Loading...
Note: File does not exist in v3.15.
1// SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2/*
3 * Copyright (C) 2012-2014, 2018-2022 Intel Corporation
4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH
5 * Copyright (C) 2016-2017 Intel Deutschland GmbH
6 */
7#include <linux/kernel.h>
8#include <linux/slab.h>
9#include <linux/skbuff.h>
10#include <linux/netdevice.h>
11#include <linux/etherdevice.h>
12#include <linux/ip.h>
13#include <linux/if_arp.h>
14#include <linux/time.h>
15#include <net/mac80211.h>
16#include <net/ieee80211_radiotap.h>
17#include <net/tcp.h>
18
19#include "iwl-drv.h"
20#include "iwl-op-mode.h"
21#include "iwl-io.h"
22#include "mvm.h"
23#include "sta.h"
24#include "time-event.h"
25#include "iwl-eeprom-parse.h"
26#include "iwl-phy-db.h"
27#include "testmode.h"
28#include "fw/error-dump.h"
29#include "iwl-prph.h"
30#include "iwl-nvm-parse.h"
31
32static const struct ieee80211_iface_limit iwl_mvm_limits[] = {
33 {
34 .max = 1,
35 .types = BIT(NL80211_IFTYPE_STATION),
36 },
37 {
38 .max = 1,
39 .types = BIT(NL80211_IFTYPE_AP) |
40 BIT(NL80211_IFTYPE_P2P_CLIENT) |
41 BIT(NL80211_IFTYPE_P2P_GO),
42 },
43 {
44 .max = 1,
45 .types = BIT(NL80211_IFTYPE_P2P_DEVICE),
46 },
47};
48
49static const struct ieee80211_iface_combination iwl_mvm_iface_combinations[] = {
50 {
51 .num_different_channels = 2,
52 .max_interfaces = 3,
53 .limits = iwl_mvm_limits,
54 .n_limits = ARRAY_SIZE(iwl_mvm_limits),
55 },
56};
57
58static const struct cfg80211_pmsr_capabilities iwl_mvm_pmsr_capa = {
59 .max_peers = IWL_MVM_TOF_MAX_APS,
60 .report_ap_tsf = 1,
61 .randomize_mac_addr = 1,
62
63 .ftm = {
64 .supported = 1,
65 .asap = 1,
66 .non_asap = 1,
67 .request_lci = 1,
68 .request_civicloc = 1,
69 .trigger_based = 1,
70 .non_trigger_based = 1,
71 .max_bursts_exponent = -1, /* all supported */
72 .max_ftms_per_burst = 0, /* no limits */
73 .bandwidths = BIT(NL80211_CHAN_WIDTH_20_NOHT) |
74 BIT(NL80211_CHAN_WIDTH_20) |
75 BIT(NL80211_CHAN_WIDTH_40) |
76 BIT(NL80211_CHAN_WIDTH_80) |
77 BIT(NL80211_CHAN_WIDTH_160),
78 .preambles = BIT(NL80211_PREAMBLE_LEGACY) |
79 BIT(NL80211_PREAMBLE_HT) |
80 BIT(NL80211_PREAMBLE_VHT) |
81 BIT(NL80211_PREAMBLE_HE),
82 },
83};
84
85static int __iwl_mvm_mac_set_key(struct ieee80211_hw *hw,
86 enum set_key_cmd cmd,
87 struct ieee80211_vif *vif,
88 struct ieee80211_sta *sta,
89 struct ieee80211_key_conf *key);
90
91static void iwl_mvm_reset_phy_ctxts(struct iwl_mvm *mvm)
92{
93 int i;
94
95 memset(mvm->phy_ctxts, 0, sizeof(mvm->phy_ctxts));
96 for (i = 0; i < NUM_PHY_CTX; i++) {
97 mvm->phy_ctxts[i].id = i;
98 mvm->phy_ctxts[i].ref = 0;
99 }
100}
101
102struct ieee80211_regdomain *iwl_mvm_get_regdomain(struct wiphy *wiphy,
103 const char *alpha2,
104 enum iwl_mcc_source src_id,
105 bool *changed)
106{
107 struct ieee80211_regdomain *regd = NULL;
108 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
109 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
110 struct iwl_mcc_update_resp *resp;
111 u8 resp_ver;
112
113 IWL_DEBUG_LAR(mvm, "Getting regdomain data for %s from FW\n", alpha2);
114
115 lockdep_assert_held(&mvm->mutex);
116
117 resp = iwl_mvm_update_mcc(mvm, alpha2, src_id);
118 if (IS_ERR_OR_NULL(resp)) {
119 IWL_DEBUG_LAR(mvm, "Could not get update from FW %d\n",
120 PTR_ERR_OR_ZERO(resp));
121 resp = NULL;
122 goto out;
123 }
124
125 if (changed) {
126 u32 status = le32_to_cpu(resp->status);
127
128 *changed = (status == MCC_RESP_NEW_CHAN_PROFILE ||
129 status == MCC_RESP_ILLEGAL);
130 }
131 resp_ver = iwl_fw_lookup_notif_ver(mvm->fw, IWL_ALWAYS_LONG_GROUP,
132 MCC_UPDATE_CMD, 0);
133 IWL_DEBUG_LAR(mvm, "MCC update response version: %d\n", resp_ver);
134
135 regd = iwl_parse_nvm_mcc_info(mvm->trans->dev, mvm->cfg,
136 __le32_to_cpu(resp->n_channels),
137 resp->channels,
138 __le16_to_cpu(resp->mcc),
139 __le16_to_cpu(resp->geo_info),
140 __le16_to_cpu(resp->cap), resp_ver);
141 /* Store the return source id */
142 src_id = resp->source_id;
143 if (IS_ERR_OR_NULL(regd)) {
144 IWL_DEBUG_LAR(mvm, "Could not get parse update from FW %d\n",
145 PTR_ERR_OR_ZERO(regd));
146 goto out;
147 }
148
149 IWL_DEBUG_LAR(mvm, "setting alpha2 from FW to %s (0x%x, 0x%x) src=%d\n",
150 regd->alpha2, regd->alpha2[0], regd->alpha2[1], src_id);
151 mvm->lar_regdom_set = true;
152 mvm->mcc_src = src_id;
153
154 iwl_mei_set_country_code(__le16_to_cpu(resp->mcc));
155
156out:
157 kfree(resp);
158 return regd;
159}
160
161void iwl_mvm_update_changed_regdom(struct iwl_mvm *mvm)
162{
163 bool changed;
164 struct ieee80211_regdomain *regd;
165
166 if (!iwl_mvm_is_lar_supported(mvm))
167 return;
168
169 regd = iwl_mvm_get_current_regdomain(mvm, &changed);
170 if (!IS_ERR_OR_NULL(regd)) {
171 /* only update the regulatory core if changed */
172 if (changed)
173 regulatory_set_wiphy_regd(mvm->hw->wiphy, regd);
174
175 kfree(regd);
176 }
177}
178
179struct ieee80211_regdomain *iwl_mvm_get_current_regdomain(struct iwl_mvm *mvm,
180 bool *changed)
181{
182 return iwl_mvm_get_regdomain(mvm->hw->wiphy, "ZZ",
183 iwl_mvm_is_wifi_mcc_supported(mvm) ?
184 MCC_SOURCE_GET_CURRENT :
185 MCC_SOURCE_OLD_FW, changed);
186}
187
188int iwl_mvm_init_fw_regd(struct iwl_mvm *mvm)
189{
190 enum iwl_mcc_source used_src;
191 struct ieee80211_regdomain *regd;
192 int ret;
193 bool changed;
194 const struct ieee80211_regdomain *r =
195 wiphy_dereference(mvm->hw->wiphy, mvm->hw->wiphy->regd);
196
197 if (!r)
198 return -ENOENT;
199
200 /* save the last source in case we overwrite it below */
201 used_src = mvm->mcc_src;
202 if (iwl_mvm_is_wifi_mcc_supported(mvm)) {
203 /* Notify the firmware we support wifi location updates */
204 regd = iwl_mvm_get_current_regdomain(mvm, NULL);
205 if (!IS_ERR_OR_NULL(regd))
206 kfree(regd);
207 }
208
209 /* Now set our last stored MCC and source */
210 regd = iwl_mvm_get_regdomain(mvm->hw->wiphy, r->alpha2, used_src,
211 &changed);
212 if (IS_ERR_OR_NULL(regd))
213 return -EIO;
214
215 /* update cfg80211 if the regdomain was changed */
216 if (changed)
217 ret = regulatory_set_wiphy_regd_sync(mvm->hw->wiphy, regd);
218 else
219 ret = 0;
220
221 kfree(regd);
222 return ret;
223}
224
225static const u8 he_if_types_ext_capa_sta[] = {
226 [0] = WLAN_EXT_CAPA1_EXT_CHANNEL_SWITCHING,
227 [2] = WLAN_EXT_CAPA3_MULTI_BSSID_SUPPORT,
228 [7] = WLAN_EXT_CAPA8_OPMODE_NOTIF,
229};
230
231static const struct wiphy_iftype_ext_capab he_iftypes_ext_capa[] = {
232 {
233 .iftype = NL80211_IFTYPE_STATION,
234 .extended_capabilities = he_if_types_ext_capa_sta,
235 .extended_capabilities_mask = he_if_types_ext_capa_sta,
236 .extended_capabilities_len = sizeof(he_if_types_ext_capa_sta),
237 },
238};
239
240static int
241iwl_mvm_op_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
242{
243 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
244 *tx_ant = iwl_mvm_get_valid_tx_ant(mvm);
245 *rx_ant = iwl_mvm_get_valid_rx_ant(mvm);
246 return 0;
247}
248
249int iwl_mvm_mac_setup_register(struct iwl_mvm *mvm)
250{
251 struct ieee80211_hw *hw = mvm->hw;
252 int num_mac, ret, i;
253 static const u32 mvm_ciphers[] = {
254 WLAN_CIPHER_SUITE_WEP40,
255 WLAN_CIPHER_SUITE_WEP104,
256 WLAN_CIPHER_SUITE_TKIP,
257 WLAN_CIPHER_SUITE_CCMP,
258 };
259#ifdef CONFIG_PM_SLEEP
260 bool unified = fw_has_capa(&mvm->fw->ucode_capa,
261 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG);
262#endif
263
264 /* Tell mac80211 our characteristics */
265 ieee80211_hw_set(hw, SIGNAL_DBM);
266 ieee80211_hw_set(hw, SPECTRUM_MGMT);
267 ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS);
268 ieee80211_hw_set(hw, WANT_MONITOR_VIF);
269 ieee80211_hw_set(hw, SUPPORTS_PS);
270 ieee80211_hw_set(hw, SUPPORTS_DYNAMIC_PS);
271 ieee80211_hw_set(hw, AMPDU_AGGREGATION);
272 ieee80211_hw_set(hw, TIMING_BEACON_ONLY);
273 ieee80211_hw_set(hw, CONNECTION_MONITOR);
274 ieee80211_hw_set(hw, CHANCTX_STA_CSA);
275 ieee80211_hw_set(hw, SUPPORT_FAST_XMIT);
276 ieee80211_hw_set(hw, SUPPORTS_CLONED_SKBS);
277 ieee80211_hw_set(hw, SUPPORTS_AMSDU_IN_AMPDU);
278 ieee80211_hw_set(hw, NEEDS_UNIQUE_STA_ADDR);
279 ieee80211_hw_set(hw, DEAUTH_NEED_MGD_TX_PREP);
280 ieee80211_hw_set(hw, SUPPORTS_VHT_EXT_NSS_BW);
281 ieee80211_hw_set(hw, BUFF_MMPDU_TXQ);
282 ieee80211_hw_set(hw, STA_MMPDU_TXQ);
283 /*
284 * On older devices, enabling TX A-MSDU occasionally leads to
285 * something getting messed up, the command read from the FIFO
286 * gets out of sync and isn't a TX command, so that we have an
287 * assert EDC.
288 *
289 * It's not clear where the bug is, but since we didn't used to
290 * support A-MSDU until moving the mac80211 iTXQs, just leave it
291 * for older devices. We also don't see this issue on any newer
292 * devices.
293 */
294 if (mvm->trans->trans_cfg->device_family >= IWL_DEVICE_FAMILY_9000)
295 ieee80211_hw_set(hw, TX_AMSDU);
296 ieee80211_hw_set(hw, TX_FRAG_LIST);
297
298 if (iwl_mvm_has_tlc_offload(mvm)) {
299 ieee80211_hw_set(hw, TX_AMPDU_SETUP_IN_HW);
300 ieee80211_hw_set(hw, HAS_RATE_CONTROL);
301 }
302
303 if (iwl_mvm_has_new_rx_api(mvm))
304 ieee80211_hw_set(hw, SUPPORTS_REORDERING_BUFFER);
305
306 if (fw_has_capa(&mvm->fw->ucode_capa,
307 IWL_UCODE_TLV_CAPA_STA_PM_NOTIF)) {
308 ieee80211_hw_set(hw, AP_LINK_PS);
309 } else if (WARN_ON(iwl_mvm_has_new_tx_api(mvm))) {
310 /*
311 * we absolutely need this for the new TX API since that comes
312 * with many more queues than the current code can deal with
313 * for station powersave
314 */
315 return -EINVAL;
316 }
317
318 if (mvm->trans->num_rx_queues > 1)
319 ieee80211_hw_set(hw, USES_RSS);
320
321 if (mvm->trans->max_skb_frags)
322 hw->netdev_features = NETIF_F_HIGHDMA | NETIF_F_SG;
323
324 hw->queues = IEEE80211_NUM_ACS;
325 hw->offchannel_tx_hw_queue = IWL_MVM_OFFCHANNEL_QUEUE;
326 hw->radiotap_mcs_details |= IEEE80211_RADIOTAP_MCS_HAVE_FEC |
327 IEEE80211_RADIOTAP_MCS_HAVE_STBC;
328 hw->radiotap_vht_details |= IEEE80211_RADIOTAP_VHT_KNOWN_STBC |
329 IEEE80211_RADIOTAP_VHT_KNOWN_BEAMFORMED;
330
331 hw->radiotap_timestamp.units_pos =
332 IEEE80211_RADIOTAP_TIMESTAMP_UNIT_US |
333 IEEE80211_RADIOTAP_TIMESTAMP_SPOS_PLCP_SIG_ACQ;
334 /* this is the case for CCK frames, it's better (only 8) for OFDM */
335 hw->radiotap_timestamp.accuracy = 22;
336
337 if (!iwl_mvm_has_tlc_offload(mvm))
338 hw->rate_control_algorithm = RS_NAME;
339
340 hw->uapsd_queues = IWL_MVM_UAPSD_QUEUES;
341 hw->uapsd_max_sp_len = IWL_UAPSD_MAX_SP;
342 hw->max_tx_fragments = mvm->trans->max_skb_frags;
343
344 BUILD_BUG_ON(ARRAY_SIZE(mvm->ciphers) < ARRAY_SIZE(mvm_ciphers) + 6);
345 memcpy(mvm->ciphers, mvm_ciphers, sizeof(mvm_ciphers));
346 hw->wiphy->n_cipher_suites = ARRAY_SIZE(mvm_ciphers);
347 hw->wiphy->cipher_suites = mvm->ciphers;
348
349 if (iwl_mvm_has_new_rx_api(mvm)) {
350 mvm->ciphers[hw->wiphy->n_cipher_suites] =
351 WLAN_CIPHER_SUITE_GCMP;
352 hw->wiphy->n_cipher_suites++;
353 mvm->ciphers[hw->wiphy->n_cipher_suites] =
354 WLAN_CIPHER_SUITE_GCMP_256;
355 hw->wiphy->n_cipher_suites++;
356 }
357
358 if (iwlwifi_mod_params.swcrypto)
359 IWL_ERR(mvm,
360 "iwlmvm doesn't allow to disable HW crypto, check swcrypto module parameter\n");
361 if (!iwlwifi_mod_params.bt_coex_active)
362 IWL_ERR(mvm,
363 "iwlmvm doesn't allow to disable BT Coex, check bt_coex_active module parameter\n");
364
365 ieee80211_hw_set(hw, MFP_CAPABLE);
366 mvm->ciphers[hw->wiphy->n_cipher_suites] = WLAN_CIPHER_SUITE_AES_CMAC;
367 hw->wiphy->n_cipher_suites++;
368 if (iwl_mvm_has_new_rx_api(mvm)) {
369 mvm->ciphers[hw->wiphy->n_cipher_suites] =
370 WLAN_CIPHER_SUITE_BIP_GMAC_128;
371 hw->wiphy->n_cipher_suites++;
372 mvm->ciphers[hw->wiphy->n_cipher_suites] =
373 WLAN_CIPHER_SUITE_BIP_GMAC_256;
374 hw->wiphy->n_cipher_suites++;
375 }
376
377 wiphy_ext_feature_set(hw->wiphy,
378 NL80211_EXT_FEATURE_BEACON_RATE_LEGACY);
379
380 if (fw_has_capa(&mvm->fw->ucode_capa,
381 IWL_UCODE_TLV_CAPA_FTM_CALIBRATED)) {
382 wiphy_ext_feature_set(hw->wiphy,
383 NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER);
384 hw->wiphy->pmsr_capa = &iwl_mvm_pmsr_capa;
385 }
386
387 if (fw_has_capa(&mvm->fw->ucode_capa,
388 IWL_UCODE_TLV_CAPA_BIGTK_SUPPORT))
389 wiphy_ext_feature_set(hw->wiphy,
390 NL80211_EXT_FEATURE_BEACON_PROTECTION_CLIENT);
391
392 ieee80211_hw_set(hw, SINGLE_SCAN_ON_ALL_BANDS);
393 hw->wiphy->features |=
394 NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR |
395 NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR |
396 NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
397
398 hw->sta_data_size = sizeof(struct iwl_mvm_sta);
399 hw->vif_data_size = sizeof(struct iwl_mvm_vif);
400 hw->chanctx_data_size = sizeof(u16);
401 hw->txq_data_size = sizeof(struct iwl_mvm_txq);
402
403 hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
404 BIT(NL80211_IFTYPE_P2P_CLIENT) |
405 BIT(NL80211_IFTYPE_AP) |
406 BIT(NL80211_IFTYPE_P2P_GO) |
407 BIT(NL80211_IFTYPE_P2P_DEVICE) |
408 BIT(NL80211_IFTYPE_ADHOC);
409
410 hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
411 wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
412
413 /* The new Tx API does not allow to pass the key or keyid of a MPDU to
414 * the hw, preventing us to control which key(id) to use per MPDU.
415 * Till that's fixed we can't use Extended Key ID for the newer cards.
416 */
417 if (!iwl_mvm_has_new_tx_api(mvm))
418 wiphy_ext_feature_set(hw->wiphy,
419 NL80211_EXT_FEATURE_EXT_KEY_ID);
420 hw->wiphy->features |= NL80211_FEATURE_HT_IBSS;
421
422 hw->wiphy->regulatory_flags |= REGULATORY_ENABLE_RELAX_NO_IR;
423 if (iwl_mvm_is_lar_supported(mvm))
424 hw->wiphy->regulatory_flags |= REGULATORY_WIPHY_SELF_MANAGED;
425 else
426 hw->wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG |
427 REGULATORY_DISABLE_BEACON_HINTS;
428
429 hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
430 hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
431 hw->wiphy->flags |= WIPHY_FLAG_SPLIT_SCAN_6GHZ;
432
433 hw->wiphy->iface_combinations = iwl_mvm_iface_combinations;
434 hw->wiphy->n_iface_combinations =
435 ARRAY_SIZE(iwl_mvm_iface_combinations);
436
437 hw->wiphy->max_remain_on_channel_duration = 10000;
438 hw->max_listen_interval = IWL_CONN_MAX_LISTEN_INTERVAL;
439
440 /* Extract MAC address */
441 memcpy(mvm->addresses[0].addr, mvm->nvm_data->hw_addr, ETH_ALEN);
442 hw->wiphy->addresses = mvm->addresses;
443 hw->wiphy->n_addresses = 1;
444
445 /* Extract additional MAC addresses if available */
446 num_mac = (mvm->nvm_data->n_hw_addrs > 1) ?
447 min(IWL_MVM_MAX_ADDRESSES, mvm->nvm_data->n_hw_addrs) : 1;
448
449 for (i = 1; i < num_mac; i++) {
450 memcpy(mvm->addresses[i].addr, mvm->addresses[i-1].addr,
451 ETH_ALEN);
452 mvm->addresses[i].addr[5]++;
453 hw->wiphy->n_addresses++;
454 }
455
456 iwl_mvm_reset_phy_ctxts(mvm);
457
458 hw->wiphy->max_scan_ie_len = iwl_mvm_max_scan_ie_len(mvm);
459
460 hw->wiphy->max_scan_ssids = PROBE_OPTION_MAX;
461
462 BUILD_BUG_ON(IWL_MVM_SCAN_STOPPING_MASK & IWL_MVM_SCAN_MASK);
463 BUILD_BUG_ON(IWL_MVM_MAX_UMAC_SCANS > HWEIGHT32(IWL_MVM_SCAN_MASK) ||
464 IWL_MVM_MAX_LMAC_SCANS > HWEIGHT32(IWL_MVM_SCAN_MASK));
465
466 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN))
467 mvm->max_scans = IWL_MVM_MAX_UMAC_SCANS;
468 else
469 mvm->max_scans = IWL_MVM_MAX_LMAC_SCANS;
470
471 if (mvm->nvm_data->bands[NL80211_BAND_2GHZ].n_channels)
472 hw->wiphy->bands[NL80211_BAND_2GHZ] =
473 &mvm->nvm_data->bands[NL80211_BAND_2GHZ];
474 if (mvm->nvm_data->bands[NL80211_BAND_5GHZ].n_channels) {
475 hw->wiphy->bands[NL80211_BAND_5GHZ] =
476 &mvm->nvm_data->bands[NL80211_BAND_5GHZ];
477
478 if (fw_has_capa(&mvm->fw->ucode_capa,
479 IWL_UCODE_TLV_CAPA_BEAMFORMER) &&
480 fw_has_api(&mvm->fw->ucode_capa,
481 IWL_UCODE_TLV_API_LQ_SS_PARAMS))
482 hw->wiphy->bands[NL80211_BAND_5GHZ]->vht_cap.cap |=
483 IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE;
484 }
485 if (fw_has_capa(&mvm->fw->ucode_capa,
486 IWL_UCODE_TLV_CAPA_PSC_CHAN_SUPPORT) &&
487 mvm->nvm_data->bands[NL80211_BAND_6GHZ].n_channels)
488 hw->wiphy->bands[NL80211_BAND_6GHZ] =
489 &mvm->nvm_data->bands[NL80211_BAND_6GHZ];
490
491 hw->wiphy->hw_version = mvm->trans->hw_id;
492
493 if (iwlmvm_mod_params.power_scheme != IWL_POWER_SCHEME_CAM)
494 hw->wiphy->flags |= WIPHY_FLAG_PS_ON_BY_DEFAULT;
495 else
496 hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
497
498 hw->wiphy->max_sched_scan_reqs = 1;
499 hw->wiphy->max_sched_scan_ssids = PROBE_OPTION_MAX;
500 hw->wiphy->max_match_sets = iwl_umac_scan_get_max_profiles(mvm->fw);
501 /* we create the 802.11 header and zero length SSID IE. */
502 hw->wiphy->max_sched_scan_ie_len =
503 SCAN_OFFLOAD_PROBE_REQ_SIZE - 24 - 2;
504 hw->wiphy->max_sched_scan_plans = IWL_MAX_SCHED_SCAN_PLANS;
505 hw->wiphy->max_sched_scan_plan_interval = U16_MAX;
506
507 /*
508 * the firmware uses u8 for num of iterations, but 0xff is saved for
509 * infinite loop, so the maximum number of iterations is actually 254.
510 */
511 hw->wiphy->max_sched_scan_plan_iterations = 254;
512
513 hw->wiphy->features |= NL80211_FEATURE_P2P_GO_CTWIN |
514 NL80211_FEATURE_LOW_PRIORITY_SCAN |
515 NL80211_FEATURE_P2P_GO_OPPPS |
516 NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
517 NL80211_FEATURE_DYNAMIC_SMPS |
518 NL80211_FEATURE_STATIC_SMPS |
519 NL80211_FEATURE_SUPPORTS_WMM_ADMISSION;
520
521 if (fw_has_capa(&mvm->fw->ucode_capa,
522 IWL_UCODE_TLV_CAPA_TXPOWER_INSERTION_SUPPORT))
523 hw->wiphy->features |= NL80211_FEATURE_TX_POWER_INSERTION;
524 if (fw_has_capa(&mvm->fw->ucode_capa,
525 IWL_UCODE_TLV_CAPA_QUIET_PERIOD_SUPPORT))
526 hw->wiphy->features |= NL80211_FEATURE_QUIET;
527
528 if (fw_has_capa(&mvm->fw->ucode_capa,
529 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT))
530 hw->wiphy->features |=
531 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES;
532
533 if (fw_has_capa(&mvm->fw->ucode_capa,
534 IWL_UCODE_TLV_CAPA_WFA_TPC_REP_IE_SUPPORT))
535 hw->wiphy->features |= NL80211_FEATURE_WFA_TPC_IE_IN_PROBES;
536
537 if (iwl_fw_lookup_cmd_ver(mvm->fw, WOWLAN_KEK_KCK_MATERIAL,
538 IWL_FW_CMD_VER_UNKNOWN) == 3)
539 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK;
540
541 if (fw_has_api(&mvm->fw->ucode_capa,
542 IWL_UCODE_TLV_API_SCAN_TSF_REPORT)) {
543 wiphy_ext_feature_set(hw->wiphy,
544 NL80211_EXT_FEATURE_SCAN_START_TIME);
545 wiphy_ext_feature_set(hw->wiphy,
546 NL80211_EXT_FEATURE_BSS_PARENT_TSF);
547 }
548
549 if (iwl_mvm_is_oce_supported(mvm)) {
550 u8 scan_ver = iwl_fw_lookup_cmd_ver(mvm->fw, SCAN_REQ_UMAC, 0);
551
552 wiphy_ext_feature_set(hw->wiphy,
553 NL80211_EXT_FEATURE_ACCEPT_BCAST_PROBE_RESP);
554 wiphy_ext_feature_set(hw->wiphy,
555 NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME);
556 wiphy_ext_feature_set(hw->wiphy,
557 NL80211_EXT_FEATURE_OCE_PROBE_REQ_HIGH_TX_RATE);
558
559 /* Old firmware also supports probe deferral and suppression */
560 if (scan_ver < 15)
561 wiphy_ext_feature_set(hw->wiphy,
562 NL80211_EXT_FEATURE_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION);
563 }
564
565 if (mvm->nvm_data->sku_cap_11ax_enable &&
566 !iwlwifi_mod_params.disable_11ax) {
567 hw->wiphy->iftype_ext_capab = he_iftypes_ext_capa;
568 hw->wiphy->num_iftype_ext_capab =
569 ARRAY_SIZE(he_iftypes_ext_capa);
570
571 ieee80211_hw_set(hw, SUPPORTS_MULTI_BSSID);
572 ieee80211_hw_set(hw, SUPPORTS_ONLY_HE_MULTI_BSSID);
573 }
574
575 mvm->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
576
577#ifdef CONFIG_PM_SLEEP
578 if ((unified || mvm->fw->img[IWL_UCODE_WOWLAN].num_sec) &&
579 mvm->trans->ops->d3_suspend &&
580 mvm->trans->ops->d3_resume &&
581 device_can_wakeup(mvm->trans->dev)) {
582 mvm->wowlan.flags |= WIPHY_WOWLAN_MAGIC_PKT |
583 WIPHY_WOWLAN_DISCONNECT |
584 WIPHY_WOWLAN_EAP_IDENTITY_REQ |
585 WIPHY_WOWLAN_RFKILL_RELEASE |
586 WIPHY_WOWLAN_NET_DETECT;
587 mvm->wowlan.flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY |
588 WIPHY_WOWLAN_GTK_REKEY_FAILURE |
589 WIPHY_WOWLAN_4WAY_HANDSHAKE;
590
591 mvm->wowlan.n_patterns = IWL_WOWLAN_MAX_PATTERNS;
592 mvm->wowlan.pattern_min_len = IWL_WOWLAN_MIN_PATTERN_LEN;
593 mvm->wowlan.pattern_max_len = IWL_WOWLAN_MAX_PATTERN_LEN;
594 mvm->wowlan.max_nd_match_sets =
595 iwl_umac_scan_get_max_profiles(mvm->fw);
596 hw->wiphy->wowlan = &mvm->wowlan;
597 }
598#endif
599
600 ret = iwl_mvm_leds_init(mvm);
601 if (ret)
602 return ret;
603
604 if (fw_has_capa(&mvm->fw->ucode_capa,
605 IWL_UCODE_TLV_CAPA_TDLS_SUPPORT)) {
606 IWL_DEBUG_TDLS(mvm, "TDLS supported\n");
607 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
608 ieee80211_hw_set(hw, TDLS_WIDER_BW);
609 }
610
611 if (fw_has_capa(&mvm->fw->ucode_capa,
612 IWL_UCODE_TLV_CAPA_TDLS_CHANNEL_SWITCH)) {
613 IWL_DEBUG_TDLS(mvm, "TDLS channel switch supported\n");
614 hw->wiphy->features |= NL80211_FEATURE_TDLS_CHANNEL_SWITCH;
615 }
616
617 hw->netdev_features |= mvm->cfg->features;
618 if (!iwl_mvm_is_csum_supported(mvm))
619 hw->netdev_features &= ~IWL_CSUM_NETIF_FLAGS_MASK;
620
621 if (mvm->cfg->vht_mu_mimo_supported)
622 wiphy_ext_feature_set(hw->wiphy,
623 NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER);
624
625 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_PROTECTED_TWT))
626 wiphy_ext_feature_set(hw->wiphy,
627 NL80211_EXT_FEATURE_PROTECTED_TWT);
628
629 iwl_mvm_vendor_cmds_register(mvm);
630
631 hw->wiphy->available_antennas_tx = iwl_mvm_get_valid_tx_ant(mvm);
632 hw->wiphy->available_antennas_rx = iwl_mvm_get_valid_rx_ant(mvm);
633
634 ret = ieee80211_register_hw(mvm->hw);
635 if (ret) {
636 iwl_mvm_leds_exit(mvm);
637 }
638
639 return ret;
640}
641
642static void iwl_mvm_tx_skb(struct iwl_mvm *mvm, struct sk_buff *skb,
643 struct ieee80211_sta *sta)
644{
645 if (likely(sta)) {
646 if (likely(iwl_mvm_tx_skb_sta(mvm, skb, sta) == 0))
647 return;
648 } else {
649 if (likely(iwl_mvm_tx_skb_non_sta(mvm, skb) == 0))
650 return;
651 }
652
653 ieee80211_free_txskb(mvm->hw, skb);
654}
655
656static void iwl_mvm_mac_tx(struct ieee80211_hw *hw,
657 struct ieee80211_tx_control *control,
658 struct sk_buff *skb)
659{
660 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
661 struct ieee80211_sta *sta = control->sta;
662 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
663 struct ieee80211_hdr *hdr = (void *)skb->data;
664 bool offchannel = IEEE80211_SKB_CB(skb)->flags &
665 IEEE80211_TX_CTL_TX_OFFCHAN;
666
667 if (iwl_mvm_is_radio_killed(mvm)) {
668 IWL_DEBUG_DROP(mvm, "Dropping - RF/CT KILL\n");
669 goto drop;
670 }
671
672 if (offchannel &&
673 !test_bit(IWL_MVM_STATUS_ROC_RUNNING, &mvm->status) &&
674 !test_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status))
675 goto drop;
676
677 /*
678 * bufferable MMPDUs or MMPDUs on STA interfaces come via TXQs
679 * so we treat the others as broadcast
680 */
681 if (ieee80211_is_mgmt(hdr->frame_control))
682 sta = NULL;
683
684 /* If there is no sta, and it's not offchannel - send through AP */
685 if (!sta && info->control.vif->type == NL80211_IFTYPE_STATION &&
686 !offchannel) {
687 struct iwl_mvm_vif *mvmvif =
688 iwl_mvm_vif_from_mac80211(info->control.vif);
689 u8 ap_sta_id = READ_ONCE(mvmvif->ap_sta_id);
690
691 if (ap_sta_id < mvm->fw->ucode_capa.num_stations) {
692 /* mac80211 holds rcu read lock */
693 sta = rcu_dereference(mvm->fw_id_to_mac_id[ap_sta_id]);
694 if (IS_ERR_OR_NULL(sta))
695 goto drop;
696 }
697 }
698
699 iwl_mvm_tx_skb(mvm, skb, sta);
700 return;
701 drop:
702 ieee80211_free_txskb(hw, skb);
703}
704
705void iwl_mvm_mac_itxq_xmit(struct ieee80211_hw *hw, struct ieee80211_txq *txq)
706{
707 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
708 struct iwl_mvm_txq *mvmtxq = iwl_mvm_txq_from_mac80211(txq);
709 struct sk_buff *skb = NULL;
710
711 /*
712 * No need for threads to be pending here, they can leave the first
713 * taker all the work.
