xref: /freebsd/sys/net80211/ieee80211_vht.c (revision dd21556857e8d40f66bf5ad54754d9d52669ebf7)
1 /*-
2  * Copyright (c) 2017 Adrian Chadd <adrian@FreeBSD.org>
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  */
25 
26 /*
27  * IEEE 802.11ac-2013 protocol support.
28  */
29 
30 #include "opt_inet.h"
31 #include "opt_wlan.h"
32 
33 #include <sys/param.h>
34 #include <sys/kernel.h>
35 #include <sys/malloc.h>
36 #include <sys/systm.h>
37 #include <sys/endian.h>
38 
39 #include <sys/socket.h>
40 
41 #include <net/if.h>
42 #include <net/if_var.h>
43 #include <net/if_media.h>
44 #include <net/ethernet.h>
45 
46 #include <net80211/ieee80211_var.h>
47 #include <net80211/ieee80211_action.h>
48 #include <net80211/ieee80211_input.h>
49 #include <net80211/ieee80211_vht.h>
50 
51 #define	ADDSHORT(frm, v) do {			\
52 	frm[0] = (v) & 0xff;			\
53 	frm[1] = (v) >> 8;			\
54 	frm += 2;				\
55 } while (0)
56 #define	ADDWORD(frm, v) do {			\
57 	frm[0] = (v) & 0xff;			\
58 	frm[1] = ((v) >> 8) & 0xff;		\
59 	frm[2] = ((v) >> 16) & 0xff;		\
60 	frm[3] = ((v) >> 24) & 0xff;		\
61 	frm += 4;				\
62 } while (0)
63 
64 /*
65  * Immediate TODO:
66  *
67  * + handle WLAN_ACTION_VHT_OPMODE_NOTIF and other VHT action frames
68  * + ensure vhtinfo/vhtcap parameters correctly use the negotiated
69  *   capabilities and ratesets
70  * + group ID management operation
71  */
72 
73 /*
74  * XXX TODO: handle WLAN_ACTION_VHT_OPMODE_NOTIF
75  *
76  * Look at mac80211/vht.c:ieee80211_vht_handle_opmode() for further details.
77  */
78 
79 static int
80 vht_recv_action_placeholder(struct ieee80211_node *ni,
81     const struct ieee80211_frame *wh,
82     const uint8_t *frm, const uint8_t *efrm)
83 {
84 
85 #ifdef IEEE80211_DEBUG
86 	ieee80211_note(ni->ni_vap, "%s: called; fc=0x%.2x/0x%.2x",
87 	    __func__, wh->i_fc[0], wh->i_fc[1]);
88 #endif
89 	return (0);
90 }
91 
92 static int
93 vht_send_action_placeholder(struct ieee80211_node *ni,
94     int category, int action, void *arg0)
95 {
96 
97 #ifdef IEEE80211_DEBUG
98 	ieee80211_note(ni->ni_vap, "%s: called; category=%d, action=%d",
99 	    __func__, category, action);
100 #endif
101 	return (EINVAL);
102 }
103 
104 static void
105 ieee80211_vht_init(void)
106 {
107 
108 	ieee80211_recv_action_register(IEEE80211_ACTION_CAT_VHT,
109 	    WLAN_ACTION_VHT_COMPRESSED_BF, vht_recv_action_placeholder);
110 	ieee80211_recv_action_register(IEEE80211_ACTION_CAT_VHT,
111 	    WLAN_ACTION_VHT_GROUPID_MGMT, vht_recv_action_placeholder);
112 	ieee80211_recv_action_register(IEEE80211_ACTION_CAT_VHT,
113 	    WLAN_ACTION_VHT_OPMODE_NOTIF, vht_recv_action_placeholder);
114 
115 	ieee80211_send_action_register(IEEE80211_ACTION_CAT_VHT,
116 	    WLAN_ACTION_VHT_COMPRESSED_BF, vht_send_action_placeholder);
117 	ieee80211_send_action_register(IEEE80211_ACTION_CAT_VHT,
118 	    WLAN_ACTION_VHT_GROUPID_MGMT, vht_send_action_placeholder);
119 	ieee80211_send_action_register(IEEE80211_ACTION_CAT_VHT,
120 	    WLAN_ACTION_VHT_OPMODE_NOTIF, vht_send_action_placeholder);
121 }
122 
123 SYSINIT(wlan_vht, SI_SUB_DRIVERS, SI_ORDER_FIRST, ieee80211_vht_init, NULL);
124 
125 void
126 ieee80211_vht_attach(struct ieee80211com *ic)
127 {
128 }
129 
130 void
131 ieee80211_vht_detach(struct ieee80211com *ic)
132 {
133 }
134 
135 void
136 ieee80211_vht_vattach(struct ieee80211vap *vap)
137 {
138 	struct ieee80211com *ic = vap->iv_ic;
139 
140 	if (! IEEE80211_CONF_VHT(ic))
141 		return;
142 
