xref: /openbmc/linux/drivers/net/wireless/ath/ath10k/mac.c (revision eb3fcf007fffe5830d815e713591f3e858f2a365)
1 /*
2  * Copyright (c) 2005-2011 Atheros Communications Inc.
3  * Copyright (c) 2011-2013 Qualcomm Atheros, Inc.
4  *
5  * Permission to use, copy, modify, and/or distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include "mac.h"
19 
20 #include <net/mac80211.h>
21 #include <linux/etherdevice.h>
22 
23 #include "hif.h"
24 #include "core.h"
25 #include "debug.h"
26 #include "wmi.h"
27 #include "htt.h"
28 #include "txrx.h"
29 #include "testmode.h"
30 #include "wmi.h"
31 #include "wmi-tlv.h"
32 #include "wmi-ops.h"
33 #include "wow.h"
34 
35 /*********/
36 /* Rates */
37 /*********/
38 
39 static struct ieee80211_rate ath10k_rates[] = {
40 	{ .bitrate = 10,
41 	  .hw_value = ATH10K_HW_RATE_CCK_LP_1M },
42 	{ .bitrate = 20,
43 	  .hw_value = ATH10K_HW_RATE_CCK_LP_2M,
44 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_2M,
45 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
46 	{ .bitrate = 55,
47 	  .hw_value = ATH10K_HW_RATE_CCK_LP_5_5M,
48 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_5_5M,
49 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
50 	{ .bitrate = 110,
51 	  .hw_value = ATH10K_HW_RATE_CCK_LP_11M,
52 	  .hw_value_short = ATH10K_HW_RATE_CCK_SP_11M,
53 	  .flags = IEEE80211_RATE_SHORT_PREAMBLE },
54 
55 	{ .bitrate = 60, .hw_value = ATH10K_HW_RATE_OFDM_6M },
56 	{ .bitrate = 90, .hw_value = ATH10K_HW_RATE_OFDM_9M },
57 	{ .bitrate = 120, .hw_value = ATH10K_HW_RATE_OFDM_12M },
58 	{ .bitrate = 180, .hw_value = ATH10K_HW_RATE_OFDM_18M },
59 	{ .bitrate = 240, .hw_value = ATH10K_HW_RATE_OFDM_24M },
60 	{ .bitrate = 360, .hw_value = ATH10K_HW_RATE_OFDM_36M },
61 	{ .bitrate = 480, .hw_value = ATH10K_HW_RATE_OFDM_48M },
62 	{ .bitrate = 540, .hw_value = ATH10K_HW_RATE_OFDM_54M },
63 };
64 
65 #define ATH10K_MAC_FIRST_OFDM_RATE_IDX 4
66 
67 #define ath10k_a_rates (ath10k_rates + ATH10K_MAC_FIRST_OFDM_RATE_IDX)
68 #define ath10k_a_rates_size (ARRAY_SIZE(ath10k_rates) - \
69 			     ATH10K_MAC_FIRST_OFDM_RATE_IDX)
70 #define ath10k_g_rates (ath10k_rates + 0)
71 #define ath10k_g_rates_size (ARRAY_SIZE(ath10k_rates))
72 
73 static bool ath10k_mac_bitrate_is_cck(int bitrate)
74 {
75 	switch (bitrate) {
76 	case 10:
77 	case 20:
78 	case 55:
79 	case 110:
80 		return true;
81 	}
82 
83 	return false;
84 }
85 
86 static u8 ath10k_mac_bitrate_to_rate(int bitrate)
87 {
88 	return DIV_ROUND_UP(bitrate, 5) |
89 	       (ath10k_mac_bitrate_is_cck(bitrate) ? BIT(7) : 0);
90 }
91 
92 u8 ath10k_mac_hw_rate_to_idx(const struct ieee80211_supported_band *sband,
93 			     u8 hw_rate)
94 {
95 	const struct ieee80211_rate *rate;
96 	int i;
97 
98 	for (i = 0; i < sband->n_bitrates; i++) {
99 		rate = &sband->bitrates[i];
100 
101 		if (rate->hw_value == hw_rate)
102 			return i;
103 		else if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE &&
104 			 rate->hw_value_short == hw_rate)
105 			return i;
106 	}
107 
108 	return 0;
109 }
110 
111 u8 ath10k_mac_bitrate_to_idx(const struct ieee80211_supported_band *sband,
112 			     u32 bitrate)
113 {
114 	int i;
115 
116 	for (i = 0; i < sband->n_bitrates; i++)
117 		if (sband->bitrates[i].bitrate == bitrate)
118 			return i;
119 
120 	return 0;
121 }
122 
123 static int ath10k_mac_get_max_vht_mcs_map(u16 mcs_map, int nss)
124 {
125 	switch ((mcs_map >> (2 * nss)) & 0x3) {
126 	case IEEE80211_VHT_MCS_SUPPORT_0_7: return BIT(8) - 1;
127 	case IEEE80211_VHT_MCS_SUPPORT_0_8: return BIT(9) - 1;
128 	case IEEE80211_VHT_MCS_SUPPORT_0_9: return BIT(10) - 1;
129 	}
130 	return 0;
131 }
132 
133 static u32
134 ath10k_mac_max_ht_nss(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
135 {
136 	int nss;
137 
138 	for (nss = IEEE80211_HT_MCS_MASK_LEN - 1; nss >= 0; nss--)
139 		if (ht_mcs_mask[nss])
140 			return nss + 1;
141 
142 	return 1;
143 }
144 
145 static u32
146 ath10k_mac_max_vht_nss(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
147 {
148 	int nss;
149 
150 	for (nss = NL80211_VHT_NSS_MAX - 1; nss >= 0; nss--)
151 		if (vht_mcs_mask[nss])
152 			return nss + 1;
153 
154 	return 1;
155 }
156 
157 /**********/
158 /* Crypto */
159 /**********/
160 
161 static int ath10k_send_key(struct ath10k_vif *arvif,
162 			   struct ieee80211_key_conf *key,
163 			   enum set_key_cmd cmd,
164 			   const u8 *macaddr, u32 flags)
165 {
166 	struct ath10k *ar = arvif->ar;
167 	struct wmi_vdev_install_key_arg arg = {
168 		.vdev_id = arvif->vdev_id,
169 		.key_idx = key->keyidx,
170 		.key_len = key->keylen,
171 		.key_data = key->key,
172 		.key_flags = flags,
173 		.macaddr = macaddr,
174 	};
175 
176 	lockdep_assert_held(&arvif->ar->conf_mutex);
177 
178 	switch (key->cipher) {
179 	case WLAN_CIPHER_SUITE_CCMP:
180 		arg.key_cipher = WMI_CIPHER_AES_CCM;
181 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
182 		break;
183 	case WLAN_CIPHER_SUITE_TKIP:
184 		arg.key_cipher = WMI_CIPHER_TKIP;
185 		arg.key_txmic_len = 8;
186 		arg.key_rxmic_len = 8;
187 		break;
188 	case WLAN_CIPHER_SUITE_WEP40:
189 	case WLAN_CIPHER_SUITE_WEP104:
190 		arg.key_cipher = WMI_CIPHER_WEP;
191 		break;
192 	case WLAN_CIPHER_SUITE_AES_CMAC:
193 		WARN_ON(1);
194 		return -EINVAL;
195 	default:
196 		ath10k_warn(ar, "cipher %d is not supported\n", key->cipher);
197 		return -EOPNOTSUPP;
198 	}
199 
200 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
201 		key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
202 	}
203 
204 	if (cmd == DISABLE_KEY) {
205 		arg.key_cipher = WMI_CIPHER_NONE;
206 		arg.key_data = NULL;
207 	}
208 
209 	return ath10k_wmi_vdev_install_key(arvif->ar, &arg);
210 }
211 
212 static int ath10k_install_key(struct ath10k_vif *arvif,
213 			      struct ieee80211_key_conf *key,
214 			      enum set_key_cmd cmd,
215 			      const u8 *macaddr, u32 flags)
216 {
217 	struct ath10k *ar = arvif->ar;
218 	int ret;
219 	unsigned long time_left;
220 
221 	lockdep_assert_held(&ar->conf_mutex);
222 
223 	reinit_completion(&ar->install_key_done);
224 
225 	if (arvif->nohwcrypt)
226 		return 1;
227 
228 	ret = ath10k_send_key(arvif, key, cmd, macaddr, flags);
229 	if (ret)
230 		return ret;
231 
232 	time_left = wait_for_completion_timeout(&ar->install_key_done, 3 * HZ);
233 	if (time_left == 0)
234 		return -ETIMEDOUT;
235 
236 	return 0;
237 }
238 
239 static int ath10k_install_peer_wep_keys(struct ath10k_vif *arvif,
240 					const u8 *addr)
241 {
242 	struct ath10k *ar = arvif->ar;
243 	struct ath10k_peer *peer;
244 	int ret;
245 	int i;
246 	u32 flags;
247 
248 	lockdep_assert_held(&ar->conf_mutex);
249 
250 	if (WARN_ON(arvif->vif->type != NL80211_IFTYPE_AP &&
251 		    arvif->vif->type != NL80211_IFTYPE_ADHOC))
252 		return -EINVAL;
253 
254 	spin_lock_bh(&ar->data_lock);
255 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
256 	spin_unlock_bh(&ar->data_lock);
257 
258 	if (!peer)
259 		return -ENOENT;
260 
261 	for (i = 0; i < ARRAY_SIZE(arvif->wep_keys); i++) {
262 		if (arvif->wep_keys[i] == NULL)
263 			continue;
264 
265 		switch (arvif->vif->type) {
266 		case NL80211_IFTYPE_AP:
267 			flags = WMI_KEY_PAIRWISE;
268 
269 			if (arvif->def_wep_key_idx == i)
270 				flags |= WMI_KEY_TX_USAGE;
271 
272 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
273 						 SET_KEY, addr, flags);
274 			if (ret < 0)
275 				return ret;
276 			break;
277 		case NL80211_IFTYPE_ADHOC:
278 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
279 						 SET_KEY, addr,
280 						 WMI_KEY_PAIRWISE);
281 			if (ret < 0)
282 				return ret;
283 
284 			ret = ath10k_install_key(arvif, arvif->wep_keys[i],
285 						 SET_KEY, addr, WMI_KEY_GROUP);
286 			if (ret < 0)
287 				return ret;
288 			break;
289 		default:
290 			WARN_ON(1);
291 			return -EINVAL;
292 		}
293 
294 		spin_lock_bh(&ar->data_lock);
295 		peer->keys[i] = arvif->wep_keys[i];
296 		spin_unlock_bh(&ar->data_lock);
297 	}
298 
299 	/* In some cases (notably with static WEP IBSS with multiple keys)
300 	 * multicast Tx becomes broken. Both pairwise and groupwise keys are
301 	 * installed already. Using WMI_KEY_TX_USAGE in different combinations
302 	 * didn't seem help. Using def_keyid vdev parameter seems to be
303 	 * effective so use that.
304 	 *
305 	 * FIXME: Revisit. Perhaps this can be done in a less hacky way.
306 	 */
307 	if (arvif->vif->type != NL80211_IFTYPE_ADHOC)
308 		return 0;
309 
310 	if (arvif->def_wep_key_idx == -1)
311 		return 0;
312 
313 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
314 					arvif->vdev_id,
315 					arvif->ar->wmi.vdev_param->def_keyid,
316 					arvif->def_wep_key_idx);
317 	if (ret) {
318 		ath10k_warn(ar, "failed to re-set def wpa key idxon vdev %i: %d\n",
319 			    arvif->vdev_id, ret);
320 		return ret;
321 	}
322 
323 	return 0;
324 }
325 
326 static int ath10k_clear_peer_keys(struct ath10k_vif *arvif,
327 				  const u8 *addr)
328 {
329 	struct ath10k *ar = arvif->ar;
330 	struct ath10k_peer *peer;
331 	int first_errno = 0;
332 	int ret;
333 	int i;
334 	u32 flags = 0;
335 
336 	lockdep_assert_held(&ar->conf_mutex);
337 
338 	spin_lock_bh(&ar->data_lock);
339 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
340 	spin_unlock_bh(&ar->data_lock);
341 
342 	if (!peer)
343 		return -ENOENT;
344 
345 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
346 		if (peer->keys[i] == NULL)
347 			continue;
348 
349 		/* key flags are not required to delete the key */
350 		ret = ath10k_install_key(arvif, peer->keys[i],
351 					 DISABLE_KEY, addr, flags);
352 		if (ret < 0 && first_errno == 0)
353 			first_errno = ret;
354 
355 		if (ret < 0)
356 			ath10k_warn(ar, "failed to remove peer wep key %d: %d\n",
357 				    i, ret);
358 
359 		spin_lock_bh(&ar->data_lock);
360 		peer->keys[i] = NULL;
361 		spin_unlock_bh(&ar->data_lock);
362 	}
363 
364 	return first_errno;
365 }
366 
367 bool ath10k_mac_is_peer_wep_key_set(struct ath10k *ar, const u8 *addr,
368 				    u8 keyidx)
369 {
370 	struct ath10k_peer *peer;
371 	int i;
372 
373 	lockdep_assert_held(&ar->data_lock);
374 
375 	/* We don't know which vdev this peer belongs to,
376 	 * since WMI doesn't give us that information.
377 	 *
378 	 * FIXME: multi-bss needs to be handled.
379 	 */
380 	peer = ath10k_peer_find(ar, 0, addr);
381 	if (!peer)
382 		return false;
383 
384 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
385 		if (peer->keys[i] && peer->keys[i]->keyidx == keyidx)
386 			return true;
387 	}
388 
389 	return false;
390 }
391 
392 static int ath10k_clear_vdev_key(struct ath10k_vif *arvif,
393 				 struct ieee80211_key_conf *key)
394 {
395 	struct ath10k *ar = arvif->ar;
396 	struct ath10k_peer *peer;
397 	u8 addr[ETH_ALEN];
398 	int first_errno = 0;
399 	int ret;
400 	int i;
401 	u32 flags = 0;
402 
403 	lockdep_assert_held(&ar->conf_mutex);
404 
405 	for (;;) {
406 		/* since ath10k_install_key we can't hold data_lock all the
407 		 * time, so we try to remove the keys incrementally */
408 		spin_lock_bh(&ar->data_lock);
409 		i = 0;
410 		list_for_each_entry(peer, &ar->peers, list) {
411 			for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
412 				if (peer->keys[i] == key) {
413 					ether_addr_copy(addr, peer->addr);
414 					peer->keys[i] = NULL;
415 					break;
416 				}
417 			}
418 
419 			if (i < ARRAY_SIZE(peer->keys))
420 				break;
421 		}
422 		spin_unlock_bh(&ar->data_lock);
423 
424 		if (i == ARRAY_SIZE(peer->keys))
425 			break;
426 		/* key flags are not required to delete the key */
427 		ret = ath10k_install_key(arvif, key, DISABLE_KEY, addr, flags);
428 		if (ret < 0 && first_errno == 0)
429 			first_errno = ret;
430 
431 		if (ret)
432 			ath10k_warn(ar, "failed to remove key for %pM: %d\n",
433 				    addr, ret);
434 	}
435 
436 	return first_errno;
437 }
438 
439 static int ath10k_mac_vif_update_wep_key(struct ath10k_vif *arvif,
440 					 struct ieee80211_key_conf *key)
441 {
442 	struct ath10k *ar = arvif->ar;
443 	struct ath10k_peer *peer;
444 	int ret;
445 
446 	lockdep_assert_held(&ar->conf_mutex);
447 
448 	list_for_each_entry(peer, &ar->peers, list) {
449 		if (!memcmp(peer->addr, arvif->vif->addr, ETH_ALEN))
450 			continue;
451 
452 		if (!memcmp(peer->addr, arvif->bssid, ETH_ALEN))
453 			continue;
454 
455 		if (peer->keys[key->keyidx] == key)
456 			continue;
457 
458 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vif vdev %i update key %i needs update\n",
459 			   arvif->vdev_id, key->keyidx);
460 
461 		ret = ath10k_install_peer_wep_keys(arvif, peer->addr);
462 		if (ret) {
463 			ath10k_warn(ar, "failed to update wep keys on vdev %i for peer %pM: %d\n",
464 				    arvif->vdev_id, peer->addr, ret);
465 			return ret;
466 		}
467 	}
468 
469 	return 0;
470 }
471 
472 /*********************/
473 /* General utilities */
474 /*********************/
475 
476 static inline enum wmi_phy_mode
477 chan_to_phymode(const struct cfg80211_chan_def *chandef)
478 {
479 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
480 
481 	switch (chandef->chan->band) {
482 	case IEEE80211_BAND_2GHZ:
483 		switch (chandef->width) {
484 		case NL80211_CHAN_WIDTH_20_NOHT:
485 			if (chandef->chan->flags & IEEE80211_CHAN_NO_OFDM)
486 				phymode = MODE_11B;
487 			else
488 				phymode = MODE_11G;
489 			break;
490 		case NL80211_CHAN_WIDTH_20:
491 			phymode = MODE_11NG_HT20;
492 			break;
493 		case NL80211_CHAN_WIDTH_40:
494 			phymode = MODE_11NG_HT40;
495 			break;
496 		case NL80211_CHAN_WIDTH_5:
497 		case NL80211_CHAN_WIDTH_10:
498 		case NL80211_CHAN_WIDTH_80:
499 		case NL80211_CHAN_WIDTH_80P80:
500 		case NL80211_CHAN_WIDTH_160:
501 			phymode = MODE_UNKNOWN;
502 			break;
503 		}
504 		break;
505 	case IEEE80211_BAND_5GHZ:
506 		switch (chandef->width) {
507 		case NL80211_CHAN_WIDTH_20_NOHT:
508 			phymode = MODE_11A;
509 			break;
510 		case NL80211_CHAN_WIDTH_20:
511 			phymode = MODE_11NA_HT20;
512 			break;
513 		case NL80211_CHAN_WIDTH_40:
514 			phymode = MODE_11NA_HT40;
515 			break;
516 		case NL80211_CHAN_WIDTH_80:
517 			phymode = MODE_11AC_VHT80;
518 			break;
519 		case NL80211_CHAN_WIDTH_5:
520 		case NL80211_CHAN_WIDTH_10:
521 		case NL80211_CHAN_WIDTH_80P80:
522 		case NL80211_CHAN_WIDTH_160:
523 			phymode = MODE_UNKNOWN;
524 			break;
525 		}
526 		break;
527 	default:
528 		break;
529 	}
530 
531 	WARN_ON(phymode == MODE_UNKNOWN);
532 	return phymode;
533 }
534 
535 static u8 ath10k_parse_mpdudensity(u8 mpdudensity)
536 {
537 /*
538  * 802.11n D2.0 defined values for "Minimum MPDU Start Spacing":
539  *   0 for no restriction
540  *   1 for 1/4 us
541  *   2 for 1/2 us
542  *   3 for 1 us
543  *   4 for 2 us
544  *   5 for 4 us
545  *   6 for 8 us
546  *   7 for 16 us
547  */
548 	switch (mpdudensity) {
549 	case 0:
550 		return 0;
551 	case 1:
552 	case 2:
553 	case 3:
554 	/* Our lower layer calculations limit our precision to
555 	   1 microsecond */
556 		return 1;
557 	case 4:
558 		return 2;
559 	case 5:
560 		return 4;
561 	case 6:
562 		return 8;
563 	case 7:
564 		return 16;
565 	default:
566 		return 0;
567 	}
568 }
569 
570 int ath10k_mac_vif_chan(struct ieee80211_vif *vif,
571 			struct cfg80211_chan_def *def)
572 {
573 	struct ieee80211_chanctx_conf *conf;
574 
575 	rcu_read_lock();
576 	conf = rcu_dereference(vif->chanctx_conf);
577 	if (!conf) {
578 		rcu_read_unlock();
579 		return -ENOENT;
580 	}
581 
582 	*def = conf->def;
583 	rcu_read_unlock();
584 
585 	return 0;
586 }
587 
588 static void ath10k_mac_num_chanctxs_iter(struct ieee80211_hw *hw,
589 					 struct ieee80211_chanctx_conf *conf,
590 					 void *data)
591 {
592 	int *num = data;
593 
594 	(*num)++;
595 }
596 
597 static int ath10k_mac_num_chanctxs(struct ath10k *ar)
598 {
599 	int num = 0;
600 
601 	ieee80211_iter_chan_contexts_atomic(ar->hw,
602 					    ath10k_mac_num_chanctxs_iter,
603 					    &num);
604 
605 	return num;
606 }
607 
608 static void
609 ath10k_mac_get_any_chandef_iter(struct ieee80211_hw *hw,
610 				struct ieee80211_chanctx_conf *conf,
611 				void *data)
612 {
613 	struct cfg80211_chan_def **def = data;
614 
615 	*def = &conf->def;
616 }
617 
618 static int ath10k_peer_create(struct ath10k *ar, u32 vdev_id, const u8 *addr,
619 			      enum wmi_peer_type peer_type)
620 {
621 	struct ath10k_vif *arvif;
622 	int num_peers = 0;
623 	int ret;
624 
625 	lockdep_assert_held(&ar->conf_mutex);
626 
627 	num_peers = ar->num_peers;
628 
629 	/* Each vdev consumes a peer entry as well */
630 	list_for_each_entry(arvif, &ar->arvifs, list)
631 		num_peers++;
632 
633 	if (num_peers >= ar->max_num_peers)
634 		return -ENOBUFS;
635 
636 	ret = ath10k_wmi_peer_create(ar, vdev_id, addr, peer_type);
637 	if (ret) {
638 		ath10k_warn(ar, "failed to create wmi peer %pM on vdev %i: %i\n",
639 			    addr, vdev_id, ret);
640 		return ret;
641 	}
642 
643 	ret = ath10k_wait_for_peer_created(ar, vdev_id, addr);
644 	if (ret) {
645 		ath10k_warn(ar, "failed to wait for created wmi peer %pM on vdev %i: %i\n",
646 			    addr, vdev_id, ret);
647 		return ret;
648 	}
649 
650 	ar->num_peers++;
651 
652 	return 0;
653 }
654 
655 static int ath10k_mac_set_kickout(struct ath10k_vif *arvif)
656 {
657 	struct ath10k *ar = arvif->ar;
658 	u32 param;
659 	int ret;
660 
661 	param = ar->wmi.pdev_param->sta_kickout_th;
662 	ret = ath10k_wmi_pdev_set_param(ar, param,
663 					ATH10K_KICKOUT_THRESHOLD);
664 	if (ret) {
665 		ath10k_warn(ar, "failed to set kickout threshold on vdev %i: %d\n",
666 			    arvif->vdev_id, ret);
667 		return ret;
668 	}
669 
670 	param = ar->wmi.vdev_param->ap_keepalive_min_idle_inactive_time_secs;
671 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
672 					ATH10K_KEEPALIVE_MIN_IDLE);
673 	if (ret) {
674 		ath10k_warn(ar, "failed to set keepalive minimum idle time on vdev %i: %d\n",
675 			    arvif->vdev_id, ret);
676 		return ret;
677 	}
678 
679 	param = ar->wmi.vdev_param->ap_keepalive_max_idle_inactive_time_secs;
680 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
681 					ATH10K_KEEPALIVE_MAX_IDLE);
682 	if (ret) {
683 		ath10k_warn(ar, "failed to set keepalive maximum idle time on vdev %i: %d\n",
684 			    arvif->vdev_id, ret);
685 		return ret;
686 	}
687 
688 	param = ar->wmi.vdev_param->ap_keepalive_max_unresponsive_time_secs;
689 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
690 					ATH10K_KEEPALIVE_MAX_UNRESPONSIVE);
691 	if (ret) {
692 		ath10k_warn(ar, "failed to set keepalive maximum unresponsive time on vdev %i: %d\n",
693 			    arvif->vdev_id, ret);
694 		return ret;
695 	}
696 
697 	return 0;
698 }
699 
700 static int ath10k_mac_set_rts(struct ath10k_vif *arvif, u32 value)
701 {
702 	struct ath10k *ar = arvif->ar;
703 	u32 vdev_param;
704 
705 	vdev_param = ar->wmi.vdev_param->rts_threshold;
706 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, value);
707 }
708 
709 static int ath10k_peer_delete(struct ath10k *ar, u32 vdev_id, const u8 *addr)
710 {
711 	int ret;
712 
713 	lockdep_assert_held(&ar->conf_mutex);
714 
715 	ret = ath10k_wmi_peer_delete(ar, vdev_id, addr);
716 	if (ret)
717 		return ret;
718 
719 	ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
720 	if (ret)
721 		return ret;
722 
723 	ar->num_peers--;
724 
725 	return 0;
726 }
727 
728 static void ath10k_peer_cleanup(struct ath10k *ar, u32 vdev_id)
729 {
730 	struct ath10k_peer *peer, *tmp;
731 
732 	lockdep_assert_held(&ar->conf_mutex);
733 
734 	spin_lock_bh(&ar->data_lock);
735 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
736 		if (peer->vdev_id != vdev_id)
737 			continue;
738 
739 		ath10k_warn(ar, "removing stale peer %pM from vdev_id %d\n",
740 			    peer->addr, vdev_id);
741 
742 		list_del(&peer->list);
743 		kfree(peer);
744 		ar->num_peers--;
745 	}
746 	spin_unlock_bh(&ar->data_lock);
747 }
748 
749 static void ath10k_peer_cleanup_all(struct ath10k *ar)
750 {
751 	struct ath10k_peer *peer, *tmp;
752 
753 	lockdep_assert_held(&ar->conf_mutex);
754 
755 	spin_lock_bh(&ar->data_lock);
756 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
757 		list_del(&peer->list);
758 		kfree(peer);
759 	}
760 	spin_unlock_bh(&ar->data_lock);
761 
762 	ar->num_peers = 0;
763 	ar->num_stations = 0;
764 }
765 
766 static int ath10k_mac_tdls_peer_update(struct ath10k *ar, u32 vdev_id,
767 				       struct ieee80211_sta *sta,
768 				       enum wmi_tdls_peer_state state)
769 {
770 	int ret;
771 	struct wmi_tdls_peer_update_cmd_arg arg = {};
772 	struct wmi_tdls_peer_capab_arg cap = {};
773 	struct wmi_channel_arg chan_arg = {};
774 
775 	lockdep_assert_held(&ar->conf_mutex);
776 
777 	arg.vdev_id = vdev_id;
778 	arg.peer_state = state;
779 	ether_addr_copy(arg.addr, sta->addr);
780 
781 	cap.peer_max_sp = sta->max_sp;
782 	cap.peer_uapsd_queues = sta->uapsd_queues;
783 
784 	if (state == WMI_TDLS_PEER_STATE_CONNECTED &&
785 	    !sta->tdls_initiator)
786 		cap.is_peer_responder = 1;
787 
788 	ret = ath10k_wmi_tdls_peer_update(ar, &arg, &cap, &chan_arg);
789 	if (ret) {
790 		ath10k_warn(ar, "failed to update tdls peer %pM on vdev %i: %i\n",
791 			    arg.addr, vdev_id, ret);
792 		return ret;
793 	}
794 
795 	return 0;
796 }
797 
798 /************************/
799 /* Interface management */
800 /************************/
801 
802 void ath10k_mac_vif_beacon_free(struct ath10k_vif *arvif)
803 {
804 	struct ath10k *ar = arvif->ar;
805 
806 	lockdep_assert_held(&ar->data_lock);
807 
808 	if (!arvif->beacon)
809 		return;
810 
811 	if (!arvif->beacon_buf)
812 		dma_unmap_single(ar->dev, ATH10K_SKB_CB(arvif->beacon)->paddr,
813 				 arvif->beacon->len, DMA_TO_DEVICE);
814 
815 	if (WARN_ON(arvif->beacon_state != ATH10K_BEACON_SCHEDULED &&
816 		    arvif->beacon_state != ATH10K_BEACON_SENT))
817 		return;
818 
819 	dev_kfree_skb_any(arvif->beacon);
820 
821 	arvif->beacon = NULL;
822 	arvif->beacon_state = ATH10K_BEACON_SCHEDULED;
823 }
824 
825 static void ath10k_mac_vif_beacon_cleanup(struct ath10k_vif *arvif)
826 {
827 	struct ath10k *ar = arvif->ar;
828 
829 	lockdep_assert_held(&ar->data_lock);
830 
831 	ath10k_mac_vif_beacon_free(arvif);
832 
833 	if (arvif->beacon_buf) {
834 		dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
835 				  arvif->beacon_buf, arvif->beacon_paddr);
836 		arvif->beacon_buf = NULL;
837 	}
838 }
839 
840 static inline int ath10k_vdev_setup_sync(struct ath10k *ar)
841 {
842 	unsigned long time_left;
843 
844 	lockdep_assert_held(&ar->conf_mutex);
845 
846 	if (test_bit(ATH10K_FLAG_CRASH_FLUSH, &ar->dev_flags))
847 		return -ESHUTDOWN;
848 
849 	time_left = wait_for_completion_timeout(&ar->vdev_setup_done,
850 						ATH10K_VDEV_SETUP_TIMEOUT_HZ);
851 	if (time_left == 0)
852 		return -ETIMEDOUT;
853 
854 	return 0;
855 }
856 
857 static int ath10k_monitor_vdev_start(struct ath10k *ar, int vdev_id)
858 {
859 	struct cfg80211_chan_def *chandef = NULL;
860 	struct ieee80211_channel *channel = NULL;
861 	struct wmi_vdev_start_request_arg arg = {};
862 	int ret = 0;
863 
864 	lockdep_assert_held(&ar->conf_mutex);
865 
866 	ieee80211_iter_chan_contexts_atomic(ar->hw,
867 					    ath10k_mac_get_any_chandef_iter,
868 					    &chandef);
869 	if (WARN_ON_ONCE(!chandef))
870 		return -ENOENT;
871 
872 	channel = chandef->chan;
873 
874 	arg.vdev_id = vdev_id;
875 	arg.channel.freq = channel->center_freq;
876 	arg.channel.band_center_freq1 = chandef->center_freq1;
877 
878 	/* TODO setup this dynamically, what in case we
879 	   don't have any vifs? */
880 	arg.channel.mode = chan_to_phymode(chandef);
881 	arg.channel.chan_radar =
882 			!!(channel->flags & IEEE80211_CHAN_RADAR);
883 
884 	arg.channel.min_power = 0;
885 	arg.channel.max_power = channel->max_power * 2;
886 	arg.channel.max_reg_power = channel->max_reg_power * 2;
887 	arg.channel.max_antenna_gain = channel->max_antenna_gain * 2;
888 
889 	reinit_completion(&ar->vdev_setup_done);
890 
891 	ret = ath10k_wmi_vdev_start(ar, &arg);
892 	if (ret) {
893 		ath10k_warn(ar, "failed to request monitor vdev %i start: %d\n",
894 			    vdev_id, ret);
895 		return ret;
896 	}
897 
898 	ret = ath10k_vdev_setup_sync(ar);
899 	if (ret) {
900 		ath10k_warn(ar, "failed to synchronize setup for monitor vdev %i start: %d\n",
901 			    vdev_id, ret);
902 		return ret;
903 	}
904 
905 	ret = ath10k_wmi_vdev_up(ar, vdev_id, 0, ar->mac_addr);
906 	if (ret) {
907 		ath10k_warn(ar, "failed to put up monitor vdev %i: %d\n",
908 			    vdev_id, ret);
909 		goto vdev_stop;
910 	}
911 
912 	ar->monitor_vdev_id = vdev_id;
913 
914 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i started\n",
915 		   ar->monitor_vdev_id);
916 	return 0;
917 
918 vdev_stop:
919 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
920 	if (ret)
921 		ath10k_warn(ar, "failed to stop monitor vdev %i after start failure: %d\n",
922 			    ar->monitor_vdev_id, ret);
923 
924 	return ret;
925 }
926 
927 static int ath10k_monitor_vdev_stop(struct ath10k *ar)
928 {
929 	int ret = 0;
930 
931 	lockdep_assert_held(&ar->conf_mutex);
932 
933 	ret = ath10k_wmi_vdev_down(ar, ar->monitor_vdev_id);
934 	if (ret)
935 		ath10k_warn(ar, "failed to put down monitor vdev %i: %d\n",
936 			    ar->monitor_vdev_id, ret);
937 
938 	reinit_completion(&ar->vdev_setup_done);
939 
940 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
941 	if (ret)
942 		ath10k_warn(ar, "failed to to request monitor vdev %i stop: %d\n",
943 			    ar->monitor_vdev_id, ret);
944 
945 	ret = ath10k_vdev_setup_sync(ar);
946 	if (ret)
947 		ath10k_warn(ar, "failed to synchronize monitor vdev %i stop: %d\n",
948 			    ar->monitor_vdev_id, ret);
949 
950 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i stopped\n",
951 		   ar->monitor_vdev_id);
952 	return ret;
953 }
954 
955 static int ath10k_monitor_vdev_create(struct ath10k *ar)
956 {
957 	int bit, ret = 0;
958 
959 	lockdep_assert_held(&ar->conf_mutex);
960 
961 	if (ar->free_vdev_map == 0) {
962 		ath10k_warn(ar, "failed to find free vdev id for monitor vdev\n");
963 		return -ENOMEM;
964 	}
965 
966 	bit = __ffs64(ar->free_vdev_map);
967 
968 	ar->monitor_vdev_id = bit;
969 
970 	ret = ath10k_wmi_vdev_create(ar, ar->monitor_vdev_id,
971 				     WMI_VDEV_TYPE_MONITOR,
972 				     0, ar->mac_addr);
973 	if (ret) {
974 		ath10k_warn(ar, "failed to request monitor vdev %i creation: %d\n",
975 			    ar->monitor_vdev_id, ret);
976 		return ret;
977 	}
978 
979 	ar->free_vdev_map &= ~(1LL << ar->monitor_vdev_id);
980 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d created\n",
981 		   ar->monitor_vdev_id);
982 
983 	return 0;
984 }
985 
986 static int ath10k_monitor_vdev_delete(struct ath10k *ar)
987 {
988 	int ret = 0;
989 
990 	lockdep_assert_held(&ar->conf_mutex);
991 
992 	ret = ath10k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
993 	if (ret) {
994 		ath10k_warn(ar, "failed to request wmi monitor vdev %i removal: %d\n",
995 			    ar->monitor_vdev_id, ret);
996 		return ret;
997 	}
998 
999 	ar->free_vdev_map |= 1LL << ar->monitor_vdev_id;
1000 
1001 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d deleted\n",
1002 		   ar->monitor_vdev_id);
1003 	return ret;
1004 }
1005 
1006 static int ath10k_monitor_start(struct ath10k *ar)
1007 {
1008 	int ret;
1009 
1010 	lockdep_assert_held(&ar->conf_mutex);
1011 
1012 	ret = ath10k_monitor_vdev_create(ar);
1013 	if (ret) {
1014 		ath10k_warn(ar, "failed to create monitor vdev: %d\n", ret);
1015 		return ret;
1016 	}
1017 
1018 	ret = ath10k_monitor_vdev_start(ar, ar->monitor_vdev_id);
1019 	if (ret) {
1020 		ath10k_warn(ar, "failed to start monitor vdev: %d\n", ret);
1021 		ath10k_monitor_vdev_delete(ar);
1022 		return ret;
1023 	}
1024 
1025 	ar->monitor_started = true;
1026 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor started\n");
1027 
1028 	return 0;
1029 }
1030 
1031 static int ath10k_monitor_stop(struct ath10k *ar)
1032 {
1033 	int ret;
1034 
1035 	lockdep_assert_held(&ar->conf_mutex);
1036 
1037 	ret = ath10k_monitor_vdev_stop(ar);
1038 	if (ret) {
1039 		ath10k_warn(ar, "failed to stop monitor vdev: %d\n", ret);
1040 		return ret;
1041 	}
1042 
1043 	ret = ath10k_monitor_vdev_delete(ar);
1044 	if (ret) {
1045 		ath10k_warn(ar, "failed to delete monitor vdev: %d\n", ret);
1046 		return ret;
1047 	}
1048 
1049 	ar->monitor_started = false;
1050 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopped\n");
1051 
1052 	return 0;
1053 }
1054 
1055 static bool ath10k_mac_monitor_vdev_is_needed(struct ath10k *ar)
1056 {
1057 	int num_ctx;
1058 
1059 	/* At least one chanctx is required to derive a channel to start
1060 	 * monitor vdev on.
