1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2012-2014, 2018-2024 Intel Corporation 4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH 5 * Copyright (C) 2017 Intel Deutschland GmbH 6 */ 7 #include <linux/jiffies.h> 8 #include <net/mac80211.h> 9 10 #include "fw/notif-wait.h" 11 #include "iwl-trans.h" 12 #include "fw-api.h" 13 #include "time-event.h" 14 #include "mvm.h" 15 #include "iwl-io.h" 16 #include "iwl-prph.h" 17 18 /* 19 * For the high priority TE use a time event type that has similar priority to 20 * the FW's action scan priority. 21 */ 22 #define IWL_MVM_ROC_TE_TYPE_NORMAL TE_P2P_DEVICE_DISCOVERABLE 23 #define IWL_MVM_ROC_TE_TYPE_MGMT_TX TE_P2P_CLIENT_ASSOC 24 25 void iwl_mvm_te_clear_data(struct iwl_mvm *mvm, 26 struct iwl_mvm_time_event_data *te_data) 27 { 28 lockdep_assert_held(&mvm->time_event_lock); 29 30 if (!te_data || !te_data->vif) 31 return; 32 33 list_del(&te_data->list); 34 35 /* 36 * the list is only used for AUX ROC events so make sure it is always 37 * initialized 38 */ 39 INIT_LIST_HEAD(&te_data->list); 40 41 te_data->running = false; 42 te_data->uid = 0; 43 te_data->id = TE_MAX; 44 te_data->vif = NULL; 45 te_data->link_id = -1; 46 } 47 48 static void iwl_mvm_cleanup_roc(struct iwl_mvm *mvm) 49 { 50 struct ieee80211_vif *bss_vif = iwl_mvm_get_bss_vif(mvm); 51 struct ieee80211_vif *vif = mvm->p2p_device_vif; 52 53 lockdep_assert_held(&mvm->mutex); 54 55 /* 56 * Clear the ROC_P2P_RUNNING status bit. 57 * This will cause the TX path to drop offchannel transmissions. 58 * That would also be done by mac80211, but it is racy, in particular 59 * in the case that the time event actually completed in the firmware. 60 * 61 * Also flush the offchannel queue -- this is called when the time 62 * event finishes or is canceled, so that frames queued for it 63 * won't get stuck on the queue and be transmitted in the next 64 * time event. 65 */ 66 if (test_and_clear_bit(IWL_MVM_STATUS_ROC_P2P_RUNNING, &mvm->status)) { 67 struct iwl_mvm_vif *mvmvif; 68 69 synchronize_net(); 70 71 /* 72 * NB: access to this pointer would be racy, but the flush bit 73 * can only be set when we had a P2P-Device VIF, and we have a 74 * flush of this work in iwl_mvm_prepare_mac_removal() so it's 75 * not really racy. 76 */ 77 78 if (!WARN_ON(!vif)) { 79 mvmvif = iwl_mvm_vif_from_mac80211(vif); 80 iwl_mvm_flush_sta(mvm, mvmvif->deflink.bcast_sta.sta_id, 81 mvmvif->deflink.bcast_sta.tfd_queue_msk); 82 83 if (mvm->mld_api_is_used) { 84 iwl_mvm_mld_rm_bcast_sta(mvm, vif, 85 &vif->bss_conf); 86 87 iwl_mvm_link_changed(mvm, vif, &vif->bss_conf, 88 LINK_CONTEXT_MODIFY_ACTIVE, 89 false); 90 } else { 91 iwl_mvm_rm_p2p_bcast_sta(mvm, vif); 92 iwl_mvm_binding_remove_vif(mvm, vif); 93 } 94 95 /* Do not remove the PHY context as removing and adding 96 * a PHY context has timing overheads. Leaving it 97 * configured in FW would be useful in case the next ROC 98 * is with the same channel. 99 */ 100 } 101 } 102 103 /* 104 * P2P AUX ROC and HS2.0 ROC do not run simultaneously. 105 * Clear the ROC_AUX_RUNNING status bit. 106 * This will cause the TX path to drop offchannel transmissions. 107 * That would also be done by mac80211, but it is racy, in particular 108 * in the case that the time event actually completed in the firmware 109 * (which is handled in iwl_mvm_te_handle_notif). 110 */ 111 if (test_and_clear_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status)) { 112 synchronize_net(); 113 114 iwl_mvm_flush_sta(mvm, mvm->aux_sta.sta_id, 115 mvm->aux_sta.tfd_queue_msk); 116 117 if (mvm->mld_api_is_used) { 118 iwl_mvm_mld_rm_aux_sta(mvm); 119 mutex_unlock(&mvm->mutex); 120 return; 121 } 122 123 /* In newer version of this command an aux station is added only 124 * in cases of dedicated tx queue and need to be removed in end 125 * of use */ 126 if (iwl_mvm_has_new_station_api(mvm->fw)) 127 iwl_mvm_rm_aux_sta(mvm); 128 } 129 130 if (!IS_ERR_OR_NULL(bss_vif)) 131 iwl_mvm_unblock_esr(mvm, bss_vif, IWL_MVM_ESR_BLOCKED_ROC); 132 mutex_unlock(&mvm->mutex); 133 } 134 135 void iwl_mvm_roc_done_wk(struct work_struct *wk) 136 { 137 struct iwl_mvm *mvm = container_of(wk, struct iwl_mvm, roc_done_wk); 138 139 mutex_lock(&mvm->mutex); 140 /* Mutex is released inside */ 141 iwl_mvm_cleanup_roc(mvm); 142 } 143 144 static void iwl_mvm_roc_finished(struct iwl_mvm *mvm) 145 { 146 /* 147 * Of course, our status bit is just as racy as mac80211, so in 148 * addition, fire off the work struct which will drop all frames 149 * from the hardware queues that made it through the race. First 150 * it will of course synchronize the TX path to make sure that 151 * any *new* TX will be rejected. 152 */ 153 schedule_work(&mvm->roc_done_wk); 154 } 155 156 static void iwl_mvm_csa_noa_start(struct iwl_mvm *mvm) 157 { 158 struct ieee80211_vif *csa_vif; 159 160 rcu_read_lock(); 161 162 csa_vif = rcu_dereference(mvm->csa_vif); 163 if (!csa_vif || !csa_vif->bss_conf.csa_active) 164 goto out_unlock; 165 166 IWL_DEBUG_TE(mvm, "CSA NOA started\n"); 167 168 /* 169 * CSA NoA is started but we still have beacons to 170 * transmit on the current channel. 171 * So we just do nothing here and the switch 172 * will be performed on the last TBTT. 173 */ 174 if (!ieee80211_beacon_cntdwn_is_complete(csa_vif, 0)) { 175 IWL_WARN(mvm, "CSA NOA started too early\n"); 176 goto out_unlock; 177 } 178 179 ieee80211_csa_finish(csa_vif, 0); 180 181 rcu_read_unlock(); 182 183 RCU_INIT_POINTER(mvm->csa_vif, NULL); 184 185 return; 186 187 out_unlock: 188 rcu_read_unlock(); 189 } 190 191 static bool iwl_mvm_te_check_disconnect(struct iwl_mvm *mvm, 192 struct ieee80211_vif *vif, 193 const char *errmsg) 194 { 195 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 196 197 if (vif->type != NL80211_IFTYPE_STATION) 198 return false; 199 200 if (!mvmvif->csa_bcn_pending && vif->cfg.assoc && 201 vif->bss_conf.dtim_period) 202 return false; 203 if (errmsg) 204 IWL_ERR(mvm, "%s\n", errmsg); 205 206 if (mvmvif->csa_bcn_pending) { 207 struct iwl_mvm_sta *mvmsta; 208 209 rcu_read_lock(); 210 mvmsta = iwl_mvm_sta_from_staid_rcu(mvm, 211 mvmvif->deflink.ap_sta_id); 212 if (!WARN_ON(!mvmsta)) 213 iwl_mvm_sta_modify_disable_tx(mvm, mvmsta, false); 214 rcu_read_unlock(); 215 } 216 217 if (vif->cfg.assoc) { 218 /* 219 * When not associated, this will be called from 220 * iwl_mvm_event_mlme_callback_ini() 221 */ 222 iwl_dbg_tlv_time_point(&mvm->fwrt, 223 IWL_FW_INI_TIME_POINT_ASSOC_FAILED, 224 NULL); 225 226 mvmvif->session_prot_connection_loss = true; 227 } 228 229 iwl_mvm_connection_loss(mvm, vif, errmsg); 230 return true; 231 } 232 233 static void 234 iwl_mvm_te_handle_notify_csa(struct iwl_mvm *mvm, 235 struct iwl_mvm_time_event_data *te_data, 236 struct iwl_time_event_notif *notif) 237 { 238 struct ieee80211_vif *vif = te_data->vif; 239 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 240 241 if (!notif->status) 242 IWL_DEBUG_TE(mvm, "CSA time event failed to start\n"); 243 244 switch (te_data->vif->type) { 245 case NL80211_IFTYPE_AP: 246 if (!notif->status) 247 mvmvif->csa_failed = true; 248 iwl_mvm_csa_noa_start(mvm); 249 break; 250 case NL80211_IFTYPE_STATION: 251 if (!notif->status) { 252 iwl_mvm_connection_loss(mvm, vif, 253 "CSA TE failed to start"); 254 break; 255 } 256 iwl_mvm_csa_client_absent(mvm, te_data->vif); 257 cancel_delayed_work(&mvmvif->csa_work); 258 ieee80211_chswitch_done(te_data->vif, true, 0); 259 break; 260 default: 261 /* should never happen */ 262 WARN_ON_ONCE(1); 263 break; 264 } 265 266 /* we don't need it anymore */ 267 iwl_mvm_te_clear_data(mvm, te_data); 268 } 269 270 static void iwl_mvm_te_check_trigger(struct iwl_mvm *mvm, 271 struct iwl_time_event_notif *notif, 272 struct iwl_mvm_time_event_data *te_data) 273 { 274 struct iwl_fw_dbg_trigger_tlv *trig; 275 struct iwl_fw_dbg_trigger_time_event *te_trig; 276 int i; 277 278 trig = iwl_fw_dbg_trigger_on(&mvm->fwrt, 279 ieee80211_vif_to_wdev(te_data->vif), 280 FW_DBG_TRIGGER_TIME_EVENT); 281 if (!trig) 282 return; 283 284 te_trig = (void *)trig->data; 285 286 for (i = 0; i < ARRAY_SIZE(te_trig->time_events); i++) { 287 u32 trig_te_id = le32_to_cpu(te_trig->time_events[i].id); 288 u32 trig_action_bitmap = 289 le32_to_cpu(te_trig->time_events[i].action_bitmap); 290 u32 trig_status_bitmap = 291 le32_to_cpu(te_trig->time_events[i].status_bitmap); 292 293 if (trig_te_id != te_data->id || 294 !(trig_action_bitmap & le32_to_cpu(notif->action)) || 295 !(trig_status_bitmap & BIT(le32_to_cpu(notif->status)))) 296 continue; 297 298 iwl_fw_dbg_collect_trig(&mvm->fwrt, trig, 299 "Time event %d Action 0x%x received status: %d", 300 te_data->id, 301 le32_to_cpu(notif->action), 302 le32_to_cpu(notif->status)); 303 break; 304 } 305 } 306 307 /* 308 * Handles a FW notification for an event that is known to the driver. 309 * 310 * @mvm: the mvm component 311 * @te_data: the time event data 312 * @notif: the notification data corresponding the time event data. 313 */ 314 static void iwl_mvm_te_handle_notif(struct iwl_mvm *mvm, 315 struct iwl_mvm_time_event_data *te_data, 316 struct iwl_time_event_notif *notif) 317 { 318 lockdep_assert_held(&mvm->time_event_lock); 319 320 IWL_DEBUG_TE(mvm, "Handle time event notif - UID = 0x%x action %d\n", 321 le32_to_cpu(notif->unique_id), 322 le32_to_cpu(notif->action)); 323 324 iwl_mvm_te_check_trigger(mvm, notif, te_data); 325 326 /* 327 * The FW sends the start/end time event notifications even for events 328 * that it fails to schedule. This is indicated in the status field of 329 * the notification. This happens in cases that the scheduler cannot 330 * find a schedule that can handle the event (for example requesting a 331 * P2P Device discoveribility, while there are other higher priority 332 * events in the system). 333 */ 334 if (!le32_to_cpu(notif->status)) { 335 const char *msg; 336 337 if (notif->action & cpu_to_le32(TE_V2_NOTIF_HOST_EVENT_START)) 338 msg = "Time Event start notification failure"; 339 else 340 msg = "Time Event end notification failure"; 341 342 IWL_DEBUG_TE(mvm, "%s\n", msg); 343 344 if (iwl_mvm_te_check_disconnect(mvm, te_data->vif, msg)) { 345 iwl_mvm_te_clear_data(mvm, te_data); 346 return; 347 } 348 } 349 350 if (le32_to_cpu(notif->action) & TE_V2_NOTIF_HOST_EVENT_END) { 351 IWL_DEBUG_TE(mvm, 352 "TE ended - current time %lu, estimated end %lu\n", 353 jiffies, te_data->end_jiffies); 354 355 switch (te_data->vif->type) { 356 case NL80211_IFTYPE_P2P_DEVICE: 357 ieee80211_remain_on_channel_expired(mvm->hw); 358 iwl_mvm_roc_finished(mvm); 359 break; 360 case NL80211_IFTYPE_STATION: 361 /* 362 * If we are switching channel, don't disconnect 363 * if the time event is already done. Beacons can 364 * be delayed a bit after the switch. 365 */ 366 if (te_data->id == TE_CHANNEL_SWITCH_PERIOD) { 367 IWL_DEBUG_TE(mvm, 368 "No beacon heard and the CS time event is over, don't disconnect\n"); 369 break; 370 } 371 372 /* 373 * By now, we should have finished association 374 * and know the dtim period. 375 */ 376 iwl_mvm_te_check_disconnect(mvm, te_data->vif, 377 !te_data->vif->cfg.assoc ? 378 "Not associated and the time event is over already..." : 379 "No beacon heard and the time event is over already..."); 380 break; 381 default: 382 break; 383 } 384 385 iwl_mvm_te_clear_data(mvm, te_data); 386 } else if (le32_to_cpu(notif->action) & TE_V2_NOTIF_HOST_EVENT_START) { 387 te_data->running = true; 388 te_data->end_jiffies = TU_TO_EXP_TIME(te_data->duration); 389 390 if (te_data->vif->type == NL80211_IFTYPE_P2P_DEVICE) { 391 set_bit(IWL_MVM_STATUS_ROC_P2P_RUNNING, &mvm->status); 392 ieee80211_ready_on_channel(mvm->hw); 393 } else if (te_data->id == TE_CHANNEL_SWITCH_PERIOD) { 394 iwl_mvm_te_handle_notify_csa(mvm, te_data, notif); 395 } 396 } else { 397 IWL_WARN(mvm, "Got TE with unknown action\n"); 398 } 399 } 400 401 struct iwl_mvm_rx_roc_iterator_data { 402 u32 activity; 403 bool end_activity; 404 bool found; 405 }; 406 407 static void iwl_mvm_rx_roc_iterator(void *_data, u8 *mac, 408 struct ieee80211_vif *vif) 409 { 410 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 411 struct