xref: /openbmc/linux/net/mac80211/chan.c (revision b1a792601f264df7172a728f1a83a05b6b399dfb)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * mac80211 - channel management
4  */
5 
6 #include <linux/nl80211.h>
7 #include <linux/export.h>
8 #include <linux/rtnetlink.h>
9 #include <net/cfg80211.h>
10 #include "ieee80211_i.h"
11 #include "driver-ops.h"
12 #include "rate.h"
13 
14 static int ieee80211_chanctx_num_assigned(struct ieee80211_local *local,
15 					  struct ieee80211_chanctx *ctx)
16 {
17 	struct ieee80211_sub_if_data *sdata;
18 	int num = 0;
19 
20 	lockdep_assert_held(&local->chanctx_mtx);
21 
22 	list_for_each_entry(sdata, &ctx->assigned_vifs, assigned_chanctx_list)
23 		num++;
24 
25 	return num;
26 }
27 
28 static int ieee80211_chanctx_num_reserved(struct ieee80211_local *local,
29 					  struct ieee80211_chanctx *ctx)
30 {
31 	struct ieee80211_sub_if_data *sdata;
32 	int num = 0;
33 
34 	lockdep_assert_held(&local->chanctx_mtx);
35 
36 	list_for_each_entry(sdata, &ctx->reserved_vifs, reserved_chanctx_list)
37 		num++;
38 
39 	return num;
40 }
41 
42 int ieee80211_chanctx_refcount(struct ieee80211_local *local,
43 			       struct ieee80211_chanctx *ctx)
44 {
45 	return ieee80211_chanctx_num_assigned(local, ctx) +
46 	       ieee80211_chanctx_num_reserved(local, ctx);
47 }
48 
49 static int ieee80211_num_chanctx(struct ieee80211_local *local)
50 {
51 	struct ieee80211_chanctx *ctx;
52 	int num = 0;
53 
54 	lockdep_assert_held(&local->chanctx_mtx);
55 
56 	list_for_each_entry(ctx, &local->chanctx_list, list)
57 		num++;
58 
59 	return num;
60 }
61 
62 static bool ieee80211_can_create_new_chanctx(struct ieee80211_local *local)
63 {
64 	lockdep_assert_held(&local->chanctx_mtx);
65 	return ieee80211_num_chanctx(local) < ieee80211_max_num_channels(local);
66 }
67 
68 static struct ieee80211_chanctx *
69 ieee80211_vif_get_chanctx(struct ieee80211_sub_if_data *sdata)
70 {
71 	struct ieee80211_local *local __maybe_unused = sdata->local;
72 	struct ieee80211_chanctx_conf *conf;
73 
74 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
75 					 lockdep_is_held(&local->chanctx_mtx));
76 	if (!conf)
77 		return NULL;
78 
79 	return container_of(conf, struct ieee80211_chanctx, conf);
80 }
81 
82 static const struct cfg80211_chan_def *
83 ieee80211_chanctx_reserved_chandef(struct ieee80211_local *local,
84 				   struct ieee80211_chanctx *ctx,
85 				   const struct cfg80211_chan_def *compat)
86 {
87 	struct ieee80211_sub_if_data *sdata;
88 
89 	lockdep_assert_held(&local->chanctx_mtx);
90 
91 	list_for_each_entry(sdata, &ctx->reserved_vifs,
92 			    reserved_chanctx_list) {
93 		if (!compat)
94 			compat = &sdata->reserved_chandef;
95 
96 		compat = cfg80211_chandef_compatible(&sdata->reserved_chandef,
97 						     compat);
98 		if (!compat)
99 			break;
100 	}
101 
102 	return compat;
103 }
104 
105 static const struct cfg80211_chan_def *
106 ieee80211_chanctx_non_reserved_chandef(struct ieee80211_local *local,
107 				       struct ieee80211_chanctx *ctx,
108 				       const struct cfg80211_chan_def *compat)
109 {
110 	struct ieee80211_sub_if_data *sdata;
111 
112 	lockdep_assert_held(&local->chanctx_mtx);
113 
114 	list_for_each_entry(sdata, &ctx->assigned_vifs,
115 			    assigned_chanctx_list) {
116 		if (sdata->reserved_chanctx != NULL)
117 			continue;
118 
119 		if (!compat)
120 			compat = &sdata->vif.bss_conf.chandef;
121 
122 		compat = cfg80211_chandef_compatible(
123 				&sdata->vif.bss_conf.chandef, compat);
124 		if (!compat)
125 			break;
126 	}
127 
128 	return compat;
129 }
130 
131 static const struct cfg80211_chan_def *
132 ieee80211_chanctx_combined_chandef(struct ieee80211_local *local,
133 				   struct ieee80211_chanctx *ctx,
134 				   const struct cfg80211_chan_def *compat)
135 {
136 	lockdep_assert_held(&local->chanctx_mtx);
137 
138 	compat = ieee80211_chanctx_reserved_chandef(local, ctx, compat);
139 	if (!compat)
140 		return NULL;
141 
142 	compat = ieee80211_chanctx_non_reserved_chandef(local, ctx, compat);
143 	if (!compat)
144 		return NULL;
145 
146 	return compat;
147 }
148 
149 static bool
150 ieee80211_chanctx_can_reserve_chandef(struct ieee80211_local *local,
151 				      struct ieee80211_chanctx *ctx,
152 				      const struct cfg80211_chan_def *def)
153 {
154 	lockdep_assert_held(&local->chanctx_mtx);
155 
156 	if (ieee80211_chanctx_combined_chandef(local, ctx, def))
157 		return true;
158 
159 	if (!list_empty(&ctx->reserved_vifs) &&
160 	    ieee80211_chanctx_reserved_chandef(local, ctx, def))
161 		return true;
162 
163 	return false;
164 }
165 
166 static struct ieee80211_chanctx *
167 ieee80211_find_reservation_chanctx(struct ieee80211_local *local,
168 				   const struct cfg80211_chan_def *chandef,
169 				   enum ieee80211_chanctx_mode mode)
170 {
171 	struct ieee80211_chanctx *ctx;
172 
173 	lockdep_assert_held(&local->chanctx_mtx);
174 
175 	if (mode == IEEE80211_CHANCTX_EXCLUSIVE)
176 		return NULL;
177 
178 	list_for_each_entry(ctx, &local->chanctx_list, list) {
179 		if (ctx->replace_state == IEEE80211_CHANCTX_WILL_BE_REPLACED)
180 			continue;
181 
182 		if (ctx->mode == IEEE80211_CHANCTX_EXCLUSIVE)
183 			continue;
184 
185 		if (!ieee80211_chanctx_can_reserve_chandef(local, ctx,
186 							   chandef))
187 			continue;
188 
189 		return ctx;
190 	}
191 
192 	return NULL;
193 }
194 
195 static enum nl80211_chan_width ieee80211_get_sta_bw(struct sta_info *sta)
196 {
197 	enum ieee80211_sta_rx_bandwidth width = ieee80211_sta_cap_rx_bw(sta);
198 
199 	switch (width) {
200 	case IEEE80211_STA_RX_BW_20:
201 		if (sta->sta.ht_cap.ht_supported)
202 			return NL80211_CHAN_WIDTH_20;
203 		else
204 			return NL80211_CHAN_WIDTH_20_NOHT;
205 	case IEEE80211_STA_RX_BW_40:
206 		return NL80211_CHAN_WIDTH_40;
207 	case IEEE80211_STA_RX_BW_80:
208 		return NL80211_CHAN_WIDTH_80;
209 	case IEEE80211_STA_RX_BW_160:
210 		/*
211 		 * This applied for both 160 and 80+80. since we use
212 		 * the returned value to consider degradation of
213 		 * ctx->conf.min_def, we have to make sure to take
214 		 * the bigger one (NL80211_CHAN_WIDTH_160).
215 		 * Otherwise we might try degrading even when not
216 		 * needed, as the max required sta_bw returned (80+80)
217 		 * might be smaller than the configured bw (160).
