Loading...
1/*
2 * Off-channel operation helpers
3 *
4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2004, Instant802 Networks, Inc.
6 * Copyright 2005, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
14 */
15#include <linux/export.h>
16#include <net/mac80211.h>
17#include "ieee80211_i.h"
18#include "driver-ops.h"
19
20/*
21 * Tell our hardware to disable PS.
22 * Optionally inform AP that we will go to sleep so that it will buffer
23 * the frames while we are doing off-channel work. This is optional
24 * because we *may* be doing work on-operating channel, and want our
25 * hardware unconditionally awake, but still let the AP send us normal frames.
26 */
27static void ieee80211_offchannel_ps_enable(struct ieee80211_sub_if_data *sdata)
28{
29 struct ieee80211_local *local = sdata->local;
30 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
31
32 local->offchannel_ps_enabled = false;
33
34 /* FIXME: what to do when local->pspolling is true? */
35
36 del_timer_sync(&local->dynamic_ps_timer);
37 del_timer_sync(&ifmgd->bcn_mon_timer);
38 del_timer_sync(&ifmgd->conn_mon_timer);
39
40 cancel_work_sync(&local->dynamic_ps_enable_work);
41
42 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
43 local->offchannel_ps_enabled = true;
44 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
45 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
46 }
47
48 if (!local->offchannel_ps_enabled ||
49 !(local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK))
50 /*
51 * If power save was enabled, no need to send a nullfunc
52 * frame because AP knows that we are sleeping. But if the
53 * hardware is creating the nullfunc frame for power save
54 * status (ie. IEEE80211_HW_PS_NULLFUNC_STACK is not
55 * enabled) and power save was enabled, the firmware just
56 * sent a null frame with power save disabled. So we need
57 * to send a new nullfunc frame to inform the AP that we
58 * are again sleeping.
59 */
60 ieee80211_send_nullfunc(local, sdata, 1);
61}
62
63/* inform AP that we are awake again, unless power save is enabled */
64static void ieee80211_offchannel_ps_disable(struct ieee80211_sub_if_data *sdata)
65{
66 struct ieee80211_local *local = sdata->local;
67
68 if (!local->ps_sdata)
69 ieee80211_send_nullfunc(local, sdata, 0);
70 else if (local->offchannel_ps_enabled) {
71 /*
72 * In !IEEE80211_HW_PS_NULLFUNC_STACK case the hardware
73 * will send a nullfunc frame with the powersave bit set
74 * even though the AP already knows that we are sleeping.
75 * This could be avoided by sending a null frame with power
76 * save bit disabled before enabling the power save, but
77 * this doesn't gain anything.
78 *
79 * When IEEE80211_HW_PS_NULLFUNC_STACK is enabled, no need
80 * to send a nullfunc frame because AP already knows that
81 * we are sleeping, let's just enable power save mode in
82 * hardware.
83 */
84 /* TODO: Only set hardware if CONF_PS changed?
85 * TODO: Should we set offchannel_ps_enabled to false?
86 */
87 local->hw.conf.flags |= IEEE80211_CONF_PS;
88 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
89 } else if (local->hw.conf.dynamic_ps_timeout > 0) {
90 /*
91 * If IEEE80211_CONF_PS was not set and the dynamic_ps_timer
92 * had been running before leaving the operating channel,
93 * restart the timer now and send a nullfunc frame to inform
94 * the AP that we are awake.
95 */
96 ieee80211_send_nullfunc(local, sdata, 0);
97 mod_timer(&local->dynamic_ps_timer, jiffies +
98 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
99 }
100
101 ieee80211_sta_reset_beacon_monitor(sdata);
102 ieee80211_sta_reset_conn_monitor(sdata);
103}
104
105void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local)
106{
107 struct ieee80211_sub_if_data *sdata;
108
109 if (WARN_ON(local->use_chanctx))
110 return;
111
112 /*
113 * notify the AP about us leaving the channel and stop all
114 * STA interfaces.
115 */
116
117 /*
118 * Stop queues and transmit all frames queued by the driver
119 * before sending nullfunc to enable powersave at the AP.
120 */
121 ieee80211_stop_queues_by_reason(&local->hw, IEEE80211_MAX_QUEUE_MAP,
122 IEEE80211_QUEUE_STOP_REASON_OFFCHANNEL);
123 ieee80211_flush_queues(local, NULL);
124
125 mutex_lock(&local->iflist_mtx);
126 list_for_each_entry(sdata, &local->interfaces, list) {
127 if (!ieee80211_sdata_running(sdata))
128 continue;
129
130 if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
131 continue;
132
133 if (sdata->vif.type != NL80211_IFTYPE_MONITOR)
134 set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state);
135
136 /* Check to see if we should disable beaconing. */
137 if (sdata->vif.bss_conf.enable_beacon) {
138 set_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED,
139 &sdata->state);
140 sdata->vif.bss_conf.enable_beacon = false;
141 ieee80211_bss_info_change_notify(
142 sdata, BSS_CHANGED_BEACON_ENABLED);
143 }
144
145 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
146 sdata->u.mgd.associated)
147 ieee80211_offchannel_ps_enable(sdata);
148 }
149 mutex_unlock(&local->iflist_mtx);
150}
151
152void ieee80211_offchannel_return(struct ieee80211_local *local)
153{
154 struct ieee80211_sub_if_data *sdata;
155
156 if (WARN_ON(local->use_chanctx))
157 return;
158
159 mutex_lock(&local->iflist_mtx);
160 list_for_each_entry(sdata, &local->interfaces, list) {
