1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * This file is part of wl12xx 4 * 5 * Copyright (C) 2012 Texas Instruments. All rights reserved. 6 */ 7 8 #include <linux/ieee80211.h> 9 #include "scan.h" 10 #include "../wlcore/debug.h" 11 #include "../wlcore/tx.h" 12 13 static int wl1271_get_scan_channels(struct wl1271 *wl, 14 struct cfg80211_scan_request *req, 15 struct basic_scan_channel_params *channels, 16 enum nl80211_band band, bool passive) 17 { 18 struct conf_scan_settings *c = &wl->conf.scan; 19 int i, j; 20 u32 flags; 21 22 for (i = 0, j = 0; 23 i < req->n_channels && j < WL1271_SCAN_MAX_CHANNELS; 24 i++) { 25 flags = req->channels[i]->flags; 26 27 if (!test_bit(i, wl->scan.scanned_ch) && 28 !(flags & IEEE80211_CHAN_DISABLED) && 29 (req->channels[i]->band == band) && 30 /* 31 * In passive scans, we scan all remaining 32 * channels, even if not marked as such. 33 * In active scans, we only scan channels not 34 * marked as passive. 35 */ 36 (passive || !(flags & IEEE80211_CHAN_NO_IR))) { 37 wl1271_debug(DEBUG_SCAN, "band %d, center_freq %d ", 38 req->channels[i]->band, 39 req->channels[i]->center_freq); 40 wl1271_debug(DEBUG_SCAN, "hw_value %d, flags %X", 41 req->channels[i]->hw_value, 42 req->channels[i]->flags); 43 wl1271_debug(DEBUG_SCAN, 44 "max_antenna_gain %d, max_power %d", 45 req->channels[i]->max_antenna_gain, 46 req->channels[i]->max_power); 47 wl1271_debug(DEBUG_SCAN, "beacon_found %d", 48 req->channels[i]->beacon_found); 49 50 if (!passive) { 51 channels[j].min_duration = 52 cpu_to_le32(c->min_dwell_time_active); 53 channels[j].max_duration = 54 cpu_to_le32(c->max_dwell_time_active); 55 } else { 56 channels[j].min_duration = 57 cpu_to_le32(c->dwell_time_passive); 58 channels[j].max_duration = 59 cpu_to_le32(c->dwell_time_passive); 60 } 61 channels[j].early_termination = 0; 62 channels[j].tx_power_att = req->channels[i]->max_power; 63 channels[j].channel = req->channels[i]->hw_value; 64 65 memset(&channels[j].bssid_lsb, 0xff, 4); 66 memset(&channels[j].bssid_msb, 0xff, 2); 67 68 /* Mark the channels we already used */ 69 set_bit(i, wl->scan.scanned_ch); 70 71 j++; 72 } 73 } 74 75 return j; 76 } 77 78 #define WL1271_NOTHING_TO_SCAN 1 79 80 static int wl1271_scan_send(struct wl1271 *wl, struct wl12xx_vif *wlvif, 81 enum nl80211_band band, 82 bool passive, u32 basic_rate) 83 { 84 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif); 85 struct wl1271_cmd_scan *cmd; 86 struct wl1271_cmd_trigger_scan_to *trigger; 87 int ret; 88 u16 scan_options = 0; 89 90 /* skip active scans if we don't have SSIDs */ 91 if (!passive && wl->scan.req->n_ssids == 0) 92 return WL1271_NOTHING_TO_SCAN; 93 94 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 95 trigger = kzalloc(sizeof(*trigger), GFP_KERNEL); 96 if (!cmd || !trigger) { 97 ret = -ENOMEM; 98 goto out; 99 } 100 101 if (wl->conf.scan.split_scan_timeout) 102 scan_options |= WL1271_SCAN_OPT_SPLIT_SCAN; 103 104 if (passive) 105 scan_options |= WL1271_SCAN_OPT_PASSIVE; 106 107 /* scan on the dev role if the regular one is not started */ 108 if (wlcore_is_p2p_mgmt(wlvif)) 109 cmd->params.role_id = wlvif->dev_role_id; 110 else 111 cmd->params.role_id = wlvif->role_id; 112 113 if (WARN_ON(cmd->params.role_id == WL12XX_INVALID_ROLE_ID)) { 114 ret = -EINVAL; 115 goto out; 116 } 117 118 cmd->params.scan_options = cpu_to_le16(scan_options); 119 120 cmd->params.n_ch = wl1271_get_scan_channels(wl, wl->scan.req, 121 cmd->channels, 122 