1 /******************************************************************************
2 *
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
5 *
6 * GPL LICENSE SUMMARY
7 *
8 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of version 2 of the GNU General Public License as
13 * published by the Free Software Foundation.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
23 * USA
24 *
25 * The full GNU General Public License is included in this distribution
26 * in the file called COPYING.
27 *
28 * Contact Information:
29 * Intel Linux Wireless <ilw@linux.intel.com>
30 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
31 *
32 * BSD LICENSE
33 *
34 * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
35 * Copyright(c) 2013 - 2014 Intel Mobile Communications GmbH
36 * All rights reserved.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 *
42 * * Redistributions of source code must retain the above copyright
43 * notice, this list of conditions and the following disclaimer.
44 * * Redistributions in binary form must reproduce the above copyright
45 * notice, this list of conditions and the following disclaimer in
46 * the documentation and/or other materials provided with the
47 * distribution.
48 * * Neither the name Intel Corporation nor the names of its
49 * contributors may be used to endorse or promote products derived
50 * from this software without specific prior written permission.
51 *
52 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
53 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
54 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
55 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
56 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
57 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
58 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
59 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
60 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
61 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
62 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
63 *
64 *****************************************************************************/
65
66 #include <linux/etherdevice.h>
67 #include <net/mac80211.h>
68
69 #include "mvm.h"
70 #include "iwl-eeprom-parse.h"
71 #include "fw-api-scan.h"
72
73 #define IWL_PLCP_QUIET_THRESH 1
74 #define IWL_ACTIVE_QUIET_TIME 10
75
76 struct iwl_mvm_scan_params {
77 u32 max_out_time;
78 u32 suspend_time;
79 bool passive_fragmented;
80 struct _dwell {
81 u16 passive;
82 u16 active;
83 } dwell[IEEE80211_NUM_BANDS];
84 };
85
iwl_mvm_scan_rx_chain(struct iwl_mvm * mvm)86 static inline __le16 iwl_mvm_scan_rx_chain(struct iwl_mvm *mvm)
87 {
88 u16 rx_chain;
89 u8 rx_ant;
90
91 if (mvm->scan_rx_ant != ANT_NONE)
92 rx_ant = mvm->scan_rx_ant;
93 else
94 rx_ant = mvm->fw->valid_rx_ant;
95 rx_chain = rx_ant << PHY_RX_CHAIN_VALID_POS;
96 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_MIMO_SEL_POS;
97 rx_chain |= rx_ant << PHY_RX_CHAIN_FORCE_SEL_POS;
98 rx_chain |= 0x1 << PHY_RX_CHAIN_DRIVER_FORCE_POS;
99 return cpu_to_le16(rx_chain);
100 }
101
iwl_mvm_scan_rxon_flags(enum ieee80211_band band)102 static __le32 iwl_mvm_scan_rxon_flags(enum ieee80211_band band)
103 {
104 if (band == IEEE80211_BAND_2GHZ)
105 return cpu_to_le32(PHY_BAND_24);
106 else
107 return cpu_to_le32(PHY_BAND_5);
108 }
109
110 static inline __le32
iwl_mvm_scan_rate_n_flags(struct iwl_mvm * mvm,enum ieee80211_band band,bool no_cck)111 iwl_mvm_scan_rate_n_flags(struct iwl_mvm *mvm, enum ieee80211_band band,
112 bool no_cck)
113 {
114 u32 tx_ant;
115
116 mvm->scan_last_antenna_idx =
117 iwl_mvm_next_antenna(mvm, mvm->fw->valid_tx_ant,
118 mvm->scan_last_antenna_idx);
119 tx_ant = BIT(mvm->scan_last_antenna_idx) << RATE_MCS_ANT_POS;
120
121 if (band == IEEE80211_BAND_2GHZ && !no_cck)
122 return cpu_to_le32(IWL_RATE_1M_PLCP | RATE_MCS_CCK_MSK |
123 tx_ant);
124 else
125 return cpu_to_le32(IWL_RATE_6M_PLCP | tx_ant);
126 }
127
128 /*
129 * We insert the SSIDs in an inverted order, because the FW will
130 * invert it back. The most prioritized SSID, which is first in the
131 * request list, is not copied here, but inserted directly to the probe
132 * request.
133 */
iwl_mvm_scan_fill_ssids(struct iwl_ssid_ie * cmd_ssid,struct cfg80211_ssid * ssids,int n_ssids,int first)134 static void iwl_mvm_scan_fill_ssids(struct iwl_ssid_ie *cmd_ssid,
135 struct cfg80211_ssid *ssids,
136 int n_ssids, int first)
137 {
138 int fw_idx, req_idx;
139
140 for (req_idx = n_ssids - 1, fw_idx = 0; req_idx >= first;
141 req_idx--, fw_idx++) {
142 cmd_ssid[fw_idx].id = WLAN_EID_SSID;
143 cmd_ssid[fw_idx].len = ssids[req_idx].ssid_len;
144 memcpy(cmd_ssid[fw_idx].ssid,
145 ssids[req_idx].ssid,
146 ssids[req_idx].ssid_len);
147 }
148 }
149
150 /*
151 * If req->n_ssids > 0, it means we should do an active scan.
152 * In case of active scan w/o directed scan, we receive a zero-length SSID
153 * just to notify that this scan is active and not passive.
154 * In order to notify the FW of the number of SSIDs we wish to scan (including
155 * the zero-length one), we need to set the corresponding bits in chan->type,
156 * one for each SSID, and set the active bit (first). If the first SSID is
157 * already included in the probe template, so we need to set only
158 * req->n_ssids - 1 bits in addition to the first bit.
159 */
iwl_mvm_get_active_dwell(enum ieee80211_band band,int n_ssids)160 static u16 iwl_mvm_get_active_dwell(enum ieee80211_band band, int n_ssids)
161 {
162 if (band == IEEE80211_BAND_2GHZ)
163 return 20 + 3 * (n_ssids + 1);
164 return 10 + 2 * (n_ssids + 1);
165 }
166
iwl_mvm_get_passive_dwell(enum ieee80211_band band)167 static u16 iwl_mvm_get_passive_dwell(enum ieee80211_band band)
168 {
169 return band == IEEE80211_BAND_2GHZ ? 100 + 20 : 100 + 10;
170 }
171
iwl_mvm_scan_fill_channels(struct iwl_scan_cmd * cmd,struct cfg80211_scan_request * req,bool basic_ssid,struct iwl_mvm_scan_params * params)172 static void iwl_mvm_scan_fill_channels(struct iwl_scan_cmd *cmd,
173 struct cfg80211_scan_request *req,
174 bool basic_ssid,
175 struct iwl_mvm_scan_params *params)
176 {
177 struct iwl_scan_channel *chan = (struct iwl_scan_channel *)
178 (cmd->data + le16_to_cpu(cmd->tx_cmd.len));
179 int i;
180 int type = BIT(req->n_ssids) - 1;
181 enum ieee80211_band band = req->channels[0]->band;
182
183 if (!basic_ssid)
184 type |= BIT(req->n_ssids);
185
186 for (i = 0; i < cmd->channel_count; i++) {
187 chan->channel = cpu_to_le16(req->channels[i]->hw_value);
188 chan->type = cpu_to_le32(type);
189 if (req->channels[i]->flags & IEEE80211_CHAN_NO_IR)
190 chan->type &= cpu_to_le32(~SCAN_CHANNEL_TYPE_ACTIVE);
191 chan->active_dwell = cpu_to_le16(params->dwell[band].active);
192 chan->passive_dwell = cpu_to_le16(params->dwell[band].passive);
193 chan->iteration_count = cpu_to_le16(1);
194 chan++;
195 }
196 }
197
198 /*
199 * Fill in probe request with the following parameters:
200 * TA is our vif HW address, which mac80211 ensures we have.
201 * Packet is broadcasted, so this is both SA and DA.
202 * The probe request IE is made out of two: first comes the most prioritized
203 * SSID if a directed scan is requested. Second comes whatever extra
204 * information was given to us as the scan request IE.