218 		 */
219 		return NL80211_CHAN_WIDTH_160;
220 	default:
221 		WARN_ON(1);
222 		return NL80211_CHAN_WIDTH_20;
223 	}
224 }
225 
226 static enum nl80211_chan_width
227 ieee80211_get_max_required_bw(struct ieee80211_sub_if_data *sdata)
228 {
229 	enum nl80211_chan_width max_bw = NL80211_CHAN_WIDTH_20_NOHT;
230 	struct sta_info *sta;
231 
232 	rcu_read_lock();
233 	list_for_each_entry_rcu(sta, &sdata->local->sta_list, list) {
234 		if (sdata != sta->sdata &&
235 		    !(sta->sdata->bss && sta->sdata->bss == sdata->bss))
236 			continue;
237 
238 		max_bw = max(max_bw, ieee80211_get_sta_bw(sta));
239 	}
240 	rcu_read_unlock();
241 
242 	return max_bw;
243 }
244 
245 static enum nl80211_chan_width
246 ieee80211_get_chanctx_max_required_bw(struct ieee80211_local *local,
247 				      struct ieee80211_chanctx_conf *conf)
248 {
249 	struct ieee80211_sub_if_data *sdata;
250 	enum nl80211_chan_width max_bw = NL80211_CHAN_WIDTH_20_NOHT;
251 
252 	rcu_read_lock();
253 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
254 		struct ieee80211_vif *vif = &sdata->vif;
255 		enum nl80211_chan_width width = NL80211_CHAN_WIDTH_20_NOHT;
256 
257 		if (!ieee80211_sdata_running(sdata))
258 			continue;
259 
260 		if (rcu_access_pointer(sdata->vif.chanctx_conf) != conf)
261 			continue;
262 
263 		switch (vif->type) {
264 		case NL80211_IFTYPE_AP:
265 		case NL80211_IFTYPE_AP_VLAN:
266 			width = ieee80211_get_max_required_bw(sdata);
267 			break;
268 		case NL80211_IFTYPE_STATION:
269 			/*
270 			 * The ap's sta->bandwidth is not set yet at this
271 			 * point, so take the width from the chandef, but
272 			 * account also for TDLS peers
273 			 */
274 			width = max(vif->bss_conf.chandef.width,
275 				    ieee80211_get_max_required_bw(sdata));
276 			break;
277 		case NL80211_IFTYPE_P2P_DEVICE:
278 		case NL80211_IFTYPE_NAN:
279 			continue;
280 		case NL80211_IFTYPE_ADHOC:
281 		case NL80211_IFTYPE_MESH_POINT:
282 		case NL80211_IFTYPE_OCB:
283 			width = vif->bss_conf.chandef.width;
284 			break;
285 		case NL80211_IFTYPE_WDS:
286 		case NL80211_IFTYPE_UNSPECIFIED:
287 		case NUM_NL80211_IFTYPES:
288 		case NL80211_IFTYPE_MONITOR:
289 		case NL80211_IFTYPE_P2P_CLIENT:
290 		case NL80211_IFTYPE_P2P_GO:
291 			WARN_ON_ONCE(1);
292 		}
293 		max_bw = max(max_bw, width);
294 	}
295 
296 	/* use the configured bandwidth in case of monitor interface */
297 	sdata = rcu_dereference(local->monitor_sdata);
298 	if (sdata && rcu_access_pointer(sdata->vif.chanctx_conf) == conf)
299 		max_bw = max(max_bw, conf->def.width);
300 
301 	rcu_read_unlock();
302 
303 	return max_bw;
304 }
305 
306 /*
307  * recalc the min required chan width of the channel context, which is
308  * the max of min required widths of all the interfaces bound to this
309  * channel context.
310  */
311 void ieee80211_recalc_chanctx_min_def(struct ieee80211_local *local,
312 				      struct ieee80211_chanctx *ctx)
313 {
314 	enum nl80211_chan_width max_bw;
315 	struct cfg80211_chan_def min_def;
316 
317 	lockdep_assert_held(&local->chanctx_mtx);
318 
319 	/* don't optimize non-20MHz based and radar_enabled confs */
320 	if (ctx->conf.def.width == NL80211_CHAN_WIDTH_5 ||
321 	    ctx->conf.def.width == NL80211_CHAN_WIDTH_10 ||
322 	    ctx->conf.def.width == NL80211_CHAN_WIDTH_1 ||
323 	    ctx->conf.def.width == NL80211_CHAN_WIDTH_2 ||
324 	    ctx->conf.def.width == NL80211_CHAN_WIDTH_4 ||
325 	    ctx->conf.def.width == NL80211_CHAN_WIDTH_8 ||
326 	    ctx->conf.def.width == NL80211_CHAN_WIDTH_16 ||
327 	    ctx->conf.radar_enabled) {
328 		ctx->conf.min_def = ctx->conf.def;
329 		return;
330 	}
331 
332 	max_bw = ieee80211_get_chanctx_max_required_bw(local, &ctx->conf);
333 
334 	/* downgrade chandef up to max_bw */
335 	min_def = ctx->conf.def;
336 	while (min_def.width > max_bw)
337 		ieee80211_chandef_downgrade(&min_def);
338 
339 	if (cfg80211_chandef_identical(&ctx->conf.min_def, &min_def))
340 		return;
341 
342 	ctx->conf.min_def = min_def;
343 	if (!ctx->driver_present)
344 		return;
345 
346 	drv_change_chanctx(local, ctx, IEEE80211_CHANCTX_CHANGE_MIN_WIDTH);
347 }
348 
349 static void ieee80211_chan_bw_change(struct ieee80211_local *local,
350 				     struct ieee80211_chanctx *ctx)
351 {
352 	struct sta_info *sta;
353 	struct ieee80211_supported_band *sband =
354 		local->hw.wiphy->bands[ctx->conf.def.chan->band];
355 
356 	rcu_read_lock();
357 	list_for_each_entry_rcu(sta, &local->sta_list,
358 				list) {
359 		enum ieee80211_sta_rx_bandwidth new_sta_bw;
360 
361 		if (!ieee80211_sdata_running(sta->sdata))
362 			continue;
363 
364 		if (rcu_access_pointer(sta->sdata->vif.chanctx_conf) !=
365 		    &ctx->conf)
366 			continue;
367 
368 		new_sta_bw = ieee80211_sta_cur_vht_bw(sta);
369 		if (new_sta_bw == sta->sta.bandwidth)
370 			continue;
371 
372 		sta->sta.bandwidth = new_sta_bw;
373 		rate_control_rate_update(local, sband, sta,
374 					 IEEE80211_RC_BW_CHANGED);
375 	}
376 	rcu_read_unlock();
377 }
378 
379 static void ieee80211_change_chanctx(struct ieee80211_local *local,
380 				     struct ieee80211_chanctx *ctx,
381 				     const struct cfg80211_chan_def *chandef)
382 {
383 	enum nl80211_chan_width width;
384 
385 	if (cfg80211_chandef_identical(&ctx->conf.def, chandef)) {
386 		ieee80211_recalc_chanctx_min_def(local, ctx);
387 		return;
388 	}
389 
390 	WARN_ON(!cfg80211_chandef_compatible(&ctx->conf.def, chandef));
391 
392 	width = ctx->conf.def.width;
393 	ctx->conf.def = *chandef;
394 
395 	/* expected to handle only 20/40/80/160 channel widths */
396 	switch (chandef->width) {
397 	case NL80211_CHAN_WIDTH_20_NOHT:
398 	case NL80211_CHAN_WIDTH_20:
399 	case NL80211_CHAN_WIDTH_40:
400 	case NL80211_CHAN_WIDTH_80:
401 	case NL80211_CHAN_WIDTH_80P80:
402 	case NL80211_CHAN_WIDTH_160:
403 		break;
404 	default:
405 		WARN_ON(1);
406 	}
407 
408 	if (chandef->width < width)
409 		ieee80211_chan_bw_change(local, ctx);
410 
411 	drv_change_chanctx(local, ctx, IEEE80211_CHANCTX_CHANGE_WIDTH);
412 	ieee80211_recalc_chanctx_min_def(local, ctx);
413 
414 	if (!local->use_chanctx) {
415 		local->_oper_chandef = *chandef;
416 		ieee80211_hw_config(local, 0);
417 	}
418 
419 	if (chandef->width > width)
420 		ieee80211_chan_bw_change(local, ctx);
421 }
422 
423 static struct ieee80211_chanctx *
424 ieee80211_find_chanctx(struct ieee80211_local *local,
425 		       const struct cfg80211_chan_def *chandef,
426 		       enum ieee80211_chanctx_mode mode)
427 {
428 	struct ieee80211_chanctx *ctx;
429 
430 	lockdep_assert_held(&local->chanctx_mtx);
431 
432 	if (mode == IEEE80211_CHANCTX_EXCLUSIVE)
433 		return NULL;
434 
435 	list_for_each_entry(ctx, &local->chanctx_list, list) {
436 		const struct cfg80211_chan_def *compat;
437 
438 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACE_NONE)
439 			continue;
440 
441 		if (ctx->mode == IEEE80211_CHANCTX_EXCLUSIVE)
442 			continue;
443 
444 		compat = cfg80211_chandef_compatible(&ctx->conf.def, chandef);
445 		if (!compat)
446 			continue;
447 
448 		compat = ieee80211_chanctx_reserved_chandef(local, ctx,
449 							    compat);
450 		if (!compat)
451 			continue;
452 
453 		ieee80211_change_chanctx(local, ctx, compat);
454 
455 		return ctx;
456 	}
457 
458 	return NULL;
459 }
460 
461 bool ieee80211_is_radar_required(struct ieee80211_local *local)
462 {
463 	struct ieee80211_sub_if_data *sdata;
464 
465 	lockdep_assert_held(&local->mtx);
466 
467 	rcu_read_lock();
468 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