143 	vap->iv_vht_cap.vht_cap_info = ic->ic_vht_cap.vht_cap_info;
144 	vap->iv_vhtextcaps = ic->ic_vhtextcaps;
145 
146 	/* XXX assume VHT80 support; should really check vhtcaps */
147 	vap->iv_vht_flags =
148 	    IEEE80211_FVHT_VHT
149 	    | IEEE80211_FVHT_USEVHT40
150 	    | IEEE80211_FVHT_USEVHT80;
151 	if (IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_IS_160MHZ(vap->iv_vht_cap.vht_cap_info))
152 		vap->iv_vht_flags |= IEEE80211_FVHT_USEVHT160;
153 	if (IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_IS_160_80P80MHZ(vap->iv_vht_cap.vht_cap_info))
154 		vap->iv_vht_flags |= IEEE80211_FVHT_USEVHT80P80;
155 
156 	memcpy(&vap->iv_vht_cap.supp_mcs, &ic->ic_vht_cap.supp_mcs,
157 	    sizeof(struct ieee80211_vht_mcs_info));
158 }
159 
160 void
161 ieee80211_vht_vdetach(struct ieee80211vap *vap)
162 {
163 }
164 
165 #if 0
166 static void
167 vht_announce(struct ieee80211com *ic, enum ieee80211_phymode mode)
168 {
169 }
170 #endif
171 
172 static int
173 vht_mcs_to_num(int m)
174 {
175 
176 	switch (m) {
177 	case IEEE80211_VHT_MCS_SUPPORT_0_7:
178 		return (7);
179 	case IEEE80211_VHT_MCS_SUPPORT_0_8:
180 		return (8);
181 	case IEEE80211_VHT_MCS_SUPPORT_0_9:
182 		return (9);
183 	default:
184 		return (0);
185 	}
186 }
187 
188 void
189 ieee80211_vht_announce(struct ieee80211com *ic)
190 {
191 	int i, tx, rx;
192 
193 	if (! IEEE80211_CONF_VHT(ic))
194 		return;
195 
196 	/* Channel width */
197 	ic_printf(ic, "[VHT] Channel Widths: 20MHz, 40MHz, 80MHz%s%s\n",
198 	    (IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_IS_160MHZ(ic->ic_vht_cap.vht_cap_info)) ?
199 		", 160MHz" : "",
200 	    (IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_IS_160_80P80MHZ(ic->ic_vht_cap.vht_cap_info)) ?
201 		 ", 80+80MHz" : "");
202 	/* Features */
203 	ic_printf(ic, "[VHT] Features: %b\n", ic->ic_vht_cap.vht_cap_info,
204 	    IEEE80211_VHTCAP_BITS);
205 
206 	/* For now, just 5GHz VHT.  Worry about 2GHz VHT later */
207 	for (i = 0; i < 8; i++) {
208 		/* Each stream is 2 bits */
209 		tx = (ic->ic_vht_cap.supp_mcs.tx_mcs_map >> (2*i)) & 0x3;
210 		rx = (ic->ic_vht_cap.supp_mcs.rx_mcs_map >> (2*i)) & 0x3;
211 		if (tx == 3 && rx == 3)
212 			continue;
213 		ic_printf(ic, "[VHT] NSS %d: TX MCS 0..%d, RX MCS 0..%d\n",
214 		    i + 1, vht_mcs_to_num(tx), vht_mcs_to_num(rx));
215 	}
216 }
217 
218 void
219 ieee80211_vht_node_init(struct ieee80211_node *ni)
220 {
221 
222 	IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_11N, ni,
223 	    "%s: called", __func__);
224 	ni->ni_flags |= IEEE80211_NODE_VHT;
225 }
226 
227 void
228 ieee80211_vht_node_cleanup(struct ieee80211_node *ni)
229 {
230 
231 	IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_11N, ni,
232 	    "%s: called", __func__);
233 	ni->ni_flags &= ~IEEE80211_NODE_VHT;
234 	ni->ni_vhtcap = 0;
235 	bzero(&ni->ni_vht_mcsinfo, sizeof(struct ieee80211_vht_mcs_info));
236 }
237 
238 /*
239  * Parse an 802.11ac VHT operation IE.
240  */
241 void
242 ieee80211_parse_vhtopmode(struct ieee80211_node *ni, const uint8_t *ie)
243 {
244 	/* vht operation */
245 	ni->ni_vht_chanwidth = ie[2];
246 	ni->ni_vht_chan1 = ie[3];
247 	ni->ni_vht_chan2 = ie[4];
248 	ni->ni_vht_basicmcs = le16dec(ie + 5);
249 
250 #if 0
251 	printf("%s: chan1=%d, chan2=%d, chanwidth=%d, basicmcs=0x%04x\n",
252 	    __func__, ni->ni_vht_chan1, ni->ni_vht_chan2, ni->ni_vht_chanwidth,
253 	    ni->ni_vht_basicmcs);
254 #endif
255 }
256 
257 /*
258  * Parse an 802.11ac VHT capability IE.