205 */
iwl_mvm_fill_probe_req(struct ieee80211_mgmt * frame,const u8 * ta,int n_ssids,const u8 * ssid,int ssid_len,const u8 * band_ie,int band_ie_len,const u8 * common_ie,int common_ie_len,int left)206 static u16 iwl_mvm_fill_probe_req(struct ieee80211_mgmt *frame, const u8 *ta,
207 int n_ssids, const u8 *ssid, int ssid_len,
208 const u8 *band_ie, int band_ie_len,
209 const u8 *common_ie, int common_ie_len,
210 int left)
211 {
212 int len = 0;
213 u8 *pos = NULL;
214
215 /* Make sure there is enough space for the probe request,
216 * two mandatory IEs and the data */
217 left -= 24;
218 if (left < 0)
219 return 0;
220
221 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
222 eth_broadcast_addr(frame->da);
223 memcpy(frame->sa, ta, ETH_ALEN);
224 eth_broadcast_addr(frame->bssid);
225 frame->seq_ctrl = 0;
226
227 len += 24;
228
229 /* for passive scans, no need to fill anything */
230 if (n_ssids == 0)
231 return (u16)len;
232
233 /* points to the payload of the request */
234 pos = &frame->u.probe_req.variable[0];
235
236 /* fill in our SSID IE */
237 left -= ssid_len + 2;
238 if (left < 0)
239 return 0;
240 *pos++ = WLAN_EID_SSID;
241 *pos++ = ssid_len;
242 if (ssid && ssid_len) { /* ssid_len may be == 0 even if ssid is valid */
243 memcpy(pos, ssid, ssid_len);
244 pos += ssid_len;
245 }
246
247 len += ssid_len + 2;
248
249 if (WARN_ON(left < band_ie_len + common_ie_len))
250 return len;
251
252 if (band_ie && band_ie_len) {
253 memcpy(pos, band_ie, band_ie_len);
254 pos += band_ie_len;
255 len += band_ie_len;
256 }
257
258 if (common_ie && common_ie_len) {
259 memcpy(pos, common_ie, common_ie_len);
260 pos += common_ie_len;
261 len += common_ie_len;
262 }
263
264 return (u16)len;
265 }
266
iwl_mvm_scan_condition_iterator(void * data,u8 * mac,struct ieee80211_vif * vif)267 static void iwl_mvm_scan_condition_iterator(void *data, u8 *mac,
268 struct ieee80211_vif *vif)
269 {
270 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
271 bool *global_bound = data;
272
273 if (mvmvif->phy_ctxt && mvmvif->phy_ctxt->id < MAX_PHYS)
274 *global_bound = true;
275 }
276
iwl_mvm_scan_calc_params(struct iwl_mvm * mvm,struct ieee80211_vif * vif,int n_ssids,u32 flags,struct iwl_mvm_scan_params * params)277 static void iwl_mvm_scan_calc_params(struct iwl_mvm *mvm,
278 struct ieee80211_vif *vif,
279 int n_ssids, u32 flags,
280 struct iwl_mvm_scan_params *params)
281 {
282 bool global_bound = false;
283 enum ieee80211_band band;
284 u8 frag_passive_dwell = 0;
285
286 ieee80211_iterate_active_interfaces_atomic(mvm->hw,
287 IEEE80211_IFACE_ITER_NORMAL,
288 iwl_mvm_scan_condition_iterator,
289 &global_bound);
290
291 if (!global_bound)
292 goto not_bound;
293
294 params->suspend_time = 30;
295 params->max_out_time = 170;
296
297 if (iwl_mvm_low_latency(mvm)) {
298 if (mvm->fw->ucode_capa.api[0] &
299 IWL_UCODE_TLV_API_FRAGMENTED_SCAN) {
300 params->suspend_time = 105;
301 params->max_out_time = 70;
302 frag_passive_dwell = 20;
303 } else {
304 params->suspend_time = 120;
305 params->max_out_time = 120;
306 }
307 }
308
309 if (frag_passive_dwell && (mvm->fw->ucode_capa.api[0] &
310 IWL_UCODE_TLV_API_FRAGMENTED_SCAN)) {
311 /*
312 * P2P device scan should not be fragmented to avoid negative
313 * impact on P2P device discovery. Configure max_out_time to be
314 * equal to dwell time on passive channel. Take a longest
315 * possible value, one that corresponds to 2GHz band
316 */
317 if (vif->type == NL80211_IFTYPE_P2P_DEVICE) {
318 u32 passive_dwell =
319 iwl_mvm_get_passive_dwell(IEEE80211_BAND_2GHZ);
320 params->max_out_time = passive_dwell;
321 } else {
322 params->passive_fragmented = true;
323 }
324 }
325
326 if (flags & NL80211_SCAN_FLAG_LOW_PRIORITY)
327 params->max_out_time = 200;
328
329 not_bound:
330
331 for (band = IEEE80211_BAND_2GHZ; band < IEEE80211_NUM_BANDS; band++) {
332 if (params->passive_fragmented)
333 params->dwell[band].passive = frag_passive_dwell;
334 else
335 params->dwell[band].passive =
336 iwl_mvm_get_passive_dwell(band);
337 params->dwell[band].active = iwl_mvm_get_active_dwell(band,
338 n_ssids);
339 }
340 }
341
iwl_mvm_rrm_scan_needed(struct iwl_mvm * mvm)342 static inline bool iwl_mvm_rrm_scan_needed(struct iwl_mvm *mvm)
343 {
344 /* require rrm scan whenever the fw supports it */
345 return mvm->fw->ucode_capa.capa[0] &
346 IWL_UCODE_TLV_CAPA_DS_PARAM_SET_IE_SUPPORT;
347 }
348
iwl_mvm_max_scan_ie_fw_cmd_room(struct iwl_mvm * mvm,bool is_sched_scan)349 static int iwl_mvm_max_scan_ie_fw_cmd_room(struct iwl_mvm *mvm,
350 bool is_sched_scan)
351 {
352 int max_probe_len;
353
354 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)
355 max_probe_len = SCAN_OFFLOAD_PROBE_REQ_SIZE;
356 else
357 max_probe_len = mvm->fw->ucode_capa.max_probe_length;
358
359 /* we create the 802.11 header and SSID element */
360 max_probe_len -= 24 + 2;
361
362 /* basic ssid is added only for hw_scan with and old api */
363 if (!(mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID) &&
364 !(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) &&
365 !is_sched_scan)
366 max_probe_len -= 32;
367
368 return max_probe_len;
369 }
370
iwl_mvm_max_scan_ie_len(struct iwl_mvm * mvm,bool is_sched_scan)371 int iwl_mvm_max_scan_ie_len(struct iwl_mvm *mvm, bool is_sched_scan)
372 {
373 int max_ie_len = iwl_mvm_max_scan_ie_fw_cmd_room(mvm, is_sched_scan);
374
375 if (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN))
376 return max_ie_len;
377
378 /* TODO: [BUG] This function should return the maximum allowed size of
379 * scan IEs, however the LMAC scan api contains both 2GHZ and 5GHZ IEs
380 * in the same command. So the correct implementation of this function
381 * is just iwl_mvm_max_scan_ie_fw_cmd_room() / 2. Currently the scan
382 * command has only 512 bytes and it would leave us with about 240
383 * bytes for scan IEs, which is clearly not enough. So meanwhile
384 * we will report an incorrect value. This may result in a failure to
385 * issue a scan in unified_scan_lmac and unified_sched_scan_lmac
386 * functions with -ENOBUFS, if a large enough probe will be provided.
