1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2012-2014, 2018-2021 Intel Corporation 4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH 5 * Copyright (C) 2016-2017 Intel Deutschland GmbH 6 */ 7 #include <linux/kernel.h> 8 #include <linux/slab.h> 9 #include <linux/skbuff.h> 10 #include <linux/netdevice.h> 11 #include <linux/etherdevice.h> 12 #include <linux/ip.h> 13 #include <linux/if_arp.h> 14 #include <linux/time.h> 15 #include <net/mac80211.h> 16 #include <net/ieee80211_radiotap.h> 17 #include <net/tcp.h> 18 19 #include "iwl-drv.h" 20 #include "iwl-op-mode.h" 21 #include "iwl-io.h" 22 #include "mvm.h" 23 #include "sta.h" 24 #include "time-event.h" 25 #include "iwl-eeprom-parse.h" 26 #include "iwl-phy-db.h" 27 #include "testmode.h" 28 #include "fw/error-dump.h" 29 #include "iwl-prph.h" 30 #include "iwl-nvm-parse.h" 31 32 static const struct ieee80211_iface_limit iwl_mvm_limits[] = { 33 { 34 .max = 1, 35 .types = BIT(NL80211_IFTYPE_STATION), 36 }, 37 { 38 .max = 1, 39 .types = BIT(NL80211_IFTYPE_AP) | 40 BIT(NL80211_IFTYPE_P2P_CLIENT) | 41 BIT(NL80211_IFTYPE_P2P_GO), 42 }, 43 { 44 .max = 1, 45 .types = BIT(NL80211_IFTYPE_P2P_DEVICE), 46 }, 47 }; 48 49 static const struct ieee80211_iface_combination iwl_mvm_iface_combinations[] = { 50 { 51 .num_different_channels = 2, 52 .max_interfaces = 3, 53 .limits = iwl_mvm_limits, 54 .n_limits = ARRAY_SIZE(iwl_mvm_limits), 55 }, 56 }; 57 58 static const struct cfg80211_pmsr_capabilities iwl_mvm_pmsr_capa = { 59 .max_peers = IWL_MVM_TOF_MAX_APS, 60 .report_ap_tsf = 1, 61 .randomize_mac_addr = 1, 62 63 .ftm = { 64 .supported = 1, 65 .asap = 1, 66 .non_asap = 1, 67 .request_lci = 1, 68 .request_civicloc = 1, 69 .trigger_based = 1, 70 .non_trigger_based = 1, 71 .max_bursts_exponent = -1, /* all supported */ 72 .max_ftms_per_burst = 0, /* no limits */ 73 .bandwidths = BIT(NL80211_CHAN_WIDTH_20_NOHT) | 74 BIT(NL80211_CHAN_WIDTH_20) | 75 BIT(NL80211_CHAN_WIDTH_40) | 76 BIT(NL80211_CHAN_WIDTH_80) | 77 BIT(NL80211_CHAN_WIDTH_160), 78 .preambles = BIT(NL80211_PREAMBLE_LEGACY) | 79 BIT(NL80211_PREAMBLE_HT) | 80 BIT(NL80211_PREAMBLE_VHT) | 81 BIT(NL80211_PREAMBLE_HE), 82 }, 83 }; 84 85 static int __iwl_mvm_mac_set_key(struct ieee80211_hw *hw, 86 enum set_key_cmd cmd, 87 struct ieee80211_vif *vif, 88 struct ieee80211_sta *sta, 89 struct ieee80211_key_conf *key); 90 91 static void iwl_mvm_reset_phy_ctxts(struct iwl_mvm *mvm) 92 { 93 int i; 94 95 memset(mvm->phy_ctxts, 0, sizeof(mvm->phy_ctxts)); 96 for (i = 0; i < NUM_PHY_CTX; i++) { 97 mvm->phy_ctxts[i].id = i; 98 mvm->phy_ctxts[i].ref = 0; 99 } 100 } 101 102 struct ieee80211_regdomain *iwl_mvm_get_regdomain(struct wiphy *wiphy, 103 const char *alpha2, 104 enum iwl_mcc_source src_id, 105 bool *changed) 106 { 107 struct ieee80211_regdomain *regd = NULL; 108 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy); 109 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 110 struct iwl_mcc_update_resp *resp; 111 u8 resp_ver; 112 113 IWL_DEBUG_LAR(mvm, "Getting regdomain data for %s from FW\n", alpha2); 114 115 lockdep_assert_held(&mvm->mutex); 116 117 resp = iwl_mvm_update_mcc(mvm, alpha2, src_id); 118 if (IS_ERR_OR_NULL(resp)) { 119 IWL_DEBUG_LAR(mvm, "Could not get update from FW %d\n", 120 PTR_ERR_OR_ZERO(resp)); 121 resp = NULL; 122 goto out; 123 } 124 125 if (changed) { 126 u32 status = le32_to_cpu(resp->status); 127 128 *changed = (status == MCC_RESP_NEW_CHAN_PROFILE || 129 status == MCC_RESP_ILLEGAL); 130 } 131 resp_ver = iwl_fw_lookup_notif_ver(mvm->fw, IWL_ALWAYS_LONG_GROUP, 132 MCC_UPDATE_CMD, 0); 133 IWL_DEBUG_LAR(mvm, "MCC update response version: %d\n", resp_ver); 134 135 regd = iwl_parse_nvm_mcc_info(mvm->trans->dev, mvm->cfg, 136 __le32_to_cpu(resp->n_channels), 137 resp->channels, 138 __le16_to_cpu(resp->mcc), 139 __le16_to_cpu(resp->geo_info), 140 __le16_to_cpu(resp->cap), resp_ver); 141 /* Store the return source id */ 142 src_id = resp->source_id; 143 if (IS_ERR_OR_NULL(regd)) { 144 IWL_DEBUG_LAR(mvm, "Could not get parse update from FW %d\n", 145 PTR_ERR_OR_ZERO(regd)); 146 goto out; 147 } 148 149 IWL_DEBUG_LAR(mvm, "setting alpha2 from FW to %s (0x%x, 0x%x) src=%d\n", 150 regd->alpha2, regd->alpha2[0], regd->alpha2[1], src_id); 151 mvm->lar_regdom_set = true; 152 mvm->mcc_src = src_id; 153 154 iwl_mei_set_country_code(__le16_to_cpu(resp->mcc)); 155 156 out: 157 kfree(resp); 158 return regd; 159 } 160 161 void iwl_mvm_update_changed_regdom(struct iwl_mvm *mvm) 162 { 163 bool changed; 164 struct ieee80211_regdomain *regd; 165 166 if (!iwl_mvm_is_lar_supported(mvm)) 167 return; 168 169 regd = iwl_mvm_get_current_regdomain(mvm, &changed); 170 if (!IS_ERR_OR_NULL(regd)) { 171 /* only update the regulatory core if changed */ 172 if (changed) 173 regulatory_set_wiphy_regd(mvm->hw->wiphy, regd); 174 175 kfree(regd); 176 } 177 } 178 179 struct ieee80211_regdomain *iwl_mvm_get_current_regdomain(struct iwl_mvm *mvm, 180 bool *changed) 181 { 182 return iwl_mvm_get_regdomain(mvm->hw->wiphy, "ZZ", 183 iwl_mvm_is_wifi_mcc_supported(mvm) ? 184 MCC_SOURCE_GET_CURRENT : 185 MCC_SOURCE_OLD_FW, changed); 186 } 187 188 int iwl_mvm_init_fw_regd(struct iwl_mvm *mvm) 189 { 190 enum iwl_mcc_source used_src; 191 struct ieee80211_regdomain *regd; 192 int ret; 193 bool changed; 194 const struct ieee80211_regdomain *r = 195 wiphy_dereference(mvm->hw->wiphy, mvm->hw->wiphy->regd); 196 197 if (!r) 198 return -ENOENT; 199 200 /* save the last source in case we overwrite it below */ 201 used_src = mvm->mcc_src; 202 if (iwl_mvm_is_wifi_mcc_supported(mvm)) { 203 /* Notify the firmware we support wifi location updates */ 204 regd = iwl_mvm_get_current_regdomain(mvm, NULL); 205 if (!IS_ERR_OR_NULL(regd)) 206 kfree(regd); 207 } 208 209 /* Now set our last stored MCC and source */ 210 regd = iwl_mvm_get_regdomain(mvm->hw->wiphy, r->alpha2, used_src, 211 &changed); 212 if (IS_ERR_OR_NULL(regd)) 213 return -EIO; 214 215 /* update cfg80211 if the regdomain was changed */ 216 if (changed) 217 ret = regulatory_set_wiphy_regd_sync(mvm->hw->wiphy, regd); 218 else 219 ret = 0; 220 221 kfree(regd); 222 return ret; 223 } 224 225 static const u8 he_if_types_ext_capa_sta[] = { 226 [0] = WLAN_EXT_CAPA1_EXT_CHANNEL_SWITCHING, 227 [2] = WLAN_EXT_CAPA3_MULTI_BSSID_SUPPORT, 228 [7] = WLAN_EXT_CAPA8_OPMODE_NOTIF, 229 [9] = WLAN_EXT_CAPA10_TWT_REQUESTER_SUPPORT, 230 }; 231 232 static const struct wiphy_iftype_ext_capab he_iftypes_ext_capa[] = { 233 { 234 .iftype = NL80211_IFTYPE_STATION, 235 .extended_capabilities = he_if_types_ext_capa_sta, 236 .extended_capabilities_mask = he_if_types_ext_capa_sta, 237 .extended_capabilities_len = sizeof(he_if_types_ext_capa_sta), 238 }, 239 }; 240 241 static int 242 iwl_mvm_op_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant) 243 { 244 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 245 *tx_ant = iwl_mvm_get_valid_tx_ant(mvm); 246 *rx_ant = iwl_mvm_get_valid_rx_ant(mvm); 247 return 0; 248 } 249 250 int iwl_mvm_mac_setup_register(struct iwl_mvm *mvm) 251 { 252 struct ieee80211_hw *hw = mvm->hw; 253 int num_mac, ret, i; 254 static const u32 mvm_ciphers[] = { 255 WLAN_CIPHER_SUITE_WEP40, 256 WLAN_CIPHER_SUITE_WEP104, 257 WLAN_CIPHER_SUITE_TKIP, 258 WLAN_CIPHER_SUITE_CCMP, 259 }; 260 #ifdef CONFIG_PM_SLEEP 261 bool unified = fw_has_capa(&mvm->fw->ucode_capa, 262 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG); 263 #endif 264 265 /* Tell mac80211 our characteristics */ 266 ieee80211_hw_set(hw, SIGNAL_DBM); 267 ieee80211_hw_set(hw, SPECTRUM_MGMT); 268 ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS); 269 ieee80211_hw_set(hw, WANT_MONITOR_VIF); 270 ieee80211_hw_set(hw, SUPPORTS_PS); 271 ieee80211_hw_set(hw, SUPPORTS_DYNAMIC_PS); 272 ieee80211_hw_set(hw, AMPDU_AGGREGATION); 273 ieee80211_hw_set(hw, TIMING_BEACON_ONLY); 274 ieee80211_hw_set(hw, CONNECTION_MONITOR); 275 ieee80211_hw_set(hw, CHANCTX_STA_CSA); 276 ieee80211_hw_set(hw, SUPPORT_FAST_XMIT); 277 ieee80211_hw_set(hw, SUPPORTS_CLONED_SKBS); 278 ieee80211_hw_set(hw, SUPPORTS_AMSDU_IN_AMPDU); 279 ieee80211_hw_set(hw, NEEDS_UNIQUE_STA_ADDR); 280 ieee80211_hw_set(hw, DEAUTH_NEED_MGD_TX_PREP); 281 ieee80211_hw_set(hw, SUPPORTS_VHT_EXT_NSS_BW); 282 ieee80211_hw_set(hw, BUFF_MMPDU_TXQ); 283 ieee80211_hw_set(hw, STA_MMPDU_TXQ); 284 /* 285 * On older devices, enabling TX A-MSDU occasionally leads to 286 * something getting messed up, the command read from the FIFO 287 * gets out of sync and isn't a TX command, so that we have an 288 * assert EDC. 289 * 290 * It's not clear where the bug is, but since we didn't used to 291 * support A-MSDU until moving the mac80211 iTXQs, just leave it 292 * for older devices. We also don't see this issue on any newer 293 * devices. 294 */ 295 if (mvm->trans->trans_cfg->device_family >= IWL_DEVICE_FAMILY_9000) 296 ieee80211_hw_set(hw, TX_AMSDU); 297 ieee80211_hw_set(hw, TX_FRAG_LIST); 298 299 if (iwl_mvm_has_tlc_offload(mvm)) { 300 ieee80211_hw_set(hw, TX_AMPDU_SETUP_IN_HW); 301 ieee80211_hw_set(hw, HAS_RATE_CONTROL); 302 } 303 304 if (iwl_mvm_has_new_rx_api(mvm)) 305 ieee80211_hw_set(hw, SUPPORTS_REORDERING_BUFFER); 306 307 if (fw_has_capa(&mvm->fw->ucode_capa, 308 IWL_UCODE_TLV_CAPA_STA_PM_NOTIF)) { 309 ieee80211_hw_set(hw, AP_LINK_PS); 310 } else if (WARN_ON(iwl_mvm_has_new_tx_api(mvm))) { 311 /* 312 * we absolutely need this for the new TX API since that comes 313 * with many more queues than the current code can deal with 314 * for station powersave 315 */ 316 return -EINVAL; 317 } 318 319 if (mvm->trans->num_rx_queues > 1) 320 ieee80211_hw_set(hw, USES_RSS); 321 322 if (mvm->trans->max_skb_frags) 323 hw->netdev_features = NETIF_F_HIGHDMA | NETIF_F_SG; 324 325 hw->queues = IEEE80211_NUM_ACS; 326 hw->offchannel_tx_hw_queue = IWL_MVM_OFFCHANNEL_QUEUE; 327 hw->radiotap_mcs_details |= IEEE80211_RADIOTAP_MCS_HAVE_FEC | 328 IEEE80211_RADIOTAP_MCS_HAVE_STBC; 329 hw->radiotap_vht_details |= IEEE80211_RADIOTAP_VHT_KNOWN_STBC | 330 IEEE80211_RADIOTAP_VHT_KNOWN_BEAMFORMED; 331 332 hw->radiotap_timestamp.units_pos = 333 IEEE80211_RADIOTAP_TIMESTAMP_UNIT_US | 334 IEEE80211_RADIOTAP_TIMESTAMP_SPOS_PLCP_SIG_ACQ; 335 /* this is the case for CCK frames, it's better (only 8) for OFDM */ 336 hw->radiotap_timestamp.accuracy = 22; 337 338 if (!iwl_mvm_has_tlc_offload(mvm)) 339 hw->rate_control_algorithm = RS_NAME; 340 341 hw->uapsd_queues = IWL_MVM_UAPSD_QUEUES; 342 hw->uapsd_max_sp_len = IWL_UAPSD_MAX_SP; 343 hw->max_tx_fragments = mvm->trans->max_skb_frags; 344 345 BUILD_BUG_ON(ARRAY_SIZE(mvm->ciphers) < ARRAY_SIZE(mvm_ciphers) + 6); 346 memcpy(mvm->ciphers, mvm_ciphers, sizeof(mvm_ciphers)); 347 hw->wiphy->n_cipher_suites = ARRAY_SIZE(mvm_ciphers); 348 hw->wiphy->cipher_suites = mvm->ciphers; 349 350 if (iwl_mvm_has_new_rx_api(mvm)) { 351 mvm->ciphers[hw->wiphy->n_cipher_suites] = 352 WLAN_CIPHER_SUITE_GCMP; 353 hw->wiphy->n_cipher_suites++; 354 mvm->ciphers[hw->wiphy->n_cipher_suites] = 355 WLAN_CIPHER_SUITE_GCMP_256; 356 hw->wiphy->n_cipher_suites++; 357 } 358 359 if (iwlwifi_mod_params.swcrypto) 360 IWL_ERR(mvm, 361 "iwlmvm doesn't allow to disable HW crypto, check swcrypto module parameter\n"); 362 if (!iwlwifi_mod_params.bt_coex_active) 363 IWL_ERR(mvm, 364 "iwlmvm doesn't allow to disable BT Coex, check bt_coex_active module parameter\n"); 365 366 ieee80211_hw_set(hw, MFP_CAPABLE); 367 mvm->ciphers[hw->wiphy->n_cipher_suites] = WLAN_CIPHER_SUITE_AES_CMAC; 368 hw->wiphy->n_cipher_suites++; 369 if (iwl_mvm_has_new_rx_api(mvm)) { 370 mvm->ciphers[hw->wiphy->n_cipher_suites] = 371 WLAN_CIPHER_SUITE_BIP_GMAC_128; 372 hw->wiphy->n_cipher_suites++; 373 mvm->ciphers[hw->wiphy->n_cipher_suites] = 374 WLAN_CIPHER_SUITE_BIP_GMAC_256; 375 hw->wiphy->n_cipher_suites++; 376 } 377 378 /* currently FW API supports only one optional cipher scheme */ 379 if (mvm->fw->cs[0].cipher) { 380 const struct iwl_fw_cipher_scheme *fwcs = &mvm->fw->cs[0]; 381 struct ieee80211_cipher_scheme *cs = &mvm->cs[0]; 382 383 mvm->hw->n_cipher_schemes = 1; 384 385 cs->cipher = le32_to_cpu(fwcs->cipher); 386 cs->iftype = BIT(NL80211_IFTYPE_STATION); 387 cs->hdr_len = fwcs->hdr_len; 388 cs->pn_len = fwcs->pn_len; 389 cs->pn_off = fwcs->pn_off; 390 cs->key_idx_off = fwcs->key_idx_off; 391 cs->key_idx_mask = fwcs->key_idx_mask; 392 cs->key_idx_shift = fwcs->key_idx_shift; 393 cs->mic_len = fwcs->mic_len; 394 395 mvm->hw->cipher_schemes = mvm->cs; 396 mvm->ciphers[hw->wiphy->n_cipher_suites] = cs->cipher; 397 hw->wiphy->n_cipher_suites++; 398 } 399 400 if (fw_has_capa(&mvm->fw->ucode_capa, 401 IWL_UCODE_TLV_CAPA_FTM_CALIBRATED)) { 402 wiphy_ext_feature_set(hw->wiphy, 403 NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER); 404 hw->wiphy->pmsr_capa = &iwl_mvm_pmsr_capa; 405 } 406 407 if (fw_has_capa(&mvm->fw->ucode_capa, 408 IWL_UCODE_TLV_CAPA_BIGTK_SUPPORT)) 409 wiphy_ext_feature_set(hw->wiphy, 410 NL80211_EXT_FEATURE_BEACON_PROTECTION_CLIENT); 411 412 ieee80211_hw_set(hw, SINGLE_SCAN_ON_ALL_BANDS); 413 hw->wiphy->features |= 414 NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR | 415 NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR | 416 NL80211_FEATURE_ND_RANDOM_MAC_ADDR; 417 418 hw->sta_data_size = sizeof(struct iwl_mvm_sta); 419 hw->vif_data_size = sizeof(struct iwl_mvm_vif); 420 hw->chanctx_data_size = sizeof(u16); 421 hw->txq_data_size = sizeof(struct iwl_mvm_txq); 422 423 hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) | 424 BIT(NL80211_IFTYPE_P2P_CLIENT) | 425 BIT(NL80211_IFTYPE_AP) | 426 BIT(NL80211_IFTYPE_P2P_GO) | 427 BIT(NL80211_IFTYPE_P2P_DEVICE) | 428 BIT(NL80211_IFTYPE_ADHOC); 429 430 hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN; 431 wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS); 432 433 /* The new Tx API does not allow to pass the key or keyid of a MPDU to 434 * the hw, preventing us to control which key(id) to use per MPDU. 435 * Till that's fixed we can't use Extended Key ID for the newer cards. 436 */ 437 if (!iwl_mvm_has_new_tx_api(mvm)) 438 wiphy_ext_feature_set(hw->wiphy, 439 NL80211_EXT_FEATURE_EXT_KEY_ID); 440 hw->wiphy->features |= NL80211_FEATURE_HT_IBSS; 441 442 hw->wiphy->regulatory_flags |= REGULATORY_ENABLE_RELAX_NO_IR; 443 if (iwl_mvm_is_lar_supported(mvm)) 444 hw->wiphy->regulatory_flags |= REGULATORY_WIPHY_SELF_MANAGED; 445 else 446 hw->wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG | 447 REGULATORY_DISABLE_BEACON_HINTS; 448 449 hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD; 450 hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH; 451 hw->wiphy->flags |= WIPHY_FLAG_SPLIT_SCAN_6GHZ; 452 453 hw->wiphy->iface_combinations = iwl_mvm_iface_combinations; 454 hw->wiphy->n_iface_combinations = 455 ARRAY_SIZE(iwl_mvm_iface_combinations); 456 457 hw->wiphy->max_remain_on_channel_duration = 10000; 458 hw->max_listen_interval = IWL_CONN_MAX_LISTEN_INTERVAL; 459 460 /* Extract MAC address */ 461 memcpy(mvm->addresses[0].addr, mvm->nvm_data->hw_addr, ETH_ALEN); 462 hw->wiphy->addresses = mvm->addresses; 463 hw->wiphy->n_addresses = 1; 464 465 /* Extract additional MAC addresses if available */ 466 num_mac = (mvm->nvm_data->n_hw_addrs > 1) ? 467 min(IWL_MVM_MAX_ADDRESSES, mvm->nvm_data->n_hw_addrs) : 1; 468 469 for (i = 1; i < num_mac; i++) { 470 memcpy(mvm->addresses[i].addr, mvm->addresses[i-1].addr, 471 ETH_ALEN); 472 mvm->addresses[i].addr[5]++; 473 hw->wiphy->n_addresses++; 474 } 475 476 iwl_mvm_reset_phy_ctxts(mvm); 477 478 hw->wiphy->max_scan_ie_len = iwl_mvm_max_scan_ie_len(mvm); 479 480 hw->wiphy->max_scan_ssids = PROBE_OPTION_MAX; 481 482 BUILD_BUG_ON(IWL_MVM_SCAN_STOPPING_MASK & IWL_MVM_SCAN_MASK); 483 BUILD_BUG_ON(IWL_MVM_MAX_UMAC_SCANS > HWEIGHT32(IWL_MVM_SCAN_MASK) || 484 IWL_MVM_MAX_LMAC_SCANS > HWEIGHT32(IWL_MVM_SCAN_MASK)); 485 486 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) 487 mvm->max_scans = IWL_MVM_MAX_UMAC_SCANS; 488 else 489 mvm->max_scans = IWL_MVM_MAX_LMAC_SCANS; 490 491 if (mvm->nvm_data->bands[NL80211_BAND_2GHZ].n_channels) 492 hw->wiphy->bands[NL80211_BAND_2GHZ] = 493 &mvm->nvm_data->bands[NL80211_BAND_2GHZ]; 494 if (mvm->nvm_data->bands[NL80211_BAND_5GHZ].n_channels) { 495 hw->wiphy->bands[NL80211_BAND_5GHZ] = 496 &mvm->nvm_data->bands[NL80211_BAND_5GHZ]; 497 498 if (fw_has_capa(&mvm->fw->ucode_capa, 499 IWL_UCODE_TLV_CAPA_BEAMFORMER) && 500 fw_has_api(&mvm->fw->ucode_capa, 501 IWL_UCODE_TLV_API_LQ_SS_PARAMS)) 502 hw->wiphy->bands[NL80211_BAND_5GHZ]->vht_cap.cap |= 503 IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE; 504 } 505 if (fw_has_capa(&mvm->fw->ucode_capa, 506 IWL_UCODE_TLV_CAPA_PSC_CHAN_SUPPORT) && 507 mvm->nvm_data->bands[NL80211_BAND_6GHZ].n_channels) 508 hw->wiphy->bands[NL80211_BAND_6GHZ] = 509 &mvm->nvm_data->bands[NL80211_BAND_6GHZ]; 510 511 hw->wiphy->hw_version = mvm->trans->hw_id; 512 513 if (iwlmvm_mod_params.power_scheme != IWL_POWER_SCHEME_CAM) 514 hw->wiphy->flags |= WIPHY_FLAG_PS_ON_BY_DEFAULT; 515 else 516 hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT; 517 518 hw->wiphy->max_sched_scan_reqs = 1; 519 hw->wiphy->max_sched_scan_ssids = PROBE_OPTION_MAX; 520 hw->wiphy->max_match_sets = iwl_umac_scan_get_max_profiles(mvm->fw); 521 /* we create the 802.11 header and zero length SSID IE. */ 522 hw->wiphy->max_sched_scan_ie_len = 523 SCAN_OFFLOAD_PROBE_REQ_SIZE - 24 - 2; 524 hw->wiphy->max_sched_scan_plans = IWL_MAX_SCHED_SCAN_PLANS; 525 hw->wiphy->max_sched_scan_plan_interval = U16_MAX; 526 527 /* 528 * the firmware uses u8 for num of iterations, but 0xff is saved for 529 * infinite loop, so the maximum number of iterations is actually 254. 530 */ 531 hw->wiphy->max_sched_scan_plan_iterations = 254; 532 533 hw->wiphy->features |= NL80211_FEATURE_P2P_GO_CTWIN | 534 NL80211_FEATURE_LOW_PRIORITY_SCAN | 535 NL80211_FEATURE_P2P_GO_OPPPS | 536 NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE | 537 NL80211_FEATURE_DYNAMIC_SMPS | 538 NL80211_FEATURE_STATIC_SMPS | 539 NL80211_FEATURE_SUPPORTS_WMM_ADMISSION; 540 541 if (fw_has_capa(&mvm->fw->ucode_capa, 542 IWL_UCODE_TLV_CAPA_TXPOWER_INSERTION_SUPPORT)) 543 hw->wiphy->features |= NL80211_FEATURE_TX_POWER_INSERTION; 544 if (fw_has_capa(&mvm->fw->ucode_capa, 545 IWL_UCODE_TLV_CAPA_QUIET_PERIOD_SUPPORT)) 546 hw->wiphy->features |= NL80211_FEATURE_QUIET; 547 548 if (fw_has_capa(&mvm->fw->ucode_capa, 549 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT)) 550 hw->wiphy->features |= 551 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES; 552 553 if (fw_has_capa(&mvm->fw->ucode_capa, 554 IWL_UCODE_TLV_CAPA_WFA_TPC_REP_IE_SUPPORT)) 555 hw->wiphy->features |= NL80211_FEATURE_WFA_TPC_IE_IN_PROBES; 556 557 if (iwl_fw_lookup_cmd_ver(mvm->fw, IWL_ALWAYS_LONG_GROUP, 558 WOWLAN_KEK_KCK_MATERIAL, 559 IWL_FW_CMD_VER_UNKNOWN) == 3) 560 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK; 561 562 if (fw_has_api(&mvm->fw->ucode_capa, 563 IWL_UCODE_TLV_API_SCAN_TSF_REPORT)) { 564 wiphy_ext_feature_set(hw->wiphy, 565 NL80211_EXT_FEATURE_SCAN_START_TIME); 566 wiphy_ext_feature_set(hw->wiphy, 567 NL80211_EXT_FEATURE_BSS_PARENT_TSF); 568 } 569 570 if (iwl_mvm_is_oce_supported(mvm)) { 571 u8 scan_ver = iwl_fw_lookup_cmd_ver(mvm->fw, 572 IWL_ALWAYS_LONG_GROUP, 573 SCAN_REQ_UMAC, 0); 574 575 wiphy_ext_feature_set(hw->wiphy, 576 NL80211_EXT_FEATURE_ACCEPT_BCAST_PROBE_RESP); 577 wiphy_ext_feature_set(hw->wiphy, 578 NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME); 579 wiphy_ext_feature_set(hw->wiphy, 580 NL80211_EXT_FEATURE_OCE_PROBE_REQ_HIGH_TX_RATE); 581 582 /* Old firmware also supports probe deferral and suppression */ 583 if (scan_ver < 15) 584 wiphy_ext_feature_set(hw->wiphy, 585 NL80211_EXT_FEATURE_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION); 586 } 587 588 if (mvm->nvm_data->sku_cap_11ax_enable && 589 !iwlwifi_mod_params.disable_11ax) { 590 hw->wiphy->iftype_ext_capab = he_iftypes_ext_capa; 591 hw->wiphy->num_iftype_ext_capab = 592 ARRAY_SIZE(he_iftypes_ext_capa); 593 594 ieee80211_hw_set(hw, SUPPORTS_MULTI_BSSID); 595 ieee80211_hw_set(hw, SUPPORTS_ONLY_HE_MULTI_BSSID); 596 } 597 598 mvm->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD; 599 600 #ifdef CONFIG_PM_SLEEP 601 if ((unified || mvm->fw->img[IWL_UCODE_WOWLAN].num_sec) && 602 mvm->trans->ops->d3_suspend && 603 mvm->trans->ops->d3_resume && 604 device_can_wakeup(mvm->trans->dev)) { 605 mvm->wowlan.flags |= WIPHY_WOWLAN_MAGIC_PKT | 606 WIPHY_WOWLAN_DISCONNECT | 607 WIPHY_WOWLAN_EAP_IDENTITY_REQ | 608 WIPHY_WOWLAN_RFKILL_RELEASE | 609 WIPHY_WOWLAN_NET_DETECT; 610 mvm->wowlan.flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY | 611 WIPHY_WOWLAN_GTK_REKEY_FAILURE | 612 WIPHY_WOWLAN_4WAY_HANDSHAKE; 613 614 mvm->wowlan.n_patterns = IWL_WOWLAN_MAX_PATTERNS; 615 mvm->wowlan.pattern_min_len = IWL_WOWLAN_MIN_PATTERN_LEN; 616 mvm->wowlan.pattern_max_len = IWL_WOWLAN_MAX_PATTERN_LEN; 617 mvm->wowlan.max_nd_match_sets = 618 iwl_umac_scan_get_max_profiles(mvm->fw); 619 hw->wiphy->wowlan = &mvm->wowlan; 620 } 621 #endif 622 623 ret = iwl_mvm_leds_init(mvm); 624 if (ret) 625 return ret; 626 627 if (fw_has_capa(&mvm->fw->ucode_capa, 628 IWL_UCODE_TLV_CAPA_TDLS_SUPPORT)) { 629 IWL_DEBUG_TDLS(mvm, "TDLS