714 *
715 * mvmtxq->tx_request logic:
716 *
717 * If 0, no one is currently TXing, set to 1 to indicate current thread
718 * will now start TX and other threads should quit.
719 *
720 * If 1, another thread is currently TXing, set to 2 to indicate to
721 * that thread that there was another request. Since that request may
722 * have raced with the check whether the queue is empty, the TXing
723 * thread should check the queue's status one more time before leaving.
724 * This check is done in order to not leave any TX hanging in the queue
725 * until the next TX invocation (which may not even happen).
726 *
727 * If 2, another thread is currently TXing, and it will already double
728 * check the queue, so do nothing.
729 */
730 if (atomic_fetch_add_unless(&mvmtxq->tx_request, 1, 2))
731 return;
732
733 rcu_read_lock();
734 do {
735 while (likely(!mvmtxq->stopped &&
736 !test_bit(IWL_MVM_STATUS_IN_D3, &mvm->status))) {
737 skb = ieee80211_tx_dequeue(hw, txq);
738
739 if (!skb) {
740 if (txq->sta)
741 IWL_DEBUG_TX(mvm,
742 "TXQ of sta %pM tid %d is now empty\n",
743 txq->sta->addr,
744 txq->tid);
745 break;
746 }
747
748 iwl_mvm_tx_skb(mvm, skb, txq->sta);
749 }
750 } while (atomic_dec_return(&mvmtxq->tx_request));
751 rcu_read_unlock();
752}
753
754static void iwl_mvm_mac_wake_tx_queue(struct ieee80211_hw *hw,
755 struct ieee80211_txq *txq)
756{
757 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
758 struct iwl_mvm_txq *mvmtxq = iwl_mvm_txq_from_mac80211(txq);
759
760 /*
761 * Please note that racing is handled very carefully here:
762 * mvmtxq->txq_id is updated during allocation, and mvmtxq->list is
763 * deleted afterwards.
764 * This means that if:
765 * mvmtxq->txq_id != INVALID_QUEUE && list_empty(&mvmtxq->list):
766 * queue is allocated and we can TX.
767 * mvmtxq->txq_id != INVALID_QUEUE && !list_empty(&mvmtxq->list):
768 * a race, should defer the frame.
769 * mvmtxq->txq_id == INVALID_QUEUE && list_empty(&mvmtxq->list):
770 * need to allocate the queue and defer the frame.
771 * mvmtxq->txq_id == INVALID_QUEUE && !list_empty(&mvmtxq->list):
772 * queue is already scheduled for allocation, no need to allocate,
773 * should defer the frame.
774 */
775
776 /* If the queue is allocated TX and return. */
777 if (!txq->sta || mvmtxq->txq_id != IWL_MVM_INVALID_QUEUE) {
778 /*
779 * Check that list is empty to avoid a race where txq_id is
780 * already updated, but the queue allocation work wasn't
781 * finished
782 */
783 if (unlikely(txq->sta && !list_empty(&mvmtxq->list)))
784 return;
785
786 iwl_mvm_mac_itxq_xmit(hw, txq);
787 return;
788 }
789
790 /* The list is being deleted only after the queue is fully allocated. */
791 if (!list_empty(&mvmtxq->list))
792 return;
793
794 list_add_tail(&mvmtxq->list, &mvm->add_stream_txqs);
795 schedule_work(&mvm->add_stream_wk);
796}
797
798#define CHECK_BA_TRIGGER(_mvm, _trig, _tid_bm, _tid, _fmt...) \
799 do { \
800 if (!(le16_to_cpu(_tid_bm) & BIT(_tid))) \
801 break; \
802 iwl_fw_dbg_collect_trig(&(_mvm)->fwrt, _trig, _fmt); \
803 } while (0)
804
805static void
806iwl_mvm_ampdu_check_trigger(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
807 struct ieee80211_sta *sta, u16 tid, u16 rx_ba_ssn,
808 enum ieee80211_ampdu_mlme_action action)
809{
810 struct iwl_fw_dbg_trigger_tlv *trig;
811 struct iwl_fw_dbg_trigger_ba *ba_trig;
812
813 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif),
814 FW_DBG_TRIGGER_BA);
815 if (!trig)
816 return;
817
818 ba_trig = (void *)trig->data;
819
820 switch (action) {
821 case IEEE80211_AMPDU_TX_OPERATIONAL: {
822 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
823 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
824
825 CHECK_BA_TRIGGER(mvm, trig, ba_trig->tx_ba_start, tid,
826 "TX AGG START: MAC %pM tid %d ssn %d\n",
827 sta->addr, tid, tid_data->ssn);
828 break;
829 }
830 case IEEE80211_AMPDU_TX_STOP_CONT:
831 CHECK_BA_TRIGGER(mvm, trig, ba_trig->tx_ba_stop, tid,
832 "TX AGG STOP: MAC %pM tid %d\n",
833 sta->addr, tid);
834 break;
835 case IEEE80211_AMPDU_RX_START:
836 CHECK_BA_TRIGGER(mvm, trig, ba_trig->rx_ba_start, tid,
837 "RX AGG START: MAC %pM tid %d ssn %d\n",
838 sta->addr, tid, rx_ba_ssn);
839 break;
840 case IEEE80211_AMPDU_RX_STOP:
841 CHECK_BA_TRIGGER(mvm, trig, ba_trig->rx_ba_stop, tid,
842 "RX AGG STOP: MAC %pM tid %d\n",
843 sta->addr, tid);
844 break;
845 default:
846 break;
847 }
848}
849
850static int iwl_mvm_mac_ampdu_action(struct ieee80211_hw *hw,
851 struct ieee80211_vif *vif,
852 struct ieee80211_ampdu_params *params)
853{
854 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
855 int ret;
856 struct ieee80211_sta *sta = params->sta;
857 enum ieee80211_ampdu_mlme_action action = params->action;
858 u16 tid = params->tid;
859 u16 *ssn = ¶ms->ssn;
860 u16 buf_size = params->buf_size;
861 bool amsdu = params->amsdu;
862 u16 timeout = params->timeout;
863
864 IWL_DEBUG_HT(mvm, "A-MPDU action on addr %pM tid %d: action %d\n",
865 sta->addr, tid, action);
866
867 if (!(mvm->nvm_data->sku_cap_11n_enable))
868 return -EACCES;
869
870 mutex_lock(&mvm->mutex);
871
872 switch (action) {
873 case IEEE80211_AMPDU_RX_START:
874 if (iwl_mvm_vif_from_mac80211(vif)->ap_sta_id ==
875 iwl_mvm_sta_from_mac80211(sta)->sta_id) {
876 struct iwl_mvm_vif *mvmvif;
877 u16 macid = iwl_mvm_vif_from_mac80211(vif)->id;
878 struct iwl_mvm_tcm_mac *mdata = &mvm->tcm.data[macid];
879
880 mdata->opened_rx_ba_sessions = true;
881 mvmvif = iwl_mvm_vif_from_mac80211(vif);
882 cancel_delayed_work(&mvmvif->uapsd_nonagg_detected_wk);
883 }
884 if (!iwl_enable_rx_ampdu()) {
885 ret = -EINVAL;
886 break;
887 }
888 ret = iwl_mvm_sta_rx_agg(mvm, sta, tid, *ssn, true, buf_size,
889 timeout);
890 break;
891 case IEEE80211_AMPDU_RX_STOP:
892 ret = iwl_mvm_sta_rx_agg(mvm, sta, tid, 0, false, buf_size,
893 timeout);
894 break;
895 case IEEE80211_AMPDU_TX_START:
896 if (!iwl_enable_tx_ampdu()) {
897 ret = -EINVAL;
898 break;
899 }
900 ret = iwl_mvm_sta_tx_agg_start(mvm, vif, sta, tid, ssn);
901 break;
902 case IEEE80211_AMPDU_TX_STOP_CONT:
903 ret = iwl_mvm_sta_tx_agg_stop(mvm, vif, sta, tid);
904 break;
905 case IEEE80211_AMPDU_TX_STOP_FLUSH:
906 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
907 ret = iwl_mvm_sta_tx_agg_flush(mvm, vif, sta, tid);
908 break;
909 case IEEE80211_AMPDU_TX_OPERATIONAL:
910 ret = iwl_mvm_sta_tx_agg_oper(mvm, vif, sta, tid,
911 buf_size, amsdu);
912 break;
913 default:
914 WARN_ON_ONCE(1);
915 ret = -EINVAL;
916 break;
917 }
918
919 if (!ret) {
920 u16 rx_ba_ssn = 0;
921
922 if (action == IEEE80211_AMPDU_RX_START)
923 rx_ba_ssn = *ssn;
924
925 iwl_mvm_ampdu_check_trigger(mvm, vif, sta, tid,
926 rx_ba_ssn, action);
927 }
928 mutex_unlock(&mvm->mutex);
929
930 return ret;
931}
932
933static void iwl_mvm_cleanup_iterator(void *data, u8 *mac,
934 struct ieee80211_vif *vif)
935{
936 struct iwl_mvm *mvm = data;
937 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
938
939 mvmvif->uploaded = false;
940 mvmvif->ap_sta_id = IWL_MVM_INVALID_STA;
941
942 spin_lock_bh(&mvm->time_event_lock);
943 iwl_mvm_te_clear_data(mvm, &mvmvif->time_event_data);
944 spin_unlock_bh(&mvm->time_event_lock);
945
946 mvmvif->phy_ctxt = NULL;
947 memset(&mvmvif->bf_data, 0, sizeof(mvmvif->bf_data));
948 memset(&mvmvif->probe_resp_data, 0, sizeof(mvmvif->probe_resp_data));
949}
950
951static void iwl_mvm_restart_cleanup(struct iwl_mvm *mvm)
952{
953 iwl_mvm_stop_device(mvm);
954
955 mvm->cur_aid = 0;
956
957 mvm->scan_status = 0;
958 mvm->ps_disabled = false;
959 mvm->rfkill_safe_init_done = false;
960
961 /* just in case one was running */
962 iwl_mvm_cleanup_roc_te(mvm);
963 ieee80211_remain_on_channel_expired(mvm->hw);
964
965 iwl_mvm_ftm_restart(mvm);
966
967 /*
968 * cleanup all interfaces, even inactive ones, as some might have
969 * gone down during the HW restart
970 */
971 ieee80211_iterate_interfaces(mvm->hw, 0, iwl_mvm_cleanup_iterator, mvm);
972
973 mvm->p2p_device_vif = NULL;
974
975 iwl_mvm_reset_phy_ctxts(mvm);
976 memset(mvm->fw_key_table, 0, sizeof(mvm->fw_key_table));
977 memset(&mvm->last_bt_notif, 0, sizeof(mvm->last_bt_notif));
978 memset(&mvm->last_bt_ci_cmd, 0, sizeof(mvm->last_bt_ci_cmd));
979
980 ieee80211_wake_queues(mvm->hw);
981
982 mvm->rx_ba_sessions = 0;
983 mvm->fwrt.dump.conf = FW_DBG_INVALID;
984 mvm->monitor_on = false;
985
986 /* keep statistics ticking */
987 iwl_mvm_accu_radio_stats(mvm);
988}
989
990int __iwl_mvm_mac_start(struct iwl_mvm *mvm)
991{
992 int ret;
993
994 lockdep_assert_held(&mvm->mutex);
995
996 ret = iwl_mvm_mei_get_ownership(mvm);
997 if (ret)
998 return ret;
999
1000 if (mvm->mei_nvm_data) {
1001 /* We got the NIC, we can now free the MEI NVM data */
1002 kfree(mvm->mei_nvm_data);
1003 mvm->mei_nvm_data = NULL;
1004
1005 /*
1006 * We can't free the nvm_data we allocated based on the SAP
1007 * data because we registered to cfg80211 with the channels
1008 * allocated on mvm->nvm_data. Keep a pointer in temp_nvm_data
1009 * just in order to be able free it later.
1010 * NULLify nvm_data so that we will read the NVM from the
1011 * firmware this time.
1012 */
1013 mvm->temp_nvm_data = mvm->nvm_data;
1014 mvm->nvm_data = NULL;
1015 }
1016
1017 if (test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status)) {
1018 /*
1019 * Now convert the HW_RESTART_REQUESTED flag to IN_HW_RESTART
1020 * so later code will - from now on - see that we're doing it.
1021 */
1022 set_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status);
1023 clear_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status);
1024 /* Clean up some internal and mac80211 state on restart */
1025 iwl_mvm_restart_cleanup(mvm);
1026 }
1027 ret = iwl_mvm_up(mvm);
1028
1029 iwl_dbg_tlv_time_point(&mvm->fwrt, IWL_FW_INI_TIME_POINT_POST_INIT,
1030 NULL);
1031 iwl_dbg_tlv_time_point(&mvm->fwrt, IWL_FW_INI_TIME_POINT_PERIODIC,
1032 NULL);
1033
1034 mvm->last_reset_or_resume_time_jiffies = jiffies;
1035
1036 if (ret && test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
1037 /* Something went wrong - we need to finish some cleanup
1038 * that normally iwl_mvm_mac_restart_complete() below
1039 * would do.
1040 */
1041 clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status);
1042 }
1043
1044 return ret;
1045}
1046
1047static int iwl_mvm_mac_start(struct ieee80211_hw *hw)
1048{
1049 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1050 int ret;
1051 int retry, max_retry = 0;
1052
1053 mutex_lock(&mvm->mutex);
1054
1055 /* we are starting the mac not in error flow, and restart is enabled */
1056 if (!test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status) &&
1057 iwlwifi_mod_params.fw_restart) {
1058 max_retry = IWL_MAX_INIT_RETRY;
1059 /*
1060 * This will prevent mac80211 recovery flows to trigger during
1061 * init failures
1062 */
1063 set_bit(IWL_MVM_STATUS_STARTING, &mvm->status);
1064 }
1065
1066 for (retry = 0; retry <= max_retry; retry++) {
1067 ret = __iwl_mvm_mac_start(mvm);
1068 if (!ret)
1069 break;
1070
1071 /*
1072 * In PLDR sync PCI re-enumeration is needed. no point to retry
1073 * mac start before that.
1074 */
1075 if (mvm->pldr_sync) {
1076 iwl_mei_alive_notif(false);
1077 iwl_trans_pcie_remove(mvm->trans, true);
1078 break;
1079 }
1080
1081 IWL_ERR(mvm, "mac start retry %d\n", retry);
1082 }
1083 clear_bit(IWL_MVM_STATUS_STARTING, &mvm->status);
1084
1085 mutex_unlock(&mvm->mutex);
1086
1087 iwl_mvm_mei_set_sw_rfkill_state(mvm);
1088
1089 return ret;
1090}
1091
1092static void iwl_mvm_restart_complete(struct iwl_mvm *mvm)
1093{
1094 int ret;
1095
1096 mutex_lock(&mvm->mutex);
1097
1098 clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status);
1099
1100 ret = iwl_mvm_update_quotas(mvm, true, NULL);
1101 if (ret)
1102 IWL_ERR(mvm, "Failed to update quotas after restart (%d)\n",
1103 ret);
1104
1105 iwl_mvm_send_recovery_cmd(mvm, ERROR_RECOVERY_END_OF_RECOVERY);
1106
1107 /*
1108 * If we have TDLS peers, remove them. We don't know the last seqno/PN
1109 * of packets the FW sent out, so we must reconnect.
1110 */
1111 iwl_mvm_teardown_tdls_peers(mvm);
1112
1113 mutex_unlock(&mvm->mutex);
1114}
1115
1116static void
1117iwl_mvm_mac_reconfig_complete(struct ieee80211_hw *hw,
1118 enum ieee80211_reconfig_type reconfig_type)
1119{
1120 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1121
1122 switch (reconfig_type) {
1123 case IEEE80211_RECONFIG_TYPE_RESTART:
1124 iwl_mvm_restart_complete(mvm);
1125 break;
1126 case IEEE80211_RECONFIG_TYPE_SUSPEND:
1127 break;
1128 }
1129}
1130
1131void __iwl_mvm_mac_stop(struct iwl_mvm *mvm)
1132{
1133 lockdep_assert_held(&mvm->mutex);
1134
1135 iwl_mvm_ftm_initiator_smooth_stop(mvm);
1136
1137 /* firmware counters are obviously reset now, but we shouldn't
1138 * partially track so also clear the fw_reset_accu counters.
1139 */
1140 memset(&mvm->accu_radio_stats, 0, sizeof(mvm->accu_radio_stats));
1141
1142 /* async_handlers_wk is now blocked */
1143
1144 if (iwl_fw_lookup_cmd_ver(mvm->fw, ADD_STA, 0) < 12)
1145 iwl_mvm_rm_aux_sta(mvm);
1146
1147 iwl_mvm_stop_device(mvm);
1148
1149 iwl_mvm_async_handlers_purge(mvm);
1150 /* async_handlers_list is empty and will stay empty: HW is stopped */
1151
1152 /*
1153 * Clear IN_HW_RESTART and HW_RESTART_REQUESTED flag when stopping the
1154 * hw (as restart_complete() won't be called in this case) and mac80211
1155 * won't execute the restart.
1156 * But make sure to cleanup interfaces that have gone down before/during
1157 * HW restart was requested.
1158 */
1159 if (test_and_clear_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) ||
1160 test_and_clear_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED,
1161 &mvm->status))
1162 ieee80211_iterate_interfaces(mvm->hw, 0,
1163 iwl_mvm_cleanup_iterator, mvm);
1164
1165 /* We shouldn't have any UIDs still set. Loop over all the UIDs to
1166 * make sure there's nothing left there and warn if any is found.
1167 */
1168 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_UMAC_SCAN)) {
1169 int i;
1170
1171 for (i = 0; i < mvm->max_scans; i++) {
1172 if (WARN_ONCE(mvm->scan_uid_status[i],
1173 "UMAC scan UID %d status was not cleaned\n",
1174 i))
1175 mvm->scan_uid_status[i] = 0;
1176 }
1177 }
1178}
1179
1180static void iwl_mvm_mac_stop(struct ieee80211_hw *hw)
1181{
1182 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1183
1184 flush_work(&mvm->async_handlers_wk);
1185 flush_work(&mvm->add_stream_wk);
1186
1187 /*
1188 * Lock and clear the firmware running bit here already, so that
1189 * new commands coming in elsewhere, e.g. from debugfs, will not
1190 * be able to proceed. This is important here because one of those
1191 * debugfs files causes the firmware dump to be triggered, and if we
1192 * don't stop debugfs accesses before canceling that it could be
1193 * retriggered after we flush it but before we've cleared the bit.
1194 */
1195 clear_bit(IWL_MVM_STATUS_FIRMWARE_RUNNING, &mvm->status);
1196
1197 cancel_delayed_work_sync(&mvm->cs_tx_unblock_dwork);
1198 cancel_delayed_work_sync(&mvm->scan_timeout_dwork);
1199
1200 /*
1201 * The work item could be running or queued if the
1202 * ROC time event stops just as we get here.
1203 */
1204 flush_work(&mvm->roc_done_wk);
1205
1206 iwl_mvm_mei_set_sw_rfkill_state(mvm);
1207
1208 mutex_lock(&mvm->mutex);
1209 __iwl_mvm_mac_stop(mvm);
1210 mutex_unlock(&mvm->mutex);
1211
1212 /*
1213 * The worker might have been waiting for the mutex, let it run and
1214 * discover that its list is now empty.
1215 */
1216 cancel_work_sync(&mvm->async_handlers_wk);
1217}
1218
1219static struct iwl_mvm_phy_ctxt *iwl_mvm_get_free_phy_ctxt(struct iwl_mvm *mvm)
1220{
1221 u16 i;
1222
1223 lockdep_assert_held(&mvm->mutex);
1224
1225 for (i = 0; i < NUM_PHY_CTX; i++)
1226 if (!mvm->phy_ctxts[i].ref)
1227 return &mvm->phy_ctxts[i];
1228
1229 IWL_ERR(mvm, "No available PHY context\n");
1230 return NULL;
1231}
1232
1233static int iwl_mvm_set_tx_power(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1234 s16 tx_power)
1235{
1236 u32 cmd_id = REDUCE_TX_POWER_CMD;
1237 int len;
1238 struct iwl_dev_tx_power_cmd cmd = {
1239 .common.set_mode = cpu_to_le32(IWL_TX_POWER_MODE_SET_MAC),
1240 .common.mac_context_id =
1241 cpu_to_le32(iwl_mvm_vif_from_mac80211(vif)->id),
1242 .common.pwr_restriction = cpu_to_le16(8 * tx_power),
1243 };
1244 u8 cmd_ver = iwl_fw_lookup_cmd_ver(mvm->fw, cmd_id,
1245 IWL_FW_CMD_VER_UNKNOWN);
1246
1247 if (tx_power == IWL_DEFAULT_MAX_TX_POWER)
1248 cmd.common.pwr_restriction = cpu_to_le16(IWL_DEV_MAX_TX_POWER);
1249
1250 if (cmd_ver == 7)
1251 len = sizeof(cmd.v7);
1252 else if (cmd_ver == 6)
1253 len = sizeof(cmd.v6);
1254 else if (fw_has_api(&mvm->fw->ucode_capa,
1255 IWL_UCODE_TLV_API_REDUCE_TX_POWER))
1256 len = sizeof(cmd.v5);
1257 else if (fw_has_capa(&mvm->fw->ucode_capa,
1258 IWL_UCODE_TLV_CAPA_TX_POWER_ACK))
1259 len = sizeof(cmd.v4);
1260 else
1261 len = sizeof(cmd.v3);
1262
1263 /* all structs have the same common part, add it */
1264 len += sizeof(cmd.common);
1265
1266 return iwl_mvm_send_cmd_pdu(mvm, cmd_id, 0, len, &cmd);
1267}
1268
1269static int iwl_mvm_post_channel_switch(struct ieee80211_hw *hw,
1270 struct ieee80211_vif *vif)
1271{
1272 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1273 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1274 int ret;
1275
1276 mutex_lock(&mvm->mutex);
1277
1278 if (vif->type == NL80211_IFTYPE_STATION) {
1279 struct iwl_mvm_sta *mvmsta;
1280
1281 mvmvif->csa_bcn_pending = false;
1282 mvmsta = iwl_mvm_sta_from_staid_protected(mvm,
1283 mvmvif->ap_sta_id);
1284
1285 if (WARN_ON(!mvmsta)) {
1286 ret = -EIO;
1287 goto out_unlock;
1288 }
1289
1290 iwl_mvm_sta_modify_disable_tx(mvm, mvmsta, false);
1291
1292 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
1293
1294 if (!fw_has_capa(&mvm->fw->ucode_capa,
1295 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) {
1296 ret = iwl_mvm_enable_beacon_filter(mvm, vif, 0);
1297 if (ret)
1298 goto out_unlock;
1299
1300 iwl_mvm_stop_session_protection(mvm, vif);
1301 }
1302 }
1303
1304 mvmvif->ps_disabled = false;
1305
1306 ret = iwl_mvm_power_update_ps(mvm);
1307
1308out_unlock:
1309 if (mvmvif->csa_failed)
1310 ret = -EIO;
1311 mutex_unlock(&mvm->mutex);
1312
1313 return ret;
1314}
1315
1316static void iwl_mvm_abort_channel_switch(struct ieee80211_hw *hw,
1317 struct ieee80211_vif *vif)
1318{
1319 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1320 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1321 struct iwl_chan_switch_te_cmd cmd = {
1322 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id,
1323 mvmvif->color)),
1324 .action = cpu_to_le32(FW_CTXT_ACTION_REMOVE),
1325 };
1326
1327 /*
1328 * In the new flow since FW is in charge of the timing,
1329 * if driver has canceled the channel switch he will receive the
1330 * CHANNEL_SWITCH_START_NOTIF notification from FW and then cancel it
1331 */
1332 if (iwl_fw_lookup_notif_ver(mvm->fw, MAC_CONF_GROUP,
1333 CHANNEL_SWITCH_ERROR_NOTIF, 0))
1334 return;
1335
1336 IWL_DEBUG_MAC80211(mvm, "Abort CSA on mac %d\n", mvmvif->id);
1337
1338 mutex_lock(&mvm->mutex);
1339 if (!fw_has_capa(&mvm->fw->ucode_capa,
1340 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD))
1341 iwl_mvm_remove_csa_period(mvm, vif);
1342 else
1343 WARN_ON(iwl_mvm_send_cmd_pdu(mvm,
1344 WIDE_ID(MAC_CONF_GROUP,
1345 CHANNEL_SWITCH_TIME_EVENT_CMD),
1346 0, sizeof(cmd), &cmd));
1347 mvmvif->csa_failed = true;
1348 mutex_unlock(&mvm->mutex);
1349
1350 iwl_mvm_post_channel_switch(hw, vif);
1351}
1352
1353static void iwl_mvm_channel_switch_disconnect_wk(struct work_struct *wk)
1354{
1355 struct iwl_mvm_vif *mvmvif;
1356 struct ieee80211_vif *vif;
1357
1358 mvmvif = container_of(wk, struct iwl_mvm_vif, csa_work.work);
1359 vif = container_of((void *)mvmvif, struct ieee80211_vif, drv_priv);
1360
1361 /* Trigger disconnect (should clear the CSA state) */
1362 ieee80211_chswitch_done(vif, false);
1363}
1364
1365static int iwl_mvm_mac_add_interface(struct ieee80211_hw *hw,
1366 struct ieee80211_vif *vif)
1367{
1368 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1369 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1370 int ret;
1371
1372 mvmvif->mvm = mvm;
1373 RCU_INIT_POINTER(mvmvif->probe_resp_data, NULL);
1374
1375 /*
1376 * Not much to do here. The stack will not allow interface
1377 * types or combinations that we didn't advertise, so we
1378 * don't really have to check the types.