band, passive); 123 if (cmd->params.n_ch == 0) { 124 ret = WL1271_NOTHING_TO_SCAN; 125 goto out; 126 } 127 128 cmd->params.tx_rate = cpu_to_le32(basic_rate); 129 cmd->params.n_probe_reqs = wl->conf.scan.num_probe_reqs; 130 cmd->params.tid_trigger = CONF_TX_AC_ANY_TID; 131 cmd->params.scan_tag = WL1271_SCAN_DEFAULT_TAG; 132 133 if (band == NL80211_BAND_2GHZ) 134 cmd->params.band = WL1271_SCAN_BAND_2_4_GHZ; 135 else 136 cmd->params.band = WL1271_SCAN_BAND_5_GHZ; 137 138 if (wl->scan.ssid_len) { 139 cmd->params.ssid_len = wl->scan.ssid_len; 140 memcpy(cmd->params.ssid, wl->scan.ssid, wl->scan.ssid_len); 141 } 142 143 memcpy(cmd->addr, vif->addr, ETH_ALEN); 144 145 ret = wl12xx_cmd_build_probe_req(wl, wlvif, 146 cmd->params.role_id, band, 147 wl->scan.ssid, wl->scan.ssid_len, 148 wl->scan.req->ie, 149 wl->scan.req->ie_len, NULL, 0, false); 150 if (ret < 0) { 151 wl1271_error("PROBE request template failed"); 152 goto out; 153 } 154 155 trigger->timeout = cpu_to_le32(wl->conf.scan.split_scan_timeout); 156 ret = wl1271_cmd_send(wl, CMD_TRIGGER_SCAN_TO, trigger, 157 sizeof(*trigger), 0); 158 if (ret < 0) { 159 wl1271_error("trigger scan to failed for hw scan"); 160 goto out; 161 } 162 163 wl1271_dump(DEBUG_SCAN, "SCAN: ", cmd, sizeof(*cmd)); 164 165 ret = wl1271_cmd_send(wl, CMD_SCAN, cmd, sizeof(*cmd), 0); 166 if (ret < 0) { 167 wl1271_error("SCAN failed"); 168 goto out; 169 } 170 171 out: 172 kfree(cmd); 173 kfree(trigger); 174 return ret; 175 } 176 177 int wl12xx_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif) 178 { 179 struct wl1271_cmd_header *cmd = NULL; 180 int ret = 0; 181 182 if (WARN_ON(wl->scan.state == WL1271_SCAN_STATE_IDLE)) 183 return -EINVAL; 184 185 wl1271_debug(DEBUG_CMD, "cmd scan stop"); 186 187 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 188 if (!cmd) { 189 ret = -ENOMEM; 190 goto out; 191 } 192 193 ret = wl1271_cmd_send(wl, CMD_STOP_SCAN, cmd, 194 sizeof(*cmd), 0); 195 if (ret < 0) { 196 wl1271_error("cmd stop_scan failed"); 197 goto out; 198 } 199 out: 200 kfree(cmd); 201 return ret; 202 } 203 204 void wl1271_scan_stm(struct wl1271 *wl, struct wl12xx_vif *wlvif) 205 { 206 int ret = 0; 207 enum nl80211_band band; 208 u32 rate, mask; 209 210 switch (wl->scan.state) { 211 case WL1271_SCAN_STATE_IDLE: 212 break; 213 214 case WL1271_SCAN_STATE_2GHZ_ACTIVE: 215 band = NL80211_BAND_2GHZ; 216 mask = wlvif->bitrate_masks[band]; 217 if (wl->scan.req->no_cck) { 218 mask &= ~CONF_TX_CCK_RATES; 219 if (!mask) 220 mask = CONF_TX_RATE_MASK_BASIC_P2P; 221 } 222 rate = wl1271_tx_min_rate_get(wl, mask); 223 ret = wl1271_scan_send(wl, wlvif, band, false, rate); 224 if (ret == WL1271_NOTHING_TO_SCAN) { 225 wl->scan.state = WL1271_SCAN_STATE_2GHZ_PASSIVE; 226 wl1271_scan_stm(wl, wlvif); 227 } 228 229 break; 230 231 case WL1271_SCAN_STATE_2GHZ_PASSIVE: 232 band = NL80211_BAND_2GHZ; 233 mask = wlvif->bitrate_masks[band]; 234 if (wl->scan.req->no_cck) { 235 mask &= ~CONF_TX_CCK_RATES; 236 if (!mask) 237 mask = CONF_TX_RATE_MASK_BASIC_P2P; 238 } 239 rate = wl1271_tx_min_rate_get(wl, mask); 240 ret = wl1271_scan_send(wl, wlvif, band, true, rate); 241 if (ret == WL1271_NOTHING_TO_SCAN) { 242 if (wl->enable_11a) 243 wl->scan.state = WL1271_SCAN_STATE_5GHZ_ACTIVE; 244 else 245 wl->scan.state = WL1271_SCAN_STATE_DONE; 246 wl1271_scan_stm(wl, wlvif); 247 } 248 249 break; 250 251 case WL1271_SCAN_STATE_5GHZ_ACTIVE: 252 band = NL80211_BAND_5GHZ; 253 rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]); 