259  */
260 void
261 ieee80211_parse_vhtcap(struct ieee80211_node *ni, const uint8_t *ie)
262 {
263 
264 	/* vht capability */
265 	ni->ni_vhtcap = le32dec(ie + 2);
266 
267 	/* suppmcs */
268 	ni->ni_vht_mcsinfo.rx_mcs_map = le16dec(ie + 6);
269 	ni->ni_vht_mcsinfo.rx_highest = le16dec(ie + 8);
270 	ni->ni_vht_mcsinfo.tx_mcs_map = le16dec(ie + 10);
271 	ni->ni_vht_mcsinfo.tx_highest = le16dec(ie + 12);
272 }
273 
274 int
275 ieee80211_vht_updateparams(struct ieee80211_node *ni,
276     const uint8_t *vhtcap_ie,
277     const uint8_t *vhtop_ie)
278 {
279 
280 	//printf("%s: called\n", __func__);
281 
282 	ieee80211_parse_vhtcap(ni, vhtcap_ie);
283 	ieee80211_parse_vhtopmode(ni, vhtop_ie);
284 	return (0);
285 }
286 
287 void
288 ieee80211_setup_vht_rates(struct ieee80211_node *ni,
289     const uint8_t *vhtcap_ie,
290     const uint8_t *vhtop_ie)
291 {
292 
293 	//printf("%s: called\n", __func__);
294 	/* XXX TODO */
295 }
296 
297 void
298 ieee80211_vht_timeout(struct ieee80211vap *vap)
299 {
300 }
301 
302 void
303 ieee80211_vht_node_join(struct ieee80211_node *ni)
304 {
305 
306 	IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_11N, ni,
307 	    "%s: called", __func__);
308 }
309 
310 void
311 ieee80211_vht_node_leave(struct ieee80211_node *ni)
312 {
313 
314 	IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_11N, ni,
315 	    "%s: called", __func__);
316 }
317 
318 /*
319  * Calculate the VHTCAP IE for a given node.
320  *
321  * This includes calculating the capability intersection based on the
322  * current operating mode and intersection of the TX/RX MCS maps.
323  *
324  * The standard only makes it clear about MCS rate negotiation
325  * and MCS basic rates (which must be a subset of the general
326  * negotiated rates).  It doesn't make it clear that the AP should
327  * figure out the minimum functional overlap with the STA and
328  * support that.
329  *
330  * Note: this is in host order, not in 802.11 endian order.
331  *
332  * TODO: ensure I re-read 9.7.11 Rate Selection for VHT STAs.
333  *
334  * TODO: investigate what we should negotiate for MU-MIMO beamforming
335  *       options.
336  *
337  * opmode is '1' for "vhtcap as if I'm a STA", 0 otherwise.
338  */
339 void
340 ieee80211_vht_get_vhtcap_ie(struct ieee80211_node *ni,
341     struct ieee80211_vht_cap *vhtcap, int opmode)
342 {
343 	struct ieee80211vap *vap = ni->ni_vap;
344 //	struct ieee80211com *ic = vap->iv_ic;
345 	uint32_t val, val1, val2;
346 	uint32_t new_vhtcap;
347 	int i;
348 
349 	/*
350 	 * Capabilities - it depends on whether we are a station
351 	 * or not.
352 	 */
353 	new_vhtcap = 0;
354 
355 	/*
356 	 * Station - use our desired configuration based on
357 	 * local config, local device bits and the already-learnt
358 	 * vhtcap/vhtinfo IE in the node.
359 	 */
360 
361 	/* Limit MPDU size to the smaller of the two */
362 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
363 	    IEEE80211_VHTCAP_MAX_MPDU_MASK);
364 	if (opmode == 1) {
365 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
366 		    IEEE80211_VHTCAP_MAX_MPDU_MASK);
367 	}
368 	val = MIN(val1, val2);
369 	new_vhtcap |= _IEEE80211_SHIFTMASK(val, IEEE80211_VHTCAP_MAX_MPDU_MASK);
370 
371 	/* Limit supp channel config */
372 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
373 	    IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_MASK);
374 	if (opmode == 1) {
375 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
376 		    IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_MASK);
377 	}
378 	if ((val2 == 2) &&
379 	    ((vap->iv_vht_flags & IEEE80211_FVHT_USEVHT80P80) == 0))
380 		val2 = 1;
381 	if ((val2 == 1) &&
382 	    ((vap->iv_vht_flags & IEEE80211_FVHT_USEVHT160) == 0))
383 		val2 = 0;
384 	val = MIN(val1, val2);
385 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
386 	     IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_MASK);
387 
388 	/* RX LDPC */
389 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
390 	    IEEE80211_VHTCAP_RXLDPC);
391 	if (opmode == 1) {
392 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
393 		    IEEE80211_VHTCAP_RXLDPC);
394 	}
395 	val = MIN(val1, val2);
396 	new_vhtcap |= _IEEE80211_SHIFTMASK(val, IEEE80211_VHTCAP_RXLDPC);
397 
398 	/* Short-GI 80 */
399 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
400 	    IEEE80211_VHTCAP_SHORT_GI_80);
401 	if (opmode == 1) {
402 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
403 		    IEEE80211_VHTCAP_SHORT_GI_80);
404 	}
405 	val = MIN(val1, val2);
406 	new_vhtcap |= _IEEE80211_SHIFTMASK(val, IEEE80211_VHTCAP_SHORT_GI_80);
407 
408 	/* Short-GI 160 */
409 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
410 	    IEEE80211_VHTCAP_SHORT_GI_160);
411 	if (opmode == 1) {
412 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
413 		    IEEE80211_VHTCAP_SHORT_GI_160);
414 	}
415 	val = MIN(val1, val2);
416 	new_vhtcap |= _IEEE80211_SHIFTMASK(val, IEEE80211_VHTCAP_SHORT_GI_160);
417 
418 	/*
419 	 * STBC is slightly more complicated.
