1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2012-2014, 2018-2021 Intel Corporation 4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH 5 * Copyright (C) 2016-2017 Intel Deutschland GmbH 6 */ 7 #include <linux/kernel.h> 8 #include <linux/slab.h> 9 #include <linux/skbuff.h> 10 #include <linux/netdevice.h> 11 #include <linux/etherdevice.h> 12 #include <linux/ip.h> 13 #include <linux/if_arp.h> 14 #include <linux/time.h> 15 #include <net/mac80211.h> 16 #include <net/ieee80211_radiotap.h> 17 #include <net/tcp.h> 18 19 #include "iwl-drv.h" 20 #include "iwl-op-mode.h" 21 #include "iwl-io.h" 22 #include "mvm.h" 23 #include "sta.h" 24 #include "time-event.h" 25 #include "iwl-eeprom-parse.h" 26 #include "iwl-phy-db.h" 27 #include "testmode.h" 28 #include "fw/error-dump.h" 29 #include "iwl-prph.h" 30 #include "iwl-nvm-parse.h" 31 32 static const struct ieee80211_iface_limit iwl_mvm_limits[] = { 33 { 34 .max = 1, 35 .types = BIT(NL80211_IFTYPE_STATION), 36 }, 37 { 38 .max = 1, 39 .types = BIT(NL80211_IFTYPE_AP) | 40 BIT(NL80211_IFTYPE_P2P_CLIENT) | 41 BIT(NL80211_IFTYPE_P2P_GO), 42 }, 43 { 44 .max = 1, 45 .types = BIT(NL80211_IFTYPE_P2P_DEVICE), 46 }, 47 }; 48 49 static const struct ieee80211_iface_combination iwl_mvm_iface_combinations[] = { 50 { 51 .num_different_channels = 2, 52 .max_interfaces = 3, 53 .limits = iwl_mvm_limits, 54 .n_limits = ARRAY_SIZE(iwl_mvm_limits), 55 }, 56 }; 57 58 static const struct cfg80211_pmsr_capabilities iwl_mvm_pmsr_capa = { 59 .max_peers = IWL_MVM_TOF_MAX_APS, 60 .report_ap_tsf = 1, 61 .randomize_mac_addr = 1, 62 63 .ftm = { 64 .supported = 1, 65 .asap = 1, 66 .non_asap = 1, 67 .request_lci = 1, 68 .request_civicloc = 1, 69 .trigger_based = 1, 70 .non_trigger_based = 1, 71 .max_bursts_exponent = -1, /* all supported */ 72 .max_ftms_per_burst = 0, /* no limits */ 73 .bandwidths = BIT(NL80211_CHAN_WIDTH_20_NOHT) | 74 BIT(NL80211_CHAN_WIDTH_20) | 75 BIT(NL80211_CHAN_WIDTH_40) | 76 BIT(NL80211_CHAN_WIDTH_80) | 77 BIT(NL80211_CHAN_WIDTH_160), 78 .preambles = BIT(NL80211_PREAMBLE_LEGACY) | 79 BIT(NL80211_PREAMBLE_HT) | 80 BIT(NL80211_PREAMBLE_VHT) | 81 BIT(NL80211_PREAMBLE_HE), 82 }, 83 }; 84 85 static int __iwl_mvm_mac_set_key(struct ieee80211_hw *hw, 86 enum set_key_cmd cmd, 87 struct ieee80211_vif *vif, 88 struct ieee80211_sta *sta, 89 struct ieee80211_key_conf *key); 90 91 static void iwl_mvm_reset_phy_ctxts(struct iwl_mvm *mvm) 92 { 93 int i; 94 95 memset(mvm->phy_ctxts, 0, sizeof(mvm->phy_ctxts)); 96 for (i = 0; i < NUM_PHY_CTX; i++) { 97 mvm->phy_ctxts[i].id = i; 98 mvm->phy_ctxts[i].ref = 0; 99 } 100 } 101 102 struct ieee80211_regdomain *iwl_mvm_get_regdomain(struct wiphy *wiphy, 103 const char *alpha2, 104 enum iwl_mcc_source src_id, 105 bool *changed) 106 { 107 struct ieee80211_regdomain *regd = NULL; 108 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy); 109 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 110 struct iwl_mcc_update_resp *resp; 111 u8 resp_ver; 112 113 IWL_DEBUG_LAR(mvm, "Getting regdomain data for %s from FW\n", alpha2); 114 115 lockdep_assert_held(&mvm->mutex); 116 117 resp = iwl_mvm_update_mcc(mvm, alpha2, src_id); 118 if (IS_ERR_OR_NULL(resp)) { 119 IWL_DEBUG_LAR(mvm, "Could not get update from FW %d\n", 120 PTR_ERR_OR_ZERO(resp)); 121 resp = NULL; 122 goto out; 123 } 124 125 if (changed) { 126 u32 status = le32_to_cpu(resp->status); 127 128 *changed = (status == MCC_RESP_NEW_CHAN_PROFILE || 129 status == MCC_RESP_ILLEGAL); 130 } 131 resp_ver = iwl_fw_lookup_notif_ver(mvm->fw, IWL_ALWAYS_LONG_GROUP, 132 MCC_UPDATE_CMD, 0); 133 IWL_DEBUG_LAR(mvm, "MCC update response version: %d\n", resp_ver); 134 135 regd = iwl_parse_nvm_mcc_info(mvm->trans->dev, mvm->cfg, 136 __le32_to_cpu(resp->n_channels), 137 resp->channels, 138 __le16_to_cpu(resp->mcc), 139 __le16_to_cpu(resp->geo_info), 140 __le16_to_cpu(resp->cap), resp_ver); 141 /* Store the return source id */ 142 src_id = resp->source_id; 143 if (IS_ERR_OR_NULL(regd)) { 144 IWL_DEBUG_LAR(mvm, "Could not get parse update from FW %d\n", 145 PTR_ERR_OR_ZERO(regd)); 146 goto out; 147 } 148 149 IWL_DEBUG_LAR(mvm, "setting alpha2 from FW to %s (0x%x, 0x%x) src=%d\n", 150 regd->alpha2, regd->alpha2[0], regd->alpha2[1], src_id); 151 mvm->lar_regdom_set = true; 152 mvm->mcc_src = src_id; 153 154 iwl_mei_set_country_code(__le16_to_cpu(resp->mcc)); 155 156 out: 157 kfree(resp); 158 return regd; 159 } 160 161 void iwl_mvm_update_changed_regdom(struct iwl_mvm *mvm) 162 { 163 bool changed; 164 struct ieee80211_regdomain *regd; 165 166 if (!iwl_mvm_is_lar_supported(mvm)) 167 return; 168 169 regd = iwl_mvm_get_current_regdomain(mvm, &changed); 170 if (!IS_ERR_OR_NULL(regd)) { 171 /* only update the regulatory core if changed */ 172 if (changed) 173 regulatory_set_wiphy_regd(mvm->hw->wiphy, regd); 174 175 kfree(regd); 176 } 177 } 178 179 struct ieee80211_regdomain *iwl_mvm_get_current_regdomain(struct iwl_mvm *mvm, 180 bool *changed) 181 { 182 return iwl_mvm_get_regdomain(mvm->hw->wiphy, "ZZ", 183 iwl_mvm_is_wifi_mcc_supported(mvm) ? 184 MCC_SOURCE_GET_CURRENT : 185 MCC_SOURCE_OLD_FW, changed); 186 } 187 188 int iwl_mvm_init_fw_regd(struct iwl_mvm *mvm) 189 { 190 enum iwl_mcc_source used_src; 191 struct ieee80211_regdomain *regd; 192 int ret; 193 bool changed; 194 const struct ieee80211_regdomain *r = 195 wiphy_dereference(mvm->hw->wiphy, mvm->hw->wiphy->regd); 196 197 if (!r) 198 return -ENOENT; 199 200 /* save the last source in case we overwrite it below */ 201 used_src = mvm->mcc_src; 202 if (iwl_mvm_is_wifi_mcc_supported(mvm)) { 203 /* Notify the firmware we support wifi location updates */ 204 regd = iwl_mvm_get_current_regdomain(mvm, NULL); 205 if (!IS_ERR_OR_NULL(regd)) 206 kfree(regd); 207 } 208 209 /* Now set our last stored MCC and source */ 210 regd = iwl_mvm_get_regdomain(mvm->hw->wiphy, r->alpha2, used_src, 211 &changed); 212 if (IS_ERR_OR_NULL(regd)) 213 return -EIO; 214 215 /* update cfg80211 if the regdomain was changed */ 216 if (changed) 217 ret = regulatory_set_wiphy_regd_sync(mvm->hw->wiphy, regd); 218 else 219 ret = 0; 220 221 kfree(regd); 222 return ret; 223 } 224 225 static const u8 he_if_types_ext_capa_sta[] = { 226 [0] = WLAN_EXT_CAPA1_EXT_CHANNEL_SWITCHING, 227 [2] = WLAN_EXT_CAPA3_MULTI_BSSID_SUPPORT, 228 [7] = WLAN_EXT_CAPA8_OPMODE_NOTIF, 229 }; 230 231 static const struct wiphy_iftype_ext_capab he_iftypes_ext_capa[] = { 232 { 233 .iftype = NL80211_IFTYPE_STATION, 234 .extended_capabilities = he_if_types_ext_capa_sta, 235 .extended_capabilities_mask = he_if_types_ext_capa_sta, 236 .extended_capabilities_len = sizeof(he_if_types_ext_capa_sta), 237 }, 238 }; 239 240 static int 241 iwl_mvm_op_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant) 242 { 243 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 244 *tx_ant = iwl_mvm_get_valid_tx_ant(mvm); 245 *rx_ant = iwl_mvm_get_valid_rx_ant(mvm); 246 return 0; 247 } 248 249 int iwl_mvm_mac_setup_register(struct iwl_mvm *mvm) 250 { 251 struct ieee80211_hw *hw = mvm->hw; 252 int num_mac, ret, i; 253 static const u32 mvm_ciphers[] = { 254 WLAN_CIPHER_SUITE_WEP40, 255 WLAN_CIPHER_SUITE_WEP104, 256 WLAN_CIPHER_SUITE_TKIP, 257 WLAN_CIPHER_SUITE_CCMP, 258 }; 259 #ifdef CONFIG_PM_SLEEP 260 bool unified = fw_has_capa(&mvm->fw->ucode_capa, 261 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG); 262 #endif 263 264 /* Tell mac80211 our characteristics */ 265 ieee80211_hw_set(hw, SIGNAL_DBM); 266 ieee80211_hw_set(hw, SPECTRUM_MGMT); 267 ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS); 268 ieee80211_hw_set(hw, WANT_MONITOR_VIF); 269 ieee80211_hw_set(hw, SUPPORTS_PS); 270 ieee80211_hw_set(hw, SUPPORTS_DYNAMIC_PS); 271 ieee80211_hw_set(hw, AMPDU_AGGREGATION); 272 ieee80211_hw_set(hw, TIMING_BEACON_ONLY); 273 ieee80211_hw_set(hw, CONNECTION_MONITOR); 274 ieee80211_hw_set(hw, CHANCTX_STA_CSA); 275 ieee80211_hw_set(hw, SUPPORT_FAST_XMIT); 276 ieee80211_hw_set(hw, SUPPORTS_CLONED_SKBS); 277 ieee80211_hw_set(hw, SUPPORTS_AMSDU_IN_AMPDU); 278 ieee80211_hw_set(hw, NEEDS_UNIQUE_STA_ADDR); 279 ieee80211_hw_set(hw, DEAUTH_NEED_MGD_TX_PREP); 280 ieee80211_hw_set(hw, SUPPORTS_VHT_EXT_NSS_BW); 281 ieee80211_hw_set(hw, BUFF_MMPDU_TXQ); 282 ieee80211_hw_set(hw, STA_MMPDU_TXQ); 283 /* 284 * On older devices, enabling TX A-MSDU occasionally leads to 285 * something getting messed up, the command read from the FIFO 286 * gets out of sync and isn't a TX command, so that we have an 287 * assert EDC. 288 * 289 * It's not clear where the bug is, but since we didn't used to 290 * support A-MSDU until moving the mac80211 iTXQs, just leave it 291 * for older devices. We also don't see this issue on any newer 292 * devices. 293 */ 294 if (mvm->trans->trans_cfg->device_family >= IWL_DEVICE_FAMILY_9000) 295 ieee80211_hw_set(hw, TX_AMSDU); 296 ieee80211_hw_set(hw, TX_FRAG_LIST); 297 298 if (iwl_mvm_has_tlc_offload(mvm)) { 299 ieee80211_hw_set(hw, TX_AMPDU_SETUP_IN_HW); 300 ieee80211_hw_set(hw, HAS_RATE_CONTROL); 301 } 302 303 if (iwl_mvm_has_new_rx_api(mvm)) 304 ieee80211_hw_set(hw, SUPPORTS_REORDERING_BUFFER); 305 306 if (fw_has_capa(&mvm->fw->ucode_capa, 307 IWL_UCODE_TLV_CAPA_STA_PM_NOTIF)) { 308 ieee80211_hw_set(hw, AP_LINK_PS); 309 } else if (WARN_ON(iwl_mvm_has_new_tx_api(mvm))) { 310 /* 311 * we absolutely need this for the new TX API since that comes 312 * with many more queues than the current code can deal with 313 * for station powersave 314 */ 315 return -EINVAL; 316 } 317 318 if (mvm->trans->num_rx_queues > 1) 319 ieee80211_hw_set(hw, USES_RSS); 320 321 if (mvm->trans->max_skb_frags) 322 hw->netdev_features = NETIF_F_HIGHDMA | NETIF_F_SG; 323 324 hw->queues = IEEE80211_NUM_ACS; 325 hw->offchannel_tx_hw_queue = IWL_MVM_OFFCHANNEL_QUEUE; 326 hw->radiotap_mcs_details |= IEEE80211_RADIOTAP_MCS_HAVE_FEC | 327 IEEE80211_RADIOTAP_MCS_HAVE_STBC; 328 hw->radiotap_vht_details |= IEEE80211_RADIOTAP_VHT_KNOWN_STBC | 329 IEEE80211_RADIOTAP_VHT_KNOWN_BEAMFORMED; 330 331 hw->radiotap_timestamp.units_pos = 332 IEEE80211_RADIOTAP_TIMESTAMP_UNIT_US | 333 IEEE80211_RADIOTAP_TIMESTAMP_SPOS_PLCP_SIG_ACQ; 334 /* this is the case for CCK frames, it's better (only 8) for OFDM */ 335 hw->radiotap_timestamp.accuracy = 22; 336 337 if (!iwl_mvm_has_tlc_offload(mvm)) 338 hw->rate_control_algorithm = RS_NAME; 339 340 hw->uapsd_queues = IWL_MVM_UAPSD_QUEUES; 341 hw->uapsd_max_sp_len = IWL_UAPSD_MAX_SP; 342 hw->max_tx_fragments = mvm->trans->max_skb_frags; 343 344 BUILD_BUG_ON(ARRAY_SIZE(mvm->ciphers) < ARRAY_SIZE(mvm_ciphers) + 6); 345 memcpy(mvm->ciphers, mvm_ciphers, sizeof(mvm_ciphers)); 346 hw->wiphy->n_cipher_suites = ARRAY_SIZE(mvm_ciphers); 347 hw->wiphy->cipher_suites = mvm->ciphers; 348 349 if (iwl_mvm_has_new_rx_api(mvm)) { 350 mvm->ciphers[hw->wiphy->n_cipher_suites] = 351 WLAN_CIPHER_SUITE_GCMP; 352 hw->wiphy->n_cipher_suites++; 353 mvm->ciphers[hw->wiphy->n_cipher_suites] = 354 WLAN_CIPHER_SUITE_GCMP_256; 355 hw->wiphy->n_cipher_suites++; 356 } 357 358 if (iwlwifi_mod_params.swcrypto) 359 IWL_ERR(mvm, 360 "iwlmvm doesn't allow to disable HW crypto, check swcrypto module parameter\n"); 361 if (!iwlwifi_mod_params.bt_coex_active) 362 IWL_ERR(mvm, 363 "iwlmvm doesn't allow to disable BT Coex, check bt_coex_active module parameter\n"); 364 365 ieee80211_hw_set(hw, MFP_CAPABLE); 366 mvm->ciphers[hw->wiphy->n_cipher_suites] = WLAN_CIPHER_SUITE_AES_CMAC; 367 hw->wiphy->n_cipher_suites++; 368 if (iwl_mvm_has_new_rx_api(mvm)) { 369 mvm->ciphers[hw->wiphy->n_cipher_suites] = 370 WLAN_CIPHER_SUITE_BIP_GMAC_128; 371 hw->wiphy->n_cipher_suites++; 372 mvm->ciphers[hw->wiphy->n_cipher_suites] = 373 WLAN_CIPHER_SUITE_BIP_GMAC_256; 374 hw->wiphy->n_cipher_suites++; 375 } 376 377 /* currently FW API supports only one optional cipher scheme */ 378 if (mvm->fw->cs[0].cipher) { 379 const struct iwl_fw_cipher_scheme *fwcs = &mvm->fw->cs[0]; 380 struct ieee80211_cipher_scheme *cs = &mvm->cs[0]; 381 382 mvm->hw->n_cipher_schemes = 1; 383 384 cs->cipher = le32_to_cpu(fwcs->cipher); 385 cs->iftype = BIT(NL80211_IFTYPE_STATION); 386 cs->hdr_len = fwcs->hdr_len; 387 cs->pn_len = fwcs->pn_len; 388 cs->pn_off = fwcs->pn_off; 389 cs->key_idx_off = fwcs->key_idx_off; 390 cs->key_idx_mask = fwcs->key_idx_mask; 391 cs->key_idx_shift = fwcs->key_idx_shift; 392 cs->mic_len = fwcs->mic_len; 393 394 mvm->hw->cipher_schemes = mvm->cs; 395 mvm->ciphers[hw->wiphy->n_cipher_suites] = cs->cipher; 396 hw->wiphy->n_cipher_suites++; 397 } 398 399 if (fw_has_capa(&mvm->fw->ucode_capa, 400 IWL_UCODE_TLV_CAPA_FTM_CALIBRATED)) { 401 wiphy_ext_feature_set(hw->wiphy, 402 NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER); 403 hw->wiphy->pmsr_capa = &iwl_mvm_pmsr_capa; 404 } 405 406 if (fw_has_capa(&mvm->fw->ucode_capa, 407 IWL_UCODE_TLV_CAPA_BIGTK_SUPPORT)) 408 wiphy_ext_feature_set(hw->wiphy, 409 NL80211_EXT_FEATURE_BEACON_PROTECTION_CLIENT); 410 411 ieee80211_hw_set(hw, SINGLE_SCAN_ON_ALL_BANDS); 412 hw->wiphy->features |= 413 NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR | 414 NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR | 415 NL80211_FEATURE_ND_RANDOM_MAC_ADDR; 416 417 hw->sta_data_size = sizeof(struct iwl_mvm_sta); 418 hw->vif_data_size = sizeof(struct iwl_mvm_vif); 419 hw->chanctx_data_size = sizeof(u16); 420 hw->txq_data_size = sizeof(struct iwl_mvm_txq); 421 422 hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) | 423 BIT(NL80211_IFTYPE_P2P_CLIENT) | 424 BIT(NL80211_IFTYPE_AP) | 425 BIT(NL80211_IFTYPE_P2P_GO) | 426 BIT(NL80211_IFTYPE_P2P_DEVICE) | 427 BIT(NL80211_IFTYPE_ADHOC); 428 429 hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN; 430 wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS); 431 432 /* The new Tx API does not allow to pass the key or keyid of a MPDU to 433 * the hw, preventing us to control which key(id) to use per MPDU. 434 * Till that's fixed we can't use Extended Key ID for the newer cards. 435 */ 436 if (!iwl_mvm_has_new_tx_api(mvm)) 437 wiphy_ext_feature_set(hw->wiphy, 438 NL80211_EXT_FEATURE_EXT_KEY_ID); 439 hw->wiphy->features |= NL80211_FEATURE_HT_IBSS; 440 441 hw->wiphy->regulatory_flags |= REGULATORY_ENABLE_RELAX_NO_IR; 442 if (iwl_mvm_is_lar_supported(mvm)) 443 hw->wiphy->regulatory_flags |= REGULATORY_WIPHY_SELF_MANAGED; 444 else 445 hw->wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG | 446 REGULATORY_DISABLE_BEACON_HINTS; 447 448 hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD; 449 hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH; 450 hw->wiphy->flags |= WIPHY_FLAG_SPLIT_SCAN_6GHZ; 451 452 hw->wiphy->iface_combinations = iwl_mvm_iface_combinations; 453 hw->wiphy->n_iface_combinations = 454 ARRAY_SIZE(iwl_mvm_iface_combinations); 455 456 hw->wiphy->max_remain_on_channel_duration = 10000; 457 hw->max_listen_interval = IWL_CONN_MAX_LISTEN_INTERVAL; 458 459 /* Extract MAC address */ 460 memcpy(mvm->addresses[0].addr, mvm->nvm_data->hw_addr, ETH_ALEN); 461 hw->wiphy->addresses = mvm->addresses; 462 hw->wiphy->n_addresses = 1; 463 464 /* Extract additional MAC addresses if available */ 465 num_mac = (mvm->nvm_data->n_hw_addrs > 1) ? 466 min(IWL_MVM_MAX_ADDRESSES, mvm->nvm_data->n_hw_addrs) : 1; 467 468 for (i = 1; i < num_mac; i++) { 469 memcpy(mvm->addresses[i].addr, mvm->addresses[i-1].addr, 470 ETH_ALEN); 471 mvm->addresses[i].addr[5]++; 472 hw->wiphy->n_addresses++; 473 } 474 475 iwl_mvm_reset_phy_ctxts(mvm); 476 477 hw->wiphy->max_scan_ie_len = iwl_mvm_max_scan_ie_len(mvm); 478 479 hw->wiphy->max_scan_ssids = PROBE_OPTION_MAX; 480 481 BUILD_BUG_ON(IWL_MVM_SCAN_STOPPING_MASK & IWL_MVM_SCAN_MASK); 482 BUILD_BUG_ON(IWL_MVM_MAX_UMAC_SCANS > HWEIGHT32(IWL_MVM_SCAN_MASK) || 483 IWL_MVM_MAX_LMAC_SCANS > HWEIGHT32(IWL_MVM_SCAN_MASK)); 484 485 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) 486 mvm->max_scans = IWL_MVM_MAX_UMAC_SCANS; 487 else 488 mvm->max_scans = IWL_MVM_MAX_LMAC_SCANS; 489 490 if (mvm->nvm_data->bands[NL80211_BAND_2GHZ].n_channels) 491 hw->wiphy->bands[NL80211_BAND_2GHZ] = 492 &mvm->nvm_data->bands[NL80211_BAND_2GHZ]; 493 if (mvm->nvm_data->bands[NL80211_BAND_5GHZ].n_channels) { 494 hw->wiphy->bands[NL80211_BAND_5GHZ] = 495 &mvm->nvm_data->bands[NL80211_BAND_5GHZ]; 496 497 if (fw_has_capa(&mvm->fw->ucode_capa, 498 IWL_UCODE_TLV_CAPA_BEAMFORMER) && 499 fw_has_api(&mvm->fw->ucode_capa, 500 IWL_UCODE_TLV_API_LQ_SS_PARAMS)) 501 hw->wiphy->bands[NL80211_BAND_5GHZ]->vht_cap.cap |= 502 IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE; 503 } 504 if (fw_has_capa(&mvm->fw->ucode_capa, 505 IWL_UCODE_TLV_CAPA_PSC_CHAN_SUPPORT) && 506 mvm->nvm_data->bands[NL80211_BAND_6GHZ].n_channels) 507 hw->wiphy->bands[NL80211_BAND_6GHZ] = 508 &mvm->nvm_data->bands[NL80211_BAND_6GHZ]; 509 510 hw->wiphy->hw_version = mvm->trans->hw_id; 511 512 if (iwlmvm_mod_params.power_scheme != IWL_POWER_SCHEME_CAM) 513 hw->wiphy->flags |= WIPHY_FLAG_PS_ON_BY_DEFAULT; 514 else 515 hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT; 516 517 hw->wiphy->max_sched_scan_reqs = 1; 518 hw->wiphy->max_sched_scan_ssids = PROBE_OPTION_MAX; 519 hw->wiphy->max_match_sets = iwl_umac_scan_get_max_profiles(mvm->fw); 520 /* we create the 802.11 header and zero length SSID IE. */ 521 hw->wiphy->max_sched_scan_ie_len = 522 SCAN_OFFLOAD_PROBE_REQ_SIZE - 24 - 2; 523 hw->wiphy->max_sched_scan_plans = IWL_MAX_SCHED_SCAN_PLANS; 524 hw->wiphy->max_sched_scan_plan_interval = U16_MAX; 525 526 /* 527 * the firmware uses u8 for num of iterations, but 0xff is saved for 528 * infinite loop, so the maximum number of iterations is actually 254. 529 */ 530 hw->wiphy->max_sched_scan_plan_iterations = 254; 531 532 hw->wiphy->features |= NL80211_FEATURE_P2P_GO_CTWIN | 533 NL80211_FEATURE_LOW_PRIORITY_SCAN | 534 NL80211_FEATURE_P2P_GO_OPPPS | 535 NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE | 536 NL80211_FEATURE_DYNAMIC_SMPS | 537 NL80211_FEATURE_STATIC_SMPS | 538 NL80211_FEATURE_SUPPORTS_WMM_ADMISSION; 539 540 if (fw_has_capa(&mvm->fw->ucode_capa, 541 IWL_UCODE_TLV_CAPA_TXPOWER_INSERTION_SUPPORT)) 542 hw->wiphy->features |= NL80211_FEATURE_TX_POWER_INSERTION; 543 if (fw_has_capa(&mvm->fw->ucode_capa, 544 IWL_UCODE_TLV_CAPA_QUIET_PERIOD_SUPPORT)) 545 hw->wiphy->features |= NL80211_FEATURE_QUIET; 546 547 if (fw_has_capa(&mvm->fw->ucode_capa, 548 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT)) 549 hw->wiphy->features |= 550 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES; 551 552 if (fw_has_capa(&mvm->fw->ucode_capa, 553 IWL_UCODE_TLV_CAPA_WFA_TPC_REP_IE_SUPPORT)) 554 hw->wiphy->features |= NL80211_FEATURE_WFA_TPC_IE_IN_PROBES; 555 556 if (iwl_fw_lookup_cmd_ver(mvm->fw, IWL_ALWAYS_LONG_GROUP, 557 WOWLAN_KEK_KCK_MATERIAL, 558 IWL_FW_CMD_VER_UNKNOWN) == 3) 559 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK; 560 561 if (fw_has_api(&mvm->fw->ucode_capa, 562 IWL_UCODE_TLV_API_SCAN_TSF_REPORT)) { 563 wiphy_ext_feature_set(hw->wiphy, 564 NL80211_EXT_FEATURE_SCAN_START_TIME); 565 wiphy_ext_feature_set(hw->wiphy, 566 NL80211_EXT_FEATURE_BSS_PARENT_TSF); 567 } 568 569 if (iwl_mvm_is_oce_supported(mvm)) { 570 u8 scan_ver = iwl_fw_lookup_cmd_ver(mvm->fw, 571 IWL_ALWAYS_LONG_GROUP, 572 SCAN_REQ_UMAC, 0); 573 574 wiphy_ext_feature_set(hw->wiphy, 575 NL80211_EXT_FEATURE_ACCEPT_BCAST_PROBE_RESP); 576 wiphy_ext_feature_set(hw->wiphy, 577 NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME); 578 wiphy_ext_feature_set(hw->wiphy, 579 NL80211_EXT_FEATURE_OCE_PROBE_REQ_HIGH_TX_RATE); 580 581 /* Old firmware also supports probe deferral and suppression */ 582 if (scan_ver < 15) 583 wiphy_ext_feature_set(hw->wiphy, 584 NL80211_EXT_FEATURE_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION); 585 } 586 587 if (mvm->nvm_data->sku_cap_11ax_enable && 588 !iwlwifi_mod_params.disable_11ax) { 589 hw->wiphy->iftype_ext_capab = he_iftypes_ext_capa; 590 hw->wiphy->num_iftype_ext_capab = 591 ARRAY_SIZE(he_iftypes_ext_capa); 592 593 ieee80211_hw_set(hw, SUPPORTS_MULTI_BSSID); 594 ieee80211_hw_set(hw, SUPPORTS_ONLY_HE_MULTI_BSSID); 595 } 596 597 mvm->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD; 598 599 #ifdef CONFIG_PM_SLEEP 600 if ((unified || mvm->fw->img[IWL_UCODE_WOWLAN].num_sec) && 601 mvm->trans->ops->d3_suspend && 602 mvm->trans->ops->d3_resume && 603 device_can_wakeup(mvm->trans->dev)) { 604 mvm->wowlan.flags |= WIPHY_WOWLAN_MAGIC_PKT | 605 WIPHY_WOWLAN_DISCONNECT | 606 WIPHY_WOWLAN_EAP_IDENTITY_REQ | 607 WIPHY_WOWLAN_RFKILL_RELEASE | 608 WIPHY_WOWLAN_NET_DETECT; 609 mvm->wowlan.flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY | 610 WIPHY_WOWLAN_GTK_REKEY_FAILURE | 611 WIPHY_WOWLAN_4WAY_HANDSHAKE; 612 613 mvm->wowlan.n_patterns = IWL_WOWLAN_MAX_PATTERNS; 614 mvm->wowlan.pattern_min_len = IWL_WOWLAN_MIN_PATTERN_LEN; 615 mvm->wowlan.pattern_max_len = IWL_WOWLAN_MAX_PATTERN_LEN; 616 mvm->wowlan.max_nd_match_sets = 617 iwl_umac_scan_get_max_profiles(mvm->fw); 618 hw->wiphy->wowlan = &mvm->wowlan; 619 } 620 #endif 621 622 ret = iwl_mvm_leds_init(mvm); 623 if (ret) 624 return ret; 625 626 if (fw_has_capa(&mvm->fw->ucode_capa, 627 IWL_UCODE_TLV_CAPA_TDLS_SUPPORT)) { 628 IWL_DEBUG_TDLS(mvm, "TDLS supported\n"); 629 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS; 