469 		if (sdata->radar_required) {
470 			rcu_read_unlock();
471 			return true;
472 		}
473 	}
474 	rcu_read_unlock();
475 
476 	return false;
477 }
478 
479 static bool
480 ieee80211_chanctx_radar_required(struct ieee80211_local *local,
481 				 struct ieee80211_chanctx *ctx)
482 {
483 	struct ieee80211_chanctx_conf *conf = &ctx->conf;
484 	struct ieee80211_sub_if_data *sdata;
485 	bool required = false;
486 
487 	lockdep_assert_held(&local->chanctx_mtx);
488 	lockdep_assert_held(&local->mtx);
489 
490 	rcu_read_lock();
491 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
492 		if (!ieee80211_sdata_running(sdata))
493 			continue;
494 		if (rcu_access_pointer(sdata->vif.chanctx_conf) != conf)
495 			continue;
496 		if (!sdata->radar_required)
497 			continue;
498 
499 		required = true;
500 		break;
501 	}
502 	rcu_read_unlock();
503 
504 	return required;
505 }
506 
507 static struct ieee80211_chanctx *
508 ieee80211_alloc_chanctx(struct ieee80211_local *local,
509 			const struct cfg80211_chan_def *chandef,
510 			enum ieee80211_chanctx_mode mode)
511 {
512 	struct ieee80211_chanctx *ctx;
513 
514 	lockdep_assert_held(&local->chanctx_mtx);
515 
516 	ctx = kzalloc(sizeof(*ctx) + local->hw.chanctx_data_size, GFP_KERNEL);
517 	if (!ctx)
518 		return NULL;
519 
520 	INIT_LIST_HEAD(&ctx->assigned_vifs);
521 	INIT_LIST_HEAD(&ctx->reserved_vifs);
522 	ctx->conf.def = *chandef;
523 	ctx->conf.rx_chains_static = 1;
524 	ctx->conf.rx_chains_dynamic = 1;
525 	ctx->mode = mode;
526 	ctx->conf.radar_enabled = false;
527 	ieee80211_recalc_chanctx_min_def(local, ctx);
528 
529 	return ctx;
530 }
531 
532 static int ieee80211_add_chanctx(struct ieee80211_local *local,
533 				 struct ieee80211_chanctx *ctx)
534 {
535 	u32 changed;
536 	int err;
537 
538 	lockdep_assert_held(&local->mtx);
539 	lockdep_assert_held(&local->chanctx_mtx);
540 
541 	if (!local->use_chanctx)
542 		local->hw.conf.radar_enabled = ctx->conf.radar_enabled;
543 
544 	/* turn idle off *before* setting channel -- some drivers need that */
545 	changed = ieee80211_idle_off(local);
546 	if (changed)
547 		ieee80211_hw_config(local, changed);
548 
549 	if (!local->use_chanctx) {
550 		local->_oper_chandef = ctx->conf.def;
551 		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
552 	} else {
553 		err = drv_add_chanctx(local, ctx);
554 		if (err) {
555 			ieee80211_recalc_idle(local);
556 			return err;
557 		}
558 	}
559 
560 	return 0;
561 }
562 
563 static struct ieee80211_chanctx *
564 ieee80211_new_chanctx(struct ieee80211_local *local,
565 		      const struct cfg80211_chan_def *chandef,
566 		      enum ieee80211_chanctx_mode mode)
567 {
568 	struct ieee80211_chanctx *ctx;
569 	int err;
570 
571 	lockdep_assert_held(&local->mtx);
572 	lockdep_assert_held(&local->chanctx_mtx);
573 
574 	ctx = ieee80211_alloc_chanctx(local, chandef, mode);
575 	if (!ctx)
576 		return ERR_PTR(-ENOMEM);
577 
578 	err = ieee80211_add_chanctx(local, ctx);
579 	if (err) {
580 		kfree(ctx);
581 		return ERR_PTR(err);
582 	}
583 
584 	list_add_rcu(&ctx->list, &local->chanctx_list);
585 	return ctx;
586 }
587 
588 static void ieee80211_del_chanctx(struct ieee80211_local *local,
589 				  struct ieee80211_chanctx *ctx)
590 {
591 	lockdep_assert_held(&local->chanctx_mtx);
592 
593 	if (!local->use_chanctx) {
594 		struct cfg80211_chan_def *chandef = &local->_oper_chandef;
595 		/* S1G doesn't have 20MHz, so get the correct width for the
596 		 * current channel.
597 		 */
598 		if (chandef->chan->band == NL80211_BAND_S1GHZ)
599 			chandef->width =
600 				ieee80211_s1g_channel_width(chandef->chan);
601 		else
602 			chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
603 		chandef->center_freq1 = chandef->chan->center_freq;
604 		chandef->freq1_offset = chandef->chan->freq_offset;
605 		chandef->center_freq2 = 0;
606 
607 		/* NOTE: Disabling radar is only valid here for
608 		 * single channel context. To be sure, check it ...
609 		 */
610 		WARN_ON(local->hw.conf.radar_enabled &&
611 			!list_empty(&local->chanctx_list));
612 
613 		local->hw.conf.radar_enabled = false;
614 
615 		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
616 	} else {
617 		drv_remove_chanctx(local, ctx);
618 	}
619 
620 	ieee80211_recalc_idle(local);
621 }
622 
623 static void ieee80211_free_chanctx(struct ieee80211_local *local,
624 				   struct ieee80211_chanctx *ctx)
625 {
626 	lockdep_assert_held(&local->chanctx_mtx);
627 
628 	WARN_ON_ONCE(ieee80211_chanctx_refcount(local, ctx) != 0);
629 
630 	list_del_rcu(&ctx->list);
631 	ieee80211_del_chanctx(local, ctx);
632 	kfree_rcu(ctx, rcu_head);
633 }
634 
635 void ieee80211_recalc_chanctx_chantype(struct ieee80211_local *local,
636 				       struct ieee80211_chanctx *ctx)
637 {
638 	struct ieee80211_chanctx_conf *conf = &ctx->conf;
639 	struct ieee80211_sub_if_data *sdata;
640 	const struct cfg80211_chan_def *compat = NULL;
641 	struct sta_info *sta;
642 
643 	lockdep_assert_held(&local->chanctx_mtx);
644 
645 	rcu_read_lock();
646 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
647 
648 		if (!ieee80211_sdata_running(sdata))
649 			continue;
650 		if (rcu_access_pointer(sdata->vif.chanctx_conf) != conf)
651 			continue;
652 		if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
653 			continue;
654 
655 		if (!compat)
656 			compat = &sdata->vif.bss_conf.chandef;
657 
658 		compat = cfg80211_chandef_compatible(
659 				&sdata->vif.bss_conf.chandef, compat);
660 		if (WARN_ON_ONCE(!compat))
661 			break;
662 	}
663 
664 	/* TDLS peers can sometimes affect the chandef width */
665 	list_for_each_entry_rcu(sta, &local->sta_list, list) {
666 		if (!sta->uploaded ||
667 		    !test_sta_flag(sta, WLAN_STA_TDLS_WIDER_BW) ||
668 		    !test_sta_flag(sta, WLAN_STA_AUTHORIZED) ||
669 		    !sta->tdls_chandef.chan)
670 			continue;
671 
672 		compat = cfg80211_chandef_compatible(&sta->tdls_chandef,
673 						     compat);
674 		if (WARN_ON_ONCE(!compat))
675 			break;
676 	}
677 	rcu_read_unlock();
678 
679 	if (!compat)
680 		return;
681 
682 	ieee80211_change_chanctx(local, ctx, compat);
683 }
684 
685 static void ieee80211_recalc_radar_chanctx(struct ieee80211_local *local,
686 					   struct ieee80211_chanctx *chanctx)
687 {
688 	bool radar_enabled;
689 
690 	lockdep_assert_held(&local->chanctx_mtx);
691 	/* for ieee80211_is_radar_required */
692 	lockdep_assert_held(&local->mtx);
693 
694 	radar_enabled = ieee80211_chanctx_radar_required(local, chanctx);
695 
696 	if (radar_enabled == chanctx->conf.radar_enabled)
697 		return;
698 
699 	chanctx->conf.radar_enabled = radar_enabled;
700 
701 	if (!local->use_chanctx) {
702 		local->hw.conf.radar_enabled = chanctx->conf.radar_enabled;
703 		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
704 	}
705 
706 	drv_change_chanctx(local, chanctx, IEEE80211_CHANCTX_CHANGE_RADAR);
707 }
708 
709 static int ieee80211_assign_vif_chanctx(struct ieee80211_sub_if_data *sdata,
710 					struct ieee80211_chanctx *new_ctx)
711 {
712 	struct ieee80211_local *local = sdata->local;
713 	struct ieee80211_chanctx_conf *conf;
714 	struct ieee80211_chanctx *curr_ctx = NULL;
715 	int ret = 0;
716 
717 	if (WARN_ON(sdata->vif.type == NL80211_IFTYPE_NAN))
718 		return -ENOTSUPP;
719 
720 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
721 					 lockdep_is_held(&local->chanctx_mtx));
722 
723 	if (conf) {
724 		curr_ctx = container_of(conf, struct ieee80211_chanctx, conf);
725 