1061 	 */
1062 	num_ctx = ath10k_mac_num_chanctxs(ar);
1063 	if (num_ctx == 0)
1064 		return false;
1065 
1066 	/* If there's already an existing special monitor interface then don't
1067 	 * bother creating another monitor vdev.
1068 	 */
1069 	if (ar->monitor_arvif)
1070 		return false;
1071 
1072 	return ar->monitor ||
1073 	       test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1074 }
1075 
1076 static bool ath10k_mac_monitor_vdev_is_allowed(struct ath10k *ar)
1077 {
1078 	int num_ctx;
1079 
1080 	num_ctx = ath10k_mac_num_chanctxs(ar);
1081 
1082 	/* FIXME: Current interface combinations and cfg80211/mac80211 code
1083 	 * shouldn't allow this but make sure to prevent handling the following
1084 	 * case anyway since multi-channel DFS hasn't been tested at all.
1085 	 */
1086 	if (test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags) && num_ctx > 1)
1087 		return false;
1088 
1089 	return true;
1090 }
1091 
1092 static int ath10k_monitor_recalc(struct ath10k *ar)
1093 {
1094 	bool needed;
1095 	bool allowed;
1096 	int ret;
1097 
1098 	lockdep_assert_held(&ar->conf_mutex);
1099 
1100 	needed = ath10k_mac_monitor_vdev_is_needed(ar);
1101 	allowed = ath10k_mac_monitor_vdev_is_allowed(ar);
1102 
1103 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1104 		   "mac monitor recalc started? %d needed? %d allowed? %d\n",
1105 		   ar->monitor_started, needed, allowed);
1106 
1107 	if (WARN_ON(needed && !allowed)) {
1108 		if (ar->monitor_started) {
1109 			ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopping disallowed monitor\n");
1110 
1111 			ret = ath10k_monitor_stop(ar);
1112 			if (ret)
1113 				ath10k_warn(ar, "failed to stop disallowed monitor: %d\n", ret);
1114 				/* not serious */
1115 		}
1116 
1117 		return -EPERM;
1118 	}
1119 
1120 	if (needed == ar->monitor_started)
1121 		return 0;
1122 
1123 	if (needed)
1124 		return ath10k_monitor_start(ar);
1125 	else
1126 		return ath10k_monitor_stop(ar);
1127 }
1128 
1129 static int ath10k_recalc_rtscts_prot(struct ath10k_vif *arvif)
1130 {
1131 	struct ath10k *ar = arvif->ar;
1132 	u32 vdev_param, rts_cts = 0;
1133 
1134 	lockdep_assert_held(&ar->conf_mutex);
1135 
1136 	vdev_param = ar->wmi.vdev_param->enable_rtscts;
1137 
1138 	rts_cts |= SM(WMI_RTSCTS_ENABLED, WMI_RTSCTS_SET);
1139 
1140 	if (arvif->num_legacy_stations > 0)
1141 		rts_cts |= SM(WMI_RTSCTS_ACROSS_SW_RETRIES,
1142 			      WMI_RTSCTS_PROFILE);
1143 	else
1144 		rts_cts |= SM(WMI_RTSCTS_FOR_SECOND_RATESERIES,
1145 			      WMI_RTSCTS_PROFILE);
1146 
1147 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
1148 					 rts_cts);
1149 }
1150 
1151 static int ath10k_start_cac(struct ath10k *ar)
1152 {
1153 	int ret;
1154 
1155 	lockdep_assert_held(&ar->conf_mutex);
1156 
1157 	set_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1158 
1159 	ret = ath10k_monitor_recalc(ar);
1160 	if (ret) {
1161 		ath10k_warn(ar, "failed to start monitor (cac): %d\n", ret);
1162 		clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1163 		return ret;
1164 	}
1165 
1166 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac start monitor vdev %d\n",
1167 		   ar->monitor_vdev_id);
1168 
1169 	return 0;
1170 }
1171 
1172 static int ath10k_stop_cac(struct ath10k *ar)
1173 {
1174 	lockdep_assert_held(&ar->conf_mutex);
1175 
1176 	/* CAC is not running - do nothing */
1177 	if (!test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags))
1178 		return 0;
1179 
1180 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
1181 	ath10k_monitor_stop(ar);
1182 
1183 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac finished\n");
1184 
1185 	return 0;
1186 }
1187 
1188 static void ath10k_mac_has_radar_iter(struct ieee80211_hw *hw,
1189 				      struct ieee80211_chanctx_conf *conf,
1190 				      void *data)
1191 {
1192 	bool *ret = data;
1193 
1194 	if (!*ret && conf->radar_enabled)
1195 		*ret = true;
1196 }
1197 
1198 static bool ath10k_mac_has_radar_enabled(struct ath10k *ar)
1199 {
1200 	bool has_radar = false;
1201 
1202 	ieee80211_iter_chan_contexts_atomic(ar->hw,
1203 					    ath10k_mac_has_radar_iter,
1204 					    &has_radar);
1205 
1206 	return has_radar;
1207 }
1208 
1209 static void ath10k_recalc_radar_detection(struct ath10k *ar)
1210 {
1211 	int ret;
1212 
1213 	lockdep_assert_held(&ar->conf_mutex);
1214 
1215 	ath10k_stop_cac(ar);
1216 
1217 	if (!ath10k_mac_has_radar_enabled(ar))
1218 		return;
1219 
1220 	if (ar->num_started_vdevs > 0)
1221 		return;
1222 
1223 	ret = ath10k_start_cac(ar);
1224 	if (ret) {
1225 		/*
1226 		 * Not possible to start CAC on current channel so starting
1227 		 * radiation is not allowed, make this channel DFS_UNAVAILABLE
1228 		 * by indicating that radar was detected.
1229 		 */
1230 		ath10k_warn(ar, "failed to start CAC: %d\n", ret);
1231 		ieee80211_radar_detected(ar->hw);
1232 	}
1233 }
1234 
1235 static int ath10k_vdev_stop(struct ath10k_vif *arvif)
1236 {
1237 	struct ath10k *ar = arvif->ar;
1238 	int ret;
1239 
1240 	lockdep_assert_held(&ar->conf_mutex);
1241 
1242 	reinit_completion(&ar->vdev_setup_done);
1243 
1244 	ret = ath10k_wmi_vdev_stop(ar, arvif->vdev_id);
1245 	if (ret) {
1246 		ath10k_warn(ar, "failed to stop WMI vdev %i: %d\n",
1247 			    arvif->vdev_id, ret);
1248 		return ret;
1249 	}
1250 
1251 	ret = ath10k_vdev_setup_sync(ar);
1252 	if (ret) {
1253 		ath10k_warn(ar, "failed to syncronise setup for vdev %i: %d\n",
1254 			    arvif->vdev_id, ret);
1255 		return ret;
1256 	}
1257 
1258 	WARN_ON(ar->num_started_vdevs == 0);
1259 
1260 	if (ar->num_started_vdevs != 0) {
1261 		ar->num_started_vdevs--;
1262 		ath10k_recalc_radar_detection(ar);
1263 	}
1264 
1265 	return ret;
1266 }
1267 
1268 static int ath10k_vdev_start_restart(struct ath10k_vif *arvif,
1269 				     const struct cfg80211_chan_def *chandef,
1270 				     bool restart)
1271 {
1272 	struct ath10k *ar = arvif->ar;
1273 	struct wmi_vdev_start_request_arg arg = {};
1274 	int ret = 0;
1275 
1276 	lockdep_assert_held(&ar->conf_mutex);
1277 
1278 	reinit_completion(&ar->vdev_setup_done);
1279 
1280 	arg.vdev_id = arvif->vdev_id;
1281 	arg.dtim_period = arvif->dtim_period;
1282 	arg.bcn_intval = arvif->beacon_interval;
1283 
1284 	arg.channel.freq = chandef->chan->center_freq;
1285 	arg.channel.band_center_freq1 = chandef->center_freq1;
1286 	arg.channel.mode = chan_to_phymode(chandef);
1287 
1288 	arg.channel.min_power = 0;
1289 	arg.channel.max_power = chandef->chan->max_power * 2;
1290 	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
1291 	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain * 2;
1292 
1293 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
1294 		arg.ssid = arvif->u.ap.ssid;
1295 		arg.ssid_len = arvif->u.ap.ssid_len;
1296 		arg.hidden_ssid = arvif->u.ap.hidden_ssid;
1297 
1298 		/* For now allow DFS for AP mode */
1299 		arg.channel.chan_radar =
1300 			!!(chandef->chan->flags & IEEE80211_CHAN_RADAR);
1301 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
1302 		arg.ssid = arvif->vif->bss_conf.ssid;
1303 		arg.ssid_len = arvif->vif->bss_conf.ssid_len;
1304 	}
1305 
1306 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1307 		   "mac vdev %d start center_freq %d phymode %s\n",
1308 		   arg.vdev_id, arg.channel.freq,
1309 		   ath10k_wmi_phymode_str(arg.channel.mode));
1310 
1311 	if (restart)
1312 		ret = ath10k_wmi_vdev_restart(ar, &arg);
1313 	else
1314 		ret = ath10k_wmi_vdev_start(ar, &arg);
1315 
1316 	if (ret) {
1317 		ath10k_warn(ar, "failed to start WMI vdev %i: %d\n",
1318 			    arg.vdev_id, ret);
1319 		return ret;
1320 	}
1321 
1322 	ret = ath10k_vdev_setup_sync(ar);
1323 	if (ret) {
1324 		ath10k_warn(ar,
1325 			    "failed to synchronize setup for vdev %i restart %d: %d\n",
1326 			    arg.vdev_id, restart, ret);
1327 		return ret;
1328 	}
1329 
1330 	ar->num_started_vdevs++;
1331 	ath10k_recalc_radar_detection(ar);
1332 
1333 	return ret;
1334 }
1335 
1336 static int ath10k_vdev_start(struct ath10k_vif *arvif,
1337 			     const struct cfg80211_chan_def *def)
1338 {
1339 	return ath10k_vdev_start_restart(arvif, def, false);
1340 }
1341 
1342 static int ath10k_vdev_restart(struct ath10k_vif *arvif,
1343 			       const struct cfg80211_chan_def *def)
1344 {
1345 	return ath10k_vdev_start_restart(arvif, def, true);
1346 }
1347 
1348 static int ath10k_mac_setup_bcn_p2p_ie(struct ath10k_vif *arvif,
1349 				       struct sk_buff *bcn)
1350 {
1351 	struct ath10k *ar = arvif->ar;
1352 	struct ieee80211_mgmt *mgmt;
1353 	const u8 *p2p_ie;
1354 	int ret;
1355 
1356 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1357 		return 0;
1358 
1359 	if (arvif->vdev_subtype != WMI_VDEV_SUBTYPE_P2P_GO)
1360 		return 0;
1361 
1362 	mgmt = (void *)bcn->data;
1363 	p2p_ie = cfg80211_find_vendor_ie(WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1364 					 mgmt->u.beacon.variable,
1365 					 bcn->len - (mgmt->u.beacon.variable -
1366 						     bcn->data));
1367 	if (!p2p_ie)
1368 		return -ENOENT;
1369 
1370 	ret = ath10k_wmi_p2p_go_bcn_ie(ar, arvif->vdev_id, p2p_ie);
1371 	if (ret) {
1372 		ath10k_warn(ar, "failed to submit p2p go bcn ie for vdev %i: %d\n",
1373 			    arvif->vdev_id, ret);
1374 		return ret;
1375 	}
1376 
1377 	return 0;
1378 }
1379 
1380 static int ath10k_mac_remove_vendor_ie(struct sk_buff *skb, unsigned int oui,
1381 				       u8 oui_type, size_t ie_offset)
1382 {
1383 	size_t len;
1384 	const u8 *next;
1385 	const u8 *end;
1386 	u8 *ie;
1387 
1388 	if (WARN_ON(skb->len < ie_offset))
1389 		return -EINVAL;
1390 
1391 	ie = (u8 *)cfg80211_find_vendor_ie(oui, oui_type,
1392 					   skb->data + ie_offset,
1393 					   skb->len - ie_offset);
1394 	if (!ie)
1395 		return -ENOENT;
1396 
1397 	len = ie[1] + 2;
1398 	end = skb->data + skb->len;
1399 	next = ie + len;
1400 
1401 	if (WARN_ON(next > end))
1402 		return -EINVAL;
1403 
1404 	memmove(ie, next, end - next);
1405 	skb_trim(skb, skb->len - len);
1406 
1407 	return 0;
1408 }
1409 
1410 static int ath10k_mac_setup_bcn_tmpl(struct ath10k_vif *arvif)
1411 {
1412 	struct ath10k *ar = arvif->ar;
1413 	struct ieee80211_hw *hw = ar->hw;
1414 	struct ieee80211_vif *vif = arvif->vif;
1415 	struct ieee80211_mutable_offsets offs = {};
1416 	struct sk_buff *bcn;
1417 	int ret;
1418 
1419 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1420 		return 0;
1421 
1422 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
1423 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
1424 		return 0;
1425 
1426 	bcn = ieee80211_beacon_get_template(hw, vif, &offs);
1427 	if (!bcn) {
1428 		ath10k_warn(ar, "failed to get beacon template from mac80211\n");
1429 		return -EPERM;
1430 	}
1431 
1432 	ret = ath10k_mac_setup_bcn_p2p_ie(arvif, bcn);
1433 	if (ret) {
1434 		ath10k_warn(ar, "failed to setup p2p go bcn ie: %d\n", ret);
1435 		kfree_skb(bcn);
1436 		return ret;
1437 	}
1438 
1439 	/* P2P IE is inserted by firmware automatically (as configured above)
1440 	 * so remove it from the base beacon template to avoid duplicate P2P
1441 	 * IEs in beacon frames.
1442 	 */
1443 	ath10k_mac_remove_vendor_ie(bcn, WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P,
1444 				    offsetof(struct ieee80211_mgmt,
1445 					     u.beacon.variable));
1446 
1447 	ret = ath10k_wmi_bcn_tmpl(ar, arvif->vdev_id, offs.tim_offset, bcn, 0,
1448 				  0, NULL, 0);
1449 	kfree_skb(bcn);
1450 
1451 	if (ret) {
1452 		ath10k_warn(ar, "failed to submit beacon template command: %d\n",
1453 			    ret);
1454 		return ret;
1455 	}
1456 
1457 	return 0;
1458 }
1459 
1460 static int ath10k_mac_setup_prb_tmpl(struct ath10k_vif *arvif)
1461 {
1462 	struct ath10k *ar = arvif->ar;
1463 	struct ieee80211_hw *hw = ar->hw;
1464 	struct ieee80211_vif *vif = arvif->vif;
1465 	struct sk_buff *prb;
1466 	int ret;
1467 
1468 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1469 		return 0;
1470 
1471 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1472 		return 0;
1473 
1474 	prb = ieee80211_proberesp_get(hw, vif);
1475 	if (!prb) {
1476 		ath10k_warn(ar, "failed to get probe resp template from mac80211\n");
1477 		return -EPERM;
1478 	}
1479 
1480 	ret = ath10k_wmi_prb_tmpl(ar, arvif->vdev_id, prb);
1481 	kfree_skb(prb);
1482 
1483 	if (ret) {
1484 		ath10k_warn(ar, "failed to submit probe resp template command: %d\n",
1485 			    ret);
1486 		return ret;
1487 	}
1488 
1489 	return 0;
1490 }
1491 
1492 static int ath10k_mac_vif_fix_hidden_ssid(struct ath10k_vif *arvif)
1493 {
1494 	struct ath10k *ar = arvif->ar;
1495 	struct cfg80211_chan_def def;
1496 	int ret;
1497 
1498 	/* When originally vdev is started during assign_vif_chanctx() some
1499 	 * information is missing, notably SSID. Firmware revisions with beacon
1500 	 * offloading require the SSID to be provided during vdev (re)start to
1501 	 * handle hidden SSID properly.
1502 	 *
1503 	 * Vdev restart must be done after vdev has been both started and
1504 	 * upped. Otherwise some firmware revisions (at least 10.2) fail to
1505 	 * deliver vdev restart response event causing timeouts during vdev
1506 	 * syncing in ath10k.
1507 	 *
1508 	 * Note: The vdev down/up and template reinstallation could be skipped
1509 	 * since only wmi-tlv firmware are known to have beacon offload and
1510 	 * wmi-tlv doesn't seem to misbehave like 10.2 wrt vdev restart
1511 	 * response delivery. It's probably more robust to keep it as is.
1512 	 */
1513 	if (!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map))
1514 		return 0;
1515 
1516 	if (WARN_ON(!arvif->is_started))
1517 		return -EINVAL;
1518 
1519 	if (WARN_ON(!arvif->is_up))
1520 		return -EINVAL;
1521 
1522 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
1523 		return -EINVAL;
1524 
1525 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1526 	if (ret) {
1527 		ath10k_warn(ar, "failed to bring down ap vdev %i: %d\n",
1528 			    arvif->vdev_id, ret);
1529 		return ret;
1530 	}
1531 
1532 	/* Vdev down reset beacon & presp templates. Reinstall them. Otherwise
1533 	 * firmware will crash upon vdev up.
1534 	 */
1535 
1536 	ret = ath10k_mac_setup_bcn_tmpl(arvif);
1537 	if (ret) {
1538 		ath10k_warn(ar, "failed to update beacon template: %d\n", ret);
1539 		return ret;
1540 	}
1541 
1542 	ret = ath10k_mac_setup_prb_tmpl(arvif);
1543 	if (ret) {
1544 		ath10k_warn(ar, "failed to update presp template: %d\n", ret);
1545 		return ret;
1546 	}
1547 
1548 	ret = ath10k_vdev_restart(arvif, &def);
1549 	if (ret) {
1550 		ath10k_warn(ar, "failed to restart ap vdev %i: %d\n",
1551 			    arvif->vdev_id, ret);
1552 		return ret;
1553 	}
1554 
1555 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1556 				 arvif->bssid);
1557 	if (ret) {
1558 		ath10k_warn(ar, "failed to bring up ap vdev %i: %d\n",
1559 			    arvif->vdev_id, ret);
1560 		return ret;
1561 	}
1562 
1563 	return 0;
1564 }
1565 
1566 static void ath10k_control_beaconing(struct ath10k_vif *arvif,
1567 				     struct ieee80211_bss_conf *info)
1568 {
1569 	struct ath10k *ar = arvif->ar;
1570 	int ret = 0;
1571 
1572 	lockdep_assert_held(&arvif->ar->conf_mutex);
1573 
1574 	if (!info->enable_beacon) {
1575 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1576 		if (ret)
1577 			ath10k_warn(ar, "failed to down vdev_id %i: %d\n",
1578 				    arvif->vdev_id, ret);
1579 
1580 		arvif->is_up = false;
1581 
1582 		spin_lock_bh(&arvif->ar->data_lock);
1583 		ath10k_mac_vif_beacon_free(arvif);
1584 		spin_unlock_bh(&arvif->ar->data_lock);
1585 
1586 		return;
1587 	}
1588 
1589 	arvif->tx_seq_no = 0x1000;
1590 
1591 	arvif->aid = 0;
1592 	ether_addr_copy(arvif->bssid, info->bssid);
1593 
1594 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
1595 				 arvif->bssid);
1596 	if (ret) {
1597 		ath10k_warn(ar, "failed to bring up vdev %d: %i\n",
1598 			    arvif->vdev_id, ret);
1599 		return;
1600 	}
1601 
1602 	arvif->is_up = true;
1603 
1604 	ret = ath10k_mac_vif_fix_hidden_ssid(arvif);
1605 	if (ret) {
1606 		ath10k_warn(ar, "failed to fix hidden ssid for vdev %i, expect trouble: %d\n",
1607 			    arvif->vdev_id, ret);
1608 		return;
1609 	}
1610 
1611 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d up\n", arvif->vdev_id);
1612 }
1613 
1614 static void ath10k_control_ibss(struct ath10k_vif *arvif,
1615 				struct ieee80211_bss_conf *info,
1616 				const u8 self_peer[ETH_ALEN])
1617 {
1618 	struct ath10k *ar = arvif->ar;
1619 	u32 vdev_param;
1620 	int ret = 0;
1621 
1622 	lockdep_assert_held(&arvif->ar->conf_mutex);
1623 
1624 	if (!info->ibss_joined) {
1625 		if (is_zero_ether_addr(arvif->bssid))
1626 			return;
1627 
1628 		eth_zero_addr(arvif->bssid);
1629 
1630 		return;
1631 	}
1632 
1633 	vdev_param = arvif->ar->wmi.vdev_param->atim_window;
1634 	ret = ath10k_wmi_vdev_set_param(arvif->ar, arvif->vdev_id, vdev_param,
1635 					ATH10K_DEFAULT_ATIM);
1636 	if (ret)
1637 		ath10k_warn(ar, "failed to set IBSS ATIM for vdev %d: %d\n",
1638 			    arvif->vdev_id, ret);
1639 }
1640 
1641 static int ath10k_mac_vif_recalc_ps_wake_threshold(struct ath10k_vif *arvif)
1642 {
1643 	struct ath10k *ar = arvif->ar;
1644 	u32 param;
1645 	u32 value;
1646 	int ret;
1647 
1648 	lockdep_assert_held(&arvif->ar->conf_mutex);
1649 
1650 	if (arvif->u.sta.uapsd)
1651 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_NEVER;
1652 	else
1653 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_ALWAYS;
1654 
1655 	param = WMI_STA_PS_PARAM_TX_WAKE_THRESHOLD;
1656 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param, value);
1657 	if (ret) {
1658 		ath10k_warn(ar, "failed to submit ps wake threshold %u on vdev %i: %d\n",
1659 			    value, arvif->vdev_id, ret);
1660 		return ret;
1661 	}
1662 
1663 	return 0;
1664 }
1665 
1666 static int ath10k_mac_vif_recalc_ps_poll_count(struct ath10k_vif *arvif)
1667 {
1668 	struct ath10k *ar = arvif->ar;
1669 	u32 param;
1670 	u32 value;
1671 	int ret;
1672 
1673 	lockdep_assert_held(&arvif->ar->conf_mutex);
1674 
1675 	if (arvif->u.sta.uapsd)
1676 		value = WMI_STA_PS_PSPOLL_COUNT_UAPSD;
1677 	else
1678 		value = WMI_STA_PS_PSPOLL_COUNT_NO_MAX;
1679 
1680 	param = WMI_STA_PS_PARAM_PSPOLL_COUNT;
1681 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
1682 					  param, value);
1683 	if (ret) {
1684 		ath10k_warn(ar, "failed to submit ps poll count %u on vdev %i: %d\n",
1685 			    value, arvif->vdev_id, ret);
1686 		return ret;
1687 	}
1688 
1689 	return 0;
1690 }
1691 
1692 static int ath10k_mac_num_vifs_started(struct ath10k *ar)
1693 {
1694 	struct ath10k_vif *arvif;
1695 	int num = 0;
1696 
1697 	lockdep_assert_held(&ar->conf_mutex);
1698 
1699 	list_for_each_entry(arvif, &ar->arvifs, list)
1700 		if (arvif->is_started)
1701 			num++;
1702 
1703 	return num;
1704 }
1705 
1706 static int ath10k_mac_vif_setup_ps(struct ath10k_vif *arvif)
1707 {
1708 	struct ath10k *ar = arvif->ar;
1709 	struct ieee80211_vif *vif = arvif->vif;
1710 	struct ieee80211_conf *conf = &ar->hw->conf;
1711 	enum wmi_sta_powersave_param param;
1712 	enum wmi_sta_ps_mode psmode;
1713 	int ret;
1714 	int ps_timeout;
1715 	bool enable_ps;
1716 
1717 	lockdep_assert_held(&arvif->ar->conf_mutex);
1718 
1719 	if (arvif->vif->type != NL80211_IFTYPE_STATION)
1720 		return 0;
1721 
1722 	enable_ps = arvif->ps;
1723 
1724 	if (enable_ps && ath10k_mac_num_vifs_started(ar) > 1 &&
1725 	    !test_bit(ATH10K_FW_FEATURE_MULTI_VIF_PS_SUPPORT,
1726 		      ar->fw_features)) {
1727 		ath10k_warn(ar, "refusing to enable ps on vdev %i: not supported by fw\n",
1728 			    arvif->vdev_id);
1729 		enable_ps = false;
1730 	}
1731 
1732 	if (!arvif->is_started) {
1733 		/* mac80211 can update vif powersave state while disconnected.
1734 		 * Firmware doesn't behave nicely and consumes more power than
1735 		 * necessary if PS is disabled on a non-started vdev. Hence
1736 		 * force-enable PS for non-running vdevs.
1737 		 */
1738 		psmode = WMI_STA_PS_MODE_ENABLED;
1739 	} else if (enable_ps) {
1740 		psmode = WMI_STA_PS_MODE_ENABLED;
1741 		param = WMI_STA_PS_PARAM_INACTIVITY_TIME;
1742 
1743 		ps_timeout = conf->dynamic_ps_timeout;
1744 		if (ps_timeout == 0) {
1745 			/* Firmware doesn't like 0 */
1746 			ps_timeout = ieee80211_tu_to_usec(
1747 				vif->bss_conf.beacon_int) / 1000;
1748 		}
1749 
1750 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param,
1751 						  ps_timeout);
1752 		if (ret) {
1753 			ath10k_warn(ar, "failed to set inactivity time for vdev %d: %i\n",
1754 				    arvif->vdev_id, ret);
1755 			return ret;
1756 		}
1757 	} else {
1758 		psmode = WMI_STA_PS_MODE_DISABLED;
1759 	}
1760 
1761 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d psmode %s\n",
1762 		   arvif->vdev_id, psmode ? "enable" : "disable");
1763 
1764 	ret = ath10k_wmi_set_psmode(ar, arvif->vdev_id, psmode);
1765 	if (ret) {
1766 		ath10k_warn(ar, "failed to set PS Mode %d for vdev %d: %d\n",
1767 			    psmode, arvif->vdev_id, ret);
1768 		return ret;
1769 	}
1770 
1771 	return 0;
1772 }
1773 
1774 static int ath10k_mac_vif_disable_keepalive(struct ath10k_vif *arvif)
1775 {
1776 	struct ath10k *ar = arvif->ar;
1777 	struct wmi_sta_keepalive_arg arg = {};
1778 	int ret;
1779 
1780 	lockdep_assert_held(&arvif->ar->conf_mutex);
1781 
1782 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
1783 		return 0;
1784 
1785 	if (!test_bit(WMI_SERVICE_STA_KEEP_ALIVE, ar->wmi.svc_map))
1786 		return 0;
1787 
1788 	/* Some firmware revisions have a bug and ignore the `enabled` field.
1789 	 * Instead use the interval to disable the keepalive.
1790 	 */
1791 	arg.vdev_id = arvif->vdev_id;
1792 	arg.enabled = 1;
1793 	arg.method = WMI_STA_KEEPALIVE_METHOD_NULL_FRAME;
1794 	arg.interval = WMI_STA_KEEPALIVE_INTERVAL_DISABLE;
1795 
1796 	ret = ath10k_wmi_sta_keepalive(ar, &arg);
1797 	if (ret) {
1798 		ath10k_warn(ar, "failed to submit keepalive on vdev %i: %d\n",
1799 			    arvif->vdev_id, ret);
1800 		return ret;
1801 	}
1802 
1803 	return 0;
1804 }
1805 
1806 static void ath10k_mac_vif_ap_csa_count_down(struct ath10k_vif *arvif)
1807 {
1808 	struct ath10k *ar = arvif->ar;
1809 	struct ieee80211_vif *vif = arvif->vif;
1810 	int ret;
1811 
1812 	lockdep_assert_held(&arvif->ar->conf_mutex);
1813 
1814 	if (WARN_ON(!test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)))
1815 		return;
1816 
1817 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
1818 		return;
1819 
1820 	if (!vif->csa_active)
1821 		return;
1822 
1823 	if (!arvif->is_up)
1824 		return;
1825 
1826 	if (!ieee80211_csa_is_complete(vif)) {
1827 		ieee80211_csa_update_counter(vif);
1828 
1829 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
1830 		if (ret)
1831 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
1832 				    ret);
1833 
1834 		ret = ath10k_mac_setup_prb_tmpl(arvif);
1835 		if (ret)
1836 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
1837 				    ret);
1838 	} else {
1839 		ieee80211_csa_finish(vif);
1840 	}
1841 }
1842 
1843 static void ath10k_mac_vif_ap_csa_work(struct work_struct *work)
1844 {
1845 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
1846 						ap_csa_work);
1847 	struct ath10k *ar = arvif->ar;
1848 
1849 	mutex_lock(&ar->conf_mutex);
1850 	ath10k_mac_vif_ap_csa_count_down(arvif);
1851 	mutex_unlock(&ar->conf_mutex);
1852 }
1853 
1854 static void ath10k_mac_handle_beacon_iter(void *data, u8 *mac,
1855 					  struct ieee80211_vif *vif)
1856 {
1857 	struct sk_buff *skb = data;
1858 	struct ieee80211_mgmt *mgmt = (void *)skb->data;
1859 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1860 
1861 	if (vif->type != NL80211_IFTYPE_STATION)
1862 		return;
1863 
1864 	if (!ether_addr_equal(mgmt->bssid, vif->bss_conf.bssid))
1865 		return;
1866 
1867 	cancel_delayed_work(&arvif->connection_loss_work);
1868 }
1869 
1870 void ath10k_mac_handle_beacon(struct ath10k *ar, struct sk_buff *skb)
1871 {
1872 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
1873 						   IEEE80211_IFACE_ITER_NORMAL,
1874 						   ath10k_mac_handle_beacon_iter,
1875 						   skb);
1876 }
1877 
1878 static void ath10k_mac_handle_beacon_miss_iter(void *data, u8 *mac,
1879 					       struct ieee80211_vif *vif)
1880 {
1881 	u32 *vdev_id = data;
1882 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1883 	struct ath10k *ar = arvif->ar;
1884 	struct ieee80211_hw *hw = ar->hw;
1885 
1886 	if (arvif->vdev_id != *vdev_id)
1887 		return;
1888 
1889 	if (!arvif->is_up)
1890 		return;
1891 
1892 	ieee80211_beacon_loss(vif);
1893 
1894 	/* Firmware doesn't report beacon loss events repeatedly. If AP probe
1895 	 * (done by mac80211) succeeds but beacons do not resume then it
1896 	 * doesn't make sense to continue operation. Queue connection loss work
1897 	 * which can be cancelled when beacon is received.
1898 	 */
1899 	ieee80211_queue_delayed_work(hw, &arvif->connection_loss_work,
1900 				     ATH10K_CONNECTION_LOSS_HZ);
1901 }
1902 
1903 void ath10k_mac_handle_beacon_miss(struct ath10k *ar, u32 vdev_id)
1904 {
1905 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
1906 						   IEEE80211_IFACE_ITER_NORMAL,
1907 						   ath10k_mac_handle_beacon_miss_iter,
1908 						   &vdev_id);
1909 }
1910 
1911 static void ath10k_mac_vif_sta_connection_loss_work(struct work_struct *work)
1912 {
1913 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
1914 						connection_loss_work.work);
1915 	struct ieee80211_vif *vif = arvif->vif;
1916 
1917 	if (!arvif->is_up)
1918 		return;
1919 
1920 	ieee80211_connection_loss(vif);
1921 }
1922 
1923 /**********************/
1924 /* Station management */
1925 /**********************/
1926 
1927 static u32 ath10k_peer_assoc_h_listen_intval(struct ath10k *ar,
1928 					     struct ieee80211_vif *vif)
1929 {
1930 	/* Some firmware revisions have unstable STA powersave when listen
1931 	 * interval is set too high (e.g. 5). The symptoms are firmware doesn't
1932 	 * generate NullFunc frames properly even if buffered frames have been
1933 	 * indicated in Beacon TIM. Firmware would seldom wake up to pull
1934 	 * buffered frames. Often pinging the device from AP would simply fail.
1935 	 *
1936 	 * As a workaround set it to 1.