387 */
388 return max_ie_len;
389 }
390
iwl_mvm_scan_request(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct cfg80211_scan_request * req)391 int iwl_mvm_scan_request(struct iwl_mvm *mvm,
392 struct ieee80211_vif *vif,
393 struct cfg80211_scan_request *req)
394 {
395 struct iwl_host_cmd hcmd = {
396 .id = SCAN_REQUEST_CMD,
397 .len = { 0, },
398 .data = { mvm->scan_cmd, },
399 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
400 };
401 struct iwl_scan_cmd *cmd = mvm->scan_cmd;
402 int ret;
403 u32 status;
404 int ssid_len = 0;
405 u8 *ssid = NULL;
406 bool basic_ssid = !(mvm->fw->ucode_capa.flags &
407 IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID);
408 struct iwl_mvm_scan_params params = {};
409
410 lockdep_assert_held(&mvm->mutex);
411
412 /* we should have failed registration if scan_cmd was NULL */
413 if (WARN_ON(mvm->scan_cmd == NULL))
414 return -ENOMEM;
415
416 IWL_DEBUG_SCAN(mvm, "Handling mac80211 scan request\n");
417 mvm->scan_status = IWL_MVM_SCAN_OS;
418 memset(cmd, 0, ksize(cmd));
419
420 cmd->channel_count = (u8)req->n_channels;
421 cmd->quiet_time = cpu_to_le16(IWL_ACTIVE_QUIET_TIME);
422 cmd->quiet_plcp_th = cpu_to_le16(IWL_PLCP_QUIET_THRESH);
423 cmd->rxchain_sel_flags = iwl_mvm_scan_rx_chain(mvm);
424
425 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, req->flags, ¶ms);
426 cmd->max_out_time = cpu_to_le32(params.max_out_time);
427 cmd->suspend_time = cpu_to_le32(params.suspend_time);
428 if (params.passive_fragmented)
429 cmd->scan_flags |= SCAN_FLAGS_FRAGMENTED_SCAN;
430
431 cmd->rxon_flags = iwl_mvm_scan_rxon_flags(req->channels[0]->band);
432 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
433 MAC_FILTER_IN_BEACON);
434
435 if (vif->type == NL80211_IFTYPE_P2P_DEVICE)
436 cmd->type = cpu_to_le32(SCAN_TYPE_DISCOVERY_FORCED);
437 else
438 cmd->type = cpu_to_le32(SCAN_TYPE_FORCED);
439
440 cmd->repeats = cpu_to_le32(1);
441
442 /*
443 * If the user asked for passive scan, don't change to active scan if
444 * you see any activity on the channel - remain passive.
445 */
446 if (req->n_ssids > 0) {
447 cmd->passive2active = cpu_to_le16(1);
448 cmd->scan_flags |= SCAN_FLAGS_PASSIVE2ACTIVE;
449 if (basic_ssid) {
450 ssid = req->ssids[0].ssid;
451 ssid_len = req->ssids[0].ssid_len;
452 }
453 } else {
454 cmd->passive2active = 0;
455 cmd->scan_flags &= ~SCAN_FLAGS_PASSIVE2ACTIVE;
456 }
457
458 iwl_mvm_scan_fill_ssids(cmd->direct_scan, req->ssids, req->n_ssids,
459 basic_ssid ? 1 : 0);
460
461 cmd->tx_cmd.tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
462 3 << TX_CMD_FLG_BT_PRIO_POS);
463
464 cmd->tx_cmd.sta_id = mvm->aux_sta.sta_id;
465 cmd->tx_cmd.life_time = cpu_to_le32(TX_CMD_LIFE_TIME_INFINITE);
466 cmd->tx_cmd.rate_n_flags =
467 iwl_mvm_scan_rate_n_flags(mvm, req->channels[0]->band,
468 req->no_cck);
469
470 cmd->tx_cmd.len =
471 cpu_to_le16(iwl_mvm_fill_probe_req(
472 (struct ieee80211_mgmt *)cmd->data,
473 vif->addr,
474 req->n_ssids, ssid, ssid_len,
475 req->ie, req->ie_len, NULL, 0,
476 mvm->fw->ucode_capa.max_probe_length));
477
478 iwl_mvm_scan_fill_channels(cmd, req, basic_ssid, ¶ms);
479
480 cmd->len = cpu_to_le16(sizeof(struct iwl_scan_cmd) +
481 le16_to_cpu(cmd->tx_cmd.len) +
482 (cmd->channel_count * sizeof(struct iwl_scan_channel)));
483 hcmd.len[0] = le16_to_cpu(cmd->len);
484
485 status = SCAN_RESPONSE_OK;
486 ret = iwl_mvm_send_cmd_status(mvm, &hcmd, &status);
487 if (!ret && status == SCAN_RESPONSE_OK) {
488 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n");
489 } else {
490 /*
491 * If the scan failed, it usually means that the FW was unable
492 * to allocate the time events. Warn on it, but maybe we
493 * should try to send the command again with different params.
494 */
495 IWL_ERR(mvm, "Scan failed! status 0x%x ret %d\n",
496 status, ret);
497 mvm->scan_status = IWL_MVM_SCAN_NONE;
498 ret = -EIO;
499 }
500 return ret;
501 }
502
iwl_mvm_rx_scan_response(struct iwl_mvm * mvm,struct iwl_rx_cmd_buffer * rxb,struct iwl_device_cmd * cmd)503 int iwl_mvm_rx_scan_response(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb,
504 struct iwl_device_cmd *cmd)
505 {
506 struct iwl_rx_packet *pkt = rxb_addr(rxb);
507 struct iwl_cmd_response *resp = (void *)pkt->data;
508
509 IWL_DEBUG_SCAN(mvm, "Scan response received. status 0x%x\n",
510 le32_to_cpu(resp->status));
511 return 0;
512 }
513
iwl_mvm_rx_scan_complete(struct iwl_mvm * mvm,struct iwl_rx_cmd_buffer * rxb,struct iwl_device_cmd * cmd)514 int iwl_mvm_rx_scan_complete(struct iwl_mvm *mvm, struct iwl_rx_cmd_buffer *rxb,
515 struct iwl_device_cmd *cmd)
516 {
517 struct iwl_rx_packet *pkt = rxb_addr(rxb);
518 struct iwl_scan_complete_notif *notif = (void *)pkt->data;
519
520 lockdep_assert_held(&mvm->mutex);
521
522 IWL_DEBUG_SCAN(mvm, "Scan complete: status=0x%x scanned channels=%d\n",
523 notif->status, notif->scanned_channels);
524
525 if (mvm->scan_status == IWL_MVM_SCAN_OS)
526 mvm->scan_status = IWL_MVM_SCAN_NONE;
527 ieee80211_scan_completed(mvm->hw, notif->status != SCAN_COMP_STATUS_OK);
528
529 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
530
531 return 0;
532 }
533
iwl_mvm_rx_scan_offload_results(struct iwl_mvm * mvm,struct iwl_rx_cmd_buffer * rxb,struct iwl_device_cmd * cmd)534 int iwl_mvm_rx_scan_offload_results(struct iwl_mvm *mvm,
535 struct iwl_rx_cmd_buffer *rxb,
536 struct iwl_device_cmd *cmd)
537 {
538 struct iwl_rx_packet *pkt = rxb_addr(rxb);
539 u8 client_bitmap = 0;
540
541 if (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)) {
542 struct iwl_sched_scan_results *notif = (void *)pkt->data;
543
544 client_bitmap = notif->client_bitmap;
545 }
546
547 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN ||
548 client_bitmap & SCAN_CLIENT_SCHED_SCAN) {
549 if (mvm->scan_status == IWL_MVM_SCAN_SCHED) {
550 IWL_DEBUG_SCAN(mvm, "Scheduled scan results\n");
551 ieee80211_sched_scan_results(mvm->hw);
552 } else {
553 IWL_DEBUG_SCAN(mvm, "Scan results\n");
554 }
555 }
556
557 return 0;
558 }
559
iwl_mvm_scan_abort_notif(struct iwl_notif_wait_data * notif_wait,struct iwl_rx_packet * pkt,void * data)560 static bool iwl_mvm_scan_abort_notif(struct iwl_notif_wait_data *notif_wait,
561 struct iwl_rx_packet *pkt, void *data)
562 {
563 struct iwl_mvm *mvm =
564 container_of(notif_wait, struct iwl_mvm, notif_wait);
565 struct iwl_scan_complete_notif *notif;
566 u32 *resp;
567
568 switch (pkt->hdr.cmd) {
569 case SCAN_ABORT_CMD:
570 resp = (void *)pkt->data;
571 if (*resp == CAN_ABORT_STATUS) {
572 IWL_DEBUG_SCAN(mvm,
573 "Scan can be aborted, wait until completion\n");
574 return false;
575 }
576
577 /*
578 * If scan cannot be aborted, it means that we had a
579 * SCAN_COMPLETE_NOTIFICATION in the pipe and it called
580 * ieee80211_scan_completed already.