161 if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
162 continue;
163
164 if (sdata->vif.type != NL80211_IFTYPE_MONITOR)
165 clear_bit(SDATA_STATE_OFFCHANNEL, &sdata->state);
166
167 if (!ieee80211_sdata_running(sdata))
168 continue;
169
170 /* Tell AP we're back */
171 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
172 sdata->u.mgd.associated)
173 ieee80211_offchannel_ps_disable(sdata);
174
175 if (test_and_clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED,
176 &sdata->state)) {
177 sdata->vif.bss_conf.enable_beacon = true;
178 ieee80211_bss_info_change_notify(
179 sdata, BSS_CHANGED_BEACON_ENABLED);
180 }
181 }
182 mutex_unlock(&local->iflist_mtx);
183
184 ieee80211_wake_queues_by_reason(&local->hw, IEEE80211_MAX_QUEUE_MAP,
185 IEEE80211_QUEUE_STOP_REASON_OFFCHANNEL);
186}
187
188void ieee80211_handle_roc_started(struct ieee80211_roc_work *roc)
189{
190 if (roc->notified)
191 return;
192
193 if (roc->mgmt_tx_cookie) {
194 if (!WARN_ON(!roc->frame)) {
195 ieee80211_tx_skb_tid_band(roc->sdata, roc->frame, 7,
196 roc->chan->band);
197 roc->frame = NULL;
198 }
199 } else {
200 cfg80211_ready_on_channel(&roc->sdata->wdev, roc->cookie,
201 roc->chan, roc->req_duration,
202 GFP_KERNEL);
203 }
204
205 roc->notified = true;
206}
207
208static void ieee80211_hw_roc_start(struct work_struct *work)
209{
210 struct ieee80211_local *local =
211 container_of(work, struct ieee80211_local, hw_roc_start);
212 struct ieee80211_roc_work *roc, *dep, *tmp;
213
214 mutex_lock(&local->mtx);
215
216 if (list_empty(&local->roc_list))
217 goto out_unlock;
218
219 roc = list_first_entry(&local->roc_list, struct ieee80211_roc_work,
220 list);
221
222 if (!roc->started)
223 goto out_unlock;
224
225 roc->hw_begun = true;
226 roc->hw_start_time = local->hw_roc_start_time;
227
228 ieee80211_handle_roc_started(roc);
229 list_for_each_entry_safe(dep, tmp, &roc->dependents, list) {
230 ieee80211_handle_roc_started(dep);
231
232 if (dep->duration > roc->duration) {
233 u32 dur = dep->duration;
234 dep->duration = dur - roc->duration;
235 roc->duration = dur;
236 list_move(&dep->list, &roc->list);
237 }
238 }
239 out_unlock:
240 mutex_unlock(&local->mtx);
241}
242
243void ieee80211_ready_on_channel(struct ieee80211_hw *hw)
244{
245 struct ieee80211_local *local = hw_to_local(hw);
246
247 local->hw_roc_start_time = jiffies;
248
249 trace_api_ready_on_channel(local);
250
251 ieee80211_queue_work(hw, &local->hw_roc_start);
252}
253EXPORT_SYMBOL_GPL(ieee80211_ready_on_channel);
254
255void ieee80211_start_next_roc(struct ieee80211_local *local)
256{
257 struct ieee80211_roc_work *roc;
258
259 lockdep_assert_held(&local->mtx);
260
261 if (list_empty(&local->roc_list)) {
262 ieee80211_run_deferred_scan(local);
263 return;
264 }
265
266 roc = list_first_entry(&local->roc_list, struct ieee80211_roc_work,
267 list);
268
269 if (WARN_ON_ONCE(roc->started))
270 return;
271
272 if (local->ops->remain_on_channel) {
273 int ret, duration = roc->duration;
274
275 /* XXX: duplicated, see ieee80211_start_roc_work() */
276 if (!duration)
277 duration = 10;
278
279 ret = drv_remain_on_channel(local, roc->sdata, roc->chan,
280 duration, roc->type);
281
282 roc->started = true;
283
284 if (ret) {
285 wiphy_warn(local->hw.wiphy,
286 "failed to start next HW ROC (%d)\n", ret);
287 /*
288 * queue the work struct again to avoid recursion
289 * when multiple failures occur
290 */
291 ieee80211_remain_on_channel_expired(&local->hw);
292 }
293 } else {
294 /* delay it a bit */
295 ieee80211_queue_delayed_work(&local->hw, &roc->work,
296 round_jiffies_relative(HZ/2));
297 }
298}
299
300void ieee80211_roc_notify_destroy(struct ieee80211_roc_work *roc, bool free)
301{
302 struct ieee80211_roc_work *dep, *tmp;
303
304 if (WARN_ON(roc->to_be_freed))
305 return;
306
307 /* was never transmitted */
308 if (roc->frame) {
309 cfg80211_mgmt_tx_status(&roc->sdata->wdev,
310 (unsigned long)roc->frame,
311 roc->frame->data, roc->frame->len,
312 false, GFP_KERNEL);
313 kfree_skb(roc->frame);
314 }
315
316 if (!roc->mgmt_tx_cookie)
317 cfg80211_remain_on_channel_expired(&roc->sdata->wdev,
318 roc->cookie, roc->chan,
319 GFP_KERNEL);
320
321 list_for_each_entry_safe(dep, tmp, &roc->dependents, list)
322 ieee80211_roc_notify_destroy(dep, true);
323
324 if (free)
325 kfree(roc);
326 else
327 roc->to_be_freed = true;
328}
329
330void ieee80211_sw_roc_work(struct work_struct *work)
331{
332 struct ieee80211_roc_work *roc =
333 container_of(work, struct ieee80211_roc_work, work.work);
334 struct ieee80211_sub_if_data *sdata = roc->sdata;
335 struct ieee80211_local *local = sdata->local;
336 bool started, on_channel;
337
338 mutex_lock(&local->mtx);
339
340 if (roc->to_be_freed)
341 goto out_unlock;
342
343 if (roc->abort)
344 goto finish;
345
346 if (WARN_ON(list_empty(&local->roc_list)))
347 goto out_unlock;
348
349 if (WARN_ON(roc != list_first_entry(&local->roc_list,
350 struct ieee80211_roc_work,
351 list)))
352 goto out_unlock;
353
354 if (!roc->started) {
355 struct ieee80211_roc_work *dep;
356
357 WARN_ON(local->use_chanctx);
358
359 /* If actually operating on the desired channel (with at least
360 * 20 MHz channel width) don't stop all the operations but still
361 * treat it as though the ROC operation started properly, so
362 * other ROC operations won't interfere with this one.