1379 */
1380
1381 mutex_lock(&mvm->mutex);
1382
1383 /* make sure that beacon statistics don't go backwards with FW reset */
1384 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status))
1385 mvmvif->beacon_stats.accu_num_beacons +=
1386 mvmvif->beacon_stats.num_beacons;
1387
1388 /* Allocate resources for the MAC context, and add it to the fw */
1389 ret = iwl_mvm_mac_ctxt_init(mvm, vif);
1390 if (ret)
1391 goto out_unlock;
1392
1393 rcu_assign_pointer(mvm->vif_id_to_mac[mvmvif->id], vif);
1394
1395 /*
1396 * The AP binding flow can be done only after the beacon
1397 * template is configured (which happens only in the mac80211
1398 * start_ap() flow), and adding the broadcast station can happen
1399 * only after the binding.
1400 * In addition, since modifying the MAC before adding a bcast
1401 * station is not allowed by the FW, delay the adding of MAC context to
1402 * the point where we can also add the bcast station.
1403 * In short: there's not much we can do at this point, other than
1404 * allocating resources :)
1405 */
1406 if (vif->type == NL80211_IFTYPE_AP ||
1407 vif->type == NL80211_IFTYPE_ADHOC) {
1408 ret = iwl_mvm_alloc_bcast_sta(mvm, vif);
1409 if (ret) {
1410 IWL_ERR(mvm, "Failed to allocate bcast sta\n");
1411 goto out_unlock;
1412 }
1413
1414 /*
1415 * Only queue for this station is the mcast queue,
1416 * which shouldn't be in TFD mask anyway
1417 */
1418 ret = iwl_mvm_allocate_int_sta(mvm, &mvmvif->mcast_sta,
1419 0, vif->type,
1420 IWL_STA_MULTICAST);
1421 if (ret)
1422 goto out_unlock;
1423
1424 iwl_mvm_vif_dbgfs_register(mvm, vif);
1425 goto out_unlock;
1426 }
1427
1428 mvmvif->features |= hw->netdev_features;
1429
1430 ret = iwl_mvm_mac_ctxt_add(mvm, vif);
1431 if (ret)
1432 goto out_unlock;
1433
1434 ret = iwl_mvm_power_update_mac(mvm);
1435 if (ret)
1436 goto out_remove_mac;
1437
1438 /* beacon filtering */
1439 ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0);
1440 if (ret)
1441 goto out_remove_mac;
1442
1443 if (!mvm->bf_allowed_vif &&
1444 vif->type == NL80211_IFTYPE_STATION && !vif->p2p) {
1445 mvm->bf_allowed_vif = mvmvif;
1446 vif->driver_flags |= IEEE80211_VIF_BEACON_FILTER |
1447 IEEE80211_VIF_SUPPORTS_CQM_RSSI;
1448 }
1449
1450 /*
1451 * P2P_DEVICE interface does not have a channel context assigned to it,
1452 * so a dedicated PHY context is allocated to it and the corresponding
1453 * MAC context is bound to it at this stage.
1454 */
1455 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) {
1456
1457 mvmvif->phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm);
1458 if (!mvmvif->phy_ctxt) {
1459 ret = -ENOSPC;
1460 goto out_free_bf;
1461 }
1462
1463 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt);
1464 ret = iwl_mvm_binding_add_vif(mvm, vif);
1465 if (ret)
1466 goto out_unref_phy;
1467
1468 ret = iwl_mvm_add_p2p_bcast_sta(mvm, vif);
1469 if (ret)
1470 goto out_unbind;
1471
1472 /* Save a pointer to p2p device vif, so it can later be used to
1473 * update the p2p device MAC when a GO is started/stopped */
1474 mvm->p2p_device_vif = vif;
1475 }
1476
1477 iwl_mvm_tcm_add_vif(mvm, vif);
1478 INIT_DELAYED_WORK(&mvmvif->csa_work,
1479 iwl_mvm_channel_switch_disconnect_wk);
1480
1481 if (vif->type == NL80211_IFTYPE_MONITOR)
1482 mvm->monitor_on = true;
1483
1484 iwl_mvm_vif_dbgfs_register(mvm, vif);
1485
1486 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) &&
1487 vif->type == NL80211_IFTYPE_STATION && !vif->p2p &&
1488 !mvm->csme_vif && mvm->mei_registered) {
1489 iwl_mei_set_nic_info(vif->addr, mvm->nvm_data->hw_addr);
1490 iwl_mei_set_netdev(ieee80211_vif_to_wdev(vif)->netdev);
1491 mvm->csme_vif = vif;
1492 }
1493
1494 goto out_unlock;
1495
1496 out_unbind:
1497 iwl_mvm_binding_remove_vif(mvm, vif);
1498 out_unref_phy:
1499 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt);
1500 out_free_bf:
1501 if (mvm->bf_allowed_vif == mvmvif) {
1502 mvm->bf_allowed_vif = NULL;
1503 vif->driver_flags &= ~(IEEE80211_VIF_BEACON_FILTER |
1504 IEEE80211_VIF_SUPPORTS_CQM_RSSI);
1505 }
1506 out_remove_mac:
1507 mvmvif->phy_ctxt = NULL;
1508 iwl_mvm_mac_ctxt_remove(mvm, vif);
1509 out_unlock:
1510 mutex_unlock(&mvm->mutex);
1511
1512 return ret;
1513}
1514
1515static void iwl_mvm_prepare_mac_removal(struct iwl_mvm *mvm,
1516 struct ieee80211_vif *vif)
1517{
1518 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) {
1519 /*
1520 * Flush the ROC worker which will flush the OFFCHANNEL queue.
1521 * We assume here that all the packets sent to the OFFCHANNEL
1522 * queue are sent in ROC session.
1523 */
1524 flush_work(&mvm->roc_done_wk);
1525 }
1526}
1527
1528static void iwl_mvm_mac_remove_interface(struct ieee80211_hw *hw,
1529 struct ieee80211_vif *vif)
1530{
1531 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1532 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1533 struct iwl_probe_resp_data *probe_data;
1534
1535 iwl_mvm_prepare_mac_removal(mvm, vif);
1536
1537 if (!(vif->type == NL80211_IFTYPE_AP ||
1538 vif->type == NL80211_IFTYPE_ADHOC))
1539 iwl_mvm_tcm_rm_vif(mvm, vif);
1540
1541 mutex_lock(&mvm->mutex);
1542
1543 if (vif == mvm->csme_vif) {
1544 iwl_mei_set_netdev(NULL);
1545 mvm->csme_vif = NULL;
1546 }
1547
1548 probe_data = rcu_dereference_protected(mvmvif->probe_resp_data,
1549 lockdep_is_held(&mvm->mutex));
1550 RCU_INIT_POINTER(mvmvif->probe_resp_data, NULL);
1551 if (probe_data)
1552 kfree_rcu(probe_data, rcu_head);
1553
1554 if (mvm->bf_allowed_vif == mvmvif) {
1555 mvm->bf_allowed_vif = NULL;
1556 vif->driver_flags &= ~(IEEE80211_VIF_BEACON_FILTER |
1557 IEEE80211_VIF_SUPPORTS_CQM_RSSI);
1558 }
1559
1560 if (vif->bss_conf.ftm_responder)
1561 memset(&mvm->ftm_resp_stats, 0, sizeof(mvm->ftm_resp_stats));
1562
1563 iwl_mvm_vif_dbgfs_clean(mvm, vif);
1564
1565 /*
1566 * For AP/GO interface, the tear down of the resources allocated to the
1567 * interface is be handled as part of the stop_ap flow.
1568 */
1569 if (vif->type == NL80211_IFTYPE_AP ||
1570 vif->type == NL80211_IFTYPE_ADHOC) {
1571#ifdef CONFIG_NL80211_TESTMODE
1572 if (vif == mvm->noa_vif) {
1573 mvm->noa_vif = NULL;
1574 mvm->noa_duration = 0;
1575 }
1576#endif
1577 iwl_mvm_dealloc_int_sta(mvm, &mvmvif->mcast_sta);
1578 iwl_mvm_dealloc_bcast_sta(mvm, vif);
1579 goto out_release;
1580 }
1581
1582 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) {
1583 mvm->p2p_device_vif = NULL;
1584 iwl_mvm_rm_p2p_bcast_sta(mvm, vif);
1585 iwl_mvm_binding_remove_vif(mvm, vif);
1586 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt);
1587 mvmvif->phy_ctxt = NULL;
1588 }
1589
1590 iwl_mvm_power_update_mac(mvm);
1591 iwl_mvm_mac_ctxt_remove(mvm, vif);
1592
1593 RCU_INIT_POINTER(mvm->vif_id_to_mac[mvmvif->id], NULL);
1594
1595 if (vif->type == NL80211_IFTYPE_MONITOR)
1596 mvm->monitor_on = false;
1597
1598out_release:
1599 mutex_unlock(&mvm->mutex);
1600}
1601
1602static int iwl_mvm_mac_config(struct ieee80211_hw *hw, u32 changed)
1603{
1604 return 0;
1605}
1606
1607struct iwl_mvm_mc_iter_data {
1608 struct iwl_mvm *mvm;
1609 int port_id;
1610};
1611
1612static void iwl_mvm_mc_iface_iterator(void *_data, u8 *mac,
1613 struct ieee80211_vif *vif)
1614{
1615 struct iwl_mvm_mc_iter_data *data = _data;
1616 struct iwl_mvm *mvm = data->mvm;
1617 struct iwl_mcast_filter_cmd *cmd = mvm->mcast_filter_cmd;
1618 struct iwl_host_cmd hcmd = {
1619 .id = MCAST_FILTER_CMD,
1620 .flags = CMD_ASYNC,
1621 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
1622 };
1623 int ret, len;
1624
1625 /* if we don't have free ports, mcast frames will be dropped */
1626 if (WARN_ON_ONCE(data->port_id >= MAX_PORT_ID_NUM))
1627 return;
1628
1629 if (vif->type != NL80211_IFTYPE_STATION ||
1630 !vif->cfg.assoc)
1631 return;
1632
1633 cmd->port_id = data->port_id++;
1634 memcpy(cmd->bssid, vif->bss_conf.bssid, ETH_ALEN);
1635 len = roundup(sizeof(*cmd) + cmd->count * ETH_ALEN, 4);
1636
1637 hcmd.len[0] = len;
1638 hcmd.data[0] = cmd;
1639
1640 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1641 if (ret)
1642 IWL_ERR(mvm, "mcast filter cmd error. ret=%d\n", ret);
1643}
1644
1645static void iwl_mvm_recalc_multicast(struct iwl_mvm *mvm)
1646{
1647 struct iwl_mvm_mc_iter_data iter_data = {
1648 .mvm = mvm,
1649 };
1650 int ret;
1651
1652 lockdep_assert_held(&mvm->mutex);
1653
1654 if (WARN_ON_ONCE(!mvm->mcast_filter_cmd))
1655 return;
1656
1657 ieee80211_iterate_active_interfaces_atomic(
1658 mvm->hw, IEEE80211_IFACE_ITER_NORMAL,
1659 iwl_mvm_mc_iface_iterator, &iter_data);
1660
1661 /*
1662 * Send a (synchronous) ech command so that we wait for the
1663 * multiple asynchronous MCAST_FILTER_CMD commands sent by
1664 * the interface iterator. Otherwise, we might get here over
1665 * and over again (by userspace just sending a lot of these)
1666 * and the CPU can send them faster than the firmware can
1667 * process them.
1668 * Note that the CPU is still faster - but with this we'll
1669 * actually send fewer commands overall because the CPU will
1670 * not schedule the work in mac80211 as frequently if it's
1671 * still running when rescheduled (possibly multiple times).
1672 */
1673 ret = iwl_mvm_send_cmd_pdu(mvm, ECHO_CMD, 0, 0, NULL);
1674 if (ret)
1675 IWL_ERR(mvm, "Failed to synchronize multicast groups update\n");
1676}
1677
1678static u64 iwl_mvm_prepare_multicast(struct ieee80211_hw *hw,
1679 struct netdev_hw_addr_list *mc_list)
1680{
1681 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1682 struct iwl_mcast_filter_cmd *cmd;
1683 struct netdev_hw_addr *addr;
1684 int addr_count;
1685 bool pass_all;
1686 int len;
1687
1688 addr_count = netdev_hw_addr_list_count(mc_list);
1689 pass_all = addr_count > MAX_MCAST_FILTERING_ADDRESSES ||
1690 IWL_MVM_FW_MCAST_FILTER_PASS_ALL;
1691 if (pass_all)
1692 addr_count = 0;
1693
1694 len = roundup(sizeof(*cmd) + addr_count * ETH_ALEN, 4);
1695 cmd = kzalloc(len, GFP_ATOMIC);
1696 if (!cmd)
1697 return 0;
1698
1699 if (pass_all) {
1700 cmd->pass_all = 1;
1701 return (u64)(unsigned long)cmd;
1702 }
1703
1704 netdev_hw_addr_list_for_each(addr, mc_list) {
1705 IWL_DEBUG_MAC80211(mvm, "mcast addr (%d): %pM\n",
1706 cmd->count, addr->addr);
1707 memcpy(&cmd->addr_list[cmd->count * ETH_ALEN],
1708 addr->addr, ETH_ALEN);
1709 cmd->count++;
1710 }
1711
1712 return (u64)(unsigned long)cmd;
1713}
1714
1715static void iwl_mvm_configure_filter(struct ieee80211_hw *hw,
1716 unsigned int changed_flags,
1717 unsigned int *total_flags,
1718 u64 multicast)
1719{
1720 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1721 struct iwl_mcast_filter_cmd *cmd = (void *)(unsigned long)multicast;
1722
1723 mutex_lock(&mvm->mutex);
1724
1725 /* replace previous configuration */
1726 kfree(mvm->mcast_filter_cmd);
1727 mvm->mcast_filter_cmd = cmd;
1728
1729 if (!cmd)
1730 goto out;
1731
1732 if (changed_flags & FIF_ALLMULTI)
1733 cmd->pass_all = !!(*total_flags & FIF_ALLMULTI);
1734
1735 if (cmd->pass_all)
1736 cmd->count = 0;
1737
1738 iwl_mvm_recalc_multicast(mvm);
1739out:
1740 mutex_unlock(&mvm->mutex);
1741 *total_flags = 0;
1742}
1743
1744static void iwl_mvm_config_iface_filter(struct ieee80211_hw *hw,
1745 struct ieee80211_vif *vif,
1746 unsigned int filter_flags,
1747 unsigned int changed_flags)
1748{
1749 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
1750
1751 /* We support only filter for probe requests */
1752 if (!(changed_flags & FIF_PROBE_REQ))
1753 return;
1754
1755 /* Supported only for p2p client interfaces */
1756 if (vif->type != NL80211_IFTYPE_STATION || !vif->cfg.assoc ||
1757 !vif->p2p)
1758 return;
1759
1760 mutex_lock(&mvm->mutex);
1761 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
1762 mutex_unlock(&mvm->mutex);
1763}
1764
1765static int iwl_mvm_update_mu_groups(struct iwl_mvm *mvm,
1766 struct ieee80211_vif *vif)
1767{
1768 struct iwl_mu_group_mgmt_cmd cmd = {};
1769
1770 memcpy(cmd.membership_status, vif->bss_conf.mu_group.membership,
1771 WLAN_MEMBERSHIP_LEN);
1772 memcpy(cmd.user_position, vif->bss_conf.mu_group.position,
1773 WLAN_USER_POSITION_LEN);
1774
1775 return iwl_mvm_send_cmd_pdu(mvm,
1776 WIDE_ID(DATA_PATH_GROUP,
1777 UPDATE_MU_GROUPS_CMD),
1778 0, sizeof(cmd), &cmd);
1779}
1780
1781static void iwl_mvm_mu_mimo_iface_iterator(void *_data, u8 *mac,
1782 struct ieee80211_vif *vif)
1783{
1784 if (vif->bss_conf.mu_mimo_owner) {
1785 struct iwl_mu_group_mgmt_notif *notif = _data;
1786
1787 /*
1788 * MU-MIMO Group Id action frame is little endian. We treat
1789 * the data received from firmware as if it came from the
1790 * action frame, so no conversion is needed.
1791 */
1792 ieee80211_update_mu_groups(vif, 0,
1793 (u8 *)¬if->membership_status,
1794 (u8 *)¬if->user_position);
1795 }
1796}
1797
1798void iwl_mvm_mu_mimo_grp_notif(struct iwl_mvm *mvm,
1799 struct iwl_rx_cmd_buffer *rxb)
1800{
1801 struct iwl_rx_packet *pkt = rxb_addr(rxb);
1802 struct iwl_mu_group_mgmt_notif *notif = (void *)pkt->data;
1803
1804 ieee80211_iterate_active_interfaces_atomic(
1805 mvm->hw, IEEE80211_IFACE_ITER_NORMAL,
1806 iwl_mvm_mu_mimo_iface_iterator, notif);
1807}
1808
1809static u8 iwl_mvm_he_get_ppe_val(u8 *ppe, u8 ppe_pos_bit)
1810{
1811 u8 byte_num = ppe_pos_bit / 8;
1812 u8 bit_num = ppe_pos_bit % 8;
1813 u8 residue_bits;
1814 u8 res;
1815
1816 if (bit_num <= 5)
1817 return (ppe[byte_num] >> bit_num) &
1818 (BIT(IEEE80211_PPE_THRES_INFO_PPET_SIZE) - 1);
1819
1820 /*
1821 * If bit_num > 5, we have to combine bits with next byte.
1822 * Calculate how many bits we need to take from current byte (called
1823 * here "residue_bits"), and add them to bits from next byte.
1824 */
1825
1826 residue_bits = 8 - bit_num;
1827
1828 res = (ppe[byte_num + 1] &
1829 (BIT(IEEE80211_PPE_THRES_INFO_PPET_SIZE - residue_bits) - 1)) <<
1830 residue_bits;
1831 res += (ppe[byte_num] >> bit_num) & (BIT(residue_bits) - 1);
1832
1833 return res;
1834}
1835
1836static void iwl_mvm_parse_ppe(struct iwl_mvm *mvm,
1837 struct iwl_he_pkt_ext_v2 *pkt_ext, u8 nss,
1838 u8 ru_index_bitmap, u8 *ppe, u8 ppe_pos_bit,
1839 bool inheritance)
1840{
1841 int i;
1842
1843 /*
1844 * FW currently supports only nss == MAX_HE_SUPP_NSS
1845 *
1846 * If nss > MAX: we can ignore values we don't support
1847 * If nss < MAX: we can set zeros in other streams
1848 */
1849 if (nss > MAX_HE_SUPP_NSS) {
1850 IWL_DEBUG_INFO(mvm, "Got NSS = %d - trimming to %d\n", nss,
1851 MAX_HE_SUPP_NSS);
1852 nss = MAX_HE_SUPP_NSS;
1853 }
1854
1855 for (i = 0; i < nss; i++) {
1856 u8 ru_index_tmp = ru_index_bitmap << 1;
1857 u8 low_th = IWL_HE_PKT_EXT_NONE, high_th = IWL_HE_PKT_EXT_NONE;
1858 u8 bw;
1859
1860 for (bw = 0;
1861 bw < ARRAY_SIZE(pkt_ext->pkt_ext_qam_th[i]);
1862 bw++) {
1863 ru_index_tmp >>= 1;
1864
1865 /*
1866 * According to the 11be spec, if for a specific BW the PPE Thresholds
1867 * isn't present - it should inherit the thresholds from the last
1868 * BW for which we had PPE Thresholds. In 11ax though, we don't have
1869 * this inheritance - continue in this case
1870 */
1871 if (!(ru_index_tmp & 1)) {
1872 if (inheritance)
1873 goto set_thresholds;
1874 else
1875 continue;
1876 }
1877
1878 high_th = iwl_mvm_he_get_ppe_val(ppe, ppe_pos_bit);
1879 ppe_pos_bit += IEEE80211_PPE_THRES_INFO_PPET_SIZE;
1880 low_th = iwl_mvm_he_get_ppe_val(ppe, ppe_pos_bit);
1881 ppe_pos_bit += IEEE80211_PPE_THRES_INFO_PPET_SIZE;
1882
1883set_thresholds:
1884 pkt_ext->pkt_ext_qam_th[i][bw][0] = low_th;
1885 pkt_ext->pkt_ext_qam_th[i][bw][1] = high_th;
1886 }
1887 }
1888}
1889
1890static void iwl_mvm_set_pkt_ext_from_he_ppe(struct iwl_mvm *mvm,
1891 struct ieee80211_sta *sta,
1892 struct iwl_he_pkt_ext_v2 *pkt_ext,
1893 bool inheritance)
1894{
1895 u8 nss = (sta->deflink.he_cap.ppe_thres[0] & IEEE80211_PPE_THRES_NSS_MASK) + 1;
1896 u8 *ppe = &sta->deflink.he_cap.ppe_thres[0];
1897 u8 ru_index_bitmap =
1898 u8_get_bits(*ppe,
1899 IEEE80211_PPE_THRES_RU_INDEX_BITMASK_MASK);
1900 /* Starting after PPE header */
1901 u8 ppe_pos_bit = IEEE80211_HE_PPE_THRES_INFO_HEADER_SIZE;
1902
1903 iwl_mvm_parse_ppe(mvm, pkt_ext, nss, ru_index_bitmap, ppe, ppe_pos_bit,
1904 inheritance);
1905}
1906
1907static void iwl_mvm_set_pkt_ext_from_nominal_padding(struct iwl_he_pkt_ext_v2 *pkt_ext,
1908 u8 nominal_padding,
1909 u32 *flags)
1910{
1911 int low_th = -1;
1912 int high_th = -1;
1913 int i;
1914
1915 /* all the macros are the same for EHT and HE */
1916 switch (nominal_padding) {
1917 case IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_0US:
1918 low_th = IWL_HE_PKT_EXT_NONE;
1919 high_th = IWL_HE_PKT_EXT_NONE;
1920 break;
1921 case IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_8US:
1922 low_th = IWL_HE_PKT_EXT_BPSK;
1923 high_th = IWL_HE_PKT_EXT_NONE;
1924 break;
1925 case IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_16US:
1926 case IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_20US:
1927 low_th = IWL_HE_PKT_EXT_NONE;
1928 high_th = IWL_HE_PKT_EXT_BPSK;
1929 break;
1930 }
1931
1932 /* Set the PPE thresholds accordingly */
1933 if (low_th >= 0 && high_th >= 0) {
1934 for (i = 0; i < MAX_HE_SUPP_NSS; i++) {
1935 u8 bw;
1936
1937 for (bw = 0;
1938 bw < ARRAY_SIZE(pkt_ext->pkt_ext_qam_th[i]);
1939 bw++) {
1940 pkt_ext->pkt_ext_qam_th[i][bw][0] = low_th;
1941 pkt_ext->pkt_ext_qam_th[i][bw][1] = high_th;
1942 }
1943 }
1944
1945 *flags |= STA_CTXT_HE_PACKET_EXT;
1946 }
1947}
1948
1949static void iwl_mvm_get_optimal_ppe_info(struct iwl_he_pkt_ext_v2 *pkt_ext,
1950 u8 nominal_padding)
1951{
1952 int i;
1953
1954 for (i = 0; i < MAX_HE_SUPP_NSS; i++) {
1955 u8 bw;
1956
1957 for (bw = 0; bw < ARRAY_SIZE(pkt_ext->pkt_ext_qam_th[i]);
1958 bw++) {
1959 u8 *qam_th = &pkt_ext->pkt_ext_qam_th[i][bw][0];
1960
1961 if (nominal_padding >
1962 IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_8US &&
1963 qam_th[1] == IWL_HE_PKT_EXT_NONE)
1964 qam_th[1] = IWL_HE_PKT_EXT_4096QAM;
1965 else if (nominal_padding ==
1966 IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_8US &&
1967 qam_th[0] == IWL_HE_PKT_EXT_NONE &&
1968 qam_th[1] == IWL_HE_PKT_EXT_NONE)
1969 qam_th[0] = IWL_HE_PKT_EXT_4096QAM;
1970 }
1971 }
1972}
1973
1974static void iwl_mvm_cfg_he_sta(struct iwl_mvm *mvm,
1975 struct ieee80211_vif *vif, u8 sta_id)
1976{
1977 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
1978 struct iwl_he_sta_context_cmd_v3 sta_ctxt_cmd = {
1979 .sta_id = sta_id,
1980 .tid_limit = IWL_MAX_TID_COUNT,
1981 .bss_color = vif->bss_conf.he_bss_color.color,
1982 .htc_trig_based_pkt_ext = vif->bss_conf.htc_trig_based_pkt_ext,
1983 .frame_time_rts_th =
1984 cpu_to_le16(vif->bss_conf.frame_time_rts_th),
1985 };
1986 struct iwl_he_sta_context_cmd_v2 sta_ctxt_cmd_v2 = {};
1987 u32 cmd_id = WIDE_ID(DATA_PATH_GROUP, STA_HE_CTXT_CMD);
1988 u8 ver = iwl_fw_lookup_cmd_ver(mvm->fw, cmd_id, 2);
1989 int size;
1990 struct ieee80211_sta *sta;
1991 u32 flags;
1992 int i;
1993 const struct ieee80211_sta_he_cap *own_he_cap = NULL;
1994 struct ieee80211_chanctx_conf *chanctx_conf;
1995 const struct ieee80211_supported_band *sband;
1996 void *cmd;
1997 u8 nominal_padding;
1998
1999 if (!fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_MBSSID_HE))
2000 ver = 1;
2001
2002 switch (ver) {
2003 case 1:
2004 /* same layout as v2 except some data at the end */
2005 cmd = &sta_ctxt_cmd_v2;
2006 size = sizeof(struct iwl_he_sta_context_cmd_v1);
2007 break;
2008 case 2:
2009 cmd = &sta_ctxt_cmd_v2;
2010 size = sizeof(struct iwl_he_sta_context_cmd_v2);
2011 break;
2012 case 3:
2013 cmd = &sta_ctxt_cmd;
2014 size = sizeof(struct iwl_he_sta_context_cmd_v3);
2015 break;
2016 default:
2017 IWL_ERR(mvm, "bad STA_HE_CTXT_CMD version %d\n", ver);
2018 return;
2019 }
2020
2021 rcu_read_lock();
2022
2023 chanctx_conf = rcu_dereference(vif->bss_conf.chanctx_conf);
2024 if (WARN_ON(!chanctx_conf)) {
2025 rcu_read_unlock();
2026 return;
2027 }
2028
2029 sband = mvm->hw->wiphy->bands[chanctx_conf->def.chan->band];
2030 own_he_cap = ieee80211_get_he_iftype_cap(sband,
2031 ieee80211_vif_type_p2p(vif));
2032
2033 sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_ctxt_cmd.sta_id]);
2034 if (IS_ERR_OR_NULL(sta)) {
2035 rcu_read_unlock();
2036 WARN(1, "Can't find STA to configure HE\n");
2037 return;
2038 }
2039
2040 if (!sta->deflink.he_cap.has_he) {
2041 rcu_read_unlock();
2042 return;
2043 }
2044
2045 flags = 0;
2046
2047 /* Block 26-tone RU OFDMA transmissions */
2048 if (mvmvif->he_ru_2mhz_block)
2049 flags |= STA_CTXT_HE_RU_2MHZ_BLOCK;
2050
2051 /* HTC flags */
2052 if (sta->deflink.he_cap.he_cap_elem.mac_cap_info[0] &
2053 IEEE80211_HE_MAC_CAP0_HTC_HE)
2054 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_SUPPORT);
2055 if ((sta->deflink.he_cap.he_cap_elem.mac_cap_info[1] &
2056 IEEE80211_HE_MAC_CAP1_LINK_ADAPTATION) ||
2057 (sta->deflink.he_cap.he_cap_elem.mac_cap_info[2] &
2058 IEEE80211_HE_MAC_CAP2_LINK_ADAPTATION)) {
2059 u8 link_adap =
2060 ((sta->deflink.he_cap.he_cap_elem.mac_cap_info[2] &
2061 IEEE80211_HE_MAC_CAP2_LINK_ADAPTATION) << 1) +
2062 (sta->deflink.he_cap.he_cap_elem.mac_cap_info[1] &
2063 IEEE80211_HE_MAC_CAP1_LINK_ADAPTATION);
2064
2065 if (link_adap == 2)
2066 sta_ctxt_cmd.htc_flags |=
2067 cpu_to_le32(IWL_HE_HTC_LINK_ADAP_UNSOLICITED);
2068 else if (link_adap == 3)
2069 sta_ctxt_cmd.htc_flags |=
2070 cpu_to_le32(IWL_HE_HTC_LINK_ADAP_BOTH);
2071 }
2072 if (sta->deflink.he_cap.he_cap_elem.mac_cap_info[2] & IEEE80211_HE_MAC_CAP2_BSR)
2073 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_BSR_SUPP);
2074 if (sta->deflink.he_cap.he_cap_elem.mac_cap_info[3] &
2075 IEEE80211_HE_MAC_CAP3_OMI_CONTROL)
2076 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_OMI_SUPP);
2077 if (sta->deflink.he_cap.he_cap_elem.mac_cap_info[4] & IEEE80211_HE_MAC_CAP4_BQR)
2078 sta_ctxt_cmd.htc_flags |= cpu_to_le32(IWL_HE_HTC_BQR_SUPP);
2079
2080 /*
2081 * Initialize the PPE thresholds to "None" (7), as described in Table
2082 * 9-262ac of 80211.ax/D3.0.