1937 	 */
1938 	if (vif->type == NL80211_IFTYPE_STATION)
1939 		return 1;
1940 
1941 	return ar->hw->conf.listen_interval;
1942 }
1943 
1944 static void ath10k_peer_assoc_h_basic(struct ath10k *ar,
1945 				      struct ieee80211_vif *vif,
1946 				      struct ieee80211_sta *sta,
1947 				      struct wmi_peer_assoc_complete_arg *arg)
1948 {
1949 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1950 	u32 aid;
1951 
1952 	lockdep_assert_held(&ar->conf_mutex);
1953 
1954 	if (vif->type == NL80211_IFTYPE_STATION)
1955 		aid = vif->bss_conf.aid;
1956 	else
1957 		aid = sta->aid;
1958 
1959 	ether_addr_copy(arg->addr, sta->addr);
1960 	arg->vdev_id = arvif->vdev_id;
1961 	arg->peer_aid = aid;
1962 	arg->peer_flags |= WMI_PEER_AUTH;
1963 	arg->peer_listen_intval = ath10k_peer_assoc_h_listen_intval(ar, vif);
1964 	arg->peer_num_spatial_streams = 1;
1965 	arg->peer_caps = vif->bss_conf.assoc_capability;
1966 }
1967 
1968 static void ath10k_peer_assoc_h_crypto(struct ath10k *ar,
1969 				       struct ieee80211_vif *vif,
1970 				       struct wmi_peer_assoc_complete_arg *arg)
1971 {
1972 	struct ieee80211_bss_conf *info = &vif->bss_conf;
1973 	struct cfg80211_chan_def def;
1974 	struct cfg80211_bss *bss;
1975 	const u8 *rsnie = NULL;
1976 	const u8 *wpaie = NULL;
1977 
1978 	lockdep_assert_held(&ar->conf_mutex);
1979 
1980 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
1981 		return;
1982 
1983 	bss = cfg80211_get_bss(ar->hw->wiphy, def.chan, info->bssid, NULL, 0,
1984 			       IEEE80211_BSS_TYPE_ANY, IEEE80211_PRIVACY_ANY);
1985 	if (bss) {
1986 		const struct cfg80211_bss_ies *ies;
1987 
1988 		rcu_read_lock();
1989 		rsnie = ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
1990 
1991 		ies = rcu_dereference(bss->ies);
1992 
1993 		wpaie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
1994 						WLAN_OUI_TYPE_MICROSOFT_WPA,
1995 						ies->data,
1996 						ies->len);
1997 		rcu_read_unlock();
1998 		cfg80211_put_bss(ar->hw->wiphy, bss);
1999 	}
2000 
2001 	/* FIXME: base on RSN IE/WPA IE is a correct idea? */
2002 	if (rsnie || wpaie) {
2003 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: rsn ie found\n", __func__);
2004 		arg->peer_flags |= WMI_PEER_NEED_PTK_4_WAY;
2005 	}
2006 
2007 	if (wpaie) {
2008 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: wpa ie found\n", __func__);
2009 		arg->peer_flags |= WMI_PEER_NEED_GTK_2_WAY;
2010 	}
2011 }
2012 
2013 static void ath10k_peer_assoc_h_rates(struct ath10k *ar,
2014 				      struct ieee80211_vif *vif,
2015 				      struct ieee80211_sta *sta,
2016 				      struct wmi_peer_assoc_complete_arg *arg)
2017 {
2018 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2019 	struct wmi_rate_set_arg *rateset = &arg->peer_legacy_rates;
2020 	struct cfg80211_chan_def def;
2021 	const struct ieee80211_supported_band *sband;
2022 	const struct ieee80211_rate *rates;
2023 	enum ieee80211_band band;
2024 	u32 ratemask;
2025 	u8 rate;
2026 	int i;
2027 
2028 	lockdep_assert_held(&ar->conf_mutex);
2029 
2030 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2031 		return;
2032 
2033 	band = def.chan->band;
2034 	sband = ar->hw->wiphy->bands[band];
2035 	ratemask = sta->supp_rates[band];
2036 	ratemask &= arvif->bitrate_mask.control[band].legacy;
2037 	rates = sband->bitrates;
2038 
2039 	rateset->num_rates = 0;
2040 
2041 	for (i = 0; i < 32; i++, ratemask >>= 1, rates++) {
2042 		if (!(ratemask & 1))
2043 			continue;
2044 
2045 		rate = ath10k_mac_bitrate_to_rate(rates->bitrate);
2046 		rateset->rates[rateset->num_rates] = rate;
2047 		rateset->num_rates++;
2048 	}
2049 }
2050 
2051 static bool
2052 ath10k_peer_assoc_h_ht_masked(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
2053 {
2054 	int nss;
2055 
2056 	for (nss = 0; nss < IEEE80211_HT_MCS_MASK_LEN; nss++)
2057 		if (ht_mcs_mask[nss])
2058 			return false;
2059 
2060 	return true;
2061 }
2062 
2063 static bool
2064 ath10k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
2065 {
2066 	int nss;
2067 
2068 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++)
2069 		if (vht_mcs_mask[nss])
2070 			return false;
2071 
2072 	return true;
2073 }
2074 
2075 static void ath10k_peer_assoc_h_ht(struct ath10k *ar,
2076 				   struct ieee80211_vif *vif,
2077 				   struct ieee80211_sta *sta,
2078 				   struct wmi_peer_assoc_complete_arg *arg)
2079 {
2080 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->ht_cap;
2081 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2082 	struct cfg80211_chan_def def;
2083 	enum ieee80211_band band;
2084 	const u8 *ht_mcs_mask;
2085 	const u16 *vht_mcs_mask;
2086 	int i, n, max_nss;
2087 	u32 stbc;
2088 
2089 	lockdep_assert_held(&ar->conf_mutex);
2090 
2091 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2092 		return;
2093 
2094 	if (!ht_cap->ht_supported)
2095 		return;
2096 
2097 	band = def.chan->band;
2098 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2099 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2100 
2101 	if (ath10k_peer_assoc_h_ht_masked(ht_mcs_mask) &&
2102 	    ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2103 		return;
2104 
2105 	arg->peer_flags |= WMI_PEER_HT;
2106 	arg->peer_max_mpdu = (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2107 				    ht_cap->ampdu_factor)) - 1;
2108 
2109 	arg->peer_mpdu_density =
2110 		ath10k_parse_mpdudensity(ht_cap->ampdu_density);
2111 
2112 	arg->peer_ht_caps = ht_cap->cap;
2113 	arg->peer_rate_caps |= WMI_RC_HT_FLAG;
2114 
2115 	if (ht_cap->cap & IEEE80211_HT_CAP_LDPC_CODING)
2116 		arg->peer_flags |= WMI_PEER_LDPC;
2117 
2118 	if (sta->bandwidth >= IEEE80211_STA_RX_BW_40) {
2119 		arg->peer_flags |= WMI_PEER_40MHZ;
2120 		arg->peer_rate_caps |= WMI_RC_CW40_FLAG;
2121 	}
2122 
2123 	if (arvif->bitrate_mask.control[band].gi != NL80211_TXRATE_FORCE_LGI) {
2124 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_20)
2125 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2126 
2127 		if (ht_cap->cap & IEEE80211_HT_CAP_SGI_40)
2128 			arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
2129 	}
2130 
2131 	if (ht_cap->cap & IEEE80211_HT_CAP_TX_STBC) {
2132 		arg->peer_rate_caps |= WMI_RC_TX_STBC_FLAG;
2133 		arg->peer_flags |= WMI_PEER_STBC;
2134 	}
2135 
2136 	if (ht_cap->cap & IEEE80211_HT_CAP_RX_STBC) {
2137 		stbc = ht_cap->cap & IEEE80211_HT_CAP_RX_STBC;
2138 		stbc = stbc >> IEEE80211_HT_CAP_RX_STBC_SHIFT;
2139 		stbc = stbc << WMI_RC_RX_STBC_FLAG_S;
2140 		arg->peer_rate_caps |= stbc;
2141 		arg->peer_flags |= WMI_PEER_STBC;
2142 	}
2143 
2144 	if (ht_cap->mcs.rx_mask[1] && ht_cap->mcs.rx_mask[2])
2145 		arg->peer_rate_caps |= WMI_RC_TS_FLAG;
2146 	else if (ht_cap->mcs.rx_mask[1])
2147 		arg->peer_rate_caps |= WMI_RC_DS_FLAG;
2148 
2149 	for (i = 0, n = 0, max_nss = 0; i < IEEE80211_HT_MCS_MASK_LEN * 8; i++)
2150 		if ((ht_cap->mcs.rx_mask[i / 8] & BIT(i % 8)) &&
2151 		    (ht_mcs_mask[i / 8] & BIT(i % 8))) {
2152 			max_nss = (i / 8) + 1;
2153 			arg->peer_ht_rates.rates[n++] = i;
2154 		}
2155 
2156 	/*
2157 	 * This is a workaround for HT-enabled STAs which break the spec
2158 	 * and have no HT capabilities RX mask (no HT RX MCS map).
2159 	 *
2160 	 * As per spec, in section 20.3.5 Modulation and coding scheme (MCS),
2161 	 * MCS 0 through 7 are mandatory in 20MHz with 800 ns GI at all STAs.
2162 	 *
2163 	 * Firmware asserts if such situation occurs.
2164 	 */
2165 	if (n == 0) {
2166 		arg->peer_ht_rates.num_rates = 8;
2167 		for (i = 0; i < arg->peer_ht_rates.num_rates; i++)
2168 			arg->peer_ht_rates.rates[i] = i;
2169 	} else {
2170 		arg->peer_ht_rates.num_rates = n;
2171 		arg->peer_num_spatial_streams = max_nss;
2172 	}
2173 
2174 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ht peer %pM mcs cnt %d nss %d\n",
2175 		   arg->addr,
2176 		   arg->peer_ht_rates.num_rates,
2177 		   arg->peer_num_spatial_streams);
2178 }
2179 
2180 static int ath10k_peer_assoc_qos_ap(struct ath10k *ar,
2181 				    struct ath10k_vif *arvif,
2182 				    struct ieee80211_sta *sta)
2183 {
2184 	u32 uapsd = 0;
2185 	u32 max_sp = 0;
2186 	int ret = 0;
2187 
2188 	lockdep_assert_held(&ar->conf_mutex);
2189 
2190 	if (sta->wme && sta->uapsd_queues) {
2191 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac uapsd_queues 0x%x max_sp %d\n",
2192 			   sta->uapsd_queues, sta->max_sp);
2193 
2194 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
2195 			uapsd |= WMI_AP_PS_UAPSD_AC3_DELIVERY_EN |
2196 				 WMI_AP_PS_UAPSD_AC3_TRIGGER_EN;
2197 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
2198 			uapsd |= WMI_AP_PS_UAPSD_AC2_DELIVERY_EN |
2199 				 WMI_AP_PS_UAPSD_AC2_TRIGGER_EN;
2200 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
2201 			uapsd |= WMI_AP_PS_UAPSD_AC1_DELIVERY_EN |
2202 				 WMI_AP_PS_UAPSD_AC1_TRIGGER_EN;
2203 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
2204 			uapsd |= WMI_AP_PS_UAPSD_AC0_DELIVERY_EN |
2205 				 WMI_AP_PS_UAPSD_AC0_TRIGGER_EN;
2206 
2207 		if (sta->max_sp < MAX_WMI_AP_PS_PEER_PARAM_MAX_SP)
2208 			max_sp = sta->max_sp;
2209 
2210 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2211 						 sta->addr,
2212 						 WMI_AP_PS_PEER_PARAM_UAPSD,
2213 						 uapsd);
2214 		if (ret) {
2215 			ath10k_warn(ar, "failed to set ap ps peer param uapsd for vdev %i: %d\n",
2216 				    arvif->vdev_id, ret);
2217 			return ret;
2218 		}
2219 
2220 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
2221 						 sta->addr,
2222 						 WMI_AP_PS_PEER_PARAM_MAX_SP,
2223 						 max_sp);
2224 		if (ret) {
2225 			ath10k_warn(ar, "failed to set ap ps peer param max sp for vdev %i: %d\n",
2226 				    arvif->vdev_id, ret);
2227 			return ret;
2228 		}
2229 
2230 		/* TODO setup this based on STA listen interval and
2231 		   beacon interval. Currently we don't know
2232 		   sta->listen_interval - mac80211 patch required.
2233 		   Currently use 10 seconds */
2234 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id, sta->addr,
2235 						 WMI_AP_PS_PEER_PARAM_AGEOUT_TIME,
2236 						 10);
2237 		if (ret) {
2238 			ath10k_warn(ar, "failed to set ap ps peer param ageout time for vdev %i: %d\n",
2239 				    arvif->vdev_id, ret);
2240 			return ret;
2241 		}
2242 	}
2243 
2244 	return 0;
2245 }
2246 
2247 static u16
2248 ath10k_peer_assoc_h_vht_limit(u16 tx_mcs_set,
2249 			      const u16 vht_mcs_limit[NL80211_VHT_NSS_MAX])
2250 {
2251 	int idx_limit;
2252 	int nss;
2253 	u16 mcs_map;
2254 	u16 mcs;
2255 
2256 	for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
2257 		mcs_map = ath10k_mac_get_max_vht_mcs_map(tx_mcs_set, nss) &
2258 			  vht_mcs_limit[nss];
2259 
2260 		if (mcs_map)
2261 			idx_limit = fls(mcs_map) - 1;
2262 		else
2263 			idx_limit = -1;
2264 
2265 		switch (idx_limit) {
2266 		case 0: /* fall through */
2267 		case 1: /* fall through */
2268 		case 2: /* fall through */
2269 		case 3: /* fall through */
2270 		case 4: /* fall through */
2271 		case 5: /* fall through */
2272 		case 6: /* fall through */
2273 		default:
2274 			/* see ath10k_mac_can_set_bitrate_mask() */
2275 			WARN_ON(1);
2276 			/* fall through */
2277 		case -1:
2278 			mcs = IEEE80211_VHT_MCS_NOT_SUPPORTED;
2279 			break;
2280 		case 7:
2281 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_7;
2282 			break;
2283 		case 8:
2284 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_8;
2285 			break;
2286 		case 9:
2287 			mcs = IEEE80211_VHT_MCS_SUPPORT_0_9;
2288 			break;
2289 		}
2290 
2291 		tx_mcs_set &= ~(0x3 << (nss * 2));
2292 		tx_mcs_set |= mcs << (nss * 2);
2293 	}
2294 
2295 	return tx_mcs_set;
2296 }
2297 
2298 static void ath10k_peer_assoc_h_vht(struct ath10k *ar,
2299 				    struct ieee80211_vif *vif,
2300 				    struct ieee80211_sta *sta,
2301 				    struct wmi_peer_assoc_complete_arg *arg)
2302 {
2303 	const struct ieee80211_sta_vht_cap *vht_cap = &sta->vht_cap;
2304 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2305 	struct cfg80211_chan_def def;
2306 	enum ieee80211_band band;
2307 	const u16 *vht_mcs_mask;
2308 	u8 ampdu_factor;
2309 
2310 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2311 		return;
2312 
2313 	if (!vht_cap->vht_supported)
2314 		return;
2315 
2316 	band = def.chan->band;
2317 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2318 
2319 	if (ath10k_peer_assoc_h_vht_masked(vht_mcs_mask))
2320 		return;
2321 
2322 	arg->peer_flags |= WMI_PEER_VHT;
2323 
2324 	if (def.chan->band == IEEE80211_BAND_2GHZ)
2325 		arg->peer_flags |= WMI_PEER_VHT_2G;
2326 
2327 	arg->peer_vht_caps = vht_cap->cap;
2328 
2329 	ampdu_factor = (vht_cap->cap &
2330 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >>
2331 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
2332 
2333 	/* Workaround: Some Netgear/Linksys 11ac APs set Rx A-MPDU factor to
2334 	 * zero in VHT IE. Using it would result in degraded throughput.
2335 	 * arg->peer_max_mpdu at this point contains HT max_mpdu so keep
2336 	 * it if VHT max_mpdu is smaller. */
2337 	arg->peer_max_mpdu = max(arg->peer_max_mpdu,
2338 				 (1U << (IEEE80211_HT_MAX_AMPDU_FACTOR +
2339 					ampdu_factor)) - 1);
2340 
2341 	if (sta->bandwidth == IEEE80211_STA_RX_BW_80)
2342 		arg->peer_flags |= WMI_PEER_80MHZ;
2343 
2344 	arg->peer_vht_rates.rx_max_rate =
2345 		__le16_to_cpu(vht_cap->vht_mcs.rx_highest);
2346 	arg->peer_vht_rates.rx_mcs_set =
2347 		__le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map);
2348 	arg->peer_vht_rates.tx_max_rate =
2349 		__le16_to_cpu(vht_cap->vht_mcs.tx_highest);
2350 	arg->peer_vht_rates.tx_mcs_set = ath10k_peer_assoc_h_vht_limit(
2351 		__le16_to_cpu(vht_cap->vht_mcs.tx_mcs_map), vht_mcs_mask);
2352 
2353 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vht peer %pM max_mpdu %d flags 0x%x\n",
2354 		   sta->addr, arg->peer_max_mpdu, arg->peer_flags);
2355 }
2356 
2357 static void ath10k_peer_assoc_h_qos(struct ath10k *ar,
2358 				    struct ieee80211_vif *vif,
2359 				    struct ieee80211_sta *sta,
2360 				    struct wmi_peer_assoc_complete_arg *arg)
2361 {
2362 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2363 
2364 	switch (arvif->vdev_type) {
2365 	case WMI_VDEV_TYPE_AP:
2366 		if (sta->wme)
2367 			arg->peer_flags |= WMI_PEER_QOS;
2368 
2369 		if (sta->wme && sta->uapsd_queues) {
2370 			arg->peer_flags |= WMI_PEER_APSD;
2371 			arg->peer_rate_caps |= WMI_RC_UAPSD_FLAG;
2372 		}
2373 		break;
2374 	case WMI_VDEV_TYPE_STA:
2375 		if (vif->bss_conf.qos)
2376 			arg->peer_flags |= WMI_PEER_QOS;
2377 		break;
2378 	case WMI_VDEV_TYPE_IBSS:
2379 		if (sta->wme)
2380 			arg->peer_flags |= WMI_PEER_QOS;
2381 		break;
2382 	default:
2383 		break;
2384 	}
2385 
2386 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM qos %d\n",
2387 		   sta->addr, !!(arg->peer_flags & WMI_PEER_QOS));
2388 }
2389 
2390 static bool ath10k_mac_sta_has_ofdm_only(struct ieee80211_sta *sta)
2391 {
2392 	return sta->supp_rates[IEEE80211_BAND_2GHZ] >>
2393 	       ATH10K_MAC_FIRST_OFDM_RATE_IDX;
2394 }
2395 
2396 static void ath10k_peer_assoc_h_phymode(struct ath10k *ar,
2397 					struct ieee80211_vif *vif,
2398 					struct ieee80211_sta *sta,
2399 					struct wmi_peer_assoc_complete_arg *arg)
2400 {
2401 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2402 	struct cfg80211_chan_def def;
2403 	enum ieee80211_band band;
2404 	const u8 *ht_mcs_mask;
2405 	const u16 *vht_mcs_mask;
2406 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
2407 
2408 	if (WARN_ON(ath10k_mac_vif_chan(vif, &def)))
2409 		return;
2410 
2411 	band = def.chan->band;
2412 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
2413 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
2414 
2415 	switch (band) {
2416 	case IEEE80211_BAND_2GHZ:
2417 		if (sta->vht_cap.vht_supported &&
2418 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2419 			if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2420 				phymode = MODE_11AC_VHT40;
2421 			else
2422 				phymode = MODE_11AC_VHT20;
2423 		} else if (sta->ht_cap.ht_supported &&
2424 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2425 			if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2426 				phymode = MODE_11NG_HT40;
2427 			else
2428 				phymode = MODE_11NG_HT20;
2429 		} else if (ath10k_mac_sta_has_ofdm_only(sta)) {
2430 			phymode = MODE_11G;
2431 		} else {
2432 			phymode = MODE_11B;
2433 		}
2434 
2435 		break;
2436 	case IEEE80211_BAND_5GHZ:
2437 		/*
2438 		 * Check VHT first.
2439 		 */
2440 		if (sta->vht_cap.vht_supported &&
2441 		    !ath10k_peer_assoc_h_vht_masked(vht_mcs_mask)) {
2442 			if (sta->bandwidth == IEEE80211_STA_RX_BW_80)
2443 				phymode = MODE_11AC_VHT80;
2444 			else if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
2445 				phymode = MODE_11AC_VHT40;
2446 			else if (sta->bandwidth == IEEE80211_STA_RX_BW_20)
2447 				phymode = MODE_11AC_VHT20;
2448 		} else if (sta->ht_cap.ht_supported &&
2449 			   !ath10k_peer_assoc_h_ht_masked(ht_mcs_mask)) {
2450 			if (sta->bandwidth >= IEEE80211_STA_RX_BW_40)
2451 				phymode = MODE_11NA_HT40;
2452 			else
2453 				phymode = MODE_11NA_HT20;
2454 		} else {
2455 			phymode = MODE_11A;
2456 		}
2457 
2458 		break;
2459 	default:
2460 		break;
2461 	}
2462 
2463 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM phymode %s\n",
2464 		   sta->addr, ath10k_wmi_phymode_str(phymode));
2465 
2466 	arg->peer_phymode = phymode;
2467 	WARN_ON(phymode == MODE_UNKNOWN);
2468 }
2469 
2470 static int ath10k_peer_assoc_prepare(struct ath10k *ar,
2471 				     struct ieee80211_vif *vif,
2472 				     struct ieee80211_sta *sta,
2473 				     struct wmi_peer_assoc_complete_arg *arg)
2474 {
2475 	lockdep_assert_held(&ar->conf_mutex);
2476 
2477 	memset(arg, 0, sizeof(*arg));
2478 
2479 	ath10k_peer_assoc_h_basic(ar, vif, sta, arg);
2480 	ath10k_peer_assoc_h_crypto(ar, vif, arg);
2481 	ath10k_peer_assoc_h_rates(ar, vif, sta, arg);
2482 	ath10k_peer_assoc_h_ht(ar, vif, sta, arg);
2483 	ath10k_peer_assoc_h_vht(ar, vif, sta, arg);
2484 	ath10k_peer_assoc_h_qos(ar, vif, sta, arg);
2485 	ath10k_peer_assoc_h_phymode(ar, vif, sta, arg);
2486 
2487 	return 0;
2488 }
2489 
2490 static const u32 ath10k_smps_map[] = {
2491 	[WLAN_HT_CAP_SM_PS_STATIC] = WMI_PEER_SMPS_STATIC,
2492 	[WLAN_HT_CAP_SM_PS_DYNAMIC] = WMI_PEER_SMPS_DYNAMIC,
2493 	[WLAN_HT_CAP_SM_PS_INVALID] = WMI_PEER_SMPS_PS_NONE,
2494 	[WLAN_HT_CAP_SM_PS_DISABLED] = WMI_PEER_SMPS_PS_NONE,
2495 };
2496 
2497 static int ath10k_setup_peer_smps(struct ath10k *ar, struct ath10k_vif *arvif,
2498 				  const u8 *addr,
2499 				  const struct ieee80211_sta_ht_cap *ht_cap)
2500 {
2501 	int smps;
2502 
2503 	if (!ht_cap->ht_supported)
2504 		return 0;
2505 
2506 	smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
2507 	smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
2508 
2509 	if (smps >= ARRAY_SIZE(ath10k_smps_map))
2510 		return -EINVAL;
2511 
2512 	return ath10k_wmi_peer_set_param(ar, arvif->vdev_id, addr,
2513 					 WMI_PEER_SMPS_STATE,
2514 					 ath10k_smps_map[smps]);
2515 }
2516 
2517 static int ath10k_mac_vif_recalc_txbf(struct ath10k *ar,
2518 				      struct ieee80211_vif *vif,
2519 				      struct ieee80211_sta_vht_cap vht_cap)
2520 {
2521 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2522 	int ret;
2523 	u32 param;
2524 	u32 value;
2525 
2526 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_AFTER_ASSOC)
2527 		return 0;
2528 
2529 	if (!(ar->vht_cap_info &
2530 	      (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2531 	       IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE |
2532 	       IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2533 	       IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)))
2534 		return 0;
2535 
2536 	param = ar->wmi.vdev_param->txbf;
2537 	value = 0;
2538 
2539 	if (WARN_ON(param == WMI_VDEV_PARAM_UNSUPPORTED))
2540 		return 0;
2541 
2542 	/* The following logic is correct. If a remote STA advertises support
2543 	 * for being a beamformer then we should enable us being a beamformee.
2544 	 */
2545 
2546 	if (ar->vht_cap_info &
2547 	    (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
2548 	     IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
2549 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
2550 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2551 
2552 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
2553 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFEE;
2554 	}
2555 
2556 	if (ar->vht_cap_info &
2557 	    (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
2558 	     IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
2559 		if (vht_cap.cap & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
2560 			value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2561 
2562 		if (vht_cap.cap & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
2563 			value |= WMI_VDEV_PARAM_TXBF_MU_TX_BFER;
2564 	}
2565 
2566 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFEE)
2567 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
2568 
2569 	if (value & WMI_VDEV_PARAM_TXBF_MU_TX_BFER)
2570 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
2571 
2572 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param, value);
2573 	if (ret) {
2574 		ath10k_warn(ar, "failed to submit vdev param txbf 0x%x: %d\n",
2575 			    value, ret);
2576 		return ret;
2577 	}
2578 
2579 	return 0;
2580 }
2581 
2582 /* can be called only in mac80211 callbacks due to `key_count` usage */
2583 static void ath10k_bss_assoc(struct ieee80211_hw *hw,
2584 			     struct ieee80211_vif *vif,
2585 			     struct ieee80211_bss_conf *bss_conf)
2586 {
2587 	struct ath10k *ar = hw->priv;
2588 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2589 	struct ieee80211_sta_ht_cap ht_cap;
2590 	struct ieee80211_sta_vht_cap vht_cap;
2591 	struct wmi_peer_assoc_complete_arg peer_arg;
2592 	struct ieee80211_sta *ap_sta;
2593 	int ret;
2594 
2595 	lockdep_assert_held(&ar->conf_mutex);
2596 
2597 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i assoc bssid %pM aid %d\n",
2598 		   arvif->vdev_id, arvif->bssid, arvif->aid);
2599 
2600 	rcu_read_lock();
2601 
2602 	ap_sta = ieee80211_find_sta(vif, bss_conf->bssid);
2603 	if (!ap_sta) {
2604 		ath10k_warn(ar, "failed to find station entry for bss %pM vdev %i\n",
2605 			    bss_conf->bssid, arvif->vdev_id);
2606 		rcu_read_unlock();
2607 		return;
2608 	}
2609 
2610 	/* ap_sta must be accessed only within rcu section which must be left
2611 	 * before calling ath10k_setup_peer_smps() which might sleep. */
2612 	ht_cap = ap_sta->ht_cap;
2613 	vht_cap = ap_sta->vht_cap;
2614 
2615 	ret = ath10k_peer_assoc_prepare(ar, vif, ap_sta, &peer_arg);
2616 	if (ret) {
2617 		ath10k_warn(ar, "failed to prepare peer assoc for %pM vdev %i: %d\n",
2618 			    bss_conf->bssid, arvif->vdev_id, ret);
2619 		rcu_read_unlock();
2620 		return;
2621 	}
2622 
2623 	rcu_read_unlock();
2624 
2625 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
2626 	if (ret) {
2627 		ath10k_warn(ar, "failed to run peer assoc for %pM vdev %i: %d\n",
2628 			    bss_conf->bssid, arvif->vdev_id, ret);
2629 		return;
2630 	}
2631 
2632 	ret = ath10k_setup_peer_smps(ar, arvif, bss_conf->bssid, &ht_cap);
2633 	if (ret) {
2634 		ath10k_warn(ar, "failed to setup peer SMPS for vdev %i: %d\n",
2635 			    arvif->vdev_id, ret);
2636 		return;
2637 	}
2638 
2639 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
2640 	if (ret) {
2641 		ath10k_warn(ar, "failed to recalc txbf for vdev %i on bss %pM: %d\n",
2642 			    arvif->vdev_id, bss_conf->bssid, ret);
2643 		return;
2644 	}
2645 
2646 	ath10k_dbg(ar, ATH10K_DBG_MAC,
2647 		   "mac vdev %d up (associated) bssid %pM aid %d\n",
2648 		   arvif->vdev_id, bss_conf->bssid, bss_conf->aid);
2649 
2650 	WARN_ON(arvif->is_up);
2651 
2652 	arvif->aid = bss_conf->aid;
2653 	ether_addr_copy(arvif->bssid, bss_conf->bssid);
2654 
2655 	ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, arvif->aid, arvif->bssid);
2656 	if (ret) {
2657 		ath10k_warn(ar, "failed to set vdev %d up: %d\n",
2658 			    arvif->vdev_id, ret);
2659 		return;
2660 	}
2661 
2662 	arvif->is_up = true;
2663 
2664 	/* Workaround: Some firmware revisions (tested with qca6174
2665 	 * WLAN.RM.2.0-00073) have buggy powersave state machine and must be
2666 	 * poked with peer param command.
2667 	 */
2668 	ret = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, arvif->bssid,
2669 					WMI_PEER_DUMMY_VAR, 1);
2670 	if (ret) {
2671 		ath10k_warn(ar, "failed to poke peer %pM param for ps workaround on vdev %i: %d\n",
2672 			    arvif->bssid, arvif->vdev_id, ret);
2673 		return;
2674 	}
2675 }
2676 
2677 static void ath10k_bss_disassoc(struct ieee80211_hw *hw,
2678 				struct ieee80211_vif *vif)
2679 {
2680 	struct ath10k *ar = hw->priv;
2681 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2682 	struct ieee80211_sta_vht_cap vht_cap = {};
2683 	int ret;
2684 
2685 	lockdep_assert_held(&ar->conf_mutex);
2686 
2687 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i disassoc bssid %pM\n",
2688 		   arvif->vdev_id, arvif->bssid);
2689 
2690 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
2691 	if (ret)
2692 		ath10k_warn(ar, "faield to down vdev %i: %d\n",
2693 			    arvif->vdev_id, ret);
2694 
2695 	arvif->def_wep_key_idx = -1;
2696 
2697 	ret = ath10k_mac_vif_recalc_txbf(ar, vif, vht_cap);
2698 	if (ret) {
2699 		ath10k_warn(ar, "failed to recalc txbf for vdev %i: %d\n",
2700 			    arvif->vdev_id, ret);
2701 		return;
2702 	}
2703 
2704 	arvif->is_up = false;
2705 
2706 	cancel_delayed_work_sync(&arvif->connection_loss_work);
2707 }
2708 
2709 static int ath10k_station_assoc(struct ath10k *ar,
2710 				struct ieee80211_vif *vif,
2711 				struct ieee80211_sta *sta,
2712 				bool reassoc)
2713 {
2714 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2715 	struct wmi_peer_assoc_complete_arg peer_arg;
2716 	int ret = 0;
2717 
2718 	lockdep_assert_held(&ar->conf_mutex);
2719 
2720 	ret = ath10k_peer_assoc_prepare(ar, vif, sta, &peer_arg);
2721 	if (ret) {
2722 		ath10k_warn(ar, "failed to prepare WMI peer assoc for %pM vdev %i: %i\n",
2723 			    sta->addr, arvif->vdev_id, ret);
2724 		return ret;
2725 	}
2726 
2727 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
2728 	if (ret) {
2729 		ath10k_warn(ar, "failed to run peer assoc for STA %pM vdev %i: %d\n",
2730 			    sta->addr, arvif->vdev_id, ret);
2731 		return ret;
2732 	}
2733 
2734 	/* Re-assoc is run only to update supported rates for given station. It
2735 	 * doesn't make much sense to reconfigure the peer completely.