363 */
364 roc->on_channel = roc->chan == local->_oper_chandef.chan &&
365 local->_oper_chandef.width != NL80211_CHAN_WIDTH_5 &&
366 local->_oper_chandef.width != NL80211_CHAN_WIDTH_10;
367
368 /* start this ROC */
369 ieee80211_recalc_idle(local);
370
371 if (!roc->on_channel) {
372 ieee80211_offchannel_stop_vifs(local);
373
374 local->tmp_channel = roc->chan;
375 ieee80211_hw_config(local, 0);
376 }
377
378 /* tell userspace or send frame */
379 ieee80211_handle_roc_started(roc);
380 list_for_each_entry(dep, &roc->dependents, list)
381 ieee80211_handle_roc_started(dep);
382
383 /* if it was pure TX, just finish right away */
384 if (!roc->duration)
385 goto finish;
386
387 roc->started = true;
388 ieee80211_queue_delayed_work(&local->hw, &roc->work,
389 msecs_to_jiffies(roc->duration));
390 } else {
391 /* finish this ROC */
392 finish:
393 list_del(&roc->list);
394 started = roc->started;
395 on_channel = roc->on_channel;
396 ieee80211_roc_notify_destroy(roc, !roc->abort);
397
398 if (started && !on_channel) {
399 ieee80211_flush_queues(local, NULL);
400
401 local->tmp_channel = NULL;
402 ieee80211_hw_config(local, 0);
403
404 ieee80211_offchannel_return(local);
405 }
406
407 ieee80211_recalc_idle(local);
408
409 if (started)
410 ieee80211_start_next_roc(local);
411 else if (list_empty(&local->roc_list))
412 ieee80211_run_deferred_scan(local);
413 }
414
415 out_unlock:
416 mutex_unlock(&local->mtx);
417}
418
419static void ieee80211_hw_roc_done(struct work_struct *work)
420{
421 struct ieee80211_local *local =
422 container_of(work, struct ieee80211_local, hw_roc_done);
423 struct ieee80211_roc_work *roc;
424
425 mutex_lock(&local->mtx);
426
427 if (list_empty(&local->roc_list))
428 goto out_unlock;
429
430 roc = list_first_entry(&local->roc_list, struct ieee80211_roc_work,
431 list);
432
433 if (!roc->started)
434 goto out_unlock;
435
436 list_del(&roc->list);
437
438 ieee80211_roc_notify_destroy(roc, true);
439
440 /* if there's another roc, start it now */
441 ieee80211_start_next_roc(local);
442
443 out_unlock:
444 mutex_unlock(&local->mtx);
445}
446
447void ieee80211_remain_on_channel_expired(struct ieee80211_hw *hw)
448{
449 struct ieee80211_local *local = hw_to_local(hw);
450
451 trace_api_remain_on_channel_expired(local);
452
453 ieee80211_queue_work(hw, &local->hw_roc_done);
454}
455EXPORT_SYMBOL_GPL(ieee80211_remain_on_channel_expired);
456
457void ieee80211_roc_setup(struct ieee80211_local *local)
458{
459 INIT_WORK(&local->hw_roc_start, ieee80211_hw_roc_start);
460 INIT_WORK(&local->hw_roc_done, ieee80211_hw_roc_done);
461 INIT_LIST_HEAD(&local->roc_list);
462}
463
464void ieee80211_roc_purge(struct ieee80211_local *local,
465 struct ieee80211_sub_if_data *sdata)
466{
467 struct ieee80211_roc_work *roc, *tmp;
468 LIST_HEAD(tmp_list);
469
470 mutex_lock(&local->mtx);
471 list_for_each_entry_safe(roc, tmp, &local->roc_list, list) {
472 if (sdata && roc->sdata != sdata)
473 continue;
474
475 if (roc->started && local->ops->remain_on_channel) {
476 /* can race, so ignore return value */
477 drv_cancel_remain_on_channel(local);
478 }
479
480 list_move_tail(&roc->list, &tmp_list);
481 roc->abort = true;
482 }
483 mutex_unlock(&local->mtx);
484
485 list_for_each_entry_safe(roc, tmp, &tmp_list, list) {
486 if (local->ops->remain_on_channel) {
487 list_del(&roc->list);
488 ieee80211_roc_notify_destroy(roc, true);
489 } else {
490 ieee80211_queue_delayed_work(&local->hw, &roc->work, 0);
491
492 /* work will clean up etc */
493 flush_delayed_work(&roc->work);
494 WARN_ON(!roc->to_be_freed);
495 kfree(roc);
496 }
497 }
498
499 WARN_ON_ONCE(!list_empty(&tmp_list));
500}
1/*
2 * Off-channel operation helpers
3 *
4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2004, Instant802 Networks, Inc.
6 * Copyright 2005, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
14 */
15#include <linux/export.h>
16#include <net/mac80211.h>
17#include "ieee80211_i.h"
18#include "driver-ops.h"
19
20/*
21 * Tell our hardware to disable PS.
22 * Optionally inform AP that we will go to sleep so that it will buffer
23 * the frames while we are doing off-channel work. This is optional
24 * because we *may* be doing work on-operating channel, and want our
25 * hardware unconditionally awake, but still let the AP send us normal frames.
26 */
27static void ieee80211_offchannel_ps_enable(struct ieee80211_sub_if_data *sdata)
28{
29 struct ieee80211_local *local = sdata->local;
30 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
31
32 local->offchannel_ps_enabled = false;
33
34 /* FIXME: what to do when local->pspolling is true? */
35
36 del_timer_sync(&local->dynamic_ps_timer);
37 del_timer_sync(&ifmgd->bcn_mon_timer);
38 del_timer_sync(&ifmgd->conn_mon_timer);
39
40 cancel_work_sync(&local->dynamic_ps_enable_work);
41
42 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
43 local->offchannel_ps_enabled = true;
44 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
45 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
46 }
47
48 if (!local->offchannel_ps_enabled ||
49 !ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK))
50 /*
51 * If power save was enabled, no need to send a nullfunc
52 * frame because AP knows that we are sleeping. But if the
53 * hardware is creating the nullfunc frame for power save
54 * status (ie. IEEE80211_HW_PS_NULLFUNC_STACK is not
55 * enabled) and power save was enabled, the firmware just
56 * sent a null frame with power save disabled. So we need
57 * to send a new nullfunc frame to inform the AP that we
58 * are again sleeping.
59 */
60 ieee80211_send_nullfunc(local, sdata, true);
61}
62
63/* inform AP that we are awake again, unless power save is enabled */
64static void ieee80211_offchannel_ps_disable(struct ieee80211_sub_if_data *sdata)
65{
66 struct ieee80211_local *local = sdata->local;
67
68 if (!local->ps_sdata)
69 ieee80211_send_nullfunc(local, sdata, false);
70 else if (local->offchannel_ps_enabled) {
71 /*
72 * In !IEEE80211_HW_PS_NULLFUNC_STACK case the hardware
73 * will send a nullfunc frame with the powersave bit set
74 * even though the AP already knows that we are sleeping.