726 		drv_unassign_vif_chanctx(local, sdata, curr_ctx);
727 		conf = NULL;
728 		list_del(&sdata->assigned_chanctx_list);
729 	}
730 
731 	if (new_ctx) {
732 		ret = drv_assign_vif_chanctx(local, sdata, new_ctx);
733 		if (ret)
734 			goto out;
735 
736 		conf = &new_ctx->conf;
737 		list_add(&sdata->assigned_chanctx_list,
738 			 &new_ctx->assigned_vifs);
739 	}
740 
741 out:
742 	rcu_assign_pointer(sdata->vif.chanctx_conf, conf);
743 
744 	sdata->vif.bss_conf.idle = !conf;
745 
746 	if (curr_ctx && ieee80211_chanctx_num_assigned(local, curr_ctx) > 0) {
747 		ieee80211_recalc_chanctx_chantype(local, curr_ctx);
748 		ieee80211_recalc_smps_chanctx(local, curr_ctx);
749 		ieee80211_recalc_radar_chanctx(local, curr_ctx);
750 		ieee80211_recalc_chanctx_min_def(local, curr_ctx);
751 	}
752 
753 	if (new_ctx && ieee80211_chanctx_num_assigned(local, new_ctx) > 0) {
754 		ieee80211_recalc_txpower(sdata, false);
755 		ieee80211_recalc_chanctx_min_def(local, new_ctx);
756 	}
757 
758 	if (sdata->vif.type != NL80211_IFTYPE_P2P_DEVICE &&
759 	    sdata->vif.type != NL80211_IFTYPE_MONITOR)
760 		ieee80211_bss_info_change_notify(sdata,
761 						 BSS_CHANGED_IDLE);
762 
763 	ieee80211_check_fast_xmit_iface(sdata);
764 
765 	return ret;
766 }
767 
768 void ieee80211_recalc_smps_chanctx(struct ieee80211_local *local,
769 				   struct ieee80211_chanctx *chanctx)
770 {
771 	struct ieee80211_sub_if_data *sdata;
772 	u8 rx_chains_static, rx_chains_dynamic;
773 
774 	lockdep_assert_held(&local->chanctx_mtx);
775 
776 	rx_chains_static = 1;
777 	rx_chains_dynamic = 1;
778 
779 	rcu_read_lock();
780 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
781 		u8 needed_static, needed_dynamic;
782 
783 		if (!ieee80211_sdata_running(sdata))
784 			continue;
785 
786 		if (rcu_access_pointer(sdata->vif.chanctx_conf) !=
787 						&chanctx->conf)
788 			continue;
789 
790 		switch (sdata->vif.type) {
791 		case NL80211_IFTYPE_P2P_DEVICE:
792 		case NL80211_IFTYPE_NAN:
793 			continue;
794 		case NL80211_IFTYPE_STATION:
795 			if (!sdata->u.mgd.associated)
796 				continue;
797 			break;
798 		case NL80211_IFTYPE_AP_VLAN:
799 			continue;
800 		case NL80211_IFTYPE_AP:
801 		case NL80211_IFTYPE_ADHOC:
802 		case NL80211_IFTYPE_MESH_POINT:
803 		case NL80211_IFTYPE_OCB:
804 			break;
805 		default:
806 			WARN_ON_ONCE(1);
807 		}
808 
809 		switch (sdata->smps_mode) {
810 		default:
811 			WARN_ONCE(1, "Invalid SMPS mode %d\n",
812 				  sdata->smps_mode);
813 			fallthrough;
814 		case IEEE80211_SMPS_OFF:
815 			needed_static = sdata->needed_rx_chains;
816 			needed_dynamic = sdata->needed_rx_chains;
817 			break;
818 		case IEEE80211_SMPS_DYNAMIC:
819 			needed_static = 1;
820 			needed_dynamic = sdata->needed_rx_chains;
821 			break;
822 		case IEEE80211_SMPS_STATIC:
823 			needed_static = 1;
824 			needed_dynamic = 1;
825 			break;
826 		}
827 
828 		rx_chains_static = max(rx_chains_static, needed_static);
829 		rx_chains_dynamic = max(rx_chains_dynamic, needed_dynamic);
830 	}
831 
832 	/* Disable SMPS for the monitor interface */
833 	sdata = rcu_dereference(local->monitor_sdata);
834 	if (sdata &&
835 	    rcu_access_pointer(sdata->vif.chanctx_conf) == &chanctx->conf)
836 		rx_chains_dynamic = rx_chains_static = local->rx_chains;
837 
838 	rcu_read_unlock();
839 
840 	if (!local->use_chanctx) {
841 		if (rx_chains_static > 1)
842 			local->smps_mode = IEEE80211_SMPS_OFF;
843 		else if (rx_chains_dynamic > 1)
844 			local->smps_mode = IEEE80211_SMPS_DYNAMIC;
845 		else
846 			local->smps_mode = IEEE80211_SMPS_STATIC;
847 		ieee80211_hw_config(local, 0);
848 	}
849 
850 	if (rx_chains_static == chanctx->conf.rx_chains_static &&
851 	    rx_chains_dynamic == chanctx->conf.rx_chains_dynamic)
852 		return;
853 
854 	chanctx->conf.rx_chains_static = rx_chains_static;
855 	chanctx->conf.rx_chains_dynamic = rx_chains_dynamic;
856 	drv_change_chanctx(local, chanctx, IEEE80211_CHANCTX_CHANGE_RX_CHAINS);
857 }
858 
859 static void
860 __ieee80211_vif_copy_chanctx_to_vlans(struct ieee80211_sub_if_data *sdata,
861 				      bool clear)
862 {
863 	struct ieee80211_local *local __maybe_unused = sdata->local;
864 	struct ieee80211_sub_if_data *vlan;
865 	struct ieee80211_chanctx_conf *conf;
866 
867 	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP))
868 		return;
869 
870 	lockdep_assert_held(&local->mtx);
871 
872 	/* Check that conf exists, even when clearing this function
873 	 * must be called with the AP's channel context still there
874 	 * as it would otherwise cause VLANs to have an invalid
875 	 * channel context pointer for a while, possibly pointing
876 	 * to a channel context that has already been freed.
877 	 */
878 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
879 					 lockdep_is_held(&local->chanctx_mtx));
880 	WARN_ON(!conf);
881 
882 	if (clear)
883 		conf = NULL;
884 
885 	list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
886 		rcu_assign_pointer(vlan->vif.chanctx_conf, conf);
887 }
888 
889 void ieee80211_vif_copy_chanctx_to_vlans(struct ieee80211_sub_if_data *sdata,
890 					 bool clear)
891 {
892 	struct ieee80211_local *local = sdata->local;
893 
894 	mutex_lock(&local->chanctx_mtx);
895 
896 	__ieee80211_vif_copy_chanctx_to_vlans(sdata, clear);
897 
898 	mutex_unlock(&local->chanctx_mtx);
899 }
900 
901 int ieee80211_vif_unreserve_chanctx(struct ieee80211_sub_if_data *sdata)
902 {
903 	struct ieee80211_chanctx *ctx = sdata->reserved_chanctx;
904 
905 	lockdep_assert_held(&sdata->local->chanctx_mtx);
906 
907 	if (WARN_ON(!ctx))
908 		return -EINVAL;
909 
910 	list_del(&sdata->reserved_chanctx_list);
911 	sdata->reserved_chanctx = NULL;
912 
913 	if (ieee80211_chanctx_refcount(sdata->local, ctx) == 0) {
914 		if (ctx->replace_state == IEEE80211_CHANCTX_REPLACES_OTHER) {
915 			if (WARN_ON(!ctx->replace_ctx))
916 				return -EINVAL;
917 
918 			WARN_ON(ctx->replace_ctx->replace_state !=
919 			        IEEE80211_CHANCTX_WILL_BE_REPLACED);
920 			WARN_ON(ctx->replace_ctx->replace_ctx != ctx);
921 
922 			ctx->replace_ctx->replace_ctx = NULL;
923 			ctx->replace_ctx->replace_state =
924 					IEEE80211_CHANCTX_REPLACE_NONE;
925 
926 			list_del_rcu(&ctx->list);
927 			kfree_rcu(ctx, rcu_head);
928 		} else {
929 			ieee80211_free_chanctx(sdata->local, ctx);
930 		}
931 	}
932 
933 	return 0;
934 }
935 
936 int ieee80211_vif_reserve_chanctx(struct ieee80211_sub_if_data *sdata,
937 				  const struct cfg80211_chan_def *chandef,
938 				  enum ieee80211_chanctx_mode mode,
939 				  bool radar_required)
940 {
941 	struct ieee80211_local *local = sdata->local;
942 	struct ieee80211_chanctx *new_ctx, *curr_ctx, *ctx;
943 
944 	lockdep_assert_held(&local->chanctx_mtx);
945 
946 	curr_ctx = ieee80211_vif_get_chanctx(sdata);
947 	if (curr_ctx && local->use_chanctx && !local->ops->switch_vif_chanctx)
948 		return -ENOTSUPP;
949 
950 	new_ctx = ieee80211_find_reservation_chanctx(local, chandef, mode);
951 	if (!new_ctx) {
952 		if (ieee80211_can_create_new_chanctx(local)) {
953 			new_ctx = ieee80211_new_chanctx(local, chandef, mode);
954 			if (IS_ERR(new_ctx))
955 				return PTR_ERR(new_ctx);
956 		} else {
957 			if (!curr_ctx ||
958 			    (curr_ctx->replace_state ==
959 			     IEEE80211_CHANCTX_WILL_BE_REPLACED) ||
960 			    !list_empty(&curr_ctx->reserved_vifs)) {
961 				/*
962 				 * Another vif already requested this context
963 				 * for a reservation. Find another one hoping
964 				 * all vifs assigned to it will also switch
965 				 * soon enough.
