss_conf;
2185 	struct cfg80211_chan_def def;
2186 	struct cfg80211_bss *bss;
2187 	const u8 *rsnie = NULL;
2188 	const u8 *wpaie = NULL;
2189 
2190 	lockdep_assert_held(&ar->conf_mutex);
2191 
2192 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2193 		return;
2194 
2195 	bss = cfg80211_get_bss(ar->hw->wiphy, def.chan, info->bssid,
2196 			       info->ssid_len ? info->ssid : NULL, info->ssid_len,
2197 			       IEEE80211_BSS_TYPE_ANY, IEEE80211_PRIVACY_ANY);
2198 	if (bss) {
2199 		const struct cfg80211_bss_ies *ies;
2200 
2201 		rcu_read_lock();
2202 		rsnie = ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
2203 
2204 		ies = rcu_dereference(bss->ies);
2205 
2206 		wpaie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
2207 						WLAN_OUI_TYPE_MICROSOFT_WPA,
2208 						ies->data,
2209 						ies->len);
2210 		rcu_read_unlock();
2211 		cfg80211_put_bss(ar->hw->wiphy, bss);
2212 	}
2213 
2214 	/* FIXME: base on RSN IE/WPA IE is a correct idea? */
2215 	if (rsnie || wpaie) {
2216 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: rsn ie found\n", __func__);
2217 		arg->peer_flags |= ar->wmi.peer_flags->need_ptk_4_way;
2218 	}
2219 
2220 	if (wpaie) {
2221 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: wpa ie found\n", __func__);
2222 		arg->peer_flags |= ar->wmi.peer_flags->need_gtk_2_way;
2223 	}
2224 
2225 	if (sta->mfp &&
2226 	    test_bit(ATH10K_FW_FEATURE_MFP_SUPPORT,
2227 		     ar->running_fw->fw_file.fw_features)) {
2228 		arg->peer_flags |= ar->wmi.peer_flags->pmf;
2229 	}
2230 }
2231 
2232 static void ath10k_peer_assoc_h_rates(struct ath10k *ar,
2233 				      struct ieee80211_vif *vif,
2234 				      struct ieee80211_sta *sta,
2235 				      struct wmi_peer_assoc_complete_arg *arg)
2236 {
2237 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2238 	struct wmi_rate_set_arg *rateset = &arg->peer_legacy_rates;
2239 	struct cfg80211_chan_def def;
2240 	const struct ieee80211_supported_band *sband;
2241 	const struct ieee80211_rate *rates;
2242 	enum nl80211_band band;
2243 	u32 ratemask;
2244 	u8 rate;
2245 	int i;
2246 
2247 	lockdep_assert_held(&ar->conf_mutex);
2248 
2249 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2250 		return;
2251 
2252 	band = def.chan->band;
2253 	sband = ar->hw->wiphy->bands[band];
2254 	ratemask = sta->supp_rates[band];
2255 	ratemask &= arvif->bitrate_mask.control[band].legacy;
2256 	rates = sband->bitrates;
2257 
2258 	rateset->num_rates = 0;
2259 
2260 	for (i = 0; i < 32; i++, ratemask >>= 1, rates++) {
2261 		if (!(ratemask & 1))
2262 			continue;
2263 
2264 		rate = ath10k_mac_bitrate_to_rate(rates->bitrate);
2265 		rateset->rates[rateset->num_rates] = rate;
2266 		rateset->num_rates++;
2267 	}
2268 }
2269 
2270 static bool
2271 ath10k_peer_assoc_h_ht_masked(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
2272 {
2273 	int nss;
2274 
2275 	for (nss = 0; nss < IEEE80211_HT_MCS_MASK_LEN; nss++)
2276 		if (ht_mcs_mask[nss])
2277 			return false;
2278 
2279 	return true;
2280 }
2281 
2282 static bool
2283 ath10k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
2284 {
2285 	int nss;
2286 
2287 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++)
2288 		if (vht_mcs_mask[nss])
2289 			return false;
2290 
2291 	return true;
2292 }
2293 
2294 static void ath10k_peer_assoc_h_ht(struct ath10k *ar,
2295 				   struct ieee80211_vif *vif,
2296 				   struct ieee80211_sta *sta,
2297 				   struct wmi_peer_assoc_complete_arg *arg)
2298 {
2299 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->ht_cap;
2300 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2301 	struct cfg80211_chan_def def;
2302 	enum nl80211_band band;
2303 	const u8 *ht_mcs_mask;
2304 	const u16 *vht_mcs_mask;
2305 	int i, n;
2306 	u8 max_nss;
2307 	u32 stbc;
2308 
2309 	lockdep_assert_held(&ar->conf_mutex);
2310 
2311 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2312 		return;
2313 
2314 	if (!ht_cap->ht_supported)
2315 		return;
2316 
2317 	band = def.chan->band;
2318 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2319 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2320 
2321 	if (ath10k_peer_assoc_h_ht_masked(ht_mcs_mask) &&
2322 	    ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2323 		return;
2324 
2325 	arg->peer_flags |= ar->wmi.peer_flags->ht;
2326 	arg->peer_max_mpdu = (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2327 				    ht_cap->ampdu_factor)) - 1;
2328 
2329 	arg->peer_mpdu_density =
2330 		ath10k_parse_mpdudensity(ht_cap->ampdu_density);
2331 
2332 	arg->peer_ht_caps = ht_cap->cap;
2333 	arg->peer_rate_caps |= WMI_RC_HT_FLAG;
2334 
2335 	if (ht_cap->cap & IEEE80211_HT_CAP_LDPC_CODING)
2336 		arg->peer_flags |= ar->wmi.peer_flags->ldbc;
2337 
2338 	if (sta->bandwidth >= IEEE80211_STA_RX_BW_40) {
2339 		arg->peer_flags |= ar->wmi.peer_flags->bw40;
2340 		arg->peer_rate_caps |= WMI_RC_CW40_FLAG;
2341 	}
2342 
2343 	if (arvif->bitrate_mask.control[band].gi != NL80211_TXRATE_FORCE_LGI) {
2344 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_20)
2345 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2346 
2347 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_40)
2348 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2349 	}
2350 
2351 	if (ht_cap->cap & IEEE80211_HT_CAP_TX_STBC) {
2352 		arg->peer_rate_caps |= WMI_RC_TX_STBC_FLAG;
2353 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2354 	}
2355 
2356 	if (ht_cap->cap & IEEE80211_HT_CAP_RX_STBC) {
2357 		stbc = ht_cap->cap & IEEE80211_HT_CAP_RX_STBC;
2358 		stbc = stbc >> IEEE80211_HT_CAP_RX_STBC_SHIFT;
2359 		stbc = stbc << WMI_RC_RX_STBC_FLAG_S;
2360 		arg->peer_rate_caps |= stbc;
2361 		arg->peer_flags |= ar->wmi.peer_flags->stbc;
2362 	}
2363 
2364 	if (ht_cap->mcs.rx_mask[1] && ht_cap->mcs.rx_mask[2])
2365 		arg->peer_rate_caps |= WMI_RC_TS_FLAG;
2366 	else if (ht_cap->mcs.rx_mask[1])
2367 		arg->peer_rate_caps |= WMI_RC_DS_FLAG;
2368 
2369 	for (i = 0, n = 0, max_nss = 0; i < IEEE80211_HT_MCS_MASK_LEN * 8; i++)
2370 		if ((ht_cap->mcs.rx_mask[i / 8] & BIT(i % 8)) &&
2371 		    (ht_mcs_mask[i / 8] & BIT(i % 8))) {
2372 			max_nss = (i / 8) + 1;
2373 			arg->peer_ht_rates.rates[n++] = i;
2374 		}
2375 
2376 	/*
2377 	 * This is a workaround for HT-enabled STAs which break the spec
2378 	 * and have no HT capabilities RX mask (no HT RX MCS map).
2379 	 *
2380 	 * As per spec, in section 20.3.5 Modulation and coding scheme (MCS),
2381 	 * MCS 0 through 7 are mandatory in 20MHz with 800 ns GI at all STAs.
2382 	 *
2383 	 * Firmware asserts if such situation occurs.
2384 	 */
2385 	if (n == 0) {
2386 		arg->peer_ht_rates.num_rates = 8;
2387 		for (i = 0; i < arg->peer_ht_rates.num_rates; i++)
2388 			arg->peer_ht_rates.rates[i] = i;
2389 	} else {
2390 		arg->peer_ht_rates.num_rates = n;
2391 		arg->peer_num_spatial_streams = min(sta->rx_nss, max_nss);
2392 	}
2393 
2394 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ht peer %pM mcs cnt %d nss %d\n",
2395 		   arg->addr,
2396 		   arg->peer_ht_rates.num_rates,
2397 		   arg->peer_num_spatial_streams);
2398 }
2399 
2400 static int ath10k_peer_assoc_qos_ap(struct ath10k *ar,
2401 				    struct ath10k_vif *arvif,
2402 				    struct ieee80211_sta *sta)
2403 {
2404 	u32 uapsd = 0;
2405 	u32 max_sp = 0;
2406 	int ret = 0;
2407 
2408 	lockdep_assert_held(&ar->conf_mutex);
2409 
2410 	if (sta->wme && sta->uapsd_queues) {
2411 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac uapsd_queues 0x%x max_sp %d\n",
2412 			   sta->uapsd_queues, sta->max_sp);
2413 
2414 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
2415 			uapsd |= WMI_AP_PS_UAPSD_AC3_DELIVERY_EN |
2416 				 WMI_AP_PS_UAPSD_AC3_TRIGGER_EN;
2417 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
2418 			uapsd |= WMI_AP_PS_UAPSD_AC2_DELIVERY_EN |
2419 				 WMI_AP_PS_UAPSD_AC2_TRIGGER_EN;
2420 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
2421 			uapsd |= WMI_AP_PS_UAPSD_AC1_DELIVERY_EN |
2422 				 WMI_AP_PS_UAPSD_AC1_TRIGGER_EN;
2423 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
2424 			uapsd |= WMI_AP_PS_UAPSD_AC0_DELIVERY_EN |
2425 				 WMI_AP_PS_UAPSD_AC0_TRIGGER_EN;
2426 
2427 		if (sta->max_sp < MAX_WMI_AP_PS_PEER_PARAM_MAX_SP)
2428 			max_sp = sta->max_sp;
2429 
2430 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2431 						 sta->addr,
2432 						 WMI_AP_PS_PEER_PARAM_UAPSD,
2433 						 uapsd);
2434 		if (ret) {
2435 			ath10k_warn(ar, "failed to set ap ps peer param uapsd for vdev %i: %d\n",
2436 				    arvif->vdev_id, ret);
2437 			return ret;
2438 		}
2439 
2440 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2441 						 sta->addr,
2442 						 WMI_AP_PS_PEER_PARAM_MAX_SP,
2443 						 max_sp);
2444 		if (ret) {
2445 			ath10k_warn(ar, "failed to set ap ps peer param max sp for vdev %i: %d\n",
2446 				    arvif->vdev_id, ret);
2447 			return ret;
2448 		}
2449 
2450 		/* TODO setup this based on STA listen interval and
2451 		 * beacon interval. Currently we don't know
2452 		 * sta->listen_interval - mac80211 patch required.
2453 		 * Currently use 10 seconds
2454 		 */
2455 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id, sta->addr,
2456 						 WMI_AP_PS_PEER_PARAM_AGEOUT_TIME,
2457 						 10);
2458 		if (ret) {
2459 			ath10k_warn(ar, "failed to set ap ps peer param ageout time for vdev %i: %d\n",
2460 				    arvif->vdev_id, ret);
2461 			return ret;
2462 		}
2463 	}
2464 
2465 	return 0;
2466 }
2467 
2468 static u16
2469 ath10k_peer_assoc_h_vht_limit(u16 tx_mcs_set,
2470 			      const u16 vht_mcs_limit[NL80211_VHT_NSS_MAX])
2471 {
2472 	int idx_limit;
2473 	int nss;
2474 	u16 mcs_map;
2475 	u16 mcs;
2476 
2477 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
2478 		mcs_map = ath10k_mac_get_max_vht_mcs_map(tx_mcs_set, nss) &
2479 			  vht_mcs_limit[nss];
2480 
2481 		if (mcs_map)
2482 			idx_limit = fls(mcs_map) - 1;
2483 		else
2484 			idx_limit = -1;
2485 
2486 		switch (idx_limit) {
2487 		case 0:
2488 		case 1:
2489 		case 2:
2490 		case 3:
2491 		case 4:
2492 		case 5:
2493 		case 6:
2494 		default:
2495 			/* see ath10k_mac_can_set_bitrate_mask() */
2496 			WARN_ON(1);
2497 			fallthrough;
2498 		case -1:
2499 			mcs = IEEE80211_VHT_MCS_NOT_SUPPORTED;
2500 			break;
2501 		case 7:
2502 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_7;
2503 			break;
2504 		case 8:
2505 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_8;
2506 			break;
2507 		case 9:
2508 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_9;
2509 			break;
2510 		}
2511 
2512 		tx_mcs_set &= ~(0x3 << (nss * 2));
2513 		tx_mcs_set |= mcs << (nss * 2);
2514 	}
2515 
2516 	return tx_mcs_set;
2517 }
2518 
2519 static u32 get_160mhz_nss_from_maxrate(int rate)
2520 {
2521 	u32 nss;
2522 
2523 	switch (rate) {
2524 	case 780:
2525 		nss = 1;
2526 		break;
2527 	case 1560:
2528 		nss = 2;
2529 		break;
2530 	case 2106:
2531 		nss = 3; /* not support MCS9 from spec*/
2532 		break;
2533 	case 3120:
2534 		nss = 4;
2535 		break;
2536 	default:
2537 		 nss = 1;
2538 	}
2539 
2540 	return nss;
2541 }
2542 
2543 static void ath10k_peer_assoc_h_vht(struct ath10k *ar,
2544 				    struct ieee80211_vif *vif,
2545 				    struct ieee80211_sta *sta,
2546 				    struct wmi_peer_assoc_complete_arg *arg)
2547 {
2548 	const struct ieee80211_sta_vht_cap *vht_cap = &sta->vht_cap;
2549 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2550 	struct ath10k_hw_params *hw = &ar->hw_params;
2551 	struct cfg80211_chan_def def;
2552 	enum nl80211_band band;
2553 	const u16 *vht_mcs_mask;
2554 	u8 ampdu_factor;
2555 	u8 max_nss, vht_mcs;
2556 	int i;
2557 
2558 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2559 		return;
2560 
2561 	if (!vht_cap->vht_supported)
2562 		return;
2563 
2564 	band = def.chan->band;
2565 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2566 
2567 	if (ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2568 		return;
2569 
2570 	arg->peer_flags |= ar->wmi.peer_flags->vht;
2571 
2572 	if (def.chan->band == NL80211_BAND_2GHZ)
2573 		arg->peer_flags |= ar->wmi.peer_flags->vht_2g;
2574 
2575 	arg->peer_vht_caps = vht_cap->cap;
2576 
2577 	ampdu_factor = (vht_cap->cap &
2578 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >>
2579 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
2580 
2581 	/* Workaround: Some Netgear/Linksys 11ac APs set Rx A-MPDU factor to
2582 	 * zero in VHT IE. Using it would result in degraded throughput.
2583 	 * arg->peer_max_mpdu at this point contains HT max_mpdu so keep
2584 	 * it if VHT max_mpdu is smaller.
2585 	 */
2586 	arg->peer_max_mpdu = max(arg->peer_max_mpdu,
2587 				 (1U << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2588 					ampdu_factor)) - 1);
2589 
2590 	if (sta->bandwidth == IEEE80211_STA_RX_BW_80)
2591 		arg->peer_flags |= ar->wmi.peer_flags->bw80;
2592 
2593 	if (sta->bandwidth == IEEE80211_STA_RX_BW_160)
2594 		arg->peer_flags |= ar->wmi.peer_flags->bw160;
2595 
2596 	/* Calculate peer NSS capability from VHT capabilities if STA
2597 	 * supports VHT.
2598 	 */
2599 	for (i = 0, max_nss = 0, vht_mcs = 0; i < NL80211_VHT_NSS_MAX; i++) {
2600 		vht_mcs = __le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map) >>
2601 			  (2 * i) & 3;
2602 
2603 		if ((vht_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) &&
2604 		    vht_mcs_mask[i])
2605 			max_nss = i + 1;
2606 	}
2607 	arg->peer_num_spatial_streams = min(sta->rx_nss, max_nss);
2608 	arg->peer_vht_rates.rx_max_rate =
2609 		__le16_to_cpu(vht_cap->vht_mcs.rx_highest);
2610 	arg->peer_vht_rates.rx_mcs_set =
2611 		__le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map);
2612 	arg->peer_vht_rates.tx_max_rate =
2613 		__le16_to_cpu(vht_cap->vht_mcs.tx_highest);
2614 	arg->peer_vht_rates.tx_mcs_set = ath10k_peer_assoc_h_vht_limit(
2615 		__le16_to_cpu(vht_cap->vht_mcs.tx_mcs_map), vht_mcs_mask);
2616 
2617 	/* Configure bandwidth-NSS mapping to FW
2618 	 * for the chip's tx chains setting on 160Mhz bw
2619 	 */
2620 	if (arg->peer_phymode == MODE_11AC_VHT160 ||
2621 	    arg->peer_phymode == MODE_11AC_VHT80_80) {
2622 		u32 rx_nss;
2623 		u32 max_rate;
2624 
2625 		max_rate = arg->peer_vht_rates.rx_max_rate;
2626 		rx_nss = get_160mhz_nss_from_maxrate(max_rate);
2627 
2628 		if (rx_nss == 0)
2629 			rx_nss = arg->peer_num_spatial_streams;
2630 		else
2631 			rx_nss = min(arg->peer_num_spatial_streams, rx_nss);
2632 
2633 		max_rate = hw->vht160_mcs_tx_highest;
2634 		rx_nss = min(rx_nss, get_160mhz_nss_from_maxrate(max_rate));
2635 
2636 		arg->peer_bw_rxnss_override =
2637 			FIELD_PREP(WMI_PEER_NSS_MAP_ENABLE, 1) |
2638 			FIELD_PREP(WMI_PEER_NSS_160MHZ_MASK, (rx_nss - 1));
2639 
2640 		if (arg->peer_phymode == MODE_11AC_VHT80_80) {
2641 			arg->peer_bw_rxnss_override |=
2642 			FIELD_PREP(WMI_PEER_NSS_80_80MHZ_MASK, (rx_nss - 1));
2643 		}
2644 	}
2645 	ath10k_dbg(ar, ATH10K_DBG_MAC,
2646 		   "mac vht peer %pM max_mpdu %d flags 0x%x peer_rx_nss_override 0x%x\n",
2647 		   sta->addr, arg->peer_max_mpdu,
2648 		   arg->peer_flags, arg->peer_bw_rxnss_override);
2649 }
2650 
2651 static void ath10k_peer_assoc_h_qos(struct ath10k *ar,
2652 				    struct ieee80211_vif *vif,
2653 				    struct ieee80211_sta *sta,
2654 				    struct wmi_peer_assoc_complete_arg *arg)
2655 {
2656 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2657 
2658 	switch (arvif->vdev_type) {
2659 	case WMI_VDEV_TYPE_AP:
2660 		if (sta->wme)
2661 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2662 
2663 		if (sta->wme && sta->uapsd_queues) {
2664 			arg->peer_flags |= arvif->ar->wmi.peer_flags->apsd;
2665 			arg->peer_rate_caps |= WMI_RC_UAPSD_FLAG;
2666 		}
2667 		break;
2668 	case WMI_VDEV_TYPE_STA:
2669 		if (sta->wme)
2670 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2671 		break;
2672 	case WMI_VDEV_TYPE_IBSS:
2673 		if (sta->wme)
2674 			arg->peer_flags |= arvif->ar->wmi.peer_flags->qos;
2675 		break;
2676 	default:
2677 		break;
2678 	}
2679 
2680 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM qos %d\n",
2681 		   sta->addr, !!(arg->peer_flags &
2682 		   arvif->ar->wmi.peer_flags->qos));
2683 }
2684 
2685 static bool ath10k_mac_sta_has_ofdm_only(struct ieee80211_sta *sta)
2686 {
2687 	return sta->supp_rates[NL80211_BAND_2GHZ] >>
2688 	       ATH10K_MAC_FIRST_OFDM_RATE_IDX;
2689 }
2690 
2691 static enum wmi_phy_mode ath10k_mac_get_phymode_vht(struct ath10k *ar,
2692 						    struct ieee80211_sta *sta)
2693 {
2694 	if (sta->bandwidth == IEEE80211_STA_RX_BW_160) {
2695 		switch (sta->vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) {
2696 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ:
2697 			return MODE_11AC_VHT160;
2698 		case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ:
2699 			return MODE_11AC_VHT80_80;
2700 		default:
2701 			/* not sure if this is a valid case? */
2702 			return MODE_11AC_VHT160;
2703 		}
2704 	}
2705 
2706 	if (sta->bandwidth == IEEE80211_STA_RX_BW_80)
2707 		return MODE_11AC_VHT80;
2708 
2709 	if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2710 		return MODE_11AC_VHT40;
2711 
2712 	if (sta->bandwidth == IEEE80211_STA_RX_BW_20)
2713 		return MODE_11AC_VHT20;
2714 
2715 	return MODE_UNKNOWN;
2716 }
2717 
2718 static void ath10k_peer_assoc_h_phymode(struct ath10k *ar,
2719 					struct ieee80211_vif *vif,
2720 					struct ieee80211_sta *sta,
2721 					struct wmi_peer_assoc_complete_arg *arg)
2722 {
2723 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2724 	struct cfg80211_chan_def def;
2725 	enum nl80211_band band;
2726 	const u8 *ht_mcs_mask;
2727 	const u16 *vht_mcs_mask;
2728 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
2729 
2730 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2731 		return;
2732 
2733 	band = def.chan->band;
2734 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2735 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2736 
2737 	switch (band) {
2738 	case NL80211_BAND_2GHZ:
2739 		if (sta->vht_cap.vht_supported &&
2740 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2741 			if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2742 				phymode = MODE_11AC_VHT40;
2743 			else
2744 				phymode = MODE_11AC_VHT20;
2745 		} else if (sta->ht_cap.ht_supported &&
2746 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2747 			if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2748 				phymode = MODE_11NG_HT40;
2749 			else
2750 				phymode = MODE_11NG_HT20;
2751 		} else if (ath10k_mac_sta_has_ofdm_only(sta)) {
2752 			phymode = MODE_11G;
2753 		} else {
2754 			phymode = MODE_11B;
2755 		}
2756 
2757 		break;
2758 	case NL80211_BAND_5GHZ:
2759 		/*
2760 		 * Check VHT first.
2761 		 */
2762 		if (sta->vht_cap.vht_supported &&
2763 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2764 			phymode = ath10k_mac_get_phymode_vht(ar, sta);
2765 		} else if (sta->ht_cap.ht_supported &&
2766 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2767 			if (sta->bandwidth >= IEEE80211_STA_RX_BW_40)
2768 				phymode = MODE_11NA_HT40;
2769 			else
2770 				phymode = MODE_11NA_HT20;
2771 		} else {
2772 			phymode = MODE_11A;
2773 		}
2774 
2775 		break;
2776 	default:
2777 		break;
2778 	}
2779 
2780 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM phymode %s\n",
2781 		   sta->addr, ath10k_wmi_phymode_str(phymode));
2782 
2783 	arg->peer_phymode = phymode;
2784 	WARN_ON(phymode == MODE_UNKNOWN);
2785 }
2786 
2787 static int ath10k_peer_assoc_prepare(struct ath10k *ar,
2788 				     struct ieee80211_vif *vif,
2789 				     struct ieee80211_sta *sta,
2790 				     struct wmi_peer_assoc_complete_arg *arg)
2791 {
2792 	lockdep_assert_held(&ar->conf_mutex);
2793 
2794 	memset(arg, 0, sizeof(*arg));
2795 
2796 	ath10k_peer_assoc_h_basic(ar, vif, sta, arg);
2797 	ath10k_peer_assoc_h_crypto(ar, vif, sta, arg);
2798 	ath10k_peer_assoc_h_rates(ar, vif, sta, arg);
2799 	ath10k_peer_assoc_h_ht(ar, vif, sta, arg);
2800 	ath10k_peer_assoc_h_phymode(ar, vif, sta, arg);
2801 	ath10k_peer_assoc_h_vht(ar, vif, sta, arg);
2802 	ath10k_peer_assoc_h_qos(ar, vif, sta, arg);
2803 
2804 	return 0;
2805 }
2806 
2807 static const u32 ath10k_smps_map[] = {
2808 	[WLAN_HT_CAP_SM_PS_STATIC] = WMI_PEER_SMPS_STATIC,
2809 	[WLAN_HT_CAP_SM_PS_DYNAMIC] = WMI_PEER_SMPS_DYNAMIC,
2810 	[WLAN_HT_CAP_SM_PS_INVALID] = WMI_PEER_SMPS_PS_NONE,
2811 	[WLAN_HT_CAP_SM_PS_DISABLED] = WMI_PEER_SMPS_PS_NONE,
2812 };
2813 
2814 static int ath10k_setup_peer_smps(struct ath10k *ar, struct ath10k_vif *arvif,
2815 				  const u8 *addr,
2816 				  const struct ieee80211_sta_ht_cap *ht_cap)
2817 {
2818 	int smps;
2819 
2820 	if (!ht_cap->ht_supported)
2821 		return 0;
2822 
2823 	smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
2824 	smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
2825 
2826 	if (smps >= ARRAY_SIZE(ath10k_smps_map))
2827 		return -EINVAL;
2828 
2829 	return ath10k_wmi_peer_set_param(ar, arvif->vdev_id, addr,
2830 					 ar->wmi.peer_param->smps_state,
2831 					 ath10k_smps_map[smps]);
2832 }
2833 
2834 static int ath10k_mac_vif_recalc_txbf(struct ath10k *ar,
2835 				      struct ieee80211_vif *vif,
2836 				      struct ieee80211_sta_vht_cap vht_cap)
2837 {
2838 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
2839 	int ret;
2840 	u32 param;
2841 	u32 value;
2842 
2843 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_AFTER_ASSOC)
2844 		return 0;
2845 
2846 	if (!(ar->vht_cap_info &
2847 	      (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2848 	       IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE |
2849 	       IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2850 	       IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)))
2851 		return 0;
2852 
2853 	param = ar->wmi.vdev_param->txbf;
2854 	value = 0;
2855 
2856 	if (WARN_ON(param == WMI_VDEV_PARAM_UNSUPPORTED))
2857 		return 0;
2858 
2859 	/* The following logic is correct. If a remote STA advertises support
2860 	 * for being a beamformer then we should enable us being a beamformee.
2861 	 */
2862 
2863 	if (ar->vht_cap_info &
2864 	    (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2865 	     IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
2866 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
2867 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2868 
2869 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
2870 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFEE;
2871 	}
2872 
2873 	if (ar->vht_cap_info &
2874 	    (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2875 	     IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
2876 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
2877 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2878 
2879 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
2880 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFER;
2881 	}
2882 
2883 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFEE)
2884 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2885 
2886 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFER)
2887 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2888 
2889 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param, value);
2890 	if (ret) {
2891 		ath10k_warn(ar, "failed to submit vdev param txbf 0x%x: %d\n",
2892 			    value, ret);
2893 		return ret;
2894 	}
2895 
2896 	return 0;
2897 }
2898 
2899 static bool ath10k_mac_is_connected(struct ath10k *ar)
2900 {
2901 	struct ath10k_vif *arvif;
2902 
2903 	list_for_each_entry(arvif, &ar->arvifs, list) {
2904 		if (arvif->is_up && arvif->vdev_type == WMI_VDEV_TYPE_STA)
2905 			return true;
2906 	}
2907 
2908 	return false;
2909 }
2910 
2911 static int ath10k_mac_txpower_setup(struct ath10k *ar, int txpower)
2912 {
2913 	int ret;
2914 	u32 param;
2915 	int tx_power_2g, tx_power_5g;
2916 	bool connected;
2917 
2918 	lockdep_assert_held(&ar->conf_mutex);
2919 
2920 	/* ath10k internally uses unit of 0.5 dBm so multiply by 2 */
2921 	tx_power_2g = txpower * 2;
2922 	tx_power_5g = txpower * 2;
2923 
2924 	connected = ath10k_mac_is_connected(ar);
2925 
2926 	if (connected && ar->tx_power_2g_limit)
2927 		if (tx_power_2g > ar->tx_power_2g_limit)
2928 			tx_power_2g = ar->tx_power_2g_limit;
2929 
2930 	if (connected && ar->tx_power_5g_limit)
2931 		if (tx_power_5g > ar->tx_power_5g_limit)
2932 			tx_power_5g = ar->tx_power_5g_limit;
2933 
2934 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac txpower 2g: %d, 5g: %d\n",
2935 		   tx_power_2g, tx_power_5g);
2936 
2937 	param = ar->wmi.pdev_param->txpower_limit2g;
2938 	ret = ath10k_wmi_pdev_set_param(ar, param, tx_power_2g);
2939 	if (ret) {
2940 		ath10k_warn(ar, "failed to set 2g txpower %d: %d\n",
2941 			    tx_power_2g, ret);
2942 		return ret;
2943 	}
2944 
2945 	param = ar->wmi.pdev_param->txpower_limit5g;
2946 	ret = ath10k_wmi_pdev_set_param(ar, param, tx_power_5g);
2947 	if (ret) {
2948 		ath10k_warn(ar, "failed to set 5g txpower %d: %d\n",
2949 			    tx_power_5g, ret);
2950 		return ret;
2951 	}
2952 
2953 	return 0;
2954 }
2955 
2956 static int ath10k_mac_txpower_recalc(struct ath10k *ar)
2957 {
2958 	struct ath10k_vif *arvif;
2959 	int ret, txpower = -1;
2960 
2961 	lockdep_assert_held(&ar->conf_mutex);
2962 
2963 	list_for_each_entry(arvif, &ar->arvifs, list) {
2964 		/* txpower not initialized yet? */
2965 		if (arvif->txpower == INT_MIN)
2966 			continue;
2967 
2968 		if (txpower == -1)
2969 			txpower = arvif->txpower;
2970 		else
2971 			txpower = min(txpower, arvif->txpower);
2972 	}
2973 
2974 	if (txpower == -1)
2975 		return 0;
2976 
2977 	ret = ath10k_mac_txpower_setup(ar, txpower);
2978 	if (ret) {
2979 		ath10k_warn(ar, "failed to setup tx power %d: %d\n",
2980 			    txpower, ret);
2981 		return ret;
2982 	}
2983 
2984 	return 0;
2985 }
2986 
2987 static int ath10k_mac_set_sar_power(struct ath10k *ar)
2988 {
2989 	if (!ar->hw_params.dynamic_sar_support)
2990 		return -EOPNOTSUPP;
2991 
2992 	if (!ath10k_mac_is_connected(ar))
2993 		return 0;
2994 
2995 	/* if connected, then arvif->txpower must be valid */
2996 	return ath10k_mac_txpower_recalc(ar);
2997 }
2998 
2999 static int ath10k_mac_set_sar_specs(struct ieee80211_hw *hw,
3000 				    const struct cfg80211_sar_specs *sar)
3001 {
3002 	const struct cfg80211_sar_sub_specs *sub_specs;
3003 	struct ath10k *ar = hw->priv;
3004 	u32 i;
3005 	int ret;
3006 
3007 	mutex_lock(&ar->conf_mutex);
3008 
3009 	if (!ar->hw_params.dynamic_sar_support) {
3010 		ret = -EOPNOTSUPP;
3011 		goto err;
3012 	}
3013 
3014 	if (!sar || sar->type != NL80211_SAR_TYPE_POWER ||
3015 	    sar->num_sub_specs == 0) {
3016 		ret = -EINVAL;
3017 		goto err;
3018 	}
3019 
3020 	sub_specs = sar->sub_specs;
3021 
3022 	/* 0dbm is not a practical value for ath10k, so use 0
3023 	 * as no SAR limitation on it.
3024 	 */
3025 	ar->tx_power_2g_limit = 0;
3026 	ar->tx_power_5g_limit = 0;
3027 
3028 	/* note the power is in 0.25dbm unit, while ath10k uses
3029 	 * 0.5dbm unit.
3030 	 */
3031 	for (i = 0; i < sar->num_sub_specs; i++) {
3032 		if (sub_specs->freq_range_index == 0)
3033 			ar->tx_power_2g_limit = sub_specs->power / 2;
3034 		else if (sub_specs->freq_range_index == 1)
3035 			ar->tx_power_5g_limit = sub_specs->power / 2;
3036 
3037 		sub_specs++;
3038 	}
3039 
3040 	ret = ath10k_mac_set_sar_power(ar);
3041 	if (ret) {
3042 		ath10k_warn(ar, "failed to set sar power: %d", ret);
3043 		goto err;
3044 	}
3045 
3046 err:
3047 	mutex_unlock(&ar->conf_mutex);
3048 	return ret;
3049 }
3050 
3051 /* can be called only in mac80211 callbacks due to `key_count` usage */
3052 static void ath10k_bss_assoc(struct ieee80211_hw *hw,
3053 			     struct ieee80211_vif *vif,
3054 			     struct ieee80211_bss_conf *bss_conf)
3055 {
3056 	struct ath10k *ar = hw->priv;
3057 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3058 	struct ieee80211_sta_ht_cap ht_cap;
3059 	struct ieee80211_sta_vht_cap vht_cap;
3060 	struct wmi_peer_assoc_complete_arg peer_arg;
3061 	struct ieee80211_sta *ap_sta;
3062 	int ret;
3063 
3064 	lockdep_assert_held(&ar->conf_mutex);
3065 
3066 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i assoc bssid %pM aid %d\n",
3067 		   arvif->vdev_id, arvif->bssid, arvif->aid);
3068 
3069 	rcu_read_lock();
3070 
3071 	ap_sta = ieee80211_find_sta(vif, bss_conf->bssid);
3072 	if (!ap_sta) {
3073 		ath10k_warn(ar, "failed to find station entry for bss %pM vdev %i\n",
3074 			    bss_conf->bssid, arvif->vdev_id);
3075 		rcu_read_unlock();
3076 		return;
3077 	}
3078 
3079 	/* ap_sta must be accessed only within rcu section which must be left
3080 	 * before calling ath10k_setup_peer_smps() which might sleep.
3081 	 */
3082 	ht_cap = ap_sta->ht_cap;
3083 	vht_cap = ap_sta->vht_cap;
3084 
3085 	ret = ath10k_peer_assoc_prepare(ar, vif, ap_sta, &peer_arg);
3086 	if (ret) {
3087 		ath10k_warn(ar, "failed to prepare peer assoc for %pM vdev %i: %d\n",
3088 			    bss_conf->bssid, arvif->vdev_id, ret);
3089 		rcu_read_unlock();
3090 		return;
3091 	}
3092 
3093 	rcu_read_unlock();
3094 
3095 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3096 	if (ret) {
3097 		ath10k_warn(ar, "failed to run peer assoc for %pM vdev %i: %d\n",
3098 			    bss_conf->bssid, arvif->vdev_id, ret);
3099 		return;
3100 	}
3101 
3102 	ret = ath10k_setup_peer_smps(ar, arvif, bss_conf->bssid, &ht_cap);
3103 	if (ret) {
3104 		ath10k_warn(ar, "failed to setup peer SMPS for vdev %i: %d\n",
3105 			    arvif->vdev_id, ret);
3106 		return;
3107 	}
3108 
3109 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3110 	if (ret) {
3111 		ath10k_warn(ar, "failed to recalc txbf for vdev %i on bss %pM: %d\n",
3112 			    arvif->vdev_id, bss_conf->bssid, ret);
3113 		return;
3114 	}
3115 
3116 	ath10k_dbg(ar, ATH10K_DBG_MAC,
3117 		   "mac vdev %d up (associated) bssid %pM aid %d\n",
3118 		   arvif->vdev_id, bss_conf->bssid, bss_conf->aid);
3119 
3120 	WARN_ON(arvif->is_up);
3121 
3122 	arvif->aid = bss_conf->aid;
3123 	ether_addr_copy(arvif->bssid, bss_conf->bssid);
3124 
3125 	ret = ath10k_wmi_pdev_set_param(ar,
3126 					ar->wmi.pdev_param->peer_stats_info_enable, 1);
3127 	if (ret)
3128 		ath10k_warn(ar, "failed to enable peer stats info: %d\n", ret);
3129 
3130 	ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, arvif->aid, arvif->bssid);
3131 	if (ret) {
3132 		ath10k_warn(ar, "failed to set vdev %d up: %d\n",
3133 			    arvif->vdev_id, ret);
3134 		return;
3135 	}
3136 
3137 	arvif->is_up = true;
3138 
3139 	ath10k_mac_set_sar_power(ar);
3140 
3141 	/* Workaround: Some firmware revisions (tested with qca6174
3142 	 * WLAN.RM.2.0-00073) have buggy powersave state machine and must be
3143 	 * poked with peer param command.
3144 	 */
3145 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, arvif->bssid,
3146 					ar->wmi.peer_param->dummy_var, 1);
3147 	if (ret) {
3148 		ath10k_warn(ar, "failed to poke peer %pM param for ps workaround on vdev %i: %d\n",
3149 			    arvif->bssid, arvif->vdev_id, ret);
3150 		return;
3151 	}
3152 }
3153 
3154 static void ath10k_bss_disassoc(struct ieee80211_hw *hw,
3155 				struct ieee80211_vif *vif)
3156 {
3157 	struct ath10k *ar = hw->priv;
3158 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3159 	struct ieee80211_sta_vht_cap vht_cap = {};
3160 	int ret;
3161 
3162 	lockdep_assert_held(&ar->conf_mutex);
3163 
3164 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i disassoc bssid %pM\n",
3165 		   arvif->vdev_id, arvif->bssid);
3166 
3167 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
3168 	if (ret)
3169 		ath10k_warn(ar, "failed to down vdev %i: %d\n",
3170 			    arvif->vdev_id, ret);
3171 
3172 	arvif->def_wep_key_idx = -1;
3173 
3174 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
3175 	if (ret) {
3176 		ath10k_warn(ar, "failed to recalc txbf for vdev %i: %d\n",
3177 			    arvif->vdev_id, ret);
3178 		return;
3179 	}
3180 
3181 	arvif->is_up = false;
3182 
3183 	ath10k_mac_txpower_recalc(ar);
3184 
3185 	cancel_delayed_work_sync(&arvif->connection_loss_work);
3186 }
3187 
3188 static int ath10k_new_peer_tid_config(struct ath10k *ar,
3189 				      struct ieee80211_sta *sta,
3190 				      struct ath10k_vif *arvif)
3191 {
3192 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
3193 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
3194 	bool config_apply;
3195 	int ret, i;
3196 
3197 	for (i = 0; i < ATH10K_TID_MAX; i++) {
3198 		config_apply = false;
3199 		if (arvif->retry_long[i] || arvif->ampdu[i] ||
3200 		    arvif->rate_ctrl[i] || arvif->rtscts[i]) {
3201 			config_apply = true;
3202 			arg.tid = i;
3203 			arg.vdev_id = arvif->vdev_id;
3204 			arg.retry_count = arvif->retry_long[i];
3205 			arg.aggr_control = arvif->ampdu[i];
3206 			arg.rate_ctrl = arvif->rate_ctrl[i];
3207 			arg.rcode_flags = arvif->rate_code[i];
3208 
3209 			if (arvif->rtscts[i])
3210 				arg.ext_tid_cfg_bitmap =
3211 					WMI_EXT_TID_RTS_CTS_CONFIG;
3212 			else
3213 				arg.ext_tid_cfg_bitmap = 0;
3214 
3215 			arg.rtscts_ctrl = arvif->rtscts[i];
3216 		}
3217 
3218 		if (arvif->noack[i]) {
3219 			arg.ack_policy = arvif->noack[i];
3220 			arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
3221 			arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
3222 			config_apply = true;
3223 		}
3224 
3225 		/* Assign default value(-1) to newly connected station.