75 * This could be avoided by sending a null frame with power
76 * save bit disabled before enabling the power save, but
77 * this doesn't gain anything.
78 *
79 * When IEEE80211_HW_PS_NULLFUNC_STACK is enabled, no need
80 * to send a nullfunc frame because AP already knows that
81 * we are sleeping, let's just enable power save mode in
82 * hardware.
83 */
84 /* TODO: Only set hardware if CONF_PS changed?
85 * TODO: Should we set offchannel_ps_enabled to false?
86 */
87 local->hw.conf.flags |= IEEE80211_CONF_PS;
88 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
89 } else if (local->hw.conf.dynamic_ps_timeout > 0) {
90 /*
91 * If IEEE80211_CONF_PS was not set and the dynamic_ps_timer
92 * had been running before leaving the operating channel,
93 * restart the timer now and send a nullfunc frame to inform
94 * the AP that we are awake.
95 */
96 ieee80211_send_nullfunc(local, sdata, false);
97 mod_timer(&local->dynamic_ps_timer, jiffies +
98 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
99 }
100
101 ieee80211_sta_reset_beacon_monitor(sdata);
102 ieee80211_sta_reset_conn_monitor(sdata);
103}
104
105void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local)
106{
107 struct ieee80211_sub_if_data *sdata;
108
109 if (WARN_ON(local->use_chanctx))
110 return;
111
112 /*
113 * notify the AP about us leaving the channel and stop all
114 * STA interfaces.
115 */
116
117 /*
118 * Stop queues and transmit all frames queued by the driver
119 * before sending nullfunc to enable powersave at the AP.
120 */
121 ieee80211_stop_queues_by_reason(&local->hw, IEEE80211_MAX_QUEUE_MAP,
122 IEEE80211_QUEUE_STOP_REASON_OFFCHANNEL,
123 false);
124 ieee80211_flush_queues(local, NULL, false);
125
126 mutex_lock(&local->iflist_mtx);
127 list_for_each_entry(sdata, &local->interfaces, list) {
128 if (!ieee80211_sdata_running(sdata))
129 continue;
130
131 if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
132 continue;
133
134 if (sdata->vif.type != NL80211_IFTYPE_MONITOR)
135 set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state);
136
137 /* Check to see if we should disable beaconing. */
138 if (sdata->vif.bss_conf.enable_beacon) {
139 set_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED,
140 &sdata->state);
141 sdata->vif.bss_conf.enable_beacon = false;
142 ieee80211_bss_info_change_notify(
143 sdata, BSS_CHANGED_BEACON_ENABLED);
144 }
145
146 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
147 sdata->u.mgd.associated)
148 ieee80211_offchannel_ps_enable(sdata);
149 }
150 mutex_unlock(&local->iflist_mtx);
151}
152
153void ieee80211_offchannel_return(struct ieee80211_local *local)
154{
155 struct ieee80211_sub_if_data *sdata;
156
157 if (WARN_ON(local->use_chanctx))
158 return;
159
160 mutex_lock(&local->iflist_mtx);
161 list_for_each_entry(sdata, &local->interfaces, list) {
162 if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
163 continue;
164
165 if (sdata->vif.type != NL80211_IFTYPE_MONITOR)
166 clear_bit(SDATA_STATE_OFFCHANNEL, &sdata->state);
167
168 if (!ieee80211_sdata_running(sdata))
169 continue;
170
171 /* Tell AP we're back */
172 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
173 sdata->u.mgd.associated)
174 ieee80211_offchannel_ps_disable(sdata);
175
176 if (test_and_clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED,
177 &sdata->state)) {
178 sdata->vif.bss_conf.enable_beacon = true;
179 ieee80211_bss_info_change_notify(
180 sdata, BSS_CHANGED_BEACON_ENABLED);
181 }
182 }
183 mutex_unlock(&local->iflist_mtx);
184
185 ieee80211_wake_queues_by_reason(&local->hw, IEEE80211_MAX_QUEUE_MAP,
186 IEEE80211_QUEUE_STOP_REASON_OFFCHANNEL,
187 false);
188}
189
190static void ieee80211_roc_notify_destroy(struct ieee80211_roc_work *roc)
191{
192 /* was never transmitted */
193 if (roc->frame) {
194 cfg80211_mgmt_tx_status(&roc->sdata->wdev, roc->mgmt_tx_cookie,
195 roc->frame->data, roc->frame->len,
196 false, GFP_KERNEL);
197 ieee80211_free_txskb(&roc->sdata->local->hw, roc->frame);
198 }
199
200 if (!roc->mgmt_tx_cookie)
201 cfg80211_remain_on_channel_expired(&roc->sdata->wdev,
202 roc->cookie, roc->chan,
203 GFP_KERNEL);
204
205 list_del(&roc->list);
206 kfree(roc);
207}
208
209static unsigned long ieee80211_end_finished_rocs(struct ieee80211_local *local,
210 unsigned long now)
211{
212 struct ieee80211_roc_work *roc, *tmp;
213 long remaining_dur_min = LONG_MAX;
214
215 lockdep_assert_held(&local->mtx);
216
217 list_for_each_entry_safe(roc, tmp, &local->roc_list, list) {
218 long remaining;
219
220 if (!roc->started)
221 break;
222
223 remaining = roc->start_time +
224 msecs_to_jiffies(roc->duration) -
225 now;
226
227 /* In case of HW ROC, it is possible that the HW finished the
228 * ROC session before the actual requested time. In such a case
229 * end the ROC session (disregarding the remaining time).