2736 	 */
2737 	if (!reassoc) {
2738 		ret = ath10k_setup_peer_smps(ar, arvif, sta->addr,
2739 					     &sta->ht_cap);
2740 		if (ret) {
2741 			ath10k_warn(ar, "failed to setup peer SMPS for vdev %d: %d\n",
2742 				    arvif->vdev_id, ret);
2743 			return ret;
2744 		}
2745 
2746 		ret = ath10k_peer_assoc_qos_ap(ar, arvif, sta);
2747 		if (ret) {
2748 			ath10k_warn(ar, "failed to set qos params for STA %pM for vdev %i: %d\n",
2749 				    sta->addr, arvif->vdev_id, ret);
2750 			return ret;
2751 		}
2752 
2753 		if (!sta->wme) {
2754 			arvif->num_legacy_stations++;
2755 			ret  = ath10k_recalc_rtscts_prot(arvif);
2756 			if (ret) {
2757 				ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
2758 					    arvif->vdev_id, ret);
2759 				return ret;
2760 			}
2761 		}
2762 
2763 		/* Plumb cached keys only for static WEP */
2764 		if (arvif->def_wep_key_idx != -1) {
2765 			ret = ath10k_install_peer_wep_keys(arvif, sta->addr);
2766 			if (ret) {
2767 				ath10k_warn(ar, "failed to install peer wep keys for vdev %i: %d\n",
2768 					    arvif->vdev_id, ret);
2769 				return ret;
2770 			}
2771 		}
2772 	}
2773 
2774 	return ret;
2775 }
2776 
2777 static int ath10k_station_disassoc(struct ath10k *ar,
2778 				   struct ieee80211_vif *vif,
2779 				   struct ieee80211_sta *sta)
2780 {
2781 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2782 	int ret = 0;
2783 
2784 	lockdep_assert_held(&ar->conf_mutex);
2785 
2786 	if (!sta->wme) {
2787 		arvif->num_legacy_stations--;
2788 		ret = ath10k_recalc_rtscts_prot(arvif);
2789 		if (ret) {
2790 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
2791 				    arvif->vdev_id, ret);
2792 			return ret;
2793 		}
2794 	}
2795 
2796 	ret = ath10k_clear_peer_keys(arvif, sta->addr);
2797 	if (ret) {
2798 		ath10k_warn(ar, "failed to clear all peer wep keys for vdev %i: %d\n",
2799 			    arvif->vdev_id, ret);
2800 		return ret;
2801 	}
2802 
2803 	return ret;
2804 }
2805 
2806 /**************/
2807 /* Regulatory */
2808 /**************/
2809 
2810 static int ath10k_update_channel_list(struct ath10k *ar)
2811 {
2812 	struct ieee80211_hw *hw = ar->hw;
2813 	struct ieee80211_supported_band **bands;
2814 	enum ieee80211_band band;
2815 	struct ieee80211_channel *channel;
2816 	struct wmi_scan_chan_list_arg arg = {0};
2817 	struct wmi_channel_arg *ch;
2818 	bool passive;
2819 	int len;
2820 	int ret;
2821 	int i;
2822 
2823 	lockdep_assert_held(&ar->conf_mutex);
2824 
2825 	bands = hw->wiphy->bands;
2826 	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
2827 		if (!bands[band])
2828 			continue;
2829 
2830 		for (i = 0; i < bands[band]->n_channels; i++) {
2831 			if (bands[band]->channels[i].flags &
2832 			    IEEE80211_CHAN_DISABLED)
2833 				continue;
2834 
2835 			arg.n_channels++;
2836 		}
2837 	}
2838 
2839 	len = sizeof(struct wmi_channel_arg) * arg.n_channels;
2840 	arg.channels = kzalloc(len, GFP_KERNEL);
2841 	if (!arg.channels)
2842 		return -ENOMEM;
2843 
2844 	ch = arg.channels;
2845 	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
2846 		if (!bands[band])
2847 			continue;
2848 
2849 		for (i = 0; i < bands[band]->n_channels; i++) {
2850 			channel = &bands[band]->channels[i];
2851 
2852 			if (channel->flags & IEEE80211_CHAN_DISABLED)
2853 				continue;
2854 
2855 			ch->allow_ht   = true;
2856 
2857 			/* FIXME: when should we really allow VHT? */
2858 			ch->allow_vht = true;
2859 
2860 			ch->allow_ibss =
2861 				!(channel->flags & IEEE80211_CHAN_NO_IR);
2862 
2863 			ch->ht40plus =
2864 				!(channel->flags & IEEE80211_CHAN_NO_HT40PLUS);
2865 
2866 			ch->chan_radar =
2867 				!!(channel->flags & IEEE80211_CHAN_RADAR);
2868 
2869 			passive = channel->flags & IEEE80211_CHAN_NO_IR;
2870 			ch->passive = passive;
2871 
2872 			ch->freq = channel->center_freq;
2873 			ch->band_center_freq1 = channel->center_freq;
2874 			ch->min_power = 0;
2875 			ch->max_power = channel->max_power * 2;
2876 			ch->max_reg_power = channel->max_reg_power * 2;
2877 			ch->max_antenna_gain = channel->max_antenna_gain * 2;
2878 			ch->reg_class_id = 0; /* FIXME */
2879 
2880 			/* FIXME: why use only legacy modes, why not any
2881 			 * HT/VHT modes? Would that even make any
2882 			 * difference? */
2883 			if (channel->band == IEEE80211_BAND_2GHZ)
2884 				ch->mode = MODE_11G;
2885 			else
2886 				ch->mode = MODE_11A;
2887 
2888 			if (WARN_ON_ONCE(ch->mode == MODE_UNKNOWN))
2889 				continue;
2890 
2891 			ath10k_dbg(ar, ATH10K_DBG_WMI,
2892 				   "mac channel [%zd/%d] freq %d maxpower %d regpower %d antenna %d mode %d\n",
2893 				    ch - arg.channels, arg.n_channels,
2894 				   ch->freq, ch->max_power, ch->max_reg_power,
2895 				   ch->max_antenna_gain, ch->mode);
2896 
2897 			ch++;
2898 		}
2899 	}
2900 
2901 	ret = ath10k_wmi_scan_chan_list(ar, &arg);
2902 	kfree(arg.channels);
2903 
2904 	return ret;
2905 }
2906 
2907 static enum wmi_dfs_region
2908 ath10k_mac_get_dfs_region(enum nl80211_dfs_regions dfs_region)
2909 {
2910 	switch (dfs_region) {
2911 	case NL80211_DFS_UNSET:
2912 		return WMI_UNINIT_DFS_DOMAIN;
2913 	case NL80211_DFS_FCC:
2914 		return WMI_FCC_DFS_DOMAIN;
2915 	case NL80211_DFS_ETSI:
2916 		return WMI_ETSI_DFS_DOMAIN;
2917 	case NL80211_DFS_JP:
2918 		return WMI_MKK4_DFS_DOMAIN;
2919 	}
2920 	return WMI_UNINIT_DFS_DOMAIN;
2921 }
2922 
2923 static void ath10k_regd_update(struct ath10k *ar)
2924 {
2925 	struct reg_dmn_pair_mapping *regpair;
2926 	int ret;
2927 	enum wmi_dfs_region wmi_dfs_reg;
2928 	enum nl80211_dfs_regions nl_dfs_reg;
2929 
2930 	lockdep_assert_held(&ar->conf_mutex);
2931 
2932 	ret = ath10k_update_channel_list(ar);
2933 	if (ret)
2934 		ath10k_warn(ar, "failed to update channel list: %d\n", ret);
2935 
2936 	regpair = ar->ath_common.regulatory.regpair;
2937 
2938 	if (config_enabled(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
2939 		nl_dfs_reg = ar->dfs_detector->region;
2940 		wmi_dfs_reg = ath10k_mac_get_dfs_region(nl_dfs_reg);
2941 	} else {
2942 		wmi_dfs_reg = WMI_UNINIT_DFS_DOMAIN;
2943 	}
2944 
2945 	/* Target allows setting up per-band regdomain but ath_common provides
2946 	 * a combined one only */
2947 	ret = ath10k_wmi_pdev_set_regdomain(ar,
2948 					    regpair->reg_domain,
2949 					    regpair->reg_domain, /* 2ghz */
2950 					    regpair->reg_domain, /* 5ghz */
2951 					    regpair->reg_2ghz_ctl,
2952 					    regpair->reg_5ghz_ctl,
2953 					    wmi_dfs_reg);
2954 	if (ret)
2955 		ath10k_warn(ar, "failed to set pdev regdomain: %d\n", ret);
2956 }
2957 
2958 static void ath10k_reg_notifier(struct wiphy *wiphy,
2959 				struct regulatory_request *request)
2960 {
2961 	struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
2962 	struct ath10k *ar = hw->priv;
2963 	bool result;
2964 
2965 	ath_reg_notifier_apply(wiphy, request, &ar->ath_common.regulatory);
2966 
2967 	if (config_enabled(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
2968 		ath10k_dbg(ar, ATH10K_DBG_REGULATORY, "dfs region 0x%x\n",
2969 			   request->dfs_region);
2970 		result = ar->dfs_detector->set_dfs_domain(ar->dfs_detector,
2971 							  request->dfs_region);
2972 		if (!result)
2973 			ath10k_warn(ar, "DFS region 0x%X not supported, will trigger radar for every pulse\n",
2974 				    request->dfs_region);
2975 	}
2976 
2977 	mutex_lock(&ar->conf_mutex);
2978 	if (ar->state == ATH10K_STATE_ON)
2979 		ath10k_regd_update(ar);
2980 	mutex_unlock(&ar->conf_mutex);
2981 }
2982 
2983 /***************/
2984 /* TX handlers */
2985 /***************/
2986 
2987 void ath10k_mac_tx_lock(struct ath10k *ar, int reason)
2988 {
2989 	lockdep_assert_held(&ar->htt.tx_lock);
2990 
2991 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
2992 	ar->tx_paused |= BIT(reason);
2993 	ieee80211_stop_queues(ar->hw);
2994 }
2995 
2996 static void ath10k_mac_tx_unlock_iter(void *data, u8 *mac,
2997 				      struct ieee80211_vif *vif)
2998 {
2999 	struct ath10k *ar = data;
3000 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3001 
3002 	if (arvif->tx_paused)
3003 		return;
3004 
3005 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3006 }
3007 
3008 void ath10k_mac_tx_unlock(struct ath10k *ar, int reason)
3009 {
3010 	lockdep_assert_held(&ar->htt.tx_lock);
3011 
3012 	WARN_ON(reason >= ATH10K_TX_PAUSE_MAX);
3013 	ar->tx_paused &= ~BIT(reason);
3014 
3015 	if (ar->tx_paused)
3016 		return;
3017 
3018 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3019 						   IEEE80211_IFACE_ITER_RESUME_ALL,
3020 						   ath10k_mac_tx_unlock_iter,
3021 						   ar);
3022 
3023 	ieee80211_wake_queue(ar->hw, ar->hw->offchannel_tx_hw_queue);
3024 }
3025 
3026 void ath10k_mac_vif_tx_lock(struct ath10k_vif *arvif, int reason)
3027 {
3028 	struct ath10k *ar = arvif->ar;
3029 
3030 	lockdep_assert_held(&ar->htt.tx_lock);
3031 
3032 	WARN_ON(reason >= BITS_PER_LONG);
3033 	arvif->tx_paused |= BIT(reason);
3034 	ieee80211_stop_queue(ar->hw, arvif->vdev_id);
3035 }
3036 
3037 void ath10k_mac_vif_tx_unlock(struct ath10k_vif *arvif, int reason)
3038 {
3039 	struct ath10k *ar = arvif->ar;
3040 
3041 	lockdep_assert_held(&ar->htt.tx_lock);
3042 
3043 	WARN_ON(reason >= BITS_PER_LONG);
3044 	arvif->tx_paused &= ~BIT(reason);
3045 
3046 	if (ar->tx_paused)
3047 		return;
3048 
3049 	if (arvif->tx_paused)
3050 		return;
3051 
3052 	ieee80211_wake_queue(ar->hw, arvif->vdev_id);
3053 }
3054 
3055 static void ath10k_mac_vif_handle_tx_pause(struct ath10k_vif *arvif,
3056 					   enum wmi_tlv_tx_pause_id pause_id,
3057 					   enum wmi_tlv_tx_pause_action action)
3058 {
3059 	struct ath10k *ar = arvif->ar;
3060 
3061 	lockdep_assert_held(&ar->htt.tx_lock);
3062 
3063 	switch (action) {
3064 	case WMI_TLV_TX_PAUSE_ACTION_STOP:
3065 		ath10k_mac_vif_tx_lock(arvif, pause_id);
3066 		break;
3067 	case WMI_TLV_TX_PAUSE_ACTION_WAKE:
3068 		ath10k_mac_vif_tx_unlock(arvif, pause_id);
3069 		break;
3070 	default:
3071 		ath10k_warn(ar, "received unknown tx pause action %d on vdev %i, ignoring\n",
3072 			    action, arvif->vdev_id);
3073 		break;
3074 	}
3075 }
3076 
3077 struct ath10k_mac_tx_pause {
3078 	u32 vdev_id;
3079 	enum wmi_tlv_tx_pause_id pause_id;
3080 	enum wmi_tlv_tx_pause_action action;
3081 };
3082 
3083 static void ath10k_mac_handle_tx_pause_iter(void *data, u8 *mac,
3084 					    struct ieee80211_vif *vif)
3085 {
3086 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3087 	struct ath10k_mac_tx_pause *arg = data;
3088 
3089 	if (arvif->vdev_id != arg->vdev_id)
3090 		return;
3091 
3092 	ath10k_mac_vif_handle_tx_pause(arvif, arg->pause_id, arg->action);
3093 }
3094 
3095 void ath10k_mac_handle_tx_pause_vdev(struct ath10k *ar, u32 vdev_id,
3096 				     enum wmi_tlv_tx_pause_id pause_id,
3097 				     enum wmi_tlv_tx_pause_action action)
3098 {
3099 	struct ath10k_mac_tx_pause arg = {
3100 		.vdev_id = vdev_id,
3101 		.pause_id = pause_id,
3102 		.action = action,
3103 	};
3104 
3105 	spin_lock_bh(&ar->htt.tx_lock);
3106 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
3107 						   IEEE80211_IFACE_ITER_RESUME_ALL,
3108 						   ath10k_mac_handle_tx_pause_iter,
3109 						   &arg);
3110 	spin_unlock_bh(&ar->htt.tx_lock);
3111 }
3112 
3113 static u8 ath10k_tx_h_get_tid(struct ieee80211_hdr *hdr)
3114 {
3115 	if (ieee80211_is_mgmt(hdr->frame_control))
3116 		return HTT_DATA_TX_EXT_TID_MGMT;
3117 
3118 	if (!ieee80211_is_data_qos(hdr->frame_control))
3119 		return HTT_DATA_TX_EXT_TID_NON_QOS_MCAST_BCAST;
3120 
3121 	if (!is_unicast_ether_addr(ieee80211_get_DA(hdr)))
3122 		return HTT_DATA_TX_EXT_TID_NON_QOS_MCAST_BCAST;
3123 
3124 	return ieee80211_get_qos_ctl(hdr)[0] & IEEE80211_QOS_CTL_TID_MASK;
3125 }
3126 
3127 static u8 ath10k_tx_h_get_vdev_id(struct ath10k *ar, struct ieee80211_vif *vif)
3128 {
3129 	if (vif)
3130 		return ath10k_vif_to_arvif(vif)->vdev_id;
3131 
3132 	if (ar->monitor_started)
3133 		return ar->monitor_vdev_id;
3134 
3135 	ath10k_warn(ar, "failed to resolve vdev id\n");
3136 	return 0;
3137 }
3138 
3139 static enum ath10k_hw_txrx_mode
3140 ath10k_tx_h_get_txmode(struct ath10k *ar, struct ieee80211_vif *vif,
3141 		       struct ieee80211_sta *sta, struct sk_buff *skb)
3142 {
3143 	const struct ieee80211_hdr *hdr = (void *)skb->data;
3144 	__le16 fc = hdr->frame_control;
3145 
3146 	if (!vif || vif->type == NL80211_IFTYPE_MONITOR)
3147 		return ATH10K_HW_TXRX_RAW;
3148 
3149 	if (ieee80211_is_mgmt(fc))
3150 		return ATH10K_HW_TXRX_MGMT;
3151 
3152 	/* Workaround:
3153 	 *
3154 	 * NullFunc frames are mostly used to ping if a client or AP are still
3155 	 * reachable and responsive. This implies tx status reports must be
3156 	 * accurate - otherwise either mac80211 or userspace (e.g. hostapd) can
3157 	 * come to a conclusion that the other end disappeared and tear down
3158 	 * BSS connection or it can never disconnect from BSS/client (which is
3159 	 * the case).
3160 	 *
3161 	 * Firmware with HTT older than 3.0 delivers incorrect tx status for
3162 	 * NullFunc frames to driver. However there's a HTT Mgmt Tx command
3163 	 * which seems to deliver correct tx reports for NullFunc frames. The
3164 	 * downside of using it is it ignores client powersave state so it can
3165 	 * end up disconnecting sleeping clients in AP mode. It should fix STA
3166 	 * mode though because AP don't sleep.
3167 	 */
3168 	if (ar->htt.target_version_major < 3 &&
3169 	    (ieee80211_is_nullfunc(fc) || ieee80211_is_qos_nullfunc(fc)) &&
3170 	    !test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX, ar->fw_features))
3171 		return ATH10K_HW_TXRX_MGMT;
3172 
3173 	/* Workaround:
3174 	 *
3175 	 * Some wmi-tlv firmwares for qca6174 have broken Tx key selection for
3176 	 * NativeWifi txmode - it selects AP key instead of peer key. It seems
3177 	 * to work with Ethernet txmode so use it.
3178 	 *
3179 	 * FIXME: Check if raw mode works with TDLS.
3180 	 */
3181 	if (ieee80211_is_data_present(fc) && sta && sta->tdls)
3182 		return ATH10K_HW_TXRX_ETHERNET;
3183 
3184 	if (test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
3185 		return ATH10K_HW_TXRX_RAW;
3186 
3187 	return ATH10K_HW_TXRX_NATIVE_WIFI;
3188 }
3189 
3190 static bool ath10k_tx_h_use_hwcrypto(struct ieee80211_vif *vif,
3191 				     struct sk_buff *skb) {
3192 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3193 	const u32 mask = IEEE80211_TX_INTFL_DONT_ENCRYPT |
3194 			 IEEE80211_TX_CTL_INJECTED;
3195 	if ((info->flags & mask) == mask)
3196 		return false;
3197 	if (vif)
3198 		return !ath10k_vif_to_arvif(vif)->nohwcrypt;
3199 	return true;
3200 }
3201 
3202 /* HTT Tx uses Native Wifi tx mode which expects 802.11 frames without QoS
3203  * Control in the header.
3204  */
3205 static void ath10k_tx_h_nwifi(struct ieee80211_hw *hw, struct sk_buff *skb)
3206 {
3207 	struct ieee80211_hdr *hdr = (void *)skb->data;
3208 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3209 	u8 *qos_ctl;
3210 
3211 	if (!ieee80211_is_data_qos(hdr->frame_control))
3212 		return;
3213 
3214 	qos_ctl = ieee80211_get_qos_ctl(hdr);
3215 	memmove(skb->data + IEEE80211_QOS_CTL_LEN,
3216 		skb->data, (void *)qos_ctl - (void *)skb->data);
3217 	skb_pull(skb, IEEE80211_QOS_CTL_LEN);
3218 
3219 	/* Some firmware revisions don't handle sending QoS NullFunc well.
3220 	 * These frames are mainly used for CQM purposes so it doesn't really
3221 	 * matter whether QoS NullFunc or NullFunc are sent.
3222 	 */
3223 	hdr = (void *)skb->data;
3224 	if (ieee80211_is_qos_nullfunc(hdr->frame_control))
3225 		cb->htt.tid = HTT_DATA_TX_EXT_TID_NON_QOS_MCAST_BCAST;
3226 
3227 	hdr->frame_control &= ~__cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
3228 }
3229 
3230 static void ath10k_tx_h_8023(struct sk_buff *skb)
3231 {
3232 	struct ieee80211_hdr *hdr;
3233 	struct rfc1042_hdr *rfc1042;
3234 	struct ethhdr *eth;
3235 	size_t hdrlen;
3236 	u8 da[ETH_ALEN];
3237 	u8 sa[ETH_ALEN];
3238 	__be16 type;
3239 
3240 	hdr = (void *)skb->data;
3241 	hdrlen = ieee80211_hdrlen(hdr->frame_control);
3242 	rfc1042 = (void *)skb->data + hdrlen;
3243 
3244 	ether_addr_copy(da, ieee80211_get_DA(hdr));
3245 	ether_addr_copy(sa, ieee80211_get_SA(hdr));
3246 	type = rfc1042->snap_type;
3247 
3248 	skb_pull(skb, hdrlen + sizeof(*rfc1042));
3249 	skb_push(skb, sizeof(*eth));
3250 
3251 	eth = (void *)skb->data;
3252 	ether_addr_copy(eth->h_dest, da);
3253 	ether_addr_copy(eth->h_source, sa);
3254 	eth->h_proto = type;
3255 }
3256 
3257 static void ath10k_tx_h_add_p2p_noa_ie(struct ath10k *ar,
3258 				       struct ieee80211_vif *vif,
3259 				       struct sk_buff *skb)
3260 {
3261 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
3262 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3263 
3264 	/* This is case only for P2P_GO */
3265 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP ||
3266 	    arvif->vdev_subtype != WMI_VDEV_SUBTYPE_P2P_GO)
3267 		return;
3268 
3269 	if (unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
3270 		spin_lock_bh(&ar->data_lock);
3271 		if (arvif->u.ap.noa_data)
3272 			if (!pskb_expand_head(skb, 0, arvif->u.ap.noa_len,
3273 					      GFP_ATOMIC))
3274 				memcpy(skb_put(skb, arvif->u.ap.noa_len),
3275 				       arvif->u.ap.noa_data,
3276 				       arvif->u.ap.noa_len);
3277 		spin_unlock_bh(&ar->data_lock);
3278 	}
3279 }
3280 
3281 static bool ath10k_mac_need_offchan_tx_work(struct ath10k *ar)
3282 {
3283 	/* FIXME: Not really sure since when the behaviour changed. At some
3284 	 * point new firmware stopped requiring creation of peer entries for
3285 	 * offchannel tx (and actually creating them causes issues with wmi-htc
3286 	 * tx credit replenishment and reliability). Assuming it's at least 3.4
3287 	 * because that's when the `freq` was introduced to TX_FRM HTT command.
3288 	 */
3289 	return !(ar->htt.target_version_major >= 3 &&
3290 		 ar->htt.target_version_minor >= 4);
3291 }
3292 
3293 static int ath10k_mac_tx_wmi_mgmt(struct ath10k *ar, struct sk_buff *skb)
3294 {
3295 	struct sk_buff_head *q = &ar->wmi_mgmt_tx_queue;
3296 	int ret = 0;
3297 
3298 	spin_lock_bh(&ar->data_lock);
3299 
3300 	if (skb_queue_len(q) == ATH10K_MAX_NUM_MGMT_PENDING) {
3301 		ath10k_warn(ar, "wmi mgmt tx queue is full\n");
3302 		ret = -ENOSPC;
3303 		goto unlock;
3304 	}
3305 
3306 	__skb_queue_tail(q, skb);
3307 	ieee80211_queue_work(ar->hw, &ar->wmi_mgmt_tx_work);
3308 
3309 unlock:
3310 	spin_unlock_bh(&ar->data_lock);
3311 
3312 	return ret;
3313 }
3314 
3315 static void ath10k_mac_tx(struct ath10k *ar, struct sk_buff *skb)
3316 {
3317 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
3318 	struct ath10k_htt *htt = &ar->htt;
3319 	int ret = 0;
3320 
3321 	switch (cb->txmode) {
3322 	case ATH10K_HW_TXRX_RAW:
3323 	case ATH10K_HW_TXRX_NATIVE_WIFI:
3324 	case ATH10K_HW_TXRX_ETHERNET:
3325 		ret = ath10k_htt_tx(htt, skb);
3326 		break;
3327 	case ATH10K_HW_TXRX_MGMT:
3328 		if (test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
3329 			     ar->fw_features))
3330 			ret = ath10k_mac_tx_wmi_mgmt(ar, skb);
3331 		else if (ar->htt.target_version_major >= 3)
3332 			ret = ath10k_htt_tx(htt, skb);
3333 		else
3334 			ret = ath10k_htt_mgmt_tx(htt, skb);
3335 		break;
3336 	}
3337 
3338 	if (ret) {
3339 		ath10k_warn(ar, "failed to transmit packet, dropping: %d\n",
3340 			    ret);
3341 		ieee80211_free_txskb(ar->hw, skb);
3342 	}
3343 }
3344 
3345 void ath10k_offchan_tx_purge(struct ath10k *ar)
3346 {
3347 	struct sk_buff *skb;
3348 
3349 	for (;;) {
3350 		skb = skb_dequeue(&ar->offchan_tx_queue);
3351 		if (!skb)
3352 			break;
3353 
3354 		ieee80211_free_txskb(ar->hw, skb);
3355 	}
3356 }
3357 
3358 void ath10k_offchan_tx_work(struct work_struct *work)
3359 {
3360 	struct ath10k *ar = container_of(work, struct ath10k, offchan_tx_work);
3361 	struct ath10k_peer *peer;
3362 	struct ieee80211_hdr *hdr;
3363 	struct sk_buff *skb;
3364 	const u8 *peer_addr;
3365 	int vdev_id;
3366 	int ret;
3367 	unsigned long time_left;
3368 	bool tmp_peer_created = false;
3369 
3370 	/* FW requirement: We must create a peer before FW will send out
3371 	 * an offchannel frame. Otherwise the frame will be stuck and
3372 	 * never transmitted. We delete the peer upon tx completion.
3373 	 * It is unlikely that a peer for offchannel tx will already be
3374 	 * present. However it may be in some rare cases so account for that.
3375 	 * Otherwise we might remove a legitimate peer and break stuff. */
3376 
3377 	for (;;) {
3378 		skb = skb_dequeue(&ar->offchan_tx_queue);
3379 		if (!skb)
3380 			break;
3381 
3382 		mutex_lock(&ar->conf_mutex);
3383 
3384 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac offchannel skb %p\n",
3385 			   skb);
3386 
3387 		hdr = (struct ieee80211_hdr *)skb->data;
3388 		peer_addr = ieee80211_get_DA(hdr);
3389 		vdev_id = ATH10K_SKB_CB(skb)->vdev_id;
3390 
3391 		spin_lock_bh(&ar->data_lock);
3392 		peer = ath10k_peer_find(ar, vdev_id, peer_addr);
3393 		spin_unlock_bh(&ar->data_lock);
3394 
3395 		if (peer)
3396 			/* FIXME: should this use ath10k_warn()? */
3397 			ath10k_dbg(ar, ATH10K_DBG_MAC, "peer %pM on vdev %d already present\n",
3398 				   peer_addr, vdev_id);
3399 
3400 		if (!peer) {
3401 			ret = ath10k_peer_create(ar, vdev_id, peer_addr,
3402 						 WMI_PEER_TYPE_DEFAULT);
3403 			if (ret)
3404 				ath10k_warn(ar, "failed to create peer %pM on vdev %d: %d\n",
3405 					    peer_addr, vdev_id, ret);
3406 			tmp_peer_created = (ret == 0);
3407 		}
3408 
3409 		spin_lock_bh(&ar->data_lock);
3410 		reinit_completion(&ar->offchan_tx_completed);
3411 		ar->offchan_tx_skb = skb;
3412 		spin_unlock_bh(&ar->data_lock);
3413 
3414 		ath10k_mac_tx(ar, skb);
3415 
3416 		time_left =
3417 		wait_for_completion_timeout(&ar->offchan_tx_completed, 3 * HZ);
3418 		if (time_left == 0)
3419 			ath10k_warn(ar, "timed out waiting for offchannel skb %p\n",
3420 				    skb);
3421 
3422 		if (!peer && tmp_peer_created) {
3423 			ret = ath10k_peer_delete(ar, vdev_id, peer_addr);
3424 			if (ret)
3425 				ath10k_warn(ar, "failed to delete peer %pM on vdev %d: %d\n",
3426 					    peer_addr, vdev_id, ret);
3427 		}
3428 
3429 		mutex_unlock(&ar->conf_mutex);
3430 	}
3431 }
3432 
3433 void ath10k_mgmt_over_wmi_tx_purge(struct ath10k *ar)
3434 {
3435 	struct sk_buff *skb;
3436 
3437 	for (;;) {
3438 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
3439 		if (!skb)
3440 			break;
3441 
3442 		ieee80211_free_txskb(ar->hw, skb);
3443 	}
3444 }
3445 
3446 void ath10k_mgmt_over_wmi_tx_work(struct work_struct *work)
3447 {
3448 	struct ath10k *ar = container_of(work, struct ath10k, wmi_mgmt_tx_work);
3449 	struct sk_buff *skb;
3450 	int ret;
3451 
3452 	for (;;) {
3453 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
3454 		if (!skb)
3455 			break;
3456 
3457 		ret = ath10k_wmi_mgmt_tx(ar, skb);
3458 		if (ret) {
3459 			ath10k_warn(ar, "failed to transmit management frame via WMI: %d\n",
3460 				    ret);
3461 			ieee80211_free_txskb(ar->hw, skb);
3462 		}
3463 	}
3464 }
3465 
3466 /************/
3467 /* Scanning */
3468 /************/
3469 
3470 void __ath10k_scan_finish(struct ath10k *ar)
3471 {
3472 	lockdep_assert_held(&ar->data_lock);
3473 
3474 	switch (ar->scan.state) {
3475 	case ATH10K_SCAN_IDLE:
3476 		break;
3477 	case ATH10K_SCAN_RUNNING:
3478 	case ATH10K_SCAN_ABORTING:
3479 		if (!ar->scan.is_roc)
3480 			ieee80211_scan_completed(ar->hw,
3481 						 (ar->scan.state ==
3482 						  ATH10K_SCAN_ABORTING));
3483 		else if (ar->scan.roc_notify)
3484 			ieee80211_remain_on_channel_expired(ar->hw);
3485 		/* fall through */
3486 	case ATH10K_SCAN_STARTING:
3487 		ar->scan.state = ATH10K_SCAN_IDLE;
3488 		ar->scan_channel = NULL;
3489 		ath10k_offchan_tx_purge(ar);
3490 		cancel_delayed_work(&ar->scan.timeout);
3491 		complete_all(&ar->scan.completed);
3492 		break;
3493 	}
3494 }
3495 
3496 void ath10k_scan_finish(struct ath10k *ar)
3497 {
3498 	spin_lock_bh(&ar->data_lock);
3499 	__ath10k_scan_finish(ar);
3500 	spin_unlock_bh(&ar->data_lock);
3501 }
3502 
3503 static int ath10k_scan_stop(struct ath10k *ar)
3504 {
3505 	struct wmi_stop_scan_arg arg = {
3506 		.req_id = 1, /* FIXME */
3507 		.req_type = WMI_SCAN_STOP_ONE,
3508 		.u.scan_id = ATH10K_SCAN_ID,
3509 	};
3510 	int ret;
3511 
3512 	lockdep_assert_held(&ar->conf_mutex);
3513 
3514 	ret = ath10k_wmi_stop_scan(ar, &arg);
3515 	if (ret) {
3516 		ath10k_warn(ar, "failed to stop wmi scan: %d\n", ret);
3517 		goto out;
3518 	}
3519 
3520 	ret = wait_for_completion_timeout(&ar->scan.completed, 3*HZ);
3521 	if (ret == 0) {
3522 		ath10k_warn(ar, "failed to receive scan abortion completion: timed out\n");
3523 		ret = -ETIMEDOUT;
3524 	} else if (ret > 0) {
3525 		ret = 0;
3526 	}
3527 
3528 out:
3529 	/* Scan state should be updated upon scan completion but in case
3530 	 * firmware fails to deliver the event (for whatever reason) it is
3531 	 * desired to clean up scan state anyway. Firmware may have just
3532 	 * dropped the scan completion event delivery due to transport pipe
3533 	 * being overflown with data and/or it can recover on its own before
3534 	 * next scan request is submitted.
3535 	 */
3536 	spin_lock_bh(&ar->data_lock);
3537 	if (ar->scan.state != ATH10K_SCAN_IDLE)
3538 		__ath10k_scan_finish(ar);
3539 	spin_unlock_bh(&ar->data_lock);
3540 
3541 	return ret;
3542 }
3543 
3544 static void ath10k_scan_abort(struct ath10k *ar)
3545 {
3546 	int ret;
3547 
3548 	lockdep_assert_held(&ar->conf_mutex);
3549 
3550 	spin_lock_bh(&ar->data_lock);
3551 
3552 	switch (ar->scan.state) {
3553 	case ATH10K_SCAN_IDLE:
3554 		/* This can happen if timeout worker kicked in and called
3555 		 * abortion while scan completion was being processed.
3556 		 */
3557 		break;
3558 	case ATH10K_SCAN_STARTING:
3559 	case ATH10K_SCAN_ABORTING:
3560 		ath10k_warn(ar, "refusing scan abortion due to invalid scan state: %s (%d)\n",
3561 			    ath10k_scan_state_str(ar->scan.state),
3562 			    ar->scan.state);
3563 		break;
3564 	case ATH10K_SCAN_RUNNING:
3565 		ar->scan.state = ATH10K_SCAN_ABORTING;
3566 		spin_unlock_bh(&ar->data_lock);
3567 
3568 		ret = ath10k_scan_stop(ar);
3569 		if (ret)
3570 			ath10k_warn(ar, "failed to abort scan: %d\n", ret);
3571 
3572 		spin_lock_bh(&ar->data_lock);
3573 		break;
3574 	}
3575 
3576 	spin_unlock_bh(&ar->data_lock);
3577 }
3578 
3579 void ath10k_scan_timeout_work(struct work_struct *work)
3580 {
3581 	struct ath10k *ar = container_of(work, struct ath10k,
3582 					 scan.timeout.work);
3583 
3584 	mutex_lock(&ar->conf_mutex);
3585 	ath10k_scan_abort(ar);
3586 	mutex_unlock(&ar->conf_mutex);
3587 }
3588 
3589 static int ath10k_start_scan(struct ath10k *ar,
3590 			     const struct wmi_start_scan_arg *arg)
3591 {
3592 	int ret;
3593 
3594 	lockdep_assert_held(&ar->conf_mutex);
3595 
3596 	ret = ath10k_wmi_start_scan(ar, arg);
3597 	if (ret)
3598 		return ret;
3599 
3600 	ret = wait_for_completion_timeout(&ar->scan.started, 1*HZ);
3601 	if (ret == 0) {
3602 		ret = ath10k_scan_stop(ar);
3603 		if (ret)
3604 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
3605 
3606 		return -ETIMEDOUT;
3607 	}
3608 
3609 	/* If we failed to start the scan, return error code at
3610 	 * this point.  This is probably due to some issue in the
3611 	 * firmware, but no need to wedge the driver due to that...
3612 	 */
3613 	spin_lock_bh(&ar->data_lock);
3614 	if (ar->scan.state == ATH10K_SCAN_IDLE) {
3615 		spin_unlock_bh(&ar->data_lock);
3616 		return -EINVAL;
3617 	}
3618 	spin_unlock_bh(&ar->data_lock);
3619 
3620 	/* Add a 200ms margin to account for event/command processing */
3621 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
3622 				     msecs_to_jiffies(arg->max_scan_time+200));
3623 	return 0;
3624 }
3625 
3626 /**********************/
3627 /* mac80211 callbacks */
3628 /**********************/
3629 
3630 static void ath10k_tx(struct ieee80211_hw *hw,
3631 		      struct ieee80211_tx_control *control,
3632 		      struct sk_buff *skb)
3633 {
3634 	struct ath10k *ar = hw->priv;
3635 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3636 	struct ieee80211_vif *vif = info->control.vif;
3637 	struct ieee80211_sta *sta = control->sta;
3638 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
3639 	__le16 fc = hdr->frame_control;
3640 
3641 	/* We should disable CCK RATE due to P2P */
3642 	if (info->flags & IEEE80211_TX_CTL_NO_CCK_RATE)
3643 		ath10k_dbg(ar, ATH10K_DBG_MAC, "IEEE80211_TX_CTL_NO_CCK_RATE\n");
3644 
3645 	ATH10K_SKB_CB(skb)->htt.is_offchan = false;
3646 	ATH10K_SKB_CB(skb)->htt.freq = 0;
3647 	ATH10K_SKB_CB(skb)->htt.tid = ath10k_tx_h_get_tid(hdr);
3648 	ATH10K_SKB_CB(skb)->htt.nohwcrypt = !ath10k_tx_h_use_hwcrypto(vif, skb);
3649 	ATH10K_SKB_CB(skb)->vdev_id = ath10k_tx_h_get_vdev_id(ar, vif);
3650 	ATH10K_SKB_CB(skb)->txmode = ath10k_tx_h_get_txmode(ar, vif, sta, skb);
3651 	ATH10K_SKB_CB(skb)->is_protected = ieee80211_has_protected(fc);
3652 
3653 	switch (ATH10K_SKB_CB(skb)->txmode) {
3654 	case ATH10K_HW_TXRX_MGMT:
3655 	case ATH10K_HW_TXRX_NATIVE_WIFI:
3656 		ath10k_tx_h_nwifi(hw, skb);
3657 		ath10k_tx_h_add_p2p_noa_ie(ar, vif, skb);
3658 		ath10k_tx_h_seq_no(vif, skb);
3659 		break;
3660 	case ATH10K_HW_TXRX_ETHERNET:
3661 		ath10k_tx_h_8023(skb);
3662 		break;
3663 	case ATH10K_HW_TXRX_RAW:
3664 		if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
3665 			WARN_ON_ONCE(1);
3666 			ieee80211_free_txskb(hw, skb);
3667 			return;
3668 		}
3669 	}
3670 
3671 	if (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) {
3672 		spin_lock_bh(&ar->data_lock);
3673 		ATH10K_SKB_CB(skb)->htt.freq = ar->scan.roc_freq;
3674 		ATH10K_SKB_CB(skb)->vdev_id = ar->scan.vdev_id;
3675 		spin_unlock_bh(&ar->data_lock);
3676 
3677 		if (ath10k_mac_need_offchan_tx_work(ar)) {
3678 			ATH10K_SKB_CB(skb)->htt.freq = 0;
3679 			ATH10K_SKB_CB(skb)->htt.is_offchan = true;
3680 
3681 			ath10k_dbg(ar, ATH10K_DBG_MAC, "queued offchannel skb %p\n",
3682 				   skb);
3683 
3684 			skb_queue_tail(&ar->offchan_tx_queue, skb);
3685 			ieee80211_queue_work(hw, &ar->offchan_tx_work);
3686 			return;
3687 		}
3688 	}
3689 
3690 	ath10k_mac_tx(ar, skb);
3691 }
3692 
3693 /* Must not be called with conf_mutex held as workers can use that also. */
3694 void ath10k_drain_tx(struct ath10k *ar)
3695 {
3696 	/* make sure rcu-protected mac80211 tx path itself is drained */
3697 	synchronize_net();
3698 
3699 	ath10k_offchan_tx_purge(ar);
3700 	ath10k_mgmt_over_wmi_tx_purge(ar);
3701 
3702 	cancel_work_sync(&ar->offchan_tx_work);
3703 	cancel_work_sync(&ar->wmi_mgmt_tx_work);
3704 }
3705 
3706 void ath10k_halt(struct ath10k *ar)
3707 {
3708 	struct ath10k_vif *arvif;
3709 
3710 	lockdep_assert_held(&ar->conf_mutex);
3711 
3712 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
3713 	ar->filter_flags = 0;
3714 	ar->monitor = false;
3715 	ar->monitor_arvif = NULL;
3716 
3717 	if (ar->monitor_started)
3718 		ath10k_monitor_stop(ar);
3719 
3720 	ar->monitor_started = false;
3721 	ar->tx_paused = 0;
3722 
3723 	ath10k_scan_finish(ar);
3724 	ath10k_peer_cleanup_all(ar);
3725 	ath10k_core_stop(ar);
3726 	ath10k_hif_power_down(ar);
3727 
3728 	spin_lock_bh(&ar->data_lock);
3729 	list_for_each_entry(arvif, &ar->arvifs, list)
3730 		ath10k_mac_vif_beacon_cleanup(arvif);
3731 	spin_unlock_bh(&ar->data_lock);
3732 }
3733 
3734 static int ath10k_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
3735 {
3736 	struct ath10k *ar = hw->priv;
3737 
3738 	mutex_lock(&ar->conf_mutex);
3739 
3740 	if (ar->cfg_tx_chainmask) {
3741 		*tx_ant = ar->cfg_tx_chainmask;
3742 		*rx_ant = ar->cfg_rx_chainmask;
3743 	} else {
3744 		*tx_ant = ar->supp_tx_chainmask;
3745 		*rx_ant = ar->supp_rx_chainmask;
3746 	}
3747 
3748 	mutex_unlock(&ar->conf_mutex);
3749 
3750 	return 0;
3751 }
3752 
3753 static void ath10k_check_chain_mask(struct ath10k *ar, u32 cm, const char *dbg)
3754 {
3755 	/* It is not clear that allowing gaps in chainmask
3756 	 * is helpful.  Probably it will not do what user
3757 	 * is hoping for, so warn in that case.