3226 		 * This is to identify station specific tid configuration not
3227 		 * configured for the station.
3228 		 */
3229 		arsta->retry_long[i] = -1;
3230 		arsta->noack[i] = -1;
3231 		arsta->ampdu[i] = -1;
3232 
3233 		if (!config_apply)
3234 			continue;
3235 
3236 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
3237 
3238 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
3239 		if (ret) {
3240 			ath10k_warn(ar, "failed to set per tid retry/aggr config for sta %pM: %d\n",
3241 				    sta->addr, ret);
3242 			return ret;
3243 		}
3244 
3245 		memset(&arg, 0, sizeof(arg));
3246 	}
3247 
3248 	return 0;
3249 }
3250 
3251 static int ath10k_station_assoc(struct ath10k *ar,
3252 				struct ieee80211_vif *vif,
3253 				struct ieee80211_sta *sta,
3254 				bool reassoc)
3255 {
3256 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3257 	struct wmi_peer_assoc_complete_arg peer_arg;
3258 	int ret = 0;
3259 
3260 	lockdep_assert_held(&ar->conf_mutex);
3261 
3262 	ret = ath10k_peer_assoc_prepare(ar, vif, sta, &peer_arg);
3263 	if (ret) {
3264 		ath10k_warn(ar, "failed to prepare WMI peer assoc for %pM vdev %i: %i\n",
3265 			    sta->addr, arvif->vdev_id, ret);
3266 		return ret;
3267 	}
3268 
3269 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
3270 	if (ret) {
3271 		ath10k_warn(ar, "failed to run peer assoc for STA %pM vdev %i: %d\n",
3272 			    sta->addr, arvif->vdev_id, ret);
3273 		return ret;
3274 	}
3275 
3276 	/* Re-assoc is run only to update supported rates for given station. It
3277 	 * doesn't make much sense to reconfigure the peer completely.
3278 	 */
3279 	if (!reassoc) {
3280 		ret = ath10k_setup_peer_smps(ar, arvif, sta->addr,
3281 					     &sta->ht_cap);
3282 		if (ret) {
3283 			ath10k_warn(ar, "failed to setup peer SMPS for vdev %d: %d\n",
3284 				    arvif->vdev_id, ret);
3285 			return ret;
3286 		}
3287 
3288 		ret = ath10k_peer_assoc_qos_ap(ar, arvif, sta);
3289 		if (ret) {
3290 			ath10k_warn(ar, "failed to set qos params for STA %pM for vdev %i: %d\n",
3291 				    sta->addr, arvif->vdev_id, ret);
3292 			return ret;
3293 		}
3294 
3295 		if (!sta->wme) {
3296 			arvif->num_legacy_stations++;
3297 			ret  = ath10k_recalc_rtscts_prot(arvif);
3298 			if (ret) {
3299 				ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3300 					    arvif->vdev_id, ret);
3301 				return ret;
3302 			}
3303 		}
3304 
3305 		/* Plumb cached keys only for static WEP */
3306 		if ((arvif->def_wep_key_idx != -1) && (!sta->tdls)) {
3307 			ret = ath10k_install_peer_wep_keys(arvif, sta->addr);
3308 			if (ret) {
3309 				ath10k_warn(ar, "failed to install peer wep keys for vdev %i: %d\n",
3310 					    arvif->vdev_id, ret);
3311 				return ret;
3312 			}
3313 		}
3314 	}
3315 
3316 	if (!test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map))
3317 		return ret;
3318 
3319 	return ath10k_new_peer_tid_config(ar, sta, arvif);
3320 }
3321 
3322 static int ath10k_station_disassoc(struct ath10k *ar,
3323 				   struct ieee80211_vif *vif,
3324 				   struct ieee80211_sta *sta)
3325 {
3326 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3327 	int ret = 0;
3328 
3329 	lockdep_assert_held(&ar->conf_mutex);
3330 
3331 	if (!sta->wme) {
3332 		arvif->num_legacy_stations--;
3333 		ret = ath10k_recalc_rtscts_prot(arvif);
3334 		if (ret) {
3335 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3336 				    arvif->vdev_id, ret);
3337 			return ret;
3338 		}
3339 	}
3340 
3341 	ret = ath10k_clear_peer_keys(arvif, sta->addr);
3342 	if (ret) {
3343 		ath10k_warn(ar, "failed to clear all peer wep keys for vdev %i: %d\n",
3344 			    arvif->vdev_id, ret);
3345 		return ret;
3346 	}
3347 
3348 	return ret;
3349 }
3350 
3351 /**************/
3352 /* Regulatory */
3353 /**************/
3354 
3355 static int ath10k_update_channel_list(struct ath10k *ar)
3356 {
3357 	struct ieee80211_hw *hw = ar->hw;
3358 	struct ieee80211_supported_band **bands;
3359 	enum nl80211_band band;
3360 	struct ieee80211_channel *channel;
3361 	struct wmi_scan_chan_list_arg arg = {0};
3362 	struct wmi_channel_arg *ch;
3363 	bool passive;
3364 	int len;
3365 	int ret;
3366 	int i;
3367 
3368 	lockdep_assert_held(&ar->conf_mutex);
3369 
3370 	bands = hw->wiphy->bands;
3371 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3372 		if (!bands[band])
3373 			continue;
3374 
3375 		for (i = 0; i < bands[band]->n_channels; i++) {
3376 			if (bands[band]->channels[i].flags &
3377 			    IEEE80211_CHAN_DISABLED)
3378 				continue;
3379 
3380 			arg.n_channels++;
3381 		}
3382 	}
3383 
3384 	len = sizeof(struct wmi_channel_arg) * arg.n_channels;
3385 	arg.channels = kzalloc(len, GFP_KERNEL);
3386 	if (!arg.channels)
3387 		return -ENOMEM;
3388 
3389 	ch = arg.channels;
3390 	for (band = 0; band < NUM_NL80211_BANDS; band++) {
3391 		if (!bands[band])
3392 			continue;
3393 
3394 		for (i = 0; i < bands[band]->n_channels; i++) {
3395 			channel = &bands[band]->channels[i];
3396 
3397 			if (channel->flags & IEEE80211_CHAN_DISABLED)
3398 				continue;
3399 
3400 			ch->allow_ht = true;
3401 
3402 			/* FIXME: when should we really allow VHT? */
3403 			ch->allow_vht = true;
3404 
3405 			ch->allow_ibss =
3406 				!(channel->flags & IEEE80211_CHAN_NO_IR);
3407 
3408 			ch->ht40plus =
3409 				!(channel->flags & IEEE80211_CHAN_NO_HT40PLUS);
3410 
3411 			ch->chan_radar =
3412 				!!(channel->flags & IEEE80211_CHAN_RADAR);
3413 
3414 			passive = channel->flags & IEEE80211_CHAN_NO_IR;
3415 			ch->passive = passive;
3416 
3417 			/* the firmware is ignoring the "radar" flag of the
3418 			 * channel and is scanning actively using Probe Requests
3419 			 * on "Radar detection"/DFS channels which are not
3420 			 * marked as "available"
3421 			 */
3422 			ch->passive |= ch->chan_radar;
3423 
3424 			ch->freq = channel->center_freq;
3425 			ch->band_center_freq1 = channel->center_freq;
3426 			ch->min_power = 0;
3427 			ch->max_power = channel->max_power * 2;
3428 			ch->max_reg_power = channel->max_reg_power * 2;
3429 			ch->max_antenna_gain = channel->max_antenna_gain;
3430 			ch->reg_class_id = 0; /* FIXME */
3431 
3432 			/* FIXME: why use only legacy modes, why not any
3433 			 * HT/VHT modes? Would that even make any
3434 			 * difference?
3435 			 */
3436 			if (channel->band == NL80211_BAND_2GHZ)
3437 				ch->mode = MODE_11G;
3438 			else
3439 				ch->mode = MODE_11A;
3440 
3441 			if (WARN_ON_ONCE(ch->mode == MODE_UNKNOWN))
3442 				continue;
3443 
3444 			ath10k_dbg(ar, ATH10K_DBG_WMI,
3445 				   "mac channel [%zd/%d] freq %d maxpower %d regpower %d antenna %d mode %d\n",
3446 				    ch - arg.channels, arg.n_channels,
3447 				   ch->freq, ch->max_power, ch->max_reg_power,
3448 				   ch->max_antenna_gain, ch->mode);
3449 
3450 			ch++;
3451 		}
3452 	}
3453 
3454 	ret = ath10k_wmi_scan_chan_list(ar, &arg);
3455 	kfree(arg.channels);
3456 
3457 	return ret;
3458 }
3459 
3460 static enum wmi_dfs_region
3461 ath10k_mac_get_dfs_region(enum nl80211_dfs_regions dfs_region)
3462 {
3463 	switch (dfs_region) {
3464 	case NL80211_DFS_UNSET:
3465 		return WMI_UNINIT_DFS_DOMAIN;
3466 	case NL80211_DFS_FCC:
3467 		return WMI_FCC_DFS_DOMAIN;
3468 	case NL80211_DFS_ETSI:
3469 		return WMI_ETSI_DFS_DOMAIN;
3470 	case NL80211_DFS_JP:
3471 		return WMI_MKK4_DFS_DOMAIN;
3472 	}
3473 	return WMI_UNINIT_DFS_DOMAIN;
3474 }
3475 
3476 static void ath10k_regd_update(struct ath10k *ar)
3477 {
3478 	struct reg_dmn_pair_mapping *regpair;
3479 	int ret;
3480 	enum wmi_dfs_region wmi_dfs_reg;
3481 	enum nl80211_dfs_regions nl_dfs_reg;
3482 
3483 	lockdep_assert_held(&ar->conf_mutex);
3484 
3485 	ret = ath10k_update_channel_list(ar);
3486 	if (ret)
3487 		ath10k_warn(ar, "failed to update channel list: %d\n", ret);
3488 
3489 	regpair = ar->ath_common.regulatory.regpair;
3490 
3491 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3492 		nl_dfs_reg = ar->dfs_detector->region;
3493 		wmi_dfs_reg = ath10k_mac_get_dfs_region(nl_dfs_reg);
3494 	} else {
3495 		wmi_dfs_reg = WMI_UNINIT_DFS_DOMAIN;
3496 	}
3497 
3498 	/* Target allows setting up per-band regdomain but ath_common provides
3499 	 * a combined one only
3500 	 */
3501 	ret = ath10k_wmi_pdev_set_regdomain(ar,
3502 					    regpair->reg_domain,
3503 					    regpair->reg_domain, /* 2ghz */
3504 					    regpair->reg_domain, /* 5ghz */
3505 					    regpair->reg_2ghz_ctl,
3506 					    regpair->reg_5ghz_ctl,
3507 					    wmi_dfs_reg);
3508 	if (ret)
3509 		ath10k_warn(ar, "failed to set pdev regdomain: %d\n", ret);
3510 }
3511 
3512 static void ath10k_mac_update_channel_list(struct ath10k *ar,
3513 					   struct ieee80211_supported_band *band)
3514 {
3515 	int i;
3516 
3517 	if (ar->low_5ghz_chan && ar->high_5ghz_chan) {
3518 		for (i = 0; i < band->n_channels; i++) {
3519 			if (band->channels[i].center_freq < ar->low_5ghz_chan ||
3520 			    band->channels[i].center_freq > ar->high_5ghz_chan)
3521 				band->channels[i].flags |=
3522 					IEEE80211_CHAN_DISABLED;
3523 		}
3524 	}
3525 }
3526 
3527 static void ath10k_reg_notifier(struct wiphy *wiphy,
3528 				struct regulatory_request *request)
3529 {
3530 	struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
3531 	struct ath10k *ar = hw->priv;
3532 	bool result;
3533 
3534 	ath_reg_notifier_apply(wiphy, request, &ar->ath_common.regulatory);
3535 
3536 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
3537 		ath10k_dbg(ar, ATH10K_DBG_REGULATORY, "dfs region 0x%x\n",
3538 			   request->dfs_region);
3539 		result = ar->dfs_detector->set_dfs_domain(ar->dfs_detector,
3540 							  request->dfs_region);
3541 		if (!result)
3542 			ath10k_warn(ar, "DFS region 0x%X not supported, will trigger radar for every pulse\n",
3543 				    request->dfs_region);
3544 	}
3545 
3546 	mutex_lock(&ar->conf_mutex);
3547 	if (ar->state == ATH10K_STATE_ON)
3548 		ath10k_regd_update(ar);
3549 	mutex_unlock(&ar->conf_mutex);
3550 
3551 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
3552 		ath10k_mac_update_channel_list(ar,
3553 					       ar->hw->wiphy->bands[NL80211_BAND_5GHZ]);
3554 }
3555 
3556 static void ath10k_stop_radar_confirmation(struct ath10k *ar)
3557 {
3558 	spin_lock_bh(&ar->data_lock);
3559 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_STOPPED;
3560 	spin_unlock_bh(&ar->data_lock);
3561 
3562 	cancel_work_sync(&ar->radar_confirmation_work);
3563 }
3564 
3565 /***************/
3566 /* TX handlers */
3567 /***************/
3568 
3569 enum ath10k_mac_tx_path {
3570 	ATH10K_MAC_TX_HTT,
3571 	ATH10K_MAC_TX_HTT_MGMT,
3572 	ATH10K_MAC_TX_WMI_MGMT,
3573 	ATH10K_MAC_TX_UNKNOWN,
3574 };
3575 
3576 void ath10k_mac_tx_lock(struct ath10k *ar, int reason)
3577 {
3578 	lockdep_assert_held(&ar->htt.tx_lock);
3579 
3580 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3581 	ar->tx_paused |= BIT(reason);
3582 	ieee80211_stop_queues(ar->hw);
3583 }
3584 
3585 static void ath10k_mac_tx_unlock_iter(void *data, u8 *mac,
3586 				      struct ieee80211_vif *vif)
3587 {
3588 	struct ath10k *ar = data;
3589 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3590 
3591 	if (arvif->tx_paused)
3592 		return;
3593 
3594 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3595 }
3596 
3597 void ath10k_mac_tx_unlock(struct ath10k *ar, int reason)
3598 {
3599 	lockdep_assert_held(&ar->htt.tx_lock);
3600 
3601 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3602 	ar->tx_paused &= ~BIT(reason);
3603 
3604 	if (ar->tx_paused)
3605 		return;
3606 
3607 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3608 						   ATH10K_ITER_RESUME_FLAGS,
3609 						   ath10k_mac_tx_unlock_iter,
3610 						   ar);
3611 
3612 	ieee80211_wake_queue(ar->hw, ar->hw->offchannel_tx_hw_queue);
3613 }
3614 
3615 void ath10k_mac_vif_tx_lock(struct ath10k_vif *arvif, int reason)
3616 {
3617 	struct ath10k *ar = arvif->ar;
3618 
3619 	lockdep_assert_held(&ar->htt.tx_lock);
3620 
3621 	WARN_ON(reason >= BITS_PER_LONG);
3622 	arvif->tx_paused |= BIT(reason);
3623 	ieee80211_stop_queue(ar->hw, arvif->vdev_id);
3624 }
3625 
3626 void ath10k_mac_vif_tx_unlock(struct ath10k_vif *arvif, int reason)
3627 {
3628 	struct ath10k *ar = arvif->ar;
3629 
3630 	lockdep_assert_held(&ar->htt.tx_lock);
3631 
3632 	WARN_ON(reason >= BITS_PER_LONG);
3633 	arvif->tx_paused &= ~BIT(reason);
3634 
3635 	if (ar->tx_paused)
3636 		return;
3637 
3638 	if (arvif->tx_paused)
3639 		return;
3640 
3641 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3642 }
3643 
3644 static void ath10k_mac_vif_handle_tx_pause(struct ath10k_vif *arvif,
3645 					   enum wmi_tlv_tx_pause_id pause_id,
3646 					   enum wmi_tlv_tx_pause_action action)
3647 {
3648 	struct ath10k *ar = arvif->ar;
3649 
3650 	lockdep_assert_held(&ar->htt.tx_lock);
3651 
3652 	switch (action) {
3653 	case WMI_TLV_TX_PAUSE_ACTION_STOP:
3654 		ath10k_mac_vif_tx_lock(arvif, pause_id);
3655 		break;
3656 	case WMI_TLV_TX_PAUSE_ACTION_WAKE:
3657 		ath10k_mac_vif_tx_unlock(arvif, pause_id);
3658 		break;
3659 	default:
3660 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
3661 			   "received unknown tx pause action %d on vdev %i, ignoring\n",
3662 			    action, arvif->vdev_id);
3663 		break;
3664 	}
3665 }
3666 
3667 struct ath10k_mac_tx_pause {
3668 	u32 vdev_id;
3669 	enum wmi_tlv_tx_pause_id pause_id;
3670 	enum wmi_tlv_tx_pause_action action;
3671 };
3672 
3673 static void ath10k_mac_handle_tx_pause_iter(void *data, u8 *mac,
3674 					    struct ieee80211_vif *vif)
3675 {
3676 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3677 	struct ath10k_mac_tx_pause *arg = data;
3678 
3679 	if (arvif->vdev_id != arg->vdev_id)
3680 		return;
3681 
3682 	ath10k_mac_vif_handle_tx_pause(arvif, arg->pause_id, arg->action);
3683 }
3684 
3685 void ath10k_mac_handle_tx_pause_vdev(struct ath10k *ar, u32 vdev_id,
3686 				     enum wmi_tlv_tx_pause_id pause_id,
3687 				     enum wmi_tlv_tx_pause_action action)
3688 {
3689 	struct ath10k_mac_tx_pause arg = {
3690 		.vdev_id = vdev_id,
3691 		.pause_id = pause_id,
3692 		.action = action,
3693 	};
3694 
3695 	spin_lock_bh(&ar->htt.tx_lock);
3696 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3697 						   ATH10K_ITER_RESUME_FLAGS,
3698 						   ath10k_mac_handle_tx_pause_iter,
3699 						   &arg);
3700 	spin_unlock_bh(&ar->htt.tx_lock);
3701 }
3702 
3703 static enum ath10k_hw_txrx_mode
3704 ath10k_mac_tx_h_get_txmode(struct ath10k *ar,
3705 			   struct ieee80211_vif *vif,
3706 			   struct ieee80211_sta *sta,
3707 			   struct sk_buff *skb)
3708 {
3709 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3710 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
3711 	__le16 fc = hdr->frame_control;
3712 
3713 	if (!vif || vif->type == NL80211_IFTYPE_MONITOR)
3714 		return ATH10K_HW_TXRX_RAW;
3715 
3716 	if (ieee80211_is_mgmt(fc))
3717 		return ATH10K_HW_TXRX_MGMT;
3718 
3719 	/* Workaround:
3720 	 *
3721 	 * NullFunc frames are mostly used to ping if a client or AP are still
3722 	 * reachable and responsive. This implies tx status reports must be
3723 	 * accurate - otherwise either mac80211 or userspace (e.g. hostapd) can
3724 	 * come to a conclusion that the other end disappeared and tear down
3725 	 * BSS connection or it can never disconnect from BSS/client (which is
3726 	 * the case).
3727 	 *
3728 	 * Firmware with HTT older than 3.0 delivers incorrect tx status for
3729 	 * NullFunc frames to driver. However there's a HTT Mgmt Tx command
3730 	 * which seems to deliver correct tx reports for NullFunc frames. The
3731 	 * downside of using it is it ignores client powersave state so it can
3732 	 * end up disconnecting sleeping clients in AP mode. It should fix STA
3733 	 * mode though because AP don't sleep.
3734 	 */
3735 	if (ar->htt.target_version_major < 3 &&
3736 	    (ieee80211_is_nullfunc(fc) || ieee80211_is_qos_nullfunc(fc)) &&
3737 	    !test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3738 		      ar->running_fw->fw_file.fw_features))
3739 		return ATH10K_HW_TXRX_MGMT;
3740 
3741 	/* Workaround:
3742 	 *
3743 	 * Some wmi-tlv firmwares for qca6174 have broken Tx key selection for
3744 	 * NativeWifi txmode - it selects AP key instead of peer key. It seems
3745 	 * to work with Ethernet txmode so use it.
3746 	 *
3747 	 * FIXME: Check if raw mode works with TDLS.
3748 	 */
3749 	if (ieee80211_is_data_present(fc) && sta && sta->tdls)
3750 		return ATH10K_HW_TXRX_ETHERNET;
3751 
3752 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) ||
3753 	    skb_cb->flags & ATH10K_SKB_F_RAW_TX)
3754 		return ATH10K_HW_TXRX_RAW;
3755 
3756 	return ATH10K_HW_TXRX_NATIVE_WIFI;
3757 }
3758 
3759 static bool ath10k_tx_h_use_hwcrypto(struct ieee80211_vif *vif,
3760 				     struct sk_buff *skb)
3761 {
3762 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3763 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3764 	const u32 mask = IEEE80211_TX_INTFL_DONT_ENCRYPT |
3765 			 IEEE80211_TX_CTL_INJECTED;
3766 
3767 	if (!ieee80211_has_protected(hdr->frame_control))
3768 		return false;
3769 
3770 	if ((info->flags & mask) == mask)
3771 		return false;
3772 
3773 	if (vif)
3774 		return !((struct ath10k_vif *)vif->drv_priv)->nohwcrypt;
3775 
3776 	return true;
3777 }
3778 
3779 /* HTT Tx uses Native Wifi tx mode which expects 802.11 frames without QoS
3780  * Control in the header.
3781  */
3782 static void ath10k_tx_h_nwifi(struct ieee80211_hw *hw, struct sk_buff *skb)
3783 {
3784 	struct ieee80211_hdr *hdr = (void *)skb->data;
3785 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3786 	u8 *qos_ctl;
3787 
3788 	if (!ieee80211_is_data_qos(hdr->frame_control))
3789 		return;
3790 
3791 	qos_ctl = ieee80211_get_qos_ctl(hdr);
3792 	memmove(skb->data + IEEE80211_QOS_CTL_LEN,
3793 		skb->data, (void *)qos_ctl - (void *)skb->data);
3794 	skb_pull(skb, IEEE80211_QOS_CTL_LEN);
3795 
3796 	/* Some firmware revisions don't handle sending QoS NullFunc well.
3797 	 * These frames are mainly used for CQM purposes so it doesn't really
3798 	 * matter whether QoS NullFunc or NullFunc are sent.
3799 	 */
3800 	hdr = (void *)skb->data;
3801 	if (ieee80211_is_qos_nullfunc(hdr->frame_control))
3802 		cb->flags &= ~ATH10K_SKB_F_QOS;
3803 
3804 	hdr->frame_control &= ~__cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
3805 }
3806 
3807 static void ath10k_tx_h_8023(struct sk_buff *skb)
3808 {
3809 	struct ieee80211_hdr *hdr;
3810 	struct rfc1042_hdr *rfc1042;
3811 	struct ethhdr *eth;
3812 	size_t hdrlen;
3813 	u8 da[ETH_ALEN];
3814 	u8 sa[ETH_ALEN];
3815 	__be16 type;
3816 
3817 	hdr = (void *)skb->data;
3818 	hdrlen = ieee80211_hdrlen(hdr->frame_control);
3819 	rfc1042 = (void *)skb->data + hdrlen;
3820 
3821 	ether_addr_copy(da, ieee80211_get_DA(hdr));
3822 	ether_addr_copy(sa, ieee80211_get_SA(hdr));
3823 	type = rfc1042->snap_type;
3824 
3825 	skb_pull(skb, hdrlen + sizeof(*rfc1042));
3826 	skb_push(skb, sizeof(*eth));
3827 
3828 	eth = (void *)skb->data;
3829 	ether_addr_copy(eth->h_dest, da);
3830 	ether_addr_copy(eth->h_source, sa);
3831 	eth->h_proto = type;
3832 }
3833 
3834 static void ath10k_tx_h_add_p2p_noa_ie(struct ath10k *ar,
3835 				       struct ieee80211_vif *vif,
3836 				       struct sk_buff *skb)
3837 {
3838 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
3839 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3840 
3841 	/* This is case only for P2P_GO */
3842 	if (vif->type != NL80211_IFTYPE_AP || !vif->p2p)
3843 		return;
3844 
3845 	if (unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
3846 		spin_lock_bh(&ar->data_lock);
3847 		if (arvif->u.ap.noa_data)
3848 			if (!pskb_expand_head(skb, 0, arvif->u.ap.noa_len,
3849 					      GFP_ATOMIC))
3850 				skb_put_data(skb, arvif->u.ap.noa_data,
3851 					     arvif->u.ap.noa_len);
3852 		spin_unlock_bh(&ar->data_lock);
3853 	}
3854 }
3855 
3856 static void ath10k_mac_tx_h_fill_cb(struct ath10k *ar,
3857 				    struct ieee80211_vif *vif,
3858 				    struct ieee80211_txq *txq,
3859 				    struct ieee80211_sta *sta,
3860 				    struct sk_buff *skb, u16 airtime)
3861 {
3862 	struct ieee80211_hdr *hdr = (void *)skb->data;
3863 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3864 	const struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3865 	bool is_data = ieee80211_is_data(hdr->frame_control) ||
3866 			ieee80211_is_data_qos(hdr->frame_control);
3867 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
3868 	struct ath10k_sta *arsta;
3869 	u8 tid, *qos_ctl;
3870 	bool noack = false;
3871 
3872 	cb->flags = 0;
3873 	if (!ath10k_tx_h_use_hwcrypto(vif, skb))
3874 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3875 
3876 	if (ieee80211_is_mgmt(hdr->frame_control))
3877 		cb->flags |= ATH10K_SKB_F_MGMT;
3878 
3879 	if (ieee80211_is_data_qos(hdr->frame_control)) {
3880 		cb->flags |= ATH10K_SKB_F_QOS;
3881 		qos_ctl = ieee80211_get_qos_ctl(hdr);
3882 		tid = (*qos_ctl) & IEEE80211_QOS_CTL_TID_MASK;
3883 
3884 		if (arvif->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3885 			noack = true;
3886 
3887 		if (sta) {
3888 			arsta = (struct ath10k_sta *)sta->drv_priv;
3889 
3890 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_NOACK)
3891 				noack = true;
3892 
3893 			if (arsta->noack[tid] == WMI_PEER_TID_CONFIG_ACK)
3894 				noack = false;
3895 		}
3896 
3897 		if (noack)
3898 			cb->flags |= ATH10K_SKB_F_NOACK_TID;
3899 	}
3900 
3901 	/* Data frames encrypted in software will be posted to firmware
3902 	 * with tx encap mode set to RAW. Ex: Multicast traffic generated
3903 	 * for a specific VLAN group will always be encrypted in software.
3904 	 */
3905 	if (is_data && ieee80211_has_protected(hdr->frame_control) &&
3906 	    !info->control.hw_key) {
3907 		cb->flags |= ATH10K_SKB_F_NO_HWCRYPT;
3908 		cb->flags |= ATH10K_SKB_F_RAW_TX;
3909 	}
3910 
3911 	cb->vif = vif;
3912 	cb->txq = txq;
3913 	cb->airtime_est = airtime;
3914 	if (sta) {
3915 		arsta = (struct ath10k_sta *)sta->drv_priv;
3916 		spin_lock_bh(&ar->data_lock);
3917 		cb->ucast_cipher = arsta->ucast_cipher;
3918 		spin_unlock_bh(&ar->data_lock);
3919 	}
3920 }
3921 
3922 bool ath10k_mac_tx_frm_has_freq(struct ath10k *ar)
3923 {
3924 	/* FIXME: Not really sure since when the behaviour changed. At some
3925 	 * point new firmware stopped requiring creation of peer entries for
3926 	 * offchannel tx (and actually creating them causes issues with wmi-htc
3927 	 * tx credit replenishment and reliability). Assuming it's at least 3.4
3928 	 * because that's when the `freq` was introduced to TX_FRM HTT command.
3929 	 */
3930 	return (ar->htt.target_version_major >= 3 &&
3931 		ar->htt.target_version_minor >= 4 &&
3932 		ar->running_fw->fw_file.htt_op_version == ATH10K_FW_HTT_OP_VERSION_TLV);
3933 }
3934 
3935 static int ath10k_mac_tx_wmi_mgmt(struct ath10k *ar, struct sk_buff *skb)
3936 {
3937 	struct sk_buff_head *q = &ar->wmi_mgmt_tx_queue;
3938 
3939 	if (skb_queue_len_lockless(q) >= ATH10K_MAX_NUM_MGMT_PENDING) {
3940 		ath10k_warn(ar, "wmi mgmt tx queue is full\n");
3941 		return -ENOSPC;
3942 	}
3943 
3944 	skb_queue_tail(q, skb);
3945 	ieee80211_queue_work(ar->hw, &ar->wmi_mgmt_tx_work);
3946 
3947 	return 0;
3948 }
3949 
3950 static enum ath10k_mac_tx_path
3951 ath10k_mac_tx_h_get_txpath(struct ath10k *ar,
3952 			   struct sk_buff *skb,
3953 			   enum ath10k_hw_txrx_mode txmode)
3954 {
3955 	switch (txmode) {
3956 	case ATH10K_HW_TXRX_RAW:
3957 	case ATH10K_HW_TXRX_NATIVE_WIFI:
3958 	case ATH10K_HW_TXRX_ETHERNET:
3959 		return ATH10K_MAC_TX_HTT;
3960 	case ATH10K_HW_TXRX_MGMT:
3961 		if (test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3962 			     ar->running_fw->fw_file.fw_features) ||
3963 			     test_bit(WMI_SERVICE_MGMT_TX_WMI,
3964 				      ar->wmi.svc_map))
3965 			return ATH10K_MAC_TX_WMI_MGMT;
3966 		else if (ar->htt.target_version_major >= 3)
3967 			return ATH10K_MAC_TX_HTT;
3968 		else
3969 			return ATH10K_MAC_TX_HTT_MGMT;
3970 	}
3971 
3972 	return ATH10K_MAC_TX_UNKNOWN;
3973 }
3974 
3975 static int ath10k_mac_tx_submit(struct ath10k *ar,
3976 				enum ath10k_hw_txrx_mode txmode,
3977 				enum ath10k_mac_tx_path txpath,
3978 				struct sk_buff *skb)
3979 {
3980 	struct ath10k_htt *htt = &ar->htt;
3981 	int ret = -EINVAL;
3982 
3983 	switch (txpath) {
3984 	case ATH10K_MAC_TX_HTT:
3985 		ret = ath10k_htt_tx(htt, txmode, skb);
3986 		break;
3987 	case ATH10K_MAC_TX_HTT_MGMT:
3988 		ret = ath10k_htt_mgmt_tx(htt, skb);
3989 		break;
3990 	case ATH10K_MAC_TX_WMI_MGMT:
3991 		ret = ath10k_mac_tx_wmi_mgmt(ar, skb);
3992 		break;
3993 	case ATH10K_MAC_TX_UNKNOWN:
3994 		WARN_ON_ONCE(1);
3995 		ret = -EINVAL;
3996 		break;
3997 	}
3998 
3999 	if (ret) {
4000 		ath10k_warn(ar, "failed to transmit packet, dropping: %d\n",
4001 			    ret);
4002 		ieee80211_free_txskb(ar->hw, skb);
4003 	}
4004 
4005 	return ret;
4006 }
4007 
4008 /* This function consumes the sk_buff regardless of return value as far as
4009  * caller is concerned so no freeing is necessary afterwards.
4010  */
4011 static int ath10k_mac_tx(struct ath10k *ar,
4012 			 struct ieee80211_vif *vif,
4013 			 enum ath10k_hw_txrx_mode txmode,
4014 			 enum ath10k_mac_tx_path txpath,
4015 			 struct sk_buff *skb, bool noque_offchan)
4016 {
4017 	struct ieee80211_hw *hw = ar->hw;
4018 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4019 	const struct ath10k_skb_cb *skb_cb = ATH10K_SKB_CB(skb);
4020 	int ret;
4021 
4022 	/* We should disable CCK RATE due to P2P */
4023 	if (info->flags & IEEE80211_TX_CTL_NO_CCK_RATE)
4024 		ath10k_dbg(ar, ATH10K_DBG_MAC, "IEEE80211_TX_CTL_NO_CCK_RATE\n");
4025 
4026 	switch (txmode) {
4027 	case ATH10K_HW_TXRX_MGMT:
4028 	case ATH10K_HW_TXRX_NATIVE_WIFI:
4029 		ath10k_tx_h_nwifi(hw, skb);
4030 		ath10k_tx_h_add_p2p_noa_ie(ar, vif, skb);
4031 		ath10k_tx_h_seq_no(vif, skb);
4032 		break;
4033 	case ATH10K_HW_TXRX_ETHERNET:
4034 		ath10k_tx_h_8023(skb);
4035 		break;
4036 	case ATH10K_HW_TXRX_RAW:
4037 		if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags) &&
4038 		    !(skb_cb->flags & ATH10K_SKB_F_RAW_TX)) {
4039 			WARN_ON_ONCE(1);
4040 			ieee80211_free_txskb(hw, skb);
4041 			return -ENOTSUPP;
4042 		}
4043 	}
4044 
4045 	if (!noque_offchan && info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) {
4046 		if (!ath10k_mac_tx_frm_has_freq(ar)) {
4047 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac queued offchannel skb %pK len %d\n",
4048 				   skb, skb->len);
4049 
4050 			skb_queue_tail(&ar->offchan_tx_queue, skb);
4051 			ieee80211_queue_work(hw, &ar->offchan_tx_work);
4052 			return 0;
4053 		}
4054 	}
4055 
4056 	ret = ath10k_mac_tx_submit(ar, txmode, txpath, skb);
4057 	if (ret) {
4058 		ath10k_warn(ar, "failed to submit frame: %d\n", ret);
4059 		return ret;
4060 	}
4061 
4062 	return 0;
4063 }
4064 
4065 void ath10k_offchan_tx_purge(struct ath10k *ar)
4066 {
4067 	struct sk_buff *skb;
4068 
4069 	for (;;) {
4070 		skb = skb_dequeue(&ar->offchan_tx_queue);
4071 		if (!skb)
4072 			break;
4073 
4074 		ieee80211_free_txskb(ar->hw, skb);
4075 	}
4076 }
4077 
4078 void ath10k_offchan_tx_work(struct work_struct *work)
4079 {
4080 	struct ath10k *ar = container_of(work, struct ath10k, offchan_tx_work);
4081 	struct ath10k_peer *peer;
4082 	struct ath10k_vif *arvif;
4083 	enum ath10k_hw_txrx_mode txmode;
4084 	enum ath10k_mac_tx_path txpath;
4085 	struct ieee80211_hdr *hdr;
4086 	struct ieee80211_vif *vif;
4087 	struct ieee80211_sta *sta;
4088 	struct sk_buff *skb;
4089 	const u8 *peer_addr;
4090 	int vdev_id;
4091 	int ret;
4092 	unsigned long time_left;
4093 	bool tmp_peer_created = false;
4094 
4095 	/* FW requirement: We must create a peer before FW will send out
4096 	 * an offchannel frame. Otherwise the frame will be stuck and
4097 	 * never transmitted. We delete the peer upon tx completion.
4098 	 * It is unlikely that a peer for offchannel tx will already be
4099 	 * present. However it may be in some rare cases so account for that.
4100 	 * Otherwise we might remove a legitimate peer and break stuff.
4101 	 */
4102 
4103 	for (;;) {
4104 		skb = skb_dequeue(&ar->offchan_tx_queue);
4105 		if (!skb)
4106 			break;
4107 
4108 		mutex_lock(&ar->conf_mutex);
4109 
4110 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac offchannel skb %pK len %d\n",
4111 			   skb, skb->len);
4112 
4113 		hdr = (struct ieee80211_hdr *)skb->data;
4114 		peer_addr = ieee80211_get_DA(hdr);
4115 
4116 		spin_lock_bh(&ar->data_lock);
4117 		vdev_id = ar->scan.vdev_id;
4118 		peer = ath10k_peer_find(ar, vdev_id, peer_addr);
4119 		spin_unlock_bh(&ar->data_lock);
4120 
4121 		if (peer)
4122 			ath10k_warn(ar, "peer %pM on vdev %d already present\n",
4123 				    peer_addr, vdev_id);
4124 
4125 		if (!peer) {
4126 			ret = ath10k_peer_create(ar, NULL, NULL, vdev_id,
4127 						 peer_addr,
4128 						 WMI_PEER_TYPE_DEFAULT);
4129 			if (ret)
4130 				ath10k_warn(ar, "failed to create peer %pM on vdev %d: %d\n",
4131 					    peer_addr, vdev_id, ret);
4132 			tmp_peer_created = (ret == 0);
4133 		}
4134 
4135 		spin_lock_bh(&ar->data_lock);
4136 		reinit_completion(&ar->offchan_tx_completed);
4137 		ar->offchan_tx_skb = skb;
4138 		spin_unlock_bh(&ar->data_lock);
4139 
4140 		/* It's safe to access vif and sta - conf_mutex guarantees that
4141 		 * sta_state() and remove_interface() are locked exclusively
4142 		 * out wrt to this offchannel worker.