966 				 *
967 				 * TODO: This needs a little more work as some
968 				 * cases (more than 2 chanctx capable devices)
969 				 * may fail which could otherwise succeed
970 				 * provided some channel context juggling was
971 				 * performed.
972 				 *
973 				 * Consider ctx1..3, vif1..6, each ctx has 2
974 				 * vifs. vif1 and vif2 from ctx1 request new
975 				 * different chandefs starting 2 in-place
976 				 * reserations with ctx4 and ctx5 replacing
977 				 * ctx1 and ctx2 respectively. Next vif5 and
978 				 * vif6 from ctx3 reserve ctx4. If vif3 and
979 				 * vif4 remain on ctx2 as they are then this
980 				 * fails unless `replace_ctx` from ctx5 is
981 				 * replaced with ctx3.
982 				 */
983 				list_for_each_entry(ctx, &local->chanctx_list,
984 						    list) {
985 					if (ctx->replace_state !=
986 					    IEEE80211_CHANCTX_REPLACE_NONE)
987 						continue;
988 
989 					if (!list_empty(&ctx->reserved_vifs))
990 						continue;
991 
992 					curr_ctx = ctx;
993 					break;
994 				}
995 			}
996 
997 			/*
998 			 * If that's true then all available contexts already
999 			 * have reservations and cannot be used.
1000 			 */
1001 			if (!curr_ctx ||
1002 			    (curr_ctx->replace_state ==
1003 			     IEEE80211_CHANCTX_WILL_BE_REPLACED) ||
1004 			    !list_empty(&curr_ctx->reserved_vifs))
1005 				return -EBUSY;
1006 
1007 			new_ctx = ieee80211_alloc_chanctx(local, chandef, mode);
1008 			if (!new_ctx)
1009 				return -ENOMEM;
1010 
1011 			new_ctx->replace_ctx = curr_ctx;
1012 			new_ctx->replace_state =
1013 					IEEE80211_CHANCTX_REPLACES_OTHER;
1014 
1015 			curr_ctx->replace_ctx = new_ctx;
1016 			curr_ctx->replace_state =
1017 					IEEE80211_CHANCTX_WILL_BE_REPLACED;
1018 
1019 			list_add_rcu(&new_ctx->list, &local->chanctx_list);
1020 		}
1021 	}
1022 
1023 	list_add(&sdata->reserved_chanctx_list, &new_ctx->reserved_vifs);
1024 	sdata->reserved_chanctx = new_ctx;
1025 	sdata->reserved_chandef = *chandef;
1026 	sdata->reserved_radar_required = radar_required;
1027 	sdata->reserved_ready = false;
1028 
1029 	return 0;
1030 }
1031 
1032 static void
1033 ieee80211_vif_chanctx_reservation_complete(struct ieee80211_sub_if_data *sdata)
1034 {
1035 	switch (sdata->vif.type) {
1036 	case NL80211_IFTYPE_ADHOC:
1037 	case NL80211_IFTYPE_AP:
1038 	case NL80211_IFTYPE_MESH_POINT:
1039 	case NL80211_IFTYPE_OCB:
1040 		ieee80211_queue_work(&sdata->local->hw,
1041 				     &sdata->csa_finalize_work);
1042 		break;
1043 	case NL80211_IFTYPE_STATION:
1044 		ieee80211_queue_work(&sdata->local->hw,
1045 				     &sdata->u.mgd.chswitch_work);
1046 		break;
1047 	case NL80211_IFTYPE_UNSPECIFIED:
1048 	case NL80211_IFTYPE_AP_VLAN:
1049 	case NL80211_IFTYPE_WDS:
1050 	case NL80211_IFTYPE_MONITOR:
1051 	case NL80211_IFTYPE_P2P_CLIENT:
1052 	case NL80211_IFTYPE_P2P_GO:
1053 	case NL80211_IFTYPE_P2P_DEVICE:
1054 	case NL80211_IFTYPE_NAN:
1055 	case NUM_NL80211_IFTYPES:
1056 		WARN_ON(1);
1057 		break;
1058 	}
1059 }
1060 
1061 static void
1062 ieee80211_vif_update_chandef(struct ieee80211_sub_if_data *sdata,
1063 			     const struct cfg80211_chan_def *chandef)
1064 {
1065 	struct ieee80211_sub_if_data *vlan;
1066 
1067 	sdata->vif.bss_conf.chandef = *chandef;
1068 
1069 	if (sdata->vif.type != NL80211_IFTYPE_AP)
1070 		return;
1071 
1072 	list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1073 		vlan->vif.bss_conf.chandef = *chandef;
1074 }
1075 
1076 static int
1077 ieee80211_vif_use_reserved_reassign(struct ieee80211_sub_if_data *sdata)
1078 {
1079 	struct ieee80211_local *local = sdata->local;
1080 	struct ieee80211_vif_chanctx_switch vif_chsw[1] = {};
1081 	struct ieee80211_chanctx *old_ctx, *new_ctx;
1082 	const struct cfg80211_chan_def *chandef;
1083 	u32 changed = 0;
1084 	int err;
1085 
1086 	lockdep_assert_held(&local->mtx);
1087 	lockdep_assert_held(&local->chanctx_mtx);
1088 
1089 	new_ctx = sdata->reserved_chanctx;
1090 	old_ctx = ieee80211_vif_get_chanctx(sdata);
1091 
1092 	if (WARN_ON(!sdata->reserved_ready))
1093 		return -EBUSY;
1094 
1095 	if (WARN_ON(!new_ctx))
1096 		return -EINVAL;
1097 
1098 	if (WARN_ON(!old_ctx))
1099 		return -EINVAL;
1100 
1101 	if (WARN_ON(new_ctx->replace_state ==
1102 		    IEEE80211_CHANCTX_REPLACES_OTHER))
1103 		return -EINVAL;
1104 
1105 	chandef = ieee80211_chanctx_non_reserved_chandef(local, new_ctx,
1106 				&sdata->reserved_chandef);
1107 	if (WARN_ON(!chandef))
1108 		return -EINVAL;
1109 
1110 	if (old_ctx->conf.def.width > new_ctx->conf.def.width)
1111 		ieee80211_chan_bw_change(local, new_ctx);
1112 
1113 	ieee80211_change_chanctx(local, new_ctx, chandef);
1114 
1115 	if (old_ctx->conf.def.width < new_ctx->conf.def.width)
1116 		ieee80211_chan_bw_change(local, new_ctx);
1117 
1118 	vif_chsw[0].vif = &sdata->vif;
1119 	vif_chsw[0].old_ctx = &old_ctx->conf;
1120 	vif_chsw[0].new_ctx = &new_ctx->conf;
1121 
1122 	list_del(&sdata->reserved_chanctx_list);
1123 	sdata->reserved_chanctx = NULL;
1124 
1125 	err = drv_switch_vif_chanctx(local, vif_chsw, 1,
1126 				     CHANCTX_SWMODE_REASSIGN_VIF);
1127 	if (err) {
1128 		if (ieee80211_chanctx_refcount(local, new_ctx) == 0)
1129 			ieee80211_free_chanctx(local, new_ctx);
1130 
1131 		goto out;
1132 	}
1133 
1134 	list_move(&sdata->assigned_chanctx_list, &new_ctx->assigned_vifs);
1135 	rcu_assign_pointer(sdata->vif.chanctx_conf, &new_ctx->conf);
1136 
1137 	if (sdata->vif.type == NL80211_IFTYPE_AP)
1138 		__ieee80211_vif_copy_chanctx_to_vlans(sdata, false);
1139 
1140 	ieee80211_check_fast_xmit_iface(sdata);
1141 
1142 	if (ieee80211_chanctx_refcount(local, old_ctx) == 0)
1143 		ieee80211_free_chanctx(local, old_ctx);
1144 
1145 	if (sdata->vif.bss_conf.chandef.width != sdata->reserved_chandef.width)
1146 		changed = BSS_CHANGED_BANDWIDTH;
1147 
1148 	ieee80211_vif_update_chandef(sdata, &sdata->reserved_chandef);
1149 
1150 	ieee80211_recalc_smps_chanctx(local, new_ctx);
1151 	ieee80211_recalc_radar_chanctx(local, new_ctx);
1152 	ieee80211_recalc_chanctx_min_def(local, new_ctx);
1153 
1154 	if (changed)
1155 		ieee80211_bss_info_change_notify(sdata, changed);
1156 
1157 out:
1158 	ieee80211_vif_chanctx_reservation_complete(sdata);
1159 	return err;
1160 }
1161 
1162 static int
1163 ieee80211_vif_use_reserved_assign(struct ieee80211_sub_if_data *sdata)
1164 {
1165 	struct ieee80211_local *local = sdata->local;
1166 	struct ieee80211_chanctx *old_ctx, *new_ctx;
1167 	const struct cfg80211_chan_def *chandef;
1168 	int err;
1169 
1170 	old_ctx = ieee80211_vif_get_chanctx(sdata);
1171 	new_ctx = sdata->reserved_chanctx;
1172 
1173 	if (WARN_ON(!sdata->reserved_ready))
1174 		return -EINVAL;
1175 
1176 	if (WARN_ON(old_ctx))
1177 		return -EINVAL;
1178 
1179 	if (WARN_ON(!new_ctx))
1180 		return -EINVAL;
1181 
1182 	if (WARN_ON(new_ctx->replace_state ==
1183 		    IEEE80211_CHANCTX_REPLACES_OTHER))
1184 		return -EINVAL;
1185 
1186 	chandef = ieee80211_chanctx_non_reserved_chandef(local, new_ctx,
1187 				&sdata->reserved_chandef);
1188 	if (WARN_ON(!chandef))
1189 		return -EINVAL;
1190 
1191 	ieee80211_change_chanctx(local, new_ctx, chandef);
1192 
1193 	list_del(&sdata->reserved_chanctx_list);