581 */
582 IWL_DEBUG_SCAN(mvm, "Scan cannot be aborted, exit now: %d\n",
583 *resp);
584 return true;
585
586 case SCAN_COMPLETE_NOTIFICATION:
587 notif = (void *)pkt->data;
588 IWL_DEBUG_SCAN(mvm, "Scan aborted: status 0x%x\n",
589 notif->status);
590 return true;
591
592 default:
593 WARN_ON(1);
594 return false;
595 };
596 }
597
iwl_mvm_cancel_regular_scan(struct iwl_mvm * mvm)598 static int iwl_mvm_cancel_regular_scan(struct iwl_mvm *mvm)
599 {
600 struct iwl_notification_wait wait_scan_abort;
601 static const u8 scan_abort_notif[] = { SCAN_ABORT_CMD,
602 SCAN_COMPLETE_NOTIFICATION };
603 int ret;
604
605 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_abort,
606 scan_abort_notif,
607 ARRAY_SIZE(scan_abort_notif),
608 iwl_mvm_scan_abort_notif, NULL);
609
610 ret = iwl_mvm_send_cmd_pdu(mvm, SCAN_ABORT_CMD, 0, 0, NULL);
611 if (ret) {
612 IWL_ERR(mvm, "Couldn't send SCAN_ABORT_CMD: %d\n", ret);
613 /* mac80211's state will be cleaned in the nic_restart flow */
614 goto out_remove_notif;
615 }
616
617 return iwl_wait_notification(&mvm->notif_wait, &wait_scan_abort, HZ);
618
619 out_remove_notif:
620 iwl_remove_notification(&mvm->notif_wait, &wait_scan_abort);
621 return ret;
622 }
623
iwl_mvm_rx_scan_offload_complete_notif(struct iwl_mvm * mvm,struct iwl_rx_cmd_buffer * rxb,struct iwl_device_cmd * cmd)624 int iwl_mvm_rx_scan_offload_complete_notif(struct iwl_mvm *mvm,
625 struct iwl_rx_cmd_buffer *rxb,
626 struct iwl_device_cmd *cmd)
627 {
628 struct iwl_rx_packet *pkt = rxb_addr(rxb);
629 u8 status, ebs_status;
630
631 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) {
632 struct iwl_periodic_scan_complete *scan_notif;
633
634 scan_notif = (void *)pkt->data;
635 status = scan_notif->status;
636 ebs_status = scan_notif->ebs_status;
637 } else {
638 struct iwl_scan_offload_complete *scan_notif;
639
640 scan_notif = (void *)pkt->data;
641 status = scan_notif->status;
642 ebs_status = scan_notif->ebs_status;
643 }
644 /* scan status must be locked for proper checking */
645 lockdep_assert_held(&mvm->mutex);
646
647 IWL_DEBUG_SCAN(mvm,
648 "%s completed, status %s, EBS status %s\n",
649 mvm->scan_status == IWL_MVM_SCAN_SCHED ?
650 "Scheduled scan" : "Scan",
651 status == IWL_SCAN_OFFLOAD_COMPLETED ?
652 "completed" : "aborted",
653 ebs_status == IWL_SCAN_EBS_SUCCESS ?
654 "success" : "failed");
655
656
657 /* only call mac80211 completion if the stop was initiated by FW */
658 if (mvm->scan_status == IWL_MVM_SCAN_SCHED) {
659 mvm->scan_status = IWL_MVM_SCAN_NONE;
660 ieee80211_sched_scan_stopped(mvm->hw);
661 } else if (mvm->scan_status == IWL_MVM_SCAN_OS) {
662 mvm->scan_status = IWL_MVM_SCAN_NONE;
663 ieee80211_scan_completed(mvm->hw,
664 status == IWL_SCAN_OFFLOAD_ABORTED);
665 }
666
667 mvm->last_ebs_successful = !ebs_status;
668
669 return 0;
670 }
671
iwl_scan_offload_build_tx_cmd(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_scan_ies * ies,enum ieee80211_band band,struct iwl_tx_cmd * cmd,u8 * data)672 static void iwl_scan_offload_build_tx_cmd(struct iwl_mvm *mvm,
673 struct ieee80211_vif *vif,
674 struct ieee80211_scan_ies *ies,
675 enum ieee80211_band band,
676 struct iwl_tx_cmd *cmd,
677 u8 *data)
678 {
679 u16 cmd_len;
680
681 cmd->tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL);
682 cmd->life_time = cpu_to_le32(TX_CMD_LIFE_TIME_INFINITE);
683 cmd->sta_id = mvm->aux_sta.sta_id;
684
685 cmd->rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm, band, false);
686
687 cmd_len = iwl_mvm_fill_probe_req((struct ieee80211_mgmt *)data,
688 vif->addr,
689 1, NULL, 0,
690 ies->ies[band], ies->len[band],
691 ies->common_ies, ies->common_ie_len,
692 SCAN_OFFLOAD_PROBE_REQ_SIZE);
693 cmd->len = cpu_to_le16(cmd_len);
694 }
695
iwl_build_scan_cmd(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct cfg80211_sched_scan_request * req,struct iwl_scan_offload_cmd * scan,struct iwl_mvm_scan_params * params)696 static void iwl_build_scan_cmd(struct iwl_mvm *mvm,
697 struct ieee80211_vif *vif,
698 struct cfg80211_sched_scan_request *req,
699 struct iwl_scan_offload_cmd *scan,
700 struct iwl_mvm_scan_params *params)
701 {
702 scan->channel_count = req->n_channels;
703 scan->quiet_time = cpu_to_le16(IWL_ACTIVE_QUIET_TIME);
704 scan->quiet_plcp_th = cpu_to_le16(IWL_PLCP_QUIET_THRESH);
705 scan->good_CRC_th = IWL_GOOD_CRC_TH_DEFAULT;
706 scan->rx_chain = iwl_mvm_scan_rx_chain(mvm);
707
708 scan->max_out_time = cpu_to_le32(params->max_out_time);
709 scan->suspend_time = cpu_to_le32(params->suspend_time);
710
711 scan->filter_flags |= cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
712 MAC_FILTER_IN_BEACON);
713 scan->scan_type = cpu_to_le32(SCAN_TYPE_BACKGROUND);
714 scan->rep_count = cpu_to_le32(1);
715
716 if (params->passive_fragmented)
717 scan->scan_flags |= SCAN_FLAGS_FRAGMENTED_SCAN;
718 }
719
iwl_ssid_exist(u8 * ssid,u8 ssid_len,struct iwl_ssid_ie * ssid_list)720 static int iwl_ssid_exist(u8 *ssid, u8 ssid_len, struct iwl_ssid_ie *ssid_list)
721 {
722 int i;
723
724 for (i = 0; i < PROBE_OPTION_MAX; i++) {
725 if (!ssid_list[i].len)
726 break;
727 if (ssid_list[i].len == ssid_len &&
728 !memcmp(ssid_list->ssid, ssid, ssid_len))
729 return i;
730 }
731 return -1;
732 }
733
iwl_scan_offload_build_ssid(struct cfg80211_sched_scan_request * req,struct iwl_ssid_ie * direct_scan,u32 * ssid_bitmap,bool basic_ssid)734 static void iwl_scan_offload_build_ssid(struct cfg80211_sched_scan_request *req,
735 struct iwl_ssid_ie *direct_scan,
736 u32 *ssid_bitmap, bool basic_ssid)
737 {
738 int i, j;
739 int index;
740
741 /*
742 * copy SSIDs from match list.
743 * iwl_config_sched_scan_profiles() uses the order of these ssids to
744 * config match list.