supported\n"); 630 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS; 631 ieee80211_hw_set(hw, TDLS_WIDER_BW); 632 } 633 634 if (fw_has_capa(&mvm->fw->ucode_capa, 635 IWL_UCODE_TLV_CAPA_TDLS_CHANNEL_SWITCH)) { 636 IWL_DEBUG_TDLS(mvm, "TDLS channel switch supported\n"); 637 hw->wiphy->features |= NL80211_FEATURE_TDLS_CHANNEL_SWITCH; 638 } 639 640 hw->netdev_features |= mvm->cfg->features; 641 if (!iwl_mvm_is_csum_supported(mvm)) 642 hw->netdev_features &= ~IWL_CSUM_NETIF_FLAGS_MASK; 643 644 if (mvm->cfg->vht_mu_mimo_supported) 645 wiphy_ext_feature_set(hw->wiphy, 646 NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER); 647 648 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_PROTECTED_TWT)) 649 wiphy_ext_feature_set(hw->wiphy, 650 NL80211_EXT_FEATURE_PROTECTED_TWT); 651 652 iwl_mvm_vendor_cmds_register(mvm); 653 654 hw->wiphy->available_antennas_tx = iwl_mvm_get_valid_tx_ant(mvm); 655 hw->wiphy->available_antennas_rx = iwl_mvm_get_valid_rx_ant(mvm); 656 657 ret = ieee80211_register_hw(mvm->hw); 658 if (ret) { 659 iwl_mvm_leds_exit(mvm); 660 } 661 662 return ret; 663 } 664 665 static void iwl_mvm_tx_skb(struct iwl_mvm *mvm, struct sk_buff *skb, 666 struct ieee80211_sta *sta) 667 { 668 if (likely(sta)) { 669 if (likely(iwl_mvm_tx_skb_sta(mvm, skb, sta) == 0)) 670 return; 671 } else { 672 if (likely(iwl_mvm_tx_skb_non_sta(mvm, skb) == 0)) 673 return; 674 } 675 676 ieee80211_free_txskb(mvm->hw, skb); 677 } 678 679 static void iwl_mvm_mac_tx(struct ieee80211_hw *hw, 680 struct ieee80211_tx_control *control, 681 struct sk_buff *skb) 682 { 683 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 684 struct ieee80211_sta *sta = control->sta; 685 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 686 struct ieee80211_hdr *hdr = (void *)skb->data; 687 bool offchannel = IEEE80211_SKB_CB(skb)->flags & 688 IEEE80211_TX_CTL_TX_OFFCHAN; 689 690 if (iwl_mvm_is_radio_killed(mvm)) { 691 IWL_DEBUG_DROP(mvm, "Dropping - RF/CT KILL\n"); 692 goto drop; 693 } 694 695 if (offchannel && 696 !test_bit(IWL_MVM_STATUS_ROC_RUNNING, &mvm->status) && 697 !test_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status)) 698 goto drop; 699 700 /* 701 * bufferable MMPDUs or MMPDUs on STA interfaces come via TXQs 702 * so we treat the others as broadcast 703 */ 704 if (ieee80211_is_mgmt(hdr->frame_control)) 705 sta = NULL; 706 707 /* If there is no sta, and it's not offchannel - send through AP */ 708 if (!sta && info->control.vif->type == NL80211_IFTYPE_STATION && 709 !offchannel) { 710 struct iwl_mvm_vif *mvmvif = 711 iwl_mvm_vif_from_mac80211(info->control.vif); 712 u8 ap_sta_id = READ_ONCE(mvmvif->ap_sta_id); 713 714 if (ap_sta_id < mvm->fw->ucode_capa.num_stations) { 715 /* mac80211 holds rcu read lock */ 716 sta = rcu_dereference(mvm->fw_id_to_mac_id[ap_sta_id]); 717 if (IS_ERR_OR_NULL(sta)) 718 goto drop; 719 } 720 } 721 722 iwl_mvm_tx_skb(mvm, skb, sta); 723 return; 724 drop: 725 ieee80211_free_txskb(hw, skb); 726 } 727 728 void iwl_mvm_mac_itxq_xmit(struct ieee80211_hw *hw, struct ieee80211_txq *txq) 729 { 730 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 731 struct iwl_mvm_txq *mvmtxq = iwl_mvm_txq_from_mac80211(txq); 732 struct sk_buff *skb = NULL; 733 734 /* 735 * No need for threads to be pending here, they can leave the first 736 * taker all the work. 737 * 738 * mvmtxq->tx_request logic: 739 * 740 * If 0, no one is currently TXing, set to 1 to indicate current thread 741 * will now start TX and other threads should quit. 742 * 743 * If 1, another thread is currently TXing, set to 2 to indicate to 744 * that thread that there was another request. Since that request may 745 * have raced with the check whether the queue is empty, the TXing 746 * thread should check the queue's status one more time before leaving. 747 * This check is done in order to not leave any TX hanging in the queue 748 * until the next TX invocation (which may not even happen). 749 * 750 * If 2, another thread is currently TXing, and it will already double 751 * check the queue, so do nothing. 752 */ 753 if (atomic_fetch_add_unless(&mvmtxq->tx_request, 1, 2)) 754 return; 755 756 rcu_read_lock(); 757 do { 758 while (likely(!mvmtxq->stopped && 759 !test_bit(IWL_MVM_STATUS_IN_D3, &mvm->status))) { 760 skb = ieee80211_tx_dequeue(hw, txq); 761 762 if (!skb) { 763 if (txq->sta) 764 IWL_DEBUG_TX(mvm, 765 "TXQ of sta %pM tid %d is now empty\n", 766 txq->sta->addr, 767 txq->tid); 768 break; 769 } 770 771 iwl_mvm_tx_skb(mvm, skb, txq->sta); 772 } 773 } while (atomic_dec_return(&mvmtxq->tx_request)); 774 rcu_read_unlock(); 775 } 776 777 static void iwl_mvm_mac_wake_tx_queue(struct ieee80211_hw *hw, 778 struct ieee80211_txq *txq) 779 { 780 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 781 struct iwl_mvm_txq *mvmtxq = iwl_mvm_txq_from_mac80211(txq); 782 783 /* 784 * Please note that racing is handled very carefully here: 785 * mvmtxq->txq_id is updated during allocation, and mvmtxq->list is 786 * deleted afterwards. 787 * This means that if: 788 * mvmtxq->txq_id != INVALID_QUEUE && list_empty(&mvmtxq->list): 789 * queue is allocated and we can TX. 790 * mvmtxq->txq_id != INVALID_QUEUE && !list_empty(&mvmtxq->list): 791 * a race, should defer the frame. 792 * mvmtxq->txq_id == INVALID_QUEUE && list_empty(&mvmtxq->list): 793 * need to allocate the queue and defer the frame. 794 * mvmtxq->txq_id == INVALID_QUEUE && !list_empty(&mvmtxq->list): 795 * queue is already scheduled for allocation, no need to allocate, 796 * should defer the frame. 797 */ 798 799 /* If the queue is allocated TX and return. */ 800 if (!txq->sta || mvmtxq->txq_id != IWL_MVM_INVALID_QUEUE) { 801 /* 802 * Check that list is empty to avoid a race where txq_id is 803 * already updated, but the queue allocation work wasn't 804 * finished 805 */ 806 if (unlikely(txq->sta && !list_empty(&mvmtxq->list))) 807 return; 808 809 iwl_mvm_mac_itxq_xmit(hw, txq); 810 return; 811 } 812 813 /* The list is being deleted only after the queue is fully allocated. */ 814 if (!list_empty(&mvmtxq->list)) 815 return; 816 817 list_add_tail(&mvmtxq->list, &mvm->add_stream_txqs); 818 schedule_work(&mvm->add_stream_wk); 819 } 820 821 #define CHECK_BA_TRIGGER(_mvm, _trig, _tid_bm, _tid, _fmt...) \ 822 do { \ 823 if (!(le16_to_cpu(_tid_bm) & BIT(_tid))) \ 824 break; \ 825 iwl_fw_dbg_collect_trig(&(_mvm)->fwrt, _trig, _fmt); \ 826 } while (0) 827 828 static void 829 iwl_mvm_ampdu_check_trigger(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 830 struct ieee80211_sta *sta, u16 tid, u16 rx_ba_ssn, 831 enum ieee80211_ampdu_mlme_action action) 832 { 833 struct iwl_fw_dbg_trigger_tlv *trig; 834 struct iwl_fw_dbg_trigger_ba *ba_trig; 835 836 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif), 837 FW_DBG_TRIGGER_BA); 838 if (!trig) 839 return; 840 841 ba_trig = (void *)trig->data; 842 843 switch (action) { 844 case IEEE80211_AMPDU_TX_OPERATIONAL: { 845 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 846 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid]; 847 848 CHECK_BA_TRIGGER(mvm, trig, ba_trig->tx_ba_start, tid, 849 "TX AGG START: MAC %pM tid %d ssn %d\n", 850 sta->addr, tid, tid_data->ssn); 851 break; 852 } 853 case IEEE80211_AMPDU_TX_STOP_CONT: 854 CHECK_BA_TRIGGER(mvm, trig, ba_trig->tx_ba_stop, tid, 855 "TX AGG STOP: MAC %pM tid %d\n", 856 sta->addr, tid); 857 break; 858 case IEEE80211_AMPDU_RX_START: 859 CHECK_BA_TRIGGER(mvm, trig, ba_trig->rx_ba_start, tid, 860 "RX AGG START: MAC %pM tid %d ssn %d\n", 861 sta->addr, tid, rx_ba_ssn); 862 break; 863 case IEEE80211_AMPDU_RX_STOP: 864 CHECK_BA_TRIGGER(mvm, trig, ba_trig->rx_ba_stop, tid, 865 "RX AGG STOP: MAC %pM tid %d\n", 866 sta->addr, tid); 867 break; 868 default: 869 break; 870 } 871 } 872 873 static int iwl_mvm_mac_ampdu_action(struct ieee80211_hw *hw, 874 struct ieee80211_vif *vif, 875 struct ieee80211_ampdu_params *params) 876 { 877 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 878 int ret; 879 struct ieee80211_sta *sta = params->sta; 880 enum ieee80211_ampdu_mlme_action action = params->action; 881 u16 tid = params->tid; 882 u16 *ssn = ¶ms->ssn; 883 u16 buf_size = params->buf_size; 884 bool amsdu = params->amsdu; 885 u16 timeout = params->timeout; 886 887 IWL_DEBUG_HT(mvm, "A-MPDU action on addr %pM tid %d: action %d\n", 888 sta->addr, tid, action); 889 890 if (!(mvm->nvm_data->sku_cap_11n_enable)) 891 return -EACCES; 892 893 mutex_lock(&mvm->mutex); 894 895 switch (action) { 896 case IEEE80211_AMPDU_RX_START: 897 if (iwl_mvm_vif_from_mac80211(vif)->ap_sta_id == 898 iwl_mvm_sta_from_mac80211(sta)->sta_id) { 899 struct iwl_mvm_vif *mvmvif; 900 u16 macid = iwl_mvm_vif_from_mac80211(vif)->id; 901 struct iwl_mvm_tcm_mac *mdata = &mvm->tcm.data[macid]; 902 903 mdata->opened_rx_ba_sessions = true; 904 mvmvif = iwl_mvm_vif_from_mac80211(vif); 905 cancel_delayed_work(&mvmvif->uapsd_nonagg_detected_wk); 906 } 907 if (!iwl_enable_rx_ampdu()) { 908 ret = -EINVAL; 909 break; 910 } 911 ret = iwl_mvm_sta_rx_agg(mvm, sta, tid, *ssn, true, buf_size, 912 timeout); 913 break; 914 case IEEE80211_AMPDU_RX_STOP: 915 ret = iwl_mvm_sta_rx_agg(mvm, sta, tid, 0, false, buf_size, 916 timeout); 917 break; 918 case IEEE80211_AMPDU_TX_START: 919 if (!iwl_enable_tx_ampdu()) { 920 ret = -EINVAL; 921 break; 922 } 923 ret = iwl_mvm_sta_tx_agg_start(mvm, vif, sta, tid, ssn); 924 break; 925 case IEEE80211_AMPDU_TX_STOP_CONT: 926 ret = iwl_mvm_sta_tx_agg_stop(mvm, vif, sta, tid); 927 break; 928 case IEEE80211_AMPDU_TX_STOP_FLUSH: 929 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT: 930 ret = iwl_mvm_sta_tx_agg_flush(mvm, vif, sta, tid); 931 break; 932 case IEEE80211_AMPDU_TX_OPERATIONAL: 933 ret = iwl_mvm_sta_tx_agg_oper(mvm, vif, sta, tid, 934 buf_size, amsdu); 935 break; 936 default: 937 WARN_ON_ONCE(1); 938 ret = -EINVAL; 939 break; 940 } 941 942 if (!ret) { 943 u16 rx_ba_ssn = 0; 944 945 if (action == IEEE80211_AMPDU_RX_START) 946 rx_ba_ssn = *ssn; 947 948 iwl_mvm_ampdu_check_trigger(mvm, vif, sta, tid, 949 rx_ba_ssn, action); 950 } 951 mutex_unlock(&mvm->mutex); 952 953 return ret; 954 } 955 956 static void iwl_mvm_cleanup_iterator(void *data, u8 *mac, 957 struct ieee80211_vif *vif) 958 { 959 struct iwl_mvm *mvm = data; 960 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 961 962 mvmvif->uploaded = false; 963 mvmvif->ap_sta_id = IWL_MVM_INVALID_STA; 964 965 spin_lock_bh(&mvm->time_event_lock); 966 iwl_mvm_te_clear_data(mvm, &mvmvif->time_event_data); 967 spin_unlock_bh(&mvm->time_event_lock); 968 969 mvmvif->phy_ctxt = NULL; 970 memset(&mvmvif->bf_data, 0, sizeof(mvmvif->bf_data)); 971 memset(&mvmvif->probe_resp_data, 0, sizeof(mvmvif->probe_resp_data)); 972 } 973 974 static void iwl_mvm_restart_cleanup(struct iwl_mvm *mvm) 975 { 976 iwl_mvm_stop_device(mvm); 977 978 mvm->cur_aid = 0; 979 980 mvm->scan_status = 0; 981 mvm->ps_disabled = false; 982 mvm->rfkill_safe_init_done = false; 983 984 /* just in case one was running */ 985 iwl_mvm_cleanup_roc_te(mvm); 986 ieee80211_remain_on_channel_expired(mvm->hw); 987 988 iwl_mvm_ftm_restart(mvm); 989 990 /* 991 * cleanup all interfaces, even inactive ones, as some might have 992 * gone down during the HW restart 993 */ 994 ieee80211_iterate_interfaces(mvm->hw, 0, iwl_mvm_cleanup_iterator, mvm); 995 996 mvm->p2p_device_vif = NULL; 997 998 iwl_mvm_reset_phy_ctxts(mvm); 999 memset(mvm->fw_key_table, 0, sizeof(mvm->fw_key_table)); 1000 memset(&mvm->last_bt_notif, 0, sizeof(mvm->last_bt_notif)); 1001 memset(&mvm->last_bt_ci_cmd, 0, sizeof(mvm->last_bt_ci_cmd)); 1002 1003 ieee80211_wake_queues(mvm->hw); 1004 1005 mvm->vif_count = 0; 1006 mvm->rx_ba_sessions = 0; 1007 mvm->fwrt.dump.conf = FW_DBG_INVALID; 1008 mvm->monitor_on = false; 1009 1010 /* keep statistics ticking */ 1011 iwl_mvm_accu_radio_stats(mvm); 1012 } 1013 1014 int __iwl_mvm_mac_start(struct iwl_mvm *mvm) 1015 { 1016 int ret; 1017 1018 lockdep_assert_held(&mvm->mutex); 1019 1020 ret = iwl_mvm_mei_get_ownership(mvm); 1021 if (ret) 1022 return ret; 1023 1024 if (mvm->mei_nvm_data) { 1025 /* We got the NIC, we can now free the MEI NVM data */ 1026 kfree(mvm->mei_nvm_data); 1027 mvm->mei_nvm_data = NULL; 1028 1029 /* 1030 * We can't free the nvm_data we allocated based on the SAP 1031 * data because we registered to cfg80211 with the channels 1032 * allocated on mvm->nvm_data. Keep a pointer in temp_nvm_data 1033 * just in order to be able free it later. 1034 * NULLify nvm_data so that we will read the NVM from the 1035 * firmware this time. 1036 */ 1037 mvm->temp_nvm_data = mvm->nvm_data; 1038 mvm->nvm_data = NULL; 1039 } 1040 1041 if (test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status)) { 1042 /* 1043 * Now convert the HW_RESTART_REQUESTED flag to IN_HW_RESTART 1044 * so later code will - from now on - see that we're doing it. 1045 */ 1046 set_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 1047 clear_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status); 1048 /* Clean up some internal and mac80211 state on restart */ 1049 iwl_mvm_restart_cleanup(mvm); 1050 } 1051 ret = iwl_mvm_up(mvm); 1052 1053 iwl_dbg_tlv_time_point(&mvm->fwrt, IWL_FW_INI_TIME_POINT_POST_INIT, 1054 NULL); 1055 iwl_dbg_tlv_time_point(&mvm->fwrt, IWL_FW_INI_TIME_POINT_PERIODIC, 1056 NULL); 1057 1058 mvm->last_reset_or_resume_time_jiffies = jiffies; 1059 1060 if (ret && test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) { 1061 /* Something went wrong - we need to finish some cleanup 1062 * that normally iwl_mvm_mac_restart_complete() below 1063 * would do. 1064 */ 1065 clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 1066 } 1067 1068 return ret; 1069 } 1070 1071 static int iwl_mvm_mac_start(struct ieee80211_hw *hw) 1072 { 1073 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1074 int ret; 1075 int retry, max_retry = 0; 1076 1077 mutex_lock(&mvm->mutex); 1078 1079 /* we are starting the mac not in error flow, and restart is enabled */ 1080 if (!test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status) && 1081 iwlwifi_mod_params.fw_restart) { 1082 max_retry = IWL_MAX_INIT_RETRY; 1083 /* 1084 * This will prevent mac80211 recovery flows to trigger during 1085 * init failures 1086 */ 1087 set_bit(IWL_MVM_STATUS_STARTING, &mvm->status); 1088 } 1089 1090 for (retry = 0; retry <= max_retry; retry++) { 1091 ret = __iwl_mvm_mac_start(mvm); 1092 if (!ret) 1093 break; 1094 1095 IWL_ERR(mvm, "mac start retry %d\n", retry); 1096 } 1097 clear_bit(IWL_MVM_STATUS_STARTING, &mvm->status); 1098 1099 mutex_unlock(&mvm->mutex); 1100 1101 iwl_mvm_mei_set_sw_rfkill_state(mvm); 1102 1103 return ret; 1104 } 1105 1106 static void iwl_mvm_restart_complete(struct iwl_mvm *mvm) 1107 { 1108 int ret; 1109 1110 mutex_lock(&mvm->mutex); 1111 1112 clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 1113 1114 ret = iwl_mvm_update_quotas(mvm, true, NULL); 1115 if (ret) 1116 IWL_ERR(mvm, "Failed to update quotas after restart (%d)\n", 1117 ret); 1118 1119 iwl_mvm_send_recovery_cmd(mvm, ERROR_RECOVERY_END_OF_RECOVERY); 1120 1121 /* 1122 * If we have TDLS peers, remove them. We don't know the last seqno/PN 1123 * of packets the FW sent out, so we must reconnect. 1124 */ 1125 iwl_mvm_teardown_tdls_peers(mvm); 1126 1127 mutex_unlock(&mvm->mutex); 1128 } 1129 1130 static void 1131 iwl_mvm_mac_reconfig_complete(struct ieee80211_hw *hw, 1132 enum ieee80211_reconfig_type reconfig_type) 1133 { 1134 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1135 1136 switch (reconfig_type) { 1137 case IEEE80211_RECONFIG_TYPE_RESTART: 1138 iwl_mvm_restart_complete(mvm); 1139 break; 1140 case IEEE80211_RECONFIG_TYPE_SUSPEND: 1141 break; 1142 } 1143 } 1144 1145 void __iwl_mvm_mac_stop(struct iwl_mvm *mvm) 1146 { 1147 lockdep_assert_held(&mvm->mutex); 1148 1149 iwl_mvm_ftm_initiator_smooth_stop(mvm); 1150 1151 /* firmware counters are obviously reset now, but we shouldn't 1152 * partially track so also clear the fw_reset_accu counters. 1153 */ 1154 memset(&mvm->accu_radio_stats, 0, sizeof(mvm->accu_radio_stats)); 1155 1156 /* async_handlers_wk is now blocked */ 1157 1158 if (iwl_fw_lookup_cmd_ver(mvm->fw, LONG_GROUP, ADD_STA, 0) < 12) 1159 iwl_mvm_rm_aux_sta(mvm); 1160 1161 iwl_mvm_stop_device(mvm); 1162 1163 iwl_mvm_async_handlers_purge(mvm); 1164 /* async_handlers_list is empty and will stay empty: HW is stopped */ 1165 1166 /* 1167 * Clear IN_HW_RESTART and HW_RESTART_REQUESTED flag when stopping the 1168 * hw (as restart_complete() won't be called in this case) and mac80211 1169 * won't execute the restart. 1170 * But make sure to cleanup interfaces that have gone down before/during 1171 * HW restart was requested. 1172 */ 1173 if (test_and_clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) || 1174 test_and_clear_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, 1175 &mvm->status)) 1176 ieee80211_iterate_interfaces(mvm->hw, 0, 1177 iwl_mvm_cleanup_iterator, mvm); 1178 1179 /* We shouldn't have any UIDs still set. Loop over all the UIDs to 1180 * make sure there's nothing left there and warn if any is found. 1181 */ 1182 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) { 1183 int i; 1184 1185 for (i = 0; i < mvm->max_scans; i++) { 1186 if (WARN_ONCE(mvm->scan_uid_status[i], 1187 "UMAC scan UID %d status was not cleaned\n", 1188 i)) 1189 mvm->scan_uid_status[i] = 0; 1190 } 1191 } 1192 } 1193 1194 static void iwl_mvm_mac_stop(struct ieee80211_hw *hw) 1195 { 1196 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1197 1198 flush_work(&mvm->async_handlers_wk); 1199 flush_work(&mvm->add_stream_wk); 1200 1201 /* 1202 * Lock and clear the firmware running bit here already, so that 1203 * new commands coming in elsewhere, e.g. from debugfs, will not 1204 * be able to proceed. This is important here because one of those 1205 * debugfs files causes the firmware dump to be triggered, and if we 1206 * don't stop debugfs accesses before canceling that it could be 1207 * retriggered after we flush it but before we've cleared the bit. 1208 */ 1209 clear_bit(IWL_MVM_STATUS_FIRMWARE_RUNNING, &mvm->status); 1210 1211 cancel_delayed_work_sync(&mvm->cs_tx_unblock_dwork); 1212 cancel_delayed_work_sync(&mvm->scan_timeout_dwork); 1213 1214 /* 1215 * The work item could be running or queued if the 1216 * ROC time event stops just as we get here. 1217 */ 1218 flush_work(&mvm->roc_done_wk); 1219 1220 iwl_mvm_mei_set_sw_rfkill_state(mvm); 1221 1222 mutex_lock(&mvm->mutex); 1223 __iwl_mvm_mac_stop(mvm); 1224 mutex_unlock(&mvm->mutex); 1225 1226 /* 1227 * The worker might have been waiting for the mutex, let it run and 1228 * discover that its list is now empty. 1229 */ 1230 cancel_work_sync(&mvm->async_handlers_wk); 1231 } 1232 1233 static struct iwl_mvm_phy_ctxt *iwl_mvm_get_free_phy_ctxt(struct iwl_mvm *mvm) 1234 { 1235 u16 i; 1236 1237 lockdep_assert_held(&mvm->mutex); 1238 1239 for (i = 0; i < NUM_PHY_CTX; i++) 1240 if (!mvm->phy_ctxts[i].ref) 1241 return &mvm->phy_ctxts[i]; 1242 1243 IWL_ERR(mvm, "No available PHY context\n"); 1244 return NULL; 1245 } 1246 1247 static int iwl_mvm_set_tx_power(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 1248 s16 tx_power) 1249 { 1250 int len; 1251 struct iwl_dev_tx_power_cmd cmd = { 1252 .common.set_mode = cpu_to_le32(IWL_TX_POWER_MODE_SET_MAC), 1253 .common.mac_context_id = 1254 cpu_to_le32(iwl_mvm_vif_from_mac80211(vif)->id), 1255 .common.pwr_restriction = cpu_to_le16(8 * tx_power), 1256 }; 1257 u8 cmd_ver = iwl_fw_lookup_cmd_ver(mvm->fw, LONG_GROUP, 1258 REDUCE_TX_POWER_CMD, 1259 IWL_FW_CMD_VER_UNKNOWN); 1260 1261 if (tx_power == IWL_DEFAULT_MAX_TX_POWER) 1262 cmd.common.pwr_restriction = cpu_to_le16(IWL_DEV_MAX_TX_POWER); 1263 1264 if (cmd_ver == 6) 1265 len = sizeof(cmd.v6); 1266 else if (fw_has_api(&mvm->fw->ucode_capa, 1267 IWL_UCODE_TLV_API_REDUCE_TX_POWER)) 1268 len = sizeof(cmd.v5); 1269 else if (fw_has_capa(&mvm->fw->ucode_capa, 1270 IWL_UCODE_TLV_CAPA_TX_POWER_ACK)) 1271 len = sizeof(cmd.v4); 1272 else 1273 len = sizeof(cmd.v3); 1274 1275 /* all structs have the same common part, add it */ 1276 len += sizeof(cmd.common); 1277 1278 return iwl_mvm_send_cmd_pdu(mvm, REDUCE_TX_POWER_CMD, 0, len, &cmd); 1279 } 1280 1281 static int iwl_mvm_post_channel_switch(struct ieee80211_hw *hw, 1282 struct ieee80211_vif *vif) 1283 { 1284 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1285 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1286 int ret; 1287 1288 mutex_lock(&mvm->mutex); 1289 1290 if (vif->type == NL80211_IFTYPE_STATION) { 1291 struct iwl_mvm_sta *mvmsta; 1292 1293 mvmvif->csa_bcn_pending = false; 1294 mvmsta = iwl_mvm_sta_from_staid_protected(mvm, 1295 mvmvif->ap_sta_id); 1296 1297 if (WARN_ON(!mvmsta)) { 1298 ret = -EIO; 1299 goto out_unlock; 1300 } 1301 1302 iwl_mvm_sta_modify_disable_tx(mvm, mvmsta, false); 1303 1304 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 1305 1306 if (!fw_has_capa(&mvm->fw->ucode_capa, 1307 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) { 1308 ret = iwl_mvm_enable_beacon_filter(mvm, vif, 0); 1309 if (ret) 1310 goto out_unlock; 1311 1312 iwl_mvm_stop_session_protection(mvm, vif); 1313 } 1314 } 1315 1316 mvmvif->ps_disabled = false; 1317 1318 ret = iwl_mvm_power_update_ps(mvm); 1319 1320 out_unlock: 1321 if (mvmvif->csa_failed) 1322 ret = -EIO; 1323 mutex_unlock(&mvm->mutex); 1324 1325 return ret; 1326 } 1327 1328 static void iwl_mvm_abort_channel_switch(struct ieee80211_hw *hw, 1329 struct ieee80211_vif *vif) 1330 { 1331 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1332 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1333 struct iwl_chan_switch_te_cmd cmd = { 1334 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 1335 mvmvif->color)), 1336 .action = cpu_to_le32(FW_CTXT_ACTION_REMOVE), 1337 }; 1338 1339 IWL_DEBUG_MAC80211(mvm, "Abort CSA on mac %d\n", mvmvif->id); 1340 1341 mutex_lock(&mvm->mutex); 1342 if (!fw_has_capa(&mvm->fw->ucode_capa, 1343 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) 1344 iwl_mvm_remove_csa_period(mvm, vif); 1345 else 1346 WARN_ON(iwl_mvm_send_cmd_pdu(mvm, 1347 WIDE_ID(MAC_CONF_GROUP, 1348 CHANNEL_SWITCH_TIME_EVENT_CMD), 1349 0, sizeof(cmd), &cmd)); 1350 mvmvif->csa_failed = true; 1351 mutex_unlock(&mvm->mutex); 1352 1353 iwl_mvm_post_channel_switch(hw, vif); 1354 } 1355 1356 static void iwl_mvm_channel_switch_disconnect_wk(struct work_struct *wk) 1357 { 1358 struct iwl_mvm_vif *mvmvif; 1359 struct ieee80211_vif *vif; 1360 1361 mvmvif = container_of(wk, struct iwl_mvm_vif, csa_work.work); 1362 vif = container_of((void *)mvmvif, struct ieee80211_vif, drv_priv); 1363 1364 /* Trigger disconnect (should clear the CSA state) */ 1365 ieee80211_chswitch_done(vif, false); 1366 } 1367 1368 static int iwl_mvm_mac_add_interface(struct ieee80211_hw *hw, 1369 struct ieee80211_vif *vif) 1370 { 1371 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1372 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1373 int ret; 1374 1375 mvmvif->mvm = mvm; 1376 RCU_INIT_POINTER(mvmvif->probe_resp_data, NULL); 1377 1378 /* 1379 * Not much to do here. The stack will not allow interface 1380 * types or combinations that we didn't advertise, so we 1381 * don't really have to check the types. 