xref: /openbmc/linux/net/mac80211/chan.c (revision f8523d0e83613ab8d082cd504dc53a09fbba4889)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * mac80211 - channel management
4  */
5 
6 #include <linux/nl80211.h>
7 #include <linux/export.h>
8 #include <linux/rtnetlink.h>
9 #include <net/cfg80211.h>
10 #include "ieee80211_i.h"
11 #include "driver-ops.h"
12 
13 static int ieee80211_chanctx_num_assigned(struct ieee80211_local *local,
14 					  struct ieee80211_chanctx *ctx)
15 {
16 	struct ieee80211_sub_if_data *sdata;
17 	int num = 0;
18 
19 	lockdep_assert_held(&local->chanctx_mtx);
20 
21 	list_for_each_entry(sdata, &ctx->assigned_vifs, assigned_chanctx_list)
22 		num++;
23 
24 	return num;
25 }
26 
27 static int ieee80211_chanctx_num_reserved(struct ieee80211_local *local,
28 					  struct ieee80211_chanctx *ctx)
29 {
30 	struct ieee80211_sub_if_data *sdata;
31 	int num = 0;
32 
33 	lockdep_assert_held(&local->chanctx_mtx);
34 
35 	list_for_each_entry(sdata, &ctx->reserved_vifs, reserved_chanctx_list)
36 		num++;
37 
38 	return num;
39 }
40 
41 int ieee80211_chanctx_refcount(struct ieee80211_local *local,
42 			       struct ieee80211_chanctx *ctx)
43 {
44 	return ieee80211_chanctx_num_assigned(local, ctx) +
45 	       ieee80211_chanctx_num_reserved(local, ctx);
46 }
47 
48 static int ieee80211_num_chanctx(struct ieee80211_local *local)
49 {
50 	struct ieee80211_chanctx *ctx;
51 	int num = 0;
52 
53 	lockdep_assert_held(&local->chanctx_mtx);
54 
55 	list_for_each_entry(ctx, &local->chanctx_list, list)
56 		num++;
57 
58 	return num;
59 }
60 
61 static bool ieee80211_can_create_new_chanctx(struct ieee80211_local *local)
62 {
63 	lockdep_assert_held(&local->chanctx_mtx);
64 	return ieee80211_num_chanctx(local) < ieee80211_max_num_channels(local);
65 }
66 
67 static struct ieee80211_chanctx *
68 ieee80211_vif_get_chanctx(struct ieee80211_sub_if_data *sdata)
69 {
70 	struct ieee80211_local *local __maybe_unused = sdata->local;
71 	struct ieee80211_chanctx_conf *conf;
72 
73 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
74 					 lockdep_is_held(&local->chanctx_mtx));
75 	if (!conf)
76 		return NULL;
77 
78 	return container_of(conf, struct ieee80211_chanctx, conf);
79 }
80 
81 static const struct cfg80211_chan_def *
82 ieee80211_chanctx_reserved_chandef(struct ieee80211_local *local,
83 				   struct ieee80211_chanctx *ctx,
84 				   const struct cfg80211_chan_def *compat)
85 {
86 	struct ieee80211_sub_if_data *sdata;
87 
88 	lockdep_assert_held(&local->chanctx_mtx);
89 
90 	list_for_each_entry(sdata, &ctx->reserved_vifs,
91 			    reserved_chanctx_list) {
92 		if (!compat)
93 			compat = &sdata->reserved_chandef;
94 
95 		compat = cfg80211_chandef_compatible(&sdata->reserved_chandef,
96 						     compat);
97 		if (!compat)
98 			break;
99 	}
100 
101 	return compat;
102 }
103 
104 static const struct cfg80211_chan_def *
105 ieee80211_chanctx_non_reserved_chandef(struct ieee80211_local *local,
106 				       struct ieee80211_chanctx *ctx,
107 				       const struct cfg80211_chan_def *compat)
108 {
109 	struct ieee80211_sub_if_data *sdata;
110 
111 	lockdep_assert_held(&local->chanctx_mtx);
112 
113 	list_for_each_entry(sdata, &ctx->assigned_vifs,
114 			    assigned_chanctx_list) {
115 		if (sdata->reserved_chanctx != NULL)
116 			continue;
117 
118 		if (!compat)
119 			compat = &sdata->vif.bss_conf.chandef;
120 
121 		compat = cfg80211_chandef_compatible(
122 				&sdata->vif.bss_conf.chandef, compat);
123 		if (!compat)
124 			break;
125 	}
126 
127 	return compat;
128 }
129 
130 static const struct cfg80211_chan_def *
131 ieee80211_chanctx_combined_chandef(struct ieee80211_local *local,
132 				   struct ieee80211_chanctx *ctx,
133 				   const struct cfg80211_chan_def *compat)
134 {
135 	lockdep_assert_held(&local->chanctx_mtx);
136 
137 	compat = ieee80211_chanctx_reserved_chandef(local, ctx, compat);
138 	if (!compat)
139 		return NULL;
140 
141 	compat = ieee80211_chanctx_non_reserved_chandef(local, ctx, compat);
142 	if (!compat)
143 		return NULL;
144 
145 	return compat;
146 }
147 
148 static bool
149 ieee80211_chanctx_can_reserve_chandef(struct ieee80211_local *local,
150 				      struct ieee80211_chanctx *ctx,
151 				      const struct cfg80211_chan_def *def)
152 {
153 	lockdep_assert_held(&local->chanctx_mtx);
154 
155 	if (ieee80211_chanctx_combined_chandef(local, ctx, def))
156 		return true;
157 
158 	if (!list_empty(&ctx->reserved_vifs) &&
159 	    ieee80211_chanctx_reserved_chandef(local, ctx, def))
160 		return true;
161 
162 	return false;
163 }
164 
165 static struct ieee80211_chanctx *
166 ieee80211_find_reservation_chanctx(struct ieee80211_local *local,
167 				   const struct cfg80211_chan_def *chandef,
168 				   enum ieee80211_chanctx_mode mode)
169 {
170 	struct ieee80211_chanctx *ctx;
171 
172 	lockdep_assert_held(&local->chanctx_mtx);
173 
174 	if (mode == IEEE80211_CHANCTX_EXCLUSIVE)
175 		return NULL;
176 
177 	list_for_each_entry(ctx, &local->chanctx_list, list) {
178 		if (ctx->replace_state == IEEE80211_CHANCTX_WILL_BE_REPLACED)
179 			continue;
180 
181 		if (ctx->mode == IEEE80211_CHANCTX_EXCLUSIVE)
182 			continue;
183 
184 		if (!ieee80211_chanctx_can_reserve_chandef(local, ctx,
185 							   chandef))
186 			continue;
187 
188 		return ctx;
189 	}
190 
191 	return NULL;
192 }
193 
194 enum nl80211_chan_width ieee80211_get_sta_bw(struct ieee80211_sta *sta)
195 {
196 	switch (sta->bandwidth) {
197 	case IEEE80211_STA_RX_BW_20:
198 		if (sta->ht_cap.ht_supported)
199 			return NL80211_CHAN_WIDTH_20;
200 		else
201 			return NL80211_CHAN_WIDTH_20_NOHT;
202 	case IEEE80211_STA_RX_BW_40:
203 		return NL80211_CHAN_WIDTH_40;
204 	case IEEE80211_STA_RX_BW_80:
205 		return NL80211_CHAN_WIDTH_80;
206 	case IEEE80211_STA_RX_BW_160:
207 		/*
208 		 * This applied for both 160 and 80+80. since we use
209 		 * the returned value to consider degradation of
210 		 * ctx->conf.min_def, we have to make sure to take
211 		 * the bigger one (NL80211_CHAN_WIDTH_160).
212 		 * Otherwise we might try degrading even when not
213 		 * needed, as the max required sta_bw returned (80+80)
214 		 * might be smaller than the configured bw (160).