630 ieee80211_hw_set(hw, TDLS_WIDER_BW); 631 } 632 633 if (fw_has_capa(&mvm->fw->ucode_capa, 634 IWL_UCODE_TLV_CAPA_TDLS_CHANNEL_SWITCH)) { 635 IWL_DEBUG_TDLS(mvm, "TDLS channel switch supported\n"); 636 hw->wiphy->features |= NL80211_FEATURE_TDLS_CHANNEL_SWITCH; 637 } 638 639 hw->netdev_features |= mvm->cfg->features; 640 if (!iwl_mvm_is_csum_supported(mvm)) 641 hw->netdev_features &= ~IWL_CSUM_NETIF_FLAGS_MASK; 642 643 if (mvm->cfg->vht_mu_mimo_supported) 644 wiphy_ext_feature_set(hw->wiphy, 645 NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER); 646 647 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_PROTECTED_TWT)) 648 wiphy_ext_feature_set(hw->wiphy, 649 NL80211_EXT_FEATURE_PROTECTED_TWT); 650 651 iwl_mvm_vendor_cmds_register(mvm); 652 653 hw->wiphy->available_antennas_tx = iwl_mvm_get_valid_tx_ant(mvm); 654 hw->wiphy->available_antennas_rx = iwl_mvm_get_valid_rx_ant(mvm); 655 656 ret = ieee80211_register_hw(mvm->hw); 657 if (ret) { 658 iwl_mvm_leds_exit(mvm); 659 } 660 661 return ret; 662 } 663 664 static void iwl_mvm_tx_skb(struct iwl_mvm *mvm, struct sk_buff *skb, 665 struct ieee80211_sta *sta) 666 { 667 if (likely(sta)) { 668 if (likely(iwl_mvm_tx_skb_sta(mvm, skb, sta) == 0)) 669 return; 670 } else { 671 if (likely(iwl_mvm_tx_skb_non_sta(mvm, skb) == 0)) 672 return; 673 } 674 675 ieee80211_free_txskb(mvm->hw, skb); 676 } 677 678 static void iwl_mvm_mac_tx(struct ieee80211_hw *hw, 679 struct ieee80211_tx_control *control, 680 struct sk_buff *skb) 681 { 682 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 683 struct ieee80211_sta *sta = control->sta; 684 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 685 struct ieee80211_hdr *hdr = (void *)skb->data; 686 bool offchannel = IEEE80211_SKB_CB(skb)->flags & 687 IEEE80211_TX_CTL_TX_OFFCHAN; 688 689 if (iwl_mvm_is_radio_killed(mvm)) { 690 IWL_DEBUG_DROP(mvm, "Dropping - RF/CT KILL\n"); 691 goto drop; 692 } 693 694 if (offchannel && 695 !test_bit(IWL_MVM_STATUS_ROC_RUNNING, &mvm->status) && 696 !test_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status)) 697 goto drop; 698 699 /* 700 * bufferable MMPDUs or MMPDUs on STA interfaces come via TXQs 701 * so we treat the others as broadcast 702 */ 703 if (ieee80211_is_mgmt(hdr->frame_control)) 704 sta = NULL; 705 706 /* If there is no sta, and it's not offchannel - send through AP */ 707 if (!sta && info->control.vif->type == NL80211_IFTYPE_STATION && 708 !offchannel) { 709 struct iwl_mvm_vif *mvmvif = 710 iwl_mvm_vif_from_mac80211(info->control.vif); 711 u8 ap_sta_id = READ_ONCE(mvmvif->ap_sta_id); 712 713 if (ap_sta_id < mvm->fw->ucode_capa.num_stations) { 714 /* mac80211 holds rcu read lock */ 715 sta = rcu_dereference(mvm->fw_id_to_mac_id[ap_sta_id]); 716 if (IS_ERR_OR_NULL(sta)) 717 goto drop; 718 } 719 } 720 721 iwl_mvm_tx_skb(mvm, skb, sta); 722 return; 723 drop: 724 ieee80211_free_txskb(hw, skb); 725 } 726 727 void iwl_mvm_mac_itxq_xmit(struct ieee80211_hw *hw, struct ieee80211_txq *txq) 728 { 729 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 730 struct iwl_mvm_txq *mvmtxq = iwl_mvm_txq_from_mac80211(txq); 731 struct sk_buff *skb = NULL; 732 733 /* 734 * No need for threads to be pending here, they can leave the first 735 * taker all the work. 736 * 737 * mvmtxq->tx_request logic: 738 * 739 * If 0, no one is currently TXing, set to 1 to indicate current thread 740 * will now start TX and other threads should quit. 741 * 742 * If 1, another thread is currently TXing, set to 2 to indicate to 743 * that thread that there was another request. Since that request may 744 * have raced with the check whether the queue is empty, the TXing 745 * thread should check the queue's status one more time before leaving. 746 * This check is done in order to not leave any TX hanging in the queue 747 * until the next TX invocation (which may not even happen). 748 * 749 * If 2, another thread is currently TXing, and it will already double 750 * check the queue, so do nothing. 751 */ 752 if (atomic_fetch_add_unless(&mvmtxq->tx_request, 1, 2)) 753 return; 754 755 rcu_read_lock(); 756 do { 757 while (likely(!mvmtxq->stopped && 758 !test_bit(IWL_MVM_STATUS_IN_D3, &mvm->status))) { 759 skb = ieee80211_tx_dequeue(hw, txq); 760 761 if (!skb) { 762 if (txq->sta) 763 IWL_DEBUG_TX(mvm, 764 "TXQ of sta %pM tid %d is now empty\n", 765 txq->sta->addr, 766 txq->tid); 767 break; 768 } 769 770 iwl_mvm_tx_skb(mvm, skb, txq->sta); 771 } 772 } while (atomic_dec_return(&mvmtxq->tx_request)); 773 rcu_read_unlock(); 774 } 775 776 static void iwl_mvm_mac_wake_tx_queue(struct ieee80211_hw *hw, 777 struct ieee80211_txq *txq) 778 { 779 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 780 struct iwl_mvm_txq *mvmtxq = iwl_mvm_txq_from_mac80211(txq); 781 782 /* 783 * Please note that racing is handled very carefully here: 784 * mvmtxq->txq_id is updated during allocation, and mvmtxq->list is 785 * deleted afterwards. 786 * This means that if: 787 * mvmtxq->txq_id != INVALID_QUEUE && list_empty(&mvmtxq->list): 788 * queue is allocated and we can TX. 789 * mvmtxq->txq_id != INVALID_QUEUE && !list_empty(&mvmtxq->list): 790 * a race, should defer the frame. 791 * mvmtxq->txq_id == INVALID_QUEUE && list_empty(&mvmtxq->list): 792 * need to allocate the queue and defer the frame. 793 * mvmtxq->txq_id == INVALID_QUEUE && !list_empty(&mvmtxq->list): 794 * queue is already scheduled for allocation, no need to allocate, 795 * should defer the frame. 796 */ 797 798 /* If the queue is allocated TX and return. */ 799 if (!txq->sta || mvmtxq->txq_id != IWL_MVM_INVALID_QUEUE) { 800 /* 801 * Check that list is empty to avoid a race where txq_id is 802 * already updated, but the queue allocation work wasn't 803 * finished 804 */ 805 if (unlikely(txq->sta && !list_empty(&mvmtxq->list))) 806 return; 807 808 iwl_mvm_mac_itxq_xmit(hw, txq); 809 return; 810 } 811 812 /* The list is being deleted only after the queue is fully allocated. */ 813 if (!list_empty(&mvmtxq->list)) 814 return; 815 816 list_add_tail(&mvmtxq->list, &mvm->add_stream_txqs); 817 schedule_work(&mvm->add_stream_wk); 818 } 819 820 #define CHECK_BA_TRIGGER(_mvm, _trig, _tid_bm, _tid, _fmt...) \ 821 do { \ 822 if (!(le16_to_cpu(_tid_bm) & BIT(_tid))) \ 823 break; \ 824 iwl_fw_dbg_collect_trig(&(_mvm)->fwrt, _trig, _fmt); \ 825 } while (0) 826 827 static void 828 iwl_mvm_ampdu_check_trigger(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 829 struct ieee80211_sta *sta, u16 tid, u16 rx_ba_ssn, 830 enum ieee80211_ampdu_mlme_action action) 831 { 832 struct iwl_fw_dbg_trigger_tlv *trig; 833 struct iwl_fw_dbg_trigger_ba *ba_trig; 834 835 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif), 836 FW_DBG_TRIGGER_BA); 837 if (!trig) 838 return; 839 840 ba_trig = (void *)trig->data; 841 842 switch (action) { 843 case IEEE80211_AMPDU_TX_OPERATIONAL: { 844 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 845 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid]; 846 847 CHECK_BA_TRIGGER(mvm, trig, ba_trig->tx_ba_start, tid, 848 "TX AGG START: MAC %pM tid %d ssn %d\n", 849 sta->addr, tid, tid_data->ssn); 850 break; 851 } 852 case IEEE80211_AMPDU_TX_STOP_CONT: 853 CHECK_BA_TRIGGER(mvm, trig, ba_trig->tx_ba_stop, tid, 854 "TX AGG STOP: MAC %pM tid %d\n", 855 sta->addr, tid); 856 break; 857 case IEEE80211_AMPDU_RX_START: 858 CHECK_BA_TRIGGER(mvm, trig, ba_trig->rx_ba_start, tid, 859 "RX AGG START: MAC %pM tid %d ssn %d\n", 860 sta->addr, tid, rx_ba_ssn); 861 break; 862 case IEEE80211_AMPDU_RX_STOP: 863 CHECK_BA_TRIGGER(mvm, trig, ba_trig->rx_ba_stop, tid, 864 "RX AGG STOP: MAC %pM tid %d\n", 865 sta->addr, tid); 866 break; 867 default: 868 break; 869 } 870 } 871 872 static int iwl_mvm_mac_ampdu_action(struct ieee80211_hw *hw, 873 struct ieee80211_vif *vif, 874 struct ieee80211_ampdu_params *params) 875 { 876 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 877 int ret; 878 struct ieee80211_sta *sta = params->sta; 879 enum ieee80211_ampdu_mlme_action action = params->action; 880 u16 tid = params->tid; 881 u16 *ssn = ¶ms->ssn; 882 u16 buf_size = params->buf_size; 883 bool amsdu = params->amsdu; 884 u16 timeout = params->timeout; 885 886 IWL_DEBUG_HT(mvm, "A-MPDU action on addr %pM tid %d: action %d\n", 887 sta->addr, tid, action); 888 889 if (!(mvm->nvm_data->sku_cap_11n_enable)) 890 return -EACCES; 891 892 mutex_lock(&mvm->mutex); 893 894 switch (action) { 895 case IEEE80211_AMPDU_RX_START: 896 if (iwl_mvm_vif_from_mac80211(vif)->ap_sta_id == 897 iwl_mvm_sta_from_mac80211(sta)->sta_id) { 898 struct iwl_mvm_vif *mvmvif; 899 u16 macid = iwl_mvm_vif_from_mac80211(vif)->id; 900 struct iwl_mvm_tcm_mac *mdata = &mvm->tcm.data[macid]; 901 902 mdata->opened_rx_ba_sessions = true; 903 mvmvif = iwl_mvm_vif_from_mac80211(vif); 904 cancel_delayed_work(&mvmvif->uapsd_nonagg_detected_wk); 905 } 906 if (!iwl_enable_rx_ampdu()) { 907 ret = -EINVAL; 908 break; 909 } 910 ret = iwl_mvm_sta_rx_agg(mvm, sta, tid, *ssn, true, buf_size, 911 timeout); 912 break; 913 case IEEE80211_AMPDU_RX_STOP: 914 ret = iwl_mvm_sta_rx_agg(mvm, sta, tid, 0, false, buf_size, 915 timeout); 916 break; 917 case IEEE80211_AMPDU_TX_START: 918 if (!iwl_enable_tx_ampdu()) { 919 ret = -EINVAL; 920 break; 921 } 922 ret = iwl_mvm_sta_tx_agg_start(mvm, vif, sta, tid, ssn); 923 break; 924 case IEEE80211_AMPDU_TX_STOP_CONT: 925 ret = iwl_mvm_sta_tx_agg_stop(mvm, vif, sta, tid); 926 break; 927 case IEEE80211_AMPDU_TX_STOP_FLUSH: 928 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT: 929 ret = iwl_mvm_sta_tx_agg_flush(mvm, vif, sta, tid); 930 break; 931 case IEEE80211_AMPDU_TX_OPERATIONAL: 932 ret = iwl_mvm_sta_tx_agg_oper(mvm, vif, sta, tid, 933 buf_size, amsdu); 934 break; 935 default: 936 WARN_ON_ONCE(1); 937 ret = -EINVAL; 938 break; 939 } 940 941 if (!ret) { 942 u16 rx_ba_ssn = 0; 943 944 if (action == IEEE80211_AMPDU_RX_START) 945 rx_ba_ssn = *ssn; 946 947 iwl_mvm_ampdu_check_trigger(mvm, vif, sta, tid, 948 rx_ba_ssn, action); 949 } 950 mutex_unlock(&mvm->mutex); 951 952 return ret; 953 } 954 955 static void iwl_mvm_cleanup_iterator(void *data, u8 *mac, 956 struct ieee80211_vif *vif) 957 { 958 struct iwl_mvm *mvm = data; 959 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 960 961 mvmvif->uploaded = false; 962 mvmvif->ap_sta_id = IWL_MVM_INVALID_STA; 963 964 spin_lock_bh(&mvm->time_event_lock); 965 iwl_mvm_te_clear_data(mvm, &mvmvif->time_event_data); 966 spin_unlock_bh(&mvm->time_event_lock); 967 968 mvmvif->phy_ctxt = NULL; 969 memset(&mvmvif->bf_data, 0, sizeof(mvmvif->bf_data)); 970 memset(&mvmvif->probe_resp_data, 0, sizeof(mvmvif->probe_resp_data)); 971 } 972 973 static void iwl_mvm_restart_cleanup(struct iwl_mvm *mvm) 974 { 975 iwl_mvm_stop_device(mvm); 976 977 mvm->cur_aid = 0; 978 979 mvm->scan_status = 0; 980 mvm->ps_disabled = false; 981 mvm->rfkill_safe_init_done = false; 982 983 /* just in case one was running */ 984 iwl_mvm_cleanup_roc_te(mvm); 985 ieee80211_remain_on_channel_expired(mvm->hw); 986 987 iwl_mvm_ftm_restart(mvm); 988 989 /* 990 * cleanup all interfaces, even inactive ones, as some might have 991 * gone down during the HW restart 992 */ 993 ieee80211_iterate_interfaces(mvm->hw, 0, iwl_mvm_cleanup_iterator, mvm); 994 995 mvm->p2p_device_vif = NULL; 996 997 iwl_mvm_reset_phy_ctxts(mvm); 998 memset(mvm->fw_key_table, 0, sizeof(mvm->fw_key_table)); 999 memset(&mvm->last_bt_notif, 0, sizeof(mvm->last_bt_notif)); 1000 memset(&mvm->last_bt_ci_cmd, 0, sizeof(mvm->last_bt_ci_cmd)); 1001 1002 ieee80211_wake_queues(mvm->hw); 1003 1004 mvm->vif_count = 0; 1005 mvm->rx_ba_sessions = 0; 1006 mvm->fwrt.dump.conf = FW_DBG_INVALID; 1007 mvm->monitor_on = false; 1008 1009 /* keep statistics ticking */ 1010 iwl_mvm_accu_radio_stats(mvm); 1011 } 1012 1013 int __iwl_mvm_mac_start(struct iwl_mvm *mvm) 1014 { 1015 int ret; 1016 1017 lockdep_assert_held(&mvm->mutex); 1018 1019 ret = iwl_mvm_mei_get_ownership(mvm); 1020 if (ret) 1021 return ret; 1022 1023 if (mvm->mei_nvm_data) { 1024 /* We got the NIC, we can now free the MEI NVM data */ 1025 kfree(mvm->mei_nvm_data); 1026 mvm->mei_nvm_data = NULL; 1027 1028 /* 1029 * We can't free the nvm_data we allocated based on the SAP 1030 * data because we registered to cfg80211 with the channels 1031 * allocated on mvm->nvm_data. Keep a pointer in temp_nvm_data 1032 * just in order to be able free it later. 1033 * NULLify nvm_data so that we will read the NVM from the 1034 * firmware this time. 1035 */ 1036 mvm->temp_nvm_data = mvm->nvm_data; 1037 mvm->nvm_data = NULL; 1038 } 1039 1040 if (test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status)) { 1041 /* 1042 * Now convert the HW_RESTART_REQUESTED flag to IN_HW_RESTART 1043 * so later code will - from now on - see that we're doing it. 1044 */ 1045 set_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 1046 clear_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status); 1047 /* Clean up some internal and mac80211 state on restart */ 1048 iwl_mvm_restart_cleanup(mvm); 1049 } 1050 ret = iwl_mvm_up(mvm); 1051 1052 iwl_dbg_tlv_time_point(&mvm->fwrt, IWL_FW_INI_TIME_POINT_POST_INIT, 1053 NULL); 1054 iwl_dbg_tlv_time_point(&mvm->fwrt, IWL_FW_INI_TIME_POINT_PERIODIC, 1055 NULL); 1056 1057 mvm->last_reset_or_resume_time_jiffies = jiffies; 1058 1059 if (ret && test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) { 1060 /* Something went wrong - we need to finish some cleanup 1061 * that normally iwl_mvm_mac_restart_complete() below 1062 * would do. 1063 */ 1064 clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 1065 } 1066 1067 return ret; 1068 } 1069 1070 static int iwl_mvm_mac_start(struct ieee80211_hw *hw) 1071 { 1072 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1073 int ret; 1074 int retry, max_retry = 0; 1075 1076 mutex_lock(&mvm->mutex); 1077 1078 /* we are starting the mac not in error flow, and restart is enabled */ 1079 if (!test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status) && 1080 iwlwifi_mod_params.fw_restart) { 1081 max_retry = IWL_MAX_INIT_RETRY; 1082 /* 1083 * This will prevent mac80211 recovery flows to trigger during 1084 * init failures 1085 */ 1086 set_bit(IWL_MVM_STATUS_STARTING, &mvm->status); 1087 } 1088 1089 for (retry = 0; retry <= max_retry; retry++) { 1090 ret = __iwl_mvm_mac_start(mvm); 1091 if (!ret) 1092 break; 1093 1094 IWL_ERR(mvm, "mac start retry %d\n", retry); 1095 } 1096 clear_bit(IWL_MVM_STATUS_STARTING, &mvm->status); 1097 1098 mutex_unlock(&mvm->mutex); 1099 1100 iwl_mvm_mei_set_sw_rfkill_state(mvm); 1101 1102 return ret; 1103 } 1104 1105 static void iwl_mvm_restart_complete(struct iwl_mvm *mvm) 1106 { 1107 int ret; 1108 1109 mutex_lock(&mvm->mutex); 1110 1111 clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status); 1112 1113 ret = iwl_mvm_update_quotas(mvm, true, NULL); 1114 if (ret) 1115 IWL_ERR(mvm, "Failed to update quotas after restart (%d)\n", 1116 ret); 1117 1118 iwl_mvm_send_recovery_cmd(mvm, ERROR_RECOVERY_END_OF_RECOVERY); 1119 1120 /* 1121 * If we have TDLS peers, remove them. We don't know the last seqno/PN 1122 * of packets the FW sent out, so we must reconnect. 1123 */ 1124 iwl_mvm_teardown_tdls_peers(mvm); 1125 1126 mutex_unlock(&mvm->mutex); 1127 } 1128 1129 static void 1130 iwl_mvm_mac_reconfig_complete(struct ieee80211_hw *hw, 1131 enum ieee80211_reconfig_type reconfig_type) 1132 { 1133 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1134 1135 switch (reconfig_type) { 1136 case IEEE80211_RECONFIG_TYPE_RESTART: 1137 iwl_mvm_restart_complete(mvm); 1138 break; 1139 case IEEE80211_RECONFIG_TYPE_SUSPEND: 1140 break; 1141 } 1142 } 1143 1144 void __iwl_mvm_mac_stop(struct iwl_mvm *mvm) 1145 { 1146 lockdep_assert_held(&mvm->mutex); 1147 1148 iwl_mvm_ftm_initiator_smooth_stop(mvm); 1149 1150 /* firmware counters are obviously reset now, but we shouldn't 1151 * partially track so also clear the fw_reset_accu counters. 1152 */ 1153 memset(&mvm->accu_radio_stats, 0, sizeof(mvm->accu_radio_stats)); 1154 1155 /* async_handlers_wk is now blocked */ 1156 1157 if (iwl_fw_lookup_cmd_ver(mvm->fw, LONG_GROUP, ADD_STA, 0) < 12) 1158 iwl_mvm_rm_aux_sta(mvm); 1159 1160 iwl_mvm_stop_device(mvm); 1161 1162 iwl_mvm_async_handlers_purge(mvm); 1163 /* async_handlers_list is empty and will stay empty: HW is stopped */ 1164 1165 /* 1166 * Clear IN_HW_RESTART and HW_RESTART_REQUESTED flag when stopping the 1167 * hw (as restart_complete() won't be called in this case) and mac80211 1168 * won't execute the restart. 1169 * But make sure to cleanup interfaces that have gone down before/during 1170 * HW restart was requested. 1171 */ 1172 if (test_and_clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) || 1173 test_and_clear_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, 1174 &mvm->status)) 1175 ieee80211_iterate_interfaces(mvm->hw, 0, 1176 iwl_mvm_cleanup_iterator, mvm); 1177 1178 /* We shouldn't have any UIDs still set. Loop over all the UIDs to 1179 * make sure there's nothing left there and warn if any is found. 1180 */ 1181 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) { 1182 int i; 1183 1184 for (i = 0; i < mvm->max_scans; i++) { 1185 if (WARN_ONCE(mvm->scan_uid_status[i], 1186 "UMAC scan UID %d status was not cleaned\n", 1187 i)) 1188 mvm->scan_uid_status[i] = 0; 1189 } 1190 } 1191 } 1192 1193 static void iwl_mvm_mac_stop(struct ieee80211_hw *hw) 1194 { 1195 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1196 1197 flush_work(&mvm->async_handlers_wk); 1198 flush_work(&mvm->add_stream_wk); 1199 1200 /* 1201 * Lock and clear the firmware running bit here already, so that 1202 * new commands coming in elsewhere, e.g. from debugfs, will not 1203 * be able to proceed. This is important here because one of those 1204 * debugfs files causes the firmware dump to be triggered, and if we 1205 * don't stop debugfs accesses before canceling that it could be 1206 * retriggered after we flush it but before we've cleared the bit. 1207 */ 1208 clear_bit(IWL_MVM_STATUS_FIRMWARE_RUNNING, &mvm->status); 1209 1210 cancel_delayed_work_sync(&mvm->cs_tx_unblock_dwork); 1211 cancel_delayed_work_sync(&mvm->scan_timeout_dwork); 1212 1213 /* 1214 * The work item could be running or queued if the 1215 * ROC time event stops just as we get here. 1216 */ 1217 flush_work(&mvm->roc_done_wk); 1218 1219 iwl_mvm_mei_set_sw_rfkill_state(mvm); 1220 1221 mutex_lock(&mvm->mutex); 1222 __iwl_mvm_mac_stop(mvm); 1223 mutex_unlock(&mvm->mutex); 1224 1225 /* 1226 * The worker might have been waiting for the mutex, let it run and 1227 * discover that its list is now empty. 1228 */ 1229 cancel_work_sync(&mvm->async_handlers_wk); 1230 } 1231 1232 static struct iwl_mvm_phy_ctxt *iwl_mvm_get_free_phy_ctxt(struct iwl_mvm *mvm) 1233 { 1234 u16 i; 1235 1236 lockdep_assert_held(&mvm->mutex); 1237 1238 for (i = 0; i < NUM_PHY_CTX; i++) 1239 if (!mvm->phy_ctxts[i].ref) 1240 return &mvm->phy_ctxts[i]; 1241 1242 IWL_ERR(mvm, "No available PHY context\n"); 1243 return NULL; 1244 } 1245 1246 static int iwl_mvm_set_tx_power(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 1247 s16 tx_power) 1248 { 1249 int len; 1250 struct iwl_dev_tx_power_cmd cmd = { 1251 .common.set_mode = cpu_to_le32(IWL_TX_POWER_MODE_SET_MAC), 1252 .common.mac_context_id = 1253 cpu_to_le32(iwl_mvm_vif_from_mac80211(vif)->id), 1254 .common.pwr_restriction = cpu_to_le16(8 * tx_power), 1255 }; 1256 u8 cmd_ver = iwl_fw_lookup_cmd_ver(mvm->fw, LONG_GROUP, 1257 REDUCE_TX_POWER_CMD, 1258 IWL_FW_CMD_VER_UNKNOWN); 1259 1260 if (tx_power == IWL_DEFAULT_MAX_TX_POWER) 1261 cmd.common.pwr_restriction = cpu_to_le16(IWL_DEV_MAX_TX_POWER); 1262 1263 if (cmd_ver == 6) 1264 len = sizeof(cmd.v6); 1265 else if (fw_has_api(&mvm->fw->ucode_capa, 1266 IWL_UCODE_TLV_API_REDUCE_TX_POWER)) 1267 len = sizeof(cmd.v5); 1268 else if (fw_has_capa(&mvm->fw->ucode_capa, 1269 IWL_UCODE_TLV_CAPA_TX_POWER_ACK)) 1270 len = sizeof(cmd.v4); 1271 else 1272 len = sizeof(cmd.v3); 1273 1274 /* all structs have the same common part, add it */ 1275 len += sizeof(cmd.common); 1276 1277 return iwl_mvm_send_cmd_pdu(mvm, REDUCE_TX_POWER_CMD, 0, len, &cmd); 1278 } 1279 1280 static int iwl_mvm_post_channel_switch(struct ieee80211_hw *hw, 1281 struct ieee80211_vif *vif) 1282 { 1283 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1284 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1285 int ret; 1286 1287 mutex_lock(&mvm->mutex); 1288 1289 if (vif->type == NL80211_IFTYPE_STATION) { 1290 struct iwl_mvm_sta *mvmsta; 1291 1292 mvmvif->csa_bcn_pending = false; 1293 mvmsta = iwl_mvm_sta_from_staid_protected(mvm, 1294 mvmvif->ap_sta_id); 1295 1296 if (WARN_ON(!mvmsta)) { 1297 ret = -EIO; 1298 goto out_unlock; 1299 } 1300 1301 iwl_mvm_sta_modify_disable_tx(mvm, mvmsta, false); 1302 1303 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 1304 1305 if (!fw_has_capa(&mvm->fw->ucode_capa, 1306 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) { 1307 ret = iwl_mvm_enable_beacon_filter(mvm, vif, 0); 1308 if (ret) 1309 goto out_unlock; 1310 1311 iwl_mvm_stop_session_protection(mvm, vif); 1312 } 1313 } 1314 1315 mvmvif->ps_disabled = false; 1316 1317 ret = iwl_mvm_power_update_ps(mvm); 1318 1319 out_unlock: 1320 if (mvmvif->csa_failed) 1321 ret = -EIO; 1322 mutex_unlock(&mvm->mutex); 1323 1324 return ret; 1325 } 1326 1327 static void iwl_mvm_abort_channel_switch(struct ieee80211_hw *hw, 1328 struct ieee80211_vif *vif) 1329 { 1330 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1331 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1332 struct iwl_chan_switch_te_cmd cmd = { 1333 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 1334 mvmvif->color)), 1335 .action = cpu_to_le32(FW_CTXT_ACTION_REMOVE), 1336 }; 1337 1338 IWL_DEBUG_MAC80211(mvm, "Abort CSA on mac %d\n", mvmvif->id); 1339 1340 mutex_lock(&mvm->mutex); 1341 if (!fw_has_capa(&mvm->fw->ucode_capa, 1342 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) 1343 iwl_mvm_remove_csa_period(mvm, vif); 1344 else 1345 WARN_ON(iwl_mvm_send_cmd_pdu(mvm, 1346 WIDE_ID(MAC_CONF_GROUP, 1347 CHANNEL_SWITCH_TIME_EVENT_CMD), 1348 0, sizeof(cmd), &cmd)); 1349 mvmvif->csa_failed = true; 1350 mutex_unlock(&mvm->mutex); 1351 1352 iwl_mvm_post_channel_switch(hw, vif); 1353 } 1354 1355 static void iwl_mvm_channel_switch_disconnect_wk(struct work_struct *wk) 1356 { 1357 struct iwl_mvm_vif *mvmvif; 1358 struct ieee80211_vif *vif; 1359 1360 mvmvif = container_of(wk, struct iwl_mvm_vif, csa_work.work); 1361 vif = container_of((void *)mvmvif, struct ieee80211_vif, drv_priv); 1362 1363 /* Trigger disconnect (should clear the CSA state) */ 1364 ieee80211_chswitch_done(vif, false); 1365 } 1366 1367 static int iwl_mvm_mac_add_interface(struct ieee80211_hw *hw, 1368 struct ieee80211_vif *vif) 1369 { 1370 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1371 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1372 int ret; 1373 1374 mvmvif->mvm = mvm; 1375 RCU_INIT_POINTER(mvmvif->probe_resp_data, NULL); 1376 1377 /* 1378 * Not much to do here. The stack will not allow interface 1379 * types or combinations that we didn't advertise, so we 1380 * don't really have to check the types. 