1382 */ 1383 1384 mutex_lock(&mvm->mutex); 1385 1386 /* make sure that beacon statistics don't go backwards with FW reset */ 1387 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) 1388 mvmvif->beacon_stats.accu_num_beacons += 1389 mvmvif->beacon_stats.num_beacons; 1390 1391 /* Allocate resources for the MAC context, and add it to the fw */ 1392 ret = iwl_mvm_mac_ctxt_init(mvm, vif); 1393 if (ret) 1394 goto out_unlock; 1395 1396 rcu_assign_pointer(mvm->vif_id_to_mac[mvmvif->id], vif); 1397 1398 /* Counting number of interfaces is needed for legacy PM */ 1399 if (vif->type != NL80211_IFTYPE_P2P_DEVICE) 1400 mvm->vif_count++; 1401 1402 /* 1403 * The AP binding flow can be done only after the beacon 1404 * template is configured (which happens only in the mac80211 1405 * start_ap() flow), and adding the broadcast station can happen 1406 * only after the binding. 1407 * In addition, since modifying the MAC before adding a bcast 1408 * station is not allowed by the FW, delay the adding of MAC context to 1409 * the point where we can also add the bcast station. 1410 * In short: there's not much we can do at this point, other than 1411 * allocating resources :) 1412 */ 1413 if (vif->type == NL80211_IFTYPE_AP || 1414 vif->type == NL80211_IFTYPE_ADHOC) { 1415 ret = iwl_mvm_alloc_bcast_sta(mvm, vif); 1416 if (ret) { 1417 IWL_ERR(mvm, "Failed to allocate bcast sta\n"); 1418 goto out_release; 1419 } 1420 1421 /* 1422 * Only queue for this station is the mcast queue, 1423 * which shouldn't be in TFD mask anyway 1424 */ 1425 ret = iwl_mvm_allocate_int_sta(mvm, &mvmvif->mcast_sta, 1426 0, vif->type, 1427 IWL_STA_MULTICAST); 1428 if (ret) 1429 goto out_release; 1430 1431 iwl_mvm_vif_dbgfs_register(mvm, vif); 1432 goto out_unlock; 1433 } 1434 1435 mvmvif->features |= hw->netdev_features; 1436 1437 ret = iwl_mvm_mac_ctxt_add(mvm, vif); 1438 if (ret) 1439 goto out_release; 1440 1441 ret = iwl_mvm_power_update_mac(mvm); 1442 if (ret) 1443 goto out_remove_mac; 1444 1445 /* beacon filtering */ 1446 ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0); 1447 if (ret) 1448 goto out_remove_mac; 1449 1450 if (!mvm->bf_allowed_vif && 1451 vif->type == NL80211_IFTYPE_STATION && !vif->p2p) { 1452 mvm->bf_allowed_vif = mvmvif; 1453 vif->driver_flags |= IEEE80211_VIF_BEACON_FILTER | 1454 IEEE80211_VIF_SUPPORTS_CQM_RSSI; 1455 } 1456 1457 /* 1458 * P2P_DEVICE interface does not have a channel context assigned to it, 1459 * so a dedicated PHY context is allocated to it and the corresponding 1460 * MAC context is bound to it at this stage. 1461 */ 1462 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 1463 1464 mvmvif->phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm); 1465 if (!mvmvif->phy_ctxt) { 1466 ret = -ENOSPC; 1467 goto out_free_bf; 1468 } 1469 1470 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt); 1471 ret = iwl_mvm_binding_add_vif(mvm, vif); 1472 if (ret) 1473 goto out_unref_phy; 1474 1475 ret = iwl_mvm_add_p2p_bcast_sta(mvm, vif); 1476 if (ret) 1477 goto out_unbind; 1478 1479 /* Save a pointer to p2p device vif, so it can later be used to 1480 * update the p2p device MAC when a GO is started/stopped */ 1481 mvm->p2p_device_vif = vif; 1482 } 1483 1484 iwl_mvm_tcm_add_vif(mvm, vif); 1485 INIT_DELAYED_WORK(&mvmvif->csa_work, 1486 iwl_mvm_channel_switch_disconnect_wk); 1487 1488 if (vif->type == NL80211_IFTYPE_MONITOR) 1489 mvm->monitor_on = true; 1490 1491 iwl_mvm_vif_dbgfs_register(mvm, vif); 1492 1493 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 1494 vif->type == NL80211_IFTYPE_STATION && !vif->p2p && 1495 !mvm->csme_vif && mvm->mei_registered) { 1496 iwl_mei_set_nic_info(vif->addr, mvm->nvm_data->hw_addr); 1497 iwl_mei_set_netdev(ieee80211_vif_to_wdev(vif)->netdev); 1498 mvm->csme_vif = vif; 1499 } 1500 1501 goto out_unlock; 1502 1503 out_unbind: 1504 iwl_mvm_binding_remove_vif(mvm, vif); 1505 out_unref_phy: 1506 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt); 1507 out_free_bf: 1508 if (mvm->bf_allowed_vif == mvmvif) { 1509 mvm->bf_allowed_vif = NULL; 1510 vif->driver_flags &= ~(IEEE80211_VIF_BEACON_FILTER | 1511 IEEE80211_VIF_SUPPORTS_CQM_RSSI); 1512 } 1513 out_remove_mac: 1514 mvmvif->phy_ctxt = NULL; 1515 iwl_mvm_mac_ctxt_remove(mvm, vif); 1516 out_release: 1517 if (vif->type != NL80211_IFTYPE_P2P_DEVICE) 1518 mvm->vif_count--; 1519 out_unlock: 1520 mutex_unlock(&mvm->mutex); 1521 1522 return ret; 1523 } 1524 1525 static void iwl_mvm_prepare_mac_removal(struct iwl_mvm *mvm, 1526 struct ieee80211_vif *vif) 1527 { 1528 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 1529 /* 1530 * Flush the ROC worker which will flush the OFFCHANNEL queue. 1531 * We assume here that all the packets sent to the OFFCHANNEL 1532 * queue are sent in ROC session. 1533 */ 1534 flush_work(&mvm->roc_done_wk); 1535 } 1536 } 1537 1538 static void iwl_mvm_mac_remove_interface(struct ieee80211_hw *hw, 1539 struct ieee80211_vif *vif) 1540 { 1541 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1542 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1543 struct iwl_probe_resp_data *probe_data; 1544 1545 iwl_mvm_prepare_mac_removal(mvm, vif); 1546 1547 if (!(vif->type == NL80211_IFTYPE_AP || 1548 vif->type == NL80211_IFTYPE_ADHOC)) 1549 iwl_mvm_tcm_rm_vif(mvm, vif); 1550 1551 mutex_lock(&mvm->mutex); 1552 1553 if (vif == mvm->csme_vif) { 1554 iwl_mei_set_netdev(NULL); 1555 mvm->csme_vif = NULL; 1556 } 1557 1558 probe_data = rcu_dereference_protected(mvmvif->probe_resp_data, 1559 lockdep_is_held(&mvm->mutex)); 1560 RCU_INIT_POINTER(mvmvif->probe_resp_data, NULL); 1561 if (probe_data) 1562 kfree_rcu(probe_data, rcu_head); 1563 1564 if (mvm->bf_allowed_vif == mvmvif) { 1565 mvm->bf_allowed_vif = NULL; 1566 vif->driver_flags &= ~(IEEE80211_VIF_BEACON_FILTER | 1567 IEEE80211_VIF_SUPPORTS_CQM_RSSI); 1568 } 1569 1570 if (vif->bss_conf.ftm_responder) 1571 memset(&mvm->ftm_resp_stats, 0, sizeof(mvm->ftm_resp_stats)); 1572 1573 iwl_mvm_vif_dbgfs_clean(mvm, vif); 1574 1575 /* 1576 * For AP/GO interface, the tear down of the resources allocated to the 1577 * interface is be handled as part of the stop_ap flow. 1578 */ 1579 if (vif->type == NL80211_IFTYPE_AP || 1580 vif->type == NL80211_IFTYPE_ADHOC) { 1581 #ifdef CONFIG_NL80211_TESTMODE 1582 if (vif == mvm->noa_vif) { 1583 mvm->noa_vif = NULL; 1584 mvm->noa_duration = 0; 1585 } 1586 #endif 1587 iwl_mvm_dealloc_int_sta(mvm, &mvmvif->mcast_sta); 1588 iwl_mvm_dealloc_bcast_sta(mvm, vif); 1589 goto out_release; 1590 } 1591 1592 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 1593 mvm->p2p_device_vif = NULL; 1594 iwl_mvm_rm_p2p_bcast_sta(mvm, vif); 1595 iwl_mvm_binding_remove_vif(mvm, vif); 1596 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt); 1597 mvmvif->phy_ctxt = NULL; 1598 } 1599 1600 if (mvm->vif_count && vif->type != NL80211_IFTYPE_P2P_DEVICE) 1601 mvm->vif_count--; 1602 1603 iwl_mvm_power_update_mac(mvm); 1604 iwl_mvm_mac_ctxt_remove(mvm, vif); 1605 1606 RCU_INIT_POINTER(mvm->vif_id_to_mac[mvmvif->id], NULL); 1607 1608 if (vif->type == NL80211_IFTYPE_MONITOR) 1609 mvm->monitor_on = false; 1610 1611 out_release: 1612 mutex_unlock(&mvm->mutex); 1613 } 1614 1615 static int iwl_mvm_mac_config(struct ieee80211_hw *hw, u32 changed) 1616 { 1617 return 0; 1618 } 1619 1620 struct iwl_mvm_mc_iter_data { 1621 struct iwl_mvm *mvm; 1622 int port_id; 1623 }; 1624 1625 static void iwl_mvm_mc_iface_iterator(void *_data, u8 *mac, 1626 struct ieee80211_vif *vif) 1627 { 1628 struct iwl_mvm_mc_iter_data *data = _data; 1629 struct iwl_mvm *mvm = data->mvm; 1630 struct iwl_mcast_filter_cmd *cmd = mvm->mcast_filter_cmd; 1631 struct iwl_host_cmd hcmd = { 1632 .id = MCAST_FILTER_CMD, 1633 .flags = CMD_ASYNC, 1634 .dataflags[0] = IWL_HCMD_DFL_NOCOPY, 1635 }; 1636 int ret, len; 1637 1638 /* if we don't have free ports, mcast frames will be dropped */ 1639 if (WARN_ON_ONCE(data->port_id >= MAX_PORT_ID_NUM)) 1640 return; 1641 1642 if (vif->type != NL80211_IFTYPE_STATION || 1643 !vif->bss_conf.assoc) 1644 return; 1645 1646 cmd->port_id = data->port_id++; 1647 memcpy(cmd->bssid, vif->bss_conf.bssid, ETH_ALEN); 1648 len = roundup(sizeof(*cmd) + cmd->count * ETH_ALEN, 4); 1649 1650 hcmd.len[0] = len; 1651 hcmd.data[0] = cmd; 1652 1653 ret = iwl_mvm_send_cmd(mvm, &hcmd); 1654 if (ret) 1655 IWL_ERR(mvm, "mcast filter cmd error. ret=%d\n", ret); 1656 } 1657 1658 static void iwl_mvm_recalc_multicast(struct iwl_mvm *mvm) 1659 { 1660 struct iwl_mvm_mc_iter_data iter_data = { 1661 .mvm = mvm, 1662 }; 1663 int ret; 1664 1665 lockdep_assert_held(&mvm->mutex); 1666 1667 if (WARN_ON_ONCE(!mvm->mcast_filter_cmd)) 1668 return; 1669 1670 ieee80211_iterate_active_interfaces_atomic( 1671 mvm->hw, IEEE80211_IFACE_ITER_NORMAL, 1672 iwl_mvm_mc_iface_iterator, &iter_data); 1673 1674 /* 1675 * Send a (synchronous) ech command so that we wait for the 1676 * multiple asynchronous MCAST_FILTER_CMD commands sent by 1677 * the interface iterator. Otherwise, we might get here over 1678 * and over again (by userspace just sending a lot of these) 1679 * and the CPU can send them faster than the firmware can 1680 * process them. 1681 * Note that the CPU is still faster - but with this we'll 1682 * actually send fewer commands overall because the CPU will 1683 * not schedule the work in mac80211 as frequently if it's 1684 * still running when rescheduled (possibly multiple times). 1685 */ 1686 ret = iwl_mvm_send_cmd_pdu(mvm, ECHO_CMD, 0, 0, NULL); 1687 if (ret) 1688 IWL_ERR(mvm, "Failed to synchronize multicast groups update\n"); 1689 } 1690 1691 static u64 iwl_mvm_prepare_multicast(struct ieee80211_hw *hw, 1692 struct netdev_hw_addr_list *mc_list) 1693 { 1694 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1695 struct iwl_mcast_filter_cmd *cmd; 1696 struct netdev_hw_addr *addr; 1697 int addr_count; 1698 bool pass_all; 1699 int len; 1700 1701 addr_count = netdev_hw_addr_list_count(mc_list); 1702 pass_all = addr_count > MAX_MCAST_FILTERING_ADDRESSES || 1703 IWL_MVM_FW_MCAST_FILTER_PASS_ALL; 1704 if (pass_all) 1705 addr_count = 0; 1706 1707 len = roundup(sizeof(*cmd) + addr_count * ETH_ALEN, 4); 1708 cmd = kzalloc(len, GFP_ATOMIC); 1709 if (!cmd) 1710 return 0; 1711 1712 if (pass_all) { 1713 cmd->pass_all = 1; 1714 return (u64)(unsigned long)cmd; 1715 } 1716 1717 netdev_hw_addr_list_for_each(addr, mc_list) { 1718 IWL_DEBUG_MAC80211(mvm, "mcast addr (%d): %pM\n", 1719 cmd->count, addr->addr); 1720 memcpy(&cmd->addr_list[cmd->count * ETH_ALEN], 1721 addr->addr, ETH_ALEN); 1722 cmd->count++; 1723 } 1724 1725 return (u64)(unsigned long)cmd; 1726 } 1727 1728 static void iwl_mvm_configure_filter(struct ieee80211_hw *hw, 1729 unsigned int changed_flags, 1730 unsigned int *total_flags, 1731 u64 multicast) 1732 { 1733 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1734 struct iwl_mcast_filter_cmd *cmd = (void *)(unsigned long)multicast; 1735 1736 mutex_lock(&mvm->mutex); 1737 1738 /* replace previous configuration */ 1739 kfree(mvm->mcast_filter_cmd); 1740 mvm->mcast_filter_cmd = cmd; 1741 1742 if (!cmd) 1743 goto out; 1744 1745 if (changed_flags & FIF_ALLMULTI) 1746 cmd->pass_all = !!(*total_flags & FIF_ALLMULTI); 1747 1748 if (cmd->pass_all) 1749 cmd->count = 0; 1750 1751 iwl_mvm_recalc_multicast(mvm); 1752 out: 1753 mutex_unlock(&mvm->mutex); 1754 *total_flags = 0; 1755 } 1756 1757 static void iwl_mvm_config_iface_filter(struct ieee80211_hw *hw, 1758 struct ieee80211_vif *vif, 1759 unsigned int filter_flags, 1760 unsigned int changed_flags) 1761 { 1762 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1763 1764 /* We support only filter for probe requests */ 1765 if (!(changed_flags & FIF_PROBE_REQ)) 1766 return; 1767 1768 /* Supported only for p2p client interfaces */ 1769 if (vif->type != NL80211_IFTYPE_STATION || !vif->bss_conf.assoc || 1770 !vif->p2p) 1771 return; 1772 1773 mutex_lock(&mvm->mutex); 1774 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 1775 mutex_unlock(&mvm->mutex); 1776 } 1777 1778 static int iwl_mvm_update_mu_groups(struct iwl_mvm *mvm, 1779 struct ieee80211_vif *vif) 1780 { 1781 struct iwl_mu_group_mgmt_cmd cmd = {}; 1782 1783 memcpy(cmd.membership_status, vif->bss_conf.mu_group.membership, 1784 WLAN_MEMBERSHIP_LEN); 1785 memcpy(cmd.user_position, vif->bss_conf.mu_group.position, 1786 WLAN_USER_POSITION_LEN); 1787 1788 return iwl_mvm_send_cmd_pdu(mvm, 1789 WIDE_ID(DATA_PATH_GROUP, 1790 UPDATE_MU_GROUPS_CMD), 1791 0, sizeof(cmd), &cmd); 1792 } 1793 1794 static void iwl_mvm_mu_mimo_iface_iterator(void *_data, u8 *mac, 1795 struct ieee80211_vif *vif) 1796 { 1797 if (vif->mu_mimo_owner) { 1798 struct iwl_mu_group_mgmt_notif *notif = _data; 1799 1800 /* 1801 * MU-MIMO Group Id action frame is little endian. We treat 1802 * the data received from firmware as if it came from the 1803 * action frame, so no conversion is needed. 1804 */ 1805 ieee80211_update_mu_groups(vif, 1806 (u8 *)¬if->membership_status, 1807 (u8 *)¬if->user_position); 1808 } 1809 } 1810 1811 void iwl_mvm_mu_mimo_grp_notif(struct iwl_mvm *mvm, 1812 struct iwl_rx_cmd_buffer *rxb) 1813 { 1814 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1815 struct iwl_mu_group_mgmt_notif *notif = (void *)pkt->data; 1816 1817 ieee80211_iterate_active_interfaces_atomic( 1818 mvm->hw, IEEE80211_IFACE_ITER_NORMAL, 1819 iwl_mvm_mu_mimo_iface_iterator, notif); 1820 } 1821 1822 static u8 iwl_mvm_he_get_ppe_val(u8 *ppe, u8 ppe_pos_bit) 1823 { 1824 u8 byte_num = ppe_pos_bit / 8; 1825 u8 bit_num = ppe_pos_bit % 8; 1826 u8 residue_bits; 1827 u8 res; 1828 1829 if (bit_num <= 5) 1830 return (ppe[byte_num] >> bit_num) & 1831 (BIT(IEEE80211_PPE_THRES_INFO_PPET_SIZE) - 1); 1832 1833 /* 1834 * If bit_num > 5, we have to combine bits with next byte. 1835 * Calculate how many bits we need to take from current byte (called 1836 * here "residue_bits"), and add them to bits from next byte. 1837 */ 1838 1839 residue_bits = 8 - bit_num; 1840 1841 res = (ppe[byte_num + 1] & 1842 (BIT(IEEE80211_PPE_THRES_INFO_PPET_SIZE - residue_bits) - 1)) << 1843 residue_bits; 1844 res += (ppe[byte_num] >> bit_num) & (BIT(residue_bits) - 1); 1845 1846 return res; 1847 } 1848 1849 static void iwl_mvm_cfg_he_sta(struct iwl_mvm *mvm, 1850 struct ieee80211_vif *vif, u8 sta_id) 1851 { 1852 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1853 struct iwl_he_sta_context_cmd sta_ctxt_cmd = { 1854 .sta_id = sta_id, 1855 .tid_limit = IWL_MAX_TID_COUNT, 1856 .bss_color = vif->bss_conf.he_bss_color.color, 1857 .htc_trig_based_pkt_ext = vif->bss_conf.htc_trig_based_pkt_ext, 1858 .frame_time_rts_th = 1859 cpu_to_le16(vif->bss_conf.frame_time_rts_th), 1860 }; 1861 int size = fw_has_api(&mvm->fw->ucode_capa, 1862 IWL_UCODE_TLV_API_MBSSID_HE) ? 1863 sizeof(sta_ctxt_cmd) : 1864 sizeof(struct iwl_he_sta_context_cmd_v1); 1865 struct ieee80211_sta *sta; 1866 u32 flags; 1867 int i; 1868 const struct ieee80211_sta_he_cap *own_he_cap = NULL; 1869 struct ieee80211_chanctx_conf *chanctx_conf; 1870 const struct ieee80211_supported_band *sband; 1871 1872 rcu_read_lock(); 1873 1874 chanctx_conf = rcu_dereference(vif->chanctx_conf); 1875 if (WARN_ON(!chanctx_conf)) { 1876 rcu_read_unlock(); 1877 return; 1878 } 1879 1880 sband = mvm->hw->wiphy->bands[chanctx_conf->def.chan->band]; 1881 own_he_cap = ieee80211_get_he_iftype_cap(sband, 1882 ieee80211_vif_type_p2p(vif)); 1883 1884 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_ctxt_cmd.sta_id]); 1885 if (IS_ERR_OR_NULL(sta)) { 1886 rcu_read_unlock(); 1887 WARN(1, "Can't find STA to configure HE\n"); 1888 return; 1889 } 1890 1891 if (!sta->he_cap.has_he) { 1892 rcu_read_unlock(); 1893 return; 1894 } 1895 1896 flags = 0; 1897 1898 /* Block 26-tone RU OFDMA transmissions */ 1899 if (mvmvif->he_ru_2mhz_block) 1900 flags |= STA_CTXT_HE_RU_2MHZ_BLOCK; 1901 1902 /* HTC flags */ 1903 if (sta->he_cap.he_cap_elem.mac_cap_info[0] & 1904 IEEE80211_HE_MAC_CAP0_HTC_HE) 1905 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_SUPPORT); 1906 if ((sta->he_cap.he_cap_elem.mac_cap_info[1] & 1907 IEEE80211_HE_MAC_CAP1_LINK_ADAPTATION) || 1908 (sta->he_cap.he_cap_elem.mac_cap_info[2] & 1909 IEEE80211_HE_MAC_CAP2_LINK_ADAPTATION)) { 1910 u8 link_adap = 1911 ((sta->he_cap.he_cap_elem.mac_cap_info[2] & 1912 IEEE80211_HE_MAC_CAP2_LINK_ADAPTATION) << 1) + 1913 (sta->he_cap.he_cap_elem.mac_cap_info[1] & 1914 IEEE80211_HE_MAC_CAP1_LINK_ADAPTATION); 1915 1916 if (link_adap == 2) 1917 sta_ctxt_cmd.htc_flags |= 1918 cpu_to_le32(IWL_HE_HTC_LINK_ADAP_UNSOLICITED); 1919 else if (link_adap == 3) 1920 sta_ctxt_cmd.htc_flags |= 1921 cpu_to_le32(IWL_HE_HTC_LINK_ADAP_BOTH); 1922 } 1923 if (sta->he_cap.he_cap_elem.mac_cap_info[2] & IEEE80211_HE_MAC_CAP2_BSR) 1924 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_BSR_SUPP); 1925 if (sta->he_cap.he_cap_elem.mac_cap_info[3] & 1926 IEEE80211_HE_MAC_CAP3_OMI_CONTROL) 1927 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_OMI_SUPP); 1928 if (sta->he_cap.he_cap_elem.mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR) 1929 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_BQR_SUPP); 1930 1931 /* 1932 * Initialize the PPE thresholds to "None" (7), as described in Table 1933 * 9-262ac of 80211.ax/D3.0. 1934 */ 1935 memset(&sta_ctxt_cmd.pkt_ext, 7, sizeof(sta_ctxt_cmd.pkt_ext)); 1936 1937 /* If PPE Thresholds exist, parse them into a FW-familiar format. */ 1938 if (sta->he_cap.he_cap_elem.phy_cap_info[6] & 1939 IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT) { 1940 u8 nss = (sta->he_cap.ppe_thres[0] & 1941 IEEE80211_PPE_THRES_NSS_MASK) + 1; 1942 u8 ru_index_bitmap = 1943 (sta->he_cap.ppe_thres[0] & 1944 IEEE80211_PPE_THRES_RU_INDEX_BITMASK_MASK) >> 1945 IEEE80211_PPE_THRES_RU_INDEX_BITMASK_POS; 1946 u8 *ppe = &sta->he_cap.ppe_thres[0]; 1947 u8 ppe_pos_bit = 7; /* Starting after PPE header */ 1948 1949 /* 1950 * FW currently supports only nss == MAX_HE_SUPP_NSS 1951 * 1952 * If nss > MAX: we can ignore values we don't support 1953 * If nss < MAX: we can set zeros in other streams 1954 */ 1955 if (nss > MAX_HE_SUPP_NSS) { 1956 IWL_INFO(mvm, "Got NSS = %d - trimming to %d\n", nss, 1957 MAX_HE_SUPP_NSS); 1958 nss = MAX_HE_SUPP_NSS; 1959 } 1960 1961 for (i = 0; i < nss; i++) { 1962 u8 ru_index_tmp = ru_index_bitmap << 1; 1963 u8 bw; 1964 1965 for (bw = 0; bw < MAX_HE_CHANNEL_BW_INDX; bw++) { 1966 ru_index_tmp >>= 1; 1967 if (!