215 		 */
216 		return NL80211_CHAN_WIDTH_160;
217 	default:
218 		WARN_ON(1);
219 		return NL80211_CHAN_WIDTH_20;
220 	}
221 }
222 
223 static enum nl80211_chan_width
224 ieee80211_get_max_required_bw(struct ieee80211_sub_if_data *sdata)
225 {
226 	enum nl80211_chan_width max_bw = NL80211_CHAN_WIDTH_20_NOHT;
227 	struct sta_info *sta;
228 
229 	rcu_read_lock();
230 	list_for_each_entry_rcu(sta, &sdata->local->sta_list, list) {
231 		if (sdata != sta->sdata &&
232 		    !(sta->sdata->bss && sta->sdata->bss == sdata->bss))
233 			continue;
234 
235 		max_bw = max(max_bw, ieee80211_get_sta_bw(&sta->sta));
236 	}
237 	rcu_read_unlock();
238 
239 	return max_bw;
240 }
241 
242 static enum nl80211_chan_width
243 ieee80211_get_chanctx_max_required_bw(struct ieee80211_local *local,
244 				      struct ieee80211_chanctx_conf *conf)
245 {
246 	struct ieee80211_sub_if_data *sdata;
247 	enum nl80211_chan_width max_bw = NL80211_CHAN_WIDTH_20_NOHT;
248 
249 	rcu_read_lock();
250 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
251 		struct ieee80211_vif *vif = &sdata->vif;
252 		enum nl80211_chan_width width = NL80211_CHAN_WIDTH_20_NOHT;
253 
254 		if (!ieee80211_sdata_running(sdata))
255 			continue;
256 
257 		if (rcu_access_pointer(sdata->vif.chanctx_conf) != conf)
258 			continue;
259 
260 		switch (vif->type) {
261 		case NL80211_IFTYPE_AP:
262 		case NL80211_IFTYPE_AP_VLAN:
263 			width = ieee80211_get_max_required_bw(sdata);
264 			break;
265 		case NL80211_IFTYPE_STATION:
266 			/*
267 			 * The ap's sta->bandwidth is not set yet at this
268 			 * point, so take the width from the chandef, but
269 			 * account also for TDLS peers
270 			 */
271 			width = max(vif->bss_conf.chandef.width,
272 				    ieee80211_get_max_required_bw(sdata));
273 			break;
274 		case NL80211_IFTYPE_P2P_DEVICE:
275 		case NL80211_IFTYPE_NAN:
276 			continue;
277 		case NL80211_IFTYPE_ADHOC:
278 		case NL80211_IFTYPE_WDS:
279 		case NL80211_IFTYPE_MESH_POINT:
280 		case NL80211_IFTYPE_OCB:
281 			width = vif->bss_conf.chandef.width;
282 			break;
283 		case NL80211_IFTYPE_UNSPECIFIED:
284 		case NUM_NL80211_IFTYPES:
285 		case NL80211_IFTYPE_MONITOR:
286 		case NL80211_IFTYPE_P2P_CLIENT:
287 		case NL80211_IFTYPE_P2P_GO:
288 			WARN_ON_ONCE(1);
289 		}
290 		max_bw = max(max_bw, width);
291 	}
292 
293 	/* use the configured bandwidth in case of monitor interface */
294 	sdata = rcu_dereference(local->monitor_sdata);
295 	if (sdata && rcu_access_pointer(sdata->vif.chanctx_conf) == conf)
296 		max_bw = max(max_bw, conf->def.width);
297 
298 	rcu_read_unlock();
299 
300 	return max_bw;
301 }
302 
303 /*
304  * recalc the min required chan width of the channel context, which is
305  * the max of min required widths of all the interfaces bound to this
306  * channel context.
307  */
308 void ieee80211_recalc_chanctx_min_def(struct ieee80211_local *local,
309 				      struct ieee80211_chanctx *ctx)
310 {
311 	enum nl80211_chan_width max_bw;
312 	struct cfg80211_chan_def min_def;
313 
314 	lockdep_assert_held(&local->chanctx_mtx);
315 
316 	/* don't optimize 5MHz, 10MHz, and radar_enabled confs */
317 	if (ctx->conf.def.width == NL80211_CHAN_WIDTH_5 ||
318 	    ctx->conf.def.width == NL80211_CHAN_WIDTH_10 ||
319 	    ctx->conf.radar_enabled) {
320 		ctx->conf.min_def = ctx->conf.def;
321 		return;
322 	}
323 
324 	max_bw = ieee80211_get_chanctx_max_required_bw(local, &ctx->conf);
325 
326 	/* downgrade chandef up to max_bw */
327 	min_def = ctx->conf.def;
328 	while (min_def.width > max_bw)
329 		ieee80211_chandef_downgrade(&min_def);
330 
331 	if (cfg80211_chandef_identical(&ctx->conf.min_def, &min_def))
332 		return;
333 
334 	ctx->conf.min_def = min_def;
335 	if (!ctx->driver_present)
336 		return;
337 
338 	drv_change_chanctx(local, ctx, IEEE80211_CHANCTX_CHANGE_MIN_WIDTH);
339 }
340 
341 static void ieee80211_change_chanctx(struct ieee80211_local *local,
342 				     struct ieee80211_chanctx *ctx,
343 				     const struct cfg80211_chan_def *chandef)
344 {
345 	if (cfg80211_chandef_identical(&ctx->conf.def, chandef)) {
346 		ieee80211_recalc_chanctx_min_def(local, ctx);
347 		return;
348 	}
349 
350 	WARN_ON(!cfg80211_chandef_compatible(&ctx->conf.def, chandef));
351 
352 	ctx->conf.def = *chandef;
353 	drv_change_chanctx(local, ctx, IEEE80211_CHANCTX_CHANGE_WIDTH);
354 	ieee80211_recalc_chanctx_min_def(local, ctx);
355 
356 	if (!local->use_chanctx) {
357 		local->_oper_chandef = *chandef;
358 		ieee80211_hw_config(local, 0);
359 	}
360 }
361 
362 static struct ieee80211_chanctx *
363 ieee80211_find_chanctx(struct ieee80211_local *local,
364 		       const struct cfg80211_chan_def *chandef,
365 		       enum ieee80211_chanctx_mode mode)
366 {
367 	struct ieee80211_chanctx *ctx;
368 
369 	lockdep_assert_held(&local->chanctx_mtx);
370 
371 	if (mode == IEEE80211_CHANCTX_EXCLUSIVE)
372 		return NULL;
373 
374 	list_for_each_entry(ctx, &local->chanctx_list, list) {
375 		const struct cfg80211_chan_def *compat;
376 
377 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACE_NONE)
378 			continue;
379 
380 		if (ctx->mode == IEEE80211_CHANCTX_EXCLUSIVE)
381 			continue;
382 
383 		compat = cfg80211_chandef_compatible(&ctx->conf.def, chandef);
384 		if (!compat)
385 			continue;
386 
387 		compat = ieee80211_chanctx_reserved_chandef(local, ctx,
388 							    compat);
389 		if (!compat)
390 			continue;
391 
392 		ieee80211_change_chanctx(local, ctx, compat);
393 
394 		return ctx;
395 	}
396 
397 	return NULL;
398 }
399 
400 bool ieee80211_is_radar_required(struct ieee80211_local *local)
401 {
402 	struct ieee80211_sub_if_data *sdata;
403 
404 	lockdep_assert_held(&local->mtx);
405 
406 	rcu_read_lock();
407 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
408 		if (sdata->radar_required) {
409 			rcu_read_unlock();
410 			return true;
411 		}
412 	}
413 	rcu_read_unlock();
414 
415 	return false;
416 }
417 
418 static bool
419 ieee80211_chanctx_radar_required(struct ieee80211_local *local,
420 				 struct ieee80211_chanctx *ctx)
421 {
422 	struct ieee80211_chanctx_conf *conf = &ctx->conf;
423 	struct ieee80211_sub_if_data *sdata;
424 	bool required = false;
425 
426 	lockdep_assert_held(&local->chanctx_mtx);
427 	lockdep_assert_held(&local->mtx);
428 
429 	rcu_read_lock();
430 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
431 		if (!ieee80211_sdata_running(sdata))
432 			continue;
433 		if (rcu_access_pointer(sdata->vif.chanctx_conf) != conf)
434 			continue;
435 		if (!sdata->radar_required)
436 			continue;
437 
438 		required = true;
439 		break;
440 	}
441 	rcu_read_unlock();
442 
443 	return required;
444 }
445 
446 static struct ieee80211_chanctx *
447 ieee80211_alloc_chanctx(struct ieee80211_local *local,
448 			const struct cfg80211_chan_def *chandef,
449 			enum ieee80211_chanctx_mode mode)
450 {
451 	struct ieee80211_chanctx *ctx;
452 
453 	lockdep_assert_held(&local->chanctx_mtx);
454 
455 	ctx = kzalloc(sizeof(*ctx) + local->hw.chanctx_data_size, GFP_KERNEL);
456 	if (!ctx)
457 		return NULL;
458 
459 	INIT_LIST_HEAD(&ctx->assigned_vifs);
460 	INIT_LIST_HEAD(&ctx->reserved_vifs);
461 	ctx->conf.def = *chandef;
462 	ctx->conf.rx_chains_static = 1;
463 	ctx->conf.rx_chains_dynamic = 1;
464 	ctx->mode = mode;
465 	ctx->conf.radar_enabled = false;
466 	ieee80211_recalc_chanctx_min_def(local, ctx);
467 
468 	return ctx;
469 }
470 
471 static int ieee80211_add_chanctx(struct ieee80211_local *local,
472 				 struct ieee80211_chanctx *ctx)
473 {
474 	u32 changed;
475 	int err;
476 
477 	lockdep_assert_held(&local->mtx);
478 	lockdep_assert_held(&local->chanctx_mtx);
479 
480 	if (!local->use_chanctx)
481 		local->hw.conf.radar_enabled = ctx->conf.radar_enabled;
482 
483 	/* turn idle off *before* setting channel -- some drivers need that */
484 	changed = ieee80211_idle_off(local);
485 	if (changed)
486 		ieee80211_hw_config(local, changed);
487 
488 	if (!local->use_chanctx) {
489 		local->_oper_chandef = ctx->conf.def;
490 		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
491 	} else {
492 		err = drv_add_chanctx(local, ctx);
493 		if (err) {
494 			ieee80211_recalc_idle(local);
495 			return err;
496 		}
497 	}
498 
499 	return 0;
500 }
501 
502 static struct ieee80211_chanctx *
503 ieee80211_new_chanctx(struct ieee80211_local *local,
504 		      const struct cfg80211_chan_def *chandef,
505 		      enum ieee80211_chanctx_mode mode)
506 {
507 	struct ieee80211_chanctx *ctx;
508 	int err;
509 
510 	lockdep_assert_held(&local->mtx);
511 	lockdep_assert_held(&local->chanctx_mtx);
512 
513 	ctx = ieee80211_alloc_chanctx(local, chandef, mode);
514 	if (!ctx)
515 		return ERR_PTR(-ENOMEM);
516 
517 	err = ieee80211_add_chanctx(local, ctx);
518 	if (err) {
519 		kfree(ctx);
520 		return ERR_PTR(err);
521 	}
522 
523 	list_add_rcu(&ctx->list, &local->chanctx_list);
524 	return ctx;
525 }
526 
527 static void ieee80211_del_chanctx(struct ieee80211_local *local,
528 				  struct ieee80211_chanctx *ctx)
529 {
530 	lockdep_assert_held(&local->chanctx_mtx);
531 
532 	if (!local->use_chanctx) {
533 		struct cfg80211_chan_def *chandef = &local->_oper_chandef;
534 		chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
535 		chandef->center_freq1 = chandef->chan->center_freq;
536 		chandef->freq1_offset = chandef->chan->freq_offset;
537 		chandef->center_freq2 = 0;
538 
539 		/* NOTE: Disabling radar is only valid here for
540 		 * single channel context. To be sure, check it ...