745 */
746 for (i = 0; i < req->n_match_sets && i < PROBE_OPTION_MAX; i++) {
747 /* skip empty SSID matchsets */
748 if (!req->match_sets[i].ssid.ssid_len)
749 continue;
750 direct_scan[i].id = WLAN_EID_SSID;
751 direct_scan[i].len = req->match_sets[i].ssid.ssid_len;
752 memcpy(direct_scan[i].ssid, req->match_sets[i].ssid.ssid,
753 direct_scan[i].len);
754 }
755
756 /* add SSIDs from scan SSID list */
757 *ssid_bitmap = 0;
758 for (j = 0; j < req->n_ssids && i < PROBE_OPTION_MAX; j++) {
759 index = iwl_ssid_exist(req->ssids[j].ssid,
760 req->ssids[j].ssid_len,
761 direct_scan);
762 if (index < 0) {
763 if (!req->ssids[j].ssid_len && basic_ssid)
764 continue;
765 direct_scan[i].id = WLAN_EID_SSID;
766 direct_scan[i].len = req->ssids[j].ssid_len;
767 memcpy(direct_scan[i].ssid, req->ssids[j].ssid,
768 direct_scan[i].len);
769 *ssid_bitmap |= BIT(i + 1);
770 i++;
771 } else {
772 *ssid_bitmap |= BIT(index + 1);
773 }
774 }
775 }
776
iwl_build_channel_cfg(struct iwl_mvm * mvm,struct cfg80211_sched_scan_request * req,u8 * channels_buffer,enum ieee80211_band band,int * head,u32 ssid_bitmap,struct iwl_mvm_scan_params * params)777 static void iwl_build_channel_cfg(struct iwl_mvm *mvm,
778 struct cfg80211_sched_scan_request *req,
779 u8 *channels_buffer,
780 enum ieee80211_band band,
781 int *head,
782 u32 ssid_bitmap,
783 struct iwl_mvm_scan_params *params)
784 {
785 u32 n_channels = mvm->fw->ucode_capa.n_scan_channels;
786 __le32 *type = (__le32 *)channels_buffer;
787 __le16 *channel_number = (__le16 *)(type + n_channels);
788 __le16 *iter_count = channel_number + n_channels;
789 __le32 *iter_interval = (__le32 *)(iter_count + n_channels);
790 u8 *active_dwell = (u8 *)(iter_interval + n_channels);
791 u8 *passive_dwell = active_dwell + n_channels;
792 int i, index = 0;
793
794 for (i = 0; i < req->n_channels; i++) {
795 struct ieee80211_channel *chan = req->channels[i];
796
797 if (chan->band != band)
798 continue;
799
800 index = *head;
801 (*head)++;
802
803 channel_number[index] = cpu_to_le16(chan->hw_value);
804 active_dwell[index] = params->dwell[band].active;
805 passive_dwell[index] = params->dwell[band].passive;
806
807 iter_count[index] = cpu_to_le16(1);
808 iter_interval[index] = 0;
809
810 if (!(chan->flags & IEEE80211_CHAN_NO_IR))
811 type[index] |=
812 cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_ACTIVE);
813
814 type[index] |= cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_FULL |
815 IWL_SCAN_OFFLOAD_CHANNEL_PARTIAL);
816
817 if (chan->flags & IEEE80211_CHAN_NO_HT40)
818 type[index] |=
819 cpu_to_le32(IWL_SCAN_OFFLOAD_CHANNEL_NARROW);
820
821 /* scan for all SSIDs from req->ssids */
822 type[index] |= cpu_to_le32(ssid_bitmap);
823 }
824 }
825
iwl_mvm_config_sched_scan(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct cfg80211_sched_scan_request * req,struct ieee80211_scan_ies * ies)826 int iwl_mvm_config_sched_scan(struct iwl_mvm *mvm,
827 struct ieee80211_vif *vif,
828 struct cfg80211_sched_scan_request *req,
829 struct ieee80211_scan_ies *ies)
830 {
831 int band_2ghz = mvm->nvm_data->bands[IEEE80211_BAND_2GHZ].n_channels;
832 int band_5ghz = mvm->nvm_data->bands[IEEE80211_BAND_5GHZ].n_channels;
833 int head = 0;
834 u32 ssid_bitmap;
835 int cmd_len;
836 int ret;
837 u8 *probes;
838 bool basic_ssid = !(mvm->fw->ucode_capa.flags &
839 IWL_UCODE_TLV_FLAGS_NO_BASIC_SSID);
840
841 struct iwl_scan_offload_cfg *scan_cfg;
842 struct iwl_host_cmd cmd = {
843 .id = SCAN_OFFLOAD_CONFIG_CMD,
844 };
845 struct iwl_mvm_scan_params params = {};
846
847 lockdep_assert_held(&mvm->mutex);
848
849 cmd_len = sizeof(struct iwl_scan_offload_cfg) +
850 mvm->fw->ucode_capa.n_scan_channels * IWL_SCAN_CHAN_SIZE +
851 2 * SCAN_OFFLOAD_PROBE_REQ_SIZE;
852
853 scan_cfg = kzalloc(cmd_len, GFP_KERNEL);
854 if (!scan_cfg)
855 return -ENOMEM;
856
857 probes = scan_cfg->data +
858 mvm->fw->ucode_capa.n_scan_channels * IWL_SCAN_CHAN_SIZE;
859
860 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, 0, ¶ms);
861 iwl_build_scan_cmd(mvm, vif, req, &scan_cfg->scan_cmd, ¶ms);
862 scan_cfg->scan_cmd.len = cpu_to_le16(cmd_len);
863
864 iwl_scan_offload_build_ssid(req, scan_cfg->scan_cmd.direct_scan,
865 &ssid_bitmap, basic_ssid);
866 /* build tx frames for supported bands */
867 if (band_2ghz) {
868 iwl_scan_offload_build_tx_cmd(mvm, vif, ies,
869 IEEE80211_BAND_2GHZ,
870 &scan_cfg->scan_cmd.tx_cmd[0],
871 probes);
872 iwl_build_channel_cfg(mvm, req, scan_cfg->data,
873 IEEE80211_BAND_2GHZ, &head,
874 ssid_bitmap, ¶ms);
875 }
876 if (band_5ghz) {
877 iwl_scan_offload_build_tx_cmd(mvm, vif, ies,
878 IEEE80211_BAND_5GHZ,
879 &scan_cfg->scan_cmd.tx_cmd[1],
880 probes +
881 SCAN_OFFLOAD_PROBE_REQ_SIZE);
882 iwl_build_channel_cfg(mvm, req, scan_cfg->data,
883 IEEE80211_BAND_5GHZ, &head,
884 ssid_bitmap, ¶ms);
885 }
886
887 cmd.data[0] = scan_cfg;
888 cmd.len[0] = cmd_len;
889 cmd.dataflags[0] = IWL_HCMD_DFL_NOCOPY;
890
891 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan config\n");
892
893 ret = iwl_mvm_send_cmd(mvm, &cmd);
894 kfree(scan_cfg);
895 return ret;
896 }
897
iwl_mvm_config_sched_scan_profiles(struct iwl_mvm * mvm,struct cfg80211_sched_scan_request * req)898 int iwl_mvm_config_sched_scan_profiles(struct iwl_mvm *mvm,
899 struct cfg80211_sched_scan_request *req)
900 {
901 struct iwl_scan_offload_profile *profile;
902 struct iwl_scan_offload_profile_cfg *profile_cfg;
903 struct iwl_scan_offload_blacklist *blacklist;
904 struct iwl_host_cmd cmd = {
905 .id = SCAN_OFFLOAD_UPDATE_PROFILES_CMD,
906 .len[1] = sizeof(*profile_cfg),