1381 */ 1382 1383 mutex_lock(&mvm->mutex); 1384 1385 /* make sure that beacon statistics don't go backwards with FW reset */ 1386 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) 1387 mvmvif->beacon_stats.accu_num_beacons += 1388 mvmvif->beacon_stats.num_beacons; 1389 1390 /* Allocate resources for the MAC context, and add it to the fw */ 1391 ret = iwl_mvm_mac_ctxt_init(mvm, vif); 1392 if (ret) 1393 goto out_unlock; 1394 1395 rcu_assign_pointer(mvm->vif_id_to_mac[mvmvif->id], vif); 1396 1397 /* Counting number of interfaces is needed for legacy PM */ 1398 if (vif->type != NL80211_IFTYPE_P2P_DEVICE) 1399 mvm->vif_count++; 1400 1401 /* 1402 * The AP binding flow can be done only after the beacon 1403 * template is configured (which happens only in the mac80211 1404 * start_ap() flow), and adding the broadcast station can happen 1405 * only after the binding. 1406 * In addition, since modifying the MAC before adding a bcast 1407 * station is not allowed by the FW, delay the adding of MAC context to 1408 * the point where we can also add the bcast station. 1409 * In short: there's not much we can do at this point, other than 1410 * allocating resources :) 1411 */ 1412 if (vif->type == NL80211_IFTYPE_AP || 1413 vif->type == NL80211_IFTYPE_ADHOC) { 1414 ret = iwl_mvm_alloc_bcast_sta(mvm, vif); 1415 if (ret) { 1416 IWL_ERR(mvm, "Failed to allocate bcast sta\n"); 1417 goto out_release; 1418 } 1419 1420 /* 1421 * Only queue for this station is the mcast queue, 1422 * which shouldn't be in TFD mask anyway 1423 */ 1424 ret = iwl_mvm_allocate_int_sta(mvm, &mvmvif->mcast_sta, 1425 0, vif->type, 1426 IWL_STA_MULTICAST); 1427 if (ret) 1428 goto out_release; 1429 1430 iwl_mvm_vif_dbgfs_register(mvm, vif); 1431 goto out_unlock; 1432 } 1433 1434 mvmvif->features |= hw->netdev_features; 1435 1436 ret = iwl_mvm_mac_ctxt_add(mvm, vif); 1437 if (ret) 1438 goto out_release; 1439 1440 ret = iwl_mvm_power_update_mac(mvm); 1441 if (ret) 1442 goto out_remove_mac; 1443 1444 /* beacon filtering */ 1445 ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0); 1446 if (ret) 1447 goto out_remove_mac; 1448 1449 if (!mvm->bf_allowed_vif && 1450 vif->type == NL80211_IFTYPE_STATION && !vif->p2p) { 1451 mvm->bf_allowed_vif = mvmvif; 1452 vif->driver_flags |= IEEE80211_VIF_BEACON_FILTER | 1453 IEEE80211_VIF_SUPPORTS_CQM_RSSI; 1454 } 1455 1456 /* 1457 * P2P_DEVICE interface does not have a channel context assigned to it, 1458 * so a dedicated PHY context is allocated to it and the corresponding 1459 * MAC context is bound to it at this stage. 1460 */ 1461 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 1462 1463 mvmvif->phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm); 1464 if (!mvmvif->phy_ctxt) { 1465 ret = -ENOSPC; 1466 goto out_free_bf; 1467 } 1468 1469 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt); 1470 ret = iwl_mvm_binding_add_vif(mvm, vif); 1471 if (ret) 1472 goto out_unref_phy; 1473 1474 ret = iwl_mvm_add_p2p_bcast_sta(mvm, vif); 1475 if (ret) 1476 goto out_unbind; 1477 1478 /* Save a pointer to p2p device vif, so it can later be used to 1479 * update the p2p device MAC when a GO is started/stopped */ 1480 mvm->p2p_device_vif = vif; 1481 } 1482 1483 iwl_mvm_tcm_add_vif(mvm, vif); 1484 INIT_DELAYED_WORK(&mvmvif->csa_work, 1485 iwl_mvm_channel_switch_disconnect_wk); 1486 1487 if (vif->type == NL80211_IFTYPE_MONITOR) 1488 mvm->monitor_on = true; 1489 1490 iwl_mvm_vif_dbgfs_register(mvm, vif); 1491 1492 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 1493 vif->type == NL80211_IFTYPE_STATION && !vif->p2p && 1494 !mvm->csme_vif && mvm->mei_registered) { 1495 iwl_mei_set_nic_info(vif->addr, mvm->nvm_data->hw_addr); 1496 iwl_mei_set_netdev(ieee80211_vif_to_wdev(vif)->netdev); 1497 mvm->csme_vif = vif; 1498 } 1499 1500 goto out_unlock; 1501 1502 out_unbind: 1503 iwl_mvm_binding_remove_vif(mvm, vif); 1504 out_unref_phy: 1505 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt); 1506 out_free_bf: 1507 if (mvm->bf_allowed_vif == mvmvif) { 1508 mvm->bf_allowed_vif = NULL; 1509 vif->driver_flags &= ~(IEEE80211_VIF_BEACON_FILTER | 1510 IEEE80211_VIF_SUPPORTS_CQM_RSSI); 1511 } 1512 out_remove_mac: 1513 mvmvif->phy_ctxt = NULL; 1514 iwl_mvm_mac_ctxt_remove(mvm, vif); 1515 out_release: 1516 if (vif->type != NL80211_IFTYPE_P2P_DEVICE) 1517 mvm->vif_count--; 1518 out_unlock: 1519 mutex_unlock(&mvm->mutex); 1520 1521 return ret; 1522 } 1523 1524 static void iwl_mvm_prepare_mac_removal(struct iwl_mvm *mvm, 1525 struct ieee80211_vif *vif) 1526 { 1527 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 1528 /* 1529 * Flush the ROC worker which will flush the OFFCHANNEL queue. 1530 * We assume here that all the packets sent to the OFFCHANNEL 1531 * queue are sent in ROC session. 1532 */ 1533 flush_work(&mvm->roc_done_wk); 1534 } 1535 } 1536 1537 static void iwl_mvm_mac_remove_interface(struct ieee80211_hw *hw, 1538 struct ieee80211_vif *vif) 1539 { 1540 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1541 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1542 struct iwl_probe_resp_data *probe_data; 1543 1544 iwl_mvm_prepare_mac_removal(mvm, vif); 1545 1546 if (!(vif->type == NL80211_IFTYPE_AP || 1547 vif->type == NL80211_IFTYPE_ADHOC)) 1548 iwl_mvm_tcm_rm_vif(mvm, vif); 1549 1550 mutex_lock(&mvm->mutex); 1551 1552 if (vif == mvm->csme_vif) { 1553 iwl_mei_set_netdev(NULL); 1554 mvm->csme_vif = NULL; 1555 } 1556 1557 probe_data = rcu_dereference_protected(mvmvif->probe_resp_data, 1558 lockdep_is_held(&mvm->mutex)); 1559 RCU_INIT_POINTER(mvmvif->probe_resp_data, NULL); 1560 if (probe_data) 1561 kfree_rcu(probe_data, rcu_head); 1562 1563 if (mvm->bf_allowed_vif == mvmvif) { 1564 mvm->bf_allowed_vif = NULL; 1565 vif->driver_flags &= ~(IEEE80211_VIF_BEACON_FILTER | 1566 IEEE80211_VIF_SUPPORTS_CQM_RSSI); 1567 } 1568 1569 if (vif->bss_conf.ftm_responder) 1570 memset(&mvm->ftm_resp_stats, 0, sizeof(mvm->ftm_resp_stats)); 1571 1572 iwl_mvm_vif_dbgfs_clean(mvm, vif); 1573 1574 /* 1575 * For AP/GO interface, the tear down of the resources allocated to the 1576 * interface is be handled as part of the stop_ap flow. 1577 */ 1578 if (vif->type == NL80211_IFTYPE_AP || 1579 vif->type == NL80211_IFTYPE_ADHOC) { 1580 #ifdef CONFIG_NL80211_TESTMODE 1581 if (vif == mvm->noa_vif) { 1582 mvm->noa_vif = NULL; 1583 mvm->noa_duration = 0; 1584 } 1585 #endif 1586 iwl_mvm_dealloc_int_sta(mvm, &mvmvif->mcast_sta); 1587 iwl_mvm_dealloc_bcast_sta(mvm, vif); 1588 goto out_release; 1589 } 1590 1591 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 1592 mvm->p2p_device_vif = NULL; 1593 iwl_mvm_rm_p2p_bcast_sta(mvm, vif); 1594 iwl_mvm_binding_remove_vif(mvm, vif); 1595 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt); 1596 mvmvif->phy_ctxt = NULL; 1597 } 1598 1599 if (mvm->vif_count && vif->type != NL80211_IFTYPE_P2P_DEVICE) 1600 mvm->vif_count--; 1601 1602 iwl_mvm_power_update_mac(mvm); 1603 iwl_mvm_mac_ctxt_remove(mvm, vif); 1604 1605 RCU_INIT_POINTER(mvm->vif_id_to_mac[mvmvif->id], NULL); 1606 1607 if (vif->type == NL80211_IFTYPE_MONITOR) 1608 mvm->monitor_on = false; 1609 1610 out_release: 1611 mutex_unlock(&mvm->mutex); 1612 } 1613 1614 static int iwl_mvm_mac_config(struct ieee80211_hw *hw, u32 changed) 1615 { 1616 return 0; 1617 } 1618 1619 struct iwl_mvm_mc_iter_data { 1620 struct iwl_mvm *mvm; 1621 int port_id; 1622 }; 1623 1624 static void iwl_mvm_mc_iface_iterator(void *_data, u8 *mac, 1625 struct ieee80211_vif *vif) 1626 { 1627 struct iwl_mvm_mc_iter_data *data = _data; 1628 struct iwl_mvm *mvm = data->mvm; 1629 struct iwl_mcast_filter_cmd *cmd = mvm->mcast_filter_cmd; 1630 struct iwl_host_cmd hcmd = { 1631 .id = MCAST_FILTER_CMD, 1632 .flags = CMD_ASYNC, 1633 .dataflags[0] = IWL_HCMD_DFL_NOCOPY, 1634 }; 1635 int ret, len; 1636 1637 /* if we don't have free ports, mcast frames will be dropped */ 1638 if (WARN_ON_ONCE(data->port_id >= MAX_PORT_ID_NUM)) 1639 return; 1640 1641 if (vif->type != NL80211_IFTYPE_STATION || 1642 !vif->bss_conf.assoc) 1643 return; 1644 1645 cmd->port_id = data->port_id++; 1646 memcpy(cmd->bssid, vif->bss_conf.bssid, ETH_ALEN); 1647 len = roundup(sizeof(*cmd) + cmd->count * ETH_ALEN, 4); 1648 1649 hcmd.len[0] = len; 1650 hcmd.data[0] = cmd; 1651 1652 ret = iwl_mvm_send_cmd(mvm, &hcmd); 1653 if (ret) 1654 IWL_ERR(mvm, "mcast filter cmd error. ret=%d\n", ret); 1655 } 1656 1657 static void iwl_mvm_recalc_multicast(struct iwl_mvm *mvm) 1658 { 1659 struct iwl_mvm_mc_iter_data iter_data = { 1660 .mvm = mvm, 1661 }; 1662 int ret; 1663 1664 lockdep_assert_held(&mvm->mutex); 1665 1666 if (WARN_ON_ONCE(!mvm->mcast_filter_cmd)) 1667 return; 1668 1669 ieee80211_iterate_active_interfaces_atomic( 1670 mvm->hw, IEEE80211_IFACE_ITER_NORMAL, 1671 iwl_mvm_mc_iface_iterator, &iter_data); 1672 1673 /* 1674 * Send a (synchronous) ech command so that we wait for the 1675 * multiple asynchronous MCAST_FILTER_CMD commands sent by 1676 * the interface iterator. Otherwise, we might get here over 1677 * and over again (by userspace just sending a lot of these) 1678 * and the CPU can send them faster than the firmware can 1679 * process them. 1680 * Note that the CPU is still faster - but with this we'll 1681 * actually send fewer commands overall because the CPU will 1682 * not schedule the work in mac80211 as frequently if it's 1683 * still running when rescheduled (possibly multiple times). 1684 */ 1685 ret = iwl_mvm_send_cmd_pdu(mvm, ECHO_CMD, 0, 0, NULL); 1686 if (ret) 1687 IWL_ERR(mvm, "Failed to synchronize multicast groups update\n"); 1688 } 1689 1690 static u64 iwl_mvm_prepare_multicast(struct ieee80211_hw *hw, 1691 struct netdev_hw_addr_list *mc_list) 1692 { 1693 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1694 struct iwl_mcast_filter_cmd *cmd; 1695 struct netdev_hw_addr *addr; 1696 int addr_count; 1697 bool pass_all; 1698 int len; 1699 1700 addr_count = netdev_hw_addr_list_count(mc_list); 1701 pass_all = addr_count > MAX_MCAST_FILTERING_ADDRESSES || 1702 IWL_MVM_FW_MCAST_FILTER_PASS_ALL; 1703 if (pass_all) 1704 addr_count = 0; 1705 1706 len = roundup(sizeof(*cmd) + addr_count * ETH_ALEN, 4); 1707 cmd = kzalloc(len, GFP_ATOMIC); 1708 if (!cmd) 1709 return 0; 1710 1711 if (pass_all) { 1712 cmd->pass_all = 1; 1713 return (u64)(unsigned long)cmd; 1714 } 1715 1716 netdev_hw_addr_list_for_each(addr, mc_list) { 1717 IWL_DEBUG_MAC80211(mvm, "mcast addr (%d): %pM\n", 1718 cmd->count, addr->addr); 1719 memcpy(&cmd->addr_list[cmd->count * ETH_ALEN], 1720 addr->addr, ETH_ALEN); 1721 cmd->count++; 1722 } 1723 1724 return (u64)(unsigned long)cmd; 1725 } 1726 1727 static void iwl_mvm_configure_filter(struct ieee80211_hw *hw, 1728 unsigned int changed_flags, 1729 unsigned int *total_flags, 1730 u64 multicast) 1731 { 1732 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1733 struct iwl_mcast_filter_cmd *cmd = (void *)(unsigned long)multicast; 1734 1735 mutex_lock(&mvm->mutex); 1736 1737 /* replace previous configuration */ 1738 kfree(mvm->mcast_filter_cmd); 1739 mvm->mcast_filter_cmd = cmd; 1740 1741 if (!cmd) 1742 goto out; 1743 1744 if (changed_flags & FIF_ALLMULTI) 1745 cmd->pass_all = !!(*total_flags & FIF_ALLMULTI); 1746 1747 if (cmd->pass_all) 1748 cmd->count = 0; 1749 1750 iwl_mvm_recalc_multicast(mvm); 1751 out: 1752 mutex_unlock(&mvm->mutex); 1753 *total_flags = 0; 1754 } 1755 1756 static void iwl_mvm_config_iface_filter(struct ieee80211_hw *hw, 1757 struct ieee80211_vif *vif, 1758 unsigned int filter_flags, 1759 unsigned int changed_flags) 1760 { 1761 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 1762 1763 /* We support only filter for probe requests */ 1764 if (!(changed_flags & FIF_PROBE_REQ)) 1765 return; 1766 1767 /* Supported only for p2p client interfaces */ 1768 if (vif->type != NL80211_IFTYPE_STATION || !vif->bss_conf.assoc || 1769 !vif->p2p) 1770 return; 1771 1772 mutex_lock(&mvm->mutex); 1773 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 1774 mutex_unlock(&mvm->mutex); 1775 } 1776 1777 static int iwl_mvm_update_mu_groups(struct iwl_mvm *mvm, 1778 struct ieee80211_vif *vif) 1779 { 1780 struct iwl_mu_group_mgmt_cmd cmd = {}; 1781 1782 memcpy(cmd.membership_status, vif->bss_conf.mu_group.membership, 1783 WLAN_MEMBERSHIP_LEN); 1784 memcpy(cmd.user_position, vif->bss_conf.mu_group.position, 1785 WLAN_USER_POSITION_LEN); 1786 1787 return iwl_mvm_send_cmd_pdu(mvm, 1788 WIDE_ID(DATA_PATH_GROUP, 1789 UPDATE_MU_GROUPS_CMD), 1790 0, sizeof(cmd), &cmd); 1791 } 1792 1793 static void iwl_mvm_mu_mimo_iface_iterator(void *_data, u8 *mac, 1794 struct ieee80211_vif *vif) 1795 { 1796 if (vif->mu_mimo_owner) { 1797 struct iwl_mu_group_mgmt_notif *notif = _data; 1798 1799 /* 1800 * MU-MIMO Group Id action frame is little endian. We treat 1801 * the data received from firmware as if it came from the 1802 * action frame, so no conversion is needed. 1803 */ 1804 ieee80211_update_mu_groups(vif, 1805 (u8 *)¬if->membership_status, 1806 (u8 *)¬if->user_position); 1807 } 1808 } 1809 1810 void iwl_mvm_mu_mimo_grp_notif(struct iwl_mvm *mvm, 1811 struct iwl_rx_cmd_buffer *rxb) 1812 { 1813 struct iwl_rx_packet *pkt = rxb_addr(rxb); 1814 struct iwl_mu_group_mgmt_notif *notif = (void *)pkt->data; 1815 1816 ieee80211_iterate_active_interfaces_atomic( 1817 mvm->hw, IEEE80211_IFACE_ITER_NORMAL, 1818 iwl_mvm_mu_mimo_iface_iterator, notif); 1819 } 1820 1821 static u8 iwl_mvm_he_get_ppe_val(u8 *ppe, u8 ppe_pos_bit) 1822 { 1823 u8 byte_num = ppe_pos_bit / 8; 1824 u8 bit_num = ppe_pos_bit % 8; 1825 u8 residue_bits; 1826 u8 res; 1827 1828 if (bit_num <= 5) 1829 return (ppe[byte_num] >> bit_num) & 1830 (BIT(IEEE80211_PPE_THRES_INFO_PPET_SIZE) - 1); 1831 1832 /* 1833 * If bit_num > 5, we have to combine bits with next byte. 1834 * Calculate how many bits we need to take from current byte (called 1835 * here "residue_bits"), and add them to bits from next byte. 1836 */ 1837 1838 residue_bits = 8 - bit_num; 1839 1840 res = (ppe[byte_num + 1] & 1841 (BIT(IEEE80211_PPE_THRES_INFO_PPET_SIZE - residue_bits) - 1)) << 1842 residue_bits; 1843 res += (ppe[byte_num] >> bit_num) & (BIT(residue_bits) - 1); 1844 1845 return res; 1846 } 1847 1848 static void iwl_mvm_cfg_he_sta(struct iwl_mvm *mvm, 1849 struct ieee80211_vif *vif, u8 sta_id) 1850 { 1851 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1852 struct iwl_he_sta_context_cmd sta_ctxt_cmd = { 1853 .sta_id = sta_id, 1854 .tid_limit = IWL_MAX_TID_COUNT, 1855 .bss_color = vif->bss_conf.he_bss_color.color, 1856 .htc_trig_based_pkt_ext = vif->bss_conf.htc_trig_based_pkt_ext, 1857 .frame_time_rts_th = 1858 cpu_to_le16(vif->bss_conf.frame_time_rts_th), 1859 }; 1860 int size = fw_has_api(&mvm->fw->ucode_capa, 1861 IWL_UCODE_TLV_API_MBSSID_HE) ? 1862 sizeof(sta_ctxt_cmd) : 1863 sizeof(struct iwl_he_sta_context_cmd_v1); 1864 struct ieee80211_sta *sta; 1865 u32 flags; 1866 int i; 1867 const struct ieee80211_sta_he_cap *own_he_cap = NULL; 1868 struct ieee80211_chanctx_conf *chanctx_conf; 1869 const struct ieee80211_supported_band *sband; 1870 1871 rcu_read_lock(); 1872 1873 chanctx_conf = rcu_dereference(vif->chanctx_conf); 1874 if (WARN_ON(!chanctx_conf)) { 1875 rcu_read_unlock(); 1876 return; 1877 } 1878 1879 sband = mvm->hw->wiphy->bands[chanctx_conf->def.chan->band]; 1880 own_he_cap = ieee80211_get_he_iftype_cap(sband, 1881 ieee80211_vif_type_p2p(vif)); 1882 1883 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_ctxt_cmd.sta_id]); 1884 if (IS_ERR_OR_NULL(sta)) { 1885 rcu_read_unlock(); 1886 WARN(1, "Can't find STA to configure HE\n"); 1887 return; 1888 } 1889 1890 if (!sta->he_cap.has_he) { 1891 rcu_read_unlock(); 1892 return; 1893 } 1894 1895 flags = 0; 1896 1897 /* Block 26-tone RU OFDMA transmissions */ 1898 if (mvmvif->he_ru_2mhz_block) 1899 flags |= STA_CTXT_HE_RU_2MHZ_BLOCK; 1900 1901 /* HTC flags */ 1902 if (sta->he_cap.he_cap_elem.mac_cap_info[0] & 1903 IEEE80211_HE_MAC_CAP0_HTC_HE) 1904 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_SUPPORT); 1905 if ((sta->he_cap.he_cap_elem.mac_cap_info[1] & 1906 IEEE80211_HE_MAC_CAP1_LINK_ADAPTATION) || 1907 (sta->he_cap.he_cap_elem.mac_cap_info[2] & 1908 IEEE80211_HE_MAC_CAP2_LINK_ADAPTATION)) { 1909 u8 link_adap = 1910 ((sta->he_cap.he_cap_elem.mac_cap_info[2] & 1911 IEEE80211_HE_MAC_CAP2_LINK_ADAPTATION) << 1) + 1912 (sta->he_cap.he_cap_elem.mac_cap_info[1] & 1913 IEEE80211_HE_MAC_CAP1_LINK_ADAPTATION); 1914 1915 if (link_adap == 2) 1916 sta_ctxt_cmd.htc_flags |= 1917 cpu_to_le32(IWL_HE_HTC_LINK_ADAP_UNSOLICITED); 1918 else if (link_adap == 3) 1919 sta_ctxt_cmd.htc_flags |= 1920 cpu_to_le32(IWL_HE_HTC_LINK_ADAP_BOTH); 1921 } 1922 if (sta->he_cap.he_cap_elem.mac_cap_info[2] & IEEE80211_HE_MAC_CAP2_BSR) 1923 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_BSR_SUPP); 1924 if (sta->he_cap.he_cap_elem.mac_cap_info[3] & 1925 IEEE80211_HE_MAC_CAP3_OMI_CONTROL) 1926 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_OMI_SUPP); 1927 if (sta->he_cap.he_cap_elem.mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR) 1928 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_BQR_SUPP); 1929 1930 /* 1931 * Initialize the PPE thresholds to "None" (7), as described in Table 1932 * 9-262ac of 80211.ax/D3.0. 1933 */ 1934 memset(&sta_ctxt_cmd.pkt_ext, 7, sizeof(sta_ctxt_cmd.pkt_ext)); 1935 1936 /* If PPE Thresholds exist, parse them into a FW-familiar format. */ 1937 if (sta->he_cap.he_cap_elem.phy_cap_info[6] & 1938 IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT) { 1939 u8 nss = (sta->he_cap.ppe_thres[0] & 1940 IEEE80211_PPE_THRES_NSS_MASK) + 1; 1941 u8 ru_index_bitmap = 1942 (sta->he_cap.ppe_thres[0] & 1943 IEEE80211_PPE_THRES_RU_INDEX_BITMASK_MASK) >> 1944 IEEE80211_PPE_THRES_RU_INDEX_BITMASK_POS; 1945 u8 *ppe = &sta->he_cap.ppe_thres[0]; 1946 u8 ppe_pos_bit = 7; /* Starting after PPE header */ 1947 1948 /* 1949 * FW currently supports only nss == MAX_HE_SUPP_NSS 1950 * 1951 * If nss > MAX: we can ignore values we don't support 1952 * If nss < MAX: we can set zeros in other streams 1953 */ 1954 if (nss > MAX_HE_SUPP_NSS) { 1955 IWL_INFO(mvm, "Got NSS = %d - trimming to %d\n", nss, 1956 MAX_HE_SUPP_NSS); 1957 nss = MAX_HE_SUPP_NSS; 1958 } 1959 1960 for (i = 0; i < nss; i++) { 1961 u8 ru_index_tmp = ru_index_bitmap << 1; 1962 u8 bw; 1963 1964 for (bw = 0; bw < MAX_HE_CHANNEL_BW_INDX; bw++) { 1965 ru_index_tmp >>= 1; 1966 if (!