230 */
231 if (roc->abort || roc->hw_begun || remaining <= 0)
232 ieee80211_roc_notify_destroy(roc);
233 else
234 remaining_dur_min = min(remaining_dur_min, remaining);
235 }
236
237 return remaining_dur_min;
238}
239
240static bool ieee80211_recalc_sw_work(struct ieee80211_local *local,
241 unsigned long now)
242{
243 long dur = ieee80211_end_finished_rocs(local, now);
244
245 if (dur == LONG_MAX)
246 return false;
247
248 mod_delayed_work(local->workqueue, &local->roc_work, dur);
249 return true;
250}
251
252static void ieee80211_handle_roc_started(struct ieee80211_roc_work *roc,
253 unsigned long start_time)
254{
255 if (WARN_ON(roc->notified))
256 return;
257
258 roc->start_time = start_time;
259 roc->started = true;
260
261 if (roc->mgmt_tx_cookie) {
262 if (!WARN_ON(!roc->frame)) {
263 ieee80211_tx_skb_tid_band(roc->sdata, roc->frame, 7,
264 roc->chan->band);
265 roc->frame = NULL;
266 }
267 } else {
268 cfg80211_ready_on_channel(&roc->sdata->wdev, roc->cookie,
269 roc->chan, roc->req_duration,
270 GFP_KERNEL);
271 }
272
273 roc->notified = true;
274}
275
276static void ieee80211_hw_roc_start(struct work_struct *work)
277{
278 struct ieee80211_local *local =
279 container_of(work, struct ieee80211_local, hw_roc_start);
280 struct ieee80211_roc_work *roc;
281
282 mutex_lock(&local->mtx);
283
284 list_for_each_entry(roc, &local->roc_list, list) {
285 if (!roc->started)
286 break;
287
288 roc->hw_begun = true;
289 ieee80211_handle_roc_started(roc, local->hw_roc_start_time);
290 }
291
292 mutex_unlock(&local->mtx);
293}
294
295void ieee80211_ready_on_channel(struct ieee80211_hw *hw)
296{
297 struct ieee80211_local *local = hw_to_local(hw);
298
299 local->hw_roc_start_time = jiffies;
300
301 trace_api_ready_on_channel(local);
302
303 ieee80211_queue_work(hw, &local->hw_roc_start);
304}
305EXPORT_SYMBOL_GPL(ieee80211_ready_on_channel);
306
307static void _ieee80211_start_next_roc(struct ieee80211_local *local)
308{
309 struct ieee80211_roc_work *roc, *tmp;
310 enum ieee80211_roc_type type;
311 u32 min_dur, max_dur;
312
313 lockdep_assert_held(&local->mtx);
314
315 if (WARN_ON(list_empty(&local->roc_list)))
316 return;
317
318 roc = list_first_entry(&local->roc_list, struct ieee80211_roc_work,
319 list);
320
321 if (WARN_ON(roc->started))
322 return;
323
324 min_dur = roc->duration;
325 max_dur = roc->duration;
326 type = roc->type;
327
328 list_for_each_entry(tmp, &local->roc_list, list) {
329 if (tmp == roc)
330 continue;
331 if (tmp->sdata != roc->sdata || tmp->chan != roc->chan)
332 break;
333 max_dur = max(tmp->duration, max_dur);
334 min_dur = min(tmp->duration, min_dur);
335 type = max(tmp->type, type);
336 }
337
338 if (local->ops->remain_on_channel) {
339 int ret = drv_remain_on_channel(local, roc->sdata, roc->chan,
340 max_dur, type);
341
342 if (ret) {
343 wiphy_warn(local->hw.wiphy,
344 "failed to start next HW ROC (%d)\n", ret);
345 /*
346 * queue the work struct again to avoid recursion
347 * when multiple failures occur
348 */
349 list_for_each_entry(tmp, &local->roc_list, list) {
350 if (tmp->sdata != roc->sdata ||
351 tmp->chan != roc->chan)
352 break;
353 tmp->started = true;
354 tmp->abort = true;
355 }
356 ieee80211_queue_work(&local->hw, &local->hw_roc_done);
357 return;
358 }
359
360 /* we'll notify about the start once the HW calls back */
361 list_for_each_entry(tmp, &local->roc_list, list) {
362 if (tmp->sdata != roc->sdata || tmp->chan != roc->chan)
363 break;
364 tmp->started = true;
365 }
366 } else {
367 /* If actually operating on the desired channel (with at least
368 * 20 MHz channel width) don't stop all the operations but still
369 * treat it as though the ROC operation started properly, so
370 * other ROC operations won't interfere with this one.
371 */
372 roc->on_channel = roc->chan == local->_oper_chandef.chan &&
373 local->_oper_chandef.width != NL80211_CHAN_WIDTH_5 &&
374 local->_oper_chandef.width != NL80211_CHAN_WIDTH_10;
375
376 /* start this ROC */
377 ieee80211_recalc_idle(local);
378
379 if (!roc->on_channel) {
380 ieee80211_offchannel_stop_vifs(local);
381
382 local->tmp_channel = roc->chan;
383 ieee80211_hw_config(local, 0);
384 }
385
386 ieee80211_queue_delayed_work(&local->hw, &local->roc_work,
387 msecs_to_jiffies(min_dur));
388
389 /* tell userspace or send frame(s) */
390 list_for_each_entry(tmp, &local->roc_list, list) {
391 if (tmp->sdata != roc->sdata || tmp->chan != roc->chan)
392 break;
393
394 tmp->on_channel = roc->on_channel;
395 ieee80211_handle_roc_started(tmp, jiffies);
396 }
397 }
398}
399
400void ieee80211_start_next_roc(struct ieee80211_local *local)
401{
402 struct ieee80211_roc_work *roc;
403
404 lockdep_assert_held(&local->mtx);
405
406 if (list_empty(&local->roc_list)) {
407 ieee80211_run_deferred_scan(local);
408 return;
409 }
410
411 /* defer roc if driver is not started (i.e. during reconfig) */
412 if (local->in_reconfig)
413 return;
414
415 roc = list_first_entry(&local->roc_list, struct ieee80211_roc_work,
416 list);
417
418 if (WARN_ON_ONCE(roc->started))
419 return;
420
421 if (local->ops->remain_on_channel) {
422 _ieee80211_start_next_roc(local);
423 } else {
424 /* delay it a bit */
425 ieee80211_queue_delayed_work(&local->hw, &local->roc_work,
426 round_jiffies_relative(HZ/2));
427 }
428}
429
430static void __ieee80211_roc_work(struct ieee80211_local *local)
431{
432 struct ieee80211_roc_work *roc;
433 bool on_channel;
434
435 lockdep_assert_held(&local->mtx);
436
437 if (WARN_ON(local->ops->remain_on_channel))
438 return;
439