iwl_mvm_rx_roc_iterator_data *data = _data; 412 413 if (mvmvif->roc_activity == data->activity) { 414 data->found = true; 415 if (data->end_activity) 416 mvmvif->roc_activity = ROC_NUM_ACTIVITIES; 417 } 418 } 419 420 void iwl_mvm_rx_roc_notif(struct iwl_mvm *mvm, 421 struct iwl_rx_cmd_buffer *rxb) 422 { 423 struct iwl_rx_packet *pkt = rxb_addr(rxb); 424 struct iwl_roc_notif *notif = (void *)pkt->data; 425 u32 activity = le32_to_cpu(notif->activity); 426 bool started = le32_to_cpu(notif->success) && 427 le32_to_cpu(notif->started); 428 struct iwl_mvm_rx_roc_iterator_data data = { 429 .activity = activity, 430 .end_activity = !started, 431 }; 432 433 /* Clear vif roc_activity if done (set to ROC_NUM_ACTIVITIES) */ 434 ieee80211_iterate_active_interfaces_atomic(mvm->hw, 435 IEEE80211_IFACE_ITER_NORMAL, 436 iwl_mvm_rx_roc_iterator, 437 &data); 438 /* 439 * It is possible that the ROC was canceled 440 * but the notification was already fired. 441 */ 442 if (!data.found) 443 return; 444 445 if (started) { 446 set_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status); 447 ieee80211_ready_on_channel(mvm->hw); 448 } else { 449 iwl_mvm_roc_finished(mvm); 450 ieee80211_remain_on_channel_expired(mvm->hw); 451 } 452 } 453 454 /* 455 * Handle A Aux ROC time event 456 */ 457 static int iwl_mvm_aux_roc_te_handle_notif(struct iwl_mvm *mvm, 458 struct iwl_time_event_notif *notif) 459 { 460 struct iwl_mvm_time_event_data *aux_roc_te = NULL, *te_data; 461 462 list_for_each_entry(te_data, &mvm->aux_roc_te_list, list) { 463 if (le32_to_cpu(notif->unique_id) == te_data->uid) { 464 aux_roc_te = te_data; 465 break; 466 } 467 } 468 if (!aux_roc_te) /* Not a Aux ROC time event */ 469 return -EINVAL; 470 471 iwl_mvm_te_check_trigger(mvm, notif, te_data); 472 473 IWL_DEBUG_TE(mvm, 474 "Aux ROC time event notification - UID = 0x%x action %d (error = %d)\n", 475 le32_to_cpu(notif->unique_id), 476 le32_to_cpu(notif->action), le32_to_cpu(notif->status)); 477 478 if (!le32_to_cpu(notif->status) || 479 le32_to_cpu(notif->action) == TE_V2_NOTIF_HOST_EVENT_END) { 480 /* End TE, notify mac80211 */ 481 ieee80211_remain_on_channel_expired(mvm->hw); 482 iwl_mvm_roc_finished(mvm); /* flush aux queue */ 483 list_del(&te_data->list); /* remove from list */ 484 te_data->running = false; 485 te_data->vif = NULL; 486 te_data->uid = 0; 487 te_data->id = TE_MAX; 488 } else if (le32_to_cpu(notif->action) == TE_V2_NOTIF_HOST_EVENT_START) { 489 set_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status); 490 te_data->running = true; 491 ieee80211_ready_on_channel(mvm->hw); /* Start TE */ 492 } else { 493 IWL_DEBUG_TE(mvm, 494 "ERROR: Unknown Aux ROC Time Event (action = %d)\n", 495 le32_to_cpu(notif->action)); 496 return -EINVAL; 497 } 498 499 return 0; 500 } 501 502 /* 503 * The Rx handler for time event notifications 504 */ 505 void iwl_mvm_rx_time_event_notif(struct iwl_mvm *mvm, 506 struct iwl_rx_cmd_buffer *rxb) 507 { 508 struct iwl_rx_packet *pkt = rxb_addr(rxb); 509 struct iwl_time_event_notif *notif = (void *)pkt->data; 510 struct iwl_mvm_time_event_data *te_data, *tmp; 511 512 IWL_DEBUG_TE(mvm, "Time event notification - UID = 0x%x action %d\n", 513 le32_to_cpu(notif->unique_id), 514 le32_to_cpu(notif->action)); 515 516 spin_lock_bh(&mvm->time_event_lock); 517 /* This time event is triggered for Aux ROC request */ 518 if (!iwl_mvm_aux_roc_te_handle_notif(mvm, notif)) 519 goto unlock; 520 521 list_for_each_entry_safe(te_data, tmp, &mvm->time_event_list, list) { 522 if (le32_to_cpu(notif->unique_id) == te_data->uid) 523 iwl_mvm_te_handle_notif(mvm, te_data, notif); 524 } 525 unlock: 526 spin_unlock_bh(&mvm->time_event_lock); 527 } 528 529 static bool iwl_mvm_te_notif(struct iwl_notif_wait_data *notif_wait, 530 struct iwl_rx_packet *pkt, void *data) 531 { 532 struct iwl_mvm *mvm = 533 container_of(notif_wait, struct iwl_mvm, notif_wait); 534 struct iwl_mvm_time_event_data *te_data = data; 535 struct iwl_time_event_notif *resp; 536 int resp_len = iwl_rx_packet_payload_len(pkt); 537 538 if (WARN_ON(pkt->hdr.cmd != TIME_EVENT_NOTIFICATION)) 539 return true; 540 541 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) { 542 IWL_ERR(mvm, "Invalid TIME_EVENT_NOTIFICATION response\n"); 543 return true; 544 } 545 546 resp = (void *)pkt->data; 547 548 /* te_data->uid is already set in the TIME_EVENT_CMD response */ 549 if (le32_to_cpu(resp->unique_id) != te_data->uid) 550 return false; 551 552 IWL_DEBUG_TE(mvm, "TIME_EVENT_NOTIFICATION response - UID = 0x%x\n", 553 te_data->uid); 554 if (!resp->status) 555 IWL_ERR(mvm, 556 "TIME_EVENT_NOTIFICATION received but not executed\n"); 557 558 return true; 559 } 560 561 static bool iwl_mvm_time_event_response(struct iwl_notif_wait_data *notif_wait, 562 struct iwl_rx_packet *pkt, void *data) 563 { 564 struct iwl_mvm *mvm = 565 container_of(notif_wait, struct iwl_mvm, notif_wait); 566 struct iwl_mvm_time_event_data *te_data = data; 567 struct iwl_time_event_resp *resp; 568 int resp_len = iwl_rx_packet_payload_len(pkt); 569 570 if (WARN_ON(pkt->hdr.cmd != TIME_EVENT_CMD)) 571 return true; 572 573 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) { 574 IWL_ERR(mvm, "Invalid TIME_EVENT_CMD response\n"); 575 return true; 576 } 577 578 resp = (void *)pkt->data; 579 580 /* we should never get a response to another TIME_EVENT_CMD here */ 581 if (WARN_ON_ONCE(le32_to_cpu(resp->id) != te_data->id)) 582 return false; 583 584 te_data->uid = le32_to_cpu(resp->unique_id); 585 IWL_DEBUG_TE(mvm, "TIME_EVENT_CMD response - UID = 0x%x\n", 586 te_data->uid); 587 return true; 588 } 589 590 static int iwl_mvm_time_event_send_add(struct iwl_mvm *mvm, 591 struct ieee80211_vif *vif, 592 struct iwl_mvm_time_event_data *te_data, 593 struct iwl_time_event_cmd *te_cmd) 594 { 595 static const u16 time_event_response[] = { TIME_EVENT_CMD }; 596 struct iwl_notification_wait wait_time_event; 597 int ret; 598 599 lockdep_assert_held(&mvm->mutex); 600 601 IWL_DEBUG_TE(mvm, "Add new TE, duration %d TU\n", 602 le32_to_cpu(te_cmd->duration)); 603 604 spin_lock_bh(&mvm->time_event_lock); 605 if (WARN_ON(te_data->id != TE_MAX)) { 606 spin_unlock_bh(&mvm->time_event_lock); 607 return -EIO; 608 } 609 te_data->vif = vif; 610 te_data->duration = le32_to_cpu(te_cmd->duration); 611 te_data->id = le32_to_cpu(te_cmd->id); 612 list_add_tail(&te_data->list, &mvm->time_event_list); 613 spin_unlock_bh(&mvm->time_event_lock); 614 615 /* 616 * Use a notification wait, which really just processes the 617 * command response and doesn't wait for anything, in order 618 * to be able to process the response and get the UID inside 619 * the RX path. Using CMD_WANT_SKB doesn't work because it 620 * stores the buffer and then wakes up this thread, by which 621 * time another notification (that the time event started) 622 * might already be processed unsuccessfully. 