4143 		 */
4144 		arvif = ath10k_get_arvif(ar, vdev_id);
4145 		if (arvif) {
4146 			vif = arvif->vif;
4147 			sta = ieee80211_find_sta(vif, peer_addr);
4148 		} else {
4149 			vif = NULL;
4150 			sta = NULL;
4151 		}
4152 
4153 		txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4154 		txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4155 
4156 		ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, true);
4157 		if (ret) {
4158 			ath10k_warn(ar, "failed to transmit offchannel frame: %d\n",
4159 				    ret);
4160 			/* not serious */
4161 		}
4162 
4163 		time_left =
4164 		wait_for_completion_timeout(&ar->offchan_tx_completed, 3 * HZ);
4165 		if (time_left == 0)
4166 			ath10k_warn(ar, "timed out waiting for offchannel skb %pK, len: %d\n",
4167 				    skb, skb->len);
4168 
4169 		if (!peer && tmp_peer_created) {
4170 			ret = ath10k_peer_delete(ar, vdev_id, peer_addr);
4171 			if (ret)
4172 				ath10k_warn(ar, "failed to delete peer %pM on vdev %d: %d\n",
4173 					    peer_addr, vdev_id, ret);
4174 		}
4175 
4176 		mutex_unlock(&ar->conf_mutex);
4177 	}
4178 }
4179 
4180 void ath10k_mgmt_over_wmi_tx_purge(struct ath10k *ar)
4181 {
4182 	struct sk_buff *skb;
4183 
4184 	for (;;) {
4185 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4186 		if (!skb)
4187 			break;
4188 
4189 		ieee80211_free_txskb(ar->hw, skb);
4190 	}
4191 }
4192 
4193 void ath10k_mgmt_over_wmi_tx_work(struct work_struct *work)
4194 {
4195 	struct ath10k *ar = container_of(work, struct ath10k, wmi_mgmt_tx_work);
4196 	struct sk_buff *skb;
4197 	dma_addr_t paddr;
4198 	int ret;
4199 
4200 	for (;;) {
4201 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
4202 		if (!skb)
4203 			break;
4204 
4205 		if (test_bit(ATH10K_FW_FEATURE_MGMT_TX_BY_REF,
4206 			     ar->running_fw->fw_file.fw_features)) {
4207 			paddr = dma_map_single(ar->dev, skb->data,
4208 					       skb->len, DMA_TO_DEVICE);
4209 			if (dma_mapping_error(ar->dev, paddr)) {
4210 				ieee80211_free_txskb(ar->hw, skb);
4211 				continue;
4212 			}
4213 			ret = ath10k_wmi_mgmt_tx_send(ar, skb, paddr);
4214 			if (ret) {
4215 				ath10k_warn(ar, "failed to transmit management frame by ref via WMI: %d\n",
4216 					    ret);
4217 				/* remove this msdu from idr tracking */
4218 				ath10k_wmi_cleanup_mgmt_tx_send(ar, skb);
4219 
4220 				dma_unmap_single(ar->dev, paddr, skb->len,
4221 						 DMA_TO_DEVICE);
4222 				ieee80211_free_txskb(ar->hw, skb);
4223 			}
4224 		} else {
4225 			ret = ath10k_wmi_mgmt_tx(ar, skb);
4226 			if (ret) {
4227 				ath10k_warn(ar, "failed to transmit management frame via WMI: %d\n",
4228 					    ret);
4229 				ieee80211_free_txskb(ar->hw, skb);
4230 			}
4231 		}
4232 	}
4233 }
4234 
4235 static void ath10k_mac_txq_init(struct ieee80211_txq *txq)
4236 {
4237 	struct ath10k_txq *artxq;
4238 
4239 	if (!txq)
4240 		return;
4241 
4242 	artxq = (void *)txq->drv_priv;
4243 	INIT_LIST_HEAD(&artxq->list);
4244 }
4245 
4246 static void ath10k_mac_txq_unref(struct ath10k *ar, struct ieee80211_txq *txq)
4247 {
4248 	struct ath10k_skb_cb *cb;
4249 	struct sk_buff *msdu;
4250 	int msdu_id;
4251 
4252 	if (!txq)
4253 		return;
4254 
4255 	spin_lock_bh(&ar->htt.tx_lock);
4256 	idr_for_each_entry(&ar->htt.pending_tx, msdu, msdu_id) {
4257 		cb = ATH10K_SKB_CB(msdu);
4258 		if (cb->txq == txq)
4259 			cb->txq = NULL;
4260 	}
4261 	spin_unlock_bh(&ar->htt.tx_lock);
4262 }
4263 
4264 struct ieee80211_txq *ath10k_mac_txq_lookup(struct ath10k *ar,
4265 					    u16 peer_id,
4266 					    u8 tid)
4267 {
4268 	struct ath10k_peer *peer;
4269 
4270 	lockdep_assert_held(&ar->data_lock);
4271 
4272 	peer = ar->peer_map[peer_id];
4273 	if (!peer)
4274 		return NULL;
4275 
4276 	if (peer->removed)
4277 		return NULL;
4278 
4279 	if (peer->sta)
4280 		return peer->sta->txq[tid];
4281 	else if (peer->vif)
4282 		return peer->vif->txq;
4283 	else
4284 		return NULL;
4285 }
4286 
4287 static bool ath10k_mac_tx_can_push(struct ieee80211_hw *hw,
4288 				   struct ieee80211_txq *txq)
4289 {
4290 	struct ath10k *ar = hw->priv;
4291 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4292 
4293 	/* No need to get locks */
4294 	if (ar->htt.tx_q_state.mode == HTT_TX_MODE_SWITCH_PUSH)
4295 		return true;
4296 
4297 	if (ar->htt.num_pending_tx < ar->htt.tx_q_state.num_push_allowed)
4298 		return true;
4299 
4300 	if (artxq->num_fw_queued < artxq->num_push_allowed)
4301 		return true;
4302 
4303 	return false;
4304 }
4305 
4306 /* Return estimated airtime in microsecond, which is calculated using last
4307  * reported TX rate. This is just a rough estimation because host driver has no
4308  * knowledge of the actual transmit rate, retries or aggregation. If actual
4309  * airtime can be reported by firmware, then delta between estimated and actual
4310  * airtime can be adjusted from deficit.
4311  */
4312 #define IEEE80211_ATF_OVERHEAD		100	/* IFS + some slot time */
4313 #define IEEE80211_ATF_OVERHEAD_IFS	16	/* IFS only */
4314 static u16 ath10k_mac_update_airtime(struct ath10k *ar,
4315 				     struct ieee80211_txq *txq,
4316 				     struct sk_buff *skb)
4317 {
4318 	struct ath10k_sta *arsta;
4319 	u32 pktlen;
4320 	u16 airtime = 0;
4321 
4322 	if (!txq || !txq->sta)
4323 		return airtime;
4324 
4325 	if (test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
4326 		return airtime;
4327 
4328 	spin_lock_bh(&ar->data_lock);
4329 	arsta = (struct ath10k_sta *)txq->sta->drv_priv;
4330 
4331 	pktlen = skb->len + 38; /* Assume MAC header 30, SNAP 8 for most case */
4332 	if (arsta->last_tx_bitrate) {
4333 		/* airtime in us, last_tx_bitrate in 100kbps */
4334 		airtime = (pktlen * 8 * (1000 / 100))
4335 				/ arsta->last_tx_bitrate;
4336 		/* overhead for media access time and IFS */
4337 		airtime += IEEE80211_ATF_OVERHEAD_IFS;
4338 	} else {
4339 		/* This is mostly for throttle excessive BC/MC frames, and the
4340 		 * airtime/rate doesn't need be exact. Airtime of BC/MC frames
4341 		 * in 2G get some discount, which helps prevent very low rate
4342 		 * frames from being blocked for too long.
4343 		 */
4344 		airtime = (pktlen * 8 * (1000 / 100)) / 60; /* 6M */
4345 		airtime += IEEE80211_ATF_OVERHEAD;
4346 	}
4347 	spin_unlock_bh(&ar->data_lock);
4348 
4349 	return airtime;
4350 }
4351 
4352 int ath10k_mac_tx_push_txq(struct ieee80211_hw *hw,
4353 			   struct ieee80211_txq *txq)
4354 {
4355 	struct ath10k *ar = hw->priv;
4356 	struct ath10k_htt *htt = &ar->htt;
4357 	struct ath10k_txq *artxq = (void *)txq->drv_priv;
4358 	struct ieee80211_vif *vif = txq->vif;
4359 	struct ieee80211_sta *sta = txq->sta;
4360 	enum ath10k_hw_txrx_mode txmode;
4361 	enum ath10k_mac_tx_path txpath;
4362 	struct sk_buff *skb;
4363 	struct ieee80211_hdr *hdr;
4364 	size_t skb_len;
4365 	bool is_mgmt, is_presp;
4366 	int ret;
4367 	u16 airtime;
4368 
4369 	spin_lock_bh(&ar->htt.tx_lock);
4370 	ret = ath10k_htt_tx_inc_pending(htt);
4371 	spin_unlock_bh(&ar->htt.tx_lock);
4372 
4373 	if (ret)
4374 		return ret;
4375 
4376 	skb = ieee80211_tx_dequeue_ni(hw, txq);
4377 	if (!skb) {
4378 		spin_lock_bh(&ar->htt.tx_lock);
4379 		ath10k_htt_tx_dec_pending(htt);
4380 		spin_unlock_bh(&ar->htt.tx_lock);
4381 
4382 		return -ENOENT;
4383 	}
4384 
4385 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4386 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4387 
4388 	skb_len = skb->len;
4389 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4390 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4391 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4392 
4393 	if (is_mgmt) {
4394 		hdr = (struct ieee80211_hdr *)skb->data;
4395 		is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4396 
4397 		spin_lock_bh(&ar->htt.tx_lock);
4398 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4399 
4400 		if (ret) {
4401 			ath10k_htt_tx_dec_pending(htt);
4402 			spin_unlock_bh(&ar->htt.tx_lock);
4403 			return ret;
4404 		}
4405 		spin_unlock_bh(&ar->htt.tx_lock);
4406 	}
4407 
4408 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4409 	if (unlikely(ret)) {
4410 		ath10k_warn(ar, "failed to push frame: %d\n", ret);
4411 
4412 		spin_lock_bh(&ar->htt.tx_lock);
4413 		ath10k_htt_tx_dec_pending(htt);
4414 		if (is_mgmt)
4415 			ath10k_htt_tx_mgmt_dec_pending(htt);
4416 		spin_unlock_bh(&ar->htt.tx_lock);
4417 
4418 		return ret;
4419 	}
4420 
4421 	spin_lock_bh(&ar->htt.tx_lock);
4422 	artxq->num_fw_queued++;
4423 	spin_unlock_bh(&ar->htt.tx_lock);
4424 
4425 	return skb_len;
4426 }
4427 
4428 static int ath10k_mac_schedule_txq(struct ieee80211_hw *hw, u32 ac)
4429 {
4430 	struct ieee80211_txq *txq;
4431 	int ret = 0;
4432 
4433 	ieee80211_txq_schedule_start(hw, ac);
4434 	while ((txq = ieee80211_next_txq(hw, ac))) {
4435 		while (ath10k_mac_tx_can_push(hw, txq)) {
4436 			ret = ath10k_mac_tx_push_txq(hw, txq);
4437 			if (ret < 0)
4438 				break;
4439 		}
4440 		ieee80211_return_txq(hw, txq, false);
4441 		ath10k_htt_tx_txq_update(hw, txq);
4442 		if (ret == -EBUSY)
4443 			break;
4444 	}
4445 	ieee80211_txq_schedule_end(hw, ac);
4446 
4447 	return ret;
4448 }
4449 
4450 void ath10k_mac_tx_push_pending(struct ath10k *ar)
4451 {
4452 	struct ieee80211_hw *hw = ar->hw;
4453 	u32 ac;
4454 
4455 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4456 		return;
4457 
4458 	if (ar->htt.num_pending_tx >= (ar->htt.max_num_pending_tx / 2))
4459 		return;
4460 
4461 	rcu_read_lock();
4462 	for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
4463 		if (ath10k_mac_schedule_txq(hw, ac) == -EBUSY)
4464 			break;
4465 	}
4466 	rcu_read_unlock();
4467 }
4468 EXPORT_SYMBOL(ath10k_mac_tx_push_pending);
4469 
4470 /************/
4471 /* Scanning */
4472 /************/
4473 
4474 void __ath10k_scan_finish(struct ath10k *ar)
4475 {
4476 	lockdep_assert_held(&ar->data_lock);
4477 
4478 	switch (ar->scan.state) {
4479 	case ATH10K_SCAN_IDLE:
4480 		break;
4481 	case ATH10K_SCAN_RUNNING:
4482 	case ATH10K_SCAN_ABORTING:
4483 		if (!ar->scan.is_roc) {
4484 			struct cfg80211_scan_info info = {
4485 				.aborted = (ar->scan.state ==
4486 					    ATH10K_SCAN_ABORTING),
4487 			};
4488 
4489 			ieee80211_scan_completed(ar->hw, &info);
4490 		} else if (ar->scan.roc_notify) {
4491 			ieee80211_remain_on_channel_expired(ar->hw);
4492 		}
4493 		fallthrough;
4494 	case ATH10K_SCAN_STARTING:
4495 		ar->scan.state = ATH10K_SCAN_IDLE;
4496 		ar->scan_channel = NULL;
4497 		ar->scan.roc_freq = 0;
4498 		ath10k_offchan_tx_purge(ar);
4499 		cancel_delayed_work(&ar->scan.timeout);
4500 		complete(&ar->scan.completed);
4501 		break;
4502 	}
4503 }
4504 
4505 void ath10k_scan_finish(struct ath10k *ar)
4506 {
4507 	spin_lock_bh(&ar->data_lock);
4508 	__ath10k_scan_finish(ar);
4509 	spin_unlock_bh(&ar->data_lock);
4510 }
4511 
4512 static int ath10k_scan_stop(struct ath10k *ar)
4513 {
4514 	struct wmi_stop_scan_arg arg = {
4515 		.req_id = 1, /* FIXME */
4516 		.req_type = WMI_SCAN_STOP_ONE,
4517 		.u.scan_id = ATH10K_SCAN_ID,
4518 	};
4519 	int ret;
4520 
4521 	lockdep_assert_held(&ar->conf_mutex);
4522 
4523 	ret = ath10k_wmi_stop_scan(ar, &arg);
4524 	if (ret) {
4525 		ath10k_warn(ar, "failed to stop wmi scan: %d\n", ret);
4526 		goto out;
4527 	}
4528 
4529 	ret = wait_for_completion_timeout(&ar->scan.completed, 3 * HZ);
4530 	if (ret == 0) {
4531 		ath10k_warn(ar, "failed to receive scan abortion completion: timed out\n");
4532 		ret = -ETIMEDOUT;
4533 	} else if (ret > 0) {
4534 		ret = 0;
4535 	}
4536 
4537 out:
4538 	/* Scan state should be updated upon scan completion but in case
4539 	 * firmware fails to deliver the event (for whatever reason) it is
4540 	 * desired to clean up scan state anyway. Firmware may have just
4541 	 * dropped the scan completion event delivery due to transport pipe
4542 	 * being overflown with data and/or it can recover on its own before
4543 	 * next scan request is submitted.
4544 	 */
4545 	spin_lock_bh(&ar->data_lock);
4546 	if (ar->scan.state != ATH10K_SCAN_IDLE)
4547 		__ath10k_scan_finish(ar);
4548 	spin_unlock_bh(&ar->data_lock);
4549 
4550 	return ret;
4551 }
4552 
4553 static void ath10k_scan_abort(struct ath10k *ar)
4554 {
4555 	int ret;
4556 
4557 	lockdep_assert_held(&ar->conf_mutex);
4558 
4559 	spin_lock_bh(&ar->data_lock);
4560 
4561 	switch (ar->scan.state) {
4562 	case ATH10K_SCAN_IDLE:
4563 		/* This can happen if timeout worker kicked in and called
4564 		 * abortion while scan completion was being processed.
4565 		 */
4566 		break;
4567 	case ATH10K_SCAN_STARTING:
4568 	case ATH10K_SCAN_ABORTING:
4569 		ath10k_warn(ar, "refusing scan abortion due to invalid scan state: %s (%d)\n",
4570 			    ath10k_scan_state_str(ar->scan.state),
4571 			    ar->scan.state);
4572 		break;
4573 	case ATH10K_SCAN_RUNNING:
4574 		ar->scan.state = ATH10K_SCAN_ABORTING;
4575 		spin_unlock_bh(&ar->data_lock);
4576 
4577 		ret = ath10k_scan_stop(ar);
4578 		if (ret)
4579 			ath10k_warn(ar, "failed to abort scan: %d\n", ret);
4580 
4581 		spin_lock_bh(&ar->data_lock);
4582 		break;
4583 	}
4584 
4585 	spin_unlock_bh(&ar->data_lock);
4586 }
4587 
4588 void ath10k_scan_timeout_work(struct work_struct *work)
4589 {
4590 	struct ath10k *ar = container_of(work, struct ath10k,
4591 					 scan.timeout.work);
4592 
4593 	mutex_lock(&ar->conf_mutex);
4594 	ath10k_scan_abort(ar);
4595 	mutex_unlock(&ar->conf_mutex);
4596 }
4597 
4598 static int ath10k_start_scan(struct ath10k *ar,
4599 			     const struct wmi_start_scan_arg *arg)
4600 {
4601 	int ret;
4602 
4603 	lockdep_assert_held(&ar->conf_mutex);
4604 
4605 	ret = ath10k_wmi_start_scan(ar, arg);
4606 	if (ret)
4607 		return ret;
4608 
4609 	ret = wait_for_completion_timeout(&ar->scan.started, 1 * HZ);
4610 	if (ret == 0) {
4611 		ret = ath10k_scan_stop(ar);
4612 		if (ret)
4613 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
4614 
4615 		return -ETIMEDOUT;
4616 	}
4617 
4618 	/* If we failed to start the scan, return error code at
4619 	 * this point.  This is probably due to some issue in the
4620 	 * firmware, but no need to wedge the driver due to that...
4621 	 */
4622 	spin_lock_bh(&ar->data_lock);
4623 	if (ar->scan.state == ATH10K_SCAN_IDLE) {
4624 		spin_unlock_bh(&ar->data_lock);
4625 		return -EINVAL;
4626 	}
4627 	spin_unlock_bh(&ar->data_lock);
4628 
4629 	return 0;
4630 }
4631 
4632 /**********************/
4633 /* mac80211 callbacks */
4634 /**********************/
4635 
4636 static void ath10k_mac_op_tx(struct ieee80211_hw *hw,
4637 			     struct ieee80211_tx_control *control,
4638 			     struct sk_buff *skb)
4639 {
4640 	struct ath10k *ar = hw->priv;
4641 	struct ath10k_htt *htt = &ar->htt;
4642 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
4643 	struct ieee80211_vif *vif = info->control.vif;
4644 	struct ieee80211_sta *sta = control->sta;
4645 	struct ieee80211_txq *txq = NULL;
4646 	struct ieee80211_hdr *hdr = (void *)skb->data;
4647 	enum ath10k_hw_txrx_mode txmode;
4648 	enum ath10k_mac_tx_path txpath;
4649 	bool is_htt;
4650 	bool is_mgmt;
4651 	bool is_presp;
4652 	int ret;
4653 	u16 airtime;
4654 
4655 	airtime = ath10k_mac_update_airtime(ar, txq, skb);
4656 	ath10k_mac_tx_h_fill_cb(ar, vif, txq, sta, skb, airtime);
4657 
4658 	txmode = ath10k_mac_tx_h_get_txmode(ar, vif, sta, skb);
4659 	txpath = ath10k_mac_tx_h_get_txpath(ar, skb, txmode);
4660 	is_htt = (txpath == ATH10K_MAC_TX_HTT ||
4661 		  txpath == ATH10K_MAC_TX_HTT_MGMT);
4662 	is_mgmt = (txpath == ATH10K_MAC_TX_HTT_MGMT);
4663 
4664 	if (is_htt) {
4665 		spin_lock_bh(&ar->htt.tx_lock);
4666 		is_presp = ieee80211_is_probe_resp(hdr->frame_control);
4667 
4668 		ret = ath10k_htt_tx_inc_pending(htt);
4669 		if (ret) {
4670 			ath10k_warn(ar, "failed to increase tx pending count: %d, dropping\n",
4671 				    ret);
4672 			spin_unlock_bh(&ar->htt.tx_lock);
4673 			ieee80211_free_txskb(ar->hw, skb);
4674 			return;
4675 		}
4676 
4677 		ret = ath10k_htt_tx_mgmt_inc_pending(htt, is_mgmt, is_presp);
4678 		if (ret) {
4679 			ath10k_dbg(ar, ATH10K_DBG_MAC, "failed to increase tx mgmt pending count: %d, dropping\n",
4680 				   ret);
4681 			ath10k_htt_tx_dec_pending(htt);
4682 			spin_unlock_bh(&ar->htt.tx_lock);
4683 			ieee80211_free_txskb(ar->hw, skb);
4684 			return;
4685 		}
4686 		spin_unlock_bh(&ar->htt.tx_lock);
4687 	}
4688 
4689 	ret = ath10k_mac_tx(ar, vif, txmode, txpath, skb, false);
4690 	if (ret) {
4691 		ath10k_warn(ar, "failed to transmit frame: %d\n", ret);
4692 		if (is_htt) {
4693 			spin_lock_bh(&ar->htt.tx_lock);
4694 			ath10k_htt_tx_dec_pending(htt);
4695 			if (is_mgmt)
4696 				ath10k_htt_tx_mgmt_dec_pending(htt);
4697 			spin_unlock_bh(&ar->htt.tx_lock);
4698 		}
4699 		return;
4700 	}
4701 }
4702 
4703 static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw,
4704 					struct ieee80211_txq *txq)
4705 {
4706 	struct ath10k *ar = hw->priv;
4707 	int ret;
4708 	u8 ac;
4709 
4710 	ath10k_htt_tx_txq_update(hw, txq);
4711 	if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH)
4712 		return;
4713 
4714 	ac = txq->ac;
4715 	ieee80211_txq_schedule_start(hw, ac);
4716 	txq = ieee80211_next_txq(hw, ac);
4717 	if (!txq)
4718 		goto out;
4719 
4720 	while (ath10k_mac_tx_can_push(hw, txq)) {
4721 		ret = ath10k_mac_tx_push_txq(hw, txq);
4722 		if (ret < 0)
4723 			break;
4724 	}
4725 	ieee80211_return_txq(hw, txq, false);
4726 	ath10k_htt_tx_txq_update(hw, txq);
4727 out:
4728 	ieee80211_txq_schedule_end(hw, ac);
4729 }
4730 
4731 /* Must not be called with conf_mutex held as workers can use that also. */
4732 void ath10k_drain_tx(struct ath10k *ar)
4733 {
4734 	lockdep_assert_not_held(&ar->conf_mutex);
4735 
4736 	/* make sure rcu-protected mac80211 tx path itself is drained */
4737 	synchronize_net();
4738 
4739 	ath10k_offchan_tx_purge(ar);
4740 	ath10k_mgmt_over_wmi_tx_purge(ar);
4741 
4742 	cancel_work_sync(&ar->offchan_tx_work);
4743 	cancel_work_sync(&ar->wmi_mgmt_tx_work);
4744 }
4745 
4746 void ath10k_halt(struct ath10k *ar)
4747 {
4748 	struct ath10k_vif *arvif;
4749 
4750 	lockdep_assert_held(&ar->conf_mutex);
4751 
4752 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
4753 	ar->filter_flags = 0;
4754 	ar->monitor = false;
4755 	ar->monitor_arvif = NULL;
4756 
4757 	if (ar->monitor_started)
4758 		ath10k_monitor_stop(ar);
4759 
4760 	ar->monitor_started = false;
4761 	ar->tx_paused = 0;
4762 
4763 	ath10k_scan_finish(ar);
4764 	ath10k_peer_cleanup_all(ar);
4765 	ath10k_stop_radar_confirmation(ar);
4766 	ath10k_core_stop(ar);
4767 	ath10k_hif_power_down(ar);
4768 
4769 	spin_lock_bh(&ar->data_lock);
4770 	list_for_each_entry(arvif, &ar->arvifs, list)
4771 		ath10k_mac_vif_beacon_cleanup(arvif);
4772 	spin_unlock_bh(&ar->data_lock);
4773 }
4774 
4775 static int ath10k_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
4776 {
4777 	struct ath10k *ar = hw->priv;
4778 
4779 	mutex_lock(&ar->conf_mutex);
4780 
4781 	*tx_ant = ar->cfg_tx_chainmask;
4782 	*rx_ant = ar->cfg_rx_chainmask;
4783 
4784 	mutex_unlock(&ar->conf_mutex);
4785 
4786 	return 0;
4787 }
4788 
4789 static bool ath10k_check_chain_mask(struct ath10k *ar, u32 cm, const char *dbg)
4790 {
4791 	/* It is not clear that allowing gaps in chainmask
4792 	 * is helpful.  Probably it will not do what user
4793 	 * is hoping for, so warn in that case.
4794 	 */
4795 	if (cm == 15 || cm == 7 || cm == 3 || cm == 1 || cm == 0)
4796 		return true;
4797 
4798 	ath10k_warn(ar, "mac %s antenna chainmask is invalid: 0x%x.  Suggested values: 15, 7, 3, 1 or 0.\n",
4799 		    dbg, cm);
4800 	return false;
4801 }
4802 
4803 static int ath10k_mac_get_vht_cap_bf_sts(struct ath10k *ar)
4804 {
4805 	int nsts = ar->vht_cap_info;
4806 
4807 	nsts &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4808 	nsts >>= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4809 
4810 	/* If firmware does not deliver to host number of space-time
4811 	 * streams supported, assume it support up to 4 BF STS and return
4812 	 * the value for VHT CAP: nsts-1)
4813 	 */
4814 	if (nsts == 0)
4815 		return 3;
4816 
4817 	return nsts;
4818 }
4819 
4820 static int ath10k_mac_get_vht_cap_bf_sound_dim(struct ath10k *ar)
4821 {
4822 	int sound_dim = ar->vht_cap_info;
4823 
4824 	sound_dim &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4825 	sound_dim >>= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4826 
4827 	/* If the sounding dimension is not advertised by the firmware,
4828 	 * let's use a default value of 1
4829 	 */
4830 	if (sound_dim == 0)
4831 		return 1;
4832 
4833 	return sound_dim;
4834 }
4835 
4836 static struct ieee80211_sta_vht_cap ath10k_create_vht_cap(struct ath10k *ar)
4837 {
4838 	struct ieee80211_sta_vht_cap vht_cap = {0};
4839 	struct ath10k_hw_params *hw = &ar->hw_params;
4840 	u16 mcs_map;
4841 	u32 val;
4842 	int i;
4843 
4844 	vht_cap.vht_supported = 1;
4845 	vht_cap.cap = ar->vht_cap_info;
4846 
4847 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
4848 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
4849 		val = ath10k_mac_get_vht_cap_bf_sts(ar);
4850 		val <<= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
4851 		val &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
4852 
4853 		vht_cap.cap |= val;
4854 	}
4855 
4856 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
4857 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
4858 		val = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
4859 		val <<= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
4860 		val &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
4861 
4862 		vht_cap.cap |= val;
4863 	}
4864 
4865 	mcs_map = 0;
4866 	for (i = 0; i < 8; i++) {
4867 		if ((i < ar->num_rf_chains) && (ar->cfg_tx_chainmask & BIT(i)))
4868 			mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i * 2);
4869 		else
4870 			mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i * 2);
4871 	}
4872 
4873 	if (ar->cfg_tx_chainmask <= 1)
4874 		vht_cap.cap &= ~IEEE80211_VHT_CAP_TXSTBC;
4875 
4876 	vht_cap.vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
4877 	vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
4878 
4879 	/* If we are supporting 160Mhz or 80+80, then the NIC may be able to do
4880 	 * a restricted NSS for 160 or 80+80 vs what it can do for 80Mhz.  Give
4881 	 * user-space a clue if that is the case.
4882 	 */
4883 	if ((vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) &&
4884 	    (hw->vht160_mcs_rx_highest != 0 ||
4885 	     hw->vht160_mcs_tx_highest != 0)) {
4886 		vht_cap.vht_mcs.rx_highest = cpu_to_le16(hw->vht160_mcs_rx_highest);
4887 		vht_cap.vht_mcs.tx_highest = cpu_to_le16(hw->vht160_mcs_tx_highest);
4888 	}
4889 
4890 	return vht_cap;
4891 }
4892 
4893 static struct ieee80211_sta_ht_cap ath10k_get_ht_cap(struct ath10k *ar)
4894 {
4895 	int i;
4896 	struct ieee80211_sta_ht_cap ht_cap = {0};
4897 
4898 	if (!(ar->ht_cap_info & WMI_HT_CAP_ENABLED))
4899 		return ht_cap;
4900 
4901 	ht_cap.ht_supported = 1;
4902 	ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
4903 	ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_8;
4904 	ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
4905 	ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
4906 	ht_cap.cap |=
4907 		WLAN_HT_CAP_SM_PS_DISABLED << IEEE80211_HT_CAP_SM_PS_SHIFT;
4908 
4909 	if (ar->ht_cap_info & WMI_HT_CAP_HT20_SGI)
4910 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
4911 
4912 	if (ar->ht_cap_info & WMI_HT_CAP_HT40_SGI)
4913 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
4914 
4915 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS) {
4916 		u32 smps;
4917 
4918 		smps   = WLAN_HT_CAP_SM_PS_DYNAMIC;
4919 		smps <<= IEEE80211_HT_CAP_SM_PS_SHIFT;
4920 
4921 		ht_cap.cap |= smps;
4922 	}
4923 
4924 	if (ar->ht_cap_info & WMI_HT_CAP_TX_STBC && (ar->cfg_tx_chainmask > 1))
4925 		ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
4926 
4927 	if (ar->ht_cap_info & WMI_HT_CAP_RX_STBC) {
4928 		u32 stbc;
4929 
4930 		stbc   = ar->ht_cap_info;
4931 		stbc  &= WMI_HT_CAP_RX_STBC;
4932 		stbc >>= WMI_HT_CAP_RX_STBC_MASK_SHIFT;
4933 		stbc <<= IEEE80211_HT_CAP_RX_STBC_SHIFT;
4934 		stbc  &= IEEE80211_HT_CAP_RX_STBC;
4935 
4936 		ht_cap.cap |= stbc;
4937 	}
4938 
4939 	if (ar->ht_cap_info & WMI_HT_CAP_LDPC || (ar->ht_cap_info &
4940 	    WMI_HT_CAP_RX_LDPC && (ar->ht_cap_info & WMI_HT_CAP_TX_LDPC)))
4941 		ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
4942 
4943 	if (ar->ht_cap_info & WMI_HT_CAP_L_SIG_TXOP_PROT)
4944 		ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
4945 
4946 	/* max AMSDU is implicitly taken from vht_cap_info */
4947 	if (ar->vht_cap_info & WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
4948 		ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
4949 
4950 	for (i = 0; i < ar->num_rf_chains; i++) {
4951 		if (ar->cfg_rx_chainmask & BIT(i))
4952 			ht_cap.mcs.rx_mask[i] = 0xFF;
4953 	}
4954 
4955 	ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
4956 
4957 	return ht_cap;
4958 }
4959 
4960 static void ath10k_mac_setup_ht_vht_cap(struct ath10k *ar)
4961 {
4962 	struct ieee80211_supported_band *band;
4963 	struct ieee80211_sta_vht_cap vht_cap;
4964 	struct ieee80211_sta_ht_cap ht_cap;
4965 
4966 	ht_cap = ath10k_get_ht_cap(ar);
4967 	vht_cap = ath10k_create_vht_cap(ar);
4968 
4969 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
4970 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
4971 		band->ht_cap = ht_cap;
4972 	}
4973 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
4974 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
4975 		band->ht_cap = ht_cap;
4976 		band->vht_cap = vht_cap;
4977 	}
4978 }
4979 
4980 static int __ath10k_set_antenna(struct ath10k *ar, u32 tx_ant, u32 rx_ant)
4981 {
4982 	int ret;
4983 	bool is_valid_tx_chain_mask, is_valid_rx_chain_mask;
4984 
4985 	lockdep_assert_held(&ar->conf_mutex);
4986 
4987 	is_valid_tx_chain_mask = ath10k_check_chain_mask(ar, tx_ant, "tx");
4988 	is_valid_rx_chain_mask = ath10k_check_chain_mask(ar, rx_ant, "rx");
4989 
4990 	if (!is_valid_tx_chain_mask || !is_valid_rx_chain_mask)
4991 		return -EINVAL;
4992 
4993 	ar->cfg_tx_chainmask = tx_ant;
4994 	ar->cfg_rx_chainmask = rx_ant;
4995 
4996 	if ((ar->state != ATH10K_STATE_ON) &&
4997 	    (ar->state != ATH10K_STATE_RESTARTED))
4998 		return 0;
4999 
5000 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->tx_chain_mask,
5001 					tx_ant);
5002 	if (ret) {
5003 		ath10k_warn(ar, "failed to set tx-chainmask: %d, req 0x%x\n",
5004 			    ret, tx_ant);
5005 		return ret;
5006 	}
5007 
5008 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rx_chain_mask,
5009 					rx_ant);
5010 	if (ret) {
5011 		ath10k_warn(ar, "failed to set rx-chainmask: %d, req 0x%x\n",
5012 			    ret, rx_ant);
5013 		return ret;
5014 	}
5015 
5016 	/* Reload HT/VHT capability */
5017 	ath10k_mac_setup_ht_vht_cap(ar);
5018 
5019 	return 0;
5020 }
5021 
5022 static int ath10k_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
5023 {
5024 	struct ath10k *ar = hw->priv;
5025 	int ret;
5026 
5027 	mutex_lock(&ar->conf_mutex);
5028 	ret = __ath10k_set_antenna(ar, tx_ant, rx_ant);
5029 	mutex_unlock(&ar->conf_mutex);
5030 	return ret;
5031 }
5032 
5033 static int __ath10k_fetch_bb_timing_dt(struct ath10k *ar,
5034 				       struct wmi_bb_timing_cfg_arg *bb_timing)
5035 {
5036 	struct device_node *node;
5037 	const char *fem_name;
5038 	int ret;
5039 
5040 	node = ar->dev->of_node;
5041 	if (!node)
5042 		return -ENOENT;
5043 
5044 	ret = of_property_read_string_index(node, "ext-fem-name", 0, &fem_name);
5045 	if (ret)
5046 		return -ENOENT;
5047 
5048 	/*
5049 	 * If external Front End module used in hardware, then default base band timing
5050 	 * parameter cannot be used since they were fine tuned for reference hardware,
5051 	 * so choosing different value suitable for that external FEM.
5052 	 */
5053 	if (!strcmp("microsemi-lx5586", fem_name)) {
5054 		bb_timing->bb_tx_timing = 0x00;
5055 		bb_timing->bb_xpa_timing = 0x0101;
5056 	} else {
5057 		return -ENOENT;
5058 	}
5059 
5060 	ath10k_dbg(ar, ATH10K_DBG_BOOT, "boot bb_tx_timing 0x%x bb_xpa_timing 0x%x\n",
5061 		   bb_timing->bb_tx_timing, bb_timing->bb_xpa_timing);
5062 	return 0;
5063 }
5064 
5065 static int ath10k_mac_rfkill_config(struct ath10k *ar)
5066 {
5067 	u32 param;
5068 	int ret;
5069 
5070 	if (ar->hw_values->rfkill_pin == 0) {
5071 		ath10k_warn(ar, "ath10k does not support hardware rfkill with this device\n");
5072 		return -EOPNOTSUPP;
5073 	}
5074 
5075 	ath10k_dbg(ar, ATH10K_DBG_MAC,
5076 		   "mac rfkill_pin %d rfkill_cfg %d rfkill_on_level %d",
5077 		   ar->hw_values->rfkill_pin, ar->hw_values->rfkill_cfg,
5078 		   ar->hw_values->rfkill_on_level);
5079 
5080 	param = FIELD_PREP(WMI_TLV_RFKILL_CFG_RADIO_LEVEL,
5081 			   ar->hw_values->rfkill_on_level) |
5082 		FIELD_PREP(WMI_TLV_RFKILL_CFG_GPIO_PIN_NUM,
5083 			   ar->hw_values->rfkill_pin) |
5084 		FIELD_PREP(WMI_TLV_RFKILL_CFG_PIN_AS_GPIO,
5085 			   ar->hw_values->rfkill_cfg);
5086 
5087 	ret = ath10k_wmi_pdev_set_param(ar,
5088 					ar->wmi.pdev_param->rfkill_config,
5089 					param);
5090 	if (ret) {
5091 		ath10k_warn(ar,
5092 			    "failed to set rfkill config 0x%x: %d\n",
5093 			    param, ret);
5094 		return ret;
5095 	}
5096 	return 0;
5097 }
5098 
5099 int ath10k_mac_rfkill_enable_radio(struct ath10k *ar, bool enable)
5100 {
5101 	enum wmi_tlv_rfkill_enable_radio param;
5102 	int ret;
5103 
5104 	if (enable)
5105 		param = WMI_TLV_RFKILL_ENABLE_RADIO_ON;
5106 	else
5107 		param = WMI_TLV_RFKILL_ENABLE_RADIO_OFF;
5108 
5109 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac rfkill enable %d", param);
5110 
5111 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rfkill_enable,
5112 					param);
5113 	if (ret) {
5114 		ath10k_warn(ar, "failed to set rfkill enable param %d: %d\n",
5115 			    param, ret);
5116 		return ret;
5117 	}
5118 
5119 	return 0;
5120 }
5121 
5122 static int ath10k_start(struct ieee80211_hw *hw)
5123 {
5124 	struct ath10k *ar = hw->priv;
5125 	u32 param;
5126 	int ret = 0;
5127 	struct wmi_bb_timing_cfg_arg bb_timing = {0};
5128 
5129 	/*
5130 	 * This makes sense only when restarting hw. It is harmless to call
5131 	 * unconditionally. This is necessary to make sure no HTT/WMI tx
5132 	 * commands will be submitted while restarting.
5133 	 */
5134 	ath10k_drain_tx(ar);
5135 
5136 	mutex_lock(&ar->conf_mutex);
5137 
5138 	switch (ar->state) {
5139 	case ATH10K_STATE_OFF:
5140 		ar->state = ATH10K_STATE_ON;
5141 		break;
5142 	case ATH10K_STATE_RESTARTING:
5143 		ar->state = ATH10K_STATE_RESTARTED;
5144 		break;
5145 	case ATH10K_STATE_ON:
5146 	case ATH10K_STATE_RESTARTED:
5147 	case ATH10K_STATE_WEDGED:
5148 		WARN_ON(1);
5149 		ret = -EINVAL;
5150 		goto err;
5151 	case ATH10K_STATE_UTF:
5152 		ret = -EBUSY;
5153 		goto err;
5154 	}
5155 
5156 	spin_lock_bh(&ar->data_lock);
5157 
5158 	if (ar->hw_rfkill_on) {
5159 		ar->hw_rfkill_on = false;
5160 		spin_unlock_bh(&ar->data_lock);
5161 		goto err;
5162 	}
5163 
5164 	spin_unlock_bh(&ar->data_lock);
5165 
5166 	ret = ath10k_hif_power_up(ar, ATH10K_FIRMWARE_MODE_NORMAL);
5167 	if (ret) {
5168 		ath10k_err(ar, "Could not init hif: %d\n", ret);
5169 		goto err_off;
5170 	}
5171 
5172 	ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_NORMAL,
5173 				&ar->normal_mode_fw);
5174 	if (ret) {
5175 		ath10k_err(ar, "Could not init core: %d\n", ret);
5176 		goto err_power_down;
5177 	}
5178 
5179 	if (ar->sys_cap_info & WMI_TLV_SYS_CAP_INFO_RFKILL) {
5180 		ret = ath10k_mac_rfkill_config(ar);
5181 		if (ret && ret != -EOPNOTSUPP) {
5182 			ath10k_warn(ar, "failed to configure rfkill: %d", ret);
5183 			goto err_core_stop;
5184 		}
5185 	}
5186 
5187 	param = ar->wmi.pdev_param->pmf_qos;
5188 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5189 	if (ret) {
5190 		ath10k_warn(ar, "failed to enable PMF QOS: %d\n", ret);
5191 		goto err_core_stop;
5192 	}
5193 
5194 	param = ar->wmi.pdev_param->dynamic_bw;
5195 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5196 	if (ret) {
5197 		ath10k_warn(ar, "failed to enable dynamic BW: %d\n", ret);
5198 		goto err_core_stop;
5199 	}
5200 
5201 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
5202 		ret = ath10k_wmi_scan_prob_req_oui(ar, ar->mac_addr);
5203 		if (ret) {
5204 			ath10k_err(ar, "failed to set prob req oui: %i\n", ret);
5205 			goto err_core_stop;
5206 		}
5207 	}
5208 
5209 	if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
5210 		ret = ath10k_wmi_adaptive_qcs(ar, true);
5211 		if (ret) {
5212 			ath10k_warn(ar, "failed to enable adaptive qcs: %d\n",
5213 				    ret);
5214 			goto err_core_stop;
5215 		}
5216 	}
5217 
5218 	if (test_bit(WMI_SERVICE_BURST, ar->wmi.svc_map)) {
5219 		param = ar->wmi.pdev_param->burst_enable;
5220 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5221 		if (ret) {
5222 			ath10k_warn(ar, "failed to disable burst: %d\n", ret);
5223 			goto err_core_stop;
5224 		}
5225 	}
5226 
5227 	param = ar->wmi.pdev_param->idle_ps_config;
5228 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5229 	if (ret && ret != -EOPNOTSUPP) {
5230 		ath10k_warn(ar, "failed to enable idle_ps_config: %d\n", ret);
5231 		goto err_core_stop;
5232 	}
5233 
5234 	__ath10k_set_antenna(ar, ar->cfg_tx_chainmask, ar->cfg_rx_chainmask);
5235 
5236 	/*
5237 	 * By default FW set ARP frames ac to voice (6). In that case ARP
5238 	 * exchange is not working properly for UAPSD enabled AP. ARP requests
5239 	 * which arrives with access category 0 are processed by network stack
5240 	 * and send back with access category 0, but FW changes access category
5241 	 * to 6. Set ARP frames access category to best effort (0) solves
5242 	 * this problem.