440 roc = list_first_entry_or_null(&local->roc_list,
441 struct ieee80211_roc_work, list);
442 if (!roc)
443 return;
444
445 if (!roc->started) {
446 WARN_ON(local->use_chanctx);
447 _ieee80211_start_next_roc(local);
448 } else {
449 on_channel = roc->on_channel;
450 if (ieee80211_recalc_sw_work(local, jiffies))
451 return;
452
453 /* careful - roc pointer became invalid during recalc */
454
455 if (!on_channel) {
456 ieee80211_flush_queues(local, NULL, false);
457
458 local->tmp_channel = NULL;
459 ieee80211_hw_config(local, 0);
460
461 ieee80211_offchannel_return(local);
462 }
463
464 ieee80211_recalc_idle(local);
465 ieee80211_start_next_roc(local);
466 }
467}
468
469static void ieee80211_roc_work(struct work_struct *work)
470{
471 struct ieee80211_local *local =
472 container_of(work, struct ieee80211_local, roc_work.work);
473
474 mutex_lock(&local->mtx);
475 __ieee80211_roc_work(local);
476 mutex_unlock(&local->mtx);
477}
478
479static void ieee80211_hw_roc_done(struct work_struct *work)
480{
481 struct ieee80211_local *local =
482 container_of(work, struct ieee80211_local, hw_roc_done);
483
484 mutex_lock(&local->mtx);
485
486 ieee80211_end_finished_rocs(local, jiffies);
487
488 /* if there's another roc, start it now */
489 ieee80211_start_next_roc(local);
490
491 mutex_unlock(&local->mtx);
492}
493
494void ieee80211_remain_on_channel_expired(struct ieee80211_hw *hw)
495{
496 struct ieee80211_local *local = hw_to_local(hw);
497
498 trace_api_remain_on_channel_expired(local);
499
500 ieee80211_queue_work(hw, &local->hw_roc_done);
501}
502EXPORT_SYMBOL_GPL(ieee80211_remain_on_channel_expired);
503
504static bool
505ieee80211_coalesce_hw_started_roc(struct ieee80211_local *local,
506 struct ieee80211_roc_work *new_roc,
507 struct ieee80211_roc_work *cur_roc)
508{
509 unsigned long now = jiffies;
510 unsigned long remaining;
511
512 if (WARN_ON(!cur_roc->started))
513 return false;
514
515 /* if it was scheduled in the hardware, but not started yet,
516 * we can only combine if the older one had a longer duration
517 */
518 if (!cur_roc->hw_begun && new_roc->duration > cur_roc->duration)
519 return false;
520
521 remaining = cur_roc->start_time +
522 msecs_to_jiffies(cur_roc->duration) -
523 now;
524
525 /* if it doesn't fit entirely, schedule a new one */
526 if (new_roc->duration > jiffies_to_msecs(remaining))
527 return false;
528
529 /* add just after the current one so we combine their finish later */
530 list_add(&new_roc->list, &cur_roc->list);
531
532 /* if the existing one has already begun then let this one also
533 * begin, otherwise they'll both be marked properly by the work
534 * struct that runs once the driver notifies us of the beginning
535 */
536 if (cur_roc->hw_begun) {
537 new_roc->hw_begun = true;
538 ieee80211_handle_roc_started(new_roc, now);
539 }
540
541 return true;
542}
543
544static int ieee80211_start_roc_work(struct ieee80211_local *local,
545 struct ieee80211_sub_if_data *sdata,
546 struct ieee80211_channel *channel,
547 unsigned int duration, u64 *cookie,
548 struct sk_buff *txskb,
549 enum ieee80211_roc_type type)
550{
551 struct ieee80211_roc_work *roc, *tmp;
552 bool queued = false, combine_started = true;
553 int ret;
554
555 lockdep_assert_held(&local->mtx);
556
557 if (local->use_chanctx && !local->ops->remain_on_channel)
558 return -EOPNOTSUPP;
559
560 roc = kzalloc(sizeof(*roc), GFP_KERNEL);
561 if (!roc)
562 return -ENOMEM;
563
564 /*
565 * If the duration is zero, then the driver
566 * wouldn't actually do anything. Set it to
567 * 10 for now.
568 *
569 * TODO: cancel the off-channel operation
570 * when we get the SKB's TX status and
571 * the wait time was zero before.
572 */
573 if (!duration)
574 duration = 10;
575
576 roc->chan = channel;
577 roc->duration = duration;
578 roc->req_duration = duration;
579 roc->frame = txskb;
580 roc->type = type;
581 roc->sdata = sdata;
582
583 /*
584 * cookie is either the roc cookie (for normal roc)
585 * or the SKB (for mgmt TX)
586 */
587 if (!txskb) {
588 roc->cookie = ieee80211_mgmt_tx_cookie(local);
589 *cookie = roc->cookie;
590 } else {
591 roc->mgmt_tx_cookie = *cookie;
592 }
593
594 /* if there's no need to queue, handle it immediately */
595 if (list_empty(&local->roc_list) &&
596 !local->scanning && !ieee80211_is_radar_required(local)) {
597 /* if not HW assist, just queue & schedule work */
598 if (!local->ops->remain_on_channel) {
599 list_add_tail(&roc->list, &local->roc_list);
600 ieee80211_queue_delayed_work(&local->hw,
601 &local->roc_work, 0);
602 } else {
603 /* otherwise actually kick it off here
604 * (for error handling)
605 */
606 ret = drv_remain_on_channel(local, sdata, channel,
607 duration, type);
608 if (ret) {
609 kfree(roc);
610 return ret;
611 }
612 roc->started = true;
613 list_add_tail(&roc->list, &local->roc_list);
614 }
615
616 return 0;
617 }
618
619 /* otherwise handle queueing */
620
621 list_for_each_entry(tmp, &local->roc_list, list) {
622 if (tmp->chan != channel || tmp->sdata != sdata)
623 continue;
624
625 /*
626 * Extend this ROC if possible: If it hasn't started, add
627 * just after the new one to combine.
628 */
629 if (!tmp->started) {
630 list_add(&roc->list, &tmp->list);
631 queued = true;
632 break;
633 }
634
635 if (!combine_started)
636 continue;
637
638 if (!local->ops->remain_on_channel) {
639 /* If there's no hardware remain-on-channel, and
640 * doing so won't push us over the maximum r-o-c
641 * we allow, then we can just add the new one to
642 * the list and mark it as having started now.