623 */ 624 iwl_init_notification_wait(&mvm->notif_wait, &wait_time_event, 625 time_event_response, 626 ARRAY_SIZE(time_event_response), 627 iwl_mvm_time_event_response, te_data); 628 629 ret = iwl_mvm_send_cmd_pdu(mvm, TIME_EVENT_CMD, 0, 630 sizeof(*te_cmd), te_cmd); 631 if (ret) { 632 IWL_ERR(mvm, "Couldn't send TIME_EVENT_CMD: %d\n", ret); 633 iwl_remove_notification(&mvm->notif_wait, &wait_time_event); 634 goto out_clear_te; 635 } 636 637 /* No need to wait for anything, so just pass 1 (0 isn't valid) */ 638 ret = iwl_wait_notification(&mvm->notif_wait, &wait_time_event, 1); 639 /* should never fail */ 640 WARN_ON_ONCE(ret); 641 642 if (ret) { 643 out_clear_te: 644 spin_lock_bh(&mvm->time_event_lock); 645 iwl_mvm_te_clear_data(mvm, te_data); 646 spin_unlock_bh(&mvm->time_event_lock); 647 } 648 return ret; 649 } 650 651 void iwl_mvm_protect_session(struct iwl_mvm *mvm, 652 struct ieee80211_vif *vif, 653 u32 duration, u32 min_duration, 654 u32 max_delay, bool wait_for_notif) 655 { 656 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 657 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 658 const u16 te_notif_response[] = { TIME_EVENT_NOTIFICATION }; 659 struct iwl_notification_wait wait_te_notif; 660 struct iwl_time_event_cmd time_cmd = {}; 661 662 lockdep_assert_held(&mvm->mutex); 663 664 if (te_data->running && 665 time_after(te_data->end_jiffies, TU_TO_EXP_TIME(min_duration))) { 666 IWL_DEBUG_TE(mvm, "We have enough time in the current TE: %u\n", 667 jiffies_to_msecs(te_data->end_jiffies - jiffies)); 668 return; 669 } 670 671 if (te_data->running) { 672 IWL_DEBUG_TE(mvm, "extend 0x%x: only %u ms left\n", 673 te_data->uid, 674 jiffies_to_msecs(te_data->end_jiffies - jiffies)); 675 /* 676 * we don't have enough time 677 * cancel the current TE and issue a new one 678 * Of course it would be better to remove the old one only 679 * when the new one is added, but we don't care if we are off 680 * channel for a bit. All we need to do, is not to return 681 * before we actually begin to be on the channel. 682 */ 683 iwl_mvm_stop_session_protection(mvm, vif); 684 } 685 686 time_cmd.action = cpu_to_le32(FW_CTXT_ACTION_ADD); 687 time_cmd.id_and_color = 688 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 689 time_cmd.id = cpu_to_le32(TE_BSS_STA_AGGRESSIVE_ASSOC); 690 691 time_cmd.apply_time = cpu_to_le32(0); 692 693 time_cmd.max_frags = TE_V2_FRAG_NONE; 694 time_cmd.max_delay = cpu_to_le32(max_delay); 695 /* TODO: why do we need to interval = bi if it is not periodic? */ 696 time_cmd.interval = cpu_to_le32(1); 697 time_cmd.duration = cpu_to_le32(duration); 698 time_cmd.repeat = 1; 699 time_cmd.policy = cpu_to_le16(TE_V2_NOTIF_HOST_EVENT_START | 700 TE_V2_NOTIF_HOST_EVENT_END | 701 TE_V2_START_IMMEDIATELY); 702 703 if (!wait_for_notif) { 704 iwl_mvm_time_event_send_add(mvm, vif, te_data, &time_cmd); 705 return; 706 } 707 708 /* 709 * Create notification_wait for the TIME_EVENT_NOTIFICATION to use 710 * right after we send the time event 711 */ 712 iwl_init_notification_wait(&mvm->notif_wait, &wait_te_notif, 713 te_notif_response, 714 ARRAY_SIZE(te_notif_response), 715 iwl_mvm_te_notif, te_data); 716 717 /* If TE was sent OK - wait for the notification that started */ 718 if (iwl_mvm_time_event_send_add(mvm, vif, te_data, &time_cmd)) { 719 IWL_ERR(mvm, "Failed to add TE to protect session\n"); 720 iwl_remove_notification(&mvm->notif_wait, &wait_te_notif); 721 } else if (iwl_wait_notification(&mvm->notif_wait, &wait_te_notif, 722 TU_TO_JIFFIES(max_delay))) { 723 IWL_ERR(mvm, "Failed to protect session until TE\n"); 724 } 725 } 726 727 /* Determine whether mac or link id should be used, and validate the link id */ 728 static int iwl_mvm_get_session_prot_id(struct iwl_mvm *mvm, 729 struct ieee80211_vif *vif, 730 s8 link_id) 731 { 732 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 733 int ver = iwl_fw_lookup_cmd_ver(mvm->fw, 734 WIDE_ID(MAC_CONF_GROUP, 735 SESSION_PROTECTION_CMD), 1); 736 737 if (ver < 2) 738 return mvmvif->id; 739 740 if (WARN(link_id < 0 || !mvmvif->link[link_id], 741 "Invalid link ID for session protection: %u\n", link_id)) 742 return -EINVAL; 743 744 if (WARN(!mvmvif->link[link_id]->active, 745 "Session Protection on an inactive link: %u\n", link_id)) 746 return -EINVAL; 747 748 return mvmvif->link[link_id]->fw_link_id; 749 } 750 751 static void iwl_mvm_cancel_session_protection(struct iwl_mvm *mvm, 752 struct ieee80211_vif *vif, 753 u32 id, s8 link_id) 754 { 755 int mac_link_id = iwl_mvm_get_session_prot_id(mvm, vif, link_id); 756 struct iwl_mvm_session_prot_cmd cmd = { 757 .id_and_color = cpu_to_le32(mac_link_id), 758 .action = cpu_to_le32(FW_CTXT_ACTION_REMOVE), 759 .conf_id = cpu_to_le32(id), 760 }; 761 int ret; 762 763 if (mac_link_id < 0) 764 return; 765 766 ret = iwl_mvm_send_cmd_pdu(mvm, 767 WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_CMD), 768 0, sizeof(cmd), &cmd); 769 if (ret) 770 IWL_ERR(mvm, 771 "Couldn't send the SESSION_PROTECTION_CMD: %d\n", ret); 772 } 773 774 static void iwl_mvm_roc_rm_cmd(struct iwl_mvm *mvm, u32 activity) 775 { 776 struct iwl_roc_req roc_cmd = { 777 .action = cpu_to_le32(FW_CTXT_ACTION_REMOVE), 778 .activity = cpu_to_le32(activity), 779 }; 780 int ret; 781 782 lockdep_assert_held(&mvm->mutex); 783 ret = iwl_mvm_send_cmd_pdu(mvm, WIDE_ID(MAC_CONF_GROUP, ROC_CMD), 0, 784 sizeof(roc_cmd), &roc_cmd); 785 if (ret) 786 IWL_ERR(mvm, "Couldn't send the ROC_CMD: %d\n", ret); 787 } 788 789 static bool __iwl_mvm_remove_time_event(struct iwl_mvm *mvm, 790 struct iwl_mvm_time_event_data *te_data, 791 u32 *uid) 792 { 793 u32 id; 794 struct ieee80211_vif *vif = te_data->vif; 795 struct iwl_mvm_vif *mvmvif; 796 enum nl80211_iftype iftype; 797 s8 link_id; 798 bool p2p_aux = iwl_mvm_has_p2p_over_aux(mvm); 799 u8 roc_ver = iwl_fw_lookup_cmd_ver(mvm->fw, 800 WIDE_ID(MAC_CONF_GROUP, ROC_CMD), 0); 801 802 if (!vif) 803 return false; 804 805 mvmvif = iwl_mvm_vif_from_mac80211(te_data->vif); 806 iftype = te_data->vif->type; 807 808 /* 809 * It is possible that by the time we got to this point the time 810 * event was already removed. 