5243 	 */
5244 
5245 	param = ar->wmi.pdev_param->arp_ac_override;
5246 	ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5247 	if (ret) {
5248 		ath10k_warn(ar, "failed to set arp ac override parameter: %d\n",
5249 			    ret);
5250 		goto err_core_stop;
5251 	}
5252 
5253 	if (test_bit(ATH10K_FW_FEATURE_SUPPORTS_ADAPTIVE_CCA,
5254 		     ar->running_fw->fw_file.fw_features)) {
5255 		ret = ath10k_wmi_pdev_enable_adaptive_cca(ar, 1,
5256 							  WMI_CCA_DETECT_LEVEL_AUTO,
5257 							  WMI_CCA_DETECT_MARGIN_AUTO);
5258 		if (ret) {
5259 			ath10k_warn(ar, "failed to enable adaptive cca: %d\n",
5260 				    ret);
5261 			goto err_core_stop;
5262 		}
5263 	}
5264 
5265 	param = ar->wmi.pdev_param->ani_enable;
5266 	ret = ath10k_wmi_pdev_set_param(ar, param, 1);
5267 	if (ret) {
5268 		ath10k_warn(ar, "failed to enable ani by default: %d\n",
5269 			    ret);
5270 		goto err_core_stop;
5271 	}
5272 
5273 	ar->ani_enabled = true;
5274 
5275 	if (ath10k_peer_stats_enabled(ar)) {
5276 		param = ar->wmi.pdev_param->peer_stats_update_period;
5277 		ret = ath10k_wmi_pdev_set_param(ar, param,
5278 						PEER_DEFAULT_STATS_UPDATE_PERIOD);
5279 		if (ret) {
5280 			ath10k_warn(ar,
5281 				    "failed to set peer stats period : %d\n",
5282 				    ret);
5283 			goto err_core_stop;
5284 		}
5285 	}
5286 
5287 	param = ar->wmi.pdev_param->enable_btcoex;
5288 	if (test_bit(WMI_SERVICE_COEX_GPIO, ar->wmi.svc_map) &&
5289 	    test_bit(ATH10K_FW_FEATURE_BTCOEX_PARAM,
5290 		     ar->running_fw->fw_file.fw_features) &&
5291 	    ar->coex_support) {
5292 		ret = ath10k_wmi_pdev_set_param(ar, param, 0);
5293 		if (ret) {
5294 			ath10k_warn(ar,
5295 				    "failed to set btcoex param: %d\n", ret);
5296 			goto err_core_stop;
5297 		}
5298 		clear_bit(ATH10K_FLAG_BTCOEX, &ar->dev_flags);
5299 	}
5300 
5301 	if (test_bit(WMI_SERVICE_BB_TIMING_CONFIG_SUPPORT, ar->wmi.svc_map)) {
5302 		ret = __ath10k_fetch_bb_timing_dt(ar, &bb_timing);
5303 		if (!ret) {
5304 			ret = ath10k_wmi_pdev_bb_timing(ar, &bb_timing);
5305 			if (ret) {
5306 				ath10k_warn(ar,
5307 					    "failed to set bb timings: %d\n",
5308 					    ret);
5309 				goto err_core_stop;
5310 			}
5311 		}
5312 	}
5313 
5314 	ar->num_started_vdevs = 0;
5315 	ath10k_regd_update(ar);
5316 
5317 	ath10k_spectral_start(ar);
5318 	ath10k_thermal_set_throttling(ar);
5319 
5320 	ar->radar_conf_state = ATH10K_RADAR_CONFIRMATION_IDLE;
5321 
5322 	mutex_unlock(&ar->conf_mutex);
5323 	return 0;
5324 
5325 err_core_stop:
5326 	ath10k_core_stop(ar);
5327 
5328 err_power_down:
5329 	ath10k_hif_power_down(ar);
5330 
5331 err_off:
5332 	ar->state = ATH10K_STATE_OFF;
5333 
5334 err:
5335 	mutex_unlock(&ar->conf_mutex);
5336 	return ret;
5337 }
5338 
5339 static void ath10k_stop(struct ieee80211_hw *hw)
5340 {
5341 	struct ath10k *ar = hw->priv;
5342 
5343 	ath10k_drain_tx(ar);
5344 
5345 	mutex_lock(&ar->conf_mutex);
5346 	if (ar->state != ATH10K_STATE_OFF) {
5347 		if (!ar->hw_rfkill_on)
5348 			ath10k_halt(ar);
5349 		ar->state = ATH10K_STATE_OFF;
5350 	}
5351 	mutex_unlock(&ar->conf_mutex);
5352 
5353 	cancel_work_sync(&ar->set_coverage_class_work);
5354 	cancel_delayed_work_sync(&ar->scan.timeout);
5355 	cancel_work_sync(&ar->restart_work);
5356 }
5357 
5358 static int ath10k_config_ps(struct ath10k *ar)
5359 {
5360 	struct ath10k_vif *arvif;
5361 	int ret = 0;
5362 
5363 	lockdep_assert_held(&ar->conf_mutex);
5364 
5365 	list_for_each_entry(arvif, &ar->arvifs, list) {
5366 		ret = ath10k_mac_vif_setup_ps(arvif);
5367 		if (ret) {
5368 			ath10k_warn(ar, "failed to setup powersave: %d\n", ret);
5369 			break;
5370 		}
5371 	}
5372 
5373 	return ret;
5374 }
5375 
5376 static int ath10k_config(struct ieee80211_hw *hw, u32 changed)
5377 {
5378 	struct ath10k *ar = hw->priv;
5379 	struct ieee80211_conf *conf = &hw->conf;
5380 	int ret = 0;
5381 
5382 	mutex_lock(&ar->conf_mutex);
5383 
5384 	if (changed & IEEE80211_CONF_CHANGE_PS)
5385 		ath10k_config_ps(ar);
5386 
5387 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
5388 		ar->monitor = conf->flags & IEEE80211_CONF_MONITOR;
5389 		ret = ath10k_monitor_recalc(ar);
5390 		if (ret)
5391 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5392 	}
5393 
5394 	mutex_unlock(&ar->conf_mutex);
5395 	return ret;
5396 }
5397 
5398 static u32 get_nss_from_chainmask(u16 chain_mask)
5399 {
5400 	if ((chain_mask & 0xf) == 0xf)
5401 		return 4;
5402 	else if ((chain_mask & 0x7) == 0x7)
5403 		return 3;
5404 	else if ((chain_mask & 0x3) == 0x3)
5405 		return 2;
5406 	return 1;
5407 }
5408 
5409 static int ath10k_mac_set_txbf_conf(struct ath10k_vif *arvif)
5410 {
5411 	u32 value = 0;
5412 	struct ath10k *ar = arvif->ar;
5413 	int nsts;
5414 	int sound_dim;
5415 
5416 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_BEFORE_ASSOC)
5417 		return 0;
5418 
5419 	nsts = ath10k_mac_get_vht_cap_bf_sts(ar);
5420 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
5421 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE))
5422 		value |= SM(nsts, WMI_TXBF_STS_CAP_OFFSET);
5423 
5424 	sound_dim = ath10k_mac_get_vht_cap_bf_sound_dim(ar);
5425 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
5426 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE))
5427 		value |= SM(sound_dim, WMI_BF_SOUND_DIM_OFFSET);
5428 
5429 	if (!value)
5430 		return 0;
5431 
5432 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
5433 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
5434 
5435 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
5436 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFER |
5437 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFER);
5438 
5439 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
5440 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
5441 
5442 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
5443 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFEE |
5444 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFEE);
5445 
5446 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
5447 					 ar->wmi.vdev_param->txbf, value);
5448 }
5449 
5450 /*
5451  * TODO:
5452  * Figure out how to handle WMI_VDEV_SUBTYPE_P2P_DEVICE,
5453  * because we will send mgmt frames without CCK. This requirement
5454  * for P2P_FIND/GO_NEG should be handled by checking CCK flag
5455  * in the TX packet.
5456  */
5457 static int ath10k_add_interface(struct ieee80211_hw *hw,
5458 				struct ieee80211_vif *vif)
5459 {
5460 	struct ath10k *ar = hw->priv;
5461 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5462 	struct ath10k_peer *peer;
5463 	enum wmi_sta_powersave_param param;
5464 	int ret = 0;
5465 	u32 value;
5466 	int bit;
5467 	int i;
5468 	u32 vdev_param;
5469 
5470 	vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD;
5471 
5472 	mutex_lock(&ar->conf_mutex);
5473 
5474 	memset(arvif, 0, sizeof(*arvif));
5475 	ath10k_mac_txq_init(vif->txq);
5476 
5477 	arvif->ar = ar;
5478 	arvif->vif = vif;
5479 
5480 	INIT_LIST_HEAD(&arvif->list);
5481 	INIT_WORK(&arvif->ap_csa_work, ath10k_mac_vif_ap_csa_work);
5482 	INIT_DELAYED_WORK(&arvif->connection_loss_work,
5483 			  ath10k_mac_vif_sta_connection_loss_work);
5484 
5485 	for (i = 0; i < ARRAY_SIZE(arvif->bitrate_mask.control); i++) {
5486 		arvif->bitrate_mask.control[i].legacy = 0xffffffff;
5487 		memset(arvif->bitrate_mask.control[i].ht_mcs, 0xff,
5488 		       sizeof(arvif->bitrate_mask.control[i].ht_mcs));
5489 		memset(arvif->bitrate_mask.control[i].vht_mcs, 0xff,
5490 		       sizeof(arvif->bitrate_mask.control[i].vht_mcs));
5491 	}
5492 
5493 	if (ar->num_peers >= ar->max_num_peers) {
5494 		ath10k_warn(ar, "refusing vdev creation due to insufficient peer entry resources in firmware\n");
5495 		ret = -ENOBUFS;
5496 		goto err;
5497 	}
5498 
5499 	if (ar->free_vdev_map == 0) {
5500 		ath10k_warn(ar, "Free vdev map is empty, no more interfaces allowed.\n");
5501 		ret = -EBUSY;
5502 		goto err;
5503 	}
5504 	bit = __ffs64(ar->free_vdev_map);
5505 
5506 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac create vdev %i map %llx\n",
5507 		   bit, ar->free_vdev_map);
5508 
5509 	arvif->vdev_id = bit;
5510 	arvif->vdev_subtype =
5511 		ath10k_wmi_get_vdev_subtype(ar, WMI_VDEV_SUBTYPE_NONE);
5512 
5513 	switch (vif->type) {
5514 	case NL80211_IFTYPE_P2P_DEVICE:
5515 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5516 		arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5517 					(ar, WMI_VDEV_SUBTYPE_P2P_DEVICE);
5518 		break;
5519 	case NL80211_IFTYPE_UNSPECIFIED:
5520 	case NL80211_IFTYPE_STATION:
5521 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
5522 		if (vif->p2p)
5523 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5524 					(ar, WMI_VDEV_SUBTYPE_P2P_CLIENT);
5525 		break;
5526 	case NL80211_IFTYPE_ADHOC:
5527 		arvif->vdev_type = WMI_VDEV_TYPE_IBSS;
5528 		break;
5529 	case NL80211_IFTYPE_MESH_POINT:
5530 		if (test_bit(WMI_SERVICE_MESH_11S, ar->wmi.svc_map)) {
5531 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5532 						(ar, WMI_VDEV_SUBTYPE_MESH_11S);
5533 		} else if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5534 			ret = -EINVAL;
5535 			ath10k_warn(ar, "must load driver with rawmode=1 to add mesh interfaces\n");
5536 			goto err;
5537 		}
5538 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5539 		break;
5540 	case NL80211_IFTYPE_AP:
5541 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
5542 
5543 		if (vif->p2p)
5544 			arvif->vdev_subtype = ath10k_wmi_get_vdev_subtype
5545 						(ar, WMI_VDEV_SUBTYPE_P2P_GO);
5546 		break;
5547 	case NL80211_IFTYPE_MONITOR:
5548 		arvif->vdev_type = WMI_VDEV_TYPE_MONITOR;
5549 		break;
5550 	default:
5551 		WARN_ON(1);
5552 		break;
5553 	}
5554 
5555 	/* Using vdev_id as queue number will make it very easy to do per-vif
5556 	 * tx queue locking. This shouldn't wrap due to interface combinations
5557 	 * but do a modulo for correctness sake and prevent using offchannel tx
5558 	 * queues for regular vif tx.
5559 	 */
5560 	vif->cab_queue = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5561 	for (i = 0; i < ARRAY_SIZE(vif->hw_queue); i++)
5562 		vif->hw_queue[i] = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
5563 
5564 	/* Some firmware revisions don't wait for beacon tx completion before
5565 	 * sending another SWBA event. This could lead to hardware using old
5566 	 * (freed) beacon data in some cases, e.g. tx credit starvation
5567 	 * combined with missed TBTT. This is very rare.
5568 	 *
5569 	 * On non-IOMMU-enabled hosts this could be a possible security issue
5570 	 * because hw could beacon some random data on the air.  On
5571 	 * IOMMU-enabled hosts DMAR faults would occur in most cases and target
5572 	 * device would crash.
5573 	 *
5574 	 * Since there are no beacon tx completions (implicit nor explicit)
5575 	 * propagated to host the only workaround for this is to allocate a
5576 	 * DMA-coherent buffer for a lifetime of a vif and use it for all
5577 	 * beacon tx commands. Worst case for this approach is some beacons may
5578 	 * become corrupted, e.g. have garbled IEs or out-of-date TIM bitmap.
5579 	 */
5580 	if (vif->type == NL80211_IFTYPE_ADHOC ||
5581 	    vif->type == NL80211_IFTYPE_MESH_POINT ||
5582 	    vif->type == NL80211_IFTYPE_AP) {
5583 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL) {
5584 			arvif->beacon_buf = kmalloc(IEEE80211_MAX_FRAME_LEN,
5585 						    GFP_KERNEL);
5586 
5587 			/* Using a kernel pointer in place of a dma_addr_t
5588 			 * token can lead to undefined behavior if that
5589 			 * makes it into cache management functions. Use a
5590 			 * known-invalid address token instead, which
5591 			 * avoids the warning and makes it easier to catch
5592 			 * bugs if it does end up getting used.
5593 			 */
5594 			arvif->beacon_paddr = DMA_MAPPING_ERROR;
5595 		} else {
5596 			arvif->beacon_buf =
5597 				dma_alloc_coherent(ar->dev,
5598 						   IEEE80211_MAX_FRAME_LEN,
5599 						   &arvif->beacon_paddr,
5600 						   GFP_ATOMIC);
5601 		}
5602 		if (!arvif->beacon_buf) {
5603 			ret = -ENOMEM;
5604 			ath10k_warn(ar, "failed to allocate beacon buffer: %d\n",
5605 				    ret);
5606 			goto err;
5607 		}
5608 	}
5609 	if (test_bit(ATH10K_FLAG_HW_CRYPTO_DISABLED, &ar->dev_flags))
5610 		arvif->nohwcrypt = true;
5611 
5612 	if (arvif->nohwcrypt &&
5613 	    !test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
5614 		ret = -EINVAL;
5615 		ath10k_warn(ar, "cryptmode module param needed for sw crypto\n");
5616 		goto err;
5617 	}
5618 
5619 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev create %d (add interface) type %d subtype %d bcnmode %s\n",
5620 		   arvif->vdev_id, arvif->vdev_type, arvif->vdev_subtype,
5621 		   arvif->beacon_buf ? "single-buf" : "per-skb");
5622 
5623 	ret = ath10k_wmi_vdev_create(ar, arvif->vdev_id, arvif->vdev_type,
5624 				     arvif->vdev_subtype, vif->addr);
5625 	if (ret) {
5626 		ath10k_warn(ar, "failed to create WMI vdev %i: %d\n",
5627 			    arvif->vdev_id, ret);
5628 		goto err;
5629 	}
5630 
5631 	if (test_bit(WMI_SERVICE_VDEV_DISABLE_4_ADDR_SRC_LRN_SUPPORT,
5632 		     ar->wmi.svc_map)) {
5633 		vdev_param = ar->wmi.vdev_param->disable_4addr_src_lrn;
5634 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5635 						WMI_VDEV_DISABLE_4_ADDR_SRC_LRN);
5636 		if (ret && ret != -EOPNOTSUPP) {
5637 			ath10k_warn(ar, "failed to disable 4addr src lrn vdev %i: %d\n",
5638 				    arvif->vdev_id, ret);
5639 		}
5640 	}
5641 
5642 	ar->free_vdev_map &= ~(1LL << arvif->vdev_id);
5643 	spin_lock_bh(&ar->data_lock);
5644 	list_add(&arvif->list, &ar->arvifs);
5645 	spin_unlock_bh(&ar->data_lock);
5646 
5647 	/* It makes no sense to have firmware do keepalives. mac80211 already
5648 	 * takes care of this with idle connection polling.
5649 	 */
5650 	ret = ath10k_mac_vif_disable_keepalive(arvif);
5651 	if (ret) {
5652 		ath10k_warn(ar, "failed to disable keepalive on vdev %i: %d\n",
5653 			    arvif->vdev_id, ret);
5654 		goto err_vdev_delete;
5655 	}
5656 
5657 	arvif->def_wep_key_idx = -1;
5658 
5659 	vdev_param = ar->wmi.vdev_param->tx_encap_type;
5660 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5661 					ATH10K_HW_TXRX_NATIVE_WIFI);
5662 	/* 10.X firmware does not support this VDEV parameter. Do not warn */
5663 	if (ret && ret != -EOPNOTSUPP) {
5664 		ath10k_warn(ar, "failed to set vdev %i TX encapsulation: %d\n",
5665 			    arvif->vdev_id, ret);
5666 		goto err_vdev_delete;
5667 	}
5668 
5669 	/* Configuring number of spatial stream for monitor interface is causing
5670 	 * target assert in qca9888 and qca6174.
5671 	 */
5672 	if (ar->cfg_tx_chainmask && (vif->type != NL80211_IFTYPE_MONITOR)) {
5673 		u16 nss = get_nss_from_chainmask(ar->cfg_tx_chainmask);
5674 
5675 		vdev_param = ar->wmi.vdev_param->nss;
5676 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5677 						nss);
5678 		if (ret) {
5679 			ath10k_warn(ar, "failed to set vdev %i chainmask 0x%x, nss %i: %d\n",
5680 				    arvif->vdev_id, ar->cfg_tx_chainmask, nss,
5681 				    ret);
5682 			goto err_vdev_delete;
5683 		}
5684 	}
5685 
5686 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5687 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5688 		ret = ath10k_peer_create(ar, vif, NULL, arvif->vdev_id,
5689 					 vif->addr, WMI_PEER_TYPE_DEFAULT);
5690 		if (ret) {
5691 			ath10k_warn(ar, "failed to create vdev %i peer for AP/IBSS: %d\n",
5692 				    arvif->vdev_id, ret);
5693 			goto err_vdev_delete;
5694 		}
5695 
5696 		spin_lock_bh(&ar->data_lock);
5697 
5698 		peer = ath10k_peer_find(ar, arvif->vdev_id, vif->addr);
5699 		if (!peer) {
5700 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
5701 				    vif->addr, arvif->vdev_id);
5702 			spin_unlock_bh(&ar->data_lock);
5703 			ret = -ENOENT;
5704 			goto err_peer_delete;
5705 		}
5706 
5707 		arvif->peer_id = find_first_bit(peer->peer_ids,
5708 						ATH10K_MAX_NUM_PEER_IDS);
5709 
5710 		spin_unlock_bh(&ar->data_lock);
5711 	} else {
5712 		arvif->peer_id = HTT_INVALID_PEERID;
5713 	}
5714 
5715 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
5716 		ret = ath10k_mac_set_kickout(arvif);
5717 		if (ret) {
5718 			ath10k_warn(ar, "failed to set vdev %i kickout parameters: %d\n",
5719 				    arvif->vdev_id, ret);
5720 			goto err_peer_delete;
5721 		}
5722 	}
5723 
5724 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
5725 		param = WMI_STA_PS_PARAM_RX_WAKE_POLICY;
5726 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
5727 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5728 						  param, value);
5729 		if (ret) {
5730 			ath10k_warn(ar, "failed to set vdev %i RX wake policy: %d\n",
5731 				    arvif->vdev_id, ret);
5732 			goto err_peer_delete;
5733 		}
5734 
5735 		ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
5736 		if (ret) {
5737 			ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
5738 				    arvif->vdev_id, ret);
5739 			goto err_peer_delete;
5740 		}
5741 
5742 		ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
5743 		if (ret) {
5744 			ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
5745 				    arvif->vdev_id, ret);
5746 			goto err_peer_delete;
5747 		}
5748 	}
5749 
5750 	ret = ath10k_mac_set_txbf_conf(arvif);
5751 	if (ret) {
5752 		ath10k_warn(ar, "failed to set txbf for vdev %d: %d\n",
5753 			    arvif->vdev_id, ret);
5754 		goto err_peer_delete;
5755 	}
5756 
5757 	ret = ath10k_mac_set_rts(arvif, ar->hw->wiphy->rts_threshold);
5758 	if (ret) {
5759 		ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
5760 			    arvif->vdev_id, ret);
5761 		goto err_peer_delete;
5762 	}
5763 
5764 	arvif->txpower = vif->bss_conf.txpower;
5765 	ret = ath10k_mac_txpower_recalc(ar);
5766 	if (ret) {
5767 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
5768 		goto err_peer_delete;
5769 	}
5770 
5771 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
5772 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
5773 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
5774 						arvif->ftm_responder);
5775 
5776 		/* It is harmless to not set FTM role. Do not warn */
5777 		if (ret && ret != -EOPNOTSUPP)
5778 			ath10k_warn(ar, "failed to set vdev %i FTM Responder: %d\n",
5779 				    arvif->vdev_id, ret);
5780 	}
5781 
5782 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5783 		ar->monitor_arvif = arvif;
5784 		ret = ath10k_monitor_recalc(ar);
5785 		if (ret) {
5786 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5787 			goto err_peer_delete;
5788 		}
5789 	}
5790 
5791 	spin_lock_bh(&ar->htt.tx_lock);
5792 	if (!ar->tx_paused)
5793 		ieee80211_wake_queue(ar->hw, arvif->vdev_id);
5794 	spin_unlock_bh(&ar->htt.tx_lock);
5795 
5796 	mutex_unlock(&ar->conf_mutex);
5797 	return 0;
5798 
5799 err_peer_delete:
5800 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5801 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5802 		ath10k_wmi_peer_delete(ar, arvif->vdev_id, vif->addr);
5803 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5804 						 vif->addr);
5805 	}
5806 
5807 err_vdev_delete:
5808 	ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5809 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5810 	spin_lock_bh(&ar->data_lock);
5811 	list_del(&arvif->list);
5812 	spin_unlock_bh(&ar->data_lock);
5813 
5814 err:
5815 	if (arvif->beacon_buf) {
5816 		if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL)
5817 			kfree(arvif->beacon_buf);
5818 		else
5819 			dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
5820 					  arvif->beacon_buf,
5821 					  arvif->beacon_paddr);
5822 		arvif->beacon_buf = NULL;
5823 	}
5824 
5825 	mutex_unlock(&ar->conf_mutex);
5826 
5827 	return ret;
5828 }
5829 
5830 static void ath10k_mac_vif_tx_unlock_all(struct ath10k_vif *arvif)
5831 {
5832 	int i;
5833 
5834 	for (i = 0; i < BITS_PER_LONG; i++)
5835 		ath10k_mac_vif_tx_unlock(arvif, i);
5836 }
5837 
5838 static void ath10k_remove_interface(struct ieee80211_hw *hw,
5839 				    struct ieee80211_vif *vif)
5840 {
5841 	struct ath10k *ar = hw->priv;
5842 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5843 	struct ath10k_peer *peer;
5844 	unsigned long time_left;
5845 	int ret;
5846 	int i;
5847 
5848 	cancel_work_sync(&arvif->ap_csa_work);
5849 	cancel_delayed_work_sync(&arvif->connection_loss_work);
5850 
5851 	mutex_lock(&ar->conf_mutex);
5852 
5853 	ret = ath10k_spectral_vif_stop(arvif);
5854 	if (ret)
5855 		ath10k_warn(ar, "failed to stop spectral for vdev %i: %d\n",
5856 			    arvif->vdev_id, ret);
5857 
5858 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
5859 	spin_lock_bh(&ar->data_lock);
5860 	list_del(&arvif->list);
5861 	spin_unlock_bh(&ar->data_lock);
5862 
5863 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5864 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5865 		ret = ath10k_wmi_peer_delete(arvif->ar, arvif->vdev_id,
5866 					     vif->addr);
5867 		if (ret)
5868 			ath10k_warn(ar, "failed to submit AP/IBSS self-peer removal on vdev %i: %d\n",
5869 				    arvif->vdev_id, ret);
5870 
5871 		ath10k_wait_for_peer_delete_done(ar, arvif->vdev_id,
5872 						 vif->addr);
5873 		kfree(arvif->u.ap.noa_data);
5874 	}
5875 
5876 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i delete (remove interface)\n",
5877 		   arvif->vdev_id);
5878 
5879 	ret = ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
5880 	if (ret)
5881 		ath10k_warn(ar, "failed to delete WMI vdev %i: %d\n",
5882 			    arvif->vdev_id, ret);
5883 
5884 	if (test_bit(WMI_SERVICE_SYNC_DELETE_CMDS, ar->wmi.svc_map)) {
5885 		time_left = wait_for_completion_timeout(&ar->vdev_delete_done,
5886 							ATH10K_VDEV_DELETE_TIMEOUT_HZ);
5887 		if (time_left == 0) {
5888 			ath10k_warn(ar, "Timeout in receiving vdev delete response\n");
5889 			goto out;
5890 		}
5891 	}
5892 
5893 	/* Some firmware revisions don't notify host about self-peer removal
5894 	 * until after associated vdev is deleted.
5895 	 */
5896 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
5897 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
5898 		ret = ath10k_wait_for_peer_deleted(ar, arvif->vdev_id,
5899 						   vif->addr);
5900 		if (ret)
5901 			ath10k_warn(ar, "failed to remove AP self-peer on vdev %i: %d\n",
5902 				    arvif->vdev_id, ret);
5903 
5904 		spin_lock_bh(&ar->data_lock);
5905 		ar->num_peers--;
5906 		spin_unlock_bh(&ar->data_lock);
5907 	}
5908 
5909 	spin_lock_bh(&ar->data_lock);
5910 	for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
5911 		peer = ar->peer_map[i];
5912 		if (!peer)
5913 			continue;
5914 
5915 		if (peer->vif == vif) {
5916 			ath10k_warn(ar, "found vif peer %pM entry on vdev %i after it was supposedly removed\n",
5917 				    vif->addr, arvif->vdev_id);
5918 			peer->vif = NULL;
5919 		}
5920 	}
5921 
5922 	/* Clean this up late, less opportunity for firmware to access
5923 	 * DMA memory we have deleted.
5924 	 */
5925 	ath10k_mac_vif_beacon_cleanup(arvif);
5926 	spin_unlock_bh(&ar->data_lock);
5927 
5928 	ath10k_peer_cleanup(ar, arvif->vdev_id);
5929 	ath10k_mac_txq_unref(ar, vif->txq);
5930 
5931 	if (vif->type == NL80211_IFTYPE_MONITOR) {
5932 		ar->monitor_arvif = NULL;
5933 		ret = ath10k_monitor_recalc(ar);
5934 		if (ret)
5935 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5936 	}
5937 
5938 	ret = ath10k_mac_txpower_recalc(ar);
5939 	if (ret)
5940 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
5941 
5942 	spin_lock_bh(&ar->htt.tx_lock);
5943 	ath10k_mac_vif_tx_unlock_all(arvif);
5944 	spin_unlock_bh(&ar->htt.tx_lock);
5945 
5946 	ath10k_mac_txq_unref(ar, vif->txq);
5947 
5948 out:
5949 	mutex_unlock(&ar->conf_mutex);
5950 }
5951 
5952 /*
5953  * FIXME: Has to be verified.
5954  */
5955 #define SUPPORTED_FILTERS			\
5956 	(FIF_ALLMULTI |				\
5957 	FIF_CONTROL |				\
5958 	FIF_PSPOLL |				\
5959 	FIF_OTHER_BSS |				\
5960 	FIF_BCN_PRBRESP_PROMISC |		\
5961 	FIF_PROBE_REQ |				\
5962 	FIF_FCSFAIL)
5963 
5964 static void ath10k_configure_filter(struct ieee80211_hw *hw,
5965 				    unsigned int changed_flags,
5966 				    unsigned int *total_flags,
5967 				    u64 multicast)
5968 {
5969 	struct ath10k *ar = hw->priv;
5970 	int ret;
5971 
5972 	mutex_lock(&ar->conf_mutex);
5973 
5974 	changed_flags &= SUPPORTED_FILTERS;
5975 	*total_flags &= SUPPORTED_FILTERS;
5976 	ar->filter_flags = *total_flags;
5977 
5978 	ret = ath10k_monitor_recalc(ar);
5979 	if (ret)
5980 		ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
5981 
5982 	mutex_unlock(&ar->conf_mutex);
5983 }
5984 
5985 static void ath10k_recalculate_mgmt_rate(struct ath10k *ar,
5986 					 struct ieee80211_vif *vif,
5987 					 struct cfg80211_chan_def *def)
5988 {
5989 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
5990 	const struct ieee80211_supported_band *sband;
5991 	u8 basic_rate_idx;
5992 	int hw_rate_code;
5993 	u32 vdev_param;
5994 	u16 bitrate;
5995 	int ret;
5996 
5997 	lockdep_assert_held(&ar->conf_mutex);
5998 
5999 	sband = ar->hw->wiphy->bands[def->chan->band];
6000 	basic_rate_idx = ffs(vif->bss_conf.basic_rates) - 1;
6001 	bitrate = sband->bitrates[basic_rate_idx].bitrate;
6002 
6003 	hw_rate_code = ath10k_mac_get_rate_hw_value(bitrate);
6004 	if (hw_rate_code < 0) {
6005 		ath10k_warn(ar, "bitrate not supported %d\n", bitrate);
6006 		return;
6007 	}
6008 
6009 	vdev_param = ar->wmi.vdev_param->mgmt_rate;
6010 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6011 					hw_rate_code);
6012 	if (ret)
6013 		ath10k_warn(ar, "failed to set mgmt tx rate %d\n", ret);
6014 }
6015 
6016 static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
6017 				    struct ieee80211_vif *vif,
6018 				    struct ieee80211_bss_conf *info,
6019 				    u32 changed)
6020 {
6021 	struct ath10k *ar = hw->priv;
6022 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6023 	struct cfg80211_chan_def def;
6024 	u32 vdev_param, pdev_param, slottime, preamble;
6025 	u16 bitrate, hw_value;
6026 	u8 rate, rateidx;
6027 	int ret = 0, mcast_rate;
6028 	enum nl80211_band band;
6029 
6030 	mutex_lock(&ar->conf_mutex);
6031 
6032 	if (changed & BSS_CHANGED_IBSS)
6033 		ath10k_control_ibss(arvif, info, vif->addr);
6034 
6035 	if (changed & BSS_CHANGED_BEACON_INT) {
6036 		arvif->beacon_interval = info->beacon_int;
6037 		vdev_param = ar->wmi.vdev_param->beacon_interval;
6038 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6039 						arvif->beacon_interval);
6040 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6041 			   "mac vdev %d beacon_interval %d\n",
6042 			   arvif->vdev_id, arvif->beacon_interval);
6043 
6044 		if (ret)
6045 			ath10k_warn(ar, "failed to set beacon interval for vdev %d: %i\n",
6046 				    arvif->vdev_id, ret);
6047 	}
6048 
6049 	if (changed & BSS_CHANGED_BEACON) {
6050 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6051 			   "vdev %d set beacon tx mode to staggered\n",
6052 			   arvif->vdev_id);
6053 
6054 		pdev_param = ar->wmi.pdev_param->beacon_tx_mode;
6055 		ret = ath10k_wmi_pdev_set_param(ar, pdev_param,
6056 						WMI_BEACON_STAGGERED_MODE);
6057 		if (ret)
6058 			ath10k_warn(ar, "failed to set beacon mode for vdev %d: %i\n",
6059 				    arvif->vdev_id, ret);
6060 
6061 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
6062 		if (ret)
6063 			ath10k_warn(ar, "failed to update beacon template: %d\n",
6064 				    ret);
6065 
6066 		if (ieee80211_vif_is_mesh(vif)) {
6067 			/* mesh doesn't use SSID but firmware needs it */
6068 			strncpy(arvif->u.ap.ssid, "mesh",
6069 				sizeof(arvif->u.ap.ssid));
6070 			arvif->u.ap.ssid_len = 4;
6071 		}
6072 	}
6073 
6074 	if (changed & BSS_CHANGED_AP_PROBE_RESP) {
6075 		ret = ath10k_mac_setup_prb_tmpl(arvif);
6076 		if (ret)
6077 			ath10k_warn(ar, "failed to setup probe resp template on vdev %i: %d\n",
6078 				    arvif->vdev_id, ret);
6079 	}
6080 
6081 	if (changed & (BSS_CHANGED_BEACON_INFO | BSS_CHANGED_BEACON)) {
6082 		arvif->dtim_period = info->dtim_period;
6083 
6084 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6085 			   "mac vdev %d dtim_period %d\n",
6086 			   arvif->vdev_id, arvif->dtim_period);
6087 
6088 		vdev_param = ar->wmi.vdev_param->dtim_period;
6089 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6090 						arvif->dtim_period);
6091 		if (ret)
6092 			ath10k_warn(ar, "failed to set dtim period for vdev %d: %i\n",
6093 				    arvif->vdev_id, ret);
6094 	}
6095 
6096 	if (changed & BSS_CHANGED_SSID &&
6097 	    vif->type == NL80211_IFTYPE_AP) {
6098 		arvif->u.ap.ssid_len = info->ssid_len;
6099 		if (info->ssid_len)
6100 			memcpy(arvif->u.ap.ssid, info->ssid, info->ssid_len);
6101 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
6102 	}
6103 
6104 	if (changed & BSS_CHANGED_BSSID && !is_zero_ether_addr(info->bssid))
6105 		ether_addr_copy(arvif->bssid, info->bssid);
6106 
6107 	if (changed & BSS_CHANGED_FTM_RESPONDER &&
6108 	    arvif->ftm_responder != info->ftm_responder &&
6109 	    test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map)) {
6110 		arvif->ftm_responder = info->ftm_responder;
6111 
6112 		vdev_param = ar->wmi.vdev_param->rtt_responder_role;
6113 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6114 						arvif->ftm_responder);
6115 
6116 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6117 			   "mac vdev %d ftm_responder %d:ret %d\n",
6118 			   arvif->vdev_id, arvif->ftm_responder, ret);
6119 	}
6120 
6121 	if (changed & BSS_CHANGED_BEACON_ENABLED)
6122 		ath10k_control_beaconing(arvif, info);
6123 
6124 	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
6125 		arvif->use_cts_prot = info->use_cts_prot;
6126 
6127 		ret = ath10k_recalc_rtscts_prot(arvif);
6128 		if (ret)
6129 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
6130 				    arvif->vdev_id, ret);
6131 
6132 		if (ath10k_mac_can_set_cts_prot(arvif)) {
6133 			ret = ath10k_mac_set_cts_prot(arvif);
6134 			if (ret)
6135 				ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
6136 					    arvif->vdev_id, ret);
6137 		}
6138 	}
6139 
6140 	if (changed & BSS_CHANGED_ERP_SLOT) {
6141 		if (info->use_short_slot)
6142 			slottime = WMI_VDEV_SLOT_TIME_SHORT; /* 9us */
6143 
6144 		else
6145 			slottime = WMI_VDEV_SLOT_TIME_LONG; /* 20us */
6146 
6147 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d slot_time %d\n",
6148 			   arvif->vdev_id, slottime);
6149 
6150 		vdev_param = ar->wmi.vdev_param->slot_time;
6151 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6152 						slottime);
6153 		if (ret)
6154 			ath10k_warn(ar, "failed to set erp slot for vdev %d: %i\n",
6155 				    arvif->vdev_id, ret);
6156 	}
6157 
6158 	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
6159 		if (info->use_short_preamble)
6160 			preamble = WMI_VDEV_PREAMBLE_SHORT;
6161 		else
6162 			preamble = WMI_VDEV_PREAMBLE_LONG;
6163 
6164 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6165 			   "mac vdev %d preamble %dn",
6166 			   arvif->vdev_id, preamble);
6167 
6168 		vdev_param = ar->wmi.vdev_param->preamble;
6169 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6170 						preamble);
6171 		if (ret)
6172 			ath10k_warn(ar, "failed to set preamble for vdev %d: %i\n",
6173 				    arvif->vdev_id, ret);
6174 	}
6175 
6176 	if (changed & BSS_CHANGED_ASSOC) {
6177 		if (info->assoc) {
6178 			/* Workaround: Make sure monitor vdev is not running
6179 			 * when associating to prevent some firmware revisions
6180 			 * (e.g. 10.1 and 10.2) from crashing.
6181 			 */
6182 			if (ar->monitor_started)
6183 				ath10k_monitor_stop(ar);
6184 			ath10k_bss_assoc(hw, vif, info);
6185 			ath10k_monitor_recalc(ar);
6186 		} else {
6187 			ath10k_bss_disassoc(hw, vif);
6188 		}
6189 	}
6190 
6191 	if (changed & BSS_CHANGED_TXPOWER) {
6192 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev_id %i txpower %d\n",
6193 			   arvif->vdev_id, info->txpower);
6194 
6195 		arvif->txpower = info->txpower;
6196 		ret = ath10k_mac_txpower_recalc(ar);
6197 		if (ret)
6198 			ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
6199 	}
6200 
6201 	if (changed & BSS_CHANGED_PS) {
6202 		arvif->ps = vif->bss_conf.ps;
6203 
6204 		ret = ath10k_config_ps(ar);
6205 		if (ret)
6206 			ath10k_warn(ar, "failed to setup ps on vdev %i: %d\n",
6207 				    arvif->vdev_id, ret);
6208 	}
6209 
6210 	if (changed & BSS_CHANGED_MCAST_RATE &&
6211 	    !ath10k_mac_vif_chan(arvif->vif, &def)) {
6212 		band = def.chan->band;
6213 		mcast_rate = vif->bss_conf.mcast_rate[band];
6214 		if (mcast_rate > 0)
6215 			rateidx = mcast_rate - 1;
6216 		else
6217 			rateidx = ffs(vif->bss_conf.basic_rates) - 1;
6218 
6219 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6220 			rateidx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6221 
6222 		bitrate = ath10k_wmi_legacy_rates[rateidx].bitrate;
6223 		hw_value = ath10k_wmi_legacy_rates[rateidx].hw_value;
6224 		if (ath10k_mac_bitrate_is_cck(bitrate))
6225 			preamble = WMI_RATE_PREAMBLE_CCK;
6226 		else
6227 			preamble = WMI_RATE_PREAMBLE_OFDM;
6228 
6229 		rate = ATH10K_HW_RATECODE(hw_value, 0, preamble);
6230 
6231 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6232 			   "mac vdev %d mcast_rate %x\n",
6233 			   arvif->vdev_id, rate);
6234 
6235 		vdev_param = ar->wmi.vdev_param->mcast_data_rate;
6236 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6237 						vdev_param, rate);
6238 		if (ret)
6239 			ath10k_warn(ar,
6240 				    "failed to set mcast rate on vdev %i: %d\n",
6241 				    arvif->vdev_id,  ret);
6242 
6243 		vdev_param = ar->wmi.vdev_param->bcast_data_rate;
6244 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
6245 						vdev_param, rate);
6246 		if (ret)
6247 			ath10k_warn(ar,
6248 				    "failed to set bcast rate on vdev %i: %d\n",
6249 				    arvif->vdev_id,  ret);
6250 	}
6251 
6252 	if (changed & BSS_CHANGED_BASIC_RATES &&
6253 	    !ath10k_mac_vif_chan(arvif->vif, &def))
6254 		ath10k_recalculate_mgmt_rate(ar, vif, &def);
6255 
6256 	mutex_unlock(&ar->conf_mutex);
6257 }
6258 
6259 static void ath10k_mac_op_set_coverage_class(struct ieee80211_hw *hw, s16 value)
6260 {
6261 	struct ath10k *ar = hw->priv;
6262 
6263 	/* This function should never be called if setting the coverage class
6264 	 * is not supported on this hardware.