643 * If it would push over the limit, don't try to
644 * combine with other started ones (that haven't
645 * been running as long) but potentially sort it
646 * with others that had the same fate.
647 */
648 unsigned long now = jiffies;
649 u32 elapsed = jiffies_to_msecs(now - tmp->start_time);
650 struct wiphy *wiphy = local->hw.wiphy;
651 u32 max_roc = wiphy->max_remain_on_channel_duration;
652
653 if (elapsed + roc->duration > max_roc) {
654 combine_started = false;
655 continue;
656 }
657
658 list_add(&roc->list, &tmp->list);
659 queued = true;
660 roc->on_channel = tmp->on_channel;
661 ieee80211_handle_roc_started(roc, now);
662 ieee80211_recalc_sw_work(local, now);
663 break;
664 }
665
666 queued = ieee80211_coalesce_hw_started_roc(local, roc, tmp);
667 if (queued)
668 break;
669 /* if it wasn't queued, perhaps it can be combined with
670 * another that also couldn't get combined previously,
671 * but no need to check for already started ones, since
672 * that can't work.
673 */
674 combine_started = false;
675 }
676
677 if (!queued)
678 list_add_tail(&roc->list, &local->roc_list);
679
680 return 0;
681}
682
683int ieee80211_remain_on_channel(struct wiphy *wiphy, struct wireless_dev *wdev,
684 struct ieee80211_channel *chan,
685 unsigned int duration, u64 *cookie)
686{
687 struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
688 struct ieee80211_local *local = sdata->local;
689 int ret;
690
691 mutex_lock(&local->mtx);
692 ret = ieee80211_start_roc_work(local, sdata, chan,
693 duration, cookie, NULL,
694 IEEE80211_ROC_TYPE_NORMAL);
695 mutex_unlock(&local->mtx);
696
697 return ret;
698}
699
700static int ieee80211_cancel_roc(struct ieee80211_local *local,
701 u64 cookie, bool mgmt_tx)
702{
703 struct ieee80211_roc_work *roc, *tmp, *found = NULL;
704 int ret;
705
706 if (!cookie)
707 return -ENOENT;
708
709 mutex_lock(&local->mtx);
710 list_for_each_entry_safe(roc, tmp, &local->roc_list, list) {
711 if (!mgmt_tx && roc->cookie != cookie)
712 continue;
713 else if (mgmt_tx && roc->mgmt_tx_cookie != cookie)
714 continue;
715
716 found = roc;
717 break;
718 }
719
720 if (!found) {
721 mutex_unlock(&local->mtx);
722 return -ENOENT;
723 }
724
725 if (!found->started) {
726 ieee80211_roc_notify_destroy(found);
727 goto out_unlock;
728 }
729
730 if (local->ops->remain_on_channel) {
731 ret = drv_cancel_remain_on_channel(local);
732 if (WARN_ON_ONCE(ret)) {
733 mutex_unlock(&local->mtx);
734 return ret;
735 }
736
737 /* TODO:
738 * if multiple items were combined here then we really shouldn't
739 * cancel them all - we should wait for as much time as needed
740 * for the longest remaining one, and only then cancel ...
741 */
742 list_for_each_entry_safe(roc, tmp, &local->roc_list, list) {
743 if (!roc->started)
744 break;
745 if (roc == found)
746 found = NULL;
747 ieee80211_roc_notify_destroy(roc);
748 }
749
750 /* that really must not happen - it was started */
751 WARN_ON(found);
752
753 ieee80211_start_next_roc(local);
754 } else {
755 /* go through work struct to return to the operating channel */
756 found->abort = true;
757 mod_delayed_work(local->workqueue, &local->roc_work, 0);
758 }
759
760 out_unlock:
761 mutex_unlock(&local->mtx);
762
763 return 0;
764}
765
766int ieee80211_cancel_remain_on_channel(struct wiphy *wiphy,
767 struct wireless_dev *wdev, u64 cookie)
768{
769 struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
770 struct ieee80211_local *local = sdata->local;
771
772 return ieee80211_cancel_roc(local, cookie, false);
773}
774
775int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
776 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
777{
778 struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
779 struct ieee80211_local *local = sdata->local;
780 struct sk_buff *skb;
781 struct sta_info *sta;
782 const struct ieee80211_mgmt *mgmt = (void *)params->buf;
783 bool need_offchan = false;
784 u32 flags;
785 int ret;
786 u8 *data;
787
788 if (params->dont_wait_for_ack)
789 flags = IEEE80211_TX_CTL_NO_ACK;
790 else
791 flags = IEEE80211_TX_INTFL_NL80211_FRAME_TX |
792 IEEE80211_TX_CTL_REQ_TX_STATUS;
793
794 if (params->no_cck)
795 flags |= IEEE80211_TX_CTL_NO_CCK_RATE;
796
797 switch (sdata->vif.type) {
798 case NL80211_IFTYPE_ADHOC:
799 if (!sdata->vif.bss_conf.ibss_joined)
800 need_offchan = true;
801 /* fall through */
802#ifdef CONFIG_MAC80211_MESH
803 case NL80211_IFTYPE_MESH_POINT:
804 if (ieee80211_vif_is_mesh(&sdata->vif) &&
805 !sdata->u.mesh.mesh_id_len)
806 need_offchan = true;
807 /* fall through */
808#endif
809 case NL80211_IFTYPE_AP:
810 case NL80211_IFTYPE_AP_VLAN:
811 case NL80211_IFTYPE_P2P_GO:
812 if (sdata->vif.type != NL80211_IFTYPE_ADHOC &&
813 !ieee80211_vif_is_mesh(&sdata->vif) &&
814 !rcu_access_pointer(sdata->bss->beacon))
815 need_offchan = true;
816 if (!ieee80211_is_action(mgmt->frame_control) ||
817 mgmt->u.action.category == WLAN_CATEGORY_PUBLIC ||
818 mgmt->u.action.category == WLAN_CATEGORY_SELF_PROTECTED ||
819 mgmt->u.action.category == WLAN_CATEGORY_SPECTRUM_MGMT)