811 */ 812 spin_lock_bh(&mvm->time_event_lock); 813 814 /* Save time event uid before clearing its data */ 815 *uid = te_data->uid; 816 id = te_data->id; 817 link_id = te_data->link_id; 818 819 /* 820 * The clear_data function handles time events that were already removed 821 */ 822 iwl_mvm_te_clear_data(mvm, te_data); 823 spin_unlock_bh(&mvm->time_event_lock); 824 825 if ((p2p_aux && iftype == NL80211_IFTYPE_P2P_DEVICE) || 826 (roc_ver >= 3 && mvmvif->roc_activity == ROC_ACTIVITY_HOTSPOT)) { 827 if (mvmvif->roc_activity < ROC_NUM_ACTIVITIES) { 828 iwl_mvm_roc_rm_cmd(mvm, mvmvif->roc_activity); 829 mvmvif->roc_activity = ROC_NUM_ACTIVITIES; 830 iwl_mvm_roc_finished(mvm); 831 } 832 return false; 833 } else if (fw_has_capa(&mvm->fw->ucode_capa, 834 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD) && 835 id != HOT_SPOT_CMD) { 836 /* When session protection is used, the te_data->id field 837 * is reused to save session protection's configuration. 838 * For AUX ROC, HOT_SPOT_CMD is used and the te_data->id 839 * field is set to HOT_SPOT_CMD. 840 */ 841 if (mvmvif && id < SESSION_PROTECT_CONF_MAX_ID) { 842 /* Session protection is still ongoing. Cancel it */ 843 iwl_mvm_cancel_session_protection(mvm, vif, id, 844 link_id); 845 if (iftype == NL80211_IFTYPE_P2P_DEVICE) { 846 iwl_mvm_roc_finished(mvm); 847 } 848 } 849 return false; 850 } else { 851 /* It is possible that by the time we try to remove it, the 852 * time event has already ended and removed. In such a case 853 * there is no need to send a removal command. 854 */ 855 if (id == TE_MAX) { 856 IWL_DEBUG_TE(mvm, "TE 0x%x has already ended\n", *uid); 857 return false; 858 } 859 } 860 861 return true; 862 } 863 864 /* 865 * Explicit request to remove a aux roc time event. The removal of a time 866 * event needs to be synchronized with the flow of a time event's end 867 * notification, which also removes the time event from the op mode 868 * data structures. 869 */ 870 static void iwl_mvm_remove_aux_roc_te(struct iwl_mvm *mvm, 871 struct iwl_mvm_vif *mvmvif, 872 struct iwl_mvm_time_event_data *te_data) 873 { 874 struct iwl_hs20_roc_req aux_cmd = {}; 875 u16 len = sizeof(aux_cmd) - iwl_mvm_chan_info_padding(mvm); 876 877 u32 uid; 878 int ret; 879 880 if (!__iwl_mvm_remove_time_event(mvm, te_data, &uid)) 881 return; 882 883 aux_cmd.event_unique_id = cpu_to_le32(uid); 884 aux_cmd.action = cpu_to_le32(FW_CTXT_ACTION_REMOVE); 885 aux_cmd.id_and_color = 886 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 887 IWL_DEBUG_TE(mvm, "Removing BSS AUX ROC TE 0x%x\n", 888 le32_to_cpu(aux_cmd.event_unique_id)); 889 ret = iwl_mvm_send_cmd_pdu(mvm, HOT_SPOT_CMD, 0, 890 len, &aux_cmd); 891 892 if (WARN_ON(ret)) 893 return; 894 } 895 896 /* 897 * Explicit request to remove a time event. The removal of a time event needs to 898 * be synchronized with the flow of a time event's end notification, which also 899 * removes the time event from the op mode data structures. 900 */ 901 void iwl_mvm_remove_time_event(struct iwl_mvm *mvm, 902 struct iwl_mvm_vif *mvmvif, 903 struct iwl_mvm_time_event_data *te_data) 904 { 905 struct iwl_time_event_cmd time_cmd = {}; 906 u32 uid; 907 int ret; 908 909 if (!__iwl_mvm_remove_time_event(mvm, te_data, &uid)) 910 return; 911 912 /* When we remove a TE, the UID is to be set in the id field */ 913 time_cmd.id = cpu_to_le32(uid); 914 time_cmd.action = cpu_to_le32(FW_CTXT_ACTION_REMOVE); 915 time_cmd.id_and_color = 916 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 917 918 IWL_DEBUG_TE(mvm, "Removing TE 0x%x\n", le32_to_cpu(time_cmd.id)); 919 ret = iwl_mvm_send_cmd_pdu(mvm, TIME_EVENT_CMD, 0, 920 sizeof(time_cmd), &time_cmd); 921 if (ret) 922 IWL_ERR(mvm, "Couldn't remove the time event\n"); 923 } 924 925 void iwl_mvm_stop_session_protection(struct iwl_mvm *mvm, 926 struct ieee80211_vif *vif) 927 { 928 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 929 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 930 u32 id; 931 932 lockdep_assert_held(&mvm->mutex); 933 934 spin_lock_bh(&mvm->time_event_lock); 935 id = te_data->id; 936 spin_unlock_bh(&mvm->time_event_lock); 937 938 if (fw_has_capa(&mvm->fw->ucode_capa, 939 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) { 940 if (id != SESSION_PROTECT_CONF_ASSOC) { 941 IWL_DEBUG_TE(mvm, 942 "don't remove session protection id=%u\n", 943 id); 944 return; 945 } 946 } else if (id != TE_BSS_STA_AGGRESSIVE_ASSOC) { 947 IWL_DEBUG_TE(mvm, 948 "don't remove TE with id=%u (not session protection)\n", 949 id); 950 return; 951 } 952 953 iwl_mvm_remove_time_event(mvm, mvmvif, te_data); 954 } 955 956 void iwl_mvm_rx_session_protect_notif(struct iwl_mvm *mvm, 957 struct iwl_rx_cmd_buffer *rxb) 958 { 959 struct iwl_rx_packet *pkt = rxb_addr(rxb); 960 struct iwl_mvm_session_prot_notif *notif = (void *)pkt->data; 961 unsigned int ver = 962 iwl_fw_lookup_notif_ver(mvm->fw, MAC_CONF_GROUP, 963 SESSION_PROTECTION_NOTIF, 2); 964 int id = le32_to_cpu(notif->mac_link_id); 965 struct ieee80211_vif *vif; 966 struct iwl_mvm_vif *mvmvif; 967 unsigned int notif_link_id; 968 969 rcu_read_lock(); 970 971 if (ver <= 2) { 972 vif = iwl_mvm_rcu_dereference_vif_id(mvm, id, true); 