3758 	 */
3759 	if (cm == 15 || cm == 7 || cm == 3 || cm == 1 || cm == 0)
3760 		return;
3761 
3762 	ath10k_warn(ar, "mac %s antenna chainmask may be invalid: 0x%x.  Suggested values: 15, 7, 3, 1 or 0.\n",
3763 		    dbg, cm);
3764 }
3765 
3766 static int __ath10k_set_antenna(struct ath10k *ar, u32 tx_ant, u32 rx_ant)
3767 {
3768 	int ret;
3769 
3770 	lockdep_assert_held(&ar->conf_mutex);
3771 
3772 	ath10k_check_chain_mask(ar, tx_ant, "tx");
3773 	ath10k_check_chain_mask(ar, rx_ant, "rx");
3774 
3775 	ar->cfg_tx_chainmask = tx_ant;
3776 	ar->cfg_rx_chainmask = rx_ant;
3777 
3778 	if ((ar->state != ATH10K_STATE_ON) &&
3779 	    (ar->state != ATH10K_STATE_RESTARTED))
3780 		return 0;
3781 
3782 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->tx_chain_mask,
3783 					tx_ant);
3784 	if (ret) {
3785 		ath10k_warn(ar, "failed to set tx-chainmask: %d, req 0x%x\n",
3786 			    ret, tx_ant);
3787 		return ret;
3788 	}
3789 
3790 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rx_chain_mask,
3791 					rx_ant);
3792 	if (ret) {
3793 		ath10k_warn(ar, "failed to set rx-chainmask: %d, req 0x%x\n",
3794 			    ret, rx_ant);
3795 		return ret;
3796 	}
3797 
3798 	return 0;
3799 }
3800 
3801 static int ath10k_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
3802 {
3803 	struct ath10k *ar = hw->priv;
3804 	int ret;
3805 
3806 	mutex_lock(&ar->conf_mutex);
3807 	ret = __ath10k_set_antenna(ar, tx_ant, rx_ant);
3808 	mutex_unlock(&ar->conf_mutex);
3809 	return ret;
3810 }
3811 
3812 static int ath10k_start(struct ieee80211_hw *hw)
3813 {
3814 	struct ath10k *ar = hw->priv;
3815 	u32 burst_enable;
3816 	int ret = 0;
3817 
3818 	/*
3819 	 * This makes sense only when restarting hw. It is harmless to call
3820 	 * uncoditionally. This is necessary to make sure no HTT/WMI tx
3821 	 * commands will be submitted while restarting.
3822 	 */
3823 	ath10k_drain_tx(ar);
3824 
3825 	mutex_lock(&ar->conf_mutex);
3826 
3827 	switch (ar->state) {
3828 	case ATH10K_STATE_OFF:
3829 		ar->state = ATH10K_STATE_ON;
3830 		break;
3831 	case ATH10K_STATE_RESTARTING:
3832 		ath10k_halt(ar);
3833 		ar->state = ATH10K_STATE_RESTARTED;
3834 		break;
3835 	case ATH10K_STATE_ON:
3836 	case ATH10K_STATE_RESTARTED:
3837 	case ATH10K_STATE_WEDGED:
3838 		WARN_ON(1);
3839 		ret = -EINVAL;
3840 		goto err;
3841 	case ATH10K_STATE_UTF:
3842 		ret = -EBUSY;
3843 		goto err;
3844 	}
3845 
3846 	ret = ath10k_hif_power_up(ar);
3847 	if (ret) {
3848 		ath10k_err(ar, "Could not init hif: %d\n", ret);
3849 		goto err_off;
3850 	}
3851 
3852 	ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_NORMAL);
3853 	if (ret) {
3854 		ath10k_err(ar, "Could not init core: %d\n", ret);
3855 		goto err_power_down;
3856 	}
3857 
3858 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->pmf_qos, 1);
3859 	if (ret) {
3860 		ath10k_warn(ar, "failed to enable PMF QOS: %d\n", ret);
3861 		goto err_core_stop;
3862 	}
3863 
3864 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->dynamic_bw, 1);
3865 	if (ret) {
3866 		ath10k_warn(ar, "failed to enable dynamic BW: %d\n", ret);
3867 		goto err_core_stop;
3868 	}
3869 
3870 	if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
3871 		ret = ath10k_wmi_adaptive_qcs(ar, true);
3872 		if (ret) {
3873 			ath10k_warn(ar, "failed to enable adaptive qcs: %d\n",
3874 				    ret);
3875 			goto err_core_stop;
3876 		}
3877 	}
3878 
3879 	if (test_bit(WMI_SERVICE_BURST, ar->wmi.svc_map)) {
3880 		burst_enable = ar->wmi.pdev_param->burst_enable;
3881 		ret = ath10k_wmi_pdev_set_param(ar, burst_enable, 0);
3882 		if (ret) {
3883 			ath10k_warn(ar, "failed to disable burst: %d\n", ret);
3884 			goto err_core_stop;
3885 		}
3886 	}
3887 
3888 	if (ar->cfg_tx_chainmask)
3889 		__ath10k_set_antenna(ar, ar->cfg_tx_chainmask,
3890 				     ar->cfg_rx_chainmask);
3891 
3892 	/*
3893 	 * By default FW set ARP frames ac to voice (6). In that case ARP
3894 	 * exchange is not working properly for UAPSD enabled AP. ARP requests
3895 	 * which arrives with access category 0 are processed by network stack
3896 	 * and send back with access category 0, but FW changes access category
3897 	 * to 6. Set ARP frames access category to best effort (0) solves
3898 	 * this problem.
3899 	 */
3900 
3901 	ret = ath10k_wmi_pdev_set_param(ar,
3902 					ar->wmi.pdev_param->arp_ac_override, 0);
3903 	if (ret) {
3904 		ath10k_warn(ar, "failed to set arp ac override parameter: %d\n",
3905 			    ret);
3906 		goto err_core_stop;
3907 	}
3908 
3909 	ret = ath10k_wmi_pdev_set_param(ar,
3910 					ar->wmi.pdev_param->ani_enable, 1);
3911 	if (ret) {
3912 		ath10k_warn(ar, "failed to enable ani by default: %d\n",
3913 			    ret);
3914 		goto err_core_stop;
3915 	}
3916 
3917 	ar->ani_enabled = true;
3918 
3919 	ar->num_started_vdevs = 0;
3920 	ath10k_regd_update(ar);
3921 
3922 	ath10k_spectral_start(ar);
3923 	ath10k_thermal_set_throttling(ar);
3924 
3925 	mutex_unlock(&ar->conf_mutex);
3926 	return 0;
3927 
3928 err_core_stop:
3929 	ath10k_core_stop(ar);
3930 
3931 err_power_down:
3932 	ath10k_hif_power_down(ar);
3933 
3934 err_off:
3935 	ar->state = ATH10K_STATE_OFF;
3936 
3937 err:
3938 	mutex_unlock(&ar->conf_mutex);
3939 	return ret;
3940 }
3941 
3942 static void ath10k_stop(struct ieee80211_hw *hw)
3943 {
3944 	struct ath10k *ar = hw->priv;
3945 
3946 	ath10k_drain_tx(ar);
3947 
3948 	mutex_lock(&ar->conf_mutex);
3949 	if (ar->state != ATH10K_STATE_OFF) {
3950 		ath10k_halt(ar);
3951 		ar->state = ATH10K_STATE_OFF;
3952 	}
3953 	mutex_unlock(&ar->conf_mutex);
3954 
3955 	cancel_delayed_work_sync(&ar->scan.timeout);
3956 	cancel_work_sync(&ar->restart_work);
3957 }
3958 
3959 static int ath10k_config_ps(struct ath10k *ar)
3960 {
3961 	struct ath10k_vif *arvif;
3962 	int ret = 0;
3963 
3964 	lockdep_assert_held(&ar->conf_mutex);
3965 
3966 	list_for_each_entry(arvif, &ar->arvifs, list) {
3967 		ret = ath10k_mac_vif_setup_ps(arvif);
3968 		if (ret) {
3969 			ath10k_warn(ar, "failed to setup powersave: %d\n", ret);
3970 			break;
3971 		}
3972 	}
3973 
3974 	return ret;
3975 }
3976 
3977 static int ath10k_mac_txpower_setup(struct ath10k *ar, int txpower)
3978 {
3979 	int ret;
3980 	u32 param;
3981 
3982 	lockdep_assert_held(&ar->conf_mutex);
3983 
3984 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac txpower %d\n", txpower);
3985 
3986 	param = ar->wmi.pdev_param->txpower_limit2g;
3987 	ret = ath10k_wmi_pdev_set_param(ar, param, txpower * 2);
3988 	if (ret) {
3989 		ath10k_warn(ar, "failed to set 2g txpower %d: %d\n",
3990 			    txpower, ret);
3991 		return ret;
3992 	}
3993 
3994 	param = ar->wmi.pdev_param->txpower_limit5g;
3995 	ret = ath10k_wmi_pdev_set_param(ar, param, txpower * 2);
3996 	if (ret) {
3997 		ath10k_warn(ar, "failed to set 5g txpower %d: %d\n",
3998 			    txpower, ret);
3999 		return ret;
4000 	}
4001 
4002 	return 0;
4003 }
4004 
4005 static int ath10k_mac_txpower_recalc(struct ath10k *ar)
4006 {
4007 	struct ath10k_vif *arvif;
4008 	int ret, txpower = -1;
4009 
4010 	lockdep_assert_held(&ar->conf_mutex);
4011 
4012 	list_for_each_entry(arvif, &ar->arvifs, list) {
4013 		WARN_ON(arvif->txpower < 0);
4014 
4015 		if (txpower == -1)
4016 			txpower = arvif->txpower;
4017 		else
4018 			txpower = min(txpower, arvif->txpower);
4019 	}
4020 
4021 	if (WARN_ON(txpower == -1))
4022 		return -EINVAL;
4023 
4024 	ret = ath10k_mac_txpower_setup(ar, txpower);
4025 	if (ret) {
4026 		ath10k_warn(ar, "failed to setup tx power %d: %d\n",
4027 			    txpower, ret);
4028 		return ret;
4029 	}
4030 
4031 	return 0;
4032 }
4033 
4034 static int ath10k_config(struct ieee80211_hw *hw, u32 changed)
4035 {
4036 	struct ath10k *ar = hw->priv;
4037 	struct ieee80211_conf *conf = &hw->conf;
4038 	int ret = 0;
4039 
4040 	mutex_lock(&ar->conf_mutex);
4041 
4042 	if (changed & IEEE80211_CONF_CHANGE_PS)
4043 		ath10k_config_ps(ar);
4044 
4045 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
4046 		ar->monitor = conf->flags & IEEE80211_CONF_MONITOR;
4047 		ret = ath10k_monitor_recalc(ar);
4048 		if (ret)
4049 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
4050 	}
4051 
4052 	mutex_unlock(&ar->conf_mutex);
4053 	return ret;
4054 }
4055 
4056 static u32 get_nss_from_chainmask(u16 chain_mask)
4057 {
4058 	if ((chain_mask & 0x15) == 0x15)
4059 		return 4;
4060 	else if ((chain_mask & 0x7) == 0x7)
4061 		return 3;
4062 	else if ((chain_mask & 0x3) == 0x3)
4063 		return 2;
4064 	return 1;
4065 }
4066 
4067 static int ath10k_mac_set_txbf_conf(struct ath10k_vif *arvif)
4068 {
4069 	u32 value = 0;
4070 	struct ath10k *ar = arvif->ar;
4071 
4072 	if (ath10k_wmi_get_txbf_conf_scheme(ar) != WMI_TXBF_CONF_BEFORE_ASSOC)
4073 		return 0;
4074 
4075 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
4076 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE))
4077 		value |= SM((ar->num_rf_chains - 1), WMI_TXBF_STS_CAP_OFFSET);
4078 
4079 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
4080 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE))
4081 		value |= SM((ar->num_rf_chains - 1), WMI_BF_SOUND_DIM_OFFSET);
4082 
4083 	if (!value)
4084 		return 0;
4085 
4086 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE)
4087 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFER;
4088 
4089 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)
4090 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFER |
4091 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFER);
4092 
4093 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE)
4094 		value |= WMI_VDEV_PARAM_TXBF_SU_TX_BFEE;
4095 
4096 	if (ar->vht_cap_info & IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)
4097 		value |= (WMI_VDEV_PARAM_TXBF_MU_TX_BFEE |
4098 			  WMI_VDEV_PARAM_TXBF_SU_TX_BFEE);
4099 
4100 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
4101 					 ar->wmi.vdev_param->txbf, value);
4102 }
4103 
4104 /*
4105  * TODO:
4106  * Figure out how to handle WMI_VDEV_SUBTYPE_P2P_DEVICE,
4107  * because we will send mgmt frames without CCK. This requirement
4108  * for P2P_FIND/GO_NEG should be handled by checking CCK flag
4109  * in the TX packet.
4110  */
4111 static int ath10k_add_interface(struct ieee80211_hw *hw,
4112 				struct ieee80211_vif *vif)
4113 {
4114 	struct ath10k *ar = hw->priv;
4115 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4116 	enum wmi_sta_powersave_param param;
4117 	int ret = 0;
4118 	u32 value;
4119 	int bit;
4120 	int i;
4121 	u32 vdev_param;
4122 
4123 	vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD;
4124 
4125 	mutex_lock(&ar->conf_mutex);
4126 
4127 	memset(arvif, 0, sizeof(*arvif));
4128 
4129 	arvif->ar = ar;
4130 	arvif->vif = vif;
4131 
4132 	INIT_LIST_HEAD(&arvif->list);
4133 	INIT_WORK(&arvif->ap_csa_work, ath10k_mac_vif_ap_csa_work);
4134 	INIT_DELAYED_WORK(&arvif->connection_loss_work,
4135 			  ath10k_mac_vif_sta_connection_loss_work);
4136 
4137 	for (i = 0; i < ARRAY_SIZE(arvif->bitrate_mask.control); i++) {
4138 		arvif->bitrate_mask.control[i].legacy = 0xffffffff;
4139 		memset(arvif->bitrate_mask.control[i].ht_mcs, 0xff,
4140 		       sizeof(arvif->bitrate_mask.control[i].ht_mcs));
4141 		memset(arvif->bitrate_mask.control[i].vht_mcs, 0xff,
4142 		       sizeof(arvif->bitrate_mask.control[i].vht_mcs));
4143 	}
4144 
4145 	if (ar->num_peers >= ar->max_num_peers) {
4146 		ath10k_warn(ar, "refusing vdev creation due to insufficient peer entry resources in firmware\n");
4147 		ret = -ENOBUFS;
4148 		goto err;
4149 	}
4150 
4151 	if (ar->free_vdev_map == 0) {
4152 		ath10k_warn(ar, "Free vdev map is empty, no more interfaces allowed.\n");
4153 		ret = -EBUSY;
4154 		goto err;
4155 	}
4156 	bit = __ffs64(ar->free_vdev_map);
4157 
4158 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac create vdev %i map %llx\n",
4159 		   bit, ar->free_vdev_map);
4160 
4161 	arvif->vdev_id = bit;
4162 	arvif->vdev_subtype = WMI_VDEV_SUBTYPE_NONE;
4163 
4164 	switch (vif->type) {
4165 	case NL80211_IFTYPE_P2P_DEVICE:
4166 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
4167 		arvif->vdev_subtype = WMI_VDEV_SUBTYPE_P2P_DEVICE;
4168 		break;
4169 	case NL80211_IFTYPE_UNSPECIFIED:
4170 	case NL80211_IFTYPE_STATION:
4171 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
4172 		if (vif->p2p)
4173 			arvif->vdev_subtype = WMI_VDEV_SUBTYPE_P2P_CLIENT;
4174 		break;
4175 	case NL80211_IFTYPE_ADHOC:
4176 		arvif->vdev_type = WMI_VDEV_TYPE_IBSS;
4177 		break;
4178 	case NL80211_IFTYPE_AP:
4179 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
4180 
4181 		if (vif->p2p)
4182 			arvif->vdev_subtype = WMI_VDEV_SUBTYPE_P2P_GO;
4183 		break;
4184 	case NL80211_IFTYPE_MONITOR:
4185 		arvif->vdev_type = WMI_VDEV_TYPE_MONITOR;
4186 		break;
4187 	default:
4188 		WARN_ON(1);
4189 		break;
4190 	}
4191 
4192 	/* Using vdev_id as queue number will make it very easy to do per-vif
4193 	 * tx queue locking. This shouldn't wrap due to interface combinations
4194 	 * but do a modulo for correctness sake and prevent using offchannel tx
4195 	 * queues for regular vif tx.
4196 	 */
4197 	vif->cab_queue = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
4198 	for (i = 0; i < ARRAY_SIZE(vif->hw_queue); i++)
4199 		vif->hw_queue[i] = arvif->vdev_id % (IEEE80211_MAX_QUEUES - 1);
4200 
4201 	/* Some firmware revisions don't wait for beacon tx completion before
4202 	 * sending another SWBA event. This could lead to hardware using old
4203 	 * (freed) beacon data in some cases, e.g. tx credit starvation
4204 	 * combined with missed TBTT. This is very very rare.
4205 	 *
4206 	 * On non-IOMMU-enabled hosts this could be a possible security issue
4207 	 * because hw could beacon some random data on the air.  On
4208 	 * IOMMU-enabled hosts DMAR faults would occur in most cases and target
4209 	 * device would crash.
4210 	 *
4211 	 * Since there are no beacon tx completions (implicit nor explicit)
4212 	 * propagated to host the only workaround for this is to allocate a
4213 	 * DMA-coherent buffer for a lifetime of a vif and use it for all
4214 	 * beacon tx commands. Worst case for this approach is some beacons may
4215 	 * become corrupted, e.g. have garbled IEs or out-of-date TIM bitmap.
4216 	 */
4217 	if (vif->type == NL80211_IFTYPE_ADHOC ||
4218 	    vif->type == NL80211_IFTYPE_AP) {
4219 		arvif->beacon_buf = dma_zalloc_coherent(ar->dev,
4220 							IEEE80211_MAX_FRAME_LEN,
4221 							&arvif->beacon_paddr,
4222 							GFP_ATOMIC);
4223 		if (!arvif->beacon_buf) {
4224 			ret = -ENOMEM;
4225 			ath10k_warn(ar, "failed to allocate beacon buffer: %d\n",
4226 				    ret);
4227 			goto err;
4228 		}
4229 	}
4230 	if (test_bit(ATH10K_FLAG_HW_CRYPTO_DISABLED, &ar->dev_flags))
4231 		arvif->nohwcrypt = true;
4232 
4233 	if (arvif->nohwcrypt &&
4234 	    !test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) {
4235 		ath10k_warn(ar, "cryptmode module param needed for sw crypto\n");
4236 		goto err;
4237 	}
4238 
4239 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev create %d (add interface) type %d subtype %d bcnmode %s\n",
4240 		   arvif->vdev_id, arvif->vdev_type, arvif->vdev_subtype,
4241 		   arvif->beacon_buf ? "single-buf" : "per-skb");
4242 
4243 	ret = ath10k_wmi_vdev_create(ar, arvif->vdev_id, arvif->vdev_type,
4244 				     arvif->vdev_subtype, vif->addr);
4245 	if (ret) {
4246 		ath10k_warn(ar, "failed to create WMI vdev %i: %d\n",
4247 			    arvif->vdev_id, ret);
4248 		goto err;
4249 	}
4250 
4251 	ar->free_vdev_map &= ~(1LL << arvif->vdev_id);
4252 	list_add(&arvif->list, &ar->arvifs);
4253 
4254 	/* It makes no sense to have firmware do keepalives. mac80211 already
4255 	 * takes care of this with idle connection polling.
4256 	 */
4257 	ret = ath10k_mac_vif_disable_keepalive(arvif);
4258 	if (ret) {
4259 		ath10k_warn(ar, "failed to disable keepalive on vdev %i: %d\n",
4260 			    arvif->vdev_id, ret);
4261 		goto err_vdev_delete;
4262 	}
4263 
4264 	arvif->def_wep_key_idx = -1;
4265 
4266 	vdev_param = ar->wmi.vdev_param->tx_encap_type;
4267 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4268 					ATH10K_HW_TXRX_NATIVE_WIFI);
4269 	/* 10.X firmware does not support this VDEV parameter. Do not warn */
4270 	if (ret && ret != -EOPNOTSUPP) {
4271 		ath10k_warn(ar, "failed to set vdev %i TX encapsulation: %d\n",
4272 			    arvif->vdev_id, ret);
4273 		goto err_vdev_delete;
4274 	}
4275 
4276 	if (ar->cfg_tx_chainmask) {
4277 		u16 nss = get_nss_from_chainmask(ar->cfg_tx_chainmask);
4278 
4279 		vdev_param = ar->wmi.vdev_param->nss;
4280 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4281 						nss);
4282 		if (ret) {
4283 			ath10k_warn(ar, "failed to set vdev %i chainmask 0x%x, nss %i: %d\n",
4284 				    arvif->vdev_id, ar->cfg_tx_chainmask, nss,
4285 				    ret);
4286 			goto err_vdev_delete;
4287 		}
4288 	}
4289 
4290 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
4291 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
4292 		ret = ath10k_peer_create(ar, arvif->vdev_id, vif->addr,
4293 					 WMI_PEER_TYPE_DEFAULT);
4294 		if (ret) {
4295 			ath10k_warn(ar, "failed to create vdev %i peer for AP/IBSS: %d\n",
4296 				    arvif->vdev_id, ret);
4297 			goto err_vdev_delete;
4298 		}
4299 	}
4300 
4301 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
4302 		ret = ath10k_mac_set_kickout(arvif);
4303 		if (ret) {
4304 			ath10k_warn(ar, "failed to set vdev %i kickout parameters: %d\n",
4305 				    arvif->vdev_id, ret);
4306 			goto err_peer_delete;
4307 		}
4308 	}
4309 
4310 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
4311 		param = WMI_STA_PS_PARAM_RX_WAKE_POLICY;
4312 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
4313 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
4314 						  param, value);
4315 		if (ret) {
4316 			ath10k_warn(ar, "failed to set vdev %i RX wake policy: %d\n",
4317 				    arvif->vdev_id, ret);
4318 			goto err_peer_delete;
4319 		}
4320 
4321 		ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
4322 		if (ret) {
4323 			ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
4324 				    arvif->vdev_id, ret);
4325 			goto err_peer_delete;
4326 		}
4327 
4328 		ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
4329 		if (ret) {
4330 			ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
4331 				    arvif->vdev_id, ret);
4332 			goto err_peer_delete;
4333 		}
4334 	}
4335 
4336 	ret = ath10k_mac_set_txbf_conf(arvif);
4337 	if (ret) {
4338 		ath10k_warn(ar, "failed to set txbf for vdev %d: %d\n",
4339 			    arvif->vdev_id, ret);
4340 		goto err_peer_delete;
4341 	}
4342 
4343 	ret = ath10k_mac_set_rts(arvif, ar->hw->wiphy->rts_threshold);
4344 	if (ret) {
4345 		ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
4346 			    arvif->vdev_id, ret);
4347 		goto err_peer_delete;
4348 	}
4349 
4350 	arvif->txpower = vif->bss_conf.txpower;
4351 	ret = ath10k_mac_txpower_recalc(ar);
4352 	if (ret) {
4353 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
4354 		goto err_peer_delete;
4355 	}
4356 
4357 	if (vif->type == NL80211_IFTYPE_MONITOR) {
4358 		ar->monitor_arvif = arvif;
4359 		ret = ath10k_monitor_recalc(ar);
4360 		if (ret) {
4361 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
4362 			goto err_peer_delete;
4363 		}
4364 	}
4365 
4366 	spin_lock_bh(&ar->htt.tx_lock);
4367 	if (!ar->tx_paused)
4368 		ieee80211_wake_queue(ar->hw, arvif->vdev_id);
4369 	spin_unlock_bh(&ar->htt.tx_lock);
4370 
4371 	mutex_unlock(&ar->conf_mutex);
4372 	return 0;
4373 
4374 err_peer_delete:
4375 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
4376 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS)
4377 		ath10k_wmi_peer_delete(ar, arvif->vdev_id, vif->addr);
4378 
4379 err_vdev_delete:
4380 	ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
4381 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
4382 	list_del(&arvif->list);
4383 
4384 err:
4385 	if (arvif->beacon_buf) {
4386 		dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
4387 				  arvif->beacon_buf, arvif->beacon_paddr);
4388 		arvif->beacon_buf = NULL;
4389 	}
4390 
4391 	mutex_unlock(&ar->conf_mutex);
4392 
4393 	return ret;
4394 }
4395 
4396 static void ath10k_mac_vif_tx_unlock_all(struct ath10k_vif *arvif)
4397 {
4398 	int i;
4399 
4400 	for (i = 0; i < BITS_PER_LONG; i++)
4401 		ath10k_mac_vif_tx_unlock(arvif, i);
4402 }
4403 
4404 static void ath10k_remove_interface(struct ieee80211_hw *hw,
4405 				    struct ieee80211_vif *vif)
4406 {
4407 	struct ath10k *ar = hw->priv;
4408 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4409 	int ret;
4410 
4411 	cancel_work_sync(&arvif->ap_csa_work);
4412 	cancel_delayed_work_sync(&arvif->connection_loss_work);
4413 
4414 	mutex_lock(&ar->conf_mutex);
4415 
4416 	spin_lock_bh(&ar->data_lock);
4417 	ath10k_mac_vif_beacon_cleanup(arvif);
4418 	spin_unlock_bh(&ar->data_lock);
4419 
4420 	ret = ath10k_spectral_vif_stop(arvif);
4421 	if (ret)
4422 		ath10k_warn(ar, "failed to stop spectral for vdev %i: %d\n",
4423 			    arvif->vdev_id, ret);
4424 
4425 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
4426 	list_del(&arvif->list);
4427 
4428 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
4429 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
4430 		ret = ath10k_wmi_peer_delete(arvif->ar, arvif->vdev_id,
4431 					     vif->addr);
4432 		if (ret)
4433 			ath10k_warn(ar, "failed to submit AP/IBSS self-peer removal on vdev %i: %d\n",
4434 				    arvif->vdev_id, ret);
4435 
4436 		kfree(arvif->u.ap.noa_data);
4437 	}
4438 
4439 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i delete (remove interface)\n",
4440 		   arvif->vdev_id);
4441 
4442 	ret = ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
4443 	if (ret)
4444 		ath10k_warn(ar, "failed to delete WMI vdev %i: %d\n",
4445 			    arvif->vdev_id, ret);
4446 
4447 	/* Some firmware revisions don't notify host about self-peer removal
4448 	 * until after associated vdev is deleted.
4449 	 */
4450 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP ||
4451 	    arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
4452 		ret = ath10k_wait_for_peer_deleted(ar, arvif->vdev_id,
4453 						   vif->addr);
4454 		if (ret)
4455 			ath10k_warn(ar, "failed to remove AP self-peer on vdev %i: %d\n",
4456 				    arvif->vdev_id, ret);
4457 
4458 		spin_lock_bh(&ar->data_lock);
4459 		ar->num_peers--;
4460 		spin_unlock_bh(&ar->data_lock);
4461 	}
4462 
4463 	ath10k_peer_cleanup(ar, arvif->vdev_id);
4464 
4465 	if (vif->type == NL80211_IFTYPE_MONITOR) {
4466 		ar->monitor_arvif = NULL;
4467 		ret = ath10k_monitor_recalc(ar);
4468 		if (ret)
4469 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
4470 	}
4471 
4472 	spin_lock_bh(&ar->htt.tx_lock);
4473 	ath10k_mac_vif_tx_unlock_all(arvif);
4474 	spin_unlock_bh(&ar->htt.tx_lock);
4475 
4476 	mutex_unlock(&ar->conf_mutex);
4477 }
4478 
4479 /*
4480  * FIXME: Has to be verified.
4481  */
4482 #define SUPPORTED_FILTERS			\
4483 	(FIF_ALLMULTI |				\
4484 	FIF_CONTROL |				\
4485 	FIF_PSPOLL |				\
4486 	FIF_OTHER_BSS |				\
4487 	FIF_BCN_PRBRESP_PROMISC |		\
4488 	FIF_PROBE_REQ |				\
4489 	FIF_FCSFAIL)
4490 
4491 static void ath10k_configure_filter(struct ieee80211_hw *hw,
4492 				    unsigned int changed_flags,
4493 				    unsigned int *total_flags,
4494 				    u64 multicast)
4495 {
4496 	struct ath10k *ar = hw->priv;
4497 	int ret;
4498 
4499 	mutex_lock(&ar->conf_mutex);
4500 
4501 	changed_flags &= SUPPORTED_FILTERS;
4502 	*total_flags &= SUPPORTED_FILTERS;
4503 	ar->filter_flags = *total_flags;
4504 
4505 	ret = ath10k_monitor_recalc(ar);
4506 	if (ret)
4507 		ath10k_warn(ar, "failed to recalc montior: %d\n", ret);
4508 
4509 	mutex_unlock(&ar->conf_mutex);
4510 }
4511 
4512 static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
4513 				    struct ieee80211_vif *vif,
4514 				    struct ieee80211_bss_conf *info,
4515 				    u32 changed)
4516 {
4517 	struct ath10k *ar = hw->priv;
4518 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4519 	int ret = 0;
4520 	u32 vdev_param, pdev_param, slottime, preamble;
4521 
4522 	mutex_lock(&ar->conf_mutex);
4523 
4524 	if (changed & BSS_CHANGED_IBSS)
4525 		ath10k_control_ibss(arvif, info, vif->addr);
4526 
4527 	if (changed & BSS_CHANGED_BEACON_INT) {
4528 		arvif->beacon_interval = info->beacon_int;
4529 		vdev_param = ar->wmi.vdev_param->beacon_interval;
4530 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4531 						arvif->beacon_interval);
4532 		ath10k_dbg(ar, ATH10K_DBG_MAC,
4533 			   "mac vdev %d beacon_interval %d\n",
4534 			   arvif->vdev_id, arvif->beacon_interval);
4535 
4536 		if (ret)
4537 			ath10k_warn(ar, "failed to set beacon interval for vdev %d: %i\n",
4538 				    arvif->vdev_id, ret);
4539 	}
4540 
4541 	if (changed & BSS_CHANGED_BEACON) {
4542 		ath10k_dbg(ar, ATH10K_DBG_MAC,
4543 			   "vdev %d set beacon tx mode to staggered\n",
4544 			   arvif->vdev_id);
4545 
4546 		pdev_param = ar->wmi.pdev_param->beacon_tx_mode;
4547 		ret = ath10k_wmi_pdev_set_param(ar, pdev_param,
4548 						WMI_BEACON_STAGGERED_MODE);
4549 		if (ret)
4550 			ath10k_warn(ar, "failed to set beacon mode for vdev %d: %i\n",
4551 				    arvif->vdev_id, ret);
4552 
4553 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
4554 		if (ret)
4555 			ath10k_warn(ar, "failed to update beacon template: %d\n",
4556 				    ret);
4557 	}
4558 
4559 	if (changed & BSS_CHANGED_AP_PROBE_RESP) {
4560 		ret = ath10k_mac_setup_prb_tmpl(arvif);
4561 		if (ret)
4562 			ath10k_warn(ar, "failed to setup probe resp template on vdev %i: %d\n",
4563 				    arvif->vdev_id, ret);
4564 	}
4565 
4566 	if (changed & (BSS_CHANGED_BEACON_INFO | BSS_CHANGED_BEACON)) {
4567 		arvif->dtim_period = info->dtim_period;
4568 
4569 		ath10k_dbg(ar, ATH10K_DBG_MAC,
4570 			   "mac vdev %d dtim_period %d\n",
4571 			   arvif->vdev_id, arvif->dtim_period);
4572 
4573 		vdev_param = ar->wmi.vdev_param->dtim_period;
4574 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4575 						arvif->dtim_period);
4576 		if (ret)
4577 			ath10k_warn(ar, "failed to set dtim period for vdev %d: %i\n",
4578 				    arvif->vdev_id, ret);
4579 	}
4580 
4581 	if (changed & BSS_CHANGED_SSID &&
4582 	    vif->type == NL80211_IFTYPE_AP) {
4583 		arvif->u.ap.ssid_len = info->ssid_len;
4584 		if (info->ssid_len)
4585 			memcpy(arvif->u.ap.ssid, info->ssid, info->ssid_len);
4586 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
4587 	}
4588 
4589 	if (changed & BSS_CHANGED_BSSID && !is_zero_ether_addr(info->bssid))
4590 		ether_addr_copy(arvif->bssid, info->bssid);
4591 
4592 	if (changed & BSS_CHANGED_BEACON_ENABLED)
4593 		ath10k_control_beaconing(arvif, info);
4594 
4595 	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
4596 		arvif->use_cts_prot = info->use_cts_prot;
4597 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d cts_prot %d\n",
4598 			   arvif->vdev_id, info->use_cts_prot);
4599 
4600 		ret = ath10k_recalc_rtscts_prot(arvif);
4601 		if (ret)
4602 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
4603 				    arvif->vdev_id, ret);
4604 
4605 		vdev_param = ar->wmi.vdev_param->protection_mode;
4606 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4607 						info->use_cts_prot ? 1 : 0);
4608 		if (ret)
4609 			ath10k_warn(ar, "failed to set protection mode %d on vdev %i: %d\n",
4610 					info->use_cts_prot, arvif->vdev_id, ret);
4611 	}
4612 
4613 	if (changed & BSS_CHANGED_ERP_SLOT) {
4614 		if (info->use_short_slot)
4615 			slottime = WMI_VDEV_SLOT_TIME_SHORT; /* 9us */
4616 
4617 		else
4618 			slottime = WMI_VDEV_SLOT_TIME_LONG; /* 20us */
4619 
4620 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d slot_time %d\n",
4621 			   arvif->vdev_id, slottime);
4622 
4623 		vdev_param = ar->wmi.vdev_param->slot_time;
4624 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4625 						slottime);
4626 		if (ret)
4627 			ath10k_warn(ar, "failed to set erp slot for vdev %d: %i\n",
4628 				    arvif->vdev_id, ret);
4629 	}
4630 
4631 	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
4632 		if (info->use_short_preamble)
4633 			preamble = WMI_VDEV_PREAMBLE_SHORT;
4634 		else
4635 			preamble = WMI_VDEV_PREAMBLE_LONG;
4636 
4637 		ath10k_dbg(ar, ATH10K_DBG_MAC,
4638 			   "mac vdev %d preamble %dn",
4639 			   arvif->vdev_id, preamble);
4640 
4641 		vdev_param = ar->wmi.vdev_param->preamble;
4642 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4643 						preamble);
4644 		if (ret)
4645 			ath10k_warn(ar, "failed to set preamble for vdev %d: %i\n",
4646 				    arvif->vdev_id, ret);
4647 	}
4648 
4649 	if (changed & BSS_CHANGED_ASSOC) {
4650 		if (info->assoc) {
4651 			/* Workaround: Make sure monitor vdev is not running
4652 			 * when associating to prevent some firmware revisions
4653 			 * (e.g. 10.1 and 10.2) from crashing.