2083 */
2084 memset(&sta_ctxt_cmd.pkt_ext, IWL_HE_PKT_EXT_NONE,
2085 sizeof(sta_ctxt_cmd.pkt_ext));
2086
2087 if (sta->deflink.eht_cap.has_eht) {
2088 nominal_padding =
2089 u8_get_bits(sta->deflink.eht_cap.eht_cap_elem.phy_cap_info[5],
2090 IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_MASK);
2091
2092 /* If PPE Thresholds exists, parse them into a FW-familiar format. */
2093 if (sta->deflink.eht_cap.eht_cap_elem.phy_cap_info[5] &
2094 IEEE80211_EHT_PHY_CAP5_PPE_THRESHOLD_PRESENT) {
2095 u8 nss = (sta->deflink.eht_cap.eht_ppe_thres[0] &
2096 IEEE80211_EHT_PPE_THRES_NSS_MASK) + 1;
2097 u8 *ppe = &sta->deflink.eht_cap.eht_ppe_thres[0];
2098 u8 ru_index_bitmap =
2099 u16_get_bits(*ppe,
2100 IEEE80211_EHT_PPE_THRES_RU_INDEX_BITMASK_MASK);
2101 /* Starting after PPE header */
2102 u8 ppe_pos_bit = IEEE80211_EHT_PPE_THRES_INFO_HEADER_SIZE;
2103
2104 iwl_mvm_parse_ppe(mvm,
2105 &sta_ctxt_cmd.pkt_ext,
2106 nss, ru_index_bitmap, ppe,
2107 ppe_pos_bit, true);
2108 flags |= STA_CTXT_HE_PACKET_EXT;
2109 /* EHT PPE Thresholds doesn't exist - set the API according to HE PPE Tresholds*/
2110 } else if (sta->deflink.he_cap.he_cap_elem.phy_cap_info[6] &
2111 IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT) {
2112 struct iwl_he_pkt_ext_v2 *pkt_ext =
2113 &sta_ctxt_cmd.pkt_ext;
2114
2115 /*
2116 * Even though HE Capabilities IE doesn't contain PPE
2117 * Thresholds for BW 320Mhz, thresholds for this BW will
2118 * be filled in with the same values as 160Mhz, due to
2119 * the inheritance, as required.
2120 */
2121 iwl_mvm_set_pkt_ext_from_he_ppe(mvm, sta, pkt_ext,
2122 true);
2123
2124 /*
2125 * According to the requirements, for MCSs 12-13 the maximum value between
2126 * HE PPE Threshold and Common Nominal Packet Padding needs to be taken
2127 */
2128 iwl_mvm_get_optimal_ppe_info(pkt_ext, nominal_padding);
2129
2130 flags |= STA_CTXT_HE_PACKET_EXT;
2131
2132 /*
2133 * if PPE Thresholds doesn't present in both EHT IE and HE IE -
2134 * take the Thresholds from Common Nominal Packet Padding field
2135 */
2136 } else {
2137 iwl_mvm_set_pkt_ext_from_nominal_padding(&sta_ctxt_cmd.pkt_ext,
2138 nominal_padding,
2139 &flags);
2140 }
2141 } else if (sta->deflink.he_cap.has_he) {
2142 /* If PPE Thresholds exist, parse them into a FW-familiar format. */
2143 if (sta->deflink.he_cap.he_cap_elem.phy_cap_info[6] &
2144 IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT) {
2145 iwl_mvm_set_pkt_ext_from_he_ppe(mvm, sta,
2146 &sta_ctxt_cmd.pkt_ext,
2147 false);
2148 flags |= STA_CTXT_HE_PACKET_EXT;
2149 /*
2150 * PPE Thresholds doesn't exist - set the API PPE values
2151 * according to Common Nominal Packet Padding field.
2152 */
2153 } else {
2154 nominal_padding =
2155 u8_get_bits(sta->deflink.he_cap.he_cap_elem.phy_cap_info[9],
2156 IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK);
2157 if (nominal_padding != IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_RESERVED)
2158 iwl_mvm_set_pkt_ext_from_nominal_padding(&sta_ctxt_cmd.pkt_ext,
2159 nominal_padding,
2160 &flags);
2161 }
2162 }
2163
2164 for (i = 0; i < MAX_HE_SUPP_NSS; i++) {
2165 int bw;
2166
2167 for (bw = 0;
2168 bw < ARRAY_SIZE(sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i]);
2169 bw++) {
2170 u8 *qam_th =
2171 &sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i][bw][0];
2172
2173 IWL_DEBUG_HT(mvm,
2174 "PPE table: nss[%d] bw[%d] PPET8 = %d, PPET16 = %d\n",
2175 i, bw, qam_th[0], qam_th[1]);
2176 }
2177 }
2178
2179 if (sta->deflink.he_cap.he_cap_elem.mac_cap_info[2] &
2180 IEEE80211_HE_MAC_CAP2_32BIT_BA_BITMAP)
2181 flags |= STA_CTXT_HE_32BIT_BA_BITMAP;
2182
2183 if (sta->deflink.he_cap.he_cap_elem.mac_cap_info[2] &
2184 IEEE80211_HE_MAC_CAP2_ACK_EN)
2185 flags |= STA_CTXT_HE_ACK_ENABLED;
2186
2187 rcu_read_unlock();
2188
2189 /* Mark MU EDCA as enabled, unless none detected on some AC */
2190 flags |= STA_CTXT_HE_MU_EDCA_CW;
2191 for (i = 0; i < IEEE80211_NUM_ACS; i++) {
2192 struct ieee80211_he_mu_edca_param_ac_rec *mu_edca =
2193 &mvmvif->queue_params[i].mu_edca_param_rec;
2194 u8 ac = iwl_mvm_mac80211_ac_to_ucode_ac(i);
2195
2196 if (!mvmvif->queue_params[i].mu_edca) {
2197 flags &= ~STA_CTXT_HE_MU_EDCA_CW;
2198 break;
2199 }
2200
2201 sta_ctxt_cmd.trig_based_txf[ac].cwmin =
2202 cpu_to_le16(mu_edca->ecw_min_max & 0xf);
2203 sta_ctxt_cmd.trig_based_txf[ac].cwmax =
2204 cpu_to_le16((mu_edca->ecw_min_max & 0xf0) >> 4);
2205 sta_ctxt_cmd.trig_based_txf[ac].aifsn =
2206 cpu_to_le16(mu_edca->aifsn);
2207 sta_ctxt_cmd.trig_based_txf[ac].mu_time =
2208 cpu_to_le16(mu_edca->mu_edca_timer);
2209 }
2210
2211
2212 if (vif->bss_conf.uora_exists) {
2213 flags |= STA_CTXT_HE_TRIG_RND_ALLOC;
2214
2215 sta_ctxt_cmd.rand_alloc_ecwmin =
2216 vif->bss_conf.uora_ocw_range & 0x7;
2217 sta_ctxt_cmd.rand_alloc_ecwmax =
2218 (vif->bss_conf.uora_ocw_range >> 3) & 0x7;
2219 }
2220
2221 if (own_he_cap && !(own_he_cap->he_cap_elem.mac_cap_info[2] &
2222 IEEE80211_HE_MAC_CAP2_ACK_EN))
2223 flags |= STA_CTXT_HE_NIC_NOT_ACK_ENABLED;
2224
2225 if (vif->bss_conf.nontransmitted) {
2226 flags |= STA_CTXT_HE_REF_BSSID_VALID;
2227 ether_addr_copy(sta_ctxt_cmd.ref_bssid_addr,
2228 vif->bss_conf.transmitter_bssid);
2229 sta_ctxt_cmd.max_bssid_indicator =
2230 vif->bss_conf.bssid_indicator;
2231 sta_ctxt_cmd.bssid_index = vif->bss_conf.bssid_index;
2232 sta_ctxt_cmd.ema_ap = vif->bss_conf.ema_ap;
2233 sta_ctxt_cmd.profile_periodicity =
2234 vif->bss_conf.profile_periodicity;
2235 }
2236
2237 sta_ctxt_cmd.flags = cpu_to_le32(flags);
2238
2239 if (ver < 3) {
2240 /* fields before pkt_ext */
2241 BUILD_BUG_ON(offsetof(typeof(sta_ctxt_cmd), pkt_ext) !=
2242 offsetof(typeof(sta_ctxt_cmd_v2), pkt_ext));
2243 memcpy(&sta_ctxt_cmd_v2, &sta_ctxt_cmd,
2244 offsetof(typeof(sta_ctxt_cmd), pkt_ext));
2245
2246 /* pkt_ext */
2247 for (i = 0;
2248 i < ARRAY_SIZE(sta_ctxt_cmd_v2.pkt_ext.pkt_ext_qam_th);
2249 i++) {
2250 u8 bw;
2251
2252 for (bw = 0;
2253 bw < ARRAY_SIZE(sta_ctxt_cmd_v2.pkt_ext.pkt_ext_qam_th[i]);
2254 bw++) {
2255 BUILD_BUG_ON(sizeof(sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i][bw]) !=
2256 sizeof(sta_ctxt_cmd_v2.pkt_ext.pkt_ext_qam_th[i][bw]));
2257
2258 memcpy(&sta_ctxt_cmd_v2.pkt_ext.pkt_ext_qam_th[i][bw],
2259 &sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i][bw],
2260 sizeof(sta_ctxt_cmd.pkt_ext.pkt_ext_qam_th[i][bw]));
2261 }
2262 }
2263
2264 /* fields after pkt_ext */
2265 BUILD_BUG_ON(sizeof(sta_ctxt_cmd) -
2266 offsetofend(typeof(sta_ctxt_cmd), pkt_ext) !=
2267 sizeof(sta_ctxt_cmd_v2) -
2268 offsetofend(typeof(sta_ctxt_cmd_v2), pkt_ext));
2269 memcpy((u8 *)&sta_ctxt_cmd_v2 +
2270 offsetofend(typeof(sta_ctxt_cmd_v2), pkt_ext),
2271 (u8 *)&sta_ctxt_cmd +
2272 offsetofend(typeof(sta_ctxt_cmd), pkt_ext),
2273 sizeof(sta_ctxt_cmd) -
2274 offsetofend(typeof(sta_ctxt_cmd), pkt_ext));
2275 sta_ctxt_cmd_v2.reserved3 = 0;
2276 }
2277
2278 if (iwl_mvm_send_cmd_pdu(mvm, cmd_id, 0, size, cmd))
2279 IWL_ERR(mvm, "Failed to config FW to work HE!\n");
2280}
2281
2282static void iwl_mvm_protect_assoc(struct iwl_mvm *mvm,
2283 struct ieee80211_vif *vif,
2284 u32 duration_override)
2285{
2286 u32 duration = IWL_MVM_TE_SESSION_PROTECTION_MAX_TIME_MS;
2287 u32 min_duration = IWL_MVM_TE_SESSION_PROTECTION_MIN_TIME_MS;
2288
2289 if (duration_override > duration)
2290 duration = duration_override;
2291
2292 /* Try really hard to protect the session and hear a beacon
2293 * The new session protection command allows us to protect the
2294 * session for a much longer time since the firmware will internally
2295 * create two events: a 300TU one with a very high priority that
2296 * won't be fragmented which should be enough for 99% of the cases,
2297 * and another one (which we configure here to be 900TU long) which
2298 * will have a slightly lower priority, but more importantly, can be
2299 * fragmented so that it'll allow other activities to run.
2300 */
2301 if (fw_has_capa(&mvm->fw->ucode_capa,
2302 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD))
2303 iwl_mvm_schedule_session_protection(mvm, vif, 900,
2304 min_duration, false);
2305 else
2306 iwl_mvm_protect_session(mvm, vif, duration,
2307 min_duration, 500, false);
2308}
2309
2310static void iwl_mvm_bss_info_changed_station(struct iwl_mvm *mvm,
2311 struct ieee80211_vif *vif,
2312 struct ieee80211_bss_conf *bss_conf,
2313 u64 changes)
2314{
2315 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2316 int ret;
2317
2318 /*
2319 * Re-calculate the tsf id, as the leader-follower relations depend
2320 * on the beacon interval, which was not known when the station
2321 * interface was added.
2322 */
2323 if (changes & BSS_CHANGED_ASSOC && vif->cfg.assoc) {
2324 if ((vif->bss_conf.he_support &&
2325 !iwlwifi_mod_params.disable_11ax) ||
2326 (vif->bss_conf.eht_support &&
2327 !iwlwifi_mod_params.disable_11be))
2328 iwl_mvm_cfg_he_sta(mvm, vif, mvmvif->ap_sta_id);
2329
2330 iwl_mvm_mac_ctxt_recalc_tsf_id(mvm, vif);
2331 }
2332
2333 /* Update MU EDCA params */
2334 if (changes & BSS_CHANGED_QOS && mvmvif->associated &&
2335 vif->cfg.assoc &&
2336 ((vif->bss_conf.he_support &&
2337 !iwlwifi_mod_params.disable_11ax) ||
2338 (vif->bss_conf.eht_support &&
2339 !iwlwifi_mod_params.disable_11be)))
2340 iwl_mvm_cfg_he_sta(mvm, vif, mvmvif->ap_sta_id);
2341
2342 /*
2343 * If we're not associated yet, take the (new) BSSID before associating
2344 * so the firmware knows. If we're already associated, then use the old
2345 * BSSID here, and we'll send a cleared one later in the CHANGED_ASSOC
2346 * branch for disassociation below.
2347 */
2348 if (changes & BSS_CHANGED_BSSID && !mvmvif->associated)
2349 memcpy(mvmvif->bssid, bss_conf->bssid, ETH_ALEN);
2350
2351 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, mvmvif->bssid);
2352 if (ret)
2353 IWL_ERR(mvm, "failed to update MAC %pM\n", vif->addr);
2354
2355 /* after sending it once, adopt mac80211 data */
2356 memcpy(mvmvif->bssid, bss_conf->bssid, ETH_ALEN);
2357 mvmvif->associated = vif->cfg.assoc;
2358
2359 if (changes & BSS_CHANGED_ASSOC) {
2360 if (vif->cfg.assoc) {
2361 /* clear statistics to get clean beacon counter */
2362 iwl_mvm_request_statistics(mvm, true);
2363 memset(&mvmvif->beacon_stats, 0,
2364 sizeof(mvmvif->beacon_stats));
2365
2366 /* add quota for this interface */
2367 ret = iwl_mvm_update_quotas(mvm, true, NULL);
2368 if (ret) {
2369 IWL_ERR(mvm, "failed to update quotas\n");
2370 return;
2371 }
2372
2373 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART,
2374 &mvm->status) &&
2375 !fw_has_capa(&mvm->fw->ucode_capa,
2376 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) {
2377 /*
2378 * If we're restarting then the firmware will
2379 * obviously have lost synchronisation with
2380 * the AP. It will attempt to synchronise by
2381 * itself, but we can make it more reliable by
2382 * scheduling a session protection time event.
2383 *
2384 * The firmware needs to receive a beacon to
2385 * catch up with synchronisation, use 110% of
2386 * the beacon interval.
2387 *
2388 * Set a large maximum delay to allow for more
2389 * than a single interface.
2390 *
2391 * For new firmware versions, rely on the
2392 * firmware. This is relevant for DCM scenarios
2393 * only anyway.
2394 */
2395 u32 dur = (11 * vif->bss_conf.beacon_int) / 10;
2396 iwl_mvm_protect_session(mvm, vif, dur, dur,
2397 5 * dur, false);
2398 } else if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART,
2399 &mvm->status) &&
2400 !vif->bss_conf.dtim_period) {
2401 /*
2402 * If we're not restarting and still haven't
2403 * heard a beacon (dtim period unknown) then
2404 * make sure we still have enough minimum time
2405 * remaining in the time event, since the auth
2406 * might actually have taken quite a while
2407 * (especially for SAE) and so the remaining
2408 * time could be small without us having heard
2409 * a beacon yet.
2410 */
2411 iwl_mvm_protect_assoc(mvm, vif, 0);
2412 }
2413
2414 iwl_mvm_sf_update(mvm, vif, false);
2415 iwl_mvm_power_vif_assoc(mvm, vif);
2416 if (vif->p2p) {
2417 iwl_mvm_update_smps(mvm, vif,
2418 IWL_MVM_SMPS_REQ_PROT,
2419 IEEE80211_SMPS_DYNAMIC);
2420 }
2421 } else if (mvmvif->ap_sta_id != IWL_MVM_INVALID_STA) {
2422 iwl_mvm_mei_host_disassociated(mvm);
2423 /*
2424 * If update fails - SF might be running in associated
2425 * mode while disassociated - which is forbidden.
2426 */
2427 ret = iwl_mvm_sf_update(mvm, vif, false);
2428 WARN_ONCE(ret &&
2429 !test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED,
2430 &mvm->status),
2431 "Failed to update SF upon disassociation\n");
2432
2433 /*
2434 * If we get an assert during the connection (after the
2435 * station has been added, but before the vif is set
2436 * to associated), mac80211 will re-add the station and
2437 * then configure the vif. Since the vif is not
2438 * associated, we would remove the station here and
2439 * this would fail the recovery.
2440 */
2441 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART,
2442 &mvm->status)) {
2443 /* first remove remaining keys */
2444 iwl_mvm_sec_key_remove_ap(mvm, vif);
2445
2446 /*
2447 * Remove AP station now that
2448 * the MAC is unassoc
2449 */
2450 ret = iwl_mvm_rm_sta_id(mvm, vif,
2451 mvmvif->ap_sta_id);
2452 if (ret)
2453 IWL_ERR(mvm,
2454 "failed to remove AP station\n");
2455
2456 mvmvif->ap_sta_id = IWL_MVM_INVALID_STA;
2457 }
2458
2459 /* remove quota for this interface */
2460 ret = iwl_mvm_update_quotas(mvm, false, NULL);
2461 if (ret)
2462 IWL_ERR(mvm, "failed to update quotas\n");
2463
2464 /* this will take the cleared BSSID from bss_conf */
2465 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
2466 if (ret)
2467 IWL_ERR(mvm,
2468 "failed to update MAC %pM (clear after unassoc)\n",
2469 vif->addr);
2470 }
2471
2472 /*
2473 * The firmware tracks the MU-MIMO group on its own.
2474 * However, on HW restart we should restore this data.
2475 */
2476 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) &&
2477 (changes & BSS_CHANGED_MU_GROUPS) && vif->bss_conf.mu_mimo_owner) {
2478 ret = iwl_mvm_update_mu_groups(mvm, vif);
2479 if (ret)
2480 IWL_ERR(mvm,
2481 "failed to update VHT MU_MIMO groups\n");
2482 }
2483
2484 iwl_mvm_recalc_multicast(mvm);
2485
2486 /* reset rssi values */
2487 mvmvif->bf_data.ave_beacon_signal = 0;
2488
2489 iwl_mvm_bt_coex_vif_change(mvm);
2490 iwl_mvm_update_smps(mvm, vif, IWL_MVM_SMPS_REQ_TT,
2491 IEEE80211_SMPS_AUTOMATIC);
2492 if (fw_has_capa(&mvm->fw->ucode_capa,
2493 IWL_UCODE_TLV_CAPA_UMAC_SCAN))
2494 iwl_mvm_config_scan(mvm);
2495 }
2496
2497 if (changes & BSS_CHANGED_BEACON_INFO) {
2498 /*
2499 * We received a beacon from the associated AP so
2500 * remove the session protection.
2501 */
2502 iwl_mvm_stop_session_protection(mvm, vif);
2503
2504 iwl_mvm_sf_update(mvm, vif, false);
2505 WARN_ON(iwl_mvm_enable_beacon_filter(mvm, vif, 0));
2506 }
2507
2508 if (changes & (BSS_CHANGED_PS | BSS_CHANGED_P2P_PS | BSS_CHANGED_QOS |
2509 /*
2510 * Send power command on every beacon change,
2511 * because we may have not enabled beacon abort yet.
2512 */
2513 BSS_CHANGED_BEACON_INFO)) {
2514 ret = iwl_mvm_power_update_mac(mvm);
2515 if (ret)
2516 IWL_ERR(mvm, "failed to update power mode\n");
2517 }
2518
2519 if (changes & BSS_CHANGED_CQM) {
2520 IWL_DEBUG_MAC80211(mvm, "cqm info_changed\n");
2521 /* reset cqm events tracking */
2522 mvmvif->bf_data.last_cqm_event = 0;
2523 if (mvmvif->bf_data.bf_enabled) {
2524 ret = iwl_mvm_enable_beacon_filter(mvm, vif, 0);
2525 if (ret)
2526 IWL_ERR(mvm,
2527 "failed to update CQM thresholds\n");
2528 }
2529 }
2530
2531 if (changes & BSS_CHANGED_BANDWIDTH)
2532 iwl_mvm_apply_fw_smps_request(vif);
2533}
2534
2535static int iwl_mvm_start_ap_ibss(struct ieee80211_hw *hw,
2536 struct ieee80211_vif *vif,
2537 struct ieee80211_bss_conf *link_conf)
2538{
2539 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2540 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2541 int ret, i;
2542
2543 mutex_lock(&mvm->mutex);
2544
2545 /* Send the beacon template */
2546 ret = iwl_mvm_mac_ctxt_beacon_changed(mvm, vif);
2547 if (ret)
2548 goto out_unlock;
2549
2550 /*
2551 * Re-calculate the tsf id, as the leader-follower relations depend on
2552 * the beacon interval, which was not known when the AP interface
2553 * was added.
2554 */
2555 if (vif->type == NL80211_IFTYPE_AP)
2556 iwl_mvm_mac_ctxt_recalc_tsf_id(mvm, vif);
2557
2558 mvmvif->ap_assoc_sta_count = 0;
2559
2560 /* Add the mac context */
2561 ret = iwl_mvm_mac_ctxt_add(mvm, vif);
2562 if (ret)
2563 goto out_unlock;
2564
2565 /* Perform the binding */
2566 ret = iwl_mvm_binding_add_vif(mvm, vif);
2567 if (ret)
2568 goto out_remove;
2569
2570 /*
2571 * This is not very nice, but the simplest:
2572 * For older FWs adding the mcast sta before the bcast station may
2573 * cause assert 0x2b00.
2574 * This is fixed in later FW so make the order of removal depend on
2575 * the TLV
2576 */
2577 if (fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE)) {
2578 ret = iwl_mvm_add_mcast_sta(mvm, vif);
2579 if (ret)
2580 goto out_unbind;
2581 /*
2582 * Send the bcast station. At this stage the TBTT and DTIM time
2583 * events are added and applied to the scheduler
2584 */
2585 ret = iwl_mvm_send_add_bcast_sta(mvm, vif);
2586 if (ret) {
2587 iwl_mvm_rm_mcast_sta(mvm, vif);
2588 goto out_unbind;
2589 }
2590 } else {
2591 /*
2592 * Send the bcast station. At this stage the TBTT and DTIM time
2593 * events are added and applied to the scheduler
2594 */
2595 ret = iwl_mvm_send_add_bcast_sta(mvm, vif);
2596 if (ret)
2597 goto out_unbind;
2598 ret = iwl_mvm_add_mcast_sta(mvm, vif);
2599 if (ret) {
2600 iwl_mvm_send_rm_bcast_sta(mvm, vif);
2601 goto out_unbind;
2602 }
2603 }
2604
2605 /* must be set before quota calculations */
2606 mvmvif->ap_ibss_active = true;
2607
2608 /* send all the early keys to the device now */
2609 for (i = 0; i < ARRAY_SIZE(mvmvif->ap_early_keys); i++) {
2610 struct ieee80211_key_conf *key = mvmvif->ap_early_keys[i];
2611
2612 if (!key)
2613 continue;
2614
2615 mvmvif->ap_early_keys[i] = NULL;
2616
2617 ret = __iwl_mvm_mac_set_key(hw, SET_KEY, vif, NULL, key);
2618 if (ret)
2619 goto out_quota_failed;
2620 }
2621
2622 if (vif->type == NL80211_IFTYPE_AP && !vif->p2p) {
2623 iwl_mvm_vif_set_low_latency(mvmvif, true,
2624 LOW_LATENCY_VIF_TYPE);
2625 iwl_mvm_send_low_latency_cmd(mvm, true, mvmvif->id);
2626 }
2627
2628 /* power updated needs to be done before quotas */
2629 iwl_mvm_power_update_mac(mvm);
2630
2631 ret = iwl_mvm_update_quotas(mvm, false, NULL);
2632 if (ret)
2633 goto out_quota_failed;
2634
2635 /* Need to update the P2P Device MAC (only GO, IBSS is single vif) */
2636 if (vif->p2p && mvm->p2p_device_vif)
2637 iwl_mvm_mac_ctxt_changed(mvm, mvm->p2p_device_vif, false, NULL);
2638
2639 iwl_mvm_bt_coex_vif_change(mvm);
2640
2641 /* we don't support TDLS during DCM */
2642 if (iwl_mvm_phy_ctx_count(mvm) > 1)
2643 iwl_mvm_teardown_tdls_peers(mvm);
2644
2645 iwl_mvm_ftm_restart_responder(mvm, vif);
2646
2647 goto out_unlock;
2648
2649out_quota_failed:
2650 iwl_mvm_power_update_mac(mvm);
2651 mvmvif->ap_ibss_active = false;
2652 iwl_mvm_send_rm_bcast_sta(mvm, vif);
2653 iwl_mvm_rm_mcast_sta(mvm, vif);
2654out_unbind:
2655 iwl_mvm_binding_remove_vif(mvm, vif);
2656out_remove:
2657 iwl_mvm_mac_ctxt_remove(mvm, vif);
2658out_unlock:
2659 mutex_unlock(&mvm->mutex);
2660 return ret;
2661}
2662
2663static int iwl_mvm_start_ap(struct ieee80211_hw *hw,
2664 struct ieee80211_vif *vif,
2665 struct ieee80211_bss_conf *link_conf)
2666{
2667 return iwl_mvm_start_ap_ibss(hw, vif, link_conf);
2668}
2669
2670static int iwl_mvm_start_ibss(struct ieee80211_hw *hw,
2671 struct ieee80211_vif *vif)
2672{
2673 return iwl_mvm_start_ap_ibss(hw, vif, &vif->bss_conf);
2674}
2675
2676static void iwl_mvm_stop_ap_ibss(struct ieee80211_hw *hw,
2677 struct ieee80211_vif *vif,
2678 struct ieee80211_bss_conf *link_conf)
2679{
2680 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2681 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2682
2683 iwl_mvm_prepare_mac_removal(mvm, vif);
2684
2685 mutex_lock(&mvm->mutex);
2686
2687 /* Handle AP stop while in CSA */
2688 if (rcu_access_pointer(mvm->csa_vif) == vif) {
2689 iwl_mvm_remove_time_event(mvm, mvmvif,
2690 &mvmvif->time_event_data);
2691 RCU_INIT_POINTER(mvm->csa_vif, NULL);
2692 mvmvif->csa_countdown = false;
2693 }
2694
2695 if (rcu_access_pointer(mvm->csa_tx_blocked_vif) == vif) {
2696 RCU_INIT_POINTER(mvm->csa_tx_blocked_vif, NULL);
2697 mvm->csa_tx_block_bcn_timeout = 0;
2698 }
2699
2700 mvmvif->ap_ibss_active = false;
2701 mvm->ap_last_beacon_gp2 = 0;
2702
2703 if (vif->type == NL80211_IFTYPE_AP && !vif->p2p) {
2704 iwl_mvm_vif_set_low_latency(mvmvif, false,
2705 LOW_LATENCY_VIF_TYPE);
2706 iwl_mvm_send_low_latency_cmd(mvm, false, mvmvif->id);
2707 }
2708
2709 iwl_mvm_bt_coex_vif_change(mvm);
2710
2711 /* Need to update the P2P Device MAC (only GO, IBSS is single vif) */
2712 if (vif->p2p && mvm->p2p_device_vif)
2713 iwl_mvm_mac_ctxt_changed(mvm, mvm->p2p_device_vif, false, NULL);
2714
2715 iwl_mvm_update_quotas(mvm, false, NULL);
2716
2717 iwl_mvm_ftm_responder_clear(mvm, vif);
2718
2719 /*
2720 * This is not very nice, but the simplest:
2721 * For older FWs removing the mcast sta before the bcast station may
2722 * cause assert 0x2b00.
2723 * This is fixed in later FW (which will stop beaconing when removing
2724 * bcast station).