(ru_index_tmp & 1)) 1968 continue; 1969 1970 sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i][bw][1] = 1971 iwl_mvm_he_get_ppe_val(ppe, 1972 ppe_pos_bit); 1973 ppe_pos_bit += 1974 IEEE80211_PPE_THRES_INFO_PPET_SIZE; 1975 sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i][bw][0] = 1976 iwl_mvm_he_get_ppe_val(ppe, 1977 ppe_pos_bit); 1978 ppe_pos_bit += 1979 IEEE80211_PPE_THRES_INFO_PPET_SIZE; 1980 } 1981 } 1982 1983 flags |= STA_CTXT_HE_PACKET_EXT; 1984 } else if (u8_get_bits(sta->he_cap.he_cap_elem.phy_cap_info[9], 1985 IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK) 1986 != IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_RESERVED) { 1987 int low_th = -1; 1988 int high_th = -1; 1989 1990 /* Take the PPE thresholds from the nominal padding info */ 1991 switch (u8_get_bits(sta->he_cap.he_cap_elem.phy_cap_info[9], 1992 IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK)) { 1993 case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_0US: 1994 low_th = IWL_HE_PKT_EXT_NONE; 1995 high_th = IWL_HE_PKT_EXT_NONE; 1996 break; 1997 case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_8US: 1998 low_th = IWL_HE_PKT_EXT_BPSK; 1999 high_th = IWL_HE_PKT_EXT_NONE; 2000 break; 2001 case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US: 2002 low_th = IWL_HE_PKT_EXT_NONE; 2003 high_th = IWL_HE_PKT_EXT_BPSK; 2004 break; 2005 } 2006 2007 /* Set the PPE thresholds accordingly */ 2008 if (low_th >= 0 && high_th >= 0) { 2009 struct iwl_he_pkt_ext *pkt_ext = 2010 (struct iwl_he_pkt_ext *)&sta_ctxt_cmd.pkt_ext; 2011 2012 for (i = 0; i < MAX_HE_SUPP_NSS; i++) { 2013 u8 bw; 2014 2015 for (bw = 0; bw < MAX_HE_CHANNEL_BW_INDX; 2016 bw++) { 2017 pkt_ext->pkt_ext_qam_th[i][bw][0] = 2018 low_th; 2019 pkt_ext->pkt_ext_qam_th[i][bw][1] = 2020 high_th; 2021 } 2022 } 2023 2024 flags |= STA_CTXT_HE_PACKET_EXT; 2025 } 2026 } 2027 2028 if (sta->he_cap.he_cap_elem.mac_cap_info[2] & 2029 IEEE80211_HE_MAC_CAP2_32BIT_BA_BITMAP) 2030 flags |= STA_CTXT_HE_32BIT_BA_BITMAP; 2031 2032 if (sta->he_cap.he_cap_elem.mac_cap_info[2] & 2033 IEEE80211_HE_MAC_CAP2_ACK_EN) 2034 flags |= STA_CTXT_HE_ACK_ENABLED; 2035 2036 rcu_read_unlock(); 2037 2038 /* Mark MU EDCA as enabled, unless none detected on some AC */ 2039 flags |= STA_CTXT_HE_MU_EDCA_CW; 2040 for (i = 0; i < IEEE80211_NUM_ACS; i++) { 2041 struct ieee80211_he_mu_edca_param_ac_rec *mu_edca = 2042 &mvmvif->queue_params[i].mu_edca_param_rec; 2043 u8 ac = iwl_mvm_mac80211_ac_to_ucode_ac(i); 2044 2045 if (!mvmvif->queue_params[i].mu_edca) { 2046 flags &= ~STA_CTXT_HE_MU_EDCA_CW; 2047 break; 2048 } 2049 2050 sta_ctxt_cmd.trig_based_txf[ac].cwmin = 2051 cpu_to_le16(mu_edca->ecw_min_max & 0xf); 2052 sta_ctxt_cmd.trig_based_txf[ac].cwmax = 2053 cpu_to_le16((mu_edca->ecw_min_max & 0xf0) >> 4); 2054 sta_ctxt_cmd.trig_based_txf[ac].aifsn = 2055 cpu_to_le16(mu_edca->aifsn); 2056 sta_ctxt_cmd.trig_based_txf[ac].mu_time = 2057 cpu_to_le16(mu_edca->mu_edca_timer); 2058 } 2059 2060 2061 if (vif->bss_conf.uora_exists) { 2062 flags |= STA_CTXT_HE_TRIG_RND_ALLOC; 2063 2064 sta_ctxt_cmd.rand_alloc_ecwmin = 2065 vif->bss_conf.uora_ocw_range & 0x7; 2066 sta_ctxt_cmd.rand_alloc_ecwmax = 2067 (vif->bss_conf.uora_ocw_range >> 3) & 0x7; 2068 } 2069 2070 if (own_he_cap && !(own_he_cap->he_cap_elem.mac_cap_info[2] & 2071 IEEE80211_HE_MAC_CAP2_ACK_EN)) 2072 flags |= STA_CTXT_HE_NIC_NOT_ACK_ENABLED; 2073 2074 if (vif->bss_conf.nontransmitted) { 2075 flags |= STA_CTXT_HE_REF_BSSID_VALID; 2076 ether_addr_copy(sta_ctxt_cmd.ref_bssid_addr, 2077 vif->bss_conf.transmitter_bssid); 2078 sta_ctxt_cmd.max_bssid_indicator = 2079 vif->bss_conf.bssid_indicator; 2080 sta_ctxt_cmd.bssid_index = vif->bss_conf.bssid_index; 2081 sta_ctxt_cmd.ema_ap = vif->bss_conf.ema_ap; 2082 sta_ctxt_cmd.profile_periodicity = 2083 vif->bss_conf.profile_periodicity; 2084 } 2085 2086 sta_ctxt_cmd.flags = cpu_to_le32(flags); 2087 2088 if (iwl_mvm_send_cmd_pdu(mvm, iwl_cmd_id(STA_HE_CTXT_CMD, 2089 DATA_PATH_GROUP, 0), 2090 0, size, &sta_ctxt_cmd)) 2091 IWL_ERR(mvm, "Failed to config FW to work HE!\n"); 2092 } 2093 2094 static void iwl_mvm_protect_assoc(struct iwl_mvm *mvm, 2095 struct ieee80211_vif *vif, 2096 u32 duration_override) 2097 { 2098 u32 duration = IWL_MVM_TE_SESSION_PROTECTION_MAX_TIME_MS; 2099 u32 min_duration = IWL_MVM_TE_SESSION_PROTECTION_MIN_TIME_MS; 2100 2101 if (duration_override > duration) 2102 duration = duration_override; 2103 2104 /* Try really hard to protect the session and hear a beacon 2105 * The new session protection command allows us to protect the 2106 * session for a much longer time since the firmware will internally 2107 * create two events: a 300TU one with a very high priority that 2108 * won't be fragmented which should be enough for 99% of the cases, 2109 * and another one (which we configure here to be 900TU long) which 2110 * will have a slightly lower priority, but more importantly, can be 2111 * fragmented so that it'll allow other activities to run. 2112 */ 2113 if (fw_has_capa(&mvm->fw->ucode_capa, 2114 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) 2115 iwl_mvm_schedule_session_protection(mvm, vif, 900, 2116 min_duration, false); 2117 else 2118 iwl_mvm_protect_session(mvm, vif, duration, 2119 min_duration, 500, false); 2120 } 2121 2122 static void iwl_mvm_bss_info_changed_station(struct iwl_mvm *mvm, 2123 struct ieee80211_vif *vif, 2124 struct ieee80211_bss_conf *bss_conf, 2125 u32 changes) 2126 { 2127 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2128 int ret; 2129 2130 /* 2131 * Re-calculate the tsf id, as the leader-follower relations depend 2132 * on the beacon interval, which was not known when the station 2133 * interface was added. 2134 */ 2135 if (changes & BSS_CHANGED_ASSOC && bss_conf->assoc) { 2136 if (vif->bss_conf.he_support && 2137 !iwlwifi_mod_params.disable_11ax) 2138 iwl_mvm_cfg_he_sta(mvm, vif, mvmvif->ap_sta_id); 2139 2140 iwl_mvm_mac_ctxt_recalc_tsf_id(mvm, vif); 2141 } 2142 2143 /* Update MU EDCA params */ 2144 if (changes & BSS_CHANGED_QOS && mvmvif->associated && 2145 bss_conf->assoc && vif->bss_conf.he_support && 2146 !iwlwifi_mod_params.disable_11ax) 2147 iwl_mvm_cfg_he_sta(mvm, vif, mvmvif->ap_sta_id); 2148 2149 /* 2150 * If we're not associated yet, take the (new) BSSID before associating 2151 * so the firmware knows. If we're already associated, then use the old 2152 * BSSID here, and we'll send a cleared one later in the CHANGED_ASSOC 2153 * branch for disassociation below. 2154 */ 2155 if (changes & BSS_CHANGED_BSSID && !mvmvif->associated) 2156 memcpy(mvmvif->bssid, bss_conf->bssid, ETH_ALEN); 2157 2158 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, mvmvif->bssid); 2159 if (ret) 2160 IWL_ERR(mvm, "failed to update MAC %pM\n", vif->addr); 2161 2162 /* after sending it once, adopt mac80211 data */ 2163 memcpy(mvmvif->bssid, bss_conf->bssid, ETH_ALEN); 2164 mvmvif->associated = bss_conf->assoc; 2165 2166 if (changes & BSS_CHANGED_ASSOC) { 2167 if (bss_conf->assoc) { 2168 /* clear statistics to get clean beacon counter */ 2169 iwl_mvm_request_statistics(mvm, true); 2170 memset(&mvmvif->beacon_stats, 0, 2171 sizeof(mvmvif->beacon_stats)); 2172 2173 /* add quota for this interface */ 2174 ret = iwl_mvm_update_quotas(mvm, true, NULL); 2175 if (ret) { 2176 IWL_ERR(mvm, "failed to update quotas\n"); 2177 return; 2178 } 2179 2180 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, 2181 &mvm->status) && 2182 !fw_has_capa(&mvm->fw->ucode_capa, 2183 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) { 2184 /* 2185 * If we're restarting then the firmware will 2186 * obviously have lost synchronisation with 2187 * the AP. It will attempt to synchronise by 2188 * itself, but we can make it more reliable by 2189 * scheduling a session protection time event. 2190 * 2191 * The firmware needs to receive a beacon to 2192 * catch up with synchronisation, use 110% of 2193 * the beacon interval. 2194 * 2195 * Set a large maximum delay to allow for more 2196 * than a single interface. 2197 * 2198 * For new firmware versions, rely on the 2199 * firmware. This is relevant for DCM scenarios 2200 * only anyway. 2201 */ 2202 u32 dur = (11 * vif->bss_conf.beacon_int) / 10; 2203 iwl_mvm_protect_session(mvm, vif, dur, dur, 2204 5 * dur, false); 2205 } else if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, 2206 &mvm->status) && 2207 !vif->bss_conf.dtim_period) { 2208 /* 2209 * If we're not restarting and still haven't 2210 * heard a beacon (dtim period unknown) then 2211 * make sure we still have enough minimum time 2212 * remaining in the time event, since the auth 2213 * might actually have taken quite a while 2214 * (especially for SAE) and so the remaining 2215 * time could be small without us having heard 2216 * a beacon yet. 2217 */ 2218 iwl_mvm_protect_assoc(mvm, vif, 0); 2219 } 2220 2221 iwl_mvm_sf_update(mvm, vif, false); 2222 iwl_mvm_power_vif_assoc(mvm, vif); 2223 if (vif->p2p) { 2224 iwl_mvm_update_smps(mvm, vif, 2225 IWL_MVM_SMPS_REQ_PROT, 2226 IEEE80211_SMPS_DYNAMIC); 2227 } 2228 } else if (mvmvif->ap_sta_id != IWL_MVM_INVALID_STA) { 2229 iwl_mvm_mei_host_disassociated(mvm); 2230 /* 2231 * If update fails - SF might be running in associated 2232 * mode while disassociated - which is forbidden. 2233 */ 2234 ret = iwl_mvm_sf_update(mvm, vif, false); 2235 WARN_ONCE(ret && 2236 !test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, 2237 &mvm->status), 2238 "Failed to update SF upon disassociation\n"); 2239 2240 /* 2241 * If we get an assert during the connection (after the 2242 * station has been added, but before the vif is set 2243 * to associated), mac80211 will re-add the station and 2244 * then configure the vif. Since the vif is not 2245 * associated, we would remove the station here and 2246 * this would fail the recovery. 2247 */ 2248 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, 2249 &mvm->status)) { 2250 /* 2251 * Remove AP station now that 2252 * the MAC is unassoc 2253 */ 2254 ret = iwl_mvm_rm_sta_id(mvm, vif, 2255 mvmvif->ap_sta_id); 2256 if (ret) 2257 IWL_ERR(mvm, 2258 "failed to remove AP station\n"); 2259 2260 mvmvif->ap_sta_id = IWL_MVM_INVALID_STA; 2261 } 2262 2263 /* remove quota for this interface */ 2264 ret = iwl_mvm_update_quotas(mvm, false, NULL); 2265 if (ret) 2266 IWL_ERR(mvm, "failed to update quotas\n"); 2267 2268 /* this will take the cleared BSSID from bss_conf */ 2269 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 2270 if (ret) 2271 IWL_ERR(mvm, 2272 "failed to update MAC %pM (clear after unassoc)\n", 2273 vif->addr); 2274 } 2275 2276 /* 2277 * The firmware tracks the MU-MIMO group on its own. 2278 * However, on HW restart we should restore this data. 2279 */ 2280 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 2281 (changes & BSS_CHANGED_MU_GROUPS) && vif->mu_mimo_owner) { 2282 ret = iwl_mvm_update_mu_groups(mvm, vif); 2283 if (ret) 2284 IWL_ERR(mvm, 2285 "failed to update VHT MU_MIMO groups\n"); 2286 } 2287 2288 iwl_mvm_recalc_multicast(mvm); 2289 2290 /* reset rssi values */ 2291 mvmvif->bf_data.ave_beacon_signal = 0; 2292 2293 iwl_mvm_bt_coex_vif_change(mvm); 2294 iwl_mvm_update_smps(mvm, vif, IWL_MVM_SMPS_REQ_TT, 2295 IEEE80211_SMPS_AUTOMATIC); 2296 if (fw_has_capa(&mvm->fw->ucode_capa, 2297 IWL_UCODE_TLV_CAPA_UMAC_SCAN)) 2298 iwl_mvm_config_scan(mvm); 2299 } 2300 2301 if (changes & BSS_CHANGED_BEACON_INFO) { 2302 /* 2303 * We received a beacon from the associated AP so 2304 * remove the session protection. 2305 * A firmware with the new API will remove it automatically. 2306 */ 2307 if (!fw_has_capa(&mvm->fw->ucode_capa, 2308 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) 2309 iwl_mvm_stop_session_protection(mvm, vif); 2310 2311 iwl_mvm_sf_update(mvm, vif, false); 2312 WARN_ON(iwl_mvm_enable_beacon_filter(mvm, vif, 0)); 2313 } 2314 2315 if (changes & (BSS_CHANGED_PS | BSS_CHANGED_P2P_PS | BSS_CHANGED_QOS | 2316 /* 2317 * Send power command on every beacon change, 2318 * because we may have not enabled beacon abort yet. 2319 */ 2320 BSS_CHANGED_BEACON_INFO)) { 2321 ret = iwl_mvm_power_update_mac(mvm); 2322 if (ret) 2323 IWL_ERR(mvm, "failed to update power mode\n"); 2324 } 2325 2326 if (changes & BSS_CHANGED_CQM) { 2327 IWL_DEBUG_MAC80211(mvm, "cqm info_changed\n"); 2328 /* reset cqm events tracking */ 2329 mvmvif->bf_data.last_cqm_event = 0; 2330 if (mvmvif->bf_data.bf_enabled) { 2331 ret = iwl_mvm_enable_beacon_filter(mvm, vif, 0); 2332 if (ret) 2333 IWL_ERR(mvm, 2334 "failed to update CQM thresholds\n"); 2335 } 2336 } 2337 2338 if (changes & BSS_CHANGED_BANDWIDTH) 2339 iwl_mvm_apply_fw_smps_request(vif); 2340 } 2341 2342 static int iwl_mvm_start_ap_ibss(struct ieee80211_hw *hw, 2343 struct ieee80211_vif *vif) 2344 { 2345 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2346 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2347 int ret, i; 2348 2349 mutex_lock(&mvm->mutex); 2350 2351 /* Send the beacon template */ 2352 ret = iwl_mvm_mac_ctxt_beacon_changed(mvm, vif); 2353 if (ret) 2354 goto out_unlock; 2355 2356 /* 2357 * Re-calculate the tsf id, as the leader-follower relations depend on 2358 * the beacon interval, which was not known when the AP interface 2359 * was added. 2360 */ 2361 if (vif->type == NL80211_IFTYPE_AP) 2362 iwl_mvm_mac_ctxt_recalc_tsf_id(mvm, vif); 2363 2364 mvmvif->ap_assoc_sta_count = 0; 2365 2366 /* Add the mac context */ 2367 ret = iwl_mvm_mac_ctxt_add(mvm, vif); 2368 if (ret) 2369 goto out_unlock; 2370 2371 /* Perform the binding */ 2372 ret = iwl_mvm_binding_add_vif(mvm, vif); 2373 if (ret) 2374 goto out_remove; 2375 2376 /* 2377 * This is not very nice, but the simplest: 2378 * For older FWs adding the mcast sta before the bcast station may 2379 * cause assert 0x2b00. 2380 * This is fixed in later FW so make the order of removal depend on 2381 * the TLV 2382 */ 2383 if (fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE)) { 2384 ret = iwl_mvm_add_mcast_sta(mvm, vif); 2385 if (ret) 2386 goto out_unbind; 2387 /* 2388 * Send the bcast station. At this stage the TBTT and DTIM time 2389 * events are added and applied to the scheduler 2390 */ 2391 ret = iwl_mvm_send_add_bcast_sta(mvm, vif); 2392 if (ret) { 2393 iwl_mvm_rm_mcast_sta(mvm, vif); 2394 goto out_unbind; 2395 } 2396 } else { 2397 /* 2398 * Send the bcast station. At this stage the TBTT and DTIM time 2399 * events are added and applied to the scheduler 2400 */ 2401 ret = iwl_mvm_send_add_bcast_sta(mvm, vif); 2402 if (ret) 2403 goto out_unbind; 2404 ret = iwl_mvm_add_mcast_sta(mvm, vif); 2405 if (ret) { 2406 iwl_mvm_send_rm_bcast_sta(mvm, vif); 2407 goto out_unbind; 2408 } 2409 } 2410 2411 /* must be set before quota calculations */ 2412 mvmvif->ap_ibss_active = true; 2413 2414 /* send all the early keys to the device now */ 2415 for (i = 0; i < ARRAY_SIZE(mvmvif->ap_early_keys); i++) { 2416 struct ieee80211_key_conf *key = mvmvif->ap_early_keys[i]; 2417 2418 if (!key) 2419 continue; 2420 2421 mvmvif->ap_early_keys[i] = NULL; 2422 2423 ret = __iwl_mvm_mac_set_key(hw, SET_KEY, vif, NULL, key); 2424 if (ret) 2425 goto out_quota_failed; 2426 } 2427 2428 if (vif->type == NL80211_IFTYPE_AP && !vif->p2p) { 2429 iwl_mvm_vif_set_low_latency(mvmvif, true, 2430 LOW_LATENCY_VIF_TYPE); 2431 iwl_mvm_send_low_latency_cmd(mvm, true, mvmvif->id); 2432 } 2433 2434 /* power updated needs to be done before quotas */ 2435 iwl_mvm_power_update_mac(mvm); 2436 2437 ret = iwl_mvm_update_quotas(mvm, false, NULL); 2438 if (ret) 2439 goto out_quota_failed; 2440 2441 /* Need to update the P2P Device MAC (only GO, IBSS is single vif) */ 2442 if (vif->p2p && mvm->p2p_device_vif) 2443 iwl_mvm_mac_ctxt_changed(mvm, mvm->p2p_device_vif, false, NULL); 2444 2445 iwl_mvm_bt_coex_vif_change(mvm); 2446 2447 /* we don't support TDLS during DCM */ 2448 if (iwl_mvm_phy_ctx_count(mvm) > 1) 2449 iwl_mvm_teardown_tdls_peers(mvm); 2450 2451 iwl_mvm_ftm_restart_responder(mvm, vif); 2452 2453 goto out_unlock; 2454 2455 out_quota_failed: 2456 iwl_mvm_power_update_mac(mvm); 2457 mvmvif->ap_ibss_active = false; 2458 iwl_mvm_send_rm_bcast_sta(mvm, vif); 2459 iwl_mvm_rm_mcast_sta(mvm, vif); 2460 out_unbind: 2461 iwl_mvm_binding_remove_vif(mvm, vif); 2462 out_remove: 2463 iwl_mvm_mac_ctxt_remove(mvm, vif); 2464 out_unlock: 2465 mutex_unlock(&mvm->mutex); 2466 return ret; 2467 } 2468 2469 static void iwl_mvm_stop_ap_ibss(struct ieee80211_hw *hw, 2470 struct ieee80211_vif *vif) 2471 { 2472 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2473 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2474 2475 iwl_mvm_prepare_mac_removal(mvm, vif); 2476 2477 mutex_lock(&mvm->mutex); 2478 2479 /* Handle AP stop while in CSA */ 2480 if (rcu_access_pointer(mvm->csa_vif) == vif) { 2481 iwl_mvm_remove_time_event(mvm, mvmvif, 2482 &mvmvif->time_event_data); 2483 RCU_INIT_POINTER(mvm->csa_vif, NULL); 2484 mvmvif->csa_countdown = false; 2485 } 2486 2487 if (rcu_access_pointer(mvm->csa_tx_blocked_vif) == vif) { 2488 RCU_INIT_POINTER(mvm->csa_tx_blocked_vif, NULL); 2489 mvm->csa_tx_block_bcn_timeout = 0; 2490 } 2491 2492 mvmvif->ap_ibss_active = false; 2493 mvm->ap_last_beacon_gp2 = 0; 2494 2495 if (vif->type == NL80211_IFTYPE_AP && !vif->p2p) { 2496 iwl_mvm_vif_set_low_latency(mvmvif, false, 2497 LOW_LATENCY_VIF_TYPE); 2498 iwl_mvm_send_low_latency_cmd(mvm, false, mvmvif->id); 2499 } 2500 2501 iwl_mvm_bt_coex_vif_change(mvm); 2502 2503 /* Need to update the P2P Device MAC (only GO, IBSS is single vif) */ 2504 if (vif->p2p && mvm->p2p_device_vif) 2505 iwl_mvm_mac_ctxt_changed(mvm, mvm->p2p_device_vif, false, NULL); 2506 2507 iwl_mvm_update_quotas(mvm, false, NULL); 2508 2509 iwl_mvm_ftm_responder_clear(mvm, vif); 2510 2511 /* 2512 * This is not very nice, but the simplest: 2513 * For older FWs removing the mcast sta before the bcast station may 2514 * cause assert 0x2b00. 2515 * This is fixed in later FW (which will stop beaconing when removing 2516 * bcast station). 2517 * So make the order of removal depend on the TLV 2518 */ 2519 if (!fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE)) 2520 iwl_mvm_rm_mcast_sta(mvm, vif); 2521 iwl_mvm_send_rm_bcast_sta(mvm, vif); 2522 if (fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE)) 2523 iwl_mvm_rm_mcast_sta(mvm, vif); 2524 iwl_mvm_binding_remove_vif(mvm, vif); 2525 2526 iwl_mvm_power_update_mac(mvm); 2527 2528 iwl_mvm_mac_ctxt_remove(mvm, vif); 2529 2530 mutex_unlock(&mvm->mutex); 2531 } 2532 2533 static void 2534 iwl_mvm_bss_info_changed_ap_ibss(struct iwl_mvm *mvm, 2535 struct ieee80211_vif *vif, 2536 struct ieee80211_bss_conf *bss_conf, 2537 u32 changes) 2538 { 2539 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2540 2541 /* Changes will be applied when the AP/IBSS is started */ 2542 if (!mvmvif->ap_ibss_active) 2543 return; 2544 2545 if (changes & (BSS_CHANGED_ERP_CTS_PROT | BSS_CHANGED_HT | 2546 BSS_CHANGED_BANDWIDTH | BSS_CHANGED_QOS) && 2547 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL)) 2548 IWL_ERR(mvm, "failed to update MAC %pM\n", vif->addr); 2549 2550 /* Need to send a new beacon template to the FW */ 2551 if (changes & BSS_CHANGED_BEACON && 2552 iwl_mvm_mac_ctxt_beacon_changed(mvm, vif)) 2553 IWL_WARN(mvm, "Failed updating beacon data\n"); 2554 2555 if (changes & BSS_CHANGED_FTM_RESPONDER) { 2556 int ret = iwl_mvm_ftm_start_responder(mvm, vif); 2557 2558 if (ret) 2559 IWL_WARN(mvm, "Failed to enable FTM responder (%d)\n", 2560 ret); 2561 } 2562 2563 } 2564 2565 static void iwl_mvm_bss_info_changed(struct ieee80211_hw *hw, 2566 struct ieee80211_vif *vif, 2567 struct ieee80211_bss_conf *bss_conf, 2568 u32 changes) 2569 { 2570 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2571 2572 mutex_lock(&mvm->mutex); 2573 2574 if (changes & BSS_CHANGED_IDLE && !bss_conf->idle) 2575 iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, true); 2576 2577 switch (vif->type) { 2578 case NL80211_IFTYPE_STATION: 2579 iwl_mvm_bss_info_changed_station(mvm, vif, bss_conf, changes); 2580 break; 2581 case NL80211_IFTYPE_AP: 2582 case NL80211_IFTYPE_ADHOC: 2583 iwl_mvm_bss_info_changed_ap_ibss(mvm, vif, bss_conf, changes); 2584 break; 2585 case NL80211_IFTYPE_MONITOR: 2586 if (changes & BSS_CHANGED_MU_GROUPS) 2587 iwl_mvm_update_mu_groups(mvm, vif); 2588 break; 2589 default: 2590 /* shouldn't happen */ 2591 WARN_ON_ONCE(1); 2592 } 2593 2594 if (changes & BSS_CHANGED_TXPOWER) { 2595 IWL_DEBUG_CALIB(mvm, "Changing TX Power to %d dBm\n", 2596 bss_conf->txpower); 2597 iwl_mvm_set_tx_power(mvm, vif, bss_conf->txpower); 2598 } 2599 2600 mutex_unlock(&mvm->mutex); 2601 } 2602 2603 static int iwl_mvm_mac_hw_scan(struct ieee80211_hw *hw, 2604 struct ieee80211_vif *vif, 2605 struct ieee80211_scan_request *hw_req) 2606 { 2607 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2608 int ret; 2609 2610 if (hw_req->req.n_channels == 0 || 2611 hw_req->req.n_channels > mvm->fw->ucode_capa.n_scan_channels) 2612 return -EINVAL; 2613 2614 mutex_lock(&mvm->mutex); 2615 ret = iwl_mvm_reg_scan_start(mvm, vif, &hw_req->req, &hw_req->ies); 2616 mutex_unlock(&mvm->mutex); 2617 2618 return ret; 2619 } 2620 2621 static void iwl_mvm_mac_cancel_hw_scan(struct ieee80211_hw *hw, 2622 struct ieee80211_vif *vif) 2623 { 2624 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2625 2626 mutex_lock(&mvm->mutex); 2627 2628 /* Due to a race condition, it's possible that mac80211 asks 2629 * us to stop a hw_scan when it's already stopped. This can 2630 * happen, for instance, if we stopped the scan ourselves, 2631 * called ieee80211_scan_completed() and the userspace called 2632 * cancel scan scan before ieee80211_scan_work() could run. 2633 * To handle that, simply return if the scan is not running. 