541 		 */
542 		WARN_ON(local->hw.conf.radar_enabled &&
543 			!list_empty(&local->chanctx_list));
544 
545 		local->hw.conf.radar_enabled = false;
546 
547 		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
548 	} else {
549 		drv_remove_chanctx(local, ctx);
550 	}
551 
552 	ieee80211_recalc_idle(local);
553 }
554 
555 static void ieee80211_free_chanctx(struct ieee80211_local *local,
556 				   struct ieee80211_chanctx *ctx)
557 {
558 	lockdep_assert_held(&local->chanctx_mtx);
559 
560 	WARN_ON_ONCE(ieee80211_chanctx_refcount(local, ctx) != 0);
561 
562 	list_del_rcu(&ctx->list);
563 	ieee80211_del_chanctx(local, ctx);
564 	kfree_rcu(ctx, rcu_head);
565 }
566 
567 void ieee80211_recalc_chanctx_chantype(struct ieee80211_local *local,
568 				       struct ieee80211_chanctx *ctx)
569 {
570 	struct ieee80211_chanctx_conf *conf = &ctx->conf;
571 	struct ieee80211_sub_if_data *sdata;
572 	const struct cfg80211_chan_def *compat = NULL;
573 	struct sta_info *sta;
574 
575 	lockdep_assert_held(&local->chanctx_mtx);
576 
577 	rcu_read_lock();
578 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
579 
580 		if (!ieee80211_sdata_running(sdata))
581 			continue;
582 		if (rcu_access_pointer(sdata->vif.chanctx_conf) != conf)
583 			continue;
584 		if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
585 			continue;
586 
587 		if (!compat)
588 			compat = &sdata->vif.bss_conf.chandef;
589 
590 		compat = cfg80211_chandef_compatible(
591 				&sdata->vif.bss_conf.chandef, compat);
592 		if (WARN_ON_ONCE(!compat))
593 			break;
594 	}
595 
596 	/* TDLS peers can sometimes affect the chandef width */
597 	list_for_each_entry_rcu(sta, &local->sta_list, list) {
598 		if (!sta->uploaded ||
599 		    !test_sta_flag(sta, WLAN_STA_TDLS_WIDER_BW) ||
600 		    !test_sta_flag(sta, WLAN_STA_AUTHORIZED) ||
601 		    !sta->tdls_chandef.chan)
602 			continue;
603 
604 		compat = cfg80211_chandef_compatible(&sta->tdls_chandef,
605 						     compat);
606 		if (WARN_ON_ONCE(!compat))
607 			break;
608 	}
609 	rcu_read_unlock();
610 
611 	if (!compat)
612 		return;
613 
614 	ieee80211_change_chanctx(local, ctx, compat);
615 }
616 
617 static void ieee80211_recalc_radar_chanctx(struct ieee80211_local *local,
618 					   struct ieee80211_chanctx *chanctx)
619 {
620 	bool radar_enabled;
621 
622 	lockdep_assert_held(&local->chanctx_mtx);
623 	/* for ieee80211_is_radar_required */
624 	lockdep_assert_held(&local->mtx);
625 
626 	radar_enabled = ieee80211_chanctx_radar_required(local, chanctx);
627 
628 	if (radar_enabled == chanctx->conf.radar_enabled)
629 		return;
630 
631 	chanctx->conf.radar_enabled = radar_enabled;
632 
633 	if (!local->use_chanctx) {
634 		local->hw.conf.radar_enabled = chanctx->conf.radar_enabled;
635 		ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
636 	}
637 
638 	drv_change_chanctx(local, chanctx, IEEE80211_CHANCTX_CHANGE_RADAR);
639 }
640 
641 static int ieee80211_assign_vif_chanctx(struct ieee80211_sub_if_data *sdata,
642 					struct ieee80211_chanctx *new_ctx)
643 {
644 	struct ieee80211_local *local = sdata->local;
645 	struct ieee80211_chanctx_conf *conf;
646 	struct ieee80211_chanctx *curr_ctx = NULL;
647 	int ret = 0;
648 
649 	if (WARN_ON(sdata->vif.type == NL80211_IFTYPE_NAN))
650 		return -ENOTSUPP;
651 
652 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
653 					 lockdep_is_held(&local->chanctx_mtx));
654 
655 	if (conf) {
656 		curr_ctx = container_of(conf, struct ieee80211_chanctx, conf);
657 
658 		drv_unassign_vif_chanctx(local, sdata, curr_ctx);
659 		conf = NULL;
660 		list_del(&sdata->assigned_chanctx_list);
661 	}
662 
663 	if (new_ctx) {
664 		ret = drv_assign_vif_chanctx(local, sdata, new_ctx);
665 		if (ret)
666 			goto out;
667 
668 		conf = &new_ctx->conf;
669 		list_add(&sdata->assigned_chanctx_list,
670 			 &new_ctx->assigned_vifs);
671 	}
672 
673 out:
674 	rcu_assign_pointer(sdata->vif.chanctx_conf, conf);
675 
676 	sdata->vif.bss_conf.idle = !conf;
677 
678 	if (curr_ctx && ieee80211_chanctx_num_assigned(local, curr_ctx) > 0) {
679 		ieee80211_recalc_chanctx_chantype(local, curr_ctx);
680 		ieee80211_recalc_smps_chanctx(local, curr_ctx);
681 		ieee80211_recalc_radar_chanctx(local, curr_ctx);
682 		ieee80211_recalc_chanctx_min_def(local, curr_ctx);
683 	}
684 
685 	if (new_ctx && ieee80211_chanctx_num_assigned(local, new_ctx) > 0) {
686 		ieee80211_recalc_txpower(sdata, false);
687 		ieee80211_recalc_chanctx_min_def(local, new_ctx);
688 	}
689 
690 	if (sdata->vif.type != NL80211_IFTYPE_P2P_DEVICE &&
691 	    sdata->vif.type != NL80211_IFTYPE_MONITOR)
692 		ieee80211_bss_info_change_notify(sdata,
693 						 BSS_CHANGED_IDLE);
694 
695 	ieee80211_check_fast_xmit_iface(sdata);
696 
697 	return ret;
698 }
699 
700 void ieee80211_recalc_smps_chanctx(struct ieee80211_local *local,
701 				   struct ieee80211_chanctx *chanctx)
702 {
703 	struct ieee80211_sub_if_data *sdata;
704 	u8 rx_chains_static, rx_chains_dynamic;
705 
706 	lockdep_assert_held(&local->chanctx_mtx);
707 
708 	rx_chains_static = 1;
709 	rx_chains_dynamic = 1;
710 
711 	rcu_read_lock();
712 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
713 		u8 needed_static, needed_dynamic;
714 
715 		if (!ieee80211_sdata_running(sdata))
716 			continue;
717 
718 		if (rcu_access_pointer(sdata->vif.chanctx_conf) !=
719 						&chanctx->conf)
720 			continue;
721 
722 		switch (sdata->vif.type) {
723 		case NL80211_IFTYPE_P2P_DEVICE:
724 		case NL80211_IFTYPE_NAN:
725 			continue;
726 		case NL80211_IFTYPE_STATION:
727 			if (!sdata->u.mgd.associated)
728 				continue;
729 			break;
730 		case NL80211_IFTYPE_AP_VLAN:
731 			continue;
732 		case NL80211_IFTYPE_AP:
733 		case NL80211_IFTYPE_ADHOC:
734 		case NL80211_IFTYPE_WDS:
735 		case NL80211_IFTYPE_MESH_POINT:
736 		case NL80211_IFTYPE_OCB:
737 			break;
738 		default:
739 			WARN_ON_ONCE(1);
740 		}
741 