(ru_index_tmp & 1)) 1967 continue; 1968 1969 sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i][bw][1] = 1970 iwl_mvm_he_get_ppe_val(ppe, 1971 ppe_pos_bit); 1972 ppe_pos_bit += 1973 IEEE80211_PPE_THRES_INFO_PPET_SIZE; 1974 sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i][bw][0] = 1975 iwl_mvm_he_get_ppe_val(ppe, 1976 ppe_pos_bit); 1977 ppe_pos_bit += 1978 IEEE80211_PPE_THRES_INFO_PPET_SIZE; 1979 } 1980 } 1981 1982 flags |= STA_CTXT_HE_PACKET_EXT; 1983 } else if (u8_get_bits(sta->he_cap.he_cap_elem.phy_cap_info[9], 1984 IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK) 1985 != IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_RESERVED) { 1986 int low_th = -1; 1987 int high_th = -1; 1988 1989 /* Take the PPE thresholds from the nominal padding info */ 1990 switch (u8_get_bits(sta->he_cap.he_cap_elem.phy_cap_info[9], 1991 IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK)) { 1992 case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_0US: 1993 low_th = IWL_HE_PKT_EXT_NONE; 1994 high_th = IWL_HE_PKT_EXT_NONE; 1995 break; 1996 case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_8US: 1997 low_th = IWL_HE_PKT_EXT_BPSK; 1998 high_th = IWL_HE_PKT_EXT_NONE; 1999 break; 2000 case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US: 2001 low_th = IWL_HE_PKT_EXT_NONE; 2002 high_th = IWL_HE_PKT_EXT_BPSK; 2003 break; 2004 } 2005 2006 /* Set the PPE thresholds accordingly */ 2007 if (low_th >= 0 && high_th >= 0) { 2008 struct iwl_he_pkt_ext *pkt_ext = 2009 (struct iwl_he_pkt_ext *)&sta_ctxt_cmd.pkt_ext; 2010 2011 for (i = 0; i < MAX_HE_SUPP_NSS; i++) { 2012 u8 bw; 2013 2014 for (bw = 0; bw < MAX_HE_CHANNEL_BW_INDX; 2015 bw++) { 2016 pkt_ext->pkt_ext_qam_th[i][bw][0] = 2017 low_th; 2018 pkt_ext->pkt_ext_qam_th[i][bw][1] = 2019 high_th; 2020 } 2021 } 2022 2023 flags |= STA_CTXT_HE_PACKET_EXT; 2024 } 2025 } 2026 2027 if (sta->he_cap.he_cap_elem.mac_cap_info[2] & 2028 IEEE80211_HE_MAC_CAP2_32BIT_BA_BITMAP) 2029 flags |= STA_CTXT_HE_32BIT_BA_BITMAP; 2030 2031 if (sta->he_cap.he_cap_elem.mac_cap_info[2] & 2032 IEEE80211_HE_MAC_CAP2_ACK_EN) 2033 flags |= STA_CTXT_HE_ACK_ENABLED; 2034 2035 rcu_read_unlock(); 2036 2037 /* Mark MU EDCA as enabled, unless none detected on some AC */ 2038 flags |= STA_CTXT_HE_MU_EDCA_CW; 2039 for (i = 0; i < IEEE80211_NUM_ACS; i++) { 2040 struct ieee80211_he_mu_edca_param_ac_rec *mu_edca = 2041 &mvmvif->queue_params[i].mu_edca_param_rec; 2042 u8 ac = iwl_mvm_mac80211_ac_to_ucode_ac(i); 2043 2044 if (!mvmvif->queue_params[i].mu_edca) { 2045 flags &= ~STA_CTXT_HE_MU_EDCA_CW; 2046 break; 2047 } 2048 2049 sta_ctxt_cmd.trig_based_txf[ac].cwmin = 2050 cpu_to_le16(mu_edca->ecw_min_max & 0xf); 2051 sta_ctxt_cmd.trig_based_txf[ac].cwmax = 2052 cpu_to_le16((mu_edca->ecw_min_max & 0xf0) >> 4); 2053 sta_ctxt_cmd.trig_based_txf[ac].aifsn = 2054 cpu_to_le16(mu_edca->aifsn); 2055 sta_ctxt_cmd.trig_based_txf[ac].mu_time = 2056 cpu_to_le16(mu_edca->mu_edca_timer); 2057 } 2058 2059 2060 if (vif->bss_conf.uora_exists) { 2061 flags |= STA_CTXT_HE_TRIG_RND_ALLOC; 2062 2063 sta_ctxt_cmd.rand_alloc_ecwmin = 2064 vif->bss_conf.uora_ocw_range & 0x7; 2065 sta_ctxt_cmd.rand_alloc_ecwmax = 2066 (vif->bss_conf.uora_ocw_range >> 3) & 0x7; 2067 } 2068 2069 if (own_he_cap && !(own_he_cap->he_cap_elem.mac_cap_info[2] & 2070 IEEE80211_HE_MAC_CAP2_ACK_EN)) 2071 flags |= STA_CTXT_HE_NIC_NOT_ACK_ENABLED; 2072 2073 if (vif->bss_conf.nontransmitted) { 2074 flags |= STA_CTXT_HE_REF_BSSID_VALID; 2075 ether_addr_copy(sta_ctxt_cmd.ref_bssid_addr, 2076 vif->bss_conf.transmitter_bssid); 2077 sta_ctxt_cmd.max_bssid_indicator = 2078 vif->bss_conf.bssid_indicator; 2079 sta_ctxt_cmd.bssid_index = vif->bss_conf.bssid_index; 2080 sta_ctxt_cmd.ema_ap = vif->bss_conf.ema_ap; 2081 sta_ctxt_cmd.profile_periodicity = 2082 vif->bss_conf.profile_periodicity; 2083 } 2084 2085 sta_ctxt_cmd.flags = cpu_to_le32(flags); 2086 2087 if (iwl_mvm_send_cmd_pdu(mvm, iwl_cmd_id(STA_HE_CTXT_CMD, 2088 DATA_PATH_GROUP, 0), 2089 0, size, &sta_ctxt_cmd)) 2090 IWL_ERR(mvm, "Failed to config FW to work HE!\n"); 2091 } 2092 2093 static void iwl_mvm_protect_assoc(struct iwl_mvm *mvm, 2094 struct ieee80211_vif *vif, 2095 u32 duration_override) 2096 { 2097 u32 duration = IWL_MVM_TE_SESSION_PROTECTION_MAX_TIME_MS; 2098 u32 min_duration = IWL_MVM_TE_SESSION_PROTECTION_MIN_TIME_MS; 2099 2100 if (duration_override > duration) 2101 duration = duration_override; 2102 2103 /* Try really hard to protect the session and hear a beacon 2104 * The new session protection command allows us to protect the 2105 * session for a much longer time since the firmware will internally 2106 * create two events: a 300TU one with a very high priority that 2107 * won't be fragmented which should be enough for 99% of the cases, 2108 * and another one (which we configure here to be 900TU long) which 2109 * will have a slightly lower priority, but more importantly, can be 2110 * fragmented so that it'll allow other activities to run. 2111 */ 2112 if (fw_has_capa(&mvm->fw->ucode_capa, 2113 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) 2114 iwl_mvm_schedule_session_protection(mvm, vif, 900, 2115 min_duration, false); 2116 else 2117 iwl_mvm_protect_session(mvm, vif, duration, 2118 min_duration, 500, false); 2119 } 2120 2121 static void iwl_mvm_bss_info_changed_station(struct iwl_mvm *mvm, 2122 struct ieee80211_vif *vif, 2123 struct ieee80211_bss_conf *bss_conf, 2124 u32 changes) 2125 { 2126 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2127 int ret; 2128 2129 /* 2130 * Re-calculate the tsf id, as the leader-follower relations depend 2131 * on the beacon interval, which was not known when the station 2132 * interface was added. 2133 */ 2134 if (changes & BSS_CHANGED_ASSOC && bss_conf->assoc) { 2135 if (vif->bss_conf.he_support && 2136 !iwlwifi_mod_params.disable_11ax) 2137 iwl_mvm_cfg_he_sta(mvm, vif, mvmvif->ap_sta_id); 2138 2139 iwl_mvm_mac_ctxt_recalc_tsf_id(mvm, vif); 2140 } 2141 2142 /* Update MU EDCA params */ 2143 if (changes & BSS_CHANGED_QOS && mvmvif->associated && 2144 bss_conf->assoc && vif->bss_conf.he_support && 2145 !iwlwifi_mod_params.disable_11ax) 2146 iwl_mvm_cfg_he_sta(mvm, vif, mvmvif->ap_sta_id); 2147 2148 /* 2149 * If we're not associated yet, take the (new) BSSID before associating 2150 * so the firmware knows. If we're already associated, then use the old 2151 * BSSID here, and we'll send a cleared one later in the CHANGED_ASSOC 2152 * branch for disassociation below. 2153 */ 2154 if (changes & BSS_CHANGED_BSSID && !mvmvif->associated) 2155 memcpy(mvmvif->bssid, bss_conf->bssid, ETH_ALEN); 2156 2157 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, mvmvif->bssid); 2158 if (ret) 2159 IWL_ERR(mvm, "failed to update MAC %pM\n", vif->addr); 2160 2161 /* after sending it once, adopt mac80211 data */ 2162 memcpy(mvmvif->bssid, bss_conf->bssid, ETH_ALEN); 2163 mvmvif->associated = bss_conf->assoc; 2164 2165 if (changes & BSS_CHANGED_ASSOC) { 2166 if (bss_conf->assoc) { 2167 /* clear statistics to get clean beacon counter */ 2168 iwl_mvm_request_statistics(mvm, true); 2169 memset(&mvmvif->beacon_stats, 0, 2170 sizeof(mvmvif->beacon_stats)); 2171 2172 /* add quota for this interface */ 2173 ret = iwl_mvm_update_quotas(mvm, true, NULL); 2174 if (ret) { 2175 IWL_ERR(mvm, "failed to update quotas\n"); 2176 return; 2177 } 2178 2179 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, 2180 &mvm->status) && 2181 !fw_has_capa(&mvm->fw->ucode_capa, 2182 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) { 2183 /* 2184 * If we're restarting then the firmware will 2185 * obviously have lost synchronisation with 2186 * the AP. It will attempt to synchronise by 2187 * itself, but we can make it more reliable by 2188 * scheduling a session protection time event. 2189 * 2190 * The firmware needs to receive a beacon to 2191 * catch up with synchronisation, use 110% of 2192 * the beacon interval. 2193 * 2194 * Set a large maximum delay to allow for more 2195 * than a single interface. 2196 * 2197 * For new firmware versions, rely on the 2198 * firmware. This is relevant for DCM scenarios 2199 * only anyway. 2200 */ 2201 u32 dur = (11 * vif->bss_conf.beacon_int) / 10; 2202 iwl_mvm_protect_session(mvm, vif, dur, dur, 2203 5 * dur, false); 2204 } else if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, 2205 &mvm->status) && 2206 !vif->bss_conf.dtim_period) { 2207 /* 2208 * If we're not restarting and still haven't 2209 * heard a beacon (dtim period unknown) then 2210 * make sure we still have enough minimum time 2211 * remaining in the time event, since the auth 2212 * might actually have taken quite a while 2213 * (especially for SAE) and so the remaining 2214 * time could be small without us having heard 2215 * a beacon yet. 2216 */ 2217 iwl_mvm_protect_assoc(mvm, vif, 0); 2218 } 2219 2220 iwl_mvm_sf_update(mvm, vif, false); 2221 iwl_mvm_power_vif_assoc(mvm, vif); 2222 if (vif->p2p) { 2223 iwl_mvm_update_smps(mvm, vif, 2224 IWL_MVM_SMPS_REQ_PROT, 2225 IEEE80211_SMPS_DYNAMIC); 2226 } 2227 } else if (mvmvif->ap_sta_id != IWL_MVM_INVALID_STA) { 2228 iwl_mvm_mei_host_disassociated(mvm); 2229 /* 2230 * If update fails - SF might be running in associated 2231 * mode while disassociated - which is forbidden. 2232 */ 2233 ret = iwl_mvm_sf_update(mvm, vif, false); 2234 WARN_ONCE(ret && 2235 !test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, 2236 &mvm->status), 2237 "Failed to update SF upon disassociation\n"); 2238 2239 /* 2240 * If we get an assert during the connection (after the 2241 * station has been added, but before the vif is set 2242 * to associated), mac80211 will re-add the station and 2243 * then configure the vif. Since the vif is not 2244 * associated, we would remove the station here and 2245 * this would fail the recovery. 2246 */ 2247 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, 2248 &mvm->status)) { 2249 /* 2250 * Remove AP station now that 2251 * the MAC is unassoc 2252 */ 2253 ret = iwl_mvm_rm_sta_id(mvm, vif, 2254 mvmvif->ap_sta_id); 2255 if (ret) 2256 IWL_ERR(mvm, 2257 "failed to remove AP station\n"); 2258 2259 mvmvif->ap_sta_id = IWL_MVM_INVALID_STA; 2260 } 2261 2262 /* remove quota for this interface */ 2263 ret = iwl_mvm_update_quotas(mvm, false, NULL); 2264 if (ret) 2265 IWL_ERR(mvm, "failed to update quotas\n"); 2266 2267 /* this will take the cleared BSSID from bss_conf */ 2268 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 2269 if (ret) 2270 IWL_ERR(mvm, 2271 "failed to update MAC %pM (clear after unassoc)\n", 2272 vif->addr); 2273 } 2274 2275 /* 2276 * The firmware tracks the MU-MIMO group on its own. 2277 * However, on HW restart we should restore this data. 2278 */ 2279 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 2280 (changes & BSS_CHANGED_MU_GROUPS) && vif->mu_mimo_owner) { 2281 ret = iwl_mvm_update_mu_groups(mvm, vif); 2282 if (ret) 2283 IWL_ERR(mvm, 2284 "failed to update VHT MU_MIMO groups\n"); 2285 } 2286 2287 iwl_mvm_recalc_multicast(mvm); 2288 2289 /* reset rssi values */ 2290 mvmvif->bf_data.ave_beacon_signal = 0; 2291 2292 iwl_mvm_bt_coex_vif_change(mvm); 2293 iwl_mvm_update_smps(mvm, vif, IWL_MVM_SMPS_REQ_TT, 2294 IEEE80211_SMPS_AUTOMATIC); 2295 if (fw_has_capa(&mvm->fw->ucode_capa, 2296 IWL_UCODE_TLV_CAPA_UMAC_SCAN)) 2297 iwl_mvm_config_scan(mvm); 2298 } 2299 2300 if (changes & BSS_CHANGED_BEACON_INFO) { 2301 /* 2302 * We received a beacon from the associated AP so 2303 * remove the session protection. 2304 * A firmware with the new API will remove it automatically. 2305 */ 2306 if (!fw_has_capa(&mvm->fw->ucode_capa, 2307 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) 2308 iwl_mvm_stop_session_protection(mvm, vif); 2309 2310 iwl_mvm_sf_update(mvm, vif, false); 2311 WARN_ON(iwl_mvm_enable_beacon_filter(mvm, vif, 0)); 2312 } 2313 2314 if (changes & (BSS_CHANGED_PS | BSS_CHANGED_P2P_PS | BSS_CHANGED_QOS | 2315 /* 2316 * Send power command on every beacon change, 2317 * because we may have not enabled beacon abort yet. 2318 */ 2319 BSS_CHANGED_BEACON_INFO)) { 2320 ret = iwl_mvm_power_update_mac(mvm); 2321 if (ret) 2322 IWL_ERR(mvm, "failed to update power mode\n"); 2323 } 2324 2325 if (changes & BSS_CHANGED_CQM) { 2326 IWL_DEBUG_MAC80211(mvm, "cqm info_changed\n"); 2327 /* reset cqm events tracking */ 2328 mvmvif->bf_data.last_cqm_event = 0; 2329 if (mvmvif->bf_data.bf_enabled) { 2330 ret = iwl_mvm_enable_beacon_filter(mvm, vif, 0); 2331 if (ret) 2332 IWL_ERR(mvm, 2333 "failed to update CQM thresholds\n"); 2334 } 2335 } 2336 2337 if (changes & BSS_CHANGED_BANDWIDTH) 2338 iwl_mvm_apply_fw_smps_request(vif); 2339 } 2340 2341 static int iwl_mvm_start_ap_ibss(struct ieee80211_hw *hw, 2342 struct ieee80211_vif *vif) 2343 { 2344 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2345 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2346 int ret, i; 2347 2348 mutex_lock(&mvm->mutex); 2349 2350 /* Send the beacon template */ 2351 ret = iwl_mvm_mac_ctxt_beacon_changed(mvm, vif); 2352 if (ret) 2353 goto out_unlock; 2354 2355 /* 2356 * Re-calculate the tsf id, as the leader-follower relations depend on 2357 * the beacon interval, which was not known when the AP interface 2358 * was added. 2359 */ 2360 if (vif->type == NL80211_IFTYPE_AP) 2361 iwl_mvm_mac_ctxt_recalc_tsf_id(mvm, vif); 2362 2363 mvmvif->ap_assoc_sta_count = 0; 2364 2365 /* Add the mac context */ 2366 ret = iwl_mvm_mac_ctxt_add(mvm, vif); 2367 if (ret) 2368 goto out_unlock; 2369 2370 /* Perform the binding */ 2371 ret = iwl_mvm_binding_add_vif(mvm, vif); 2372 if (ret) 2373 goto out_remove; 2374 2375 /* 2376 * This is not very nice, but the simplest: 2377 * For older FWs adding the mcast sta before the bcast station may 2378 * cause assert 0x2b00. 2379 * This is fixed in later FW so make the order of removal depend on 2380 * the TLV 2381 */ 2382 if (fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE)) { 2383 ret = iwl_mvm_add_mcast_sta(mvm, vif); 2384 if (ret) 2385 goto out_unbind; 2386 /* 2387 * Send the bcast station. At this stage the TBTT and DTIM time 2388 * events are added and applied to the scheduler 2389 */ 2390 ret = iwl_mvm_send_add_bcast_sta(mvm, vif); 2391 if (ret) { 2392 iwl_mvm_rm_mcast_sta(mvm, vif); 2393 goto out_unbind; 2394 } 2395 } else { 2396 /* 2397 * Send the bcast station. At this stage the TBTT and DTIM time 2398 * events are added and applied to the scheduler 2399 */ 2400 ret = iwl_mvm_send_add_bcast_sta(mvm, vif); 2401 if (ret) 2402 goto out_unbind; 2403 ret = iwl_mvm_add_mcast_sta(mvm, vif); 2404 if (ret) { 2405 iwl_mvm_send_rm_bcast_sta(mvm, vif); 2406 goto out_unbind; 2407 } 2408 } 2409 2410 /* must be set before quota calculations */ 2411 mvmvif->ap_ibss_active = true; 2412 2413 /* send all the early keys to the device now */ 2414 for (i = 0; i < ARRAY_SIZE(mvmvif->ap_early_keys); i++) { 2415 struct ieee80211_key_conf *key = mvmvif->ap_early_keys[i]; 2416 2417 if (!key) 2418 continue; 2419 2420 mvmvif->ap_early_keys[i] = NULL; 2421 2422 ret = __iwl_mvm_mac_set_key(hw, SET_KEY, vif, NULL, key); 2423 if (ret) 2424 goto out_quota_failed; 2425 } 2426 2427 if (vif->type == NL80211_IFTYPE_AP && !vif->p2p) { 2428 iwl_mvm_vif_set_low_latency(mvmvif, true, 2429 LOW_LATENCY_VIF_TYPE); 2430 iwl_mvm_send_low_latency_cmd(mvm, true, mvmvif->id); 2431 } 2432 2433 /* power updated needs to be done before quotas */ 2434 iwl_mvm_power_update_mac(mvm); 2435 2436 ret = iwl_mvm_update_quotas(mvm, false, NULL); 2437 if (ret) 2438 goto out_quota_failed; 2439 2440 /* Need to update the P2P Device MAC (only GO, IBSS is single vif) */ 2441 if (vif->p2p && mvm->p2p_device_vif) 2442 iwl_mvm_mac_ctxt_changed(mvm, mvm->p2p_device_vif, false, NULL); 2443 2444 iwl_mvm_bt_coex_vif_change(mvm); 2445 2446 /* we don't support TDLS during DCM */ 2447 if (iwl_mvm_phy_ctx_count(mvm) > 1) 2448 iwl_mvm_teardown_tdls_peers(mvm); 2449 2450 iwl_mvm_ftm_restart_responder(mvm, vif); 2451 2452 goto out_unlock; 2453 2454 out_quota_failed: 2455 iwl_mvm_power_update_mac(mvm); 2456 mvmvif->ap_ibss_active = false; 2457 iwl_mvm_send_rm_bcast_sta(mvm, vif); 2458 iwl_mvm_rm_mcast_sta(mvm, vif); 2459 out_unbind: 2460 iwl_mvm_binding_remove_vif(mvm, vif); 2461 out_remove: 2462 iwl_mvm_mac_ctxt_remove(mvm, vif); 2463 out_unlock: 2464 mutex_unlock(&mvm->mutex); 2465 return ret; 2466 } 2467 2468 static void iwl_mvm_stop_ap_ibss(struct ieee80211_hw *hw, 2469 struct ieee80211_vif *vif) 2470 { 2471 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2472 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2473 2474 iwl_mvm_prepare_mac_removal(mvm, vif); 2475 2476 mutex_lock(&mvm->mutex); 2477 2478 /* Handle AP stop while in CSA */ 2479 if (rcu_access_pointer(mvm->csa_vif) == vif) { 2480 iwl_mvm_remove_time_event(mvm, mvmvif, 2481 &mvmvif->time_event_data); 2482 RCU_INIT_POINTER(mvm->csa_vif, NULL); 2483 mvmvif->csa_countdown = false; 2484 } 2485 2486 if (rcu_access_pointer(mvm->csa_tx_blocked_vif) == vif) { 2487 RCU_INIT_POINTER(mvm->csa_tx_blocked_vif, NULL); 2488 mvm->csa_tx_block_bcn_timeout = 0; 2489 } 2490 2491 mvmvif->ap_ibss_active = false; 2492 mvm->ap_last_beacon_gp2 = 0; 2493 2494 if (vif->type == NL80211_IFTYPE_AP && !vif->p2p) { 2495 iwl_mvm_vif_set_low_latency(mvmvif, false, 2496 LOW_LATENCY_VIF_TYPE); 2497 iwl_mvm_send_low_latency_cmd(mvm, false, mvmvif->id); 2498 } 2499 2500 iwl_mvm_bt_coex_vif_change(mvm); 2501 2502 /* Need to update the P2P Device MAC (only GO, IBSS is single vif) */ 2503 if (vif->p2p && mvm->p2p_device_vif) 2504 iwl_mvm_mac_ctxt_changed(mvm, mvm->p2p_device_vif, false, NULL); 2505 2506 iwl_mvm_update_quotas(mvm, false, NULL); 2507 2508 iwl_mvm_ftm_responder_clear(mvm, vif); 2509 2510 /* 2511 * This is not very nice, but the simplest: 2512 * For older FWs removing the mcast sta before the bcast station may 2513 * cause assert 0x2b00. 2514 * This is fixed in later FW (which will stop beaconing when removing 2515 * bcast station). 2516 * So make the order of removal depend on the TLV 2517 */ 2518 if (!fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE)) 2519 iwl_mvm_rm_mcast_sta(mvm, vif); 2520 iwl_mvm_send_rm_bcast_sta(mvm, vif); 2521 if (fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE)) 2522 iwl_mvm_rm_mcast_sta(mvm, vif); 2523 iwl_mvm_binding_remove_vif(mvm, vif); 2524 2525 iwl_mvm_power_update_mac(mvm); 2526 2527 iwl_mvm_mac_ctxt_remove(mvm, vif); 2528 2529 mutex_unlock(&mvm->mutex); 2530 } 2531 2532 static void 2533 iwl_mvm_bss_info_changed_ap_ibss(struct iwl_mvm *mvm, 2534 struct ieee80211_vif *vif, 2535 struct ieee80211_bss_conf *bss_conf, 2536 u32 changes) 2537 { 2538 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2539 2540 /* Changes will be applied when the AP/IBSS is started */ 2541 if (!mvmvif->ap_ibss_active) 2542 return; 2543 2544 if (changes & (BSS_CHANGED_ERP_CTS_PROT | BSS_CHANGED_HT | 2545 BSS_CHANGED_BANDWIDTH | BSS_CHANGED_QOS) && 2546 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL)) 2547 IWL_ERR(mvm, "failed to update MAC %pM\n", vif->addr); 2548 2549 /* Need to send a new beacon template to the FW */ 2550 if (changes & BSS_CHANGED_BEACON && 2551 iwl_mvm_mac_ctxt_beacon_changed(mvm, vif)) 2552 IWL_WARN(mvm, "Failed updating beacon data\n"); 2553 2554 if (changes & BSS_CHANGED_FTM_RESPONDER) { 2555 int ret = iwl_mvm_ftm_start_responder(mvm, vif); 2556 2557 if (ret) 2558 IWL_WARN(mvm, "Failed to enable FTM responder (%d)\n", 2559 ret); 2560 } 2561 2562 } 2563 2564 static void iwl_mvm_bss_info_changed(struct ieee80211_hw *hw, 2565 struct ieee80211_vif *vif, 2566 struct ieee80211_bss_conf *bss_conf, 2567 u32 changes) 2568 { 2569 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2570 2571 mutex_lock(&mvm->mutex); 2572 2573 if (changes & BSS_CHANGED_IDLE && !bss_conf->idle) 2574 iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, true); 2575 2576 switch (vif->type) { 2577 case NL80211_IFTYPE_STATION: 2578 iwl_mvm_bss_info_changed_station(mvm, vif, bss_conf, changes); 2579 break; 2580 case NL80211_IFTYPE_AP: 2581 case NL80211_IFTYPE_ADHOC: 2582 iwl_mvm_bss_info_changed_ap_ibss(mvm, vif, bss_conf, changes); 2583 break; 2584 case NL80211_IFTYPE_MONITOR: 2585 if (changes & BSS_CHANGED_MU_GROUPS) 2586 iwl_mvm_update_mu_groups(mvm, vif); 2587 break; 2588 default: 2589 /* shouldn't happen */ 2590 WARN_ON_ONCE(1); 2591 } 2592 2593 if (changes & BSS_CHANGED_TXPOWER) { 2594 IWL_DEBUG_CALIB(mvm, "Changing TX Power to %d dBm\n", 2595 bss_conf->txpower); 2596 iwl_mvm_set_tx_power(mvm, vif, bss_conf->txpower); 2597 } 2598 2599 mutex_unlock(&mvm->mutex); 2600 } 2601 2602 static int iwl_mvm_mac_hw_scan(struct ieee80211_hw *hw, 2603 struct ieee80211_vif *vif, 2604 struct ieee80211_scan_request *hw_req) 2605 { 2606 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2607 int ret; 2608 2609 if (hw_req->req.n_channels == 0 || 2610 hw_req->req.n_channels > mvm->fw->ucode_capa.n_scan_channels) 2611 return -EINVAL; 2612 2613 mutex_lock(&mvm->mutex); 2614 ret = iwl_mvm_reg_scan_start(mvm, vif, &hw_req->req, &hw_req->ies); 2615 mutex_unlock(&mvm->mutex); 2616 2617 return ret; 2618 } 2619 2620 static void iwl_mvm_mac_cancel_hw_scan(struct ieee80211_hw *hw, 2621 struct ieee80211_vif *vif) 2622 { 2623 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2624 2625 mutex_lock(&mvm->mutex); 2626 2627 /* Due to a race condition, it's possible that mac80211 asks 2628 * us to stop a hw_scan when it's already stopped. This can 2629 * happen, for instance, if we stopped the scan ourselves, 2630 * called ieee80211_scan_completed() and the userspace called 2631 * cancel scan scan before ieee80211_scan_work() could run. 2632 * To handle that, simply return if the scan is not running. 