254 ret = wl1271_scan_send(wl, wlvif, band, false, rate); 255 if (ret == WL1271_NOTHING_TO_SCAN) { 256 wl->scan.state = WL1271_SCAN_STATE_5GHZ_PASSIVE; 257 wl1271_scan_stm(wl, wlvif); 258 } 259 260 break; 261 262 case WL1271_SCAN_STATE_5GHZ_PASSIVE: 263 band = NL80211_BAND_5GHZ; 264 rate = wl1271_tx_min_rate_get(wl, wlvif->bitrate_masks[band]); 265 ret = wl1271_scan_send(wl, wlvif, band, true, rate); 266 if (ret == WL1271_NOTHING_TO_SCAN) { 267 wl->scan.state = WL1271_SCAN_STATE_DONE; 268 wl1271_scan_stm(wl, wlvif); 269 } 270 271 break; 272 273 case WL1271_SCAN_STATE_DONE: 274 wl->scan.failed = false; 275 cancel_delayed_work(&wl->scan_complete_work); 276 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work, 277 msecs_to_jiffies(0)); 278 break; 279 280 default: 281 wl1271_error("invalid scan state"); 282 break; 283 } 284 285 if (ret < 0) { 286 cancel_delayed_work(&wl->scan_complete_work); 287 ieee80211_queue_delayed_work(wl->hw, &wl->scan_complete_work, 288 msecs_to_jiffies(0)); 289 } 290 } 291 292 static void wl12xx_adjust_channels(struct wl1271_cmd_sched_scan_config *cmd, 293 struct wlcore_scan_channels *cmd_channels) 294 { 295 memcpy(cmd->passive, cmd_channels->passive, sizeof(cmd->passive)); 296 memcpy(cmd->active, cmd_channels->active, sizeof(cmd->active)); 297 cmd->dfs = cmd_channels->dfs; 298 cmd->n_pactive_ch = cmd_channels->passive_active; 299 300 memcpy(cmd->channels_2, cmd_channels->channels_2, 301 sizeof(cmd->channels_2)); 302 memcpy(cmd->channels_5, cmd_channels->channels_5, 303 sizeof(cmd->channels_5)); 304 /* channels_4 are not supported, so no need to copy them */ 305 } 306 307 int wl1271_scan_sched_scan_config(struct wl1271 *wl, 308 struct wl12xx_vif *wlvif, 309 struct cfg80211_sched_scan_request *req, 310 struct ieee80211_scan_ies *ies) 311 { 312 struct wl1271_cmd_sched_scan_config *cfg = NULL; 313 struct wlcore_scan_channels *cfg_channels = NULL; 314 struct conf_sched_scan_settings *c = &wl->conf.sched_scan; 315 int i, ret; 316 bool force_passive = !req->n_ssids; 317 318 wl1271_debug(DEBUG_CMD, "cmd sched_scan scan config"); 319 320 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL); 321 if (!cfg) 322 return -ENOMEM; 323 324 cfg->role_id = wlvif->role_id; 325 cfg->rssi_threshold = c->rssi_threshold; 326 cfg->snr_threshold = c->snr_threshold; 327 cfg->n_probe_reqs = c->num_probe_reqs; 328 /* cycles set to 0 it means infinite (until manually stopped) */ 329 cfg->cycles = 0; 330 /* report APs when at least 1 is found */ 331 cfg->report_after = 1; 332 /* don't stop scanning automatically when something is found */ 333 cfg->terminate = 0; 334 cfg->tag = WL1271_SCAN_DEFAULT_TAG; 335 /* don't filter on BSS type */ 336 cfg->bss_type = SCAN_BSS_TYPE_ANY; 337 /* currently NL80211 supports only a single interval */ 338 for (i = 0; i < SCAN_MAX_CYCLE_INTERVALS; i++) 339 cfg->intervals[i] = cpu_to_le32(req->scan_plans[0].interval * 340 MSEC_PER_SEC); 341 342 cfg->ssid_len = 0; 343 ret = wlcore_scan_sched_scan_ssid_list(wl, wlvif, req); 344 if (ret < 0) 345 goto out; 346 347 cfg->filter_type = ret; 348 349 wl1271_debug(DEBUG_SCAN, "filter_type = %d", cfg->filter_type); 350 351 cfg_channels = kzalloc(sizeof(*cfg_channels), GFP_KERNEL); 352 if (!cfg_channels) { 353 ret = -ENOMEM; 354 goto out; 355 } 356 357 if (!wlcore_set_scan_chan_params(wl, cfg_channels, req->channels, 358 req->n_channels, req->n_ssids, 359 SCAN_TYPE_PERIODIC)) { 360 wl1271_error("scan