4654 			 */
4655 			if (ar->monitor_started)
4656 				ath10k_monitor_stop(ar);
4657 			ath10k_bss_assoc(hw, vif, info);
4658 			ath10k_monitor_recalc(ar);
4659 		} else {
4660 			ath10k_bss_disassoc(hw, vif);
4661 		}
4662 	}
4663 
4664 	if (changed & BSS_CHANGED_TXPOWER) {
4665 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev_id %i txpower %d\n",
4666 			   arvif->vdev_id, info->txpower);
4667 
4668 		arvif->txpower = info->txpower;
4669 		ret = ath10k_mac_txpower_recalc(ar);
4670 		if (ret)
4671 			ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
4672 	}
4673 
4674 	if (changed & BSS_CHANGED_PS) {
4675 		arvif->ps = vif->bss_conf.ps;
4676 
4677 		ret = ath10k_config_ps(ar);
4678 		if (ret)
4679 			ath10k_warn(ar, "failed to setup ps on vdev %i: %d\n",
4680 				    arvif->vdev_id, ret);
4681 	}
4682 
4683 	mutex_unlock(&ar->conf_mutex);
4684 }
4685 
4686 static int ath10k_hw_scan(struct ieee80211_hw *hw,
4687 			  struct ieee80211_vif *vif,
4688 			  struct ieee80211_scan_request *hw_req)
4689 {
4690 	struct ath10k *ar = hw->priv;
4691 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4692 	struct cfg80211_scan_request *req = &hw_req->req;
4693 	struct wmi_start_scan_arg arg;
4694 	int ret = 0;
4695 	int i;
4696 
4697 	mutex_lock(&ar->conf_mutex);
4698 
4699 	spin_lock_bh(&ar->data_lock);
4700 	switch (ar->scan.state) {
4701 	case ATH10K_SCAN_IDLE:
4702 		reinit_completion(&ar->scan.started);
4703 		reinit_completion(&ar->scan.completed);
4704 		ar->scan.state = ATH10K_SCAN_STARTING;
4705 		ar->scan.is_roc = false;
4706 		ar->scan.vdev_id = arvif->vdev_id;
4707 		ret = 0;
4708 		break;
4709 	case ATH10K_SCAN_STARTING:
4710 	case ATH10K_SCAN_RUNNING:
4711 	case ATH10K_SCAN_ABORTING:
4712 		ret = -EBUSY;
4713 		break;
4714 	}
4715 	spin_unlock_bh(&ar->data_lock);
4716 
4717 	if (ret)
4718 		goto exit;
4719 
4720 	memset(&arg, 0, sizeof(arg));
4721 	ath10k_wmi_start_scan_init(ar, &arg);
4722 	arg.vdev_id = arvif->vdev_id;
4723 	arg.scan_id = ATH10K_SCAN_ID;
4724 
4725 	if (req->ie_len) {
4726 		arg.ie_len = req->ie_len;
4727 		memcpy(arg.ie, req->ie, arg.ie_len);
4728 	}
4729 
4730 	if (req->n_ssids) {
4731 		arg.n_ssids = req->n_ssids;
4732 		for (i = 0; i < arg.n_ssids; i++) {
4733 			arg.ssids[i].len  = req->ssids[i].ssid_len;
4734 			arg.ssids[i].ssid = req->ssids[i].ssid;
4735 		}
4736 	} else {
4737 		arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
4738 	}
4739 
4740 	if (req->n_channels) {
4741 		arg.n_channels = req->n_channels;
4742 		for (i = 0; i < arg.n_channels; i++)
4743 			arg.channels[i] = req->channels[i]->center_freq;
4744 	}
4745 
4746 	ret = ath10k_start_scan(ar, &arg);
4747 	if (ret) {
4748 		ath10k_warn(ar, "failed to start hw scan: %d\n", ret);
4749 		spin_lock_bh(&ar->data_lock);
4750 		ar->scan.state = ATH10K_SCAN_IDLE;
4751 		spin_unlock_bh(&ar->data_lock);
4752 	}
4753 
4754 exit:
4755 	mutex_unlock(&ar->conf_mutex);
4756 	return ret;
4757 }
4758 
4759 static void ath10k_cancel_hw_scan(struct ieee80211_hw *hw,
4760 				  struct ieee80211_vif *vif)
4761 {
4762 	struct ath10k *ar = hw->priv;
4763 
4764 	mutex_lock(&ar->conf_mutex);
4765 	ath10k_scan_abort(ar);
4766 	mutex_unlock(&ar->conf_mutex);
4767 
4768 	cancel_delayed_work_sync(&ar->scan.timeout);
4769 }
4770 
4771 static void ath10k_set_key_h_def_keyidx(struct ath10k *ar,
4772 					struct ath10k_vif *arvif,
4773 					enum set_key_cmd cmd,
4774 					struct ieee80211_key_conf *key)
4775 {
4776 	u32 vdev_param = arvif->ar->wmi.vdev_param->def_keyid;
4777 	int ret;
4778 
4779 	/* 10.1 firmware branch requires default key index to be set to group
4780 	 * key index after installing it. Otherwise FW/HW Txes corrupted
4781 	 * frames with multi-vif APs. This is not required for main firmware
4782 	 * branch (e.g. 636).
4783 	 *
4784 	 * This is also needed for 636 fw for IBSS-RSN to work more reliably.
4785 	 *
4786 	 * FIXME: It remains unknown if this is required for multi-vif STA
4787 	 * interfaces on 10.1.
4788 	 */
4789 
4790 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
4791 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
4792 		return;
4793 
4794 	if (key->cipher == WLAN_CIPHER_SUITE_WEP40)
4795 		return;
4796 
4797 	if (key->cipher == WLAN_CIPHER_SUITE_WEP104)
4798 		return;
4799 
4800 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
4801 		return;
4802 
4803 	if (cmd != SET_KEY)
4804 		return;
4805 
4806 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4807 					key->keyidx);
4808 	if (ret)
4809 		ath10k_warn(ar, "failed to set vdev %i group key as default key: %d\n",
4810 			    arvif->vdev_id, ret);
4811 }
4812 
4813 static int ath10k_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
4814 			  struct ieee80211_vif *vif, struct ieee80211_sta *sta,
4815 			  struct ieee80211_key_conf *key)
4816 {
4817 	struct ath10k *ar = hw->priv;
4818 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4819 	struct ath10k_peer *peer;
4820 	const u8 *peer_addr;
4821 	bool is_wep = key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
4822 		      key->cipher == WLAN_CIPHER_SUITE_WEP104;
4823 	int ret = 0;
4824 	int ret2;
4825 	u32 flags = 0;
4826 	u32 flags2;
4827 
4828 	/* this one needs to be done in software */
4829 	if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC)
4830 		return 1;
4831 
4832 	if (arvif->nohwcrypt)
4833 		return 1;
4834 
4835 	if (key->keyidx > WMI_MAX_KEY_INDEX)
4836 		return -ENOSPC;
4837 
4838 	mutex_lock(&ar->conf_mutex);
4839 
4840 	if (sta)
4841 		peer_addr = sta->addr;
4842 	else if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
4843 		peer_addr = vif->bss_conf.bssid;
4844 	else
4845 		peer_addr = vif->addr;
4846 
4847 	key->hw_key_idx = key->keyidx;
4848 
4849 	if (is_wep) {
4850 		if (cmd == SET_KEY)
4851 			arvif->wep_keys[key->keyidx] = key;
4852 		else
4853 			arvif->wep_keys[key->keyidx] = NULL;
4854 	}
4855 
4856 	/* the peer should not disappear in mid-way (unless FW goes awry) since
4857 	 * we already hold conf_mutex. we just make sure its there now. */
4858 	spin_lock_bh(&ar->data_lock);
4859 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
4860 	spin_unlock_bh(&ar->data_lock);
4861 
4862 	if (!peer) {
4863 		if (cmd == SET_KEY) {
4864 			ath10k_warn(ar, "failed to install key for non-existent peer %pM\n",
4865 				    peer_addr);
4866 			ret = -EOPNOTSUPP;
4867 			goto exit;
4868 		} else {
4869 			/* if the peer doesn't exist there is no key to disable
4870 			 * anymore */
4871 			goto exit;
4872 		}
4873 	}
4874 
4875 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
4876 		flags |= WMI_KEY_PAIRWISE;
4877 	else
4878 		flags |= WMI_KEY_GROUP;
4879 
4880 	if (is_wep) {
4881 		if (cmd == DISABLE_KEY)
4882 			ath10k_clear_vdev_key(arvif, key);
4883 
4884 		/* When WEP keys are uploaded it's possible that there are
4885 		 * stations associated already (e.g. when merging) without any
4886 		 * keys. Static WEP needs an explicit per-peer key upload.
4887 		 */
4888 		if (vif->type == NL80211_IFTYPE_ADHOC &&
4889 		    cmd == SET_KEY)
4890 			ath10k_mac_vif_update_wep_key(arvif, key);
4891 
4892 		/* 802.1x never sets the def_wep_key_idx so each set_key()
4893 		 * call changes default tx key.
4894 		 *
4895 		 * Static WEP sets def_wep_key_idx via .set_default_unicast_key
4896 		 * after first set_key().
4897 		 */
4898 		if (cmd == SET_KEY && arvif->def_wep_key_idx == -1)
4899 			flags |= WMI_KEY_TX_USAGE;
4900 	}
4901 
4902 	ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags);
4903 	if (ret) {
4904 		WARN_ON(ret > 0);
4905 		ath10k_warn(ar, "failed to install key for vdev %i peer %pM: %d\n",
4906 			    arvif->vdev_id, peer_addr, ret);
4907 		goto exit;
4908 	}
4909 
4910 	/* mac80211 sets static WEP keys as groupwise while firmware requires
4911 	 * them to be installed twice as both pairwise and groupwise.
4912 	 */
4913 	if (is_wep && !sta && vif->type == NL80211_IFTYPE_STATION) {
4914 		flags2 = flags;
4915 		flags2 &= ~WMI_KEY_GROUP;
4916 		flags2 |= WMI_KEY_PAIRWISE;
4917 
4918 		ret = ath10k_install_key(arvif, key, cmd, peer_addr, flags2);
4919 		if (ret) {
4920 			WARN_ON(ret > 0);
4921 			ath10k_warn(ar, "failed to install (ucast) key for vdev %i peer %pM: %d\n",
4922 				    arvif->vdev_id, peer_addr, ret);
4923 			ret2 = ath10k_install_key(arvif, key, DISABLE_KEY,
4924 						  peer_addr, flags);
4925 			if (ret2) {
4926 				WARN_ON(ret2 > 0);
4927 				ath10k_warn(ar, "failed to disable (mcast) key for vdev %i peer %pM: %d\n",
4928 					    arvif->vdev_id, peer_addr, ret2);
4929 			}
4930 			goto exit;
4931 		}
4932 	}
4933 
4934 	ath10k_set_key_h_def_keyidx(ar, arvif, cmd, key);
4935 
4936 	spin_lock_bh(&ar->data_lock);
4937 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
4938 	if (peer && cmd == SET_KEY)
4939 		peer->keys[key->keyidx] = key;
4940 	else if (peer && cmd == DISABLE_KEY)
4941 		peer->keys[key->keyidx] = NULL;
4942 	else if (peer == NULL)
4943 		/* impossible unless FW goes crazy */
4944 		ath10k_warn(ar, "Peer %pM disappeared!\n", peer_addr);
4945 	spin_unlock_bh(&ar->data_lock);
4946 
4947 exit:
4948 	mutex_unlock(&ar->conf_mutex);
4949 	return ret;
4950 }
4951 
4952 static void ath10k_set_default_unicast_key(struct ieee80211_hw *hw,
4953 					   struct ieee80211_vif *vif,
4954 					   int keyidx)
4955 {
4956 	struct ath10k *ar = hw->priv;
4957 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4958 	int ret;
4959 
4960 	mutex_lock(&arvif->ar->conf_mutex);
4961 
4962 	if (arvif->ar->state != ATH10K_STATE_ON)
4963 		goto unlock;
4964 
4965 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d set keyidx %d\n",
4966 		   arvif->vdev_id, keyidx);
4967 
4968 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
4969 					arvif->vdev_id,
4970 					arvif->ar->wmi.vdev_param->def_keyid,
4971 					keyidx);
4972 
4973 	if (ret) {
4974 		ath10k_warn(ar, "failed to update wep key index for vdev %d: %d\n",
4975 			    arvif->vdev_id,
4976 			    ret);
4977 		goto unlock;
4978 	}
4979 
4980 	arvif->def_wep_key_idx = keyidx;
4981 
4982 unlock:
4983 	mutex_unlock(&arvif->ar->conf_mutex);
4984 }
4985 
4986 static void ath10k_sta_rc_update_wk(struct work_struct *wk)
4987 {
4988 	struct ath10k *ar;
4989 	struct ath10k_vif *arvif;
4990 	struct ath10k_sta *arsta;
4991 	struct ieee80211_sta *sta;
4992 	struct cfg80211_chan_def def;
4993 	enum ieee80211_band band;
4994 	const u8 *ht_mcs_mask;
4995 	const u16 *vht_mcs_mask;
4996 	u32 changed, bw, nss, smps;
4997 	int err;
4998 
4999 	arsta = container_of(wk, struct ath10k_sta, update_wk);
5000 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
5001 	arvif = arsta->arvif;
5002 	ar = arvif->ar;
5003 
5004 	if (WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def)))
5005 		return;
5006 
5007 	band = def.chan->band;
5008 	ht_mcs_mask = arvif->bitrate_mask.control[band].ht_mcs;
5009 	vht_mcs_mask = arvif->bitrate_mask.control[band].vht_mcs;
5010 
5011 	spin_lock_bh(&ar->data_lock);
5012 
5013 	changed = arsta->changed;
5014 	arsta->changed = 0;
5015 
5016 	bw = arsta->bw;
5017 	nss = arsta->nss;
5018 	smps = arsta->smps;
5019 
5020 	spin_unlock_bh(&ar->data_lock);
5021 
5022 	mutex_lock(&ar->conf_mutex);
5023 
5024 	nss = max_t(u32, 1, nss);
5025 	nss = min(nss, max(ath10k_mac_max_ht_nss(ht_mcs_mask),
5026 			   ath10k_mac_max_vht_nss(vht_mcs_mask)));
5027 
5028 	if (changed & IEEE80211_RC_BW_CHANGED) {
5029 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM peer bw %d\n",
5030 			   sta->addr, bw);
5031 
5032 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
5033 						WMI_PEER_CHAN_WIDTH, bw);
5034 		if (err)
5035 			ath10k_warn(ar, "failed to update STA %pM peer bw %d: %d\n",
5036 				    sta->addr, bw, err);
5037 	}
5038 
5039 	if (changed & IEEE80211_RC_NSS_CHANGED) {
5040 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM nss %d\n",
5041 			   sta->addr, nss);
5042 
5043 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
5044 						WMI_PEER_NSS, nss);
5045 		if (err)
5046 			ath10k_warn(ar, "failed to update STA %pM nss %d: %d\n",
5047 				    sta->addr, nss, err);
5048 	}
5049 
5050 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
5051 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM smps %d\n",
5052 			   sta->addr, smps);
5053 
5054 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
5055 						WMI_PEER_SMPS_STATE, smps);
5056 		if (err)
5057 			ath10k_warn(ar, "failed to update STA %pM smps %d: %d\n",
5058 				    sta->addr, smps, err);
5059 	}
5060 
5061 	if (changed & IEEE80211_RC_SUPP_RATES_CHANGED ||
5062 	    changed & IEEE80211_RC_NSS_CHANGED) {
5063 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM supp rates/nss\n",
5064 			   sta->addr);
5065 
5066 		err = ath10k_station_assoc(ar, arvif->vif, sta, true);
5067 		if (err)
5068 			ath10k_warn(ar, "failed to reassociate station: %pM\n",
5069 				    sta->addr);
5070 	}
5071 
5072 	mutex_unlock(&ar->conf_mutex);
5073 }
5074 
5075 static int ath10k_mac_inc_num_stations(struct ath10k_vif *arvif,
5076 				       struct ieee80211_sta *sta)
5077 {
5078 	struct ath10k *ar = arvif->ar;
5079 
5080 	lockdep_assert_held(&ar->conf_mutex);
5081 
5082 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
5083 		return 0;
5084 
5085 	if (ar->num_stations >= ar->max_num_stations)
5086 		return -ENOBUFS;
5087 
5088 	ar->num_stations++;
5089 
5090 	return 0;
5091 }
5092 
5093 static void ath10k_mac_dec_num_stations(struct ath10k_vif *arvif,
5094 					struct ieee80211_sta *sta)
5095 {
5096 	struct ath10k *ar = arvif->ar;
5097 
5098 	lockdep_assert_held(&ar->conf_mutex);
5099 
5100 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA && !sta->tdls)
5101 		return;
5102 
5103 	ar->num_stations--;
5104 }
5105 
5106 struct ath10k_mac_tdls_iter_data {
5107 	u32 num_tdls_stations;
5108 	struct ieee80211_vif *curr_vif;
5109 };
5110 
5111 static void ath10k_mac_tdls_vif_stations_count_iter(void *data,
5112 						    struct ieee80211_sta *sta)
5113 {
5114 	struct ath10k_mac_tdls_iter_data *iter_data = data;
5115 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
5116 	struct ieee80211_vif *sta_vif = arsta->arvif->vif;
5117 
5118 	if (sta->tdls && sta_vif == iter_data->curr_vif)
5119 		iter_data->num_tdls_stations++;
5120 }
5121 
5122 static int ath10k_mac_tdls_vif_stations_count(struct ieee80211_hw *hw,
5123 					      struct ieee80211_vif *vif)
5124 {
5125 	struct ath10k_mac_tdls_iter_data data = {};
5126 
5127 	data.curr_vif = vif;
5128 
5129 	ieee80211_iterate_stations_atomic(hw,
5130 					  ath10k_mac_tdls_vif_stations_count_iter,
5131 					  &data);
5132 	return data.num_tdls_stations;
5133 }
5134 
5135 static void ath10k_mac_tdls_vifs_count_iter(void *data, u8 *mac,
5136 					    struct ieee80211_vif *vif)
5137 {
5138 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
5139 	int *num_tdls_vifs = data;
5140 
5141 	if (vif->type != NL80211_IFTYPE_STATION)
5142 		return;
5143 
5144 	if (ath10k_mac_tdls_vif_stations_count(arvif->ar->hw, vif) > 0)
5145 		(*num_tdls_vifs)++;
5146 }
5147 
5148 static int ath10k_mac_tdls_vifs_count(struct ieee80211_hw *hw)
5149 {
5150 	int num_tdls_vifs = 0;
5151 
5152 	ieee80211_iterate_active_interfaces_atomic(hw,
5153 						   IEEE80211_IFACE_ITER_NORMAL,
5154 						   ath10k_mac_tdls_vifs_count_iter,
5155 						   &num_tdls_vifs);
5156 	return num_tdls_vifs;
5157 }
5158 
5159 static int ath10k_sta_state(struct ieee80211_hw *hw,
5160 			    struct ieee80211_vif *vif,
5161 			    struct ieee80211_sta *sta,
5162 			    enum ieee80211_sta_state old_state,
5163 			    enum ieee80211_sta_state new_state)
5164 {
5165 	struct ath10k *ar = hw->priv;
5166 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
5167 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
5168 	int ret = 0;
5169 
5170 	if (old_state == IEEE80211_STA_NOTEXIST &&
5171 	    new_state == IEEE80211_STA_NONE) {
5172 		memset(arsta, 0, sizeof(*arsta));
5173 		arsta->arvif = arvif;
5174 		INIT_WORK(&arsta->update_wk, ath10k_sta_rc_update_wk);
5175 	}
5176 
5177 	/* cancel must be done outside the mutex to avoid deadlock */
5178 	if ((old_state == IEEE80211_STA_NONE &&
5179 	     new_state == IEEE80211_STA_NOTEXIST))
5180 		cancel_work_sync(&arsta->update_wk);
5181 
5182 	mutex_lock(&ar->conf_mutex);
5183 
5184 	if (old_state == IEEE80211_STA_NOTEXIST &&
5185 	    new_state == IEEE80211_STA_NONE) {
5186 		/*
5187 		 * New station addition.
5188 		 */
5189 		enum wmi_peer_type peer_type = WMI_PEER_TYPE_DEFAULT;
5190 		u32 num_tdls_stations;
5191 		u32 num_tdls_vifs;
5192 
5193 		ath10k_dbg(ar, ATH10K_DBG_MAC,
5194 			   "mac vdev %d peer create %pM (new sta) sta %d / %d peer %d / %d\n",
5195 			   arvif->vdev_id, sta->addr,
5196 			   ar->num_stations + 1, ar->max_num_stations,
5197 			   ar->num_peers + 1, ar->max_num_peers);
5198 
5199 		ret = ath10k_mac_inc_num_stations(arvif, sta);
5200 		if (ret) {
5201 			ath10k_warn(ar, "refusing to associate station: too many connected already (%d)\n",
5202 				    ar->max_num_stations);
5203 			goto exit;
5204 		}
5205 
5206 		if (sta->tdls)
5207 			peer_type = WMI_PEER_TYPE_TDLS;
5208 
5209 		ret = ath10k_peer_create(ar, arvif->vdev_id, sta->addr,
5210 					 peer_type);
5211 		if (ret) {
5212 			ath10k_warn(ar, "failed to add peer %pM for vdev %d when adding a new sta: %i\n",
5213 				    sta->addr, arvif->vdev_id, ret);
5214 			ath10k_mac_dec_num_stations(arvif, sta);
5215 			goto exit;
5216 		}
5217 
5218 		if (!sta->tdls)
5219 			goto exit;
5220 
5221 		num_tdls_stations = ath10k_mac_tdls_vif_stations_count(hw, vif);
5222 		num_tdls_vifs = ath10k_mac_tdls_vifs_count(hw);
5223 
5224 		if (num_tdls_vifs >= ar->max_num_tdls_vdevs &&
5225 		    num_tdls_stations == 0) {
5226 			ath10k_warn(ar, "vdev %i exceeded maximum number of tdls vdevs %i\n",
5227 				    arvif->vdev_id, ar->max_num_tdls_vdevs);
5228 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
5229 			ath10k_mac_dec_num_stations(arvif, sta);
5230 			ret = -ENOBUFS;
5231 			goto exit;
5232 		}
5233 
5234 		if (num_tdls_stations == 0) {
5235 			/* This is the first tdls peer in current vif */
5236 			enum wmi_tdls_state state = WMI_TDLS_ENABLE_ACTIVE;
5237 
5238 			ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
5239 							      state);
5240 			if (ret) {
5241 				ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
5242 					    arvif->vdev_id, ret);
5243 				ath10k_peer_delete(ar, arvif->vdev_id,
5244 						   sta->addr);
5245 				ath10k_mac_dec_num_stations(arvif, sta);
5246 				goto exit;
5247 			}
5248 		}
5249 
5250 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
5251 						  WMI_TDLS_PEER_STATE_PEERING);
5252 		if (ret) {
5253 			ath10k_warn(ar,
5254 				    "failed to update tdls peer %pM for vdev %d when adding a new sta: %i\n",
5255 				    sta->addr, arvif->vdev_id, ret);
5256 			ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
5257 			ath10k_mac_dec_num_stations(arvif, sta);
5258 
5259 			if (num_tdls_stations != 0)
5260 				goto exit;
5261 			ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
5262 							WMI_TDLS_DISABLE);
5263 		}
5264 	} else if ((old_state == IEEE80211_STA_NONE &&
5265 		    new_state == IEEE80211_STA_NOTEXIST)) {
5266 		/*
5267 		 * Existing station deletion.
5268 		 */
5269 		ath10k_dbg(ar, ATH10K_DBG_MAC,
5270 			   "mac vdev %d peer delete %pM (sta gone)\n",
5271 			   arvif->vdev_id, sta->addr);
5272 
5273 		ret = ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
5274 		if (ret)
5275 			ath10k_warn(ar, "failed to delete peer %pM for vdev %d: %i\n",
5276 				    sta->addr, arvif->vdev_id, ret);
5277 
5278 		ath10k_mac_dec_num_stations(arvif, sta);
5279 
5280 		if (!sta->tdls)
5281 			goto exit;
5282 
5283 		if (ath10k_mac_tdls_vif_stations_count(hw, vif))
5284 			goto exit;
5285 
5286 		/* This was the last tdls peer in current vif */
5287 		ret = ath10k_wmi_update_fw_tdls_state(ar, arvif->vdev_id,
5288 						      WMI_TDLS_DISABLE);
5289 		if (ret) {
5290 			ath10k_warn(ar, "failed to update fw tdls state on vdev %i: %i\n",
5291 				    arvif->vdev_id, ret);
5292 		}
5293 	} else if (old_state == IEEE80211_STA_AUTH &&
5294 		   new_state == IEEE80211_STA_ASSOC &&
5295 		   (vif->type == NL80211_IFTYPE_AP ||
5296 		    vif->type == NL80211_IFTYPE_ADHOC)) {
5297 		/*
5298 		 * New association.
5299 		 */
5300 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac sta %pM associated\n",
5301 			   sta->addr);
5302 
5303 		ret = ath10k_station_assoc(ar, vif, sta, false);
5304 		if (ret)
5305 			ath10k_warn(ar, "failed to associate station %pM for vdev %i: %i\n",
5306 				    sta->addr, arvif->vdev_id, ret);
5307 	} else if (old_state == IEEE80211_STA_ASSOC &&
5308 		   new_state == IEEE80211_STA_AUTHORIZED &&
5309 		   sta->tdls) {
5310 		/*
5311 		 * Tdls station authorized.
5312 		 */
5313 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac tdls sta %pM authorized\n",
5314 			   sta->addr);
5315 
5316 		ret = ath10k_station_assoc(ar, vif, sta, false);
5317 		if (ret) {
5318 			ath10k_warn(ar, "failed to associate tdls station %pM for vdev %i: %i\n",
5319 				    sta->addr, arvif->vdev_id, ret);
5320 			goto exit;
5321 		}
5322 
5323 		ret = ath10k_mac_tdls_peer_update(ar, arvif->vdev_id, sta,
5324 						  WMI_TDLS_PEER_STATE_CONNECTED);
5325 		if (ret)
5326 			ath10k_warn(ar, "failed to update tdls peer %pM for vdev %i: %i\n",
5327 				    sta->addr, arvif->vdev_id, ret);
5328 	} else if (old_state == IEEE80211_STA_ASSOC &&
5329 		    new_state == IEEE80211_STA_AUTH &&
5330 		    (vif->type == NL80211_IFTYPE_AP ||
5331 		     vif->type == NL80211_IFTYPE_ADHOC)) {
5332 		/*
5333 		 * Disassociation.
5334 		 */
5335 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac sta %pM disassociated\n",
5336 			   sta->addr);
5337 
5338 		ret = ath10k_station_disassoc(ar, vif, sta);
5339 		if (ret)
5340 			ath10k_warn(ar, "failed to disassociate station: %pM vdev %i: %i\n",
5341 				    sta->addr, arvif->vdev_id, ret);
5342 	}
5343 exit:
5344 	mutex_unlock(&ar->conf_mutex);
5345 	return ret;
5346 }
5347 
5348 static int ath10k_conf_tx_uapsd(struct ath10k *ar, struct ieee80211_vif *vif,
5349 				u16 ac, bool enable)
5350 {
5351 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
5352 	struct wmi_sta_uapsd_auto_trig_arg arg = {};
5353 	u32 prio = 0, acc = 0;
5354 	u32 value = 0;
5355 	int ret = 0;
5356 
5357 	lockdep_assert_held(&ar->conf_mutex);
5358 
5359 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
5360 		return 0;
5361 
5362 	switch (ac) {
5363 	case IEEE80211_AC_VO:
5364 		value = WMI_STA_PS_UAPSD_AC3_DELIVERY_EN |
5365 			WMI_STA_PS_UAPSD_AC3_TRIGGER_EN;
5366 		prio = 7;
5367 		acc = 3;
5368 		break;
5369 	case IEEE80211_AC_VI:
5370 		value = WMI_STA_PS_UAPSD_AC2_DELIVERY_EN |
5371 			WMI_STA_PS_UAPSD_AC2_TRIGGER_EN;
5372 		prio = 5;
5373 		acc = 2;
5374 		break;
5375 	case IEEE80211_AC_BE:
5376 		value = WMI_STA_PS_UAPSD_AC1_DELIVERY_EN |
5377 			WMI_STA_PS_UAPSD_AC1_TRIGGER_EN;
5378 		prio = 2;
5379 		acc = 1;
5380 		break;
5381 	case IEEE80211_AC_BK:
5382 		value = WMI_STA_PS_UAPSD_AC0_DELIVERY_EN |
5383 			WMI_STA_PS_UAPSD_AC0_TRIGGER_EN;
5384 		prio = 0;
5385 		acc = 0;
5386 		break;
5387 	}
5388 
5389 	if (enable)
5390 		arvif->u.sta.uapsd |= value;
5391 	else
5392 		arvif->u.sta.uapsd &= ~value;
5393 
5394 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5395 					  WMI_STA_PS_PARAM_UAPSD,
5396 					  arvif->u.sta.uapsd);
5397 	if (ret) {
5398 		ath10k_warn(ar, "failed to set uapsd params: %d\n", ret);
5399 		goto exit;
5400 	}
5401 
5402 	if (arvif->u.sta.uapsd)
5403 		value = WMI_STA_PS_RX_WAKE_POLICY_POLL_UAPSD;
5404 	else
5405 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
5406 
5407 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
5408 					  WMI_STA_PS_PARAM_RX_WAKE_POLICY,
5409 					  value);
5410 	if (ret)
5411 		ath10k_warn(ar, "failed to set rx wake param: %d\n", ret);
5412 
5413 	ret = ath10k_mac_vif_recalc_ps_wake_threshold(arvif);
5414 	if (ret) {
5415 		ath10k_warn(ar, "failed to recalc ps wake threshold on vdev %i: %d\n",
5416 			    arvif->vdev_id, ret);
5417 		return ret;
5418 	}
5419 
5420 	ret = ath10k_mac_vif_recalc_ps_poll_count(arvif);
5421 	if (ret) {
5422 		ath10k_warn(ar, "failed to recalc ps poll count on vdev %i: %d\n",
5423 			    arvif->vdev_id, ret);
5424 		return ret;
5425 	}
5426 
5427 	if (test_bit(WMI_SERVICE_STA_UAPSD_BASIC_AUTO_TRIG, ar->wmi.svc_map) ||
5428 	    test_bit(WMI_SERVICE_STA_UAPSD_VAR_AUTO_TRIG, ar->wmi.svc_map)) {
5429 		/* Only userspace can make an educated decision when to send
5430 		 * trigger frame. The following effectively disables u-UAPSD
5431 		 * autotrigger in firmware (which is enabled by default
5432 		 * provided the autotrigger service is available).
5433 		 */
5434 
5435 		arg.wmm_ac = acc;
5436 		arg.user_priority = prio;
5437 		arg.service_interval = 0;
5438 		arg.suspend_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
5439 		arg.delay_interval = WMI_STA_UAPSD_MAX_INTERVAL_MSEC;
5440 
5441 		ret = ath10k_wmi_vdev_sta_uapsd(ar, arvif->vdev_id,
5442 						arvif->bssid, &arg, 1);
5443 		if (ret) {
5444 			ath10k_warn(ar, "failed to set uapsd auto trigger %d\n",
5445 				    ret);
5446 			return ret;
5447 		}
5448 	}
5449 
5450 exit:
5451 	return ret;
5452 }
5453 
5454 static int ath10k_conf_tx(struct ieee80211_hw *hw,
5455 			  struct ieee80211_vif *vif, u16 ac,
5456 			  const struct ieee80211_tx_queue_params *params)
5457 {
5458 	struct ath10k *ar = hw->priv;
5459 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
5460 	struct wmi_wmm_params_arg *p = NULL;
5461 	int ret;
5462 
5463 	mutex_lock(&ar->conf_mutex);
5464 
5465 	switch (ac) {
5466 	case IEEE80211_AC_VO:
5467 		p = &arvif->wmm_params.ac_vo;
5468 		break;
5469 	case IEEE80211_AC_VI:
5470 		p = &arvif->wmm_params.ac_vi;
5471 		break;
5472 	case IEEE80211_AC_BE:
5473 		p = &arvif->wmm_params.ac_be;
5474 		break;
5475 	case IEEE80211_AC_BK:
5476 		p = &arvif->wmm_params.ac_bk;
5477 		break;
5478 	}
5479 
5480 	if (WARN_ON(!p)) {
5481 		ret = -EINVAL;
5482 		goto exit;
5483 	}
5484 
5485 	p->cwmin = params->cw_min;
5486 	p->cwmax = params->cw_max;
5487 	p->aifs = params->aifs;
5488 
5489 	/*
5490 	 * The channel time duration programmed in the HW is in absolute
5491 	 * microseconds, while mac80211 gives the txop in units of
5492 	 * 32 microseconds.