2633 */ 2634 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR) 2635 iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR, true); 2636 2637 mutex_unlock(&mvm->mutex); 2638 } 2639 2640 static void 2641 iwl_mvm_mac_allow_buffered_frames(struct ieee80211_hw *hw, 2642 struct ieee80211_sta *sta, u16 tids, 2643 int num_frames, 2644 enum ieee80211_frame_release_type reason, 2645 bool more_data) 2646 { 2647 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2648 2649 /* Called when we need to transmit (a) frame(s) from mac80211 */ 2650 2651 iwl_mvm_sta_modify_sleep_tx_count(mvm, sta, reason, num_frames, 2652 tids, more_data, false); 2653 } 2654 2655 static void 2656 iwl_mvm_mac_release_buffered_frames(struct ieee80211_hw *hw, 2657 struct ieee80211_sta *sta, u16 tids, 2658 int num_frames, 2659 enum ieee80211_frame_release_type reason, 2660 bool more_data) 2661 { 2662 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2663 2664 /* Called when we need to transmit (a) frame(s) from agg or dqa queue */ 2665 2666 iwl_mvm_sta_modify_sleep_tx_count(mvm, sta, reason, num_frames, 2667 tids, more_data, true); 2668 } 2669 2670 static void __iwl_mvm_mac_sta_notify(struct ieee80211_hw *hw, 2671 enum sta_notify_cmd cmd, 2672 struct ieee80211_sta *sta) 2673 { 2674 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2675 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 2676 unsigned long txqs = 0, tids = 0; 2677 int tid; 2678 2679 /* 2680 * If we have TVQM then we get too high queue numbers - luckily 2681 * we really shouldn't get here with that because such hardware 2682 * should have firmware supporting buffer station offload. 2683 */ 2684 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm))) 2685 return; 2686 2687 spin_lock_bh(&mvmsta->lock); 2688 for (tid = 0; tid < ARRAY_SIZE(mvmsta->tid_data); tid++) { 2689 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid]; 2690 2691 if (tid_data->txq_id == IWL_MVM_INVALID_QUEUE) 2692 continue; 2693 2694 __set_bit(tid_data->txq_id, &txqs); 2695 2696 if (iwl_mvm_tid_queued(mvm, tid_data) == 0) 2697 continue; 2698 2699 __set_bit(tid, &tids); 2700 } 2701 2702 switch (cmd) { 2703 case STA_NOTIFY_SLEEP: 2704 for_each_set_bit(tid, &tids, IWL_MAX_TID_COUNT) 2705 ieee80211_sta_set_buffered(sta, tid, true); 2706 2707 if (txqs) 2708 iwl_trans_freeze_txq_timer(mvm->trans, txqs, true); 2709 /* 2710 * The fw updates the STA to be asleep. Tx packets on the Tx 2711 * queues to this station will not be transmitted. The fw will 2712 * send a Tx response with TX_STATUS_FAIL_DEST_PS. 2713 */ 2714 break; 2715 case STA_NOTIFY_AWAKE: 2716 if (WARN_ON(mvmsta->sta_id == IWL_MVM_INVALID_STA)) 2717 break; 2718 2719 if (txqs) 2720 iwl_trans_freeze_txq_timer(mvm->trans, txqs, false); 2721 iwl_mvm_sta_modify_ps_wake(mvm, sta); 2722 break; 2723 default: 2724 break; 2725 } 2726 spin_unlock_bh(&mvmsta->lock); 2727 } 2728 2729 static void iwl_mvm_mac_sta_notify(struct ieee80211_hw *hw, 2730 struct ieee80211_vif *vif, 2731 enum sta_notify_cmd cmd, 2732 struct ieee80211_sta *sta) 2733 { 2734 __iwl_mvm_mac_sta_notify(hw, cmd, sta); 2735 } 2736 2737 void iwl_mvm_sta_pm_notif(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb) 2738 { 2739 struct iwl_rx_packet *pkt = rxb_addr(rxb); 2740 struct iwl_mvm_pm_state_notification *notif = (void *)pkt->data; 2741 struct ieee80211_sta *sta; 2742 struct iwl_mvm_sta *mvmsta; 2743 bool sleeping = (notif->type != IWL_MVM_PM_EVENT_AWAKE); 2744 2745 if (WARN_ON(notif->sta_id >= mvm->fw->ucode_capa.num_stations)) 2746 return; 2747 2748 rcu_read_lock(); 2749 sta = rcu_dereference(mvm->fw_id_to_mac_id[notif->sta_id]); 2750 if (WARN_ON(IS_ERR_OR_NULL(sta))) { 2751 rcu_read_unlock(); 2752 return; 2753 } 2754 2755 mvmsta = iwl_mvm_sta_from_mac80211(sta); 2756 2757 if (!mvmsta->vif || 2758 mvmsta->vif->type != NL80211_IFTYPE_AP) { 2759 rcu_read_unlock(); 2760 return; 2761 } 2762 2763 if (mvmsta->sleeping != sleeping) { 2764 mvmsta->sleeping = sleeping; 2765 __iwl_mvm_mac_sta_notify(mvm->hw, 2766 sleeping ? STA_NOTIFY_SLEEP : STA_NOTIFY_AWAKE, 2767 sta); 2768 ieee80211_sta_ps_transition(sta, sleeping); 2769 } 2770 2771 if (sleeping) { 2772 switch (notif->type) { 2773 case IWL_MVM_PM_EVENT_AWAKE: 2774 case IWL_MVM_PM_EVENT_ASLEEP: 2775 break; 2776 case IWL_MVM_PM_EVENT_UAPSD: 2777 ieee80211_sta_uapsd_trigger(sta, IEEE80211_NUM_TIDS); 2778 break; 2779 case IWL_MVM_PM_EVENT_PS_POLL: 2780 ieee80211_sta_pspoll(sta); 2781 break; 2782 default: 2783 break; 2784 } 2785 } 2786 2787 rcu_read_unlock(); 2788 } 2789 2790 static void iwl_mvm_sta_pre_rcu_remove(struct ieee80211_hw *hw, 2791 struct ieee80211_vif *vif, 2792 struct ieee80211_sta *sta) 2793 { 2794 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 2795 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta); 2796 2797 /* 2798 * This is called before mac80211 does RCU synchronisation, 2799 * so here we already invalidate our internal RCU-protected 2800 * station pointer. The rest of the code will thus no longer 2801 * be able to find the station this way, and we don't rely 2802 * on further RCU synchronisation after the sta_state() 2803 * callback deleted the station. 2804 */ 2805 mutex_lock(&mvm->mutex); 2806 if (sta == rcu_access_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id])) 2807 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id], 2808 ERR_PTR(-ENOENT)); 2809 2810 mutex_unlock(&mvm->mutex); 2811 } 2812 2813 static void iwl_mvm_check_uapsd(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 2814 const u8 *bssid) 2815 { 2816 int i; 2817 2818 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) { 2819 struct iwl_mvm_tcm_mac *mdata; 2820 2821 mdata = &mvm->tcm.data[iwl_mvm_vif_from_mac80211(vif)->id]; 2822 ewma_rate_init(&mdata->uapsd_nonagg_detect.rate); 2823 mdata->opened_rx_ba_sessions = false; 2824 } 2825 2826 if (!(mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_UAPSD_SUPPORT)) 2827 return; 2828 2829 if (vif->p2p && !iwl_mvm_is_p2p_scm_uapsd_supported(mvm)) { 2830 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD; 2831 return; 2832 } 2833 2834 if (!vif->p2p && 2835 (iwlwifi_mod_params.uapsd_disable & IWL_DISABLE_UAPSD_BSS)) { 2836 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD; 2837 return; 2838 } 2839 2840 for (i = 0; i < IWL_MVM_UAPSD_NOAGG_LIST_LEN; i++) { 2841 if (ether_addr_equal(mvm->uapsd_noagg_bssids[i].addr, bssid)) { 2842 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD; 2843 return; 2844 } 2845 } 2846 2847 vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD; 2848 } 2849 2850 static void 2851 iwl_mvm_tdls_check_trigger(struct iwl_mvm *mvm, 2852 struct ieee80211_vif *vif, u8 *peer_addr, 2853 enum nl80211_tdls_operation action) 2854 { 2855 struct iwl_fw_dbg_trigger_tlv *trig; 2856 struct iwl_fw_dbg_trigger_tdls *tdls_trig; 2857 2858 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif), 2859 FW_DBG_TRIGGER_TDLS); 2860 if (!trig) 2861 return; 2862 2863 tdls_trig = (void *)trig->data; 2864 2865 if (!(tdls_trig->action_bitmap & BIT(action))) 2866 return; 2867 2868 if (tdls_trig->peer_mode && 2869 memcmp(tdls_trig->peer, peer_addr, ETH_ALEN) != 0) 2870 return; 2871 2872 iwl_fw_dbg_collect_trig(&mvm->fwrt, trig, 2873 "TDLS event occurred, peer %pM, action %d", 2874 peer_addr, action); 2875 } 2876 2877 struct iwl_mvm_he_obss_narrow_bw_ru_data { 2878 bool tolerated; 2879 }; 2880 2881 static void iwl_mvm_check_he_obss_narrow_bw_ru_iter(struct wiphy *wiphy, 2882 struct cfg80211_bss *bss, 2883 void *_data) 2884 { 2885 struct iwl_mvm_he_obss_narrow_bw_ru_data *data = _data; 2886 const struct cfg80211_bss_ies *ies; 2887 const struct element *elem; 2888 2889 rcu_read_lock(); 2890 ies = rcu_dereference(bss->ies); 2891 elem = cfg80211_find_elem(WLAN_EID_EXT_CAPABILITY, ies->data, 2892 ies->len); 2893 2894 if (!elem || elem->datalen < 10 || 2895 !(elem->data[10] & 2896 WLAN_EXT_CAPA10_OBSS_NARROW_BW_RU_TOLERANCE_SUPPORT)) { 2897 data->tolerated = false; 2898 } 2899 rcu_read_unlock(); 2900 } 2901 2902 static void iwl_mvm_check_he_obss_narrow_bw_ru(struct ieee80211_hw *hw, 2903 struct ieee80211_vif *vif) 2904 { 2905 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2906 struct iwl_mvm_he_obss_narrow_bw_ru_data iter_data = { 2907 .tolerated = true, 2908 }; 2909 2910 if (!(vif->bss_conf.chandef.chan->flags & IEEE80211_CHAN_RADAR)) { 2911 mvmvif->he_ru_2mhz_block = false; 2912 return; 2913 } 2914 2915 cfg80211_bss_iter(hw->wiphy, &vif->bss_conf.chandef, 2916 iwl_mvm_check_he_obss_narrow_bw_ru_iter, 2917 &iter_data); 2918 2919 /* 2920 * If there is at least one AP on radar channel that cannot 2921 * tolerate 26-tone RU UL OFDMA transmissions using HE TB PPDU. 2922 */ 2923 mvmvif->he_ru_2mhz_block = !iter_data.tolerated; 2924 } 2925 2926 static void iwl_mvm_reset_cca_40mhz_workaround(struct iwl_mvm *mvm, 2927 struct ieee80211_vif *vif) 2928 { 2929 struct ieee80211_supported_band *sband; 2930 const struct ieee80211_sta_he_cap *he_cap; 2931 2932 if (vif->type != NL80211_IFTYPE_STATION) 2933 return; 2934 2935 if (!mvm->cca_40mhz_workaround) 2936 return; 2937 2938 /* decrement and check that we reached zero */ 2939 mvm->cca_40mhz_workaround--; 2940 if (mvm->cca_40mhz_workaround) 2941 return; 2942 2943 sband = mvm->hw->wiphy->bands[NL80211_BAND_2GHZ]; 2944 2945 sband->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40; 2946 2947 he_cap = ieee80211_get_he_iftype_cap(sband, 2948 ieee80211_vif_type_p2p(vif)); 2949 2950 if (he_cap) { 2951 /* we know that ours is writable */ 2952 struct ieee80211_sta_he_cap *he = (void *)he_cap; 2953 2954 he->he_cap_elem.phy_cap_info[0] |= 2955 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G; 2956 } 2957 } 2958 2959 static void iwl_mvm_mei_host_associated(struct iwl_mvm *mvm, 2960 struct ieee80211_vif *vif, 2961 struct iwl_mvm_sta *mvm_sta) 2962 { 2963 #if IS_ENABLED(CONFIG_IWLMEI) 2964 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 2965 struct iwl_mei_conn_info conn_info = { 2966 .ssid_len = vif->bss_conf.ssid_len, 2967 .channel = vif->bss_conf.chandef.chan->hw_value, 2968 }; 2969 2970 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) 2971 return; 2972 2973 if (!mvm->mei_registered) 2974 return; 2975 2976 switch (mvm_sta->pairwise_cipher) { 2977 case WLAN_CIPHER_SUITE_CCMP: 2978 conn_info.pairwise_cipher = IWL_MEI_CIPHER_CCMP; 2979 break; 2980 case WLAN_CIPHER_SUITE_GCMP: 2981 conn_info.pairwise_cipher = IWL_MEI_CIPHER_GCMP; 2982 break; 2983 case WLAN_CIPHER_SUITE_GCMP_256: 2984 conn_info.pairwise_cipher = IWL_MEI_CIPHER_GCMP_256; 2985 break; 2986 case 0: 2987 /* open profile */ 2988 break; 2989 default: 2990 /* cipher not supported, don't send anything to iwlmei */ 2991 return; 2992 } 2993 2994 switch (mvmvif->rekey_data.akm) { 2995 case WLAN_AKM_SUITE_SAE & 0xff: 2996 conn_info.auth_mode = IWL_MEI_AKM_AUTH_SAE; 2997 break; 2998 case WLAN_AKM_SUITE_PSK & 0xff: 2999 conn_info.auth_mode = IWL_MEI_AKM_AUTH_RSNA_PSK; 3000 break; 3001 case WLAN_AKM_SUITE_8021X & 0xff: 3002 conn_info.auth_mode = IWL_MEI_AKM_AUTH_RSNA; 3003 break; 3004 case 0: 3005 /* open profile */ 3006 conn_info.auth_mode = IWL_MEI_AKM_AUTH_OPEN; 3007 break; 3008 default: 3009 /* auth method / AKM not supported */ 3010 /* TODO: All the FT vesions of these? */ 3011 return; 3012 } 3013 3014 memcpy(conn_info.ssid, vif->bss_conf.ssid, vif->bss_conf.ssid_len); 3015 memcpy(conn_info.bssid, vif->bss_conf.bssid, ETH_ALEN); 3016 3017 /* TODO: add support for collocated AP data */ 3018 iwl_mei_host_associated(&conn_info, NULL); 3019 #endif 3020 } 3021 3022 static int iwl_mvm_mac_sta_state(struct ieee80211_hw *hw, 3023 struct ieee80211_vif *vif, 3024 struct ieee80211_sta *sta, 3025 enum ieee80211_sta_state old_state, 3026 enum ieee80211_sta_state new_state) 3027 { 3028 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3029 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3030 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta); 3031 int ret; 3032 3033 IWL_DEBUG_MAC80211(mvm, "station %pM state change %d->%d\n", 3034 sta->addr, old_state, new_state); 3035 3036 /* this would be a mac80211 bug ... but don't crash */ 3037 if (WARN_ON_ONCE(!mvmvif->phy_ctxt)) 3038 return test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status) ? 0 : -EINVAL; 3039 3040 /* 3041 * If we are in a STA removal flow and in DQA mode: 3042 * 3043 * This is after the sync_rcu part, so the queues have already been 3044 * flushed. No more TXs on their way in mac80211's path, and no more in 3045 * the queues. 3046 * Also, we won't be getting any new TX frames for this station. 3047 * What we might have are deferred TX frames that need to be taken care 3048 * of. 3049 * 3050 * Drop any still-queued deferred-frame before removing the STA, and 3051 * make sure the worker is no longer handling frames for this STA. 3052 */ 3053 if (old_state == IEEE80211_STA_NONE && 3054 new_state == IEEE80211_STA_NOTEXIST) { 3055 flush_work(&mvm->add_stream_wk); 3056 3057 /* 3058 * No need to make sure deferred TX indication is off since the 3059 * worker will already remove it if it was on 3060 */ 3061 3062 /* 3063 * Additionally, reset the 40 MHz capability if we disconnected 3064 * from the AP now. 3065 */ 3066 iwl_mvm_reset_cca_40mhz_workaround(mvm, vif); 3067 } 3068 3069 mutex_lock(&mvm->mutex); 3070 /* track whether or not the station is associated */ 3071 mvm_sta->sta_state = new_state; 3072 3073 if (old_state == IEEE80211_STA_NOTEXIST && 3074 new_state == IEEE80211_STA_NONE) { 3075 /* 3076 * Firmware bug - it'll crash if the beacon interval is less 3077 * than 16. We can't avoid connecting at all, so refuse the 3078 * station state change, this will cause mac80211 to abandon 3079 * attempts to connect to this AP, and eventually wpa_s will 3080 * blocklist the AP... 3081 */ 3082 if (vif->type == NL80211_IFTYPE_STATION && 3083 vif->bss_conf.beacon_int < 16) { 3084 IWL_ERR(mvm, 3085 "AP %pM beacon interval is %d, refusing due to firmware bug!\n", 3086 sta->addr, vif->bss_conf.beacon_int); 3087 ret = -EINVAL; 3088 goto out_unlock; 3089 } 3090 3091 if (vif->type == NL80211_IFTYPE_STATION) 3092 vif->bss_conf.he_support = sta->he_cap.has_he; 3093 3094 if (sta->tdls && 3095 (vif->p2p || 3096 iwl_mvm_tdls_sta_count(mvm, NULL) == 3097 IWL_MVM_TDLS_STA_COUNT || 3098 iwl_mvm_phy_ctx_count(mvm) > 1)) { 3099 IWL_DEBUG_MAC80211(mvm, "refusing TDLS sta\n"); 3100 ret = -EBUSY; 3101 goto out_unlock; 3102 } 3103 3104 ret = iwl_mvm_add_sta(mvm, vif, sta); 3105 if (sta->tdls && ret == 0) { 3106 iwl_mvm_recalc_tdls_state(mvm, vif, true); 3107 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr, 3108 NL80211_TDLS_SETUP); 3109 } 3110 3111 sta->max_rc_amsdu_len = 1; 3112 } else if (old_state == IEEE80211_STA_NONE && 3113 new_state == IEEE80211_STA_AUTH) { 3114 /* 3115 * EBS may be disabled due to previous failures reported by FW. 3116 * Reset EBS status here assuming environment has been changed. 3117 */ 3118 mvm->last_ebs_successful = true; 3119 iwl_mvm_check_uapsd(mvm, vif, sta->addr); 3120 ret = 0; 3121 } else if (old_state == IEEE80211_STA_AUTH && 3122 new_state == IEEE80211_STA_ASSOC) { 3123 if (vif->type == NL80211_IFTYPE_AP) { 3124 vif->bss_conf.he_support = sta->he_cap.has_he; 3125 mvmvif->ap_assoc_sta_count++; 3126 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3127 if (vif->bss_conf.he_support && 3128 !iwlwifi_mod_params.disable_11ax) 3129 iwl_mvm_cfg_he_sta(mvm, vif, mvm_sta->sta_id); 3130 } else if (vif->type == NL80211_IFTYPE_STATION) { 3131 vif->bss_conf.he_support = sta->he_cap.has_he; 3132 3133 mvmvif->he_ru_2mhz_block = false; 3134 if (sta->he_cap.has_he) 3135 iwl_mvm_check_he_obss_narrow_bw_ru(hw, vif); 3136 3137 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3138 } 3139 3140 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band, 3141 false); 3142 ret = iwl_mvm_update_sta(mvm, vif, sta); 3143 } else if (old_state == IEEE80211_STA_ASSOC && 3144 new_state == IEEE80211_STA_AUTHORIZED) { 3145 ret = 0; 3146 3147 /* we don't support TDLS during DCM */ 3148 if (iwl_mvm_phy_ctx_count(mvm) > 1) 3149 iwl_mvm_teardown_tdls_peers(mvm); 3150 3151 if (sta->tdls) { 3152 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr, 3153 NL80211_TDLS_ENABLE_LINK); 3154 } else { 3155 /* enable beacon filtering */ 3156 WARN_ON(iwl_mvm_enable_beacon_filter(mvm, vif, 0)); 3157 3158 mvmvif->authorized = 1; 3159 3160 /* 3161 * Now that the station is authorized, i.e., keys were already 3162 * installed, need to indicate to the FW that 3163 * multicast data frames can be forwarded to the driver 3164 */ 3165 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3166 iwl_mvm_mei_host_associated(mvm, vif, mvm_sta); 3167 } 3168 3169 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band, 3170 true); 3171 } else if (old_state == IEEE80211_STA_AUTHORIZED && 3172 new_state == IEEE80211_STA_ASSOC) { 3173 /* once we move into assoc state, need to update rate scale to 3174 * disable using wide bandwidth 3175 */ 3176 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band, 3177 false); 3178 if (!sta->tdls) { 3179 /* Multicast data frames are no longer allowed */ 3180 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3181 3182 /* 3183 * Set this after the above iwl_mvm_mac_ctxt_changed() 3184 * to avoid sending high prio again for a little time. 3185 */ 3186 mvmvif->authorized = 0; 3187 3188 /* disable beacon filtering */ 3189 ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0); 3190 WARN_ON(ret && 3191 !test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, 3192 &mvm->status)); 3193 } 3194 ret = 0; 3195 } else if (old_state == IEEE80211_STA_ASSOC && 3196 new_state == IEEE80211_STA_AUTH) { 3197 if (vif->type == NL80211_IFTYPE_AP) { 3198 mvmvif->ap_assoc_sta_count--; 3199 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3200 } else if (vif->type == NL80211_IFTYPE_STATION && !sta->tdls) 3201 iwl_mvm_stop_session_protection(mvm, vif); 3202 ret = 0; 3203 } else if (old_state == IEEE80211_STA_AUTH && 3204 new_state == IEEE80211_STA_NONE) { 3205 ret = 0; 3206 } else if (old_state == IEEE80211_STA_NONE && 3207 new_state == IEEE80211_STA_NOTEXIST) { 3208 if (vif->type == NL80211_IFTYPE_STATION && !sta->tdls) 3209 iwl_mvm_stop_session_protection(mvm, vif); 3210 ret = iwl_mvm_rm_sta(mvm, vif, sta); 3211 if (sta->tdls) { 3212 iwl_mvm_recalc_tdls_state(mvm, vif, false); 3213 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr, 3214 NL80211_TDLS_DISABLE_LINK); 3215 } 3216 3217 if (unlikely(ret && 3218 test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, 3219 &mvm->status))) 3220 ret = 0; 3221 } else { 3222 ret = -EIO; 3223 } 3224 out_unlock: 3225 mutex_unlock(&mvm->mutex); 3226 3227 if (sta->tdls && ret == 0) { 3228 if (old_state == IEEE80211_STA_NOTEXIST && 3229 new_state == IEEE80211_STA_NONE) 3230 ieee80211_reserve_tid(sta, IWL_MVM_TDLS_FW_TID); 3231 else if (old_state == IEEE80211_STA_NONE && 3232 new_state == IEEE80211_STA_NOTEXIST) 3233 ieee80211_unreserve_tid(sta, IWL_MVM_TDLS_FW_TID); 3234 } 3235 3236 return ret; 3237 } 3238 3239 static int iwl_mvm_mac_set_rts_threshold(struct ieee80211_hw *hw, u32 value) 3240 { 3241 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3242 3243 mvm->rts_threshold = value; 3244 3245 return 0; 3246 } 3247 3248 static void iwl_mvm_sta_rc_update(struct ieee80211_hw *hw, 3249 struct ieee80211_vif *vif, 3250 struct ieee80211_sta *sta, u32 changed) 3251 { 3252 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3253 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3254 3255 if (changed & (IEEE80211_RC_BW_CHANGED | 3256 IEEE80211_RC_SUPP_RATES_CHANGED | 3257 IEEE80211_RC_NSS_CHANGED)) 3258 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band, 3259 true); 3260 3261 if (vif->type == NL80211_IFTYPE_STATION && 3262 changed & IEEE80211_RC_NSS_CHANGED) 3263 iwl_mvm_sf_update(mvm, vif, false); 3264 } 3265 3266 static int iwl_mvm_mac_conf_tx(struct ieee80211_hw *hw, 3267 struct ieee80211_vif *vif, u16 ac, 3268 const struct ieee80211_tx_queue_params *params) 3269 { 3270 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3271 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3272 3273 mvmvif->queue_params[ac] = *params; 3274 3275 /* 3276 * No need to update right away, we'll get BSS_CHANGED_QOS 3277 * The exception is P2P_DEVICE interface which needs immediate update. 