2634 */ 2635 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR) 2636 iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR, true); 2637 2638 mutex_unlock(&mvm->mutex); 2639 } 2640 2641 static void 2642 iwl_mvm_mac_allow_buffered_frames(struct ieee80211_hw *hw, 2643 struct ieee80211_sta *sta, u16 tids, 2644 int num_frames, 2645 enum ieee80211_frame_release_type reason, 2646 bool more_data) 2647 { 2648 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2649 2650 /* Called when we need to transmit (a) frame(s) from mac80211 */ 2651 2652 iwl_mvm_sta_modify_sleep_tx_count(mvm, sta, reason, num_frames, 2653 tids, more_data, false); 2654 } 2655 2656 static void 2657 iwl_mvm_mac_release_buffered_frames(struct ieee80211_hw *hw, 2658 struct ieee80211_sta *sta, u16 tids, 2659 int num_frames, 2660 enum ieee80211_frame_release_type reason, 2661 bool more_data) 2662 { 2663 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2664 2665 /* Called when we need to transmit (a) frame(s) from agg or dqa queue */ 2666 2667 iwl_mvm_sta_modify_sleep_tx_count(mvm, sta, reason, num_frames, 2668 tids, more_data, true); 2669 } 2670 2671 static void __iwl_mvm_mac_sta_notify(struct ieee80211_hw *hw, 2672 enum sta_notify_cmd cmd, 2673 struct ieee80211_sta *sta) 2674 { 2675 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2676 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 2677 unsigned long txqs = 0, tids = 0; 2678 int tid; 2679 2680 /* 2681 * If we have TVQM then we get too high queue numbers - luckily 2682 * we really shouldn't get here with that because such hardware 2683 * should have firmware supporting buffer station offload. 2684 */ 2685 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm))) 2686 return; 2687 2688 spin_lock_bh(&mvmsta->lock); 2689 for (tid = 0; tid < ARRAY_SIZE(mvmsta->tid_data); tid++) { 2690 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid]; 2691 2692 if (tid_data->txq_id == IWL_MVM_INVALID_QUEUE) 2693 continue; 2694 2695 __set_bit(tid_data->txq_id, &txqs); 2696 2697 if (iwl_mvm_tid_queued(mvm, tid_data) == 0) 2698 continue; 2699 2700 __set_bit(tid, &tids); 2701 } 2702 2703 switch (cmd) { 2704 case STA_NOTIFY_SLEEP: 2705 for_each_set_bit(tid, &tids, IWL_MAX_TID_COUNT) 2706 ieee80211_sta_set_buffered(sta, tid, true); 2707 2708 if (txqs) 2709 iwl_trans_freeze_txq_timer(mvm->trans, txqs, true); 2710 /* 2711 * The fw updates the STA to be asleep. Tx packets on the Tx 2712 * queues to this station will not be transmitted. The fw will 2713 * send a Tx response with TX_STATUS_FAIL_DEST_PS. 2714 */ 2715 break; 2716 case STA_NOTIFY_AWAKE: 2717 if (WARN_ON(mvmsta->sta_id == IWL_MVM_INVALID_STA)) 2718 break; 2719 2720 if (txqs) 2721 iwl_trans_freeze_txq_timer(mvm->trans, txqs, false); 2722 iwl_mvm_sta_modify_ps_wake(mvm, sta); 2723 break; 2724 default: 2725 break; 2726 } 2727 spin_unlock_bh(&mvmsta->lock); 2728 } 2729 2730 static void iwl_mvm_mac_sta_notify(struct ieee80211_hw *hw, 2731 struct ieee80211_vif *vif, 2732 enum sta_notify_cmd cmd, 2733 struct ieee80211_sta *sta) 2734 { 2735 __iwl_mvm_mac_sta_notify(hw, cmd, sta); 2736 } 2737 2738 void iwl_mvm_sta_pm_notif(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb) 2739 { 2740 struct iwl_rx_packet *pkt = rxb_addr(rxb); 2741 struct iwl_mvm_pm_state_notification *notif = (void *)pkt->data; 2742 struct ieee80211_sta *sta; 2743 struct iwl_mvm_sta *mvmsta; 2744 bool sleeping = (notif->type != IWL_MVM_PM_EVENT_AWAKE); 2745 2746 if (WARN_ON(notif->sta_id >= mvm->fw->ucode_capa.num_stations)) 2747 return; 2748 2749 rcu_read_lock(); 2750 sta = rcu_dereference(mvm->fw_id_to_mac_id[notif->sta_id]); 2751 if (WARN_ON(IS_ERR_OR_NULL(sta))) { 2752 rcu_read_unlock(); 2753 return; 2754 } 2755 2756 mvmsta = iwl_mvm_sta_from_mac80211(sta); 2757 2758 if (!mvmsta->vif || 2759 mvmsta->vif->type != NL80211_IFTYPE_AP) { 2760 rcu_read_unlock(); 2761 return; 2762 } 2763 2764 if (mvmsta->sleeping != sleeping) { 2765 mvmsta->sleeping = sleeping; 2766 __iwl_mvm_mac_sta_notify(mvm->hw, 2767 sleeping ? STA_NOTIFY_SLEEP : STA_NOTIFY_AWAKE, 2768 sta); 2769 ieee80211_sta_ps_transition(sta, sleeping); 2770 } 2771 2772 if (sleeping) { 2773 switch (notif->type) { 2774 case IWL_MVM_PM_EVENT_AWAKE: 2775 case IWL_MVM_PM_EVENT_ASLEEP: 2776 break; 2777 case IWL_MVM_PM_EVENT_UAPSD: 2778 ieee80211_sta_uapsd_trigger(sta, IEEE80211_NUM_TIDS); 2779 break; 2780 case IWL_MVM_PM_EVENT_PS_POLL: 2781 ieee80211_sta_pspoll(sta); 2782 break; 2783 default: 2784 break; 2785 } 2786 } 2787 2788 rcu_read_unlock(); 2789 } 2790 2791 static void iwl_mvm_sta_pre_rcu_remove(struct ieee80211_hw *hw, 2792 struct ieee80211_vif *vif, 2793 struct ieee80211_sta *sta) 2794 { 2795 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2796 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta); 2797 2798 /* 2799 * This is called before mac80211 does RCU synchronisation, 2800 * so here we already invalidate our internal RCU-protected 2801 * station pointer. The rest of the code will thus no longer 2802 * be able to find the station this way, and we don't rely 2803 * on further RCU synchronisation after the sta_state() 2804 * callback deleted the station. 2805 */ 2806 mutex_lock(&mvm->mutex); 2807 if (sta == rcu_access_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id])) 2808 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id], 2809 ERR_PTR(-ENOENT)); 2810 2811 mutex_unlock(&mvm->mutex); 2812 } 2813 2814 static void iwl_mvm_check_uapsd(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 2815 const u8 *bssid) 2816 { 2817 int i; 2818 2819 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) { 2820 struct iwl_mvm_tcm_mac *mdata; 2821 2822 mdata = &mvm->tcm.data[iwl_mvm_vif_from_mac80211(vif)->id]; 2823 ewma_rate_init(&mdata->uapsd_nonagg_detect.rate); 2824 mdata->opened_rx_ba_sessions = false; 2825 } 2826 2827 if (!(mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_UAPSD_SUPPORT)) 2828 return; 2829 2830 if (vif->p2p && !iwl_mvm_is_p2p_scm_uapsd_supported(mvm)) { 2831 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD; 2832 return; 2833 } 2834 2835 if (!vif->p2p && 2836 (iwlwifi_mod_params.uapsd_disable & IWL_DISABLE_UAPSD_BSS)) { 2837 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD; 2838 return; 2839 } 2840 2841 for (i = 0; i < IWL_MVM_UAPSD_NOAGG_LIST_LEN; i++) { 2842 if (ether_addr_equal(mvm->uapsd_noagg_bssids[i].addr, bssid)) { 2843 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD; 2844 return; 2845 } 2846 } 2847 2848 vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD; 2849 } 2850 2851 static void 2852 iwl_mvm_tdls_check_trigger(struct iwl_mvm *mvm, 2853 struct ieee80211_vif *vif, u8 *peer_addr, 2854 enum nl80211_tdls_operation action) 2855 { 2856 struct iwl_fw_dbg_trigger_tlv *trig; 2857 struct iwl_fw_dbg_trigger_tdls *tdls_trig; 2858 2859 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif), 2860 FW_DBG_TRIGGER_TDLS); 2861 if (!trig) 2862 return; 2863 2864 tdls_trig = (void *)trig->data; 2865 2866 if (!(tdls_trig->action_bitmap & BIT(action))) 2867 return; 2868 2869 if (tdls_trig->peer_mode && 2870 memcmp(tdls_trig->peer, peer_addr, ETH_ALEN) != 0) 2871 return; 2872 2873 iwl_fw_dbg_collect_trig(&mvm->fwrt, trig, 2874 "TDLS event occurred, peer %pM, action %d", 2875 peer_addr, action); 2876 } 2877 2878 struct iwl_mvm_he_obss_narrow_bw_ru_data { 2879 bool tolerated; 2880 }; 2881 2882 static void iwl_mvm_check_he_obss_narrow_bw_ru_iter(struct wiphy *wiphy, 2883 struct cfg80211_bss *bss, 2884 void *_data) 2885 { 2886 struct iwl_mvm_he_obss_narrow_bw_ru_data *data = _data; 2887 const struct cfg80211_bss_ies *ies; 2888 const struct element *elem; 2889 2890 rcu_read_lock(); 2891 ies = rcu_dereference(bss->ies); 2892 elem = cfg80211_find_elem(WLAN_EID_EXT_CAPABILITY, ies->data, 2893 ies->len); 2894 2895 if (!elem || elem->datalen < 10 || 2896 !(elem->data[10] & 2897 WLAN_EXT_CAPA10_OBSS_NARROW_BW_RU_TOLERANCE_SUPPORT)) { 2898 data->tolerated = false; 2899 } 2900 rcu_read_unlock(); 2901 } 2902 2903 static void iwl_mvm_check_he_obss_narrow_bw_ru(struct ieee80211_hw *hw, 2904 struct ieee80211_vif *vif) 2905 { 2906 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2907 struct iwl_mvm_he_obss_narrow_bw_ru_data iter_data = { 2908 .tolerated = true, 2909 }; 2910 2911 if (!(vif->bss_conf.chandef.chan->flags & IEEE80211_CHAN_RADAR)) { 2912 mvmvif->he_ru_2mhz_block = false; 2913 return; 2914 } 2915 2916 cfg80211_bss_iter(hw->wiphy, &vif->bss_conf.chandef, 2917 iwl_mvm_check_he_obss_narrow_bw_ru_iter, 2918 &iter_data); 2919 2920 /* 2921 * If there is at least one AP on radar channel that cannot 2922 * tolerate 26-tone RU UL OFDMA transmissions using HE TB PPDU. 2923 */ 2924 mvmvif->he_ru_2mhz_block = !iter_data.tolerated; 2925 } 2926 2927 static void iwl_mvm_reset_cca_40mhz_workaround(struct iwl_mvm *mvm, 2928 struct ieee80211_vif *vif) 2929 { 2930 struct ieee80211_supported_band *sband; 2931 const struct ieee80211_sta_he_cap *he_cap; 2932 2933 if (vif->type != NL80211_IFTYPE_STATION) 2934 return; 2935 2936 if (!mvm->cca_40mhz_workaround) 2937 return; 2938 2939 /* decrement and check that we reached zero */ 2940 mvm->cca_40mhz_workaround--; 2941 if (mvm->cca_40mhz_workaround) 2942 return; 2943 2944 sband = mvm->hw->wiphy->bands[NL80211_BAND_2GHZ]; 2945 2946 sband->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40; 2947 2948 he_cap = ieee80211_get_he_iftype_cap(sband, 2949 ieee80211_vif_type_p2p(vif)); 2950 2951 if (he_cap) { 2952 /* we know that ours is writable */ 2953 struct ieee80211_sta_he_cap *he = (void *)he_cap; 2954 2955 he->he_cap_elem.phy_cap_info[0] |= 2956 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G; 2957 } 2958 } 2959 2960 static void iwl_mvm_mei_host_associated(struct iwl_mvm *mvm, 2961 struct ieee80211_vif *vif, 2962 struct iwl_mvm_sta *mvm_sta) 2963 { 2964 #if IS_ENABLED(CONFIG_IWLMEI) 2965 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2966 struct iwl_mei_conn_info conn_info = { 2967 .ssid_len = vif->bss_conf.ssid_len, 2968 .channel = vif->bss_conf.chandef.chan->hw_value, 2969 }; 2970 2971 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) 2972 return; 2973 2974 if (!mvm->mei_registered) 2975 return; 2976 2977 switch (mvm_sta->pairwise_cipher) { 2978 case WLAN_CIPHER_SUITE_CCMP: 2979 conn_info.pairwise_cipher = IWL_MEI_CIPHER_CCMP; 2980 break; 2981 case WLAN_CIPHER_SUITE_GCMP: 2982 conn_info.pairwise_cipher = IWL_MEI_CIPHER_GCMP; 2983 break; 2984 case WLAN_CIPHER_SUITE_GCMP_256: 2985 conn_info.pairwise_cipher = IWL_MEI_CIPHER_GCMP_256; 2986 break; 2987 case 0: 2988 /* open profile */ 2989 break; 2990 default: 2991 /* cipher not supported, don't send anything to iwlmei */ 2992 return; 2993 } 2994 2995 switch (mvmvif->rekey_data.akm) { 2996 case WLAN_AKM_SUITE_SAE & 0xff: 2997 conn_info.auth_mode = IWL_MEI_AKM_AUTH_SAE; 2998 break; 2999 case WLAN_AKM_SUITE_PSK & 0xff: 3000 conn_info.auth_mode = IWL_MEI_AKM_AUTH_RSNA_PSK; 3001 break; 3002 case WLAN_AKM_SUITE_8021X & 0xff: 3003 conn_info.auth_mode = IWL_MEI_AKM_AUTH_RSNA; 3004 break; 3005 case 0: 3006 /* open profile */ 3007 conn_info.auth_mode = IWL_MEI_AKM_AUTH_OPEN; 3008 break; 3009 default: 3010 /* auth method / AKM not supported */ 3011 /* TODO: All the FT vesions of these? */ 3012 return; 3013 } 3014 3015 memcpy(conn_info.ssid, vif->bss_conf.ssid, vif->bss_conf.ssid_len); 3016 memcpy(conn_info.bssid, vif->bss_conf.bssid, ETH_ALEN); 3017 3018 /* TODO: add support for collocated AP data */ 3019 iwl_mei_host_associated(&conn_info, NULL); 3020 #endif 3021 } 3022 3023 static int iwl_mvm_mac_sta_state(struct ieee80211_hw *hw, 3024 struct ieee80211_vif *vif, 3025 struct ieee80211_sta *sta, 3026 enum ieee80211_sta_state old_state, 3027 enum ieee80211_sta_state new_state) 3028 { 3029 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3030 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3031 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta); 3032 int ret; 3033 3034 IWL_DEBUG_MAC80211(mvm, "station %pM state change %d->%d\n", 3035 sta->addr, old_state, new_state); 3036 3037 /* this would be a mac80211 bug ... but don't crash */ 3038 if (WARN_ON_ONCE(!mvmvif->phy_ctxt)) 3039 return test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status) ? 0 : -EINVAL; 3040 3041 /* 3042 * If we are in a STA removal flow and in DQA mode: 3043 * 3044 * This is after the sync_rcu part, so the queues have already been 3045 * flushed. No more TXs on their way in mac80211's path, and no more in 3046 * the queues. 3047 * Also, we won't be getting any new TX frames for this station. 3048 * What we might have are deferred TX frames that need to be taken care 3049 * of. 3050 * 3051 * Drop any still-queued deferred-frame before removing the STA, and 3052 * make sure the worker is no longer handling frames for this STA. 3053 */ 3054 if (old_state == IEEE80211_STA_NONE && 3055 new_state == IEEE80211_STA_NOTEXIST) { 3056 flush_work(&mvm->add_stream_wk); 3057 3058 /* 3059 * No need to make sure deferred TX indication is off since the 3060 * worker will already remove it if it was on 3061 */ 3062 3063 /* 3064 * Additionally, reset the 40 MHz capability if we disconnected 3065 * from the AP now. 3066 */ 3067 iwl_mvm_reset_cca_40mhz_workaround(mvm, vif); 3068 } 3069 3070 mutex_lock(&mvm->mutex); 3071 /* track whether or not the station is associated */ 3072 mvm_sta->sta_state = new_state; 3073 3074 if (old_state == IEEE80211_STA_NOTEXIST && 3075 new_state == IEEE80211_STA_NONE) { 3076 /* 3077 * Firmware bug - it'll crash if the beacon interval is less 3078 * than 16. We can't avoid connecting at all, so refuse the 3079 * station state change, this will cause mac80211 to abandon 3080 * attempts to connect to this AP, and eventually wpa_s will 3081 * blocklist the AP... 3082 */ 3083 if (vif->type == NL80211_IFTYPE_STATION && 3084 vif->bss_conf.beacon_int < 16) { 3085 IWL_ERR(mvm, 3086 "AP %pM beacon interval is %d, refusing due to firmware bug!\n", 3087 sta->addr, vif->bss_conf.beacon_int); 3088 ret = -EINVAL; 3089 goto out_unlock; 3090 } 3091 3092 if (vif->type == NL80211_IFTYPE_STATION) 3093 vif->bss_conf.he_support = sta->he_cap.has_he; 3094 3095 if (sta->tdls && 3096 (vif->p2p || 3097 iwl_mvm_tdls_sta_count(mvm, NULL) == 3098 IWL_MVM_TDLS_STA_COUNT || 3099 iwl_mvm_phy_ctx_count(mvm) > 1)) { 3100 IWL_DEBUG_MAC80211(mvm, "refusing TDLS sta\n"); 3101 ret = -EBUSY; 3102 goto out_unlock; 3103 } 3104 3105 ret = iwl_mvm_add_sta(mvm, vif, sta); 3106 if (sta->tdls && ret == 0) { 3107 iwl_mvm_recalc_tdls_state(mvm, vif, true); 3108 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr, 3109 NL80211_TDLS_SETUP); 3110 } 3111 3112 sta->max_rc_amsdu_len = 1; 3113 } else if (old_state == IEEE80211_STA_NONE && 3114 new_state == IEEE80211_STA_AUTH) { 3115 /* 3116 * EBS may be disabled due to previous failures reported by FW. 3117 * Reset EBS status here assuming environment has been changed. 3118 */ 3119 mvm->last_ebs_successful = true; 3120 iwl_mvm_check_uapsd(mvm, vif, sta->addr); 3121 ret = 0; 3122 } else if (old_state == IEEE80211_STA_AUTH && 3123 new_state == IEEE80211_STA_ASSOC) { 3124 if (vif->type == NL80211_IFTYPE_AP) { 3125 vif->bss_conf.he_support = sta->he_cap.has_he; 3126 mvmvif->ap_assoc_sta_count++; 3127 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3128 if (vif->bss_conf.he_support && 3129 !iwlwifi_mod_params.disable_11ax) 3130 iwl_mvm_cfg_he_sta(mvm, vif, mvm_sta->sta_id); 3131 } else if (vif->type == NL80211_IFTYPE_STATION) { 3132 vif->bss_conf.he_support = sta->he_cap.has_he; 3133 3134 mvmvif->he_ru_2mhz_block = false; 3135 if (sta->he_cap.has_he) 3136 iwl_mvm_check_he_obss_narrow_bw_ru(hw, vif); 3137 3138 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3139 } 3140 3141 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band, 3142 false); 3143 ret = iwl_mvm_update_sta(mvm, vif, sta); 3144 } else if (old_state == IEEE80211_STA_ASSOC && 3145 new_state == IEEE80211_STA_AUTHORIZED) { 3146 ret = 0; 3147 3148 /* we don't support TDLS during DCM */ 3149 if (iwl_mvm_phy_ctx_count(mvm) > 1) 3150 iwl_mvm_teardown_tdls_peers(mvm); 3151 3152 if (sta->tdls) { 3153 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr, 3154 NL80211_TDLS_ENABLE_LINK); 3155 } else { 3156 /* enable beacon filtering */ 3157 WARN_ON(iwl_mvm_enable_beacon_filter(mvm, vif, 0)); 3158 3159 mvmvif->authorized = 1; 3160 3161 /* 3162 * Now that the station is authorized, i.e., keys were already 3163 * installed, need to indicate to the FW that 3164 * multicast data frames can be forwarded to the driver 3165 */ 3166 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3167 iwl_mvm_mei_host_associated(mvm, vif, mvm_sta); 3168 } 3169 3170 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band, 3171 true); 3172 } else if (old_state == IEEE80211_STA_AUTHORIZED && 3173 new_state == IEEE80211_STA_ASSOC) { 3174 /* once we move into assoc state, need to update rate scale to 3175 * disable using wide bandwidth 3176 */ 3177 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band, 3178 false); 3179 if (!sta->tdls) { 3180 /* Multicast data frames are no longer allowed */ 3181 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3182 3183 /* 3184 * Set this after the above iwl_mvm_mac_ctxt_changed() 3185 * to avoid sending high prio again for a little time. 3186 */ 3187 mvmvif->authorized = 0; 3188 3189 /* disable beacon filtering */ 3190 ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0); 3191 WARN_ON(ret && 3192 !test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, 3193 &mvm->status)); 3194 } 3195 ret = 0; 3196 } else if (old_state == IEEE80211_STA_ASSOC && 3197 new_state == IEEE80211_STA_AUTH) { 3198 if (vif->type == NL80211_IFTYPE_AP) { 3199 mvmvif->ap_assoc_sta_count--; 3200 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3201 } else if (vif->type == NL80211_IFTYPE_STATION && !sta->tdls) 3202 iwl_mvm_stop_session_protection(mvm, vif); 3203 ret = 0; 3204 } else if (old_state == IEEE80211_STA_AUTH && 3205 new_state == IEEE80211_STA_NONE) { 3206 ret = 0; 3207 } else if (old_state == IEEE80211_STA_NONE && 3208 new_state == IEEE80211_STA_NOTEXIST) { 3209 if (vif->type == NL80211_IFTYPE_STATION && !sta->tdls) 3210 iwl_mvm_stop_session_protection(mvm, vif); 3211 ret = iwl_mvm_rm_sta(mvm, vif, sta); 3212 if (sta->tdls) { 3213 iwl_mvm_recalc_tdls_state(mvm, vif, false); 3214 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr, 3215 NL80211_TDLS_DISABLE_LINK); 3216 } 3217 3218 if (unlikely(ret && 3219 test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, 3220 &mvm->status))) 3221 ret = 0; 3222 } else { 3223 ret = -EIO; 3224 } 3225 out_unlock: 3226 mutex_unlock(&mvm->mutex); 3227 3228 if (sta->tdls && ret == 0) { 3229 if (old_state == IEEE80211_STA_NOTEXIST && 3230 new_state == IEEE80211_STA_NONE) 3231 ieee80211_reserve_tid(sta, IWL_MVM_TDLS_FW_TID); 3232 else if (old_state == IEEE80211_STA_NONE && 3233 new_state == IEEE80211_STA_NOTEXIST) 3234 ieee80211_unreserve_tid(sta, IWL_MVM_TDLS_FW_TID); 3235 } 3236 3237 return ret; 3238 } 3239 3240 static int iwl_mvm_mac_set_rts_threshold(struct ieee80211_hw *hw, u32 value) 3241 { 3242 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3243 3244 mvm->rts_threshold = value; 3245 3246 return 0; 3247 } 3248 3249 static void iwl_mvm_sta_rc_update(struct ieee80211_hw *hw, 3250 struct ieee80211_vif *vif, 3251 struct ieee80211_sta *sta, u32 changed) 3252 { 3253 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3254 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3255 3256 if (changed & (IEEE80211_RC_BW_CHANGED | 3257 IEEE80211_RC_SUPP_RATES_CHANGED | 3258 IEEE80211_RC_NSS_CHANGED)) 3259 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band, 3260 true); 3261 3262 if (vif->type == NL80211_IFTYPE_STATION && 3263 changed & IEEE80211_RC_NSS_CHANGED) 3264 iwl_mvm_sf_update(mvm, vif, false); 3265 } 3266 3267 static int iwl_mvm_mac_conf_tx(struct ieee80211_hw *hw, 3268 struct ieee80211_vif *vif, u16 ac, 3269 const struct ieee80211_tx_queue_params *params) 3270 { 3271 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3272 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3273 3274 mvmvif->queue_params[ac] = *params; 3275 3276 /* 3277 * No need to update right away, we'll get BSS_CHANGED_QOS 3278 * The exception is P2P_DEVICE interface which needs immediate update. 