973 } else { 974 struct ieee80211_bss_conf *link_conf = 975 iwl_mvm_rcu_fw_link_id_to_link_conf(mvm, id, true); 976 977 if (!link_conf) 978 goto out_unlock; 979 980 notif_link_id = link_conf->link_id; 981 vif = link_conf->vif; 982 } 983 984 if (!vif) 985 goto out_unlock; 986 987 mvmvif = iwl_mvm_vif_from_mac80211(vif); 988 989 if (WARN(ver > 2 && mvmvif->time_event_data.link_id >= 0 && 990 mvmvif->time_event_data.link_id != notif_link_id, 991 "SESSION_PROTECTION_NOTIF was received for link %u, while the current time event is on link %u\n", 992 notif_link_id, mvmvif->time_event_data.link_id)) 993 goto out_unlock; 994 995 /* The vif is not a P2P_DEVICE, maintain its time_event_data */ 996 if (vif->type != NL80211_IFTYPE_P2P_DEVICE) { 997 struct iwl_mvm_time_event_data *te_data = 998 &mvmvif->time_event_data; 999 1000 if (!le32_to_cpu(notif->status)) { 1001 iwl_mvm_te_check_disconnect(mvm, vif, 1002 "Session protection failure"); 1003 spin_lock_bh(&mvm->time_event_lock); 1004 iwl_mvm_te_clear_data(mvm, te_data); 1005 spin_unlock_bh(&mvm->time_event_lock); 1006 } 1007 1008 if (le32_to_cpu(notif->start)) { 1009 spin_lock_bh(&mvm->time_event_lock); 1010 te_data->running = le32_to_cpu(notif->start); 1011 te_data->end_jiffies = 1012 TU_TO_EXP_TIME(te_data->duration); 1013 spin_unlock_bh(&mvm->time_event_lock); 1014 } else { 1015 /* 1016 * By now, we should have finished association 1017 * and know the dtim period. 1018 */ 1019 iwl_mvm_te_check_disconnect(mvm, vif, 1020 !vif->cfg.assoc ? 1021 "Not associated and the session protection is over already..." : 1022 "No beacon heard and the session protection is over already..."); 1023 spin_lock_bh(&mvm->time_event_lock); 1024 iwl_mvm_te_clear_data(mvm, te_data); 1025 spin_unlock_bh(&mvm->time_event_lock); 1026 } 1027 1028 goto out_unlock; 1029 } 1030 1031 if (!le32_to_cpu(notif->status) || !le32_to_cpu(notif->start)) { 1032 /* End TE, notify mac80211 */ 1033 mvmvif->time_event_data.id = SESSION_PROTECT_CONF_MAX_ID; 1034 mvmvif->time_event_data.link_id = -1; 1035 iwl_mvm_roc_finished(mvm); 1036 ieee80211_remain_on_channel_expired(mvm->hw); 1037 } else if (le32_to_cpu(notif->start)) { 1038 if (WARN_ON(mvmvif->time_event_data.id != 1039 le32_to_cpu(notif->conf_id))) 1040 goto out_unlock; 1041 set_bit(IWL_MVM_STATUS_ROC_P2P_RUNNING, &mvm->status); 1042 ieee80211_ready_on_channel(mvm->hw); /* Start TE */ 1043 } 1044 1045 out_unlock: 1046 rcu_read_unlock(); 1047 } 1048 1049 #define AUX_ROC_MIN_DURATION MSEC_TO_TU(100) 1050 #define AUX_ROC_MIN_DELAY MSEC_TO_TU(200) 1051 #define AUX_ROC_MAX_DELAY MSEC_TO_TU(600) 1052 #define AUX_ROC_SAFETY_BUFFER MSEC_TO_TU(20) 1053 #define AUX_ROC_MIN_SAFETY_BUFFER MSEC_TO_TU(10) 1054 1055 void iwl_mvm_roc_duration_and_delay(struct ieee80211_vif *vif, 1056 u32 duration_ms, 1057 u32 *duration_tu, 1058 u32 *delay) 1059 { 1060 struct ieee80211_bss_conf *link_conf; 1061 unsigned int link_id; 1062 u32 dtim_interval = 0; 1063 1064 *delay = AUX_ROC_MIN_DELAY; 1065 *duration_tu = MSEC_TO_TU(duration_ms); 1066 1067 rcu_read_lock(); 1068 for_each_vif_active_link(vif, link_conf, link_id) { 1069 dtim_interval = 1070 max_t(u32, dtim_interval, 1071 link_conf->dtim_period * link_conf->beacon_int); 1072 } 1073 rcu_read_unlock(); 1074 1075 /* 1076 * If we are associated we want the delay time to be at least one 1077 * dtim interval so that the FW can wait until after the DTIM and 1078 * then start the time event, this will potentially allow us to 1079 * remain off-channel for the max duration. 1080 * Since we want to use almost a whole dtim interval we would also 1081 * like the delay to be for 2-3 dtim intervals, in case there are 1082 * other time events with higher priority. 1083 * dtim_interval should never be 0, it can be 1 if we don't know it 1084 * (we haven't heard any beacon yet). 1085 */ 1086 if (vif->cfg.assoc && !WARN_ON(!dtim_interval)) { 1087 *delay = min_t(u32, dtim_interval * 3, AUX_ROC_MAX_DELAY); 1088 /* We cannot remain off-channel longer than the DTIM interval */ 1089 if (dtim_interval <= *duration_tu) { 1090 *duration_tu = dtim_interval - AUX_ROC_SAFETY_BUFFER; 1091 if (*duration_tu <= AUX_ROC_MIN_DURATION) 1092 *duration_tu = dtim_interval - 1093 AUX_ROC_MIN_SAFETY_BUFFER; 1094 } 1095 } 1096 } 1097 1098 int iwl_mvm_roc_add_cmd(struct iwl_mvm *mvm, 1099 struct ieee80211_channel *channel, 1100 struct ieee80211_vif *vif, 1101 int duration, enum iwl_roc_activity activity) 1102 { 1103 int res; 1104 u32 duration_tu, delay; 1105 struct iwl_roc_req roc_req = { 1106 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 1107 .activity = cpu_to_le32(activity), 1108 .sta_id = cpu_to_le32(mvm->aux_sta.sta_id), 1109 }; 1110 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1111 1112 lockdep_assert_held(&mvm->mutex); 1113 1114 if (WARN_ON(mvmvif->roc_activity != ROC_NUM_ACTIVITIES)) 1115 return -EBUSY; 1116 1117 /* Set the channel info data */ 1118 iwl_mvm_set_chan_info(mvm, &roc_req.channel_info, 1119 channel->hw_value, 1120 iwl_mvm_phy_band_from_nl80211(channel->band), 1121 IWL_PHY_CHANNEL_MODE20, 0); 1122 1123 iwl_mvm_roc_duration_and_delay(vif, duration, &duration_tu, 1124 &delay); 1125 roc_req.duration = cpu_to_le32(duration_tu); 1126 roc_req.max_delay = cpu_to_le32(delay); 1127 1128 IWL_DEBUG_TE(mvm, 1129 "\t(requested = %ums, max_delay = %ums)\n", 1130 duration, delay); 1131 IWL_DEBUG_TE(mvm, 1132 "Requesting to remain on channel %u for %utu. activity %u\n", 1133 channel->hw_value, duration_tu, activity); 1134 1135 /* Set the node address */ 1136 memcpy(roc_req.node_addr, vif->addr, ETH_ALEN); 1137 1138 res = iwl_mvm_send_cmd_pdu(mvm, WIDE_ID(MAC_CONF_GROUP, ROC_CMD), 1139 0, sizeof(roc_req), &roc_req); 1140 if (!res) 1141 mvmvif->roc_activity = activity; 1142 1143 return res; 1144 } 1145 1146 static int 1147 iwl_mvm_start_p2p_roc_session_protection(struct iwl_mvm *mvm, 1148 struct ieee80211_vif *vif, 1149 int duration, 1150 enum ieee80211_roc_type type) 1151 { 1152 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1153 struct iwl_mvm_session_prot_cmd cmd = { 1154 .id_and_color = 1155 cpu_to_le32(iwl_mvm_get_session_prot_id(mvm, vif, 0)), 1156 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 1157 .duration_tu = cpu_to_le32(MSEC_TO_TU(duration)), 1158 }; 1159 1160 lockdep_assert_held(&mvm->mutex); 1161 1162 /* The time_event_data.id field is reused to save session 1163 * protection's configuration. 