5493 	 */
5494 	p->txop = params->txop * 32;
5495 
5496 	if (ar->wmi.ops->gen_vdev_wmm_conf) {
5497 		ret = ath10k_wmi_vdev_wmm_conf(ar, arvif->vdev_id,
5498 					       &arvif->wmm_params);
5499 		if (ret) {
5500 			ath10k_warn(ar, "failed to set vdev wmm params on vdev %i: %d\n",
5501 				    arvif->vdev_id, ret);
5502 			goto exit;
5503 		}
5504 	} else {
5505 		/* This won't work well with multi-interface cases but it's
5506 		 * better than nothing.
5507 		 */
5508 		ret = ath10k_wmi_pdev_set_wmm_params(ar, &arvif->wmm_params);
5509 		if (ret) {
5510 			ath10k_warn(ar, "failed to set wmm params: %d\n", ret);
5511 			goto exit;
5512 		}
5513 	}
5514 
5515 	ret = ath10k_conf_tx_uapsd(ar, vif, ac, params->uapsd);
5516 	if (ret)
5517 		ath10k_warn(ar, "failed to set sta uapsd: %d\n", ret);
5518 
5519 exit:
5520 	mutex_unlock(&ar->conf_mutex);
5521 	return ret;
5522 }
5523 
5524 #define ATH10K_ROC_TIMEOUT_HZ (2*HZ)
5525 
5526 static int ath10k_remain_on_channel(struct ieee80211_hw *hw,
5527 				    struct ieee80211_vif *vif,
5528 				    struct ieee80211_channel *chan,
5529 				    int duration,
5530 				    enum ieee80211_roc_type type)
5531 {
5532 	struct ath10k *ar = hw->priv;
5533 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
5534 	struct wmi_start_scan_arg arg;
5535 	int ret = 0;
5536 	u32 scan_time_msec;
5537 
5538 	mutex_lock(&ar->conf_mutex);
5539 
5540 	spin_lock_bh(&ar->data_lock);
5541 	switch (ar->scan.state) {
5542 	case ATH10K_SCAN_IDLE:
5543 		reinit_completion(&ar->scan.started);
5544 		reinit_completion(&ar->scan.completed);
5545 		reinit_completion(&ar->scan.on_channel);
5546 		ar->scan.state = ATH10K_SCAN_STARTING;
5547 		ar->scan.is_roc = true;
5548 		ar->scan.vdev_id = arvif->vdev_id;
5549 		ar->scan.roc_freq = chan->center_freq;
5550 		ar->scan.roc_notify = true;
5551 		ret = 0;
5552 		break;
5553 	case ATH10K_SCAN_STARTING:
5554 	case ATH10K_SCAN_RUNNING:
5555 	case ATH10K_SCAN_ABORTING:
5556 		ret = -EBUSY;
5557 		break;
5558 	}
5559 	spin_unlock_bh(&ar->data_lock);
5560 
5561 	if (ret)
5562 		goto exit;
5563 
5564 	scan_time_msec = ar->hw->wiphy->max_remain_on_channel_duration * 2;
5565 
5566 	memset(&arg, 0, sizeof(arg));
5567 	ath10k_wmi_start_scan_init(ar, &arg);
5568 	arg.vdev_id = arvif->vdev_id;
5569 	arg.scan_id = ATH10K_SCAN_ID;
5570 	arg.n_channels = 1;
5571 	arg.channels[0] = chan->center_freq;
5572 	arg.dwell_time_active = scan_time_msec;
5573 	arg.dwell_time_passive = scan_time_msec;
5574 	arg.max_scan_time = scan_time_msec;
5575 	arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
5576 	arg.scan_ctrl_flags |= WMI_SCAN_FILTER_PROBE_REQ;
5577 	arg.burst_duration_ms = duration;
5578 
5579 	ret = ath10k_start_scan(ar, &arg);
5580 	if (ret) {
5581 		ath10k_warn(ar, "failed to start roc scan: %d\n", ret);
5582 		spin_lock_bh(&ar->data_lock);
5583 		ar->scan.state = ATH10K_SCAN_IDLE;
5584 		spin_unlock_bh(&ar->data_lock);
5585 		goto exit;
5586 	}
5587 
5588 	ret = wait_for_completion_timeout(&ar->scan.on_channel, 3*HZ);
5589 	if (ret == 0) {
5590 		ath10k_warn(ar, "failed to switch to channel for roc scan\n");
5591 
5592 		ret = ath10k_scan_stop(ar);
5593 		if (ret)
5594 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
5595 
5596 		ret = -ETIMEDOUT;
5597 		goto exit;
5598 	}
5599 
5600 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
5601 				     msecs_to_jiffies(duration));
5602 
5603 	ret = 0;
5604 exit:
5605 	mutex_unlock(&ar->conf_mutex);
5606 	return ret;
5607 }
5608 
5609 static int ath10k_cancel_remain_on_channel(struct ieee80211_hw *hw)
5610 {
5611 	struct ath10k *ar = hw->priv;
5612 
5613 	mutex_lock(&ar->conf_mutex);
5614 
5615 	spin_lock_bh(&ar->data_lock);
5616 	ar->scan.roc_notify = false;
5617 	spin_unlock_bh(&ar->data_lock);
5618 
5619 	ath10k_scan_abort(ar);
5620 
5621 	mutex_unlock(&ar->conf_mutex);
5622 
5623 	cancel_delayed_work_sync(&ar->scan.timeout);
5624 
5625 	return 0;
5626 }
5627 
5628 /*
5629  * Both RTS and Fragmentation threshold are interface-specific
5630  * in ath10k, but device-specific in mac80211.
5631  */
5632 
5633 static int ath10k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
5634 {
5635 	struct ath10k *ar = hw->priv;
5636 	struct ath10k_vif *arvif;
5637 	int ret = 0;
5638 
5639 	mutex_lock(&ar->conf_mutex);
5640 	list_for_each_entry(arvif, &ar->arvifs, list) {
5641 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d rts threshold %d\n",
5642 			   arvif->vdev_id, value);
5643 
5644 		ret = ath10k_mac_set_rts(arvif, value);
5645 		if (ret) {
5646 			ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
5647 				    arvif->vdev_id, ret);
5648 			break;
5649 		}
5650 	}
5651 	mutex_unlock(&ar->conf_mutex);
5652 
5653 	return ret;
5654 }
5655 
5656 static int ath10k_mac_op_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
5657 {
5658 	/* Even though there's a WMI enum for fragmentation threshold no known
5659 	 * firmware actually implements it. Moreover it is not possible to rely
5660 	 * frame fragmentation to mac80211 because firmware clears the "more
5661 	 * fragments" bit in frame control making it impossible for remote
5662 	 * devices to reassemble frames.
5663 	 *
5664 	 * Hence implement a dummy callback just to say fragmentation isn't
5665 	 * supported. This effectively prevents mac80211 from doing frame
5666 	 * fragmentation in software.
5667 	 */
5668 	return -EOPNOTSUPP;
5669 }
5670 
5671 static void ath10k_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5672 			 u32 queues, bool drop)
5673 {
5674 	struct ath10k *ar = hw->priv;
5675 	bool skip;
5676 	long time_left;
5677 
5678 	/* mac80211 doesn't care if we really xmit queued frames or not
5679 	 * we'll collect those frames either way if we stop/delete vdevs */
5680 	if (drop)
5681 		return;
5682 
5683 	mutex_lock(&ar->conf_mutex);
5684 
5685 	if (ar->state == ATH10K_STATE_WEDGED)
5686 		goto skip;
5687 
5688 	time_left = wait_event_timeout(ar->htt.empty_tx_wq, ({
5689 			bool empty;
5690 
5691 			spin_lock_bh(&ar->htt.tx_lock);
5692 			empty = (ar->htt.num_pending_tx == 0);
5693 			spin_unlock_bh(&ar->htt.tx_lock);
5694 
5695 			skip = (ar->state == ATH10K_STATE_WEDGED) ||
5696 			       test_bit(ATH10K_FLAG_CRASH_FLUSH,
5697 					&ar->dev_flags);
5698 
5699 			(empty || skip);
5700 		}), ATH10K_FLUSH_TIMEOUT_HZ);
5701 
5702 	if (time_left == 0 || skip)
5703 		ath10k_warn(ar, "failed to flush transmit queue (skip %i ar-state %i): %ld\n",
5704 			    skip, ar->state, time_left);
5705 
5706 skip:
5707 	mutex_unlock(&ar->conf_mutex);
5708 }
5709 
5710 /* TODO: Implement this function properly
5711  * For now it is needed to reply to Probe Requests in IBSS mode.
5712  * Propably we need this information from FW.
5713  */
5714 static int ath10k_tx_last_beacon(struct ieee80211_hw *hw)
5715 {
5716 	return 1;
5717 }
5718 
5719 static void ath10k_reconfig_complete(struct ieee80211_hw *hw,
5720 				     enum ieee80211_reconfig_type reconfig_type)
5721 {
5722 	struct ath10k *ar = hw->priv;
5723 
5724 	if (reconfig_type != IEEE80211_RECONFIG_TYPE_RESTART)
5725 		return;
5726 
5727 	mutex_lock(&ar->conf_mutex);
5728 
5729 	/* If device failed to restart it will be in a different state, e.g.
5730 	 * ATH10K_STATE_WEDGED */
5731 	if (ar->state == ATH10K_STATE_RESTARTED) {
5732 		ath10k_info(ar, "device successfully recovered\n");
5733 		ar->state = ATH10K_STATE_ON;
5734 		ieee80211_wake_queues(ar->hw);
5735 	}
5736 
5737 	mutex_unlock(&ar->conf_mutex);
5738 }
5739 
5740 static int ath10k_get_survey(struct ieee80211_hw *hw, int idx,
5741 			     struct survey_info *survey)
5742 {
5743 	struct ath10k *ar = hw->priv;
5744 	struct ieee80211_supported_band *sband;
5745 	struct survey_info *ar_survey = &ar->survey[idx];
5746 	int ret = 0;
5747 
5748 	mutex_lock(&ar->conf_mutex);
5749 
5750 	sband = hw->wiphy->bands[IEEE80211_BAND_2GHZ];
5751 	if (sband && idx >= sband->n_channels) {
5752 		idx -= sband->n_channels;
5753 		sband = NULL;
5754 	}
5755 
5756 	if (!sband)
5757 		sband = hw->wiphy->bands[IEEE80211_BAND_5GHZ];
5758 
5759 	if (!sband || idx >= sband->n_channels) {
5760 		ret = -ENOENT;
5761 		goto exit;
5762 	}
5763 
5764 	spin_lock_bh(&ar->data_lock);
5765 	memcpy(survey, ar_survey, sizeof(*survey));
5766 	spin_unlock_bh(&ar->data_lock);
5767 
5768 	survey->channel = &sband->channels[idx];
5769 
5770 	if (ar->rx_channel == survey->channel)
5771 		survey->filled |= SURVEY_INFO_IN_USE;
5772 
5773 exit:
5774 	mutex_unlock(&ar->conf_mutex);
5775 	return ret;
5776 }
5777 
5778 static bool
5779 ath10k_mac_bitrate_mask_has_single_rate(struct ath10k *ar,
5780 					enum ieee80211_band band,
5781 					const struct cfg80211_bitrate_mask *mask)
5782 {
5783 	int num_rates = 0;
5784 	int i;
5785 
5786 	num_rates += hweight32(mask->control[band].legacy);
5787 
5788 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++)
5789 		num_rates += hweight8(mask->control[band].ht_mcs[i]);
5790 
5791 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++)
5792 		num_rates += hweight16(mask->control[band].vht_mcs[i]);
5793 
5794 	return num_rates == 1;
5795 }
5796 
5797 static bool
5798 ath10k_mac_bitrate_mask_get_single_nss(struct ath10k *ar,
5799 				       enum ieee80211_band band,
5800 				       const struct cfg80211_bitrate_mask *mask,
5801 				       int *nss)
5802 {
5803 	struct ieee80211_supported_band *sband = &ar->mac.sbands[band];
5804 	u16 vht_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
5805 	u8 ht_nss_mask = 0;
5806 	u8 vht_nss_mask = 0;
5807 	int i;
5808 
5809 	if (mask->control[band].legacy)
5810 		return false;
5811 
5812 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
5813 		if (mask->control[band].ht_mcs[i] == 0)
5814 			continue;
5815 		else if (mask->control[band].ht_mcs[i] ==
5816 			 sband->ht_cap.mcs.rx_mask[i])
5817 			ht_nss_mask |= BIT(i);
5818 		else
5819 			return false;
5820 	}
5821 
5822 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
5823 		if (mask->control[band].vht_mcs[i] == 0)
5824 			continue;
5825 		else if (mask->control[band].vht_mcs[i] ==
5826 			 ath10k_mac_get_max_vht_mcs_map(vht_mcs_map, i))
5827 			vht_nss_mask |= BIT(i);
5828 		else
5829 			return false;
5830 	}
5831 
5832 	if (ht_nss_mask != vht_nss_mask)
5833 		return false;
5834 
5835 	if (ht_nss_mask == 0)
5836 		return false;
5837 
5838 	if (BIT(fls(ht_nss_mask)) - 1 != ht_nss_mask)
5839 		return false;
5840 
5841 	*nss = fls(ht_nss_mask);
5842 
5843 	return true;
5844 }
5845 
5846 static int
5847 ath10k_mac_bitrate_mask_get_single_rate(struct ath10k *ar,
5848 					enum ieee80211_band band,
5849 					const struct cfg80211_bitrate_mask *mask,
5850 					u8 *rate, u8 *nss)
5851 {
5852 	struct ieee80211_supported_band *sband = &ar->mac.sbands[band];
5853 	int rate_idx;
5854 	int i;
5855 	u16 bitrate;
5856 	u8 preamble;
5857 	u8 hw_rate;
5858 
5859 	if (hweight32(mask->control[band].legacy) == 1) {
5860 		rate_idx = ffs(mask->control[band].legacy) - 1;
5861 
5862 		hw_rate = sband->bitrates[rate_idx].hw_value;
5863 		bitrate = sband->bitrates[rate_idx].bitrate;
5864 
5865 		if (ath10k_mac_bitrate_is_cck(bitrate))
5866 			preamble = WMI_RATE_PREAMBLE_CCK;
5867 		else
5868 			preamble = WMI_RATE_PREAMBLE_OFDM;
5869 
5870 		*nss = 1;
5871 		*rate = preamble << 6 |
5872 			(*nss - 1) << 4 |
5873 			hw_rate << 0;
5874 
5875 		return 0;
5876 	}
5877 
5878 	for (i = 0; i < ARRAY_SIZE(mask->control[band].ht_mcs); i++) {
5879 		if (hweight8(mask->control[band].ht_mcs[i]) == 1) {
5880 			*nss = i + 1;
5881 			*rate = WMI_RATE_PREAMBLE_HT << 6 |
5882 				(*nss - 1) << 4 |
5883 				(ffs(mask->control[band].ht_mcs[i]) - 1);
5884 
5885 			return 0;
5886 		}
5887 	}
5888 
5889 	for (i = 0; i < ARRAY_SIZE(mask->control[band].vht_mcs); i++) {
5890 		if (hweight16(mask->control[band].vht_mcs[i]) == 1) {
5891 			*nss = i + 1;
5892 			*rate = WMI_RATE_PREAMBLE_VHT << 6 |
5893 				(*nss - 1) << 4 |
5894 				(ffs(mask->control[band].vht_mcs[i]) - 1);
5895 
5896 			return 0;
5897 		}
5898 	}
5899 
5900 	return -EINVAL;
5901 }
5902 
5903 static int ath10k_mac_set_fixed_rate_params(struct ath10k_vif *arvif,
5904 					    u8 rate, u8 nss, u8 sgi)
5905 {
5906 	struct ath10k *ar = arvif->ar;
5907 	u32 vdev_param;
5908 	int ret;
5909 
5910 	lockdep_assert_held(&ar->conf_mutex);
5911 
5912 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac set fixed rate params vdev %i rate 0x%02hhx nss %hhu sgi %hhu\n",
5913 		   arvif->vdev_id, rate, nss, sgi);
5914 
5915 	vdev_param = ar->wmi.vdev_param->fixed_rate;
5916 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, rate);
5917 	if (ret) {
5918 		ath10k_warn(ar, "failed to set fixed rate param 0x%02x: %d\n",
5919 			    rate, ret);
5920 		return ret;
5921 	}
5922 
5923 	vdev_param = ar->wmi.vdev_param->nss;
5924 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, nss);
5925 	if (ret) {
5926 		ath10k_warn(ar, "failed to set nss param %d: %d\n", nss, ret);
5927 		return ret;
5928 	}
5929 
5930 	vdev_param = ar->wmi.vdev_param->sgi;
5931 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, sgi);
5932 	if (ret) {
5933 		ath10k_warn(ar, "failed to set sgi param %d: %d\n", sgi, ret);
5934 		return ret;
5935 	}
5936 
5937 	return 0;
5938 }
5939 
5940 static bool
5941 ath10k_mac_can_set_bitrate_mask(struct ath10k *ar,
5942 				enum ieee80211_band band,
5943 				const struct cfg80211_bitrate_mask *mask)
5944 {
5945 	int i;
5946 	u16 vht_mcs;
5947 
5948 	/* Due to firmware limitation in WMI_PEER_ASSOC_CMDID it is impossible
5949 	 * to express all VHT MCS rate masks. Effectively only the following
5950 	 * ranges can be used: none, 0-7, 0-8 and 0-9.
5951 	 */
5952 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
5953 		vht_mcs = mask->control[band].vht_mcs[i];
5954 
5955 		switch (vht_mcs) {
5956 		case 0:
5957 		case BIT(8) - 1:
5958 		case BIT(9) - 1:
5959 		case BIT(10) - 1:
5960 			break;
5961 		default:
5962 			ath10k_warn(ar, "refusing bitrate mask with missing 0-7 VHT MCS rates\n");
5963 			return false;
5964 		}
5965 	}
5966 
5967 	return true;
5968 }
5969 
5970 static void ath10k_mac_set_bitrate_mask_iter(void *data,
5971 					     struct ieee80211_sta *sta)
5972 {
5973 	struct ath10k_vif *arvif = data;
5974 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
5975 	struct ath10k *ar = arvif->ar;
5976 
5977 	if (arsta->arvif != arvif)
5978 		return;
5979 
5980 	spin_lock_bh(&ar->data_lock);
5981 	arsta->changed |= IEEE80211_RC_SUPP_RATES_CHANGED;
5982 	spin_unlock_bh(&ar->data_lock);
5983 
5984 	ieee80211_queue_work(ar->hw, &arsta->update_wk);
5985 }
5986 
5987 static int ath10k_mac_op_set_bitrate_mask(struct ieee80211_hw *hw,
5988 					  struct ieee80211_vif *vif,
5989 					  const struct cfg80211_bitrate_mask *mask)
5990 {
5991 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
5992 	struct cfg80211_chan_def def;
5993 	struct ath10k *ar = arvif->ar;
5994 	enum ieee80211_band band;
5995 	const u8 *ht_mcs_mask;
5996 	const u16 *vht_mcs_mask;
5997 	u8 rate;
5998 	u8 nss;
5999 	u8 sgi;
6000 	int single_nss;
6001 	int ret;
6002 
6003 	if (ath10k_mac_vif_chan(vif, &def))
6004 		return -EPERM;
6005 
6006 	band = def.chan->band;
6007 	ht_mcs_mask = mask->control[band].ht_mcs;
6008 	vht_mcs_mask = mask->control[band].vht_mcs;
6009 
6010 	sgi = mask->control[band].gi;
6011 	if (sgi == NL80211_TXRATE_FORCE_LGI)
6012 		return -EINVAL;
6013 
6014 	if (ath10k_mac_bitrate_mask_has_single_rate(ar, band, mask)) {
6015 		ret = ath10k_mac_bitrate_mask_get_single_rate(ar, band, mask,
6016 							      &rate, &nss);
6017 		if (ret) {
6018 			ath10k_warn(ar, "failed to get single rate for vdev %i: %d\n",
6019 				    arvif->vdev_id, ret);
6020 			return ret;
6021 		}
6022 	} else if (ath10k_mac_bitrate_mask_get_single_nss(ar, band, mask,
6023 							  &single_nss)) {
6024 		rate = WMI_FIXED_RATE_NONE;
6025 		nss = single_nss;
6026 	} else {
6027 		rate = WMI_FIXED_RATE_NONE;
6028 		nss = min(ar->num_rf_chains,
6029 			  max(ath10k_mac_max_ht_nss(ht_mcs_mask),
6030 			      ath10k_mac_max_vht_nss(vht_mcs_mask)));
6031 
6032 		if (!ath10k_mac_can_set_bitrate_mask(ar, band, mask))
6033 			return -EINVAL;
6034 
6035 		mutex_lock(&ar->conf_mutex);
6036 
6037 		arvif->bitrate_mask = *mask;
6038 		ieee80211_iterate_stations_atomic(ar->hw,
6039 						  ath10k_mac_set_bitrate_mask_iter,
6040 						  arvif);
6041 
6042 		mutex_unlock(&ar->conf_mutex);
6043 	}
6044 
6045 	mutex_lock(&ar->conf_mutex);
6046 
6047 	ret = ath10k_mac_set_fixed_rate_params(arvif, rate, nss, sgi);
6048 	if (ret) {
6049 		ath10k_warn(ar, "failed to set fixed rate params on vdev %i: %d\n",
6050 			    arvif->vdev_id, ret);
6051 		goto exit;
6052 	}
6053 
6054 exit:
6055 	mutex_unlock(&ar->conf_mutex);
6056 
6057 	return ret;
6058 }
6059 
6060 static void ath10k_sta_rc_update(struct ieee80211_hw *hw,
6061 				 struct ieee80211_vif *vif,
6062 				 struct ieee80211_sta *sta,
6063 				 u32 changed)
6064 {
6065 	struct ath10k *ar = hw->priv;
6066 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
6067 	u32 bw, smps;
6068 
6069 	spin_lock_bh(&ar->data_lock);
6070 
6071 	ath10k_dbg(ar, ATH10K_DBG_MAC,
6072 		   "mac sta rc update for %pM changed %08x bw %d nss %d smps %d\n",
6073 		   sta->addr, changed, sta->bandwidth, sta->rx_nss,
6074 		   sta->smps_mode);
6075 
6076 	if (changed & IEEE80211_RC_BW_CHANGED) {
6077 		bw = WMI_PEER_CHWIDTH_20MHZ;
6078 
6079 		switch (sta->bandwidth) {
6080 		case IEEE80211_STA_RX_BW_20:
6081 			bw = WMI_PEER_CHWIDTH_20MHZ;
6082 			break;
6083 		case IEEE80211_STA_RX_BW_40:
6084 			bw = WMI_PEER_CHWIDTH_40MHZ;
6085 			break;
6086 		case IEEE80211_STA_RX_BW_80:
6087 			bw = WMI_PEER_CHWIDTH_80MHZ;
6088 			break;
6089 		case IEEE80211_STA_RX_BW_160:
6090 			ath10k_warn(ar, "Invalid bandwidth %d in rc update for %pM\n",
6091 				    sta->bandwidth, sta->addr);
6092 			bw = WMI_PEER_CHWIDTH_20MHZ;
6093 			break;
6094 		}
6095 
6096 		arsta->bw = bw;
6097 	}
6098 
6099 	if (changed & IEEE80211_RC_NSS_CHANGED)
6100 		arsta->nss = sta->rx_nss;
6101 
6102 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
6103 		smps = WMI_PEER_SMPS_PS_NONE;
6104 
6105 		switch (sta->smps_mode) {
6106 		case IEEE80211_SMPS_AUTOMATIC:
6107 		case IEEE80211_SMPS_OFF:
6108 			smps = WMI_PEER_SMPS_PS_NONE;
6109 			break;
6110 		case IEEE80211_SMPS_STATIC:
6111 			smps = WMI_PEER_SMPS_STATIC;
6112 			break;
6113 		case IEEE80211_SMPS_DYNAMIC:
6114 			smps = WMI_PEER_SMPS_DYNAMIC;
6115 			break;
6116 		case IEEE80211_SMPS_NUM_MODES:
6117 			ath10k_warn(ar, "Invalid smps %d in sta rc update for %pM\n",
6118 				    sta->smps_mode, sta->addr);
6119 			smps = WMI_PEER_SMPS_PS_NONE;
6120 			break;
6121 		}
6122 
6123 		arsta->smps = smps;
6124 	}
6125 
6126 	arsta->changed |= changed;
6127 
6128 	spin_unlock_bh(&ar->data_lock);
6129 
6130 	ieee80211_queue_work(hw, &arsta->update_wk);
6131 }
6132 
6133 static u64 ath10k_get_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
6134 {
6135 	/*
6136 	 * FIXME: Return 0 for time being. Need to figure out whether FW
6137 	 * has the API to fetch 64-bit local TSF
6138 	 */
6139 
6140 	return 0;
6141 }
6142 
6143 static int ath10k_ampdu_action(struct ieee80211_hw *hw,
6144 			       struct ieee80211_vif *vif,
6145 			       enum ieee80211_ampdu_mlme_action action,
6146 			       struct ieee80211_sta *sta, u16 tid, u16 *ssn,
6147 			       u8 buf_size)
6148 {
6149 	struct ath10k *ar = hw->priv;
6150 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
6151 
6152 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ampdu vdev_id %i sta %pM tid %hu action %d\n",
6153 		   arvif->vdev_id, sta->addr, tid, action);
6154 
6155 	switch (action) {
6156 	case IEEE80211_AMPDU_RX_START:
6157 	case IEEE80211_AMPDU_RX_STOP:
6158 		/* HTT AddBa/DelBa events trigger mac80211 Rx BA session
6159 		 * creation/removal. Do we need to verify this?
6160 		 */
6161 		return 0;
6162 	case IEEE80211_AMPDU_TX_START:
6163 	case IEEE80211_AMPDU_TX_STOP_CONT:
6164 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
6165 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
6166 	case IEEE80211_AMPDU_TX_OPERATIONAL:
6167 		/* Firmware offloads Tx aggregation entirely so deny mac80211
6168 		 * Tx aggregation requests.
6169 		 */
6170 		return -EOPNOTSUPP;
6171 	}
6172 
6173 	return -EINVAL;
6174 }
6175 
6176 static void
6177 ath10k_mac_update_rx_channel(struct ath10k *ar,
6178 			     struct ieee80211_chanctx_conf *ctx,
6179 			     struct ieee80211_vif_chanctx_switch *vifs,
6180 			     int n_vifs)
6181 {
6182 	struct cfg80211_chan_def *def = NULL;
6183 
6184 	/* Both locks are required because ar->rx_channel is modified. This
6185 	 * allows readers to hold either lock.
6186 	 */
6187 	lockdep_assert_held(&ar->conf_mutex);
6188 	lockdep_assert_held(&ar->data_lock);
6189 
6190 	WARN_ON(ctx && vifs);
6191 	WARN_ON(vifs && n_vifs != 1);
6192 
6193 	/* FIXME: Sort of an optimization and a workaround. Peers and vifs are
6194 	 * on a linked list now. Doing a lookup peer -> vif -> chanctx for each
6195 	 * ppdu on Rx may reduce performance on low-end systems. It should be
6196 	 * possible to make tables/hashmaps to speed the lookup up (be vary of
6197 	 * cpu data cache lines though regarding sizes) but to keep the initial
6198 	 * implementation simple and less intrusive fallback to the slow lookup
6199 	 * only for multi-channel cases. Single-channel cases will remain to
6200 	 * use the old channel derival and thus performance should not be
6201 	 * affected much.
6202 	 */
6203 	rcu_read_lock();
6204 	if (!ctx && ath10k_mac_num_chanctxs(ar) == 1) {
6205 		ieee80211_iter_chan_contexts_atomic(ar->hw,
6206 					ath10k_mac_get_any_chandef_iter,
6207 					&def);
6208 
6209 		if (vifs)
6210 			def = &vifs[0].new_ctx->def;
6211 
6212 		ar->rx_channel = def->chan;
6213 	} else if (ctx && ath10k_mac_num_chanctxs(ar) == 0) {
6214 		ar->rx_channel = ctx->def.chan;
6215 	} else {
6216 		ar->rx_channel = NULL;
6217 	}
6218 	rcu_read_unlock();
6219 }
6220 
6221 static int
6222 ath10k_mac_op_add_chanctx(struct ieee80211_hw *hw,
6223 			  struct ieee80211_chanctx_conf *ctx)
6224 {
6225 	struct ath10k *ar = hw->priv;
6226 
6227 	ath10k_dbg(ar, ATH10K_DBG_MAC,
6228 		   "mac chanctx add freq %hu width %d ptr %p\n",
6229 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
6230 
6231 	mutex_lock(&ar->conf_mutex);
6232 
6233 	spin_lock_bh(&ar->data_lock);
6234 	ath10k_mac_update_rx_channel(ar, ctx, NULL, 0);
6235 	spin_unlock_bh(&ar->data_lock);
6236 
6237 	ath10k_recalc_radar_detection(ar);
6238 	ath10k_monitor_recalc(ar);
6239 
6240 	mutex_unlock(&ar->conf_mutex);
6241 
6242 	return 0;
6243 }
6244 
6245 static void
6246 ath10k_mac_op_remove_chanctx(struct ieee80211_hw *hw,
6247 			     struct ieee80211_chanctx_conf *ctx)
6248 {
6249 	struct ath10k *ar = hw->priv;
6250 
6251 	ath10k_dbg(ar, ATH10K_DBG_MAC,
6252 		   "mac chanctx remove freq %hu width %d ptr %p\n",
6253 		   ctx->def.chan->center_freq, ctx->def.width, ctx);
6254 
6255 	mutex_lock(&ar->conf_mutex);
6256 
6257 	spin_lock_bh(&ar->data_lock);
6258 	ath10k_mac_update_rx_channel(ar, NULL, NULL, 0);
6259 	spin_unlock_bh(&ar->data_lock);
6260 
6261 	ath10k_recalc_radar_detection(ar);
6262 	ath10k_monitor_recalc(ar);
6263 
6264 	mutex_unlock(&ar->conf_mutex);
6265 }
6266 
6267 static void
6268 ath10k_mac_op_change_chanctx(struct ieee80211_hw *hw,
6269 			     struct ieee80211_chanctx_conf *ctx,
6270 			     u32 changed)
6271 {
6272 	struct ath10k *ar = hw->priv;
6273 
6274 	mutex_lock(&ar->conf_mutex);
6275 
6276 	ath10k_dbg(ar, ATH10K_DBG_MAC,
6277 		   "mac chanctx change freq %hu width %d ptr %p changed %x\n",
6278 		   ctx->def.chan->center_freq, ctx->def.width, ctx, changed);
6279 
6280 	/* This shouldn't really happen because channel switching should use
6281 	 * switch_vif_chanctx().
6282 	 */
6283 	if (WARN_ON(changed & IEEE80211_CHANCTX_CHANGE_CHANNEL))
6284 		goto unlock;
6285 
6286 	ath10k_recalc_radar_detection(ar);
6287 
6288 	/* FIXME: How to configure Rx chains properly? */
6289 
6290 	/* No other actions are actually necessary. Firmware maintains channel
6291 	 * definitions per vdev internally and there's no host-side channel
6292 	 * context abstraction to configure, e.g. channel width.
6293 	 */
6294 
6295 unlock:
6296 	mutex_unlock(&ar->conf_mutex);
6297 }
6298 
6299 static int
6300 ath10k_mac_op_assign_vif_chanctx(struct ieee80211_hw *hw,
6301 				 struct ieee80211_vif *vif,
6302 				 struct ieee80211_chanctx_conf *ctx)
6303 {
6304 	struct ath10k *ar = hw->priv;
6305 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6306 	int ret;
6307 
6308 	mutex_lock(&ar->conf_mutex);
6309 
6310 	ath10k_dbg(ar, ATH10K_DBG_MAC,
6311 		   "mac chanctx assign ptr %p vdev_id %i\n",
6312 		   ctx, arvif->vdev_id);
6313 
6314 	if (WARN_ON(arvif->is_started)) {
6315 		mutex_unlock(&ar->conf_mutex);
6316 		return -EBUSY;
6317 	}
6318 
6319 	ret = ath10k_vdev_start(arvif, &ctx->def);
6320 	if (ret) {
6321 		ath10k_warn(ar, "failed to start vdev %i addr %pM on freq %d: %d\n",
6322 			    arvif->vdev_id, vif->addr,
6323 			    ctx->def.chan->center_freq, ret);
6324 		goto err;
6325 	}
6326 
6327 	arvif->is_started = true;
6328 
6329 	ret = ath10k_mac_vif_setup_ps(arvif);
6330 	if (ret) {
6331 		ath10k_warn(ar, "failed to update vdev %i ps: %d\n",
6332 			    arvif->vdev_id, ret);
6333 		goto err_stop;
6334 	}
6335 
6336 	if (vif->type == NL80211_IFTYPE_MONITOR) {
6337 		ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, 0, vif->addr);
6338 		if (ret) {
6339 			ath10k_warn(ar, "failed to up monitor vdev %i: %d\n",
6340 				    arvif->vdev_id, ret);
6341 			goto err_stop;
6342 		}
6343 
6344 		arvif->is_up = true;
6345 	}
6346 
6347 	mutex_unlock(&ar->conf_mutex);
6348 	return 0;
6349 
6350 err_stop:
6351 	ath10k_vdev_stop(arvif);
6352 	arvif->is_started = false;
6353 	ath10k_mac_vif_setup_ps(arvif);
6354 
6355 err:
6356 	mutex_unlock(&ar->conf_mutex);
6357 	return ret;
6358 }
6359 
6360 static void
6361 ath10k_mac_op_unassign_vif_chanctx(struct ieee80211_hw *hw,
6362 				   struct ieee80211_vif *vif,
6363 				   struct ieee80211_chanctx_conf *ctx)
6364 {
6365 	struct ath10k *ar = hw->priv;
6366 	struct ath10k_vif *arvif = (void *)vif->drv_priv;
6367 	int ret;
6368 
6369 	mutex_lock(&ar->conf_mutex);
6370 
6371 	ath10k_dbg(ar, ATH10K_DBG_MAC,
6372 		   "mac chanctx unassign ptr %p vdev_id %i\n",
6373 		   ctx, arvif->vdev_id);
6374 
6375 	WARN_ON(!arvif->is_started);
6376 
6377 	if (vif->type == NL80211_IFTYPE_MONITOR) {
6378 		WARN_ON(!arvif->is_up);
6379 
6380 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
6381 		if (ret)
6382 			ath10k_warn(ar, "failed to down monitor vdev %i: %d\n",
6383 				    arvif->vdev_id, ret);
6384 
6385 		arvif->is_up = false;
6386 	}
6387 
6388 	ret = ath10k_vdev_stop(arvif);
6389 	if (ret)
6390 		ath10k_warn(ar, "failed to stop vdev %i: %d\n",
6391 			    arvif->vdev_id, ret);
6392 
6393 	arvif->is_started = false;
6394 
6395 	mutex_unlock(&ar->conf_mutex);
6396 }
6397 
6398 static int
6399 ath10k_mac_op_switch_vif_chanctx(struct ieee80211_hw *hw,
6400 				 struct ieee80211_vif_chanctx_switch *vifs,
6401 				 int n_vifs,
6402 				 enum ieee80211_chanctx_switch_mode mode)
6403 {
6404 	struct ath10k *ar = hw->priv;
6405 	struct ath10k_vif *arvif;
6406 	int ret;
6407 	int i;
6408 
6409 	mutex_lock(&ar->conf_mutex);
6410 
6411 	ath10k_dbg(ar, ATH10K_DBG_MAC,
6412 		   "mac chanctx switch n_vifs %d mode %d\n",
6413 		   n_vifs, mode);
6414 
6415 	/* First stop monitor interface. Some FW versions crash if there's a
6416 	 * lone monitor interface.