2725 * So make the order of removal depend on the TLV
2726 */
2727 if (!fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE))
2728 iwl_mvm_rm_mcast_sta(mvm, vif);
2729 iwl_mvm_send_rm_bcast_sta(mvm, vif);
2730 if (fw_has_api(&mvm->fw->ucode_capa, IWL_UCODE_TLV_API_STA_TYPE))
2731 iwl_mvm_rm_mcast_sta(mvm, vif);
2732 iwl_mvm_binding_remove_vif(mvm, vif);
2733
2734 iwl_mvm_power_update_mac(mvm);
2735
2736 iwl_mvm_mac_ctxt_remove(mvm, vif);
2737
2738 mutex_unlock(&mvm->mutex);
2739}
2740
2741static void iwl_mvm_stop_ap(struct ieee80211_hw *hw,
2742 struct ieee80211_vif *vif,
2743 struct ieee80211_bss_conf *link_conf)
2744{
2745 iwl_mvm_stop_ap_ibss(hw, vif, link_conf);
2746}
2747
2748static void iwl_mvm_stop_ibss(struct ieee80211_hw *hw,
2749 struct ieee80211_vif *vif)
2750{
2751 iwl_mvm_stop_ap_ibss(hw, vif, &vif->bss_conf);
2752}
2753
2754static void
2755iwl_mvm_bss_info_changed_ap_ibss(struct iwl_mvm *mvm,
2756 struct ieee80211_vif *vif,
2757 struct ieee80211_bss_conf *bss_conf,
2758 u64 changes)
2759{
2760 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
2761
2762 /* Changes will be applied when the AP/IBSS is started */
2763 if (!mvmvif->ap_ibss_active)
2764 return;
2765
2766 if (changes & (BSS_CHANGED_ERP_CTS_PROT | BSS_CHANGED_HT |
2767 BSS_CHANGED_BANDWIDTH | BSS_CHANGED_QOS) &&
2768 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL))
2769 IWL_ERR(mvm, "failed to update MAC %pM\n", vif->addr);
2770
2771 /* Need to send a new beacon template to the FW */
2772 if (changes & BSS_CHANGED_BEACON &&
2773 iwl_mvm_mac_ctxt_beacon_changed(mvm, vif))
2774 IWL_WARN(mvm, "Failed updating beacon data\n");
2775
2776 if (changes & BSS_CHANGED_FTM_RESPONDER) {
2777 int ret = iwl_mvm_ftm_start_responder(mvm, vif);
2778
2779 if (ret)
2780 IWL_WARN(mvm, "Failed to enable FTM responder (%d)\n",
2781 ret);
2782 }
2783
2784}
2785
2786static void iwl_mvm_bss_info_changed(struct ieee80211_hw *hw,
2787 struct ieee80211_vif *vif,
2788 struct ieee80211_bss_conf *bss_conf,
2789 u64 changes)
2790{
2791 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2792
2793 mutex_lock(&mvm->mutex);
2794
2795 if (changes & BSS_CHANGED_IDLE && !vif->cfg.idle)
2796 iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, true);
2797
2798 switch (vif->type) {
2799 case NL80211_IFTYPE_STATION:
2800 iwl_mvm_bss_info_changed_station(mvm, vif, bss_conf, changes);
2801 break;
2802 case NL80211_IFTYPE_AP:
2803 case NL80211_IFTYPE_ADHOC:
2804 iwl_mvm_bss_info_changed_ap_ibss(mvm, vif, bss_conf, changes);
2805 break;
2806 case NL80211_IFTYPE_MONITOR:
2807 if (changes & BSS_CHANGED_MU_GROUPS)
2808 iwl_mvm_update_mu_groups(mvm, vif);
2809 break;
2810 default:
2811 /* shouldn't happen */
2812 WARN_ON_ONCE(1);
2813 }
2814
2815 if (changes & BSS_CHANGED_TXPOWER) {
2816 IWL_DEBUG_CALIB(mvm, "Changing TX Power to %d dBm\n",
2817 bss_conf->txpower);
2818 iwl_mvm_set_tx_power(mvm, vif, bss_conf->txpower);
2819 }
2820
2821 mutex_unlock(&mvm->mutex);
2822}
2823
2824static int iwl_mvm_mac_hw_scan(struct ieee80211_hw *hw,
2825 struct ieee80211_vif *vif,
2826 struct ieee80211_scan_request *hw_req)
2827{
2828 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2829 int ret;
2830
2831 if (hw_req->req.n_channels == 0 ||
2832 hw_req->req.n_channels > mvm->fw->ucode_capa.n_scan_channels)
2833 return -EINVAL;
2834
2835 mutex_lock(&mvm->mutex);
2836 ret = iwl_mvm_reg_scan_start(mvm, vif, &hw_req->req, &hw_req->ies);
2837 mutex_unlock(&mvm->mutex);
2838
2839 return ret;
2840}
2841
2842static void iwl_mvm_mac_cancel_hw_scan(struct ieee80211_hw *hw,
2843 struct ieee80211_vif *vif)
2844{
2845 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2846
2847 mutex_lock(&mvm->mutex);
2848
2849 /* Due to a race condition, it's possible that mac80211 asks
2850 * us to stop a hw_scan when it's already stopped. This can
2851 * happen, for instance, if we stopped the scan ourselves,
2852 * called ieee80211_scan_completed() and the userspace called
2853 * cancel scan scan before ieee80211_scan_work() could run.
2854 * To handle that, simply return if the scan is not running.
2855 */
2856 if (mvm->scan_status & IWL_MVM_SCAN_REGULAR)
2857 iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_REGULAR, true);
2858
2859 mutex_unlock(&mvm->mutex);
2860}
2861
2862static void
2863iwl_mvm_mac_allow_buffered_frames(struct ieee80211_hw *hw,
2864 struct ieee80211_sta *sta, u16 tids,
2865 int num_frames,
2866 enum ieee80211_frame_release_type reason,
2867 bool more_data)
2868{
2869 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2870
2871 /* Called when we need to transmit (a) frame(s) from mac80211 */
2872
2873 iwl_mvm_sta_modify_sleep_tx_count(mvm, sta, reason, num_frames,
2874 tids, more_data, false);
2875}
2876
2877static void
2878iwl_mvm_mac_release_buffered_frames(struct ieee80211_hw *hw,
2879 struct ieee80211_sta *sta, u16 tids,
2880 int num_frames,
2881 enum ieee80211_frame_release_type reason,
2882 bool more_data)
2883{
2884 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2885
2886 /* Called when we need to transmit (a) frame(s) from agg or dqa queue */
2887
2888 iwl_mvm_sta_modify_sleep_tx_count(mvm, sta, reason, num_frames,
2889 tids, more_data, true);
2890}
2891
2892static void __iwl_mvm_mac_sta_notify(struct ieee80211_hw *hw,
2893 enum sta_notify_cmd cmd,
2894 struct ieee80211_sta *sta)
2895{
2896 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
2897 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
2898 unsigned long txqs = 0, tids = 0;
2899 int tid;
2900
2901 /*
2902 * If we have TVQM then we get too high queue numbers - luckily
2903 * we really shouldn't get here with that because such hardware
2904 * should have firmware supporting buffer station offload.
2905 */
2906 if (WARN_ON(iwl_mvm_has_new_tx_api(mvm)))
2907 return;
2908
2909 spin_lock_bh(&mvmsta->lock);
2910 for (tid = 0; tid < ARRAY_SIZE(mvmsta->tid_data); tid++) {
2911 struct iwl_mvm_tid_data *tid_data = &mvmsta->tid_data[tid];
2912
2913 if (tid_data->txq_id == IWL_MVM_INVALID_QUEUE)
2914 continue;
2915
2916 __set_bit(tid_data->txq_id, &txqs);
2917
2918 if (iwl_mvm_tid_queued(mvm, tid_data) == 0)
2919 continue;
2920
2921 __set_bit(tid, &tids);
2922 }
2923
2924 switch (cmd) {
2925 case STA_NOTIFY_SLEEP:
2926 for_each_set_bit(tid, &tids, IWL_MAX_TID_COUNT)
2927 ieee80211_sta_set_buffered(sta, tid, true);
2928
2929 if (txqs)
2930 iwl_trans_freeze_txq_timer(mvm->trans, txqs, true);
2931 /*
2932 * The fw updates the STA to be asleep. Tx packets on the Tx
2933 * queues to this station will not be transmitted. The fw will
2934 * send a Tx response with TX_STATUS_FAIL_DEST_PS.
2935 */
2936 break;
2937 case STA_NOTIFY_AWAKE:
2938 if (WARN_ON(mvmsta->sta_id == IWL_MVM_INVALID_STA))
2939 break;
2940
2941 if (txqs)
2942 iwl_trans_freeze_txq_timer(mvm->trans, txqs, false);
2943 iwl_mvm_sta_modify_ps_wake(mvm, sta);
2944 break;
2945 default:
2946 break;
2947 }
2948 spin_unlock_bh(&mvmsta->lock);
2949}
2950
2951static void iwl_mvm_mac_sta_notify(struct ieee80211_hw *hw,
2952 struct ieee80211_vif *vif,
2953 enum sta_notify_cmd cmd,
2954 struct ieee80211_sta *sta)
2955{
2956 __iwl_mvm_mac_sta_notify(hw, cmd, sta);
2957}
2958
2959void iwl_mvm_sta_pm_notif(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb)
2960{
2961 struct iwl_rx_packet *pkt = rxb_addr(rxb);
2962 struct iwl_mvm_pm_state_notification *notif = (void *)pkt->data;
2963 struct ieee80211_sta *sta;
2964 struct iwl_mvm_sta *mvmsta;
2965 bool sleeping = (notif->type != IWL_MVM_PM_EVENT_AWAKE);
2966
2967 if (WARN_ON(notif->sta_id >= mvm->fw->ucode_capa.num_stations))
2968 return;
2969
2970 rcu_read_lock();
2971 sta = rcu_dereference(mvm->fw_id_to_mac_id[notif->sta_id]);
2972 if (WARN_ON(IS_ERR_OR_NULL(sta))) {
2973 rcu_read_unlock();
2974 return;
2975 }
2976
2977 mvmsta = iwl_mvm_sta_from_mac80211(sta);
2978
2979 if (!mvmsta->vif ||
2980 mvmsta->vif->type != NL80211_IFTYPE_AP) {
2981 rcu_read_unlock();
2982 return;
2983 }
2984
2985 if (mvmsta->sleeping != sleeping) {
2986 mvmsta->sleeping = sleeping;
2987 __iwl_mvm_mac_sta_notify(mvm->hw,
2988 sleeping ? STA_NOTIFY_SLEEP : STA_NOTIFY_AWAKE,
2989 sta);
2990 ieee80211_sta_ps_transition(sta, sleeping);
2991 }
2992
2993 if (sleeping) {
2994 switch (notif->type) {
2995 case IWL_MVM_PM_EVENT_AWAKE:
2996 case IWL_MVM_PM_EVENT_ASLEEP:
2997 break;
2998 case IWL_MVM_PM_EVENT_UAPSD:
2999 ieee80211_sta_uapsd_trigger(sta, IEEE80211_NUM_TIDS);
3000 break;
3001 case IWL_MVM_PM_EVENT_PS_POLL:
3002 ieee80211_sta_pspoll(sta);
3003 break;
3004 default:
3005 break;
3006 }
3007 }
3008
3009 rcu_read_unlock();
3010}
3011
3012static void iwl_mvm_sta_pre_rcu_remove(struct ieee80211_hw *hw,
3013 struct ieee80211_vif *vif,
3014 struct ieee80211_sta *sta)
3015{
3016 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3017 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
3018
3019 /*
3020 * This is called before mac80211 does RCU synchronisation,
3021 * so here we already invalidate our internal RCU-protected
3022 * station pointer. The rest of the code will thus no longer
3023 * be able to find the station this way, and we don't rely
3024 * on further RCU synchronisation after the sta_state()
3025 * callback deleted the station.
3026 */
3027 mutex_lock(&mvm->mutex);
3028 if (sta == rcu_access_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id]))
3029 rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id],
3030 ERR_PTR(-ENOENT));
3031
3032 mutex_unlock(&mvm->mutex);
3033}
3034
3035static void iwl_mvm_check_uapsd(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
3036 const u8 *bssid)
3037{
3038 int i;
3039
3040 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status)) {
3041 struct iwl_mvm_tcm_mac *mdata;
3042
3043 mdata = &mvm->tcm.data[iwl_mvm_vif_from_mac80211(vif)->id];
3044 ewma_rate_init(&mdata->uapsd_nonagg_detect.rate);
3045 mdata->opened_rx_ba_sessions = false;
3046 }
3047
3048 if (!(mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_UAPSD_SUPPORT))
3049 return;
3050
3051 if (vif->p2p && !iwl_mvm_is_p2p_scm_uapsd_supported(mvm)) {
3052 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD;
3053 return;
3054 }
3055
3056 if (!vif->p2p &&
3057 (iwlwifi_mod_params.uapsd_disable & IWL_DISABLE_UAPSD_BSS)) {
3058 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD;
3059 return;
3060 }
3061
3062 for (i = 0; i < IWL_MVM_UAPSD_NOAGG_LIST_LEN; i++) {
3063 if (ether_addr_equal(mvm->uapsd_noagg_bssids[i].addr, bssid)) {
3064 vif->driver_flags &= ~IEEE80211_VIF_SUPPORTS_UAPSD;
3065 return;
3066 }
3067 }
3068
3069 vif->driver_flags |= IEEE80211_VIF_SUPPORTS_UAPSD;
3070}
3071
3072static void
3073iwl_mvm_tdls_check_trigger(struct iwl_mvm *mvm,
3074 struct ieee80211_vif *vif, u8 *peer_addr,
3075 enum nl80211_tdls_operation action)
3076{
3077 struct iwl_fw_dbg_trigger_tlv *trig;
3078 struct iwl_fw_dbg_trigger_tdls *tdls_trig;
3079
3080 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif),
3081 FW_DBG_TRIGGER_TDLS);
3082 if (!trig)
3083 return;
3084
3085 tdls_trig = (void *)trig->data;
3086
3087 if (!(tdls_trig->action_bitmap & BIT(action)))
3088 return;
3089
3090 if (tdls_trig->peer_mode &&
3091 memcmp(tdls_trig->peer, peer_addr, ETH_ALEN) != 0)
3092 return;
3093
3094 iwl_fw_dbg_collect_trig(&mvm->fwrt, trig,
3095 "TDLS event occurred, peer %pM, action %d",
3096 peer_addr, action);
3097}
3098
3099struct iwl_mvm_he_obss_narrow_bw_ru_data {
3100 bool tolerated;
3101};
3102
3103static void iwl_mvm_check_he_obss_narrow_bw_ru_iter(struct wiphy *wiphy,
3104 struct cfg80211_bss *bss,
3105 void *_data)
3106{
3107 struct iwl_mvm_he_obss_narrow_bw_ru_data *data = _data;
3108 const struct cfg80211_bss_ies *ies;
3109 const struct element *elem;
3110
3111 rcu_read_lock();
3112 ies = rcu_dereference(bss->ies);
3113 elem = cfg80211_find_elem(WLAN_EID_EXT_CAPABILITY, ies->data,
3114 ies->len);
3115
3116 if (!elem || elem->datalen < 10 ||
3117 !(elem->data[10] &
3118 WLAN_EXT_CAPA10_OBSS_NARROW_BW_RU_TOLERANCE_SUPPORT)) {
3119 data->tolerated = false;
3120 }
3121 rcu_read_unlock();
3122}
3123
3124static void iwl_mvm_check_he_obss_narrow_bw_ru(struct ieee80211_hw *hw,
3125 struct ieee80211_vif *vif)
3126{
3127 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3128 struct iwl_mvm_he_obss_narrow_bw_ru_data iter_data = {
3129 .tolerated = true,
3130 };
3131
3132 if (!(vif->bss_conf.chandef.chan->flags & IEEE80211_CHAN_RADAR)) {
3133 mvmvif->he_ru_2mhz_block = false;
3134 return;
3135 }
3136
3137 cfg80211_bss_iter(hw->wiphy, &vif->bss_conf.chandef,
3138 iwl_mvm_check_he_obss_narrow_bw_ru_iter,
3139 &iter_data);
3140
3141 /*
3142 * If there is at least one AP on radar channel that cannot
3143 * tolerate 26-tone RU UL OFDMA transmissions using HE TB PPDU.
3144 */
3145 mvmvif->he_ru_2mhz_block = !iter_data.tolerated;
3146}
3147
3148static void iwl_mvm_reset_cca_40mhz_workaround(struct iwl_mvm *mvm,
3149 struct ieee80211_vif *vif)
3150{
3151 struct ieee80211_supported_band *sband;
3152 const struct ieee80211_sta_he_cap *he_cap;
3153
3154 if (vif->type != NL80211_IFTYPE_STATION)
3155 return;
3156
3157 if (!mvm->cca_40mhz_workaround)
3158 return;
3159
3160 /* decrement and check that we reached zero */
3161 mvm->cca_40mhz_workaround--;
3162 if (mvm->cca_40mhz_workaround)
3163 return;
3164
3165 sband = mvm->hw->wiphy->bands[NL80211_BAND_2GHZ];
3166
3167 sband->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
3168
3169 he_cap = ieee80211_get_he_iftype_cap(sband,
3170 ieee80211_vif_type_p2p(vif));
3171
3172 if (he_cap) {
3173 /* we know that ours is writable */
3174 struct ieee80211_sta_he_cap *he = (void *)(uintptr_t)he_cap;
3175
3176 he->he_cap_elem.phy_cap_info[0] |=
3177 IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G;
3178 }
3179}
3180
3181static void iwl_mvm_mei_host_associated(struct iwl_mvm *mvm,
3182 struct ieee80211_vif *vif,
3183 struct iwl_mvm_sta *mvm_sta)
3184{
3185#if IS_ENABLED(CONFIG_IWLMEI)
3186 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3187 struct iwl_mei_conn_info conn_info = {
3188 .ssid_len = vif->cfg.ssid_len,
3189 .channel = vif->bss_conf.chandef.chan->hw_value,
3190 };
3191
3192 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status))
3193 return;
3194
3195 if (!mvm->mei_registered)
3196 return;
3197
3198 switch (mvm_sta->pairwise_cipher) {
3199 case WLAN_CIPHER_SUITE_TKIP:
3200 conn_info.pairwise_cipher = IWL_MEI_CIPHER_TKIP;
3201 break;
3202 case WLAN_CIPHER_SUITE_CCMP:
3203 conn_info.pairwise_cipher = IWL_MEI_CIPHER_CCMP;
3204 break;
3205 case WLAN_CIPHER_SUITE_GCMP:
3206 conn_info.pairwise_cipher = IWL_MEI_CIPHER_GCMP;
3207 break;
3208 case WLAN_CIPHER_SUITE_GCMP_256:
3209 conn_info.pairwise_cipher = IWL_MEI_CIPHER_GCMP_256;
3210 break;
3211 case 0:
3212 /* open profile */
3213 break;
3214 default:
3215 /* cipher not supported, don't send anything to iwlmei */
3216 return;
3217 }
3218
3219 switch (mvmvif->rekey_data.akm) {
3220 case WLAN_AKM_SUITE_SAE & 0xff:
3221 conn_info.auth_mode = IWL_MEI_AKM_AUTH_SAE;
3222 break;
3223 case WLAN_AKM_SUITE_PSK & 0xff:
3224 conn_info.auth_mode = IWL_MEI_AKM_AUTH_RSNA_PSK;
3225 break;
3226 case WLAN_AKM_SUITE_8021X & 0xff:
3227 conn_info.auth_mode = IWL_MEI_AKM_AUTH_RSNA;
3228 break;
3229 case 0:
3230 /* open profile */
3231 conn_info.auth_mode = IWL_MEI_AKM_AUTH_OPEN;
3232 break;
3233 default:
3234 /* auth method / AKM not supported */
3235 /* TODO: All the FT vesions of these? */
3236 return;
3237 }
3238
3239 memcpy(conn_info.ssid, vif->cfg.ssid, vif->cfg.ssid_len);
3240 memcpy(conn_info.bssid, vif->bss_conf.bssid, ETH_ALEN);
3241
3242 /* TODO: add support for collocated AP data */
3243 iwl_mei_host_associated(&conn_info, NULL);
3244#endif
3245}
3246
3247static int iwl_mvm_mac_sta_state(struct ieee80211_hw *hw,
3248 struct ieee80211_vif *vif,
3249 struct ieee80211_sta *sta,
3250 enum ieee80211_sta_state old_state,
3251 enum ieee80211_sta_state new_state)
3252{
3253 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3254 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3255 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
3256 int ret;
3257
3258 IWL_DEBUG_MAC80211(mvm, "station %pM state change %d->%d\n",
3259 sta->addr, old_state, new_state);
3260
3261 /* this would be a mac80211 bug ... but don't crash */
3262 if (WARN_ON_ONCE(!mvmvif->phy_ctxt))
3263 return test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED, &mvm->status) ? 0 : -EINVAL;
3264
3265 /*
3266 * If we are in a STA removal flow and in DQA mode:
3267 *
3268 * This is after the sync_rcu part, so the queues have already been
3269 * flushed. No more TXs on their way in mac80211's path, and no more in
3270 * the queues.
3271 * Also, we won't be getting any new TX frames for this station.
3272 * What we might have are deferred TX frames that need to be taken care
3273 * of.
3274 *
3275 * Drop any still-queued deferred-frame before removing the STA, and
3276 * make sure the worker is no longer handling frames for this STA.
3277 */
3278 if (old_state == IEEE80211_STA_NONE &&
3279 new_state == IEEE80211_STA_NOTEXIST) {
3280 flush_work(&mvm->add_stream_wk);
3281
3282 /*
3283 * No need to make sure deferred TX indication is off since the
3284 * worker will already remove it if it was on
3285 */
3286
3287 /*
3288 * Additionally, reset the 40 MHz capability if we disconnected
3289 * from the AP now.
3290 */
3291 iwl_mvm_reset_cca_40mhz_workaround(mvm, vif);
3292 }
3293
3294 mutex_lock(&mvm->mutex);
3295 /* track whether or not the station is associated */
3296 mvm_sta->sta_state = new_state;
3297
3298 if (old_state == IEEE80211_STA_NOTEXIST &&
3299 new_state == IEEE80211_STA_NONE) {
3300 /*
3301 * Firmware bug - it'll crash if the beacon interval is less
3302 * than 16. We can't avoid connecting at all, so refuse the
3303 * station state change, this will cause mac80211 to abandon
3304 * attempts to connect to this AP, and eventually wpa_s will
3305 * blocklist the AP...
3306 */
3307 if (vif->type == NL80211_IFTYPE_STATION &&
3308 vif->bss_conf.beacon_int < 16) {
3309 IWL_ERR(mvm,
3310 "AP %pM beacon interval is %d, refusing due to firmware bug!\n",
3311 sta->addr, vif->bss_conf.beacon_int);
3312 ret = -EINVAL;
3313 goto out_unlock;
3314 }
3315
3316 if (vif->type == NL80211_IFTYPE_STATION)
3317 vif->bss_conf.he_support = sta->deflink.he_cap.has_he;
3318
3319 if (sta->tdls &&
3320 (vif->p2p ||
3321 iwl_mvm_tdls_sta_count(mvm, NULL) ==
3322 IWL_MVM_TDLS_STA_COUNT ||
3323 iwl_mvm_phy_ctx_count(mvm) > 1)) {
3324 IWL_DEBUG_MAC80211(mvm, "refusing TDLS sta\n");
3325 ret = -EBUSY;
3326 goto out_unlock;
3327 }
3328
3329 ret = iwl_mvm_add_sta(mvm, vif, sta);
3330 if (sta->tdls && ret == 0) {
3331 iwl_mvm_recalc_tdls_state(mvm, vif, true);
3332 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr,
3333 NL80211_TDLS_SETUP);
3334 }
3335
3336 sta->deflink.agg.max_rc_amsdu_len = 1;
3337 } else if (old_state == IEEE80211_STA_NONE &&
3338 new_state == IEEE80211_STA_AUTH) {
3339 /*
3340 * EBS may be disabled due to previous failures reported by FW.
3341 * Reset EBS status here assuming environment has been changed.
3342 */
3343 mvm->last_ebs_successful = true;
3344 iwl_mvm_check_uapsd(mvm, vif, sta->addr);
3345 ret = 0;
3346 } else if (old_state == IEEE80211_STA_AUTH &&
3347 new_state == IEEE80211_STA_ASSOC) {
3348 if (vif->type == NL80211_IFTYPE_AP) {
3349 vif->bss_conf.he_support = sta->deflink.he_cap.has_he;
3350 mvmvif->ap_assoc_sta_count++;
3351 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
3352 if ((vif->bss_conf.he_support &&
3353 !iwlwifi_mod_params.disable_11ax) ||
3354 (vif->bss_conf.eht_support &&
3355 !iwlwifi_mod_params.disable_11be))
3356 iwl_mvm_cfg_he_sta(mvm, vif, mvm_sta->sta_id);
3357 } else if (vif->type == NL80211_IFTYPE_STATION) {
3358 vif->bss_conf.he_support = sta->deflink.he_cap.has_he;
3359
3360 mvmvif->he_ru_2mhz_block = false;
3361 if (sta->deflink.he_cap.has_he)
3362 iwl_mvm_check_he_obss_narrow_bw_ru(hw, vif);
3363
3364 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
3365 }
3366
3367 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band,
3368 false);
3369 ret = iwl_mvm_update_sta(mvm, vif, sta);
3370 } else if (old_state == IEEE80211_STA_ASSOC &&
3371 new_state == IEEE80211_STA_AUTHORIZED) {
3372 ret = 0;
3373
3374 /* we don't support TDLS during DCM */
3375 if (iwl_mvm_phy_ctx_count(mvm) > 1)
3376 iwl_mvm_teardown_tdls_peers(mvm);
3377
3378 if (sta->tdls) {
3379 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr,
3380 NL80211_TDLS_ENABLE_LINK);
3381 } else {
3382 /* enable beacon filtering */
3383 WARN_ON(iwl_mvm_enable_beacon_filter(mvm, vif, 0));
3384
3385 mvmvif->authorized = 1;
3386
3387 /*
3388 * Now that the station is authorized, i.e., keys were already
3389 * installed, need to indicate to the FW that
3390 * multicast data frames can be forwarded to the driver
3391 */
3392 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
3393 iwl_mvm_mei_host_associated(mvm, vif, mvm_sta);
3394 }
3395
3396 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band,
3397 true);
3398 } else if (old_state == IEEE80211_STA_AUTHORIZED &&
3399 new_state == IEEE80211_STA_ASSOC) {
3400 /* once we move into assoc state, need to update rate scale to
3401 * disable using wide bandwidth
3402 */
3403 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band,
3404 false);
3405 if (!sta->tdls) {
3406 /* Multicast data frames are no longer allowed */
3407 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
3408
3409 /*
3410 * Set this after the above iwl_mvm_mac_ctxt_changed()
3411 * to avoid sending high prio again for a little time.
3412 */
3413 mvmvif->authorized = 0;
3414
3415 /* disable beacon filtering */
3416 ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0);
3417 WARN_ON(ret &&
3418 !test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED,
3419 &mvm->status));
3420 }
3421 ret = 0;
3422 } else if (old_state == IEEE80211_STA_ASSOC &&
3423 new_state == IEEE80211_STA_AUTH) {
3424 if (vif->type == NL80211_IFTYPE_AP) {
3425 mvmvif->ap_assoc_sta_count--;
3426 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
3427 } else if (vif->type == NL80211_IFTYPE_STATION && !sta->tdls)
3428 iwl_mvm_stop_session_protection(mvm, vif);
3429 ret = 0;
3430 } else if (old_state == IEEE80211_STA_AUTH &&
3431 new_state == IEEE80211_STA_NONE) {
3432 ret = 0;
3433 } else if (old_state == IEEE80211_STA_NONE &&
3434 new_state == IEEE80211_STA_NOTEXIST) {
3435 if (vif->type == NL80211_IFTYPE_STATION && !sta->tdls)
3436 iwl_mvm_stop_session_protection(mvm, vif);
3437 ret = iwl_mvm_rm_sta(mvm, vif, sta);
3438 if (sta->tdls) {
3439 iwl_mvm_recalc_tdls_state(mvm, vif, false);
3440 iwl_mvm_tdls_check_trigger(mvm, vif, sta->addr,
3441 NL80211_TDLS_DISABLE_LINK);
3442 }
3443
3444 if (unlikely(ret &&
3445 test_bit(IWL_MVM_STATUS_HW_RESTART_REQUESTED,
3446 &mvm->status)))
3447 ret = 0;
3448 } else {
3449 ret = -EIO;
3450 }
3451 out_unlock:
3452 mutex_unlock(&mvm->mutex);
3453
3454 if (sta->tdls && ret == 0) {
3455 if (old_state == IEEE80211_STA_NOTEXIST &&
3456 new_state == IEEE80211_STA_NONE)
3457 ieee80211_reserve_tid(sta, IWL_MVM_TDLS_FW_TID);
3458 else if (old_state == IEEE80211_STA_NONE &&
3459 new_state == IEEE80211_STA_NOTEXIST)
3460 ieee80211_unreserve_tid(sta, IWL_MVM_TDLS_FW_TID);
3461 }
3462
3463 return ret;
3464}
3465
3466static int iwl_mvm_mac_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
3467{
3468 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3469
3470 mvm->rts_threshold = value;
3471
3472 return 0;
3473}
3474
3475static void iwl_mvm_sta_rc_update(struct ieee80211_hw *hw,
3476 struct ieee80211_vif *vif,
3477 struct ieee80211_sta *sta, u32 changed)
3478{
3479 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3480 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3481
3482 if (changed & (IEEE80211_RC_BW_CHANGED |
3483 IEEE80211_RC_SUPP_RATES_CHANGED |
3484 IEEE80211_RC_NSS_CHANGED))
3485 iwl_mvm_rs_rate_init(mvm, sta, mvmvif->phy_ctxt->channel->band,
3486 true);
3487
3488 if (vif->type == NL80211_IFTYPE_STATION &&
3489 changed & IEEE80211_RC_NSS_CHANGED)
3490 iwl_mvm_sf_update(mvm, vif, false);
3491}
3492
3493static int iwl_mvm_mac_conf_tx(struct ieee80211_hw *hw,
3494 struct ieee80211_vif *vif,
3495 unsigned int link_id, u16 ac,
3496 const struct ieee80211_tx_queue_params *params)
3497{
3498 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3499 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3500
3501 mvmvif->queue_params[ac] = *params;
3502
3503 /*
3504 * No need to update right away, we'll get BSS_CHANGED_QOS
3505 * The exception is P2P_DEVICE interface which needs immediate update.