420 	 *
421 	 * In non-STA mode, we just announce our capabilities and that
422 	 * is that.
423 	 *
424 	 * In STA mode, we should calculate our capabilities based on
425 	 * local capabilities /and/ what the remote says. So:
426 	 *
427 	 * + Only TX STBC if we support it and the remote supports RX STBC;
428 	 * + Only announce RX STBC if we support it and the remote supports
429 	 *   TX STBC;
430 	 * + RX STBC should be the minimum of local and remote RX STBC;
431 	 */
432 
433 	/* TX STBC */
434 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
435 	    IEEE80211_VHTCAP_TXSTBC);
436 	if (opmode == 1) {
437 		/* STA mode - enable it only if node RXSTBC is non-zero */
438 		val2 = !! _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
439 		    IEEE80211_VHTCAP_RXSTBC_MASK);
440 	}
441 	val = MIN(val1, val2);
442 	if ((vap->iv_vht_flags & IEEE80211_FVHT_STBC_TX) == 0)
443 		val = 0;
444 	new_vhtcap |= _IEEE80211_SHIFTMASK(val, IEEE80211_VHTCAP_TXSTBC);
445 
446 	/* RX STBC1..4 */
447 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
448 	    IEEE80211_VHTCAP_RXSTBC_MASK);
449 	if (opmode == 1) {
450 		/* STA mode - enable it only if node TXSTBC is non-zero */
451 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
452 		   IEEE80211_VHTCAP_TXSTBC);
453 	}
454 	val = MIN(val1, val2);
455 	if ((vap->iv_vht_flags & IEEE80211_FVHT_STBC_RX) == 0)
456 		val = 0;
457 	new_vhtcap |= _IEEE80211_SHIFTMASK(val, IEEE80211_VHTCAP_RXSTBC_MASK);
458 
459 	/*
460 	 * Finally - if RXSTBC is 0, then don't enable TXSTBC.
461 	 * Strictly speaking a device can TXSTBC and not RXSTBC, but
462 	 * it would be silly.
463 	 */
464 	if (val == 0)
465 		new_vhtcap &= ~IEEE80211_VHTCAP_TXSTBC;
466 
467 	/*
468 	 * Some of these fields require other fields to exist.
469 	 * So before using it, the parent field needs to be checked
470 	 * otherwise the overridden value may be wrong.
471 	 *
472 	 * For example, if SU beamformee is set to 0, then BF STS
473 	 * needs to be 0.
474 	 */
475 
476 	/* SU Beamformer capable */
477 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
478 	    IEEE80211_VHTCAP_SU_BEAMFORMER_CAPABLE);
479 	if (opmode == 1) {
480 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
481 		    IEEE80211_VHTCAP_SU_BEAMFORMER_CAPABLE);
482 	}
483 	val = MIN(val1, val2);
484 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
485 	    IEEE80211_VHTCAP_SU_BEAMFORMER_CAPABLE);
486 
487 	/* SU Beamformee capable */
488 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
489 	    IEEE80211_VHTCAP_SU_BEAMFORMEE_CAPABLE);
490 	if (opmode == 1) {
491 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
492 		    IEEE80211_VHTCAP_SU_BEAMFORMEE_CAPABLE);
493 	}
494 	val = MIN(val1, val2);
495 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
496 	    IEEE80211_VHTCAP_SU_BEAMFORMEE_CAPABLE);
497 
498 	/* Beamformee STS capability - only if SU beamformee capable */
499 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
500 	    IEEE80211_VHTCAP_BEAMFORMEE_STS_MASK);
501 	if (opmode == 1) {
502 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
503 		    IEEE80211_VHTCAP_BEAMFORMEE_STS_MASK);
504 	}
505 	val = MIN(val1, val2);
506 	if ((new_vhtcap & IEEE80211_VHTCAP_SU_BEAMFORMEE_CAPABLE) == 0)
507 		val = 0;
508 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
509 	    IEEE80211_VHTCAP_BEAMFORMEE_STS_MASK);
510 
511 	/* Sounding dimensions - only if SU beamformer capable */
512 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
513 	    IEEE80211_VHTCAP_SOUNDING_DIMENSIONS_MASK);
514 	if (opmode == 1)
515 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
516 		    IEEE80211_VHTCAP_SOUNDING_DIMENSIONS_MASK);
517 	val = MIN(val1, val2);
518 	if ((new_vhtcap & IEEE80211_VHTCAP_SU_BEAMFORMER_CAPABLE) == 0)
519 		val = 0;
520 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
521 	    IEEE80211_VHTCAP_SOUNDING_DIMENSIONS_MASK);
522 
523 	/*
524 	 * MU Beamformer capable - only if SU BFF capable, MU BFF capable
525 	 * and STA (not AP)
526 	 */
527 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
528 	    IEEE80211_VHTCAP_MU_BEAMFORMER_CAPABLE);
529 	if (opmode == 1)
530 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
531 		    IEEE80211_VHTCAP_MU_BEAMFORMER_CAPABLE);
532 	val = MIN(val1, val2);