907 .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
908 .dataflags[1] = IWL_HCMD_DFL_NOCOPY,
909 };
910 int blacklist_len;
911 int i;
912 int ret;
913
914 if (WARN_ON(req->n_match_sets > IWL_SCAN_MAX_PROFILES))
915 return -EIO;
916
917 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_SHORT_BL)
918 blacklist_len = IWL_SCAN_SHORT_BLACKLIST_LEN;
919 else
920 blacklist_len = IWL_SCAN_MAX_BLACKLIST_LEN;
921
922 blacklist = kzalloc(sizeof(*blacklist) * blacklist_len, GFP_KERNEL);
923 if (!blacklist)
924 return -ENOMEM;
925
926 profile_cfg = kzalloc(sizeof(*profile_cfg), GFP_KERNEL);
927 if (!profile_cfg) {
928 ret = -ENOMEM;
929 goto free_blacklist;
930 }
931
932 cmd.data[0] = blacklist;
933 cmd.len[0] = sizeof(*blacklist) * blacklist_len;
934 cmd.data[1] = profile_cfg;
935
936 /* No blacklist configuration */
937
938 profile_cfg->num_profiles = req->n_match_sets;
939 profile_cfg->active_clients = SCAN_CLIENT_SCHED_SCAN;
940 profile_cfg->pass_match = SCAN_CLIENT_SCHED_SCAN;
941 profile_cfg->match_notify = SCAN_CLIENT_SCHED_SCAN;
942 if (!req->n_match_sets || !req->match_sets[0].ssid.ssid_len)
943 profile_cfg->any_beacon_notify = SCAN_CLIENT_SCHED_SCAN;
944
945 for (i = 0; i < req->n_match_sets; i++) {
946 profile = &profile_cfg->profiles[i];
947 profile->ssid_index = i;
948 /* Support any cipher and auth algorithm */
949 profile->unicast_cipher = 0xff;
950 profile->auth_alg = 0xff;
951 profile->network_type = IWL_NETWORK_TYPE_ANY;
952 profile->band_selection = IWL_SCAN_OFFLOAD_SELECT_ANY;
953 profile->client_bitmap = SCAN_CLIENT_SCHED_SCAN;
954 }
955
956 IWL_DEBUG_SCAN(mvm, "Sending scheduled scan profile config\n");
957
958 ret = iwl_mvm_send_cmd(mvm, &cmd);
959 kfree(profile_cfg);
960 free_blacklist:
961 kfree(blacklist);
962
963 return ret;
964 }
965
iwl_mvm_sched_scan_start(struct iwl_mvm * mvm,struct cfg80211_sched_scan_request * req)966 int iwl_mvm_sched_scan_start(struct iwl_mvm *mvm,
967 struct cfg80211_sched_scan_request *req)
968 {
969 struct iwl_scan_offload_req scan_req = {
970 .watchdog = IWL_SCHED_SCAN_WATCHDOG,
971
972 .schedule_line[0].iterations = IWL_FAST_SCHED_SCAN_ITERATIONS,
973 .schedule_line[0].delay = cpu_to_le16(req->interval / 1000),
974 .schedule_line[0].full_scan_mul = 1,
975
976 .schedule_line[1].iterations = 0xff,
977 .schedule_line[1].delay = cpu_to_le16(req->interval / 1000),
978 .schedule_line[1].full_scan_mul = IWL_FULL_SCAN_MULTIPLIER,
979 };
980
981 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) {
982 IWL_DEBUG_SCAN(mvm,
983 "Sending scheduled scan with filtering, filter len %d\n",
984 req->n_match_sets);
985 } else {
986 IWL_DEBUG_SCAN(mvm,
987 "Sending Scheduled scan without filtering\n");
988 scan_req.flags |= cpu_to_le16(IWL_SCAN_OFFLOAD_FLAG_PASS_ALL);
989 }
990
991 if (mvm->last_ebs_successful &&
992 mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT)
993 scan_req.flags |=
994 cpu_to_le16(IWL_SCAN_OFFLOAD_FLAG_EBS_ACCURATE_MODE);
995
996 return iwl_mvm_send_cmd_pdu(mvm, SCAN_OFFLOAD_REQUEST_CMD, 0,
997 sizeof(scan_req), &scan_req);
998 }
999
iwl_mvm_send_scan_offload_abort(struct iwl_mvm * mvm)1000 static int iwl_mvm_send_scan_offload_abort(struct iwl_mvm *mvm)
1001 {
1002 int ret;
1003 struct iwl_host_cmd cmd = {
1004 .id = SCAN_OFFLOAD_ABORT_CMD,
1005 };
1006 u32 status;
1007
1008 /* Exit instantly with error when device is not ready
1009 * to receive scan abort command or it does not perform
1010 * scheduled scan currently */
1011 if (mvm->scan_status != IWL_MVM_SCAN_SCHED &&
1012 (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) ||
1013 mvm->scan_status != IWL_MVM_SCAN_OS))
1014 return -EIO;
1015
1016 ret = iwl_mvm_send_cmd_status(mvm, &cmd, &status);
1017 if (ret)
1018 return ret;
1019
1020 if (status != CAN_ABORT_STATUS) {
1021 /*
1022 * The scan abort will return 1 for success or
1023 * 2 for "failure". A failure condition can be
1024 * due to simply not being in an active scan which
1025 * can occur if we send the scan abort before the
1026 * microcode has notified us that a scan is completed.
1027 */
1028 IWL_DEBUG_SCAN(mvm, "SCAN OFFLOAD ABORT ret %d.\n", status);
1029 ret = -ENOENT;
1030 }
1031
1032 return ret;
1033 }
1034
iwl_mvm_scan_offload_stop(struct iwl_mvm * mvm,bool notify)1035 int iwl_mvm_scan_offload_stop(struct iwl_mvm *mvm, bool notify)
1036 {
1037 int ret;
1038 struct iwl_notification_wait wait_scan_done;
1039 static const u8 scan_done_notif[] = { SCAN_OFFLOAD_COMPLETE, };
1040 bool sched = mvm->scan_status == IWL_MVM_SCAN_SCHED;
1041
1042 lockdep_assert_held(&mvm->mutex);
1043
1044 if (mvm->scan_status != IWL_MVM_SCAN_SCHED &&
1045 (!(mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN) ||
1046 mvm->scan_status != IWL_MVM_SCAN_OS)) {
1047 IWL_DEBUG_SCAN(mvm, "No scan to stop\n");
1048 return 0;
1049 }
1050
1051 iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done,
1052 scan_done_notif,
1053 ARRAY_SIZE(scan_done_notif),
1054 NULL, NULL);
1055
1056 ret = iwl_mvm_send_scan_offload_abort(mvm);
1057 if (ret) {
1058 IWL_DEBUG_SCAN(mvm, "Send stop %sscan failed %d\n",
1059 sched ? "offloaded " : "", ret);
1060 iwl_remove_notification(&mvm->notif_wait, &wait_scan_done);
1061 return ret;
1062 }
1063
1064 IWL_DEBUG_SCAN(mvm, "Successfully sent stop %sscan\n",
1065 sched ? "offloaded " : "");
1066
1067 ret = iwl_wait_notification(&mvm->notif_wait, &wait_scan_done, 1 * HZ);
1068 if (ret)
1069 return ret;
1070
1071 /*
1072 * Clear the scan status so the next scan requests will succeed. This
1073 * also ensures the Rx handler doesn't do anything, as the scan was
1074 * stopped from above.