3278 */ 3279 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) { 3280 int ret; 3281 3282 mutex_lock(&mvm->mutex); 3283 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 3284 mutex_unlock(&mvm->mutex); 3285 return ret; 3286 } 3287 return 0; 3288 } 3289 3290 static void iwl_mvm_mac_mgd_prepare_tx(struct ieee80211_hw *hw, 3291 struct ieee80211_vif *vif, 3292 struct ieee80211_prep_tx_info *info) 3293 { 3294 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3295 3296 mutex_lock(&mvm->mutex); 3297 iwl_mvm_protect_assoc(mvm, vif, info->duration); 3298 mutex_unlock(&mvm->mutex); 3299 } 3300 3301 static void iwl_mvm_mac_mgd_complete_tx(struct ieee80211_hw *hw, 3302 struct ieee80211_vif *vif, 3303 struct ieee80211_prep_tx_info *info) 3304 { 3305 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3306 3307 /* for successful cases (auth/assoc), don't cancel session protection */ 3308 if (info->success) 3309 return; 3310 3311 mutex_lock(&mvm->mutex); 3312 iwl_mvm_stop_session_protection(mvm, vif); 3313 mutex_unlock(&mvm->mutex); 3314 } 3315 3316 static int iwl_mvm_mac_sched_scan_start(struct ieee80211_hw *hw, 3317 struct ieee80211_vif *vif, 3318 struct cfg80211_sched_scan_request *req, 3319 struct ieee80211_scan_ies *ies) 3320 { 3321 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3322 3323 int ret; 3324 3325 mutex_lock(&mvm->mutex); 3326 3327 if (!vif->bss_conf.idle) { 3328 ret = -EBUSY; 3329 goto out; 3330 } 3331 3332 ret = iwl_mvm_sched_scan_start(mvm, vif, req, ies, IWL_MVM_SCAN_SCHED); 3333 3334 out: 3335 mutex_unlock(&mvm->mutex); 3336 return ret; 3337 } 3338 3339 static int iwl_mvm_mac_sched_scan_stop(struct ieee80211_hw *hw, 3340 struct ieee80211_vif *vif) 3341 { 3342 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3343 int ret; 3344 3345 mutex_lock(&mvm->mutex); 3346 3347 /* Due to a race condition, it's possible that mac80211 asks 3348 * us to stop a sched_scan when it's already stopped. This 3349 * can happen, for instance, if we stopped the scan ourselves, 3350 * called ieee80211_sched_scan_stopped() and the userspace called 3351 * stop sched scan scan before ieee80211_sched_scan_stopped_work() 3352 * could run. To handle this, simply return if the scan is 3353 * not running. 3354 */ 3355 if (!(mvm->scan_status & IWL_MVM_SCAN_SCHED)) { 3356 mutex_unlock(&mvm->mutex); 3357 return 0; 3358 } 3359 3360 ret = iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, false); 3361 mutex_unlock(&mvm->mutex); 3362 iwl_mvm_wait_for_async_handlers(mvm); 3363 3364 return ret; 3365 } 3366 3367 static int __iwl_mvm_mac_set_key(struct ieee80211_hw *hw, 3368 enum set_key_cmd cmd, 3369 struct ieee80211_vif *vif, 3370 struct ieee80211_sta *sta, 3371 struct ieee80211_key_conf *key) 3372 { 3373 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3374 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3375 struct iwl_mvm_sta *mvmsta = NULL; 3376 struct iwl_mvm_key_pn *ptk_pn; 3377 int keyidx = key->keyidx; 3378 int ret, i; 3379 u8 key_offset; 3380 3381 if (sta) 3382 mvmsta = iwl_mvm_sta_from_mac80211(sta); 3383 3384 switch (key->cipher) { 3385 case WLAN_CIPHER_SUITE_TKIP: 3386 if (!mvm->trans->trans_cfg->gen2) { 3387 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 3388 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE; 3389 } else if (vif->type == NL80211_IFTYPE_STATION) { 3390 key->flags |= IEEE80211_KEY_FLAG_PUT_MIC_SPACE; 3391 } else { 3392 IWL_DEBUG_MAC80211(mvm, "Use SW encryption for TKIP\n"); 3393 return -EOPNOTSUPP; 3394 } 3395 break; 3396 case WLAN_CIPHER_SUITE_CCMP: 3397 case WLAN_CIPHER_SUITE_GCMP: 3398 case WLAN_CIPHER_SUITE_GCMP_256: 3399 if (!iwl_mvm_has_new_tx_api(mvm)) 3400 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE; 3401 break; 3402 case WLAN_CIPHER_SUITE_AES_CMAC: 3403 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 3404 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 3405 WARN_ON_ONCE(!ieee80211_hw_check(hw, MFP_CAPABLE)); 3406 break; 3407 case WLAN_CIPHER_SUITE_WEP40: 3408 case WLAN_CIPHER_SUITE_WEP104: 3409 if (vif->type == NL80211_IFTYPE_STATION) 3410 break; 3411 if (iwl_mvm_has_new_tx_api(mvm)) 3412 return -EOPNOTSUPP; 3413 /* support HW crypto on TX */ 3414 return 0; 3415 default: 3416 /* currently FW supports only one optional cipher scheme */ 3417 if (hw->n_cipher_schemes && 3418 hw->cipher_schemes->cipher == key->cipher) 3419 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE; 3420 else 3421 return -EOPNOTSUPP; 3422 } 3423 3424 switch (cmd) { 3425 case SET_KEY: 3426 if (keyidx == 6 || keyidx == 7) 3427 rcu_assign_pointer(mvmvif->bcn_prot.keys[keyidx - 6], 3428 key); 3429 3430 if ((vif->type == NL80211_IFTYPE_ADHOC || 3431 vif->type == NL80211_IFTYPE_AP) && !sta) { 3432 /* 3433 * GTK on AP interface is a TX-only key, return 0; 3434 * on IBSS they're per-station and because we're lazy 3435 * we don't support them for RX, so do the same. 3436 * CMAC/GMAC in AP/IBSS modes must be done in software. 3437 */ 3438 if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC || 3439 key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 || 3440 key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256) { 3441 ret = -EOPNOTSUPP; 3442 break; 3443 } 3444 3445 if (key->cipher != WLAN_CIPHER_SUITE_GCMP && 3446 key->cipher != WLAN_CIPHER_SUITE_GCMP_256 && 3447 !iwl_mvm_has_new_tx_api(mvm)) { 3448 key->hw_key_idx = STA_KEY_IDX_INVALID; 3449 ret = 0; 3450 break; 3451 } 3452 3453 if (!mvmvif->ap_ibss_active) { 3454 for (i = 0; 3455 i < ARRAY_SIZE(mvmvif->ap_early_keys); 3456 i++) { 3457 if (!mvmvif->ap_early_keys[i]) { 3458 mvmvif->ap_early_keys[i] = key; 3459 break; 3460 } 3461 } 3462 3463 if (i >= ARRAY_SIZE(mvmvif->ap_early_keys)) 3464 ret = -ENOSPC; 3465 else 3466 ret = 0; 3467 3468 break; 3469 } 3470 } 3471 3472 /* During FW restart, in order to restore the state as it was, 3473 * don't try to reprogram keys we previously failed for. 3474 */ 3475 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 3476 key->hw_key_idx == STA_KEY_IDX_INVALID) { 3477 IWL_DEBUG_MAC80211(mvm, 3478 "skip invalid idx key programming during restart\n"); 3479 ret = 0; 3480 break; 3481 } 3482 3483 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) && 3484 mvmsta && iwl_mvm_has_new_rx_api(mvm) && 3485 key->flags & IEEE80211_KEY_FLAG_PAIRWISE && 3486 (key->cipher == WLAN_CIPHER_SUITE_CCMP || 3487 key->cipher == WLAN_CIPHER_SUITE_GCMP || 3488 key->cipher == WLAN_CIPHER_SUITE_GCMP_256)) { 3489 struct ieee80211_key_seq seq; 3490 int tid, q; 3491 3492 WARN_ON(rcu_access_pointer(mvmsta->ptk_pn[keyidx])); 3493 ptk_pn = kzalloc(struct_size(ptk_pn, q, 3494 mvm->trans->num_rx_queues), 3495 GFP_KERNEL); 3496 if (!ptk_pn) { 3497 ret = -ENOMEM; 3498 break; 3499 } 3500 3501 for (tid = 0; tid < IWL_MAX_TID_COUNT; tid++) { 3502 ieee80211_get_key_rx_seq(key, tid, &seq); 3503 for (q = 0; q < mvm->trans->num_rx_queues; q++) 3504 memcpy(ptk_pn->q[q].pn[tid], 3505 seq.ccmp.pn, 3506 IEEE80211_CCMP_PN_LEN); 3507 } 3508 3509 rcu_assign_pointer(mvmsta->ptk_pn[keyidx], ptk_pn); 3510 } 3511 3512 /* in HW restart reuse the index, otherwise request a new one */ 3513 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) 3514 key_offset = key->hw_key_idx; 3515 else 3516 key_offset = STA_KEY_IDX_INVALID; 3517 3518 if (mvmsta && key->flags & IEEE80211_KEY_FLAG_PAIRWISE) 3519 mvmsta->pairwise_cipher = key->cipher; 3520 3521 IWL_DEBUG_MAC80211(mvm, "set hwcrypto key\n"); 3522 ret = iwl_mvm_set_sta_key(mvm, vif, sta, key, key_offset); 3523 if (ret) { 3524 IWL_WARN(mvm, "set key failed\n"); 3525 key->hw_key_idx = STA_KEY_IDX_INVALID; 3526 /* 3527 * can't add key for RX, but we don't need it 3528 * in the device for TX so still return 0, 3529 * unless we have new TX API where we cannot 3530 * put key material into the TX_CMD 3531 */ 3532 if (iwl_mvm_has_new_tx_api(mvm)) 3533 ret = -EOPNOTSUPP; 3534 else 3535 ret = 0; 3536 } 3537 3538 break; 3539 case DISABLE_KEY: 3540 if (keyidx == 6 || keyidx == 7) 3541 RCU_INIT_POINTER(mvmvif->bcn_prot.keys[keyidx - 6], 3542 NULL); 3543 3544 ret = -ENOENT; 3545 for (i = 0; i < ARRAY_SIZE(mvmvif->ap_early_keys); i++) { 3546 if (mvmvif->ap_early_keys[i] == key) { 3547 mvmvif->ap_early_keys[i] = NULL; 3548 ret = 0; 3549 } 3550 } 3551 3552 /* found in pending list - don't do anything else */ 3553 if (ret == 0) 3554 break; 3555 3556 if (key->hw_key_idx == STA_KEY_IDX_INVALID) { 3557 ret = 0; 3558 break; 3559 } 3560 3561 if (mvmsta && iwl_mvm_has_new_rx_api(mvm) && 3562 key->flags & IEEE80211_KEY_FLAG_PAIRWISE && 3563 (key->cipher == WLAN_CIPHER_SUITE_CCMP || 3564 key->cipher == WLAN_CIPHER_SUITE_GCMP || 3565 key->cipher == WLAN_CIPHER_SUITE_GCMP_256)) { 3566 ptk_pn = rcu_dereference_protected( 3567 mvmsta->ptk_pn[keyidx], 3568 lockdep_is_held(&mvm->mutex)); 3569 RCU_INIT_POINTER(mvmsta->ptk_pn[keyidx], NULL); 3570 if (ptk_pn) 3571 kfree_rcu(ptk_pn, rcu_head); 3572 } 3573 3574 IWL_DEBUG_MAC80211(mvm, "disable hwcrypto key\n"); 3575 ret = iwl_mvm_remove_sta_key(mvm, vif, sta, key); 3576 break; 3577 default: 3578 ret = -EINVAL; 3579 } 3580 3581 return ret; 3582 } 3583 3584 static int iwl_mvm_mac_set_key(struct ieee80211_hw *hw, 3585 enum set_key_cmd cmd, 3586 struct ieee80211_vif *vif, 3587 struct ieee80211_sta *sta, 3588 struct ieee80211_key_conf *key) 3589 { 3590 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3591 int ret; 3592 3593 mutex_lock(&mvm->mutex); 3594 ret = __iwl_mvm_mac_set_key(hw, cmd, vif, sta, key); 3595 mutex_unlock(&mvm->mutex); 3596 3597 return ret; 3598 } 3599 3600 static void iwl_mvm_mac_update_tkip_key(struct ieee80211_hw *hw, 3601 struct ieee80211_vif *vif, 3602 struct ieee80211_key_conf *keyconf, 3603 struct ieee80211_sta *sta, 3604 u32 iv32, u16 *phase1key) 3605 { 3606 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3607 3608 if (keyconf->hw_key_idx == STA_KEY_IDX_INVALID) 3609 return; 3610 3611 iwl_mvm_update_tkip_key(mvm, vif, keyconf, sta, iv32, phase1key); 3612 } 3613 3614 3615 static bool iwl_mvm_rx_aux_roc(struct iwl_notif_wait_data *notif_wait, 3616 struct iwl_rx_packet *pkt, void *data) 3617 { 3618 struct iwl_mvm *mvm = 3619 container_of(notif_wait, struct iwl_mvm, notif_wait); 3620 struct iwl_hs20_roc_res *resp; 3621 int resp_len = iwl_rx_packet_payload_len(pkt); 3622 struct iwl_mvm_time_event_data *te_data = data; 3623 3624 if (WARN_ON(pkt->hdr.cmd != HOT_SPOT_CMD)) 3625 return true; 3626 3627 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) { 3628 IWL_ERR(mvm, "Invalid HOT_SPOT_CMD response\n"); 3629 return true; 3630 } 3631 3632 resp = (void *)pkt->data; 3633 3634 IWL_DEBUG_TE(mvm, 3635 "Aux ROC: Received response from ucode: status=%d uid=%d\n", 3636 resp->status, resp->event_unique_id); 3637 3638 te_data->uid = le32_to_cpu(resp->event_unique_id); 3639 IWL_DEBUG_TE(mvm, "TIME_EVENT_CMD response - UID = 0x%x\n", 3640 te_data->uid); 3641 3642 spin_lock_bh(&mvm->time_event_lock); 3643 list_add_tail(&te_data->list, &mvm->aux_roc_te_list); 3644 spin_unlock_bh(&mvm->time_event_lock); 3645 3646 return true; 3647 } 3648 3649 #define AUX_ROC_MIN_DURATION MSEC_TO_TU(100) 3650 #define AUX_ROC_MIN_DELAY MSEC_TO_TU(200) 3651 #define AUX_ROC_MAX_DELAY MSEC_TO_TU(600) 3652 #define AUX_ROC_SAFETY_BUFFER MSEC_TO_TU(20) 3653 #define AUX_ROC_MIN_SAFETY_BUFFER MSEC_TO_TU(10) 3654 static int iwl_mvm_send_aux_roc_cmd(struct iwl_mvm *mvm, 3655 struct ieee80211_channel *channel, 3656 struct ieee80211_vif *vif, 3657 int duration) 3658 { 3659 int res; 3660 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3661 struct iwl_mvm_time_event_data *te_data = &mvmvif->hs_time_event_data; 3662 static const u16 time_event_response[] = { HOT_SPOT_CMD }; 3663 struct iwl_notification_wait wait_time_event; 3664 u32 dtim_interval = vif->bss_conf.dtim_period * 3665 vif->bss_conf.beacon_int; 3666 u32 req_dur, delay; 3667 struct iwl_hs20_roc_req aux_roc_req = { 3668 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 3669 .id_and_color = 3670 cpu_to_le32(FW_CMD_ID_AND_COLOR(MAC_INDEX_AUX, 0)), 3671 .sta_id_and_color = cpu_to_le32(mvm->aux_sta.sta_id), 3672 }; 3673 struct iwl_hs20_roc_req_tail *tail = iwl_mvm_chan_info_cmd_tail(mvm, 3674 &aux_roc_req.channel_info); 3675 u16 len = sizeof(aux_roc_req) - iwl_mvm_chan_info_padding(mvm); 3676 3677 /* Set the channel info data */ 3678 iwl_mvm_set_chan_info(mvm, &aux_roc_req.channel_info, channel->hw_value, 3679 iwl_mvm_phy_band_from_nl80211(channel->band), 3680 PHY_VHT_CHANNEL_MODE20, 3681 0); 3682 3683 /* Set the time and duration */ 3684 tail->apply_time = cpu_to_le32(iwl_mvm_get_systime(mvm)); 3685 3686 delay = AUX_ROC_MIN_DELAY; 3687 req_dur = MSEC_TO_TU(duration); 3688 3689 /* 3690 * If we are associated we want the delay time to be at least one 3691 * dtim interval so that the FW can wait until after the DTIM and 3692 * then start the time event, this will potentially allow us to 3693 * remain off-channel for the max duration. 3694 * Since we want to use almost a whole dtim interval we would also 3695 * like the delay to be for 2-3 dtim intervals, in case there are 3696 * other time events with higher priority. 3697 */ 3698 if (vif->bss_conf.assoc) { 3699 delay = min_t(u32, dtim_interval * 3, AUX_ROC_MAX_DELAY); 3700 /* We cannot remain off-channel longer than the DTIM interval */ 3701 if (dtim_interval <= req_dur) { 3702 req_dur = dtim_interval - AUX_ROC_SAFETY_BUFFER; 3703 if (req_dur <= AUX_ROC_MIN_DURATION) 3704 req_dur = dtim_interval - 3705 AUX_ROC_MIN_SAFETY_BUFFER; 3706 } 3707 } 3708 3709 tail->duration = cpu_to_le32(req_dur); 3710 tail->apply_time_max_delay = cpu_to_le32(delay); 3711 3712 IWL_DEBUG_TE(mvm, 3713 "ROC: Requesting to remain on channel %u for %ums\n", 3714 channel->hw_value, req_dur); 3715 IWL_DEBUG_TE(mvm, 3716 "\t(requested = %ums, max_delay = %ums, dtim_interval = %ums)\n", 3717 duration, delay, dtim_interval); 3718 3719 /* Set the node address */ 3720 memcpy(tail->node_addr, vif->addr, ETH_ALEN); 3721 3722 lockdep_assert_held(&mvm->mutex); 3723 3724 spin_lock_bh(&mvm->time_event_lock); 3725 3726 if (WARN_ON(te_data->id == HOT_SPOT_CMD)) { 3727 spin_unlock_bh(&mvm->time_event_lock); 3728 return -EIO; 3729 } 3730 3731 te_data->vif = vif; 3732 te_data->duration = duration; 3733 te_data->id = HOT_SPOT_CMD; 3734 3735 spin_unlock_bh(&mvm->time_event_lock); 3736 3737 /* 3738 * Use a notification wait, which really just processes the 3739 * command response and doesn't wait for anything, in order 3740 * to be able to process the response and get the UID inside 3741 * the RX path. Using CMD_WANT_SKB doesn't work because it 3742 * stores the buffer and then wakes up this thread, by which 3743 * time another notification (that the time event started) 3744 * might already be processed unsuccessfully. 3745 */ 3746 iwl_init_notification_wait(&mvm->notif_wait, &wait_time_event, 3747 time_event_response, 3748 ARRAY_SIZE(time_event_response), 3749 iwl_mvm_rx_aux_roc, te_data); 3750 3751 res = iwl_mvm_send_cmd_pdu(mvm, HOT_SPOT_CMD, 0, len, 3752 &aux_roc_req); 3753 3754 if (res) { 3755 IWL_ERR(mvm, "Couldn't send HOT_SPOT_CMD: %d\n", res); 3756 iwl_remove_notification(&mvm->notif_wait, &wait_time_event); 3757 goto out_clear_te; 3758 } 3759 3760 /* No need to wait for anything, so just pass 1 (0 isn't valid) */ 3761 res = iwl_wait_notification(&mvm->notif_wait, &wait_time_event, 1); 3762 /* should never fail */ 3763 WARN_ON_ONCE(res); 3764 3765 if (res) { 3766 out_clear_te: 3767 spin_lock_bh(&mvm->time_event_lock); 3768 iwl_mvm_te_clear_data(mvm, te_data); 3769 spin_unlock_bh(&mvm->time_event_lock); 3770 } 3771 3772 return res; 3773 } 3774 3775 static int iwl_mvm_roc(struct ieee80211_hw *hw, 3776 struct ieee80211_vif *vif, 3777 struct ieee80211_channel *channel, 3778 int duration, 3779 enum ieee80211_roc_type type) 3780 { 3781 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3782 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 3783 struct cfg80211_chan_def chandef; 3784 struct iwl_mvm_phy_ctxt *phy_ctxt; 3785 bool band_change_removal; 3786 int ret, i; 3787 3788 IWL_DEBUG_MAC80211(mvm, "enter (%d, %d, %d)\n", channel->hw_value, 3789 duration, type); 3790 3791 /* 3792 * Flush the done work, just in case it's still pending, so that 3793 * the work it does can complete and we can accept new frames. 3794 */ 3795 flush_work(&mvm->roc_done_wk); 3796 3797 mutex_lock(&mvm->mutex); 3798 3799 switch (vif->type) { 3800 case NL80211_IFTYPE_STATION: 3801 if (fw_has_capa(&mvm->fw->ucode_capa, 3802 IWL_UCODE_TLV_CAPA_HOTSPOT_SUPPORT)) { 3803 /* Use aux roc framework (HS20) */ 3804 if (iwl_fw_lookup_cmd_ver(mvm->fw, LONG_GROUP, 3805 ADD_STA, 0) >= 12) { 3806 u32 lmac_id; 3807 3808 lmac_id = iwl_mvm_get_lmac_id(mvm->fw, 3809 channel->band); 3810 ret = iwl_mvm_add_aux_sta(mvm, lmac_id); 3811 if (WARN(ret, 3812 "Failed to allocate aux station")) 3813 goto out_unlock; 3814 } 3815 ret = iwl_mvm_send_aux_roc_cmd(mvm, channel, 3816 vif, duration); 3817 goto out_unlock; 3818 } 3819 IWL_ERR(mvm, "hotspot not supported\n"); 3820 ret = -EINVAL; 3821 goto out_unlock; 3822 case NL80211_IFTYPE_P2P_DEVICE: 3823 /* handle below */ 3824 break; 3825 default: 3826 IWL_ERR(mvm, "vif isn't P2P_DEVICE: %d\n", vif->type); 3827 ret = -EINVAL; 3828 goto out_unlock; 3829 } 3830 3831 for (i = 0; i < NUM_PHY_CTX; i++) { 3832 phy_ctxt = &mvm->phy_ctxts[i]; 3833 if (phy_ctxt->ref == 0 || mvmvif->phy_ctxt == phy_ctxt) 3834 continue; 3835 3836 if (phy_ctxt->ref && channel == phy_ctxt->channel) { 3837 /* 3838 * Unbind the P2P_DEVICE from the current PHY context, 3839 * and if the PHY context is not used remove it. 3840 */ 3841 ret = iwl_mvm_binding_remove_vif(mvm, vif); 3842 if (WARN(ret, "Failed unbinding P2P_DEVICE\n")) 3843 goto out_unlock; 3844 3845 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt); 3846 3847 /* Bind the P2P_DEVICE to the current PHY Context */ 3848 mvmvif->phy_ctxt = phy_ctxt; 3849 3850 ret = iwl_mvm_binding_add_vif(mvm, vif); 3851 if (WARN(ret, "Failed binding P2P_DEVICE\n")) 3852 goto out_unlock; 3853 3854 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt); 3855 goto schedule_time_event; 3856 } 3857 } 3858 3859 /* Need to update the PHY context only if the ROC channel changed */ 3860 if (channel == mvmvif->phy_ctxt->channel) 3861 goto schedule_time_event; 3862 3863 cfg80211_chandef_create(&chandef, channel, NL80211_CHAN_NO_HT); 3864 3865 /* 3866 * Check if the remain-on-channel is on a different band and that 3867 * requires context removal, see iwl_mvm_phy_ctxt_changed(). If 3868 * so, we'll need to release and then re-configure here, since we 3869 * must not remove a PHY context that's part of a binding. 3870 */ 3871 band_change_removal = 3872 fw_has_capa(&mvm->fw->ucode_capa, 3873 IWL_UCODE_TLV_CAPA_BINDING_CDB_SUPPORT) && 3874 mvmvif->phy_ctxt->channel->band != chandef.chan->band; 3875 3876 if (mvmvif->phy_ctxt->ref == 1 && !band_change_removal) { 3877 /* 3878 * Change the PHY context configuration as it is currently 3879 * referenced only by the P2P Device MAC (and we can modify it) 3880 */ 3881 ret = iwl_mvm_phy_ctxt_changed(mvm, mvmvif->phy_ctxt, 3882 &chandef, 1, 1); 3883 if (ret) 3884 goto out_unlock; 3885 } else { 3886 /* 3887 * The PHY context is shared with other MACs (or we're trying to 3888 * switch bands), so remove the P2P Device from the binding, 3889 * allocate an new PHY context and create a new binding. 