533 	if ((new_vhtcap & IEEE80211_VHTCAP_SU_BEAMFORMER_CAPABLE) == 0)
534 		val = 0;
535 	if (opmode != 1)	/* Only enable for STA mode */
536 		val = 0;
537 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
538 	   IEEE80211_VHTCAP_SU_BEAMFORMER_CAPABLE);
539 
540 	/*
541 	 * MU Beamformee capable - only if SU BFE capable, MU BFE capable
542 	 * and AP (not STA)
543 	 */
544 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
545 	    IEEE80211_VHTCAP_MU_BEAMFORMEE_CAPABLE);
546 	if (opmode == 1)
547 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
548 		    IEEE80211_VHTCAP_MU_BEAMFORMEE_CAPABLE);
549 	val = MIN(val1, val2);
550 	if ((new_vhtcap & IEEE80211_VHTCAP_SU_BEAMFORMEE_CAPABLE) == 0)
551 		val = 0;
552 	if (opmode != 0)	/* Only enable for AP mode */
553 		val = 0;
554 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
555 	   IEEE80211_VHTCAP_SU_BEAMFORMEE_CAPABLE);
556 
557 	/* VHT TXOP PS */
558 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
559 	    IEEE80211_VHTCAP_VHT_TXOP_PS);
560 	if (opmode == 1)
561 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
562 		    IEEE80211_VHTCAP_VHT_TXOP_PS);
563 	val = MIN(val1, val2);
564 	new_vhtcap |= _IEEE80211_SHIFTMASK(val, IEEE80211_VHTCAP_VHT_TXOP_PS);
565 
566 	/* HTC_VHT */
567 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
568 	    IEEE80211_VHTCAP_HTC_VHT);
569 	if (opmode == 1)
570 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
571 		    IEEE80211_VHTCAP_HTC_VHT);
572 	val = MIN(val1, val2);
573 	new_vhtcap |= _IEEE80211_SHIFTMASK(val, IEEE80211_VHTCAP_HTC_VHT);
574 
575 	/* A-MPDU length max */
576 	/* XXX TODO: we need a userland config knob for this */
577 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
578 	    IEEE80211_VHTCAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK);
579 	if (opmode == 1)
580 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
581 		    IEEE80211_VHTCAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK);
582 	val = MIN(val1, val2);
583 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
584 	    IEEE80211_VHTCAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK);
585 
586 	/*
587 	 * Link adaptation is only valid if HTC-VHT capable is 1.
588 	 * Otherwise, always set it to 0.
589 	 */
590 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
591 	    IEEE80211_VHTCAP_VHT_LINK_ADAPTATION_VHT_MASK);
592 	if (opmode == 1)
593 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
594 		    IEEE80211_VHTCAP_VHT_LINK_ADAPTATION_VHT_MASK);
595 	val = MIN(val1, val2);
596 	if ((new_vhtcap & IEEE80211_VHTCAP_HTC_VHT) == 0)
597 		val = 0;
598 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
599 	    IEEE80211_VHTCAP_VHT_LINK_ADAPTATION_VHT_MASK);
600 
601 	/*
602 	 * The following two options are 0 if the pattern may change, 1 if it
603 	 * does not change.  So, downgrade to the higher value.
604 	 */
605 
606 	/* RX antenna pattern */
607 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
608 	    IEEE80211_VHTCAP_RX_ANTENNA_PATTERN);
609 	if (opmode == 1)
610 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
611 		    IEEE80211_VHTCAP_RX_ANTENNA_PATTERN);
612 	val = MAX(val1, val2);
613 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
614 	    IEEE80211_VHTCAP_RX_ANTENNA_PATTERN);
615 
616 	/* TX antenna pattern */
617 	val2 = val1 = _IEEE80211_MASKSHIFT(vap->iv_vht_cap.vht_cap_info,
618 	    IEEE80211_VHTCAP_TX_ANTENNA_PATTERN);
619 	if (opmode == 1)
620 		val2 = _IEEE80211_MASKSHIFT(ni->ni_vhtcap,
621 		    IEEE80211_VHTCAP_TX_ANTENNA_PATTERN);
622 	val = MAX(val1, val2);
623 	new_vhtcap |= _IEEE80211_SHIFTMASK(val,
624 	    IEEE80211_VHTCAP_TX_ANTENNA_PATTERN);
625 
626 	/*
627 	 * MCS set - again, we announce what we want to use
628 	 * based on configuration, device capabilities and
629 	 * already-learnt vhtcap/vhtinfo IE information.
630 	 */
631 
632 	/* MCS set - start with whatever the device supports */
633 	vhtcap->supp_mcs.rx_mcs_map = vap->iv_vht_cap.supp_mcs.rx_mcs_map;
634 	vhtcap->supp_mcs.rx_highest = 0;
635 	vhtcap->supp_mcs.tx_mcs_map = vap->iv_vht_cap.supp_mcs.tx_mcs_map;
636 	vhtcap->supp_mcs.tx_highest = 0;
637 
638 	vhtcap->vht_cap_info = new_vhtcap;
639 
640 	/*
641 	 * Now, if we're a STA, mask off whatever the AP doesn't support.