6265 	 */
6266 	if (!ar->hw_params.hw_ops->set_coverage_class) {
6267 		WARN_ON_ONCE(1);
6268 		return;
6269 	}
6270 	ar->hw_params.hw_ops->set_coverage_class(ar, value);
6271 }
6272 
6273 struct ath10k_mac_tdls_iter_data {
6274 	u32 num_tdls_stations;
6275 	struct ieee80211_vif *curr_vif;
6276 };
6277 
6278 static void ath10k_mac_tdls_vif_stations_count_iter(void *data,
6279 						    struct ieee80211_sta *sta)
6280 {
6281 	struct ath10k_mac_tdls_iter_data *iter_data = data;
6282 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
6283 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
6284 
6285 	if (sta->tdls && sta_vif == iter_data->curr_vif)
6286 		iter_data->num_tdls_stations++;
6287 }
6288 
6289 static int ath10k_mac_tdls_vif_stations_count(struct ieee80211_hw *hw,
6290 					      struct ieee80211_vif *vif)
6291 {
6292 	struct ath10k_mac_tdls_iter_data data = {};
6293 
6294 	data.curr_vif = vif;
6295 
6296 	ieee80211_iterate_stations_atomic(hw,
6297 					  ath10k_mac_tdls_vif_stations_count_iter,
6298 					  &data);
6299 	return data.num_tdls_stations;
6300 }
6301 
6302 static int ath10k_hw_scan(struct ieee80211_hw *hw,
6303 			  struct ieee80211_vif *vif,
6304 			  struct ieee80211_scan_request *hw_req)
6305 {
6306 	struct ath10k *ar = hw->priv;
6307 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6308 	struct cfg80211_scan_request *req = &hw_req->req;
6309 	struct wmi_start_scan_arg arg;
6310 	int ret = 0;
6311 	int i;
6312 	u32 scan_timeout;
6313 
6314 	mutex_lock(&ar->conf_mutex);
6315 
6316 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
6317 		ret = -EBUSY;
6318 		goto exit;
6319 	}
6320 
6321 	spin_lock_bh(&ar->data_lock);
6322 	switch (ar->scan.state) {
6323 	case ATH10K_SCAN_IDLE:
6324 		reinit_completion(&ar->scan.started);
6325 		reinit_completion(&ar->scan.completed);
6326 		ar->scan.state = ATH10K_SCAN_STARTING;
6327 		ar->scan.is_roc = false;
6328 		ar->scan.vdev_id = arvif->vdev_id;
6329 		ret = 0;
6330 		break;
6331 	case ATH10K_SCAN_STARTING:
6332 	case ATH10K_SCAN_RUNNING:
6333 	case ATH10K_SCAN_ABORTING:
6334 		ret = -EBUSY;
6335 		break;
6336 	}
6337 	spin_unlock_bh(&ar->data_lock);
6338 
6339 	if (ret)
6340 		goto exit;
6341 
6342 	memset(&arg, 0, sizeof(arg));
6343 	ath10k_wmi_start_scan_init(ar, &arg);
6344 	arg.vdev_id = arvif->vdev_id;
6345 	arg.scan_id = ATH10K_SCAN_ID;
6346 
6347 	if (req->ie_len) {
6348 		arg.ie_len = req->ie_len;
6349 		memcpy(arg.ie, req->ie, arg.ie_len);
6350 	}
6351 
6352 	if (req->n_ssids) {
6353 		arg.n_ssids = req->n_ssids;
6354 		for (i = 0; i < arg.n_ssids; i++) {
6355 			arg.ssids[i].len  = req->ssids[i].ssid_len;
6356 			arg.ssids[i].ssid = req->ssids[i].ssid;
6357 		}
6358 	} else {
6359 		arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
6360 	}
6361 
6362 	if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
6363 		arg.scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOFED_MAC_IN_PROBE_REQ;
6364 		ether_addr_copy(arg.mac_addr.addr, req->mac_addr);
6365 		ether_addr_copy(arg.mac_mask.addr, req->mac_addr_mask);
6366 	}
6367 
6368 	if (req->n_channels) {
6369 		arg.n_channels = req->n_channels;
6370 		for (i = 0; i < arg.n_channels; i++)
6371 			arg.channels[i] = req->channels[i]->center_freq;
6372 	}
6373 
6374 	/* if duration is set, default dwell times will be overwritten */
6375 	if (req->duration) {
6376 		arg.dwell_time_active = req->duration;
6377 		arg.dwell_time_passive = req->duration;
6378 		arg.burst_duration_ms = req->duration;
6379 
6380 		scan_timeout = min_t(u32, arg.max_rest_time *
6381 				(arg.n_channels - 1) + (req->duration +
6382 				ATH10K_SCAN_CHANNEL_SWITCH_WMI_EVT_OVERHEAD) *
6383 				arg.n_channels, arg.max_scan_time);
6384 	} else {
6385 		scan_timeout = arg.max_scan_time;
6386 	}
6387 
6388 	/* Add a 200ms margin to account for event/command processing */
6389 	scan_timeout += 200;
6390 
6391 	ret = ath10k_start_scan(ar, &arg);
6392 	if (ret) {
6393 		ath10k_warn(ar, "failed to start hw scan: %d\n", ret);
6394 		spin_lock_bh(&ar->data_lock);
6395 		ar->scan.state = ATH10K_SCAN_IDLE;
6396 		spin_unlock_bh(&ar->data_lock);
6397 	}
6398 
6399 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
6400 				     msecs_to_jiffies(scan_timeout));
6401 
6402 exit:
6403 	mutex_unlock(&ar->conf_mutex);
6404 	return ret;
6405 }
6406 
6407 static void ath10k_cancel_hw_scan(struct ieee80211_hw *hw,
6408 				  struct ieee80211_vif *vif)
6409 {
6410 	struct ath10k *ar = hw->priv;
6411 
6412 	mutex_lock(&ar->conf_mutex);
6413 	ath10k_scan_abort(ar);
6414 	mutex_unlock(&ar->conf_mutex);
6415 
6416 	cancel_delayed_work_sync(&ar->scan.timeout);
6417 }
6418 
6419 static void ath10k_set_key_h_def_keyidx(struct ath10k *ar,
6420 					struct ath10k_vif *arvif,
6421 					enum set_key_cmd cmd,
6422 					struct ieee80211_key_conf *key)
6423 {
6424 	u32 vdev_param = arvif->ar->wmi.vdev_param->def_keyid;
6425 	int ret;
6426 
6427 	/* 10.1 firmware branch requires default key index to be set to group
6428 	 * key index after installing it. Otherwise FW/HW Txes corrupted
6429 	 * frames with multi-vif APs. This is not required for main firmware
6430 	 * branch (e.g. 636).
6431 	 *
6432 	 * This is also needed for 636 fw for IBSS-RSN to work more reliably.
6433 	 *
6434 	 * FIXME: It remains unknown if this is required for multi-vif STA
6435 	 * interfaces on 10.1.
6436 	 */
6437 
6438 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
6439 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
6440 		return;
6441 
6442 	if (key->cipher == WLAN_CIPHER_SUITE_WEP40)
6443 		return;
6444 
6445 	if (key->cipher == WLAN_CIPHER_SUITE_WEP104)
6446 		return;
6447 
6448 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6449 		return;
6450 
6451 	if (cmd != SET_KEY)
6452 		return;
6453 
6454 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
6455 					key->keyidx);
6456 	if (ret)
6457 		ath10k_warn(ar, "failed to set vdev %i group key as default key: %d\n",
6458 			    arvif->vdev_id, ret);
6459 }
6460 
6461 static int ath10k_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
6462 			  struct ieee80211_vif *vif, struct ieee80211_sta *sta,
6463 			  struct ieee80211_key_conf *key)
6464 {
6465 	struct ath10k *ar = hw->priv;
6466 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6467 	struct ath10k_sta *arsta;
6468 	struct ath10k_peer *peer;
6469 	const u8 *peer_addr;
6470 	bool is_wep = key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
6471 		      key->cipher == WLAN_CIPHER_SUITE_WEP104;
6472 	int ret = 0;
6473 	int ret2;
6474 	u32 flags = 0;
6475 	u32 flags2;
6476 
6477 	/* this one needs to be done in software */
6478 	if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
6479 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
6480 	    key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256 ||
6481 	    key->cipher == WLAN_CIPHER_SUITE_BIP_CMAC_256)
6482 		return 1;
6483 
6484 	if (arvif->nohwcrypt)
6485 		return 1;
6486 
6487 	if (key->keyidx > WMI_MAX_KEY_INDEX)
6488 		return -ENOSPC;
6489 
6490 	mutex_lock(&ar->conf_mutex);
6491 
6492 	if (sta) {
6493 		arsta = (struct ath10k_sta *)sta->drv_priv;
6494 		peer_addr = sta->addr;
6495 		spin_lock_bh(&ar->data_lock);
6496 		arsta->ucast_cipher = key->cipher;
6497 		spin_unlock_bh(&ar->data_lock);
6498 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
6499 		peer_addr = vif->bss_conf.bssid;
6500 	} else {
6501 		peer_addr = vif->addr;
6502 	}
6503 
6504 	key->hw_key_idx = key->keyidx;
6505 
6506 	if (is_wep) {
6507 		if (cmd == SET_KEY)
6508 			arvif->wep_keys[key->keyidx] = key;
6509 		else
6510 			arvif->wep_keys[key->keyidx] = NULL;
6511 	}
6512 
6513 	/* the peer should not disappear in mid-way (unless FW goes awry) since
6514 	 * we already hold conf_mutex. we just make sure its there now.
6515 	 */
6516 	spin_lock_bh(&ar->data_lock);
6517 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6518 	spin_unlock_bh(&ar->data_lock);
6519 
6520 	if (!peer) {
6521 		if (cmd == SET_KEY) {
6522 			ath10k_warn(ar, "failed to install key for non-existent peer %pM\n",
6523 				    peer_addr);
6524 			ret = -EOPNOTSUPP;
6525 			goto exit;
6526 		} else {
6527 			/* if the peer doesn't exist there is no key to disable anymore */
6528 			goto exit;
6529 		}
6530 	}
6531 
6532 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
6533 		flags |= WMI_KEY_PAIRWISE;
6534 	else
6535 		flags |= WMI_KEY_GROUP;
6536 
6537 	if (is_wep) {
6538 		if (cmd == DISABLE_KEY)
6539 			ath10k_clear_vdev_key(arvif, key);
6540 
6541 		/* When WEP keys are uploaded it's possible that there are
6542 		 * stations associated already (e.g. when merging) without any
6543 		 * keys. Static WEP needs an explicit per-peer key upload.
6544 		 */
6545 		if (vif->type == NL80211_IFTYPE_ADHOC &&
6546 		    cmd == SET_KEY)
6547 			ath10k_mac_vif_update_wep_key(arvif, key);
6548 
6549 		/* 802.1x never sets the def_wep_key_idx so each set_key()
6550 		 * call changes default tx key.
6551 		 *
6552 		 * Static WEP sets def_wep_key_idx via .set_default_unicast_key
6553 		 * after first set_key().
6554 		 */
6555 		if (cmd == SET_KEY && arvif->def_wep_key_idx == -1)
6556 			flags |= WMI_KEY_TX_USAGE;
6557 	}
6558 
6559 	ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags);
6560 	if (ret) {
6561 		WARN_ON(ret > 0);
6562 		ath10k_warn(ar, "failed to install key for vdev %i peer %pM: %d\n",
6563 			    arvif->vdev_id, peer_addr, ret);
6564 		goto exit;
6565 	}
6566 
6567 	/* mac80211 sets static WEP keys as groupwise while firmware requires
6568 	 * them to be installed twice as both pairwise and groupwise.
6569 	 */
6570 	if (is_wep && !sta && vif->type == NL80211_IFTYPE_STATION) {
6571 		flags2 = flags;
6572 		flags2 &= ~WMI_KEY_GROUP;
6573 		flags2 |= WMI_KEY_PAIRWISE;
6574 
6575 		ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags2);
6576 		if (ret) {
6577 			WARN_ON(ret > 0);
6578 			ath10k_warn(ar, "failed to install (ucast) key for vdev %i peer %pM: %d\n",
6579 				    arvif->vdev_id, peer_addr, ret);
6580 			ret2 = ath10k_install_key(arvif, key, DISABLE_KEY,
6581 						  peer_addr, flags);
6582 			if (ret2) {
6583 				WARN_ON(ret2 > 0);
6584 				ath10k_warn(ar, "failed to disable (mcast) key for vdev %i peer %pM: %d\n",
6585 					    arvif->vdev_id, peer_addr, ret2);
6586 			}
6587 			goto exit;
6588 		}
6589 	}
6590 
6591 	ath10k_set_key_h_def_keyidx(ar, arvif, cmd, key);
6592 
6593 	spin_lock_bh(&ar->data_lock);
6594 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
6595 	if (peer && cmd == SET_KEY)
6596 		peer->keys[key->keyidx] = key;
6597 	else if (peer && cmd == DISABLE_KEY)
6598 		peer->keys[key->keyidx] = NULL;
6599 	else if (peer == NULL)
6600 		/* impossible unless FW goes crazy */
6601 		ath10k_warn(ar, "Peer %pM disappeared!\n", peer_addr);
6602 	spin_unlock_bh(&ar->data_lock);
6603 
6604 	if (sta && sta->tdls)
6605 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6606 					  ar->wmi.peer_param->authorize, 1);
6607 	else if (sta && cmd == SET_KEY && (key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
6608 		ath10k_wmi_peer_set_param(ar, arvif->vdev_id, peer_addr,
6609 					  ar->wmi.peer_param->authorize, 1);
6610 
6611 exit:
6612 	mutex_unlock(&ar->conf_mutex);
6613 	return ret;
6614 }
6615 
6616 static void ath10k_set_default_unicast_key(struct ieee80211_hw *hw,
6617 					   struct ieee80211_vif *vif,
6618 					   int keyidx)
6619 {
6620 	struct ath10k *ar = hw->priv;
6621 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6622 	int ret;
6623 
6624 	mutex_lock(&arvif->ar->conf_mutex);
6625 
6626 	if (arvif->ar->state != ATH10K_STATE_ON)
6627 		goto unlock;
6628 
6629 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d set keyidx %d\n",
6630 		   arvif->vdev_id, keyidx);
6631 
6632 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
6633 					arvif->vdev_id,
6634 					arvif->ar->wmi.vdev_param->def_keyid,
6635 					keyidx);
6636 
6637 	if (ret) {
6638 		ath10k_warn(ar, "failed to update wep key index for vdev %d: %d\n",
6639 			    arvif->vdev_id,
6640 			    ret);
6641 		goto unlock;
6642 	}
6643 
6644 	arvif->def_wep_key_idx = keyidx;
6645 
6646 unlock:
6647 	mutex_unlock(&arvif->ar->conf_mutex);
6648 }
6649 
6650 static void ath10k_sta_rc_update_wk(struct work_struct *wk)
6651 {
6652 	struct ath10k *ar;
6653 	struct ath10k_vif *arvif;
6654 	struct ath10k_sta *arsta;
6655 	struct ieee80211_sta *sta;
6656 	struct cfg80211_chan_def def;
6657 	enum nl80211_band band;
6658 	const u8 *ht_mcs_mask;
6659 	const u16 *vht_mcs_mask;
6660 	u32 changed, bw, nss, smps;
6661 	int err;
6662 
6663 	arsta = container_of(wk, struct ath10k_sta, update_wk);
6664 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
6665 	arvif = arsta->arvif;
6666 	ar = arvif->ar;
6667 
6668 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
6669 		return;
6670 
6671 	band = def.chan->band;
6672 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
6673 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
6674 
6675 	spin_lock_bh(&ar->data_lock);
6676 
6677 	changed = arsta->changed;
6678 	arsta->changed = 0;
6679 
6680 	bw = arsta->bw;
6681 	nss = arsta->nss;
6682 	smps = arsta->smps;
6683 
6684 	spin_unlock_bh(&ar->data_lock);
6685 
6686 	mutex_lock(&ar->conf_mutex);
6687 
6688 	nss = max_t(u32, 1, nss);
6689 	nss = min(nss, max(ath10k_mac_max_ht_nss(ht_mcs_mask),
6690 			   ath10k_mac_max_vht_nss(vht_mcs_mask)));
6691 
6692 	if (changed & IEEE80211_RC_BW_CHANGED) {
6693 		enum wmi_phy_mode mode;
6694 
6695 		mode = chan_to_phymode(&def);
6696 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM peer bw %d phymode %d\n",
6697 			   sta->addr, bw, mode);
6698 
6699 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6700 						ar->wmi.peer_param->phymode, mode);
6701 		if (err) {
6702 			ath10k_warn(ar, "failed to update STA %pM peer phymode %d: %d\n",
6703 				    sta->addr, mode, err);
6704 			goto exit;
6705 		}
6706 
6707 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6708 						ar->wmi.peer_param->chan_width, bw);
6709 		if (err)
6710 			ath10k_warn(ar, "failed to update STA %pM peer bw %d: %d\n",
6711 				    sta->addr, bw, err);
6712 	}
6713 
6714 	if (changed & IEEE80211_RC_NSS_CHANGED) {
6715 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM nss %d\n",
6716 			   sta->addr, nss);
6717 
6718 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6719 						ar->wmi.peer_param->nss, nss);
6720 		if (err)
6721 			ath10k_warn(ar, "failed to update STA %pM nss %d: %d\n",
6722 				    sta->addr, nss, err);
6723 	}
6724 
6725 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
6726 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM smps %d\n",
6727 			   sta->addr, smps);
6728 
6729 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6730 						ar->wmi.peer_param->smps_state, smps);
6731 		if (err)
6732 			ath10k_warn(ar, "failed to update STA %pM smps %d: %d\n",
6733 				    sta->addr, smps, err);
6734 	}
6735 
6736 	if (changed & IEEE80211_RC_SUPP_RATES_CHANGED) {
6737 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac update sta %pM supp rates\n",
6738 			   sta->addr);
6739 
6740 		err = ath10k_station_assoc(ar, arvif->vif, sta, true);
6741 		if (err)
6742 			ath10k_warn(ar, "failed to reassociate station: %pM\n",
6743 				    sta->addr);
6744 	}
6745 
6746 exit:
6747 	mutex_unlock(&ar->conf_mutex);
6748 }
6749 
6750 static int ath10k_mac_inc_num_stations(struct ath10k_vif *arvif,
6751 				       struct ieee80211_sta *sta)
6752 {
6753 	struct ath10k *ar = arvif->ar;
6754 
6755 	lockdep_assert_held(&ar->conf_mutex);
6756 
6757 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6758 		return 0;
6759 
6760 	if (ar->num_stations >= ar->max_num_stations)
6761 		return -ENOBUFS;
6762 
6763 	ar->num_stations++;
6764 
6765 	return 0;
6766 }
6767 
6768 static void ath10k_mac_dec_num_stations(struct ath10k_vif *arvif,
6769 					struct ieee80211_sta *sta)
6770 {
6771 	struct ath10k *ar = arvif->ar;
6772 
6773 	lockdep_assert_held(&ar->conf_mutex);
6774 
6775 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
6776 		return;
6777 
6778 	ar->num_stations--;
6779 }
6780 
6781 static int ath10k_sta_set_txpwr(struct ieee80211_hw *hw,
6782 				struct ieee80211_vif *vif,
6783 				struct ieee80211_sta *sta)
6784 {
6785 	struct ath10k *ar = hw->priv;
6786 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6787 	int ret = 0;
6788 	s16 txpwr;
6789 
6790 	if (sta->txpwr.type == NL80211_TX_POWER_AUTOMATIC) {
6791 		txpwr = 0;
6792 	} else {
6793 		txpwr = sta->txpwr.power;
6794 		if (!txpwr)
6795 			return -EINVAL;
6796 	}
6797 
6798 	if (txpwr > ATH10K_TX_POWER_MAX_VAL || txpwr < ATH10K_TX_POWER_MIN_VAL)
6799 		return -EINVAL;
6800 
6801 	mutex_lock(&ar->conf_mutex);
6802 
6803 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
6804 					ar->wmi.peer_param->use_fixed_power, txpwr);
6805 	if (ret) {
6806 		ath10k_warn(ar, "failed to set tx power for station ret: %d\n",
6807 			    ret);
6808 		goto out;
6809 	}
6810 
6811 out:
6812 	mutex_unlock(&ar->conf_mutex);
6813 	return ret;
6814 }
6815 
6816 struct ath10k_mac_iter_tid_conf_data {
6817 	struct ieee80211_vif *curr_vif;
6818 	struct ath10k *ar;
6819 	bool reset_config;
6820 };
6821 
6822 static bool
6823 ath10k_mac_bitrate_mask_has_single_rate(struct ath10k *ar,
6824 					enum nl80211_band band,
6825 					const struct cfg80211_bitrate_mask *mask,
6826 					int *vht_num_rates)
6827 {
6828 	int num_rates = 0;
6829 	int i, tmp;
6830 
6831 	num_rates += hweight32(mask->control[band].legacy);
6832 
6833 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++)
6834 		num_rates += hweight8(mask->control[band].ht_mcs[i]);
6835 
6836 	*vht_num_rates = 0;
6837 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6838 		tmp = hweight16(mask->control[band].vht_mcs[i]);
6839 		num_rates += tmp;
6840 		*vht_num_rates += tmp;
6841 	}
6842 
6843 	return num_rates == 1;
6844 }
6845 
6846 static int
6847 ath10k_mac_bitrate_mask_get_single_rate(struct ath10k *ar,
6848 					enum nl80211_band band,
6849 					const struct cfg80211_bitrate_mask *mask,
6850 					u8 *rate, u8 *nss, bool vht_only)
6851 {
6852 	int rate_idx;
6853 	int i;
6854 	u16 bitrate;
6855 	u8 preamble;
6856 	u8 hw_rate;
6857 
6858 	if (vht_only)
6859 		goto next;
6860 
6861 	if (hweight32(mask->control[band].legacy) == 1) {
6862 		rate_idx = ffs(mask->control[band].legacy) - 1;
6863 
6864 		if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY)
6865 			rate_idx += ATH10K_MAC_FIRST_OFDM_RATE_IDX;
6866 
6867 		hw_rate = ath10k_wmi_legacy_rates[rate_idx].hw_value;
6868 		bitrate = ath10k_wmi_legacy_rates[rate_idx].bitrate;
6869 
6870 		if (ath10k_mac_bitrate_is_cck(bitrate))
6871 			preamble = WMI_RATE_PREAMBLE_CCK;
6872 		else
6873 			preamble = WMI_RATE_PREAMBLE_OFDM;
6874 
6875 		*nss = 1;
6876 		*rate = preamble << 6 |
6877 			(*nss - 1) << 4 |
6878 			hw_rate << 0;
6879 
6880 		return 0;
6881 	}
6882 
6883 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
6884 		if (hweight8(mask->control[band].ht_mcs[i]) == 1) {
6885 			*nss = i + 1;
6886 			*rate = WMI_RATE_PREAMBLE_HT << 6 |
6887 				(*nss - 1) << 4 |
6888 				(ffs(mask->control[band].ht_mcs[i]) - 1);
6889 
6890 			return 0;
6891 		}
6892 	}
6893 
6894 next:
6895 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
6896 		if (hweight16(mask->control[band].vht_mcs[i]) == 1) {
6897 			*nss = i + 1;
6898 			*rate = WMI_RATE_PREAMBLE_VHT << 6 |
6899 				(*nss - 1) << 4 |
6900 				(ffs(mask->control[band].vht_mcs[i]) - 1);
6901 
6902 			return 0;
6903 		}
6904 	}
6905 
6906 	return -EINVAL;
6907 }
6908 
6909 static int ath10k_mac_validate_rate_mask(struct ath10k *ar,
6910 					 struct ieee80211_sta *sta,
6911 					 u32 rate_ctrl_flag, u8 nss)
6912 {
6913 	if (nss > sta->rx_nss) {
6914 		ath10k_warn(ar, "Invalid nss field, configured %u limit %u\n",
6915 			    nss, sta->rx_nss);
6916 		return -EINVAL;
6917 	}
6918 
6919 	if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_VHT) {
6920 		if (!sta->vht_cap.vht_supported) {
6921 			ath10k_warn(ar, "Invalid VHT rate for sta %pM\n",
6922 				    sta->addr);
6923 			return -EINVAL;
6924 		}
6925 	} else if (ATH10K_HW_PREAMBLE(rate_ctrl_flag) == WMI_RATE_PREAMBLE_HT) {
6926 		if (!sta->ht_cap.ht_supported || sta->vht_cap.vht_supported) {
6927 			ath10k_warn(ar, "Invalid HT rate for sta %pM\n",
6928 				    sta->addr);
6929 			return -EINVAL;
6930 		}
6931 	} else {
6932 		if (sta->ht_cap.ht_supported || sta->vht_cap.vht_supported)
6933 			return -EINVAL;
6934 	}
6935 
6936 	return 0;
6937 }
6938 
6939 static int
6940 ath10k_mac_tid_bitrate_config(struct ath10k *ar,
6941 			      struct ieee80211_vif *vif,
6942 			      struct ieee80211_sta *sta,
6943 			      u32 *rate_ctrl_flag, u8 *rate_ctrl,
6944 			      enum nl80211_tx_rate_setting txrate_type,
6945 			      const struct cfg80211_bitrate_mask *mask)
6946 {
6947 	struct cfg80211_chan_def def;
6948 	enum nl80211_band band;
6949 	u8 nss, rate;
6950 	int vht_num_rates, ret;
6951 
6952 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
6953 		return -EINVAL;
6954 
6955 	if (txrate_type == NL80211_TX_RATE_AUTOMATIC) {
6956 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
6957 		*rate_ctrl_flag = 0;
6958 		return 0;
6959 	}
6960 
6961 	band = def.chan->band;
6962 
6963 	if (!ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
6964 						     &vht_num_rates)) {
6965 		return -EINVAL;
6966 	}
6967 
6968 	ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
6969 						      &rate, &nss, false);
6970 	if (ret) {
6971 		ath10k_warn(ar, "failed to get single rate: %d\n",
6972 			    ret);
6973 		return ret;
6974 	}
6975 
6976 	*rate_ctrl_flag = rate;
6977 
6978 	if (sta && ath10k_mac_validate_rate_mask(ar, sta, *rate_ctrl_flag, nss))
6979 		return -EINVAL;
6980 
6981 	if (txrate_type == NL80211_TX_RATE_FIXED)
6982 		*rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_FIXED_RATE;
6983 	else if (txrate_type == NL80211_TX_RATE_LIMITED &&
6984 		 (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
6985 			   ar->wmi.svc_map)))
6986 		*rate_ctrl = WMI_PEER_TID_CONFIG_RATE_UPPER_CAP;
6987 	else
6988 		return -EOPNOTSUPP;
6989 
6990 	return 0;
6991 }
6992 
6993 static int ath10k_mac_set_tid_config(struct ath10k *ar, struct ieee80211_sta *sta,
6994 				     struct ieee80211_vif *vif, u32 changed,
6995 				     struct wmi_per_peer_per_tid_cfg_arg *arg)
6996 {
6997 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6998 	struct ath10k_sta *arsta;
6999 	int ret;
7000 
7001 	if (sta) {
7002 		if (!sta->wme)
7003 			return -ENOTSUPP;
7004 
7005 		arsta = (struct ath10k_sta *)sta->drv_priv;
7006 
7007 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7008 			if ((arsta->retry_long[arg->tid] > 0 ||
7009 			     arsta->rate_code[arg->tid] > 0 ||
7010 			     arsta->ampdu[arg->tid] ==
7011 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
7012 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
7013 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
7014 				arg->ack_policy = 0;
7015 				arg->aggr_control = 0;
7016 				arg->rate_ctrl = 0;
7017 				arg->rcode_flags = 0;
7018 			}
7019 		}
7020 
7021 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7022 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
7023 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7024 				arg->aggr_control = 0;
7025 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
7026 			}
7027 		}
7028 
7029 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7030 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7031 			if (arsta->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK ||
7032 			    arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7033 				arg->rate_ctrl = 0;
7034 				arg->rcode_flags = 0;
7035 			}
7036 		}
7037 
7038 		ether_addr_copy(arg->peer_macaddr.addr, sta->addr);
7039 
7040 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, arg);
7041 		if (ret)
7042 			return ret;
7043 
7044 		/* Store the configured parameters in success case */
7045 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7046 			arsta->noack[arg->tid] = arg->ack_policy;
7047 			arg->ack_policy = 0;
7048 			arg->aggr_control = 0;
7049 			arg->rate_ctrl = 0;
7050 			arg->rcode_flags = 0;
7051 		}
7052 
7053 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7054 			arsta->retry_long[arg->tid] = arg->retry_count;
7055 			arg->retry_count = 0;
7056 		}
7057 
7058 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7059 			arsta->ampdu[arg->tid] = arg->aggr_control;
7060 			arg->aggr_control = 0;
7061 		}
7062 
7063 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7064 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7065 			arsta->rate_ctrl[arg->tid] = arg->rate_ctrl;
7066 			arg->rate_ctrl = 0;
7067 			arg->rcode_flags = 0;
7068 		}
7069 
7070 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7071 			arsta->rtscts[arg->tid] = arg->rtscts_ctrl;
7072 			arg->ext_tid_cfg_bitmap = 0;
7073 		}
7074 	} else {
7075 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7076 			if ((arvif->retry_long[arg->tid] ||
7077 			     arvif->rate_code[arg->tid] ||
7078 			     arvif->ampdu[arg->tid] ==
7079 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE) &&
7080 			     arg->ack_policy == WMI_PEER_TID_CONFIG_NOACK) {
7081 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_NOACK);
7082 			} else {
7083 				arvif->noack[arg->tid] = arg->ack_policy;
7084 				arvif->ampdu[arg->tid] = arg->aggr_control;
7085 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
7086 			}
7087 		}
7088 
7089 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7090 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
7091 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
7092 			else
7093 				arvif->retry_long[arg->tid] = arg->retry_count;
7094 		}
7095 
7096 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7097 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK)
7098 				changed &= ~BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL);
7099 			else
7100 				arvif->ampdu[arg->tid] = arg->aggr_control;
7101 		}
7102 
7103 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7104 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7105 			if (arvif->noack[arg->tid] == WMI_PEER_TID_CONFIG_NOACK) {
7106 				changed &= ~(BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7107 					     BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE));
7108 			} else {
7109 				arvif->rate_ctrl[arg->tid] = arg->rate_ctrl;
7110 				arvif->rate_code[arg->tid] = arg->rcode_flags;
7111 			}
7112 		}
7113 
7114 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7115 			arvif->rtscts[arg->tid] = arg->rtscts_ctrl;
7116 			arg->ext_tid_cfg_bitmap = 0;
7117 		}
7118 
7119 		if (changed)
7120 			arvif->tid_conf_changed[arg->tid] |= changed;
7121 	}
7122 
7123 	return 0;
7124 }
7125 
7126 static int
7127 ath10k_mac_parse_tid_config(struct ath10k *ar,
7128 			    struct ieee80211_sta *sta,
7129 			    struct ieee80211_vif *vif,
7130 			    struct cfg80211_tid_cfg *tid_conf,
7131 			    struct wmi_per_peer_per_tid_cfg_arg *arg)
7132 {
7133 	u32 changed = tid_conf->mask;
7134 	int ret = 0, i = 0;
7135 
7136 	if (!changed)
7137 		return -EINVAL;
7138 
7139 	while (i < ATH10K_TID_MAX) {
7140 		if (!(tid_conf->tids & BIT(i))) {
7141 			i++;
7142 			continue;
7143 		}
7144 
7145 		arg->tid = i;
7146 
7147 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7148 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE) {
7149 				arg->ack_policy = WMI_PEER_TID_CONFIG_NOACK;
7150 				arg->rate_ctrl =
7151 				WMI_TID_CONFIG_RATE_CONTROL_DEFAULT_LOWEST_RATE;
7152 				arg->aggr_control =
7153 					WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7154 			} else {
7155 				arg->ack_policy =
7156 					WMI_PEER_TID_CONFIG_ACK;
7157 				arg->rate_ctrl =
7158 					WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7159 				arg->aggr_control =
7160 					WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7161 			}
7162 		}
7163 
7164 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG))
7165 			arg->retry_count = tid_conf->retry_long;
7166 
7167 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7168 			if (tid_conf->noack == NL80211_TID_CONFIG_ENABLE)
7169 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7170 			else
7171 				arg->aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_DISABLE;
7172 		}
7173 
7174 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7175 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7176 			ret = ath10k_mac_tid_bitrate_config(ar, vif, sta,
7177 							    &arg->rcode_flags,
7178 							    &arg->rate_ctrl,
7179 							    tid_conf->txrate_type,
7180 							&tid_conf->txrate_mask);
7181 			if (ret) {
7182 				ath10k_warn(ar, "failed to configure bitrate mask %d\n",
7183 					    ret);
7184 				arg->rcode_flags = 0;
7185 				arg->rate_ctrl = 0;
7186 			}
7187 		}
7188 
7189 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7190 			if (tid_conf->rtscts)
7191 				arg->rtscts_ctrl = tid_conf->rtscts;
7192 
7193 			arg->ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7194 		}
7195 
7196 		ret = ath10k_mac_set_tid_config(ar, sta, vif, changed, arg);
7197 		if (ret)
7198 			return ret;
7199 		i++;
7200 	}
7201 
7202 	return ret;
7203 }
7204 
7205 static int ath10k_mac_reset_tid_config(struct ath10k *ar,
7206 				       struct ieee80211_sta *sta,
7207 				       struct ath10k_vif *arvif,
7208 				       u8 tids)
7209 {
7210 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7211 	struct wmi_per_peer_per_tid_cfg_arg arg;
7212 	int ret = 0, i = 0;
7213 
7214 	arg.vdev_id = arvif->vdev_id;
7215 	while (i < ATH10K_TID_MAX) {
7216 		if (!(tids & BIT(i))) {
7217 			i++;
7218 			continue;
7219 		}
7220 
7221 		arg.tid = i;
7222 		arg.ack_policy = WMI_PEER_TID_CONFIG_ACK;
7223 		arg.retry_count = ATH10K_MAX_RETRY_COUNT;
7224 		arg.rate_ctrl = WMI_TID_CONFIG_RATE_CONTROL_AUTO;
7225 		arg.aggr_control = WMI_TID_CONFIG_AGGR_CONTROL_ENABLE;
7226 		arg.rtscts_ctrl = WMI_TID_CONFIG_RTSCTS_CONTROL_ENABLE;
7227 		arg.ext_tid_cfg_bitmap = WMI_EXT_TID_RTS_CTS_CONFIG;
7228 
7229 		ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7230 
7231 		ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7232 		if (ret)
7233 			return ret;
7234 
7235 		if (!arvif->tids_rst) {
7236 			arsta->retry_long[i] = -1;
7237 			arsta->noack[i] = -1;
7238 			arsta->ampdu[i] = -1;
7239 			arsta->rate_code[i] = -1;
7240 			arsta->rate_ctrl[i] = 0;
7241 			arsta->rtscts[i] = -1;
7242 		} else {
7243 			arvif->retry_long[i] = 0;
7244 			arvif->noack[i] = 0;
7245 			arvif->ampdu[i] = 0;
7246 			arvif->rate_code[i] = 0;
7247 			arvif->rate_ctrl[i] = 0;
7248 			arvif->rtscts[i] = 0;
7249 		}
7250 
7251 		i++;
7252 	}
7253 
7254 	return ret;
7255 }
7256 
7257 static void ath10k_sta_tid_cfg_wk(struct work_struct *wk)
7258 {
7259 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
7260 	struct ieee80211_sta *sta;
7261 	struct ath10k_sta *arsta;
7262 	struct ath10k_vif *arvif;
7263 	struct ath10k *ar;
7264 	bool config_apply;
7265 	int ret, i;
7266 	u32 changed;
7267 	u8 nss;
7268 
7269 	arsta = container_of(wk, struct ath10k_sta, tid_config_wk);
7270 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
7271 	arvif = arsta->arvif;
7272 	ar = arvif->ar;
7273 
7274 	mutex_lock(&ar->conf_mutex);
7275 
7276 	if (arvif->tids_rst) {
7277 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif,
7278 						  arvif->tids_rst);
7279 		goto exit;
7280 	}
7281 
7282 	ether_addr_copy(arg.peer_macaddr.addr, sta->addr);
7283 
7284 	for (i = 0; i < ATH10K_TID_MAX; i++) {
7285 		config_apply = false;
7286 		changed = arvif->tid_conf_changed[i];
7287 
7288 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_NOACK)) {
7289 			if (arsta->noack[i] != -1) {
7290 				arg.ack_policy  = 0;
7291 			} else {
7292 				config_apply = true;
7293 				arg.ack_policy = arvif->noack[i];
7294 				arg.aggr_control = arvif->ampdu[i];
7295 				arg.rate_ctrl = arvif->rate_ctrl[i];
7296 			}
7297 		}
7298 
7299 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG)) {
7300 			if (arsta->retry_long[i] != -1 ||
7301 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7302 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7303 				arg.retry_count = 0;
7304 			} else {
7305 				arg.retry_count = arvif->retry_long[i];
7306 				config_apply = true;
7307 			}
7308 		}
7309 
7310 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL)) {
7311 			if (arsta->ampdu[i] != -1 ||
7312 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7313 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7314 				arg.aggr_control = 0;
7315 			} else {
7316 				arg.aggr_control = arvif->ampdu[i];
7317 				config_apply = true;
7318 			}
7319 		}
7320 
7321 		if (changed & (BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
7322 		    BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE))) {
7323 			nss = ATH10K_HW_NSS(arvif->rate_code[i]);
7324 			ret = ath10k_mac_validate_rate_mask(ar, sta,
7325 							    arvif->rate_code[i],
7326 							    nss);
7327 			if (ret &&
7328 			    arvif->rate_ctrl[i] > WMI_TID_CONFIG_RATE_CONTROL_AUTO) {
7329 				arg.rate_ctrl = 0;
7330 				arg.rcode_flags = 0;
7331 			}
7332 
7333 			if (arsta->rate_ctrl[i] >
7334 			    WMI_TID_CONFIG_RATE_CONTROL_AUTO ||
7335 			    arsta->noack[i] == WMI_PEER_TID_CONFIG_NOACK ||
7336 			    arvif->noack[i] == WMI_PEER_TID_CONFIG_NOACK) {
7337 				arg.rate_ctrl = 0;
7338 				arg.rcode_flags = 0;
7339 			} else {
7340 				arg.rate_ctrl = arvif->rate_ctrl[i];
7341 				arg.rcode_flags = arvif->rate_code[i];
7342 				config_apply = true;
7343 			}
7344 		}
7345 
7346 		if (changed & BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL)) {
7347 			if (arsta->rtscts[i]) {
7348 				arg.rtscts_ctrl = 0;
7349 				arg.ext_tid_cfg_bitmap = 0;
7350 			} else {
7351 				arg.rtscts_ctrl = arvif->rtscts[i] - 1;
7352 				arg.ext_tid_cfg_bitmap =
7353 					WMI_EXT_TID_RTS_CTS_CONFIG;
7354 				config_apply = true;
7355 			}
7356 		}
7357 
7358 		arg.tid = i;
7359 
7360 		if (config_apply) {
7361 			ret = ath10k_wmi_set_per_peer_per_tid_cfg(ar, &arg);
7362 			if (ret)
7363 				ath10k_warn(ar, "failed to set per tid config for sta %pM: %d\n",
7364 					    sta->addr, ret);
7365 		}
7366 
7367 		arg.ack_policy  = 0;
7368 		arg.retry_count  = 0;
7369 		arg.aggr_control  = 0;
7370 		arg.rate_ctrl = 0;
7371 		arg.rcode_flags = 0;
7372 	}
7373 
7374 exit:
7375 	mutex_unlock(&ar->conf_mutex);
7376 }
7377 
7378 static void ath10k_mac_vif_stations_tid_conf(void *data,
7379 					     struct ieee80211_sta *sta)
7380 {
7381 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7382 	struct ath10k_mac_iter_tid_conf_data *iter_data = data;
7383 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
7384 
7385 	if (sta_vif != iter_data->curr_vif || !sta->wme)
7386 		return;
7387 
7388 	ieee80211_queue_work(iter_data->ar->hw, &arsta->tid_config_wk);
7389 }
7390 
7391 static int ath10k_sta_state(struct ieee80211_hw *hw,
7392 			    struct ieee80211_vif *vif,
7393 			    struct ieee80211_sta *sta,
7394 			    enum ieee80211_sta_state old_state,
7395 			    enum ieee80211_sta_state new_state)
7396 {
7397 	struct ath10k *ar = hw->priv;
7398 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7399 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
7400 	struct ath10k_peer *peer;
7401 	int ret = 0;
7402 	int i;
7403 
7404 	if (old_state == IEEE80211_STA_NOTEXIST &&
7405 	    new_state == IEEE80211_STA_NONE) {
7406 		memset(arsta, 0, sizeof(*arsta));
7407 		arsta->arvif = arvif;
7408 		arsta->peer_ps_state = WMI_PEER_PS_STATE_DISABLED;
7409 		INIT_WORK(&arsta->update_wk, ath10k_sta_rc_update_wk);
7410 		INIT_WORK(&arsta->tid_config_wk, ath10k_sta_tid_cfg_wk);
7411 
7412 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7413 			ath10k_mac_txq_init(sta->txq[i]);
7414 	}
7415 
7416 	/* cancel must be done outside the mutex to avoid deadlock */
7417 	if ((old_state == IEEE80211_STA_NONE &&
7418 	     new_state == IEEE80211_STA_NOTEXIST)) {
7419 		cancel_work_sync(&arsta->update_wk);
7420 		cancel_work_sync(&arsta->tid_config_wk);
7421 	}
7422 
7423 	mutex_lock(&ar->conf_mutex);
7424 
7425 	if (old_state == IEEE80211_STA_NOTEXIST &&
7426 	    new_state == IEEE80211_STA_NONE) {
7427 		/*
7428 		 * New station addition.