742 		switch (sdata->smps_mode) {
743 		default:
744 			WARN_ONCE(1, "Invalid SMPS mode %d\n",
745 				  sdata->smps_mode);
746 			/* fall through */
747 		case IEEE80211_SMPS_OFF:
748 			needed_static = sdata->needed_rx_chains;
749 			needed_dynamic = sdata->needed_rx_chains;
750 			break;
751 		case IEEE80211_SMPS_DYNAMIC:
752 			needed_static = 1;
753 			needed_dynamic = sdata->needed_rx_chains;
754 			break;
755 		case IEEE80211_SMPS_STATIC:
756 			needed_static = 1;
757 			needed_dynamic = 1;
758 			break;
759 		}
760 
761 		rx_chains_static = max(rx_chains_static, needed_static);
762 		rx_chains_dynamic = max(rx_chains_dynamic, needed_dynamic);
763 	}
764 
765 	/* Disable SMPS for the monitor interface */
766 	sdata = rcu_dereference(local->monitor_sdata);
767 	if (sdata &&
768 	    rcu_access_pointer(sdata->vif.chanctx_conf) == &chanctx->conf)
769 		rx_chains_dynamic = rx_chains_static = local->rx_chains;
770 
771 	rcu_read_unlock();
772 
773 	if (!local->use_chanctx) {
774 		if (rx_chains_static > 1)
775 			local->smps_mode = IEEE80211_SMPS_OFF;
776 		else if (rx_chains_dynamic > 1)
777 			local->smps_mode = IEEE80211_SMPS_DYNAMIC;
778 		else
779 			local->smps_mode = IEEE80211_SMPS_STATIC;
780 		ieee80211_hw_config(local, 0);
781 	}
782 
783 	if (rx_chains_static == chanctx->conf.rx_chains_static &&
784 	    rx_chains_dynamic == chanctx->conf.rx_chains_dynamic)
785 		return;
786 
787 	chanctx->conf.rx_chains_static = rx_chains_static;
788 	chanctx->conf.rx_chains_dynamic = rx_chains_dynamic;
789 	drv_change_chanctx(local, chanctx, IEEE80211_CHANCTX_CHANGE_RX_CHAINS);
790 }
791 
792 static void
793 __ieee80211_vif_copy_chanctx_to_vlans(struct ieee80211_sub_if_data *sdata,
794 				      bool clear)
795 {
796 	struct ieee80211_local *local __maybe_unused = sdata->local;
797 	struct ieee80211_sub_if_data *vlan;
798 	struct ieee80211_chanctx_conf *conf;
799 
800 	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP))
801 		return;
802 
803 	lockdep_assert_held(&local->mtx);
804 
805 	/* Check that conf exists, even when clearing this function
806 	 * must be called with the AP's channel context still there
807 	 * as it would otherwise cause VLANs to have an invalid
808 	 * channel context pointer for a while, possibly pointing
809 	 * to a channel context that has already been freed.
810 	 */
811 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
812 					 lockdep_is_held(&local->chanctx_mtx));
813 	WARN_ON(!conf);
814 
815 	if (clear)
816 		conf = NULL;
817 
818 	list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
819 		rcu_assign_pointer(vlan->vif.chanctx_conf, conf);
820 }
821 
822 void ieee80211_vif_copy_chanctx_to_vlans(struct ieee80211_sub_if_data *sdata,
823 					 bool clear)
824 {
825 	struct ieee80211_local *local = sdata->local;
826 
827 	mutex_lock(&local->chanctx_mtx);
828 
829 	__ieee80211_vif_copy_chanctx_to_vlans(sdata, clear);
830 
831 	mutex_unlock(&local->chanctx_mtx);
832 }
833 
834 int ieee80211_vif_unreserve_chanctx(struct ieee80211_sub_if_data *sdata)
835 {
836 	struct ieee80211_chanctx *ctx = sdata->reserved_chanctx;
837 
838 	lockdep_assert_held(&sdata->local->chanctx_mtx);
839 
840 	if (WARN_ON(!ctx))
841 		return -EINVAL;
842 
843 	list_del(&sdata->reserved_chanctx_list);
844 	sdata->reserved_chanctx = NULL;
845 
846 	if (ieee80211_chanctx_refcount(sdata->local, ctx) == 0) {
847 		if (ctx->replace_state == IEEE80211_CHANCTX_REPLACES_OTHER) {
848 			if (WARN_ON(!ctx->replace_ctx))
849 				return -EINVAL;
850 
851 			WARN_ON(ctx->replace_ctx->replace_state !=
852 			        IEEE80211_CHANCTX_WILL_BE_REPLACED);
853 			WARN_ON(ctx->replace_ctx->replace_ctx != ctx);
854 
855 			ctx->replace_ctx->replace_ctx = NULL;
856 			ctx->replace_ctx->replace_state =
857 					IEEE80211_CHANCTX_REPLACE_NONE;
858 
859 			list_del_rcu(&ctx->list);
860 			kfree_rcu(ctx, rcu_head);
861 		} else {
862 			ieee80211_free_chanctx(sdata->local, ctx);
863 		}
864 	}
865 
866 	return 0;
867 }
868 
869 int ieee80211_vif_reserve_chanctx(struct ieee80211_sub_if_data *sdata,
870 				  const struct cfg80211_chan_def *chandef,
871 				  enum ieee80211_chanctx_mode mode,
872 				  bool radar_required)
873 {
874 	struct ieee80211_local *local = sdata->local;
875 	struct ieee80211_chanctx *new_ctx, *curr_ctx, *ctx;
876 
877 	lockdep_assert_held(&local->chanctx_mtx);
878 
879 	curr_ctx = ieee80211_vif_get_chanctx(sdata);
880 	if (curr_ctx && local->use_chanctx && !local->ops->switch_vif_chanctx)
881 		return -ENOTSUPP;
882 
883 	new_ctx = ieee80211_find_reservation_chanctx(local, chandef, mode);
884 	if (!new_ctx) {
885 		if (ieee80211_can_create_new_chanctx(local)) {
886 			new_ctx = ieee80211_new_chanctx(local, chandef, mode);
887 			if (IS_ERR(new_ctx))
888 				return PTR_ERR(new_ctx);
889 		} else {
890 			if (!curr_ctx ||
891 			    (curr_ctx->replace_state ==
892 			     IEEE80211_CHANCTX_WILL_BE_REPLACED) ||
893 			    !list_empty(&curr_ctx->reserved_vifs)) {
894 				/*
895 				 * Another vif already requested this context
896 				 * for a reservation. Find another one hoping
897 				 * all vifs assigned to it will also switch
898 				 * soon enough.
899 				 *
900 				 * TODO: This needs a little more work as some
901 				 * cases (more than 2 chanctx capable devices)
902 				 * may fail which could otherwise succeed
903 				 * provided some channel context juggling was
904 				 * performed.
905 				 *
906 				 * Consider ctx1..3, vif1..6, each ctx has 2
907 				 * vifs. vif1 and vif2 from ctx1 request new
908 				 * different chandefs starting 2 in-place
909 				 * reserations with ctx4 and ctx5 replacing
910 				 * ctx1 and ctx2 respectively. Next vif5 and
911 				 * vif6 from ctx3 reserve ctx4. If vif3 and
912 				 * vif4 remain on ctx2 as they are then this
913 				 * fails unless `replace_ctx` from ctx5 is
914 				 * replaced with ctx3.