642 	 * Ie, we continue to state we can receive whatever we can do,
643 	 * but we only announce that we will transmit rates that meet
644 	 * the AP requirement.
645 	 *
646 	 * Note: 0 - MCS0..7; 1 - MCS0..8; 2 - MCS0..9; 3 = not supported.
647 	 * We can't just use MIN() because '3' means "no", so special case it.
648 	 */
649 	if (opmode) {
650 		for (i = 0; i < 8; i++) {
651 			val1 = (vhtcap->supp_mcs.tx_mcs_map >> (i*2)) & 0x3;
652 			val2 = (ni->ni_vht_mcsinfo.tx_mcs_map >> (i*2)) & 0x3;
653 			val = MIN(val1, val2);
654 			if (val1 == 3 || val2 == 3)
655 				val = 3;
656 			vhtcap->supp_mcs.tx_mcs_map &= ~(0x3 << (i*2));
657 			vhtcap->supp_mcs.tx_mcs_map |= (val << (i*2));
658 		}
659 	}
660 }
661 
662 /*
663  * Add a VHTCAP field.
664  *
665  * If in station mode, we announce what we would like our
666  * desired configuration to be.
667  *
668  * Else, we announce our capabilities based on our current
669  * configuration.
670  */
671 uint8_t *
672 ieee80211_add_vhtcap(uint8_t *frm, struct ieee80211_node *ni)
673 {
674 	struct ieee80211_vht_cap vhtcap;
675 
676 	ieee80211_vht_get_vhtcap_ie(ni, &vhtcap, 1);
677 
678 	frm[0] = IEEE80211_ELEMID_VHT_CAP;
679 	frm[1] = sizeof(vhtcap);
680 	frm += 2;
681 
682 	/* 32-bit VHT capability */
683 	ADDWORD(frm, vhtcap.vht_cap_info);
684 
685 	/* suppmcs */
686 	ADDSHORT(frm, vhtcap.supp_mcs.rx_mcs_map);
687 	ADDSHORT(frm, vhtcap.supp_mcs.rx_highest);
688 	ADDSHORT(frm, vhtcap.supp_mcs.tx_mcs_map);
689 	ADDSHORT(frm, vhtcap.supp_mcs.tx_highest);
690 
691 	return (frm);
692 }
693 
694 /*
695  * Non-associated probe requests.  Add VHT capabilities based on
696  * the current channel configuration.  No BSS yet.
697  */
698 uint8_t *
699 ieee80211_add_vhtcap_ch(uint8_t *frm, struct ieee80211vap *vap,
700     struct ieee80211_channel *c)
701 {
702 	struct ieee80211_vht_cap *vhtcap;
703 
704 	memset(frm, 0, 2 + sizeof(*vhtcap));
705 	frm[0] = IEEE80211_ELEMID_VHT_CAP;
706 	frm[1] = sizeof(*vhtcap);
707 	frm += 2;
708 
709 	/* 32-bit VHT capability */
710 	ADDWORD(frm, vap->iv_vht_cap.vht_cap_info);
711 
712 	/* supp_mcs */
713 	ADDSHORT(frm, vap->iv_vht_cap.supp_mcs.rx_mcs_map);
714 	ADDSHORT(frm, vap->iv_vht_cap.supp_mcs.rx_highest);
715 	ADDSHORT(frm, vap->iv_vht_cap.supp_mcs.tx_mcs_map);
716 	ADDSHORT(frm, vap->iv_vht_cap.supp_mcs.tx_highest);
717 
718 	return (frm);
719 }
720 
721 static uint8_t
722 ieee80211_vht_get_chwidth_ie(struct ieee80211_channel *c)
723 {
724 
725 	/*
726 	 * XXX TODO: look at the node configuration as
727 	 * well?
728 	 */
729 
730 	if (IEEE80211_IS_CHAN_VHT80P80(c))
731 		return IEEE80211_VHT_CHANWIDTH_80P80MHZ;
732 	if (IEEE80211_IS_CHAN_VHT160(c))
733 		return IEEE80211_VHT_CHANWIDTH_160MHZ;
734 	if (IEEE80211_IS_CHAN_VHT80(c))
735 		return IEEE80211_VHT_CHANWIDTH_80MHZ;
736 	if (IEEE80211_IS_CHAN_VHT40(c))
737 		return IEEE80211_VHT_CHANWIDTH_USE_HT;
738 	if (IEEE80211_IS_CHAN_VHT20(c))
739 		return IEEE80211_VHT_CHANWIDTH_USE_HT;
740 
741 	/* We shouldn't get here */
742 	printf("%s: called on a non-VHT channel (freq=%d, flags=0x%08x\n",
743 	    __func__, (int) c->ic_freq, c->ic_flags);
744 	return IEEE80211_VHT_CHANWIDTH_USE_HT;
745 }
746 
747 /*
748  * Note: this just uses the current channel information;
749  * it doesn't use the node info after parsing.
750  *
751  * XXX TODO: need to make the basic MCS set configurable.
752  * XXX TODO: read 802.11-2013 to determine what to set
753  *           chwidth to when scanning.  I have a feeling
754  *           it isn't involved in scanning and we shouldn't
755  *           be sending it; and I don't yet know what to set
756  *           it to for IBSS or hostap where the peer may be
757  *           a completely different channel width to us.