7429 		 */
7430 		enum wmi_peer_type peer_type = WMI_PEER_TYPE_DEFAULT;
7431 		u32 num_tdls_stations;
7432 
7433 		ath10k_dbg(ar, ATH10K_DBG_STA,
7434 			   "mac vdev %d peer create %pM (new sta) sta %d / %d peer %d / %d\n",
7435 			   arvif->vdev_id, sta->addr,
7436 			   ar->num_stations + 1, ar->max_num_stations,
7437 			   ar->num_peers + 1, ar->max_num_peers);
7438 
7439 		num_tdls_stations = ath10k_mac_tdls_vif_stations_count(hw, vif);
7440 
7441 		if (sta->tdls) {
7442 			if (num_tdls_stations >= ar->max_num_tdls_vdevs) {
7443 				ath10k_warn(ar, "vdev %i exceeded maximum number of tdls vdevs %i\n",
7444 					    arvif->vdev_id,
7445 					    ar->max_num_tdls_vdevs);
7446 				ret = -ELNRNG;
7447 				goto exit;
7448 			}
7449 			peer_type = WMI_PEER_TYPE_TDLS;
7450 		}
7451 
7452 		ret = ath10k_mac_inc_num_stations(arvif, sta);
7453 		if (ret) {
7454 			ath10k_warn(ar, "refusing to associate station: too many connected already (%d)\n",
7455 				    ar->max_num_stations);
7456 			goto exit;
7457 		}
7458 
7459 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7460 			arsta->tx_stats = kzalloc(sizeof(*arsta->tx_stats),
7461 						  GFP_KERNEL);
7462 			if (!arsta->tx_stats) {
7463 				ath10k_mac_dec_num_stations(arvif, sta);
7464 				ret = -ENOMEM;
7465 				goto exit;
7466 			}
7467 		}
7468 
7469 		ret = ath10k_peer_create(ar, vif, sta, arvif->vdev_id,
7470 					 sta->addr, peer_type);
7471 		if (ret) {
7472 			ath10k_warn(ar, "failed to add peer %pM for vdev %d when adding a new sta: %i\n",
7473 				    sta->addr, arvif->vdev_id, ret);
7474 			ath10k_mac_dec_num_stations(arvif, sta);
7475 			kfree(arsta->tx_stats);
7476 			goto exit;
7477 		}
7478 
7479 		spin_lock_bh(&ar->data_lock);
7480 
7481 		peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
7482 		if (!peer) {
7483 			ath10k_warn(ar, "failed to lookup peer %pM on vdev %i\n",
7484 				    vif->addr, arvif->vdev_id);
7485 			spin_unlock_bh(&ar->data_lock);
7486 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7487 			ath10k_mac_dec_num_stations(arvif, sta);
7488 			kfree(arsta->tx_stats);
7489 			ret = -ENOENT;
7490 			goto exit;
7491 		}
7492 
7493 		arsta->peer_id = find_first_bit(peer->peer_ids,
7494 						ATH10K_MAX_NUM_PEER_IDS);
7495 
7496 		spin_unlock_bh(&ar->data_lock);
7497 
7498 		if (!sta->tdls)
7499 			goto exit;
7500 
7501 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7502 						      WMI_TDLS_ENABLE_ACTIVE);
7503 		if (ret) {
7504 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7505 				    arvif->vdev_id, ret);
7506 			ath10k_peer_delete(ar, arvif->vdev_id,
7507 					   sta->addr);
7508 			ath10k_mac_dec_num_stations(arvif, sta);
7509 			kfree(arsta->tx_stats);
7510 			goto exit;
7511 		}
7512 
7513 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7514 						  WMI_TDLS_PEER_STATE_PEERING);
7515 		if (ret) {
7516 			ath10k_warn(ar,
7517 				    "failed to update tdls peer %pM for vdev %d when adding a new sta: %i\n",
7518 				    sta->addr, arvif->vdev_id, ret);
7519 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7520 			ath10k_mac_dec_num_stations(arvif, sta);
7521 			kfree(arsta->tx_stats);
7522 
7523 			if (num_tdls_stations != 0)
7524 				goto exit;
7525 			ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7526 							WMI_TDLS_DISABLE);
7527 		}
7528 	} else if ((old_state == IEEE80211_STA_NONE &&
7529 		    new_state == IEEE80211_STA_NOTEXIST)) {
7530 		/*
7531 		 * Existing station deletion.
7532 		 */
7533 		ath10k_dbg(ar, ATH10K_DBG_STA,
7534 			   "mac vdev %d peer delete %pM sta %pK (sta gone)\n",
7535 			   arvif->vdev_id, sta->addr, sta);
7536 
7537 		if (sta->tdls) {
7538 			ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id,
7539 							  sta,
7540 							  WMI_TDLS_PEER_STATE_TEARDOWN);
7541 			if (ret)
7542 				ath10k_warn(ar, "failed to update tdls peer state for %pM state %d: %i\n",
7543 					    sta->addr,
7544 					    WMI_TDLS_PEER_STATE_TEARDOWN, ret);
7545 		}
7546 
7547 		ret = ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
7548 		if (ret)
7549 			ath10k_warn(ar, "failed to delete peer %pM for vdev %d: %i\n",
7550 				    sta->addr, arvif->vdev_id, ret);
7551 
7552 		ath10k_mac_dec_num_stations(arvif, sta);
7553 
7554 		spin_lock_bh(&ar->data_lock);
7555 		for (i = 0; i < ARRAY_SIZE(ar->peer_map); i++) {
7556 			peer = ar->peer_map[i];
7557 			if (!peer)
7558 				continue;
7559 
7560 			if (peer->sta == sta) {
7561 				ath10k_warn(ar, "found sta peer %pM (ptr %pK id %d) entry on vdev %i after it was supposedly removed\n",
7562 					    sta->addr, peer, i, arvif->vdev_id);
7563 				peer->sta = NULL;
7564 
7565 				/* Clean up the peer object as well since we
7566 				 * must have failed to do this above.
7567 				 */
7568 				list_del(&peer->list);
7569 				ar->peer_map[i] = NULL;
7570 				kfree(peer);
7571 				ar->num_peers--;
7572 			}
7573 		}
7574 		spin_unlock_bh(&ar->data_lock);
7575 
7576 		if (ath10k_debug_is_extd_tx_stats_enabled(ar)) {
7577 			kfree(arsta->tx_stats);
7578 			arsta->tx_stats = NULL;
7579 		}
7580 
7581 		for (i = 0; i < ARRAY_SIZE(sta->txq); i++)
7582 			ath10k_mac_txq_unref(ar, sta->txq[i]);
7583 
7584 		if (!sta->tdls)
7585 			goto exit;
7586 
7587 		if (ath10k_mac_tdls_vif_stations_count(hw, vif))
7588 			goto exit;
7589 
7590 		/* This was the last tdls peer in current vif */
7591 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
7592 						      WMI_TDLS_DISABLE);
7593 		if (ret) {
7594 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
7595 				    arvif->vdev_id, ret);
7596 		}
7597 	} else if (old_state == IEEE80211_STA_AUTH &&
7598 		   new_state == IEEE80211_STA_ASSOC &&
7599 		   (vif->type == NL80211_IFTYPE_AP ||
7600 		    vif->type == NL80211_IFTYPE_MESH_POINT ||
7601 		    vif->type == NL80211_IFTYPE_ADHOC)) {
7602 		/*
7603 		 * New association.
7604 		 */
7605 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac sta %pM associated\n",
7606 			   sta->addr);
7607 
7608 		ret = ath10k_station_assoc(ar, vif, sta, false);
7609 		if (ret)
7610 			ath10k_warn(ar, "failed to associate station %pM for vdev %i: %i\n",
7611 				    sta->addr, arvif->vdev_id, ret);
7612 	} else if (old_state == IEEE80211_STA_ASSOC &&
7613 		   new_state == IEEE80211_STA_AUTHORIZED &&
7614 		   sta->tdls) {
7615 		/*
7616 		 * Tdls station authorized.
7617 		 */
7618 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac tdls sta %pM authorized\n",
7619 			   sta->addr);
7620 
7621 		ret = ath10k_station_assoc(ar, vif, sta, false);
7622 		if (ret) {
7623 			ath10k_warn(ar, "failed to associate tdls station %pM for vdev %i: %i\n",
7624 				    sta->addr, arvif->vdev_id, ret);
7625 			goto exit;
7626 		}
7627 
7628 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
7629 						  WMI_TDLS_PEER_STATE_CONNECTED);
7630 		if (ret)
7631 			ath10k_warn(ar, "failed to update tdls peer %pM for vdev %i: %i\n",
7632 				    sta->addr, arvif->vdev_id, ret);
7633 	} else if (old_state == IEEE80211_STA_ASSOC &&
7634 		    new_state == IEEE80211_STA_AUTH &&
7635 		    (vif->type == NL80211_IFTYPE_AP ||
7636 		     vif->type == NL80211_IFTYPE_MESH_POINT ||
7637 		     vif->type == NL80211_IFTYPE_ADHOC)) {
7638 		/*
7639 		 * Disassociation.
7640 		 */
7641 		ath10k_dbg(ar, ATH10K_DBG_STA, "mac sta %pM disassociated\n",
7642 			   sta->addr);
7643 
7644 		ret = ath10k_station_disassoc(ar, vif, sta);
7645 		if (ret)
7646 			ath10k_warn(ar, "failed to disassociate station: %pM vdev %i: %i\n",
7647 				    sta->addr, arvif->vdev_id, ret);
7648 	}
7649 exit:
7650 	mutex_unlock(&ar->conf_mutex);
7651 	return ret;
7652 }
7653 
7654 static int ath10k_conf_tx_uapsd(struct ath10k *ar, struct ieee80211_vif *vif,
7655 				u16 ac, bool enable)
7656 {
7657 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7658 	struct wmi_sta_uapsd_auto_trig_arg arg = {};
7659 	u32 prio = 0, acc = 0;
7660 	u32 value = 0;
7661 	int ret = 0;
7662 
7663 	lockdep_assert_held(&ar->conf_mutex);
7664 
7665 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
7666 		return 0;
7667 
7668 	switch (ac) {
7669 	case IEEE80211_AC_VO:
7670 		value = WMI_STA_PS_UAPSD_AC3_DELIVERY_EN |
7671 			WMI_STA_PS_UAPSD_AC3_TRIGGER_EN;
7672 		prio = 7;
7673 		acc = 3;
7674 		break;
7675 	case IEEE80211_AC_VI:
7676 		value = WMI_STA_PS_UAPSD_AC2_DELIVERY_EN |
7677 			WMI_STA_PS_UAPSD_AC2_TRIGGER_EN;
7678 		prio = 5;
7679 		acc = 2;
7680 		break;
7681 	case IEEE80211_AC_BE:
7682 		value = WMI_STA_PS_UAPSD_AC1_DELIVERY_EN |
7683 			WMI_STA_PS_UAPSD_AC1_TRIGGER_EN;
7684 		prio = 2;
7685 		acc = 1;
7686 		break;
7687 	case IEEE80211_AC_BK:
7688 		value = WMI_STA_PS_UAPSD_AC0_DELIVERY_EN |
7689 			WMI_STA_PS_UAPSD_AC0_TRIGGER_EN;
7690 		prio = 0;
7691 		acc = 0;
7692 		break;
7693 	}
7694 
7695 	if (enable)
7696 		arvif->u.sta.uapsd |= value;
7697 	else
7698 		arvif->u.sta.uapsd &= ~value;
7699 
7700 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7701 					  WMI_STA_PS_PARAM_UAPSD,
7702 					  arvif->u.sta.uapsd);
7703 	if (ret) {
7704 		ath10k_warn(ar, "failed to set uapsd params: %d\n", ret);
7705 		goto exit;
7706 	}
7707 
7708 	if (arvif->u.sta.uapsd)
7709 		value = WMI_STA_PS_RX_WAKE_POLICY_POLL_UAPSD;
7710 	else
7711 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
7712 
7713 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
7714 					  WMI_STA_PS_PARAM_RX_WAKE_POLICY,
7715 					  value);
7716 	if (ret)
7717 		ath10k_warn(ar, "failed to set rx wake param: %d\n", ret);
7718 
7719 	ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
7720 	if (ret) {
7721 		ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
7722 			    arvif->vdev_id, ret);
7723 		return ret;
7724 	}
7725 
7726 	ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
7727 	if (ret) {
7728 		ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
7729 			    arvif->vdev_id, ret);
7730 		return ret;
7731 	}
7732 
7733 	if (test_bit(WMI_SERVICE_STA_UAPSD_BASIC_AUTO_TRIG, ar->wmi.svc_map) ||
7734 	    test_bit(WMI_SERVICE_STA_UAPSD_VAR_AUTO_TRIG, ar->wmi.svc_map)) {
7735 		/* Only userspace can make an educated decision when to send
7736 		 * trigger frame. The following effectively disables u-UAPSD
7737 		 * autotrigger in firmware (which is enabled by default
7738 		 * provided the autotrigger service is available).
7739 		 */
7740 
7741 		arg.wmm_ac = acc;
7742 		arg.user_priority = prio;
7743 		arg.service_interval = 0;
7744 		arg.suspend_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7745 		arg.delay_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
7746 
7747 		ret = ath10k_wmi_vdev_sta_uapsd(ar, arvif->vdev_id,
7748 						arvif->bssid, &arg, 1);
7749 		if (ret) {
7750 			ath10k_warn(ar, "failed to set uapsd auto trigger %d\n",
7751 				    ret);
7752 			return ret;
7753 		}
7754 	}
7755 
7756 exit:
7757 	return ret;
7758 }
7759 
7760 static int ath10k_conf_tx(struct ieee80211_hw *hw,
7761 			  struct ieee80211_vif *vif, u16 ac,
7762 			  const struct ieee80211_tx_queue_params *params)
7763 {
7764 	struct ath10k *ar = hw->priv;
7765 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7766 	struct wmi_wmm_params_arg *p = NULL;
7767 	int ret;
7768 
7769 	mutex_lock(&ar->conf_mutex);
7770 
7771 	switch (ac) {
7772 	case IEEE80211_AC_VO:
7773 		p = &arvif->wmm_params.ac_vo;
7774 		break;
7775 	case IEEE80211_AC_VI:
7776 		p = &arvif->wmm_params.ac_vi;
7777 		break;
7778 	case IEEE80211_AC_BE:
7779 		p = &arvif->wmm_params.ac_be;
7780 		break;
7781 	case IEEE80211_AC_BK:
7782 		p = &arvif->wmm_params.ac_bk;
7783 		break;
7784 	}
7785 
7786 	if (WARN_ON(!p)) {
7787 		ret = -EINVAL;
7788 		goto exit;
7789 	}
7790 
7791 	p->cwmin = params->cw_min;
7792 	p->cwmax = params->cw_max;
7793 	p->aifs = params->aifs;
7794 
7795 	/*
7796 	 * The channel time duration programmed in the HW is in absolute
7797 	 * microseconds, while mac80211 gives the txop in units of
7798 	 * 32 microseconds.
7799 	 */
7800 	p->txop = params->txop * 32;
7801 
7802 	if (ar->wmi.ops->gen_vdev_wmm_conf) {
7803 		ret = ath10k_wmi_vdev_wmm_conf(ar, arvif->vdev_id,
7804 					       &arvif->wmm_params);
7805 		if (ret) {
7806 			ath10k_warn(ar, "failed to set vdev wmm params on vdev %i: %d\n",
7807 				    arvif->vdev_id, ret);
7808 			goto exit;
7809 		}
7810 	} else {
7811 		/* This won't work well with multi-interface cases but it's
7812 		 * better than nothing.
7813 		 */
7814 		ret = ath10k_wmi_pdev_set_wmm_params(ar, &arvif->wmm_params);
7815 		if (ret) {
7816 			ath10k_warn(ar, "failed to set wmm params: %d\n", ret);
7817 			goto exit;
7818 		}
7819 	}
7820 
7821 	ret = ath10k_conf_tx_uapsd(ar, vif, ac, params->uapsd);
7822 	if (ret)
7823 		ath10k_warn(ar, "failed to set sta uapsd: %d\n", ret);
7824 
7825 exit:
7826 	mutex_unlock(&ar->conf_mutex);
7827 	return ret;
7828 }
7829 
7830 static int ath10k_remain_on_channel(struct ieee80211_hw *hw,
7831 				    struct ieee80211_vif *vif,
7832 				    struct ieee80211_channel *chan,
7833 				    int duration,
7834 				    enum ieee80211_roc_type type)
7835 {
7836 	struct ath10k *ar = hw->priv;
7837 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
7838 	struct wmi_start_scan_arg arg;
7839 	int ret = 0;
7840 	u32 scan_time_msec;
7841 
7842 	mutex_lock(&ar->conf_mutex);
7843 
7844 	if (ath10k_mac_tdls_vif_stations_count(hw, vif) > 0) {
7845 		ret = -EBUSY;
7846 		goto exit;
7847 	}
7848 
7849 	spin_lock_bh(&ar->data_lock);
7850 	switch (ar->scan.state) {
7851 	case ATH10K_SCAN_IDLE:
7852 		reinit_completion(&ar->scan.started);
7853 		reinit_completion(&ar->scan.completed);
7854 		reinit_completion(&ar->scan.on_channel);
7855 		ar->scan.state = ATH10K_SCAN_STARTING;
7856 		ar->scan.is_roc = true;
7857 		ar->scan.vdev_id = arvif->vdev_id;
7858 		ar->scan.roc_freq = chan->center_freq;
7859 		ar->scan.roc_notify = true;
7860 		ret = 0;
7861 		break;
7862 	case ATH10K_SCAN_STARTING:
7863 	case ATH10K_SCAN_RUNNING:
7864 	case ATH10K_SCAN_ABORTING:
7865 		ret = -EBUSY;
7866 		break;
7867 	}
7868 	spin_unlock_bh(&ar->data_lock);
7869 
7870 	if (ret)
7871 		goto exit;
7872 
7873 	scan_time_msec = ar->hw->wiphy->max_remain_on_channel_duration * 2;
7874 
7875 	memset(&arg, 0, sizeof(arg));
7876 	ath10k_wmi_start_scan_init(ar, &arg);
7877 	arg.vdev_id = arvif->vdev_id;
7878 	arg.scan_id = ATH10K_SCAN_ID;
7879 	arg.n_channels = 1;
7880 	arg.channels[0] = chan->center_freq;
7881 	arg.dwell_time_active = scan_time_msec;
7882 	arg.dwell_time_passive = scan_time_msec;
7883 	arg.max_scan_time = scan_time_msec;
7884 	arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
7885 	arg.scan_ctrl_flags |= WMI_SCAN_FILTER_PROBE_REQ;
7886 	arg.burst_duration_ms = duration;
7887 
7888 	ret = ath10k_start_scan(ar, &arg);
7889 	if (ret) {
7890 		ath10k_warn(ar, "failed to start roc scan: %d\n", ret);
7891 		spin_lock_bh(&ar->data_lock);
7892 		ar->scan.state = ATH10K_SCAN_IDLE;
7893 		spin_unlock_bh(&ar->data_lock);
7894 		goto exit;
7895 	}
7896 
7897 	ret = wait_for_completion_timeout(&ar->scan.on_channel, 3 * HZ);
7898 	if (ret == 0) {
7899 		ath10k_warn(ar, "failed to switch to channel for roc scan\n");
7900 
7901 		ret = ath10k_scan_stop(ar);
7902 		if (ret)
7903 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
7904 
7905 		ret = -ETIMEDOUT;
7906 		goto exit;
7907 	}
7908 
7909 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
7910 				     msecs_to_jiffies(duration));
7911 
7912 	ret = 0;
7913 exit:
7914 	mutex_unlock(&ar->conf_mutex);
7915 	return ret;
7916 }
7917 
7918 static int ath10k_cancel_remain_on_channel(struct ieee80211_hw *hw,
7919 					   struct ieee80211_vif *vif)
7920 {
7921 	struct ath10k *ar = hw->priv;
7922 
7923 	mutex_lock(&ar->conf_mutex);
7924 
7925 	spin_lock_bh(&ar->data_lock);
7926 	ar->scan.roc_notify = false;
7927 	spin_unlock_bh(&ar->data_lock);
7928 
7929 	ath10k_scan_abort(ar);
7930 
7931 	mutex_unlock(&ar->conf_mutex);
7932 
7933 	cancel_delayed_work_sync(&ar->scan.timeout);
7934 
7935 	return 0;
7936 }
7937 
7938 /*
7939  * Both RTS and Fragmentation threshold are interface-specific
7940  * in ath10k, but device-specific in mac80211.
7941  */
7942 
7943 static int ath10k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
7944 {
7945 	struct ath10k *ar = hw->priv;
7946 	struct ath10k_vif *arvif;
7947 	int ret = 0;
7948 
7949 	mutex_lock(&ar->conf_mutex);
7950 	list_for_each_entry(arvif, &ar->arvifs, list) {
7951 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d rts threshold %d\n",
7952 			   arvif->vdev_id, value);
7953 
7954 		ret = ath10k_mac_set_rts(arvif, value);
7955 		if (ret) {
7956 			ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
7957 				    arvif->vdev_id, ret);
7958 			break;
7959 		}
7960 	}
7961 	mutex_unlock(&ar->conf_mutex);
7962 
7963 	return ret;
7964 }
7965 
7966 static int ath10k_mac_op_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
7967 {
7968 	/* Even though there's a WMI enum for fragmentation threshold no known
7969 	 * firmware actually implements it. Moreover it is not possible to rely
7970 	 * frame fragmentation to mac80211 because firmware clears the "more
7971 	 * fragments" bit in frame control making it impossible for remote
7972 	 * devices to reassemble frames.
7973 	 *
7974 	 * Hence implement a dummy callback just to say fragmentation isn't
7975 	 * supported. This effectively prevents mac80211 from doing frame
7976 	 * fragmentation in software.
7977 	 */
7978 	return -EOPNOTSUPP;
7979 }
7980 
7981 void ath10k_mac_wait_tx_complete(struct ath10k *ar)
7982 {
7983 	bool skip;
7984 	long time_left;
7985 
7986 	/* mac80211 doesn't care if we really xmit queued frames or not
7987 	 * we'll collect those frames either way if we stop/delete vdevs
7988 	 */
7989 
7990 	if (ar->state == ATH10K_STATE_WEDGED)
7991 		return;
7992 
7993 	time_left = wait_event_timeout(ar->htt.empty_tx_wq, ({
7994 			bool empty;
7995 
7996 			spin_lock_bh(&ar->htt.tx_lock);
7997 			empty = (ar->htt.num_pending_tx == 0);
7998 			spin_unlock_bh(&ar->htt.tx_lock);
7999 
8000 			skip = (ar->state == ATH10K_STATE_WEDGED) ||
8001 			       test_bit(ATH10K_FLAG_CRASH_FLUSH,
8002 					&ar->dev_flags);
8003 
8004 			(empty || skip);
8005 		}), ATH10K_FLUSH_TIMEOUT_HZ);
8006 
8007 	if (time_left == 0 || skip)
8008 		ath10k_warn(ar, "failed to flush transmit queue (skip %i ar-state %i): %ld\n",
8009 			    skip, ar->state, time_left);
8010 }
8011 
8012 static void ath10k_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
8013 			 u32 queues, bool drop)
8014 {
8015 	struct ath10k *ar = hw->priv;
8016 	struct ath10k_vif *arvif;
8017 	u32 bitmap;
8018 
8019 	if (drop) {
8020 		if (vif && vif->type == NL80211_IFTYPE_STATION) {
8021 			bitmap = ~(1 << WMI_MGMT_TID);
8022 			list_for_each_entry(arvif, &ar->arvifs, list) {
8023 				if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
8024 					ath10k_wmi_peer_flush(ar, arvif->vdev_id,
8025 							      arvif->bssid, bitmap);
8026 			}
8027 			ath10k_htt_flush_tx(&ar->htt);
8028 		}
8029 		return;
8030 	}
8031 
8032 	mutex_lock(&ar->conf_mutex);
8033 	ath10k_mac_wait_tx_complete(ar);
8034 	mutex_unlock(&ar->conf_mutex);
8035 }
8036 
8037 /* TODO: Implement this function properly
8038  * For now it is needed to reply to Probe Requests in IBSS mode.
8039  * Propably we need this information from FW.
8040  */
8041 static int ath10k_tx_last_beacon(struct ieee80211_hw *hw)
8042 {
8043 	return 1;
8044 }
8045 
8046 static void ath10k_reconfig_complete(struct ieee80211_hw *hw,
8047 				     enum ieee80211_reconfig_type reconfig_type)
8048 {
8049 	struct ath10k *ar = hw->priv;
8050 
8051 	if (reconfig_type != IEEE80211_RECONFIG_TYPE_RESTART)
8052 		return;
8053 
8054 	mutex_lock(&ar->conf_mutex);
8055 
8056 	/* If device failed to restart it will be in a different state, e.g.
8057 	 * ATH10K_STATE_WEDGED
8058 	 */
8059 	if (ar->state == ATH10K_STATE_RESTARTED) {
8060 		ath10k_info(ar, "device successfully recovered\n");
8061 		ar->state = ATH10K_STATE_ON;
8062 		ieee80211_wake_queues(ar->hw);
8063 		clear_bit(ATH10K_FLAG_RESTARTING, &ar->dev_flags);
8064 	}
8065 
8066 	mutex_unlock(&ar->conf_mutex);
8067 }
8068 
8069 static void
8070 ath10k_mac_update_bss_chan_survey(struct ath10k *ar,
8071 				  struct ieee80211_channel *channel)
8072 {
8073 	int ret;
8074 	enum wmi_bss_survey_req_type type = WMI_BSS_SURVEY_REQ_TYPE_READ;
8075 
8076 	lockdep_assert_held(&ar->conf_mutex);
8077 
8078 	if (!test_bit(WMI_SERVICE_BSS_CHANNEL_INFO_64, ar->wmi.svc_map) ||
8079 	    (ar->rx_channel != channel))
8080 		return;
8081 
8082 	if (ar->scan.state != ATH10K_SCAN_IDLE) {
8083 		ath10k_dbg(ar, ATH10K_DBG_MAC, "ignoring bss chan info request while scanning..\n");
8084 		return;
8085 	}
8086 
8087 	reinit_completion(&ar->bss_survey_done);
8088 
8089 	ret = ath10k_wmi_pdev_bss_chan_info_request(ar, type);
8090 	if (ret) {
8091 		ath10k_warn(ar, "failed to send pdev bss chan info request\n");
8092 		return;
8093 	}
8094 
8095 	ret = wait_for_completion_timeout(&ar->bss_survey_done, 3 * HZ);
8096 	if (!ret) {
8097 		ath10k_warn(ar, "bss channel survey timed out\n");
8098 		return;
8099 	}
8100 }
8101 
8102 static int ath10k_get_survey(struct ieee80211_hw *hw, int idx,
8103 			     struct survey_info *survey)
8104 {
8105 	struct ath10k *ar = hw->priv;
8106 	struct ieee80211_supported_band *sband;
8107 	struct survey_info *ar_survey = &ar->survey[idx];
8108 	int ret = 0;
8109 
8110 	mutex_lock(&ar->conf_mutex);
8111 
8112 	sband = hw->wiphy->bands[NL80211_BAND_2GHZ];
8113 	if (sband && idx >= sband->n_channels) {
8114 		idx -= sband->n_channels;
8115 		sband = NULL;
8116 	}
8117 
8118 	if (!sband)
8119 		sband = hw->wiphy->bands[NL80211_BAND_5GHZ];
8120 
8121 	if (!sband || idx >= sband->n_channels) {
8122 		ret = -ENOENT;
8123 		goto exit;
8124 	}
8125 
8126 	ath10k_mac_update_bss_chan_survey(ar, &sband->channels[idx]);
8127 
8128 	spin_lock_bh(&ar->data_lock);
8129 	memcpy(survey, ar_survey, sizeof(*survey));
8130 	spin_unlock_bh(&ar->data_lock);
8131 
8132 	survey->channel = &sband->channels[idx];
8133 
8134 	if (ar->rx_channel == survey->channel)
8135 		survey->filled |= SURVEY_INFO_IN_USE;
8136 
8137 exit:
8138 	mutex_unlock(&ar->conf_mutex);
8139 	return ret;
8140 }
8141 
8142 static bool
8143 ath10k_mac_bitrate_mask_get_single_nss(struct ath10k *ar,
8144 				       enum nl80211_band band,
8145 				       const struct cfg80211_bitrate_mask *mask,
8146 				       int *nss)
8147 {
8148 	struct ieee80211_supported_band *sband = &ar->mac.sbands[band];
8149 	u16 vht_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
8150 	u8 ht_nss_mask = 0;
8151 	u8 vht_nss_mask = 0;
8152 	int i;
8153 
8154 	if (mask->control[band].legacy)
8155 		return false;
8156 
8157 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
8158 		if (mask->control[band].ht_mcs[i] == 0)
8159 			continue;
8160 		else if (mask->control[band].ht_mcs[i] ==
8161 			 sband->ht_cap.mcs.rx_mask[i])
8162 			ht_nss_mask |= BIT(i);
8163 		else
8164 			return false;
8165 	}
8166 
8167 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
8168 		if (mask->control[band].vht_mcs[i] == 0)
8169 			continue;
8170 		else if (mask->control[band].vht_mcs[i] ==
8171 			 ath10k_mac_get_max_vht_mcs_map(vht_mcs_map, i))
8172 			vht_nss_mask |= BIT(i);
8173 		else
8174 			return false;
8175 	}
8176 
8177 	if (ht_nss_mask != vht_nss_mask)
8178 		return false;
8179 
8180 	if (ht_nss_mask == 0)
8181 		return false;
8182 
8183 	if (BIT(fls(ht_nss_mask)) - 1 != ht_nss_mask)
8184 		return false;
8185 
8186 	*nss = fls(ht_nss_mask);
8187 
8188 	return true;
8189 }
8190 
8191 static int ath10k_mac_set_fixed_rate_params(struct ath10k_vif *arvif,
8192 					    u8 rate, u8 nss, u8 sgi, u8 ldpc)
8193 {
8194 	struct ath10k *ar = arvif->ar;
8195 	u32 vdev_param;
8196 	int ret;
8197 
8198 	lockdep_assert_held(&ar->conf_mutex);
8199 
8200 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac set fixed rate params vdev %i rate 0x%02x nss %u sgi %u\n",
8201 		   arvif->vdev_id, rate, nss, sgi);
8202 
8203 	vdev_param = ar->wmi.vdev_param->fixed_rate;
8204 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, rate);
8205 	if (ret) {
8206 		ath10k_warn(ar, "failed to set fixed rate param 0x%02x: %d\n",
8207 			    rate, ret);
8208 		return ret;
8209 	}
8210 
8211 	vdev_param = ar->wmi.vdev_param->nss;
8212 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, nss);
8213 	if (ret) {
8214 		ath10k_warn(ar, "failed to set nss param %d: %d\n", nss, ret);
8215 		return ret;
8216 	}
8217 
8218 	vdev_param = ar->wmi.vdev_param->sgi;
8219 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, sgi);
8220 	if (ret) {
8221 		ath10k_warn(ar, "failed to set sgi param %d: %d\n", sgi, ret);
8222 		return ret;
8223 	}
8224 
8225 	vdev_param = ar->wmi.vdev_param->ldpc;
8226 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, ldpc);
8227 	if (ret) {
8228 		ath10k_warn(ar, "failed to set ldpc param %d: %d\n", ldpc, ret);
8229 		return ret;
8230 	}
8231 
8232 	return 0;
8233 }
8234 
8235 static bool
8236 ath10k_mac_can_set_bitrate_mask(struct ath10k *ar,
8237 				enum nl80211_band band,
8238 				const struct cfg80211_bitrate_mask *mask,
8239 				bool allow_pfr)
8240 {
8241 	int i;
8242 	u16 vht_mcs;
8243 
8244 	/* Due to firmware limitation in WMI_PEER_ASSOC_CMDID it is impossible
8245 	 * to express all VHT MCS rate masks. Effectively only the following
8246 	 * ranges can be used: none, 0-7, 0-8 and 0-9.
8247 	 */
8248 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
8249 		vht_mcs = mask->control[band].vht_mcs[i];
8250 
8251 		switch (vht_mcs) {
8252 		case 0:
8253 		case BIT(8) - 1:
8254 		case BIT(9) - 1:
8255 		case BIT(10) - 1:
8256 			break;
8257 		default:
8258 			if (!allow_pfr)
8259 				ath10k_warn(ar, "refusing bitrate mask with missing 0-7 VHT MCS rates\n");
8260 			return false;
8261 		}
8262 	}
8263 
8264 	return true;
8265 }
8266 
8267 static bool ath10k_mac_set_vht_bitrate_mask_fixup(struct ath10k *ar,
8268 						  struct ath10k_vif *arvif,
8269 						  struct ieee80211_sta *sta)
8270 {
8271 	int err;
8272 	u8 rate = arvif->vht_pfr;
8273 
8274 	/* skip non vht and multiple rate peers */
8275 	if (!sta->vht_cap.vht_supported || arvif->vht_num_rates != 1)
8276 		return false;
8277 
8278 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8279 					WMI_PEER_PARAM_FIXED_RATE, rate);
8280 	if (err)
8281 		ath10k_warn(ar, "failed to enable STA %pM peer fixed rate: %d\n",
8282 			    sta->addr, err);
8283 
8284 	return true;
8285 }
8286 
8287 static void ath10k_mac_set_bitrate_mask_iter(void *data,
8288 					     struct ieee80211_sta *sta)
8289 {
8290 	struct ath10k_vif *arvif = data;
8291 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8292 	struct ath10k *ar = arvif->ar;
8293 
8294 	if (arsta->arvif != arvif)
8295 		return;
8296 
8297 	if (ath10k_mac_set_vht_bitrate_mask_fixup(ar, arvif, sta))
8298 		return;
8299 
8300 	spin_lock_bh(&ar->data_lock);
8301 	arsta->changed |= IEEE80211_RC_SUPP_RATES_CHANGED;
8302 	spin_unlock_bh(&ar->data_lock);
8303 
8304 	ieee80211_queue_work(ar->hw, &arsta->update_wk);
8305 }
8306 
8307 static void ath10k_mac_clr_bitrate_mask_iter(void *data,
8308 					     struct ieee80211_sta *sta)
8309 {
8310 	struct ath10k_vif *arvif = data;
8311 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8312 	struct ath10k *ar = arvif->ar;
8313 	int err;
8314 
8315 	/* clear vht peers only */
8316 	if (arsta->arvif != arvif || !sta->vht_cap.vht_supported)
8317 		return;
8318 
8319 	err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
8320 					WMI_PEER_PARAM_FIXED_RATE,
8321 					WMI_FIXED_RATE_NONE);
8322 	if (err)
8323 		ath10k_warn(ar, "failed to clear STA %pM peer fixed rate: %d\n",
8324 			    sta->addr, err);
8325 }
8326 
8327 static int ath10k_mac_op_set_bitrate_mask(struct ieee80211_hw *hw,
8328 					  struct ieee80211_vif *vif,
8329 					  const struct cfg80211_bitrate_mask *mask)
8330 {
8331 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8332 	struct cfg80211_chan_def def;
8333 	struct ath10k *ar = arvif->ar;
8334 	enum nl80211_band band;
8335 	const u8 *ht_mcs_mask;
8336 	const u16 *vht_mcs_mask;
8337 	u8 rate;
8338 	u8 nss;
8339 	u8 sgi;
8340 	u8 ldpc;
8341 	int single_nss;
8342 	int ret;
8343 	int vht_num_rates, allow_pfr;
8344 	u8 vht_pfr;
8345 	bool update_bitrate_mask = true;
8346 
8347 	if (ath10k_mac_vif_chan(vif, &def))
8348 		return -EPERM;
8349 
8350 	band = def.chan->band;
8351 	ht_mcs_mask = mask->control[band].ht_mcs;
8352 	vht_mcs_mask = mask->control[band].vht_mcs;
8353 	ldpc = !!(ar->ht_cap_info & WMI_HT_CAP_LDPC);
8354 
8355 	sgi = mask->control[band].gi;
8356 	if (sgi == NL80211_TXRATE_FORCE_LGI)
8357 		return -EINVAL;
8358 
8359 	allow_pfr = test_bit(ATH10K_FW_FEATURE_PEER_FIXED_RATE,
8360 			     ar->normal_mode_fw.fw_file.fw_features);
8361 	if (allow_pfr) {
8362 		mutex_lock(&ar->conf_mutex);
8363 		ieee80211_iterate_stations_atomic(ar->hw,
8364 						  ath10k_mac_clr_bitrate_mask_iter,
8365 						  arvif);
8366 		mutex_unlock(&ar->conf_mutex);
8367 	}
8368 
8369 	if (ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask,
8370 						    &vht_num_rates)) {
8371 		ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8372 							      &rate, &nss,
8373 							      false);
8374 		if (ret) {
8375 			ath10k_warn(ar, "failed to get single rate for vdev %i: %d\n",
8376 				    arvif->vdev_id, ret);
8377 			return ret;
8378 		}
8379 	} else if (ath10k_mac_bitrate_mask_get_single_nss(ar, band, mask,
8380 							  &single_nss)) {
8381 		rate = WMI_FIXED_RATE_NONE;
8382 		nss = single_nss;
8383 	} else {
8384 		rate = WMI_FIXED_RATE_NONE;
8385 		nss = min(ar->num_rf_chains,
8386 			  max(ath10k_mac_max_ht_nss(ht_mcs_mask),
8387 			      ath10k_mac_max_vht_nss(vht_mcs_mask)));
8388 
8389 		if (!ath10k_mac_can_set_bitrate_mask(ar, band, mask,
8390 						     allow_pfr)) {
8391 			u8 vht_nss;
8392 
8393 			if (!allow_pfr || vht_num_rates != 1)
8394 				return -EINVAL;
8395 
8396 			/* Reach here, firmware supports peer fixed rate and has
8397 			 * single vht rate, and don't update vif birate_mask, as
8398 			 * the rate only for specific peer.