3279 */ 3280 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 3281 int ret; 3282 3283 mutex_lock(&mvm->mutex); 3284 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3285 mutex_unlock(&mvm->mutex); 3286 return ret; 3287 } 3288 return 0; 3289 } 3290 3291 static void iwl_mvm_mac_mgd_prepare_tx(struct ieee80211_hw *hw, 3292 struct ieee80211_vif *vif, 3293 struct ieee80211_prep_tx_info *info) 3294 { 3295 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3296 3297 mutex_lock(&mvm->mutex); 3298 iwl_mvm_protect_assoc(mvm, vif, info->duration); 3299 mutex_unlock(&mvm->mutex); 3300 } 3301 3302 static void iwl_mvm_mac_mgd_complete_tx(struct ieee80211_hw *hw, 3303 struct ieee80211_vif *vif, 3304 struct ieee80211_prep_tx_info *info) 3305 { 3306 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3307 3308 /* for successful cases (auth/assoc), don't cancel session protection */ 3309 if (info->success) 3310 return; 3311 3312 mutex_lock(&mvm->mutex); 3313 iwl_mvm_stop_session_protection(mvm, vif); 3314 mutex_unlock(&mvm->mutex); 3315 } 3316 3317 static int iwl_mvm_mac_sched_scan_start(struct ieee80211_hw *hw, 3318 struct ieee80211_vif *vif, 3319 struct cfg80211_sched_scan_request *req, 3320 struct ieee80211_scan_ies *ies) 3321 { 3322 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3323 3324 int ret; 3325 3326 mutex_lock(&mvm->mutex); 3327 3328 if (!vif->bss_conf.idle) { 3329 ret = -EBUSY; 3330 goto out; 3331 } 3332 3333 ret = iwl_mvm_sched_scan_start(mvm, vif, req, ies, IWL_MVM_SCAN_SCHED); 3334 3335 out: 3336 mutex_unlock(&mvm->mutex); 3337 return ret; 3338 } 3339 3340 static int iwl_mvm_mac_sched_scan_stop(struct ieee80211_hw *hw, 3341 struct ieee80211_vif *vif) 3342 { 3343 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3344 int ret; 3345 3346 mutex_lock(&mvm->mutex); 3347 3348 /* Due to a race condition, it's possible that mac80211 asks 3349 * us to stop a sched_scan when it's already stopped. This 3350 * can happen, for instance, if we stopped the scan ourselves, 3351 * called ieee80211_sched_scan_stopped() and the userspace called 3352 * stop sched scan scan before ieee80211_sched_scan_stopped_work() 3353 * could run. To handle this, simply return if the scan is 3354 * not running. 3355 */ 3356 if (!(mvm->scan_status & IWL_MVM_SCAN_SCHED)) { 3357 mutex_unlock(&mvm->mutex); 3358 return 0; 3359 } 3360 3361 ret = iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, false); 3362 mutex_unlock(&mvm->mutex); 3363 iwl_mvm_wait_for_async_handlers(mvm); 3364 3365 return ret; 3366 } 3367 3368 static int __iwl_mvm_mac_set_key(struct ieee80211_hw *hw, 3369 enum set_key_cmd cmd, 3370 struct ieee80211_vif *vif, 3371 struct ieee80211_sta *sta, 3372 struct ieee80211_key_conf *key) 3373 { 3374 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3375 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3376 struct iwl_mvm_sta *mvmsta = NULL; 3377 struct iwl_mvm_key_pn *ptk_pn; 3378 int keyidx = key->keyidx; 3379 int ret, i; 3380 u8 key_offset; 3381 3382 if (sta) 3383 mvmsta = iwl_mvm_sta_from_mac80211(sta); 3384 3385 switch (key->cipher) { 3386 case WLAN_CIPHER_SUITE_TKIP: 3387 if (!mvm->trans->trans_cfg->gen2) { 3388 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 3389 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE; 3390 } else if (vif->type == NL80211_IFTYPE_STATION) { 3391 key->flags |= IEEE80211_KEY_FLAG_PUT_MIC_SPACE; 3392 } else { 3393 IWL_DEBUG_MAC80211(mvm, "Use SW encryption for TKIP\n"); 3394 return -EOPNOTSUPP; 3395 } 3396 break; 3397 case WLAN_CIPHER_SUITE_CCMP: 3398 case WLAN_CIPHER_SUITE_GCMP: 3399 case WLAN_CIPHER_SUITE_GCMP_256: 3400 if (!iwl_mvm_has_new_tx_api(mvm)) 3401 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE; 3402 break; 3403 case WLAN_CIPHER_SUITE_AES_CMAC: 3404 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 3405 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 3406 WARN_ON_ONCE(!ieee80211_hw_check(hw, MFP_CAPABLE)); 3407 break; 3408 case WLAN_CIPHER_SUITE_WEP40: 3409 case WLAN_CIPHER_SUITE_WEP104: 3410 if (vif->type == NL80211_IFTYPE_STATION) 3411 break; 3412 if (iwl_mvm_has_new_tx_api(mvm)) 3413 return -EOPNOTSUPP; 3414 /* support HW crypto on TX */ 3415 return 0; 3416 default: 3417 /* currently FW supports only one optional cipher scheme */ 3418 if (hw->n_cipher_schemes && 3419 hw->cipher_schemes->cipher == key->cipher) 3420 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE; 3421 else 3422 return -EOPNOTSUPP; 3423 } 3424 3425 switch (cmd) { 3426 case SET_KEY: 3427 if (keyidx == 6 || keyidx == 7) 3428 rcu_assign_pointer(mvmvif->bcn_prot.keys[keyidx - 6], 3429 key); 3430 3431 if ((vif->type == NL80211_IFTYPE_ADHOC || 3432 vif->type == NL80211_IFTYPE_AP) && !sta) { 3433 /* 3434 * GTK on AP interface is a TX-only key, return 0; 3435 * on IBSS they're per-station and because we're lazy 3436 * we don't support them for RX, so do the same. 3437 * CMAC/GMAC in AP/IBSS modes must be done in software. 3438 */ 3439 if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC || 3440 key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 || 3441 key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256) { 3442 ret = -EOPNOTSUPP; 3443 break; 3444 } 3445 3446 if (key->cipher != WLAN_CIPHER_SUITE_GCMP && 3447 key->cipher != WLAN_CIPHER_SUITE_GCMP_256 && 3448 !iwl_mvm_has_new_tx_api(mvm)) { 3449 key->hw_key_idx = STA_KEY_IDX_INVALID; 3450 ret = 0; 3451 break; 3452 } 3453 3454 if (!mvmvif->ap_ibss_active) { 3455 for (i = 0; 3456 i < ARRAY_SIZE(mvmvif->ap_early_keys); 3457 i++) { 3458 if (!mvmvif->ap_early_keys[i]) { 3459 mvmvif->ap_early_keys[i] = key; 3460 break; 3461 } 3462 } 3463 3464 if (i >= ARRAY_SIZE(mvmvif->ap_early_keys)) 3465 ret = -ENOSPC; 3466 else 3467 ret = 0; 3468 3469 break; 3470 } 3471 } 3472 3473 /* During FW restart, in order to restore the state as it was, 3474 * don't try to reprogram keys we previously failed for. 3475 */ 3476 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 3477 key->hw_key_idx == STA_KEY_IDX_INVALID) { 3478 IWL_DEBUG_MAC80211(mvm, 3479 "skip invalid idx key programming during restart\n"); 3480 ret = 0; 3481 break; 3482 } 3483 3484 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 3485 mvmsta && iwl_mvm_has_new_rx_api(mvm) && 3486 key->flags & IEEE80211_KEY_FLAG_PAIRWISE && 3487 (key->cipher == WLAN_CIPHER_SUITE_CCMP || 3488 key->cipher == WLAN_CIPHER_SUITE_GCMP || 3489 key->cipher == WLAN_CIPHER_SUITE_GCMP_256)) { 3490 struct ieee80211_key_seq seq; 3491 int tid, q; 3492 3493 WARN_ON(rcu_access_pointer(mvmsta->ptk_pn[keyidx])); 3494 ptk_pn = kzalloc(struct_size(ptk_pn, q, 3495 mvm->trans->num_rx_queues), 3496 GFP_KERNEL); 3497 if (!ptk_pn) { 3498 ret = -ENOMEM; 3499 break; 3500 } 3501 3502 for (tid = 0; tid < IWL_MAX_TID_COUNT; tid++) { 3503 ieee80211_get_key_rx_seq(key, tid, &seq); 3504 for (q = 0; q < mvm->trans->num_rx_queues; q++) 3505 memcpy(ptk_pn->q[q].pn[tid], 3506 seq.ccmp.pn, 3507 IEEE80211_CCMP_PN_LEN); 3508 } 3509 3510 rcu_assign_pointer(mvmsta->ptk_pn[keyidx], ptk_pn); 3511 } 3512 3513 /* in HW restart reuse the index, otherwise request a new one */ 3514 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) 3515 key_offset = key->hw_key_idx; 3516 else 3517 key_offset = STA_KEY_IDX_INVALID; 3518 3519 if (mvmsta && key->flags & IEEE80211_KEY_FLAG_PAIRWISE) 3520 mvmsta->pairwise_cipher = key->cipher; 3521 3522 IWL_DEBUG_MAC80211(mvm, "set hwcrypto key\n"); 3523 ret = iwl_mvm_set_sta_key(mvm, vif, sta, key, key_offset); 3524 if (ret) { 3525 IWL_WARN(mvm, "set key failed\n"); 3526 key->hw_key_idx = STA_KEY_IDX_INVALID; 3527 /* 3528 * can't add key for RX, but we don't need it 3529 * in the device for TX so still return 0, 3530 * unless we have new TX API where we cannot 3531 * put key material into the TX_CMD 3532 */ 3533 if (iwl_mvm_has_new_tx_api(mvm)) 3534 ret = -EOPNOTSUPP; 3535 else 3536 ret = 0; 3537 } 3538 3539 break; 3540 case DISABLE_KEY: 3541 if (keyidx == 6 || keyidx == 7) 3542 RCU_INIT_POINTER(mvmvif->bcn_prot.keys[keyidx - 6], 3543 NULL); 3544 3545 ret = -ENOENT; 3546 for (i = 0; i < ARRAY_SIZE(mvmvif->ap_early_keys); i++) { 3547 if (mvmvif->ap_early_keys[i] == key) { 3548 mvmvif->ap_early_keys[i] = NULL; 3549 ret = 0; 3550 } 3551 } 3552 3553 /* found in pending list - don't do anything else */ 3554 if (ret == 0) 3555 break; 3556 3557 if (key->hw_key_idx == STA_KEY_IDX_INVALID) { 3558 ret = 0; 3559 break; 3560 } 3561 3562 if (mvmsta && iwl_mvm_has_new_rx_api(mvm) && 3563 key->flags & IEEE80211_KEY_FLAG_PAIRWISE && 3564 (key->cipher == WLAN_CIPHER_SUITE_CCMP || 3565 key->cipher == WLAN_CIPHER_SUITE_GCMP || 3566 key->cipher == WLAN_CIPHER_SUITE_GCMP_256)) { 3567 ptk_pn = rcu_dereference_protected( 3568 mvmsta->ptk_pn[keyidx], 3569 lockdep_is_held(&mvm->mutex)); 3570 RCU_INIT_POINTER(mvmsta->ptk_pn[keyidx], NULL); 3571 if (ptk_pn) 3572 kfree_rcu(ptk_pn, rcu_head); 3573 } 3574 3575 IWL_DEBUG_MAC80211(mvm, "disable hwcrypto key\n"); 3576 ret = iwl_mvm_remove_sta_key(mvm, vif, sta, key); 3577 break; 3578 default: 3579 ret = -EINVAL; 3580 } 3581 3582 return ret; 3583 } 3584 3585 static int iwl_mvm_mac_set_key(struct ieee80211_hw *hw, 3586 enum set_key_cmd cmd, 3587 struct ieee80211_vif *vif, 3588 struct ieee80211_sta *sta, 3589 struct ieee80211_key_conf *key) 3590 { 3591 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3592 int ret; 3593 3594 mutex_lock(&mvm->mutex); 3595 ret = __iwl_mvm_mac_set_key(hw, cmd, vif, sta, key); 3596 mutex_unlock(&mvm->mutex); 3597 3598 return ret; 3599 } 3600 3601 static void iwl_mvm_mac_update_tkip_key(struct ieee80211_hw *hw, 3602 struct ieee80211_vif *vif, 3603 struct ieee80211_key_conf *keyconf, 3604 struct ieee80211_sta *sta, 3605 u32 iv32, u16 *phase1key) 3606 { 3607 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3608 3609 if (keyconf->hw_key_idx == STA_KEY_IDX_INVALID) 3610 return; 3611 3612 iwl_mvm_update_tkip_key(mvm, vif, keyconf, sta, iv32, phase1key); 3613 } 3614 3615 3616 static bool iwl_mvm_rx_aux_roc(struct iwl_notif_wait_data *notif_wait, 3617 struct iwl_rx_packet *pkt, void *data) 3618 { 3619 struct iwl_mvm *mvm = 3620 container_of(notif_wait, struct iwl_mvm, notif_wait); 3621 struct iwl_hs20_roc_res *resp; 3622 int resp_len = iwl_rx_packet_payload_len(pkt); 3623 struct iwl_mvm_time_event_data *te_data = data; 3624 3625 if (WARN_ON(pkt->hdr.cmd != HOT_SPOT_CMD)) 3626 return true; 3627 3628 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) { 3629 IWL_ERR(mvm, "Invalid HOT_SPOT_CMD response\n"); 3630 return true; 3631 } 3632 3633 resp = (void *)pkt->data; 3634 3635 IWL_DEBUG_TE(mvm, 3636 "Aux ROC: Received response from ucode: status=%d uid=%d\n", 3637 resp->status, resp->event_unique_id); 3638 3639 te_data->uid = le32_to_cpu(resp->event_unique_id); 3640 IWL_DEBUG_TE(mvm, "TIME_EVENT_CMD response - UID = 0x%x\n", 3641 te_data->uid); 3642 3643 spin_lock_bh(&mvm->time_event_lock); 3644 list_add_tail(&te_data->list, &mvm->aux_roc_te_list); 3645 spin_unlock_bh(&mvm->time_event_lock); 3646 3647 return true; 3648 } 3649 3650 #define AUX_ROC_MIN_DURATION MSEC_TO_TU(100) 3651 #define AUX_ROC_MIN_DELAY MSEC_TO_TU(200) 3652 #define AUX_ROC_MAX_DELAY MSEC_TO_TU(600) 3653 #define AUX_ROC_SAFETY_BUFFER MSEC_TO_TU(20) 3654 #define AUX_ROC_MIN_SAFETY_BUFFER MSEC_TO_TU(10) 3655 static int iwl_mvm_send_aux_roc_cmd(struct iwl_mvm *mvm, 3656 struct ieee80211_channel *channel, 3657 struct ieee80211_vif *vif, 3658 int duration) 3659 { 3660 int res; 3661 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3662 struct iwl_mvm_time_event_data *te_data = &mvmvif->hs_time_event_data; 3663 static const u16 time_event_response[] = { HOT_SPOT_CMD }; 3664 struct iwl_notification_wait wait_time_event; 3665 u32 dtim_interval = vif->bss_conf.dtim_period * 3666 vif->bss_conf.beacon_int; 3667 u32 req_dur, delay; 3668 struct iwl_hs20_roc_req aux_roc_req = { 3669 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 3670 .id_and_color = 3671 cpu_to_le32(FW_CMD_ID_AND_COLOR(MAC_INDEX_AUX, 0)), 3672 .sta_id_and_color = cpu_to_le32(mvm->aux_sta.sta_id), 3673 }; 3674 struct iwl_hs20_roc_req_tail *tail = iwl_mvm_chan_info_cmd_tail(mvm, 3675 &aux_roc_req.channel_info); 3676 u16 len = sizeof(aux_roc_req) - iwl_mvm_chan_info_padding(mvm); 3677 3678 /* Set the channel info data */ 3679 iwl_mvm_set_chan_info(mvm, &aux_roc_req.channel_info, channel->hw_value, 3680 iwl_mvm_phy_band_from_nl80211(channel->band), 3681 PHY_VHT_CHANNEL_MODE20, 3682 0); 3683 3684 /* Set the time and duration */ 3685 tail->apply_time = cpu_to_le32(iwl_mvm_get_systime(mvm)); 3686 3687 delay = AUX_ROC_MIN_DELAY; 3688 req_dur = MSEC_TO_TU(duration); 3689 3690 /* 3691 * If we are associated we want the delay time to be at least one 3692 * dtim interval so that the FW can wait until after the DTIM and 3693 * then start the time event, this will potentially allow us to 3694 * remain off-channel for the max duration. 3695 * Since we want to use almost a whole dtim interval we would also 3696 * like the delay to be for 2-3 dtim intervals, in case there are 3697 * other time events with higher priority. 3698 */ 3699 if (vif->bss_conf.assoc) { 3700 delay = min_t(u32, dtim_interval * 3, AUX_ROC_MAX_DELAY); 3701 /* We cannot remain off-channel longer than the DTIM interval */ 3702 if (dtim_interval <= req_dur) { 3703 req_dur = dtim_interval - AUX_ROC_SAFETY_BUFFER; 3704 if (req_dur <= AUX_ROC_MIN_DURATION) 3705 req_dur = dtim_interval - 3706 AUX_ROC_MIN_SAFETY_BUFFER; 3707 } 3708 } 3709 3710 tail->duration = cpu_to_le32(req_dur); 3711 tail->apply_time_max_delay = cpu_to_le32(delay); 3712 3713 IWL_DEBUG_TE(mvm, 3714 "ROC: Requesting to remain on channel %u for %ums\n", 3715 channel->hw_value, req_dur); 3716 IWL_DEBUG_TE(mvm, 3717 "\t(requested = %ums, max_delay = %ums, dtim_interval = %ums)\n", 3718 duration, delay, dtim_interval); 3719 3720 /* Set the node address */ 3721 memcpy(tail->node_addr, vif->addr, ETH_ALEN); 3722 3723 lockdep_assert_held(&mvm->mutex); 3724 3725 spin_lock_bh(&mvm->time_event_lock); 3726 3727 if (WARN_ON(te_data->id == HOT_SPOT_CMD)) { 3728 spin_unlock_bh(&mvm->time_event_lock); 3729 return -EIO; 3730 } 3731 3732 te_data->vif = vif; 3733 te_data->duration = duration; 3734 te_data->id = HOT_SPOT_CMD; 3735 3736 spin_unlock_bh(&mvm->time_event_lock); 3737 3738 /* 3739 * Use a notification wait, which really just processes the 3740 * command response and doesn't wait for anything, in order 3741 * to be able to process the response and get the UID inside 3742 * the RX path. Using CMD_WANT_SKB doesn't work because it 3743 * stores the buffer and then wakes up this thread, by which 3744 * time another notification (that the time event started) 3745 * might already be processed unsuccessfully. 3746 */ 3747 iwl_init_notification_wait(&mvm->notif_wait, &wait_time_event, 3748 time_event_response, 3749 ARRAY_SIZE(time_event_response), 3750 iwl_mvm_rx_aux_roc, te_data); 3751 3752 res = iwl_mvm_send_cmd_pdu(mvm, HOT_SPOT_CMD, 0, len, 3753 &aux_roc_req); 3754 3755 if (res) { 3756 IWL_ERR(mvm, "Couldn't send HOT_SPOT_CMD: %d\n", res); 3757 iwl_remove_notification(&mvm->notif_wait, &wait_time_event); 3758 goto out_clear_te; 3759 } 3760 3761 /* No need to wait for anything, so just pass 1 (0 isn't valid) */ 3762 res = iwl_wait_notification(&mvm->notif_wait, &wait_time_event, 1); 3763 /* should never fail */ 3764 WARN_ON_ONCE(res); 3765 3766 if (res) { 3767 out_clear_te: 3768 spin_lock_bh(&mvm->time_event_lock); 3769 iwl_mvm_te_clear_data(mvm, te_data); 3770 spin_unlock_bh(&mvm->time_event_lock); 3771 } 3772 3773 return res; 3774 } 3775 3776 static int iwl_mvm_roc(struct ieee80211_hw *hw, 3777 struct ieee80211_vif *vif, 3778 struct ieee80211_channel *channel, 3779 int duration, 3780 enum ieee80211_roc_type type) 3781 { 3782 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3783 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3784 struct cfg80211_chan_def chandef; 3785 struct iwl_mvm_phy_ctxt *phy_ctxt; 3786 bool band_change_removal; 3787 int ret, i; 3788 3789 IWL_DEBUG_MAC80211(mvm, "enter (%d, %d, %d)\n", channel->hw_value, 3790 duration, type); 3791 3792 /* 3793 * Flush the done work, just in case it's still pending, so that 3794 * the work it does can complete and we can accept new frames. 3795 */ 3796 flush_work(&mvm->roc_done_wk); 3797 3798 mutex_lock(&mvm->mutex); 3799 3800 switch (vif->type) { 3801 case NL80211_IFTYPE_STATION: 3802 if (fw_has_capa(&mvm->fw->ucode_capa, 3803 IWL_UCODE_TLV_CAPA_HOTSPOT_SUPPORT)) { 3804 /* Use aux roc framework (HS20) */ 3805 if (iwl_fw_lookup_cmd_ver(mvm->fw, LONG_GROUP, 3806 ADD_STA, 0) >= 12) { 3807 u32 lmac_id; 3808 3809 lmac_id = iwl_mvm_get_lmac_id(mvm->fw, 3810 channel->band); 3811 ret = iwl_mvm_add_aux_sta(mvm, lmac_id); 3812 if (WARN(ret, 3813 "Failed to allocate aux station")) 3814 goto out_unlock; 3815 } 3816 ret = iwl_mvm_send_aux_roc_cmd(mvm, channel, 3817 vif, duration); 3818 goto out_unlock; 3819 } 3820 IWL_ERR(mvm, "hotspot not supported\n"); 3821 ret = -EINVAL; 3822 goto out_unlock; 3823 case NL80211_IFTYPE_P2P_DEVICE: 3824 /* handle below */ 3825 break; 3826 default: 3827 IWL_ERR(mvm, "vif isn't P2P_DEVICE: %d\n", vif->type); 3828 ret = -EINVAL; 3829 goto out_unlock; 3830 } 3831 3832 for (i = 0; i < NUM_PHY_CTX; i++) { 3833 phy_ctxt = &mvm->phy_ctxts[i]; 3834 if (phy_ctxt->ref == 0 || mvmvif->phy_ctxt == phy_ctxt) 3835 continue; 3836 3837 if (phy_ctxt->ref && channel == phy_ctxt->channel) { 3838 /* 3839 * Unbind the P2P_DEVICE from the current PHY context, 3840 * and if the PHY context is not used remove it. 3841 */ 3842 ret = iwl_mvm_binding_remove_vif(mvm, vif); 3843 if (WARN(ret, "Failed unbinding P2P_DEVICE\n")) 3844 goto out_unlock; 3845 3846 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt); 3847 3848 /* Bind the P2P_DEVICE to the current PHY Context */ 3849 mvmvif->phy_ctxt = phy_ctxt; 3850 3851 ret = iwl_mvm_binding_add_vif(mvm, vif); 3852 if (WARN(ret, "Failed binding P2P_DEVICE\n")) 3853 goto out_unlock; 3854 3855 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt); 3856 goto schedule_time_event; 3857 } 3858 } 3859 3860 /* Need to update the PHY context only if the ROC channel changed */ 3861 if (channel == mvmvif->phy_ctxt->channel) 3862 goto schedule_time_event; 3863 3864 cfg80211_chandef_create(&chandef, channel, NL80211_CHAN_NO_HT); 3865 3866 /* 3867 * Check if the remain-on-channel is on a different band and that 3868 * requires context removal, see iwl_mvm_phy_ctxt_changed(). If 3869 * so, we'll need to release and then re-configure here, since we 3870 * must not remove a PHY context that's part of a binding. 3871 */ 3872 band_change_removal = 3873 fw_has_capa(&mvm->fw->ucode_capa, 3874 IWL_UCODE_TLV_CAPA_BINDING_CDB_SUPPORT) && 3875 mvmvif->phy_ctxt->channel->band != chandef.chan->band; 3876 3877 if (mvmvif->phy_ctxt->ref == 1 && !band_change_removal) { 3878 /* 3879 * Change the PHY context configuration as it is currently 3880 * referenced only by the P2P Device MAC (and we can modify it) 3881 */ 3882 ret = iwl_mvm_phy_ctxt_changed(mvm, mvmvif->phy_ctxt, 3883 &chandef, 1, 1); 3884 if (ret) 3885 goto out_unlock; 3886 } else { 3887 /* 3888 * The PHY context is shared with other MACs (or we're trying to 3889 * switch bands), so remove the P2P Device from the binding, 3890 * allocate an new PHY context and create a new binding. 