758  */
759 uint8_t *
760 ieee80211_add_vhtinfo(uint8_t *frm, struct ieee80211_node *ni)
761 {
762 
763 	frm[0] = IEEE80211_ELEMID_VHT_OPMODE;
764 	frm[1] = sizeof(struct ieee80211_vht_operation);
765 	frm += 2;
766 
767 	/* 8-bit chanwidth */
768 	*frm++ = ieee80211_vht_get_chwidth_ie(ni->ni_chan);
769 
770 	/* 8-bit freq1 */
771 	*frm++ = ni->ni_chan->ic_vht_ch_freq1;
772 
773 	/* 8-bit freq2 */
774 	*frm++ = ni->ni_chan->ic_vht_ch_freq2;
775 
776 	/* 16-bit basic MCS set - just MCS0..7 for NSS=1 for now */
777 	ADDSHORT(frm, 0xfffc);
778 
779 	return (frm);
780 }
781 
782 void
783 ieee80211_vht_update_cap(struct ieee80211_node *ni, const uint8_t *vhtcap_ie,
784     const uint8_t *vhtop_ie)
785 {
786 
787 	ieee80211_parse_vhtcap(ni, vhtcap_ie);
788 	ieee80211_parse_vhtopmode(ni, vhtop_ie);
789 }
790 
791 static struct ieee80211_channel *
792 findvhtchan(struct ieee80211com *ic, struct ieee80211_channel *c, int vhtflags)
793 {
794 
795 	return (ieee80211_find_channel(ic, c->ic_freq,
796 	    (c->ic_flags & ~IEEE80211_CHAN_VHT) | vhtflags));
797 }
798 
799 /*
800  * Handle channel promotion to VHT, similar to ieee80211_ht_adjust_channel().
801  */
802 struct ieee80211_channel *
803 ieee80211_vht_adjust_channel(struct ieee80211com *ic,
804     struct ieee80211_channel *chan, int flags)
805 {
806 	struct ieee80211_channel *c;
807 
808 	/* First case - handle channel demotion - if VHT isn't set */
809 	if ((flags & IEEE80211_FVHT_MASK) == 0) {
810 #if 0
811 		printf("%s: demoting channel %d/0x%08x\n", __func__,
812 		    chan->ic_ieee, chan->ic_flags);
813 #endif
814 		c = ieee80211_find_channel(ic, chan->ic_freq,
815 		    chan->ic_flags & ~IEEE80211_CHAN_VHT);
816 		if (c == NULL)
817 			c = chan;
818 #if 0
819 		printf("%s: .. to %d/0x%08x\n", __func__,
820 		    c->ic_ieee, c->ic_flags);
821 #endif
822 		return (c);
823 	}
824 
825 	/*
826 	 * We can upgrade to VHT - attempt to do so
827 	 *
828 	 * Note: we don't clear the HT flags, these are the hints
829 	 * for HT40U/HT40D when selecting VHT40 or larger channels.
830 	 */
831 	c = NULL;
832 	if ((c == NULL) && (flags & IEEE80211_FVHT_USEVHT160))
833 		c = findvhtchan(ic, chan, IEEE80211_CHAN_VHT160);
834 
835 	if ((c == NULL) && (flags & IEEE80211_FVHT_USEVHT80P80))
836 		c = findvhtchan(ic, chan, IEEE80211_CHAN_VHT80P80);
837 
838 	if ((c == NULL) && (flags & IEEE80211_FVHT_USEVHT80))
839 		c = findvhtchan(ic, chan, IEEE80211_CHAN_VHT80);
840 
841 	if ((c == NULL) && (flags & IEEE80211_FVHT_USEVHT40))
842 		c = findvhtchan(ic, chan, IEEE80211_CHAN_VHT40U);
843 	if ((c == NULL) && (flags & IEEE80211_FVHT_USEVHT40))
844 		c = findvhtchan(ic, chan, IEEE80211_CHAN_VHT40D);
845 	/*
846 	 * If we get here, VHT20 is always possible because we checked
847 	 * for IEEE80211_FVHT_VHT above.
848 	 */
849 	if (c == NULL)
850 		c = findvhtchan(ic, chan, IEEE80211_CHAN_VHT20);
851 
852 	if (c != NULL)
853 		chan = c;
854 
855 #if 0
856 	printf("%s: selected %d/0x%08x\n", __func__, c->ic_ieee, c->ic_flags);
857 #endif
858 	return (chan);
859 }
860 
861 /*
862  * Calculate the VHT operation IE for a given node.
863  *
864  * This includes calculating the suitable channel width/parameters
865  * and basic MCS set.
866  *
867  * TODO: ensure I read 9.7.11 Rate Selection for VHT STAs.
868  * TODO: ensure I read 10.39.7 - BSS Basic VHT-MCS and NSS set operation.
869  */
870 void
871 ieee80211_vht_get_vhtinfo_ie(struct ieee80211_node *ni,
872     struct ieee80211_vht_operation *vhtop, int opmode)
873 {
874 	printf("%s: called; TODO!\n", __func__);
875 }
876 
877 /*
878  * Return true if VHT rates can be used for the given node.