1075 */
1076 mvm->scan_status = IWL_MVM_SCAN_NONE;
1077
1078 if (notify) {
1079 if (sched)
1080 ieee80211_sched_scan_stopped(mvm->hw);
1081 else
1082 ieee80211_scan_completed(mvm->hw, true);
1083 }
1084
1085 return 0;
1086 }
1087
iwl_mvm_unified_scan_fill_tx_cmd(struct iwl_mvm * mvm,struct iwl_scan_req_tx_cmd * tx_cmd,bool no_cck)1088 static void iwl_mvm_unified_scan_fill_tx_cmd(struct iwl_mvm *mvm,
1089 struct iwl_scan_req_tx_cmd *tx_cmd,
1090 bool no_cck)
1091 {
1092 tx_cmd[0].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
1093 TX_CMD_FLG_BT_DIS);
1094 tx_cmd[0].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
1095 IEEE80211_BAND_2GHZ,
1096 no_cck);
1097 tx_cmd[0].sta_id = mvm->aux_sta.sta_id;
1098
1099 tx_cmd[1].tx_flags = cpu_to_le32(TX_CMD_FLG_SEQ_CTL |
1100 TX_CMD_FLG_BT_DIS);
1101 tx_cmd[1].rate_n_flags = iwl_mvm_scan_rate_n_flags(mvm,
1102 IEEE80211_BAND_5GHZ,
1103 no_cck);
1104 tx_cmd[1].sta_id = mvm->aux_sta.sta_id;
1105 }
1106
1107 static void
iwl_mvm_lmac_scan_cfg_channels(struct iwl_mvm * mvm,struct ieee80211_channel ** channels,int n_channels,u32 ssid_bitmap,struct iwl_scan_req_unified_lmac * cmd)1108 iwl_mvm_lmac_scan_cfg_channels(struct iwl_mvm *mvm,
1109 struct ieee80211_channel **channels,
1110 int n_channels, u32 ssid_bitmap,
1111 struct iwl_scan_req_unified_lmac *cmd)
1112 {
1113 struct iwl_scan_channel_cfg_lmac *channel_cfg = (void *)&cmd->data;
1114 int i;
1115
1116 for (i = 0; i < n_channels; i++) {
1117 channel_cfg[i].channel_num =
1118 cpu_to_le16(channels[i]->hw_value);
1119 channel_cfg[i].iter_count = cpu_to_le16(1);
1120 channel_cfg[i].iter_interval = 0;
1121 channel_cfg[i].flags =
1122 cpu_to_le32(IWL_UNIFIED_SCAN_CHANNEL_PARTIAL |
1123 ssid_bitmap);
1124 }
1125 }
1126
1127 static void
iwl_mvm_build_unified_scan_probe(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_scan_ies * ies,struct iwl_scan_req_unified_lmac * cmd)1128 iwl_mvm_build_unified_scan_probe(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
1129 struct ieee80211_scan_ies *ies,
1130 struct iwl_scan_req_unified_lmac *cmd)
1131 {
1132 struct iwl_scan_probe_req *preq = (void *)(cmd->data +
1133 sizeof(struct iwl_scan_channel_cfg_lmac) *
1134 mvm->fw->ucode_capa.n_scan_channels);
1135 struct ieee80211_mgmt *frame = (struct ieee80211_mgmt *)preq->buf;
1136 u8 *pos;
1137
1138 frame->frame_control = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
1139 eth_broadcast_addr(frame->da);
1140 memcpy(frame->sa, vif->addr, ETH_ALEN);
1141 eth_broadcast_addr(frame->bssid);
1142 frame->seq_ctrl = 0;
1143
1144 pos = frame->u.probe_req.variable;
1145 *pos++ = WLAN_EID_SSID;
1146 *pos++ = 0;
1147
1148 preq->mac_header.offset = 0;
1149 preq->mac_header.len = cpu_to_le16(24 + 2);
1150
1151 memcpy(pos, ies->ies[IEEE80211_BAND_2GHZ],
1152 ies->len[IEEE80211_BAND_2GHZ]);
1153 preq->band_data[0].offset = cpu_to_le16(pos - preq->buf);
1154 preq->band_data[0].len = cpu_to_le16(ies->len[IEEE80211_BAND_2GHZ]);
1155 pos += ies->len[IEEE80211_BAND_2GHZ];
1156
1157 memcpy(pos, ies->ies[IEEE80211_BAND_5GHZ],
1158 ies->len[IEEE80211_BAND_5GHZ]);
1159 preq->band_data[1].offset = cpu_to_le16(pos - preq->buf);
1160 preq->band_data[1].len = cpu_to_le16(ies->len[IEEE80211_BAND_5GHZ]);
1161 pos += ies->len[IEEE80211_BAND_5GHZ];
1162
1163 memcpy(pos, ies->common_ies, ies->common_ie_len);
1164 preq->common_data.offset = cpu_to_le16(pos - preq->buf);
1165 preq->common_data.len = cpu_to_le16(ies->common_ie_len);
1166 }
1167
1168 static void
iwl_mvm_build_generic_unified_scan_cmd(struct iwl_mvm * mvm,struct iwl_scan_req_unified_lmac * cmd,struct iwl_mvm_scan_params * params)1169 iwl_mvm_build_generic_unified_scan_cmd(struct iwl_mvm *mvm,
1170 struct iwl_scan_req_unified_lmac *cmd,
1171 struct iwl_mvm_scan_params *params)
1172 {
1173 memset(cmd, 0, ksize(cmd));
1174 cmd->active_dwell = params->dwell[IEEE80211_BAND_2GHZ].active;
1175 cmd->passive_dwell = params->dwell[IEEE80211_BAND_2GHZ].passive;
1176 if (params->passive_fragmented)
1177 cmd->fragmented_dwell =
1178 params->dwell[IEEE80211_BAND_2GHZ].passive;
1179 cmd->rx_chain_select = iwl_mvm_scan_rx_chain(mvm);
1180 cmd->max_out_time = cpu_to_le32(params->max_out_time);
1181 cmd->suspend_time = cpu_to_le32(params->suspend_time);
1182 cmd->scan_prio = cpu_to_le32(IWL_SCAN_PRIORITY_HIGH);
1183 cmd->iter_num = cpu_to_le32(1);
1184
1185 if (mvm->fw->ucode_capa.flags & IWL_UCODE_TLV_FLAGS_EBS_SUPPORT &&
1186 mvm->last_ebs_successful) {
1187 cmd->channel_opt[0].flags =
1188 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
1189 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1190 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
1191 cmd->channel_opt[1].flags =
1192 cpu_to_le16(IWL_SCAN_CHANNEL_FLAG_EBS |
1193 IWL_SCAN_CHANNEL_FLAG_EBS_ACCURATE |
1194 IWL_SCAN_CHANNEL_FLAG_CACHE_ADD);
1195 }
1196
1197 if (iwl_mvm_rrm_scan_needed(mvm))
1198 cmd->scan_flags |=
1199 cpu_to_le32(IWL_MVM_LMAC_SCAN_FLAGS_RRM_ENABLED);
1200 }
1201
iwl_mvm_unified_scan_lmac(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct ieee80211_scan_request * req)1202 int iwl_mvm_unified_scan_lmac(struct iwl_mvm *mvm,
1203 struct ieee80211_vif *vif,
1204 struct ieee80211_scan_request *req)
1205 {
1206 struct iwl_host_cmd hcmd = {
1207 .id = SCAN_OFFLOAD_REQUEST_CMD,
1208 .len = { sizeof(struct iwl_scan_req_unified_lmac) +
1209 sizeof(struct iwl_scan_channel_cfg_lmac) *
1210 mvm->fw->ucode_capa.n_scan_channels +
1211 sizeof(struct iwl_scan_probe_req), },
1212 .data = { mvm->scan_cmd, },
1213 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1214 };
1215 struct iwl_scan_req_unified_lmac *cmd = mvm->scan_cmd;
1216 struct iwl_mvm_scan_params params = {};
1217 u32 flags;
1218 int ssid_bitmap = 0;
1219 int ret, i;
1220
1221 lockdep_assert_held(&mvm->mutex);
1222
1223 /* we should have failed registration if scan_cmd was NULL */
1224 if (WARN_ON(mvm->scan_cmd == NULL))
1225 return -ENOMEM;
1226
1227 if (req->req.n_ssids > PROBE_OPTION_MAX ||
1228 req->ies.common_ie_len + req->ies.len[NL80211_BAND_2GHZ] +
1229 req->ies.len[NL80211_BAND_5GHZ] >
1230 iwl_mvm_max_scan_ie_fw_cmd_room(mvm, false) ||
1231 req->req.n_channels > mvm->fw->ucode_capa.n_scan_channels)
1232 return -ENOBUFS;
1233
1234 mvm->scan_status = IWL_MVM_SCAN_OS;
1235
1236 iwl_mvm_scan_calc_params(mvm, vif, req->req.n_ssids, req->req.flags,
1237 ¶ms);
1238
1239 iwl_mvm_build_generic_unified_scan_cmd(mvm, cmd, ¶ms);
1240
1241 cmd->n_channels = (u8)req->req.n_channels;
1242
1243 flags = IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL;
1244
1245 if (req->req.n_ssids == 1 && req->req.ssids[0].ssid_len != 0)
1246 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION;
1247
1248 if (params.passive_fragmented)
1249 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED;
1250
1251 if (req->req.n_ssids == 0)
1252 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE;
1253
1254 cmd->scan_flags |= cpu_to_le32(flags);
1255
1256 cmd->flags = iwl_mvm_scan_rxon_flags(req->req.channels[0]->band);
1257 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
1258 MAC_FILTER_IN_BEACON);
1259 iwl_mvm_unified_scan_fill_tx_cmd(mvm, cmd->tx_cmd, req->req.no_cck);
1260 iwl_mvm_scan_fill_ssids(cmd->direct_scan, req->req.ssids,
1261 req->req.n_ssids, 0);
1262
1263 cmd->schedule[0].delay = 0;
1264 cmd->schedule[0].iterations = 1;
1265 cmd->schedule[0].full_scan_mul = 0;
1266 cmd->schedule[1].delay = 0;
1267 cmd->schedule[1].iterations = 0;
1268 cmd->schedule[1].full_scan_mul = 0;
1269
1270 for (i = 1; i <= req->req.n_ssids; i++)
1271 ssid_bitmap |= BIT(i);
1272
1273 iwl_mvm_lmac_scan_cfg_channels(mvm, req->req.channels,
1274 req->req.n_channels, ssid_bitmap,
1275 cmd);
1276
1277 iwl_mvm_build_unified_scan_probe(mvm, vif, &req->ies, cmd);
1278
1279 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1280 if (!ret) {
1281 IWL_DEBUG_SCAN(mvm, "Scan request was sent successfully\n");
1282 } else {
1283 /*
1284 * If the scan failed, it usually means that the FW was unable
1285 * to allocate the time events. Warn on it, but maybe we
1286 * should try to send the command again with different params.