915 				 */
916 				list_for_each_entry(ctx, &local->chanctx_list,
917 						    list) {
918 					if (ctx->replace_state !=
919 					    IEEE80211_CHANCTX_REPLACE_NONE)
920 						continue;
921 
922 					if (!list_empty(&ctx->reserved_vifs))
923 						continue;
924 
925 					curr_ctx = ctx;
926 					break;
927 				}
928 			}
929 
930 			/*
931 			 * If that's true then all available contexts already
932 			 * have reservations and cannot be used.
933 			 */
934 			if (!curr_ctx ||
935 			    (curr_ctx->replace_state ==
936 			     IEEE80211_CHANCTX_WILL_BE_REPLACED) ||
937 			    !list_empty(&curr_ctx->reserved_vifs))
938 				return -EBUSY;
939 
940 			new_ctx = ieee80211_alloc_chanctx(local, chandef, mode);
941 			if (!new_ctx)
942 				return -ENOMEM;
943 
944 			new_ctx->replace_ctx = curr_ctx;
945 			new_ctx->replace_state =
946 					IEEE80211_CHANCTX_REPLACES_OTHER;
947 
948 			curr_ctx->replace_ctx = new_ctx;
949 			curr_ctx->replace_state =
950 					IEEE80211_CHANCTX_WILL_BE_REPLACED;
951 
952 			list_add_rcu(&new_ctx->list, &local->chanctx_list);
953 		}
954 	}
955 
956 	list_add(&sdata->reserved_chanctx_list, &new_ctx->reserved_vifs);
957 	sdata->reserved_chanctx = new_ctx;
958 	sdata->reserved_chandef = *chandef;
959 	sdata->reserved_radar_required = radar_required;
960 	sdata->reserved_ready = false;
961 
962 	return 0;
963 }
964 
965 static void
966 ieee80211_vif_chanctx_reservation_complete(struct ieee80211_sub_if_data *sdata)
967 {
968 	switch (sdata->vif.type) {
969 	case NL80211_IFTYPE_ADHOC:
970 	case NL80211_IFTYPE_AP:
971 	case NL80211_IFTYPE_MESH_POINT:
972 	case NL80211_IFTYPE_OCB:
973 		ieee80211_queue_work(&sdata->local->hw,
974 				     &sdata->csa_finalize_work);
975 		break;
976 	case NL80211_IFTYPE_STATION:
977 		ieee80211_queue_work(&sdata->local->hw,
978 				     &sdata->u.mgd.chswitch_work);
979 		break;
980 	case NL80211_IFTYPE_UNSPECIFIED:
981 	case NL80211_IFTYPE_AP_VLAN:
982 	case NL80211_IFTYPE_WDS:
983 	case NL80211_IFTYPE_MONITOR:
984 	case NL80211_IFTYPE_P2P_CLIENT:
985 	case NL80211_IFTYPE_P2P_GO:
986 	case NL80211_IFTYPE_P2P_DEVICE:
987 	case NL80211_IFTYPE_NAN:
988 	case NUM_NL80211_IFTYPES:
989 		WARN_ON(1);
990 		break;
991 	}
992 }
993 
994 static void
995 ieee80211_vif_update_chandef(struct ieee80211_sub_if_data *sdata,
996 			     const struct cfg80211_chan_def *chandef)
997 {
998 	struct ieee80211_sub_if_data *vlan;
999 
1000 	sdata->vif.bss_conf.chandef = *chandef;
1001 
1002 	if (sdata->vif.type != NL80211_IFTYPE_AP)
1003 		return;
1004 
1005 	list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1006 		vlan->vif.bss_conf.chandef = *chandef;
1007 }
1008 
1009 static int
1010 ieee80211_vif_use_reserved_reassign(struct ieee80211_sub_if_data *sdata)
1011 {
1012 	struct ieee80211_local *local = sdata->local;
1013 	struct ieee80211_vif_chanctx_switch vif_chsw[1] = {};
1014 	struct ieee80211_chanctx *old_ctx, *new_ctx;
1015 	const struct cfg80211_chan_def *chandef;
1016 	u32 changed = 0;
1017 	int err;
1018 
1019 	lockdep_assert_held(&local->mtx);
1020 	lockdep_assert_held(&local->chanctx_mtx);
1021 
1022 	new_ctx = sdata->reserved_chanctx;
1023 	old_ctx = ieee80211_vif_get_chanctx(sdata);
1024 
1025 	if (WARN_ON(!sdata->reserved_ready))
1026 		return -EBUSY;
1027 
1028 	if (WARN_ON(!new_ctx))
1029 		return -EINVAL;
1030 
1031 	if (WARN_ON(!old_ctx))
1032 		return -EINVAL;
1033 
1034 	if (WARN_ON(new_ctx->replace_state ==
1035 		    IEEE80211_CHANCTX_REPLACES_OTHER))
1036 		return -EINVAL;
1037 
1038 	chandef = ieee80211_chanctx_non_reserved_chandef(local, new_ctx,
1039 				&sdata->reserved_chandef);
1040 	if (WARN_ON(!chandef))
1041 		return -EINVAL;
1042 
1043 	ieee80211_change_chanctx(local, new_ctx, chandef);
1044 
1045 	vif_chsw[0].vif = &sdata->vif;
1046 	vif_chsw[0].old_ctx = &old_ctx->conf;
1047 	vif_chsw[0].new_ctx = &new_ctx->conf;
1048 
1049 	list_del(&sdata->reserved_chanctx_list);
1050 	sdata->reserved_chanctx = NULL;
1051 
1052 	err = drv_switch_vif_chanctx(local, vif_chsw, 1,
1053 				     CHANCTX_SWMODE_REASSIGN_VIF);
1054 	if (err) {
1055 		if (ieee80211_chanctx_refcount(local, new_ctx) == 0)
1056 			ieee80211_free_chanctx(local, new_ctx);
1057 
1058 		goto out;
1059 	}
1060 
1061 	list_move(&sdata->assigned_chanctx_list, &new_ctx->assigned_vifs);
1062 	rcu_assign_pointer(sdata->vif.chanctx_conf, &new_ctx->conf);
1063 
1064 	if (sdata->vif.type == NL80211_IFTYPE_AP)
1065 		__ieee80211_vif_copy_chanctx_to_vlans(sdata, false);
1066 
1067 	ieee80211_check_fast_xmit_iface(sdata);
1068 
1069 	if (ieee80211_chanctx_refcount(local, old_ctx) == 0)
1070 		ieee80211_free_chanctx(local, old_ctx);
1071 
1072 	if (sdata->vif.bss_conf.chandef.width != sdata->reserved_chandef.width)
1073 		changed = BSS_CHANGED_BANDWIDTH;
1074 
1075 	ieee80211_vif_update_chandef(sdata, &sdata->reserved_chandef);
1076 
1077 	ieee80211_recalc_smps_chanctx(local, new_ctx);
1078 	ieee80211_recalc_radar_chanctx(local, new_ctx);
1079 	ieee80211_recalc_chanctx_min_def(local, new_ctx);
1080 
1081 	if (changed)
1082 		ieee80211_bss_info_change_notify(sdata, changed);
1083 
1084 out:
1085 	ieee80211_vif_chanctx_reservation_complete(sdata);
1086 	return err;
1087 }
1088 
1089 static int
1090 ieee80211_vif_use_reserved_assign(struct ieee80211_sub_if_data *sdata)
1091 {
1092 	struct ieee80211_local *local = sdata->local;
1093 	struct ieee80211_chanctx *old_ctx, *new_ctx;
1094 	const struct cfg80211_chan_def *chandef;
1095 	int err;
1096 
1097 	old_ctx = ieee80211_vif_get_chanctx(sdata);
1098 	new_ctx = sdata->reserved_chanctx;
1099 
1100 	if (WARN_ON(!sdata->reserved_ready))
1101 		return -EINVAL;
1102 
1103 	if (WARN_ON(old_ctx))
1104 		return -EINVAL;
1105 
1106 	if (WARN_ON(!new_ctx))
1107 		return -EINVAL;
1108 
1109 	if (WARN_ON(new_ctx->replace_state ==
1110 		    IEEE80211_CHANCTX_REPLACES_OTHER))
1111 		return -EINVAL;
1112 
1113 	chandef = ieee80211_chanctx_non_reserved_chandef(local, new_ctx,
1114 				&sdata->reserved_chandef);
1115 	if (WARN_ON(!chandef))
1116 		return -EINVAL;
1117 
1118 	ieee80211_change_chanctx(local, new_ctx, chandef);
1119 
1120 	list_del(&sdata->reserved_chanctx_list);
1121 	sdata->reserved_chanctx = NULL;
1122 
1123 	err = ieee80211_assign_vif_chanctx(sdata, new_ctx);
1124 	if (err) {
1125 		if (ieee80211_chanctx_refcount(local, new_ctx) == 0)
1126 			ieee80211_free_chanctx(local, new_ctx);
1127 
1128 		goto out;
1129 	}
1130 
1131 out:
1132 	ieee80211_vif_chanctx_reservation_complete(sdata);
1133 	return err;
1134 }
1135 
1136 static bool
1137 ieee80211_vif_has_in_place_reservation(struct ieee80211_sub_if_data *sdata)
1138 {