1194 	sdata->reserved_chanctx = NULL;
1195 
1196 	err = ieee80211_assign_vif_chanctx(sdata, new_ctx);
1197 	if (err) {
1198 		if (ieee80211_chanctx_refcount(local, new_ctx) == 0)
1199 			ieee80211_free_chanctx(local, new_ctx);
1200 
1201 		goto out;
1202 	}
1203 
1204 out:
1205 	ieee80211_vif_chanctx_reservation_complete(sdata);
1206 	return err;
1207 }
1208 
1209 static bool
1210 ieee80211_vif_has_in_place_reservation(struct ieee80211_sub_if_data *sdata)
1211 {
1212 	struct ieee80211_chanctx *old_ctx, *new_ctx;
1213 
1214 	lockdep_assert_held(&sdata->local->chanctx_mtx);
1215 
1216 	new_ctx = sdata->reserved_chanctx;
1217 	old_ctx = ieee80211_vif_get_chanctx(sdata);
1218 
1219 	if (!old_ctx)
1220 		return false;
1221 
1222 	if (WARN_ON(!new_ctx))
1223 		return false;
1224 
1225 	if (old_ctx->replace_state != IEEE80211_CHANCTX_WILL_BE_REPLACED)
1226 		return false;
1227 
1228 	if (new_ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1229 		return false;
1230 
1231 	return true;
1232 }
1233 
1234 static int ieee80211_chsw_switch_hwconf(struct ieee80211_local *local,
1235 					struct ieee80211_chanctx *new_ctx)
1236 {
1237 	const struct cfg80211_chan_def *chandef;
1238 
1239 	lockdep_assert_held(&local->mtx);
1240 	lockdep_assert_held(&local->chanctx_mtx);
1241 
1242 	chandef = ieee80211_chanctx_reserved_chandef(local, new_ctx, NULL);
1243 	if (WARN_ON(!chandef))
1244 		return -EINVAL;
1245 
1246 	local->hw.conf.radar_enabled = new_ctx->conf.radar_enabled;
1247 	local->_oper_chandef = *chandef;
1248 	ieee80211_hw_config(local, 0);
1249 
1250 	return 0;
1251 }
1252 
1253 static int ieee80211_chsw_switch_vifs(struct ieee80211_local *local,
1254 				      int n_vifs)
1255 {
1256 	struct ieee80211_vif_chanctx_switch *vif_chsw;
1257 	struct ieee80211_sub_if_data *sdata;
1258 	struct ieee80211_chanctx *ctx, *old_ctx;
1259 	int i, err;
1260 
1261 	lockdep_assert_held(&local->mtx);
1262 	lockdep_assert_held(&local->chanctx_mtx);
1263 
1264 	vif_chsw = kcalloc(n_vifs, sizeof(vif_chsw[0]), GFP_KERNEL);
1265 	if (!vif_chsw)
1266 		return -ENOMEM;
1267 
1268 	i = 0;
1269 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1270 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1271 			continue;
1272 
1273 		if (WARN_ON(!ctx->replace_ctx)) {
1274 			err = -EINVAL;
1275 			goto out;
1276 		}
1277 
1278 		list_for_each_entry(sdata, &ctx->reserved_vifs,
1279 				    reserved_chanctx_list) {
1280 			if (!ieee80211_vif_has_in_place_reservation(
1281 					sdata))
1282 				continue;
1283 
1284 			old_ctx = ieee80211_vif_get_chanctx(sdata);
1285 			vif_chsw[i].vif = &sdata->vif;
1286 			vif_chsw[i].old_ctx = &old_ctx->conf;
1287 			vif_chsw[i].new_ctx = &ctx->conf;
1288 
1289 			i++;
1290 		}
1291 	}
1292 
1293 	err = drv_switch_vif_chanctx(local, vif_chsw, n_vifs,
1294 				     CHANCTX_SWMODE_SWAP_CONTEXTS);
1295 
1296 out:
1297 	kfree(vif_chsw);
1298 	return err;
1299 }
1300 
1301 static int ieee80211_chsw_switch_ctxs(struct ieee80211_local *local)
1302 {
1303 	struct ieee80211_chanctx *ctx;
1304 	int err;
1305 
1306 	lockdep_assert_held(&local->mtx);
1307 	lockdep_assert_held(&local->chanctx_mtx);
1308 
1309 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1310 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1311 			continue;
1312 
1313 		if (!list_empty(&ctx->replace_ctx->assigned_vifs))
1314 			continue;
1315 
1316 		ieee80211_del_chanctx(local, ctx->replace_ctx);
1317 		err = ieee80211_add_chanctx(local, ctx);
1318 		if (err)
1319 			goto err;
1320 	}
1321 
1322 	return 0;
1323 
1324 err:
1325 	WARN_ON(ieee80211_add_chanctx(local, ctx));
1326 	list_for_each_entry_continue_reverse(ctx, &local->chanctx_list, list) {
1327 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1328 			continue;
1329 
1330 		if (!list_empty(&ctx->replace_ctx->assigned_vifs))
1331 			continue;
1332 
1333 		ieee80211_del_chanctx(local, ctx);
1334 		WARN_ON(ieee80211_add_chanctx(local, ctx->replace_ctx));
1335 	}
1336 
1337 	return err;
1338 }
1339 
1340 static int ieee80211_vif_use_reserved_switch(struct ieee80211_local *local)
1341 {
1342 	struct ieee80211_sub_if_data *sdata, *sdata_tmp;
1343 	struct ieee80211_chanctx *ctx, *ctx_tmp, *old_ctx;
1344 	struct ieee80211_chanctx *new_ctx = NULL;
1345 	int err, n_assigned, n_reserved, n_ready;
1346 	int n_ctx = 0, n_vifs_switch = 0, n_vifs_assign = 0, n_vifs_ctxless = 0;
1347 
1348 	lockdep_assert_held(&local->mtx);
1349 	lockdep_assert_held(&local->chanctx_mtx);
1350 
1351 	/*
1352 	 * If there are 2 independent pairs of channel contexts performing
1353 	 * cross-switch of their vifs this code will still wait until both are
1354 	 * ready even though it could be possible to switch one before the
1355 	 * other is ready.
1356 	 *
1357 	 * For practical reasons and code simplicity just do a single huge
1358 	 * switch.
1359 	 */
1360 
1361 	/*
1362 	 * Verify if the reservation is still feasible.
1363 	 *  - if it's not then disconnect
1364 	 *  - if it is but not all vifs necessary are ready then defer
1365 	 */
1366 
1367 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1368 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1369 			continue;
1370 
1371 		if (WARN_ON(!ctx->replace_ctx)) {
1372 			err = -EINVAL;
1373 			goto err;
1374 		}
1375 
1376 		if (!local->use_chanctx)
1377 			new_ctx = ctx;
1378 
1379 		n_ctx++;
1380 
1381 		n_assigned = 0;
1382 		n_reserved = 0;
1383 		n_ready = 0;
1384 
1385 		list_for_each_entry(sdata, &ctx->replace_ctx->assigned_vifs,
1386 				    assigned_chanctx_list) {
1387 			n_assigned++;
1388 			if (sdata->reserved_chanctx) {
1389 				n_reserved++;
1390 				if (sdata->reserved_ready)
1391 					n_ready++;
1392 			}
1393 		}
1394 
1395 		if (n_assigned != n_reserved) {
1396 			if (n_ready == n_reserved) {
1397 				wiphy_info(local->hw.wiphy,
1398 					   "channel context reservation cannot be finalized because some interfaces aren't switching\n");
1399 				err = -EBUSY;
1400 				goto err;
1401 			}
1402 
1403 			return -EAGAIN;
1404 		}
1405 
1406 		ctx->conf.radar_enabled = false;
1407 		list_for_each_entry(sdata, &ctx->reserved_vifs,
1408 				    reserved_chanctx_list) {
1409 			if (ieee80211_vif_has_in_place_reservation(sdata) &&
1410 			    !sdata->reserved_ready)
1411 				return -EAGAIN;
1412 
1413 			old_ctx = ieee80211_vif_get_chanctx(sdata);
1414 			if (old_ctx) {
1415 				if (old_ctx->replace_state ==
1416 				    IEEE80211_CHANCTX_WILL_BE_REPLACED)
1417 					n_vifs_switch++;
1418 				else
1419 					n_vifs_assign++;
1420 			} else {
1421 				n_vifs_ctxless++;
1422 			}
1423 
1424 			if (sdata->reserved_radar_required)
1425 				ctx->conf.radar_enabled = true;
1426 		}
1427 	}
1428 
1429 	if (WARN_ON(n_ctx == 0) ||
1430 	    WARN_ON(n_vifs_switch == 0 &&
1431 		    n_vifs_assign == 0 &&
1432 		    n_vifs_ctxless == 0) ||
1433 	    WARN_ON(n_ctx > 1 && !local->use_chanctx) ||
1434 	    WARN_ON(!new_ctx && !local->use_chanctx)) {
1435 		err = -EINVAL;
1436 		goto err;
1437 	}
1438 
1439 	/*
1440 	 * All necessary vifs are ready. Perform the switch now depending on
1441 	 * reservations and driver capabilities.