3890 */ 3891 phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm); 3892 if (!phy_ctxt) { 3893 ret = -ENOSPC; 3894 goto out_unlock; 3895 } 3896 3897 ret = iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, &chandef, 3898 1, 1); 3899 if (ret) { 3900 IWL_ERR(mvm, "Failed to change PHY context\n"); 3901 goto out_unlock; 3902 } 3903 3904 /* Unbind the P2P_DEVICE from the current PHY context */ 3905 ret = iwl_mvm_binding_remove_vif(mvm, vif); 3906 if (WARN(ret, "Failed unbinding P2P_DEVICE\n")) 3907 goto out_unlock; 3908 3909 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt); 3910 3911 /* Bind the P2P_DEVICE to the new allocated PHY context */ 3912 mvmvif->phy_ctxt = phy_ctxt; 3913 3914 ret = iwl_mvm_binding_add_vif(mvm, vif); 3915 if (WARN(ret, "Failed binding P2P_DEVICE\n")) 3916 goto out_unlock; 3917 3918 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt); 3919 } 3920 3921 schedule_time_event: 3922 /* Schedule the time events */ 3923 ret = iwl_mvm_start_p2p_roc(mvm, vif, duration, type); 3924 3925 out_unlock: 3926 mutex_unlock(&mvm->mutex); 3927 IWL_DEBUG_MAC80211(mvm, "leave\n"); 3928 return ret; 3929 } 3930 3931 static int iwl_mvm_cancel_roc(struct ieee80211_hw *hw, 3932 struct ieee80211_vif *vif) 3933 { 3934 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 3935 3936 IWL_DEBUG_MAC80211(mvm, "enter\n"); 3937 3938 mutex_lock(&mvm->mutex); 3939 iwl_mvm_stop_roc(mvm, vif); 3940 mutex_unlock(&mvm->mutex); 3941 3942 IWL_DEBUG_MAC80211(mvm, "leave\n"); 3943 return 0; 3944 } 3945 3946 struct iwl_mvm_ftm_responder_iter_data { 3947 bool responder; 3948 struct ieee80211_chanctx_conf *ctx; 3949 }; 3950 3951 static void iwl_mvm_ftm_responder_chanctx_iter(void *_data, u8 *mac, 3952 struct ieee80211_vif *vif) 3953 { 3954 struct iwl_mvm_ftm_responder_iter_data *data = _data; 3955 3956 if (rcu_access_pointer(vif->chanctx_conf) == data->ctx && 3957 vif->type == NL80211_IFTYPE_AP && vif->bss_conf.ftmr_params) 3958 data->responder = true; 3959 } 3960 3961 static bool iwl_mvm_is_ftm_responder_chanctx(struct iwl_mvm *mvm, 3962 struct ieee80211_chanctx_conf *ctx) 3963 { 3964 struct iwl_mvm_ftm_responder_iter_data data = { 3965 .responder = false, 3966 .ctx = ctx, 3967 }; 3968 3969 ieee80211_iterate_active_interfaces_atomic(mvm->hw, 3970 IEEE80211_IFACE_ITER_NORMAL, 3971 iwl_mvm_ftm_responder_chanctx_iter, 3972 &data); 3973 return data.responder; 3974 } 3975 3976 static int __iwl_mvm_add_chanctx(struct iwl_mvm *mvm, 3977 struct ieee80211_chanctx_conf *ctx) 3978 { 3979 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv; 3980 struct iwl_mvm_phy_ctxt *phy_ctxt; 3981 bool responder = iwl_mvm_is_ftm_responder_chanctx(mvm, ctx); 3982 struct cfg80211_chan_def *def = responder ? &ctx->def : &ctx->min_def; 3983 int ret; 3984 3985 lockdep_assert_held(&mvm->mutex); 3986 3987 IWL_DEBUG_MAC80211(mvm, "Add channel context\n"); 3988 3989 phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm); 3990 if (!phy_ctxt) { 3991 ret = -ENOSPC; 3992 goto out; 3993 } 3994 3995 ret = iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, def, 3996 ctx->rx_chains_static, 3997 ctx->rx_chains_dynamic); 3998 if (ret) { 3999 IWL_ERR(mvm, "Failed to add PHY context\n"); 4000 goto out; 4001 } 4002 4003 iwl_mvm_phy_ctxt_ref(mvm, phy_ctxt); 4004 *phy_ctxt_id = phy_ctxt->id; 4005 out: 4006 return ret; 4007 } 4008 4009 static int iwl_mvm_add_chanctx(struct ieee80211_hw *hw, 4010 struct ieee80211_chanctx_conf *ctx) 4011 { 4012 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4013 int ret; 4014 4015 mutex_lock(&mvm->mutex); 4016 ret = __iwl_mvm_add_chanctx(mvm, ctx); 4017 mutex_unlock(&mvm->mutex); 4018 4019 return ret; 4020 } 4021 4022 static void __iwl_mvm_remove_chanctx(struct iwl_mvm *mvm, 4023 struct ieee80211_chanctx_conf *ctx) 4024 { 4025 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv; 4026 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id]; 4027 4028 lockdep_assert_held(&mvm->mutex); 4029 4030 iwl_mvm_phy_ctxt_unref(mvm, phy_ctxt); 4031 } 4032 4033 static void iwl_mvm_remove_chanctx(struct ieee80211_hw *hw, 4034 struct ieee80211_chanctx_conf *ctx) 4035 { 4036 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4037 4038 mutex_lock(&mvm->mutex); 4039 __iwl_mvm_remove_chanctx(mvm, ctx); 4040 mutex_unlock(&mvm->mutex); 4041 } 4042 4043 static void iwl_mvm_change_chanctx(struct ieee80211_hw *hw, 4044 struct ieee80211_chanctx_conf *ctx, 4045 u32 changed) 4046 { 4047 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4048 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv; 4049 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id]; 4050 bool responder = iwl_mvm_is_ftm_responder_chanctx(mvm, ctx); 4051 struct cfg80211_chan_def *def = responder ? &ctx->def : &ctx->min_def; 4052 4053 if (WARN_ONCE((phy_ctxt->ref > 1) && 4054 (changed & ~(IEEE80211_CHANCTX_CHANGE_WIDTH | 4055 IEEE80211_CHANCTX_CHANGE_RX_CHAINS | 4056 IEEE80211_CHANCTX_CHANGE_RADAR | 4057 IEEE80211_CHANCTX_CHANGE_MIN_WIDTH)), 4058 "Cannot change PHY. Ref=%d, changed=0x%X\n", 4059 phy_ctxt->ref, changed)) 4060 return; 4061 4062 mutex_lock(&mvm->mutex); 4063 4064 /* we are only changing the min_width, may be a noop */ 4065 if (changed == IEEE80211_CHANCTX_CHANGE_MIN_WIDTH) { 4066 if (phy_ctxt->width == def->width) 4067 goto out_unlock; 4068 4069 /* we are just toggling between 20_NOHT and 20 */ 4070 if (phy_ctxt->width <= NL80211_CHAN_WIDTH_20 && 4071 def->width <= NL80211_CHAN_WIDTH_20) 4072 goto out_unlock; 4073 } 4074 4075 iwl_mvm_bt_coex_vif_change(mvm); 4076 iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, def, 4077 ctx->rx_chains_static, 4078 ctx->rx_chains_dynamic); 4079 4080 out_unlock: 4081 mutex_unlock(&mvm->mutex); 4082 } 4083 4084 static int __iwl_mvm_assign_vif_chanctx(struct iwl_mvm *mvm, 4085 struct ieee80211_vif *vif, 4086 struct ieee80211_chanctx_conf *ctx, 4087 bool switching_chanctx) 4088 { 4089 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv; 4090 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id]; 4091 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4092 int ret; 4093 4094 lockdep_assert_held(&mvm->mutex); 4095 4096 mvmvif->phy_ctxt = phy_ctxt; 4097 4098 switch (vif->type) { 4099 case NL80211_IFTYPE_AP: 4100 /* only needed if we're switching chanctx (i.e. during CSA) */ 4101 if (switching_chanctx) { 4102 mvmvif->ap_ibss_active = true; 4103 break; 4104 } 4105 fallthrough; 4106 case NL80211_IFTYPE_ADHOC: 4107 /* 4108 * The AP binding flow is handled as part of the start_ap flow 4109 * (in bss_info_changed), similarly for IBSS. 4110 */ 4111 ret = 0; 4112 goto out; 4113 case NL80211_IFTYPE_STATION: 4114 mvmvif->csa_bcn_pending = false; 4115 break; 4116 case NL80211_IFTYPE_MONITOR: 4117 /* always disable PS when a monitor interface is active */ 4118 mvmvif->ps_disabled = true; 4119 break; 4120 default: 4121 ret = -EINVAL; 4122 goto out; 4123 } 4124 4125 ret = iwl_mvm_binding_add_vif(mvm, vif); 4126 if (ret) 4127 goto out; 4128 4129 /* 4130 * Power state must be updated before quotas, 4131 * otherwise fw will complain. 4132 */ 4133 iwl_mvm_power_update_mac(mvm); 4134 4135 /* Setting the quota at this stage is only required for monitor 4136 * interfaces. For the other types, the bss_info changed flow 4137 * will handle quota settings. 4138 */ 4139 if (vif->type == NL80211_IFTYPE_MONITOR) { 4140 mvmvif->monitor_active = true; 4141 ret = iwl_mvm_update_quotas(mvm, false, NULL); 4142 if (ret) 4143 goto out_remove_binding; 4144 4145 ret = iwl_mvm_add_snif_sta(mvm, vif); 4146 if (ret) 4147 goto out_remove_binding; 4148 4149 } 4150 4151 /* Handle binding during CSA */ 4152 if (vif->type == NL80211_IFTYPE_AP) { 4153 iwl_mvm_update_quotas(mvm, false, NULL); 4154 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL); 4155 } 4156 4157 if (switching_chanctx && vif->type == NL80211_IFTYPE_STATION) { 4158 mvmvif->csa_bcn_pending = true; 4159 4160 if (!fw_has_capa(&mvm->fw->ucode_capa, 4161 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) { 4162 u32 duration = 3 * vif->bss_conf.beacon_int; 4163 4164 /* Protect the session to make sure we hear the first 4165 * beacon on the new channel. 4166 */ 4167 iwl_mvm_protect_session(mvm, vif, duration, duration, 4168 vif->bss_conf.beacon_int / 2, 4169 true); 4170 } 4171 4172 iwl_mvm_update_quotas(mvm, false, NULL); 4173 } 4174 4175 goto out; 4176 4177 out_remove_binding: 4178 iwl_mvm_binding_remove_vif(mvm, vif); 4179 iwl_mvm_power_update_mac(mvm); 4180 out: 4181 if (ret) 4182 mvmvif->phy_ctxt = NULL; 4183 return ret; 4184 } 4185 static int iwl_mvm_assign_vif_chanctx(struct ieee80211_hw *hw, 4186 struct ieee80211_vif *vif, 4187 struct ieee80211_chanctx_conf *ctx) 4188 { 4189 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4190 int ret; 4191 4192 mutex_lock(&mvm->mutex); 4193 ret = __iwl_mvm_assign_vif_chanctx(mvm, vif, ctx, false); 4194 mutex_unlock(&mvm->mutex); 4195 4196 return ret; 4197 } 4198 4199 static void __iwl_mvm_unassign_vif_chanctx(struct iwl_mvm *mvm, 4200 struct ieee80211_vif *vif, 4201 struct ieee80211_chanctx_conf *ctx, 4202 bool switching_chanctx) 4203 { 4204 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4205 struct ieee80211_vif *disabled_vif = NULL; 4206 4207 lockdep_assert_held(&mvm->mutex); 4208 iwl_mvm_remove_time_event(mvm, mvmvif, &mvmvif->time_event_data); 4209 4210 switch (vif->type) { 4211 case NL80211_IFTYPE_ADHOC: 4212 goto out; 4213 case NL80211_IFTYPE_MONITOR: 4214 mvmvif->monitor_active = false; 4215 mvmvif->ps_disabled = false; 4216 iwl_mvm_rm_snif_sta(mvm, vif); 4217 break; 4218 case NL80211_IFTYPE_AP: 4219 /* This part is triggered only during CSA */ 4220 if (!switching_chanctx || !mvmvif->ap_ibss_active) 4221 goto out; 4222 4223 mvmvif->csa_countdown = false; 4224 4225 /* Set CS bit on all the stations */ 4226 iwl_mvm_modify_all_sta_disable_tx(mvm, mvmvif, true); 4227 4228 /* Save blocked iface, the timeout is set on the next beacon */ 4229 rcu_assign_pointer(mvm->csa_tx_blocked_vif, vif); 4230 4231 mvmvif->ap_ibss_active = false; 4232 break; 4233 case NL80211_IFTYPE_STATION: 4234 if (!switching_chanctx) 4235 break; 4236 4237 disabled_vif = vif; 4238 4239 if (!fw_has_capa(&mvm->fw->ucode_capa, 4240 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) 4241 iwl_mvm_mac_ctxt_changed(mvm, vif, true, NULL); 4242 break; 4243 default: 4244 break; 4245 } 4246 4247 iwl_mvm_update_quotas(mvm, false, disabled_vif); 4248 iwl_mvm_binding_remove_vif(mvm, vif); 4249 4250 out: 4251 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD) && 4252 switching_chanctx) 4253 return; 4254 mvmvif->phy_ctxt = NULL; 4255 iwl_mvm_power_update_mac(mvm); 4256 } 4257 4258 static void iwl_mvm_unassign_vif_chanctx(struct ieee80211_hw *hw, 4259 struct ieee80211_vif *vif, 4260 struct ieee80211_chanctx_conf *ctx) 4261 { 4262 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4263 4264 mutex_lock(&mvm->mutex); 4265 __iwl_mvm_unassign_vif_chanctx(mvm, vif, ctx, false); 4266 mutex_unlock(&mvm->mutex); 4267 } 4268 4269 static int 4270 iwl_mvm_switch_vif_chanctx_swap(struct iwl_mvm *mvm, 4271 struct ieee80211_vif_chanctx_switch *vifs) 4272 { 4273 int ret; 4274 4275 mutex_lock(&mvm->mutex); 4276 __iwl_mvm_unassign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, true); 4277 __iwl_mvm_remove_chanctx(mvm, vifs[0].old_ctx); 4278 4279 ret = __iwl_mvm_add_chanctx(mvm, vifs[0].new_ctx); 4280 if (ret) { 4281 IWL_ERR(mvm, "failed to add new_ctx during channel switch\n"); 4282 goto out_reassign; 4283 } 4284 4285 ret = __iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].new_ctx, 4286 true); 4287 if (ret) { 4288 IWL_ERR(mvm, 4289 "failed to assign new_ctx during channel switch\n"); 4290 goto out_remove; 4291 } 4292 4293 /* we don't support TDLS during DCM - can be caused by channel switch */ 4294 if (iwl_mvm_phy_ctx_count(mvm) > 1) 4295 iwl_mvm_teardown_tdls_peers(mvm); 4296 4297 goto out; 4298 4299 out_remove: 4300 __iwl_mvm_remove_chanctx(mvm, vifs[0].new_ctx); 4301 4302 out_reassign: 4303 if (__iwl_mvm_add_chanctx(mvm, vifs[0].old_ctx)) { 4304 IWL_ERR(mvm, "failed to add old_ctx back after failure.\n"); 4305 goto out_restart; 4306 } 4307 4308 if (__iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, 4309 true)) { 4310 IWL_ERR(mvm, "failed to reassign old_ctx after failure.\n"); 4311 goto out_restart; 4312 } 4313 4314 goto out; 4315 4316 out_restart: 4317 /* things keep failing, better restart the hw */ 4318 iwl_mvm_nic_restart(mvm, false); 4319 4320 out: 4321 mutex_unlock(&mvm->mutex); 4322 4323 return ret; 4324 } 4325 4326 static int 4327 iwl_mvm_switch_vif_chanctx_reassign(struct iwl_mvm *mvm, 4328 struct ieee80211_vif_chanctx_switch *vifs) 4329 { 4330 int ret; 4331 4332 mutex_lock(&mvm->mutex); 4333 __iwl_mvm_unassign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, true); 4334 4335 ret = __iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].new_ctx, 4336 true); 4337 if (ret) { 4338 IWL_ERR(mvm, 4339 "failed to assign new_ctx during channel switch\n"); 4340 goto out_reassign; 4341 } 4342 4343 goto out; 4344 4345 out_reassign: 4346 if (__iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, 4347 true)) { 4348 IWL_ERR(mvm, "failed to reassign old_ctx after failure.\n"); 4349 goto out_restart; 4350 } 4351 4352 goto out; 4353 4354 out_restart: 4355 /* things keep failing, better restart the hw */ 4356 iwl_mvm_nic_restart(mvm, false); 4357 4358 out: 4359 mutex_unlock(&mvm->mutex); 4360 4361 return ret; 4362 } 4363 4364 static int iwl_mvm_switch_vif_chanctx(struct ieee80211_hw *hw, 4365 struct ieee80211_vif_chanctx_switch *vifs, 4366 int n_vifs, 4367 enum ieee80211_chanctx_switch_mode mode) 4368 { 4369 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4370 int ret; 4371 4372 /* we only support a single-vif right now */ 4373 if (n_vifs > 1) 4374 return -EOPNOTSUPP; 4375 4376 switch (mode) { 4377 case CHANCTX_SWMODE_SWAP_CONTEXTS: 4378 ret = iwl_mvm_switch_vif_chanctx_swap(mvm, vifs); 4379 break; 4380 case CHANCTX_SWMODE_REASSIGN_VIF: 4381 ret = iwl_mvm_switch_vif_chanctx_reassign(mvm, vifs); 4382 break; 4383 default: 4384 ret = -EOPNOTSUPP; 4385 break; 4386 } 4387 4388 return ret; 4389 } 4390 4391 static int iwl_mvm_tx_last_beacon(struct ieee80211_hw *hw) 4392 { 4393 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4394 4395 return mvm->ibss_manager; 4396 } 4397 4398 static int iwl_mvm_set_tim(struct ieee80211_hw *hw, 4399 struct ieee80211_sta *sta, 4400 bool set) 4401 { 4402 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4403 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta); 4404 4405 if (!mvm_sta || !mvm_sta->vif) { 4406 IWL_ERR(mvm, "Station is not associated to a vif\n"); 4407 return -EINVAL; 4408 } 4409 4410 return iwl_mvm_mac_ctxt_beacon_changed(mvm, mvm_sta->vif); 4411 } 4412 4413 #ifdef CONFIG_NL80211_TESTMODE 4414 static const struct nla_policy iwl_mvm_tm_policy[IWL_MVM_TM_ATTR_MAX + 1] = { 4415 [IWL_MVM_TM_ATTR_CMD] = { .type = NLA_U32 }, 4416 [IWL_MVM_TM_ATTR_NOA_DURATION] = { .type = NLA_U32 }, 4417 [IWL_MVM_TM_ATTR_BEACON_FILTER_STATE] = { .type = NLA_U32 }, 4418 }; 4419 4420 static int __iwl_mvm_mac_testmode_cmd(struct iwl_mvm *mvm, 4421 struct ieee80211_vif *vif, 4422 void *data, int len) 4423 { 4424 struct nlattr *tb[IWL_MVM_TM_ATTR_MAX + 1]; 4425 int err; 4426 u32 noa_duration; 4427 4428 err = nla_parse_deprecated(tb, IWL_MVM_TM_ATTR_MAX, data, len, 4429 iwl_mvm_tm_policy, NULL); 4430 if (err) 4431 return err; 4432 4433 if (!tb[IWL_MVM_TM_ATTR_CMD]) 4434 return -EINVAL; 4435 4436 switch (nla_get_u32(tb[IWL_MVM_TM_ATTR_CMD])) { 4437 case IWL_MVM_TM_CMD_SET_NOA: 4438 if (!vif || vif->type != NL80211_IFTYPE_AP || !vif->p2p || 4439 !vif->bss_conf.enable_beacon || 4440 !tb[IWL_MVM_TM_ATTR_NOA_DURATION]) 4441 return -EINVAL; 4442 4443 noa_duration = nla_get_u32(tb[IWL_MVM_TM_ATTR_NOA_DURATION]); 4444 if (noa_duration >= vif->bss_conf.beacon_int) 4445 return -EINVAL; 4446 4447 mvm->noa_duration = noa_duration; 4448 mvm->noa_vif = vif; 4449 4450 return iwl_mvm_update_quotas(mvm, true, NULL); 4451 case IWL_MVM_TM_CMD_SET_BEACON_FILTER: 4452 /* must be associated client vif - ignore authorized */ 4453 if (!vif || vif->type != NL80211_IFTYPE_STATION || 4454 !vif->bss_conf.assoc || !vif->bss_conf.dtim_period || 4455 !tb[IWL_MVM_TM_ATTR_BEACON_FILTER_STATE]) 4456 return -EINVAL; 4457 4458 if (nla_get_u32(tb[IWL_MVM_TM_ATTR_BEACON_FILTER_STATE])) 4459 return iwl_mvm_enable_beacon_filter(mvm, vif, 0); 4460 return iwl_mvm_disable_beacon_filter(mvm, vif, 0); 4461 } 4462 4463 return -EOPNOTSUPP; 4464 } 4465 4466 static int iwl_mvm_mac_testmode_cmd(struct ieee80211_hw *hw, 4467 struct ieee80211_vif *vif, 4468 void *data, int len) 4469 { 4470 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4471 int err; 4472 4473 mutex_lock(&mvm->mutex); 4474 err = __iwl_mvm_mac_testmode_cmd(mvm, vif, data, len); 4475 mutex_unlock(&mvm->mutex); 4476 4477 return err; 4478 } 4479 #endif 4480 4481 static void iwl_mvm_channel_switch(struct ieee80211_hw *hw, 4482 struct ieee80211_vif *vif, 4483 struct ieee80211_channel_switch *chsw) 4484 { 4485 /* By implementing this operation, we prevent mac80211 from 4486 * starting its own channel switch timer, so that we can call 4487 * ieee80211_chswitch_done() ourselves at the right time 4488 * (which is when the absence time event starts). 4489 */ 4490 4491 IWL_DEBUG_MAC80211(IWL_MAC80211_GET_MVM(hw), 4492 "dummy channel switch op\n"); 4493 } 4494 4495 static int iwl_mvm_schedule_client_csa(struct iwl_mvm *mvm, 4496 struct ieee80211_vif *vif, 4497 struct ieee80211_channel_switch *chsw) 4498 { 4499 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4500 struct iwl_chan_switch_te_cmd cmd = { 4501 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 4502 mvmvif->color)), 4503 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 4504 .tsf = cpu_to_le32(chsw->timestamp), 4505 .cs_count = chsw->count, 4506 .cs_mode = chsw->block_tx, 4507 }; 4508 4509 lockdep_assert_held(&mvm->mutex); 4510 4511 if (chsw->delay) 4512 cmd.cs_delayed_bcn_count = 4513 DIV_ROUND_UP(chsw->delay, vif->bss_conf.beacon_int); 4514 4515 return iwl_mvm_send_cmd_pdu(mvm, 4516 WIDE_ID(MAC_CONF_GROUP, 4517 CHANNEL_SWITCH_TIME_EVENT_CMD), 4518 0, sizeof(cmd), &cmd); 4519 } 4520 4521 static int iwl_mvm_old_pre_chan_sw_sta(struct iwl_mvm *mvm, 4522 struct ieee80211_vif *vif, 4523 struct ieee80211_channel_switch *chsw) 4524 { 4525 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4526 u32 apply_time; 4527 4528 /* Schedule the time event to a bit before beacon 1, 4529 * to make sure we're in the new channel when the 4530 * GO/AP arrives. In case count <= 1 immediately schedule the 4531 * TE (this might result with some packet loss or connection 4532 * loss). 4533 */ 4534 if (chsw->count <= 1) 4535 apply_time = 0; 4536 else 4537 apply_time = chsw->device_timestamp + 4538 ((vif->bss_conf.beacon_int * (chsw->count - 1) - 4539 IWL_MVM_CHANNEL_SWITCH_TIME_CLIENT) * 1024); 4540 4541 if (chsw->block_tx) 4542 iwl_mvm_csa_client_absent(mvm, vif); 4543 4544 if (mvmvif->bf_data.bf_enabled) { 4545 int ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0); 4546 4547 if (ret) 4548 return ret; 4549 } 4550 4551 iwl_mvm_schedule_csa_period(mvm, vif, vif->bss_conf.beacon_int, 4552 apply_time); 4553 4554 return 0; 4555 } 4556 4557 #define IWL_MAX_CSA_BLOCK_TX 1500 4558 static int iwl_mvm_pre_channel_switch(struct ieee80211_hw *hw, 4559 struct ieee80211_vif *vif, 4560 struct ieee80211_channel_switch *chsw) 4561 { 4562 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4563 struct ieee80211_vif *csa_vif; 4564 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4565 int ret; 4566 4567 mutex_lock(&mvm->mutex); 4568 4569 mvmvif->csa_failed = false; 4570 4571 IWL_DEBUG_MAC80211(mvm, "pre CSA to freq %d\n", 4572 chsw->chandef.center_freq1); 4573 4574 iwl_fw_dbg_trigger_simple_stop(&mvm->fwrt, 4575 ieee80211_vif_to_wdev(vif), 4576 FW_DBG_TRIGGER_CHANNEL_SWITCH); 4577 4578 switch (vif->type) { 4579 case NL80211_IFTYPE_AP: 4580 csa_vif = 4581 rcu_dereference_protected(mvm->csa_vif, 4582 lockdep_is_held(&mvm->mutex)); 4583 if (WARN_ONCE(csa_vif && csa_vif->csa_active, 4584 "Another CSA is already in progress")) { 4585 ret = -EBUSY; 4586 goto out_unlock; 4587 } 4588 4589 /* we still didn't unblock tx. prevent new CS meanwhile */ 4590 if (rcu_dereference_protected(mvm->csa_tx_blocked_vif, 4591 lockdep_is_held(&mvm->mutex))) { 4592 ret = -EBUSY; 4593 goto out_unlock; 4594 } 4595 4596 rcu_assign_pointer(mvm->csa_vif, vif); 4597 4598 if (WARN_ONCE(mvmvif->csa_countdown, 4599 "Previous CSA countdown didn't complete")) { 4600 ret = -EBUSY; 4601 goto out_unlock; 4602 } 4603 4604 mvmvif->csa_target_freq = chsw->chandef.chan->center_freq; 4605 4606 break; 4607 case NL80211_IFTYPE_STATION: 4608 /* 4609 * We haven't configured the firmware to be associated yet since 4610 * we don't know the dtim period. In this case, the firmware can't 4611 * track the beacons. 