3891 */ 3892 phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm); 3893 if (!phy_ctxt) { 3894 ret = -ENOSPC; 3895 goto out_unlock; 3896 } 3897 3898 ret = iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, &chandef, 3899 1, 1); 3900 if (ret) { 3901 IWL_ERR(mvm, "Failed to change PHY context\n"); 3902 goto out_unlock; 3903 } 3904 3905 /* Unbind the P2P_DEVICE from the current PHY context */ 3906 ret = iwl_mvm_binding_remove_vif(mvm, vif); 3907 if (WARN(ret, "Failed unbinding P2P_DEVICE\n")) 3908 goto out_unlock; 3909 3910 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt); 3911 3912 /* Bind the P2P_DEVICE to the new allocated PHY context */ 3913 mvmvif->phy_ctxt = phy_ctxt; 3914 3915 ret = iwl_mvm_binding_add_vif(mvm, vif); 3916 if (WARN(ret, "Failed binding P2P_DEVICE\n")) 3917 goto out_unlock; 3918 3919 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt); 3920 } 3921 3922 schedule_time_event: 3923 /* Schedule the time events */ 3924 ret = iwl_mvm_start_p2p_roc(mvm, vif, duration, type); 3925 3926 out_unlock: 3927 mutex_unlock(&mvm->mutex); 3928 IWL_DEBUG_MAC80211(mvm, "leave\n"); 3929 return ret; 3930 } 3931 3932 static int iwl_mvm_cancel_roc(struct ieee80211_hw *hw, 3933 struct ieee80211_vif *vif) 3934 { 3935 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3936 3937 IWL_DEBUG_MAC80211(mvm, "enter\n"); 3938 3939 mutex_lock(&mvm->mutex); 3940 iwl_mvm_stop_roc(mvm, vif); 3941 mutex_unlock(&mvm->mutex); 3942 3943 IWL_DEBUG_MAC80211(mvm, "leave\n"); 3944 return 0; 3945 } 3946 3947 struct iwl_mvm_ftm_responder_iter_data { 3948 bool responder; 3949 struct ieee80211_chanctx_conf *ctx; 3950 }; 3951 3952 static void iwl_mvm_ftm_responder_chanctx_iter(void *_data, u8 *mac, 3953 struct ieee80211_vif *vif) 3954 { 3955 struct iwl_mvm_ftm_responder_iter_data *data = _data; 3956 3957 if (rcu_access_pointer(vif->chanctx_conf) == data->ctx && 3958 vif->type == NL80211_IFTYPE_AP && vif->bss_conf.ftmr_params) 3959 data->responder = true; 3960 } 3961 3962 static bool iwl_mvm_is_ftm_responder_chanctx(struct iwl_mvm *mvm, 3963 struct ieee80211_chanctx_conf *ctx) 3964 { 3965 struct iwl_mvm_ftm_responder_iter_data data = { 3966 .responder = false, 3967 .ctx = ctx, 3968 }; 3969 3970 ieee80211_iterate_active_interfaces_atomic(mvm->hw, 3971 IEEE80211_IFACE_ITER_NORMAL, 3972 iwl_mvm_ftm_responder_chanctx_iter, 3973 &data); 3974 return data.responder; 3975 } 3976 3977 static int __iwl_mvm_add_chanctx(struct iwl_mvm *mvm, 3978 struct ieee80211_chanctx_conf *ctx) 3979 { 3980 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv; 3981 struct iwl_mvm_phy_ctxt *phy_ctxt; 3982 bool responder = iwl_mvm_is_ftm_responder_chanctx(mvm, ctx); 3983 struct cfg80211_chan_def *def = responder ? &ctx->def : &ctx->min_def; 3984 int ret; 3985 3986 lockdep_assert_held(&mvm->mutex); 3987 3988 IWL_DEBUG_MAC80211(mvm, "Add channel context\n"); 3989 3990 phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm); 3991 if (!phy_ctxt) { 3992 ret = -ENOSPC; 3993 goto out; 3994 } 3995 3996 ret = iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, def, 3997 ctx->rx_chains_static, 3998 ctx->rx_chains_dynamic); 3999 if (ret) { 4000 IWL_ERR(mvm, "Failed to add PHY context\n"); 4001 goto out; 4002 } 4003 4004 iwl_mvm_phy_ctxt_ref(mvm, phy_ctxt); 4005 *phy_ctxt_id = phy_ctxt->id; 4006 out: 4007 return ret; 4008 } 4009 4010 static int iwl_mvm_add_chanctx(struct ieee80211_hw *hw, 4011 struct ieee80211_chanctx_conf *ctx) 4012 { 4013 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4014 int ret; 4015 4016 mutex_lock(&mvm->mutex); 4017 ret = __iwl_mvm_add_chanctx(mvm, ctx); 4018 mutex_unlock(&mvm->mutex); 4019 4020 return ret; 4021 } 4022 4023 static void __iwl_mvm_remove_chanctx(struct iwl_mvm *mvm, 4024 struct ieee80211_chanctx_conf *ctx) 4025 { 4026 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv; 4027 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id]; 4028 4029 lockdep_assert_held(&mvm->mutex); 4030 4031 iwl_mvm_phy_ctxt_unref(mvm, phy_ctxt); 4032 } 4033 4034 static void iwl_mvm_remove_chanctx(struct ieee80211_hw *hw, 4035 struct ieee80211_chanctx_conf *ctx) 4036 { 4037 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4038 4039 mutex_lock(&mvm->mutex); 4040 __iwl_mvm_remove_chanctx(mvm, ctx); 4041 mutex_unlock(&mvm->mutex); 4042 } 4043 4044 static void iwl_mvm_change_chanctx(struct ieee80211_hw *hw, 4045 struct ieee80211_chanctx_conf *ctx, 4046 u32 changed) 4047 { 4048 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4049 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv; 4050 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id]; 4051 bool responder = iwl_mvm_is_ftm_responder_chanctx(mvm, ctx); 4052 struct cfg80211_chan_def *def = responder ? &ctx->def : &ctx->min_def; 4053 4054 if (WARN_ONCE((phy_ctxt->ref > 1) && 4055 (changed & ~(IEEE80211_CHANCTX_CHANGE_WIDTH | 4056 IEEE80211_CHANCTX_CHANGE_RX_CHAINS | 4057 IEEE80211_CHANCTX_CHANGE_RADAR | 4058 IEEE80211_CHANCTX_CHANGE_MIN_WIDTH)), 4059 "Cannot change PHY. Ref=%d, changed=0x%X\n", 4060 phy_ctxt->ref, changed)) 4061 return; 4062 4063 mutex_lock(&mvm->mutex); 4064 4065 /* we are only changing the min_width, may be a noop */ 4066 if (changed == IEEE80211_CHANCTX_CHANGE_MIN_WIDTH) { 4067 if (phy_ctxt->width == def->width) 4068 goto out_unlock; 4069 4070 /* we are just toggling between 20_NOHT and 20 */ 4071 if (phy_ctxt->width <= NL80211_CHAN_WIDTH_20 && 4072 def->width <= NL80211_CHAN_WIDTH_20) 4073 goto out_unlock; 4074 } 4075 4076 iwl_mvm_bt_coex_vif_change(mvm); 4077 iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, def, 4078 ctx->rx_chains_static, 4079 ctx->rx_chains_dynamic); 4080 4081 out_unlock: 4082 mutex_unlock(&mvm->mutex); 4083 } 4084 4085 static int __iwl_mvm_assign_vif_chanctx(struct iwl_mvm *mvm, 4086 struct ieee80211_vif *vif, 4087 struct ieee80211_chanctx_conf *ctx, 4088 bool switching_chanctx) 4089 { 4090 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv; 4091 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id]; 4092 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4093 int ret; 4094 4095 lockdep_assert_held(&mvm->mutex); 4096 4097 mvmvif->phy_ctxt = phy_ctxt; 4098 4099 switch (vif->type) { 4100 case NL80211_IFTYPE_AP: 4101 /* only needed if we're switching chanctx (i.e. during CSA) */ 4102 if (switching_chanctx) { 4103 mvmvif->ap_ibss_active = true; 4104 break; 4105 } 4106 fallthrough; 4107 case NL80211_IFTYPE_ADHOC: 4108 /* 4109 * The AP binding flow is handled as part of the start_ap flow 4110 * (in bss_info_changed), similarly for IBSS. 4111 */ 4112 ret = 0; 4113 goto out; 4114 case NL80211_IFTYPE_STATION: 4115 mvmvif->csa_bcn_pending = false; 4116 break; 4117 case NL80211_IFTYPE_MONITOR: 4118 /* always disable PS when a monitor interface is active */ 4119 mvmvif->ps_disabled = true; 4120 break; 4121 default: 4122 ret = -EINVAL; 4123 goto out; 4124 } 4125 4126 ret = iwl_mvm_binding_add_vif(mvm, vif); 4127 if (ret) 4128 goto out; 4129 4130 /* 4131 * Power state must be updated before quotas, 4132 * otherwise fw will complain. 4133 */ 4134 iwl_mvm_power_update_mac(mvm); 4135 4136 /* Setting the quota at this stage is only required for monitor 4137 * interfaces. For the other types, the bss_info changed flow 4138 * will handle quota settings. 4139 */ 4140 if (vif->type == NL80211_IFTYPE_MONITOR) { 4141 mvmvif->monitor_active = true; 4142 ret = iwl_mvm_update_quotas(mvm, false, NULL); 4143 if (ret) 4144 goto out_remove_binding; 4145 4146 ret = iwl_mvm_add_snif_sta(mvm, vif); 4147 if (ret) 4148 goto out_remove_binding; 4149 4150 } 4151 4152 /* Handle binding during CSA */ 4153 if (vif->type == NL80211_IFTYPE_AP) { 4154 iwl_mvm_update_quotas(mvm, false, NULL); 4155 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 4156 } 4157 4158 if (switching_chanctx && vif->type == NL80211_IFTYPE_STATION) { 4159 mvmvif->csa_bcn_pending = true; 4160 4161 if (!fw_has_capa(&mvm->fw->ucode_capa, 4162 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) { 4163 u32 duration = 3 * vif->bss_conf.beacon_int; 4164 4165 /* Protect the session to make sure we hear the first 4166 * beacon on the new channel. 4167 */ 4168 iwl_mvm_protect_session(mvm, vif, duration, duration, 4169 vif->bss_conf.beacon_int / 2, 4170 true); 4171 } 4172 4173 iwl_mvm_update_quotas(mvm, false, NULL); 4174 } 4175 4176 goto out; 4177 4178 out_remove_binding: 4179 iwl_mvm_binding_remove_vif(mvm, vif); 4180 iwl_mvm_power_update_mac(mvm); 4181 out: 4182 if (ret) 4183 mvmvif->phy_ctxt = NULL; 4184 return ret; 4185 } 4186 static int iwl_mvm_assign_vif_chanctx(struct ieee80211_hw *hw, 4187 struct ieee80211_vif *vif, 4188 struct ieee80211_chanctx_conf *ctx) 4189 { 4190 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4191 int ret; 4192 4193 mutex_lock(&mvm->mutex); 4194 ret = __iwl_mvm_assign_vif_chanctx(mvm, vif, ctx, false); 4195 mutex_unlock(&mvm->mutex); 4196 4197 return ret; 4198 } 4199 4200 static void __iwl_mvm_unassign_vif_chanctx(struct iwl_mvm *mvm, 4201 struct ieee80211_vif *vif, 4202 struct ieee80211_chanctx_conf *ctx, 4203 bool switching_chanctx) 4204 { 4205 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4206 struct ieee80211_vif *disabled_vif = NULL; 4207 4208 lockdep_assert_held(&mvm->mutex); 4209 iwl_mvm_remove_time_event(mvm, mvmvif, &mvmvif->time_event_data); 4210 4211 switch (vif->type) { 4212 case NL80211_IFTYPE_ADHOC: 4213 goto out; 4214 case NL80211_IFTYPE_MONITOR: 4215 mvmvif->monitor_active = false; 4216 mvmvif->ps_disabled = false; 4217 iwl_mvm_rm_snif_sta(mvm, vif); 4218 break; 4219 case NL80211_IFTYPE_AP: 4220 /* This part is triggered only during CSA */ 4221 if (!switching_chanctx || !mvmvif->ap_ibss_active) 4222 goto out; 4223 4224 mvmvif->csa_countdown = false; 4225 4226 /* Set CS bit on all the stations */ 4227 iwl_mvm_modify_all_sta_disable_tx(mvm, mvmvif, true); 4228 4229 /* Save blocked iface, the timeout is set on the next beacon */ 4230 rcu_assign_pointer(mvm->csa_tx_blocked_vif, vif); 4231 4232 mvmvif->ap_ibss_active = false; 4233 break; 4234 case NL80211_IFTYPE_STATION: 4235 if (!switching_chanctx) 4236 break; 4237 4238 disabled_vif = vif; 4239 4240 if (!fw_has_capa(&mvm->fw->ucode_capa, 4241 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) 4242 iwl_mvm_mac_ctxt_changed(mvm, vif, true, NULL); 4243 break; 4244 default: 4245 break; 4246 } 4247 4248 iwl_mvm_update_quotas(mvm, false, disabled_vif); 4249 iwl_mvm_binding_remove_vif(mvm, vif); 4250 4251 out: 4252 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD) && 4253 switching_chanctx) 4254 return; 4255 mvmvif->phy_ctxt = NULL; 4256 iwl_mvm_power_update_mac(mvm); 4257 } 4258 4259 static void iwl_mvm_unassign_vif_chanctx(struct ieee80211_hw *hw, 4260 struct ieee80211_vif *vif, 4261 struct ieee80211_chanctx_conf *ctx) 4262 { 4263 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4264 4265 mutex_lock(&mvm->mutex); 4266 __iwl_mvm_unassign_vif_chanctx(mvm, vif, ctx, false); 4267 mutex_unlock(&mvm->mutex); 4268 } 4269 4270 static int 4271 iwl_mvm_switch_vif_chanctx_swap(struct iwl_mvm *mvm, 4272 struct ieee80211_vif_chanctx_switch *vifs) 4273 { 4274 int ret; 4275 4276 mutex_lock(&mvm->mutex); 4277 __iwl_mvm_unassign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, true); 4278 __iwl_mvm_remove_chanctx(mvm, vifs[0].old_ctx); 4279 4280 ret = __iwl_mvm_add_chanctx(mvm, vifs[0].new_ctx); 4281 if (ret) { 4282 IWL_ERR(mvm, "failed to add new_ctx during channel switch\n"); 4283 goto out_reassign; 4284 } 4285 4286 ret = __iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].new_ctx, 4287 true); 4288 if (ret) { 4289 IWL_ERR(mvm, 4290 "failed to assign new_ctx during channel switch\n"); 4291 goto out_remove; 4292 } 4293 4294 /* we don't support TDLS during DCM - can be caused by channel switch */ 4295 if (iwl_mvm_phy_ctx_count(mvm) > 1) 4296 iwl_mvm_teardown_tdls_peers(mvm); 4297 4298 goto out; 4299 4300 out_remove: 4301 __iwl_mvm_remove_chanctx(mvm, vifs[0].new_ctx); 4302 4303 out_reassign: 4304 if (__iwl_mvm_add_chanctx(mvm, vifs[0].old_ctx)) { 4305 IWL_ERR(mvm, "failed to add old_ctx back after failure.\n"); 4306 goto out_restart; 4307 } 4308 4309 if (__iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, 4310 true)) { 4311 IWL_ERR(mvm, "failed to reassign old_ctx after failure.\n"); 4312 goto out_restart; 4313 } 4314 4315 goto out; 4316 4317 out_restart: 4318 /* things keep failing, better restart the hw */ 4319 iwl_mvm_nic_restart(mvm, false); 4320 4321 out: 4322 mutex_unlock(&mvm->mutex); 4323 4324 return ret; 4325 } 4326 4327 static int 4328 iwl_mvm_switch_vif_chanctx_reassign(struct iwl_mvm *mvm, 4329 struct ieee80211_vif_chanctx_switch *vifs) 4330 { 4331 int ret; 4332 4333 mutex_lock(&mvm->mutex); 4334 __iwl_mvm_unassign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, true); 4335 4336 ret = __iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].new_ctx, 4337 true); 4338 if (ret) { 4339 IWL_ERR(mvm, 4340 "failed to assign new_ctx during channel switch\n"); 4341 goto out_reassign; 4342 } 4343 4344 goto out; 4345 4346 out_reassign: 4347 if (__iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, 4348 true)) { 4349 IWL_ERR(mvm, "failed to reassign old_ctx after failure.\n"); 4350 goto out_restart; 4351 } 4352 4353 goto out; 4354 4355 out_restart: 4356 /* things keep failing, better restart the hw */ 4357 iwl_mvm_nic_restart(mvm, false); 4358 4359 out: 4360 mutex_unlock(&mvm->mutex); 4361 4362 return ret; 4363 } 4364 4365 static int iwl_mvm_switch_vif_chanctx(struct ieee80211_hw *hw, 4366 struct ieee80211_vif_chanctx_switch *vifs, 4367 int n_vifs, 4368 enum ieee80211_chanctx_switch_mode mode) 4369 { 4370 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4371 int ret; 4372 4373 /* we only support a single-vif right now */ 4374 if (n_vifs > 1) 4375 return -EOPNOTSUPP; 4376 4377 switch (mode) { 4378 case CHANCTX_SWMODE_SWAP_CONTEXTS: 4379 ret = iwl_mvm_switch_vif_chanctx_swap(mvm, vifs); 4380 break; 4381 case CHANCTX_SWMODE_REASSIGN_VIF: 4382 ret = iwl_mvm_switch_vif_chanctx_reassign(mvm, vifs); 4383 break; 4384 default: 4385 ret = -EOPNOTSUPP; 4386 break; 4387 } 4388 4389 return ret; 4390 } 4391 4392 static int iwl_mvm_tx_last_beacon(struct ieee80211_hw *hw) 4393 { 4394 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4395 4396 return mvm->ibss_manager; 4397 } 4398 4399 static int iwl_mvm_set_tim(struct ieee80211_hw *hw, 4400 struct ieee80211_sta *sta, 4401 bool set) 4402 { 4403 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4404 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta); 4405 4406 if (!mvm_sta || !mvm_sta->vif) { 4407 IWL_ERR(mvm, "Station is not associated to a vif\n"); 4408 return -EINVAL; 4409 } 4410 4411 return iwl_mvm_mac_ctxt_beacon_changed(mvm, mvm_sta->vif); 4412 } 4413 4414 #ifdef CONFIG_NL80211_TESTMODE 4415 static const struct nla_policy iwl_mvm_tm_policy[IWL_MVM_TM_ATTR_MAX + 1] = { 4416 [IWL_MVM_TM_ATTR_CMD] = { .type = NLA_U32 }, 4417 [IWL_MVM_TM_ATTR_NOA_DURATION] = { .type = NLA_U32 }, 4418 [IWL_MVM_TM_ATTR_BEACON_FILTER_STATE] = { .type = NLA_U32 }, 4419 }; 4420 4421 static int __iwl_mvm_mac_testmode_cmd(struct iwl_mvm *mvm, 4422 struct ieee80211_vif *vif, 4423 void *data, int len) 4424 { 4425 struct nlattr *tb[IWL_MVM_TM_ATTR_MAX + 1]; 4426 int err; 4427 u32 noa_duration; 4428 4429 err = nla_parse_deprecated(tb, IWL_MVM_TM_ATTR_MAX, data, len, 4430 iwl_mvm_tm_policy, NULL); 4431 if (err) 4432 return err; 4433 4434 if (!tb[IWL_MVM_TM_ATTR_CMD]) 4435 return -EINVAL; 4436 4437 switch (nla_get_u32(tb[IWL_MVM_TM_ATTR_CMD])) { 4438 case IWL_MVM_TM_CMD_SET_NOA: 4439 if (!vif || vif->type != NL80211_IFTYPE_AP || !vif->p2p || 4440 !vif->bss_conf.enable_beacon || 4441 !tb[IWL_MVM_TM_ATTR_NOA_DURATION]) 4442 return -EINVAL; 4443 4444 noa_duration = nla_get_u32(tb[IWL_MVM_TM_ATTR_NOA_DURATION]); 4445 if (noa_duration >= vif->bss_conf.beacon_int) 4446 return -EINVAL; 4447 4448 mvm->noa_duration = noa_duration; 4449 mvm->noa_vif = vif; 4450 4451 return iwl_mvm_update_quotas(mvm, true, NULL); 4452 case IWL_MVM_TM_CMD_SET_BEACON_FILTER: 4453 /* must be associated client vif - ignore authorized */ 4454 if (!vif || vif->type != NL80211_IFTYPE_STATION || 4455 !vif->bss_conf.assoc || !vif->bss_conf.dtim_period || 4456 !tb[IWL_MVM_TM_ATTR_BEACON_FILTER_STATE]) 4457 return -EINVAL; 4458 4459 if (nla_get_u32(tb[IWL_MVM_TM_ATTR_BEACON_FILTER_STATE])) 4460 return iwl_mvm_enable_beacon_filter(mvm, vif, 0); 4461 return iwl_mvm_disable_beacon_filter(mvm, vif, 0); 4462 } 4463 4464 return -EOPNOTSUPP; 4465 } 4466 4467 static int iwl_mvm_mac_testmode_cmd(struct ieee80211_hw *hw, 4468 struct ieee80211_vif *vif, 4469 void *data, int len) 4470 { 4471 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4472 int err; 4473 4474 mutex_lock(&mvm->mutex); 4475 err = __iwl_mvm_mac_testmode_cmd(mvm, vif, data, len); 4476 mutex_unlock(&mvm->mutex); 4477 4478 return err; 4479 } 4480 #endif 4481 4482 static void iwl_mvm_channel_switch(struct ieee80211_hw *hw, 4483 struct ieee80211_vif *vif, 4484 struct ieee80211_channel_switch *chsw) 4485 { 4486 /* By implementing this operation, we prevent mac80211 from 4487 * starting its own channel switch timer, so that we can call 4488 * ieee80211_chswitch_done() ourselves at the right time 4489 * (which is when the absence time event starts). 4490 */ 4491 4492 IWL_DEBUG_MAC80211(IWL_MAC80211_GET_MVM(hw), 4493 "dummy channel switch op\n"); 4494 } 4495 4496 static int iwl_mvm_schedule_client_csa(struct iwl_mvm *mvm, 4497 struct ieee80211_vif *vif, 4498 struct ieee80211_channel_switch *chsw) 4499 { 4500 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4501 struct iwl_chan_switch_te_cmd cmd = { 4502 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 4503 mvmvif->color)), 4504 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 4505 .tsf = cpu_to_le32(chsw->timestamp), 4506 .cs_count = chsw->count, 4507 .cs_mode = chsw->block_tx, 4508 }; 4509 4510 lockdep_assert_held(&mvm->mutex); 4511 4512 if (chsw->delay) 4513 cmd.cs_delayed_bcn_count = 4514 DIV_ROUND_UP(chsw->delay, vif->bss_conf.beacon_int); 4515 4516 return iwl_mvm_send_cmd_pdu(mvm, 4517 WIDE_ID(MAC_CONF_GROUP, 4518 CHANNEL_SWITCH_TIME_EVENT_CMD), 4519 0, sizeof(cmd), &cmd); 4520 } 4521 4522 static int iwl_mvm_old_pre_chan_sw_sta(struct iwl_mvm *mvm, 4523 struct ieee80211_vif *vif, 4524 struct ieee80211_channel_switch *chsw) 4525 { 4526 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4527 u32 apply_time; 4528 4529 /* Schedule the time event to a bit before beacon 1, 4530 * to make sure we're in the new channel when the 4531 * GO/AP arrives. In case count <= 1 immediately schedule the 4532 * TE (this might result with some packet loss or connection 4533 * loss). 4534 */ 4535 if (chsw->count <= 1) 4536 apply_time = 0; 4537 else 4538 apply_time = chsw->device_timestamp + 4539 ((vif->bss_conf.beacon_int * (chsw->count - 1) - 4540 IWL_MVM_CHANNEL_SWITCH_TIME_CLIENT) * 1024); 4541 4542 if (chsw->block_tx) 4543 iwl_mvm_csa_client_absent(mvm, vif); 4544 4545 if (mvmvif->bf_data.bf_enabled) { 4546 int ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0); 4547 4548 if (ret) 4549 return ret; 4550 } 4551 4552 iwl_mvm_schedule_csa_period(mvm, vif, vif->bss_conf.beacon_int, 4553 apply_time); 4554 4555 return 0; 4556 } 4557 4558 #define IWL_MAX_CSA_BLOCK_TX 1500 4559 static int iwl_mvm_pre_channel_switch(struct ieee80211_hw *hw, 4560 struct ieee80211_vif *vif, 4561 struct ieee80211_channel_switch *chsw) 4562 { 4563 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4564 struct ieee80211_vif *csa_vif; 4565 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4566 int ret; 4567 4568 mutex_lock(&mvm->mutex); 4569 4570 mvmvif->csa_failed = false; 4571 4572 IWL_DEBUG_MAC80211(mvm, "pre CSA to freq %d\n", 4573 chsw->chandef.center_freq1); 4574 4575 iwl_fw_dbg_trigger_simple_stop(&mvm->fwrt, 4576 ieee80211_vif_to_wdev(vif), 4577 FW_DBG_TRIGGER_CHANNEL_SWITCH); 4578 4579 switch (vif->type) { 4580 case NL80211_IFTYPE_AP: 4581 csa_vif = 4582 rcu_dereference_protected(mvm->csa_vif, 4583 lockdep_is_held(&mvm->mutex)); 4584 if (WARN_ONCE(csa_vif && csa_vif->csa_active, 4585 "Another CSA is already in progress")) { 4586 ret = -EBUSY; 4587 goto out_unlock; 4588 } 4589 4590 /* we still didn't unblock tx. prevent new CS meanwhile */ 4591 if (rcu_dereference_protected(mvm->csa_tx_blocked_vif, 4592 lockdep_is_held(&mvm->mutex))) { 4593 ret = -EBUSY; 4594 goto out_unlock; 4595 } 4596 4597 rcu_assign_pointer(mvm->csa_vif, vif); 4598 4599 if (WARN_ONCE(mvmvif->csa_countdown, 4600 "Previous CSA countdown didn't complete")) { 4601 ret = -EBUSY; 4602 goto out_unlock; 4603 } 4604 4605 mvmvif->csa_target_freq = chsw->chandef.chan->center_freq; 4606 4607 break; 4608 case NL80211_IFTYPE_STATION: 4609 /* 4610 * We haven't configured the firmware to be associated yet since 4611 * we don't know the dtim period. In this case, the firmware can't 4612 * track the beacons. 