1139 	struct ieee80211_chanctx *old_ctx, *new_ctx;
1140 
1141 	lockdep_assert_held(&sdata->local->chanctx_mtx);
1142 
1143 	new_ctx = sdata->reserved_chanctx;
1144 	old_ctx = ieee80211_vif_get_chanctx(sdata);
1145 
1146 	if (!old_ctx)
1147 		return false;
1148 
1149 	if (WARN_ON(!new_ctx))
1150 		return false;
1151 
1152 	if (old_ctx->replace_state != IEEE80211_CHANCTX_WILL_BE_REPLACED)
1153 		return false;
1154 
1155 	if (new_ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1156 		return false;
1157 
1158 	return true;
1159 }
1160 
1161 static int ieee80211_chsw_switch_hwconf(struct ieee80211_local *local,
1162 					struct ieee80211_chanctx *new_ctx)
1163 {
1164 	const struct cfg80211_chan_def *chandef;
1165 
1166 	lockdep_assert_held(&local->mtx);
1167 	lockdep_assert_held(&local->chanctx_mtx);
1168 
1169 	chandef = ieee80211_chanctx_reserved_chandef(local, new_ctx, NULL);
1170 	if (WARN_ON(!chandef))
1171 		return -EINVAL;
1172 
1173 	local->hw.conf.radar_enabled = new_ctx->conf.radar_enabled;
1174 	local->_oper_chandef = *chandef;
1175 	ieee80211_hw_config(local, 0);
1176 
1177 	return 0;
1178 }
1179 
1180 static int ieee80211_chsw_switch_vifs(struct ieee80211_local *local,
1181 				      int n_vifs)
1182 {
1183 	struct ieee80211_vif_chanctx_switch *vif_chsw;
1184 	struct ieee80211_sub_if_data *sdata;
1185 	struct ieee80211_chanctx *ctx, *old_ctx;
1186 	int i, err;
1187 
1188 	lockdep_assert_held(&local->mtx);
1189 	lockdep_assert_held(&local->chanctx_mtx);
1190 
1191 	vif_chsw = kcalloc(n_vifs, sizeof(vif_chsw[0]), GFP_KERNEL);
1192 	if (!vif_chsw)
1193 		return -ENOMEM;
1194 
1195 	i = 0;
1196 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1197 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1198 			continue;
1199 
1200 		if (WARN_ON(!ctx->replace_ctx)) {
1201 			err = -EINVAL;
1202 			goto out;
1203 		}
1204 
1205 		list_for_each_entry(sdata, &ctx->reserved_vifs,
1206 				    reserved_chanctx_list) {
1207 			if (!ieee80211_vif_has_in_place_reservation(
1208 					sdata))
1209 				continue;
1210 
1211 			old_ctx = ieee80211_vif_get_chanctx(sdata);
1212 			vif_chsw[i].vif = &sdata->vif;
1213 			vif_chsw[i].old_ctx = &old_ctx->conf;
1214 			vif_chsw[i].new_ctx = &ctx->conf;
1215 
1216 			i++;
1217 		}
1218 	}
1219 
1220 	err = drv_switch_vif_chanctx(local, vif_chsw, n_vifs,
1221 				     CHANCTX_SWMODE_SWAP_CONTEXTS);
1222 
1223 out:
1224 	kfree(vif_chsw);
1225 	return err;
1226 }
1227 
1228 static int ieee80211_chsw_switch_ctxs(struct ieee80211_local *local)
1229 {
1230 	struct ieee80211_chanctx *ctx;
1231 	int err;
1232 
1233 	lockdep_assert_held(&local->mtx);
1234 	lockdep_assert_held(&local->chanctx_mtx);
1235 
1236 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1237 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1238 			continue;
1239 
1240 		if (!list_empty(&ctx->replace_ctx->assigned_vifs))
1241 			continue;
1242 
1243 		ieee80211_del_chanctx(local, ctx->replace_ctx);
1244 		err = ieee80211_add_chanctx(local, ctx);
1245 		if (err)
1246 			goto err;
1247 	}
1248 
1249 	return 0;
1250 
1251 err:
1252 	WARN_ON(ieee80211_add_chanctx(local, ctx));
1253 	list_for_each_entry_continue_reverse(ctx, &local->chanctx_list, list) {
1254 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1255 			continue;
1256 
1257 		if (!list_empty(&ctx->replace_ctx->assigned_vifs))
1258 			continue;
1259 
1260 		ieee80211_del_chanctx(local, ctx);
1261 		WARN_ON(ieee80211_add_chanctx(local, ctx->replace_ctx));
1262 	}
1263 
1264 	return err;
1265 }
1266 
1267 static int ieee80211_vif_use_reserved_switch(struct ieee80211_local *local)
1268 {
1269 	struct ieee80211_sub_if_data *sdata, *sdata_tmp;
1270 	struct ieee80211_chanctx *ctx, *ctx_tmp, *old_ctx;
1271 	struct ieee80211_chanctx *new_ctx = NULL;
1272 	int err, n_assigned, n_reserved, n_ready;
1273 	int n_ctx = 0, n_vifs_switch = 0, n_vifs_assign = 0, n_vifs_ctxless = 0;
1274 
1275 	lockdep_assert_held(&local->mtx);
1276 	lockdep_assert_held(&local->chanctx_mtx);
1277 
1278 	/*
1279 	 * If there are 2 independent pairs of channel contexts performing
1280 	 * cross-switch of their vifs this code will still wait until both are
1281 	 * ready even though it could be possible to switch one before the
1282 	 * other is ready.
1283 	 *
1284 	 * For practical reasons and code simplicity just do a single huge
1285 	 * switch.
1286 	 */
1287 
1288 	/*
1289 	 * Verify if the reservation is still feasible.
1290 	 *  - if it's not then disconnect
1291 	 *  - if it is but not all vifs necessary are ready then defer
1292 	 */
1293 
1294 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1295 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1296 			continue;
1297 
1298 		if (WARN_ON(!ctx->replace_ctx)) {
1299 			err = -EINVAL;
1300 			goto err;
1301 		}
1302 
1303 		if (!local->use_chanctx)
1304 			new_ctx = ctx;
1305 
1306 		n_ctx++;
1307 
1308 		n_assigned = 0;
1309 		n_reserved = 0;
1310 		n_ready = 0;
1311 
1312 		list_for_each_entry(sdata, &ctx->replace_ctx->assigned_vifs,
1313 				    assigned_chanctx_list) {
1314 			n_assigned++;
1315 			if (sdata->reserved_chanctx) {
1316 				n_reserved++;
1317 				if (sdata->reserved_ready)
1318 					n_ready++;
1319 			}
1320 		}
1321 
1322 		if (n_assigned != n_reserved) {
1323 			if (n_ready == n_reserved) {
1324 				wiphy_info(local->hw.wiphy,
1325 					   "channel context reservation cannot be finalized because some interfaces aren't switching\n");
1326 				err = -EBUSY;
1327 				goto err;
1328 			}
1329 
1330 			return -EAGAIN;
1331 		}
1332 
1333 		ctx->conf.radar_enabled = false;
1334 		list_for_each_entry(sdata, &ctx->reserved_vifs,
1335 				    reserved_chanctx_list) {
1336 			if (ieee80211_vif_has_in_place_reservation(sdata) &&
1337 			    !sdata->reserved_ready)
1338 				return -EAGAIN;
1339 
1340 			old_ctx = ieee80211_vif_get_chanctx(sdata);
1341 			if (old_ctx) {
1342 				if (old_ctx->replace_state ==
1343 				    IEEE80211_CHANCTX_WILL_BE_REPLACED)
1344 					n_vifs_switch++;
1345 				else
1346 					n_vifs_assign++;
1347 			} else {
1348 				n_vifs_ctxless++;
1349 			}
1350 
1351 			if (sdata->reserved_radar_required)
1352 				ctx->conf.radar_enabled = true;
1353 		}
1354 	}
1355 
1356 	if (WARN_ON(n_ctx == 0) ||
1357 	    WARN_ON(n_vifs_switch == 0 &&
1358 		    n_vifs_assign == 0 &&
1359 		    n_vifs_ctxless == 0) ||
1360 	    WARN_ON(n_ctx > 1 && !local->use_chanctx) ||
1361 	    WARN_ON(!new_ctx && !local->use_chanctx)) {
1362 		err = -EINVAL;
1363 		goto err;
1364 	}
1365 
1366 	/*
1367 	 * All necessary vifs are ready. Perform the switch now depending on
1368 	 * reservations and driver capabilities.