1442 	 */
1443 
1444 	if (local->use_chanctx) {
1445 		if (n_vifs_switch > 0) {
1446 			err = ieee80211_chsw_switch_vifs(local, n_vifs_switch);
1447 			if (err)
1448 				goto err;
1449 		}
1450 
1451 		if (n_vifs_assign > 0 || n_vifs_ctxless > 0) {
1452 			err = ieee80211_chsw_switch_ctxs(local);
1453 			if (err)
1454 				goto err;
1455 		}
1456 	} else {
1457 		err = ieee80211_chsw_switch_hwconf(local, new_ctx);
1458 		if (err)
1459 			goto err;
1460 	}
1461 
1462 	/*
1463 	 * Update all structures, values and pointers to point to new channel
1464 	 * context(s).
1465 	 */
1466 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1467 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1468 			continue;
1469 
1470 		if (WARN_ON(!ctx->replace_ctx)) {
1471 			err = -EINVAL;
1472 			goto err;
1473 		}
1474 
1475 		list_for_each_entry(sdata, &ctx->reserved_vifs,
1476 				    reserved_chanctx_list) {
1477 			u32 changed = 0;
1478 
1479 			if (!ieee80211_vif_has_in_place_reservation(sdata))
1480 				continue;
1481 
1482 			rcu_assign_pointer(sdata->vif.chanctx_conf, &ctx->conf);
1483 
1484 			if (sdata->vif.type == NL80211_IFTYPE_AP)
1485 				__ieee80211_vif_copy_chanctx_to_vlans(sdata,
1486 								      false);
1487 
1488 			ieee80211_check_fast_xmit_iface(sdata);
1489 
1490 			sdata->radar_required = sdata->reserved_radar_required;
1491 
1492 			if (sdata->vif.bss_conf.chandef.width !=
1493 			    sdata->reserved_chandef.width)
1494 				changed = BSS_CHANGED_BANDWIDTH;
1495 
1496 			ieee80211_vif_update_chandef(sdata, &sdata->reserved_chandef);
1497 			if (changed)
1498 				ieee80211_bss_info_change_notify(sdata,
1499 								 changed);
1500 
1501 			ieee80211_recalc_txpower(sdata, false);
1502 		}
1503 
1504 		ieee80211_recalc_chanctx_chantype(local, ctx);
1505 		ieee80211_recalc_smps_chanctx(local, ctx);
1506 		ieee80211_recalc_radar_chanctx(local, ctx);
1507 		ieee80211_recalc_chanctx_min_def(local, ctx);
1508 		ieee80211_chan_bw_change(local, ctx);
1509 
1510 		list_for_each_entry_safe(sdata, sdata_tmp, &ctx->reserved_vifs,
1511 					 reserved_chanctx_list) {
1512 			if (ieee80211_vif_get_chanctx(sdata) != ctx)
1513 				continue;
1514 
1515 			list_del(&sdata->reserved_chanctx_list);
1516 			list_move(&sdata->assigned_chanctx_list,
1517 				  &ctx->assigned_vifs);
1518 			sdata->reserved_chanctx = NULL;
1519 
1520 			ieee80211_vif_chanctx_reservation_complete(sdata);
1521 		}
1522 
1523 		/*
1524 		 * This context might have been a dependency for an already
1525 		 * ready re-assign reservation interface that was deferred. Do
1526 		 * not propagate error to the caller though. The in-place
1527 		 * reservation for originally requested interface has already
1528 		 * succeeded at this point.
1529 		 */
1530 		list_for_each_entry_safe(sdata, sdata_tmp, &ctx->reserved_vifs,
1531 					 reserved_chanctx_list) {
1532 			if (WARN_ON(ieee80211_vif_has_in_place_reservation(
1533 					sdata)))
1534 				continue;
1535 
1536 			if (WARN_ON(sdata->reserved_chanctx != ctx))
1537 				continue;
1538 
1539 			if (!sdata->reserved_ready)
1540 				continue;
1541 
1542 			if (ieee80211_vif_get_chanctx(sdata))
1543 				err = ieee80211_vif_use_reserved_reassign(
1544 						sdata);
1545 			else
1546 				err = ieee80211_vif_use_reserved_assign(sdata);
1547 
1548 			if (err) {
1549 				sdata_info(sdata,
1550 					   "failed to finalize (re-)assign reservation (err=%d)\n",
1551 					   err);
1552 				ieee80211_vif_unreserve_chanctx(sdata);
1553 				cfg80211_stop_iface(local->hw.wiphy,
1554 						    &sdata->wdev,
1555 						    GFP_KERNEL);
1556 			}
1557 		}
1558 	}
1559 
1560 	/*
1561 	 * Finally free old contexts
1562 	 */
1563 
1564 	list_for_each_entry_safe(ctx, ctx_tmp, &local->chanctx_list, list) {
1565 		if (ctx->replace_state != IEEE80211_CHANCTX_WILL_BE_REPLACED)
1566 			continue;
1567 
1568 		ctx->replace_ctx->replace_ctx = NULL;
1569 		ctx->replace_ctx->replace_state =
1570 				IEEE80211_CHANCTX_REPLACE_NONE;
1571 
1572 		list_del_rcu(&ctx->list);
1573 		kfree_rcu(ctx, rcu_head);
1574 	}
1575 
1576 	return 0;
1577 
1578 err:
1579 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1580 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1581 			continue;
1582 
1583 		list_for_each_entry_safe(sdata, sdata_tmp, &ctx->reserved_vifs,
1584 					 reserved_chanctx_list) {
1585 			ieee80211_vif_unreserve_chanctx(sdata);
1586 			ieee80211_vif_chanctx_reservation_complete(sdata);
1587 		}
1588 	}
1589 
1590 	return err;
1591 }
1592 
1593 static void __ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata)
1594 {
1595 	struct ieee80211_local *local = sdata->local;
1596 	struct ieee80211_chanctx_conf *conf;
1597 	struct ieee80211_chanctx *ctx;
1598 	bool use_reserved_switch = false;
1599 
1600 	lockdep_assert_held(&local->chanctx_mtx);
1601 
1602 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
1603 					 lockdep_is_held(&local->chanctx_mtx));
1604 	if (!conf)
1605 		return;
1606 
1607 	ctx = container_of(conf, struct ieee80211_chanctx, conf);
1608 
1609 	if (sdata->reserved_chanctx) {
1610 		if (sdata->reserved_chanctx->replace_state ==
1611 		    IEEE80211_CHANCTX_REPLACES_OTHER &&
1612 		    ieee80211_chanctx_num_reserved(local,
1613 						   sdata->reserved_chanctx) > 1)
1614 			use_reserved_switch = true;
1615 
1616 		ieee80211_vif_unreserve_chanctx(sdata);
1617 	}
1618 
1619 	ieee80211_assign_vif_chanctx(sdata, NULL);
1620 	if (ieee80211_chanctx_refcount(local, ctx) == 0)
1621 		ieee80211_free_chanctx(local, ctx);
1622 
1623 	sdata->radar_required = false;
1624 
1625 	/* Unreserving may ready an in-place reservation. */
1626 	if (use_reserved_switch)
1627 		ieee80211_vif_use_reserved_switch(local);
1628 }
1629 
1630 int ieee80211_vif_use_channel(struct ieee80211_sub_if_data *sdata,
1631 			      const struct cfg80211_chan_def *chandef,
1632 			      enum ieee80211_chanctx_mode mode)
1633 {
1634 	struct ieee80211_local *local = sdata->local;
1635 	struct ieee80211_chanctx *ctx;
1636 	u8 radar_detect_width = 0;
1637 	int ret;
1638 
1639 	lockdep_assert_held(&local->mtx);
1640 
1641 	WARN_ON(sdata->dev && netif_carrier_ok(sdata->dev));
1642 
1643 	mutex_lock(&local->chanctx_mtx);
1644 
1645 	ret = cfg80211_chandef_dfs_required(local->hw.wiphy,
1646 					    chandef,
1647 					    sdata->wdev.iftype);
1648 	if (ret < 0)
1649 		goto out;
1650 	if (ret > 0)
1651 		radar_detect_width = BIT(chandef->width);
1652 
1653 	sdata->radar_required = ret;
1654 
1655 	ret = ieee80211_check_combinations(sdata, chandef, mode,
1656 					   radar_detect_width);
1657 	if (ret < 0)
1658 		goto out;
1659 
1660 	__ieee80211_vif_release_channel(sdata);