4613 */ 4614 if (!vif->bss_conf.assoc || !vif->bss_conf.dtim_period) { 4615 ret = -EBUSY; 4616 goto out_unlock; 4617 } 4618 4619 if (chsw->delay > IWL_MAX_CSA_BLOCK_TX) 4620 schedule_delayed_work(&mvmvif->csa_work, 0); 4621 4622 if (chsw->block_tx) { 4623 /* 4624 * In case of undetermined / long time with immediate 4625 * quiet monitor status to gracefully disconnect 4626 */ 4627 if (!chsw->count || 4628 chsw->count * vif->bss_conf.beacon_int > 4629 IWL_MAX_CSA_BLOCK_TX) 4630 schedule_delayed_work(&mvmvif->csa_work, 4631 msecs_to_jiffies(IWL_MAX_CSA_BLOCK_TX)); 4632 } 4633 4634 if (!fw_has_capa(&mvm->fw->ucode_capa, 4635 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) { 4636 ret = iwl_mvm_old_pre_chan_sw_sta(mvm, vif, chsw); 4637 if (ret) 4638 goto out_unlock; 4639 } else { 4640 iwl_mvm_schedule_client_csa(mvm, vif, chsw); 4641 } 4642 4643 mvmvif->csa_count = chsw->count; 4644 mvmvif->csa_misbehave = false; 4645 break; 4646 default: 4647 break; 4648 } 4649 4650 mvmvif->ps_disabled = true; 4651 4652 ret = iwl_mvm_power_update_ps(mvm); 4653 if (ret) 4654 goto out_unlock; 4655 4656 /* we won't be on this channel any longer */ 4657 iwl_mvm_teardown_tdls_peers(mvm); 4658 4659 out_unlock: 4660 mutex_unlock(&mvm->mutex); 4661 4662 return ret; 4663 } 4664 4665 static void iwl_mvm_channel_switch_rx_beacon(struct ieee80211_hw *hw, 4666 struct ieee80211_vif *vif, 4667 struct ieee80211_channel_switch *chsw) 4668 { 4669 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4670 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4671 struct iwl_chan_switch_te_cmd cmd = { 4672 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 4673 mvmvif->color)), 4674 .action = cpu_to_le32(FW_CTXT_ACTION_MODIFY), 4675 .tsf = cpu_to_le32(chsw->timestamp), 4676 .cs_count = chsw->count, 4677 .cs_mode = chsw->block_tx, 4678 }; 4679 4680 if (!fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_CS_MODIFY)) 4681 return; 4682 4683 IWL_DEBUG_MAC80211(mvm, "Modify CSA on mac %d count = %d (old %d) mode = %d\n", 4684 mvmvif->id, chsw->count, mvmvif->csa_count, chsw->block_tx); 4685 4686 if (chsw->count >= mvmvif->csa_count && chsw->block_tx) { 4687 if (mvmvif->csa_misbehave) { 4688 /* Second time, give up on this AP*/ 4689 iwl_mvm_abort_channel_switch(hw, vif); 4690 ieee80211_chswitch_done(vif, false); 4691 mvmvif->csa_misbehave = false; 4692 return; 4693 } 4694 mvmvif->csa_misbehave = true; 4695 } 4696 mvmvif->csa_count = chsw->count; 4697 4698 mutex_lock(&mvm->mutex); 4699 if (mvmvif->csa_failed) 4700 goto out_unlock; 4701 4702 WARN_ON(iwl_mvm_send_cmd_pdu(mvm, 4703 WIDE_ID(MAC_CONF_GROUP, 4704 CHANNEL_SWITCH_TIME_EVENT_CMD), 4705 0, sizeof(cmd), &cmd)); 4706 out_unlock: 4707 mutex_unlock(&mvm->mutex); 4708 } 4709 4710 static void iwl_mvm_flush_no_vif(struct iwl_mvm *mvm, u32 queues, bool drop) 4711 { 4712 int i; 4713 4714 if (!iwl_mvm_has_new_tx_api(mvm)) { 4715 if (drop) { 4716 mutex_lock(&mvm->mutex); 4717 iwl_mvm_flush_tx_path(mvm, 4718 iwl_mvm_flushable_queues(mvm) & queues); 4719 mutex_unlock(&mvm->mutex); 4720 } else { 4721 iwl_trans_wait_tx_queues_empty(mvm->trans, queues); 4722 } 4723 return; 4724 } 4725 4726 mutex_lock(&mvm->mutex); 4727 for (i = 0; i < mvm->fw->ucode_capa.num_stations; i++) { 4728 struct ieee80211_sta *sta; 4729 4730 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i], 4731 lockdep_is_held(&mvm->mutex)); 4732 if (IS_ERR_OR_NULL(sta)) 4733 continue; 4734 4735 if (drop) 4736 iwl_mvm_flush_sta_tids(mvm, i, 0xFFFF); 4737 else 4738 iwl_mvm_wait_sta_queues_empty(mvm, 4739 iwl_mvm_sta_from_mac80211(sta)); 4740 } 4741 mutex_unlock(&mvm->mutex); 4742 } 4743 4744 static void iwl_mvm_mac_flush(struct ieee80211_hw *hw, 4745 struct ieee80211_vif *vif, u32 queues, bool drop) 4746 { 4747 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4748 struct iwl_mvm_vif *mvmvif; 4749 struct iwl_mvm_sta *mvmsta; 4750 struct ieee80211_sta *sta; 4751 int i; 4752 u32 msk = 0; 4753 4754 if (!vif) { 4755 iwl_mvm_flush_no_vif(mvm, queues, drop); 4756 return; 4757 } 4758 4759 if (vif->type != NL80211_IFTYPE_STATION) 4760 return; 4761 4762 /* Make sure we're done with the deferred traffic before flushing */ 4763 flush_work(&mvm->add_stream_wk); 4764 4765 mutex_lock(&mvm->mutex); 4766 mvmvif = iwl_mvm_vif_from_mac80211(vif); 4767 4768 /* flush the AP-station and all TDLS peers */ 4769 for (i = 0; i < mvm->fw->ucode_capa.num_stations; i++) { 4770 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i], 4771 lockdep_is_held(&mvm->mutex)); 4772 if (IS_ERR_OR_NULL(sta)) 4773 continue; 4774 4775 mvmsta = iwl_mvm_sta_from_mac80211(sta); 4776 if (mvmsta->vif != vif) 4777 continue; 4778 4779 /* make sure only TDLS peers or the AP are flushed */ 4780 WARN_ON(i != mvmvif->ap_sta_id && !sta->tdls); 4781 4782 if (drop) { 4783 if (iwl_mvm_flush_sta(mvm, mvmsta, false)) 4784 IWL_ERR(mvm, "flush request fail\n"); 4785 } else { 4786 msk |= mvmsta->tfd_queue_msk; 4787 if (iwl_mvm_has_new_tx_api(mvm)) 4788 iwl_mvm_wait_sta_queues_empty(mvm, mvmsta); 4789 } 4790 } 4791 4792 mutex_unlock(&mvm->mutex); 4793 4794 /* this can take a while, and we may need/want other operations 4795 * to succeed while doing this, so do it without the mutex held 4796 */ 4797 if (!drop && !iwl_mvm_has_new_tx_api(mvm)) 4798 iwl_trans_wait_tx_queues_empty(mvm->trans, msk); 4799 } 4800 4801 static int iwl_mvm_mac_get_survey(struct ieee80211_hw *hw, int idx, 4802 struct survey_info *survey) 4803 { 4804 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4805 int ret; 4806 4807 memset(survey, 0, sizeof(*survey)); 4808 4809 /* only support global statistics right now */ 4810 if (idx != 0) 4811 return -ENOENT; 4812 4813 if (!fw_has_capa(&mvm->fw->ucode_capa, 4814 IWL_UCODE_TLV_CAPA_RADIO_BEACON_STATS)) 4815 return -ENOENT; 4816 4817 mutex_lock(&mvm->mutex); 4818 4819 if (iwl_mvm_firmware_running(mvm)) { 4820 ret = iwl_mvm_request_statistics(mvm, false); 4821 if (ret) 4822 goto out; 4823 } 4824 4825 survey->filled = SURVEY_INFO_TIME | 4826 SURVEY_INFO_TIME_RX | 4827 SURVEY_INFO_TIME_TX | 4828 SURVEY_INFO_TIME_SCAN; 4829 survey->time = mvm->accu_radio_stats.on_time_rf + 4830 mvm->radio_stats.on_time_rf; 4831 do_div(survey->time, USEC_PER_MSEC); 4832 4833 survey->time_rx = mvm->accu_radio_stats.rx_time + 4834 mvm->radio_stats.rx_time; 4835 do_div(survey->time_rx, USEC_PER_MSEC); 4836 4837 survey->time_tx = mvm->accu_radio_stats.tx_time + 4838 mvm->radio_stats.tx_time; 4839 do_div(survey->time_tx, USEC_PER_MSEC); 4840 4841 survey->time_scan = mvm->accu_radio_stats.on_time_scan + 4842 mvm->radio_stats.on_time_scan; 4843 do_div(survey->time_scan, USEC_PER_MSEC); 4844 4845 ret = 0; 4846 out: 4847 mutex_unlock(&mvm->mutex); 4848 return ret; 4849 } 4850 4851 static void iwl_mvm_set_sta_rate(u32 rate_n_flags, struct rate_info *rinfo) 4852 { 4853 u32 format = rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 4854 4855 switch (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) { 4856 case RATE_MCS_CHAN_WIDTH_20: 4857 rinfo->bw = RATE_INFO_BW_20; 4858 break; 4859 case RATE_MCS_CHAN_WIDTH_40: 4860 rinfo->bw = RATE_INFO_BW_40; 4861 break; 4862 case RATE_MCS_CHAN_WIDTH_80: 4863 rinfo->bw = RATE_INFO_BW_80; 4864 break; 4865 case RATE_MCS_CHAN_WIDTH_160: 4866 rinfo->bw = RATE_INFO_BW_160; 4867 break; 4868 } 4869 4870 if (format == RATE_MCS_CCK_MSK || 4871 format == RATE_MCS_LEGACY_OFDM_MSK) { 4872 int rate = u32_get_bits(rate_n_flags, RATE_LEGACY_RATE_MSK); 4873 4874 /* add the offset needed to get to the legacy ofdm indices */ 4875 if (format == RATE_MCS_LEGACY_OFDM_MSK) 4876 rate += IWL_FIRST_OFDM_RATE; 4877 4878 switch (rate) { 4879 case IWL_RATE_1M_INDEX: 4880 rinfo->legacy = 10; 4881 break; 4882 case IWL_RATE_2M_INDEX: 4883 rinfo->legacy = 20; 4884 break; 4885 case IWL_RATE_5M_INDEX: 4886 rinfo->legacy = 55; 4887 break; 4888 case IWL_RATE_11M_INDEX: 4889 rinfo->legacy = 110; 4890 break; 4891 case IWL_RATE_6M_INDEX: 4892 rinfo->legacy = 60; 4893 break; 4894 case IWL_RATE_9M_INDEX: 4895 rinfo->legacy = 90; 4896 break; 4897 case IWL_RATE_12M_INDEX: 4898 rinfo->legacy = 120; 4899 break; 4900 case IWL_RATE_18M_INDEX: 4901 rinfo->legacy = 180; 4902 break; 4903 case IWL_RATE_24M_INDEX: 4904 rinfo->legacy = 240; 4905 break; 4906 case IWL_RATE_36M_INDEX: 4907 rinfo->legacy = 360; 4908 break; 4909 case IWL_RATE_48M_INDEX: 4910 rinfo->legacy = 480; 4911 break; 4912 case IWL_RATE_54M_INDEX: 4913 rinfo->legacy = 540; 4914 } 4915 return; 4916 } 4917 4918 rinfo->nss = u32_get_bits(rate_n_flags, 4919 RATE_MCS_NSS_MSK) + 1; 4920 rinfo->mcs = format == RATE_MCS_HT_MSK ? 4921 RATE_HT_MCS_INDEX(rate_n_flags) : 4922 u32_get_bits(rate_n_flags, RATE_MCS_CODE_MSK); 4923 4924 if (format == RATE_MCS_HE_MSK) { 4925 u32 gi_ltf = u32_get_bits(rate_n_flags, 4926 RATE_MCS_HE_GI_LTF_MSK); 4927 4928 rinfo->flags |= RATE_INFO_FLAGS_HE_MCS; 4929 4930 if (rate_n_flags & RATE_MCS_HE_106T_MSK) { 4931 rinfo->bw = RATE_INFO_BW_HE_RU; 4932 rinfo->he_ru_alloc = NL80211_RATE_INFO_HE_RU_ALLOC_106; 4933 } 4934 4935 switch (rate_n_flags & RATE_MCS_HE_TYPE_MSK) { 4936 case RATE_MCS_HE_TYPE_SU: 4937 case RATE_MCS_HE_TYPE_EXT_SU: 4938 if (gi_ltf == 0 || gi_ltf == 1) 4939 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 4940 else if (gi_ltf == 2) 4941 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 4942 else if (gi_ltf == 3) 4943 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 4944 else 4945 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 4946 break; 4947 case RATE_MCS_HE_TYPE_MU: 4948 if (gi_ltf == 0 || gi_ltf == 1) 4949 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 4950 else if (gi_ltf == 2) 4951 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 4952 else 4953 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 4954 break; 4955 case RATE_MCS_HE_TYPE_TRIG: 4956 if (gi_ltf == 0 || gi_ltf == 1) 4957 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 4958 else 4959 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 4960 break; 4961 } 4962 4963 if (rate_n_flags & RATE_HE_DUAL_CARRIER_MODE_MSK) 4964 rinfo->he_dcm = 1; 4965 return; 4966 } 4967 4968 if (rate_n_flags & RATE_MCS_SGI_MSK) 4969 rinfo->flags |= RATE_INFO_FLAGS_SHORT_GI; 4970 4971 if (format == RATE_MCS_HT_MSK) { 4972 rinfo->flags |= RATE_INFO_FLAGS_MCS; 4973 4974 } else if (format == RATE_MCS_VHT_MSK) { 4975 rinfo->flags |= RATE_INFO_FLAGS_VHT_MCS; 4976 } 4977 4978 } 4979 4980 static void iwl_mvm_mac_sta_statistics(struct ieee80211_hw *hw, 4981 struct ieee80211_vif *vif, 4982 struct ieee80211_sta *sta, 4983 struct station_info *sinfo) 4984 { 4985 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4986 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4987 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 4988 4989 if (mvmsta->avg_energy) { 4990 sinfo->signal_avg = -(s8)mvmsta->avg_energy; 4991 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG); 4992 } 4993 4994 if (iwl_mvm_has_tlc_offload(mvm)) { 4995 struct iwl_lq_sta_rs_fw *lq_sta = &mvmsta->lq_sta.rs_fw; 4996 4997 iwl_mvm_set_sta_rate(lq_sta->last_rate_n_flags, &sinfo->txrate); 4998 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE); 4999 } 5000 5001 /* if beacon filtering isn't on mac80211 does it anyway */ 5002 if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER)) 5003 return; 5004 5005 if (!vif->bss_conf.assoc) 5006 return; 5007 5008 mutex_lock(&mvm->mutex); 5009 5010 if (mvmvif->ap_sta_id != mvmsta->sta_id) 5011 goto unlock; 5012 5013 if (iwl_mvm_request_statistics(mvm, false)) 5014 goto unlock; 5015 5016 sinfo->rx_beacon = mvmvif->beacon_stats.num_beacons + 5017 mvmvif->beacon_stats.accu_num_beacons; 5018 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_BEACON_RX); 5019 if (mvmvif->beacon_stats.avg_signal) { 5020 /* firmware only reports a value after RXing a few beacons */ 5021 sinfo->rx_beacon_signal_avg = mvmvif->beacon_stats.avg_signal; 5022 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_BEACON_SIGNAL_AVG); 5023 } 5024 unlock: 5025 mutex_unlock(&mvm->mutex); 5026 } 5027 5028 static void iwl_mvm_event_mlme_callback_ini(struct iwl_mvm *mvm, 5029 struct ieee80211_vif *vif, 5030 const struct ieee80211_mlme_event *mlme) 5031 { 5032 if ((mlme->data == ASSOC_EVENT || mlme->data == AUTH_EVENT) && 5033 (mlme->status == MLME_DENIED || mlme->status == MLME_TIMEOUT)) { 5034 iwl_dbg_tlv_time_point(&mvm->fwrt, 5035 IWL_FW_INI_TIME_POINT_ASSOC_FAILED, 5036 NULL); 5037 return; 5038 } 5039 5040 if (mlme->data == DEAUTH_RX_EVENT || mlme->data == DEAUTH_TX_EVENT) { 5041 iwl_dbg_tlv_time_point(&mvm->fwrt, 5042 IWL_FW_INI_TIME_POINT_DEASSOC, 5043 NULL); 5044 return; 5045 } 5046 } 5047 5048 static void iwl_mvm_event_mlme_callback(struct iwl_mvm *mvm, 5049 struct ieee80211_vif *vif, 5050 const struct ieee80211_event *event) 5051 { 5052 #define CHECK_MLME_TRIGGER(_cnt, _fmt...) \ 5053 do { \ 5054 if ((trig_mlme->_cnt) && --(trig_mlme->_cnt)) \ 5055 break; \ 5056 iwl_fw_dbg_collect_trig(&(mvm)->fwrt, trig, _fmt); \ 5057 } while (0) 5058 5059 struct iwl_fw_dbg_trigger_tlv *trig; 5060 struct iwl_fw_dbg_trigger_mlme *trig_mlme; 5061 5062 if (iwl_trans_dbg_ini_valid(mvm->trans)) { 5063 iwl_mvm_event_mlme_callback_ini(mvm, vif, &event->u.mlme); 5064 return; 5065 } 5066 5067 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif), 5068 FW_DBG_TRIGGER_MLME); 5069 if (!trig) 5070 return; 5071 5072 trig_mlme = (void *)trig->data; 5073 5074 if (event->u.mlme.data == ASSOC_EVENT) { 5075 if (event->u.mlme.status == MLME_DENIED) 5076 CHECK_MLME_TRIGGER(stop_assoc_denied, 5077 "DENIED ASSOC: reason %d", 5078 event->u.mlme.reason); 5079 else if (event->u.mlme.status == MLME_TIMEOUT) 5080 CHECK_MLME_TRIGGER(stop_assoc_timeout, 5081 "ASSOC TIMEOUT"); 5082 } else if (event->u.mlme.data == AUTH_EVENT) { 5083 if (event->u.mlme.status == MLME_DENIED) 5084 CHECK_MLME_TRIGGER(stop_auth_denied, 5085 "DENIED AUTH: reason %d", 5086 event->u.mlme.reason); 5087 else if (event->u.mlme.status == MLME_TIMEOUT) 5088 CHECK_MLME_TRIGGER(stop_auth_timeout, 5089 "AUTH TIMEOUT"); 5090 } else if (event->u.mlme.data == DEAUTH_RX_EVENT) { 5091 CHECK_MLME_TRIGGER(stop_rx_deauth, 5092 "DEAUTH RX %d", event->u.mlme.reason); 5093 } else if (event->u.mlme.data == DEAUTH_TX_EVENT) { 5094 CHECK_MLME_TRIGGER(stop_tx_deauth, 5095 "DEAUTH TX %d", event->u.mlme.reason); 5096 } 5097 #undef CHECK_MLME_TRIGGER 5098 } 5099 5100 static void iwl_mvm_event_bar_rx_callback(struct iwl_mvm *mvm, 5101 struct ieee80211_vif *vif, 5102 const struct ieee80211_event *event) 5103 { 5104 struct iwl_fw_dbg_trigger_tlv *trig; 5105 struct iwl_fw_dbg_trigger_ba *ba_trig; 5106 5107 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif), 5108 FW_DBG_TRIGGER_BA); 5109 if (!trig) 5110 return; 5111 5112 ba_trig = (void *)trig->data; 5113 5114 if (!(le16_to_cpu(ba_trig->rx_bar) & BIT(event->u.ba.tid))) 5115 return; 5116 5117 iwl_fw_dbg_collect_trig(&mvm->fwrt, trig, 5118 "BAR received from %pM, tid %d, ssn %d", 5119 event->u.ba.sta->addr, event->u.ba.tid, 5120 event->u.ba.ssn); 5121 } 5122 5123 static void iwl_mvm_mac_event_callback(struct ieee80211_hw *hw, 5124 struct ieee80211_vif *vif, 5125 const struct ieee80211_event *event) 5126 { 5127 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5128 5129 switch (event->type) { 5130 case MLME_EVENT: 5131 iwl_mvm_event_mlme_callback(mvm, vif, event); 5132 break; 5133 case BAR_RX_EVENT: 5134 iwl_mvm_event_bar_rx_callback(mvm, vif, event); 5135 break; 5136 case BA_FRAME_TIMEOUT: 5137 iwl_mvm_event_frame_timeout_callback(mvm, vif, event->u.ba.sta, 5138 event->u.ba.tid); 5139 break; 5140 default: 5141 break; 5142 } 5143 } 5144 5145 void iwl_mvm_sync_rx_queues_internal(struct iwl_mvm *mvm, 5146 enum iwl_mvm_rxq_notif_type type, 5147 bool sync, 5148 const void *data, u32 size) 5149 { 5150 struct { 5151 struct iwl_rxq_sync_cmd cmd; 5152 struct iwl_mvm_internal_rxq_notif notif; 5153 } __packed cmd = { 5154 .cmd.rxq_mask = cpu_to_le32(BIT(mvm->trans->num_rx_queues) - 1), 5155 .cmd.count = 5156 cpu_to_le32(sizeof(struct iwl_mvm_internal_rxq_notif) + 5157 size), 5158 .notif.type = type, 5159 .notif.sync = sync, 5160 }; 5161 struct iwl_host_cmd hcmd = { 5162 .id = WIDE_ID(DATA_PATH_GROUP, TRIGGER_RX_QUEUES_NOTIF_CMD), 5163 .data[0] = &cmd, 5164 .len[0] = sizeof(cmd), 5165 .data[1] = data, 5166 .len[1] = size, 5167 .flags = sync ? 0 : CMD_ASYNC, 5168 }; 5169 int ret; 5170 5171 /* size must be a multiple of DWORD */ 5172 if (WARN_ON(cmd.cmd.count & cpu_to_le32(3))) 5173 return; 5174 5175 if (!iwl_mvm_has_new_rx_api(mvm)) 5176 return; 5177 5178 if (sync) { 5179 cmd.notif.cookie = mvm->queue_sync_cookie; 5180 mvm->queue_sync_state = (1 << mvm->trans->num_rx_queues) - 1; 5181 } 5182 5183 ret = iwl_mvm_send_cmd(mvm, &hcmd); 5184 if (ret) { 5185 IWL_ERR(mvm, "Failed to trigger RX queues sync (%d)\n", ret); 5186 goto out; 5187 } 5188 5189 if (sync) { 5190 lockdep_assert_held(&mvm->mutex); 5191 ret = wait_event_timeout(mvm->rx_sync_waitq, 5192 READ_ONCE(mvm->queue_sync_state) == 0 || 5193 iwl_mvm_is_radio_killed(mvm), 5194 HZ); 5195 WARN_ONCE(!ret && !iwl_mvm_is_radio_killed(mvm), 5196 "queue sync: failed to sync, state is 0x%lx\n", 5197 mvm->queue_sync_state); 5198 } 5199 5200 out: 5201 if (sync) { 5202 mvm->queue_sync_state = 0; 5203 mvm->queue_sync_cookie++; 5204 } 5205 } 5206 5207 static void iwl_mvm_sync_rx_queues(struct ieee80211_hw *hw) 5208 { 5209 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5210 5211 mutex_lock(&mvm->mutex); 5212 iwl_mvm_sync_rx_queues_internal(mvm, IWL_MVM_RXQ_EMPTY, true, NULL, 0); 5213 mutex_unlock(&mvm->mutex); 5214 } 5215 5216 static int 5217 iwl_mvm_mac_get_ftm_responder_stats(struct ieee80211_hw *hw, 5218 struct ieee80211_vif *vif, 5219 struct cfg80211_ftm_responder_stats *stats) 5220 { 5221 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5222 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 5223 5224 if (vif->p2p || vif->type != NL80211_IFTYPE_AP || 5225 !mvmvif->ap_ibss_active || !vif->bss_conf.ftm_responder) 5226 return -EINVAL; 5227 5228 mutex_lock(&mvm->mutex); 5229 *stats = mvm->ftm_resp_stats; 5230 mutex_unlock(&mvm->mutex); 5231 5232 stats->filled = BIT(NL80211_FTM_STATS_SUCCESS_NUM) | 5233 BIT(NL80211_FTM_STATS_PARTIAL_NUM) | 5234 BIT(NL80211_FTM_STATS_FAILED_NUM) | 5235 BIT(NL80211_FTM_STATS_ASAP_NUM) | 5236 BIT(NL80211_FTM_STATS_NON_ASAP_NUM) | 5237 BIT(NL80211_FTM_STATS_TOTAL_DURATION_MSEC) | 5238 BIT(NL80211_FTM_STATS_UNKNOWN_TRIGGERS_NUM) | 5239 BIT(NL80211_FTM_STATS_RESCHEDULE_REQUESTS_NUM) | 5240 BIT(NL80211_FTM_STATS_OUT_OF_WINDOW_TRIGGERS_NUM); 5241 5242 return 0; 5243 } 5244 5245 static int iwl_mvm_start_pmsr(struct ieee80211_hw *hw, 5246 struct ieee80211_vif *vif, 5247 struct cfg80211_pmsr_request *request) 5248 { 5249 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5250 int ret; 5251 5252 mutex_lock(&mvm->mutex); 5253 ret = iwl_mvm_ftm_start(mvm, vif, request); 5254 mutex_unlock(&mvm->mutex); 5255 5256 return ret; 5257 } 5258 5259 static void iwl_mvm_abort_pmsr(struct ieee80211_hw *hw, 5260 struct ieee80211_vif *vif, 5261 struct cfg80211_pmsr_request *request) 5262 { 5263 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5264 5265 mutex_lock(&mvm->mutex); 5266 iwl_mvm_ftm_abort(mvm, request); 5267 mutex_unlock(&mvm->mutex); 5268 } 5269 5270 static bool iwl_mvm_can_hw_csum(struct sk_buff *skb) 5271 { 5272 u8 protocol = ip_hdr(skb)->protocol; 5273 5274 if (!IS_ENABLED(CONFIG_INET)) 5275 return false; 5276 5277 return protocol == IPPROTO_TCP || protocol == IPPROTO_UDP; 5278 } 5279 5280 static bool iwl_mvm_mac_can_aggregate(struct ieee80211_hw *hw, 5281 struct sk_buff *head, 5282 struct sk_buff *skb) 5283 { 5284 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5285 5286 if (mvm->trans->trans_cfg->device_family >= IWL_DEVICE_FAMILY_BZ) 5287 return iwl_mvm_tx_csum_bz(mvm, head, true) == 5288 iwl_mvm_tx_csum_bz(mvm, skb, true); 5289 5290 /* For now don't aggregate IPv6 in AMSDU */ 5291 if (skb->protocol != htons(ETH_P_IP)) 5292 return false; 5293 5294 if (!iwl_mvm_is_csum_supported(mvm)) 5295 return true; 5296 5297 return iwl_mvm_can_hw_csum(skb) == iwl_mvm_can_hw_csum(head); 5298 } 5299 5300 const struct ieee80211_ops iwl_mvm_hw_ops = { 5301 .tx = iwl_mvm_mac_tx, 5302 .wake_tx_queue = iwl_mvm_mac_wake_tx_queue, 5303 .ampdu_action = iwl_mvm_mac_ampdu_action, 5304 .get_antenna = iwl_mvm_op_get_antenna, 5305 .start = iwl_mvm_mac_start, 5306 .reconfig_complete = iwl_mvm_mac_reconfig_complete, 5307 .stop = iwl_mvm_mac_stop, 5308 .add_interface = iwl_mvm_mac_add_interface, 5309 .remove_interface = iwl_mvm_mac_remove_interface, 5310 .config = iwl_mvm_mac_config, 5311 .prepare_multicast = iwl_mvm_prepare_multicast, 5312 .configure_filter = iwl_mvm_configure_filter, 5313 .config_iface_filter = iwl_mvm_config_iface_filter, 5314 .bss_info_changed = iwl_mvm_bss_info_changed, 5315 .hw_scan = iwl_mvm_mac_hw_scan, 5316 .cancel_hw_scan = iwl_mvm_mac_cancel_hw_scan, 5317 .sta_pre_rcu_remove = iwl_mvm_sta_pre_rcu_remove, 5318 .sta_state = iwl_mvm_mac_sta_state, 5319 .sta_notify = iwl_mvm_mac_sta_notify, 5320 .allow_buffered_frames = iwl_mvm_mac_allow_buffered_frames, 5321 .release_buffered_frames = iwl_mvm_mac_release_buffered_frames, 5322 .set_rts_threshold = iwl_mvm_mac_set_rts_threshold, 5323 .sta_rc_update = iwl_mvm_sta_rc_update, 5324 .conf_tx = iwl_mvm_mac_conf_tx, 5325 .mgd_prepare_tx = iwl_mvm_mac_mgd_prepare_tx, 5326 .mgd_complete_tx = iwl_mvm_mac_mgd_complete_tx, 5327 .mgd_protect_tdls_discover = iwl_mvm_mac_mgd_protect_tdls_discover, 5328 .flush = iwl_mvm_mac_flush, 5329 .sched_scan_start = iwl_mvm_mac_sched_scan_start, 5330 .sched_scan_stop = iwl_mvm_mac_sched_scan_stop, 5331 .set_key = iwl_mvm_mac_set_key, 5332 .update_tkip_key = iwl_mvm_mac_update_tkip_key, 5333 .remain_on_channel = iwl_mvm_roc, 5334 .cancel_remain_on_channel = iwl_mvm_cancel_roc, 5335 .add_chanctx = iwl_mvm_add_chanctx, 5336 .remove_chanctx = iwl_mvm_remove_chanctx, 5337 .change_chanctx = iwl_mvm_change_chanctx, 5338 .assign_vif_chanctx = iwl_mvm_assign_vif_chanctx, 5339 .unassign_vif_chanctx = iwl_mvm_unassign_vif_chanctx, 5340 .switch_vif_chanctx = iwl_mvm_switch_vif_chanctx, 5341 5342 .start_ap = iwl_mvm_start_ap_ibss, 5343 .stop_ap = iwl_mvm_stop_ap_ibss, 5344 .join_ibss = iwl_mvm_start_ap_ibss, 5345 .leave_ibss = iwl_mvm_stop_ap_ibss, 5346 5347 .tx_last_beacon = iwl_mvm_tx_last_beacon, 5348 5349 .set_tim = iwl_mvm_set_tim, 5350 5351 .channel_switch = iwl_mvm_channel_switch, 5352 .pre_channel_switch = iwl_mvm_pre_channel_switch, 5353 .post_channel_switch = iwl_mvm_post_channel_switch, 5354 .abort_channel_switch = iwl_mvm_abort_channel_switch, 5355 .channel_switch_rx_beacon = iwl_mvm_channel_switch_rx_beacon, 5356 5357 .tdls_channel_switch = iwl_mvm_tdls_channel_switch, 5358 .tdls_cancel_channel_switch = iwl_mvm_tdls_cancel_channel_switch, 5359 .tdls_recv_channel_switch = iwl_mvm_tdls_recv_channel_switch, 5360 5361 .event_callback = iwl_mvm_mac_event_callback, 5362 5363 .sync_rx_queues = iwl_mvm_sync_rx_queues, 5364 5365 CFG80211_TESTMODE_CMD(iwl_mvm_mac_testmode_cmd) 5366 5367 #ifdef CONFIG_PM_SLEEP 5368 /* look at d3.c */ 5369 .suspend = iwl_mvm_suspend, 5370 .resume = iwl_mvm_resume, 5371 .set_wakeup = iwl_mvm_set_wakeup, 5372 .set_rekey_data = iwl_mvm_set_rekey_data, 5373 #if IS_ENABLED(CONFIG_IPV6) 5374 .ipv6_addr_change = iwl_mvm_ipv6_addr_change, 5375 #endif 5376 .set_default_unicast_key = iwl_mvm_set_default_unicast_key, 5377 #endif 5378 .get_survey = iwl_mvm_mac_get_survey, 5379 .sta_statistics = iwl_mvm_mac_sta_statistics, 5380 .get_ftm_responder_stats = iwl_mvm_mac_get_ftm_responder_stats, 5381 .start_pmsr = iwl_mvm_start_pmsr, 5382 .abort_pmsr = iwl_mvm_abort_pmsr, 5383 5384 .can_aggregate_in_amsdu = iwl_mvm_mac_can_aggregate, 5385 #ifdef CONFIG_IWLWIFI_DEBUGFS 5386 .sta_add_debugfs = iwl_mvm_sta_add_debugfs, 5387 #endif 5388 }; 5389