3506 */
3507 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) {
3508 int ret;
3509
3510 mutex_lock(&mvm->mutex);
3511 ret = iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
3512 mutex_unlock(&mvm->mutex);
3513 return ret;
3514 }
3515 return 0;
3516}
3517
3518static void iwl_mvm_mac_mgd_prepare_tx(struct ieee80211_hw *hw,
3519 struct ieee80211_vif *vif,
3520 struct ieee80211_prep_tx_info *info)
3521{
3522 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3523
3524 mutex_lock(&mvm->mutex);
3525 iwl_mvm_protect_assoc(mvm, vif, info->duration);
3526 mutex_unlock(&mvm->mutex);
3527}
3528
3529static void iwl_mvm_mac_mgd_complete_tx(struct ieee80211_hw *hw,
3530 struct ieee80211_vif *vif,
3531 struct ieee80211_prep_tx_info *info)
3532{
3533 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3534
3535 /* for successful cases (auth/assoc), don't cancel session protection */
3536 if (info->success)
3537 return;
3538
3539 mutex_lock(&mvm->mutex);
3540 iwl_mvm_stop_session_protection(mvm, vif);
3541 mutex_unlock(&mvm->mutex);
3542}
3543
3544static int iwl_mvm_mac_sched_scan_start(struct ieee80211_hw *hw,
3545 struct ieee80211_vif *vif,
3546 struct cfg80211_sched_scan_request *req,
3547 struct ieee80211_scan_ies *ies)
3548{
3549 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3550
3551 int ret;
3552
3553 mutex_lock(&mvm->mutex);
3554
3555 if (!vif->cfg.idle) {
3556 ret = -EBUSY;
3557 goto out;
3558 }
3559
3560 ret = iwl_mvm_sched_scan_start(mvm, vif, req, ies, IWL_MVM_SCAN_SCHED);
3561
3562out:
3563 mutex_unlock(&mvm->mutex);
3564 return ret;
3565}
3566
3567static int iwl_mvm_mac_sched_scan_stop(struct ieee80211_hw *hw,
3568 struct ieee80211_vif *vif)
3569{
3570 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3571 int ret;
3572
3573 mutex_lock(&mvm->mutex);
3574
3575 /* Due to a race condition, it's possible that mac80211 asks
3576 * us to stop a sched_scan when it's already stopped. This
3577 * can happen, for instance, if we stopped the scan ourselves,
3578 * called ieee80211_sched_scan_stopped() and the userspace called
3579 * stop sched scan scan before ieee80211_sched_scan_stopped_work()
3580 * could run. To handle this, simply return if the scan is
3581 * not running.
3582 */
3583 if (!(mvm->scan_status & IWL_MVM_SCAN_SCHED)) {
3584 mutex_unlock(&mvm->mutex);
3585 return 0;
3586 }
3587
3588 ret = iwl_mvm_scan_stop(mvm, IWL_MVM_SCAN_SCHED, false);
3589 mutex_unlock(&mvm->mutex);
3590 iwl_mvm_wait_for_async_handlers(mvm);
3591
3592 return ret;
3593}
3594
3595static int __iwl_mvm_mac_set_key(struct ieee80211_hw *hw,
3596 enum set_key_cmd cmd,
3597 struct ieee80211_vif *vif,
3598 struct ieee80211_sta *sta,
3599 struct ieee80211_key_conf *key)
3600{
3601 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3602 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3603 struct iwl_mvm_sta *mvmsta = NULL;
3604 struct iwl_mvm_key_pn *ptk_pn;
3605 int keyidx = key->keyidx;
3606 u32 sec_key_id = WIDE_ID(DATA_PATH_GROUP, SEC_KEY_CMD);
3607 u8 sec_key_ver = iwl_fw_lookup_cmd_ver(mvm->fw, sec_key_id, 0);
3608 int ret, i;
3609 u8 key_offset;
3610
3611 if (sta)
3612 mvmsta = iwl_mvm_sta_from_mac80211(sta);
3613
3614 switch (key->cipher) {
3615 case WLAN_CIPHER_SUITE_TKIP:
3616 if (!mvm->trans->trans_cfg->gen2) {
3617 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
3618 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE;
3619 } else if (vif->type == NL80211_IFTYPE_STATION) {
3620 key->flags |= IEEE80211_KEY_FLAG_PUT_MIC_SPACE;
3621 } else {
3622 IWL_DEBUG_MAC80211(mvm, "Use SW encryption for TKIP\n");
3623 return -EOPNOTSUPP;
3624 }
3625 break;
3626 case WLAN_CIPHER_SUITE_CCMP:
3627 case WLAN_CIPHER_SUITE_GCMP:
3628 case WLAN_CIPHER_SUITE_GCMP_256:
3629 if (!iwl_mvm_has_new_tx_api(mvm))
3630 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE;
3631 break;
3632 case WLAN_CIPHER_SUITE_AES_CMAC:
3633 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
3634 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
3635 WARN_ON_ONCE(!ieee80211_hw_check(hw, MFP_CAPABLE));
3636 break;
3637 case WLAN_CIPHER_SUITE_WEP40:
3638 case WLAN_CIPHER_SUITE_WEP104:
3639 if (vif->type == NL80211_IFTYPE_STATION)
3640 break;
3641 if (iwl_mvm_has_new_tx_api(mvm))
3642 return -EOPNOTSUPP;
3643 /* support HW crypto on TX */
3644 return 0;
3645 default:
3646 return -EOPNOTSUPP;
3647 }
3648
3649 switch (cmd) {
3650 case SET_KEY:
3651 if (keyidx == 6 || keyidx == 7)
3652 rcu_assign_pointer(mvmvif->bcn_prot.keys[keyidx - 6],
3653 key);
3654
3655 if ((vif->type == NL80211_IFTYPE_ADHOC ||
3656 vif->type == NL80211_IFTYPE_AP) && !sta) {
3657 /*
3658 * GTK on AP interface is a TX-only key, return 0;
3659 * on IBSS they're per-station and because we're lazy
3660 * we don't support them for RX, so do the same.
3661 * CMAC/GMAC in AP/IBSS modes must be done in software.
3662 */
3663 if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC ||
3664 key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_128 ||
3665 key->cipher == WLAN_CIPHER_SUITE_BIP_GMAC_256) {
3666 ret = -EOPNOTSUPP;
3667 break;
3668 }
3669
3670 if (key->cipher != WLAN_CIPHER_SUITE_GCMP &&
3671 key->cipher != WLAN_CIPHER_SUITE_GCMP_256 &&
3672 !iwl_mvm_has_new_tx_api(mvm)) {
3673 key->hw_key_idx = STA_KEY_IDX_INVALID;
3674 ret = 0;
3675 break;
3676 }
3677
3678 if (!mvmvif->ap_ibss_active) {
3679 for (i = 0;
3680 i < ARRAY_SIZE(mvmvif->ap_early_keys);
3681 i++) {
3682 if (!mvmvif->ap_early_keys[i]) {
3683 mvmvif->ap_early_keys[i] = key;
3684 break;
3685 }
3686 }
3687
3688 if (i >= ARRAY_SIZE(mvmvif->ap_early_keys))
3689 ret = -ENOSPC;
3690 else
3691 ret = 0;
3692
3693 break;
3694 }
3695 }
3696
3697 /* During FW restart, in order to restore the state as it was,
3698 * don't try to reprogram keys we previously failed for.
3699 */
3700 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) &&
3701 key->hw_key_idx == STA_KEY_IDX_INVALID) {
3702 IWL_DEBUG_MAC80211(mvm,
3703 "skip invalid idx key programming during restart\n");
3704 ret = 0;
3705 break;
3706 }
3707
3708 if (!test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status) &&
3709 mvmsta && iwl_mvm_has_new_rx_api(mvm) &&
3710 key->flags & IEEE80211_KEY_FLAG_PAIRWISE &&
3711 (key->cipher == WLAN_CIPHER_SUITE_CCMP ||
3712 key->cipher == WLAN_CIPHER_SUITE_GCMP ||
3713 key->cipher == WLAN_CIPHER_SUITE_GCMP_256)) {
3714 struct ieee80211_key_seq seq;
3715 int tid, q;
3716
3717 WARN_ON(rcu_access_pointer(mvmsta->ptk_pn[keyidx]));
3718 ptk_pn = kzalloc(struct_size(ptk_pn, q,
3719 mvm->trans->num_rx_queues),
3720 GFP_KERNEL);
3721 if (!ptk_pn) {
3722 ret = -ENOMEM;
3723 break;
3724 }
3725
3726 for (tid = 0; tid < IWL_MAX_TID_COUNT; tid++) {
3727 ieee80211_get_key_rx_seq(key, tid, &seq);
3728 for (q = 0; q < mvm->trans->num_rx_queues; q++)
3729 memcpy(ptk_pn->q[q].pn[tid],
3730 seq.ccmp.pn,
3731 IEEE80211_CCMP_PN_LEN);
3732 }
3733
3734 rcu_assign_pointer(mvmsta->ptk_pn[keyidx], ptk_pn);
3735 }
3736
3737 /* in HW restart reuse the index, otherwise request a new one */
3738 if (test_bit(IWL_MVM_STATUS_IN_HW_RESTART, &mvm->status))
3739 key_offset = key->hw_key_idx;
3740 else
3741 key_offset = STA_KEY_IDX_INVALID;
3742
3743 if (mvmsta && key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
3744 mvmsta->pairwise_cipher = key->cipher;
3745
3746 IWL_DEBUG_MAC80211(mvm, "set hwcrypto key\n");
3747
3748 if (sec_key_ver)
3749 ret = iwl_mvm_sec_key_add(mvm, vif, sta, key);
3750 else
3751 ret = iwl_mvm_set_sta_key(mvm, vif, sta, key, key_offset);
3752
3753 if (ret) {
3754 IWL_WARN(mvm, "set key failed\n");
3755 key->hw_key_idx = STA_KEY_IDX_INVALID;
3756 /*
3757 * can't add key for RX, but we don't need it
3758 * in the device for TX so still return 0,
3759 * unless we have new TX API where we cannot
3760 * put key material into the TX_CMD
3761 */
3762 if (iwl_mvm_has_new_tx_api(mvm))
3763 ret = -EOPNOTSUPP;
3764 else
3765 ret = 0;
3766 }
3767
3768 break;
3769 case DISABLE_KEY:
3770 if (keyidx == 6 || keyidx == 7)
3771 RCU_INIT_POINTER(mvmvif->bcn_prot.keys[keyidx - 6],
3772 NULL);
3773
3774 ret = -ENOENT;
3775 for (i = 0; i < ARRAY_SIZE(mvmvif->ap_early_keys); i++) {
3776 if (mvmvif->ap_early_keys[i] == key) {
3777 mvmvif->ap_early_keys[i] = NULL;
3778 ret = 0;
3779 }
3780 }
3781
3782 /* found in pending list - don't do anything else */
3783 if (ret == 0)
3784 break;
3785
3786 if (key->hw_key_idx == STA_KEY_IDX_INVALID) {
3787 ret = 0;
3788 break;
3789 }
3790
3791 if (mvmsta && iwl_mvm_has_new_rx_api(mvm) &&
3792 key->flags & IEEE80211_KEY_FLAG_PAIRWISE &&
3793 (key->cipher == WLAN_CIPHER_SUITE_CCMP ||
3794 key->cipher == WLAN_CIPHER_SUITE_GCMP ||
3795 key->cipher == WLAN_CIPHER_SUITE_GCMP_256)) {
3796 ptk_pn = rcu_dereference_protected(
3797 mvmsta->ptk_pn[keyidx],
3798 lockdep_is_held(&mvm->mutex));
3799 RCU_INIT_POINTER(mvmsta->ptk_pn[keyidx], NULL);
3800 if (ptk_pn)
3801 kfree_rcu(ptk_pn, rcu_head);
3802 }
3803
3804 IWL_DEBUG_MAC80211(mvm, "disable hwcrypto key\n");
3805 if (sec_key_ver)
3806 ret = iwl_mvm_sec_key_del(mvm, vif, sta, key);
3807 else
3808 ret = iwl_mvm_remove_sta_key(mvm, vif, sta, key);
3809 break;
3810 default:
3811 ret = -EINVAL;
3812 }
3813
3814 return ret;
3815}
3816
3817static int iwl_mvm_mac_set_key(struct ieee80211_hw *hw,
3818 enum set_key_cmd cmd,
3819 struct ieee80211_vif *vif,
3820 struct ieee80211_sta *sta,
3821 struct ieee80211_key_conf *key)
3822{
3823 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3824 int ret;
3825
3826 mutex_lock(&mvm->mutex);
3827 ret = __iwl_mvm_mac_set_key(hw, cmd, vif, sta, key);
3828 mutex_unlock(&mvm->mutex);
3829
3830 return ret;
3831}
3832
3833static void iwl_mvm_mac_update_tkip_key(struct ieee80211_hw *hw,
3834 struct ieee80211_vif *vif,
3835 struct ieee80211_key_conf *keyconf,
3836 struct ieee80211_sta *sta,
3837 u32 iv32, u16 *phase1key)
3838{
3839 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
3840
3841 if (keyconf->hw_key_idx == STA_KEY_IDX_INVALID)
3842 return;
3843
3844 iwl_mvm_update_tkip_key(mvm, vif, keyconf, sta, iv32, phase1key);
3845}
3846
3847
3848static bool iwl_mvm_rx_aux_roc(struct iwl_notif_wait_data *notif_wait,
3849 struct iwl_rx_packet *pkt, void *data)
3850{
3851 struct iwl_mvm *mvm =
3852 container_of(notif_wait, struct iwl_mvm, notif_wait);
3853 struct iwl_hs20_roc_res *resp;
3854 int resp_len = iwl_rx_packet_payload_len(pkt);
3855 struct iwl_mvm_time_event_data *te_data = data;
3856
3857 if (WARN_ON(pkt->hdr.cmd != HOT_SPOT_CMD))
3858 return true;
3859
3860 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) {
3861 IWL_ERR(mvm, "Invalid HOT_SPOT_CMD response\n");
3862 return true;
3863 }
3864
3865 resp = (void *)pkt->data;
3866
3867 IWL_DEBUG_TE(mvm,
3868 "Aux ROC: Received response from ucode: status=%d uid=%d\n",
3869 resp->status, resp->event_unique_id);
3870
3871 te_data->uid = le32_to_cpu(resp->event_unique_id);
3872 IWL_DEBUG_TE(mvm, "TIME_EVENT_CMD response - UID = 0x%x\n",
3873 te_data->uid);
3874
3875 spin_lock_bh(&mvm->time_event_lock);
3876 list_add_tail(&te_data->list, &mvm->aux_roc_te_list);
3877 spin_unlock_bh(&mvm->time_event_lock);
3878
3879 return true;
3880}
3881
3882#define AUX_ROC_MIN_DURATION MSEC_TO_TU(100)
3883#define AUX_ROC_MIN_DELAY MSEC_TO_TU(200)
3884#define AUX_ROC_MAX_DELAY MSEC_TO_TU(600)
3885#define AUX_ROC_SAFETY_BUFFER MSEC_TO_TU(20)
3886#define AUX_ROC_MIN_SAFETY_BUFFER MSEC_TO_TU(10)
3887static int iwl_mvm_send_aux_roc_cmd(struct iwl_mvm *mvm,
3888 struct ieee80211_channel *channel,
3889 struct ieee80211_vif *vif,
3890 int duration)
3891{
3892 int res;
3893 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
3894 struct iwl_mvm_time_event_data *te_data = &mvmvif->hs_time_event_data;
3895 static const u16 time_event_response[] = { HOT_SPOT_CMD };
3896 struct iwl_notification_wait wait_time_event;
3897 u32 dtim_interval = vif->bss_conf.dtim_period *
3898 vif->bss_conf.beacon_int;
3899 u32 req_dur, delay;
3900 struct iwl_hs20_roc_req aux_roc_req = {
3901 .action = cpu_to_le32(FW_CTXT_ACTION_ADD),
3902 .id_and_color =
3903 cpu_to_le32(FW_CMD_ID_AND_COLOR(MAC_INDEX_AUX, 0)),
3904 .sta_id_and_color = cpu_to_le32(mvm->aux_sta.sta_id),
3905 };
3906 struct iwl_hs20_roc_req_tail *tail = iwl_mvm_chan_info_cmd_tail(mvm,
3907 &aux_roc_req.channel_info);
3908 u16 len = sizeof(aux_roc_req) - iwl_mvm_chan_info_padding(mvm);
3909
3910 /* Set the channel info data */
3911 iwl_mvm_set_chan_info(mvm, &aux_roc_req.channel_info, channel->hw_value,
3912 iwl_mvm_phy_band_from_nl80211(channel->band),
3913 IWL_PHY_CHANNEL_MODE20,
3914 0);
3915
3916 /* Set the time and duration */
3917 tail->apply_time = cpu_to_le32(iwl_mvm_get_systime(mvm));
3918
3919 delay = AUX_ROC_MIN_DELAY;
3920 req_dur = MSEC_TO_TU(duration);
3921
3922 /*
3923 * If we are associated we want the delay time to be at least one
3924 * dtim interval so that the FW can wait until after the DTIM and
3925 * then start the time event, this will potentially allow us to
3926 * remain off-channel for the max duration.
3927 * Since we want to use almost a whole dtim interval we would also
3928 * like the delay to be for 2-3 dtim intervals, in case there are
3929 * other time events with higher priority.
3930 */
3931 if (vif->cfg.assoc) {
3932 delay = min_t(u32, dtim_interval * 3, AUX_ROC_MAX_DELAY);
3933 /* We cannot remain off-channel longer than the DTIM interval */
3934 if (dtim_interval <= req_dur) {
3935 req_dur = dtim_interval - AUX_ROC_SAFETY_BUFFER;
3936 if (req_dur <= AUX_ROC_MIN_DURATION)
3937 req_dur = dtim_interval -
3938 AUX_ROC_MIN_SAFETY_BUFFER;
3939 }
3940 }
3941
3942 tail->duration = cpu_to_le32(req_dur);
3943 tail->apply_time_max_delay = cpu_to_le32(delay);
3944
3945 IWL_DEBUG_TE(mvm,
3946 "ROC: Requesting to remain on channel %u for %ums\n",
3947 channel->hw_value, req_dur);
3948 IWL_DEBUG_TE(mvm,
3949 "\t(requested = %ums, max_delay = %ums, dtim_interval = %ums)\n",
3950 duration, delay, dtim_interval);
3951
3952 /* Set the node address */
3953 memcpy(tail->node_addr, vif->addr, ETH_ALEN);
3954
3955 lockdep_assert_held(&mvm->mutex);
3956
3957 spin_lock_bh(&mvm->time_event_lock);
3958
3959 if (WARN_ON(te_data->id == HOT_SPOT_CMD)) {
3960 spin_unlock_bh(&mvm->time_event_lock);
3961 return -EIO;
3962 }
3963
3964 te_data->vif = vif;
3965 te_data->duration = duration;
3966 te_data->id = HOT_SPOT_CMD;
3967
3968 spin_unlock_bh(&mvm->time_event_lock);
3969
3970 /*
3971 * Use a notification wait, which really just processes the
3972 * command response and doesn't wait for anything, in order
3973 * to be able to process the response and get the UID inside
3974 * the RX path. Using CMD_WANT_SKB doesn't work because it
3975 * stores the buffer and then wakes up this thread, by which
3976 * time another notification (that the time event started)
3977 * might already be processed unsuccessfully.
3978 */
3979 iwl_init_notification_wait(&mvm->notif_wait, &wait_time_event,
3980 time_event_response,
3981 ARRAY_SIZE(time_event_response),
3982 iwl_mvm_rx_aux_roc, te_data);
3983
3984 res = iwl_mvm_send_cmd_pdu(mvm, HOT_SPOT_CMD, 0, len,
3985 &aux_roc_req);
3986
3987 if (res) {
3988 IWL_ERR(mvm, "Couldn't send HOT_SPOT_CMD: %d\n", res);
3989 iwl_remove_notification(&mvm->notif_wait, &wait_time_event);
3990 goto out_clear_te;
3991 }
3992
3993 /* No need to wait for anything, so just pass 1 (0 isn't valid) */
3994 res = iwl_wait_notification(&mvm->notif_wait, &wait_time_event, 1);
3995 /* should never fail */
3996 WARN_ON_ONCE(res);
3997
3998 if (res) {
3999 out_clear_te:
4000 spin_lock_bh(&mvm->time_event_lock);
4001 iwl_mvm_te_clear_data(mvm, te_data);
4002 spin_unlock_bh(&mvm->time_event_lock);
4003 }
4004
4005 return res;
4006}
4007
4008static int iwl_mvm_roc(struct ieee80211_hw *hw,
4009 struct ieee80211_vif *vif,
4010 struct ieee80211_channel *channel,
4011 int duration,
4012 enum ieee80211_roc_type type)
4013{
4014 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4015 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
4016 struct cfg80211_chan_def chandef;
4017 struct iwl_mvm_phy_ctxt *phy_ctxt;
4018 bool band_change_removal;
4019 int ret, i;
4020
4021 IWL_DEBUG_MAC80211(mvm, "enter (%d, %d, %d)\n", channel->hw_value,
4022 duration, type);
4023
4024 /*
4025 * Flush the done work, just in case it's still pending, so that
4026 * the work it does can complete and we can accept new frames.
4027 */
4028 flush_work(&mvm->roc_done_wk);
4029
4030 mutex_lock(&mvm->mutex);
4031
4032 switch (vif->type) {
4033 case NL80211_IFTYPE_STATION:
4034 if (fw_has_capa(&mvm->fw->ucode_capa,
4035 IWL_UCODE_TLV_CAPA_HOTSPOT_SUPPORT)) {
4036 /* Use aux roc framework (HS20) */
4037 if (iwl_fw_lookup_cmd_ver(mvm->fw, ADD_STA, 0) >= 12) {
4038 u32 lmac_id;
4039
4040 lmac_id = iwl_mvm_get_lmac_id(mvm->fw,
4041 channel->band);
4042 ret = iwl_mvm_add_aux_sta(mvm, lmac_id);
4043 if (WARN(ret,
4044 "Failed to allocate aux station"))
4045 goto out_unlock;
4046 }
4047 ret = iwl_mvm_send_aux_roc_cmd(mvm, channel,
4048 vif, duration);
4049 goto out_unlock;
4050 }
4051 IWL_ERR(mvm, "hotspot not supported\n");
4052 ret = -EINVAL;
4053 goto out_unlock;
4054 case NL80211_IFTYPE_P2P_DEVICE:
4055 /* handle below */
4056 break;
4057 default:
4058 IWL_ERR(mvm, "vif isn't P2P_DEVICE: %d\n", vif->type);
4059 ret = -EINVAL;
4060 goto out_unlock;
4061 }
4062
4063 for (i = 0; i < NUM_PHY_CTX; i++) {
4064 phy_ctxt = &mvm->phy_ctxts[i];
4065 if (phy_ctxt->ref == 0 || mvmvif->phy_ctxt == phy_ctxt)
4066 continue;
4067
4068 if (phy_ctxt->ref && channel == phy_ctxt->channel) {
4069 /*
4070 * Unbind the P2P_DEVICE from the current PHY context,
4071 * and if the PHY context is not used remove it.
4072 */
4073 ret = iwl_mvm_binding_remove_vif(mvm, vif);
4074 if (WARN(ret, "Failed unbinding P2P_DEVICE\n"))
4075 goto out_unlock;
4076
4077 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt);
4078
4079 /* Bind the P2P_DEVICE to the current PHY Context */
4080 mvmvif->phy_ctxt = phy_ctxt;
4081
4082 ret = iwl_mvm_binding_add_vif(mvm, vif);
4083 if (WARN(ret, "Failed binding P2P_DEVICE\n"))
4084 goto out_unlock;
4085
4086 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt);
4087 goto schedule_time_event;
4088 }
4089 }
4090
4091 /* Need to update the PHY context only if the ROC channel changed */
4092 if (channel == mvmvif->phy_ctxt->channel)
4093 goto schedule_time_event;
4094
4095 cfg80211_chandef_create(&chandef, channel, NL80211_CHAN_NO_HT);
4096
4097 /*
4098 * Check if the remain-on-channel is on a different band and that
4099 * requires context removal, see iwl_mvm_phy_ctxt_changed(). If
4100 * so, we'll need to release and then re-configure here, since we
4101 * must not remove a PHY context that's part of a binding.
4102 */
4103 band_change_removal =
4104 fw_has_capa(&mvm->fw->ucode_capa,
4105 IWL_UCODE_TLV_CAPA_BINDING_CDB_SUPPORT) &&
4106 mvmvif->phy_ctxt->channel->band != chandef.chan->band;
4107
4108 if (mvmvif->phy_ctxt->ref == 1 && !band_change_removal) {
4109 /*
4110 * Change the PHY context configuration as it is currently
4111 * referenced only by the P2P Device MAC (and we can modify it)
4112 */
4113 ret = iwl_mvm_phy_ctxt_changed(mvm, mvmvif->phy_ctxt,
4114 &chandef, 1, 1);
4115 if (ret)
4116 goto out_unlock;
4117 } else {
4118 /*
4119 * The PHY context is shared with other MACs (or we're trying to
4120 * switch bands), so remove the P2P Device from the binding,
4121 * allocate an new PHY context and create a new binding.