879  */
880 bool
881 ieee80211_vht_check_tx_vht(const struct ieee80211_node *ni)
882 {
883 	const struct ieee80211vap *vap;
884 	const struct ieee80211_channel *bss_chan;
885 
886 	if (ni == NULL || ni->ni_chan == IEEE80211_CHAN_ANYC ||
887 	    ni->ni_vap == NULL || ni->ni_vap->iv_bss == NULL)
888 		return (false);
889 
890 	vap = ni->ni_vap;
891 	bss_chan = vap->iv_bss->ni_chan;
892 
893 	if (bss_chan == IEEE80211_CHAN_ANYC)
894 		return (false);
895 
896 	return (IEEE80211_IS_CHAN_VHT(ni->ni_chan));
897 }
898 
899 /*
900  * Return true if VHT40 rates can be transmitted to the given node.
901  *
902  * This verifies that the BSS is VHT40 capable and the current
903  * node channel width is 40MHz.
904  */
905 static bool
906 ieee80211_vht_check_tx_vht40(const struct ieee80211_node *ni)
907 {
908 	struct ieee80211vap *vap;
909 	struct ieee80211_channel *bss_chan;
910 
911 	if (!ieee80211_vht_check_tx_vht(ni))
912 		return (false);
913 
914 	vap = ni->ni_vap;
915 	bss_chan = vap->iv_bss->ni_chan;
916 
917 	return (IEEE80211_IS_CHAN_VHT40(bss_chan) &&
918 	    IEEE80211_IS_CHAN_VHT40(ni->ni_chan) &&
919 	    (ni->ni_chw == IEEE80211_STA_RX_BW_40));
920 }
921 
922 /*
923  * Return true if VHT80 rates can be transmitted to the given node.
924  *
925  * This verifies that the BSS is VHT80 capable and the current
926  * node channel width is 80MHz.
927  */
928 static bool
929 ieee80211_vht_check_tx_vht80(const struct ieee80211_node *ni)
930 {
931 	struct ieee80211vap *vap;
932 	struct ieee80211_channel *bss_chan;
933 
934 	if (!ieee80211_vht_check_tx_vht(ni))
935 		return (false);
936 
937 	vap = ni->ni_vap;
938 	bss_chan = vap->iv_bss->ni_chan;
939 
940 	return (IEEE80211_IS_CHAN_VHT80(bss_chan) &&
941 	    IEEE80211_IS_CHAN_VHT80(ni->ni_chan) &&
942 	    (ni->ni_chw == IEEE80211_STA_RX_BW_80));
943 }
944 
945 /*
946  * Return true if VHT 160 rates can be transmitted to the given node.
947  *
948  * This verifies that the BSS is VHT80+80 or VHT160 capable and the current
949  * node channel width is 80+80MHz or 160MHz.
950  */
951 static bool
952 ieee80211_vht_check_tx_vht160(const struct ieee80211_node *ni)
953 {
954 	struct ieee80211vap *vap;
955 	struct ieee80211_channel *bss_chan;
956 
957 	if (!ieee80211_vht_check_tx_vht(ni))
958 		return (false);
959 
960 	vap = ni->ni_vap;
961 	bss_chan = vap->iv_bss->ni_chan;
962 
963 	if (ni->ni_chw != IEEE80211_STA_RX_BW_160)
964 		return (false);
965 
966 	if (IEEE80211_IS_CHAN_VHT160(bss_chan) &&
967 	    IEEE80211_IS_CHAN_VHT160(ni->ni_chan))
968 		return (true);
969 
970 	if (IEEE80211_IS_CHAN_VHT80P80(bss_chan) &&
971 	    IEEE80211_IS_CHAN_VHT80P80(ni->ni_chan))
972 		return (true);
973 
974 	return (false);
975 }
976 
977 /**
978  * @brief Check if the given transmit bandwidth is available to the given node
979  *
980  * This checks that the node and BSS both allow the given bandwidth,
981  * and that the current node bandwidth (which can dynamically change)
982  * also allows said bandwidth.
983  *
984  * This relies on the channels having the flags for the narrower
985  * channels as well - eg a VHT160 channel will have the CHAN_VHT80,
986  * CHAN_VHT40, CHAN_VHT flags also set.
987  *
988  * @param ni		the ieee80211_node to check
989  * @param bw		the required bandwidth to check
990  *
991  * @returns true if it is allowed, false otherwise
992  */
993 bool
994 ieee80211_vht_check_tx_bw(const struct ieee80211_node *ni,
995     enum ieee80211_sta_rx_bw bw)
996 {
997 
998 	switch (bw) {
999 	case IEEE80211_STA_RX_BW_20:
1000 		return (ieee80211_vht_check_tx_vht(ni));
1001 	case IEEE80211_STA_RX_BW_40:
1002 		return (ieee80211_vht_check_tx_vht40(ni));
1003 	case IEEE80211_STA_RX_BW_80:
1004 		return (ieee80211_vht_check_tx_vht80(ni));
1005 	case IEEE80211_STA_RX_BW_160:
1006 		return (ieee80211_vht_check_tx_vht160(ni));
1007 	case IEEE80211_STA_RX_BW_320:
1008 		return (false);
1009 	default:
1010 		return (false);
1011 	}
1012 }
1013