1164 */ 1165 1166 mvmvif->time_event_data.link_id = 0; 1167 1168 switch (type) { 1169 case IEEE80211_ROC_TYPE_NORMAL: 1170 mvmvif->time_event_data.id = 1171 SESSION_PROTECT_CONF_P2P_DEVICE_DISCOV; 1172 break; 1173 case IEEE80211_ROC_TYPE_MGMT_TX: 1174 mvmvif->time_event_data.id = 1175 SESSION_PROTECT_CONF_P2P_GO_NEGOTIATION; 1176 break; 1177 default: 1178 WARN_ONCE(1, "Got an invalid ROC type\n"); 1179 return -EINVAL; 1180 } 1181 1182 cmd.conf_id = cpu_to_le32(mvmvif->time_event_data.id); 1183 return iwl_mvm_send_cmd_pdu(mvm, 1184 WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_CMD), 1185 0, sizeof(cmd), &cmd); 1186 } 1187 1188 int iwl_mvm_start_p2p_roc(struct iwl_mvm *mvm, struct ieee80211_vif *vif, 1189 int duration, enum ieee80211_roc_type type) 1190 { 1191 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1192 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 1193 struct iwl_time_event_cmd time_cmd = {}; 1194 1195 lockdep_assert_held(&mvm->mutex); 1196 if (te_data->running) { 1197 IWL_WARN(mvm, "P2P_DEVICE remain on channel already running\n"); 1198 return -EBUSY; 1199 } 1200 1201 if (fw_has_capa(&mvm->fw->ucode_capa, 1202 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) 1203 return iwl_mvm_start_p2p_roc_session_protection(mvm, vif, 1204 duration, 1205 type); 1206 1207 time_cmd.action = cpu_to_le32(FW_CTXT_ACTION_ADD); 1208 time_cmd.id_and_color = 1209 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 1210 1211 switch (type) { 1212 case IEEE80211_ROC_TYPE_NORMAL: 1213 time_cmd.id = cpu_to_le32(IWL_MVM_ROC_TE_TYPE_NORMAL); 1214 break; 1215 case IEEE80211_ROC_TYPE_MGMT_TX: 1216 time_cmd.id = cpu_to_le32(IWL_MVM_ROC_TE_TYPE_MGMT_TX); 1217 break; 1218 default: 1219 WARN_ONCE(1, "Got an invalid ROC type\n"); 1220 return -EINVAL; 1221 } 1222 1223 time_cmd.apply_time = cpu_to_le32(0); 1224 time_cmd.interval = cpu_to_le32(1); 1225 1226 /* 1227 * The P2P Device TEs can have lower priority than other events 1228 * that are being scheduled by the driver/fw, and thus it might not be 1229 * scheduled. To improve the chances of it being scheduled, allow them 1230 * to be fragmented, and in addition allow them to be delayed. 1231 */ 1232 time_cmd.max_frags = min(MSEC_TO_TU(duration)/50, TE_V2_FRAG_ENDLESS); 1233 time_cmd.max_delay = cpu_to_le32(MSEC_TO_TU(duration/2)); 1234 time_cmd.duration = cpu_to_le32(MSEC_TO_TU(duration)); 1235 time_cmd.repeat = 1; 1236 time_cmd.policy = cpu_to_le16(TE_V2_NOTIF_HOST_EVENT_START | 1237 TE_V2_NOTIF_HOST_EVENT_END | 1238 TE_V2_START_IMMEDIATELY); 1239 1240 return iwl_mvm_time_event_send_add(mvm, vif, te_data, &time_cmd); 1241 } 1242 1243 static struct iwl_mvm_time_event_data *iwl_mvm_get_roc_te(struct iwl_mvm *mvm) 1244 { 1245 struct iwl_mvm_time_event_data *te_data; 1246 1247 lockdep_assert_held(&mvm->mutex); 1248 1249 spin_lock_bh(&mvm->time_event_lock); 1250 1251 /* 1252 * Iterate over the list of time events and find the time event that is 1253 * associated with a P2P_DEVICE interface. 1254 * This assumes that a P2P_DEVICE interface can have only a single time 1255 * event at any given time and this time event coresponds to a ROC 1256 * request 1257 */ 1258 list_for_each_entry(te_data, &mvm->time_event_list, list) { 1259 if (te_data->vif->type == NL80211_IFTYPE_P2P_DEVICE) 1260 goto out; 1261 } 1262 1263 /* There can only be at most one AUX ROC time event, we just use the 1264 * list to simplify/unify code. Remove it if it exists. 1265 */ 1266 te_data = list_first_entry_or_null(&mvm->aux_roc_te_list, 1267 struct iwl_mvm_time_event_data, 1268 list); 1269 out: 1270 spin_unlock_bh(&mvm->time_event_lock); 1271 return te_data; 1272 } 1273 1274 void iwl_mvm_cleanup_roc_te(struct iwl_mvm *mvm) 1275 { 1276 struct iwl_mvm_time_event_data *te_data; 1277 u32 uid; 1278 1279 te_data = iwl_mvm_get_roc_te(mvm); 1280 if (te_data) 1281 __iwl_mvm_remove_time_event(mvm, te_data, &uid); 1282 } 1283 1284 void iwl_mvm_stop_roc(struct iwl_mvm *mvm, struct ieee80211_vif *vif) 1285 { 1286 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1287 struct iwl_mvm_time_event_data *te_data; 1288 bool p2p_aux = iwl_mvm_has_p2p_over_aux(mvm); 1289 u8 roc_ver = iwl_fw_lookup_cmd_ver(mvm->fw, 1290 WIDE_ID(MAC_CONF_GROUP, ROC_CMD), 0); 1291 int iftype = vif->type; 1292 1293 mutex_lock(&mvm->mutex); 1294 1295 if (p2p_aux || (roc_ver >= 3 && iftype != NL80211_IFTYPE_P2P_DEVICE)) { 1296 if (mvmvif->roc_activity < ROC_NUM_ACTIVITIES) { 1297 iwl_mvm_roc_rm_cmd(mvm, mvmvif->roc_activity); 1298 mvmvif->roc_activity = ROC_NUM_ACTIVITIES; 1299 } 1300 goto cleanup_roc; 1301 } else if (fw_has_capa(&mvm->fw->ucode_capa, 1302 IWL_UCODE_TLV_CAPA_SESSION_PROT_CMD)) { 1303 te_data = &mvmvif->time_event_data; 1304 1305 if (iftype == NL80211_IFTYPE_P2P_DEVICE) { 1306 if (te_data->id >= SESSION_PROTECT_CONF_MAX_ID) { 1307 IWL_DEBUG_TE(mvm, 1308 "No remain on channel event\n"); 1309 mutex_unlock(&mvm->mutex); 1310 return; 1311 } 1312 iwl_mvm_cancel_session_protection(mvm, vif, 1313 te_data->id, 1314 te_data->link_id); 1315 } else { 1316 iwl_mvm_remove_aux_roc_te(mvm, mvmvif, 1317 &mvmvif->hs_time_event_data); 1318 } 1319 goto cleanup_roc; 1320 } 1321 1322 te_data = iwl_mvm_get_roc_te(mvm); 1323 if (!te_data) { 1324 IWL_WARN(mvm, "No remain on channel event\n"); 1325 mutex_unlock(&mvm->mutex); 1326 return; 1327 } 1328 1329 mvmvif = iwl_mvm_vif_from_mac80211(te_data->vif); 1330 iftype = te_data->vif->type; 1331 if (iftype == NL80211_IFTYPE_P2P_DEVICE) 1332 iwl_mvm_remove_time_event(mvm, mvmvif, te_data); 1333 else 1334 iwl_mvm_remove_aux_roc_te(mvm, mvmvif, te_data); 1335 1336 cleanup_roc: 1337 /* 1338 * In case we get here before the ROC