4122 */
4123 phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm);
4124 if (!phy_ctxt) {
4125 ret = -ENOSPC;
4126 goto out_unlock;
4127 }
4128
4129 ret = iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, &chandef,
4130 1, 1);
4131 if (ret) {
4132 IWL_ERR(mvm, "Failed to change PHY context\n");
4133 goto out_unlock;
4134 }
4135
4136 /* Unbind the P2P_DEVICE from the current PHY context */
4137 ret = iwl_mvm_binding_remove_vif(mvm, vif);
4138 if (WARN(ret, "Failed unbinding P2P_DEVICE\n"))
4139 goto out_unlock;
4140
4141 iwl_mvm_phy_ctxt_unref(mvm, mvmvif->phy_ctxt);
4142
4143 /* Bind the P2P_DEVICE to the new allocated PHY context */
4144 mvmvif->phy_ctxt = phy_ctxt;
4145
4146 ret = iwl_mvm_binding_add_vif(mvm, vif);
4147 if (WARN(ret, "Failed binding P2P_DEVICE\n"))
4148 goto out_unlock;
4149
4150 iwl_mvm_phy_ctxt_ref(mvm, mvmvif->phy_ctxt);
4151 }
4152
4153schedule_time_event:
4154 /* Schedule the time events */
4155 ret = iwl_mvm_start_p2p_roc(mvm, vif, duration, type);
4156
4157out_unlock:
4158 mutex_unlock(&mvm->mutex);
4159 IWL_DEBUG_MAC80211(mvm, "leave\n");
4160 return ret;
4161}
4162
4163static int iwl_mvm_cancel_roc(struct ieee80211_hw *hw,
4164 struct ieee80211_vif *vif)
4165{
4166 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4167
4168 IWL_DEBUG_MAC80211(mvm, "enter\n");
4169
4170 mutex_lock(&mvm->mutex);
4171 iwl_mvm_stop_roc(mvm, vif);
4172 mutex_unlock(&mvm->mutex);
4173
4174 IWL_DEBUG_MAC80211(mvm, "leave\n");
4175 return 0;
4176}
4177
4178struct iwl_mvm_ftm_responder_iter_data {
4179 bool responder;
4180 struct ieee80211_chanctx_conf *ctx;
4181};
4182
4183static void iwl_mvm_ftm_responder_chanctx_iter(void *_data, u8 *mac,
4184 struct ieee80211_vif *vif)
4185{
4186 struct iwl_mvm_ftm_responder_iter_data *data = _data;
4187
4188 if (rcu_access_pointer(vif->bss_conf.chanctx_conf) == data->ctx &&
4189 vif->type == NL80211_IFTYPE_AP && vif->bss_conf.ftmr_params)
4190 data->responder = true;
4191}
4192
4193static bool iwl_mvm_is_ftm_responder_chanctx(struct iwl_mvm *mvm,
4194 struct ieee80211_chanctx_conf *ctx)
4195{
4196 struct iwl_mvm_ftm_responder_iter_data data = {
4197 .responder = false,
4198 .ctx = ctx,
4199 };
4200
4201 ieee80211_iterate_active_interfaces_atomic(mvm->hw,
4202 IEEE80211_IFACE_ITER_NORMAL,
4203 iwl_mvm_ftm_responder_chanctx_iter,
4204 &data);
4205 return data.responder;
4206}
4207
4208static int __iwl_mvm_add_chanctx(struct iwl_mvm *mvm,
4209 struct ieee80211_chanctx_conf *ctx)
4210{
4211 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv;
4212 struct iwl_mvm_phy_ctxt *phy_ctxt;
4213 bool responder = iwl_mvm_is_ftm_responder_chanctx(mvm, ctx);
4214 struct cfg80211_chan_def *def = responder ? &ctx->def : &ctx->min_def;
4215 int ret;
4216
4217 lockdep_assert_held(&mvm->mutex);
4218
4219 IWL_DEBUG_MAC80211(mvm, "Add channel context\n");
4220
4221 phy_ctxt = iwl_mvm_get_free_phy_ctxt(mvm);
4222 if (!phy_ctxt) {
4223 ret = -ENOSPC;
4224 goto out;
4225 }
4226
4227 ret = iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, def,
4228 ctx->rx_chains_static,
4229 ctx->rx_chains_dynamic);
4230 if (ret) {
4231 IWL_ERR(mvm, "Failed to add PHY context\n");
4232 goto out;
4233 }
4234
4235 iwl_mvm_phy_ctxt_ref(mvm, phy_ctxt);
4236 *phy_ctxt_id = phy_ctxt->id;
4237out:
4238 return ret;
4239}
4240
4241static int iwl_mvm_add_chanctx(struct ieee80211_hw *hw,
4242 struct ieee80211_chanctx_conf *ctx)
4243{
4244 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4245 int ret;
4246
4247 mutex_lock(&mvm->mutex);
4248 ret = __iwl_mvm_add_chanctx(mvm, ctx);
4249 mutex_unlock(&mvm->mutex);
4250
4251 return ret;
4252}
4253
4254static void __iwl_mvm_remove_chanctx(struct iwl_mvm *mvm,
4255 struct ieee80211_chanctx_conf *ctx)
4256{
4257 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv;
4258 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id];
4259
4260 lockdep_assert_held(&mvm->mutex);
4261
4262 iwl_mvm_phy_ctxt_unref(mvm, phy_ctxt);
4263}
4264
4265static void iwl_mvm_remove_chanctx(struct ieee80211_hw *hw,
4266 struct ieee80211_chanctx_conf *ctx)
4267{
4268 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4269
4270 mutex_lock(&mvm->mutex);
4271 __iwl_mvm_remove_chanctx(mvm, ctx);
4272 mutex_unlock(&mvm->mutex);
4273}
4274
4275static void iwl_mvm_change_chanctx(struct ieee80211_hw *hw,
4276 struct ieee80211_chanctx_conf *ctx,
4277 u32 changed)
4278{
4279 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4280 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv;
4281 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id];
4282 bool responder = iwl_mvm_is_ftm_responder_chanctx(mvm, ctx);
4283 struct cfg80211_chan_def *def = responder ? &ctx->def : &ctx->min_def;
4284
4285 if (WARN_ONCE((phy_ctxt->ref > 1) &&
4286 (changed & ~(IEEE80211_CHANCTX_CHANGE_WIDTH |
4287 IEEE80211_CHANCTX_CHANGE_RX_CHAINS |
4288 IEEE80211_CHANCTX_CHANGE_RADAR |
4289 IEEE80211_CHANCTX_CHANGE_MIN_WIDTH)),
4290 "Cannot change PHY. Ref=%d, changed=0x%X\n",
4291 phy_ctxt->ref, changed))
4292 return;
4293
4294 mutex_lock(&mvm->mutex);
4295
4296 /* we are only changing the min_width, may be a noop */
4297 if (changed == IEEE80211_CHANCTX_CHANGE_MIN_WIDTH) {
4298 if (phy_ctxt->width == def->width)
4299 goto out_unlock;
4300
4301 /* we are just toggling between 20_NOHT and 20 */
4302 if (phy_ctxt->width <= NL80211_CHAN_WIDTH_20 &&
4303 def->width <= NL80211_CHAN_WIDTH_20)
4304 goto out_unlock;
4305 }
4306
4307 iwl_mvm_bt_coex_vif_change(mvm);
4308 iwl_mvm_phy_ctxt_changed(mvm, phy_ctxt, def,
4309 ctx->rx_chains_static,
4310 ctx->rx_chains_dynamic);
4311
4312out_unlock:
4313 mutex_unlock(&mvm->mutex);
4314}
4315
4316static int __iwl_mvm_assign_vif_chanctx(struct iwl_mvm *mvm,
4317 struct ieee80211_vif *vif,
4318 struct ieee80211_chanctx_conf *ctx,
4319 bool switching_chanctx)
4320{
4321 u16 *phy_ctxt_id = (u16 *)ctx->drv_priv;
4322 struct iwl_mvm_phy_ctxt *phy_ctxt = &mvm->phy_ctxts[*phy_ctxt_id];
4323 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
4324 int ret;
4325
4326 lockdep_assert_held(&mvm->mutex);
4327
4328 mvmvif->phy_ctxt = phy_ctxt;
4329
4330 switch (vif->type) {
4331 case NL80211_IFTYPE_AP:
4332 /* only needed if we're switching chanctx (i.e. during CSA) */
4333 if (switching_chanctx) {
4334 mvmvif->ap_ibss_active = true;
4335 break;
4336 }
4337 fallthrough;
4338 case NL80211_IFTYPE_ADHOC:
4339 /*
4340 * The AP binding flow is handled as part of the start_ap flow
4341 * (in bss_info_changed), similarly for IBSS.
4342 */
4343 ret = 0;
4344 goto out;
4345 case NL80211_IFTYPE_STATION:
4346 mvmvif->csa_bcn_pending = false;
4347 break;
4348 case NL80211_IFTYPE_MONITOR:
4349 /* always disable PS when a monitor interface is active */
4350 mvmvif->ps_disabled = true;
4351 break;
4352 default:
4353 ret = -EINVAL;
4354 goto out;
4355 }
4356
4357 ret = iwl_mvm_binding_add_vif(mvm, vif);
4358 if (ret)
4359 goto out;
4360
4361 /*
4362 * Power state must be updated before quotas,
4363 * otherwise fw will complain.
4364 */
4365 iwl_mvm_power_update_mac(mvm);
4366
4367 /* Setting the quota at this stage is only required for monitor
4368 * interfaces. For the other types, the bss_info changed flow
4369 * will handle quota settings.
4370 */
4371 if (vif->type == NL80211_IFTYPE_MONITOR) {
4372 mvmvif->monitor_active = true;
4373 ret = iwl_mvm_update_quotas(mvm, false, NULL);
4374 if (ret)
4375 goto out_remove_binding;
4376
4377 ret = iwl_mvm_add_snif_sta(mvm, vif);
4378 if (ret)
4379 goto out_remove_binding;
4380
4381 }
4382
4383 /* Handle binding during CSA */
4384 if (vif->type == NL80211_IFTYPE_AP) {
4385 iwl_mvm_update_quotas(mvm, false, NULL);
4386 iwl_mvm_mac_ctxt_changed(mvm, vif, false, NULL);
4387 }
4388
4389 if (switching_chanctx && vif->type == NL80211_IFTYPE_STATION) {
4390 mvmvif->csa_bcn_pending = true;
4391
4392 if (!fw_has_capa(&mvm->fw->ucode_capa,
4393 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) {
4394 u32 duration = 3 * vif->bss_conf.beacon_int;
4395
4396 /* Protect the session to make sure we hear the first
4397 * beacon on the new channel.
4398 */
4399 iwl_mvm_protect_session(mvm, vif, duration, duration,
4400 vif->bss_conf.beacon_int / 2,
4401 true);
4402 }
4403
4404 iwl_mvm_update_quotas(mvm, false, NULL);
4405 }
4406
4407 goto out;
4408
4409out_remove_binding:
4410 iwl_mvm_binding_remove_vif(mvm, vif);
4411 iwl_mvm_power_update_mac(mvm);
4412out:
4413 if (ret)
4414 mvmvif->phy_ctxt = NULL;
4415 return ret;
4416}
4417static int iwl_mvm_assign_vif_chanctx(struct ieee80211_hw *hw,
4418 struct ieee80211_vif *vif,
4419 struct ieee80211_bss_conf *link_conf,
4420 struct ieee80211_chanctx_conf *ctx)
4421{
4422 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4423 int ret;
4424
4425 mutex_lock(&mvm->mutex);
4426 ret = __iwl_mvm_assign_vif_chanctx(mvm, vif, ctx, false);
4427 mutex_unlock(&mvm->mutex);
4428
4429 return ret;
4430}
4431
4432static void __iwl_mvm_unassign_vif_chanctx(struct iwl_mvm *mvm,
4433 struct ieee80211_vif *vif,
4434 struct ieee80211_chanctx_conf *ctx,
4435 bool switching_chanctx)
4436{
4437 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
4438 struct ieee80211_vif *disabled_vif = NULL;
4439
4440 lockdep_assert_held(&mvm->mutex);
4441 iwl_mvm_remove_time_event(mvm, mvmvif, &mvmvif->time_event_data);
4442
4443 switch (vif->type) {
4444 case NL80211_IFTYPE_ADHOC:
4445 goto out;
4446 case NL80211_IFTYPE_MONITOR:
4447 mvmvif->monitor_active = false;
4448 mvmvif->ps_disabled = false;
4449 iwl_mvm_rm_snif_sta(mvm, vif);
4450 break;
4451 case NL80211_IFTYPE_AP:
4452 /* This part is triggered only during CSA */
4453 if (!switching_chanctx || !mvmvif->ap_ibss_active)
4454 goto out;
4455
4456 mvmvif->csa_countdown = false;
4457
4458 /* Set CS bit on all the stations */
4459 iwl_mvm_modify_all_sta_disable_tx(mvm, mvmvif, true);
4460
4461 /* Save blocked iface, the timeout is set on the next beacon */
4462 rcu_assign_pointer(mvm->csa_tx_blocked_vif, vif);
4463
4464 mvmvif->ap_ibss_active = false;
4465 break;
4466 case NL80211_IFTYPE_STATION:
4467 if (!switching_chanctx)
4468 break;
4469
4470 disabled_vif = vif;
4471
4472 if (!fw_has_capa(&mvm->fw->ucode_capa,
4473 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD))
4474 iwl_mvm_mac_ctxt_changed(mvm, vif, true, NULL);
4475 break;
4476 default:
4477 break;
4478 }
4479
4480 iwl_mvm_update_quotas(mvm, false, disabled_vif);
4481 iwl_mvm_binding_remove_vif(mvm, vif);
4482
4483out:
4484 if (fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD) &&
4485 switching_chanctx)
4486 return;
4487 mvmvif->phy_ctxt = NULL;
4488 iwl_mvm_power_update_mac(mvm);
4489}
4490
4491static void iwl_mvm_unassign_vif_chanctx(struct ieee80211_hw *hw,
4492 struct ieee80211_vif *vif,
4493 struct ieee80211_bss_conf *link_conf,
4494 struct ieee80211_chanctx_conf *ctx)
4495{
4496 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4497
4498 mutex_lock(&mvm->mutex);
4499 __iwl_mvm_unassign_vif_chanctx(mvm, vif, ctx, false);
4500 mutex_unlock(&mvm->mutex);
4501}
4502
4503static int
4504iwl_mvm_switch_vif_chanctx_swap(struct iwl_mvm *mvm,
4505 struct ieee80211_vif_chanctx_switch *vifs)
4506{
4507 int ret;
4508
4509 mutex_lock(&mvm->mutex);
4510 __iwl_mvm_unassign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, true);
4511 __iwl_mvm_remove_chanctx(mvm, vifs[0].old_ctx);
4512
4513 ret = __iwl_mvm_add_chanctx(mvm, vifs[0].new_ctx);
4514 if (ret) {
4515 IWL_ERR(mvm, "failed to add new_ctx during channel switch\n");
4516 goto out_reassign;
4517 }
4518
4519 ret = __iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].new_ctx,
4520 true);
4521 if (ret) {
4522 IWL_ERR(mvm,
4523 "failed to assign new_ctx during channel switch\n");
4524 goto out_remove;
4525 }
4526
4527 /* we don't support TDLS during DCM - can be caused by channel switch */
4528 if (iwl_mvm_phy_ctx_count(mvm) > 1)
4529 iwl_mvm_teardown_tdls_peers(mvm);
4530
4531 goto out;
4532
4533out_remove:
4534 __iwl_mvm_remove_chanctx(mvm, vifs[0].new_ctx);
4535
4536out_reassign:
4537 if (__iwl_mvm_add_chanctx(mvm, vifs[0].old_ctx)) {
4538 IWL_ERR(mvm, "failed to add old_ctx back after failure.\n");
4539 goto out_restart;
4540 }
4541
4542 if (__iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx,
4543 true)) {
4544 IWL_ERR(mvm, "failed to reassign old_ctx after failure.\n");
4545 goto out_restart;
4546 }
4547
4548 goto out;
4549
4550out_restart:
4551 /* things keep failing, better restart the hw */
4552 iwl_mvm_nic_restart(mvm, false);
4553
4554out:
4555 mutex_unlock(&mvm->mutex);
4556
4557 return ret;
4558}
4559
4560static int
4561iwl_mvm_switch_vif_chanctx_reassign(struct iwl_mvm *mvm,
4562 struct ieee80211_vif_chanctx_switch *vifs)
4563{
4564 int ret;
4565
4566 mutex_lock(&mvm->mutex);
4567 __iwl_mvm_unassign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx, true);
4568
4569 ret = __iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].new_ctx,
4570 true);
4571 if (ret) {
4572 IWL_ERR(mvm,
4573 "failed to assign new_ctx during channel switch\n");
4574 goto out_reassign;
4575 }
4576
4577 goto out;
4578
4579out_reassign:
4580 if (__iwl_mvm_assign_vif_chanctx(mvm, vifs[0].vif, vifs[0].old_ctx,
4581 true)) {
4582 IWL_ERR(mvm, "failed to reassign old_ctx after failure.\n");
4583 goto out_restart;
4584 }
4585
4586 goto out;
4587
4588out_restart:
4589 /* things keep failing, better restart the hw */
4590 iwl_mvm_nic_restart(mvm, false);
4591
4592out:
4593 mutex_unlock(&mvm->mutex);
4594
4595 return ret;
4596}
4597
4598static int iwl_mvm_switch_vif_chanctx(struct ieee80211_hw *hw,
4599 struct ieee80211_vif_chanctx_switch *vifs,
4600 int n_vifs,
4601 enum ieee80211_chanctx_switch_mode mode)
4602{
4603 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4604 int ret;
4605
4606 /* we only support a single-vif right now */
4607 if (n_vifs > 1)
4608 return -EOPNOTSUPP;
4609
4610 switch (mode) {
4611 case CHANCTX_SWMODE_SWAP_CONTEXTS:
4612 ret = iwl_mvm_switch_vif_chanctx_swap(mvm, vifs);
4613 break;
4614 case CHANCTX_SWMODE_REASSIGN_VIF:
4615 ret = iwl_mvm_switch_vif_chanctx_reassign(mvm, vifs);
4616 break;
4617 default:
4618 ret = -EOPNOTSUPP;
4619 break;
4620 }
4621
4622 return ret;
4623}
4624
4625static int iwl_mvm_tx_last_beacon(struct ieee80211_hw *hw)
4626{
4627 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4628
4629 return mvm->ibss_manager;
4630}
4631
4632static int iwl_mvm_set_tim(struct ieee80211_hw *hw,
4633 struct ieee80211_sta *sta,
4634 bool set)
4635{
4636 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4637 struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta);
4638
4639 if (!mvm_sta || !mvm_sta->vif) {
4640 IWL_ERR(mvm, "Station is not associated to a vif\n");
4641 return -EINVAL;
4642 }
4643
4644 return iwl_mvm_mac_ctxt_beacon_changed(mvm, mvm_sta->vif);
4645}
4646
4647#ifdef CONFIG_NL80211_TESTMODE
4648static const struct nla_policy iwl_mvm_tm_policy[IWL_MVM_TM_ATTR_MAX + 1] = {
4649 [IWL_MVM_TM_ATTR_CMD] = { .type = NLA_U32 },
4650 [IWL_MVM_TM_ATTR_NOA_DURATION] = { .type = NLA_U32 },
4651 [IWL_MVM_TM_ATTR_BEACON_FILTER_STATE] = { .type = NLA_U32 },
4652};
4653
4654static int __iwl_mvm_mac_testmode_cmd(struct iwl_mvm *mvm,
4655 struct ieee80211_vif *vif,
4656 void *data, int len)
4657{
4658 struct nlattr *tb[IWL_MVM_TM_ATTR_MAX + 1];
4659 int err;
4660 u32 noa_duration;
4661
4662 err = nla_parse_deprecated(tb, IWL_MVM_TM_ATTR_MAX, data, len,
4663 iwl_mvm_tm_policy, NULL);
4664 if (err)
4665 return err;
4666
4667 if (!tb[IWL_MVM_TM_ATTR_CMD])
4668 return -EINVAL;
4669
4670 switch (nla_get_u32(tb[IWL_MVM_TM_ATTR_CMD])) {
4671 case IWL_MVM_TM_CMD_SET_NOA:
4672 if (!vif || vif->type != NL80211_IFTYPE_AP || !vif->p2p ||
4673 !vif->bss_conf.enable_beacon ||
4674 !tb[IWL_MVM_TM_ATTR_NOA_DURATION])
4675 return -EINVAL;
4676
4677 noa_duration = nla_get_u32(tb[IWL_MVM_TM_ATTR_NOA_DURATION]);
4678 if (noa_duration >= vif->bss_conf.beacon_int)
4679 return -EINVAL;
4680
4681 mvm->noa_duration = noa_duration;
4682 mvm->noa_vif = vif;
4683
4684 return iwl_mvm_update_quotas(mvm, true, NULL);
4685 case IWL_MVM_TM_CMD_SET_BEACON_FILTER:
4686 /* must be associated client vif - ignore authorized */
4687 if (!vif || vif->type != NL80211_IFTYPE_STATION ||
4688 !vif->cfg.assoc || !vif->bss_conf.dtim_period ||
4689 !tb[IWL_MVM_TM_ATTR_BEACON_FILTER_STATE])
4690 return -EINVAL;
4691
4692 if (nla_get_u32(tb[IWL_MVM_TM_ATTR_BEACON_FILTER_STATE]))
4693 return iwl_mvm_enable_beacon_filter(mvm, vif, 0);
4694 return iwl_mvm_disable_beacon_filter(mvm, vif, 0);
4695 }
4696
4697 return -EOPNOTSUPP;
4698}
4699
4700static int iwl_mvm_mac_testmode_cmd(struct ieee80211_hw *hw,
4701 struct ieee80211_vif *vif,
4702 void *data, int len)
4703{
4704 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4705 int err;
4706
4707 mutex_lock(&mvm->mutex);
4708 err = __iwl_mvm_mac_testmode_cmd(mvm, vif, data, len);
4709 mutex_unlock(&mvm->mutex);
4710
4711 return err;
4712}
4713#endif
4714
4715static void iwl_mvm_channel_switch(struct ieee80211_hw *hw,
4716 struct ieee80211_vif *vif,
4717 struct ieee80211_channel_switch *chsw)
4718{
4719 /* By implementing this operation, we prevent mac80211 from
4720 * starting its own channel switch timer, so that we can call
4721 * ieee80211_chswitch_done() ourselves at the right time
4722 * (which is when the absence time event starts).
4723 */
4724
4725 IWL_DEBUG_MAC80211(IWL_MAC80211_GET_MVM(hw),
4726 "dummy channel switch op\n");
4727}
4728
4729static int iwl_mvm_schedule_client_csa(struct iwl_mvm *mvm,
4730 struct ieee80211_vif *vif,
4731 struct ieee80211_channel_switch *chsw)
4732{
4733 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
4734 struct iwl_chan_switch_te_cmd cmd = {
4735 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id,
4736 mvmvif->color)),
4737 .action = cpu_to_le32(FW_CTXT_ACTION_ADD),
4738 .tsf = cpu_to_le32(chsw->timestamp),
4739 .cs_count = chsw->count,
4740 .cs_mode = chsw->block_tx,
4741 };
4742
4743 lockdep_assert_held(&mvm->mutex);
4744
4745 if (chsw->delay)
4746 cmd.cs_delayed_bcn_count =
4747 DIV_ROUND_UP(chsw->delay, vif->bss_conf.beacon_int);
4748
4749 return iwl_mvm_send_cmd_pdu(mvm,
4750 WIDE_ID(MAC_CONF_GROUP,
4751 CHANNEL_SWITCH_TIME_EVENT_CMD),
4752 0, sizeof(cmd), &cmd);
4753}
4754
4755static int iwl_mvm_old_pre_chan_sw_sta(struct iwl_mvm *mvm,
4756 struct ieee80211_vif *vif,
4757 struct ieee80211_channel_switch *chsw)
4758{
4759 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
4760 u32 apply_time;
4761
4762 /* Schedule the time event to a bit before beacon 1,
4763 * to make sure we're in the new channel when the
4764 * GO/AP arrives. In case count <= 1 immediately schedule the
4765 * TE (this might result with some packet loss or connection
4766 * loss).
4767 */
4768 if (chsw->count <= 1)
4769 apply_time = 0;
4770 else
4771 apply_time = chsw->device_timestamp +
4772 ((vif->bss_conf.beacon_int * (chsw->count - 1) -
4773 IWL_MVM_CHANNEL_SWITCH_TIME_CLIENT) * 1024);
4774
4775 if (chsw->block_tx)
4776 iwl_mvm_csa_client_absent(mvm, vif);
4777
4778 if (mvmvif->bf_data.bf_enabled) {
4779 int ret = iwl_mvm_disable_beacon_filter(mvm, vif, 0);
4780
4781 if (ret)
4782 return ret;
4783 }
4784
4785 iwl_mvm_schedule_csa_period(mvm, vif, vif->bss_conf.beacon_int,
4786 apply_time);
4787
4788 return 0;
4789}
4790
4791#define IWL_MAX_CSA_BLOCK_TX 1500
4792static int iwl_mvm_pre_channel_switch(struct ieee80211_hw *hw,
4793 struct ieee80211_vif *vif,
4794 struct ieee80211_channel_switch *chsw)
4795{
4796 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4797 struct ieee80211_vif *csa_vif;
4798 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
4799 int ret;
4800
4801 mutex_lock(&mvm->mutex);
4802
4803 mvmvif->csa_failed = false;
4804
4805 IWL_DEBUG_MAC80211(mvm, "pre CSA to freq %d\n",
4806 chsw->chandef.center_freq1);
4807
4808 iwl_fw_dbg_trigger_simple_stop(&mvm->fwrt,
4809 ieee80211_vif_to_wdev(vif),
4810 FW_DBG_TRIGGER_CHANNEL_SWITCH);
4811
4812 switch (vif->type) {
4813 case NL80211_IFTYPE_AP:
4814 csa_vif =
4815 rcu_dereference_protected(mvm->csa_vif,
4816 lockdep_is_held(&mvm->mutex));
4817 if (WARN_ONCE(csa_vif && csa_vif->bss_conf.csa_active,
4818 "Another CSA is already in progress")) {
4819 ret = -EBUSY;
4820 goto out_unlock;
4821 }
4822
4823 /* we still didn't unblock tx. prevent new CS meanwhile */
4824 if (rcu_dereference_protected(mvm->csa_tx_blocked_vif,
4825 lockdep_is_held(&mvm->mutex))) {
4826 ret = -EBUSY;
4827 goto out_unlock;
4828 }
4829
4830 rcu_assign_pointer(mvm->csa_vif, vif);
4831
4832 if (WARN_ONCE(mvmvif->csa_countdown,
4833 "Previous CSA countdown didn't complete")) {
4834 ret = -EBUSY;
4835 goto out_unlock;
4836 }
4837
4838 mvmvif->csa_target_freq = chsw->chandef.chan->center_freq;
4839
4840 break;
4841 case NL80211_IFTYPE_STATION:
4842 /*
4843 * In the new flow FW is in charge of timing the switch so there
4844 * is no need for all of this
4845 */
4846 if (iwl_fw_lookup_notif_ver(mvm->fw, MAC_CONF_GROUP,
4847 CHANNEL_SWITCH_ERROR_NOTIF,
4848 0))
4849 break;
4850
4851 /*
4852 * We haven't configured the firmware to be associated yet since
4853 * we don't know the dtim period. In this case, the firmware can't
4854 * track the beacons.