6417 	 */
6418 	if (ar->monitor_started)
6419 		ath10k_monitor_stop(ar);
6420 
6421 	for (i = 0; i < n_vifs; i++) {
6422 		arvif = ath10k_vif_to_arvif(vifs[i].vif);
6423 
6424 		ath10k_dbg(ar, ATH10K_DBG_MAC,
6425 			   "mac chanctx switch vdev_id %i freq %hu->%hu width %d->%d\n",
6426 			   arvif->vdev_id,
6427 			   vifs[i].old_ctx->def.chan->center_freq,
6428 			   vifs[i].new_ctx->def.chan->center_freq,
6429 			   vifs[i].old_ctx->def.width,
6430 			   vifs[i].new_ctx->def.width);
6431 
6432 		if (WARN_ON(!arvif->is_started))
6433 			continue;
6434 
6435 		if (WARN_ON(!arvif->is_up))
6436 			continue;
6437 
6438 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
6439 		if (ret) {
6440 			ath10k_warn(ar, "failed to down vdev %d: %d\n",
6441 				    arvif->vdev_id, ret);
6442 			continue;
6443 		}
6444 	}
6445 
6446 	/* All relevant vdevs are downed and associated channel resources
6447 	 * should be available for the channel switch now.
6448 	 */
6449 
6450 	spin_lock_bh(&ar->data_lock);
6451 	ath10k_mac_update_rx_channel(ar, NULL, vifs, n_vifs);
6452 	spin_unlock_bh(&ar->data_lock);
6453 
6454 	for (i = 0; i < n_vifs; i++) {
6455 		arvif = ath10k_vif_to_arvif(vifs[i].vif);
6456 
6457 		if (WARN_ON(!arvif->is_started))
6458 			continue;
6459 
6460 		if (WARN_ON(!arvif->is_up))
6461 			continue;
6462 
6463 		ret = ath10k_mac_setup_bcn_tmpl(arvif);
6464 		if (ret)
6465 			ath10k_warn(ar, "failed to update bcn tmpl during csa: %d\n",
6466 				    ret);
6467 
6468 		ret = ath10k_mac_setup_prb_tmpl(arvif);
6469 		if (ret)
6470 			ath10k_warn(ar, "failed to update prb tmpl during csa: %d\n",
6471 				    ret);
6472 
6473 		ret = ath10k_vdev_restart(arvif, &vifs[i].new_ctx->def);
6474 		if (ret) {
6475 			ath10k_warn(ar, "failed to restart vdev %d: %d\n",
6476 				    arvif->vdev_id, ret);
6477 			continue;
6478 		}
6479 
6480 		ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
6481 					 arvif->bssid);
6482 		if (ret) {
6483 			ath10k_warn(ar, "failed to bring vdev up %d: %d\n",
6484 				    arvif->vdev_id, ret);
6485 			continue;
6486 		}
6487 	}
6488 
6489 	ath10k_monitor_recalc(ar);
6490 
6491 	mutex_unlock(&ar->conf_mutex);
6492 	return 0;
6493 }
6494 
6495 static const struct ieee80211_ops ath10k_ops = {
6496 	.tx				= ath10k_tx,
6497 	.start				= ath10k_start,
6498 	.stop				= ath10k_stop,
6499 	.config				= ath10k_config,
6500 	.add_interface			= ath10k_add_interface,
6501 	.remove_interface		= ath10k_remove_interface,
6502 	.configure_filter		= ath10k_configure_filter,
6503 	.bss_info_changed		= ath10k_bss_info_changed,
6504 	.hw_scan			= ath10k_hw_scan,
6505 	.cancel_hw_scan			= ath10k_cancel_hw_scan,
6506 	.set_key			= ath10k_set_key,
6507 	.set_default_unicast_key        = ath10k_set_default_unicast_key,
6508 	.sta_state			= ath10k_sta_state,
6509 	.conf_tx			= ath10k_conf_tx,
6510 	.remain_on_channel		= ath10k_remain_on_channel,
6511 	.cancel_remain_on_channel	= ath10k_cancel_remain_on_channel,
6512 	.set_rts_threshold		= ath10k_set_rts_threshold,
6513 	.set_frag_threshold		= ath10k_mac_op_set_frag_threshold,
6514 	.flush				= ath10k_flush,
6515 	.tx_last_beacon			= ath10k_tx_last_beacon,
6516 	.set_antenna			= ath10k_set_antenna,
6517 	.get_antenna			= ath10k_get_antenna,
6518 	.reconfig_complete		= ath10k_reconfig_complete,
6519 	.get_survey			= ath10k_get_survey,
6520 	.set_bitrate_mask		= ath10k_mac_op_set_bitrate_mask,
6521 	.sta_rc_update			= ath10k_sta_rc_update,
6522 	.get_tsf			= ath10k_get_tsf,
6523 	.ampdu_action			= ath10k_ampdu_action,
6524 	.get_et_sset_count		= ath10k_debug_get_et_sset_count,
6525 	.get_et_stats			= ath10k_debug_get_et_stats,
6526 	.get_et_strings			= ath10k_debug_get_et_strings,
6527 	.add_chanctx			= ath10k_mac_op_add_chanctx,
6528 	.remove_chanctx			= ath10k_mac_op_remove_chanctx,
6529 	.change_chanctx			= ath10k_mac_op_change_chanctx,
6530 	.assign_vif_chanctx		= ath10k_mac_op_assign_vif_chanctx,
6531 	.unassign_vif_chanctx		= ath10k_mac_op_unassign_vif_chanctx,
6532 	.switch_vif_chanctx		= ath10k_mac_op_switch_vif_chanctx,
6533 
6534 	CFG80211_TESTMODE_CMD(ath10k_tm_cmd)
6535 
6536 #ifdef CONFIG_PM
6537 	.suspend			= ath10k_wow_op_suspend,
6538 	.resume				= ath10k_wow_op_resume,
6539 #endif
6540 #ifdef CONFIG_MAC80211_DEBUGFS
6541 	.sta_add_debugfs		= ath10k_sta_add_debugfs,
6542 #endif
6543 };
6544 
6545 #define CHAN2G(_channel, _freq, _flags) { \
6546 	.band			= IEEE80211_BAND_2GHZ, \
6547 	.hw_value		= (_channel), \
6548 	.center_freq		= (_freq), \
6549 	.flags			= (_flags), \
6550 	.max_antenna_gain	= 0, \
6551 	.max_power		= 30, \
6552 }
6553 
6554 #define CHAN5G(_channel, _freq, _flags) { \
6555 	.band			= IEEE80211_BAND_5GHZ, \
6556 	.hw_value		= (_channel), \
6557 	.center_freq		= (_freq), \
6558 	.flags			= (_flags), \
6559 	.max_antenna_gain	= 0, \
6560 	.max_power		= 30, \
6561 }
6562 
6563 static const struct ieee80211_channel ath10k_2ghz_channels[] = {
6564 	CHAN2G(1, 2412, 0),
6565 	CHAN2G(2, 2417, 0),
6566 	CHAN2G(3, 2422, 0),
6567 	CHAN2G(4, 2427, 0),
6568 	CHAN2G(5, 2432, 0),
6569 	CHAN2G(6, 2437, 0),
6570 	CHAN2G(7, 2442, 0),
6571 	CHAN2G(8, 2447, 0),
6572 	CHAN2G(9, 2452, 0),
6573 	CHAN2G(10, 2457, 0),
6574 	CHAN2G(11, 2462, 0),
6575 	CHAN2G(12, 2467, 0),
6576 	CHAN2G(13, 2472, 0),
6577 	CHAN2G(14, 2484, 0),
6578 };
6579 
6580 static const struct ieee80211_channel ath10k_5ghz_channels[] = {
6581 	CHAN5G(36, 5180, 0),
6582 	CHAN5G(40, 5200, 0),
6583 	CHAN5G(44, 5220, 0),
6584 	CHAN5G(48, 5240, 0),
6585 	CHAN5G(52, 5260, 0),
6586 	CHAN5G(56, 5280, 0),
6587 	CHAN5G(60, 5300, 0),
6588 	CHAN5G(64, 5320, 0),
6589 	CHAN5G(100, 5500, 0),
6590 	CHAN5G(104, 5520, 0),
6591 	CHAN5G(108, 5540, 0),
6592 	CHAN5G(112, 5560, 0),
6593 	CHAN5G(116, 5580, 0),
6594 	CHAN5G(120, 5600, 0),
6595 	CHAN5G(124, 5620, 0),
6596 	CHAN5G(128, 5640, 0),
6597 	CHAN5G(132, 5660, 0),
6598 	CHAN5G(136, 5680, 0),
6599 	CHAN5G(140, 5700, 0),
6600 	CHAN5G(144, 5720, 0),
6601 	CHAN5G(149, 5745, 0),
6602 	CHAN5G(153, 5765, 0),
6603 	CHAN5G(157, 5785, 0),
6604 	CHAN5G(161, 5805, 0),
6605 	CHAN5G(165, 5825, 0),
6606 };
6607 
6608 struct ath10k *ath10k_mac_create(size_t priv_size)
6609 {
6610 	struct ieee80211_hw *hw;
6611 	struct ath10k *ar;
6612 
6613 	hw = ieee80211_alloc_hw(sizeof(struct ath10k) + priv_size, &ath10k_ops);
6614 	if (!hw)
6615 		return NULL;
6616 
6617 	ar = hw->priv;
6618 	ar->hw = hw;
6619 
6620 	return ar;
6621 }
6622 
6623 void ath10k_mac_destroy(struct ath10k *ar)
6624 {
6625 	ieee80211_free_hw(ar->hw);
6626 }
6627 
6628 static const struct ieee80211_iface_limit ath10k_if_limits[] = {
6629 	{
6630 	.max	= 8,
6631 	.types	= BIT(NL80211_IFTYPE_STATION)
6632 		| BIT(NL80211_IFTYPE_P2P_CLIENT)
6633 	},
6634 	{
6635 	.max	= 3,
6636 	.types	= BIT(NL80211_IFTYPE_P2P_GO)
6637 	},
6638 	{
6639 	.max	= 1,
6640 	.types	= BIT(NL80211_IFTYPE_P2P_DEVICE)
6641 	},
6642 	{
6643 	.max	= 7,
6644 	.types	= BIT(NL80211_IFTYPE_AP)
6645 	},
6646 };
6647 
6648 static const struct ieee80211_iface_limit ath10k_10x_if_limits[] = {
6649 	{
6650 	.max	= 8,
6651 	.types	= BIT(NL80211_IFTYPE_AP)
6652 	},
6653 };
6654 
6655 static const struct ieee80211_iface_combination ath10k_if_comb[] = {
6656 	{
6657 		.limits = ath10k_if_limits,
6658 		.n_limits = ARRAY_SIZE(ath10k_if_limits),
6659 		.max_interfaces = 8,
6660 		.num_different_channels = 1,
6661 		.beacon_int_infra_match = true,
6662 	},
6663 };
6664 
6665 static const struct ieee80211_iface_combination ath10k_10x_if_comb[] = {
6666 	{
6667 		.limits = ath10k_10x_if_limits,
6668 		.n_limits = ARRAY_SIZE(ath10k_10x_if_limits),
6669 		.max_interfaces = 8,
6670 		.num_different_channels = 1,
6671 		.beacon_int_infra_match = true,
6672 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
6673 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
6674 					BIT(NL80211_CHAN_WIDTH_20) |
6675 					BIT(NL80211_CHAN_WIDTH_40) |
6676 					BIT(NL80211_CHAN_WIDTH_80),
6677 #endif
6678 	},
6679 };
6680 
6681 static const struct ieee80211_iface_limit ath10k_tlv_if_limit[] = {
6682 	{
6683 		.max = 2,
6684 		.types = BIT(NL80211_IFTYPE_STATION),
6685 	},
6686 	{
6687 		.max = 2,
6688 		.types = BIT(NL80211_IFTYPE_AP) |
6689 			 BIT(NL80211_IFTYPE_P2P_CLIENT) |
6690 			 BIT(NL80211_IFTYPE_P2P_GO),
6691 	},
6692 	{
6693 		.max = 1,
6694 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
6695 	},
6696 };
6697 
6698 static const struct ieee80211_iface_limit ath10k_tlv_qcs_if_limit[] = {
6699 	{
6700 		.max = 2,
6701 		.types = BIT(NL80211_IFTYPE_STATION),
6702 	},
6703 	{
6704 		.max = 2,
6705 		.types = BIT(NL80211_IFTYPE_P2P_CLIENT),
6706 	},
6707 	{
6708 		.max = 1,
6709 		.types = BIT(NL80211_IFTYPE_AP) |
6710 			 BIT(NL80211_IFTYPE_P2P_GO),
6711 	},
6712 	{
6713 		.max = 1,
6714 		.types = BIT(NL80211_IFTYPE_P2P_DEVICE),
6715 	},
6716 };
6717 
6718 static const struct ieee80211_iface_limit ath10k_tlv_if_limit_ibss[] = {
6719 	{
6720 		.max = 1,
6721 		.types = BIT(NL80211_IFTYPE_STATION),
6722 	},
6723 	{
6724 		.max = 1,
6725 		.types = BIT(NL80211_IFTYPE_ADHOC),
6726 	},
6727 };
6728 
6729 /* FIXME: This is not thouroughly tested. These combinations may over- or
6730  * underestimate hw/fw capabilities.
6731  */
6732 static struct ieee80211_iface_combination ath10k_tlv_if_comb[] = {
6733 	{
6734 		.limits = ath10k_tlv_if_limit,
6735 		.num_different_channels = 1,
6736 		.max_interfaces = 4,
6737 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
6738 	},
6739 	{
6740 		.limits = ath10k_tlv_if_limit_ibss,
6741 		.num_different_channels = 1,
6742 		.max_interfaces = 2,
6743 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
6744 	},
6745 };
6746 
6747 static struct ieee80211_iface_combination ath10k_tlv_qcs_if_comb[] = {
6748 	{
6749 		.limits = ath10k_tlv_if_limit,
6750 		.num_different_channels = 1,
6751 		.max_interfaces = 4,
6752 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit),
6753 	},
6754 	{
6755 		.limits = ath10k_tlv_qcs_if_limit,
6756 		.num_different_channels = 2,
6757 		.max_interfaces = 4,
6758 		.n_limits = ARRAY_SIZE(ath10k_tlv_qcs_if_limit),
6759 	},
6760 	{
6761 		.limits = ath10k_tlv_if_limit_ibss,
6762 		.num_different_channels = 1,
6763 		.max_interfaces = 2,
6764 		.n_limits = ARRAY_SIZE(ath10k_tlv_if_limit_ibss),
6765 	},
6766 };
6767 
6768 static const struct ieee80211_iface_limit ath10k_10_4_if_limits[] = {
6769 	{
6770 		.max = 1,
6771 		.types = BIT(NL80211_IFTYPE_STATION),
6772 	},
6773 	{
6774 		.max	= 16,
6775 		.types	= BIT(NL80211_IFTYPE_AP)
6776 	},
6777 };
6778 
6779 static const struct ieee80211_iface_combination ath10k_10_4_if_comb[] = {
6780 	{
6781 		.limits = ath10k_10_4_if_limits,
6782 		.n_limits = ARRAY_SIZE(ath10k_10_4_if_limits),
6783 		.max_interfaces = 16,
6784 		.num_different_channels = 1,
6785 		.beacon_int_infra_match = true,
6786 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
6787 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
6788 					BIT(NL80211_CHAN_WIDTH_20) |
6789 					BIT(NL80211_CHAN_WIDTH_40) |
6790 					BIT(NL80211_CHAN_WIDTH_80),
6791 #endif
6792 	},
6793 };
6794 
6795 static struct ieee80211_sta_vht_cap ath10k_create_vht_cap(struct ath10k *ar)
6796 {
6797 	struct ieee80211_sta_vht_cap vht_cap = {0};
6798 	u16 mcs_map;
6799 	u32 val;
6800 	int i;
6801 
6802 	vht_cap.vht_supported = 1;
6803 	vht_cap.cap = ar->vht_cap_info;
6804 
6805 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE |
6806 				IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE)) {
6807 		val = ar->num_rf_chains - 1;
6808 		val <<= IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT;
6809 		val &= IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK;
6810 
6811 		vht_cap.cap |= val;
6812 	}
6813 
6814 	if (ar->vht_cap_info & (IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE |
6815 				IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE)) {
6816 		val = ar->num_rf_chains - 1;
6817 		val <<= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT;
6818 		val &= IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK;
6819 
6820 		vht_cap.cap |= val;
6821 	}
6822 
6823 	mcs_map = 0;
6824 	for (i = 0; i < 8; i++) {
6825 		if (i < ar->num_rf_chains)
6826 			mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i*2);
6827 		else
6828 			mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i*2);
6829 	}
6830 
6831 	vht_cap.vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
6832 	vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
6833 
6834 	return vht_cap;
6835 }
6836 
6837 static struct ieee80211_sta_ht_cap ath10k_get_ht_cap(struct ath10k *ar)
6838 {
6839 	int i;
6840 	struct ieee80211_sta_ht_cap ht_cap = {0};
6841 
6842 	if (!(ar->ht_cap_info & WMI_HT_CAP_ENABLED))
6843 		return ht_cap;
6844 
6845 	ht_cap.ht_supported = 1;
6846 	ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
6847 	ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_8;
6848 	ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
6849 	ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
6850 	ht_cap.cap |= WLAN_HT_CAP_SM_PS_STATIC << IEEE80211_HT_CAP_SM_PS_SHIFT;
6851 
6852 	if (ar->ht_cap_info & WMI_HT_CAP_HT20_SGI)
6853 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
6854 
6855 	if (ar->ht_cap_info & WMI_HT_CAP_HT40_SGI)
6856 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
6857 
6858 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS) {
6859 		u32 smps;
6860 
6861 		smps   = WLAN_HT_CAP_SM_PS_DYNAMIC;
6862 		smps <<= IEEE80211_HT_CAP_SM_PS_SHIFT;
6863 
6864 		ht_cap.cap |= smps;
6865 	}
6866 
6867 	if (ar->ht_cap_info & WMI_HT_CAP_TX_STBC)
6868 		ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
6869 
6870 	if (ar->ht_cap_info & WMI_HT_CAP_RX_STBC) {
6871 		u32 stbc;
6872 
6873 		stbc   = ar->ht_cap_info;
6874 		stbc  &= WMI_HT_CAP_RX_STBC;
6875 		stbc >>= WMI_HT_CAP_RX_STBC_MASK_SHIFT;
6876 		stbc <<= IEEE80211_HT_CAP_RX_STBC_SHIFT;
6877 		stbc  &= IEEE80211_HT_CAP_RX_STBC;
6878 
6879 		ht_cap.cap |= stbc;
6880 	}
6881 
6882 	if (ar->ht_cap_info & WMI_HT_CAP_LDPC)
6883 		ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
6884 
6885 	if (ar->ht_cap_info & WMI_HT_CAP_L_SIG_TXOP_PROT)
6886 		ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
6887 
6888 	/* max AMSDU is implicitly taken from vht_cap_info */
6889 	if (ar->vht_cap_info & WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
6890 		ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
6891 
6892 	for (i = 0; i < ar->num_rf_chains; i++)
6893 		ht_cap.mcs.rx_mask[i] = 0xFF;
6894 
6895 	ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
6896 
6897 	return ht_cap;
6898 }
6899 
6900 static void ath10k_get_arvif_iter(void *data, u8 *mac,
6901 				  struct ieee80211_vif *vif)
6902 {
6903 	struct ath10k_vif_iter *arvif_iter = data;
6904 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
6905 
6906 	if (arvif->vdev_id == arvif_iter->vdev_id)
6907 		arvif_iter->arvif = arvif;
6908 }
6909 
6910 struct ath10k_vif *ath10k_get_arvif(struct ath10k *ar, u32 vdev_id)
6911 {
6912 	struct ath10k_vif_iter arvif_iter;
6913 	u32 flags;
6914 
6915 	memset(&arvif_iter, 0, sizeof(struct ath10k_vif_iter));
6916 	arvif_iter.vdev_id = vdev_id;
6917 
6918 	flags = IEEE80211_IFACE_ITER_RESUME_ALL;
6919 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
6920 						   flags,
6921 						   ath10k_get_arvif_iter,
6922 						   &arvif_iter);
6923 	if (!arvif_iter.arvif) {
6924 		ath10k_warn(ar, "No VIF found for vdev %d\n", vdev_id);
6925 		return NULL;
6926 	}
6927 
6928 	return arvif_iter.arvif;
6929 }
6930 
6931 int ath10k_mac_register(struct ath10k *ar)
6932 {
6933 	static const u32 cipher_suites[] = {
6934 		WLAN_CIPHER_SUITE_WEP40,
6935 		WLAN_CIPHER_SUITE_WEP104,
6936 		WLAN_CIPHER_SUITE_TKIP,
6937 		WLAN_CIPHER_SUITE_CCMP,
6938 		WLAN_CIPHER_SUITE_AES_CMAC,
6939 	};
6940 	struct ieee80211_supported_band *band;
6941 	struct ieee80211_sta_vht_cap vht_cap;
6942 	struct ieee80211_sta_ht_cap ht_cap;
6943 	void *channels;
6944 	int ret;
6945 
6946 	SET_IEEE80211_PERM_ADDR(ar->hw, ar->mac_addr);
6947 
6948 	SET_IEEE80211_DEV(ar->hw, ar->dev);
6949 
6950 	ht_cap = ath10k_get_ht_cap(ar);
6951 	vht_cap = ath10k_create_vht_cap(ar);
6952 
6953 	BUILD_BUG_ON((ARRAY_SIZE(ath10k_2ghz_channels) +
6954 		      ARRAY_SIZE(ath10k_5ghz_channels)) !=
6955 		     ATH10K_NUM_CHANS);
6956 
6957 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
6958 		channels = kmemdup(ath10k_2ghz_channels,
6959 				   sizeof(ath10k_2ghz_channels),
6960 				   GFP_KERNEL);
6961 		if (!channels) {
6962 			ret = -ENOMEM;
6963 			goto err_free;
6964 		}
6965 
6966 		band = &ar->mac.sbands[IEEE80211_BAND_2GHZ];
6967 		band->n_channels = ARRAY_SIZE(ath10k_2ghz_channels);
6968 		band->channels = channels;
6969 		band->n_bitrates = ath10k_g_rates_size;
6970 		band->bitrates = ath10k_g_rates;
6971 		band->ht_cap = ht_cap;
6972 
6973 		/* Enable the VHT support at 2.4 GHz */
6974 		band->vht_cap = vht_cap;
6975 
6976 		ar->hw->wiphy->bands[IEEE80211_BAND_2GHZ] = band;
6977 	}
6978 
6979 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
6980 		channels = kmemdup(ath10k_5ghz_channels,
6981 				   sizeof(ath10k_5ghz_channels),
6982 				   GFP_KERNEL);
6983 		if (!channels) {
6984 			ret = -ENOMEM;
6985 			goto err_free;
6986 		}
6987 
6988 		band = &ar->mac.sbands[IEEE80211_BAND_5GHZ];
6989 		band->n_channels = ARRAY_SIZE(ath10k_5ghz_channels);
6990 		band->channels = channels;
6991 		band->n_bitrates = ath10k_a_rates_size;
6992 		band->bitrates = ath10k_a_rates;
6993 		band->ht_cap = ht_cap;
6994 		band->vht_cap = vht_cap;
6995 		ar->hw->wiphy->bands[IEEE80211_BAND_5GHZ] = band;
6996 	}
6997 
6998 	ar->hw->wiphy->interface_modes =
6999 		BIT(NL80211_IFTYPE_STATION) |
7000 		BIT(NL80211_IFTYPE_AP);
7001 
7002 	ar->hw->wiphy->available_antennas_rx = ar->supp_rx_chainmask;
7003 	ar->hw->wiphy->available_antennas_tx = ar->supp_tx_chainmask;
7004 
7005 	if (!test_bit(ATH10K_FW_FEATURE_NO_P2P, ar->fw_features))
7006 		ar->hw->wiphy->interface_modes |=
7007 			BIT(NL80211_IFTYPE_P2P_DEVICE) |
7008 			BIT(NL80211_IFTYPE_P2P_CLIENT) |
7009 			BIT(NL80211_IFTYPE_P2P_GO);
7010 
7011 	ieee80211_hw_set(ar->hw, SIGNAL_DBM);
7012 	ieee80211_hw_set(ar->hw, SUPPORTS_PS);
7013 	ieee80211_hw_set(ar->hw, SUPPORTS_DYNAMIC_PS);
7014 	ieee80211_hw_set(ar->hw, MFP_CAPABLE);
7015 	ieee80211_hw_set(ar->hw, REPORTS_TX_ACK_STATUS);
7016 	ieee80211_hw_set(ar->hw, HAS_RATE_CONTROL);
7017 	ieee80211_hw_set(ar->hw, AP_LINK_PS);
7018 	ieee80211_hw_set(ar->hw, SPECTRUM_MGMT);
7019 	ieee80211_hw_set(ar->hw, SUPPORT_FAST_XMIT);
7020 	ieee80211_hw_set(ar->hw, CONNECTION_MONITOR);
7021 	ieee80211_hw_set(ar->hw, SUPPORTS_PER_STA_GTK);
7022 	ieee80211_hw_set(ar->hw, WANT_MONITOR_VIF);
7023 	ieee80211_hw_set(ar->hw, CHANCTX_STA_CSA);
7024 	ieee80211_hw_set(ar->hw, QUEUE_CONTROL);
7025 
7026 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
7027 		ieee80211_hw_set(ar->hw, SW_CRYPTO_CONTROL);
7028 
7029 	ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
7030 	ar->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
7031 
7032 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS)
7033 		ar->hw->wiphy->features |= NL80211_FEATURE_DYNAMIC_SMPS;
7034 
7035 	if (ar->ht_cap_info & WMI_HT_CAP_ENABLED) {
7036 		ieee80211_hw_set(ar->hw, AMPDU_AGGREGATION);
7037 		ieee80211_hw_set(ar->hw, TX_AMPDU_SETUP_IN_HW);
7038 	}
7039 
7040 	ar->hw->wiphy->max_scan_ssids = WLAN_SCAN_PARAMS_MAX_SSID;
7041 	ar->hw->wiphy->max_scan_ie_len = WLAN_SCAN_PARAMS_MAX_IE_LEN;
7042 
7043 	ar->hw->vif_data_size = sizeof(struct ath10k_vif);
7044 	ar->hw->sta_data_size = sizeof(struct ath10k_sta);
7045 
7046 	ar->hw->max_listen_interval = ATH10K_MAX_HW_LISTEN_INTERVAL;
7047 
7048 	if (test_bit(WMI_SERVICE_BEACON_OFFLOAD, ar->wmi.svc_map)) {
7049 		ar->hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
7050 
7051 		/* Firmware delivers WPS/P2P Probe Requests frames to driver so
7052 		 * that userspace (e.g. wpa_supplicant/hostapd) can generate
7053 		 * correct Probe Responses. This is more of a hack advert..
7054 		 */
7055 		ar->hw->wiphy->probe_resp_offload |=
7056 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS |
7057 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2 |
7058 			NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
7059 	}
7060 
7061 	if (test_bit(WMI_SERVICE_TDLS, ar->wmi.svc_map))
7062 		ar->hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
7063 
7064 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
7065 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
7066 	ar->hw->wiphy->max_remain_on_channel_duration = 5000;
7067 
7068 	ar->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
7069 	ar->hw->wiphy->features |= NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE;
7070 
7071 	ar->hw->wiphy->max_ap_assoc_sta = ar->max_num_stations;
7072 
7073 	ret = ath10k_wow_init(ar);
7074 	if (ret) {
7075 		ath10k_warn(ar, "failed to init wow: %d\n", ret);
7076 		goto err_free;
7077 	}
7078 
7079 	wiphy_ext_feature_set(ar->hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
7080 
7081 	/*
7082 	 * on LL hardware queues are managed entirely by the FW
7083 	 * so we only advertise to mac we can do the queues thing
7084 	 */
7085 	ar->hw->queues = IEEE80211_MAX_QUEUES;
7086 
7087 	/* vdev_ids are used as hw queue numbers. Make sure offchan tx queue is
7088 	 * something that vdev_ids can't reach so that we don't stop the queue
7089 	 * accidentally.
7090 	 */
7091 	ar->hw->offchannel_tx_hw_queue = IEEE80211_MAX_QUEUES - 1;
7092 
7093 	switch (ar->wmi.op_version) {
7094 	case ATH10K_FW_WMI_OP_VERSION_MAIN:
7095 		ar->hw->wiphy->iface_combinations = ath10k_if_comb;
7096 		ar->hw->wiphy->n_iface_combinations =
7097 			ARRAY_SIZE(ath10k_if_comb);
7098 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
7099 		break;
7100 	case ATH10K_FW_WMI_OP_VERSION_TLV:
7101 		if (test_bit(WMI_SERVICE_ADAPTIVE_OCS, ar->wmi.svc_map)) {
7102 			ar->hw->wiphy->iface_combinations =
7103 				ath10k_tlv_qcs_if_comb;
7104 			ar->hw->wiphy->n_iface_combinations =
7105 				ARRAY_SIZE(ath10k_tlv_qcs_if_comb);
7106 		} else {
7107 			ar->hw->wiphy->iface_combinations = ath10k_tlv_if_comb;
7108 			ar->hw->wiphy->n_iface_combinations =
7109 				ARRAY_SIZE(ath10k_tlv_if_comb);
7110 		}
7111 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
7112 		break;
7113 	case ATH10K_FW_WMI_OP_VERSION_10_1:
7114 	case ATH10K_FW_WMI_OP_VERSION_10_2:
7115 	case ATH10K_FW_WMI_OP_VERSION_10_2_4:
7116 		ar->hw->wiphy->iface_combinations = ath10k_10x_if_comb;
7117 		ar->hw->wiphy->n_iface_combinations =
7118 			ARRAY_SIZE(ath10k_10x_if_comb);
7119 		break;
7120 	case ATH10K_FW_WMI_OP_VERSION_10_4:
7121 		ar->hw->wiphy->iface_combinations = ath10k_10_4_if_comb;
7122 		ar->hw->wiphy->n_iface_combinations =
7123 			ARRAY_SIZE(ath10k_10_4_if_comb);
7124 		break;
7125 	case ATH10K_FW_WMI_OP_VERSION_UNSET:
7126 	case ATH10K_FW_WMI_OP_VERSION_MAX:
7127 		WARN_ON(1);
7128 		ret = -EINVAL;
7129 		goto err_free;
7130 	}
7131 
7132 	if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags))
7133 		ar->hw->netdev_features = NETIF_F_HW_CSUM;
7134 
7135 	if (config_enabled(CONFIG_ATH10K_DFS_CERTIFIED)) {
7136 		/* Init ath dfs pattern detector */
7137 		ar->ath_common.debug_mask = ATH_DBG_DFS;
7138 		ar->dfs_detector = dfs_pattern_detector_init(&ar->ath_common,
7139 							     NL80211_DFS_UNSET);
7140 
7141 		if (!ar->dfs_detector)
7142 			ath10k_warn(ar, "failed to initialise DFS pattern detector\n");
7143 	}
7144 
7145 	ret = ath_regd_init(&ar->ath_common.regulatory, ar->hw->wiphy,
7146 			    ath10k_reg_notifier);
7147 	if (ret) {
7148 		ath10k_err(ar, "failed to initialise regulatory: %i\n", ret);
7149 		goto err_free;
7150 	}
7151 
7152 	ar->hw->wiphy->cipher_suites = cipher_suites;
7153 	ar->hw->wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
7154 
7155 	ret = ieee80211_register_hw(ar->hw);
7156 	if (ret) {
7157 		ath10k_err(ar, "failed to register ieee80211: %d\n", ret);
7158 		goto err_free;
7159 	}
7160 
7161 	if (!ath_is_world_regd(&ar->ath_common.regulatory)) {
7162 		ret = regulatory_hint(ar->hw->wiphy,
7163 				      ar->ath_common.regulatory.alpha2);
7164 		if (ret)
7165 			goto err_unregister;
7166 	}
7167 
7168 	return 0;
7169 
7170 err_unregister:
7171 	ieee80211_unregister_hw(ar->hw);
7172 err_free:
7173 	kfree(ar->mac.sbands[IEEE80211_BAND_2GHZ].channels);
7174 	kfree(ar->mac.sbands[IEEE80211_BAND_5GHZ].channels);
7175 
7176 	return ret;
7177 }
7178 
7179 void ath10k_mac_unregister(struct ath10k *ar)
7180 {
7181 	ieee80211_unregister_hw(ar->hw);
7182 
7183 	if (config_enabled(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
7184 		ar->dfs_detector->exit(ar->dfs_detector);
7185 
7186 	kfree(ar->mac.sbands[IEEE80211_BAND_2GHZ].channels);
7187 	kfree(ar->mac.sbands[IEEE80211_BAND_5GHZ].channels);
7188 
7189 	SET_IEEE80211_DEV(ar->hw, NULL);
7190 }
7191