820 break;
821 rcu_read_lock();
822 sta = sta_info_get(sdata, mgmt->da);
823 rcu_read_unlock();
824 if (!sta)
825 return -ENOLINK;
826 break;
827 case NL80211_IFTYPE_STATION:
828 case NL80211_IFTYPE_P2P_CLIENT:
829 sdata_lock(sdata);
830 if (!sdata->u.mgd.associated ||
831 (params->offchan && params->wait &&
832 local->ops->remain_on_channel &&
833 memcmp(sdata->u.mgd.associated->bssid,
834 mgmt->bssid, ETH_ALEN)))
835 need_offchan = true;
836 sdata_unlock(sdata);
837 break;
838 case NL80211_IFTYPE_P2P_DEVICE:
839 need_offchan = true;
840 break;
841 default:
842 return -EOPNOTSUPP;
843 }
844
845 /* configurations requiring offchan cannot work if no channel has been
846 * specified
847 */
848 if (need_offchan && !params->chan)
849 return -EINVAL;
850
851 mutex_lock(&local->mtx);
852
853 /* Check if the operating channel is the requested channel */
854 if (!need_offchan) {
855 struct ieee80211_chanctx_conf *chanctx_conf;
856
857 rcu_read_lock();
858 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
859
860 if (chanctx_conf) {
861 need_offchan = params->chan &&
862 (params->chan !=
863 chanctx_conf->def.chan);
864 } else if (!params->chan) {
865 ret = -EINVAL;
866 rcu_read_unlock();
867 goto out_unlock;
868 } else {
869 need_offchan = true;
870 }
871 rcu_read_unlock();
872 }
873
874 if (need_offchan && !params->offchan) {
875 ret = -EBUSY;
876 goto out_unlock;
877 }
878
879 skb = dev_alloc_skb(local->hw.extra_tx_headroom + params->len);
880 if (!skb) {
881 ret = -ENOMEM;
882 goto out_unlock;
883 }
884 skb_reserve(skb, local->hw.extra_tx_headroom);
885
886 data = skb_put(skb, params->len);
887 memcpy(data, params->buf, params->len);
888
889 /* Update CSA counters */
890 if (sdata->vif.csa_active &&
891 (sdata->vif.type == NL80211_IFTYPE_AP ||
892 sdata->vif.type == NL80211_IFTYPE_MESH_POINT ||
893 sdata->vif.type == NL80211_IFTYPE_ADHOC) &&
894 params->n_csa_offsets) {
895 int i;
896 struct beacon_data *beacon = NULL;
897
898 rcu_read_lock();
899
900 if (sdata->vif.type == NL80211_IFTYPE_AP)
901 beacon = rcu_dereference(sdata->u.ap.beacon);
902 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
903 beacon = rcu_dereference(sdata->u.ibss.presp);
904 else if (ieee80211_vif_is_mesh(&sdata->vif))
905 beacon = rcu_dereference(sdata->u.mesh.beacon);
906
907 if (beacon)
908 for (i = 0; i < params->n_csa_offsets; i++)
909 data[params->csa_offsets[i]] =
910 beacon->csa_current_counter;
911
912 rcu_read_unlock();
913 }
914
915 IEEE80211_SKB_CB(skb)->flags = flags;
916
917 skb->dev = sdata->dev;
918
919 if (!params->dont_wait_for_ack) {
920 /* make a copy to preserve the frame contents
921 * in case of encryption.
922 */
923 ret = ieee80211_attach_ack_skb(local, skb, cookie, GFP_KERNEL);
924 if (ret) {
925 kfree_skb(skb);
926 goto out_unlock;
927 }
928 } else {
929 /* Assign a dummy non-zero cookie, it's not sent to
930 * userspace in this case but we rely on its value
931 * internally in the need_offchan case to distinguish
932 * mgmt-tx from remain-on-channel.
933 */
934 *cookie = 0xffffffff;
935 }
936
937 if (!need_offchan) {
938 ieee80211_tx_skb(sdata, skb);
939 ret = 0;
940 goto out_unlock;
941 }
942
943 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_TX_OFFCHAN |
944 IEEE80211_TX_INTFL_OFFCHAN_TX_OK;
945 if (ieee80211_hw_check(&local->hw, QUEUE_CONTROL))
946 IEEE80211_SKB_CB(skb)->hw_queue =
947 local->hw.offchannel_tx_hw_queue;
948
949 /* This will handle all kinds of coalescing and immediate TX */
950 ret = ieee80211_start_roc_work(local, sdata, params->chan,
951 params->wait, cookie, skb,
952 IEEE80211_ROC_TYPE_MGMT_TX);
953 if (ret)
954 ieee80211_free_txskb(&local->hw, skb);
955 out_unlock:
956 mutex_unlock(&local->mtx);
957 return ret;
958}
959
960int ieee80211_mgmt_tx_cancel_wait(struct wiphy *wiphy,
961 struct wireless_dev *wdev, u64 cookie)
962{
963 struct ieee80211_local *local = wiphy_priv(wiphy);
964
965 return ieee80211_cancel_roc(local, cookie, true);
966}
967
968void ieee80211_roc_setup(struct ieee80211_local *local)
969{
970 INIT_WORK(&local->hw_roc_start, ieee80211_hw_roc_start);
971 INIT_WORK(&local->hw_roc_done, ieee80211_hw_roc_done);
972 INIT_DELAYED_WORK(&local->roc_work, ieee80211_roc_work);
973 INIT_LIST_HEAD(&local->roc_list);
974}
975
976void ieee80211_roc_purge(struct ieee80211_local *local,
977 struct ieee80211_sub_if_data *sdata)
978{
979 struct ieee80211_roc_work *roc, *tmp;
980 bool work_to_do = false;
981
982 mutex_lock(&local->mtx);
983 list_for_each_entry_safe(roc, tmp, &local->roc_list, list) {
984 if (sdata && roc->sdata != sdata)
985 continue;
986
987 if (roc->started) {
988 if (local->ops->remain_on_channel) {
989 /* can race, so ignore return value */
990 drv_cancel_remain_on_channel(local);
991 ieee80211_roc_notify_destroy(roc);
992 } else {
993 roc->abort = true;
994 work_to_do = true;
995 }
996 } else {
997 ieee80211_roc_notify_destroy(roc);
998 }
999 }
1000 if (work_to_do)
1001 __ieee80211_roc_work(local);
1002 mutex_unlock(&local->mtx);
1003}