1369 	 */
1370 
1371 	if (local->use_chanctx) {
1372 		if (n_vifs_switch > 0) {
1373 			err = ieee80211_chsw_switch_vifs(local, n_vifs_switch);
1374 			if (err)
1375 				goto err;
1376 		}
1377 
1378 		if (n_vifs_assign > 0 || n_vifs_ctxless > 0) {
1379 			err = ieee80211_chsw_switch_ctxs(local);
1380 			if (err)
1381 				goto err;
1382 		}
1383 	} else {
1384 		err = ieee80211_chsw_switch_hwconf(local, new_ctx);
1385 		if (err)
1386 			goto err;
1387 	}
1388 
1389 	/*
1390 	 * Update all structures, values and pointers to point to new channel
1391 	 * context(s).
1392 	 */
1393 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1394 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1395 			continue;
1396 
1397 		if (WARN_ON(!ctx->replace_ctx)) {
1398 			err = -EINVAL;
1399 			goto err;
1400 		}
1401 
1402 		list_for_each_entry(sdata, &ctx->reserved_vifs,
1403 				    reserved_chanctx_list) {
1404 			u32 changed = 0;
1405 
1406 			if (!ieee80211_vif_has_in_place_reservation(sdata))
1407 				continue;
1408 
1409 			rcu_assign_pointer(sdata->vif.chanctx_conf, &ctx->conf);
1410 
1411 			if (sdata->vif.type == NL80211_IFTYPE_AP)
1412 				__ieee80211_vif_copy_chanctx_to_vlans(sdata,
1413 								      false);
1414 
1415 			ieee80211_check_fast_xmit_iface(sdata);
1416 
1417 			sdata->radar_required = sdata->reserved_radar_required;
1418 
1419 			if (sdata->vif.bss_conf.chandef.width !=
1420 			    sdata->reserved_chandef.width)
1421 				changed = BSS_CHANGED_BANDWIDTH;
1422 
1423 			ieee80211_vif_update_chandef(sdata, &sdata->reserved_chandef);
1424 			if (changed)
1425 				ieee80211_bss_info_change_notify(sdata,
1426 								 changed);
1427 
1428 			ieee80211_recalc_txpower(sdata, false);
1429 		}
1430 
1431 		ieee80211_recalc_chanctx_chantype(local, ctx);
1432 		ieee80211_recalc_smps_chanctx(local, ctx);
1433 		ieee80211_recalc_radar_chanctx(local, ctx);
1434 		ieee80211_recalc_chanctx_min_def(local, ctx);
1435 
1436 		list_for_each_entry_safe(sdata, sdata_tmp, &ctx->reserved_vifs,
1437 					 reserved_chanctx_list) {
1438 			if (ieee80211_vif_get_chanctx(sdata) != ctx)
1439 				continue;
1440 
1441 			list_del(&sdata->reserved_chanctx_list);
1442 			list_move(&sdata->assigned_chanctx_list,
1443 				  &ctx->assigned_vifs);
1444 			sdata->reserved_chanctx = NULL;
1445 
1446 			ieee80211_vif_chanctx_reservation_complete(sdata);
1447 		}
1448 
1449 		/*
1450 		 * This context might have been a dependency for an already
1451 		 * ready re-assign reservation interface that was deferred. Do
1452 		 * not propagate error to the caller though. The in-place
1453 		 * reservation for originally requested interface has already
1454 		 * succeeded at this point.
1455 		 */
1456 		list_for_each_entry_safe(sdata, sdata_tmp, &ctx->reserved_vifs,
1457 					 reserved_chanctx_list) {
1458 			if (WARN_ON(ieee80211_vif_has_in_place_reservation(
1459 					sdata)))
1460 				continue;
1461 
1462 			if (WARN_ON(sdata->reserved_chanctx != ctx))
1463 				continue;
1464 
1465 			if (!sdata->reserved_ready)
1466 				continue;
1467 
1468 			if (ieee80211_vif_get_chanctx(sdata))
1469 				err = ieee80211_vif_use_reserved_reassign(
1470 						sdata);
1471 			else
1472 				err = ieee80211_vif_use_reserved_assign(sdata);
1473 
1474 			if (err) {
1475 				sdata_info(sdata,
1476 					   "failed to finalize (re-)assign reservation (err=%d)\n",
1477 					   err);
1478 				ieee80211_vif_unreserve_chanctx(sdata);
1479 				cfg80211_stop_iface(local->hw.wiphy,
1480 						    &sdata->wdev,
1481 						    GFP_KERNEL);
1482 			}
1483 		}
1484 	}
1485 
1486 	/*
1487 	 * Finally free old contexts
1488 	 */
1489 
1490 	list_for_each_entry_safe(ctx, ctx_tmp, &local->chanctx_list, list) {
1491 		if (ctx->replace_state != IEEE80211_CHANCTX_WILL_BE_REPLACED)
1492 			continue;
1493 
1494 		ctx->replace_ctx->replace_ctx = NULL;
1495 		ctx->replace_ctx->replace_state =
1496 				IEEE80211_CHANCTX_REPLACE_NONE;
1497 
1498 		list_del_rcu(&ctx->list);
1499 		kfree_rcu(ctx, rcu_head);
1500 	}
1501 
1502 	return 0;
1503 
1504 err:
1505 	list_for_each_entry(ctx, &local->chanctx_list, list) {
1506 		if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
1507 			continue;
1508 
1509 		list_for_each_entry_safe(sdata, sdata_tmp, &ctx->reserved_vifs,
1510 					 reserved_chanctx_list) {
1511 			ieee80211_vif_unreserve_chanctx(sdata);
1512 			ieee80211_vif_chanctx_reservation_complete(sdata);
1513 		}
1514 	}
1515 
1516 	return err;
1517 }
1518 
1519 static void __ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata)
1520 {
1521 	struct ieee80211_local *local = sdata->local;
1522 	struct ieee80211_chanctx_conf *conf;
1523 	struct ieee80211_chanctx *ctx;
1524 	bool use_reserved_switch = false;
1525 
1526 	lockdep_assert_held(&local->chanctx_mtx);
1527 
1528 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
1529 					 lockdep_is_held(&local->chanctx_mtx));
1530 	if (!conf)
1531 		return;
1532 
1533 	ctx = container_of(conf, struct ieee80211_chanctx, conf);
1534 
1535 	if (sdata->reserved_chanctx) {
1536 		if (sdata->reserved_chanctx->replace_state ==
1537 		    IEEE80211_CHANCTX_REPLACES_OTHER &&
1538 		    ieee80211_chanctx_num_reserved(local,
1539 						   sdata->reserved_chanctx) > 1)
1540 			use_reserved_switch = true;
1541 
1542 		ieee80211_vif_unreserve_chanctx(sdata);
1543 	}
1544 
1545 	ieee80211_assign_vif_chanctx(sdata, NULL);
1546 	if (ieee80211_chanctx_refcount(local, ctx) == 0)
1547 		ieee80211_free_chanctx(local, ctx);
1548 
1549 	sdata->radar_required = false;
1550 
1551 	/* Unreserving may ready an in-place reservation. */
1552 	if (use_reserved_switch)
1553 		ieee80211_vif_use_reserved_switch(local);
1554 }
1555 
1556 int ieee80211_vif_use_channel(struct ieee80211_sub_if_data *sdata,
1557 			      const struct cfg80211_chan_def *chandef,
1558 			      enum ieee80211_chanctx_mode mode)
1559 {
1560 	struct ieee80211_local *local = sdata->local;
1561 	struct ieee80211_chanctx *ctx;
1562 	u8 radar_detect_width = 0;
1563 	int ret;
1564 
1565 	lockdep_assert_held(&local->mtx);
1566 
1567 	WARN_ON(sdata->dev && netif_carrier_ok(sdata->dev));
1568 
1569 	mutex_lock(&local->chanctx_mtx);
1570 
1571 	ret = cfg80211_chandef_dfs_required(local->hw.wiphy,
1572 					    chandef,
1573 					    sdata->wdev.iftype);
1574 	if (ret < 0)
1575 		goto out;
1576 	if (ret > 0)
1577 		radar_detect_width = BIT(chandef->width);
1578 
1579 	sdata->radar_required = ret;
1580 
1581 	ret = ieee80211_check_combinations(sdata, chandef, mode,
1582 					   radar_detect_width);
1583 	if (ret < 0)
1584 		goto out;
1585 
1586 	__ieee80211_vif_release_channel(sdata);
1587 