8399 			 */
8400 			ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
8401 								&vht_pfr,
8402 								&vht_nss,
8403 								true);
8404 			update_bitrate_mask = false;
8405 		} else {
8406 			vht_pfr = 0;
8407 		}
8408 
8409 		mutex_lock(&ar->conf_mutex);
8410 
8411 		if (update_bitrate_mask)
8412 			arvif->bitrate_mask = *mask;
8413 		arvif->vht_num_rates = vht_num_rates;
8414 		arvif->vht_pfr = vht_pfr;
8415 		ieee80211_iterate_stations_atomic(ar->hw,
8416 						  ath10k_mac_set_bitrate_mask_iter,
8417 						  arvif);
8418 
8419 		mutex_unlock(&ar->conf_mutex);
8420 	}
8421 
8422 	mutex_lock(&ar->conf_mutex);
8423 
8424 	ret = ath10k_mac_set_fixed_rate_params(arvif, rate, nss, sgi, ldpc);
8425 	if (ret) {
8426 		ath10k_warn(ar, "failed to set fixed rate params on vdev %i: %d\n",
8427 			    arvif->vdev_id, ret);
8428 		goto exit;
8429 	}
8430 
8431 exit:
8432 	mutex_unlock(&ar->conf_mutex);
8433 
8434 	return ret;
8435 }
8436 
8437 static void ath10k_sta_rc_update(struct ieee80211_hw *hw,
8438 				 struct ieee80211_vif *vif,
8439 				 struct ieee80211_sta *sta,
8440 				 u32 changed)
8441 {
8442 	struct ath10k *ar = hw->priv;
8443 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
8444 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8445 	struct ath10k_peer *peer;
8446 	u32 bw, smps;
8447 
8448 	spin_lock_bh(&ar->data_lock);
8449 
8450 	peer = ath10k_peer_find(ar, arvif->vdev_id, sta->addr);
8451 	if (!peer) {
8452 		spin_unlock_bh(&ar->data_lock);
8453 		ath10k_warn(ar, "mac sta rc update failed to find peer %pM on vdev %i\n",
8454 			    sta->addr, arvif->vdev_id);
8455 		return;
8456 	}
8457 
8458 	ath10k_dbg(ar, ATH10K_DBG_STA,
8459 		   "mac sta rc update for %pM changed %08x bw %d nss %d smps %d\n",
8460 		   sta->addr, changed, sta->bandwidth, sta->rx_nss,
8461 		   sta->smps_mode);
8462 
8463 	if (changed & IEEE80211_RC_BW_CHANGED) {
8464 		bw = WMI_PEER_CHWIDTH_20MHZ;
8465 
8466 		switch (sta->bandwidth) {
8467 		case IEEE80211_STA_RX_BW_20:
8468 			bw = WMI_PEER_CHWIDTH_20MHZ;
8469 			break;
8470 		case IEEE80211_STA_RX_BW_40:
8471 			bw = WMI_PEER_CHWIDTH_40MHZ;
8472 			break;
8473 		case IEEE80211_STA_RX_BW_80:
8474 			bw = WMI_PEER_CHWIDTH_80MHZ;
8475 			break;
8476 		case IEEE80211_STA_RX_BW_160:
8477 			bw = WMI_PEER_CHWIDTH_160MHZ;
8478 			break;
8479 		default:
8480 			ath10k_warn(ar, "Invalid bandwidth %d in rc update for %pM\n",
8481 				    sta->bandwidth, sta->addr);
8482 			bw = WMI_PEER_CHWIDTH_20MHZ;
8483 			break;
8484 		}
8485 
8486 		arsta->bw = bw;
8487 	}
8488 
8489 	if (changed & IEEE80211_RC_NSS_CHANGED)
8490 		arsta->nss = sta->rx_nss;
8491 
8492 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
8493 		smps = WMI_PEER_SMPS_PS_NONE;
8494 
8495 		switch (sta->smps_mode) {
8496 		case IEEE80211_SMPS_AUTOMATIC:
8497 		case IEEE80211_SMPS_OFF:
8498 			smps = WMI_PEER_SMPS_PS_NONE;
8499 			break;
8500 		case IEEE80211_SMPS_STATIC:
8501 			smps = WMI_PEER_SMPS_STATIC;
8502 			break;
8503 		case IEEE80211_SMPS_DYNAMIC:
8504 			smps = WMI_PEER_SMPS_DYNAMIC;
8505 			break;
8506 		case IEEE80211_SMPS_NUM_MODES:
8507 			ath10k_warn(ar, "Invalid smps %d in sta rc update for %pM\n",
8508 				    sta->smps_mode, sta->addr);
8509 			smps = WMI_PEER_SMPS_PS_NONE;
8510 			break;
8511 		}
8512 
8513 		arsta->smps = smps;
8514 	}
8515 
8516 	arsta->changed |= changed;
8517 
8518 	spin_unlock_bh(&ar->data_lock);
8519 
8520 	ieee80211_queue_work(hw, &arsta->update_wk);
8521 }
8522 
8523 static void ath10k_offset_tsf(struct ieee80211_hw *hw,
8524 			      struct ieee80211_vif *vif, s64 tsf_offset)
8525 {
8526 	struct ath10k *ar = hw->priv;
8527 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8528 	u32 offset, vdev_param;
8529 	int ret;
8530 
8531 	if (tsf_offset < 0) {
8532 		vdev_param = ar->wmi.vdev_param->dec_tsf;
8533 		offset = -tsf_offset;
8534 	} else {
8535 		vdev_param = ar->wmi.vdev_param->inc_tsf;
8536 		offset = tsf_offset;
8537 	}
8538 
8539 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
8540 					vdev_param, offset);
8541 
8542 	if (ret && ret != -EOPNOTSUPP)
8543 		ath10k_warn(ar, "failed to set tsf offset %d cmd %d: %d\n",
8544 			    offset, vdev_param, ret);
8545 }
8546 
8547 static int ath10k_ampdu_action(struct ieee80211_hw *hw,
8548 			       struct ieee80211_vif *vif,
8549 			       struct ieee80211_ampdu_params *params)
8550 {
8551 	struct ath10k *ar = hw->priv;
8552 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8553 	struct ieee80211_sta *sta = params->sta;
8554 	enum ieee80211_ampdu_mlme_action action = params->action;
8555 	u16 tid = params->tid;
8556 
8557 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ampdu vdev_id %i sta %pM tid %u action %d\n",
8558 		   arvif->vdev_id, sta->addr, tid, action);
8559 
8560 	switch (action) {
8561 	case IEEE80211_AMPDU_RX_START:
8562 	case IEEE80211_AMPDU_RX_STOP:
8563 		/* HTT AddBa/DelBa events trigger mac80211 Rx BA session
8564 		 * creation/removal. Do we need to verify this?
8565 		 */
8566 		return 0;
8567 	case IEEE80211_AMPDU_TX_START:
8568 	case IEEE80211_AMPDU_TX_STOP_CONT:
8569 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
8570 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
8571 	case IEEE80211_AMPDU_TX_OPERATIONAL:
8572 		/* Firmware offloads Tx aggregation entirely so deny mac80211
8573 		 * Tx aggregation requests.
8574 		 */
8575 		return -EOPNOTSUPP;
8576 	}
8577 
8578 	return -EINVAL;
8579 }
8580 
8581 static void
8582 ath10k_mac_update_rx_channel(struct ath10k *ar,
8583 			     struct ieee80211_chanctx_conf *ctx,
8584 			     struct ieee80211_vif_chanctx_switch *vifs,
8585 			     int n_vifs)
8586 {
8587 	struct cfg80211_chan_def *def = NULL;
8588 
8589 	/* Both locks are required because ar->rx_channel is modified. This
8590 	 * allows readers to hold either lock.
8591 	 */
8592 	lockdep_assert_held(&ar->conf_mutex);
8593 	lockdep_assert_held(&ar->data_lock);
8594 
8595 	WARN_ON(ctx && vifs);
8596 	WARN_ON(vifs && !n_vifs);
8597 
8598 	/* FIXME: Sort of an optimization and a workaround. Peers and vifs are
8599 	 * on a linked list now. Doing a lookup peer -> vif -> chanctx for each
8600 	 * ppdu on Rx may reduce performance on low-end systems. It should be
8601 	 * possible to make tables/hashmaps to speed the lookup up (be vary of
8602 	 * cpu data cache lines though regarding sizes) but to keep the initial
8603 	 * implementation simple and less intrusive fallback to the slow lookup
8604 	 * only for multi-channel cases. Single-channel cases will remain to
8605 	 * use the old channel derival and thus performance should not be
8606 	 * affected much.
8607 	 */
8608 	rcu_read_lock();
8609 	if (!ctx && ath10k_mac_num_chanctxs(ar) == 1) {
8610 		ieee80211_iter_chan_contexts_atomic(ar->hw,
8611 						    ath10k_mac_get_any_chandef_iter,
8612 						    &def);
8613 
8614 		if (vifs)
8615 			def = &vifs[0].new_ctx->def;
8616 
8617 		ar->rx_channel = def->chan;
8618 	} else if ((ctx && ath10k_mac_num_chanctxs(ar) == 0) ||
8619 		   (ctx && (ar->state == ATH10K_STATE_RESTARTED))) {
8620 		/* During driver restart due to firmware assert, since mac80211
8621 		 * already has valid channel context for given radio, channel
8622 		 * context iteration return num_chanctx > 0. So fix rx_channel
8623 		 * when restart is in progress.
8624 		 */
8625 		ar->rx_channel = ctx->def.chan;
8626 	} else {
8627 		ar->rx_channel = NULL;
8628 	}
8629 	rcu_read_unlock();
8630 }
8631 
8632 static void
8633 ath10k_mac_update_vif_chan(struct ath10k *ar,
8634 			   struct ieee80211_vif_chanctx_switch *vifs,
8635 			   int n_vifs)
8636 {
8637 	struct ath10k_vif *arvif;
8638 	int ret;
8639 	int i;
8640 
8641 	lockdep_assert_held(&ar->conf_mutex);
8642 
8643 	/* First stop monitor interface. Some FW versions crash if there's a
8644 	 * lone monitor interface.
8645 	 */
8646 	if (ar->monitor_started)
8647 		ath10k_monitor_stop(ar);
8648 
8649 	for (i = 0; i < n_vifs; i++) {
8650 		arvif = (void *)vifs[i].vif->drv_priv;
8651 
8652 		ath10k_dbg(ar, ATH10K_DBG_MAC,
8653 			   "mac chanctx switch vdev_id %i freq %u->%u width %d->%d\n",
8654 			   arvif->vdev_id,
8655 			   vifs[i].old_ctx->def.chan->center_freq,
8656 			   vifs[i].new_ctx->def.chan->center_freq,
8657 			   vifs[i].old_ctx->def.width,
8658 			   vifs[i].new_ctx->def.width);
8659 
8660 		if (WARN_ON(!arvif->is_started))
8661 			continue;
8662 
8663 		if (WARN_ON(!arvif->is_up))
8664 			continue;
8665 
8666 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
8667 		if (ret) {
8668 			ath10k_warn(ar, "failed to down vdev %d: %d\n",
8669 				    arvif->vdev_id, ret);
8670 			continue;
8671 		}
8672 	}
8673 
8674 	/* All relevant vdevs are downed and associated channel resources
8675 	 * should be available for the channel switch now.
8676 	 */
8677 
8678 	spin_lock_bh(&ar->data_lock);
8679 	ath10k_mac_update_rx_channel(ar, NULL, vifs, n_vifs);
8680 	spin_unlock_bh(&ar->data_lock);
8681 
8682 	for (i = 0; i < n_vifs; i++) {
8683 		arvif = (void *)vifs[i].vif->drv_priv;
8684 
8685 		if (WARN_ON(!arvif->is_started))
8686 			continue;
8687 
8688 		if (WARN_ON(!arvif->is_up))
8689 			continue;
8690 
8691 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
8692 		if (ret)
8693 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
8694 				    ret);
8695 
8696 		ret = ath10k_mac_setup_prb_tmpl(arvif);
8697 		if (ret)
8698 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
8699 				    ret);
8700 
8701 		ret = ath10k_vdev_restart(arvif, &vifs[i].new_ctx->def);
8702 		if (ret) {
8703 			ath10k_warn(ar, "failed to restart vdev %d: %d\n",
8704 				    arvif->vdev_id, ret);
8705 			continue;
8706 		}
8707 
8708 		ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
8709 					 arvif->bssid);
8710 		if (ret) {
8711 			ath10k_warn(ar, "failed to bring vdev up %d: %d\n",
8712 				    arvif->vdev_id, ret);
8713 			continue;
8714 		}
8715 	}
8716 
8717 	ath10k_monitor_recalc(ar);
8718 }
8719 
8720 static int
8721 ath10k_mac_op_add_chanctx(struct ieee80211_hw *hw,
8722 			  struct ieee80211_chanctx_conf *ctx)
8723 {
8724 	struct ath10k *ar = hw->priv;
8725 
8726 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8727 		   "mac chanctx add freq %u width %d ptr %pK\n",
8728 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8729 
8730 	mutex_lock(&ar->conf_mutex);
8731 
8732 	spin_lock_bh(&ar->data_lock);
8733 	ath10k_mac_update_rx_channel(ar, ctx, NULL, 0);
8734 	spin_unlock_bh(&ar->data_lock);
8735 
8736 	ath10k_recalc_radar_detection(ar);
8737 	ath10k_monitor_recalc(ar);
8738 
8739 	mutex_unlock(&ar->conf_mutex);
8740 
8741 	return 0;
8742 }
8743 
8744 static void
8745 ath10k_mac_op_remove_chanctx(struct ieee80211_hw *hw,
8746 			     struct ieee80211_chanctx_conf *ctx)
8747 {
8748 	struct ath10k *ar = hw->priv;
8749 
8750 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8751 		   "mac chanctx remove freq %u width %d ptr %pK\n",
8752 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
8753 
8754 	mutex_lock(&ar->conf_mutex);
8755 
8756 	spin_lock_bh(&ar->data_lock);
8757 	ath10k_mac_update_rx_channel(ar, NULL, NULL, 0);
8758 	spin_unlock_bh(&ar->data_lock);
8759 
8760 	ath10k_recalc_radar_detection(ar);
8761 	ath10k_monitor_recalc(ar);
8762 
8763 	mutex_unlock(&ar->conf_mutex);
8764 }
8765 
8766 struct ath10k_mac_change_chanctx_arg {
8767 	struct ieee80211_chanctx_conf *ctx;
8768 	struct ieee80211_vif_chanctx_switch *vifs;
8769 	int n_vifs;
8770 	int next_vif;
8771 };
8772 
8773 static void
8774 ath10k_mac_change_chanctx_cnt_iter(void *data, u8 *mac,
8775 				   struct ieee80211_vif *vif)
8776 {
8777 	struct ath10k_mac_change_chanctx_arg *arg = data;
8778 
8779 	if (rcu_access_pointer(vif->chanctx_conf) != arg->ctx)
8780 		return;
8781 
8782 	arg->n_vifs++;
8783 }
8784 
8785 static void
8786 ath10k_mac_change_chanctx_fill_iter(void *data, u8 *mac,
8787 				    struct ieee80211_vif *vif)
8788 {
8789 	struct ath10k_mac_change_chanctx_arg *arg = data;
8790 	struct ieee80211_chanctx_conf *ctx;
8791 
8792 	ctx = rcu_access_pointer(vif->chanctx_conf);
8793 	if (ctx != arg->ctx)
8794 		return;
8795 
8796 	if (WARN_ON(arg->next_vif == arg->n_vifs))
8797 		return;
8798 
8799 	arg->vifs[arg->next_vif].vif = vif;
8800 	arg->vifs[arg->next_vif].old_ctx = ctx;
8801 	arg->vifs[arg->next_vif].new_ctx = ctx;
8802 	arg->next_vif++;
8803 }
8804 
8805 static void
8806 ath10k_mac_op_change_chanctx(struct ieee80211_hw *hw,
8807 			     struct ieee80211_chanctx_conf *ctx,
8808 			     u32 changed)
8809 {
8810 	struct ath10k *ar = hw->priv;
8811 	struct ath10k_mac_change_chanctx_arg arg = { .ctx = ctx };
8812 
8813 	mutex_lock(&ar->conf_mutex);
8814 
8815 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8816 		   "mac chanctx change freq %u width %d ptr %pK changed %x\n",
8817 		   ctx->def.chan->center_freq, ctx->def.width, ctx, changed);
8818 
8819 	/* This shouldn't really happen because channel switching should use
8820 	 * switch_vif_chanctx().
8821 	 */
8822 	if (WARN_ON(changed & IEEE80211_CHANCTX_CHANGE_CHANNEL))
8823 		goto unlock;
8824 
8825 	if (changed & IEEE80211_CHANCTX_CHANGE_WIDTH) {
8826 		ieee80211_iterate_active_interfaces_atomic(
8827 					hw,
8828 					ATH10K_ITER_NORMAL_FLAGS,
8829 					ath10k_mac_change_chanctx_cnt_iter,
8830 					&arg);
8831 		if (arg.n_vifs == 0)
8832 			goto radar;
8833 
8834 		arg.vifs = kcalloc(arg.n_vifs, sizeof(arg.vifs[0]),
8835 				   GFP_KERNEL);
8836 		if (!arg.vifs)
8837 			goto radar;
8838 
8839 		ieee80211_iterate_active_interfaces_atomic(
8840 					hw,
8841 					ATH10K_ITER_NORMAL_FLAGS,
8842 					ath10k_mac_change_chanctx_fill_iter,
8843 					&arg);
8844 		ath10k_mac_update_vif_chan(ar, arg.vifs, arg.n_vifs);
8845 		kfree(arg.vifs);
8846 	}
8847 
8848 radar:
8849 	ath10k_recalc_radar_detection(ar);
8850 
8851 	/* FIXME: How to configure Rx chains properly? */
8852 
8853 	/* No other actions are actually necessary. Firmware maintains channel
8854 	 * definitions per vdev internally and there's no host-side channel
8855 	 * context abstraction to configure, e.g. channel width.
8856 	 */
8857 
8858 unlock:
8859 	mutex_unlock(&ar->conf_mutex);
8860 }
8861 
8862 static int
8863 ath10k_mac_op_assign_vif_chanctx(struct ieee80211_hw *hw,
8864 				 struct ieee80211_vif *vif,
8865 				 struct ieee80211_chanctx_conf *ctx)
8866 {
8867 	struct ath10k *ar = hw->priv;
8868 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8869 	int ret;
8870 
8871 	mutex_lock(&ar->conf_mutex);
8872 
8873 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8874 		   "mac chanctx assign ptr %pK vdev_id %i\n",
8875 		   ctx, arvif->vdev_id);
8876 
8877 	if (WARN_ON(arvif->is_started)) {
8878 		mutex_unlock(&ar->conf_mutex);
8879 		return -EBUSY;
8880 	}
8881 
8882 	ret = ath10k_vdev_start(arvif, &ctx->def);
8883 	if (ret) {
8884 		ath10k_warn(ar, "failed to start vdev %i addr %pM on freq %d: %d\n",
8885 			    arvif->vdev_id, vif->addr,
8886 			    ctx->def.chan->center_freq, ret);
8887 		goto err;
8888 	}
8889 
8890 	arvif->is_started = true;
8891 
8892 	ret = ath10k_mac_vif_setup_ps(arvif);
8893 	if (ret) {
8894 		ath10k_warn(ar, "failed to update vdev %i ps: %d\n",
8895 			    arvif->vdev_id, ret);
8896 		goto err_stop;
8897 	}
8898 
8899 	if (vif->type == NL80211_IFTYPE_MONITOR) {
8900 		ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, 0, vif->addr);
8901 		if (ret) {
8902 			ath10k_warn(ar, "failed to up monitor vdev %i: %d\n",
8903 				    arvif->vdev_id, ret);
8904 			goto err_stop;
8905 		}
8906 
8907 		arvif->is_up = true;
8908 	}
8909 
8910 	if (ath10k_mac_can_set_cts_prot(arvif)) {
8911 		ret = ath10k_mac_set_cts_prot(arvif);
8912 		if (ret)
8913 			ath10k_warn(ar, "failed to set cts protection for vdev %d: %d\n",
8914 				    arvif->vdev_id, ret);
8915 	}
8916 
8917 	if (ath10k_peer_stats_enabled(ar) &&
8918 	    ar->hw_params.tx_stats_over_pktlog) {
8919 		ar->pktlog_filter |= ATH10K_PKTLOG_PEER_STATS;
8920 		ret = ath10k_wmi_pdev_pktlog_enable(ar,
8921 						    ar->pktlog_filter);
8922 		if (ret) {
8923 			ath10k_warn(ar, "failed to enable pktlog %d\n", ret);
8924 			goto err_stop;
8925 		}
8926 	}
8927 
8928 	mutex_unlock(&ar->conf_mutex);
8929 	return 0;
8930 
8931 err_stop:
8932 	ath10k_vdev_stop(arvif);
8933 	arvif->is_started = false;
8934 	ath10k_mac_vif_setup_ps(arvif);
8935 
8936 err:
8937 	mutex_unlock(&ar->conf_mutex);
8938 	return ret;
8939 }
8940 
8941 static void
8942 ath10k_mac_op_unassign_vif_chanctx(struct ieee80211_hw *hw,
8943 				   struct ieee80211_vif *vif,
8944 				   struct ieee80211_chanctx_conf *ctx)
8945 {
8946 	struct ath10k *ar = hw->priv;
8947 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
8948 	int ret;
8949 
8950 	mutex_lock(&ar->conf_mutex);
8951 
8952 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8953 		   "mac chanctx unassign ptr %pK vdev_id %i\n",
8954 		   ctx, arvif->vdev_id);
8955 
8956 	WARN_ON(!arvif->is_started);
8957 
8958 	if (vif->type == NL80211_IFTYPE_MONITOR) {
8959 		WARN_ON(!arvif->is_up);
8960 
8961 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
8962 		if (ret)
8963 			ath10k_warn(ar, "failed to down monitor vdev %i: %d\n",
8964 				    arvif->vdev_id, ret);
8965 
8966 		arvif->is_up = false;
8967 	}
8968 
8969 	ret = ath10k_vdev_stop(arvif);
8970 	if (ret)
8971 		ath10k_warn(ar, "failed to stop vdev %i: %d\n",
8972 			    arvif->vdev_id, ret);
8973 
8974 	arvif->is_started = false;
8975 
8976 	mutex_unlock(&ar->conf_mutex);
8977 }
8978 
8979 static int
8980 ath10k_mac_op_switch_vif_chanctx(struct ieee80211_hw *hw,
8981 				 struct ieee80211_vif_chanctx_switch *vifs,
8982 				 int n_vifs,
8983 				 enum ieee80211_chanctx_switch_mode mode)
8984 {
8985 	struct ath10k *ar = hw->priv;
8986 
8987 	mutex_lock(&ar->conf_mutex);
8988 
8989 	ath10k_dbg(ar, ATH10K_DBG_MAC,
8990 		   "mac chanctx switch n_vifs %d mode %d\n",
8991 		   n_vifs, mode);
8992 	ath10k_mac_update_vif_chan(ar, vifs, n_vifs);
8993 
8994 	mutex_unlock(&ar->conf_mutex);
8995 	return 0;
8996 }
8997 
8998 static void ath10k_mac_op_sta_pre_rcu_remove(struct ieee80211_hw *hw,
8999 					     struct ieee80211_vif *vif,
9000 					     struct ieee80211_sta *sta)
9001 {
9002 	struct ath10k *ar;
9003 	struct ath10k_peer *peer;
9004 
9005 	ar = hw->priv;
9006 
9007 	list_for_each_entry(peer, &ar->peers, list)
9008 		if (peer->sta == sta)
9009 			peer->removed = true;
9010 }
9011 
9012 /* HT MCS parameters with Nss = 1 */
9013 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss1[] = {
9014 	/* MCS  L20   L40   S20  S40 */
9015 	{0,  { 65,  135,  72,  150} },
9016 	{1,  { 130, 270,  144, 300} },
9017 	{2,  { 195, 405,  217, 450} },
9018 	{3,  { 260, 540,  289, 600} },
9019 	{4,  { 390, 810,  433, 900} },
9020 	{5,  { 520, 1080, 578, 1200} },
9021 	{6,  { 585, 1215, 650, 1350} },
9022 	{7,  { 650, 1350, 722, 1500} }
9023 };
9024 
9025 /* HT MCS parameters with Nss = 2 */
9026 static const struct ath10k_index_ht_data_rate_type supported_ht_mcs_rate_nss2[] = {
9027 	/* MCS  L20    L40   S20   S40 */
9028 	{0,  {130,  270,  144,  300} },
9029 	{1,  {260,  540,  289,  600} },
9030 	{2,  {390,  810,  433,  900} },
9031 	{3,  {520,  1080, 578,  1200} },
9032 	{4,  {780,  1620, 867,  1800} },
9033 	{5,  {1040, 2160, 1156, 2400} },
9034 	{6,  {1170, 2430, 1300, 2700} },
9035 	{7,  {1300, 2700, 1444, 3000} }
9036 };
9037 
9038 /* MCS parameters with Nss = 1 */
9039 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss1[] = {
9040 	/* MCS  L80    S80     L40   S40    L20   S20 */
9041 	{0,  {293,  325},  {135,  150},  {65,   72} },
9042 	{1,  {585,  650},  {270,  300},  {130,  144} },
9043 	{2,  {878,  975},  {405,  450},  {195,  217} },
9044 	{3,  {1170, 1300}, {540,  600},  {260,  289} },
9045 	{4,  {1755, 1950}, {810,  900},  {390,  433} },
9046 	{5,  {2340, 2600}, {1080, 1200}, {520,  578} },
9047 	{6,  {2633, 2925}, {1215, 1350}, {585,  650} },
9048 	{7,  {2925, 3250}, {1350, 1500}, {650,  722} },
9049 	{8,  {3510, 3900}, {1620, 1800}, {780,  867} },
9050 	{9,  {3900, 4333}, {1800, 2000}, {780,  867} }
9051 };
9052 
9053 /*MCS parameters with Nss = 2 */
9054 static const struct ath10k_index_vht_data_rate_type supported_vht_mcs_rate_nss2[] = {
9055 	/* MCS  L80    S80     L40   S40    L20   S20 */
9056 	{0,  {585,  650},  {270,  300},  {130,  144} },
9057 	{1,  {1170, 1300}, {540,  600},  {260,  289} },
9058 	{2,  {1755, 1950}, {810,  900},  {390,  433} },
9059 	{3,  {2340, 2600}, {1080, 1200}, {520,  578} },
9060 	{4,  {3510, 3900}, {1620, 1800}, {780,  867} },
9061 	{5,  {4680, 5200}, {2160, 2400}, {1040, 1156} },
9062 	{6,  {5265, 5850}, {2430, 2700}, {1170, 1300} },
9063 	{7,  {5850, 6500}, {2700, 3000}, {1300, 1444} },
9064 	{8,  {7020, 7800}, {3240, 3600}, {1560, 1733} },
9065 	{9,  {7800, 8667}, {3600, 4000}, {1560, 1733} }
9066 };
9067 
9068 static void ath10k_mac_get_rate_flags_ht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
9069 					 u8 *flags, u8 *bw)
9070 {
9071 	struct ath10k_index_ht_data_rate_type *mcs_rate;
9072 	u8 index;
9073 	size_t len_nss1 = ARRAY_SIZE(supported_ht_mcs_rate_nss1);
9074 	size_t len_nss2 = ARRAY_SIZE(supported_ht_mcs_rate_nss2);
9075 
9076 	if (mcs >= (len_nss1 + len_nss2)) {
9077 		ath10k_warn(ar, "not supported mcs %d in current rate table", mcs);
9078 		return;
9079 	}
9080 
9081 	mcs_rate = (struct ath10k_index_ht_data_rate_type *)
9082 		   ((nss == 1) ? &supported_ht_mcs_rate_nss1 :
9083 		   &supported_ht_mcs_rate_nss2);
9084 
9085 	if (mcs >= len_nss1)
9086 		index = mcs - len_nss1;
9087 	else
9088 		index = mcs;
9089 
9090 	if (rate == mcs_rate[index].supported_rate[0]) {
9091 		*bw = RATE_INFO_BW_20;
9092 	} else if (rate == mcs_rate[index].supported_rate[1]) {
9093 		*bw |= RATE_INFO_BW_40;
9094 	} else if (rate == mcs_rate[index].supported_rate[2]) {
9095 		*bw |= RATE_INFO_BW_20;
9096 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9097 	} else if (rate == mcs_rate[index].supported_rate[3]) {
9098 		*bw |= RATE_INFO_BW_40;
9099 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9100 	} else {
9101 		ath10k_warn(ar, "invalid ht params rate %d 100kbps nss %d mcs %d",
9102 			    rate, nss, mcs);
9103 	}
9104 }
9105 
9106 static void ath10k_mac_get_rate_flags_vht(struct ath10k *ar, u32 rate, u8 nss, u8 mcs,
9107 					  u8 *flags, u8 *bw)
9108 {
9109 	struct ath10k_index_vht_data_rate_type *mcs_rate;
9110 
9111 	mcs_rate = (struct ath10k_index_vht_data_rate_type *)
9112 		   ((nss == 1) ? &supported_vht_mcs_rate_nss1 :
9113 		   &supported_vht_mcs_rate_nss2);
9114 
9115 	if (rate == mcs_rate[mcs].supported_VHT80_rate[0]) {
9116 		*bw = RATE_INFO_BW_80;
9117 	} else if (rate == mcs_rate[mcs].supported_VHT80_rate[1]) {
9118 		*bw = RATE_INFO_BW_80;
9119 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9120 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[0]) {
9121 		*bw = RATE_INFO_BW_40;
9122 	} else if (rate == mcs_rate[mcs].supported_VHT40_rate[1]) {
9123 		*bw = RATE_INFO_BW_40;
9124 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9125 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[0]) {
9126 		*bw = RATE_INFO_BW_20;
9127 	} else if (rate == mcs_rate[mcs].supported_VHT20_rate[1]) {
9128 		*bw = RATE_INFO_BW_20;
9129 		*flags |= RATE_INFO_FLAGS_SHORT_GI;
9130 	} else {
9131 		ath10k_warn(ar, "invalid vht params rate %d 100kbps nss %d mcs %d",
9132 			    rate, nss, mcs);
9133 	}
9134 }
9135 
9136 static void ath10k_mac_get_rate_flags(struct ath10k *ar, u32 rate,
9137 				      enum ath10k_phy_mode mode, u8 nss, u8 mcs,
9138 				      u8 *flags, u8 *bw)
9139 {
9140 	if (mode == ATH10K_PHY_MODE_HT) {
9141 		*flags = RATE_INFO_FLAGS_MCS;
9142 		ath10k_mac_get_rate_flags_ht(ar, rate, nss, mcs, flags, bw);
9143 	} else if (mode == ATH10K_PHY_MODE_VHT) {
9144 		*flags = RATE_INFO_FLAGS_VHT_MCS;
9145 		ath10k_mac_get_rate_flags_vht(ar, rate, nss, mcs, flags, bw);
9146 	}
9147 }
9148 
9149 static void ath10k_mac_parse_bitrate(struct ath10k *ar, u32 rate_code,
9150 				     u32 bitrate_kbps, struct rate_info *rate)
9151 {
9152 	enum ath10k_phy_mode mode = ATH10K_PHY_MODE_LEGACY;
9153 	enum wmi_rate_preamble preamble = WMI_TLV_GET_HW_RC_PREAM_V1(rate_code);
9154 	u8 nss = WMI_TLV_GET_HW_RC_NSS_V1(rate_code) + 1;
9155 	u8 mcs = WMI_TLV_GET_HW_RC_RATE_V1(rate_code);
9156 	u8 flags = 0, bw = 0;
9157 
9158 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac parse rate code 0x%x bitrate %d kbps\n",
9159 		   rate_code, bitrate_kbps);
9160 
9161 	if (preamble == WMI_RATE_PREAMBLE_HT)
9162 		mode = ATH10K_PHY_MODE_HT;
9163 	else if (preamble == WMI_RATE_PREAMBLE_VHT)
9164 		mode = ATH10K_PHY_MODE_VHT;
9165 
9166 	ath10k_mac_get_rate_flags(ar, bitrate_kbps / 100, mode, nss, mcs, &flags, &bw);
9167 
9168 	ath10k_dbg(ar, ATH10K_DBG_MAC,
9169 		   "mac parse bitrate preamble %d mode %d nss %d mcs %d flags %x bw %d\n",
9170 		   preamble, mode, nss, mcs, flags, bw);
9171 
9172 	rate->flags = flags;
9173 	rate->bw = bw;
9174 	rate->legacy = bitrate_kbps / 100;
9175 	rate->nss = nss;
9176 	rate->mcs = mcs;
9177 }
9178 
9179 static void ath10k_mac_sta_get_peer_stats_info(struct ath10k *ar,
9180 					       struct ieee80211_sta *sta,
9181 					       struct station_info *sinfo)
9182 {
9183 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9184 	struct ath10k_peer *peer;
9185 	unsigned long time_left;
9186 	int ret;
9187 
9188 	if (!(ar->hw_params.supports_peer_stats_info &&
9189 	      arsta->arvif->vdev_type == WMI_VDEV_TYPE_STA))
9190 		return;
9191 
9192 	spin_lock_bh(&ar->data_lock);
9193 	peer = ath10k_peer_find(ar, arsta->arvif->vdev_id, sta->addr);
9194 	spin_unlock_bh(&ar->data_lock);
9195 	if (!peer)
9196 		return;
9197 
9198 	reinit_completion(&ar->peer_stats_info_complete);
9199 
9200 	ret = ath10k_wmi_request_peer_stats_info(ar,
9201 						 arsta->arvif->vdev_id,
9202 						 WMI_REQUEST_ONE_PEER_STATS_INFO,
9203 						 arsta->arvif->bssid,
9204 						 0);
9205 	if (ret && ret != -EOPNOTSUPP) {
9206 		ath10k_warn(ar, "could not request peer stats info: %d\n", ret);
9207 		return;
9208 	}
9209 
9210 	time_left = wait_for_completion_timeout(&ar->peer_stats_info_complete, 3 * HZ);
9211 	if (time_left == 0) {
9212 		ath10k_warn(ar, "timed out waiting peer stats info\n");
9213 		return;
9214 	}
9215 
9216 	if (arsta->rx_rate_code != 0 && arsta->rx_bitrate_kbps != 0) {
9217 		ath10k_mac_parse_bitrate(ar, arsta->rx_rate_code,
9218 					 arsta->rx_bitrate_kbps,
9219 					 &sinfo->rxrate);
9220 
9221 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
9222 		arsta->rx_rate_code = 0;
9223 		arsta->rx_bitrate_kbps = 0;
9224 	}
9225 
9226 	if (arsta->tx_rate_code != 0 && arsta->tx_bitrate_kbps != 0) {
9227 		ath10k_mac_parse_bitrate(ar, arsta->tx_rate_code,
9228 					 arsta->tx_bitrate_kbps,
9229 					 &sinfo->txrate);
9230 
9231 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9232 		arsta->tx_rate_code = 0;
9233 		arsta->tx_bitrate_kbps = 0;
9234 	}
9235 }
9236 
9237 static void ath10k_sta_statistics(struct ieee80211_hw *hw,
9238 				  struct ieee80211_vif *vif,
9239 				  struct ieee80211_sta *sta,
9240 				  struct station_info *sinfo)
9241 {
9242 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
9243 	struct ath10k *ar = arsta->arvif->ar;
9244 
9245 	if (!ath10k_peer_stats_enabled(ar))
9246 		return;
9247 
9248 	mutex_lock(&ar->conf_mutex);
9249 	ath10k_debug_fw_stats_request(ar);
9250 	mutex_unlock(&ar->conf_mutex);
9251 
9252 	sinfo->rx_duration = arsta->rx_duration;
9253 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_DURATION);
9254 
9255 	if (arsta->txrate.legacy || arsta->txrate.nss) {
9256 		if (arsta->txrate.legacy) {
9257 			sinfo->txrate.legacy = arsta->txrate.legacy;
9258 		} else {
9259 			sinfo->txrate.mcs = arsta->txrate.mcs;
9260 			sinfo->txrate.nss = arsta->txrate.nss;
9261 			sinfo->txrate.bw = arsta->txrate.bw;
9262 		}
9263 		sinfo->txrate.flags = arsta->txrate.flags;
9264 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
9265 	}
9266 
9267 	if (ar->htt.disable_tx_comp) {
9268 		sinfo->tx_failed = arsta->tx_failed;
9269 		sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
9270 	}
9271 
9272 	sinfo->tx_retries = arsta->tx_retries;
9273 	sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_RETRIES);
9274 
9275 	ath10k_mac_sta_get_peer_stats_info(ar, sta, sinfo);
9276 }
9277 
9278 static int ath10k_mac_op_set_tid_config(struct ieee80211_hw *hw,
9279 					struct ieee80211_vif *vif,
9280 					struct ieee80211_sta *sta,
9281 					struct cfg80211_tid_config *tid_config)
9282 {
9283 	struct ath10k *ar = hw->priv;
9284 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9285 	struct ath10k_mac_iter_tid_conf_data data = {};
9286 	struct wmi_per_peer_per_tid_cfg_arg arg = {};
9287 	int ret, i;
9288 
9289 	mutex_lock(&ar->conf_mutex);
9290 	arg.vdev_id = arvif->vdev_id;
9291 
9292 	arvif->tids_rst = 0;
9293 	memset(arvif->tid_conf_changed, 0, sizeof(arvif->tid_conf_changed));
9294 
9295 	for (i = 0; i < tid_config->n_tid_conf; i++) {
9296 		ret = ath10k_mac_parse_tid_config(ar, sta, vif,
9297 						  &tid_config->tid_conf[i],
9298 						  &arg);
9299 		if (ret)
9300 			goto exit;
9301 	}
9302 
9303 	ret = 0;
9304 
9305 	if (sta)
9306 		goto exit;
9307 
9308 	arvif->tids_rst = 0;
9309 	data.curr_vif = vif;
9310 	data.ar = ar;
9311 
9312 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9313 					  &data);
9314 
9315 exit:
9316 	mutex_unlock(&ar->conf_mutex);
9317 	return ret;
9318 }
9319 
9320 static int ath10k_mac_op_reset_tid_config(struct ieee80211_hw *hw,
9321 					  struct ieee80211_vif *vif,
9322 					  struct ieee80211_sta *sta,
9323 					  u8 tids)
9324 {
9325 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9326 	struct ath10k_mac_iter_tid_conf_data data = {};
9327 	struct ath10k *ar = hw->priv;
9328 	int ret = 0;
9329 
9330 	mutex_lock(&ar->conf_mutex);
9331 
9332 	if (sta) {
9333 		arvif->tids_rst = 0;
9334 		ret = ath10k_mac_reset_tid_config(ar, sta, arvif, tids);
9335 		goto exit;
9336 	}
9337 
9338 	arvif->tids_rst = tids;
9339 	data.curr_vif = vif;
9340 	data.ar = ar;
9341 	ieee80211_iterate_stations_atomic(hw, ath10k_mac_vif_stations_tid_conf,
9342 					  &data);
9343 
9344 exit:
9345 	mutex_unlock(&ar->conf_mutex);
9346 	return ret;
9347 }
9348 
9349 static const struct ieee80211_ops ath10k_ops = {
9350 	.tx				= ath10k_mac_op_tx,
9351 	.wake_tx_queue			= ath10k_mac_op_wake_tx_queue,
9352 	.start				= ath10k_start,
9353 	.stop				= ath10k_stop,
9354 	.config				= ath10k_config,
9355 	.add_interface			= ath10k_add_interface,
9356 	.remove_interface		= ath10k_remove_interface,
9357 	.configure_filter		= ath10k_configure_filter,
9358 	.bss_info_changed		= ath10k_bss_info_changed,
9359 	.set_coverage_class		= ath10k_mac_op_set_coverage_class,
9360 	.hw_scan			= ath10k_hw_scan,
9361 	.cancel_hw_scan			= ath10k_cancel_hw_scan,
9362 	.set_key			= ath10k_set_key,
9363 	.set_default_unicast_key        = ath10k_set_default_unicast_key,
9364 	.sta_state			= ath10k_sta_state,
9365 	.sta_set_txpwr			= ath10k_sta_set_txpwr,
9366 	.conf_tx			= ath10k_conf_tx,
9367 	.remain_on_channel		= ath10k_remain_on_channel,
9368 	.cancel_remain_on_channel	= ath10k_cancel_remain_on_channel,
9369 	.set_rts_threshold		= ath10k_set_rts_threshold,
9370 	.set_frag_threshold		= ath10k_mac_op_set_frag_threshold,
9371 	.flush				= ath10k_flush,
9372 	.tx_last_beacon			= ath10k_tx_last_beacon,
9373 	.set_antenna			= ath10k_set_antenna,
9374 	.get_antenna			= ath10k_get_antenna,
9375 	.reconfig_complete		= ath10k_reconfig_complete,
9376 	.get_survey			= ath10k_get_survey,
9377 	.set_bitrate_mask		= ath10k_mac_op_set_bitrate_mask,
9378 	.sta_rc_update			= ath10k_sta_rc_update,
9379 	.offset_tsf			= ath10k_offset_tsf,
9380 	.ampdu_action			= ath10k_ampdu_action,
9381 	.get_et_sset_count		= ath10k_debug_get_et_sset_count,
9382 	.get_et_stats			= ath10k_debug_get_et_stats,
9383 	.get_et_strings			= ath10k_debug_get_et_strings,
9384 	.add_chanctx			= ath10k_mac_op_add_chanctx,
9385 	.remove_chanctx			= ath10k_mac_op_remove_chanctx,
9386 	.change_chanctx			= ath10k_mac_op_change_chanctx,
9387 	.assign_vif_chanctx		= ath10k_mac_op_assign_vif_chanctx,
9388 	.unassign_vif_chanctx		= ath10k_mac_op_unassign_vif_chanctx,
9389 	.switch_vif_chanctx		= ath10k_mac_op_switch_vif_chanctx,
9390 	.sta_pre_rcu_remove		= ath10k_mac_op_sta_pre_rcu_remove,
9391 	.sta_statistics			= ath10k_sta_statistics,
9392 	.set_tid_config			= ath10k_mac_op_set_tid_config,
9393 	.reset_tid_config		= ath10k_mac_op_reset_tid_config,
9394 
9395 	CFG80211_TESTMODE_CMD(ath10k_tm_cmd)
9396 
9397 #ifdef CONFIG_PM
9398 	.suspend			= ath10k_wow_op_suspend,
9399 	.resume				= ath10k_wow_op_resume,
9400 	.set_wakeup			= ath10k_wow_op_set_wakeup,
9401 #endif
9402 #ifdef CONFIG_MAC80211_DEBUGFS
9403 	.sta_add_debugfs		= ath10k_sta_add_debugfs,
9404 #endif
9405 	.set_sar_specs			= ath10k_mac_set_sar_specs,
9406 };
9407 
9408 #define CHAN2G(_channel, _freq, _flags) { \
9409 	.band			= NL80211_BAND_2GHZ, \
9410 	.hw_value		= (_channel), \
9411 	.center_freq		= (_freq), \
9412 	.flags			= (_flags), \
9413 	.max_antenna_gain	= 0, \
9414 	.max_power		= 30, \
9415 }
9416 
9417 #define CHAN5G(_channel, _freq, _flags) { \
9418 	.band			= NL80211_BAND_5GHZ, \
9419 	.hw_value		= (_channel), \
9420 	.center_freq		= (_freq), \
9421 	.flags			= (_flags), \
9422 	.max_antenna_gain	= 0, \
9423 	.max_power		= 30, \
9424 }
9425 
9426 static const struct ieee80211_channel ath10k_2ghz_channels[] = {
9427 	CHAN2G(1, 2412, 0),
9428 	CHAN2G(2, 2417, 0),
9429 	CHAN2G(3, 2422, 0),
9430 	CHAN2G(4, 2427, 0),
9431 	CHAN2G(5, 2432, 0),
9432 	CHAN2G(6, 2437, 0),
9433 	CHAN2G(7, 2442, 0),
9434 	CHAN2G(8, 2447, 0),
9435 	CHAN2G(9, 2452, 0),
9436 	CHAN2G(10, 2457, 0),
9437 	CHAN2G(11, 2462, 0),
9438 	CHAN2G(12, 2467, 0),
9439 	CHAN2G(13, 2472, 0),
9440 	CHAN2G(14, 2484, 0),
9441 };
9442 
9443 static const struct ieee80211_channel ath10k_5ghz_channels[] = {
9444 	CHAN5G(36, 5180, 0),
9445 	CHAN5G(40, 5200, 0),
9446 	CHAN5G(44, 5220, 0),
9447 	CHAN5G(48, 5240, 0),
9448 	CHAN5G(52, 5260, 0),
9449 	CHAN5G(56, 5280, 0),
9450 	CHAN5G(60, 5300, 0),
9451 	CHAN5G(64, 5320, 0),
9452 	CHAN5G(100, 5500, 0),
9453 	CHAN5G(104, 5520, 0),
9454 	CHAN5G(108, 5540, 0),
9455 	CHAN5G(112, 5560, 0),
9456 	CHAN5G(116, 5580, 0),
9457 	CHAN5G(120, 5600, 0),
9458 	CHAN5G(124, 5620, 0),
9459 	CHAN5G(128, 5640, 0),
9460 	CHAN5G(132, 5660, 0),
9461 	CHAN5G(136, 5680, 0),
9462 	CHAN5G(140, 5700, 0),
9463 	CHAN5G(144, 5720, 0),
9464 	CHAN5G(149, 5745, 0),
9465 	CHAN5G(153, 5765, 0),
9466 	CHAN5G(157, 5785, 0),
9467 	CHAN5G(161, 5805, 0),
9468 	CHAN5G(165, 5825, 0),
9469 	CHAN5G(169, 5845, 0),
9470 	CHAN5G(173, 5865, 0),
9471 	/* If you add more, you may need to change ATH10K_MAX_5G_CHAN */
9472 	/* And you will definitely need to change ATH10K_NUM_CHANS in core.h */
9473 };
9474 
9475 struct ath10k *ath10k_mac_create(size_t priv_size)
9476 {
9477 	struct ieee80211_hw *hw;
9478 	struct ieee80211_ops *ops;
9479 	struct ath10k *ar;
9480 
9481 	ops = kmemdup(&ath10k_ops, sizeof(ath10k_ops), GFP_KERNEL);
9482 	if (!ops)
9483 		return NULL;
9484 
9485 	hw = ieee80211_alloc_hw(sizeof(struct ath10k) + priv_size, ops);
9486 	if (!hw) {
9487 		kfree(ops);
9488 		return NULL;
9489 	}
9490 
9491 	ar = hw->priv;
9492 	ar->hw = hw;
9493 	ar->ops = ops;
9494 
9495 	return ar;
9496 }
9497 
9498 void ath10k_mac_destroy(struct ath10k *ar)
9499 {
9500 	struct ieee80211_ops *ops = ar->ops;
9501 
9502 	ieee80211_free_hw(ar->hw);
9503 	kfree(ops);
9504 }
9505 
9506 static const struct ieee80211_iface_limit ath10k_if_limits[] = {
9507 	{
9508 		.max	= 8,
9509 		.types	= BIT(NL80211_IFTYPE_STATION)
9510 			| BIT(NL80211_IFTYPE_P2P_CLIENT)
9511 	},
9512 	{
9513 		.max	= 3,
9514 		.types	= BIT(NL80211_IFTYPE_P2P_GO)
9515 	},
9516 	{
9517 		.max	= 1,
9518 		.types	= BIT(NL80211_IFTYPE_P2P_DEVICE)
9519 	},
9520 	{
9521 		.max	= 7,
9522 		.types	= BIT(NL80211_IFTYPE_AP)
9523 #ifdef CONFIG_MAC80211_MESH
9524 			| BIT(NL80211_IFTYPE_MESH_POINT)
9525 #endif
9526 	},
9527 };
9528 
9529 static const struct ieee80211_iface_limit ath10k_10x_if_limits[] = {
9530 	{
9531 		.max	= 8,
9532 		.types	= BIT(NL80211_IFTYPE_AP)
9533 #ifdef CONFIG_MAC80211_MESH
9534 			| BIT(NL80211_IFTYPE_MESH_POINT)
9535 #endif
9536 	},
9537 	{
9538 		.max	= 1,
9539 		.types	= BIT(NL80211_IFTYPE_STATION)
9540 	},
9541 };
9542 
9543 static const struct ieee80211_iface_combination ath10k_if_comb[] = {
9544 	{
9545 		.limits = ath10k_if_limits,
9546 		.n_limits = ARRAY_SIZE(ath10k_if_limits),
9547 		.max_interfaces = 8,
9548 		.num_different_channels = 1,
9549 		.beacon_int_infra_match = true,
9550 	},
9551 };
9552 
9553 static const struct ieee80211_iface_combination ath10k_10x_if_comb[] = {
9554 	{
9555 		.limits = ath10k_10x_if_limits,
9556 		.n_limits = ARRAY_SIZE(ath10k_10x_if_limits),
9557 		.max_interfaces = 8,
9558 		.num_different_channels = 1,
9559 		.beacon_int_infra_match = true,
9560 		.beacon_int_min_gcd = 1,
9561 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9562 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9563 					BIT(NL80211_CHAN_WIDTH_20) |
9564 					BIT(NL80211_CHAN_WIDTH_40) |
9565 					BIT(NL80211_CHAN_WIDTH_80),
9566 #endif
9567 	},
9568 };
9569 
9570 static const struct ieee80211_iface_limit ath10k_tlv_if_limit[] = {
9571 	{
9572 		.max = 2,
9573 		.types = BIT(NL80211_IFTYPE_STATION),
9574 	},
9575 	{
9576 		.max = 2,
9577 		.types = BIT(NL80211_IFTYPE_AP) |
9578 #ifdef CONFIG_MAC80211_MESH
9579 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9580 #endif
9581 			 BIT(NL80211_IFTYPE_P2P_CLIENT) |
9582 			 BIT(NL80211_IFTYPE_P2P_GO),
9583 	},
9584 	{
9585 		.max = 1,
9586 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9587 	},
9588 };
9589 
9590 static const struct ieee80211_iface_limit ath10k_tlv_qcs_if_limit[] = {
9591 	{
9592 		.max = 2,
9593 		.types = BIT(NL80211_IFTYPE_STATION),
9594 	},
9595 	{
9596 		.max = 2,
9597 		.types = BIT(NL80211_IFTYPE_P2P_CLIENT),
9598 	},
9599 	{
9600 		.max = 1,
9601 		.types = BIT(NL80211_IFTYPE_AP) |
9602 #ifdef CONFIG_MAC80211_MESH
9603 			 BIT(NL80211_IFTYPE_MESH_POINT) |
9604 #endif
9605 			 BIT(NL80211_IFTYPE_P2P_GO),
9606 	},
9607 	{
9608 		.max = 1,
9609 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
9610 	},
9611 };
9612 
9613 static const struct ieee80211_iface_limit ath10k_tlv_if_limit_ibss[] = {
9614 	{
9615 		.max = 1,
9616 		.types = BIT(NL80211_IFTYPE_STATION),
9617 	},
9618 	{
9619 		.max = 1,
9620 		.types = BIT(NL80211_IFTYPE_ADHOC),
9621 	},
9622 };
9623 
9624 /* FIXME: This is not thouroughly tested. These combinations may over- or
9625  * underestimate hw/fw capabilities.