1287 */
1288 IWL_ERR(mvm, "Scan failed! ret %d\n", ret);
1289 mvm->scan_status = IWL_MVM_SCAN_NONE;
1290 ret = -EIO;
1291 }
1292 return ret;
1293 }
1294
iwl_mvm_unified_sched_scan_lmac(struct iwl_mvm * mvm,struct ieee80211_vif * vif,struct cfg80211_sched_scan_request * req,struct ieee80211_scan_ies * ies)1295 int iwl_mvm_unified_sched_scan_lmac(struct iwl_mvm *mvm,
1296 struct ieee80211_vif *vif,
1297 struct cfg80211_sched_scan_request *req,
1298 struct ieee80211_scan_ies *ies)
1299 {
1300 struct iwl_host_cmd hcmd = {
1301 .id = SCAN_OFFLOAD_REQUEST_CMD,
1302 .len = { sizeof(struct iwl_scan_req_unified_lmac) +
1303 sizeof(struct iwl_scan_channel_cfg_lmac) *
1304 mvm->fw->ucode_capa.n_scan_channels +
1305 sizeof(struct iwl_scan_probe_req), },
1306 .data = { mvm->scan_cmd, },
1307 .dataflags = { IWL_HCMD_DFL_NOCOPY, },
1308 };
1309 struct iwl_scan_req_unified_lmac *cmd = mvm->scan_cmd;
1310 struct iwl_mvm_scan_params params = {};
1311 int ret;
1312 u32 flags = 0, ssid_bitmap = 0;
1313
1314 lockdep_assert_held(&mvm->mutex);
1315
1316 /* we should have failed registration if scan_cmd was NULL */
1317 if (WARN_ON(mvm->scan_cmd == NULL))
1318 return -ENOMEM;
1319
1320 if (req->n_ssids > PROBE_OPTION_MAX ||
1321 ies->common_ie_len + ies->len[NL80211_BAND_2GHZ] +
1322 ies->len[NL80211_BAND_5GHZ] >
1323 iwl_mvm_max_scan_ie_fw_cmd_room(mvm, true) ||
1324 req->n_channels > mvm->fw->ucode_capa.n_scan_channels)
1325 return -ENOBUFS;
1326
1327 iwl_mvm_scan_calc_params(mvm, vif, req->n_ssids, 0, ¶ms);
1328
1329 iwl_mvm_build_generic_unified_scan_cmd(mvm, cmd, ¶ms);
1330
1331 cmd->n_channels = (u8)req->n_channels;
1332
1333 if (req->n_match_sets && req->match_sets[0].ssid.ssid_len) {
1334 IWL_DEBUG_SCAN(mvm,
1335 "Sending scheduled scan with filtering, n_match_sets %d\n",
1336 req->n_match_sets);
1337 flags |= IWL_MVM_LMAC_SCAN_FLAG_MATCH;
1338 } else {
1339 IWL_DEBUG_SCAN(mvm,
1340 "Sending Scheduled scan without filtering\n");
1341 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASS_ALL;
1342 }
1343
1344 if (req->n_ssids == 1 && req->ssids[0].ssid_len != 0)
1345 flags |= IWL_MVM_LMAC_SCAN_FLAG_PRE_CONNECTION;
1346
1347 if (params.passive_fragmented)
1348 flags |= IWL_MVM_LMAC_SCAN_FLAG_FRAGMENTED;
1349
1350 if (req->n_ssids == 0)
1351 flags |= IWL_MVM_LMAC_SCAN_FLAG_PASSIVE;
1352
1353 cmd->scan_flags |= cpu_to_le32(flags);
1354
1355 cmd->flags = iwl_mvm_scan_rxon_flags(req->channels[0]->band);
1356 cmd->filter_flags = cpu_to_le32(MAC_FILTER_ACCEPT_GRP |
1357 MAC_FILTER_IN_BEACON);
1358 iwl_mvm_unified_scan_fill_tx_cmd(mvm, cmd->tx_cmd, false);
1359 iwl_scan_offload_build_ssid(req, cmd->direct_scan, &ssid_bitmap, false);
1360
1361 cmd->schedule[0].delay = cpu_to_le16(req->interval / MSEC_PER_SEC);
1362 cmd->schedule[0].iterations = IWL_FAST_SCHED_SCAN_ITERATIONS;
1363 cmd->schedule[0].full_scan_mul = 1;
1364
1365 cmd->schedule[1].delay = cpu_to_le16(req->interval / MSEC_PER_SEC);
1366 cmd->schedule[1].iterations = 0xff;
1367 cmd->schedule[1].full_scan_mul = IWL_FULL_SCAN_MULTIPLIER;
1368
1369 iwl_mvm_lmac_scan_cfg_channels(mvm, req->channels, req->n_channels,
1370 ssid_bitmap, cmd);
1371
1372 iwl_mvm_build_unified_scan_probe(mvm, vif, ies, cmd);
1373
1374 ret = iwl_mvm_send_cmd(mvm, &hcmd);
1375 if (!ret) {
1376 IWL_DEBUG_SCAN(mvm,
1377 "Sched scan request was sent successfully\n");
1378 } else {
1379 /*
1380 * If the scan failed, it usually means that the FW was unable
1381 * to allocate the time events. Warn on it, but maybe we
1382 * should try to send the command again with different params.
1383 */
1384 IWL_ERR(mvm, "Sched scan failed! ret %d\n", ret);
1385 mvm->scan_status = IWL_MVM_SCAN_NONE;
1386 ret = -EIO;
1387 }
1388 return ret;
1389 }
1390
1391
iwl_mvm_cancel_scan(struct iwl_mvm * mvm)1392 int iwl_mvm_cancel_scan(struct iwl_mvm *mvm)
1393 {
1394 if (mvm->scan_status == IWL_MVM_SCAN_NONE)
1395 return 0;
1396
1397 if (iwl_mvm_is_radio_killed(mvm)) {
1398 ieee80211_scan_completed(mvm->hw, true);
1399 iwl_mvm_unref(mvm, IWL_MVM_REF_SCAN);
1400 mvm->scan_status = IWL_MVM_SCAN_NONE;
1401 return 0;
1402 }
1403
1404 if (mvm->fw->ucode_capa.api[0] & IWL_UCODE_TLV_API_LMAC_SCAN)
1405 return iwl_mvm_scan_offload_stop(mvm, true);
1406 return iwl_mvm_cancel_regular_scan(mvm);
1407 }
1408