1588 	ctx = ieee80211_find_chanctx(local, chandef, mode);
1589 	if (!ctx)
1590 		ctx = ieee80211_new_chanctx(local, chandef, mode);
1591 	if (IS_ERR(ctx)) {
1592 		ret = PTR_ERR(ctx);
1593 		goto out;
1594 	}
1595 
1596 	ieee80211_vif_update_chandef(sdata, chandef);
1597 
1598 	ret = ieee80211_assign_vif_chanctx(sdata, ctx);
1599 	if (ret) {
1600 		/* if assign fails refcount stays the same */
1601 		if (ieee80211_chanctx_refcount(local, ctx) == 0)
1602 			ieee80211_free_chanctx(local, ctx);
1603 		goto out;
1604 	}
1605 
1606 	ieee80211_recalc_smps_chanctx(local, ctx);
1607 	ieee80211_recalc_radar_chanctx(local, ctx);
1608  out:
1609 	if (ret)
1610 		sdata->radar_required = false;
1611 
1612 	mutex_unlock(&local->chanctx_mtx);
1613 	return ret;
1614 }
1615 
1616 int ieee80211_vif_use_reserved_context(struct ieee80211_sub_if_data *sdata)
1617 {
1618 	struct ieee80211_local *local = sdata->local;
1619 	struct ieee80211_chanctx *new_ctx;
1620 	struct ieee80211_chanctx *old_ctx;
1621 	int err;
1622 
1623 	lockdep_assert_held(&local->mtx);
1624 	lockdep_assert_held(&local->chanctx_mtx);
1625 
1626 	new_ctx = sdata->reserved_chanctx;
1627 	old_ctx = ieee80211_vif_get_chanctx(sdata);
1628 
1629 	if (WARN_ON(!new_ctx))
1630 		return -EINVAL;
1631 
1632 	if (WARN_ON(new_ctx->replace_state ==
1633 		    IEEE80211_CHANCTX_WILL_BE_REPLACED))
1634 		return -EINVAL;
1635 
1636 	if (WARN_ON(sdata->reserved_ready))
1637 		return -EINVAL;
1638 
1639 	sdata->reserved_ready = true;
1640 
1641 	if (new_ctx->replace_state == IEEE80211_CHANCTX_REPLACE_NONE) {
1642 		if (old_ctx)
1643 			err = ieee80211_vif_use_reserved_reassign(sdata);
1644 		else
1645 			err = ieee80211_vif_use_reserved_assign(sdata);
1646 
1647 		if (err)
1648 			return err;
1649 	}
1650 
1651 	/*
1652 	 * In-place reservation may need to be finalized now either if:
1653 	 *  a) sdata is taking part in the swapping itself and is the last one
1654 	 *  b) sdata has switched with a re-assign reservation to an existing
1655 	 *     context readying in-place switching of old_ctx
1656 	 *
1657 	 * In case of (b) do not propagate the error up because the requested
1658 	 * sdata already switched successfully. Just spill an extra warning.
1659 	 * The ieee80211_vif_use_reserved_switch() already stops all necessary
1660 	 * interfaces upon failure.
1661 	 */
1662 	if ((old_ctx &&
1663 	     old_ctx->replace_state == IEEE80211_CHANCTX_WILL_BE_REPLACED) ||
1664 	    new_ctx->replace_state == IEEE80211_CHANCTX_REPLACES_OTHER) {
1665 		err = ieee80211_vif_use_reserved_switch(local);
1666 		if (err && err != -EAGAIN) {
1667 			if (new_ctx->replace_state ==
1668 			    IEEE80211_CHANCTX_REPLACES_OTHER)
1669 				return err;
1670 
1671 			wiphy_info(local->hw.wiphy,
1672 				   "depending in-place reservation failed (err=%d)\n",
1673 				   err);
1674 		}
1675 	}
1676 
1677 	return 0;
1678 }
1679 
1680 int ieee80211_vif_change_bandwidth(struct ieee80211_sub_if_data *sdata,
1681 				   const struct cfg80211_chan_def *chandef,
1682 				   u32 *changed)
1683 {
1684 	struct ieee80211_local *local = sdata->local;
1685 	struct ieee80211_chanctx_conf *conf;
1686 	struct ieee80211_chanctx *ctx;
1687 	const struct cfg80211_chan_def *compat;
1688 	int ret;
1689 
1690 	if (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
1691 				     IEEE80211_CHAN_DISABLED))
1692 		return -EINVAL;
1693 
1694 	mutex_lock(&local->chanctx_mtx);
1695 	if (cfg80211_chandef_identical(chandef, &sdata->vif.bss_conf.chandef)) {
1696 		ret = 0;
1697 		goto out;
1698 	}
1699 
1700 	if (chandef->width == NL80211_CHAN_WIDTH_20_NOHT ||
1701 	    sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT) {
1702 		ret = -EINVAL;
1703 		goto out;
1704 	}
1705 
1706 	conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
1707 					 lockdep_is_held(&local->chanctx_mtx));
1708 	if (!conf) {
1709 		ret = -EINVAL;
1710 		goto out;
1711 	}
1712 
1713 	ctx = container_of(conf, struct ieee80211_chanctx, conf);
1714 
1715 	compat = cfg80211_chandef_compatible(&conf->def, chandef);
1716 	if (!compat) {
1717 		ret = -EINVAL;
1718 		goto out;
1719 	}
1720 
1721 	switch (ctx->replace_state) {
1722 	case IEEE80211_CHANCTX_REPLACE_NONE:
1723 		if (!ieee80211_chanctx_reserved_chandef(local, ctx, compat)) {
1724 			ret = -EBUSY;
1725 			goto out;
1726 		}
1727 		break;
1728 	case IEEE80211_CHANCTX_WILL_BE_REPLACED:
1729 		/* TODO: Perhaps the bandwidth change could be treated as a
1730 		 * reservation itself? */
1731 		ret = -EBUSY;
1732 		goto out;
1733 	case IEEE80211_CHANCTX_REPLACES_OTHER:
1734 		/* channel context that is going to replace another channel
1735 		 * context doesn't really exist and shouldn't be assigned
1736 		 * anywhere yet */
1737 		WARN_ON(1);
1738 		break;
1739 	}
1740 
1741 	ieee80211_vif_update_chandef(sdata, chandef);
1742 
1743 	ieee80211_recalc_chanctx_chantype(local, ctx);
1744 
1745 	*changed |= BSS_CHANGED_BANDWIDTH;
1746 	ret = 0;
1747  out:
1748 	mutex_unlock(&local->chanctx_mtx);
1749 	return ret;
1750 }
1751 
1752 void ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata)
1753 {
1754 	WARN_ON(sdata->dev && netif_carrier_ok(sdata->dev));
1755 
1756 	lockdep_assert_held(&sdata->local->mtx);
1757 
1758 	mutex_lock(&sdata->local->chanctx_mtx);
1759 	__ieee80211_vif_release_channel(sdata);
1760 	mutex_unlock(&sdata->local->chanctx_mtx);
1761 }
1762 
1763 void ieee80211_vif_vlan_copy_chanctx(struct ieee80211_sub_if_data *sdata)
1764 {
1765 	struct ieee80211_local *local = sdata->local;
1766 	struct ieee80211_sub_if_data *ap;
1767 	struct ieee80211_chanctx_conf *conf;
1768 
1769 	if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP_VLAN || !sdata->bss))
1770 		return;
1771 
1772 	ap = container_of(sdata->bss, struct ieee80211_sub_if_data, u.ap);
1773 
1774 	mutex_lock(&local->chanctx_mtx);
1775 
1776 	conf = rcu_dereference_protected(ap->vif.chanctx_conf,
1777 					 lockdep_is_held(&local->chanctx_mtx));
1778 	rcu_assign_pointer(sdata->vif.chanctx_conf, conf);
1779 	mutex_unlock(&local->chanctx_mtx);
1780 }
1781 
1782 void ieee80211_iter_chan_contexts_atomic(
1783 	struct ieee80211_hw *hw,
1784 	void (*iter)(struct ieee80211_hw *hw,
1785 		     struct ieee80211_chanctx_conf *chanctx_conf,
1786 		     void *data),
1787 	void *iter_data)
1788 {
1789 	struct ieee80211_local *local = hw_to_local(hw);
1790 	struct ieee80211_chanctx *ctx;
1791 
1792 	rcu_read_lock();
1793 	list_for_each_entry_rcu(ctx, &local->chanctx_list, list)
1794 		if (ctx->driver_present)
1795 			iter(hw, &ctx->conf, iter_data);
1796 	rcu_read_unlock();
1797 }
1798 EXPORT_SYMBOL_GPL(ieee80211_iter_chan_contexts_atomic);
1799