4855 */
4856 if (!vif->cfg.assoc || !vif->bss_conf.dtim_period) {
4857 ret = -EBUSY;
4858 goto out_unlock;
4859 }
4860
4861 if (chsw->delay > IWL_MAX_CSA_BLOCK_TX)
4862 schedule_delayed_work(&mvmvif->csa_work, 0);
4863
4864 if (chsw->block_tx) {
4865 /*
4866 * In case of undetermined / long time with immediate
4867 * quiet monitor status to gracefully disconnect
4868 */
4869 if (!chsw->count ||
4870 chsw->count * vif->bss_conf.beacon_int >
4871 IWL_MAX_CSA_BLOCK_TX)
4872 schedule_delayed_work(&mvmvif->csa_work,
4873 msecs_to_jiffies(IWL_MAX_CSA_BLOCK_TX));
4874 }
4875
4876 if (!fw_has_capa(&mvm->fw->ucode_capa,
4877 IWL_UCODE_TLV_CAPA_CHANNEL_SWITCH_CMD)) {
4878 ret = iwl_mvm_old_pre_chan_sw_sta(mvm, vif, chsw);
4879 if (ret)
4880 goto out_unlock;
4881 } else {
4882 iwl_mvm_schedule_client_csa(mvm, vif, chsw);
4883 }
4884
4885 mvmvif->csa_count = chsw->count;
4886 mvmvif->csa_misbehave = false;
4887 break;
4888 default:
4889 break;
4890 }
4891
4892 mvmvif->ps_disabled = true;
4893
4894 ret = iwl_mvm_power_update_ps(mvm);
4895 if (ret)
4896 goto out_unlock;
4897
4898 /* we won't be on this channel any longer */
4899 iwl_mvm_teardown_tdls_peers(mvm);
4900
4901out_unlock:
4902 mutex_unlock(&mvm->mutex);
4903
4904 return ret;
4905}
4906
4907static void iwl_mvm_channel_switch_rx_beacon(struct ieee80211_hw *hw,
4908 struct ieee80211_vif *vif,
4909 struct ieee80211_channel_switch *chsw)
4910{
4911 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4912 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
4913 struct iwl_chan_switch_te_cmd cmd = {
4914 .mac_id = cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id,
4915 mvmvif->color)),
4916 .action = cpu_to_le32(FW_CTXT_ACTION_MODIFY),
4917 .tsf = cpu_to_le32(chsw->timestamp),
4918 .cs_count = chsw->count,
4919 .cs_mode = chsw->block_tx,
4920 };
4921
4922 /*
4923 * In the new flow FW is in charge of timing the switch so there is no
4924 * need for all of this
4925 */
4926 if (iwl_fw_lookup_notif_ver(mvm->fw, MAC_CONF_GROUP,
4927 CHANNEL_SWITCH_ERROR_NOTIF, 0))
4928 return;
4929
4930 if (!fw_has_capa(&mvm->fw->ucode_capa, IWL_UCODE_TLV_CAPA_CS_MODIFY))
4931 return;
4932
4933 IWL_DEBUG_MAC80211(mvm, "Modify CSA on mac %d count = %d (old %d) mode = %d\n",
4934 mvmvif->id, chsw->count, mvmvif->csa_count, chsw->block_tx);
4935
4936 if (chsw->count >= mvmvif->csa_count && chsw->block_tx) {
4937 if (mvmvif->csa_misbehave) {
4938 /* Second time, give up on this AP*/
4939 iwl_mvm_abort_channel_switch(hw, vif);
4940 ieee80211_chswitch_done(vif, false);
4941 mvmvif->csa_misbehave = false;
4942 return;
4943 }
4944 mvmvif->csa_misbehave = true;
4945 }
4946 mvmvif->csa_count = chsw->count;
4947
4948 mutex_lock(&mvm->mutex);
4949 if (mvmvif->csa_failed)
4950 goto out_unlock;
4951
4952 WARN_ON(iwl_mvm_send_cmd_pdu(mvm,
4953 WIDE_ID(MAC_CONF_GROUP,
4954 CHANNEL_SWITCH_TIME_EVENT_CMD),
4955 0, sizeof(cmd), &cmd));
4956out_unlock:
4957 mutex_unlock(&mvm->mutex);
4958}
4959
4960static void iwl_mvm_flush_no_vif(struct iwl_mvm *mvm, u32 queues, bool drop)
4961{
4962 int i;
4963
4964 if (!iwl_mvm_has_new_tx_api(mvm)) {
4965 if (drop) {
4966 mutex_lock(&mvm->mutex);
4967 iwl_mvm_flush_tx_path(mvm,
4968 iwl_mvm_flushable_queues(mvm) & queues);
4969 mutex_unlock(&mvm->mutex);
4970 } else {
4971 iwl_trans_wait_tx_queues_empty(mvm->trans, queues);
4972 }
4973 return;
4974 }
4975
4976 mutex_lock(&mvm->mutex);
4977 for (i = 0; i < mvm->fw->ucode_capa.num_stations; i++) {
4978 struct ieee80211_sta *sta;
4979
4980 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i],
4981 lockdep_is_held(&mvm->mutex));
4982 if (IS_ERR_OR_NULL(sta))
4983 continue;
4984
4985 if (drop)
4986 iwl_mvm_flush_sta_tids(mvm, i, 0xFFFF);
4987 else
4988 iwl_mvm_wait_sta_queues_empty(mvm,
4989 iwl_mvm_sta_from_mac80211(sta));
4990 }
4991 mutex_unlock(&mvm->mutex);
4992}
4993
4994static void iwl_mvm_mac_flush(struct ieee80211_hw *hw,
4995 struct ieee80211_vif *vif, u32 queues, bool drop)
4996{
4997 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
4998 struct iwl_mvm_vif *mvmvif;
4999 struct iwl_mvm_sta *mvmsta;
5000 struct ieee80211_sta *sta;
5001 int i;
5002 u32 msk = 0;
5003
5004 if (!vif) {
5005 iwl_mvm_flush_no_vif(mvm, queues, drop);
5006 return;
5007 }
5008
5009 if (vif->type != NL80211_IFTYPE_STATION)
5010 return;
5011
5012 /* Make sure we're done with the deferred traffic before flushing */
5013 flush_work(&mvm->add_stream_wk);
5014
5015 mutex_lock(&mvm->mutex);
5016 mvmvif = iwl_mvm_vif_from_mac80211(vif);
5017
5018 /* flush the AP-station and all TDLS peers */
5019 for (i = 0; i < mvm->fw->ucode_capa.num_stations; i++) {
5020 sta = rcu_dereference_protected(mvm->fw_id_to_mac_id[i],
5021 lockdep_is_held(&mvm->mutex));
5022 if (IS_ERR_OR_NULL(sta))
5023 continue;
5024
5025 mvmsta = iwl_mvm_sta_from_mac80211(sta);
5026 if (mvmsta->vif != vif)
5027 continue;
5028
5029 /* make sure only TDLS peers or the AP are flushed */
5030 WARN_ON(i != mvmvif->ap_sta_id && !sta->tdls);
5031
5032 if (drop) {
5033 if (iwl_mvm_flush_sta(mvm, mvmsta, false))
5034 IWL_ERR(mvm, "flush request fail\n");
5035 } else {
5036 msk |= mvmsta->tfd_queue_msk;
5037 if (iwl_mvm_has_new_tx_api(mvm))
5038 iwl_mvm_wait_sta_queues_empty(mvm, mvmsta);
5039 }
5040 }
5041
5042 mutex_unlock(&mvm->mutex);
5043
5044 /* this can take a while, and we may need/want other operations
5045 * to succeed while doing this, so do it without the mutex held
5046 */
5047 if (!drop && !iwl_mvm_has_new_tx_api(mvm))
5048 iwl_trans_wait_tx_queues_empty(mvm->trans, msk);
5049}
5050
5051static int iwl_mvm_mac_get_survey(struct ieee80211_hw *hw, int idx,
5052 struct survey_info *survey)
5053{
5054 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
5055 int ret;
5056
5057 memset(survey, 0, sizeof(*survey));
5058
5059 /* only support global statistics right now */
5060 if (idx != 0)
5061 return -ENOENT;
5062
5063 if (!fw_has_capa(&mvm->fw->ucode_capa,
5064 IWL_UCODE_TLV_CAPA_RADIO_BEACON_STATS))
5065 return -ENOENT;
5066
5067 mutex_lock(&mvm->mutex);
5068
5069 if (iwl_mvm_firmware_running(mvm)) {
5070 ret = iwl_mvm_request_statistics(mvm, false);
5071 if (ret)
5072 goto out;
5073 }
5074
5075 survey->filled = SURVEY_INFO_TIME |
5076 SURVEY_INFO_TIME_RX |
5077 SURVEY_INFO_TIME_TX |
5078 SURVEY_INFO_TIME_SCAN;
5079 survey->time = mvm->accu_radio_stats.on_time_rf +
5080 mvm->radio_stats.on_time_rf;
5081 do_div(survey->time, USEC_PER_MSEC);
5082
5083 survey->time_rx = mvm->accu_radio_stats.rx_time +
5084 mvm->radio_stats.rx_time;
5085 do_div(survey->time_rx, USEC_PER_MSEC);
5086
5087 survey->time_tx = mvm->accu_radio_stats.tx_time +
5088 mvm->radio_stats.tx_time;
5089 do_div(survey->time_tx, USEC_PER_MSEC);
5090
5091 survey->time_scan = mvm->accu_radio_stats.on_time_scan +
5092 mvm->radio_stats.on_time_scan;
5093 do_div(survey->time_scan, USEC_PER_MSEC);
5094
5095 ret = 0;
5096 out:
5097 mutex_unlock(&mvm->mutex);
5098 return ret;
5099}
5100
5101static void iwl_mvm_set_sta_rate(u32 rate_n_flags, struct rate_info *rinfo)
5102{
5103 u32 format = rate_n_flags & RATE_MCS_MOD_TYPE_MSK;
5104 u32 gi_ltf;
5105
5106 switch (rate_n_flags & RATE_MCS_CHAN_WIDTH_MSK) {
5107 case RATE_MCS_CHAN_WIDTH_20:
5108 rinfo->bw = RATE_INFO_BW_20;
5109 break;
5110 case RATE_MCS_CHAN_WIDTH_40:
5111 rinfo->bw = RATE_INFO_BW_40;
5112 break;
5113 case RATE_MCS_CHAN_WIDTH_80:
5114 rinfo->bw = RATE_INFO_BW_80;
5115 break;
5116 case RATE_MCS_CHAN_WIDTH_160:
5117 rinfo->bw = RATE_INFO_BW_160;
5118 break;
5119 }
5120
5121 if (format == RATE_MCS_CCK_MSK ||
5122 format == RATE_MCS_LEGACY_OFDM_MSK) {
5123 int rate = u32_get_bits(rate_n_flags, RATE_LEGACY_RATE_MSK);
5124
5125 /* add the offset needed to get to the legacy ofdm indices */
5126 if (format == RATE_MCS_LEGACY_OFDM_MSK)
5127 rate += IWL_FIRST_OFDM_RATE;
5128
5129 switch (rate) {
5130 case IWL_RATE_1M_INDEX:
5131 rinfo->legacy = 10;
5132 break;
5133 case IWL_RATE_2M_INDEX:
5134 rinfo->legacy = 20;
5135 break;
5136 case IWL_RATE_5M_INDEX:
5137 rinfo->legacy = 55;
5138 break;
5139 case IWL_RATE_11M_INDEX:
5140 rinfo->legacy = 110;
5141 break;
5142 case IWL_RATE_6M_INDEX:
5143 rinfo->legacy = 60;
5144 break;
5145 case IWL_RATE_9M_INDEX:
5146 rinfo->legacy = 90;
5147 break;
5148 case IWL_RATE_12M_INDEX:
5149 rinfo->legacy = 120;
5150 break;
5151 case IWL_RATE_18M_INDEX:
5152 rinfo->legacy = 180;
5153 break;
5154 case IWL_RATE_24M_INDEX:
5155 rinfo->legacy = 240;
5156 break;
5157 case IWL_RATE_36M_INDEX:
5158 rinfo->legacy = 360;
5159 break;
5160 case IWL_RATE_48M_INDEX:
5161 rinfo->legacy = 480;
5162 break;
5163 case IWL_RATE_54M_INDEX:
5164 rinfo->legacy = 540;
5165 }
5166 return;
5167 }
5168
5169 rinfo->nss = u32_get_bits(rate_n_flags,
5170 RATE_MCS_NSS_MSK) + 1;
5171 rinfo->mcs = format == RATE_MCS_HT_MSK ?
5172 RATE_HT_MCS_INDEX(rate_n_flags) :
5173 u32_get_bits(rate_n_flags, RATE_MCS_CODE_MSK);
5174
5175 if (rate_n_flags & RATE_MCS_SGI_MSK)
5176 rinfo->flags |= RATE_INFO_FLAGS_SHORT_GI;
5177
5178 switch (format) {
5179 case RATE_MCS_HE_MSK:
5180 gi_ltf = u32_get_bits(rate_n_flags, RATE_MCS_HE_GI_LTF_MSK);
5181
5182 rinfo->flags |= RATE_INFO_FLAGS_HE_MCS;
5183
5184 if (rate_n_flags & RATE_MCS_HE_106T_MSK) {
5185 rinfo->bw = RATE_INFO_BW_HE_RU;
5186 rinfo->he_ru_alloc = NL80211_RATE_INFO_HE_RU_ALLOC_106;
5187 }
5188
5189 switch (rate_n_flags & RATE_MCS_HE_TYPE_MSK) {
5190 case RATE_MCS_HE_TYPE_SU:
5191 case RATE_MCS_HE_TYPE_EXT_SU:
5192 if (gi_ltf == 0 || gi_ltf == 1)
5193 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8;
5194 else if (gi_ltf == 2)
5195 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6;
5196 else if (gi_ltf == 3)
5197 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2;
5198 else
5199 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8;
5200 break;
5201 case RATE_MCS_HE_TYPE_MU:
5202 if (gi_ltf == 0 || gi_ltf == 1)
5203 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_0_8;
5204 else if (gi_ltf == 2)
5205 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6;
5206 else
5207 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2;
5208 break;
5209 case RATE_MCS_HE_TYPE_TRIG:
5210 if (gi_ltf == 0 || gi_ltf == 1)
5211 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_1_6;
5212 else
5213 rinfo->he_gi = NL80211_RATE_INFO_HE_GI_3_2;
5214 break;
5215 }
5216
5217 if (rate_n_flags & RATE_HE_DUAL_CARRIER_MODE_MSK)
5218 rinfo->he_dcm = 1;
5219 break;
5220 case RATE_MCS_HT_MSK:
5221 rinfo->flags |= RATE_INFO_FLAGS_MCS;
5222 break;
5223 case RATE_MCS_VHT_MSK:
5224 rinfo->flags |= RATE_INFO_FLAGS_VHT_MCS;
5225 break;
5226 }
5227}
5228
5229static void iwl_mvm_mac_sta_statistics(struct ieee80211_hw *hw,
5230 struct ieee80211_vif *vif,
5231 struct ieee80211_sta *sta,
5232 struct station_info *sinfo)
5233{
5234 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
5235 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
5236 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
5237
5238 if (mvmsta->avg_energy) {
5239 sinfo->signal_avg = -(s8)mvmsta->avg_energy;
5240 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG);
5241 }
5242
5243 if (iwl_mvm_has_tlc_offload(mvm)) {
5244 struct iwl_lq_sta_rs_fw *lq_sta = &mvmsta->lq_sta.rs_fw;
5245
5246 iwl_mvm_set_sta_rate(lq_sta->last_rate_n_flags, &sinfo->txrate);
5247 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
5248 }
5249
5250 /* if beacon filtering isn't on mac80211 does it anyway */
5251 if (!(vif->driver_flags & IEEE80211_VIF_BEACON_FILTER))
5252 return;
5253
5254 if (!vif->cfg.assoc)
5255 return;
5256
5257 mutex_lock(&mvm->mutex);
5258
5259 if (mvmvif->ap_sta_id != mvmsta->sta_id)
5260 goto unlock;
5261
5262 if (iwl_mvm_request_statistics(mvm, false))
5263 goto unlock;
5264
5265 sinfo->rx_beacon = mvmvif->beacon_stats.num_beacons +
5266 mvmvif->beacon_stats.accu_num_beacons;
5267 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_BEACON_RX);
5268 if (mvmvif->beacon_stats.avg_signal) {
5269 /* firmware only reports a value after RXing a few beacons */
5270 sinfo->rx_beacon_signal_avg = mvmvif->beacon_stats.avg_signal;
5271 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_BEACON_SIGNAL_AVG);
5272 }
5273 unlock:
5274 mutex_unlock(&mvm->mutex);
5275}
5276
5277static void iwl_mvm_event_mlme_callback_ini(struct iwl_mvm *mvm,
5278 struct ieee80211_vif *vif,
5279 const struct ieee80211_mlme_event *mlme)
5280{
5281 if ((mlme->data == ASSOC_EVENT || mlme->data == AUTH_EVENT) &&
5282 (mlme->status == MLME_DENIED || mlme->status == MLME_TIMEOUT)) {
5283 iwl_dbg_tlv_time_point(&mvm->fwrt,
5284 IWL_FW_INI_TIME_POINT_ASSOC_FAILED,
5285 NULL);
5286 return;
5287 }
5288
5289 if (mlme->data == DEAUTH_RX_EVENT || mlme->data == DEAUTH_TX_EVENT) {
5290 iwl_dbg_tlv_time_point(&mvm->fwrt,
5291 IWL_FW_INI_TIME_POINT_DEASSOC,
5292 NULL);
5293 return;
5294 }
5295}
5296
5297static void iwl_mvm_event_mlme_callback(struct iwl_mvm *mvm,
5298 struct ieee80211_vif *vif,
5299 const struct ieee80211_event *event)
5300{
5301#define CHECK_MLME_TRIGGER(_cnt, _fmt...) \
5302 do { \
5303 if ((trig_mlme->_cnt) && --(trig_mlme->_cnt)) \
5304 break; \
5305 iwl_fw_dbg_collect_trig(&(mvm)->fwrt, trig, _fmt); \
5306 } while (0)
5307
5308 struct iwl_fw_dbg_trigger_tlv *trig;
5309 struct iwl_fw_dbg_trigger_mlme *trig_mlme;
5310
5311 if (iwl_trans_dbg_ini_valid(mvm->trans)) {
5312 iwl_mvm_event_mlme_callback_ini(mvm, vif, &event->u.mlme);
5313 return;
5314 }
5315
5316 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif),
5317 FW_DBG_TRIGGER_MLME);
5318 if (!trig)
5319 return;
5320
5321 trig_mlme = (void *)trig->data;
5322
5323 if (event->u.mlme.data == ASSOC_EVENT) {
5324 if (event->u.mlme.status == MLME_DENIED)
5325 CHECK_MLME_TRIGGER(stop_assoc_denied,
5326 "DENIED ASSOC: reason %d",
5327 event->u.mlme.reason);
5328 else if (event->u.mlme.status == MLME_TIMEOUT)
5329 CHECK_MLME_TRIGGER(stop_assoc_timeout,
5330 "ASSOC TIMEOUT");
5331 } else if (event->u.mlme.data == AUTH_EVENT) {
5332 if (event->u.mlme.status == MLME_DENIED)
5333 CHECK_MLME_TRIGGER(stop_auth_denied,
5334 "DENIED AUTH: reason %d",
5335 event->u.mlme.reason);
5336 else if (event->u.mlme.status == MLME_TIMEOUT)
5337 CHECK_MLME_TRIGGER(stop_auth_timeout,
5338 "AUTH TIMEOUT");
5339 } else if (event->u.mlme.data == DEAUTH_RX_EVENT) {
5340 CHECK_MLME_TRIGGER(stop_rx_deauth,
5341 "DEAUTH RX %d", event->u.mlme.reason);
5342 } else if (event->u.mlme.data == DEAUTH_TX_EVENT) {
5343 CHECK_MLME_TRIGGER(stop_tx_deauth,
5344 "DEAUTH TX %d", event->u.mlme.reason);
5345 }
5346#undef CHECK_MLME_TRIGGER
5347}
5348
5349static void iwl_mvm_event_bar_rx_callback(struct iwl_mvm *mvm,
5350 struct ieee80211_vif *vif,
5351 const struct ieee80211_event *event)
5352{
5353 struct iwl_fw_dbg_trigger_tlv *trig;
5354 struct iwl_fw_dbg_trigger_ba *ba_trig;
5355
5356 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, ieee80211_vif_to_wdev(vif),
5357 FW_DBG_TRIGGER_BA);
5358 if (!trig)
5359 return;
5360
5361 ba_trig = (void *)trig->data;
5362
5363 if (!(le16_to_cpu(ba_trig->rx_bar) & BIT(event->u.ba.tid)))
5364 return;
5365
5366 iwl_fw_dbg_collect_trig(&mvm->fwrt, trig,
5367 "BAR received from %pM, tid %d, ssn %d",
5368 event->u.ba.sta->addr, event->u.ba.tid,
5369 event->u.ba.ssn);
5370}
5371
5372static void iwl_mvm_mac_event_callback(struct ieee80211_hw *hw,
5373 struct ieee80211_vif *vif,
5374 const struct ieee80211_event *event)
5375{
5376 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
5377
5378 switch (event->type) {
5379 case MLME_EVENT:
5380 iwl_mvm_event_mlme_callback(mvm, vif, event);
5381 break;
5382 case BAR_RX_EVENT:
5383 iwl_mvm_event_bar_rx_callback(mvm, vif, event);
5384 break;
5385 case BA_FRAME_TIMEOUT:
5386 iwl_mvm_event_frame_timeout_callback(mvm, vif, event->u.ba.sta,
5387 event->u.ba.tid);
5388 break;
5389 default:
5390 break;
5391 }
5392}
5393
5394void iwl_mvm_sync_rx_queues_internal(struct iwl_mvm *mvm,
5395 enum iwl_mvm_rxq_notif_type type,
5396 bool sync,
5397 const void *data, u32 size)
5398{
5399 struct {
5400 struct iwl_rxq_sync_cmd cmd;
5401 struct iwl_mvm_internal_rxq_notif notif;
5402 } __packed cmd = {
5403 .cmd.rxq_mask = cpu_to_le32(BIT(mvm->trans->num_rx_queues) - 1),
5404 .cmd.count =
5405 cpu_to_le32(sizeof(struct iwl_mvm_internal_rxq_notif) +
5406 size),
5407 .notif.type = type,
5408 .notif.sync = sync,
5409 };
5410 struct iwl_host_cmd hcmd = {
5411 .id = WIDE_ID(DATA_PATH_GROUP, TRIGGER_RX_QUEUES_NOTIF_CMD),
5412 .data[0] = &cmd,
5413 .len[0] = sizeof(cmd),
5414 .data[1] = data,
5415 .len[1] = size,
5416 .flags = sync ? 0 : CMD_ASYNC,
5417 };
5418 int ret;
5419
5420 /* size must be a multiple of DWORD */
5421 if (WARN_ON(cmd.cmd.count & cpu_to_le32(3)))
5422 return;
5423
5424 if (!iwl_mvm_has_new_rx_api(mvm))
5425 return;
5426
5427 if (sync) {
5428 cmd.notif.cookie = mvm->queue_sync_cookie;
5429 mvm->queue_sync_state = (1 << mvm->trans->num_rx_queues) - 1;
5430 }
5431
5432 ret = iwl_mvm_send_cmd(mvm, &hcmd);
5433 if (ret) {
5434 IWL_ERR(mvm, "Failed to trigger RX queues sync (%d)\n", ret);
5435 goto out;
5436 }
5437
5438 if (sync) {
5439 lockdep_assert_held(&mvm->mutex);
5440 ret = wait_event_timeout(mvm->rx_sync_waitq,
5441 READ_ONCE(mvm->queue_sync_state) == 0 ||
5442 iwl_mvm_is_radio_killed(mvm),
5443 HZ);
5444 WARN_ONCE(!ret && !iwl_mvm_is_radio_killed(mvm),
5445 "queue sync: failed to sync, state is 0x%lx\n",
5446 mvm->queue_sync_state);
5447 }
5448
5449out:
5450 if (sync) {
5451 mvm->queue_sync_state = 0;
5452 mvm->queue_sync_cookie++;
5453 }
5454}
5455
5456static void iwl_mvm_sync_rx_queues(struct ieee80211_hw *hw)
5457{
5458 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
5459
5460 mutex_lock(&mvm->mutex);
5461 iwl_mvm_sync_rx_queues_internal(mvm, IWL_MVM_RXQ_EMPTY, true, NULL, 0);
5462 mutex_unlock(&mvm->mutex);
5463}
5464
5465static int
5466iwl_mvm_mac_get_ftm_responder_stats(struct ieee80211_hw *hw,
5467 struct ieee80211_vif *vif,
5468 struct cfg80211_ftm_responder_stats *stats)
5469{
5470 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
5471 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
5472
5473 if (vif->p2p || vif->type != NL80211_IFTYPE_AP ||
5474 !mvmvif->ap_ibss_active || !vif->bss_conf.ftm_responder)
5475 return -EINVAL;
5476
5477 mutex_lock(&mvm->mutex);
5478 *stats = mvm->ftm_resp_stats;
5479 mutex_unlock(&mvm->mutex);
5480
5481 stats->filled = BIT(NL80211_FTM_STATS_SUCCESS_NUM) |
5482 BIT(NL80211_FTM_STATS_PARTIAL_NUM) |
5483 BIT(NL80211_FTM_STATS_FAILED_NUM) |
5484 BIT(NL80211_FTM_STATS_ASAP_NUM) |
5485 BIT(NL80211_FTM_STATS_NON_ASAP_NUM) |
5486 BIT(NL80211_FTM_STATS_TOTAL_DURATION_MSEC) |
5487 BIT(NL80211_FTM_STATS_UNKNOWN_TRIGGERS_NUM) |
5488 BIT(NL80211_FTM_STATS_RESCHEDULE_REQUESTS_NUM) |
5489 BIT(NL80211_FTM_STATS_OUT_OF_WINDOW_TRIGGERS_NUM);
5490
5491 return 0;
5492}
5493
5494static int iwl_mvm_start_pmsr(struct ieee80211_hw *hw,
5495 struct ieee80211_vif *vif,
5496 struct cfg80211_pmsr_request *request)
5497{
5498 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
5499 int ret;
5500
5501 mutex_lock(&mvm->mutex);
5502 ret = iwl_mvm_ftm_start(mvm, vif, request);
5503 mutex_unlock(&mvm->mutex);
5504
5505 return ret;
5506}
5507
5508static void iwl_mvm_abort_pmsr(struct ieee80211_hw *hw,
5509 struct ieee80211_vif *vif,
5510 struct cfg80211_pmsr_request *request)
5511{
5512 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
5513
5514 mutex_lock(&mvm->mutex);
5515 iwl_mvm_ftm_abort(mvm, request);
5516 mutex_unlock(&mvm->mutex);
5517}
5518
5519static bool iwl_mvm_can_hw_csum(struct sk_buff *skb)
5520{
5521 u8 protocol = ip_hdr(skb)->protocol;
5522
5523 if (!IS_ENABLED(CONFIG_INET))
5524 return false;
5525
5526 return protocol == IPPROTO_TCP || protocol == IPPROTO_UDP;
5527}
5528
5529static bool iwl_mvm_mac_can_aggregate(struct ieee80211_hw *hw,
5530 struct sk_buff *head,
5531 struct sk_buff *skb)
5532{
5533 struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
5534
5535 if (mvm->trans->trans_cfg->device_family >= IWL_DEVICE_FAMILY_BZ)
5536 return iwl_mvm_tx_csum_bz(mvm, head, true) ==
5537 iwl_mvm_tx_csum_bz(mvm, skb, true);
5538
5539 /* For now don't aggregate IPv6 in AMSDU */
5540 if (skb->protocol != htons(ETH_P_IP))
5541 return false;
5542
5543 if (!iwl_mvm_is_csum_supported(mvm))
5544 return true;
5545
5546 return iwl_mvm_can_hw_csum(skb) == iwl_mvm_can_hw_csum(head);
5547}
5548
5549const struct ieee80211_ops iwl_mvm_hw_ops = {
5550 .tx = iwl_mvm_mac_tx,
5551 .wake_tx_queue = iwl_mvm_mac_wake_tx_queue,
5552 .ampdu_action = iwl_mvm_mac_ampdu_action,
5553 .get_antenna = iwl_mvm_op_get_antenna,
5554 .start = iwl_mvm_mac_start,
5555 .reconfig_complete = iwl_mvm_mac_reconfig_complete,
5556 .stop = iwl_mvm_mac_stop,
5557 .add_interface = iwl_mvm_mac_add_interface,
5558 .remove_interface = iwl_mvm_mac_remove_interface,
5559 .config = iwl_mvm_mac_config,
5560 .prepare_multicast = iwl_mvm_prepare_multicast,
5561 .configure_filter = iwl_mvm_configure_filter,
5562 .config_iface_filter = iwl_mvm_config_iface_filter,
5563 .bss_info_changed = iwl_mvm_bss_info_changed,
5564 .hw_scan = iwl_mvm_mac_hw_scan,
5565 .cancel_hw_scan = iwl_mvm_mac_cancel_hw_scan,
5566 .sta_pre_rcu_remove = iwl_mvm_sta_pre_rcu_remove,
5567 .sta_state = iwl_mvm_mac_sta_state,
5568 .sta_notify = iwl_mvm_mac_sta_notify,
5569 .allow_buffered_frames = iwl_mvm_mac_allow_buffered_frames,
5570 .release_buffered_frames = iwl_mvm_mac_release_buffered_frames,
5571 .set_rts_threshold = iwl_mvm_mac_set_rts_threshold,
5572 .sta_rc_update = iwl_mvm_sta_rc_update,
5573 .conf_tx = iwl_mvm_mac_conf_tx,
5574 .mgd_prepare_tx = iwl_mvm_mac_mgd_prepare_tx,
5575 .mgd_complete_tx = iwl_mvm_mac_mgd_complete_tx,
5576 .mgd_protect_tdls_discover = iwl_mvm_mac_mgd_protect_tdls_discover,
5577 .flush = iwl_mvm_mac_flush,
5578 .sched_scan_start = iwl_mvm_mac_sched_scan_start,
5579 .sched_scan_stop = iwl_mvm_mac_sched_scan_stop,
5580 .set_key = iwl_mvm_mac_set_key,
5581 .update_tkip_key = iwl_mvm_mac_update_tkip_key,
5582 .remain_on_channel = iwl_mvm_roc,
5583 .cancel_remain_on_channel = iwl_mvm_cancel_roc,
5584 .add_chanctx = iwl_mvm_add_chanctx,
5585 .remove_chanctx = iwl_mvm_remove_chanctx,
5586 .change_chanctx = iwl_mvm_change_chanctx,
5587 .assign_vif_chanctx = iwl_mvm_assign_vif_chanctx,
5588 .unassign_vif_chanctx = iwl_mvm_unassign_vif_chanctx,
5589 .switch_vif_chanctx = iwl_mvm_switch_vif_chanctx,
5590
5591 .start_ap = iwl_mvm_start_ap,
5592 .stop_ap = iwl_mvm_stop_ap,
5593 .join_ibss = iwl_mvm_start_ibss,
5594 .leave_ibss = iwl_mvm_stop_ibss,
5595
5596 .tx_last_beacon = iwl_mvm_tx_last_beacon,
5597
5598 .set_tim = iwl_mvm_set_tim,
5599
5600 .channel_switch = iwl_mvm_channel_switch,
5601 .pre_channel_switch = iwl_mvm_pre_channel_switch,
5602 .post_channel_switch = iwl_mvm_post_channel_switch,
5603 .abort_channel_switch = iwl_mvm_abort_channel_switch,
5604 .channel_switch_rx_beacon = iwl_mvm_channel_switch_rx_beacon,
5605
5606 .tdls_channel_switch = iwl_mvm_tdls_channel_switch,
5607 .tdls_cancel_channel_switch = iwl_mvm_tdls_cancel_channel_switch,
5608 .tdls_recv_channel_switch = iwl_mvm_tdls_recv_channel_switch,
5609
5610 .event_callback = iwl_mvm_mac_event_callback,
5611
5612 .sync_rx_queues = iwl_mvm_sync_rx_queues,
5613
5614 CFG80211_TESTMODE_CMD(iwl_mvm_mac_testmode_cmd)
5615
5616#ifdef CONFIG_PM_SLEEP
5617 /* look at d3.c */
5618 .suspend = iwl_mvm_suspend,
5619 .resume = iwl_mvm_resume,
5620 .set_wakeup = iwl_mvm_set_wakeup,
5621 .set_rekey_data = iwl_mvm_set_rekey_data,
5622#if IS_ENABLED(CONFIG_IPV6)
5623 .ipv6_addr_change = iwl_mvm_ipv6_addr_change,
5624#endif
5625 .set_default_unicast_key = iwl_mvm_set_default_unicast_key,
5626#endif
5627 .get_survey = iwl_mvm_mac_get_survey,
5628 .sta_statistics = iwl_mvm_mac_sta_statistics,
5629 .get_ftm_responder_stats = iwl_mvm_mac_get_ftm_responder_stats,
5630 .start_pmsr = iwl_mvm_start_pmsr,
5631 .abort_pmsr = iwl_mvm_abort_pmsr,
5632
5633 .can_aggregate_in_amsdu = iwl_mvm_mac_can_aggregate,
5634#ifdef CONFIG_IWLWIFI_DEBUGFS
5635 .sta_add_debugfs = iwl_mvm_sta_add_debugfs,
5636#endif
5637};