channel list is empty"); 361 ret = -EINVAL; 362 goto out; 363 } 364 wl12xx_adjust_channels(cfg, cfg_channels); 365 366 if (!force_passive && cfg->active[0]) { 367 u8 band = NL80211_BAND_2GHZ; 368 ret = wl12xx_cmd_build_probe_req(wl, wlvif, 369 wlvif->role_id, band, 370 req->ssids[0].ssid, 371 req->ssids[0].ssid_len, 372 ies->ies[band], 373 ies->len[band], 374 ies->common_ies, 375 ies->common_ie_len, 376 true); 377 if (ret < 0) { 378 wl1271_error("2.4GHz PROBE request template failed"); 379 goto out; 380 } 381 } 382 383 if (!force_passive && cfg->active[1]) { 384 u8 band = NL80211_BAND_5GHZ; 385 ret = wl12xx_cmd_build_probe_req(wl, wlvif, 386 wlvif->role_id, band, 387 req->ssids[0].ssid, 388 req->ssids[0].ssid_len, 389 ies->ies[band], 390 ies->len[band], 391 ies->common_ies, 392 ies->common_ie_len, 393 true); 394 if (ret < 0) { 395 wl1271_error("5GHz PROBE request template failed"); 396 goto out; 397 } 398 } 399 400 wl1271_dump(DEBUG_SCAN, "SCAN_CFG: ", cfg, sizeof(*cfg)); 401 402 ret = wl1271_cmd_send(wl, CMD_CONNECTION_SCAN_CFG, cfg, 403 sizeof(*cfg), 0); 404 if (ret < 0) { 405 wl1271_error("SCAN configuration failed"); 406 goto out; 407 } 408 out: 409 kfree(cfg_channels); 410 kfree(cfg); 411 return ret; 412 } 413 414 int wl1271_scan_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif) 415 { 416 struct wl1271_cmd_sched_scan_start *start; 417 int ret = 0; 418 419 wl1271_debug(DEBUG_CMD, "cmd periodic scan start"); 420 421 if (wlvif->bss_type != BSS_TYPE_STA_BSS) 422 return -EOPNOTSUPP; 423 424 if ((wl->quirks & WLCORE_QUIRK_NO_SCHED_SCAN_WHILE_CONN) && 425 test_bit(WLVIF_FLAG_IN_USE, &wlvif->flags)) 426 return -EBUSY; 427 428 start = kzalloc(sizeof(*start), GFP_KERNEL); 429 if (!start) 430 return -ENOMEM; 431 432 start->role_id = wlvif->role_id; 433 start->tag = WL1271_SCAN_DEFAULT_TAG; 434 435 ret = wl1271_cmd_send(wl, CMD_START_PERIODIC_SCAN, start, 436 sizeof(*start), 0); 437 if (ret < 0) { 438 wl1271_error("failed to send scan start command"); 439 goto out_free; 440 } 441 442 out_free: 443 kfree(start); 444 return ret; 445 } 446 447 int wl12xx_sched_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif, 448 struct cfg80211_sched_scan_request *req, 449 struct ieee80211_scan_ies *ies) 450 { 451 int ret; 452 453 ret = wl1271_scan_sched_scan_config(wl, wlvif, req, ies); 454 if (ret < 0) 455 return ret; 456 457 return wl1271_scan_sched_scan_start(wl, wlvif); 458 } 459 460 void wl12xx_scan_sched_scan_stop(struct wl1271 *wl, struct wl12xx_vif *wlvif) 461 { 462 struct wl1271_cmd_sched_scan_stop *stop; 463 int ret = 0; 464 465 wl1271_debug(DEBUG_CMD, "cmd periodic scan stop"); 466 467 /* FIXME: what to do if alloc'ing to stop fails? */ 468 stop = kzalloc(sizeof(*stop), GFP_KERNEL); 469 if (!stop) { 470 wl1271_error("failed to alloc memory to send sched scan stop"); 471 return; 472 } 473 474 stop->role_id = wlvif->role_id; 475 stop->tag = WL1271_SCAN_DEFAULT_TAG; 476 477 ret = wl1271_cmd_send(wl, CMD_STOP_PERIODIC_SCAN, stop, 478 sizeof(*stop), 0); 479 if (ret < 0) { 480 wl1271_error("failed to send sched scan stop command"); 481 goto out_free; 482 } 483 484 out_free: 485 kfree(stop); 486 } 487 488 int wl12xx_scan_start(struct wl1271 *wl, struct wl12xx_vif *wlvif, 489 struct cfg80211_scan_request *req) 490 { 491 wl1271_scan_stm(wl, wlvif); 492 return 0; 493 } 494 495 void wl12xx_scan_completed(struct wl1271 *wl, struct wl12xx_vif *wlvif) 496 { 497 wl1271_scan_stm(wl, wlvif); 498 } 499