9626  */
9627 static struct ieee80211_iface_combination ath10k_tlv_if_comb[] = {
9628 	{
9629 		.limits = ath10k_tlv_if_limit,
9630 		.num_different_channels = 1,
9631 		.max_interfaces = 4,
9632 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9633 	},
9634 	{
9635 		.limits = ath10k_tlv_if_limit_ibss,
9636 		.num_different_channels = 1,
9637 		.max_interfaces = 2,
9638 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9639 	},
9640 };
9641 
9642 static struct ieee80211_iface_combination ath10k_tlv_qcs_if_comb[] = {
9643 	{
9644 		.limits = ath10k_tlv_if_limit,
9645 		.num_different_channels = 1,
9646 		.max_interfaces = 4,
9647 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
9648 	},
9649 	{
9650 		.limits = ath10k_tlv_qcs_if_limit,
9651 		.num_different_channels = 2,
9652 		.max_interfaces = 4,
9653 		.n_limits = ARRAY_SIZE(ath10k_tlv_qcs_if_limit),
9654 	},
9655 	{
9656 		.limits = ath10k_tlv_if_limit_ibss,
9657 		.num_different_channels = 1,
9658 		.max_interfaces = 2,
9659 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
9660 	},
9661 };
9662 
9663 static const struct ieee80211_iface_limit ath10k_10_4_if_limits[] = {
9664 	{
9665 		.max = 1,
9666 		.types = BIT(NL80211_IFTYPE_STATION),
9667 	},
9668 	{
9669 		.max	= 16,
9670 		.types	= BIT(NL80211_IFTYPE_AP)
9671 #ifdef CONFIG_MAC80211_MESH
9672 			| BIT(NL80211_IFTYPE_MESH_POINT)
9673 #endif
9674 	},
9675 };
9676 
9677 static const struct ieee80211_iface_combination ath10k_10_4_if_comb[] = {
9678 	{
9679 		.limits = ath10k_10_4_if_limits,
9680 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9681 		.max_interfaces = 16,
9682 		.num_different_channels = 1,
9683 		.beacon_int_infra_match = true,
9684 		.beacon_int_min_gcd = 1,
9685 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9686 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9687 					BIT(NL80211_CHAN_WIDTH_20) |
9688 					BIT(NL80211_CHAN_WIDTH_40) |
9689 					BIT(NL80211_CHAN_WIDTH_80) |
9690 					BIT(NL80211_CHAN_WIDTH_80P80) |
9691 					BIT(NL80211_CHAN_WIDTH_160),
9692 #endif
9693 	},
9694 };
9695 
9696 static const struct
9697 ieee80211_iface_combination ath10k_10_4_bcn_int_if_comb[] = {
9698 	{
9699 		.limits = ath10k_10_4_if_limits,
9700 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
9701 		.max_interfaces = 16,
9702 		.num_different_channels = 1,
9703 		.beacon_int_infra_match = true,
9704 		.beacon_int_min_gcd = 100,
9705 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
9706 		.radar_detect_widths =  BIT(NL80211_CHAN_WIDTH_20_NOHT) |
9707 					BIT(NL80211_CHAN_WIDTH_20) |
9708 					BIT(NL80211_CHAN_WIDTH_40) |
9709 					BIT(NL80211_CHAN_WIDTH_80) |
9710 					BIT(NL80211_CHAN_WIDTH_80P80) |
9711 					BIT(NL80211_CHAN_WIDTH_160),
9712 #endif
9713 	},
9714 };
9715 
9716 static void ath10k_get_arvif_iter(void *data, u8 *mac,
9717 				  struct ieee80211_vif *vif)
9718 {
9719 	struct ath10k_vif_iter *arvif_iter = data;
9720 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
9721 
9722 	if (arvif->vdev_id == arvif_iter->vdev_id)
9723 		arvif_iter->arvif = arvif;
9724 }
9725 
9726 struct ath10k_vif *ath10k_get_arvif(struct ath10k *ar, u32 vdev_id)
9727 {
9728 	struct ath10k_vif_iter arvif_iter;
9729 
9730 	memset(&arvif_iter, 0, sizeof(struct ath10k_vif_iter));
9731 	arvif_iter.vdev_id = vdev_id;
9732 
9733 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
9734 						   ATH10K_ITER_RESUME_FLAGS,
9735 						   ath10k_get_arvif_iter,
9736 						   &arvif_iter);
9737 	if (!arvif_iter.arvif) {
9738 		ath10k_warn(ar, "No VIF found for vdev %d\n", vdev_id);
9739 		return NULL;
9740 	}
9741 
9742 	return arvif_iter.arvif;
9743 }
9744 
9745 #define WRD_METHOD "WRDD"
9746 #define WRDD_WIFI  (0x07)
9747 
9748 static u32 ath10k_mac_wrdd_get_mcc(struct ath10k *ar, union acpi_object *wrdd)
9749 {
9750 	union acpi_object *mcc_pkg;
9751 	union acpi_object *domain_type;
9752 	union acpi_object *mcc_value;
9753 	u32 i;
9754 
9755 	if (wrdd->type != ACPI_TYPE_PACKAGE ||
9756 	    wrdd->package.count < 2 ||
9757 	    wrdd->package.elements[0].type != ACPI_TYPE_INTEGER ||
9758 	    wrdd->package.elements[0].integer.value != 0) {
9759 		ath10k_warn(ar, "ignoring malformed/unsupported wrdd structure\n");
9760 		return 0;
9761 	}
9762 
9763 	for (i = 1; i < wrdd->package.count; ++i) {
9764 		mcc_pkg = &wrdd->package.elements[i];
9765 
9766 		if (mcc_pkg->type != ACPI_TYPE_PACKAGE)
9767 			continue;
9768 		if (mcc_pkg->package.count < 2)
9769 			continue;
9770 		if (mcc_pkg->package.elements[0].type != ACPI_TYPE_INTEGER ||
9771 		    mcc_pkg->package.elements[1].type != ACPI_TYPE_INTEGER)
9772 			continue;
9773 
9774 		domain_type = &mcc_pkg->package.elements[0];
9775 		if (domain_type->integer.value != WRDD_WIFI)
9776 			continue;
9777 
9778 		mcc_value = &mcc_pkg->package.elements[1];
9779 		return mcc_value->integer.value;
9780 	}
9781 	return 0;
9782 }
9783 
9784 static int ath10k_mac_get_wrdd_regulatory(struct ath10k *ar, u16 *rd)
9785 {
9786 	acpi_handle root_handle;
9787 	acpi_handle handle;
9788 	struct acpi_buffer wrdd = {ACPI_ALLOCATE_BUFFER, NULL};
9789 	acpi_status status;
9790 	u32 alpha2_code;
9791 	char alpha2[3];
9792 
9793 	root_handle = ACPI_HANDLE(ar->dev);
9794 	if (!root_handle)
9795 		return -EOPNOTSUPP;
9796 
9797 	status = acpi_get_handle(root_handle, (acpi_string)WRD_METHOD, &handle);
9798 	if (ACPI_FAILURE(status)) {
9799 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9800 			   "failed to get wrd method %d\n", status);
9801 		return -EIO;
9802 	}
9803 
9804 	status = acpi_evaluate_object(handle, NULL, NULL, &wrdd);
9805 	if (ACPI_FAILURE(status)) {
9806 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9807 			   "failed to call wrdc %d\n", status);
9808 		return -EIO;
9809 	}
9810 
9811 	alpha2_code = ath10k_mac_wrdd_get_mcc(ar, wrdd.pointer);
9812 	kfree(wrdd.pointer);
9813 	if (!alpha2_code)
9814 		return -EIO;
9815 
9816 	alpha2[0] = (alpha2_code >> 8) & 0xff;
9817 	alpha2[1] = (alpha2_code >> 0) & 0xff;
9818 	alpha2[2] = '\0';
9819 
9820 	ath10k_dbg(ar, ATH10K_DBG_BOOT,
9821 		   "regulatory hint from WRDD (alpha2-code): %s\n", alpha2);
9822 
9823 	*rd = ath_regd_find_country_by_name(alpha2);
9824 	if (*rd == 0xffff)
9825 		return -EIO;
9826 
9827 	*rd |= COUNTRY_ERD_FLAG;
9828 	return 0;
9829 }
9830 
9831 static int ath10k_mac_init_rd(struct ath10k *ar)
9832 {
9833 	int ret;
9834 	u16 rd;
9835 
9836 	ret = ath10k_mac_get_wrdd_regulatory(ar, &rd);
9837 	if (ret) {
9838 		ath10k_dbg(ar, ATH10K_DBG_BOOT,
9839 			   "fallback to eeprom programmed regulatory settings\n");
9840 		rd = ar->hw_eeprom_rd;
9841 	}
9842 
9843 	ar->ath_common.regulatory.current_rd = rd;
9844 	return 0;
9845 }
9846 
9847 int ath10k_mac_register(struct ath10k *ar)
9848 {
9849 	static const u32 cipher_suites[] = {
9850 		WLAN_CIPHER_SUITE_WEP40,
9851 		WLAN_CIPHER_SUITE_WEP104,
9852 		WLAN_CIPHER_SUITE_TKIP,
9853 		WLAN_CIPHER_SUITE_CCMP,
9854 
9855 		/* Do not add hardware supported ciphers before this line.
9856 		 * Allow software encryption for all chips. Don't forget to
9857 		 * update n_cipher_suites below.
9858 		 */
9859 		WLAN_CIPHER_SUITE_AES_CMAC,
9860 		WLAN_CIPHER_SUITE_BIP_CMAC_256,
9861 		WLAN_CIPHER_SUITE_BIP_GMAC_128,
9862 		WLAN_CIPHER_SUITE_BIP_GMAC_256,
9863 
9864 		/* Only QCA99x0 and QCA4019 varients support GCMP-128, GCMP-256
9865 		 * and CCMP-256 in hardware.
9866 		 */
9867 		WLAN_CIPHER_SUITE_GCMP,
9868 		WLAN_CIPHER_SUITE_GCMP_256,
9869 		WLAN_CIPHER_SUITE_CCMP_256,
9870 	};
9871 	struct ieee80211_supported_band *band;
9872 	void *channels;
9873 	int ret;
9874 
9875 	if (!is_valid_ether_addr(ar->mac_addr)) {
9876 		ath10k_warn(ar, "invalid MAC address; choosing random\n");
9877 		eth_random_addr(ar->mac_addr);
9878 	}
9879 	SET_IEEE80211_PERM_ADDR(ar->hw, ar->mac_addr);
9880 
9881 	SET_IEEE80211_DEV(ar->hw, ar->dev);
9882 
9883 	BUILD_BUG_ON((ARRAY_SIZE(ath10k_2ghz_channels) +
9884 		      ARRAY_SIZE(ath10k_5ghz_channels)) !=
9885 		     ATH10K_NUM_CHANS);
9886 
9887 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
9888 		channels = kmemdup(ath10k_2ghz_channels,
9889 				   sizeof(ath10k_2ghz_channels),
9890 				   GFP_KERNEL);
9891 		if (!channels) {
9892 			ret = -ENOMEM;
9893 			goto err_free;
9894 		}
9895 
9896 		band = &ar->mac.sbands[NL80211_BAND_2GHZ];
9897 		band->n_channels = ARRAY_SIZE(ath10k_2ghz_channels);
9898 		band->channels = channels;
9899 
9900 		if (ar->hw_params.cck_rate_map_rev2) {
9901 			band->n_bitrates = ath10k_g_rates_rev2_size;
9902 			band->bitrates = ath10k_g_rates_rev2;
9903 		} else {
9904 			band->n_bitrates = ath10k_g_rates_size;
9905 			band->bitrates = ath10k_g_rates;
9906 		}
9907 
9908 		ar->hw->wiphy->bands[NL80211_BAND_2GHZ] = band;
9909 	}
9910 
9911 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
9912 		channels = kmemdup(ath10k_5ghz_channels,
9913 				   sizeof(ath10k_5ghz_channels),
9914 				   GFP_KERNEL);
9915 		if (!channels) {
9916 			ret = -ENOMEM;
9917 			goto err_free;
9918 		}
9919 
9920 		band = &ar->mac.sbands[NL80211_BAND_5GHZ];
9921 		band->n_channels = ARRAY_SIZE(ath10k_5ghz_channels);
9922 		band->channels = channels;
9923 		band->n_bitrates = ath10k_a_rates_size;
9924 		band->bitrates = ath10k_a_rates;
9925 		ar->hw->wiphy->bands[NL80211_BAND_5GHZ] = band;
9926 	}
9927 
9928 	wiphy_read_of_freq_limits(ar->hw->wiphy);
9929 	ath10k_mac_setup_ht_vht_cap(ar);
9930 
9931 	ar->hw->wiphy->interface_modes =
9932 		BIT(NL80211_IFTYPE_STATION) |
9933 		BIT(NL80211_IFTYPE_AP) |
9934 		BIT(NL80211_IFTYPE_MESH_POINT);
9935 
9936 	ar->hw->wiphy->available_antennas_rx = ar->cfg_rx_chainmask;
9937 	ar->hw->wiphy->available_antennas_tx = ar->cfg_tx_chainmask;
9938 
9939 	if (!test_bit(ATH10K_FW_FEATURE_NO_P2P, ar->normal_mode_fw.fw_file.fw_features))
9940 		ar->hw->wiphy->interface_modes |=
9941 			BIT(NL80211_IFTYPE_P2P_DEVICE) |
9942 			BIT(NL80211_IFTYPE_P2P_CLIENT) |
9943 			BIT(NL80211_IFTYPE_P2P_GO);
9944 
9945 	ieee80211_hw_set(ar->hw, SIGNAL_DBM);
9946 
9947 	if (!test_bit(ATH10K_FW_FEATURE_NO_PS,
9948 		      ar->running_fw->fw_file.fw_features)) {
9949 		ieee80211_hw_set(ar->hw, SUPPORTS_PS);
9950 		ieee80211_hw_set(ar->hw, SUPPORTS_DYNAMIC_PS);
9951 	}
9952 
9953 	ieee80211_hw_set(ar->hw, MFP_CAPABLE);
9954 	ieee80211_hw_set(ar->hw, REPORTS_TX_ACK_STATUS);
9955 	ieee80211_hw_set(ar->hw, HAS_RATE_CONTROL);
9956 	ieee80211_hw_set(ar->hw, AP_LINK_PS);
9957 	ieee80211_hw_set(ar->hw, SPECTRUM_MGMT);
9958 	ieee80211_hw_set(ar->hw, SUPPORT_FAST_XMIT);
9959 	ieee80211_hw_set(ar->hw, CONNECTION_MONITOR);
9960 	ieee80211_hw_set(ar->hw, SUPPORTS_PER_STA_GTK);
9961 	ieee80211_hw_set(ar->hw, WANT_MONITOR_VIF);
9962 	ieee80211_hw_set(ar->hw, CHANCTX_STA_CSA);
9963 	ieee80211_hw_set(ar->hw, QUEUE_CONTROL);
9964 	ieee80211_hw_set(ar->hw, SUPPORTS_TX_FRAG);
9965 	ieee80211_hw_set(ar->hw, REPORTS_LOW_ACK);
9966 
9967 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
9968 		ieee80211_hw_set(ar->hw, SW_CRYPTO_CONTROL);
9969 
9970 	ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
9971 	ar->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
9972 
9973 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS)
9974 		ar->hw->wiphy->features |= NL80211_FEATURE_DYNAMIC_SMPS;
9975 
9976 	if (ar->ht_cap_info & WMI_HT_CAP_ENABLED) {
9977 		ieee80211_hw_set(ar->hw, AMPDU_AGGREGATION);
9978 		ieee80211_hw_set(ar->hw, TX_AMPDU_SETUP_IN_HW);
9979 	}
9980 
9981 	ar->hw->wiphy->max_scan_ssids = WLAN_SCAN_PARAMS_MAX_SSID;
9982 	ar->hw->wiphy->max_scan_ie_len = WLAN_SCAN_PARAMS_MAX_IE_LEN;
9983 
9984 	if (test_bit(WMI_SERVICE_NLO, ar->wmi.svc_map)) {
9985 		ar->hw->wiphy->max_sched_scan_ssids = WMI_PNO_MAX_SUPP_NETWORKS;
9986 		ar->hw->wiphy->max_match_sets = WMI_PNO_MAX_SUPP_NETWORKS;
9987 		ar->hw->wiphy->max_sched_scan_ie_len = WMI_PNO_MAX_IE_LENGTH;
9988 		ar->hw->wiphy->max_sched_scan_plans = WMI_PNO_MAX_SCHED_SCAN_PLANS;
9989 		ar->hw->wiphy->max_sched_scan_plan_interval =
9990 			WMI_PNO_MAX_SCHED_SCAN_PLAN_INT;
9991 		ar->hw->wiphy->max_sched_scan_plan_iterations =
9992 			WMI_PNO_MAX_SCHED_SCAN_PLAN_ITRNS;
9993 		ar->hw->wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
9994 	}
9995 
9996 	ar->hw->vif_data_size = sizeof(struct ath10k_vif);
9997 	ar->hw->sta_data_size = sizeof(struct ath10k_sta);
9998 	ar->hw->txq_data_size = sizeof(struct ath10k_txq);
9999 
10000 	ar->hw->max_listen_interval = ATH10K_MAX_HW_LISTEN_INTERVAL;
10001 
10002 	if (test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)) {
10003 		ar->hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
10004 
10005 		/* Firmware delivers WPS/P2P Probe Requests frames to driver so
10006 		 * that userspace (e.g. wpa_supplicant/hostapd) can generate
10007 		 * correct Probe Responses. This is more of a hack advert..
10008 		 */
10009 		ar->hw->wiphy->probe_resp_offload |=
10010 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS |
10011 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2 |
10012 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
10013 	}
10014 
10015 	if (test_bit(WMI_SERVICE_TDLS, ar->wmi.svc_map) ||
10016 	    test_bit(WMI_SERVICE_TDLS_EXPLICIT_MODE_ONLY, ar->wmi.svc_map)) {
10017 		ar->hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
10018 		if (test_bit(WMI_SERVICE_TDLS_WIDER_BANDWIDTH, ar->wmi.svc_map))
10019 			ieee80211_hw_set(ar->hw, TDLS_WIDER_BW);
10020 	}
10021 
10022 	if (test_bit(WMI_SERVICE_TDLS_UAPSD_BUFFER_STA, ar->wmi.svc_map))
10023 		ieee80211_hw_set(ar->hw, SUPPORTS_TDLS_BUFFER_STA);
10024 
10025 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
10026 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
10027 	ar->hw->wiphy->max_remain_on_channel_duration = 5000;
10028 
10029 	ar->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
10030 	ar->hw->wiphy->features |= NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
10031 				   NL80211_FEATURE_AP_SCAN;
10032 
10033 	ar->hw->wiphy->max_ap_assoc_sta = ar->max_num_stations;
10034 
10035 	ret = ath10k_wow_init(ar);
10036 	if (ret) {
10037 		ath10k_warn(ar, "failed to init wow: %d\n", ret);
10038 		goto err_free;
10039 	}
10040 
10041 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
10042 	wiphy_ext_feature_set(ar->hw->wiphy,
10043 			      NL80211_EXT_FEATURE_SET_SCAN_DWELL);
10044 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_AQL);
10045 
10046 	if (test_bit(WMI_SERVICE_TX_DATA_ACK_RSSI, ar->wmi.svc_map) ||
10047 	    test_bit(WMI_SERVICE_HTT_MGMT_TX_COMP_VALID_FLAGS, ar->wmi.svc_map))
10048 		wiphy_ext_feature_set(ar->hw->wiphy,
10049 				      NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT);
10050 
10051 	if (ath10k_peer_stats_enabled(ar) ||
10052 	    test_bit(WMI_SERVICE_REPORT_AIRTIME, ar->wmi.svc_map))
10053 		wiphy_ext_feature_set(ar->hw->wiphy,
10054 				      NL80211_EXT_FEATURE_AIRTIME_FAIRNESS);
10055 
10056 	if (test_bit(WMI_SERVICE_RTT_RESPONDER_ROLE, ar->wmi.svc_map))
10057 		wiphy_ext_feature_set(ar->hw->wiphy,
10058 				      NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER);
10059 
10060 	if (test_bit(WMI_SERVICE_TX_PWR_PER_PEER, ar->wmi.svc_map))
10061 		wiphy_ext_feature_set(ar->hw->wiphy,
10062 				      NL80211_EXT_FEATURE_STA_TX_PWR);
10063 
10064 	if (test_bit(WMI_SERVICE_PEER_TID_CONFIGS_SUPPORT, ar->wmi.svc_map)) {
10065 		ar->hw->wiphy->tid_config_support.vif |=
10066 				BIT(NL80211_TID_CONFIG_ATTR_NOACK) |
10067 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_SHORT) |
10068 				BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG) |
10069 				BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL) |
10070 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE) |
10071 				BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE);
10072 
10073 		if (test_bit(WMI_SERVICE_EXT_PEER_TID_CONFIGS_SUPPORT,
10074 			     ar->wmi.svc_map)) {
10075 			ar->hw->wiphy->tid_config_support.vif |=
10076 				BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL);
10077 		}
10078 
10079 		ar->hw->wiphy->tid_config_support.peer =
10080 				ar->hw->wiphy->tid_config_support.vif;
10081 		ar->hw->wiphy->max_data_retry_count = ATH10K_MAX_RETRY_COUNT;
10082 	} else {
10083 		ar->ops->set_tid_config = NULL;
10084 	}
10085 	/*
10086 	 * on LL hardware queues are managed entirely by the FW
10087 	 * so we only advertise to mac we can do the queues thing
10088 	 */
10089 	ar->hw->queues = IEEE80211_MAX_QUEUES;
10090 
10091 	/* vdev_ids are used as hw queue numbers. Make sure offchan tx queue is
10092 	 * something that vdev_ids can't reach so that we don't stop the queue
10093 	 * accidentally.
10094 	 */
10095 	ar->hw->offchannel_tx_hw_queue = IEEE80211_MAX_QUEUES - 1;
10096 
10097 	switch (ar->running_fw->fw_file.wmi_op_version) {
10098 	case ATH10K_FW_WMI_OP_VERSION_MAIN:
10099 		ar->hw->wiphy->iface_combinations = ath10k_if_comb;
10100 		ar->hw->wiphy->n_iface_combinations =
10101 			ARRAY_SIZE(ath10k_if_comb);
10102 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
10103 		break;
10104 	case ATH10K_FW_WMI_OP_VERSION_TLV:
10105 		if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
10106 			ar->hw->wiphy->iface_combinations =
10107 				ath10k_tlv_qcs_if_comb;
10108 			ar->hw->wiphy->n_iface_combinations =
10109 				ARRAY_SIZE(ath10k_tlv_qcs_if_comb);
10110 		} else {
10111 			ar->hw->wiphy->iface_combinations = ath10k_tlv_if_comb;
10112 			ar->hw->wiphy->n_iface_combinations =
10113 				ARRAY_SIZE(ath10k_tlv_if_comb);
10114 		}
10115 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
10116 		break;
10117 	case ATH10K_FW_WMI_OP_VERSION_10_1:
10118 	case ATH10K_FW_WMI_OP_VERSION_10_2:
10119 	case ATH10K_FW_WMI_OP_VERSION_10_2_4:
10120 		ar->hw->wiphy->iface_combinations = ath10k_10x_if_comb;
10121 		ar->hw->wiphy->n_iface_combinations =
10122 			ARRAY_SIZE(ath10k_10x_if_comb);
10123 		break;
10124 	case ATH10K_FW_WMI_OP_VERSION_10_4:
10125 		ar->hw->wiphy->iface_combinations = ath10k_10_4_if_comb;
10126 		ar->hw->wiphy->n_iface_combinations =
10127 			ARRAY_SIZE(ath10k_10_4_if_comb);
10128 		if (test_bit(WMI_SERVICE_VDEV_DIFFERENT_BEACON_INTERVAL_SUPPORT,
10129 			     ar->wmi.svc_map)) {
10130 			ar->hw->wiphy->iface_combinations =
10131 				ath10k_10_4_bcn_int_if_comb;
10132 			ar->hw->wiphy->n_iface_combinations =
10133 				ARRAY_SIZE(ath10k_10_4_bcn_int_if_comb);
10134 		}
10135 		break;
10136 	case ATH10K_FW_WMI_OP_VERSION_UNSET:
10137 	case ATH10K_FW_WMI_OP_VERSION_MAX:
10138 		WARN_ON(1);
10139 		ret = -EINVAL;
10140 		goto err_free;
10141 	}
10142 
10143 	if (ar->hw_params.dynamic_sar_support)
10144 		ar->hw->wiphy->sar_capa = &ath10k_sar_capa;
10145 
10146 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
10147 		ar->hw->netdev_features = NETIF_F_HW_CSUM;
10148 
10149 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED)) {
10150 		/* Init ath dfs pattern detector */
10151 		ar->ath_common.debug_mask = ATH_DBG_DFS;
10152 		ar->dfs_detector = dfs_pattern_detector_init(&ar->ath_common,
10153 							     NL80211_DFS_UNSET);
10154 
10155 		if (!ar->dfs_detector)
10156 			ath10k_warn(ar, "failed to initialise DFS pattern detector\n");
10157 	}
10158 
10159 	ret = ath10k_mac_init_rd(ar);
10160 	if (ret) {
10161 		ath10k_err(ar, "failed to derive regdom: %d\n", ret);
10162 		goto err_dfs_detector_exit;
10163 	}
10164 
10165 	/* Disable set_coverage_class for chipsets that do not support it. */
10166 	if (!ar->hw_params.hw_ops->set_coverage_class)
10167 		ar->ops->set_coverage_class = NULL;
10168 
10169 	ret = ath_regd_init(&ar->ath_common.regulatory, ar->hw->wiphy,
10170 			    ath10k_reg_notifier);
10171 	if (ret) {
10172 		ath10k_err(ar, "failed to initialise regulatory: %i\n", ret);
10173 		goto err_dfs_detector_exit;
10174 	}
10175 
10176 	if (test_bit(WMI_SERVICE_SPOOF_MAC_SUPPORT, ar->wmi.svc_map)) {
10177 		ar->hw->wiphy->features |=
10178 			NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
10179 	}
10180 
10181 	ar->hw->wiphy->cipher_suites = cipher_suites;
10182 
10183 	/* QCA988x and QCA6174 family chips do not support CCMP-256, GCMP-128
10184 	 * and GCMP-256 ciphers in hardware. Fetch number of ciphers supported
10185 	 * from chip specific hw_param table.
10186 	 */
10187 	if (!ar->hw_params.n_cipher_suites ||
10188 	    ar->hw_params.n_cipher_suites > ARRAY_SIZE(cipher_suites)) {
10189 		ath10k_err(ar, "invalid hw_params.n_cipher_suites %d\n",
10190 			   ar->hw_params.n_cipher_suites);
10191 		ar->hw_params.n_cipher_suites = 8;
10192 	}
10193 	ar->hw->wiphy->n_cipher_suites = ar->hw_params.n_cipher_suites;
10194 
10195 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
10196 
10197 	ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER;
10198 
10199 	ret = ieee80211_register_hw(ar->hw);
10200 	if (ret) {
10201 		ath10k_err(ar, "failed to register ieee80211: %d\n", ret);
10202 		goto err_dfs_detector_exit;
10203 	}
10204 
10205 	if (test_bit(WMI_SERVICE_PER_PACKET_SW_ENCRYPT, ar->wmi.svc_map)) {
10206 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN);
10207 		ar->hw->wiphy->software_iftypes |= BIT(NL80211_IFTYPE_AP_VLAN);
10208 	}
10209 
10210 	if (!ath_is_world_regd(&ar->ath_common.regulatory)) {
10211 		ret = regulatory_hint(ar->hw->wiphy,
10212 				      ar->ath_common.regulatory.alpha2);
10213 		if (ret)
10214 			goto err_unregister;
10215 	}
10216 
10217 	return 0;
10218 
10219 err_unregister:
10220 	ieee80211_unregister_hw(ar->hw);
10221 
10222 err_dfs_detector_exit:
10223 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10224 		ar->dfs_detector->exit(ar->dfs_detector);
10225 
10226 err_free:
10227 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10228 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10229 
10230 	SET_IEEE80211_DEV(ar->hw, NULL);
10231 	return ret;
10232 }
10233 
10234 void ath10k_mac_unregister(struct ath10k *ar)
10235 {
10236 	ieee80211_unregister_hw(ar->hw);
10237 
10238 	if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
10239 		ar->dfs_detector->exit(ar->dfs_detector);
10240 
10241 	kfree(ar->mac.sbands[NL80211_BAND_2GHZ].channels);
10242 	kfree(ar->mac.sbands[NL80211_BAND_5GHZ].channels);
10243 
10244 	SET_IEEE80211_DEV(ar->hw, NULL);
10245 }
10246