4612 */ 4613 if (!vif->bss_conf.assoc || !vif->bss_conf.dtim_period) { 4614 ret = -EBUSY; 4615 goto out_unlock; 4616 } 4617 4618 if (chsw->delay > IWL_MAX_CSA_BLOCK_TX) 4619 schedule_delayed_work(&mvmvif->csa_work, 0); 4620 4621 if (chsw->block_tx) { 4622 /* 4623 * In case of undetermined / long time with immediate 4624 * quiet monitor status to gracefully disconnect 4625 */ 4626 if (!chsw->count || 4627 chsw->count * vif->bss_conf.beacon_int > 4628 IWL_MAX_CSA_BLOCK_TX) 4629 schedule_delayed_work(&mvmvif->csa_work, 4630 msecs_to_jiffies(IWL_MAX_CSA_BLOCK_TX)); 4631 } 4632 4633 if (!fw_has_capa(&mvm->fw->ucode_capa, 4634 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) { 4635 ret = iwl_mvm_old_pre_chan_sw_sta(mvm, vif, chsw); 4636 if (ret) 4637 goto out_unlock; 4638 } else { 4639 iwl_mvm_schedule_client_csa(mvm, vif, chsw); 4640 } 4641 4642 mvmvif->csa_count = chsw->count; 4643 mvmvif->csa_misbehave = false; 4644 break; 4645 default: 4646 break; 4647 } 4648 4649 mvmvif->ps_disabled = true; 4650 4651 ret = iwl_mvm_power_update_ps(mvm); 4652 if (ret) 4653 goto out_unlock; 4654 4655 /* we won't be on this channel any longer */ 4656 iwl_mvm_teardown_tdls_peers(mvm); 4657 4658 out_unlock: 4659 mutex_unlock(&mvm->mutex); 4660 4661 return ret; 4662 } 4663 4664 static void iwl_mvm_channel_switch_rx_beacon(struct ieee80211_hw *hw, 4665 struct ieee80211_vif *vif, 4666 struct ieee80211_channel_switch *chsw) 4667 { 4668 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4669 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4670 struct iwl_chan_switch_te_cmd cmd = { 4671 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, 4672 mvmvif->color)), 4673 .action = cpu_to_le32(FW_CTXT_ACTION_MODIFY), 4674 .tsf = cpu_to_le32(chsw->timestamp), 4675 .cs_count = chsw->count, 4676 .cs_mode = chsw->block_tx, 4677 }; 4678 4679 if (!fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_CS_MODIFY)) 4680 return; 4681 4682 IWL_DEBUG_MAC80211(mvm, "Modify CSA on mac %d count = %d (old %d) mode = %d\n", 4683 mvmvif->id, chsw->count, mvmvif->csa_count, chsw->block_tx); 4684 4685 if (chsw->count >= mvmvif->csa_count && chsw->block_tx) { 4686 if (mvmvif->csa_misbehave) { 4687 /* Second time, give up on this AP*/ 4688 iwl_mvm_abort_channel_switch(hw, vif); 4689 ieee80211_chswitch_done(vif, false); 4690 mvmvif->csa_misbehave = false; 4691 return; 4692 } 4693 mvmvif->csa_misbehave = true; 4694 } 4695 mvmvif->csa_count = chsw->count; 4696 4697 mutex_lock(&mvm->mutex); 4698 if (mvmvif->csa_failed) 4699 goto out_unlock; 4700 4701 WARN_ON(iwl_mvm_send_cmd_pdu(mvm, 4702 WIDE_ID(MAC_CONF_GROUP, 4703 CHANNEL_SWITCH_TIME_EVENT_CMD), 4704 0, sizeof(cmd), &cmd)); 4705 out_unlock: 4706 mutex_unlock(&mvm->mutex); 4707 } 4708 4709 static void iwl_mvm_flush_no_vif(struct iwl_mvm *mvm, u32 queues, bool drop) 4710 { 4711 int i; 4712 4713 if (!iwl_mvm_has_new_tx_api(mvm)) { 4714 if (drop) { 4715 mutex_lock(&mvm->mutex); 4716 iwl_mvm_flush_tx_path(mvm, 4717 iwl_mvm_flushable_queues(mvm) & queues); 4718 mutex_unlock(&mvm->mutex); 4719 } else { 4720 iwl_trans_wait_tx_queues_empty(mvm->trans, queues); 4721 } 4722 return; 4723 } 4724 4725 mutex_lock(&mvm->mutex); 4726 for (i = 0; i < mvm->fw->ucode_capa.num_stations; i++) { 4727 struct ieee80211_sta *sta; 4728 4729 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i], 4730 lockdep_is_held(&mvm->mutex)); 4731 if (IS_ERR_OR_NULL(sta)) 4732 continue; 4733 4734 if (drop) 4735 iwl_mvm_flush_sta_tids(mvm, i, 0xFFFF); 4736 else 4737 iwl_mvm_wait_sta_queues_empty(mvm, 4738 iwl_mvm_sta_from_mac80211(sta)); 4739 } 4740 mutex_unlock(&mvm->mutex); 4741 } 4742 4743 static void iwl_mvm_mac_flush(struct ieee80211_hw *hw, 4744 struct ieee80211_vif *vif, u32 queues, bool drop) 4745 { 4746 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4747 struct iwl_mvm_vif *mvmvif; 4748 struct iwl_mvm_sta *mvmsta; 4749 struct ieee80211_sta *sta; 4750 int i; 4751 u32 msk = 0; 4752 4753 if (!vif) { 4754 iwl_mvm_flush_no_vif(mvm, queues, drop); 4755 return; 4756 } 4757 4758 if (vif->type != NL80211_IFTYPE_STATION) 4759 return; 4760 4761 /* Make sure we're done with the deferred traffic before flushing */ 4762 flush_work(&mvm->add_stream_wk); 4763 4764 mutex_lock(&mvm->mutex); 4765 mvmvif = iwl_mvm_vif_from_mac80211(vif); 4766 4767 /* flush the AP-station and all TDLS peers */ 4768 for (i = 0; i < mvm->fw->ucode_capa.num_stations; i++) { 4769 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i], 4770 lockdep_is_held(&mvm->mutex)); 4771 if (IS_ERR_OR_NULL(sta)) 4772 continue; 4773 4774 mvmsta = iwl_mvm_sta_from_mac80211(sta); 4775 if (mvmsta->vif != vif) 4776 continue; 4777 4778 /* make sure only TDLS peers or the AP are flushed */ 4779 WARN_ON(i != mvmvif->ap_sta_id && !sta->tdls); 4780 4781 if (drop) { 4782 if (iwl_mvm_flush_sta(mvm, mvmsta, false)) 4783 IWL_ERR(mvm, "flush request fail\n"); 4784 } else { 4785 msk |= mvmsta->tfd_queue_msk; 4786 if (iwl_mvm_has_new_tx_api(mvm)) 4787 iwl_mvm_wait_sta_queues_empty(mvm, mvmsta); 4788 } 4789 } 4790 4791 mutex_unlock(&mvm->mutex); 4792 4793 /* this can take a while, and we may need/want other operations 4794 * to succeed while doing this, so do it without the mutex held 4795 */ 4796 if (!drop && !iwl_mvm_has_new_tx_api(mvm)) 4797 iwl_trans_wait_tx_queues_empty(mvm->trans, msk); 4798 } 4799 4800 static int iwl_mvm_mac_get_survey(struct ieee80211_hw *hw, int idx, 4801 struct survey_info *survey) 4802 { 4803 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4804 int ret; 4805 4806 memset(survey, 0, sizeof(*survey)); 4807 4808 /* only support global statistics right now */ 4809 if (idx != 0) 4810 return -ENOENT; 4811 4812 if (!fw_has_capa(&mvm->fw->ucode_capa, 4813 IWL_UCODE_TLV_CAPA_RADIO_BEACON_STATS)) 4814 return -ENOENT; 4815 4816 mutex_lock(&mvm->mutex); 4817 4818 if (iwl_mvm_firmware_running(mvm)) { 4819 ret = iwl_mvm_request_statistics(mvm, false); 4820 if (ret) 4821 goto out; 4822 } 4823 4824 survey->filled = SURVEY_INFO_TIME | 4825 SURVEY_INFO_TIME_RX | 4826 SURVEY_INFO_TIME_TX | 4827 SURVEY_INFO_TIME_SCAN; 4828 survey->time = mvm->accu_radio_stats.on_time_rf + 4829 mvm->radio_stats.on_time_rf; 4830 do_div(survey->time, USEC_PER_MSEC); 4831 4832 survey->time_rx = mvm->accu_radio_stats.rx_time + 4833 mvm->radio_stats.rx_time; 4834 do_div(survey->time_rx, USEC_PER_MSEC); 4835 4836 survey->time_tx = mvm->accu_radio_stats.tx_time + 4837 mvm->radio_stats.tx_time; 4838 do_div(survey->time_tx, USEC_PER_MSEC); 4839 4840 survey->time_scan = mvm->accu_radio_stats.on_time_scan + 4841 mvm->radio_stats.on_time_scan; 4842 do_div(survey->time_scan, USEC_PER_MSEC); 4843 4844 ret = 0; 4845 out: 4846 mutex_unlock(&mvm->mutex); 4847 return ret; 4848 } 4849 4850 static void iwl_mvm_set_sta_rate(u32 rate_n_flags, struct rate_info *rinfo) 4851 { 4852 u32 format = rate_n_flags & RATE_MCS_MOD_TYPE_MSK; 4853 4854 switch (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) { 4855 case RATE_MCS_CHAN_WIDTH_20: 4856 rinfo->bw = RATE_INFO_BW_20; 4857 break; 4858 case RATE_MCS_CHAN_WIDTH_40: 4859 rinfo->bw = RATE_INFO_BW_40; 4860 break; 4861 case RATE_MCS_CHAN_WIDTH_80: 4862 rinfo->bw = RATE_INFO_BW_80; 4863 break; 4864 case RATE_MCS_CHAN_WIDTH_160: 4865 rinfo->bw = RATE_INFO_BW_160; 4866 break; 4867 } 4868 4869 if (format == RATE_MCS_CCK_MSK || 4870 format == RATE_MCS_LEGACY_OFDM_MSK) { 4871 int rate = u32_get_bits(rate_n_flags, RATE_LEGACY_RATE_MSK); 4872 4873 /* add the offset needed to get to the legacy ofdm indices */ 4874 if (format == RATE_MCS_LEGACY_OFDM_MSK) 4875 rate += IWL_FIRST_OFDM_RATE; 4876 4877 switch (rate) { 4878 case IWL_RATE_1M_INDEX: 4879 rinfo->legacy = 10; 4880 break; 4881 case IWL_RATE_2M_INDEX: 4882 rinfo->legacy = 20; 4883 break; 4884 case IWL_RATE_5M_INDEX: 4885 rinfo->legacy = 55; 4886 break; 4887 case IWL_RATE_11M_INDEX: 4888 rinfo->legacy = 110; 4889 break; 4890 case IWL_RATE_6M_INDEX: 4891 rinfo->legacy = 60; 4892 break; 4893 case IWL_RATE_9M_INDEX: 4894 rinfo->legacy = 90; 4895 break; 4896 case IWL_RATE_12M_INDEX: 4897 rinfo->legacy = 120; 4898 break; 4899 case IWL_RATE_18M_INDEX: 4900 rinfo->legacy = 180; 4901 break; 4902 case IWL_RATE_24M_INDEX: 4903 rinfo->legacy = 240; 4904 break; 4905 case IWL_RATE_36M_INDEX: 4906 rinfo->legacy = 360; 4907 break; 4908 case IWL_RATE_48M_INDEX: 4909 rinfo->legacy = 480; 4910 break; 4911 case IWL_RATE_54M_INDEX: 4912 rinfo->legacy = 540; 4913 } 4914 return; 4915 } 4916 4917 rinfo->nss = u32_get_bits(rate_n_flags, 4918 RATE_MCS_NSS_MSK) + 1; 4919 rinfo->mcs = format == RATE_MCS_HT_MSK ? 4920 RATE_HT_MCS_INDEX(rate_n_flags) : 4921 u32_get_bits(rate_n_flags, RATE_MCS_CODE_MSK); 4922 4923 if (format == RATE_MCS_HE_MSK) { 4924 u32 gi_ltf = u32_get_bits(rate_n_flags, 4925 RATE_MCS_HE_GI_LTF_MSK); 4926 4927 rinfo->flags |= RATE_INFO_FLAGS_HE_MCS; 4928 4929 if (rate_n_flags & RATE_MCS_HE_106T_MSK) { 4930 rinfo->bw = RATE_INFO_BW_HE_RU; 4931 rinfo->he_ru_alloc = NL80211_RATE_INFO_HE_RU_ALLOC_106; 4932 } 4933 4934 switch (rate_n_flags & RATE_MCS_HE_TYPE_MSK) { 4935 case RATE_MCS_HE_TYPE_SU: 4936 case RATE_MCS_HE_TYPE_EXT_SU: 4937 if (gi_ltf == 0 || gi_ltf == 1) 4938 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 4939 else if (gi_ltf == 2) 4940 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 4941 else if (gi_ltf == 3) 4942 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 4943 else 4944 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 4945 break; 4946 case RATE_MCS_HE_TYPE_MU: 4947 if (gi_ltf == 0 || gi_ltf == 1) 4948 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8; 4949 else if (gi_ltf == 2) 4950 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 4951 else 4952 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 4953 break; 4954 case RATE_MCS_HE_TYPE_TRIG: 4955 if (gi_ltf == 0 || gi_ltf == 1) 4956 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6; 4957 else 4958 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2; 4959 break; 4960 } 4961 4962 if (rate_n_flags & RATE_HE_DUAL_CARRIER_MODE_MSK) 4963 rinfo->he_dcm = 1; 4964 return; 4965 } 4966 4967 if (rate_n_flags & RATE_MCS_SGI_MSK) 4968 rinfo->flags |= RATE_INFO_FLAGS_SHORT_GI; 4969 4970 if (format == RATE_MCS_HT_MSK) { 4971 rinfo->flags |= RATE_INFO_FLAGS_MCS; 4972 4973 } else if (format == RATE_MCS_VHT_MSK) { 4974 rinfo->flags |= RATE_INFO_FLAGS_VHT_MCS; 4975 } 4976 4977 } 4978 4979 static void iwl_mvm_mac_sta_statistics(struct ieee80211_hw *hw, 4980 struct ieee80211_vif *vif, 4981 struct ieee80211_sta *sta, 4982 struct station_info *sinfo) 4983 { 4984 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 4985 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 4986 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); 4987 4988 if (mvmsta->avg_energy) { 4989 sinfo->signal_avg = -(s8)mvmsta->avg_energy; 4990 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG); 4991 } 4992 4993 if (iwl_mvm_has_tlc_offload(mvm)) { 4994 struct iwl_lq_sta_rs_fw *lq_sta = &mvmsta->lq_sta.rs_fw; 4995 4996 iwl_mvm_set_sta_rate(lq_sta->last_rate_n_flags, &sinfo->txrate); 4997 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE); 4998 } 4999 5000 /* if beacon filtering isn't on mac80211 does it anyway */ 5001 if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER)) 5002 return; 5003 5004 if (!vif->bss_conf.assoc) 5005 return; 5006 5007 mutex_lock(&mvm->mutex); 5008 5009 if (mvmvif->ap_sta_id != mvmsta->sta_id) 5010 goto unlock; 5011 5012 if (iwl_mvm_request_statistics(mvm, false)) 5013 goto unlock; 5014 5015 sinfo->rx_beacon = mvmvif->beacon_stats.num_beacons + 5016 mvmvif->beacon_stats.accu_num_beacons; 5017 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_BEACON_RX); 5018 if (mvmvif->beacon_stats.avg_signal) { 5019 /* firmware only reports a value after RXing a few beacons */ 5020 sinfo->rx_beacon_signal_avg = mvmvif->beacon_stats.avg_signal; 5021 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_BEACON_SIGNAL_AVG); 5022 } 5023 unlock: 5024 mutex_unlock(&mvm->mutex); 5025 } 5026 5027 static void iwl_mvm_event_mlme_callback_ini(struct iwl_mvm *mvm, 5028 struct ieee80211_vif *vif, 5029 const struct ieee80211_mlme_event *mlme) 5030 { 5031 if ((mlme->data == ASSOC_EVENT || mlme->data == AUTH_EVENT) && 5032 (mlme->status == MLME_DENIED || mlme->status == MLME_TIMEOUT)) { 5033 iwl_dbg_tlv_time_point(&mvm->fwrt, 5034 IWL_FW_INI_TIME_POINT_ASSOC_FAILED, 5035 NULL); 5036 return; 5037 } 5038 5039 if (mlme->data == DEAUTH_RX_EVENT || mlme->data == DEAUTH_TX_EVENT) { 5040 iwl_dbg_tlv_time_point(&mvm->fwrt, 5041 IWL_FW_INI_TIME_POINT_DEASSOC, 5042 NULL); 5043 return; 5044 } 5045 } 5046 5047 static void iwl_mvm_event_mlme_callback(struct iwl_mvm *mvm, 5048 struct ieee80211_vif *vif, 5049 const struct ieee80211_event *event) 5050 { 5051 #define CHECK_MLME_TRIGGER(_cnt, _fmt...) \ 5052 do { \ 5053 if ((trig_mlme->_cnt) && --(trig_mlme->_cnt)) \ 5054 break; \ 5055 iwl_fw_dbg_collect_trig(&(mvm)->fwrt, trig, _fmt); \ 5056 } while (0) 5057 5058 struct iwl_fw_dbg_trigger_tlv *trig; 5059 struct iwl_fw_dbg_trigger_mlme *trig_mlme; 5060 5061 if (iwl_trans_dbg_ini_valid(mvm->trans)) { 5062 iwl_mvm_event_mlme_callback_ini(mvm, vif, &event->u.mlme); 5063 return; 5064 } 5065 5066 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif), 5067 FW_DBG_TRIGGER_MLME); 5068 if (!trig) 5069 return; 5070 5071 trig_mlme = (void *)trig->data; 5072 5073 if (event->u.mlme.data == ASSOC_EVENT) { 5074 if (event->u.mlme.status == MLME_DENIED) 5075 CHECK_MLME_TRIGGER(stop_assoc_denied, 5076 "DENIED ASSOC: reason %d", 5077 event->u.mlme.reason); 5078 else if (event->u.mlme.status == MLME_TIMEOUT) 5079 CHECK_MLME_TRIGGER(stop_assoc_timeout, 5080 "ASSOC TIMEOUT"); 5081 } else if (event->u.mlme.data == AUTH_EVENT) { 5082 if (event->u.mlme.status == MLME_DENIED) 5083 CHECK_MLME_TRIGGER(stop_auth_denied, 5084 "DENIED AUTH: reason %d", 5085 event->u.mlme.reason); 5086 else if (event->u.mlme.status == MLME_TIMEOUT) 5087 CHECK_MLME_TRIGGER(stop_auth_timeout, 5088 "AUTH TIMEOUT"); 5089 } else if (event->u.mlme.data == DEAUTH_RX_EVENT) { 5090 CHECK_MLME_TRIGGER(stop_rx_deauth, 5091 "DEAUTH RX %d", event->u.mlme.reason); 5092 } else if (event->u.mlme.data == DEAUTH_TX_EVENT) { 5093 CHECK_MLME_TRIGGER(stop_tx_deauth, 5094 "DEAUTH TX %d", event->u.mlme.reason); 5095 } 5096 #undef CHECK_MLME_TRIGGER 5097 } 5098 5099 static void iwl_mvm_event_bar_rx_callback(struct iwl_mvm *mvm, 5100 struct ieee80211_vif *vif, 5101 const struct ieee80211_event *event) 5102 { 5103 struct iwl_fw_dbg_trigger_tlv *trig; 5104 struct iwl_fw_dbg_trigger_ba *ba_trig; 5105 5106 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif), 5107 FW_DBG_TRIGGER_BA); 5108 if (!trig) 5109 return; 5110 5111 ba_trig = (void *)trig->data; 5112 5113 if (!(le16_to_cpu(ba_trig->rx_bar) & BIT(event->u.ba.tid))) 5114 return; 5115 5116 iwl_fw_dbg_collect_trig(&mvm->fwrt, trig, 5117 "BAR received from %pM, tid %d, ssn %d", 5118 event->u.ba.sta->addr, event->u.ba.tid, 5119 event->u.ba.ssn); 5120 } 5121 5122 static void iwl_mvm_mac_event_callback(struct ieee80211_hw *hw, 5123 struct ieee80211_vif *vif, 5124 const struct ieee80211_event *event) 5125 { 5126 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5127 5128 switch (event->type) { 5129 case MLME_EVENT: 5130 iwl_mvm_event_mlme_callback(mvm, vif, event); 5131 break; 5132 case BAR_RX_EVENT: 5133 iwl_mvm_event_bar_rx_callback(mvm, vif, event); 5134 break; 5135 case BA_FRAME_TIMEOUT: 5136 iwl_mvm_event_frame_timeout_callback(mvm, vif, event->u.ba.sta, 5137 event->u.ba.tid); 5138 break; 5139 default: 5140 break; 5141 } 5142 } 5143 5144 void iwl_mvm_sync_rx_queues_internal(struct iwl_mvm *mvm, 5145 enum iwl_mvm_rxq_notif_type type, 5146 bool sync, 5147 const void *data, u32 size) 5148 { 5149 struct { 5150 struct iwl_rxq_sync_cmd cmd; 5151 struct iwl_mvm_internal_rxq_notif notif; 5152 } __packed cmd = { 5153 .cmd.rxq_mask = cpu_to_le32(BIT(mvm->trans->num_rx_queues) - 1), 5154 .cmd.count = 5155 cpu_to_le32(sizeof(struct iwl_mvm_internal_rxq_notif) + 5156 size), 5157 .notif.type = type, 5158 .notif.sync = sync, 5159 }; 5160 struct iwl_host_cmd hcmd = { 5161 .id = WIDE_ID(DATA_PATH_GROUP, TRIGGER_RX_QUEUES_NOTIF_CMD), 5162 .data[0] = &cmd, 5163 .len[0] = sizeof(cmd), 5164 .data[1] = data, 5165 .len[1] = size, 5166 .flags = sync ? 0 : CMD_ASYNC, 5167 }; 5168 int ret; 5169 5170 /* size must be a multiple of DWORD */ 5171 if (WARN_ON(cmd.cmd.count & cpu_to_le32(3))) 5172 return; 5173 5174 if (!iwl_mvm_has_new_rx_api(mvm)) 5175 return; 5176 5177 if (sync) { 5178 cmd.notif.cookie = mvm->queue_sync_cookie; 5179 mvm->queue_sync_state = (1 << mvm->trans->num_rx_queues) - 1; 5180 } 5181 5182 ret = iwl_mvm_send_cmd(mvm, &hcmd); 5183 if (ret) { 5184 IWL_ERR(mvm, "Failed to trigger RX queues sync (%d)\n", ret); 5185 goto out; 5186 } 5187 5188 if (sync) { 5189 lockdep_assert_held(&mvm->mutex); 5190 ret = wait_event_timeout(mvm->rx_sync_waitq, 5191 READ_ONCE(mvm->queue_sync_state) == 0 || 5192 iwl_mvm_is_radio_killed(mvm), 5193 HZ); 5194 WARN_ONCE(!ret && !iwl_mvm_is_radio_killed(mvm), 5195 "queue sync: failed to sync, state is 0x%lx\n", 5196 mvm->queue_sync_state); 5197 } 5198 5199 out: 5200 if (sync) { 5201 mvm->queue_sync_state = 0; 5202 mvm->queue_sync_cookie++; 5203 } 5204 } 5205 5206 static void iwl_mvm_sync_rx_queues(struct ieee80211_hw *hw) 5207 { 5208 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5209 5210 mutex_lock(&mvm->mutex); 5211 iwl_mvm_sync_rx_queues_internal(mvm, IWL_MVM_RXQ_EMPTY, true, NULL, 0); 5212 mutex_unlock(&mvm->mutex); 5213 } 5214 5215 static int 5216 iwl_mvm_mac_get_ftm_responder_stats(struct ieee80211_hw *hw, 5217 struct ieee80211_vif *vif, 5218 struct cfg80211_ftm_responder_stats *stats) 5219 { 5220 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5221 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 5222 5223 if (vif->p2p || vif->type != NL80211_IFTYPE_AP || 5224 !mvmvif->ap_ibss_active || !vif->bss_conf.ftm_responder) 5225 return -EINVAL; 5226 5227 mutex_lock(&mvm->mutex); 5228 *stats = mvm->ftm_resp_stats; 5229 mutex_unlock(&mvm->mutex); 5230 5231 stats->filled = BIT(NL80211_FTM_STATS_SUCCESS_NUM) | 5232 BIT(NL80211_FTM_STATS_PARTIAL_NUM) | 5233 BIT(NL80211_FTM_STATS_FAILED_NUM) | 5234 BIT(NL80211_FTM_STATS_ASAP_NUM) | 5235 BIT(NL80211_FTM_STATS_NON_ASAP_NUM) | 5236 BIT(NL80211_FTM_STATS_TOTAL_DURATION_MSEC) | 5237 BIT(NL80211_FTM_STATS_UNKNOWN_TRIGGERS_NUM) | 5238 BIT(NL80211_FTM_STATS_RESCHEDULE_REQUESTS_NUM) | 5239 BIT(NL80211_FTM_STATS_OUT_OF_WINDOW_TRIGGERS_NUM); 5240 5241 return 0; 5242 } 5243 5244 static int iwl_mvm_start_pmsr(struct ieee80211_hw *hw, 5245 struct ieee80211_vif *vif, 5246 struct cfg80211_pmsr_request *request) 5247 { 5248 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5249 int ret; 5250 5251 mutex_lock(&mvm->mutex); 5252 ret = iwl_mvm_ftm_start(mvm, vif, request); 5253 mutex_unlock(&mvm->mutex); 5254 5255 return ret; 5256 } 5257 5258 static void iwl_mvm_abort_pmsr(struct ieee80211_hw *hw, 5259 struct ieee80211_vif *vif, 5260 struct cfg80211_pmsr_request *request) 5261 { 5262 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5263 5264 mutex_lock(&mvm->mutex); 5265 iwl_mvm_ftm_abort(mvm, request); 5266 mutex_unlock(&mvm->mutex); 5267 } 5268 5269 static bool iwl_mvm_can_hw_csum(struct sk_buff *skb) 5270 { 5271 u8 protocol = ip_hdr(skb)->protocol; 5272 5273 if (!IS_ENABLED(CONFIG_INET)) 5274 return false; 5275 5276 return protocol == IPPROTO_TCP || protocol == IPPROTO_UDP; 5277 } 5278 5279 static bool iwl_mvm_mac_can_aggregate(struct ieee80211_hw *hw, 5280 struct sk_buff *head, 5281 struct sk_buff *skb) 5282 { 5283 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); 5284 5285 if (mvm->trans->trans_cfg->device_family >= IWL_DEVICE_FAMILY_BZ) 5286 return iwl_mvm_tx_csum_bz(mvm, head, true) == 5287 iwl_mvm_tx_csum_bz(mvm, skb, true); 5288 5289 /* For now don't aggregate IPv6 in AMSDU */ 5290 if (skb->protocol != htons(ETH_P_IP)) 5291 return false; 5292 5293 if (!iwl_mvm_is_csum_supported(mvm)) 5294 return true; 5295 5296 return iwl_mvm_can_hw_csum(skb) == iwl_mvm_can_hw_csum(head); 5297 } 5298 5299 const struct ieee80211_ops iwl_mvm_hw_ops = { 5300 .tx = iwl_mvm_mac_tx, 5301 .wake_tx_queue = iwl_mvm_mac_wake_tx_queue, 5302 .ampdu_action = iwl_mvm_mac_ampdu_action, 5303 .get_antenna = iwl_mvm_op_get_antenna, 5304 .start = iwl_mvm_mac_start, 5305 .reconfig_complete = iwl_mvm_mac_reconfig_complete, 5306 .stop = iwl_mvm_mac_stop, 5307 .add_interface = iwl_mvm_mac_add_interface, 5308 .remove_interface = iwl_mvm_mac_remove_interface, 5309 .config = iwl_mvm_mac_config, 5310 .prepare_multicast = iwl_mvm_prepare_multicast, 5311 .configure_filter = iwl_mvm_configure_filter, 5312 .config_iface_filter = iwl_mvm_config_iface_filter, 5313 .bss_info_changed = iwl_mvm_bss_info_changed, 5314 .hw_scan = iwl_mvm_mac_hw_scan, 5315 .cancel_hw_scan = iwl_mvm_mac_cancel_hw_scan, 5316 .sta_pre_rcu_remove = iwl_mvm_sta_pre_rcu_remove, 5317 .sta_state = iwl_mvm_mac_sta_state, 5318 .sta_notify = iwl_mvm_mac_sta_notify, 5319 .allow_buffered_frames = iwl_mvm_mac_allow_buffered_frames, 5320 .release_buffered_frames = iwl_mvm_mac_release_buffered_frames, 5321 .set_rts_threshold = iwl_mvm_mac_set_rts_threshold, 5322 .sta_rc_update = iwl_mvm_sta_rc_update, 5323 .conf_tx = iwl_mvm_mac_conf_tx, 5324 .mgd_prepare_tx = iwl_mvm_mac_mgd_prepare_tx, 5325 .mgd_complete_tx = iwl_mvm_mac_mgd_complete_tx, 5326 .mgd_protect_tdls_discover = iwl_mvm_mac_mgd_protect_tdls_discover, 5327 .flush = iwl_mvm_mac_flush, 5328 .sched_scan_start = iwl_mvm_mac_sched_scan_start, 5329 .sched_scan_stop = iwl_mvm_mac_sched_scan_stop, 5330 .set_key = iwl_mvm_mac_set_key, 5331 .update_tkip_key = iwl_mvm_mac_update_tkip_key, 5332 .remain_on_channel = iwl_mvm_roc, 5333 .cancel_remain_on_channel = iwl_mvm_cancel_roc, 5334 .add_chanctx = iwl_mvm_add_chanctx, 5335 .remove_chanctx = iwl_mvm_remove_chanctx, 5336 .change_chanctx = iwl_mvm_change_chanctx, 5337 .assign_vif_chanctx = iwl_mvm_assign_vif_chanctx, 5338 .unassign_vif_chanctx = iwl_mvm_unassign_vif_chanctx, 5339 .switch_vif_chanctx = iwl_mvm_switch_vif_chanctx, 5340 5341 .start_ap = iwl_mvm_start_ap_ibss, 5342 .stop_ap = iwl_mvm_stop_ap_ibss, 5343 .join_ibss = iwl_mvm_start_ap_ibss, 5344 .leave_ibss = iwl_mvm_stop_ap_ibss, 5345 5346 .tx_last_beacon = iwl_mvm_tx_last_beacon, 5347 5348 .set_tim = iwl_mvm_set_tim, 5349 5350 .channel_switch = iwl_mvm_channel_switch, 5351 .pre_channel_switch = iwl_mvm_pre_channel_switch, 5352 .post_channel_switch = iwl_mvm_post_channel_switch, 5353 .abort_channel_switch = iwl_mvm_abort_channel_switch, 5354 .channel_switch_rx_beacon = iwl_mvm_channel_switch_rx_beacon, 5355 5356 .tdls_channel_switch = iwl_mvm_tdls_channel_switch, 5357 .tdls_cancel_channel_switch = iwl_mvm_tdls_cancel_channel_switch, 5358 .tdls_recv_channel_switch = iwl_mvm_tdls_recv_channel_switch, 5359 5360 .event_callback = iwl_mvm_mac_event_callback, 5361 5362 .sync_rx_queues = iwl_mvm_sync_rx_queues, 5363 5364 CFG80211_TESTMODE_CMD(iwl_mvm_mac_testmode_cmd) 5365 5366 #ifdef CONFIG_PM_SLEEP 5367 /* look at d3.c */ 5368 .suspend = iwl_mvm_suspend, 5369 .resume = iwl_mvm_resume, 5370 .set_wakeup = iwl_mvm_set_wakeup, 5371 .set_rekey_data = iwl_mvm_set_rekey_data, 5372 #if IS_ENABLED(CONFIG_IPV6) 5373 .ipv6_addr_change = iwl_mvm_ipv6_addr_change, 5374 #endif 5375 .set_default_unicast_key = iwl_mvm_set_default_unicast_key, 5376 #endif 5377 .get_survey = iwl_mvm_mac_get_survey, 5378 .sta_statistics = iwl_mvm_mac_sta_statistics, 5379 .get_ftm_responder_stats = iwl_mvm_mac_get_ftm_responder_stats, 5380 .start_pmsr = iwl_mvm_start_pmsr, 5381 .abort_pmsr = iwl_mvm_abort_pmsr, 5382 5383 .can_aggregate_in_amsdu = iwl_mvm_mac_can_aggregate, 5384 #ifdef CONFIG_IWLWIFI_DEBUGFS 5385 .sta_add_debugfs = iwl_mvm_sta_add_debugfs, 5386 #endif 5387 }; 5388