event started, 1339 * (so the status bit isn't set) set it here so iwl_mvm_cleanup_roc will 1340 * cleanup things properly 1341 */ 1342 if (p2p_aux || iftype != NL80211_IFTYPE_P2P_DEVICE) 1343 set_bit(IWL_MVM_STATUS_ROC_AUX_RUNNING, &mvm->status); 1344 else 1345 set_bit(IWL_MVM_STATUS_ROC_P2P_RUNNING, &mvm->status); 1346 1347 /* Mutex is released inside this function */ 1348 iwl_mvm_cleanup_roc(mvm); 1349 } 1350 1351 void iwl_mvm_remove_csa_period(struct iwl_mvm *mvm, 1352 struct ieee80211_vif *vif) 1353 { 1354 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1355 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 1356 u32 id; 1357 1358 lockdep_assert_held(&mvm->mutex); 1359 1360 spin_lock_bh(&mvm->time_event_lock); 1361 id = te_data->id; 1362 spin_unlock_bh(&mvm->time_event_lock); 1363 1364 if (id != TE_CHANNEL_SWITCH_PERIOD) 1365 return; 1366 1367 iwl_mvm_remove_time_event(mvm, mvmvif, te_data); 1368 } 1369 1370 int iwl_mvm_schedule_csa_period(struct iwl_mvm *mvm, 1371 struct ieee80211_vif *vif, 1372 u32 duration, u32 apply_time) 1373 { 1374 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1375 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 1376 struct iwl_time_event_cmd time_cmd = {}; 1377 1378 lockdep_assert_held(&mvm->mutex); 1379 1380 if (te_data->running) { 1381 u32 id; 1382 1383 spin_lock_bh(&mvm->time_event_lock); 1384 id = te_data->id; 1385 spin_unlock_bh(&mvm->time_event_lock); 1386 1387 if (id == TE_CHANNEL_SWITCH_PERIOD) { 1388 IWL_DEBUG_TE(mvm, "CS period is already scheduled\n"); 1389 return -EBUSY; 1390 } 1391 1392 /* 1393 * Remove the session protection time event to allow the 1394 * channel switch. If we got here, we just heard a beacon so 1395 * the session protection is not needed anymore anyway. 1396 */ 1397 iwl_mvm_remove_time_event(mvm, mvmvif, te_data); 1398 } 1399 1400 time_cmd.action = cpu_to_le32(FW_CTXT_ACTION_ADD); 1401 time_cmd.id_and_color = 1402 cpu_to_le32(FW_CMD_ID_AND_COLOR(mvmvif->id, mvmvif->color)); 1403 time_cmd.id = cpu_to_le32(TE_CHANNEL_SWITCH_PERIOD); 1404 time_cmd.apply_time = cpu_to_le32(apply_time); 1405 time_cmd.max_frags = TE_V2_FRAG_NONE; 1406 time_cmd.duration = cpu_to_le32(duration); 1407 time_cmd.repeat = 1; 1408 time_cmd.interval = cpu_to_le32(1); 1409 time_cmd.policy = cpu_to_le16(TE_V2_NOTIF_HOST_EVENT_START | 1410 TE_V2_ABSENCE); 1411 if (!apply_time) 1412 time_cmd.policy |= cpu_to_le16(TE_V2_START_IMMEDIATELY); 1413 1414 return iwl_mvm_time_event_send_add(mvm, vif, te_data, &time_cmd); 1415 } 1416 1417 static bool iwl_mvm_session_prot_notif(struct iwl_notif_wait_data *notif_wait, 1418 struct iwl_rx_packet *pkt, void *data) 1419 { 1420 struct iwl_mvm *mvm = 1421 container_of(notif_wait, struct iwl_mvm, notif_wait); 1422 struct iwl_mvm_session_prot_notif *resp; 1423 int resp_len = iwl_rx_packet_payload_len(pkt); 1424 1425 if (WARN_ON(pkt->hdr.cmd != SESSION_PROTECTION_NOTIF || 1426 pkt->hdr.group_id != MAC_CONF_GROUP)) 1427 return true; 1428 1429 if (WARN_ON_ONCE(resp_len != sizeof(*resp))) { 1430 IWL_ERR(mvm, "Invalid SESSION_PROTECTION_NOTIF response\n"); 1431 return true; 1432 } 1433 1434 resp = (void *)pkt->data; 1435 1436 if (!resp->status) 1437 IWL_ERR(mvm, 1438 "TIME_EVENT_NOTIFICATION received but not executed\n"); 1439 1440 return true; 1441 } 1442 1443 void iwl_mvm_schedule_session_protection(struct iwl_mvm *mvm, 1444 struct ieee80211_vif *vif, 1445 u32 duration, u32 min_duration, 1446 bool wait_for_notif, 1447 unsigned int link_id) 1448 { 1449 struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); 1450 struct iwl_mvm_time_event_data *te_data = &mvmvif->time_event_data; 1451 const u16 notif[] = { WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_NOTIF) }; 1452 struct iwl_notification_wait wait_notif; 1453 int mac_link_id = iwl_mvm_get_session_prot_id(mvm, vif, (s8)link_id); 1454 struct iwl_mvm_session_prot_cmd cmd = { 1455 .id_and_color = cpu_to_le32(mac_link_id), 1456 .action = cpu_to_le32(FW_CTXT_ACTION_ADD), 1457 .conf_id = cpu_to_le32(SESSION_PROTECT_CONF_ASSOC), 1458 .duration_tu = cpu_to_le32(MSEC_TO_TU(duration)), 1459 }; 1460 1461 if (mac_link_id < 0) 1462 return; 1463 1464 lockdep_assert_held(&mvm->mutex); 1465 1466 spin_lock_bh(&mvm->time_event_lock); 1467 if (te_data->running && te_data->link_id == link_id && 1468 time_after(te_data->end_jiffies, TU_TO_EXP_TIME(min_duration))) { 1469 IWL_DEBUG_TE(mvm, "We have enough time in the current TE: %u\n", 1470 jiffies_to_msecs(te_data->end_jiffies - jiffies)); 1471 spin_unlock_bh(&mvm->time_event_lock); 1472 1473 return; 1474 } 1475 1476 iwl_mvm_te_clear_data(mvm, te_data); 1477 /* 1478 * The time_event_data.id field is reused to save session 1479 * protection's configuration. 1480 */ 1481 te_data->id = le32_to_cpu(cmd.conf_id); 1482 te_data->duration = le32_to_cpu(cmd.duration_tu); 1483 te_data->vif = vif; 1484 te_data->link_id = link_id; 1485 spin_unlock_bh(&mvm->time_event_lock); 1486 1487 IWL_DEBUG_TE(mvm, "Add new session protection, duration %d TU\n", 1488 le32_to_cpu(cmd.duration_tu)); 1489 1490 if (!wait_for_notif) { 1491 if (iwl_mvm_send_cmd_pdu(mvm, 1492 WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_CMD), 1493 0, sizeof(cmd), &cmd)) { 1494 goto send_cmd_err; 1495 } 1496 1497 return; 1498 } 1499 1500 iwl_init_notification_wait(&mvm->notif_wait, &wait_notif, 1501 notif, ARRAY_SIZE(notif), 1502 iwl_mvm_session_prot_notif, NULL); 1503 1504 if (iwl_mvm_send_cmd_pdu(mvm, 1505 WIDE_ID(MAC_CONF_GROUP, SESSION_PROTECTION_CMD), 1506 0, sizeof(cmd), &cmd)) { 1507 iwl_remove_notification(&mvm->notif_wait, &wait_notif); 1508 goto send_cmd_err; 1509 } else if (iwl_wait_notification(&mvm->notif_wait, &wait_notif, 1510 TU_TO_JIFFIES(100))) { 1511 IWL_ERR(mvm, 1512 "Failed to protect session until session protection\n"); 1513 } 1514 return; 1515 1516 send_cmd_err: 1517 IWL_ERR(mvm, 1518 "Couldn't send the SESSION_PROTECTION_CMD\n"); 1519 spin_lock_bh(&mvm->time_event_lock); 1520 iwl_mvm_te_clear_data(mvm, te_data); 1521 spin_unlock_bh(&mvm->time_event_lock); 1522 } 1523