1661 
1662 	ctx = ieee80211_find_chanctx(local, chandef, mode);
1663 	if (!ctx)
1664 		ctx = ieee80211_new_chanctx(local, chandef, mode);
1665 	if (IS_ERR(ctx)) {
1666 		ret = PTR_ERR(ctx);
1667 		goto out;
1668 	}
1669 
1670 	ieee80211_vif_update_chandef(sdata, chandef);
1671 
1672 	ret = ieee80211_assign_vif_chanctx(sdata, ctx);
1673 	if (ret) {
1674 		/* if assign fails refcount stays the same */
1675 		if (ieee80211_chanctx_refcount(local, ctx) == 0)
1676 			ieee80211_free_chanctx(local, ctx);
1677 		goto out;
1678 	}
1679 
1680 	ieee80211_recalc_smps_chanctx(local, ctx);
1681 	ieee80211_recalc_radar_chanctx(local, ctx);
1682  out:
1683 	if (ret)
1684 		sdata->radar_required = false;
1685 
1686 	mutex_unlock(&local->chanctx_mtx);
1687 	return ret;
1688 }
1689 
1690 int ieee80211_vif_use_reserved_context(struct ieee80211_sub_if_data *sdata)
1691 {
1692 	struct ieee80211_local *local = sdata->local;
1693 	struct ieee80211_chanctx *new_ctx;
1694 	struct ieee80211_chanctx *old_ctx;
1695 	int err;
1696 
1697 	lockdep_assert_held(&local->mtx);
1698 	lockdep_assert_held(&local->chanctx_mtx);
1699 
1700 	new_ctx = sdata->reserved_chanctx;
1701 	old_ctx = ieee80211_vif_get_chanctx(sdata);
1702 
1703 	if (WARN_ON(!new_ctx))
1704 		return -EINVAL;
1705 
1706 	if (WARN_ON(new_ctx->replace_state ==
1707 		    IEEE80211_CHANCTX_WILL_BE_REPLACED))
1708 		return -EINVAL;
1709 
1710 	if (WARN_ON(sdata->reserved_ready))
1711 		return -EINVAL;
1712 
1713 	sdata->reserved_ready = true;
1714 
1715 	if (new_ctx->replace_state == IEEE80211_CHANCTX_REPLACE_NONE) {
1716 		if (old_ctx)
1717 			err = ieee80211_vif_use_reserved_reassign(sdata);
1718 		else
1719 			err = ieee80211_vif_use_reserved_assign(sdata);
1720 
1721 		if (err)
1722 			return err;
1723 	}
1724 
1725 	/*
1726 	 * In-place reservation may need to be finalized now either if:
1727 	 *  a) sdata is taking part in the swapping itself and is the last one
1728 	 *  b) sdata has switched with a re-assign reservation to an existing
1729 	 *     context readying in-place switching of old_ctx
1730 	 *
1731 	 * In case of (b) do not propagate the error up because the requested
1732 	 * sdata already switched successfully. Just spill an extra warning.
1733 	 * The ieee80211_vif_use_reserved_switch() already stops all necessary
1734 	 * interfaces upon failure.
1735 	 */
1736 	if ((old_ctx &&
1737 	     old_ctx->replace_state == IEEE80211_CHANCTX_WILL_BE_REPLACED) ||
1738 	    new_ctx->replace_state == IEEE80211_CHANCTX_REPLACES_OTHER) {
1739 		err = ieee80211_vif_use_reserved_switch(local);
1740 		if (err && err != -EAGAIN) {
1741 			if (new_ctx->replace_state ==
1742 			    IEEE80211_CHANCTX_REPLACES_OTHER)
1743 				return err;
1744 
1745 			wiphy_info(local->hw.wiphy,
1746 				   "depending in-place reservation failed (err=%d)\n",
1747 				   err);
1748 		}
1749 	}
1750 
1751 	return 0;
1752 }
1753 
1754 int ieee80211_vif_change_bandwidth(struct ieee80211_sub_if_data *sdata,
1755 				   const struct cfg80211_chan_def *chandef,
1756 				   u32 *changed)
1757 {
1758 	struct ieee80211_local *local = sdata->local;
1759 	struct ieee80211_chanctx_conf *conf;
1760 	struct ieee80211_chanctx *ctx;
1761 	const struct cfg80211_chan_def *compat;
1762 	int ret;
1763 
1764 	if (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
1765 				     IEEE80211_CHAN_DISABLED))
1766 		return -EINVAL;
1767 
1768 	mutex_lock(&local->chanctx_mtx);
1769 	if (cfg80211_chandef_identical(chandef, &sdata->vif.bss_conf.chandef)) {
1770 		ret = 0;
1771 		goto out;
1772 	}
1773 
1774 	if (chandef->width == NL80211_CHAN_WIDTH_20_NOHT ||
1775 	    sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT) {
1776 		ret = -EINVAL;
1777 		goto out;
1778 	}
1779 
1780 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
1781 					 lockdep_is_held(&local->chanctx_mtx));
1782 	if (!conf) {
1783 		ret = -EINVAL;
1784 		goto out;
1785 	}
1786 
1787 	ctx = container_of(conf, struct ieee80211_chanctx, conf);
1788 
1789 	compat = cfg80211_chandef_compatible(&conf->def, chandef);
1790 	if (!compat) {
1791 		ret = -EINVAL;
1792 		goto out;
1793 	}
1794 
1795 	switch (ctx->replace_state) {
1796 	case IEEE80211_CHANCTX_REPLACE_NONE:
1797 		if (!ieee80211_chanctx_reserved_chandef(local, ctx, compat)) {
1798 			ret = -EBUSY;
1799 			goto out;
1800 		}
1801 		break;
1802 	case IEEE80211_CHANCTX_WILL_BE_REPLACED:
1803 		/* TODO: Perhaps the bandwidth change could be treated as a
1804 		 * reservation itself? */
1805 		ret = -EBUSY;
1806 		goto out;
1807 	case IEEE80211_CHANCTX_REPLACES_OTHER:
1808 		/* channel context that is going to replace another channel
1809 		 * context doesn't really exist and shouldn't be assigned
1810 		 * anywhere yet */
1811 		WARN_ON(1);
1812 		break;
1813 	}
1814 
1815 	ieee80211_vif_update_chandef(sdata, chandef);
1816 
1817 	ieee80211_recalc_chanctx_chantype(local, ctx);
1818 
1819 	*changed |= BSS_CHANGED_BANDWIDTH;
1820 	ret = 0;
1821  out:
1822 	mutex_unlock(&local->chanctx_mtx);
1823 	return ret;
1824 }
1825 
1826 void ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata)
1827 {
1828 	WARN_ON(sdata->dev && netif_carrier_ok(sdata->dev));
1829 
1830 	lockdep_assert_held(&sdata->local->mtx);
1831 
1832 	mutex_lock(&sdata->local->chanctx_mtx);
1833 	__ieee80211_vif_release_channel(sdata);
1834 	mutex_unlock(&sdata->local->chanctx_mtx);
1835 }
1836 
1837 void ieee80211_vif_vlan_copy_chanctx(struct ieee80211_sub_if_data *sdata)
1838 {
1839 	struct ieee80211_local *local = sdata->local;
1840 	struct ieee80211_sub_if_data *ap;
1841 	struct ieee80211_chanctx_conf *conf;
1842 
1843 	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP_VLAN || !sdata->bss))
1844 		return;
1845 
1846 	ap = container_of(sdata->bss, struct ieee80211_sub_if_data, u.ap);
1847 
1848 	mutex_lock(&local->chanctx_mtx);
1849 
1850 	conf = rcu_dereference_protected(ap->vif.chanctx_conf,
1851 					 lockdep_is_held(&local->chanctx_mtx));
1852 	rcu_assign_pointer(sdata->vif.chanctx_conf, conf);
1853 	mutex_unlock(&local->chanctx_mtx);
1854 }
1855 
1856 void ieee80211_iter_chan_contexts_atomic(
1857 	struct ieee80211_hw *hw,
1858 	void (*iter)(struct ieee80211_hw *hw,
1859 		     struct ieee80211_chanctx_conf *chanctx_conf,
1860 		     void *data),
1861 	void *iter_data)
1862 {
1863 	struct ieee80211_local *local = hw_to_local(hw);
1864 	struct ieee80211_chanctx *ctx;
1865 
1866 	rcu_read_lock();
1867 	list_for_each_entry_rcu(ctx, &local->chanctx_list, list)
1868 		if (ctx->driver_present)
1869 			iter(hw, &ctx->conf, iter_data);
1870 	rcu_read_unlock();
1871 }
1872 EXPORT_SYMBOL_GPL(ieee80211_iter_chan_contexts_atomic);
1873